From 7a0abc039da1b9504a6386042a76e10245b9997d Mon Sep 17 00:00:00 2001 From: Anil Chandra <120965339+acx1729@users.noreply.github.com> Date: Sun, 10 Nov 2024 13:49:54 -0500 Subject: [PATCH 1/4] updating to integrations --- ...ght_lambda_function_not_cmk_encrypted.yaml | 2 +- ...lambda_function_not_cmk_encrypted.yaml.bak | 22 +++++ ...ificate_transparency_logging_disabled.yaml | 2 +- ...ate_transparency_logging_disabled.yaml.bak | 21 +++++ ...1-aws_insight_acm_certificate_expired.yaml | 2 +- ...s_insight_acm_certificate_expired.yaml.bak | 22 +++++ ..._insight_ebs_snapshot_older_than_year.yaml | 2 +- ...ight_ebs_snapshot_older_than_year.yaml.bak | 17 ++++ ...aws_insight_ec2_classic_load_balancer.yaml | 2 +- ...insight_ec2_classic_load_balancer.yaml.bak | 21 +++++ ...ht_elb_classic_lb_use_ssl_certificate.yaml | 2 +- ...lb_classic_lb_use_ssl_certificate.yaml.bak | 45 +++++++++++ ...nsight_elb_application_lb_waf_enabled.yaml | 2 +- ...ht_elb_application_lb_waf_enabled.yaml.bak | 31 +++++++ .../16-aws_insight_vpc_with_public_cidr.yaml | 2 +- ...-aws_insight_vpc_with_public_cidr.yaml.bak | 29 +++++++ ...azure_insight_compute_disk_unattached.yaml | 2 +- ...e_insight_compute_disk_unattached.yaml.bak | 23 ++++++ ...sight_compute_disk_unattached.yaml.bak.bak | 23 ++++++ ...mpute_disk_unavailable_in_multiple_az.yaml | 2 +- ...e_disk_unavailable_in_multiple_az.yaml.bak | 26 ++++++ ..._disk_not_encrypted_with_customer_key.yaml | 2 +- ...k_not_encrypted_with_customer_key.yaml.bak | 27 +++++++ ...on_retention_period_less_than_30_days.yaml | 2 +- ...etention_period_less_than_30_days.yaml.bak | 29 +++++++ ...ount_with_disabled_automatic_failover.yaml | 2 +- ..._with_disabled_automatic_failover.yaml.bak | 24 ++++++ ...raffic_from_all_networks_and_internet.yaml | 2 +- ...ic_from_all_networks_and_internet.yaml.bak | 24 ++++++ ...t_key_vault_with_disabled_soft_delete.yaml | 2 +- ...y_vault_with_disabled_soft_delete.yaml.bak | 26 ++++++ ...kubernetes_cluster_with_rbac_disabled.yaml | 2 +- ...rnetes_cluster_with_rbac_disabled.yaml.bak | 27 +++++++ ...rnetes_cluster_with_undesired_version.yaml | 2 +- ...es_cluster_with_undesired_version.yaml.bak | 31 +++++++ queries/25-azure_insight_lb_failed.yaml | 2 +- queries/25-azure_insight_lb_failed.yaml.bak | 27 +++++++ ...et_without_managed_disk_configuration.yaml | 2 +- ...ithout_managed_disk_configuration.yaml.bak | 25 ++++++ ...with_minimum_ssl_older_than_1_point_2.yaml | 2 +- ..._minimum_ssl_older_than_1_point_2.yaml.bak | 26 ++++++ ...ight_virtual_network_with_public_cidr.yaml | 2 +- ..._virtual_network_with_public_cidr.yaml.bak | 30 +++++++ ...orage_account_with_public_blob_access.yaml | 2 +- ...e_account_with_public_blob_access.yaml.bak | 24 ++++++ ...mbda_function_with_unsupported_engine.yaml | 2 +- ..._function_with_unsupported_engine.yaml.bak | 20 +++++ ...ction_with_unsupported_engine.yaml.bak.bak | 20 +++++ ...t_with_disabled_encryption_in_transit.yaml | 2 +- ...th_disabled_encryption_in_transit.yaml.bak | 24 ++++++ ...vm_remote_access_restricted_all_ports.yaml | 2 +- ...emote_access_restricted_all_ports.yaml.bak | 48 +++++++++++ ...e_access_restricted_all_ports.yaml.bak.bak | 48 +++++++++++ ...sight_loadbalancer_classic_no_logging.yaml | 2 +- ...t_loadbalancer_classic_no_logging.yaml.bak | 25 ++++++ ...t_loadbalancer_application_no_logging.yaml | 2 +- ...adbalancer_application_no_logging.yaml.bak | 28 +++++++ ...sight_loadbalancer_network_no_logging.yaml | 2 +- ...t_loadbalancer_network_no_logging.yaml.bak | 28 +++++++ ..._functionapp_with_unsupported_runtime.yaml | 2 +- ...ctionapp_with_unsupported_runtime.yaml.bak | 63 +++++++++++++++ queries/36-aws_insight_deprecated_eks.yaml | 2 +- .../36-aws_insight_deprecated_eks.yaml.bak | 19 +++++ ...re_insight_legacy_application_gateway.yaml | 2 +- ...nsight_legacy_application_gateway.yaml.bak | 19 +++++ ...-azure_insight_legacy_virtual_machine.yaml | 2 +- ...re_insight_legacy_virtual_machine.yaml.bak | 21 +++++ .../39-aws_insight_legacy_rds_instances.yaml | 2 +- ...-aws_insight_legacy_rds_instances.yaml.bak | 19 +++++ .../4-aws_insight_ebs_volume_unencrypted.yaml | 2 +- ...ws_insight_ebs_volume_unencrypted.yaml.bak | 24 ++++++ ...s_insight_accounts_without_cloudtrail.yaml | 2 +- ...sight_accounts_without_cloudtrail.yaml.bak | 21 +++++ ...1-aws_insight_root_login_last_90_days.yaml | 2 +- ...s_insight_root_login_last_90_days.yaml.bak | 20 +++++ ..._insight_account_with_root_access_key.yaml | 2 +- ...ight_account_with_root_access_key.yaml.bak | 20 +++++ ...-aws_insight_account_without_root_mfa.yaml | 2 +- ..._insight_account_without_root_mfa.yaml.bak | 20 +++++ ...ight_account_with_many_saml_providers.yaml | 2 +- ..._account_with_many_saml_providers.yaml.bak | 25 ++++++ .../45-aws_insight_account_without_mfa.yaml | 2 +- ...5-aws_insight_account_without_mfa.yaml.bak | 19 +++++ ...insight_account_with_key_and_password.yaml | 2 +- ...ght_account_with_key_and_password.yaml.bak | 19 +++++ ...7-aws_insight_account_with_unused_key.yaml | 2 +- ...s_insight_account_with_unused_key.yaml.bak | 19 +++++ ...48-aws_insight_iam_user_with_old_keys.yaml | 2 +- ...ws_insight_iam_user_with_old_keys.yaml.bak | 19 +++++ ...ws_insight_iam_user_with_old_password.yaml | 2 +- ...nsight_iam_user_with_old_password.yaml.bak | 19 +++++ .../5-aws_insight_ebs_volume_unattached.yaml | 2 +- ...aws_insight_ebs_volume_unattached.yaml.bak | 21 +++++ ...nsight_ec2_instance_of_undesired_type.yaml | 2 +- ...ht_ec2_instance_of_undesired_type.yaml.bak | 19 +++++ ...ws_insight_iam_user_with_admin_access.yaml | 2 +- ...nsight_iam_user_with_admin_access.yaml.bak | 21 +++++ ...ht_iam_user_with_admin_access.yaml.bak.bak | 21 +++++ ...ws_insight_iam_user_with_mfa_disabled.yaml | 2 +- ...nsight_iam_user_with_mfa_disabled.yaml.bak | 24 ++++++ ...insight_iam_user_with_inline_policies.yaml | 2 +- ...ght_iam_user_with_inline_policies.yaml.bak | 23 ++++++ queries/ai_workload.yaml | 2 +- queries/ai_workload.yaml.bak | 41 ++++++++++ queries/autoscaling_workload.yaml | 2 +- queries/autoscaling_workload.yaml.bak | 39 +++++++++ queries/aws_accessanalyzer_analyzer_1.yaml | 2 +- .../aws_accessanalyzer_analyzer_1.yaml.bak | 28 +++++++ queries/aws_accessanalyzer_analyzer_2.yaml | 2 +- .../aws_accessanalyzer_analyzer_2.yaml.bak | 30 +++++++ ...aws_accessanalyzer_analyzer_2.yaml.bak.bak | 30 +++++++ queries/aws_accessanalyzer_analyzer_3.yaml | 2 +- .../aws_accessanalyzer_analyzer_3.yaml.bak | 30 +++++++ queries/aws_accessanalyzer_finding_1.yaml | 2 +- queries/aws_accessanalyzer_finding_1.yaml.bak | 27 +++++++ .../aws_accessanalyzer_finding_1.yaml.bak.bak | 27 +++++++ queries/aws_accessanalyzer_finding_2.yaml | 2 +- queries/aws_accessanalyzer_finding_2.yaml.bak | 28 +++++++ queries/aws_accessanalyzer_finding_3.yaml | 2 +- queries/aws_accessanalyzer_finding_3.yaml.bak | 27 +++++++ queries/aws_accessanalyzer_finding_4.yaml | 2 +- queries/aws_accessanalyzer_finding_4.yaml.bak | 27 +++++++ queries/aws_account_1.yaml | 2 +- queries/aws_account_1.yaml.bak | 27 +++++++ queries/aws_account_2.yaml | 2 +- queries/aws_account_2.yaml.bak | 27 +++++++ queries/aws_account_2.yaml.bak.bak | 27 +++++++ queries/aws_account_alternate_contact_1.yaml | 2 +- .../aws_account_alternate_contact_1.yaml.bak | 29 +++++++ queries/aws_account_alternate_contact_2.yaml | 2 +- .../aws_account_alternate_contact_2.yaml.bak | 31 +++++++ queries/aws_account_alternate_contact_3.yaml | 2 +- .../aws_account_alternate_contact_3.yaml.bak | 31 +++++++ queries/aws_account_alternate_contact_4.yaml | 2 +- .../aws_account_alternate_contact_4.yaml.bak | 32 ++++++++ queries/aws_account_contact_1.yaml | 2 +- queries/aws_account_contact_1.yaml.bak | 30 +++++++ queries/aws_account_contact_2.yaml | 2 +- queries/aws_account_contact_2.yaml.bak | 30 +++++++ queries/aws_acm_certificate_1.yaml | 2 +- queries/aws_acm_certificate_1.yaml.bak | 29 +++++++ queries/aws_acm_certificate_2.yaml | 2 +- queries/aws_acm_certificate_2.yaml.bak | 26 ++++++ queries/aws_acm_certificate_3.yaml | 2 +- queries/aws_acm_certificate_3.yaml.bak | 28 +++++++ queries/aws_acm_certificate_4.yaml | 2 +- queries/aws_acm_certificate_4.yaml.bak | 27 +++++++ .../aws_acmpca_certificate_authority_1.yaml | 2 +- ...ws_acmpca_certificate_authority_1.yaml.bak | 30 +++++++ .../aws_acmpca_certificate_authority_2.yaml | 2 +- ...ws_acmpca_certificate_authority_2.yaml.bak | 36 +++++++++ .../aws_acmpca_certificate_authority_3.yaml | 2 +- ...ws_acmpca_certificate_authority_3.yaml.bak | 27 +++++++ .../aws_acmpca_certificate_authority_4.yaml | 2 +- ...ws_acmpca_certificate_authority_4.yaml.bak | 29 +++++++ queries/aws_amplify_app_1.yaml | 2 +- queries/aws_amplify_app_1.yaml.bak | 28 +++++++ queries/aws_amplify_app_2.yaml | 2 +- queries/aws_amplify_app_2.yaml.bak | 30 +++++++ queries/aws_amplify_app_3.yaml | 2 +- queries/aws_amplify_app_3.yaml.bak | 28 +++++++ queries/aws_amplify_app_4.yaml | 2 +- queries/aws_amplify_app_4.yaml.bak | 26 ++++++ queries/aws_amplify_app_5.yaml | 2 +- queries/aws_amplify_app_5.yaml.bak | 31 +++++++ queries/aws_amplify_app_6.yaml | 2 +- queries/aws_amplify_app_6.yaml.bak | 30 +++++++ queries/aws_amplify_app_6.yaml.bak.bak | 30 +++++++ queries/aws_amplify_app_7.yaml | 2 +- queries/aws_amplify_app_7.yaml.bak | 29 +++++++ queries/aws_api_gateway_api_key_1.yaml | 2 +- queries/aws_api_gateway_api_key_1.yaml.bak | 30 +++++++ queries/aws_api_gateway_api_key_2.yaml | 2 +- queries/aws_api_gateway_api_key_2.yaml.bak | 28 +++++++ queries/aws_api_gateway_authorizer_1.yaml | 2 +- queries/aws_api_gateway_authorizer_1.yaml.bak | 30 +++++++ queries/aws_api_gateway_authorizer_2.yaml | 2 +- queries/aws_api_gateway_authorizer_2.yaml.bak | 29 +++++++ queries/aws_api_gateway_domain_name_1.yaml | 2 +- .../aws_api_gateway_domain_name_1.yaml.bak | 27 +++++++ queries/aws_api_gateway_domain_name_2.yaml | 2 +- .../aws_api_gateway_domain_name_2.yaml.bak | 30 +++++++ queries/aws_api_gateway_domain_name_3.yaml | 2 +- .../aws_api_gateway_domain_name_3.yaml.bak | 33 ++++++++ queries/aws_api_gateway_domain_name_4.yaml | 2 +- .../aws_api_gateway_domain_name_4.yaml.bak | 24 ++++++ queries/aws_api_gateway_domain_name_5.yaml | 2 +- .../aws_api_gateway_domain_name_5.yaml.bak | 27 +++++++ queries/aws_api_gateway_method_1.yaml | 2 +- queries/aws_api_gateway_method_1.yaml.bak | 28 +++++++ queries/aws_api_gateway_method_2.yaml | 2 +- queries/aws_api_gateway_method_2.yaml.bak | 27 +++++++ queries/aws_api_gateway_method_3.yaml | 2 +- queries/aws_api_gateway_method_3.yaml.bak | 31 +++++++ queries/aws_api_gateway_method_4.yaml | 2 +- queries/aws_api_gateway_method_4.yaml.bak | 41 ++++++++++ queries/aws_api_gateway_rest_api_1.yaml | 2 +- queries/aws_api_gateway_rest_api_1.yaml.bak | 28 +++++++ queries/aws_api_gateway_rest_api_2.yaml | 2 +- queries/aws_api_gateway_rest_api_2.yaml.bak | 29 +++++++ queries/aws_api_gateway_rest_api_3.yaml | 2 +- queries/aws_api_gateway_rest_api_3.yaml.bak | 30 +++++++ queries/aws_api_gateway_rest_api_4.yaml | 2 +- queries/aws_api_gateway_rest_api_4.yaml.bak | 36 +++++++++ queries/aws_api_gateway_rest_api_5.yaml | 2 +- queries/aws_api_gateway_rest_api_5.yaml.bak | 34 ++++++++ queries/aws_api_gateway_stage_1.yaml | 2 +- queries/aws_api_gateway_stage_1.yaml.bak | 25 ++++++ queries/aws_api_gateway_stage_2.yaml | 2 +- queries/aws_api_gateway_stage_2.yaml.bak | 29 +++++++ queries/aws_api_gateway_stage_3.yaml | 2 +- queries/aws_api_gateway_stage_3.yaml.bak | 25 ++++++ queries/aws_api_gateway_stage_4.yaml | 2 +- queries/aws_api_gateway_stage_4.yaml.bak | 29 +++++++ queries/aws_api_gateway_usage_plan_1.yaml | 2 +- queries/aws_api_gateway_usage_plan_1.yaml.bak | 26 ++++++ queries/aws_api_gateway_usage_plan_2.yaml | 2 +- queries/aws_api_gateway_usage_plan_2.yaml.bak | 26 ++++++ queries/aws_api_gateway_usage_plan_3.yaml | 2 +- queries/aws_api_gateway_usage_plan_3.yaml.bak | 28 +++++++ .../aws_api_gateway_usage_plan_3.yaml.bak.bak | 28 +++++++ queries/aws_api_gatewayv2_api_1.yaml | 2 +- queries/aws_api_gatewayv2_api_1.yaml.bak | 29 +++++++ queries/aws_api_gatewayv2_api_2.yaml | 2 +- queries/aws_api_gatewayv2_api_2.yaml.bak | 26 ++++++ queries/aws_api_gatewayv2_api_3.yaml | 2 +- queries/aws_api_gatewayv2_api_3.yaml.bak | 26 ++++++ queries/aws_api_gatewayv2_domain_name_1.yaml | 2 +- .../aws_api_gatewayv2_domain_name_1.yaml.bak | 28 +++++++ queries/aws_api_gatewayv2_domain_name_2.yaml | 2 +- .../aws_api_gatewayv2_domain_name_2.yaml.bak | 28 +++++++ queries/aws_api_gatewayv2_domain_name_3.yaml | 2 +- .../aws_api_gatewayv2_domain_name_3.yaml.bak | 37 +++++++++ queries/aws_api_gatewayv2_domain_name_4.yaml | 2 +- .../aws_api_gatewayv2_domain_name_4.yaml.bak | 27 +++++++ queries/aws_api_gatewayv2_domain_name_5.yaml | 2 +- .../aws_api_gatewayv2_domain_name_5.yaml.bak | 32 ++++++++ queries/aws_api_gatewayv2_integration_1.yaml | 2 +- .../aws_api_gatewayv2_integration_1.yaml.bak | 28 +++++++ ...s_api_gatewayv2_integration_1.yaml.bak.bak | 28 +++++++ queries/aws_api_gatewayv2_integration_2.yaml | 2 +- .../aws_api_gatewayv2_integration_2.yaml.bak | 25 ++++++ queries/aws_api_gatewayv2_route_1.yaml | 2 +- queries/aws_api_gatewayv2_route_1.yaml.bak | 26 ++++++ queries/aws_api_gatewayv2_route_2.yaml | 2 +- queries/aws_api_gatewayv2_route_2.yaml.bak | 26 ++++++ queries/aws_api_gatewayv2_route_3.yaml | 2 +- queries/aws_api_gatewayv2_route_3.yaml.bak | 28 +++++++ queries/aws_api_gatewayv2_stage_1.yaml | 2 +- queries/aws_api_gatewayv2_stage_1.yaml.bak | 28 +++++++ queries/aws_api_gatewayv2_stage_2.yaml | 2 +- queries/aws_api_gatewayv2_stage_2.yaml.bak | 27 +++++++ queries/aws_api_gatewayv2_stage_3.yaml | 2 +- queries/aws_api_gatewayv2_stage_3.yaml.bak | 27 +++++++ queries/aws_api_gatewayv2_stage_4.yaml | 2 +- queries/aws_api_gatewayv2_stage_4.yaml.bak | 27 +++++++ queries/aws_app_runner_service_1.yaml | 2 +- queries/aws_app_runner_service_1.yaml.bak | 30 +++++++ queries/aws_app_runner_service_2.yaml | 2 +- queries/aws_app_runner_service_2.yaml.bak | 28 +++++++ queries/aws_app_runner_service_3.yaml | 2 +- queries/aws_app_runner_service_3.yaml.bak | 28 +++++++ queries/aws_app_runner_service_4.yaml | 2 +- queries/aws_app_runner_service_4.yaml.bak | 30 +++++++ queries/aws_app_runner_service_5.yaml | 2 +- queries/aws_app_runner_service_5.yaml.bak | 26 ++++++ queries/aws_app_runner_service_6.yaml | 2 +- queries/aws_app_runner_service_6.yaml.bak | 24 ++++++ queries/aws_appautoscaling_policy_1.yaml | 2 +- queries/aws_appautoscaling_policy_1.yaml.bak | 28 +++++++ .../aws_appautoscaling_policy_1.yaml.bak.bak | 28 +++++++ queries/aws_appautoscaling_policy_2.yaml | 2 +- queries/aws_appautoscaling_policy_2.yaml.bak | 26 ++++++ queries/aws_appautoscaling_policy_3.yaml | 2 +- queries/aws_appautoscaling_policy_3.yaml.bak | 28 +++++++ queries/aws_appautoscaling_policy_4.yaml | 2 +- queries/aws_appautoscaling_policy_4.yaml.bak | 28 +++++++ queries/aws_appautoscaling_policy_5.yaml | 2 +- queries/aws_appautoscaling_policy_5.yaml.bak | 29 +++++++ queries/aws_appautoscaling_target_1.yaml | 2 +- queries/aws_appautoscaling_target_1.yaml.bak | 27 +++++++ queries/aws_appautoscaling_target_2.yaml | 2 +- queries/aws_appautoscaling_target_2.yaml.bak | 29 +++++++ queries/aws_appconfig_application_1.yaml | 2 +- queries/aws_appconfig_application_1.yaml.bak | 26 ++++++ queries/aws_appstream_fleet_1.yaml | 2 +- queries/aws_appstream_fleet_1.yaml.bak | 32 ++++++++ queries/aws_appstream_fleet_1.yaml.bak.bak | 32 ++++++++ queries/aws_appstream_fleet_10.yaml | 2 +- queries/aws_appstream_fleet_10.yaml.bak | 30 +++++++ queries/aws_appstream_fleet_2.yaml | 2 +- queries/aws_appstream_fleet_2.yaml.bak | 32 ++++++++ queries/aws_appstream_fleet_3.yaml | 2 +- queries/aws_appstream_fleet_3.yaml.bak | 32 ++++++++ queries/aws_appstream_fleet_4.yaml | 2 +- queries/aws_appstream_fleet_4.yaml.bak | 31 +++++++ queries/aws_appstream_fleet_5.yaml | 2 +- queries/aws_appstream_fleet_5.yaml.bak | 35 ++++++++ queries/aws_appstream_fleet_6.yaml | 2 +- queries/aws_appstream_fleet_6.yaml.bak | 29 +++++++ queries/aws_appstream_fleet_7.yaml | 2 +- queries/aws_appstream_fleet_7.yaml.bak | 26 ++++++ queries/aws_appstream_fleet_8.yaml | 2 +- queries/aws_appstream_fleet_8.yaml.bak | 27 +++++++ queries/aws_appstream_fleet_9.yaml | 2 +- queries/aws_appstream_fleet_9.yaml.bak | 27 +++++++ queries/aws_appstream_image_1.yaml | 2 +- queries/aws_appstream_image_1.yaml.bak | 31 +++++++ queries/aws_appstream_image_2.yaml | 2 +- queries/aws_appstream_image_2.yaml.bak | 28 +++++++ queries/aws_appstream_image_3.yaml | 2 +- queries/aws_appstream_image_3.yaml.bak | 31 +++++++ queries/aws_appstream_image_4.yaml | 2 +- queries/aws_appstream_image_4.yaml.bak | 31 +++++++ queries/aws_appstream_image_5.yaml | 2 +- queries/aws_appstream_image_5.yaml.bak | 29 +++++++ queries/aws_appstream_image_6.yaml | 2 +- queries/aws_appstream_image_6.yaml.bak | 40 +++++++++ queries/aws_appstream_image_7.yaml | 2 +- queries/aws_appstream_image_7.yaml.bak | 27 +++++++ queries/aws_appstream_image_7.yaml.bak.bak | 27 +++++++ queries/aws_appstream_image_8.yaml | 2 +- queries/aws_appstream_image_8.yaml.bak | 29 +++++++ queries/aws_appsync_graphql_api_1.yaml | 2 +- queries/aws_appsync_graphql_api_1.yaml.bak | 30 +++++++ queries/aws_appsync_graphql_api_2.yaml | 2 +- queries/aws_appsync_graphql_api_2.yaml.bak | 28 +++++++ queries/aws_appsync_graphql_api_3.yaml | 2 +- queries/aws_appsync_graphql_api_3.yaml.bak | 27 +++++++ queries/aws_athena_query_execution_1.yaml | 2 +- queries/aws_athena_query_execution_1.yaml.bak | 27 +++++++ queries/aws_athena_query_execution_2.yaml | 2 +- queries/aws_athena_query_execution_2.yaml.bak | 25 ++++++ queries/aws_athena_query_execution_3.yaml | 2 +- queries/aws_athena_query_execution_3.yaml.bak | 29 +++++++ .../aws_athena_query_execution_3.yaml.bak.bak | 29 +++++++ queries/aws_athena_query_execution_4.yaml | 2 +- queries/aws_athena_query_execution_4.yaml.bak | 27 +++++++ queries/aws_athena_workgroup_1.yaml | 2 +- queries/aws_athena_workgroup_1.yaml.bak | 28 +++++++ queries/aws_athena_workgroup_2.yaml | 2 +- queries/aws_athena_workgroup_2.yaml.bak | 25 ++++++ queries/aws_athena_workgroup_2.yaml.bak.bak | 25 ++++++ queries/aws_athena_workgroup_3.yaml | 2 +- queries/aws_athena_workgroup_3.yaml.bak | 25 ++++++ queries/aws_athena_workgroup_4.yaml | 2 +- queries/aws_athena_workgroup_4.yaml.bak | 26 ++++++ queries/aws_auditmanager_assessment_1.yaml | 2 +- .../aws_auditmanager_assessment_1.yaml.bak | 25 ++++++ queries/aws_auditmanager_assessment_2.yaml | 2 +- .../aws_auditmanager_assessment_2.yaml.bak | 31 +++++++ queries/aws_auditmanager_assessment_3.yaml | 2 +- .../aws_auditmanager_assessment_3.yaml.bak | 28 +++++++ queries/aws_auditmanager_control_1.yaml | 2 +- queries/aws_auditmanager_control_1.yaml.bak | 25 ++++++ queries/aws_auditmanager_control_2.yaml | 2 +- queries/aws_auditmanager_control_2.yaml.bak | 28 +++++++ queries/aws_auditmanager_evidence_1.yaml | 2 +- queries/aws_auditmanager_evidence_1.yaml.bak | 27 +++++++ queries/aws_auditmanager_evidence_2.yaml | 2 +- queries/aws_auditmanager_evidence_2.yaml.bak | 29 +++++++ .../aws_auditmanager_evidence_folder_1.yaml | 2 +- ...ws_auditmanager_evidence_folder_1.yaml.bak | 28 +++++++ .../aws_auditmanager_evidence_folder_2.yaml | 2 +- ...ws_auditmanager_evidence_folder_2.yaml.bak | 25 ++++++ queries/aws_auditmanager_framework_1.yaml | 2 +- queries/aws_auditmanager_framework_1.yaml.bak | 25 ++++++ queries/aws_auditmanager_framework_2.yaml | 2 +- queries/aws_auditmanager_framework_2.yaml.bak | 27 +++++++ queries/aws_availability_zone_1.yaml | 2 +- queries/aws_availability_zone_1.yaml.bak | 26 ++++++ queries/aws_availability_zone_2.yaml | 2 +- queries/aws_availability_zone_2.yaml.bak | 27 +++++++ queries/aws_availability_zone_2.yaml.bak.bak | 27 +++++++ queries/aws_availability_zone_3.yaml | 2 +- queries/aws_availability_zone_3.yaml.bak | 27 +++++++ queries/aws_backup_framework_1.yaml | 2 +- queries/aws_backup_framework_1.yaml.bak | 33 ++++++++ queries/aws_backup_framework_2.yaml | 2 +- queries/aws_backup_framework_2.yaml.bak | 29 +++++++ queries/aws_backup_framework_3.yaml | 2 +- queries/aws_backup_framework_3.yaml.bak | 25 ++++++ queries/aws_backup_framework_4.yaml | 2 +- queries/aws_backup_framework_4.yaml.bak | 28 +++++++ queries/aws_backup_framework_5.yaml | 2 +- queries/aws_backup_framework_5.yaml.bak | 49 +++++++++++ queries/aws_backup_framework_6.yaml | 2 +- queries/aws_backup_framework_6.yaml.bak | 50 ++++++++++++ queries/aws_backup_job_1.yaml | 2 +- queries/aws_backup_job_1.yaml.bak | 25 ++++++ queries/aws_backup_job_1.yaml.bak.bak | 25 ++++++ queries/aws_backup_job_2.yaml | 2 +- queries/aws_backup_job_2.yaml.bak | 31 +++++++ queries/aws_backup_job_3.yaml | 2 +- queries/aws_backup_job_3.yaml.bak | 25 ++++++ queries/aws_backup_legal_hold_1.yaml | 2 +- queries/aws_backup_legal_hold_1.yaml.bak | 27 +++++++ queries/aws_backup_legal_hold_2.yaml | 2 +- queries/aws_backup_legal_hold_2.yaml.bak | 34 ++++++++ queries/aws_backup_legal_hold_3.yaml | 2 +- queries/aws_backup_legal_hold_3.yaml.bak | 27 +++++++ queries/aws_backup_legal_hold_3.yaml.bak.bak | 27 +++++++ queries/aws_backup_plan_1.yaml | 2 +- queries/aws_backup_plan_1.yaml.bak | 30 +++++++ queries/aws_backup_plan_2.yaml | 2 +- queries/aws_backup_plan_2.yaml.bak | 32 ++++++++ queries/aws_backup_plan_3.yaml | 2 +- queries/aws_backup_plan_3.yaml.bak | 31 +++++++ queries/aws_backup_protected_resource_1.yaml | 2 +- .../aws_backup_protected_resource_1.yaml.bak | 24 ++++++ queries/aws_backup_protected_resource_2.yaml | 2 +- .../aws_backup_protected_resource_2.yaml.bak | 28 +++++++ queries/aws_backup_recovery_point_1.yaml | 2 +- queries/aws_backup_recovery_point_1.yaml.bak | 25 ++++++ queries/aws_backup_recovery_point_2.yaml | 2 +- queries/aws_backup_recovery_point_2.yaml.bak | 30 +++++++ queries/aws_backup_recovery_point_3.yaml | 2 +- queries/aws_backup_recovery_point_3.yaml.bak | 41 ++++++++++ queries/aws_backup_report_plan_1.yaml | 2 +- queries/aws_backup_report_plan_1.yaml.bak | 28 +++++++ queries/aws_backup_report_plan_2.yaml | 2 +- queries/aws_backup_report_plan_2.yaml.bak | 32 ++++++++ queries/aws_backup_report_plan_3.yaml | 2 +- queries/aws_backup_report_plan_3.yaml.bak | 30 +++++++ queries/aws_backup_report_plan_4.yaml | 2 +- queries/aws_backup_report_plan_4.yaml.bak | 34 ++++++++ queries/aws_backup_report_plan_5.yaml | 2 +- queries/aws_backup_report_plan_5.yaml.bak | 28 +++++++ queries/aws_backup_report_plan_6.yaml | 2 +- queries/aws_backup_report_plan_6.yaml.bak | 31 +++++++ queries/aws_backup_selection_1.yaml | 2 +- queries/aws_backup_selection_1.yaml.bak | 26 ++++++ queries/aws_backup_selection_2.yaml | 2 +- queries/aws_backup_selection_2.yaml.bak | 34 ++++++++ queries/aws_backup_selection_2.yaml.bak.bak | 34 ++++++++ queries/aws_backup_vault_1.yaml | 2 +- queries/aws_backup_vault_1.yaml.bak | 24 ++++++ queries/aws_backup_vault_2.yaml | 2 +- queries/aws_backup_vault_2.yaml.bak | 30 +++++++ queries/aws_backup_vault_2.yaml.bak.bak | 30 +++++++ queries/aws_backup_vault_3.yaml | 2 +- queries/aws_backup_vault_3.yaml.bak | 29 +++++++ queries/aws_backup_vault_4.yaml | 2 +- queries/aws_backup_vault_4.yaml.bak | 26 ++++++ queries/aws_cloudcontrol_resource_1.yaml | 2 +- queries/aws_cloudcontrol_resource_1.yaml.bak | 30 +++++++ queries/aws_cloudcontrol_resource_2.yaml | 2 +- queries/aws_cloudcontrol_resource_2.yaml.bak | 32 ++++++++ queries/aws_cloudcontrol_resource_3.yaml | 2 +- queries/aws_cloudcontrol_resource_3.yaml.bak | 29 +++++++ .../aws_cloudcontrol_resource_3.yaml.bak.bak | 29 +++++++ queries/aws_cloudcontrol_resource_4.yaml | 2 +- queries/aws_cloudcontrol_resource_4.yaml.bak | 29 +++++++ queries/aws_cloudformation_stack_1.yaml | 2 +- queries/aws_cloudformation_stack_1.yaml.bak | 26 ++++++ queries/aws_cloudformation_stack_2.yaml | 2 +- queries/aws_cloudformation_stack_2.yaml.bak | 25 ++++++ .../aws_cloudformation_stack_2.yaml.bak.bak | 25 ++++++ queries/aws_cloudformation_stack_3.yaml | 2 +- queries/aws_cloudformation_stack_3.yaml.bak | 25 ++++++ queries/aws_cloudformation_stack_4.yaml | 2 +- queries/aws_cloudformation_stack_4.yaml.bak | 26 ++++++ queries/aws_cloudformation_stack_5.yaml | 2 +- queries/aws_cloudformation_stack_5.yaml.bak | 25 ++++++ .../aws_cloudformation_stack_resource_1.yaml | 2 +- ...s_cloudformation_stack_resource_1.yaml.bak | 28 +++++++ .../aws_cloudformation_stack_resource_2.yaml | 2 +- ...s_cloudformation_stack_resource_2.yaml.bak | 29 +++++++ .../aws_cloudformation_stack_resource_3.yaml | 2 +- ...s_cloudformation_stack_resource_3.yaml.bak | 32 ++++++++ .../aws_cloudformation_stack_resource_4.yaml | 2 +- ...s_cloudformation_stack_resource_4.yaml.bak | 28 +++++++ .../aws_cloudformation_stack_resource_5.yaml | 2 +- ...s_cloudformation_stack_resource_5.yaml.bak | 27 +++++++ queries/aws_cloudformation_stack_set_1.yaml | 2 +- .../aws_cloudformation_stack_set_1.yaml.bak | 26 ++++++ queries/aws_cloudformation_stack_set_2.yaml | 2 +- .../aws_cloudformation_stack_set_2.yaml.bak | 30 +++++++ queries/aws_cloudformation_stack_set_3.yaml | 2 +- .../aws_cloudformation_stack_set_3.yaml.bak | 30 +++++++ queries/aws_cloudformation_stack_set_4.yaml | 2 +- .../aws_cloudformation_stack_set_4.yaml.bak | 31 +++++++ queries/aws_cloudfront_cache_policy_1.yaml | 2 +- .../aws_cloudfront_cache_policy_1.yaml.bak | 29 +++++++ queries/aws_cloudfront_cache_policy_2.yaml | 2 +- .../aws_cloudfront_cache_policy_2.yaml.bak | 28 +++++++ queries/aws_cloudfront_cache_policy_3.yaml | 2 +- .../aws_cloudfront_cache_policy_3.yaml.bak | 26 ++++++ queries/aws_cloudfront_distribution_1.yaml | 2 +- .../aws_cloudfront_distribution_1.yaml.bak | 31 +++++++ queries/aws_cloudfront_distribution_2.yaml | 2 +- .../aws_cloudfront_distribution_2.yaml.bak | 29 +++++++ queries/aws_cloudfront_distribution_3.yaml | 2 +- .../aws_cloudfront_distribution_3.yaml.bak | 27 +++++++ queries/aws_cloudfront_distribution_4.yaml | 2 +- .../aws_cloudfront_distribution_4.yaml.bak | 31 +++++++ ...aws_cloudfront_distribution_4.yaml.bak.bak | 31 +++++++ queries/aws_cloudfront_distribution_5.yaml | 2 +- .../aws_cloudfront_distribution_5.yaml.bak | 32 ++++++++ queries/aws_cloudfront_distribution_6.yaml | 2 +- .../aws_cloudfront_distribution_6.yaml.bak | 30 +++++++ queries/aws_cloudfront_function_1.yaml | 2 +- queries/aws_cloudfront_function_1.yaml.bak | 26 ++++++ .../aws_cloudfront_function_1.yaml.bak.bak | 26 ++++++ queries/aws_cloudfront_function_2.yaml | 2 +- queries/aws_cloudfront_function_2.yaml.bak | 28 +++++++ queries/aws_cloudfront_function_3.yaml | 2 +- queries/aws_cloudfront_function_3.yaml.bak | 29 +++++++ queries/aws_cloudfront_function_4.yaml | 2 +- queries/aws_cloudfront_function_4.yaml.bak | 30 +++++++ ...s_cloudfront_origin_access_identity_1.yaml | 2 +- ...oudfront_origin_access_identity_1.yaml.bak | 28 +++++++ ...s_cloudfront_origin_access_identity_2.yaml | 2 +- ...oudfront_origin_access_identity_2.yaml.bak | 27 +++++++ ...ront_origin_access_identity_2.yaml.bak.bak | 27 +++++++ ...ws_cloudfront_origin_request_policy_1.yaml | 2 +- ...loudfront_origin_request_policy_1.yaml.bak | 26 ++++++ ...ws_cloudfront_origin_request_policy_2.yaml | 2 +- ...loudfront_origin_request_policy_2.yaml.bak | 25 ++++++ ..._cloudfront_response_headers_policy_1.yaml | 2 +- ...udfront_response_headers_policy_1.yaml.bak | 26 ++++++ ..._cloudfront_response_headers_policy_2.yaml | 2 +- ...udfront_response_headers_policy_2.yaml.bak | 28 +++++++ ..._cloudfront_response_headers_policy_3.yaml | 2 +- ...udfront_response_headers_policy_3.yaml.bak | 28 +++++++ ...ont_response_headers_policy_3.yaml.bak.bak | 28 +++++++ queries/aws_cloudsearch_domain_1.yaml | 2 +- queries/aws_cloudsearch_domain_1.yaml.bak | 27 +++++++ queries/aws_cloudsearch_domain_2.yaml | 2 +- queries/aws_cloudsearch_domain_2.yaml.bak | 28 +++++++ queries/aws_cloudsearch_domain_3.yaml | 2 +- queries/aws_cloudsearch_domain_3.yaml.bak | 26 ++++++ queries/aws_cloudtrail_channel_1.yaml | 2 +- queries/aws_cloudtrail_channel_1.yaml.bak | 27 +++++++ queries/aws_cloudtrail_channel_2.yaml | 2 +- queries/aws_cloudtrail_channel_2.yaml.bak | 30 +++++++ queries/aws_cloudtrail_channel_3.yaml | 2 +- queries/aws_cloudtrail_channel_3.yaml.bak | 25 ++++++ .../aws_cloudtrail_event_data_store_1.yaml | 2 +- ...aws_cloudtrail_event_data_store_1.yaml.bak | 30 +++++++ .../aws_cloudtrail_event_data_store_2.yaml | 2 +- ...aws_cloudtrail_event_data_store_2.yaml.bak | 34 ++++++++ .../aws_cloudtrail_event_data_store_3.yaml | 2 +- ...aws_cloudtrail_event_data_store_3.yaml.bak | 34 ++++++++ queries/aws_cloudtrail_import_1.yaml | 2 +- queries/aws_cloudtrail_import_1.yaml.bak | 25 ++++++ queries/aws_cloudtrail_import_2.yaml | 2 +- queries/aws_cloudtrail_import_2.yaml.bak | 26 ++++++ queries/aws_cloudtrail_import_3.yaml | 2 +- queries/aws_cloudtrail_import_3.yaml.bak | 28 +++++++ queries/aws_cloudtrail_import_4.yaml | 2 +- queries/aws_cloudtrail_import_4.yaml.bak | 26 ++++++ queries/aws_cloudtrail_import_5.yaml | 2 +- queries/aws_cloudtrail_import_5.yaml.bak | 28 +++++++ queries/aws_cloudtrail_import_5.yaml.bak.bak | 28 +++++++ queries/aws_cloudtrail_lookup_event_1.yaml | 2 +- .../aws_cloudtrail_lookup_event_1.yaml.bak | 33 ++++++++ queries/aws_cloudtrail_lookup_event_2.yaml | 2 +- .../aws_cloudtrail_lookup_event_2.yaml.bak | 34 ++++++++ queries/aws_cloudtrail_lookup_event_3.yaml | 2 +- .../aws_cloudtrail_lookup_event_3.yaml.bak | 30 +++++++ queries/aws_cloudtrail_query_1.yaml | 2 +- queries/aws_cloudtrail_query_1.yaml.bak | 30 +++++++ queries/aws_cloudtrail_query_2.yaml | 2 +- queries/aws_cloudtrail_query_2.yaml.bak | 29 +++++++ queries/aws_cloudtrail_query_3.yaml | 2 +- queries/aws_cloudtrail_query_3.yaml.bak | 35 ++++++++ queries/aws_cloudtrail_query_3.yaml.bak.bak | 35 ++++++++ queries/aws_cloudtrail_query_4.yaml | 2 +- queries/aws_cloudtrail_query_4.yaml.bak | 31 +++++++ queries/aws_cloudtrail_trail_1.yaml | 2 +- queries/aws_cloudtrail_trail_1.yaml.bak | 26 ++++++ queries/aws_cloudtrail_trail_2.yaml | 2 +- queries/aws_cloudtrail_trail_2.yaml.bak | 27 +++++++ queries/aws_cloudtrail_trail_3.yaml | 2 +- queries/aws_cloudtrail_trail_3.yaml.bak | 29 +++++++ queries/aws_cloudtrail_trail_4.yaml | 2 +- queries/aws_cloudtrail_trail_4.yaml.bak | 27 +++++++ queries/aws_cloudtrail_trail_5.yaml | 2 +- queries/aws_cloudtrail_trail_5.yaml.bak | 27 +++++++ queries/aws_cloudtrail_trail_6.yaml | 2 +- queries/aws_cloudtrail_trail_6.yaml.bak | 26 ++++++ queries/aws_cloudtrail_trail_7.yaml | 2 +- queries/aws_cloudtrail_trail_7.yaml.bak | 28 +++++++ queries/aws_cloudtrail_trail_7.yaml.bak.bak | 28 +++++++ queries/aws_cloudtrail_trail_event_1.yaml | 2 +- queries/aws_cloudtrail_trail_event_1.yaml.bak | 35 ++++++++ queries/aws_cloudtrail_trail_event_2.yaml | 2 +- queries/aws_cloudtrail_trail_event_2.yaml.bak | 35 ++++++++ .../aws_cloudtrail_trail_event_2.yaml.bak.bak | 35 ++++++++ queries/aws_cloudtrail_trail_event_3.yaml | 2 +- queries/aws_cloudtrail_trail_event_3.yaml.bak | 38 +++++++++ queries/aws_cloudtrail_trail_event_4.yaml | 2 +- queries/aws_cloudtrail_trail_event_4.yaml.bak | 36 +++++++++ queries/aws_cloudtrail_trail_event_5.yaml | 2 +- queries/aws_cloudtrail_trail_event_5.yaml.bak | 35 ++++++++ queries/aws_cloudtrail_trail_event_6.yaml | 2 +- queries/aws_cloudtrail_trail_event_6.yaml.bak | 37 +++++++++ queries/aws_cloudtrail_trail_event_7.yaml | 2 +- queries/aws_cloudtrail_trail_event_7.yaml.bak | 37 +++++++++ queries/aws_cloudtrail_trail_event_8.yaml | 2 +- queries/aws_cloudtrail_trail_event_8.yaml.bak | 39 +++++++++ queries/aws_cloudtrail_trail_event_9.yaml | 2 +- queries/aws_cloudtrail_trail_event_9.yaml.bak | 39 +++++++++ queries/aws_cloudwatch_alarm_1.yaml | 2 +- queries/aws_cloudwatch_alarm_1.yaml.bak | 30 +++++++ queries/aws_cloudwatch_alarm_2.yaml | 2 +- queries/aws_cloudwatch_alarm_2.yaml.bak | 27 +++++++ queries/aws_cloudwatch_alarm_3.yaml | 2 +- queries/aws_cloudwatch_alarm_3.yaml.bak | 26 ++++++ queries/aws_cloudwatch_alarm_4.yaml | 2 +- queries/aws_cloudwatch_alarm_4.yaml.bak | 29 +++++++ queries/aws_cloudwatch_alarm_5.yaml | 2 +- queries/aws_cloudwatch_alarm_5.yaml.bak | 31 +++++++ queries/aws_cloudwatch_log_event_1.yaml | 2 +- queries/aws_cloudwatch_log_event_1.yaml.bak | 32 ++++++++ queries/aws_cloudwatch_log_event_2.yaml | 2 +- queries/aws_cloudwatch_log_event_2.yaml.bak | 32 ++++++++ queries/aws_cloudwatch_log_event_3.yaml | 2 +- queries/aws_cloudwatch_log_event_3.yaml.bak | 33 ++++++++ queries/aws_cloudwatch_log_event_4.yaml | 2 +- queries/aws_cloudwatch_log_event_4.yaml.bak | 35 ++++++++ queries/aws_cloudwatch_log_event_5.yaml | 2 +- queries/aws_cloudwatch_log_event_5.yaml.bak | 34 ++++++++ .../aws_cloudwatch_log_event_5.yaml.bak.bak | 34 ++++++++ queries/aws_cloudwatch_log_event_6.yaml | 2 +- queries/aws_cloudwatch_log_event_6.yaml.bak | 33 ++++++++ queries/aws_cloudwatch_log_group_1.yaml | 2 +- queries/aws_cloudwatch_log_group_1.yaml.bak | 29 +++++++ queries/aws_cloudwatch_log_group_2.yaml | 2 +- queries/aws_cloudwatch_log_group_2.yaml.bak | 27 +++++++ queries/aws_cloudwatch_log_group_3.yaml | 2 +- queries/aws_cloudwatch_log_group_3.yaml.bak | 27 +++++++ queries/aws_cloudwatch_log_group_4.yaml | 2 +- queries/aws_cloudwatch_log_group_4.yaml.bak | 32 ++++++++ queries/aws_cloudwatch_log_group_5.yaml | 2 +- queries/aws_cloudwatch_log_group_5.yaml.bak | 28 +++++++ .../aws_cloudwatch_log_metric_filter_1.yaml | 2 +- ...ws_cloudwatch_log_metric_filter_1.yaml.bak | 30 +++++++ .../aws_cloudwatch_log_metric_filter_2.yaml | 2 +- ...ws_cloudwatch_log_metric_filter_2.yaml.bak | 26 ++++++ ...loudwatch_log_metric_filter_2.yaml.bak.bak | 26 ++++++ .../aws_cloudwatch_log_metric_filter_3.yaml | 2 +- ...ws_cloudwatch_log_metric_filter_3.yaml.bak | 27 +++++++ .../aws_cloudwatch_log_resource_policy_1.yaml | 2 +- ..._cloudwatch_log_resource_policy_1.yaml.bak | 25 ++++++ queries/aws_cloudwatch_log_stream_1.yaml | 2 +- queries/aws_cloudwatch_log_stream_1.yaml.bak | 26 ++++++ queries/aws_cloudwatch_log_stream_2.yaml | 2 +- queries/aws_cloudwatch_log_stream_2.yaml.bak | 25 ++++++ ..._cloudwatch_log_subscription_filter_1.yaml | 2 +- ...udwatch_log_subscription_filter_1.yaml.bak | 26 ++++++ ..._cloudwatch_log_subscription_filter_2.yaml | 2 +- ...udwatch_log_subscription_filter_2.yaml.bak | 26 ++++++ ..._cloudwatch_log_subscription_filter_3.yaml | 2 +- ...udwatch_log_subscription_filter_3.yaml.bak | 27 +++++++ queries/aws_cloudwatch_metric_1.yaml | 2 +- queries/aws_cloudwatch_metric_1.yaml.bak | 26 ++++++ queries/aws_cloudwatch_metric_2.yaml | 2 +- queries/aws_cloudwatch_metric_2.yaml.bak | 26 ++++++ queries/aws_cloudwatch_metric_3.yaml | 2 +- queries/aws_cloudwatch_metric_3.yaml.bak | 27 +++++++ queries/aws_cloudwatch_metric_3.yaml.bak.bak | 27 +++++++ queries/aws_cloudwatch_metric_4.yaml | 2 +- queries/aws_cloudwatch_metric_4.yaml.bak | 28 +++++++ queries/aws_cloudwatch_metric_5.yaml | 2 +- queries/aws_cloudwatch_metric_5.yaml.bak | 29 +++++++ .../aws_cloudwatch_metric_data_point_1.yaml | 2 +- ...ws_cloudwatch_metric_data_point_1.yaml.bak | 34 ++++++++ .../aws_cloudwatch_metric_data_point_2.yaml | 2 +- ...ws_cloudwatch_metric_data_point_2.yaml.bak | 32 ++++++++ ...loudwatch_metric_data_point_2.yaml.bak.bak | 32 ++++++++ .../aws_cloudwatch_metric_data_point_3.yaml | 2 +- ...ws_cloudwatch_metric_data_point_3.yaml.bak | 48 +++++++++++ .../aws_cloudwatch_metric_data_point_4.yaml | 2 +- ...ws_cloudwatch_metric_data_point_4.yaml.bak | 45 +++++++++++ .../aws_cloudwatch_metric_data_point_5.yaml | 2 +- ...ws_cloudwatch_metric_data_point_5.yaml.bak | 43 ++++++++++ .../aws_cloudwatch_metric_data_point_6.yaml | 2 +- ...ws_cloudwatch_metric_data_point_6.yaml.bak | 49 +++++++++++ ...udwatch_metric_statistic_data_point_1.yaml | 2 +- ...tch_metric_statistic_data_point_1.yaml.bak | 35 ++++++++ ...udwatch_metric_statistic_data_point_2.yaml | 2 +- ...tch_metric_statistic_data_point_2.yaml.bak | 34 ++++++++ ...udwatch_metric_statistic_data_point_3.yaml | 2 +- ...tch_metric_statistic_data_point_3.yaml.bak | 37 +++++++++ ...udwatch_metric_statistic_data_point_4.yaml | 2 +- ...tch_metric_statistic_data_point_4.yaml.bak | 34 ++++++++ ...udwatch_metric_statistic_data_point_5.yaml | 2 +- ...tch_metric_statistic_data_point_5.yaml.bak | 36 +++++++++ ...udwatch_metric_statistic_data_point_6.yaml | 2 +- ...tch_metric_statistic_data_point_6.yaml.bak | 34 ++++++++ ...udwatch_metric_statistic_data_point_7.yaml | 2 +- ...tch_metric_statistic_data_point_7.yaml.bak | 35 ++++++++ queries/aws_codeartifact_domain_1.yaml | 2 +- queries/aws_codeartifact_domain_1.yaml.bak | 29 +++++++ queries/aws_codeartifact_domain_2.yaml | 2 +- queries/aws_codeartifact_domain_2.yaml.bak | 34 ++++++++ queries/aws_codeartifact_domain_3.yaml | 2 +- queries/aws_codeartifact_domain_3.yaml.bak | 30 +++++++ queries/aws_codeartifact_domain_4.yaml | 2 +- queries/aws_codeartifact_domain_4.yaml.bak | 37 +++++++++ .../aws_codeartifact_domain_4.yaml.bak.bak | 37 +++++++++ queries/aws_codeartifact_domain_5.yaml | 2 +- queries/aws_codeartifact_domain_5.yaml.bak | 30 +++++++ queries/aws_codeartifact_domain_6.yaml | 2 +- queries/aws_codeartifact_domain_6.yaml.bak | 28 +++++++ queries/aws_codeartifact_domain_7.yaml | 2 +- queries/aws_codeartifact_domain_7.yaml.bak | 30 +++++++ queries/aws_codeartifact_repository_1.yaml | 2 +- .../aws_codeartifact_repository_1.yaml.bak | 28 +++++++ queries/aws_codeartifact_repository_2.yaml | 2 +- .../aws_codeartifact_repository_2.yaml.bak | 28 +++++++ queries/aws_codeartifact_repository_3.yaml | 2 +- .../aws_codeartifact_repository_3.yaml.bak | 37 +++++++++ queries/aws_codeartifact_repository_4.yaml | 2 +- .../aws_codeartifact_repository_4.yaml.bak | 28 +++++++ queries/aws_codebuild_build_1.yaml | 2 +- queries/aws_codebuild_build_1.yaml.bak | 32 ++++++++ queries/aws_codebuild_build_10.yaml | 2 +- queries/aws_codebuild_build_10.yaml.bak | 33 ++++++++ queries/aws_codebuild_build_10.yaml.bak.bak | 33 ++++++++ queries/aws_codebuild_build_11.yaml | 2 +- queries/aws_codebuild_build_11.yaml.bak | 30 +++++++ queries/aws_codebuild_build_2.yaml | 2 +- queries/aws_codebuild_build_2.yaml.bak | 26 ++++++ queries/aws_codebuild_build_2.yaml.bak.bak | 26 ++++++ queries/aws_codebuild_build_3.yaml | 2 +- queries/aws_codebuild_build_3.yaml.bak | 29 +++++++ queries/aws_codebuild_build_4.yaml | 2 +- queries/aws_codebuild_build_4.yaml.bak | 26 ++++++ queries/aws_codebuild_build_5.yaml | 2 +- queries/aws_codebuild_build_5.yaml.bak | 29 +++++++ queries/aws_codebuild_build_6.yaml | 2 +- queries/aws_codebuild_build_6.yaml.bak | 32 ++++++++ queries/aws_codebuild_build_7.yaml | 2 +- queries/aws_codebuild_build_7.yaml.bak | 35 ++++++++ queries/aws_codebuild_build_8.yaml | 2 +- queries/aws_codebuild_build_8.yaml.bak | 24 ++++++ queries/aws_codebuild_build_9.yaml | 2 +- queries/aws_codebuild_build_9.yaml.bak | 29 +++++++ queries/aws_codebuild_project_1.yaml | 2 +- queries/aws_codebuild_project_1.yaml.bak | 32 ++++++++ queries/aws_codebuild_project_2.yaml | 2 +- queries/aws_codebuild_project_2.yaml.bak | 33 ++++++++ queries/aws_codebuild_project_3.yaml | 2 +- queries/aws_codebuild_project_3.yaml.bak | 28 +++++++ queries/aws_codebuild_project_4.yaml | 2 +- queries/aws_codebuild_project_4.yaml.bak | 30 +++++++ queries/aws_codebuild_project_5.yaml | 2 +- queries/aws_codebuild_project_5.yaml.bak | 28 +++++++ .../aws_codebuild_source_credential_1.yaml | 2 +- ...aws_codebuild_source_credential_1.yaml.bak | 25 ++++++ .../aws_codebuild_source_credential_2.yaml | 2 +- ...aws_codebuild_source_credential_2.yaml.bak | 31 +++++++ queries/aws_codecommit_repository_1.yaml | 2 +- queries/aws_codecommit_repository_1.yaml.bak | 28 +++++++ queries/aws_codedeploy_app_1.yaml | 2 +- queries/aws_codedeploy_app_1.yaml.bak | 27 +++++++ queries/aws_codedeploy_app_1.yaml.bak.bak | 27 +++++++ queries/aws_codedeploy_app_2.yaml | 2 +- queries/aws_codedeploy_app_2.yaml.bak | 25 ++++++ queries/aws_codedeploy_app_3.yaml | 2 +- queries/aws_codedeploy_app_3.yaml.bak | 28 +++++++ .../aws_codedeploy_deployment_config_1.yaml | 2 +- ...ws_codedeploy_deployment_config_1.yaml.bak | 29 +++++++ .../aws_codedeploy_deployment_config_2.yaml | 2 +- ...ws_codedeploy_deployment_config_2.yaml.bak | 27 +++++++ .../aws_codedeploy_deployment_config_3.yaml | 2 +- ...ws_codedeploy_deployment_config_3.yaml.bak | 29 +++++++ .../aws_codedeploy_deployment_config_4.yaml | 2 +- ...ws_codedeploy_deployment_config_4.yaml.bak | 30 +++++++ .../aws_codedeploy_deployment_config_5.yaml | 2 +- ...ws_codedeploy_deployment_config_5.yaml.bak | 28 +++++++ .../aws_codedeploy_deployment_config_6.yaml | 2 +- ...ws_codedeploy_deployment_config_6.yaml.bak | 30 +++++++ .../aws_codedeploy_deployment_group_1.yaml | 2 +- ...aws_codedeploy_deployment_group_1.yaml.bak | 29 +++++++ .../aws_codedeploy_deployment_group_2.yaml | 2 +- ...aws_codedeploy_deployment_group_2.yaml.bak | 25 ++++++ .../aws_codedeploy_deployment_group_3.yaml | 2 +- ...aws_codedeploy_deployment_group_3.yaml.bak | 26 ++++++ .../aws_codedeploy_deployment_group_4.yaml | 2 +- ...aws_codedeploy_deployment_group_4.yaml.bak | 27 +++++++ .../aws_codedeploy_deployment_group_5.yaml | 2 +- ...aws_codedeploy_deployment_group_5.yaml.bak | 29 +++++++ .../aws_codedeploy_deployment_group_6.yaml | 2 +- ...aws_codedeploy_deployment_group_6.yaml.bak | 31 +++++++ ...codedeploy_deployment_group_6.yaml.bak.bak | 31 +++++++ .../aws_codedeploy_deployment_group_7.yaml | 2 +- ...aws_codedeploy_deployment_group_7.yaml.bak | 27 +++++++ queries/aws_codepipeline_pipeline_1.yaml | 2 +- queries/aws_codepipeline_pipeline_1.yaml.bak | 26 ++++++ queries/aws_codepipeline_pipeline_2.yaml | 2 +- queries/aws_codepipeline_pipeline_2.yaml.bak | 28 +++++++ queries/aws_codestar_notification_rule_1.yaml | 2 +- .../aws_codestar_notification_rule_1.yaml.bak | 25 ++++++ queries/aws_codestar_notification_rule_2.yaml | 2 +- .../aws_codestar_notification_rule_2.yaml.bak | 25 ++++++ queries/aws_codestar_notification_rule_3.yaml | 2 +- .../aws_codestar_notification_rule_3.yaml.bak | 26 ++++++ queries/aws_codestar_notification_rule_4.yaml | 2 +- .../aws_codestar_notification_rule_4.yaml.bak | 28 +++++++ queries/aws_codestar_notification_rule_5.yaml | 2 +- .../aws_codestar_notification_rule_5.yaml.bak | 38 +++++++++ queries/aws_cognito_identity_pool_1.yaml | 2 +- queries/aws_cognito_identity_pool_1.yaml.bak | 28 +++++++ queries/aws_cognito_identity_pool_2.yaml | 2 +- queries/aws_cognito_identity_pool_2.yaml.bak | 28 +++++++ queries/aws_cognito_identity_pool_3.yaml | 2 +- queries/aws_cognito_identity_pool_3.yaml.bak | 28 +++++++ queries/aws_cognito_identity_pool_4.yaml | 2 +- queries/aws_cognito_identity_pool_4.yaml.bak | 31 +++++++ queries/aws_cognito_identity_provider_1.yaml | 2 +- .../aws_cognito_identity_provider_1.yaml.bak | 29 +++++++ queries/aws_cognito_identity_provider_2.yaml | 2 +- .../aws_cognito_identity_provider_2.yaml.bak | 27 +++++++ queries/aws_cognito_user_pool_1.yaml | 2 +- queries/aws_cognito_user_pool_1.yaml.bak | 29 +++++++ queries/aws_cognito_user_pool_2.yaml | 2 +- queries/aws_cognito_user_pool_2.yaml.bak | 28 +++++++ .../aws_config_aggregate_authorization_1.yaml | 2 +- ..._config_aggregate_authorization_1.yaml.bak | 27 +++++++ .../aws_config_configuration_recorder_1.yaml | 2 +- ...s_config_configuration_recorder_1.yaml.bak | 28 +++++++ .../aws_config_configuration_recorder_2.yaml | 2 +- ...s_config_configuration_recorder_2.yaml.bak | 29 +++++++ .../aws_config_configuration_recorder_3.yaml | 2 +- ...s_config_configuration_recorder_3.yaml.bak | 28 +++++++ queries/aws_config_conformance_pack_1.yaml | 2 +- .../aws_config_conformance_pack_1.yaml.bak | 27 +++++++ ...aws_config_conformance_pack_1.yaml.bak.bak | 27 +++++++ queries/aws_config_conformance_pack_2.yaml | 2 +- .../aws_config_conformance_pack_2.yaml.bak | 27 +++++++ queries/aws_config_conformance_pack_3.yaml | 2 +- .../aws_config_conformance_pack_3.yaml.bak | 29 +++++++ .../aws_config_retention_configuration_1.yaml | 2 +- ..._config_retention_configuration_1.yaml.bak | 25 ++++++ .../aws_config_retention_configuration_2.yaml | 2 +- ..._config_retention_configuration_2.yaml.bak | 26 ++++++ .../aws_config_retention_configuration_3.yaml | 2 +- ..._config_retention_configuration_3.yaml.bak | 27 +++++++ .../aws_config_retention_configuration_4.yaml | 2 +- ..._config_retention_configuration_4.yaml.bak | 30 +++++++ queries/aws_config_rule_1.yaml | 2 +- queries/aws_config_rule_1.yaml.bak | 29 +++++++ queries/aws_config_rule_2.yaml | 2 +- queries/aws_config_rule_2.yaml.bak | 29 +++++++ queries/aws_config_rule_3.yaml | 2 +- queries/aws_config_rule_3.yaml.bak | 28 +++++++ queries/aws_config_rule_4.yaml | 2 +- queries/aws_config_rule_4.yaml.bak | 26 ++++++ queries/aws_config_rule_5.yaml | 2 +- queries/aws_config_rule_5.yaml.bak | 26 ++++++ queries/aws_config_rule_5.yaml.bak.bak | 26 ++++++ queries/aws_config_rule_6.yaml | 2 +- queries/aws_config_rule_6.yaml.bak | 26 ++++++ queries/aws_cost_by_account_daily_1.yaml | 2 +- queries/aws_cost_by_account_daily_1.yaml.bak | 33 ++++++++ queries/aws_cost_by_account_daily_2.yaml | 2 +- queries/aws_cost_by_account_daily_2.yaml.bak | 31 +++++++ queries/aws_cost_by_account_daily_3.yaml | 2 +- queries/aws_cost_by_account_daily_3.yaml.bak | 28 +++++++ queries/aws_cost_by_account_monthly_1.yaml | 2 +- .../aws_cost_by_account_monthly_1.yaml.bak | 31 +++++++ queries/aws_cost_by_account_monthly_2.yaml | 2 +- .../aws_cost_by_account_monthly_2.yaml.bak | 31 +++++++ queries/aws_cost_by_account_monthly_3.yaml | 2 +- .../aws_cost_by_account_monthly_3.yaml.bak | 27 +++++++ queries/aws_cost_by_account_monthly_4.yaml | 2 +- .../aws_cost_by_account_monthly_4.yaml.bak | 40 +++++++++ queries/aws_cost_by_record_type_daily_1.yaml | 2 +- .../aws_cost_by_record_type_daily_1.yaml.bak | 34 ++++++++ queries/aws_cost_by_record_type_daily_2.yaml | 2 +- .../aws_cost_by_record_type_daily_2.yaml.bak | 33 ++++++++ queries/aws_cost_by_record_type_daily_3.yaml | 2 +- .../aws_cost_by_record_type_daily_3.yaml.bak | 29 +++++++ .../aws_cost_by_record_type_monthly_1.yaml | 2 +- ...aws_cost_by_record_type_monthly_1.yaml.bak | 34 ++++++++ .../aws_cost_by_record_type_monthly_2.yaml | 2 +- ...aws_cost_by_record_type_monthly_2.yaml.bak | 33 ++++++++ .../aws_cost_by_record_type_monthly_3.yaml | 2 +- ...aws_cost_by_record_type_monthly_3.yaml.bak | 26 ++++++ ...cost_by_record_type_monthly_3.yaml.bak.bak | 26 ++++++ queries/aws_cost_by_service_daily_1.yaml | 2 +- queries/aws_cost_by_service_daily_1.yaml.bak | 35 ++++++++ queries/aws_cost_by_service_daily_2.yaml | 2 +- queries/aws_cost_by_service_daily_2.yaml.bak | 31 +++++++ queries/aws_cost_by_service_daily_3.yaml | 2 +- queries/aws_cost_by_service_daily_3.yaml.bak | 33 ++++++++ queries/aws_cost_by_service_daily_4.yaml | 2 +- queries/aws_cost_by_service_daily_4.yaml.bak | 31 +++++++ queries/aws_cost_by_service_daily_5.yaml | 2 +- queries/aws_cost_by_service_daily_5.yaml.bak | 30 +++++++ .../aws_cost_by_service_daily_5.yaml.bak.bak | 30 +++++++ queries/aws_cost_by_service_monthly_1.yaml | 2 +- .../aws_cost_by_service_monthly_1.yaml.bak | 33 ++++++++ queries/aws_cost_by_service_monthly_2.yaml | 2 +- .../aws_cost_by_service_monthly_2.yaml.bak | 29 +++++++ queries/aws_cost_by_service_monthly_3.yaml | 2 +- .../aws_cost_by_service_monthly_3.yaml.bak | 31 +++++++ queries/aws_cost_by_service_monthly_4.yaml | 2 +- .../aws_cost_by_service_monthly_4.yaml.bak | 29 +++++++ queries/aws_cost_by_service_monthly_5.yaml | 2 +- .../aws_cost_by_service_monthly_5.yaml.bak | 32 ++++++++ queries/aws_cost_by_service_monthly_6.yaml | 2 +- .../aws_cost_by_service_monthly_6.yaml.bak | 42 ++++++++++ ...ws_cost_by_service_usage_type_daily_1.yaml | 2 +- ...ost_by_service_usage_type_daily_1.yaml.bak | 34 ++++++++ ...ws_cost_by_service_usage_type_daily_2.yaml | 2 +- ...ost_by_service_usage_type_daily_2.yaml.bak | 34 ++++++++ ...ws_cost_by_service_usage_type_daily_3.yaml | 2 +- ...ost_by_service_usage_type_daily_3.yaml.bak | 25 ++++++ ...ws_cost_by_service_usage_type_daily_4.yaml | 2 +- ...ost_by_service_usage_type_daily_4.yaml.bak | 31 +++++++ ..._cost_by_service_usage_type_monthly_1.yaml | 2 +- ...t_by_service_usage_type_monthly_1.yaml.bak | 34 ++++++++ ..._cost_by_service_usage_type_monthly_2.yaml | 2 +- ...t_by_service_usage_type_monthly_2.yaml.bak | 34 ++++++++ ..._cost_by_service_usage_type_monthly_3.yaml | 2 +- ...t_by_service_usage_type_monthly_3.yaml.bak | 31 +++++++ ..._cost_by_service_usage_type_monthly_4.yaml | 2 +- ...t_by_service_usage_type_monthly_4.yaml.bak | 33 ++++++++ queries/aws_cost_by_tag_1.yaml | 2 +- queries/aws_cost_by_tag_1.yaml.bak | 27 +++++++ queries/aws_cost_by_tag_2.yaml | 2 +- queries/aws_cost_by_tag_2.yaml.bak | 30 +++++++ queries/aws_cost_by_tag_3.yaml | 2 +- queries/aws_cost_by_tag_3.yaml.bak | 42 ++++++++++ queries/aws_cost_forecast_daily_1.yaml | 2 +- queries/aws_cost_forecast_daily_1.yaml.bak | 26 ++++++ queries/aws_cost_forecast_monthly_1.yaml | 2 +- queries/aws_cost_forecast_monthly_1.yaml.bak | 28 +++++++ queries/aws_cost_forecast_monthly_2.yaml | 2 +- queries/aws_cost_forecast_monthly_2.yaml.bak | 41 ++++++++++ queries/aws_cost_usage_1.yaml | 2 +- queries/aws_cost_usage_1.yaml.bak | 34 ++++++++ queries/aws_cost_usage_2.yaml | 2 +- queries/aws_cost_usage_2.yaml.bak | 42 ++++++++++ queries/aws_cost_usage_3.yaml | 2 +- queries/aws_cost_usage_3.yaml.bak | 34 ++++++++ queries/aws_cost_usage_4.yaml | 2 +- queries/aws_cost_usage_4.yaml.bak | 35 ++++++++ queries/aws_dax_cluster_1.yaml | 2 +- queries/aws_dax_cluster_1.yaml.bak | 27 +++++++ queries/aws_dax_cluster_2.yaml | 2 +- queries/aws_dax_cluster_2.yaml.bak | 28 +++++++ queries/aws_dax_cluster_3.yaml | 2 +- queries/aws_dax_cluster_3.yaml.bak | 30 +++++++ queries/aws_dax_cluster_4.yaml | 2 +- queries/aws_dax_cluster_4.yaml.bak | 29 +++++++ queries/aws_dax_cluster_4.yaml.bak.bak | 29 +++++++ queries/aws_dax_parameter_1.yaml | 2 +- queries/aws_dax_parameter_1.yaml.bak | 26 ++++++ queries/aws_dax_parameter_2.yaml | 2 +- queries/aws_dax_parameter_2.yaml.bak | 29 +++++++ queries/aws_dax_parameter_2.yaml.bak.bak | 29 +++++++ queries/aws_dax_parameter_3.yaml | 2 +- queries/aws_dax_parameter_3.yaml.bak | 31 +++++++ queries/aws_dax_parameter_group_1.yaml | 2 +- queries/aws_dax_parameter_group_1.yaml.bak | 24 ++++++ queries/aws_dax_parameter_group_2.yaml | 2 +- queries/aws_dax_parameter_group_2.yaml.bak | 28 +++++++ queries/aws_dax_subnet_group_1.yaml | 2 +- queries/aws_dax_subnet_group_1.yaml.bak | 26 ++++++ queries/aws_dax_subnet_group_2.yaml | 2 +- queries/aws_dax_subnet_group_2.yaml.bak | 32 ++++++++ queries/aws_dax_subnet_group_3.yaml | 2 +- queries/aws_dax_subnet_group_3.yaml.bak | 31 +++++++ .../aws_directory_service_certificate_1.yaml | 2 +- ...s_directory_service_certificate_1.yaml.bak | 27 +++++++ .../aws_directory_service_certificate_2.yaml | 2 +- ...s_directory_service_certificate_2.yaml.bak | 32 ++++++++ ...rectory_service_certificate_2.yaml.bak.bak | 32 ++++++++ .../aws_directory_service_certificate_3.yaml | 2 +- ...s_directory_service_certificate_3.yaml.bak | 27 +++++++ .../aws_directory_service_certificate_4.yaml | 2 +- ...s_directory_service_certificate_4.yaml.bak | 29 +++++++ .../aws_directory_service_certificate_5.yaml | 2 +- ...s_directory_service_certificate_5.yaml.bak | 27 +++++++ .../aws_directory_service_certificate_6.yaml | 2 +- ...s_directory_service_certificate_6.yaml.bak | 25 ++++++ .../aws_directory_service_certificate_7.yaml | 2 +- ...s_directory_service_certificate_7.yaml.bak | 30 +++++++ .../aws_directory_service_certificate_8.yaml | 2 +- ...s_directory_service_certificate_8.yaml.bak | 28 +++++++ .../aws_directory_service_directory_1.yaml | 2 +- ...aws_directory_service_directory_1.yaml.bak | 26 ++++++ .../aws_directory_service_directory_2.yaml | 2 +- ...aws_directory_service_directory_2.yaml.bak | 29 +++++++ .../aws_directory_service_directory_3.yaml | 2 +- ...aws_directory_service_directory_3.yaml.bak | 30 +++++++ .../aws_directory_service_directory_4.yaml | 2 +- ...aws_directory_service_directory_4.yaml.bak | 28 +++++++ .../aws_directory_service_directory_5.yaml | 2 +- ...aws_directory_service_directory_5.yaml.bak | 30 +++++++ ...s_directory_servicelog_subscription_1.yaml | 2 +- ...rectory_servicelog_subscription_1.yaml.bak | 26 ++++++ ...s_directory_servicelog_subscription_2.yaml | 2 +- ...rectory_servicelog_subscription_2.yaml.bak | 29 +++++++ ...ory_servicelog_subscription_2.yaml.bak.bak | 29 +++++++ queries/aws_dlm_lifecycle_policy_1.yaml | 2 +- queries/aws_dlm_lifecycle_policy_1.yaml.bak | 26 ++++++ queries/aws_dlm_lifecycle_policy_2.yaml | 2 +- queries/aws_dlm_lifecycle_policy_2.yaml.bak | 29 +++++++ queries/aws_dlm_lifecycle_policy_3.yaml | 2 +- queries/aws_dlm_lifecycle_policy_3.yaml.bak | 29 +++++++ queries/aws_dlm_lifecycle_policy_4.yaml | 2 +- queries/aws_dlm_lifecycle_policy_4.yaml.bak | 31 +++++++ queries/aws_dms_certificate_1.yaml | 2 +- queries/aws_dms_certificate_1.yaml.bak | 29 +++++++ queries/aws_dms_certificate_2.yaml | 2 +- queries/aws_dms_certificate_2.yaml.bak | 32 ++++++++ queries/aws_dms_certificate_2.yaml.bak.bak | 32 ++++++++ queries/aws_dms_certificate_3.yaml | 2 +- queries/aws_dms_certificate_3.yaml.bak | 30 +++++++ queries/aws_dms_certificate_4.yaml | 2 +- queries/aws_dms_certificate_4.yaml.bak | 29 +++++++ queries/aws_dms_certificate_5.yaml | 2 +- queries/aws_dms_certificate_5.yaml.bak | 28 +++++++ queries/aws_dms_endpoint_1.yaml | 2 +- queries/aws_dms_endpoint_1.yaml.bak | 28 +++++++ queries/aws_dms_endpoint_2.yaml | 2 +- queries/aws_dms_endpoint_2.yaml.bak | 28 +++++++ queries/aws_dms_endpoint_3.yaml | 2 +- queries/aws_dms_endpoint_3.yaml.bak | 30 +++++++ queries/aws_dms_endpoint_4.yaml | 2 +- queries/aws_dms_endpoint_4.yaml.bak | 32 ++++++++ queries/aws_dms_endpoint_5.yaml | 2 +- queries/aws_dms_endpoint_5.yaml.bak | 40 +++++++++ queries/aws_dms_replication_instance_1.yaml | 2 +- .../aws_dms_replication_instance_1.yaml.bak | 28 +++++++ queries/aws_dms_replication_instance_2.yaml | 2 +- .../aws_dms_replication_instance_2.yaml.bak | 29 +++++++ queries/aws_dms_replication_instance_3.yaml | 2 +- .../aws_dms_replication_instance_3.yaml.bak | 29 +++++++ queries/aws_dms_replication_instance_4.yaml | 2 +- .../aws_dms_replication_instance_4.yaml.bak | 27 +++++++ queries/aws_dms_replication_instance_5.yaml | 2 +- .../aws_dms_replication_instance_5.yaml.bak | 28 +++++++ queries/aws_dms_replication_task_1.yaml | 2 +- queries/aws_dms_replication_task_1.yaml.bak | 30 +++++++ queries/aws_dms_replication_task_2.yaml | 2 +- queries/aws_dms_replication_task_2.yaml.bak | 28 +++++++ queries/aws_dms_replication_task_3.yaml | 2 +- queries/aws_dms_replication_task_3.yaml.bak | 28 +++++++ queries/aws_dms_replication_task_4.yaml | 2 +- queries/aws_dms_replication_task_4.yaml.bak | 34 ++++++++ queries/aws_dms_replication_task_5.yaml | 2 +- queries/aws_dms_replication_task_5.yaml.bak | 30 +++++++ queries/aws_dms_replication_task_6.yaml | 2 +- queries/aws_dms_replication_task_6.yaml.bak | 28 +++++++ queries/aws_dms_replication_task_7.yaml | 2 +- queries/aws_dms_replication_task_7.yaml.bak | 29 +++++++ .../aws_dms_replication_task_7.yaml.bak.bak | 29 +++++++ queries/aws_docdb_cluster_1.yaml | 2 +- queries/aws_docdb_cluster_1.yaml.bak | 27 +++++++ queries/aws_docdb_cluster_2.yaml | 2 +- queries/aws_docdb_cluster_2.yaml.bak | 30 +++++++ queries/aws_docdb_cluster_3.yaml | 2 +- queries/aws_docdb_cluster_3.yaml.bak | 27 +++++++ queries/aws_docdb_cluster_3.yaml.bak.bak | 27 +++++++ queries/aws_docdb_cluster_4.yaml | 2 +- queries/aws_docdb_cluster_4.yaml.bak | 25 ++++++ queries/aws_docdb_cluster_5.yaml | 2 +- queries/aws_docdb_cluster_5.yaml.bak | 29 +++++++ queries/aws_docdb_cluster_6.yaml | 2 +- queries/aws_docdb_cluster_6.yaml.bak | 29 +++++++ queries/aws_docdb_cluster_7.yaml | 2 +- queries/aws_docdb_cluster_7.yaml.bak | 29 +++++++ queries/aws_docdb_cluster_instance_1.yaml | 2 +- queries/aws_docdb_cluster_instance_1.yaml.bak | 27 +++++++ queries/aws_docdb_cluster_instance_2.yaml | 2 +- queries/aws_docdb_cluster_instance_2.yaml.bak | 29 +++++++ queries/aws_docdb_cluster_instance_3.yaml | 2 +- queries/aws_docdb_cluster_instance_3.yaml.bak | 27 +++++++ queries/aws_docdb_cluster_instance_4.yaml | 2 +- queries/aws_docdb_cluster_instance_4.yaml.bak | 30 +++++++ queries/aws_docdb_cluster_instance_5.yaml | 2 +- queries/aws_docdb_cluster_instance_5.yaml.bak | 26 ++++++ queries/aws_docdb_cluster_instance_6.yaml | 2 +- queries/aws_docdb_cluster_instance_6.yaml.bak | 26 ++++++ queries/aws_docdb_cluster_instance_7.yaml | 2 +- queries/aws_docdb_cluster_instance_7.yaml.bak | 25 ++++++ queries/aws_docdb_cluster_snapshot_1.yaml | 2 +- queries/aws_docdb_cluster_snapshot_1.yaml.bak | 27 +++++++ queries/aws_docdb_cluster_snapshot_2.yaml | 2 +- queries/aws_docdb_cluster_snapshot_2.yaml.bak | 25 ++++++ queries/aws_docdb_cluster_snapshot_3.yaml | 2 +- queries/aws_docdb_cluster_snapshot_3.yaml.bak | 25 ++++++ queries/aws_docdb_cluster_snapshot_4.yaml | 2 +- queries/aws_docdb_cluster_snapshot_4.yaml.bak | 26 ++++++ queries/aws_drs_job_1.yaml | 2 +- queries/aws_drs_job_1.yaml.bak | 27 +++++++ queries/aws_drs_job_2.yaml | 2 +- queries/aws_drs_job_2.yaml.bak | 28 +++++++ queries/aws_drs_job_3.yaml | 2 +- queries/aws_drs_job_3.yaml.bak | 32 ++++++++ queries/aws_drs_recovery_instance_1.yaml | 2 +- queries/aws_drs_recovery_instance_1.yaml.bak | 26 ++++++ queries/aws_drs_recovery_instance_2.yaml | 2 +- queries/aws_drs_recovery_instance_2.yaml.bak | 32 ++++++++ queries/aws_drs_recovery_instance_3.yaml | 2 +- queries/aws_drs_recovery_instance_3.yaml.bak | 37 +++++++++ queries/aws_drs_recovery_instance_4.yaml | 2 +- queries/aws_drs_recovery_instance_4.yaml.bak | 28 +++++++ queries/aws_drs_recovery_instance_5.yaml | 2 +- queries/aws_drs_recovery_instance_5.yaml.bak | 30 +++++++ queries/aws_drs_recovery_snapshot_1.yaml | 2 +- queries/aws_drs_recovery_snapshot_1.yaml.bak | 28 +++++++ queries/aws_drs_recovery_snapshot_2.yaml | 2 +- queries/aws_drs_recovery_snapshot_2.yaml.bak | 31 +++++++ queries/aws_drs_recovery_snapshot_3.yaml | 2 +- queries/aws_drs_recovery_snapshot_3.yaml.bak | 27 +++++++ queries/aws_drs_recovery_snapshot_4.yaml | 2 +- queries/aws_drs_recovery_snapshot_4.yaml.bak | 29 +++++++ queries/aws_drs_recovery_snapshot_5.yaml | 2 +- queries/aws_drs_recovery_snapshot_5.yaml.bak | 38 +++++++++ queries/aws_drs_source_server_1.yaml | 2 +- queries/aws_drs_source_server_1.yaml.bak | 27 +++++++ queries/aws_drs_source_server_2.yaml | 2 +- queries/aws_drs_source_server_2.yaml.bak | 28 +++++++ queries/aws_drs_source_server_3.yaml | 2 +- queries/aws_drs_source_server_3.yaml.bak | 31 +++++++ queries/aws_drs_source_server_4.yaml | 2 +- queries/aws_drs_source_server_4.yaml.bak | 30 +++++++ queries/aws_drs_source_server_5.yaml | 2 +- queries/aws_drs_source_server_5.yaml.bak | 31 +++++++ queries/aws_drs_source_server_6.yaml | 2 +- queries/aws_drs_source_server_6.yaml.bak | 27 +++++++ queries/aws_drs_source_server_6.yaml.bak.bak | 27 +++++++ queries/aws_drs_source_server_7.yaml | 2 +- queries/aws_drs_source_server_7.yaml.bak | 31 +++++++ queries/aws_dynamodb_backup_1.yaml | 2 +- queries/aws_dynamodb_backup_1.yaml.bak | 24 ++++++ queries/aws_dynamodb_backup_2.yaml | 2 +- queries/aws_dynamodb_backup_2.yaml.bak | 28 +++++++ queries/aws_dynamodb_global_table_1.yaml | 2 +- queries/aws_dynamodb_global_table_1.yaml.bak | 24 ++++++ queries/aws_dynamodb_global_table_2.yaml | 2 +- queries/aws_dynamodb_global_table_2.yaml.bak | 30 +++++++ ...ount_provisioned_read_capacity_util_1.yaml | 2 +- ..._provisioned_read_capacity_util_1.yaml.bak | 30 +++++++ ...visioned_read_capacity_util_1.yaml.bak.bak | 30 +++++++ ...ount_provisioned_read_capacity_util_2.yaml | 2 +- ..._provisioned_read_capacity_util_2.yaml.bak | 32 ++++++++ ...unt_provisioned_write_capacity_util_1.yaml | 2 +- ...provisioned_write_capacity_util_1.yaml.bak | 30 +++++++ ...isioned_write_capacity_util_1.yaml.bak.bak | 30 +++++++ ...unt_provisioned_write_capacity_util_2.yaml | 2 +- ...provisioned_write_capacity_util_2.yaml.bak | 32 ++++++++ queries/aws_dynamodb_table_1.yaml | 2 +- queries/aws_dynamodb_table_1.yaml.bak | 27 +++++++ queries/aws_dynamodb_table_2.yaml | 2 +- queries/aws_dynamodb_table_2.yaml.bak | 25 ++++++ queries/aws_dynamodb_table_3.yaml | 2 +- queries/aws_dynamodb_table_3.yaml.bak | 25 ++++++ queries/aws_dynamodb_table_4.yaml | 2 +- queries/aws_dynamodb_table_4.yaml.bak | 25 ++++++ queries/aws_dynamodb_table_export_1.yaml | 2 +- queries/aws_dynamodb_table_export_1.yaml.bak | 26 ++++++ queries/aws_dynamodb_table_export_2.yaml | 2 +- queries/aws_dynamodb_table_export_2.yaml.bak | 30 +++++++ .../aws_dynamodb_table_export_2.yaml.bak.bak | 30 +++++++ queries/aws_dynamodb_table_export_3.yaml | 2 +- queries/aws_dynamodb_table_export_3.yaml.bak | 31 +++++++ queries/aws_ebs_snapshot_1.yaml | 2 +- queries/aws_ebs_snapshot_1.yaml.bak | 28 +++++++ queries/aws_ebs_snapshot_2.yaml | 2 +- queries/aws_ebs_snapshot_2.yaml.bak | 29 +++++++ queries/aws_ebs_snapshot_3.yaml | 2 +- queries/aws_ebs_snapshot_3.yaml.bak | 27 +++++++ queries/aws_ebs_snapshot_4.yaml | 2 +- queries/aws_ebs_snapshot_4.yaml.bak | 25 ++++++ queries/aws_ebs_snapshot_4.yaml.bak.bak | 25 ++++++ queries/aws_ebs_snapshot_5.yaml | 2 +- queries/aws_ebs_snapshot_5.yaml.bak | 27 +++++++ queries/aws_ebs_snapshot_6.yaml | 2 +- queries/aws_ebs_snapshot_6.yaml.bak | 29 +++++++ queries/aws_ebs_snapshot_7.yaml | 2 +- queries/aws_ebs_snapshot_7.yaml.bak | 29 +++++++ queries/aws_ebs_volume_1.yaml | 2 +- queries/aws_ebs_volume_1.yaml.bak | 27 +++++++ queries/aws_ebs_volume_2.yaml | 2 +- queries/aws_ebs_volume_2.yaml.bak | 27 +++++++ queries/aws_ebs_volume_3.yaml | 2 +- queries/aws_ebs_volume_3.yaml.bak | 27 +++++++ queries/aws_ebs_volume_3.yaml.bak.bak | 27 +++++++ queries/aws_ebs_volume_4.yaml | 2 +- queries/aws_ebs_volume_4.yaml.bak | 27 +++++++ queries/aws_ebs_volume_5.yaml | 2 +- queries/aws_ebs_volume_5.yaml.bak | 27 +++++++ queries/aws_ebs_volume_6.yaml | 2 +- queries/aws_ebs_volume_6.yaml.bak | 30 +++++++ queries/aws_ebs_volume_7.yaml | 2 +- queries/aws_ebs_volume_7.yaml.bak | 27 +++++++ queries/aws_ebs_volume_metric_read_ops_1.yaml | 2 +- .../aws_ebs_volume_metric_read_ops_1.yaml.bak | 33 ++++++++ ..._ebs_volume_metric_read_ops_1.yaml.bak.bak | 33 ++++++++ queries/aws_ebs_volume_metric_read_ops_2.yaml | 2 +- .../aws_ebs_volume_metric_read_ops_2.yaml.bak | 33 ++++++++ queries/aws_ebs_volume_metric_read_ops_3.yaml | 2 +- .../aws_ebs_volume_metric_read_ops_3.yaml.bak | 35 ++++++++ queries/aws_ebs_volume_metric_read_ops_4.yaml | 2 +- .../aws_ebs_volume_metric_read_ops_4.yaml.bak | 39 +++++++++ ...ws_ebs_volume_metric_read_ops_daily_1.yaml | 2 +- ...bs_volume_metric_read_ops_daily_1.yaml.bak | 31 +++++++ ...ws_ebs_volume_metric_read_ops_daily_2.yaml | 2 +- ...bs_volume_metric_read_ops_daily_2.yaml.bak | 33 ++++++++ ...ws_ebs_volume_metric_read_ops_daily_3.yaml | 2 +- ...bs_volume_metric_read_ops_daily_3.yaml.bak | 33 ++++++++ ...ws_ebs_volume_metric_read_ops_daily_4.yaml | 2 +- ...bs_volume_metric_read_ops_daily_4.yaml.bak | 41 ++++++++++ ...s_ebs_volume_metric_read_ops_hourly_1.yaml | 2 +- ...s_volume_metric_read_ops_hourly_1.yaml.bak | 33 ++++++++ ...s_ebs_volume_metric_read_ops_hourly_2.yaml | 2 +- ...s_volume_metric_read_ops_hourly_2.yaml.bak | 35 ++++++++ ...s_ebs_volume_metric_read_ops_hourly_3.yaml | 2 +- ...s_volume_metric_read_ops_hourly_3.yaml.bak | 35 ++++++++ ...s_ebs_volume_metric_read_ops_hourly_4.yaml | 2 +- ...s_volume_metric_read_ops_hourly_4.yaml.bak | 37 +++++++++ ...s_ebs_volume_metric_read_ops_hourly_5.yaml | 2 +- ...s_volume_metric_read_ops_hourly_5.yaml.bak | 39 +++++++++ .../aws_ebs_volume_metric_write_ops_1.yaml | 2 +- ...aws_ebs_volume_metric_write_ops_1.yaml.bak | 33 ++++++++ .../aws_ebs_volume_metric_write_ops_2.yaml | 2 +- ...aws_ebs_volume_metric_write_ops_2.yaml.bak | 33 ++++++++ .../aws_ebs_volume_metric_write_ops_3.yaml | 2 +- ...aws_ebs_volume_metric_write_ops_3.yaml.bak | 35 ++++++++ ...ebs_volume_metric_write_ops_3.yaml.bak.bak | 35 ++++++++ .../aws_ebs_volume_metric_write_ops_4.yaml | 2 +- ...aws_ebs_volume_metric_write_ops_4.yaml.bak | 41 ++++++++++ ...s_ebs_volume_metric_write_ops_daily_1.yaml | 2 +- ...s_volume_metric_write_ops_daily_1.yaml.bak | 33 ++++++++ ...s_ebs_volume_metric_write_ops_daily_2.yaml | 2 +- ...s_volume_metric_write_ops_daily_2.yaml.bak | 35 ++++++++ ...lume_metric_write_ops_daily_2.yaml.bak.bak | 35 ++++++++ ...s_ebs_volume_metric_write_ops_daily_3.yaml | 2 +- ...s_volume_metric_write_ops_daily_3.yaml.bak | 35 ++++++++ ...s_ebs_volume_metric_write_ops_daily_4.yaml | 2 +- ...s_volume_metric_write_ops_daily_4.yaml.bak | 39 +++++++++ ..._ebs_volume_metric_write_ops_hourly_1.yaml | 2 +- ..._volume_metric_write_ops_hourly_1.yaml.bak | 31 +++++++ ..._ebs_volume_metric_write_ops_hourly_2.yaml | 2 +- ..._volume_metric_write_ops_hourly_2.yaml.bak | 33 ++++++++ ..._ebs_volume_metric_write_ops_hourly_3.yaml | 2 +- ..._volume_metric_write_ops_hourly_3.yaml.bak | 33 ++++++++ ..._ebs_volume_metric_write_ops_hourly_4.yaml | 2 +- ..._volume_metric_write_ops_hourly_4.yaml.bak | 39 +++++++++ ..._ebs_volume_metric_write_ops_hourly_5.yaml | 2 +- ..._volume_metric_write_ops_hourly_5.yaml.bak | 41 ++++++++++ queries/aws_ec2_ami_1.yaml | 2 +- queries/aws_ec2_ami_1.yaml.bak | 30 +++++++ queries/aws_ec2_ami_2.yaml | 2 +- queries/aws_ec2_ami_2.yaml.bak | 26 ++++++ queries/aws_ec2_ami_3.yaml | 2 +- queries/aws_ec2_ami_3.yaml.bak | 29 +++++++ queries/aws_ec2_ami_3.yaml.bak.bak | 29 +++++++ queries/aws_ec2_ami_4.yaml | 2 +- queries/aws_ec2_ami_4.yaml.bak | 31 +++++++ queries/aws_ec2_ami_shared_1.yaml | 2 +- queries/aws_ec2_ami_shared_1.yaml.bak | 32 ++++++++ queries/aws_ec2_ami_shared_2.yaml | 2 +- queries/aws_ec2_ami_shared_2.yaml.bak | 33 ++++++++ queries/aws_ec2_ami_shared_2.yaml.bak.bak | 33 ++++++++ queries/aws_ec2_ami_shared_3.yaml | 2 +- queries/aws_ec2_ami_shared_3.yaml.bak | 30 +++++++ .../aws_ec2_application_load_balancer_1.yaml | 2 +- ...s_ec2_application_load_balancer_1.yaml.bak | 25 ++++++ .../aws_ec2_application_load_balancer_2.yaml | 2 +- ...s_ec2_application_load_balancer_2.yaml.bak | 31 +++++++ .../aws_ec2_application_load_balancer_3.yaml | 2 +- ...s_ec2_application_load_balancer_3.yaml.bak | 26 ++++++ .../aws_ec2_application_load_balancer_4.yaml | 2 +- ...s_ec2_application_load_balancer_4.yaml.bak | 28 +++++++ .../aws_ec2_application_load_balancer_5.yaml | 2 +- ...s_ec2_application_load_balancer_5.yaml.bak | 32 ++++++++ ..._load_balancer_metric_request_count_1.yaml | 2 +- ...d_balancer_metric_request_count_1.yaml.bak | 32 ++++++++ ..._load_balancer_metric_request_count_2.yaml | 2 +- ...d_balancer_metric_request_count_2.yaml.bak | 36 +++++++++ ...balancer_metric_request_count_daily_1.yaml | 2 +- ...ncer_metric_request_count_daily_1.yaml.bak | 34 ++++++++ ...balancer_metric_request_count_daily_2.yaml | 2 +- ...ncer_metric_request_count_daily_2.yaml.bak | 34 ++++++++ queries/aws_ec2_autoscaling_group_1.yaml | 2 +- queries/aws_ec2_autoscaling_group_1.yaml.bak | 31 +++++++ queries/aws_ec2_autoscaling_group_2.yaml | 2 +- queries/aws_ec2_autoscaling_group_2.yaml.bak | 25 ++++++ queries/aws_ec2_autoscaling_group_3.yaml | 2 +- queries/aws_ec2_autoscaling_group_3.yaml.bak | 33 ++++++++ queries/aws_ec2_autoscaling_group_4.yaml | 2 +- queries/aws_ec2_autoscaling_group_4.yaml.bak | 24 ++++++ queries/aws_ec2_capacity_reservation_1.yaml | 2 +- .../aws_ec2_capacity_reservation_1.yaml.bak | 25 ++++++ queries/aws_ec2_capacity_reservation_2.yaml | 2 +- .../aws_ec2_capacity_reservation_2.yaml.bak | 29 +++++++ queries/aws_ec2_capacity_reservation_3.yaml | 2 +- .../aws_ec2_capacity_reservation_3.yaml.bak | 29 +++++++ queries/aws_ec2_classic_load_balancer_1.yaml | 2 +- .../aws_ec2_classic_load_balancer_1.yaml.bak | 25 ++++++ queries/aws_ec2_classic_load_balancer_2.yaml | 2 +- .../aws_ec2_classic_load_balancer_2.yaml.bak | 25 ++++++ queries/aws_ec2_classic_load_balancer_3.yaml | 2 +- .../aws_ec2_classic_load_balancer_3.yaml.bak | 25 ++++++ queries/aws_ec2_classic_load_balancer_4.yaml | 2 +- .../aws_ec2_classic_load_balancer_4.yaml.bak | 29 +++++++ queries/aws_ec2_classic_load_balancer_5.yaml | 2 +- .../aws_ec2_classic_load_balancer_5.yaml.bak | 27 +++++++ queries/aws_ec2_client_vpn_endpoint_1.yaml | 2 +- .../aws_ec2_client_vpn_endpoint_1.yaml.bak | 30 +++++++ queries/aws_ec2_client_vpn_endpoint_2.yaml | 2 +- .../aws_ec2_client_vpn_endpoint_2.yaml.bak | 30 +++++++ queries/aws_ec2_client_vpn_endpoint_3.yaml | 2 +- .../aws_ec2_client_vpn_endpoint_3.yaml.bak | 30 +++++++ queries/aws_ec2_client_vpn_endpoint_4.yaml | 2 +- .../aws_ec2_client_vpn_endpoint_4.yaml.bak | 34 ++++++++ queries/aws_ec2_client_vpn_endpoint_5.yaml | 2 +- .../aws_ec2_client_vpn_endpoint_5.yaml.bak | 32 ++++++++ queries/aws_ec2_client_vpn_endpoint_6.yaml | 2 +- .../aws_ec2_client_vpn_endpoint_6.yaml.bak | 30 +++++++ queries/aws_ec2_client_vpn_endpoint_7.yaml | 2 +- .../aws_ec2_client_vpn_endpoint_7.yaml.bak | 31 +++++++ queries/aws_ec2_gateway_load_balancer_1.yaml | 2 +- .../aws_ec2_gateway_load_balancer_1.yaml.bak | 27 +++++++ queries/aws_ec2_gateway_load_balancer_2.yaml | 2 +- .../aws_ec2_gateway_load_balancer_2.yaml.bak | 29 +++++++ queries/aws_ec2_gateway_load_balancer_3.yaml | 2 +- .../aws_ec2_gateway_load_balancer_3.yaml.bak | 30 +++++++ queries/aws_ec2_gateway_load_balancer_4.yaml | 2 +- .../aws_ec2_gateway_load_balancer_4.yaml.bak | 30 +++++++ ...s_ec2_gateway_load_balancer_4.yaml.bak.bak | 30 +++++++ queries/aws_ec2_gateway_load_balancer_5.yaml | 2 +- .../aws_ec2_gateway_load_balancer_5.yaml.bak | 28 +++++++ queries/aws_ec2_gateway_load_balancer_6.yaml | 2 +- .../aws_ec2_gateway_load_balancer_6.yaml.bak | 25 ++++++ queries/aws_ec2_gateway_load_balancer_7.yaml | 2 +- .../aws_ec2_gateway_load_balancer_7.yaml.bak | 27 +++++++ queries/aws_ec2_instance_1.yaml | 2 +- queries/aws_ec2_instance_1.yaml.bak | 27 +++++++ queries/aws_ec2_instance_10.yaml | 2 +- queries/aws_ec2_instance_10.yaml.bak | 27 +++++++ queries/aws_ec2_instance_11.yaml | 2 +- queries/aws_ec2_instance_11.yaml.bak | 27 +++++++ queries/aws_ec2_instance_12.yaml | 2 +- queries/aws_ec2_instance_12.yaml.bak | 30 +++++++ queries/aws_ec2_instance_12.yaml.bak.bak | 30 +++++++ queries/aws_ec2_instance_13.yaml | 2 +- queries/aws_ec2_instance_13.yaml.bak | 28 +++++++ queries/aws_ec2_instance_14.yaml | 2 +- queries/aws_ec2_instance_14.yaml.bak | 31 +++++++ queries/aws_ec2_instance_15.yaml | 2 +- queries/aws_ec2_instance_15.yaml.bak | 30 +++++++ queries/aws_ec2_instance_2.yaml | 2 +- queries/aws_ec2_instance_2.yaml.bak | 27 +++++++ queries/aws_ec2_instance_3.yaml | 2 +- queries/aws_ec2_instance_3.yaml.bak | 25 ++++++ queries/aws_ec2_instance_4.yaml | 2 +- queries/aws_ec2_instance_4.yaml.bak | 30 +++++++ queries/aws_ec2_instance_5.yaml | 2 +- queries/aws_ec2_instance_5.yaml.bak | 27 +++++++ queries/aws_ec2_instance_6.yaml | 2 +- queries/aws_ec2_instance_6.yaml.bak | 27 +++++++ queries/aws_ec2_instance_7.yaml | 2 +- queries/aws_ec2_instance_7.yaml.bak | 26 ++++++ queries/aws_ec2_instance_8.yaml | 2 +- queries/aws_ec2_instance_8.yaml.bak | 31 +++++++ queries/aws_ec2_instance_9.yaml | 2 +- queries/aws_ec2_instance_9.yaml.bak | 29 +++++++ queries/aws_ec2_instance_availability_1.yaml | 2 +- .../aws_ec2_instance_availability_1.yaml.bak | 27 +++++++ queries/aws_ec2_instance_availability_2.yaml | 2 +- .../aws_ec2_instance_availability_2.yaml.bak | 28 +++++++ ...ec2_instance_metric_cpu_utilization_1.yaml | 2 +- ...instance_metric_cpu_utilization_1.yaml.bak | 30 +++++++ ...ec2_instance_metric_cpu_utilization_2.yaml | 2 +- ...instance_metric_cpu_utilization_2.yaml.bak | 31 +++++++ ...stance_metric_cpu_utilization_daily_1.yaml | 2 +- ...ce_metric_cpu_utilization_daily_1.yaml.bak | 30 +++++++ ...stance_metric_cpu_utilization_daily_2.yaml | 2 +- ...ce_metric_cpu_utilization_daily_2.yaml.bak | 35 ++++++++ ...stance_metric_cpu_utilization_daily_3.yaml | 2 +- ...ce_metric_cpu_utilization_daily_3.yaml.bak | 31 +++++++ ...tance_metric_cpu_utilization_hourly_1.yaml | 2 +- ...e_metric_cpu_utilization_hourly_1.yaml.bak | 32 ++++++++ ...tric_cpu_utilization_hourly_1.yaml.bak.bak | 32 ++++++++ ...tance_metric_cpu_utilization_hourly_2.yaml | 2 +- ...e_metric_cpu_utilization_hourly_2.yaml.bak | 31 +++++++ ...tance_metric_cpu_utilization_hourly_3.yaml | 2 +- ...e_metric_cpu_utilization_hourly_3.yaml.bak | 33 ++++++++ queries/aws_ec2_instance_type_1.yaml | 2 +- queries/aws_ec2_instance_type_1.yaml.bak | 27 +++++++ queries/aws_ec2_instance_type_2.yaml | 2 +- queries/aws_ec2_instance_type_2.yaml.bak | 27 +++++++ queries/aws_ec2_instance_type_2.yaml.bak.bak | 27 +++++++ queries/aws_ec2_instance_type_3.yaml | 2 +- queries/aws_ec2_instance_type_3.yaml.bak | 32 ++++++++ queries/aws_ec2_instance_type_4.yaml | 2 +- queries/aws_ec2_instance_type_4.yaml.bak | 27 +++++++ queries/aws_ec2_instance_type_5.yaml | 2 +- queries/aws_ec2_instance_type_5.yaml.bak | 25 ++++++ queries/aws_ec2_key_pair_1.yaml | 2 +- queries/aws_ec2_key_pair_1.yaml.bak | 26 ++++++ queries/aws_ec2_key_pair_2.yaml | 2 +- queries/aws_ec2_key_pair_2.yaml.bak | 25 ++++++ queries/aws_ec2_launch_configuration_1.yaml | 2 +- .../aws_ec2_launch_configuration_1.yaml.bak | 29 +++++++ queries/aws_ec2_launch_configuration_2.yaml | 2 +- .../aws_ec2_launch_configuration_2.yaml.bak | 23 ++++++ queries/aws_ec2_launch_configuration_3.yaml | 2 +- .../aws_ec2_launch_configuration_3.yaml.bak | 27 +++++++ queries/aws_ec2_launch_configuration_4.yaml | 2 +- .../aws_ec2_launch_configuration_4.yaml.bak | 23 ++++++ queries/aws_ec2_launch_configuration_5.yaml | 2 +- .../aws_ec2_launch_configuration_5.yaml.bak | 28 +++++++ queries/aws_ec2_launch_template_1.yaml | 2 +- queries/aws_ec2_launch_template_1.yaml.bak | 27 +++++++ queries/aws_ec2_launch_template_2.yaml | 2 +- queries/aws_ec2_launch_template_2.yaml.bak | 27 +++++++ queries/aws_ec2_launch_template_3.yaml | 2 +- queries/aws_ec2_launch_template_3.yaml.bak | 26 ++++++ .../aws_ec2_launch_template_version_1.yaml | 2 +- ...aws_ec2_launch_template_version_1.yaml.bak | 29 +++++++ .../aws_ec2_launch_template_version_2.yaml | 2 +- ...aws_ec2_launch_template_version_2.yaml.bak | 29 +++++++ .../aws_ec2_launch_template_version_3.yaml | 2 +- ...aws_ec2_launch_template_version_3.yaml.bak | 30 +++++++ .../aws_ec2_launch_template_version_4.yaml | 2 +- ...aws_ec2_launch_template_version_4.yaml.bak | 30 +++++++ .../aws_ec2_launch_template_version_5.yaml | 2 +- ...aws_ec2_launch_template_version_5.yaml.bak | 25 ++++++ .../aws_ec2_launch_template_version_6.yaml | 2 +- ...aws_ec2_launch_template_version_6.yaml.bak | 51 ++++++++++++ .../aws_ec2_launch_template_version_7.yaml | 2 +- ...aws_ec2_launch_template_version_7.yaml.bak | 28 +++++++ .../aws_ec2_launch_template_version_8.yaml | 2 +- ...aws_ec2_launch_template_version_8.yaml.bak | 28 +++++++ .../aws_ec2_launch_template_version_9.yaml | 2 +- ...aws_ec2_launch_template_version_9.yaml.bak | 27 +++++++ queries/aws_ec2_load_balancer_listener_1.yaml | 2 +- .../aws_ec2_load_balancer_listener_1.yaml.bak | 25 ++++++ queries/aws_ec2_load_balancer_listener_2.yaml | 2 +- .../aws_ec2_load_balancer_listener_2.yaml.bak | 29 +++++++ ..._ec2_load_balancer_listener_2.yaml.bak.bak | 29 +++++++ queries/aws_ec2_load_balancer_listener_3.yaml | 2 +- .../aws_ec2_load_balancer_listener_3.yaml.bak | 29 +++++++ ...aws_ec2_load_balancer_listener_rule_1.yaml | 2 +- ...ec2_load_balancer_listener_rule_1.yaml.bak | 30 +++++++ ...aws_ec2_load_balancer_listener_rule_2.yaml | 2 +- ...ec2_load_balancer_listener_rule_2.yaml.bak | 30 +++++++ ...aws_ec2_load_balancer_listener_rule_3.yaml | 2 +- ...ec2_load_balancer_listener_rule_3.yaml.bak | 35 ++++++++ ...aws_ec2_load_balancer_listener_rule_4.yaml | 2 +- ...ec2_load_balancer_listener_rule_4.yaml.bak | 27 +++++++ ...aws_ec2_load_balancer_listener_rule_5.yaml | 2 +- ...ec2_load_balancer_listener_rule_5.yaml.bak | 33 ++++++++ ...aws_ec2_load_balancer_listener_rule_6.yaml | 2 +- ...ec2_load_balancer_listener_rule_6.yaml.bak | 35 ++++++++ queries/aws_ec2_managed_prefix_list_1.yaml | 2 +- .../aws_ec2_managed_prefix_list_1.yaml.bak | 28 +++++++ ...aws_ec2_managed_prefix_list_1.yaml.bak.bak | 28 +++++++ queries/aws_ec2_managed_prefix_list_2.yaml | 2 +- .../aws_ec2_managed_prefix_list_2.yaml.bak | 30 +++++++ queries/aws_ec2_managed_prefix_list_3.yaml | 2 +- .../aws_ec2_managed_prefix_list_3.yaml.bak | 28 +++++++ queries/aws_ec2_managed_prefix_list_4.yaml | 2 +- .../aws_ec2_managed_prefix_list_4.yaml.bak | 28 +++++++ queries/aws_ec2_managed_prefix_list_5.yaml | 2 +- .../aws_ec2_managed_prefix_list_5.yaml.bak | 30 +++++++ queries/aws_ec2_managed_prefix_list_6.yaml | 2 +- .../aws_ec2_managed_prefix_list_6.yaml.bak | 28 +++++++ .../aws_ec2_managed_prefix_list_entry_1.yaml | 2 +- ...s_ec2_managed_prefix_list_entry_1.yaml.bak | 24 ++++++ .../aws_ec2_managed_prefix_list_entry_2.yaml | 2 +- ...s_ec2_managed_prefix_list_entry_2.yaml.bak | 30 +++++++ .../aws_ec2_managed_prefix_list_entry_3.yaml | 2 +- ...s_ec2_managed_prefix_list_entry_3.yaml.bak | 27 +++++++ queries/aws_ec2_network_interface_1.yaml | 2 +- queries/aws_ec2_network_interface_1.yaml.bak | 29 +++++++ queries/aws_ec2_network_interface_2.yaml | 2 +- queries/aws_ec2_network_interface_2.yaml.bak | 31 +++++++ queries/aws_ec2_network_interface_3.yaml | 2 +- queries/aws_ec2_network_interface_3.yaml.bak | 29 +++++++ .../aws_ec2_network_interface_3.yaml.bak.bak | 29 +++++++ queries/aws_ec2_network_interface_4.yaml | 2 +- queries/aws_ec2_network_interface_4.yaml.bak | 29 +++++++ queries/aws_ec2_network_interface_5.yaml | 2 +- queries/aws_ec2_network_interface_5.yaml.bak | 33 ++++++++ queries/aws_ec2_network_load_balancer_1.yaml | 2 +- .../aws_ec2_network_load_balancer_1.yaml.bak | 28 +++++++ queries/aws_ec2_network_load_balancer_2.yaml | 2 +- .../aws_ec2_network_load_balancer_2.yaml.bak | 30 +++++++ queries/aws_ec2_network_load_balancer_3.yaml | 2 +- .../aws_ec2_network_load_balancer_3.yaml.bak | 30 +++++++ queries/aws_ec2_network_load_balancer_4.yaml | 2 +- .../aws_ec2_network_load_balancer_4.yaml.bak | 28 +++++++ ...load_balancer_metric_net_flow_count_1.yaml | 2 +- ..._balancer_metric_net_flow_count_1.yaml.bak | 33 ++++++++ ...load_balancer_metric_net_flow_count_2.yaml | 2 +- ..._balancer_metric_net_flow_count_2.yaml.bak | 36 +++++++++ ...alancer_metric_net_flow_count_daily_1.yaml | 2 +- ...cer_metric_net_flow_count_daily_1.yaml.bak | 35 ++++++++ ...alancer_metric_net_flow_count_daily_2.yaml | 2 +- ...cer_metric_net_flow_count_daily_2.yaml.bak | 36 +++++++++ queries/aws_ec2_regional_settings_1.yaml | 2 +- queries/aws_ec2_regional_settings_1.yaml.bak | 27 +++++++ queries/aws_ec2_regional_settings_2.yaml | 2 +- queries/aws_ec2_regional_settings_2.yaml.bak | 27 +++++++ queries/aws_ec2_regional_settings_3.yaml | 2 +- queries/aws_ec2_regional_settings_3.yaml.bak | 26 ++++++ queries/aws_ec2_reserved_instance_1.yaml | 2 +- queries/aws_ec2_reserved_instance_1.yaml.bak | 31 +++++++ .../aws_ec2_reserved_instance_1.yaml.bak.bak | 31 +++++++ queries/aws_ec2_reserved_instance_2.yaml | 2 +- queries/aws_ec2_reserved_instance_2.yaml.bak | 27 +++++++ queries/aws_ec2_reserved_instance_3.yaml | 2 +- queries/aws_ec2_reserved_instance_3.yaml.bak | 27 +++++++ queries/aws_ec2_reserved_instance_4.yaml | 2 +- queries/aws_ec2_reserved_instance_4.yaml.bak | 28 +++++++ queries/aws_ec2_reserved_instance_5.yaml | 2 +- queries/aws_ec2_reserved_instance_5.yaml.bak | 28 +++++++ queries/aws_ec2_spot_price_1.yaml | 2 +- queries/aws_ec2_spot_price_1.yaml.bak | 37 +++++++++ queries/aws_ec2_ssl_policy_1.yaml | 2 +- queries/aws_ec2_ssl_policy_1.yaml.bak | 25 ++++++ queries/aws_ec2_ssl_policy_1.yaml.bak.bak | 25 ++++++ queries/aws_ec2_ssl_policy_2.yaml | 2 +- queries/aws_ec2_ssl_policy_2.yaml.bak | 31 +++++++ queries/aws_ec2_target_group_1.yaml | 2 +- queries/aws_ec2_target_group_1.yaml.bak | 25 ++++++ queries/aws_ec2_target_group_2.yaml | 2 +- queries/aws_ec2_target_group_2.yaml.bak | 32 ++++++++ queries/aws_ec2_target_group_3.yaml | 2 +- queries/aws_ec2_target_group_3.yaml.bak | 29 +++++++ queries/aws_ec2_target_group_4.yaml | 2 +- queries/aws_ec2_target_group_4.yaml.bak | 29 +++++++ queries/aws_ec2_transit_gateway_1.yaml | 2 +- queries/aws_ec2_transit_gateway_1.yaml.bak | 27 +++++++ queries/aws_ec2_transit_gateway_2.yaml | 2 +- queries/aws_ec2_transit_gateway_2.yaml.bak | 25 ++++++ queries/aws_ec2_transit_gateway_3.yaml | 2 +- queries/aws_ec2_transit_gateway_3.yaml.bak | 27 +++++++ queries/aws_ec2_transit_gateway_4.yaml | 2 +- queries/aws_ec2_transit_gateway_4.yaml.bak | 25 ++++++ .../aws_ec2_transit_gateway_4.yaml.bak.bak | 25 ++++++ queries/aws_ec2_transit_gateway_route_1.yaml | 2 +- .../aws_ec2_transit_gateway_route_1.yaml.bak | 28 +++++++ queries/aws_ec2_transit_gateway_route_2.yaml | 2 +- .../aws_ec2_transit_gateway_route_2.yaml.bak | 29 +++++++ ...aws_ec2_transit_gateway_route_table_1.yaml | 2 +- ...ec2_transit_gateway_route_table_1.yaml.bak | 25 ++++++ ...aws_ec2_transit_gateway_route_table_2.yaml | 2 +- ...ec2_transit_gateway_route_table_2.yaml.bak | 27 +++++++ ..._ec2_transit_gateway_vpc_attachment_1.yaml | 2 +- ..._transit_gateway_vpc_attachment_1.yaml.bak | 29 +++++++ ..._ec2_transit_gateway_vpc_attachment_2.yaml | 2 +- ..._transit_gateway_vpc_attachment_2.yaml.bak | 27 +++++++ queries/aws_ecr_image_1.yaml | 2 +- queries/aws_ecr_image_1.yaml.bak | 28 +++++++ queries/aws_ecr_image_2.yaml | 2 +- queries/aws_ecr_image_2.yaml.bak | 25 ++++++ queries/aws_ecr_image_2.yaml.bak.bak | 25 ++++++ queries/aws_ecr_image_3.yaml | 2 +- queries/aws_ecr_image_3.yaml.bak | 25 ++++++ queries/aws_ecr_image_4.yaml | 2 +- queries/aws_ecr_image_4.yaml.bak | 31 +++++++ queries/aws_ecr_image_5.yaml | 2 +- queries/aws_ecr_image_5.yaml.bak | 32 ++++++++ queries/aws_ecr_image_6.yaml | 2 +- queries/aws_ecr_image_6.yaml.bak | 33 ++++++++ queries/aws_ecr_image_7.yaml | 2 +- queries/aws_ecr_image_7.yaml.bak | 31 +++++++ queries/aws_ecr_image_scan_finding_1.yaml | 2 +- queries/aws_ecr_image_scan_finding_1.yaml.bak | 38 +++++++++ queries/aws_ecr_image_scan_finding_2.yaml | 2 +- queries/aws_ecr_image_scan_finding_2.yaml.bak | 39 +++++++++ ...ecr_registry_scanning_configuration_1.yaml | 2 +- ...registry_scanning_configuration_1.yaml.bak | 26 ++++++ ...ecr_registry_scanning_configuration_2.yaml | 2 +- ...registry_scanning_configuration_2.yaml.bak | 28 +++++++ ...ecr_registry_scanning_configuration_3.yaml | 2 +- ...registry_scanning_configuration_3.yaml.bak | 25 ++++++ queries/aws_ecr_repository_1.yaml | 2 +- queries/aws_ecr_repository_1.yaml.bak | 30 +++++++ queries/aws_ecr_repository_10.yaml | 2 +- queries/aws_ecr_repository_10.yaml.bak | 27 +++++++ queries/aws_ecr_repository_11.yaml | 2 +- queries/aws_ecr_repository_11.yaml.bak | 29 +++++++ queries/aws_ecr_repository_2.yaml | 2 +- queries/aws_ecr_repository_2.yaml.bak | 28 +++++++ queries/aws_ecr_repository_2.yaml.bak.bak | 28 +++++++ queries/aws_ecr_repository_3.yaml | 2 +- queries/aws_ecr_repository_3.yaml.bak | 27 +++++++ queries/aws_ecr_repository_4.yaml | 2 +- queries/aws_ecr_repository_4.yaml.bak | 32 ++++++++ queries/aws_ecr_repository_5.yaml | 2 +- queries/aws_ecr_repository_5.yaml.bak | 30 +++++++ queries/aws_ecr_repository_6.yaml | 2 +- queries/aws_ecr_repository_6.yaml.bak | 25 ++++++ queries/aws_ecr_repository_7.yaml | 2 +- queries/aws_ecr_repository_7.yaml.bak | 34 ++++++++ queries/aws_ecr_repository_8.yaml | 2 +- queries/aws_ecr_repository_8.yaml.bak | 32 ++++++++ queries/aws_ecr_repository_9.yaml | 2 +- queries/aws_ecr_repository_9.yaml.bak | 27 +++++++ queries/aws_ecrpublic_repository_1.yaml | 2 +- queries/aws_ecrpublic_repository_1.yaml.bak | 30 +++++++ queries/aws_ecrpublic_repository_2.yaml | 2 +- queries/aws_ecrpublic_repository_2.yaml.bak | 34 ++++++++ queries/aws_ecs_cluster_1.yaml | 2 +- queries/aws_ecs_cluster_1.yaml.bak | 27 +++++++ queries/aws_ecs_cluster_2.yaml | 2 +- queries/aws_ecs_cluster_2.yaml.bak | 27 +++++++ queries/aws_ecs_cluster_3.yaml | 2 +- queries/aws_ecs_cluster_3.yaml.bak | 26 ++++++ queries/aws_ecs_cluster_4.yaml | 2 +- queries/aws_ecs_cluster_4.yaml.bak | 29 +++++++ ..._ecs_cluster_metric_cpu_utilization_1.yaml | 2 +- ..._cluster_metric_cpu_utilization_1.yaml.bak | 30 +++++++ ..._ecs_cluster_metric_cpu_utilization_2.yaml | 2 +- ..._cluster_metric_cpu_utilization_2.yaml.bak | 34 ++++++++ ...luster_metric_cpu_utilization_daily_1.yaml | 2 +- ...er_metric_cpu_utilization_daily_1.yaml.bak | 32 ++++++++ ...luster_metric_cpu_utilization_daily_2.yaml | 2 +- ...er_metric_cpu_utilization_daily_2.yaml.bak | 32 ++++++++ ...luster_metric_cpu_utilization_daily_3.yaml | 2 +- ...er_metric_cpu_utilization_daily_3.yaml.bak | 32 ++++++++ ...uster_metric_cpu_utilization_hourly_1.yaml | 2 +- ...r_metric_cpu_utilization_hourly_1.yaml.bak | 30 +++++++ ...uster_metric_cpu_utilization_hourly_2.yaml | 2 +- ...r_metric_cpu_utilization_hourly_2.yaml.bak | 32 ++++++++ ...uster_metric_cpu_utilization_hourly_3.yaml | 2 +- ...r_metric_cpu_utilization_hourly_3.yaml.bak | 32 ++++++++ queries/aws_ecs_container_instance_1.yaml | 2 +- queries/aws_ecs_container_instance_1.yaml.bak | 29 +++++++ queries/aws_ecs_container_instance_2.yaml | 2 +- queries/aws_ecs_container_instance_2.yaml.bak | 26 ++++++ queries/aws_ecs_container_instance_3.yaml | 2 +- queries/aws_ecs_container_instance_3.yaml.bak | 26 ++++++ queries/aws_ecs_container_instance_4.yaml | 2 +- queries/aws_ecs_container_instance_4.yaml.bak | 28 +++++++ queries/aws_ecs_service_1.yaml | 2 +- queries/aws_ecs_service_1.yaml.bak | 28 +++++++ queries/aws_ecs_service_2.yaml | 2 +- queries/aws_ecs_service_2.yaml.bak | 28 +++++++ queries/aws_ecs_service_3.yaml | 2 +- queries/aws_ecs_service_3.yaml.bak | 28 +++++++ queries/aws_ecs_task_1.yaml | 2 +- queries/aws_ecs_task_1.yaml.bak | 27 +++++++ queries/aws_ecs_task_2.yaml | 2 +- queries/aws_ecs_task_2.yaml.bak | 30 +++++++ queries/aws_ecs_task_3.yaml | 2 +- queries/aws_ecs_task_3.yaml.bak | 25 ++++++ queries/aws_ecs_task_3.yaml.bak.bak | 25 ++++++ queries/aws_ecs_task_definition_1.yaml | 2 +- queries/aws_ecs_task_definition_1.yaml.bak | 29 +++++++ queries/aws_ecs_task_definition_2.yaml | 2 +- queries/aws_ecs_task_definition_2.yaml.bak | 25 ++++++ queries/aws_ecs_task_definition_3.yaml | 2 +- queries/aws_ecs_task_definition_3.yaml.bak | 27 +++++++ .../aws_ecs_task_definition_3.yaml.bak.bak | 27 +++++++ queries/aws_ecs_task_definition_4.yaml | 2 +- queries/aws_ecs_task_definition_4.yaml.bak | 29 +++++++ queries/aws_efs_access_point_1.yaml | 2 +- queries/aws_efs_access_point_1.yaml.bak | 30 +++++++ queries/aws_efs_access_point_2.yaml | 2 +- queries/aws_efs_access_point_2.yaml.bak | 28 +++++++ queries/aws_efs_access_point_3.yaml | 2 +- queries/aws_efs_access_point_3.yaml.bak | 29 +++++++ queries/aws_efs_file_system_1.yaml | 2 +- queries/aws_efs_file_system_1.yaml.bak | 31 +++++++ queries/aws_efs_file_system_2.yaml | 2 +- queries/aws_efs_file_system_2.yaml.bak | 29 +++++++ queries/aws_efs_file_system_3.yaml | 2 +- queries/aws_efs_file_system_3.yaml.bak | 26 ++++++ queries/aws_efs_file_system_4.yaml | 2 +- queries/aws_efs_file_system_4.yaml.bak | 33 ++++++++ queries/aws_efs_file_system_5.yaml | 2 +- queries/aws_efs_file_system_5.yaml.bak | 39 +++++++++ queries/aws_efs_file_system_6.yaml | 2 +- queries/aws_efs_file_system_6.yaml.bak | 27 +++++++ queries/aws_efs_mount_target_1.yaml | 2 +- queries/aws_efs_mount_target_1.yaml.bak | 28 +++++++ queries/aws_efs_mount_target_2.yaml | 2 +- queries/aws_efs_mount_target_2.yaml.bak | 25 ++++++ queries/aws_eks_addon_1.yaml | 2 +- queries/aws_eks_addon_1.yaml.bak | 29 +++++++ queries/aws_eks_addon_2.yaml | 2 +- queries/aws_eks_addon_2.yaml.bak | 29 +++++++ queries/aws_eks_addon_3.yaml | 2 +- queries/aws_eks_addon_3.yaml.bak | 27 +++++++ queries/aws_eks_addon_3.yaml.bak.bak | 27 +++++++ queries/aws_eks_addon_version_1.yaml | 2 +- queries/aws_eks_addon_version_1.yaml.bak | 24 ++++++ queries/aws_eks_addon_version_2.yaml | 2 +- queries/aws_eks_addon_version_2.yaml.bak | 27 +++++++ queries/aws_eks_addon_version_3.yaml | 2 +- queries/aws_eks_addon_version_3.yaml.bak | 27 +++++++ queries/aws_eks_cluster_1.yaml | 2 +- queries/aws_eks_cluster_1.yaml.bak | 26 ++++++ queries/aws_eks_cluster_2.yaml | 2 +- queries/aws_eks_cluster_2.yaml.bak | 31 +++++++ queries/aws_eks_cluster_3.yaml | 2 +- queries/aws_eks_cluster_3.yaml.bak | 29 +++++++ queries/aws_eks_cluster_4.yaml | 2 +- queries/aws_eks_cluster_4.yaml.bak | 28 +++++++ queries/aws_eks_fargate_profile_1.yaml | 2 +- queries/aws_eks_fargate_profile_1.yaml.bak | 29 +++++++ .../aws_eks_fargate_profile_1.yaml.bak.bak | 29 +++++++ queries/aws_eks_fargate_profile_2.yaml | 2 +- queries/aws_eks_fargate_profile_2.yaml.bak | 30 +++++++ queries/aws_eks_fargate_profile_3.yaml | 2 +- queries/aws_eks_fargate_profile_3.yaml.bak | 32 ++++++++ queries/aws_eks_fargate_profile_4.yaml | 2 +- queries/aws_eks_fargate_profile_4.yaml.bak | 34 ++++++++ .../aws_eks_identity_provider_config_1.yaml | 2 +- ...ws_eks_identity_provider_config_1.yaml.bak | 26 ++++++ .../aws_eks_identity_provider_config_2.yaml | 2 +- ...ws_eks_identity_provider_config_2.yaml.bak | 27 +++++++ queries/aws_eks_node_group_1.yaml | 2 +- queries/aws_eks_node_group_1.yaml.bak | 28 +++++++ queries/aws_eks_node_group_2.yaml | 2 +- queries/aws_eks_node_group_2.yaml.bak | 30 +++++++ queries/aws_eks_node_group_3.yaml | 2 +- queries/aws_eks_node_group_3.yaml.bak | 26 ++++++ queries/aws_eks_node_group_4.yaml | 2 +- queries/aws_eks_node_group_4.yaml.bak | 26 ++++++ .../aws_elastic_beanstalk_application_1.yaml | 2 +- ...s_elastic_beanstalk_application_1.yaml.bak | 29 +++++++ .../aws_elastic_beanstalk_application_2.yaml | 2 +- ...s_elastic_beanstalk_application_2.yaml.bak | 25 ++++++ ...astic_beanstalk_application_version_1.yaml | 2 +- ...c_beanstalk_application_version_1.yaml.bak | 30 +++++++ ...astic_beanstalk_application_version_2.yaml | 2 +- ...c_beanstalk_application_version_2.yaml.bak | 29 +++++++ ...astic_beanstalk_application_version_3.yaml | 2 +- ...c_beanstalk_application_version_3.yaml.bak | 27 +++++++ ...astic_beanstalk_application_version_4.yaml | 2 +- ...c_beanstalk_application_version_4.yaml.bak | 30 +++++++ ...astic_beanstalk_application_version_5.yaml | 2 +- ...c_beanstalk_application_version_5.yaml.bak | 27 +++++++ ...astic_beanstalk_application_version_6.yaml | 2 +- ...c_beanstalk_application_version_6.yaml.bak | 26 ++++++ .../aws_elastic_beanstalk_environment_1.yaml | 2 +- ...s_elastic_beanstalk_environment_1.yaml.bak | 26 ++++++ .../aws_elastic_beanstalk_environment_2.yaml | 2 +- ...s_elastic_beanstalk_environment_2.yaml.bak | 25 ++++++ .../aws_elastic_beanstalk_environment_3.yaml | 2 +- ...s_elastic_beanstalk_environment_3.yaml.bak | 29 +++++++ ...astic_beanstalk_environment_3.yaml.bak.bak | 29 +++++++ .../aws_elastic_beanstalk_environment_4.yaml | 2 +- ...s_elastic_beanstalk_environment_4.yaml.bak | 25 ++++++ .../aws_elastic_beanstalk_environment_5.yaml | 2 +- ...s_elastic_beanstalk_environment_5.yaml.bak | 28 +++++++ .../aws_elastic_beanstalk_environment_6.yaml | 2 +- ...s_elastic_beanstalk_environment_6.yaml.bak | 37 +++++++++ queries/aws_elasticache_cluster_1.yaml | 2 +- queries/aws_elasticache_cluster_1.yaml.bak | 28 +++++++ queries/aws_elasticache_cluster_2.yaml | 2 +- queries/aws_elasticache_cluster_2.yaml.bak | 25 ++++++ .../aws_elasticache_cluster_2.yaml.bak.bak | 25 ++++++ queries/aws_elasticache_cluster_3.yaml | 2 +- queries/aws_elasticache_cluster_3.yaml.bak | 28 +++++++ queries/aws_elasticache_cluster_4.yaml | 2 +- queries/aws_elasticache_cluster_4.yaml.bak | 27 +++++++ queries/aws_elasticache_cluster_5.yaml | 2 +- queries/aws_elasticache_cluster_5.yaml.bak | 27 +++++++ queries/aws_elasticache_cluster_6.yaml | 2 +- queries/aws_elasticache_cluster_6.yaml.bak | 27 +++++++ queries/aws_elasticache_cluster_7.yaml | 2 +- queries/aws_elasticache_cluster_7.yaml.bak | 29 +++++++ .../aws_elasticache_parameter_group_1.yaml | 2 +- ...aws_elasticache_parameter_group_1.yaml.bak | 26 ++++++ .../aws_elasticache_parameter_group_2.yaml | 2 +- ...aws_elasticache_parameter_group_2.yaml.bak | 27 +++++++ ...ache_redis_metric_cache_hits_hourly_1.yaml | 2 +- ..._redis_metric_cache_hits_hourly_1.yaml.bak | 31 +++++++ ...ache_redis_metric_cache_hits_hourly_2.yaml | 2 +- ..._redis_metric_cache_hits_hourly_2.yaml.bak | 32 ++++++++ ...ache_redis_metric_cache_hits_hourly_3.yaml | 2 +- ..._redis_metric_cache_hits_hourly_3.yaml.bak | 31 +++++++ ...edis_metric_curr_connections_hourly_1.yaml | 2 +- ..._metric_curr_connections_hourly_1.yaml.bak | 31 +++++++ ...edis_metric_curr_connections_hourly_2.yaml | 2 +- ..._metric_curr_connections_hourly_2.yaml.bak | 33 ++++++++ ...metric_engine_cpu_utilization_daily_1.yaml | 2 +- ...ic_engine_cpu_utilization_daily_1.yaml.bak | 32 ++++++++ ...metric_engine_cpu_utilization_daily_2.yaml | 2 +- ...ic_engine_cpu_utilization_daily_2.yaml.bak | 31 +++++++ ...metric_engine_cpu_utilization_daily_3.yaml | 2 +- ...ic_engine_cpu_utilization_daily_3.yaml.bak | 31 +++++++ ...etric_engine_cpu_utilization_hourly_1.yaml | 2 +- ...c_engine_cpu_utilization_hourly_1.yaml.bak | 30 +++++++ ...etric_engine_cpu_utilization_hourly_2.yaml | 2 +- ...c_engine_cpu_utilization_hourly_2.yaml.bak | 33 ++++++++ ...gine_cpu_utilization_hourly_2.yaml.bak.bak | 33 ++++++++ ...etric_engine_cpu_utilization_hourly_3.yaml | 2 +- ...c_engine_cpu_utilization_hourly_3.yaml.bak | 33 ++++++++ ...e_redis_metric_get_type_cmds_hourly_1.yaml | 2 +- ...dis_metric_get_type_cmds_hourly_1.yaml.bak | 30 +++++++ ...e_redis_metric_get_type_cmds_hourly_2.yaml | 2 +- ...dis_metric_get_type_cmds_hourly_2.yaml.bak | 31 +++++++ ...metric_get_type_cmds_hourly_2.yaml.bak.bak | 31 +++++++ ...redis_metric_list_based_cmds_hourly_1.yaml | 2 +- ...s_metric_list_based_cmds_hourly_1.yaml.bak | 31 +++++++ ...redis_metric_list_based_cmds_hourly_2.yaml | 2 +- ...s_metric_list_based_cmds_hourly_2.yaml.bak | 33 ++++++++ ...redis_metric_new_connections_hourly_1.yaml | 2 +- ...s_metric_new_connections_hourly_1.yaml.bak | 29 +++++++ ...redis_metric_new_connections_hourly_2.yaml | 2 +- ...s_metric_new_connections_hourly_2.yaml.bak | 31 +++++++ .../aws_elasticache_replication_group_1.yaml | 2 +- ...s_elasticache_replication_group_1.yaml.bak | 27 +++++++ .../aws_elasticache_replication_group_2.yaml | 2 +- ...s_elasticache_replication_group_2.yaml.bak | 30 +++++++ ...asticache_replication_group_2.yaml.bak.bak | 30 +++++++ .../aws_elasticache_replication_group_3.yaml | 2 +- ...s_elasticache_replication_group_3.yaml.bak | 28 +++++++ .../aws_elasticache_replication_group_4.yaml | 2 +- ...s_elasticache_replication_group_4.yaml.bak | 29 +++++++ .../aws_elasticache_replication_group_5.yaml | 2 +- ...s_elasticache_replication_group_5.yaml.bak | 27 +++++++ .../aws_elasticache_replication_group_6.yaml | 2 +- ...s_elasticache_replication_group_6.yaml.bak | 23 ++++++ ...aws_elasticache_reserved_cache_node_1.yaml | 2 +- ...elasticache_reserved_cache_node_1.yaml.bak | 26 ++++++ ...aws_elasticache_reserved_cache_node_2.yaml | 2 +- ...elasticache_reserved_cache_node_2.yaml.bak | 30 +++++++ ...ticache_reserved_cache_node_2.yaml.bak.bak | 30 +++++++ ...aws_elasticache_reserved_cache_node_3.yaml | 2 +- ...elasticache_reserved_cache_node_3.yaml.bak | 28 +++++++ ...aws_elasticache_reserved_cache_node_4.yaml | 2 +- ...elasticache_reserved_cache_node_4.yaml.bak | 28 +++++++ ...aws_elasticache_reserved_cache_node_5.yaml | 2 +- ...elasticache_reserved_cache_node_5.yaml.bak | 28 +++++++ queries/aws_elasticache_subnet_group_1.yaml | 2 +- .../aws_elasticache_subnet_group_1.yaml.bak | 25 ++++++ queries/aws_elasticache_subnet_group_2.yaml | 2 +- .../aws_elasticache_subnet_group_2.yaml.bak | 28 +++++++ queries/aws_elasticache_subnet_group_3.yaml | 2 +- .../aws_elasticache_subnet_group_3.yaml.bak | 27 +++++++ queries/aws_elasticsearch_domain_1.yaml | 2 +- queries/aws_elasticsearch_domain_1.yaml.bak | 28 +++++++ queries/aws_elasticsearch_domain_2.yaml | 2 +- queries/aws_elasticsearch_domain_2.yaml.bak | 31 +++++++ queries/aws_elasticsearch_domain_3.yaml | 2 +- queries/aws_elasticsearch_domain_3.yaml.bak | 30 +++++++ queries/aws_elasticsearch_domain_4.yaml | 2 +- queries/aws_elasticsearch_domain_4.yaml.bak | 30 +++++++ queries/aws_elasticsearch_domain_5.yaml | 2 +- queries/aws_elasticsearch_domain_5.yaml.bak | 27 +++++++ queries/aws_elasticsearch_domain_6.yaml | 2 +- queries/aws_elasticsearch_domain_6.yaml.bak | 33 ++++++++ queries/aws_elasticsearch_domain_7.yaml | 2 +- queries/aws_elasticsearch_domain_7.yaml.bak | 28 +++++++ queries/aws_elasticsearch_domain_8.yaml | 2 +- queries/aws_elasticsearch_domain_8.yaml.bak | 27 +++++++ .../aws_elasticsearch_domain_8.yaml.bak.bak | 27 +++++++ ...r_block_public_access_configuration_1.yaml | 2 +- ...ock_public_access_configuration_1.yaml.bak | 31 +++++++ ...public_access_configuration_1.yaml.bak.bak | 31 +++++++ ...r_block_public_access_configuration_2.yaml | 2 +- ...ock_public_access_configuration_2.yaml.bak | 27 +++++++ ...r_block_public_access_configuration_3.yaml | 2 +- ...ock_public_access_configuration_3.yaml.bak | 28 +++++++ ...r_block_public_access_configuration_4.yaml | 2 +- ...ock_public_access_configuration_4.yaml.bak | 25 ++++++ queries/aws_emr_cluster_1.yaml | 2 +- queries/aws_emr_cluster_1.yaml.bak | 27 +++++++ queries/aws_emr_cluster_2.yaml | 2 +- queries/aws_emr_cluster_2.yaml.bak | 26 ++++++ queries/aws_emr_cluster_3.yaml | 2 +- queries/aws_emr_cluster_3.yaml.bak | 29 +++++++ queries/aws_emr_cluster_4.yaml | 2 +- queries/aws_emr_cluster_4.yaml.bak | 26 ++++++ queries/aws_emr_cluster_5.yaml | 2 +- queries/aws_emr_cluster_5.yaml.bak | 26 ++++++ queries/aws_emr_cluster_6.yaml | 2 +- queries/aws_emr_cluster_6.yaml.bak | 29 +++++++ queries/aws_emr_cluster_metric_is_idle_1.yaml | 2 +- .../aws_emr_cluster_metric_is_idle_1.yaml.bak | 30 +++++++ queries/aws_emr_instance_1.yaml | 2 +- queries/aws_emr_instance_1.yaml.bak | 29 +++++++ queries/aws_emr_instance_2.yaml | 2 +- queries/aws_emr_instance_2.yaml.bak | 28 +++++++ queries/aws_emr_instance_3.yaml | 2 +- queries/aws_emr_instance_3.yaml.bak | 28 +++++++ queries/aws_emr_instance_4.yaml | 2 +- queries/aws_emr_instance_4.yaml.bak | 31 +++++++ queries/aws_emr_instance_fleet_1.yaml | 2 +- queries/aws_emr_instance_fleet_1.yaml.bak | 28 +++++++ queries/aws_emr_instance_fleet_2.yaml | 2 +- queries/aws_emr_instance_fleet_2.yaml.bak | 29 +++++++ queries/aws_emr_instance_fleet_3.yaml | 2 +- queries/aws_emr_instance_fleet_3.yaml.bak | 26 ++++++ queries/aws_emr_instance_group_1.yaml | 2 +- queries/aws_emr_instance_group_1.yaml.bak | 26 ++++++ queries/aws_emr_instance_group_2.yaml | 2 +- queries/aws_emr_instance_group_2.yaml.bak | 31 +++++++ queries/aws_emr_instance_group_3.yaml | 2 +- queries/aws_emr_instance_group_3.yaml.bak | 28 +++++++ queries/aws_emr_security_configuration_1.yaml | 2 +- .../aws_emr_security_configuration_1.yaml.bak | 30 +++++++ queries/aws_emr_security_configuration_2.yaml | 2 +- .../aws_emr_security_configuration_2.yaml.bak | 28 +++++++ queries/aws_emr_security_configuration_3.yaml | 2 +- .../aws_emr_security_configuration_3.yaml.bak | 32 ++++++++ queries/aws_eventbridge_bus_1.yaml | 2 +- queries/aws_eventbridge_bus_1.yaml.bak | 27 +++++++ queries/aws_eventbridge_rule_1.yaml | 2 +- queries/aws_eventbridge_rule_1.yaml.bak | 28 +++++++ queries/aws_eventbridge_rule_2.yaml | 2 +- queries/aws_eventbridge_rule_2.yaml.bak | 27 +++++++ queries/aws_eventbridge_rule_2.yaml.bak.bak | 27 +++++++ queries/aws_eventbridge_rule_3.yaml | 2 +- queries/aws_eventbridge_rule_3.yaml.bak | 28 +++++++ queries/aws_fms_app_list_1.yaml | 2 +- queries/aws_fms_app_list_1.yaml.bak | 25 ++++++ queries/aws_fms_app_list_2.yaml | 2 +- queries/aws_fms_app_list_2.yaml.bak | 29 +++++++ queries/aws_fms_app_list_3.yaml | 2 +- queries/aws_fms_app_list_3.yaml.bak | 29 +++++++ queries/aws_fms_policy_1.yaml | 2 +- queries/aws_fms_policy_1.yaml.bak | 28 +++++++ queries/aws_fms_policy_2.yaml | 2 +- queries/aws_fms_policy_2.yaml.bak | 31 +++++++ queries/aws_fms_policy_3.yaml | 2 +- queries/aws_fms_policy_3.yaml.bak | 27 +++++++ queries/aws_fms_policy_4.yaml | 2 +- queries/aws_fms_policy_4.yaml.bak | 28 +++++++ queries/aws_fsx_file_system_1.yaml | 2 +- queries/aws_fsx_file_system_1.yaml.bak | 30 +++++++ queries/aws_fsx_file_system_2.yaml | 2 +- queries/aws_fsx_file_system_2.yaml.bak | 30 +++++++ queries/aws_glacier_vault_1.yaml | 2 +- queries/aws_glacier_vault_1.yaml.bak | 26 ++++++ queries/aws_glacier_vault_2.yaml | 2 +- queries/aws_glacier_vault_2.yaml.bak | 32 ++++++++ queries/aws_glacier_vault_2.yaml.bak.bak | 32 ++++++++ queries/aws_glacier_vault_3.yaml | 2 +- queries/aws_glacier_vault_3.yaml.bak | 32 ++++++++ queries/aws_glacier_vault_4.yaml | 2 +- queries/aws_glacier_vault_4.yaml.bak | 29 +++++++ queries/aws_glacier_vault_5.yaml | 2 +- queries/aws_glacier_vault_5.yaml.bak | 25 ++++++ queries/aws_glacier_vault_6.yaml | 2 +- queries/aws_glacier_vault_6.yaml.bak | 26 ++++++ .../aws_globalaccelerator_accelerator_1.yaml | 2 +- ...s_globalaccelerator_accelerator_1.yaml.bak | 28 +++++++ .../aws_globalaccelerator_accelerator_2.yaml | 2 +- ...s_globalaccelerator_accelerator_2.yaml.bak | 32 ++++++++ .../aws_globalaccelerator_accelerator_3.yaml | 2 +- ...s_globalaccelerator_accelerator_3.yaml.bak | 25 ++++++ ...ws_globalaccelerator_endpoint_group_1.yaml | 2 +- ...lobalaccelerator_endpoint_group_1.yaml.bak | 33 ++++++++ ...ws_globalaccelerator_endpoint_group_2.yaml | 2 +- ...lobalaccelerator_endpoint_group_2.yaml.bak | 35 ++++++++ ...ws_globalaccelerator_endpoint_group_3.yaml | 2 +- ...lobalaccelerator_endpoint_group_3.yaml.bak | 41 ++++++++++ ...laccelerator_endpoint_group_3.yaml.bak.bak | 41 ++++++++++ queries/aws_globalaccelerator_listener_1.yaml | 2 +- .../aws_globalaccelerator_listener_1.yaml.bak | 25 ++++++ queries/aws_globalaccelerator_listener_2.yaml | 2 +- .../aws_globalaccelerator_listener_2.yaml.bak | 27 +++++++ queries/aws_globalaccelerator_listener_3.yaml | 2 +- .../aws_globalaccelerator_listener_3.yaml.bak | 30 +++++++ queries/aws_globalaccelerator_listener_4.yaml | 2 +- .../aws_globalaccelerator_listener_4.yaml.bak | 33 ++++++++ queries/aws_glue_catalog_database_1.yaml | 2 +- queries/aws_glue_catalog_database_1.yaml.bak | 27 +++++++ queries/aws_glue_catalog_database_2.yaml | 2 +- queries/aws_glue_catalog_database_2.yaml.bak | 27 +++++++ queries/aws_glue_catalog_table_1.yaml | 2 +- queries/aws_glue_catalog_table_1.yaml.bak | 20 +++++ queries/aws_glue_catalog_table_2.yaml | 2 +- queries/aws_glue_catalog_table_2.yaml.bak | 27 +++++++ queries/aws_glue_catalog_table_3.yaml | 2 +- queries/aws_glue_catalog_table_3.yaml.bak | 28 +++++++ queries/aws_glue_connection_1.yaml | 2 +- queries/aws_glue_connection_1.yaml.bak | 26 ++++++ queries/aws_glue_connection_2.yaml | 2 +- queries/aws_glue_connection_2.yaml.bak | 28 +++++++ queries/aws_glue_connection_3.yaml | 2 +- queries/aws_glue_connection_3.yaml.bak | 29 +++++++ queries/aws_glue_connection_3.yaml.bak.bak | 29 +++++++ queries/aws_glue_connection_4.yaml | 2 +- queries/aws_glue_connection_4.yaml.bak | 31 +++++++ queries/aws_glue_crawler_1.yaml | 2 +- queries/aws_glue_crawler_1.yaml.bak | 29 +++++++ queries/aws_glue_crawler_2.yaml | 2 +- queries/aws_glue_crawler_2.yaml.bak | 31 +++++++ ...ue_data_catalog_encryption_settings_1.yaml | 2 +- ...ata_catalog_encryption_settings_1.yaml.bak | 27 +++++++ ...ue_data_catalog_encryption_settings_2.yaml | 2 +- ...ata_catalog_encryption_settings_2.yaml.bak | 27 +++++++ ...ue_data_catalog_encryption_settings_3.yaml | 2 +- ...ata_catalog_encryption_settings_3.yaml.bak | 29 +++++++ ...ue_data_catalog_encryption_settings_4.yaml | 2 +- ...ata_catalog_encryption_settings_4.yaml.bak | 30 +++++++ ...ue_data_catalog_encryption_settings_5.yaml | 2 +- ...ata_catalog_encryption_settings_5.yaml.bak | 30 +++++++ queries/aws_glue_data_quality_ruleset_1.yaml | 2 +- .../aws_glue_data_quality_ruleset_1.yaml.bak | 30 +++++++ queries/aws_glue_data_quality_ruleset_2.yaml | 2 +- .../aws_glue_data_quality_ruleset_2.yaml.bak | 32 ++++++++ queries/aws_glue_data_quality_ruleset_3.yaml | 2 +- .../aws_glue_data_quality_ruleset_3.yaml.bak | 27 +++++++ queries/aws_glue_data_quality_ruleset_4.yaml | 2 +- .../aws_glue_data_quality_ruleset_4.yaml.bak | 33 ++++++++ queries/aws_glue_data_quality_ruleset_5.yaml | 2 +- .../aws_glue_data_quality_ruleset_5.yaml.bak | 25 ++++++ queries/aws_glue_dev_endpoint_1.yaml | 2 +- queries/aws_glue_dev_endpoint_1.yaml.bak | 31 +++++++ queries/aws_glue_dev_endpoint_2.yaml | 2 +- queries/aws_glue_dev_endpoint_2.yaml.bak | 32 ++++++++ queries/aws_glue_dev_endpoint_2.yaml.bak.bak | 32 ++++++++ queries/aws_glue_dev_endpoint_3.yaml | 2 +- queries/aws_glue_dev_endpoint_3.yaml.bak | 30 +++++++ queries/aws_glue_dev_endpoint_4.yaml | 2 +- queries/aws_glue_dev_endpoint_4.yaml.bak | 30 +++++++ queries/aws_glue_dev_endpoint_5.yaml | 2 +- queries/aws_glue_dev_endpoint_5.yaml.bak | 36 +++++++++ queries/aws_glue_dev_endpoint_6.yaml | 2 +- queries/aws_glue_dev_endpoint_6.yaml.bak | 34 ++++++++ queries/aws_glue_job_1.yaml | 2 +- queries/aws_glue_job_1.yaml.bak | 30 +++++++ queries/aws_glue_job_10.yaml | 2 +- queries/aws_glue_job_10.yaml.bak | 29 +++++++ queries/aws_glue_job_10.yaml.bak.bak | 29 +++++++ queries/aws_glue_job_2.yaml | 2 +- queries/aws_glue_job_2.yaml.bak | 29 +++++++ queries/aws_glue_job_3.yaml | 2 +- queries/aws_glue_job_3.yaml.bak | 31 +++++++ queries/aws_glue_job_4.yaml | 2 +- queries/aws_glue_job_4.yaml.bak | 32 ++++++++ queries/aws_glue_job_5.yaml | 2 +- queries/aws_glue_job_5.yaml.bak | 34 ++++++++ queries/aws_glue_job_6.yaml | 2 +- queries/aws_glue_job_6.yaml.bak | 33 ++++++++ queries/aws_glue_job_7.yaml | 2 +- queries/aws_glue_job_7.yaml.bak | 28 +++++++ queries/aws_glue_job_8.yaml | 2 +- queries/aws_glue_job_8.yaml.bak | 30 +++++++ queries/aws_glue_job_9.yaml | 2 +- queries/aws_glue_job_9.yaml.bak | 29 +++++++ .../aws_glue_security_configuration_1.yaml | 2 +- ...aws_glue_security_configuration_1.yaml.bak | 30 +++++++ .../aws_glue_security_configuration_2.yaml | 2 +- ...aws_glue_security_configuration_2.yaml.bak | 28 +++++++ .../aws_glue_security_configuration_3.yaml | 2 +- ...aws_glue_security_configuration_3.yaml.bak | 28 +++++++ .../aws_glue_security_configuration_4.yaml | 2 +- ...aws_glue_security_configuration_4.yaml.bak | 29 +++++++ queries/aws_guardduty_detector_1.yaml | 2 +- queries/aws_guardduty_detector_1.yaml.bak | 26 ++++++ queries/aws_guardduty_detector_2.yaml | 2 +- queries/aws_guardduty_detector_2.yaml.bak | 26 ++++++ queries/aws_guardduty_detector_3.yaml | 2 +- queries/aws_guardduty_detector_3.yaml.bak | 28 +++++++ queries/aws_guardduty_detector_4.yaml | 2 +- queries/aws_guardduty_detector_4.yaml.bak | 26 ++++++ queries/aws_guardduty_filter_1.yaml | 2 +- queries/aws_guardduty_filter_1.yaml.bak | 27 +++++++ queries/aws_guardduty_filter_2.yaml | 2 +- queries/aws_guardduty_filter_2.yaml.bak | 29 +++++++ queries/aws_guardduty_filter_3.yaml | 2 +- queries/aws_guardduty_filter_3.yaml.bak | 30 +++++++ queries/aws_guardduty_filter_4.yaml | 2 +- queries/aws_guardduty_filter_4.yaml.bak | 25 ++++++ queries/aws_guardduty_filter_5.yaml | 2 +- queries/aws_guardduty_filter_5.yaml.bak | 29 +++++++ queries/aws_guardduty_finding_1.yaml | 2 +- queries/aws_guardduty_finding_1.yaml.bak | 27 +++++++ queries/aws_guardduty_finding_2.yaml | 2 +- queries/aws_guardduty_finding_2.yaml.bak | 29 +++++++ queries/aws_guardduty_ipset_1.yaml | 2 +- queries/aws_guardduty_ipset_1.yaml.bak | 28 +++++++ queries/aws_guardduty_ipset_2.yaml | 2 +- queries/aws_guardduty_ipset_2.yaml.bak | 28 +++++++ queries/aws_guardduty_member_1.yaml | 2 +- queries/aws_guardduty_member_1.yaml.bak | 27 +++++++ queries/aws_guardduty_member_2.yaml | 2 +- queries/aws_guardduty_member_2.yaml.bak | 27 +++++++ queries/aws_guardduty_member_3.yaml | 2 +- queries/aws_guardduty_member_3.yaml.bak | 29 +++++++ queries/aws_guardduty_member_4.yaml | 2 +- queries/aws_guardduty_member_4.yaml.bak | 31 +++++++ queries/aws_guardduty_member_4.yaml.bak.bak | 31 +++++++ ...ws_guardduty_publishing_destination_1.yaml | 2 +- ...uardduty_publishing_destination_1.yaml.bak | 28 +++++++ ...duty_publishing_destination_1.yaml.bak.bak | 28 +++++++ ...ws_guardduty_publishing_destination_2.yaml | 2 +- ...uardduty_publishing_destination_2.yaml.bak | 28 +++++++ ...ws_guardduty_publishing_destination_3.yaml | 2 +- ...uardduty_publishing_destination_3.yaml.bak | 31 +++++++ ...ws_guardduty_publishing_destination_4.yaml | 2 +- ...uardduty_publishing_destination_4.yaml.bak | 27 +++++++ ...ws_guardduty_publishing_destination_5.yaml | 2 +- ...uardduty_publishing_destination_5.yaml.bak | 34 ++++++++ ...ws_guardduty_publishing_destination_6.yaml | 2 +- ...uardduty_publishing_destination_6.yaml.bak | 35 ++++++++ queries/aws_guardduty_threat_intel_set_1.yaml | 2 +- .../aws_guardduty_threat_intel_set_1.yaml.bak | 30 +++++++ queries/aws_guardduty_threat_intel_set_2.yaml | 2 +- .../aws_guardduty_threat_intel_set_2.yaml.bak | 27 +++++++ queries/aws_health_affected_entity_1.yaml | 2 +- queries/aws_health_affected_entity_1.yaml.bak | 29 +++++++ queries/aws_health_affected_entity_2.yaml | 2 +- queries/aws_health_affected_entity_2.yaml.bak | 31 +++++++ queries/aws_health_affected_entity_3.yaml | 2 +- queries/aws_health_affected_entity_3.yaml.bak | 30 +++++++ queries/aws_health_event_1.yaml | 2 +- queries/aws_health_event_1.yaml.bak | 32 ++++++++ queries/aws_health_event_2.yaml | 2 +- queries/aws_health_event_2.yaml.bak | 25 ++++++ queries/aws_health_event_3.yaml | 2 +- queries/aws_health_event_3.yaml.bak | 31 +++++++ queries/aws_health_event_4.yaml | 2 +- queries/aws_health_event_4.yaml.bak | 32 ++++++++ queries/aws_iam_access_advisor_1.yaml | 2 +- queries/aws_iam_access_advisor_1.yaml.bak | 32 ++++++++ queries/aws_iam_access_advisor_2.yaml | 2 +- queries/aws_iam_access_advisor_2.yaml.bak | 28 +++++++ queries/aws_iam_access_advisor_2.yaml.bak.bak | 28 +++++++ queries/aws_iam_access_advisor_3.yaml | 2 +- queries/aws_iam_access_advisor_3.yaml.bak | 34 ++++++++ queries/aws_iam_access_advisor_4.yaml | 2 +- queries/aws_iam_access_advisor_4.yaml.bak | 41 ++++++++++ queries/aws_iam_access_advisor_5.yaml | 2 +- queries/aws_iam_access_advisor_5.yaml.bak | 36 +++++++++ queries/aws_iam_access_advisor_6.yaml | 2 +- queries/aws_iam_access_advisor_6.yaml.bak | 29 +++++++ queries/aws_iam_access_key_1.yaml | 2 +- queries/aws_iam_access_key_1.yaml.bak | 26 ++++++ queries/aws_iam_access_key_2.yaml | 2 +- queries/aws_iam_access_key_2.yaml.bak | 30 +++++++ queries/aws_iam_access_key_3.yaml | 2 +- queries/aws_iam_access_key_3.yaml.bak | 27 +++++++ .../aws_iam_account_password_policy_1.yaml | 2 +- ...aws_iam_account_password_policy_1.yaml.bak | 33 ++++++++ .../aws_iam_account_password_policy_2.yaml | 2 +- ...aws_iam_account_password_policy_2.yaml.bak | 22 +++++ .../aws_iam_account_password_policy_3.yaml | 2 +- ...aws_iam_account_password_policy_3.yaml.bak | 22 +++++ .../aws_iam_account_password_policy_4.yaml | 2 +- ...aws_iam_account_password_policy_4.yaml.bak | 24 ++++++ .../aws_iam_account_password_policy_5.yaml | 2 +- ...aws_iam_account_password_policy_5.yaml.bak | 24 ++++++ .../aws_iam_account_password_policy_6.yaml | 2 +- ...aws_iam_account_password_policy_6.yaml.bak | 24 ++++++ .../aws_iam_account_password_policy_7.yaml | 2 +- ...aws_iam_account_password_policy_7.yaml.bak | 22 +++++ .../aws_iam_account_password_policy_8.yaml | 2 +- ...aws_iam_account_password_policy_8.yaml.bak | 24 ++++++ queries/aws_iam_account_summary_1.yaml | 2 +- queries/aws_iam_account_summary_1.yaml.bak | 24 ++++++ queries/aws_iam_account_summary_2.yaml | 2 +- queries/aws_iam_account_summary_2.yaml.bak | 22 +++++ queries/aws_iam_account_summary_3.yaml | 2 +- queries/aws_iam_account_summary_3.yaml.bak | 25 ++++++ queries/aws_iam_action_1.yaml | 2 +- queries/aws_iam_action_1.yaml.bak | 29 +++++++ queries/aws_iam_action_2.yaml | 2 +- queries/aws_iam_action_2.yaml.bak | 24 ++++++ queries/aws_iam_action_3.yaml | 2 +- queries/aws_iam_action_3.yaml.bak | 26 ++++++ queries/aws_iam_action_4.yaml | 2 +- queries/aws_iam_action_4.yaml.bak | 32 ++++++++ queries/aws_iam_action_5.yaml | 2 +- queries/aws_iam_action_5.yaml.bak | 40 +++++++++ queries/aws_iam_credential_report_1.yaml | 2 +- queries/aws_iam_credential_report_1.yaml.bak | 25 ++++++ queries/aws_iam_credential_report_2.yaml | 2 +- queries/aws_iam_credential_report_2.yaml.bak | 33 ++++++++ queries/aws_iam_credential_report_3.yaml | 2 +- queries/aws_iam_credential_report_3.yaml.bak | 24 ++++++ queries/aws_iam_credential_report_4.yaml | 2 +- queries/aws_iam_credential_report_4.yaml.bak | 31 +++++++ queries/aws_iam_credential_report_5.yaml | 2 +- queries/aws_iam_credential_report_5.yaml.bak | 29 +++++++ queries/aws_iam_credential_report_6.yaml | 2 +- queries/aws_iam_credential_report_6.yaml.bak | 27 +++++++ .../aws_iam_credential_report_6.yaml.bak.bak | 27 +++++++ queries/aws_iam_group_1.yaml | 2 +- queries/aws_iam_group_1.yaml.bak | 30 +++++++ queries/aws_iam_group_2.yaml | 2 +- queries/aws_iam_group_2.yaml.bak | 28 +++++++ queries/aws_iam_group_3.yaml | 2 +- queries/aws_iam_group_3.yaml.bak | 24 ++++++ queries/aws_iam_group_4.yaml | 2 +- queries/aws_iam_group_4.yaml.bak | 25 ++++++ .../aws_iam_open_id_connect_provider_1.yaml | 2 +- ...ws_iam_open_id_connect_provider_1.yaml.bak | 29 +++++++ .../aws_iam_open_id_connect_provider_2.yaml | 2 +- ...ws_iam_open_id_connect_provider_2.yaml.bak | 33 ++++++++ ...am_open_id_connect_provider_2.yaml.bak.bak | 33 ++++++++ .../aws_iam_open_id_connect_provider_3.yaml | 2 +- ...ws_iam_open_id_connect_provider_3.yaml.bak | 32 ++++++++ .../aws_iam_open_id_connect_provider_4.yaml | 2 +- ...ws_iam_open_id_connect_provider_4.yaml.bak | 29 +++++++ queries/aws_iam_policy_1.yaml | 2 +- queries/aws_iam_policy_1.yaml.bak | 27 +++++++ queries/aws_iam_policy_2.yaml | 2 +- queries/aws_iam_policy_2.yaml.bak | 28 +++++++ queries/aws_iam_policy_3.yaml | 2 +- queries/aws_iam_policy_3.yaml.bak | 28 +++++++ queries/aws_iam_policy_4.yaml | 2 +- queries/aws_iam_policy_4.yaml.bak | 30 +++++++ queries/aws_iam_policy_5.yaml | 2 +- queries/aws_iam_policy_5.yaml.bak | 32 ++++++++ queries/aws_iam_policy_6.yaml | 2 +- queries/aws_iam_policy_6.yaml.bak | 35 ++++++++ queries/aws_iam_policy_7.yaml | 2 +- queries/aws_iam_policy_7.yaml.bak | 35 ++++++++ queries/aws_iam_policy_attachment_1.yaml | 2 +- queries/aws_iam_policy_attachment_1.yaml.bak | 28 +++++++ queries/aws_iam_policy_attachment_2.yaml | 2 +- queries/aws_iam_policy_attachment_2.yaml.bak | 26 ++++++ queries/aws_iam_policy_attachment_3.yaml | 2 +- queries/aws_iam_policy_attachment_3.yaml.bak | 29 +++++++ queries/aws_iam_policy_simulator_1.yaml | 2 +- queries/aws_iam_policy_simulator_1.yaml.bak | 26 ++++++ queries/aws_iam_policy_simulator_2.yaml | 2 +- queries/aws_iam_policy_simulator_2.yaml.bak | 27 +++++++ queries/aws_iam_policy_simulator_3.yaml | 2 +- queries/aws_iam_policy_simulator_3.yaml.bak | 28 +++++++ queries/aws_iam_role_1.yaml | 2 +- queries/aws_iam_role_1.yaml.bak | 27 +++++++ queries/aws_iam_role_10.yaml | 2 +- queries/aws_iam_role_10.yaml.bak | 40 +++++++++ queries/aws_iam_role_2.yaml | 2 +- queries/aws_iam_role_2.yaml.bak | 27 +++++++ queries/aws_iam_role_3.yaml | 2 +- queries/aws_iam_role_3.yaml.bak | 27 +++++++ queries/aws_iam_role_4.yaml | 2 +- queries/aws_iam_role_4.yaml.bak | 33 ++++++++ queries/aws_iam_role_4.yaml.bak.bak | 33 ++++++++ queries/aws_iam_role_5.yaml | 2 +- queries/aws_iam_role_5.yaml.bak | 36 +++++++++ queries/aws_iam_role_6.yaml | 2 +- queries/aws_iam_role_6.yaml.bak | 40 +++++++++ queries/aws_iam_role_7.yaml | 2 +- queries/aws_iam_role_7.yaml.bak | 81 +++++++++++++++++++ queries/aws_iam_role_8.yaml | 2 +- queries/aws_iam_role_8.yaml.bak | 41 ++++++++++ queries/aws_iam_role_9.yaml | 2 +- queries/aws_iam_role_9.yaml.bak | 30 +++++++ queries/aws_iam_saml_provider_1.yaml | 2 +- queries/aws_iam_saml_provider_1.yaml.bak | 28 +++++++ queries/aws_iam_saml_provider_2.yaml | 2 +- queries/aws_iam_saml_provider_2.yaml.bak | 32 ++++++++ queries/aws_iam_saml_provider_3.yaml | 2 +- queries/aws_iam_saml_provider_3.yaml.bak | 30 +++++++ queries/aws_iam_server_certificate_1.yaml | 2 +- queries/aws_iam_server_certificate_1.yaml.bak | 26 ++++++ .../aws_iam_server_certificate_1.yaml.bak.bak | 26 ++++++ queries/aws_iam_server_certificate_2.yaml | 2 +- queries/aws_iam_server_certificate_2.yaml.bak | 26 ++++++ ...aws_iam_service_specific_credential_1.yaml | 2 +- ...iam_service_specific_credential_1.yaml.bak | 27 +++++++ ...aws_iam_service_specific_credential_2.yaml | 2 +- ...iam_service_specific_credential_2.yaml.bak | 32 ++++++++ ...service_specific_credential_2.yaml.bak.bak | 32 ++++++++ ...aws_iam_service_specific_credential_3.yaml | 2 +- ...iam_service_specific_credential_3.yaml.bak | 29 +++++++ queries/aws_iam_user_1.yaml | 2 +- queries/aws_iam_user_1.yaml.bak | 30 +++++++ queries/aws_iam_user_2.yaml | 2 +- queries/aws_iam_user_2.yaml.bak | 30 +++++++ queries/aws_iam_user_2.yaml.bak.bak | 30 +++++++ queries/aws_iam_user_3.yaml | 2 +- queries/aws_iam_user_3.yaml.bak | 30 +++++++ queries/aws_iam_user_4.yaml | 2 +- queries/aws_iam_user_4.yaml.bak | 28 +++++++ queries/aws_iam_user_5.yaml | 2 +- queries/aws_iam_user_5.yaml.bak | 28 +++++++ queries/aws_iam_user_6.yaml | 2 +- queries/aws_iam_user_6.yaml.bak | 27 +++++++ queries/aws_iam_virtual_mfa_device_1.yaml | 2 +- queries/aws_iam_virtual_mfa_device_1.yaml.bak | 26 ++++++ queries/aws_iam_virtual_mfa_device_2.yaml | 2 +- queries/aws_iam_virtual_mfa_device_2.yaml.bak | 30 +++++++ queries/aws_identitystore_group_1.yaml | 2 +- queries/aws_identitystore_group_1.yaml.bak | 26 ++++++ queries/aws_identitystore_group_2.yaml | 2 +- queries/aws_identitystore_group_2.yaml.bak | 24 ++++++ .../aws_identitystore_group_membership_1.yaml | 2 +- ..._identitystore_group_membership_1.yaml.bak | 27 +++++++ .../aws_identitystore_group_membership_2.yaml | 2 +- ..._identitystore_group_membership_2.yaml.bak | 30 +++++++ .../aws_identitystore_group_membership_3.yaml | 2 +- ..._identitystore_group_membership_3.yaml.bak | 30 +++++++ queries/aws_identitystore_user_1.yaml | 2 +- queries/aws_identitystore_user_1.yaml.bak | 26 ++++++ queries/aws_identitystore_user_2.yaml | 2 +- queries/aws_identitystore_user_2.yaml.bak | 28 +++++++ queries/aws_inspector2_coverage_1.yaml | 2 +- queries/aws_inspector2_coverage_1.yaml.bak | 27 +++++++ queries/aws_inspector2_coverage_2.yaml | 2 +- queries/aws_inspector2_coverage_2.yaml.bak | 29 +++++++ queries/aws_inspector2_coverage_3.yaml | 2 +- queries/aws_inspector2_coverage_3.yaml.bak | 31 +++++++ .../aws_inspector2_coverage_3.yaml.bak.bak | 31 +++++++ queries/aws_inspector2_coverage_4.yaml | 2 +- queries/aws_inspector2_coverage_4.yaml.bak | 32 ++++++++ queries/aws_inspector2_coverage_5.yaml | 2 +- queries/aws_inspector2_coverage_5.yaml.bak | 30 +++++++ queries/aws_inspector2_coverage_6.yaml | 2 +- queries/aws_inspector2_coverage_6.yaml.bak | 27 +++++++ queries/aws_inspector2_coverage_7.yaml | 2 +- queries/aws_inspector2_coverage_7.yaml.bak | 34 ++++++++ queries/aws_inspector2_coverage_8.yaml | 2 +- queries/aws_inspector2_coverage_8.yaml.bak | 35 ++++++++ queries/aws_inspector2_coverage_9.yaml | 2 +- queries/aws_inspector2_coverage_9.yaml.bak | 35 ++++++++ .../aws_inspector2_coverage_statistics_1.yaml | 2 +- ..._inspector2_coverage_statistics_1.yaml.bak | 23 ++++++ .../aws_inspector2_coverage_statistics_2.yaml | 2 +- ..._inspector2_coverage_statistics_2.yaml.bak | 24 ++++++ ...pector2_coverage_statistics_2.yaml.bak.bak | 24 ++++++ queries/aws_inspector2_finding_1.yaml | 2 +- queries/aws_inspector2_finding_1.yaml.bak | 29 +++++++ queries/aws_inspector2_finding_10.yaml | 2 +- queries/aws_inspector2_finding_10.yaml.bak | 32 ++++++++ queries/aws_inspector2_finding_11.yaml | 2 +- queries/aws_inspector2_finding_11.yaml.bak | 32 ++++++++ queries/aws_inspector2_finding_12.yaml | 2 +- queries/aws_inspector2_finding_12.yaml.bak | 32 ++++++++ queries/aws_inspector2_finding_13.yaml | 2 +- queries/aws_inspector2_finding_13.yaml.bak | 28 +++++++ .../aws_inspector2_finding_13.yaml.bak.bak | 28 +++++++ queries/aws_inspector2_finding_14.yaml | 2 +- queries/aws_inspector2_finding_14.yaml.bak | 31 +++++++ queries/aws_inspector2_finding_15.yaml | 2 +- queries/aws_inspector2_finding_15.yaml.bak | 31 +++++++ queries/aws_inspector2_finding_2.yaml | 2 +- queries/aws_inspector2_finding_2.yaml.bak | 32 ++++++++ queries/aws_inspector2_finding_3.yaml | 2 +- queries/aws_inspector2_finding_3.yaml.bak | 29 +++++++ queries/aws_inspector2_finding_4.yaml | 2 +- queries/aws_inspector2_finding_4.yaml.bak | 30 +++++++ queries/aws_inspector2_finding_5.yaml | 2 +- queries/aws_inspector2_finding_5.yaml.bak | 30 +++++++ queries/aws_inspector2_finding_6.yaml | 2 +- queries/aws_inspector2_finding_6.yaml.bak | 32 ++++++++ queries/aws_inspector2_finding_6.yaml.bak.bak | 32 ++++++++ queries/aws_inspector2_finding_7.yaml | 2 +- queries/aws_inspector2_finding_7.yaml.bak | 30 +++++++ queries/aws_inspector2_finding_8.yaml | 2 +- queries/aws_inspector2_finding_8.yaml.bak | 37 +++++++++ queries/aws_inspector2_finding_9.yaml | 2 +- queries/aws_inspector2_finding_9.yaml.bak | 32 ++++++++ queries/aws_inspector2_member_1.yaml | 2 +- queries/aws_inspector2_member_1.yaml.bak | 25 ++++++ queries/aws_inspector2_member_2.yaml | 2 +- queries/aws_inspector2_member_2.yaml.bak | 29 +++++++ queries/aws_inspector2_member_2.yaml.bak.bak | 29 +++++++ queries/aws_inspector2_member_3.yaml | 2 +- queries/aws_inspector2_member_3.yaml.bak | 28 +++++++ queries/aws_inspector_assessment_run_1.yaml | 2 +- .../aws_inspector_assessment_run_1.yaml.bak | 27 +++++++ queries/aws_inspector_assessment_run_2.yaml | 2 +- .../aws_inspector_assessment_run_2.yaml.bak | 29 +++++++ queries/aws_inspector_assessment_run_3.yaml | 2 +- .../aws_inspector_assessment_run_3.yaml.bak | 31 +++++++ queries/aws_inspector_assessment_run_4.yaml | 2 +- .../aws_inspector_assessment_run_4.yaml.bak | 31 +++++++ queries/aws_inspector_assessment_run_5.yaml | 2 +- .../aws_inspector_assessment_run_5.yaml.bak | 25 ++++++ queries/aws_inspector_assessment_run_6.yaml | 2 +- .../aws_inspector_assessment_run_6.yaml.bak | 31 +++++++ ...ws_inspector_assessment_run_6.yaml.bak.bak | 31 +++++++ .../aws_inspector_assessment_target_1.yaml | 2 +- ...aws_inspector_assessment_target_1.yaml.bak | 29 +++++++ .../aws_inspector_assessment_target_2.yaml | 2 +- ...aws_inspector_assessment_target_2.yaml.bak | 31 +++++++ ...inspector_assessment_target_2.yaml.bak.bak | 31 +++++++ .../aws_inspector_assessment_target_3.yaml | 2 +- ...aws_inspector_assessment_target_3.yaml.bak | 31 +++++++ .../aws_inspector_assessment_template_1.yaml | 2 +- ...s_inspector_assessment_template_1.yaml.bak | 29 +++++++ .../aws_inspector_assessment_template_2.yaml | 2 +- ...s_inspector_assessment_template_2.yaml.bak | 32 ++++++++ .../aws_inspector_assessment_template_3.yaml | 2 +- ...s_inspector_assessment_template_3.yaml.bak | 30 +++++++ .../aws_inspector_assessment_template_4.yaml | 2 +- ...s_inspector_assessment_template_4.yaml.bak | 30 +++++++ .../aws_inspector_assessment_template_5.yaml | 2 +- ...s_inspector_assessment_template_5.yaml.bak | 30 +++++++ .../aws_inspector_assessment_template_6.yaml | 2 +- ...s_inspector_assessment_template_6.yaml.bak | 32 ++++++++ queries/aws_inspector_exclusion_1.yaml | 2 +- queries/aws_inspector_exclusion_1.yaml.bak | 28 +++++++ .../aws_inspector_exclusion_1.yaml.bak.bak | 28 +++++++ queries/aws_inspector_exclusion_2.yaml | 2 +- queries/aws_inspector_exclusion_2.yaml.bak | 30 +++++++ queries/aws_inspector_exclusion_3.yaml | 2 +- queries/aws_inspector_exclusion_3.yaml.bak | 24 ++++++ queries/aws_inspector_exclusion_4.yaml | 2 +- queries/aws_inspector_exclusion_4.yaml.bak | 31 +++++++ queries/aws_inspector_exclusion_5.yaml | 2 +- queries/aws_inspector_exclusion_5.yaml.bak | 31 +++++++ queries/aws_inspector_finding_1.yaml | 2 +- queries/aws_inspector_finding_1.yaml.bak | 29 +++++++ queries/aws_inspector_finding_10.yaml | 2 +- queries/aws_inspector_finding_10.yaml.bak | 31 +++++++ queries/aws_inspector_finding_2.yaml | 2 +- queries/aws_inspector_finding_2.yaml.bak | 31 +++++++ queries/aws_inspector_finding_3.yaml | 2 +- queries/aws_inspector_finding_3.yaml.bak | 27 +++++++ queries/aws_inspector_finding_4.yaml | 2 +- queries/aws_inspector_finding_4.yaml.bak | 27 +++++++ queries/aws_inspector_finding_5.yaml | 2 +- queries/aws_inspector_finding_5.yaml.bak | 26 ++++++ queries/aws_inspector_finding_5.yaml.bak.bak | 26 ++++++ queries/aws_inspector_finding_6.yaml | 2 +- queries/aws_inspector_finding_6.yaml.bak | 29 +++++++ queries/aws_inspector_finding_7.yaml | 2 +- queries/aws_inspector_finding_7.yaml.bak | 37 +++++++++ queries/aws_inspector_finding_8.yaml | 2 +- queries/aws_inspector_finding_8.yaml.bak | 26 ++++++ queries/aws_inspector_finding_9.yaml | 2 +- queries/aws_inspector_finding_9.yaml.bak | 31 +++++++ queries/aws_iot_fleet_metric_1.yaml | 2 +- queries/aws_iot_fleet_metric_1.yaml.bak | 28 +++++++ queries/aws_iot_fleet_metric_1.yaml.bak.bak | 28 +++++++ queries/aws_iot_fleet_metric_2.yaml | 2 +- queries/aws_iot_fleet_metric_2.yaml.bak | 28 +++++++ queries/aws_iot_fleet_metric_3.yaml | 2 +- queries/aws_iot_fleet_metric_3.yaml.bak | 31 +++++++ queries/aws_iot_thing_1.yaml | 2 +- queries/aws_iot_thing_1.yaml.bak | 26 ++++++ queries/aws_iot_thing_2.yaml | 2 +- queries/aws_iot_thing_2.yaml.bak | 28 +++++++ queries/aws_iot_thing_3.yaml | 2 +- queries/aws_iot_thing_3.yaml.bak | 28 +++++++ queries/aws_iot_thing_group_1.yaml | 2 +- queries/aws_iot_thing_group_1.yaml.bak | 29 +++++++ queries/aws_iot_thing_group_2.yaml | 2 +- queries/aws_iot_thing_group_2.yaml.bak | 28 +++++++ queries/aws_iot_thing_group_3.yaml | 2 +- queries/aws_iot_thing_group_3.yaml.bak | 30 +++++++ queries/aws_iot_thing_group_3.yaml.bak.bak | 30 +++++++ queries/aws_iot_thing_group_4.yaml | 2 +- queries/aws_iot_thing_group_4.yaml.bak | 30 +++++++ queries/aws_iot_thing_type_1.yaml | 2 +- queries/aws_iot_thing_type_1.yaml.bak | 26 ++++++ queries/aws_iot_thing_type_2.yaml | 2 +- queries/aws_iot_thing_type_2.yaml.bak | 31 +++++++ queries/aws_iot_thing_type_3.yaml | 2 +- queries/aws_iot_thing_type_3.yaml.bak | 30 +++++++ queries/aws_iot_thing_type_4.yaml | 2 +- queries/aws_iot_thing_type_4.yaml.bak | 31 +++++++ queries/aws_kinesis_consumer_1.yaml | 2 +- queries/aws_kinesis_consumer_1.yaml.bak | 25 ++++++ queries/aws_kinesis_consumer_2.yaml | 2 +- queries/aws_kinesis_consumer_2.yaml.bak | 28 +++++++ ...ws_kinesis_firehose_delivery_stream_1.yaml | 2 +- ...inesis_firehose_delivery_stream_1.yaml.bak | 25 ++++++ ...ws_kinesis_firehose_delivery_stream_2.yaml | 2 +- ...inesis_firehose_delivery_stream_2.yaml.bak | 30 +++++++ ...ws_kinesis_firehose_delivery_stream_3.yaml | 2 +- ...inesis_firehose_delivery_stream_3.yaml.bak | 31 +++++++ ...ws_kinesis_firehose_delivery_stream_4.yaml | 2 +- ...inesis_firehose_delivery_stream_4.yaml.bak | 30 +++++++ ...ws_kinesis_firehose_delivery_stream_5.yaml | 2 +- ...inesis_firehose_delivery_stream_5.yaml.bak | 30 +++++++ ...is_firehose_delivery_stream_5.yaml.bak.bak | 30 +++++++ queries/aws_kinesis_stream_1.yaml | 2 +- queries/aws_kinesis_stream_1.yaml.bak | 29 +++++++ queries/aws_kinesis_stream_2.yaml | 2 +- queries/aws_kinesis_stream_2.yaml.bak | 31 +++++++ queries/aws_kinesis_stream_3.yaml | 2 +- queries/aws_kinesis_stream_3.yaml.bak | 29 +++++++ queries/aws_kinesis_stream_4.yaml | 2 +- queries/aws_kinesis_stream_4.yaml.bak | 29 +++++++ queries/aws_kinesis_stream_5.yaml | 2 +- queries/aws_kinesis_stream_5.yaml.bak | 32 ++++++++ queries/aws_kinesis_video_stream_1.yaml | 2 +- queries/aws_kinesis_video_stream_1.yaml.bak | 28 +++++++ queries/aws_kinesis_video_stream_2.yaml | 2 +- queries/aws_kinesis_video_stream_2.yaml.bak | 28 +++++++ queries/aws_kinesis_video_stream_3.yaml | 2 +- queries/aws_kinesis_video_stream_3.yaml.bak | 31 +++++++ queries/aws_kinesis_video_stream_4.yaml | 2 +- queries/aws_kinesis_video_stream_4.yaml.bak | 31 +++++++ .../aws_kinesisanalyticsv2_application_1.yaml | 2 +- ..._kinesisanalyticsv2_application_1.yaml.bak | 30 +++++++ .../aws_kinesisanalyticsv2_application_2.yaml | 2 +- ..._kinesisanalyticsv2_application_2.yaml.bak | 29 +++++++ .../aws_kinesisanalyticsv2_application_3.yaml | 2 +- ..._kinesisanalyticsv2_application_3.yaml.bak | 29 +++++++ queries/aws_kms_alias_1.yaml | 2 +- queries/aws_kms_alias_1.yaml.bak | 28 +++++++ queries/aws_kms_alias_2.yaml | 2 +- queries/aws_kms_alias_2.yaml.bak | 30 +++++++ queries/aws_kms_alias_3.yaml | 2 +- queries/aws_kms_alias_3.yaml.bak | 32 ++++++++ queries/aws_kms_alias_3.yaml.bak.bak | 32 ++++++++ queries/aws_kms_alias_4.yaml | 2 +- queries/aws_kms_alias_4.yaml.bak | 29 +++++++ queries/aws_kms_key_1.yaml | 2 +- queries/aws_kms_key_1.yaml.bak | 28 +++++++ queries/aws_kms_key_2.yaml | 2 +- queries/aws_kms_key_2.yaml.bak | 27 +++++++ queries/aws_kms_key_3.yaml | 2 +- queries/aws_kms_key_3.yaml.bak | 28 +++++++ queries/aws_kms_key_4.yaml | 2 +- queries/aws_kms_key_4.yaml.bak | 27 +++++++ queries/aws_kms_key_5.yaml | 2 +- queries/aws_kms_key_5.yaml.bak | 27 +++++++ queries/aws_kms_key_rotation_1.yaml | 2 +- queries/aws_kms_key_rotation_1.yaml.bak | 27 +++++++ queries/aws_kms_key_rotation_2.yaml | 2 +- queries/aws_kms_key_rotation_2.yaml.bak | 28 +++++++ queries/aws_kms_key_rotation_3.yaml | 2 +- queries/aws_kms_key_rotation_3.yaml.bak | 32 ++++++++ queries/aws_kms_key_rotation_3.yaml.bak.bak | 32 ++++++++ queries/aws_kms_key_rotation_4.yaml | 2 +- queries/aws_kms_key_rotation_4.yaml.bak | 29 +++++++ queries/aws_lambda_alias_1.yaml | 2 +- queries/aws_lambda_alias_1.yaml.bak | 24 ++++++ queries/aws_lambda_alias_2.yaml | 2 +- queries/aws_lambda_alias_2.yaml.bak | 25 ++++++ queries/aws_lambda_alias_3.yaml | 2 +- queries/aws_lambda_alias_3.yaml.bak | 25 ++++++ queries/aws_lambda_alias_4.yaml | 2 +- queries/aws_lambda_alias_4.yaml.bak | 26 ++++++ queries/aws_lambda_alias_4.yaml.bak.bak | 26 ++++++ .../aws_lambda_event_source_mapping_1.yaml | 2 +- ...aws_lambda_event_source_mapping_1.yaml.bak | 28 +++++++ .../aws_lambda_event_source_mapping_2.yaml | 2 +- ...aws_lambda_event_source_mapping_2.yaml.bak | 27 +++++++ .../aws_lambda_event_source_mapping_3.yaml | 2 +- ...aws_lambda_event_source_mapping_3.yaml.bak | 23 ++++++ .../aws_lambda_event_source_mapping_4.yaml | 2 +- ...aws_lambda_event_source_mapping_4.yaml.bak | 26 ++++++ .../aws_lambda_event_source_mapping_5.yaml | 2 +- ...aws_lambda_event_source_mapping_5.yaml.bak | 24 ++++++ .../aws_lambda_event_source_mapping_6.yaml | 2 +- ...aws_lambda_event_source_mapping_6.yaml.bak | 27 +++++++ .../aws_lambda_event_source_mapping_7.yaml | 2 +- ...aws_lambda_event_source_mapping_7.yaml.bak | 29 +++++++ .../aws_lambda_event_source_mapping_8.yaml | 2 +- ...aws_lambda_event_source_mapping_8.yaml.bak | 29 +++++++ queries/aws_lambda_function_1.yaml | 2 +- queries/aws_lambda_function_1.yaml.bak | 27 +++++++ queries/aws_lambda_function_1.yaml.bak.bak | 27 +++++++ queries/aws_lambda_function_10.yaml | 2 +- queries/aws_lambda_function_10.yaml.bak | 26 ++++++ queries/aws_lambda_function_2.yaml | 2 +- queries/aws_lambda_function_2.yaml.bak | 25 ++++++ queries/aws_lambda_function_3.yaml | 2 +- queries/aws_lambda_function_3.yaml.bak | 27 +++++++ queries/aws_lambda_function_4.yaml | 2 +- queries/aws_lambda_function_4.yaml.bak | 32 ++++++++ queries/aws_lambda_function_5.yaml | 2 +- queries/aws_lambda_function_5.yaml.bak | 33 ++++++++ queries/aws_lambda_function_6.yaml | 2 +- queries/aws_lambda_function_6.yaml.bak | 40 +++++++++ queries/aws_lambda_function_7.yaml | 2 +- queries/aws_lambda_function_7.yaml.bak | 25 ++++++ queries/aws_lambda_function_8.yaml | 2 +- queries/aws_lambda_function_8.yaml.bak | 25 ++++++ queries/aws_lambda_function_9.yaml | 2 +- queries/aws_lambda_function_9.yaml.bak | 26 ++++++ ...mbda_function_metric_duration_daily_1.yaml | 2 +- ..._function_metric_duration_daily_1.yaml.bak | 30 +++++++ ...mbda_function_metric_duration_daily_2.yaml | 2 +- ..._function_metric_duration_daily_2.yaml.bak | 31 +++++++ ...mbda_function_metric_duration_daily_3.yaml | 2 +- ..._function_metric_duration_daily_3.yaml.bak | 31 +++++++ ...lambda_function_metric_errors_daily_1.yaml | 2 +- ...da_function_metric_errors_daily_1.yaml.bak | 30 +++++++ ...lambda_function_metric_errors_daily_2.yaml | 2 +- ...da_function_metric_errors_daily_2.yaml.bak | 31 +++++++ ...a_function_metric_invocations_daily_1.yaml | 2 +- ...nction_metric_invocations_daily_1.yaml.bak | 27 +++++++ ...on_metric_invocations_daily_1.yaml.bak.bak | 27 +++++++ ...a_function_metric_invocations_daily_2.yaml | 2 +- ...nction_metric_invocations_daily_2.yaml.bak | 31 +++++++ queries/aws_lambda_layer_1.yaml | 2 +- queries/aws_lambda_layer_1.yaml.bak | 30 +++++++ queries/aws_lambda_layer_1.yaml.bak.bak | 30 +++++++ queries/aws_lambda_layer_version_1.yaml | 2 +- queries/aws_lambda_layer_version_1.yaml.bak | 28 +++++++ queries/aws_lambda_version_1.yaml | 2 +- queries/aws_lambda_version_1.yaml.bak | 27 +++++++ queries/aws_lambda_version_1.yaml.bak.bak | 27 +++++++ queries/aws_lambda_version_2.yaml | 2 +- queries/aws_lambda_version_2.yaml.bak | 26 ++++++ queries/aws_lambda_version_3.yaml | 2 +- queries/aws_lambda_version_3.yaml.bak | 26 ++++++ queries/aws_lambda_version_4.yaml | 2 +- queries/aws_lambda_version_4.yaml.bak | 25 ++++++ queries/aws_lightsail_bucket_1.yaml | 2 +- queries/aws_lightsail_bucket_1.yaml.bak | 25 ++++++ queries/aws_lightsail_bucket_2.yaml | 2 +- queries/aws_lightsail_bucket_2.yaml.bak | 27 +++++++ queries/aws_lightsail_bucket_2.yaml.bak.bak | 27 +++++++ queries/aws_lightsail_bucket_3.yaml | 2 +- queries/aws_lightsail_bucket_3.yaml.bak | 26 ++++++ queries/aws_lightsail_bucket_4.yaml | 2 +- queries/aws_lightsail_bucket_4.yaml.bak | 25 ++++++ queries/aws_lightsail_bucket_5.yaml | 2 +- queries/aws_lightsail_bucket_5.yaml.bak | 25 ++++++ queries/aws_lightsail_bucket_6.yaml | 2 +- queries/aws_lightsail_bucket_6.yaml.bak | 25 ++++++ queries/aws_lightsail_bucket_7.yaml | 2 +- queries/aws_lightsail_bucket_7.yaml.bak | 27 +++++++ queries/aws_lightsail_instance_1.yaml | 2 +- queries/aws_lightsail_instance_1.yaml.bak | 29 +++++++ queries/aws_lightsail_instance_2.yaml | 2 +- queries/aws_lightsail_instance_2.yaml.bak | 28 +++++++ queries/aws_lightsail_instance_3.yaml | 2 +- queries/aws_lightsail_instance_3.yaml.bak | 29 +++++++ queries/aws_lightsail_instance_4.yaml | 2 +- queries/aws_lightsail_instance_4.yaml.bak | 25 ++++++ queries/aws_lightsail_instance_5.yaml | 2 +- queries/aws_lightsail_instance_5.yaml.bak | 24 ++++++ queries/aws_macie2_classification_job_1.yaml | 2 +- .../aws_macie2_classification_job_1.yaml.bak | 26 ++++++ queries/aws_macie2_classification_job_2.yaml | 2 +- .../aws_macie2_classification_job_2.yaml.bak | 27 +++++++ queries/aws_macie2_classification_job_3.yaml | 2 +- .../aws_macie2_classification_job_3.yaml.bak | 28 +++++++ queries/aws_macie2_classification_job_4.yaml | 2 +- .../aws_macie2_classification_job_4.yaml.bak | 25 ++++++ queries/aws_media_store_container_1.yaml | 2 +- queries/aws_media_store_container_1.yaml.bak | 29 +++++++ queries/aws_media_store_container_2.yaml | 2 +- queries/aws_media_store_container_2.yaml.bak | 29 +++++++ queries/aws_media_store_container_3.yaml | 2 +- queries/aws_media_store_container_3.yaml.bak | 24 ++++++ queries/aws_media_store_container_4.yaml | 2 +- queries/aws_media_store_container_4.yaml.bak | 28 +++++++ queries/aws_memorydb_cluster_1.yaml | 2 +- queries/aws_memorydb_cluster_1.yaml.bak | 29 +++++++ queries/aws_memorydb_cluster_2.yaml | 2 +- queries/aws_memorydb_cluster_2.yaml.bak | 28 +++++++ queries/aws_memorydb_cluster_2.yaml.bak.bak | 28 +++++++ queries/aws_memorydb_cluster_3.yaml | 2 +- queries/aws_memorydb_cluster_3.yaml.bak | 26 ++++++ queries/aws_memorydb_cluster_4.yaml | 2 +- queries/aws_memorydb_cluster_4.yaml.bak | 26 ++++++ queries/aws_memorydb_cluster_5.yaml | 2 +- queries/aws_memorydb_cluster_5.yaml.bak | 26 ++++++ queries/aws_memorydb_cluster_6.yaml | 2 +- queries/aws_memorydb_cluster_6.yaml.bak | 28 +++++++ queries/aws_memorydb_cluster_7.yaml | 2 +- queries/aws_memorydb_cluster_7.yaml.bak | 25 ++++++ queries/aws_memorydb_cluster_8.yaml | 2 +- queries/aws_memorydb_cluster_8.yaml.bak | 28 +++++++ queries/aws_memorydb_cluster_9.yaml | 2 +- queries/aws_memorydb_cluster_9.yaml.bak | 27 +++++++ queries/aws_mgn_application_1.yaml | 2 +- queries/aws_mgn_application_1.yaml.bak | 28 +++++++ queries/aws_mgn_application_1.yaml.bak.bak | 28 +++++++ queries/aws_mgn_application_2.yaml | 2 +- queries/aws_mgn_application_2.yaml.bak | 30 +++++++ queries/aws_mgn_application_3.yaml | 2 +- queries/aws_mgn_application_3.yaml.bak | 28 +++++++ queries/aws_mgn_application_4.yaml | 2 +- queries/aws_mgn_application_4.yaml.bak | 30 +++++++ queries/aws_mq_broker_1.yaml | 2 +- queries/aws_mq_broker_1.yaml.bak | 32 ++++++++ queries/aws_mq_broker_2.yaml | 2 +- queries/aws_mq_broker_2.yaml.bak | 31 +++++++ queries/aws_mq_broker_3.yaml | 2 +- queries/aws_mq_broker_3.yaml.bak | 27 +++++++ queries/aws_mq_broker_4.yaml | 2 +- queries/aws_mq_broker_4.yaml.bak | 27 +++++++ queries/aws_mq_broker_5.yaml | 2 +- queries/aws_mq_broker_5.yaml.bak | 26 ++++++ queries/aws_msk_cluster_1.yaml | 2 +- queries/aws_msk_cluster_1.yaml.bak | 29 +++++++ queries/aws_msk_cluster_2.yaml | 2 +- queries/aws_msk_cluster_2.yaml.bak | 27 +++++++ queries/aws_msk_cluster_2.yaml.bak.bak | 27 +++++++ queries/aws_msk_cluster_3.yaml | 2 +- queries/aws_msk_cluster_3.yaml.bak | 29 +++++++ queries/aws_msk_cluster_4.yaml | 2 +- queries/aws_msk_cluster_4.yaml.bak | 29 +++++++ queries/aws_msk_cluster_5.yaml | 2 +- queries/aws_msk_cluster_5.yaml.bak | 27 +++++++ queries/aws_msk_cluster_6.yaml | 2 +- queries/aws_msk_cluster_6.yaml.bak | 27 +++++++ queries/aws_msk_cluster_7.yaml | 2 +- queries/aws_msk_cluster_7.yaml.bak | 22 +++++ queries/aws_msk_serverless_cluster_1.yaml | 2 +- queries/aws_msk_serverless_cluster_1.yaml.bak | 31 +++++++ queries/aws_msk_serverless_cluster_2.yaml | 2 +- queries/aws_msk_serverless_cluster_2.yaml.bak | 27 +++++++ queries/aws_msk_serverless_cluster_3.yaml | 2 +- queries/aws_msk_serverless_cluster_3.yaml.bak | 31 +++++++ queries/aws_msk_serverless_cluster_4.yaml | 2 +- queries/aws_msk_serverless_cluster_4.yaml.bak | 29 +++++++ queries/aws_msk_serverless_cluster_5.yaml | 2 +- queries/aws_msk_serverless_cluster_5.yaml.bak | 29 +++++++ queries/aws_neptune_db_cluster_1.yaml | 2 +- queries/aws_neptune_db_cluster_1.yaml.bak | 28 +++++++ queries/aws_neptune_db_cluster_2.yaml | 2 +- queries/aws_neptune_db_cluster_2.yaml.bak | 25 ++++++ queries/aws_neptune_db_cluster_3.yaml | 2 +- queries/aws_neptune_db_cluster_3.yaml.bak | 23 ++++++ queries/aws_neptune_db_cluster_3.yaml.bak.bak | 23 ++++++ queries/aws_neptune_db_cluster_4.yaml | 2 +- queries/aws_neptune_db_cluster_4.yaml.bak | 27 +++++++ .../aws_neptune_db_cluster_snapshot_1.yaml | 2 +- ...aws_neptune_db_cluster_snapshot_1.yaml.bak | 26 ++++++ .../aws_neptune_db_cluster_snapshot_2.yaml | 2 +- ...aws_neptune_db_cluster_snapshot_2.yaml.bak | 26 ++++++ .../aws_neptune_db_cluster_snapshot_3.yaml | 2 +- ...aws_neptune_db_cluster_snapshot_3.yaml.bak | 27 +++++++ .../aws_neptune_db_cluster_snapshot_4.yaml | 2 +- ...aws_neptune_db_cluster_snapshot_4.yaml.bak | 27 +++++++ queries/aws_networkfirewall_firewall_1.yaml | 2 +- .../aws_networkfirewall_firewall_1.yaml.bak | 32 ++++++++ queries/aws_networkfirewall_firewall_2.yaml | 2 +- .../aws_networkfirewall_firewall_2.yaml.bak | 29 +++++++ queries/aws_networkfirewall_firewall_3.yaml | 2 +- .../aws_networkfirewall_firewall_3.yaml.bak | 29 +++++++ queries/aws_networkfirewall_firewall_4.yaml | 2 +- .../aws_networkfirewall_firewall_4.yaml.bak | 29 +++++++ queries/aws_networkfirewall_firewall_5.yaml | 2 +- .../aws_networkfirewall_firewall_5.yaml.bak | 29 +++++++ queries/aws_networkfirewall_firewall_6.yaml | 2 +- .../aws_networkfirewall_firewall_6.yaml.bak | 36 +++++++++ queries/aws_networkfirewall_firewall_7.yaml | 2 +- .../aws_networkfirewall_firewall_7.yaml.bak | 32 ++++++++ queries/aws_networkfirewall_firewall_8.yaml | 2 +- .../aws_networkfirewall_firewall_8.yaml.bak | 29 +++++++ ...aws_networkfirewall_firewall_policy_1.yaml | 2 +- ...networkfirewall_firewall_policy_1.yaml.bak | 29 +++++++ ...aws_networkfirewall_firewall_policy_2.yaml | 2 +- ...networkfirewall_firewall_policy_2.yaml.bak | 28 +++++++ ...aws_networkfirewall_firewall_policy_3.yaml | 2 +- ...networkfirewall_firewall_policy_3.yaml.bak | 29 +++++++ ...aws_networkfirewall_firewall_policy_4.yaml | 2 +- ...networkfirewall_firewall_policy_4.yaml.bak | 28 +++++++ ...aws_networkfirewall_firewall_policy_5.yaml | 2 +- ...networkfirewall_firewall_policy_5.yaml.bak | 28 +++++++ ...orkfirewall_firewall_policy_5.yaml.bak.bak | 28 +++++++ ...aws_networkfirewall_firewall_policy_6.yaml | 2 +- ...networkfirewall_firewall_policy_6.yaml.bak | 26 ++++++ ...aws_networkfirewall_firewall_policy_7.yaml | 2 +- ...networkfirewall_firewall_policy_7.yaml.bak | 26 ++++++ queries/aws_networkfirewall_rule_group_1.yaml | 2 +- .../aws_networkfirewall_rule_group_1.yaml.bak | 27 +++++++ queries/aws_networkfirewall_rule_group_2.yaml | 2 +- .../aws_networkfirewall_rule_group_2.yaml.bak | 27 +++++++ queries/aws_networkfirewall_rule_group_3.yaml | 2 +- .../aws_networkfirewall_rule_group_3.yaml.bak | 30 +++++++ queries/aws_networkfirewall_rule_group_4.yaml | 2 +- .../aws_networkfirewall_rule_group_4.yaml.bak | 29 +++++++ queries/aws_networkfirewall_rule_group_5.yaml | 2 +- .../aws_networkfirewall_rule_group_5.yaml.bak | 27 +++++++ queries/aws_oam_link_1.yaml | 2 +- queries/aws_oam_link_1.yaml.bak | 28 +++++++ queries/aws_oam_link_2.yaml | 2 +- queries/aws_oam_link_2.yaml.bak | 26 ++++++ queries/aws_oam_link_3.yaml | 2 +- queries/aws_oam_link_3.yaml.bak | 29 +++++++ queries/aws_oam_sink_1.yaml | 2 +- queries/aws_oam_sink_1.yaml.bak | 28 +++++++ queries/aws_oam_sink_1.yaml.bak.bak | 28 +++++++ queries/aws_oam_sink_2.yaml | 2 +- queries/aws_oam_sink_2.yaml.bak | 28 +++++++ queries/aws_opensearch_domain_1.yaml | 2 +- queries/aws_opensearch_domain_1.yaml.bak | 26 ++++++ queries/aws_opensearch_domain_2.yaml | 2 +- queries/aws_opensearch_domain_2.yaml.bak | 29 +++++++ queries/aws_opensearch_domain_3.yaml | 2 +- queries/aws_opensearch_domain_3.yaml.bak | 30 +++++++ queries/aws_opensearch_domain_4.yaml | 2 +- queries/aws_opensearch_domain_4.yaml.bak | 32 ++++++++ queries/aws_opensearch_domain_5.yaml | 2 +- queries/aws_opensearch_domain_5.yaml.bak | 27 +++++++ queries/aws_opensearch_domain_6.yaml | 2 +- queries/aws_opensearch_domain_6.yaml.bak | 30 +++++++ queries/aws_opensearch_domain_6.yaml.bak.bak | 30 +++++++ queries/aws_opensearch_domain_7.yaml | 2 +- queries/aws_opensearch_domain_7.yaml.bak | 26 ++++++ queries/aws_opensearch_domain_8.yaml | 2 +- queries/aws_opensearch_domain_8.yaml.bak | 25 ++++++ queries/aws_organizations_account_1.yaml | 2 +- queries/aws_organizations_account_1.yaml.bak | 29 +++++++ queries/aws_organizations_account_2.yaml | 2 +- queries/aws_organizations_account_2.yaml.bak | 32 ++++++++ ...s_organizations_organizational_unit_1.yaml | 2 +- ...ganizations_organizational_unit_1.yaml.bak | 27 +++++++ ...s_organizations_organizational_unit_2.yaml | 2 +- ...ganizations_organizational_unit_2.yaml.bak | 27 +++++++ ...s_organizations_organizational_unit_3.yaml | 2 +- ...ganizations_organizational_unit_3.yaml.bak | 27 +++++++ ...s_organizations_organizational_unit_4.yaml | 2 +- ...ganizations_organizational_unit_4.yaml.bak | 27 +++++++ ...s_organizations_organizational_unit_5.yaml | 2 +- ...ganizations_organizational_unit_5.yaml.bak | 35 ++++++++ ...zations_organizational_unit_5.yaml.bak.bak | 35 ++++++++ ...s_organizations_organizational_unit_6.yaml | 2 +- ...ganizations_organizational_unit_6.yaml.bak | 27 +++++++ queries/aws_organizations_policy_1.yaml | 2 +- queries/aws_organizations_policy_1.yaml.bak | 30 +++++++ queries/aws_organizations_policy_2.yaml | 2 +- queries/aws_organizations_policy_2.yaml.bak | 31 +++++++ queries/aws_organizations_policy_3.yaml | 2 +- queries/aws_organizations_policy_3.yaml.bak | 30 +++++++ queries/aws_organizations_policy_4.yaml | 2 +- queries/aws_organizations_policy_4.yaml.bak | 29 +++++++ .../aws_organizations_policy_target_1.yaml | 2 +- ...aws_organizations_policy_target_1.yaml.bak | 31 +++++++ .../aws_organizations_policy_target_2.yaml | 2 +- ...aws_organizations_policy_target_2.yaml.bak | 32 ++++++++ .../aws_organizations_policy_target_3.yaml | 2 +- ...aws_organizations_policy_target_3.yaml.bak | 31 +++++++ .../aws_organizations_policy_target_4.yaml | 2 +- ...aws_organizations_policy_target_4.yaml.bak | 28 +++++++ ...organizations_policy_target_4.yaml.bak.bak | 28 +++++++ queries/aws_organizations_root_1.yaml | 2 +- queries/aws_organizations_root_1.yaml.bak | 24 ++++++ queries/aws_organizations_root_2.yaml | 2 +- queries/aws_organizations_root_2.yaml.bak | 28 +++++++ queries/aws_pinpoint_app_1.yaml | 2 +- queries/aws_pinpoint_app_1.yaml.bak | 27 +++++++ queries/aws_pinpoint_app_2.yaml | 2 +- queries/aws_pinpoint_app_2.yaml.bak | 24 ++++++ queries/aws_pinpoint_app_3.yaml | 2 +- queries/aws_pinpoint_app_3.yaml.bak | 25 ++++++ queries/aws_pinpoint_app_4.yaml | 2 +- queries/aws_pinpoint_app_4.yaml.bak | 27 +++++++ queries/aws_pipes_pipe_1.yaml | 2 +- queries/aws_pipes_pipe_1.yaml.bak | 26 ++++++ queries/aws_pipes_pipe_2.yaml | 2 +- queries/aws_pipes_pipe_2.yaml.bak | 31 +++++++ queries/aws_pipes_pipe_3.yaml | 2 +- queries/aws_pipes_pipe_3.yaml.bak | 34 ++++++++ queries/aws_pipes_pipe_4.yaml | 2 +- queries/aws_pipes_pipe_4.yaml.bak | 24 ++++++ queries/aws_pipes_pipe_5.yaml | 2 +- queries/aws_pipes_pipe_5.yaml.bak | 29 +++++++ queries/aws_pipes_pipe_6.yaml | 2 +- queries/aws_pipes_pipe_6.yaml.bak | 33 ++++++++ queries/aws_pipes_pipe_6.yaml.bak.bak | 33 ++++++++ queries/aws_pricing_product_1.yaml | 2 +- queries/aws_pricing_product_1.yaml.bak | 46 +++++++++++ queries/aws_pricing_product_2.yaml | 2 +- queries/aws_pricing_product_2.yaml.bak | 40 +++++++++ queries/aws_pricing_product_3.yaml | 2 +- queries/aws_pricing_product_3.yaml.bak | 40 +++++++++ queries/aws_pricing_service_attribute_1.yaml | 2 +- .../aws_pricing_service_attribute_1.yaml.bak | 24 ++++++ queries/aws_pricing_service_attribute_2.yaml | 2 +- .../aws_pricing_service_attribute_2.yaml.bak | 28 +++++++ queries/aws_pricing_service_attribute_3.yaml | 2 +- .../aws_pricing_service_attribute_3.yaml.bak | 26 ++++++ queries/aws_ram_principal_association_1.yaml | 2 +- .../aws_ram_principal_association_1.yaml.bak | 27 +++++++ queries/aws_ram_principal_association_2.yaml | 2 +- .../aws_ram_principal_association_2.yaml.bak | 29 +++++++ queries/aws_ram_principal_association_3.yaml | 2 +- .../aws_ram_principal_association_3.yaml.bak | 27 +++++++ queries/aws_ram_resource_association_1.yaml | 2 +- .../aws_ram_resource_association_1.yaml.bak | 25 ++++++ queries/aws_ram_resource_association_2.yaml | 2 +- .../aws_ram_resource_association_2.yaml.bak | 29 +++++++ queries/aws_ram_resource_association_3.yaml | 2 +- .../aws_ram_resource_association_3.yaml.bak | 27 +++++++ queries/aws_rds_db_cluster_1.yaml | 2 +- queries/aws_rds_db_cluster_1.yaml.bak | 30 +++++++ queries/aws_rds_db_cluster_2.yaml | 2 +- queries/aws_rds_db_cluster_2.yaml.bak | 27 +++++++ queries/aws_rds_db_cluster_3.yaml | 2 +- queries/aws_rds_db_cluster_3.yaml.bak | 23 ++++++ queries/aws_rds_db_cluster_4.yaml | 2 +- queries/aws_rds_db_cluster_4.yaml.bak | 29 +++++++ queries/aws_rds_db_cluster_5.yaml | 2 +- queries/aws_rds_db_cluster_5.yaml.bak | 31 +++++++ queries/aws_rds_db_cluster_5.yaml.bak.bak | 31 +++++++ .../aws_rds_db_cluster_parameter_group_1.yaml | 2 +- ..._rds_db_cluster_parameter_group_1.yaml.bak | 26 ++++++ .../aws_rds_db_cluster_parameter_group_2.yaml | 2 +- ..._rds_db_cluster_parameter_group_2.yaml.bak | 34 ++++++++ queries/aws_rds_db_cluster_snapshot_1.yaml | 2 +- .../aws_rds_db_cluster_snapshot_1.yaml.bak | 29 +++++++ queries/aws_rds_db_cluster_snapshot_2.yaml | 2 +- .../aws_rds_db_cluster_snapshot_2.yaml.bak | 26 ++++++ queries/aws_rds_db_cluster_snapshot_3.yaml | 2 +- .../aws_rds_db_cluster_snapshot_3.yaml.bak | 25 ++++++ queries/aws_rds_db_cluster_snapshot_4.yaml | 2 +- .../aws_rds_db_cluster_snapshot_4.yaml.bak | 28 +++++++ queries/aws_rds_db_engine_version_1.yaml | 2 +- queries/aws_rds_db_engine_version_1.yaml.bak | 26 ++++++ queries/aws_rds_db_engine_version_2.yaml | 2 +- queries/aws_rds_db_engine_version_2.yaml.bak | 26 ++++++ queries/aws_rds_db_engine_version_3.yaml | 2 +- queries/aws_rds_db_engine_version_3.yaml.bak | 28 +++++++ queries/aws_rds_db_engine_version_4.yaml | 2 +- queries/aws_rds_db_engine_version_4.yaml.bak | 26 ++++++ queries/aws_rds_db_engine_version_5.yaml | 2 +- queries/aws_rds_db_engine_version_5.yaml.bak | 31 +++++++ queries/aws_rds_db_event_subscription_1.yaml | 2 +- .../aws_rds_db_event_subscription_1.yaml.bak | 28 +++++++ queries/aws_rds_db_event_subscription_2.yaml | 2 +- .../aws_rds_db_event_subscription_2.yaml.bak | 27 +++++++ queries/aws_rds_db_instance_1.yaml | 2 +- queries/aws_rds_db_instance_1.yaml.bak | 26 ++++++ queries/aws_rds_db_instance_10.yaml | 2 +- queries/aws_rds_db_instance_10.yaml.bak | 28 +++++++ queries/aws_rds_db_instance_11.yaml | 2 +- queries/aws_rds_db_instance_11.yaml.bak | 30 +++++++ queries/aws_rds_db_instance_12.yaml | 2 +- queries/aws_rds_db_instance_12.yaml.bak | 31 +++++++ queries/aws_rds_db_instance_2.yaml | 2 +- queries/aws_rds_db_instance_2.yaml.bak | 27 +++++++ queries/aws_rds_db_instance_3.yaml | 2 +- queries/aws_rds_db_instance_3.yaml.bak | 27 +++++++ queries/aws_rds_db_instance_3.yaml.bak.bak | 27 +++++++ queries/aws_rds_db_instance_4.yaml | 2 +- queries/aws_rds_db_instance_4.yaml.bak | 32 ++++++++ queries/aws_rds_db_instance_5.yaml | 2 +- queries/aws_rds_db_instance_5.yaml.bak | 28 +++++++ queries/aws_rds_db_instance_6.yaml | 2 +- queries/aws_rds_db_instance_6.yaml.bak | 27 +++++++ queries/aws_rds_db_instance_7.yaml | 2 +- queries/aws_rds_db_instance_7.yaml.bak | 27 +++++++ queries/aws_rds_db_instance_8.yaml | 2 +- queries/aws_rds_db_instance_8.yaml.bak | 54 +++++++++++++ queries/aws_rds_db_instance_9.yaml | 2 +- queries/aws_rds_db_instance_9.yaml.bak | 29 +++++++ ...ws_rds_db_instance_automated_backup_1.yaml | 2 +- ...ds_db_instance_automated_backup_1.yaml.bak | 29 +++++++ ...ws_rds_db_instance_automated_backup_2.yaml | 2 +- ...ds_db_instance_automated_backup_2.yaml.bak | 32 ++++++++ ...ws_rds_db_instance_automated_backup_3.yaml | 2 +- ...ds_db_instance_automated_backup_3.yaml.bak | 32 ++++++++ ...ws_rds_db_instance_automated_backup_4.yaml | 2 +- ...ds_db_instance_automated_backup_4.yaml.bak | 31 +++++++ ...ws_rds_db_instance_automated_backup_5.yaml | 2 +- ...ds_db_instance_automated_backup_5.yaml.bak | 32 ++++++++ ...ws_rds_db_instance_automated_backup_6.yaml | 2 +- ...ds_db_instance_automated_backup_6.yaml.bak | 33 ++++++++ ..._rds_db_instance_metric_connections_1.yaml | 2 +- ..._db_instance_metric_connections_1.yaml.bak | 32 ++++++++ ..._rds_db_instance_metric_connections_2.yaml | 2 +- ..._db_instance_metric_connections_2.yaml.bak | 34 ++++++++ ...b_instance_metric_connections_daily_1.yaml | 2 +- ...stance_metric_connections_daily_1.yaml.bak | 30 +++++++ ...b_instance_metric_connections_daily_2.yaml | 2 +- ...stance_metric_connections_daily_2.yaml.bak | 32 ++++++++ ...b_instance_metric_connections_daily_3.yaml | 2 +- ...stance_metric_connections_daily_3.yaml.bak | 32 ++++++++ ..._instance_metric_connections_hourly_1.yaml | 2 +- ...tance_metric_connections_hourly_1.yaml.bak | 32 ++++++++ ..._instance_metric_connections_hourly_2.yaml | 2 +- ...tance_metric_connections_hourly_2.yaml.bak | 32 ++++++++ ..._db_instance_metric_cpu_utilization_1.yaml | 2 +- ...instance_metric_cpu_utilization_1.yaml.bak | 30 +++++++ ..._db_instance_metric_cpu_utilization_2.yaml | 2 +- ...instance_metric_cpu_utilization_2.yaml.bak | 31 +++++++ ...stance_metric_cpu_utilization_daily_1.yaml | 2 +- ...ce_metric_cpu_utilization_daily_1.yaml.bak | 30 +++++++ ...stance_metric_cpu_utilization_daily_2.yaml | 2 +- ...ce_metric_cpu_utilization_daily_2.yaml.bak | 31 +++++++ ...stance_metric_cpu_utilization_daily_3.yaml | 2 +- ...ce_metric_cpu_utilization_daily_3.yaml.bak | 31 +++++++ ...tance_metric_cpu_utilization_hourly_1.yaml | 2 +- ...e_metric_cpu_utilization_hourly_1.yaml.bak | 32 ++++++++ ...tance_metric_cpu_utilization_hourly_2.yaml | 2 +- ...e_metric_cpu_utilization_hourly_2.yaml.bak | 31 +++++++ ...tance_metric_cpu_utilization_hourly_3.yaml | 2 +- ...e_metric_cpu_utilization_hourly_3.yaml.bak | 31 +++++++ ...ws_rds_db_instance_metric_read_iops_1.yaml | 2 +- ...ds_db_instance_metric_read_iops_1.yaml.bak | 31 +++++++ ...ws_rds_db_instance_metric_read_iops_2.yaml | 2 +- ...ds_db_instance_metric_read_iops_2.yaml.bak | 35 ++++++++ ...ws_rds_db_instance_metric_read_iops_3.yaml | 2 +- ...ds_db_instance_metric_read_iops_3.yaml.bak | 35 ++++++++ ...ws_rds_db_instance_metric_read_iops_4.yaml | 2 +- ...ds_db_instance_metric_read_iops_4.yaml.bak | 39 +++++++++ ...b_instance_metric_read_iops_4.yaml.bak.bak | 39 +++++++++ ..._db_instance_metric_read_iops_daily_1.yaml | 2 +- ...instance_metric_read_iops_daily_1.yaml.bak | 33 ++++++++ ..._db_instance_metric_read_iops_daily_2.yaml | 2 +- ...instance_metric_read_iops_daily_2.yaml.bak | 33 ++++++++ ..._db_instance_metric_read_iops_daily_3.yaml | 2 +- ...instance_metric_read_iops_daily_3.yaml.bak | 35 ++++++++ ..._db_instance_metric_read_iops_daily_4.yaml | 2 +- ...instance_metric_read_iops_daily_4.yaml.bak | 39 +++++++++ ...db_instance_metric_read_iops_hourly_1.yaml | 2 +- ...nstance_metric_read_iops_hourly_1.yaml.bak | 33 ++++++++ ...db_instance_metric_read_iops_hourly_2.yaml | 2 +- ...nstance_metric_read_iops_hourly_2.yaml.bak | 35 ++++++++ ...db_instance_metric_read_iops_hourly_3.yaml | 2 +- ...nstance_metric_read_iops_hourly_3.yaml.bak | 33 ++++++++ ...nce_metric_read_iops_hourly_3.yaml.bak.bak | 33 ++++++++ ...db_instance_metric_read_iops_hourly_4.yaml | 2 +- ...nstance_metric_read_iops_hourly_4.yaml.bak | 39 +++++++++ ...db_instance_metric_read_iops_hourly_5.yaml | 2 +- ...nstance_metric_read_iops_hourly_5.yaml.bak | 41 ++++++++++ ...s_rds_db_instance_metric_write_iops_1.yaml | 2 +- ...s_db_instance_metric_write_iops_1.yaml.bak | 33 ++++++++ ...s_rds_db_instance_metric_write_iops_2.yaml | 2 +- ...s_db_instance_metric_write_iops_2.yaml.bak | 33 ++++++++ ..._instance_metric_write_iops_2.yaml.bak.bak | 33 ++++++++ ...s_rds_db_instance_metric_write_iops_3.yaml | 2 +- ...s_db_instance_metric_write_iops_3.yaml.bak | 33 ++++++++ ...s_rds_db_instance_metric_write_iops_4.yaml | 2 +- ...s_db_instance_metric_write_iops_4.yaml.bak | 39 +++++++++ ...db_instance_metric_write_iops_daily_1.yaml | 2 +- ...nstance_metric_write_iops_daily_1.yaml.bak | 31 +++++++ ...db_instance_metric_write_iops_daily_2.yaml | 2 +- ...nstance_metric_write_iops_daily_2.yaml.bak | 35 ++++++++ ...db_instance_metric_write_iops_daily_3.yaml | 2 +- ...nstance_metric_write_iops_daily_3.yaml.bak | 33 ++++++++ ...nce_metric_write_iops_daily_3.yaml.bak.bak | 33 ++++++++ ...db_instance_metric_write_iops_daily_4.yaml | 2 +- ...nstance_metric_write_iops_daily_4.yaml.bak | 39 +++++++++ ...b_instance_metric_write_iops_hourly_1.yaml | 2 +- ...stance_metric_write_iops_hourly_1.yaml.bak | 31 +++++++ ...b_instance_metric_write_iops_hourly_2.yaml | 2 +- ...stance_metric_write_iops_hourly_2.yaml.bak | 33 ++++++++ ...b_instance_metric_write_iops_hourly_3.yaml | 2 +- ...stance_metric_write_iops_hourly_3.yaml.bak | 33 ++++++++ ...b_instance_metric_write_iops_hourly_4.yaml | 2 +- ...stance_metric_write_iops_hourly_4.yaml.bak | 39 +++++++++ ...b_instance_metric_write_iops_hourly_5.yaml | 2 +- ...stance_metric_write_iops_hourly_5.yaml.bak | 41 ++++++++++ queries/aws_rds_db_option_group_1.yaml | 2 +- queries/aws_rds_db_option_group_1.yaml.bak | 26 ++++++ queries/aws_rds_db_option_group_2.yaml | 2 +- queries/aws_rds_db_option_group_2.yaml.bak | 27 +++++++ queries/aws_rds_db_option_group_3.yaml | 2 +- queries/aws_rds_db_option_group_3.yaml.bak | 30 +++++++ queries/aws_rds_db_parameter_group_1.yaml | 2 +- queries/aws_rds_db_parameter_group_1.yaml.bak | 26 ++++++ queries/aws_rds_db_parameter_group_2.yaml | 2 +- queries/aws_rds_db_parameter_group_2.yaml.bak | 34 ++++++++ queries/aws_rds_db_proxy_1.yaml | 2 +- queries/aws_rds_db_proxy_1.yaml.bak | 24 ++++++ queries/aws_rds_db_proxy_2.yaml | 2 +- queries/aws_rds_db_proxy_2.yaml.bak | 29 +++++++ queries/aws_rds_db_recommendation_1.yaml | 2 +- queries/aws_rds_db_recommendation_1.yaml.bak | 28 +++++++ queries/aws_rds_db_recommendation_2.yaml | 2 +- queries/aws_rds_db_recommendation_2.yaml.bak | 29 +++++++ .../aws_rds_db_recommendation_2.yaml.bak.bak | 29 +++++++ queries/aws_rds_db_recommendation_3.yaml | 2 +- queries/aws_rds_db_recommendation_3.yaml.bak | 25 ++++++ queries/aws_rds_db_recommendation_4.yaml | 2 +- queries/aws_rds_db_recommendation_4.yaml.bak | 27 +++++++ queries/aws_rds_db_recommendation_5.yaml | 2 +- queries/aws_rds_db_recommendation_5.yaml.bak | 27 +++++++ queries/aws_rds_db_recommendation_6.yaml | 2 +- queries/aws_rds_db_recommendation_6.yaml.bak | 28 +++++++ queries/aws_rds_db_recommendation_7.yaml | 2 +- queries/aws_rds_db_recommendation_7.yaml.bak | 34 ++++++++ queries/aws_rds_db_snapshot_1.yaml | 2 +- queries/aws_rds_db_snapshot_1.yaml.bak | 27 +++++++ queries/aws_rds_db_snapshot_2.yaml | 2 +- queries/aws_rds_db_snapshot_2.yaml.bak | 25 ++++++ queries/aws_rds_db_snapshot_3.yaml | 2 +- queries/aws_rds_db_snapshot_3.yaml.bak | 27 +++++++ queries/aws_rds_db_snapshot_4.yaml | 2 +- queries/aws_rds_db_snapshot_4.yaml.bak | 27 +++++++ queries/aws_rds_db_subnet_group_1.yaml | 2 +- queries/aws_rds_db_subnet_group_1.yaml.bak | 26 ++++++ queries/aws_rds_db_subnet_group_2.yaml | 2 +- queries/aws_rds_db_subnet_group_2.yaml.bak | 27 +++++++ queries/aws_rds_db_subnet_group_3.yaml | 2 +- queries/aws_rds_db_subnet_group_3.yaml.bak | 25 ++++++ queries/aws_rds_reserved_db_instance_1.yaml | 2 +- .../aws_rds_reserved_db_instance_1.yaml.bak | 28 +++++++ ...ws_rds_reserved_db_instance_1.yaml.bak.bak | 28 +++++++ queries/aws_rds_reserved_db_instance_2.yaml | 2 +- .../aws_rds_reserved_db_instance_2.yaml.bak | 30 +++++++ queries/aws_rds_reserved_db_instance_3.yaml | 2 +- .../aws_rds_reserved_db_instance_3.yaml.bak | 30 +++++++ queries/aws_rds_reserved_db_instance_4.yaml | 2 +- .../aws_rds_reserved_db_instance_4.yaml.bak | 30 +++++++ queries/aws_rds_reserved_db_instance_5.yaml | 2 +- .../aws_rds_reserved_db_instance_5.yaml.bak | 31 +++++++ queries/aws_rds_reserved_db_instance_6.yaml | 2 +- .../aws_rds_reserved_db_instance_6.yaml.bak | 31 +++++++ queries/aws_redshift_cluster_1.yaml | 2 +- queries/aws_redshift_cluster_1.yaml.bak | 27 +++++++ queries/aws_redshift_cluster_2.yaml | 2 +- queries/aws_redshift_cluster_2.yaml.bak | 29 +++++++ queries/aws_redshift_cluster_2.yaml.bak.bak | 29 +++++++ queries/aws_redshift_cluster_3.yaml | 2 +- queries/aws_redshift_cluster_3.yaml.bak | 29 +++++++ queries/aws_redshift_cluster_4.yaml | 2 +- queries/aws_redshift_cluster_4.yaml.bak | 29 +++++++ queries/aws_redshift_cluster_5.yaml | 2 +- queries/aws_redshift_cluster_5.yaml.bak | 25 ++++++ ...luster_metric_cpu_utilization_daily_1.yaml | 2 +- ...er_metric_cpu_utilization_daily_1.yaml.bak | 30 +++++++ ...luster_metric_cpu_utilization_daily_2.yaml | 2 +- ...er_metric_cpu_utilization_daily_2.yaml.bak | 31 +++++++ ...luster_metric_cpu_utilization_daily_3.yaml | 2 +- ...er_metric_cpu_utilization_daily_3.yaml.bak | 31 +++++++ .../aws_redshift_event_subscription_1.yaml | 2 +- ...aws_redshift_event_subscription_1.yaml.bak | 28 +++++++ .../aws_redshift_event_subscription_2.yaml | 2 +- ...aws_redshift_event_subscription_2.yaml.bak | 29 +++++++ ...redshift_event_subscription_2.yaml.bak.bak | 29 +++++++ .../aws_redshift_event_subscription_3.yaml | 2 +- ...aws_redshift_event_subscription_3.yaml.bak | 26 ++++++ .../aws_redshift_event_subscription_4.yaml | 2 +- ...aws_redshift_event_subscription_4.yaml.bak | 28 +++++++ queries/aws_redshift_parameter_group_1.yaml | 2 +- .../aws_redshift_parameter_group_1.yaml.bak | 26 ++++++ queries/aws_redshift_parameter_group_2.yaml | 2 +- .../aws_redshift_parameter_group_2.yaml.bak | 35 ++++++++ queries/aws_redshift_snapshot_1.yaml | 2 +- queries/aws_redshift_snapshot_1.yaml.bak | 25 ++++++ queries/aws_redshift_snapshot_2.yaml | 2 +- queries/aws_redshift_snapshot_2.yaml.bak | 25 ++++++ queries/aws_redshift_snapshot_3.yaml | 2 +- queries/aws_redshift_snapshot_3.yaml.bak | 28 +++++++ queries/aws_redshift_snapshot_4.yaml | 2 +- queries/aws_redshift_snapshot_4.yaml.bak | 27 +++++++ queries/aws_redshift_snapshot_5.yaml | 2 +- queries/aws_redshift_snapshot_5.yaml.bak | 25 ++++++ queries/aws_redshift_snapshot_6.yaml | 2 +- queries/aws_redshift_snapshot_6.yaml.bak | 25 ++++++ queries/aws_redshift_subnet_group_1.yaml | 2 +- queries/aws_redshift_subnet_group_1.yaml.bak | 25 ++++++ queries/aws_redshift_subnet_group_2.yaml | 2 +- queries/aws_redshift_subnet_group_2.yaml.bak | 29 +++++++ queries/aws_redshift_subnet_group_3.yaml | 2 +- queries/aws_redshift_subnet_group_3.yaml.bak | 25 ++++++ .../aws_redshiftserverless_namespace_1.yaml | 2 +- ...ws_redshiftserverless_namespace_1.yaml.bak | 30 +++++++ .../aws_redshiftserverless_namespace_2.yaml | 2 +- ...ws_redshiftserverless_namespace_2.yaml.bak | 32 ++++++++ .../aws_redshiftserverless_namespace_3.yaml | 2 +- ...ws_redshiftserverless_namespace_3.yaml.bak | 32 ++++++++ .../aws_redshiftserverless_namespace_4.yaml | 2 +- ...ws_redshiftserverless_namespace_4.yaml.bak | 28 +++++++ .../aws_redshiftserverless_workgroup_1.yaml | 2 +- ...ws_redshiftserverless_workgroup_1.yaml.bak | 30 +++++++ .../aws_redshiftserverless_workgroup_2.yaml | 2 +- ...ws_redshiftserverless_workgroup_2.yaml.bak | 32 ++++++++ .../aws_redshiftserverless_workgroup_3.yaml | 2 +- ...ws_redshiftserverless_workgroup_3.yaml.bak | 30 +++++++ .../aws_redshiftserverless_workgroup_4.yaml | 2 +- ...ws_redshiftserverless_workgroup_4.yaml.bak | 24 ++++++ .../aws_redshiftserverless_workgroup_5.yaml | 2 +- ...ws_redshiftserverless_workgroup_5.yaml.bak | 27 +++++++ .../aws_redshiftserverless_workgroup_6.yaml | 2 +- ...ws_redshiftserverless_workgroup_6.yaml.bak | 27 +++++++ queries/aws_region_1.yaml | 2 +- queries/aws_region_1.yaml.bak | 23 ++++++ queries/aws_region_2.yaml | 2 +- queries/aws_region_2.yaml.bak | 27 +++++++ queries/aws_resource_explorer_index_1.yaml | 2 +- .../aws_resource_explorer_index_1.yaml.bak | 24 ++++++ queries/aws_resource_explorer_index_2.yaml | 2 +- .../aws_resource_explorer_index_2.yaml.bak | 28 +++++++ queries/aws_resource_explorer_search_1.yaml | 2 +- .../aws_resource_explorer_search_1.yaml.bak | 28 +++++++ queries/aws_resource_explorer_search_2.yaml | 2 +- .../aws_resource_explorer_search_2.yaml.bak | 30 +++++++ queries/aws_resource_explorer_search_3.yaml | 2 +- .../aws_resource_explorer_search_3.yaml.bak | 28 +++++++ queries/aws_resource_explorer_search_4.yaml | 2 +- .../aws_resource_explorer_search_4.yaml.bak | 30 +++++++ queries/aws_resource_explorer_search_5.yaml | 2 +- .../aws_resource_explorer_search_5.yaml.bak | 30 +++++++ queries/aws_resource_explorer_search_6.yaml | 2 +- .../aws_resource_explorer_search_6.yaml.bak | 28 +++++++ ...ws_resource_explorer_search_6.yaml.bak.bak | 28 +++++++ queries/aws_resource_explorer_search_7.yaml | 2 +- .../aws_resource_explorer_search_7.yaml.bak | 30 +++++++ queries/aws_resource_explorer_search_8.yaml | 2 +- .../aws_resource_explorer_search_8.yaml.bak | 28 +++++++ ...ce_explorer_supported_resource_type_1.yaml | 2 +- ...xplorer_supported_resource_type_1.yaml.bak | 25 ++++++ ...ce_explorer_supported_resource_type_2.yaml | 2 +- ...xplorer_supported_resource_type_2.yaml.bak | 27 +++++++ queries/aws_route53_domain_1.yaml | 2 +- queries/aws_route53_domain_1.yaml.bak | 24 ++++++ queries/aws_route53_domain_2.yaml | 2 +- queries/aws_route53_domain_2.yaml.bak | 28 +++++++ queries/aws_route53_domain_3.yaml | 2 +- queries/aws_route53_domain_3.yaml.bak | 26 ++++++ queries/aws_route53_health_check_1.yaml | 2 +- queries/aws_route53_health_check_1.yaml.bak | 25 ++++++ queries/aws_route53_health_check_2.yaml | 2 +- queries/aws_route53_health_check_2.yaml.bak | 32 ++++++++ queries/aws_route53_health_check_3.yaml | 2 +- queries/aws_route53_health_check_3.yaml.bak | 29 +++++++ queries/aws_route53_health_check_4.yaml | 2 +- queries/aws_route53_health_check_4.yaml.bak | 26 ++++++ queries/aws_route53_health_check_5.yaml | 2 +- queries/aws_route53_health_check_5.yaml.bak | 28 +++++++ .../aws_route53_health_check_5.yaml.bak.bak | 28 +++++++ queries/aws_route53_health_check_6.yaml | 2 +- queries/aws_route53_health_check_6.yaml.bak | 31 +++++++ queries/aws_route53_health_check_7.yaml | 2 +- queries/aws_route53_health_check_7.yaml.bak | 33 ++++++++ queries/aws_route53_query_log_1.yaml | 2 +- queries/aws_route53_query_log_1.yaml.bak | 28 +++++++ queries/aws_route53_query_log_2.yaml | 2 +- queries/aws_route53_query_log_2.yaml.bak | 30 +++++++ queries/aws_route53_query_log_3.yaml | 2 +- queries/aws_route53_query_log_3.yaml.bak | 27 +++++++ queries/aws_route53_record_1.yaml | 2 +- queries/aws_route53_record_1.yaml.bak | 27 +++++++ queries/aws_route53_record_2.yaml | 2 +- queries/aws_route53_record_2.yaml.bak | 29 +++++++ queries/aws_route53_record_3.yaml | 2 +- queries/aws_route53_record_3.yaml.bak | 27 +++++++ queries/aws_route53_record_4.yaml | 2 +- queries/aws_route53_record_4.yaml.bak | 30 +++++++ queries/aws_route53_record_5.yaml | 2 +- queries/aws_route53_record_5.yaml.bak | 27 +++++++ queries/aws_route53_record_6.yaml | 2 +- queries/aws_route53_record_6.yaml.bak | 32 ++++++++ queries/aws_route53_record_7.yaml | 2 +- queries/aws_route53_record_7.yaml.bak | 30 +++++++ queries/aws_route53_resolver_endpoint_1.yaml | 2 +- .../aws_route53_resolver_endpoint_1.yaml.bak | 26 ++++++ queries/aws_route53_resolver_endpoint_2.yaml | 2 +- .../aws_route53_resolver_endpoint_2.yaml.bak | 28 +++++++ queries/aws_route53_resolver_endpoint_3.yaml | 2 +- .../aws_route53_resolver_endpoint_3.yaml.bak | 28 +++++++ queries/aws_route53_resolver_endpoint_4.yaml | 2 +- .../aws_route53_resolver_endpoint_4.yaml.bak | 26 ++++++ ...s_route53_resolver_query_log_config_1.yaml | 2 +- ...ute53_resolver_query_log_config_1.yaml.bak | 27 +++++++ ...s_route53_resolver_query_log_config_2.yaml | 2 +- ...ute53_resolver_query_log_config_2.yaml.bak | 34 ++++++++ ...s_route53_resolver_query_log_config_3.yaml | 2 +- ...ute53_resolver_query_log_config_3.yaml.bak | 27 +++++++ ...s_route53_resolver_query_log_config_4.yaml | 2 +- ...ute53_resolver_query_log_config_4.yaml.bak | 27 +++++++ ...s_route53_resolver_query_log_config_5.yaml | 2 +- ...ute53_resolver_query_log_config_5.yaml.bak | 28 +++++++ ...3_resolver_query_log_config_5.yaml.bak.bak | 28 +++++++ queries/aws_route53_resolver_rule_1.yaml | 2 +- queries/aws_route53_resolver_rule_1.yaml.bak | 27 +++++++ queries/aws_route53_resolver_rule_2.yaml | 2 +- queries/aws_route53_resolver_rule_2.yaml.bak | 29 +++++++ queries/aws_route53_resolver_rule_3.yaml | 2 +- queries/aws_route53_resolver_rule_3.yaml.bak | 25 ++++++ queries/aws_route53_resolver_rule_4.yaml | 2 +- queries/aws_route53_resolver_rule_4.yaml.bak | 29 +++++++ queries/aws_route53_traffic_policy_1.yaml | 2 +- queries/aws_route53_traffic_policy_1.yaml.bak | 26 ++++++ queries/aws_route53_traffic_policy_2.yaml | 2 +- queries/aws_route53_traffic_policy_2.yaml.bak | 35 ++++++++ queries/aws_route53_traffic_policy_3.yaml | 2 +- queries/aws_route53_traffic_policy_3.yaml.bak | 25 ++++++ ...aws_route53_traffic_policy_instance_1.yaml | 2 +- ...route53_traffic_policy_instance_1.yaml.bak | 26 ++++++ ...aws_route53_traffic_policy_instance_2.yaml | 2 +- ...route53_traffic_policy_instance_2.yaml.bak | 28 +++++++ ...aws_route53_traffic_policy_instance_3.yaml | 2 +- ...route53_traffic_policy_instance_3.yaml.bak | 30 +++++++ ...aws_route53_traffic_policy_instance_4.yaml | 2 +- ...route53_traffic_policy_instance_4.yaml.bak | 30 +++++++ ...ute53_vpc_association_authorization_1.yaml | 2 +- ...3_vpc_association_authorization_1.yaml.bak | 26 ++++++ ...ute53_vpc_association_authorization_2.yaml | 2 +- ...3_vpc_association_authorization_2.yaml.bak | 28 +++++++ ...ute53_vpc_association_authorization_3.yaml | 2 +- ...3_vpc_association_authorization_3.yaml.bak | 30 +++++++ queries/aws_route53_zone_1.yaml | 2 +- queries/aws_route53_zone_1.yaml.bak | 25 ++++++ queries/aws_route53_zone_2.yaml | 2 +- queries/aws_route53_zone_2.yaml.bak | 28 +++++++ queries/aws_route53_zone_3.yaml | 2 +- queries/aws_route53_zone_3.yaml.bak | 30 +++++++ queries/aws_route53_zone_3.yaml.bak.bak | 30 +++++++ queries/aws_route53_zone_4.yaml | 2 +- queries/aws_route53_zone_4.yaml.bak | 27 +++++++ queries/aws_route53_zone_5.yaml | 2 +- queries/aws_route53_zone_5.yaml.bak | 26 ++++++ queries/aws_route53_zone_6.yaml | 2 +- queries/aws_route53_zone_6.yaml.bak | 31 +++++++ queries/aws_s3_access_point_1.yaml | 2 +- queries/aws_s3_access_point_1.yaml.bak | 24 ++++++ queries/aws_s3_access_point_1.yaml.bak.bak | 24 ++++++ queries/aws_s3_access_point_2.yaml | 2 +- queries/aws_s3_access_point_2.yaml.bak | 28 +++++++ queries/aws_s3_access_point_3.yaml | 2 +- queries/aws_s3_access_point_3.yaml.bak | 33 ++++++++ queries/aws_s3_access_point_4.yaml | 2 +- queries/aws_s3_access_point_4.yaml.bak | 27 +++++++ queries/aws_s3_access_point_5.yaml | 2 +- queries/aws_s3_access_point_5.yaml.bak | 25 ++++++ queries/aws_s3_bucket_1.yaml | 2 +- queries/aws_s3_bucket_1.yaml.bak | 27 +++++++ queries/aws_s3_bucket_10.yaml | 2 +- queries/aws_s3_bucket_10.yaml.bak | 38 +++++++++ queries/aws_s3_bucket_11.yaml | 2 +- queries/aws_s3_bucket_11.yaml.bak | 27 +++++++ queries/aws_s3_bucket_12.yaml | 2 +- queries/aws_s3_bucket_12.yaml.bak | 27 +++++++ queries/aws_s3_bucket_13.yaml | 2 +- queries/aws_s3_bucket_13.yaml.bak | 26 ++++++ queries/aws_s3_bucket_2.yaml | 2 +- queries/aws_s3_bucket_2.yaml.bak | 29 +++++++ queries/aws_s3_bucket_3.yaml | 2 +- queries/aws_s3_bucket_3.yaml.bak | 29 +++++++ queries/aws_s3_bucket_4.yaml | 2 +- queries/aws_s3_bucket_4.yaml.bak | 33 ++++++++ queries/aws_s3_bucket_5.yaml | 2 +- queries/aws_s3_bucket_5.yaml.bak | 27 +++++++ queries/aws_s3_bucket_6.yaml | 2 +- queries/aws_s3_bucket_6.yaml.bak | 27 +++++++ queries/aws_s3_bucket_6.yaml.bak.bak | 27 +++++++ queries/aws_s3_bucket_7.yaml | 2 +- queries/aws_s3_bucket_7.yaml.bak | 27 +++++++ queries/aws_s3_bucket_8.yaml | 2 +- queries/aws_s3_bucket_8.yaml.bak | 39 +++++++++ queries/aws_s3_bucket_9.yaml | 2 +- queries/aws_s3_bucket_9.yaml.bak | 41 ++++++++++ ...t_intelligent_tiering_configuration_1.yaml | 2 +- ...telligent_tiering_configuration_1.yaml.bak | 27 +++++++ ...t_intelligent_tiering_configuration_2.yaml | 2 +- ...telligent_tiering_configuration_2.yaml.bak | 45 +++++++++++ ...t_intelligent_tiering_configuration_3.yaml | 2 +- ...telligent_tiering_configuration_3.yaml.bak | 29 +++++++ ...t_intelligent_tiering_configuration_4.yaml | 2 +- ...telligent_tiering_configuration_4.yaml.bak | 29 +++++++ ...t_intelligent_tiering_configuration_5.yaml | 2 +- ...telligent_tiering_configuration_5.yaml.bak | 26 ++++++ .../aws_s3_multi_region_access_point_1.yaml | 2 +- ...ws_s3_multi_region_access_point_1.yaml.bak | 26 ++++++ .../aws_s3_multi_region_access_point_2.yaml | 2 +- ...ws_s3_multi_region_access_point_2.yaml.bak | 31 +++++++ .../aws_s3_multi_region_access_point_3.yaml | 2 +- ...ws_s3_multi_region_access_point_3.yaml.bak | 24 ++++++ .../aws_s3_multi_region_access_point_4.yaml | 2 +- ...ws_s3_multi_region_access_point_4.yaml.bak | 26 ++++++ ...3_multi_region_access_point_4.yaml.bak.bak | 26 ++++++ .../aws_s3_multi_region_access_point_5.yaml | 2 +- ...ws_s3_multi_region_access_point_5.yaml.bak | 32 ++++++++ queries/aws_s3_object_1.yaml | 2 +- queries/aws_s3_object_1.yaml.bak | 31 +++++++ queries/aws_s3_object_10.yaml | 2 +- queries/aws_s3_object_10.yaml.bak | 27 +++++++ queries/aws_s3_object_10.yaml.bak.bak | 27 +++++++ queries/aws_s3_object_11.yaml | 2 +- queries/aws_s3_object_11.yaml.bak | 32 ++++++++ queries/aws_s3_object_12.yaml | 2 +- queries/aws_s3_object_12.yaml.bak | 41 ++++++++++ queries/aws_s3_object_13.yaml | 2 +- queries/aws_s3_object_13.yaml.bak | 31 +++++++ queries/aws_s3_object_2.yaml | 2 +- queries/aws_s3_object_2.yaml.bak | 30 +++++++ queries/aws_s3_object_3.yaml | 2 +- queries/aws_s3_object_3.yaml.bak | 30 +++++++ queries/aws_s3_object_4.yaml | 2 +- queries/aws_s3_object_4.yaml.bak | 30 +++++++ queries/aws_s3_object_4.yaml.bak.bak | 30 +++++++ queries/aws_s3_object_5.yaml | 2 +- queries/aws_s3_object_5.yaml.bak | 30 +++++++ queries/aws_s3_object_6.yaml | 2 +- queries/aws_s3_object_6.yaml.bak | 31 +++++++ queries/aws_s3_object_7.yaml | 2 +- queries/aws_s3_object_7.yaml.bak | 29 +++++++ queries/aws_s3_object_8.yaml | 2 +- queries/aws_s3_object_8.yaml.bak | 29 +++++++ queries/aws_s3_object_8.yaml.bak.bak | 29 +++++++ queries/aws_s3_object_9.yaml | 2 +- queries/aws_s3_object_9.yaml.bak | 33 ++++++++ queries/aws_s3_object_version_1.yaml | 2 +- queries/aws_s3_object_version_1.yaml.bak | 29 +++++++ queries/aws_s3_object_version_2.yaml | 2 +- queries/aws_s3_object_version_2.yaml.bak | 33 ++++++++ queries/aws_s3_object_version_3.yaml | 2 +- queries/aws_s3_object_version_3.yaml.bak | 19 +++++ queries/aws_sagemaker_app_1.yaml | 2 +- queries/aws_sagemaker_app_1.yaml.bak | 25 ++++++ queries/aws_sagemaker_app_2.yaml | 2 +- queries/aws_sagemaker_app_2.yaml.bak | 30 +++++++ queries/aws_sagemaker_domain_1.yaml | 2 +- queries/aws_sagemaker_domain_1.yaml.bak | 25 ++++++ queries/aws_sagemaker_domain_2.yaml | 2 +- queries/aws_sagemaker_domain_2.yaml.bak | 29 +++++++ queries/aws_sagemaker_domain_3.yaml | 2 +- queries/aws_sagemaker_domain_3.yaml.bak | 29 +++++++ ...ws_sagemaker_endpoint_configuration_1.yaml | 2 +- ...agemaker_endpoint_configuration_1.yaml.bak | 27 +++++++ ...ws_sagemaker_endpoint_configuration_2.yaml | 2 +- ...agemaker_endpoint_configuration_2.yaml.bak | 28 +++++++ queries/aws_sagemaker_model_1.yaml | 2 +- queries/aws_sagemaker_model_1.yaml.bak | 25 ++++++ queries/aws_sagemaker_model_2.yaml | 2 +- queries/aws_sagemaker_model_2.yaml.bak | 27 +++++++ .../aws_sagemaker_notebook_instance_1.yaml | 2 +- ...aws_sagemaker_notebook_instance_1.yaml.bak | 28 +++++++ .../aws_sagemaker_notebook_instance_2.yaml | 2 +- ...aws_sagemaker_notebook_instance_2.yaml.bak | 27 +++++++ .../aws_sagemaker_notebook_instance_3.yaml | 2 +- ...aws_sagemaker_notebook_instance_3.yaml.bak | 27 +++++++ .../aws_sagemaker_notebook_instance_4.yaml | 2 +- ...aws_sagemaker_notebook_instance_4.yaml.bak | 27 +++++++ queries/aws_sagemaker_training_job_1.yaml | 2 +- queries/aws_sagemaker_training_job_1.yaml.bak | 26 ++++++ queries/aws_sagemaker_training_job_2.yaml | 2 +- queries/aws_sagemaker_training_job_2.yaml.bak | 29 +++++++ queries/aws_sagemaker_training_job_3.yaml | 2 +- queries/aws_sagemaker_training_job_3.yaml.bak | 29 +++++++ .../aws_sagemaker_training_job_3.yaml.bak.bak | 29 +++++++ queries/aws_secretsmanager_secret_1.yaml | 2 +- queries/aws_secretsmanager_secret_1.yaml.bak | 25 ++++++ queries/aws_secretsmanager_secret_2.yaml | 2 +- queries/aws_secretsmanager_secret_2.yaml.bak | 31 +++++++ queries/aws_secretsmanager_secret_3.yaml | 2 +- queries/aws_secretsmanager_secret_3.yaml.bak | 28 +++++++ queries/aws_secretsmanager_secret_4.yaml | 2 +- queries/aws_secretsmanager_secret_4.yaml.bak | 31 +++++++ queries/aws_secretsmanager_secret_5.yaml | 2 +- queries/aws_secretsmanager_secret_5.yaml.bak | 26 ++++++ queries/aws_securityhub_action_target_1.yaml | 2 +- .../aws_securityhub_action_target_1.yaml.bak | 24 ++++++ queries/aws_securityhub_action_target_2.yaml | 2 +- .../aws_securityhub_action_target_2.yaml.bak | 28 +++++++ ...ityhub_enabled_product_subscription_1.yaml | 2 +- ...ub_enabled_product_subscription_1.yaml.bak | 26 ++++++ ...nabled_product_subscription_1.yaml.bak.bak | 26 ++++++ ...ityhub_enabled_product_subscription_2.yaml | 2 +- ...ub_enabled_product_subscription_2.yaml.bak | 31 +++++++ queries/aws_securityhub_finding_1.yaml | 2 +- queries/aws_securityhub_finding_1.yaml.bak | 31 +++++++ queries/aws_securityhub_finding_10.yaml | 2 +- queries/aws_securityhub_finding_10.yaml.bak | 30 +++++++ .../aws_securityhub_finding_10.yaml.bak.bak | 30 +++++++ queries/aws_securityhub_finding_11.yaml | 2 +- queries/aws_securityhub_finding_11.yaml.bak | 33 ++++++++ queries/aws_securityhub_finding_12.yaml | 2 +- queries/aws_securityhub_finding_12.yaml.bak | 40 +++++++++ queries/aws_securityhub_finding_13.yaml | 2 +- queries/aws_securityhub_finding_13.yaml.bak | 39 +++++++++ queries/aws_securityhub_finding_14.yaml | 2 +- queries/aws_securityhub_finding_14.yaml.bak | 43 ++++++++++ queries/aws_securityhub_finding_15.yaml | 2 +- queries/aws_securityhub_finding_15.yaml.bak | 30 +++++++ queries/aws_securityhub_finding_16.yaml | 2 +- queries/aws_securityhub_finding_16.yaml.bak | 33 ++++++++ queries/aws_securityhub_finding_17.yaml | 2 +- queries/aws_securityhub_finding_17.yaml.bak | 34 ++++++++ queries/aws_securityhub_finding_18.yaml | 2 +- queries/aws_securityhub_finding_18.yaml.bak | 35 ++++++++ queries/aws_securityhub_finding_19.yaml | 2 +- queries/aws_securityhub_finding_19.yaml.bak | 31 +++++++ queries/aws_securityhub_finding_2.yaml | 2 +- queries/aws_securityhub_finding_2.yaml.bak | 27 +++++++ queries/aws_securityhub_finding_20.yaml | 2 +- queries/aws_securityhub_finding_20.yaml.bak | 30 +++++++ queries/aws_securityhub_finding_21.yaml | 2 +- queries/aws_securityhub_finding_21.yaml.bak | 30 +++++++ queries/aws_securityhub_finding_22.yaml | 2 +- queries/aws_securityhub_finding_22.yaml.bak | 29 +++++++ queries/aws_securityhub_finding_3.yaml | 2 +- queries/aws_securityhub_finding_3.yaml.bak | 29 +++++++ queries/aws_securityhub_finding_4.yaml | 2 +- queries/aws_securityhub_finding_4.yaml.bak | 32 ++++++++ queries/aws_securityhub_finding_5.yaml | 2 +- queries/aws_securityhub_finding_5.yaml.bak | 29 +++++++ queries/aws_securityhub_finding_6.yaml | 2 +- queries/aws_securityhub_finding_6.yaml.bak | 33 ++++++++ queries/aws_securityhub_finding_7.yaml | 2 +- queries/aws_securityhub_finding_7.yaml.bak | 29 +++++++ queries/aws_securityhub_finding_8.yaml | 2 +- queries/aws_securityhub_finding_8.yaml.bak | 30 +++++++ queries/aws_securityhub_finding_9.yaml | 2 +- queries/aws_securityhub_finding_9.yaml.bak | 29 +++++++ .../aws_securityhub_finding_aggregator_1.yaml | 2 +- ..._securityhub_finding_aggregator_1.yaml.bak | 26 ++++++ .../aws_securityhub_finding_aggregator_2.yaml | 2 +- ..._securityhub_finding_aggregator_2.yaml.bak | 28 +++++++ .../aws_securityhub_finding_aggregator_3.yaml | 2 +- ..._securityhub_finding_aggregator_3.yaml.bak | 29 +++++++ .../aws_securityhub_finding_aggregator_4.yaml | 2 +- ..._securityhub_finding_aggregator_4.yaml.bak | 31 +++++++ queries/aws_securityhub_hub_1.yaml | 2 +- queries/aws_securityhub_hub_1.yaml.bak | 27 +++++++ queries/aws_securityhub_hub_2.yaml | 2 +- queries/aws_securityhub_hub_2.yaml.bak | 27 +++++++ queries/aws_securityhub_hub_3.yaml | 2 +- queries/aws_securityhub_hub_3.yaml.bak | 29 +++++++ queries/aws_securityhub_hub_3.yaml.bak.bak | 29 +++++++ queries/aws_securityhub_insight_1.yaml | 2 +- queries/aws_securityhub_insight_1.yaml.bak | 25 ++++++ queries/aws_securityhub_insight_10.yaml | 2 +- queries/aws_securityhub_insight_10.yaml.bak | 28 +++++++ queries/aws_securityhub_insight_2.yaml | 2 +- queries/aws_securityhub_insight_2.yaml.bak | 29 +++++++ queries/aws_securityhub_insight_3.yaml | 2 +- queries/aws_securityhub_insight_3.yaml.bak | 26 ++++++ queries/aws_securityhub_insight_4.yaml | 2 +- queries/aws_securityhub_insight_4.yaml.bak | 24 ++++++ queries/aws_securityhub_insight_5.yaml | 2 +- queries/aws_securityhub_insight_5.yaml.bak | 28 +++++++ queries/aws_securityhub_insight_6.yaml | 2 +- queries/aws_securityhub_insight_6.yaml.bak | 28 +++++++ queries/aws_securityhub_insight_7.yaml | 2 +- queries/aws_securityhub_insight_7.yaml.bak | 28 +++++++ queries/aws_securityhub_insight_8.yaml | 2 +- queries/aws_securityhub_insight_8.yaml.bak | 26 ++++++ queries/aws_securityhub_insight_9.yaml | 2 +- queries/aws_securityhub_insight_9.yaml.bak | 35 ++++++++ queries/aws_securityhub_member_1.yaml | 2 +- queries/aws_securityhub_member_1.yaml.bak | 28 +++++++ queries/aws_securityhub_member_2.yaml | 2 +- queries/aws_securityhub_member_2.yaml.bak | 31 +++++++ queries/aws_securityhub_member_3.yaml | 2 +- queries/aws_securityhub_member_3.yaml.bak | 30 +++++++ queries/aws_securityhub_member_4.yaml | 2 +- queries/aws_securityhub_member_4.yaml.bak | 33 ++++++++ queries/aws_securityhub_product_1.yaml | 2 +- queries/aws_securityhub_product_1.yaml.bak | 25 ++++++ queries/aws_securityhub_product_2.yaml | 2 +- queries/aws_securityhub_product_2.yaml.bak | 26 ++++++ queries/aws_securityhub_product_3.yaml | 2 +- queries/aws_securityhub_product_3.yaml.bak | 29 +++++++ .../aws_securityhub_standards_control_1.yaml | 2 +- ...s_securityhub_standards_control_1.yaml.bak | 26 ++++++ .../aws_securityhub_standards_control_2.yaml | 2 +- ...s_securityhub_standards_control_2.yaml.bak | 26 ++++++ .../aws_securityhub_standards_control_3.yaml | 2 +- ...s_securityhub_standards_control_3.yaml.bak | 31 +++++++ .../aws_securityhub_standards_control_4.yaml | 2 +- ...s_securityhub_standards_control_4.yaml.bak | 28 +++++++ .../aws_securityhub_standards_control_5.yaml | 2 +- ...s_securityhub_standards_control_5.yaml.bak | 26 ++++++ .../aws_securityhub_standards_control_6.yaml | 2 +- ...s_securityhub_standards_control_6.yaml.bak | 29 +++++++ .../aws_securityhub_standards_control_7.yaml | 2 +- ...s_securityhub_standards_control_7.yaml.bak | 32 ++++++++ .../aws_securityhub_standards_control_8.yaml | 2 +- ...s_securityhub_standards_control_8.yaml.bak | 30 +++++++ ..._securityhub_standards_subscription_1.yaml | 2 +- ...urityhub_standards_subscription_1.yaml.bak | 27 +++++++ ..._securityhub_standards_subscription_2.yaml | 2 +- ...urityhub_standards_subscription_2.yaml.bak | 28 +++++++ ..._securityhub_standards_subscription_3.yaml | 2 +- ...urityhub_standards_subscription_3.yaml.bak | 30 +++++++ ..._securityhub_standards_subscription_4.yaml | 2 +- ...urityhub_standards_subscription_4.yaml.bak | 26 ++++++ queries/aws_securitylake_data_lake_1.yaml | 2 +- queries/aws_securitylake_data_lake_1.yaml.bak | 27 +++++++ queries/aws_securitylake_data_lake_2.yaml | 2 +- queries/aws_securitylake_data_lake_2.yaml.bak | 32 ++++++++ queries/aws_securitylake_data_lake_3.yaml | 2 +- queries/aws_securitylake_data_lake_3.yaml.bak | 30 +++++++ queries/aws_securitylake_data_lake_4.yaml | 2 +- queries/aws_securitylake_data_lake_4.yaml.bak | 29 +++++++ .../aws_securitylake_data_lake_4.yaml.bak.bak | 29 +++++++ queries/aws_securitylake_subscriber_1.yaml | 2 +- .../aws_securitylake_subscriber_1.yaml.bak | 27 +++++++ queries/aws_securitylake_subscriber_2.yaml | 2 +- .../aws_securitylake_subscriber_2.yaml.bak | 29 +++++++ queries/aws_securitylake_subscriber_3.yaml | 2 +- .../aws_securitylake_subscriber_3.yaml.bak | 34 ++++++++ queries/aws_securitylake_subscriber_4.yaml | 2 +- .../aws_securitylake_subscriber_4.yaml.bak | 32 ++++++++ ...aws_securitylake_subscriber_4.yaml.bak.bak | 32 ++++++++ queries/aws_securitylake_subscriber_5.yaml | 2 +- .../aws_securitylake_subscriber_5.yaml.bak | 30 +++++++ ...ssapplicationrepository_application_1.yaml | 2 +- ...plicationrepository_application_1.yaml.bak | 26 ++++++ ...ssapplicationrepository_application_2.yaml | 2 +- ...plicationrepository_application_2.yaml.bak | 29 +++++++ ...ssapplicationrepository_application_3.yaml | 2 +- ...plicationrepository_application_3.yaml.bak | 27 +++++++ queries/aws_service_discovery_instance_1.yaml | 2 +- .../aws_service_discovery_instance_1.yaml.bak | 27 +++++++ queries/aws_service_discovery_instance_2.yaml | 2 +- .../aws_service_discovery_instance_2.yaml.bak | 28 +++++++ queries/aws_service_discovery_instance_3.yaml | 2 +- .../aws_service_discovery_instance_3.yaml.bak | 27 +++++++ queries/aws_service_discovery_instance_4.yaml | 2 +- .../aws_service_discovery_instance_4.yaml.bak | 34 ++++++++ queries/aws_service_discovery_instance_5.yaml | 2 +- .../aws_service_discovery_instance_5.yaml.bak | 34 ++++++++ ..._service_discovery_instance_5.yaml.bak.bak | 34 ++++++++ queries/aws_service_discovery_instance_6.yaml | 2 +- .../aws_service_discovery_instance_6.yaml.bak | 29 +++++++ .../aws_service_discovery_namespace_1.yaml | 2 +- ...aws_service_discovery_namespace_1.yaml.bak | 26 ++++++ .../aws_service_discovery_namespace_2.yaml | 2 +- ...aws_service_discovery_namespace_2.yaml.bak | 28 +++++++ .../aws_service_discovery_namespace_3.yaml | 2 +- ...aws_service_discovery_namespace_3.yaml.bak | 28 +++++++ .../aws_service_discovery_namespace_4.yaml | 2 +- ...aws_service_discovery_namespace_4.yaml.bak | 27 +++++++ .../aws_service_discovery_namespace_5.yaml | 2 +- ...aws_service_discovery_namespace_5.yaml.bak | 26 ++++++ .../aws_service_discovery_namespace_6.yaml | 2 +- ...aws_service_discovery_namespace_6.yaml.bak | 29 +++++++ .../aws_service_discovery_namespace_7.yaml | 2 +- ...aws_service_discovery_namespace_7.yaml.bak | 25 ++++++ ...service_discovery_namespace_7.yaml.bak.bak | 25 ++++++ queries/aws_service_discovery_service_1.yaml | 2 +- .../aws_service_discovery_service_1.yaml.bak | 26 ++++++ queries/aws_service_discovery_service_2.yaml | 2 +- .../aws_service_discovery_service_2.yaml.bak | 28 +++++++ queries/aws_service_discovery_service_3.yaml | 2 +- .../aws_service_discovery_service_3.yaml.bak | 28 +++++++ queries/aws_service_discovery_service_4.yaml | 2 +- .../aws_service_discovery_service_4.yaml.bak | 27 +++++++ queries/aws_service_discovery_service_5.yaml | 2 +- .../aws_service_discovery_service_5.yaml.bak | 25 ++++++ queries/aws_service_discovery_service_6.yaml | 2 +- .../aws_service_discovery_service_6.yaml.bak | 28 +++++++ queries/aws_service_discovery_service_7.yaml | 2 +- .../aws_service_discovery_service_7.yaml.bak | 24 ++++++ queries/aws_service_discovery_service_8.yaml | 2 +- .../aws_service_discovery_service_8.yaml.bak | 30 +++++++ queries/aws_servicecatalog_portfolio_1.yaml | 2 +- .../aws_servicecatalog_portfolio_1.yaml.bak | 28 +++++++ queries/aws_servicecatalog_portfolio_2.yaml | 2 +- .../aws_servicecatalog_portfolio_2.yaml.bak | 29 +++++++ queries/aws_servicecatalog_portfolio_3.yaml | 2 +- .../aws_servicecatalog_portfolio_3.yaml.bak | 29 +++++++ queries/aws_servicecatalog_portfolio_4.yaml | 2 +- .../aws_servicecatalog_portfolio_4.yaml.bak | 27 +++++++ queries/aws_servicecatalog_product_1.yaml | 2 +- queries/aws_servicecatalog_product_1.yaml.bak | 28 +++++++ queries/aws_servicecatalog_product_2.yaml | 2 +- queries/aws_servicecatalog_product_2.yaml.bak | 30 +++++++ queries/aws_servicecatalog_product_3.yaml | 2 +- queries/aws_servicecatalog_product_3.yaml.bak | 29 +++++++ queries/aws_servicecatalog_product_4.yaml | 2 +- queries/aws_servicecatalog_product_4.yaml.bak | 28 +++++++ queries/aws_servicecatalog_product_5.yaml | 2 +- queries/aws_servicecatalog_product_5.yaml.bak | 28 +++++++ queries/aws_servicecatalog_product_6.yaml | 2 +- queries/aws_servicecatalog_product_6.yaml.bak | 29 +++++++ ..._servicecatalog_provisioned_product_1.yaml | 2 +- ...vicecatalog_provisioned_product_1.yaml.bak | 31 +++++++ ..._servicecatalog_provisioned_product_2.yaml | 2 +- ...vicecatalog_provisioned_product_2.yaml.bak | 35 ++++++++ ..._servicecatalog_provisioned_product_3.yaml | 2 +- ...vicecatalog_provisioned_product_3.yaml.bak | 33 ++++++++ ..._servicecatalog_provisioned_product_4.yaml | 2 +- ...vicecatalog_provisioned_product_4.yaml.bak | 34 ++++++++ ..._servicecatalog_provisioned_product_5.yaml | 2 +- ...vicecatalog_provisioned_product_5.yaml.bak | 34 ++++++++ ...servicequotas_default_service_quota_1.yaml | 2 +- ...icequotas_default_service_quota_1.yaml.bak | 27 +++++++ ...servicequotas_default_service_quota_2.yaml | 2 +- ...icequotas_default_service_quota_2.yaml.bak | 29 +++++++ ...servicequotas_default_service_quota_3.yaml | 2 +- ...icequotas_default_service_quota_3.yaml.bak | 29 +++++++ queries/aws_servicequotas_service_1.yaml | 2 +- queries/aws_servicequotas_service_1.yaml.bak | 23 ++++++ queries/aws_servicequotas_service_2.yaml | 2 +- queries/aws_servicequotas_service_2.yaml.bak | 24 ++++++ .../aws_servicequotas_service_quota_1.yaml | 2 +- ...aws_servicequotas_service_quota_1.yaml.bak | 29 +++++++ .../aws_servicequotas_service_quota_2.yaml | 2 +- ...aws_servicequotas_service_quota_2.yaml.bak | 29 +++++++ .../aws_servicequotas_service_quota_3.yaml | 2 +- ...aws_servicequotas_service_quota_3.yaml.bak | 31 +++++++ ...quotas_service_quota_change_request_1.yaml | 2 +- ...as_service_quota_change_request_1.yaml.bak | 27 +++++++ ...quotas_service_quota_change_request_2.yaml | 2 +- ...as_service_quota_change_request_2.yaml.bak | 29 +++++++ ...quotas_service_quota_change_request_3.yaml | 2 +- ...as_service_quota_change_request_3.yaml.bak | 29 +++++++ queries/aws_ses_domain_identity_1.yaml | 2 +- queries/aws_ses_domain_identity_1.yaml.bak | 25 ++++++ queries/aws_ses_domain_identity_2.yaml | 2 +- queries/aws_ses_domain_identity_2.yaml.bak | 28 +++++++ queries/aws_ses_email_identity_1.yaml | 2 +- queries/aws_ses_email_identity_1.yaml.bak | 27 +++++++ queries/aws_ses_email_identity_2.yaml | 2 +- queries/aws_ses_email_identity_2.yaml.bak | 28 +++++++ queries/aws_sfn_state_machine_1.yaml | 2 +- queries/aws_sfn_state_machine_1.yaml.bak | 28 +++++++ queries/aws_sfn_state_machine_2.yaml | 2 +- queries/aws_sfn_state_machine_2.yaml.bak | 28 +++++++ .../aws_sfn_state_machine_execution_1.yaml | 2 +- ...aws_sfn_state_machine_execution_1.yaml.bak | 27 +++++++ .../aws_sfn_state_machine_execution_2.yaml | 2 +- ...aws_sfn_state_machine_execution_2.yaml.bak | 29 +++++++ ...sfn_state_machine_execution_history_1.yaml | 2 +- ...state_machine_execution_history_1.yaml.bak | 28 +++++++ ...sfn_state_machine_execution_history_2.yaml | 2 +- ...state_machine_execution_history_2.yaml.bak | 30 +++++++ queries/aws_simspaceweaver_simulation_1.yaml | 2 +- .../aws_simspaceweaver_simulation_1.yaml.bak | 29 +++++++ queries/aws_simspaceweaver_simulation_2.yaml | 2 +- .../aws_simspaceweaver_simulation_2.yaml.bak | 29 +++++++ queries/aws_simspaceweaver_simulation_3.yaml | 2 +- .../aws_simspaceweaver_simulation_3.yaml.bak | 27 +++++++ queries/aws_simspaceweaver_simulation_4.yaml | 2 +- .../aws_simspaceweaver_simulation_4.yaml.bak | 25 ++++++ queries/aws_simspaceweaver_simulation_5.yaml | 2 +- .../aws_simspaceweaver_simulation_5.yaml.bak | 33 ++++++++ queries/aws_sns_subscription_1.yaml | 2 +- queries/aws_sns_subscription_1.yaml.bak | 25 ++++++ queries/aws_sns_subscription_2.yaml | 2 +- queries/aws_sns_subscription_2.yaml.bak | 27 +++++++ queries/aws_sns_subscription_3.yaml | 2 +- queries/aws_sns_subscription_3.yaml.bak | 25 ++++++ queries/aws_sns_topic_1.yaml | 2 +- queries/aws_sns_topic_1.yaml.bak | 25 ++++++ queries/aws_sns_topic_2.yaml | 2 +- queries/aws_sns_topic_2.yaml.bak | 27 +++++++ queries/aws_sns_topic_3.yaml | 2 +- queries/aws_sns_topic_3.yaml.bak | 25 ++++++ queries/aws_sns_topic_4.yaml | 2 +- queries/aws_sns_topic_4.yaml.bak | 32 ++++++++ queries/aws_sns_topic_5.yaml | 2 +- queries/aws_sns_topic_5.yaml.bak | 34 ++++++++ queries/aws_sns_topic_6.yaml | 2 +- queries/aws_sns_topic_6.yaml.bak | 39 +++++++++ queries/aws_sns_topic_7.yaml | 2 +- queries/aws_sns_topic_7.yaml.bak | 30 +++++++ queries/aws_sns_topic_subscription_1.yaml | 2 +- queries/aws_sns_topic_subscription_1.yaml.bak | 25 ++++++ queries/aws_sns_topic_subscription_2.yaml | 2 +- queries/aws_sns_topic_subscription_2.yaml.bak | 25 ++++++ queries/aws_sns_topic_subscription_3.yaml | 2 +- queries/aws_sns_topic_subscription_3.yaml.bak | 27 +++++++ queries/aws_sqs_queue_1.yaml | 2 +- queries/aws_sqs_queue_1.yaml.bak | 27 +++++++ queries/aws_sqs_queue_10.yaml | 2 +- queries/aws_sqs_queue_10.yaml.bak | 32 ++++++++ queries/aws_sqs_queue_2.yaml | 2 +- queries/aws_sqs_queue_2.yaml.bak | 29 +++++++ queries/aws_sqs_queue_3.yaml | 2 +- queries/aws_sqs_queue_3.yaml.bak | 28 +++++++ queries/aws_sqs_queue_4.yaml | 2 +- queries/aws_sqs_queue_4.yaml.bak | 28 +++++++ queries/aws_sqs_queue_5.yaml | 2 +- queries/aws_sqs_queue_5.yaml.bak | 25 ++++++ queries/aws_sqs_queue_6.yaml | 2 +- queries/aws_sqs_queue_6.yaml.bak | 27 +++++++ queries/aws_sqs_queue_7.yaml | 2 +- queries/aws_sqs_queue_7.yaml.bak | 27 +++++++ queries/aws_sqs_queue_8.yaml | 2 +- queries/aws_sqs_queue_8.yaml.bak | 38 +++++++++ queries/aws_sqs_queue_9.yaml | 2 +- queries/aws_sqs_queue_9.yaml.bak | 34 ++++++++ queries/aws_ssm_association_1.yaml | 2 +- queries/aws_ssm_association_1.yaml.bak | 31 +++++++ queries/aws_ssm_association_2.yaml | 2 +- queries/aws_ssm_association_2.yaml.bak | 27 +++++++ queries/aws_ssm_association_3.yaml | 2 +- queries/aws_ssm_association_3.yaml.bak | 29 +++++++ queries/aws_ssm_association_4.yaml | 2 +- queries/aws_ssm_association_4.yaml.bak | 29 +++++++ queries/aws_ssm_document_1.yaml | 2 +- queries/aws_ssm_document_1.yaml.bak | 29 +++++++ queries/aws_ssm_document_2.yaml | 2 +- queries/aws_ssm_document_2.yaml.bak | 29 +++++++ queries/aws_ssm_document_2.yaml.bak.bak | 29 +++++++ queries/aws_ssm_document_3.yaml | 2 +- queries/aws_ssm_document_3.yaml.bak | 31 +++++++ queries/aws_ssm_document_4.yaml | 2 +- queries/aws_ssm_document_4.yaml.bak | 27 +++++++ queries/aws_ssm_document_5.yaml | 2 +- queries/aws_ssm_document_5.yaml.bak | 30 +++++++ queries/aws_ssm_document_permission_1.yaml | 2 +- .../aws_ssm_document_permission_1.yaml.bak | 30 +++++++ queries/aws_ssm_document_permission_2.yaml | 2 +- .../aws_ssm_document_permission_2.yaml.bak | 31 +++++++ queries/aws_ssm_inventory_1.yaml | 2 +- queries/aws_ssm_inventory_1.yaml.bak | 27 +++++++ queries/aws_ssm_inventory_1.yaml.bak.bak | 27 +++++++ queries/aws_ssm_inventory_2.yaml | 2 +- queries/aws_ssm_inventory_2.yaml.bak | 34 ++++++++ queries/aws_ssm_inventory_3.yaml | 2 +- queries/aws_ssm_inventory_3.yaml.bak | 29 +++++++ queries/aws_ssm_inventory_4.yaml | 2 +- queries/aws_ssm_inventory_4.yaml.bak | 30 +++++++ queries/aws_ssm_inventory_5.yaml | 2 +- queries/aws_ssm_inventory_5.yaml.bak | 39 +++++++++ queries/aws_ssm_inventory_entry_1.yaml | 2 +- queries/aws_ssm_inventory_entry_1.yaml.bak | 28 +++++++ queries/aws_ssm_inventory_entry_2.yaml | 2 +- queries/aws_ssm_inventory_entry_2.yaml.bak | 30 +++++++ queries/aws_ssm_inventory_entry_3.yaml | 2 +- queries/aws_ssm_inventory_entry_3.yaml.bak | 30 +++++++ queries/aws_ssm_inventory_entry_4.yaml | 2 +- queries/aws_ssm_inventory_entry_4.yaml.bak | 31 +++++++ queries/aws_ssm_inventory_entry_5.yaml | 2 +- queries/aws_ssm_inventory_entry_5.yaml.bak | 32 ++++++++ queries/aws_ssm_maintenance_window_1.yaml | 2 +- queries/aws_ssm_maintenance_window_1.yaml.bak | 29 +++++++ queries/aws_ssm_maintenance_window_2.yaml | 2 +- queries/aws_ssm_maintenance_window_2.yaml.bak | 28 +++++++ queries/aws_ssm_maintenance_window_3.yaml | 2 +- queries/aws_ssm_maintenance_window_3.yaml.bak | 28 +++++++ queries/aws_ssm_maintenance_window_4.yaml | 2 +- queries/aws_ssm_maintenance_window_4.yaml.bak | 26 ++++++ .../aws_ssm_maintenance_window_4.yaml.bak.bak | 26 ++++++ queries/aws_ssm_managed_instance_1.yaml | 2 +- queries/aws_ssm_managed_instance_1.yaml.bak | 29 +++++++ queries/aws_ssm_managed_instance_2.yaml | 2 +- queries/aws_ssm_managed_instance_2.yaml.bak | 27 +++++++ .../aws_ssm_managed_instance_2.yaml.bak.bak | 27 +++++++ queries/aws_ssm_managed_instance_3.yaml | 2 +- queries/aws_ssm_managed_instance_3.yaml.bak | 29 +++++++ ...aws_ssm_managed_instance_compliance_1.yaml | 2 +- ...ssm_managed_instance_compliance_1.yaml.bak | 31 +++++++ ...aws_ssm_managed_instance_compliance_2.yaml | 2 +- ...ssm_managed_instance_compliance_2.yaml.bak | 33 ++++++++ ...aws_ssm_managed_instance_compliance_3.yaml | 2 +- ...ssm_managed_instance_compliance_3.yaml.bak | 33 ++++++++ ...aws_ssm_managed_instance_compliance_4.yaml | 2 +- ...ssm_managed_instance_compliance_4.yaml.bak | 29 +++++++ ...ws_ssm_managed_instance_patch_state_1.yaml | 2 +- ...sm_managed_instance_patch_state_1.yaml.bak | 30 +++++++ ...ws_ssm_managed_instance_patch_state_2.yaml | 2 +- ...sm_managed_instance_patch_state_2.yaml.bak | 24 ++++++ ...ws_ssm_managed_instance_patch_state_3.yaml | 2 +- ...sm_managed_instance_patch_state_3.yaml.bak | 26 ++++++ ...ws_ssm_managed_instance_patch_state_4.yaml | 2 +- ...sm_managed_instance_patch_state_4.yaml.bak | 26 ++++++ ...ws_ssm_managed_instance_patch_state_5.yaml | 2 +- ...sm_managed_instance_patch_state_5.yaml.bak | 30 +++++++ ...ws_ssm_managed_instance_patch_state_6.yaml | 2 +- ...sm_managed_instance_patch_state_6.yaml.bak | 28 +++++++ queries/aws_ssm_parameter_1.yaml | 2 +- queries/aws_ssm_parameter_1.yaml.bak | 26 ++++++ queries/aws_ssm_parameter_2.yaml | 2 +- queries/aws_ssm_parameter_2.yaml.bak | 27 +++++++ queries/aws_ssm_parameter_3.yaml | 2 +- queries/aws_ssm_parameter_3.yaml.bak | 25 ++++++ queries/aws_ssm_patch_baseline_1.yaml | 2 +- queries/aws_ssm_patch_baseline_1.yaml.bak | 27 +++++++ queries/aws_ssm_patch_baseline_2.yaml | 2 +- queries/aws_ssm_patch_baseline_2.yaml.bak | 30 +++++++ queries/aws_ssm_patch_baseline_3.yaml | 2 +- queries/aws_ssm_patch_baseline_3.yaml.bak | 32 ++++++++ queries/aws_ssm_patch_baseline_4.yaml | 2 +- queries/aws_ssm_patch_baseline_4.yaml.bak | 27 +++++++ queries/aws_ssmincidents_response_plan_1.yaml | 2 +- .../aws_ssmincidents_response_plan_1.yaml.bak | 28 +++++++ queries/aws_ssmincidents_response_plan_2.yaml | 2 +- .../aws_ssmincidents_response_plan_2.yaml.bak | 32 ++++++++ queries/aws_ssmincidents_response_plan_3.yaml | 2 +- .../aws_ssmincidents_response_plan_3.yaml.bak | 34 ++++++++ queries/aws_ssmincidents_response_plan_4.yaml | 2 +- .../aws_ssmincidents_response_plan_4.yaml.bak | 28 +++++++ queries/aws_ssmincidents_response_plan_5.yaml | 2 +- .../aws_ssmincidents_response_plan_5.yaml.bak | 30 +++++++ .../aws_ssoadmin_account_assignment_1.yaml | 2 +- ...aws_ssoadmin_account_assignment_1.yaml.bak | 30 +++++++ .../aws_ssoadmin_account_assignment_2.yaml | 2 +- ...aws_ssoadmin_account_assignment_2.yaml.bak | 55 +++++++++++++ queries/aws_ssoadmin_instance_1.yaml | 2 +- queries/aws_ssoadmin_instance_1.yaml.bak | 25 ++++++ ..._ssoadmin_managed_policy_attachment_1.yaml | 2 +- ...admin_managed_policy_attachment_1.yaml.bak | 27 +++++++ queries/aws_ssoadmin_permission_set_1.yaml | 2 +- .../aws_ssoadmin_permission_set_1.yaml.bak | 30 +++++++ queries/aws_sts_caller_identity_1.yaml | 2 +- queries/aws_sts_caller_identity_1.yaml.bak | 28 +++++++ queries/aws_sts_caller_identity_2.yaml | 2 +- queries/aws_sts_caller_identity_2.yaml.bak | 34 ++++++++ queries/aws_sts_caller_identity_3.yaml | 2 +- queries/aws_sts_caller_identity_3.yaml.bak | 34 ++++++++ queries/aws_tagging_resource_1.yaml | 2 +- queries/aws_tagging_resource_1.yaml.bak | 28 +++++++ queries/aws_tagging_resource_1.yaml.bak.bak | 28 +++++++ queries/aws_tagging_resource_2.yaml | 2 +- queries/aws_tagging_resource_2.yaml.bak | 27 +++++++ queries/aws_timestreamwrite_database_1.yaml | 2 +- .../aws_timestreamwrite_database_1.yaml.bak | 26 ++++++ queries/aws_timestreamwrite_database_2.yaml | 2 +- .../aws_timestreamwrite_database_2.yaml.bak | 26 ++++++ queries/aws_timestreamwrite_database_3.yaml | 2 +- .../aws_timestreamwrite_database_3.yaml.bak | 28 +++++++ ...ws_timestreamwrite_database_3.yaml.bak.bak | 28 +++++++ queries/aws_timestreamwrite_database_4.yaml | 2 +- .../aws_timestreamwrite_database_4.yaml.bak | 28 +++++++ queries/aws_timestreamwrite_database_5.yaml | 2 +- .../aws_timestreamwrite_database_5.yaml.bak | 25 ++++++ queries/aws_timestreamwrite_table_1.yaml | 2 +- queries/aws_timestreamwrite_table_1.yaml.bak | 27 +++++++ queries/aws_timestreamwrite_table_2.yaml | 2 +- queries/aws_timestreamwrite_table_2.yaml.bak | 26 ++++++ queries/aws_timestreamwrite_table_3.yaml | 2 +- queries/aws_timestreamwrite_table_3.yaml.bak | 29 +++++++ queries/aws_timestreamwrite_table_4.yaml | 2 +- queries/aws_timestreamwrite_table_4.yaml.bak | 26 ++++++ queries/aws_timestreamwrite_table_5.yaml | 2 +- queries/aws_timestreamwrite_table_5.yaml.bak | 28 +++++++ .../aws_timestreamwrite_table_5.yaml.bak.bak | 28 +++++++ queries/aws_timestreamwrite_table_6.yaml | 2 +- queries/aws_timestreamwrite_table_6.yaml.bak | 24 ++++++ queries/aws_transfer_server_1.yaml | 2 +- queries/aws_transfer_server_1.yaml.bak | 25 ++++++ queries/aws_transfer_server_2.yaml | 2 +- queries/aws_transfer_server_2.yaml.bak | 30 +++++++ queries/aws_transfer_server_3.yaml | 2 +- queries/aws_transfer_server_3.yaml.bak | 25 ++++++ queries/aws_transfer_server_4.yaml | 2 +- queries/aws_transfer_server_4.yaml.bak | 26 ++++++ queries/aws_transfer_server_4.yaml.bak.bak | 26 ++++++ queries/aws_transfer_server_5.yaml | 2 +- queries/aws_transfer_server_5.yaml.bak | 26 ++++++ queries/aws_transfer_server_6.yaml | 2 +- queries/aws_transfer_server_6.yaml.bak | 30 +++++++ queries/aws_transfer_user_1.yaml | 2 +- queries/aws_transfer_user_1.yaml.bak | 28 +++++++ queries/aws_transfer_user_2.yaml | 2 +- queries/aws_transfer_user_2.yaml.bak | 29 +++++++ queries/aws_transfer_user_3.yaml | 2 +- queries/aws_transfer_user_3.yaml.bak | 30 +++++++ queries/aws_transfer_user_4.yaml | 2 +- queries/aws_transfer_user_4.yaml.bak | 29 +++++++ .../aws_trusted_advisor_check_summary_1.yaml | 2 +- ...s_trusted_advisor_check_summary_1.yaml.bak | 36 +++++++++ .../aws_trusted_advisor_check_summary_2.yaml | 2 +- ...s_trusted_advisor_check_summary_2.yaml.bak | 33 ++++++++ .../aws_trusted_advisor_check_summary_3.yaml | 2 +- ...s_trusted_advisor_check_summary_3.yaml.bak | 30 +++++++ .../aws_trusted_advisor_check_summary_4.yaml | 2 +- ...s_trusted_advisor_check_summary_4.yaml.bak | 33 ++++++++ queries/aws_vpc_1.yaml | 2 +- queries/aws_vpc_1.yaml.bak | 29 +++++++ queries/aws_vpc_2.yaml | 2 +- queries/aws_vpc_2.yaml.bak | 31 +++++++ queries/aws_vpc_3.yaml | 2 +- queries/aws_vpc_3.yaml.bak | 31 +++++++ queries/aws_vpc_customer_gateway_1.yaml | 2 +- queries/aws_vpc_customer_gateway_1.yaml.bak | 30 +++++++ queries/aws_vpc_customer_gateway_2.yaml | 2 +- queries/aws_vpc_customer_gateway_2.yaml.bak | 25 ++++++ queries/aws_vpc_dhcp_options_1.yaml | 2 +- queries/aws_vpc_dhcp_options_1.yaml.bak | 29 +++++++ queries/aws_vpc_dhcp_options_2.yaml | 2 +- queries/aws_vpc_dhcp_options_2.yaml.bak | 26 ++++++ queries/aws_vpc_dhcp_options_3.yaml | 2 +- queries/aws_vpc_dhcp_options_3.yaml.bak | 26 ++++++ ...ws_vpc_egress_only_internet_gateway_1.yaml | 2 +- ...pc_egress_only_internet_gateway_1.yaml.bak | 29 +++++++ ...ws_vpc_egress_only_internet_gateway_2.yaml | 2 +- ...pc_egress_only_internet_gateway_2.yaml.bak | 27 +++++++ ...gress_only_internet_gateway_2.yaml.bak.bak | 27 +++++++ ...ws_vpc_egress_only_internet_gateway_3.yaml | 2 +- ...pc_egress_only_internet_gateway_3.yaml.bak | 29 +++++++ queries/aws_vpc_eip_1.yaml | 2 +- queries/aws_vpc_eip_1.yaml.bak | 27 +++++++ queries/aws_vpc_eip_2.yaml | 2 +- queries/aws_vpc_eip_2.yaml.bak | 27 +++++++ queries/aws_vpc_eip_address_transfer_1.yaml | 2 +- .../aws_vpc_eip_address_transfer_1.yaml.bak | 28 +++++++ queries/aws_vpc_eip_address_transfer_2.yaml | 2 +- .../aws_vpc_eip_address_transfer_2.yaml.bak | 28 +++++++ queries/aws_vpc_eip_address_transfer_3.yaml | 2 +- .../aws_vpc_eip_address_transfer_3.yaml.bak | 30 +++++++ queries/aws_vpc_eip_address_transfer_4.yaml | 2 +- .../aws_vpc_eip_address_transfer_4.yaml.bak | 39 +++++++++ queries/aws_vpc_endpoint_1.yaml | 2 +- queries/aws_vpc_endpoint_1.yaml.bak | 26 ++++++ queries/aws_vpc_endpoint_2.yaml | 2 +- queries/aws_vpc_endpoint_2.yaml.bak | 25 ++++++ queries/aws_vpc_endpoint_3.yaml | 2 +- queries/aws_vpc_endpoint_3.yaml.bak | 30 +++++++ queries/aws_vpc_endpoint_4.yaml | 2 +- queries/aws_vpc_endpoint_4.yaml.bak | 28 +++++++ queries/aws_vpc_endpoint_4.yaml.bak.bak | 28 +++++++ queries/aws_vpc_endpoint_5.yaml | 2 +- queries/aws_vpc_endpoint_5.yaml.bak | 25 ++++++ queries/aws_vpc_endpoint_service_1.yaml | 2 +- queries/aws_vpc_endpoint_service_1.yaml.bak | 27 +++++++ queries/aws_vpc_endpoint_service_2.yaml | 2 +- queries/aws_vpc_endpoint_service_2.yaml.bak | 25 ++++++ queries/aws_vpc_endpoint_service_3.yaml | 2 +- queries/aws_vpc_endpoint_service_3.yaml.bak | 25 ++++++ queries/aws_vpc_endpoint_service_4.yaml | 2 +- queries/aws_vpc_endpoint_service_4.yaml.bak | 25 ++++++ queries/aws_vpc_endpoint_service_5.yaml | 2 +- queries/aws_vpc_endpoint_service_5.yaml.bak | 26 ++++++ queries/aws_vpc_endpoint_service_6.yaml | 2 +- queries/aws_vpc_endpoint_service_6.yaml.bak | 26 ++++++ .../aws_vpc_endpoint_service_6.yaml.bak.bak | 26 ++++++ queries/aws_vpc_endpoint_service_7.yaml | 2 +- queries/aws_vpc_endpoint_service_7.yaml.bak | 30 +++++++ queries/aws_vpc_flow_log_1.yaml | 2 +- queries/aws_vpc_flow_log_1.yaml.bak | 25 ++++++ queries/aws_vpc_flow_log_2.yaml | 2 +- queries/aws_vpc_flow_log_2.yaml.bak | 29 +++++++ queries/aws_vpc_flow_log_3.yaml | 2 +- queries/aws_vpc_flow_log_3.yaml.bak | 28 +++++++ queries/aws_vpc_flow_log_4.yaml | 2 +- queries/aws_vpc_flow_log_4.yaml.bak | 23 ++++++ queries/aws_vpc_flow_log_event_1.yaml | 2 +- queries/aws_vpc_flow_log_event_1.yaml.bak | 36 +++++++++ queries/aws_vpc_flow_log_event_2.yaml | 2 +- queries/aws_vpc_flow_log_event_2.yaml.bak | 40 +++++++++ queries/aws_vpc_flow_log_event_3.yaml | 2 +- queries/aws_vpc_flow_log_event_3.yaml.bak | 27 +++++++ queries/aws_vpc_flow_log_event_4.yaml | 2 +- queries/aws_vpc_flow_log_event_4.yaml.bak | 35 ++++++++ queries/aws_vpc_flow_log_event_4.yaml.bak.bak | 35 ++++++++ queries/aws_vpc_flow_log_event_5.yaml | 2 +- queries/aws_vpc_flow_log_event_5.yaml.bak | 40 +++++++++ queries/aws_vpc_flow_log_event_6.yaml | 2 +- queries/aws_vpc_flow_log_event_6.yaml.bak | 38 +++++++++ queries/aws_vpc_internet_gateway_1.yaml | 2 +- queries/aws_vpc_internet_gateway_1.yaml.bak | 25 ++++++ queries/aws_vpc_internet_gateway_2.yaml | 2 +- queries/aws_vpc_internet_gateway_2.yaml.bak | 26 ++++++ .../aws_vpc_internet_gateway_2.yaml.bak.bak | 26 ++++++ queries/aws_vpc_nat_gateway_1.yaml | 2 +- queries/aws_vpc_nat_gateway_1.yaml.bak | 29 +++++++ queries/aws_vpc_nat_gateway_2.yaml | 2 +- queries/aws_vpc_nat_gateway_2.yaml.bak | 26 ++++++ queries/aws_vpc_nat_gateway_3.yaml | 2 +- queries/aws_vpc_nat_gateway_3.yaml.bak | 27 +++++++ queries/aws_vpc_nat_gateway_4.yaml | 2 +- queries/aws_vpc_nat_gateway_4.yaml.bak | 27 +++++++ ...way_metric_bytes_out_to_destination_1.yaml | 2 +- ...metric_bytes_out_to_destination_1.yaml.bak | 32 ++++++++ ...way_metric_bytes_out_to_destination_2.yaml | 2 +- ...metric_bytes_out_to_destination_2.yaml.bak | 34 ++++++++ queries/aws_vpc_network_acl_1.yaml | 2 +- queries/aws_vpc_network_acl_1.yaml.bak | 26 ++++++ queries/aws_vpc_network_acl_2.yaml | 2 +- queries/aws_vpc_network_acl_2.yaml.bak | 28 +++++++ queries/aws_vpc_network_acl_3.yaml | 2 +- queries/aws_vpc_network_acl_3.yaml.bak | 28 +++++++ queries/aws_vpc_peering_connection_1.yaml | 2 +- queries/aws_vpc_peering_connection_1.yaml.bak | 29 +++++++ queries/aws_vpc_peering_connection_2.yaml | 2 +- queries/aws_vpc_peering_connection_2.yaml.bak | 30 +++++++ queries/aws_vpc_peering_connection_3.yaml | 2 +- queries/aws_vpc_peering_connection_3.yaml.bak | 31 +++++++ queries/aws_vpc_peering_connection_4.yaml | 2 +- queries/aws_vpc_peering_connection_4.yaml.bak | 29 +++++++ .../aws_vpc_peering_connection_4.yaml.bak.bak | 29 +++++++ queries/aws_vpc_peering_connection_5.yaml | 2 +- queries/aws_vpc_peering_connection_5.yaml.bak | 33 ++++++++ queries/aws_vpc_peering_connection_6.yaml | 2 +- queries/aws_vpc_peering_connection_6.yaml.bak | 24 ++++++ queries/aws_vpc_peering_connection_7.yaml | 2 +- queries/aws_vpc_peering_connection_7.yaml.bak | 25 ++++++ queries/aws_vpc_peering_connection_8.yaml | 2 +- queries/aws_vpc_peering_connection_8.yaml.bak | 28 +++++++ .../aws_vpc_peering_connection_8.yaml.bak.bak | 28 +++++++ queries/aws_vpc_peering_connection_9.yaml | 2 +- queries/aws_vpc_peering_connection_9.yaml.bak | 27 +++++++ queries/aws_vpc_route_1.yaml | 2 +- queries/aws_vpc_route_1.yaml.bak | 30 +++++++ queries/aws_vpc_route_2.yaml | 2 +- queries/aws_vpc_route_2.yaml.bak | 27 +++++++ queries/aws_vpc_route_3.yaml | 2 +- queries/aws_vpc_route_3.yaml.bak | 36 +++++++++ queries/aws_vpc_route_table_1.yaml | 2 +- queries/aws_vpc_route_table_1.yaml.bak | 25 ++++++ queries/aws_vpc_route_table_2.yaml | 2 +- queries/aws_vpc_route_table_2.yaml.bak | 30 +++++++ queries/aws_vpc_route_table_2.yaml.bak.bak | 30 +++++++ queries/aws_vpc_route_table_3.yaml | 2 +- queries/aws_vpc_route_table_3.yaml.bak | 37 +++++++++ queries/aws_vpc_security_group_1.yaml | 2 +- queries/aws_vpc_security_group_1.yaml.bak | 33 ++++++++ queries/aws_vpc_security_group_2.yaml | 2 +- queries/aws_vpc_security_group_2.yaml.bak | 48 +++++++++++ queries/aws_vpc_security_group_2.yaml.bak.bak | 48 +++++++++++ queries/aws_vpc_security_group_3.yaml | 2 +- queries/aws_vpc_security_group_3.yaml.bak | 27 +++++++ queries/aws_vpc_security_group_4.yaml | 2 +- queries/aws_vpc_security_group_4.yaml.bak | 27 +++++++ queries/aws_vpc_security_group_rule_1.yaml | 2 +- .../aws_vpc_security_group_rule_1.yaml.bak | 31 +++++++ queries/aws_vpc_security_group_rule_2.yaml | 2 +- .../aws_vpc_security_group_rule_2.yaml.bak | 46 +++++++++++ queries/aws_vpc_security_group_rule_3.yaml | 2 +- .../aws_vpc_security_group_rule_3.yaml.bak | 34 ++++++++ queries/aws_vpc_subnet_1.yaml | 2 +- queries/aws_vpc_subnet_1.yaml.bak | 30 +++++++ queries/aws_vpc_subnet_2.yaml | 2 +- queries/aws_vpc_subnet_2.yaml.bak | 30 +++++++ queries/aws_vpc_subnet_3.yaml | 2 +- queries/aws_vpc_subnet_3.yaml.bak | 27 +++++++ queries/aws_vpc_subnet_4.yaml | 2 +- queries/aws_vpc_subnet_4.yaml.bak | 27 +++++++ queries/aws_vpc_subnet_5.yaml | 2 +- queries/aws_vpc_subnet_5.yaml.bak | 27 +++++++ .../aws_vpc_verified_access_endpoint_1.yaml | 2 +- ...ws_vpc_verified_access_endpoint_1.yaml.bak | 31 +++++++ .../aws_vpc_verified_access_endpoint_2.yaml | 2 +- ...ws_vpc_verified_access_endpoint_2.yaml.bak | 31 +++++++ .../aws_vpc_verified_access_endpoint_3.yaml | 2 +- ...ws_vpc_verified_access_endpoint_3.yaml.bak | 31 +++++++ .../aws_vpc_verified_access_endpoint_4.yaml | 2 +- ...ws_vpc_verified_access_endpoint_4.yaml.bak | 32 ++++++++ .../aws_vpc_verified_access_endpoint_5.yaml | 2 +- ...ws_vpc_verified_access_endpoint_5.yaml.bak | 31 +++++++ .../aws_vpc_verified_access_endpoint_6.yaml | 2 +- ...ws_vpc_verified_access_endpoint_6.yaml.bak | 27 +++++++ ...pc_verified_access_endpoint_6.yaml.bak.bak | 27 +++++++ .../aws_vpc_verified_access_endpoint_7.yaml | 2 +- ...ws_vpc_verified_access_endpoint_7.yaml.bak | 32 ++++++++ queries/aws_vpc_verified_access_group_1.yaml | 2 +- .../aws_vpc_verified_access_group_1.yaml.bak | 29 +++++++ queries/aws_vpc_verified_access_group_2.yaml | 2 +- .../aws_vpc_verified_access_group_2.yaml.bak | 29 +++++++ queries/aws_vpc_verified_access_group_3.yaml | 2 +- .../aws_vpc_verified_access_group_3.yaml.bak | 30 +++++++ queries/aws_vpc_verified_access_group_4.yaml | 2 +- .../aws_vpc_verified_access_group_4.yaml.bak | 31 +++++++ ...s_vpc_verified_access_group_4.yaml.bak.bak | 31 +++++++ .../aws_vpc_verified_access_instance_1.yaml | 2 +- ...ws_vpc_verified_access_instance_1.yaml.bak | 28 +++++++ .../aws_vpc_verified_access_instance_2.yaml | 2 +- ...ws_vpc_verified_access_instance_2.yaml.bak | 29 +++++++ .../aws_vpc_verified_access_instance_3.yaml | 2 +- ...ws_vpc_verified_access_instance_3.yaml.bak | 35 ++++++++ ..._vpc_verified_access_trust_provider_1.yaml | 2 +- ..._verified_access_trust_provider_1.yaml.bak | 27 +++++++ ..._vpc_verified_access_trust_provider_2.yaml | 2 +- ..._verified_access_trust_provider_2.yaml.bak | 31 +++++++ ..._vpc_verified_access_trust_provider_3.yaml | 2 +- ..._verified_access_trust_provider_3.yaml.bak | 30 +++++++ queries/aws_vpc_vpn_connection_1.yaml | 2 +- queries/aws_vpc_vpn_connection_1.yaml.bak | 29 +++++++ queries/aws_vpc_vpn_connection_2.yaml | 2 +- queries/aws_vpc_vpn_connection_2.yaml.bak | 32 ++++++++ queries/aws_vpc_vpn_connection_3.yaml | 2 +- queries/aws_vpc_vpn_connection_3.yaml.bak | 28 +++++++ queries/aws_vpc_vpn_gateway_1.yaml | 2 +- queries/aws_vpc_vpn_gateway_1.yaml.bak | 31 +++++++ queries/aws_vpc_vpn_gateway_2.yaml | 2 +- queries/aws_vpc_vpn_gateway_2.yaml.bak | 26 ++++++ queries/aws_vpc_vpn_gateway_3.yaml | 2 +- queries/aws_vpc_vpn_gateway_3.yaml.bak | 29 +++++++ queries/aws_waf_rate_based_rule_1.yaml | 2 +- queries/aws_waf_rate_based_rule_1.yaml.bak | 26 ++++++ queries/aws_waf_rate_based_rule_2.yaml | 2 +- queries/aws_waf_rate_based_rule_2.yaml.bak | 31 +++++++ queries/aws_waf_rule_1.yaml | 2 +- queries/aws_waf_rule_1.yaml.bak | 24 ++++++ queries/aws_waf_rule_2.yaml | 2 +- queries/aws_waf_rule_2.yaml.bak | 27 +++++++ queries/aws_waf_rule_group_1.yaml | 2 +- queries/aws_waf_rule_group_1.yaml.bak | 28 +++++++ queries/aws_waf_rule_group_1.yaml.bak.bak | 28 +++++++ queries/aws_waf_rule_group_2.yaml | 2 +- queries/aws_waf_rule_group_2.yaml.bak | 30 +++++++ queries/aws_waf_rule_group_3.yaml | 2 +- queries/aws_waf_rule_group_3.yaml.bak | 29 +++++++ queries/aws_waf_web_acl_1.yaml | 2 +- queries/aws_waf_web_acl_1.yaml.bak | 29 +++++++ queries/aws_waf_web_acl_2.yaml | 2 +- queries/aws_waf_web_acl_2.yaml.bak | 33 ++++++++ queries/aws_waf_web_acl_3.yaml | 2 +- queries/aws_waf_web_acl_3.yaml.bak | 31 +++++++ queries/aws_waf_web_acl_4.yaml | 2 +- queries/aws_waf_web_acl_4.yaml.bak | 30 +++++++ queries/aws_waf_web_acl_5.yaml | 2 +- queries/aws_waf_web_acl_5.yaml.bak | 27 +++++++ queries/aws_wafregional_rule_1.yaml | 2 +- queries/aws_wafregional_rule_1.yaml.bak | 26 ++++++ queries/aws_wafregional_rule_1.yaml.bak.bak | 26 ++++++ queries/aws_wafregional_rule_2.yaml | 2 +- queries/aws_wafregional_rule_2.yaml.bak | 27 +++++++ queries/aws_wafregional_rule_group_1.yaml | 2 +- queries/aws_wafregional_rule_group_1.yaml.bak | 27 +++++++ queries/aws_wafregional_rule_group_2.yaml | 2 +- queries/aws_wafregional_rule_group_2.yaml.bak | 30 +++++++ queries/aws_wafregional_rule_group_3.yaml | 2 +- queries/aws_wafregional_rule_group_3.yaml.bak | 27 +++++++ queries/aws_wafregional_web_acl_1.yaml | 2 +- queries/aws_wafregional_web_acl_1.yaml.bak | 27 +++++++ queries/aws_wafregional_web_acl_2.yaml | 2 +- queries/aws_wafregional_web_acl_2.yaml.bak | 31 +++++++ queries/aws_wafregional_web_acl_3.yaml | 2 +- queries/aws_wafregional_web_acl_3.yaml.bak | 29 +++++++ queries/aws_wafregional_web_acl_4.yaml | 2 +- queries/aws_wafregional_web_acl_4.yaml.bak | 28 +++++++ queries/aws_wafregional_web_acl_5.yaml | 2 +- queries/aws_wafregional_web_acl_5.yaml.bak | 27 +++++++ queries/aws_wafv2_ip_set_1.yaml | 2 +- queries/aws_wafv2_ip_set_1.yaml.bak | 31 +++++++ queries/aws_wafv2_ip_set_2.yaml | 2 +- queries/aws_wafv2_ip_set_2.yaml.bak | 31 +++++++ queries/aws_wafv2_ip_set_3.yaml | 2 +- queries/aws_wafv2_ip_set_3.yaml.bak | 33 ++++++++ queries/aws_wafv2_ip_set_3.yaml.bak.bak | 33 ++++++++ queries/aws_wafv2_ip_set_4.yaml | 2 +- queries/aws_wafv2_ip_set_4.yaml.bak | 30 +++++++ queries/aws_wafv2_regex_pattern_set_1.yaml | 2 +- .../aws_wafv2_regex_pattern_set_1.yaml.bak | 28 +++++++ queries/aws_wafv2_regex_pattern_set_2.yaml | 2 +- .../aws_wafv2_regex_pattern_set_2.yaml.bak | 32 ++++++++ queries/aws_wafv2_regex_pattern_set_3.yaml | 2 +- .../aws_wafv2_regex_pattern_set_3.yaml.bak | 33 ++++++++ queries/aws_wafv2_rule_group_1.yaml | 2 +- queries/aws_wafv2_rule_group_1.yaml.bak | 31 +++++++ queries/aws_wafv2_rule_group_2.yaml | 2 +- queries/aws_wafv2_rule_group_2.yaml.bak | 34 ++++++++ queries/aws_wafv2_rule_group_3.yaml | 2 +- queries/aws_wafv2_rule_group_3.yaml.bak | 32 ++++++++ queries/aws_wafv2_web_acl_1.yaml | 2 +- queries/aws_wafv2_web_acl_1.yaml.bak | 29 +++++++ queries/aws_wafv2_web_acl_2.yaml | 2 +- queries/aws_wafv2_web_acl_2.yaml.bak | 25 ++++++ queries/aws_wafv2_web_acl_3.yaml | 2 +- queries/aws_wafv2_web_acl_3.yaml.bak | 28 +++++++ queries/aws_wafv2_web_acl_4.yaml | 2 +- queries/aws_wafv2_web_acl_4.yaml.bak | 41 ++++++++++ queries/aws_wafv2_web_acl_5.yaml | 2 +- queries/aws_wafv2_web_acl_5.yaml.bak | 29 +++++++ queries/aws_wafv2_web_acl_6.yaml | 2 +- queries/aws_wafv2_web_acl_6.yaml.bak | 31 +++++++ queries/aws_wafv2_web_acl_7.yaml | 2 +- queries/aws_wafv2_web_acl_7.yaml.bak | 32 ++++++++ queries/aws_wellarchitected_answer_1.yaml | 2 +- queries/aws_wellarchitected_answer_1.yaml.bak | 32 ++++++++ queries/aws_wellarchitected_answer_2.yaml | 2 +- queries/aws_wellarchitected_answer_2.yaml.bak | 29 +++++++ queries/aws_wellarchitected_answer_3.yaml | 2 +- queries/aws_wellarchitected_answer_3.yaml.bak | 34 ++++++++ queries/aws_wellarchitected_answer_4.yaml | 2 +- queries/aws_wellarchitected_answer_4.yaml.bak | 33 ++++++++ queries/aws_wellarchitected_answer_5.yaml | 2 +- queries/aws_wellarchitected_answer_5.yaml.bak | 29 +++++++ queries/aws_wellarchitected_answer_6.yaml | 2 +- queries/aws_wellarchitected_answer_6.yaml.bak | 36 +++++++++ queries/aws_wellarchitected_answer_7.yaml | 2 +- queries/aws_wellarchitected_answer_7.yaml.bak | 32 ++++++++ .../aws_wellarchitected_check_detail_1.yaml | 2 +- ...ws_wellarchitected_check_detail_1.yaml.bak | 30 +++++++ .../aws_wellarchitected_check_detail_2.yaml | 2 +- ...ws_wellarchitected_check_detail_2.yaml.bak | 27 +++++++ .../aws_wellarchitected_check_detail_3.yaml | 2 +- ...ws_wellarchitected_check_detail_3.yaml.bak | 32 ++++++++ .../aws_wellarchitected_check_detail_4.yaml | 2 +- ...ws_wellarchitected_check_detail_4.yaml.bak | 32 ++++++++ .../aws_wellarchitected_check_detail_5.yaml | 2 +- ...ws_wellarchitected_check_detail_5.yaml.bak | 35 ++++++++ .../aws_wellarchitected_check_detail_6.yaml | 2 +- ...ws_wellarchitected_check_detail_6.yaml.bak | 34 ++++++++ ...ellarchitected_check_detail_6.yaml.bak.bak | 34 ++++++++ .../aws_wellarchitected_check_summary_1.yaml | 2 +- ...s_wellarchitected_check_summary_1.yaml.bak | 34 ++++++++ .../aws_wellarchitected_check_summary_2.yaml | 2 +- ...s_wellarchitected_check_summary_2.yaml.bak | 33 ++++++++ .../aws_wellarchitected_check_summary_3.yaml | 2 +- ...s_wellarchitected_check_summary_3.yaml.bak | 31 +++++++ .../aws_wellarchitected_check_summary_4.yaml | 2 +- ...s_wellarchitected_check_summary_4.yaml.bak | 31 +++++++ .../aws_wellarchitected_check_summary_5.yaml | 2 +- ...s_wellarchitected_check_summary_5.yaml.bak | 36 +++++++++ ...wellarchitected_consolidated_report_1.yaml | 2 +- ...architected_consolidated_report_1.yaml.bak | 29 +++++++ ...wellarchitected_consolidated_report_2.yaml | 2 +- ...architected_consolidated_report_2.yaml.bak | 33 ++++++++ ...itected_consolidated_report_2.yaml.bak.bak | 33 ++++++++ ...wellarchitected_consolidated_report_3.yaml | 2 +- ...architected_consolidated_report_3.yaml.bak | 24 ++++++ ...wellarchitected_consolidated_report_4.yaml | 2 +- ...architected_consolidated_report_4.yaml.bak | 29 +++++++ queries/aws_wellarchitected_lens_1.yaml | 2 +- queries/aws_wellarchitected_lens_1.yaml.bak | 27 +++++++ queries/aws_wellarchitected_lens_2.yaml | 2 +- queries/aws_wellarchitected_lens_2.yaml.bak | 25 ++++++ queries/aws_wellarchitected_lens_3.yaml | 2 +- queries/aws_wellarchitected_lens_3.yaml.bak | 29 +++++++ queries/aws_wellarchitected_lens_4.yaml | 2 +- queries/aws_wellarchitected_lens_4.yaml.bak | 28 +++++++ queries/aws_wellarchitected_lens_5.yaml | 2 +- queries/aws_wellarchitected_lens_5.yaml.bak | 28 +++++++ .../aws_wellarchitected_lens_5.yaml.bak.bak | 28 +++++++ queries/aws_wellarchitected_lens_6.yaml | 2 +- queries/aws_wellarchitected_lens_6.yaml.bak | 31 +++++++ .../aws_wellarchitected_lens_review_1.yaml | 2 +- ...aws_wellarchitected_lens_review_1.yaml.bak | 27 +++++++ .../aws_wellarchitected_lens_review_2.yaml | 2 +- ...aws_wellarchitected_lens_review_2.yaml.bak | 27 +++++++ .../aws_wellarchitected_lens_review_3.yaml | 2 +- ...aws_wellarchitected_lens_review_3.yaml.bak | 26 ++++++ .../aws_wellarchitected_lens_review_4.yaml | 2 +- ...aws_wellarchitected_lens_review_4.yaml.bak | 33 ++++++++ .../aws_wellarchitected_lens_review_5.yaml | 2 +- ...aws_wellarchitected_lens_review_5.yaml.bak | 30 +++++++ ...wellarchitected_lens_review_5.yaml.bak.bak | 30 +++++++ .../aws_wellarchitected_lens_review_6.yaml | 2 +- ...aws_wellarchitected_lens_review_6.yaml.bak | 24 ++++++ ...architected_lens_review_improvement_1.yaml | 2 +- ...itected_lens_review_improvement_1.yaml.bak | 30 +++++++ ...architected_lens_review_improvement_2.yaml | 2 +- ...itected_lens_review_improvement_2.yaml.bak | 31 +++++++ ...architected_lens_review_improvement_3.yaml | 2 +- ...itected_lens_review_improvement_3.yaml.bak | 32 ++++++++ ...architected_lens_review_improvement_4.yaml | 2 +- ...itected_lens_review_improvement_4.yaml.bak | 27 +++++++ ..._wellarchitected_lens_review_report_1.yaml | 2 +- ...larchitected_lens_review_report_1.yaml.bak | 28 +++++++ ..._wellarchitected_lens_review_report_2.yaml | 2 +- ...larchitected_lens_review_report_2.yaml.bak | 29 +++++++ ..._wellarchitected_lens_review_report_3.yaml | 2 +- ...larchitected_lens_review_report_3.yaml.bak | 30 +++++++ queries/aws_wellarchitected_lens_share_1.yaml | 2 +- .../aws_wellarchitected_lens_share_1.yaml.bak | 26 ++++++ queries/aws_wellarchitected_lens_share_2.yaml | 2 +- .../aws_wellarchitected_lens_share_2.yaml.bak | 30 +++++++ queries/aws_wellarchitected_lens_share_3.yaml | 2 +- .../aws_wellarchitected_lens_share_3.yaml.bak | 29 +++++++ queries/aws_wellarchitected_milestone_1.yaml | 2 +- .../aws_wellarchitected_milestone_1.yaml.bak | 26 ++++++ queries/aws_wellarchitected_milestone_2.yaml | 2 +- .../aws_wellarchitected_milestone_2.yaml.bak | 42 ++++++++++ queries/aws_wellarchitected_milestone_3.yaml | 2 +- .../aws_wellarchitected_milestone_3.yaml.bak | 33 ++++++++ queries/aws_wellarchitected_milestone_4.yaml | 2 +- .../aws_wellarchitected_milestone_4.yaml.bak | 35 ++++++++ .../aws_wellarchitected_notification_1.yaml | 2 +- ...ws_wellarchitected_notification_1.yaml.bak | 28 +++++++ .../aws_wellarchitected_notification_2.yaml | 2 +- ...ws_wellarchitected_notification_2.yaml.bak | 28 +++++++ .../aws_wellarchitected_notification_3.yaml | 2 +- ...ws_wellarchitected_notification_3.yaml.bak | 28 +++++++ ...ws_wellarchitected_share_invitation_1.yaml | 2 +- ...ellarchitected_share_invitation_1.yaml.bak | 26 ++++++ ...ws_wellarchitected_share_invitation_2.yaml | 2 +- ...ellarchitected_share_invitation_2.yaml.bak | 30 +++++++ ...ws_wellarchitected_share_invitation_3.yaml | 2 +- ...ellarchitected_share_invitation_3.yaml.bak | 30 +++++++ ...ws_wellarchitected_share_invitation_4.yaml | 2 +- ...ellarchitected_share_invitation_4.yaml.bak | 28 +++++++ ...ws_wellarchitected_share_invitation_5.yaml | 2 +- ...ellarchitected_share_invitation_5.yaml.bak | 28 +++++++ ...ws_wellarchitected_share_invitation_6.yaml | 2 +- ...ellarchitected_share_invitation_6.yaml.bak | 25 ++++++ ...rchitected_share_invitation_6.yaml.bak.bak | 25 ++++++ queries/aws_wellarchitected_workload_1.yaml | 2 +- .../aws_wellarchitected_workload_1.yaml.bak | 28 +++++++ queries/aws_wellarchitected_workload_2.yaml | 2 +- .../aws_wellarchitected_workload_2.yaml.bak | 28 +++++++ queries/aws_wellarchitected_workload_3.yaml | 2 +- .../aws_wellarchitected_workload_3.yaml.bak | 26 ++++++ queries/aws_wellarchitected_workload_4.yaml | 2 +- .../aws_wellarchitected_workload_4.yaml.bak | 26 ++++++ ...ws_wellarchitected_workload_4.yaml.bak.bak | 26 ++++++ .../aws_wellarchitected_workload_share_1.yaml | 2 +- ..._wellarchitected_workload_share_1.yaml.bak | 27 +++++++ .../aws_wellarchitected_workload_share_2.yaml | 2 +- ..._wellarchitected_workload_share_2.yaml.bak | 31 +++++++ .../aws_wellarchitected_workload_share_3.yaml | 2 +- ..._wellarchitected_workload_share_3.yaml.bak | 29 +++++++ ...larchitected_workload_share_3.yaml.bak.bak | 29 +++++++ .../aws_wellarchitected_workload_share_4.yaml | 2 +- ..._wellarchitected_workload_share_4.yaml.bak | 31 +++++++ queries/aws_workspaces_directory_1.yaml | 2 +- queries/aws_workspaces_directory_1.yaml.bak | 30 +++++++ queries/aws_workspaces_directory_2.yaml | 2 +- queries/aws_workspaces_directory_2.yaml.bak | 34 ++++++++ queries/aws_workspaces_directory_3.yaml | 2 +- queries/aws_workspaces_directory_3.yaml.bak | 30 +++++++ queries/aws_workspaces_directory_4.yaml | 2 +- queries/aws_workspaces_directory_4.yaml.bak | 31 +++++++ .../aws_workspaces_directory_4.yaml.bak.bak | 31 +++++++ queries/aws_workspaces_directory_5.yaml | 2 +- queries/aws_workspaces_directory_5.yaml.bak | 33 ++++++++ queries/aws_workspaces_directory_6.yaml | 2 +- queries/aws_workspaces_directory_6.yaml.bak | 32 ++++++++ queries/aws_workspaces_directory_7.yaml | 2 +- queries/aws_workspaces_directory_7.yaml.bak | 30 +++++++ queries/aws_workspaces_directory_8.yaml | 2 +- queries/aws_workspaces_directory_8.yaml.bak | 36 +++++++++ .../aws_workspaces_directory_8.yaml.bak.bak | 36 +++++++++ queries/aws_workspaces_workspace_1.yaml | 2 +- queries/aws_workspaces_workspace_1.yaml.bak | 25 ++++++ queries/aws_workspaces_workspace_2.yaml | 2 +- queries/aws_workspaces_workspace_2.yaml.bak | 27 +++++++ queries/bulk_update_yaml.sh | 78 +++++++++--------- queries/bulk_update_yaml.sh.bak | 47 +++++++++++ queries/cloud_managed_software.yaml | 2 +- queries/cloud_managed_software.yaml.bak | 36 +++++++++ queries/cloud_networks.yaml | 2 +- queries/cloud_networks.yaml.bak | 37 +++++++++ queries/container_workload.yaml | 2 +- queries/container_workload.yaml.bak | 36 +++++++++ queries/database_workload.yaml | 2 +- queries/database_workload.yaml.bak | 40 +++++++++ queries/devops.yaml | 2 +- queries/devops.yaml.bak | 38 +++++++++ queries/error_files.log | 10 --- queries/error_files.log.bak | 26 ++++++ queries/error_messages.log | 60 ++++++-------- queries/error_messages.log.bak | 25 ++++++ queries/keys_and_secrets.yaml | 2 +- queries/keys_and_secrets.yaml.bak | 39 +++++++++ queries/kubernetes_clusters.yaml | 2 +- queries/kubernetes_clusters.yaml.bak | 54 +++++++++++++ queries/load_balancers.yaml | 2 +- queries/load_balancers.yaml.bak | 40 +++++++++ queries/network_&_file_stores.yaml | 2 +- queries/network_&_file_stores.yaml.bak | 34 ++++++++ queries/object_stores.yaml | 2 +- queries/object_stores.yaml.bak | 39 +++++++++ queries/processed_files.log.bak | 0 queries/server_workload.yaml | 2 +- queries/server_workload.yaml.bak | 61 ++++++++++++++ queries/snapshots_&_backup_media.yaml | 2 +- queries/snapshots_&_backup_media.yaml.bak | 39 +++++++++ 4404 files changed, 69341 insertions(+), 2185 deletions(-) create mode 100755 queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml.bak create mode 100755 queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml.bak create mode 100755 queries/11-aws_insight_acm_certificate_expired.yaml.bak create mode 100755 queries/12-aws_insight_ebs_snapshot_older_than_year.yaml.bak create mode 100755 queries/13-aws_insight_ec2_classic_load_balancer.yaml.bak create mode 100755 queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml.bak create mode 100755 queries/15-aws_insight_elb_application_lb_waf_enabled.yaml.bak create mode 100755 queries/16-aws_insight_vpc_with_public_cidr.yaml.bak create mode 100755 queries/17-azure_insight_compute_disk_unattached.yaml.bak create mode 100755 queries/17-azure_insight_compute_disk_unattached.yaml.bak.bak create mode 100755 queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml.bak create mode 100755 queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml.bak create mode 100755 queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml.bak create mode 100755 queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml.bak create mode 100755 queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml.bak create mode 100755 queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml.bak create mode 100755 queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml.bak create mode 100755 queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml.bak create mode 100755 queries/25-azure_insight_lb_failed.yaml.bak create mode 100755 queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml.bak create mode 100755 queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml.bak create mode 100755 queries/28-azure_insight_virtual_network_with_public_cidr.yaml.bak create mode 100755 queries/29-azure_insight_storage_account_with_public_blob_access.yaml.bak create mode 100755 queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak create mode 100755 queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak.bak create mode 100755 queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml.bak create mode 100755 queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak create mode 100755 queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak.bak create mode 100755 queries/32-aws_insight_loadbalancer_classic_no_logging.yaml.bak create mode 100755 queries/33-aws_insight_loadbalancer_application_no_logging.yaml.bak create mode 100755 queries/34-aws_insight_loadbalancer_network_no_logging.yaml.bak create mode 100755 queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml.bak create mode 100755 queries/36-aws_insight_deprecated_eks.yaml.bak create mode 100755 queries/37-azure_insight_legacy_application_gateway.yaml.bak create mode 100755 queries/38-azure_insight_legacy_virtual_machine.yaml.bak create mode 100755 queries/39-aws_insight_legacy_rds_instances.yaml.bak create mode 100755 queries/4-aws_insight_ebs_volume_unencrypted.yaml.bak create mode 100755 queries/40-aws_insight_accounts_without_cloudtrail.yaml.bak create mode 100755 queries/41-aws_insight_root_login_last_90_days.yaml.bak create mode 100755 queries/42-aws_insight_account_with_root_access_key.yaml.bak create mode 100755 queries/43-aws_insight_account_without_root_mfa.yaml.bak create mode 100755 queries/44-aws_insight_account_with_many_saml_providers.yaml.bak create mode 100755 queries/45-aws_insight_account_without_mfa.yaml.bak create mode 100755 queries/46-aws_insight_account_with_key_and_password.yaml.bak create mode 100755 queries/47-aws_insight_account_with_unused_key.yaml.bak create mode 100755 queries/48-aws_insight_iam_user_with_old_keys.yaml.bak create mode 100755 queries/49-aws_insight_iam_user_with_old_password.yaml.bak create mode 100755 queries/5-aws_insight_ebs_volume_unattached.yaml.bak create mode 100755 queries/6-aws_insight_ec2_instance_of_undesired_type.yaml.bak create mode 100755 queries/7-aws_insight_iam_user_with_admin_access.yaml.bak create mode 100755 queries/7-aws_insight_iam_user_with_admin_access.yaml.bak.bak create mode 100755 queries/8-aws_insight_iam_user_with_mfa_disabled.yaml.bak create mode 100755 queries/9-aws_insight_iam_user_with_inline_policies.yaml.bak create mode 100755 queries/ai_workload.yaml.bak create mode 100755 queries/autoscaling_workload.yaml.bak create mode 100755 queries/aws_accessanalyzer_analyzer_1.yaml.bak create mode 100755 queries/aws_accessanalyzer_analyzer_2.yaml.bak create mode 100755 queries/aws_accessanalyzer_analyzer_2.yaml.bak.bak create mode 100755 queries/aws_accessanalyzer_analyzer_3.yaml.bak create mode 100755 queries/aws_accessanalyzer_finding_1.yaml.bak create mode 100755 queries/aws_accessanalyzer_finding_1.yaml.bak.bak create mode 100755 queries/aws_accessanalyzer_finding_2.yaml.bak create mode 100755 queries/aws_accessanalyzer_finding_3.yaml.bak create mode 100755 queries/aws_accessanalyzer_finding_4.yaml.bak create mode 100755 queries/aws_account_1.yaml.bak create mode 100755 queries/aws_account_2.yaml.bak create mode 100755 queries/aws_account_2.yaml.bak.bak create mode 100755 queries/aws_account_alternate_contact_1.yaml.bak create mode 100755 queries/aws_account_alternate_contact_2.yaml.bak create mode 100755 queries/aws_account_alternate_contact_3.yaml.bak create mode 100755 queries/aws_account_alternate_contact_4.yaml.bak create mode 100755 queries/aws_account_contact_1.yaml.bak create mode 100755 queries/aws_account_contact_2.yaml.bak create mode 100755 queries/aws_acm_certificate_1.yaml.bak create mode 100755 queries/aws_acm_certificate_2.yaml.bak create mode 100755 queries/aws_acm_certificate_3.yaml.bak create mode 100755 queries/aws_acm_certificate_4.yaml.bak create mode 100755 queries/aws_acmpca_certificate_authority_1.yaml.bak create mode 100755 queries/aws_acmpca_certificate_authority_2.yaml.bak create mode 100755 queries/aws_acmpca_certificate_authority_3.yaml.bak create mode 100755 queries/aws_acmpca_certificate_authority_4.yaml.bak create mode 100755 queries/aws_amplify_app_1.yaml.bak create mode 100755 queries/aws_amplify_app_2.yaml.bak create mode 100755 queries/aws_amplify_app_3.yaml.bak create mode 100755 queries/aws_amplify_app_4.yaml.bak create mode 100755 queries/aws_amplify_app_5.yaml.bak create mode 100755 queries/aws_amplify_app_6.yaml.bak create mode 100755 queries/aws_amplify_app_6.yaml.bak.bak create mode 100755 queries/aws_amplify_app_7.yaml.bak create mode 100755 queries/aws_api_gateway_api_key_1.yaml.bak create mode 100755 queries/aws_api_gateway_api_key_2.yaml.bak create mode 100755 queries/aws_api_gateway_authorizer_1.yaml.bak create mode 100755 queries/aws_api_gateway_authorizer_2.yaml.bak create mode 100755 queries/aws_api_gateway_domain_name_1.yaml.bak create mode 100755 queries/aws_api_gateway_domain_name_2.yaml.bak create mode 100755 queries/aws_api_gateway_domain_name_3.yaml.bak create mode 100755 queries/aws_api_gateway_domain_name_4.yaml.bak create mode 100755 queries/aws_api_gateway_domain_name_5.yaml.bak create mode 100755 queries/aws_api_gateway_method_1.yaml.bak create mode 100755 queries/aws_api_gateway_method_2.yaml.bak create mode 100755 queries/aws_api_gateway_method_3.yaml.bak create mode 100755 queries/aws_api_gateway_method_4.yaml.bak create mode 100755 queries/aws_api_gateway_rest_api_1.yaml.bak create mode 100755 queries/aws_api_gateway_rest_api_2.yaml.bak create mode 100755 queries/aws_api_gateway_rest_api_3.yaml.bak create mode 100755 queries/aws_api_gateway_rest_api_4.yaml.bak create mode 100755 queries/aws_api_gateway_rest_api_5.yaml.bak create mode 100755 queries/aws_api_gateway_stage_1.yaml.bak create mode 100755 queries/aws_api_gateway_stage_2.yaml.bak create mode 100755 queries/aws_api_gateway_stage_3.yaml.bak create mode 100755 queries/aws_api_gateway_stage_4.yaml.bak create mode 100755 queries/aws_api_gateway_usage_plan_1.yaml.bak create mode 100755 queries/aws_api_gateway_usage_plan_2.yaml.bak create mode 100755 queries/aws_api_gateway_usage_plan_3.yaml.bak create mode 100755 queries/aws_api_gateway_usage_plan_3.yaml.bak.bak create mode 100755 queries/aws_api_gatewayv2_api_1.yaml.bak create mode 100755 queries/aws_api_gatewayv2_api_2.yaml.bak create mode 100755 queries/aws_api_gatewayv2_api_3.yaml.bak create mode 100755 queries/aws_api_gatewayv2_domain_name_1.yaml.bak create mode 100755 queries/aws_api_gatewayv2_domain_name_2.yaml.bak create mode 100755 queries/aws_api_gatewayv2_domain_name_3.yaml.bak create mode 100755 queries/aws_api_gatewayv2_domain_name_4.yaml.bak create mode 100755 queries/aws_api_gatewayv2_domain_name_5.yaml.bak create mode 100755 queries/aws_api_gatewayv2_integration_1.yaml.bak create mode 100755 queries/aws_api_gatewayv2_integration_1.yaml.bak.bak create mode 100755 queries/aws_api_gatewayv2_integration_2.yaml.bak create mode 100755 queries/aws_api_gatewayv2_route_1.yaml.bak create mode 100755 queries/aws_api_gatewayv2_route_2.yaml.bak create mode 100755 queries/aws_api_gatewayv2_route_3.yaml.bak create mode 100755 queries/aws_api_gatewayv2_stage_1.yaml.bak create mode 100755 queries/aws_api_gatewayv2_stage_2.yaml.bak create mode 100755 queries/aws_api_gatewayv2_stage_3.yaml.bak create mode 100755 queries/aws_api_gatewayv2_stage_4.yaml.bak create mode 100755 queries/aws_app_runner_service_1.yaml.bak create mode 100755 queries/aws_app_runner_service_2.yaml.bak create mode 100755 queries/aws_app_runner_service_3.yaml.bak create mode 100755 queries/aws_app_runner_service_4.yaml.bak create mode 100755 queries/aws_app_runner_service_5.yaml.bak create mode 100755 queries/aws_app_runner_service_6.yaml.bak create mode 100755 queries/aws_appautoscaling_policy_1.yaml.bak create mode 100755 queries/aws_appautoscaling_policy_1.yaml.bak.bak create mode 100755 queries/aws_appautoscaling_policy_2.yaml.bak create mode 100755 queries/aws_appautoscaling_policy_3.yaml.bak create mode 100755 queries/aws_appautoscaling_policy_4.yaml.bak create mode 100755 queries/aws_appautoscaling_policy_5.yaml.bak create mode 100755 queries/aws_appautoscaling_target_1.yaml.bak create mode 100755 queries/aws_appautoscaling_target_2.yaml.bak create mode 100755 queries/aws_appconfig_application_1.yaml.bak create mode 100755 queries/aws_appstream_fleet_1.yaml.bak create mode 100755 queries/aws_appstream_fleet_1.yaml.bak.bak create mode 100755 queries/aws_appstream_fleet_10.yaml.bak create mode 100755 queries/aws_appstream_fleet_2.yaml.bak create mode 100755 queries/aws_appstream_fleet_3.yaml.bak create mode 100755 queries/aws_appstream_fleet_4.yaml.bak create mode 100755 queries/aws_appstream_fleet_5.yaml.bak create mode 100755 queries/aws_appstream_fleet_6.yaml.bak create mode 100755 queries/aws_appstream_fleet_7.yaml.bak create mode 100755 queries/aws_appstream_fleet_8.yaml.bak create mode 100755 queries/aws_appstream_fleet_9.yaml.bak create mode 100755 queries/aws_appstream_image_1.yaml.bak create mode 100755 queries/aws_appstream_image_2.yaml.bak create mode 100755 queries/aws_appstream_image_3.yaml.bak create mode 100755 queries/aws_appstream_image_4.yaml.bak create mode 100755 queries/aws_appstream_image_5.yaml.bak create mode 100755 queries/aws_appstream_image_6.yaml.bak create mode 100755 queries/aws_appstream_image_7.yaml.bak create mode 100755 queries/aws_appstream_image_7.yaml.bak.bak create mode 100755 queries/aws_appstream_image_8.yaml.bak create mode 100755 queries/aws_appsync_graphql_api_1.yaml.bak create mode 100755 queries/aws_appsync_graphql_api_2.yaml.bak create mode 100755 queries/aws_appsync_graphql_api_3.yaml.bak create mode 100755 queries/aws_athena_query_execution_1.yaml.bak create mode 100755 queries/aws_athena_query_execution_2.yaml.bak create mode 100755 queries/aws_athena_query_execution_3.yaml.bak create mode 100755 queries/aws_athena_query_execution_3.yaml.bak.bak create mode 100755 queries/aws_athena_query_execution_4.yaml.bak create mode 100755 queries/aws_athena_workgroup_1.yaml.bak create mode 100755 queries/aws_athena_workgroup_2.yaml.bak create mode 100755 queries/aws_athena_workgroup_2.yaml.bak.bak create mode 100755 queries/aws_athena_workgroup_3.yaml.bak create mode 100755 queries/aws_athena_workgroup_4.yaml.bak create mode 100755 queries/aws_auditmanager_assessment_1.yaml.bak create mode 100755 queries/aws_auditmanager_assessment_2.yaml.bak create mode 100755 queries/aws_auditmanager_assessment_3.yaml.bak create mode 100755 queries/aws_auditmanager_control_1.yaml.bak create mode 100755 queries/aws_auditmanager_control_2.yaml.bak create mode 100755 queries/aws_auditmanager_evidence_1.yaml.bak create mode 100755 queries/aws_auditmanager_evidence_2.yaml.bak create mode 100755 queries/aws_auditmanager_evidence_folder_1.yaml.bak create mode 100755 queries/aws_auditmanager_evidence_folder_2.yaml.bak create mode 100755 queries/aws_auditmanager_framework_1.yaml.bak create mode 100755 queries/aws_auditmanager_framework_2.yaml.bak create mode 100755 queries/aws_availability_zone_1.yaml.bak create mode 100755 queries/aws_availability_zone_2.yaml.bak create mode 100755 queries/aws_availability_zone_2.yaml.bak.bak create mode 100755 queries/aws_availability_zone_3.yaml.bak create mode 100755 queries/aws_backup_framework_1.yaml.bak create mode 100755 queries/aws_backup_framework_2.yaml.bak create mode 100755 queries/aws_backup_framework_3.yaml.bak create mode 100755 queries/aws_backup_framework_4.yaml.bak create mode 100755 queries/aws_backup_framework_5.yaml.bak create mode 100755 queries/aws_backup_framework_6.yaml.bak create mode 100755 queries/aws_backup_job_1.yaml.bak create mode 100755 queries/aws_backup_job_1.yaml.bak.bak create mode 100755 queries/aws_backup_job_2.yaml.bak create mode 100755 queries/aws_backup_job_3.yaml.bak create mode 100755 queries/aws_backup_legal_hold_1.yaml.bak create mode 100755 queries/aws_backup_legal_hold_2.yaml.bak create mode 100755 queries/aws_backup_legal_hold_3.yaml.bak create mode 100755 queries/aws_backup_legal_hold_3.yaml.bak.bak create mode 100755 queries/aws_backup_plan_1.yaml.bak create mode 100755 queries/aws_backup_plan_2.yaml.bak create mode 100755 queries/aws_backup_plan_3.yaml.bak create mode 100755 queries/aws_backup_protected_resource_1.yaml.bak create mode 100755 queries/aws_backup_protected_resource_2.yaml.bak create mode 100755 queries/aws_backup_recovery_point_1.yaml.bak create mode 100755 queries/aws_backup_recovery_point_2.yaml.bak create mode 100755 queries/aws_backup_recovery_point_3.yaml.bak create mode 100755 queries/aws_backup_report_plan_1.yaml.bak create mode 100755 queries/aws_backup_report_plan_2.yaml.bak create mode 100755 queries/aws_backup_report_plan_3.yaml.bak create mode 100755 queries/aws_backup_report_plan_4.yaml.bak create mode 100755 queries/aws_backup_report_plan_5.yaml.bak create mode 100755 queries/aws_backup_report_plan_6.yaml.bak create mode 100755 queries/aws_backup_selection_1.yaml.bak create mode 100755 queries/aws_backup_selection_2.yaml.bak create mode 100755 queries/aws_backup_selection_2.yaml.bak.bak create mode 100755 queries/aws_backup_vault_1.yaml.bak create mode 100755 queries/aws_backup_vault_2.yaml.bak create mode 100755 queries/aws_backup_vault_2.yaml.bak.bak create mode 100755 queries/aws_backup_vault_3.yaml.bak create mode 100755 queries/aws_backup_vault_4.yaml.bak create mode 100755 queries/aws_cloudcontrol_resource_1.yaml.bak create mode 100755 queries/aws_cloudcontrol_resource_2.yaml.bak create mode 100755 queries/aws_cloudcontrol_resource_3.yaml.bak create mode 100755 queries/aws_cloudcontrol_resource_3.yaml.bak.bak create mode 100755 queries/aws_cloudcontrol_resource_4.yaml.bak create mode 100755 queries/aws_cloudformation_stack_1.yaml.bak create mode 100755 queries/aws_cloudformation_stack_2.yaml.bak create mode 100755 queries/aws_cloudformation_stack_2.yaml.bak.bak create mode 100755 queries/aws_cloudformation_stack_3.yaml.bak create mode 100755 queries/aws_cloudformation_stack_4.yaml.bak create mode 100755 queries/aws_cloudformation_stack_5.yaml.bak create mode 100755 queries/aws_cloudformation_stack_resource_1.yaml.bak create mode 100755 queries/aws_cloudformation_stack_resource_2.yaml.bak create mode 100755 queries/aws_cloudformation_stack_resource_3.yaml.bak create mode 100755 queries/aws_cloudformation_stack_resource_4.yaml.bak create mode 100755 queries/aws_cloudformation_stack_resource_5.yaml.bak create mode 100755 queries/aws_cloudformation_stack_set_1.yaml.bak create mode 100755 queries/aws_cloudformation_stack_set_2.yaml.bak create mode 100755 queries/aws_cloudformation_stack_set_3.yaml.bak create mode 100755 queries/aws_cloudformation_stack_set_4.yaml.bak create mode 100755 queries/aws_cloudfront_cache_policy_1.yaml.bak create mode 100755 queries/aws_cloudfront_cache_policy_2.yaml.bak create mode 100755 queries/aws_cloudfront_cache_policy_3.yaml.bak create mode 100755 queries/aws_cloudfront_distribution_1.yaml.bak create mode 100755 queries/aws_cloudfront_distribution_2.yaml.bak create mode 100755 queries/aws_cloudfront_distribution_3.yaml.bak create mode 100755 queries/aws_cloudfront_distribution_4.yaml.bak create mode 100755 queries/aws_cloudfront_distribution_4.yaml.bak.bak create mode 100755 queries/aws_cloudfront_distribution_5.yaml.bak create mode 100755 queries/aws_cloudfront_distribution_6.yaml.bak create mode 100755 queries/aws_cloudfront_function_1.yaml.bak create mode 100755 queries/aws_cloudfront_function_1.yaml.bak.bak create mode 100755 queries/aws_cloudfront_function_2.yaml.bak create mode 100755 queries/aws_cloudfront_function_3.yaml.bak create mode 100755 queries/aws_cloudfront_function_4.yaml.bak create mode 100755 queries/aws_cloudfront_origin_access_identity_1.yaml.bak create mode 100755 queries/aws_cloudfront_origin_access_identity_2.yaml.bak create mode 100755 queries/aws_cloudfront_origin_access_identity_2.yaml.bak.bak create mode 100755 queries/aws_cloudfront_origin_request_policy_1.yaml.bak create mode 100755 queries/aws_cloudfront_origin_request_policy_2.yaml.bak create mode 100755 queries/aws_cloudfront_response_headers_policy_1.yaml.bak create mode 100755 queries/aws_cloudfront_response_headers_policy_2.yaml.bak create mode 100755 queries/aws_cloudfront_response_headers_policy_3.yaml.bak create mode 100755 queries/aws_cloudfront_response_headers_policy_3.yaml.bak.bak create mode 100755 queries/aws_cloudsearch_domain_1.yaml.bak create mode 100755 queries/aws_cloudsearch_domain_2.yaml.bak create mode 100755 queries/aws_cloudsearch_domain_3.yaml.bak create mode 100755 queries/aws_cloudtrail_channel_1.yaml.bak create mode 100755 queries/aws_cloudtrail_channel_2.yaml.bak create mode 100755 queries/aws_cloudtrail_channel_3.yaml.bak create mode 100755 queries/aws_cloudtrail_event_data_store_1.yaml.bak create mode 100755 queries/aws_cloudtrail_event_data_store_2.yaml.bak create mode 100755 queries/aws_cloudtrail_event_data_store_3.yaml.bak create mode 100755 queries/aws_cloudtrail_import_1.yaml.bak create mode 100755 queries/aws_cloudtrail_import_2.yaml.bak create mode 100755 queries/aws_cloudtrail_import_3.yaml.bak create mode 100755 queries/aws_cloudtrail_import_4.yaml.bak create mode 100755 queries/aws_cloudtrail_import_5.yaml.bak create mode 100755 queries/aws_cloudtrail_import_5.yaml.bak.bak create mode 100755 queries/aws_cloudtrail_lookup_event_1.yaml.bak create mode 100755 queries/aws_cloudtrail_lookup_event_2.yaml.bak create mode 100755 queries/aws_cloudtrail_lookup_event_3.yaml.bak create mode 100755 queries/aws_cloudtrail_query_1.yaml.bak create mode 100755 queries/aws_cloudtrail_query_2.yaml.bak create mode 100755 queries/aws_cloudtrail_query_3.yaml.bak create mode 100755 queries/aws_cloudtrail_query_3.yaml.bak.bak create mode 100755 queries/aws_cloudtrail_query_4.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_1.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_2.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_3.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_4.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_5.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_6.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_7.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_7.yaml.bak.bak create mode 100755 queries/aws_cloudtrail_trail_event_1.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_event_2.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_event_2.yaml.bak.bak create mode 100755 queries/aws_cloudtrail_trail_event_3.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_event_4.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_event_5.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_event_6.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_event_7.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_event_8.yaml.bak create mode 100755 queries/aws_cloudtrail_trail_event_9.yaml.bak create mode 100755 queries/aws_cloudwatch_alarm_1.yaml.bak create mode 100755 queries/aws_cloudwatch_alarm_2.yaml.bak create mode 100755 queries/aws_cloudwatch_alarm_3.yaml.bak create mode 100755 queries/aws_cloudwatch_alarm_4.yaml.bak create mode 100755 queries/aws_cloudwatch_alarm_5.yaml.bak create mode 100755 queries/aws_cloudwatch_log_event_1.yaml.bak create mode 100755 queries/aws_cloudwatch_log_event_2.yaml.bak create mode 100755 queries/aws_cloudwatch_log_event_3.yaml.bak create mode 100755 queries/aws_cloudwatch_log_event_4.yaml.bak create mode 100755 queries/aws_cloudwatch_log_event_5.yaml.bak create mode 100755 queries/aws_cloudwatch_log_event_5.yaml.bak.bak create mode 100755 queries/aws_cloudwatch_log_event_6.yaml.bak create mode 100755 queries/aws_cloudwatch_log_group_1.yaml.bak create mode 100755 queries/aws_cloudwatch_log_group_2.yaml.bak create mode 100755 queries/aws_cloudwatch_log_group_3.yaml.bak create mode 100755 queries/aws_cloudwatch_log_group_4.yaml.bak create mode 100755 queries/aws_cloudwatch_log_group_5.yaml.bak create mode 100755 queries/aws_cloudwatch_log_metric_filter_1.yaml.bak create mode 100755 queries/aws_cloudwatch_log_metric_filter_2.yaml.bak create mode 100755 queries/aws_cloudwatch_log_metric_filter_2.yaml.bak.bak create mode 100755 queries/aws_cloudwatch_log_metric_filter_3.yaml.bak create mode 100755 queries/aws_cloudwatch_log_resource_policy_1.yaml.bak create mode 100755 queries/aws_cloudwatch_log_stream_1.yaml.bak create mode 100755 queries/aws_cloudwatch_log_stream_2.yaml.bak create mode 100755 queries/aws_cloudwatch_log_subscription_filter_1.yaml.bak create mode 100755 queries/aws_cloudwatch_log_subscription_filter_2.yaml.bak create mode 100755 queries/aws_cloudwatch_log_subscription_filter_3.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_1.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_2.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_3.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_3.yaml.bak.bak create mode 100755 queries/aws_cloudwatch_metric_4.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_5.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_data_point_1.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_data_point_2.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_data_point_2.yaml.bak.bak create mode 100755 queries/aws_cloudwatch_metric_data_point_3.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_data_point_4.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_data_point_5.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_data_point_6.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_1.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_2.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_3.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_4.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_5.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_6.yaml.bak create mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_7.yaml.bak create mode 100755 queries/aws_codeartifact_domain_1.yaml.bak create mode 100755 queries/aws_codeartifact_domain_2.yaml.bak create mode 100755 queries/aws_codeartifact_domain_3.yaml.bak create mode 100755 queries/aws_codeartifact_domain_4.yaml.bak create mode 100755 queries/aws_codeartifact_domain_4.yaml.bak.bak create mode 100755 queries/aws_codeartifact_domain_5.yaml.bak create mode 100755 queries/aws_codeartifact_domain_6.yaml.bak create mode 100755 queries/aws_codeartifact_domain_7.yaml.bak create mode 100755 queries/aws_codeartifact_repository_1.yaml.bak create mode 100755 queries/aws_codeartifact_repository_2.yaml.bak create mode 100755 queries/aws_codeartifact_repository_3.yaml.bak create mode 100755 queries/aws_codeartifact_repository_4.yaml.bak create mode 100755 queries/aws_codebuild_build_1.yaml.bak create mode 100755 queries/aws_codebuild_build_10.yaml.bak create mode 100755 queries/aws_codebuild_build_10.yaml.bak.bak create mode 100755 queries/aws_codebuild_build_11.yaml.bak create mode 100755 queries/aws_codebuild_build_2.yaml.bak create mode 100755 queries/aws_codebuild_build_2.yaml.bak.bak create mode 100755 queries/aws_codebuild_build_3.yaml.bak create mode 100755 queries/aws_codebuild_build_4.yaml.bak create mode 100755 queries/aws_codebuild_build_5.yaml.bak create mode 100755 queries/aws_codebuild_build_6.yaml.bak create mode 100755 queries/aws_codebuild_build_7.yaml.bak create mode 100755 queries/aws_codebuild_build_8.yaml.bak create mode 100755 queries/aws_codebuild_build_9.yaml.bak create mode 100755 queries/aws_codebuild_project_1.yaml.bak create mode 100755 queries/aws_codebuild_project_2.yaml.bak create mode 100755 queries/aws_codebuild_project_3.yaml.bak create mode 100755 queries/aws_codebuild_project_4.yaml.bak create mode 100755 queries/aws_codebuild_project_5.yaml.bak create mode 100755 queries/aws_codebuild_source_credential_1.yaml.bak create mode 100755 queries/aws_codebuild_source_credential_2.yaml.bak create mode 100755 queries/aws_codecommit_repository_1.yaml.bak create mode 100755 queries/aws_codedeploy_app_1.yaml.bak create mode 100755 queries/aws_codedeploy_app_1.yaml.bak.bak create mode 100755 queries/aws_codedeploy_app_2.yaml.bak create mode 100755 queries/aws_codedeploy_app_3.yaml.bak create mode 100755 queries/aws_codedeploy_deployment_config_1.yaml.bak create mode 100755 queries/aws_codedeploy_deployment_config_2.yaml.bak create mode 100755 queries/aws_codedeploy_deployment_config_3.yaml.bak create mode 100755 queries/aws_codedeploy_deployment_config_4.yaml.bak create mode 100755 queries/aws_codedeploy_deployment_config_5.yaml.bak create mode 100755 queries/aws_codedeploy_deployment_config_6.yaml.bak create mode 100755 queries/aws_codedeploy_deployment_group_1.yaml.bak create mode 100755 queries/aws_codedeploy_deployment_group_2.yaml.bak create mode 100755 queries/aws_codedeploy_deployment_group_3.yaml.bak create mode 100755 queries/aws_codedeploy_deployment_group_4.yaml.bak create mode 100755 queries/aws_codedeploy_deployment_group_5.yaml.bak create mode 100755 queries/aws_codedeploy_deployment_group_6.yaml.bak create mode 100755 queries/aws_codedeploy_deployment_group_6.yaml.bak.bak create mode 100755 queries/aws_codedeploy_deployment_group_7.yaml.bak create mode 100755 queries/aws_codepipeline_pipeline_1.yaml.bak create mode 100755 queries/aws_codepipeline_pipeline_2.yaml.bak create mode 100755 queries/aws_codestar_notification_rule_1.yaml.bak create mode 100755 queries/aws_codestar_notification_rule_2.yaml.bak create mode 100755 queries/aws_codestar_notification_rule_3.yaml.bak create mode 100755 queries/aws_codestar_notification_rule_4.yaml.bak create mode 100755 queries/aws_codestar_notification_rule_5.yaml.bak create mode 100755 queries/aws_cognito_identity_pool_1.yaml.bak create mode 100755 queries/aws_cognito_identity_pool_2.yaml.bak create mode 100755 queries/aws_cognito_identity_pool_3.yaml.bak create mode 100755 queries/aws_cognito_identity_pool_4.yaml.bak create mode 100755 queries/aws_cognito_identity_provider_1.yaml.bak create mode 100755 queries/aws_cognito_identity_provider_2.yaml.bak create mode 100755 queries/aws_cognito_user_pool_1.yaml.bak create mode 100755 queries/aws_cognito_user_pool_2.yaml.bak create mode 100755 queries/aws_config_aggregate_authorization_1.yaml.bak create mode 100755 queries/aws_config_configuration_recorder_1.yaml.bak create mode 100755 queries/aws_config_configuration_recorder_2.yaml.bak create mode 100755 queries/aws_config_configuration_recorder_3.yaml.bak create mode 100755 queries/aws_config_conformance_pack_1.yaml.bak create mode 100755 queries/aws_config_conformance_pack_1.yaml.bak.bak create mode 100755 queries/aws_config_conformance_pack_2.yaml.bak create mode 100755 queries/aws_config_conformance_pack_3.yaml.bak create mode 100755 queries/aws_config_retention_configuration_1.yaml.bak create mode 100755 queries/aws_config_retention_configuration_2.yaml.bak create mode 100755 queries/aws_config_retention_configuration_3.yaml.bak create mode 100755 queries/aws_config_retention_configuration_4.yaml.bak create mode 100755 queries/aws_config_rule_1.yaml.bak create mode 100755 queries/aws_config_rule_2.yaml.bak create mode 100755 queries/aws_config_rule_3.yaml.bak create mode 100755 queries/aws_config_rule_4.yaml.bak create mode 100755 queries/aws_config_rule_5.yaml.bak create mode 100755 queries/aws_config_rule_5.yaml.bak.bak create mode 100755 queries/aws_config_rule_6.yaml.bak create mode 100755 queries/aws_cost_by_account_daily_1.yaml.bak create mode 100755 queries/aws_cost_by_account_daily_2.yaml.bak create mode 100755 queries/aws_cost_by_account_daily_3.yaml.bak create mode 100755 queries/aws_cost_by_account_monthly_1.yaml.bak create mode 100755 queries/aws_cost_by_account_monthly_2.yaml.bak create mode 100755 queries/aws_cost_by_account_monthly_3.yaml.bak create mode 100755 queries/aws_cost_by_account_monthly_4.yaml.bak create mode 100755 queries/aws_cost_by_record_type_daily_1.yaml.bak create mode 100755 queries/aws_cost_by_record_type_daily_2.yaml.bak create mode 100755 queries/aws_cost_by_record_type_daily_3.yaml.bak create mode 100755 queries/aws_cost_by_record_type_monthly_1.yaml.bak create mode 100755 queries/aws_cost_by_record_type_monthly_2.yaml.bak create mode 100755 queries/aws_cost_by_record_type_monthly_3.yaml.bak create mode 100755 queries/aws_cost_by_record_type_monthly_3.yaml.bak.bak create mode 100755 queries/aws_cost_by_service_daily_1.yaml.bak create mode 100755 queries/aws_cost_by_service_daily_2.yaml.bak create mode 100755 queries/aws_cost_by_service_daily_3.yaml.bak create mode 100755 queries/aws_cost_by_service_daily_4.yaml.bak create mode 100755 queries/aws_cost_by_service_daily_5.yaml.bak create mode 100755 queries/aws_cost_by_service_daily_5.yaml.bak.bak create mode 100755 queries/aws_cost_by_service_monthly_1.yaml.bak create mode 100755 queries/aws_cost_by_service_monthly_2.yaml.bak create mode 100755 queries/aws_cost_by_service_monthly_3.yaml.bak create mode 100755 queries/aws_cost_by_service_monthly_4.yaml.bak create mode 100755 queries/aws_cost_by_service_monthly_5.yaml.bak create mode 100755 queries/aws_cost_by_service_monthly_6.yaml.bak create mode 100755 queries/aws_cost_by_service_usage_type_daily_1.yaml.bak create mode 100755 queries/aws_cost_by_service_usage_type_daily_2.yaml.bak create mode 100755 queries/aws_cost_by_service_usage_type_daily_3.yaml.bak create mode 100755 queries/aws_cost_by_service_usage_type_daily_4.yaml.bak create mode 100755 queries/aws_cost_by_service_usage_type_monthly_1.yaml.bak create mode 100755 queries/aws_cost_by_service_usage_type_monthly_2.yaml.bak create mode 100755 queries/aws_cost_by_service_usage_type_monthly_3.yaml.bak create mode 100755 queries/aws_cost_by_service_usage_type_monthly_4.yaml.bak create mode 100755 queries/aws_cost_by_tag_1.yaml.bak create mode 100755 queries/aws_cost_by_tag_2.yaml.bak create mode 100755 queries/aws_cost_by_tag_3.yaml.bak create mode 100755 queries/aws_cost_forecast_daily_1.yaml.bak create mode 100755 queries/aws_cost_forecast_monthly_1.yaml.bak create mode 100755 queries/aws_cost_forecast_monthly_2.yaml.bak create mode 100755 queries/aws_cost_usage_1.yaml.bak create mode 100755 queries/aws_cost_usage_2.yaml.bak create mode 100755 queries/aws_cost_usage_3.yaml.bak create mode 100755 queries/aws_cost_usage_4.yaml.bak create mode 100755 queries/aws_dax_cluster_1.yaml.bak create mode 100755 queries/aws_dax_cluster_2.yaml.bak create mode 100755 queries/aws_dax_cluster_3.yaml.bak create mode 100755 queries/aws_dax_cluster_4.yaml.bak create mode 100755 queries/aws_dax_cluster_4.yaml.bak.bak create mode 100755 queries/aws_dax_parameter_1.yaml.bak create mode 100755 queries/aws_dax_parameter_2.yaml.bak create mode 100755 queries/aws_dax_parameter_2.yaml.bak.bak create mode 100755 queries/aws_dax_parameter_3.yaml.bak create mode 100755 queries/aws_dax_parameter_group_1.yaml.bak create mode 100755 queries/aws_dax_parameter_group_2.yaml.bak create mode 100755 queries/aws_dax_subnet_group_1.yaml.bak create mode 100755 queries/aws_dax_subnet_group_2.yaml.bak create mode 100755 queries/aws_dax_subnet_group_3.yaml.bak create mode 100755 queries/aws_directory_service_certificate_1.yaml.bak create mode 100755 queries/aws_directory_service_certificate_2.yaml.bak create mode 100755 queries/aws_directory_service_certificate_2.yaml.bak.bak create mode 100755 queries/aws_directory_service_certificate_3.yaml.bak create mode 100755 queries/aws_directory_service_certificate_4.yaml.bak create mode 100755 queries/aws_directory_service_certificate_5.yaml.bak create mode 100755 queries/aws_directory_service_certificate_6.yaml.bak create mode 100755 queries/aws_directory_service_certificate_7.yaml.bak create mode 100755 queries/aws_directory_service_certificate_8.yaml.bak create mode 100755 queries/aws_directory_service_directory_1.yaml.bak create mode 100755 queries/aws_directory_service_directory_2.yaml.bak create mode 100755 queries/aws_directory_service_directory_3.yaml.bak create mode 100755 queries/aws_directory_service_directory_4.yaml.bak create mode 100755 queries/aws_directory_service_directory_5.yaml.bak create mode 100755 queries/aws_directory_servicelog_subscription_1.yaml.bak create mode 100755 queries/aws_directory_servicelog_subscription_2.yaml.bak create mode 100755 queries/aws_directory_servicelog_subscription_2.yaml.bak.bak create mode 100755 queries/aws_dlm_lifecycle_policy_1.yaml.bak create mode 100755 queries/aws_dlm_lifecycle_policy_2.yaml.bak create mode 100755 queries/aws_dlm_lifecycle_policy_3.yaml.bak create mode 100755 queries/aws_dlm_lifecycle_policy_4.yaml.bak create mode 100755 queries/aws_dms_certificate_1.yaml.bak create mode 100755 queries/aws_dms_certificate_2.yaml.bak create mode 100755 queries/aws_dms_certificate_2.yaml.bak.bak create mode 100755 queries/aws_dms_certificate_3.yaml.bak create mode 100755 queries/aws_dms_certificate_4.yaml.bak create mode 100755 queries/aws_dms_certificate_5.yaml.bak create mode 100755 queries/aws_dms_endpoint_1.yaml.bak create mode 100755 queries/aws_dms_endpoint_2.yaml.bak create mode 100755 queries/aws_dms_endpoint_3.yaml.bak create mode 100755 queries/aws_dms_endpoint_4.yaml.bak create mode 100755 queries/aws_dms_endpoint_5.yaml.bak create mode 100755 queries/aws_dms_replication_instance_1.yaml.bak create mode 100755 queries/aws_dms_replication_instance_2.yaml.bak create mode 100755 queries/aws_dms_replication_instance_3.yaml.bak create mode 100755 queries/aws_dms_replication_instance_4.yaml.bak create mode 100755 queries/aws_dms_replication_instance_5.yaml.bak create mode 100755 queries/aws_dms_replication_task_1.yaml.bak create mode 100755 queries/aws_dms_replication_task_2.yaml.bak create mode 100755 queries/aws_dms_replication_task_3.yaml.bak create mode 100755 queries/aws_dms_replication_task_4.yaml.bak create mode 100755 queries/aws_dms_replication_task_5.yaml.bak create mode 100755 queries/aws_dms_replication_task_6.yaml.bak create mode 100755 queries/aws_dms_replication_task_7.yaml.bak create mode 100755 queries/aws_dms_replication_task_7.yaml.bak.bak create mode 100755 queries/aws_docdb_cluster_1.yaml.bak create mode 100755 queries/aws_docdb_cluster_2.yaml.bak create mode 100755 queries/aws_docdb_cluster_3.yaml.bak create mode 100755 queries/aws_docdb_cluster_3.yaml.bak.bak create mode 100755 queries/aws_docdb_cluster_4.yaml.bak create mode 100755 queries/aws_docdb_cluster_5.yaml.bak create mode 100755 queries/aws_docdb_cluster_6.yaml.bak create mode 100755 queries/aws_docdb_cluster_7.yaml.bak create mode 100755 queries/aws_docdb_cluster_instance_1.yaml.bak create mode 100755 queries/aws_docdb_cluster_instance_2.yaml.bak create mode 100755 queries/aws_docdb_cluster_instance_3.yaml.bak create mode 100755 queries/aws_docdb_cluster_instance_4.yaml.bak create mode 100755 queries/aws_docdb_cluster_instance_5.yaml.bak create mode 100755 queries/aws_docdb_cluster_instance_6.yaml.bak create mode 100755 queries/aws_docdb_cluster_instance_7.yaml.bak create mode 100755 queries/aws_docdb_cluster_snapshot_1.yaml.bak create mode 100755 queries/aws_docdb_cluster_snapshot_2.yaml.bak create mode 100755 queries/aws_docdb_cluster_snapshot_3.yaml.bak create mode 100755 queries/aws_docdb_cluster_snapshot_4.yaml.bak create mode 100755 queries/aws_drs_job_1.yaml.bak create mode 100755 queries/aws_drs_job_2.yaml.bak create mode 100755 queries/aws_drs_job_3.yaml.bak create mode 100755 queries/aws_drs_recovery_instance_1.yaml.bak create mode 100755 queries/aws_drs_recovery_instance_2.yaml.bak create mode 100755 queries/aws_drs_recovery_instance_3.yaml.bak create mode 100755 queries/aws_drs_recovery_instance_4.yaml.bak create mode 100755 queries/aws_drs_recovery_instance_5.yaml.bak create mode 100755 queries/aws_drs_recovery_snapshot_1.yaml.bak create mode 100755 queries/aws_drs_recovery_snapshot_2.yaml.bak create mode 100755 queries/aws_drs_recovery_snapshot_3.yaml.bak create mode 100755 queries/aws_drs_recovery_snapshot_4.yaml.bak create mode 100755 queries/aws_drs_recovery_snapshot_5.yaml.bak create mode 100755 queries/aws_drs_source_server_1.yaml.bak create mode 100755 queries/aws_drs_source_server_2.yaml.bak create mode 100755 queries/aws_drs_source_server_3.yaml.bak create mode 100755 queries/aws_drs_source_server_4.yaml.bak create mode 100755 queries/aws_drs_source_server_5.yaml.bak create mode 100755 queries/aws_drs_source_server_6.yaml.bak create mode 100755 queries/aws_drs_source_server_6.yaml.bak.bak create mode 100755 queries/aws_drs_source_server_7.yaml.bak create mode 100755 queries/aws_dynamodb_backup_1.yaml.bak create mode 100755 queries/aws_dynamodb_backup_2.yaml.bak create mode 100755 queries/aws_dynamodb_global_table_1.yaml.bak create mode 100755 queries/aws_dynamodb_global_table_2.yaml.bak create mode 100755 queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak create mode 100755 queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak.bak create mode 100755 queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml.bak create mode 100755 queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak create mode 100755 queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak.bak create mode 100755 queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml.bak create mode 100755 queries/aws_dynamodb_table_1.yaml.bak create mode 100755 queries/aws_dynamodb_table_2.yaml.bak create mode 100755 queries/aws_dynamodb_table_3.yaml.bak create mode 100755 queries/aws_dynamodb_table_4.yaml.bak create mode 100755 queries/aws_dynamodb_table_export_1.yaml.bak create mode 100755 queries/aws_dynamodb_table_export_2.yaml.bak create mode 100755 queries/aws_dynamodb_table_export_2.yaml.bak.bak create mode 100755 queries/aws_dynamodb_table_export_3.yaml.bak create mode 100755 queries/aws_ebs_snapshot_1.yaml.bak create mode 100755 queries/aws_ebs_snapshot_2.yaml.bak create mode 100755 queries/aws_ebs_snapshot_3.yaml.bak create mode 100755 queries/aws_ebs_snapshot_4.yaml.bak create mode 100755 queries/aws_ebs_snapshot_4.yaml.bak.bak create mode 100755 queries/aws_ebs_snapshot_5.yaml.bak create mode 100755 queries/aws_ebs_snapshot_6.yaml.bak create mode 100755 queries/aws_ebs_snapshot_7.yaml.bak create mode 100755 queries/aws_ebs_volume_1.yaml.bak create mode 100755 queries/aws_ebs_volume_2.yaml.bak create mode 100755 queries/aws_ebs_volume_3.yaml.bak create mode 100755 queries/aws_ebs_volume_3.yaml.bak.bak create mode 100755 queries/aws_ebs_volume_4.yaml.bak create mode 100755 queries/aws_ebs_volume_5.yaml.bak create mode 100755 queries/aws_ebs_volume_6.yaml.bak create mode 100755 queries/aws_ebs_volume_7.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_1.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_1.yaml.bak.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_2.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_3.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_4.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_daily_1.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_daily_2.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_daily_3.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_daily_4.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_1.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_2.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_3.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_3.yaml.bak.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_4.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_daily_1.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_daily_3.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_daily_4.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml.bak create mode 100755 queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml.bak create mode 100755 queries/aws_ec2_ami_1.yaml.bak create mode 100755 queries/aws_ec2_ami_2.yaml.bak create mode 100755 queries/aws_ec2_ami_3.yaml.bak create mode 100755 queries/aws_ec2_ami_3.yaml.bak.bak create mode 100755 queries/aws_ec2_ami_4.yaml.bak create mode 100755 queries/aws_ec2_ami_shared_1.yaml.bak create mode 100755 queries/aws_ec2_ami_shared_2.yaml.bak create mode 100755 queries/aws_ec2_ami_shared_2.yaml.bak.bak create mode 100755 queries/aws_ec2_ami_shared_3.yaml.bak create mode 100755 queries/aws_ec2_application_load_balancer_1.yaml.bak create mode 100755 queries/aws_ec2_application_load_balancer_2.yaml.bak create mode 100755 queries/aws_ec2_application_load_balancer_3.yaml.bak create mode 100755 queries/aws_ec2_application_load_balancer_4.yaml.bak create mode 100755 queries/aws_ec2_application_load_balancer_5.yaml.bak create mode 100755 queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml.bak create mode 100755 queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml.bak create mode 100755 queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml.bak create mode 100755 queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml.bak create mode 100755 queries/aws_ec2_autoscaling_group_1.yaml.bak create mode 100755 queries/aws_ec2_autoscaling_group_2.yaml.bak create mode 100755 queries/aws_ec2_autoscaling_group_3.yaml.bak create mode 100755 queries/aws_ec2_autoscaling_group_4.yaml.bak create mode 100755 queries/aws_ec2_capacity_reservation_1.yaml.bak create mode 100755 queries/aws_ec2_capacity_reservation_2.yaml.bak create mode 100755 queries/aws_ec2_capacity_reservation_3.yaml.bak create mode 100755 queries/aws_ec2_classic_load_balancer_1.yaml.bak create mode 100755 queries/aws_ec2_classic_load_balancer_2.yaml.bak create mode 100755 queries/aws_ec2_classic_load_balancer_3.yaml.bak create mode 100755 queries/aws_ec2_classic_load_balancer_4.yaml.bak create mode 100755 queries/aws_ec2_classic_load_balancer_5.yaml.bak create mode 100755 queries/aws_ec2_client_vpn_endpoint_1.yaml.bak create mode 100755 queries/aws_ec2_client_vpn_endpoint_2.yaml.bak create mode 100755 queries/aws_ec2_client_vpn_endpoint_3.yaml.bak create mode 100755 queries/aws_ec2_client_vpn_endpoint_4.yaml.bak create mode 100755 queries/aws_ec2_client_vpn_endpoint_5.yaml.bak create mode 100755 queries/aws_ec2_client_vpn_endpoint_6.yaml.bak create mode 100755 queries/aws_ec2_client_vpn_endpoint_7.yaml.bak create mode 100755 queries/aws_ec2_gateway_load_balancer_1.yaml.bak create mode 100755 queries/aws_ec2_gateway_load_balancer_2.yaml.bak create mode 100755 queries/aws_ec2_gateway_load_balancer_3.yaml.bak create mode 100755 queries/aws_ec2_gateway_load_balancer_4.yaml.bak create mode 100755 queries/aws_ec2_gateway_load_balancer_4.yaml.bak.bak create mode 100755 queries/aws_ec2_gateway_load_balancer_5.yaml.bak create mode 100755 queries/aws_ec2_gateway_load_balancer_6.yaml.bak create mode 100755 queries/aws_ec2_gateway_load_balancer_7.yaml.bak create mode 100755 queries/aws_ec2_instance_1.yaml.bak create mode 100755 queries/aws_ec2_instance_10.yaml.bak create mode 100755 queries/aws_ec2_instance_11.yaml.bak create mode 100755 queries/aws_ec2_instance_12.yaml.bak create mode 100755 queries/aws_ec2_instance_12.yaml.bak.bak create mode 100755 queries/aws_ec2_instance_13.yaml.bak create mode 100755 queries/aws_ec2_instance_14.yaml.bak create mode 100755 queries/aws_ec2_instance_15.yaml.bak create mode 100755 queries/aws_ec2_instance_2.yaml.bak create mode 100755 queries/aws_ec2_instance_3.yaml.bak create mode 100755 queries/aws_ec2_instance_4.yaml.bak create mode 100755 queries/aws_ec2_instance_5.yaml.bak create mode 100755 queries/aws_ec2_instance_6.yaml.bak create mode 100755 queries/aws_ec2_instance_7.yaml.bak create mode 100755 queries/aws_ec2_instance_8.yaml.bak create mode 100755 queries/aws_ec2_instance_9.yaml.bak create mode 100755 queries/aws_ec2_instance_availability_1.yaml.bak create mode 100755 queries/aws_ec2_instance_availability_2.yaml.bak create mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_1.yaml.bak create mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_2.yaml.bak create mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml.bak create mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml.bak create mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml.bak create mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak create mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak.bak create mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml.bak create mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml.bak create mode 100755 queries/aws_ec2_instance_type_1.yaml.bak create mode 100755 queries/aws_ec2_instance_type_2.yaml.bak create mode 100755 queries/aws_ec2_instance_type_2.yaml.bak.bak create mode 100755 queries/aws_ec2_instance_type_3.yaml.bak create mode 100755 queries/aws_ec2_instance_type_4.yaml.bak create mode 100755 queries/aws_ec2_instance_type_5.yaml.bak create mode 100755 queries/aws_ec2_key_pair_1.yaml.bak create mode 100755 queries/aws_ec2_key_pair_2.yaml.bak create mode 100755 queries/aws_ec2_launch_configuration_1.yaml.bak create mode 100755 queries/aws_ec2_launch_configuration_2.yaml.bak create mode 100755 queries/aws_ec2_launch_configuration_3.yaml.bak create mode 100755 queries/aws_ec2_launch_configuration_4.yaml.bak create mode 100755 queries/aws_ec2_launch_configuration_5.yaml.bak create mode 100755 queries/aws_ec2_launch_template_1.yaml.bak create mode 100755 queries/aws_ec2_launch_template_2.yaml.bak create mode 100755 queries/aws_ec2_launch_template_3.yaml.bak create mode 100755 queries/aws_ec2_launch_template_version_1.yaml.bak create mode 100755 queries/aws_ec2_launch_template_version_2.yaml.bak create mode 100755 queries/aws_ec2_launch_template_version_3.yaml.bak create mode 100755 queries/aws_ec2_launch_template_version_4.yaml.bak create mode 100755 queries/aws_ec2_launch_template_version_5.yaml.bak create mode 100755 queries/aws_ec2_launch_template_version_6.yaml.bak create mode 100755 queries/aws_ec2_launch_template_version_7.yaml.bak create mode 100755 queries/aws_ec2_launch_template_version_8.yaml.bak create mode 100755 queries/aws_ec2_launch_template_version_9.yaml.bak create mode 100755 queries/aws_ec2_load_balancer_listener_1.yaml.bak create mode 100755 queries/aws_ec2_load_balancer_listener_2.yaml.bak create mode 100755 queries/aws_ec2_load_balancer_listener_2.yaml.bak.bak create mode 100755 queries/aws_ec2_load_balancer_listener_3.yaml.bak create mode 100755 queries/aws_ec2_load_balancer_listener_rule_1.yaml.bak create mode 100755 queries/aws_ec2_load_balancer_listener_rule_2.yaml.bak create mode 100755 queries/aws_ec2_load_balancer_listener_rule_3.yaml.bak create mode 100755 queries/aws_ec2_load_balancer_listener_rule_4.yaml.bak create mode 100755 queries/aws_ec2_load_balancer_listener_rule_5.yaml.bak create mode 100755 queries/aws_ec2_load_balancer_listener_rule_6.yaml.bak create mode 100755 queries/aws_ec2_managed_prefix_list_1.yaml.bak create mode 100755 queries/aws_ec2_managed_prefix_list_1.yaml.bak.bak create mode 100755 queries/aws_ec2_managed_prefix_list_2.yaml.bak create mode 100755 queries/aws_ec2_managed_prefix_list_3.yaml.bak create mode 100755 queries/aws_ec2_managed_prefix_list_4.yaml.bak create mode 100755 queries/aws_ec2_managed_prefix_list_5.yaml.bak create mode 100755 queries/aws_ec2_managed_prefix_list_6.yaml.bak create mode 100755 queries/aws_ec2_managed_prefix_list_entry_1.yaml.bak create mode 100755 queries/aws_ec2_managed_prefix_list_entry_2.yaml.bak create mode 100755 queries/aws_ec2_managed_prefix_list_entry_3.yaml.bak create mode 100755 queries/aws_ec2_network_interface_1.yaml.bak create mode 100755 queries/aws_ec2_network_interface_2.yaml.bak create mode 100755 queries/aws_ec2_network_interface_3.yaml.bak create mode 100755 queries/aws_ec2_network_interface_3.yaml.bak.bak create mode 100755 queries/aws_ec2_network_interface_4.yaml.bak create mode 100755 queries/aws_ec2_network_interface_5.yaml.bak create mode 100755 queries/aws_ec2_network_load_balancer_1.yaml.bak create mode 100755 queries/aws_ec2_network_load_balancer_2.yaml.bak create mode 100755 queries/aws_ec2_network_load_balancer_3.yaml.bak create mode 100755 queries/aws_ec2_network_load_balancer_4.yaml.bak create mode 100755 queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml.bak create mode 100755 queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml.bak create mode 100755 queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml.bak create mode 100755 queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml.bak create mode 100755 queries/aws_ec2_regional_settings_1.yaml.bak create mode 100755 queries/aws_ec2_regional_settings_2.yaml.bak create mode 100755 queries/aws_ec2_regional_settings_3.yaml.bak create mode 100755 queries/aws_ec2_reserved_instance_1.yaml.bak create mode 100755 queries/aws_ec2_reserved_instance_1.yaml.bak.bak create mode 100755 queries/aws_ec2_reserved_instance_2.yaml.bak create mode 100755 queries/aws_ec2_reserved_instance_3.yaml.bak create mode 100755 queries/aws_ec2_reserved_instance_4.yaml.bak create mode 100755 queries/aws_ec2_reserved_instance_5.yaml.bak create mode 100755 queries/aws_ec2_spot_price_1.yaml.bak create mode 100755 queries/aws_ec2_ssl_policy_1.yaml.bak create mode 100755 queries/aws_ec2_ssl_policy_1.yaml.bak.bak create mode 100755 queries/aws_ec2_ssl_policy_2.yaml.bak create mode 100755 queries/aws_ec2_target_group_1.yaml.bak create mode 100755 queries/aws_ec2_target_group_2.yaml.bak create mode 100755 queries/aws_ec2_target_group_3.yaml.bak create mode 100755 queries/aws_ec2_target_group_4.yaml.bak create mode 100755 queries/aws_ec2_transit_gateway_1.yaml.bak create mode 100755 queries/aws_ec2_transit_gateway_2.yaml.bak create mode 100755 queries/aws_ec2_transit_gateway_3.yaml.bak create mode 100755 queries/aws_ec2_transit_gateway_4.yaml.bak create mode 100755 queries/aws_ec2_transit_gateway_4.yaml.bak.bak create mode 100755 queries/aws_ec2_transit_gateway_route_1.yaml.bak create mode 100755 queries/aws_ec2_transit_gateway_route_2.yaml.bak create mode 100755 queries/aws_ec2_transit_gateway_route_table_1.yaml.bak create mode 100755 queries/aws_ec2_transit_gateway_route_table_2.yaml.bak create mode 100755 queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml.bak create mode 100755 queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml.bak create mode 100755 queries/aws_ecr_image_1.yaml.bak create mode 100755 queries/aws_ecr_image_2.yaml.bak create mode 100755 queries/aws_ecr_image_2.yaml.bak.bak create mode 100755 queries/aws_ecr_image_3.yaml.bak create mode 100755 queries/aws_ecr_image_4.yaml.bak create mode 100755 queries/aws_ecr_image_5.yaml.bak create mode 100755 queries/aws_ecr_image_6.yaml.bak create mode 100755 queries/aws_ecr_image_7.yaml.bak create mode 100755 queries/aws_ecr_image_scan_finding_1.yaml.bak create mode 100755 queries/aws_ecr_image_scan_finding_2.yaml.bak create mode 100755 queries/aws_ecr_registry_scanning_configuration_1.yaml.bak create mode 100755 queries/aws_ecr_registry_scanning_configuration_2.yaml.bak create mode 100755 queries/aws_ecr_registry_scanning_configuration_3.yaml.bak create mode 100755 queries/aws_ecr_repository_1.yaml.bak create mode 100755 queries/aws_ecr_repository_10.yaml.bak create mode 100755 queries/aws_ecr_repository_11.yaml.bak create mode 100755 queries/aws_ecr_repository_2.yaml.bak create mode 100755 queries/aws_ecr_repository_2.yaml.bak.bak create mode 100755 queries/aws_ecr_repository_3.yaml.bak create mode 100755 queries/aws_ecr_repository_4.yaml.bak create mode 100755 queries/aws_ecr_repository_5.yaml.bak create mode 100755 queries/aws_ecr_repository_6.yaml.bak create mode 100755 queries/aws_ecr_repository_7.yaml.bak create mode 100755 queries/aws_ecr_repository_8.yaml.bak create mode 100755 queries/aws_ecr_repository_9.yaml.bak create mode 100755 queries/aws_ecrpublic_repository_1.yaml.bak create mode 100755 queries/aws_ecrpublic_repository_2.yaml.bak create mode 100755 queries/aws_ecs_cluster_1.yaml.bak create mode 100755 queries/aws_ecs_cluster_2.yaml.bak create mode 100755 queries/aws_ecs_cluster_3.yaml.bak create mode 100755 queries/aws_ecs_cluster_4.yaml.bak create mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml.bak create mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml.bak create mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml.bak create mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml.bak create mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml.bak create mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml.bak create mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml.bak create mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml.bak create mode 100755 queries/aws_ecs_container_instance_1.yaml.bak create mode 100755 queries/aws_ecs_container_instance_2.yaml.bak create mode 100755 queries/aws_ecs_container_instance_3.yaml.bak create mode 100755 queries/aws_ecs_container_instance_4.yaml.bak create mode 100755 queries/aws_ecs_service_1.yaml.bak create mode 100755 queries/aws_ecs_service_2.yaml.bak create mode 100755 queries/aws_ecs_service_3.yaml.bak create mode 100755 queries/aws_ecs_task_1.yaml.bak create mode 100755 queries/aws_ecs_task_2.yaml.bak create mode 100755 queries/aws_ecs_task_3.yaml.bak create mode 100755 queries/aws_ecs_task_3.yaml.bak.bak create mode 100755 queries/aws_ecs_task_definition_1.yaml.bak create mode 100755 queries/aws_ecs_task_definition_2.yaml.bak create mode 100755 queries/aws_ecs_task_definition_3.yaml.bak create mode 100755 queries/aws_ecs_task_definition_3.yaml.bak.bak create mode 100755 queries/aws_ecs_task_definition_4.yaml.bak create mode 100755 queries/aws_efs_access_point_1.yaml.bak create mode 100755 queries/aws_efs_access_point_2.yaml.bak create mode 100755 queries/aws_efs_access_point_3.yaml.bak create mode 100755 queries/aws_efs_file_system_1.yaml.bak create mode 100755 queries/aws_efs_file_system_2.yaml.bak create mode 100755 queries/aws_efs_file_system_3.yaml.bak create mode 100755 queries/aws_efs_file_system_4.yaml.bak create mode 100755 queries/aws_efs_file_system_5.yaml.bak create mode 100755 queries/aws_efs_file_system_6.yaml.bak create mode 100755 queries/aws_efs_mount_target_1.yaml.bak create mode 100755 queries/aws_efs_mount_target_2.yaml.bak create mode 100755 queries/aws_eks_addon_1.yaml.bak create mode 100755 queries/aws_eks_addon_2.yaml.bak create mode 100755 queries/aws_eks_addon_3.yaml.bak create mode 100755 queries/aws_eks_addon_3.yaml.bak.bak create mode 100755 queries/aws_eks_addon_version_1.yaml.bak create mode 100755 queries/aws_eks_addon_version_2.yaml.bak create mode 100755 queries/aws_eks_addon_version_3.yaml.bak create mode 100755 queries/aws_eks_cluster_1.yaml.bak create mode 100755 queries/aws_eks_cluster_2.yaml.bak create mode 100755 queries/aws_eks_cluster_3.yaml.bak create mode 100755 queries/aws_eks_cluster_4.yaml.bak create mode 100755 queries/aws_eks_fargate_profile_1.yaml.bak create mode 100755 queries/aws_eks_fargate_profile_1.yaml.bak.bak create mode 100755 queries/aws_eks_fargate_profile_2.yaml.bak create mode 100755 queries/aws_eks_fargate_profile_3.yaml.bak create mode 100755 queries/aws_eks_fargate_profile_4.yaml.bak create mode 100755 queries/aws_eks_identity_provider_config_1.yaml.bak create mode 100755 queries/aws_eks_identity_provider_config_2.yaml.bak create mode 100755 queries/aws_eks_node_group_1.yaml.bak create mode 100755 queries/aws_eks_node_group_2.yaml.bak create mode 100755 queries/aws_eks_node_group_3.yaml.bak create mode 100755 queries/aws_eks_node_group_4.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_application_1.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_application_2.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_application_version_1.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_application_version_2.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_application_version_3.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_application_version_4.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_application_version_5.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_application_version_6.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_environment_1.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_environment_2.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_environment_3.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_environment_3.yaml.bak.bak create mode 100755 queries/aws_elastic_beanstalk_environment_4.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_environment_5.yaml.bak create mode 100755 queries/aws_elastic_beanstalk_environment_6.yaml.bak create mode 100755 queries/aws_elasticache_cluster_1.yaml.bak create mode 100755 queries/aws_elasticache_cluster_2.yaml.bak create mode 100755 queries/aws_elasticache_cluster_2.yaml.bak.bak create mode 100755 queries/aws_elasticache_cluster_3.yaml.bak create mode 100755 queries/aws_elasticache_cluster_4.yaml.bak create mode 100755 queries/aws_elasticache_cluster_5.yaml.bak create mode 100755 queries/aws_elasticache_cluster_6.yaml.bak create mode 100755 queries/aws_elasticache_cluster_7.yaml.bak create mode 100755 queries/aws_elasticache_parameter_group_1.yaml.bak create mode 100755 queries/aws_elasticache_parameter_group_2.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak.bak create mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak.bak create mode 100755 queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml.bak create mode 100755 queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml.bak create mode 100755 queries/aws_elasticache_replication_group_1.yaml.bak create mode 100755 queries/aws_elasticache_replication_group_2.yaml.bak create mode 100755 queries/aws_elasticache_replication_group_2.yaml.bak.bak create mode 100755 queries/aws_elasticache_replication_group_3.yaml.bak create mode 100755 queries/aws_elasticache_replication_group_4.yaml.bak create mode 100755 queries/aws_elasticache_replication_group_5.yaml.bak create mode 100755 queries/aws_elasticache_replication_group_6.yaml.bak create mode 100755 queries/aws_elasticache_reserved_cache_node_1.yaml.bak create mode 100755 queries/aws_elasticache_reserved_cache_node_2.yaml.bak create mode 100755 queries/aws_elasticache_reserved_cache_node_2.yaml.bak.bak create mode 100755 queries/aws_elasticache_reserved_cache_node_3.yaml.bak create mode 100755 queries/aws_elasticache_reserved_cache_node_4.yaml.bak create mode 100755 queries/aws_elasticache_reserved_cache_node_5.yaml.bak create mode 100755 queries/aws_elasticache_subnet_group_1.yaml.bak create mode 100755 queries/aws_elasticache_subnet_group_2.yaml.bak create mode 100755 queries/aws_elasticache_subnet_group_3.yaml.bak create mode 100755 queries/aws_elasticsearch_domain_1.yaml.bak create mode 100755 queries/aws_elasticsearch_domain_2.yaml.bak create mode 100755 queries/aws_elasticsearch_domain_3.yaml.bak create mode 100755 queries/aws_elasticsearch_domain_4.yaml.bak create mode 100755 queries/aws_elasticsearch_domain_5.yaml.bak create mode 100755 queries/aws_elasticsearch_domain_6.yaml.bak create mode 100755 queries/aws_elasticsearch_domain_7.yaml.bak create mode 100755 queries/aws_elasticsearch_domain_8.yaml.bak create mode 100755 queries/aws_elasticsearch_domain_8.yaml.bak.bak create mode 100755 queries/aws_emr_block_public_access_configuration_1.yaml.bak create mode 100755 queries/aws_emr_block_public_access_configuration_1.yaml.bak.bak create mode 100755 queries/aws_emr_block_public_access_configuration_2.yaml.bak create mode 100755 queries/aws_emr_block_public_access_configuration_3.yaml.bak create mode 100755 queries/aws_emr_block_public_access_configuration_4.yaml.bak create mode 100755 queries/aws_emr_cluster_1.yaml.bak create mode 100755 queries/aws_emr_cluster_2.yaml.bak create mode 100755 queries/aws_emr_cluster_3.yaml.bak create mode 100755 queries/aws_emr_cluster_4.yaml.bak create mode 100755 queries/aws_emr_cluster_5.yaml.bak create mode 100755 queries/aws_emr_cluster_6.yaml.bak create mode 100755 queries/aws_emr_cluster_metric_is_idle_1.yaml.bak create mode 100755 queries/aws_emr_instance_1.yaml.bak create mode 100755 queries/aws_emr_instance_2.yaml.bak create mode 100755 queries/aws_emr_instance_3.yaml.bak create mode 100755 queries/aws_emr_instance_4.yaml.bak create mode 100755 queries/aws_emr_instance_fleet_1.yaml.bak create mode 100755 queries/aws_emr_instance_fleet_2.yaml.bak create mode 100755 queries/aws_emr_instance_fleet_3.yaml.bak create mode 100755 queries/aws_emr_instance_group_1.yaml.bak create mode 100755 queries/aws_emr_instance_group_2.yaml.bak create mode 100755 queries/aws_emr_instance_group_3.yaml.bak create mode 100755 queries/aws_emr_security_configuration_1.yaml.bak create mode 100755 queries/aws_emr_security_configuration_2.yaml.bak create mode 100755 queries/aws_emr_security_configuration_3.yaml.bak create mode 100755 queries/aws_eventbridge_bus_1.yaml.bak create mode 100755 queries/aws_eventbridge_rule_1.yaml.bak create mode 100755 queries/aws_eventbridge_rule_2.yaml.bak create mode 100755 queries/aws_eventbridge_rule_2.yaml.bak.bak create mode 100755 queries/aws_eventbridge_rule_3.yaml.bak create mode 100755 queries/aws_fms_app_list_1.yaml.bak create mode 100755 queries/aws_fms_app_list_2.yaml.bak create mode 100755 queries/aws_fms_app_list_3.yaml.bak create mode 100755 queries/aws_fms_policy_1.yaml.bak create mode 100755 queries/aws_fms_policy_2.yaml.bak create mode 100755 queries/aws_fms_policy_3.yaml.bak create mode 100755 queries/aws_fms_policy_4.yaml.bak create mode 100755 queries/aws_fsx_file_system_1.yaml.bak create mode 100755 queries/aws_fsx_file_system_2.yaml.bak create mode 100755 queries/aws_glacier_vault_1.yaml.bak create mode 100755 queries/aws_glacier_vault_2.yaml.bak create mode 100755 queries/aws_glacier_vault_2.yaml.bak.bak create mode 100755 queries/aws_glacier_vault_3.yaml.bak create mode 100755 queries/aws_glacier_vault_4.yaml.bak create mode 100755 queries/aws_glacier_vault_5.yaml.bak create mode 100755 queries/aws_glacier_vault_6.yaml.bak create mode 100755 queries/aws_globalaccelerator_accelerator_1.yaml.bak create mode 100755 queries/aws_globalaccelerator_accelerator_2.yaml.bak create mode 100755 queries/aws_globalaccelerator_accelerator_3.yaml.bak create mode 100755 queries/aws_globalaccelerator_endpoint_group_1.yaml.bak create mode 100755 queries/aws_globalaccelerator_endpoint_group_2.yaml.bak create mode 100755 queries/aws_globalaccelerator_endpoint_group_3.yaml.bak create mode 100755 queries/aws_globalaccelerator_endpoint_group_3.yaml.bak.bak create mode 100755 queries/aws_globalaccelerator_listener_1.yaml.bak create mode 100755 queries/aws_globalaccelerator_listener_2.yaml.bak create mode 100755 queries/aws_globalaccelerator_listener_3.yaml.bak create mode 100755 queries/aws_globalaccelerator_listener_4.yaml.bak create mode 100755 queries/aws_glue_catalog_database_1.yaml.bak create mode 100755 queries/aws_glue_catalog_database_2.yaml.bak create mode 100755 queries/aws_glue_catalog_table_1.yaml.bak create mode 100755 queries/aws_glue_catalog_table_2.yaml.bak create mode 100755 queries/aws_glue_catalog_table_3.yaml.bak create mode 100755 queries/aws_glue_connection_1.yaml.bak create mode 100755 queries/aws_glue_connection_2.yaml.bak create mode 100755 queries/aws_glue_connection_3.yaml.bak create mode 100755 queries/aws_glue_connection_3.yaml.bak.bak create mode 100755 queries/aws_glue_connection_4.yaml.bak create mode 100755 queries/aws_glue_crawler_1.yaml.bak create mode 100755 queries/aws_glue_crawler_2.yaml.bak create mode 100755 queries/aws_glue_data_catalog_encryption_settings_1.yaml.bak create mode 100755 queries/aws_glue_data_catalog_encryption_settings_2.yaml.bak create mode 100755 queries/aws_glue_data_catalog_encryption_settings_3.yaml.bak create mode 100755 queries/aws_glue_data_catalog_encryption_settings_4.yaml.bak create mode 100755 queries/aws_glue_data_catalog_encryption_settings_5.yaml.bak create mode 100755 queries/aws_glue_data_quality_ruleset_1.yaml.bak create mode 100755 queries/aws_glue_data_quality_ruleset_2.yaml.bak create mode 100755 queries/aws_glue_data_quality_ruleset_3.yaml.bak create mode 100755 queries/aws_glue_data_quality_ruleset_4.yaml.bak create mode 100755 queries/aws_glue_data_quality_ruleset_5.yaml.bak create mode 100755 queries/aws_glue_dev_endpoint_1.yaml.bak create mode 100755 queries/aws_glue_dev_endpoint_2.yaml.bak create mode 100755 queries/aws_glue_dev_endpoint_2.yaml.bak.bak create mode 100755 queries/aws_glue_dev_endpoint_3.yaml.bak create mode 100755 queries/aws_glue_dev_endpoint_4.yaml.bak create mode 100755 queries/aws_glue_dev_endpoint_5.yaml.bak create mode 100755 queries/aws_glue_dev_endpoint_6.yaml.bak create mode 100755 queries/aws_glue_job_1.yaml.bak create mode 100755 queries/aws_glue_job_10.yaml.bak create mode 100755 queries/aws_glue_job_10.yaml.bak.bak create mode 100755 queries/aws_glue_job_2.yaml.bak create mode 100755 queries/aws_glue_job_3.yaml.bak create mode 100755 queries/aws_glue_job_4.yaml.bak create mode 100755 queries/aws_glue_job_5.yaml.bak create mode 100755 queries/aws_glue_job_6.yaml.bak create mode 100755 queries/aws_glue_job_7.yaml.bak create mode 100755 queries/aws_glue_job_8.yaml.bak create mode 100755 queries/aws_glue_job_9.yaml.bak create mode 100755 queries/aws_glue_security_configuration_1.yaml.bak create mode 100755 queries/aws_glue_security_configuration_2.yaml.bak create mode 100755 queries/aws_glue_security_configuration_3.yaml.bak create mode 100755 queries/aws_glue_security_configuration_4.yaml.bak create mode 100755 queries/aws_guardduty_detector_1.yaml.bak create mode 100755 queries/aws_guardduty_detector_2.yaml.bak create mode 100755 queries/aws_guardduty_detector_3.yaml.bak create mode 100755 queries/aws_guardduty_detector_4.yaml.bak create mode 100755 queries/aws_guardduty_filter_1.yaml.bak create mode 100755 queries/aws_guardduty_filter_2.yaml.bak create mode 100755 queries/aws_guardduty_filter_3.yaml.bak create mode 100755 queries/aws_guardduty_filter_4.yaml.bak create mode 100755 queries/aws_guardduty_filter_5.yaml.bak create mode 100755 queries/aws_guardduty_finding_1.yaml.bak create mode 100755 queries/aws_guardduty_finding_2.yaml.bak create mode 100755 queries/aws_guardduty_ipset_1.yaml.bak create mode 100755 queries/aws_guardduty_ipset_2.yaml.bak create mode 100755 queries/aws_guardduty_member_1.yaml.bak create mode 100755 queries/aws_guardduty_member_2.yaml.bak create mode 100755 queries/aws_guardduty_member_3.yaml.bak create mode 100755 queries/aws_guardduty_member_4.yaml.bak create mode 100755 queries/aws_guardduty_member_4.yaml.bak.bak create mode 100755 queries/aws_guardduty_publishing_destination_1.yaml.bak create mode 100755 queries/aws_guardduty_publishing_destination_1.yaml.bak.bak create mode 100755 queries/aws_guardduty_publishing_destination_2.yaml.bak create mode 100755 queries/aws_guardduty_publishing_destination_3.yaml.bak create mode 100755 queries/aws_guardduty_publishing_destination_4.yaml.bak create mode 100755 queries/aws_guardduty_publishing_destination_5.yaml.bak create mode 100755 queries/aws_guardduty_publishing_destination_6.yaml.bak create mode 100755 queries/aws_guardduty_threat_intel_set_1.yaml.bak create mode 100755 queries/aws_guardduty_threat_intel_set_2.yaml.bak create mode 100755 queries/aws_health_affected_entity_1.yaml.bak create mode 100755 queries/aws_health_affected_entity_2.yaml.bak create mode 100755 queries/aws_health_affected_entity_3.yaml.bak create mode 100755 queries/aws_health_event_1.yaml.bak create mode 100755 queries/aws_health_event_2.yaml.bak create mode 100755 queries/aws_health_event_3.yaml.bak create mode 100755 queries/aws_health_event_4.yaml.bak create mode 100755 queries/aws_iam_access_advisor_1.yaml.bak create mode 100755 queries/aws_iam_access_advisor_2.yaml.bak create mode 100755 queries/aws_iam_access_advisor_2.yaml.bak.bak create mode 100755 queries/aws_iam_access_advisor_3.yaml.bak create mode 100755 queries/aws_iam_access_advisor_4.yaml.bak create mode 100755 queries/aws_iam_access_advisor_5.yaml.bak create mode 100755 queries/aws_iam_access_advisor_6.yaml.bak create mode 100755 queries/aws_iam_access_key_1.yaml.bak create mode 100755 queries/aws_iam_access_key_2.yaml.bak create mode 100755 queries/aws_iam_access_key_3.yaml.bak create mode 100755 queries/aws_iam_account_password_policy_1.yaml.bak create mode 100755 queries/aws_iam_account_password_policy_2.yaml.bak create mode 100755 queries/aws_iam_account_password_policy_3.yaml.bak create mode 100755 queries/aws_iam_account_password_policy_4.yaml.bak create mode 100755 queries/aws_iam_account_password_policy_5.yaml.bak create mode 100755 queries/aws_iam_account_password_policy_6.yaml.bak create mode 100755 queries/aws_iam_account_password_policy_7.yaml.bak create mode 100755 queries/aws_iam_account_password_policy_8.yaml.bak create mode 100755 queries/aws_iam_account_summary_1.yaml.bak create mode 100755 queries/aws_iam_account_summary_2.yaml.bak create mode 100755 queries/aws_iam_account_summary_3.yaml.bak create mode 100755 queries/aws_iam_action_1.yaml.bak create mode 100755 queries/aws_iam_action_2.yaml.bak create mode 100755 queries/aws_iam_action_3.yaml.bak create mode 100755 queries/aws_iam_action_4.yaml.bak create mode 100755 queries/aws_iam_action_5.yaml.bak create mode 100755 queries/aws_iam_credential_report_1.yaml.bak create mode 100755 queries/aws_iam_credential_report_2.yaml.bak create mode 100755 queries/aws_iam_credential_report_3.yaml.bak create mode 100755 queries/aws_iam_credential_report_4.yaml.bak create mode 100755 queries/aws_iam_credential_report_5.yaml.bak create mode 100755 queries/aws_iam_credential_report_6.yaml.bak create mode 100755 queries/aws_iam_credential_report_6.yaml.bak.bak create mode 100755 queries/aws_iam_group_1.yaml.bak create mode 100755 queries/aws_iam_group_2.yaml.bak create mode 100755 queries/aws_iam_group_3.yaml.bak create mode 100755 queries/aws_iam_group_4.yaml.bak create mode 100755 queries/aws_iam_open_id_connect_provider_1.yaml.bak create mode 100755 queries/aws_iam_open_id_connect_provider_2.yaml.bak create mode 100755 queries/aws_iam_open_id_connect_provider_2.yaml.bak.bak create mode 100755 queries/aws_iam_open_id_connect_provider_3.yaml.bak create mode 100755 queries/aws_iam_open_id_connect_provider_4.yaml.bak create mode 100755 queries/aws_iam_policy_1.yaml.bak create mode 100755 queries/aws_iam_policy_2.yaml.bak create mode 100755 queries/aws_iam_policy_3.yaml.bak create mode 100755 queries/aws_iam_policy_4.yaml.bak create mode 100755 queries/aws_iam_policy_5.yaml.bak create mode 100755 queries/aws_iam_policy_6.yaml.bak create mode 100755 queries/aws_iam_policy_7.yaml.bak create mode 100755 queries/aws_iam_policy_attachment_1.yaml.bak create mode 100755 queries/aws_iam_policy_attachment_2.yaml.bak create mode 100755 queries/aws_iam_policy_attachment_3.yaml.bak create mode 100755 queries/aws_iam_policy_simulator_1.yaml.bak create mode 100755 queries/aws_iam_policy_simulator_2.yaml.bak create mode 100755 queries/aws_iam_policy_simulator_3.yaml.bak create mode 100755 queries/aws_iam_role_1.yaml.bak create mode 100755 queries/aws_iam_role_10.yaml.bak create mode 100755 queries/aws_iam_role_2.yaml.bak create mode 100755 queries/aws_iam_role_3.yaml.bak create mode 100755 queries/aws_iam_role_4.yaml.bak create mode 100755 queries/aws_iam_role_4.yaml.bak.bak create mode 100755 queries/aws_iam_role_5.yaml.bak create mode 100755 queries/aws_iam_role_6.yaml.bak create mode 100755 queries/aws_iam_role_7.yaml.bak create mode 100755 queries/aws_iam_role_8.yaml.bak create mode 100755 queries/aws_iam_role_9.yaml.bak create mode 100755 queries/aws_iam_saml_provider_1.yaml.bak create mode 100755 queries/aws_iam_saml_provider_2.yaml.bak create mode 100755 queries/aws_iam_saml_provider_3.yaml.bak create mode 100755 queries/aws_iam_server_certificate_1.yaml.bak create mode 100755 queries/aws_iam_server_certificate_1.yaml.bak.bak create mode 100755 queries/aws_iam_server_certificate_2.yaml.bak create mode 100755 queries/aws_iam_service_specific_credential_1.yaml.bak create mode 100755 queries/aws_iam_service_specific_credential_2.yaml.bak create mode 100755 queries/aws_iam_service_specific_credential_2.yaml.bak.bak create mode 100755 queries/aws_iam_service_specific_credential_3.yaml.bak create mode 100755 queries/aws_iam_user_1.yaml.bak create mode 100755 queries/aws_iam_user_2.yaml.bak create mode 100755 queries/aws_iam_user_2.yaml.bak.bak create mode 100755 queries/aws_iam_user_3.yaml.bak create mode 100755 queries/aws_iam_user_4.yaml.bak create mode 100755 queries/aws_iam_user_5.yaml.bak create mode 100755 queries/aws_iam_user_6.yaml.bak create mode 100755 queries/aws_iam_virtual_mfa_device_1.yaml.bak create mode 100755 queries/aws_iam_virtual_mfa_device_2.yaml.bak create mode 100755 queries/aws_identitystore_group_1.yaml.bak create mode 100755 queries/aws_identitystore_group_2.yaml.bak create mode 100755 queries/aws_identitystore_group_membership_1.yaml.bak create mode 100755 queries/aws_identitystore_group_membership_2.yaml.bak create mode 100755 queries/aws_identitystore_group_membership_3.yaml.bak create mode 100755 queries/aws_identitystore_user_1.yaml.bak create mode 100755 queries/aws_identitystore_user_2.yaml.bak create mode 100755 queries/aws_inspector2_coverage_1.yaml.bak create mode 100755 queries/aws_inspector2_coverage_2.yaml.bak create mode 100755 queries/aws_inspector2_coverage_3.yaml.bak create mode 100755 queries/aws_inspector2_coverage_3.yaml.bak.bak create mode 100755 queries/aws_inspector2_coverage_4.yaml.bak create mode 100755 queries/aws_inspector2_coverage_5.yaml.bak create mode 100755 queries/aws_inspector2_coverage_6.yaml.bak create mode 100755 queries/aws_inspector2_coverage_7.yaml.bak create mode 100755 queries/aws_inspector2_coverage_8.yaml.bak create mode 100755 queries/aws_inspector2_coverage_9.yaml.bak create mode 100755 queries/aws_inspector2_coverage_statistics_1.yaml.bak create mode 100755 queries/aws_inspector2_coverage_statistics_2.yaml.bak create mode 100755 queries/aws_inspector2_coverage_statistics_2.yaml.bak.bak create mode 100755 queries/aws_inspector2_finding_1.yaml.bak create mode 100755 queries/aws_inspector2_finding_10.yaml.bak create mode 100755 queries/aws_inspector2_finding_11.yaml.bak create mode 100755 queries/aws_inspector2_finding_12.yaml.bak create mode 100755 queries/aws_inspector2_finding_13.yaml.bak create mode 100755 queries/aws_inspector2_finding_13.yaml.bak.bak create mode 100755 queries/aws_inspector2_finding_14.yaml.bak create mode 100755 queries/aws_inspector2_finding_15.yaml.bak create mode 100755 queries/aws_inspector2_finding_2.yaml.bak create mode 100755 queries/aws_inspector2_finding_3.yaml.bak create mode 100755 queries/aws_inspector2_finding_4.yaml.bak create mode 100755 queries/aws_inspector2_finding_5.yaml.bak create mode 100755 queries/aws_inspector2_finding_6.yaml.bak create mode 100755 queries/aws_inspector2_finding_6.yaml.bak.bak create mode 100755 queries/aws_inspector2_finding_7.yaml.bak create mode 100755 queries/aws_inspector2_finding_8.yaml.bak create mode 100755 queries/aws_inspector2_finding_9.yaml.bak create mode 100755 queries/aws_inspector2_member_1.yaml.bak create mode 100755 queries/aws_inspector2_member_2.yaml.bak create mode 100755 queries/aws_inspector2_member_2.yaml.bak.bak create mode 100755 queries/aws_inspector2_member_3.yaml.bak create mode 100755 queries/aws_inspector_assessment_run_1.yaml.bak create mode 100755 queries/aws_inspector_assessment_run_2.yaml.bak create mode 100755 queries/aws_inspector_assessment_run_3.yaml.bak create mode 100755 queries/aws_inspector_assessment_run_4.yaml.bak create mode 100755 queries/aws_inspector_assessment_run_5.yaml.bak create mode 100755 queries/aws_inspector_assessment_run_6.yaml.bak create mode 100755 queries/aws_inspector_assessment_run_6.yaml.bak.bak create mode 100755 queries/aws_inspector_assessment_target_1.yaml.bak create mode 100755 queries/aws_inspector_assessment_target_2.yaml.bak create mode 100755 queries/aws_inspector_assessment_target_2.yaml.bak.bak create mode 100755 queries/aws_inspector_assessment_target_3.yaml.bak create mode 100755 queries/aws_inspector_assessment_template_1.yaml.bak create mode 100755 queries/aws_inspector_assessment_template_2.yaml.bak create mode 100755 queries/aws_inspector_assessment_template_3.yaml.bak create mode 100755 queries/aws_inspector_assessment_template_4.yaml.bak create mode 100755 queries/aws_inspector_assessment_template_5.yaml.bak create mode 100755 queries/aws_inspector_assessment_template_6.yaml.bak create mode 100755 queries/aws_inspector_exclusion_1.yaml.bak create mode 100755 queries/aws_inspector_exclusion_1.yaml.bak.bak create mode 100755 queries/aws_inspector_exclusion_2.yaml.bak create mode 100755 queries/aws_inspector_exclusion_3.yaml.bak create mode 100755 queries/aws_inspector_exclusion_4.yaml.bak create mode 100755 queries/aws_inspector_exclusion_5.yaml.bak create mode 100755 queries/aws_inspector_finding_1.yaml.bak create mode 100755 queries/aws_inspector_finding_10.yaml.bak create mode 100755 queries/aws_inspector_finding_2.yaml.bak create mode 100755 queries/aws_inspector_finding_3.yaml.bak create mode 100755 queries/aws_inspector_finding_4.yaml.bak create mode 100755 queries/aws_inspector_finding_5.yaml.bak create mode 100755 queries/aws_inspector_finding_5.yaml.bak.bak create mode 100755 queries/aws_inspector_finding_6.yaml.bak create mode 100755 queries/aws_inspector_finding_7.yaml.bak create mode 100755 queries/aws_inspector_finding_8.yaml.bak create mode 100755 queries/aws_inspector_finding_9.yaml.bak create mode 100755 queries/aws_iot_fleet_metric_1.yaml.bak create mode 100755 queries/aws_iot_fleet_metric_1.yaml.bak.bak create mode 100755 queries/aws_iot_fleet_metric_2.yaml.bak create mode 100755 queries/aws_iot_fleet_metric_3.yaml.bak create mode 100755 queries/aws_iot_thing_1.yaml.bak create mode 100755 queries/aws_iot_thing_2.yaml.bak create mode 100755 queries/aws_iot_thing_3.yaml.bak create mode 100755 queries/aws_iot_thing_group_1.yaml.bak create mode 100755 queries/aws_iot_thing_group_2.yaml.bak create mode 100755 queries/aws_iot_thing_group_3.yaml.bak create mode 100755 queries/aws_iot_thing_group_3.yaml.bak.bak create mode 100755 queries/aws_iot_thing_group_4.yaml.bak create mode 100755 queries/aws_iot_thing_type_1.yaml.bak create mode 100755 queries/aws_iot_thing_type_2.yaml.bak create mode 100755 queries/aws_iot_thing_type_3.yaml.bak create mode 100755 queries/aws_iot_thing_type_4.yaml.bak create mode 100755 queries/aws_kinesis_consumer_1.yaml.bak create mode 100755 queries/aws_kinesis_consumer_2.yaml.bak create mode 100755 queries/aws_kinesis_firehose_delivery_stream_1.yaml.bak create mode 100755 queries/aws_kinesis_firehose_delivery_stream_2.yaml.bak create mode 100755 queries/aws_kinesis_firehose_delivery_stream_3.yaml.bak create mode 100755 queries/aws_kinesis_firehose_delivery_stream_4.yaml.bak create mode 100755 queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak create mode 100755 queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak.bak create mode 100755 queries/aws_kinesis_stream_1.yaml.bak create mode 100755 queries/aws_kinesis_stream_2.yaml.bak create mode 100755 queries/aws_kinesis_stream_3.yaml.bak create mode 100755 queries/aws_kinesis_stream_4.yaml.bak create mode 100755 queries/aws_kinesis_stream_5.yaml.bak create mode 100755 queries/aws_kinesis_video_stream_1.yaml.bak create mode 100755 queries/aws_kinesis_video_stream_2.yaml.bak create mode 100755 queries/aws_kinesis_video_stream_3.yaml.bak create mode 100755 queries/aws_kinesis_video_stream_4.yaml.bak create mode 100755 queries/aws_kinesisanalyticsv2_application_1.yaml.bak create mode 100755 queries/aws_kinesisanalyticsv2_application_2.yaml.bak create mode 100755 queries/aws_kinesisanalyticsv2_application_3.yaml.bak create mode 100755 queries/aws_kms_alias_1.yaml.bak create mode 100755 queries/aws_kms_alias_2.yaml.bak create mode 100755 queries/aws_kms_alias_3.yaml.bak create mode 100755 queries/aws_kms_alias_3.yaml.bak.bak create mode 100755 queries/aws_kms_alias_4.yaml.bak create mode 100755 queries/aws_kms_key_1.yaml.bak create mode 100755 queries/aws_kms_key_2.yaml.bak create mode 100755 queries/aws_kms_key_3.yaml.bak create mode 100755 queries/aws_kms_key_4.yaml.bak create mode 100755 queries/aws_kms_key_5.yaml.bak create mode 100755 queries/aws_kms_key_rotation_1.yaml.bak create mode 100755 queries/aws_kms_key_rotation_2.yaml.bak create mode 100755 queries/aws_kms_key_rotation_3.yaml.bak create mode 100755 queries/aws_kms_key_rotation_3.yaml.bak.bak create mode 100755 queries/aws_kms_key_rotation_4.yaml.bak create mode 100755 queries/aws_lambda_alias_1.yaml.bak create mode 100755 queries/aws_lambda_alias_2.yaml.bak create mode 100755 queries/aws_lambda_alias_3.yaml.bak create mode 100755 queries/aws_lambda_alias_4.yaml.bak create mode 100755 queries/aws_lambda_alias_4.yaml.bak.bak create mode 100755 queries/aws_lambda_event_source_mapping_1.yaml.bak create mode 100755 queries/aws_lambda_event_source_mapping_2.yaml.bak create mode 100755 queries/aws_lambda_event_source_mapping_3.yaml.bak create mode 100755 queries/aws_lambda_event_source_mapping_4.yaml.bak create mode 100755 queries/aws_lambda_event_source_mapping_5.yaml.bak create mode 100755 queries/aws_lambda_event_source_mapping_6.yaml.bak create mode 100755 queries/aws_lambda_event_source_mapping_7.yaml.bak create mode 100755 queries/aws_lambda_event_source_mapping_8.yaml.bak create mode 100755 queries/aws_lambda_function_1.yaml.bak create mode 100755 queries/aws_lambda_function_1.yaml.bak.bak create mode 100755 queries/aws_lambda_function_10.yaml.bak create mode 100755 queries/aws_lambda_function_2.yaml.bak create mode 100755 queries/aws_lambda_function_3.yaml.bak create mode 100755 queries/aws_lambda_function_4.yaml.bak create mode 100755 queries/aws_lambda_function_5.yaml.bak create mode 100755 queries/aws_lambda_function_6.yaml.bak create mode 100755 queries/aws_lambda_function_7.yaml.bak create mode 100755 queries/aws_lambda_function_8.yaml.bak create mode 100755 queries/aws_lambda_function_9.yaml.bak create mode 100755 queries/aws_lambda_function_metric_duration_daily_1.yaml.bak create mode 100755 queries/aws_lambda_function_metric_duration_daily_2.yaml.bak create mode 100755 queries/aws_lambda_function_metric_duration_daily_3.yaml.bak create mode 100755 queries/aws_lambda_function_metric_errors_daily_1.yaml.bak create mode 100755 queries/aws_lambda_function_metric_errors_daily_2.yaml.bak create mode 100755 queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak create mode 100755 queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak.bak create mode 100755 queries/aws_lambda_function_metric_invocations_daily_2.yaml.bak create mode 100755 queries/aws_lambda_layer_1.yaml.bak create mode 100755 queries/aws_lambda_layer_1.yaml.bak.bak create mode 100755 queries/aws_lambda_layer_version_1.yaml.bak create mode 100755 queries/aws_lambda_version_1.yaml.bak create mode 100755 queries/aws_lambda_version_1.yaml.bak.bak create mode 100755 queries/aws_lambda_version_2.yaml.bak create mode 100755 queries/aws_lambda_version_3.yaml.bak create mode 100755 queries/aws_lambda_version_4.yaml.bak create mode 100755 queries/aws_lightsail_bucket_1.yaml.bak create mode 100755 queries/aws_lightsail_bucket_2.yaml.bak create mode 100755 queries/aws_lightsail_bucket_2.yaml.bak.bak create mode 100755 queries/aws_lightsail_bucket_3.yaml.bak create mode 100755 queries/aws_lightsail_bucket_4.yaml.bak create mode 100755 queries/aws_lightsail_bucket_5.yaml.bak create mode 100755 queries/aws_lightsail_bucket_6.yaml.bak create mode 100755 queries/aws_lightsail_bucket_7.yaml.bak create mode 100755 queries/aws_lightsail_instance_1.yaml.bak create mode 100755 queries/aws_lightsail_instance_2.yaml.bak create mode 100755 queries/aws_lightsail_instance_3.yaml.bak create mode 100755 queries/aws_lightsail_instance_4.yaml.bak create mode 100755 queries/aws_lightsail_instance_5.yaml.bak create mode 100755 queries/aws_macie2_classification_job_1.yaml.bak create mode 100755 queries/aws_macie2_classification_job_2.yaml.bak create mode 100755 queries/aws_macie2_classification_job_3.yaml.bak create mode 100755 queries/aws_macie2_classification_job_4.yaml.bak create mode 100755 queries/aws_media_store_container_1.yaml.bak create mode 100755 queries/aws_media_store_container_2.yaml.bak create mode 100755 queries/aws_media_store_container_3.yaml.bak create mode 100755 queries/aws_media_store_container_4.yaml.bak create mode 100755 queries/aws_memorydb_cluster_1.yaml.bak create mode 100755 queries/aws_memorydb_cluster_2.yaml.bak create mode 100755 queries/aws_memorydb_cluster_2.yaml.bak.bak create mode 100755 queries/aws_memorydb_cluster_3.yaml.bak create mode 100755 queries/aws_memorydb_cluster_4.yaml.bak create mode 100755 queries/aws_memorydb_cluster_5.yaml.bak create mode 100755 queries/aws_memorydb_cluster_6.yaml.bak create mode 100755 queries/aws_memorydb_cluster_7.yaml.bak create mode 100755 queries/aws_memorydb_cluster_8.yaml.bak create mode 100755 queries/aws_memorydb_cluster_9.yaml.bak create mode 100755 queries/aws_mgn_application_1.yaml.bak create mode 100755 queries/aws_mgn_application_1.yaml.bak.bak create mode 100755 queries/aws_mgn_application_2.yaml.bak create mode 100755 queries/aws_mgn_application_3.yaml.bak create mode 100755 queries/aws_mgn_application_4.yaml.bak create mode 100755 queries/aws_mq_broker_1.yaml.bak create mode 100755 queries/aws_mq_broker_2.yaml.bak create mode 100755 queries/aws_mq_broker_3.yaml.bak create mode 100755 queries/aws_mq_broker_4.yaml.bak create mode 100755 queries/aws_mq_broker_5.yaml.bak create mode 100755 queries/aws_msk_cluster_1.yaml.bak create mode 100755 queries/aws_msk_cluster_2.yaml.bak create mode 100755 queries/aws_msk_cluster_2.yaml.bak.bak create mode 100755 queries/aws_msk_cluster_3.yaml.bak create mode 100755 queries/aws_msk_cluster_4.yaml.bak create mode 100755 queries/aws_msk_cluster_5.yaml.bak create mode 100755 queries/aws_msk_cluster_6.yaml.bak create mode 100755 queries/aws_msk_cluster_7.yaml.bak create mode 100755 queries/aws_msk_serverless_cluster_1.yaml.bak create mode 100755 queries/aws_msk_serverless_cluster_2.yaml.bak create mode 100755 queries/aws_msk_serverless_cluster_3.yaml.bak create mode 100755 queries/aws_msk_serverless_cluster_4.yaml.bak create mode 100755 queries/aws_msk_serverless_cluster_5.yaml.bak create mode 100755 queries/aws_neptune_db_cluster_1.yaml.bak create mode 100755 queries/aws_neptune_db_cluster_2.yaml.bak create mode 100755 queries/aws_neptune_db_cluster_3.yaml.bak create mode 100755 queries/aws_neptune_db_cluster_3.yaml.bak.bak create mode 100755 queries/aws_neptune_db_cluster_4.yaml.bak create mode 100755 queries/aws_neptune_db_cluster_snapshot_1.yaml.bak create mode 100755 queries/aws_neptune_db_cluster_snapshot_2.yaml.bak create mode 100755 queries/aws_neptune_db_cluster_snapshot_3.yaml.bak create mode 100755 queries/aws_neptune_db_cluster_snapshot_4.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_1.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_2.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_3.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_4.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_5.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_6.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_7.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_8.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_policy_1.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_policy_2.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_policy_3.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_policy_4.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_policy_5.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_policy_5.yaml.bak.bak create mode 100755 queries/aws_networkfirewall_firewall_policy_6.yaml.bak create mode 100755 queries/aws_networkfirewall_firewall_policy_7.yaml.bak create mode 100755 queries/aws_networkfirewall_rule_group_1.yaml.bak create mode 100755 queries/aws_networkfirewall_rule_group_2.yaml.bak create mode 100755 queries/aws_networkfirewall_rule_group_3.yaml.bak create mode 100755 queries/aws_networkfirewall_rule_group_4.yaml.bak create mode 100755 queries/aws_networkfirewall_rule_group_5.yaml.bak create mode 100755 queries/aws_oam_link_1.yaml.bak create mode 100755 queries/aws_oam_link_2.yaml.bak create mode 100755 queries/aws_oam_link_3.yaml.bak create mode 100755 queries/aws_oam_sink_1.yaml.bak create mode 100755 queries/aws_oam_sink_1.yaml.bak.bak create mode 100755 queries/aws_oam_sink_2.yaml.bak create mode 100755 queries/aws_opensearch_domain_1.yaml.bak create mode 100755 queries/aws_opensearch_domain_2.yaml.bak create mode 100755 queries/aws_opensearch_domain_3.yaml.bak create mode 100755 queries/aws_opensearch_domain_4.yaml.bak create mode 100755 queries/aws_opensearch_domain_5.yaml.bak create mode 100755 queries/aws_opensearch_domain_6.yaml.bak create mode 100755 queries/aws_opensearch_domain_6.yaml.bak.bak create mode 100755 queries/aws_opensearch_domain_7.yaml.bak create mode 100755 queries/aws_opensearch_domain_8.yaml.bak create mode 100755 queries/aws_organizations_account_1.yaml.bak create mode 100755 queries/aws_organizations_account_2.yaml.bak create mode 100755 queries/aws_organizations_organizational_unit_1.yaml.bak create mode 100755 queries/aws_organizations_organizational_unit_2.yaml.bak create mode 100755 queries/aws_organizations_organizational_unit_3.yaml.bak create mode 100755 queries/aws_organizations_organizational_unit_4.yaml.bak create mode 100755 queries/aws_organizations_organizational_unit_5.yaml.bak create mode 100755 queries/aws_organizations_organizational_unit_5.yaml.bak.bak create mode 100755 queries/aws_organizations_organizational_unit_6.yaml.bak create mode 100755 queries/aws_organizations_policy_1.yaml.bak create mode 100755 queries/aws_organizations_policy_2.yaml.bak create mode 100755 queries/aws_organizations_policy_3.yaml.bak create mode 100755 queries/aws_organizations_policy_4.yaml.bak create mode 100755 queries/aws_organizations_policy_target_1.yaml.bak create mode 100755 queries/aws_organizations_policy_target_2.yaml.bak create mode 100755 queries/aws_organizations_policy_target_3.yaml.bak create mode 100755 queries/aws_organizations_policy_target_4.yaml.bak create mode 100755 queries/aws_organizations_policy_target_4.yaml.bak.bak create mode 100755 queries/aws_organizations_root_1.yaml.bak create mode 100755 queries/aws_organizations_root_2.yaml.bak create mode 100755 queries/aws_pinpoint_app_1.yaml.bak create mode 100755 queries/aws_pinpoint_app_2.yaml.bak create mode 100755 queries/aws_pinpoint_app_3.yaml.bak create mode 100755 queries/aws_pinpoint_app_4.yaml.bak create mode 100755 queries/aws_pipes_pipe_1.yaml.bak create mode 100755 queries/aws_pipes_pipe_2.yaml.bak create mode 100755 queries/aws_pipes_pipe_3.yaml.bak create mode 100755 queries/aws_pipes_pipe_4.yaml.bak create mode 100755 queries/aws_pipes_pipe_5.yaml.bak create mode 100755 queries/aws_pipes_pipe_6.yaml.bak create mode 100755 queries/aws_pipes_pipe_6.yaml.bak.bak create mode 100755 queries/aws_pricing_product_1.yaml.bak create mode 100755 queries/aws_pricing_product_2.yaml.bak create mode 100755 queries/aws_pricing_product_3.yaml.bak create mode 100755 queries/aws_pricing_service_attribute_1.yaml.bak create mode 100755 queries/aws_pricing_service_attribute_2.yaml.bak create mode 100755 queries/aws_pricing_service_attribute_3.yaml.bak create mode 100755 queries/aws_ram_principal_association_1.yaml.bak create mode 100755 queries/aws_ram_principal_association_2.yaml.bak create mode 100755 queries/aws_ram_principal_association_3.yaml.bak create mode 100755 queries/aws_ram_resource_association_1.yaml.bak create mode 100755 queries/aws_ram_resource_association_2.yaml.bak create mode 100755 queries/aws_ram_resource_association_3.yaml.bak create mode 100755 queries/aws_rds_db_cluster_1.yaml.bak create mode 100755 queries/aws_rds_db_cluster_2.yaml.bak create mode 100755 queries/aws_rds_db_cluster_3.yaml.bak create mode 100755 queries/aws_rds_db_cluster_4.yaml.bak create mode 100755 queries/aws_rds_db_cluster_5.yaml.bak create mode 100755 queries/aws_rds_db_cluster_5.yaml.bak.bak create mode 100755 queries/aws_rds_db_cluster_parameter_group_1.yaml.bak create mode 100755 queries/aws_rds_db_cluster_parameter_group_2.yaml.bak create mode 100755 queries/aws_rds_db_cluster_snapshot_1.yaml.bak create mode 100755 queries/aws_rds_db_cluster_snapshot_2.yaml.bak create mode 100755 queries/aws_rds_db_cluster_snapshot_3.yaml.bak create mode 100755 queries/aws_rds_db_cluster_snapshot_4.yaml.bak create mode 100755 queries/aws_rds_db_engine_version_1.yaml.bak create mode 100755 queries/aws_rds_db_engine_version_2.yaml.bak create mode 100755 queries/aws_rds_db_engine_version_3.yaml.bak create mode 100755 queries/aws_rds_db_engine_version_4.yaml.bak create mode 100755 queries/aws_rds_db_engine_version_5.yaml.bak create mode 100755 queries/aws_rds_db_event_subscription_1.yaml.bak create mode 100755 queries/aws_rds_db_event_subscription_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_10.yaml.bak create mode 100755 queries/aws_rds_db_instance_11.yaml.bak create mode 100755 queries/aws_rds_db_instance_12.yaml.bak create mode 100755 queries/aws_rds_db_instance_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_3.yaml.bak create mode 100755 queries/aws_rds_db_instance_3.yaml.bak.bak create mode 100755 queries/aws_rds_db_instance_4.yaml.bak create mode 100755 queries/aws_rds_db_instance_5.yaml.bak create mode 100755 queries/aws_rds_db_instance_6.yaml.bak create mode 100755 queries/aws_rds_db_instance_7.yaml.bak create mode 100755 queries/aws_rds_db_instance_8.yaml.bak create mode 100755 queries/aws_rds_db_instance_9.yaml.bak create mode 100755 queries/aws_rds_db_instance_automated_backup_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_automated_backup_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_automated_backup_3.yaml.bak create mode 100755 queries/aws_rds_db_instance_automated_backup_4.yaml.bak create mode 100755 queries/aws_rds_db_instance_automated_backup_5.yaml.bak create mode 100755 queries/aws_rds_db_instance_automated_backup_6.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_connections_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_connections_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_connections_daily_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_connections_daily_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_connections_daily_3.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_connections_hourly_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_connections_hourly_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_3.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_3.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_4.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml.bak create mode 100755 queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml.bak create mode 100755 queries/aws_rds_db_option_group_1.yaml.bak create mode 100755 queries/aws_rds_db_option_group_2.yaml.bak create mode 100755 queries/aws_rds_db_option_group_3.yaml.bak create mode 100755 queries/aws_rds_db_parameter_group_1.yaml.bak create mode 100755 queries/aws_rds_db_parameter_group_2.yaml.bak create mode 100755 queries/aws_rds_db_proxy_1.yaml.bak create mode 100755 queries/aws_rds_db_proxy_2.yaml.bak create mode 100755 queries/aws_rds_db_recommendation_1.yaml.bak create mode 100755 queries/aws_rds_db_recommendation_2.yaml.bak create mode 100755 queries/aws_rds_db_recommendation_2.yaml.bak.bak create mode 100755 queries/aws_rds_db_recommendation_3.yaml.bak create mode 100755 queries/aws_rds_db_recommendation_4.yaml.bak create mode 100755 queries/aws_rds_db_recommendation_5.yaml.bak create mode 100755 queries/aws_rds_db_recommendation_6.yaml.bak create mode 100755 queries/aws_rds_db_recommendation_7.yaml.bak create mode 100755 queries/aws_rds_db_snapshot_1.yaml.bak create mode 100755 queries/aws_rds_db_snapshot_2.yaml.bak create mode 100755 queries/aws_rds_db_snapshot_3.yaml.bak create mode 100755 queries/aws_rds_db_snapshot_4.yaml.bak create mode 100755 queries/aws_rds_db_subnet_group_1.yaml.bak create mode 100755 queries/aws_rds_db_subnet_group_2.yaml.bak create mode 100755 queries/aws_rds_db_subnet_group_3.yaml.bak create mode 100755 queries/aws_rds_reserved_db_instance_1.yaml.bak create mode 100755 queries/aws_rds_reserved_db_instance_1.yaml.bak.bak create mode 100755 queries/aws_rds_reserved_db_instance_2.yaml.bak create mode 100755 queries/aws_rds_reserved_db_instance_3.yaml.bak create mode 100755 queries/aws_rds_reserved_db_instance_4.yaml.bak create mode 100755 queries/aws_rds_reserved_db_instance_5.yaml.bak create mode 100755 queries/aws_rds_reserved_db_instance_6.yaml.bak create mode 100755 queries/aws_redshift_cluster_1.yaml.bak create mode 100755 queries/aws_redshift_cluster_2.yaml.bak create mode 100755 queries/aws_redshift_cluster_2.yaml.bak.bak create mode 100755 queries/aws_redshift_cluster_3.yaml.bak create mode 100755 queries/aws_redshift_cluster_4.yaml.bak create mode 100755 queries/aws_redshift_cluster_5.yaml.bak create mode 100755 queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml.bak create mode 100755 queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml.bak create mode 100755 queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml.bak create mode 100755 queries/aws_redshift_event_subscription_1.yaml.bak create mode 100755 queries/aws_redshift_event_subscription_2.yaml.bak create mode 100755 queries/aws_redshift_event_subscription_2.yaml.bak.bak create mode 100755 queries/aws_redshift_event_subscription_3.yaml.bak create mode 100755 queries/aws_redshift_event_subscription_4.yaml.bak create mode 100755 queries/aws_redshift_parameter_group_1.yaml.bak create mode 100755 queries/aws_redshift_parameter_group_2.yaml.bak create mode 100755 queries/aws_redshift_snapshot_1.yaml.bak create mode 100755 queries/aws_redshift_snapshot_2.yaml.bak create mode 100755 queries/aws_redshift_snapshot_3.yaml.bak create mode 100755 queries/aws_redshift_snapshot_4.yaml.bak create mode 100755 queries/aws_redshift_snapshot_5.yaml.bak create mode 100755 queries/aws_redshift_snapshot_6.yaml.bak create mode 100755 queries/aws_redshift_subnet_group_1.yaml.bak create mode 100755 queries/aws_redshift_subnet_group_2.yaml.bak create mode 100755 queries/aws_redshift_subnet_group_3.yaml.bak create mode 100755 queries/aws_redshiftserverless_namespace_1.yaml.bak create mode 100755 queries/aws_redshiftserverless_namespace_2.yaml.bak create mode 100755 queries/aws_redshiftserverless_namespace_3.yaml.bak create mode 100755 queries/aws_redshiftserverless_namespace_4.yaml.bak create mode 100755 queries/aws_redshiftserverless_workgroup_1.yaml.bak create mode 100755 queries/aws_redshiftserverless_workgroup_2.yaml.bak create mode 100755 queries/aws_redshiftserverless_workgroup_3.yaml.bak create mode 100755 queries/aws_redshiftserverless_workgroup_4.yaml.bak create mode 100755 queries/aws_redshiftserverless_workgroup_5.yaml.bak create mode 100755 queries/aws_redshiftserverless_workgroup_6.yaml.bak create mode 100755 queries/aws_region_1.yaml.bak create mode 100755 queries/aws_region_2.yaml.bak create mode 100755 queries/aws_resource_explorer_index_1.yaml.bak create mode 100755 queries/aws_resource_explorer_index_2.yaml.bak create mode 100755 queries/aws_resource_explorer_search_1.yaml.bak create mode 100755 queries/aws_resource_explorer_search_2.yaml.bak create mode 100755 queries/aws_resource_explorer_search_3.yaml.bak create mode 100755 queries/aws_resource_explorer_search_4.yaml.bak create mode 100755 queries/aws_resource_explorer_search_5.yaml.bak create mode 100755 queries/aws_resource_explorer_search_6.yaml.bak create mode 100755 queries/aws_resource_explorer_search_6.yaml.bak.bak create mode 100755 queries/aws_resource_explorer_search_7.yaml.bak create mode 100755 queries/aws_resource_explorer_search_8.yaml.bak create mode 100755 queries/aws_resource_explorer_supported_resource_type_1.yaml.bak create mode 100755 queries/aws_resource_explorer_supported_resource_type_2.yaml.bak create mode 100755 queries/aws_route53_domain_1.yaml.bak create mode 100755 queries/aws_route53_domain_2.yaml.bak create mode 100755 queries/aws_route53_domain_3.yaml.bak create mode 100755 queries/aws_route53_health_check_1.yaml.bak create mode 100755 queries/aws_route53_health_check_2.yaml.bak create mode 100755 queries/aws_route53_health_check_3.yaml.bak create mode 100755 queries/aws_route53_health_check_4.yaml.bak create mode 100755 queries/aws_route53_health_check_5.yaml.bak create mode 100755 queries/aws_route53_health_check_5.yaml.bak.bak create mode 100755 queries/aws_route53_health_check_6.yaml.bak create mode 100755 queries/aws_route53_health_check_7.yaml.bak create mode 100755 queries/aws_route53_query_log_1.yaml.bak create mode 100755 queries/aws_route53_query_log_2.yaml.bak create mode 100755 queries/aws_route53_query_log_3.yaml.bak create mode 100755 queries/aws_route53_record_1.yaml.bak create mode 100755 queries/aws_route53_record_2.yaml.bak create mode 100755 queries/aws_route53_record_3.yaml.bak create mode 100755 queries/aws_route53_record_4.yaml.bak create mode 100755 queries/aws_route53_record_5.yaml.bak create mode 100755 queries/aws_route53_record_6.yaml.bak create mode 100755 queries/aws_route53_record_7.yaml.bak create mode 100755 queries/aws_route53_resolver_endpoint_1.yaml.bak create mode 100755 queries/aws_route53_resolver_endpoint_2.yaml.bak create mode 100755 queries/aws_route53_resolver_endpoint_3.yaml.bak create mode 100755 queries/aws_route53_resolver_endpoint_4.yaml.bak create mode 100755 queries/aws_route53_resolver_query_log_config_1.yaml.bak create mode 100755 queries/aws_route53_resolver_query_log_config_2.yaml.bak create mode 100755 queries/aws_route53_resolver_query_log_config_3.yaml.bak create mode 100755 queries/aws_route53_resolver_query_log_config_4.yaml.bak create mode 100755 queries/aws_route53_resolver_query_log_config_5.yaml.bak create mode 100755 queries/aws_route53_resolver_query_log_config_5.yaml.bak.bak create mode 100755 queries/aws_route53_resolver_rule_1.yaml.bak create mode 100755 queries/aws_route53_resolver_rule_2.yaml.bak create mode 100755 queries/aws_route53_resolver_rule_3.yaml.bak create mode 100755 queries/aws_route53_resolver_rule_4.yaml.bak create mode 100755 queries/aws_route53_traffic_policy_1.yaml.bak create mode 100755 queries/aws_route53_traffic_policy_2.yaml.bak create mode 100755 queries/aws_route53_traffic_policy_3.yaml.bak create mode 100755 queries/aws_route53_traffic_policy_instance_1.yaml.bak create mode 100755 queries/aws_route53_traffic_policy_instance_2.yaml.bak create mode 100755 queries/aws_route53_traffic_policy_instance_3.yaml.bak create mode 100755 queries/aws_route53_traffic_policy_instance_4.yaml.bak create mode 100755 queries/aws_route53_vpc_association_authorization_1.yaml.bak create mode 100755 queries/aws_route53_vpc_association_authorization_2.yaml.bak create mode 100755 queries/aws_route53_vpc_association_authorization_3.yaml.bak create mode 100755 queries/aws_route53_zone_1.yaml.bak create mode 100755 queries/aws_route53_zone_2.yaml.bak create mode 100755 queries/aws_route53_zone_3.yaml.bak create mode 100755 queries/aws_route53_zone_3.yaml.bak.bak create mode 100755 queries/aws_route53_zone_4.yaml.bak create mode 100755 queries/aws_route53_zone_5.yaml.bak create mode 100755 queries/aws_route53_zone_6.yaml.bak create mode 100755 queries/aws_s3_access_point_1.yaml.bak create mode 100755 queries/aws_s3_access_point_1.yaml.bak.bak create mode 100755 queries/aws_s3_access_point_2.yaml.bak create mode 100755 queries/aws_s3_access_point_3.yaml.bak create mode 100755 queries/aws_s3_access_point_4.yaml.bak create mode 100755 queries/aws_s3_access_point_5.yaml.bak create mode 100755 queries/aws_s3_bucket_1.yaml.bak create mode 100755 queries/aws_s3_bucket_10.yaml.bak create mode 100755 queries/aws_s3_bucket_11.yaml.bak create mode 100755 queries/aws_s3_bucket_12.yaml.bak create mode 100755 queries/aws_s3_bucket_13.yaml.bak create mode 100755 queries/aws_s3_bucket_2.yaml.bak create mode 100755 queries/aws_s3_bucket_3.yaml.bak create mode 100755 queries/aws_s3_bucket_4.yaml.bak create mode 100755 queries/aws_s3_bucket_5.yaml.bak create mode 100755 queries/aws_s3_bucket_6.yaml.bak create mode 100755 queries/aws_s3_bucket_6.yaml.bak.bak create mode 100755 queries/aws_s3_bucket_7.yaml.bak create mode 100755 queries/aws_s3_bucket_8.yaml.bak create mode 100755 queries/aws_s3_bucket_9.yaml.bak create mode 100755 queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml.bak create mode 100755 queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml.bak create mode 100755 queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml.bak create mode 100755 queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml.bak create mode 100755 queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml.bak create mode 100755 queries/aws_s3_multi_region_access_point_1.yaml.bak create mode 100755 queries/aws_s3_multi_region_access_point_2.yaml.bak create mode 100755 queries/aws_s3_multi_region_access_point_3.yaml.bak create mode 100755 queries/aws_s3_multi_region_access_point_4.yaml.bak create mode 100755 queries/aws_s3_multi_region_access_point_4.yaml.bak.bak create mode 100755 queries/aws_s3_multi_region_access_point_5.yaml.bak create mode 100755 queries/aws_s3_object_1.yaml.bak create mode 100755 queries/aws_s3_object_10.yaml.bak create mode 100755 queries/aws_s3_object_10.yaml.bak.bak create mode 100755 queries/aws_s3_object_11.yaml.bak create mode 100755 queries/aws_s3_object_12.yaml.bak create mode 100755 queries/aws_s3_object_13.yaml.bak create mode 100755 queries/aws_s3_object_2.yaml.bak create mode 100755 queries/aws_s3_object_3.yaml.bak create mode 100755 queries/aws_s3_object_4.yaml.bak create mode 100755 queries/aws_s3_object_4.yaml.bak.bak create mode 100755 queries/aws_s3_object_5.yaml.bak create mode 100755 queries/aws_s3_object_6.yaml.bak create mode 100755 queries/aws_s3_object_7.yaml.bak create mode 100755 queries/aws_s3_object_8.yaml.bak create mode 100755 queries/aws_s3_object_8.yaml.bak.bak create mode 100755 queries/aws_s3_object_9.yaml.bak create mode 100755 queries/aws_s3_object_version_1.yaml.bak create mode 100755 queries/aws_s3_object_version_2.yaml.bak create mode 100755 queries/aws_s3_object_version_3.yaml.bak create mode 100755 queries/aws_sagemaker_app_1.yaml.bak create mode 100755 queries/aws_sagemaker_app_2.yaml.bak create mode 100755 queries/aws_sagemaker_domain_1.yaml.bak create mode 100755 queries/aws_sagemaker_domain_2.yaml.bak create mode 100755 queries/aws_sagemaker_domain_3.yaml.bak create mode 100755 queries/aws_sagemaker_endpoint_configuration_1.yaml.bak create mode 100755 queries/aws_sagemaker_endpoint_configuration_2.yaml.bak create mode 100755 queries/aws_sagemaker_model_1.yaml.bak create mode 100755 queries/aws_sagemaker_model_2.yaml.bak create mode 100755 queries/aws_sagemaker_notebook_instance_1.yaml.bak create mode 100755 queries/aws_sagemaker_notebook_instance_2.yaml.bak create mode 100755 queries/aws_sagemaker_notebook_instance_3.yaml.bak create mode 100755 queries/aws_sagemaker_notebook_instance_4.yaml.bak create mode 100755 queries/aws_sagemaker_training_job_1.yaml.bak create mode 100755 queries/aws_sagemaker_training_job_2.yaml.bak create mode 100755 queries/aws_sagemaker_training_job_3.yaml.bak create mode 100755 queries/aws_sagemaker_training_job_3.yaml.bak.bak create mode 100755 queries/aws_secretsmanager_secret_1.yaml.bak create mode 100755 queries/aws_secretsmanager_secret_2.yaml.bak create mode 100755 queries/aws_secretsmanager_secret_3.yaml.bak create mode 100755 queries/aws_secretsmanager_secret_4.yaml.bak create mode 100755 queries/aws_secretsmanager_secret_5.yaml.bak create mode 100755 queries/aws_securityhub_action_target_1.yaml.bak create mode 100755 queries/aws_securityhub_action_target_2.yaml.bak create mode 100755 queries/aws_securityhub_enabled_product_subscription_1.yaml.bak create mode 100755 queries/aws_securityhub_enabled_product_subscription_1.yaml.bak.bak create mode 100755 queries/aws_securityhub_enabled_product_subscription_2.yaml.bak create mode 100755 queries/aws_securityhub_finding_1.yaml.bak create mode 100755 queries/aws_securityhub_finding_10.yaml.bak create mode 100755 queries/aws_securityhub_finding_10.yaml.bak.bak create mode 100755 queries/aws_securityhub_finding_11.yaml.bak create mode 100755 queries/aws_securityhub_finding_12.yaml.bak create mode 100755 queries/aws_securityhub_finding_13.yaml.bak create mode 100755 queries/aws_securityhub_finding_14.yaml.bak create mode 100755 queries/aws_securityhub_finding_15.yaml.bak create mode 100755 queries/aws_securityhub_finding_16.yaml.bak create mode 100755 queries/aws_securityhub_finding_17.yaml.bak create mode 100755 queries/aws_securityhub_finding_18.yaml.bak create mode 100755 queries/aws_securityhub_finding_19.yaml.bak create mode 100755 queries/aws_securityhub_finding_2.yaml.bak create mode 100755 queries/aws_securityhub_finding_20.yaml.bak create mode 100755 queries/aws_securityhub_finding_21.yaml.bak create mode 100755 queries/aws_securityhub_finding_22.yaml.bak create mode 100755 queries/aws_securityhub_finding_3.yaml.bak create mode 100755 queries/aws_securityhub_finding_4.yaml.bak create mode 100755 queries/aws_securityhub_finding_5.yaml.bak create mode 100755 queries/aws_securityhub_finding_6.yaml.bak create mode 100755 queries/aws_securityhub_finding_7.yaml.bak create mode 100755 queries/aws_securityhub_finding_8.yaml.bak create mode 100755 queries/aws_securityhub_finding_9.yaml.bak create mode 100755 queries/aws_securityhub_finding_aggregator_1.yaml.bak create mode 100755 queries/aws_securityhub_finding_aggregator_2.yaml.bak create mode 100755 queries/aws_securityhub_finding_aggregator_3.yaml.bak create mode 100755 queries/aws_securityhub_finding_aggregator_4.yaml.bak create mode 100755 queries/aws_securityhub_hub_1.yaml.bak create mode 100755 queries/aws_securityhub_hub_2.yaml.bak create mode 100755 queries/aws_securityhub_hub_3.yaml.bak create mode 100755 queries/aws_securityhub_hub_3.yaml.bak.bak create mode 100755 queries/aws_securityhub_insight_1.yaml.bak create mode 100755 queries/aws_securityhub_insight_10.yaml.bak create mode 100755 queries/aws_securityhub_insight_2.yaml.bak create mode 100755 queries/aws_securityhub_insight_3.yaml.bak create mode 100755 queries/aws_securityhub_insight_4.yaml.bak create mode 100755 queries/aws_securityhub_insight_5.yaml.bak create mode 100755 queries/aws_securityhub_insight_6.yaml.bak create mode 100755 queries/aws_securityhub_insight_7.yaml.bak create mode 100755 queries/aws_securityhub_insight_8.yaml.bak create mode 100755 queries/aws_securityhub_insight_9.yaml.bak create mode 100755 queries/aws_securityhub_member_1.yaml.bak create mode 100755 queries/aws_securityhub_member_2.yaml.bak create mode 100755 queries/aws_securityhub_member_3.yaml.bak create mode 100755 queries/aws_securityhub_member_4.yaml.bak create mode 100755 queries/aws_securityhub_product_1.yaml.bak create mode 100755 queries/aws_securityhub_product_2.yaml.bak create mode 100755 queries/aws_securityhub_product_3.yaml.bak create mode 100755 queries/aws_securityhub_standards_control_1.yaml.bak create mode 100755 queries/aws_securityhub_standards_control_2.yaml.bak create mode 100755 queries/aws_securityhub_standards_control_3.yaml.bak create mode 100755 queries/aws_securityhub_standards_control_4.yaml.bak create mode 100755 queries/aws_securityhub_standards_control_5.yaml.bak create mode 100755 queries/aws_securityhub_standards_control_6.yaml.bak create mode 100755 queries/aws_securityhub_standards_control_7.yaml.bak create mode 100755 queries/aws_securityhub_standards_control_8.yaml.bak create mode 100755 queries/aws_securityhub_standards_subscription_1.yaml.bak create mode 100755 queries/aws_securityhub_standards_subscription_2.yaml.bak create mode 100755 queries/aws_securityhub_standards_subscription_3.yaml.bak create mode 100755 queries/aws_securityhub_standards_subscription_4.yaml.bak create mode 100755 queries/aws_securitylake_data_lake_1.yaml.bak create mode 100755 queries/aws_securitylake_data_lake_2.yaml.bak create mode 100755 queries/aws_securitylake_data_lake_3.yaml.bak create mode 100755 queries/aws_securitylake_data_lake_4.yaml.bak create mode 100755 queries/aws_securitylake_data_lake_4.yaml.bak.bak create mode 100755 queries/aws_securitylake_subscriber_1.yaml.bak create mode 100755 queries/aws_securitylake_subscriber_2.yaml.bak create mode 100755 queries/aws_securitylake_subscriber_3.yaml.bak create mode 100755 queries/aws_securitylake_subscriber_4.yaml.bak create mode 100755 queries/aws_securitylake_subscriber_4.yaml.bak.bak create mode 100755 queries/aws_securitylake_subscriber_5.yaml.bak create mode 100755 queries/aws_serverlessapplicationrepository_application_1.yaml.bak create mode 100755 queries/aws_serverlessapplicationrepository_application_2.yaml.bak create mode 100755 queries/aws_serverlessapplicationrepository_application_3.yaml.bak create mode 100755 queries/aws_service_discovery_instance_1.yaml.bak create mode 100755 queries/aws_service_discovery_instance_2.yaml.bak create mode 100755 queries/aws_service_discovery_instance_3.yaml.bak create mode 100755 queries/aws_service_discovery_instance_4.yaml.bak create mode 100755 queries/aws_service_discovery_instance_5.yaml.bak create mode 100755 queries/aws_service_discovery_instance_5.yaml.bak.bak create mode 100755 queries/aws_service_discovery_instance_6.yaml.bak create mode 100755 queries/aws_service_discovery_namespace_1.yaml.bak create mode 100755 queries/aws_service_discovery_namespace_2.yaml.bak create mode 100755 queries/aws_service_discovery_namespace_3.yaml.bak create mode 100755 queries/aws_service_discovery_namespace_4.yaml.bak create mode 100755 queries/aws_service_discovery_namespace_5.yaml.bak create mode 100755 queries/aws_service_discovery_namespace_6.yaml.bak create mode 100755 queries/aws_service_discovery_namespace_7.yaml.bak create mode 100755 queries/aws_service_discovery_namespace_7.yaml.bak.bak create mode 100755 queries/aws_service_discovery_service_1.yaml.bak create mode 100755 queries/aws_service_discovery_service_2.yaml.bak create mode 100755 queries/aws_service_discovery_service_3.yaml.bak create mode 100755 queries/aws_service_discovery_service_4.yaml.bak create mode 100755 queries/aws_service_discovery_service_5.yaml.bak create mode 100755 queries/aws_service_discovery_service_6.yaml.bak create mode 100755 queries/aws_service_discovery_service_7.yaml.bak create mode 100755 queries/aws_service_discovery_service_8.yaml.bak create mode 100755 queries/aws_servicecatalog_portfolio_1.yaml.bak create mode 100755 queries/aws_servicecatalog_portfolio_2.yaml.bak create mode 100755 queries/aws_servicecatalog_portfolio_3.yaml.bak create mode 100755 queries/aws_servicecatalog_portfolio_4.yaml.bak create mode 100755 queries/aws_servicecatalog_product_1.yaml.bak create mode 100755 queries/aws_servicecatalog_product_2.yaml.bak create mode 100755 queries/aws_servicecatalog_product_3.yaml.bak create mode 100755 queries/aws_servicecatalog_product_4.yaml.bak create mode 100755 queries/aws_servicecatalog_product_5.yaml.bak create mode 100755 queries/aws_servicecatalog_product_6.yaml.bak create mode 100755 queries/aws_servicecatalog_provisioned_product_1.yaml.bak create mode 100755 queries/aws_servicecatalog_provisioned_product_2.yaml.bak create mode 100755 queries/aws_servicecatalog_provisioned_product_3.yaml.bak create mode 100755 queries/aws_servicecatalog_provisioned_product_4.yaml.bak create mode 100755 queries/aws_servicecatalog_provisioned_product_5.yaml.bak create mode 100755 queries/aws_servicequotas_default_service_quota_1.yaml.bak create mode 100755 queries/aws_servicequotas_default_service_quota_2.yaml.bak create mode 100755 queries/aws_servicequotas_default_service_quota_3.yaml.bak create mode 100755 queries/aws_servicequotas_service_1.yaml.bak create mode 100755 queries/aws_servicequotas_service_2.yaml.bak create mode 100755 queries/aws_servicequotas_service_quota_1.yaml.bak create mode 100755 queries/aws_servicequotas_service_quota_2.yaml.bak create mode 100755 queries/aws_servicequotas_service_quota_3.yaml.bak create mode 100755 queries/aws_servicequotas_service_quota_change_request_1.yaml.bak create mode 100755 queries/aws_servicequotas_service_quota_change_request_2.yaml.bak create mode 100755 queries/aws_servicequotas_service_quota_change_request_3.yaml.bak create mode 100755 queries/aws_ses_domain_identity_1.yaml.bak create mode 100755 queries/aws_ses_domain_identity_2.yaml.bak create mode 100755 queries/aws_ses_email_identity_1.yaml.bak create mode 100755 queries/aws_ses_email_identity_2.yaml.bak create mode 100755 queries/aws_sfn_state_machine_1.yaml.bak create mode 100755 queries/aws_sfn_state_machine_2.yaml.bak create mode 100755 queries/aws_sfn_state_machine_execution_1.yaml.bak create mode 100755 queries/aws_sfn_state_machine_execution_2.yaml.bak create mode 100755 queries/aws_sfn_state_machine_execution_history_1.yaml.bak create mode 100755 queries/aws_sfn_state_machine_execution_history_2.yaml.bak create mode 100755 queries/aws_simspaceweaver_simulation_1.yaml.bak create mode 100755 queries/aws_simspaceweaver_simulation_2.yaml.bak create mode 100755 queries/aws_simspaceweaver_simulation_3.yaml.bak create mode 100755 queries/aws_simspaceweaver_simulation_4.yaml.bak create mode 100755 queries/aws_simspaceweaver_simulation_5.yaml.bak create mode 100755 queries/aws_sns_subscription_1.yaml.bak create mode 100755 queries/aws_sns_subscription_2.yaml.bak create mode 100755 queries/aws_sns_subscription_3.yaml.bak create mode 100755 queries/aws_sns_topic_1.yaml.bak create mode 100755 queries/aws_sns_topic_2.yaml.bak create mode 100755 queries/aws_sns_topic_3.yaml.bak create mode 100755 queries/aws_sns_topic_4.yaml.bak create mode 100755 queries/aws_sns_topic_5.yaml.bak create mode 100755 queries/aws_sns_topic_6.yaml.bak create mode 100755 queries/aws_sns_topic_7.yaml.bak create mode 100755 queries/aws_sns_topic_subscription_1.yaml.bak create mode 100755 queries/aws_sns_topic_subscription_2.yaml.bak create mode 100755 queries/aws_sns_topic_subscription_3.yaml.bak create mode 100755 queries/aws_sqs_queue_1.yaml.bak create mode 100755 queries/aws_sqs_queue_10.yaml.bak create mode 100755 queries/aws_sqs_queue_2.yaml.bak create mode 100755 queries/aws_sqs_queue_3.yaml.bak create mode 100755 queries/aws_sqs_queue_4.yaml.bak create mode 100755 queries/aws_sqs_queue_5.yaml.bak create mode 100755 queries/aws_sqs_queue_6.yaml.bak create mode 100755 queries/aws_sqs_queue_7.yaml.bak create mode 100755 queries/aws_sqs_queue_8.yaml.bak create mode 100755 queries/aws_sqs_queue_9.yaml.bak create mode 100755 queries/aws_ssm_association_1.yaml.bak create mode 100755 queries/aws_ssm_association_2.yaml.bak create mode 100755 queries/aws_ssm_association_3.yaml.bak create mode 100755 queries/aws_ssm_association_4.yaml.bak create mode 100755 queries/aws_ssm_document_1.yaml.bak create mode 100755 queries/aws_ssm_document_2.yaml.bak create mode 100755 queries/aws_ssm_document_2.yaml.bak.bak create mode 100755 queries/aws_ssm_document_3.yaml.bak create mode 100755 queries/aws_ssm_document_4.yaml.bak create mode 100755 queries/aws_ssm_document_5.yaml.bak create mode 100755 queries/aws_ssm_document_permission_1.yaml.bak create mode 100755 queries/aws_ssm_document_permission_2.yaml.bak create mode 100755 queries/aws_ssm_inventory_1.yaml.bak create mode 100755 queries/aws_ssm_inventory_1.yaml.bak.bak create mode 100755 queries/aws_ssm_inventory_2.yaml.bak create mode 100755 queries/aws_ssm_inventory_3.yaml.bak create mode 100755 queries/aws_ssm_inventory_4.yaml.bak create mode 100755 queries/aws_ssm_inventory_5.yaml.bak create mode 100755 queries/aws_ssm_inventory_entry_1.yaml.bak create mode 100755 queries/aws_ssm_inventory_entry_2.yaml.bak create mode 100755 queries/aws_ssm_inventory_entry_3.yaml.bak create mode 100755 queries/aws_ssm_inventory_entry_4.yaml.bak create mode 100755 queries/aws_ssm_inventory_entry_5.yaml.bak create mode 100755 queries/aws_ssm_maintenance_window_1.yaml.bak create mode 100755 queries/aws_ssm_maintenance_window_2.yaml.bak create mode 100755 queries/aws_ssm_maintenance_window_3.yaml.bak create mode 100755 queries/aws_ssm_maintenance_window_4.yaml.bak create mode 100755 queries/aws_ssm_maintenance_window_4.yaml.bak.bak create mode 100755 queries/aws_ssm_managed_instance_1.yaml.bak create mode 100755 queries/aws_ssm_managed_instance_2.yaml.bak create mode 100755 queries/aws_ssm_managed_instance_2.yaml.bak.bak create mode 100755 queries/aws_ssm_managed_instance_3.yaml.bak create mode 100755 queries/aws_ssm_managed_instance_compliance_1.yaml.bak create mode 100755 queries/aws_ssm_managed_instance_compliance_2.yaml.bak create mode 100755 queries/aws_ssm_managed_instance_compliance_3.yaml.bak create mode 100755 queries/aws_ssm_managed_instance_compliance_4.yaml.bak create mode 100755 queries/aws_ssm_managed_instance_patch_state_1.yaml.bak create mode 100755 queries/aws_ssm_managed_instance_patch_state_2.yaml.bak create mode 100755 queries/aws_ssm_managed_instance_patch_state_3.yaml.bak create mode 100755 queries/aws_ssm_managed_instance_patch_state_4.yaml.bak create mode 100755 queries/aws_ssm_managed_instance_patch_state_5.yaml.bak create mode 100755 queries/aws_ssm_managed_instance_patch_state_6.yaml.bak create mode 100755 queries/aws_ssm_parameter_1.yaml.bak create mode 100755 queries/aws_ssm_parameter_2.yaml.bak create mode 100755 queries/aws_ssm_parameter_3.yaml.bak create mode 100755 queries/aws_ssm_patch_baseline_1.yaml.bak create mode 100755 queries/aws_ssm_patch_baseline_2.yaml.bak create mode 100755 queries/aws_ssm_patch_baseline_3.yaml.bak create mode 100755 queries/aws_ssm_patch_baseline_4.yaml.bak create mode 100755 queries/aws_ssmincidents_response_plan_1.yaml.bak create mode 100755 queries/aws_ssmincidents_response_plan_2.yaml.bak create mode 100755 queries/aws_ssmincidents_response_plan_3.yaml.bak create mode 100755 queries/aws_ssmincidents_response_plan_4.yaml.bak create mode 100755 queries/aws_ssmincidents_response_plan_5.yaml.bak create mode 100755 queries/aws_ssoadmin_account_assignment_1.yaml.bak create mode 100755 queries/aws_ssoadmin_account_assignment_2.yaml.bak create mode 100755 queries/aws_ssoadmin_instance_1.yaml.bak create mode 100755 queries/aws_ssoadmin_managed_policy_attachment_1.yaml.bak create mode 100755 queries/aws_ssoadmin_permission_set_1.yaml.bak create mode 100755 queries/aws_sts_caller_identity_1.yaml.bak create mode 100755 queries/aws_sts_caller_identity_2.yaml.bak create mode 100755 queries/aws_sts_caller_identity_3.yaml.bak create mode 100755 queries/aws_tagging_resource_1.yaml.bak create mode 100755 queries/aws_tagging_resource_1.yaml.bak.bak create mode 100755 queries/aws_tagging_resource_2.yaml.bak create mode 100755 queries/aws_timestreamwrite_database_1.yaml.bak create mode 100755 queries/aws_timestreamwrite_database_2.yaml.bak create mode 100755 queries/aws_timestreamwrite_database_3.yaml.bak create mode 100755 queries/aws_timestreamwrite_database_3.yaml.bak.bak create mode 100755 queries/aws_timestreamwrite_database_4.yaml.bak create mode 100755 queries/aws_timestreamwrite_database_5.yaml.bak create mode 100755 queries/aws_timestreamwrite_table_1.yaml.bak create mode 100755 queries/aws_timestreamwrite_table_2.yaml.bak create mode 100755 queries/aws_timestreamwrite_table_3.yaml.bak create mode 100755 queries/aws_timestreamwrite_table_4.yaml.bak create mode 100755 queries/aws_timestreamwrite_table_5.yaml.bak create mode 100755 queries/aws_timestreamwrite_table_5.yaml.bak.bak create mode 100755 queries/aws_timestreamwrite_table_6.yaml.bak create mode 100755 queries/aws_transfer_server_1.yaml.bak create mode 100755 queries/aws_transfer_server_2.yaml.bak create mode 100755 queries/aws_transfer_server_3.yaml.bak create mode 100755 queries/aws_transfer_server_4.yaml.bak create mode 100755 queries/aws_transfer_server_4.yaml.bak.bak create mode 100755 queries/aws_transfer_server_5.yaml.bak create mode 100755 queries/aws_transfer_server_6.yaml.bak create mode 100755 queries/aws_transfer_user_1.yaml.bak create mode 100755 queries/aws_transfer_user_2.yaml.bak create mode 100755 queries/aws_transfer_user_3.yaml.bak create mode 100755 queries/aws_transfer_user_4.yaml.bak create mode 100755 queries/aws_trusted_advisor_check_summary_1.yaml.bak create mode 100755 queries/aws_trusted_advisor_check_summary_2.yaml.bak create mode 100755 queries/aws_trusted_advisor_check_summary_3.yaml.bak create mode 100755 queries/aws_trusted_advisor_check_summary_4.yaml.bak create mode 100755 queries/aws_vpc_1.yaml.bak create mode 100755 queries/aws_vpc_2.yaml.bak create mode 100755 queries/aws_vpc_3.yaml.bak create mode 100755 queries/aws_vpc_customer_gateway_1.yaml.bak create mode 100755 queries/aws_vpc_customer_gateway_2.yaml.bak create mode 100755 queries/aws_vpc_dhcp_options_1.yaml.bak create mode 100755 queries/aws_vpc_dhcp_options_2.yaml.bak create mode 100755 queries/aws_vpc_dhcp_options_3.yaml.bak create mode 100755 queries/aws_vpc_egress_only_internet_gateway_1.yaml.bak create mode 100755 queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak create mode 100755 queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak.bak create mode 100755 queries/aws_vpc_egress_only_internet_gateway_3.yaml.bak create mode 100755 queries/aws_vpc_eip_1.yaml.bak create mode 100755 queries/aws_vpc_eip_2.yaml.bak create mode 100755 queries/aws_vpc_eip_address_transfer_1.yaml.bak create mode 100755 queries/aws_vpc_eip_address_transfer_2.yaml.bak create mode 100755 queries/aws_vpc_eip_address_transfer_3.yaml.bak create mode 100755 queries/aws_vpc_eip_address_transfer_4.yaml.bak create mode 100755 queries/aws_vpc_endpoint_1.yaml.bak create mode 100755 queries/aws_vpc_endpoint_2.yaml.bak create mode 100755 queries/aws_vpc_endpoint_3.yaml.bak create mode 100755 queries/aws_vpc_endpoint_4.yaml.bak create mode 100755 queries/aws_vpc_endpoint_4.yaml.bak.bak create mode 100755 queries/aws_vpc_endpoint_5.yaml.bak create mode 100755 queries/aws_vpc_endpoint_service_1.yaml.bak create mode 100755 queries/aws_vpc_endpoint_service_2.yaml.bak create mode 100755 queries/aws_vpc_endpoint_service_3.yaml.bak create mode 100755 queries/aws_vpc_endpoint_service_4.yaml.bak create mode 100755 queries/aws_vpc_endpoint_service_5.yaml.bak create mode 100755 queries/aws_vpc_endpoint_service_6.yaml.bak create mode 100755 queries/aws_vpc_endpoint_service_6.yaml.bak.bak create mode 100755 queries/aws_vpc_endpoint_service_7.yaml.bak create mode 100755 queries/aws_vpc_flow_log_1.yaml.bak create mode 100755 queries/aws_vpc_flow_log_2.yaml.bak create mode 100755 queries/aws_vpc_flow_log_3.yaml.bak create mode 100755 queries/aws_vpc_flow_log_4.yaml.bak create mode 100755 queries/aws_vpc_flow_log_event_1.yaml.bak create mode 100755 queries/aws_vpc_flow_log_event_2.yaml.bak create mode 100755 queries/aws_vpc_flow_log_event_3.yaml.bak create mode 100755 queries/aws_vpc_flow_log_event_4.yaml.bak create mode 100755 queries/aws_vpc_flow_log_event_4.yaml.bak.bak create mode 100755 queries/aws_vpc_flow_log_event_5.yaml.bak create mode 100755 queries/aws_vpc_flow_log_event_6.yaml.bak create mode 100755 queries/aws_vpc_internet_gateway_1.yaml.bak create mode 100755 queries/aws_vpc_internet_gateway_2.yaml.bak create mode 100755 queries/aws_vpc_internet_gateway_2.yaml.bak.bak create mode 100755 queries/aws_vpc_nat_gateway_1.yaml.bak create mode 100755 queries/aws_vpc_nat_gateway_2.yaml.bak create mode 100755 queries/aws_vpc_nat_gateway_3.yaml.bak create mode 100755 queries/aws_vpc_nat_gateway_4.yaml.bak create mode 100755 queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml.bak create mode 100755 queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml.bak create mode 100755 queries/aws_vpc_network_acl_1.yaml.bak create mode 100755 queries/aws_vpc_network_acl_2.yaml.bak create mode 100755 queries/aws_vpc_network_acl_3.yaml.bak create mode 100755 queries/aws_vpc_peering_connection_1.yaml.bak create mode 100755 queries/aws_vpc_peering_connection_2.yaml.bak create mode 100755 queries/aws_vpc_peering_connection_3.yaml.bak create mode 100755 queries/aws_vpc_peering_connection_4.yaml.bak create mode 100755 queries/aws_vpc_peering_connection_4.yaml.bak.bak create mode 100755 queries/aws_vpc_peering_connection_5.yaml.bak create mode 100755 queries/aws_vpc_peering_connection_6.yaml.bak create mode 100755 queries/aws_vpc_peering_connection_7.yaml.bak create mode 100755 queries/aws_vpc_peering_connection_8.yaml.bak create mode 100755 queries/aws_vpc_peering_connection_8.yaml.bak.bak create mode 100755 queries/aws_vpc_peering_connection_9.yaml.bak create mode 100755 queries/aws_vpc_route_1.yaml.bak create mode 100755 queries/aws_vpc_route_2.yaml.bak create mode 100755 queries/aws_vpc_route_3.yaml.bak create mode 100755 queries/aws_vpc_route_table_1.yaml.bak create mode 100755 queries/aws_vpc_route_table_2.yaml.bak create mode 100755 queries/aws_vpc_route_table_2.yaml.bak.bak create mode 100755 queries/aws_vpc_route_table_3.yaml.bak create mode 100755 queries/aws_vpc_security_group_1.yaml.bak create mode 100755 queries/aws_vpc_security_group_2.yaml.bak create mode 100755 queries/aws_vpc_security_group_2.yaml.bak.bak create mode 100755 queries/aws_vpc_security_group_3.yaml.bak create mode 100755 queries/aws_vpc_security_group_4.yaml.bak create mode 100755 queries/aws_vpc_security_group_rule_1.yaml.bak create mode 100755 queries/aws_vpc_security_group_rule_2.yaml.bak create mode 100755 queries/aws_vpc_security_group_rule_3.yaml.bak create mode 100755 queries/aws_vpc_subnet_1.yaml.bak create mode 100755 queries/aws_vpc_subnet_2.yaml.bak create mode 100755 queries/aws_vpc_subnet_3.yaml.bak create mode 100755 queries/aws_vpc_subnet_4.yaml.bak create mode 100755 queries/aws_vpc_subnet_5.yaml.bak create mode 100755 queries/aws_vpc_verified_access_endpoint_1.yaml.bak create mode 100755 queries/aws_vpc_verified_access_endpoint_2.yaml.bak create mode 100755 queries/aws_vpc_verified_access_endpoint_3.yaml.bak create mode 100755 queries/aws_vpc_verified_access_endpoint_4.yaml.bak create mode 100755 queries/aws_vpc_verified_access_endpoint_5.yaml.bak create mode 100755 queries/aws_vpc_verified_access_endpoint_6.yaml.bak create mode 100755 queries/aws_vpc_verified_access_endpoint_6.yaml.bak.bak create mode 100755 queries/aws_vpc_verified_access_endpoint_7.yaml.bak create mode 100755 queries/aws_vpc_verified_access_group_1.yaml.bak create mode 100755 queries/aws_vpc_verified_access_group_2.yaml.bak create mode 100755 queries/aws_vpc_verified_access_group_3.yaml.bak create mode 100755 queries/aws_vpc_verified_access_group_4.yaml.bak create mode 100755 queries/aws_vpc_verified_access_group_4.yaml.bak.bak create mode 100755 queries/aws_vpc_verified_access_instance_1.yaml.bak create mode 100755 queries/aws_vpc_verified_access_instance_2.yaml.bak create mode 100755 queries/aws_vpc_verified_access_instance_3.yaml.bak create mode 100755 queries/aws_vpc_verified_access_trust_provider_1.yaml.bak create mode 100755 queries/aws_vpc_verified_access_trust_provider_2.yaml.bak create mode 100755 queries/aws_vpc_verified_access_trust_provider_3.yaml.bak create mode 100755 queries/aws_vpc_vpn_connection_1.yaml.bak create mode 100755 queries/aws_vpc_vpn_connection_2.yaml.bak create mode 100755 queries/aws_vpc_vpn_connection_3.yaml.bak create mode 100755 queries/aws_vpc_vpn_gateway_1.yaml.bak create mode 100755 queries/aws_vpc_vpn_gateway_2.yaml.bak create mode 100755 queries/aws_vpc_vpn_gateway_3.yaml.bak create mode 100755 queries/aws_waf_rate_based_rule_1.yaml.bak create mode 100755 queries/aws_waf_rate_based_rule_2.yaml.bak create mode 100755 queries/aws_waf_rule_1.yaml.bak create mode 100755 queries/aws_waf_rule_2.yaml.bak create mode 100755 queries/aws_waf_rule_group_1.yaml.bak create mode 100755 queries/aws_waf_rule_group_1.yaml.bak.bak create mode 100755 queries/aws_waf_rule_group_2.yaml.bak create mode 100755 queries/aws_waf_rule_group_3.yaml.bak create mode 100755 queries/aws_waf_web_acl_1.yaml.bak create mode 100755 queries/aws_waf_web_acl_2.yaml.bak create mode 100755 queries/aws_waf_web_acl_3.yaml.bak create mode 100755 queries/aws_waf_web_acl_4.yaml.bak create mode 100755 queries/aws_waf_web_acl_5.yaml.bak create mode 100755 queries/aws_wafregional_rule_1.yaml.bak create mode 100755 queries/aws_wafregional_rule_1.yaml.bak.bak create mode 100755 queries/aws_wafregional_rule_2.yaml.bak create mode 100755 queries/aws_wafregional_rule_group_1.yaml.bak create mode 100755 queries/aws_wafregional_rule_group_2.yaml.bak create mode 100755 queries/aws_wafregional_rule_group_3.yaml.bak create mode 100755 queries/aws_wafregional_web_acl_1.yaml.bak create mode 100755 queries/aws_wafregional_web_acl_2.yaml.bak create mode 100755 queries/aws_wafregional_web_acl_3.yaml.bak create mode 100755 queries/aws_wafregional_web_acl_4.yaml.bak create mode 100755 queries/aws_wafregional_web_acl_5.yaml.bak create mode 100755 queries/aws_wafv2_ip_set_1.yaml.bak create mode 100755 queries/aws_wafv2_ip_set_2.yaml.bak create mode 100755 queries/aws_wafv2_ip_set_3.yaml.bak create mode 100755 queries/aws_wafv2_ip_set_3.yaml.bak.bak create mode 100755 queries/aws_wafv2_ip_set_4.yaml.bak create mode 100755 queries/aws_wafv2_regex_pattern_set_1.yaml.bak create mode 100755 queries/aws_wafv2_regex_pattern_set_2.yaml.bak create mode 100755 queries/aws_wafv2_regex_pattern_set_3.yaml.bak create mode 100755 queries/aws_wafv2_rule_group_1.yaml.bak create mode 100755 queries/aws_wafv2_rule_group_2.yaml.bak create mode 100755 queries/aws_wafv2_rule_group_3.yaml.bak create mode 100755 queries/aws_wafv2_web_acl_1.yaml.bak create mode 100755 queries/aws_wafv2_web_acl_2.yaml.bak create mode 100755 queries/aws_wafv2_web_acl_3.yaml.bak create mode 100755 queries/aws_wafv2_web_acl_4.yaml.bak create mode 100755 queries/aws_wafv2_web_acl_5.yaml.bak create mode 100755 queries/aws_wafv2_web_acl_6.yaml.bak create mode 100755 queries/aws_wafv2_web_acl_7.yaml.bak create mode 100755 queries/aws_wellarchitected_answer_1.yaml.bak create mode 100755 queries/aws_wellarchitected_answer_2.yaml.bak create mode 100755 queries/aws_wellarchitected_answer_3.yaml.bak create mode 100755 queries/aws_wellarchitected_answer_4.yaml.bak create mode 100755 queries/aws_wellarchitected_answer_5.yaml.bak create mode 100755 queries/aws_wellarchitected_answer_6.yaml.bak create mode 100755 queries/aws_wellarchitected_answer_7.yaml.bak create mode 100755 queries/aws_wellarchitected_check_detail_1.yaml.bak create mode 100755 queries/aws_wellarchitected_check_detail_2.yaml.bak create mode 100755 queries/aws_wellarchitected_check_detail_3.yaml.bak create mode 100755 queries/aws_wellarchitected_check_detail_4.yaml.bak create mode 100755 queries/aws_wellarchitected_check_detail_5.yaml.bak create mode 100755 queries/aws_wellarchitected_check_detail_6.yaml.bak create mode 100755 queries/aws_wellarchitected_check_detail_6.yaml.bak.bak create mode 100755 queries/aws_wellarchitected_check_summary_1.yaml.bak create mode 100755 queries/aws_wellarchitected_check_summary_2.yaml.bak create mode 100755 queries/aws_wellarchitected_check_summary_3.yaml.bak create mode 100755 queries/aws_wellarchitected_check_summary_4.yaml.bak create mode 100755 queries/aws_wellarchitected_check_summary_5.yaml.bak create mode 100755 queries/aws_wellarchitected_consolidated_report_1.yaml.bak create mode 100755 queries/aws_wellarchitected_consolidated_report_2.yaml.bak create mode 100755 queries/aws_wellarchitected_consolidated_report_2.yaml.bak.bak create mode 100755 queries/aws_wellarchitected_consolidated_report_3.yaml.bak create mode 100755 queries/aws_wellarchitected_consolidated_report_4.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_1.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_2.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_3.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_4.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_5.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_5.yaml.bak.bak create mode 100755 queries/aws_wellarchitected_lens_6.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_review_1.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_review_2.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_review_3.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_review_4.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_review_5.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_review_5.yaml.bak.bak create mode 100755 queries/aws_wellarchitected_lens_review_6.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_review_improvement_1.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_review_improvement_2.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_review_improvement_3.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_review_improvement_4.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_review_report_1.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_review_report_2.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_review_report_3.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_share_1.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_share_2.yaml.bak create mode 100755 queries/aws_wellarchitected_lens_share_3.yaml.bak create mode 100755 queries/aws_wellarchitected_milestone_1.yaml.bak create mode 100755 queries/aws_wellarchitected_milestone_2.yaml.bak create mode 100755 queries/aws_wellarchitected_milestone_3.yaml.bak create mode 100755 queries/aws_wellarchitected_milestone_4.yaml.bak create mode 100755 queries/aws_wellarchitected_notification_1.yaml.bak create mode 100755 queries/aws_wellarchitected_notification_2.yaml.bak create mode 100755 queries/aws_wellarchitected_notification_3.yaml.bak create mode 100755 queries/aws_wellarchitected_share_invitation_1.yaml.bak create mode 100755 queries/aws_wellarchitected_share_invitation_2.yaml.bak create mode 100755 queries/aws_wellarchitected_share_invitation_3.yaml.bak create mode 100755 queries/aws_wellarchitected_share_invitation_4.yaml.bak create mode 100755 queries/aws_wellarchitected_share_invitation_5.yaml.bak create mode 100755 queries/aws_wellarchitected_share_invitation_6.yaml.bak create mode 100755 queries/aws_wellarchitected_share_invitation_6.yaml.bak.bak create mode 100755 queries/aws_wellarchitected_workload_1.yaml.bak create mode 100755 queries/aws_wellarchitected_workload_2.yaml.bak create mode 100755 queries/aws_wellarchitected_workload_3.yaml.bak create mode 100755 queries/aws_wellarchitected_workload_4.yaml.bak create mode 100755 queries/aws_wellarchitected_workload_4.yaml.bak.bak create mode 100755 queries/aws_wellarchitected_workload_share_1.yaml.bak create mode 100755 queries/aws_wellarchitected_workload_share_2.yaml.bak create mode 100755 queries/aws_wellarchitected_workload_share_3.yaml.bak create mode 100755 queries/aws_wellarchitected_workload_share_3.yaml.bak.bak create mode 100755 queries/aws_wellarchitected_workload_share_4.yaml.bak create mode 100755 queries/aws_workspaces_directory_1.yaml.bak create mode 100755 queries/aws_workspaces_directory_2.yaml.bak create mode 100755 queries/aws_workspaces_directory_3.yaml.bak create mode 100755 queries/aws_workspaces_directory_4.yaml.bak create mode 100755 queries/aws_workspaces_directory_4.yaml.bak.bak create mode 100755 queries/aws_workspaces_directory_5.yaml.bak create mode 100755 queries/aws_workspaces_directory_6.yaml.bak create mode 100755 queries/aws_workspaces_directory_7.yaml.bak create mode 100755 queries/aws_workspaces_directory_8.yaml.bak create mode 100755 queries/aws_workspaces_directory_8.yaml.bak.bak create mode 100755 queries/aws_workspaces_workspace_1.yaml.bak create mode 100755 queries/aws_workspaces_workspace_2.yaml.bak create mode 100755 queries/bulk_update_yaml.sh.bak create mode 100755 queries/cloud_managed_software.yaml.bak create mode 100755 queries/cloud_networks.yaml.bak create mode 100755 queries/container_workload.yaml.bak create mode 100755 queries/database_workload.yaml.bak create mode 100755 queries/devops.yaml.bak create mode 100644 queries/error_files.log.bak create mode 100644 queries/error_messages.log.bak create mode 100755 queries/keys_and_secrets.yaml.bak create mode 100755 queries/kubernetes_clusters.yaml.bak create mode 100755 queries/load_balancers.yaml.bak create mode 100755 queries/network_&_file_stores.yaml.bak create mode 100755 queries/object_stores.yaml.bak create mode 100644 queries/processed_files.log.bak create mode 100755 queries/server_workload.yaml.bak create mode 100755 queries/snapshots_&_backup_media.yaml.bak diff --git a/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml b/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml index 81f5c71e3..328d4b6ec 100755 --- a/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml +++ b/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml @@ -1,7 +1,7 @@ ID: aws_insight_lambda_function_not_cmk_encrypted Title: "Unencrypted Lambda" Description: "List of lambda functions which are not encrypted with CMK" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml.bak b/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml.bak new file mode 100755 index 000000000..81f5c71e3 --- /dev/null +++ b/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml.bak @@ -0,0 +1,22 @@ +ID: aws_insight_lambda_function_not_cmk_encrypted +Title: "Unencrypted Lambda" +Description: "List of lambda functions which are not encrypted with CMK" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + kms_key_arn, account_id, og_account_id, og_resource_id + from + aws_lambda_function + where + kms_key_arn is null; + PrimaryTable: aws_lambda_function + ListOfTables: + - aws_lambda_function + Parameters: [] +Tags: + category: + - Security diff --git a/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml b/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml index 6d7a14003..a4574191b 100755 --- a/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml +++ b/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml @@ -1,7 +1,7 @@ ID: aws_insight_acm_certificate_transparency_logging_disabled Title: "Certificates with no Logging" Description: "List certificates for which transparency logging is disabled" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml.bak b/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml.bak new file mode 100755 index 000000000..6d7a14003 --- /dev/null +++ b/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml.bak @@ -0,0 +1,21 @@ +ID: aws_insight_acm_certificate_transparency_logging_disabled +Title: "Certificates with no Logging" +Description: "List certificates for which transparency logging is disabled" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select certificate_arn, domain_name, status, account_id, og_account_id, og_resource_id from + aws_acm_certificate + where + certificate_transparency_logging_preference <> 'ENABLED'; + PrimaryTable: aws_acm_certificate + ListOfTables: + - aws_acm_certificate + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Resiliency diff --git a/queries/11-aws_insight_acm_certificate_expired.yaml b/queries/11-aws_insight_acm_certificate_expired.yaml index c0de5b269..a437ca212 100755 --- a/queries/11-aws_insight_acm_certificate_expired.yaml +++ b/queries/11-aws_insight_acm_certificate_expired.yaml @@ -1,7 +1,7 @@ ID: aws_insight_acm_certificate_expired Title: "Expired Certificates" Description: "List of expired certificates" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/11-aws_insight_acm_certificate_expired.yaml.bak b/queries/11-aws_insight_acm_certificate_expired.yaml.bak new file mode 100755 index 000000000..c0de5b269 --- /dev/null +++ b/queries/11-aws_insight_acm_certificate_expired.yaml.bak @@ -0,0 +1,22 @@ +ID: aws_insight_acm_certificate_expired +Title: "Expired Certificates" +Description: "List of expired certificates" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select certificate_arn, domain_name, status, account_id, og_account_id, og_resource_id from + aws_acm_certificate + where + status = 'EXPIRED'; + PrimaryTable: aws_acm_certificate + ListOfTables: + - aws_acm_certificate + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Resiliency + - Cost Management diff --git a/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml b/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml index 8fe7f3e6f..8328bdb7b 100755 --- a/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml +++ b/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml @@ -1,7 +1,7 @@ ID: aws_insight_ebs_snapshot_older_than_year Title: "Snapshots older than a year" Description: "List Snapshots older than 365 days" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml.bak b/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml.bak new file mode 100755 index 000000000..8fe7f3e6f --- /dev/null +++ b/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml.bak @@ -0,0 +1,17 @@ +ID: aws_insight_ebs_snapshot_older_than_year +Title: "Snapshots older than a year" +Description: "List Snapshots older than 365 days" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: SELECT snapshot_id, arn, start_time, account_id, og_account_id, og_resource_id FROM aws_ebs_snapshot WHERE start_time < now() - interval '1 year'; + PrimaryTable: aws_ebs_snapshot + ListOfTables: + - aws_ebs_snapshot + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Cost Management diff --git a/queries/13-aws_insight_ec2_classic_load_balancer.yaml b/queries/13-aws_insight_ec2_classic_load_balancer.yaml index a72d34a16..8afff1f2d 100755 --- a/queries/13-aws_insight_ec2_classic_load_balancer.yaml +++ b/queries/13-aws_insight_ec2_classic_load_balancer.yaml @@ -1,7 +1,7 @@ ID: aws_insight_ec2_classic_load_balancer Title: "Classic Load Balancers" Description: "List all Classic Load Balancer. Link here." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/13-aws_insight_ec2_classic_load_balancer.yaml.bak b/queries/13-aws_insight_ec2_classic_load_balancer.yaml.bak new file mode 100755 index 000000000..a72d34a16 --- /dev/null +++ b/queries/13-aws_insight_ec2_classic_load_balancer.yaml.bak @@ -0,0 +1,21 @@ +ID: aws_insight_ec2_classic_load_balancer +Title: "Classic Load Balancers" +Description: "List all Classic Load Balancer. Link here." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: SELECT name, arn, account_id, og_account_id, og_resource_id FROM aws_ec2_classic_load_balancer + PrimaryTable: aws_ec2_classic_load_balancer + ListOfTables: + - aws_ec2_classic_load_balancer + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Resiliency + persona: + - Executive + - Product + - FinOps diff --git a/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml b/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml index 943bda927..2178c1670 100755 --- a/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml +++ b/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml @@ -1,7 +1,7 @@ ID: aws_insight_elb_classic_lb_use_ssl_certificate Title: "Load Balancers with no SSL" Description: "List all Load Balancers with out SSL" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml.bak b/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml.bak new file mode 100755 index 000000000..943bda927 --- /dev/null +++ b/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml.bak @@ -0,0 +1,45 @@ +ID: aws_insight_elb_classic_lb_use_ssl_certificate +Title: "Load Balancers with no SSL" +Description: "List all Load Balancers with out SSL" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with detailed_classic_listeners as ( + select + name + from + aws_ec2_classic_load_balancer, + jsonb_array_elements(listener_descriptions) as listener_description + where + listener_description -> 'Listener' ->> 'Protocol' in ('HTTPS', 'SSL', 'TLS') + and listener_description -> 'Listener' ->> 'SSLCertificateId' like 'arn:aws:acm%' + ) + select + -- Required Columns + 'arn:' || a.partition || ':elasticloadbalancing:' || a.region || ':' || a.account_id || ':loadbalancer/' || a.name as resource, + case + when a.listener_descriptions is null then 'skip' + when b.name is not null then 'alarm' + else 'ok' + end as status, + case + when a.listener_descriptions is null then a.title || ' has no listener.' + when b.name is not null then a.title || ' does not use certificates provided by ACM.' + else a.title || ' uses certificates provided by ACM.' + end as reason, + -- Additional Dimensions + region, + account_id, og_account_id, og_resource_id + from + aws_ec2_classic_load_balancer as a + left join detailed_classic_listeners as b on a.name = b.name; + PrimaryTable: aws_ec2_classic_load_balancer + ListOfTables: + - aws_ec2_classic_load_balancer + Parameters: [] +Tags: + category: + - Security + - Technical Debt diff --git a/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml b/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml index 6213d0d23..05eef7584 100755 --- a/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml +++ b/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml @@ -1,7 +1,7 @@ ID: aws_insight_elb_application_lb_waf_enabled Title: "Load Balancers with no WAF" Description: "List all ELB with no WAF." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml.bak b/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml.bak new file mode 100755 index 000000000..6213d0d23 --- /dev/null +++ b/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_insight_elb_application_lb_waf_enabled +Title: "Load Balancers with no WAF" +Description: "List all ELB with no WAF." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + -- Required Columns + arn as resource, account_id, og_account_id, og_resource_id, + case + when load_balancer_attributes @> '[{"Key":"waf.fail_open.enabled","Value":"true"}]' then 'ok' + else 'alarm' + end as status, + case + when load_balancer_attributes @> '[{"Key":"waf.fail_open.enabled","Value":"true"}]' then title || ' WAF enabled.' + else title || ' WAF disabled.' + end as reason, + -- Additional Dimensions + region + from + aws_ec2_application_load_balancer; + PrimaryTable: aws_ec2_application_load_balancer + ListOfTables: + - aws_ec2_application_load_balancer + Parameters: [] +Tags: + category: + - Security + - Technical Debt diff --git a/queries/16-aws_insight_vpc_with_public_cidr.yaml b/queries/16-aws_insight_vpc_with_public_cidr.yaml index d73ff5ef9..27500af13 100755 --- a/queries/16-aws_insight_vpc_with_public_cidr.yaml +++ b/queries/16-aws_insight_vpc_with_public_cidr.yaml @@ -1,7 +1,7 @@ ID: aws_insight_vpc_with_public_cidr Title: "VPCs with Public IP Range" Description: "List VPCs with public CIDR blocks" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/16-aws_insight_vpc_with_public_cidr.yaml.bak b/queries/16-aws_insight_vpc_with_public_cidr.yaml.bak new file mode 100755 index 000000000..d73ff5ef9 --- /dev/null +++ b/queries/16-aws_insight_vpc_with_public_cidr.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_insight_vpc_with_public_cidr +Title: "VPCs with Public IP Range" +Description: "List VPCs with public CIDR blocks" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_id, + cidr_block, + state, + region, account_id, og_account_id, og_resource_id + from + aws_vpc + where + (not cidr_block <<= '10.0.0.0/8' + and not cidr_block <<= '192.168.0.0/16' + and not cidr_block <<= '172.16.0.0/12'); + PrimaryTable: aws_vpc + ListOfTables: + - aws_vpc + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Resiliency + - Cost Management diff --git a/queries/17-azure_insight_compute_disk_unattached.yaml b/queries/17-azure_insight_compute_disk_unattached.yaml index 2d4d0b34d..b12f62f39 100755 --- a/queries/17-azure_insight_compute_disk_unattached.yaml +++ b/queries/17-azure_insight_compute_disk_unattached.yaml @@ -1,7 +1,7 @@ ID: azure_insight_compute_disk_unattached Title: "Unused Azure Disks" Description: "List of unattached Disks" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/17-azure_insight_compute_disk_unattached.yaml.bak b/queries/17-azure_insight_compute_disk_unattached.yaml.bak new file mode 100755 index 000000000..b12f62f39 --- /dev/null +++ b/queries/17-azure_insight_compute_disk_unattached.yaml.bak @@ -0,0 +1,23 @@ +ID: azure_insight_compute_disk_unattached +Title: "Unused Azure Disks" +Description: "List of unattached Disks" +IntegrationTypeName: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + disk_state, subscription_id, og_account_id, og_resource_id + from + azure_compute_disk + where + disk_state = 'Unattached'; + PrimaryTable: azure_compute_disk + ListOfTables: + - azure_compute_disk + Parameters: [] +Tags: + category: + - Technical Debt + - Cost Management diff --git a/queries/17-azure_insight_compute_disk_unattached.yaml.bak.bak b/queries/17-azure_insight_compute_disk_unattached.yaml.bak.bak new file mode 100755 index 000000000..b12f62f39 --- /dev/null +++ b/queries/17-azure_insight_compute_disk_unattached.yaml.bak.bak @@ -0,0 +1,23 @@ +ID: azure_insight_compute_disk_unattached +Title: "Unused Azure Disks" +Description: "List of unattached Disks" +IntegrationTypeName: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + disk_state, subscription_id, og_account_id, og_resource_id + from + azure_compute_disk + where + disk_state = 'Unattached'; + PrimaryTable: azure_compute_disk + ListOfTables: + - azure_compute_disk + Parameters: [] +Tags: + category: + - Technical Debt + - Cost Management diff --git a/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml b/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml index d3319a7fe..796fea620 100755 --- a/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml +++ b/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml @@ -1,7 +1,7 @@ ID: azure_insight_compute_disk_unavailable_in_multiple_az Title: "Non-Resiliency Azure Disks" Description: "List of compute disks which are not available in multiple az" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml.bak b/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml.bak new file mode 100755 index 000000000..d3319a7fe --- /dev/null +++ b/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml.bak @@ -0,0 +1,26 @@ +ID: azure_insight_compute_disk_unavailable_in_multiple_az +Title: "Non-Resiliency Azure Disks" +Description: "List of compute disks which are not available in multiple az" +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + az, + region, subscription_id, og_account_id, og_resource_id + from + azure_compute_disk + cross join jsonb_array_elements(zones) az + where + zones is not null; + PrimaryTable: azure_compute_disk + ListOfTables: + - azure_compute_disk + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Resiliency diff --git a/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml b/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml index df7acc82d..a4c598830 100755 --- a/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml +++ b/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml @@ -1,7 +1,7 @@ ID: azure_insight_compute_disk_not_encrypted_with_customer_key Title: "Unecrypted Disks" Description: "List of compute disks which are not encrypted with customer key" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml.bak b/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml.bak new file mode 100755 index 000000000..df7acc82d --- /dev/null +++ b/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml.bak @@ -0,0 +1,27 @@ +ID: azure_insight_compute_disk_not_encrypted_with_customer_key +Title: "Unecrypted Disks" +Description: "List of compute disks which are not encrypted with customer key" +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + encryption_type, subscription_id, og_account_id, og_resource_id + from + azure_compute_disk + where + encryption_type <> 'EncryptionAtRestWithCustomerKey'; + PrimaryTable: azure_compute_disk + ListOfTables: + - azure_compute_disk + Parameters: [] +Tags: + category: + - Security + - Technical Debt + persona: + - Security + - DevOps + - Product diff --git a/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml b/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml index d7b64f70c..c09efacd7 100755 --- a/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml +++ b/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml @@ -1,7 +1,7 @@ ID: aws_insight_lambda_function_retention_period_less_than_30_days Title: "" Description: "List of lambda function whose retention period is less than 30 days" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml.bak b/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml.bak new file mode 100755 index 000000000..d7b64f70c --- /dev/null +++ b/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_insight_lambda_function_retention_period_less_than_30_days +Title: "" +Description: "List of lambda function whose retention period is less than 30 days" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + fn.name, + lg.name, + lg.retention_in_days, fn.account_id, fn.og_account_id, fn.og_resource_id + from + aws_lambda_function as fn + inner join aws_cloudwatch_log_group as lg on ( + lg.og_account_id = fn.og_account_id AND ((lg.name = '/aws/lambda/') + or (lg.name = fn.name)) + ) + where + lg.retention_in_days < 30 + PrimaryTable: null + ListOfTables: + - aws_lambda_function + - aws_cloudwatch_log_group + Parameters: [] +Tags: + category: + - Technical Debt + - Resiliency diff --git a/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml b/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml index c8315cef8..e5e44b712 100755 --- a/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml +++ b/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml @@ -1,7 +1,7 @@ ID: azure_insight_cosmosdb_account_with_disabled_automatic_failover Title: "Database with no Auto Failover" Description: "List of database accounts where automatic failover is not enabled" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml.bak b/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml.bak new file mode 100755 index 000000000..c8315cef8 --- /dev/null +++ b/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml.bak @@ -0,0 +1,24 @@ +ID: azure_insight_cosmosdb_account_with_disabled_automatic_failover +Title: "Database with no Auto Failover" +Description: "List of database accounts where automatic failover is not enabled" +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + region, + enable_automatic_failover, + resource_group, subscription_id, og_account_id, og_resource_id + from + azure_cosmosdb_account + where + not enable_automatic_failover; + PrimaryTable: azure_cosmosdb_account + ListOfTables: + - azure_cosmosdb_account + Parameters: [] +Tags: + category: + - Resiliency diff --git a/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml b/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml index 8ffc34acc..970c7368f 100755 --- a/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml +++ b/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml @@ -1,7 +1,7 @@ ID: azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet Title: "Database Accounts with Public access" Description: "List of database accounts which allows traffic from all networks, including the public Internet." -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml.bak b/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml.bak new file mode 100755 index 000000000..8ffc34acc --- /dev/null +++ b/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml.bak @@ -0,0 +1,24 @@ +ID: azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet +Title: "Database Accounts with Public access" +Description: "List of database accounts which allows traffic from all networks, including the public Internet." +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + region, + virtual_network_rules, subscription_id, og_account_id, og_resource_id + from + azure_cosmosdb_account + where + virtual_network_rules = '[]'; + PrimaryTable: azure_cosmosdb_account + ListOfTables: + - azure_cosmosdb_account + Parameters: [] +Tags: + category: + - Security + - Technical Debt diff --git a/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml b/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml index 3890674f7..d1f241f62 100755 --- a/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml +++ b/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml @@ -1,7 +1,7 @@ ID: azure_insight_key_vault_with_disabled_soft_delete Title: "Key Vaults with no Deletion Protection" Description: "List of key vaults where soft deletion is not enabled" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml.bak b/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml.bak new file mode 100755 index 000000000..3890674f7 --- /dev/null +++ b/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml.bak @@ -0,0 +1,26 @@ +ID: azure_insight_key_vault_with_disabled_soft_delete +Title: "Key Vaults with no Deletion Protection" +Description: "List of key vaults where soft deletion is not enabled" +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + soft_delete_enabled, + soft_delete_retention_in_days, subscription_id, og_account_id, og_resource_id + from + azure_key_vault + where + not soft_delete_enabled; + PrimaryTable: azure_key_vault + ListOfTables: + - azure_key_vault + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Resiliency diff --git a/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml b/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml index 86de06908..3e9ffe4a4 100755 --- a/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml +++ b/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml @@ -1,7 +1,7 @@ ID: azure_insight_kubernetes_cluster_with_rbac_disabled Title: "Clusters with no RBAC" Description: "List clusters that have role-based access control (RBAC) disabled" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml.bak b/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml.bak new file mode 100755 index 000000000..86de06908 --- /dev/null +++ b/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml.bak @@ -0,0 +1,27 @@ +ID: azure_insight_kubernetes_cluster_with_rbac_disabled +Title: "Clusters with no RBAC" +Description: "List clusters that have role-based access control (RBAC) disabled" +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + location, + type, + identity, + enable_rbac, + sku, subscription_id, og_account_id, og_resource_id + from + azure_kubernetes_cluster + where + not enable_rbac; + PrimaryTable: azure_kubernetes_cluster + ListOfTables: + - azure_kubernetes_cluster + Parameters: [] +Tags: + category: + - Security diff --git a/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml b/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml index c3d4c12a7..d2bddaf8d 100755 --- a/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml +++ b/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml @@ -1,7 +1,7 @@ ID: azure_insight_kubernetes_cluster_with_undesired_version Title: "Legacy Kubernetes Clusters" Description: "List clusters with an undesirable version (older than 1.20.5)" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml.bak b/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml.bak new file mode 100755 index 000000000..c3d4c12a7 --- /dev/null +++ b/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml.bak @@ -0,0 +1,31 @@ +ID: azure_insight_kubernetes_cluster_with_undesired_version +Title: "Legacy Kubernetes Clusters" +Description: "List clusters with an undesirable version (older than 1.20.5)" +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + location, + type, + kubernetes_version, subscription_id, og_account_id, og_resource_id + from + azure_kubernetes_cluster + where + kubernetes_version < '1.24'; + PrimaryTable: azure_kubernetes_cluster + ListOfTables: + - azure_kubernetes_cluster + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Resiliency + persona: + - Executive + - Product + - FinOps diff --git a/queries/25-azure_insight_lb_failed.yaml b/queries/25-azure_insight_lb_failed.yaml index 381d88601..73fbe04de 100755 --- a/queries/25-azure_insight_lb_failed.yaml +++ b/queries/25-azure_insight_lb_failed.yaml @@ -1,7 +1,7 @@ ID: azure_insight_lb_failed Title: "Unhealthy Load Balancers" Description: "List failed load balancers" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/25-azure_insight_lb_failed.yaml.bak b/queries/25-azure_insight_lb_failed.yaml.bak new file mode 100755 index 000000000..381d88601 --- /dev/null +++ b/queries/25-azure_insight_lb_failed.yaml.bak @@ -0,0 +1,27 @@ +ID: azure_insight_lb_failed +Title: "Unhealthy Load Balancers" +Description: "List failed load balancers" +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + type, + provisioning_state, subscription_id, og_account_id, og_resource_id + from + azure_lb + where + provisioning_state = 'Failed'; + PrimaryTable: azure_lb + ListOfTables: + - azure_lb + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Resiliency + - Cost Management diff --git a/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml b/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml index 873d7f29a..ed1204ab6 100755 --- a/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml +++ b/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml @@ -1,7 +1,7 @@ ID: azure_insight_compute_availability_set_without_managed_disk_configuration Title: "AV Sets with Legacy Disks" Description: "List of availability sets which does not use managed disks configuration" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml.bak b/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml.bak new file mode 100755 index 000000000..873d7f29a --- /dev/null +++ b/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml.bak @@ -0,0 +1,25 @@ +ID: azure_insight_compute_availability_set_without_managed_disk_configuration +Title: "AV Sets with Legacy Disks" +Description: "List of availability sets which does not use managed disks configuration" +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + sku_name, subscription_id, og_account_id, og_resource_id + from + azure_compute_availability_set + where + sku_name = 'Classic'; + PrimaryTable: azure_compute_availability_set + ListOfTables: + - azure_compute_availability_set + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Resiliency + - Cost Management diff --git a/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml b/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml index 20b632bb0..415260a1b 100755 --- a/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml +++ b/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml @@ -1,7 +1,7 @@ ID: azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2 Title: "Servers with Vulnerable TLSA" Description: "List servers with minimum TLS version lower than 1.2" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml.bak b/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml.bak new file mode 100755 index 000000000..20b632bb0 --- /dev/null +++ b/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml.bak @@ -0,0 +1,26 @@ +ID: azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2 +Title: "Servers with Vulnerable TLSA" +Description: "List servers with minimum TLS version lower than 1.2" +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + minimal_tls_version, subscription_id, og_account_id, og_resource_id + from + azure_mysql_server + where + (minimal_tls_version = 'TLS1_0' + or minimal_tls_version = 'TLS1_1'); + PrimaryTable: azure_mysql_server + ListOfTables: + - azure_mysql_server + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Cost Management diff --git a/queries/28-azure_insight_virtual_network_with_public_cidr.yaml b/queries/28-azure_insight_virtual_network_with_public_cidr.yaml index 2eb7bdf47..e109d16b9 100755 --- a/queries/28-azure_insight_virtual_network_with_public_cidr.yaml +++ b/queries/28-azure_insight_virtual_network_with_public_cidr.yaml @@ -1,7 +1,7 @@ ID: azure_insight_virtual_network_with_public_cidr Title: "vNets with Public IP Range" Description: "List Virtual Networks with public CIDR blocks" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/28-azure_insight_virtual_network_with_public_cidr.yaml.bak b/queries/28-azure_insight_virtual_network_with_public_cidr.yaml.bak new file mode 100755 index 000000000..2eb7bdf47 --- /dev/null +++ b/queries/28-azure_insight_virtual_network_with_public_cidr.yaml.bak @@ -0,0 +1,30 @@ +ID: azure_insight_virtual_network_with_public_cidr +Title: "vNets with Public IP Range" +Description: "List Virtual Networks with public CIDR blocks" +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + cidr_block, + region, + resource_group, subscription_id, og_account_id, og_resource_id + from + azure_virtual_network + cross join jsonb_array_elements_text(address_prefixes) as cidr_block + where + (not cidr_block :: cidr <<= '10.0.0.0/16' + and not cidr_block :: cidr <<= '192.168.0.0/16' + and not cidr_block :: cidr <<= '172.16.0.0/12'); + PrimaryTable: azure_virtual_network + ListOfTables: + - azure_virtual_network + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Resiliency + - Resiliency diff --git a/queries/29-azure_insight_storage_account_with_public_blob_access.yaml b/queries/29-azure_insight_storage_account_with_public_blob_access.yaml index 811bf72a0..cf6cf370f 100755 --- a/queries/29-azure_insight_storage_account_with_public_blob_access.yaml +++ b/queries/29-azure_insight_storage_account_with_public_blob_access.yaml @@ -1,7 +1,7 @@ ID: azure_insight_storage_account_with_public_blob_access Title: "Storage Accounts with Public Internet" Description: "List storage accounts that allow blob public access" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/29-azure_insight_storage_account_with_public_blob_access.yaml.bak b/queries/29-azure_insight_storage_account_with_public_blob_access.yaml.bak new file mode 100755 index 000000000..811bf72a0 --- /dev/null +++ b/queries/29-azure_insight_storage_account_with_public_blob_access.yaml.bak @@ -0,0 +1,24 @@ +ID: azure_insight_storage_account_with_public_blob_access +Title: "Storage Accounts with Public Internet" +Description: "List storage accounts that allow blob public access" +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + allow_blob_public_access, subscription_id, og_account_id, og_resource_id + from + azure_storage_account + where + allow_blob_public_access; + PrimaryTable: azure_storage_account + ListOfTables: + - azure_storage_account + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Resiliency diff --git a/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml b/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml index 4c4153636..7ffbf78ea 100755 --- a/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml +++ b/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml @@ -1,7 +1,7 @@ ID: aws_insight_lambda_function_with_unsupported_engine Title: "List Lambda Functions with unsupported engines" Description: "List Lambda Functions which are using unsupported engines" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak b/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak new file mode 100755 index 000000000..7ffbf78ea --- /dev/null +++ b/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak @@ -0,0 +1,20 @@ +ID: aws_insight_lambda_function_with_unsupported_engine +Title: "List Lambda Functions with unsupported engines" +Description: "List Lambda Functions which are using unsupported engines" +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: select name, runtime, handler, arn, account_id, og_account_id, og_resource_id from aws_lambda_function WHERE (runtime != 'nodejs18.x' AND runtime != 'nodejs16.x' AND runtime != 'nodejs14.x' AND runtime != 'python3.11' AND runtime != 'python3.10' AND runtime != 'python3.9' AND runtime != 'python3.8' AND runtime != 'python3.7' AND runtime != 'java17' AND runtime != 'java11' AND runtime != 'java8.al2' AND runtime != 'java8' AND runtime != 'dotnet7' AND runtime != 'dotnet6' AND runtime != 'go1.x' AND runtime != 'ruby3.2' AND runtime != 'ruby2.7' AND runtime != 'provided.al2' AND runtime != 'provided'); + PrimaryTable: aws_lambda_function + ListOfTables: + - aws_lambda_function + Parameters: [] +Tags: + category: + - Technical Debt + - Resiliency + persona: + - Executive + - Product + - FinOps diff --git a/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak.bak b/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak.bak new file mode 100755 index 000000000..7ffbf78ea --- /dev/null +++ b/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak.bak @@ -0,0 +1,20 @@ +ID: aws_insight_lambda_function_with_unsupported_engine +Title: "List Lambda Functions with unsupported engines" +Description: "List Lambda Functions which are using unsupported engines" +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: select name, runtime, handler, arn, account_id, og_account_id, og_resource_id from aws_lambda_function WHERE (runtime != 'nodejs18.x' AND runtime != 'nodejs16.x' AND runtime != 'nodejs14.x' AND runtime != 'python3.11' AND runtime != 'python3.10' AND runtime != 'python3.9' AND runtime != 'python3.8' AND runtime != 'python3.7' AND runtime != 'java17' AND runtime != 'java11' AND runtime != 'java8.al2' AND runtime != 'java8' AND runtime != 'dotnet7' AND runtime != 'dotnet6' AND runtime != 'go1.x' AND runtime != 'ruby3.2' AND runtime != 'ruby2.7' AND runtime != 'provided.al2' AND runtime != 'provided'); + PrimaryTable: aws_lambda_function + ListOfTables: + - aws_lambda_function + Parameters: [] +Tags: + category: + - Technical Debt + - Resiliency + persona: + - Executive + - Product + - FinOps diff --git a/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml b/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml index 7ff999b60..186c3254f 100755 --- a/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml +++ b/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml @@ -1,7 +1,7 @@ ID: azure_insight_storage_account_with_disabled_encryption_in_transit Title: "Storage Accounts No Unecrypted Transit" Description: "List storage accounts with encryption in transit disabled" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml.bak b/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml.bak new file mode 100755 index 000000000..7ff999b60 --- /dev/null +++ b/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml.bak @@ -0,0 +1,24 @@ +ID: azure_insight_storage_account_with_disabled_encryption_in_transit +Title: "Storage Accounts No Unecrypted Transit" +Description: "List storage accounts with encryption in transit disabled" +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + enable_https_traffic_only, subscription_id, og_account_id, og_resource_id + from + azure_storage_account + where + not enable_https_traffic_only; + PrimaryTable: azure_storage_account + ListOfTables: + - azure_storage_account + Parameters: [] +Tags: + category: + - Security + - Technical Debt + - Resiliency diff --git a/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml b/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml index f9b21e1bc..b1ad3baa6 100755 --- a/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml +++ b/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml @@ -1,7 +1,7 @@ ID: azure_insight_compute_vm_remote_access_restricted_all_ports Title: "VMs with restricts remote access from internet" Description: "VMs with restricts remote access from internet" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak b/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak new file mode 100755 index 000000000..b1ad3baa6 --- /dev/null +++ b/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak @@ -0,0 +1,48 @@ +ID: azure_insight_compute_vm_remote_access_restricted_all_ports +Title: "VMs with restricts remote access from internet" +Description: "VMs with restricts remote access from internet" +IntegrationTypeName: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with network_sg as ( + select + distinct name as sg_name, + network_interfaces + from + azure_network_security_group as nsg, + jsonb_array_elements(security_rules) as sg, + jsonb_array_elements_text(sg -> 'properties' -> 'destinationPortRanges' || (sg -> 'properties' -> 'destinationPortRange') :: jsonb) as dport, + jsonb_array_elements_text(sg -> 'properties' -> 'sourceAddressPrefixes' || (sg -> 'properties' -> 'sourceAddressPrefix') :: jsonb) as sip + where + sg -> 'properties' ->> 'access' = 'Allow' + and sg -> 'properties' ->> 'direction' = 'Inbound' + and sg -> 'properties' ->> 'protocol' in ('TCP','*') + and sip in ('*', '0.0.0.0', '0.0.0.0/0', 'Internet', '/0', '/0') + ) + select + vm.vm_id as resource, + vm.subscription_id, vm.og_account_id, vm.og_resource_id, + case + when sg.sg_name is null then 'ok' + else 'alarm' + end as status, + case + when sg.sg_name is null then vm.title || ' restricts remote access from internet.' + else vm.title || ' allows remote access from internet.' + end as reason + + , vm.resource_group as resource_group + , sub.display_name as subscription + from + azure_compute_virtual_machine as vm + left join network_sg as sg on sg.network_interfaces @> vm.network_interfaces + join azure_subscription as sub on sub.subscription_id = vm.subscription_id; + PrimaryTable: azure_compute_disk + ListOfTables: + - azure_compute_disk + Parameters: [] +Tags: + category: + - Security diff --git a/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak.bak b/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak.bak new file mode 100755 index 000000000..b1ad3baa6 --- /dev/null +++ b/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak.bak @@ -0,0 +1,48 @@ +ID: azure_insight_compute_vm_remote_access_restricted_all_ports +Title: "VMs with restricts remote access from internet" +Description: "VMs with restricts remote access from internet" +IntegrationTypeName: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with network_sg as ( + select + distinct name as sg_name, + network_interfaces + from + azure_network_security_group as nsg, + jsonb_array_elements(security_rules) as sg, + jsonb_array_elements_text(sg -> 'properties' -> 'destinationPortRanges' || (sg -> 'properties' -> 'destinationPortRange') :: jsonb) as dport, + jsonb_array_elements_text(sg -> 'properties' -> 'sourceAddressPrefixes' || (sg -> 'properties' -> 'sourceAddressPrefix') :: jsonb) as sip + where + sg -> 'properties' ->> 'access' = 'Allow' + and sg -> 'properties' ->> 'direction' = 'Inbound' + and sg -> 'properties' ->> 'protocol' in ('TCP','*') + and sip in ('*', '0.0.0.0', '0.0.0.0/0', 'Internet', '/0', '/0') + ) + select + vm.vm_id as resource, + vm.subscription_id, vm.og_account_id, vm.og_resource_id, + case + when sg.sg_name is null then 'ok' + else 'alarm' + end as status, + case + when sg.sg_name is null then vm.title || ' restricts remote access from internet.' + else vm.title || ' allows remote access from internet.' + end as reason + + , vm.resource_group as resource_group + , sub.display_name as subscription + from + azure_compute_virtual_machine as vm + left join network_sg as sg on sg.network_interfaces @> vm.network_interfaces + join azure_subscription as sub on sub.subscription_id = vm.subscription_id; + PrimaryTable: azure_compute_disk + ListOfTables: + - azure_compute_disk + Parameters: [] +Tags: + category: + - Security diff --git a/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml b/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml index 0f142397e..1878a0598 100755 --- a/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml +++ b/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml @@ -1,7 +1,7 @@ ID: aws_insight_loadbalancer_classic_no_logging Title: "Classic Load Balancers without logging" Description: "List classic Load Balancers without logging" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml.bak b/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml.bak new file mode 100755 index 000000000..0f142397e --- /dev/null +++ b/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_insight_loadbalancer_classic_no_logging +Title: "Classic Load Balancers without logging" +Description: "List classic Load Balancers without logging" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + access_log_enabled, account_id, og_account_id, og_resource_id + from + aws_ec2_classic_load_balancer + where + access_log_enabled = 'false'; + PrimaryTable: aws_ec2_classic_load_balancer + ListOfTables: + - aws_ec2_classic_load_balancer + Parameters: [] +Tags: + category: + - Technical Debt + persona: + - Security + - DevOps diff --git a/queries/33-aws_insight_loadbalancer_application_no_logging.yaml b/queries/33-aws_insight_loadbalancer_application_no_logging.yaml index aa495c324..1ef2c4e03 100755 --- a/queries/33-aws_insight_loadbalancer_application_no_logging.yaml +++ b/queries/33-aws_insight_loadbalancer_application_no_logging.yaml @@ -1,7 +1,7 @@ ID: aws_insight_loadbalancer_application_no_logging Title: "Application Load Balancers without logging" Description: "List application Load Balancers without logging" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/33-aws_insight_loadbalancer_application_no_logging.yaml.bak b/queries/33-aws_insight_loadbalancer_application_no_logging.yaml.bak new file mode 100755 index 000000000..aa495c324 --- /dev/null +++ b/queries/33-aws_insight_loadbalancer_application_no_logging.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_insight_loadbalancer_application_no_logging +Title: "Application Load Balancers without logging" +Description: "List application Load Balancers without logging" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + lb ->> 'Key' as logging_key, + lb ->> 'Value' as logging_value, account_id, og_account_id, og_resource_id + from + aws_ec2_application_load_balancer + cross join jsonb_array_elements(load_balancer_attributes) as lb + where + lb ->> 'Key' = 'access_logs.s3.enabled' + and lb ->> 'Value' = 'false'; + PrimaryTable: aws_ec2_application_load_balancer + ListOfTables: + - aws_ec2_application_load_balancer + Parameters: [] +Tags: + category: + - Technical Debt + persona: + - Security + - DevOps diff --git a/queries/34-aws_insight_loadbalancer_network_no_logging.yaml b/queries/34-aws_insight_loadbalancer_network_no_logging.yaml index 2f0614a28..860994730 100755 --- a/queries/34-aws_insight_loadbalancer_network_no_logging.yaml +++ b/queries/34-aws_insight_loadbalancer_network_no_logging.yaml @@ -1,7 +1,7 @@ ID: aws_insight_loadbalancer_network_no_logging Title: "Network Load Balancers without logging" Description: "List network Load Balancers without logging" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/34-aws_insight_loadbalancer_network_no_logging.yaml.bak b/queries/34-aws_insight_loadbalancer_network_no_logging.yaml.bak new file mode 100755 index 000000000..2f0614a28 --- /dev/null +++ b/queries/34-aws_insight_loadbalancer_network_no_logging.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_insight_loadbalancer_network_no_logging +Title: "Network Load Balancers without logging" +Description: "List network Load Balancers without logging" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + lb ->> 'Key' as logging_key, + lb ->> 'Value' as logging_value, account_id, og_account_id, og_resource_id + from + aws_ec2_network_load_balancer + cross join jsonb_array_elements(load_balancer_attributes) as lb + where + lb ->> 'Key' = 'access_logs.s3.enabled' + and lb ->> 'Value' = 'false'; + PrimaryTable: aws_ec2_network_load_balancer + ListOfTables: + - aws_ec2_network_load_balancer + Parameters: [] +Tags: + category: + - Technical Debt + persona: + - Security + - DevOps diff --git a/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml b/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml index aa7038cf1..2a88d4d96 100755 --- a/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml +++ b/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml @@ -1,7 +1,7 @@ ID: azure_insight_functionapp_with_unsupported_runtime Title: "Function Apps with unsupported runtime" Description: "List Function Apps with unsupported runtime" -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml.bak b/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml.bak new file mode 100755 index 000000000..aa7038cf1 --- /dev/null +++ b/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml.bak @@ -0,0 +1,63 @@ +ID: azure_insight_functionapp_with_unsupported_runtime +Title: "Function Apps with unsupported runtime" +Description: "List Function Apps with unsupported runtime" +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + SELECT + id, language_runtime_type, language_runtime_version, subscription_id, og_account_id, og_resource_id + FROM azure_app_service_function_app + WHERE ( + ( + language_runtime_type = 'dotnet' AND ( + language_runtime_version != '6' AND + language_runtime_version != '7' + ) + ) OR ( + language_runtime_type = 'dotnetcore' AND ( + language_runtime_version != 'v4.0' AND + language_runtime_version != 'v6.0' AND + language_runtime_version != 'v7.0' AND + language_runtime_version != '6' AND + language_runtime_version != '7' AND + language_runtime_version != '4' AND + language_runtime_version != '4.8' + ) + ) OR ( + language_runtime_type = 'python' AND ( + language_runtime_version != '3.7' AND + language_runtime_version != '3.8' AND + language_runtime_version != '3.9' AND + language_runtime_version != '3.10' AND + language_runtime_version != '3.11' + ) + ) OR ( + language_runtime_type = 'java' AND ( + language_runtime_version != '8' AND + language_runtime_version != '11' AND + language_runtime_version != '17' + ) + ) OR ( + language_runtime_type = 'powershell' AND ( + language_runtime_version != '7.2' + ) + ) OR ( + language_runtime_type = 'node' AND ( + language_runtime_version != '14' AND + language_runtime_version != '16' AND + language_runtime_version != '18' AND + language_runtime_version != '~14' AND + language_runtime_version != '~16' AND + language_runtime_version != '~18' + ) + ) + ); + PrimaryTable: azure_app_service_function_app + ListOfTables: + - azure_app_service_function_app + Parameters: [] +Tags: + category: + - Technical Debt diff --git a/queries/36-aws_insight_deprecated_eks.yaml b/queries/36-aws_insight_deprecated_eks.yaml index 7c7d5dba4..c803f497a 100755 --- a/queries/36-aws_insight_deprecated_eks.yaml +++ b/queries/36-aws_insight_deprecated_eks.yaml @@ -1,7 +1,7 @@ ID: aws_insight_deprecated_eks Title: "Deprecated EKS clusters" Description: "EKS clusters running anything other than 1.27, 1.26, 1.25, 1.24, 1.23" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/36-aws_insight_deprecated_eks.yaml.bak b/queries/36-aws_insight_deprecated_eks.yaml.bak new file mode 100755 index 000000000..7c7d5dba4 --- /dev/null +++ b/queries/36-aws_insight_deprecated_eks.yaml.bak @@ -0,0 +1,19 @@ +ID: aws_insight_deprecated_eks +Title: "Deprecated EKS clusters" +Description: "EKS clusters running anything other than 1.27, 1.26, 1.25, 1.24, 1.23" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: SELECT name, arn, version, account_id, og_account_id, og_resource_id FROM aws_eks_cluster WHERE version != '1.27' AND version != '1.26' AND version != '1.25' AND version != '1.24' AND version != '1.23' + PrimaryTable: aws_eks_cluster + ListOfTables: + - aws_eks_cluster + Parameters: [] +Tags: + category: + - Technical Debt + persona: + - Executive + - Product + - FinOps diff --git a/queries/37-azure_insight_legacy_application_gateway.yaml b/queries/37-azure_insight_legacy_application_gateway.yaml index 9526f0ce0..1b009fff4 100755 --- a/queries/37-azure_insight_legacy_application_gateway.yaml +++ b/queries/37-azure_insight_legacy_application_gateway.yaml @@ -1,7 +1,7 @@ ID: azure_insight_legacy_application_gateway Title: "Legacy Application Gateways" Description: "This insight returns all legacy application gateways." -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/37-azure_insight_legacy_application_gateway.yaml.bak b/queries/37-azure_insight_legacy_application_gateway.yaml.bak new file mode 100755 index 000000000..9526f0ce0 --- /dev/null +++ b/queries/37-azure_insight_legacy_application_gateway.yaml.bak @@ -0,0 +1,19 @@ +ID: azure_insight_legacy_application_gateway +Title: "Legacy Application Gateways" +Description: "This insight returns all legacy application gateways." +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: SELECT name, id, sku->'tier' AS tier, subscription_id, og_account_id, og_resource_id FROM azure_application_gateway WHERE NOT sku IS NULL AND sku->>'tier' = 'Standard_v2'; + PrimaryTable: azure_application_gateway + ListOfTables: + - azure_application_gateway + Parameters: [] +Tags: + category: + - Technical Debt + persona: + - Executive + - Product + - FinOps diff --git a/queries/38-azure_insight_legacy_virtual_machine.yaml b/queries/38-azure_insight_legacy_virtual_machine.yaml index 9ca6d22b5..d521bf1b2 100755 --- a/queries/38-azure_insight_legacy_virtual_machine.yaml +++ b/queries/38-azure_insight_legacy_virtual_machine.yaml @@ -1,7 +1,7 @@ ID: azure_insight_legacy_virtual_machine Title: "Legacy Virtual Machine" Description: "This insight identifies virtual machines that are running on legacy hardware." -Connector: +IntegrationTypeName: - azure Query: Engine: CloudQL-v0.0.1 diff --git a/queries/38-azure_insight_legacy_virtual_machine.yaml.bak b/queries/38-azure_insight_legacy_virtual_machine.yaml.bak new file mode 100755 index 000000000..9ca6d22b5 --- /dev/null +++ b/queries/38-azure_insight_legacy_virtual_machine.yaml.bak @@ -0,0 +1,21 @@ +ID: azure_insight_legacy_virtual_machine +Title: "Legacy Virtual Machine" +Description: "This insight identifies virtual machines that are running on legacy hardware." +Connector: +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + SELECT name, power_state, id, subscription_id, og_account_id, og_resource_id FROM azure_compute_virtual_machine WHERE (size = 'Standard_F1' OR size = 'Standard_F2' OR size = 'Standard_F4' OR size = 'Standard_F8' OR size = 'Standard_F16' OR size = 'Standard_F1s' OR size = 'Standard_F2s' OR size = 'Standard_F4s' OR size = 'Standard_F8s' OR size = 'Standard_F16s' OR size = 'Standard_NV6s_v2' OR size = 'Standard_NV12s_v2' OR size = 'Standard_NV24s_v2' OR size = 'A0\Basic_A0' OR size = 'A1\Basic_A1' OR size = 'A2\Basic_A2' OR size = 'A3\Basic_A3' OR size = 'A4\Basic_A4' OR size = 'Standard_A0' OR size = 'Standard_A1' OR size = 'Standard_A2' OR size = 'Standard_A3' OR size = 'Standard_A4' OR size = 'Standard_A5' OR size = 'Standard_A6' OR size = 'Standard_A7' OR size = 'Standard_A8' OR size = 'Standard_A9' OR size = 'Standard_A10' OR size = 'Standard_A11' OR size = 'Standard_D1' OR size = 'Standard_D2' OR size = 'Standard_D3' OR size = 'Standard_D4' OR size = 'Standard_D11' OR size = 'Standard_D12' OR size = 'Standard_D13' OR size = 'Standard_D14' OR size = 'Standard_DC2s' OR size = 'Standard_DC4s' OR size = 'Standard_DS1' OR size = 'Standard_DS2' OR size = 'Standard_DS3' OR size = 'Standard_DS4' OR size = 'Standard_DS11' OR size = 'Standard_DS12' OR size = 'Standard_DS13' OR size = 'Standard_DS14' OR size = 'Standard_L4s' OR size = 'Standard_L8s' OR size = 'Standard_L16s' OR size = 'Standard_L32s' OR size = 'Standard_GS1' OR size = 'Standard_GS2' OR size = 'Standard_GS3' OR size = 'Standard_GS4' OR size = 'Standard_GS5' OR size = 'Standard_G1' OR size = 'Standard_G2' OR size = 'Standard_G3' OR size = 'Standard_G4' OR size = 'Standard_G5' OR size = 'Standard_NC6' OR size = 'Standard_NC12' OR size = 'Standard_NC24' OR size = 'Standard_NC24r' OR size = 'Standard_NC6s_v2' OR size = 'Standard_NC12s_v2' OR size = 'Standard_NC24s_v2' OR size = 'Standard_NC24rs_v2' OR size = 'Standard_ND6s' OR size = 'Standard_ND12s' OR size = 'Standard_ND24s' OR size = 'Standard_ND24rs') + ; + PrimaryTable: azure_application_gateway + ListOfTables: + - azure_application_gateway + Parameters: [] +Tags: + category: + - Technical Debt + persona: + - Executive + - Product + - FinOps diff --git a/queries/39-aws_insight_legacy_rds_instances.yaml b/queries/39-aws_insight_legacy_rds_instances.yaml index 6a726a790..46d916137 100755 --- a/queries/39-aws_insight_legacy_rds_instances.yaml +++ b/queries/39-aws_insight_legacy_rds_instances.yaml @@ -1,7 +1,7 @@ ID: aws_insight_legacy_rds_instances Title: "Legacy RDS Instances" Description: "RDS instances that are not using the supported instance types" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/39-aws_insight_legacy_rds_instances.yaml.bak b/queries/39-aws_insight_legacy_rds_instances.yaml.bak new file mode 100755 index 000000000..6a726a790 --- /dev/null +++ b/queries/39-aws_insight_legacy_rds_instances.yaml.bak @@ -0,0 +1,19 @@ +ID: aws_insight_legacy_rds_instances +Title: "Legacy RDS Instances" +Description: "RDS instances that are not using the supported instance types" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: SELECT db_instance_identifier, arn, status, class, account_id, og_account_id, og_resource_id FROM aws_rds_db_instance WHERE (class LIKE ANY(ARRAY['db.m1.%','db.m2.%','db.r3.%'])) + PrimaryTable: aws_rds_db_instance + ListOfTables: + - aws_rds_db_instance + Parameters: [] +Tags: + category: + - Technical Debt + persona: + - Executive + - Product + - FinOps diff --git a/queries/4-aws_insight_ebs_volume_unencrypted.yaml b/queries/4-aws_insight_ebs_volume_unencrypted.yaml index eb724041f..c0d034849 100755 --- a/queries/4-aws_insight_ebs_volume_unencrypted.yaml +++ b/queries/4-aws_insight_ebs_volume_unencrypted.yaml @@ -1,7 +1,7 @@ ID: aws_insight_ebs_volume_unencrypted Title: "Unencrypted EBS Disks" Description: "List of unencrypted EBS volumes" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/4-aws_insight_ebs_volume_unencrypted.yaml.bak b/queries/4-aws_insight_ebs_volume_unencrypted.yaml.bak new file mode 100755 index 000000000..eb724041f --- /dev/null +++ b/queries/4-aws_insight_ebs_volume_unencrypted.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_insight_ebs_volume_unencrypted +Title: "Unencrypted EBS Disks" +Description: "List of unencrypted EBS volumes" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select volume_id, encrypted, account_id, og_account_id, og_resource_id from + aws_ebs_volume + where + not encrypted; + PrimaryTable: aws_ebs_volume + ListOfTables: + - aws_ebs_volume + Parameters: [] +Tags: + category: + - Security + - Technical Debt + persona: + - Security + - DevOps + - Product diff --git a/queries/40-aws_insight_accounts_without_cloudtrail.yaml b/queries/40-aws_insight_accounts_without_cloudtrail.yaml index e059298a5..18a4a0c95 100755 --- a/queries/40-aws_insight_accounts_without_cloudtrail.yaml +++ b/queries/40-aws_insight_accounts_without_cloudtrail.yaml @@ -1,7 +1,7 @@ ID: aws_insight_accounts_without_cloudtrail Title: "AWS Accounts without CloudTrail" Description: "AWS Accounts with CloudTrail disabled" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/40-aws_insight_accounts_without_cloudtrail.yaml.bak b/queries/40-aws_insight_accounts_without_cloudtrail.yaml.bak new file mode 100755 index 000000000..e059298a5 --- /dev/null +++ b/queries/40-aws_insight_accounts_without_cloudtrail.yaml.bak @@ -0,0 +1,21 @@ +ID: aws_insight_accounts_without_cloudtrail +Title: "AWS Accounts without CloudTrail" +Description: "AWS Accounts with CloudTrail disabled" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: select id AS account_id, og_id AS og_account_id from og_connections where (connector = 'AWS' AND lifecycle_state = 'onboard' AND id NOT IN (select distinct account_id from aws_cloudtrail_trail)) + PrimaryTable: null + ListOfTables: + - og_connections + - aws_cloudtrail_trail + Parameters: [] +Tags: + category: + - Security + persona: + - DevOps + - Security + - Executive + - Product diff --git a/queries/41-aws_insight_root_login_last_90_days.yaml b/queries/41-aws_insight_root_login_last_90_days.yaml index c775d8f8a..76acc3d54 100755 --- a/queries/41-aws_insight_root_login_last_90_days.yaml +++ b/queries/41-aws_insight_root_login_last_90_days.yaml @@ -1,7 +1,7 @@ ID: aws_insight_root_login_last_90_days Title: "AWS accounts with root login in the last 90 days" Description: "AWS accounts whose root user has logged in within the last 90 days" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/41-aws_insight_root_login_last_90_days.yaml.bak b/queries/41-aws_insight_root_login_last_90_days.yaml.bak new file mode 100755 index 000000000..c775d8f8a --- /dev/null +++ b/queries/41-aws_insight_root_login_last_90_days.yaml.bak @@ -0,0 +1,20 @@ +ID: aws_insight_root_login_last_90_days +Title: "AWS accounts with root login in the last 90 days" +Description: "AWS accounts whose root user has logged in within the last 90 days" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: select user_arn, password_last_used, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (user_name = '' AND (current_date - DATE(password_last_used)) > 90) + PrimaryTable: aws_iam_credential_report + ListOfTables: + - aws_iam_credential_report + Parameters: [] +Tags: + category: + - Security + persona: + - DevOps + - Security + - Executive + - Product diff --git a/queries/42-aws_insight_account_with_root_access_key.yaml b/queries/42-aws_insight_account_with_root_access_key.yaml index b00887f35..fac1fbc5c 100755 --- a/queries/42-aws_insight_account_with_root_access_key.yaml +++ b/queries/42-aws_insight_account_with_root_access_key.yaml @@ -1,7 +1,7 @@ ID: aws_insight_account_with_root_access_key Title: "AWS Account with Root Access Key Enabled" Description: "AWS Account whose root user has an access key enabled." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/42-aws_insight_account_with_root_access_key.yaml.bak b/queries/42-aws_insight_account_with_root_access_key.yaml.bak new file mode 100755 index 000000000..b00887f35 --- /dev/null +++ b/queries/42-aws_insight_account_with_root_access_key.yaml.bak @@ -0,0 +1,20 @@ +ID: aws_insight_account_with_root_access_key +Title: "AWS Account with Root Access Key Enabled" +Description: "AWS Account whose root user has an access key enabled." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: select user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (user_name = '' AND (access_key_1_active = true OR access_key_2_active = true)) + PrimaryTable: aws_iam_credential_report + ListOfTables: + - aws_iam_credential_report + Parameters: [] +Tags: + category: + - Security + persona: + - DevOps + - Security + - Executive + - Product diff --git a/queries/43-aws_insight_account_without_root_mfa.yaml b/queries/43-aws_insight_account_without_root_mfa.yaml index 556fff266..65195d398 100755 --- a/queries/43-aws_insight_account_without_root_mfa.yaml +++ b/queries/43-aws_insight_account_without_root_mfa.yaml @@ -1,7 +1,7 @@ ID: aws_insight_account_without_root_mfa Title: "AWS Account without Root MFA" Description: "AWS account whose root user does not have MFA enabled." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/43-aws_insight_account_without_root_mfa.yaml.bak b/queries/43-aws_insight_account_without_root_mfa.yaml.bak new file mode 100755 index 000000000..556fff266 --- /dev/null +++ b/queries/43-aws_insight_account_without_root_mfa.yaml.bak @@ -0,0 +1,20 @@ +ID: aws_insight_account_without_root_mfa +Title: "AWS Account without Root MFA" +Description: "AWS account whose root user does not have MFA enabled." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: select user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (user_name = '' AND mfa_active = false) + PrimaryTable: aws_iam_credential_report + ListOfTables: + - aws_iam_credential_report + Parameters: [] +Tags: + category: + - Security + persona: + - DevOps + - Security + - Executive + - Product diff --git a/queries/44-aws_insight_account_with_many_saml_providers.yaml b/queries/44-aws_insight_account_with_many_saml_providers.yaml index 940308764..28cd66119 100755 --- a/queries/44-aws_insight_account_with_many_saml_providers.yaml +++ b/queries/44-aws_insight_account_with_many_saml_providers.yaml @@ -1,7 +1,7 @@ ID: aws_insight_account_with_many_saml_providers Title: "AWS Account with many SAML providers" Description: "AWS Account with more than 1 SAML provider" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/44-aws_insight_account_with_many_saml_providers.yaml.bak b/queries/44-aws_insight_account_with_many_saml_providers.yaml.bak new file mode 100755 index 000000000..940308764 --- /dev/null +++ b/queries/44-aws_insight_account_with_many_saml_providers.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_insight_account_with_many_saml_providers +Title: "AWS Account with many SAML providers" +Description: "AWS Account with more than 1 SAML provider" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + SELECT account_id, og_account_id, CAST(SUM(saml_provider_count) AS INTEGER) AS saml_provider_count FROM ( + SELECT account_id, og_account_id, COUNT(*) as saml_provider_count FROM aws_iam_saml_provider GROUP BY account_id, og_account_id + UNION + SELECT account_id, og_account_id, COUNT(*) as saml_provider_count FROM aws_iam_open_id_connect_provider GROUP BY account_id, og_account_id + ) AS final WHERE saml_provider_count > 1 GROUP BY account_id, og_account_id + PrimaryTable: aws_iam_credential_report + ListOfTables: + - aws_iam_credential_report + Parameters: [] +Tags: + category: + - Security + persona: + - DevOps + - Security + - Executive + - Product diff --git a/queries/45-aws_insight_account_without_mfa.yaml b/queries/45-aws_insight_account_without_mfa.yaml index 6f70c5b4a..0feaac6be 100755 --- a/queries/45-aws_insight_account_without_mfa.yaml +++ b/queries/45-aws_insight_account_without_mfa.yaml @@ -1,7 +1,7 @@ ID: aws_insight_account_without_mfa Title: "AWS Account without MFA" Description: "AWS accounts without MFA enabled" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/45-aws_insight_account_without_mfa.yaml.bak b/queries/45-aws_insight_account_without_mfa.yaml.bak new file mode 100755 index 000000000..6f70c5b4a --- /dev/null +++ b/queries/45-aws_insight_account_without_mfa.yaml.bak @@ -0,0 +1,19 @@ +ID: aws_insight_account_without_mfa +Title: "AWS Account without MFA" +Description: "AWS accounts without MFA enabled" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: select account_id, og_account_id from aws_iam_account_summary where account_mfa_enabled = false + PrimaryTable: aws_iam_credential_report + ListOfTables: + - aws_iam_credential_report + Parameters: [] +Tags: + category: + - Security + persona: + - DevOps + - Security + - Executive diff --git a/queries/46-aws_insight_account_with_key_and_password.yaml b/queries/46-aws_insight_account_with_key_and_password.yaml index 7867ad73e..80316bc9d 100755 --- a/queries/46-aws_insight_account_with_key_and_password.yaml +++ b/queries/46-aws_insight_account_with_key_and_password.yaml @@ -1,7 +1,7 @@ ID: aws_insight_account_with_key_and_password Title: "AWS Account with Access Key and Console Password" Description: "AWS accounts with access key and console password both enabled" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/46-aws_insight_account_with_key_and_password.yaml.bak b/queries/46-aws_insight_account_with_key_and_password.yaml.bak new file mode 100755 index 000000000..7867ad73e --- /dev/null +++ b/queries/46-aws_insight_account_with_key_and_password.yaml.bak @@ -0,0 +1,19 @@ +ID: aws_insight_account_with_key_and_password +Title: "AWS Account with Access Key and Console Password" +Description: "AWS accounts with access key and console password both enabled" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: select user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (password_enabled = true AND (access_key_1_active = true OR access_key_2_active = true)) + PrimaryTable: aws_iam_credential_report + ListOfTables: + - aws_iam_credential_report + Parameters: [] +Tags: + category: + - Security + persona: + - DevOps + - Security + - Executive diff --git a/queries/47-aws_insight_account_with_unused_key.yaml b/queries/47-aws_insight_account_with_unused_key.yaml index 7d73f8b02..744d5ed76 100755 --- a/queries/47-aws_insight_account_with_unused_key.yaml +++ b/queries/47-aws_insight_account_with_unused_key.yaml @@ -1,7 +1,7 @@ ID: aws_insight_account_with_unused_key Title: "AWS Accounts with Unused Access Keys" Description: "This insight returns a list of AWS accounts with unused access keys." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/47-aws_insight_account_with_unused_key.yaml.bak b/queries/47-aws_insight_account_with_unused_key.yaml.bak new file mode 100755 index 000000000..7d73f8b02 --- /dev/null +++ b/queries/47-aws_insight_account_with_unused_key.yaml.bak @@ -0,0 +1,19 @@ +ID: aws_insight_account_with_unused_key +Title: "AWS Accounts with Unused Access Keys" +Description: "This insight returns a list of AWS accounts with unused access keys." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: select access_key_1_active, access_key_1_last_used_date, access_key_2_active, access_key_2_last_used_date, user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where ((access_key_1_active = true AND (access_key_1_last_used_date IS NULL OR (current_date - DATE(access_key_1_last_used_date)) > 90)) OR (access_key_2_active = true AND (access_key_2_last_used_date IS NULL OR (current_date - DATE(access_key_2_last_used_date)) > 90))) + PrimaryTable: aws_iam_credential_report + ListOfTables: + - aws_iam_credential_report + Parameters: [] +Tags: + category: + - Security + persona: + - DevOps + - Security + - Executive diff --git a/queries/48-aws_insight_iam_user_with_old_keys.yaml b/queries/48-aws_insight_iam_user_with_old_keys.yaml index af2dc9b38..c4fc07690 100755 --- a/queries/48-aws_insight_iam_user_with_old_keys.yaml +++ b/queries/48-aws_insight_iam_user_with_old_keys.yaml @@ -1,7 +1,7 @@ ID: aws_insight_iam_user_with_old_keys Title: "IAM Users with old access keys" Description: "IAM users with access keys older than 90 days" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/48-aws_insight_iam_user_with_old_keys.yaml.bak b/queries/48-aws_insight_iam_user_with_old_keys.yaml.bak new file mode 100755 index 000000000..af2dc9b38 --- /dev/null +++ b/queries/48-aws_insight_iam_user_with_old_keys.yaml.bak @@ -0,0 +1,19 @@ +ID: aws_insight_iam_user_with_old_keys +Title: "IAM Users with old access keys" +Description: "IAM users with access keys older than 90 days" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: select access_key_1_active, access_key_1_last_rotated, access_key_2_active, access_key_2_last_rotated, user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where ((access_key_1_active = true AND (access_key_1_last_rotated IS NULL OR (current_date - DATE(access_key_1_last_rotated)) > 90)) OR (access_key_2_active = true AND (access_key_2_last_rotated IS NULL OR (current_date - DATE(access_key_2_last_rotated)) > 90))) + PrimaryTable: aws_iam_credential_report + ListOfTables: + - aws_iam_credential_report + Parameters: [] +Tags: + category: + - Security + persona: + - DevOps + - Security + - Executive diff --git a/queries/49-aws_insight_iam_user_with_old_password.yaml b/queries/49-aws_insight_iam_user_with_old_password.yaml index dea1fb62f..fd22505b1 100755 --- a/queries/49-aws_insight_iam_user_with_old_password.yaml +++ b/queries/49-aws_insight_iam_user_with_old_password.yaml @@ -1,7 +1,7 @@ ID: aws_insight_iam_user_with_old_password Title: "IAM Users with old access password" Description: "IAM users with password older than 90 days" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/49-aws_insight_iam_user_with_old_password.yaml.bak b/queries/49-aws_insight_iam_user_with_old_password.yaml.bak new file mode 100755 index 000000000..dea1fb62f --- /dev/null +++ b/queries/49-aws_insight_iam_user_with_old_password.yaml.bak @@ -0,0 +1,19 @@ +ID: aws_insight_iam_user_with_old_password +Title: "IAM Users with old access password" +Description: "IAM users with password older than 90 days" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: select password_enabled, password_last_changed, user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (password_enabled = true AND (password_last_changed IS NULL OR (current_date - DATE(password_last_changed)) > 90)) + PrimaryTable: aws_iam_credential_report + ListOfTables: + - aws_iam_credential_report + Parameters: [] +Tags: + category: + - Security + persona: + - DevOps + - Security + - Executive diff --git a/queries/5-aws_insight_ebs_volume_unattached.yaml b/queries/5-aws_insight_ebs_volume_unattached.yaml index 28da3fd24..054a1959e 100755 --- a/queries/5-aws_insight_ebs_volume_unattached.yaml +++ b/queries/5-aws_insight_ebs_volume_unattached.yaml @@ -1,7 +1,7 @@ ID: aws_insight_ebs_volume_unattached Title: "Unused EBS Disks" Description: "List of unattached EBS Volumes" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/5-aws_insight_ebs_volume_unattached.yaml.bak b/queries/5-aws_insight_ebs_volume_unattached.yaml.bak new file mode 100755 index 000000000..28da3fd24 --- /dev/null +++ b/queries/5-aws_insight_ebs_volume_unattached.yaml.bak @@ -0,0 +1,21 @@ +ID: aws_insight_ebs_volume_unattached +Title: "Unused EBS Disks" +Description: "List of unattached EBS Volumes" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select volume_id, volume_type, account_id, og_account_id, og_resource_id + from + aws_ebs_volume + where + jsonb_array_length(attachments) = 0; + PrimaryTable: aws_ebs_volume + ListOfTables: + - aws_ebs_volume + Parameters: [] +Tags: + category: + - Technical Debt + - Cost Management diff --git a/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml b/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml index 6d822d392..0ccd737e7 100755 --- a/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml +++ b/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml @@ -1,7 +1,7 @@ ID: aws_insight_ec2_instance_of_undesired_type Title: "Legacy Instance Types" Description: "List of Instances which are not of the desired type." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml.bak b/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml.bak new file mode 100755 index 000000000..6d822d392 --- /dev/null +++ b/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml.bak @@ -0,0 +1,19 @@ +ID: aws_insight_ec2_instance_of_undesired_type +Title: "Legacy Instance Types" +Description: "List of Instances which are not of the desired type." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: SELECT instance_id, arn, instance_type, instance_state, account_id, og_account_id, og_resource_id FROM aws_ec2_instance WHERE instance_type LIKE ANY(array['m1.%', 'm2.%', 'm3.%', 'c1.%', 'c3.%', 'g2.%', 'cr1.%', 'r3.%', 'i2.%', 'hs1.%', 't1.%']); + PrimaryTable: aws_ec2_instance + ListOfTables: + - aws_ec2_instance + Parameters: [] +Tags: + category: + - Technical Debt + persona: + - Executive + - Product + - FinOps diff --git a/queries/7-aws_insight_iam_user_with_admin_access.yaml b/queries/7-aws_insight_iam_user_with_admin_access.yaml index 656432d15..cb4f2998b 100755 --- a/queries/7-aws_insight_iam_user_with_admin_access.yaml +++ b/queries/7-aws_insight_iam_user_with_admin_access.yaml @@ -1,7 +1,7 @@ ID: aws_insight_iam_user_with_admin_access Title: "Admin Users" Description: "List all the users having Administrator access" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/7-aws_insight_iam_user_with_admin_access.yaml.bak b/queries/7-aws_insight_iam_user_with_admin_access.yaml.bak new file mode 100755 index 000000000..cb4f2998b --- /dev/null +++ b/queries/7-aws_insight_iam_user_with_admin_access.yaml.bak @@ -0,0 +1,21 @@ +ID: aws_insight_iam_user_with_admin_access +Title: "Admin Users" +Description: "List all the users having Administrator access" +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select name as user_name, split_part(attachments, '/', 2) as attached_policies, aws_iam_user.account_id, aws_iam_user.og_account_id, aws_iam_user.og_resource_id + from + aws_iam_user + cross join jsonb_array_elements_text(attached_policy_arns) as attachments + where + split_part(attachments, '/', 2) = 'AdministratorAccess'; + PrimaryTable: aws_iam_user + ListOfTables: + - aws_iam_user + Parameters: [] +Tags: + category: + - Security diff --git a/queries/7-aws_insight_iam_user_with_admin_access.yaml.bak.bak b/queries/7-aws_insight_iam_user_with_admin_access.yaml.bak.bak new file mode 100755 index 000000000..cb4f2998b --- /dev/null +++ b/queries/7-aws_insight_iam_user_with_admin_access.yaml.bak.bak @@ -0,0 +1,21 @@ +ID: aws_insight_iam_user_with_admin_access +Title: "Admin Users" +Description: "List all the users having Administrator access" +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select name as user_name, split_part(attachments, '/', 2) as attached_policies, aws_iam_user.account_id, aws_iam_user.og_account_id, aws_iam_user.og_resource_id + from + aws_iam_user + cross join jsonb_array_elements_text(attached_policy_arns) as attachments + where + split_part(attachments, '/', 2) = 'AdministratorAccess'; + PrimaryTable: aws_iam_user + ListOfTables: + - aws_iam_user + Parameters: [] +Tags: + category: + - Security diff --git a/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml b/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml index c581e2cb7..1a8e959a9 100755 --- a/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml +++ b/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml @@ -1,7 +1,7 @@ ID: aws_insight_iam_user_with_mfa_disabled Title: "Users with no MFA" Description: "List all the users for whom MFA is not enabled" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml.bak b/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml.bak new file mode 100755 index 000000000..c581e2cb7 --- /dev/null +++ b/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_insight_iam_user_with_mfa_disabled +Title: "Users with no MFA" +Description: "List all the users for whom MFA is not enabled" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + user_id, + mfa_enabled, account_id, og_account_id, og_resource_id + from + aws_iam_user + where + not mfa_enabled; + PrimaryTable: aws_iam_user + ListOfTables: + - aws_iam_user + Parameters: [] +Tags: + category: + - Security + - Technical Debt diff --git a/queries/9-aws_insight_iam_user_with_inline_policies.yaml b/queries/9-aws_insight_iam_user_with_inline_policies.yaml index 897faae40..03664be78 100755 --- a/queries/9-aws_insight_iam_user_with_inline_policies.yaml +++ b/queries/9-aws_insight_iam_user_with_inline_policies.yaml @@ -1,7 +1,7 @@ ID: aws_insight_iam_user_with_inline_policies Title: "Users with Inline Policies" Description: "List users that have inline policies" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/9-aws_insight_iam_user_with_inline_policies.yaml.bak b/queries/9-aws_insight_iam_user_with_inline_policies.yaml.bak new file mode 100755 index 000000000..897faae40 --- /dev/null +++ b/queries/9-aws_insight_iam_user_with_inline_policies.yaml.bak @@ -0,0 +1,23 @@ +ID: aws_insight_iam_user_with_inline_policies +Title: "Users with Inline Policies" +Description: "List users that have inline policies" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as user_name, + inline_policies, account_id, og_account_id, og_resource_id + from + aws_iam_user + where + inline_policies is not null; + PrimaryTable: aws_iam_user + ListOfTables: + - aws_iam_user + Parameters: [] +Tags: + category: + - Security + - Technical Debt diff --git a/queries/ai_workload.yaml b/queries/ai_workload.yaml index 2d9e73451..54de37b4c 100755 --- a/queries/ai_workload.yaml +++ b/queries/ai_workload.yaml @@ -1,7 +1,7 @@ ID: ai_workload Title: "AI Workload" Description: "AI Workload" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/ai_workload.yaml.bak b/queries/ai_workload.yaml.bak new file mode 100755 index 000000000..2d9e73451 --- /dev/null +++ b/queries/ai_workload.yaml.bak @@ -0,0 +1,41 @@ +ID: ai_workload +Title: "AI Workload" +Description: "AI Workload" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + case + when resource_type like 'aws::%' then 'AWS' + else 'Azure' + end as provider, + c.name as cloud_account_name, + c.id as _discovered_provider_id, + r.name as name, + r.region as location, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered + from + og_resources r inner join og_connections c on r.connection_id = c.og_id + where + resource_type IN ('microsoft.cognitiveservices/accounts') + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + - azure + cloud_service: + - Cognitive Services + platform_queries_bookmark: + - "true" diff --git a/queries/autoscaling_workload.yaml b/queries/autoscaling_workload.yaml index 966537563..3ffefbd6f 100755 --- a/queries/autoscaling_workload.yaml +++ b/queries/autoscaling_workload.yaml @@ -1,7 +1,7 @@ ID: autoscaling_workload Title: "List All Autoscaling Groups and VM Scale Sets" Description: "List All Autoscaling Groups and VM Scale Sets" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/autoscaling_workload.yaml.bak b/queries/autoscaling_workload.yaml.bak new file mode 100755 index 000000000..966537563 --- /dev/null +++ b/queries/autoscaling_workload.yaml.bak @@ -0,0 +1,39 @@ +ID: autoscaling_workload +Title: "List All Autoscaling Groups and VM Scale Sets" +Description: "List All Autoscaling Groups and VM Scale Sets" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + case + when resource_type like 'aws::%' then 'AWS' + else 'Azure' + end as provider, + c.name as cloud_account_name, + c.id as _discovered_provider_id, + r.name as name, + r.region as location, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered + from + og_resources r inner join og_connections c on r.connection_id = c.og_id + where + resource_type IN ('aws::autoscaling::autoscalinggroup', 'microsoft.compute/virtualmachinescalesets') + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + - azure + cloud_service: + - Auto Scaling and VM Scale Set diff --git a/queries/aws_accessanalyzer_analyzer_1.yaml b/queries/aws_accessanalyzer_analyzer_1.yaml index fad345240..572e1114b 100755 --- a/queries/aws_accessanalyzer_analyzer_1.yaml +++ b/queries/aws_accessanalyzer_analyzer_1.yaml @@ -1,7 +1,7 @@ ID: aws_accessanalyzer_analyzer_1 Title: "List all AWS Access Analyzer Information" Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_accessanalyzer_analyzer_1.yaml.bak b/queries/aws_accessanalyzer_analyzer_1.yaml.bak new file mode 100755 index 000000000..fad345240 --- /dev/null +++ b/queries/aws_accessanalyzer_analyzer_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_accessanalyzer_analyzer_1 +Title: "List all AWS Access Analyzer Information" +Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + last_resource_analyzed, + last_resource_analyzed_at, + status, + type + from + aws_accessanalyzer_analyzer; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Access Analyzer diff --git a/queries/aws_accessanalyzer_analyzer_2.yaml b/queries/aws_accessanalyzer_analyzer_2.yaml index 778a1a874..8471ade2e 100755 --- a/queries/aws_accessanalyzer_analyzer_2.yaml +++ b/queries/aws_accessanalyzer_analyzer_2.yaml @@ -1,7 +1,7 @@ ID: aws_accessanalyzer_analyzer_2 Title: "Find AWS IAM Access Analyzer Analyzers Information" Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_accessanalyzer_analyzer_2.yaml.bak b/queries/aws_accessanalyzer_analyzer_2.yaml.bak new file mode 100755 index 000000000..8471ade2e --- /dev/null +++ b/queries/aws_accessanalyzer_analyzer_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_accessanalyzer_analyzer_2 +Title: "Find AWS IAM Access Analyzer Analyzers Information" +Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + status + last_resource_analyzed, + last_resource_analyzed_at, + tags + from + aws_accessanalyzer_analyzer + where + status = 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Access Analyzer diff --git a/queries/aws_accessanalyzer_analyzer_2.yaml.bak.bak b/queries/aws_accessanalyzer_analyzer_2.yaml.bak.bak new file mode 100755 index 000000000..8471ade2e --- /dev/null +++ b/queries/aws_accessanalyzer_analyzer_2.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_accessanalyzer_analyzer_2 +Title: "Find AWS IAM Access Analyzer Analyzers Information" +Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + status + last_resource_analyzed, + last_resource_analyzed_at, + tags + from + aws_accessanalyzer_analyzer + where + status = 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Access Analyzer diff --git a/queries/aws_accessanalyzer_analyzer_3.yaml b/queries/aws_accessanalyzer_analyzer_3.yaml index 20614a683..73de95e2f 100755 --- a/queries/aws_accessanalyzer_analyzer_3.yaml +++ b/queries/aws_accessanalyzer_analyzer_3.yaml @@ -1,7 +1,7 @@ ID: aws_accessanalyzer_analyzer_3 Title: "Find AWS IAM Access Analyzer Details" Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_accessanalyzer_analyzer_3.yaml.bak b/queries/aws_accessanalyzer_analyzer_3.yaml.bak new file mode 100755 index 000000000..20614a683 --- /dev/null +++ b/queries/aws_accessanalyzer_analyzer_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_accessanalyzer_analyzer_3 +Title: "Find AWS IAM Access Analyzer Details" +Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + status, + type, + last_resource_analyzed + from + aws_accessanalyzer_analyzer + where + status = 'ACTIVE' + and findings is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Access Analyzer diff --git a/queries/aws_accessanalyzer_finding_1.yaml b/queries/aws_accessanalyzer_finding_1.yaml index a56dae711..97b03183a 100755 --- a/queries/aws_accessanalyzer_finding_1.yaml +++ b/queries/aws_accessanalyzer_finding_1.yaml @@ -1,7 +1,7 @@ ID: aws_accessanalyzer_finding_1 Title: "Find AWS IAM Access Analyzer Findings for Security Risks" Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_accessanalyzer_finding_1.yaml.bak b/queries/aws_accessanalyzer_finding_1.yaml.bak new file mode 100755 index 000000000..97b03183a --- /dev/null +++ b/queries/aws_accessanalyzer_finding_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_accessanalyzer_finding_1 +Title: "Find AWS IAM Access Analyzer Findings for Security Risks" +Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + access_analyzer_arn, + analyzed_at, + resource_type, + status, + is_public + from + aws_accessanalyzer_finding; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Access Analyzer diff --git a/queries/aws_accessanalyzer_finding_1.yaml.bak.bak b/queries/aws_accessanalyzer_finding_1.yaml.bak.bak new file mode 100755 index 000000000..97b03183a --- /dev/null +++ b/queries/aws_accessanalyzer_finding_1.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_accessanalyzer_finding_1 +Title: "Find AWS IAM Access Analyzer Findings for Security Risks" +Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + access_analyzer_arn, + analyzed_at, + resource_type, + status, + is_public + from + aws_accessanalyzer_finding; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Access Analyzer diff --git a/queries/aws_accessanalyzer_finding_2.yaml b/queries/aws_accessanalyzer_finding_2.yaml index f75c5a9c1..fef267c8b 100755 --- a/queries/aws_accessanalyzer_finding_2.yaml +++ b/queries/aws_accessanalyzer_finding_2.yaml @@ -1,7 +1,7 @@ ID: aws_accessanalyzer_finding_2 Title: "Find all AWS IAM Access Analyzer public findings" Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_accessanalyzer_finding_2.yaml.bak b/queries/aws_accessanalyzer_finding_2.yaml.bak new file mode 100755 index 000000000..f75c5a9c1 --- /dev/null +++ b/queries/aws_accessanalyzer_finding_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_accessanalyzer_finding_2 +Title: "Find all AWS IAM Access Analyzer public findings" +Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + resource_type, + access_analyzer_arn, + status, + is_public + from + aws_accessanalyzer_finding + where + is_public = true; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Access Analyzer diff --git a/queries/aws_accessanalyzer_finding_3.yaml b/queries/aws_accessanalyzer_finding_3.yaml index 87321cd41..d6b4de292 100755 --- a/queries/aws_accessanalyzer_finding_3.yaml +++ b/queries/aws_accessanalyzer_finding_3.yaml @@ -1,7 +1,7 @@ ID: aws_accessanalyzer_finding_3 Title: "List AWS Access Analyzer Findings Security Risks" Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_accessanalyzer_finding_3.yaml.bak b/queries/aws_accessanalyzer_finding_3.yaml.bak new file mode 100755 index 000000000..87321cd41 --- /dev/null +++ b/queries/aws_accessanalyzer_finding_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_accessanalyzer_finding_3 +Title: "List AWS Access Analyzer Findings Security Risks" +Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_type, + count(*) as findings_count + from + aws_accessanalyzer_finding + group by + resource_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Access Analyzer diff --git a/queries/aws_accessanalyzer_finding_4.yaml b/queries/aws_accessanalyzer_finding_4.yaml index 232575b4d..896623b5e 100755 --- a/queries/aws_accessanalyzer_finding_4.yaml +++ b/queries/aws_accessanalyzer_finding_4.yaml @@ -1,7 +1,7 @@ ID: aws_accessanalyzer_finding_4 Title: "Find AWS Access Analyzer Findings in Last 30 Days" Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_accessanalyzer_finding_4.yaml.bak b/queries/aws_accessanalyzer_finding_4.yaml.bak new file mode 100755 index 000000000..232575b4d --- /dev/null +++ b/queries/aws_accessanalyzer_finding_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_accessanalyzer_finding_4 +Title: "Find AWS Access Analyzer Findings in Last 30 Days" +Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + resource, + status, + analyzed_at + from + aws_accessanalyzer_finding + where + analyzed_at > current_date - interval '30 days'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Access Analyzer diff --git a/queries/aws_account_1.yaml b/queries/aws_account_1.yaml index abd5ca57f..8fa3d7011 100755 --- a/queries/aws_account_1.yaml +++ b/queries/aws_account_1.yaml @@ -1,7 +1,7 @@ ID: aws_account_1 Title: "List all AWS Account Details with Status and Owner" Description: "Allows users to query AWS Account information, including details about the account''s status, owner, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_account_1.yaml.bak b/queries/aws_account_1.yaml.bak new file mode 100755 index 000000000..abd5ca57f --- /dev/null +++ b/queries/aws_account_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_account_1 +Title: "List all AWS Account Details with Status and Owner" +Description: "Allows users to query AWS Account information, including details about the account''s status, owner, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + alias, + arn, + organization_id, + organization_master_account_email, + organization_master_account_id + from + aws_account + cross join jsonb_array_elements(account_aliases) as alias; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Account diff --git a/queries/aws_account_2.yaml b/queries/aws_account_2.yaml index 31f2b71c4..89e6cb185 100755 --- a/queries/aws_account_2.yaml +++ b/queries/aws_account_2.yaml @@ -1,7 +1,7 @@ ID: aws_account_2 Title: "Find AWS Account Information and Associated Resources" Description: "Allows users to query AWS Account information, including details about the account''s status, owner, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_account_2.yaml.bak b/queries/aws_account_2.yaml.bak new file mode 100755 index 000000000..89e6cb185 --- /dev/null +++ b/queries/aws_account_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_account_2 +Title: "Find AWS Account Information and Associated Resources" +Description: "Allows users to query AWS Account information, including details about the account''s status, owner, and associated resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + organization_id, + policy ->> 'Type' as policy_type, + policy ->> 'Status' as policy_status + from + aws_account + cross join jsonb_array_elements(organization_available_policy_types) as policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Account diff --git a/queries/aws_account_2.yaml.bak.bak b/queries/aws_account_2.yaml.bak.bak new file mode 100755 index 000000000..89e6cb185 --- /dev/null +++ b/queries/aws_account_2.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_account_2 +Title: "Find AWS Account Information and Associated Resources" +Description: "Allows users to query AWS Account information, including details about the account''s status, owner, and associated resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + organization_id, + policy ->> 'Type' as policy_type, + policy ->> 'Status' as policy_status + from + aws_account + cross join jsonb_array_elements(organization_available_policy_types) as policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Account diff --git a/queries/aws_account_alternate_contact_1.yaml b/queries/aws_account_alternate_contact_1.yaml index 97a3148c9..991d4d87a 100755 --- a/queries/aws_account_alternate_contact_1.yaml +++ b/queries/aws_account_alternate_contact_1.yaml @@ -1,7 +1,7 @@ ID: aws_account_alternate_contact_1 Title: "Find AWS Account Alternate Contact Details" Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_account_alternate_contact_1.yaml.bak b/queries/aws_account_alternate_contact_1.yaml.bak new file mode 100755 index 000000000..97a3148c9 --- /dev/null +++ b/queries/aws_account_alternate_contact_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_account_alternate_contact_1 +Title: "Find AWS Account Alternate Contact Details" +Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + linked_account_id, + contact_type, + email_address, + phone_number, + contact_title + from + aws_account_alternate_contact; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Account diff --git a/queries/aws_account_alternate_contact_2.yaml b/queries/aws_account_alternate_contact_2.yaml index 76b6e41ba..23938c17e 100755 --- a/queries/aws_account_alternate_contact_2.yaml +++ b/queries/aws_account_alternate_contact_2.yaml @@ -1,7 +1,7 @@ ID: aws_account_alternate_contact_2 Title: "Find AWS Account Alternate Contact Details" Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_account_alternate_contact_2.yaml.bak b/queries/aws_account_alternate_contact_2.yaml.bak new file mode 100755 index 000000000..76b6e41ba --- /dev/null +++ b/queries/aws_account_alternate_contact_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_account_alternate_contact_2 +Title: "Find AWS Account Alternate Contact Details" +Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + linked_account_id, + contact_type, + email_address, + phone_number, + contact_title + from + aws_account_alternate_contact + where + contact_type = 'BILLING'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Account diff --git a/queries/aws_account_alternate_contact_3.yaml b/queries/aws_account_alternate_contact_3.yaml index 946a1260f..e591b4aea 100755 --- a/queries/aws_account_alternate_contact_3.yaml +++ b/queries/aws_account_alternate_contact_3.yaml @@ -1,7 +1,7 @@ ID: aws_account_alternate_contact_3 Title: "Find AWS Account Alternate Contact Details" Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_account_alternate_contact_3.yaml.bak b/queries/aws_account_alternate_contact_3.yaml.bak new file mode 100755 index 000000000..946a1260f --- /dev/null +++ b/queries/aws_account_alternate_contact_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_account_alternate_contact_3 +Title: "Find AWS Account Alternate Contact Details" +Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + linked_account_id, + contact_type, + email_address, + phone_number, + contact_title + from + aws_account_alternate_contact + where + linked_account_id = '123456789012'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Account Management diff --git a/queries/aws_account_alternate_contact_4.yaml b/queries/aws_account_alternate_contact_4.yaml index 7e298d3cc..5216759f1 100755 --- a/queries/aws_account_alternate_contact_4.yaml +++ b/queries/aws_account_alternate_contact_4.yaml @@ -1,7 +1,7 @@ ID: aws_account_alternate_contact_4 Title: "Find all AWS Account Alternate Contacts using SQL" Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_account_alternate_contact_4.yaml.bak b/queries/aws_account_alternate_contact_4.yaml.bak new file mode 100755 index 000000000..7e298d3cc --- /dev/null +++ b/queries/aws_account_alternate_contact_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_account_alternate_contact_4 +Title: "Find all AWS Account Alternate Contacts using SQL" +Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + linked_account_id, + contact_type, + email_address, + phone_number, + contact_title + from + aws_account_alternate_contact + where + linked_account_id = '123456789012' + and contact_type = 'SECURITY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Account Management diff --git a/queries/aws_account_contact_1.yaml b/queries/aws_account_contact_1.yaml index fc3bfa683..3b8d4b5f1 100755 --- a/queries/aws_account_contact_1.yaml +++ b/queries/aws_account_contact_1.yaml @@ -1,7 +1,7 @@ ID: aws_account_contact_1 Title: "List AWS Account Contact Details using SQL" Description: "Allows users to query AWS Account Contact details, including email, mobile, and address information associated with an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_account_contact_1.yaml.bak b/queries/aws_account_contact_1.yaml.bak new file mode 100755 index 000000000..fc3bfa683 --- /dev/null +++ b/queries/aws_account_contact_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_account_contact_1 +Title: "List AWS Account Contact Details using SQL" +Description: "Allows users to query AWS Account Contact details, including email, mobile, and address information associated with an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + full_name, + company_name, + city, + phone_number, + postal_code, + state_or_region, + website_url + from + aws_account_contact; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Account Contact diff --git a/queries/aws_account_contact_2.yaml b/queries/aws_account_contact_2.yaml index ee9a0619c..f9786b3f1 100755 --- a/queries/aws_account_contact_2.yaml +++ b/queries/aws_account_contact_2.yaml @@ -1,7 +1,7 @@ ID: aws_account_contact_2 Title: "Find AWS Account Contact details using SQL" Description: "Allows users to query AWS Account Contact details, including email, mobile, and address information associated with an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_account_contact_2.yaml.bak b/queries/aws_account_contact_2.yaml.bak new file mode 100755 index 000000000..ee9a0619c --- /dev/null +++ b/queries/aws_account_contact_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_account_contact_2 +Title: "Find AWS Account Contact details using SQL" +Description: "Allows users to query AWS Account Contact details, including email, mobile, and address information associated with an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + full_name, + company_name, + city, + phone_number, + postal_code, + state_or_region, + website_url + from + aws_account_contact + where + linked_account_id = '123456789012'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Account Contact diff --git a/queries/aws_acm_certificate_1.yaml b/queries/aws_acm_certificate_1.yaml index 4852a8892..2b27ebef2 100755 --- a/queries/aws_acm_certificate_1.yaml +++ b/queries/aws_acm_certificate_1.yaml @@ -1,7 +1,7 @@ ID: aws_acm_certificate_1 Title: "Find AWS ACM Certificates and Their Details" Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_acm_certificate_1.yaml.bak b/queries/aws_acm_certificate_1.yaml.bak new file mode 100755 index 000000000..4852a8892 --- /dev/null +++ b/queries/aws_acm_certificate_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_acm_certificate_1 +Title: "Find AWS ACM Certificates and Their Details" +Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + certificate_arn, + domain_name, + failure_reason, + in_use_by, + status, + key_algorithm + from + aws_acm_certificate; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Certificate Manager diff --git a/queries/aws_acm_certificate_2.yaml b/queries/aws_acm_certificate_2.yaml index 94de12ba4..190ee9a5e 100755 --- a/queries/aws_acm_certificate_2.yaml +++ b/queries/aws_acm_certificate_2.yaml @@ -1,7 +1,7 @@ ID: aws_acm_certificate_2 Title: "List all AWS Certificate Manager certificates status" Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_acm_certificate_2.yaml.bak b/queries/aws_acm_certificate_2.yaml.bak new file mode 100755 index 000000000..94de12ba4 --- /dev/null +++ b/queries/aws_acm_certificate_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_acm_certificate_2 +Title: "List all AWS Certificate Manager certificates status" +Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + certificate_arn, + domain_name, + status + from + aws_acm_certificate + where + status = 'EXPIRED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Certificate Manager diff --git a/queries/aws_acm_certificate_3.yaml b/queries/aws_acm_certificate_3.yaml index 4ca472f1e..c6070c6e6 100755 --- a/queries/aws_acm_certificate_3.yaml +++ b/queries/aws_acm_certificate_3.yaml @@ -1,7 +1,7 @@ ID: aws_acm_certificate_3 Title: "Find all AWS Certificate Manager certificates details" Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_acm_certificate_3.yaml.bak b/queries/aws_acm_certificate_3.yaml.bak new file mode 100755 index 000000000..4ca472f1e --- /dev/null +++ b/queries/aws_acm_certificate_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_acm_certificate_3 +Title: "Find all AWS Certificate Manager certificates details" +Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + certificate_arn, + domain_name, + status + from + aws_acm_certificate + where + certificate_transparency_logging_preference <> 'ENABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Certificate Manager diff --git a/queries/aws_acm_certificate_4.yaml b/queries/aws_acm_certificate_4.yaml index 3621ef82c..ecf631c18 100755 --- a/queries/aws_acm_certificate_4.yaml +++ b/queries/aws_acm_certificate_4.yaml @@ -1,7 +1,7 @@ ID: aws_acm_certificate_4 Title: "List all AWS Certificate Manager certificates with SQL" Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_acm_certificate_4.yaml.bak b/queries/aws_acm_certificate_4.yaml.bak new file mode 100755 index 000000000..3621ef82c --- /dev/null +++ b/queries/aws_acm_certificate_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_acm_certificate_4 +Title: "List all AWS Certificate Manager certificates with SQL" +Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + certificate_arn, + tags + from + aws_acm_certificate + where + not tags :: JSONB ? 'application'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Certificate Manager diff --git a/queries/aws_acmpca_certificate_authority_1.yaml b/queries/aws_acmpca_certificate_authority_1.yaml index dd9ba523f..52fb137a2 100755 --- a/queries/aws_acmpca_certificate_authority_1.yaml +++ b/queries/aws_acmpca_certificate_authority_1.yaml @@ -1,7 +1,7 @@ ID: aws_acmpca_certificate_authority_1 Title: "List all AWS ACM PCA Certificate Authorities details" Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_acmpca_certificate_authority_1.yaml.bak b/queries/aws_acmpca_certificate_authority_1.yaml.bak new file mode 100755 index 000000000..dd9ba523f --- /dev/null +++ b/queries/aws_acmpca_certificate_authority_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_acmpca_certificate_authority_1 +Title: "List all AWS ACM PCA Certificate Authorities details" +Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + status, + created_at, + not_before, + not_after, + key_storage_security_standard, + failure_reason + from + aws_acmpca_certificate_authority; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ACM PCA diff --git a/queries/aws_acmpca_certificate_authority_2.yaml b/queries/aws_acmpca_certificate_authority_2.yaml index 93f6f740e..f5b9fb9f9 100755 --- a/queries/aws_acmpca_certificate_authority_2.yaml +++ b/queries/aws_acmpca_certificate_authority_2.yaml @@ -1,7 +1,7 @@ ID: aws_acmpca_certificate_authority_2 Title: "List all AWS ACM PCA Certificate Authority Details" Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_acmpca_certificate_authority_2.yaml.bak b/queries/aws_acmpca_certificate_authority_2.yaml.bak new file mode 100755 index 000000000..93f6f740e --- /dev/null +++ b/queries/aws_acmpca_certificate_authority_2.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_acmpca_certificate_authority_2 +Title: "List all AWS ACM PCA Certificate Authority Details" +Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + status, + key_storage_security_standard + from + aws_acmpca_certificate_authority + where + key_storage_security_standard = 'FIPS_140_2_LEVEL_3_OR_HIGHER'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "false" + cloud_data_security: + - "false" + cloud_finops: + - "false" + cloud_identity_security: + - "true" + cloud_network_security: + - "false" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ACM PCA diff --git a/queries/aws_acmpca_certificate_authority_3.yaml b/queries/aws_acmpca_certificate_authority_3.yaml index c73ae790b..482330d3a 100755 --- a/queries/aws_acmpca_certificate_authority_3.yaml +++ b/queries/aws_acmpca_certificate_authority_3.yaml @@ -1,7 +1,7 @@ ID: aws_acmpca_certificate_authority_3 Title: "List all AWS ACM PCA Certificate Authorities details and status" Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_acmpca_certificate_authority_3.yaml.bak b/queries/aws_acmpca_certificate_authority_3.yaml.bak new file mode 100755 index 000000000..c73ae790b --- /dev/null +++ b/queries/aws_acmpca_certificate_authority_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_acmpca_certificate_authority_3 +Title: "List all AWS ACM PCA Certificate Authorities details and status" +Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + status, + created_at, + last_state_change_at + from + aws_acmpca_certificate_authority + where + status = 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ACM PCA diff --git a/queries/aws_acmpca_certificate_authority_4.yaml b/queries/aws_acmpca_certificate_authority_4.yaml index bff793e58..517b39741 100755 --- a/queries/aws_acmpca_certificate_authority_4.yaml +++ b/queries/aws_acmpca_certificate_authority_4.yaml @@ -1,7 +1,7 @@ ID: aws_acmpca_certificate_authority_4 Title: "List all AWS ACM PCA Certificate Authorities details" Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_acmpca_certificate_authority_4.yaml.bak b/queries/aws_acmpca_certificate_authority_4.yaml.bak new file mode 100755 index 000000000..bff793e58 --- /dev/null +++ b/queries/aws_acmpca_certificate_authority_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_acmpca_certificate_authority_4 +Title: "List all AWS ACM PCA Certificate Authorities details" +Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + tags + from + aws_acmpca_certificate_authority + where + (tags ->> 'Project') = 'MyProject'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ACM PCA diff --git a/queries/aws_amplify_app_1.yaml b/queries/aws_amplify_app_1.yaml index 0239266f1..84ea802ef 100755 --- a/queries/aws_amplify_app_1.yaml +++ b/queries/aws_amplify_app_1.yaml @@ -1,7 +1,7 @@ ID: aws_amplify_app_1 Title: "Find all detailed information about AWS Amplify Apps" Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_amplify_app_1.yaml.bak b/queries/aws_amplify_app_1.yaml.bak new file mode 100755 index 000000000..0239266f1 --- /dev/null +++ b/queries/aws_amplify_app_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_amplify_app_1 +Title: "Find all detailed information about AWS Amplify Apps" +Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + app_id, + name, + description, + arn, + platform, + create_time, + build_spec + from + aws_amplify_app; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Amplify diff --git a/queries/aws_amplify_app_2.yaml b/queries/aws_amplify_app_2.yaml index f65dc1dc4..0acad92c1 100755 --- a/queries/aws_amplify_app_2.yaml +++ b/queries/aws_amplify_app_2.yaml @@ -1,7 +1,7 @@ ID: aws_amplify_app_2 Title: "List AWS Amplify Apps with Details Including Creation Date" Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_amplify_app_2.yaml.bak b/queries/aws_amplify_app_2.yaml.bak new file mode 100755 index 000000000..f65dc1dc4 --- /dev/null +++ b/queries/aws_amplify_app_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_amplify_app_2 +Title: "List AWS Amplify Apps with Details Including Creation Date" +Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + app_id, + create_time + from + aws_amplify_app + where + create_time >= (now() - interval '90' day) + order by + create_time; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Amplify diff --git a/queries/aws_amplify_app_3.yaml b/queries/aws_amplify_app_3.yaml index c75410d43..779a9e5a8 100755 --- a/queries/aws_amplify_app_3.yaml +++ b/queries/aws_amplify_app_3.yaml @@ -1,7 +1,7 @@ ID: aws_amplify_app_3 Title: "List all AWS Amplify Apps with Recent Update Time" Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_amplify_app_3.yaml.bak b/queries/aws_amplify_app_3.yaml.bak new file mode 100755 index 000000000..c75410d43 --- /dev/null +++ b/queries/aws_amplify_app_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_amplify_app_3 +Title: "List all AWS Amplify Apps with Recent Update Time" +Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + app_id, + update_time + from + aws_amplify_app + where + update_time >= (now() - interval '1' hour) + order by + update_time; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amplify diff --git a/queries/aws_amplify_app_4.yaml b/queries/aws_amplify_app_4.yaml index ba4feaa55..f5bafa84a 100755 --- a/queries/aws_amplify_app_4.yaml +++ b/queries/aws_amplify_app_4.yaml @@ -1,7 +1,7 @@ ID: aws_amplify_app_4 Title: "Find AWS Amplify Apps with Branch Details" Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_amplify_app_4.yaml.bak b/queries/aws_amplify_app_4.yaml.bak new file mode 100755 index 000000000..ba4feaa55 --- /dev/null +++ b/queries/aws_amplify_app_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_amplify_app_4 +Title: "Find AWS Amplify Apps with Branch Details" +Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + production_branch ->> 'BranchName' as branch_name, + production_branch ->> 'LastDeployTime' as last_deploy_time, + production_branch ->> 'Status' as status + from + aws_amplify_app + where + name = 'amplify_app_name'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amplify diff --git a/queries/aws_amplify_app_5.yaml b/queries/aws_amplify_app_5.yaml index 570f6b83c..0526079b5 100755 --- a/queries/aws_amplify_app_5.yaml +++ b/queries/aws_amplify_app_5.yaml @@ -1,7 +1,7 @@ ID: aws_amplify_app_5 Title: "List all AWS Amplify Apps with Detailed Information" Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_amplify_app_5.yaml.bak b/queries/aws_amplify_app_5.yaml.bak new file mode 100755 index 000000000..570f6b83c --- /dev/null +++ b/queries/aws_amplify_app_5.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_amplify_app_5 +Title: "List all AWS Amplify Apps with Detailed Information" +Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + app_id, + build_spec ->> 'backend' as build_backend_spec, + build_spec ->> 'frontend' as build_frontend_spec, + build_spec ->> 'test' as build_test_spec, + build_spec ->> 'env' as build_env_settings + from + aws_amplify_app + where + name = 'amplify_app_name'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amplify diff --git a/queries/aws_amplify_app_6.yaml b/queries/aws_amplify_app_6.yaml index 97de266e3..6ac185c5e 100755 --- a/queries/aws_amplify_app_6.yaml +++ b/queries/aws_amplify_app_6.yaml @@ -1,7 +1,7 @@ ID: aws_amplify_app_6 Title: "Find AWS Amplify Apps with Detailed Information" Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_amplify_app_6.yaml.bak b/queries/aws_amplify_app_6.yaml.bak new file mode 100755 index 000000000..6ac185c5e --- /dev/null +++ b/queries/aws_amplify_app_6.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_amplify_app_6 +Title: "Find AWS Amplify Apps with Detailed Information" +Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + redirects_array ->> 'Condition' as country_code, + redirects_array ->> 'Source' as source_address, + redirects_array ->> 'Status' as redirect_type, + redirects_array ->> 'Target' as destination_address + from + aws_amplify_app, + jsonb_array_elements(custom_rules) as redirects_array + where + redirects_array ->> 'Status' = '200' + and name = 'amplify_app_name'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amplify diff --git a/queries/aws_amplify_app_6.yaml.bak.bak b/queries/aws_amplify_app_6.yaml.bak.bak new file mode 100755 index 000000000..6ac185c5e --- /dev/null +++ b/queries/aws_amplify_app_6.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_amplify_app_6 +Title: "Find AWS Amplify Apps with Detailed Information" +Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + redirects_array ->> 'Condition' as country_code, + redirects_array ->> 'Source' as source_address, + redirects_array ->> 'Status' as redirect_type, + redirects_array ->> 'Target' as destination_address + from + aws_amplify_app, + jsonb_array_elements(custom_rules) as redirects_array + where + redirects_array ->> 'Status' = '200' + and name = 'amplify_app_name'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amplify diff --git a/queries/aws_amplify_app_7.yaml b/queries/aws_amplify_app_7.yaml index 0eb01fa92..765e3f22a 100755 --- a/queries/aws_amplify_app_7.yaml +++ b/queries/aws_amplify_app_7.yaml @@ -1,7 +1,7 @@ ID: aws_amplify_app_7 Title: "List all AWS Amplify Apps with Auto Build enabled" Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_amplify_app_7.yaml.bak b/queries/aws_amplify_app_7.yaml.bak new file mode 100755 index 000000000..0eb01fa92 --- /dev/null +++ b/queries/aws_amplify_app_7.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_amplify_app_7 +Title: "List all AWS Amplify Apps with Auto Build enabled" +Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + app_id, + name, + description, + arn + from + aws_amplify_app + where + enable_branch_auto_build = true; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amplify diff --git a/queries/aws_api_gateway_api_key_1.yaml b/queries/aws_api_gateway_api_key_1.yaml index 0a9ba4d4e..386771f2c 100755 --- a/queries/aws_api_gateway_api_key_1.yaml +++ b/queries/aws_api_gateway_api_key_1.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_api_key_1 Title: "List All API Keys Details in AWS API Gateway" Description: "Allows users to query API Keys in AWS API Gateway. The `aws_api_gateway_api_key` table in Steampipe provides information about API Keys within AWS API Gateway. This table allows DevOps engineers to query API Key-specific details, including its ID, value, enabled status, and associated metadata. Users can utilize this table to gather insights on API Keys, such as keys that are enabled, keys associated with specific stages, and more. The schema outlines the various attributes of the API Key, including the key ID, creation date, enabled status, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_api_key_1.yaml.bak b/queries/aws_api_gateway_api_key_1.yaml.bak new file mode 100755 index 000000000..0a9ba4d4e --- /dev/null +++ b/queries/aws_api_gateway_api_key_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_api_gateway_api_key_1 +Title: "List All API Keys Details in AWS API Gateway" +Description: "Allows users to query API Keys in AWS API Gateway. The `aws_api_gateway_api_key` table in Steampipe provides information about API Keys within AWS API Gateway. This table allows DevOps engineers to query API Key-specific details, including its ID, value, enabled status, and associated metadata. Users can utilize this table to gather insights on API Keys, such as keys that are enabled, keys associated with specific stages, and more. The schema outlines the various attributes of the API Key, including the key ID, creation date, enabled status, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + enabled, + created_date, + last_updated_date, + customer_id, + stage_keys + from + aws_api_gateway_api_key; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_api_key_2.yaml b/queries/aws_api_gateway_api_key_2.yaml index ef4280083..3c4662b77 100755 --- a/queries/aws_api_gateway_api_key_2.yaml +++ b/queries/aws_api_gateway_api_key_2.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_api_key_2 Title: "Find AWS API Gateway API Keys That Are Disabled" Description: "Allows users to query API Keys in AWS API Gateway. The `aws_api_gateway_api_key` table in Steampipe provides information about API Keys within AWS API Gateway. This table allows DevOps engineers to query API Key-specific details, including its ID, value, enabled status, and associated metadata. Users can utilize this table to gather insights on API Keys, such as keys that are enabled, keys associated with specific stages, and more. The schema outlines the various attributes of the API Key, including the key ID, creation date, enabled status, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_api_key_2.yaml.bak b/queries/aws_api_gateway_api_key_2.yaml.bak new file mode 100755 index 000000000..ef4280083 --- /dev/null +++ b/queries/aws_api_gateway_api_key_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_api_gateway_api_key_2 +Title: "Find AWS API Gateway API Keys That Are Disabled" +Description: "Allows users to query API Keys in AWS API Gateway. The `aws_api_gateway_api_key` table in Steampipe provides information about API Keys within AWS API Gateway. This table allows DevOps engineers to query API Key-specific details, including its ID, value, enabled status, and associated metadata. Users can utilize this table to gather insights on API Keys, such as keys that are enabled, keys associated with specific stages, and more. The schema outlines the various attributes of the API Key, including the key ID, creation date, enabled status, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + customer_id + from + aws_api_gateway_api_key + where + not enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_authorizer_1.yaml b/queries/aws_api_gateway_authorizer_1.yaml index 1b4d6ac29..8603e756f 100755 --- a/queries/aws_api_gateway_authorizer_1.yaml +++ b/queries/aws_api_gateway_authorizer_1.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_authorizer_1 Title: "Find AWS API Gateway Authorizer Configuration Details" Description: "Allows users to query AWS API Gateway Authorizer and access data about API Gateway Authorizers in an AWS account. This data includes the authorizer''s ID, name, type, provider ARNs, and other configuration details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_authorizer_1.yaml.bak b/queries/aws_api_gateway_authorizer_1.yaml.bak new file mode 100755 index 000000000..1b4d6ac29 --- /dev/null +++ b/queries/aws_api_gateway_authorizer_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_api_gateway_authorizer_1 +Title: "Find AWS API Gateway Authorizer Configuration Details" +Description: "Allows users to query AWS API Gateway Authorizer and access data about API Gateway Authorizers in an AWS account. This data includes the authorizer''s ID, name, type, provider ARNs, and other configuration details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + rest_api_id, + auth_type, + authorizer_credentials, + identity_validation_expression, + identity_source + from + aws_api_gateway_authorizer; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_authorizer_2.yaml b/queries/aws_api_gateway_authorizer_2.yaml index e9cd2f378..b0b4bad6f 100755 --- a/queries/aws_api_gateway_authorizer_2.yaml +++ b/queries/aws_api_gateway_authorizer_2.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_authorizer_2 Title: "List all AWS API Gateway Authorizers with Cognito User Pools" Description: "Allows users to query AWS API Gateway Authorizer and access data about API Gateway Authorizers in an AWS account. This data includes the authorizer''s ID, name, type, provider ARNs, and other configuration details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_authorizer_2.yaml.bak b/queries/aws_api_gateway_authorizer_2.yaml.bak new file mode 100755 index 000000000..e9cd2f378 --- /dev/null +++ b/queries/aws_api_gateway_authorizer_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_api_gateway_authorizer_2 +Title: "List all AWS API Gateway Authorizers with Cognito User Pools" +Description: "Allows users to query AWS API Gateway Authorizer and access data about API Gateway Authorizers in an AWS account. This data includes the authorizer''s ID, name, type, provider ARNs, and other configuration details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + rest_api_id, + auth_type + from + aws_api_gateway_authorizer + where + auth_type = 'cognito_user_pools'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_domain_name_1.yaml b/queries/aws_api_gateway_domain_name_1.yaml index 31433ee15..172a93697 100755 --- a/queries/aws_api_gateway_domain_name_1.yaml +++ b/queries/aws_api_gateway_domain_name_1.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_domain_name_1 Title: "List all AWS API Gateway Domain Names with Configuration" Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_domain_name_1.yaml.bak b/queries/aws_api_gateway_domain_name_1.yaml.bak new file mode 100755 index 000000000..31433ee15 --- /dev/null +++ b/queries/aws_api_gateway_domain_name_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_api_gateway_domain_name_1 +Title: "List all AWS API Gateway Domain Names with Configuration" +Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + certificate_arn, + distribution_domain_name, + distribution_hosted_zone_id, + domain_name_status, + ownership_verification_certificate_arn + from + aws_api_gateway_domain_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_domain_name_2.yaml b/queries/aws_api_gateway_domain_name_2.yaml index 2a4720fce..14c3d6199 100755 --- a/queries/aws_api_gateway_domain_name_2.yaml +++ b/queries/aws_api_gateway_domain_name_2.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_domain_name_2 Title: "Find AWS API Gateway Domain Names and Configurations" Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_domain_name_2.yaml.bak b/queries/aws_api_gateway_domain_name_2.yaml.bak new file mode 100755 index 000000000..2a4720fce --- /dev/null +++ b/queries/aws_api_gateway_domain_name_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_api_gateway_domain_name_2 +Title: "Find AWS API Gateway Domain Names and Configurations" +Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + certificate_arn, + certificate_upload_date, + regional_certificate_arn, + domain_name_status + from + aws_api_gateway_domain_name + where + domain_name_status = 'AVAILABLE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_domain_name_3.yaml b/queries/aws_api_gateway_domain_name_3.yaml index e025de6b5..17cb288f9 100755 --- a/queries/aws_api_gateway_domain_name_3.yaml +++ b/queries/aws_api_gateway_domain_name_3.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_domain_name_3 Title: "Find AWS API Gateway Domain Names and Certificates" Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_domain_name_3.yaml.bak b/queries/aws_api_gateway_domain_name_3.yaml.bak new file mode 100755 index 000000000..e025de6b5 --- /dev/null +++ b/queries/aws_api_gateway_domain_name_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_api_gateway_domain_name_3 +Title: "Find AWS API Gateway Domain Names and Certificates" +Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + d.domain_name, + d.regional_certificate_arn, + c.certificate, + c.certificate_transparency_logging_preference, + c.created_at, + c.imported_at, + c.issuer, + c.issued_at, + c.key_algorithm + from + aws_api_gateway_domain_name as d, + aws_acm_certificate as c + where + c.certificate_arn = d.regional_certificate_arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_domain_name_4.yaml b/queries/aws_api_gateway_domain_name_4.yaml index 302bff709..da241d1cf 100755 --- a/queries/aws_api_gateway_domain_name_4.yaml +++ b/queries/aws_api_gateway_domain_name_4.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_domain_name_4 Title: "Find AWS API Gateway Domain Names Configuration Certificates" Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_domain_name_4.yaml.bak b/queries/aws_api_gateway_domain_name_4.yaml.bak new file mode 100755 index 000000000..302bff709 --- /dev/null +++ b/queries/aws_api_gateway_domain_name_4.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_api_gateway_domain_name_4 +Title: "Find AWS API Gateway Domain Names Configuration Certificates" +Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + endpoint_configuration -> 'Types' as endpoint_types, + endpoint_configuration -> 'VpcEndpointIds' as vpc_endpoint_ids + from + aws_api_gateway_domain_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_domain_name_5.yaml b/queries/aws_api_gateway_domain_name_5.yaml index 96be1a5b3..340579362 100755 --- a/queries/aws_api_gateway_domain_name_5.yaml +++ b/queries/aws_api_gateway_domain_name_5.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_domain_name_5 Title: "Find AWS API Gateway Domain Configuration and Certificates" Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_domain_name_5.yaml.bak b/queries/aws_api_gateway_domain_name_5.yaml.bak new file mode 100755 index 000000000..96be1a5b3 --- /dev/null +++ b/queries/aws_api_gateway_domain_name_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_api_gateway_domain_name_5 +Title: "Find AWS API Gateway Domain Configuration and Certificates" +Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + mutual_tls_authentication ->> 'TruststoreUri' as truststore_uri, + mutual_tls_authentication ->> 'TruststoreVersion' as truststore_version, + mutual_tls_authentication ->> 'TruststoreWarnings' as truststore_warnings + from + aws_api_gateway_domain_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_method_1.yaml b/queries/aws_api_gateway_method_1.yaml index 0e7a5448d..f1462f855 100755 --- a/queries/aws_api_gateway_method_1.yaml +++ b/queries/aws_api_gateway_method_1.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_method_1 Title: "List all AWS API Gateway Methods" Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_method_1.yaml.bak b/queries/aws_api_gateway_method_1.yaml.bak new file mode 100755 index 000000000..0e7a5448d --- /dev/null +++ b/queries/aws_api_gateway_method_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_api_gateway_method_1 +Title: "List all AWS API Gateway Methods" +Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + rest_api_id, + resource_id, + http_method, + path, + api_key_required + from + aws_api_gateway_method; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_method_2.yaml b/queries/aws_api_gateway_method_2.yaml index 6f9837ef9..84b6531d3 100755 --- a/queries/aws_api_gateway_method_2.yaml +++ b/queries/aws_api_gateway_method_2.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_method_2 Title: "Find AWS API Gateway Methods with SQL Queries" Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_method_2.yaml.bak b/queries/aws_api_gateway_method_2.yaml.bak new file mode 100755 index 000000000..6f9837ef9 --- /dev/null +++ b/queries/aws_api_gateway_method_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_api_gateway_method_2 +Title: "Find AWS API Gateway Methods with SQL Queries" +Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + rest_api_id, + resource_id, + http_method, + operation_name + from + aws_api_gateway_method + where + http_method = 'GET'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_method_3.yaml b/queries/aws_api_gateway_method_3.yaml index 0db8ff704..bb3084821 100755 --- a/queries/aws_api_gateway_method_3.yaml +++ b/queries/aws_api_gateway_method_3.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_method_3 Title: "List AWS API Gateway Methods Using SQL" Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_method_3.yaml.bak b/queries/aws_api_gateway_method_3.yaml.bak new file mode 100755 index 000000000..0db8ff704 --- /dev/null +++ b/queries/aws_api_gateway_method_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_api_gateway_method_3 +Title: "List AWS API Gateway Methods Using SQL" +Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + rest_api_id, + resource_id, + http_method, + path, + authorization_type, + authorizer_id + from + aws_api_gateway_method + where + authorization_type = 'none'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_method_4.yaml b/queries/aws_api_gateway_method_4.yaml index 5aee9995a..25e4da530 100755 --- a/queries/aws_api_gateway_method_4.yaml +++ b/queries/aws_api_gateway_method_4.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_method_4 Title: "List all AWS API Gateway Methods using SQL" Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_method_4.yaml.bak b/queries/aws_api_gateway_method_4.yaml.bak new file mode 100755 index 000000000..5aee9995a --- /dev/null +++ b/queries/aws_api_gateway_method_4.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_api_gateway_method_4 +Title: "List all AWS API Gateway Methods using SQL" +Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + rest_api_id, + resource_id, + http_method, + method_integration -> 'CacheKeyParameters' as cache_key_parameters, + method_integration ->> 'CacheNamespace' as cache_namespace, + method_integration ->> 'ConnectionId' as connection_id, + method_integration ->> 'ConnectionType' as connection_type, + method_integration ->> 'ContentHandling' as content_handling, + method_integration ->> 'Credentials' as credentials, + method_integration ->> 'HttpMethod' as http_method, + method_integration ->> 'PassthroughBehavior' as passthrough_behavior, + method_integration ->> 'RequestParameters' as request_parameters, + method_integration -> 'RequestTemplates' as request_templates, + method_integration ->> 'TimeoutInMillis' as timeout_in_millis, + method_integration ->> 'tls_config' as tls_config, + method_integration ->> 'Type' as type, + method_integration ->> 'Uri' as uri, + method_integration -> 'IntegrationResponses' as integration_responses + from + aws_api_gateway_method; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_rest_api_1.yaml b/queries/aws_api_gateway_rest_api_1.yaml index 43e042377..65d8f43f4 100755 --- a/queries/aws_api_gateway_rest_api_1.yaml +++ b/queries/aws_api_gateway_rest_api_1.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_rest_api_1 Title: "List all AWS API Gateway REST APIs with details" Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_rest_api_1.yaml.bak b/queries/aws_api_gateway_rest_api_1.yaml.bak new file mode 100755 index 000000000..43e042377 --- /dev/null +++ b/queries/aws_api_gateway_rest_api_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_api_gateway_rest_api_1 +Title: "List all AWS API Gateway REST APIs with details" +Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + api_id, + api_key_source, + minimum_compression_size, + binary_media_types + from + aws_api_gateway_rest_api; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_rest_api_2.yaml b/queries/aws_api_gateway_rest_api_2.yaml index eb86f2263..599dc37ca 100755 --- a/queries/aws_api_gateway_rest_api_2.yaml +++ b/queries/aws_api_gateway_rest_api_2.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_rest_api_2 Title: "List all AWS API Gateway REST APIs with SQL" Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_rest_api_2.yaml.bak b/queries/aws_api_gateway_rest_api_2.yaml.bak new file mode 100755 index 000000000..eb86f2263 --- /dev/null +++ b/queries/aws_api_gateway_rest_api_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_api_gateway_rest_api_2 +Title: "List all AWS API Gateway REST APIs with SQL" +Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + api_id, + api_key_source, + minimum_compression_size + from + aws_api_gateway_rest_api + where + minimum_compression_size is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_rest_api_3.yaml b/queries/aws_api_gateway_rest_api_3.yaml index a255d3982..24f2ce696 100755 --- a/queries/aws_api_gateway_rest_api_3.yaml +++ b/queries/aws_api_gateway_rest_api_3.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_rest_api_3 Title: "List AWS API Gateway REST APIs Information" Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_rest_api_3.yaml.bak b/queries/aws_api_gateway_rest_api_3.yaml.bak new file mode 100755 index 000000000..a255d3982 --- /dev/null +++ b/queries/aws_api_gateway_rest_api_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_api_gateway_rest_api_3 +Title: "List AWS API Gateway REST APIs Information" +Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + api_id, + api_key_source, + endpoint_configuration_types, + endpoint_configuration_vpc_endpoint_ids + from + aws_api_gateway_rest_api + where + not endpoint_configuration_types ? 'PRIVATE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_rest_api_4.yaml b/queries/aws_api_gateway_rest_api_4.yaml index 6e5bf3b8f..f6bc3ca9a 100755 --- a/queries/aws_api_gateway_rest_api_4.yaml +++ b/queries/aws_api_gateway_rest_api_4.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_rest_api_4 Title: "Find AWS API Gateway REST APIs Information" Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_rest_api_4.yaml.bak b/queries/aws_api_gateway_rest_api_4.yaml.bak new file mode 100755 index 000000000..6e5bf3b8f --- /dev/null +++ b/queries/aws_api_gateway_rest_api_4.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_api_gateway_rest_api_4 +Title: "Find AWS API Gateway REST APIs Information" +Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_api_gateway_rest_api, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + string_to_array(p, ':') as pa, + jsonb_array_elements_text(s -> 'Action') as a + where + s ->> 'Effect' = 'Allow' + and ( + pa [5] != account_id + or p = '*' + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_rest_api_5.yaml b/queries/aws_api_gateway_rest_api_5.yaml index 0a85864fe..125f8eefb 100755 --- a/queries/aws_api_gateway_rest_api_5.yaml +++ b/queries/aws_api_gateway_rest_api_5.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_rest_api_5 Title: "List all AWS API Gateway REST APIs and Their Policies" Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_rest_api_5.yaml.bak b/queries/aws_api_gateway_rest_api_5.yaml.bak new file mode 100755 index 000000000..0a85864fe --- /dev/null +++ b/queries/aws_api_gateway_rest_api_5.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_api_gateway_rest_api_5 +Title: "List all AWS API Gateway REST APIs and Their Policies" +Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_api_gateway_rest_api, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a + where + p = '*' + and s ->> 'Effect' = 'Allow'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_stage_1.yaml b/queries/aws_api_gateway_stage_1.yaml index 297ab7190..92cd28001 100755 --- a/queries/aws_api_gateway_stage_1.yaml +++ b/queries/aws_api_gateway_stage_1.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_stage_1 Title: "Find AWS API Gateway Stages and Deployment Details" Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_stage_1.yaml.bak b/queries/aws_api_gateway_stage_1.yaml.bak new file mode 100755 index 000000000..297ab7190 --- /dev/null +++ b/queries/aws_api_gateway_stage_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_api_gateway_stage_1 +Title: "Find AWS API Gateway Stages and Deployment Details" +Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + rest_api_id, + count(name) stage_count + from + aws_api_gateway_stage + group by + rest_api_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_stage_2.yaml b/queries/aws_api_gateway_stage_2.yaml index 8ee323067..174dfeb5e 100755 --- a/queries/aws_api_gateway_stage_2.yaml +++ b/queries/aws_api_gateway_stage_2.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_stage_2 Title: "List all AWS API Gateway stages with cache enabled" Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_stage_2.yaml.bak b/queries/aws_api_gateway_stage_2.yaml.bak new file mode 100755 index 000000000..8ee323067 --- /dev/null +++ b/queries/aws_api_gateway_stage_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_api_gateway_stage_2 +Title: "List all AWS API Gateway stages with cache enabled" +Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + rest_api_id, + cache_cluster_enabled, + cache_cluster_size + from + aws_api_gateway_stage + where + cache_cluster_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_stage_3.yaml b/queries/aws_api_gateway_stage_3.yaml index ee613ba7c..14fae114b 100755 --- a/queries/aws_api_gateway_stage_3.yaml +++ b/queries/aws_api_gateway_stage_3.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_stage_3 Title: "Find AWS API Gateway Stages for deployments and APIs" Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_stage_3.yaml.bak b/queries/aws_api_gateway_stage_3.yaml.bak new file mode 100755 index 000000000..ee613ba7c --- /dev/null +++ b/queries/aws_api_gateway_stage_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_api_gateway_stage_3 +Title: "Find AWS API Gateway Stages for deployments and APIs" +Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + split_part(web_acl_arn, '/', 3) as web_acl_name + from + aws_api_gateway_stage; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_stage_4.yaml b/queries/aws_api_gateway_stage_4.yaml index 464cace95..e647842cc 100755 --- a/queries/aws_api_gateway_stage_4.yaml +++ b/queries/aws_api_gateway_stage_4.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_stage_4 Title: "Find AWS API Gateway Stages for Deployment and API Details" Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_stage_4.yaml.bak b/queries/aws_api_gateway_stage_4.yaml.bak new file mode 100755 index 000000000..464cace95 --- /dev/null +++ b/queries/aws_api_gateway_stage_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_api_gateway_stage_4 +Title: "Find AWS API Gateway Stages for Deployment and API Details" +Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + deployment_id, + name, + tracing_enabled, + method_settings -> '*/*' ->> 'LoggingLevel' as cloudwatch_log_level + from + aws_api_gateway_stage + where + method_settings -> '*/*' ->> 'LoggingLevel' = 'OFF'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_usage_plan_1.yaml b/queries/aws_api_gateway_usage_plan_1.yaml index 11f3731ec..c12fca973 100755 --- a/queries/aws_api_gateway_usage_plan_1.yaml +++ b/queries/aws_api_gateway_usage_plan_1.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_usage_plan_1 Title: "Find AWS API Gateway Usage Plans Information" Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_usage_plan_1.yaml.bak b/queries/aws_api_gateway_usage_plan_1.yaml.bak new file mode 100755 index 000000000..11f3731ec --- /dev/null +++ b/queries/aws_api_gateway_usage_plan_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_api_gateway_usage_plan_1 +Title: "Find AWS API Gateway Usage Plans Information" +Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + product_code, + description, + api_stages + from + aws_api_gateway_usage_plan; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_usage_plan_2.yaml b/queries/aws_api_gateway_usage_plan_2.yaml index ea50097ad..a97f0cb74 100755 --- a/queries/aws_api_gateway_usage_plan_2.yaml +++ b/queries/aws_api_gateway_usage_plan_2.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_usage_plan_2 Title: "List all AWS API Gateway Usage Plans Information" Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_usage_plan_2.yaml.bak b/queries/aws_api_gateway_usage_plan_2.yaml.bak new file mode 100755 index 000000000..ea50097ad --- /dev/null +++ b/queries/aws_api_gateway_usage_plan_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_api_gateway_usage_plan_2 +Title: "List all AWS API Gateway Usage Plans Information" +Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + quota + from + aws_api_gateway_usage_plan + where + quota is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_usage_plan_3.yaml b/queries/aws_api_gateway_usage_plan_3.yaml index 826f0a03a..ae2053413 100755 --- a/queries/aws_api_gateway_usage_plan_3.yaml +++ b/queries/aws_api_gateway_usage_plan_3.yaml @@ -1,7 +1,7 @@ ID: aws_api_gateway_usage_plan_3 Title: "Find AWS API Gateway Usage Plans Details via SQL" Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gateway_usage_plan_3.yaml.bak b/queries/aws_api_gateway_usage_plan_3.yaml.bak new file mode 100755 index 000000000..ae2053413 --- /dev/null +++ b/queries/aws_api_gateway_usage_plan_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_api_gateway_usage_plan_3 +Title: "Find AWS API Gateway Usage Plans Details via SQL" +Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + throttle + from + aws_api_gateway_usage_plan + where + throttle is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gateway_usage_plan_3.yaml.bak.bak b/queries/aws_api_gateway_usage_plan_3.yaml.bak.bak new file mode 100755 index 000000000..826f0a03a --- /dev/null +++ b/queries/aws_api_gateway_usage_plan_3.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_api_gateway_usage_plan_3 +Title: "Find AWS API Gateway Usage Plans Details via SQL" +Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + throttle + from + aws_api_gateway_usage_plan + where + throttle is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_api_1.yaml b/queries/aws_api_gatewayv2_api_1.yaml index eac84f6db..ce14e7253 100755 --- a/queries/aws_api_gatewayv2_api_1.yaml +++ b/queries/aws_api_gatewayv2_api_1.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_api_1 Title: "List all Details of AWS API Gateway APIs" Description: "Allows users to query API Gateway APIs and retrieve detailed information about each API, including its ID, name, protocol type, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_api_1.yaml.bak b/queries/aws_api_gatewayv2_api_1.yaml.bak new file mode 100755 index 000000000..eac84f6db --- /dev/null +++ b/queries/aws_api_gatewayv2_api_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_api_gatewayv2_api_1 +Title: "List all Details of AWS API Gateway APIs" +Description: "Allows users to query API Gateway APIs and retrieve detailed information about each API, including its ID, name, protocol type, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + api_id, + api_endpoint, + protocol_type, + api_key_selection_expression, + route_selection_expression + from + aws_api_gatewayv2_api; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_api_2.yaml b/queries/aws_api_gatewayv2_api_2.yaml index aa2a5d81a..4ea093aa8 100755 --- a/queries/aws_api_gatewayv2_api_2.yaml +++ b/queries/aws_api_gatewayv2_api_2.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_api_2 Title: "List all API Gateway APIs with name, ID, and protocol" Description: "Allows users to query API Gateway APIs and retrieve detailed information about each API, including its ID, name, protocol type, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_api_2.yaml.bak b/queries/aws_api_gatewayv2_api_2.yaml.bak new file mode 100755 index 000000000..aa2a5d81a --- /dev/null +++ b/queries/aws_api_gatewayv2_api_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_api_gatewayv2_api_2 +Title: "List all API Gateway APIs with name, ID, and protocol" +Description: "Allows users to query API Gateway APIs and retrieve detailed information about each API, including its ID, name, protocol type, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + api_id, + protocol_type + from + aws_api_gatewayv2_api + where + protocol_type = 'WEBSOCKET'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_api_3.yaml b/queries/aws_api_gatewayv2_api_3.yaml index 344d400be..869aef25d 100755 --- a/queries/aws_api_gatewayv2_api_3.yaml +++ b/queries/aws_api_gatewayv2_api_3.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_api_3 Title: "List All AWS API Gateway APIs and Retrieve Details" Description: "Allows users to query API Gateway APIs and retrieve detailed information about each API, including its ID, name, protocol type, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_api_3.yaml.bak b/queries/aws_api_gatewayv2_api_3.yaml.bak new file mode 100755 index 000000000..344d400be --- /dev/null +++ b/queries/aws_api_gatewayv2_api_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_api_gatewayv2_api_3 +Title: "List All AWS API Gateway APIs and Retrieve Details" +Description: "Allows users to query API Gateway APIs and retrieve detailed information about each API, including its ID, name, protocol type, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + api_id, + api_endpoint + from + aws_api_gatewayv2_api + where + not disable_execute_api_endpoint; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_domain_name_1.yaml b/queries/aws_api_gatewayv2_domain_name_1.yaml index 34ba670ae..4fbd6172a 100755 --- a/queries/aws_api_gatewayv2_domain_name_1.yaml +++ b/queries/aws_api_gatewayv2_domain_name_1.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_domain_name_1 Title: "Find all AWS API Gateway Domain Names Details using SQL" Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_domain_name_1.yaml.bak b/queries/aws_api_gatewayv2_domain_name_1.yaml.bak new file mode 100755 index 000000000..34ba670ae --- /dev/null +++ b/queries/aws_api_gatewayv2_domain_name_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_api_gatewayv2_domain_name_1 +Title: "Find all AWS API Gateway Domain Names Details using SQL" +Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + mutual_tls_authentication, + tags, + title, + akas + from + aws_api_gatewayv2_domain_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_domain_name_2.yaml b/queries/aws_api_gatewayv2_domain_name_2.yaml index 14e4a3c9c..51a86749f 100755 --- a/queries/aws_api_gatewayv2_domain_name_2.yaml +++ b/queries/aws_api_gatewayv2_domain_name_2.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_domain_name_2 Title: "List all AWS API Gateway Domain Names with Details" Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_domain_name_2.yaml.bak b/queries/aws_api_gatewayv2_domain_name_2.yaml.bak new file mode 100755 index 000000000..14e4a3c9c --- /dev/null +++ b/queries/aws_api_gatewayv2_domain_name_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_api_gatewayv2_domain_name_2 +Title: "List all AWS API Gateway Domain Names with Details" +Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + config ->> 'EndpointType' as endpoint_type + from + aws_api_gatewayv2_domain_name + cross join jsonb_array_elements(domain_name_configurations) as config + where + config ->> 'EndpointType' = 'EDGE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_domain_name_3.yaml b/queries/aws_api_gatewayv2_domain_name_3.yaml index f8545a09e..380505a5e 100755 --- a/queries/aws_api_gatewayv2_domain_name_3.yaml +++ b/queries/aws_api_gatewayv2_domain_name_3.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_domain_name_3 Title: "List all AWS API Gateway Domain Names and Details" Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_domain_name_3.yaml.bak b/queries/aws_api_gatewayv2_domain_name_3.yaml.bak new file mode 100755 index 000000000..f8545a09e --- /dev/null +++ b/queries/aws_api_gatewayv2_domain_name_3.yaml.bak @@ -0,0 +1,37 @@ +ID: aws_api_gatewayv2_domain_name_3 +Title: "List all AWS API Gateway Domain Names and Details" +Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + config ->> 'EndpointType' as endpoint_type, + config ->> 'CertificateName' as certificate_name, + config ->> 'CertificateArn' as certificate_arn, + config ->> 'CertificateUploadDate' as certificate_upload_date, + config ->> 'DomainNameStatus' as domain_name_status, + config ->> 'DomainNameStatusMessage' as domain_name_status_message, + config ->> 'ApiGatewayDomainName' as api_gateway_domain_name, + config ->> 'HostedZoneId' as hosted_zone_id, + config ->> 'OwnershipVerificationCertificateArn' as ownership_verification_certificate_arn, + config -> 'SecurityPolicy' as security_policy + from + aws_api_gatewayv2_domain_name + cross join jsonb_array_elements(domain_name_configurations) as config; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_domain_name_4.yaml b/queries/aws_api_gatewayv2_domain_name_4.yaml index 802ecaf6e..f398633db 100755 --- a/queries/aws_api_gatewayv2_domain_name_4.yaml +++ b/queries/aws_api_gatewayv2_domain_name_4.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_domain_name_4 Title: "Find all AWS API Gateway Domain Names and Their Details" Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_domain_name_4.yaml.bak b/queries/aws_api_gatewayv2_domain_name_4.yaml.bak new file mode 100755 index 000000000..802ecaf6e --- /dev/null +++ b/queries/aws_api_gatewayv2_domain_name_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_api_gatewayv2_domain_name_4 +Title: "Find all AWS API Gateway Domain Names and Their Details" +Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + mutual_tls_authentication ->> 'TruststoreUri' as truststore_uri, + mutual_tls_authentication ->> 'TruststoreVersion' as truststore_version, + mutual_tls_authentication ->> 'TruststoreWarnings' as truststore_warnings + from + aws_api_gatewayv2_domain_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_domain_name_5.yaml b/queries/aws_api_gatewayv2_domain_name_5.yaml index 4585a9685..80b1ebbc7 100755 --- a/queries/aws_api_gatewayv2_domain_name_5.yaml +++ b/queries/aws_api_gatewayv2_domain_name_5.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_domain_name_5 Title: "List AWS API Gateway Domain Name Details with Certificate Info" Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_domain_name_5.yaml.bak b/queries/aws_api_gatewayv2_domain_name_5.yaml.bak new file mode 100755 index 000000000..4585a9685 --- /dev/null +++ b/queries/aws_api_gatewayv2_domain_name_5.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_api_gatewayv2_domain_name_5 +Title: "List AWS API Gateway Domain Name Details with Certificate Info" +Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + d.domain_name, + config ->> 'CertificateArn' as certificate_arn, + c.certificate, + c.certificate_transparency_logging_preference, + c.created_at, + c.imported_at, + c.issuer, + c.issued_at, + c.key_algorithm + from + aws_api_gatewayv2_domain_name AS d + cross join jsonb_array_elements(d.domain_name_configurations) AS config + left join aws_acm_certificate AS c ON c.certificate_arn = config ->> 'CertificateArn'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_integration_1.yaml b/queries/aws_api_gatewayv2_integration_1.yaml index 23fbd126b..1d232e88c 100755 --- a/queries/aws_api_gatewayv2_integration_1.yaml +++ b/queries/aws_api_gatewayv2_integration_1.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_integration_1 Title: "Find AWS API Gateway Integrations with SQL" Description: "Allows users to query AWS API Gateway Integrations to retrieve detailed information about each integration within the API Gateway." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_integration_1.yaml.bak b/queries/aws_api_gatewayv2_integration_1.yaml.bak new file mode 100755 index 000000000..1d232e88c --- /dev/null +++ b/queries/aws_api_gatewayv2_integration_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_api_gatewayv2_integration_1 +Title: "Find AWS API Gateway Integrations with SQL" +Description: "Allows users to query AWS API Gateway Integrations to retrieve detailed information about each integration within the API Gateway." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + integration_id, + api_id, + integration_type, + integration_uri, + description + from + aws_api_gatewayv2_integration; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_integration_1.yaml.bak.bak b/queries/aws_api_gatewayv2_integration_1.yaml.bak.bak new file mode 100755 index 000000000..1d232e88c --- /dev/null +++ b/queries/aws_api_gatewayv2_integration_1.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_api_gatewayv2_integration_1 +Title: "Find AWS API Gateway Integrations with SQL" +Description: "Allows users to query AWS API Gateway Integrations to retrieve detailed information about each integration within the API Gateway." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + integration_id, + api_id, + integration_type, + integration_uri, + description + from + aws_api_gatewayv2_integration; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_integration_2.yaml b/queries/aws_api_gatewayv2_integration_2.yaml index 21a4c40d6..594b7f332 100755 --- a/queries/aws_api_gatewayv2_integration_2.yaml +++ b/queries/aws_api_gatewayv2_integration_2.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_integration_2 Title: "Find all AWS API Gateway Integrations Details" Description: "Allows users to query AWS API Gateway Integrations to retrieve detailed information about each integration within the API Gateway." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_integration_2.yaml.bak b/queries/aws_api_gatewayv2_integration_2.yaml.bak new file mode 100755 index 000000000..21a4c40d6 --- /dev/null +++ b/queries/aws_api_gatewayv2_integration_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_api_gatewayv2_integration_2 +Title: "Find all AWS API Gateway Integrations Details" +Description: "Allows users to query AWS API Gateway Integrations to retrieve detailed information about each integration within the API Gateway." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + api_id, + count(integration_id) as integration_count + from + aws_api_gatewayv2_integration + group by + api_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_route_1.yaml b/queries/aws_api_gatewayv2_route_1.yaml index cb3b669f9..19042f7c9 100755 --- a/queries/aws_api_gatewayv2_route_1.yaml +++ b/queries/aws_api_gatewayv2_route_1.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_route_1 Title: "Find AWS API Gateway V2 Route Details" Description: "Allows users to query AWS API Gateway V2 Routes and obtain detailed information about each route, including the route key, route response selection expression, and target." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_route_1.yaml.bak b/queries/aws_api_gatewayv2_route_1.yaml.bak new file mode 100755 index 000000000..cb3b669f9 --- /dev/null +++ b/queries/aws_api_gatewayv2_route_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_api_gatewayv2_route_1 +Title: "Find AWS API Gateway V2 Route Details" +Description: "Allows users to query AWS API Gateway V2 Routes and obtain detailed information about each route, including the route key, route response selection expression, and target." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + route_key, + api_id, + route_id, + api_gateway_managed, + api_key_required + from + aws_api_gatewayv2_route; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway V2 diff --git a/queries/aws_api_gatewayv2_route_2.yaml b/queries/aws_api_gatewayv2_route_2.yaml index aa1ca060f..b3ddbfc17 100755 --- a/queries/aws_api_gatewayv2_route_2.yaml +++ b/queries/aws_api_gatewayv2_route_2.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_route_2 Title: "List all AWS API Gateway V2 Routes including details" Description: "Allows users to query AWS API Gateway V2 Routes and obtain detailed information about each route, including the route key, route response selection expression, and target." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_route_2.yaml.bak b/queries/aws_api_gatewayv2_route_2.yaml.bak new file mode 100755 index 000000000..aa1ca060f --- /dev/null +++ b/queries/aws_api_gatewayv2_route_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_api_gatewayv2_route_2 +Title: "List all AWS API Gateway V2 Routes including details" +Description: "Allows users to query AWS API Gateway V2 Routes and obtain detailed information about each route, including the route key, route response selection expression, and target." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + route_key, + api_id, + route_id + from + aws_api_gatewayv2_route + where + api_id = 'w5n71b2m85'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway V2 diff --git a/queries/aws_api_gatewayv2_route_3.yaml b/queries/aws_api_gatewayv2_route_3.yaml index 694c81ccc..954401644 100755 --- a/queries/aws_api_gatewayv2_route_3.yaml +++ b/queries/aws_api_gatewayv2_route_3.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_route_3 Title: "Find all AWS API Gateway V2 Routes with Details" Description: "Allows users to query AWS API Gateway V2 Routes and obtain detailed information about each route, including the route key, route response selection expression, and target." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_route_3.yaml.bak b/queries/aws_api_gatewayv2_route_3.yaml.bak new file mode 100755 index 000000000..694c81ccc --- /dev/null +++ b/queries/aws_api_gatewayv2_route_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_api_gatewayv2_route_3 +Title: "Find all AWS API Gateway V2 Routes with Details" +Description: "Allows users to query AWS API Gateway V2 Routes and obtain detailed information about each route, including the route key, route response selection expression, and target." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.route_id, + a.name, + a.api_id, + a.api_endpoint + from + aws_api_gatewayv2_route as r, + aws_api_gatewayv2_api as a + where + not a.disable_execute_api_endpoint; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway V2 diff --git a/queries/aws_api_gatewayv2_stage_1.yaml b/queries/aws_api_gatewayv2_stage_1.yaml index b4108abf7..bca0c6031 100755 --- a/queries/aws_api_gatewayv2_stage_1.yaml +++ b/queries/aws_api_gatewayv2_stage_1.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_stage_1 Title: "List all AWS API Gateway Stages with Trace Data Disabled" Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_stage_1.yaml.bak b/queries/aws_api_gatewayv2_stage_1.yaml.bak new file mode 100755 index 000000000..b4108abf7 --- /dev/null +++ b/queries/aws_api_gatewayv2_stage_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_api_gatewayv2_stage_1 +Title: "List all AWS API Gateway Stages with Trace Data Disabled" +Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stage_name, + api_id, + default_route_data_trace_enabled + from + aws_api_gatewayv2_stage + where + not default_route_data_trace_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_stage_2.yaml b/queries/aws_api_gatewayv2_stage_2.yaml index 2bf068e2c..1b06a16bc 100755 --- a/queries/aws_api_gatewayv2_stage_2.yaml +++ b/queries/aws_api_gatewayv2_stage_2.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_stage_2 Title: "Find AWS API Gateway Stages and Details" Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_stage_2.yaml.bak b/queries/aws_api_gatewayv2_stage_2.yaml.bak new file mode 100755 index 000000000..2bf068e2c --- /dev/null +++ b/queries/aws_api_gatewayv2_stage_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_api_gatewayv2_stage_2 +Title: "Find AWS API Gateway Stages and Details" +Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stage_name, + api_id, + default_route_data_trace_enabled, + default_route_detailed_metrics_enabled, + default_route_throttling_burst_limit, + default_route_throttling_rate_limit + from + aws_api_gatewayv2_stage; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_stage_3.yaml b/queries/aws_api_gatewayv2_stage_3.yaml index ccac682bc..4cb0fedab 100755 --- a/queries/aws_api_gatewayv2_stage_3.yaml +++ b/queries/aws_api_gatewayv2_stage_3.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_stage_3 Title: "List all AWS API Gateway Stages and Details" Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_stage_3.yaml.bak b/queries/aws_api_gatewayv2_stage_3.yaml.bak new file mode 100755 index 000000000..ccac682bc --- /dev/null +++ b/queries/aws_api_gatewayv2_stage_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_api_gatewayv2_stage_3 +Title: "List all AWS API Gateway Stages and Details" +Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + api_id, + count(stage_name) stage_count + from + aws_api_gatewayv2_stage + group by + api_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_api_gatewayv2_stage_4.yaml b/queries/aws_api_gatewayv2_stage_4.yaml index 6a1304c13..ec858a5c0 100755 --- a/queries/aws_api_gatewayv2_stage_4.yaml +++ b/queries/aws_api_gatewayv2_stage_4.yaml @@ -1,7 +1,7 @@ ID: aws_api_gatewayv2_stage_4 Title: "Find AWS API Gateway Stages and Details using SQL" Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_api_gatewayv2_stage_4.yaml.bak b/queries/aws_api_gatewayv2_stage_4.yaml.bak new file mode 100755 index 000000000..6a1304c13 --- /dev/null +++ b/queries/aws_api_gatewayv2_stage_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_api_gatewayv2_stage_4 +Title: "Find AWS API Gateway Stages and Details using SQL" +Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stage_name, + api_id, + default_route_data_trace_enabled, + jsonb_pretty(access_log_settings) as access_log_settings + from + aws_api_gatewayv2_stage; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - API Gateway diff --git a/queries/aws_app_runner_service_1.yaml b/queries/aws_app_runner_service_1.yaml index ee84309a1..02f4c7096 100755 --- a/queries/aws_app_runner_service_1.yaml +++ b/queries/aws_app_runner_service_1.yaml @@ -1,7 +1,7 @@ ID: aws_app_runner_service_1 Title: "Find all AWS App Runner Services with configurations" Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_app_runner_service_1.yaml.bak b/queries/aws_app_runner_service_1.yaml.bak new file mode 100755 index 000000000..ee84309a1 --- /dev/null +++ b/queries/aws_app_runner_service_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_app_runner_service_1 +Title: "Find all AWS App Runner Services with configurations" +Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + arn, + region, + created_at, + updated_at + from + aws_app_runner_service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - App Runner diff --git a/queries/aws_app_runner_service_2.yaml b/queries/aws_app_runner_service_2.yaml index 1736430aa..55655693f 100755 --- a/queries/aws_app_runner_service_2.yaml +++ b/queries/aws_app_runner_service_2.yaml @@ -1,7 +1,7 @@ ID: aws_app_runner_service_2 Title: "List all AWS App Runner Services with Network Configurations" Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_app_runner_service_2.yaml.bak b/queries/aws_app_runner_service_2.yaml.bak new file mode 100755 index 000000000..1736430aa --- /dev/null +++ b/queries/aws_app_runner_service_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_app_runner_service_2 +Title: "List all AWS App Runner Services with Network Configurations" +Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + arn, + network_configuration + from + aws_app_runner_service + where + (network_configuration -> 'EgressConfiguration' ->> 'VpcConnectorArn') is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - App Runner diff --git a/queries/aws_app_runner_service_3.yaml b/queries/aws_app_runner_service_3.yaml index 5c57679a0..0e1d7bc0b 100755 --- a/queries/aws_app_runner_service_3.yaml +++ b/queries/aws_app_runner_service_3.yaml @@ -1,7 +1,7 @@ ID: aws_app_runner_service_3 Title: "List all AWS App Runner Services with Auto Scaling Info" Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_app_runner_service_3.yaml.bak b/queries/aws_app_runner_service_3.yaml.bak new file mode 100755 index 000000000..5c57679a0 --- /dev/null +++ b/queries/aws_app_runner_service_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_app_runner_service_3 +Title: "List all AWS App Runner Services with Auto Scaling Info" +Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + arn, + auto_scaling_configuration_summary + from + aws_app_runner_service + where + jsonb_path_exists(auto_scaling_configuration_summary, '$.AutoScalingConfigurationArn'); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - App Runner diff --git a/queries/aws_app_runner_service_4.yaml b/queries/aws_app_runner_service_4.yaml index 79492e2ad..8b9ae2d7e 100755 --- a/queries/aws_app_runner_service_4.yaml +++ b/queries/aws_app_runner_service_4.yaml @@ -1,7 +1,7 @@ ID: aws_app_runner_service_4 Title: "Find all AWS App Runner services and configurations" Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_app_runner_service_4.yaml.bak b/queries/aws_app_runner_service_4.yaml.bak new file mode 100755 index 000000000..79492e2ad --- /dev/null +++ b/queries/aws_app_runner_service_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_app_runner_service_4 +Title: "Find all AWS App Runner services and configurations" +Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + arn, + observability_configuration + from + aws_app_runner_service + where + (observability_configuration ->> 'ObservabilityConfigurationArn') is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - App Runner diff --git a/queries/aws_app_runner_service_5.yaml b/queries/aws_app_runner_service_5.yaml index 69bc84be1..9ca5ad62c 100755 --- a/queries/aws_app_runner_service_5.yaml +++ b/queries/aws_app_runner_service_5.yaml @@ -1,7 +1,7 @@ ID: aws_app_runner_service_5 Title: "List All AWS App Runner Services with Configs and Networking" Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_app_runner_service_5.yaml.bak b/queries/aws_app_runner_service_5.yaml.bak new file mode 100755 index 000000000..69bc84be1 --- /dev/null +++ b/queries/aws_app_runner_service_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_app_runner_service_5 +Title: "List All AWS App Runner Services with Configs and Networking" +Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + arn, + created_at + from + aws_app_runner_service + where + created_at >= '2023-01-01T00:00:00Z' and created_at <= '2023-12-31T23:59:59Z'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - App Runner diff --git a/queries/aws_app_runner_service_6.yaml b/queries/aws_app_runner_service_6.yaml index a1a5cd222..89dc73444 100755 --- a/queries/aws_app_runner_service_6.yaml +++ b/queries/aws_app_runner_service_6.yaml @@ -1,7 +1,7 @@ ID: aws_app_runner_service_6 Title: "Find AWS App Runner Service Details and Configurations" Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_app_runner_service_6.yaml.bak b/queries/aws_app_runner_service_6.yaml.bak new file mode 100755 index 000000000..a1a5cd222 --- /dev/null +++ b/queries/aws_app_runner_service_6.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_app_runner_service_6 +Title: "Find AWS App Runner Service Details and Configurations" +Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + arn, + service_url + from + aws_app_runner_service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - App Runner diff --git a/queries/aws_appautoscaling_policy_1.yaml b/queries/aws_appautoscaling_policy_1.yaml index 51de04612..6409ea28a 100755 --- a/queries/aws_appautoscaling_policy_1.yaml +++ b/queries/aws_appautoscaling_policy_1.yaml @@ -1,7 +1,7 @@ ID: aws_appautoscaling_policy_1 Title: "List AWS Application Auto Scaling Policies Configuration" Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appautoscaling_policy_1.yaml.bak b/queries/aws_appautoscaling_policy_1.yaml.bak new file mode 100755 index 000000000..6409ea28a --- /dev/null +++ b/queries/aws_appautoscaling_policy_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_appautoscaling_policy_1 +Title: "List AWS Application Auto Scaling Policies Configuration" +Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_namespace, + scalable_dimension, + policy_type, + resource_id, + creation_time + from + aws_appautoscaling_policy + where + service_namespace = 'ecs'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Application Auto Scaling diff --git a/queries/aws_appautoscaling_policy_1.yaml.bak.bak b/queries/aws_appautoscaling_policy_1.yaml.bak.bak new file mode 100755 index 000000000..6409ea28a --- /dev/null +++ b/queries/aws_appautoscaling_policy_1.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_appautoscaling_policy_1 +Title: "List AWS Application Auto Scaling Policies Configuration" +Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_namespace, + scalable_dimension, + policy_type, + resource_id, + creation_time + from + aws_appautoscaling_policy + where + service_namespace = 'ecs'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Application Auto Scaling diff --git a/queries/aws_appautoscaling_policy_2.yaml b/queries/aws_appautoscaling_policy_2.yaml index 851a684bc..b92d62968 100755 --- a/queries/aws_appautoscaling_policy_2.yaml +++ b/queries/aws_appautoscaling_policy_2.yaml @@ -1,7 +1,7 @@ ID: aws_appautoscaling_policy_2 Title: "Find AWS Application Auto Scaling Policies Configuration" Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appautoscaling_policy_2.yaml.bak b/queries/aws_appautoscaling_policy_2.yaml.bak new file mode 100755 index 000000000..851a684bc --- /dev/null +++ b/queries/aws_appautoscaling_policy_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_appautoscaling_policy_2 +Title: "Find AWS Application Auto Scaling Policies Configuration" +Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_id, + policy_type + from + aws_appautoscaling_policy + where + service_namespace = 'ecs' + and policy_type = 'StepScaling'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Application Auto Scaling diff --git a/queries/aws_appautoscaling_policy_3.yaml b/queries/aws_appautoscaling_policy_3.yaml index 8aa2297f4..481e7bd3d 100755 --- a/queries/aws_appautoscaling_policy_3.yaml +++ b/queries/aws_appautoscaling_policy_3.yaml @@ -1,7 +1,7 @@ ID: aws_appautoscaling_policy_3 Title: "Find AWS Auto Scaling Policies for ECS Resources" Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appautoscaling_policy_3.yaml.bak b/queries/aws_appautoscaling_policy_3.yaml.bak new file mode 100755 index 000000000..8aa2297f4 --- /dev/null +++ b/queries/aws_appautoscaling_policy_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_appautoscaling_policy_3 +Title: "Find AWS Auto Scaling Policies for ECS Resources" +Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_id, + policy_type + from + aws_appautoscaling_policy + where + service_namespace = 'ecs' + and creation_time > now() - interval '30 days'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Application Auto Scaling diff --git a/queries/aws_appautoscaling_policy_4.yaml b/queries/aws_appautoscaling_policy_4.yaml index 9e48d4911..896763b14 100755 --- a/queries/aws_appautoscaling_policy_4.yaml +++ b/queries/aws_appautoscaling_policy_4.yaml @@ -1,7 +1,7 @@ ID: aws_appautoscaling_policy_4 Title: "Find all AWS Auto Scaling Policies and Configurations" Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appautoscaling_policy_4.yaml.bak b/queries/aws_appautoscaling_policy_4.yaml.bak new file mode 100755 index 000000000..9e48d4911 --- /dev/null +++ b/queries/aws_appautoscaling_policy_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_appautoscaling_policy_4 +Title: "Find all AWS Auto Scaling Policies and Configurations" +Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_id, + policy_type, + jsonb_array_elements(alarms) -> 'AlarmName' as alarm_name + from + aws_appautoscaling_policy + where + service_namespace = 'ecs'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Application Auto Scaling diff --git a/queries/aws_appautoscaling_policy_5.yaml b/queries/aws_appautoscaling_policy_5.yaml index b702434b1..354277aaf 100755 --- a/queries/aws_appautoscaling_policy_5.yaml +++ b/queries/aws_appautoscaling_policy_5.yaml @@ -1,7 +1,7 @@ ID: aws_appautoscaling_policy_5 Title: "List AWS App Auto Scaling Policies and Configurations" Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appautoscaling_policy_5.yaml.bak b/queries/aws_appautoscaling_policy_5.yaml.bak new file mode 100755 index 000000000..b702434b1 --- /dev/null +++ b/queries/aws_appautoscaling_policy_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_appautoscaling_policy_5 +Title: "List AWS App Auto Scaling Policies and Configurations" +Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_id, + policy_type, + step_scaling_policy_configuration + from + aws_appautoscaling_policy + where + service_namespace = 'ecs' + and policy_type = 'StepScaling'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Application Auto Scaling diff --git a/queries/aws_appautoscaling_target_1.yaml b/queries/aws_appautoscaling_target_1.yaml index b972af859..946c83773 100755 --- a/queries/aws_appautoscaling_target_1.yaml +++ b/queries/aws_appautoscaling_target_1.yaml @@ -1,7 +1,7 @@ ID: aws_appautoscaling_target_1 Title: "Find AWS Application Auto Scaling Targets using SQL" Description: "Allows users to query AWS Application Auto Scaling Targets. This table provides information about each target, including the service namespace, scalable dimension, resource ID, and the associated scaling policies." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appautoscaling_target_1.yaml.bak b/queries/aws_appautoscaling_target_1.yaml.bak new file mode 100755 index 000000000..b972af859 --- /dev/null +++ b/queries/aws_appautoscaling_target_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_appautoscaling_target_1 +Title: "Find AWS Application Auto Scaling Targets using SQL" +Description: "Allows users to query AWS Application Auto Scaling Targets. This table provides information about each target, including the service namespace, scalable dimension, resource ID, and the associated scaling policies." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_namespace, + scalable_dimension, + resource_id, + creation_time + from + aws_appautoscaling_target + where + service_namespace = 'dynamodb'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Application Auto Scaling diff --git a/queries/aws_appautoscaling_target_2.yaml b/queries/aws_appautoscaling_target_2.yaml index 70e033d75..acf807d7d 100755 --- a/queries/aws_appautoscaling_target_2.yaml +++ b/queries/aws_appautoscaling_target_2.yaml @@ -1,7 +1,7 @@ ID: aws_appautoscaling_target_2 Title: "Find AWS Application Auto Scaling Targets Details" Description: "Allows users to query AWS Application Auto Scaling Targets. This table provides information about each target, including the service namespace, scalable dimension, resource ID, and the associated scaling policies." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appautoscaling_target_2.yaml.bak b/queries/aws_appautoscaling_target_2.yaml.bak new file mode 100755 index 000000000..70e033d75 --- /dev/null +++ b/queries/aws_appautoscaling_target_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_appautoscaling_target_2 +Title: "Find AWS Application Auto Scaling Targets Details" +Description: "Allows users to query AWS Application Auto Scaling Targets. This table provides information about each target, including the service namespace, scalable dimension, resource ID, and the associated scaling policies." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_id, + scalable_dimension + from + aws_appautoscaling_target + where + service_namespace = 'dynamodb' + and scalable_dimension = 'dynamodb:table:ReadCapacityUnits' + or scalable_dimension = 'dynamodb:table:WriteCapacityUnits'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Application Auto Scaling diff --git a/queries/aws_appconfig_application_1.yaml b/queries/aws_appconfig_application_1.yaml index 897a88f04..c74bdeeb5 100755 --- a/queries/aws_appconfig_application_1.yaml +++ b/queries/aws_appconfig_application_1.yaml @@ -1,7 +1,7 @@ ID: aws_appconfig_application_1 Title: "Find AWS AppConfig Application Details" Description: "Allows users to query AWS AppConfig Applications to gather detailed information about each application, including its name, description, associated environments, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appconfig_application_1.yaml.bak b/queries/aws_appconfig_application_1.yaml.bak new file mode 100755 index 000000000..897a88f04 --- /dev/null +++ b/queries/aws_appconfig_application_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_appconfig_application_1 +Title: "Find AWS AppConfig Application Details" +Description: "Allows users to query AWS AppConfig Applications to gather detailed information about each application, including its name, description, associated environments, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + id, + name, + description, + tags + from + aws_appconfig_application; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AppConfig diff --git a/queries/aws_appstream_fleet_1.yaml b/queries/aws_appstream_fleet_1.yaml index 166a84602..eed447288 100755 --- a/queries/aws_appstream_fleet_1.yaml +++ b/queries/aws_appstream_fleet_1.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_fleet_1 Title: "List all AWS AppStream Fleets with detailed information" Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_fleet_1.yaml.bak b/queries/aws_appstream_fleet_1.yaml.bak new file mode 100755 index 000000000..eed447288 --- /dev/null +++ b/queries/aws_appstream_fleet_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_appstream_fleet_1 +Title: "List all AWS AppStream Fleets with detailed information" +Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + instance_type, + description, + created_time, + display_name, + state, + directory_name, + enable_default_internet_access + from + aws_appstream_fleet; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_fleet_1.yaml.bak.bak b/queries/aws_appstream_fleet_1.yaml.bak.bak new file mode 100755 index 000000000..eed447288 --- /dev/null +++ b/queries/aws_appstream_fleet_1.yaml.bak.bak @@ -0,0 +1,32 @@ +ID: aws_appstream_fleet_1 +Title: "List all AWS AppStream Fleets with detailed information" +Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + instance_type, + description, + created_time, + display_name, + state, + directory_name, + enable_default_internet_access + from + aws_appstream_fleet; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_fleet_10.yaml b/queries/aws_appstream_fleet_10.yaml index caf01f5e6..62ec562d0 100755 --- a/queries/aws_appstream_fleet_10.yaml +++ b/queries/aws_appstream_fleet_10.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_fleet_10 Title: "List all AWS AppStream Fleets with State and Details" Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_fleet_10.yaml.bak b/queries/aws_appstream_fleet_10.yaml.bak new file mode 100755 index 000000000..caf01f5e6 --- /dev/null +++ b/queries/aws_appstream_fleet_10.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_appstream_fleet_10 +Title: "List all AWS AppStream Fleets with State and Details" +Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + state, + created_time, + description + from + aws_appstream_fleet + where + state = 'RUNNING'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_fleet_2.yaml b/queries/aws_appstream_fleet_2.yaml index 5afc94ddb..0eeccacb2 100755 --- a/queries/aws_appstream_fleet_2.yaml +++ b/queries/aws_appstream_fleet_2.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_fleet_2 Title: "List all AWS AppStream Fleets with Detailed Information" Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_fleet_2.yaml.bak b/queries/aws_appstream_fleet_2.yaml.bak new file mode 100755 index 000000000..5afc94ddb --- /dev/null +++ b/queries/aws_appstream_fleet_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_appstream_fleet_2 +Title: "List all AWS AppStream Fleets with Detailed Information" +Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + instance_type, + description, + created_time, + display_name, + state, + enable_default_internet_access + from + aws_appstream_fleet + where enable_default_internet_access; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_fleet_3.yaml b/queries/aws_appstream_fleet_3.yaml index d7ab5acdf..567514951 100755 --- a/queries/aws_appstream_fleet_3.yaml +++ b/queries/aws_appstream_fleet_3.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_fleet_3 Title: "List all AWS AppStream Fleets with Details" Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_fleet_3.yaml.bak b/queries/aws_appstream_fleet_3.yaml.bak new file mode 100755 index 000000000..d7ab5acdf --- /dev/null +++ b/queries/aws_appstream_fleet_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_appstream_fleet_3 +Title: "List all AWS AppStream Fleets with Details" +Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_time, + fleet_type, + instance_type, + display_name, + image_arn, + image_name + from + aws_appstream_fleet + where + fleet_type = 'ON_DEMAND'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_fleet_4.yaml b/queries/aws_appstream_fleet_4.yaml index 4bcfcf0ca..731b0b536 100755 --- a/queries/aws_appstream_fleet_4.yaml +++ b/queries/aws_appstream_fleet_4.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_fleet_4 Title: "List all AWS AppStream Fleets and their details" Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_fleet_4.yaml.bak b/queries/aws_appstream_fleet_4.yaml.bak new file mode 100755 index 000000000..4bcfcf0ca --- /dev/null +++ b/queries/aws_appstream_fleet_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_appstream_fleet_4 +Title: "List all AWS AppStream Fleets and their details" +Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_time, + display_name, + enable_default_internet_access, + max_concurrent_sessions, + max_user_duration_in_seconds + from + aws_appstream_fleet + where + created_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_fleet_5.yaml b/queries/aws_appstream_fleet_5.yaml index dc4787519..5bb3f73a4 100755 --- a/queries/aws_appstream_fleet_5.yaml +++ b/queries/aws_appstream_fleet_5.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_fleet_5 Title: "Find AWS AppStream Fleets and Detailed Stack Info" Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_fleet_5.yaml.bak b/queries/aws_appstream_fleet_5.yaml.bak new file mode 100755 index 000000000..dc4787519 --- /dev/null +++ b/queries/aws_appstream_fleet_5.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_appstream_fleet_5 +Title: "Find AWS AppStream Fleets and Detailed Stack Info" +Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + f.name, + f.created_time, + f.display_name, + f.image_arn, + i.base_image_arn, + i.image_builder_name, + i.visibility + from + aws_appstream_fleet as f, + aws_appstream_image as i + where + i.arn = f.image_arn + and + i.visibility = 'PRIVATE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_fleet_6.yaml b/queries/aws_appstream_fleet_6.yaml index e379743d5..dc168edf3 100755 --- a/queries/aws_appstream_fleet_6.yaml +++ b/queries/aws_appstream_fleet_6.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_fleet_6 Title: "List AWS AppStream Fleet details including state and type" Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_fleet_6.yaml.bak b/queries/aws_appstream_fleet_6.yaml.bak new file mode 100755 index 000000000..e379743d5 --- /dev/null +++ b/queries/aws_appstream_fleet_6.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_appstream_fleet_6 +Title: "List AWS AppStream Fleet details including state and type" +Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + compute_capacity_status ->> 'Available' as available, + compute_capacity_status ->> 'Desired' as desired, + compute_capacity_status ->> 'InUse' as in_use, + compute_capacity_status ->> 'Running' as running + from + aws_appstream_fleet; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS AppStream diff --git a/queries/aws_appstream_fleet_7.yaml b/queries/aws_appstream_fleet_7.yaml index 7d59d2b69..74815084a 100755 --- a/queries/aws_appstream_fleet_7.yaml +++ b/queries/aws_appstream_fleet_7.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_fleet_7 Title: "Find AWS AppStream Fleet Details Including State and Instance Type" Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_fleet_7.yaml.bak b/queries/aws_appstream_fleet_7.yaml.bak new file mode 100755 index 000000000..7d59d2b69 --- /dev/null +++ b/queries/aws_appstream_fleet_7.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_appstream_fleet_7 +Title: "Find AWS AppStream Fleet Details Including State and Instance Type" +Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + e ->> 'ErrorCode' as error_code, + e ->> 'ErrorMessage' as error_message + from + aws_appstream_fleet, + jsonb_array_elements(fleet_errors) as e; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_fleet_8.yaml b/queries/aws_appstream_fleet_8.yaml index 4ba094296..5f5fcb90f 100755 --- a/queries/aws_appstream_fleet_8.yaml +++ b/queries/aws_appstream_fleet_8.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_fleet_8 Title: "Find All AWS AppStream Fleet Details and States" Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_fleet_8.yaml.bak b/queries/aws_appstream_fleet_8.yaml.bak new file mode 100755 index 000000000..4ba094296 --- /dev/null +++ b/queries/aws_appstream_fleet_8.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_appstream_fleet_8 +Title: "Find All AWS AppStream Fleet Details and States" +Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + vpc_config -> 'SecurityGroupIds' as security_group_ids, + vpc_config -> 'SubnetIds' as subnet_ids + from + aws_appstream_fleet; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS AppStream Fleet diff --git a/queries/aws_appstream_fleet_9.yaml b/queries/aws_appstream_fleet_9.yaml index 6eecb5e5e..631647f56 100755 --- a/queries/aws_appstream_fleet_9.yaml +++ b/queries/aws_appstream_fleet_9.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_fleet_9 Title: "List AWS AppStream Fleet Details by Instance Type" Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_fleet_9.yaml.bak b/queries/aws_appstream_fleet_9.yaml.bak new file mode 100755 index 000000000..6eecb5e5e --- /dev/null +++ b/queries/aws_appstream_fleet_9.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_appstream_fleet_9 +Title: "List AWS AppStream Fleet Details by Instance Type" +Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + instance_type, + Count(instance_type) as number_of_fleets + from + aws_appstream_fleet + group by + instance_type, + name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_image_1.yaml b/queries/aws_appstream_image_1.yaml index f1b12f6ee..fa4d6966b 100755 --- a/queries/aws_appstream_image_1.yaml +++ b/queries/aws_appstream_image_1.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_image_1 Title: "List AWS AppStream Images and Metadata" Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_image_1.yaml.bak b/queries/aws_appstream_image_1.yaml.bak new file mode 100755 index 000000000..f1b12f6ee --- /dev/null +++ b/queries/aws_appstream_image_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_appstream_image_1 +Title: "List AWS AppStream Images and Metadata" +Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + base_image_arn, + description, + created_time, + display_name, + image_builder_name, + tags + from + aws_appstream_image; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_image_2.yaml b/queries/aws_appstream_image_2.yaml index 39e642fa6..adf755318 100755 --- a/queries/aws_appstream_image_2.yaml +++ b/queries/aws_appstream_image_2.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_image_2 Title: "Find AWS AppStream Images and Their Properties" Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_image_2.yaml.bak b/queries/aws_appstream_image_2.yaml.bak new file mode 100755 index 000000000..39e642fa6 --- /dev/null +++ b/queries/aws_appstream_image_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_appstream_image_2 +Title: "Find AWS AppStream Images and Their Properties" +Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + display_name, + platform, + state + from + aws_appstream_image + where + state = 'AVAILABLE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_image_3.yaml b/queries/aws_appstream_image_3.yaml index 88148c725..b58505cf9 100755 --- a/queries/aws_appstream_image_3.yaml +++ b/queries/aws_appstream_image_3.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_image_3 Title: "Find all AWS AppStream Image Details and Metadata" Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_image_3.yaml.bak b/queries/aws_appstream_image_3.yaml.bak new file mode 100755 index 000000000..88148c725 --- /dev/null +++ b/queries/aws_appstream_image_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_appstream_image_3 +Title: "Find all AWS AppStream Image Details and Metadata" +Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_time, + base_image_arn, + display_name, + image_builder_supported, + image_builder_name + from + aws_appstream_image + where + platform = 'WINDOWS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_image_4.yaml b/queries/aws_appstream_image_4.yaml index fc8855023..97dc44d5b 100755 --- a/queries/aws_appstream_image_4.yaml +++ b/queries/aws_appstream_image_4.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_image_4 Title: "List all AWS AppStream Image properties and states" Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_image_4.yaml.bak b/queries/aws_appstream_image_4.yaml.bak new file mode 100755 index 000000000..fc8855023 --- /dev/null +++ b/queries/aws_appstream_image_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_appstream_image_4 +Title: "List all AWS AppStream Image properties and states" +Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_time, + base_image_arn, + display_name, + image_builder_supported, + image_builder_name + from + aws_appstream_image + where + image_builder_supported; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_image_5.yaml b/queries/aws_appstream_image_5.yaml index bbb1d915d..5c6ef7faa 100755 --- a/queries/aws_appstream_image_5.yaml +++ b/queries/aws_appstream_image_5.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_image_5 Title: "Find AWS AppStream Images and Their States" Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_image_5.yaml.bak b/queries/aws_appstream_image_5.yaml.bak new file mode 100755 index 000000000..bbb1d915d --- /dev/null +++ b/queries/aws_appstream_image_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_appstream_image_5 +Title: "Find AWS AppStream Images and Their States" +Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_time, + base_image_arn, + display_name, + image_builder_name, + visibility + from + aws_appstream_image + where + visibility = 'PRIVATE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_image_6.yaml b/queries/aws_appstream_image_6.yaml index ede2c6419..c54557e43 100755 --- a/queries/aws_appstream_image_6.yaml +++ b/queries/aws_appstream_image_6.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_image_6 Title: "List AWS AppStream Images and Metadata" Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_image_6.yaml.bak b/queries/aws_appstream_image_6.yaml.bak new file mode 100755 index 000000000..ede2c6419 --- /dev/null +++ b/queries/aws_appstream_image_6.yaml.bak @@ -0,0 +1,40 @@ +ID: aws_appstream_image_6 +Title: "List AWS AppStream Images and Metadata" +Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + a ->> 'AppBlockArn' as app_block_arn, + a ->> 'Arn' as app_arn, + a ->> 'CreatedTime' as app_created_time, + a ->> 'Description' as app_description, + a ->> 'DisplayName' as app_display_name, + a ->> 'Enabled' as app_enabled, + a ->> 'IconS3Location' as app_icon_s3_location, + a ->> 'IconURL' as app_icon_url, + a ->> 'InstanceFamilies' as app_instance_families, + a ->> 'LaunchParameters' as app_launch_parameters, + a ->> 'LaunchPath' as app_launch_path, + a ->> 'Name' as app_name, + a ->> 'Platforms' as app_platforms, + a ->> 'WorkingDirectory' as app_WorkingDirectory + from + aws_appstream_image, + jsonb_array_elements(applications) as a; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_image_7.yaml b/queries/aws_appstream_image_7.yaml index 0ccc9dd7c..e5dab4cfa 100755 --- a/queries/aws_appstream_image_7.yaml +++ b/queries/aws_appstream_image_7.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_image_7 Title: "Find AWS AppStream Images Properties and States" Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_image_7.yaml.bak b/queries/aws_appstream_image_7.yaml.bak new file mode 100755 index 000000000..e5dab4cfa --- /dev/null +++ b/queries/aws_appstream_image_7.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_appstream_image_7 +Title: "Find AWS AppStream Images Properties and States" +Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + image_permissions ->> 'AllowFleet' as allow_fleet, + image_permissions ->> 'AllowImageBuilder' as allow_image_builder + from + aws_appstream_image; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_image_7.yaml.bak.bak b/queries/aws_appstream_image_7.yaml.bak.bak new file mode 100755 index 000000000..e5dab4cfa --- /dev/null +++ b/queries/aws_appstream_image_7.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_appstream_image_7 +Title: "Find AWS AppStream Images Properties and States" +Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + image_permissions ->> 'AllowFleet' as allow_fleet, + image_permissions ->> 'AllowImageBuilder' as allow_image_builder + from + aws_appstream_image; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appstream_image_8.yaml b/queries/aws_appstream_image_8.yaml index 5891cd861..8014d84e1 100755 --- a/queries/aws_appstream_image_8.yaml +++ b/queries/aws_appstream_image_8.yaml @@ -1,7 +1,7 @@ ID: aws_appstream_image_8 Title: "List AWS AppStream Images and Their Error Details" Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appstream_image_8.yaml.bak b/queries/aws_appstream_image_8.yaml.bak new file mode 100755 index 000000000..5891cd861 --- /dev/null +++ b/queries/aws_appstream_image_8.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_appstream_image_8 +Title: "List AWS AppStream Images and Their Error Details" +Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + e ->> 'ErrorCode' as error_code, + e ->> 'ErrorMessage' as error_message, + e ->> 'ErrorTimestamp' as error_timestamp + from + aws_appstream_image, + jsonb_array_elements(image_errors) as e; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppStream diff --git a/queries/aws_appsync_graphql_api_1.yaml b/queries/aws_appsync_graphql_api_1.yaml index d6cde68ea..e9721322d 100755 --- a/queries/aws_appsync_graphql_api_1.yaml +++ b/queries/aws_appsync_graphql_api_1.yaml @@ -1,7 +1,7 @@ ID: aws_appsync_graphql_api_1 Title: "Find details of AWS AppSync GraphQL APIs using SQL" Description: "Allows users to query AppSync GraphQL APIs to retrieve detailed information about each individual GraphQL API." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appsync_graphql_api_1.yaml.bak b/queries/aws_appsync_graphql_api_1.yaml.bak new file mode 100755 index 000000000..d6cde68ea --- /dev/null +++ b/queries/aws_appsync_graphql_api_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_appsync_graphql_api_1 +Title: "Find details of AWS AppSync GraphQL APIs using SQL" +Description: "Allows users to query AppSync GraphQL APIs to retrieve detailed information about each individual GraphQL API." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + api_id, + arn, + api_type, + authentication_type, + owner, + owner_contact + from + aws_appsync_graphql_api + where + api_type = 'MERGED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AppSync diff --git a/queries/aws_appsync_graphql_api_2.yaml b/queries/aws_appsync_graphql_api_2.yaml index c83fbabad..19082866f 100755 --- a/queries/aws_appsync_graphql_api_2.yaml +++ b/queries/aws_appsync_graphql_api_2.yaml @@ -1,7 +1,7 @@ ID: aws_appsync_graphql_api_2 Title: "List all AWS AppSync GraphQL API details" Description: "Allows users to query AppSync GraphQL APIs to retrieve detailed information about each individual GraphQL API." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appsync_graphql_api_2.yaml.bak b/queries/aws_appsync_graphql_api_2.yaml.bak new file mode 100755 index 000000000..c83fbabad --- /dev/null +++ b/queries/aws_appsync_graphql_api_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_appsync_graphql_api_2 +Title: "List all AWS AppSync GraphQL API details" +Description: "Allows users to query AppSync GraphQL APIs to retrieve detailed information about each individual GraphQL API." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + api_id, + api_type, + visibility + from + aws_appsync_graphql_api + where + visibility = 'GLOBAL' + and owner = account_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AppSync diff --git a/queries/aws_appsync_graphql_api_3.yaml b/queries/aws_appsync_graphql_api_3.yaml index eff716851..d8ed89205 100755 --- a/queries/aws_appsync_graphql_api_3.yaml +++ b/queries/aws_appsync_graphql_api_3.yaml @@ -1,7 +1,7 @@ ID: aws_appsync_graphql_api_3 Title: "Find AWS AppSync GraphQL API Details" Description: "Allows users to query AppSync GraphQL APIs to retrieve detailed information about each individual GraphQL API." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_appsync_graphql_api_3.yaml.bak b/queries/aws_appsync_graphql_api_3.yaml.bak new file mode 100755 index 000000000..eff716851 --- /dev/null +++ b/queries/aws_appsync_graphql_api_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_appsync_graphql_api_3 +Title: "Find AWS AppSync GraphQL API Details" +Description: "Allows users to query AppSync GraphQL APIs to retrieve detailed information about each individual GraphQL API." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + api_id, + owner, + log_config ->> 'CloudWatchLogsRoleArn' as cloud_watch_logs_role_arn, + log_config ->> 'FieldLogLevel' as field_log_level, + log_config ->> 'ExcludeVerboseContent' as exclude_verbose_content + from + aws_appsync_graphql_api; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AppSync diff --git a/queries/aws_athena_query_execution_1.yaml b/queries/aws_athena_query_execution_1.yaml index 994555ebe..52d4ea136 100755 --- a/queries/aws_athena_query_execution_1.yaml +++ b/queries/aws_athena_query_execution_1.yaml @@ -1,7 +1,7 @@ ID: aws_athena_query_execution_1 Title: "List AWS Athena Queries with Errors" Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_athena_query_execution_1.yaml.bak b/queries/aws_athena_query_execution_1.yaml.bak new file mode 100755 index 000000000..994555ebe --- /dev/null +++ b/queries/aws_athena_query_execution_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_athena_query_execution_1 +Title: "List AWS Athena Queries with Errors" +Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + query, + error_message, + error_type + from + aws_athena_query_execution + where + error_message is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Athena diff --git a/queries/aws_athena_query_execution_2.yaml b/queries/aws_athena_query_execution_2.yaml index a73fb4dbe..79a3141d6 100755 --- a/queries/aws_athena_query_execution_2.yaml +++ b/queries/aws_athena_query_execution_2.yaml @@ -1,7 +1,7 @@ ID: aws_athena_query_execution_2 Title: "Find AWS Athena Query Executions Detailed Information" Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_athena_query_execution_2.yaml.bak b/queries/aws_athena_query_execution_2.yaml.bak new file mode 100755 index 000000000..a73fb4dbe --- /dev/null +++ b/queries/aws_athena_query_execution_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_athena_query_execution_2 +Title: "Find AWS Athena Query Executions Detailed Information" +Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workgroup, + sum(data_scanned_in_bytes) + from + aws_athena_query_execution + group by + workgroup; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Athena diff --git a/queries/aws_athena_query_execution_3.yaml b/queries/aws_athena_query_execution_3.yaml index 91f31dd45..432c5dc7f 100755 --- a/queries/aws_athena_query_execution_3.yaml +++ b/queries/aws_athena_query_execution_3.yaml @@ -1,7 +1,7 @@ ID: aws_athena_query_execution_3 Title: "Find AWS Athena Query Executions with Execution Time" Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_athena_query_execution_3.yaml.bak b/queries/aws_athena_query_execution_3.yaml.bak new file mode 100755 index 000000000..432c5dc7f --- /dev/null +++ b/queries/aws_athena_query_execution_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_athena_query_execution_3 +Title: "Find AWS Athena Query Executions with Execution Time" +Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + query, + workgroup, + engine_execution_time_in_millis + from + aws_athena_query_execution + order by + engine_execution_time_in_millis limit 5; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Athena diff --git a/queries/aws_athena_query_execution_3.yaml.bak.bak b/queries/aws_athena_query_execution_3.yaml.bak.bak new file mode 100755 index 000000000..432c5dc7f --- /dev/null +++ b/queries/aws_athena_query_execution_3.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_athena_query_execution_3 +Title: "Find AWS Athena Query Executions with Execution Time" +Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + query, + workgroup, + engine_execution_time_in_millis + from + aws_athena_query_execution + order by + engine_execution_time_in_millis limit 5; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Athena diff --git a/queries/aws_athena_query_execution_4.yaml b/queries/aws_athena_query_execution_4.yaml index c120b00bf..edf28751f 100755 --- a/queries/aws_athena_query_execution_4.yaml +++ b/queries/aws_athena_query_execution_4.yaml @@ -1,7 +1,7 @@ ID: aws_athena_query_execution_4 Title: "Find top AWS Athena query executions" Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_athena_query_execution_4.yaml.bak b/queries/aws_athena_query_execution_4.yaml.bak new file mode 100755 index 000000000..c120b00bf --- /dev/null +++ b/queries/aws_athena_query_execution_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_athena_query_execution_4 +Title: "Find top AWS Athena query executions" +Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + database, + count(id) as nb_query + from + aws_athena_query_execution + group by + database + order by + nb_query limit 5; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Athena diff --git a/queries/aws_athena_workgroup_1.yaml b/queries/aws_athena_workgroup_1.yaml index 0f93970da..c83432e68 100755 --- a/queries/aws_athena_workgroup_1.yaml +++ b/queries/aws_athena_workgroup_1.yaml @@ -1,7 +1,7 @@ ID: aws_athena_workgroup_1 Title: "List all AWS Athena Workgroup details and creation time" Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_athena_workgroup_1.yaml.bak b/queries/aws_athena_workgroup_1.yaml.bak new file mode 100755 index 000000000..0f93970da --- /dev/null +++ b/queries/aws_athena_workgroup_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_athena_workgroup_1 +Title: "List all AWS Athena Workgroup details and creation time" +Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + effective_engine_version, + output_location, + creation_time + from + aws_athena_workgroup + order by + creation_time; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Athena diff --git a/queries/aws_athena_workgroup_2.yaml b/queries/aws_athena_workgroup_2.yaml index 7da9d8849..d4a764ba0 100755 --- a/queries/aws_athena_workgroup_2.yaml +++ b/queries/aws_athena_workgroup_2.yaml @@ -1,7 +1,7 @@ ID: aws_athena_workgroup_2 Title: "Find AWS Athena Workgroup Details Including Name and State" Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_athena_workgroup_2.yaml.bak b/queries/aws_athena_workgroup_2.yaml.bak new file mode 100755 index 000000000..d4a764ba0 --- /dev/null +++ b/queries/aws_athena_workgroup_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_athena_workgroup_2 +Title: "Find AWS Athena Workgroup Details Including Name and State" +Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description + from + aws_athena_workgroup + where + effective_engine_version = 'Athena engine version 3'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Athena Workgroup diff --git a/queries/aws_athena_workgroup_2.yaml.bak.bak b/queries/aws_athena_workgroup_2.yaml.bak.bak new file mode 100755 index 000000000..d4a764ba0 --- /dev/null +++ b/queries/aws_athena_workgroup_2.yaml.bak.bak @@ -0,0 +1,25 @@ +ID: aws_athena_workgroup_2 +Title: "Find AWS Athena Workgroup Details Including Name and State" +Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description + from + aws_athena_workgroup + where + effective_engine_version = 'Athena engine version 3'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Athena Workgroup diff --git a/queries/aws_athena_workgroup_3.yaml b/queries/aws_athena_workgroup_3.yaml index f2d8540a7..57a106a90 100755 --- a/queries/aws_athena_workgroup_3.yaml +++ b/queries/aws_athena_workgroup_3.yaml @@ -1,7 +1,7 @@ ID: aws_athena_workgroup_3 Title: "List AWS Athena Workgroup details including state" Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_athena_workgroup_3.yaml.bak b/queries/aws_athena_workgroup_3.yaml.bak new file mode 100755 index 000000000..f2d8540a7 --- /dev/null +++ b/queries/aws_athena_workgroup_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_athena_workgroup_3 +Title: "List AWS Athena Workgroup details including state" +Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + region, + count(*) + from + aws_athena_workgroup + group by + region; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Athena diff --git a/queries/aws_athena_workgroup_4.yaml b/queries/aws_athena_workgroup_4.yaml index 161dcf9f4..36b67f1e6 100755 --- a/queries/aws_athena_workgroup_4.yaml +++ b/queries/aws_athena_workgroup_4.yaml @@ -1,7 +1,7 @@ ID: aws_athena_workgroup_4 Title: "List all AWS Athena Workgroup details using SQL" Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_athena_workgroup_4.yaml.bak b/queries/aws_athena_workgroup_4.yaml.bak new file mode 100755 index 000000000..161dcf9f4 --- /dev/null +++ b/queries/aws_athena_workgroup_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_athena_workgroup_4 +Title: "List all AWS Athena Workgroup details using SQL" +Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + creation_time + from + aws_athena_workgroup + where + state = 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Athena diff --git a/queries/aws_auditmanager_assessment_1.yaml b/queries/aws_auditmanager_assessment_1.yaml index 1d2d3eda9..daa0b6623 100755 --- a/queries/aws_auditmanager_assessment_1.yaml +++ b/queries/aws_auditmanager_assessment_1.yaml @@ -1,7 +1,7 @@ ID: aws_auditmanager_assessment_1 Title: "List all AWS Audit Manager Assessments" Description: "Allows users to query AWS Audit Manager Assessments to retrieve detailed information about each assessment." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_auditmanager_assessment_1.yaml.bak b/queries/aws_auditmanager_assessment_1.yaml.bak new file mode 100755 index 000000000..1d2d3eda9 --- /dev/null +++ b/queries/aws_auditmanager_assessment_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_auditmanager_assessment_1 +Title: "List all AWS Audit Manager Assessments" +Description: "Allows users to query AWS Audit Manager Assessments to retrieve detailed information about each assessment." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + status, + compliance_type + from + aws_auditmanager_assessment; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Audit Manager diff --git a/queries/aws_auditmanager_assessment_2.yaml b/queries/aws_auditmanager_assessment_2.yaml index bdf4325b9..3ee1442d0 100755 --- a/queries/aws_auditmanager_assessment_2.yaml +++ b/queries/aws_auditmanager_assessment_2.yaml @@ -1,7 +1,7 @@ ID: aws_auditmanager_assessment_2 Title: "Find all AWS Audit Manager Assessment details" Description: "Allows users to query AWS Audit Manager Assessments to retrieve detailed information about each assessment." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_auditmanager_assessment_2.yaml.bak b/queries/aws_auditmanager_assessment_2.yaml.bak new file mode 100755 index 000000000..bdf4325b9 --- /dev/null +++ b/queries/aws_auditmanager_assessment_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_auditmanager_assessment_2 +Title: "Find all AWS Audit Manager Assessment details" +Description: "Allows users to query AWS Audit Manager Assessments to retrieve detailed information about each assessment." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.name, + a.arn, + a.assessment_report_destination, + a.assessment_report_destination_type, + b.bucket_policy_is_public as is_public_bucket + from + aws_auditmanager_assessment as a + join aws_s3_bucket as b on a.assessment_report_destination = 's3://' || b.Name and b.bucket_policy_is_public; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Audit Manager diff --git a/queries/aws_auditmanager_assessment_3.yaml b/queries/aws_auditmanager_assessment_3.yaml index c1c580012..7829f72c3 100755 --- a/queries/aws_auditmanager_assessment_3.yaml +++ b/queries/aws_auditmanager_assessment_3.yaml @@ -1,7 +1,7 @@ ID: aws_auditmanager_assessment_3 Title: "List all AWS Audit Manager assessments information" Description: "Allows users to query AWS Audit Manager Assessments to retrieve detailed information about each assessment." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_auditmanager_assessment_3.yaml.bak b/queries/aws_auditmanager_assessment_3.yaml.bak new file mode 100755 index 000000000..c1c580012 --- /dev/null +++ b/queries/aws_auditmanager_assessment_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_auditmanager_assessment_3 +Title: "List all AWS Audit Manager assessments information" +Description: "Allows users to query AWS Audit Manager Assessments to retrieve detailed information about each assessment." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + status + from + aws_auditmanager_assessment + where + status <> 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Audit Manager diff --git a/queries/aws_auditmanager_control_1.yaml b/queries/aws_auditmanager_control_1.yaml index 33f741ca5..82d0e2e9b 100755 --- a/queries/aws_auditmanager_control_1.yaml +++ b/queries/aws_auditmanager_control_1.yaml @@ -1,7 +1,7 @@ ID: aws_auditmanager_control_1 Title: "List all AWS Audit Manager Controls with Details" Description: "Allows users to query AWS Audit Manager Control data, providing information about controls within AWS Audit Manager. This table enables users to access detailed information about controls, such as control source, control type, description, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_auditmanager_control_1.yaml.bak b/queries/aws_auditmanager_control_1.yaml.bak new file mode 100755 index 000000000..33f741ca5 --- /dev/null +++ b/queries/aws_auditmanager_control_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_auditmanager_control_1 +Title: "List all AWS Audit Manager Controls with Details" +Description: "Allows users to query AWS Audit Manager Control data, providing information about controls within AWS Audit Manager. This table enables users to access detailed information about controls, such as control source, control type, description, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + description, + type + from + aws_auditmanager_control; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Audit Manager diff --git a/queries/aws_auditmanager_control_2.yaml b/queries/aws_auditmanager_control_2.yaml index a2bec18d0..39509b5a5 100755 --- a/queries/aws_auditmanager_control_2.yaml +++ b/queries/aws_auditmanager_control_2.yaml @@ -1,7 +1,7 @@ ID: aws_auditmanager_control_2 Title: "List AWS Audit Manager Control Data" Description: "Allows users to query AWS Audit Manager Control data, providing information about controls within AWS Audit Manager. This table enables users to access detailed information about controls, such as control source, control type, description, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_auditmanager_control_2.yaml.bak b/queries/aws_auditmanager_control_2.yaml.bak new file mode 100755 index 000000000..a2bec18d0 --- /dev/null +++ b/queries/aws_auditmanager_control_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_auditmanager_control_2 +Title: "List AWS Audit Manager Control Data" +Description: "Allows users to query AWS Audit Manager Control data, providing information about controls within AWS Audit Manager. This table enables users to access detailed information about controls, such as control source, control type, description, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + type + from + aws_auditmanager_control + where + type = 'Custom'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Audit Manager diff --git a/queries/aws_auditmanager_evidence_1.yaml b/queries/aws_auditmanager_evidence_1.yaml index 514cf3f0c..e55721a3c 100755 --- a/queries/aws_auditmanager_evidence_1.yaml +++ b/queries/aws_auditmanager_evidence_1.yaml @@ -1,7 +1,7 @@ ID: aws_auditmanager_evidence_1 Title: "Find AWS Audit Manager Evidence with Detailed Info" Description: "Allows users to query AWS Audit Manager Evidence, providing detailed information about evidence resources associated with assessments in AWS Audit Manager." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_auditmanager_evidence_1.yaml.bak b/queries/aws_auditmanager_evidence_1.yaml.bak new file mode 100755 index 000000000..514cf3f0c --- /dev/null +++ b/queries/aws_auditmanager_evidence_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_auditmanager_evidence_1 +Title: "Find AWS Audit Manager Evidence with Detailed Info" +Description: "Allows users to query AWS Audit Manager Evidence, providing detailed information about evidence resources associated with assessments in AWS Audit Manager." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + evidence_folder_id, + evidence_by_type, + iam_id, + control_set_id + from + aws_auditmanager_evidence; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Audit Manager diff --git a/queries/aws_auditmanager_evidence_2.yaml b/queries/aws_auditmanager_evidence_2.yaml index 220160a70..746d9721f 100755 --- a/queries/aws_auditmanager_evidence_2.yaml +++ b/queries/aws_auditmanager_evidence_2.yaml @@ -1,7 +1,7 @@ ID: aws_auditmanager_evidence_2 Title: "List all evidence resources in AWS Audit Manager" Description: "Allows users to query AWS Audit Manager Evidence, providing detailed information about evidence resources associated with assessments in AWS Audit Manager." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_auditmanager_evidence_2.yaml.bak b/queries/aws_auditmanager_evidence_2.yaml.bak new file mode 100755 index 000000000..220160a70 --- /dev/null +++ b/queries/aws_auditmanager_evidence_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_auditmanager_evidence_2 +Title: "List all evidence resources in AWS Audit Manager" +Description: "Allows users to query AWS Audit Manager Evidence, providing detailed information about evidence resources associated with assessments in AWS Audit Manager." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + evidence_folder_id, + count(id) as evidence_count + from + aws_auditmanager_evidence + group by + evidence_folder_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Audit Manager diff --git a/queries/aws_auditmanager_evidence_folder_1.yaml b/queries/aws_auditmanager_evidence_folder_1.yaml index 7c2723fcf..ee7065ce7 100755 --- a/queries/aws_auditmanager_evidence_folder_1.yaml +++ b/queries/aws_auditmanager_evidence_folder_1.yaml @@ -1,7 +1,7 @@ ID: aws_auditmanager_evidence_folder_1 Title: "List all AWS Audit Manager Evidence Folders" Description: "Allows users to query AWS Audit Manager Evidence Folders to get comprehensive details about the evidence folders in the AWS Audit Manager service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_auditmanager_evidence_folder_1.yaml.bak b/queries/aws_auditmanager_evidence_folder_1.yaml.bak new file mode 100755 index 000000000..7c2723fcf --- /dev/null +++ b/queries/aws_auditmanager_evidence_folder_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_auditmanager_evidence_folder_1 +Title: "List all AWS Audit Manager Evidence Folders" +Description: "Allows users to query AWS Audit Manager Evidence Folders to get comprehensive details about the evidence folders in the AWS Audit Manager service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + assessment_id, + control_set_id, + control_id, + total_evidence + from + aws_auditmanager_evidence_folder; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Audit Manager diff --git a/queries/aws_auditmanager_evidence_folder_2.yaml b/queries/aws_auditmanager_evidence_folder_2.yaml index 6ef19366d..56ba1c299 100755 --- a/queries/aws_auditmanager_evidence_folder_2.yaml +++ b/queries/aws_auditmanager_evidence_folder_2.yaml @@ -1,7 +1,7 @@ ID: aws_auditmanager_evidence_folder_2 Title: "List all Evidence Folders in AWS Audit Manager" Description: "Allows users to query AWS Audit Manager Evidence Folders to get comprehensive details about the evidence folders in the AWS Audit Manager service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_auditmanager_evidence_folder_2.yaml.bak b/queries/aws_auditmanager_evidence_folder_2.yaml.bak new file mode 100755 index 000000000..6ef19366d --- /dev/null +++ b/queries/aws_auditmanager_evidence_folder_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_auditmanager_evidence_folder_2 +Title: "List all Evidence Folders in AWS Audit Manager" +Description: "Allows users to query AWS Audit Manager Evidence Folders to get comprehensive details about the evidence folders in the AWS Audit Manager service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + assessment_id, + count(id) as evidence_folder_count + from + aws_auditmanager_evidence_folder + group by + assessment_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Audit Manager diff --git a/queries/aws_auditmanager_framework_1.yaml b/queries/aws_auditmanager_framework_1.yaml index 86dba5926..ea2e2b74e 100755 --- a/queries/aws_auditmanager_framework_1.yaml +++ b/queries/aws_auditmanager_framework_1.yaml @@ -1,7 +1,7 @@ ID: aws_auditmanager_framework_1 Title: "Find all AWS Audit Manager Frameworks" Description: "Allows users to query AWS Audit Manager Frameworks" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_auditmanager_framework_1.yaml.bak b/queries/aws_auditmanager_framework_1.yaml.bak new file mode 100755 index 000000000..86dba5926 --- /dev/null +++ b/queries/aws_auditmanager_framework_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_auditmanager_framework_1 +Title: "Find all AWS Audit Manager Frameworks" +Description: "Allows users to query AWS Audit Manager Frameworks" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + id, + type + from + aws_auditmanager_framework; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Audit Manager diff --git a/queries/aws_auditmanager_framework_2.yaml b/queries/aws_auditmanager_framework_2.yaml index 0e2aeef58..85a51e3a5 100755 --- a/queries/aws_auditmanager_framework_2.yaml +++ b/queries/aws_auditmanager_framework_2.yaml @@ -1,7 +1,7 @@ ID: aws_auditmanager_framework_2 Title: "Find AWS Audit Manager Frameworks with SQL" Description: "Allows users to query AWS Audit Manager Frameworks" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_auditmanager_framework_2.yaml.bak b/queries/aws_auditmanager_framework_2.yaml.bak new file mode 100755 index 000000000..0e2aeef58 --- /dev/null +++ b/queries/aws_auditmanager_framework_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_auditmanager_framework_2 +Title: "Find AWS Audit Manager Frameworks with SQL" +Description: "Allows users to query AWS Audit Manager Frameworks" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + id, + type + from + aws_auditmanager_framework + where + type = 'Custom'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Audit Manager diff --git a/queries/aws_availability_zone_1.yaml b/queries/aws_availability_zone_1.yaml index 854e7a9a0..04f3ce31c 100755 --- a/queries/aws_availability_zone_1.yaml +++ b/queries/aws_availability_zone_1.yaml @@ -1,7 +1,7 @@ ID: aws_availability_zone_1 Title: "List all EC2 Availability Zones with Details" Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_availability_zone_1.yaml.bak b/queries/aws_availability_zone_1.yaml.bak new file mode 100755 index 000000000..854e7a9a0 --- /dev/null +++ b/queries/aws_availability_zone_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_availability_zone_1 +Title: "List all EC2 Availability Zones with Details" +Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + zone_id, + zone_type, + group_name, + region_name + from + aws_availability_zone; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_availability_zone_2.yaml b/queries/aws_availability_zone_2.yaml index c48a89428..3ded35598 100755 --- a/queries/aws_availability_zone_2.yaml +++ b/queries/aws_availability_zone_2.yaml @@ -1,7 +1,7 @@ ID: aws_availability_zone_2 Title: "List all EC2 Availability Zones details in AWS" Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_availability_zone_2.yaml.bak b/queries/aws_availability_zone_2.yaml.bak new file mode 100755 index 000000000..3ded35598 --- /dev/null +++ b/queries/aws_availability_zone_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_availability_zone_2 +Title: "List all EC2 Availability Zones details in AWS" +Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + region_name, + count(name) as zone_count + from + aws_availability_zone + group by + region_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_availability_zone_2.yaml.bak.bak b/queries/aws_availability_zone_2.yaml.bak.bak new file mode 100755 index 000000000..3ded35598 --- /dev/null +++ b/queries/aws_availability_zone_2.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_availability_zone_2 +Title: "List all EC2 Availability Zones details in AWS" +Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + region_name, + count(name) as zone_count + from + aws_availability_zone + group by + region_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_availability_zone_3.yaml b/queries/aws_availability_zone_3.yaml index c0a7de13a..2c9a5b103 100755 --- a/queries/aws_availability_zone_3.yaml +++ b/queries/aws_availability_zone_3.yaml @@ -1,7 +1,7 @@ ID: aws_availability_zone_3 Title: "List all EC2 Availability Zones with details in AWS" Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_availability_zone_3.yaml.bak b/queries/aws_availability_zone_3.yaml.bak new file mode 100755 index 000000000..c0a7de13a --- /dev/null +++ b/queries/aws_availability_zone_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_availability_zone_3 +Title: "List all EC2 Availability Zones with details in AWS" +Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + zone_id, + region_name, + opt_in_status + from + aws_availability_zone + where + opt_in_status = 'not-opted-in'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_backup_framework_1.yaml b/queries/aws_backup_framework_1.yaml index 9cdebf56b..6ee8c6682 100755 --- a/queries/aws_backup_framework_1.yaml +++ b/queries/aws_backup_framework_1.yaml @@ -1,7 +1,7 @@ ID: aws_backup_framework_1 Title: "List AWS Backup Frameworks with Comprehensive Details" Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_framework_1.yaml.bak b/queries/aws_backup_framework_1.yaml.bak new file mode 100755 index 000000000..9cdebf56b --- /dev/null +++ b/queries/aws_backup_framework_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_backup_framework_1 +Title: "List AWS Backup Frameworks with Comprehensive Details" +Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + account_id, + arn, + creation_time, + deployment_status, + framework_controls, + framework_description,framework_name, + framework_status, + number_of_controls, + region, + tags + from + aws_backup_framework; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_framework_2.yaml b/queries/aws_backup_framework_2.yaml index cfa209e21..40760192e 100755 --- a/queries/aws_backup_framework_2.yaml +++ b/queries/aws_backup_framework_2.yaml @@ -1,7 +1,7 @@ ID: aws_backup_framework_2 Title: "List all AWS Backup Frameworks and Detailed Information" Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_framework_2.yaml.bak b/queries/aws_backup_framework_2.yaml.bak new file mode 100755 index 000000000..cfa209e21 --- /dev/null +++ b/queries/aws_backup_framework_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_backup_framework_2 +Title: "List all AWS Backup Frameworks and Detailed Information" +Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + framework_name, + arn, + creation_time, + number_of_controls + from + aws_backup_framework + where + creation_time >= (current_date - interval '90' day) + order by + creation_time; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_framework_3.yaml b/queries/aws_backup_framework_3.yaml index 9aedfbede..6e3763dce 100755 --- a/queries/aws_backup_framework_3.yaml +++ b/queries/aws_backup_framework_3.yaml @@ -1,7 +1,7 @@ ID: aws_backup_framework_3 Title: "List AWS Backup Frameworks and Detailed Plans" Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_framework_3.yaml.bak b/queries/aws_backup_framework_3.yaml.bak new file mode 100755 index 000000000..9aedfbede --- /dev/null +++ b/queries/aws_backup_framework_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_backup_framework_3 +Title: "List AWS Backup Frameworks and Detailed Plans" +Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + framework_name + from + aws_backup_framework, + jsonb_array_elements(framework_controls) as controls + where + controls ->> 'ControlName' = 'BACKUP_RESOURCES_PROTECTED_BY_BACKUP_VAULT_LOCK'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_framework_4.yaml b/queries/aws_backup_framework_4.yaml index d70e97b98..7ed9501aa 100755 --- a/queries/aws_backup_framework_4.yaml +++ b/queries/aws_backup_framework_4.yaml @@ -1,7 +1,7 @@ ID: aws_backup_framework_4 Title: "Find AWS Backup Frameworks and Retrieve Comprehensive Data" Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_framework_4.yaml.bak b/queries/aws_backup_framework_4.yaml.bak new file mode 100755 index 000000000..d70e97b98 --- /dev/null +++ b/queries/aws_backup_framework_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_backup_framework_4 +Title: "Find AWS Backup Frameworks and Retrieve Comprehensive Data" +Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + framework_name, + controls ->> 'ControlName' as control_name, + control_scope + from + aws_backup_framework, + jsonb_array_elements(framework_controls) as controls, + json_array_elements_text(coalesce(controls -> 'ControlScope' ->> 'ComplianceResourceTypes', '[""]')::json) as control_scope + where + framework_name = 'framework_name'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_framework_5.yaml b/queries/aws_backup_framework_5.yaml index 78b21f858..68b683793 100755 --- a/queries/aws_backup_framework_5.yaml +++ b/queries/aws_backup_framework_5.yaml @@ -1,7 +1,7 @@ ID: aws_backup_framework_5 Title: "Find AWS Backup Frameworks and Compliance Types" Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_framework_5.yaml.bak b/queries/aws_backup_framework_5.yaml.bak new file mode 100755 index 000000000..78b21f858 --- /dev/null +++ b/queries/aws_backup_framework_5.yaml.bak @@ -0,0 +1,49 @@ +ID: aws_backup_framework_5 +Title: "Find AWS Backup Frameworks and Compliance Types" +Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + rule_name, + compliance_result -> 'Compliance' ->> 'ComplianceType' as compliance_type, + compliance_result -> 'Compliance' -> 'ComplianceContributorCount' ->> 'CappedCount' as count_of_noncompliant_resources + from + aws_config_rule + inner join + ( + -- The sub-query will create the AWS Config rule name from information stored in the AWS Backup framework table. + select + case when framework_information.control_scope = '' then concat(framework_information.control_name, '-', framework_information.framework_uuid) + else concat(upper(framework_information.control_scope), '-', framework_information.control_name, '-', framework_information.framework_uuid) + end as rule_name + from + ( + select + framework_name, + controls ->> 'ControlName' as control_name, + control_scope, + right(arn, 36) as framework_uuid + from + aws_backup_framework, + jsonb_array_elements(framework_controls) as controls, + json_array_elements_text(coalesce(controls -> 'ControlScope' ->> 'ComplianceResourceTypes', '[""]')::json) as control_scope + ) as framework_information + ) as backup_framework + on + aws_config_rule.name = backup_framework.rule_name, + jsonb_array_elements(compliance_by_config_rule) as compliance_result + where + compliance_result -> 'Compliance' ->> 'ComplianceType' = 'NON_COMPLIANT'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_framework_6.yaml b/queries/aws_backup_framework_6.yaml index 6c368ee6d..a80570cdc 100755 --- a/queries/aws_backup_framework_6.yaml +++ b/queries/aws_backup_framework_6.yaml @@ -1,7 +1,7 @@ ID: aws_backup_framework_6 Title: "Find AWS Backup Frameworks with Compliance Status" Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_framework_6.yaml.bak b/queries/aws_backup_framework_6.yaml.bak new file mode 100755 index 000000000..6c368ee6d --- /dev/null +++ b/queries/aws_backup_framework_6.yaml.bak @@ -0,0 +1,50 @@ +ID: aws_backup_framework_6 +Title: "Find AWS Backup Frameworks with Compliance Status" +Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + rule_name, + compliance_result -> 'Compliance' ->> 'ComplianceType' as compliance_type + from + aws_config_rule + inner join + ( + -- The sub-query will create the AWS Config rule name from information stored in the AWS Backup framework table. + select + case when framework_information.control_scope = '' then concat(framework_information.control_name, '-', framework_information.framework_uuid) + else concat(upper(framework_information.control_scope), '-', framework_information.control_name, '-', framework_information.framework_uuid) + end as rule_name + from + ( + select + framework_name, + controls ->> 'ControlName' as control_name, + control_scope, + right(arn, 36) as framework_uuid + from + aws_backup_framework, + jsonb_array_elements(framework_controls) as controls, + json_array_elements_text(coalesce(controls -> 'ControlScope' ->> 'ComplianceResourceTypes', '[""]')::json) as control_scope + ) as framework_information + ) as backup_framework + on + aws_config_rule.name = backup_framework.rule_name, + jsonb_array_elements(compliance_by_config_rule) as compliance_result + where + compliance_result -> 'Compliance' ->> 'ComplianceType' = 'COMPLIANT'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_job_1.yaml b/queries/aws_backup_job_1.yaml index e09bd6af1..e64694c90 100755 --- a/queries/aws_backup_job_1.yaml +++ b/queries/aws_backup_job_1.yaml @@ -1,7 +1,7 @@ ID: aws_backup_job_1 Title: "Find all AWS Backup Job details including status" Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_job_1.yaml.bak b/queries/aws_backup_job_1.yaml.bak new file mode 100755 index 000000000..e64694c90 --- /dev/null +++ b/queries/aws_backup_job_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_backup_job_1 +Title: "Find all AWS Backup Job details including status" +Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + job_id, + recovery_point_arn, + backup_vault_arn, + status + from + aws_backup_job + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Backup diff --git a/queries/aws_backup_job_1.yaml.bak.bak b/queries/aws_backup_job_1.yaml.bak.bak new file mode 100755 index 000000000..e64694c90 --- /dev/null +++ b/queries/aws_backup_job_1.yaml.bak.bak @@ -0,0 +1,25 @@ +ID: aws_backup_job_1 +Title: "Find all AWS Backup Job details including status" +Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + job_id, + recovery_point_arn, + backup_vault_arn, + status + from + aws_backup_job + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Backup diff --git a/queries/aws_backup_job_2.yaml b/queries/aws_backup_job_2.yaml index 19c6e0528..5d202634a 100755 --- a/queries/aws_backup_job_2.yaml +++ b/queries/aws_backup_job_2.yaml @@ -1,7 +1,7 @@ ID: aws_backup_job_2 Title: "List All Incomplete AWS Backup Jobs" Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_job_2.yaml.bak b/queries/aws_backup_job_2.yaml.bak new file mode 100755 index 000000000..19c6e0528 --- /dev/null +++ b/queries/aws_backup_job_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_backup_job_2 +Title: "List All Incomplete AWS Backup Jobs" +Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + job_id, + recovery_point_arn, + backup_vault_arn, + status, + current_date + from + aws_backup_job + where + status != 'COMPLETED' + and creation_date > current_date + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Backup diff --git a/queries/aws_backup_job_3.yaml b/queries/aws_backup_job_3.yaml index 7f05d4e2e..ecad74deb 100755 --- a/queries/aws_backup_job_3.yaml +++ b/queries/aws_backup_job_3.yaml @@ -1,7 +1,7 @@ ID: aws_backup_job_3 Title: "List all AWS Backup Jobs with Status Details" Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_job_3.yaml.bak b/queries/aws_backup_job_3.yaml.bak new file mode 100755 index 000000000..7f05d4e2e --- /dev/null +++ b/queries/aws_backup_job_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_backup_job_3 +Title: "List all AWS Backup Jobs with Status Details" +Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_type, + count(*) + from + aws_backup_job + group by + resource_type + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Backup diff --git a/queries/aws_backup_legal_hold_1.yaml b/queries/aws_backup_legal_hold_1.yaml index 9f0211b78..85e94f55f 100755 --- a/queries/aws_backup_legal_hold_1.yaml +++ b/queries/aws_backup_legal_hold_1.yaml @@ -1,7 +1,7 @@ ID: aws_backup_legal_hold_1 Title: "List AWS Backup Legal Hold Settings" Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_legal_hold_1.yaml.bak b/queries/aws_backup_legal_hold_1.yaml.bak new file mode 100755 index 000000000..9f0211b78 --- /dev/null +++ b/queries/aws_backup_legal_hold_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_backup_legal_hold_1 +Title: "List AWS Backup Legal Hold Settings" +Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + legal_hold_id, + arn, + creation_date, + cancellation_date + from + aws_backup_legal_hold; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_legal_hold_2.yaml b/queries/aws_backup_legal_hold_2.yaml index 74670c1fc..cc16a096d 100755 --- a/queries/aws_backup_legal_hold_2.yaml +++ b/queries/aws_backup_legal_hold_2.yaml @@ -1,7 +1,7 @@ ID: aws_backup_legal_hold_2 Title: "Find AWS Backup Legal Hold Settings" Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_legal_hold_2.yaml.bak b/queries/aws_backup_legal_hold_2.yaml.bak new file mode 100755 index 000000000..74670c1fc --- /dev/null +++ b/queries/aws_backup_legal_hold_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_backup_legal_hold_2 +Title: "Find AWS Backup Legal Hold Settings" +Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + legal_hold_id, + arn, + creation_date, + creation_date, + retain_record_until + from + aws_backup_legal_hold + where + creation_date <= current_date - interval '10' day + order by + creation_date; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_legal_hold_3.yaml b/queries/aws_backup_legal_hold_3.yaml index 20bc9ad47..e6a6ed0ee 100755 --- a/queries/aws_backup_legal_hold_3.yaml +++ b/queries/aws_backup_legal_hold_3.yaml @@ -1,7 +1,7 @@ ID: aws_backup_legal_hold_3 Title: "List all AWS Backup Legal Hold settings" Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_legal_hold_3.yaml.bak b/queries/aws_backup_legal_hold_3.yaml.bak new file mode 100755 index 000000000..e6a6ed0ee --- /dev/null +++ b/queries/aws_backup_legal_hold_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_backup_legal_hold_3 +Title: "List all AWS Backup Legal Hold settings" +Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + legal_hold_id, + recovery_point_selection -> 'DateRange' ->> 'ToDate' as to_date, + recovery_point_selection -> 'DateRange' ->> 'FromDate' as from_date, + recovery_point_selection -> 'VaultNames' as vault_names, + recovery_point_selection ->> 'ResourceIdentifiers' as resource_identifiers + from + aws_backup_legal_hold; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_legal_hold_3.yaml.bak.bak b/queries/aws_backup_legal_hold_3.yaml.bak.bak new file mode 100755 index 000000000..e6a6ed0ee --- /dev/null +++ b/queries/aws_backup_legal_hold_3.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_backup_legal_hold_3 +Title: "List all AWS Backup Legal Hold settings" +Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + legal_hold_id, + recovery_point_selection -> 'DateRange' ->> 'ToDate' as to_date, + recovery_point_selection -> 'DateRange' ->> 'FromDate' as from_date, + recovery_point_selection -> 'VaultNames' as vault_names, + recovery_point_selection ->> 'ResourceIdentifiers' as resource_identifiers + from + aws_backup_legal_hold; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_plan_1.yaml b/queries/aws_backup_plan_1.yaml index 3fc844db0..b9074b140 100755 --- a/queries/aws_backup_plan_1.yaml +++ b/queries/aws_backup_plan_1.yaml @@ -1,7 +1,7 @@ ID: aws_backup_plan_1 Title: "Find AWS Backup Plans Information for Data Recovery" Description: "Allows users to query AWS Backup Plan data, providing detailed information about each backup plan created within an AWS account. Useful for DevOps engineers to monitor and manage backup strategies and ensure data recovery processes are in place." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_plan_1.yaml.bak b/queries/aws_backup_plan_1.yaml.bak new file mode 100755 index 000000000..3fc844db0 --- /dev/null +++ b/queries/aws_backup_plan_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_backup_plan_1 +Title: "Find AWS Backup Plans Information for Data Recovery" +Description: "Allows users to query AWS Backup Plan data, providing detailed information about each backup plan created within an AWS account. Useful for DevOps engineers to monitor and manage backup strategies and ensure data recovery processes are in place." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + backup_plan_id, + arn, + creation_date, + last_execution_date + from + aws_backup_plan; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_plan_2.yaml b/queries/aws_backup_plan_2.yaml index 42bc21027..007cbb06e 100755 --- a/queries/aws_backup_plan_2.yaml +++ b/queries/aws_backup_plan_2.yaml @@ -1,7 +1,7 @@ ID: aws_backup_plan_2 Title: "List all AWS Backup Plans and details within 90 days" Description: "Allows users to query AWS Backup Plan data, providing detailed information about each backup plan created within an AWS account. Useful for DevOps engineers to monitor and manage backup strategies and ensure data recovery processes are in place." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_plan_2.yaml.bak b/queries/aws_backup_plan_2.yaml.bak new file mode 100755 index 000000000..42bc21027 --- /dev/null +++ b/queries/aws_backup_plan_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_backup_plan_2 +Title: "List all AWS Backup Plans and details within 90 days" +Description: "Allows users to query AWS Backup Plan data, providing detailed information about each backup plan created within an AWS account. Useful for DevOps engineers to monitor and manage backup strategies and ensure data recovery processes are in place." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + backup_plan_id, + arn, + creation_date, + last_execution_date + from + aws_backup_plan + where + creation_date <= (current_date - interval '90' day) + order by + creation_date; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup Plan diff --git a/queries/aws_backup_plan_3.yaml b/queries/aws_backup_plan_3.yaml index d3c9951a8..f06bda149 100755 --- a/queries/aws_backup_plan_3.yaml +++ b/queries/aws_backup_plan_3.yaml @@ -1,7 +1,7 @@ ID: aws_backup_plan_3 Title: "List all AWS Backup Plans with Details" Description: "Allows users to query AWS Backup Plan data, providing detailed information about each backup plan created within an AWS account. Useful for DevOps engineers to monitor and manage backup strategies and ensure data recovery processes are in place." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_plan_3.yaml.bak b/queries/aws_backup_plan_3.yaml.bak new file mode 100755 index 000000000..d3c9951a8 --- /dev/null +++ b/queries/aws_backup_plan_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_backup_plan_3 +Title: "List all AWS Backup Plans with Details" +Description: "Allows users to query AWS Backup Plan data, providing detailed information about each backup plan created within an AWS account. Useful for DevOps engineers to monitor and manage backup strategies and ensure data recovery processes are in place." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_date, + deletion_date + from + aws_backup_plan + where + deletion_date > current_date - 7 + order by + deletion_date; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Backup diff --git a/queries/aws_backup_protected_resource_1.yaml b/queries/aws_backup_protected_resource_1.yaml index 025358912..3e4f0cf9f 100755 --- a/queries/aws_backup_protected_resource_1.yaml +++ b/queries/aws_backup_protected_resource_1.yaml @@ -1,7 +1,7 @@ ID: aws_backup_protected_resource_1 Title: "List all AWS Backup Protected Resource details" Description: "Allows users to query AWS Backup Protected Resources to retrieve detailed information about the resources that are backed up by AWS Backup service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_protected_resource_1.yaml.bak b/queries/aws_backup_protected_resource_1.yaml.bak new file mode 100755 index 000000000..025358912 --- /dev/null +++ b/queries/aws_backup_protected_resource_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_backup_protected_resource_1 +Title: "List all AWS Backup Protected Resource details" +Description: "Allows users to query AWS Backup Protected Resources to retrieve detailed information about the resources that are backed up by AWS Backup service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_arn, + resource_type, + last_backup_time + from + aws_backup_protected_resource; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_protected_resource_2.yaml b/queries/aws_backup_protected_resource_2.yaml index acf4968cd..1884bf785 100755 --- a/queries/aws_backup_protected_resource_2.yaml +++ b/queries/aws_backup_protected_resource_2.yaml @@ -1,7 +1,7 @@ ID: aws_backup_protected_resource_2 Title: "Find AWS Backup Protected Resources Information" Description: "Allows users to query AWS Backup Protected Resources to retrieve detailed information about the resources that are backed up by AWS Backup service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_protected_resource_2.yaml.bak b/queries/aws_backup_protected_resource_2.yaml.bak new file mode 100755 index 000000000..acf4968cd --- /dev/null +++ b/queries/aws_backup_protected_resource_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_backup_protected_resource_2 +Title: "Find AWS Backup Protected Resources Information" +Description: "Allows users to query AWS Backup Protected Resources to retrieve detailed information about the resources that are backed up by AWS Backup service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_arn, + resource_type, + last_backup_time + from + aws_backup_protected_resource + where + resource_type = 'EBS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_recovery_point_1.yaml b/queries/aws_backup_recovery_point_1.yaml index cb48429be..b25c163b9 100755 --- a/queries/aws_backup_recovery_point_1.yaml +++ b/queries/aws_backup_recovery_point_1.yaml @@ -1,7 +1,7 @@ ID: aws_backup_recovery_point_1 Title: "List all AWS Backup Recovery Points in a Backup Vault" Description: "Allows users to query AWS Backup Recovery Points to gather comprehensive information about each recovery point within an AWS Backup vault." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_recovery_point_1.yaml.bak b/queries/aws_backup_recovery_point_1.yaml.bak new file mode 100755 index 000000000..cb48429be --- /dev/null +++ b/queries/aws_backup_recovery_point_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_backup_recovery_point_1 +Title: "List all AWS Backup Recovery Points in a Backup Vault" +Description: "Allows users to query AWS Backup Recovery Points to gather comprehensive information about each recovery point within an AWS Backup vault." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + backup_vault_name, + recovery_point_arn, + resource_type, + status + from + aws_backup_recovery_point; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_recovery_point_2.yaml b/queries/aws_backup_recovery_point_2.yaml index aa35a33f9..30b8cdfd7 100755 --- a/queries/aws_backup_recovery_point_2.yaml +++ b/queries/aws_backup_recovery_point_2.yaml @@ -1,7 +1,7 @@ ID: aws_backup_recovery_point_2 Title: "List all AWS Backup Recovery Points in Vault" Description: "Allows users to query AWS Backup Recovery Points to gather comprehensive information about each recovery point within an AWS Backup vault." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_recovery_point_2.yaml.bak b/queries/aws_backup_recovery_point_2.yaml.bak new file mode 100755 index 000000000..aa35a33f9 --- /dev/null +++ b/queries/aws_backup_recovery_point_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_backup_recovery_point_2 +Title: "List all AWS Backup Recovery Points in Vault" +Description: "Allows users to query AWS Backup Recovery Points to gather comprehensive information about each recovery point within an AWS Backup vault." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + backup_vault_name, + recovery_point_arn, + resource_type, + status, + is_encrypted + from + aws_backup_recovery_point + where + is_encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_recovery_point_3.yaml b/queries/aws_backup_recovery_point_3.yaml index 66d8dd836..6188e3983 100755 --- a/queries/aws_backup_recovery_point_3.yaml +++ b/queries/aws_backup_recovery_point_3.yaml @@ -1,7 +1,7 @@ ID: aws_backup_recovery_point_3 Title: "List all AWS Backup Recovery Points in a Vault" Description: "Allows users to query AWS Backup Recovery Points to gather comprehensive information about each recovery point within an AWS Backup vault." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_recovery_point_3.yaml.bak b/queries/aws_backup_recovery_point_3.yaml.bak new file mode 100755 index 000000000..66d8dd836 --- /dev/null +++ b/queries/aws_backup_recovery_point_3.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_backup_recovery_point_3 +Title: "List all AWS Backup Recovery Points in a Vault" +Description: "Allows users to query AWS Backup Recovery Points to gather comprehensive information about each recovery point within an AWS Backup vault." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.backup_vault_name as backup_vault_name, + r.recovery_point_arn as recovery_point_arn, + r.resource_type as resource_type, + case + when r.resource_type = 'EBS' then ( + select tags from aws_ebs_snapshot where arn = concat( + (string_to_array(r.recovery_point_arn, '::'))[1], + ':', + r.account_id, + ':', + (string_to_array(r.recovery_point_arn, '::'))[2] + ) + ) + when r.resource_type = 'EC2' then ( + select tags from aws_ec2_ami where image_id = (string_to_array(r.recovery_point_arn, '::image/'))[2] + ) + when r.resource_type in ('S3', 'EFS') then r.tags + end as tags, + r.region, + r.account_id + from + aws_backup_recovery_point as r; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_report_plan_1.yaml b/queries/aws_backup_report_plan_1.yaml index b0de35c92..8c88e46ee 100755 --- a/queries/aws_backup_report_plan_1.yaml +++ b/queries/aws_backup_report_plan_1.yaml @@ -1,7 +1,7 @@ ID: aws_backup_report_plan_1 Title: "List all AWS Backup Report Plan details" Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_report_plan_1.yaml.bak b/queries/aws_backup_report_plan_1.yaml.bak new file mode 100755 index 000000000..b0de35c92 --- /dev/null +++ b/queries/aws_backup_report_plan_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_backup_report_plan_1 +Title: "List all AWS Backup Report Plan details" +Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + description, + creation_time, + last_attempted_execution_time, + deployment_status + from + aws_backup_report_plan; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_report_plan_2.yaml b/queries/aws_backup_report_plan_2.yaml index 76751422c..197affcc1 100755 --- a/queries/aws_backup_report_plan_2.yaml +++ b/queries/aws_backup_report_plan_2.yaml @@ -1,7 +1,7 @@ ID: aws_backup_report_plan_2 Title: "List all AWS Backup Report Plan data details" Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_report_plan_2.yaml.bak b/queries/aws_backup_report_plan_2.yaml.bak new file mode 100755 index 000000000..76751422c --- /dev/null +++ b/queries/aws_backup_report_plan_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_backup_report_plan_2 +Title: "List all AWS Backup Report Plan data details" +Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + description, + creation_time, + last_attempted_execution_time, + deployment_status + from + aws_backup_report_plan + where + creation_time <= (current_date - interval '90' day) + order by + creation_time; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_report_plan_3.yaml b/queries/aws_backup_report_plan_3.yaml index 6d480bce2..df6b40069 100755 --- a/queries/aws_backup_report_plan_3.yaml +++ b/queries/aws_backup_report_plan_3.yaml @@ -1,7 +1,7 @@ ID: aws_backup_report_plan_3 Title: "List AWS Backup Report Plan Data with Details" Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_report_plan_3.yaml.bak b/queries/aws_backup_report_plan_3.yaml.bak new file mode 100755 index 000000000..6d480bce2 --- /dev/null +++ b/queries/aws_backup_report_plan_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_backup_report_plan_3 +Title: "List AWS Backup Report Plan Data with Details" +Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + description, + creation_time, + last_attempted_execution_time, + deployment_status + from + aws_backup_report_plan + where + last_successful_execution_time > current_date - 7 + order by + last_successful_execution_time; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_report_plan_4.yaml b/queries/aws_backup_report_plan_4.yaml index c64756aed..20c40a9e1 100755 --- a/queries/aws_backup_report_plan_4.yaml +++ b/queries/aws_backup_report_plan_4.yaml @@ -1,7 +1,7 @@ ID: aws_backup_report_plan_4 Title: "List AWS Backup Report Plan Data Details" Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_report_plan_4.yaml.bak b/queries/aws_backup_report_plan_4.yaml.bak new file mode 100755 index 000000000..c64756aed --- /dev/null +++ b/queries/aws_backup_report_plan_4.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_backup_report_plan_4 +Title: "List AWS Backup Report Plan Data Details" +Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + description, + creation_time, + report_setting ->> 'ReportTemplate' as report_template, + report_setting ->> 'Accounts' as accounts, + report_setting ->> 'FrameworkArns' as framework_arns, + report_setting ->> 'NumberOfFrameworks' as number_of_frameworks, + report_setting ->> 'OrganizationUnits' as organization_units, + report_setting ->> 'Regions' as regions + from + aws_backup_report_plan + where + title = 'backup_jobs_report_12_07_2023'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Backup diff --git a/queries/aws_backup_report_plan_5.yaml b/queries/aws_backup_report_plan_5.yaml index 2957b9040..d7ae1cc19 100755 --- a/queries/aws_backup_report_plan_5.yaml +++ b/queries/aws_backup_report_plan_5.yaml @@ -1,7 +1,7 @@ ID: aws_backup_report_plan_5 Title: "Query AWS Backup Report Plan Details" Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_report_plan_5.yaml.bak b/queries/aws_backup_report_plan_5.yaml.bak new file mode 100755 index 000000000..2957b9040 --- /dev/null +++ b/queries/aws_backup_report_plan_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_backup_report_plan_5 +Title: "Query AWS Backup Report Plan Details" +Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + description, + creation_time, + last_attempted_execution_time, + deployment_status + from + aws_backup_report_plan + where + deployment_status = 'COMPLETED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Backup Report Plan diff --git a/queries/aws_backup_report_plan_6.yaml b/queries/aws_backup_report_plan_6.yaml index 9683ed2e6..9bfa7b6ee 100755 --- a/queries/aws_backup_report_plan_6.yaml +++ b/queries/aws_backup_report_plan_6.yaml @@ -1,7 +1,7 @@ ID: aws_backup_report_plan_6 Title: "Query AWS Backup Report Plan data with details" Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_report_plan_6.yaml.bak b/queries/aws_backup_report_plan_6.yaml.bak new file mode 100755 index 000000000..9683ed2e6 --- /dev/null +++ b/queries/aws_backup_report_plan_6.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_backup_report_plan_6 +Title: "Query AWS Backup Report Plan data with details" +Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + description, + creation_time, + report_delivery_channel ->> 'Formats' as formats, + report_delivery_channel ->> 'S3BucketName' as s3_bucket_name, + report_delivery_channel ->> 'S3KeyPrefix' as s3_key_prefix + from + aws_backup_report_plan + where + title = 'backup_jobs_report_12_07_2023'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup Report Plan diff --git a/queries/aws_backup_selection_1.yaml b/queries/aws_backup_selection_1.yaml index b5f3e010b..5ce6627d7 100755 --- a/queries/aws_backup_selection_1.yaml +++ b/queries/aws_backup_selection_1.yaml @@ -1,7 +1,7 @@ ID: aws_backup_selection_1 Title: "Find AWS Backup Selections Information" Description: "Allows users to query AWS Backup Selections to obtain detailed information about the backup selection resources within AWS Backup service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_selection_1.yaml.bak b/queries/aws_backup_selection_1.yaml.bak new file mode 100755 index 000000000..b5f3e010b --- /dev/null +++ b/queries/aws_backup_selection_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_backup_selection_1 +Title: "Find AWS Backup Selections Information" +Description: "Allows users to query AWS Backup Selections to obtain detailed information about the backup selection resources within AWS Backup service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + selection_name, + backup_plan_id, + iam_role_arn, + region, + account_id + from + aws_backup_selection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_selection_2.yaml b/queries/aws_backup_selection_2.yaml index 19d65c4a2..4007dca63 100755 --- a/queries/aws_backup_selection_2.yaml +++ b/queries/aws_backup_selection_2.yaml @@ -1,7 +1,7 @@ ID: aws_backup_selection_2 Title: "List all AWS Backup Selection Details" Description: "Allows users to query AWS Backup Selections to obtain detailed information about the backup selection resources within AWS Backup service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_selection_2.yaml.bak b/queries/aws_backup_selection_2.yaml.bak new file mode 100755 index 000000000..4007dca63 --- /dev/null +++ b/queries/aws_backup_selection_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_backup_selection_2 +Title: "List all AWS Backup Selection Details" +Description: "Allows users to query AWS Backup Selections to obtain detailed information about the backup selection resources within AWS Backup service." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with filtered_data as ( + select + backup_plan_id, + jsonb_agg(r) as assigned_resource + from + aws_backup_selection, + jsonb_array_elements(resources) as r + group by backup_plan_id + ) + select + v.volume_id, + v.region, + v.account_id + from + aws_ebs_volume as v + join filtered_data t on t.assigned_resource ?| array[v.arn]; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_selection_2.yaml.bak.bak b/queries/aws_backup_selection_2.yaml.bak.bak new file mode 100755 index 000000000..4007dca63 --- /dev/null +++ b/queries/aws_backup_selection_2.yaml.bak.bak @@ -0,0 +1,34 @@ +ID: aws_backup_selection_2 +Title: "List all AWS Backup Selection Details" +Description: "Allows users to query AWS Backup Selections to obtain detailed information about the backup selection resources within AWS Backup service." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with filtered_data as ( + select + backup_plan_id, + jsonb_agg(r) as assigned_resource + from + aws_backup_selection, + jsonb_array_elements(resources) as r + group by backup_plan_id + ) + select + v.volume_id, + v.region, + v.account_id + from + aws_ebs_volume as v + join filtered_data t on t.assigned_resource ?| array[v.arn]; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_vault_1.yaml b/queries/aws_backup_vault_1.yaml index 248b24bf3..dd4d02c46 100755 --- a/queries/aws_backup_vault_1.yaml +++ b/queries/aws_backup_vault_1.yaml @@ -1,7 +1,7 @@ ID: aws_backup_vault_1 Title: "Query AWS Backup Vaults for Detailed Information" Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_vault_1.yaml.bak b/queries/aws_backup_vault_1.yaml.bak new file mode 100755 index 000000000..248b24bf3 --- /dev/null +++ b/queries/aws_backup_vault_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_backup_vault_1 +Title: "Query AWS Backup Vaults for Detailed Information" +Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_date + from + aws_backup_vault; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Backup diff --git a/queries/aws_backup_vault_2.yaml b/queries/aws_backup_vault_2.yaml index 4350b642b..38b6938c1 100755 --- a/queries/aws_backup_vault_2.yaml +++ b/queries/aws_backup_vault_2.yaml @@ -1,7 +1,7 @@ ID: aws_backup_vault_2 Title: "List all AWS Backup Vaults with Detailed Information" Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_vault_2.yaml.bak b/queries/aws_backup_vault_2.yaml.bak new file mode 100755 index 000000000..38b6938c1 --- /dev/null +++ b/queries/aws_backup_vault_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_backup_vault_2 +Title: "List all AWS Backup Vaults with Detailed Information" +Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_date + from + aws_backup_vault + where + creation_date <= (current_date - interval '90' day) + order by + creation_date; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Backup diff --git a/queries/aws_backup_vault_2.yaml.bak.bak b/queries/aws_backup_vault_2.yaml.bak.bak new file mode 100755 index 000000000..38b6938c1 --- /dev/null +++ b/queries/aws_backup_vault_2.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_backup_vault_2 +Title: "List all AWS Backup Vaults with Detailed Information" +Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_date + from + aws_backup_vault + where + creation_date <= (current_date - interval '90' day) + order by + creation_date; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Backup diff --git a/queries/aws_backup_vault_3.yaml b/queries/aws_backup_vault_3.yaml index 6083cbdd8..b3694c9b9 100755 --- a/queries/aws_backup_vault_3.yaml +++ b/queries/aws_backup_vault_3.yaml @@ -1,7 +1,7 @@ ID: aws_backup_vault_3 Title: "Find AWS Backup Vaults with Specific Policy Details" Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_vault_3.yaml.bak b/queries/aws_backup_vault_3.yaml.bak new file mode 100755 index 000000000..6083cbdd8 --- /dev/null +++ b/queries/aws_backup_vault_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_backup_vault_3 +Title: "Find AWS Backup Vaults with Specific Policy Details" +Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name + from + aws_backup_vault, + jsonb_array_elements(policy -> 'Statement') as s + where + s ->> 'Principal' = '*' + and s ->> 'Effect' != 'Deny' + and s ->> 'Action' like '%DeleteBackupVault%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Backup Vault diff --git a/queries/aws_backup_vault_4.yaml b/queries/aws_backup_vault_4.yaml index e82af78d7..14f28844d 100755 --- a/queries/aws_backup_vault_4.yaml +++ b/queries/aws_backup_vault_4.yaml @@ -1,7 +1,7 @@ ID: aws_backup_vault_4 Title: "Find all AWS Backup Vaults with Details" Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_backup_vault_4.yaml.bak b/queries/aws_backup_vault_4.yaml.bak new file mode 100755 index 000000000..e82af78d7 --- /dev/null +++ b/queries/aws_backup_vault_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_backup_vault_4 +Title: "Find all AWS Backup Vaults with Details" +Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + jsonb_pretty(policy) as policy, + jsonb_pretty(policy_std) as policy_std + from + aws_backup_vault; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Backup diff --git a/queries/aws_cloudcontrol_resource_1.yaml b/queries/aws_cloudcontrol_resource_1.yaml index 1c4512c31..2a858c613 100755 --- a/queries/aws_cloudcontrol_resource_1.yaml +++ b/queries/aws_cloudcontrol_resource_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudcontrol_resource_1 Title: "Find AWS Cloud Control API Resource Data for AWS Lambda" Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudcontrol_resource_1.yaml.bak b/queries/aws_cloudcontrol_resource_1.yaml.bak new file mode 100755 index 000000000..1c4512c31 --- /dev/null +++ b/queries/aws_cloudcontrol_resource_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_cloudcontrol_resource_1 +Title: "Find AWS Cloud Control API Resource Data for AWS Lambda" +Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + identifier, + properties ->> 'Arn' as arn, + properties ->> 'MemorySize' as memory_size, + properties ->> 'Runtime' as runtime, + region + from + aws_cloudcontrol_resource + where + type_name = 'AWS::Lambda::Function'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cloud Control API diff --git a/queries/aws_cloudcontrol_resource_2.yaml b/queries/aws_cloudcontrol_resource_2.yaml index a6bf858c6..c2531dce6 100755 --- a/queries/aws_cloudcontrol_resource_2.yaml +++ b/queries/aws_cloudcontrol_resource_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudcontrol_resource_2 Title: "Find AWS Cloud Control API Resource Data" Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudcontrol_resource_2.yaml.bak b/queries/aws_cloudcontrol_resource_2.yaml.bak new file mode 100755 index 000000000..a6bf858c6 --- /dev/null +++ b/queries/aws_cloudcontrol_resource_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_cloudcontrol_resource_2 +Title: "Find AWS Cloud Control API Resource Data" +Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + identifier, + properties ->> 'AlpnPolicy' as alpn_policy, + properties ->> 'Certificates' as certificates, + properties ->> 'Port' as port, + properties ->> 'Protocol' as protocol, + region, + account_id + from + aws_cloudcontrol_resource + where + type_name = 'AWS::ElasticLoadBalancingV2::Listener' + and resource_model = '{"LoadBalancerArn": "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/app/test-lb/4e695b8755d7003c"}' + and region = 'us-east-1'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Control diff --git a/queries/aws_cloudcontrol_resource_3.yaml b/queries/aws_cloudcontrol_resource_3.yaml index 94e205480..e047de6a2 100755 --- a/queries/aws_cloudcontrol_resource_3.yaml +++ b/queries/aws_cloudcontrol_resource_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudcontrol_resource_3 Title: "Find AWS Cloud Control API Resource using SQL" Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudcontrol_resource_3.yaml.bak b/queries/aws_cloudcontrol_resource_3.yaml.bak new file mode 100755 index 000000000..e047de6a2 --- /dev/null +++ b/queries/aws_cloudcontrol_resource_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cloudcontrol_resource_3 +Title: "Find AWS Cloud Control API Resource using SQL" +Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + identifier, + properties ->> 'IncludeGlobalServiceEvents' as include_global_service_events, + properties ->> 'IsLogging' as is_logging, + properties ->> 'IsMultiRegionTrail' as is_multi_region_trail, + region + from + aws_cloudcontrol_resource + where + type_name = 'AWS::CloudTrail::Trail' + and identifier = 'my-trail'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Control API Resource diff --git a/queries/aws_cloudcontrol_resource_3.yaml.bak.bak b/queries/aws_cloudcontrol_resource_3.yaml.bak.bak new file mode 100755 index 000000000..e047de6a2 --- /dev/null +++ b/queries/aws_cloudcontrol_resource_3.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_cloudcontrol_resource_3 +Title: "Find AWS Cloud Control API Resource using SQL" +Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + identifier, + properties ->> 'IncludeGlobalServiceEvents' as include_global_service_events, + properties ->> 'IsLogging' as is_logging, + properties ->> 'IsMultiRegionTrail' as is_multi_region_trail, + region + from + aws_cloudcontrol_resource + where + type_name = 'AWS::CloudTrail::Trail' + and identifier = 'my-trail'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Control API Resource diff --git a/queries/aws_cloudcontrol_resource_4.yaml b/queries/aws_cloudcontrol_resource_4.yaml index 460b40227..fbeecbfd2 100755 --- a/queries/aws_cloudcontrol_resource_4.yaml +++ b/queries/aws_cloudcontrol_resource_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudcontrol_resource_4 Title: "List all AWS IAM Roles in us-east-1 using SQL" Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudcontrol_resource_4.yaml.bak b/queries/aws_cloudcontrol_resource_4.yaml.bak new file mode 100755 index 000000000..460b40227 --- /dev/null +++ b/queries/aws_cloudcontrol_resource_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cloudcontrol_resource_4 +Title: "List all AWS IAM Roles in us-east-1 using SQL" +Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + properties ->> 'RoleName' as name + from + aws_cloudcontrol_resource + where + type_name = 'AWS::IAM::Role' + and region = 'us-east-1' + order by + name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Control API diff --git a/queries/aws_cloudformation_stack_1.yaml b/queries/aws_cloudformation_stack_1.yaml index 3144213c4..3e8043ae5 100755 --- a/queries/aws_cloudformation_stack_1.yaml +++ b/queries/aws_cloudformation_stack_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_1 Title: "List all AWS CloudFormation Stacks with Details" Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_1.yaml.bak b/queries/aws_cloudformation_stack_1.yaml.bak new file mode 100755 index 000000000..3144213c4 --- /dev/null +++ b/queries/aws_cloudformation_stack_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudformation_stack_1 +Title: "List all AWS CloudFormation Stacks with Details" +Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + status + from + aws_cloudformation_stack; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation Stack diff --git a/queries/aws_cloudformation_stack_2.yaml b/queries/aws_cloudformation_stack_2.yaml index 7e1bec9a2..ab291d71f 100755 --- a/queries/aws_cloudformation_stack_2.yaml +++ b/queries/aws_cloudformation_stack_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_2 Title: "List AWS CloudFormation Stack data and status" Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_2.yaml.bak b/queries/aws_cloudformation_stack_2.yaml.bak new file mode 100755 index 000000000..ab291d71f --- /dev/null +++ b/queries/aws_cloudformation_stack_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_cloudformation_stack_2 +Title: "List AWS CloudFormation Stack data and status" +Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + disable_rollback + from + aws_cloudformation_stack + where + disable_rollback; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudformation_stack_2.yaml.bak.bak b/queries/aws_cloudformation_stack_2.yaml.bak.bak new file mode 100755 index 000000000..ab291d71f --- /dev/null +++ b/queries/aws_cloudformation_stack_2.yaml.bak.bak @@ -0,0 +1,25 @@ +ID: aws_cloudformation_stack_2 +Title: "List AWS CloudFormation Stack data and status" +Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + disable_rollback + from + aws_cloudformation_stack + where + disable_rollback; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudformation_stack_3.yaml b/queries/aws_cloudformation_stack_3.yaml index b01464fca..22e9e99e3 100755 --- a/queries/aws_cloudformation_stack_3.yaml +++ b/queries/aws_cloudformation_stack_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_3 Title: "List AWS CloudFormation Stack Data with SQL" Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_3.yaml.bak b/queries/aws_cloudformation_stack_3.yaml.bak new file mode 100755 index 000000000..b01464fca --- /dev/null +++ b/queries/aws_cloudformation_stack_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_cloudformation_stack_3 +Title: "List AWS CloudFormation Stack Data with SQL" +Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + enable_termination_protection + from + aws_cloudformation_stack + where + not enable_termination_protection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudformation_stack_4.yaml b/queries/aws_cloudformation_stack_4.yaml index 38bc53905..47fe43440 100755 --- a/queries/aws_cloudformation_stack_4.yaml +++ b/queries/aws_cloudformation_stack_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_4 Title: "Find AWS CloudFormation Stack Data, Status, and Tags" Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_4.yaml.bak b/queries/aws_cloudformation_stack_4.yaml.bak new file mode 100755 index 000000000..38bc53905 --- /dev/null +++ b/queries/aws_cloudformation_stack_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudformation_stack_4 +Title: "Find AWS CloudFormation Stack Data, Status, and Tags" +Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + rollback_configuration ->> 'MonitoringTimeInMinutes' as monitoring_time_in_min, + rollback_configuration ->> 'RollbackTriggers' as rollback_triggers + from + aws_cloudformation_stack; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudformation_stack_5.yaml b/queries/aws_cloudformation_stack_5.yaml index 07527aaad..bdf0b0e7f 100755 --- a/queries/aws_cloudformation_stack_5.yaml +++ b/queries/aws_cloudformation_stack_5.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_5 Title: "List all AWS CloudFormation Stacks and Resource ARNs" Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_5.yaml.bak b/queries/aws_cloudformation_stack_5.yaml.bak new file mode 100755 index 000000000..07527aaad --- /dev/null +++ b/queries/aws_cloudformation_stack_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_cloudformation_stack_5 +Title: "List all AWS CloudFormation Stacks and Resource ARNs" +Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + jsonb_array_elements_text(notification_arns) as resource_arns + from + aws_cloudformation_stack; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudformation_stack_resource_1.yaml b/queries/aws_cloudformation_stack_resource_1.yaml index 1339c60aa..e5c72d714 100755 --- a/queries/aws_cloudformation_stack_resource_1.yaml +++ b/queries/aws_cloudformation_stack_resource_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_resource_1 Title: "Find AWS CloudFormation Stack Resource Information" Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_resource_1.yaml.bak b/queries/aws_cloudformation_stack_resource_1.yaml.bak new file mode 100755 index 000000000..1339c60aa --- /dev/null +++ b/queries/aws_cloudformation_stack_resource_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cloudformation_stack_resource_1 +Title: "Find AWS CloudFormation Stack Resource Information" +Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stack_name, + stack_id, + logical_resource_id, + resource_type, + resource_status + from + aws_cloudformation_stack_resource; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudformation_stack_resource_2.yaml b/queries/aws_cloudformation_stack_resource_2.yaml index 4e2642cd6..ecef23fcc 100755 --- a/queries/aws_cloudformation_stack_resource_2.yaml +++ b/queries/aws_cloudformation_stack_resource_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_resource_2 Title: "Find AWS CloudFormation Stack Resource Details and Status" Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_resource_2.yaml.bak b/queries/aws_cloudformation_stack_resource_2.yaml.bak new file mode 100755 index 000000000..4e2642cd6 --- /dev/null +++ b/queries/aws_cloudformation_stack_resource_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cloudformation_stack_resource_2 +Title: "Find AWS CloudFormation Stack Resource Details and Status" +Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.name, + s.disable_rollback, + r.logical_resource_id, + r.resource_status + from + aws_cloudformation_stack_resource as r, + aws_cloudformation_stack as s + where + r.stack_id = s.id + and s.disable_rollback; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudformation_stack_resource_3.yaml b/queries/aws_cloudformation_stack_resource_3.yaml index ab6022207..ad64693f0 100755 --- a/queries/aws_cloudformation_stack_resource_3.yaml +++ b/queries/aws_cloudformation_stack_resource_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_resource_3 Title: "List all AWS CloudFormation Stack Resources with Details" Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_resource_3.yaml.bak b/queries/aws_cloudformation_stack_resource_3.yaml.bak new file mode 100755 index 000000000..ab6022207 --- /dev/null +++ b/queries/aws_cloudformation_stack_resource_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_cloudformation_stack_resource_3 +Title: "List all AWS CloudFormation Stack Resources with Details" +Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.name, + s.enable_termination_protection, + s.disable_rollback, + r.logical_resource_id, + r.resource_status + from + aws_cloudformation_stack_resource as r, + aws_cloudformation_stack as s + where + r.stack_id = s.id + and not enable_termination_protection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudformation_stack_resource_4.yaml b/queries/aws_cloudformation_stack_resource_4.yaml index a5b6e4d70..aff7862ae 100755 --- a/queries/aws_cloudformation_stack_resource_4.yaml +++ b/queries/aws_cloudformation_stack_resource_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_resource_4 Title: "Find AWS CloudFormation Stack Resource Details" Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_resource_4.yaml.bak b/queries/aws_cloudformation_stack_resource_4.yaml.bak new file mode 100755 index 000000000..a5b6e4d70 --- /dev/null +++ b/queries/aws_cloudformation_stack_resource_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cloudformation_stack_resource_4 +Title: "Find AWS CloudFormation Stack Resource Details" +Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stack_name, + stack_id, + logical_resource_id, + resource_status, + resource_type + from + aws_cloudformation_stack_resource + where + resource_type = 'AWS::EC2::VPC'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudformation_stack_resource_5.yaml b/queries/aws_cloudformation_stack_resource_5.yaml index fc21225df..64f88ef23 100755 --- a/queries/aws_cloudformation_stack_resource_5.yaml +++ b/queries/aws_cloudformation_stack_resource_5.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_resource_5 Title: "List all AWS CloudFormation Stack Resources’ Details" Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_resource_5.yaml.bak b/queries/aws_cloudformation_stack_resource_5.yaml.bak new file mode 100755 index 000000000..fc21225df --- /dev/null +++ b/queries/aws_cloudformation_stack_resource_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudformation_stack_resource_5 +Title: "List all AWS CloudFormation Stack Resources’ Details" +Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stack_name, + logical_resource_id, + resource_status, + resource_type + from + aws_cloudformation_stack_resource + where + resource_status = 'UPDATE_FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudformation_stack_set_1.yaml b/queries/aws_cloudformation_stack_set_1.yaml index 09e2c8f49..4c920f3a3 100755 --- a/queries/aws_cloudformation_stack_set_1.yaml +++ b/queries/aws_cloudformation_stack_set_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_set_1 Title: "List all AWS CloudFormation StackSets configurations" Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_set_1.yaml.bak b/queries/aws_cloudformation_stack_set_1.yaml.bak new file mode 100755 index 000000000..09e2c8f49 --- /dev/null +++ b/queries/aws_cloudformation_stack_set_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudformation_stack_set_1 +Title: "List all AWS CloudFormation StackSets configurations" +Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stack_set_id, + stack_set_name, + status, + arn, + description + from + aws_cloudformation_stack_set; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudformation_stack_set_2.yaml b/queries/aws_cloudformation_stack_set_2.yaml index 9f3220e32..97bfad0cc 100755 --- a/queries/aws_cloudformation_stack_set_2.yaml +++ b/queries/aws_cloudformation_stack_set_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_set_2 Title: "List all AWS CloudFormation StackSets and Associated Resources" Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_set_2.yaml.bak b/queries/aws_cloudformation_stack_set_2.yaml.bak new file mode 100755 index 000000000..9f3220e32 --- /dev/null +++ b/queries/aws_cloudformation_stack_set_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_cloudformation_stack_set_2 +Title: "List all AWS CloudFormation StackSets and Associated Resources" +Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stack_set_id, + stack_set_name, + status, + permission_model, + auto_deployment + from + aws_cloudformation_stack_set + where + status = 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudformation_stack_set_3.yaml b/queries/aws_cloudformation_stack_set_3.yaml index fb88df3dd..c01ad5a24 100755 --- a/queries/aws_cloudformation_stack_set_3.yaml +++ b/queries/aws_cloudformation_stack_set_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_set_3 Title: "List all AWS CloudFormation StackSets with Parameters" Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_set_3.yaml.bak b/queries/aws_cloudformation_stack_set_3.yaml.bak new file mode 100755 index 000000000..fb88df3dd --- /dev/null +++ b/queries/aws_cloudformation_stack_set_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_cloudformation_stack_set_3 +Title: "List all AWS CloudFormation StackSets with Parameters" +Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stack_set_name, + stack_set_id, + p ->> 'ParameterKey' as parameter_key, + p ->> 'ParameterValue' as parameter_value, + p ->> 'ResolvedValue' as resolved_value, + p ->> 'UsePreviousValue' as use_previous_value + from + aws_cloudformation_stack_set, + jsonb_array_elements(parameters) as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudformation_stack_set_4.yaml b/queries/aws_cloudformation_stack_set_4.yaml index 4fabbe9ce..9b90f5065 100755 --- a/queries/aws_cloudformation_stack_set_4.yaml +++ b/queries/aws_cloudformation_stack_set_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudformation_stack_set_4 Title: "List all detailed AWS CloudFormation StackSets status" Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudformation_stack_set_4.yaml.bak b/queries/aws_cloudformation_stack_set_4.yaml.bak new file mode 100755 index 000000000..4fabbe9ce --- /dev/null +++ b/queries/aws_cloudformation_stack_set_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cloudformation_stack_set_4 +Title: "List all detailed AWS CloudFormation StackSets status" +Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stack_set_name, + stack_set_id, + stack_set_drift_detection_details ->> 'DriftDetectionStatus' as drift_detection_status, + stack_set_drift_detection_details ->> 'DriftStatus' as drift_status, + stack_set_drift_detection_details ->> 'DriftedStackInstancesCount' as drifted_stack_instances_count, + stack_set_drift_detection_details ->> 'FailedStackInstancesCount' as failed_stack_instances_count, + stack_set_drift_detection_details ->> 'InProgressStackInstancesCount' as in_progress_stack_instances_count, + stack_set_drift_detection_details ->> 'InSyncStackInstancesCount' as in_sync_stack_instances_count, + stack_set_drift_detection_details ->> 'LastDriftCheckTimestamp' as last_drift_check_timestamp, + stack_set_drift_detection_details ->> 'TotalStackInstancesCount' as total_stack_instances_count + from + aws_cloudformation_stack_set; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFormation diff --git a/queries/aws_cloudfront_cache_policy_1.yaml b/queries/aws_cloudfront_cache_policy_1.yaml index e70a60167..7a52a6b30 100755 --- a/queries/aws_cloudfront_cache_policy_1.yaml +++ b/queries/aws_cloudfront_cache_policy_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_cache_policy_1 Title: "List AWS CloudFront Cache Policies Details" Description: "Allows users to query AWS CloudFront Cache Policies for details about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_cache_policy_1.yaml.bak b/queries/aws_cloudfront_cache_policy_1.yaml.bak new file mode 100755 index 000000000..e70a60167 --- /dev/null +++ b/queries/aws_cloudfront_cache_policy_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cloudfront_cache_policy_1 +Title: "List AWS CloudFront Cache Policies Details" +Description: "Allows users to query AWS CloudFront Cache Policies for details about their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + comment, + min_ttl, + etag, + last_modified_time + from + aws_cloudfront_cache_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_cache_policy_2.yaml b/queries/aws_cloudfront_cache_policy_2.yaml index 4ed572093..079d63285 100755 --- a/queries/aws_cloudfront_cache_policy_2.yaml +++ b/queries/aws_cloudfront_cache_policy_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_cache_policy_2 Title: "Find AWS CloudFront Cache Policies and Details" Description: "Allows users to query AWS CloudFront Cache Policies for details about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_cache_policy_2.yaml.bak b/queries/aws_cloudfront_cache_policy_2.yaml.bak new file mode 100755 index 000000000..4ed572093 --- /dev/null +++ b/queries/aws_cloudfront_cache_policy_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cloudfront_cache_policy_2 +Title: "Find AWS CloudFront Cache Policies and Details" +Description: "Allows users to query AWS CloudFront Cache Policies for details about their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingGzip' as enable_gzip + from + aws_cloudfront_cache_policy + where + parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingGzip' <> 'true'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_cache_policy_3.yaml b/queries/aws_cloudfront_cache_policy_3.yaml index f6a1e605d..916733a18 100755 --- a/queries/aws_cloudfront_cache_policy_3.yaml +++ b/queries/aws_cloudfront_cache_policy_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_cache_policy_3 Title: "List AWS CloudFront Cache Policies and Their States" Description: "Allows users to query AWS CloudFront Cache Policies for details about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_cache_policy_3.yaml.bak b/queries/aws_cloudfront_cache_policy_3.yaml.bak new file mode 100755 index 000000000..f6a1e605d --- /dev/null +++ b/queries/aws_cloudfront_cache_policy_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudfront_cache_policy_3 +Title: "List AWS CloudFront Cache Policies and Their States" +Description: "Allows users to query AWS CloudFront Cache Policies for details about their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingBrotli' as enable_brotli + from + aws_cloudfront_cache_policy + where + parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingBrotli' <> 'true'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_distribution_1.yaml b/queries/aws_cloudfront_distribution_1.yaml index 47648e756..e63fa43c6 100755 --- a/queries/aws_cloudfront_distribution_1.yaml +++ b/queries/aws_cloudfront_distribution_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_distribution_1 Title: "List all AWS CloudFront Distributions and Metadata" Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_distribution_1.yaml.bak b/queries/aws_cloudfront_distribution_1.yaml.bak new file mode 100755 index 000000000..47648e756 --- /dev/null +++ b/queries/aws_cloudfront_distribution_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cloudfront_distribution_1 +Title: "List all AWS CloudFront Distributions and Metadata" +Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + status, + domain_name, + enabled, + e_tag, + http_version, + is_ipv6_enabled + from + aws_cloudfront_distribution; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_distribution_2.yaml b/queries/aws_cloudfront_distribution_2.yaml index 482ac5867..58b054d0b 100755 --- a/queries/aws_cloudfront_distribution_2.yaml +++ b/queries/aws_cloudfront_distribution_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_distribution_2 Title: "Find Disabled AWS CloudFront Distribution Logging" Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_distribution_2.yaml.bak b/queries/aws_cloudfront_distribution_2.yaml.bak new file mode 100755 index 000000000..482ac5867 --- /dev/null +++ b/queries/aws_cloudfront_distribution_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cloudfront_distribution_2 +Title: "Find Disabled AWS CloudFront Distribution Logging" +Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + logging ->> 'Bucket' as bucket, + logging ->> 'Enabled' as logging_enabled, + logging ->> 'IncludeCookies' as include_cookies + from + aws_cloudfront_distribution + where + logging ->> 'Enabled' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_distribution_3.yaml b/queries/aws_cloudfront_distribution_3.yaml index de0b7f33d..9a3c7607e 100755 --- a/queries/aws_cloudfront_distribution_3.yaml +++ b/queries/aws_cloudfront_distribution_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_distribution_3 Title: "List all AWS CloudFront Distributions and Their Configurations" Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_distribution_3.yaml.bak b/queries/aws_cloudfront_distribution_3.yaml.bak new file mode 100755 index 000000000..de0b7f33d --- /dev/null +++ b/queries/aws_cloudfront_distribution_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudfront_distribution_3 +Title: "List all AWS CloudFront Distributions and Their Configurations" +Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + status, + is_ipv6_enabled + from + aws_cloudfront_distribution + where + is_ipv6_enabled = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_distribution_4.yaml b/queries/aws_cloudfront_distribution_4.yaml index 2058cae87..ec0cccc85 100755 --- a/queries/aws_cloudfront_distribution_4.yaml +++ b/queries/aws_cloudfront_distribution_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_distribution_4 Title: "Find details of AWS CloudFront Distributions with SQL" Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_distribution_4.yaml.bak b/queries/aws_cloudfront_distribution_4.yaml.bak new file mode 100755 index 000000000..ec0cccc85 --- /dev/null +++ b/queries/aws_cloudfront_distribution_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cloudfront_distribution_4 +Title: "Find details of AWS CloudFront Distributions with SQL" +Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + default_cache_behavior ->> 'FieldLevelEncryptionId' as field_level_encryption_id, + default_cache_behavior ->> 'DefaultTTL' as default_ttl + from + aws_cloudfront_distribution + where + default_cache_behavior ->> 'FieldLevelEncryptionId' <> ''; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_distribution_4.yaml.bak.bak b/queries/aws_cloudfront_distribution_4.yaml.bak.bak new file mode 100755 index 000000000..ec0cccc85 --- /dev/null +++ b/queries/aws_cloudfront_distribution_4.yaml.bak.bak @@ -0,0 +1,31 @@ +ID: aws_cloudfront_distribution_4 +Title: "Find details of AWS CloudFront Distributions with SQL" +Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + default_cache_behavior ->> 'FieldLevelEncryptionId' as field_level_encryption_id, + default_cache_behavior ->> 'DefaultTTL' as default_ttl + from + aws_cloudfront_distribution + where + default_cache_behavior ->> 'FieldLevelEncryptionId' <> ''; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_distribution_5.yaml b/queries/aws_cloudfront_distribution_5.yaml index a95d3ad46..6960fa94e 100755 --- a/queries/aws_cloudfront_distribution_5.yaml +++ b/queries/aws_cloudfront_distribution_5.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_distribution_5 Title: "Query AWS CloudFront Distributions and Insights" Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_distribution_5.yaml.bak b/queries/aws_cloudfront_distribution_5.yaml.bak new file mode 100755 index 000000000..a95d3ad46 --- /dev/null +++ b/queries/aws_cloudfront_distribution_5.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_cloudfront_distribution_5 +Title: "Query AWS CloudFront Distributions and Insights" +Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + p -> 'CustomOriginConfig' -> 'HTTPPort' as http_port, + p -> 'CustomOriginConfig' -> 'HTTPSPort' as https_port, + p -> 'CustomOriginConfig' -> 'OriginKeepaliveTimeout' as origin_keepalive_timeout, + p -> 'CustomOriginConfig' -> 'OriginProtocolPolicy' as origin_protocol_policy + from + aws_cloudfront_distribution, + jsonb_array_elements(origins) as p + where + p -> 'CustomOriginConfig' ->> 'OriginProtocolPolicy' = 'https-only'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_distribution_6.yaml b/queries/aws_cloudfront_distribution_6.yaml index d5e0dcc9a..b04f88c57 100755 --- a/queries/aws_cloudfront_distribution_6.yaml +++ b/queries/aws_cloudfront_distribution_6.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_distribution_6 Title: "Find AWS CloudFront Distributions Configuration & Status" Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_distribution_6.yaml.bak b/queries/aws_cloudfront_distribution_6.yaml.bak new file mode 100755 index 000000000..d5e0dcc9a --- /dev/null +++ b/queries/aws_cloudfront_distribution_6.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_cloudfront_distribution_6 +Title: "Find AWS CloudFront Distributions Configuration & Status" +Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + p -> 'CustomOriginConfig' -> 'OriginSslProtocols' -> 'Items' as items, + p -> 'CustomOriginConfig' -> 'OriginSslProtocols' -> 'Quantity' as quantity + from + aws_cloudfront_distribution, + jsonb_array_elements(origins) as p + where + p -> 'CustomOriginConfig' -> 'OriginSslProtocols' -> 'Items' ?& array['SSLv3']; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_function_1.yaml b/queries/aws_cloudfront_function_1.yaml index 0ca0362b9..f0275d969 100755 --- a/queries/aws_cloudfront_function_1.yaml +++ b/queries/aws_cloudfront_function_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_function_1 Title: "List all AWS CloudFront Functions with details" Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_function_1.yaml.bak b/queries/aws_cloudfront_function_1.yaml.bak new file mode 100755 index 000000000..f0275d969 --- /dev/null +++ b/queries/aws_cloudfront_function_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudfront_function_1 +Title: "List all AWS CloudFront Functions with details" +Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + status, + arn, + e_tag, + function_config + from + aws_cloudfront_function; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_function_1.yaml.bak.bak b/queries/aws_cloudfront_function_1.yaml.bak.bak new file mode 100755 index 000000000..f0275d969 --- /dev/null +++ b/queries/aws_cloudfront_function_1.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_cloudfront_function_1 +Title: "List all AWS CloudFront Functions with details" +Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + status, + arn, + e_tag, + function_config + from + aws_cloudfront_function; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_function_2.yaml b/queries/aws_cloudfront_function_2.yaml index 9be64516f..cf3a72b07 100755 --- a/queries/aws_cloudfront_function_2.yaml +++ b/queries/aws_cloudfront_function_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_function_2 Title: "List All AWS CloudFront Functions with Detailed Info" Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_function_2.yaml.bak b/queries/aws_cloudfront_function_2.yaml.bak new file mode 100755 index 000000000..9be64516f --- /dev/null +++ b/queries/aws_cloudfront_function_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cloudfront_function_2 +Title: "List All AWS CloudFront Functions with Detailed Info" +Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + function_config ->> 'Comment' as comment, + arn, + status, + e_tag + from + aws_cloudfront_function + where + function_metadata ->> 'Stage' = 'LIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_function_3.yaml b/queries/aws_cloudfront_function_3.yaml index d14a6c618..ea27d2c24 100755 --- a/queries/aws_cloudfront_function_3.yaml +++ b/queries/aws_cloudfront_function_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_function_3 Title: "List AWS CloudFront Functions by ARN, Stage, and Status" Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_function_3.yaml.bak b/queries/aws_cloudfront_function_3.yaml.bak new file mode 100755 index 000000000..d14a6c618 --- /dev/null +++ b/queries/aws_cloudfront_function_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cloudfront_function_3 +Title: "List AWS CloudFront Functions by ARN, Stage, and Status" +Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + function_metadata ->> 'Stage' as stage, + status, + function_metadata ->> 'CreatedTime' as created_time, + function_metadata ->> 'LastModifiedTime' as last_modified_time + from + aws_cloudfront_function + order by + function_metadata ->> 'CreatedTime' DESC; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_function_4.yaml b/queries/aws_cloudfront_function_4.yaml index f725dc286..c1ea3b8dc 100755 --- a/queries/aws_cloudfront_function_4.yaml +++ b/queries/aws_cloudfront_function_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_function_4 Title: "List of AWS CloudFront Functions with Detailed Information" Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_function_4.yaml.bak b/queries/aws_cloudfront_function_4.yaml.bak new file mode 100755 index 000000000..f725dc286 --- /dev/null +++ b/queries/aws_cloudfront_function_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_cloudfront_function_4 +Title: "List of AWS CloudFront Functions with Detailed Information" +Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + function_metadata ->> 'Stage' as stage, + status, + function_metadata ->> 'LastModifiedTime' as last_modified_time + from + aws_cloudfront_function + where + (function_metadata ->> 'LastModifiedTime')::timestamp >= (now() - interval '1' hour) + order by + function_metadata ->> 'LastModifiedTime' DESC; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_origin_access_identity_1.yaml b/queries/aws_cloudfront_origin_access_identity_1.yaml index b496f852b..8747be97f 100755 --- a/queries/aws_cloudfront_origin_access_identity_1.yaml +++ b/queries/aws_cloudfront_origin_access_identity_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_origin_access_identity_1 Title: "Find AWS CloudFront Origin Access Identities and Details" Description: "Allows users to query AWS CloudFront Origin Access Identity to fetch detailed information about each identity, including its ID, S3 canonical user ID, caller reference, and associated comment." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_origin_access_identity_1.yaml.bak b/queries/aws_cloudfront_origin_access_identity_1.yaml.bak new file mode 100755 index 000000000..b496f852b --- /dev/null +++ b/queries/aws_cloudfront_origin_access_identity_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cloudfront_origin_access_identity_1 +Title: "Find AWS CloudFront Origin Access Identities and Details" +Description: "Allows users to query AWS CloudFront Origin Access Identity to fetch detailed information about each identity, including its ID, S3 canonical user ID, caller reference, and associated comment." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + comment, + s3_canonical_user_id, + etag + from + aws_cloudfront_origin_access_identity; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_origin_access_identity_2.yaml b/queries/aws_cloudfront_origin_access_identity_2.yaml index 40537a949..fecd78b8a 100755 --- a/queries/aws_cloudfront_origin_access_identity_2.yaml +++ b/queries/aws_cloudfront_origin_access_identity_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_origin_access_identity_2 Title: "Find all AWS CloudFront Origin Access Identity details" Description: "Allows users to query AWS CloudFront Origin Access Identity to fetch detailed information about each identity, including its ID, S3 canonical user ID, caller reference, and associated comment." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_origin_access_identity_2.yaml.bak b/queries/aws_cloudfront_origin_access_identity_2.yaml.bak new file mode 100755 index 000000000..fecd78b8a --- /dev/null +++ b/queries/aws_cloudfront_origin_access_identity_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudfront_origin_access_identity_2 +Title: "Find all AWS CloudFront Origin Access Identity details" +Description: "Allows users to query AWS CloudFront Origin Access Identity to fetch detailed information about each identity, including its ID, S3 canonical user ID, caller reference, and associated comment." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + comment, + caller_reference + from + aws_cloudfront_origin_access_identity + where + comment <> ''; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_origin_access_identity_2.yaml.bak.bak b/queries/aws_cloudfront_origin_access_identity_2.yaml.bak.bak new file mode 100755 index 000000000..fecd78b8a --- /dev/null +++ b/queries/aws_cloudfront_origin_access_identity_2.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_cloudfront_origin_access_identity_2 +Title: "Find all AWS CloudFront Origin Access Identity details" +Description: "Allows users to query AWS CloudFront Origin Access Identity to fetch detailed information about each identity, including its ID, S3 canonical user ID, caller reference, and associated comment." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + comment, + caller_reference + from + aws_cloudfront_origin_access_identity + where + comment <> ''; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_origin_request_policy_1.yaml b/queries/aws_cloudfront_origin_request_policy_1.yaml index ee2e25547..624d2ce0f 100755 --- a/queries/aws_cloudfront_origin_request_policy_1.yaml +++ b/queries/aws_cloudfront_origin_request_policy_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_origin_request_policy_1 Title: "List all AWS CloudFront Origin Request Policies" Description: "Allows users to query AWS CloudFront Origin Request Policies, providing details about each policy such as ID, name, comment, cookies configuration, headers configuration, query strings configuration, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_origin_request_policy_1.yaml.bak b/queries/aws_cloudfront_origin_request_policy_1.yaml.bak new file mode 100755 index 000000000..ee2e25547 --- /dev/null +++ b/queries/aws_cloudfront_origin_request_policy_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudfront_origin_request_policy_1 +Title: "List all AWS CloudFront Origin Request Policies" +Description: "Allows users to query AWS CloudFront Origin Request Policies, providing details about each policy such as ID, name, comment, cookies configuration, headers configuration, query strings configuration, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + comment, + etag, + last_modified_time + from + aws_cloudfront_origin_request_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_origin_request_policy_2.yaml b/queries/aws_cloudfront_origin_request_policy_2.yaml index 232c1e5bb..74ec784ca 100755 --- a/queries/aws_cloudfront_origin_request_policy_2.yaml +++ b/queries/aws_cloudfront_origin_request_policy_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_origin_request_policy_2 Title: "List all AWS CloudFront Origin Request Policies" Description: "Allows users to query AWS CloudFront Origin Request Policies, providing details about each policy such as ID, name, comment, cookies configuration, headers configuration, query strings configuration, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_origin_request_policy_2.yaml.bak b/queries/aws_cloudfront_origin_request_policy_2.yaml.bak new file mode 100755 index 000000000..232c1e5bb --- /dev/null +++ b/queries/aws_cloudfront_origin_request_policy_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_cloudfront_origin_request_policy_2 +Title: "List all AWS CloudFront Origin Request Policies" +Description: "Allows users to query AWS CloudFront Origin Request Policies, providing details about each policy such as ID, name, comment, cookies configuration, headers configuration, query strings configuration, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + headers_config ->> 'HeaderBehavior' as header_behavior, + headers_config ->> 'Headers' as headers + from + aws_cloudfront_origin_request_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_response_headers_policy_1.yaml b/queries/aws_cloudfront_response_headers_policy_1.yaml index 32661080a..d199d01d8 100755 --- a/queries/aws_cloudfront_response_headers_policy_1.yaml +++ b/queries/aws_cloudfront_response_headers_policy_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_response_headers_policy_1 Title: "List all AWS CloudFront Response Headers Policies" Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_response_headers_policy_1.yaml.bak b/queries/aws_cloudfront_response_headers_policy_1.yaml.bak new file mode 100755 index 000000000..32661080a --- /dev/null +++ b/queries/aws_cloudfront_response_headers_policy_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudfront_response_headers_policy_1 +Title: "List all AWS CloudFront Response Headers Policies" +Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + response_headers_policy_config ->> 'Comment' as description, + type, + last_modified_time + from + aws_cloudfront_response_headers_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_response_headers_policy_2.yaml b/queries/aws_cloudfront_response_headers_policy_2.yaml index e26e11058..e74e285cc 100755 --- a/queries/aws_cloudfront_response_headers_policy_2.yaml +++ b/queries/aws_cloudfront_response_headers_policy_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_response_headers_policy_2 Title: "Find AWS CloudFront Response Headers Policies" Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_response_headers_policy_2.yaml.bak b/queries/aws_cloudfront_response_headers_policy_2.yaml.bak new file mode 100755 index 000000000..e26e11058 --- /dev/null +++ b/queries/aws_cloudfront_response_headers_policy_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cloudfront_response_headers_policy_2 +Title: "Find AWS CloudFront Response Headers Policies" +Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + response_headers_policy_config ->> 'Comment' as description, + type, + last_modified_time + from + aws_cloudfront_response_headers_policy + where + type = 'custom'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_response_headers_policy_3.yaml b/queries/aws_cloudfront_response_headers_policy_3.yaml index 421521e24..10d2c227d 100755 --- a/queries/aws_cloudfront_response_headers_policy_3.yaml +++ b/queries/aws_cloudfront_response_headers_policy_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudfront_response_headers_policy_3 Title: "Find AWS CloudFront Response Headers Policies Info" Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudfront_response_headers_policy_3.yaml.bak b/queries/aws_cloudfront_response_headers_policy_3.yaml.bak new file mode 100755 index 000000000..10d2c227d --- /dev/null +++ b/queries/aws_cloudfront_response_headers_policy_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cloudfront_response_headers_policy_3 +Title: "Find AWS CloudFront Response Headers Policies Info" +Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + last_modified_time + from + aws_cloudfront_response_headers_policy + where + last_modified_time >= (now() - interval '1' hour) + order by + last_modified_time DESC; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudfront_response_headers_policy_3.yaml.bak.bak b/queries/aws_cloudfront_response_headers_policy_3.yaml.bak.bak new file mode 100755 index 000000000..10d2c227d --- /dev/null +++ b/queries/aws_cloudfront_response_headers_policy_3.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_cloudfront_response_headers_policy_3 +Title: "Find AWS CloudFront Response Headers Policies Info" +Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + last_modified_time + from + aws_cloudfront_response_headers_policy + where + last_modified_time >= (now() - interval '1' hour) + order by + last_modified_time DESC; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudFront diff --git a/queries/aws_cloudsearch_domain_1.yaml b/queries/aws_cloudsearch_domain_1.yaml index d26a3026b..a356c34f2 100755 --- a/queries/aws_cloudsearch_domain_1.yaml +++ b/queries/aws_cloudsearch_domain_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudsearch_domain_1 Title: "List all AWS CloudSearch Domain Details" Description: "Allows users to query AWS CloudSearch Domain to retrieve detailed information about each search domain configured within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudsearch_domain_1.yaml.bak b/queries/aws_cloudsearch_domain_1.yaml.bak new file mode 100755 index 000000000..d26a3026b --- /dev/null +++ b/queries/aws_cloudsearch_domain_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudsearch_domain_1 +Title: "List all AWS CloudSearch Domain Details" +Description: "Allows users to query AWS CloudSearch Domain to retrieve detailed information about each search domain configured within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + arn, + created, + search_instance_type, + search_instance_count + from + aws_cloudsearch_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudSearch diff --git a/queries/aws_cloudsearch_domain_2.yaml b/queries/aws_cloudsearch_domain_2.yaml index fd7b9a33c..ebd575dae 100755 --- a/queries/aws_cloudsearch_domain_2.yaml +++ b/queries/aws_cloudsearch_domain_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudsearch_domain_2 Title: "List AWS CloudSearch Domains and Their Details" Description: "Allows users to query AWS CloudSearch Domain to retrieve detailed information about each search domain configured within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudsearch_domain_2.yaml.bak b/queries/aws_cloudsearch_domain_2.yaml.bak new file mode 100755 index 000000000..fd7b9a33c --- /dev/null +++ b/queries/aws_cloudsearch_domain_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cloudsearch_domain_2 +Title: "List AWS CloudSearch Domains and Their Details" +Description: "Allows users to query AWS CloudSearch Domain to retrieve detailed information about each search domain configured within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + arn, + created, + search_instance_type + from + aws_cloudsearch_domain + where + search_instance_type = 'search.small'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudSearch diff --git a/queries/aws_cloudsearch_domain_3.yaml b/queries/aws_cloudsearch_domain_3.yaml index 7d641bc25..5bb3d0fdf 100755 --- a/queries/aws_cloudsearch_domain_3.yaml +++ b/queries/aws_cloudsearch_domain_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudsearch_domain_3 Title: "List All AWS CloudSearch Domains with Detailed Info" Description: "Allows users to query AWS CloudSearch Domain to retrieve detailed information about each search domain configured within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudsearch_domain_3.yaml.bak b/queries/aws_cloudsearch_domain_3.yaml.bak new file mode 100755 index 000000000..7d641bc25 --- /dev/null +++ b/queries/aws_cloudsearch_domain_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudsearch_domain_3 +Title: "List All AWS CloudSearch Domains with Detailed Info" +Description: "Allows users to query AWS CloudSearch Domain to retrieve detailed information about each search domain configured within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + search_service ->> 'Endpoint' as search_service_endpoint, + limits ->> 'MaximumPartitionCount' as maximum_partition_count, + limits ->> 'MaximumReplicationCount' as maximum_replication_count + from + aws_cloudsearch_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudSearch diff --git a/queries/aws_cloudtrail_channel_1.yaml b/queries/aws_cloudtrail_channel_1.yaml index 3baeeb48a..883d851eb 100755 --- a/queries/aws_cloudtrail_channel_1.yaml +++ b/queries/aws_cloudtrail_channel_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_channel_1 Title: "Find AWS CloudTrail Channel Configurations with SQL" Description: "Allows users to query AWS CloudTrail Channel data, including trail configurations, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_channel_1.yaml.bak b/queries/aws_cloudtrail_channel_1.yaml.bak new file mode 100755 index 000000000..3baeeb48a --- /dev/null +++ b/queries/aws_cloudtrail_channel_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudtrail_channel_1 +Title: "Find AWS CloudTrail Channel Configurations with SQL" +Description: "Allows users to query AWS CloudTrail Channel data, including trail configurations, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + source, + apply_to_all_regions + from + aws_cloudtrail_channel; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_channel_2.yaml b/queries/aws_cloudtrail_channel_2.yaml index 652886899..5ae063788 100755 --- a/queries/aws_cloudtrail_channel_2.yaml +++ b/queries/aws_cloudtrail_channel_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_channel_2 Title: "List all AWS CloudTrail Channel data and configurations" Description: "Allows users to query AWS CloudTrail Channel data, including trail configurations, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_channel_2.yaml.bak b/queries/aws_cloudtrail_channel_2.yaml.bak new file mode 100755 index 000000000..652886899 --- /dev/null +++ b/queries/aws_cloudtrail_channel_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_cloudtrail_channel_2 +Title: "List all AWS CloudTrail Channel data and configurations" +Description: "Allows users to query AWS CloudTrail Channel data, including trail configurations, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + source, + apply_to_all_regions, + advanced_event_selectors + from + aws_cloudtrail_channel + where + not apply_to_all_regions; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_channel_3.yaml b/queries/aws_cloudtrail_channel_3.yaml index 488aaa644..f3005ba2c 100755 --- a/queries/aws_cloudtrail_channel_3.yaml +++ b/queries/aws_cloudtrail_channel_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_channel_3 Title: "List all AWS CloudTrail Channel Data and Metadata" Description: "Allows users to query AWS CloudTrail Channel data, including trail configurations, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_channel_3.yaml.bak b/queries/aws_cloudtrail_channel_3.yaml.bak new file mode 100755 index 000000000..488aaa644 --- /dev/null +++ b/queries/aws_cloudtrail_channel_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_cloudtrail_channel_3 +Title: "List all AWS CloudTrail Channel Data and Metadata" +Description: "Allows users to query AWS CloudTrail Channel data, including trail configurations, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + a ->> 'Name' as advanced_event_selector_name, + a ->> 'FieldSelectors' as field_selectors + from + aws_cloudtrail_channel, + jsonb_array_elements(advanced_event_selectors) as a; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_event_data_store_1.yaml b/queries/aws_cloudtrail_event_data_store_1.yaml index e47f688df..f87e6ea50 100755 --- a/queries/aws_cloudtrail_event_data_store_1.yaml +++ b/queries/aws_cloudtrail_event_data_store_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_event_data_store_1 Title: "List all AWS CloudTrail Event Data" Description: "Allows users to query AWS CloudTrail Event Data, providing information about API activity in AWS accounts. This includes details about API calls, logins, and other events captured by AWS CloudTrail." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_event_data_store_1.yaml.bak b/queries/aws_cloudtrail_event_data_store_1.yaml.bak new file mode 100755 index 000000000..e47f688df --- /dev/null +++ b/queries/aws_cloudtrail_event_data_store_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_cloudtrail_event_data_store_1 +Title: "List all AWS CloudTrail Event Data" +Description: "Allows users to query AWS CloudTrail Event Data, providing information about API activity in AWS accounts. This includes details about API calls, logins, and other events captured by AWS CloudTrail." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + status, + created_timestamp, + multi_region_enabled, + organization_enabled, + termination_protection_enabled + from + aws_cloudtrail_event_data_store; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_event_data_store_2.yaml b/queries/aws_cloudtrail_event_data_store_2.yaml index f3fb5f1bc..35170bb7a 100755 --- a/queries/aws_cloudtrail_event_data_store_2.yaml +++ b/queries/aws_cloudtrail_event_data_store_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_event_data_store_2 Title: "List API Activity in AWS Accounts with CloudTrail Data" Description: "Allows users to query AWS CloudTrail Event Data, providing information about API activity in AWS accounts. This includes details about API calls, logins, and other events captured by AWS CloudTrail." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_event_data_store_2.yaml.bak b/queries/aws_cloudtrail_event_data_store_2.yaml.bak new file mode 100755 index 000000000..f3fb5f1bc --- /dev/null +++ b/queries/aws_cloudtrail_event_data_store_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cloudtrail_event_data_store_2 +Title: "List API Activity in AWS Accounts with CloudTrail Data" +Description: "Allows users to query AWS CloudTrail Event Data, providing information about API activity in AWS accounts. This includes details about API calls, logins, and other events captured by AWS CloudTrail." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + status, + created_timestamp, + multi_region_enabled, + organization_enabled, + termination_protection_enabled + from + aws_cloudtrail_event_data_store + where + status <> 'ENABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_event_data_store_3.yaml b/queries/aws_cloudtrail_event_data_store_3.yaml index 4e302009f..ac1d096ec 100755 --- a/queries/aws_cloudtrail_event_data_store_3.yaml +++ b/queries/aws_cloudtrail_event_data_store_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_event_data_store_3 Title: "List all AWS CloudTrail Event Data and API Activity" Description: "Allows users to query AWS CloudTrail Event Data, providing information about API activity in AWS accounts. This includes details about API calls, logins, and other events captured by AWS CloudTrail." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_event_data_store_3.yaml.bak b/queries/aws_cloudtrail_event_data_store_3.yaml.bak new file mode 100755 index 000000000..4e302009f --- /dev/null +++ b/queries/aws_cloudtrail_event_data_store_3.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cloudtrail_event_data_store_3 +Title: "List all AWS CloudTrail Event Data and API Activity" +Description: "Allows users to query AWS CloudTrail Event Data, providing information about API activity in AWS accounts. This includes details about API calls, logins, and other events captured by AWS CloudTrail." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + status, + created_timestamp, + multi_region_enabled, + organization_enabled, + termination_protection_enabled + from + aws_cloudtrail_event_data_store + where + not termination_protection_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_import_1.yaml b/queries/aws_cloudtrail_import_1.yaml index 78a6cbaa2..a7e03dfc3 100755 --- a/queries/aws_cloudtrail_import_1.yaml +++ b/queries/aws_cloudtrail_import_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_import_1 Title: "Find all imported trail files from AWS CloudTrail" Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_import_1.yaml.bak b/queries/aws_cloudtrail_import_1.yaml.bak new file mode 100755 index 000000000..78a6cbaa2 --- /dev/null +++ b/queries/aws_cloudtrail_import_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_cloudtrail_import_1 +Title: "Find all imported trail files from AWS CloudTrail" +Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + import_id, + created_timestamp, + import_status, + destinations + from + aws_cloudtrail_import; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_import_2.yaml b/queries/aws_cloudtrail_import_2.yaml index 6b6c86bfd..dc49431ed 100755 --- a/queries/aws_cloudtrail_import_2.yaml +++ b/queries/aws_cloudtrail_import_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_import_2 Title: "List AWS CloudTrail Imports and Their Details" Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_import_2.yaml.bak b/queries/aws_cloudtrail_import_2.yaml.bak new file mode 100755 index 000000000..6b6c86bfd --- /dev/null +++ b/queries/aws_cloudtrail_import_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudtrail_import_2 +Title: "List AWS CloudTrail Imports and Their Details" +Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + import_id, + created_timestamp, + import_source + from + aws_cloudtrail_import + where + import_status <> 'COMPLETED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_import_3.yaml b/queries/aws_cloudtrail_import_3.yaml index a94dd2f28..9d04e2f75 100755 --- a/queries/aws_cloudtrail_import_3.yaml +++ b/queries/aws_cloudtrail_import_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_import_3 Title: "List all AWS CloudTrail Import Details" Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_import_3.yaml.bak b/queries/aws_cloudtrail_import_3.yaml.bak new file mode 100755 index 000000000..a94dd2f28 --- /dev/null +++ b/queries/aws_cloudtrail_import_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cloudtrail_import_3 +Title: "List all AWS CloudTrail Import Details" +Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + import_id, + created_timestamp, + import_status, + start_event_time, + end_event_time + from + aws_cloudtrail_import + where + created_timestamp >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_import_4.yaml b/queries/aws_cloudtrail_import_4.yaml index 0da403c99..499b330ab 100755 --- a/queries/aws_cloudtrail_import_4.yaml +++ b/queries/aws_cloudtrail_import_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_import_4 Title: "Find all AWS CloudTrail import details using SQL" Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_import_4.yaml.bak b/queries/aws_cloudtrail_import_4.yaml.bak new file mode 100755 index 000000000..0da403c99 --- /dev/null +++ b/queries/aws_cloudtrail_import_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudtrail_import_4 +Title: "Find all AWS CloudTrail import details using SQL" +Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + import_id, + import_status, + import_source ->> 'S3BucketAccessRoleArn' as s3_bucket_access_role_arn, + import_source ->> 'S3BucketRegion' as s3_bucket_region, + import_source ->> 'S3LocationUri' as s3_location_uri + from + aws_cloudtrail_import; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_import_5.yaml b/queries/aws_cloudtrail_import_5.yaml index 2b31f8b96..3bc7cf4bb 100755 --- a/queries/aws_cloudtrail_import_5.yaml +++ b/queries/aws_cloudtrail_import_5.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_import_5 Title: "List all AWS CloudTrail import details" Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_import_5.yaml.bak b/queries/aws_cloudtrail_import_5.yaml.bak new file mode 100755 index 000000000..3bc7cf4bb --- /dev/null +++ b/queries/aws_cloudtrail_import_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cloudtrail_import_5 +Title: "List all AWS CloudTrail import details" +Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + import_id, + import_status, + import_statistics -> 'EventsCompleted' as events_completed, + import_statistics -> 'FailedEntries' as failed_entries, + import_statistics -> 'FilesCompleted' as files_completed, + import_statistics -> 'FilesCompleted' as prefixes_completed, + import_statistics -> 'PrefixesFound' as PrefixesFound + from + aws_cloudtrail_import; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_import_5.yaml.bak.bak b/queries/aws_cloudtrail_import_5.yaml.bak.bak new file mode 100755 index 000000000..3bc7cf4bb --- /dev/null +++ b/queries/aws_cloudtrail_import_5.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_cloudtrail_import_5 +Title: "List all AWS CloudTrail import details" +Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + import_id, + import_status, + import_statistics -> 'EventsCompleted' as events_completed, + import_statistics -> 'FailedEntries' as failed_entries, + import_statistics -> 'FilesCompleted' as files_completed, + import_statistics -> 'FilesCompleted' as prefixes_completed, + import_statistics -> 'PrefixesFound' as PrefixesFound + from + aws_cloudtrail_import; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_lookup_event_1.yaml b/queries/aws_cloudtrail_lookup_event_1.yaml index 8a1c9e553..816b8c7d8 100755 --- a/queries/aws_cloudtrail_lookup_event_1.yaml +++ b/queries/aws_cloudtrail_lookup_event_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_lookup_event_1 Title: "Find AWS CloudTrail Lookup Events with SQL" Description: "Allows users to query AWS CloudTrail Lookup Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_lookup_event_1.yaml.bak b/queries/aws_cloudtrail_lookup_event_1.yaml.bak new file mode 100755 index 000000000..8a1c9e553 --- /dev/null +++ b/queries/aws_cloudtrail_lookup_event_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_cloudtrail_lookup_event_1 +Title: "Find AWS CloudTrail Lookup Events with SQL" +Description: "Allows users to query AWS CloudTrail Lookup Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + event_name, + event_source, + event_time, + username, + jsonb_pretty(cloud_trail_event) as cloud_trail_event + from + aws_cloudtrail_lookup_event + where + start_time = now() - interval '5 minutes' + and end_time = now(); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_lookup_event_2.yaml b/queries/aws_cloudtrail_lookup_event_2.yaml index 7fc6df876..d4afce7d7 100755 --- a/queries/aws_cloudtrail_lookup_event_2.yaml +++ b/queries/aws_cloudtrail_lookup_event_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_lookup_event_2 Title: "Find AWS CloudTrail Lookup Events for Specific Trail Events" Description: "Allows users to query AWS CloudTrail Lookup Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_lookup_event_2.yaml.bak b/queries/aws_cloudtrail_lookup_event_2.yaml.bak new file mode 100755 index 000000000..7fc6df876 --- /dev/null +++ b/queries/aws_cloudtrail_lookup_event_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cloudtrail_lookup_event_2 +Title: "Find AWS CloudTrail Lookup Events for Specific Trail Events" +Description: "Allows users to query AWS CloudTrail Lookup Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + event_name, + event_source, + event_time, + username, + jsonb_pretty(cloud_trail_event) as cloud_trail_event + from + aws_cloudtrail_lookup_event + where + start_time = now() + and end_time = now() - interval '1 hour' + and read_only = 'true' + order by + event_time asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_lookup_event_3.yaml b/queries/aws_cloudtrail_lookup_event_3.yaml index 9f7d2a689..0c1de03d9 100755 --- a/queries/aws_cloudtrail_lookup_event_3.yaml +++ b/queries/aws_cloudtrail_lookup_event_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_lookup_event_3 Title: "Find AWS CloudTrail Events with IAM Source" Description: "Allows users to query AWS CloudTrail Lookup Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_lookup_event_3.yaml.bak b/queries/aws_cloudtrail_lookup_event_3.yaml.bak new file mode 100755 index 000000000..9f7d2a689 --- /dev/null +++ b/queries/aws_cloudtrail_lookup_event_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_cloudtrail_lookup_event_3 +Title: "Find AWS CloudTrail Events with IAM Source" +Description: "Allows users to query AWS CloudTrail Lookup Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + event_name, + event_source, + event_time, + jsonb_pretty(cloud_trail_event) as cloud_trail_event + from + aws_cloudtrail_lookup_event + where + and event_source = 'iam.amazonaws.com' + and event_time >= now() - interval '1 hour'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_query_1.yaml b/queries/aws_cloudtrail_query_1.yaml index ef140bb52..43a7bfa56 100755 --- a/queries/aws_cloudtrail_query_1.yaml +++ b/queries/aws_cloudtrail_query_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_query_1 Title: "Find AWS CloudTrail events for account activity" Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_query_1.yaml.bak b/queries/aws_cloudtrail_query_1.yaml.bak new file mode 100755 index 000000000..ef140bb52 --- /dev/null +++ b/queries/aws_cloudtrail_query_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_cloudtrail_query_1 +Title: "Find AWS CloudTrail events for account activity" +Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + query_id, + event_data_store_arn, + query_status, + query_status, + creation_time, + events_matched, + events_scanned + from + aws_cloudtrail_query; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_query_2.yaml b/queries/aws_cloudtrail_query_2.yaml index 9829bbb78..5d03dd436 100755 --- a/queries/aws_cloudtrail_query_2.yaml +++ b/queries/aws_cloudtrail_query_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_query_2 Title: "Find failed AWS CloudTrail queries using SQL" Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_query_2.yaml.bak b/queries/aws_cloudtrail_query_2.yaml.bak new file mode 100755 index 000000000..9829bbb78 --- /dev/null +++ b/queries/aws_cloudtrail_query_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cloudtrail_query_2 +Title: "Find failed AWS CloudTrail queries using SQL" +Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + query_id, + event_data_store_arn, + query_status, + creation_time, + query_string, + execution_time_in_millis + from + aws_cloudtrail_query + where + query_status = 'FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_query_3.yaml b/queries/aws_cloudtrail_query_3.yaml index 099942b68..b7d9d4c4f 100755 --- a/queries/aws_cloudtrail_query_3.yaml +++ b/queries/aws_cloudtrail_query_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_query_3 Title: "Find all AWS CloudTrail events account activity" Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_query_3.yaml.bak b/queries/aws_cloudtrail_query_3.yaml.bak new file mode 100755 index 000000000..b7d9d4c4f --- /dev/null +++ b/queries/aws_cloudtrail_query_3.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_cloudtrail_query_3 +Title: "Find all AWS CloudTrail events account activity" +Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + q.query_id as query_id, + q.event_data_store_arn as event_data_store_arn, + s.name as event_data_store_name, + s.status as event_data_store_status, + s.multi_region_enabled as multi_region_enabled, + s.termination_protection_enabled as termination_protection_enabled, + s.updated_timestamp as event_data_store_updated_timestamp + from + aws_cloudtrail_query as q, + aws_cloudtrail_event_data_store as s + where + s.arn = q.event_data_store_arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_query_3.yaml.bak.bak b/queries/aws_cloudtrail_query_3.yaml.bak.bak new file mode 100755 index 000000000..b7d9d4c4f --- /dev/null +++ b/queries/aws_cloudtrail_query_3.yaml.bak.bak @@ -0,0 +1,35 @@ +ID: aws_cloudtrail_query_3 +Title: "Find all AWS CloudTrail events account activity" +Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + q.query_id as query_id, + q.event_data_store_arn as event_data_store_arn, + s.name as event_data_store_name, + s.status as event_data_store_status, + s.multi_region_enabled as multi_region_enabled, + s.termination_protection_enabled as termination_protection_enabled, + s.updated_timestamp as event_data_store_updated_timestamp + from + aws_cloudtrail_query as q, + aws_cloudtrail_event_data_store as s + where + s.arn = q.event_data_store_arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_query_4.yaml b/queries/aws_cloudtrail_query_4.yaml index c346b1b8a..8de0184ff 100755 --- a/queries/aws_cloudtrail_query_4.yaml +++ b/queries/aws_cloudtrail_query_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_query_4 Title: "Find all AWS CloudTrail events for account activities" Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_query_4.yaml.bak b/queries/aws_cloudtrail_query_4.yaml.bak new file mode 100755 index 000000000..c346b1b8a --- /dev/null +++ b/queries/aws_cloudtrail_query_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cloudtrail_query_4 +Title: "Find all AWS CloudTrail events for account activities" +Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + query_id, + event_data_store_arn, + query_status, + creation_time, + query_string, + execution_time_in_millis + from + aws_cloudtrail_query + where + creation_time <= now() - interval '3' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_1.yaml b/queries/aws_cloudtrail_trail_1.yaml index a52827a14..3c6f97a20 100755 --- a/queries/aws_cloudtrail_trail_1.yaml +++ b/queries/aws_cloudtrail_trail_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_1 Title: "List all AWS CloudTrail Trail Records" Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_1.yaml.bak b/queries/aws_cloudtrail_trail_1.yaml.bak new file mode 100755 index 000000000..a52827a14 --- /dev/null +++ b/queries/aws_cloudtrail_trail_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudtrail_trail_1 +Title: "List all AWS CloudTrail Trail Records" +Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + home_region, + is_multi_region_trail + from + aws_cloudtrail_trail + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_2.yaml b/queries/aws_cloudtrail_trail_2.yaml index 519f32843..4dcca66b0 100755 --- a/queries/aws_cloudtrail_trail_2.yaml +++ b/queries/aws_cloudtrail_trail_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_2 Title: "List all AWS CloudTrail Trails with Trail Records" Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_2.yaml.bak b/queries/aws_cloudtrail_trail_2.yaml.bak new file mode 100755 index 000000000..519f32843 --- /dev/null +++ b/queries/aws_cloudtrail_trail_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudtrail_trail_2 +Title: "List all AWS CloudTrail Trails with Trail Records" +Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + kms_key_id + from + aws_cloudtrail_trail + where + kms_key_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_3.yaml b/queries/aws_cloudtrail_trail_3.yaml index c1480a1c4..7ae79c0ad 100755 --- a/queries/aws_cloudtrail_trail_3.yaml +++ b/queries/aws_cloudtrail_trail_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_3 Title: "Find AWS CloudTrail Trail and Public S3 Bucket Info" Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_3.yaml.bak b/queries/aws_cloudtrail_trail_3.yaml.bak new file mode 100755 index 000000000..c1480a1c4 --- /dev/null +++ b/queries/aws_cloudtrail_trail_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cloudtrail_trail_3 +Title: "Find AWS CloudTrail Trail and Public S3 Bucket Info" +Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + trail.name as trail_name, + bucket.name as bucket_name, + bucket.bucket_policy_is_public as is_publicly_accessible + from + aws_cloudtrail_trail as trail + join aws_s3_bucket as bucket on trail.s3_bucket_name = bucket.name + where + bucket.bucket_policy_is_public; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_4.yaml b/queries/aws_cloudtrail_trail_4.yaml index 45ff8d747..8b43ee668 100755 --- a/queries/aws_cloudtrail_trail_4.yaml +++ b/queries/aws_cloudtrail_trail_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_4 Title: "List all AWS CloudTrail Trails with Bucket Details" Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_4.yaml.bak b/queries/aws_cloudtrail_trail_4.yaml.bak new file mode 100755 index 000000000..45ff8d747 --- /dev/null +++ b/queries/aws_cloudtrail_trail_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudtrail_trail_4 +Title: "List all AWS CloudTrail Trails with Bucket Details" +Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + trail.name as trail_name, + bucket.name as bucket_name, + logging + from + aws_cloudtrail_trail as trail + join aws_s3_bucket as bucket on trail.s3_bucket_name = bucket.name + where + not versioning_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS CloudTrail diff --git a/queries/aws_cloudtrail_trail_5.yaml b/queries/aws_cloudtrail_trail_5.yaml index 6497ca674..2fd3b8fa8 100755 --- a/queries/aws_cloudtrail_trail_5.yaml +++ b/queries/aws_cloudtrail_trail_5.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_5 Title: "List all AWS CloudTrail Trails configuration and metadata" Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_5.yaml.bak b/queries/aws_cloudtrail_trail_5.yaml.bak new file mode 100755 index 000000000..6497ca674 --- /dev/null +++ b/queries/aws_cloudtrail_trail_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudtrail_trail_5 +Title: "List all AWS CloudTrail Trails configuration and metadata" +Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + is_logging + from + aws_cloudtrail_trail + where + not is_logging; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_6.yaml b/queries/aws_cloudtrail_trail_6.yaml index 933b01ef3..7c425a600 100755 --- a/queries/aws_cloudtrail_trail_6.yaml +++ b/queries/aws_cloudtrail_trail_6.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_6 Title: "List all AWS CloudTrail Trails and their Status" Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_6.yaml.bak b/queries/aws_cloudtrail_trail_6.yaml.bak new file mode 100755 index 000000000..933b01ef3 --- /dev/null +++ b/queries/aws_cloudtrail_trail_6.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudtrail_trail_6 +Title: "List all AWS CloudTrail Trails and their Status" +Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + log_file_validation_enabled + from + aws_cloudtrail_trail + where + not log_file_validation_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_7.yaml b/queries/aws_cloudtrail_trail_7.yaml index 8bc27fe26..d5891364f 100755 --- a/queries/aws_cloudtrail_trail_7.yaml +++ b/queries/aws_cloudtrail_trail_7.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_7 Title: "List AWS CloudTrail Trails with Multi-Region Configuration" Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_7.yaml.bak b/queries/aws_cloudtrail_trail_7.yaml.bak new file mode 100755 index 000000000..d5891364f --- /dev/null +++ b/queries/aws_cloudtrail_trail_7.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cloudtrail_trail_7 +Title: "List AWS CloudTrail Trails with Multi-Region Configuration" +Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + region, + home_region + from + aws_cloudtrail_trail + where + is_multi_region_trail + and home_region <> region; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_7.yaml.bak.bak b/queries/aws_cloudtrail_trail_7.yaml.bak.bak new file mode 100755 index 000000000..d5891364f --- /dev/null +++ b/queries/aws_cloudtrail_trail_7.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_cloudtrail_trail_7 +Title: "List AWS CloudTrail Trails with Multi-Region Configuration" +Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + region, + home_region + from + aws_cloudtrail_trail + where + is_multi_region_trail + and home_region <> region; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_1.yaml b/queries/aws_cloudtrail_trail_event_1.yaml index b2b279aff..be7c460bf 100755 --- a/queries/aws_cloudtrail_trail_event_1.yaml +++ b/queries/aws_cloudtrail_trail_event_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_event_1 Title: "Find AWS CloudTrail Events with Details in Table Format" Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_event_1.yaml.bak b/queries/aws_cloudtrail_trail_event_1.yaml.bak new file mode 100755 index 000000000..b2b279aff --- /dev/null +++ b/queries/aws_cloudtrail_trail_event_1.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_cloudtrail_trail_event_1 +Title: "Find AWS CloudTrail Events with Details in Table Format" +Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + event_name, + event_source, + event_time, + user_type, + username, + user_identifier, + jsonb_pretty(response_elements) as response_elements + from + aws_cloudtrail_trail_event + where + log_group_name = 'aws-cloudtrail-log-group-name' + and timestamp >= now() - interval '5 minutes'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_2.yaml b/queries/aws_cloudtrail_trail_event_2.yaml index e87013c65..1ab82cac0 100755 --- a/queries/aws_cloudtrail_trail_event_2.yaml +++ b/queries/aws_cloudtrail_trail_event_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_event_2 Title: "Find CloudTrail Events in AWS with Event Details" Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_event_2.yaml.bak b/queries/aws_cloudtrail_trail_event_2.yaml.bak new file mode 100755 index 000000000..1ab82cac0 --- /dev/null +++ b/queries/aws_cloudtrail_trail_event_2.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_cloudtrail_trail_event_2 +Title: "Find CloudTrail Events in AWS with Event Details" +Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + event_name, + event_source, + event_time, + user_type, + username, + user_identifier, + jsonb_pretty(response_elements) as response_elements + from + aws_cloudtrail_trail_event + where + log_group_name = 'aws-cloudtrail-log-group-name' + and timestamp between (now() - interval '10 minutes') and (now() - interval '5 minutes') + order by + event_time asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_2.yaml.bak.bak b/queries/aws_cloudtrail_trail_event_2.yaml.bak.bak new file mode 100755 index 000000000..1ab82cac0 --- /dev/null +++ b/queries/aws_cloudtrail_trail_event_2.yaml.bak.bak @@ -0,0 +1,35 @@ +ID: aws_cloudtrail_trail_event_2 +Title: "Find CloudTrail Events in AWS with Event Details" +Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + event_name, + event_source, + event_time, + user_type, + username, + user_identifier, + jsonb_pretty(response_elements) as response_elements + from + aws_cloudtrail_trail_event + where + log_group_name = 'aws-cloudtrail-log-group-name' + and timestamp between (now() - interval '10 minutes') and (now() - interval '5 minutes') + order by + event_time asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_3.yaml b/queries/aws_cloudtrail_trail_event_3.yaml index 5d2ab506d..410f1374d 100755 --- a/queries/aws_cloudtrail_trail_event_3.yaml +++ b/queries/aws_cloudtrail_trail_event_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_event_3 Title: "Query AWS CloudTrail Events within AWS CloudTrail" Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_event_3.yaml.bak b/queries/aws_cloudtrail_trail_event_3.yaml.bak new file mode 100755 index 000000000..5d2ab506d --- /dev/null +++ b/queries/aws_cloudtrail_trail_event_3.yaml.bak @@ -0,0 +1,38 @@ +ID: aws_cloudtrail_trail_event_3 +Title: "Query AWS CloudTrail Events within AWS CloudTrail" +Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + event_name, + event_source, + event_time, + user_type, + username, + user_identifier, + jsonb_pretty(response_elements) as response_elements + from + aws_cloudtrail_trail_event + where + log_group_name = 'aws-cloudtrail-log-group-name' + and not read_only + and timestamp >= now() - interval '1 hour' + order by + event_time asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_4.yaml b/queries/aws_cloudtrail_trail_event_4.yaml index e992948c4..b3c06c13f 100755 --- a/queries/aws_cloudtrail_trail_event_4.yaml +++ b/queries/aws_cloudtrail_trail_event_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_event_4 Title: "Find AWS CloudTrail Events with Detailed Information" Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_event_4.yaml.bak b/queries/aws_cloudtrail_trail_event_4.yaml.bak new file mode 100755 index 000000000..e992948c4 --- /dev/null +++ b/queries/aws_cloudtrail_trail_event_4.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_cloudtrail_trail_event_4 +Title: "Find AWS CloudTrail Events with Detailed Information" +Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + event_name, + event_source, + event_time, + user_type, + user_identifier, + jsonb_pretty(request_parameters) as request_parameters, + jsonb_pretty(response_elements) as response_elements + from + aws_cloudtrail_trail_event + where + log_group_name = 'aws-cloudtrail-log-group-name' + and event_source = 'iam.amazonaws.com' + and timestamp >= now() - interval '1 hour' + order by + event_time asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_5.yaml b/queries/aws_cloudtrail_trail_event_5.yaml index e8e018019..2c571de30 100755 --- a/queries/aws_cloudtrail_trail_event_5.yaml +++ b/queries/aws_cloudtrail_trail_event_5.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_event_5 Title: "Find AWS CloudTrail Events with Detailed Information" Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_event_5.yaml.bak b/queries/aws_cloudtrail_trail_event_5.yaml.bak new file mode 100755 index 000000000..e8e018019 --- /dev/null +++ b/queries/aws_cloudtrail_trail_event_5.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_cloudtrail_trail_event_5 +Title: "Find AWS CloudTrail Events with Detailed Information" +Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + event_name, + event_source, + event_time, + user_type, + username, + user_identifier, + jsonb_pretty(request_parameters) as request_parameters, + jsonb_pretty(response_elements) as response_elements + from + aws_cloudtrail_trail_event + where + log_group_name = 'aws-cloudtrail-log-group-name' + and username = 'steampipe' + and timestamp >= now() - interval '1 hour' + order by + event_time asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_6.yaml b/queries/aws_cloudtrail_trail_event_6.yaml index 799950e1e..5af0db971 100755 --- a/queries/aws_cloudtrail_trail_event_6.yaml +++ b/queries/aws_cloudtrail_trail_event_6.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_event_6 Title: "Find AWS CloudTrail Events within AWS CloudTrail" Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_event_6.yaml.bak b/queries/aws_cloudtrail_trail_event_6.yaml.bak new file mode 100755 index 000000000..799950e1e --- /dev/null +++ b/queries/aws_cloudtrail_trail_event_6.yaml.bak @@ -0,0 +1,37 @@ +ID: aws_cloudtrail_trail_event_6 +Title: "Find AWS CloudTrail Events within AWS CloudTrail" +Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + event_name, + event_source, + event_time, + user_type, + username, + user_identifier, + jsonb_pretty(request_parameters) as request_parameters, + jsonb_pretty(response_elements) as response_elements + from + aws_cloudtrail_trail_event + where + log_group_name = 'aws-cloudtrail-log-group-name' + and user_type = 'IAMUser' + and timestamp >= now() - interval '1 hour' + order by + event_time asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_7.yaml b/queries/aws_cloudtrail_trail_event_7.yaml index 8b37fa5f6..0424a2257 100755 --- a/queries/aws_cloudtrail_trail_event_7.yaml +++ b/queries/aws_cloudtrail_trail_event_7.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_event_7 Title: "List all AWS CloudTrail Events using SQL Queries" Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_event_7.yaml.bak b/queries/aws_cloudtrail_trail_event_7.yaml.bak new file mode 100755 index 000000000..8b37fa5f6 --- /dev/null +++ b/queries/aws_cloudtrail_trail_event_7.yaml.bak @@ -0,0 +1,37 @@ +ID: aws_cloudtrail_trail_event_7 +Title: "List all AWS CloudTrail Events using SQL Queries" +Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + event_name, + event_source, + event_time, + user_type, + username, + user_identifier, + jsonb_pretty(request_parameters) as request_parameters, + jsonb_pretty(response_elements) as response_elements + from + aws_cloudtrail_trail_event + where + log_group_name = 'aws-cloudtrail-log-group-name' + and user_type = 'AssumedRole' + and timestamp >= now() - interval '1 hour' + order by + event_time asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_8.yaml b/queries/aws_cloudtrail_trail_event_8.yaml index 462b738bf..cdfe0bd01 100755 --- a/queries/aws_cloudtrail_trail_event_8.yaml +++ b/queries/aws_cloudtrail_trail_event_8.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_event_8 Title: "Find AWS CloudTrail Events With Errors From Last Hour" Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_event_8.yaml.bak b/queries/aws_cloudtrail_trail_event_8.yaml.bak new file mode 100755 index 000000000..462b738bf --- /dev/null +++ b/queries/aws_cloudtrail_trail_event_8.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_cloudtrail_trail_event_8 +Title: "Find AWS CloudTrail Events With Errors From Last Hour" +Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + event_name, + event_source, + event_time, + error_code, + error_message, + user_type, + username, + user_identifier, + jsonb_pretty(request_parameters) as request_parameters, + jsonb_pretty(response_elements) as response_elements + from + aws_cloudtrail_trail_event + where + log_group_name = 'aws-cloudtrail-log-group-name' + and error_code is not null + and timestamp >= now() - interval '1 hour' + order by + event_time asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_9.yaml b/queries/aws_cloudtrail_trail_event_9.yaml index db0fa273c..7bf4c9ab1 100755 --- a/queries/aws_cloudtrail_trail_event_9.yaml +++ b/queries/aws_cloudtrail_trail_event_9.yaml @@ -1,7 +1,7 @@ ID: aws_cloudtrail_trail_event_9 Title: "Find All AWS CloudTrail Events with Detailed Information" Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudtrail_trail_event_9.yaml.bak b/queries/aws_cloudtrail_trail_event_9.yaml.bak new file mode 100755 index 000000000..db0fa273c --- /dev/null +++ b/queries/aws_cloudtrail_trail_event_9.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_cloudtrail_trail_event_9 +Title: "Find All AWS CloudTrail Events with Detailed Information" +Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + event_name, + event_source, + event_time, + error_code, + error_message, + user_type, + username, + user_identifier, + jsonb_pretty(request_parameters) as request_parameters, + jsonb_pretty(response_elements) as response_elements + from + aws_cloudtrail_trail_event + where + log_group_name = 'aws-cloudtrail-log-group-name' + and filter = '{ $.sourceIPAddress = 203.189.* }' + and timestamp >= now() - interval '1 hour' + order by + event_time asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudTrail diff --git a/queries/aws_cloudwatch_alarm_1.yaml b/queries/aws_cloudwatch_alarm_1.yaml index 506959842..95a9ab6e8 100755 --- a/queries/aws_cloudwatch_alarm_1.yaml +++ b/queries/aws_cloudwatch_alarm_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_alarm_1 Title: "List all AWS CloudWatch Alarms with Detailed Configuration" Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_alarm_1.yaml.bak b/queries/aws_cloudwatch_alarm_1.yaml.bak new file mode 100755 index 000000000..506959842 --- /dev/null +++ b/queries/aws_cloudwatch_alarm_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_cloudwatch_alarm_1 +Title: "List all AWS CloudWatch Alarms with Detailed Configuration" +Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + state_value, + metric_name, + actions_enabled, + comparison_operator, + namespace, + statistic + from + aws_cloudwatch_alarm; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_alarm_2.yaml b/queries/aws_cloudwatch_alarm_2.yaml index 9b83a4215..aea6d9413 100755 --- a/queries/aws_cloudwatch_alarm_2.yaml +++ b/queries/aws_cloudwatch_alarm_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_alarm_2 Title: "List AWS CloudWatch Alarms with Detailed Information" Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_alarm_2.yaml.bak b/queries/aws_cloudwatch_alarm_2.yaml.bak new file mode 100755 index 000000000..9b83a4215 --- /dev/null +++ b/queries/aws_cloudwatch_alarm_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudwatch_alarm_2 +Title: "List AWS CloudWatch Alarms with Detailed Information" +Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + state_value, + state_reason + from + aws_cloudwatch_alarm + where + state_value = 'ALARM'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_alarm_3.yaml b/queries/aws_cloudwatch_alarm_3.yaml index 21c89c132..35e1edade 100755 --- a/queries/aws_cloudwatch_alarm_3.yaml +++ b/queries/aws_cloudwatch_alarm_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_alarm_3 Title: "List all AWS CloudWatch Alarms with Details" Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_alarm_3.yaml.bak b/queries/aws_cloudwatch_alarm_3.yaml.bak new file mode 100755 index 000000000..21c89c132 --- /dev/null +++ b/queries/aws_cloudwatch_alarm_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudwatch_alarm_3 +Title: "List all AWS CloudWatch Alarms with Details" +Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + actions_enabled, + alarm_actions + from + aws_cloudwatch_alarm + where + actions_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_alarm_4.yaml b/queries/aws_cloudwatch_alarm_4.yaml index f4514730f..7bbbca03b 100755 --- a/queries/aws_cloudwatch_alarm_4.yaml +++ b/queries/aws_cloudwatch_alarm_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_alarm_4 Title: "List AWS CloudWatch Alarms with Metric Names" Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_alarm_4.yaml.bak b/queries/aws_cloudwatch_alarm_4.yaml.bak new file mode 100755 index 000000000..f4514730f --- /dev/null +++ b/queries/aws_cloudwatch_alarm_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cloudwatch_alarm_4 +Title: "List AWS CloudWatch Alarms with Metric Names" +Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + metric_name, + namespace, + period, + statistic, + dimensions + from + aws_cloudwatch_alarm + where + metric_name is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_alarm_5.yaml b/queries/aws_cloudwatch_alarm_5.yaml index 4ad8209ad..a099264a0 100755 --- a/queries/aws_cloudwatch_alarm_5.yaml +++ b/queries/aws_cloudwatch_alarm_5.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_alarm_5 Title: "Query AWS CloudWatch Alarms for Detailed Information" Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_alarm_5.yaml.bak b/queries/aws_cloudwatch_alarm_5.yaml.bak new file mode 100755 index 000000000..4ad8209ad --- /dev/null +++ b/queries/aws_cloudwatch_alarm_5.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cloudwatch_alarm_5 +Title: "Query AWS CloudWatch Alarms for Detailed Information" +Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + metric ->> 'Id' as metric_id, + metric ->> 'Expression' as metric_expression, + metric -> 'MetricStat' -> 'Metric' ->> 'MetricName' as metric_name, + metric -> 'MetricStat' -> 'Metric' ->> 'Namespace' as metric_namespace, + metric -> 'MetricStat' -> 'Metric' ->> 'Dimensions' as metric_dimensions, + metric ->> 'ReturnData' as metric_return_data + from + aws_cloudwatch_alarm, + jsonb_array_elements(metrics) as metric; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_1.yaml b/queries/aws_cloudwatch_log_event_1.yaml index e0449e8df..b96682e5a 100755 --- a/queries/aws_cloudwatch_log_event_1.yaml +++ b/queries/aws_cloudwatch_log_event_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_event_1 Title: "List AWS CloudWatch Log Events for Monitoring" Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_event_1.yaml.bak b/queries/aws_cloudwatch_log_event_1.yaml.bak new file mode 100755 index 000000000..e0449e8df --- /dev/null +++ b/queries/aws_cloudwatch_log_event_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_cloudwatch_log_event_1 +Title: "List AWS CloudWatch Log Events for Monitoring" +Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + log_stream_name, + event_id, + timestamp, + ingestion_time, + message + from + aws_cloudwatch_log_event + where + log_group_name = 'cloudwatch-log-event-group-name' + and timestamp >= now() - interval '5 minutes'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_2.yaml b/queries/aws_cloudwatch_log_event_2.yaml index d67fd1229..1fa849d31 100755 --- a/queries/aws_cloudwatch_log_event_2.yaml +++ b/queries/aws_cloudwatch_log_event_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_event_2 Title: "List all AWS CloudWatch Log Events for Monitoring" Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_event_2.yaml.bak b/queries/aws_cloudwatch_log_event_2.yaml.bak new file mode 100755 index 000000000..d67fd1229 --- /dev/null +++ b/queries/aws_cloudwatch_log_event_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_cloudwatch_log_event_2 +Title: "List all AWS CloudWatch Log Events for Monitoring" +Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + log_stream_name, + event_id, + timestamp, + ingestion_time, + message + from + aws_cloudwatch_log_event + where + log_group_name = 'cloudwatch-log-event-group-name' + and timestamp between (now() - interval '10 minutes') and (now() - interval '5 minutes') + order by + timestamp asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_3.yaml b/queries/aws_cloudwatch_log_event_3.yaml index 12a55314a..62da5b9ef 100755 --- a/queries/aws_cloudwatch_log_event_3.yaml +++ b/queries/aws_cloudwatch_log_event_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_event_3 Title: "Find AWS CloudWatch Log Events to Monitor Systems" Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_event_3.yaml.bak b/queries/aws_cloudwatch_log_event_3.yaml.bak new file mode 100755 index 000000000..12a55314a --- /dev/null +++ b/queries/aws_cloudwatch_log_event_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_cloudwatch_log_event_3 +Title: "Find AWS CloudWatch Log Events to Monitor Systems" +Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + log_stream_name, + event_id, + timestamp, + ingestion_time, + message + from + aws_cloudwatch_log_event + where + log_group_name = 'cloudwatch-log-event-group-name' + and filter = '{$.eventName="DescribeVpcs"}' + and timestamp >= now() - interval '1 hour'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_4.yaml b/queries/aws_cloudwatch_log_event_4.yaml index 835e45ddb..bc9740f36 100755 --- a/queries/aws_cloudwatch_log_event_4.yaml +++ b/queries/aws_cloudwatch_log_event_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_event_4 Title: "Query AWS CloudWatch Log Events for Unauthorized Access" Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_event_4.yaml.bak b/queries/aws_cloudwatch_log_event_4.yaml.bak new file mode 100755 index 000000000..835e45ddb --- /dev/null +++ b/queries/aws_cloudwatch_log_event_4.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_cloudwatch_log_event_4 +Title: "Query AWS CloudWatch Log Events for Unauthorized Access" +Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + log_stream_name, + event_id, + timestamp, + ingestion_time, + message + from + aws_cloudwatch_log_event + where + log_group_name = 'cloudwatch-log-event-group-name' + and filter = '{ ($.errorCode = "*UnauthorizedOperation") || ($.errorCode = "AccessDenied*") }' + and timestamp >= now() - interval '1 hour'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_5.yaml b/queries/aws_cloudwatch_log_event_5.yaml index 2e606a15c..9d2c9dd24 100755 --- a/queries/aws_cloudwatch_log_event_5.yaml +++ b/queries/aws_cloudwatch_log_event_5.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_event_5 Title: "Find All AWS CloudWatch Log Events for Security Groups" Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_event_5.yaml.bak b/queries/aws_cloudwatch_log_event_5.yaml.bak new file mode 100755 index 000000000..9d2c9dd24 --- /dev/null +++ b/queries/aws_cloudwatch_log_event_5.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cloudwatch_log_event_5 +Title: "Find All AWS CloudWatch Log Events for Security Groups" +Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + log_stream_name, + event_id, + timestamp, + ingestion_time, + message + from + aws_cloudwatch_log_event + where + log_group_name = 'cloudwatch-log-event-group-name' + and filter = '{($.eventName = AuthorizeSecurityGroupIngress) || ($.eventName = AuthorizeSecurityGroupEgress) || ($.eventName = RevokeSecurityGroupIngress) || ($.eventName = RevokeSecurityGroupEgress) || ($.eventName = CreateSecurityGroup) || ($.eventName = DeleteSecurityGroup)}' + and region = 'us-east-1' + and timestamp >= now() - interval '1 hour'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_5.yaml.bak.bak b/queries/aws_cloudwatch_log_event_5.yaml.bak.bak new file mode 100755 index 000000000..9d2c9dd24 --- /dev/null +++ b/queries/aws_cloudwatch_log_event_5.yaml.bak.bak @@ -0,0 +1,34 @@ +ID: aws_cloudwatch_log_event_5 +Title: "Find All AWS CloudWatch Log Events for Security Groups" +Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + log_stream_name, + event_id, + timestamp, + ingestion_time, + message + from + aws_cloudwatch_log_event + where + log_group_name = 'cloudwatch-log-event-group-name' + and filter = '{($.eventName = AuthorizeSecurityGroupIngress) || ($.eventName = AuthorizeSecurityGroupEgress) || ($.eventName = RevokeSecurityGroupIngress) || ($.eventName = RevokeSecurityGroupEgress) || ($.eventName = CreateSecurityGroup) || ($.eventName = DeleteSecurityGroup)}' + and region = 'us-east-1' + and timestamp >= now() - interval '1 hour'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_6.yaml b/queries/aws_cloudwatch_log_event_6.yaml index 33e230042..c18b94f72 100755 --- a/queries/aws_cloudwatch_log_event_6.yaml +++ b/queries/aws_cloudwatch_log_event_6.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_event_6 Title: "List all AWS CloudWatch Log Events within 1 Day" Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_event_6.yaml.bak b/queries/aws_cloudwatch_log_event_6.yaml.bak new file mode 100755 index 000000000..33e230042 --- /dev/null +++ b/queries/aws_cloudwatch_log_event_6.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_cloudwatch_log_event_6 +Title: "List all AWS CloudWatch Log Events within 1 Day" +Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + log_stream_name, + event_id, + timestamp, + ingestion_time, + message + from + aws_cloudwatch_log_event + where + log_group_name = 'cloudwatch-log-event-group-name' + and filter = '{$.userIdentity.sessionContext.sessionIssuer.userName="turbot_superuser"}' + and timestamp >= now() - interval '1 day'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_group_1.yaml b/queries/aws_cloudwatch_log_group_1.yaml index e8944d4e3..9d7cea97d 100755 --- a/queries/aws_cloudwatch_log_group_1.yaml +++ b/queries/aws_cloudwatch_log_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_group_1 Title: "List AWS CloudWatch Log Groups Details Including Metrics" Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_group_1.yaml.bak b/queries/aws_cloudwatch_log_group_1.yaml.bak new file mode 100755 index 000000000..e8944d4e3 --- /dev/null +++ b/queries/aws_cloudwatch_log_group_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cloudwatch_log_group_1 +Title: "List AWS CloudWatch Log Groups Details Including Metrics" +Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + kms_key_id, + metric_filter_count, + retention_in_days + from + aws_cloudwatch_log_group + where + kms_key_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_group_2.yaml b/queries/aws_cloudwatch_log_group_2.yaml index 0e0fc8fc7..e7ed12a36 100755 --- a/queries/aws_cloudwatch_log_group_2.yaml +++ b/queries/aws_cloudwatch_log_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_group_2 Title: "Find AWS CloudWatch Log Groups with Retention Time < 7 Days" Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_group_2.yaml.bak b/queries/aws_cloudwatch_log_group_2.yaml.bak new file mode 100755 index 000000000..0e0fc8fc7 --- /dev/null +++ b/queries/aws_cloudwatch_log_group_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudwatch_log_group_2 +Title: "Find AWS CloudWatch Log Groups with Retention Time < 7 Days" +Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + retention_in_days + from + aws_cloudwatch_log_group + where + retention_in_days < 7; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_group_3.yaml b/queries/aws_cloudwatch_log_group_3.yaml index 3e0470b87..d2470d8fc 100755 --- a/queries/aws_cloudwatch_log_group_3.yaml +++ b/queries/aws_cloudwatch_log_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_group_3 Title: "Find AWS CloudWatch Log Groups and Their Attributes" Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_group_3.yaml.bak b/queries/aws_cloudwatch_log_group_3.yaml.bak new file mode 100755 index 000000000..3e0470b87 --- /dev/null +++ b/queries/aws_cloudwatch_log_group_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudwatch_log_group_3 +Title: "Find AWS CloudWatch Log Groups and Their Attributes" +Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + groups.name as log_group_name, + metric.name as metric_filter_name, + metric.filter_pattern, + metric.metric_transformation_name, + metric.metric_transformation_value + from + aws_cloudwatch_log_group groups + join aws_cloudwatch_log_metric_filter metric on groups.name = metric.log_group_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_group_4.yaml b/queries/aws_cloudwatch_log_group_4.yaml index dd46c7eba..8f9ae2240 100755 --- a/queries/aws_cloudwatch_log_group_4.yaml +++ b/queries/aws_cloudwatch_log_group_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_group_4 Title: "Find AWS CloudWatch Log Groups and Retrieve Attributes" Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_group_4.yaml.bak b/queries/aws_cloudwatch_log_group_4.yaml.bak new file mode 100755 index 000000000..dd46c7eba --- /dev/null +++ b/queries/aws_cloudwatch_log_group_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_cloudwatch_log_group_4 +Title: "Find AWS CloudWatch Log Groups and Retrieve Attributes" +Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i as data_identifier, + s -> 'Operation' -> 'Audit' -> 'FindingsDestination' -> 'S3' -> 'Bucket' as destination_bucket, + s -> 'Operation' -> 'Audit' -> 'FindingsDestination' -> 'CloudWatchLogs' -> 'LogGroup'as destination_log_group, + s -> 'Operation' -> 'Audit' -> 'FindingsDestination' -> 'Firehose' -> 'DeliveryStream'as destination_delivery_stream + from + aws_cloudwatch_log_group, + jsonb_array_elements(data_protection_policy -> 'Statement') as s, + jsonb_array_elements_text(s -> 'DataIdentifier') as i + where + s ->> 'Sid' = 'audit-policy' + and name = 'log-group-name'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch Log Groups diff --git a/queries/aws_cloudwatch_log_group_5.yaml b/queries/aws_cloudwatch_log_group_5.yaml index 3c3dc2920..a03ff90e2 100755 --- a/queries/aws_cloudwatch_log_group_5.yaml +++ b/queries/aws_cloudwatch_log_group_5.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_group_5 Title: "Find AWS CloudWatch Log Groups and Retrieve Attributes" Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_group_5.yaml.bak b/queries/aws_cloudwatch_log_group_5.yaml.bak new file mode 100755 index 000000000..3c3dc2920 --- /dev/null +++ b/queries/aws_cloudwatch_log_group_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cloudwatch_log_group_5 +Title: "Find AWS CloudWatch Log Groups and Retrieve Attributes" +Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name, + creation_time + from + aws_cloudwatch_log_group + where + data_protection_policy is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_metric_filter_1.yaml b/queries/aws_cloudwatch_log_metric_filter_1.yaml index f6476f715..66981f2c0 100755 --- a/queries/aws_cloudwatch_log_metric_filter_1.yaml +++ b/queries/aws_cloudwatch_log_metric_filter_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_metric_filter_1 Title: "Find all AWS CloudWatch log metric filters" Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_metric_filter_1.yaml.bak b/queries/aws_cloudwatch_log_metric_filter_1.yaml.bak new file mode 100755 index 000000000..f6476f715 --- /dev/null +++ b/queries/aws_cloudwatch_log_metric_filter_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_cloudwatch_log_metric_filter_1 +Title: "Find all AWS CloudWatch log metric filters" +Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + log_group_name, + creation_time, + filter_pattern, + metric_transformation_name, + metric_transformation_namespace, + metric_transformation_value + from + aws_cloudwatch_log_metric_filter; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_metric_filter_2.yaml b/queries/aws_cloudwatch_log_metric_filter_2.yaml index 16bf6c19d..08b06ecef 100755 --- a/queries/aws_cloudwatch_log_metric_filter_2.yaml +++ b/queries/aws_cloudwatch_log_metric_filter_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_metric_filter_2 Title: "List all AWS CloudWatch log metric filters and details" Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_metric_filter_2.yaml.bak b/queries/aws_cloudwatch_log_metric_filter_2.yaml.bak new file mode 100755 index 000000000..08b06ecef --- /dev/null +++ b/queries/aws_cloudwatch_log_metric_filter_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudwatch_log_metric_filter_2 +Title: "List all AWS CloudWatch log metric filters and details" +Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + log_group_name, + filter_pattern + from + aws_cloudwatch_log_metric_filter + where + filter_pattern ilike '%error%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_metric_filter_2.yaml.bak.bak b/queries/aws_cloudwatch_log_metric_filter_2.yaml.bak.bak new file mode 100755 index 000000000..08b06ecef --- /dev/null +++ b/queries/aws_cloudwatch_log_metric_filter_2.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_cloudwatch_log_metric_filter_2 +Title: "List all AWS CloudWatch log metric filters and details" +Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + log_group_name, + filter_pattern + from + aws_cloudwatch_log_metric_filter + where + filter_pattern ilike '%error%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_metric_filter_3.yaml b/queries/aws_cloudwatch_log_metric_filter_3.yaml index 6105121e5..5c66582aa 100755 --- a/queries/aws_cloudwatch_log_metric_filter_3.yaml +++ b/queries/aws_cloudwatch_log_metric_filter_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_metric_filter_3 Title: "Find AWS CloudWatch log metric filters with details" Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_metric_filter_3.yaml.bak b/queries/aws_cloudwatch_log_metric_filter_3.yaml.bak new file mode 100755 index 000000000..6105121e5 --- /dev/null +++ b/queries/aws_cloudwatch_log_metric_filter_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudwatch_log_metric_filter_3 +Title: "Find AWS CloudWatch log metric filters with details" +Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + count(name) as metric_filter_count + from + aws_cloudwatch_log_metric_filter + group by + log_group_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_resource_policy_1.yaml b/queries/aws_cloudwatch_log_resource_policy_1.yaml index c6970f371..fba4f459c 100755 --- a/queries/aws_cloudwatch_log_resource_policy_1.yaml +++ b/queries/aws_cloudwatch_log_resource_policy_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_resource_policy_1 Title: "Find all AWS CloudWatch Log Resource Policies" Description: "Allows users to query AWS CloudWatch Log Resource Policies, providing details such as the policy name, policy document, and last updated timestamp." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_resource_policy_1.yaml.bak b/queries/aws_cloudwatch_log_resource_policy_1.yaml.bak new file mode 100755 index 000000000..c6970f371 --- /dev/null +++ b/queries/aws_cloudwatch_log_resource_policy_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_cloudwatch_log_resource_policy_1 +Title: "Find all AWS CloudWatch Log Resource Policies" +Description: "Allows users to query AWS CloudWatch Log Resource Policies, providing details such as the policy name, policy document, and last updated timestamp." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + policy_name, + last_updated_time, + jsonb_pretty(policy) as policy, + jsonb_pretty(policy_std) as policy_std + from + aws_cloudwatch_log_resource_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_stream_1.yaml b/queries/aws_cloudwatch_log_stream_1.yaml index bd901c746..c60beea0f 100755 --- a/queries/aws_cloudwatch_log_stream_1.yaml +++ b/queries/aws_cloudwatch_log_stream_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_stream_1 Title: "Find AWS CloudWatch Log Streams Using SQL" Description: "Allows users to query AWS CloudWatch Log Stream to retrieve detailed information about each log stream within a log group." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_stream_1.yaml.bak b/queries/aws_cloudwatch_log_stream_1.yaml.bak new file mode 100755 index 000000000..bd901c746 --- /dev/null +++ b/queries/aws_cloudwatch_log_stream_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudwatch_log_stream_1 +Title: "Find AWS CloudWatch Log Streams Using SQL" +Description: "Allows users to query AWS CloudWatch Log Stream to retrieve detailed information about each log stream within a log group." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + log_group_name, + region + from + aws_cloudwatch_log_stream; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch Log Stream diff --git a/queries/aws_cloudwatch_log_stream_2.yaml b/queries/aws_cloudwatch_log_stream_2.yaml index 33d8b956e..b50a1d03b 100755 --- a/queries/aws_cloudwatch_log_stream_2.yaml +++ b/queries/aws_cloudwatch_log_stream_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_stream_2 Title: "List all AWS CloudWatch Log Stream information" Description: "Allows users to query AWS CloudWatch Log Stream to retrieve detailed information about each log stream within a log group." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_stream_2.yaml.bak b/queries/aws_cloudwatch_log_stream_2.yaml.bak new file mode 100755 index 000000000..33d8b956e --- /dev/null +++ b/queries/aws_cloudwatch_log_stream_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_cloudwatch_log_stream_2 +Title: "List all AWS CloudWatch Log Stream information" +Description: "Allows users to query AWS CloudWatch Log Stream to retrieve detailed information about each log stream within a log group." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + count(*) as log_stream_count + from + aws_cloudwatch_log_stream + group by + log_group_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch Log Stream diff --git a/queries/aws_cloudwatch_log_subscription_filter_1.yaml b/queries/aws_cloudwatch_log_subscription_filter_1.yaml index dbf0cb777..5764d6b02 100755 --- a/queries/aws_cloudwatch_log_subscription_filter_1.yaml +++ b/queries/aws_cloudwatch_log_subscription_filter_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_subscription_filter_1 Title: "List AWS CloudWatch Log Subscription Filters" Description: "Allows users to query AWS CloudWatch Log Subscription Filters, providing information about each subscription filter associated with the specified log group." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_subscription_filter_1.yaml.bak b/queries/aws_cloudwatch_log_subscription_filter_1.yaml.bak new file mode 100755 index 000000000..dbf0cb777 --- /dev/null +++ b/queries/aws_cloudwatch_log_subscription_filter_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudwatch_log_subscription_filter_1 +Title: "List AWS CloudWatch Log Subscription Filters" +Description: "Allows users to query AWS CloudWatch Log Subscription Filters, providing information about each subscription filter associated with the specified log group." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + log_group_name, + creation_time, + filter_pattern, + destination_arn + from + aws_cloudwatch_log_subscription_filter; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_subscription_filter_2.yaml b/queries/aws_cloudwatch_log_subscription_filter_2.yaml index 1c81b7d14..db81a85d0 100755 --- a/queries/aws_cloudwatch_log_subscription_filter_2.yaml +++ b/queries/aws_cloudwatch_log_subscription_filter_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_subscription_filter_2 Title: "List all AWS CloudWatch Log Subscription Filters" Description: "Allows users to query AWS CloudWatch Log Subscription Filters, providing information about each subscription filter associated with the specified log group." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_subscription_filter_2.yaml.bak b/queries/aws_cloudwatch_log_subscription_filter_2.yaml.bak new file mode 100755 index 000000000..1c81b7d14 --- /dev/null +++ b/queries/aws_cloudwatch_log_subscription_filter_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudwatch_log_subscription_filter_2 +Title: "List all AWS CloudWatch Log Subscription Filters" +Description: "Allows users to query AWS CloudWatch Log Subscription Filters, providing information about each subscription filter associated with the specified log group." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + log_group_name, + filter_pattern + from + aws_cloudwatch_log_subscription_filter + where + filter_pattern ilike '%error%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_log_subscription_filter_3.yaml b/queries/aws_cloudwatch_log_subscription_filter_3.yaml index 1291b8763..a1a642fef 100755 --- a/queries/aws_cloudwatch_log_subscription_filter_3.yaml +++ b/queries/aws_cloudwatch_log_subscription_filter_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_log_subscription_filter_3 Title: "List all AWS CloudWatch Log Subscription Filters" Description: "Allows users to query AWS CloudWatch Log Subscription Filters, providing information about each subscription filter associated with the specified log group." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_log_subscription_filter_3.yaml.bak b/queries/aws_cloudwatch_log_subscription_filter_3.yaml.bak new file mode 100755 index 000000000..1291b8763 --- /dev/null +++ b/queries/aws_cloudwatch_log_subscription_filter_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudwatch_log_subscription_filter_3 +Title: "List all AWS CloudWatch Log Subscription Filters" +Description: "Allows users to query AWS CloudWatch Log Subscription Filters, providing information about each subscription filter associated with the specified log group." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + count(name) as subscription_filter_count + from + aws_cloudwatch_log_subscription_filter + group by + log_group_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_1.yaml b/queries/aws_cloudwatch_metric_1.yaml index cd9f8c7c5..0d9977b6a 100755 --- a/queries/aws_cloudwatch_metric_1.yaml +++ b/queries/aws_cloudwatch_metric_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_1 Title: "List AWS CloudWatch Metrics with SQL Queries" Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_1.yaml.bak b/queries/aws_cloudwatch_metric_1.yaml.bak new file mode 100755 index 000000000..cd9f8c7c5 --- /dev/null +++ b/queries/aws_cloudwatch_metric_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudwatch_metric_1 +Title: "List AWS CloudWatch Metrics with SQL Queries" +Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + metric_name, + namespace, + dimensions + from + aws_cloudwatch_metric; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_2.yaml b/queries/aws_cloudwatch_metric_2.yaml index 716b2ff23..9e9315da2 100755 --- a/queries/aws_cloudwatch_metric_2.yaml +++ b/queries/aws_cloudwatch_metric_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_2 Title: "Find AWS Resources Performance via CloudWatch Metrics" Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_2.yaml.bak b/queries/aws_cloudwatch_metric_2.yaml.bak new file mode 100755 index 000000000..716b2ff23 --- /dev/null +++ b/queries/aws_cloudwatch_metric_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cloudwatch_metric_2 +Title: "Find AWS Resources Performance via CloudWatch Metrics" +Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + metric_name, + namespace, + dimensions + from + aws_cloudwatch_metric + where + namespace = 'AWS/EBS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_3.yaml b/queries/aws_cloudwatch_metric_3.yaml index ffd8d8d2e..a2d2f58d7 100755 --- a/queries/aws_cloudwatch_metric_3.yaml +++ b/queries/aws_cloudwatch_metric_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_3 Title: "List all AWS CloudWatch metrics for EBS VolumeReadOps" Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_3.yaml.bak b/queries/aws_cloudwatch_metric_3.yaml.bak new file mode 100755 index 000000000..a2d2f58d7 --- /dev/null +++ b/queries/aws_cloudwatch_metric_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cloudwatch_metric_3 +Title: "List all AWS CloudWatch metrics for EBS VolumeReadOps" +Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + metric_name, + namespace, + dimensions + from + aws_cloudwatch_metric + where + namespace = 'AWS/EBS' + and metric_name = 'VolumeReadOps'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_3.yaml.bak.bak b/queries/aws_cloudwatch_metric_3.yaml.bak.bak new file mode 100755 index 000000000..a2d2f58d7 --- /dev/null +++ b/queries/aws_cloudwatch_metric_3.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_cloudwatch_metric_3 +Title: "List all AWS CloudWatch metrics for EBS VolumeReadOps" +Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + metric_name, + namespace, + dimensions + from + aws_cloudwatch_metric + where + namespace = 'AWS/EBS' + and metric_name = 'VolumeReadOps'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_4.yaml b/queries/aws_cloudwatch_metric_4.yaml index f6de4dd15..7a4a5fc20 100755 --- a/queries/aws_cloudwatch_metric_4.yaml +++ b/queries/aws_cloudwatch_metric_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_4 Title: "Find AWS CloudWatch Metrics for Resource Performance" Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_4.yaml.bak b/queries/aws_cloudwatch_metric_4.yaml.bak new file mode 100755 index 000000000..f6de4dd15 --- /dev/null +++ b/queries/aws_cloudwatch_metric_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cloudwatch_metric_4 +Title: "Find AWS CloudWatch Metrics for Resource Performance" +Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + metric_name, + namespace, + dimensions + from + aws_cloudwatch_metric + where + dimensions_filter = '[ + {"Name": "ClusterIdentifier", "Value": "my-cluster-1"} + ]'::jsonb; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch Metrics diff --git a/queries/aws_cloudwatch_metric_5.yaml b/queries/aws_cloudwatch_metric_5.yaml index cf445c809..cc9778372 100755 --- a/queries/aws_cloudwatch_metric_5.yaml +++ b/queries/aws_cloudwatch_metric_5.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_5 Title: "Find AWS CloudWatch Metrics for Performance Information" Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_5.yaml.bak b/queries/aws_cloudwatch_metric_5.yaml.bak new file mode 100755 index 000000000..cf445c809 --- /dev/null +++ b/queries/aws_cloudwatch_metric_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cloudwatch_metric_5 +Title: "Find AWS CloudWatch Metrics for Performance Information" +Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + metric_name, + namespace, + dimensions + from + aws_cloudwatch_metric + where + dimensions_filter = '[ + {"Name": "Type", "Value": "API"}, + {"Name": "Service", "Value": "EC2"} + ]'::jsonb; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_1.yaml b/queries/aws_cloudwatch_metric_data_point_1.yaml index 305e93ec1..29a45e2cc 100755 --- a/queries/aws_cloudwatch_metric_data_point_1.yaml +++ b/queries/aws_cloudwatch_metric_data_point_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_data_point_1 Title: "List All AWS CloudWatch Metric Data Points" Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_data_point_1.yaml.bak b/queries/aws_cloudwatch_metric_data_point_1.yaml.bak new file mode 100755 index 000000000..305e93ec1 --- /dev/null +++ b/queries/aws_cloudwatch_metric_data_point_1.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cloudwatch_metric_data_point_1 +Title: "List All AWS CloudWatch Metric Data Points" +Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + label, + timestamp, + period, + value, + expression + from + aws_cloudwatch_metric_data_point + where + id = 'm1' + and expression = 'select max(CPUUtilization) from schema("AWS/EC2", InstanceId)' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_2.yaml b/queries/aws_cloudwatch_metric_data_point_2.yaml index 0ebd25dcc..f38898395 100755 --- a/queries/aws_cloudwatch_metric_data_point_2.yaml +++ b/queries/aws_cloudwatch_metric_data_point_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_data_point_2 Title: "Find AWS CloudWatch MetricDataPoints details" Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_data_point_2.yaml.bak b/queries/aws_cloudwatch_metric_data_point_2.yaml.bak new file mode 100755 index 000000000..f38898395 --- /dev/null +++ b/queries/aws_cloudwatch_metric_data_point_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_cloudwatch_metric_data_point_2 +Title: "Find AWS CloudWatch MetricDataPoints details" +Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + label, + timestamp, + period, + value, + expression + from + aws_cloudwatch_metric_data_point + where + id = 'e1' + and expression = 'SUM(METRICS(''error''))' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_2.yaml.bak.bak b/queries/aws_cloudwatch_metric_data_point_2.yaml.bak.bak new file mode 100755 index 000000000..f38898395 --- /dev/null +++ b/queries/aws_cloudwatch_metric_data_point_2.yaml.bak.bak @@ -0,0 +1,32 @@ +ID: aws_cloudwatch_metric_data_point_2 +Title: "Find AWS CloudWatch MetricDataPoints details" +Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + label, + timestamp, + period, + value, + expression + from + aws_cloudwatch_metric_data_point + where + id = 'e1' + and expression = 'SUM(METRICS(''error''))' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_3.yaml b/queries/aws_cloudwatch_metric_data_point_3.yaml index 6fb530dab..bae2b6dbf 100755 --- a/queries/aws_cloudwatch_metric_data_point_3.yaml +++ b/queries/aws_cloudwatch_metric_data_point_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_data_point_3 Title: "List All AWS CloudWatch MetricDataPoints" Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_data_point_3.yaml.bak b/queries/aws_cloudwatch_metric_data_point_3.yaml.bak new file mode 100755 index 000000000..6fb530dab --- /dev/null +++ b/queries/aws_cloudwatch_metric_data_point_3.yaml.bak @@ -0,0 +1,48 @@ +ID: aws_cloudwatch_metric_data_point_3 +Title: "List All AWS CloudWatch MetricDataPoints" +Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + label, + timestamp, + period, + round(value::numeric, 2) as avg_cpu, + metric_stat + from + aws_cloudwatch_metric_data_point + where + id = 'm1' + and value > 80 + and timestamp >= now() - interval '5 day' + and metric_stat = '{ + "Metric": { + "Namespace": "AWS/EC2", + "MetricName": "CPUUtilization", + "Dimensions": [ + { + "Name": "InstanceId", + "Value": "i-0353536c53f7c8235" + }, + { + "Name": "InstanceId", + "Value": "i-0dd7043e0f6f0f36d" + } + ]}, + "Stat": "Average"}' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_4.yaml b/queries/aws_cloudwatch_metric_data_point_4.yaml index 13d296f44..e3b97c7b0 100755 --- a/queries/aws_cloudwatch_metric_data_point_4.yaml +++ b/queries/aws_cloudwatch_metric_data_point_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_data_point_4 Title: "Find AWS CloudWatch MetricDataPoints for defined metric" Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_data_point_4.yaml.bak b/queries/aws_cloudwatch_metric_data_point_4.yaml.bak new file mode 100755 index 000000000..13d296f44 --- /dev/null +++ b/queries/aws_cloudwatch_metric_data_point_4.yaml.bak @@ -0,0 +1,45 @@ +ID: aws_cloudwatch_metric_data_point_4 +Title: "Find AWS CloudWatch MetricDataPoints for defined metric" +Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + label, + timestamp, + value, + metric_stat + from + aws_cloudwatch_metric_data_point + where + id = 'm1' + and value > 1000 + and period = 86400 + and scan_by = 'TimestampDescending' + and timestamp between '2023-03-10T00:00:00Z' and '2023-03-16T00:00:00Z' + and metric_stat = '{ + "Metric": { + "Namespace": "AWS/EBS", + "MetricName": "VolumeReadOps", + "Dimensions": [ + { + "Name": "VolumeId", + "Value": "vol-00607053b218c6d74" + } + ]}, + "Stat": "Average"}'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_5.yaml b/queries/aws_cloudwatch_metric_data_point_5.yaml index 526ca935e..d8da995ce 100755 --- a/queries/aws_cloudwatch_metric_data_point_5.yaml +++ b/queries/aws_cloudwatch_metric_data_point_5.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_data_point_5 Title: "List all AWS CloudWatch Metric Data Points" Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_data_point_5.yaml.bak b/queries/aws_cloudwatch_metric_data_point_5.yaml.bak new file mode 100755 index 000000000..526ca935e --- /dev/null +++ b/queries/aws_cloudwatch_metric_data_point_5.yaml.bak @@ -0,0 +1,43 @@ +ID: aws_cloudwatch_metric_data_point_5 +Title: "List all AWS CloudWatch Metric Data Points" +Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + label, + timestamp, + value, + metric_stat + from + aws_cloudwatch_metric_data_point + where + id = 'e1' + and value < 10 + and timestamp >= now() - interval '7 day' + and metric_stat = '{ + "Metric": { + "Namespace": "AWS/ElastiCache", + "MetricName": "CacheHits", + "Dimensions": [ + { + "Name": "CacheClusterId", + "Value": "cluster-delete-001" + } + ]}, + "Stat": "Sum"}' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_6.yaml b/queries/aws_cloudwatch_metric_data_point_6.yaml index e680241db..a8a1fc7ae 100755 --- a/queries/aws_cloudwatch_metric_data_point_6.yaml +++ b/queries/aws_cloudwatch_metric_data_point_6.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_data_point_6 Title: "Query AWS CloudWatch Metric Data Points for Detailed Info" Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_data_point_6.yaml.bak b/queries/aws_cloudwatch_metric_data_point_6.yaml.bak new file mode 100755 index 000000000..e680241db --- /dev/null +++ b/queries/aws_cloudwatch_metric_data_point_6.yaml.bak @@ -0,0 +1,49 @@ +ID: aws_cloudwatch_metric_data_point_6 +Title: "Query AWS CloudWatch Metric Data Points for Detailed Info" +Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + label, + timestamp, + value, + metric_stat + from + aws_cloudwatch_metric_data_point + where + id = 'e1' + and source_account_id = '533743456432100' + and timestamp between '2023-03-10T00:00:00Z' and '2023-03-16T00:00:00Z' + and metric_stat = '{ + "Metric": { + "Namespace": "AWS/S3", + "MetricName": "BucketSizeBytes", + "Dimensions": [ + { + "Name": "BucketName", + "Value": "steampipe-test" + }, + { + "Name": "StorageType", + "Value": "StandardStorage" + } + ]}, + "Stat": "Maximum"}' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml index a1d4c6ace..0ffd2c6bb 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_statistic_data_point_1 Title: "Query AWS CloudWatch Metric Statistics Data Points" Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml.bak new file mode 100755 index 000000000..a1d4c6ace --- /dev/null +++ b/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_cloudwatch_metric_statistic_data_point_1 +Title: "Query AWS CloudWatch Metric Statistics Data Points" +Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + metric_name, + timestamp, + round(minimum::numeric, 2) as min_cpu, + round(maximum::numeric, 2) as max_cpu, + round(average::numeric, 2) as avg_cpu, + sum, + sample_count + from + aws_cloudwatch_metric_statistic_data_point + where + namespace = 'AWS/EC2' + and metric_name = 'CPUUtilization' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml index 77ac3d9ee..6adac5544 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_statistic_data_point_2 Title: "List AWS CloudWatch Metric Statistics Data Points" Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml.bak new file mode 100755 index 000000000..77ac3d9ee --- /dev/null +++ b/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cloudwatch_metric_statistic_data_point_2 +Title: "List AWS CloudWatch Metric Statistics Data Points" +Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + jsonb_pretty(dimensions) as dimensions, + timestamp, + round(average::numeric, 2) as avg_cpu + from + aws_cloudwatch_metric_statistic_data_point + where + namespace = 'AWS/EC2' + and metric_name = 'CPUUtilization' + and average > 80 + and timestamp >= now() - interval '5 day' + and dimensions = '[ + {"Name": "InstanceId", "Value": "i-0dd7043e0f6f0f36d"} + ]' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml index 57f5d2c48..e852bdaf8 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_statistic_data_point_3 Title: "Find AWS CloudWatch Metric Statistic Data Points" Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml.bak new file mode 100755 index 000000000..57f5d2c48 --- /dev/null +++ b/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml.bak @@ -0,0 +1,37 @@ +ID: aws_cloudwatch_metric_statistic_data_point_3 +Title: "Find AWS CloudWatch Metric Statistic Data Points" +Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + jsonb_pretty(dimensions) as dimensions, + timestamp, + average + from + aws_cloudwatch_metric_statistic_data_point + where + namespace = 'AWS/EBS' + and metric_name = 'VolumeReadOps' + and average > 1000 + and timestamp between '2023-03-10T00:00:00Z' and '2023-03-16T00:00:00Z' + and period = 300 + and dimensions = '[ + {"Name": "VolumeId", "Value": "vol-00607053b218c6d74"} + ]' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml index 125991533..22601653a 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_statistic_data_point_4 Title: "Find AWS CloudWatch Metric Statistics Data Points" Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml.bak new file mode 100755 index 000000000..125991533 --- /dev/null +++ b/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cloudwatch_metric_statistic_data_point_4 +Title: "Find AWS CloudWatch Metric Statistics Data Points" +Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + jsonb_pretty(dimensions) as dimensions, + timestamp, + sum + from + aws_cloudwatch_metric_statistic_data_point + where + namespace = 'AWS/ElastiCache' + and metric_name = 'CacheHits' + and sum < 10 + and timestamp >= now() - interval '7 day' + and dimensions = '[ + {"Name": "CacheClusterId", "Value": "cluster-delete-001"} + ]' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch Metric Statistics diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml index 26d5a4ca3..23a8e5912 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_statistic_data_point_5 Title: "List All AWS CloudWatch Metric Statistics Data Points" Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml.bak new file mode 100755 index 000000000..26d5a4ca3 --- /dev/null +++ b/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_cloudwatch_metric_statistic_data_point_5 +Title: "List All AWS CloudWatch Metric Statistics Data Points" +Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + jsonb_pretty(dimensions) as dimensions, + timestamp, + maximum + from + aws_cloudwatch_metric_statistic_data_point + where + namespace = 'AWS/Lambda' + and metric_name = 'Duration' + and maximum > 100 + and timestamp >= '2023-02-15T00:00:00Z' + and timestamp <= '2023-03-15T00:00:00Z' + and period = 86400 + and dimensions = '[ + {"Name": "FunctionName", "Value": "test"} + ]' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml index 4d970d27f..de3599b12 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_statistic_data_point_6 Title: "Find AWS CloudWatch Metric Statistics Data for RDS CPU Utilization" Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml.bak new file mode 100755 index 000000000..4d970d27f --- /dev/null +++ b/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cloudwatch_metric_statistic_data_point_6 +Title: "Find AWS CloudWatch Metric Statistics Data for RDS CPU Utilization" +Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + jsonb_pretty(dimensions) as dimensions, + timestamp, + round(average::numeric, 2) as avg_cpu + from + aws_cloudwatch_metric_statistic_data_point + where + namespace = 'AWS/RDS' + and metric_name = 'CPUUtilization' + and average > 80 + and timestamp >= now() - interval '30 day' + and dimensions = '[ + {"Name": "DBInstanceIdentifier", "Value": "database-1"} + ]' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml index a8e64631f..c1c499cc9 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml @@ -1,7 +1,7 @@ ID: aws_cloudwatch_metric_statistic_data_point_7 Title: "List AWS CloudWatch Metric Statistics for S3 Buckets" Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml.bak new file mode 100755 index 000000000..a8e64631f --- /dev/null +++ b/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_cloudwatch_metric_statistic_data_point_7 +Title: "List AWS CloudWatch Metric Statistics for S3 Buckets" +Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + jsonb_pretty(dimensions) as dimensions, + timestamp, + minimum + from + aws_cloudwatch_metric_statistic_data_point + where + namespace = 'AWS/S3' + and metric_name = 'BucketSizeBytes' + and timestamp between '2023-03-6T00:00:00Z' and '2023-03-15T00:00:00Z' + and period = 86400 + and dimensions = '[ + {"Name": "BucketName", "Value": "steampipe-test"}, + {"Name": "StorageType", "Value": "StandardStorage"} + ]' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_codeartifact_domain_1.yaml b/queries/aws_codeartifact_domain_1.yaml index df24286f9..2916b5df2 100755 --- a/queries/aws_codeartifact_domain_1.yaml +++ b/queries/aws_codeartifact_domain_1.yaml @@ -1,7 +1,7 @@ ID: aws_codeartifact_domain_1 Title: "Find AWS CodeArtifact Domains and Details" Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codeartifact_domain_1.yaml.bak b/queries/aws_codeartifact_domain_1.yaml.bak new file mode 100755 index 000000000..df24286f9 --- /dev/null +++ b/queries/aws_codeartifact_domain_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_codeartifact_domain_1 +Title: "Find AWS CodeArtifact Domains and Details" +Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + created_time, + encryption_key, + status, + owner, + tags + from + aws_codeartifact_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeArtifact diff --git a/queries/aws_codeartifact_domain_2.yaml b/queries/aws_codeartifact_domain_2.yaml index 0ad9e7afc..e2e525a5e 100755 --- a/queries/aws_codeartifact_domain_2.yaml +++ b/queries/aws_codeartifact_domain_2.yaml @@ -1,7 +1,7 @@ ID: aws_codeartifact_domain_2 Title: "Find AWS CodeArtifact Domains and Their Details" Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codeartifact_domain_2.yaml.bak b/queries/aws_codeartifact_domain_2.yaml.bak new file mode 100755 index 000000000..0ad9e7afc --- /dev/null +++ b/queries/aws_codeartifact_domain_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_codeartifact_domain_2 +Title: "Find AWS CodeArtifact Domains and Their Details" +Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + created_time, + status, + s3_bucket_arn, + tags + from + aws_codeartifact_domain + where + encryption_key is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeArtifact diff --git a/queries/aws_codeartifact_domain_3.yaml b/queries/aws_codeartifact_domain_3.yaml index e595860ff..937635c2e 100755 --- a/queries/aws_codeartifact_domain_3.yaml +++ b/queries/aws_codeartifact_domain_3.yaml @@ -1,7 +1,7 @@ ID: aws_codeartifact_domain_3 Title: "Find AWS CodeArtifact Domains Ownership, Encryption, Policy Info" Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codeartifact_domain_3.yaml.bak b/queries/aws_codeartifact_domain_3.yaml.bak new file mode 100755 index 000000000..e595860ff --- /dev/null +++ b/queries/aws_codeartifact_domain_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_codeartifact_domain_3 +Title: "Find AWS CodeArtifact Domains Ownership, Encryption, Policy Info" +Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + created_time, + status, + s3_bucket_arn, + tags + from + aws_codeartifact_domain + where + status != 'Active'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeArtifact diff --git a/queries/aws_codeartifact_domain_4.yaml b/queries/aws_codeartifact_domain_4.yaml index 79cb8f44a..7af1e797d 100755 --- a/queries/aws_codeartifact_domain_4.yaml +++ b/queries/aws_codeartifact_domain_4.yaml @@ -1,7 +1,7 @@ ID: aws_codeartifact_domain_4 Title: "Find AWS CodeArtifact Domains for Ownership, Key, Policy" Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codeartifact_domain_4.yaml.bak b/queries/aws_codeartifact_domain_4.yaml.bak new file mode 100755 index 000000000..7af1e797d --- /dev/null +++ b/queries/aws_codeartifact_domain_4.yaml.bak @@ -0,0 +1,37 @@ +ID: aws_codeartifact_domain_4 +Title: "Find AWS CodeArtifact Domains for Ownership, Key, Policy" +Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + p as principal, + a as action, + s ->> 'Effect' as effect + from + aws_codeartifact_domain, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + string_to_array(p, ':') as pa, + jsonb_array_elements_text(s -> 'Action') as a + where + s ->> 'Effect' = 'Allow' + and ( + pa [5] != account_id + or p = '*' + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeArtifact diff --git a/queries/aws_codeartifact_domain_4.yaml.bak.bak b/queries/aws_codeartifact_domain_4.yaml.bak.bak new file mode 100755 index 000000000..7af1e797d --- /dev/null +++ b/queries/aws_codeartifact_domain_4.yaml.bak.bak @@ -0,0 +1,37 @@ +ID: aws_codeartifact_domain_4 +Title: "Find AWS CodeArtifact Domains for Ownership, Key, Policy" +Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + p as principal, + a as action, + s ->> 'Effect' as effect + from + aws_codeartifact_domain, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + string_to_array(p, ':') as pa, + jsonb_array_elements_text(s -> 'Action') as a + where + s ->> 'Effect' = 'Allow' + and ( + pa [5] != account_id + or p = '*' + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeArtifact diff --git a/queries/aws_codeartifact_domain_5.yaml b/queries/aws_codeartifact_domain_5.yaml index b055fb274..ead30e17b 100755 --- a/queries/aws_codeartifact_domain_5.yaml +++ b/queries/aws_codeartifact_domain_5.yaml @@ -1,7 +1,7 @@ ID: aws_codeartifact_domain_5 Title: "Find AWS CodeArtifact Domain Ownership & Encryption Key" Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codeartifact_domain_5.yaml.bak b/queries/aws_codeartifact_domain_5.yaml.bak new file mode 100755 index 000000000..b055fb274 --- /dev/null +++ b/queries/aws_codeartifact_domain_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_codeartifact_domain_5 +Title: "Find AWS CodeArtifact Domain Ownership & Encryption Key" +Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + d.arn as domain_arn, + b.arn as bucket_arn, + d.encryption_key domain_encryption_key, + bucket_policy_is_public + from + aws_codeartifact_domain d + join aws_s3_bucket b on d.s3_bucket_arn = b.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeArtifact diff --git a/queries/aws_codeartifact_domain_6.yaml b/queries/aws_codeartifact_domain_6.yaml index 345915c9d..2d319f015 100755 --- a/queries/aws_codeartifact_domain_6.yaml +++ b/queries/aws_codeartifact_domain_6.yaml @@ -1,7 +1,7 @@ ID: aws_codeartifact_domain_6 Title: "Find AWS CodeArtifact Domains with Metadata" Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codeartifact_domain_6.yaml.bak b/queries/aws_codeartifact_domain_6.yaml.bak new file mode 100755 index 000000000..345915c9d --- /dev/null +++ b/queries/aws_codeartifact_domain_6.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_codeartifact_domain_6 +Title: "Find AWS CodeArtifact Domains with Metadata" +Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + d.arn as domain_arn, + d.encryption_key domain_encryption_key, + key_manager, + key_state + from + aws_codeartifact_domain d + join aws_kms_key k on d.encryption_key = k.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeArtifact diff --git a/queries/aws_codeartifact_domain_7.yaml b/queries/aws_codeartifact_domain_7.yaml index 5b1a50293..1a36447ba 100755 --- a/queries/aws_codeartifact_domain_7.yaml +++ b/queries/aws_codeartifact_domain_7.yaml @@ -1,7 +1,7 @@ ID: aws_codeartifact_domain_7 Title: "Find all AWS CodeArtifact Domains and Encryption Details" Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codeartifact_domain_7.yaml.bak b/queries/aws_codeartifact_domain_7.yaml.bak new file mode 100755 index 000000000..5b1a50293 --- /dev/null +++ b/queries/aws_codeartifact_domain_7.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_codeartifact_domain_7 +Title: "Find all AWS CodeArtifact Domains and Encryption Details" +Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + d.arn as domain_arn, + d.encryption_key domain_encryption_key, + key_manager, + key_state + from + aws_codeartifact_domain d + join aws_kms_key k on d.encryption_key = k.arn + where + key_manager = 'CUSTOMER'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeArtifact diff --git a/queries/aws_codeartifact_repository_1.yaml b/queries/aws_codeartifact_repository_1.yaml index dfdb5d814..b1340c94e 100755 --- a/queries/aws_codeartifact_repository_1.yaml +++ b/queries/aws_codeartifact_repository_1.yaml @@ -1,7 +1,7 @@ ID: aws_codeartifact_repository_1 Title: "List all AWS CodeArtifact Repository with Domain Details" Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codeartifact_repository_1.yaml.bak b/queries/aws_codeartifact_repository_1.yaml.bak new file mode 100755 index 000000000..dfdb5d814 --- /dev/null +++ b/queries/aws_codeartifact_repository_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_codeartifact_repository_1 +Title: "List all AWS CodeArtifact Repository with Domain Details" +Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + domain_name, + domain_owner, + upstreams, + tags + from + aws_codeartifact_repository; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS CodeArtifact diff --git a/queries/aws_codeartifact_repository_2.yaml b/queries/aws_codeartifact_repository_2.yaml index 95be43faf..2257f3508 100755 --- a/queries/aws_codeartifact_repository_2.yaml +++ b/queries/aws_codeartifact_repository_2.yaml @@ -1,7 +1,7 @@ ID: aws_codeartifact_repository_2 Title: "List all details about AWS CodeArtifact Repositories" Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codeartifact_repository_2.yaml.bak b/queries/aws_codeartifact_repository_2.yaml.bak new file mode 100755 index 000000000..95be43faf --- /dev/null +++ b/queries/aws_codeartifact_repository_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_codeartifact_repository_2 +Title: "List all details about AWS CodeArtifact Repositories" +Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + domain_name, + domain_owner, + tags, + repository_endpoint + from + aws_codeartifact_repository + where + repository_endpoint is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeArtifact diff --git a/queries/aws_codeartifact_repository_3.yaml b/queries/aws_codeartifact_repository_3.yaml index 37260d529..bca7a76a0 100755 --- a/queries/aws_codeartifact_repository_3.yaml +++ b/queries/aws_codeartifact_repository_3.yaml @@ -1,7 +1,7 @@ ID: aws_codeartifact_repository_3 Title: "List all AWS CodeArtifact Repositories with SQL Queries" Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codeartifact_repository_3.yaml.bak b/queries/aws_codeartifact_repository_3.yaml.bak new file mode 100755 index 000000000..37260d529 --- /dev/null +++ b/queries/aws_codeartifact_repository_3.yaml.bak @@ -0,0 +1,37 @@ +ID: aws_codeartifact_repository_3 +Title: "List all AWS CodeArtifact Repositories with SQL Queries" +Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + p as principal, + a as action, + s ->> 'Effect' as effect + from + aws_codeartifact_repository, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + string_to_array(p, ':') as pa, + jsonb_array_elements_text(s -> 'Action') as a + where + s ->> 'Effect' = 'Allow' + and ( + pa [5] != account_id + or p = '*' + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS CodeArtifact diff --git a/queries/aws_codeartifact_repository_4.yaml b/queries/aws_codeartifact_repository_4.yaml index 19835e2fb..596e4b1c0 100755 --- a/queries/aws_codeartifact_repository_4.yaml +++ b/queries/aws_codeartifact_repository_4.yaml @@ -1,7 +1,7 @@ ID: aws_codeartifact_repository_4 Title: "Find AWS CodeArtifact Repository Details with SQL" Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codeartifact_repository_4.yaml.bak b/queries/aws_codeartifact_repository_4.yaml.bak new file mode 100755 index 000000000..19835e2fb --- /dev/null +++ b/queries/aws_codeartifact_repository_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_codeartifact_repository_4 +Title: "Find AWS CodeArtifact Repository Details with SQL" +Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + domain_name, + domain_owner, + u ->> 'RepositoryName' as upstream_repo_name + from + aws_codeartifact_repository, + jsonb_array_elements(upstreams) u; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeArtifact diff --git a/queries/aws_codebuild_build_1.yaml b/queries/aws_codebuild_build_1.yaml index 994b848a1..3baede312 100755 --- a/queries/aws_codebuild_build_1.yaml +++ b/queries/aws_codebuild_build_1.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_build_1 Title: "List all AWS CodeBuild Build Information" Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_build_1.yaml.bak b/queries/aws_codebuild_build_1.yaml.bak new file mode 100755 index 000000000..994b848a1 --- /dev/null +++ b/queries/aws_codebuild_build_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_codebuild_build_1 +Title: "List all AWS CodeBuild Build Information" +Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + id, + build_complete, + timeout_in_minutes, + project_name, + build_status, + encryption_key, + end_time, + region + from + aws_codebuild_build; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_build_10.yaml b/queries/aws_codebuild_build_10.yaml index bbe31a0a0..4c45eb5ab 100755 --- a/queries/aws_codebuild_build_10.yaml +++ b/queries/aws_codebuild_build_10.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_build_10 Title: "Find AWS CodeBuild Build Projects Details" Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_build_10.yaml.bak b/queries/aws_codebuild_build_10.yaml.bak new file mode 100755 index 000000000..4c45eb5ab --- /dev/null +++ b/queries/aws_codebuild_build_10.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_codebuild_build_10 +Title: "Find AWS CodeBuild Build Projects Details" +Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + source ->> 'Auth' as source_auth, + source ->> 'BuildStatusConfig' as source_BuildStatusConfig, + source ->> 'Buildspec' as source_buildspec, + source ->> 'GitCloneDepth' as source_git_clone_depth, + source ->> 'GitSubmodulesConfig' as source_git_submodules_config, + source ->> 'GitCloneDepth' as source_git_clone_depth, + source ->> 'InsecureSsl' as source_insecure_ssl, + source ->> 'Location' as source_location, + source ->> 'ReportBuildStatus' as source_report_build_status, + source ->> 'SourceIdentifier' as source_identifier, + source ->> 'Type' as source_type + from + aws_codebuild_build; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS CodeBuild diff --git a/queries/aws_codebuild_build_10.yaml.bak.bak b/queries/aws_codebuild_build_10.yaml.bak.bak new file mode 100755 index 000000000..4c45eb5ab --- /dev/null +++ b/queries/aws_codebuild_build_10.yaml.bak.bak @@ -0,0 +1,33 @@ +ID: aws_codebuild_build_10 +Title: "Find AWS CodeBuild Build Projects Details" +Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + source ->> 'Auth' as source_auth, + source ->> 'BuildStatusConfig' as source_BuildStatusConfig, + source ->> 'Buildspec' as source_buildspec, + source ->> 'GitCloneDepth' as source_git_clone_depth, + source ->> 'GitSubmodulesConfig' as source_git_submodules_config, + source ->> 'GitCloneDepth' as source_git_clone_depth, + source ->> 'InsecureSsl' as source_insecure_ssl, + source ->> 'Location' as source_location, + source ->> 'ReportBuildStatus' as source_report_build_status, + source ->> 'SourceIdentifier' as source_identifier, + source ->> 'Type' as source_type + from + aws_codebuild_build; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS CodeBuild diff --git a/queries/aws_codebuild_build_11.yaml b/queries/aws_codebuild_build_11.yaml index b9b639946..899aecba4 100755 --- a/queries/aws_codebuild_build_11.yaml +++ b/queries/aws_codebuild_build_11.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_build_11 Title: "Find all AWS CodeBuild project builds information" Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_build_11.yaml.bak b/queries/aws_codebuild_build_11.yaml.bak new file mode 100755 index 000000000..b9b639946 --- /dev/null +++ b/queries/aws_codebuild_build_11.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_codebuild_build_11 +Title: "Find all AWS CodeBuild project builds information" +Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + f ->> 'Identifier' as file_system_identifier, + f ->> 'Location' as file_system_location, + f ->> 'MountOptions' as file_system_mount_options, + f ->> 'MountPoint' as file_system_mount_point, + f ->> 'Type' as file_system_type + from + aws_codebuild_build, + jsonb_array_elements(file_system_locations) as f; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS CodeBuild diff --git a/queries/aws_codebuild_build_2.yaml b/queries/aws_codebuild_build_2.yaml index 83586b481..b981965ad 100755 --- a/queries/aws_codebuild_build_2.yaml +++ b/queries/aws_codebuild_build_2.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_build_2 Title: "List AWS CodeBuild Build details with encryption key" Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_build_2.yaml.bak b/queries/aws_codebuild_build_2.yaml.bak new file mode 100755 index 000000000..b981965ad --- /dev/null +++ b/queries/aws_codebuild_build_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_codebuild_build_2 +Title: "List AWS CodeBuild Build details with encryption key" +Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + id, + encryption_key + from + aws_codebuild_build + where + encryption_key is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_build_2.yaml.bak.bak b/queries/aws_codebuild_build_2.yaml.bak.bak new file mode 100755 index 000000000..b981965ad --- /dev/null +++ b/queries/aws_codebuild_build_2.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_codebuild_build_2 +Title: "List AWS CodeBuild Build details with encryption key" +Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + id, + encryption_key + from + aws_codebuild_build + where + encryption_key is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_build_3.yaml b/queries/aws_codebuild_build_3.yaml index ba67f9f5d..5cd648105 100755 --- a/queries/aws_codebuild_build_3.yaml +++ b/queries/aws_codebuild_build_3.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_build_3 Title: "Find completed builds of AWS CodeBuild projects" Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_build_3.yaml.bak b/queries/aws_codebuild_build_3.yaml.bak new file mode 100755 index 000000000..ba67f9f5d --- /dev/null +++ b/queries/aws_codebuild_build_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_codebuild_build_3 +Title: "Find completed builds of AWS CodeBuild projects" +Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + artifacts, + build_complete + from + aws_codebuild_build + where + build_complete; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_build_4.yaml b/queries/aws_codebuild_build_4.yaml index 0fe44ca0d..b041e7d97 100755 --- a/queries/aws_codebuild_build_4.yaml +++ b/queries/aws_codebuild_build_4.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_build_4 Title: "List all AWS CodeBuild projects' builds information" Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_build_4.yaml.bak b/queries/aws_codebuild_build_4.yaml.bak new file mode 100755 index 000000000..0fe44ca0d --- /dev/null +++ b/queries/aws_codebuild_build_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_codebuild_build_4 +Title: "List all AWS CodeBuild projects' builds information" +Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + vpc_config ->> 'SecurityGroupIds' as security_group_id, + vpc_config ->> 'Subnets' as subnets, + vpc_config ->> 'VpcId' as vpc_id + from + aws_codebuild_build; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_build_5.yaml b/queries/aws_codebuild_build_5.yaml index 7944ca20a..306fe5c97 100755 --- a/queries/aws_codebuild_build_5.yaml +++ b/queries/aws_codebuild_build_5.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_build_5 Title: "Find all AWS CodeBuild Build Project Details" Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_build_5.yaml.bak b/queries/aws_codebuild_build_5.yaml.bak new file mode 100755 index 000000000..7944ca20a --- /dev/null +++ b/queries/aws_codebuild_build_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_codebuild_build_5 +Title: "Find all AWS CodeBuild Build Project Details" +Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + artifacts ->> 'ArtifactIdentifier' as artifact_id, + artifacts ->> 'BucketOwnerAccess' as bucket_owner_access, + artifacts ->> 'EncryptionDisabled' as encryption_disabled, + artifacts ->> 'OverrideArtifactName' as override_artifact_name + from + aws_codebuild_build; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_build_6.yaml b/queries/aws_codebuild_build_6.yaml index 0cbfe9639..b5bd47b92 100755 --- a/queries/aws_codebuild_build_6.yaml +++ b/queries/aws_codebuild_build_6.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_build_6 Title: "Find AWS CodeBuild Build Information with SQL" Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_build_6.yaml.bak b/queries/aws_codebuild_build_6.yaml.bak new file mode 100755 index 000000000..0cbfe9639 --- /dev/null +++ b/queries/aws_codebuild_build_6.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_codebuild_build_6 +Title: "Find AWS CodeBuild Build Information with SQL" +Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + environment ->> 'Certificate' as environment_certificate, + environment ->> 'ComputeType' as environment_compute_type, + environment ->> 'EnvironmentVariables' as environment_variables, + environment ->> 'Image' as environment_image, + environment ->> 'ImagePullCredentialsType' as environment_image_pull_credentials_type, + environment ->> 'PrivilegedMode' as environment_privileged_mode, + environment ->> 'RegistryCredential' as environment_registry_credential, + environment ->> 'Type' as environment_type + from + aws_codebuild_build; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS CodeBuild diff --git a/queries/aws_codebuild_build_7.yaml b/queries/aws_codebuild_build_7.yaml index e78ad17be..c5d1f4d72 100755 --- a/queries/aws_codebuild_build_7.yaml +++ b/queries/aws_codebuild_build_7.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_build_7 Title: "Find AWS CodeBuild project builds using SQL" Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_build_7.yaml.bak b/queries/aws_codebuild_build_7.yaml.bak new file mode 100755 index 000000000..e78ad17be --- /dev/null +++ b/queries/aws_codebuild_build_7.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_codebuild_build_7 +Title: "Find AWS CodeBuild project builds using SQL" +Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + logs -> 'S3Logs' ->> 'Status' as s3_log_status, + logs -> 'S3Logs' ->> 'Location' as s3_log_location, + logs -> 'S3Logs' ->> 'BucketOwnerAccess' as s3_log_bucket_owner_access, + logs -> 'S3Logs' ->> 'EncryptionDisabled' as s3_log_encryption_disabled, + logs ->> 'DeepLink' as deep_link, + logs ->> 'GroupName' as group_name, + logs ->> 'S3LogsArn' as s3_logs_arn, + logs ->> 'S3DeepLink' as s3_deep_link, + logs ->> 'StreamName' as stream_name, + logs ->> 'CloudWatchLogsArn' as cloud_watch_logs_arn, + logs -> 'CloudWatchLogs' ->> 'Status' as cloud_watch_logs_status, + logs -> 'CloudWatchLogs' ->> 'GroupName' as cloud_watch_logs_group_name, + logs -> 'CloudWatchLogs' ->> 'StreamName' as cloud_watch_logs_stream_name + from + aws_codebuild_build; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_build_8.yaml b/queries/aws_codebuild_build_8.yaml index e596ec28f..897408ca0 100755 --- a/queries/aws_codebuild_build_8.yaml +++ b/queries/aws_codebuild_build_8.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_build_8 Title: "Find all AWS CodeBuild Build Information" Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_build_8.yaml.bak b/queries/aws_codebuild_build_8.yaml.bak new file mode 100755 index 000000000..e596ec28f --- /dev/null +++ b/queries/aws_codebuild_build_8.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_codebuild_build_8 +Title: "Find all AWS CodeBuild Build Information" +Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + network_interface ->> 'NetworkInterfaceId' as network_interface_id, + network_interface ->> 'SubnetId' as subnet_id, + from + aws_codebuild_build; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_build_9.yaml b/queries/aws_codebuild_build_9.yaml index 67bee01eb..0275581ad 100755 --- a/queries/aws_codebuild_build_9.yaml +++ b/queries/aws_codebuild_build_9.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_build_9 Title: "List AWS CodeBuild Build Phases and Durations" Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_build_9.yaml.bak b/queries/aws_codebuild_build_9.yaml.bak new file mode 100755 index 000000000..67bee01eb --- /dev/null +++ b/queries/aws_codebuild_build_9.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_codebuild_build_9 +Title: "List AWS CodeBuild Build Phases and Durations" +Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + p ->> 'EndTime' as end_time, + p ->> 'Contexts' as contexts, + p ->> 'PhaseType' as phase_type, + p ->> 'StartTime' as start_time, + p ->> 'DurationInSeconds' as duration_in_seconds, + p ->> 'PhaseStatus' as phase_status + from + aws_codebuild_build, + jsonb_array_elements(phases) as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_project_1.yaml b/queries/aws_codebuild_project_1.yaml index e060ecf1a..8e4cdca0f 100755 --- a/queries/aws_codebuild_project_1.yaml +++ b/queries/aws_codebuild_project_1.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_project_1 Title: "Find AWS CodeBuild Projects with Comprehensive Details" Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_project_1.yaml.bak b/queries/aws_codebuild_project_1.yaml.bak new file mode 100755 index 000000000..e060ecf1a --- /dev/null +++ b/queries/aws_codebuild_project_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_codebuild_project_1 +Title: "Find AWS CodeBuild Projects with Comprehensive Details" +Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + encryption_key, + concurrent_build_limit, + source_version, + service_role, + created, + last_modified, + region + from + aws_codebuild_project; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_project_2.yaml b/queries/aws_codebuild_project_2.yaml index 53ad1f461..0848e01bd 100755 --- a/queries/aws_codebuild_project_2.yaml +++ b/queries/aws_codebuild_project_2.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_project_2 Title: "List all AWS CodeBuild Projects and Details" Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_project_2.yaml.bak b/queries/aws_codebuild_project_2.yaml.bak new file mode 100755 index 000000000..53ad1f461 --- /dev/null +++ b/queries/aws_codebuild_project_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_codebuild_project_2 +Title: "List all AWS CodeBuild Projects and Details" +Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + source_version, + source ->> 'Auth' as auth, + source ->> 'BuildStatusConfig' as build_status_config, + source ->> 'Buildspec' as build_spec, + source ->> 'GitCloneDepth' as git_clone_depth, + source ->> 'GitSubmodulesConfig' as git_submodules_config, + source ->> 'InsecureSsl' as insecure_ssl, + source ->> 'Location' as location, + source ->> 'ReportBuildStatus' as report_build_status, + source ->> 'SourceIdentifier' as source_identifier, + source ->> 'Type' as type + from + aws_codebuild_project; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_project_3.yaml b/queries/aws_codebuild_project_3.yaml index 249c6d463..d3be8ae5a 100755 --- a/queries/aws_codebuild_project_3.yaml +++ b/queries/aws_codebuild_project_3.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_project_3 Title: "List all AWS CodeBuild Projects and their details" Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_project_3.yaml.bak b/queries/aws_codebuild_project_3.yaml.bak new file mode 100755 index 000000000..249c6d463 --- /dev/null +++ b/queries/aws_codebuild_project_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_codebuild_project_3 +Title: "List all AWS CodeBuild Projects and their details" +Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + vpc_config + from + aws_codebuild_project + where + vpc_config is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_project_4.yaml b/queries/aws_codebuild_project_4.yaml index 88d8e1a7f..13138fd33 100755 --- a/queries/aws_codebuild_project_4.yaml +++ b/queries/aws_codebuild_project_4.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_project_4 Title: "List all AWS CodeBuild Projects" Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_project_4.yaml.bak b/queries/aws_codebuild_project_4.yaml.bak new file mode 100755 index 000000000..88d8e1a7f --- /dev/null +++ b/queries/aws_codebuild_project_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_codebuild_project_4 +Title: "List all AWS CodeBuild Projects" +Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + logs_config -> 'CloudWatchLogs' ->> 'Status' as cloud_watch_logs_status, + logs_config -> 'S3Logs' ->> 'Status' as s3_logs_status + from + aws_codebuild_project + where + logs_config -> 'CloudWatchLogs' ->> 'Status' = 'DISABLED' + and logs_config -> 'S3Logs' ->> 'Status' = 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_project_5.yaml b/queries/aws_codebuild_project_5.yaml index f7c981bf9..d3aaad0b6 100755 --- a/queries/aws_codebuild_project_5.yaml +++ b/queries/aws_codebuild_project_5.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_project_5 Title: "List all AWS CodeBuild Projects with Private Visibility" Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_project_5.yaml.bak b/queries/aws_codebuild_project_5.yaml.bak new file mode 100755 index 000000000..f7c981bf9 --- /dev/null +++ b/queries/aws_codebuild_project_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_codebuild_project_5 +Title: "List all AWS CodeBuild Projects with Private Visibility" +Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + project_visibility + from + aws_codebuild_project + where + project_visibility = 'PRIVATE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_source_credential_1.yaml b/queries/aws_codebuild_source_credential_1.yaml index 3120a1c0a..39d7e4ac1 100755 --- a/queries/aws_codebuild_source_credential_1.yaml +++ b/queries/aws_codebuild_source_credential_1.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_source_credential_1 Title: "Find all AWS CodeBuild Source Credentials" Description: "Allows users to query AWS CodeBuild Source Credentials" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_source_credential_1.yaml.bak b/queries/aws_codebuild_source_credential_1.yaml.bak new file mode 100755 index 000000000..3120a1c0a --- /dev/null +++ b/queries/aws_codebuild_source_credential_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_codebuild_source_credential_1 +Title: "Find all AWS CodeBuild Source Credentials" +Description: "Allows users to query AWS CodeBuild Source Credentials" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + server_type, + auth_type, + region + from + aws_codebuild_source_credential; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codebuild_source_credential_2.yaml b/queries/aws_codebuild_source_credential_2.yaml index 367593ca2..48200f426 100755 --- a/queries/aws_codebuild_source_credential_2.yaml +++ b/queries/aws_codebuild_source_credential_2.yaml @@ -1,7 +1,7 @@ ID: aws_codebuild_source_credential_2 Title: "Find all AWS CodeBuild Source Credentials" Description: "Allows users to query AWS CodeBuild Source Credentials" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codebuild_source_credential_2.yaml.bak b/queries/aws_codebuild_source_credential_2.yaml.bak new file mode 100755 index 000000000..367593ca2 --- /dev/null +++ b/queries/aws_codebuild_source_credential_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_codebuild_source_credential_2 +Title: "Find all AWS CodeBuild Source Credentials" +Description: "Allows users to query AWS CodeBuild Source Credentials" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + p.arn as project_arn, + p.source ->> 'Location' as source_repository, + p.source ->> 'Type' as source_repository_type, + c.auth_type as authorization_type + from + aws_codebuild_project as p + join aws_codebuild_source_credential as c on (p.region = c.region and p.source ->> 'Type' = c.server_type) + where + p.source ->> 'Type' = 'GITHUB' + and c.auth_type = 'OAUTH'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeBuild diff --git a/queries/aws_codecommit_repository_1.yaml b/queries/aws_codecommit_repository_1.yaml index c865d6ae4..57771788c 100755 --- a/queries/aws_codecommit_repository_1.yaml +++ b/queries/aws_codecommit_repository_1.yaml @@ -1,7 +1,7 @@ ID: aws_codecommit_repository_1 Title: "List AWS CodeCommit Repositories with Details" Description: "Allows users to query AWS CodeCommit repositories and retrieve data such as repository name, ARN, description, clone URL, last modified date, and other related details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codecommit_repository_1.yaml.bak b/queries/aws_codecommit_repository_1.yaml.bak new file mode 100755 index 000000000..c865d6ae4 --- /dev/null +++ b/queries/aws_codecommit_repository_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_codecommit_repository_1 +Title: "List AWS CodeCommit Repositories with Details" +Description: "Allows users to query AWS CodeCommit repositories and retrieve data such as repository name, ARN, description, clone URL, last modified date, and other related details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + repository_id, + arn, + creation_date, + region + from + aws_codecommit_repository; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeCommit diff --git a/queries/aws_codedeploy_app_1.yaml b/queries/aws_codedeploy_app_1.yaml index 693f008c8..d08b60abb 100755 --- a/queries/aws_codedeploy_app_1.yaml +++ b/queries/aws_codedeploy_app_1.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_app_1 Title: "List AWS CodeDeploy Apps with Details" Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_app_1.yaml.bak b/queries/aws_codedeploy_app_1.yaml.bak new file mode 100755 index 000000000..d08b60abb --- /dev/null +++ b/queries/aws_codedeploy_app_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_codedeploy_app_1 +Title: "List AWS CodeDeploy Apps with Details" +Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + application_id, + application_name + compute_platform, + create_time, + region + from + aws_codedeploy_app; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_app_1.yaml.bak.bak b/queries/aws_codedeploy_app_1.yaml.bak.bak new file mode 100755 index 000000000..d08b60abb --- /dev/null +++ b/queries/aws_codedeploy_app_1.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_codedeploy_app_1 +Title: "List AWS CodeDeploy Apps with Details" +Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + application_id, + application_name + compute_platform, + create_time, + region + from + aws_codedeploy_app; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_app_2.yaml b/queries/aws_codedeploy_app_2.yaml index 562c91c2b..c4a9db7a4 100755 --- a/queries/aws_codedeploy_app_2.yaml +++ b/queries/aws_codedeploy_app_2.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_app_2 Title: "List all AWS CodeDeploy Applications and Deployment Groups" Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_app_2.yaml.bak b/queries/aws_codedeploy_app_2.yaml.bak new file mode 100755 index 000000000..562c91c2b --- /dev/null +++ b/queries/aws_codedeploy_app_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_codedeploy_app_2 +Title: "List all AWS CodeDeploy Applications and Deployment Groups" +Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + count(arn) as application_count, + compute_platform + from + aws_codedeploy_app + group by + compute_platform; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_app_3.yaml b/queries/aws_codedeploy_app_3.yaml index 95907e946..e94b31883 100755 --- a/queries/aws_codedeploy_app_3.yaml +++ b/queries/aws_codedeploy_app_3.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_app_3 Title: "List all AWS CodeDeploy Apps Linked to GitHub" Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_app_3.yaml.bak b/queries/aws_codedeploy_app_3.yaml.bak new file mode 100755 index 000000000..95907e946 --- /dev/null +++ b/queries/aws_codedeploy_app_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_codedeploy_app_3 +Title: "List all AWS CodeDeploy Apps Linked to GitHub" +Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + application_id, + compute_platform, + create_time, + github_account_name + from + aws_codedeploy_app + where + linked_to_github; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_config_1.yaml b/queries/aws_codedeploy_deployment_config_1.yaml index b8f252baa..1be37f7ee 100755 --- a/queries/aws_codedeploy_deployment_config_1.yaml +++ b/queries/aws_codedeploy_deployment_config_1.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_deployment_config_1 Title: "List AWS CodeDeploy Deployment Configs and Details" Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_deployment_config_1.yaml.bak b/queries/aws_codedeploy_deployment_config_1.yaml.bak new file mode 100755 index 000000000..b8f252baa --- /dev/null +++ b/queries/aws_codedeploy_deployment_config_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_codedeploy_deployment_config_1 +Title: "List AWS CodeDeploy Deployment Configs and Details" +Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + deployment_config_id, + deployment_config_name, + compute_platform, + create_time, + region + from + aws_codedeploy_deployment_config; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_config_2.yaml b/queries/aws_codedeploy_deployment_config_2.yaml index 5f2eb1d0c..36844a969 100755 --- a/queries/aws_codedeploy_deployment_config_2.yaml +++ b/queries/aws_codedeploy_deployment_config_2.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_deployment_config_2 Title: "List all AWS CodeDeploy Deployment Configurations" Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_deployment_config_2.yaml.bak b/queries/aws_codedeploy_deployment_config_2.yaml.bak new file mode 100755 index 000000000..5f2eb1d0c --- /dev/null +++ b/queries/aws_codedeploy_deployment_config_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_codedeploy_deployment_config_2 +Title: "List all AWS CodeDeploy Deployment Configurations" +Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + count(arn) as configuration_count, + compute_platform + from + aws_codedeploy_deployment_config + group by + compute_platform; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_config_3.yaml b/queries/aws_codedeploy_deployment_config_3.yaml index 6751dd81f..5b293f333 100755 --- a/queries/aws_codedeploy_deployment_config_3.yaml +++ b/queries/aws_codedeploy_deployment_config_3.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_deployment_config_3 Title: "List AWS CodeDeploy Deployment Configurations" Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_deployment_config_3.yaml.bak b/queries/aws_codedeploy_deployment_config_3.yaml.bak new file mode 100755 index 000000000..6751dd81f --- /dev/null +++ b/queries/aws_codedeploy_deployment_config_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_codedeploy_deployment_config_3 +Title: "List AWS CodeDeploy Deployment Configurations" +Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + deployment_config_id, + deployment_config_name + compute_platform, + create_time, + region + from + aws_codedeploy_deployment_config + where + create_time is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_config_4.yaml b/queries/aws_codedeploy_deployment_config_4.yaml index 90b9ae2c9..6e9394179 100755 --- a/queries/aws_codedeploy_deployment_config_4.yaml +++ b/queries/aws_codedeploy_deployment_config_4.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_deployment_config_4 Title: "List all AWS CodeDeploy Deployment Configurations" Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_deployment_config_4.yaml.bak b/queries/aws_codedeploy_deployment_config_4.yaml.bak new file mode 100755 index 000000000..90b9ae2c9 --- /dev/null +++ b/queries/aws_codedeploy_deployment_config_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_codedeploy_deployment_config_4 +Title: "List all AWS CodeDeploy Deployment Configurations" +Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + deployment_config_id, + deployment_config_name + compute_platform, + minimum_healthy_hosts ->> 'Type' as host_type, + minimum_healthy_hosts ->> 'Value' as host_value, + region + from + aws_codedeploy_deployment_config + where + create_time is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_config_5.yaml b/queries/aws_codedeploy_deployment_config_5.yaml index 16bd73b30..2e11e7136 100755 --- a/queries/aws_codedeploy_deployment_config_5.yaml +++ b/queries/aws_codedeploy_deployment_config_5.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_deployment_config_5 Title: "Find AWS CodeDeploy Deployment Configurations" Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_deployment_config_5.yaml.bak b/queries/aws_codedeploy_deployment_config_5.yaml.bak new file mode 100755 index 000000000..16bd73b30 --- /dev/null +++ b/queries/aws_codedeploy_deployment_config_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_codedeploy_deployment_config_5 +Title: "Find AWS CodeDeploy Deployment Configurations" +Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + deployment_config_id, + deployment_config_name, + traffic_routing_config -> 'TimeBasedCanary' ->> 'CanaryInterval' as canary_interval, + traffic_routing_config -> 'TimeBasedCanary' ->> 'CanaryPercentage' as canary_percentage + from + aws_codedeploy_deployment_config + where + traffic_routing_config ->> 'Type' = 'TimeBasedCanary'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_config_6.yaml b/queries/aws_codedeploy_deployment_config_6.yaml index e25de9ad5..2b17726e6 100755 --- a/queries/aws_codedeploy_deployment_config_6.yaml +++ b/queries/aws_codedeploy_deployment_config_6.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_deployment_config_6 Title: "Find AWS CodeDeploy deployment configurations" Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_deployment_config_6.yaml.bak b/queries/aws_codedeploy_deployment_config_6.yaml.bak new file mode 100755 index 000000000..e25de9ad5 --- /dev/null +++ b/queries/aws_codedeploy_deployment_config_6.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_codedeploy_deployment_config_6 +Title: "Find AWS CodeDeploy deployment configurations" +Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + deployment_config_id, + deployment_config_name, + traffic_routing_config -> 'TimeBasedLinear' ->> 'LinearInterval' as linear_interval, + traffic_routing_config -> 'TimeBasedLinear' ->> 'LinearPercentage' as linear_percentage + from + aws_codedeploy_deployment_config + where + traffic_routing_config ->> 'Type' = 'TimeBasedLinear'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_1.yaml b/queries/aws_codedeploy_deployment_group_1.yaml index a04e13bed..a1996f701 100755 --- a/queries/aws_codedeploy_deployment_group_1.yaml +++ b/queries/aws_codedeploy_deployment_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_deployment_group_1 Title: "Find AWS CodeDeploy Deployment Group Details" Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_deployment_group_1.yaml.bak b/queries/aws_codedeploy_deployment_group_1.yaml.bak new file mode 100755 index 000000000..a04e13bed --- /dev/null +++ b/queries/aws_codedeploy_deployment_group_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_codedeploy_deployment_group_1 +Title: "Find AWS CodeDeploy Deployment Group Details" +Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + deployment_group_id, + deployment_group_name, + application_name, + deployment_style, + region + from + aws_codedeploy_deployment_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_2.yaml b/queries/aws_codedeploy_deployment_group_2.yaml index ddd45c746..e975476e4 100755 --- a/queries/aws_codedeploy_deployment_group_2.yaml +++ b/queries/aws_codedeploy_deployment_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_deployment_group_2 Title: "List AWS CodeDeploy Deployment Group Details and Configurations" Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_deployment_group_2.yaml.bak b/queries/aws_codedeploy_deployment_group_2.yaml.bak new file mode 100755 index 000000000..ddd45c746 --- /dev/null +++ b/queries/aws_codedeploy_deployment_group_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_codedeploy_deployment_group_2 +Title: "List AWS CodeDeploy Deployment Group Details and Configurations" +Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + count(arn) as group_count, + compute_platform + from + aws_codedeploy_deployment_group + group by + compute_platform; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_3.yaml b/queries/aws_codedeploy_deployment_group_3.yaml index 9a3113d81..df495d522 100755 --- a/queries/aws_codedeploy_deployment_group_3.yaml +++ b/queries/aws_codedeploy_deployment_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_deployment_group_3 Title: "Find AWS CodeDeploy Deployment Group Details" Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_deployment_group_3.yaml.bak b/queries/aws_codedeploy_deployment_group_3.yaml.bak new file mode 100755 index 000000000..9a3113d81 --- /dev/null +++ b/queries/aws_codedeploy_deployment_group_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_codedeploy_deployment_group_3 +Title: "Find AWS CodeDeploy Deployment Group Details" +Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + deployment_group_id, + last_successful_deployment + from + aws_codedeploy_deployment_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_4.yaml b/queries/aws_codedeploy_deployment_group_4.yaml index 699a5799a..004618d1e 100755 --- a/queries/aws_codedeploy_deployment_group_4.yaml +++ b/queries/aws_codedeploy_deployment_group_4.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_deployment_group_4 Title: "List all AWS CodeDeploy Deployment Group Details" Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_deployment_group_4.yaml.bak b/queries/aws_codedeploy_deployment_group_4.yaml.bak new file mode 100755 index 000000000..699a5799a --- /dev/null +++ b/queries/aws_codedeploy_deployment_group_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_codedeploy_deployment_group_4 +Title: "List all AWS CodeDeploy Deployment Group Details" +Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + count(arn) as group_count, + deployment_style + from + aws_codedeploy_deployment_group + group by + deployment_style; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_5.yaml b/queries/aws_codedeploy_deployment_group_5.yaml index a5b796ec2..c32047a30 100755 --- a/queries/aws_codedeploy_deployment_group_5.yaml +++ b/queries/aws_codedeploy_deployment_group_5.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_deployment_group_5 Title: "Find AWS CodeDeploy Deployment Group Details including Alarms" Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_deployment_group_5.yaml.bak b/queries/aws_codedeploy_deployment_group_5.yaml.bak new file mode 100755 index 000000000..a5b796ec2 --- /dev/null +++ b/queries/aws_codedeploy_deployment_group_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_codedeploy_deployment_group_5 +Title: "Find AWS CodeDeploy Deployment Group Details including Alarms" +Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + deployment_group_id, + deployment_group_name, + auto_rollback_configuration ->> 'Enabled' as auto_rollback_configuration_enabled + from + aws_codedeploy_deployment_group + where + auto_rollback_configuration ->> 'Enabled' = 'true'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_6.yaml b/queries/aws_codedeploy_deployment_group_6.yaml index 49716759b..272f3275b 100755 --- a/queries/aws_codedeploy_deployment_group_6.yaml +++ b/queries/aws_codedeploy_deployment_group_6.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_deployment_group_6 Title: "Find AWS CodeDeploy Deployment Group Details" Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_deployment_group_6.yaml.bak b/queries/aws_codedeploy_deployment_group_6.yaml.bak new file mode 100755 index 000000000..272f3275b --- /dev/null +++ b/queries/aws_codedeploy_deployment_group_6.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_codedeploy_deployment_group_6 +Title: "Find AWS CodeDeploy Deployment Group Details" +Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn as group_arn, + deployment_group_id, + deployment_group_name, + auto_scaling_groups ->> 'Hook' as auto_scaling_group_hook, + auto_scaling_groups ->> 'Name' as auto_scaling_group_name + from + aws_codedeploy_deployment_group + where + application_name = 'abc' + and deployment_group_name = 'def'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_6.yaml.bak.bak b/queries/aws_codedeploy_deployment_group_6.yaml.bak.bak new file mode 100755 index 000000000..272f3275b --- /dev/null +++ b/queries/aws_codedeploy_deployment_group_6.yaml.bak.bak @@ -0,0 +1,31 @@ +ID: aws_codedeploy_deployment_group_6 +Title: "Find AWS CodeDeploy Deployment Group Details" +Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn as group_arn, + deployment_group_id, + deployment_group_name, + auto_scaling_groups ->> 'Hook' as auto_scaling_group_hook, + auto_scaling_groups ->> 'Name' as auto_scaling_group_name + from + aws_codedeploy_deployment_group + where + application_name = 'abc' + and deployment_group_name = 'def'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_7.yaml b/queries/aws_codedeploy_deployment_group_7.yaml index 1036ffa01..d8794c774 100755 --- a/queries/aws_codedeploy_deployment_group_7.yaml +++ b/queries/aws_codedeploy_deployment_group_7.yaml @@ -1,7 +1,7 @@ ID: aws_codedeploy_deployment_group_7 Title: "Find AWS CodeDeploy Deployment Groups with Alarm Configs" Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codedeploy_deployment_group_7.yaml.bak b/queries/aws_codedeploy_deployment_group_7.yaml.bak new file mode 100755 index 000000000..1036ffa01 --- /dev/null +++ b/queries/aws_codedeploy_deployment_group_7.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_codedeploy_deployment_group_7 +Title: "Find AWS CodeDeploy Deployment Groups with Alarm Configs" +Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + deployment_group_id, + deployment_group_name, + alarm_configuration ->> 'Enabled' as alarm_configuration_enabled + from + aws_codedeploy_deployment_group + where + alarm_configuration ->> 'Enabled' = 'true'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeDeploy diff --git a/queries/aws_codepipeline_pipeline_1.yaml b/queries/aws_codepipeline_pipeline_1.yaml index 35c1a81dc..55750b843 100755 --- a/queries/aws_codepipeline_pipeline_1.yaml +++ b/queries/aws_codepipeline_pipeline_1.yaml @@ -1,7 +1,7 @@ ID: aws_codepipeline_pipeline_1 Title: "List all AWS CodePipeline Pipeline Data" Description: "Allows users to query AWS CodePipeline Pipeline data, including pipeline names, statuses, stages, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codepipeline_pipeline_1.yaml.bak b/queries/aws_codepipeline_pipeline_1.yaml.bak new file mode 100755 index 000000000..35c1a81dc --- /dev/null +++ b/queries/aws_codepipeline_pipeline_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_codepipeline_pipeline_1 +Title: "List all AWS CodePipeline Pipeline Data" +Description: "Allows users to query AWS CodePipeline Pipeline data, including pipeline names, statuses, stages, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + tags_src, + region, + account_id + from + aws_codepipeline_pipeline; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - CodePipeline diff --git a/queries/aws_codepipeline_pipeline_2.yaml b/queries/aws_codepipeline_pipeline_2.yaml index 32f830c70..6c98b9a05 100755 --- a/queries/aws_codepipeline_pipeline_2.yaml +++ b/queries/aws_codepipeline_pipeline_2.yaml @@ -1,7 +1,7 @@ ID: aws_codepipeline_pipeline_2 Title: "List all AWS CodePipeline Pipelines and Metadata" Description: "Allows users to query AWS CodePipeline Pipeline data, including pipeline names, statuses, stages, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codepipeline_pipeline_2.yaml.bak b/queries/aws_codepipeline_pipeline_2.yaml.bak new file mode 100755 index 000000000..32f830c70 --- /dev/null +++ b/queries/aws_codepipeline_pipeline_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_codepipeline_pipeline_2 +Title: "List all AWS CodePipeline Pipelines and Metadata" +Description: "Allows users to query AWS CodePipeline Pipeline data, including pipeline names, statuses, stages, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + encryption_key + from + aws_codepipeline_pipeline + where + encryption_key is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS CodePipeline diff --git a/queries/aws_codestar_notification_rule_1.yaml b/queries/aws_codestar_notification_rule_1.yaml index 2988a9364..e55b2b1aa 100755 --- a/queries/aws_codestar_notification_rule_1.yaml +++ b/queries/aws_codestar_notification_rule_1.yaml @@ -1,7 +1,7 @@ ID: aws_codestar_notification_rule_1 Title: "Find all CodeStar notification rules in AWS using SQL" Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codestar_notification_rule_1.yaml.bak b/queries/aws_codestar_notification_rule_1.yaml.bak new file mode 100755 index 000000000..2988a9364 --- /dev/null +++ b/queries/aws_codestar_notification_rule_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_codestar_notification_rule_1 +Title: "Find all CodeStar notification rules in AWS using SQL" +Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + resource, + detail_type, + status + from + aws_codestar_notification_rule; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeStar diff --git a/queries/aws_codestar_notification_rule_2.yaml b/queries/aws_codestar_notification_rule_2.yaml index 9f9ced62d..4f8cda172 100755 --- a/queries/aws_codestar_notification_rule_2.yaml +++ b/queries/aws_codestar_notification_rule_2.yaml @@ -1,7 +1,7 @@ ID: aws_codestar_notification_rule_2 Title: "Find AWS CodeStar notification rules using SQL" Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codestar_notification_rule_2.yaml.bak b/queries/aws_codestar_notification_rule_2.yaml.bak new file mode 100755 index 000000000..9f9ced62d --- /dev/null +++ b/queries/aws_codestar_notification_rule_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_codestar_notification_rule_2 +Title: "Find AWS CodeStar notification rules using SQL" +Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + pipeline.name as pipeline, + notification_rule.name notification_rule, + notification_rule.status + from + aws_codepipeline_pipeline as pipeline + left join aws_codestar_notification_rule as notification_rule on pipeline.arn = notification_rule.resource; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeStar diff --git a/queries/aws_codestar_notification_rule_3.yaml b/queries/aws_codestar_notification_rule_3.yaml index daceea6a3..976b677e3 100755 --- a/queries/aws_codestar_notification_rule_3.yaml +++ b/queries/aws_codestar_notification_rule_3.yaml @@ -1,7 +1,7 @@ ID: aws_codestar_notification_rule_3 Title: "List all AWS CodeStar notification rules with no targets" Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codestar_notification_rule_3.yaml.bak b/queries/aws_codestar_notification_rule_3.yaml.bak new file mode 100755 index 000000000..daceea6a3 --- /dev/null +++ b/queries/aws_codestar_notification_rule_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_codestar_notification_rule_3 +Title: "List all AWS CodeStar notification rules with no targets" +Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name + from + aws_codestar_notification_rule + where + jsonb_array_length(targets) = 0; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeStar diff --git a/queries/aws_codestar_notification_rule_4.yaml b/queries/aws_codestar_notification_rule_4.yaml index d14783c2a..00981df8c 100755 --- a/queries/aws_codestar_notification_rule_4.yaml +++ b/queries/aws_codestar_notification_rule_4.yaml @@ -1,7 +1,7 @@ ID: aws_codestar_notification_rule_4 Title: "List all AWS CodeStar Notification Rules with Target Details" Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codestar_notification_rule_4.yaml.bak b/queries/aws_codestar_notification_rule_4.yaml.bak new file mode 100755 index 000000000..d14783c2a --- /dev/null +++ b/queries/aws_codestar_notification_rule_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_codestar_notification_rule_4 +Title: "List all AWS CodeStar Notification Rules with Target Details" +Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + notification_rule.name as notification_rule, + target ->> 'TargetType' as target_type, + topic.title as target_topic + from + aws_codestar_notification_rule as notification_rule cross + join jsonb_array_elements(notification_rule.targets) as target + left join aws_sns_topic as topic on target ->> 'TargetAddress' = topic.topic_arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeStar diff --git a/queries/aws_codestar_notification_rule_5.yaml b/queries/aws_codestar_notification_rule_5.yaml index d3ead873e..1eb394822 100755 --- a/queries/aws_codestar_notification_rule_5.yaml +++ b/queries/aws_codestar_notification_rule_5.yaml @@ -1,7 +1,7 @@ ID: aws_codestar_notification_rule_5 Title: "List AWS CodeStar Notification Rules with Targets" Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_codestar_notification_rule_5.yaml.bak b/queries/aws_codestar_notification_rule_5.yaml.bak new file mode 100755 index 000000000..d3ead873e --- /dev/null +++ b/queries/aws_codestar_notification_rule_5.yaml.bak @@ -0,0 +1,38 @@ +ID: aws_codestar_notification_rule_5 +Title: "List AWS CodeStar Notification Rules with Targets" +Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with rule_target as ( + select + arn, + target ->> 'TargetAddress' as target_address, + target ->> 'TargetStatus' as target_status, + target ->> 'TargetType' as target_type + from + aws_codestar_notification_rule cross + join jsonb_array_elements(targets) as target + ) + select + notification_rule.name as notification_rule, + rule_target.target_type, + topic.title as target_topic + from + aws_codestar_notification_rule as notification_rule + left join rule_target on rule_target.arn = notification_rule.arn + left join aws_sns_topic as topic on rule_target.target_address = topic.topic_arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CodeStar diff --git a/queries/aws_cognito_identity_pool_1.yaml b/queries/aws_cognito_identity_pool_1.yaml index 81abcf19c..97a0c3a6d 100755 --- a/queries/aws_cognito_identity_pool_1.yaml +++ b/queries/aws_cognito_identity_pool_1.yaml @@ -1,7 +1,7 @@ ID: aws_cognito_identity_pool_1 Title: "List AWS Cognito Identity Pools with Config and Roles" Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cognito_identity_pool_1.yaml.bak b/queries/aws_cognito_identity_pool_1.yaml.bak new file mode 100755 index 000000000..81abcf19c --- /dev/null +++ b/queries/aws_cognito_identity_pool_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cognito_identity_pool_1 +Title: "List AWS Cognito Identity Pools with Config and Roles" +Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + identity_pool_id, + identity_pool_name, + tags, + region, + account_id + from + aws_cognito_identity_pool; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Cognito diff --git a/queries/aws_cognito_identity_pool_2.yaml b/queries/aws_cognito_identity_pool_2.yaml index 22aca55ad..f3f237af1 100755 --- a/queries/aws_cognito_identity_pool_2.yaml +++ b/queries/aws_cognito_identity_pool_2.yaml @@ -1,7 +1,7 @@ ID: aws_cognito_identity_pool_2 Title: "List AWS Cognito Identity Pools and Their Configurations" Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cognito_identity_pool_2.yaml.bak b/queries/aws_cognito_identity_pool_2.yaml.bak new file mode 100755 index 000000000..22aca55ad --- /dev/null +++ b/queries/aws_cognito_identity_pool_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cognito_identity_pool_2 +Title: "List AWS Cognito Identity Pools and Their Configurations" +Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + identity_pool_id, + identity_pool_name, + allow_classic_flow + from + aws_cognito_identity_pool + where + allow_classic_flow; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Cognito diff --git a/queries/aws_cognito_identity_pool_3.yaml b/queries/aws_cognito_identity_pool_3.yaml index 38b7fea0d..fbead8229 100755 --- a/queries/aws_cognito_identity_pool_3.yaml +++ b/queries/aws_cognito_identity_pool_3.yaml @@ -1,7 +1,7 @@ ID: aws_cognito_identity_pool_3 Title: "List AWS Cognito Identity Pools and Configurations" Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cognito_identity_pool_3.yaml.bak b/queries/aws_cognito_identity_pool_3.yaml.bak new file mode 100755 index 000000000..38b7fea0d --- /dev/null +++ b/queries/aws_cognito_identity_pool_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cognito_identity_pool_3 +Title: "List AWS Cognito Identity Pools and Configurations" +Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + identity_pool_id, + identity_pool_name, + allow_classic_flow + from + aws_cognito_identity_pool + where + allow_unauthenticated_identities; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Cognito Identity Pools diff --git a/queries/aws_cognito_identity_pool_4.yaml b/queries/aws_cognito_identity_pool_4.yaml index 5d369a86a..a9c0385d1 100755 --- a/queries/aws_cognito_identity_pool_4.yaml +++ b/queries/aws_cognito_identity_pool_4.yaml @@ -1,7 +1,7 @@ ID: aws_cognito_identity_pool_4 Title: "List all AWS Cognito Identity Pools with Detailed Info" Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cognito_identity_pool_4.yaml.bak b/queries/aws_cognito_identity_pool_4.yaml.bak new file mode 100755 index 000000000..5d369a86a --- /dev/null +++ b/queries/aws_cognito_identity_pool_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cognito_identity_pool_4 +Title: "List all AWS Cognito Identity Pools with Detailed Info" +Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + identity_pool_id, + identity_pool_name, + allow_classic_flow, + cognito_identity_providers ->> 'ClientId' as identity_provider_client_id, + cognito_identity_providers ->> 'ProviderName' as identity_provider_name, + cognito_identity_providers ->> 'ServerSideTokenCheck' as server_side_token_enabled + from + aws_cognito_identity_pool + where + identity_pool_id = 'eu-west-3:e96205bf-1ef2-4fe6-a748-65e948673960'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Cognito Identity Pools diff --git a/queries/aws_cognito_identity_provider_1.yaml b/queries/aws_cognito_identity_provider_1.yaml index f0a040ac7..0863d3b33 100755 --- a/queries/aws_cognito_identity_provider_1.yaml +++ b/queries/aws_cognito_identity_provider_1.yaml @@ -1,7 +1,7 @@ ID: aws_cognito_identity_provider_1 Title: "Find AWS Cognito Identity Provider Configurations" Description: "Allows users to query AWS Cognito Identity Providers, providing essential details about the identity provider configurations within AWS Cognito User Pools." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cognito_identity_provider_1.yaml.bak b/queries/aws_cognito_identity_provider_1.yaml.bak new file mode 100755 index 000000000..f0a040ac7 --- /dev/null +++ b/queries/aws_cognito_identity_provider_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cognito_identity_provider_1 +Title: "Find AWS Cognito Identity Provider Configurations" +Description: "Allows users to query AWS Cognito Identity Providers, providing essential details about the identity provider configurations within AWS Cognito User Pools." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + provider_name, + user_pool_id, + region, + account_id + from + aws_cognito_identity_provider + where + user_pool_id = 'us-east-1_012345678'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Cognito diff --git a/queries/aws_cognito_identity_provider_2.yaml b/queries/aws_cognito_identity_provider_2.yaml index b0fb77744..7d571601b 100755 --- a/queries/aws_cognito_identity_provider_2.yaml +++ b/queries/aws_cognito_identity_provider_2.yaml @@ -1,7 +1,7 @@ ID: aws_cognito_identity_provider_2 Title: "Find AWS Cognito Identity Providers Using SQL" Description: "Allows users to query AWS Cognito Identity Providers, providing essential details about the identity provider configurations within AWS Cognito User Pools." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cognito_identity_provider_2.yaml.bak b/queries/aws_cognito_identity_provider_2.yaml.bak new file mode 100755 index 000000000..b0fb77744 --- /dev/null +++ b/queries/aws_cognito_identity_provider_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cognito_identity_provider_2 +Title: "Find AWS Cognito Identity Providers Using SQL" +Description: "Allows users to query AWS Cognito Identity Providers, providing essential details about the identity provider configurations within AWS Cognito User Pools." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + provider_name, + user_pool_id, + provider_details + from + aws_cognito_identity_provider + where + provider_type = 'Google' + and user_pool_id = 'us-east-1_012345678'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cognito diff --git a/queries/aws_cognito_user_pool_1.yaml b/queries/aws_cognito_user_pool_1.yaml index e36aece09..756587eee 100755 --- a/queries/aws_cognito_user_pool_1.yaml +++ b/queries/aws_cognito_user_pool_1.yaml @@ -1,7 +1,7 @@ ID: aws_cognito_user_pool_1 Title: "Find AWS Cognito User Pools and their configuration" Description: "Allows users to query AWS Cognito User Pools to fetch detailed information about each user pool, including the pool''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cognito_user_pool_1.yaml.bak b/queries/aws_cognito_user_pool_1.yaml.bak new file mode 100755 index 000000000..e36aece09 --- /dev/null +++ b/queries/aws_cognito_user_pool_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cognito_user_pool_1 +Title: "Find AWS Cognito User Pools and their configuration" +Description: "Allows users to query AWS Cognito User Pools to fetch detailed information about each user pool, including the pool''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + arn, + tags, + region, + account_id + from + aws_cognito_user_pool; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cognito User Pools diff --git a/queries/aws_cognito_user_pool_2.yaml b/queries/aws_cognito_user_pool_2.yaml index f04fda858..6b7b063c1 100755 --- a/queries/aws_cognito_user_pool_2.yaml +++ b/queries/aws_cognito_user_pool_2.yaml @@ -1,7 +1,7 @@ ID: aws_cognito_user_pool_2 Title: "List All AWS Cognito User Pools with MFA Configuration" Description: "Allows users to query AWS Cognito User Pools to fetch detailed information about each user pool, including the pool''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cognito_user_pool_2.yaml.bak b/queries/aws_cognito_user_pool_2.yaml.bak new file mode 100755 index 000000000..f04fda858 --- /dev/null +++ b/queries/aws_cognito_user_pool_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cognito_user_pool_2 +Title: "List All AWS Cognito User Pools with MFA Configuration" +Description: "Allows users to query AWS Cognito User Pools to fetch detailed information about each user pool, including the pool''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + mfa_configuration + from + aws_cognito_user_pool + where + mfa_configuration != 'OFF'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Cognito diff --git a/queries/aws_config_aggregate_authorization_1.yaml b/queries/aws_config_aggregate_authorization_1.yaml index 8847f1586..eb3728116 100755 --- a/queries/aws_config_aggregate_authorization_1.yaml +++ b/queries/aws_config_aggregate_authorization_1.yaml @@ -1,7 +1,7 @@ ID: aws_config_aggregate_authorization_1 Title: "Find AWS Config Aggregate Authorizations Info" Description: "Allows users to query AWS Config Aggregate Authorizations, providing vital information about AWS Config rules and their respective authorizations in an aggregated form." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_aggregate_authorization_1.yaml.bak b/queries/aws_config_aggregate_authorization_1.yaml.bak new file mode 100755 index 000000000..8847f1586 --- /dev/null +++ b/queries/aws_config_aggregate_authorization_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_config_aggregate_authorization_1 +Title: "Find AWS Config Aggregate Authorizations Info" +Description: "Allows users to query AWS Config Aggregate Authorizations, providing vital information about AWS Config rules and their respective authorizations in an aggregated form." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + authorized_account_id, + authorized_aws_region, + creation_time + from + aws_config_aggregate_authorization; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_configuration_recorder_1.yaml b/queries/aws_config_configuration_recorder_1.yaml index bf9e0dba4..cb9e85153 100755 --- a/queries/aws_config_configuration_recorder_1.yaml +++ b/queries/aws_config_configuration_recorder_1.yaml @@ -1,7 +1,7 @@ ID: aws_config_configuration_recorder_1 Title: "Find AWS Config Configuration Recorder using SQL" Description: "Allows users to query AWS Config Configuration Recorder" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_configuration_recorder_1.yaml.bak b/queries/aws_config_configuration_recorder_1.yaml.bak new file mode 100755 index 000000000..bf9e0dba4 --- /dev/null +++ b/queries/aws_config_configuration_recorder_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_config_configuration_recorder_1 +Title: "Find AWS Config Configuration Recorder using SQL" +Description: "Allows users to query AWS Config Configuration Recorder" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + role_arn, + status, + recording_group, + status_recording, + akas, + title + from + aws_config_configuration_recorder; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Config Configuration Recorder diff --git a/queries/aws_config_configuration_recorder_2.yaml b/queries/aws_config_configuration_recorder_2.yaml index 6336db0df..e84b0f39b 100755 --- a/queries/aws_config_configuration_recorder_2.yaml +++ b/queries/aws_config_configuration_recorder_2.yaml @@ -1,7 +1,7 @@ ID: aws_config_configuration_recorder_2 Title: "Find AWS Config Configuration Recorder Status" Description: "Allows users to query AWS Config Configuration Recorder" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_configuration_recorder_2.yaml.bak b/queries/aws_config_configuration_recorder_2.yaml.bak new file mode 100755 index 000000000..6336db0df --- /dev/null +++ b/queries/aws_config_configuration_recorder_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_config_configuration_recorder_2 +Title: "Find AWS Config Configuration Recorder Status" +Description: "Allows users to query AWS Config Configuration Recorder" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + role_arn, + status_recording, + title + from + aws_config_configuration_recorder + where + not status_recording; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_configuration_recorder_3.yaml b/queries/aws_config_configuration_recorder_3.yaml index f158236ab..c0b48ff97 100755 --- a/queries/aws_config_configuration_recorder_3.yaml +++ b/queries/aws_config_configuration_recorder_3.yaml @@ -1,7 +1,7 @@ ID: aws_config_configuration_recorder_3 Title: "Find all AWS Config Configuration Recorder using SQL" Description: "Allows users to query AWS Config Configuration Recorder" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_configuration_recorder_3.yaml.bak b/queries/aws_config_configuration_recorder_3.yaml.bak new file mode 100755 index 000000000..f158236ab --- /dev/null +++ b/queries/aws_config_configuration_recorder_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_config_configuration_recorder_3 +Title: "Find all AWS Config Configuration Recorder using SQL" +Description: "Allows users to query AWS Config Configuration Recorder" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + status ->> 'LastStatus' as last_status, + status ->> 'LastStatusChangeTime' as last_status_change_time, + status ->> 'LastErrorCode' as last_error_code, + status ->> 'LastErrorMessage' as last_error_message + from + aws_config_configuration_recorder + where + status ->> 'LastStatus' = 'FAILURE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_conformance_pack_1.yaml b/queries/aws_config_conformance_pack_1.yaml index d2e3eb264..2da34e187 100755 --- a/queries/aws_config_conformance_pack_1.yaml +++ b/queries/aws_config_conformance_pack_1.yaml @@ -1,7 +1,7 @@ ID: aws_config_conformance_pack_1 Title: "List all AWS Config Conformance Packs" Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_conformance_pack_1.yaml.bak b/queries/aws_config_conformance_pack_1.yaml.bak new file mode 100755 index 000000000..2da34e187 --- /dev/null +++ b/queries/aws_config_conformance_pack_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_config_conformance_pack_1 +Title: "List all AWS Config Conformance Packs" +Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + conformance_pack_id, + created_by, + last_update_requested_time, + title, + akas + from + aws_config_conformance_pack; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_conformance_pack_1.yaml.bak.bak b/queries/aws_config_conformance_pack_1.yaml.bak.bak new file mode 100755 index 000000000..2da34e187 --- /dev/null +++ b/queries/aws_config_conformance_pack_1.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_config_conformance_pack_1 +Title: "List all AWS Config Conformance Packs" +Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + conformance_pack_id, + created_by, + last_update_requested_time, + title, + akas + from + aws_config_conformance_pack; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_conformance_pack_2.yaml b/queries/aws_config_conformance_pack_2.yaml index fa1ab8f11..d5cb12971 100755 --- a/queries/aws_config_conformance_pack_2.yaml +++ b/queries/aws_config_conformance_pack_2.yaml @@ -1,7 +1,7 @@ ID: aws_config_conformance_pack_2 Title: "List all AWS Config Conformance Packs Info" Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_conformance_pack_2.yaml.bak b/queries/aws_config_conformance_pack_2.yaml.bak new file mode 100755 index 000000000..fa1ab8f11 --- /dev/null +++ b/queries/aws_config_conformance_pack_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_config_conformance_pack_2 +Title: "List all AWS Config Conformance Packs Info" +Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + conformance_pack_id, + delivery_s3_bucket, + delivery_s3_key_prefix + from + aws_config_conformance_pack; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_conformance_pack_3.yaml b/queries/aws_config_conformance_pack_3.yaml index 05987a513..4aa0280f0 100755 --- a/queries/aws_config_conformance_pack_3.yaml +++ b/queries/aws_config_conformance_pack_3.yaml @@ -1,7 +1,7 @@ ID: aws_config_conformance_pack_3 Title: "Find all AWS Config Conformance Packs and Parameters" Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_conformance_pack_3.yaml.bak b/queries/aws_config_conformance_pack_3.yaml.bak new file mode 100755 index 000000000..05987a513 --- /dev/null +++ b/queries/aws_config_conformance_pack_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_config_conformance_pack_3 +Title: "Find all AWS Config Conformance Packs and Parameters" +Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + inp ->> 'ParameterName' as parameter_name, + inp ->> 'ParameterValue' as parameter_value, + title, + akas + from + aws_config_conformance_pack, + jsonb_array_elements(input_parameters) as inp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_retention_configuration_1.yaml b/queries/aws_config_retention_configuration_1.yaml index ac7546f2c..69352c5a6 100755 --- a/queries/aws_config_retention_configuration_1.yaml +++ b/queries/aws_config_retention_configuration_1.yaml @@ -1,7 +1,7 @@ ID: aws_config_retention_configuration_1 Title: "List AWS Config Retention Configuration Details" Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_retention_configuration_1.yaml.bak b/queries/aws_config_retention_configuration_1.yaml.bak new file mode 100755 index 000000000..ac7546f2c --- /dev/null +++ b/queries/aws_config_retention_configuration_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_config_retention_configuration_1 +Title: "List AWS Config Retention Configuration Details" +Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + retention_period_in_days, + title, + region + from + aws_config_retention_configuration; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_retention_configuration_2.yaml b/queries/aws_config_retention_configuration_2.yaml index 24734f277..ea4030929 100755 --- a/queries/aws_config_retention_configuration_2.yaml +++ b/queries/aws_config_retention_configuration_2.yaml @@ -1,7 +1,7 @@ ID: aws_config_retention_configuration_2 Title: "Find AWS Config Retention Configuration Details" Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_retention_configuration_2.yaml.bak b/queries/aws_config_retention_configuration_2.yaml.bak new file mode 100755 index 000000000..24734f277 --- /dev/null +++ b/queries/aws_config_retention_configuration_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_config_retention_configuration_2 +Title: "Find AWS Config Retention Configuration Details" +Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + retention_period_in_days, + title + from + aws_config_retention_configuration + where + retention_period_in_days < 356; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_retention_configuration_3.yaml b/queries/aws_config_retention_configuration_3.yaml index 32cec67e6..66ebccd89 100755 --- a/queries/aws_config_retention_configuration_3.yaml +++ b/queries/aws_config_retention_configuration_3.yaml @@ -1,7 +1,7 @@ ID: aws_config_retention_configuration_3 Title: "Find AWS Config Retention Configuration Retention Period" Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_retention_configuration_3.yaml.bak b/queries/aws_config_retention_configuration_3.yaml.bak new file mode 100755 index 000000000..32cec67e6 --- /dev/null +++ b/queries/aws_config_retention_configuration_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_config_retention_configuration_3 +Title: "Find AWS Config Retention Configuration Retention Period" +Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + retention_period_in_days, + title, + region + from + aws_config_retention_configuration + where + region = 'us-east-1'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_retention_configuration_4.yaml b/queries/aws_config_retention_configuration_4.yaml index be8106577..ee057f341 100755 --- a/queries/aws_config_retention_configuration_4.yaml +++ b/queries/aws_config_retention_configuration_4.yaml @@ -1,7 +1,7 @@ ID: aws_config_retention_configuration_4 Title: "Find AWS Config Retention Configuration Using SQL" Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_retention_configuration_4.yaml.bak b/queries/aws_config_retention_configuration_4.yaml.bak new file mode 100755 index 000000000..be8106577 --- /dev/null +++ b/queries/aws_config_retention_configuration_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_config_retention_configuration_4 +Title: "Find AWS Config Retention Configuration Using SQL" +Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + c.title as configuration_recorder, + r.name as retention_configuration_name, + r.retention_period_in_days, + r.region + from + aws_config_retention_configuration as r + left join aws_config_configuration_recorder as c + on + r.region = c.region; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_rule_1.yaml b/queries/aws_config_rule_1.yaml index 58fbee4c6..54592b1ba 100755 --- a/queries/aws_config_rule_1.yaml +++ b/queries/aws_config_rule_1.yaml @@ -1,7 +1,7 @@ ID: aws_config_rule_1 Title: "List all AWS Config Rules with Details" Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_rule_1.yaml.bak b/queries/aws_config_rule_1.yaml.bak new file mode 100755 index 000000000..58fbee4c6 --- /dev/null +++ b/queries/aws_config_rule_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_config_rule_1 +Title: "List all AWS Config Rules with Details" +Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + rule_id, + arn, + rule_state, + created_by, + scope + from + aws_config_rule; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Config diff --git a/queries/aws_config_rule_2.yaml b/queries/aws_config_rule_2.yaml index 7c44c4120..c63d8dd81 100755 --- a/queries/aws_config_rule_2.yaml +++ b/queries/aws_config_rule_2.yaml @@ -1,7 +1,7 @@ ID: aws_config_rule_2 Title: "Find AWS Config Rules with Inactive Rule State" Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_rule_2.yaml.bak b/queries/aws_config_rule_2.yaml.bak new file mode 100755 index 000000000..7c44c4120 --- /dev/null +++ b/queries/aws_config_rule_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_config_rule_2 +Title: "Find AWS Config Rules with Inactive Rule State" +Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + rule_id, + arn, + rule_state + from + aws_config_rule + where + rule_state <> 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Config diff --git a/queries/aws_config_rule_3.yaml b/queries/aws_config_rule_3.yaml index 906f058a8..784c34441 100755 --- a/queries/aws_config_rule_3.yaml +++ b/queries/aws_config_rule_3.yaml @@ -1,7 +1,7 @@ ID: aws_config_rule_3 Title: "Find AWS Config Rules for S3 Buckets by Name" Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_rule_3.yaml.bak b/queries/aws_config_rule_3.yaml.bak new file mode 100755 index 000000000..906f058a8 --- /dev/null +++ b/queries/aws_config_rule_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_config_rule_3 +Title: "Find AWS Config Rules for S3 Buckets by Name" +Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + rule_id, + tags + from + aws_config_rule + where + name Like '%s3-bucket%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_rule_4.yaml b/queries/aws_config_rule_4.yaml index a4960ca5c..bcad9006d 100755 --- a/queries/aws_config_rule_4.yaml +++ b/queries/aws_config_rule_4.yaml @@ -1,7 +1,7 @@ ID: aws_config_rule_4 Title: "Find AWS Config Rule Info Including Compliance Status" Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_rule_4.yaml.bak b/queries/aws_config_rule_4.yaml.bak new file mode 100755 index 000000000..a4960ca5c --- /dev/null +++ b/queries/aws_config_rule_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_config_rule_4 +Title: "Find AWS Config Rule Info Including Compliance Status" +Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + jsonb_pretty(compliance_by_config_rule) as compliance_info + from + aws_config_rule + where + name = 'approved-amis-by-id'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_rule_5.yaml b/queries/aws_config_rule_5.yaml index e3bb5e002..7ad6603ea 100755 --- a/queries/aws_config_rule_5.yaml +++ b/queries/aws_config_rule_5.yaml @@ -1,7 +1,7 @@ ID: aws_config_rule_5 Title: "Find Config Rules in AWS with Compliance Status" Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_rule_5.yaml.bak b/queries/aws_config_rule_5.yaml.bak new file mode 100755 index 000000000..7ad6603ea --- /dev/null +++ b/queries/aws_config_rule_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_config_rule_5 +Title: "Find Config Rules in AWS with Compliance Status" +Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as config_rule_name, + compliance_status -> 'Compliance' -> 'ComplianceType' as compliance_type + from + aws_config_rule, + jsonb_array_elements(compliance_by_config_rule) as compliance_status; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_rule_5.yaml.bak.bak b/queries/aws_config_rule_5.yaml.bak.bak new file mode 100755 index 000000000..7ad6603ea --- /dev/null +++ b/queries/aws_config_rule_5.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_config_rule_5 +Title: "Find Config Rules in AWS with Compliance Status" +Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as config_rule_name, + compliance_status -> 'Compliance' -> 'ComplianceType' as compliance_type + from + aws_config_rule, + jsonb_array_elements(compliance_by_config_rule) as compliance_status; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Config diff --git a/queries/aws_config_rule_6.yaml b/queries/aws_config_rule_6.yaml index 73dd53291..75466eb58 100755 --- a/queries/aws_config_rule_6.yaml +++ b/queries/aws_config_rule_6.yaml @@ -1,7 +1,7 @@ ID: aws_config_rule_6 Title: "List all AWS Config Rules with Proactive Evaluation Mode" Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_config_rule_6.yaml.bak b/queries/aws_config_rule_6.yaml.bak new file mode 100755 index 000000000..73dd53291 --- /dev/null +++ b/queries/aws_config_rule_6.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_config_rule_6 +Title: "List all AWS Config Rules with Proactive Evaluation Mode" +Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as config_rule_name, + c ->> 'Mode' as evaluation_mode + from + aws_config_rule, + jsonb_array_elements(evaluation_modes) as c + where + c ->> 'Mode' = 'PROACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Config Rules diff --git a/queries/aws_cost_by_account_daily_1.yaml b/queries/aws_cost_by_account_daily_1.yaml index 9f2b9cb38..727235bcb 100755 --- a/queries/aws_cost_by_account_daily_1.yaml +++ b/queries/aws_cost_by_account_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_account_daily_1 Title: "Find AWS Cost and Usage By Account Daily" Description: "Allows users to query daily AWS costs by account. This table provides an overview of AWS usage and cost data for each AWS account on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_account_daily_1.yaml.bak b/queries/aws_cost_by_account_daily_1.yaml.bak new file mode 100755 index 000000000..9f2b9cb38 --- /dev/null +++ b/queries/aws_cost_by_account_daily_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_cost_by_account_daily_1 +Title: "Find AWS Cost and Usage By Account Daily" +Description: "Allows users to query daily AWS costs by account. This table provides an overview of AWS usage and cost data for each AWS account on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + linked_account_id, + period_start, + blended_cost_amount::numeric::money, + unblended_cost_amount::numeric::money, + amortized_cost_amount::numeric::money, + net_unblended_cost_amount::numeric::money, + net_amortized_cost_amount::numeric::money + from + aws_cost_by_account_daily + order by + linked_account_id, + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_account_daily_2.yaml b/queries/aws_cost_by_account_daily_2.yaml index 8d48ed3fd..feb10789e 100755 --- a/queries/aws_cost_by_account_daily_2.yaml +++ b/queries/aws_cost_by_account_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_account_daily_2 Title: "List AWS Daily Costs by Account Overview with SQL" Description: "Allows users to query daily AWS costs by account. This table provides an overview of AWS usage and cost data for each AWS account on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_account_daily_2.yaml.bak b/queries/aws_cost_by_account_daily_2.yaml.bak new file mode 100755 index 000000000..8d48ed3fd --- /dev/null +++ b/queries/aws_cost_by_account_daily_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cost_by_account_daily_2 +Title: "List AWS Daily Costs by Account Overview with SQL" +Description: "Allows users to query daily AWS costs by account. This table provides an overview of AWS usage and cost data for each AWS account on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + linked_account_id, + min(unblended_cost_amount)::numeric::money as min, + max(unblended_cost_amount)::numeric::money as max, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_account_daily + group by + linked_account_id + order by + linked_account_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cost Explorer diff --git a/queries/aws_cost_by_account_daily_3.yaml b/queries/aws_cost_by_account_daily_3.yaml index 816db5bee..1629e2de9 100755 --- a/queries/aws_cost_by_account_daily_3.yaml +++ b/queries/aws_cost_by_account_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_account_daily_3 Title: "Find Daily AWS Costs by Account" Description: "Allows users to query daily AWS costs by account. This table provides an overview of AWS usage and cost data for each AWS account on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_account_daily_3.yaml.bak b/queries/aws_cost_by_account_daily_3.yaml.bak new file mode 100755 index 000000000..816db5bee --- /dev/null +++ b/queries/aws_cost_by_account_daily_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cost_by_account_daily_3 +Title: "Find Daily AWS Costs by Account" +Description: "Allows users to query daily AWS costs by account. This table provides an overview of AWS usage and cost data for each AWS account on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with ranked_costs as ( + select + linked_account_id, + period_start, + unblended_cost_amount::numeric::money, + rank() over(partition by linked_account_id order by unblended_cost_amount desc) + from + aws_cost_by_account_daily + ) + select * from ranked_costs where rank <= 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_account_monthly_1.yaml b/queries/aws_cost_by_account_monthly_1.yaml index 7c7da0236..7f8c2d29b 100755 --- a/queries/aws_cost_by_account_monthly_1.yaml +++ b/queries/aws_cost_by_account_monthly_1.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_account_monthly_1 Title: "List AWS Monthly Costs Per Account Using AWS Cost Explorer" Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_account_monthly_1.yaml.bak b/queries/aws_cost_by_account_monthly_1.yaml.bak new file mode 100755 index 000000000..7c7da0236 --- /dev/null +++ b/queries/aws_cost_by_account_monthly_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cost_by_account_monthly_1 +Title: "List AWS Monthly Costs Per Account Using AWS Cost Explorer" +Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + linked_account_id, + period_start, + blended_cost_amount::numeric::money, + unblended_cost_amount::numeric::money, + amortized_cost_amount::numeric::money, + net_unblended_cost_amount::numeric::money, + net_amortized_cost_amount::numeric::money + from + aws_cost_by_account_monthly + order by + linked_account_id, + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cost Explorer diff --git a/queries/aws_cost_by_account_monthly_2.yaml b/queries/aws_cost_by_account_monthly_2.yaml index b558182c1..edafff324 100755 --- a/queries/aws_cost_by_account_monthly_2.yaml +++ b/queries/aws_cost_by_account_monthly_2.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_account_monthly_2 Title: "Find Monthly AWS Costs Per Account" Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_account_monthly_2.yaml.bak b/queries/aws_cost_by_account_monthly_2.yaml.bak new file mode 100755 index 000000000..b558182c1 --- /dev/null +++ b/queries/aws_cost_by_account_monthly_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cost_by_account_monthly_2 +Title: "Find Monthly AWS Costs Per Account" +Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + linked_account_id, + min(unblended_cost_amount)::numeric::money as min, + max(unblended_cost_amount)::numeric::money as max, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_account_monthly + group by + linked_account_id + order by + linked_account_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_account_monthly_3.yaml b/queries/aws_cost_by_account_monthly_3.yaml index 1e5bd2ad9..78a04f1bc 100755 --- a/queries/aws_cost_by_account_monthly_3.yaml +++ b/queries/aws_cost_by_account_monthly_3.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_account_monthly_3 Title: "List all Monthly AWS Costs Per Account" Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_account_monthly_3.yaml.bak b/queries/aws_cost_by_account_monthly_3.yaml.bak new file mode 100755 index 000000000..1e5bd2ad9 --- /dev/null +++ b/queries/aws_cost_by_account_monthly_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cost_by_account_monthly_3 +Title: "List all Monthly AWS Costs Per Account" +Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + linked_account_id, + period_start, + unblended_cost_amount::numeric::money, + rank() over(partition by linked_account_id order by unblended_cost_amount desc) + from + aws_cost_by_account_monthly; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer Service diff --git a/queries/aws_cost_by_account_monthly_4.yaml b/queries/aws_cost_by_account_monthly_4.yaml index 1abb85bc0..99cae2cb2 100755 --- a/queries/aws_cost_by_account_monthly_4.yaml +++ b/queries/aws_cost_by_account_monthly_4.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_account_monthly_4 Title: "Find AWS Monthly Cost Per Account for Management" Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_account_monthly_4.yaml.bak b/queries/aws_cost_by_account_monthly_4.yaml.bak new file mode 100755 index 000000000..1abb85bc0 --- /dev/null +++ b/queries/aws_cost_by_account_monthly_4.yaml.bak @@ -0,0 +1,40 @@ +ID: aws_cost_by_account_monthly_4 +Title: "Find AWS Monthly Cost Per Account for Management" +Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with cost_data as ( + select + linked_account_id, + period_start, + unblended_cost_amount as this_month, + lag(unblended_cost_amount,-1) over(partition by linked_account_id order by period_start desc) as previous_month + from + aws_cost_by_account_monthly + ) + select + linked_account_id, + period_start, + this_month::numeric::money, + previous_month::numeric::money, + round((100 * ( (this_month - previous_month) / previous_month))::numeric, 2) as percent_change + from + cost_data + order by + linked_account_id, + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_record_type_daily_1.yaml b/queries/aws_cost_by_record_type_daily_1.yaml index 5475316fa..0b805d12d 100755 --- a/queries/aws_cost_by_record_type_daily_1.yaml +++ b/queries/aws_cost_by_record_type_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_record_type_daily_1 Title: "List Daily AWS Cost Data by Record Type" Description: "Allows users to query daily AWS cost data by record type. This table provides information about AWS costs incurred per record type on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_record_type_daily_1.yaml.bak b/queries/aws_cost_by_record_type_daily_1.yaml.bak new file mode 100755 index 000000000..5475316fa --- /dev/null +++ b/queries/aws_cost_by_record_type_daily_1.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cost_by_record_type_daily_1 +Title: "List Daily AWS Cost Data by Record Type" +Description: "Allows users to query daily AWS cost data by record type. This table provides information about AWS costs incurred per record type on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + linked_account_id, + record_type, + period_start, + blended_cost_amount::numeric::money, + unblended_cost_amount::numeric::money, + amortized_cost_amount::numeric::money, + net_unblended_cost_amount::numeric::money, + net_amortized_cost_amount::numeric::money + from + aws_cost_by_record_type_daily + order by + linked_account_id, + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cost and Usage Report diff --git a/queries/aws_cost_by_record_type_daily_2.yaml b/queries/aws_cost_by_record_type_daily_2.yaml index 61599000f..f0dfa419e 100755 --- a/queries/aws_cost_by_record_type_daily_2.yaml +++ b/queries/aws_cost_by_record_type_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_record_type_daily_2 Title: "List all AWS costs by record type on a daily basis" Description: "Allows users to query daily AWS cost data by record type. This table provides information about AWS costs incurred per record type on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_record_type_daily_2.yaml.bak b/queries/aws_cost_by_record_type_daily_2.yaml.bak new file mode 100755 index 000000000..61599000f --- /dev/null +++ b/queries/aws_cost_by_record_type_daily_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_cost_by_record_type_daily_2 +Title: "List all AWS costs by record type on a daily basis" +Description: "Allows users to query daily AWS cost data by record type. This table provides information about AWS costs incurred per record type on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + linked_account_id, + record_type, + min(unblended_cost_amount)::numeric::money as min, + max(unblended_cost_amount)::numeric::money as max, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_record_type_daily + group by + linked_account_id, + record_type + order by + linked_account_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost and Usage Report diff --git a/queries/aws_cost_by_record_type_daily_3.yaml b/queries/aws_cost_by_record_type_daily_3.yaml index 5f6aac779..36cb321d4 100755 --- a/queries/aws_cost_by_record_type_daily_3.yaml +++ b/queries/aws_cost_by_record_type_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_record_type_daily_3 Title: "List All Daily AWS Costs by Record Type" Description: "Allows users to query daily AWS cost data by record type. This table provides information about AWS costs incurred per record type on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_record_type_daily_3.yaml.bak b/queries/aws_cost_by_record_type_daily_3.yaml.bak new file mode 100755 index 000000000..5f6aac779 --- /dev/null +++ b/queries/aws_cost_by_record_type_daily_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cost_by_record_type_daily_3 +Title: "List All Daily AWS Costs by Record Type" +Description: "Allows users to query daily AWS cost data by record type. This table provides information about AWS costs incurred per record type on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with ranked_costs as ( + select + linked_account_id, + record_type, + period_start, + unblended_cost_amount::numeric::money, + rank() over(partition by linked_account_id, record_type order by unblended_cost_amount desc) + from + aws_cost_by_record_type_daily + ) + select * from ranked_costs where rank <= 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost and Usage Report diff --git a/queries/aws_cost_by_record_type_monthly_1.yaml b/queries/aws_cost_by_record_type_monthly_1.yaml index a8c833e0d..5ef3071dc 100755 --- a/queries/aws_cost_by_record_type_monthly_1.yaml +++ b/queries/aws_cost_by_record_type_monthly_1.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_record_type_monthly_1 Title: "Find AWS Cost and Usage Report Records Monthly" Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_record_type_monthly_1.yaml.bak b/queries/aws_cost_by_record_type_monthly_1.yaml.bak new file mode 100755 index 000000000..a8c833e0d --- /dev/null +++ b/queries/aws_cost_by_record_type_monthly_1.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cost_by_record_type_monthly_1 +Title: "Find AWS Cost and Usage Report Records Monthly" +Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + linked_account_id, + record_type, + period_start, + blended_cost_amount::numeric::money, + unblended_cost_amount::numeric::money, + amortized_cost_amount::numeric::money, + net_unblended_cost_amount::numeric::money, + net_amortized_cost_amount::numeric::money + from + aws_cost_by_record_type_monthly + order by + linked_account_id, + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost and Usage Report diff --git a/queries/aws_cost_by_record_type_monthly_2.yaml b/queries/aws_cost_by_record_type_monthly_2.yaml index 505ede410..563ea6226 100755 --- a/queries/aws_cost_by_record_type_monthly_2.yaml +++ b/queries/aws_cost_by_record_type_monthly_2.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_record_type_monthly_2 Title: "Find AWS Monthly Cost and Usage Report Records" Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_record_type_monthly_2.yaml.bak b/queries/aws_cost_by_record_type_monthly_2.yaml.bak new file mode 100755 index 000000000..505ede410 --- /dev/null +++ b/queries/aws_cost_by_record_type_monthly_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_cost_by_record_type_monthly_2 +Title: "Find AWS Monthly Cost and Usage Report Records" +Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + linked_account_id, + record_type, + min(unblended_cost_amount)::numeric::money as min, + max(unblended_cost_amount)::numeric::money as max, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_record_type_monthly + group by + linked_account_id, + record_type + order by + linked_account_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost and Usage Report diff --git a/queries/aws_cost_by_record_type_monthly_3.yaml b/queries/aws_cost_by_record_type_monthly_3.yaml index 32e371379..15af52a83 100755 --- a/queries/aws_cost_by_record_type_monthly_3.yaml +++ b/queries/aws_cost_by_record_type_monthly_3.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_record_type_monthly_3 Title: "List AWS Cost and Usage Report Records Monthly" Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_record_type_monthly_3.yaml.bak b/queries/aws_cost_by_record_type_monthly_3.yaml.bak new file mode 100755 index 000000000..15af52a83 --- /dev/null +++ b/queries/aws_cost_by_record_type_monthly_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cost_by_record_type_monthly_3 +Title: "List AWS Cost and Usage Report Records Monthly" +Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + linked_account_id, + record_type, + period_start, + unblended_cost_amount::numeric::money, + rank() over(partition by linked_account_id, record_type order by unblended_cost_amount desc) + from + aws_cost_by_record_type_monthly; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost and Usage Report diff --git a/queries/aws_cost_by_record_type_monthly_3.yaml.bak.bak b/queries/aws_cost_by_record_type_monthly_3.yaml.bak.bak new file mode 100755 index 000000000..15af52a83 --- /dev/null +++ b/queries/aws_cost_by_record_type_monthly_3.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_cost_by_record_type_monthly_3 +Title: "List AWS Cost and Usage Report Records Monthly" +Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + linked_account_id, + record_type, + period_start, + unblended_cost_amount::numeric::money, + rank() over(partition by linked_account_id, record_type order by unblended_cost_amount desc) + from + aws_cost_by_record_type_monthly; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost and Usage Report diff --git a/queries/aws_cost_by_service_daily_1.yaml b/queries/aws_cost_by_service_daily_1.yaml index 0947167ab..89b61dce7 100755 --- a/queries/aws_cost_by_service_daily_1.yaml +++ b/queries/aws_cost_by_service_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_daily_1 Title: "List all Daily AWS Costs by Service" Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_daily_1.yaml.bak b/queries/aws_cost_by_service_daily_1.yaml.bak new file mode 100755 index 000000000..0947167ab --- /dev/null +++ b/queries/aws_cost_by_service_daily_1.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_cost_by_service_daily_1 +Title: "List all Daily AWS Costs by Service" +Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + period_start, + blended_cost_amount::numeric::money, + unblended_cost_amount::numeric::money, + amortized_cost_amount::numeric::money, + net_unblended_cost_amount::numeric::money, + net_amortized_cost_amount::numeric::money + from + aws_cost_by_service_daily + order by + service, + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_service_daily_2.yaml b/queries/aws_cost_by_service_daily_2.yaml index 76a36b5e3..16801aaab 100755 --- a/queries/aws_cost_by_service_daily_2.yaml +++ b/queries/aws_cost_by_service_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_daily_2 Title: "List AWS Cost Explorer Daily Service Cost Breakdown" Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_daily_2.yaml.bak b/queries/aws_cost_by_service_daily_2.yaml.bak new file mode 100755 index 000000000..76a36b5e3 --- /dev/null +++ b/queries/aws_cost_by_service_daily_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cost_by_service_daily_2 +Title: "List AWS Cost Explorer Daily Service Cost Breakdown" +Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + min(unblended_cost_amount)::numeric::money as min, + max(unblended_cost_amount)::numeric::money as max, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_service_daily + group by + service + order by + service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cost Explorer diff --git a/queries/aws_cost_by_service_daily_3.yaml b/queries/aws_cost_by_service_daily_3.yaml index 8fb24e022..7ed0cd757 100755 --- a/queries/aws_cost_by_service_daily_3.yaml +++ b/queries/aws_cost_by_service_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_daily_3 Title: "Find daily cost breakdown by AWS service" Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_daily_3.yaml.bak b/queries/aws_cost_by_service_daily_3.yaml.bak new file mode 100755 index 000000000..8fb24e022 --- /dev/null +++ b/queries/aws_cost_by_service_daily_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_cost_by_service_daily_3 +Title: "Find daily cost breakdown by AWS service" +Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + sum(unblended_cost_amount)::numeric::money as sum, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_service_daily + group by + service + order by + average desc + limit 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cost Explorer diff --git a/queries/aws_cost_by_service_daily_4.yaml b/queries/aws_cost_by_service_daily_4.yaml index b34a308ed..de8908a04 100755 --- a/queries/aws_cost_by_service_daily_4.yaml +++ b/queries/aws_cost_by_service_daily_4.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_daily_4 Title: "List all AWS Cost Breakdown by Service" Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_daily_4.yaml.bak b/queries/aws_cost_by_service_daily_4.yaml.bak new file mode 100755 index 000000000..b34a308ed --- /dev/null +++ b/queries/aws_cost_by_service_daily_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cost_by_service_daily_4 +Title: "List all AWS Cost Breakdown by Service" +Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + sum(unblended_cost_amount)::numeric::money as sum, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_service_daily + group by + service + order by + sum desc + limit 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_service_daily_5.yaml b/queries/aws_cost_by_service_daily_5.yaml index 7502fb40e..8a6d1377e 100755 --- a/queries/aws_cost_by_service_daily_5.yaml +++ b/queries/aws_cost_by_service_daily_5.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_daily_5 Title: "Find Top 10 AWS Daily Costs by Service" Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_daily_5.yaml.bak b/queries/aws_cost_by_service_daily_5.yaml.bak new file mode 100755 index 000000000..8a6d1377e --- /dev/null +++ b/queries/aws_cost_by_service_daily_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_cost_by_service_daily_5 +Title: "Find Top 10 AWS Daily Costs by Service" +Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with ranked_costs as ( + select + service, + period_start, + unblended_cost_amount::numeric::money, + rank() over(partition by service order by unblended_cost_amount desc) + from + aws_cost_by_service_daily + ) + select * from ranked_costs where rank <= 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_service_daily_5.yaml.bak.bak b/queries/aws_cost_by_service_daily_5.yaml.bak.bak new file mode 100755 index 000000000..8a6d1377e --- /dev/null +++ b/queries/aws_cost_by_service_daily_5.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_cost_by_service_daily_5 +Title: "Find Top 10 AWS Daily Costs by Service" +Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with ranked_costs as ( + select + service, + period_start, + unblended_cost_amount::numeric::money, + rank() over(partition by service order by unblended_cost_amount desc) + from + aws_cost_by_service_daily + ) + select * from ranked_costs where rank <= 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_service_monthly_1.yaml b/queries/aws_cost_by_service_monthly_1.yaml index 7ffc5f257..ce6bbfd04 100755 --- a/queries/aws_cost_by_service_monthly_1.yaml +++ b/queries/aws_cost_by_service_monthly_1.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_monthly_1 Title: "List AWS monthly cost breakdown by service" Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_monthly_1.yaml.bak b/queries/aws_cost_by_service_monthly_1.yaml.bak new file mode 100755 index 000000000..7ffc5f257 --- /dev/null +++ b/queries/aws_cost_by_service_monthly_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_cost_by_service_monthly_1 +Title: "List AWS monthly cost breakdown by service" +Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + period_start, + blended_cost_amount::numeric::money, + unblended_cost_amount::numeric::money, + amortized_cost_amount::numeric::money, + net_unblended_cost_amount::numeric::money, + net_amortized_cost_amount::numeric::money + from + aws_cost_by_service_monthly + order by + service, + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cost Explorer Service diff --git a/queries/aws_cost_by_service_monthly_2.yaml b/queries/aws_cost_by_service_monthly_2.yaml index e2a5fd65e..2a06ec47c 100755 --- a/queries/aws_cost_by_service_monthly_2.yaml +++ b/queries/aws_cost_by_service_monthly_2.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_monthly_2 Title: "List AWS Monthly Cost Breakdown by Service" Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_monthly_2.yaml.bak b/queries/aws_cost_by_service_monthly_2.yaml.bak new file mode 100755 index 000000000..e2a5fd65e --- /dev/null +++ b/queries/aws_cost_by_service_monthly_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cost_by_service_monthly_2 +Title: "List AWS Monthly Cost Breakdown by Service" +Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + min(unblended_cost_amount)::numeric::money as min, + max(unblended_cost_amount)::numeric::money as max, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_service_monthly + group by + service + order by + service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cost Explorer diff --git a/queries/aws_cost_by_service_monthly_3.yaml b/queries/aws_cost_by_service_monthly_3.yaml index 5e195d04c..907771a14 100755 --- a/queries/aws_cost_by_service_monthly_3.yaml +++ b/queries/aws_cost_by_service_monthly_3.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_monthly_3 Title: "Find AWS Monthly Cost Breakdown by Service" Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_monthly_3.yaml.bak b/queries/aws_cost_by_service_monthly_3.yaml.bak new file mode 100755 index 000000000..5e195d04c --- /dev/null +++ b/queries/aws_cost_by_service_monthly_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cost_by_service_monthly_3 +Title: "Find AWS Monthly Cost Breakdown by Service" +Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + sum(unblended_cost_amount)::numeric::money as sum, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_service_monthly + group by + service + order by + average desc + limit 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cost Explorer Service diff --git a/queries/aws_cost_by_service_monthly_4.yaml b/queries/aws_cost_by_service_monthly_4.yaml index a8600680d..47888b211 100755 --- a/queries/aws_cost_by_service_monthly_4.yaml +++ b/queries/aws_cost_by_service_monthly_4.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_monthly_4 Title: "List all AWS monthly cost breakdown by service" Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_monthly_4.yaml.bak b/queries/aws_cost_by_service_monthly_4.yaml.bak new file mode 100755 index 000000000..a8600680d --- /dev/null +++ b/queries/aws_cost_by_service_monthly_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_cost_by_service_monthly_4 +Title: "List all AWS monthly cost breakdown by service" +Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + sum(unblended_cost_amount)::numeric::money as sum, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_service_monthly + group by + service + order by + sum desc + limit 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_service_monthly_5.yaml b/queries/aws_cost_by_service_monthly_5.yaml index c32250e92..2f487204f 100755 --- a/queries/aws_cost_by_service_monthly_5.yaml +++ b/queries/aws_cost_by_service_monthly_5.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_monthly_5 Title: "List all AWS monthly cost breakdowns by service" Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_monthly_5.yaml.bak b/queries/aws_cost_by_service_monthly_5.yaml.bak new file mode 100755 index 000000000..c32250e92 --- /dev/null +++ b/queries/aws_cost_by_service_monthly_5.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_cost_by_service_monthly_5 +Title: "List all AWS monthly cost breakdowns by service" +Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with ranked_costs as ( + select + service, + period_start, + unblended_cost_amount::numeric::money, + rank() over(partition by service order by unblended_cost_amount desc) + from + aws_cost_by_service_monthly + ) + select * from ranked_costs where rank = 1; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_service_monthly_6.yaml b/queries/aws_cost_by_service_monthly_6.yaml index 2aa509637..cfe8fce76 100755 --- a/queries/aws_cost_by_service_monthly_6.yaml +++ b/queries/aws_cost_by_service_monthly_6.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_monthly_6 Title: "List AWS Monthly Cost Breakdown by Service" Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_monthly_6.yaml.bak b/queries/aws_cost_by_service_monthly_6.yaml.bak new file mode 100755 index 000000000..2aa509637 --- /dev/null +++ b/queries/aws_cost_by_service_monthly_6.yaml.bak @@ -0,0 +1,42 @@ +ID: aws_cost_by_service_monthly_6 +Title: "List AWS Monthly Cost Breakdown by Service" +Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with cost_data as ( + select + service, + period_start, + unblended_cost_amount as this_month, + lag(unblended_cost_amount,-1) over(partition by service order by period_start desc) as previous_month + from + aws_cost_by_service_monthly + ) + select + service, + period_start, + this_month::numeric::money, + previous_month::numeric::money, + case + when previous_month = 0 and this_month = 0 then 0 + when previous_month = 0 then 999 + else round((100 * ( (this_month - previous_month) / previous_month))::numeric, 2) + end as percent_change + from + cost_data + order by + service, + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cost Explorer diff --git a/queries/aws_cost_by_service_usage_type_daily_1.yaml b/queries/aws_cost_by_service_usage_type_daily_1.yaml index 323ca048c..89826ccce 100755 --- a/queries/aws_cost_by_service_usage_type_daily_1.yaml +++ b/queries/aws_cost_by_service_usage_type_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_usage_type_daily_1 Title: "Find daily AWS Cost Explorer Service usage and costs" Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_usage_type_daily_1.yaml.bak b/queries/aws_cost_by_service_usage_type_daily_1.yaml.bak new file mode 100755 index 000000000..323ca048c --- /dev/null +++ b/queries/aws_cost_by_service_usage_type_daily_1.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cost_by_service_usage_type_daily_1 +Title: "Find daily AWS Cost Explorer Service usage and costs" +Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + usage_type, + period_start, + blended_cost_amount::numeric::money, + unblended_cost_amount::numeric::money, + amortized_cost_amount::numeric::money, + net_unblended_cost_amount::numeric::money, + net_amortized_cost_amount::numeric::money + from + aws_cost_by_service_usage_type_daily + order by + service, + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_service_usage_type_daily_2.yaml b/queries/aws_cost_by_service_usage_type_daily_2.yaml index e485bed6d..1737333ca 100755 --- a/queries/aws_cost_by_service_usage_type_daily_2.yaml +++ b/queries/aws_cost_by_service_usage_type_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_usage_type_daily_2 Title: "List all AWS service usage and costs by usage type" Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_usage_type_daily_2.yaml.bak b/queries/aws_cost_by_service_usage_type_daily_2.yaml.bak new file mode 100755 index 000000000..e485bed6d --- /dev/null +++ b/queries/aws_cost_by_service_usage_type_daily_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cost_by_service_usage_type_daily_2 +Title: "List all AWS service usage and costs by usage type" +Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + usage_type, + min(unblended_cost_amount)::numeric::money as min, + max(unblended_cost_amount)::numeric::money as max, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_service_usage_type_daily + group by + service, + usage_type + order by + service, + usage_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer Service diff --git a/queries/aws_cost_by_service_usage_type_daily_3.yaml b/queries/aws_cost_by_service_usage_type_daily_3.yaml index a0aba2e7a..ba58deccc 100755 --- a/queries/aws_cost_by_service_usage_type_daily_3.yaml +++ b/queries/aws_cost_by_service_usage_type_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_usage_type_daily_3 Title: "" Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_usage_type_daily_3.yaml.bak b/queries/aws_cost_by_service_usage_type_daily_3.yaml.bak new file mode 100755 index 000000000..a0aba2e7a --- /dev/null +++ b/queries/aws_cost_by_service_usage_type_daily_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_cost_by_service_usage_type_daily_3 +Title: "" +Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + usage_type, + sum(unblended_cost_amount)::numeric::money as sum, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_service_usage_type_daily + group by + service, + usage_type + order by + average desc + limit 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: {} diff --git a/queries/aws_cost_by_service_usage_type_daily_4.yaml b/queries/aws_cost_by_service_usage_type_daily_4.yaml index cf2d556fc..15cf40c64 100755 --- a/queries/aws_cost_by_service_usage_type_daily_4.yaml +++ b/queries/aws_cost_by_service_usage_type_daily_4.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_usage_type_daily_4 Title: "List AWS Daily Service Usage and Costs" Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_usage_type_daily_4.yaml.bak b/queries/aws_cost_by_service_usage_type_daily_4.yaml.bak new file mode 100755 index 000000000..cf2d556fc --- /dev/null +++ b/queries/aws_cost_by_service_usage_type_daily_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cost_by_service_usage_type_daily_4 +Title: "List AWS Daily Service Usage and Costs" +Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + usage_type, + sum(unblended_cost_amount)::numeric::money as sum, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_service_usage_type_daily + group by + service, + usage_type + order by + sum desc + limit 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_service_usage_type_monthly_1.yaml b/queries/aws_cost_by_service_usage_type_monthly_1.yaml index 4e38b4cbc..90212e231 100755 --- a/queries/aws_cost_by_service_usage_type_monthly_1.yaml +++ b/queries/aws_cost_by_service_usage_type_monthly_1.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_usage_type_monthly_1 Title: "Find AWS Monthly Cost by Service and Usage Type" Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_usage_type_monthly_1.yaml.bak b/queries/aws_cost_by_service_usage_type_monthly_1.yaml.bak new file mode 100755 index 000000000..4e38b4cbc --- /dev/null +++ b/queries/aws_cost_by_service_usage_type_monthly_1.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cost_by_service_usage_type_monthly_1 +Title: "Find AWS Monthly Cost by Service and Usage Type" +Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + usage_type, + period_start, + blended_cost_amount::numeric::money, + unblended_cost_amount::numeric::money, + amortized_cost_amount::numeric::money, + net_unblended_cost_amount::numeric::money, + net_amortized_cost_amount::numeric::money + from + aws_cost_by_service_usage_type_monthly + order by + service, + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_service_usage_type_monthly_2.yaml b/queries/aws_cost_by_service_usage_type_monthly_2.yaml index 3a4414c8b..db83f3d94 100755 --- a/queries/aws_cost_by_service_usage_type_monthly_2.yaml +++ b/queries/aws_cost_by_service_usage_type_monthly_2.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_usage_type_monthly_2 Title: "Query AWS Cost Explorer for Service & Usage Monthly" Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_usage_type_monthly_2.yaml.bak b/queries/aws_cost_by_service_usage_type_monthly_2.yaml.bak new file mode 100755 index 000000000..3a4414c8b --- /dev/null +++ b/queries/aws_cost_by_service_usage_type_monthly_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cost_by_service_usage_type_monthly_2 +Title: "Query AWS Cost Explorer for Service & Usage Monthly" +Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + usage_type, + min(unblended_cost_amount)::numeric::money as min, + max(unblended_cost_amount)::numeric::money as max, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_service_usage_type_monthly + group by + service, + usage_type + order by + service, + usage_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cost Explorer diff --git a/queries/aws_cost_by_service_usage_type_monthly_3.yaml b/queries/aws_cost_by_service_usage_type_monthly_3.yaml index fd67268a8..3a693c136 100755 --- a/queries/aws_cost_by_service_usage_type_monthly_3.yaml +++ b/queries/aws_cost_by_service_usage_type_monthly_3.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_usage_type_monthly_3 Title: "Find AWS Cost by Service and Usage Type Monthly" Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_usage_type_monthly_3.yaml.bak b/queries/aws_cost_by_service_usage_type_monthly_3.yaml.bak new file mode 100755 index 000000000..fd67268a8 --- /dev/null +++ b/queries/aws_cost_by_service_usage_type_monthly_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_cost_by_service_usage_type_monthly_3 +Title: "Find AWS Cost by Service and Usage Type Monthly" +Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + usage_type, + sum(unblended_cost_amount)::numeric::money as sum, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_service_usage_type_monthly + group by + service, + usage_type + order by + average desc + limit 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_service_usage_type_monthly_4.yaml b/queries/aws_cost_by_service_usage_type_monthly_4.yaml index 960d8b3c7..0d2cce471 100755 --- a/queries/aws_cost_by_service_usage_type_monthly_4.yaml +++ b/queries/aws_cost_by_service_usage_type_monthly_4.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_service_usage_type_monthly_4 Title: "List all AWS Cost per Service and Usage Type Monthly" Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_service_usage_type_monthly_4.yaml.bak b/queries/aws_cost_by_service_usage_type_monthly_4.yaml.bak new file mode 100755 index 000000000..960d8b3c7 --- /dev/null +++ b/queries/aws_cost_by_service_usage_type_monthly_4.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_cost_by_service_usage_type_monthly_4 +Title: "List all AWS Cost per Service and Usage Type Monthly" +Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + usage_type, + sum(unblended_cost_amount)::numeric::money as sum, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_service_usage_type_monthly + group by + service, + usage_type + order by + sum desc + limit 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_by_tag_1.yaml b/queries/aws_cost_by_tag_1.yaml index 9396024c8..2b0c7b800 100755 --- a/queries/aws_cost_by_tag_1.yaml +++ b/queries/aws_cost_by_tag_1.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_tag_1 Title: "Find all AWS Cost Allocation Tags and Associated Costs" Description: "Allows users to query AWS Cost Explorer to obtain cost allocation tags and associated costs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_tag_1.yaml.bak b/queries/aws_cost_by_tag_1.yaml.bak new file mode 100755 index 000000000..9396024c8 --- /dev/null +++ b/queries/aws_cost_by_tag_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_cost_by_tag_1 +Title: "Find all AWS Cost Allocation Tags and Associated Costs" +Description: "Allows users to query AWS Cost Explorer to obtain cost allocation tags and associated costs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + tag_key_1, + tag_value_1, + period_start, + blended_cost_amount::numeric::money, + unblended_cost_amount::numeric::money, + amortized_cost_amount::numeric::money, + net_unblended_cost_amount::numeric::money, + net_amortized_cost_amount::numeric::money + from + aws_cost_by_tag + where + granularity = 'DAILY' + and + tag_key_1 = 'Name'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: {} diff --git a/queries/aws_cost_by_tag_2.yaml b/queries/aws_cost_by_tag_2.yaml index 04eceb94b..df111b1e8 100755 --- a/queries/aws_cost_by_tag_2.yaml +++ b/queries/aws_cost_by_tag_2.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_tag_2 Title: "Find AWS Cost Explorer Tag Allocations and Costs" Description: "Allows users to query AWS Cost Explorer to obtain cost allocation tags and associated costs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_tag_2.yaml.bak b/queries/aws_cost_by_tag_2.yaml.bak new file mode 100755 index 000000000..04eceb94b --- /dev/null +++ b/queries/aws_cost_by_tag_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_cost_by_tag_2 +Title: "Find AWS Cost Explorer Tag Allocations and Costs" +Description: "Allows users to query AWS Cost Explorer to obtain cost allocation tags and associated costs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + tag_key_1, + tag_value_1, + min(unblended_cost_amount)::numeric::money as min, + max(unblended_cost_amount)::numeric::money as max, + avg(unblended_cost_amount)::numeric::money as average + from + aws_cost_by_tag + where + granularity = 'DAILY' + and + tag_key_1 = 'Name' + group by + tag_key_1, tag_value_1; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws diff --git a/queries/aws_cost_by_tag_3.yaml b/queries/aws_cost_by_tag_3.yaml index 52437182a..a786db215 100755 --- a/queries/aws_cost_by_tag_3.yaml +++ b/queries/aws_cost_by_tag_3.yaml @@ -1,7 +1,7 @@ ID: aws_cost_by_tag_3 Title: "List Top 10 AWS Costs by Tag Using SQL" Description: "Allows users to query AWS Cost Explorer to obtain cost allocation tags and associated costs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_by_tag_3.yaml.bak b/queries/aws_cost_by_tag_3.yaml.bak new file mode 100755 index 000000000..52437182a --- /dev/null +++ b/queries/aws_cost_by_tag_3.yaml.bak @@ -0,0 +1,42 @@ +ID: aws_cost_by_tag_3 +Title: "List Top 10 AWS Costs by Tag Using SQL" +Description: "Allows users to query AWS Cost Explorer to obtain cost allocation tags and associated costs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with ranked_costs as + ( + select + tag_key_1, + tag_value_1, + period_start, + unblended_cost_amount::numeric::money, + rank() over(partition by tag_key_1 + order by + unblended_cost_amount desc) + from + aws_cost_by_tag + where + granularity = 'DAILY' + and tag_key_1 = 'Name' + ) + select + * + from + ranked_costs + where + rank <= 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_forecast_daily_1.yaml b/queries/aws_cost_forecast_daily_1.yaml index 06f052a59..8ef665623 100755 --- a/queries/aws_cost_forecast_daily_1.yaml +++ b/queries/aws_cost_forecast_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_cost_forecast_daily_1 Title: "Find Daily Cost Forecast Insights with AWS Cost Explorer" Description: "Allows users to query AWS Cost Explorer''s daily cost forecast data, providing insights into projected daily costs based on historical data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_forecast_daily_1.yaml.bak b/queries/aws_cost_forecast_daily_1.yaml.bak new file mode 100755 index 000000000..06f052a59 --- /dev/null +++ b/queries/aws_cost_forecast_daily_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_cost_forecast_daily_1 +Title: "Find Daily Cost Forecast Insights with AWS Cost Explorer" +Description: "Allows users to query AWS Cost Explorer''s daily cost forecast data, providing insights into projected daily costs based on historical data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + period_start, + period_end, + mean_value::numeric::money + from + aws_cost_forecast_daily + order by + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cost Explorer diff --git a/queries/aws_cost_forecast_monthly_1.yaml b/queries/aws_cost_forecast_monthly_1.yaml index c05005675..7f763b890 100755 --- a/queries/aws_cost_forecast_monthly_1.yaml +++ b/queries/aws_cost_forecast_monthly_1.yaml @@ -1,7 +1,7 @@ ID: aws_cost_forecast_monthly_1 Title: "Find Cost Forecasts in AWS Cost Explorer for Monthly Costs" Description: "Allows users to query Cost Forecasts in AWS Cost Explorer for monthly cost predictions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_forecast_monthly_1.yaml.bak b/queries/aws_cost_forecast_monthly_1.yaml.bak new file mode 100755 index 000000000..c05005675 --- /dev/null +++ b/queries/aws_cost_forecast_monthly_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_cost_forecast_monthly_1 +Title: "Find Cost Forecasts in AWS Cost Explorer for Monthly Costs" +Description: "Allows users to query Cost Forecasts in AWS Cost Explorer for monthly cost predictions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + period_start, + period_end, + mean_value::numeric::money + from + aws_cost_forecast_monthly + order by + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_forecast_monthly_2.yaml b/queries/aws_cost_forecast_monthly_2.yaml index 0f7888c52..01d6e5375 100755 --- a/queries/aws_cost_forecast_monthly_2.yaml +++ b/queries/aws_cost_forecast_monthly_2.yaml @@ -1,7 +1,7 @@ ID: aws_cost_forecast_monthly_2 Title: "List AWS Monthly Cost Forecasts using SQL" Description: "Allows users to query Cost Forecasts in AWS Cost Explorer for monthly cost predictions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_forecast_monthly_2.yaml.bak b/queries/aws_cost_forecast_monthly_2.yaml.bak new file mode 100755 index 000000000..0f7888c52 --- /dev/null +++ b/queries/aws_cost_forecast_monthly_2.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_cost_forecast_monthly_2 +Title: "List AWS Monthly Cost Forecasts using SQL" +Description: "Allows users to query Cost Forecasts in AWS Cost Explorer for monthly cost predictions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with cost_data as ( + select + period_start, + mean_value as this_month, + lag(mean_value,-1) over(order by period_start desc) as previous_month + from + aws_cost_forecast_monthly + ) + select + period_start, + this_month::numeric::money, + previous_month::numeric::money, + case + when previous_month = 0 and this_month = 0 then 0 + when previous_month = 0 then 999 + else round((100 * ( (this_month - previous_month) / previous_month))::numeric, 2) + end as percent_change + from + cost_data + order by + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_usage_1.yaml b/queries/aws_cost_usage_1.yaml index 4923edd67..77359c9e7 100755 --- a/queries/aws_cost_usage_1.yaml +++ b/queries/aws_cost_usage_1.yaml @@ -1,7 +1,7 @@ ID: aws_cost_usage_1 Title: "Find AWS Cost Explorer Service Cost and Usage Data" Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_usage_1.yaml.bak b/queries/aws_cost_usage_1.yaml.bak new file mode 100755 index 000000000..4923edd67 --- /dev/null +++ b/queries/aws_cost_usage_1.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cost_usage_1 +Title: "Find AWS Cost Explorer Service Cost and Usage Data" +Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + period_start, + dimension_1 as account_id, + dimension_2 as service_name, + net_unblended_cost_amount::numeric::money + from + aws_cost_usage + where + granularity = 'MONTHLY' + and dimension_type_1 = 'LINKED_ACCOUNT' + and dimension_type_2 = 'SERVICE' + order by + dimension_1, + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer Service diff --git a/queries/aws_cost_usage_2.yaml b/queries/aws_cost_usage_2.yaml index ab3962b35..a2f7f8e9a 100755 --- a/queries/aws_cost_usage_2.yaml +++ b/queries/aws_cost_usage_2.yaml @@ -1,7 +1,7 @@ ID: aws_cost_usage_2 Title: "List Top 5 AWS Cost and Usage Data" Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_usage_2.yaml.bak b/queries/aws_cost_usage_2.yaml.bak new file mode 100755 index 000000000..ab3962b35 --- /dev/null +++ b/queries/aws_cost_usage_2.yaml.bak @@ -0,0 +1,42 @@ +ID: aws_cost_usage_2 +Title: "List Top 5 AWS Cost and Usage Data" +Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with ranked_costs as ( + select + dimension_1 as account_id, + dimension_2 as service_name, + sum(net_unblended_cost_amount)::numeric::money as net_unblended_cost, + rank() over(partition by dimension_1 order by sum(net_unblended_cost_amount) desc) + from + aws_cost_usage + where + granularity = 'MONTHLY' + and dimension_type_1 = 'LINKED_ACCOUNT' + and dimension_type_2 = 'SERVICE' + group by + dimension_1, + dimension_2 + order by + dimension_1, + net_unblended_cost desc + ) + select * from ranked_costs where rank <=5 + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer diff --git a/queries/aws_cost_usage_3.yaml b/queries/aws_cost_usage_3.yaml index 1da41ea08..7e37f99d3 100755 --- a/queries/aws_cost_usage_3.yaml +++ b/queries/aws_cost_usage_3.yaml @@ -1,7 +1,7 @@ ID: aws_cost_usage_3 Title: "Find All AWS Monthly Cost and Usage Data" Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_usage_3.yaml.bak b/queries/aws_cost_usage_3.yaml.bak new file mode 100755 index 000000000..1da41ea08 --- /dev/null +++ b/queries/aws_cost_usage_3.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_cost_usage_3 +Title: "Find All AWS Monthly Cost and Usage Data" +Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + period_start, + dimension_1 as account_id, + dimension_2 as record_type, + net_unblended_cost_amount::numeric::money + from + aws_cost_usage + where + granularity = 'MONTHLY' + and dimension_type_1 = 'LINKED_ACCOUNT' + and dimension_type_2 = 'RECORD_TYPE' + order by + dimension_1, + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cost Explorer diff --git a/queries/aws_cost_usage_4.yaml b/queries/aws_cost_usage_4.yaml index 91c98e436..4c802c235 100755 --- a/queries/aws_cost_usage_4.yaml +++ b/queries/aws_cost_usage_4.yaml @@ -1,7 +1,7 @@ ID: aws_cost_usage_4 Title: "List all AWS Cost and Usage Data from Cost Explorer Service" Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_cost_usage_4.yaml.bak b/queries/aws_cost_usage_4.yaml.bak new file mode 100755 index 000000000..91c98e436 --- /dev/null +++ b/queries/aws_cost_usage_4.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_cost_usage_4 +Title: "List all AWS Cost and Usage Data from Cost Explorer Service" +Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + period_start, + dimension_1 as account_id, + dimension_2 as record_type, + net_unblended_cost_amount::numeric::money + from + aws_cost_usage + where + granularity = 'MONTHLY' + and dimension_type_1 = 'LINKED_ACCOUNT' + and dimension_type_2 = 'RECORD_TYPE' + and dimension_2 in ('DiscountedUsage', 'Credit') + order by + dimension_1, + period_start; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cost Explorer Service diff --git a/queries/aws_dax_cluster_1.yaml b/queries/aws_dax_cluster_1.yaml index 33aa16dc5..307b2ae55 100755 --- a/queries/aws_dax_cluster_1.yaml +++ b/queries/aws_dax_cluster_1.yaml @@ -1,7 +1,7 @@ ID: aws_dax_cluster_1 Title: "List all AWS DAX Clusters with Configuration Details" Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dax_cluster_1.yaml.bak b/queries/aws_dax_cluster_1.yaml.bak new file mode 100755 index 000000000..33aa16dc5 --- /dev/null +++ b/queries/aws_dax_cluster_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_dax_cluster_1 +Title: "List all AWS DAX Clusters with Configuration Details" +Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + description, + active_nodes, + iam_role_arn, + status, + region + from + aws_dax_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DAX diff --git a/queries/aws_dax_cluster_2.yaml b/queries/aws_dax_cluster_2.yaml index 65fe5acef..7df48e644 100755 --- a/queries/aws_dax_cluster_2.yaml +++ b/queries/aws_dax_cluster_2.yaml @@ -1,7 +1,7 @@ ID: aws_dax_cluster_2 Title: "List all AWS DAX Clusters and Their Configurations" Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dax_cluster_2.yaml.bak b/queries/aws_dax_cluster_2.yaml.bak new file mode 100755 index 000000000..65fe5acef --- /dev/null +++ b/queries/aws_dax_cluster_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_dax_cluster_2 +Title: "List all AWS DAX Clusters and Their Configurations" +Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + description, + sse_description ->> 'Status' as sse_status + from + aws_dax_cluster + where + sse_description ->> 'Status' = 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DAX diff --git a/queries/aws_dax_cluster_3.yaml b/queries/aws_dax_cluster_3.yaml index 4e176d9c0..2a26eef59 100755 --- a/queries/aws_dax_cluster_3.yaml +++ b/queries/aws_dax_cluster_3.yaml @@ -1,7 +1,7 @@ ID: aws_dax_cluster_3 Title: "List all AWS DAX Clusters with Configuration and Status" Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dax_cluster_3.yaml.bak b/queries/aws_dax_cluster_3.yaml.bak new file mode 100755 index 000000000..4e176d9c0 --- /dev/null +++ b/queries/aws_dax_cluster_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_dax_cluster_3 +Title: "List all AWS DAX Clusters with Configuration and Status" +Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + node_type, + count(*) as count + from + aws_dax_cluster + where + node_type not in ('cache.m5.large', 'cache.m4.4xlarge') + group by + cluster_name, node_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DAX diff --git a/queries/aws_dax_cluster_4.yaml b/queries/aws_dax_cluster_4.yaml index 378d57d5b..8ff4b873e 100755 --- a/queries/aws_dax_cluster_4.yaml +++ b/queries/aws_dax_cluster_4.yaml @@ -1,7 +1,7 @@ ID: aws_dax_cluster_4 Title: "Find AWS DAX Cluster Configurations and Status" Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dax_cluster_4.yaml.bak b/queries/aws_dax_cluster_4.yaml.bak new file mode 100755 index 000000000..8ff4b873e --- /dev/null +++ b/queries/aws_dax_cluster_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_dax_cluster_4 +Title: "Find AWS DAX Cluster Configurations and Status" +Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + subnet_group, + sg ->> 'SecurityGroupIdentifier' as sg_id, + n ->> 'AvailabilityZone' as az_name, + cluster_discovery_endpoint ->> 'Address' as cluster_discovery_endpoint_address, + cluster_discovery_endpoint ->> 'Port' as cluster_discovery_endpoint_port + from + aws_dax_cluster, + jsonb_array_elements(security_groups) as sg, + jsonb_array_elements(nodes) as n; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DAX diff --git a/queries/aws_dax_cluster_4.yaml.bak.bak b/queries/aws_dax_cluster_4.yaml.bak.bak new file mode 100755 index 000000000..8ff4b873e --- /dev/null +++ b/queries/aws_dax_cluster_4.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_dax_cluster_4 +Title: "Find AWS DAX Cluster Configurations and Status" +Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + subnet_group, + sg ->> 'SecurityGroupIdentifier' as sg_id, + n ->> 'AvailabilityZone' as az_name, + cluster_discovery_endpoint ->> 'Address' as cluster_discovery_endpoint_address, + cluster_discovery_endpoint ->> 'Port' as cluster_discovery_endpoint_port + from + aws_dax_cluster, + jsonb_array_elements(security_groups) as sg, + jsonb_array_elements(nodes) as n; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DAX diff --git a/queries/aws_dax_parameter_1.yaml b/queries/aws_dax_parameter_1.yaml index 8f5dcf9bb..854674211 100755 --- a/queries/aws_dax_parameter_1.yaml +++ b/queries/aws_dax_parameter_1.yaml @@ -1,7 +1,7 @@ ID: aws_dax_parameter_1 Title: "Find AWS DAX Parameter Groups Configuration Settings" Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dax_parameter_1.yaml.bak b/queries/aws_dax_parameter_1.yaml.bak new file mode 100755 index 000000000..8f5dcf9bb --- /dev/null +++ b/queries/aws_dax_parameter_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_dax_parameter_1 +Title: "Find AWS DAX Parameter Groups Configuration Settings" +Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + parameter_name, + parameter_group_name, + parameter_value, + data_type, + parameter_type + from + aws_dax_parameter; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DAX diff --git a/queries/aws_dax_parameter_2.yaml b/queries/aws_dax_parameter_2.yaml index aa88f90d5..fa28cdd2e 100755 --- a/queries/aws_dax_parameter_2.yaml +++ b/queries/aws_dax_parameter_2.yaml @@ -1,7 +1,7 @@ ID: aws_dax_parameter_2 Title: "List AWS DAX Parameter Groups and Their Settings" Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dax_parameter_2.yaml.bak b/queries/aws_dax_parameter_2.yaml.bak new file mode 100755 index 000000000..fa28cdd2e --- /dev/null +++ b/queries/aws_dax_parameter_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_dax_parameter_2 +Title: "List AWS DAX Parameter Groups and Their Settings" +Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + parameter_group_name, + region, + count(parameter_name) as number_of_parameters + from + aws_dax_parameter + group by + parameter_group_name, + region; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DAX diff --git a/queries/aws_dax_parameter_2.yaml.bak.bak b/queries/aws_dax_parameter_2.yaml.bak.bak new file mode 100755 index 000000000..fa28cdd2e --- /dev/null +++ b/queries/aws_dax_parameter_2.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_dax_parameter_2 +Title: "List AWS DAX Parameter Groups and Their Settings" +Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + parameter_group_name, + region, + count(parameter_name) as number_of_parameters + from + aws_dax_parameter + group by + parameter_group_name, + region; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DAX diff --git a/queries/aws_dax_parameter_3.yaml b/queries/aws_dax_parameter_3.yaml index 49cd8a901..c7038cc89 100755 --- a/queries/aws_dax_parameter_3.yaml +++ b/queries/aws_dax_parameter_3.yaml @@ -1,7 +1,7 @@ ID: aws_dax_parameter_3 Title: "List All DAX Parameter Groups and Configurations in AWS" Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dax_parameter_3.yaml.bak b/queries/aws_dax_parameter_3.yaml.bak new file mode 100755 index 000000000..49cd8a901 --- /dev/null +++ b/queries/aws_dax_parameter_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_dax_parameter_3 +Title: "List All DAX Parameter Groups and Configurations in AWS" +Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + parameter_name, + parameter_group_name, + parameter_value, + data_type, + parameter_type, + is_modifiable + from + aws_dax_parameter + where + is_modifiable = 'TRUE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DAX diff --git a/queries/aws_dax_parameter_group_1.yaml b/queries/aws_dax_parameter_group_1.yaml index b4122bd4a..ffc83136c 100755 --- a/queries/aws_dax_parameter_group_1.yaml +++ b/queries/aws_dax_parameter_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_dax_parameter_group_1 Title: "List AWS DAX Parameter Groups and Details" Description: "Allows users to query AWS DynamoDB Accelerator (DAX) Parameter Groups, providing details such as parameter group name, ARN, description, and parameter settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dax_parameter_group_1.yaml.bak b/queries/aws_dax_parameter_group_1.yaml.bak new file mode 100755 index 000000000..b4122bd4a --- /dev/null +++ b/queries/aws_dax_parameter_group_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_dax_parameter_group_1 +Title: "List AWS DAX Parameter Groups and Details" +Description: "Allows users to query AWS DynamoDB Accelerator (DAX) Parameter Groups, providing details such as parameter group name, ARN, description, and parameter settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + parameter_group_name, + description, + region + from + aws_dax_parameter_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB Accelerator (DAX) diff --git a/queries/aws_dax_parameter_group_2.yaml b/queries/aws_dax_parameter_group_2.yaml index 48e2c299d..1e12c1a18 100755 --- a/queries/aws_dax_parameter_group_2.yaml +++ b/queries/aws_dax_parameter_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_dax_parameter_group_2 Title: "Find all AWS DAX Parameter Groups and their Settings" Description: "Allows users to query AWS DynamoDB Accelerator (DAX) Parameter Groups, providing details such as parameter group name, ARN, description, and parameter settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dax_parameter_group_2.yaml.bak b/queries/aws_dax_parameter_group_2.yaml.bak new file mode 100755 index 000000000..48e2c299d --- /dev/null +++ b/queries/aws_dax_parameter_group_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_dax_parameter_group_2 +Title: "Find all AWS DAX Parameter Groups and their Settings" +Description: "Allows users to query AWS DynamoDB Accelerator (DAX) Parameter Groups, providing details such as parameter group name, ARN, description, and parameter settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + p.parameter_group_name, + c.cluster_name, + c.node_type, + c.status + from + aws_dax_parameter_group as p, + aws_dax_cluster as c + where + c.parameter_group ->> 'ParameterGroupName' = p.parameter_group_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB Accelerator diff --git a/queries/aws_dax_subnet_group_1.yaml b/queries/aws_dax_subnet_group_1.yaml index 916d18921..9c055af7f 100755 --- a/queries/aws_dax_subnet_group_1.yaml +++ b/queries/aws_dax_subnet_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_dax_subnet_group_1 Title: "List AWS DAX Subnet Group Details" Description: "Allows users to query AWS DAX Subnet Group details, such as the subnet group name, description, VPC ID, and the subnets in the group." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dax_subnet_group_1.yaml.bak b/queries/aws_dax_subnet_group_1.yaml.bak new file mode 100755 index 000000000..916d18921 --- /dev/null +++ b/queries/aws_dax_subnet_group_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_dax_subnet_group_1 +Title: "List AWS DAX Subnet Group Details" +Description: "Allows users to query AWS DAX Subnet Group details, such as the subnet group name, description, VPC ID, and the subnets in the group." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + subnet_group_name, + description, + vpc_id, + subnets, + region + from + aws_dax_subnet_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS DAX diff --git a/queries/aws_dax_subnet_group_2.yaml b/queries/aws_dax_subnet_group_2.yaml index 6e4697057..4b911bc42 100755 --- a/queries/aws_dax_subnet_group_2.yaml +++ b/queries/aws_dax_subnet_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_dax_subnet_group_2 Title: "Find AWS DAX Subnet Group details including VPC info" Description: "Allows users to query AWS DAX Subnet Group details, such as the subnet group name, description, VPC ID, and the subnets in the group." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dax_subnet_group_2.yaml.bak b/queries/aws_dax_subnet_group_2.yaml.bak new file mode 100755 index 000000000..6e4697057 --- /dev/null +++ b/queries/aws_dax_subnet_group_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_dax_subnet_group_2 +Title: "Find AWS DAX Subnet Group details including VPC info" +Description: "Allows users to query AWS DAX Subnet Group details, such as the subnet group name, description, VPC ID, and the subnets in the group." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + subnet_group_name, + v.vpc_id, + v.arn as vpc_arn, + v.cidr_block as vpc_cidr_block, + v.state as vpc_state, + v.is_default as is_default_vpc, + v.region + from + aws_dax_subnet_group g + join aws_vpc v + on v.vpc_id = g.vpc_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - DAX diff --git a/queries/aws_dax_subnet_group_3.yaml b/queries/aws_dax_subnet_group_3.yaml index 8279b2327..9718e9dfb 100755 --- a/queries/aws_dax_subnet_group_3.yaml +++ b/queries/aws_dax_subnet_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_dax_subnet_group_3 Title: "List all AWS DAX Subnet Group details" Description: "Allows users to query AWS DAX Subnet Group details, such as the subnet group name, description, VPC ID, and the subnets in the group." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dax_subnet_group_3.yaml.bak b/queries/aws_dax_subnet_group_3.yaml.bak new file mode 100755 index 000000000..8279b2327 --- /dev/null +++ b/queries/aws_dax_subnet_group_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_dax_subnet_group_3 +Title: "List all AWS DAX Subnet Group details" +Description: "Allows users to query AWS DAX Subnet Group details, such as the subnet group name, description, VPC ID, and the subnets in the group." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + subnet_group_name, + g.vpc_id, + vs.subnet_arn, + vs.cidr_block as subnet_cidr_block, + vs.state as subnet_state, + vs.availability_zone as subnet_availability_zone, + vs.region + from + aws_dax_subnet_group g, + jsonb_array_elements(subnets) s + join aws_vpc_subnet vs + on vs.subnet_id = s ->> 'SubnetIdentifier'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DAX Subnet Group diff --git a/queries/aws_directory_service_certificate_1.yaml b/queries/aws_directory_service_certificate_1.yaml index c7afcd6c1..a45ec4595 100755 --- a/queries/aws_directory_service_certificate_1.yaml +++ b/queries/aws_directory_service_certificate_1.yaml @@ -1,7 +1,7 @@ ID: aws_directory_service_certificate_1 Title: "Find AWS Directory Service Certificates and Details" Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_service_certificate_1.yaml.bak b/queries/aws_directory_service_certificate_1.yaml.bak new file mode 100755 index 000000000..c7afcd6c1 --- /dev/null +++ b/queries/aws_directory_service_certificate_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_directory_service_certificate_1 +Title: "Find AWS Directory Service Certificates and Details" +Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + directory_id, + certificate_id, + common_name, + type, + state, + expiry_date_time + from + aws_directory_service_certificate; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Directory Service diff --git a/queries/aws_directory_service_certificate_2.yaml b/queries/aws_directory_service_certificate_2.yaml index 96c61d07f..6a1a2afae 100755 --- a/queries/aws_directory_service_certificate_2.yaml +++ b/queries/aws_directory_service_certificate_2.yaml @@ -1,7 +1,7 @@ ID: aws_directory_service_certificate_2 Title: "List all AWS Directory Service Certificates" Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_service_certificate_2.yaml.bak b/queries/aws_directory_service_certificate_2.yaml.bak new file mode 100755 index 000000000..6a1a2afae --- /dev/null +++ b/queries/aws_directory_service_certificate_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_directory_service_certificate_2 +Title: "List all AWS Directory Service Certificates" +Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + c.certificate_id, + c.common_name, + c.directory_id, + c.type as certificate_type, + d.name as directory_name, + d.type as directory_type + from + aws_directory_service_certificate c, + aws_directory_service_directory d + where + d.type = 'MicrosoftAD'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Directory Service diff --git a/queries/aws_directory_service_certificate_2.yaml.bak.bak b/queries/aws_directory_service_certificate_2.yaml.bak.bak new file mode 100755 index 000000000..6a1a2afae --- /dev/null +++ b/queries/aws_directory_service_certificate_2.yaml.bak.bak @@ -0,0 +1,32 @@ +ID: aws_directory_service_certificate_2 +Title: "List all AWS Directory Service Certificates" +Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + c.certificate_id, + c.common_name, + c.directory_id, + c.type as certificate_type, + d.name as directory_name, + d.type as directory_type + from + aws_directory_service_certificate c, + aws_directory_service_directory d + where + d.type = 'MicrosoftAD'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Directory Service diff --git a/queries/aws_directory_service_certificate_3.yaml b/queries/aws_directory_service_certificate_3.yaml index 33dad67aa..4530ce2d8 100755 --- a/queries/aws_directory_service_certificate_3.yaml +++ b/queries/aws_directory_service_certificate_3.yaml @@ -1,7 +1,7 @@ ID: aws_directory_service_certificate_3 Title: "Find AWS Directory Service Certificates with Specific States" Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_service_certificate_3.yaml.bak b/queries/aws_directory_service_certificate_3.yaml.bak new file mode 100755 index 000000000..33dad67aa --- /dev/null +++ b/queries/aws_directory_service_certificate_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_directory_service_certificate_3 +Title: "Find AWS Directory Service Certificates with Specific States" +Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + common_name, + directory_id, + type, + state + from + aws_directory_service_certificate + where + state = 'Deregistered'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Directory Service diff --git a/queries/aws_directory_service_certificate_4.yaml b/queries/aws_directory_service_certificate_4.yaml index 00dc27267..f423c0ab3 100755 --- a/queries/aws_directory_service_certificate_4.yaml +++ b/queries/aws_directory_service_certificate_4.yaml @@ -1,7 +1,7 @@ ID: aws_directory_service_certificate_4 Title: "Find AWS Directory Service Certificates with SQL Query" Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_service_certificate_4.yaml.bak b/queries/aws_directory_service_certificate_4.yaml.bak new file mode 100755 index 000000000..00dc27267 --- /dev/null +++ b/queries/aws_directory_service_certificate_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_directory_service_certificate_4 +Title: "Find AWS Directory Service Certificates with SQL Query" +Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + directory_id, + certificate_id, + common_name, + type, + state, + expiry_date_time + from + aws_directory_service_certificate + where + expiry_date_time >= now() + interval '7' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Directory Service diff --git a/queries/aws_directory_service_certificate_5.yaml b/queries/aws_directory_service_certificate_5.yaml index 662e221a4..52096d4a1 100755 --- a/queries/aws_directory_service_certificate_5.yaml +++ b/queries/aws_directory_service_certificate_5.yaml @@ -1,7 +1,7 @@ ID: aws_directory_service_certificate_5 Title: "List all AWS Directory Service Certificates' Information" Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_service_certificate_5.yaml.bak b/queries/aws_directory_service_certificate_5.yaml.bak new file mode 100755 index 000000000..662e221a4 --- /dev/null +++ b/queries/aws_directory_service_certificate_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_directory_service_certificate_5 +Title: "List all AWS Directory Service Certificates' Information" +Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + directory_id, + certificate_id, + common_name, + client_cert_auth_settings -> 'OCSPUrl' as ocsp_url + from + aws_directory_service_certificate; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Directory Service diff --git a/queries/aws_directory_service_certificate_6.yaml b/queries/aws_directory_service_certificate_6.yaml index 31a0c8be4..4d36b1b28 100755 --- a/queries/aws_directory_service_certificate_6.yaml +++ b/queries/aws_directory_service_certificate_6.yaml @@ -1,7 +1,7 @@ ID: aws_directory_service_certificate_6 Title: "List all Directory Service Certificates in AWS" Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_service_certificate_6.yaml.bak b/queries/aws_directory_service_certificate_6.yaml.bak new file mode 100755 index 000000000..31a0c8be4 --- /dev/null +++ b/queries/aws_directory_service_certificate_6.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_directory_service_certificate_6 +Title: "List all Directory Service Certificates in AWS" +Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + directory_id, + count(*) as certificate_count + from + aws_directory_service_certificate + group by + directory_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Directory Service diff --git a/queries/aws_directory_service_certificate_7.yaml b/queries/aws_directory_service_certificate_7.yaml index 06ffa1b4b..63f5ee522 100755 --- a/queries/aws_directory_service_certificate_7.yaml +++ b/queries/aws_directory_service_certificate_7.yaml @@ -1,7 +1,7 @@ ID: aws_directory_service_certificate_7 Title: "Find AWS Directory Service Certificates older than 1 year" Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_service_certificate_7.yaml.bak b/queries/aws_directory_service_certificate_7.yaml.bak new file mode 100755 index 000000000..06ffa1b4b --- /dev/null +++ b/queries/aws_directory_service_certificate_7.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_directory_service_certificate_7 +Title: "Find AWS Directory Service Certificates older than 1 year" +Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + common_name, + directory_id, + type, + state + from + aws_directory_service_certificate + where + registered_date_time <= now() - interval '1 year' + and state not like 'Deregister%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Directory Service diff --git a/queries/aws_directory_service_certificate_8.yaml b/queries/aws_directory_service_certificate_8.yaml index 8c0c31fab..77470b59d 100755 --- a/queries/aws_directory_service_certificate_8.yaml +++ b/queries/aws_directory_service_certificate_8.yaml @@ -1,7 +1,7 @@ ID: aws_directory_service_certificate_8 Title: "Find AWS Directory Service Certificates Details" Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_service_certificate_8.yaml.bak b/queries/aws_directory_service_certificate_8.yaml.bak new file mode 100755 index 000000000..8c0c31fab --- /dev/null +++ b/queries/aws_directory_service_certificate_8.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_directory_service_certificate_8 +Title: "Find AWS Directory Service Certificates Details" +Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + distinct partition, + registered_date_time + from + aws_directory_service_certificate + order by + partition, + registered_date_time desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Directory Service diff --git a/queries/aws_directory_service_directory_1.yaml b/queries/aws_directory_service_directory_1.yaml index 0e911215d..def2c000a 100755 --- a/queries/aws_directory_service_directory_1.yaml +++ b/queries/aws_directory_service_directory_1.yaml @@ -1,7 +1,7 @@ ID: aws_directory_service_directory_1 Title: "Query AWS Directory Service Directories for Information" Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_service_directory_1.yaml.bak b/queries/aws_directory_service_directory_1.yaml.bak new file mode 100755 index 000000000..0e911215d --- /dev/null +++ b/queries/aws_directory_service_directory_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_directory_service_directory_1 +Title: "Query AWS Directory Service Directories for Information" +Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + directory_id + from + aws_directory_service_directory; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Directory Service diff --git a/queries/aws_directory_service_directory_2.yaml b/queries/aws_directory_service_directory_2.yaml index fd38d7f1e..b278c71ea 100755 --- a/queries/aws_directory_service_directory_2.yaml +++ b/queries/aws_directory_service_directory_2.yaml @@ -1,7 +1,7 @@ ID: aws_directory_service_directory_2 Title: "Find AWS Managed and Simple AD Directory Details" Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_service_directory_2.yaml.bak b/queries/aws_directory_service_directory_2.yaml.bak new file mode 100755 index 000000000..fd38d7f1e --- /dev/null +++ b/queries/aws_directory_service_directory_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_directory_service_directory_2 +Title: "Find AWS Managed and Simple AD Directory Details" +Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + directory_id, + type + from + aws_directory_service_directory + where + type = 'MicrosoftAD'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Directory Service diff --git a/queries/aws_directory_service_directory_3.yaml b/queries/aws_directory_service_directory_3.yaml index a6728aecc..b8be6824b 100755 --- a/queries/aws_directory_service_directory_3.yaml +++ b/queries/aws_directory_service_directory_3.yaml @@ -1,7 +1,7 @@ ID: aws_directory_service_directory_3 Title: "List all AWS Managed and Simple AD Directory Info" Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_service_directory_3.yaml.bak b/queries/aws_directory_service_directory_3.yaml.bak new file mode 100755 index 000000000..a6728aecc --- /dev/null +++ b/queries/aws_directory_service_directory_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_directory_service_directory_3 +Title: "List all AWS Managed and Simple AD Directory Info" +Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + directory_id, + sd ->> 'ShareMethod' share_method, + sd ->> 'ShareStatus' share_status, + sd ->> 'SharedAccountId' shared_account_id, + sd ->> 'SharedDirectoryId' shared_directory_id + from + aws_directory_service_directory, + jsonb_array_elements(shared_directories) sd; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Directory Service diff --git a/queries/aws_directory_service_directory_4.yaml b/queries/aws_directory_service_directory_4.yaml index 0f59d31e9..d19602732 100755 --- a/queries/aws_directory_service_directory_4.yaml +++ b/queries/aws_directory_service_directory_4.yaml @@ -1,7 +1,7 @@ ID: aws_directory_service_directory_4 Title: "List all AWS Directory Service Directories" Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_service_directory_4.yaml.bak b/queries/aws_directory_service_directory_4.yaml.bak new file mode 100755 index 000000000..0f59d31e9 --- /dev/null +++ b/queries/aws_directory_service_directory_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_directory_service_directory_4 +Title: "List all AWS Directory Service Directories" +Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + directory_id, + snapshot_limit ->> 'ManualSnapshotsCurrentCount' as manual_snapshots_current_count, + snapshot_limit ->> 'ManualSnapshotsLimit' as manual_snapshots_limit, + snapshot_limit ->> 'ManualSnapshotsLimitReached' as manual_snapshots_limit_reached + from + aws_directory_service_directory; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Directory Service diff --git a/queries/aws_directory_service_directory_5.yaml b/queries/aws_directory_service_directory_5.yaml index ff1624ce8..c81352b1a 100755 --- a/queries/aws_directory_service_directory_5.yaml +++ b/queries/aws_directory_service_directory_5.yaml @@ -1,7 +1,7 @@ ID: aws_directory_service_directory_5 Title: "List All AWS Directory Service Directory Information" Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_service_directory_5.yaml.bak b/queries/aws_directory_service_directory_5.yaml.bak new file mode 100755 index 000000000..ff1624ce8 --- /dev/null +++ b/queries/aws_directory_service_directory_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_directory_service_directory_5 +Title: "List All AWS Directory Service Directory Information" +Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + directory_id, + e ->> 'CreatedDateTime' as topic_created_date_time, + e ->> 'Status' as topic_status, + e ->> 'TopicArn' as topic_arn, + e ->> 'TopicName' as topic_name + from + aws_directory_service_directory, + jsonb_array_elements(event_topics) as e; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Directory Service diff --git a/queries/aws_directory_servicelog_subscription_1.yaml b/queries/aws_directory_servicelog_subscription_1.yaml index 7079c690b..779ddf28e 100755 --- a/queries/aws_directory_servicelog_subscription_1.yaml +++ b/queries/aws_directory_servicelog_subscription_1.yaml @@ -1,7 +1,7 @@ ID: aws_directory_servicelog_subscription_1 Title: "List all AWS Directory Service Log Subscriptions" Description: "Allows users to query AWS Directory Service Log Subscription to obtain detailed information about each log subscription associated with the AWS Directory Service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_servicelog_subscription_1.yaml.bak b/queries/aws_directory_servicelog_subscription_1.yaml.bak new file mode 100755 index 000000000..7079c690b --- /dev/null +++ b/queries/aws_directory_servicelog_subscription_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_directory_servicelog_subscription_1 +Title: "List all AWS Directory Service Log Subscriptions" +Description: "Allows users to query AWS Directory Service Log Subscription to obtain detailed information about each log subscription associated with the AWS Directory Service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + partition, + subscription_created_date_time, + directory_id, + title + from + aws_directory_service_log_subscription; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Directory Service diff --git a/queries/aws_directory_servicelog_subscription_2.yaml b/queries/aws_directory_servicelog_subscription_2.yaml index f6a7ad30d..a99c14a7d 100755 --- a/queries/aws_directory_servicelog_subscription_2.yaml +++ b/queries/aws_directory_servicelog_subscription_2.yaml @@ -1,7 +1,7 @@ ID: aws_directory_servicelog_subscription_2 Title: "List AWS Directory Service Log Subscriptions with Details" Description: "Allows users to query AWS Directory Service Log Subscription to obtain detailed information about each log subscription associated with the AWS Directory Service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_directory_servicelog_subscription_2.yaml.bak b/queries/aws_directory_servicelog_subscription_2.yaml.bak new file mode 100755 index 000000000..a99c14a7d --- /dev/null +++ b/queries/aws_directory_servicelog_subscription_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_directory_servicelog_subscription_2 +Title: "List AWS Directory Service Log Subscriptions with Details" +Description: "Allows users to query AWS Directory Service Log Subscription to obtain detailed information about each log subscription associated with the AWS Directory Service." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.log_group_name, + d.name as directory_name, + d.arn as directory_arn, + d.directory_id, + d.type as directory_type + from + aws_directory_service_log_subscription as s + left join aws_directory_service_directory as d on s.directory_id = d.directory_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Directory Service diff --git a/queries/aws_directory_servicelog_subscription_2.yaml.bak.bak b/queries/aws_directory_servicelog_subscription_2.yaml.bak.bak new file mode 100755 index 000000000..a99c14a7d --- /dev/null +++ b/queries/aws_directory_servicelog_subscription_2.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_directory_servicelog_subscription_2 +Title: "List AWS Directory Service Log Subscriptions with Details" +Description: "Allows users to query AWS Directory Service Log Subscription to obtain detailed information about each log subscription associated with the AWS Directory Service." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.log_group_name, + d.name as directory_name, + d.arn as directory_arn, + d.directory_id, + d.type as directory_type + from + aws_directory_service_log_subscription as s + left join aws_directory_service_directory as d on s.directory_id = d.directory_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Directory Service diff --git a/queries/aws_dlm_lifecycle_policy_1.yaml b/queries/aws_dlm_lifecycle_policy_1.yaml index 02d683725..70c6ccf35 100755 --- a/queries/aws_dlm_lifecycle_policy_1.yaml +++ b/queries/aws_dlm_lifecycle_policy_1.yaml @@ -1,7 +1,7 @@ ID: aws_dlm_lifecycle_policy_1 Title: "List AWS DLM Lifecycle Policies and Details" Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dlm_lifecycle_policy_1.yaml.bak b/queries/aws_dlm_lifecycle_policy_1.yaml.bak new file mode 100755 index 000000000..02d683725 --- /dev/null +++ b/queries/aws_dlm_lifecycle_policy_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_dlm_lifecycle_policy_1 +Title: "List AWS DLM Lifecycle Policies and Details" +Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + policy_id, + arn, + date_created + from + aws_dlm_lifecycle_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS DLM diff --git a/queries/aws_dlm_lifecycle_policy_2.yaml b/queries/aws_dlm_lifecycle_policy_2.yaml index 00b8bfc21..880b1568e 100755 --- a/queries/aws_dlm_lifecycle_policy_2.yaml +++ b/queries/aws_dlm_lifecycle_policy_2.yaml @@ -1,7 +1,7 @@ ID: aws_dlm_lifecycle_policy_2 Title: "List All AWS DLM Lifecycle Policies and Details" Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dlm_lifecycle_policy_2.yaml.bak b/queries/aws_dlm_lifecycle_policy_2.yaml.bak new file mode 100755 index 000000000..00b8bfc21 --- /dev/null +++ b/queries/aws_dlm_lifecycle_policy_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_dlm_lifecycle_policy_2 +Title: "List All AWS DLM Lifecycle Policies and Details" +Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + policy_id, + arn, + date_created, + policy_type, + s ->> 'ShareRules' as share_rules + from + aws_dlm_lifecycle_policy, + jsonb_array_elements(policy_details -> 'Schedules') s + where + s ->> 'ShareRules' is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DLM Lifecycle Policy diff --git a/queries/aws_dlm_lifecycle_policy_3.yaml b/queries/aws_dlm_lifecycle_policy_3.yaml index 45fbaddb1..deae16ad0 100755 --- a/queries/aws_dlm_lifecycle_policy_3.yaml +++ b/queries/aws_dlm_lifecycle_policy_3.yaml @@ -1,7 +1,7 @@ ID: aws_dlm_lifecycle_policy_3 Title: "List all AWS DLM Lifecycle Policies with Configuration" Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dlm_lifecycle_policy_3.yaml.bak b/queries/aws_dlm_lifecycle_policy_3.yaml.bak new file mode 100755 index 000000000..45fbaddb1 --- /dev/null +++ b/queries/aws_dlm_lifecycle_policy_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_dlm_lifecycle_policy_3 +Title: "List all AWS DLM Lifecycle Policies with Configuration" +Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + policy_id, + arn, + date_created, + policy_type, + s ->> 'CrossRegionCopyRules' as cross_region_copy_rules + from + aws_dlm_lifecycle_policy, + jsonb_array_elements(policy_details -> 'Schedules') s + where + s ->> 'CrossRegionCopyRules' is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DLM diff --git a/queries/aws_dlm_lifecycle_policy_4.yaml b/queries/aws_dlm_lifecycle_policy_4.yaml index c5cf2651f..2e4f01bb4 100755 --- a/queries/aws_dlm_lifecycle_policy_4.yaml +++ b/queries/aws_dlm_lifecycle_policy_4.yaml @@ -1,7 +1,7 @@ ID: aws_dlm_lifecycle_policy_4 Title: "List AWS DLM Lifecycle Policies with Configuration and Status" Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dlm_lifecycle_policy_4.yaml.bak b/queries/aws_dlm_lifecycle_policy_4.yaml.bak new file mode 100755 index 000000000..c5cf2651f --- /dev/null +++ b/queries/aws_dlm_lifecycle_policy_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_dlm_lifecycle_policy_4 +Title: "List AWS DLM Lifecycle Policies with Configuration and Status" +Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + policy_id, + arn, + date_created, + policy_type, + s -> 'RetainRule' ->> 'Count' as retain_count + from + aws_dlm_lifecycle_policy, + jsonb_array_elements(policy_details -> 'Schedules') s + where + s -> 'RetainRule' is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS DLM diff --git a/queries/aws_dms_certificate_1.yaml b/queries/aws_dms_certificate_1.yaml index face30601..5b8badc4d 100755 --- a/queries/aws_dms_certificate_1.yaml +++ b/queries/aws_dms_certificate_1.yaml @@ -1,7 +1,7 @@ ID: aws_dms_certificate_1 Title: "Find all AWS DMS Certificates and Their Details" Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_certificate_1.yaml.bak b/queries/aws_dms_certificate_1.yaml.bak new file mode 100755 index 000000000..face30601 --- /dev/null +++ b/queries/aws_dms_certificate_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_dms_certificate_1 +Title: "Find all AWS DMS Certificates and Their Details" +Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + certificate_identifier, + arn, + certificate_creation_date, + signing_algorithm, + valid_to_date, + region + from + aws_dms_certificate; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_dms_certificate_2.yaml b/queries/aws_dms_certificate_2.yaml index 7ce99e4ba..2ca789faa 100755 --- a/queries/aws_dms_certificate_2.yaml +++ b/queries/aws_dms_certificate_2.yaml @@ -1,7 +1,7 @@ ID: aws_dms_certificate_2 Title: "Find all AWS DMS Certificates Expiring in 10 Days" Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_certificate_2.yaml.bak b/queries/aws_dms_certificate_2.yaml.bak new file mode 100755 index 000000000..2ca789faa --- /dev/null +++ b/queries/aws_dms_certificate_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_dms_certificate_2 +Title: "Find all AWS DMS Certificates Expiring in 10 Days" +Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + certificate_identifier, + arn, + key_length, + signing_algorithm, + valid_to_date + from + aws_dms_certificate + where + valid_to_date <= current_date + interval '10' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_dms_certificate_2.yaml.bak.bak b/queries/aws_dms_certificate_2.yaml.bak.bak new file mode 100755 index 000000000..2ca789faa --- /dev/null +++ b/queries/aws_dms_certificate_2.yaml.bak.bak @@ -0,0 +1,32 @@ +ID: aws_dms_certificate_2 +Title: "Find all AWS DMS Certificates Expiring in 10 Days" +Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + certificate_identifier, + arn, + key_length, + signing_algorithm, + valid_to_date + from + aws_dms_certificate + where + valid_to_date <= current_date + interval '10' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_dms_certificate_3.yaml b/queries/aws_dms_certificate_3.yaml index 6176ff069..31881be22 100755 --- a/queries/aws_dms_certificate_3.yaml +++ b/queries/aws_dms_certificate_3.yaml @@ -1,7 +1,7 @@ ID: aws_dms_certificate_3 Title: "List all AWS DMS Certificates and Details" Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_certificate_3.yaml.bak b/queries/aws_dms_certificate_3.yaml.bak new file mode 100755 index 000000000..6176ff069 --- /dev/null +++ b/queries/aws_dms_certificate_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_dms_certificate_3 +Title: "List all AWS DMS Certificates and Details" +Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + certificate_identifier, + arn, + signing_algorithm, + key_length, + certificate_owner + from + aws_dms_certificate + where + signing_algorithm = 'SHA256withRSA'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - DMS diff --git a/queries/aws_dms_certificate_4.yaml b/queries/aws_dms_certificate_4.yaml index 62b3e8d14..999d15da8 100755 --- a/queries/aws_dms_certificate_4.yaml +++ b/queries/aws_dms_certificate_4.yaml @@ -1,7 +1,7 @@ ID: aws_dms_certificate_4 Title: "Find AWS DMS Certificates for Data Migration Security" Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_certificate_4.yaml.bak b/queries/aws_dms_certificate_4.yaml.bak new file mode 100755 index 000000000..62b3e8d14 --- /dev/null +++ b/queries/aws_dms_certificate_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_dms_certificate_4 +Title: "Find AWS DMS Certificates for Data Migration Security" +Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + certificate_identifier, + arn, + certificate_owner, + account_id + from + aws_dms_certificate + where + certificate_owner <> account_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_dms_certificate_5.yaml b/queries/aws_dms_certificate_5.yaml index d8f98ac28..2bd68dfbd 100755 --- a/queries/aws_dms_certificate_5.yaml +++ b/queries/aws_dms_certificate_5.yaml @@ -1,7 +1,7 @@ ID: aws_dms_certificate_5 Title: "Find all AWS DMS Certificates with Details" Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_certificate_5.yaml.bak b/queries/aws_dms_certificate_5.yaml.bak new file mode 100755 index 000000000..d8f98ac28 --- /dev/null +++ b/queries/aws_dms_certificate_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_dms_certificate_5 +Title: "Find all AWS DMS Certificates with Details" +Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + certificate_identifier, + arn, + certificate_owner, + (valid_to_date - current_date) as days_left, + region + from + aws_dms_certificate; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_dms_endpoint_1.yaml b/queries/aws_dms_endpoint_1.yaml index 7d7e6674b..786689621 100755 --- a/queries/aws_dms_endpoint_1.yaml +++ b/queries/aws_dms_endpoint_1.yaml @@ -1,7 +1,7 @@ ID: aws_dms_endpoint_1 Title: "Find AWS DMS Endpoints Connection Info for Databases" Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_endpoint_1.yaml.bak b/queries/aws_dms_endpoint_1.yaml.bak new file mode 100755 index 000000000..7d7e6674b --- /dev/null +++ b/queries/aws_dms_endpoint_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_dms_endpoint_1 +Title: "Find AWS DMS Endpoints Connection Info for Databases" +Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + endpoint_identifier, + arn, + certificate_arn, + database_name, + endpoint_type, + engine_display_name, + engine_name + from + aws_dms_endpoint; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_dms_endpoint_2.yaml b/queries/aws_dms_endpoint_2.yaml index b3198ee1a..13fb71589 100755 --- a/queries/aws_dms_endpoint_2.yaml +++ b/queries/aws_dms_endpoint_2.yaml @@ -1,7 +1,7 @@ ID: aws_dms_endpoint_2 Title: "Find AWS DMS Endpoints Connection Info for Migration" Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_endpoint_2.yaml.bak b/queries/aws_dms_endpoint_2.yaml.bak new file mode 100755 index 000000000..b3198ee1a --- /dev/null +++ b/queries/aws_dms_endpoint_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_dms_endpoint_2 +Title: "Find AWS DMS Endpoints Connection Info for Migration" +Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + endpoint_identifier, + arn, + engine_display_name, + endpoint_type, + engine_name + from + aws_dms_endpoint + where + endpoint_type = 'SOURCE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DMS diff --git a/queries/aws_dms_endpoint_3.yaml b/queries/aws_dms_endpoint_3.yaml index 89fd7dcd8..bec7792da 100755 --- a/queries/aws_dms_endpoint_3.yaml +++ b/queries/aws_dms_endpoint_3.yaml @@ -1,7 +1,7 @@ ID: aws_dms_endpoint_3 Title: "List all AWS DMS Endpoints for connection details" Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_endpoint_3.yaml.bak b/queries/aws_dms_endpoint_3.yaml.bak new file mode 100755 index 000000000..89fd7dcd8 --- /dev/null +++ b/queries/aws_dms_endpoint_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_dms_endpoint_3 +Title: "List all AWS DMS Endpoints for connection details" +Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + endpoint_identifier, + arn, + engine_name, + instance_create_time, + my_sql_settings + from + aws_dms_endpoint + where + engine_name = 'mysql'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - DMS diff --git a/queries/aws_dms_endpoint_4.yaml b/queries/aws_dms_endpoint_4.yaml index 1b3c3c331..cfe90a2e7 100755 --- a/queries/aws_dms_endpoint_4.yaml +++ b/queries/aws_dms_endpoint_4.yaml @@ -1,7 +1,7 @@ ID: aws_dms_endpoint_4 Title: "List All AWS DMS Endpoints for Database Migrations" Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_endpoint_4.yaml.bak b/queries/aws_dms_endpoint_4.yaml.bak new file mode 100755 index 000000000..1b3c3c331 --- /dev/null +++ b/queries/aws_dms_endpoint_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_dms_endpoint_4 +Title: "List All AWS DMS Endpoints for Database Migrations" +Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + endpoint_identifier, + kms_key_id, + server_name, + service_access_role_arn, + ssl_mode + from + aws_dms_endpoint + where + ssl_mode <> 'none'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_dms_endpoint_5.yaml b/queries/aws_dms_endpoint_5.yaml index 95ef25a99..98639ad79 100755 --- a/queries/aws_dms_endpoint_5.yaml +++ b/queries/aws_dms_endpoint_5.yaml @@ -1,7 +1,7 @@ ID: aws_dms_endpoint_5 Title: "Find AWS DMS Endpoints and Retrieve Connection Information" Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_endpoint_5.yaml.bak b/queries/aws_dms_endpoint_5.yaml.bak new file mode 100755 index 000000000..95ef25a99 --- /dev/null +++ b/queries/aws_dms_endpoint_5.yaml.bak @@ -0,0 +1,40 @@ +ID: aws_dms_endpoint_5 +Title: "Find AWS DMS Endpoints and Retrieve Connection Information" +Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + endpoint_identifier, + arn, + my_sql_settings ->> 'AfterConnectScript' as after_connect_script, + (my_sql_settings ->> 'CleanSourceMetadataOnMismatch')::boolean as clean_source_metadata_on_mismatch, + my_sql_settings ->> 'DatabaseName' as database_name, + (my_sql_settings ->> 'EventsPollInterval')::integer as events_poll_interval, + (my_sql_settings ->> 'ExecuteTimeout')::integer as execute_timeout, + (my_sql_settings ->> 'MaxFileSize')::integer as max_file_size, + (my_sql_settings ->> 'ParallelLoadThreads')::integer as parallel_load_threads, + my_sql_settings ->> 'Password' as password, + (my_sql_settings ->> 'Port')::integer as port, + my_sql_settings ->> 'SecretsManagerAccessRoleArn' as secrets_manager_access_role_arn, + my_sql_settings ->> 'SecretsManagerSecretId' as secrets_manager_secret_id, + my_sql_settings ->> 'ServerName' as server_name, + my_sql_settings ->> 'ServerTimezone' as server_timezone, + my_sql_settings ->> 'TargetDbType' as target_db_type, + my_sql_settings ->> 'Username' as username + from + aws_dms_endpoint + where + engine_name = 'mysql'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS DMS Endpoints diff --git a/queries/aws_dms_replication_instance_1.yaml b/queries/aws_dms_replication_instance_1.yaml index fd3f52c5e..961f7438a 100755 --- a/queries/aws_dms_replication_instance_1.yaml +++ b/queries/aws_dms_replication_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_dms_replication_instance_1 Title: "List all AWS DMS Replication Instances" Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_replication_instance_1.yaml.bak b/queries/aws_dms_replication_instance_1.yaml.bak new file mode 100755 index 000000000..fd3f52c5e --- /dev/null +++ b/queries/aws_dms_replication_instance_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_dms_replication_instance_1 +Title: "List all AWS DMS Replication Instances" +Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_instance_identifier, + arn, + engine_version, + instance_create_time, + kms_key_id, + publicly_accessible, + region + from + aws_dms_replication_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_dms_replication_instance_2.yaml b/queries/aws_dms_replication_instance_2.yaml index ef2de1139..93b3b0bd1 100755 --- a/queries/aws_dms_replication_instance_2.yaml +++ b/queries/aws_dms_replication_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_dms_replication_instance_2 Title: "List all AWS DMS Replication Instances for Asset Management" Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_replication_instance_2.yaml.bak b/queries/aws_dms_replication_instance_2.yaml.bak new file mode 100755 index 000000000..ef2de1139 --- /dev/null +++ b/queries/aws_dms_replication_instance_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_dms_replication_instance_2 +Title: "List all AWS DMS Replication Instances for Asset Management" +Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_instance_identifier, + arn, + engine_version, + instance_create_time, + auto_minor_version_upgrade, + region + from + aws_dms_replication_instance + where + not auto_minor_version_upgrade; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_dms_replication_instance_3.yaml b/queries/aws_dms_replication_instance_3.yaml index be727552e..36c7f1b44 100755 --- a/queries/aws_dms_replication_instance_3.yaml +++ b/queries/aws_dms_replication_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_dms_replication_instance_3 Title: "Find AWS Database Migration Service Replication Instances" Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_replication_instance_3.yaml.bak b/queries/aws_dms_replication_instance_3.yaml.bak new file mode 100755 index 000000000..be727552e --- /dev/null +++ b/queries/aws_dms_replication_instance_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_dms_replication_instance_3 +Title: "Find AWS Database Migration Service Replication Instances" +Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_instance_identifier, + arn, + engine_version, + instance_create_time, + replication_instance_class, + region + from + aws_dms_replication_instance + where + replication_instance_class not in ('dms.r5.16xlarge', 'dms.r5.24xlarge'); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_dms_replication_instance_4.yaml b/queries/aws_dms_replication_instance_4.yaml index d0784ab08..abaafdaaa 100755 --- a/queries/aws_dms_replication_instance_4.yaml +++ b/queries/aws_dms_replication_instance_4.yaml @@ -1,7 +1,7 @@ ID: aws_dms_replication_instance_4 Title: "List all AWS Database Migration Service Replication Instances" Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_replication_instance_4.yaml.bak b/queries/aws_dms_replication_instance_4.yaml.bak new file mode 100755 index 000000000..d0784ab08 --- /dev/null +++ b/queries/aws_dms_replication_instance_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_dms_replication_instance_4 +Title: "List all AWS Database Migration Service Replication Instances" +Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_instance_identifier, + arn, + publicly_accessible, + region + from + aws_dms_replication_instance + where + publicly_accessible; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_dms_replication_instance_5.yaml b/queries/aws_dms_replication_instance_5.yaml index e9caaf772..f800e2a93 100755 --- a/queries/aws_dms_replication_instance_5.yaml +++ b/queries/aws_dms_replication_instance_5.yaml @@ -1,7 +1,7 @@ ID: aws_dms_replication_instance_5 Title: "Find AWS Database Migration Service Replication Instances" Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_replication_instance_5.yaml.bak b/queries/aws_dms_replication_instance_5.yaml.bak new file mode 100755 index 000000000..e9caaf772 --- /dev/null +++ b/queries/aws_dms_replication_instance_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_dms_replication_instance_5 +Title: "Find AWS Database Migration Service Replication Instances" +Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_instance_identifier, + arn, + publicly_accessible, + multi_az, + region + from + aws_dms_replication_instance + where + not multi_az; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_dms_replication_task_1.yaml b/queries/aws_dms_replication_task_1.yaml index 23efa7d20..4364b5f45 100755 --- a/queries/aws_dms_replication_task_1.yaml +++ b/queries/aws_dms_replication_task_1.yaml @@ -1,7 +1,7 @@ ID: aws_dms_replication_task_1 Title: "List AWS DMS Replication Task Information" Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_replication_task_1.yaml.bak b/queries/aws_dms_replication_task_1.yaml.bak new file mode 100755 index 000000000..23efa7d20 --- /dev/null +++ b/queries/aws_dms_replication_task_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_dms_replication_task_1 +Title: "List AWS DMS Replication Task Information" +Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_task_identifier, + arn, + migration_type, + status, + replication_task_creation_date + from + aws_dms_replication_task; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS DMS Replication Tasks diff --git a/queries/aws_dms_replication_task_2.yaml b/queries/aws_dms_replication_task_2.yaml index 924f45a81..c44ea9bea 100755 --- a/queries/aws_dms_replication_task_2.yaml +++ b/queries/aws_dms_replication_task_2.yaml @@ -1,7 +1,7 @@ ID: aws_dms_replication_task_2 Title: "List AWS DMS Replication Tasks for Data Migration" Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_replication_task_2.yaml.bak b/queries/aws_dms_replication_task_2.yaml.bak new file mode 100755 index 000000000..924f45a81 --- /dev/null +++ b/queries/aws_dms_replication_task_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_dms_replication_task_2 +Title: "List AWS DMS Replication Tasks for Data Migration" +Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_task_identifier, + migration_type, + status + from + aws_dms_replication_task + where + migration_type = 'full-load'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - DMS diff --git a/queries/aws_dms_replication_task_3.yaml b/queries/aws_dms_replication_task_3.yaml index 8c253bf7d..234f88c3d 100755 --- a/queries/aws_dms_replication_task_3.yaml +++ b/queries/aws_dms_replication_task_3.yaml @@ -1,7 +1,7 @@ ID: aws_dms_replication_task_3 Title: "Find AWS DMS Tasks with Failed Status Using SQL" Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_replication_task_3.yaml.bak b/queries/aws_dms_replication_task_3.yaml.bak new file mode 100755 index 000000000..8c253bf7d --- /dev/null +++ b/queries/aws_dms_replication_task_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_dms_replication_task_3 +Title: "Find AWS DMS Tasks with Failed Status Using SQL" +Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_task_identifier, + status, + last_failure_message + from + aws_dms_replication_task + where + status = 'failed'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DMS diff --git a/queries/aws_dms_replication_task_4.yaml b/queries/aws_dms_replication_task_4.yaml index db6de646b..6be240aa7 100755 --- a/queries/aws_dms_replication_task_4.yaml +++ b/queries/aws_dms_replication_task_4.yaml @@ -1,7 +1,7 @@ ID: aws_dms_replication_task_4 Title: "Find AWS DMS Replication Task Details for Data Migration" Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_replication_task_4.yaml.bak b/queries/aws_dms_replication_task_4.yaml.bak new file mode 100755 index 000000000..db6de646b --- /dev/null +++ b/queries/aws_dms_replication_task_4.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_dms_replication_task_4 +Title: "Find AWS DMS Replication Task Details for Data Migration" +Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_task_identifier, + status, + replication_task_stats -> 'ElapsedTimeMillis' as elapsed_time_millis, + replication_task_stats -> 'FreshStartDate' as fresh_start_date, + replication_task_stats -> 'FullLoadFinishDate' as full_load_finish_date, + replication_task_stats -> 'FullLoadProgressPercent' as full_load_progress_percent, + replication_task_stats -> 'FullLoadStartDate' as full_load_start_date, + replication_task_stats -> 'StartDate' as start_date, + replication_task_stats -> 'StopDate' as stop_date, + replication_task_stats -> 'TablesErrored' as tables_errored, + replication_task_stats -> 'TablesLoaded' as tables_loaded, + replication_task_stats -> 'TablesLoading' as tables_loading, + replication_task_stats -> 'TablesQueued' as tables_queued + from + aws_dms_replication_task; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DMS diff --git a/queries/aws_dms_replication_task_5.yaml b/queries/aws_dms_replication_task_5.yaml index c7cbfc979..2bb52965a 100755 --- a/queries/aws_dms_replication_task_5.yaml +++ b/queries/aws_dms_replication_task_5.yaml @@ -1,7 +1,7 @@ ID: aws_dms_replication_task_5 Title: "List all AWS DMS Replication Tasks with Details" Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_replication_task_5.yaml.bak b/queries/aws_dms_replication_task_5.yaml.bak new file mode 100755 index 000000000..c7cbfc979 --- /dev/null +++ b/queries/aws_dms_replication_task_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_dms_replication_task_5 +Title: "List all AWS DMS Replication Tasks with Details" +Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + t.replication_task_identifier, + t.arn as task_arn, + i.replication_instance_class, + i.engine_version, + i.publicly_accessible, + i.dns_name_servers + from + aws_dms_replication_task t + join aws_dms_replication_instance i on t.replication_instance_arn = i.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS DMS diff --git a/queries/aws_dms_replication_task_6.yaml b/queries/aws_dms_replication_task_6.yaml index be9180f77..42c31f5dc 100755 --- a/queries/aws_dms_replication_task_6.yaml +++ b/queries/aws_dms_replication_task_6.yaml @@ -1,7 +1,7 @@ ID: aws_dms_replication_task_6 Title: "Find AWS DMS Replication Tasks for Data Migration" Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_replication_task_6.yaml.bak b/queries/aws_dms_replication_task_6.yaml.bak new file mode 100755 index 000000000..be9180f77 --- /dev/null +++ b/queries/aws_dms_replication_task_6.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_dms_replication_task_6 +Title: "Find AWS DMS Replication Tasks for Data Migration" +Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_task_identifier, + source_endpoint_arn, + status + from + aws_dms_replication_task + where + endpoint_type = 'source'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - DMS diff --git a/queries/aws_dms_replication_task_7.yaml b/queries/aws_dms_replication_task_7.yaml index cdb4042e0..e113d04c6 100755 --- a/queries/aws_dms_replication_task_7.yaml +++ b/queries/aws_dms_replication_task_7.yaml @@ -1,7 +1,7 @@ ID: aws_dms_replication_task_7 Title: "List all AWS DMS Replication Task Details" Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dms_replication_task_7.yaml.bak b/queries/aws_dms_replication_task_7.yaml.bak new file mode 100755 index 000000000..e113d04c6 --- /dev/null +++ b/queries/aws_dms_replication_task_7.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_dms_replication_task_7 +Title: "List all AWS DMS Replication Task Details" +Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + endpoint_type, + count(*) as task_count + from + aws_dms_replication_task + group by + endpoint_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DMS diff --git a/queries/aws_dms_replication_task_7.yaml.bak.bak b/queries/aws_dms_replication_task_7.yaml.bak.bak new file mode 100755 index 000000000..e113d04c6 --- /dev/null +++ b/queries/aws_dms_replication_task_7.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_dms_replication_task_7 +Title: "List all AWS DMS Replication Task Details" +Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + endpoint_type, + count(*) as task_count + from + aws_dms_replication_task + group by + endpoint_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DMS diff --git a/queries/aws_docdb_cluster_1.yaml b/queries/aws_docdb_cluster_1.yaml index b31fc186c..68139de8d 100755 --- a/queries/aws_docdb_cluster_1.yaml +++ b/queries/aws_docdb_cluster_1.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_1 Title: "Find Amazon DocumentDB Cluster Configuration and Status" Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_1.yaml.bak b/queries/aws_docdb_cluster_1.yaml.bak new file mode 100755 index 000000000..b31fc186c --- /dev/null +++ b/queries/aws_docdb_cluster_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_docdb_cluster_1 +Title: "Find Amazon DocumentDB Cluster Configuration and Status" +Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + db_cluster_identifier, + deletion_protection, + engine, + status, + region + from + aws_docdb_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_2.yaml b/queries/aws_docdb_cluster_2.yaml index 8a53ebc75..3a159351f 100755 --- a/queries/aws_docdb_cluster_2.yaml +++ b/queries/aws_docdb_cluster_2.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_2 Title: "Find Amazon DocumentDB Cluster Configuration and Status" Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_2.yaml.bak b/queries/aws_docdb_cluster_2.yaml.bak new file mode 100755 index 000000000..8a53ebc75 --- /dev/null +++ b/queries/aws_docdb_cluster_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_docdb_cluster_2 +Title: "Find Amazon DocumentDB Cluster Configuration and Status" +Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + status, + cluster_create_time, + kms_key_id, + storage_encrypted + from + aws_docdb_cluster + where + not storage_encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_3.yaml b/queries/aws_docdb_cluster_3.yaml index d4f51f404..042a6dae1 100755 --- a/queries/aws_docdb_cluster_3.yaml +++ b/queries/aws_docdb_cluster_3.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_3 Title: "Find Amazon DocumentDB Cluster Config and Status" Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_3.yaml.bak b/queries/aws_docdb_cluster_3.yaml.bak new file mode 100755 index 000000000..042a6dae1 --- /dev/null +++ b/queries/aws_docdb_cluster_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_docdb_cluster_3 +Title: "Find Amazon DocumentDB Cluster Config and Status" +Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + backup_retention_period + from + aws_docdb_cluster + where + backup_retention_period > 7; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DocumentDB diff --git a/queries/aws_docdb_cluster_3.yaml.bak.bak b/queries/aws_docdb_cluster_3.yaml.bak.bak new file mode 100755 index 000000000..042a6dae1 --- /dev/null +++ b/queries/aws_docdb_cluster_3.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_docdb_cluster_3 +Title: "Find Amazon DocumentDB Cluster Config and Status" +Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + backup_retention_period + from + aws_docdb_cluster + where + backup_retention_period > 7; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DocumentDB diff --git a/queries/aws_docdb_cluster_4.yaml b/queries/aws_docdb_cluster_4.yaml index 30f6ee0c5..a077ee767 100755 --- a/queries/aws_docdb_cluster_4.yaml +++ b/queries/aws_docdb_cluster_4.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_4 Title: "List all Amazon DocumentDB Cluster Configuration and Status" Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_4.yaml.bak b/queries/aws_docdb_cluster_4.yaml.bak new file mode 100755 index 000000000..30f6ee0c5 --- /dev/null +++ b/queries/aws_docdb_cluster_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_docdb_cluster_4 +Title: "List all Amazon DocumentDB Cluster Configuration and Status" +Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + jsonb_array_length(availability_zones) as availability_zones_count + from + aws_docdb_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_5.yaml b/queries/aws_docdb_cluster_5.yaml index 52f16f4df..20d3cf9cd 100755 --- a/queries/aws_docdb_cluster_5.yaml +++ b/queries/aws_docdb_cluster_5.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_5 Title: "List Amazon DocumentDB Clusters and Their Status" Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_5.yaml.bak b/queries/aws_docdb_cluster_5.yaml.bak new file mode 100755 index 000000000..52f16f4df --- /dev/null +++ b/queries/aws_docdb_cluster_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_docdb_cluster_5 +Title: "List Amazon DocumentDB Clusters and Their Status" +Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + status, + cluster_create_time, + deletion_protection + from + aws_docdb_cluster + where + not deletion_protection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DocumentDB diff --git a/queries/aws_docdb_cluster_6.yaml b/queries/aws_docdb_cluster_6.yaml index f1ddf78d7..043b27d38 100755 --- a/queries/aws_docdb_cluster_6.yaml +++ b/queries/aws_docdb_cluster_6.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_6 Title: "List all Amazon DocumentDB Clusters for Configuration and Status" Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_6.yaml.bak b/queries/aws_docdb_cluster_6.yaml.bak new file mode 100755 index 000000000..f1ddf78d7 --- /dev/null +++ b/queries/aws_docdb_cluster_6.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_docdb_cluster_6 +Title: "List all Amazon DocumentDB Clusters for Configuration and Status" +Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + member ->> 'DBClusterParameterGroupStatus' as db_cluster_parameter_group_status, + member ->> 'DBInstanceIdentifier' as db_instance_identifier, + member ->> 'IsClusterWriter' as is_cluster_writer, + member ->> 'PromotionTier' as promotion_tier + from + aws_docdb_cluster + cross join jsonb_array_elements(members) as member; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DocumentDB diff --git a/queries/aws_docdb_cluster_7.yaml b/queries/aws_docdb_cluster_7.yaml index 021e798d1..cae4ef906 100755 --- a/queries/aws_docdb_cluster_7.yaml +++ b/queries/aws_docdb_cluster_7.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_7 Title: "Find Amazon DocumentDB Clusters and Configuration Status" Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_7.yaml.bak b/queries/aws_docdb_cluster_7.yaml.bak new file mode 100755 index 000000000..021e798d1 --- /dev/null +++ b/queries/aws_docdb_cluster_7.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_docdb_cluster_7 +Title: "Find Amazon DocumentDB Clusters and Configuration Status" +Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + status, + cluster_create_time, + deletion_protection + from + aws_docdb_cluster + where + not deletion_protection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_instance_1.yaml b/queries/aws_docdb_cluster_instance_1.yaml index c009d8dbd..06bf3dc82 100755 --- a/queries/aws_docdb_cluster_instance_1.yaml +++ b/queries/aws_docdb_cluster_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_instance_1 Title: "List Amazon DocumentDB Cluster Instances" Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_instance_1.yaml.bak b/queries/aws_docdb_cluster_instance_1.yaml.bak new file mode 100755 index 000000000..c009d8dbd --- /dev/null +++ b/queries/aws_docdb_cluster_instance_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_docdb_cluster_instance_1 +Title: "List Amazon DocumentDB Cluster Instances" +Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + db_cluster_identifier, + engine, + engine_version, + db_instance_class, + availability_zone + from + aws_docdb_cluster_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_instance_2.yaml b/queries/aws_docdb_cluster_instance_2.yaml index 4c29de451..9c4b2a0fa 100755 --- a/queries/aws_docdb_cluster_instance_2.yaml +++ b/queries/aws_docdb_cluster_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_instance_2 Title: "List all Amazon DocumentDB Cluster Instances" Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_instance_2.yaml.bak b/queries/aws_docdb_cluster_instance_2.yaml.bak new file mode 100755 index 000000000..4c29de451 --- /dev/null +++ b/queries/aws_docdb_cluster_instance_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_docdb_cluster_instance_2 +Title: "List all Amazon DocumentDB Cluster Instances" +Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + db_cluster_identifier, + engine, + engine_version, + db_instance_class, + availability_zone + from + aws_docdb_cluster_instance + where + publicly_accessible; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DocumentDB diff --git a/queries/aws_docdb_cluster_instance_3.yaml b/queries/aws_docdb_cluster_instance_3.yaml index 481682854..a65a668ac 100755 --- a/queries/aws_docdb_cluster_instance_3.yaml +++ b/queries/aws_docdb_cluster_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_instance_3 Title: "Find all Amazon DocumentDB Cluster Instances with Details" Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_instance_3.yaml.bak b/queries/aws_docdb_cluster_instance_3.yaml.bak new file mode 100755 index 000000000..481682854 --- /dev/null +++ b/queries/aws_docdb_cluster_instance_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_docdb_cluster_instance_3 +Title: "Find all Amazon DocumentDB Cluster Instances with Details" +Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_subnet_group_arn, + db_subnet_group_name, + db_subnet_group_description, + db_subnet_group_status + from + aws_docdb_cluster_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_instance_4.yaml b/queries/aws_docdb_cluster_instance_4.yaml index 911a9d594..825e94139 100755 --- a/queries/aws_docdb_cluster_instance_4.yaml +++ b/queries/aws_docdb_cluster_instance_4.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_instance_4 Title: "List all Information of Amazon DocumentDB Clusters" Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_instance_4.yaml.bak b/queries/aws_docdb_cluster_instance_4.yaml.bak new file mode 100755 index 000000000..911a9d594 --- /dev/null +++ b/queries/aws_docdb_cluster_instance_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_docdb_cluster_instance_4 +Title: "List all Information of Amazon DocumentDB Clusters" +Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier as attached_vpc, + vsg ->> 'VpcSecurityGroupId' as vpc_security_group_id, + vsg ->> 'Status' as status, + sub -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, + sub ->> 'SubnetIdentifier' as subnet_identifier, + sub -> 'SubnetOutpost' ->> 'Arn' as subnet_outpost, + sub ->> 'SubnetStatus' as subnet_status + from + aws_docdb_cluster_instance + cross join jsonb_array_elements(vpc_security_groups) as vsg + cross join jsonb_array_elements(subnets) as sub; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_instance_5.yaml b/queries/aws_docdb_cluster_instance_5.yaml index 46a26fdd8..aa00eab74 100755 --- a/queries/aws_docdb_cluster_instance_5.yaml +++ b/queries/aws_docdb_cluster_instance_5.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_instance_5 Title: "Find all Amazon DocumentDB Cluster Instances using SQL" Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_instance_5.yaml.bak b/queries/aws_docdb_cluster_instance_5.yaml.bak new file mode 100755 index 000000000..46a26fdd8 --- /dev/null +++ b/queries/aws_docdb_cluster_instance_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_docdb_cluster_instance_5 +Title: "Find all Amazon DocumentDB Cluster Instances using SQL" +Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + db_cluster_identifier, + db_instance_class + from + aws_docdb_cluster_instance + where + not storage_encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_instance_6.yaml b/queries/aws_docdb_cluster_instance_6.yaml index 8af20be8a..dc90e73de 100755 --- a/queries/aws_docdb_cluster_instance_6.yaml +++ b/queries/aws_docdb_cluster_instance_6.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_instance_6 Title: "List Amazon DocumentDB Cluster Instances with SQL" Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_instance_6.yaml.bak b/queries/aws_docdb_cluster_instance_6.yaml.bak new file mode 100755 index 000000000..8af20be8a --- /dev/null +++ b/queries/aws_docdb_cluster_instance_6.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_docdb_cluster_instance_6 +Title: "List Amazon DocumentDB Cluster Instances with SQL" +Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + db_cluster_identifier, + db_instance_class + from + aws_docdb_cluster_instance + where + enabled_cloudwatch_logs_exports is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_instance_7.yaml b/queries/aws_docdb_cluster_instance_7.yaml index 2b4366302..4e3591a6b 100755 --- a/queries/aws_docdb_cluster_instance_7.yaml +++ b/queries/aws_docdb_cluster_instance_7.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_instance_7 Title: "List all Amazon DocumentDB Cluster Instances and Details" Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_instance_7.yaml.bak b/queries/aws_docdb_cluster_instance_7.yaml.bak new file mode 100755 index 000000000..2b4366302 --- /dev/null +++ b/queries/aws_docdb_cluster_instance_7.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_docdb_cluster_instance_7 +Title: "List all Amazon DocumentDB Cluster Instances and Details" +Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + endpoint_address, + endpoint_hosted_zone_id, + endpoint_port + from + aws_docdb_cluster_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_snapshot_1.yaml b/queries/aws_docdb_cluster_snapshot_1.yaml index 7836b0295..927dcd6e2 100755 --- a/queries/aws_docdb_cluster_snapshot_1.yaml +++ b/queries/aws_docdb_cluster_snapshot_1.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_snapshot_1 Title: "Find Amazon DocumentDB Cluster Snapshots Configuration and Status" Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_snapshot_1.yaml.bak b/queries/aws_docdb_cluster_snapshot_1.yaml.bak new file mode 100755 index 000000000..7836b0295 --- /dev/null +++ b/queries/aws_docdb_cluster_snapshot_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_docdb_cluster_snapshot_1 +Title: "Find Amazon DocumentDB Cluster Snapshots Configuration and Status" +Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_snapshot_identifier, + snapshot_type, + not storage_encrypted as storage_not_encrypted, + split_part(kms_key_id, '/', 1) as kms_key_id + from + aws_docdb_cluster_snapshot + where + not storage_encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_snapshot_2.yaml b/queries/aws_docdb_cluster_snapshot_2.yaml index 287568ee2..53d2b4dc1 100755 --- a/queries/aws_docdb_cluster_snapshot_2.yaml +++ b/queries/aws_docdb_cluster_snapshot_2.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_snapshot_2 Title: "Find Amazon DocumentDB Cluster Snapshot Details" Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_snapshot_2.yaml.bak b/queries/aws_docdb_cluster_snapshot_2.yaml.bak new file mode 100755 index 000000000..287568ee2 --- /dev/null +++ b/queries/aws_docdb_cluster_snapshot_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_docdb_cluster_snapshot_2 +Title: "Find Amazon DocumentDB Cluster Snapshot Details" +Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_snapshot_identifier, + cluster_create_time, + engine, + engine_version + from + aws_docdb_cluster_snapshot; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DocumentDB diff --git a/queries/aws_docdb_cluster_snapshot_3.yaml b/queries/aws_docdb_cluster_snapshot_3.yaml index a57758ce4..bafec67c3 100755 --- a/queries/aws_docdb_cluster_snapshot_3.yaml +++ b/queries/aws_docdb_cluster_snapshot_3.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_snapshot_3 Title: "List Amazon DocumentDB Cluster Snapshots and their Details" Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_snapshot_3.yaml.bak b/queries/aws_docdb_cluster_snapshot_3.yaml.bak new file mode 100755 index 000000000..a57758ce4 --- /dev/null +++ b/queries/aws_docdb_cluster_snapshot_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_docdb_cluster_snapshot_3 +Title: "List Amazon DocumentDB Cluster Snapshots and their Details" +Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + count(db_cluster_snapshot_identifier) as snapshot_count + from + aws_docdb_cluster_snapshot + group by + db_cluster_identifier; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_snapshot_4.yaml b/queries/aws_docdb_cluster_snapshot_4.yaml index 1245ee67b..86b54aeac 100755 --- a/queries/aws_docdb_cluster_snapshot_4.yaml +++ b/queries/aws_docdb_cluster_snapshot_4.yaml @@ -1,7 +1,7 @@ ID: aws_docdb_cluster_snapshot_4 Title: "Find Amazon DocumentDB Cluster Snapshot details" Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_docdb_cluster_snapshot_4.yaml.bak b/queries/aws_docdb_cluster_snapshot_4.yaml.bak new file mode 100755 index 000000000..1245ee67b --- /dev/null +++ b/queries/aws_docdb_cluster_snapshot_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_docdb_cluster_snapshot_4 +Title: "Find Amazon DocumentDB Cluster Snapshot details" +Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_snapshot_identifier, + engine, + snapshot_type + from + aws_docdb_cluster_snapshot + where + snapshot_type = 'manual'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon DocumentDB diff --git a/queries/aws_drs_job_1.yaml b/queries/aws_drs_job_1.yaml index a862cd659..ad7eb09e3 100755 --- a/queries/aws_drs_job_1.yaml +++ b/queries/aws_drs_job_1.yaml @@ -1,7 +1,7 @@ ID: aws_drs_job_1 Title: "List all AWS Data Replication Service Jobs Details" Description: "Allows users to query AWS Data Replication Service Jobs and retrieve key job details such as job ID, job status, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_job_1.yaml.bak b/queries/aws_drs_job_1.yaml.bak new file mode 100755 index 000000000..a862cd659 --- /dev/null +++ b/queries/aws_drs_job_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_drs_job_1 +Title: "List all AWS Data Replication Service Jobs Details" +Description: "Allows users to query AWS Data Replication Service Jobs and retrieve key job details such as job ID, job status, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + status, + initiated_by + from + aws_drs_job; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Data Replication Service diff --git a/queries/aws_drs_job_2.yaml b/queries/aws_drs_job_2.yaml index feab23dca..2f4eb9134 100755 --- a/queries/aws_drs_job_2.yaml +++ b/queries/aws_drs_job_2.yaml @@ -1,7 +1,7 @@ ID: aws_drs_job_2 Title: "Find AWS Data Replication Service Job Details" Description: "Allows users to query AWS Data Replication Service Jobs and retrieve key job details such as job ID, job status, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_job_2.yaml.bak b/queries/aws_drs_job_2.yaml.bak new file mode 100755 index 000000000..feab23dca --- /dev/null +++ b/queries/aws_drs_job_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_drs_job_2 +Title: "Find AWS Data Replication Service Job Details" +Description: "Allows users to query AWS Data Replication Service Jobs and retrieve key job details such as job ID, job status, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + status, + initiated_by, + creation_date_time + from + aws_drs_job + where + status = 'PENDING'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Data Replication Service diff --git a/queries/aws_drs_job_3.yaml b/queries/aws_drs_job_3.yaml index f8a26e7c7..8fedafb45 100755 --- a/queries/aws_drs_job_3.yaml +++ b/queries/aws_drs_job_3.yaml @@ -1,7 +1,7 @@ ID: aws_drs_job_3 Title: "List AWS Data Replication Service Job Details" Description: "Allows users to query AWS Data Replication Service Jobs and retrieve key job details such as job ID, job status, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_job_3.yaml.bak b/queries/aws_drs_job_3.yaml.bak new file mode 100755 index 000000000..f8a26e7c7 --- /dev/null +++ b/queries/aws_drs_job_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_drs_job_3 +Title: "List AWS Data Replication Service Job Details" +Description: "Allows users to query AWS Data Replication Service Jobs and retrieve key job details such as job ID, job status, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + status, + initiated_by, + type, + creation_date_time, + end_date_time + from + aws_drs_job + where + creation_date_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Data Replication Service diff --git a/queries/aws_drs_recovery_instance_1.yaml b/queries/aws_drs_recovery_instance_1.yaml index ef80140af..d83d93970 100755 --- a/queries/aws_drs_recovery_instance_1.yaml +++ b/queries/aws_drs_recovery_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_drs_recovery_instance_1 Title: "List AWS Disaster Recovery Service Recovery Instances" Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_recovery_instance_1.yaml.bak b/queries/aws_drs_recovery_instance_1.yaml.bak new file mode 100755 index 000000000..ef80140af --- /dev/null +++ b/queries/aws_drs_recovery_instance_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_drs_recovery_instance_1 +Title: "List AWS Disaster Recovery Service Recovery Instances" +Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + recovery_instance_id, + arn, + source_server_id, + ec2_instance_id, + ec2_instance_state + from + aws_drs_recovery_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_instance_2.yaml b/queries/aws_drs_recovery_instance_2.yaml index 6dba32326..a1a194f71 100755 --- a/queries/aws_drs_recovery_instance_2.yaml +++ b/queries/aws_drs_recovery_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_drs_recovery_instance_2 Title: "Query AWS DRS Recovery Instances for Detailed Information" Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_recovery_instance_2.yaml.bak b/queries/aws_drs_recovery_instance_2.yaml.bak new file mode 100755 index 000000000..6dba32326 --- /dev/null +++ b/queries/aws_drs_recovery_instance_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_drs_recovery_instance_2 +Title: "Query AWS DRS Recovery Instances for Detailed Information" +Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + recovery_instance_id + arn, + recovery_instance_properties ->> 'Cpus' as recovery_instance_cpus, + recovery_instance_properties ->> 'Disks' as recovery_instance_disks, + recovery_instance_properties ->> 'IdentificationHints' as recovery_instance_identification_hints, + recovery_instance_properties ->> 'LastUpdatedDateTime' as recovery_instance_last_updated_date_time, + recovery_instance_properties ->> 'NetworkInterfaces' as recovery_instance_network_interfaces, + recovery_instance_properties ->> 'Os' as recovery_instance_os, + recovery_instance_properties ->> 'RamBytes' as recovery_instance_ram_bytes + from + aws_drs_recovery_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_instance_3.yaml b/queries/aws_drs_recovery_instance_3.yaml index f681f6cbf..77e493621 100755 --- a/queries/aws_drs_recovery_instance_3.yaml +++ b/queries/aws_drs_recovery_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_drs_recovery_instance_3 Title: "List all AWS Disaster Recovery Recovery Instances" Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_recovery_instance_3.yaml.bak b/queries/aws_drs_recovery_instance_3.yaml.bak new file mode 100755 index 000000000..f681f6cbf --- /dev/null +++ b/queries/aws_drs_recovery_instance_3.yaml.bak @@ -0,0 +1,37 @@ +ID: aws_drs_recovery_instance_3 +Title: "List all AWS Disaster Recovery Recovery Instances" +Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + recovery_instance_id, + arn, + source_server_id, + ec2_instance_id, + failback ->> 'AgentLastSeenByServiceDateTime' as agent_last_seen_by_service_date_time, + failback ->> 'ElapsedReplicationDuration' as elapsed_replication_duration, + failback ->> 'FailbackClientID' as failback_client_id, + failback ->> 'FailbackClientLastSeenByServiceDateTime' as failback_client_last_seen_by_service_date_time, + failback ->> 'FailbackInitiationTime' as failback_initiation_time, + failback -> 'FailbackJobID' as failback_job_id, + failback -> 'FailbackLaunchType' as failback_launch_type, + failback -> 'FailbackToOriginalServer' as failback_to_original_server, + failback -> 'FirstByteDateTime' as failback_first_byte_date_time, + failback -> 'State' as failback_state + from + aws_drs_recovery_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_instance_4.yaml b/queries/aws_drs_recovery_instance_4.yaml index 3c89b3818..6216309e2 100755 --- a/queries/aws_drs_recovery_instance_4.yaml +++ b/queries/aws_drs_recovery_instance_4.yaml @@ -1,7 +1,7 @@ ID: aws_drs_recovery_instance_4 Title: "List All AWS Disaster Recovery Service Recovery Instances" Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_recovery_instance_4.yaml.bak b/queries/aws_drs_recovery_instance_4.yaml.bak new file mode 100755 index 000000000..3c89b3818 --- /dev/null +++ b/queries/aws_drs_recovery_instance_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_drs_recovery_instance_4 +Title: "List All AWS Disaster Recovery Service Recovery Instances" +Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + recovery_instance_id, + arn, + data_replication_info -> 'DataReplicationInitiation' ->> 'StartDateTime' as data_replication_start_date_time, + data_replication_info -> 'DataReplicationInitiation' ->> 'NextAttemptDateTime' as data_replication_next_attempt_date_time, + data_replication_info ->> 'DataReplicationError' as data_replication_error, + data_replication_info ->> 'DataReplicationState' as data_replication_state, + data_replication_info ->> 'ReplicatedDisks' as data_replication_replicated_disks + from + aws_drs_recovery_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_instance_5.yaml b/queries/aws_drs_recovery_instance_5.yaml index c7bf1a811..12dec8892 100755 --- a/queries/aws_drs_recovery_instance_5.yaml +++ b/queries/aws_drs_recovery_instance_5.yaml @@ -1,7 +1,7 @@ ID: aws_drs_recovery_instance_5 Title: "List all AWS Disaster Recovery Service Recovery Instances" Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_recovery_instance_5.yaml.bak b/queries/aws_drs_recovery_instance_5.yaml.bak new file mode 100755 index 000000000..c7bf1a811 --- /dev/null +++ b/queries/aws_drs_recovery_instance_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_drs_recovery_instance_5 +Title: "List all AWS Disaster Recovery Service Recovery Instances" +Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + recovery_instance_id, + arn, + source_server_id, + ec2_instance_id, + ec2_instance_state, + is_drill, + job_id + from + aws_drs_recovery_instance + where + not is_drill; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_snapshot_1.yaml b/queries/aws_drs_recovery_snapshot_1.yaml index 9150c59e8..24afdfa85 100755 --- a/queries/aws_drs_recovery_snapshot_1.yaml +++ b/queries/aws_drs_recovery_snapshot_1.yaml @@ -1,7 +1,7 @@ ID: aws_drs_recovery_snapshot_1 Title: "List AWS DRS Recovery Snapshot Data with Details" Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_recovery_snapshot_1.yaml.bak b/queries/aws_drs_recovery_snapshot_1.yaml.bak new file mode 100755 index 000000000..9150c59e8 --- /dev/null +++ b/queries/aws_drs_recovery_snapshot_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_drs_recovery_snapshot_1 +Title: "List AWS DRS Recovery Snapshot Data with Details" +Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_id, + source_server_id, + expected_timestamp, + timestamp, + title + from + aws_drs_recovery_snapshot; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_snapshot_2.yaml b/queries/aws_drs_recovery_snapshot_2.yaml index 7aac49a8d..b37d26e9f 100755 --- a/queries/aws_drs_recovery_snapshot_2.yaml +++ b/queries/aws_drs_recovery_snapshot_2.yaml @@ -1,7 +1,7 @@ ID: aws_drs_recovery_snapshot_2 Title: "List AWS DRS Recovery Snapshot Details and Metadata" Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_recovery_snapshot_2.yaml.bak b/queries/aws_drs_recovery_snapshot_2.yaml.bak new file mode 100755 index 000000000..7aac49a8d --- /dev/null +++ b/queries/aws_drs_recovery_snapshot_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_drs_recovery_snapshot_2 +Title: "List AWS DRS Recovery Snapshot Details and Metadata" +Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.snapshot_id, + r.source_server_id, + s.arn as source_server_arn, + s.recovery_instance_id, + s.replication_direction + from + aws_drs_recovery_snapshot r, + aws_drs_source_server as s + where + r.source_server_id = s.source_server_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_snapshot_3.yaml b/queries/aws_drs_recovery_snapshot_3.yaml index 9772065e7..417916c42 100755 --- a/queries/aws_drs_recovery_snapshot_3.yaml +++ b/queries/aws_drs_recovery_snapshot_3.yaml @@ -1,7 +1,7 @@ ID: aws_drs_recovery_snapshot_3 Title: "List all Recovery Snapshot Data in AWS DRS" Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_recovery_snapshot_3.yaml.bak b/queries/aws_drs_recovery_snapshot_3.yaml.bak new file mode 100755 index 000000000..9772065e7 --- /dev/null +++ b/queries/aws_drs_recovery_snapshot_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_drs_recovery_snapshot_3 +Title: "List all Recovery Snapshot Data in AWS DRS" +Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + source_server_id, + count(snapshot_id) as recovery_snapshot_count + from + aws_drs_recovery_snapshot + group by + source_server_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_snapshot_4.yaml b/queries/aws_drs_recovery_snapshot_4.yaml index 45cd6f093..84018cbb0 100755 --- a/queries/aws_drs_recovery_snapshot_4.yaml +++ b/queries/aws_drs_recovery_snapshot_4.yaml @@ -1,7 +1,7 @@ ID: aws_drs_recovery_snapshot_4 Title: "List AWS DRS Recovery Snapshots with Metadata Details" Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_recovery_snapshot_4.yaml.bak b/queries/aws_drs_recovery_snapshot_4.yaml.bak new file mode 100755 index 000000000..45cd6f093 --- /dev/null +++ b/queries/aws_drs_recovery_snapshot_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_drs_recovery_snapshot_4 +Title: "List AWS DRS Recovery Snapshots with Metadata Details" +Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_id, + source_server_id, + expected_timestamp, + timestamp + from + aws_drs_recovery_snapshot + where + timestamp <= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_snapshot_5.yaml b/queries/aws_drs_recovery_snapshot_5.yaml index 9dd9cb210..bceab67f4 100755 --- a/queries/aws_drs_recovery_snapshot_5.yaml +++ b/queries/aws_drs_recovery_snapshot_5.yaml @@ -1,7 +1,7 @@ ID: aws_drs_recovery_snapshot_5 Title: "List all AWS DRS Recovery Snapshot Data" Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_recovery_snapshot_5.yaml.bak b/queries/aws_drs_recovery_snapshot_5.yaml.bak new file mode 100755 index 000000000..9dd9cb210 --- /dev/null +++ b/queries/aws_drs_recovery_snapshot_5.yaml.bak @@ -0,0 +1,38 @@ +ID: aws_drs_recovery_snapshot_5 +Title: "List all AWS DRS Recovery Snapshot Data" +Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.snapshot_id, + r.source_server_id, + s as ebs_snapshot_id, + e.state as snapshot_state, + e.volume_size, + e.volume_id, + e.encrypted, + e.kms_key_id, + e.data_encryption_key_id + from + aws_drs_recovery_snapshot as r, + jsonb_array_elements_text(ebs_snapshots) as s, + aws_ebs_snapshot as e + where + r.snapshot_id = 'pit-3367d3f930778a9c3' + and + s = e.snapshot_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Disaster Recovery Service diff --git a/queries/aws_drs_source_server_1.yaml b/queries/aws_drs_source_server_1.yaml index 92cbedd36..57bb3def8 100755 --- a/queries/aws_drs_source_server_1.yaml +++ b/queries/aws_drs_source_server_1.yaml @@ -1,7 +1,7 @@ ID: aws_drs_source_server_1 Title: "List all AWS Database Migration Service Source Servers" Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_source_server_1.yaml.bak b/queries/aws_drs_source_server_1.yaml.bak new file mode 100755 index 000000000..92cbedd36 --- /dev/null +++ b/queries/aws_drs_source_server_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_drs_source_server_1 +Title: "List all AWS Database Migration Service Source Servers" +Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + last_launch_result, + source_server_id, + title + from + aws_drs_source_server; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_drs_source_server_2.yaml b/queries/aws_drs_source_server_2.yaml index 8e56f3670..a60002f6c 100755 --- a/queries/aws_drs_source_server_2.yaml +++ b/queries/aws_drs_source_server_2.yaml @@ -1,7 +1,7 @@ ID: aws_drs_source_server_2 Title: "List all AWS DMS Source Servers for Detailed Info" Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_source_server_2.yaml.bak b/queries/aws_drs_source_server_2.yaml.bak new file mode 100755 index 000000000..8e56f3670 --- /dev/null +++ b/queries/aws_drs_source_server_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_drs_source_server_2 +Title: "List all AWS DMS Source Servers for Detailed Info" +Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + title, + source_cloud_properties ->> 'OriginAccountID' as source_cloud_origin_account_id, + source_cloud_properties ->> 'OriginAvailabilityZone' as source_cloud_origin_availability_zone, + source_cloud_properties ->> 'OriginRegion' as source_cloud_origin_region + from + aws_drs_source_server; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_drs_source_server_3.yaml b/queries/aws_drs_source_server_3.yaml index 5b7493160..80a5f0cbe 100755 --- a/queries/aws_drs_source_server_3.yaml +++ b/queries/aws_drs_source_server_3.yaml @@ -1,7 +1,7 @@ ID: aws_drs_source_server_3 Title: "Query AWS DMS Source Servers for Replication Details" Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_source_server_3.yaml.bak b/queries/aws_drs_source_server_3.yaml.bak new file mode 100755 index 000000000..5b7493160 --- /dev/null +++ b/queries/aws_drs_source_server_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_drs_source_server_3 +Title: "Query AWS DMS Source Servers for Replication Details" +Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + title, + source_properties ->> 'Cpus' as source_cpus, + source_properties ->> 'Disks' as source_disks, + source_properties -> 'IdentificationHints' ->> 'Hostname' as source_hostname, + source_properties ->> 'NetworkInterfaces' as source_network_interfaces, + source_properties -> 'Os' ->> 'FullString' as source_os, + source_properties -> 'RamBytes' as source_ram_bytes, + source_properties -> 'RecommendedInstanceType' as source_recommended_instance_type, + source_properties -> 'LastUpdatedDateTime' as source_last_updated_date_time + from + aws_drs_source_server; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_drs_source_server_4.yaml b/queries/aws_drs_source_server_4.yaml index 311b59711..26d9226b7 100755 --- a/queries/aws_drs_source_server_4.yaml +++ b/queries/aws_drs_source_server_4.yaml @@ -1,7 +1,7 @@ ID: aws_drs_source_server_4 Title: "List all AWS DMS Source Servers with Replication Info" Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_source_server_4.yaml.bak b/queries/aws_drs_source_server_4.yaml.bak new file mode 100755 index 000000000..311b59711 --- /dev/null +++ b/queries/aws_drs_source_server_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_drs_source_server_4 +Title: "List all AWS DMS Source Servers with Replication Info" +Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + title, + data_replication_info -> 'DataReplicationInitiation' ->> 'StartDateTime' as data_replication_start_date_time, + data_replication_info -> 'DataReplicationInitiation' ->> 'NextAttemptDateTime' as data_replication_next_attempt_date_time, + data_replication_info ->> 'DataReplicationError' as data_replication_error, + data_replication_info ->> 'DataReplicationState' as data_replication_state, + data_replication_info ->> 'ReplicatedDisks' as data_replication_replicated_disks + from + aws_drs_source_server; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_drs_source_server_5.yaml b/queries/aws_drs_source_server_5.yaml index cf673d2f4..38b219762 100755 --- a/queries/aws_drs_source_server_5.yaml +++ b/queries/aws_drs_source_server_5.yaml @@ -1,7 +1,7 @@ ID: aws_drs_source_server_5 Title: "List AWS DMS Source Servers with Detailed Information" Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_source_server_5.yaml.bak b/queries/aws_drs_source_server_5.yaml.bak new file mode 100755 index 000000000..cf673d2f4 --- /dev/null +++ b/queries/aws_drs_source_server_5.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_drs_source_server_5 +Title: "List AWS DMS Source Servers with Detailed Information" +Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + title, + launch_configuration ->> 'Name' as launch_configuration_name, + launch_configuration ->> 'CopyPrivateIp' as launch_configuration_copy_private_ip, + launch_configuration ->> 'CopyTags' as launch_configuration_copy_tags, + launch_configuration ->> 'Ec2LaunchTemplateID' as launch_configuration_ec2_launch_template_id, + launch_configuration ->> 'LaunchDisposition' as launch_configuration_disposition, + launch_configuration ->> 'TargetInstanceTypeRightSizingMethod' as launch_configuration_target_instance_type_right_sizing_method, + launch_configuration -> 'Licensing' as launch_configuration_licensing, + launch_configuration -> 'ResultMetadata' as launch_configuration_result_metadata + from + aws_drs_source_server; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_drs_source_server_6.yaml b/queries/aws_drs_source_server_6.yaml index a9a557b4b..72fd284fc 100755 --- a/queries/aws_drs_source_server_6.yaml +++ b/queries/aws_drs_source_server_6.yaml @@ -1,7 +1,7 @@ ID: aws_drs_source_server_6 Title: "Find Failed AWS Database Migration Source Servers" Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_source_server_6.yaml.bak b/queries/aws_drs_source_server_6.yaml.bak new file mode 100755 index 000000000..72fd284fc --- /dev/null +++ b/queries/aws_drs_source_server_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_drs_source_server_6 +Title: "Find Failed AWS Database Migration Source Servers" +Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + last_launch_result, + source_server_id + from + aws_drs_source_server + where + last_launch_result = 'FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_drs_source_server_6.yaml.bak.bak b/queries/aws_drs_source_server_6.yaml.bak.bak new file mode 100755 index 000000000..72fd284fc --- /dev/null +++ b/queries/aws_drs_source_server_6.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_drs_source_server_6 +Title: "Find Failed AWS Database Migration Source Servers" +Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + last_launch_result, + source_server_id + from + aws_drs_source_server + where + last_launch_result = 'FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_drs_source_server_7.yaml b/queries/aws_drs_source_server_7.yaml index da3969927..587dc36a5 100755 --- a/queries/aws_drs_source_server_7.yaml +++ b/queries/aws_drs_source_server_7.yaml @@ -1,7 +1,7 @@ ID: aws_drs_source_server_7 Title: "Find AWS DMS Source Server Data Replication Details" Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_drs_source_server_7.yaml.bak b/queries/aws_drs_source_server_7.yaml.bak new file mode 100755 index 000000000..da3969927 --- /dev/null +++ b/queries/aws_drs_source_server_7.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_drs_source_server_7 +Title: "Find AWS DMS Source Server Data Replication Details" +Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + data_replication_info ->> 'DataReplicationState' as data_replication_state, + data_replication_info ->> 'DataReplicationError' as data_replication_error, + data_replication_info -> 'DataReplicationInitiation' ->> 'StartDateTime' as data_replication_start_date_time, + data_replication_info -> 'DataReplicationInitiation' ->> 'NextAttemptDateTime' as data_replication_next_attempt_date_time + from + aws_drs_source_server + where + data_replication_info ->> 'DataReplicationState' = 'DISCONNECTED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Database Migration Service diff --git a/queries/aws_dynamodb_backup_1.yaml b/queries/aws_dynamodb_backup_1.yaml index a0489a9f0..cb04a7baa 100755 --- a/queries/aws_dynamodb_backup_1.yaml +++ b/queries/aws_dynamodb_backup_1.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_backup_1 Title: "List all DynamoDB Backup details with SQL query" Description: "Allows users to query DynamoDB Backup details such as backup ARN, backup creation date, backup size, backup status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_backup_1.yaml.bak b/queries/aws_dynamodb_backup_1.yaml.bak new file mode 100755 index 000000000..a0489a9f0 --- /dev/null +++ b/queries/aws_dynamodb_backup_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_dynamodb_backup_1 +Title: "List all DynamoDB Backup details with SQL query" +Description: "Allows users to query DynamoDB Backup details such as backup ARN, backup creation date, backup size, backup status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + table_name, + table_id + from + aws_dynamodb_backup; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_backup_2.yaml b/queries/aws_dynamodb_backup_2.yaml index 44dc0ddd8..b918158d9 100755 --- a/queries/aws_dynamodb_backup_2.yaml +++ b/queries/aws_dynamodb_backup_2.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_backup_2 Title: "List all AWS DynamoDB Backup Details" Description: "Allows users to query DynamoDB Backup details such as backup ARN, backup creation date, backup size, backup status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_backup_2.yaml.bak b/queries/aws_dynamodb_backup_2.yaml.bak new file mode 100755 index 000000000..44dc0ddd8 --- /dev/null +++ b/queries/aws_dynamodb_backup_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_dynamodb_backup_2 +Title: "List all AWS DynamoDB Backup Details" +Description: "Allows users to query DynamoDB Backup details such as backup ARN, backup creation date, backup size, backup status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + backup_status, + backup_type, + backup_expiry_datetime, + backup_size_bytes + from + aws_dynamodb_backup; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_global_table_1.yaml b/queries/aws_dynamodb_global_table_1.yaml index 769a91275..8ebbc2385 100755 --- a/queries/aws_dynamodb_global_table_1.yaml +++ b/queries/aws_dynamodb_global_table_1.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_global_table_1 Title: "List all AWS DynamoDB Global Tables and their Regions" Description: "Allows users to query AWS DynamoDB Global Tables to gather information about the global tables, including the table name, creation time, status, and other related details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_global_table_1.yaml.bak b/queries/aws_dynamodb_global_table_1.yaml.bak new file mode 100755 index 000000000..769a91275 --- /dev/null +++ b/queries/aws_dynamodb_global_table_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_dynamodb_global_table_1 +Title: "List all AWS DynamoDB Global Tables and their Regions" +Description: "Allows users to query AWS DynamoDB Global Tables to gather information about the global tables, including the table name, creation time, status, and other related details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + global_table_name, + rg -> 'RegionName' as region_name + from + aws_dynamodb_global_table + cross join jsonb_array_elements(replication_group) as rg; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB Global Table diff --git a/queries/aws_dynamodb_global_table_2.yaml b/queries/aws_dynamodb_global_table_2.yaml index 97d2d7793..fd478c18f 100755 --- a/queries/aws_dynamodb_global_table_2.yaml +++ b/queries/aws_dynamodb_global_table_2.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_global_table_2 Title: "List all AWS DynamoDB Global Tables with Details" Description: "Allows users to query AWS DynamoDB Global Tables to gather information about the global tables, including the table name, creation time, status, and other related details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_global_table_2.yaml.bak b/queries/aws_dynamodb_global_table_2.yaml.bak new file mode 100755 index 000000000..97d2d7793 --- /dev/null +++ b/queries/aws_dynamodb_global_table_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_dynamodb_global_table_2 +Title: "List all AWS DynamoDB Global Tables with Details" +Description: "Allows users to query AWS DynamoDB Global Tables to gather information about the global tables, including the table name, creation time, status, and other related details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + global_table_name, + global_table_status, + rg -> 'GlobalSecondaryIndexes' as global_secondary_indexes, + rg -> 'RegionName' as region_name, + rg -> 'ReplicaInaccessibleDateTime' as replica_inaccessible_date_time, + rg -> 'ReplicaStatus' as replica_status, + rg -> 'ReplicaStatusDescription' as replica_status_description, + rg -> 'ReplicaStatusPercentProgress' as replica_status_percent_progress + from + aws_dynamodb_global_table + cross join jsonb_array_elements(replication_group) as rg; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml index 33ab3f8d6..fbb7bf723 100755 --- a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml +++ b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_metric_account_provisioned_read_capacity_util_1 Title: "List AWS DynamoDB Metrics on Read Capacity Utilization" Description: "Allows users to query DynamoDB Metrics on account provisioned read capacity utilization." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak new file mode 100755 index 000000000..fbb7bf723 --- /dev/null +++ b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_dynamodb_metric_account_provisioned_read_capacity_util_1 +Title: "List AWS DynamoDB Metrics on Read Capacity Utilization" +Description: "Allows users to query DynamoDB Metrics on account provisioned read capacity utilization." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + account_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_dynamodb_metric_account_provisioned_read_capacity_util + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak.bak b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak.bak new file mode 100755 index 000000000..fbb7bf723 --- /dev/null +++ b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_dynamodb_metric_account_provisioned_read_capacity_util_1 +Title: "List AWS DynamoDB Metrics on Read Capacity Utilization" +Description: "Allows users to query DynamoDB Metrics on account provisioned read capacity utilization." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + account_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_dynamodb_metric_account_provisioned_read_capacity_util + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml index 680f2290e..96a8a8059 100755 --- a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml +++ b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_metric_account_provisioned_read_capacity_util_2 Title: "List all AWS DynamoDB Metrics on Read Capacity Utilization" Description: "Allows users to query DynamoDB Metrics on account provisioned read capacity utilization." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml.bak b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml.bak new file mode 100755 index 000000000..680f2290e --- /dev/null +++ b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_dynamodb_metric_account_provisioned_read_capacity_util_2 +Title: "List all AWS DynamoDB Metrics on Read Capacity Utilization" +Description: "Allows users to query DynamoDB Metrics on account provisioned read capacity utilization." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + account_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_dynamodb_metric_account_provisioned_read_capacity_util + where + maximum > 80 + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml index 32f053cff..92801c904 100755 --- a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml +++ b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_metric_account_provisioned_write_capacity_util_1 Title: "List AWS DynamoDB Metrics for Write Capacity Utilization" Description: "Allows users to query AWS DynamoDB Metrics for account provisioned write capacity utilization." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak new file mode 100755 index 000000000..92801c904 --- /dev/null +++ b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_dynamodb_metric_account_provisioned_write_capacity_util_1 +Title: "List AWS DynamoDB Metrics for Write Capacity Utilization" +Description: "Allows users to query AWS DynamoDB Metrics for account provisioned write capacity utilization." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + account_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_dynamodb_metric_account_provisioned_write_capacity_util + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak.bak b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak.bak new file mode 100755 index 000000000..32f053cff --- /dev/null +++ b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_dynamodb_metric_account_provisioned_write_capacity_util_1 +Title: "List AWS DynamoDB Metrics for Write Capacity Utilization" +Description: "Allows users to query AWS DynamoDB Metrics for account provisioned write capacity utilization." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + account_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_dynamodb_metric_account_provisioned_write_capacity_util + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml index 36203fa48..db39682e1 100755 --- a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml +++ b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_metric_account_provisioned_write_capacity_util_2 Title: "List AWS DynamoDB Account Write Capacity Utilization Metrics" Description: "Allows users to query AWS DynamoDB Metrics for account provisioned write capacity utilization." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml.bak b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml.bak new file mode 100755 index 000000000..36203fa48 --- /dev/null +++ b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_dynamodb_metric_account_provisioned_write_capacity_util_2 +Title: "List AWS DynamoDB Account Write Capacity Utilization Metrics" +Description: "Allows users to query AWS DynamoDB Metrics for account provisioned write capacity utilization." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + account_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_dynamodb_metric_account_provisioned_write_capacity_util + where + maximum > 80 + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_table_1.yaml b/queries/aws_dynamodb_table_1.yaml index 1b91f3e8c..857a21384 100755 --- a/queries/aws_dynamodb_table_1.yaml +++ b/queries/aws_dynamodb_table_1.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_table_1 Title: "Find AWS DynamoDB Tables with Missing SSE Description" Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_table_1.yaml.bak b/queries/aws_dynamodb_table_1.yaml.bak new file mode 100755 index 000000000..1b91f3e8c --- /dev/null +++ b/queries/aws_dynamodb_table_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_dynamodb_table_1 +Title: "Find AWS DynamoDB Tables with Missing SSE Description" +Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + sse_description + from + aws_dynamodb_table + where + sse_description is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_table_2.yaml b/queries/aws_dynamodb_table_2.yaml index 99da14340..334c0111a 100755 --- a/queries/aws_dynamodb_table_2.yaml +++ b/queries/aws_dynamodb_table_2.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_table_2 Title: "List all AWS DynamoDB Tables with Disabled Backups" Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_table_2.yaml.bak b/queries/aws_dynamodb_table_2.yaml.bak new file mode 100755 index 000000000..99da14340 --- /dev/null +++ b/queries/aws_dynamodb_table_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_dynamodb_table_2 +Title: "List all AWS DynamoDB Tables with Disabled Backups" +Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + continuous_backups_status + from + aws_dynamodb_table + where + continuous_backups_status = 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_table_3.yaml b/queries/aws_dynamodb_table_3.yaml index 83d9f54bb..948a75b51 100755 --- a/queries/aws_dynamodb_table_3.yaml +++ b/queries/aws_dynamodb_table_3.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_table_3 Title: "List all AWS DynamoDB Tables and retrieve their status" Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_table_3.yaml.bak b/queries/aws_dynamodb_table_3.yaml.bak new file mode 100755 index 000000000..83d9f54bb --- /dev/null +++ b/queries/aws_dynamodb_table_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_dynamodb_table_3 +Title: "List all AWS DynamoDB Tables and retrieve their status" +Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + point_in_time_recovery_description ->> 'EarliestRestorableDateTime' as earliest_restorable_date_time, + point_in_time_recovery_description ->> 'LatestRestorableDateTime' as latest_restorable_date_time, + point_in_time_recovery_description ->> 'PointInTimeRecoveryStatus' as point_in_time_recovery_status + from + aws_dynamodb_table; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_table_4.yaml b/queries/aws_dynamodb_table_4.yaml index 20a263148..d57707252 100755 --- a/queries/aws_dynamodb_table_4.yaml +++ b/queries/aws_dynamodb_table_4.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_table_4 Title: "List all AWS DynamoDB table configurations and status" Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_table_4.yaml.bak b/queries/aws_dynamodb_table_4.yaml.bak new file mode 100755 index 000000000..20a263148 --- /dev/null +++ b/queries/aws_dynamodb_table_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_dynamodb_table_4 +Title: "List all AWS DynamoDB table configurations and status" +Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + d ->> 'StreamArn' as kinesis_stream_arn, + d ->> 'DestinationStatus' as stream_status + from + aws_dynamodb_table, + jsonb_array_elements(streaming_destination -> 'KinesisDataStreamDestinations') as d + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_table_export_1.yaml b/queries/aws_dynamodb_table_export_1.yaml index ac9a2cc7b..a38ceb63c 100755 --- a/queries/aws_dynamodb_table_export_1.yaml +++ b/queries/aws_dynamodb_table_export_1.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_table_export_1 Title: "List all details of AWS DynamoDB Table Exports" Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_table_export_1.yaml.bak b/queries/aws_dynamodb_table_export_1.yaml.bak new file mode 100755 index 000000000..ac9a2cc7b --- /dev/null +++ b/queries/aws_dynamodb_table_export_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_dynamodb_table_export_1 +Title: "List all details of AWS DynamoDB Table Exports" +Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + end_time, + export_format, + export_status, + s3_bucket + from + aws_dynamodb_table_export; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_table_export_2.yaml b/queries/aws_dynamodb_table_export_2.yaml index 32486b991..3c47d03d5 100755 --- a/queries/aws_dynamodb_table_export_2.yaml +++ b/queries/aws_dynamodb_table_export_2.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_table_export_2 Title: "List all AWS DynamoDB Table Exports with Details" Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_table_export_2.yaml.bak b/queries/aws_dynamodb_table_export_2.yaml.bak new file mode 100755 index 000000000..3c47d03d5 --- /dev/null +++ b/queries/aws_dynamodb_table_export_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_dynamodb_table_export_2 +Title: "List all AWS DynamoDB Table Exports with Details" +Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + end_time, + export_format, + export_status, + s3_bucket + from + aws_dynamodb_table_export + where + export_status <> 'COMPLETED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_table_export_2.yaml.bak.bak b/queries/aws_dynamodb_table_export_2.yaml.bak.bak new file mode 100755 index 000000000..3c47d03d5 --- /dev/null +++ b/queries/aws_dynamodb_table_export_2.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_dynamodb_table_export_2 +Title: "List all AWS DynamoDB Table Exports with Details" +Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + end_time, + export_format, + export_status, + s3_bucket + from + aws_dynamodb_table_export + where + export_status <> 'COMPLETED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_dynamodb_table_export_3.yaml b/queries/aws_dynamodb_table_export_3.yaml index 82fe9066c..d1570fea2 100755 --- a/queries/aws_dynamodb_table_export_3.yaml +++ b/queries/aws_dynamodb_table_export_3.yaml @@ -1,7 +1,7 @@ ID: aws_dynamodb_table_export_3 Title: "Find AWS DynamoDB Table Exports with Detailed Info" Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_dynamodb_table_export_3.yaml.bak b/queries/aws_dynamodb_table_export_3.yaml.bak new file mode 100755 index 000000000..82fe9066c --- /dev/null +++ b/queries/aws_dynamodb_table_export_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_dynamodb_table_export_3 +Title: "Find AWS DynamoDB Table Exports with Detailed Info" +Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + end_time, + export_format, + export_status, + export_time, + s3_bucket + from + aws_dynamodb_table_export + where + export_time >= now() - interval '10' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - DynamoDB diff --git a/queries/aws_ebs_snapshot_1.yaml b/queries/aws_ebs_snapshot_1.yaml index 388302e5b..2b838c2ac 100755 --- a/queries/aws_ebs_snapshot_1.yaml +++ b/queries/aws_ebs_snapshot_1.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_snapshot_1 Title: "Find Detailed Information About AWS EBS Snapshots" Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_snapshot_1.yaml.bak b/queries/aws_ebs_snapshot_1.yaml.bak new file mode 100755 index 000000000..388302e5b --- /dev/null +++ b/queries/aws_ebs_snapshot_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ebs_snapshot_1 +Title: "Find Detailed Information About AWS EBS Snapshots" +Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_id, + arn, + encrypted + from + aws_ebs_snapshot + where + not encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_snapshot_2.yaml b/queries/aws_ebs_snapshot_2.yaml index ef1ab1b93..037fa7113 100755 --- a/queries/aws_ebs_snapshot_2.yaml +++ b/queries/aws_ebs_snapshot_2.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_snapshot_2 Title: "Find AWS EBS Snapshots with User and Group Details" Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_snapshot_2.yaml.bak b/queries/aws_ebs_snapshot_2.yaml.bak new file mode 100755 index 000000000..ef1ab1b93 --- /dev/null +++ b/queries/aws_ebs_snapshot_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ebs_snapshot_2 +Title: "Find AWS EBS Snapshots with User and Group Details" +Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_id, + arn, + volume_id, + perm ->> 'UserId' as userid, + perm ->> 'Group' as group + from + aws_ebs_snapshot + cross join jsonb_array_elements(create_volume_permissions) as perm + where + perm ->> 'Group' = 'all'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_snapshot_3.yaml b/queries/aws_ebs_snapshot_3.yaml index bf3285318..095619b9e 100755 --- a/queries/aws_ebs_snapshot_3.yaml +++ b/queries/aws_ebs_snapshot_3.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_snapshot_3 Title: "List all AWS EBS snapshots with details" Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_snapshot_3.yaml.bak b/queries/aws_ebs_snapshot_3.yaml.bak new file mode 100755 index 000000000..bf3285318 --- /dev/null +++ b/queries/aws_ebs_snapshot_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ebs_snapshot_3 +Title: "List all AWS EBS snapshots with details" +Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_id, + volume_id, + perm ->> 'UserId' as account_ids + from + aws_ebs_snapshot + cross join jsonb_array_elements(create_volume_permissions) as perm; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_snapshot_4.yaml b/queries/aws_ebs_snapshot_4.yaml index b75436496..3c5c73505 100755 --- a/queries/aws_ebs_snapshot_4.yaml +++ b/queries/aws_ebs_snapshot_4.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_snapshot_4 Title: "List all AWS EBS snapshots with configuration details" Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_snapshot_4.yaml.bak b/queries/aws_ebs_snapshot_4.yaml.bak new file mode 100755 index 000000000..3c5c73505 --- /dev/null +++ b/queries/aws_ebs_snapshot_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ebs_snapshot_4 +Title: "List all AWS EBS snapshots with configuration details" +Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + count(snapshot_id) as snapshot_id + from + aws_ebs_snapshot + group by + volume_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_snapshot_4.yaml.bak.bak b/queries/aws_ebs_snapshot_4.yaml.bak.bak new file mode 100755 index 000000000..b75436496 --- /dev/null +++ b/queries/aws_ebs_snapshot_4.yaml.bak.bak @@ -0,0 +1,25 @@ +ID: aws_ebs_snapshot_4 +Title: "List all AWS EBS snapshots with configuration details" +Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + count(snapshot_id) as snapshot_id + from + aws_ebs_snapshot + group by + volume_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_snapshot_5.yaml b/queries/aws_ebs_snapshot_5.yaml index d2012bc4f..fd555c342 100755 --- a/queries/aws_ebs_snapshot_5.yaml +++ b/queries/aws_ebs_snapshot_5.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_snapshot_5 Title: "Find details of AWS EBS snapshot configurations" Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_snapshot_5.yaml.bak b/queries/aws_ebs_snapshot_5.yaml.bak new file mode 100755 index 000000000..d2012bc4f --- /dev/null +++ b/queries/aws_ebs_snapshot_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ebs_snapshot_5 +Title: "Find details of AWS EBS snapshot configurations" +Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_id, + arn, + encrypted, + owner_id + from + aws_ebs_snapshot + where + owner_id = '859788737657'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_snapshot_6.yaml b/queries/aws_ebs_snapshot_6.yaml index f0d483757..10a7600ce 100755 --- a/queries/aws_ebs_snapshot_6.yaml +++ b/queries/aws_ebs_snapshot_6.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_snapshot_6 Title: "Find EBS Snapshots Configuration and Metadata in AWS" Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_snapshot_6.yaml.bak b/queries/aws_ebs_snapshot_6.yaml.bak new file mode 100755 index 000000000..f0d483757 --- /dev/null +++ b/queries/aws_ebs_snapshot_6.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ebs_snapshot_6 +Title: "Find EBS Snapshots Configuration and Metadata in AWS" +Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_id, + arn, + encrypted, + owner_id + from + aws_ebs_snapshot + where + snapshot_id = 'snap-07bf4f91353ad71ae'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_snapshot_7.yaml b/queries/aws_ebs_snapshot_7.yaml index 532c4d8c0..6c1f7540e 100755 --- a/queries/aws_ebs_snapshot_7.yaml +++ b/queries/aws_ebs_snapshot_7.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_snapshot_7 Title: "List all AWS EBS Snapshot Configurations and Status" Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_snapshot_7.yaml.bak b/queries/aws_ebs_snapshot_7.yaml.bak new file mode 100755 index 000000000..532c4d8c0 --- /dev/null +++ b/queries/aws_ebs_snapshot_7.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ebs_snapshot_7 +Title: "List all AWS EBS Snapshot Configurations and Status" +Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_id, + arn, + encrypted, + owner_id + from + aws_ebs_snapshot + where + owner_alias = 'amazon' + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_volume_1.yaml b/queries/aws_ebs_volume_1.yaml index c6468f9ea..ee8e7fb54 100755 --- a/queries/aws_ebs_volume_1.yaml +++ b/queries/aws_ebs_volume_1.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_1 Title: "Find All Unencrypted EBS Volumes in AWS" Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_1.yaml.bak b/queries/aws_ebs_volume_1.yaml.bak new file mode 100755 index 000000000..c6468f9ea --- /dev/null +++ b/queries/aws_ebs_volume_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ebs_volume_1 +Title: "Find All Unencrypted EBS Volumes in AWS" +Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + encrypted + from + aws_ebs_volume + where + not encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_volume_2.yaml b/queries/aws_ebs_volume_2.yaml index 02b631158..fef88e899 100755 --- a/queries/aws_ebs_volume_2.yaml +++ b/queries/aws_ebs_volume_2.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_2 Title: "List all AWS EBS volumes with no attachments" Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_2.yaml.bak b/queries/aws_ebs_volume_2.yaml.bak new file mode 100755 index 000000000..02b631158 --- /dev/null +++ b/queries/aws_ebs_volume_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ebs_volume_2 +Title: "List all AWS EBS volumes with no attachments" +Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + volume_type + from + aws_ebs_volume + where + jsonb_array_length(attachments) = 0; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_volume_3.yaml b/queries/aws_ebs_volume_3.yaml index b58bda1ec..d9b42c04a 100755 --- a/queries/aws_ebs_volume_3.yaml +++ b/queries/aws_ebs_volume_3.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_3 Title: "List all AWS EBS Volumes and Their Details" Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_3.yaml.bak b/queries/aws_ebs_volume_3.yaml.bak new file mode 100755 index 000000000..d9b42c04a --- /dev/null +++ b/queries/aws_ebs_volume_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ebs_volume_3 +Title: "List all AWS EBS Volumes and Their Details" +Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + volume_type + from + aws_ebs_volume + where + volume_type = 'io1'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_volume_3.yaml.bak.bak b/queries/aws_ebs_volume_3.yaml.bak.bak new file mode 100755 index 000000000..b58bda1ec --- /dev/null +++ b/queries/aws_ebs_volume_3.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_ebs_volume_3 +Title: "List all AWS EBS Volumes and Their Details" +Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + volume_type + from + aws_ebs_volume + where + volume_type = 'io1'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_volume_4.yaml b/queries/aws_ebs_volume_4.yaml index 8059789b3..a8bddaa22 100755 --- a/queries/aws_ebs_volume_4.yaml +++ b/queries/aws_ebs_volume_4.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_4 Title: "List all AWS EBS volumes with configuration and status details" Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_4.yaml.bak b/queries/aws_ebs_volume_4.yaml.bak new file mode 100755 index 000000000..8059789b3 --- /dev/null +++ b/queries/aws_ebs_volume_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ebs_volume_4 +Title: "List all AWS EBS volumes with configuration and status details" +Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + size + from + aws_ebs_volume + where + size > '100'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_volume_5.yaml b/queries/aws_ebs_volume_5.yaml index 79a8ee80f..036dceb1d 100755 --- a/queries/aws_ebs_volume_5.yaml +++ b/queries/aws_ebs_volume_5.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_5 Title: "List all AWS EBS Volumes and Configuration Details" Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_5.yaml.bak b/queries/aws_ebs_volume_5.yaml.bak new file mode 100755 index 000000000..79a8ee80f --- /dev/null +++ b/queries/aws_ebs_volume_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ebs_volume_5 +Title: "List all AWS EBS Volumes and Configuration Details" +Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_type, + count(volume_type) as count + from + aws_ebs_volume + group by + volume_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_volume_6.yaml b/queries/aws_ebs_volume_6.yaml index 987fb78a3..d4a609f81 100755 --- a/queries/aws_ebs_volume_6.yaml +++ b/queries/aws_ebs_volume_6.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_6 Title: "List all AWS EBS volumes and their stopped instances" Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_6.yaml.bak b/queries/aws_ebs_volume_6.yaml.bak new file mode 100755 index 000000000..987fb78a3 --- /dev/null +++ b/queries/aws_ebs_volume_6.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ebs_volume_6 +Title: "List all AWS EBS volumes and their stopped instances" +Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + size, + att ->> 'InstanceId' as instance_id + from + aws_ebs_volume + cross join jsonb_array_elements(attachments) as att + join aws_ec2_instance as i on i.instance_id = att ->> 'InstanceId' + where + instance_state = 'stopped'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_volume_7.yaml b/queries/aws_ebs_volume_7.yaml index c812df3e2..cfb428464 100755 --- a/queries/aws_ebs_volume_7.yaml +++ b/queries/aws_ebs_volume_7.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_7 Title: "List AWS EBS Volumes for Configuration and Status" Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_7.yaml.bak b/queries/aws_ebs_volume_7.yaml.bak new file mode 100755 index 000000000..c812df3e2 --- /dev/null +++ b/queries/aws_ebs_volume_7.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ebs_volume_7 +Title: "List AWS EBS Volumes for Configuration and Status" +Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + volume_type + from + aws_ebs_volume + where + volume_type = 'io1'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_volume_metric_read_ops_1.yaml b/queries/aws_ebs_volume_metric_read_ops_1.yaml index f7aed238f..71edb46e1 100755 --- a/queries/aws_ebs_volume_metric_read_ops_1.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_1.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_read_ops_1 Title: "List all AWS EBS Volume read operations metrics" Description: "Allows users to query AWS EBS Volume read operations metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_read_ops_1.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_1.yaml.bak new file mode 100755 index 000000000..71edb46e1 --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ebs_volume_metric_read_ops_1 +Title: "List all AWS EBS Volume read operations metrics" +Description: "Allows users to query AWS EBS Volume read operations metrics." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_read_ops + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS Volume diff --git a/queries/aws_ebs_volume_metric_read_ops_1.yaml.bak.bak b/queries/aws_ebs_volume_metric_read_ops_1.yaml.bak.bak new file mode 100755 index 000000000..71edb46e1 --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_1.yaml.bak.bak @@ -0,0 +1,33 @@ +ID: aws_ebs_volume_metric_read_ops_1 +Title: "List all AWS EBS Volume read operations metrics" +Description: "Allows users to query AWS EBS Volume read operations metrics." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_read_ops + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS Volume diff --git a/queries/aws_ebs_volume_metric_read_ops_2.yaml b/queries/aws_ebs_volume_metric_read_ops_2.yaml index 0e74c6a6f..a3c43d708 100755 --- a/queries/aws_ebs_volume_metric_read_ops_2.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_2.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_read_ops_2 Title: "Find Read Ops Metrics of AWS EBS Volumes with SQL" Description: "Allows users to query AWS EBS Volume read operations metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_read_ops_2.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_2.yaml.bak new file mode 100755 index 000000000..0e74c6a6f --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ebs_volume_metric_read_ops_2 +Title: "Find Read Ops Metrics of AWS EBS Volumes with SQL" +Description: "Allows users to query AWS EBS Volume read operations metrics." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_read_ops + where + average > 1000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_3.yaml b/queries/aws_ebs_volume_metric_read_ops_3.yaml index 2b45be172..122e4aaff 100755 --- a/queries/aws_ebs_volume_metric_read_ops_3.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_3.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_read_ops_3 Title: "List all AWS EBS Volume read operations metrics" Description: "Allows users to query AWS EBS Volume read operations metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_read_ops_3.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_3.yaml.bak new file mode 100755 index 000000000..2b45be172 --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_3.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_ebs_volume_metric_read_ops_3 +Title: "List all AWS EBS Volume read operations metrics" +Description: "Allows users to query AWS EBS Volume read operations metrics." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_read_ops + where + maximum > 8000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_4.yaml b/queries/aws_ebs_volume_metric_read_ops_4.yaml index 102ab9281..7086bea6d 100755 --- a/queries/aws_ebs_volume_metric_read_ops_4.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_4.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_read_ops_4 Title: "List All AWS EBS Volume Read Operations Metrics" Description: "Allows users to query AWS EBS Volume read operations metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_read_ops_4.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_4.yaml.bak new file mode 100755 index 000000000..102ab9281 --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_4.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_ebs_volume_metric_read_ops_4 +Title: "List All AWS EBS Volume Read Operations Metrics" +Description: "Allows users to query AWS EBS Volume read operations metrics." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.volume_id, + r.timestamp, + round(r.average) + round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg, + round(r.maximum) + round(w.maximum) as iops_max, + round(r.maximum) as read_ops_max, + round(w.maximum) as write_ops_max, + round(r.minimum) + round(w.minimum) as iops_min, + round(r.minimum) as read_ops_min, + round(w.minimum) as write_ops_min + from + aws_ebs_volume_metric_read_ops as r, + aws_ebs_volume_metric_write_ops as w + where + r.volume_id = w.volume_id + and r.timestamp = w.timestamp + order by + r.volume_id, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml b/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml index 56cdae947..82c034b72 100755 --- a/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_read_ops_daily_1 Title: "List AWS EBS Volume Metrics for Daily Read Ops" Description: "Allows users to query AWS EBS Volume metrics for daily read operations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml.bak new file mode 100755 index 000000000..56cdae947 --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ebs_volume_metric_read_ops_daily_1 +Title: "List AWS EBS Volume Metrics for Daily Read Ops" +Description: "Allows users to query AWS EBS Volume metrics for daily read operations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_read_ops_daily + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml b/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml index bbc5fdd1b..933ba9df7 100755 --- a/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_read_ops_daily_2 Title: "Find Daily AWS EBS Volume Read Ops Metrics using SQL" Description: "Allows users to query AWS EBS Volume metrics for daily read operations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml.bak new file mode 100755 index 000000000..bbc5fdd1b --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ebs_volume_metric_read_ops_daily_2 +Title: "Find Daily AWS EBS Volume Read Ops Metrics using SQL" +Description: "Allows users to query AWS EBS Volume metrics for daily read operations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_read_ops_daily + where + average > 1000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml b/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml index 777415438..64433299a 100755 --- a/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_read_ops_daily_3 Title: "Find all AWS EBS Volume daily read operations metrics" Description: "Allows users to query AWS EBS Volume metrics for daily read operations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml.bak new file mode 100755 index 000000000..777415438 --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ebs_volume_metric_read_ops_daily_3 +Title: "Find all AWS EBS Volume daily read operations metrics" +Description: "Allows users to query AWS EBS Volume metrics for daily read operations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_read_ops_daily + where + maximum > 8000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml b/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml index cc42a62ed..2ace06e4d 100755 --- a/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_read_ops_daily_4 Title: "Find AWS EBS Volume Metrics for Daily Read Operations" Description: "Allows users to query AWS EBS Volume metrics for daily read operations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml.bak new file mode 100755 index 000000000..cc42a62ed --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_ebs_volume_metric_read_ops_daily_4 +Title: "Find AWS EBS Volume Metrics for Daily Read Operations" +Description: "Allows users to query AWS EBS Volume metrics for daily read operations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.volume_id, + r.timestamp, + round(r.average) + round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg, + round(r.maximum) + round(w.maximum) as iops_max, + round(r.maximum) as read_ops_max, + round(w.maximum) as write_ops_max, + round(r.minimum) + round(w.minimum) as iops_min, + round(r.minimum) as read_ops_min, + round(w.minimum) as write_ops_min + from + aws_ebs_volume_metric_read_ops_daily as r, + aws_ebs_volume_metric_write_ops_daily as w + where + r.volume_id = w.volume_id + and r.timestamp = w.timestamp + order by + r.volume_id, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml b/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml index 6dcea420e..fac833ca6 100755 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_read_ops_hourly_1 Title: "Find Amazon EC2 EBS Volume Read Operations Metrics Hourly" Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml.bak new file mode 100755 index 000000000..6dcea420e --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ebs_volume_metric_read_ops_hourly_1 +Title: "Find Amazon EC2 EBS Volume Read Operations Metrics Hourly" +Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_read_ops_hourly + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EC2 EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml b/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml index a8a568cc2..dc610aac8 100755 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_read_ops_hourly_2 Title: "List all Amazon EC2 EBS Volume Read Ops metrics hourly" Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml.bak new file mode 100755 index 000000000..a8a568cc2 --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_ebs_volume_metric_read_ops_hourly_2 +Title: "List all Amazon EC2 EBS Volume Read Ops metrics hourly" +Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_read_ops_hourly + where + average > 1000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EC2 diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml b/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml index 804457456..7dbdef4e1 100755 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_read_ops_hourly_3 Title: "Find Amazon EC2 EBS Volume Read Ops Metrics Hourly" Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml.bak new file mode 100755 index 000000000..804457456 --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_ebs_volume_metric_read_ops_hourly_3 +Title: "Find Amazon EC2 EBS Volume Read Ops Metrics Hourly" +Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_read_ops_hourly + where + maximum > 8000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EC2 diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml b/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml index ea84534e6..928f6296d 100755 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_read_ops_hourly_4 Title: "List all Amazon EC2 EBS Volume Read Ops Metrics Hourly" Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml.bak new file mode 100755 index 000000000..ea84534e6 --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml.bak @@ -0,0 +1,37 @@ +ID: aws_ebs_volume_metric_read_ops_hourly_4 +Title: "List all Amazon EC2 EBS Volume Read Ops Metrics Hourly" +Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.volume_id, + r.timestamp, + v.iops as provisioned_iops, + round(r.average) +round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg + from + aws_ebs_volume_metric_read_ops_hourly as r, + aws_ebs_volume_metric_write_ops_hourly as w, + aws_ebs_volume as v + where + r.volume_id = w.volume_id + and r.timestamp = w.timestamp + and v.volume_id = r.volume_id + and r.average + w.average > v.iops + order by + r.volume_id, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EC2 diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml b/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml index d2e6fd281..0acd697ad 100755 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_read_ops_hourly_5 Title: "Find AWS EC2 EBS Volume Read Ops Metrics Hourly" Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml.bak new file mode 100755 index 000000000..d2e6fd281 --- /dev/null +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_ebs_volume_metric_read_ops_hourly_5 +Title: "Find AWS EC2 EBS Volume Read Ops Metrics Hourly" +Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.volume_id, + r.timestamp, + round(r.average) + round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg, + round(r.maximum) + round(w.maximum) as iops_max, + round(r.maximum) as read_ops_max, + round(w.maximum) as write_ops_max, + round(r.minimum) + round(w.minimum) as iops_min, + round(r.minimum) as read_ops_min, + round(w.minimum) as write_ops_min + from + aws_ebs_volume_metric_read_ops_hourly as r, + aws_ebs_volume_metric_write_ops_hourly as w + where + r.volume_id = w.volume_id + and r.timestamp = w.timestamp + order by + r.volume_id, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EC2 EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_1.yaml b/queries/aws_ebs_volume_metric_write_ops_1.yaml index b90872c82..4d68d5a0d 100755 --- a/queries/aws_ebs_volume_metric_write_ops_1.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_1.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_write_ops_1 Title: "Find AWS EBS Volume Write Operations Metrics" Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_write_ops_1.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_1.yaml.bak new file mode 100755 index 000000000..b90872c82 --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ebs_volume_metric_write_ops_1 +Title: "Find AWS EBS Volume Write Operations Metrics" +Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_write_ops + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_volume_metric_write_ops_2.yaml b/queries/aws_ebs_volume_metric_write_ops_2.yaml index fe69e94b8..c83912cfc 100755 --- a/queries/aws_ebs_volume_metric_write_ops_2.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_2.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_write_ops_2 Title: "List AWS EBS Volume Write Ops Metrics via SQL" Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_write_ops_2.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_2.yaml.bak new file mode 100755 index 000000000..fe69e94b8 --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ebs_volume_metric_write_ops_2 +Title: "List AWS EBS Volume Write Ops Metrics via SQL" +Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_write_ops + where + average > 1000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_volume_metric_write_ops_3.yaml b/queries/aws_ebs_volume_metric_write_ops_3.yaml index 3a8a5b326..cc2d5e4a4 100755 --- a/queries/aws_ebs_volume_metric_write_ops_3.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_3.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_write_ops_3 Title: "Find AWS EBS volume write ops metrics" Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_write_ops_3.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_3.yaml.bak new file mode 100755 index 000000000..cc2d5e4a4 --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_3.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_ebs_volume_metric_write_ops_3 +Title: "Find AWS EBS volume write ops metrics" +Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_write_ops + where + maximum > 8000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_volume_metric_write_ops_3.yaml.bak.bak b/queries/aws_ebs_volume_metric_write_ops_3.yaml.bak.bak new file mode 100755 index 000000000..cc2d5e4a4 --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_3.yaml.bak.bak @@ -0,0 +1,35 @@ +ID: aws_ebs_volume_metric_write_ops_3 +Title: "Find AWS EBS volume write ops metrics" +Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_write_ops + where + maximum > 8000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_volume_metric_write_ops_4.yaml b/queries/aws_ebs_volume_metric_write_ops_4.yaml index bd6ebaace..7c288715b 100755 --- a/queries/aws_ebs_volume_metric_write_ops_4.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_4.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_write_ops_4 Title: "List EBS Volume Write Ops Metrics using SQL" Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_write_ops_4.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_4.yaml.bak new file mode 100755 index 000000000..bd6ebaace --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_4.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_ebs_volume_metric_write_ops_4 +Title: "List EBS Volume Write Ops Metrics using SQL" +Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.volume_id, + r.timestamp, + round(r.average) + round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg, + round(r.maximum) + round(w.maximum) as iops_max, + round(r.maximum) as read_ops_max, + round(w.maximum) as write_ops_max, + round(r.minimum) + round(w.minimum) as iops_min, + round(r.minimum) as read_ops_min, + round(w.minimum) as write_ops_min + from + aws_ebs_volume_metric_read_ops as r, + aws_ebs_volume_metric_write_ops as w + where + r.volume_id = w.volume_id + and r.timestamp = w.timestamp + order by + r.volume_id, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Block Store diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml b/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml index f0a72ec1a..a01047fc8 100755 --- a/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_write_ops_daily_1 Title: "List all AWS EBS Volume Metrics for daily write operations" Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml.bak new file mode 100755 index 000000000..f0a72ec1a --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ebs_volume_metric_write_ops_daily_1 +Title: "List all AWS EBS Volume Metrics for daily write operations" +Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_write_ops_daily + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml b/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml index 5db89a6a8..ffa5ec597 100755 --- a/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_write_ops_daily_2 Title: "Find daily AWS EBS Volume Metrics for write operations" Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak new file mode 100755 index 000000000..ffa5ec597 --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_ebs_volume_metric_write_ops_daily_2 +Title: "Find daily AWS EBS Volume Metrics for write operations" +Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_write_ops_daily + where + average > 1000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak.bak b/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak.bak new file mode 100755 index 000000000..ffa5ec597 --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak.bak @@ -0,0 +1,35 @@ +ID: aws_ebs_volume_metric_write_ops_daily_2 +Title: "Find daily AWS EBS Volume Metrics for write operations" +Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_write_ops_daily + where + average > 1000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml b/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml index da07573be..de70feda5 100755 --- a/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_write_ops_daily_3 Title: "Find AWS EBS Volume Write Ops Metrics Daily" Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml.bak new file mode 100755 index 000000000..da07573be --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_ebs_volume_metric_write_ops_daily_3 +Title: "Find AWS EBS Volume Write Ops Metrics Daily" +Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_write_ops_daily + where + maximum > 8000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml b/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml index e3c7e11ac..724cf8bd8 100755 --- a/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_write_ops_daily_4 Title: "Query Daily AWS EBS Volume Write Ops Metrics" Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml.bak new file mode 100755 index 000000000..e3c7e11ac --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_ebs_volume_metric_write_ops_daily_4 +Title: "Query Daily AWS EBS Volume Write Ops Metrics" +Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.volume_id, + r.timestamp, + round(r.average) + round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg, + round(r.maximum) + round(w.maximum) as iops_max, + round(r.maximum) as read_ops_max, + round(w.maximum) as write_ops_max, + round(r.minimum) + round(w.minimum) as iops_min, + round(r.minimum) as read_ops_min, + round(w.minimum) as write_ops_min + from + aws_ebs_volume_metric_read_ops_daily as r, + aws_ebs_volume_metric_write_ops_daily as w + where + r.volume_id = w.volume_id + and r.timestamp = w.timestamp + order by + r.volume_id, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml b/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml index ed08a8048..d7a99e569 100755 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_write_ops_hourly_1 Title: "Find AWS EBS Volume Metrics on Hourly Write Operations" Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml.bak new file mode 100755 index 000000000..ed08a8048 --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ebs_volume_metric_write_ops_hourly_1 +Title: "Find AWS EBS Volume Metrics on Hourly Write Operations" +Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_write_ops_hourly + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml b/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml index 9fc063589..d73b5418c 100755 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_write_ops_hourly_2 Title: "Query AWS EBS Volume Hourly Write Operations Metrics" Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml.bak new file mode 100755 index 000000000..9fc063589 --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ebs_volume_metric_write_ops_hourly_2 +Title: "Query AWS EBS Volume Hourly Write Operations Metrics" +Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_write_ops_hourly + where + average > 1000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml b/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml index 6554e0e03..d880d61f0 100755 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_write_ops_hourly_3 Title: "List all AWS EBS Volume Metrics on Hourly Write Ops" Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml.bak new file mode 100755 index 000000000..6554e0e03 --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ebs_volume_metric_write_ops_hourly_3 +Title: "List all AWS EBS Volume Metrics on Hourly Write Ops" +Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + volume_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_ebs_volume_metric_write_ops_hourly + where + maximum > 8000 + order by + volume_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml b/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml index 9c446308b..f42e29343 100755 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_write_ops_hourly_4 Title: "Find AWS EBS Volume Hourly Write Operation Metrics" Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml.bak new file mode 100755 index 000000000..9c446308b --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_ebs_volume_metric_write_ops_hourly_4 +Title: "Find AWS EBS Volume Hourly Write Operation Metrics" +Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.volume_id, + r.timestamp, + v.iops as provisioned_iops, + round(r.average) +round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg + from + aws_ebs_volume_metric_read_ops_hourly as r, + aws_ebs_volume_metric_write_ops_hourly as w, + aws_ebs_volume as v + where + r.volume_id = w.volume_id + and r.timestamp = w.timestamp + and v.volume_id = r.volume_id + and r.average + w.average > v.iops + order by + r.volume_id, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml b/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml index 9ec155a2a..929fd0773 100755 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml @@ -1,7 +1,7 @@ ID: aws_ebs_volume_metric_write_ops_hourly_5 Title: "Find AWS EBS Volume Metrics on Hourly Write Ops" Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml.bak new file mode 100755 index 000000000..9ec155a2a --- /dev/null +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_ebs_volume_metric_write_ops_hourly_5 +Title: "Find AWS EBS Volume Metrics on Hourly Write Ops" +Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.volume_id, + r.timestamp, + round(r.average) + round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg, + round(r.maximum) + round(w.maximum) as iops_max, + round(r.maximum) as read_ops_max, + round(w.maximum) as write_ops_max, + round(r.minimum) + round(w.minimum) as iops_min, + round(r.minimum) as read_ops_min, + round(w.minimum) as write_ops_min + from + aws_ebs_volume_metric_read_ops_hourly as r, + aws_ebs_volume_metric_write_ops_hourly as w + where + r.volume_id = w.volume_id + and r.timestamp = w.timestamp + order by + r.volume_id, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EBS diff --git a/queries/aws_ec2_ami_1.yaml b/queries/aws_ec2_ami_1.yaml index ab735156d..3fedbae31 100755 --- a/queries/aws_ec2_ami_1.yaml +++ b/queries/aws_ec2_ami_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_ami_1 Title: "List all AWS EC2 AMIs with Details via SQL" Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_ami_1.yaml.bak b/queries/aws_ec2_ami_1.yaml.bak new file mode 100755 index 000000000..ab735156d --- /dev/null +++ b/queries/aws_ec2_ami_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_ami_1 +Title: "List all AWS EC2 AMIs with Details via SQL" +Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + image_id, + state, + image_location, + creation_date, + public, + root_device_name + from + aws_ec2_ami; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_ami_2.yaml b/queries/aws_ec2_ami_2.yaml index 85711e6ee..c66d4e734 100755 --- a/queries/aws_ec2_ami_2.yaml +++ b/queries/aws_ec2_ami_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_ami_2 Title: "List all AWS EC2 AMIs to Retrieve Detailed Information" Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_ami_2.yaml.bak b/queries/aws_ec2_ami_2.yaml.bak new file mode 100755 index 000000000..85711e6ee --- /dev/null +++ b/queries/aws_ec2_ami_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ec2_ami_2 +Title: "List all AWS EC2 AMIs to Retrieve Detailed Information" +Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + image_id, + public + from + aws_ec2_ami + where + public; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_ami_3.yaml b/queries/aws_ec2_ami_3.yaml index 4b42c486b..bcc210f50 100755 --- a/queries/aws_ec2_ami_3.yaml +++ b/queries/aws_ec2_ami_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_ami_3 Title: "List all AWS EC2 AMI Details with Failed State" Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_ami_3.yaml.bak b/queries/aws_ec2_ami_3.yaml.bak new file mode 100755 index 000000000..bcc210f50 --- /dev/null +++ b/queries/aws_ec2_ami_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_ami_3 +Title: "List all AWS EC2 AMI Details with Failed State" +Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + image_id, + public, + state + from + aws_ec2_ami + where + state = 'failed'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_ami_3.yaml.bak.bak b/queries/aws_ec2_ami_3.yaml.bak.bak new file mode 100755 index 000000000..bcc210f50 --- /dev/null +++ b/queries/aws_ec2_ami_3.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_ami_3 +Title: "List all AWS EC2 AMI Details with Failed State" +Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + image_id, + public, + state + from + aws_ec2_ami + where + state = 'failed'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_ami_4.yaml b/queries/aws_ec2_ami_4.yaml index 6cced891b..a8058f1c4 100755 --- a/queries/aws_ec2_ami_4.yaml +++ b/queries/aws_ec2_ami_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_ami_4 Title: "List all AWS EC2 AMIs with Detailed Information" Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_ami_4.yaml.bak b/queries/aws_ec2_ami_4.yaml.bak new file mode 100755 index 000000000..6cced891b --- /dev/null +++ b/queries/aws_ec2_ami_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ec2_ami_4 +Title: "List all AWS EC2 AMIs with Detailed Information" +Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + image_id, + mapping -> 'Ebs' ->> 'VolumeSize' as volume_size, + mapping -> 'Ebs' ->> 'VolumeType' as volume_type, + mapping -> 'Ebs' ->> 'Encrypted' as encryption_status, + mapping -> 'Ebs' ->> 'KmsKeyId' as kms_key, + mapping -> 'Ebs' ->> 'DeleteOnTermination' as delete_on_termination + from + aws_ec2_ami + cross join jsonb_array_elements(block_device_mappings) as mapping; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 AMI diff --git a/queries/aws_ec2_ami_shared_1.yaml b/queries/aws_ec2_ami_shared_1.yaml index 0fea12016..e302ecd6a 100755 --- a/queries/aws_ec2_ami_shared_1.yaml +++ b/queries/aws_ec2_ami_shared_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_ami_shared_1 Title: "Find shared Amazon Machine Images (AMIs) in AWS EC2" Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_ami_shared_1.yaml.bak b/queries/aws_ec2_ami_shared_1.yaml.bak new file mode 100755 index 000000000..0fea12016 --- /dev/null +++ b/queries/aws_ec2_ami_shared_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ec2_ami_shared_1 +Title: "Find shared Amazon Machine Images (AMIs) in AWS EC2" +Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + image_id, + state, + image_location, + creation_date, + public, + root_device_name + from + aws_ec2_ami_shared + where + owner_id = '137112412989'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_ami_shared_2.yaml b/queries/aws_ec2_ami_shared_2.yaml index 983108c5d..64bc6b341 100755 --- a/queries/aws_ec2_ami_shared_2.yaml +++ b/queries/aws_ec2_ami_shared_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_ami_shared_2 Title: "Find Shared Amazon Machine Images (AMIs) in AWS EC2" Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_ami_shared_2.yaml.bak b/queries/aws_ec2_ami_shared_2.yaml.bak new file mode 100755 index 000000000..64bc6b341 --- /dev/null +++ b/queries/aws_ec2_ami_shared_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ec2_ami_shared_2 +Title: "Find Shared Amazon Machine Images (AMIs) in AWS EC2" +Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + image_id, + state, + image_location, + creation_date, + public, + root_device_name + from + aws_ec2_ami_shared + where + owner_id = '137112412989' + and architecture = 'arm64'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_ami_shared_2.yaml.bak.bak b/queries/aws_ec2_ami_shared_2.yaml.bak.bak new file mode 100755 index 000000000..64bc6b341 --- /dev/null +++ b/queries/aws_ec2_ami_shared_2.yaml.bak.bak @@ -0,0 +1,33 @@ +ID: aws_ec2_ami_shared_2 +Title: "Find Shared Amazon Machine Images (AMIs) in AWS EC2" +Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + image_id, + state, + image_location, + creation_date, + public, + root_device_name + from + aws_ec2_ami_shared + where + owner_id = '137112412989' + and architecture = 'arm64'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_ami_shared_3.yaml b/queries/aws_ec2_ami_shared_3.yaml index a1af0abf5..1c95687a5 100755 --- a/queries/aws_ec2_ami_shared_3.yaml +++ b/queries/aws_ec2_ami_shared_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_ami_shared_3 Title: "List all shared Amazon Machine Images (AMIs) in AWS EC2" Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_ami_shared_3.yaml.bak b/queries/aws_ec2_ami_shared_3.yaml.bak new file mode 100755 index 000000000..a1af0abf5 --- /dev/null +++ b/queries/aws_ec2_ami_shared_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_ami_shared_3 +Title: "List all shared Amazon Machine Images (AMIs) in AWS EC2" +Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i.title, + i.instance_id, + i.image_id, + ami.name, + ami.description, + ami.platform_details + from + aws_ec2_instance as i + join aws_ec2_ami_shared as ami on i.image_id = ami.image_id + where + ami.owner_id = '137112412989'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_application_load_balancer_1.yaml b/queries/aws_ec2_application_load_balancer_1.yaml index c163bf9e5..52ad51dcb 100755 --- a/queries/aws_ec2_application_load_balancer_1.yaml +++ b/queries/aws_ec2_application_load_balancer_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_application_load_balancer_1 Title: "Find AWS EC2 Load Balancers with Security Groups" Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_application_load_balancer_1.yaml.bak b/queries/aws_ec2_application_load_balancer_1.yaml.bak new file mode 100755 index 000000000..c163bf9e5 --- /dev/null +++ b/queries/aws_ec2_application_load_balancer_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_application_load_balancer_1 +Title: "Find AWS EC2 Load Balancers with Security Groups" +Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + jsonb_array_elements_text(security_groups) as attached_security_group + from + aws_ec2_application_load_balancer; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_2.yaml b/queries/aws_ec2_application_load_balancer_2.yaml index 759929c71..1c85426a5 100755 --- a/queries/aws_ec2_application_load_balancer_2.yaml +++ b/queries/aws_ec2_application_load_balancer_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_application_load_balancer_2 Title: "List All AWS EC2 Application Load Balancers with Details" Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_application_load_balancer_2.yaml.bak b/queries/aws_ec2_application_load_balancer_2.yaml.bak new file mode 100755 index 000000000..759929c71 --- /dev/null +++ b/queries/aws_ec2_application_load_balancer_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ec2_application_load_balancer_2 +Title: "List All AWS EC2 Application Load Balancers with Details" +Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + az ->> 'LoadBalancerAddresses' as load_balancer_addresses, + az ->> 'OutpostId' as outpost_id, + az ->> 'SubnetId' as subnet_id, + az ->> 'ZoneName' as zone_name + from + aws_ec2_application_load_balancer + cross join jsonb_array_elements(availability_zones) as az; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_3.yaml b/queries/aws_ec2_application_load_balancer_3.yaml index 505bb66b7..ef32f6ef0 100755 --- a/queries/aws_ec2_application_load_balancer_3.yaml +++ b/queries/aws_ec2_application_load_balancer_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_application_load_balancer_3 Title: "List All AWS EC2 ALBs with Detailed Information" Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_application_load_balancer_3.yaml.bak b/queries/aws_ec2_application_load_balancer_3.yaml.bak new file mode 100755 index 000000000..505bb66b7 --- /dev/null +++ b/queries/aws_ec2_application_load_balancer_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ec2_application_load_balancer_3 +Title: "List All AWS EC2 ALBs with Detailed Information" +Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + count(az ->> 'ZoneName') < 2 as zone_count_1 + from + aws_ec2_application_load_balancer + cross join jsonb_array_elements(availability_zones) as az + group by + name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_4.yaml b/queries/aws_ec2_application_load_balancer_4.yaml index 7675d6597..fa3fb6ec7 100755 --- a/queries/aws_ec2_application_load_balancer_4.yaml +++ b/queries/aws_ec2_application_load_balancer_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_application_load_balancer_4 Title: "List all AWS EC2 Application Load Balancers and Attributes" Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_application_load_balancer_4.yaml.bak b/queries/aws_ec2_application_load_balancer_4.yaml.bak new file mode 100755 index 000000000..7675d6597 --- /dev/null +++ b/queries/aws_ec2_application_load_balancer_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_application_load_balancer_4 +Title: "List all AWS EC2 Application Load Balancers and Attributes" +Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + lb ->> 'Key' as logging_key, + lb ->> 'Value' as logging_value + from + aws_ec2_application_load_balancer + cross join jsonb_array_elements(load_balancer_attributes) as lb + where + lb ->> 'Key' = 'access_logs.s3.enabled' + and lb ->> 'Value' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_5.yaml b/queries/aws_ec2_application_load_balancer_5.yaml index ef60fa395..912b0b798 100755 --- a/queries/aws_ec2_application_load_balancer_5.yaml +++ b/queries/aws_ec2_application_load_balancer_5.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_application_load_balancer_5 Title: "List all AWS EC2 Application Load Balancer Details" Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_application_load_balancer_5.yaml.bak b/queries/aws_ec2_application_load_balancer_5.yaml.bak new file mode 100755 index 000000000..ef60fa395 --- /dev/null +++ b/queries/aws_ec2_application_load_balancer_5.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ec2_application_load_balancer_5 +Title: "List all AWS EC2 Application Load Balancer Details" +Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + lb ->> 'Key' as deletion_protection_key, + lb ->> 'Value' as deletion_protection_value + from + aws_ec2_application_load_balancer + cross join jsonb_array_elements(load_balancer_attributes) as lb + where + lb ->> 'Key' = 'deletion_protection.enabled' + and lb ->> 'Value' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml b/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml index f33069b65..55dfccad0 100755 --- a/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml +++ b/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_application_load_balancer_metric_request_count_1 Title: "Query AWS EC2 Application Load Balancer Request Count" Description: "Allows users to query AWS EC2 Application Load Balancer Metrics, specifically the request count." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml.bak b/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml.bak new file mode 100755 index 000000000..f33069b65 --- /dev/null +++ b/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ec2_application_load_balancer_metric_request_count_1 +Title: "Query AWS EC2 Application Load Balancer Request Count" +Description: "Allows users to query AWS EC2 Application Load Balancer Metrics, specifically the request count." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + metric_name, + namespace, + average, + maximum, + minimum, + sample_count, + timestamp + from + aws_ec2_application_load_balancer_metric_request_count + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml b/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml index 2f189bef2..00fe0a803 100755 --- a/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml +++ b/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_application_load_balancer_metric_request_count_2 Title: "List AWS EC2 Application Load Balancer Request Counts" Description: "Allows users to query AWS EC2 Application Load Balancer Metrics, specifically the request count." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml.bak b/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml.bak new file mode 100755 index 000000000..2f189bef2 --- /dev/null +++ b/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_ec2_application_load_balancer_metric_request_count_2 +Title: "List AWS EC2 Application Load Balancer Request Counts" +Description: "Allows users to query AWS EC2 Application Load Balancer Metrics, specifically the request count." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + metric_name, + namespace, + maximum, + minimum, + average + sample_count, + timestamp + from + aws_ec2_application_load_balancer_metric_request_count + where + average < 100 + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml index 7984bdb4a..1c4cd1934 100755 --- a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml +++ b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_application_load_balancer_metric_request_count_daily_1 Title: "Find daily request count metrics of AWS EC2 ALB" Description: "Allows users to query daily request count metrics of the AWS EC2 Application Load Balancer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml.bak b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml.bak new file mode 100755 index 000000000..7984bdb4a --- /dev/null +++ b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_ec2_application_load_balancer_metric_request_count_daily_1 +Title: "Find daily request count metrics of AWS EC2 ALB" +Description: "Allows users to query daily request count metrics of the AWS EC2 Application Load Balancer." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + metric_name, + namespace, + average, + maximum, + minimum, + sample_count, + timestamp + from + aws_ec2_application_load_balancer_metric_request_count_daily + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml index 1cbf44d2a..82d1c9de2 100755 --- a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml +++ b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_application_load_balancer_metric_request_count_daily_2 Title: "List all daily request count metrics for AWS EC2 Application Load Balancer" Description: "Allows users to query daily request count metrics of the AWS EC2 Application Load Balancer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml.bak b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml.bak new file mode 100755 index 000000000..1cbf44d2a --- /dev/null +++ b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_ec2_application_load_balancer_metric_request_count_daily_2 +Title: "List all daily request count metrics for AWS EC2 Application Load Balancer" +Description: "Allows users to query daily request count metrics of the AWS EC2 Application Load Balancer." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + metric_name, + namespace, + maximum, + minimum, + average + sample_count, + timestamp + from + aws_ec2_application_load_balancer_metric_request_count_daily + where + average < 100 + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Application Load Balancer diff --git a/queries/aws_ec2_autoscaling_group_1.yaml b/queries/aws_ec2_autoscaling_group_1.yaml index 5107cf597..253b0d4d0 100755 --- a/queries/aws_ec2_autoscaling_group_1.yaml +++ b/queries/aws_ec2_autoscaling_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_autoscaling_group_1 Title: "List all AWS EC2 Auto Scaling Groups with Details" Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_autoscaling_group_1.yaml.bak b/queries/aws_ec2_autoscaling_group_1.yaml.bak new file mode 100755 index 000000000..5107cf597 --- /dev/null +++ b/queries/aws_ec2_autoscaling_group_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ec2_autoscaling_group_1 +Title: "List all AWS EC2 Auto Scaling Groups with Details" +Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + load_balancer_names, + availability_zones, + service_linked_role_arn, + default_cooldown, + max_size, + min_size, + new_instances_protected_from_scale_in + from + aws_ec2_autoscaling_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Auto Scaling diff --git a/queries/aws_ec2_autoscaling_group_2.yaml b/queries/aws_ec2_autoscaling_group_2.yaml index 613d9485c..a5694c411 100755 --- a/queries/aws_ec2_autoscaling_group_2.yaml +++ b/queries/aws_ec2_autoscaling_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_autoscaling_group_2 Title: "Find AWS EC2 Auto Scaling Groups with Less than 2 AZs" Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_autoscaling_group_2.yaml.bak b/queries/aws_ec2_autoscaling_group_2.yaml.bak new file mode 100755 index 000000000..613d9485c --- /dev/null +++ b/queries/aws_ec2_autoscaling_group_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_autoscaling_group_2 +Title: "Find AWS EC2 Auto Scaling Groups with Less than 2 AZs" +Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + jsonb_array_length(availability_zones) as az_count + from + aws_ec2_autoscaling_group + where + jsonb_array_length(availability_zones) < 2; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Auto Scaling diff --git a/queries/aws_ec2_autoscaling_group_3.yaml b/queries/aws_ec2_autoscaling_group_3.yaml index 9ee5b77c9..8e0cd92fa 100755 --- a/queries/aws_ec2_autoscaling_group_3.yaml +++ b/queries/aws_ec2_autoscaling_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_autoscaling_group_3 Title: "List all AWS EC2 Auto Scaling Groups and Details" Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_autoscaling_group_3.yaml.bak b/queries/aws_ec2_autoscaling_group_3.yaml.bak new file mode 100755 index 000000000..9ee5b77c9 --- /dev/null +++ b/queries/aws_ec2_autoscaling_group_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ec2_autoscaling_group_3 +Title: "List all AWS EC2 Auto Scaling Groups and Details" +Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as autoscaling_group_name, + ins_detail ->> 'InstanceId' as instance_id, + ins_detail ->> 'InstanceType' as instance_type, + ins_detail ->> 'AvailabilityZone' as az, + ins_detail ->> 'HealthStatus' as health_status, + ins_detail ->> 'LaunchConfigurationName' as launch_configuration_name, + ins_detail -> 'LaunchTemplate' ->> 'LaunchTemplateName' as launch_template_name, + ins_detail -> 'LaunchTemplate' ->> 'Version' as launch_template_version, + ins_detail ->> 'ProtectedFromScaleIn' as protected_from_scale_in + from + aws_ec2_autoscaling_group, + jsonb_array_elements(instances) as ins_detail; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Auto Scaling diff --git a/queries/aws_ec2_autoscaling_group_4.yaml b/queries/aws_ec2_autoscaling_group_4.yaml index 3f2315e8a..575566580 100755 --- a/queries/aws_ec2_autoscaling_group_4.yaml +++ b/queries/aws_ec2_autoscaling_group_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_autoscaling_group_4 Title: "List AWS EC2 Auto Scaling Groups and Their Configurations" Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_autoscaling_group_4.yaml.bak b/queries/aws_ec2_autoscaling_group_4.yaml.bak new file mode 100755 index 000000000..3f2315e8a --- /dev/null +++ b/queries/aws_ec2_autoscaling_group_4.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_ec2_autoscaling_group_4 +Title: "List AWS EC2 Auto Scaling Groups and Their Configurations" +Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + health_check_type, + health_check_grace_period + from + aws_ec2_autoscaling_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Auto Scaling diff --git a/queries/aws_ec2_capacity_reservation_1.yaml b/queries/aws_ec2_capacity_reservation_1.yaml index 8ac69d474..fe24676c4 100755 --- a/queries/aws_ec2_capacity_reservation_1.yaml +++ b/queries/aws_ec2_capacity_reservation_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_capacity_reservation_1 Title: "Find All AWS EC2 Capacity Reservations via SQL" Description: "Allows users to query AWS EC2 Capacity Reservations to provide information about the reservations within AWS Elastic Compute Cloud (EC2)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_capacity_reservation_1.yaml.bak b/queries/aws_ec2_capacity_reservation_1.yaml.bak new file mode 100755 index 000000000..8ac69d474 --- /dev/null +++ b/queries/aws_ec2_capacity_reservation_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_capacity_reservation_1 +Title: "Find All AWS EC2 Capacity Reservations via SQL" +Description: "Allows users to query AWS EC2 Capacity Reservations to provide information about the reservations within AWS Elastic Compute Cloud (EC2)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + capacity_reservation_id, + capacity_reservation_arn, + instance_type, + state + from + aws_ec2_capacity_reservation; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Compute Cloud (EC2) diff --git a/queries/aws_ec2_capacity_reservation_2.yaml b/queries/aws_ec2_capacity_reservation_2.yaml index a49bdbe63..6dda06318 100755 --- a/queries/aws_ec2_capacity_reservation_2.yaml +++ b/queries/aws_ec2_capacity_reservation_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_capacity_reservation_2 Title: "Find AWS EC2 Capacity Reservations with SQL Query" Description: "Allows users to query AWS EC2 Capacity Reservations to provide information about the reservations within AWS Elastic Compute Cloud (EC2)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_capacity_reservation_2.yaml.bak b/queries/aws_ec2_capacity_reservation_2.yaml.bak new file mode 100755 index 000000000..a49bdbe63 --- /dev/null +++ b/queries/aws_ec2_capacity_reservation_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_capacity_reservation_2 +Title: "Find AWS EC2 Capacity Reservations with SQL Query" +Description: "Allows users to query AWS EC2 Capacity Reservations to provide information about the reservations within AWS Elastic Compute Cloud (EC2)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + capacity_reservation_id, + capacity_reservation_arn, + instance_type, + state + from + aws_ec2_capacity_reservation + where + state = 'expired'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_capacity_reservation_3.yaml b/queries/aws_ec2_capacity_reservation_3.yaml index b14c24f07..21ec211bc 100755 --- a/queries/aws_ec2_capacity_reservation_3.yaml +++ b/queries/aws_ec2_capacity_reservation_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_capacity_reservation_3 Title: "List AWS EC2 Capacity Reservations Details" Description: "Allows users to query AWS EC2 Capacity Reservations to provide information about the reservations within AWS Elastic Compute Cloud (EC2)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_capacity_reservation_3.yaml.bak b/queries/aws_ec2_capacity_reservation_3.yaml.bak new file mode 100755 index 000000000..b14c24f07 --- /dev/null +++ b/queries/aws_ec2_capacity_reservation_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_capacity_reservation_3 +Title: "List AWS EC2 Capacity Reservations Details" +Description: "Allows users to query AWS EC2 Capacity Reservations to provide information about the reservations within AWS Elastic Compute Cloud (EC2)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + capacity_reservation_id, + capacity_reservation_arn, + instance_type, + state + from + aws_ec2_capacity_reservation + where + capacity_reservation_id = 'cr-0b30935e9fc2da81e'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Compute Cloud (EC2) diff --git a/queries/aws_ec2_classic_load_balancer_1.yaml b/queries/aws_ec2_classic_load_balancer_1.yaml index 2c1558cfb..a3a7a0a51 100755 --- a/queries/aws_ec2_classic_load_balancer_1.yaml +++ b/queries/aws_ec2_classic_load_balancer_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_classic_load_balancer_1 Title: "List all AWS EC2 Classic Load Balancers with Instances" Description: "Allows users to query Classic Load Balancers within Amazon EC2." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_classic_load_balancer_1.yaml.bak b/queries/aws_ec2_classic_load_balancer_1.yaml.bak new file mode 100755 index 000000000..2c1558cfb --- /dev/null +++ b/queries/aws_ec2_classic_load_balancer_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_classic_load_balancer_1 +Title: "List all AWS EC2 Classic Load Balancers with Instances" +Description: "Allows users to query Classic Load Balancers within Amazon EC2." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + instances + from + aws_ec2_classic_load_balancer; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EC2 diff --git a/queries/aws_ec2_classic_load_balancer_2.yaml b/queries/aws_ec2_classic_load_balancer_2.yaml index 6b0ed6b99..a182e279c 100755 --- a/queries/aws_ec2_classic_load_balancer_2.yaml +++ b/queries/aws_ec2_classic_load_balancer_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_classic_load_balancer_2 Title: "List all disabled access logs on EC2 Classic Load Balancers" Description: "Allows users to query Classic Load Balancers within Amazon EC2." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_classic_load_balancer_2.yaml.bak b/queries/aws_ec2_classic_load_balancer_2.yaml.bak new file mode 100755 index 000000000..6b0ed6b99 --- /dev/null +++ b/queries/aws_ec2_classic_load_balancer_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_classic_load_balancer_2 +Title: "List all disabled access logs on EC2 Classic Load Balancers" +Description: "Allows users to query Classic Load Balancers within Amazon EC2." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + access_log_enabled + from + aws_ec2_classic_load_balancer + where + access_log_enabled = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Classic Load Balancer diff --git a/queries/aws_ec2_classic_load_balancer_3.yaml b/queries/aws_ec2_classic_load_balancer_3.yaml index 637b9f9ca..18ffda2e7 100755 --- a/queries/aws_ec2_classic_load_balancer_3.yaml +++ b/queries/aws_ec2_classic_load_balancer_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_classic_load_balancer_3 Title: "List all Classic Load Balancers within Amazon EC2" Description: "Allows users to query Classic Load Balancers within Amazon EC2." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_classic_load_balancer_3.yaml.bak b/queries/aws_ec2_classic_load_balancer_3.yaml.bak new file mode 100755 index 000000000..637b9f9ca --- /dev/null +++ b/queries/aws_ec2_classic_load_balancer_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_classic_load_balancer_3 +Title: "List all Classic Load Balancers within Amazon EC2" +Description: "Allows users to query Classic Load Balancers within Amazon EC2." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + jsonb_array_elements_text(security_groups) as sg + from + aws_ec2_classic_load_balancer; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_classic_load_balancer_4.yaml b/queries/aws_ec2_classic_load_balancer_4.yaml index b09b60996..09705176a 100755 --- a/queries/aws_ec2_classic_load_balancer_4.yaml +++ b/queries/aws_ec2_classic_load_balancer_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_classic_load_balancer_4 Title: "Find all Load Balancers in AWS EC2 Classic" Description: "Allows users to query Classic Load Balancers within Amazon EC2." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_classic_load_balancer_4.yaml.bak b/queries/aws_ec2_classic_load_balancer_4.yaml.bak new file mode 100755 index 000000000..b09b60996 --- /dev/null +++ b/queries/aws_ec2_classic_load_balancer_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_classic_load_balancer_4 +Title: "Find all Load Balancers in AWS EC2 Classic" +Description: "Allows users to query Classic Load Balancers within Amazon EC2." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + listener_description -> 'Listener' ->> 'InstancePort' as instance_port, + listener_description -> 'Listener' ->> 'InstanceProtocol' as instance_protocol, + listener_description -> 'Listener' ->> 'LoadBalancerPort' as load_balancer_port, + listener_description -> 'Listener' ->> 'Protocol' as load_balancer_protocol, + listener_description -> 'SSLCertificateId' ->> 'SSLCertificateId' as ssl_certificate, + listener_description -> 'Listener' ->> 'PolicyNames' as policy_names + from + aws_ec2_classic_load_balancer + cross join jsonb_array_elements(listener_descriptions) as listener_description; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_classic_load_balancer_5.yaml b/queries/aws_ec2_classic_load_balancer_5.yaml index 3fa54f1f8..899ba09fe 100755 --- a/queries/aws_ec2_classic_load_balancer_5.yaml +++ b/queries/aws_ec2_classic_load_balancer_5.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_classic_load_balancer_5 Title: "List all EC2 Classic Load Balancers and Health Configs" Description: "Allows users to query Classic Load Balancers within Amazon EC2." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_classic_load_balancer_5.yaml.bak b/queries/aws_ec2_classic_load_balancer_5.yaml.bak new file mode 100755 index 000000000..3fa54f1f8 --- /dev/null +++ b/queries/aws_ec2_classic_load_balancer_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_classic_load_balancer_5 +Title: "List all EC2 Classic Load Balancers and Health Configs" +Description: "Allows users to query Classic Load Balancers within Amazon EC2." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + healthy_threshold, + health_check_interval, + health_check_target, + health_check_timeout, + unhealthy_threshold + from + aws_ec2_classic_load_balancer; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_client_vpn_endpoint_1.yaml b/queries/aws_ec2_client_vpn_endpoint_1.yaml index a5df7c4f6..8a262b6a0 100755 --- a/queries/aws_ec2_client_vpn_endpoint_1.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_client_vpn_endpoint_1 Title: "Find AWS EC2 Client VPN Endpoints Configuration and Status" Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_client_vpn_endpoint_1.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_1.yaml.bak new file mode 100755 index 000000000..a5df7c4f6 --- /dev/null +++ b/queries/aws_ec2_client_vpn_endpoint_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_client_vpn_endpoint_1 +Title: "Find AWS EC2 Client VPN Endpoints Configuration and Status" +Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + description, + status, + client_vpn_endpoint_id, + transport_protocol, + creation_time, + tags + from + aws_ec2_client_vpn_endpoint; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Client VPN diff --git a/queries/aws_ec2_client_vpn_endpoint_2.yaml b/queries/aws_ec2_client_vpn_endpoint_2.yaml index 15f86aa08..46633ef4a 100755 --- a/queries/aws_ec2_client_vpn_endpoint_2.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_client_vpn_endpoint_2 Title: "Find AWS EC2 Client VPN Endpoint Network Details" Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_client_vpn_endpoint_2.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_2.yaml.bak new file mode 100755 index 000000000..15f86aa08 --- /dev/null +++ b/queries/aws_ec2_client_vpn_endpoint_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_client_vpn_endpoint_2 +Title: "Find AWS EC2 Client VPN Endpoint Network Details" +Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + status, + client_vpn_endpoint_id, + transport_protocol, + tags + from + aws_ec2_client_vpn_endpoint + where + status ->> 'Code' <> 'available'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Client VPN diff --git a/queries/aws_ec2_client_vpn_endpoint_3.yaml b/queries/aws_ec2_client_vpn_endpoint_3.yaml index 8e12d0003..38395c0f9 100755 --- a/queries/aws_ec2_client_vpn_endpoint_3.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_client_vpn_endpoint_3 Title: "List all AWS EC2 Client VPN Endpoint Details" Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_client_vpn_endpoint_3.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_3.yaml.bak new file mode 100755 index 000000000..8e12d0003 --- /dev/null +++ b/queries/aws_ec2_client_vpn_endpoint_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_client_vpn_endpoint_3 +Title: "List all AWS EC2 Client VPN Endpoint Details" +Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + status ->> 'Code' as status, + client_vpn_endpoint_id, + transport_protocol, + tags + from + aws_ec2_client_vpn_endpoint + where + creation_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Client VPN diff --git a/queries/aws_ec2_client_vpn_endpoint_4.yaml b/queries/aws_ec2_client_vpn_endpoint_4.yaml index cfe588c8c..757d43f00 100755 --- a/queries/aws_ec2_client_vpn_endpoint_4.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_client_vpn_endpoint_4 Title: "Find Configuration and Status of AWS EC2 Client VPN Endpoints" Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_client_vpn_endpoint_4.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_4.yaml.bak new file mode 100755 index 000000000..cfe588c8c --- /dev/null +++ b/queries/aws_ec2_client_vpn_endpoint_4.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_ec2_client_vpn_endpoint_4 +Title: "Find Configuration and Status of AWS EC2 Client VPN Endpoints" +Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + status ->> 'Code' as status, + client_vpn_endpoint_id, + security_group_ids, + vpc_id, + vpn_port, + vpn_protocol, + transport_protocol, + tags + from + aws_ec2_client_vpn_endpoint + where + creation_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Client VPN diff --git a/queries/aws_ec2_client_vpn_endpoint_5.yaml b/queries/aws_ec2_client_vpn_endpoint_5.yaml index 6c562b40f..3be0da713 100755 --- a/queries/aws_ec2_client_vpn_endpoint_5.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_5.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_client_vpn_endpoint_5 Title: "Find AWS EC2 Client VPN Endpoints Configuration Details" Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_client_vpn_endpoint_5.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_5.yaml.bak new file mode 100755 index 000000000..6c562b40f --- /dev/null +++ b/queries/aws_ec2_client_vpn_endpoint_5.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ec2_client_vpn_endpoint_5 +Title: "Find AWS EC2 Client VPN Endpoints Configuration Details" +Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + status ->> 'Code' as status, + client_vpn_endpoint_id, + security_group_ids, + vpc_id, + vpn_port, + vpn_protocol, + transport_protocol, + tags + from + aws_ec2_client_vpn_endpoint; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_client_vpn_endpoint_6.yaml b/queries/aws_ec2_client_vpn_endpoint_6.yaml index 3914353a5..8e6795b33 100755 --- a/queries/aws_ec2_client_vpn_endpoint_6.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_6.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_client_vpn_endpoint_6 Title: "List all AWS EC2 Client VPN Endpoints with Details" Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_client_vpn_endpoint_6.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_6.yaml.bak new file mode 100755 index 000000000..3914353a5 --- /dev/null +++ b/queries/aws_ec2_client_vpn_endpoint_6.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_client_vpn_endpoint_6 +Title: "List all AWS EC2 Client VPN Endpoints with Details" +Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + status ->> 'Code' as status, + client_vpn_endpoint_id, + connection_log_options ->> 'Enabled' as connection_log_options_enabled, + connection_log_options ->> 'CloudwatchLogGroup' as connection_log_options_cloudwatch_log_group, + connection_log_options ->> 'CloudwatchLogStream' as connection_log_options_cloudwatch_log_stream, + tags + from + aws_ec2_client_vpn_endpoint; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Client VPN diff --git a/queries/aws_ec2_client_vpn_endpoint_7.yaml b/queries/aws_ec2_client_vpn_endpoint_7.yaml index 4b831848f..cad9e0ebc 100755 --- a/queries/aws_ec2_client_vpn_endpoint_7.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_7.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_client_vpn_endpoint_7 Title: "List all Configuration and Status of EC2 Client VPN Endpoints" Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_client_vpn_endpoint_7.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_7.yaml.bak new file mode 100755 index 000000000..4b831848f --- /dev/null +++ b/queries/aws_ec2_client_vpn_endpoint_7.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ec2_client_vpn_endpoint_7 +Title: "List all Configuration and Status of EC2 Client VPN Endpoints" +Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + status ->> 'Code' as status, + client_vpn_endpoint_id, + autentication ->> 'Type' as authentication_options_type, + autentication -> 'MutualAuthentication' ->> 'ClientRootCertificateChain' as authentication_client_root_certificate_chain, + authentication_options, + tags + from + aws_ec2_client_vpn_endpoint, + jsonb_array_elements(authentication_options) as autentication; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_gateway_load_balancer_1.yaml b/queries/aws_ec2_gateway_load_balancer_1.yaml index 4c5e9eac5..41223ffcc 100755 --- a/queries/aws_ec2_gateway_load_balancer_1.yaml +++ b/queries/aws_ec2_gateway_load_balancer_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_gateway_load_balancer_1 Title: "Find AWS EC2 Gateway Load Balancer details, config & state" Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_gateway_load_balancer_1.yaml.bak b/queries/aws_ec2_gateway_load_balancer_1.yaml.bak new file mode 100755 index 000000000..4c5e9eac5 --- /dev/null +++ b/queries/aws_ec2_gateway_load_balancer_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_gateway_load_balancer_1 +Title: "Find AWS EC2 Gateway Load Balancer details, config & state" +Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + type, + state_code, + vpc_id, + availability_zones + from + aws_ec2_gateway_load_balancer; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_2.yaml b/queries/aws_ec2_gateway_load_balancer_2.yaml index cfab0f9a5..5d458162f 100755 --- a/queries/aws_ec2_gateway_load_balancer_2.yaml +++ b/queries/aws_ec2_gateway_load_balancer_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_gateway_load_balancer_2 Title: "List all AWS EC2 Gateway Load Balancer Details" Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_gateway_load_balancer_2.yaml.bak b/queries/aws_ec2_gateway_load_balancer_2.yaml.bak new file mode 100755 index 000000000..cfab0f9a5 --- /dev/null +++ b/queries/aws_ec2_gateway_load_balancer_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_gateway_load_balancer_2 +Title: "List all AWS EC2 Gateway Load Balancer Details" +Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + az ->> 'LoadBalancerAddresses' as load_balancer_addresses, + az ->> 'OutpostId' as outpost_id, + az ->> 'SubnetId' as subnet_id, + az ->> 'ZoneName' as zone_name + from + aws_ec2_gateway_load_balancer, + jsonb_array_elements(availability_zones) as az; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_3.yaml b/queries/aws_ec2_gateway_load_balancer_3.yaml index 4ebce86af..41c7f0057 100755 --- a/queries/aws_ec2_gateway_load_balancer_3.yaml +++ b/queries/aws_ec2_gateway_load_balancer_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_gateway_load_balancer_3 Title: "Find AWS EC2 Gateway Load Balancer Details and Configuration" Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_gateway_load_balancer_3.yaml.bak b/queries/aws_ec2_gateway_load_balancer_3.yaml.bak new file mode 100755 index 000000000..4ebce86af --- /dev/null +++ b/queries/aws_ec2_gateway_load_balancer_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_gateway_load_balancer_3 +Title: "Find AWS EC2 Gateway Load Balancer Details and Configuration" +Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + count(az ->> 'ZoneName') as zone_count + from + aws_ec2_gateway_load_balancer, + jsonb_array_elements(availability_zones) as az + group by + name + having + count(az ->> 'ZoneName') < 2; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_4.yaml b/queries/aws_ec2_gateway_load_balancer_4.yaml index 98eb7baec..ab144b885 100755 --- a/queries/aws_ec2_gateway_load_balancer_4.yaml +++ b/queries/aws_ec2_gateway_load_balancer_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_gateway_load_balancer_4 Title: "Find AWS EC2 Gateway Load Balancer with deletion protection" Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_gateway_load_balancer_4.yaml.bak b/queries/aws_ec2_gateway_load_balancer_4.yaml.bak new file mode 100755 index 000000000..ab144b885 --- /dev/null +++ b/queries/aws_ec2_gateway_load_balancer_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_gateway_load_balancer_4 +Title: "Find AWS EC2 Gateway Load Balancer with deletion protection" +Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + lb ->> 'Key' as deletion_protection_key, + lb ->> 'Value' as deletion_protection_value + from + aws_ec2_gateway_load_balancer, + jsonb_array_elements(load_balancer_attributes) as lb + where + lb ->> 'Key' = 'deletion_protection.enabled' + and lb ->> 'Value' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_4.yaml.bak.bak b/queries/aws_ec2_gateway_load_balancer_4.yaml.bak.bak new file mode 100755 index 000000000..ab144b885 --- /dev/null +++ b/queries/aws_ec2_gateway_load_balancer_4.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_gateway_load_balancer_4 +Title: "Find AWS EC2 Gateway Load Balancer with deletion protection" +Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + lb ->> 'Key' as deletion_protection_key, + lb ->> 'Value' as deletion_protection_value + from + aws_ec2_gateway_load_balancer, + jsonb_array_elements(load_balancer_attributes) as lb + where + lb ->> 'Key' = 'deletion_protection.enabled' + and lb ->> 'Value' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_5.yaml b/queries/aws_ec2_gateway_load_balancer_5.yaml index 8bdc8083e..07f7073f1 100755 --- a/queries/aws_ec2_gateway_load_balancer_5.yaml +++ b/queries/aws_ec2_gateway_load_balancer_5.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_gateway_load_balancer_5 Title: "Find AWS EC2 Gateway Load Balancer Configuration Details" Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_gateway_load_balancer_5.yaml.bak b/queries/aws_ec2_gateway_load_balancer_5.yaml.bak new file mode 100755 index 000000000..8bdc8083e --- /dev/null +++ b/queries/aws_ec2_gateway_load_balancer_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_gateway_load_balancer_5 +Title: "Find AWS EC2 Gateway Load Balancer Configuration Details" +Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + lb ->> 'Key' as load_balancing_cross_zone_key, + lb ->> 'Value' as load_balancing_cross_zone_value + from + aws_ec2_gateway_load_balancer, + jsonb_array_elements(load_balancer_attributes) as lb + where + lb ->> 'Key' = 'load_balancing.cross_zone.enabled' + and lb ->> 'Value' = 'true'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_6.yaml b/queries/aws_ec2_gateway_load_balancer_6.yaml index 83aff26ae..fb0c164ab 100755 --- a/queries/aws_ec2_gateway_load_balancer_6.yaml +++ b/queries/aws_ec2_gateway_load_balancer_6.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_gateway_load_balancer_6 Title: "Find AWS EC2 Gateway Load Balancer Details" Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_gateway_load_balancer_6.yaml.bak b/queries/aws_ec2_gateway_load_balancer_6.yaml.bak new file mode 100755 index 000000000..83aff26ae --- /dev/null +++ b/queries/aws_ec2_gateway_load_balancer_6.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_gateway_load_balancer_6 +Title: "Find AWS EC2 Gateway Load Balancer Details" +Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + jsonb_array_elements_text(security_groups) as attached_security_group + from + aws_ec2_gateway_load_balancer; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_7.yaml b/queries/aws_ec2_gateway_load_balancer_7.yaml index 6170b9451..fc918a1ac 100755 --- a/queries/aws_ec2_gateway_load_balancer_7.yaml +++ b/queries/aws_ec2_gateway_load_balancer_7.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_gateway_load_balancer_7 Title: "Find AWS EC2 Gateway Load Balancer details, state, type" Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_gateway_load_balancer_7.yaml.bak b/queries/aws_ec2_gateway_load_balancer_7.yaml.bak new file mode 100755 index 000000000..6170b9451 --- /dev/null +++ b/queries/aws_ec2_gateway_load_balancer_7.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_gateway_load_balancer_7 +Title: "Find AWS EC2 Gateway Load Balancer details, state, type" +Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + state_code + from + aws_ec2_gateway_load_balancer + where + state_code <> 'active'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_instance_1.yaml b/queries/aws_ec2_instance_1.yaml index 534d71cbc..677cd3a47 100755 --- a/queries/aws_ec2_instance_1.yaml +++ b/queries/aws_ec2_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_1 Title: "List all AWS EC2 Instances with Type and State Info" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_1.yaml.bak b/queries/aws_ec2_instance_1.yaml.bak new file mode 100755 index 000000000..534d71cbc --- /dev/null +++ b/queries/aws_ec2_instance_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_instance_1 +Title: "List all AWS EC2 Instances with Type and State Info" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + placement_availability_zone as az, + instance_type, + count(*) + from + aws_ec2_instance + group by + placement_availability_zone, + instance_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_10.yaml b/queries/aws_ec2_instance_10.yaml index 2e702684b..a9d6fd17a 100755 --- a/queries/aws_ec2_instance_10.yaml +++ b/queries/aws_ec2_instance_10.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_10 Title: "Find all AWS EC2 Instances with API Termination Enabled" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_10.yaml.bak b/queries/aws_ec2_instance_10.yaml.bak new file mode 100755 index 000000000..2e702684b --- /dev/null +++ b/queries/aws_ec2_instance_10.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_instance_10 +Title: "Find all AWS EC2 Instances with API Termination Enabled" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + disable_api_termination + from + aws_ec2_instance + where + not disable_api_termination; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_11.yaml b/queries/aws_ec2_instance_11.yaml index 88ef49825..1b87381f5 100755 --- a/queries/aws_ec2_instance_11.yaml +++ b/queries/aws_ec2_instance_11.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_11 Title: "List all AWS EC2 Instances with Group Details" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_11.yaml.bak b/queries/aws_ec2_instance_11.yaml.bak new file mode 100755 index 000000000..88ef49825 --- /dev/null +++ b/queries/aws_ec2_instance_11.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_instance_11 +Title: "List all AWS EC2 Instances with Group Details" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + sg ->> 'GroupId' as group_id, + sg ->> 'GroupName' as group_name + from + aws_ec2_instance + cross join jsonb_array_elements(security_groups) as sg + where + sg ->> 'GroupName' = 'default'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_12.yaml b/queries/aws_ec2_instance_12.yaml index c45d77872..d6e487b31 100755 --- a/queries/aws_ec2_instance_12.yaml +++ b/queries/aws_ec2_instance_12.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_12 Title: "List all AWS EC2 Instances and Volume Encryption Status" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_12.yaml.bak b/queries/aws_ec2_instance_12.yaml.bak new file mode 100755 index 000000000..d6e487b31 --- /dev/null +++ b/queries/aws_ec2_instance_12.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_instance_12 +Title: "List all AWS EC2 Instances and Volume Encryption Status" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i.instance_id, + vols -> 'Ebs' ->> 'VolumeId' as vol_id, + vol.encrypted + from + aws_ec2_instance as i + cross join jsonb_array_elements(block_device_mappings) as vols + join aws_ebs_volume as vol on vol.volume_id = vols -> 'Ebs' ->> 'VolumeId' + where + not vol.encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_12.yaml.bak.bak b/queries/aws_ec2_instance_12.yaml.bak.bak new file mode 100755 index 000000000..d6e487b31 --- /dev/null +++ b/queries/aws_ec2_instance_12.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_instance_12 +Title: "List all AWS EC2 Instances and Volume Encryption Status" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i.instance_id, + vols -> 'Ebs' ->> 'VolumeId' as vol_id, + vol.encrypted + from + aws_ec2_instance as i + cross join jsonb_array_elements(block_device_mappings) as vols + join aws_ebs_volume as vol on vol.volume_id = vols -> 'Ebs' ->> 'VolumeId' + where + not vol.encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_13.yaml b/queries/aws_ec2_instance_13.yaml index 0bd7fa2c7..7d836792d 100755 --- a/queries/aws_ec2_instance_13.yaml +++ b/queries/aws_ec2_instance_13.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_13 Title: "Find EC2 Instances with Sensitive Data in User Data" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_13.yaml.bak b/queries/aws_ec2_instance_13.yaml.bak new file mode 100755 index 000000000..0bd7fa2c7 --- /dev/null +++ b/queries/aws_ec2_instance_13.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_instance_13 +Title: "Find EC2 Instances with Sensitive Data in User Data" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + user_data + from + aws_ec2_instance + where + user_data like any (array ['%pass%', '%secret%','%token%','%key%']) + or user_data ~ '(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_14.yaml b/queries/aws_ec2_instance_14.yaml index e3ce339b0..05d7ddaea 100755 --- a/queries/aws_ec2_instance_14.yaml +++ b/queries/aws_ec2_instance_14.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_14 Title: "List All AWS EC2 Instances with Detailed Information" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_14.yaml.bak b/queries/aws_ec2_instance_14.yaml.bak new file mode 100755 index 000000000..e3ce339b0 --- /dev/null +++ b/queries/aws_ec2_instance_14.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ec2_instance_14 +Title: "List All AWS EC2 Instances with Detailed Information" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + launch_template_data -> 'ImageId' as image_id, + launch_template_data -> 'Placement' as placement, + launch_template_data -> 'DisableApiStop' as disable_api_stop, + launch_template_data -> 'MetadataOptions' as metadata_options, + launch_template_data -> 'NetworkInterfaces' as network_interfaces, + launch_template_data -> 'BlockDeviceMappings' as block_device_mappings, + launch_template_data -> 'CapacityReservationSpecification' as capacity_reservation_specification + from + aws_ec2_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_15.yaml b/queries/aws_ec2_instance_15.yaml index 23c1b53d1..e5c213541 100755 --- a/queries/aws_ec2_instance_15.yaml +++ b/queries/aws_ec2_instance_15.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_15 Title: "List all AWS EC2 Instances with Comprehensive Data" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_15.yaml.bak b/queries/aws_ec2_instance_15.yaml.bak new file mode 100755 index 000000000..23c1b53d1 --- /dev/null +++ b/queries/aws_ec2_instance_15.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_instance_15 +Title: "List all AWS EC2 Instances with Comprehensive Data" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i.instance_id, + i.vpc_id, + i.subnet_id, + s.tags ->> 'Name' as subnet_name + from + aws_ec2_instance as i, + aws_vpc_subnet as s + where + i.subnet_id = s.subnet_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_2.yaml b/queries/aws_ec2_instance_2.yaml index aa9c8aa82..19376fdaf 100755 --- a/queries/aws_ec2_instance_2.yaml +++ b/queries/aws_ec2_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_2 Title: "List all AWS EC2 Instances and Their States" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_2.yaml.bak b/queries/aws_ec2_instance_2.yaml.bak new file mode 100755 index 000000000..aa9c8aa82 --- /dev/null +++ b/queries/aws_ec2_instance_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_instance_2 +Title: "List all AWS EC2 Instances and Their States" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + monitoring_state + from + aws_ec2_instance + where + monitoring_state = 'disabled'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_3.yaml b/queries/aws_ec2_instance_3.yaml index 70e5b2b78..f35407ed1 100755 --- a/queries/aws_ec2_instance_3.yaml +++ b/queries/aws_ec2_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_3 Title: "List all AWS EC2 Instances with Types and Counts" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_3.yaml.bak b/queries/aws_ec2_instance_3.yaml.bak new file mode 100755 index 000000000..70e5b2b78 --- /dev/null +++ b/queries/aws_ec2_instance_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_instance_3 +Title: "List all AWS EC2 Instances with Types and Counts" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_type, + count(instance_type) as count + from + aws_ec2_instance + group by + instance_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_4.yaml b/queries/aws_ec2_instance_4.yaml index 4bd06b933..b43a8537c 100755 --- a/queries/aws_ec2_instance_4.yaml +++ b/queries/aws_ec2_instance_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_4 Title: "Find AWS EC2 Instances Stopped Over 30 days Ago" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_4.yaml.bak b/queries/aws_ec2_instance_4.yaml.bak new file mode 100755 index 000000000..4bd06b933 --- /dev/null +++ b/queries/aws_ec2_instance_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_instance_4 +Title: "Find AWS EC2 Instances Stopped Over 30 days Ago" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + instance_state, + launch_time, + state_transition_time + from + aws_ec2_instance + where + instance_state = 'stopped' + and state_transition_time <= (current_date - interval '30' day); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_5.yaml b/queries/aws_ec2_instance_5.yaml index b5398f1ba..b694f90b7 100755 --- a/queries/aws_ec2_instance_5.yaml +++ b/queries/aws_ec2_instance_5.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_5 Title: "List all AWS EC2 Instances with Comprehensive Data" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_5.yaml.bak b/queries/aws_ec2_instance_5.yaml.bak new file mode 100755 index 000000000..b5398f1ba --- /dev/null +++ b/queries/aws_ec2_instance_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_instance_5 +Title: "List all AWS EC2 Instances with Comprehensive Data" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + tags + from + aws_ec2_instance + where + not tags :: JSONB ? 'application'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_6.yaml b/queries/aws_ec2_instance_6.yaml index 1a763a3c5..0315b813a 100755 --- a/queries/aws_ec2_instance_6.yaml +++ b/queries/aws_ec2_instance_6.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_6 Title: "Find all EC2 Instances with Detailed Information" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_6.yaml.bak b/queries/aws_ec2_instance_6.yaml.bak new file mode 100755 index 000000000..1a763a3c5 --- /dev/null +++ b/queries/aws_ec2_instance_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_instance_6 +Title: "Find all EC2 Instances with Detailed Information" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + instance_state, + launch_time, + maintenance_options ->> 'AutoRecovery' as auto_recovery + from + aws_ec2_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_7.yaml b/queries/aws_ec2_instance_7.yaml index da8a12962..133cbb212 100755 --- a/queries/aws_ec2_instance_7.yaml +++ b/queries/aws_ec2_instance_7.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_7 Title: "List all AWS EC2 instances including detailed data" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_7.yaml.bak b/queries/aws_ec2_instance_7.yaml.bak new file mode 100755 index 000000000..da8a12962 --- /dev/null +++ b/queries/aws_ec2_instance_7.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ec2_instance_7 +Title: "List all AWS EC2 instances including detailed data" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + instance_type, + instance_state, + l ->> 'LicenseConfigurationArn' as license_configuration_arn + from + aws_ec2_instance, + jsonb_array_elements(licenses) as l; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_8.yaml b/queries/aws_ec2_instance_8.yaml index 87a61a8fe..ea81b0ed3 100755 --- a/queries/aws_ec2_instance_8.yaml +++ b/queries/aws_ec2_instance_8.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_8 Title: "List all AWS EC2 Instances with Detailed Attributes" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_8.yaml.bak b/queries/aws_ec2_instance_8.yaml.bak new file mode 100755 index 000000000..87a61a8fe --- /dev/null +++ b/queries/aws_ec2_instance_8.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ec2_instance_8 +Title: "List all AWS EC2 Instances with Detailed Attributes" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + instance_state, + placement_affinity, + placement_group_id, + placement_group_name, + placement_availability_zone, + placement_host_id, + placement_host_resource_group_arn, + placement_partition_number, + placement_tenancy + from + aws_ec2_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_9.yaml b/queries/aws_ec2_instance_9.yaml index 704225a7b..f3fd57f36 100755 --- a/queries/aws_ec2_instance_9.yaml +++ b/queries/aws_ec2_instance_9.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_9 Title: "List all AWS EC2 Instances with Instance Type Count" Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_9.yaml.bak b/queries/aws_ec2_instance_9.yaml.bak new file mode 100755 index 000000000..704225a7b --- /dev/null +++ b/queries/aws_ec2_instance_9.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_instance_9 +Title: "List all AWS EC2 Instances with Instance Type Count" +Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_type, + count(*) as count + from + aws_ec2_instance + where + instance_type not in ('t2.large', 'm3.medium') + group by + instance_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_availability_1.yaml b/queries/aws_ec2_instance_availability_1.yaml index 8a27be0cd..acdcc25e3 100755 --- a/queries/aws_ec2_instance_availability_1.yaml +++ b/queries/aws_ec2_instance_availability_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_availability_1 Title: "List all AWS EC2 Instance Availability by Region" Description: "Allows users to query AWS EC2 Instance Availability and retrieve detailed information about the availability of EC2 instances in each AWS region." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_availability_1.yaml.bak b/queries/aws_ec2_instance_availability_1.yaml.bak new file mode 100755 index 000000000..8a27be0cd --- /dev/null +++ b/queries/aws_ec2_instance_availability_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_instance_availability_1 +Title: "List all AWS EC2 Instance Availability by Region" +Description: "Allows users to query AWS EC2 Instance Availability and retrieve detailed information about the availability of EC2 instances in each AWS region." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_type, + location + from + aws_ec2_instance_availability + where + location = 'us-east-1'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_availability_2.yaml b/queries/aws_ec2_instance_availability_2.yaml index afe649d4a..730fe2a04 100755 --- a/queries/aws_ec2_instance_availability_2.yaml +++ b/queries/aws_ec2_instance_availability_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_availability_2 Title: "List all AWS EC2 Instance Availability by Region" Description: "Allows users to query AWS EC2 Instance Availability and retrieve detailed information about the availability of EC2 instances in each AWS region." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_availability_2.yaml.bak b/queries/aws_ec2_instance_availability_2.yaml.bak new file mode 100755 index 000000000..afe649d4a --- /dev/null +++ b/queries/aws_ec2_instance_availability_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_instance_availability_2 +Title: "List all AWS EC2 Instance Availability by Region" +Description: "Allows users to query AWS EC2 Instance Availability and retrieve detailed information about the availability of EC2 instances in each AWS region." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_type, + location + from + aws_ec2_instance_availability + where + location = 'af-south' + and instance_type = 'r5.12xlarge'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml index ea75cfef7..3428b6ff8 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_metric_cpu_utilization_1 Title: "Find AWS EC2 Instance CPU Utilization Metrics" Description: "Allows users to query EC2 Instance CPU Utilization metrics from AWS CloudWatch." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml.bak new file mode 100755 index 000000000..ea75cfef7 --- /dev/null +++ b/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_instance_metric_cpu_utilization_1 +Title: "Find AWS EC2 Instance CPU Utilization Metrics" +Description: "Allows users to query EC2 Instance CPU Utilization metrics from AWS CloudWatch." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_ec2_instance_metric_cpu_utilization + order by + instance_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml index 79f138c97..2915805f3 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_metric_cpu_utilization_2 Title: "Find AWS EC2 Instances with High CPU Utilization" Description: "Allows users to query EC2 Instance CPU Utilization metrics from AWS CloudWatch." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml.bak new file mode 100755 index 000000000..79f138c97 --- /dev/null +++ b/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ec2_instance_metric_cpu_utilization_2 +Title: "Find AWS EC2 Instances with High CPU Utilization" +Description: "Allows users to query EC2 Instance CPU Utilization metrics from AWS CloudWatch." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_ec2_instance_metric_cpu_utilization + where average > 80 + order by + instance_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml index 2c51adcf4..f2842c13b 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_metric_cpu_utilization_daily_1 Title: "List AWS EC2 Instances Daily CPU Utilization Metrics" Description: "Allows users to query daily CPU utilization metrics of AWS EC2 instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml.bak new file mode 100755 index 000000000..2c51adcf4 --- /dev/null +++ b/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_instance_metric_cpu_utilization_daily_1 +Title: "List AWS EC2 Instances Daily CPU Utilization Metrics" +Description: "Allows users to query daily CPU utilization metrics of AWS EC2 instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_ec2_instance_metric_cpu_utilization_daily + order by + instance_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml index 2e743873e..a24990d1e 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_metric_cpu_utilization_daily_2 Title: "Find AWS EC2 Instances with High Daily CPU Utilization" Description: "Allows users to query daily CPU utilization metrics of AWS EC2 instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml.bak new file mode 100755 index 000000000..2e743873e --- /dev/null +++ b/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_ec2_instance_metric_cpu_utilization_daily_2 +Title: "Find AWS EC2 Instances with High Daily CPU Utilization" +Description: "Allows users to query daily CPU utilization metrics of AWS EC2 instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_ec2_instance_metric_cpu_utilization_daily + where average > 80 + order by + instance_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml index 6da90ac48..63640c82c 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_metric_cpu_utilization_daily_3 Title: "Find Daily CPU Utilization Metrics of AWS EC2 Instances" Description: "Allows users to query daily CPU utilization metrics of AWS EC2 instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml.bak new file mode 100755 index 000000000..6da90ac48 --- /dev/null +++ b/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ec2_instance_metric_cpu_utilization_daily_3 +Title: "Find Daily CPU Utilization Metrics of AWS EC2 Instances" +Description: "Allows users to query daily CPU utilization metrics of AWS EC2 instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_ec2_instance_metric_cpu_utilization_daily + where average < 1 + order by + instance_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml index f5c69984d..62f46697f 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_metric_cpu_utilization_hourly_1 Title: "Query AWS EC2 Instance CPU Utilization Metrics Hourly" Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak new file mode 100755 index 000000000..62f46697f --- /dev/null +++ b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ec2_instance_metric_cpu_utilization_hourly_1 +Title: "Query AWS EC2 Instance CPU Utilization Metrics Hourly" +Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_ec2_instance_metric_cpu_utilization_hourly + order by + instance_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Instance diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak.bak b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak.bak new file mode 100755 index 000000000..62f46697f --- /dev/null +++ b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak.bak @@ -0,0 +1,32 @@ +ID: aws_ec2_instance_metric_cpu_utilization_hourly_1 +Title: "Query AWS EC2 Instance CPU Utilization Metrics Hourly" +Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_ec2_instance_metric_cpu_utilization_hourly + order by + instance_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Instance diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml index 68f71ddca..001eada0b 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_metric_cpu_utilization_hourly_2 Title: "Find all AWS EC2 Instance CPU Utilization hourly metrics" Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml.bak new file mode 100755 index 000000000..68f71ddca --- /dev/null +++ b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ec2_instance_metric_cpu_utilization_hourly_2 +Title: "Find all AWS EC2 Instance CPU Utilization hourly metrics" +Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_ec2_instance_metric_cpu_utilization_hourly + where average > 80 + order by + instance_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml index d18bf4c20..6c20399e4 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_metric_cpu_utilization_hourly_3 Title: "Find EC2 Instance Hourly CPU Utilization Metrics in AWS" Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml.bak new file mode 100755 index 000000000..d18bf4c20 --- /dev/null +++ b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ec2_instance_metric_cpu_utilization_hourly_3 +Title: "Find EC2 Instance Hourly CPU Utilization Metrics in AWS" +Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_ec2_instance_metric_cpu_utilization_hourly + where average < 1 + order by + instance_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_type_1.yaml b/queries/aws_ec2_instance_type_1.yaml index caaa15457..fb7fabd1b 100755 --- a/queries/aws_ec2_instance_type_1.yaml +++ b/queries/aws_ec2_instance_type_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_type_1 Title: "List all AWS EC2 Instance Type Data and Details" Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_type_1.yaml.bak b/queries/aws_ec2_instance_type_1.yaml.bak new file mode 100755 index 000000000..caaa15457 --- /dev/null +++ b/queries/aws_ec2_instance_type_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_instance_type_1 +Title: "List all AWS EC2 Instance Type Data and Details" +Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_type, + dedicated_hosts_supported + from + aws_ec2_instance_type + where + dedicated_hosts_supported; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Instance Type diff --git a/queries/aws_ec2_instance_type_2.yaml b/queries/aws_ec2_instance_type_2.yaml index dd6b805a9..442db0b4c 100755 --- a/queries/aws_ec2_instance_type_2.yaml +++ b/queries/aws_ec2_instance_type_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_type_2 Title: "Find All AWS EC2 Instance Types and Recovery Support" Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_type_2.yaml.bak b/queries/aws_ec2_instance_type_2.yaml.bak new file mode 100755 index 000000000..442db0b4c --- /dev/null +++ b/queries/aws_ec2_instance_type_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_instance_type_2 +Title: "Find All AWS EC2 Instance Types and Recovery Support" +Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_type, + auto_recovery_supported + from + aws_ec2_instance_type + where + not auto_recovery_supported; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Instance Type diff --git a/queries/aws_ec2_instance_type_2.yaml.bak.bak b/queries/aws_ec2_instance_type_2.yaml.bak.bak new file mode 100755 index 000000000..442db0b4c --- /dev/null +++ b/queries/aws_ec2_instance_type_2.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_instance_type_2 +Title: "Find All AWS EC2 Instance Types and Recovery Support" +Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_type, + auto_recovery_supported + from + aws_ec2_instance_type + where + not auto_recovery_supported; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Instance Type diff --git a/queries/aws_ec2_instance_type_3.yaml b/queries/aws_ec2_instance_type_3.yaml index 3d6a9daae..16e629a78 100755 --- a/queries/aws_ec2_instance_type_3.yaml +++ b/queries/aws_ec2_instance_type_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_type_3 Title: "Find AWS EC2 Instance Types with Detailed Specs" Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_type_3.yaml.bak b/queries/aws_ec2_instance_type_3.yaml.bak new file mode 100755 index 000000000..3d6a9daae --- /dev/null +++ b/queries/aws_ec2_instance_type_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ec2_instance_type_3 +Title: "Find AWS EC2 Instance Types with Detailed Specs" +Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_type, + dedicated_hosts_supported, + v_cpu_info -> 'DefaultCores' as default_cores, + v_cpu_info -> 'DefaultThreadsPerCore' as default_threads_per_core, + v_cpu_info -> 'DefaultVCpus' as default_vcpus, + v_cpu_info -> 'ValidCores' as valid_cores, + v_cpu_info -> 'ValidThreadsPerCore' as valid_threads_per_core + from + aws_ec2_instance_type + where + v_cpu_info ->> 'DefaultCores' > '24'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_type_4.yaml b/queries/aws_ec2_instance_type_4.yaml index 2581e0349..a074ca021 100755 --- a/queries/aws_ec2_instance_type_4.yaml +++ b/queries/aws_ec2_instance_type_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_type_4 Title: "Find all AWS EC2 Instance Types with Unsupported Encryption" Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_type_4.yaml.bak b/queries/aws_ec2_instance_type_4.yaml.bak new file mode 100755 index 000000000..2581e0349 --- /dev/null +++ b/queries/aws_ec2_instance_type_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_instance_type_4 +Title: "Find all AWS EC2 Instance Types with Unsupported Encryption" +Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_type, + ebs_info ->> 'EncryptionSupport' as encryption_support + from + aws_ec2_instance_type + where + ebs_info ->> 'EncryptionSupport' = 'unsupported'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_instance_type_5.yaml b/queries/aws_ec2_instance_type_5.yaml index 7ca34526a..9692c07e3 100755 --- a/queries/aws_ec2_instance_type_5.yaml +++ b/queries/aws_ec2_instance_type_5.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_instance_type_5 Title: "List all AWS EC2 Instance Types with Free Tier Eligibility" Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_instance_type_5.yaml.bak b/queries/aws_ec2_instance_type_5.yaml.bak new file mode 100755 index 000000000..7ca34526a --- /dev/null +++ b/queries/aws_ec2_instance_type_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_instance_type_5 +Title: "List all AWS EC2 Instance Types with Free Tier Eligibility" +Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_type, + free_tier_eligible + from + aws_ec2_instance_type + where + free_tier_eligible; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_key_pair_1.yaml b/queries/aws_ec2_key_pair_1.yaml index 55dd64d9c..f6a28b660 100755 --- a/queries/aws_ec2_key_pair_1.yaml +++ b/queries/aws_ec2_key_pair_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_key_pair_1 Title: "List all AWS EC2 Key Pairs with Name and ID" Description: "Allows users to query AWS EC2 Key Pairs, providing information about key pairs which are used to securely log into EC2 instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_key_pair_1.yaml.bak b/queries/aws_ec2_key_pair_1.yaml.bak new file mode 100755 index 000000000..55dd64d9c --- /dev/null +++ b/queries/aws_ec2_key_pair_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ec2_key_pair_1 +Title: "List all AWS EC2 Key Pairs with Name and ID" +Description: "Allows users to query AWS EC2 Key Pairs, providing information about key pairs which are used to securely log into EC2 instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key_name, + key_pair_id, + region + from + aws_ec2_key_pair; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_key_pair_2.yaml b/queries/aws_ec2_key_pair_2.yaml index 84ea1064c..1a2245847 100755 --- a/queries/aws_ec2_key_pair_2.yaml +++ b/queries/aws_ec2_key_pair_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_key_pair_2 Title: "List all AWS EC2 Key Pairs to Securely Log Into EC2 Instances" Description: "Allows users to query AWS EC2 Key Pairs, providing information about key pairs which are used to securely log into EC2 instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_key_pair_2.yaml.bak b/queries/aws_ec2_key_pair_2.yaml.bak new file mode 100755 index 000000000..84ea1064c --- /dev/null +++ b/queries/aws_ec2_key_pair_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_key_pair_2 +Title: "List all AWS EC2 Key Pairs to Securely Log Into EC2 Instances" +Description: "Allows users to query AWS EC2 Key Pairs, providing information about key pairs which are used to securely log into EC2 instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key_name, + tags + from + aws_ec2_key_pair + where + not tags :: JSONB ? 'owner'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Key Pairs diff --git a/queries/aws_ec2_launch_configuration_1.yaml b/queries/aws_ec2_launch_configuration_1.yaml index 37d75d1dd..95a85ca68 100755 --- a/queries/aws_ec2_launch_configuration_1.yaml +++ b/queries/aws_ec2_launch_configuration_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_configuration_1 Title: "List all AWS EC2 Launch Configurations and Metadata" Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_configuration_1.yaml.bak b/queries/aws_ec2_launch_configuration_1.yaml.bak new file mode 100755 index 000000000..37d75d1dd --- /dev/null +++ b/queries/aws_ec2_launch_configuration_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_launch_configuration_1 +Title: "List all AWS EC2 Launch Configurations and Metadata" +Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_time, + associate_public_ip_address, + ebs_optimized, + image_id, + instance_monitoring_enabled, + instance_type, + key_name + from + aws_ec2_launch_configuration; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_configuration_2.yaml b/queries/aws_ec2_launch_configuration_2.yaml index 9823218e5..0c1112614 100755 --- a/queries/aws_ec2_launch_configuration_2.yaml +++ b/queries/aws_ec2_launch_configuration_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_configuration_2 Title: "List all AWS EC2 Launch Configurations and Metadata" Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_configuration_2.yaml.bak b/queries/aws_ec2_launch_configuration_2.yaml.bak new file mode 100755 index 000000000..9823218e5 --- /dev/null +++ b/queries/aws_ec2_launch_configuration_2.yaml.bak @@ -0,0 +1,23 @@ +ID: aws_ec2_launch_configuration_2 +Title: "List all AWS EC2 Launch Configurations and Metadata" +Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + iam_instance_profile + from + aws_ec2_launch_configuration; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_configuration_3.yaml b/queries/aws_ec2_launch_configuration_3.yaml index 4d35fb06c..e84ab47b1 100755 --- a/queries/aws_ec2_launch_configuration_3.yaml +++ b/queries/aws_ec2_launch_configuration_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_configuration_3 Title: "Find AWS EC2 Launch Configurations and Metadata" Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_configuration_3.yaml.bak b/queries/aws_ec2_launch_configuration_3.yaml.bak new file mode 100755 index 000000000..4d35fb06c --- /dev/null +++ b/queries/aws_ec2_launch_configuration_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_launch_configuration_3 +Title: "Find AWS EC2 Launch Configurations and Metadata" +Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + associate_public_ip_address + from + aws_ec2_launch_configuration + where + associate_public_ip_address; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_configuration_4.yaml b/queries/aws_ec2_launch_configuration_4.yaml index f1c945b70..2c18d0c39 100755 --- a/queries/aws_ec2_launch_configuration_4.yaml +++ b/queries/aws_ec2_launch_configuration_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_configuration_4 Title: "Find AWS EC2 Launch Configurations and Security Groups" Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_configuration_4.yaml.bak b/queries/aws_ec2_launch_configuration_4.yaml.bak new file mode 100755 index 000000000..f1c945b70 --- /dev/null +++ b/queries/aws_ec2_launch_configuration_4.yaml.bak @@ -0,0 +1,23 @@ +ID: aws_ec2_launch_configuration_4 +Title: "Find AWS EC2 Launch Configurations and Security Groups" +Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + jsonb_array_elements_text(security_groups) as security_groups + from + aws_ec2_launch_configuration; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_configuration_5.yaml b/queries/aws_ec2_launch_configuration_5.yaml index 130704921..bdbec730b 100755 --- a/queries/aws_ec2_launch_configuration_5.yaml +++ b/queries/aws_ec2_launch_configuration_5.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_configuration_5 Title: "Find AWS EC2 Launch Configurations With Sensitive Data" Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_configuration_5.yaml.bak b/queries/aws_ec2_launch_configuration_5.yaml.bak new file mode 100755 index 000000000..130704921 --- /dev/null +++ b/queries/aws_ec2_launch_configuration_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_launch_configuration_5 +Title: "Find AWS EC2 Launch Configurations With Sensitive Data" +Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + user_data + from + aws_ec2_launch_configuration + where + user_data like any (array ['%pass%', '%secret%','%token%','%key%']) + or user_data ~ '(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_template_1.yaml b/queries/aws_ec2_launch_template_1.yaml index 6ee42f106..c9eb90c70 100755 --- a/queries/aws_ec2_launch_template_1.yaml +++ b/queries/aws_ec2_launch_template_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_template_1 Title: "List all AWS EC2 Launch Templates and Details" Description: "Allows users to query AWS EC2 Launch Templates to retrieve detailed information, including the associated AMI, instance type, key pair, security groups, and user data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_template_1.yaml.bak b/queries/aws_ec2_launch_template_1.yaml.bak new file mode 100755 index 000000000..6ee42f106 --- /dev/null +++ b/queries/aws_ec2_launch_template_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_launch_template_1 +Title: "List all AWS EC2 Launch Templates and Details" +Description: "Allows users to query AWS EC2 Launch Templates to retrieve detailed information, including the associated AMI, instance type, key pair, security groups, and user data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + launch_template_name, + launch_template_id, + created_time, + created_by, + default_version_number, + latest_version_number + from + aws_ec2_launch_template; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_template_2.yaml b/queries/aws_ec2_launch_template_2.yaml index e8a20efb5..daaaca50e 100755 --- a/queries/aws_ec2_launch_template_2.yaml +++ b/queries/aws_ec2_launch_template_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_template_2 Title: "Find AWS EC2 Launch Templates with detailed information" Description: "Allows users to query AWS EC2 Launch Templates to retrieve detailed information, including the associated AMI, instance type, key pair, security groups, and user data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_template_2.yaml.bak b/queries/aws_ec2_launch_template_2.yaml.bak new file mode 100755 index 000000000..e8a20efb5 --- /dev/null +++ b/queries/aws_ec2_launch_template_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_launch_template_2 +Title: "Find AWS EC2 Launch Templates with detailed information" +Description: "Allows users to query AWS EC2 Launch Templates to retrieve detailed information, including the associated AMI, instance type, key pair, security groups, and user data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + launch_template_name, + launch_template_id, + create_time, + created_by + from + aws_ec2_launch_template + where + created_by like '%turbot'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Launch Templates diff --git a/queries/aws_ec2_launch_template_3.yaml b/queries/aws_ec2_launch_template_3.yaml index 7ea411fd2..38a0b409f 100755 --- a/queries/aws_ec2_launch_template_3.yaml +++ b/queries/aws_ec2_launch_template_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_template_3 Title: "List all AWS EC2 Launch Templates with Details" Description: "Allows users to query AWS EC2 Launch Templates to retrieve detailed information, including the associated AMI, instance type, key pair, security groups, and user data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_template_3.yaml.bak b/queries/aws_ec2_launch_template_3.yaml.bak new file mode 100755 index 000000000..7ea411fd2 --- /dev/null +++ b/queries/aws_ec2_launch_template_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ec2_launch_template_3 +Title: "List all AWS EC2 Launch Templates with Details" +Description: "Allows users to query AWS EC2 Launch Templates to retrieve detailed information, including the associated AMI, instance type, key pair, security groups, and user data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + launch_template_name, + launch_template_id, + create_time + from + aws_ec2_launch_template + where + create_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_template_version_1.yaml b/queries/aws_ec2_launch_template_version_1.yaml index 06941e150..ede3e7f84 100755 --- a/queries/aws_ec2_launch_template_version_1.yaml +++ b/queries/aws_ec2_launch_template_version_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_template_version_1 Title: "List all AWS EC2 Launch Template Versions and their Details" Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_template_version_1.yaml.bak b/queries/aws_ec2_launch_template_version_1.yaml.bak new file mode 100755 index 000000000..06941e150 --- /dev/null +++ b/queries/aws_ec2_launch_template_version_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_launch_template_version_1 +Title: "List all AWS EC2 Launch Template Versions and their Details" +Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + launch_template_name, + launch_template_id, + created_by, + default_version, + version_description, + version_number + from + aws_ec2_launch_template_version; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_template_version_2.yaml b/queries/aws_ec2_launch_template_version_2.yaml index 0d154c43c..1a13f69c9 100755 --- a/queries/aws_ec2_launch_template_version_2.yaml +++ b/queries/aws_ec2_launch_template_version_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_template_version_2 Title: "List AWS EC2 Launch Template Version Details" Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_template_version_2.yaml.bak b/queries/aws_ec2_launch_template_version_2.yaml.bak new file mode 100755 index 000000000..0d154c43c --- /dev/null +++ b/queries/aws_ec2_launch_template_version_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_launch_template_version_2 +Title: "List AWS EC2 Launch Template Version Details" +Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + launch_template_name, + launch_template_id, + create_time, + created_by, + version_description, + version_number + from + aws_ec2_launch_template_version + where + created_by like '%turbot'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_template_version_3.yaml b/queries/aws_ec2_launch_template_version_3.yaml index c72d485e1..62273cd23 100755 --- a/queries/aws_ec2_launch_template_version_3.yaml +++ b/queries/aws_ec2_launch_template_version_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_template_version_3 Title: "Find AWS EC2 Launch Template Versions Details" Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_template_version_3.yaml.bak b/queries/aws_ec2_launch_template_version_3.yaml.bak new file mode 100755 index 000000000..c72d485e1 --- /dev/null +++ b/queries/aws_ec2_launch_template_version_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_launch_template_version_3 +Title: "Find AWS EC2 Launch Template Versions Details" +Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + launch_template_name, + launch_template_id, + create_time, + default_version, + version_number + from + aws_ec2_launch_template_version + where + create_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_template_version_4.yaml b/queries/aws_ec2_launch_template_version_4.yaml index 4a699d46a..c76a94bb0 100755 --- a/queries/aws_ec2_launch_template_version_4.yaml +++ b/queries/aws_ec2_launch_template_version_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_template_version_4 Title: "List all AWS EC2 Launch Template Versions" Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_template_version_4.yaml.bak b/queries/aws_ec2_launch_template_version_4.yaml.bak new file mode 100755 index 000000000..4a699d46a --- /dev/null +++ b/queries/aws_ec2_launch_template_version_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_launch_template_version_4 +Title: "List all AWS EC2 Launch Template Versions" +Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + launch_template_name, + launch_template_id, + create_time, + default_version, + version_number + from + aws_ec2_launch_template_version + where + default_version; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EC2 diff --git a/queries/aws_ec2_launch_template_version_5.yaml b/queries/aws_ec2_launch_template_version_5.yaml index d0f47d9af..96c1eaf8d 100755 --- a/queries/aws_ec2_launch_template_version_5.yaml +++ b/queries/aws_ec2_launch_template_version_5.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_template_version_5 Title: "List all AWS EC2 Launch Template Versions" Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_template_version_5.yaml.bak b/queries/aws_ec2_launch_template_version_5.yaml.bak new file mode 100755 index 000000000..d0f47d9af --- /dev/null +++ b/queries/aws_ec2_launch_template_version_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_launch_template_version_5 +Title: "List all AWS EC2 Launch Template Versions" +Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + launch_template_id, + count(version_number) as number_of_versions + from + aws_ec2_launch_template_version + group by + launch_template_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_template_version_6.yaml b/queries/aws_ec2_launch_template_version_6.yaml index fb503aa50..c0f602014 100755 --- a/queries/aws_ec2_launch_template_version_6.yaml +++ b/queries/aws_ec2_launch_template_version_6.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_template_version_6 Title: "List AWS EC2 Launch Template Versions with Details" Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_template_version_6.yaml.bak b/queries/aws_ec2_launch_template_version_6.yaml.bak new file mode 100755 index 000000000..fb503aa50 --- /dev/null +++ b/queries/aws_ec2_launch_template_version_6.yaml.bak @@ -0,0 +1,51 @@ +ID: aws_ec2_launch_template_version_6 +Title: "List AWS EC2 Launch Template Versions with Details" +Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + launch_template_name, + launch_template_id, + version_number, + launch_template_data -> 'BlockDeviceMappings' as block_device_mappings, + launch_template_data -> 'CapacityReservationSpecification' as capacity_reservation_specification, + launch_template_data -> 'CpuOptions' as cpu_options, + launch_template_data -> 'CreditSpecification' as credit_specification, + launch_template_data -> 'DisableApiStop' as disable_api_stop, + launch_template_data -> 'DisableApiTermination' as disable_api_termination, + launch_template_data -> 'EbsOptimized' as ebs_optimized, + launch_template_data -> 'ElasticGpuSpecifications' as elastic_gpu_specifications, + launch_template_data -> 'ElasticInferenceAccelerators' as elastic_inference_accelerators, + launch_template_data -> 'EnclaveOptions' as enclave_options, + launch_template_data -> 'IamInstanceProfile' as iam_instance_profile, + launch_template_data -> 'ImageId' as image_id, + launch_template_data -> 'InstanceInitiatedShutdownBehavior' as instance_initiated_shutdown_behavior, + launch_template_data -> 'InstanceRequirements' as instance_requirements, + launch_template_data -> 'InstanceType' as instance_type, + launch_template_data -> 'KernelId' as kernel_id, + launch_template_data -> 'LicenseSpecifications' as license_specifications, + launch_template_data -> 'MaintenanceOptions' as maintenance_options, + launch_template_data -> 'MetadataOptions' as metadata_options, + launch_template_data -> 'Monitoring' as monitoring, + launch_template_data -> 'NetworkInterfaces' as network_interfaces, + launch_template_data -> 'PrivateDnsNameOptions' as private_dns_name_options, + launch_template_data -> 'RamDiskId' as ram_disk_id, + launch_template_data -> 'SecurityGroupIds' as security_group_ids, + launch_template_data -> 'SecurityGroups' as security_groups, + launch_template_data -> 'TagSpecifications' as tag_specifications, + launch_template_data -> 'UserData' as user_data + from + aws_ec2_launch_template_version; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_template_version_7.yaml b/queries/aws_ec2_launch_template_version_7.yaml index 3a4be6ee4..80a7e247d 100755 --- a/queries/aws_ec2_launch_template_version_7.yaml +++ b/queries/aws_ec2_launch_template_version_7.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_template_version_7 Title: "List all AWS EC2 Launch Template Versions and Details" Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_template_version_7.yaml.bak b/queries/aws_ec2_launch_template_version_7.yaml.bak new file mode 100755 index 000000000..3a4be6ee4 --- /dev/null +++ b/queries/aws_ec2_launch_template_version_7.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_launch_template_version_7 +Title: "List all AWS EC2 Launch Template Versions and Details" +Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + launch_template_name, + launch_template_id, + version_number, + version_description, + ebs_optimized + from + aws_ec2_launch_template_version + where + ebs_optimized; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_template_version_8.yaml b/queries/aws_ec2_launch_template_version_8.yaml index 45a4adefd..cc43813a9 100755 --- a/queries/aws_ec2_launch_template_version_8.yaml +++ b/queries/aws_ec2_launch_template_version_8.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_template_version_8 Title: "List all AWS EC2 Launch Template Versions" Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_template_version_8.yaml.bak b/queries/aws_ec2_launch_template_version_8.yaml.bak new file mode 100755 index 000000000..45a4adefd --- /dev/null +++ b/queries/aws_ec2_launch_template_version_8.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_launch_template_version_8 +Title: "List all AWS EC2 Launch Template Versions" +Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + launch_template_name, + launch_template_id, + version_number, + version_description, + disable_api_termination + from + aws_ec2_launch_template_version + where + disable_api_termination; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_launch_template_version_9.yaml b/queries/aws_ec2_launch_template_version_9.yaml index a46f31ee1..f84e36c4b 100755 --- a/queries/aws_ec2_launch_template_version_9.yaml +++ b/queries/aws_ec2_launch_template_version_9.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_launch_template_version_9 Title: "Find AWS EC2 Launch Template Versions and Details" Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_launch_template_version_9.yaml.bak b/queries/aws_ec2_launch_template_version_9.yaml.bak new file mode 100755 index 000000000..a46f31ee1 --- /dev/null +++ b/queries/aws_ec2_launch_template_version_9.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_launch_template_version_9 +Title: "Find AWS EC2 Launch Template Versions and Details" +Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + launch_template_name, + launch_template_id, + version_number, + disable_api_stop + from + aws_ec2_launch_template_version + where + disable_api_stop; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_load_balancer_listener_1.yaml b/queries/aws_ec2_load_balancer_listener_1.yaml index 1eaccf390..afe2ccf6d 100755 --- a/queries/aws_ec2_load_balancer_listener_1.yaml +++ b/queries/aws_ec2_load_balancer_listener_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_load_balancer_listener_1 Title: "Find AWS EC2 Load Balancer Listeners" Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_load_balancer_listener_1.yaml.bak b/queries/aws_ec2_load_balancer_listener_1.yaml.bak new file mode 100755 index 000000000..1eaccf390 --- /dev/null +++ b/queries/aws_ec2_load_balancer_listener_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_load_balancer_listener_1 +Title: "Find AWS EC2 Load Balancer Listeners" +Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + port, + protocol + from + aws_ec2_load_balancer_listener; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Load Balancer diff --git a/queries/aws_ec2_load_balancer_listener_2.yaml b/queries/aws_ec2_load_balancer_listener_2.yaml index 14d71dd5f..521725e5a 100755 --- a/queries/aws_ec2_load_balancer_listener_2.yaml +++ b/queries/aws_ec2_load_balancer_listener_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_load_balancer_listener_2 Title: "List all AWS EC2 Load Balancer Listeners" Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_load_balancer_listener_2.yaml.bak b/queries/aws_ec2_load_balancer_listener_2.yaml.bak new file mode 100755 index 000000000..521725e5a --- /dev/null +++ b/queries/aws_ec2_load_balancer_listener_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_load_balancer_listener_2 +Title: "List all AWS EC2 Load Balancer Listeners" +Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + action ->> 'AuthenticateCognitoConfig' as authenticate_cognito_config, + action ->> 'AuthenticateOidcConfig' as authenticate_Oidc_config, + action ->> 'FixedResponseConfig' as fixed_response_config, + action -> 'ForwardConfig' -> 'TargetGroupStickinessConfig' ->> 'DurationSeconds' as duration_seconds, + action -> 'ForwardConfig' -> 'TargetGroupStickinessConfig' ->> 'Enabled' as target_group_stickiness_config_enabled + from + aws_ec2_load_balancer_listener + cross join jsonb_array_elements(default_actions) as action; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_load_balancer_listener_2.yaml.bak.bak b/queries/aws_ec2_load_balancer_listener_2.yaml.bak.bak new file mode 100755 index 000000000..521725e5a --- /dev/null +++ b/queries/aws_ec2_load_balancer_listener_2.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_load_balancer_listener_2 +Title: "List all AWS EC2 Load Balancer Listeners" +Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + action ->> 'AuthenticateCognitoConfig' as authenticate_cognito_config, + action ->> 'AuthenticateOidcConfig' as authenticate_Oidc_config, + action ->> 'FixedResponseConfig' as fixed_response_config, + action -> 'ForwardConfig' -> 'TargetGroupStickinessConfig' ->> 'DurationSeconds' as duration_seconds, + action -> 'ForwardConfig' -> 'TargetGroupStickinessConfig' ->> 'Enabled' as target_group_stickiness_config_enabled + from + aws_ec2_load_balancer_listener + cross join jsonb_array_elements(default_actions) as action; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_load_balancer_listener_3.yaml b/queries/aws_ec2_load_balancer_listener_3.yaml index 5f08c8603..bc5adf202 100755 --- a/queries/aws_ec2_load_balancer_listener_3.yaml +++ b/queries/aws_ec2_load_balancer_listener_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_load_balancer_listener_3 Title: "Find AWS EC2 Load Balancer Listeners by Protocol" Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_load_balancer_listener_3.yaml.bak b/queries/aws_ec2_load_balancer_listener_3.yaml.bak new file mode 100755 index 000000000..5f08c8603 --- /dev/null +++ b/queries/aws_ec2_load_balancer_listener_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_load_balancer_listener_3 +Title: "Find AWS EC2 Load Balancer Listeners by Protocol" +Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + port, + protocol + from + aws_ec2_load_balancer_listener + where + protocol = 'HTTP'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Load Balancer diff --git a/queries/aws_ec2_load_balancer_listener_rule_1.yaml b/queries/aws_ec2_load_balancer_listener_rule_1.yaml index 2b7b78692..fba5ab5b7 100755 --- a/queries/aws_ec2_load_balancer_listener_rule_1.yaml +++ b/queries/aws_ec2_load_balancer_listener_rule_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_load_balancer_listener_rule_1 Title: "Find AWS EC2 Load Balancer Listener Rules Details" Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_load_balancer_listener_rule_1.yaml.bak b/queries/aws_ec2_load_balancer_listener_rule_1.yaml.bak new file mode 100755 index 000000000..2b7b78692 --- /dev/null +++ b/queries/aws_ec2_load_balancer_listener_rule_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_load_balancer_listener_rule_1 +Title: "Find AWS EC2 Load Balancer Listener Rules Details" +Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + listener_arn, + priority, + is_default, + region + from + aws_ec2_load_balancer_listener_rule + where + arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789098:listener-rule/app/test53333/f7cc8cdc44ff910b/c9418b57592205f0/a8fe6d8842838dfa'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Load Balancer diff --git a/queries/aws_ec2_load_balancer_listener_rule_2.yaml b/queries/aws_ec2_load_balancer_listener_rule_2.yaml index 626319c07..27248719b 100755 --- a/queries/aws_ec2_load_balancer_listener_rule_2.yaml +++ b/queries/aws_ec2_load_balancer_listener_rule_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_load_balancer_listener_rule_2 Title: "Find AWS EC2 Load Balancer Listener Rules: Actions & Conditions" Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_load_balancer_listener_rule_2.yaml.bak b/queries/aws_ec2_load_balancer_listener_rule_2.yaml.bak new file mode 100755 index 000000000..626319c07 --- /dev/null +++ b/queries/aws_ec2_load_balancer_listener_rule_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_load_balancer_listener_rule_2 +Title: "Find AWS EC2 Load Balancer Listener Rules: Actions & Conditions" +Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + priority, + is_default, + actions, + conditions + from + aws_ec2_load_balancer_listener_rule + where + listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Load Balancer diff --git a/queries/aws_ec2_load_balancer_listener_rule_3.yaml b/queries/aws_ec2_load_balancer_listener_rule_3.yaml index c00cb4bdf..efe2d7975 100755 --- a/queries/aws_ec2_load_balancer_listener_rule_3.yaml +++ b/queries/aws_ec2_load_balancer_listener_rule_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_load_balancer_listener_rule_3 Title: "Find All AWS EC2 Load Balancer Listener Rules Details" Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_load_balancer_listener_rule_3.yaml.bak b/queries/aws_ec2_load_balancer_listener_rule_3.yaml.bak new file mode 100755 index 000000000..c00cb4bdf --- /dev/null +++ b/queries/aws_ec2_load_balancer_listener_rule_3.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_ec2_load_balancer_listener_rule_3 +Title: "Find All AWS EC2 Load Balancer Listener Rules Details" +Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + a ->> 'Type' as action_type, + a ->> 'Order' as action_order, + a ->> 'TargetGroupArn' as target_group_arn, + a -> 'RedirectConfig' as redirect_config, + a -> 'ForwardConfig' as forward_config, + a -> 'FixedResponseConfig' as fixed_response_config, + a -> 'AuthenticateOidcConfig' as authenticate_oidc_config, + a -> 'AuthenticateCognitoConfig' as authenticate_cognito_config + from + aws_ec2_load_balancer_listener_rule, + jsonb_array_elements(actions) as a + where + listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Load Balancer diff --git a/queries/aws_ec2_load_balancer_listener_rule_4.yaml b/queries/aws_ec2_load_balancer_listener_rule_4.yaml index f673d12ac..c0df506ca 100755 --- a/queries/aws_ec2_load_balancer_listener_rule_4.yaml +++ b/queries/aws_ec2_load_balancer_listener_rule_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_load_balancer_listener_rule_4 Title: "List all AWS EC2 Load Balancer Listener Rules" Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_load_balancer_listener_rule_4.yaml.bak b/queries/aws_ec2_load_balancer_listener_rule_4.yaml.bak new file mode 100755 index 000000000..f673d12ac --- /dev/null +++ b/queries/aws_ec2_load_balancer_listener_rule_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_load_balancer_listener_rule_4 +Title: "List all AWS EC2 Load Balancer Listener Rules" +Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + listener_arn, + priority + from + aws_ec2_load_balancer_listener_rule + where + listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272' + and is_default = true; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Load Balancer diff --git a/queries/aws_ec2_load_balancer_listener_rule_5.yaml b/queries/aws_ec2_load_balancer_listener_rule_5.yaml index 9480ad100..d4239f1f8 100755 --- a/queries/aws_ec2_load_balancer_listener_rule_5.yaml +++ b/queries/aws_ec2_load_balancer_listener_rule_5.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_load_balancer_listener_rule_5 Title: "List all AWS EC2 Load Balancer Listener Rules" Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_load_balancer_listener_rule_5.yaml.bak b/queries/aws_ec2_load_balancer_listener_rule_5.yaml.bak new file mode 100755 index 000000000..9480ad100 --- /dev/null +++ b/queries/aws_ec2_load_balancer_listener_rule_5.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ec2_load_balancer_listener_rule_5 +Title: "List all AWS EC2 Load Balancer Listener Rules" +Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.arn, + r.listener_arn, + l.load_balancer_arn, + l.protocol as listener_protocol, + l.ssl_policy, + r.priority, + r.is_default, + r.actions, + r.conditions + from + aws_ec2_load_balancer_listener_rule as r + join aws_ec2_load_balancer_listener as l on r.listener_arn = l.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_load_balancer_listener_rule_6.yaml b/queries/aws_ec2_load_balancer_listener_rule_6.yaml index ad7c81dff..0da282a28 100755 --- a/queries/aws_ec2_load_balancer_listener_rule_6.yaml +++ b/queries/aws_ec2_load_balancer_listener_rule_6.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_load_balancer_listener_rule_6 Title: "List AWS EC2 Load Balancer Listener Rules with Conditions & Actions" Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_load_balancer_listener_rule_6.yaml.bak b/queries/aws_ec2_load_balancer_listener_rule_6.yaml.bak new file mode 100755 index 000000000..ad7c81dff --- /dev/null +++ b/queries/aws_ec2_load_balancer_listener_rule_6.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_ec2_load_balancer_listener_rule_6 +Title: "List AWS EC2 Load Balancer Listener Rules with Conditions & Actions" +Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.arn, + r.listener_arn, + l.load_balancer_arn, + l.protocol as listener_protocol, + l.ssl_policy, + a.canonical_hosted_zone_id, + a.dns_name, + a.ip_address_type, + r.priority, + r.is_default, + r.actions, + r.conditions + from + aws_ec2_load_balancer_listener_rule as r + join aws_ec2_load_balancer_listener as l on r.listener_arn = l.arn + join aws_ec2_application_load_balancer as a on l.load_balancer_arn = a.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_1.yaml b/queries/aws_ec2_managed_prefix_list_1.yaml index 5ec0ddddb..20db78cfa 100755 --- a/queries/aws_ec2_managed_prefix_list_1.yaml +++ b/queries/aws_ec2_managed_prefix_list_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_managed_prefix_list_1 Title: "List AWS EC2 Managed Prefix Lists and Metadata" Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_managed_prefix_list_1.yaml.bak b/queries/aws_ec2_managed_prefix_list_1.yaml.bak new file mode 100755 index 000000000..20db78cfa --- /dev/null +++ b/queries/aws_ec2_managed_prefix_list_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_managed_prefix_list_1 +Title: "List AWS EC2 Managed Prefix Lists and Metadata" +Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + state, + owner_id + from + aws_ec2_managed_prefix_list; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_1.yaml.bak.bak b/queries/aws_ec2_managed_prefix_list_1.yaml.bak.bak new file mode 100755 index 000000000..20db78cfa --- /dev/null +++ b/queries/aws_ec2_managed_prefix_list_1.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_managed_prefix_list_1 +Title: "List AWS EC2 Managed Prefix Lists and Metadata" +Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + state, + owner_id + from + aws_ec2_managed_prefix_list; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_2.yaml b/queries/aws_ec2_managed_prefix_list_2.yaml index 4a9d25f97..9ab9bb813 100755 --- a/queries/aws_ec2_managed_prefix_list_2.yaml +++ b/queries/aws_ec2_managed_prefix_list_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_managed_prefix_list_2 Title: "List all AWS EC2 Managed Prefix Lists with SQL" Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_managed_prefix_list_2.yaml.bak b/queries/aws_ec2_managed_prefix_list_2.yaml.bak new file mode 100755 index 000000000..4a9d25f97 --- /dev/null +++ b/queries/aws_ec2_managed_prefix_list_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_managed_prefix_list_2 +Title: "List all AWS EC2 Managed Prefix Lists with SQL" +Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + state, + owner_id + from + aws_ec2_managed_prefix_list + where + owner_id <> 'AWS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_3.yaml b/queries/aws_ec2_managed_prefix_list_3.yaml index f12bc7077..8a46d3de9 100755 --- a/queries/aws_ec2_managed_prefix_list_3.yaml +++ b/queries/aws_ec2_managed_prefix_list_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_managed_prefix_list_3 Title: "Find AWS EC2 Managed Prefix Lists by IP Address Family" Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_managed_prefix_list_3.yaml.bak b/queries/aws_ec2_managed_prefix_list_3.yaml.bak new file mode 100755 index 000000000..f12bc7077 --- /dev/null +++ b/queries/aws_ec2_managed_prefix_list_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_managed_prefix_list_3 +Title: "Find AWS EC2 Managed Prefix Lists by IP Address Family" +Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + address_family + from + aws_ec2_managed_prefix_list + where + address_family = 'IPv6'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_4.yaml b/queries/aws_ec2_managed_prefix_list_4.yaml index 530fa0f59..39bdff493 100755 --- a/queries/aws_ec2_managed_prefix_list_4.yaml +++ b/queries/aws_ec2_managed_prefix_list_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_managed_prefix_list_4 Title: "List AWS EC2 Managed Prefix List Details" Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_managed_prefix_list_4.yaml.bak b/queries/aws_ec2_managed_prefix_list_4.yaml.bak new file mode 100755 index 000000000..530fa0f59 --- /dev/null +++ b/queries/aws_ec2_managed_prefix_list_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_managed_prefix_list_4 +Title: "List AWS EC2 Managed Prefix List Details" +Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + state, + owner_id + from + aws_ec2_managed_prefix_list + where + id in ('pl-03a3e735e3467c0c4', 'pl-4ca54025'); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_5.yaml b/queries/aws_ec2_managed_prefix_list_5.yaml index 8a7eeafe4..bbc3382a4 100755 --- a/queries/aws_ec2_managed_prefix_list_5.yaml +++ b/queries/aws_ec2_managed_prefix_list_5.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_managed_prefix_list_5 Title: "List all AWS EC2 Managed Prefix Lists with details" Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_managed_prefix_list_5.yaml.bak b/queries/aws_ec2_managed_prefix_list_5.yaml.bak new file mode 100755 index 000000000..8a7eeafe4 --- /dev/null +++ b/queries/aws_ec2_managed_prefix_list_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_managed_prefix_list_5 +Title: "List all AWS EC2 Managed Prefix Lists with details" +Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + state, + owner_id + from + aws_ec2_managed_prefix_list + where + name in ('testPrefix', 'com.amazonaws.us-east-2.dynamodb'); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_6.yaml b/queries/aws_ec2_managed_prefix_list_6.yaml index 1cc5b283d..bed245fe0 100755 --- a/queries/aws_ec2_managed_prefix_list_6.yaml +++ b/queries/aws_ec2_managed_prefix_list_6.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_managed_prefix_list_6 Title: "Find AWS EC2 Managed Prefix Lists with permissions" Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_managed_prefix_list_6.yaml.bak b/queries/aws_ec2_managed_prefix_list_6.yaml.bak new file mode 100755 index 000000000..1cc5b283d --- /dev/null +++ b/queries/aws_ec2_managed_prefix_list_6.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_managed_prefix_list_6 +Title: "Find AWS EC2 Managed Prefix Lists with permissions" +Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + state, + owner_id + from + aws_ec2_managed_prefix_list + where + owner_id = '632901234528'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_entry_1.yaml b/queries/aws_ec2_managed_prefix_list_entry_1.yaml index d261e794b..44460b45e 100755 --- a/queries/aws_ec2_managed_prefix_list_entry_1.yaml +++ b/queries/aws_ec2_managed_prefix_list_entry_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_managed_prefix_list_entry_1 Title: "List AWS EC2 Managed Prefix List Entry Details" Description: "Allows users to query AWS EC2 Managed Prefix List Entries, providing details such as the CIDR block, description, and the prefix list ID. This table is useful for understanding the IP address ranges included in a managed prefix list." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_managed_prefix_list_entry_1.yaml.bak b/queries/aws_ec2_managed_prefix_list_entry_1.yaml.bak new file mode 100755 index 000000000..d261e794b --- /dev/null +++ b/queries/aws_ec2_managed_prefix_list_entry_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_ec2_managed_prefix_list_entry_1 +Title: "List AWS EC2 Managed Prefix List Entry Details" +Description: "Allows users to query AWS EC2 Managed Prefix List Entries, providing details such as the CIDR block, description, and the prefix list ID. This table is useful for understanding the IP address ranges included in a managed prefix list." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + prefix_list_id, + cidr, + description + from + aws_ec2_managed_prefix_list_entry; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_entry_2.yaml b/queries/aws_ec2_managed_prefix_list_entry_2.yaml index 2c1b10d1e..a2ab53d37 100755 --- a/queries/aws_ec2_managed_prefix_list_entry_2.yaml +++ b/queries/aws_ec2_managed_prefix_list_entry_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_managed_prefix_list_entry_2 Title: "Find AWS EC2 Managed Prefix List Entries with Details" Description: "Allows users to query AWS EC2 Managed Prefix List Entries, providing details such as the CIDR block, description, and the prefix list ID. This table is useful for understanding the IP address ranges included in a managed prefix list." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_managed_prefix_list_entry_2.yaml.bak b/queries/aws_ec2_managed_prefix_list_entry_2.yaml.bak new file mode 100755 index 000000000..2c1b10d1e --- /dev/null +++ b/queries/aws_ec2_managed_prefix_list_entry_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_managed_prefix_list_entry_2 +Title: "Find AWS EC2 Managed Prefix List Entries with Details" +Description: "Allows users to query AWS EC2 Managed Prefix List Entries, providing details such as the CIDR block, description, and the prefix list ID. This table is useful for understanding the IP address ranges included in a managed prefix list." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + l.name, + l.id, + e.cidr, + e.description, + l.state, + l.owner_id + from + aws_ec2_managed_prefix_list_entry as e, + aws_ec2_managed_prefix_list as l + where + l.owner_id <> 'AWS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_entry_3.yaml b/queries/aws_ec2_managed_prefix_list_entry_3.yaml index f26588d15..d9f52d38f 100755 --- a/queries/aws_ec2_managed_prefix_list_entry_3.yaml +++ b/queries/aws_ec2_managed_prefix_list_entry_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_managed_prefix_list_entry_3 Title: "List AWS EC2 Managed Prefix List Entries with Details" Description: "Allows users to query AWS EC2 Managed Prefix List Entries, providing details such as the CIDR block, description, and the prefix list ID. This table is useful for understanding the IP address ranges included in a managed prefix list." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_managed_prefix_list_entry_3.yaml.bak b/queries/aws_ec2_managed_prefix_list_entry_3.yaml.bak new file mode 100755 index 000000000..f26588d15 --- /dev/null +++ b/queries/aws_ec2_managed_prefix_list_entry_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_managed_prefix_list_entry_3 +Title: "List AWS EC2 Managed Prefix List Entries with Details" +Description: "Allows users to query AWS EC2 Managed Prefix List Entries, providing details such as the CIDR block, description, and the prefix list ID. This table is useful for understanding the IP address ranges included in a managed prefix list." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + prefix_list_id, + count(cidr) as numbers_of_entries + from + aws_ec2_managed_prefix_list_entry + group by + prefix_list_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_network_interface_1.yaml b/queries/aws_ec2_network_interface_1.yaml index 70a1b98c4..03693d888 100755 --- a/queries/aws_ec2_network_interface_1.yaml +++ b/queries/aws_ec2_network_interface_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_network_interface_1 Title: "Find all AWS EC2 Network Interfaces & Associated Details" Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_network_interface_1.yaml.bak b/queries/aws_ec2_network_interface_1.yaml.bak new file mode 100755 index 000000000..70a1b98c4 --- /dev/null +++ b/queries/aws_ec2_network_interface_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_network_interface_1 +Title: "Find all AWS EC2 Network Interfaces & Associated Details" +Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + network_interface_id, + interface_type, + description, + private_ip_address, + association_public_ip, + mac_address + from + aws_ec2_network_interface; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_network_interface_2.yaml b/queries/aws_ec2_network_interface_2.yaml index 52b6f0187..ebeff50e7 100755 --- a/queries/aws_ec2_network_interface_2.yaml +++ b/queries/aws_ec2_network_interface_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_network_interface_2 Title: "Find AWS EC2 Network Interfaces and Details" Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_network_interface_2.yaml.bak b/queries/aws_ec2_network_interface_2.yaml.bak new file mode 100755 index 000000000..52b6f0187 --- /dev/null +++ b/queries/aws_ec2_network_interface_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ec2_network_interface_2 +Title: "Find AWS EC2 Network Interfaces and Details" +Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + network_interface_id, + interface_type, + description, + private_ip_address, + association_public_ip, + mac_address + from + aws_ec2_network_interface + where + private_ip_address :: cidr <<= '10.66.0.0/16'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_network_interface_3.yaml b/queries/aws_ec2_network_interface_3.yaml index 5f34fc464..8b6292299 100755 --- a/queries/aws_ec2_network_interface_3.yaml +++ b/queries/aws_ec2_network_interface_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_network_interface_3 Title: "Find Details of AWS EC2 Network Interfaces" Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_network_interface_3.yaml.bak b/queries/aws_ec2_network_interface_3.yaml.bak new file mode 100755 index 000000000..8b6292299 --- /dev/null +++ b/queries/aws_ec2_network_interface_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_network_interface_3 +Title: "Find Details of AWS EC2 Network Interfaces" +Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + interface_type, + count(interface_type) as count + from + aws_ec2_network_interface + group by + interface_type + order by + count desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_network_interface_3.yaml.bak.bak b/queries/aws_ec2_network_interface_3.yaml.bak.bak new file mode 100755 index 000000000..8b6292299 --- /dev/null +++ b/queries/aws_ec2_network_interface_3.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_network_interface_3 +Title: "Find Details of AWS EC2 Network Interfaces" +Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + interface_type, + count(interface_type) as count + from + aws_ec2_network_interface + group by + interface_type + order by + count desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_network_interface_4.yaml b/queries/aws_ec2_network_interface_4.yaml index e719df560..36454d063 100755 --- a/queries/aws_ec2_network_interface_4.yaml +++ b/queries/aws_ec2_network_interface_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_network_interface_4 Title: "List all AWS EC2 Network Interfaces and Associated Details" Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_network_interface_4.yaml.bak b/queries/aws_ec2_network_interface_4.yaml.bak new file mode 100755 index 000000000..e719df560 --- /dev/null +++ b/queries/aws_ec2_network_interface_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_network_interface_4 +Title: "List all AWS EC2 Network Interfaces and Associated Details" +Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + network_interface_id as eni, + sg ->> 'GroupId' as "security group id", + sg ->> 'GroupName' as "security group name" + from + aws_ec2_network_interface + cross join jsonb_array_elements(groups) as sg + order by + eni; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_network_interface_5.yaml b/queries/aws_ec2_network_interface_5.yaml index 3fd6bc8db..b55e5fdd2 100755 --- a/queries/aws_ec2_network_interface_5.yaml +++ b/queries/aws_ec2_network_interface_5.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_network_interface_5 Title: "Find AWS EC2 Network Interfaces and Details" Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_network_interface_5.yaml.bak b/queries/aws_ec2_network_interface_5.yaml.bak new file mode 100755 index 000000000..3fd6bc8db --- /dev/null +++ b/queries/aws_ec2_network_interface_5.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ec2_network_interface_5 +Title: "Find AWS EC2 Network Interfaces and Details" +Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + e.network_interface_id, + v.vpc_id, + v.is_default, + v.cidr_block, + v.state, + v.account_id, + v.region + from + aws_ec2_network_interface e, + aws_vpc v + where + e.vpc_id = v.vpc_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_network_load_balancer_1.yaml b/queries/aws_ec2_network_load_balancer_1.yaml index 3178af29e..fac4bed5d 100755 --- a/queries/aws_ec2_network_load_balancer_1.yaml +++ b/queries/aws_ec2_network_load_balancer_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_network_load_balancer_1 Title: "List all AWS EC2 Network Load Balancer Configurations" Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_network_load_balancer_1.yaml.bak b/queries/aws_ec2_network_load_balancer_1.yaml.bak new file mode 100755 index 000000000..3178af29e --- /dev/null +++ b/queries/aws_ec2_network_load_balancer_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_network_load_balancer_1 +Title: "List all AWS EC2 Network Load Balancer Configurations" +Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + count(az ->> 'ZoneName') as zone_count + from + aws_ec2_network_load_balancer + cross join jsonb_array_elements(availability_zones) as az + group by + name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_2.yaml b/queries/aws_ec2_network_load_balancer_2.yaml index bd99f567c..e71b4108f 100755 --- a/queries/aws_ec2_network_load_balancer_2.yaml +++ b/queries/aws_ec2_network_load_balancer_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_network_load_balancer_2 Title: "Find AWS EC2 Network Load Balancer Configuration and Status" Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_network_load_balancer_2.yaml.bak b/queries/aws_ec2_network_load_balancer_2.yaml.bak new file mode 100755 index 000000000..bd99f567c --- /dev/null +++ b/queries/aws_ec2_network_load_balancer_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_network_load_balancer_2 +Title: "Find AWS EC2 Network Load Balancer Configuration and Status" +Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + lb ->> 'Key' as cross_zone, + lb ->> 'Value' as cross_zone_value + from + aws_ec2_network_load_balancer + cross join jsonb_array_elements(load_balancer_attributes) as lb + where + lb ->> 'Key' = 'load_balancing.cross_zone.enabled' + and lb ->> 'Value' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_3.yaml b/queries/aws_ec2_network_load_balancer_3.yaml index f26ca0592..8b29db7bd 100755 --- a/queries/aws_ec2_network_load_balancer_3.yaml +++ b/queries/aws_ec2_network_load_balancer_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_network_load_balancer_3 Title: "Find AWS EC2 NLB with Access Logs Disabled" Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_network_load_balancer_3.yaml.bak b/queries/aws_ec2_network_load_balancer_3.yaml.bak new file mode 100755 index 000000000..f26ca0592 --- /dev/null +++ b/queries/aws_ec2_network_load_balancer_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ec2_network_load_balancer_3 +Title: "Find AWS EC2 NLB with Access Logs Disabled" +Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + lb ->> 'Key' as logging_key, + lb ->> 'Value' as logging_value + from + aws_ec2_network_load_balancer + cross join jsonb_array_elements(load_balancer_attributes) as lb + where + lb ->> 'Key' = 'access_logs.s3.enabled' + and lb ->> 'Value' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_4.yaml b/queries/aws_ec2_network_load_balancer_4.yaml index 0154fa43b..0e4c02bdf 100755 --- a/queries/aws_ec2_network_load_balancer_4.yaml +++ b/queries/aws_ec2_network_load_balancer_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_network_load_balancer_4 Title: "List all AWS EC2 Network Load Balancer Deletion Protection" Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_network_load_balancer_4.yaml.bak b/queries/aws_ec2_network_load_balancer_4.yaml.bak new file mode 100755 index 000000000..0154fa43b --- /dev/null +++ b/queries/aws_ec2_network_load_balancer_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_network_load_balancer_4 +Title: "List all AWS EC2 Network Load Balancer Deletion Protection" +Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + lb ->> 'Key' as deletion_protection_key, + lb ->> 'Value' as deletion_protection_value + from + aws_ec2_network_load_balancer + cross join jsonb_array_elements(load_balancer_attributes) as lb + where + lb ->> 'Key' = 'deletion_protection.enabled' + and lb ->> 'Value' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml index 98383ce0c..28229db51 100755 --- a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml +++ b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_network_load_balancer_metric_net_flow_count_1 Title: "Query AWS EC2 Network Load Balancer Net Flow Counts" Description: "Allows users to query AWS EC2 Network Load Balancer Metrics for net flow count data. This includes information such as the number of new or terminated flows per minute from a network load balancer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml.bak b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml.bak new file mode 100755 index 000000000..98383ce0c --- /dev/null +++ b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ec2_network_load_balancer_metric_net_flow_count_1 +Title: "Query AWS EC2 Network Load Balancer Net Flow Counts" +Description: "Allows users to query AWS EC2 Network Load Balancer Metrics for net flow count data. This includes information such as the number of new or terminated flows per minute from a network load balancer." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + metric_name, + namespace, + maximum, + minimum, + sample_count, + timestamp + from + aws_ec2_network_load_balancer_metric_net_flow_count + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml index 2161c86c7..3672a284b 100755 --- a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml +++ b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_network_load_balancer_metric_net_flow_count_2 Title: "Find AWS EC2 Network Load Balancer Net Flow Counts" Description: "Allows users to query AWS EC2 Network Load Balancer Metrics for net flow count data. This includes information such as the number of new or terminated flows per minute from a network load balancer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml.bak b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml.bak new file mode 100755 index 000000000..2161c86c7 --- /dev/null +++ b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_ec2_network_load_balancer_metric_net_flow_count_2 +Title: "Find AWS EC2 Network Load Balancer Net Flow Counts" +Description: "Allows users to query AWS EC2 Network Load Balancer Metrics for net flow count data. This includes information such as the number of new or terminated flows per minute from a network load balancer." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + metric_name, + namespace, + maximum, + minimum, + average, + sample_count, + timestamp + from + aws_ec2_network_load_balancer_metric_net_flow_count + where + average < 100 + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml index 36a7f6700..a8cbb61ad 100755 --- a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml +++ b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_network_load_balancer_metric_net_flow_count_daily_1 Title: "Find Network Load Balancer Metrics and Traffic Patterns" Description: "Allows users to query Network Load Balancer Metrics in EC2, specifically the daily net flow count, providing insights into network traffic patterns and potential anomalies." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml.bak b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml.bak new file mode 100755 index 000000000..36a7f6700 --- /dev/null +++ b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_ec2_network_load_balancer_metric_net_flow_count_daily_1 +Title: "Find Network Load Balancer Metrics and Traffic Patterns" +Description: "Allows users to query Network Load Balancer Metrics in EC2, specifically the daily net flow count, providing insights into network traffic patterns and potential anomalies." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + metric_name, + namespace, + maximum, + minimum, + sample_count, + timestamp + from + aws_ec2_network_load_balancer_metric_net_flow_count_daily + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml index feb5203d0..c82e4ce4e 100755 --- a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml +++ b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_network_load_balancer_metric_net_flow_count_daily_2 Title: "List Network Load Balancer Metrics in EC2 Daily" Description: "Allows users to query Network Load Balancer Metrics in EC2, specifically the daily net flow count, providing insights into network traffic patterns and potential anomalies." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml.bak b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml.bak new file mode 100755 index 000000000..feb5203d0 --- /dev/null +++ b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_ec2_network_load_balancer_metric_net_flow_count_daily_2 +Title: "List Network Load Balancer Metrics in EC2 Daily" +Description: "Allows users to query Network Load Balancer Metrics in EC2, specifically the daily net flow count, providing insights into network traffic patterns and potential anomalies." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + metric_name, + namespace, + maximum, + minimum, + average, + sample_count, + timestamp + from + aws_ec2_network_load_balancer_metric_net_flow_count_daily + where + average < 100 + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Network Load Balancer diff --git a/queries/aws_ec2_regional_settings_1.yaml b/queries/aws_ec2_regional_settings_1.yaml index f2fb7faf4..e5da74131 100755 --- a/queries/aws_ec2_regional_settings_1.yaml +++ b/queries/aws_ec2_regional_settings_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_regional_settings_1 Title: "List AWS EC2 Regional Settings including EBS Encryption" Description: "Allows users to query AWS EC2 regional settings, including default EBS encryption and default EBS encryption KMS key." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_regional_settings_1.yaml.bak b/queries/aws_ec2_regional_settings_1.yaml.bak new file mode 100755 index 000000000..f2fb7faf4 --- /dev/null +++ b/queries/aws_ec2_regional_settings_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_regional_settings_1 +Title: "List AWS EC2 Regional Settings including EBS Encryption" +Description: "Allows users to query AWS EC2 regional settings, including default EBS encryption and default EBS encryption KMS key." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + default_ebs_encryption_enabled, + default_ebs_encryption_key, + title, + region + from + aws_ec2_regional_settings; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_regional_settings_2.yaml b/queries/aws_ec2_regional_settings_2.yaml index ea3b7d5ab..95511d259 100755 --- a/queries/aws_ec2_regional_settings_2.yaml +++ b/queries/aws_ec2_regional_settings_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_regional_settings_2 Title: "List all AWS EC2 Regional Settings including EBS encryption" Description: "Allows users to query AWS EC2 regional settings, including default EBS encryption and default EBS encryption KMS key." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_regional_settings_2.yaml.bak b/queries/aws_ec2_regional_settings_2.yaml.bak new file mode 100755 index 000000000..ea3b7d5ab --- /dev/null +++ b/queries/aws_ec2_regional_settings_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_regional_settings_2 +Title: "List all AWS EC2 Regional Settings including EBS encryption" +Description: "Allows users to query AWS EC2 regional settings, including default EBS encryption and default EBS encryption KMS key." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + default_ebs_encryption_enabled, + default_ebs_encryption_key, + title, + region + from + aws_ec2_regional_settings + where + region = 'ap-south-1'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_regional_settings_3.yaml b/queries/aws_ec2_regional_settings_3.yaml index 41d1587f3..f7983148f 100755 --- a/queries/aws_ec2_regional_settings_3.yaml +++ b/queries/aws_ec2_regional_settings_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_regional_settings_3 Title: "List All AWS EC2 Regions With Encryption Settings" Description: "Allows users to query AWS EC2 regional settings, including default EBS encryption and default EBS encryption KMS key." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_regional_settings_3.yaml.bak b/queries/aws_ec2_regional_settings_3.yaml.bak new file mode 100755 index 000000000..41d1587f3 --- /dev/null +++ b/queries/aws_ec2_regional_settings_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ec2_regional_settings_3 +Title: "List All AWS EC2 Regions With Encryption Settings" +Description: "Allows users to query AWS EC2 regional settings, including default EBS encryption and default EBS encryption KMS key." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + region, + default_ebs_encryption_enabled, + default_ebs_encryption_key + from + aws_ec2_regional_settings + where + default_ebs_encryption_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_reserved_instance_1.yaml b/queries/aws_ec2_reserved_instance_1.yaml index 47fcfb494..74213ef9f 100755 --- a/queries/aws_ec2_reserved_instance_1.yaml +++ b/queries/aws_ec2_reserved_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_reserved_instance_1 Title: "Find AWS EC2 Reserved Instances: Configurations and State" Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_reserved_instance_1.yaml.bak b/queries/aws_ec2_reserved_instance_1.yaml.bak new file mode 100755 index 000000000..74213ef9f --- /dev/null +++ b/queries/aws_ec2_reserved_instance_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ec2_reserved_instance_1 +Title: "Find AWS EC2 Reserved Instances: Configurations and State" +Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_instance_id, + arn, + instance_type, + instance_state, + currency_code, + CAST(fixed_price AS varchar), + offering_class, scope, + CAST(usage_price AS varchar) + from + aws_ec2_reserved_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_reserved_instance_1.yaml.bak.bak b/queries/aws_ec2_reserved_instance_1.yaml.bak.bak new file mode 100755 index 000000000..74213ef9f --- /dev/null +++ b/queries/aws_ec2_reserved_instance_1.yaml.bak.bak @@ -0,0 +1,31 @@ +ID: aws_ec2_reserved_instance_1 +Title: "Find AWS EC2 Reserved Instances: Configurations and State" +Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_instance_id, + arn, + instance_type, + instance_state, + currency_code, + CAST(fixed_price AS varchar), + offering_class, scope, + CAST(usage_price AS varchar) + from + aws_ec2_reserved_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_reserved_instance_2.yaml b/queries/aws_ec2_reserved_instance_2.yaml index 07354e644..395c821bf 100755 --- a/queries/aws_ec2_reserved_instance_2.yaml +++ b/queries/aws_ec2_reserved_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_reserved_instance_2 Title: "Find AWS EC2 Reserved Instances by Type" Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_reserved_instance_2.yaml.bak b/queries/aws_ec2_reserved_instance_2.yaml.bak new file mode 100755 index 000000000..07354e644 --- /dev/null +++ b/queries/aws_ec2_reserved_instance_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_reserved_instance_2 +Title: "Find AWS EC2 Reserved Instances by Type" +Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_type, + count(instance_count) as count + from + aws_ec2_reserved_instance + group by + instance_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_reserved_instance_3.yaml b/queries/aws_ec2_reserved_instance_3.yaml index 0d3af6fc1..516397c4d 100755 --- a/queries/aws_ec2_reserved_instance_3.yaml +++ b/queries/aws_ec2_reserved_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_reserved_instance_3 Title: "List all AWS EC2 Reserved Instances and their configurations" Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_reserved_instance_3.yaml.bak b/queries/aws_ec2_reserved_instance_3.yaml.bak new file mode 100755 index 000000000..0d3af6fc1 --- /dev/null +++ b/queries/aws_ec2_reserved_instance_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_reserved_instance_3 +Title: "List all AWS EC2 Reserved Instances and their configurations" +Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_type, + count(*) as count + from + aws_ec2_reserved_instance + where + instance_type not in ('t2.large', 'm3.medium') + group by + instance_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Reserved Instances diff --git a/queries/aws_ec2_reserved_instance_4.yaml b/queries/aws_ec2_reserved_instance_4.yaml index a96702505..a32d6dadf 100755 --- a/queries/aws_ec2_reserved_instance_4.yaml +++ b/queries/aws_ec2_reserved_instance_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_reserved_instance_4 Title: "List all AWS EC2 Reserved Instances and configurations" Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_reserved_instance_4.yaml.bak b/queries/aws_ec2_reserved_instance_4.yaml.bak new file mode 100755 index 000000000..a96702505 --- /dev/null +++ b/queries/aws_ec2_reserved_instance_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_reserved_instance_4 +Title: "List all AWS EC2 Reserved Instances and configurations" +Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_instance_id, + instance_type, + offering_class + from + aws_ec2_reserved_instance + where + offering_class = 'standard'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_reserved_instance_5.yaml b/queries/aws_ec2_reserved_instance_5.yaml index e198f74b3..c9c9b7aab 100755 --- a/queries/aws_ec2_reserved_instance_5.yaml +++ b/queries/aws_ec2_reserved_instance_5.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_reserved_instance_5 Title: "Find AWS EC2 Reserved Instances and Their Configurations" Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_reserved_instance_5.yaml.bak b/queries/aws_ec2_reserved_instance_5.yaml.bak new file mode 100755 index 000000000..e198f74b3 --- /dev/null +++ b/queries/aws_ec2_reserved_instance_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_reserved_instance_5 +Title: "Find AWS EC2 Reserved Instances and Their Configurations" +Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_instance_id, + instance_type, + instance_state + from + aws_ec2_reserved_instance + where + instance_state = 'active'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_spot_price_1.yaml b/queries/aws_ec2_spot_price_1.yaml index 3d0a18e72..a70cace20 100755 --- a/queries/aws_ec2_spot_price_1.yaml +++ b/queries/aws_ec2_spot_price_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_spot_price_1 Title: "Find AWS EC2 Spot Price Data for Specific Instances" Description: "Allows users to query AWS EC2 Spot Price data, including information about the instance type, product description, spot price, and the date and time the price was set." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_spot_price_1.yaml.bak b/queries/aws_ec2_spot_price_1.yaml.bak new file mode 100755 index 000000000..3d0a18e72 --- /dev/null +++ b/queries/aws_ec2_spot_price_1.yaml.bak @@ -0,0 +1,37 @@ +ID: aws_ec2_spot_price_1 +Title: "Find AWS EC2 Spot Price Data for Specific Instances" +Description: "Allows users to query AWS EC2 Spot Price data, including information about the instance type, product description, spot price, and the date and time the price was set." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + availability_zone, + instance_type, + product_description, + spot_price::numeric as spot_price, + create_timestamp as start_time, + lead(create_timestamp, 1, now()) over (partition by instance_type, availability_zone, product_description order by create_timestamp) as stop_time + from + aws_ec2_spot_price + where + instance_type = 'm5.4xlarge' + and product_description = 'Linux/UNIX' + and availability_zone in + ( + 'eu-west-3a', + 'eu-west-3b' + ) + and start_time = now() - interval '1' month + and end_time = now() - interval '1' minute; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_ssl_policy_1.yaml b/queries/aws_ec2_ssl_policy_1.yaml index d83bdafe2..84aee7ed8 100755 --- a/queries/aws_ec2_ssl_policy_1.yaml +++ b/queries/aws_ec2_ssl_policy_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_ssl_policy_1 Title: "Find AWS EC2 SSL Policies Used in Load Balancers" Description: "Allows users to query AWS EC2 SSL Policies to retrieve detailed information about SSL policies used in AWS EC2 Load Balancers." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_ssl_policy_1.yaml.bak b/queries/aws_ec2_ssl_policy_1.yaml.bak new file mode 100755 index 000000000..84aee7ed8 --- /dev/null +++ b/queries/aws_ec2_ssl_policy_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_ssl_policy_1 +Title: "Find AWS EC2 SSL Policies Used in Load Balancers" +Description: "Allows users to query AWS EC2 SSL Policies to retrieve detailed information about SSL policies used in AWS EC2 Load Balancers." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + ssl_protocols + from + aws_ec2_ssl_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_ssl_policy_1.yaml.bak.bak b/queries/aws_ec2_ssl_policy_1.yaml.bak.bak new file mode 100755 index 000000000..84aee7ed8 --- /dev/null +++ b/queries/aws_ec2_ssl_policy_1.yaml.bak.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_ssl_policy_1 +Title: "Find AWS EC2 SSL Policies Used in Load Balancers" +Description: "Allows users to query AWS EC2 SSL Policies to retrieve detailed information about SSL policies used in AWS EC2 Load Balancers." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + ssl_protocols + from + aws_ec2_ssl_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_ssl_policy_2.yaml b/queries/aws_ec2_ssl_policy_2.yaml index db13e6563..88b1b6ef2 100755 --- a/queries/aws_ec2_ssl_policy_2.yaml +++ b/queries/aws_ec2_ssl_policy_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_ssl_policy_2 Title: "Find AWS EC2 SSL Policies Used in Load Balancers" Description: "Allows users to query AWS EC2 SSL Policies to retrieve detailed information about SSL policies used in AWS EC2 Load Balancers." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_ssl_policy_2.yaml.bak b/queries/aws_ec2_ssl_policy_2.yaml.bak new file mode 100755 index 000000000..db13e6563 --- /dev/null +++ b/queries/aws_ec2_ssl_policy_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ec2_ssl_policy_2 +Title: "Find AWS EC2 SSL Policies Used in Load Balancers" +Description: "Allows users to query AWS EC2 SSL Policies to retrieve detailed information about SSL policies used in AWS EC2 Load Balancers." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + ssl_policy + from + aws_ec2_load_balancer_listener listener + join + aws_ec2_ssl_policy ssl_policy + on + listener.ssl_policy = ssl_policy.Name + where + ssl_policy.ciphers @> '[{"Name":"DES-CBC3-SHA"}]'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_target_group_1.yaml b/queries/aws_ec2_target_group_1.yaml index a3a539b82..5b483245c 100755 --- a/queries/aws_ec2_target_group_1.yaml +++ b/queries/aws_ec2_target_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_target_group_1 Title: "Find EC2 Target Groups in AWS Account" Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_target_group_1.yaml.bak b/queries/aws_ec2_target_group_1.yaml.bak new file mode 100755 index 000000000..a3a539b82 --- /dev/null +++ b/queries/aws_ec2_target_group_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_target_group_1 +Title: "Find EC2 Target Groups in AWS Account" +Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + target_group_name, + target_type, + load_balancer_arns, + vpc_id + from + aws_ec2_target_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_target_group_2.yaml b/queries/aws_ec2_target_group_2.yaml index 6476dcdc0..d614283f0 100755 --- a/queries/aws_ec2_target_group_2.yaml +++ b/queries/aws_ec2_target_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_target_group_2 Title: "Find AWS EC2 Target Groups with Health Check Info" Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_target_group_2.yaml.bak b/queries/aws_ec2_target_group_2.yaml.bak new file mode 100755 index 000000000..6476dcdc0 --- /dev/null +++ b/queries/aws_ec2_target_group_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ec2_target_group_2 +Title: "Find AWS EC2 Target Groups with Health Check Info" +Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + health_check_enabled, + protocol, + matcher_http_code, + healthy_threshold_count, + unhealthy_threshold_count, + health_check_enabled, + health_check_interval_seconds, + health_check_path, + health_check_port, + health_check_protocol, + health_check_timeout_seconds + from + aws_ec2_target_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_target_group_3.yaml b/queries/aws_ec2_target_group_3.yaml index ec8d2508b..4d5b651ff 100755 --- a/queries/aws_ec2_target_group_3.yaml +++ b/queries/aws_ec2_target_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_target_group_3 Title: "List all AWS EC2 Target Groups and Relevant Details" Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_target_group_3.yaml.bak b/queries/aws_ec2_target_group_3.yaml.bak new file mode 100755 index 000000000..ec8d2508b --- /dev/null +++ b/queries/aws_ec2_target_group_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_target_group_3 +Title: "List all AWS EC2 Target Groups and Relevant Details" +Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + target_group_name, + target_type, + target -> 'Target' ->> 'AvailabilityZone' as availability_zone, + target -> 'Target' ->> 'Id' as id, + target -> 'Target' ->> 'Port' as port + from + aws_ec2_target_group + cross join jsonb_array_elements(target_health_descriptions) as target; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS EC2 diff --git a/queries/aws_ec2_target_group_4.yaml b/queries/aws_ec2_target_group_4.yaml index 4e856e479..679a718bb 100755 --- a/queries/aws_ec2_target_group_4.yaml +++ b/queries/aws_ec2_target_group_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_target_group_4 Title: "Find all AWS EC2 Target Groups and their states" Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_target_group_4.yaml.bak b/queries/aws_ec2_target_group_4.yaml.bak new file mode 100755 index 000000000..4e856e479 --- /dev/null +++ b/queries/aws_ec2_target_group_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_target_group_4 +Title: "Find all AWS EC2 Target Groups and their states" +Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + target_group_name, + target_type, + target -> 'TargetHealth' ->> 'Description' as description, + target -> 'TargetHealth' ->> 'Reason' reason, + target -> 'TargetHealth' ->> 'State' as state + from + aws_ec2_target_group + cross join jsonb_array_elements(target_health_descriptions) as target; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_transit_gateway_1.yaml b/queries/aws_ec2_transit_gateway_1.yaml index 02464c654..453a51d93 100755 --- a/queries/aws_ec2_transit_gateway_1.yaml +++ b/queries/aws_ec2_transit_gateway_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_transit_gateway_1 Title: "List all AWS EC2 Transit Gateway configurations and statuses" Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_transit_gateway_1.yaml.bak b/queries/aws_ec2_transit_gateway_1.yaml.bak new file mode 100755 index 000000000..02464c654 --- /dev/null +++ b/queries/aws_ec2_transit_gateway_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_transit_gateway_1 +Title: "List all AWS EC2 Transit Gateway configurations and statuses" +Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + transit_gateway_id, + state, + owner_id, + creation_time + from + aws_ec2_transit_gateway; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_2.yaml b/queries/aws_ec2_transit_gateway_2.yaml index 214090973..79d72655d 100755 --- a/queries/aws_ec2_transit_gateway_2.yaml +++ b/queries/aws_ec2_transit_gateway_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_transit_gateway_2 Title: "Find AWS EC2 Transit Gateway Configuration Details" Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_transit_gateway_2.yaml.bak b/queries/aws_ec2_transit_gateway_2.yaml.bak new file mode 100755 index 000000000..214090973 --- /dev/null +++ b/queries/aws_ec2_transit_gateway_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_transit_gateway_2 +Title: "Find AWS EC2 Transit Gateway Configuration Details" +Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + transit_gateway_id, + auto_accept_shared_attachments + from + aws_ec2_transit_gateway + where + auto_accept_shared_attachments = 'enable'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_3.yaml b/queries/aws_ec2_transit_gateway_3.yaml index c7327a7b9..d41fc9d0e 100755 --- a/queries/aws_ec2_transit_gateway_3.yaml +++ b/queries/aws_ec2_transit_gateway_3.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_transit_gateway_3 Title: "Find AWS EC2 Transit Gateway Configuration and Status" Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_transit_gateway_3.yaml.bak b/queries/aws_ec2_transit_gateway_3.yaml.bak new file mode 100755 index 000000000..c7327a7b9 --- /dev/null +++ b/queries/aws_ec2_transit_gateway_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_transit_gateway_3 +Title: "Find AWS EC2 Transit Gateway Configuration and Status" +Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + association_default_route_table_id, + count(transit_gateway_id) as transit_gateway + from + aws_ec2_transit_gateway + group by + association_default_route_table_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_4.yaml b/queries/aws_ec2_transit_gateway_4.yaml index 4a8f33276..5ac5b8264 100755 --- a/queries/aws_ec2_transit_gateway_4.yaml +++ b/queries/aws_ec2_transit_gateway_4.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_transit_gateway_4 Title: "Find AWS EC2 Transit Gateway Details" Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_transit_gateway_4.yaml.bak b/queries/aws_ec2_transit_gateway_4.yaml.bak new file mode 100755 index 000000000..5ac5b8264 --- /dev/null +++ b/queries/aws_ec2_transit_gateway_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_transit_gateway_4 +Title: "Find AWS EC2 Transit Gateway Details" +Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + transit_gateway_id, + tags + from + aws_ec2_transit_gateway + where + not tags :: JSONB ? 'application'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_4.yaml.bak.bak b/queries/aws_ec2_transit_gateway_4.yaml.bak.bak new file mode 100755 index 000000000..5ac5b8264 --- /dev/null +++ b/queries/aws_ec2_transit_gateway_4.yaml.bak.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_transit_gateway_4 +Title: "Find AWS EC2 Transit Gateway Details" +Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + transit_gateway_id, + tags + from + aws_ec2_transit_gateway + where + not tags :: JSONB ? 'application'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_route_1.yaml b/queries/aws_ec2_transit_gateway_route_1.yaml index 50cb9bf6c..9f14e9fb4 100755 --- a/queries/aws_ec2_transit_gateway_route_1.yaml +++ b/queries/aws_ec2_transit_gateway_route_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_transit_gateway_route_1 Title: "Find AWS EC2 Transit Gateway Routes Information" Description: "Allows users to query AWS EC2 Transit Gateway Routes for detailed information about each route, including the destination CIDR block, the route''s current state, and the transit gateway attachments." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_transit_gateway_route_1.yaml.bak b/queries/aws_ec2_transit_gateway_route_1.yaml.bak new file mode 100755 index 000000000..50cb9bf6c --- /dev/null +++ b/queries/aws_ec2_transit_gateway_route_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ec2_transit_gateway_route_1 +Title: "Find AWS EC2 Transit Gateway Routes Information" +Description: "Allows users to query AWS EC2 Transit Gateway Routes for detailed information about each route, including the destination CIDR block, the route''s current state, and the transit gateway attachments." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + transit_gateway_route_table_id, + destination_cidr_block, + prefix_list_id, + state, + type + from + aws_ec2_transit_gateway_route; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_route_2.yaml b/queries/aws_ec2_transit_gateway_route_2.yaml index 2e86ed118..57e576886 100755 --- a/queries/aws_ec2_transit_gateway_route_2.yaml +++ b/queries/aws_ec2_transit_gateway_route_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_transit_gateway_route_2 Title: "Find All AWS EC2 Transit Gateway Routes by State" Description: "Allows users to query AWS EC2 Transit Gateway Routes for detailed information about each route, including the destination CIDR block, the route''s current state, and the transit gateway attachments." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_transit_gateway_route_2.yaml.bak b/queries/aws_ec2_transit_gateway_route_2.yaml.bak new file mode 100755 index 000000000..2e86ed118 --- /dev/null +++ b/queries/aws_ec2_transit_gateway_route_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_transit_gateway_route_2 +Title: "Find All AWS EC2 Transit Gateway Routes by State" +Description: "Allows users to query AWS EC2 Transit Gateway Routes for detailed information about each route, including the destination CIDR block, the route''s current state, and the transit gateway attachments." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + transit_gateway_route_table_id, + destination_cidr_block, + state, + type + from + aws_ec2_transit_gateway_route + where + state = 'active'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_route_table_1.yaml b/queries/aws_ec2_transit_gateway_route_table_1.yaml index ef662dee6..a9a58e665 100755 --- a/queries/aws_ec2_transit_gateway_route_table_1.yaml +++ b/queries/aws_ec2_transit_gateway_route_table_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_transit_gateway_route_table_1 Title: "List all AWS EC2 Transit Gateway Route Tables with Details" Description: "Allows users to query AWS EC2 Transit Gateway Route Tables and retrieve detailed information about each route table, including its ID, state, transit gateway ID, and other associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_transit_gateway_route_table_1.yaml.bak b/queries/aws_ec2_transit_gateway_route_table_1.yaml.bak new file mode 100755 index 000000000..ef662dee6 --- /dev/null +++ b/queries/aws_ec2_transit_gateway_route_table_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ec2_transit_gateway_route_table_1 +Title: "List all AWS EC2 Transit Gateway Route Tables with Details" +Description: "Allows users to query AWS EC2 Transit Gateway Route Tables and retrieve detailed information about each route table, including its ID, state, transit gateway ID, and other associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + transit_gateway_route_table_id, + transit_gateway_id, + default_association_route_table, + default_propagation_route_table + from + aws_ec2_transit_gateway_route_table; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_route_table_2.yaml b/queries/aws_ec2_transit_gateway_route_table_2.yaml index 8deb03d75..0a18ba826 100755 --- a/queries/aws_ec2_transit_gateway_route_table_2.yaml +++ b/queries/aws_ec2_transit_gateway_route_table_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_transit_gateway_route_table_2 Title: "List all AWS EC2 Transit Gateway Route Tables by ID and State" Description: "Allows users to query AWS EC2 Transit Gateway Route Tables and retrieve detailed information about each route table, including its ID, state, transit gateway ID, and other associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_transit_gateway_route_table_2.yaml.bak b/queries/aws_ec2_transit_gateway_route_table_2.yaml.bak new file mode 100755 index 000000000..8deb03d75 --- /dev/null +++ b/queries/aws_ec2_transit_gateway_route_table_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_transit_gateway_route_table_2 +Title: "List all AWS EC2 Transit Gateway Route Tables by ID and State" +Description: "Allows users to query AWS EC2 Transit Gateway Route Tables and retrieve detailed information about each route table, including its ID, state, transit gateway ID, and other associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + transit_gateway_id, + count(transit_gateway_route_table_id) as transit_gateway_route_table_count + from + aws_ec2_transit_gateway_route_table + group by + transit_gateway_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml b/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml index 590087678..769d0d36c 100755 --- a/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml +++ b/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_transit_gateway_vpc_attachment_1 Title: "List all AWS EC2 Transit Gateway VPC Attachments" Description: "Allows users to query AWS EC2 Transit Gateway VPC Attachments for details such as the attachment state, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml.bak b/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml.bak new file mode 100755 index 000000000..590087678 --- /dev/null +++ b/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ec2_transit_gateway_vpc_attachment_1 +Title: "List all AWS EC2 Transit Gateway VPC Attachments" +Description: "Allows users to query AWS EC2 Transit Gateway VPC Attachments for details such as the attachment state, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + transit_gateway_attachment_id, + transit_gateway_id, + state, + transit_gateway_owner_id, + creation_time, + association_state + from + aws_ec2_transit_gateway_vpc_attachment; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 diff --git a/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml b/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml index 770ae5462..c4f7f89c0 100755 --- a/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml +++ b/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml @@ -1,7 +1,7 @@ ID: aws_ec2_transit_gateway_vpc_attachment_2 Title: "List all AWS EC2 Transit Gateway VPC Attachments by Resource Type" Description: "Allows users to query AWS EC2 Transit Gateway VPC Attachments for details such as the attachment state, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml.bak b/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml.bak new file mode 100755 index 000000000..770ae5462 --- /dev/null +++ b/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ec2_transit_gateway_vpc_attachment_2 +Title: "List all AWS EC2 Transit Gateway VPC Attachments by Resource Type" +Description: "Allows users to query AWS EC2 Transit Gateway VPC Attachments for details such as the attachment state, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_type, + count(transit_gateway_attachment_id) as count + from + aws_ec2_transit_gateway_vpc_attachment + group by + resource_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EC2 Transit Gateway diff --git a/queries/aws_ecr_image_1.yaml b/queries/aws_ecr_image_1.yaml index e86f61413..5b37f4cf5 100755 --- a/queries/aws_ecr_image_1.yaml +++ b/queries/aws_ecr_image_1.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_image_1 Title: "List all Amazon ECR Images with Detailed Information" Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_image_1.yaml.bak b/queries/aws_ecr_image_1.yaml.bak new file mode 100755 index 000000000..e86f61413 --- /dev/null +++ b/queries/aws_ecr_image_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ecr_image_1 +Title: "List all Amazon ECR Images with Detailed Information" +Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + image_digest, + image_pushed_at, + image_size_in_bytes, + registry_id, + image_scan_status, + image_tags + from + aws_ecr_image; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon ECR diff --git a/queries/aws_ecr_image_2.yaml b/queries/aws_ecr_image_2.yaml index 261cac10a..7fab94a2d 100755 --- a/queries/aws_ecr_image_2.yaml +++ b/queries/aws_ecr_image_2.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_image_2 Title: "List all Amazon ECR Images with Detailed Information" Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_image_2.yaml.bak b/queries/aws_ecr_image_2.yaml.bak new file mode 100755 index 000000000..7fab94a2d --- /dev/null +++ b/queries/aws_ecr_image_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ecr_image_2 +Title: "List all Amazon ECR Images with Detailed Information" +Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + image_scan_findings_summary ->> 'FindingSeverityCounts' as finding_severity_counts, + image_scan_findings_summary ->> 'ImageScanCompletedAt' as image_scan_completed_at, + image_scan_findings_summary ->> 'VulnerabilitySourceUpdatedAt' as vulnerability_source_updated_at + from + aws_ecr_image; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecr_image_2.yaml.bak.bak b/queries/aws_ecr_image_2.yaml.bak.bak new file mode 100755 index 000000000..7fab94a2d --- /dev/null +++ b/queries/aws_ecr_image_2.yaml.bak.bak @@ -0,0 +1,25 @@ +ID: aws_ecr_image_2 +Title: "List all Amazon ECR Images with Detailed Information" +Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + image_scan_findings_summary ->> 'FindingSeverityCounts' as finding_severity_counts, + image_scan_findings_summary ->> 'ImageScanCompletedAt' as image_scan_completed_at, + image_scan_findings_summary ->> 'VulnerabilitySourceUpdatedAt' as vulnerability_source_updated_at + from + aws_ecr_image; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecr_image_3.yaml b/queries/aws_ecr_image_3.yaml index 39f335fb5..b782a6a56 100755 --- a/queries/aws_ecr_image_3.yaml +++ b/queries/aws_ecr_image_3.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_image_3 Title: "List all Amazon ECR Images and Retrieve Detailed Info" Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_image_3.yaml.bak b/queries/aws_ecr_image_3.yaml.bak new file mode 100755 index 000000000..39f335fb5 --- /dev/null +++ b/queries/aws_ecr_image_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ecr_image_3 +Title: "List all Amazon ECR Images and Retrieve Detailed Info" +Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + registry_id, + image_digest, + image_tags + from + aws_ecr_image; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Elastic Container Registry diff --git a/queries/aws_ecr_image_4.yaml b/queries/aws_ecr_image_4.yaml index 99a51d9ee..ee543282b 100755 --- a/queries/aws_ecr_image_4.yaml +++ b/queries/aws_ecr_image_4.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_image_4 Title: "List All Amazon ECR Images and Their Details" Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_image_4.yaml.bak b/queries/aws_ecr_image_4.yaml.bak new file mode 100755 index 000000000..99a51d9ee --- /dev/null +++ b/queries/aws_ecr_image_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ecr_image_4 +Title: "List All Amazon ECR Images and Their Details" +Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + image_digest, + image_pushed_at, + image_size_in_bytes + from + aws_ecr_image + where + image_pushed_at >= now() - interval '10' day + and + repository_name = 'test1'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Elastic Container Registry diff --git a/queries/aws_ecr_image_5.yaml b/queries/aws_ecr_image_5.yaml index 9a5509b48..dc5631bb8 100755 --- a/queries/aws_ecr_image_5.yaml +++ b/queries/aws_ecr_image_5.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_image_5 Title: "Find all Amazon ECR Images and Retrieve Detailed Info" Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_image_5.yaml.bak b/queries/aws_ecr_image_5.yaml.bak new file mode 100755 index 000000000..9a5509b48 --- /dev/null +++ b/queries/aws_ecr_image_5.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ecr_image_5 +Title: "Find all Amazon ECR Images and Retrieve Detailed Info" +Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i.repository_name as repository_name, + r.repository_uri as repository_uri, + i.image_digest as image_digest, + i.image_tags as image_tags + from + aws_ecr_image as i, + aws_ecr_repository as r + where + i.repository_name = r.repository_name + and + r.created_at >= now() - interval '20' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Elastic Container Registry diff --git a/queries/aws_ecr_image_6.yaml b/queries/aws_ecr_image_6.yaml index 0f168bb8c..be398a1cd 100755 --- a/queries/aws_ecr_image_6.yaml +++ b/queries/aws_ecr_image_6.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_image_6 Title: "Find Amazon ECR Images and Retrieve Detailed Information" Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_image_6.yaml.bak b/queries/aws_ecr_image_6.yaml.bak new file mode 100755 index 000000000..0f168bb8c --- /dev/null +++ b/queries/aws_ecr_image_6.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ecr_image_6 +Title: "Find Amazon ECR Images and Retrieve Detailed Information" +Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i.repository_name as repository_name, + r.repository_uri as repository_uri, + i.image_digest as image_digest, + i.image_tags as image_tags, + s ->> 'Effect' as effect, + s ->> 'Action' as action, + s ->> 'Condition' as condition, + s ->> 'Principal' as principal + from + aws_ecr_image as i, + aws_ecr_repository as r, + jsonb_array_elements(r.policy -> 'Statement') as s + where + i.repository_name = r.repository_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Elastic Container Registry diff --git a/queries/aws_ecr_image_7.yaml b/queries/aws_ecr_image_7.yaml index d3c082868..a49c600a4 100755 --- a/queries/aws_ecr_image_7.yaml +++ b/queries/aws_ecr_image_7.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_image_7 Title: "List all Amazon ECR Images with Details" Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_image_7.yaml.bak b/queries/aws_ecr_image_7.yaml.bak new file mode 100755 index 000000000..d3c082868 --- /dev/null +++ b/queries/aws_ecr_image_7.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ecr_image_7 +Title: "List all Amazon ECR Images with Details" +Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + artifact_name, + artifact_type, + metadata, + results + from + trivy_scan_artifact as a, + aws_ecr_image as i + where + artifact_name = image_uri + and repository_name = 'hello'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Elastic Container Registry diff --git a/queries/aws_ecr_image_scan_finding_1.yaml b/queries/aws_ecr_image_scan_finding_1.yaml index 5cfcce7db..d645f4fa0 100755 --- a/queries/aws_ecr_image_scan_finding_1.yaml +++ b/queries/aws_ecr_image_scan_finding_1.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_image_scan_finding_1 Title: "Find all AWS ECR Image Scan Findings Details" Description: "Allows users to query Amazon ECR Image Scan Findings to retrieve detailed information about image scan findings, including attributes such as the severity of the finding, description, and package name where the vulnerability was found." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_image_scan_finding_1.yaml.bak b/queries/aws_ecr_image_scan_finding_1.yaml.bak new file mode 100755 index 000000000..5cfcce7db --- /dev/null +++ b/queries/aws_ecr_image_scan_finding_1.yaml.bak @@ -0,0 +1,38 @@ +ID: aws_ecr_image_scan_finding_1 +Title: "Find all AWS ECR Image Scan Findings Details" +Description: "Allows users to query Amazon ECR Image Scan Findings to retrieve detailed information about image scan findings, including attributes such as the severity of the finding, description, and package name where the vulnerability was found." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + image_tag, + name, + severity, + description, + attributes, + uri, + image_scan_status, + image_scan_completed_at, + vulnerability_source_updated_at + from + aws_ecr_image_scan_finding + where + repository_name = 'my-repo' + and image_tag = 'my-image-tag'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecr_image_scan_finding_2.yaml b/queries/aws_ecr_image_scan_finding_2.yaml index 45d356012..4f755817f 100755 --- a/queries/aws_ecr_image_scan_finding_2.yaml +++ b/queries/aws_ecr_image_scan_finding_2.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_image_scan_finding_2 Title: "Find Amazon ECR Image Scan Findings for Recent Images" Description: "Allows users to query Amazon ECR Image Scan Findings to retrieve detailed information about image scan findings, including attributes such as the severity of the finding, description, and package name where the vulnerability was found." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_image_scan_finding_2.yaml.bak b/queries/aws_ecr_image_scan_finding_2.yaml.bak new file mode 100755 index 000000000..45d356012 --- /dev/null +++ b/queries/aws_ecr_image_scan_finding_2.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_ecr_image_scan_finding_2 +Title: "Find Amazon ECR Image Scan Findings for Recent Images" +Description: "Allows users to query Amazon ECR Image Scan Findings to retrieve detailed information about image scan findings, including attributes such as the severity of the finding, description, and package name where the vulnerability was found." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + f.repository_name, + f.image_tag, + f.name, + f.severity, + jsonb_pretty(f.attributes) as attributes + from + ( + select + repository_name, + jsonb_array_elements_text(image_tags) as image_tag + from + aws_ecr_image as i + where + i.image_pushed_at > now() - interval '24' hour + ) + images + left outer join + aws_ecr_image_scan_finding as f + on images.repository_name = f.repository_name + and images.image_tag = f.image_tag; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon ECR diff --git a/queries/aws_ecr_registry_scanning_configuration_1.yaml b/queries/aws_ecr_registry_scanning_configuration_1.yaml index 4823bc31b..0d4d3b910 100755 --- a/queries/aws_ecr_registry_scanning_configuration_1.yaml +++ b/queries/aws_ecr_registry_scanning_configuration_1.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_registry_scanning_configuration_1 Title: "List AWS ECR Registry Scanning Configurations by Region" Description: "Allows users to query AWS ECR Registry Scanning Configuration at the private registry level on a per-region basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_registry_scanning_configuration_1.yaml.bak b/queries/aws_ecr_registry_scanning_configuration_1.yaml.bak new file mode 100755 index 000000000..4823bc31b --- /dev/null +++ b/queries/aws_ecr_registry_scanning_configuration_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ecr_registry_scanning_configuration_1 +Title: "List AWS ECR Registry Scanning Configurations by Region" +Description: "Allows users to query AWS ECR Registry Scanning Configuration at the private registry level on a per-region basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + registry_id, + jsonb_pretty(scanning_configuration), + region + from + aws_ecr_registry_scanning_configuration; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ECR diff --git a/queries/aws_ecr_registry_scanning_configuration_2.yaml b/queries/aws_ecr_registry_scanning_configuration_2.yaml index 305c0eb18..207ddf6b4 100755 --- a/queries/aws_ecr_registry_scanning_configuration_2.yaml +++ b/queries/aws_ecr_registry_scanning_configuration_2.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_registry_scanning_configuration_2 Title: "Find AWS ECR Registry Scanning Configuration per Region" Description: "Allows users to query AWS ECR Registry Scanning Configuration at the private registry level on a per-region basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_registry_scanning_configuration_2.yaml.bak b/queries/aws_ecr_registry_scanning_configuration_2.yaml.bak new file mode 100755 index 000000000..305c0eb18 --- /dev/null +++ b/queries/aws_ecr_registry_scanning_configuration_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ecr_registry_scanning_configuration_2 +Title: "Find AWS ECR Registry Scanning Configuration per Region" +Description: "Allows users to query AWS ECR Registry Scanning Configuration at the private registry level on a per-region basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + registry_id, + jsonb_pretty(scanning_configuration), + region + from + aws_ecr_registry_scanning_configuration + where + region = 'ap-south-1'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ECR diff --git a/queries/aws_ecr_registry_scanning_configuration_3.yaml b/queries/aws_ecr_registry_scanning_configuration_3.yaml index 2a99992a1..6268df25d 100755 --- a/queries/aws_ecr_registry_scanning_configuration_3.yaml +++ b/queries/aws_ecr_registry_scanning_configuration_3.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_registry_scanning_configuration_3 Title: "Query AWS ECR Registry Scanning Configuration by Region" Description: "Allows users to query AWS ECR Registry Scanning Configuration at the private registry level on a per-region basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_registry_scanning_configuration_3.yaml.bak b/queries/aws_ecr_registry_scanning_configuration_3.yaml.bak new file mode 100755 index 000000000..2a99992a1 --- /dev/null +++ b/queries/aws_ecr_registry_scanning_configuration_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ecr_registry_scanning_configuration_3 +Title: "Query AWS ECR Registry Scanning Configuration by Region" +Description: "Allows users to query AWS ECR Registry Scanning Configuration at the private registry level on a per-region basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + registry_id, + region + from + aws_ecr_registry_scanning_configuration + where + scanning_configuration ->> 'ScanType' = 'ENHANCED' + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ECR Registry diff --git a/queries/aws_ecr_repository_1.yaml b/queries/aws_ecr_repository_1.yaml index 674315e09..b4585cc6c 100755 --- a/queries/aws_ecr_repository_1.yaml +++ b/queries/aws_ecr_repository_1.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_repository_1 Title: "List all AWS ECR Repositories and Retrieve Details" Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_repository_1.yaml.bak b/queries/aws_ecr_repository_1.yaml.bak new file mode 100755 index 000000000..674315e09 --- /dev/null +++ b/queries/aws_ecr_repository_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ecr_repository_1 +Title: "List all AWS ECR Repositories and Retrieve Details" +Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + registry_id, + arn, + repository_uri, + created_at, + region, + account_id + from + aws_ecr_repository; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecr_repository_10.yaml b/queries/aws_ecr_repository_10.yaml index 05ec54cec..304f4fa86 100755 --- a/queries/aws_ecr_repository_10.yaml +++ b/queries/aws_ecr_repository_10.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_repository_10 Title: "List all AWS ECR Repositories with Detailed Information" Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_repository_10.yaml.bak b/queries/aws_ecr_repository_10.yaml.bak new file mode 100755 index 000000000..05ec54cec --- /dev/null +++ b/queries/aws_ecr_repository_10.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ecr_repository_10 +Title: "List all AWS ECR Repositories with Detailed Information" +Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + r ->> 'RepositoryArn' as repository_arn, + r ->> 'ScanFrequency' as scan_frequency + from + aws_ecr_repository, + jsonb_array_elements(repository_scanning_configuration -> 'ScanningConfigurations') as r + where + r ->> 'ScanFrequency' = 'MANUAL'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry (ECR) diff --git a/queries/aws_ecr_repository_11.yaml b/queries/aws_ecr_repository_11.yaml index 9b7ad6c46..f575bc98e 100755 --- a/queries/aws_ecr_repository_11.yaml +++ b/queries/aws_ecr_repository_11.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_repository_11 Title: "List AWS ECR Repositories and their Scan Status" Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_repository_11.yaml.bak b/queries/aws_ecr_repository_11.yaml.bak new file mode 100755 index 000000000..9b7ad6c46 --- /dev/null +++ b/queries/aws_ecr_repository_11.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ecr_repository_11 +Title: "List AWS ECR Repositories and their Scan Status" +Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + r ->> 'RepositoryArn' as repository_arn, + r ->> 'ScanOnPush' as scan_on_push + from + aws_ecr_repository, + jsonb_array_elements(repository_scanning_configuration -> 'ScanningConfigurations') as r + where + r ->> 'ScanOnPush' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecr_repository_2.yaml b/queries/aws_ecr_repository_2.yaml index 9e3067ae7..22336bdf3 100755 --- a/queries/aws_ecr_repository_2.yaml +++ b/queries/aws_ecr_repository_2.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_repository_2 Title: "Find AWS ECR Repositories with AES256 Encryption" Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_repository_2.yaml.bak b/queries/aws_ecr_repository_2.yaml.bak new file mode 100755 index 000000000..22336bdf3 --- /dev/null +++ b/queries/aws_ecr_repository_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ecr_repository_2 +Title: "Find AWS ECR Repositories with AES256 Encryption" +Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + encryption_configuration ->> 'EncryptionType' as encryption_type, + encryption_configuration ->> 'KmsKey' as kms_key + from + aws_ecr_repository + where + encryption_configuration ->> 'EncryptionType' = 'AES256'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecr_repository_2.yaml.bak.bak b/queries/aws_ecr_repository_2.yaml.bak.bak new file mode 100755 index 000000000..22336bdf3 --- /dev/null +++ b/queries/aws_ecr_repository_2.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_ecr_repository_2 +Title: "Find AWS ECR Repositories with AES256 Encryption" +Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + encryption_configuration ->> 'EncryptionType' as encryption_type, + encryption_configuration ->> 'KmsKey' as kms_key + from + aws_ecr_repository + where + encryption_configuration ->> 'EncryptionType' = 'AES256'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecr_repository_3.yaml b/queries/aws_ecr_repository_3.yaml index 049605c3c..2409ed519 100755 --- a/queries/aws_ecr_repository_3.yaml +++ b/queries/aws_ecr_repository_3.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_repository_3 Title: "Find AWS ECR Repositories Not Scanning on Push" Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_repository_3.yaml.bak b/queries/aws_ecr_repository_3.yaml.bak new file mode 100755 index 000000000..049605c3c --- /dev/null +++ b/queries/aws_ecr_repository_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ecr_repository_3 +Title: "Find AWS ECR Repositories Not Scanning on Push" +Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + image_scanning_configuration ->> 'ScanOnPush' as scan_on_push + from + aws_ecr_repository + where + image_scanning_configuration ->> 'ScanOnPush' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecr_repository_4.yaml b/queries/aws_ecr_repository_4.yaml index 50a5def0e..e1a8f97c6 100755 --- a/queries/aws_ecr_repository_4.yaml +++ b/queries/aws_ecr_repository_4.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_repository_4 Title: "List All AWS ECR Repositories and Retrieve Details" Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_repository_4.yaml.bak b/queries/aws_ecr_repository_4.yaml.bak new file mode 100755 index 000000000..50a5def0e --- /dev/null +++ b/queries/aws_ecr_repository_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ecr_repository_4 +Title: "List All AWS ECR Repositories and Retrieve Details" +Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.repository_name as repository_name, + i.image_digest as image_digest, + i.image_tags as image_tags, + i.image_pushed_at as image_pushed_at, + i.image_size_in_bytes as image_size_in_bytes, + i.last_recorded_pull_time as last_recorded_pull_time, + i.registry_id as registry_id, + i.image_scan_status as image_scan_status + from + aws_ecr_repository as r, + aws_ecr_image as i + where + r.repository_name = i.repository_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecr_repository_5.yaml b/queries/aws_ecr_repository_5.yaml index 1498828d0..9c7751e21 100755 --- a/queries/aws_ecr_repository_5.yaml +++ b/queries/aws_ecr_repository_5.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_repository_5 Title: "Find AWS ECR Repositories with Failed Image Scans" Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_repository_5.yaml.bak b/queries/aws_ecr_repository_5.yaml.bak new file mode 100755 index 000000000..1498828d0 --- /dev/null +++ b/queries/aws_ecr_repository_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ecr_repository_5 +Title: "Find AWS ECR Repositories with Failed Image Scans" +Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.repository_name as repository_name, + i.image_digest as image_digest, + i.image_scan_status as image_scan_status + from + aws_ecr_repository as r, + aws_ecr_image as i + where + r.repository_name = i.repository_name + and i.image_scan_status ->> 'Status' = 'FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecr_repository_6.yaml b/queries/aws_ecr_repository_6.yaml index 9a8a61861..3f40e5aa0 100755 --- a/queries/aws_ecr_repository_6.yaml +++ b/queries/aws_ecr_repository_6.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_repository_6 Title: "List all AWS ECR Repositories with Immutable Tags" Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_repository_6.yaml.bak b/queries/aws_ecr_repository_6.yaml.bak new file mode 100755 index 000000000..9a8a61861 --- /dev/null +++ b/queries/aws_ecr_repository_6.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ecr_repository_6 +Title: "List all AWS ECR Repositories with Immutable Tags" +Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + image_tag_mutability + from + aws_ecr_repository + where + image_tag_mutability = 'IMMUTABLE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecr_repository_7.yaml b/queries/aws_ecr_repository_7.yaml index c15722cce..9669d172d 100755 --- a/queries/aws_ecr_repository_7.yaml +++ b/queries/aws_ecr_repository_7.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_repository_7 Title: "List all AWS ECR Repositories and Retrieve Detailed Information" Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_repository_7.yaml.bak b/queries/aws_ecr_repository_7.yaml.bak new file mode 100755 index 000000000..c15722cce --- /dev/null +++ b/queries/aws_ecr_repository_7.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_ecr_repository_7 +Title: "List all AWS ECR Repositories and Retrieve Detailed Information" +Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + r -> 'selection' ->> 'tagStatus' as tag_status, + r -> 'selection' ->> 'countType' as count_type + from + aws_ecr_repository, + jsonb_array_elements(lifecycle_policy -> 'rules') as r + where + ( + (r -> 'selection' ->> 'tagStatus' <> 'untagged') + and ( + r -> 'selection' ->> 'countType' <> 'sinceImagePushed' + ) + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecr_repository_8.yaml b/queries/aws_ecr_repository_8.yaml index 2cdebec79..43143a3a6 100755 --- a/queries/aws_ecr_repository_8.yaml +++ b/queries/aws_ecr_repository_8.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_repository_8 Title: "Find AWS ECR Repositories Details with SQL Query" Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_repository_8.yaml.bak b/queries/aws_ecr_repository_8.yaml.bak new file mode 100755 index 000000000..2cdebec79 --- /dev/null +++ b/queries/aws_ecr_repository_8.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ecr_repository_8 +Title: "Find AWS ECR Repositories Details with SQL Query" +Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_ecr_repository, + jsonb_array_elements(policy -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a + where + s ->> 'Effect' = 'Allow' + and a in ('*', 'ecr:*'); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecr_repository_9.yaml b/queries/aws_ecr_repository_9.yaml index 36c671f2e..a1d2b5044 100755 --- a/queries/aws_ecr_repository_9.yaml +++ b/queries/aws_ecr_repository_9.yaml @@ -1,7 +1,7 @@ ID: aws_ecr_repository_9 Title: "Find All Repositories in AWS ECR with Details" Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecr_repository_9.yaml.bak b/queries/aws_ecr_repository_9.yaml.bak new file mode 100755 index 000000000..36c671f2e --- /dev/null +++ b/queries/aws_ecr_repository_9.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ecr_repository_9 +Title: "Find All Repositories in AWS ECR with Details" +Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + r ->> 'AppliedScanFilters' as applied_scan_filters, + r ->> 'RepositoryArn' as repository_arn, + r ->> 'ScanFrequency' as scan_frequency, + r ->> 'ScanOnPush' as scan_on_push + from + aws_ecr_repository, + jsonb_array_elements(repository_scanning_configuration -> 'ScanningConfigurations') as r; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry diff --git a/queries/aws_ecrpublic_repository_1.yaml b/queries/aws_ecrpublic_repository_1.yaml index db7d7fa3d..b7a390e37 100755 --- a/queries/aws_ecrpublic_repository_1.yaml +++ b/queries/aws_ecrpublic_repository_1.yaml @@ -1,7 +1,7 @@ ID: aws_ecrpublic_repository_1 Title: "Find all AWS Elastic Container Registry Public Repositories" Description: "Allows users to query AWS Elastic Container Registry Public Repository to get detailed information about each ECR public repository within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecrpublic_repository_1.yaml.bak b/queries/aws_ecrpublic_repository_1.yaml.bak new file mode 100755 index 000000000..db7d7fa3d --- /dev/null +++ b/queries/aws_ecrpublic_repository_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ecrpublic_repository_1 +Title: "Find all AWS Elastic Container Registry Public Repositories" +Description: "Allows users to query AWS Elastic Container Registry Public Repository to get detailed information about each ECR public repository within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + repository_name, + registry_id, + arn, + repository_uri, + created_at, + region, + account_id + from + aws_ecrpublic_repository; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry Public diff --git a/queries/aws_ecrpublic_repository_2.yaml b/queries/aws_ecrpublic_repository_2.yaml index e94348444..814ea8929 100755 --- a/queries/aws_ecrpublic_repository_2.yaml +++ b/queries/aws_ecrpublic_repository_2.yaml @@ -1,7 +1,7 @@ ID: aws_ecrpublic_repository_2 Title: "Query Detailed Info for AWS ECR Public Repositories" Description: "Allows users to query AWS Elastic Container Registry Public Repository to get detailed information about each ECR public repository within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecrpublic_repository_2.yaml.bak b/queries/aws_ecrpublic_repository_2.yaml.bak new file mode 100755 index 000000000..e94348444 --- /dev/null +++ b/queries/aws_ecrpublic_repository_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_ecrpublic_repository_2 +Title: "Query Detailed Info for AWS ECR Public Repositories" +Description: "Allows users to query AWS Elastic Container Registry Public Repository to get detailed information about each ECR public repository within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_ecrpublic_repository, + jsonb_array_elements(policy -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a + where + s ->> 'Effect' = 'Allow' + and a in ('*', 'ecr-public:*'); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Registry Public diff --git a/queries/aws_ecs_cluster_1.yaml b/queries/aws_ecs_cluster_1.yaml index a6cb36731..c2f54ca5b 100755 --- a/queries/aws_ecs_cluster_1.yaml +++ b/queries/aws_ecs_cluster_1.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_cluster_1 Title: "List AWS ECS Clusters and Their Configuration Status" Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_cluster_1.yaml.bak b/queries/aws_ecs_cluster_1.yaml.bak new file mode 100755 index 000000000..a6cb36731 --- /dev/null +++ b/queries/aws_ecs_cluster_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ecs_cluster_1 +Title: "List AWS ECS Clusters and Their Configuration Status" +Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_arn, + cluster_name, + active_services_count, + attachments, + attachments_status, + status + from + aws_ecs_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_cluster_2.yaml b/queries/aws_ecs_cluster_2.yaml index 64eccc3fb..3fe4edd1e 100755 --- a/queries/aws_ecs_cluster_2.yaml +++ b/queries/aws_ecs_cluster_2.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_cluster_2 Title: "Find AWS ECS Clusters with Detailed Information" Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_cluster_2.yaml.bak b/queries/aws_ecs_cluster_2.yaml.bak new file mode 100755 index 000000000..64eccc3fb --- /dev/null +++ b/queries/aws_ecs_cluster_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ecs_cluster_2 +Title: "Find AWS ECS Clusters with Detailed Information" +Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_arn, + status + from + aws_ecs_cluster + where + status = 'FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_cluster_3.yaml b/queries/aws_ecs_cluster_3.yaml index 619f2f09c..f3d74eef4 100755 --- a/queries/aws_ecs_cluster_3.yaml +++ b/queries/aws_ecs_cluster_3.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_cluster_3 Title: "List all AWS ECS Clusters with detailed configuration and status" Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_cluster_3.yaml.bak b/queries/aws_ecs_cluster_3.yaml.bak new file mode 100755 index 000000000..619f2f09c --- /dev/null +++ b/queries/aws_ecs_cluster_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ecs_cluster_3 +Title: "List all AWS ECS Clusters with detailed configuration and status" +Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_arn, + attachment ->> 'id' as attachment_id, + attachment ->> 'status' as attachment_status, + attachment ->> 'type' as attachment_type + from + aws_ecs_cluster, + jsonb_array_elements(attachments) as attachment; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_cluster_4.yaml b/queries/aws_ecs_cluster_4.yaml index fbba2c17e..703c23fc6 100755 --- a/queries/aws_ecs_cluster_4.yaml +++ b/queries/aws_ecs_cluster_4.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_cluster_4 Title: "Find AWS ECS Clusters Configuration and Status" Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_cluster_4.yaml.bak b/queries/aws_ecs_cluster_4.yaml.bak new file mode 100755 index 000000000..fbba2c17e --- /dev/null +++ b/queries/aws_ecs_cluster_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ecs_cluster_4 +Title: "Find AWS ECS Clusters Configuration and Status" +Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_arn, + setting ->> 'Name' as name, + setting ->> 'Value' as value + from + aws_ecs_cluster, + jsonb_array_elements(settings) as setting + where + setting ->> 'Value' = 'disabled'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml index 12d73186f..6e82417b0 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_cluster_metric_cpu_utilization_1 Title: "Find AWS ECS Cluster CPU Utilization Metrics for a Period" Description: "Allows users to query ECS Cluster CPU Utilization Metrics for a specified period." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml.bak new file mode 100755 index 000000000..12d73186f --- /dev/null +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ecs_cluster_metric_cpu_utilization_1 +Title: "Find AWS ECS Cluster CPU Utilization Metrics for a Period" +Description: "Allows users to query ECS Cluster CPU Utilization Metrics for a specified period." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_ecs_cluster_metric_cpu_utilization + order by + cluster_name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml index ef767b423..cd57fa20d 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_cluster_metric_cpu_utilization_2 Title: "Find ECS Cluster CPU Utilization Metrics Over Period" Description: "Allows users to query ECS Cluster CPU Utilization Metrics for a specified period." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml.bak new file mode 100755 index 000000000..ef767b423 --- /dev/null +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_ecs_cluster_metric_cpu_utilization_2 +Title: "Find ECS Cluster CPU Utilization Metrics Over Period" +Description: "Allows users to query ECS Cluster CPU Utilization Metrics for a specified period." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_ecs_cluster_metric_cpu_utilization + where + average > 80 + order by + cluster_name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml index 324635275..79fae3d06 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_cluster_metric_cpu_utilization_daily_1 Title: "List all AWS ECS Cluster Metrics for Daily CPU Utilization" Description: "Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, specifically CPU utilization on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml.bak new file mode 100755 index 000000000..324635275 --- /dev/null +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ecs_cluster_metric_cpu_utilization_daily_1 +Title: "List all AWS ECS Cluster Metrics for Daily CPU Utilization" +Description: "Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, specifically CPU utilization on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_ecs_cluster_metric_cpu_utilization_daily + order by + cluster_name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Service diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml index 5d2cf679d..ce34e3986 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_cluster_metric_cpu_utilization_daily_2 Title: "List all AWS ECS Cluster Metrics for Daily CPU Utilization" Description: "Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, specifically CPU utilization on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml.bak new file mode 100755 index 000000000..5d2cf679d --- /dev/null +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ecs_cluster_metric_cpu_utilization_daily_2 +Title: "List all AWS ECS Cluster Metrics for Daily CPU Utilization" +Description: "Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, specifically CPU utilization on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_ecs_cluster_metric_cpu_utilization_daily + where + average > 80 + order by + cluster_name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Service diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml index 32b519b50..cfce4fcda 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_cluster_metric_cpu_utilization_daily_3 Title: "Find AWS ECS Cluster Daily CPU Utilization Metrics" Description: "Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, specifically CPU utilization on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml.bak new file mode 100755 index 000000000..32b519b50 --- /dev/null +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ecs_cluster_metric_cpu_utilization_daily_3 +Title: "Find AWS ECS Cluster Daily CPU Utilization Metrics" +Description: "Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, specifically CPU utilization on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_ecs_cluster_metric_cpu_utilization_daily + where + average < 1 + order by + cluster_name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Service diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml index 796c1a5b9..6aa316bb3 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_cluster_metric_cpu_utilization_hourly_1 Title: "List AWS ECS Cluster Hourly CPU Utilization Metrics" Description: "Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml.bak new file mode 100755 index 000000000..796c1a5b9 --- /dev/null +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ecs_cluster_metric_cpu_utilization_hourly_1 +Title: "List AWS ECS Cluster Hourly CPU Utilization Metrics" +Description: "Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_ecs_cluster_metric_cpu_utilization_hourly + order by + cluster_name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon ECS diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml index 8cedccb8d..5a934a8a9 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_cluster_metric_cpu_utilization_hourly_2 Title: "List AWS ECS Cluster CPU Utilization Metrics Hourly" Description: "Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml.bak new file mode 100755 index 000000000..8cedccb8d --- /dev/null +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ecs_cluster_metric_cpu_utilization_hourly_2 +Title: "List AWS ECS Cluster CPU Utilization Metrics Hourly" +Description: "Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_ecs_cluster_metric_cpu_utilization_hourly + where + average > 80 + order by + cluster_name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml index 2a97bed8c..0a9b783db 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_cluster_metric_cpu_utilization_hourly_3 Title: "Find AWS ECS Cluster CPU Utilization Metrics Hourly" Description: "Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml.bak new file mode 100755 index 000000000..2a97bed8c --- /dev/null +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ecs_cluster_metric_cpu_utilization_hourly_3 +Title: "Find AWS ECS Cluster CPU Utilization Metrics Hourly" +Description: "Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_ecs_cluster_metric_cpu_utilization_hourly + where + average < 1 + order by + cluster_name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_container_instance_1.yaml b/queries/aws_ecs_container_instance_1.yaml index cb790e595..511b908a1 100755 --- a/queries/aws_ecs_container_instance_1.yaml +++ b/queries/aws_ecs_container_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_container_instance_1 Title: "Find All Running and Pending Tasks for AWS ECS Instances" Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_container_instance_1.yaml.bak b/queries/aws_ecs_container_instance_1.yaml.bak new file mode 100755 index 000000000..cb790e595 --- /dev/null +++ b/queries/aws_ecs_container_instance_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ecs_container_instance_1 +Title: "Find All Running and Pending Tasks for AWS ECS Instances" +Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + ec2_instance_id, + status, + status_reason, + running_tasks_count, + pending_tasks_count + from + aws_ecs_container_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Elastic Container Service (ECS) diff --git a/queries/aws_ecs_container_instance_2.yaml b/queries/aws_ecs_container_instance_2.yaml index b8fb5f9f4..9fc9200ae 100755 --- a/queries/aws_ecs_container_instance_2.yaml +++ b/queries/aws_ecs_container_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_container_instance_2 Title: "Find All AWS ECS Container Instances with Registration Failed" Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_container_instance_2.yaml.bak b/queries/aws_ecs_container_instance_2.yaml.bak new file mode 100755 index 000000000..b8fb5f9f4 --- /dev/null +++ b/queries/aws_ecs_container_instance_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ecs_container_instance_2 +Title: "Find All AWS ECS Container Instances with Registration Failed" +Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + status, + status_reason + from + aws_ecs_container_instance + where + status = 'REGISTRATION_FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Service diff --git a/queries/aws_ecs_container_instance_3.yaml b/queries/aws_ecs_container_instance_3.yaml index 8030d2e6f..454975a96 100755 --- a/queries/aws_ecs_container_instance_3.yaml +++ b/queries/aws_ecs_container_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_container_instance_3 Title: "List all AWS ECS Container Instances with SQL" Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_container_instance_3.yaml.bak b/queries/aws_ecs_container_instance_3.yaml.bak new file mode 100755 index 000000000..8030d2e6f --- /dev/null +++ b/queries/aws_ecs_container_instance_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ecs_container_instance_3 +Title: "List all AWS ECS Container Instances with SQL" +Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + attachment ->> 'id' as attachment_id, + attachment ->> 'status' as attachment_status, + attachment ->> 'type' as attachment_type + from + aws_ecs_container_instance, + jsonb_array_elements(attachments) as attachment; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Elastic Container Service diff --git a/queries/aws_ecs_container_instance_4.yaml b/queries/aws_ecs_container_instance_4.yaml index 7b577c9fe..73274e94a 100755 --- a/queries/aws_ecs_container_instance_4.yaml +++ b/queries/aws_ecs_container_instance_4.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_container_instance_4 Title: "Find AWS ECS Container Instances with Specific AMI IDs" Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_container_instance_4.yaml.bak b/queries/aws_ecs_container_instance_4.yaml.bak new file mode 100755 index 000000000..7b577c9fe --- /dev/null +++ b/queries/aws_ecs_container_instance_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ecs_container_instance_4 +Title: "Find AWS ECS Container Instances with Specific AMI IDs" +Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + setting ->> 'Name' as name, + setting ->> 'Value' as value + from + aws_ecs_container_instance, + jsonb_array_elements(attributes) as setting + where + setting ->> 'Name' = 'ecs.ami-id' and + setting ->> 'Value' = 'ami-0babb0c4a4e5769b8'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Elastic Container Service diff --git a/queries/aws_ecs_service_1.yaml b/queries/aws_ecs_service_1.yaml index 26096176a..1b81903c4 100755 --- a/queries/aws_ecs_service_1.yaml +++ b/queries/aws_ecs_service_1.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_service_1 Title: "List all services within AWS Elastic Container Service" Description: "Allows users to query AWS Elastic Container Service (ECS) to retrieve information about the services within the ECS clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_service_1.yaml.bak b/queries/aws_ecs_service_1.yaml.bak new file mode 100755 index 000000000..26096176a --- /dev/null +++ b/queries/aws_ecs_service_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ecs_service_1 +Title: "List all services within AWS Elastic Container Service" +Description: "Allows users to query AWS Elastic Container Service (ECS) to retrieve information about the services within the ECS clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + arn, + cluster_arn, + task_definition, + status + from + aws_ecs_service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Service diff --git a/queries/aws_ecs_service_2.yaml b/queries/aws_ecs_service_2.yaml index 1cdad04ca..e0ba415cf 100755 --- a/queries/aws_ecs_service_2.yaml +++ b/queries/aws_ecs_service_2.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_service_2 Title: "List all AWS ECS services in clusters" Description: "Allows users to query AWS Elastic Container Service (ECS) to retrieve information about the services within the ECS clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_service_2.yaml.bak b/queries/aws_ecs_service_2.yaml.bak new file mode 100755 index 000000000..1cdad04ca --- /dev/null +++ b/queries/aws_ecs_service_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ecs_service_2 +Title: "List all AWS ECS services in clusters" +Description: "Allows users to query AWS Elastic Container Service (ECS) to retrieve information about the services within the ECS clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + arn, + launch_type, + platform_version + from + aws_ecs_service + where + launch_type = 'FARGATE' + and platform_version is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Service diff --git a/queries/aws_ecs_service_3.yaml b/queries/aws_ecs_service_3.yaml index 2a16cecac..c11ee5c02 100755 --- a/queries/aws_ecs_service_3.yaml +++ b/queries/aws_ecs_service_3.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_service_3 Title: "List all inactive services in AWS ECS clusters" Description: "Allows users to query AWS Elastic Container Service (ECS) to retrieve information about the services within the ECS clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_service_3.yaml.bak b/queries/aws_ecs_service_3.yaml.bak new file mode 100755 index 000000000..2a16cecac --- /dev/null +++ b/queries/aws_ecs_service_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ecs_service_3 +Title: "List all inactive services in AWS ECS clusters" +Description: "Allows users to query AWS Elastic Container Service (ECS) to retrieve information about the services within the ECS clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + arn, + status + from + aws_ecs_service + where + status = 'INACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Container Service diff --git a/queries/aws_ecs_task_1.yaml b/queries/aws_ecs_task_1.yaml index 020961b6b..e99947377 100755 --- a/queries/aws_ecs_task_1.yaml +++ b/queries/aws_ecs_task_1.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_task_1 Title: "List all AWS ECS Tasks with their Status and Metadata" Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_task_1.yaml.bak b/queries/aws_ecs_task_1.yaml.bak new file mode 100755 index 000000000..020961b6b --- /dev/null +++ b/queries/aws_ecs_task_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ecs_task_1 +Title: "List all AWS ECS Tasks with their Status and Metadata" +Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + desired_status, + launch_type, + task_arn + from + aws_ecs_task; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_task_2.yaml b/queries/aws_ecs_task_2.yaml index a77810bcc..4c0465b04 100755 --- a/queries/aws_ecs_task_2.yaml +++ b/queries/aws_ecs_task_2.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_task_2 Title: "List all AWS ECS Tasks with Status, Definition, and Metadata" Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_task_2.yaml.bak b/queries/aws_ecs_task_2.yaml.bak new file mode 100755 index 000000000..a77810bcc --- /dev/null +++ b/queries/aws_ecs_task_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ecs_task_2 +Title: "List all AWS ECS Tasks with Status, Definition, and Metadata" +Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + task_arn, + a ->> 'Id' as attachment_id, + a ->> 'Status' as attachment_status, + a ->> 'Type' as attachment_type, + jsonb_pretty(a -> 'Details') as attachment_details + from + aws_ecs_task, + jsonb_array_elements(attachments) as a; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_task_3.yaml b/queries/aws_ecs_task_3.yaml index 6ef3be52d..9d80f2580 100755 --- a/queries/aws_ecs_task_3.yaml +++ b/queries/aws_ecs_task_3.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_task_3 Title: "List all AWS ECS Tasks with Detailed Metadata" Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_task_3.yaml.bak b/queries/aws_ecs_task_3.yaml.bak new file mode 100755 index 000000000..9d80f2580 --- /dev/null +++ b/queries/aws_ecs_task_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ecs_task_3 +Title: "List all AWS ECS Tasks with Detailed Metadata" +Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + task_arn, + protection ->> 'ProtectionEnabled' as protection_enabled, + protection ->> 'ExpirationDate' as protection_expiration_date + from + aws_ecs_task; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_task_3.yaml.bak.bak b/queries/aws_ecs_task_3.yaml.bak.bak new file mode 100755 index 000000000..9d80f2580 --- /dev/null +++ b/queries/aws_ecs_task_3.yaml.bak.bak @@ -0,0 +1,25 @@ +ID: aws_ecs_task_3 +Title: "List all AWS ECS Tasks with Detailed Metadata" +Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + task_arn, + protection ->> 'ProtectionEnabled' as protection_enabled, + protection ->> 'ExpirationDate' as protection_expiration_date + from + aws_ecs_task; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_task_definition_1.yaml b/queries/aws_ecs_task_definition_1.yaml index 614a929e9..1be02e1ea 100755 --- a/queries/aws_ecs_task_definition_1.yaml +++ b/queries/aws_ecs_task_definition_1.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_task_definition_1 Title: "List AWS ECS Task Definitions to Gain Service Insights" Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_task_definition_1.yaml.bak b/queries/aws_ecs_task_definition_1.yaml.bak new file mode 100755 index 000000000..614a929e9 --- /dev/null +++ b/queries/aws_ecs_task_definition_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ecs_task_definition_1 +Title: "List AWS ECS Task Definitions to Gain Service Insights" +Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + task_definition_arn, + cpu, + network_mode, + title, + status, + tags + from + aws_ecs_task_definition; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_task_definition_2.yaml b/queries/aws_ecs_task_definition_2.yaml index ce954daa0..4252a94e1 100755 --- a/queries/aws_ecs_task_definition_2.yaml +++ b/queries/aws_ecs_task_definition_2.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_task_definition_2 Title: "Find AWS ECS Task Definitions Configuration Details" Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_task_definition_2.yaml.bak b/queries/aws_ecs_task_definition_2.yaml.bak new file mode 100755 index 000000000..ce954daa0 --- /dev/null +++ b/queries/aws_ecs_task_definition_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ecs_task_definition_2 +Title: "Find AWS ECS Task Definitions Configuration Details" +Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + task_definition_arn, + jsonb_array_length(container_definitions) as num_of_conatiners + from + aws_ecs_task_definition; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_task_definition_3.yaml b/queries/aws_ecs_task_definition_3.yaml index 8ce301675..5bb62a778 100755 --- a/queries/aws_ecs_task_definition_3.yaml +++ b/queries/aws_ecs_task_definition_3.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_task_definition_3 Title: "List all AWS ECS Task Definitions with Privileged Containers" Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_task_definition_3.yaml.bak b/queries/aws_ecs_task_definition_3.yaml.bak new file mode 100755 index 000000000..5bb62a778 --- /dev/null +++ b/queries/aws_ecs_task_definition_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ecs_task_definition_3 +Title: "List all AWS ECS Task Definitions with Privileged Containers" +Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + task_definition_arn, + cd ->> 'Privileged' as privileged, + cd ->> 'Name' as container_name + from + aws_ecs_task_definition, + jsonb_array_elements(container_definitions) as cd + where + cd ->> 'Privileged' = 'true'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_task_definition_3.yaml.bak.bak b/queries/aws_ecs_task_definition_3.yaml.bak.bak new file mode 100755 index 000000000..5bb62a778 --- /dev/null +++ b/queries/aws_ecs_task_definition_3.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_ecs_task_definition_3 +Title: "List all AWS ECS Task Definitions with Privileged Containers" +Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + task_definition_arn, + cd ->> 'Privileged' as privileged, + cd ->> 'Name' as container_name + from + aws_ecs_task_definition, + jsonb_array_elements(container_definitions) as cd + where + cd ->> 'Privileged' = 'true'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_ecs_task_definition_4.yaml b/queries/aws_ecs_task_definition_4.yaml index 34319e329..b20d4bc3d 100755 --- a/queries/aws_ecs_task_definition_4.yaml +++ b/queries/aws_ecs_task_definition_4.yaml @@ -1,7 +1,7 @@ ID: aws_ecs_task_definition_4 Title: "Find AWS ECS Task Definitions Without Log Config" Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ecs_task_definition_4.yaml.bak b/queries/aws_ecs_task_definition_4.yaml.bak new file mode 100755 index 000000000..34319e329 --- /dev/null +++ b/queries/aws_ecs_task_definition_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ecs_task_definition_4 +Title: "Find AWS ECS Task Definitions Without Log Config" +Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + task_definition_arn, + cd ->> 'Name' as container_name, + cd ->> 'LogConfiguration' as log_configuration + from + aws_ecs_task_definition, + jsonb_array_elements(container_definitions) as cd + where + cd ->> 'LogConfiguration' is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ECS diff --git a/queries/aws_efs_access_point_1.yaml b/queries/aws_efs_access_point_1.yaml index 51897c397..28a93f6a3 100755 --- a/queries/aws_efs_access_point_1.yaml +++ b/queries/aws_efs_access_point_1.yaml @@ -1,7 +1,7 @@ ID: aws_efs_access_point_1 Title: "List all Amazon EFS Access Points Configurations" Description: "Allows users to query Amazon EFS Access Points, providing detailed information about each access point''s configuration, including the file system it is associated with, its access point ID, and other related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_efs_access_point_1.yaml.bak b/queries/aws_efs_access_point_1.yaml.bak new file mode 100755 index 000000000..51897c397 --- /dev/null +++ b/queries/aws_efs_access_point_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_efs_access_point_1 +Title: "List all Amazon EFS Access Points Configurations" +Description: "Allows users to query Amazon EFS Access Points, providing detailed information about each access point''s configuration, including the file system it is associated with, its access point ID, and other related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + access_point_id, + access_point_arn, + file_system_id, + life_cycle_state, + owner_id, + root_directory + from + aws_efs_access_point; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EFS diff --git a/queries/aws_efs_access_point_2.yaml b/queries/aws_efs_access_point_2.yaml index ee10784b9..eb93205d2 100755 --- a/queries/aws_efs_access_point_2.yaml +++ b/queries/aws_efs_access_point_2.yaml @@ -1,7 +1,7 @@ ID: aws_efs_access_point_2 Title: "Find all Detailed Info About AWS EFS Access Points" Description: "Allows users to query Amazon EFS Access Points, providing detailed information about each access point''s configuration, including the file system it is associated with, its access point ID, and other related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_efs_access_point_2.yaml.bak b/queries/aws_efs_access_point_2.yaml.bak new file mode 100755 index 000000000..ee10784b9 --- /dev/null +++ b/queries/aws_efs_access_point_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_efs_access_point_2 +Title: "Find all Detailed Info About AWS EFS Access Points" +Description: "Allows users to query Amazon EFS Access Points, providing detailed information about each access point''s configuration, including the file system it is associated with, its access point ID, and other related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + access_point_id, + file_system_id, + owner_id, + root_directory + from + aws_efs_access_point + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EFS diff --git a/queries/aws_efs_access_point_3.yaml b/queries/aws_efs_access_point_3.yaml index bdaa6694a..e09945f24 100755 --- a/queries/aws_efs_access_point_3.yaml +++ b/queries/aws_efs_access_point_3.yaml @@ -1,7 +1,7 @@ ID: aws_efs_access_point_3 Title: "List all Amazon EFS Access Points with State 'Error'" Description: "Allows users to query Amazon EFS Access Points, providing detailed information about each access point''s configuration, including the file system it is associated with, its access point ID, and other related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_efs_access_point_3.yaml.bak b/queries/aws_efs_access_point_3.yaml.bak new file mode 100755 index 000000000..bdaa6694a --- /dev/null +++ b/queries/aws_efs_access_point_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_efs_access_point_3 +Title: "List all Amazon EFS Access Points with State 'Error'" +Description: "Allows users to query Amazon EFS Access Points, providing detailed information about each access point''s configuration, including the file system it is associated with, its access point ID, and other related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + access_point_id, + life_cycle_state, + file_system_id, + owner_id, + root_directory + from + aws_efs_access_point + where + life_cycle_state = 'error'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EFS diff --git a/queries/aws_efs_file_system_1.yaml b/queries/aws_efs_file_system_1.yaml index dc343e1ca..cb1b91bb5 100755 --- a/queries/aws_efs_file_system_1.yaml +++ b/queries/aws_efs_file_system_1.yaml @@ -1,7 +1,7 @@ ID: aws_efs_file_system_1 Title: "Find EFS File Systems with Details from AWS" Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_efs_file_system_1.yaml.bak b/queries/aws_efs_file_system_1.yaml.bak new file mode 100755 index 000000000..dc343e1ca --- /dev/null +++ b/queries/aws_efs_file_system_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_efs_file_system_1 +Title: "Find EFS File Systems with Details from AWS" +Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + file_system_id, + owner_id, + automatic_backups, + creation_token, + creation_time, + life_cycle_state, + number_of_mount_targets, + performance_mode, + throughput_mode + from + aws_efs_file_system; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic File System diff --git a/queries/aws_efs_file_system_2.yaml b/queries/aws_efs_file_system_2.yaml index 7ca28451a..9b1046251 100755 --- a/queries/aws_efs_file_system_2.yaml +++ b/queries/aws_efs_file_system_2.yaml @@ -1,7 +1,7 @@ ID: aws_efs_file_system_2 Title: "Find AWS EFS file systems with detailed information" Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_efs_file_system_2.yaml.bak b/queries/aws_efs_file_system_2.yaml.bak new file mode 100755 index 000000000..7ca28451a --- /dev/null +++ b/queries/aws_efs_file_system_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_efs_file_system_2 +Title: "Find AWS EFS file systems with detailed information" +Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + file_system_id, + encrypted, + kms_key_id, + region + from + aws_efs_file_system + where + not encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic File System diff --git a/queries/aws_efs_file_system_3.yaml b/queries/aws_efs_file_system_3.yaml index 4abcdc541..67f012cce 100755 --- a/queries/aws_efs_file_system_3.yaml +++ b/queries/aws_efs_file_system_3.yaml @@ -1,7 +1,7 @@ ID: aws_efs_file_system_3 Title: "Find detailed info about AWS EFS file systems" Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_efs_file_system_3.yaml.bak b/queries/aws_efs_file_system_3.yaml.bak new file mode 100755 index 000000000..4abcdc541 --- /dev/null +++ b/queries/aws_efs_file_system_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_efs_file_system_3 +Title: "Find detailed info about AWS EFS file systems" +Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + file_system_id, + size_in_bytes ->> 'Value' as data_size, + size_in_bytes ->> 'Timestamp' as data_size_timestamp, + size_in_bytes ->> 'ValueInIA' as data_size_infrequent_access_storage, + size_in_bytes ->> 'ValueInStandard' as data_size_standard_storage + from + aws_efs_file_system; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic File System diff --git a/queries/aws_efs_file_system_4.yaml b/queries/aws_efs_file_system_4.yaml index ea5f9cd0b..fab3a9d13 100755 --- a/queries/aws_efs_file_system_4.yaml +++ b/queries/aws_efs_file_system_4.yaml @@ -1,7 +1,7 @@ ID: aws_efs_file_system_4 Title: "Find AWS EFS File System with Specific Client Root Access" Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_efs_file_system_4.yaml.bak b/queries/aws_efs_file_system_4.yaml.bak new file mode 100755 index 000000000..ea5f9cd0b --- /dev/null +++ b/queries/aws_efs_file_system_4.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_efs_file_system_4 +Title: "Find AWS EFS File System with Specific Client Root Access" +Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_efs_file_system, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a + where + a in ('elasticfilesystem:clientrootaccess'); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic File System diff --git a/queries/aws_efs_file_system_5.yaml b/queries/aws_efs_file_system_5.yaml index ce52f9a4c..e408a2a9e 100755 --- a/queries/aws_efs_file_system_5.yaml +++ b/queries/aws_efs_file_system_5.yaml @@ -1,7 +1,7 @@ ID: aws_efs_file_system_5 Title: "List all AWS EFS File Systems with Detailed Information" Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_efs_file_system_5.yaml.bak b/queries/aws_efs_file_system_5.yaml.bak new file mode 100755 index 000000000..ce52f9a4c --- /dev/null +++ b/queries/aws_efs_file_system_5.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_efs_file_system_5 +Title: "List all AWS EFS File Systems with Detailed Information" +Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title + from + aws_efs_file_system + where + title not in ( + select + title + from + aws_efs_file_system, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a, + jsonb_array_elements_text( + s -> 'Condition' -> 'Bool' -> 'aws:securetransport' + ) as ssl + where + p = '*' + and s ->> 'Effect' = 'Deny' + and ssl :: bool = false + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic File System diff --git a/queries/aws_efs_file_system_6.yaml b/queries/aws_efs_file_system_6.yaml index 65fb9d0a6..0379fa729 100755 --- a/queries/aws_efs_file_system_6.yaml +++ b/queries/aws_efs_file_system_6.yaml @@ -1,7 +1,7 @@ ID: aws_efs_file_system_6 Title: "List AWS EFS file systems with automatic backups enabled" Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_efs_file_system_6.yaml.bak b/queries/aws_efs_file_system_6.yaml.bak new file mode 100755 index 000000000..65fb9d0a6 --- /dev/null +++ b/queries/aws_efs_file_system_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_efs_file_system_6 +Title: "List AWS EFS file systems with automatic backups enabled" +Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + automatic_backups, + arn, + file_system_id + from + aws_efs_file_system + where + automatic_backups = 'enabled'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic File System (EFS) diff --git a/queries/aws_efs_mount_target_1.yaml b/queries/aws_efs_mount_target_1.yaml index e769feecd..83d7052dd 100755 --- a/queries/aws_efs_mount_target_1.yaml +++ b/queries/aws_efs_mount_target_1.yaml @@ -1,7 +1,7 @@ ID: aws_efs_mount_target_1 Title: "Find AWS EFS Mount Targets Configuration and Status" Description: "Allows users to query AWS EFS Mount Targets for detailed information about each mount target''s configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_efs_mount_target_1.yaml.bak b/queries/aws_efs_mount_target_1.yaml.bak new file mode 100755 index 000000000..e769feecd --- /dev/null +++ b/queries/aws_efs_mount_target_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_efs_mount_target_1 +Title: "Find AWS EFS Mount Targets Configuration and Status" +Description: "Allows users to query AWS EFS Mount Targets for detailed information about each mount target''s configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + mount_target_id, + file_system_id, + life_cycle_state, + availability_zone_id, + availability_zone_name + from + aws_efs_mount_target; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EFS diff --git a/queries/aws_efs_mount_target_2.yaml b/queries/aws_efs_mount_target_2.yaml index 7ecad43af..9d91b69d4 100755 --- a/queries/aws_efs_mount_target_2.yaml +++ b/queries/aws_efs_mount_target_2.yaml @@ -1,7 +1,7 @@ ID: aws_efs_mount_target_2 Title: "Find AWS EFS Mount Targets Configuration and Status" Description: "Allows users to query AWS EFS Mount Targets for detailed information about each mount target''s configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_efs_mount_target_2.yaml.bak b/queries/aws_efs_mount_target_2.yaml.bak new file mode 100755 index 000000000..7ecad43af --- /dev/null +++ b/queries/aws_efs_mount_target_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_efs_mount_target_2 +Title: "Find AWS EFS Mount Targets Configuration and Status" +Description: "Allows users to query AWS EFS Mount Targets for detailed information about each mount target''s configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + mount_target_id, + network_interface_id, + subnet_id, + vpc_id + from + aws_efs_mount_target; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EFS Mount Targets diff --git a/queries/aws_eks_addon_1.yaml b/queries/aws_eks_addon_1.yaml index ce0c1901f..bf414f77f 100755 --- a/queries/aws_eks_addon_1.yaml +++ b/queries/aws_eks_addon_1.yaml @@ -1,7 +1,7 @@ ID: aws_eks_addon_1 Title: "Find AWS EKS Add-Ons Information" Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_addon_1.yaml.bak b/queries/aws_eks_addon_1.yaml.bak new file mode 100755 index 000000000..ce0c1901f --- /dev/null +++ b/queries/aws_eks_addon_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_eks_addon_1 +Title: "Find AWS EKS Add-Ons Information" +Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + addon_name, + arn, + addon_version, + cluster_name, + status, + service_account_role_arn + from + aws_eks_addon; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EKS diff --git a/queries/aws_eks_addon_2.yaml b/queries/aws_eks_addon_2.yaml index a98284fa4..a9c35df1c 100755 --- a/queries/aws_eks_addon_2.yaml +++ b/queries/aws_eks_addon_2.yaml @@ -1,7 +1,7 @@ ID: aws_eks_addon_2 Title: "Find all AWS EKS add-ons associated with EKS clusters" Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_addon_2.yaml.bak b/queries/aws_eks_addon_2.yaml.bak new file mode 100755 index 000000000..a98284fa4 --- /dev/null +++ b/queries/aws_eks_addon_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_eks_addon_2 +Title: "Find all AWS EKS add-ons associated with EKS clusters" +Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + addon_name, + arn, + cluster_name, + status + from + aws_eks_addon + where + status <> 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EKS diff --git a/queries/aws_eks_addon_3.yaml b/queries/aws_eks_addon_3.yaml index 3aa6e31b7..543457338 100755 --- a/queries/aws_eks_addon_3.yaml +++ b/queries/aws_eks_addon_3.yaml @@ -1,7 +1,7 @@ ID: aws_eks_addon_3 Title: "List all Add-Ons Associated with Each Amazon EKS Cluster" Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_addon_3.yaml.bak b/queries/aws_eks_addon_3.yaml.bak new file mode 100755 index 000000000..543457338 --- /dev/null +++ b/queries/aws_eks_addon_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_eks_addon_3 +Title: "List all Add-Ons Associated with Each Amazon EKS Cluster" +Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + count(addon_name) as addon_count + from + aws_eks_addon + group by + cluster_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EKS diff --git a/queries/aws_eks_addon_3.yaml.bak.bak b/queries/aws_eks_addon_3.yaml.bak.bak new file mode 100755 index 000000000..543457338 --- /dev/null +++ b/queries/aws_eks_addon_3.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_eks_addon_3 +Title: "List all Add-Ons Associated with Each Amazon EKS Cluster" +Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_name, + count(addon_name) as addon_count + from + aws_eks_addon + group by + cluster_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EKS diff --git a/queries/aws_eks_addon_version_1.yaml b/queries/aws_eks_addon_version_1.yaml index 9460577f6..ec4a2a2c0 100755 --- a/queries/aws_eks_addon_version_1.yaml +++ b/queries/aws_eks_addon_version_1.yaml @@ -1,7 +1,7 @@ ID: aws_eks_addon_version_1 Title: "List AWS EKS Add-On Versions" Description: "Allows users to query AWS EKS Add-On Versions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_addon_version_1.yaml.bak b/queries/aws_eks_addon_version_1.yaml.bak new file mode 100755 index 000000000..9460577f6 --- /dev/null +++ b/queries/aws_eks_addon_version_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_eks_addon_version_1 +Title: "List AWS EKS Add-On Versions" +Description: "Allows users to query AWS EKS Add-On Versions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + addon_name, + addon_version, + type + from + aws_eks_addon_version; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EKS diff --git a/queries/aws_eks_addon_version_2.yaml b/queries/aws_eks_addon_version_2.yaml index 9f7fb4ce6..7e4734601 100755 --- a/queries/aws_eks_addon_version_2.yaml +++ b/queries/aws_eks_addon_version_2.yaml @@ -1,7 +1,7 @@ ID: aws_eks_addon_version_2 Title: "List All AWS EKS Add-On Versions and Their Counts" Description: "Allows users to query AWS EKS Add-On Versions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_addon_version_2.yaml.bak b/queries/aws_eks_addon_version_2.yaml.bak new file mode 100755 index 000000000..9f7fb4ce6 --- /dev/null +++ b/queries/aws_eks_addon_version_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_eks_addon_version_2 +Title: "List All AWS EKS Add-On Versions and Their Counts" +Description: "Allows users to query AWS EKS Add-On Versions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + addon_name, + count(addon_version) as addon_version_count + from + aws_eks_addon_version + group by + addon_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EKS diff --git a/queries/aws_eks_addon_version_3.yaml b/queries/aws_eks_addon_version_3.yaml index c3be2e23f..231a128bc 100755 --- a/queries/aws_eks_addon_version_3.yaml +++ b/queries/aws_eks_addon_version_3.yaml @@ -1,7 +1,7 @@ ID: aws_eks_addon_version_3 Title: "Find AWS EKS Add-On Versions" Description: "Allows users to query AWS EKS Add-On Versions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_addon_version_3.yaml.bak b/queries/aws_eks_addon_version_3.yaml.bak new file mode 100755 index 000000000..c3be2e23f --- /dev/null +++ b/queries/aws_eks_addon_version_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_eks_addon_version_3 +Title: "Find AWS EKS Add-On Versions" +Description: "Allows users to query AWS EKS Add-On Versions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + addon_name, + addon_version, + addon_configuration -> '$defs' -> 'extraVolumeTags' ->> 'description' as addon_configuration_def_description, + addon_configuration -> '$defs' -> 'extraVolumeTags' -> 'propertyNames' as addon_configuration_def_property_names, + addon_configuration -> '$defs' -> 'extraVolumeTags' -> 'patternProperties' as addon_configuration_def_pattern_properties, + addon_configuration -> 'properties' as addon_configuration_properties + from + aws_eks_addon_version limit 10; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EKS diff --git a/queries/aws_eks_cluster_1.yaml b/queries/aws_eks_cluster_1.yaml index bc90c2492..993863a26 100755 --- a/queries/aws_eks_cluster_1.yaml +++ b/queries/aws_eks_cluster_1.yaml @@ -1,7 +1,7 @@ ID: aws_eks_cluster_1 Title: "Query AWS EKS Cluster Configuration and Statuses" Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_cluster_1.yaml.bak b/queries/aws_eks_cluster_1.yaml.bak new file mode 100755 index 000000000..bc90c2492 --- /dev/null +++ b/queries/aws_eks_cluster_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_eks_cluster_1 +Title: "Query AWS EKS Cluster Configuration and Statuses" +Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + endpoint, + identity, + status + from + aws_eks_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Kubernetes Service diff --git a/queries/aws_eks_cluster_2.yaml b/queries/aws_eks_cluster_2.yaml index 5af18cad9..996f9cfc3 100755 --- a/queries/aws_eks_cluster_2.yaml +++ b/queries/aws_eks_cluster_2.yaml @@ -1,7 +1,7 @@ ID: aws_eks_cluster_2 Title: "Find AWS EKS Cluster Configurations and Metadata" Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_cluster_2.yaml.bak b/queries/aws_eks_cluster_2.yaml.bak new file mode 100755 index 000000000..5af18cad9 --- /dev/null +++ b/queries/aws_eks_cluster_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_eks_cluster_2 +Title: "Find AWS EKS Cluster Configurations and Metadata" +Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + resources_vpc_config ->> 'ClusterSecurityGroupId' as cluster_security_group_id, + resources_vpc_config ->> 'EndpointPrivateAccess' as endpoint_private_access, + resources_vpc_config ->> 'EndpointPublicAccess' as endpoint_public_access, + resources_vpc_config ->> 'PublicAccessCidrs' as public_access_cidrs, + resources_vpc_config ->> 'SecurityGroupIds' as security_group_ids, + resources_vpc_config -> 'SubnetIds' as subnet_ids, + resources_vpc_config ->> 'VpcId' as vpc_id + from + aws_eks_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Kubernetes Service diff --git a/queries/aws_eks_cluster_3.yaml b/queries/aws_eks_cluster_3.yaml index 47b52b472..44adf833f 100755 --- a/queries/aws_eks_cluster_3.yaml +++ b/queries/aws_eks_cluster_3.yaml @@ -1,7 +1,7 @@ ID: aws_eks_cluster_3 Title: "Find AWS EKS Cluster Configurations and Statuses" Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_cluster_3.yaml.bak b/queries/aws_eks_cluster_3.yaml.bak new file mode 100755 index 000000000..47b52b472 --- /dev/null +++ b/queries/aws_eks_cluster_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_eks_cluster_3 +Title: "Find AWS EKS Cluster Configurations and Statuses" +Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + i ->> 'Enabled' as enabled, + i ->> 'Types' as types + from + aws_eks_cluster, + jsonb_array_elements(logging -> 'ClusterLogging') as i + where + i ->> 'Enabled' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Kubernetes Service diff --git a/queries/aws_eks_cluster_4.yaml b/queries/aws_eks_cluster_4.yaml index 074199b30..93b20a088 100755 --- a/queries/aws_eks_cluster_4.yaml +++ b/queries/aws_eks_cluster_4.yaml @@ -1,7 +1,7 @@ ID: aws_eks_cluster_4 Title: "Find AWS EKS Cluster Configurations and Statuses" Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_cluster_4.yaml.bak b/queries/aws_eks_cluster_4.yaml.bak new file mode 100755 index 000000000..074199b30 --- /dev/null +++ b/queries/aws_eks_cluster_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_eks_cluster_4 +Title: "Find AWS EKS Cluster Configurations and Statuses" +Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + version + from + aws_eks_cluster + where + version <> '1.19'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Kubernetes Service diff --git a/queries/aws_eks_fargate_profile_1.yaml b/queries/aws_eks_fargate_profile_1.yaml index 02413841b..59767ba08 100755 --- a/queries/aws_eks_fargate_profile_1.yaml +++ b/queries/aws_eks_fargate_profile_1.yaml @@ -1,7 +1,7 @@ ID: aws_eks_fargate_profile_1 Title: "List all AWS EKS Fargate Profiles and their Details" Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_fargate_profile_1.yaml.bak b/queries/aws_eks_fargate_profile_1.yaml.bak new file mode 100755 index 000000000..59767ba08 --- /dev/null +++ b/queries/aws_eks_fargate_profile_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_eks_fargate_profile_1 +Title: "List all AWS EKS Fargate Profiles and their Details" +Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + fargate_profile_name, + fargate_profile_arn, + cluster_name, + created_at, + status, + tags + from + aws_eks_fargate_profile; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EKS diff --git a/queries/aws_eks_fargate_profile_1.yaml.bak.bak b/queries/aws_eks_fargate_profile_1.yaml.bak.bak new file mode 100755 index 000000000..59767ba08 --- /dev/null +++ b/queries/aws_eks_fargate_profile_1.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_eks_fargate_profile_1 +Title: "List all AWS EKS Fargate Profiles and their Details" +Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + fargate_profile_name, + fargate_profile_arn, + cluster_name, + created_at, + status, + tags + from + aws_eks_fargate_profile; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EKS diff --git a/queries/aws_eks_fargate_profile_2.yaml b/queries/aws_eks_fargate_profile_2.yaml index fbd91a5e2..63f76f25b 100755 --- a/queries/aws_eks_fargate_profile_2.yaml +++ b/queries/aws_eks_fargate_profile_2.yaml @@ -1,7 +1,7 @@ ID: aws_eks_fargate_profile_2 Title: "List all AWS EKS Fargate Profiles by name, ARN, and status" Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_fargate_profile_2.yaml.bak b/queries/aws_eks_fargate_profile_2.yaml.bak new file mode 100755 index 000000000..fbd91a5e2 --- /dev/null +++ b/queries/aws_eks_fargate_profile_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_eks_fargate_profile_2 +Title: "List all AWS EKS Fargate Profiles by name, ARN, and status" +Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + fargate_profile_name, + fargate_profile_arn, + cluster_name, + created_at, + status + from + aws_eks_fargate_profile + where + status <> 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EKS diff --git a/queries/aws_eks_fargate_profile_3.yaml b/queries/aws_eks_fargate_profile_3.yaml index b38aa06ff..68889a7cb 100755 --- a/queries/aws_eks_fargate_profile_3.yaml +++ b/queries/aws_eks_fargate_profile_3.yaml @@ -1,7 +1,7 @@ ID: aws_eks_fargate_profile_3 Title: "Find AWS EKS Fargate Profile Details with SQL" Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_fargate_profile_3.yaml.bak b/queries/aws_eks_fargate_profile_3.yaml.bak new file mode 100755 index 000000000..b38aa06ff --- /dev/null +++ b/queries/aws_eks_fargate_profile_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_eks_fargate_profile_3 +Title: "Find AWS EKS Fargate Profile Details with SQL" +Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + f.fargate_profile_name, + f.cluster_name, + f.status as fargate_profile_status, + s.availability_zone, + s.available_ip_address_count, + s.cidr_block, + s.vpc_id + from + aws_eks_fargate_profile as f, + aws_vpc_subnet as s, + jsonb_array_elements(f.subnets) as subnet_id + where + s.subnet_id = subnet_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EKS diff --git a/queries/aws_eks_fargate_profile_4.yaml b/queries/aws_eks_fargate_profile_4.yaml index e9f01938c..b5717b202 100755 --- a/queries/aws_eks_fargate_profile_4.yaml +++ b/queries/aws_eks_fargate_profile_4.yaml @@ -1,7 +1,7 @@ ID: aws_eks_fargate_profile_4 Title: "List AWS EKS Fargate Profiles with Details" Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_fargate_profile_4.yaml.bak b/queries/aws_eks_fargate_profile_4.yaml.bak new file mode 100755 index 000000000..e9f01938c --- /dev/null +++ b/queries/aws_eks_fargate_profile_4.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_eks_fargate_profile_4 +Title: "List AWS EKS Fargate Profiles with Details" +Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + c.name as cluster_name, + c.arn as cluster_arn, + c.version as cluster_version, + f.fargate_profile_name as fargate_profile_name, + f.fargate_profile_arn as fargate_profile_arn, + f.created_at as created_at, + f.pod_execution_role_arn as pod_execution_role_arn, + f.status as fargate_profile_status + from + aws_eks_fargate_profile as f, + aws_eks_cluster as c + where + c.version::float > 1.19 and f.cluster_name = c.name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EKS diff --git a/queries/aws_eks_identity_provider_config_1.yaml b/queries/aws_eks_identity_provider_config_1.yaml index 8d08d7345..86474f864 100755 --- a/queries/aws_eks_identity_provider_config_1.yaml +++ b/queries/aws_eks_identity_provider_config_1.yaml @@ -1,7 +1,7 @@ ID: aws_eks_identity_provider_config_1 Title: "Find Amazon EKS Identity Providers' Configurations" Description: "Allows users to query Amazon EKS Identity Provider Configurations for detailed information about the identity provider configurations for Amazon EKS clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_identity_provider_config_1.yaml.bak b/queries/aws_eks_identity_provider_config_1.yaml.bak new file mode 100755 index 000000000..8d08d7345 --- /dev/null +++ b/queries/aws_eks_identity_provider_config_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_eks_identity_provider_config_1 +Title: "Find Amazon EKS Identity Providers' Configurations" +Description: "Allows users to query Amazon EKS Identity Provider Configurations for detailed information about the identity provider configurations for Amazon EKS clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + cluster_name, + tags, + status + from + aws_eks_identity_provider_config; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EKS diff --git a/queries/aws_eks_identity_provider_config_2.yaml b/queries/aws_eks_identity_provider_config_2.yaml index 34beda465..dc6fb0005 100755 --- a/queries/aws_eks_identity_provider_config_2.yaml +++ b/queries/aws_eks_identity_provider_config_2.yaml @@ -1,7 +1,7 @@ ID: aws_eks_identity_provider_config_2 Title: "Find all Amazon EKS Identity Provider Configurations" Description: "Allows users to query Amazon EKS Identity Provider Configurations for detailed information about the identity provider configurations for Amazon EKS clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_identity_provider_config_2.yaml.bak b/queries/aws_eks_identity_provider_config_2.yaml.bak new file mode 100755 index 000000000..34beda465 --- /dev/null +++ b/queries/aws_eks_identity_provider_config_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_eks_identity_provider_config_2 +Title: "Find all Amazon EKS Identity Provider Configurations" +Description: "Allows users to query Amazon EKS Identity Provider Configurations for detailed information about the identity provider configurations for Amazon EKS clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + cluster_name, + type + from + aws_eks_identity_provider_config + where + type = 'oidc'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon EKS diff --git a/queries/aws_eks_node_group_1.yaml b/queries/aws_eks_node_group_1.yaml index 6fa0e73a1..6902e52fb 100755 --- a/queries/aws_eks_node_group_1.yaml +++ b/queries/aws_eks_node_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_eks_node_group_1 Title: "List all node groups in AWS EKS clusters using SQL" Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_node_group_1.yaml.bak b/queries/aws_eks_node_group_1.yaml.bak new file mode 100755 index 000000000..6fa0e73a1 --- /dev/null +++ b/queries/aws_eks_node_group_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_eks_node_group_1 +Title: "List all node groups in AWS EKS clusters using SQL" +Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + nodegroup_name, + arn, + created_at, + cluster_name, + status + from + aws_eks_node_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EKS diff --git a/queries/aws_eks_node_group_2.yaml b/queries/aws_eks_node_group_2.yaml index 687ab61fe..a296a3bf1 100755 --- a/queries/aws_eks_node_group_2.yaml +++ b/queries/aws_eks_node_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_eks_node_group_2 Title: "List all AWS EKS Node Group data within a cluster" Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_node_group_2.yaml.bak b/queries/aws_eks_node_group_2.yaml.bak new file mode 100755 index 000000000..687ab61fe --- /dev/null +++ b/queries/aws_eks_node_group_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_eks_node_group_2 +Title: "List all AWS EKS Node Group data within a cluster" +Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + nodegroup_name, + arn, + created_at, + cluster_name, + status + from + aws_eks_node_group + where + status <> 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Kubernetes Service (EKS) diff --git a/queries/aws_eks_node_group_3.yaml b/queries/aws_eks_node_group_3.yaml index 7acfdb753..3a720e508 100755 --- a/queries/aws_eks_node_group_3.yaml +++ b/queries/aws_eks_node_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_eks_node_group_3 Title: "List all AWS EKS Node Groups with Health Information" Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_node_group_3.yaml.bak b/queries/aws_eks_node_group_3.yaml.bak new file mode 100755 index 000000000..7acfdb753 --- /dev/null +++ b/queries/aws_eks_node_group_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_eks_node_group_3 +Title: "List all AWS EKS Node Groups with Health Information" +Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + nodegroup_name, + cluster_name, + jsonb_pretty(health) as health + from + aws_eks_node_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Kubernetes Service diff --git a/queries/aws_eks_node_group_4.yaml b/queries/aws_eks_node_group_4.yaml index c5ba6fb55..290689e87 100755 --- a/queries/aws_eks_node_group_4.yaml +++ b/queries/aws_eks_node_group_4.yaml @@ -1,7 +1,7 @@ ID: aws_eks_node_group_4 Title: "List all AWS EKS Node Groups with Template Info" Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eks_node_group_4.yaml.bak b/queries/aws_eks_node_group_4.yaml.bak new file mode 100755 index 000000000..c5ba6fb55 --- /dev/null +++ b/queries/aws_eks_node_group_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_eks_node_group_4 +Title: "List all AWS EKS Node Groups with Template Info" +Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + nodegroup_name, + cluster_name, + jsonb_pretty(launch_template) as launch_template + from + aws_eks_node_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EKS diff --git a/queries/aws_elastic_beanstalk_application_1.yaml b/queries/aws_elastic_beanstalk_application_1.yaml index 4147273c3..4cdc01fe3 100755 --- a/queries/aws_elastic_beanstalk_application_1.yaml +++ b/queries/aws_elastic_beanstalk_application_1.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_application_1 Title: "Find AWS Elastic Beanstalk Application Details" Description: "Allows users to query AWS Elastic Beanstalk Applications to obtain details about their configurations, versions, environment, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_application_1.yaml.bak b/queries/aws_elastic_beanstalk_application_1.yaml.bak new file mode 100755 index 000000000..4147273c3 --- /dev/null +++ b/queries/aws_elastic_beanstalk_application_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_elastic_beanstalk_application_1 +Title: "Find AWS Elastic Beanstalk Application Details" +Description: "Allows users to query AWS Elastic Beanstalk Applications to obtain details about their configurations, versions, environment, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + description, + date_created, + date_updated, + versions + from + aws_elastic_beanstalk_application; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_2.yaml b/queries/aws_elastic_beanstalk_application_2.yaml index 90a7d55c7..fda4b1815 100755 --- a/queries/aws_elastic_beanstalk_application_2.yaml +++ b/queries/aws_elastic_beanstalk_application_2.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_application_2 Title: "List all AWS Elastic Beanstalk Application Configurations" Description: "Allows users to query AWS Elastic Beanstalk Applications to obtain details about their configurations, versions, environment, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_application_2.yaml.bak b/queries/aws_elastic_beanstalk_application_2.yaml.bak new file mode 100755 index 000000000..90a7d55c7 --- /dev/null +++ b/queries/aws_elastic_beanstalk_application_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_elastic_beanstalk_application_2 +Title: "List all AWS Elastic Beanstalk Application Configurations" +Description: "Allows users to query AWS Elastic Beanstalk Applications to obtain details about their configurations, versions, environment, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + resource_lifecycle_config ->> 'ServiceRole' as role, + resource_lifecycle_config -> 'VersionLifecycleConfig' ->> 'MaxAgeRule' as max_age_rule, + resource_lifecycle_config -> 'VersionLifecycleConfig' ->> 'MaxCountRule' as max_count_rule + from + aws_elastic_beanstalk_application; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_version_1.yaml b/queries/aws_elastic_beanstalk_application_version_1.yaml index 4c1f45984..c6755aa40 100755 --- a/queries/aws_elastic_beanstalk_application_version_1.yaml +++ b/queries/aws_elastic_beanstalk_application_version_1.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_application_version_1 Title: "Find Elastic Beanstalk Application Versions Details" Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_application_version_1.yaml.bak b/queries/aws_elastic_beanstalk_application_version_1.yaml.bak new file mode 100755 index 000000000..4c1f45984 --- /dev/null +++ b/queries/aws_elastic_beanstalk_application_version_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_elastic_beanstalk_application_version_1 +Title: "Find Elastic Beanstalk Application Versions Details" +Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + application_name, + application_version_arn, + version_label, + description, + date_created, + date_updated, + source_bundle + from + aws_elastic_beanstalk_application_version; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_version_2.yaml b/queries/aws_elastic_beanstalk_application_version_2.yaml index d9ce415cc..273186ebf 100755 --- a/queries/aws_elastic_beanstalk_application_version_2.yaml +++ b/queries/aws_elastic_beanstalk_application_version_2.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_application_version_2 Title: "List all details of AWS Elastic Beanstalk Versions" Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_application_version_2.yaml.bak b/queries/aws_elastic_beanstalk_application_version_2.yaml.bak new file mode 100755 index 000000000..d9ce415cc --- /dev/null +++ b/queries/aws_elastic_beanstalk_application_version_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_elastic_beanstalk_application_version_2 +Title: "List all details of AWS Elastic Beanstalk Versions" +Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + application_name, + application_version_arn, + version_label, + date_updated + from + aws_elastic_beanstalk_application_version + order by + date_updated desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_version_3.yaml b/queries/aws_elastic_beanstalk_application_version_3.yaml index af14a3e9e..bd5f5d981 100755 --- a/queries/aws_elastic_beanstalk_application_version_3.yaml +++ b/queries/aws_elastic_beanstalk_application_version_3.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_application_version_3 Title: "List AWS Elastic Beanstalk Application Versions Details" Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_application_version_3.yaml.bak b/queries/aws_elastic_beanstalk_application_version_3.yaml.bak new file mode 100755 index 000000000..af14a3e9e --- /dev/null +++ b/queries/aws_elastic_beanstalk_application_version_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_elastic_beanstalk_application_version_3 +Title: "List AWS Elastic Beanstalk Application Versions Details" +Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + application_name, + application_version_arn, + version_label, + status + from + aws_elastic_beanstalk_application_version + where + status = 'Processed'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_version_4.yaml b/queries/aws_elastic_beanstalk_application_version_4.yaml index d6d0261c8..867da1946 100755 --- a/queries/aws_elastic_beanstalk_application_version_4.yaml +++ b/queries/aws_elastic_beanstalk_application_version_4.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_application_version_4 Title: "List all AWS Elastic Beanstalk App Version Details" Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_application_version_4.yaml.bak b/queries/aws_elastic_beanstalk_application_version_4.yaml.bak new file mode 100755 index 000000000..d6d0261c8 --- /dev/null +++ b/queries/aws_elastic_beanstalk_application_version_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_elastic_beanstalk_application_version_4 +Title: "List all AWS Elastic Beanstalk App Version Details" +Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + application_name, + application_version_arn, + version_label, + description, + date_created, + date_updated, + source_bundle + from + aws_elastic_beanstalk_application_version + where + application_name = 'my-application'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_version_5.yaml b/queries/aws_elastic_beanstalk_application_version_5.yaml index 2547ee7be..425e041c0 100755 --- a/queries/aws_elastic_beanstalk_application_version_5.yaml +++ b/queries/aws_elastic_beanstalk_application_version_5.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_application_version_5 Title: "Find Elastic Beanstalk App Version Details and Metadata" Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_application_version_5.yaml.bak b/queries/aws_elastic_beanstalk_application_version_5.yaml.bak new file mode 100755 index 000000000..2547ee7be --- /dev/null +++ b/queries/aws_elastic_beanstalk_application_version_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_elastic_beanstalk_application_version_5 +Title: "Find Elastic Beanstalk App Version Details and Metadata" +Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + application_name, + application_version_arn, + version_label, + tags + from + aws_elastic_beanstalk_application_version + where + tags ->> 'Environment' = 'Production'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_version_6.yaml b/queries/aws_elastic_beanstalk_application_version_6.yaml index 9d5a54b2c..8e114bdb1 100755 --- a/queries/aws_elastic_beanstalk_application_version_6.yaml +++ b/queries/aws_elastic_beanstalk_application_version_6.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_application_version_6 Title: "List all AWS Elastic Beanstalk Application Versions Details" Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_application_version_6.yaml.bak b/queries/aws_elastic_beanstalk_application_version_6.yaml.bak new file mode 100755 index 000000000..9d5a54b2c --- /dev/null +++ b/queries/aws_elastic_beanstalk_application_version_6.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_elastic_beanstalk_application_version_6 +Title: "List all AWS Elastic Beanstalk Application Versions Details" +Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + application_name, + application_version_arn, + version_label + from + aws_elastic_beanstalk_application_version + where + source_build_information ->> 'SourceRepository' = 'CodeCommit'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_1.yaml b/queries/aws_elastic_beanstalk_environment_1.yaml index 8733b2614..9372a6b36 100755 --- a/queries/aws_elastic_beanstalk_environment_1.yaml +++ b/queries/aws_elastic_beanstalk_environment_1.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_environment_1 Title: "List all AWS Elastic Beanstalk Environment Details" Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_environment_1.yaml.bak b/queries/aws_elastic_beanstalk_environment_1.yaml.bak new file mode 100755 index 000000000..8733b2614 --- /dev/null +++ b/queries/aws_elastic_beanstalk_environment_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_elastic_beanstalk_environment_1 +Title: "List all AWS Elastic Beanstalk Environment Details" +Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + environment_id, + environment_name, + application_name, + arn, + tier + from + aws_elastic_beanstalk_environment; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_2.yaml b/queries/aws_elastic_beanstalk_environment_2.yaml index d1f94a520..1626eb648 100755 --- a/queries/aws_elastic_beanstalk_environment_2.yaml +++ b/queries/aws_elastic_beanstalk_environment_2.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_environment_2 Title: "Find AWS Elastic Beanstalk Environments and Operations" Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_environment_2.yaml.bak b/queries/aws_elastic_beanstalk_environment_2.yaml.bak new file mode 100755 index 000000000..d1f94a520 --- /dev/null +++ b/queries/aws_elastic_beanstalk_environment_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_elastic_beanstalk_environment_2 +Title: "Find AWS Elastic Beanstalk Environments and Operations" +Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + environment_name, + abortable_operation_in_progress + from + aws_elastic_beanstalk_environment + where + abortable_operation_in_progress = 'true'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_3.yaml b/queries/aws_elastic_beanstalk_environment_3.yaml index 5663573db..c8c1fe364 100755 --- a/queries/aws_elastic_beanstalk_environment_3.yaml +++ b/queries/aws_elastic_beanstalk_environment_3.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_environment_3 Title: "Find AWS Elastic Beanstalk Environments with Health Status Red" Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_environment_3.yaml.bak b/queries/aws_elastic_beanstalk_environment_3.yaml.bak new file mode 100755 index 000000000..c8c1fe364 --- /dev/null +++ b/queries/aws_elastic_beanstalk_environment_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_elastic_beanstalk_environment_3 +Title: "Find AWS Elastic Beanstalk Environments with Health Status Red" +Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + environment_name, + application_name, + environment_id, + health + from + aws_elastic_beanstalk_environment + where + health = 'Red'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_3.yaml.bak.bak b/queries/aws_elastic_beanstalk_environment_3.yaml.bak.bak new file mode 100755 index 000000000..c8c1fe364 --- /dev/null +++ b/queries/aws_elastic_beanstalk_environment_3.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_elastic_beanstalk_environment_3 +Title: "Find AWS Elastic Beanstalk Environments with Health Status Red" +Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + environment_name, + application_name, + environment_id, + health + from + aws_elastic_beanstalk_environment + where + health = 'Red'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_4.yaml b/queries/aws_elastic_beanstalk_environment_4.yaml index 598f25755..d195bc8b1 100755 --- a/queries/aws_elastic_beanstalk_environment_4.yaml +++ b/queries/aws_elastic_beanstalk_environment_4.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_environment_4 Title: "Find all AWS Elastic Beanstalk Environments' Health Status" Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_environment_4.yaml.bak b/queries/aws_elastic_beanstalk_environment_4.yaml.bak new file mode 100755 index 000000000..598f25755 --- /dev/null +++ b/queries/aws_elastic_beanstalk_environment_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_elastic_beanstalk_environment_4 +Title: "Find all AWS Elastic Beanstalk Environments' Health Status" +Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + environment_name, + health_status + from + aws_elastic_beanstalk_environment + where + health_status = 'Suspended'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_5.yaml b/queries/aws_elastic_beanstalk_environment_5.yaml index 876f9c95e..fd7fe433e 100755 --- a/queries/aws_elastic_beanstalk_environment_5.yaml +++ b/queries/aws_elastic_beanstalk_environment_5.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_environment_5 Title: "List All AWS Elastic Beanstalk Environment Configurations and Status" Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_environment_5.yaml.bak b/queries/aws_elastic_beanstalk_environment_5.yaml.bak new file mode 100755 index 000000000..876f9c95e --- /dev/null +++ b/queries/aws_elastic_beanstalk_environment_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_elastic_beanstalk_environment_5 +Title: "List All AWS Elastic Beanstalk Environment Configurations and Status" +Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + environment_name, + a ->> 'ActionDescription' as action_description, + a ->> 'ActionId' as action_id, + a ->> 'ActionType' as action_type, + a ->> 'Status' as action_status, + a ->> 'WindowStartTime' as action_window_start_time + from + aws_elastic_beanstalk_environment, + jsonb_array_elements(managed_actions) as a; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_6.yaml b/queries/aws_elastic_beanstalk_environment_6.yaml index df829dc1c..e6e307ea6 100755 --- a/queries/aws_elastic_beanstalk_environment_6.yaml +++ b/queries/aws_elastic_beanstalk_environment_6.yaml @@ -1,7 +1,7 @@ ID: aws_elastic_beanstalk_environment_6 Title: "List all AWS Elastic Beanstalk Environments with Metadata" Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elastic_beanstalk_environment_6.yaml.bak b/queries/aws_elastic_beanstalk_environment_6.yaml.bak new file mode 100755 index 000000000..df829dc1c --- /dev/null +++ b/queries/aws_elastic_beanstalk_environment_6.yaml.bak @@ -0,0 +1,37 @@ +ID: aws_elastic_beanstalk_environment_6 +Title: "List all AWS Elastic Beanstalk Environments with Metadata" +Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + environment_name, + application_name, + c ->> 'DateCreated' as date_created, + c ->> 'DateUpdated' as date_updated, + c ->> 'DeploymentStatus' as deployment_status, + c ->> 'Description' as description, + c -> 'OptionSettings' ->> 'Namespace' as option_settings_namespace, + c -> 'OptionSettings' ->> 'OptionName' as option_name, + c -> 'OptionSettings' ->> 'ResourceName' as option_resource_name, + c -> 'OptionSettings' ->> 'Value' as option_value, + c ->> 'PlatformArn' as platform_arn, + c ->> 'SolutionStackName' as solution_stack_name, + c ->> 'TemplateName' as template_name + from + aws_elastic_beanstalk_environment, + jsonb_array_elements(configuration_settings) as c; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic Beanstalk diff --git a/queries/aws_elasticache_cluster_1.yaml b/queries/aws_elasticache_cluster_1.yaml index 3912e80b3..169922aa2 100755 --- a/queries/aws_elasticache_cluster_1.yaml +++ b/queries/aws_elasticache_cluster_1.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_cluster_1 Title: "List all AWS ElastiCache Clusters with Encryption Disabled" Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_cluster_1.yaml.bak b/queries/aws_elasticache_cluster_1.yaml.bak new file mode 100755 index 000000000..3912e80b3 --- /dev/null +++ b/queries/aws_elasticache_cluster_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_elasticache_cluster_1 +Title: "List all AWS ElastiCache Clusters with Encryption Disabled" +Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + cache_node_type, + at_rest_encryption_enabled + from + aws_elasticache_cluster + where + not at_rest_encryption_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_cluster_2.yaml b/queries/aws_elasticache_cluster_2.yaml index d272c1a2a..24321495c 100755 --- a/queries/aws_elasticache_cluster_2.yaml +++ b/queries/aws_elasticache_cluster_2.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_cluster_2 Title: "Find Amazon ElastiCache Cluster Information within AWS" Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_cluster_2.yaml.bak b/queries/aws_elasticache_cluster_2.yaml.bak new file mode 100755 index 000000000..24321495c --- /dev/null +++ b/queries/aws_elasticache_cluster_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_elasticache_cluster_2 +Title: "Find Amazon ElastiCache Cluster Information within AWS" +Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + preferred_availability_zone + from + aws_elasticache_cluster + where + preferred_availability_zone <> 'Multiple'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon ElastiCache diff --git a/queries/aws_elasticache_cluster_2.yaml.bak.bak b/queries/aws_elasticache_cluster_2.yaml.bak.bak new file mode 100755 index 000000000..24321495c --- /dev/null +++ b/queries/aws_elasticache_cluster_2.yaml.bak.bak @@ -0,0 +1,25 @@ +ID: aws_elasticache_cluster_2 +Title: "Find Amazon ElastiCache Cluster Information within AWS" +Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + preferred_availability_zone + from + aws_elasticache_cluster + where + preferred_availability_zone <> 'Multiple'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon ElastiCache diff --git a/queries/aws_elasticache_cluster_3.yaml b/queries/aws_elasticache_cluster_3.yaml index 1ebd1d0e7..0868121cf 100755 --- a/queries/aws_elasticache_cluster_3.yaml +++ b/queries/aws_elasticache_cluster_3.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_cluster_3 Title: "Query Amazon ElastiCache Cluster Data with SQL" Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_cluster_3.yaml.bak b/queries/aws_elasticache_cluster_3.yaml.bak new file mode 100755 index 000000000..1ebd1d0e7 --- /dev/null +++ b/queries/aws_elasticache_cluster_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_elasticache_cluster_3 +Title: "Query Amazon ElastiCache Cluster Data with SQL" +Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + cache_node_type, + transit_encryption_enabled + from + aws_elasticache_cluster + where + not transit_encryption_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon ElastiCache diff --git a/queries/aws_elasticache_cluster_4.yaml b/queries/aws_elasticache_cluster_4.yaml index 7ee1b867a..3dcd60f16 100755 --- a/queries/aws_elasticache_cluster_4.yaml +++ b/queries/aws_elasticache_cluster_4.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_cluster_4 Title: "List all Amazon ElastiCache Cluster data in AWS account" Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_cluster_4.yaml.bak b/queries/aws_elasticache_cluster_4.yaml.bak new file mode 100755 index 000000000..7ee1b867a --- /dev/null +++ b/queries/aws_elasticache_cluster_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_elasticache_cluster_4 +Title: "List all Amazon ElastiCache Cluster data in AWS account" +Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_node_type, + count(*) as count + from + aws_elasticache_cluster + where + cache_node_type not in ('cache.m5.large', 'cache.m4.4xlarge') + group by + cache_node_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon ElastiCache diff --git a/queries/aws_elasticache_cluster_5.yaml b/queries/aws_elasticache_cluster_5.yaml index e1278a745..e3f42ed5a 100755 --- a/queries/aws_elasticache_cluster_5.yaml +++ b/queries/aws_elasticache_cluster_5.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_cluster_5 Title: "Find Inactive Amazon ElastiCache Clusters" Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_cluster_5.yaml.bak b/queries/aws_elasticache_cluster_5.yaml.bak new file mode 100755 index 000000000..e1278a745 --- /dev/null +++ b/queries/aws_elasticache_cluster_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_elasticache_cluster_5 +Title: "Find Inactive Amazon ElastiCache Clusters" +Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + cache_cluster_status, + notification_configuration ->> 'TopicArn' as topic_arn, + notification_configuration ->> 'TopicStatus' as topic_status + from + aws_elasticache_cluster + where + notification_configuration ->> 'TopicStatus' = 'inactive'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon ElastiCache diff --git a/queries/aws_elasticache_cluster_6.yaml b/queries/aws_elasticache_cluster_6.yaml index 1718ccffa..d799088f0 100755 --- a/queries/aws_elasticache_cluster_6.yaml +++ b/queries/aws_elasticache_cluster_6.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_cluster_6 Title: "List All Amazon ElastiCache Clusters with Security Details" Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_cluster_6.yaml.bak b/queries/aws_elasticache_cluster_6.yaml.bak new file mode 100755 index 000000000..1718ccffa --- /dev/null +++ b/queries/aws_elasticache_cluster_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_elasticache_cluster_6 +Title: "List All Amazon ElastiCache Clusters with Security Details" +Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + sg ->> 'SecurityGroupId' as security_group_id, + sg ->> 'Status' as status + from + aws_elasticache_cluster, + jsonb_array_elements(security_groups) as sg; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_cluster_7.yaml b/queries/aws_elasticache_cluster_7.yaml index fca001e56..89c766db3 100755 --- a/queries/aws_elasticache_cluster_7.yaml +++ b/queries/aws_elasticache_cluster_7.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_cluster_7 Title: "List all information about each ElastiCache Cluster" Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_cluster_7.yaml.bak b/queries/aws_elasticache_cluster_7.yaml.bak new file mode 100755 index 000000000..fca001e56 --- /dev/null +++ b/queries/aws_elasticache_cluster_7.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_elasticache_cluster_7 +Title: "List all information about each ElastiCache Cluster" +Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + cache_node_type, + cache_cluster_status, + snapshot_retention_limit + from + aws_elasticache_cluster + where + snapshot_retention_limit is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_parameter_group_1.yaml b/queries/aws_elasticache_parameter_group_1.yaml index b4000579d..88abd4966 100755 --- a/queries/aws_elasticache_parameter_group_1.yaml +++ b/queries/aws_elasticache_parameter_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_parameter_group_1 Title: "Find AWS Elasticache Parameter Groups configurations" Description: "Allows users to query AWS Elasticache Parameter Groups, providing detailed information about each group''s configurations, parameters, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_parameter_group_1.yaml.bak b/queries/aws_elasticache_parameter_group_1.yaml.bak new file mode 100755 index 000000000..b4000579d --- /dev/null +++ b/queries/aws_elasticache_parameter_group_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_elasticache_parameter_group_1 +Title: "Find AWS Elasticache Parameter Groups configurations" +Description: "Allows users to query AWS Elasticache Parameter Groups, providing detailed information about each group''s configurations, parameters, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_parameter_group_name, + description, + cache_parameter_group_family, + description, + is_global + from + aws_elasticache_parameter_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elasticache diff --git a/queries/aws_elasticache_parameter_group_2.yaml b/queries/aws_elasticache_parameter_group_2.yaml index f9e71e680..6b16a5fe7 100755 --- a/queries/aws_elasticache_parameter_group_2.yaml +++ b/queries/aws_elasticache_parameter_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_parameter_group_2 Title: "Find AWS Elasticache Parameter Groups and Configurations" Description: "Allows users to query AWS Elasticache Parameter Groups, providing detailed information about each group''s configurations, parameters, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_parameter_group_2.yaml.bak b/queries/aws_elasticache_parameter_group_2.yaml.bak new file mode 100755 index 000000000..f9e71e680 --- /dev/null +++ b/queries/aws_elasticache_parameter_group_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_elasticache_parameter_group_2 +Title: "Find AWS Elasticache Parameter Groups and Configurations" +Description: "Allows users to query AWS Elasticache Parameter Groups, providing detailed information about each group''s configurations, parameters, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_parameter_group_family, + count(*) as count + from + aws_elasticache_parameter_group + where + cache_parameter_group_family not in ('redis5.0', 'memcached1.5') + group by + cache_parameter_group_family; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elasticache diff --git a/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml b/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml index 9f69149fc..18470e9e9 100755 --- a/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml +++ b/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_cache_hits_hourly_1 Title: "List All AWS ElastiCache Redis Cache Hits Hourly" Description: "Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml.bak b/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml.bak new file mode 100755 index 000000000..9f69149fc --- /dev/null +++ b/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_elasticache_redis_metric_cache_hits_hourly_1 +Title: "List All AWS ElastiCache Redis Cache Hits Hourly" +Description: "Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_elasticache_redis_metric_cache_hits_hourly + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml b/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml index 8bbc922c6..334546f3a 100755 --- a/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml +++ b/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_cache_hits_hourly_2 Title: "List All Amazon ElastiCache Redis Hourly Cache Hits" Description: "Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml.bak b/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml.bak new file mode 100755 index 000000000..8bbc922c6 --- /dev/null +++ b/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_elasticache_redis_metric_cache_hits_hourly_2 +Title: "List All Amazon ElastiCache Redis Hourly Cache Hits" +Description: "Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + round(sum::numeric,2) as sum_cachehits, + round(average::numeric,2) as average_cachehits, + sample_count + from + aws_elasticache_redis_metric_cache_hits_hourly + where sum < 10 + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon ElastiCache diff --git a/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml b/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml index 03e5ee65d..76997403a 100755 --- a/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml +++ b/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_cache_hits_hourly_3 Title: "Find hourly Amazon ElastiCache Redis Cache Hits" Description: "Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml.bak b/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml.bak new file mode 100755 index 000000000..03e5ee65d --- /dev/null +++ b/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_elasticache_redis_metric_cache_hits_hourly_3 +Title: "Find hourly Amazon ElastiCache Redis Cache Hits" +Description: "Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + round(minimum::numeric,2) as min_cachehits, + round(maximum::numeric,2) as max_cachehits, + round(average::numeric,2) as avg_cachehits, + sample_count + from + aws_elasticache_redis_metric_cache_hits_hourly + where average < 100 + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml b/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml index 35fe9407e..7dae977c0 100755 --- a/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml +++ b/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_curr_connections_hourly_1 Title: "List all Redis current connections metrics hourly" Description: "Allows users to query ElastiCache Redis current connections metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml.bak b/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml.bak new file mode 100755 index 000000000..35fe9407e --- /dev/null +++ b/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_elasticache_redis_metric_curr_connections_hourly_1 +Title: "List all Redis current connections metrics hourly" +Description: "Allows users to query ElastiCache Redis current connections metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_elasticache_redis_metric_curr_connections_hourly + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml b/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml index e7e27148f..766f833cd 100755 --- a/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml +++ b/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_curr_connections_hourly_2 Title: "Find ElastiCache Redis Current Hourly Connections" Description: "Allows users to query ElastiCache Redis current connections metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml.bak b/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml.bak new file mode 100755 index 000000000..e7e27148f --- /dev/null +++ b/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_elasticache_redis_metric_curr_connections_hourly_2 +Title: "Find ElastiCache Redis Current Hourly Connections" +Description: "Allows users to query ElastiCache Redis current connections metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + round(minimum::numeric,2) as min_currconnections, + round(maximum::numeric,2) as max_currconnections, + round(average::numeric,2) as avg_currconnections, + sample_count + from + aws_elasticache_redis_metric_curr_connections_hourly + where average > 100 + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml index 06b8eff18..843c9ad0b 100755 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_engine_cpu_utilization_daily_1 Title: "List all AWS ElastiCache Redis Engine CPU Utilization Metrics" Description: "Allows users to query ElastiCache Redis Metrics and provides daily statistics for Engine CPU Utilization." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml.bak new file mode 100755 index 000000000..06b8eff18 --- /dev/null +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_elasticache_redis_metric_engine_cpu_utilization_daily_1 +Title: "List all AWS ElastiCache Redis Engine CPU Utilization Metrics" +Description: "Allows users to query ElastiCache Redis Metrics and provides daily statistics for Engine CPU Utilization." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_elasticache_redis_metric_engine_cpu_utilization_daily + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml index 602133967..60e2b1482 100755 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_engine_cpu_utilization_daily_2 Title: "Find ElastiCache Redis CPU Utilization Metrics Daily" Description: "Allows users to query ElastiCache Redis Metrics and provides daily statistics for Engine CPU Utilization." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml.bak new file mode 100755 index 000000000..602133967 --- /dev/null +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_elasticache_redis_metric_engine_cpu_utilization_daily_2 +Title: "Find ElastiCache Redis CPU Utilization Metrics Daily" +Description: "Allows users to query ElastiCache Redis Metrics and provides daily statistics for Engine CPU Utilization." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_elasticache_redis_metric_engine_cpu_utilization_daily + where average > 80 + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml index 40a95c246..9095ec823 100755 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_engine_cpu_utilization_daily_3 Title: "List All AWS ElastiCache Redis Engine CPU Utilization Daily" Description: "Allows users to query ElastiCache Redis Metrics and provides daily statistics for Engine CPU Utilization." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml.bak new file mode 100755 index 000000000..40a95c246 --- /dev/null +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_elasticache_redis_metric_engine_cpu_utilization_daily_3 +Title: "List All AWS ElastiCache Redis Engine CPU Utilization Daily" +Description: "Allows users to query ElastiCache Redis Metrics and provides daily statistics for Engine CPU Utilization." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_elasticache_redis_metric_engine_cpu_utilization_daily + where average < 2 + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml index 8ff097a25..6c792738a 100755 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1 Title: "List hourly CPU utilization metrics for ElastiCache Redis" Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml.bak new file mode 100755 index 000000000..8ff097a25 --- /dev/null +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1 +Title: "List hourly CPU utilization metrics for ElastiCache Redis" +Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_elasticache_redis_metric_engine_cpu_utilization_hourly + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml index 4637dd61d..f434919b2 100755 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2 Title: "List All Hourly CPU Utilization Metrics for AWS ElastiCache Redis" Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak new file mode 100755 index 000000000..f434919b2 --- /dev/null +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2 +Title: "List All Hourly CPU Utilization Metrics for AWS ElastiCache Redis" +Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_elasticache_redis_metric_engine_cpu_utilization_hourly + where average > 80 + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak.bak new file mode 100755 index 000000000..f434919b2 --- /dev/null +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak.bak @@ -0,0 +1,33 @@ +ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2 +Title: "List All Hourly CPU Utilization Metrics for AWS ElastiCache Redis" +Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_elasticache_redis_metric_engine_cpu_utilization_hourly + where average > 80 + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml index 7fba6234a..fcb0e50c3 100755 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3 Title: "List all hourly CPU utilization metrics for ElastiCache Redis" Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml.bak new file mode 100755 index 000000000..7fba6234a --- /dev/null +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3 +Title: "List all hourly CPU utilization metrics for ElastiCache Redis" +Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_elasticache_redis_metric_engine_cpu_utilization_hourly + where average < 2 + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml index a4a2ad13e..75b311f63 100755 --- a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml +++ b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_get_type_cmds_hourly_1 Title: "List all ElastiCache Redis Metrics on GET Commands Hourly" Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis. This includes information on GET type commands executed in the selected ElastiCache Redis cluster during the last hour." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml.bak b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml.bak new file mode 100755 index 000000000..a4a2ad13e --- /dev/null +++ b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_elasticache_redis_metric_get_type_cmds_hourly_1 +Title: "List all ElastiCache Redis Metrics on GET Commands Hourly" +Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis. This includes information on GET type commands executed in the selected ElastiCache Redis cluster during the last hour." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_elasticache_redis_metric_get_type_cmds_hourly + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml index 3e198c4fb..219a64524 100755 --- a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml +++ b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_get_type_cmds_hourly_2 Title: "List ElastiCache Redis GET Commands Executed Hourly" Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis. This includes information on GET type commands executed in the selected ElastiCache Redis cluster during the last hour." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak new file mode 100755 index 000000000..219a64524 --- /dev/null +++ b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_elasticache_redis_metric_get_type_cmds_hourly_2 +Title: "List ElastiCache Redis GET Commands Executed Hourly" +Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis. This includes information on GET type commands executed in the selected ElastiCache Redis cluster during the last hour." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + round(minimum::numeric,2) as min_gettypecmds, + round(maximum::numeric,2) as max_gettypecmds, + round(average::numeric,2) as avg_gettypecmds, + round(sum::numeric,2) as sum_gettypecmds + from + aws_elasticache_redis_metric_get_type_cmds_hourly + where sum > 100 + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak.bak b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak.bak new file mode 100755 index 000000000..219a64524 --- /dev/null +++ b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak.bak @@ -0,0 +1,31 @@ +ID: aws_elasticache_redis_metric_get_type_cmds_hourly_2 +Title: "List ElastiCache Redis GET Commands Executed Hourly" +Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis. This includes information on GET type commands executed in the selected ElastiCache Redis cluster during the last hour." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + round(minimum::numeric,2) as min_gettypecmds, + round(maximum::numeric,2) as max_gettypecmds, + round(average::numeric,2) as avg_gettypecmds, + round(sum::numeric,2) as sum_gettypecmds + from + aws_elasticache_redis_metric_get_type_cmds_hourly + where sum > 100 + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml index ecd2f95d1..d43c346ab 100755 --- a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml +++ b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_list_based_cmds_hourly_1 Title: "List All ElastiCache Redis List-Based Command Metrics" Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis, providing data on list-based commands executed in the ElastiCache Redis environment." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml.bak b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml.bak new file mode 100755 index 000000000..ecd2f95d1 --- /dev/null +++ b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_elasticache_redis_metric_list_based_cmds_hourly_1 +Title: "List All ElastiCache Redis List-Based Command Metrics" +Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis, providing data on list-based commands executed in the ElastiCache Redis environment." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + minimum, + maximum, + average, + sample_count, + sum + from + aws_elasticache_redis_metric_list_based_cmds_hourly + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml index b04383ce0..1cdccb8e6 100755 --- a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml +++ b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_list_based_cmds_hourly_2 Title: "List All Hourly AWS ElastiCache Redis List-based Metrics" Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis, providing data on list-based commands executed in the ElastiCache Redis environment." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml.bak b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml.bak new file mode 100755 index 000000000..b04383ce0 --- /dev/null +++ b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_elasticache_redis_metric_list_based_cmds_hourly_2 +Title: "List All Hourly AWS ElastiCache Redis List-based Metrics" +Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis, providing data on list-based commands executed in the ElastiCache Redis environment." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + round(minimum::numeric,2) as min_listbasedcmds, + round(maximum::numeric,2) as max_listbasedcmds, + round(average::numeric,2) as avg_listbasedcmds, + round(sum::numeric,2) as sum_listbasedcmds + from + aws_elasticache_redis_metric_list_based_cmds_hourly + where sum > 100 + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml b/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml index 006225f82..8fea25073 100755 --- a/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml +++ b/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_new_connections_hourly_1 Title: "List hourly AWS ElastiCache Redis new connection metrics" Description: "Allows users to query AWS ElastiCache Redis Metrics to get hourly data on new connections." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml.bak b/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml.bak new file mode 100755 index 000000000..006225f82 --- /dev/null +++ b/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_elasticache_redis_metric_new_connections_hourly_1 +Title: "List hourly AWS ElastiCache Redis new connection metrics" +Description: "Allows users to query AWS ElastiCache Redis Metrics to get hourly data on new connections." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + minimum, + maximum, + average + from + aws_elasticache_redis_metric_new_connections_hourly + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS ElastiCache diff --git a/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml b/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml index d7f56b5f0..9cb62a77e 100755 --- a/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml +++ b/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_redis_metric_new_connections_hourly_2 Title: "List hourly AWS ElastiCache Redis new connections" Description: "Allows users to query AWS ElastiCache Redis Metrics to get hourly data on new connections." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml.bak b/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml.bak new file mode 100755 index 000000000..d7f56b5f0 --- /dev/null +++ b/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_elasticache_redis_metric_new_connections_hourly_2 +Title: "List hourly AWS ElastiCache Redis new connections" +Description: "Allows users to query AWS ElastiCache Redis Metrics to get hourly data on new connections." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_cluster_id, + timestamp, + round(minimum::numeric,2) as min_newconnections, + round(maximum::numeric,2) as max_newconnections, + round(average::numeric,2) as avg_newconnections, + round(sum::numeric,2) as sum_newconnections + from + aws_elasticache_redis_metric_new_connections_hourly + where sum > 10 + order by + cache_cluster_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_replication_group_1.yaml b/queries/aws_elasticache_replication_group_1.yaml index 556e99955..53a34c044 100755 --- a/queries/aws_elasticache_replication_group_1.yaml +++ b/queries/aws_elasticache_replication_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_replication_group_1 Title: "List all AWS ElastiCache Replication Groups with SQL" Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_replication_group_1.yaml.bak b/queries/aws_elasticache_replication_group_1.yaml.bak new file mode 100755 index 000000000..556e99955 --- /dev/null +++ b/queries/aws_elasticache_replication_group_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_elasticache_replication_group_1 +Title: "List all AWS ElastiCache Replication Groups with SQL" +Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_group_id, + description, + cache_node_type, + cluster_enabled, + auth_token_enabled, + automatic_failover + from + aws_elasticache_replication_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_replication_group_2.yaml b/queries/aws_elasticache_replication_group_2.yaml index b87475bfb..8e23cbb0c 100755 --- a/queries/aws_elasticache_replication_group_2.yaml +++ b/queries/aws_elasticache_replication_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_replication_group_2 Title: "List AWS ElastiCache Replication Groups Configuration" Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_replication_group_2.yaml.bak b/queries/aws_elasticache_replication_group_2.yaml.bak new file mode 100755 index 000000000..8e23cbb0c --- /dev/null +++ b/queries/aws_elasticache_replication_group_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_elasticache_replication_group_2 +Title: "List AWS ElastiCache Replication Groups Configuration" +Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_group_id, + cache_node_type, + at_rest_encryption_enabled + from + aws_elasticache_replication_group + where + not at_rest_encryption_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_replication_group_2.yaml.bak.bak b/queries/aws_elasticache_replication_group_2.yaml.bak.bak new file mode 100755 index 000000000..8e23cbb0c --- /dev/null +++ b/queries/aws_elasticache_replication_group_2.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_elasticache_replication_group_2 +Title: "List AWS ElastiCache Replication Groups Configuration" +Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_group_id, + cache_node_type, + at_rest_encryption_enabled + from + aws_elasticache_replication_group + where + not at_rest_encryption_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_replication_group_3.yaml b/queries/aws_elasticache_replication_group_3.yaml index 608259323..e2215e8c9 100755 --- a/queries/aws_elasticache_replication_group_3.yaml +++ b/queries/aws_elasticache_replication_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_replication_group_3 Title: "Find AWS ElastiCache Replication Groups Configuration" Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_replication_group_3.yaml.bak b/queries/aws_elasticache_replication_group_3.yaml.bak new file mode 100755 index 000000000..608259323 --- /dev/null +++ b/queries/aws_elasticache_replication_group_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_elasticache_replication_group_3 +Title: "Find AWS ElastiCache Replication Groups Configuration" +Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_group_id, + cache_node_type, + multi_az + from + aws_elasticache_replication_group + where + multi_az = 'disabled'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_replication_group_4.yaml b/queries/aws_elasticache_replication_group_4.yaml index 0771397df..d1834eb1c 100755 --- a/queries/aws_elasticache_replication_group_4.yaml +++ b/queries/aws_elasticache_replication_group_4.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_replication_group_4 Title: "List all AWS ElastiCache Replication Groups with Config and Status" Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_replication_group_4.yaml.bak b/queries/aws_elasticache_replication_group_4.yaml.bak new file mode 100755 index 000000000..0771397df --- /dev/null +++ b/queries/aws_elasticache_replication_group_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_elasticache_replication_group_4 +Title: "List all AWS ElastiCache Replication Groups with Config and Status" +Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_group_id, + snapshot_retention_limit, + snapshot_window, + snapshotting_cluster_id + from + aws_elasticache_replication_group + where + snapshot_retention_limit < 30; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_replication_group_5.yaml b/queries/aws_elasticache_replication_group_5.yaml index b9f9e1a41..f9043ef0a 100755 --- a/queries/aws_elasticache_replication_group_5.yaml +++ b/queries/aws_elasticache_replication_group_5.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_replication_group_5 Title: "List all AWS ElastiCache Replication Groups Configurations" Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_replication_group_5.yaml.bak b/queries/aws_elasticache_replication_group_5.yaml.bak new file mode 100755 index 000000000..b9f9e1a41 --- /dev/null +++ b/queries/aws_elasticache_replication_group_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_elasticache_replication_group_5 +Title: "List all AWS ElastiCache Replication Groups Configurations" +Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_node_type, + count (*) + from + aws_elasticache_replication_group + group by + cache_node_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_replication_group_6.yaml b/queries/aws_elasticache_replication_group_6.yaml index 6f59018ce..c703c145e 100755 --- a/queries/aws_elasticache_replication_group_6.yaml +++ b/queries/aws_elasticache_replication_group_6.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_replication_group_6 Title: "Find AWS ElastiCache Replication Groups and Status" Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_replication_group_6.yaml.bak b/queries/aws_elasticache_replication_group_6.yaml.bak new file mode 100755 index 000000000..6f59018ce --- /dev/null +++ b/queries/aws_elasticache_replication_group_6.yaml.bak @@ -0,0 +1,23 @@ +ID: aws_elasticache_replication_group_6 +Title: "Find AWS ElastiCache Replication Groups and Status" +Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + replication_group_id, + jsonb_array_elements_text(member_clusters) as member_clusters + from + aws_elasticache_replication_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_reserved_cache_node_1.yaml b/queries/aws_elasticache_reserved_cache_node_1.yaml index 56b40965d..7bb548c3b 100755 --- a/queries/aws_elasticache_reserved_cache_node_1.yaml +++ b/queries/aws_elasticache_reserved_cache_node_1.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_reserved_cache_node_1 Title: "List all AWS ElastiCache Reserved Cache Nodes details" Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_reserved_cache_node_1.yaml.bak b/queries/aws_elasticache_reserved_cache_node_1.yaml.bak new file mode 100755 index 000000000..56b40965d --- /dev/null +++ b/queries/aws_elasticache_reserved_cache_node_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_elasticache_reserved_cache_node_1 +Title: "List all AWS ElastiCache Reserved Cache Nodes details" +Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_cache_node_id, + arn, + reserved_cache_nodes_offering_id, + state, + cache_node_type + from + aws_elasticache_reserved_cache_node; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_reserved_cache_node_2.yaml b/queries/aws_elasticache_reserved_cache_node_2.yaml index 347764347..2d4c03778 100755 --- a/queries/aws_elasticache_reserved_cache_node_2.yaml +++ b/queries/aws_elasticache_reserved_cache_node_2.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_reserved_cache_node_2 Title: "Find AWS ElastiCache Reserved Cache Node Details" Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_reserved_cache_node_2.yaml.bak b/queries/aws_elasticache_reserved_cache_node_2.yaml.bak new file mode 100755 index 000000000..2d4c03778 --- /dev/null +++ b/queries/aws_elasticache_reserved_cache_node_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_elasticache_reserved_cache_node_2 +Title: "Find AWS ElastiCache Reserved Cache Node Details" +Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_cache_node_id, + arn, + reserved_cache_nodes_offering_id, + state, + cache_node_type + from + aws_elasticache_reserved_cache_node + where + offering_type = 'All Upfront'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_reserved_cache_node_2.yaml.bak.bak b/queries/aws_elasticache_reserved_cache_node_2.yaml.bak.bak new file mode 100755 index 000000000..347764347 --- /dev/null +++ b/queries/aws_elasticache_reserved_cache_node_2.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_elasticache_reserved_cache_node_2 +Title: "Find AWS ElastiCache Reserved Cache Node Details" +Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_cache_node_id, + arn, + reserved_cache_nodes_offering_id, + state, + cache_node_type + from + aws_elasticache_reserved_cache_node + where + offering_type = 'All Upfront'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_reserved_cache_node_3.yaml b/queries/aws_elasticache_reserved_cache_node_3.yaml index f85a59723..85f3539a5 100755 --- a/queries/aws_elasticache_reserved_cache_node_3.yaml +++ b/queries/aws_elasticache_reserved_cache_node_3.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_reserved_cache_node_3 Title: "List AWS ElastiCache Reserved Cache Nodes with Details" Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_reserved_cache_node_3.yaml.bak b/queries/aws_elasticache_reserved_cache_node_3.yaml.bak new file mode 100755 index 000000000..f85a59723 --- /dev/null +++ b/queries/aws_elasticache_reserved_cache_node_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_elasticache_reserved_cache_node_3 +Title: "List AWS ElastiCache Reserved Cache Nodes with Details" +Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_cache_node_id, + arn, + reserved_cache_nodes_offering_id, + state, + cache_node_type + from + aws_elasticache_reserved_cache_node + order by + duration desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_reserved_cache_node_4.yaml b/queries/aws_elasticache_reserved_cache_node_4.yaml index 2ba5d58ba..82f05afe5 100755 --- a/queries/aws_elasticache_reserved_cache_node_4.yaml +++ b/queries/aws_elasticache_reserved_cache_node_4.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_reserved_cache_node_4 Title: "List all AWS ElastiCache Reserved Cache Nodes" Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_reserved_cache_node_4.yaml.bak b/queries/aws_elasticache_reserved_cache_node_4.yaml.bak new file mode 100755 index 000000000..2ba5d58ba --- /dev/null +++ b/queries/aws_elasticache_reserved_cache_node_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_elasticache_reserved_cache_node_4 +Title: "List all AWS ElastiCache Reserved Cache Nodes" +Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_cache_node_id, + arn, + reserved_cache_nodes_offering_id, + state, + cache_node_type + from + aws_elasticache_reserved_cache_node + order by + usage_price desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_reserved_cache_node_5.yaml b/queries/aws_elasticache_reserved_cache_node_5.yaml index c0e0b1f49..939bdd70c 100755 --- a/queries/aws_elasticache_reserved_cache_node_5.yaml +++ b/queries/aws_elasticache_reserved_cache_node_5.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_reserved_cache_node_5 Title: "Find AWS ElastiCache Reserved Cache Nodes Details" Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_reserved_cache_node_5.yaml.bak b/queries/aws_elasticache_reserved_cache_node_5.yaml.bak new file mode 100755 index 000000000..c0e0b1f49 --- /dev/null +++ b/queries/aws_elasticache_reserved_cache_node_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_elasticache_reserved_cache_node_5 +Title: "Find AWS ElastiCache Reserved Cache Nodes Details" +Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_cache_node_id, + arn, + reserved_cache_nodes_offering_id, + state, + cache_node_type + from + aws_elasticache_reserved_cache_node + where + state <> 'active'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_subnet_group_1.yaml b/queries/aws_elasticache_subnet_group_1.yaml index 587fd5f9e..f389b6744 100755 --- a/queries/aws_elasticache_subnet_group_1.yaml +++ b/queries/aws_elasticache_subnet_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_subnet_group_1 Title: "List all AWS ElastiCache Subnet Groups and Details" Description: "Allows users to query AWS ElastiCache Subnet Groups, providing details about each subnet group within their ElastiCache service, including the associated VPC, subnets, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_subnet_group_1.yaml.bak b/queries/aws_elasticache_subnet_group_1.yaml.bak new file mode 100755 index 000000000..587fd5f9e --- /dev/null +++ b/queries/aws_elasticache_subnet_group_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_elasticache_subnet_group_1 +Title: "List all AWS ElastiCache Subnet Groups and Details" +Description: "Allows users to query AWS ElastiCache Subnet Groups, providing details about each subnet group within their ElastiCache service, including the associated VPC, subnets, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cache_subnet_group_name, + cache_subnet_group_description, + region, + account_id + from + aws_elasticache_subnet_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_subnet_group_2.yaml b/queries/aws_elasticache_subnet_group_2.yaml index 00edb61b2..19bded756 100755 --- a/queries/aws_elasticache_subnet_group_2.yaml +++ b/queries/aws_elasticache_subnet_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_subnet_group_2 Title: "List all AWS ElastiCache Subnet Groups and Details" Description: "Allows users to query AWS ElastiCache Subnet Groups, providing details about each subnet group within their ElastiCache service, including the associated VPC, subnets, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_subnet_group_2.yaml.bak b/queries/aws_elasticache_subnet_group_2.yaml.bak new file mode 100755 index 000000000..00edb61b2 --- /dev/null +++ b/queries/aws_elasticache_subnet_group_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_elasticache_subnet_group_2 +Title: "List all AWS ElastiCache Subnet Groups and Details" +Description: "Allows users to query AWS ElastiCache Subnet Groups, providing details about each subnet group within their ElastiCache service, including the associated VPC, subnets, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_id, + sub -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, + sub ->> 'SubnetIdentifier' as subnet_identifier, + sub ->> 'SubnetOutpost' as subnet_outpost + from + aws_elasticache_subnet_group, + jsonb_array_elements(subnets) as sub; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticache_subnet_group_3.yaml b/queries/aws_elasticache_subnet_group_3.yaml index b56a415cf..6d0e88c10 100755 --- a/queries/aws_elasticache_subnet_group_3.yaml +++ b/queries/aws_elasticache_subnet_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_elasticache_subnet_group_3 Title: "Find AWS ElastiCache Subnet Groups and VPC Details" Description: "Allows users to query AWS ElastiCache Subnet Groups, providing details about each subnet group within their ElastiCache service, including the associated VPC, subnets, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticache_subnet_group_3.yaml.bak b/queries/aws_elasticache_subnet_group_3.yaml.bak new file mode 100755 index 000000000..b56a415cf --- /dev/null +++ b/queries/aws_elasticache_subnet_group_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_elasticache_subnet_group_3 +Title: "Find AWS ElastiCache Subnet Groups and VPC Details" +Description: "Allows users to query AWS ElastiCache Subnet Groups, providing details about each subnet group within their ElastiCache service, including the associated VPC, subnets, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + c.cache_cluster_id, + sg.cache_subnet_group_name, + sg.vpc_id + from + aws_elasticache_subnet_group as sg + join aws_elasticache_cluster as c on sg.cache_subnet_group_name = c.cache_subnet_group_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - ElastiCache diff --git a/queries/aws_elasticsearch_domain_1.yaml b/queries/aws_elasticsearch_domain_1.yaml index 6b04c0d64..aec0ca28e 100755 --- a/queries/aws_elasticsearch_domain_1.yaml +++ b/queries/aws_elasticsearch_domain_1.yaml @@ -1,7 +1,7 @@ ID: aws_elasticsearch_domain_1 Title: "Find all AWS Elasticsearch Service Domain details using SQL" Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticsearch_domain_1.yaml.bak b/queries/aws_elasticsearch_domain_1.yaml.bak new file mode 100755 index 000000000..6b04c0d64 --- /dev/null +++ b/queries/aws_elasticsearch_domain_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_elasticsearch_domain_1 +Title: "Find all AWS Elasticsearch Service Domain details using SQL" +Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + arn, + elasticsearch_version, + created + from + aws_elasticsearch_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_2.yaml b/queries/aws_elasticsearch_domain_2.yaml index d17c404d9..f0a26dd7e 100755 --- a/queries/aws_elasticsearch_domain_2.yaml +++ b/queries/aws_elasticsearch_domain_2.yaml @@ -1,7 +1,7 @@ ID: aws_elasticsearch_domain_2 Title: "List all AWS Elasticsearch Service Domains with Disabled Encryption" Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticsearch_domain_2.yaml.bak b/queries/aws_elasticsearch_domain_2.yaml.bak new file mode 100755 index 000000000..d17c404d9 --- /dev/null +++ b/queries/aws_elasticsearch_domain_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_elasticsearch_domain_2 +Title: "List all AWS Elasticsearch Service Domains with Disabled Encryption" +Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + encryption_at_rest_options ->> 'Enabled' as enabled, + encryption_at_rest_options ->> 'KmsKeyId' as kms_key_id + from + aws_elasticsearch_domain + where + encryption_at_rest_options ->> 'Enabled' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_3.yaml b/queries/aws_elasticsearch_domain_3.yaml index b6f580bae..c5f941374 100755 --- a/queries/aws_elasticsearch_domain_3.yaml +++ b/queries/aws_elasticsearch_domain_3.yaml @@ -1,7 +1,7 @@ ID: aws_elasticsearch_domain_3 Title: "List all AWS Elasticsearch Service Domains with Configuration" Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticsearch_domain_3.yaml.bak b/queries/aws_elasticsearch_domain_3.yaml.bak new file mode 100755 index 000000000..b6f580bae --- /dev/null +++ b/queries/aws_elasticsearch_domain_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_elasticsearch_domain_3 +Title: "List all AWS Elasticsearch Service Domains with Configuration" +Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + ebs_options ->> 'VolumeSize' as volume_size, + ebs_options ->> 'VolumeType' as volume_type, + ebs_options ->> 'EBSEnabled' as ebs_enabled + from + aws_elasticsearch_domain + where + ebs_options ->> 'EBSEnabled' = 'true'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_4.yaml b/queries/aws_elasticsearch_domain_4.yaml index 59753fe24..a77338e23 100755 --- a/queries/aws_elasticsearch_domain_4.yaml +++ b/queries/aws_elasticsearch_domain_4.yaml @@ -1,7 +1,7 @@ ID: aws_elasticsearch_domain_4 Title: "List all AWS Elasticsearch Service Domains configuration" Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticsearch_domain_4.yaml.bak b/queries/aws_elasticsearch_domain_4.yaml.bak new file mode 100755 index 000000000..59753fe24 --- /dev/null +++ b/queries/aws_elasticsearch_domain_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_elasticsearch_domain_4 +Title: "List all AWS Elasticsearch Service Domains configuration" +Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + vpc_options ->> 'AvailabilityZones' as availability_zones, + vpc_options ->> 'SecurityGroupIds' as security_group_ids, + vpc_options ->> 'SubnetIds' as subnet_ids, + vpc_options ->> 'VPCId' as vpc_id + from + aws_elasticsearch_domain + where + vpc_options ->> 'AvailabilityZones' is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_5.yaml b/queries/aws_elasticsearch_domain_5.yaml index fdc895e54..bdb92002d 100755 --- a/queries/aws_elasticsearch_domain_5.yaml +++ b/queries/aws_elasticsearch_domain_5.yaml @@ -1,7 +1,7 @@ ID: aws_elasticsearch_domain_5 Title: "Find AWS Elasticsearch Domain Configuration and Status" Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticsearch_domain_5.yaml.bak b/queries/aws_elasticsearch_domain_5.yaml.bak new file mode 100755 index 000000000..fdc895e54 --- /dev/null +++ b/queries/aws_elasticsearch_domain_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_elasticsearch_domain_5 +Title: "Find AWS Elasticsearch Domain Configuration and Status" +Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + elasticsearch_cluster_config ->> 'InstanceType' as instance_type, + elasticsearch_cluster_config ->> 'InstanceCount' as instance_count + from + aws_elasticsearch_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_6.yaml b/queries/aws_elasticsearch_domain_6.yaml index a215d0d13..db6e493e4 100755 --- a/queries/aws_elasticsearch_domain_6.yaml +++ b/queries/aws_elasticsearch_domain_6.yaml @@ -1,7 +1,7 @@ ID: aws_elasticsearch_domain_6 Title: "Find AWS Elasticsearch Service Domain Config and Status" Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticsearch_domain_6.yaml.bak b/queries/aws_elasticsearch_domain_6.yaml.bak new file mode 100755 index 000000000..a215d0d13 --- /dev/null +++ b/queries/aws_elasticsearch_domain_6.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_elasticsearch_domain_6 +Title: "Find AWS Elasticsearch Service Domain Config and Status" +Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + p as principal, + a as action, + s ->> 'Effect' as effect + from + aws_elasticsearch_domain, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a + where + p = '*' + and s ->> 'Effect' = 'Allow'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_7.yaml b/queries/aws_elasticsearch_domain_7.yaml index d079cc530..7f3d27c0c 100755 --- a/queries/aws_elasticsearch_domain_7.yaml +++ b/queries/aws_elasticsearch_domain_7.yaml @@ -1,7 +1,7 @@ ID: aws_elasticsearch_domain_7 Title: "Find AWS Elasticsearch Service Domain Details" Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticsearch_domain_7.yaml.bak b/queries/aws_elasticsearch_domain_7.yaml.bak new file mode 100755 index 000000000..d079cc530 --- /dev/null +++ b/queries/aws_elasticsearch_domain_7.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_elasticsearch_domain_7 +Title: "Find AWS Elasticsearch Service Domain Details" +Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + log_publishing_options + from + aws_elasticsearch_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_8.yaml b/queries/aws_elasticsearch_domain_8.yaml index 299d3ec09..1611490e5 100755 --- a/queries/aws_elasticsearch_domain_8.yaml +++ b/queries/aws_elasticsearch_domain_8.yaml @@ -1,7 +1,7 @@ ID: aws_elasticsearch_domain_8 Title: "Find AWS Elasticsearch Service Domain Configuration" Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_elasticsearch_domain_8.yaml.bak b/queries/aws_elasticsearch_domain_8.yaml.bak new file mode 100755 index 000000000..1611490e5 --- /dev/null +++ b/queries/aws_elasticsearch_domain_8.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_elasticsearch_domain_8 +Title: "Find AWS Elasticsearch Service Domain Configuration" +Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'Enabled' as enabled, + log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'CloudWatchLogsLogGroupArn' as cloud_watch_logs_log_group_arn + from + aws_elasticsearch_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_8.yaml.bak.bak b/queries/aws_elasticsearch_domain_8.yaml.bak.bak new file mode 100755 index 000000000..1611490e5 --- /dev/null +++ b/queries/aws_elasticsearch_domain_8.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_elasticsearch_domain_8 +Title: "Find AWS Elasticsearch Service Domain Configuration" +Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'Enabled' as enabled, + log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'CloudWatchLogsLogGroupArn' as cloud_watch_logs_log_group_arn + from + aws_elasticsearch_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Elasticsearch Service diff --git a/queries/aws_emr_block_public_access_configuration_1.yaml b/queries/aws_emr_block_public_access_configuration_1.yaml index 32aa19177..b2b76ae3d 100755 --- a/queries/aws_emr_block_public_access_configuration_1.yaml +++ b/queries/aws_emr_block_public_access_configuration_1.yaml @@ -1,7 +1,7 @@ ID: aws_emr_block_public_access_configuration_1 Title: "Find AWS EMR Block Public Access Configuration Details" Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_block_public_access_configuration_1.yaml.bak b/queries/aws_emr_block_public_access_configuration_1.yaml.bak new file mode 100755 index 000000000..b2b76ae3d --- /dev/null +++ b/queries/aws_emr_block_public_access_configuration_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_emr_block_public_access_configuration_1 +Title: "Find AWS EMR Block Public Access Configuration Details" +Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + created_by_arn, + block_public_security_group_rules, + creation_date, + classification, + permitted_public_security_group_rule_ranges + from + aws_emr_block_public_access_configuration + order by + created_by_arn, + creation_date; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_block_public_access_configuration_1.yaml.bak.bak b/queries/aws_emr_block_public_access_configuration_1.yaml.bak.bak new file mode 100755 index 000000000..b2b76ae3d --- /dev/null +++ b/queries/aws_emr_block_public_access_configuration_1.yaml.bak.bak @@ -0,0 +1,31 @@ +ID: aws_emr_block_public_access_configuration_1 +Title: "Find AWS EMR Block Public Access Configuration Details" +Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + created_by_arn, + block_public_security_group_rules, + creation_date, + classification, + permitted_public_security_group_rule_ranges + from + aws_emr_block_public_access_configuration + order by + created_by_arn, + creation_date; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_block_public_access_configuration_2.yaml b/queries/aws_emr_block_public_access_configuration_2.yaml index 8cb085f12..72d8b09c3 100755 --- a/queries/aws_emr_block_public_access_configuration_2.yaml +++ b/queries/aws_emr_block_public_access_configuration_2.yaml @@ -1,7 +1,7 @@ ID: aws_emr_block_public_access_configuration_2 Title: "List AWS EMR Block Public Access Configuration Details" Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_block_public_access_configuration_2.yaml.bak b/queries/aws_emr_block_public_access_configuration_2.yaml.bak new file mode 100755 index 000000000..8cb085f12 --- /dev/null +++ b/queries/aws_emr_block_public_access_configuration_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_emr_block_public_access_configuration_2 +Title: "List AWS EMR Block Public Access Configuration Details" +Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + created_by_arn, + creation_date + from + aws_emr_block_public_access_configuration + where + block_public_security_group_rules; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS EMR diff --git a/queries/aws_emr_block_public_access_configuration_3.yaml b/queries/aws_emr_block_public_access_configuration_3.yaml index b785834a3..b9516c9c9 100755 --- a/queries/aws_emr_block_public_access_configuration_3.yaml +++ b/queries/aws_emr_block_public_access_configuration_3.yaml @@ -1,7 +1,7 @@ ID: aws_emr_block_public_access_configuration_3 Title: "Find AWS EMR Block Public Access Configurations" Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_block_public_access_configuration_3.yaml.bak b/queries/aws_emr_block_public_access_configuration_3.yaml.bak new file mode 100755 index 000000000..b785834a3 --- /dev/null +++ b/queries/aws_emr_block_public_access_configuration_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_emr_block_public_access_configuration_3 +Title: "Find AWS EMR Block Public Access Configurations" +Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + created_by_arn, + creation_date, + rules ->> 'MaxRange' as max_range, + rules ->> 'MinRange' as min_range + from + aws_emr_block_public_access_configuration + cross join jsonb_array_elements(permitted_public_security_group_rule_ranges) as rules; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR Block Public Access Configuration diff --git a/queries/aws_emr_block_public_access_configuration_4.yaml b/queries/aws_emr_block_public_access_configuration_4.yaml index 3156dedee..fe6ca2259 100755 --- a/queries/aws_emr_block_public_access_configuration_4.yaml +++ b/queries/aws_emr_block_public_access_configuration_4.yaml @@ -1,7 +1,7 @@ ID: aws_emr_block_public_access_configuration_4 Title: "Find AWS EMR Block Public Access Configuration Details" Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_block_public_access_configuration_4.yaml.bak b/queries/aws_emr_block_public_access_configuration_4.yaml.bak new file mode 100755 index 000000000..3156dedee --- /dev/null +++ b/queries/aws_emr_block_public_access_configuration_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_emr_block_public_access_configuration_4 +Title: "Find AWS EMR Block Public Access Configuration Details" +Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + created_by_arn, + creation_date + from + aws_emr_block_public_access_configuration + where + date_part('day', now() - creation_date) < 90; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_cluster_1.yaml b/queries/aws_emr_cluster_1.yaml index b6f5ad409..f3a456112 100755 --- a/queries/aws_emr_cluster_1.yaml +++ b/queries/aws_emr_cluster_1.yaml @@ -1,7 +1,7 @@ ID: aws_emr_cluster_1 Title: "List all AWS Elastic MapReduce Cluster data" Description: "Allows users to query AWS Elastic MapReduce Cluster data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_cluster_1.yaml.bak b/queries/aws_emr_cluster_1.yaml.bak new file mode 100755 index 000000000..b6f5ad409 --- /dev/null +++ b/queries/aws_emr_cluster_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_emr_cluster_1 +Title: "List all AWS Elastic MapReduce Cluster data" +Description: "Allows users to query AWS Elastic MapReduce Cluster data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + cluster_arn, + name, + auto_terminate, + status ->> 'State' as state, + tags + from + aws_emr_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic MapReduce diff --git a/queries/aws_emr_cluster_2.yaml b/queries/aws_emr_cluster_2.yaml index 5b4f568c3..58b012c4c 100755 --- a/queries/aws_emr_cluster_2.yaml +++ b/queries/aws_emr_cluster_2.yaml @@ -1,7 +1,7 @@ ID: aws_emr_cluster_2 Title: "Find AWS EMR Clusters That Do Not Auto-Terminate" Description: "Allows users to query AWS Elastic MapReduce Cluster data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_cluster_2.yaml.bak b/queries/aws_emr_cluster_2.yaml.bak new file mode 100755 index 000000000..5b4f568c3 --- /dev/null +++ b/queries/aws_emr_cluster_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_emr_cluster_2 +Title: "Find AWS EMR Clusters That Do Not Auto-Terminate" +Description: "Allows users to query AWS Elastic MapReduce Cluster data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + cluster_arn, + auto_terminate + from + aws_emr_cluster + where + not auto_terminate; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic MapReduce diff --git a/queries/aws_emr_cluster_3.yaml b/queries/aws_emr_cluster_3.yaml index f312002d0..fafd5ef6a 100755 --- a/queries/aws_emr_cluster_3.yaml +++ b/queries/aws_emr_cluster_3.yaml @@ -1,7 +1,7 @@ ID: aws_emr_cluster_3 Title: "Find AWS Elastic MapReduce Clusters with Errors" Description: "Allows users to query AWS Elastic MapReduce Cluster data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_cluster_3.yaml.bak b/queries/aws_emr_cluster_3.yaml.bak new file mode 100755 index 000000000..f312002d0 --- /dev/null +++ b/queries/aws_emr_cluster_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_emr_cluster_3 +Title: "Find AWS Elastic MapReduce Clusters with Errors" +Description: "Allows users to query AWS Elastic MapReduce Cluster data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + status ->> 'State' as state, + status -> 'StateChangeReason' ->> 'Message' as state_change_reason + from + aws_emr_cluster + where + status ->> 'State' = 'TERMINATED_WITH_ERRORS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic MapReduce diff --git a/queries/aws_emr_cluster_4.yaml b/queries/aws_emr_cluster_4.yaml index 18f069d3d..37d68d1e0 100755 --- a/queries/aws_emr_cluster_4.yaml +++ b/queries/aws_emr_cluster_4.yaml @@ -1,7 +1,7 @@ ID: aws_emr_cluster_4 Title: "Find AWS Elastic MapReduce Cluster Data" Description: "Allows users to query AWS Elastic MapReduce Cluster data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_cluster_4.yaml.bak b/queries/aws_emr_cluster_4.yaml.bak new file mode 100755 index 000000000..18f069d3d --- /dev/null +++ b/queries/aws_emr_cluster_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_emr_cluster_4 +Title: "Find AWS Elastic MapReduce Cluster Data" +Description: "Allows users to query AWS Elastic MapReduce Cluster data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + cluster_arn, + a ->> 'Name' as application_name, + a ->> 'Version' as application_version + from + aws_emr_cluster, + jsonb_array_elements(applications) as a; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic MapReduce diff --git a/queries/aws_emr_cluster_5.yaml b/queries/aws_emr_cluster_5.yaml index 8054b6850..0d06eb86e 100755 --- a/queries/aws_emr_cluster_5.yaml +++ b/queries/aws_emr_cluster_5.yaml @@ -1,7 +1,7 @@ ID: aws_emr_cluster_5 Title: "Find AWS Elastic MapReduce Cluster Data" Description: "Allows users to query AWS Elastic MapReduce Cluster data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_cluster_5.yaml.bak b/queries/aws_emr_cluster_5.yaml.bak new file mode 100755 index 000000000..8054b6850 --- /dev/null +++ b/queries/aws_emr_cluster_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_emr_cluster_5 +Title: "Find AWS Elastic MapReduce Cluster Data" +Description: "Allows users to query AWS Elastic MapReduce Cluster data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + cluster_arn, + log_uri + from + aws_emr_cluster + where + log_uri is null + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic MapReduce diff --git a/queries/aws_emr_cluster_6.yaml b/queries/aws_emr_cluster_6.yaml index 3ba362b20..6a5c1ddf5 100755 --- a/queries/aws_emr_cluster_6.yaml +++ b/queries/aws_emr_cluster_6.yaml @@ -1,7 +1,7 @@ ID: aws_emr_cluster_6 Title: "Find AWS EMR Cluster Data with Specific Log URIs" Description: "Allows users to query AWS Elastic MapReduce Cluster data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_cluster_6.yaml.bak b/queries/aws_emr_cluster_6.yaml.bak new file mode 100755 index 000000000..3ba362b20 --- /dev/null +++ b/queries/aws_emr_cluster_6.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_emr_cluster_6 +Title: "Find AWS EMR Cluster Data with Specific Log URIs" +Description: "Allows users to query AWS Elastic MapReduce Cluster data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + cluster_arn, + log_uri, + log_encryption_kms_key_id + from + aws_emr_cluster + where + log_uri is not null and log_encryption_kms_key_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Elastic MapReduce diff --git a/queries/aws_emr_cluster_metric_is_idle_1.yaml b/queries/aws_emr_cluster_metric_is_idle_1.yaml index 97f69c560..e9b81a60e 100755 --- a/queries/aws_emr_cluster_metric_is_idle_1.yaml +++ b/queries/aws_emr_cluster_metric_is_idle_1.yaml @@ -1,7 +1,7 @@ ID: aws_emr_cluster_metric_is_idle_1 Title: "Find Idle Status of AWS EMR Cluster Metrics" Description: "Allows users to query AWS EMR Cluster Metrics to determine if a cluster is idle." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_cluster_metric_is_idle_1.yaml.bak b/queries/aws_emr_cluster_metric_is_idle_1.yaml.bak new file mode 100755 index 000000000..97f69c560 --- /dev/null +++ b/queries/aws_emr_cluster_metric_is_idle_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_emr_cluster_metric_is_idle_1 +Title: "Find Idle Status of AWS EMR Cluster Metrics" +Description: "Allows users to query AWS EMR Cluster Metrics to determine if a cluster is idle." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_emr_cluster_metric_is_idle + order by + id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_instance_1.yaml b/queries/aws_emr_instance_1.yaml index df8450fa5..7295747e3 100755 --- a/queries/aws_emr_instance_1.yaml +++ b/queries/aws_emr_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_emr_instance_1 Title: "Find all AWS EMR Instances for status and configuration" Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_instance_1.yaml.bak b/queries/aws_emr_instance_1.yaml.bak new file mode 100755 index 000000000..df8450fa5 --- /dev/null +++ b/queries/aws_emr_instance_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_emr_instance_1 +Title: "Find all AWS EMR Instances for status and configuration" +Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + cluster_id, + ec2_instance_id, + instance_type, + private_dns_name, + private_ip_address + from + aws_emr_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_instance_2.yaml b/queries/aws_emr_instance_2.yaml index 1a8dc0c7e..6916146a5 100755 --- a/queries/aws_emr_instance_2.yaml +++ b/queries/aws_emr_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_emr_instance_2 Title: "Find detailed AWS EMR Instances status and configuration" Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_instance_2.yaml.bak b/queries/aws_emr_instance_2.yaml.bak new file mode 100755 index 000000000..1a8dc0c7e --- /dev/null +++ b/queries/aws_emr_instance_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_emr_instance_2 +Title: "Find detailed AWS EMR Instances status and configuration" +Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + ec2_instance_id, + instance_type + from + aws_emr_instance + where + instance_type = 'm2.4xlarge'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_instance_3.yaml b/queries/aws_emr_instance_3.yaml index 8baadd16d..9607decc3 100755 --- a/queries/aws_emr_instance_3.yaml +++ b/queries/aws_emr_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_emr_instance_3 Title: "Find all AWS EMR Instances with Detailed Information" Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_instance_3.yaml.bak b/queries/aws_emr_instance_3.yaml.bak new file mode 100755 index 000000000..8baadd16d --- /dev/null +++ b/queries/aws_emr_instance_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_emr_instance_3 +Title: "Find all AWS EMR Instances with Detailed Information" +Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + ec2_instance_id, + instance_type + from + aws_emr_instance + where + cluster_id = 'j-21HIX5R2NZMXJ'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_instance_4.yaml b/queries/aws_emr_instance_4.yaml index 5010667a5..3efe8778f 100755 --- a/queries/aws_emr_instance_4.yaml +++ b/queries/aws_emr_instance_4.yaml @@ -1,7 +1,7 @@ ID: aws_emr_instance_4 Title: "Query AWS EMR Instances and Detailed Metadata" Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_instance_4.yaml.bak b/queries/aws_emr_instance_4.yaml.bak new file mode 100755 index 000000000..5010667a5 --- /dev/null +++ b/queries/aws_emr_instance_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_emr_instance_4 +Title: "Query AWS EMR Instances and Detailed Metadata" +Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + ec2_instance_id, + instance_type, + v -> 'Device' as device, + v -> 'VolumeId' as volume_id + from + aws_emr_instance, + jsonb_array_elements(ebs_volumes) as v + where + ei.id = 'ci-ULCFS2ZN0FK7'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_instance_fleet_1.yaml b/queries/aws_emr_instance_fleet_1.yaml index eae03d5d8..b3b3d4c9a 100755 --- a/queries/aws_emr_instance_fleet_1.yaml +++ b/queries/aws_emr_instance_fleet_1.yaml @@ -1,7 +1,7 @@ ID: aws_emr_instance_fleet_1 Title: "List all AWS EMR Instance Fleets with Configuration Details" Description: "Allows users to query AWS EMR Instance Fleets to obtain detailed information about each instance fleet, including its configuration, instance type specifications, target capacities, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_instance_fleet_1.yaml.bak b/queries/aws_emr_instance_fleet_1.yaml.bak new file mode 100755 index 000000000..eae03d5d8 --- /dev/null +++ b/queries/aws_emr_instance_fleet_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_emr_instance_fleet_1 +Title: "List all AWS EMR Instance Fleets with Configuration Details" +Description: "Allows users to query AWS EMR Instance Fleets to obtain detailed information about each instance fleet, including its configuration, instance type specifications, target capacities, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + cluster_id, + instance_fleet_type, + state + from + aws_emr_instance_fleet; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_instance_fleet_2.yaml b/queries/aws_emr_instance_fleet_2.yaml index 75cb5c9ac..c0cd87a9b 100755 --- a/queries/aws_emr_instance_fleet_2.yaml +++ b/queries/aws_emr_instance_fleet_2.yaml @@ -1,7 +1,7 @@ ID: aws_emr_instance_fleet_2 Title: "List all AWS EMR Instance Fleets with Configuration Details" Description: "Allows users to query AWS EMR Instance Fleets to obtain detailed information about each instance fleet, including its configuration, instance type specifications, target capacities, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_instance_fleet_2.yaml.bak b/queries/aws_emr_instance_fleet_2.yaml.bak new file mode 100755 index 000000000..75cb5c9ac --- /dev/null +++ b/queries/aws_emr_instance_fleet_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_emr_instance_fleet_2 +Title: "List all AWS EMR Instance Fleets with Configuration Details" +Description: "Allows users to query AWS EMR Instance Fleets to obtain detailed information about each instance fleet, including its configuration, instance type specifications, target capacities, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_id, + c.name as cluster_name, + c.state as cluster_state + from + aws_emr_instance_fleet as f, + aws_emr_cluster as c + where + f.cluster_id = c.id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_instance_fleet_3.yaml b/queries/aws_emr_instance_fleet_3.yaml index 394937d52..c827a1db1 100755 --- a/queries/aws_emr_instance_fleet_3.yaml +++ b/queries/aws_emr_instance_fleet_3.yaml @@ -1,7 +1,7 @@ ID: aws_emr_instance_fleet_3 Title: "List all AWS EMR Instance Fleets and Their Capabilities" Description: "Allows users to query AWS EMR Instance Fleets to obtain detailed information about each instance fleet, including its configuration, instance type specifications, target capacities, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_instance_fleet_3.yaml.bak b/queries/aws_emr_instance_fleet_3.yaml.bak new file mode 100755 index 000000000..394937d52 --- /dev/null +++ b/queries/aws_emr_instance_fleet_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_emr_instance_fleet_3 +Title: "List all AWS EMR Instance Fleets and Their Capabilities" +Description: "Allows users to query AWS EMR Instance Fleets to obtain detailed information about each instance fleet, including its configuration, instance type specifications, target capacities, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_id, + provisioned_on_demand_capacity, + target_on_demand_capacity + from + aws_emr_instance_fleet; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR Instance Fleet diff --git a/queries/aws_emr_instance_group_1.yaml b/queries/aws_emr_instance_group_1.yaml index 6ea8b11cd..b3afd69cb 100755 --- a/queries/aws_emr_instance_group_1.yaml +++ b/queries/aws_emr_instance_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_emr_instance_group_1 Title: "Find AWS EMR Instance Groups within a Cluster" Description: "Allows users to query AWS EMR Instance Groups to fetch details about each instance group within an EMR cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_instance_group_1.yaml.bak b/queries/aws_emr_instance_group_1.yaml.bak new file mode 100755 index 000000000..6ea8b11cd --- /dev/null +++ b/queries/aws_emr_instance_group_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_emr_instance_group_1 +Title: "Find AWS EMR Instance Groups within a Cluster" +Description: "Allows users to query AWS EMR Instance Groups to fetch details about each instance group within an EMR cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + cluster_id, + instance_group_type, + state + from + aws_emr_instance_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_instance_group_2.yaml b/queries/aws_emr_instance_group_2.yaml index 0a955f818..096b438c1 100755 --- a/queries/aws_emr_instance_group_2.yaml +++ b/queries/aws_emr_instance_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_emr_instance_group_2 Title: "List AWS EMR instance groups within clusters" Description: "Allows users to query AWS EMR Instance Groups to fetch details about each instance group within an EMR cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_instance_group_2.yaml.bak b/queries/aws_emr_instance_group_2.yaml.bak new file mode 100755 index 000000000..0a955f818 --- /dev/null +++ b/queries/aws_emr_instance_group_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_emr_instance_group_2 +Title: "List AWS EMR instance groups within clusters" +Description: "Allows users to query AWS EMR Instance Groups to fetch details about each instance group within an EMR cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + ig.id as instance_group_id, + ig.cluster_id, + c.name as cluster_name, + ig.instance_type + from + aws_emr_instance_group as ig, + aws_emr_cluster as c + where + ig.cluster_id = c.id + and ig.instance_group_type = 'MASTER'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_instance_group_3.yaml b/queries/aws_emr_instance_group_3.yaml index 73920423e..8e7e6bc75 100755 --- a/queries/aws_emr_instance_group_3.yaml +++ b/queries/aws_emr_instance_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_emr_instance_group_3 Title: "List All AWS EMR Instance Groups and Running Instances" Description: "Allows users to query AWS EMR Instance Groups to fetch details about each instance group within an EMR cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_instance_group_3.yaml.bak b/queries/aws_emr_instance_group_3.yaml.bak new file mode 100755 index 000000000..73920423e --- /dev/null +++ b/queries/aws_emr_instance_group_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_emr_instance_group_3 +Title: "List All AWS EMR Instance Groups and Running Instances" +Description: "Allows users to query AWS EMR Instance Groups to fetch details about each instance group within an EMR cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_id, + sum(running_instance_count) as running_instance_count + from + aws_emr_instance_group + where + state = 'RUNNING' + group by cluster_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS EMR diff --git a/queries/aws_emr_security_configuration_1.yaml b/queries/aws_emr_security_configuration_1.yaml index 7290baf08..6c07a2ba1 100755 --- a/queries/aws_emr_security_configuration_1.yaml +++ b/queries/aws_emr_security_configuration_1.yaml @@ -1,7 +1,7 @@ ID: aws_emr_security_configuration_1 Title: "Find AWS EMR Security Configurations Details" Description: "Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. This table provides information about security settings and configurations that can be applied to EMR clusters, managing encryption, authentication, and authorization. These configurations are crucial for ensuring the secure handling of data, protecting sensitive information, and complying with various data security standards and regulations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_security_configuration_1.yaml.bak b/queries/aws_emr_security_configuration_1.yaml.bak new file mode 100755 index 000000000..7290baf08 --- /dev/null +++ b/queries/aws_emr_security_configuration_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_emr_security_configuration_1 +Title: "Find AWS EMR Security Configurations Details" +Description: "Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. This table provides information about security settings and configurations that can be applied to EMR clusters, managing encryption, authentication, and authorization. These configurations are crucial for ensuring the secure handling of data, protecting sensitive information, and complying with various data security standards and regulations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + creation_date_time, + encryption_configuration, + instance_metadata_service_configuration, + security_configuration + from + aws_emr_security_configuration; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_security_configuration_2.yaml b/queries/aws_emr_security_configuration_2.yaml index 9018a0cd1..1ee377969 100755 --- a/queries/aws_emr_security_configuration_2.yaml +++ b/queries/aws_emr_security_configuration_2.yaml @@ -1,7 +1,7 @@ ID: aws_emr_security_configuration_2 Title: "List EMR Security Configs from Last 30 Days" Description: "Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. This table provides information about security settings and configurations that can be applied to EMR clusters, managing encryption, authentication, and authorization. These configurations are crucial for ensuring the secure handling of data, protecting sensitive information, and complying with various data security standards and regulations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_security_configuration_2.yaml.bak b/queries/aws_emr_security_configuration_2.yaml.bak new file mode 100755 index 000000000..9018a0cd1 --- /dev/null +++ b/queries/aws_emr_security_configuration_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_emr_security_configuration_2 +Title: "List EMR Security Configs from Last 30 Days" +Description: "Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. This table provides information about security settings and configurations that can be applied to EMR clusters, managing encryption, authentication, and authorization. These configurations are crucial for ensuring the secure handling of data, protecting sensitive information, and complying with various data security standards and regulations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + creation_date_time, + security_configuration + from + aws_emr_security_configuration + where + creation_date_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_emr_security_configuration_3.yaml b/queries/aws_emr_security_configuration_3.yaml index fdad48e53..4ef08f3cc 100755 --- a/queries/aws_emr_security_configuration_3.yaml +++ b/queries/aws_emr_security_configuration_3.yaml @@ -1,7 +1,7 @@ ID: aws_emr_security_configuration_3 Title: "List all AWS EMR Security Configurations using SQL" Description: "Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. This table provides information about security settings and configurations that can be applied to EMR clusters, managing encryption, authentication, and authorization. These configurations are crucial for ensuring the secure handling of data, protecting sensitive information, and complying with various data security standards and regulations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_emr_security_configuration_3.yaml.bak b/queries/aws_emr_security_configuration_3.yaml.bak new file mode 100755 index 000000000..fdad48e53 --- /dev/null +++ b/queries/aws_emr_security_configuration_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_emr_security_configuration_3 +Title: "List all AWS EMR Security Configurations using SQL" +Description: "Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. This table provides information about security settings and configurations that can be applied to EMR clusters, managing encryption, authentication, and authorization. These configurations are crucial for ensuring the secure handling of data, protecting sensitive information, and complying with various data security standards and regulations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + creation_date_time, + encryption_configuration -> 'AtRestEncryptionConfiguration' -> 'LocalDiskEncryptionConfiguration' ->> 'AwsKmsKey' as aws_kms_key, + encryption_configuration -> 'AtRestEncryptionConfiguration' -> 'LocalDiskEncryptionConfiguration' ->> 'EnableEbsEncryption' as enable_ebs_encryption, + encryption_configuration -> 'AtRestEncryptionConfiguration' -> 'LocalDiskEncryptionConfiguration' ->> 'EncryptionKeyProviderType' as encryption_key_provider_type, + encryption_configuration -> 'S3EncryptionConfiguration' as s3_encryption_configuration, + encryption_configuration ->> 'EnableAtRestEncryption' as enable_at_rest_encryption, + encryption_configuration ->> 'EnableInTransitEncryption' as enable_in_transit_encryption, + encryption_configuration -> 'InTransitEncryptionConfiguration' as in_transit_encryption_configuration + from + aws_emr_security_configuration; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - EMR diff --git a/queries/aws_eventbridge_bus_1.yaml b/queries/aws_eventbridge_bus_1.yaml index 2278218d2..6a41d4aeb 100755 --- a/queries/aws_eventbridge_bus_1.yaml +++ b/queries/aws_eventbridge_bus_1.yaml @@ -1,7 +1,7 @@ ID: aws_eventbridge_bus_1 Title: "Find all AWS EventBridge Buses and their Details" Description: "Allows users to query AWS EventBridge Buses for detailed information about each bus, including its name, ARN, policy, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eventbridge_bus_1.yaml.bak b/queries/aws_eventbridge_bus_1.yaml.bak new file mode 100755 index 000000000..2278218d2 --- /dev/null +++ b/queries/aws_eventbridge_bus_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_eventbridge_bus_1 +Title: "Find all AWS EventBridge Buses and their Details" +Description: "Allows users to query AWS EventBridge Buses for detailed information about each bus, including its name, ARN, policy, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + jsonb_pretty(policy) as policy, + jsonb_pretty(policy_std) as policy_std + from + aws_eventbridge_bus; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EventBridge diff --git a/queries/aws_eventbridge_rule_1.yaml b/queries/aws_eventbridge_rule_1.yaml index 5c13947d2..4b544bfcb 100755 --- a/queries/aws_eventbridge_rule_1.yaml +++ b/queries/aws_eventbridge_rule_1.yaml @@ -1,7 +1,7 @@ ID: aws_eventbridge_rule_1 Title: "Find EventBridge Rule Information in AWS Account" Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eventbridge_rule_1.yaml.bak b/queries/aws_eventbridge_rule_1.yaml.bak new file mode 100755 index 000000000..5c13947d2 --- /dev/null +++ b/queries/aws_eventbridge_rule_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_eventbridge_rule_1 +Title: "Find EventBridge Rule Information in AWS Account" +Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + state, + created_by, + event_bus_name + from + aws_eventbridge_rule; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EventBridge diff --git a/queries/aws_eventbridge_rule_2.yaml b/queries/aws_eventbridge_rule_2.yaml index 2a370abd3..52194dd0b 100755 --- a/queries/aws_eventbridge_rule_2.yaml +++ b/queries/aws_eventbridge_rule_2.yaml @@ -1,7 +1,7 @@ ID: aws_eventbridge_rule_2 Title: "Find all AWS EventBridge Rules not enabled" Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eventbridge_rule_2.yaml.bak b/queries/aws_eventbridge_rule_2.yaml.bak new file mode 100755 index 000000000..52194dd0b --- /dev/null +++ b/queries/aws_eventbridge_rule_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_eventbridge_rule_2 +Title: "Find all AWS EventBridge Rules not enabled" +Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + state, + created_by + from + aws_eventbridge_rule + where + state != 'ENABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EventBridge diff --git a/queries/aws_eventbridge_rule_2.yaml.bak.bak b/queries/aws_eventbridge_rule_2.yaml.bak.bak new file mode 100755 index 000000000..2a370abd3 --- /dev/null +++ b/queries/aws_eventbridge_rule_2.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_eventbridge_rule_2 +Title: "Find all AWS EventBridge Rules not enabled" +Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + state, + created_by + from + aws_eventbridge_rule + where + state != 'ENABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EventBridge diff --git a/queries/aws_eventbridge_rule_3.yaml b/queries/aws_eventbridge_rule_3.yaml index 9cc6db0be..ff416b3ab 100755 --- a/queries/aws_eventbridge_rule_3.yaml +++ b/queries/aws_eventbridge_rule_3.yaml @@ -1,7 +1,7 @@ ID: aws_eventbridge_rule_3 Title: "Find AWS EventBridge Rules using SQL" Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_eventbridge_rule_3.yaml.bak b/queries/aws_eventbridge_rule_3.yaml.bak new file mode 100755 index 000000000..9cc6db0be --- /dev/null +++ b/queries/aws_eventbridge_rule_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_eventbridge_rule_3 +Title: "Find AWS EventBridge Rules using SQL" +Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + cd ->> 'Id' as target_id, + cd ->> 'Arn' as target_arn, + cd ->> 'RoleArn' as role_arn + from + aws_eventbridge_rule, + jsonb_array_elements(targets) as cd; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - EventBridge diff --git a/queries/aws_fms_app_list_1.yaml b/queries/aws_fms_app_list_1.yaml index 808f3691b..fa7344c53 100755 --- a/queries/aws_fms_app_list_1.yaml +++ b/queries/aws_fms_app_list_1.yaml @@ -1,7 +1,7 @@ ID: aws_fms_app_list_1 Title: "Find AWS Firewall Manager Application Details" Description: "Allows users to query AWS Firewall Manager Applications to obtain comprehensive details about each application, including application ID, protocol, source and destination IP ranges, and source and destination ports." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_fms_app_list_1.yaml.bak b/queries/aws_fms_app_list_1.yaml.bak new file mode 100755 index 000000000..808f3691b --- /dev/null +++ b/queries/aws_fms_app_list_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_fms_app_list_1 +Title: "Find AWS Firewall Manager Application Details" +Description: "Allows users to query AWS Firewall Manager Applications to obtain comprehensive details about each application, including application ID, protocol, source and destination IP ranges, and source and destination ports." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + list_name, + list_id, + arn, + create_time + from + aws_fms_app_list; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Firewall Manager diff --git a/queries/aws_fms_app_list_2.yaml b/queries/aws_fms_app_list_2.yaml index ce2d93e1e..7a7f4ccf1 100755 --- a/queries/aws_fms_app_list_2.yaml +++ b/queries/aws_fms_app_list_2.yaml @@ -1,7 +1,7 @@ ID: aws_fms_app_list_2 Title: "Find AWS Firewall Manager Application Details in Last 30 Days" Description: "Allows users to query AWS Firewall Manager Applications to obtain comprehensive details about each application, including application ID, protocol, source and destination IP ranges, and source and destination ports." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_fms_app_list_2.yaml.bak b/queries/aws_fms_app_list_2.yaml.bak new file mode 100755 index 000000000..ce2d93e1e --- /dev/null +++ b/queries/aws_fms_app_list_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_fms_app_list_2 +Title: "Find AWS Firewall Manager Application Details in Last 30 Days" +Description: "Allows users to query AWS Firewall Manager Applications to obtain comprehensive details about each application, including application ID, protocol, source and destination IP ranges, and source and destination ports." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + list_name, + list_id, + arn, + create_time + from + aws_fms_app_list + where + create_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Firewall Manager diff --git a/queries/aws_fms_app_list_3.yaml b/queries/aws_fms_app_list_3.yaml index 7176843a6..3329c0658 100755 --- a/queries/aws_fms_app_list_3.yaml +++ b/queries/aws_fms_app_list_3.yaml @@ -1,7 +1,7 @@ ID: aws_fms_app_list_3 Title: "Query AWS Firewall Manager Applications with Details" Description: "Allows users to query AWS Firewall Manager Applications to obtain comprehensive details about each application, including application ID, protocol, source and destination IP ranges, and source and destination ports." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_fms_app_list_3.yaml.bak b/queries/aws_fms_app_list_3.yaml.bak new file mode 100755 index 000000000..7176843a6 --- /dev/null +++ b/queries/aws_fms_app_list_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_fms_app_list_3 +Title: "Query AWS Firewall Manager Applications with Details" +Description: "Allows users to query AWS Firewall Manager Applications to obtain comprehensive details about each application, including application ID, protocol, source and destination IP ranges, and source and destination ports." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + list_name, + list_id, + a ->> 'AppName' as app_name, + a ->> 'Port' as port, + a ->> 'Protocol' as protocol + from + aws_fms_app_list, + jsonb_array_elements(apps_list -> 'AppsList') as a; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Firewall Manager diff --git a/queries/aws_fms_policy_1.yaml b/queries/aws_fms_policy_1.yaml index d6d6b5898..869b1fcff 100755 --- a/queries/aws_fms_policy_1.yaml +++ b/queries/aws_fms_policy_1.yaml @@ -1,7 +1,7 @@ ID: aws_fms_policy_1 Title: "List All AWS Firewall Manager Policy Details" Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_fms_policy_1.yaml.bak b/queries/aws_fms_policy_1.yaml.bak new file mode 100755 index 000000000..d6d6b5898 --- /dev/null +++ b/queries/aws_fms_policy_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_fms_policy_1 +Title: "List All AWS Firewall Manager Policy Details" +Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + policy_name, + policy_id, + arn, + policy_description, + resource_type + from + aws_fms_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Firewall Manager diff --git a/queries/aws_fms_policy_2.yaml b/queries/aws_fms_policy_2.yaml index a8e7778b6..8e76a7521 100755 --- a/queries/aws_fms_policy_2.yaml +++ b/queries/aws_fms_policy_2.yaml @@ -1,7 +1,7 @@ ID: aws_fms_policy_2 Title: "Find AWS Firewall Manager Policies with SQL" Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_fms_policy_2.yaml.bak b/queries/aws_fms_policy_2.yaml.bak new file mode 100755 index 000000000..a8e7778b6 --- /dev/null +++ b/queries/aws_fms_policy_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_fms_policy_2 +Title: "Find AWS Firewall Manager Policies with SQL" +Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + policy_name, + policy_id, + arn, + policy_description, + resource_type, + remediation_enabled + from + aws_fms_policy + where + remediation_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Firewall Manager diff --git a/queries/aws_fms_policy_3.yaml b/queries/aws_fms_policy_3.yaml index 39d2a812a..c4e956f91 100755 --- a/queries/aws_fms_policy_3.yaml +++ b/queries/aws_fms_policy_3.yaml @@ -1,7 +1,7 @@ ID: aws_fms_policy_3 Title: "List all AWS Firewall Manager Policies and Details" Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_fms_policy_3.yaml.bak b/queries/aws_fms_policy_3.yaml.bak new file mode 100755 index 000000000..39d2a812a --- /dev/null +++ b/queries/aws_fms_policy_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_fms_policy_3 +Title: "List all AWS Firewall Manager Policies and Details" +Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + policy_name, + resource_type, + count(policy_id) as policy_applied + from + aws_fms_policy + group by + policy_name, + resource_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Firewall Manager diff --git a/queries/aws_fms_policy_4.yaml b/queries/aws_fms_policy_4.yaml index 3e85bf785..78228e532 100755 --- a/queries/aws_fms_policy_4.yaml +++ b/queries/aws_fms_policy_4.yaml @@ -1,7 +1,7 @@ ID: aws_fms_policy_4 Title: "List AWS Firewall Manager (FMS) Policies Details" Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_fms_policy_4.yaml.bak b/queries/aws_fms_policy_4.yaml.bak new file mode 100755 index 000000000..3e85bf785 --- /dev/null +++ b/queries/aws_fms_policy_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_fms_policy_4 +Title: "List AWS Firewall Manager (FMS) Policies Details" +Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + policy_name, + policy_id, + policy_status + from + aws_fms_policy + where + policy_status <> 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Firewall Manager diff --git a/queries/aws_fsx_file_system_1.yaml b/queries/aws_fsx_file_system_1.yaml index 5cb5e8bbd..8c5c79cf1 100755 --- a/queries/aws_fsx_file_system_1.yaml +++ b/queries/aws_fsx_file_system_1.yaml @@ -1,7 +1,7 @@ ID: aws_fsx_file_system_1 Title: "List AWS FSx File Systems details including lifecycle" Description: "Allows users to query AWS FSx File Systems to gather information about the file system''s details, including its lifecycle, type, storage capacity, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_fsx_file_system_1.yaml.bak b/queries/aws_fsx_file_system_1.yaml.bak new file mode 100755 index 000000000..5cb5e8bbd --- /dev/null +++ b/queries/aws_fsx_file_system_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_fsx_file_system_1 +Title: "List AWS FSx File Systems details including lifecycle" +Description: "Allows users to query AWS FSx File Systems to gather information about the file system''s details, including its lifecycle, type, storage capacity, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + file_system_id, + arn, + dns_name, + owner_id, + creation_time, + lifecycle, + storage_capacity + from + aws_fsx_file_system; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - FSx diff --git a/queries/aws_fsx_file_system_2.yaml b/queries/aws_fsx_file_system_2.yaml index c0fe40c8d..ecc292b76 100755 --- a/queries/aws_fsx_file_system_2.yaml +++ b/queries/aws_fsx_file_system_2.yaml @@ -1,7 +1,7 @@ ID: aws_fsx_file_system_2 Title: "List AWS FSx File Systems and Details" Description: "Allows users to query AWS FSx File Systems to gather information about the file system''s details, including its lifecycle, type, storage capacity, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_fsx_file_system_2.yaml.bak b/queries/aws_fsx_file_system_2.yaml.bak new file mode 100755 index 000000000..c0fe40c8d --- /dev/null +++ b/queries/aws_fsx_file_system_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_fsx_file_system_2 +Title: "List AWS FSx File Systems and Details" +Description: "Allows users to query AWS FSx File Systems to gather information about the file system''s details, including its lifecycle, type, storage capacity, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + file_system_id, + kms_key_id, + region + from + aws_fsx_file_system + where + kms_key_id is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - FSx diff --git a/queries/aws_glacier_vault_1.yaml b/queries/aws_glacier_vault_1.yaml index c7f84c401..ed9d642f7 100755 --- a/queries/aws_glacier_vault_1.yaml +++ b/queries/aws_glacier_vault_1.yaml @@ -1,7 +1,7 @@ ID: aws_glacier_vault_1 Title: "List all AWS Glacier Vault details with SQL Query" Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glacier_vault_1.yaml.bak b/queries/aws_glacier_vault_1.yaml.bak new file mode 100755 index 000000000..c7f84c401 --- /dev/null +++ b/queries/aws_glacier_vault_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_glacier_vault_1 +Title: "List all AWS Glacier Vault details with SQL Query" +Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vault_name, + creation_date, + last_inventory_date, + number_of_archives, + size_in_bytes + from + aws_glacier_vault; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Glacier diff --git a/queries/aws_glacier_vault_2.yaml b/queries/aws_glacier_vault_2.yaml index 2b04421c8..cc555bacd 100755 --- a/queries/aws_glacier_vault_2.yaml +++ b/queries/aws_glacier_vault_2.yaml @@ -1,7 +1,7 @@ ID: aws_glacier_vault_2 Title: "Find all AWS Glacier Vaults and Detailed Information" Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glacier_vault_2.yaml.bak b/queries/aws_glacier_vault_2.yaml.bak new file mode 100755 index 000000000..cc555bacd --- /dev/null +++ b/queries/aws_glacier_vault_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_glacier_vault_2 +Title: "Find all AWS Glacier Vaults and Detailed Information" +Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_glacier_vault, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a + where + s ->> 'Effect' = 'Allow' + and a in ('*', 'glacier:*'); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glacier diff --git a/queries/aws_glacier_vault_2.yaml.bak.bak b/queries/aws_glacier_vault_2.yaml.bak.bak new file mode 100755 index 000000000..cc555bacd --- /dev/null +++ b/queries/aws_glacier_vault_2.yaml.bak.bak @@ -0,0 +1,32 @@ +ID: aws_glacier_vault_2 +Title: "Find all AWS Glacier Vaults and Detailed Information" +Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_glacier_vault, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a + where + s ->> 'Effect' = 'Allow' + and a in ('*', 'glacier:*'); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glacier diff --git a/queries/aws_glacier_vault_3.yaml b/queries/aws_glacier_vault_3.yaml index e271dda30..ff41e123a 100755 --- a/queries/aws_glacier_vault_3.yaml +++ b/queries/aws_glacier_vault_3.yaml @@ -1,7 +1,7 @@ ID: aws_glacier_vault_3 Title: "List AWS Glacier Vaults with Detailed Information" Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glacier_vault_3.yaml.bak b/queries/aws_glacier_vault_3.yaml.bak new file mode 100755 index 000000000..e271dda30 --- /dev/null +++ b/queries/aws_glacier_vault_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_glacier_vault_3 +Title: "List AWS Glacier Vaults with Detailed Information" +Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_glacier_vault, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a + where + p = '*' + and s ->> 'Effect' = 'Allow'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Glacier diff --git a/queries/aws_glacier_vault_4.yaml b/queries/aws_glacier_vault_4.yaml index 126c51e94..229318eda 100755 --- a/queries/aws_glacier_vault_4.yaml +++ b/queries/aws_glacier_vault_4.yaml @@ -1,7 +1,7 @@ ID: aws_glacier_vault_4 Title: "Find AWS Glacier Vault Details including Name, ARN, and Archives" Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glacier_vault_4.yaml.bak b/queries/aws_glacier_vault_4.yaml.bak new file mode 100755 index 000000000..126c51e94 --- /dev/null +++ b/queries/aws_glacier_vault_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_glacier_vault_4 +Title: "Find AWS Glacier Vault Details including Name, ARN, and Archives" +Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' -> 'NumericLessThan' ->> 'glacier:archiveageindays' as archive_age_in_days + from + aws_glacier_vault, + jsonb_array_elements(vault_lock_policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Action') as a; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glacier diff --git a/queries/aws_glacier_vault_5.yaml b/queries/aws_glacier_vault_5.yaml index 326d927dd..4fd2b6567 100755 --- a/queries/aws_glacier_vault_5.yaml +++ b/queries/aws_glacier_vault_5.yaml @@ -1,7 +1,7 @@ ID: aws_glacier_vault_5 Title: "List all AWS Glacier Vaults for Detailed Information" Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glacier_vault_5.yaml.bak b/queries/aws_glacier_vault_5.yaml.bak new file mode 100755 index 000000000..326d927dd --- /dev/null +++ b/queries/aws_glacier_vault_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_glacier_vault_5 +Title: "List all AWS Glacier Vaults for Detailed Information" +Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vault_name, + tags + from + aws_glacier_vault + where + not tags :: JSONB ? 'owner'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Glacier diff --git a/queries/aws_glacier_vault_6.yaml b/queries/aws_glacier_vault_6.yaml index 721dc2350..5d8505574 100755 --- a/queries/aws_glacier_vault_6.yaml +++ b/queries/aws_glacier_vault_6.yaml @@ -1,7 +1,7 @@ ID: aws_glacier_vault_6 Title: "Find all AWS Glacier Vaults and Notification Configs" Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glacier_vault_6.yaml.bak b/queries/aws_glacier_vault_6.yaml.bak new file mode 100755 index 000000000..721dc2350 --- /dev/null +++ b/queries/aws_glacier_vault_6.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_glacier_vault_6 +Title: "Find all AWS Glacier Vaults and Notification Configs" +Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vault_name, + vault_notification_config ->> 'SNSTopic' as sns_topic, + vault_notification_config ->> 'Events' as notification_events + from + aws_glacier_vault + where + vault_notification_config is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Glacier diff --git a/queries/aws_globalaccelerator_accelerator_1.yaml b/queries/aws_globalaccelerator_accelerator_1.yaml index 1c53f29fb..79ae479c5 100755 --- a/queries/aws_globalaccelerator_accelerator_1.yaml +++ b/queries/aws_globalaccelerator_accelerator_1.yaml @@ -1,7 +1,7 @@ ID: aws_globalaccelerator_accelerator_1 Title: "Find all AWS Global Accelerator Accelerators" Description: "Allows users to query AWS Global Accelerator''s accelerators." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_globalaccelerator_accelerator_1.yaml.bak b/queries/aws_globalaccelerator_accelerator_1.yaml.bak new file mode 100755 index 000000000..1c53f29fb --- /dev/null +++ b/queries/aws_globalaccelerator_accelerator_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_globalaccelerator_accelerator_1 +Title: "Find all AWS Global Accelerator Accelerators" +Description: "Allows users to query AWS Global Accelerator''s accelerators." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_time, + dns_name, + enabled, + ip_address_type, + last_modified_time, + status + from + aws_globalaccelerator_accelerator; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Global Accelerator diff --git a/queries/aws_globalaccelerator_accelerator_2.yaml b/queries/aws_globalaccelerator_accelerator_2.yaml index 9caa3ad62..6d0916fbe 100755 --- a/queries/aws_globalaccelerator_accelerator_2.yaml +++ b/queries/aws_globalaccelerator_accelerator_2.yaml @@ -1,7 +1,7 @@ ID: aws_globalaccelerator_accelerator_2 Title: "Find all AWS Global Accelerator accelerators" Description: "Allows users to query AWS Global Accelerator''s accelerators." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_globalaccelerator_accelerator_2.yaml.bak b/queries/aws_globalaccelerator_accelerator_2.yaml.bak new file mode 100755 index 000000000..9caa3ad62 --- /dev/null +++ b/queries/aws_globalaccelerator_accelerator_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_globalaccelerator_accelerator_2 +Title: "Find all AWS Global Accelerator accelerators" +Description: "Allows users to query AWS Global Accelerator''s accelerators." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_time, + dns_name, + enabled, + ip_address_type, + last_modified_time, + status, + anycast_ip + from + aws_globalaccelerator_accelerator, + jsonb_array_elements(ip_sets -> 0 -> 'IpAddresses') as anycast_ip; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Global Accelerator diff --git a/queries/aws_globalaccelerator_accelerator_3.yaml b/queries/aws_globalaccelerator_accelerator_3.yaml index 144b9033f..8b210c3a6 100755 --- a/queries/aws_globalaccelerator_accelerator_3.yaml +++ b/queries/aws_globalaccelerator_accelerator_3.yaml @@ -1,7 +1,7 @@ ID: aws_globalaccelerator_accelerator_3 Title: "Find AWS Global Accelerator's Accelerators" Description: "Allows users to query AWS Global Accelerator''s accelerators." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_globalaccelerator_accelerator_3.yaml.bak b/queries/aws_globalaccelerator_accelerator_3.yaml.bak new file mode 100755 index 000000000..144b9033f --- /dev/null +++ b/queries/aws_globalaccelerator_accelerator_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_globalaccelerator_accelerator_3 +Title: "Find AWS Global Accelerator's Accelerators" +Description: "Allows users to query AWS Global Accelerator''s accelerators." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + tags + from + aws_globalaccelerator_accelerator + where + not tags::JSONB ? 'owner'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Global Accelerator diff --git a/queries/aws_globalaccelerator_endpoint_group_1.yaml b/queries/aws_globalaccelerator_endpoint_group_1.yaml index af55b1403..32469669d 100755 --- a/queries/aws_globalaccelerator_endpoint_group_1.yaml +++ b/queries/aws_globalaccelerator_endpoint_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_globalaccelerator_endpoint_group_1 Title: "List AWS Global Accelerator Endpoint Groups Configuration" Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_globalaccelerator_endpoint_group_1.yaml.bak b/queries/aws_globalaccelerator_endpoint_group_1.yaml.bak new file mode 100755 index 000000000..af55b1403 --- /dev/null +++ b/queries/aws_globalaccelerator_endpoint_group_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_globalaccelerator_endpoint_group_1 +Title: "List AWS Global Accelerator Endpoint Groups Configuration" +Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + endpoint_descriptions, + endpoint_group_region, + traffic_dial_percentage, + port_overrides, + health_check_interval_seconds, + health_check_path, + health_check_port, + health_check_protocol, + threshold_count + from + aws_globalaccelerator_endpoint_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Global Accelerator diff --git a/queries/aws_globalaccelerator_endpoint_group_2.yaml b/queries/aws_globalaccelerator_endpoint_group_2.yaml index e062af54d..d236ecf04 100755 --- a/queries/aws_globalaccelerator_endpoint_group_2.yaml +++ b/queries/aws_globalaccelerator_endpoint_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_globalaccelerator_endpoint_group_2 Title: "List all AWS Global Accelerator Endpoint Groups" Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_globalaccelerator_endpoint_group_2.yaml.bak b/queries/aws_globalaccelerator_endpoint_group_2.yaml.bak new file mode 100755 index 000000000..e062af54d --- /dev/null +++ b/queries/aws_globalaccelerator_endpoint_group_2.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_globalaccelerator_endpoint_group_2 +Title: "List all AWS Global Accelerator Endpoint Groups" +Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + endpoint_descriptions, + endpoint_group_region, + traffic_dial_percentage, + port_overrides, + health_check_interval_seconds, + health_check_path, + health_check_port, + health_check_protocol, + threshold_count + from + aws_globalaccelerator_endpoint_group + where + listener_arn = 'arn:aws:globalaccelerator::012345678901:accelerator/1234abcd-abcd-1234-abcd-1234abcdefgh/listener/abcdef1234'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Global Accelerator diff --git a/queries/aws_globalaccelerator_endpoint_group_3.yaml b/queries/aws_globalaccelerator_endpoint_group_3.yaml index 653b4e0aa..13b4d5bd7 100755 --- a/queries/aws_globalaccelerator_endpoint_group_3.yaml +++ b/queries/aws_globalaccelerator_endpoint_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_globalaccelerator_endpoint_group_3 Title: "Find AWS Global Accelerator Endpoint Groups Configuration" Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_globalaccelerator_endpoint_group_3.yaml.bak b/queries/aws_globalaccelerator_endpoint_group_3.yaml.bak new file mode 100755 index 000000000..13b4d5bd7 --- /dev/null +++ b/queries/aws_globalaccelerator_endpoint_group_3.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_globalaccelerator_endpoint_group_3 +Title: "Find AWS Global Accelerator Endpoint Groups Configuration" +Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.name as accelerator_name, + l.client_affinity as listener_client_affinity, + l.port_ranges as listener_port_ranges, + l.protocol as listener_protocol, + eg.endpoint_descriptions, + eg.endpoint_group_region, + eg.traffic_dial_percentage, + eg.port_overrides, + eg.health_check_interval_seconds, + eg.health_check_path, + eg.health_check_port, + eg.health_check_protocol, + eg.threshold_count + from + aws_globalaccelerator_accelerator a, + aws_globalaccelerator_listener l, + aws_globalaccelerator_endpoint_group eg + where + eg.listener_arn = l.arn + and l.accelerator_arn = a.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Global Accelerator diff --git a/queries/aws_globalaccelerator_endpoint_group_3.yaml.bak.bak b/queries/aws_globalaccelerator_endpoint_group_3.yaml.bak.bak new file mode 100755 index 000000000..13b4d5bd7 --- /dev/null +++ b/queries/aws_globalaccelerator_endpoint_group_3.yaml.bak.bak @@ -0,0 +1,41 @@ +ID: aws_globalaccelerator_endpoint_group_3 +Title: "Find AWS Global Accelerator Endpoint Groups Configuration" +Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.name as accelerator_name, + l.client_affinity as listener_client_affinity, + l.port_ranges as listener_port_ranges, + l.protocol as listener_protocol, + eg.endpoint_descriptions, + eg.endpoint_group_region, + eg.traffic_dial_percentage, + eg.port_overrides, + eg.health_check_interval_seconds, + eg.health_check_path, + eg.health_check_port, + eg.health_check_protocol, + eg.threshold_count + from + aws_globalaccelerator_accelerator a, + aws_globalaccelerator_listener l, + aws_globalaccelerator_endpoint_group eg + where + eg.listener_arn = l.arn + and l.accelerator_arn = a.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Global Accelerator diff --git a/queries/aws_globalaccelerator_listener_1.yaml b/queries/aws_globalaccelerator_listener_1.yaml index bda315832..0a8d7432e 100755 --- a/queries/aws_globalaccelerator_listener_1.yaml +++ b/queries/aws_globalaccelerator_listener_1.yaml @@ -1,7 +1,7 @@ ID: aws_globalaccelerator_listener_1 Title: "List all AWS Global Accelerator Listener details" Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_globalaccelerator_listener_1.yaml.bak b/queries/aws_globalaccelerator_listener_1.yaml.bak new file mode 100755 index 000000000..bda315832 --- /dev/null +++ b/queries/aws_globalaccelerator_listener_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_globalaccelerator_listener_1 +Title: "List all AWS Global Accelerator Listener details" +Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + client_affinity, + port_ranges, + protocol + from + aws_globalaccelerator_listener; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Global Accelerator diff --git a/queries/aws_globalaccelerator_listener_2.yaml b/queries/aws_globalaccelerator_listener_2.yaml index 3dbcc1235..065d54663 100755 --- a/queries/aws_globalaccelerator_listener_2.yaml +++ b/queries/aws_globalaccelerator_listener_2.yaml @@ -1,7 +1,7 @@ ID: aws_globalaccelerator_listener_2 Title: "Find AWS Global Accelerator Listener Details" Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_globalaccelerator_listener_2.yaml.bak b/queries/aws_globalaccelerator_listener_2.yaml.bak new file mode 100755 index 000000000..3dbcc1235 --- /dev/null +++ b/queries/aws_globalaccelerator_listener_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_globalaccelerator_listener_2 +Title: "Find AWS Global Accelerator Listener Details" +Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + client_affinity, + port_ranges, + protocol + from + aws_globalaccelerator_listener + where + accelerator_arn = 'arn:aws:globalaccelerator::012345678901:accelerator/1234abcd'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Global Accelerator diff --git a/queries/aws_globalaccelerator_listener_3.yaml b/queries/aws_globalaccelerator_listener_3.yaml index ddc412070..bfc850103 100755 --- a/queries/aws_globalaccelerator_listener_3.yaml +++ b/queries/aws_globalaccelerator_listener_3.yaml @@ -1,7 +1,7 @@ ID: aws_globalaccelerator_listener_3 Title: "Find AWS Global Accelerator Listener Details" Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_globalaccelerator_listener_3.yaml.bak b/queries/aws_globalaccelerator_listener_3.yaml.bak new file mode 100755 index 000000000..ddc412070 --- /dev/null +++ b/queries/aws_globalaccelerator_listener_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_globalaccelerator_listener_3 +Title: "Find AWS Global Accelerator Listener Details" +Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.name as accelerator_name, + a.status as accelerator_status, + l.title as listener_title, + l.client_affinity as listener_client_affinity, + l.port_ranges as listener_port_ranges, + l.protocol as listener_protocol + from + aws_globalaccelerator_accelerator a, + aws_globalaccelerator_listener l + where + l.accelerator_arn = a.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Global Accelerator diff --git a/queries/aws_globalaccelerator_listener_4.yaml b/queries/aws_globalaccelerator_listener_4.yaml index 4ad879ddf..112a333f2 100755 --- a/queries/aws_globalaccelerator_listener_4.yaml +++ b/queries/aws_globalaccelerator_listener_4.yaml @@ -1,7 +1,7 @@ ID: aws_globalaccelerator_listener_4 Title: "List all AWS Global Accelerator Listener including details" Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_globalaccelerator_listener_4.yaml.bak b/queries/aws_globalaccelerator_listener_4.yaml.bak new file mode 100755 index 000000000..4ad879ddf --- /dev/null +++ b/queries/aws_globalaccelerator_listener_4.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_globalaccelerator_listener_4 +Title: "List all AWS Global Accelerator Listener including details" +Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.name as accelerator_name, + a.status as accelerator_status, + l.protocol, + port_range -> 'FromPort' as from_port, + port_range -> 'ToPort' as to_port + from + aws_globalaccelerator_accelerator a, + aws_globalaccelerator_listener l, + jsonb_array_elements(l.port_ranges) as port_range + where + l.accelerator_arn = a.arn + and l.protocol = 'TCP' + and (port_range -> 'FromPort')::int <= 443 + and (port_range -> 'ToPort')::int >= 443; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Global Accelerator diff --git a/queries/aws_glue_catalog_database_1.yaml b/queries/aws_glue_catalog_database_1.yaml index 998b112fd..9342fbad2 100755 --- a/queries/aws_glue_catalog_database_1.yaml +++ b/queries/aws_glue_catalog_database_1.yaml @@ -1,7 +1,7 @@ ID: aws_glue_catalog_database_1 Title: "List All AWS Glue Catalog Databases with Details" Description: "Allows users to query AWS Glue Databases for detailed information about their Glue Catalog Databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_catalog_database_1.yaml.bak b/queries/aws_glue_catalog_database_1.yaml.bak new file mode 100755 index 000000000..998b112fd --- /dev/null +++ b/queries/aws_glue_catalog_database_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_glue_catalog_database_1 +Title: "List All AWS Glue Catalog Databases with Details" +Description: "Allows users to query AWS Glue Databases for detailed information about their Glue Catalog Databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + catalog_id, + create_time, + description, + location_uri, + create_table_default_permissions + from + aws_glue_catalog_database; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_catalog_database_2.yaml b/queries/aws_glue_catalog_database_2.yaml index 22e83d27f..b21022f19 100755 --- a/queries/aws_glue_catalog_database_2.yaml +++ b/queries/aws_glue_catalog_database_2.yaml @@ -1,7 +1,7 @@ ID: aws_glue_catalog_database_2 Title: "Find all AWS Glue Databases with Catalog Info" Description: "Allows users to query AWS Glue Databases for detailed information about their Glue Catalog Databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_catalog_database_2.yaml.bak b/queries/aws_glue_catalog_database_2.yaml.bak new file mode 100755 index 000000000..22e83d27f --- /dev/null +++ b/queries/aws_glue_catalog_database_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_glue_catalog_database_2 +Title: "Find all AWS Glue Databases with Catalog Info" +Description: "Allows users to query AWS Glue Databases for detailed information about their Glue Catalog Databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + catalog_id, + count(name) as database_count + from + aws_glue_catalog_database + group by + catalog_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_catalog_table_1.yaml b/queries/aws_glue_catalog_table_1.yaml index 17012ef56..165240633 100755 --- a/queries/aws_glue_catalog_table_1.yaml +++ b/queries/aws_glue_catalog_table_1.yaml @@ -1,7 +1,7 @@ ID: aws_glue_catalog_table_1 Title: "Find AWS Glue Catalog Table Metadata" Description: "Allows users to query AWS Glue Catalog Tables for a comprehensive overview of table metadata, including table names, database names, owner information, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_catalog_table_1.yaml.bak b/queries/aws_glue_catalog_table_1.yaml.bak new file mode 100755 index 000000000..17012ef56 --- /dev/null +++ b/queries/aws_glue_catalog_table_1.yaml.bak @@ -0,0 +1,20 @@ +ID: aws_glue_catalog_table_1 +Title: "Find AWS Glue Catalog Table Metadata" +Description: "Allows users to query AWS Glue Catalog Tables for a comprehensive overview of table metadata, including table names, database names, owner information, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + catalog_id, + create_time, + description, + database_name + from + aws_glue_catalog_table; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: {} diff --git a/queries/aws_glue_catalog_table_2.yaml b/queries/aws_glue_catalog_table_2.yaml index cd6f972ee..3b80acae6 100755 --- a/queries/aws_glue_catalog_table_2.yaml +++ b/queries/aws_glue_catalog_table_2.yaml @@ -1,7 +1,7 @@ ID: aws_glue_catalog_table_2 Title: "List all AWS Glue Catalog Tables and Metadata" Description: "Allows users to query AWS Glue Catalog Tables for a comprehensive overview of table metadata, including table names, database names, owner information, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_catalog_table_2.yaml.bak b/queries/aws_glue_catalog_table_2.yaml.bak new file mode 100755 index 000000000..cd6f972ee --- /dev/null +++ b/queries/aws_glue_catalog_table_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_glue_catalog_table_2 +Title: "List all AWS Glue Catalog Tables and Metadata" +Description: "Allows users to query AWS Glue Catalog Tables for a comprehensive overview of table metadata, including table names, database names, owner information, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + catalog_id, + count(name) as table_count + from + aws_glue_catalog_table + group by + catalog_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue Catalog diff --git a/queries/aws_glue_catalog_table_3.yaml b/queries/aws_glue_catalog_table_3.yaml index 57b9b5ece..b1f0cd30b 100755 --- a/queries/aws_glue_catalog_table_3.yaml +++ b/queries/aws_glue_catalog_table_3.yaml @@ -1,7 +1,7 @@ ID: aws_glue_catalog_table_3 Title: "List all AWS Glue Catalog Tables with metadata" Description: "Allows users to query AWS Glue Catalog Tables for a comprehensive overview of table metadata, including table names, database names, owner information, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_catalog_table_3.yaml.bak b/queries/aws_glue_catalog_table_3.yaml.bak new file mode 100755 index 000000000..57b9b5ece --- /dev/null +++ b/queries/aws_glue_catalog_table_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_glue_catalog_table_3 +Title: "List all AWS Glue Catalog Tables with metadata" +Description: "Allows users to query AWS Glue Catalog Tables for a comprehensive overview of table metadata, including table names, database names, owner information, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + catalog_id, + create_time, + description, + retention + from + aws_glue_catalog_table + where + retention < 30; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_connection_1.yaml b/queries/aws_glue_connection_1.yaml index c57c2e183..4a8de4c54 100755 --- a/queries/aws_glue_connection_1.yaml +++ b/queries/aws_glue_connection_1.yaml @@ -1,7 +1,7 @@ ID: aws_glue_connection_1 Title: "List all AWS Glue Connections with Details" Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_connection_1.yaml.bak b/queries/aws_glue_connection_1.yaml.bak new file mode 100755 index 000000000..c57c2e183 --- /dev/null +++ b/queries/aws_glue_connection_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_glue_connection_1 +Title: "List all AWS Glue Connections with Details" +Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + connection_type, + creation_time, + description, + region + from + aws_glue_connection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_connection_2.yaml b/queries/aws_glue_connection_2.yaml index aaeb648a3..4a646b2e0 100755 --- a/queries/aws_glue_connection_2.yaml +++ b/queries/aws_glue_connection_2.yaml @@ -1,7 +1,7 @@ ID: aws_glue_connection_2 Title: "List all SQL Queryable AWS Glue Connections" Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_connection_2.yaml.bak b/queries/aws_glue_connection_2.yaml.bak new file mode 100755 index 000000000..aaeb648a3 --- /dev/null +++ b/queries/aws_glue_connection_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_glue_connection_2 +Title: "List all SQL Queryable AWS Glue Connections" +Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + connection_type, + connection_properties ->> 'JDBC_CONNECTION_URL' as connection_url, + connection_properties ->> 'JDBC_ENFORCE_SSL' as ssl_enabled, + creation_time + from + aws_glue_connection + where + connection_type = 'JDBC'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_connection_3.yaml b/queries/aws_glue_connection_3.yaml index 4234d1d29..6e6c3099a 100755 --- a/queries/aws_glue_connection_3.yaml +++ b/queries/aws_glue_connection_3.yaml @@ -1,7 +1,7 @@ ID: aws_glue_connection_3 Title: "List all AWS Glue Connections with JDBC not enforcing SSL" Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_connection_3.yaml.bak b/queries/aws_glue_connection_3.yaml.bak new file mode 100755 index 000000000..6e6c3099a --- /dev/null +++ b/queries/aws_glue_connection_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_glue_connection_3 +Title: "List all AWS Glue Connections with JDBC not enforcing SSL" +Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + connection_type, + connection_properties ->> 'CONNECTION_URL' as connection_url, + connection_properties ->> 'JDBC_ENFORCE_SSL' as ssl_enabled, + creation_time + from + aws_glue_connection + where + connection_type = 'JDBC' + and connection_properties ->> 'JDBC_ENFORCE_SSL' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_connection_3.yaml.bak.bak b/queries/aws_glue_connection_3.yaml.bak.bak new file mode 100755 index 000000000..6e6c3099a --- /dev/null +++ b/queries/aws_glue_connection_3.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_glue_connection_3 +Title: "List all AWS Glue Connections with JDBC not enforcing SSL" +Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + connection_type, + connection_properties ->> 'CONNECTION_URL' as connection_url, + connection_properties ->> 'JDBC_ENFORCE_SSL' as ssl_enabled, + creation_time + from + aws_glue_connection + where + connection_type = 'JDBC' + and connection_properties ->> 'JDBC_ENFORCE_SSL' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_connection_4.yaml b/queries/aws_glue_connection_4.yaml index a525fc401..ffb14a980 100755 --- a/queries/aws_glue_connection_4.yaml +++ b/queries/aws_glue_connection_4.yaml @@ -1,7 +1,7 @@ ID: aws_glue_connection_4 Title: "Find AWS Glue Connections Details" Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_connection_4.yaml.bak b/queries/aws_glue_connection_4.yaml.bak new file mode 100755 index 000000000..a525fc401 --- /dev/null +++ b/queries/aws_glue_connection_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_glue_connection_4 +Title: "Find AWS Glue Connections Details" +Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + c.name as connection_name, + s.vpc_id as vpc_id, + s.title as subnet_name, + physical_connection_requirements ->> 'SubnetId' as subnet_id, + physical_connection_requirements ->> 'AvailabilityZone' as availability_zone, + cidr_block, + physical_connection_requirements ->> 'SecurityGroupIdList' as security_group_ids + from + aws_glue_connection c + join aws_vpc_subnet s on physical_connection_requirements ->> 'SubnetId' = s.subnet_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_crawler_1.yaml b/queries/aws_glue_crawler_1.yaml index c2c962a34..eb682a9e8 100755 --- a/queries/aws_glue_crawler_1.yaml +++ b/queries/aws_glue_crawler_1.yaml @@ -1,7 +1,7 @@ ID: aws_glue_crawler_1 Title: "List all AWS Glue Crawlers and Their Essential Information" Description: "Allows users to query AWS Glue Crawlers and retrieve essential information about the crawler''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_crawler_1.yaml.bak b/queries/aws_glue_crawler_1.yaml.bak new file mode 100755 index 000000000..c2c962a34 --- /dev/null +++ b/queries/aws_glue_crawler_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_glue_crawler_1 +Title: "List all AWS Glue Crawlers and Their Essential Information" +Description: "Allows users to query AWS Glue Crawlers and retrieve essential information about the crawler''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + state, + database_name, + creation_time, + description, + recrawl_behavior + from + aws_glue_crawler; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_crawler_2.yaml b/queries/aws_glue_crawler_2.yaml index 9eb7ec041..f1d733c20 100755 --- a/queries/aws_glue_crawler_2.yaml +++ b/queries/aws_glue_crawler_2.yaml @@ -1,7 +1,7 @@ ID: aws_glue_crawler_2 Title: "List all AWS Glue Crawlers and Retrieve their Metadata" Description: "Allows users to query AWS Glue Crawlers and retrieve essential information about the crawler''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_crawler_2.yaml.bak b/queries/aws_glue_crawler_2.yaml.bak new file mode 100755 index 000000000..9eb7ec041 --- /dev/null +++ b/queries/aws_glue_crawler_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_glue_crawler_2 +Title: "List all AWS Glue Crawlers and Retrieve their Metadata" +Description: "Allows users to query AWS Glue Crawlers and retrieve essential information about the crawler''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + state, + database_name, + creation_time, + description, + recrawl_behavior + from + aws_glue_crawler + where + state = 'RUNNING'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_data_catalog_encryption_settings_1.yaml b/queries/aws_glue_data_catalog_encryption_settings_1.yaml index c491781a4..bac0b6d11 100755 --- a/queries/aws_glue_data_catalog_encryption_settings_1.yaml +++ b/queries/aws_glue_data_catalog_encryption_settings_1.yaml @@ -1,7 +1,7 @@ ID: aws_glue_data_catalog_encryption_settings_1 Title: "Find AWS Glue Data Catalog Encryption Settings" Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_data_catalog_encryption_settings_1.yaml.bak b/queries/aws_glue_data_catalog_encryption_settings_1.yaml.bak new file mode 100755 index 000000000..c491781a4 --- /dev/null +++ b/queries/aws_glue_data_catalog_encryption_settings_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_glue_data_catalog_encryption_settings_1 +Title: "Find AWS Glue Data Catalog Encryption Settings" +Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + encryption_at_rest, + connection_password_encryption, + region, + account_id + from + aws_glue_data_catalog_encryption_settings; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_data_catalog_encryption_settings_2.yaml b/queries/aws_glue_data_catalog_encryption_settings_2.yaml index 611537cd4..cf6649f7e 100755 --- a/queries/aws_glue_data_catalog_encryption_settings_2.yaml +++ b/queries/aws_glue_data_catalog_encryption_settings_2.yaml @@ -1,7 +1,7 @@ ID: aws_glue_data_catalog_encryption_settings_2 Title: "Find AWS Glue Data Catalog Encryption Settings" Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_data_catalog_encryption_settings_2.yaml.bak b/queries/aws_glue_data_catalog_encryption_settings_2.yaml.bak new file mode 100755 index 000000000..611537cd4 --- /dev/null +++ b/queries/aws_glue_data_catalog_encryption_settings_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_glue_data_catalog_encryption_settings_2 +Title: "Find AWS Glue Data Catalog Encryption Settings" +Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + encryption_at_rest, + connection_password_encryption, + region, + account_id + from + aws_glue_data_catalog_encryption_settings + where + encryption_at_rest ->> 'CatalogEncryptionMode' = 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue Data Catalog diff --git a/queries/aws_glue_data_catalog_encryption_settings_3.yaml b/queries/aws_glue_data_catalog_encryption_settings_3.yaml index 50043d01b..1300600fc 100755 --- a/queries/aws_glue_data_catalog_encryption_settings_3.yaml +++ b/queries/aws_glue_data_catalog_encryption_settings_3.yaml @@ -1,7 +1,7 @@ ID: aws_glue_data_catalog_encryption_settings_3 Title: "List all AWS Glue Data Catalog Encryption Settings" Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_data_catalog_encryption_settings_3.yaml.bak b/queries/aws_glue_data_catalog_encryption_settings_3.yaml.bak new file mode 100755 index 000000000..50043d01b --- /dev/null +++ b/queries/aws_glue_data_catalog_encryption_settings_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_glue_data_catalog_encryption_settings_3 +Title: "List all AWS Glue Data Catalog Encryption Settings" +Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + encryption_at_rest, + connection_password_encryption, + region, + account_id + from + aws_glue_data_catalog_encryption_settings + where + connection_password_encryption ->> 'ReturnConnectionPasswordEncrypted' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue Data Catalog diff --git a/queries/aws_glue_data_catalog_encryption_settings_4.yaml b/queries/aws_glue_data_catalog_encryption_settings_4.yaml index 523e28db8..c066346ad 100755 --- a/queries/aws_glue_data_catalog_encryption_settings_4.yaml +++ b/queries/aws_glue_data_catalog_encryption_settings_4.yaml @@ -1,7 +1,7 @@ ID: aws_glue_data_catalog_encryption_settings_4 Title: "Query AWS Glue Data Catalog Encryption Settings" Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_data_catalog_encryption_settings_4.yaml.bak b/queries/aws_glue_data_catalog_encryption_settings_4.yaml.bak new file mode 100755 index 000000000..523e28db8 --- /dev/null +++ b/queries/aws_glue_data_catalog_encryption_settings_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_glue_data_catalog_encryption_settings_4 +Title: "Query AWS Glue Data Catalog Encryption Settings" +Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + encryption_at_rest ->> 'SseAwsKmsKeyId' as key_arn, + k.key_manager as key_manager, + k.creation_date as key_creation_date, + s.region, + s.account_id + from + aws_glue_data_catalog_encryption_settings s + join aws_kms_key k on s.encryption_at_rest ->> 'SseAwsKmsKeyId' = k.arn + and s.region = k.region; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue Data Catalog diff --git a/queries/aws_glue_data_catalog_encryption_settings_5.yaml b/queries/aws_glue_data_catalog_encryption_settings_5.yaml index 815b1250f..f270e14a5 100755 --- a/queries/aws_glue_data_catalog_encryption_settings_5.yaml +++ b/queries/aws_glue_data_catalog_encryption_settings_5.yaml @@ -1,7 +1,7 @@ ID: aws_glue_data_catalog_encryption_settings_5 Title: "Find AWS Glue Data Catalog Encryption Settings" Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_data_catalog_encryption_settings_5.yaml.bak b/queries/aws_glue_data_catalog_encryption_settings_5.yaml.bak new file mode 100755 index 000000000..815b1250f --- /dev/null +++ b/queries/aws_glue_data_catalog_encryption_settings_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_glue_data_catalog_encryption_settings_5 +Title: "Find AWS Glue Data Catalog Encryption Settings" +Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + connection_password_encryption ->> 'AwsKmsKeyId' as key_arn, + k.key_manager as key_manager, + k.creation_date as key_creation_date, + s.region, + s.account_id + from + aws_glue_data_catalog_encryption_settings s + join aws_kms_key k on s.connection_password_encryption ->> 'AwsKmsKeyId' = k.arn + and s.region = k.region; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_data_quality_ruleset_1.yaml b/queries/aws_glue_data_quality_ruleset_1.yaml index 2616675c9..51d322dec 100755 --- a/queries/aws_glue_data_quality_ruleset_1.yaml +++ b/queries/aws_glue_data_quality_ruleset_1.yaml @@ -1,7 +1,7 @@ ID: aws_glue_data_quality_ruleset_1 Title: "List all AWS Glue Data Quality Rulesets" Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_data_quality_ruleset_1.yaml.bak b/queries/aws_glue_data_quality_ruleset_1.yaml.bak new file mode 100755 index 000000000..2616675c9 --- /dev/null +++ b/queries/aws_glue_data_quality_ruleset_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_glue_data_quality_ruleset_1 +Title: "List all AWS Glue Data Quality Rulesets" +Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + database_name, + table_name, + created_on, + description, + rule_set, + recommendation_run_id + from + aws_glue_data_quality_ruleset; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_data_quality_ruleset_2.yaml b/queries/aws_glue_data_quality_ruleset_2.yaml index 8ea563279..35512b20b 100755 --- a/queries/aws_glue_data_quality_ruleset_2.yaml +++ b/queries/aws_glue_data_quality_ruleset_2.yaml @@ -1,7 +1,7 @@ ID: aws_glue_data_quality_ruleset_2 Title: "Query AWS Glue Data Quality Rulesets" Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_data_quality_ruleset_2.yaml.bak b/queries/aws_glue_data_quality_ruleset_2.yaml.bak new file mode 100755 index 000000000..8ea563279 --- /dev/null +++ b/queries/aws_glue_data_quality_ruleset_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_glue_data_quality_ruleset_2 +Title: "Query AWS Glue Data Quality Rulesets" +Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + database_name, + table_name, + created_on, + description, + rule_set, + recommendation_run_id + from + aws_glue_data_quality_ruleset + where + created_on >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_data_quality_ruleset_3.yaml b/queries/aws_glue_data_quality_ruleset_3.yaml index d2a34447e..a0934d6a5 100755 --- a/queries/aws_glue_data_quality_ruleset_3.yaml +++ b/queries/aws_glue_data_quality_ruleset_3.yaml @@ -1,7 +1,7 @@ ID: aws_glue_data_quality_ruleset_3 Title: "List All AWS Glue Data Quality Rulesets by Database" Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_data_quality_ruleset_3.yaml.bak b/queries/aws_glue_data_quality_ruleset_3.yaml.bak new file mode 100755 index 000000000..d2a34447e --- /dev/null +++ b/queries/aws_glue_data_quality_ruleset_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_glue_data_quality_ruleset_3 +Title: "List All AWS Glue Data Quality Rulesets by Database" +Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + database_name, + count("name") as rulset_count + from + aws_glue_data_quality_ruleset + group by + database_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_data_quality_ruleset_4.yaml b/queries/aws_glue_data_quality_ruleset_4.yaml index 47e314081..22bc17d74 100755 --- a/queries/aws_glue_data_quality_ruleset_4.yaml +++ b/queries/aws_glue_data_quality_ruleset_4.yaml @@ -1,7 +1,7 @@ ID: aws_glue_data_quality_ruleset_4 Title: "List all Glue Data Quality Rulesets in AWS" Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_data_quality_ruleset_4.yaml.bak b/queries/aws_glue_data_quality_ruleset_4.yaml.bak new file mode 100755 index 000000000..47e314081 --- /dev/null +++ b/queries/aws_glue_data_quality_ruleset_4.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_glue_data_quality_ruleset_4 +Title: "List all Glue Data Quality Rulesets in AWS" +Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.name, + r.database_name, + d.catalog_id, + d.create_time as databse_create_time, + d.location_uri + from + aws_glue_data_quality_ruleset as r, + aws_glue_catalog_database as d + where + r.database_name = d.name + and + r.name = 'ruleset1'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_data_quality_ruleset_5.yaml b/queries/aws_glue_data_quality_ruleset_5.yaml index d624b5a37..4444e1fc9 100755 --- a/queries/aws_glue_data_quality_ruleset_5.yaml +++ b/queries/aws_glue_data_quality_ruleset_5.yaml @@ -1,7 +1,7 @@ ID: aws_glue_data_quality_ruleset_5 Title: "Find AWS Glue Data Quality Rulesets with Rule Count" Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_data_quality_ruleset_5.yaml.bak b/queries/aws_glue_data_quality_ruleset_5.yaml.bak new file mode 100755 index 000000000..d624b5a37 --- /dev/null +++ b/queries/aws_glue_data_quality_ruleset_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_glue_data_quality_ruleset_5 +Title: "Find AWS Glue Data Quality Rulesets with Rule Count" +Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + rule_count + from + aws_glue_data_quality_ruleset; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_dev_endpoint_1.yaml b/queries/aws_glue_dev_endpoint_1.yaml index 86dad1a8d..bacba9e1c 100755 --- a/queries/aws_glue_dev_endpoint_1.yaml +++ b/queries/aws_glue_dev_endpoint_1.yaml @@ -1,7 +1,7 @@ ID: aws_glue_dev_endpoint_1 Title: "List all AWS Glue Development Endpoints and Metadata" Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_dev_endpoint_1.yaml.bak b/queries/aws_glue_dev_endpoint_1.yaml.bak new file mode 100755 index 000000000..86dad1a8d --- /dev/null +++ b/queries/aws_glue_dev_endpoint_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_glue_dev_endpoint_1 +Title: "List all AWS Glue Development Endpoints and Metadata" +Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + endpoint_name, + status, + availability_zone, + created_timestamp, + extra_jars_s3_path, + glue_version, + private_address, + public_address + from + aws_glue_dev_endpoint; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_dev_endpoint_2.yaml b/queries/aws_glue_dev_endpoint_2.yaml index b2ca6806f..7207ebfe7 100755 --- a/queries/aws_glue_dev_endpoint_2.yaml +++ b/queries/aws_glue_dev_endpoint_2.yaml @@ -1,7 +1,7 @@ ID: aws_glue_dev_endpoint_2 Title: "Find all AWS Glue Development Endpoints with Metadata" Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_dev_endpoint_2.yaml.bak b/queries/aws_glue_dev_endpoint_2.yaml.bak new file mode 100755 index 000000000..7207ebfe7 --- /dev/null +++ b/queries/aws_glue_dev_endpoint_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_glue_dev_endpoint_2 +Title: "Find all AWS Glue Development Endpoints with Metadata" +Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + endpoint_name, + status, + created_timestamp, + extra_jars_s3_path, + glue_version, + private_address, + public_address + from + aws_glue_dev_endpoint + where + status <> 'READY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_dev_endpoint_2.yaml.bak.bak b/queries/aws_glue_dev_endpoint_2.yaml.bak.bak new file mode 100755 index 000000000..7207ebfe7 --- /dev/null +++ b/queries/aws_glue_dev_endpoint_2.yaml.bak.bak @@ -0,0 +1,32 @@ +ID: aws_glue_dev_endpoint_2 +Title: "Find all AWS Glue Development Endpoints with Metadata" +Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + endpoint_name, + status, + created_timestamp, + extra_jars_s3_path, + glue_version, + private_address, + public_address + from + aws_glue_dev_endpoint + where + status <> 'READY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_dev_endpoint_3.yaml b/queries/aws_glue_dev_endpoint_3.yaml index e2a4b091d..696542bd4 100755 --- a/queries/aws_glue_dev_endpoint_3.yaml +++ b/queries/aws_glue_dev_endpoint_3.yaml @@ -1,7 +1,7 @@ ID: aws_glue_dev_endpoint_3 Title: "List all AWS Glue Development Endpoints with Metadata" Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_dev_endpoint_3.yaml.bak b/queries/aws_glue_dev_endpoint_3.yaml.bak new file mode 100755 index 000000000..e2a4b091d --- /dev/null +++ b/queries/aws_glue_dev_endpoint_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_glue_dev_endpoint_3 +Title: "List all AWS Glue Development Endpoints with Metadata" +Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + status, + glue_version, + last_modified_timestamp + from + aws_glue_dev_endpoint + where + last_modified_timestamp >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue Development Endpoint diff --git a/queries/aws_glue_dev_endpoint_4.yaml b/queries/aws_glue_dev_endpoint_4.yaml index e3268b478..4b556a742 100755 --- a/queries/aws_glue_dev_endpoint_4.yaml +++ b/queries/aws_glue_dev_endpoint_4.yaml @@ -1,7 +1,7 @@ ID: aws_glue_dev_endpoint_4 Title: "List AWS Glue Development Endpoints and Configurations" Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_dev_endpoint_4.yaml.bak b/queries/aws_glue_dev_endpoint_4.yaml.bak new file mode 100755 index 000000000..e3268b478 --- /dev/null +++ b/queries/aws_glue_dev_endpoint_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_glue_dev_endpoint_4 +Title: "List AWS Glue Development Endpoints and Configurations" +Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + endpoint_name, + arn, + status, + glue_version, + created_timestamp + from + aws_glue_dev_endpoint + where + created_timestamp >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_dev_endpoint_5.yaml b/queries/aws_glue_dev_endpoint_5.yaml index 031d1ce0f..9d2224ddb 100755 --- a/queries/aws_glue_dev_endpoint_5.yaml +++ b/queries/aws_glue_dev_endpoint_5.yaml @@ -1,7 +1,7 @@ ID: aws_glue_dev_endpoint_5 Title: "Find AWS Glue Development Endpoints and Subnet Details" Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_dev_endpoint_5.yaml.bak b/queries/aws_glue_dev_endpoint_5.yaml.bak new file mode 100755 index 000000000..031d1ce0f --- /dev/null +++ b/queries/aws_glue_dev_endpoint_5.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_glue_dev_endpoint_5 +Title: "Find AWS Glue Development Endpoints and Subnet Details" +Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + e.endpoint_name, + s.availability_zone, + s.available_ip_address_count, + s.cidr_block, + s.default_for_az, + s.map_customer_owned_ip_on_launch, + s.map_public_ip_on_launch, + s.state + from + aws_glue_dev_endpoint as e, + aws_vpc_subnet as s + where + e.endpoint_name = 'test5' + and + e.subnet_id = s.subnet_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_dev_endpoint_6.yaml b/queries/aws_glue_dev_endpoint_6.yaml index cc4e446f3..39b2a22b8 100755 --- a/queries/aws_glue_dev_endpoint_6.yaml +++ b/queries/aws_glue_dev_endpoint_6.yaml @@ -1,7 +1,7 @@ ID: aws_glue_dev_endpoint_6 Title: "Find AWS Glue Development Endpoints Configurations and Metadata" Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_dev_endpoint_6.yaml.bak b/queries/aws_glue_dev_endpoint_6.yaml.bak new file mode 100755 index 000000000..cc4e446f3 --- /dev/null +++ b/queries/aws_glue_dev_endpoint_6.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_glue_dev_endpoint_6 +Title: "Find AWS Glue Development Endpoints Configurations and Metadata" +Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + e.endpoint_name, + split_part(j, '/', '3') as extra_jars_s3_bucket, + b.versioning_enabled, + b.policy, + b.object_lock_configuration, + b.restrict_public_buckets, + b.policy + from + aws_glue_dev_endpoint as e, + aws_s3_bucket as b, + unnest (string_to_array(e.extra_jars_s3_path, ',')) as j + where + b.name = split_part(j, '/', '3') + and + e.endpoint_name = 'test34'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_job_1.yaml b/queries/aws_glue_job_1.yaml index ee3b69768..5481a3b1d 100755 --- a/queries/aws_glue_job_1.yaml +++ b/queries/aws_glue_job_1.yaml @@ -1,7 +1,7 @@ ID: aws_glue_job_1 Title: "List AWS Glue Jobs with Details on Execution and Status" Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_job_1.yaml.bak b/queries/aws_glue_job_1.yaml.bak new file mode 100755 index 000000000..ee3b69768 --- /dev/null +++ b/queries/aws_glue_job_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_glue_job_1 +Title: "List AWS Glue Jobs with Details on Execution and Status" +Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_on, + description, + max_capacity, + number_of_workers, + region, + timeout + from + aws_glue_job; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_job_10.yaml b/queries/aws_glue_job_10.yaml index 70e7f75cd..a427bfb01 100755 --- a/queries/aws_glue_job_10.yaml +++ b/queries/aws_glue_job_10.yaml @@ -1,7 +1,7 @@ ID: aws_glue_job_10 Title: "Find AWS Glue Jobs Missing Encryption Type" Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_job_10.yaml.bak b/queries/aws_glue_job_10.yaml.bak new file mode 100755 index 000000000..a427bfb01 --- /dev/null +++ b/queries/aws_glue_job_10.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_glue_job_10 +Title: "Find AWS Glue Jobs Missing Encryption Type" +Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + created_on + region, + account_id, + default_arguments ->> '--encryption-type' as encryption_type + from + aws_glue_job + where + default_arguments ->> '--encryption-type' is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_job_10.yaml.bak.bak b/queries/aws_glue_job_10.yaml.bak.bak new file mode 100755 index 000000000..a427bfb01 --- /dev/null +++ b/queries/aws_glue_job_10.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_glue_job_10 +Title: "Find AWS Glue Jobs Missing Encryption Type" +Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + created_on + region, + account_id, + default_arguments ->> '--encryption-type' as encryption_type + from + aws_glue_job + where + default_arguments ->> '--encryption-type' is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_job_2.yaml b/queries/aws_glue_job_2.yaml index 8f8dee97e..589c767bb 100755 --- a/queries/aws_glue_job_2.yaml +++ b/queries/aws_glue_job_2.yaml @@ -1,7 +1,7 @@ ID: aws_glue_job_2 Title: "Find AWS Glue Jobs and Their Detailed Job Properties" Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_job_2.yaml.bak b/queries/aws_glue_job_2.yaml.bak new file mode 100755 index 000000000..8f8dee97e --- /dev/null +++ b/queries/aws_glue_job_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_glue_job_2 +Title: "Find AWS Glue Jobs and Their Detailed Job Properties" +Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + created_on, + connections -> 'Connections' as connections + from + aws_glue_job + where + connections is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_job_3.yaml b/queries/aws_glue_job_3.yaml index f158d6a85..810daaf59 100755 --- a/queries/aws_glue_job_3.yaml +++ b/queries/aws_glue_job_3.yaml @@ -1,7 +1,7 @@ ID: aws_glue_job_3 Title: "List all AWS Glue Jobs with detailed properties" Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_job_3.yaml.bak b/queries/aws_glue_job_3.yaml.bak new file mode 100755 index 000000000..f158d6a85 --- /dev/null +++ b/queries/aws_glue_job_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_glue_job_3 +Title: "List all AWS Glue Jobs with detailed properties" +Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + created_on, + job_bookmark ->> 'Attempt' as total_attempts, + job_bookmark ->> 'Run' as total_runs, + job_bookmark ->> 'RunId' as run_id + from + aws_glue_job + where + job_bookmark is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_job_4.yaml b/queries/aws_glue_job_4.yaml index 4e34f134b..6498fdb50 100755 --- a/queries/aws_glue_job_4.yaml +++ b/queries/aws_glue_job_4.yaml @@ -1,7 +1,7 @@ ID: aws_glue_job_4 Title: "Find all AWS Glue Jobs with Query Execution Detail" Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_job_4.yaml.bak b/queries/aws_glue_job_4.yaml.bak new file mode 100755 index 000000000..4e34f134b --- /dev/null +++ b/queries/aws_glue_job_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_glue_job_4 +Title: "Find all AWS Glue Jobs with Query Execution Detail" +Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + j.title, + j.arn, + j.created_on, + j.region, + j.account_id, + cloud_watch_encryption + from + aws_glue_job j + left join aws_glue_security_configuration s on j.security_configuration = s.name + where + cloud_watch_encryption is null or cloud_watch_encryption ->> 'CloudWatchEncryptionMode' = 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_job_5.yaml b/queries/aws_glue_job_5.yaml index 45d69ef12..3cc29f4b9 100755 --- a/queries/aws_glue_job_5.yaml +++ b/queries/aws_glue_job_5.yaml @@ -1,7 +1,7 @@ ID: aws_glue_job_5 Title: "List all AWS Glue Jobs Detailing Status and Properties" Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_job_5.yaml.bak b/queries/aws_glue_job_5.yaml.bak new file mode 100755 index 000000000..45d69ef12 --- /dev/null +++ b/queries/aws_glue_job_5.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_glue_job_5 +Title: "List all AWS Glue Jobs Detailing Status and Properties" +Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + j.title, + j.arn, + j.created_on, + j.region, + j.account_id, + job_bookmarks_encryption + from + aws_glue_job j + left join aws_glue_security_configuration s on j.security_configuration = s.name + where + job_bookmarks_encryption is null or job_bookmarks_encryption ->> 'JobBookmarksEncryptionMode' = 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_job_6.yaml b/queries/aws_glue_job_6.yaml index e296a6a3d..6158580ec 100755 --- a/queries/aws_glue_job_6.yaml +++ b/queries/aws_glue_job_6.yaml @@ -1,7 +1,7 @@ ID: aws_glue_job_6 Title: "Find all AWS Glue Jobs with Detailed Information" Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_job_6.yaml.bak b/queries/aws_glue_job_6.yaml.bak new file mode 100755 index 000000000..e296a6a3d --- /dev/null +++ b/queries/aws_glue_job_6.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_glue_job_6 +Title: "Find all AWS Glue Jobs with Detailed Information" +Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + j.title, + j.arn, + j.created_on, + j.region, + j.account_id, + e as s3_encryption + from + aws_glue_job j + left join aws_glue_security_configuration s on j.security_configuration = s.name, + jsonb_array_elements(s.s3_encryption) e + where + e is null or e ->> 'S3EncryptionMode' = 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_job_7.yaml b/queries/aws_glue_job_7.yaml index 461c5a912..709d00419 100755 --- a/queries/aws_glue_job_7.yaml +++ b/queries/aws_glue_job_7.yaml @@ -1,7 +1,7 @@ ID: aws_glue_job_7 Title: "List all AWS Glue Jobs with Continuous CloudWatch Logs Disabled" Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_job_7.yaml.bak b/queries/aws_glue_job_7.yaml.bak new file mode 100755 index 000000000..461c5a912 --- /dev/null +++ b/queries/aws_glue_job_7.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_glue_job_7 +Title: "List all AWS Glue Jobs with Continuous CloudWatch Logs Disabled" +Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + created_on + region, + account_id + from + aws_glue_job + where + default_arguments ->> '--enable-continuous-cloudwatch-log' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_job_8.yaml b/queries/aws_glue_job_8.yaml index 247de01eb..d6d0f88f7 100755 --- a/queries/aws_glue_job_8.yaml +++ b/queries/aws_glue_job_8.yaml @@ -1,7 +1,7 @@ ID: aws_glue_job_8 Title: "List AWS Glue Jobs with Detailed Properties and Status" Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_job_8.yaml.bak b/queries/aws_glue_job_8.yaml.bak new file mode 100755 index 000000000..247de01eb --- /dev/null +++ b/queries/aws_glue_job_8.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_glue_job_8 +Title: "List AWS Glue Jobs with Detailed Properties and Status" +Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + created_on + region, + account_id + from + aws_glue_job + where + default_arguments ->> '--enable-metrics' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Glue diff --git a/queries/aws_glue_job_9.yaml b/queries/aws_glue_job_9.yaml index 177c0e26e..ceb3a20e4 100755 --- a/queries/aws_glue_job_9.yaml +++ b/queries/aws_glue_job_9.yaml @@ -1,7 +1,7 @@ ID: aws_glue_job_9 Title: "List all AWS Glue Job Properties and Execution Details" Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_job_9.yaml.bak b/queries/aws_glue_job_9.yaml.bak new file mode 100755 index 000000000..177c0e26e --- /dev/null +++ b/queries/aws_glue_job_9.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_glue_job_9 +Title: "List all AWS Glue Job Properties and Execution Details" +Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + created_on, + command ->> 'Name' as script_name, + command ->> 'ScriptLocation' as script_location, + default_arguments ->> '--job-language' as job_language + from + aws_glue_job; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_security_configuration_1.yaml b/queries/aws_glue_security_configuration_1.yaml index 6debca620..1ed2c95d4 100755 --- a/queries/aws_glue_security_configuration_1.yaml +++ b/queries/aws_glue_security_configuration_1.yaml @@ -1,7 +1,7 @@ ID: aws_glue_security_configuration_1 Title: "Find AWS Glue Security Configurations and Insights" Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_security_configuration_1.yaml.bak b/queries/aws_glue_security_configuration_1.yaml.bak new file mode 100755 index 000000000..6debca620 --- /dev/null +++ b/queries/aws_glue_security_configuration_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_glue_security_configuration_1 +Title: "Find AWS Glue Security Configurations and Insights" +Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_time_stamp, + cloud_watch_encryption, + job_bookmarks_encryption, + s3_encryption + from + aws_glue_security_configuration; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_security_configuration_2.yaml b/queries/aws_glue_security_configuration_2.yaml index 882a981ec..842bb36cd 100755 --- a/queries/aws_glue_security_configuration_2.yaml +++ b/queries/aws_glue_security_configuration_2.yaml @@ -1,7 +1,7 @@ ID: aws_glue_security_configuration_2 Title: "Find AWS Glue Security Configurations with Encryption" Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_security_configuration_2.yaml.bak b/queries/aws_glue_security_configuration_2.yaml.bak new file mode 100755 index 000000000..882a981ec --- /dev/null +++ b/queries/aws_glue_security_configuration_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_glue_security_configuration_2 +Title: "Find AWS Glue Security Configurations with Encryption" +Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + cloud_watch_encryption ->> 'CloudWatchEncryptionMode' as encyption_mode, + cloud_watch_encryption ->> 'KmsKeyArn' as kms_key_arn + from + aws_glue_security_configuration + where + cloud_watch_encryption ->> 'CloudWatchEncryptionMode' != 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue Security diff --git a/queries/aws_glue_security_configuration_3.yaml b/queries/aws_glue_security_configuration_3.yaml index 3bac288b8..e83e5d5d6 100755 --- a/queries/aws_glue_security_configuration_3.yaml +++ b/queries/aws_glue_security_configuration_3.yaml @@ -1,7 +1,7 @@ ID: aws_glue_security_configuration_3 Title: "List all AWS Glue Security Configurations and Encryption Modes" Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_security_configuration_3.yaml.bak b/queries/aws_glue_security_configuration_3.yaml.bak new file mode 100755 index 000000000..3bac288b8 --- /dev/null +++ b/queries/aws_glue_security_configuration_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_glue_security_configuration_3 +Title: "List all AWS Glue Security Configurations and Encryption Modes" +Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + job_bookmarks_encryption ->> 'JobBookmarksEncryptionMode' as encyption_mode, + job_bookmarks_encryption ->> 'KmsKeyArn' as kms_key_arn + from + aws_glue_security_configuration + where + job_bookmarks_encryption ->> 'JobBookmarksEncryptionMode' != 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_glue_security_configuration_4.yaml b/queries/aws_glue_security_configuration_4.yaml index 7e652ffc1..10942fe16 100755 --- a/queries/aws_glue_security_configuration_4.yaml +++ b/queries/aws_glue_security_configuration_4.yaml @@ -1,7 +1,7 @@ ID: aws_glue_security_configuration_4 Title: "Find AWS Glue Security Configurations" Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_glue_security_configuration_4.yaml.bak b/queries/aws_glue_security_configuration_4.yaml.bak new file mode 100755 index 000000000..7e652ffc1 --- /dev/null +++ b/queries/aws_glue_security_configuration_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_glue_security_configuration_4 +Title: "Find AWS Glue Security Configurations" +Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + e ->> 'S3EncryptionMode' as encyption_mode, + e ->> 'KmsKeyArn' as kms_key_arn + from + aws_glue_security_configuration, + jsonb_array_elements(s3_encryption) e + where + e ->> 'S3EncryptionMode' != 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Glue diff --git a/queries/aws_guardduty_detector_1.yaml b/queries/aws_guardduty_detector_1.yaml index e52d8593e..0657a60e7 100755 --- a/queries/aws_guardduty_detector_1.yaml +++ b/queries/aws_guardduty_detector_1.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_detector_1 Title: "Find AWS GuardDuty Detector Details and Status" Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_detector_1.yaml.bak b/queries/aws_guardduty_detector_1.yaml.bak new file mode 100755 index 000000000..e52d8593e --- /dev/null +++ b/queries/aws_guardduty_detector_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_guardduty_detector_1 +Title: "Find AWS GuardDuty Detector Details and Status" +Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + detector_id, + arn, + created_at, + status, + service_role + from + aws_guardduty_detector; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_detector_2.yaml b/queries/aws_guardduty_detector_2.yaml index b77964160..9e6edb5ff 100755 --- a/queries/aws_guardduty_detector_2.yaml +++ b/queries/aws_guardduty_detector_2.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_detector_2 Title: "List all AWS GuardDuty Detectors and their Status" Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_detector_2.yaml.bak b/queries/aws_guardduty_detector_2.yaml.bak new file mode 100755 index 000000000..b77964160 --- /dev/null +++ b/queries/aws_guardduty_detector_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_guardduty_detector_2 +Title: "List all AWS GuardDuty Detectors and their Status" +Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + detector_id, + created_at, + status + from + aws_guardduty_detector + where + status = 'ENABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_detector_3.yaml b/queries/aws_guardduty_detector_3.yaml index 22fa8d658..3ae94404f 100755 --- a/queries/aws_guardduty_detector_3.yaml +++ b/queries/aws_guardduty_detector_3.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_detector_3 Title: "List all AWS GuardDuty Detector details and status" Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_detector_3.yaml.bak b/queries/aws_guardduty_detector_3.yaml.bak new file mode 100755 index 000000000..22fa8d658 --- /dev/null +++ b/queries/aws_guardduty_detector_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_guardduty_detector_3 +Title: "List all AWS GuardDuty Detector details and status" +Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + detector_id, + status as detector_status, + data_sources -> 'CloudTrail' ->> 'Status' as cloud_trail_status, + data_sources -> 'DNSLogs' ->> 'Status' as dns_logs_status, + data_sources -> 'FlowLogs' ->> 'Status' as flow_logs_status + from + aws_guardduty_detector; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_detector_4.yaml b/queries/aws_guardduty_detector_4.yaml index 113c2b5ea..b1778b000 100755 --- a/queries/aws_guardduty_detector_4.yaml +++ b/queries/aws_guardduty_detector_4.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_detector_4 Title: "Find AWS GuardDuty Detector with SQL" Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_detector_4.yaml.bak b/queries/aws_guardduty_detector_4.yaml.bak new file mode 100755 index 000000000..113c2b5ea --- /dev/null +++ b/queries/aws_guardduty_detector_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_guardduty_detector_4 +Title: "Find AWS GuardDuty Detector with SQL" +Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + detector_id, + master_account ->> 'AccountId' as master_account_id, + master_account ->> 'InvitationId' as invitation_id, + master_account ->> 'RelationshipStatus' as relationship_status + from + aws_guardduty_detector + where master_account is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_filter_1.yaml b/queries/aws_guardduty_filter_1.yaml index 6d4261617..876c31694 100755 --- a/queries/aws_guardduty_filter_1.yaml +++ b/queries/aws_guardduty_filter_1.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_filter_1 Title: "Find AWS GuardDuty Filters and Associated Metadata" Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_filter_1.yaml.bak b/queries/aws_guardduty_filter_1.yaml.bak new file mode 100755 index 000000000..6d4261617 --- /dev/null +++ b/queries/aws_guardduty_filter_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_guardduty_filter_1 +Title: "Find AWS GuardDuty Filters and Associated Metadata" +Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + detector_id, + action, + rank + from + aws_guardduty_filter; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_filter_2.yaml b/queries/aws_guardduty_filter_2.yaml index beb1f7053..900f5639d 100755 --- a/queries/aws_guardduty_filter_2.yaml +++ b/queries/aws_guardduty_filter_2.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_filter_2 Title: "Find AWS GuardDuty Filter Information with SQL" Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_filter_2.yaml.bak b/queries/aws_guardduty_filter_2.yaml.bak new file mode 100755 index 000000000..beb1f7053 --- /dev/null +++ b/queries/aws_guardduty_filter_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_guardduty_filter_2 +Title: "Find AWS GuardDuty Filter Information with SQL" +Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + detector_id, + action, + rank + from + aws_guardduty_filter + where + action = 'ARCHIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_filter_3.yaml b/queries/aws_guardduty_filter_3.yaml index 6cbe55c47..70fce00dd 100755 --- a/queries/aws_guardduty_filter_3.yaml +++ b/queries/aws_guardduty_filter_3.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_filter_3 Title: "Find AWS GuardDuty Filter Conditions, Actions, Metadata" Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_filter_3.yaml.bak b/queries/aws_guardduty_filter_3.yaml.bak new file mode 100755 index 000000000..6cbe55c47 --- /dev/null +++ b/queries/aws_guardduty_filter_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_guardduty_filter_3 +Title: "Find AWS GuardDuty Filter Conditions, Actions, Metadata" +Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + region, + detector_id, + action, + rank + from + aws_guardduty_filter + where + rank = 1; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_filter_4.yaml b/queries/aws_guardduty_filter_4.yaml index 24d34ba8e..6934295e8 100755 --- a/queries/aws_guardduty_filter_4.yaml +++ b/queries/aws_guardduty_filter_4.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_filter_4 Title: "Find AWS GuardDuty Filter Information using SQL" Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_filter_4.yaml.bak b/queries/aws_guardduty_filter_4.yaml.bak new file mode 100755 index 000000000..24d34ba8e --- /dev/null +++ b/queries/aws_guardduty_filter_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_guardduty_filter_4 +Title: "Find AWS GuardDuty Filter Information using SQL" +Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + jsonb_pretty(finding_criteria) as finding_criteria + from + aws_guardduty_filter + where + name = 'filter-1'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_filter_5.yaml b/queries/aws_guardduty_filter_5.yaml index 4d1f90f8b..1676232a5 100755 --- a/queries/aws_guardduty_filter_5.yaml +++ b/queries/aws_guardduty_filter_5.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_filter_5 Title: "List AWS GuardDuty Filters and Associated Metadata" Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_filter_5.yaml.bak b/queries/aws_guardduty_filter_5.yaml.bak new file mode 100755 index 000000000..4d1f90f8b --- /dev/null +++ b/queries/aws_guardduty_filter_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_guardduty_filter_5 +Title: "List AWS GuardDuty Filters and Associated Metadata" +Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + region, + detector_id, + count(name) + from + aws_guardduty_filter + group by + region, + detector_id + order by + count desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_finding_1.yaml b/queries/aws_guardduty_finding_1.yaml index 60d96d154..31ab7c553 100755 --- a/queries/aws_guardduty_finding_1.yaml +++ b/queries/aws_guardduty_finding_1.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_finding_1 Title: "Find all AWS GuardDuty Findings for Security Threats" Description: "Allows users to query AWS GuardDuty Findings to access detailed information about potential security threats or suspicious activities detected in their AWS environment." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_finding_1.yaml.bak b/queries/aws_guardduty_finding_1.yaml.bak new file mode 100755 index 000000000..60d96d154 --- /dev/null +++ b/queries/aws_guardduty_finding_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_guardduty_finding_1 +Title: "Find all AWS GuardDuty Findings for Security Threats" +Description: "Allows users to query AWS GuardDuty Findings to access detailed information about potential security threats or suspicious activities detected in their AWS environment." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + detector_id, + arn, + created_at + from + aws_guardduty_finding; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_finding_2.yaml b/queries/aws_guardduty_finding_2.yaml index c7970782c..eebea2f09 100755 --- a/queries/aws_guardduty_finding_2.yaml +++ b/queries/aws_guardduty_finding_2.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_finding_2 Title: "Find AWS GuardDuty Findings on Security Threats" Description: "Allows users to query AWS GuardDuty Findings to access detailed information about potential security threats or suspicious activities detected in their AWS environment." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_finding_2.yaml.bak b/queries/aws_guardduty_finding_2.yaml.bak new file mode 100755 index 000000000..c7970782c --- /dev/null +++ b/queries/aws_guardduty_finding_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_guardduty_finding_2 +Title: "Find AWS GuardDuty Findings on Security Threats" +Description: "Allows users to query AWS GuardDuty Findings to access detailed information about potential security threats or suspicious activities detected in their AWS environment." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + detector_id, + arn, + created_at + from + aws_guardduty_finding + where + service ->> 'Archived' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_ipset_1.yaml b/queries/aws_guardduty_ipset_1.yaml index 66c9b6d80..316c4ffae 100755 --- a/queries/aws_guardduty_ipset_1.yaml +++ b/queries/aws_guardduty_ipset_1.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_ipset_1 Title: "Find AWS GuardDuty IPSets with Details" Description: "Allows users to query AWS GuardDuty IPSet to retrieve information about the IPSet, such as the detector ID, IPSet ID, name, format, location, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_ipset_1.yaml.bak b/queries/aws_guardduty_ipset_1.yaml.bak new file mode 100755 index 000000000..66c9b6d80 --- /dev/null +++ b/queries/aws_guardduty_ipset_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_guardduty_ipset_1 +Title: "Find AWS GuardDuty IPSets with Details" +Description: "Allows users to query AWS GuardDuty IPSet to retrieve information about the IPSet, such as the detector ID, IPSet ID, name, format, location, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + detector_id, + ipset_id, + name, + format, + location + from + aws_guardduty_ipset; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_ipset_2.yaml b/queries/aws_guardduty_ipset_2.yaml index 5342c1423..d89598055 100755 --- a/queries/aws_guardduty_ipset_2.yaml +++ b/queries/aws_guardduty_ipset_2.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_ipset_2 Title: "List All Inactive IP Sets in AWS GuardDuty" Description: "Allows users to query AWS GuardDuty IPSet to retrieve information about the IPSet, such as the detector ID, IPSet ID, name, format, location, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_ipset_2.yaml.bak b/queries/aws_guardduty_ipset_2.yaml.bak new file mode 100755 index 000000000..5342c1423 --- /dev/null +++ b/queries/aws_guardduty_ipset_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_guardduty_ipset_2 +Title: "List All Inactive IP Sets in AWS GuardDuty" +Description: "Allows users to query AWS GuardDuty IPSet to retrieve information about the IPSet, such as the detector ID, IPSet ID, name, format, location, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + ipset_id, + name, + status + from + aws_guardduty_ipset + where + status = 'INACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_member_1.yaml b/queries/aws_guardduty_member_1.yaml index 98dff354b..0e1785fdf 100755 --- a/queries/aws_guardduty_member_1.yaml +++ b/queries/aws_guardduty_member_1.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_member_1 Title: "Find AWS GuardDuty Member Data, Details, and Status" Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_member_1.yaml.bak b/queries/aws_guardduty_member_1.yaml.bak new file mode 100755 index 000000000..98dff354b --- /dev/null +++ b/queries/aws_guardduty_member_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_guardduty_member_1 +Title: "Find AWS GuardDuty Member Data, Details, and Status" +Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + member_account_id, + detector_id, + invited_at, + relationship_status + from + aws_guardduty_member; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_member_2.yaml b/queries/aws_guardduty_member_2.yaml index 416bf4b02..3f90c6109 100755 --- a/queries/aws_guardduty_member_2.yaml +++ b/queries/aws_guardduty_member_2.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_member_2 Title: "Find AWS GuardDuty Member Account Details and Status" Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_member_2.yaml.bak b/queries/aws_guardduty_member_2.yaml.bak new file mode 100755 index 000000000..416bf4b02 --- /dev/null +++ b/queries/aws_guardduty_member_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_guardduty_member_2 +Title: "Find AWS GuardDuty Member Account Details and Status" +Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + member_account_id, + detector_id, + invited_at, + relationship_status + from + aws_guardduty_member + where + relationship_status = 'EmailVerificationFailed'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_member_3.yaml b/queries/aws_guardduty_member_3.yaml index 18e53025d..454d36dd6 100755 --- a/queries/aws_guardduty_member_3.yaml +++ b/queries/aws_guardduty_member_3.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_member_3 Title: "Find AWS GuardDuty Member Details" Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_member_3.yaml.bak b/queries/aws_guardduty_member_3.yaml.bak new file mode 100755 index 000000000..18e53025d --- /dev/null +++ b/queries/aws_guardduty_member_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_guardduty_member_3 +Title: "Find AWS GuardDuty Member Details" +Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + member_account_id, + detector_id, + invited_at, + relationship_status + from + aws_guardduty_member + where + invited_at is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_member_4.yaml b/queries/aws_guardduty_member_4.yaml index ca2fe80f5..da5967e95 100755 --- a/queries/aws_guardduty_member_4.yaml +++ b/queries/aws_guardduty_member_4.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_member_4 Title: "Find all AWS GuardDuty Member with details" Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_member_4.yaml.bak b/queries/aws_guardduty_member_4.yaml.bak new file mode 100755 index 000000000..da5967e95 --- /dev/null +++ b/queries/aws_guardduty_member_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_guardduty_member_4 +Title: "Find all AWS GuardDuty Member with details" +Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + member_account_id, + detector_id, + invited_at, + relationship_status + from + aws_guardduty_member + where + invited_at >= (now() - interval '10' day); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_member_4.yaml.bak.bak b/queries/aws_guardduty_member_4.yaml.bak.bak new file mode 100755 index 000000000..da5967e95 --- /dev/null +++ b/queries/aws_guardduty_member_4.yaml.bak.bak @@ -0,0 +1,31 @@ +ID: aws_guardduty_member_4 +Title: "Find all AWS GuardDuty Member with details" +Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + member_account_id, + detector_id, + invited_at, + relationship_status + from + aws_guardduty_member + where + invited_at >= (now() - interval '10' day); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_1.yaml b/queries/aws_guardduty_publishing_destination_1.yaml index b6d3178bc..219a76de8 100755 --- a/queries/aws_guardduty_publishing_destination_1.yaml +++ b/queries/aws_guardduty_publishing_destination_1.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_publishing_destination_1 Title: "List AWS GuardDuty Publishing Destinations Info" Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_publishing_destination_1.yaml.bak b/queries/aws_guardduty_publishing_destination_1.yaml.bak new file mode 100755 index 000000000..219a76de8 --- /dev/null +++ b/queries/aws_guardduty_publishing_destination_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_guardduty_publishing_destination_1 +Title: "List AWS GuardDuty Publishing Destinations Info" +Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + detector_id, + destination_id, + arn, + destination_arn, + status + from + aws_guardduty_publishing_destination; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_1.yaml.bak.bak b/queries/aws_guardduty_publishing_destination_1.yaml.bak.bak new file mode 100755 index 000000000..219a76de8 --- /dev/null +++ b/queries/aws_guardduty_publishing_destination_1.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_guardduty_publishing_destination_1 +Title: "List AWS GuardDuty Publishing Destinations Info" +Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + detector_id, + destination_id, + arn, + destination_arn, + status + from + aws_guardduty_publishing_destination; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_2.yaml b/queries/aws_guardduty_publishing_destination_2.yaml index 46c36ce87..72800c6fd 100755 --- a/queries/aws_guardduty_publishing_destination_2.yaml +++ b/queries/aws_guardduty_publishing_destination_2.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_publishing_destination_2 Title: "Find AWS GuardDuty Publishing Destinations" Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_publishing_destination_2.yaml.bak b/queries/aws_guardduty_publishing_destination_2.yaml.bak new file mode 100755 index 000000000..46c36ce87 --- /dev/null +++ b/queries/aws_guardduty_publishing_destination_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_guardduty_publishing_destination_2 +Title: "Find AWS GuardDuty Publishing Destinations" +Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + destination_id, + arn, + status + from + aws_guardduty_publishing_destination + where + status = 'PENDING_VERIFICATION'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_3.yaml b/queries/aws_guardduty_publishing_destination_3.yaml index be4b78787..60628178c 100755 --- a/queries/aws_guardduty_publishing_destination_3.yaml +++ b/queries/aws_guardduty_publishing_destination_3.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_publishing_destination_3 Title: "List All AWS GuardDuty Publishing Destinations" Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_publishing_destination_3.yaml.bak b/queries/aws_guardduty_publishing_destination_3.yaml.bak new file mode 100755 index 000000000..be4b78787 --- /dev/null +++ b/queries/aws_guardduty_publishing_destination_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_guardduty_publishing_destination_3 +Title: "List All AWS GuardDuty Publishing Destinations" +Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + destination_id, + kms_key_arn, + status, + destination_type + from + aws_guardduty_publishing_destination + where + kms_key_arn is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_4.yaml b/queries/aws_guardduty_publishing_destination_4.yaml index a1560cfc6..c3be9192f 100755 --- a/queries/aws_guardduty_publishing_destination_4.yaml +++ b/queries/aws_guardduty_publishing_destination_4.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_publishing_destination_4 Title: "List all AWS GuardDuty Publishing Destination Types" Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_publishing_destination_4.yaml.bak b/queries/aws_guardduty_publishing_destination_4.yaml.bak new file mode 100755 index 000000000..a1560cfc6 --- /dev/null +++ b/queries/aws_guardduty_publishing_destination_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_guardduty_publishing_destination_4 +Title: "List all AWS GuardDuty Publishing Destination Types" +Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + destination_type, + count(destination_id) + from + aws_guardduty_publishing_destination + group by + destination_type + order by + count desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_5.yaml b/queries/aws_guardduty_publishing_destination_5.yaml index c48bb58c2..f9162e94f 100755 --- a/queries/aws_guardduty_publishing_destination_5.yaml +++ b/queries/aws_guardduty_publishing_destination_5.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_publishing_destination_5 Title: "Find AWS GuardDuty Publishing Destinations" Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_publishing_destination_5.yaml.bak b/queries/aws_guardduty_publishing_destination_5.yaml.bak new file mode 100755 index 000000000..c48bb58c2 --- /dev/null +++ b/queries/aws_guardduty_publishing_destination_5.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_guardduty_publishing_destination_5 +Title: "Find AWS GuardDuty Publishing Destinations" +Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + d.destination_id, + d.destination_arn, + d.destination_type, + p ->> 'Sid' as sid, + p ->> 'Action' as policy_action, + p ->> 'Effect' as effect, + p -> 'Principal' ->> 'Service' as principal_service + from + aws_guardduty_publishing_destination as d, + aws_s3_bucket as s, + jsonb_array_elements(s.policy -> 'Statement') as p + where + d.destination_type = 'S3' + and + s.arn = d.destination_arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_6.yaml b/queries/aws_guardduty_publishing_destination_6.yaml index 4c1fba53d..ff4dfd823 100755 --- a/queries/aws_guardduty_publishing_destination_6.yaml +++ b/queries/aws_guardduty_publishing_destination_6.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_publishing_destination_6 Title: "Find all AWS GuardDuty Publishing Destinations" Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_publishing_destination_6.yaml.bak b/queries/aws_guardduty_publishing_destination_6.yaml.bak new file mode 100755 index 000000000..4c1fba53d --- /dev/null +++ b/queries/aws_guardduty_publishing_destination_6.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_guardduty_publishing_destination_6 +Title: "Find all AWS GuardDuty Publishing Destinations" +Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + d.destination_id, + p ->> 'Sid' as sid, + p ->> 'Action' as policy_action, + p ->> 'Effect' as effect, + p ->> 'Principal' as policy_principal, + p ->> 'Condition' as policy_condition + from + aws_guardduty_publishing_destination as d, + aws_kms_key as k, + jsonb_array_elements(k.policy -> 'Statement') as p + where + d.kms_key_arn is not null + and + k.arn = d.kms_key_arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_threat_intel_set_1.yaml b/queries/aws_guardduty_threat_intel_set_1.yaml index 5e94328e2..d8049a7c3 100755 --- a/queries/aws_guardduty_threat_intel_set_1.yaml +++ b/queries/aws_guardduty_threat_intel_set_1.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_threat_intel_set_1 Title: "Find AWS GuardDuty ThreatIntelSet Information" Description: "Allows users to query AWS GuardDuty ThreatIntelSet to fetch information about threat intelligence sets that are associated with a GuardDuty detector." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_threat_intel_set_1.yaml.bak b/queries/aws_guardduty_threat_intel_set_1.yaml.bak new file mode 100755 index 000000000..5e94328e2 --- /dev/null +++ b/queries/aws_guardduty_threat_intel_set_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_guardduty_threat_intel_set_1 +Title: "Find AWS GuardDuty ThreatIntelSet Information" +Description: "Allows users to query AWS GuardDuty ThreatIntelSet to fetch information about threat intelligence sets that are associated with a GuardDuty detector." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + detector_id, + threat_intel_set_id, + name, + format, + location + from + aws_guardduty_threat_intel_set; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_guardduty_threat_intel_set_2.yaml b/queries/aws_guardduty_threat_intel_set_2.yaml index 8259e9ba2..236e2cfe7 100755 --- a/queries/aws_guardduty_threat_intel_set_2.yaml +++ b/queries/aws_guardduty_threat_intel_set_2.yaml @@ -1,7 +1,7 @@ ID: aws_guardduty_threat_intel_set_2 Title: "Find all AWS GuardDuty ThreatIntelSet threat data" Description: "Allows users to query AWS GuardDuty ThreatIntelSet to fetch information about threat intelligence sets that are associated with a GuardDuty detector." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_guardduty_threat_intel_set_2.yaml.bak b/queries/aws_guardduty_threat_intel_set_2.yaml.bak new file mode 100755 index 000000000..8259e9ba2 --- /dev/null +++ b/queries/aws_guardduty_threat_intel_set_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_guardduty_threat_intel_set_2 +Title: "Find all AWS GuardDuty ThreatIntelSet threat data" +Description: "Allows users to query AWS GuardDuty ThreatIntelSet to fetch information about threat intelligence sets that are associated with a GuardDuty detector." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + threat_intel_set_id, + status + from + aws_guardduty_threat_intel_set + where + status = 'INACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - GuardDuty diff --git a/queries/aws_health_affected_entity_1.yaml b/queries/aws_health_affected_entity_1.yaml index 2b42b1dfb..fbf033941 100755 --- a/queries/aws_health_affected_entity_1.yaml +++ b/queries/aws_health_affected_entity_1.yaml @@ -1,7 +1,7 @@ ID: aws_health_affected_entity_1 Title: "Find Health Status of AWS Resources via SQL" Description: "Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` table provides comprehensive details about each entity affected by AWS Health events. It can be utilized to gain insights into the health status of AWS resources, allowing for proactive monitoring and maintenance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_health_affected_entity_1.yaml.bak b/queries/aws_health_affected_entity_1.yaml.bak new file mode 100755 index 000000000..2b42b1dfb --- /dev/null +++ b/queries/aws_health_affected_entity_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_health_affected_entity_1 +Title: "Find Health Status of AWS Resources via SQL" +Description: "Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` table provides comprehensive details about each entity affected by AWS Health events. It can be utilized to gain insights into the health status of AWS resources, allowing for proactive monitoring and maintenance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + entity_url, + entity_value, + event_arn, + last_updated_time, + status_code + from + aws_health_affected_entity; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Health diff --git a/queries/aws_health_affected_entity_2.yaml b/queries/aws_health_affected_entity_2.yaml index 675ea8a23..a9be864a1 100755 --- a/queries/aws_health_affected_entity_2.yaml +++ b/queries/aws_health_affected_entity_2.yaml @@ -1,7 +1,7 @@ ID: aws_health_affected_entity_2 Title: "List all AWS Health Affected Entities" Description: "Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` table provides comprehensive details about each entity affected by AWS Health events. It can be utilized to gain insights into the health status of AWS resources, allowing for proactive monitoring and maintenance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_health_affected_entity_2.yaml.bak b/queries/aws_health_affected_entity_2.yaml.bak new file mode 100755 index 000000000..675ea8a23 --- /dev/null +++ b/queries/aws_health_affected_entity_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_health_affected_entity_2 +Title: "List all AWS Health Affected Entities" +Description: "Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` table provides comprehensive details about each entity affected by AWS Health events. It can be utilized to gain insights into the health status of AWS resources, allowing for proactive monitoring and maintenance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + entity_url, + entity_value, + event_arn, + last_updated_time, + status_code + from + aws_health_affected_entity + where + status_code = 'UNIMPAIRED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Health diff --git a/queries/aws_health_affected_entity_3.yaml b/queries/aws_health_affected_entity_3.yaml index 765a0099a..e3de9af3c 100755 --- a/queries/aws_health_affected_entity_3.yaml +++ b/queries/aws_health_affected_entity_3.yaml @@ -1,7 +1,7 @@ ID: aws_health_affected_entity_3 Title: "List AWS Health Affected Entities with Detailed Insights" Description: "Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` table provides comprehensive details about each entity affected by AWS Health events. It can be utilized to gain insights into the health status of AWS resources, allowing for proactive monitoring and maintenance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_health_affected_entity_3.yaml.bak b/queries/aws_health_affected_entity_3.yaml.bak new file mode 100755 index 000000000..765a0099a --- /dev/null +++ b/queries/aws_health_affected_entity_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_health_affected_entity_3 +Title: "List AWS Health Affected Entities with Detailed Insights" +Description: "Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` table provides comprehensive details about each entity affected by AWS Health events. It can be utilized to gain insights into the health status of AWS resources, allowing for proactive monitoring and maintenance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + e.arn, + e.entity_url, + e.event_arn, + v.event_type_category, + v.event_type_code, + v.service + from + aws_health_affected_entity as e, + aws_health_event as v; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Health diff --git a/queries/aws_health_event_1.yaml b/queries/aws_health_event_1.yaml index 260d92bd0..e4c9f986f 100755 --- a/queries/aws_health_event_1.yaml +++ b/queries/aws_health_event_1.yaml @@ -1,7 +1,7 @@ ID: aws_health_event_1 Title: "Query AWS Health Events Affecting Services and Accounts" Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_health_event_1.yaml.bak b/queries/aws_health_event_1.yaml.bak new file mode 100755 index 000000000..260d92bd0 --- /dev/null +++ b/queries/aws_health_event_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_health_event_1 +Title: "Query AWS Health Events Affecting Services and Accounts" +Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + availability_zone, + start_time, + end_time, + event_type_category, + event_type_code, + event_scope_code, + service, + region + from + aws_health_event; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Health diff --git a/queries/aws_health_event_2.yaml b/queries/aws_health_event_2.yaml index 63a72ac83..518cb1aaa 100755 --- a/queries/aws_health_event_2.yaml +++ b/queries/aws_health_event_2.yaml @@ -1,7 +1,7 @@ ID: aws_health_event_2 Title: "" Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_health_event_2.yaml.bak b/queries/aws_health_event_2.yaml.bak new file mode 100755 index 000000000..63a72ac83 --- /dev/null +++ b/queries/aws_health_event_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_health_event_2 +Title: "" +Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + start_time, + end_time, + event_type_category, + event_type_code, + event_scope_code, + status_code, + service + from + aws_health_event + where + status_code = 'upcoming'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: {} diff --git a/queries/aws_health_event_3.yaml b/queries/aws_health_event_3.yaml index 4ddc38000..2ea1b5731 100755 --- a/queries/aws_health_event_3.yaml +++ b/queries/aws_health_event_3.yaml @@ -1,7 +1,7 @@ ID: aws_health_event_3 Title: "Find AWS Health Events Affecting Services and Accounts" Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_health_event_3.yaml.bak b/queries/aws_health_event_3.yaml.bak new file mode 100755 index 000000000..4ddc38000 --- /dev/null +++ b/queries/aws_health_event_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_health_event_3 +Title: "Find AWS Health Events Affecting Services and Accounts" +Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + start_time, + end_time, + event_type_category, + event_type_code, + event_scope_code, + status_code, + service + from + aws_health_event + where + service = 'EC2'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Health Events diff --git a/queries/aws_health_event_4.yaml b/queries/aws_health_event_4.yaml index 4de91ec33..db872adc7 100755 --- a/queries/aws_health_event_4.yaml +++ b/queries/aws_health_event_4.yaml @@ -1,7 +1,7 @@ ID: aws_health_event_4 Title: "List all AWS Health Events affecting services and accounts" Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_health_event_4.yaml.bak b/queries/aws_health_event_4.yaml.bak new file mode 100755 index 000000000..4de91ec33 --- /dev/null +++ b/queries/aws_health_event_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_health_event_4 +Title: "List all AWS Health Events affecting services and accounts" +Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + availability_zone, + start_time, + end_time, + event_type_category, + event_type_code, + event_scope_code, + status_code, + service + from + aws_health_event + where + availability_zone = 'us-east-1a'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Health diff --git a/queries/aws_iam_access_advisor_1.yaml b/queries/aws_iam_access_advisor_1.yaml index acaf28de6..de55f71e7 100755 --- a/queries/aws_iam_access_advisor_1.yaml +++ b/queries/aws_iam_access_advisor_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_access_advisor_1 Title: "Find AWS IAM Access Info via SQL Query" Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_access_advisor_1.yaml.bak b/queries/aws_iam_access_advisor_1.yaml.bak new file mode 100755 index 000000000..acaf28de6 --- /dev/null +++ b/queries/aws_iam_access_advisor_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_iam_access_advisor_1 +Title: "Find AWS IAM Access Info via SQL Query" +Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + principal_arn, + service_name, + last_authenticated, + age(last_authenticated::date) + from + aws_iam_access_advisor + where + principal_arn = 'arn:aws:iam::123456789123:user/john' + and last_authenticated is not null + order by + age asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Access Advisor diff --git a/queries/aws_iam_access_advisor_2.yaml b/queries/aws_iam_access_advisor_2.yaml index bf24f7418..8f733a5ed 100755 --- a/queries/aws_iam_access_advisor_2.yaml +++ b/queries/aws_iam_access_advisor_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_access_advisor_2 Title: "List all AWS IAM entities with no recent service access" Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_access_advisor_2.yaml.bak b/queries/aws_iam_access_advisor_2.yaml.bak new file mode 100755 index 000000000..8f733a5ed --- /dev/null +++ b/queries/aws_iam_access_advisor_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iam_access_advisor_2 +Title: "List all AWS IAM entities with no recent service access" +Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + principal_arn, + service_name + from + aws_iam_access_advisor + where + principal_arn = 'arn:aws:iam::123456789123:role/turbot/admin' + and last_authenticated is null + order by + service_name + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Access Advisor diff --git a/queries/aws_iam_access_advisor_2.yaml.bak.bak b/queries/aws_iam_access_advisor_2.yaml.bak.bak new file mode 100755 index 000000000..8f733a5ed --- /dev/null +++ b/queries/aws_iam_access_advisor_2.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_iam_access_advisor_2 +Title: "List all AWS IAM entities with no recent service access" +Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + principal_arn, + service_name + from + aws_iam_access_advisor + where + principal_arn = 'arn:aws:iam::123456789123:role/turbot/admin' + and last_authenticated is null + order by + service_name + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Access Advisor diff --git a/queries/aws_iam_access_advisor_3.yaml b/queries/aws_iam_access_advisor_3.yaml index f7147210a..3d63a35ce 100755 --- a/queries/aws_iam_access_advisor_3.yaml +++ b/queries/aws_iam_access_advisor_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_access_advisor_3 Title: "Find AWS IAM Access Advisor Info for Service Access Data" Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_access_advisor_3.yaml.bak b/queries/aws_iam_access_advisor_3.yaml.bak new file mode 100755 index 000000000..f7147210a --- /dev/null +++ b/queries/aws_iam_access_advisor_3.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_iam_access_advisor_3 +Title: "Find AWS IAM Access Advisor Info for Service Access Data" +Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + principal_arn, + service_name, + last_authenticated, + age(last_authenticated::date), + last_authenticated_entity, + last_authenticated_region + from + aws_iam_access_advisor + where + principal_arn = 'arn:aws:iam::aws:policy/AdministratorAccess' + and last_authenticated is not null + order by + age asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Access Advisor diff --git a/queries/aws_iam_access_advisor_4.yaml b/queries/aws_iam_access_advisor_4.yaml index cbe94f006..ee351f7fc 100755 --- a/queries/aws_iam_access_advisor_4.yaml +++ b/queries/aws_iam_access_advisor_4.yaml @@ -1,7 +1,7 @@ ID: aws_iam_access_advisor_4 Title: "Find AWS IAM Access Advisor Data for User Entities" Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_access_advisor_4.yaml.bak b/queries/aws_iam_access_advisor_4.yaml.bak new file mode 100755 index 000000000..cbe94f006 --- /dev/null +++ b/queries/aws_iam_access_advisor_4.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_iam_access_advisor_4 +Title: "Find AWS IAM Access Advisor Data for User Entities" +Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + adv.service_name, + action as action_granted, + attached as granted_in, + adv.service_namespace + from + aws_iam_access_advisor as adv, + aws_iam_role as r, + jsonb_array_elements_text(r.attached_policy_arns) as attached, + aws_iam_policy as p, + jsonb_array_elements(p.policy_std -> 'Statement') as stmt, + jsonb_array_elements_text(stmt -> 'Action') as action + where + principal_arn = 'arn:aws:iam::123456789123:role/turbot/admin' + and r.arn = adv.principal_arn + and last_authenticated is null + and attached = p.arn + and stmt ->> 'Effect' = 'Allow' + and action like adv.service_namespace || ':%' + order by + adv.service_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_access_advisor_5.yaml b/queries/aws_iam_access_advisor_5.yaml index 1e2bbfa1c..49822ffcb 100755 --- a/queries/aws_iam_access_advisor_5.yaml +++ b/queries/aws_iam_access_advisor_5.yaml @@ -1,7 +1,7 @@ ID: aws_iam_access_advisor_5 Title: "Find All AWS IAM Access Advisor Last Access Data" Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_access_advisor_5.yaml.bak b/queries/aws_iam_access_advisor_5.yaml.bak new file mode 100755 index 000000000..1e2bbfa1c --- /dev/null +++ b/queries/aws_iam_access_advisor_5.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_iam_access_advisor_5 +Title: "Find All AWS IAM Access Advisor Last Access Data" +Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + principal_arn, + service_name, + last_authenticated, + age(last_authenticated::date), + a ->> 'ActionName' as action_name, + a ->> 'LastAccessedEntity' as action_last_accessed_entity, + a ->> 'LastAccessedRegion' as action_last_accessed_region, + a ->> 'LastAccessedTime' as action_last_accessed_time + from + aws_iam_access_advisor, + jsonb_array_elements(tracked_actions_last_accessed) as a + where + principal_arn = 'arn:aws:iam::123456789123:user/jane' + and last_authenticated is not null + and service_namespace = 's3' + order by + age asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Access Advisor diff --git a/queries/aws_iam_access_advisor_6.yaml b/queries/aws_iam_access_advisor_6.yaml index bdc559904..dc257809a 100755 --- a/queries/aws_iam_access_advisor_6.yaml +++ b/queries/aws_iam_access_advisor_6.yaml @@ -1,7 +1,7 @@ ID: aws_iam_access_advisor_6 Title: "List IAM Access Advisor Data for AWS Entities" Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_access_advisor_6.yaml.bak b/queries/aws_iam_access_advisor_6.yaml.bak new file mode 100755 index 000000000..bdc559904 --- /dev/null +++ b/queries/aws_iam_access_advisor_6.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_iam_access_advisor_6 +Title: "List IAM Access Advisor Data for AWS Entities" +Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + principal_arn, + service_name + from + aws_iam_user as u, + aws_iam_access_advisor as adv + where + adv.principal_arn = u.arn + and last_authenticated is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Access Advisor diff --git a/queries/aws_iam_access_key_1.yaml b/queries/aws_iam_access_key_1.yaml index c09a80d57..dffdeb6d3 100755 --- a/queries/aws_iam_access_key_1.yaml +++ b/queries/aws_iam_access_key_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_access_key_1 Title: "Find AWS IAM User Access Keys Details" Description: "Allows users to query IAM Access Keys in AWS to obtain details about the access keys associated with an IAM user. This includes the access key ID, status, creation date, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_access_key_1.yaml.bak b/queries/aws_iam_access_key_1.yaml.bak new file mode 100755 index 000000000..c09a80d57 --- /dev/null +++ b/queries/aws_iam_access_key_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_iam_access_key_1 +Title: "Find AWS IAM User Access Keys Details" +Description: "Allows users to query IAM Access Keys in AWS to obtain details about the access keys associated with an IAM user. This includes the access key ID, status, creation date, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + access_key_id, + user_name, + create_date + from + aws_iam_access_key; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_access_key_2.yaml b/queries/aws_iam_access_key_2.yaml index 50ed18c1e..732adb688 100755 --- a/queries/aws_iam_access_key_2.yaml +++ b/queries/aws_iam_access_key_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_access_key_2 Title: "Find Inactive IAM Access Keys with AWS via SQL" Description: "Allows users to query IAM Access Keys in AWS to obtain details about the access keys associated with an IAM user. This includes the access key ID, status, creation date, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_access_key_2.yaml.bak b/queries/aws_iam_access_key_2.yaml.bak new file mode 100755 index 000000000..50ed18c1e --- /dev/null +++ b/queries/aws_iam_access_key_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_iam_access_key_2 +Title: "Find Inactive IAM Access Keys with AWS via SQL" +Description: "Allows users to query IAM Access Keys in AWS to obtain details about the access keys associated with an IAM user. This includes the access key ID, status, creation date, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + access_key_id, + user_name, + status + from + aws_iam_access_key + where + status = 'Inactive'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_access_key_3.yaml b/queries/aws_iam_access_key_3.yaml index 5d5be57b4..45475ea12 100755 --- a/queries/aws_iam_access_key_3.yaml +++ b/queries/aws_iam_access_key_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_access_key_3 Title: "List all AWS IAM Access Keys with User Details" Description: "Allows users to query IAM Access Keys in AWS to obtain details about the access keys associated with an IAM user. This includes the access key ID, status, creation date, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_access_key_3.yaml.bak b/queries/aws_iam_access_key_3.yaml.bak new file mode 100755 index 000000000..5d5be57b4 --- /dev/null +++ b/queries/aws_iam_access_key_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_iam_access_key_3 +Title: "List all AWS IAM Access Keys with User Details" +Description: "Allows users to query IAM Access Keys in AWS to obtain details about the access keys associated with an IAM user. This includes the access key ID, status, creation date, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + user_name, + count (access_key_id) as access_key_count + from + aws_iam_access_key + group by + user_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Access Keys diff --git a/queries/aws_iam_account_password_policy_1.yaml b/queries/aws_iam_account_password_policy_1.yaml index 78540d28d..a587fa293 100755 --- a/queries/aws_iam_account_password_policy_1.yaml +++ b/queries/aws_iam_account_password_policy_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_account_password_policy_1 Title: "Find AWS IAM Account Password Policy Details" Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_account_password_policy_1.yaml.bak b/queries/aws_iam_account_password_policy_1.yaml.bak new file mode 100755 index 000000000..78540d28d --- /dev/null +++ b/queries/aws_iam_account_password_policy_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_iam_account_password_policy_1 +Title: "Find AWS IAM Account Password Policy Details" +Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + allow_users_to_change_password, + expire_passwords, + hard_expiry, + max_password_age, + minimum_password_length, + password_reuse_prevention, + require_lowercase_characters, + require_numbers, + require_symbols, + require_uppercase_characters + from + aws_iam_account_password_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_account_password_policy_2.yaml b/queries/aws_iam_account_password_policy_2.yaml index 5ad888dc4..e5f3f64d4 100755 --- a/queries/aws_iam_account_password_policy_2.yaml +++ b/queries/aws_iam_account_password_policy_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_account_password_policy_2 Title: "Find AWS IAM Account Password Policy Requirements" Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_account_password_policy_2.yaml.bak b/queries/aws_iam_account_password_policy_2.yaml.bak new file mode 100755 index 000000000..5ad888dc4 --- /dev/null +++ b/queries/aws_iam_account_password_policy_2.yaml.bak @@ -0,0 +1,22 @@ +ID: aws_iam_account_password_policy_2 +Title: "Find AWS IAM Account Password Policy Requirements" +Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + require_uppercase_characters + from + aws_iam_account_password_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_account_password_policy_3.yaml b/queries/aws_iam_account_password_policy_3.yaml index bea21892f..1020bfc6c 100755 --- a/queries/aws_iam_account_password_policy_3.yaml +++ b/queries/aws_iam_account_password_policy_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_account_password_policy_3 Title: "Find AWS IAM Account Password Policy Details" Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_account_password_policy_3.yaml.bak b/queries/aws_iam_account_password_policy_3.yaml.bak new file mode 100755 index 000000000..bea21892f --- /dev/null +++ b/queries/aws_iam_account_password_policy_3.yaml.bak @@ -0,0 +1,22 @@ +ID: aws_iam_account_password_policy_3 +Title: "Find AWS IAM Account Password Policy Details" +Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + require_lowercase_characters + from + aws_iam_account_password_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_account_password_policy_4.yaml b/queries/aws_iam_account_password_policy_4.yaml index 2bda251a3..cdcb5cda0 100755 --- a/queries/aws_iam_account_password_policy_4.yaml +++ b/queries/aws_iam_account_password_policy_4.yaml @@ -1,7 +1,7 @@ ID: aws_iam_account_password_policy_4 Title: "Find AWS IAM Account Password Policy Requirements" Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_account_password_policy_4.yaml.bak b/queries/aws_iam_account_password_policy_4.yaml.bak new file mode 100755 index 000000000..2bda251a3 --- /dev/null +++ b/queries/aws_iam_account_password_policy_4.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_iam_account_password_policy_4 +Title: "Find AWS IAM Account Password Policy Requirements" +Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + require_symbols + from + aws_iam_account_password_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Account Password Policies diff --git a/queries/aws_iam_account_password_policy_5.yaml b/queries/aws_iam_account_password_policy_5.yaml index 865be5e48..65166b256 100755 --- a/queries/aws_iam_account_password_policy_5.yaml +++ b/queries/aws_iam_account_password_policy_5.yaml @@ -1,7 +1,7 @@ ID: aws_iam_account_password_policy_5 Title: "List AWS IAM Account Password Policies with SQL" Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_account_password_policy_5.yaml.bak b/queries/aws_iam_account_password_policy_5.yaml.bak new file mode 100755 index 000000000..865be5e48 --- /dev/null +++ b/queries/aws_iam_account_password_policy_5.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_iam_account_password_policy_5 +Title: "List AWS IAM Account Password Policies with SQL" +Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + require_numbers + from + aws_iam_account_password_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_account_password_policy_6.yaml b/queries/aws_iam_account_password_policy_6.yaml index 4f33ebad4..06e80de49 100755 --- a/queries/aws_iam_account_password_policy_6.yaml +++ b/queries/aws_iam_account_password_policy_6.yaml @@ -1,7 +1,7 @@ ID: aws_iam_account_password_policy_6 Title: "Find AWS IAM Account Password Policies Details" Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_account_password_policy_6.yaml.bak b/queries/aws_iam_account_password_policy_6.yaml.bak new file mode 100755 index 000000000..4f33ebad4 --- /dev/null +++ b/queries/aws_iam_account_password_policy_6.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_iam_account_password_policy_6 +Title: "Find AWS IAM Account Password Policies Details" +Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + minimum_password_length >= 14 + from + aws_iam_account_password_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_account_password_policy_7.yaml b/queries/aws_iam_account_password_policy_7.yaml index c4ce08dae..f969b9c6e 100755 --- a/queries/aws_iam_account_password_policy_7.yaml +++ b/queries/aws_iam_account_password_policy_7.yaml @@ -1,7 +1,7 @@ ID: aws_iam_account_password_policy_7 Title: "Find AWS IAM Account Password Policies with SQL" Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_account_password_policy_7.yaml.bak b/queries/aws_iam_account_password_policy_7.yaml.bak new file mode 100755 index 000000000..c4ce08dae --- /dev/null +++ b/queries/aws_iam_account_password_policy_7.yaml.bak @@ -0,0 +1,22 @@ +ID: aws_iam_account_password_policy_7 +Title: "Find AWS IAM Account Password Policies with SQL" +Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + password_reuse_prevention + from + aws_iam_account_password_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_account_password_policy_8.yaml b/queries/aws_iam_account_password_policy_8.yaml index 6caad373c..f1cf7d43c 100755 --- a/queries/aws_iam_account_password_policy_8.yaml +++ b/queries/aws_iam_account_password_policy_8.yaml @@ -1,7 +1,7 @@ ID: aws_iam_account_password_policy_8 Title: "Find AWS IAM Account Password Policies" Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_account_password_policy_8.yaml.bak b/queries/aws_iam_account_password_policy_8.yaml.bak new file mode 100755 index 000000000..6caad373c --- /dev/null +++ b/queries/aws_iam_account_password_policy_8.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_iam_account_password_policy_8 +Title: "Find AWS IAM Account Password Policies" +Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + (expire_passwords and max_password_age <= 90) + from + aws_iam_account_password_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_account_summary_1.yaml b/queries/aws_iam_account_summary_1.yaml index f6a845eaa..d704c055f 100755 --- a/queries/aws_iam_account_summary_1.yaml +++ b/queries/aws_iam_account_summary_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_account_summary_1 Title: "List AWS IAM Account Summary Overview and Resource Usage" Description: "Allows users to query AWS IAM Account Summary to get a detailed overview of the account''s IAM usage and resource consumption." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_account_summary_1.yaml.bak b/queries/aws_iam_account_summary_1.yaml.bak new file mode 100755 index 000000000..f6a845eaa --- /dev/null +++ b/queries/aws_iam_account_summary_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_iam_account_summary_1 +Title: "List AWS IAM Account Summary Overview and Resource Usage" +Description: "Allows users to query AWS IAM Account Summary to get a detailed overview of the account''s IAM usage and resource consumption." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + * + from + aws_iam_account_summary; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_iam_account_summary_2.yaml b/queries/aws_iam_account_summary_2.yaml index 79847b28e..1831b1bcc 100755 --- a/queries/aws_iam_account_summary_2.yaml +++ b/queries/aws_iam_account_summary_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_account_summary_2 Title: "Find AWS IAM Account Summary with SQL Query" Description: "Allows users to query AWS IAM Account Summary to get a detailed overview of the account''s IAM usage and resource consumption." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_account_summary_2.yaml.bak b/queries/aws_iam_account_summary_2.yaml.bak new file mode 100755 index 000000000..79847b28e --- /dev/null +++ b/queries/aws_iam_account_summary_2.yaml.bak @@ -0,0 +1,22 @@ +ID: aws_iam_account_summary_2 +Title: "Find AWS IAM Account Summary with SQL Query" +Description: "Allows users to query AWS IAM Account Summary to get a detailed overview of the account''s IAM usage and resource consumption." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + account_mfa_enabled + from + aws_iam_account_summary; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_iam_account_summary_3.yaml b/queries/aws_iam_account_summary_3.yaml index 5810815a8..7fce3614f 100755 --- a/queries/aws_iam_account_summary_3.yaml +++ b/queries/aws_iam_account_summary_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_account_summary_3 Title: "Find AWS IAM Account Summary Details" Description: "Allows users to query AWS IAM Account Summary to get a detailed overview of the account''s IAM usage and resource consumption." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_account_summary_3.yaml.bak b/queries/aws_iam_account_summary_3.yaml.bak new file mode 100755 index 000000000..5810815a8 --- /dev/null +++ b/queries/aws_iam_account_summary_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_iam_account_summary_3 +Title: "Find AWS IAM Account Summary Details" +Description: "Allows users to query AWS IAM Account Summary to get a detailed overview of the account''s IAM usage and resource consumption." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + users, + groups, + roles, + policies + from + aws_iam_account_summary; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_action_1.yaml b/queries/aws_iam_action_1.yaml index 1ce25e18e..062f47772 100755 --- a/queries/aws_iam_action_1.yaml +++ b/queries/aws_iam_action_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_action_1 Title: "Find IAM Actions in AWS IAM with SQL" Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_action_1.yaml.bak b/queries/aws_iam_action_1.yaml.bak new file mode 100755 index 000000000..1ce25e18e --- /dev/null +++ b/queries/aws_iam_action_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_iam_action_1 +Title: "Find IAM Actions in AWS IAM with SQL" +Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + action, + description + from + aws_iam_action + where + prefix = 's3' + order by + action; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_iam_action_2.yaml b/queries/aws_iam_action_2.yaml index 396e38b9c..14538aa57 100755 --- a/queries/aws_iam_action_2.yaml +++ b/queries/aws_iam_action_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_action_2 Title: "Find all IAM Actions in AWS Identity and Access Management" Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_action_2.yaml.bak b/queries/aws_iam_action_2.yaml.bak new file mode 100755 index 000000000..396e38b9c --- /dev/null +++ b/queries/aws_iam_action_2.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_iam_action_2 +Title: "Find all IAM Actions in AWS Identity and Access Management" +Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + description + from + aws_iam_action + where + action = 's3:deleteobject'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_iam_action_3.yaml b/queries/aws_iam_action_3.yaml index ab737f329..04a3db4c7 100755 --- a/queries/aws_iam_action_3.yaml +++ b/queries/aws_iam_action_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_action_3 Title: "Find IAM Actions in AWS Identity and Access Management" Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_action_3.yaml.bak b/queries/aws_iam_action_3.yaml.bak new file mode 100755 index 000000000..ab737f329 --- /dev/null +++ b/queries/aws_iam_action_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_iam_action_3 +Title: "Find IAM Actions in AWS Identity and Access Management" +Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.action, + a.description + from + aws_iam_action as a, + glob('s3:d*') as action_name + where + a.action like action_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_iam_action_4.yaml b/queries/aws_iam_action_4.yaml index b3102702b..359307b63 100755 --- a/queries/aws_iam_action_4.yaml +++ b/queries/aws_iam_action_4.yaml @@ -1,7 +1,7 @@ ID: aws_iam_action_4 Title: "Find IAM Actions in AWS Identity and Access Management" Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_action_4.yaml.bak b/queries/aws_iam_action_4.yaml.bak new file mode 100755 index 000000000..b3102702b --- /dev/null +++ b/queries/aws_iam_action_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_iam_action_4 +Title: "Find IAM Actions in AWS Identity and Access Management" +Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.action, + a.access_level + from + aws_iam_policy p, + jsonb_array_elements(p.policy_std -> 'Statement') as stmt, + jsonb_array_elements_text(stmt -> 'Action') as action_glob, + glob(action_glob) as action_regex + join aws_iam_action a ON a.action LIKE action_regex + where + p.name = 'AmazonEC2ReadOnlyAccess' + and stmt ->> 'Effect' = 'Allow' + order by + a.action; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Identity and Access Management (IAM) diff --git a/queries/aws_iam_action_5.yaml b/queries/aws_iam_action_5.yaml index 501fd2774..b032da1ad 100755 --- a/queries/aws_iam_action_5.yaml +++ b/queries/aws_iam_action_5.yaml @@ -1,7 +1,7 @@ ID: aws_iam_action_5 Title: "Find AWS IAM Actions in AWS Identity and Access Management" Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_action_5.yaml.bak b/queries/aws_iam_action_5.yaml.bak new file mode 100755 index 000000000..501fd2774 --- /dev/null +++ b/queries/aws_iam_action_5.yaml.bak @@ -0,0 +1,40 @@ +ID: aws_iam_action_5 +Title: "Find AWS IAM Actions in AWS Identity and Access Management" +Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + f.name, + f.role, + a.action, + a.access_level, + a.description + from + aws_lambda_function as f, + aws_iam_role as r, + jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, + aws_iam_policy as p, + jsonb_array_elements(p.policy_std -> 'Statement') as stmt, + jsonb_array_elements_text(stmt -> 'Action') as action_glob, + glob(action_glob) as action_regex + join aws_iam_action a ON a.action LIKE action_regex + where + f.role = r.arn + and pol_arn = p.arn + and stmt ->> 'Effect' = 'Allow' + and f.name = 'hellopython'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_iam_credential_report_1.yaml b/queries/aws_iam_credential_report_1.yaml index 7d8389496..e869732a6 100755 --- a/queries/aws_iam_credential_report_1.yaml +++ b/queries/aws_iam_credential_report_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_credential_report_1 Title: "Find AWS IAM Credential Reports for Users with Activity" Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_credential_report_1.yaml.bak b/queries/aws_iam_credential_report_1.yaml.bak new file mode 100755 index 000000000..7d8389496 --- /dev/null +++ b/queries/aws_iam_credential_report_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_iam_credential_report_1 +Title: "Find AWS IAM Credential Reports for Users with Activity" +Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + user_name + from + aws_iam_credential_report + where + password_enabled + and password_last_used > (current_date - interval '90' day); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Identity and Access Management diff --git a/queries/aws_iam_credential_report_2.yaml b/queries/aws_iam_credential_report_2.yaml index e3ea4b89f..ccdb6c958 100755 --- a/queries/aws_iam_credential_report_2.yaml +++ b/queries/aws_iam_credential_report_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_credential_report_2 Title: "Find AWS IAM Credential Reports and User Statuses" Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_credential_report_2.yaml.bak b/queries/aws_iam_credential_report_2.yaml.bak new file mode 100755 index 000000000..e3ea4b89f --- /dev/null +++ b/queries/aws_iam_credential_report_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_iam_credential_report_2 +Title: "Find AWS IAM Credential Reports and User Statuses" +Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + user_name, + password_last_used, + age(password_last_used) + from + aws_iam_credential_report + where + password_enabled + and password_last_used <= (current_date - interval '90' day) + order by + password_last_used; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_credential_report_3.yaml b/queries/aws_iam_credential_report_3.yaml index eb5ee861a..7cee39cca 100755 --- a/queries/aws_iam_credential_report_3.yaml +++ b/queries/aws_iam_credential_report_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_credential_report_3 Title: "Find AWS IAM Users with Never Used Passwords" Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_credential_report_3.yaml.bak b/queries/aws_iam_credential_report_3.yaml.bak new file mode 100755 index 000000000..eb5ee861a --- /dev/null +++ b/queries/aws_iam_credential_report_3.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_iam_credential_report_3 +Title: "Find AWS IAM Users with Never Used Passwords" +Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + user_name + from + aws_iam_credential_report + where + password_status = 'never_used'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Credential Reports diff --git a/queries/aws_iam_credential_report_4.yaml b/queries/aws_iam_credential_report_4.yaml index dc100eb8a..9eaa99720 100755 --- a/queries/aws_iam_credential_report_4.yaml +++ b/queries/aws_iam_credential_report_4.yaml @@ -1,7 +1,7 @@ ID: aws_iam_credential_report_4 Title: "Find all AWS IAM Credential Reports for Key Rotation" Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_credential_report_4.yaml.bak b/queries/aws_iam_credential_report_4.yaml.bak new file mode 100755 index 000000000..dc100eb8a --- /dev/null +++ b/queries/aws_iam_credential_report_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_iam_credential_report_4 +Title: "Find all AWS IAM Credential Reports for Key Rotation" +Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + user_name, + access_key_1_last_rotated, + age(access_key_1_last_rotated) as access_key_1_age, + access_key_2_last_rotated, + age(access_key_2_last_rotated) as access_key_2_age + from + aws_iam_credential_report + where + access_key_1_last_rotated <= (current_date - interval '90' day) + or access_key_2_last_rotated <= (current_date - interval '90' day) + order by + user_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management (IAM) diff --git a/queries/aws_iam_credential_report_5.yaml b/queries/aws_iam_credential_report_5.yaml index 490b0d7f6..f93deb4c3 100755 --- a/queries/aws_iam_credential_report_5.yaml +++ b/queries/aws_iam_credential_report_5.yaml @@ -1,7 +1,7 @@ ID: aws_iam_credential_report_5 Title: "Find AWS IAM Users Without MFA and With Password Enabled" Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_credential_report_5.yaml.bak b/queries/aws_iam_credential_report_5.yaml.bak new file mode 100755 index 000000000..490b0d7f6 --- /dev/null +++ b/queries/aws_iam_credential_report_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_iam_credential_report_5 +Title: "Find AWS IAM Users Without MFA and With Password Enabled" +Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + user_name, + mfa_active, + password_enabled + from + aws_iam_credential_report + where + password_enabled + and not mfa_active; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Credential Report diff --git a/queries/aws_iam_credential_report_6.yaml b/queries/aws_iam_credential_report_6.yaml index c59318096..2e68ad6ef 100755 --- a/queries/aws_iam_credential_report_6.yaml +++ b/queries/aws_iam_credential_report_6.yaml @@ -1,7 +1,7 @@ ID: aws_iam_credential_report_6 Title: "List all AWS IAM users and their credential status" Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_credential_report_6.yaml.bak b/queries/aws_iam_credential_report_6.yaml.bak new file mode 100755 index 000000000..2e68ad6ef --- /dev/null +++ b/queries/aws_iam_credential_report_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_iam_credential_report_6 +Title: "List all AWS IAM users and their credential status" +Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + user_name, + mfa_active + from + aws_iam_credential_report + where + user_name = ''; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Credential Report diff --git a/queries/aws_iam_credential_report_6.yaml.bak.bak b/queries/aws_iam_credential_report_6.yaml.bak.bak new file mode 100755 index 000000000..2e68ad6ef --- /dev/null +++ b/queries/aws_iam_credential_report_6.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_iam_credential_report_6 +Title: "List all AWS IAM users and their credential status" +Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + user_name, + mfa_active + from + aws_iam_credential_report + where + user_name = ''; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Credential Report diff --git a/queries/aws_iam_group_1.yaml b/queries/aws_iam_group_1.yaml index 3e781ae44..2f4fbea41 100755 --- a/queries/aws_iam_group_1.yaml +++ b/queries/aws_iam_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_group_1 Title: "Find AWS IAM Group Data using SQL Query" Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_group_1.yaml.bak b/queries/aws_iam_group_1.yaml.bak new file mode 100755 index 000000000..3e781ae44 --- /dev/null +++ b/queries/aws_iam_group_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_iam_group_1 +Title: "Find AWS IAM Group Data using SQL Query" +Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as group_name, + iam_user ->> 'UserName' as user_name, + iam_user ->> 'UserId' as user_id, + iam_user ->> 'PermissionsBoundary' as permission_boundary, + iam_user ->> 'PasswordLastUsed' as password_last_used, + iam_user ->> 'CreateDate' as user_create_date + from + aws_iam_group + cross join jsonb_array_elements(users) as iam_user; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_iam_group_2.yaml b/queries/aws_iam_group_2.yaml index e959a3104..17ff0d5fc 100755 --- a/queries/aws_iam_group_2.yaml +++ b/queries/aws_iam_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_group_2 Title: "Find AWS IAM Group Data: Name, Path, and ARN" Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_group_2.yaml.bak b/queries/aws_iam_group_2.yaml.bak new file mode 100755 index 000000000..e959a3104 --- /dev/null +++ b/queries/aws_iam_group_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iam_group_2 +Title: "Find AWS IAM Group Data: Name, Path, and ARN" +Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as group_name, + iam_user ->> 'UserName' as user_name, + split_part(attachments, '/', 2) as attached_policies + from + aws_iam_group + cross join jsonb_array_elements(users) as iam_user, + jsonb_array_elements_text(attached_policy_arns) as attachments + where + split_part(attachments, '/', 2) = 'AdministratorAccess'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_iam_group_3.yaml b/queries/aws_iam_group_3.yaml index d0580245e..bcf294752 100755 --- a/queries/aws_iam_group_3.yaml +++ b/queries/aws_iam_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_group_3 Title: "Find all AWS IAM Group details with their attached policies" Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_group_3.yaml.bak b/queries/aws_iam_group_3.yaml.bak new file mode 100755 index 000000000..d0580245e --- /dev/null +++ b/queries/aws_iam_group_3.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_iam_group_3 +Title: "Find all AWS IAM Group details with their attached policies" +Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as group_name, + split_part(attachments, '/', 2) as attached_policies + from + aws_iam_group + cross join jsonb_array_elements_text(attached_policy_arns) as attachments; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_group_4.yaml b/queries/aws_iam_group_4.yaml index 27fa73af5..d5ca2c3f4 100755 --- a/queries/aws_iam_group_4.yaml +++ b/queries/aws_iam_group_4.yaml @@ -1,7 +1,7 @@ ID: aws_iam_group_4 Title: "Find all AWS IAM Group information like name and path" Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_group_4.yaml.bak b/queries/aws_iam_group_4.yaml.bak new file mode 100755 index 000000000..27fa73af5 --- /dev/null +++ b/queries/aws_iam_group_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_iam_group_4 +Title: "Find all AWS IAM Group information like name and path" +Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as group_name, + inline_policies + from + aws_iam_group + where + inline_policies is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_open_id_connect_provider_1.yaml b/queries/aws_iam_open_id_connect_provider_1.yaml index a685a71d2..bc9cfe27c 100755 --- a/queries/aws_iam_open_id_connect_provider_1.yaml +++ b/queries/aws_iam_open_id_connect_provider_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_open_id_connect_provider_1 Title: "Find AWS IAM OpenID Connect Providers and Details" Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_open_id_connect_provider_1.yaml.bak b/queries/aws_iam_open_id_connect_provider_1.yaml.bak new file mode 100755 index 000000000..a685a71d2 --- /dev/null +++ b/queries/aws_iam_open_id_connect_provider_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_iam_open_id_connect_provider_1 +Title: "Find AWS IAM OpenID Connect Providers and Details" +Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + create_date, + client_id_list, + thumbprint_list, + url, + account_id + from + aws_iam_open_id_connect_provider; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_open_id_connect_provider_2.yaml b/queries/aws_iam_open_id_connect_provider_2.yaml index f9160501e..8cd79925e 100755 --- a/queries/aws_iam_open_id_connect_provider_2.yaml +++ b/queries/aws_iam_open_id_connect_provider_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_open_id_connect_provider_2 Title: "List all AWS IAM OpenID Connect Providers in Account" Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_open_id_connect_provider_2.yaml.bak b/queries/aws_iam_open_id_connect_provider_2.yaml.bak new file mode 100755 index 000000000..8cd79925e --- /dev/null +++ b/queries/aws_iam_open_id_connect_provider_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_iam_open_id_connect_provider_2 +Title: "List all AWS IAM OpenID Connect Providers in Account" +Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + create_date, + client_id_list, + thumbprint_list, + url, + account_id + from + aws_iam_open_id_connect_provider + where + create_date <= (current_date - interval '90' day) + order by + create_date; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_open_id_connect_provider_2.yaml.bak.bak b/queries/aws_iam_open_id_connect_provider_2.yaml.bak.bak new file mode 100755 index 000000000..8cd79925e --- /dev/null +++ b/queries/aws_iam_open_id_connect_provider_2.yaml.bak.bak @@ -0,0 +1,33 @@ +ID: aws_iam_open_id_connect_provider_2 +Title: "List all AWS IAM OpenID Connect Providers in Account" +Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + create_date, + client_id_list, + thumbprint_list, + url, + account_id + from + aws_iam_open_id_connect_provider + where + create_date <= (current_date - interval '90' day) + order by + create_date; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_open_id_connect_provider_3.yaml b/queries/aws_iam_open_id_connect_provider_3.yaml index 1527fc399..05be9982c 100755 --- a/queries/aws_iam_open_id_connect_provider_3.yaml +++ b/queries/aws_iam_open_id_connect_provider_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_open_id_connect_provider_3 Title: "Find AWS IAM OpenID Connect Providers and Retrieve Details" Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_open_id_connect_provider_3.yaml.bak b/queries/aws_iam_open_id_connect_provider_3.yaml.bak new file mode 100755 index 000000000..1527fc399 --- /dev/null +++ b/queries/aws_iam_open_id_connect_provider_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_iam_open_id_connect_provider_3 +Title: "Find AWS IAM OpenID Connect Providers and Retrieve Details" +Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + create_date, + client_id_list, + thumbprint_list, + tags, + url, + account_id + from + aws_iam_open_id_connect_provider + where + tags ->> 'Environment' = 'Production'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_open_id_connect_provider_4.yaml b/queries/aws_iam_open_id_connect_provider_4.yaml index 4a3dff63d..b6bab9d83 100755 --- a/queries/aws_iam_open_id_connect_provider_4.yaml +++ b/queries/aws_iam_open_id_connect_provider_4.yaml @@ -1,7 +1,7 @@ ID: aws_iam_open_id_connect_provider_4 Title: "Find all AWS IAM OpenID Connect Providers with Details" Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_open_id_connect_provider_4.yaml.bak b/queries/aws_iam_open_id_connect_provider_4.yaml.bak new file mode 100755 index 000000000..4a3dff63d --- /dev/null +++ b/queries/aws_iam_open_id_connect_provider_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_iam_open_id_connect_provider_4 +Title: "Find all AWS IAM OpenID Connect Providers with Details" +Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + create_date, + client_id_list, + thumbprint_list, + tags, + url, + account_id + from + aws_iam_open_id_connect_provider + where + client_id_list @> '["sts.amazonaws.com"]'::jsonb + and not thumbprint_list @> '["1c58a3a8518e8759bf075b76b750d4f2df264fcd", "6938fd4d98bab03faadb97b34396831e3780aea1"]'::jsonb + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws diff --git a/queries/aws_iam_policy_1.yaml b/queries/aws_iam_policy_1.yaml index 3585e653d..8e0ebbde1 100755 --- a/queries/aws_iam_policy_1.yaml +++ b/queries/aws_iam_policy_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_policy_1 Title: "Find all AWS IAM Policies with Detailed Information" Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_policy_1.yaml.bak b/queries/aws_iam_policy_1.yaml.bak new file mode 100755 index 000000000..3585e653d --- /dev/null +++ b/queries/aws_iam_policy_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_iam_policy_1 +Title: "Find all AWS IAM Policies with Detailed Information" +Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn + from + aws_iam_policy + where + not is_aws_managed; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_policy_2.yaml b/queries/aws_iam_policy_2.yaml index 974af1c82..6bee0f900 100755 --- a/queries/aws_iam_policy_2.yaml +++ b/queries/aws_iam_policy_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_policy_2 Title: "Find all AWS IAM Policies and associated metadata" Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_policy_2.yaml.bak b/queries/aws_iam_policy_2.yaml.bak new file mode 100755 index 000000000..974af1c82 --- /dev/null +++ b/queries/aws_iam_policy_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iam_policy_2 +Title: "Find all AWS IAM Policies and associated metadata" +Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn + from + aws_iam_policy + where + not is_aws_managed + and path = '/turbot/'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Policy diff --git a/queries/aws_iam_policy_3.yaml b/queries/aws_iam_policy_3.yaml index 92c695f03..567d76fa0 100755 --- a/queries/aws_iam_policy_3.yaml +++ b/queries/aws_iam_policy_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_policy_3 Title: "List all AWS IAM Policies and their Details" Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_policy_3.yaml.bak b/queries/aws_iam_policy_3.yaml.bak new file mode 100755 index 000000000..92c695f03 --- /dev/null +++ b/queries/aws_iam_policy_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iam_policy_3 +Title: "List all AWS IAM Policies and their Details" +Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + permissions_boundary_usage_count + from + aws_iam_policy + where + is_attached; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_policy_4.yaml b/queries/aws_iam_policy_4.yaml index 582502985..1a96e50ae 100755 --- a/queries/aws_iam_policy_4.yaml +++ b/queries/aws_iam_policy_4.yaml @@ -1,7 +1,7 @@ ID: aws_iam_policy_4 Title: "List all AWS IAM Policies with Detailed Information" Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_policy_4.yaml.bak b/queries/aws_iam_policy_4.yaml.bak new file mode 100755 index 000000000..582502985 --- /dev/null +++ b/queries/aws_iam_policy_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_iam_policy_4 +Title: "List all AWS IAM Policies with Detailed Information" +Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + attachment_count, + permissions_boundary_usage_count + from + aws_iam_policy + where + not is_aws_managed + and not is_attached + and permissions_boundary_usage_count = 0; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_policy_5.yaml b/queries/aws_iam_policy_5.yaml index 9db555727..976cf9764 100755 --- a/queries/aws_iam_policy_5.yaml +++ b/queries/aws_iam_policy_5.yaml @@ -1,7 +1,7 @@ ID: aws_iam_policy_5 Title: "Find all AWS IAM Policies with permissions and metadata" Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_policy_5.yaml.bak b/queries/aws_iam_policy_5.yaml.bak new file mode 100755 index 000000000..9db555727 --- /dev/null +++ b/queries/aws_iam_policy_5.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_iam_policy_5 +Title: "Find all AWS IAM Policies with permissions and metadata" +Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + action, + s ->> 'Effect' as effect + from + aws_iam_policy, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Action') as action + where + action in ('*', '*:*') + and s ->> 'Effect' = 'Allow'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_policy_6.yaml b/queries/aws_iam_policy_6.yaml index 1cfc85313..230a38d46 100755 --- a/queries/aws_iam_policy_6.yaml +++ b/queries/aws_iam_policy_6.yaml @@ -1,7 +1,7 @@ ID: aws_iam_policy_6 Title: "Find all AWS IAM Policies with Permissions and Metadata" Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_policy_6.yaml.bak b/queries/aws_iam_policy_6.yaml.bak new file mode 100755 index 000000000..1cfc85313 --- /dev/null +++ b/queries/aws_iam_policy_6.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_iam_policy_6 +Title: "Find all AWS IAM Policies with Permissions and Metadata" +Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + action, + s ->> 'Effect' as effect + from + aws_iam_policy, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Action') as action + where + s ->> 'Effect' = 'Allow' + and ( + action = '*' + or action like '%:*' + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_policy_7.yaml b/queries/aws_iam_policy_7.yaml index 36c3b4c31..16e00f0af 100755 --- a/queries/aws_iam_policy_7.yaml +++ b/queries/aws_iam_policy_7.yaml @@ -1,7 +1,7 @@ ID: aws_iam_policy_7 Title: "Find AWS IAM Policies with Detailed Information" Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_policy_7.yaml.bak b/queries/aws_iam_policy_7.yaml.bak new file mode 100755 index 000000000..36c3b4c31 --- /dev/null +++ b/queries/aws_iam_policy_7.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_iam_policy_7 +Title: "Find AWS IAM Policies with Detailed Information" +Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.action, + a.access_level, + a.description + from + aws_iam_policy p, + jsonb_array_elements(p.policy_std -> 'Statement') as stmt, + jsonb_array_elements_text(stmt -> 'Action') as action_glob, + glob(action_glob) as action_regex + join aws_iam_action a ON a.action LIKE action_regex + where + p.name = 'AmazonEC2ReadOnlyAccess' + and stmt ->> 'Effect' = 'Allow' + order by + a.action; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_policy_attachment_1.yaml b/queries/aws_iam_policy_attachment_1.yaml index caef95d91..9afcb7f42 100755 --- a/queries/aws_iam_policy_attachment_1.yaml +++ b/queries/aws_iam_policy_attachment_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_policy_attachment_1 Title: "Find all AWS IAM Policy Attachments and Associations" Description: "Allows users to query IAM Policy Attachments in AWS to gather information about the relationship between IAM policies and their associated entities (users, groups, and roles)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_policy_attachment_1.yaml.bak b/queries/aws_iam_policy_attachment_1.yaml.bak new file mode 100755 index 000000000..caef95d91 --- /dev/null +++ b/queries/aws_iam_policy_attachment_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iam_policy_attachment_1 +Title: "Find all AWS IAM Policy Attachments and Associations" +Description: "Allows users to query IAM Policy Attachments in AWS to gather information about the relationship between IAM policies and their associated entities (users, groups, and roles)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + policy_arn, + is_attached, + policy_groups + from + aws_iam_policy_attachment + where + is_attached; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_policy_attachment_2.yaml b/queries/aws_iam_policy_attachment_2.yaml index 5f4d96a14..43dfe67a8 100755 --- a/queries/aws_iam_policy_attachment_2.yaml +++ b/queries/aws_iam_policy_attachment_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_policy_attachment_2 Title: "Find IAM Policy Attachments in AWS" Description: "Allows users to query IAM Policy Attachments in AWS to gather information about the relationship between IAM policies and their associated entities (users, groups, and roles)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_policy_attachment_2.yaml.bak b/queries/aws_iam_policy_attachment_2.yaml.bak new file mode 100755 index 000000000..5f4d96a14 --- /dev/null +++ b/queries/aws_iam_policy_attachment_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_iam_policy_attachment_2 +Title: "Find IAM Policy Attachments in AWS" +Description: "Allows users to query IAM Policy Attachments in AWS to gather information about the relationship between IAM policies and their associated entities (users, groups, and roles)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + policy_arn, + is_attached, + policy_users + from + aws_iam_policy_attachment + where + is_attached; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_policy_attachment_3.yaml b/queries/aws_iam_policy_attachment_3.yaml index bfdd3aba9..837f7c733 100755 --- a/queries/aws_iam_policy_attachment_3.yaml +++ b/queries/aws_iam_policy_attachment_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_policy_attachment_3 Title: "Find Relationships Between AWS IAM Policies and Entities" Description: "Allows users to query IAM Policy Attachments in AWS to gather information about the relationship between IAM policies and their associated entities (users, groups, and roles)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_policy_attachment_3.yaml.bak b/queries/aws_iam_policy_attachment_3.yaml.bak new file mode 100755 index 000000000..bfdd3aba9 --- /dev/null +++ b/queries/aws_iam_policy_attachment_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_iam_policy_attachment_3 +Title: "Find Relationships Between AWS IAM Policies and Entities" +Description: "Allows users to query IAM Policy Attachments in AWS to gather information about the relationship between IAM policies and their associated entities (users, groups, and roles)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as policy_name, + policy_arn, + jsonb_pretty(policy_users) as policy_users + from + aws_iam_policy p + left join aws_iam_policy_attachment a on p.arn = a.policy_arn + where + name = 'AdministratorAccess' and a.is_attached; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Policy diff --git a/queries/aws_iam_policy_simulator_1.yaml b/queries/aws_iam_policy_simulator_1.yaml index 02eca0ab6..9cf2e62bc 100755 --- a/queries/aws_iam_policy_simulator_1.yaml +++ b/queries/aws_iam_policy_simulator_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_policy_simulator_1 Title: "Find IAM Policy Simulator Results for Access Control Evaluation" Description: "Allows users to query IAM Policy Simulator for evaluating the effects of IAM access control policies. It provides information such as evaluation results, matching resources, and involved actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_policy_simulator_1.yaml.bak b/queries/aws_iam_policy_simulator_1.yaml.bak new file mode 100755 index 000000000..02eca0ab6 --- /dev/null +++ b/queries/aws_iam_policy_simulator_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_iam_policy_simulator_1 +Title: "Find IAM Policy Simulator Results for Access Control Evaluation" +Description: "Allows users to query IAM Policy Simulator for evaluating the effects of IAM access control policies. It provides information such as evaluation results, matching resources, and involved actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + decision + from + aws_iam_policy_simulator + where + action = 's3:DeleteBucket' + and resource_arn = '*' + and principal_arn = 'arn:aws:iam::012345678901:user/bob'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Policy Simulator diff --git a/queries/aws_iam_policy_simulator_2.yaml b/queries/aws_iam_policy_simulator_2.yaml index 7e0e4cb90..0a1581b62 100755 --- a/queries/aws_iam_policy_simulator_2.yaml +++ b/queries/aws_iam_policy_simulator_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_policy_simulator_2 Title: "Find AWS IAM Policy Simulator Evaluation Results for Control Policies" Description: "Allows users to query IAM Policy Simulator for evaluating the effects of IAM access control policies. It provides information such as evaluation results, matching resources, and involved actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_policy_simulator_2.yaml.bak b/queries/aws_iam_policy_simulator_2.yaml.bak new file mode 100755 index 000000000..7e0e4cb90 --- /dev/null +++ b/queries/aws_iam_policy_simulator_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_iam_policy_simulator_2 +Title: "Find AWS IAM Policy Simulator Evaluation Results for Control Policies" +Description: "Allows users to query IAM Policy Simulator for evaluating the effects of IAM access control policies. It provides information such as evaluation results, matching resources, and involved actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + decision, + jsonb_pretty(matched_statements) + from + aws_iam_policy_simulator + where + action = 'ec2:terminateinstances' + and resource_arn = '*' + and principal_arn = 'arn:aws:iam::012345678901:user/bob'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Policy Simulator diff --git a/queries/aws_iam_policy_simulator_3.yaml b/queries/aws_iam_policy_simulator_3.yaml index 3cb4b761e..76cbacb71 100755 --- a/queries/aws_iam_policy_simulator_3.yaml +++ b/queries/aws_iam_policy_simulator_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_policy_simulator_3 Title: "List all AWS IAM Policy Simulator evaluation results" Description: "Allows users to query IAM Policy Simulator for evaluating the effects of IAM access control policies. It provides information such as evaluation results, matching resources, and involved actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_policy_simulator_3.yaml.bak b/queries/aws_iam_policy_simulator_3.yaml.bak new file mode 100755 index 000000000..3cb4b761e --- /dev/null +++ b/queries/aws_iam_policy_simulator_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iam_policy_simulator_3 +Title: "List all AWS IAM Policy Simulator evaluation results" +Description: "Allows users to query IAM Policy Simulator for evaluating the effects of IAM access control policies. It provides information such as evaluation results, matching resources, and involved actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + u.name, + decision + from + aws_iam_policy_simulator p, + aws_iam_user u + where + action = 'sts:AssumeRole' + and resource_arn = '*' + and p.principal_arn = u.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Policy Simulator diff --git a/queries/aws_iam_role_1.yaml b/queries/aws_iam_role_1.yaml index effba2eae..ccf19953e 100755 --- a/queries/aws_iam_role_1.yaml +++ b/queries/aws_iam_role_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_role_1 Title: "Find IAM Roles with Inline Policies in AWS" Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_role_1.yaml.bak b/queries/aws_iam_role_1.yaml.bak new file mode 100755 index 000000000..effba2eae --- /dev/null +++ b/queries/aws_iam_role_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_iam_role_1 +Title: "Find IAM Roles with Inline Policies in AWS" +Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + create_date + from + aws_iam_role + where + inline_policies is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_role_10.yaml b/queries/aws_iam_role_10.yaml index 8e3400817..f9fcbe10b 100755 --- a/queries/aws_iam_role_10.yaml +++ b/queries/aws_iam_role_10.yaml @@ -1,7 +1,7 @@ ID: aws_iam_role_10 Title: "Find all AWS Identity and Access Management (IAM) Roles" Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_role_10.yaml.bak b/queries/aws_iam_role_10.yaml.bak new file mode 100755 index 000000000..8e3400817 --- /dev/null +++ b/queries/aws_iam_role_10.yaml.bak @@ -0,0 +1,40 @@ +ID: aws_iam_role_10 +Title: "Find all AWS Identity and Access Management (IAM) Roles" +Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + iam.arn as resource, + iam.description, + iam.assume_role_policy_std, + case + when pstatement -> 'Condition' -> 'StringLike' -> 'token.actions.githubusercontent.com:sub' is not null + or pstatement -> 'Condition' -> 'StringEquals' -> 'token.actions.githubusercontent.com:sub' is not null then 'ok' + else 'alarm' + end as status, + case + when pstatement -> 'Condition' -> 'StringLike' -> 'token.actions.githubusercontent.com:sub' is not null + or pstatement -> 'Condition' -> 'StringEquals' -> 'token.actions.githubusercontent.com:sub' is not null then iam.arn || ' Condition Check Exists' + else iam.arn || ' Missing Condition Check' + end as reason + from + aws_iam_role as iam, + jsonb_array_elements(iam.assume_role_policy_std -> 'Statement') as pstatement + where + pstatement -> 'Action' ?& array [ 'sts:assumerolewithwebidentity' ] + and (pstatement -> 'Principal' -> 'Federated') :: text like '%token.actions.githubusercontent.com%' + order by + status asc + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM Roles diff --git a/queries/aws_iam_role_2.yaml b/queries/aws_iam_role_2.yaml index 6f4d4af93..af0aa676b 100755 --- a/queries/aws_iam_role_2.yaml +++ b/queries/aws_iam_role_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_role_2 Title: "Find AWS IAM Roles' Permissions, Policies & Metadata" Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_role_2.yaml.bak b/queries/aws_iam_role_2.yaml.bak new file mode 100755 index 000000000..6f4d4af93 --- /dev/null +++ b/queries/aws_iam_role_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_iam_role_2 +Title: "Find AWS IAM Roles' Permissions, Policies & Metadata" +Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + split_part(policy, '/', 3) as attached_policy + from + aws_iam_role + cross join jsonb_array_elements_text(attached_policy_arns) as policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_iam_role_3.yaml b/queries/aws_iam_role_3.yaml index 063f4d535..6f2f46958 100755 --- a/queries/aws_iam_role_3.yaml +++ b/queries/aws_iam_role_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_role_3 Title: "Find AWS IAM Roles and Their Associated Metadata" Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_role_3.yaml.bak b/queries/aws_iam_role_3.yaml.bak new file mode 100755 index 000000000..063f4d535 --- /dev/null +++ b/queries/aws_iam_role_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_iam_role_3 +Title: "Find AWS IAM Roles and Their Associated Metadata" +Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + permissions_boundary_arn, + permissions_boundary_type + from + aws_iam_role; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_role_4.yaml b/queries/aws_iam_role_4.yaml index ff3b9f9e7..6b1d3215a 100755 --- a/queries/aws_iam_role_4.yaml +++ b/queries/aws_iam_role_4.yaml @@ -1,7 +1,7 @@ ID: aws_iam_role_4 Title: "Find all AWS IAM Role Permissions and Trust Policies" Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_role_4.yaml.bak b/queries/aws_iam_role_4.yaml.bak new file mode 100755 index 000000000..6b1d3215a --- /dev/null +++ b/queries/aws_iam_role_4.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_iam_role_4 +Title: "Find all AWS IAM Role Permissions and Trust Policies" +Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.name as role_name, + p.name as policy_name + from + aws_iam_role as r, + jsonb_array_elements_text(r.attached_policy_arns) as policy_arn, + aws_iam_policy as p, + jsonb_array_elements(p.policy_std -> 'Statement') as stmt, + jsonb_array_elements_text(stmt -> 'Action') as action + where + policy_arn = p.arn + and stmt ->> 'Effect' = 'Allow' + and action = '*' + order by + r.name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_role_4.yaml.bak.bak b/queries/aws_iam_role_4.yaml.bak.bak new file mode 100755 index 000000000..6b1d3215a --- /dev/null +++ b/queries/aws_iam_role_4.yaml.bak.bak @@ -0,0 +1,33 @@ +ID: aws_iam_role_4 +Title: "Find all AWS IAM Role Permissions and Trust Policies" +Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.name as role_name, + p.name as policy_name + from + aws_iam_role as r, + jsonb_array_elements_text(r.attached_policy_arns) as policy_arn, + aws_iam_policy as p, + jsonb_array_elements(p.policy_std -> 'Statement') as stmt, + jsonb_array_elements_text(stmt -> 'Action') as action + where + policy_arn = p.arn + and stmt ->> 'Effect' = 'Allow' + and action = '*' + order by + r.name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_role_5.yaml b/queries/aws_iam_role_5.yaml index a6a833cd6..d9316f738 100755 --- a/queries/aws_iam_role_5.yaml +++ b/queries/aws_iam_role_5.yaml @@ -1,7 +1,7 @@ ID: aws_iam_role_5 Title: "Find AWS IAM Roles and Policies Permissions Metadata" Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_role_5.yaml.bak b/queries/aws_iam_role_5.yaml.bak new file mode 100755 index 000000000..a6a833cd6 --- /dev/null +++ b/queries/aws_iam_role_5.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_iam_role_5 +Title: "Find AWS IAM Roles and Policies Permissions Metadata" +Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.name as role_name, + p.name as policy_name, + stmt ->> 'Sid' as statement, + action + from + aws_iam_role as r, + jsonb_array_elements_text(r.attached_policy_arns) as policy_arn, + aws_iam_policy as p, + jsonb_array_elements(p.policy_std -> 'Statement') as stmt, + jsonb_array_elements_text(stmt -> 'Action') as action + where + r.name = 'owner' + and policy_arn = p.arn + and ( + action like '%*%' + or action like '%?%' + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_iam_role_6.yaml b/queries/aws_iam_role_6.yaml index abbf002f0..fb473422c 100755 --- a/queries/aws_iam_role_6.yaml +++ b/queries/aws_iam_role_6.yaml @@ -1,7 +1,7 @@ ID: aws_iam_role_6 Title: "Find All AWS IAM Roles, Permissions, Trust Policies" Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_role_6.yaml.bak b/queries/aws_iam_role_6.yaml.bak new file mode 100755 index 000000000..abbf002f0 --- /dev/null +++ b/queries/aws_iam_role_6.yaml.bak @@ -0,0 +1,40 @@ +ID: aws_iam_role_6 +Title: "Find All AWS IAM Roles, Permissions, Trust Policies" +Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.name, + a.action, + a.access_level, + a.description + from + aws_iam_role as r, + jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, + aws_iam_policy as p, + jsonb_array_elements(p.policy_std -> 'Statement') as stmt, + jsonb_array_elements_text(stmt -> 'Action') as action_glob, + glob(action_glob) as action_regex + join aws_iam_action as a on a.action like action_regex + where + pol_arn = p.arn + and stmt ->> 'Effect' = 'Allow' + and r.name = 'AWSServiceRoleForRDS' + and access_level not in ('List', 'Read') + order by + action; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_role_7.yaml b/queries/aws_iam_role_7.yaml index d0754f8a1..2fe370daf 100755 --- a/queries/aws_iam_role_7.yaml +++ b/queries/aws_iam_role_7.yaml @@ -1,7 +1,7 @@ ID: aws_iam_role_7 Title: "Find All AWS IAM Roles Permissions and Trust Policies" Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_role_7.yaml.bak b/queries/aws_iam_role_7.yaml.bak new file mode 100755 index 000000000..d0754f8a1 --- /dev/null +++ b/queries/aws_iam_role_7.yaml.bak @@ -0,0 +1,81 @@ +ID: aws_iam_role_7 +Title: "Find All AWS IAM Roles Permissions and Trust Policies" +Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with roles as ( + select + name, + attached_policy_arns + from + aws_iam_role + where + name in ('AWSServiceRoleForSSO', 'AWSServiceRoleForRDS') + ), + policies as ( + select + name, + arn, + policy_std + from + aws_iam_policy + ), + role1_permissions as ( + select + r.name, + a.action, + a.access_level, + a.description + from + roles as r, + jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, + policies as p, + jsonb_array_elements(p.policy_std -> 'Statement') as stmt, + jsonb_array_elements_text(stmt -> 'Action') as action_glob, + glob (action_glob) as action_regex + join aws_iam_action a on a.action like action_regex + where + pol_arn = p.arn + and stmt ->> 'Effect' = 'Allow' + and r.name = 'AWSServiceRoleForSSO' + ), + role2_permissions as ( + select + r.name, + a.action, + a.access_level, + a.description + from + roles as r, + jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, + policies as p, + jsonb_array_elements(p.policy_std -> 'Statement') as stmt, + jsonb_array_elements_text(stmt -> 'Action') as action_glob, + glob (action_glob) as action_regex + join aws_iam_action a on a.action like action_regex + where + pol_arn = p.arn + and stmt ->> 'Effect' = 'Allow' + and r.name = 'AWSServiceRoleForRDS' + ) + select + * + from + role2_permissions + where + action not in ( select action from role1_permissions) + order by + action; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_role_8.yaml b/queries/aws_iam_role_8.yaml index 44e1f2c6a..6f1636dbd 100755 --- a/queries/aws_iam_role_8.yaml +++ b/queries/aws_iam_role_8.yaml @@ -1,7 +1,7 @@ ID: aws_iam_role_8 Title: "Find IAM Roles, Insights into Permissions and Policies in AWS" Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_role_8.yaml.bak b/queries/aws_iam_role_8.yaml.bak new file mode 100755 index 000000000..44e1f2c6a --- /dev/null +++ b/queries/aws_iam_role_8.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_iam_role_8 +Title: "Find IAM Roles, Insights into Permissions and Policies in AWS" +Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + maintenance.name, + admin.name, + jsonb_pretty(maintenance_stmt), + jsonb_pretty(admin_stmt) + from + -- use the account to get the organization_id + aws_account as a, + -- check any role as the "maintenance-role" + aws_iam_role as maintenance, + -- Combine via join with any role as the "admin-role" + aws_iam_role as admin, + jsonb_array_elements(maintenance.assume_role_policy_std -> 'Statement') as maintenance_stmt, + jsonb_array_elements(admin.assume_role_policy_std -> 'Statement') as admin_stmt + where + -- maintenance role can be assumed by any AWS principal + maintenance_stmt -> 'Principal' -> 'AWS' ? '*' + -- maintenance role principal must be in same account + and maintenance_stmt -> 'Condition' -> 'StringEquals' -> 'aws:principalorgid' ? a.organization_id + -- admin role specifically allow maintenance role + and admin_stmt -> 'Principal' -> 'AWS' ? maintenance.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_role_9.yaml b/queries/aws_iam_role_9.yaml index e1b68cce1..588ddf81f 100755 --- a/queries/aws_iam_role_9.yaml +++ b/queries/aws_iam_role_9.yaml @@ -1,7 +1,7 @@ ID: aws_iam_role_9 Title: "Find all AWS IAM Roles with Permissions and Trust Policies" Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_role_9.yaml.bak b/queries/aws_iam_role_9.yaml.bak new file mode 100755 index 000000000..e1b68cce1 --- /dev/null +++ b/queries/aws_iam_role_9.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_iam_role_9 +Title: "Find all AWS IAM Roles with Permissions and Trust Policies" +Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.name, + stmt + from + aws_iam_role as r, + jsonb_array_elements(r.assume_role_policy_std -> 'Statement') as stmt, + jsonb_array_elements_text(stmt -> 'Principal' -> 'AWS') as trust + where + trust = '*' + or trust like 'arn:aws:iam::%:role/%' + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_saml_provider_1.yaml b/queries/aws_iam_saml_provider_1.yaml index b978502d7..00bf6b763 100755 --- a/queries/aws_iam_saml_provider_1.yaml +++ b/queries/aws_iam_saml_provider_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_saml_provider_1 Title: "Find AWS IAM SAML Providers with Details" Description: "Allows users to query AWS IAM SAML Providers and retrieve detailed information about each SAML provider within AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_saml_provider_1.yaml.bak b/queries/aws_iam_saml_provider_1.yaml.bak new file mode 100755 index 000000000..b978502d7 --- /dev/null +++ b/queries/aws_iam_saml_provider_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iam_saml_provider_1 +Title: "Find AWS IAM SAML Providers with Details" +Description: "Allows users to query AWS IAM SAML Providers and retrieve detailed information about each SAML provider within AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + create_date, + valid_until, + region, + account_id + from + aws_iam_saml_provider; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management (IAM) diff --git a/queries/aws_iam_saml_provider_2.yaml b/queries/aws_iam_saml_provider_2.yaml index 89a981ed3..10e9fc012 100755 --- a/queries/aws_iam_saml_provider_2.yaml +++ b/queries/aws_iam_saml_provider_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_saml_provider_2 Title: "Find all AWS IAM SAML Providers and Details" Description: "Allows users to query AWS IAM SAML Providers and retrieve detailed information about each SAML provider within AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_saml_provider_2.yaml.bak b/queries/aws_iam_saml_provider_2.yaml.bak new file mode 100755 index 000000000..89a981ed3 --- /dev/null +++ b/queries/aws_iam_saml_provider_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_iam_saml_provider_2 +Title: "Find all AWS IAM SAML Providers and Details" +Description: "Allows users to query AWS IAM SAML Providers and retrieve detailed information about each SAML provider within AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + create_date, + valid_until, + region, + account_id + from + aws_iam_saml_provider + where + create_date <= (current_date - interval '90' day) + order by + create_date; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_iam_saml_provider_3.yaml b/queries/aws_iam_saml_provider_3.yaml index 40aed3522..02b588fc8 100755 --- a/queries/aws_iam_saml_provider_3.yaml +++ b/queries/aws_iam_saml_provider_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_saml_provider_3 Title: "Find AWS IAM SAML Providers expiring within 30 days" Description: "Allows users to query AWS IAM SAML Providers and retrieve detailed information about each SAML provider within AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_saml_provider_3.yaml.bak b/queries/aws_iam_saml_provider_3.yaml.bak new file mode 100755 index 000000000..40aed3522 --- /dev/null +++ b/queries/aws_iam_saml_provider_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_iam_saml_provider_3 +Title: "Find AWS IAM SAML Providers expiring within 30 days" +Description: "Allows users to query AWS IAM SAML Providers and retrieve detailed information about each SAML provider within AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + create_date, + valid_until, + region, + account_id + from + aws_iam_saml_provider + where + valid_until <= (current_date - interval '30' day) + order by + valid_until; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_iam_server_certificate_1.yaml b/queries/aws_iam_server_certificate_1.yaml index cb49b0094..099f251ad 100755 --- a/queries/aws_iam_server_certificate_1.yaml +++ b/queries/aws_iam_server_certificate_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_server_certificate_1 Title: "Find AWS IAM Server Certificates" Description: "Allows users to query AWS IAM Server Certificates" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_server_certificate_1.yaml.bak b/queries/aws_iam_server_certificate_1.yaml.bak new file mode 100755 index 000000000..099f251ad --- /dev/null +++ b/queries/aws_iam_server_certificate_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_iam_server_certificate_1 +Title: "Find AWS IAM Server Certificates" +Description: "Allows users to query AWS IAM Server Certificates" +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + server_certificate_id, + upload_date, + expiration + from + aws_iam_server_certificate; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_server_certificate_1.yaml.bak.bak b/queries/aws_iam_server_certificate_1.yaml.bak.bak new file mode 100755 index 000000000..099f251ad --- /dev/null +++ b/queries/aws_iam_server_certificate_1.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_iam_server_certificate_1 +Title: "Find AWS IAM Server Certificates" +Description: "Allows users to query AWS IAM Server Certificates" +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + server_certificate_id, + upload_date, + expiration + from + aws_iam_server_certificate; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_server_certificate_2.yaml b/queries/aws_iam_server_certificate_2.yaml index 6f36c7cb3..54f8a01dd 100755 --- a/queries/aws_iam_server_certificate_2.yaml +++ b/queries/aws_iam_server_certificate_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_server_certificate_2 Title: "Find AWS IAM Server Certificates with Expiry Info" Description: "Allows users to query AWS IAM Server Certificates" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_server_certificate_2.yaml.bak b/queries/aws_iam_server_certificate_2.yaml.bak new file mode 100755 index 000000000..6f36c7cb3 --- /dev/null +++ b/queries/aws_iam_server_certificate_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_iam_server_certificate_2 +Title: "Find AWS IAM Server Certificates with Expiry Info" +Description: "Allows users to query AWS IAM Server Certificates" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + expiration + from + aws_iam_server_certificate + where + expiration < now()::timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_service_specific_credential_1.yaml b/queries/aws_iam_service_specific_credential_1.yaml index 89478d62c..7bdd374f6 100755 --- a/queries/aws_iam_service_specific_credential_1.yaml +++ b/queries/aws_iam_service_specific_credential_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_service_specific_credential_1 Title: "Find AWS IAM Service Specific Credentials Details" Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_service_specific_credential_1.yaml.bak b/queries/aws_iam_service_specific_credential_1.yaml.bak new file mode 100755 index 000000000..89478d62c --- /dev/null +++ b/queries/aws_iam_service_specific_credential_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_iam_service_specific_credential_1 +Title: "Find AWS IAM Service Specific Credentials Details" +Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + service_specific_credential_id, + create_date, + user_name + from + aws_iam_service_specific_credential; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_service_specific_credential_2.yaml b/queries/aws_iam_service_specific_credential_2.yaml index 9d68ed402..055aa3f87 100755 --- a/queries/aws_iam_service_specific_credential_2.yaml +++ b/queries/aws_iam_service_specific_credential_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_service_specific_credential_2 Title: "List AWS IAM Service Specific Credentials Details" Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_service_specific_credential_2.yaml.bak b/queries/aws_iam_service_specific_credential_2.yaml.bak new file mode 100755 index 000000000..055aa3f87 --- /dev/null +++ b/queries/aws_iam_service_specific_credential_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_iam_service_specific_credential_2 +Title: "List AWS IAM Service Specific Credentials Details" +Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.service_name as service_name, + s.service_specific_credential_id as service_specific_credential_id, + u.name as user_name, + u.user_id as user_id, + u.password_last_used as password_last_used, + u.mfa_enabled as mfa_enabled + from + aws_iam_service_specific_credential as s, + aws_iam_user as u + where + s.user_name = u.name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_service_specific_credential_2.yaml.bak.bak b/queries/aws_iam_service_specific_credential_2.yaml.bak.bak new file mode 100755 index 000000000..055aa3f87 --- /dev/null +++ b/queries/aws_iam_service_specific_credential_2.yaml.bak.bak @@ -0,0 +1,32 @@ +ID: aws_iam_service_specific_credential_2 +Title: "List AWS IAM Service Specific Credentials Details" +Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.service_name as service_name, + s.service_specific_credential_id as service_specific_credential_id, + u.name as user_name, + u.user_id as user_id, + u.password_last_used as password_last_used, + u.mfa_enabled as mfa_enabled + from + aws_iam_service_specific_credential as s, + aws_iam_user as u + where + s.user_name = u.name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_service_specific_credential_3.yaml b/queries/aws_iam_service_specific_credential_3.yaml index 1159b20dd..73121036d 100755 --- a/queries/aws_iam_service_specific_credential_3.yaml +++ b/queries/aws_iam_service_specific_credential_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_service_specific_credential_3 Title: "Find AWS IAM Service Credentials and Detailed Info" Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_service_specific_credential_3.yaml.bak b/queries/aws_iam_service_specific_credential_3.yaml.bak new file mode 100755 index 000000000..1159b20dd --- /dev/null +++ b/queries/aws_iam_service_specific_credential_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_iam_service_specific_credential_3 +Title: "Find AWS IAM Service Credentials and Detailed Info" +Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + service_specific_credential_id, + create_date, + user_name + from + aws_iam_service_specific_credential + where + create_date <= current_date - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_user_1.yaml b/queries/aws_iam_user_1.yaml index 0cb12b2ef..9f3f9c9ac 100755 --- a/queries/aws_iam_user_1.yaml +++ b/queries/aws_iam_user_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_user_1 Title: "List all AWS IAM User details with creation date" Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_user_1.yaml.bak b/queries/aws_iam_user_1.yaml.bak new file mode 100755 index 000000000..0cb12b2ef --- /dev/null +++ b/queries/aws_iam_user_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_iam_user_1 +Title: "List all AWS IAM User details with creation date" +Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + user_id, + path, + create_date, + password_last_used + from + aws_iam_user; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_user_2.yaml b/queries/aws_iam_user_2.yaml index 496744c09..5e93f2fa3 100755 --- a/queries/aws_iam_user_2.yaml +++ b/queries/aws_iam_user_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_user_2 Title: "Find AWS IAM User Data for Security Audits & Enforcement" Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_user_2.yaml.bak b/queries/aws_iam_user_2.yaml.bak new file mode 100755 index 000000000..5e93f2fa3 --- /dev/null +++ b/queries/aws_iam_user_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_iam_user_2 +Title: "Find AWS IAM User Data for Security Audits & Enforcement" +Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as user_name, + iam_group ->> 'GroupName' as group_name, + iam_group ->> 'GroupId' as group_id, + iam_group ->> 'CreateDate' as create_date + from + aws_iam_user + cross join jsonb_array_elements(groups) as iam_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_user_2.yaml.bak.bak b/queries/aws_iam_user_2.yaml.bak.bak new file mode 100755 index 000000000..5e93f2fa3 --- /dev/null +++ b/queries/aws_iam_user_2.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_iam_user_2 +Title: "Find AWS IAM User Data for Security Audits & Enforcement" +Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as user_name, + iam_group ->> 'GroupName' as group_name, + iam_group ->> 'GroupId' as group_id, + iam_group ->> 'CreateDate' as create_date + from + aws_iam_user + cross join jsonb_array_elements(groups) as iam_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_user_3.yaml b/queries/aws_iam_user_3.yaml index 1a99d6f85..c211812f0 100755 --- a/queries/aws_iam_user_3.yaml +++ b/queries/aws_iam_user_3.yaml @@ -1,7 +1,7 @@ ID: aws_iam_user_3 Title: "Find all AWS IAM Users with Specific Policies" Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_user_3.yaml.bak b/queries/aws_iam_user_3.yaml.bak new file mode 100755 index 000000000..1a99d6f85 --- /dev/null +++ b/queries/aws_iam_user_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_iam_user_3 +Title: "Find all AWS IAM Users with Specific Policies" +Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as user_name, + split_part(attachments, '/', 2) as attached_policies + from + aws_iam_user + cross join jsonb_array_elements_text(attached_policy_arns) as attachments + where + split_part(attachments, '/', 2) = 'AdministratorAccess'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_user_4.yaml b/queries/aws_iam_user_4.yaml index 87428a918..4a6fc378a 100755 --- a/queries/aws_iam_user_4.yaml +++ b/queries/aws_iam_user_4.yaml @@ -1,7 +1,7 @@ ID: aws_iam_user_4 Title: "Find all non-MFA enabled AWS IAM Users with SQL" Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_user_4.yaml.bak b/queries/aws_iam_user_4.yaml.bak new file mode 100755 index 000000000..87428a918 --- /dev/null +++ b/queries/aws_iam_user_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iam_user_4 +Title: "Find all non-MFA enabled AWS IAM Users with SQL" +Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + user_id, + mfa_enabled + from + aws_iam_user + where + not mfa_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_user_5.yaml b/queries/aws_iam_user_5.yaml index e2b0fb400..0206f20b0 100755 --- a/queries/aws_iam_user_5.yaml +++ b/queries/aws_iam_user_5.yaml @@ -1,7 +1,7 @@ ID: aws_iam_user_5 Title: "Find all AWS IAM User Data for Audits and Troubleshooting" Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_user_5.yaml.bak b/queries/aws_iam_user_5.yaml.bak new file mode 100755 index 000000000..e2b0fb400 --- /dev/null +++ b/queries/aws_iam_user_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iam_user_5 +Title: "Find all AWS IAM User Data for Audits and Troubleshooting" +Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as user_name, + split_part(attachments, '/', 2) as attached_policies + from + aws_iam_user + cross join jsonb_array_elements_text(attached_policy_arns) as attachments; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_user_6.yaml b/queries/aws_iam_user_6.yaml index 85448e1d8..f15307714 100755 --- a/queries/aws_iam_user_6.yaml +++ b/queries/aws_iam_user_6.yaml @@ -1,7 +1,7 @@ ID: aws_iam_user_6 Title: "Find AWS IAM Users with Inline Policies" Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_user_6.yaml.bak b/queries/aws_iam_user_6.yaml.bak new file mode 100755 index 000000000..85448e1d8 --- /dev/null +++ b/queries/aws_iam_user_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_iam_user_6 +Title: "Find AWS IAM Users with Inline Policies" +Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as user_name, + inline_policies + from + aws_iam_user + where + inline_policies is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IAM diff --git a/queries/aws_iam_virtual_mfa_device_1.yaml b/queries/aws_iam_virtual_mfa_device_1.yaml index 49b264221..978c16201 100755 --- a/queries/aws_iam_virtual_mfa_device_1.yaml +++ b/queries/aws_iam_virtual_mfa_device_1.yaml @@ -1,7 +1,7 @@ ID: aws_iam_virtual_mfa_device_1 Title: "Find all AWS IAM Virtual MFA Devices" Description: "Allows users to query Virtual MFA Devices in AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_virtual_mfa_device_1.yaml.bak b/queries/aws_iam_virtual_mfa_device_1.yaml.bak new file mode 100755 index 000000000..49b264221 --- /dev/null +++ b/queries/aws_iam_virtual_mfa_device_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_iam_virtual_mfa_device_1 +Title: "Find all AWS IAM Virtual MFA Devices" +Description: "Allows users to query Virtual MFA Devices in AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + serial_number, + enable_date, + user_name + from + aws_iam_virtual_mfa_device; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_iam_virtual_mfa_device_2.yaml b/queries/aws_iam_virtual_mfa_device_2.yaml index a12ea4078..fd5719705 100755 --- a/queries/aws_iam_virtual_mfa_device_2.yaml +++ b/queries/aws_iam_virtual_mfa_device_2.yaml @@ -1,7 +1,7 @@ ID: aws_iam_virtual_mfa_device_2 Title: "Find all AWS IAM Virtual MFA Devices" Description: "Allows users to query Virtual MFA Devices in AWS Identity and Access Management (IAM)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iam_virtual_mfa_device_2.yaml.bak b/queries/aws_iam_virtual_mfa_device_2.yaml.bak new file mode 100755 index 000000000..a12ea4078 --- /dev/null +++ b/queries/aws_iam_virtual_mfa_device_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_iam_virtual_mfa_device_2 +Title: "Find all AWS IAM Virtual MFA Devices" +Description: "Allows users to query Virtual MFA Devices in AWS Identity and Access Management (IAM)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + u.user_id, + mfa.serial_number, + path, + create_date, + password_last_used + from + aws_iam_user u + inner join aws_iam_virtual_mfa_device mfa on u.name = mfa.user_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity and Access Management diff --git a/queries/aws_identitystore_group_1.yaml b/queries/aws_identitystore_group_1.yaml index 724146463..ac7dc45bb 100755 --- a/queries/aws_identitystore_group_1.yaml +++ b/queries/aws_identitystore_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_identitystore_group_1 Title: "Find AWS Identity Store Groups Information" Description: "Allows users to query AWS Identity Store Groups to obtain information about the identity and attributes of groups in AWS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_identitystore_group_1.yaml.bak b/queries/aws_identitystore_group_1.yaml.bak new file mode 100755 index 000000000..724146463 --- /dev/null +++ b/queries/aws_identitystore_group_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_identitystore_group_1 +Title: "Find AWS Identity Store Groups Information" +Description: "Allows users to query AWS Identity Store Groups to obtain information about the identity and attributes of groups in AWS." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name + from + aws_identitystore_group + where identity_store_id = 'd-1234567890' and id = '1234567890-12345678-abcd-abcd-abcd-1234567890ab'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity Store diff --git a/queries/aws_identitystore_group_2.yaml b/queries/aws_identitystore_group_2.yaml index c650baf0b..087a3ced3 100755 --- a/queries/aws_identitystore_group_2.yaml +++ b/queries/aws_identitystore_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_identitystore_group_2 Title: "Find AWS Identity Store Groups Information" Description: "Allows users to query AWS Identity Store Groups to obtain information about the identity and attributes of groups in AWS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_identitystore_group_2.yaml.bak b/queries/aws_identitystore_group_2.yaml.bak new file mode 100755 index 000000000..c650baf0b --- /dev/null +++ b/queries/aws_identitystore_group_2.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_identitystore_group_2 +Title: "Find AWS Identity Store Groups Information" +Description: "Allows users to query AWS Identity Store Groups to obtain information about the identity and attributes of groups in AWS." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name + from + aws_identitystore_group + where identity_store_id = 'd-1234567890' and name = 'test'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity Store diff --git a/queries/aws_identitystore_group_membership_1.yaml b/queries/aws_identitystore_group_membership_1.yaml index 0f4e8062f..6e30025fe 100755 --- a/queries/aws_identitystore_group_membership_1.yaml +++ b/queries/aws_identitystore_group_membership_1.yaml @@ -1,7 +1,7 @@ ID: aws_identitystore_group_membership_1 Title: "Find All AWS Identity Store Group Memberships" Description: "Allows users to query AWS Identity Store Group Memberships, providing information about AWS users'' membership status within various identity groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_identitystore_group_membership_1.yaml.bak b/queries/aws_identitystore_group_membership_1.yaml.bak new file mode 100755 index 000000000..0f4e8062f --- /dev/null +++ b/queries/aws_identitystore_group_membership_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_identitystore_group_membership_1 +Title: "Find All AWS Identity Store Group Memberships" +Description: "Allows users to query AWS Identity Store Group Memberships, providing information about AWS users'' membership status within various identity groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + identity_store_id, + group_id, + membership_id, + member_id + from + aws_identitystore_group_membership + where + identity_store_id = 'd-1234567890'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Identity Store diff --git a/queries/aws_identitystore_group_membership_2.yaml b/queries/aws_identitystore_group_membership_2.yaml index 4014c23b6..cd0bfa975 100755 --- a/queries/aws_identitystore_group_membership_2.yaml +++ b/queries/aws_identitystore_group_membership_2.yaml @@ -1,7 +1,7 @@ ID: aws_identitystore_group_membership_2 Title: "Find AWS Identity Store Group Memberships" Description: "Allows users to query AWS Identity Store Group Memberships, providing information about AWS users'' membership status within various identity groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_identitystore_group_membership_2.yaml.bak b/queries/aws_identitystore_group_membership_2.yaml.bak new file mode 100755 index 000000000..4014c23b6 --- /dev/null +++ b/queries/aws_identitystore_group_membership_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_identitystore_group_membership_2 +Title: "Find AWS Identity Store Group Memberships" +Description: "Allows users to query AWS Identity Store Group Memberships, providing information about AWS users'' membership status within various identity groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + m.membership_id, + m.group_id, + m.identity_store_id, + u.name as user_name + from + aws_identitystore_group_membership as m, + aws_identitystore_user as u + where + m.identity_store_id = 'd-1234567890' + and u.identity_store_id = m.identity_store_id + and u.id = m.member_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity Store diff --git a/queries/aws_identitystore_group_membership_3.yaml b/queries/aws_identitystore_group_membership_3.yaml index c41455c4e..958c5f88d 100755 --- a/queries/aws_identitystore_group_membership_3.yaml +++ b/queries/aws_identitystore_group_membership_3.yaml @@ -1,7 +1,7 @@ ID: aws_identitystore_group_membership_3 Title: "Find AWS Identity Store Group Membership Details" Description: "Allows users to query AWS Identity Store Group Memberships, providing information about AWS users'' membership status within various identity groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_identitystore_group_membership_3.yaml.bak b/queries/aws_identitystore_group_membership_3.yaml.bak new file mode 100755 index 000000000..c41455c4e --- /dev/null +++ b/queries/aws_identitystore_group_membership_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_identitystore_group_membership_3 +Title: "Find AWS Identity Store Group Membership Details" +Description: "Allows users to query AWS Identity Store Group Memberships, providing information about AWS users'' membership status within various identity groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + m.membership_id, + m.group_id, + m.identity_store_id, + g.name as group_name + from + aws_identitystore_group_membership as m, + aws_identitystore_group as g + where + m.identity_store_id = 'd-1234567890' + and g.identity_store_id = m.identity_store_id + and g.id = m.group_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity Store diff --git a/queries/aws_identitystore_user_1.yaml b/queries/aws_identitystore_user_1.yaml index 956492963..116f480dc 100755 --- a/queries/aws_identitystore_user_1.yaml +++ b/queries/aws_identitystore_user_1.yaml @@ -1,7 +1,7 @@ ID: aws_identitystore_user_1 Title: "List AWS Identity Store User Details by ID and Identity Store ID" Description: "Allows users to query AWS Identity Store User data, providing details such as user ID, username, and ARN. This table is essential for managing and auditing user information within the AWS Identity Store." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_identitystore_user_1.yaml.bak b/queries/aws_identitystore_user_1.yaml.bak new file mode 100755 index 000000000..956492963 --- /dev/null +++ b/queries/aws_identitystore_user_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_identitystore_user_1 +Title: "List AWS Identity Store User Details by ID and Identity Store ID" +Description: "Allows users to query AWS Identity Store User data, providing details such as user ID, username, and ARN. This table is essential for managing and auditing user information within the AWS Identity Store." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name + from + aws_identitystore_user + where identity_store_id = 'd-1234567890' and id = '1234567890-12345678-abcd-abcd-abcd-1234567890ab'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Identity Store diff --git a/queries/aws_identitystore_user_2.yaml b/queries/aws_identitystore_user_2.yaml index b966fc335..19ad65ec6 100755 --- a/queries/aws_identitystore_user_2.yaml +++ b/queries/aws_identitystore_user_2.yaml @@ -1,7 +1,7 @@ ID: aws_identitystore_user_2 Title: "Query AWS Identity Store User Data in AWS Identity Store" Description: "Allows users to query AWS Identity Store User data, providing details such as user ID, username, and ARN. This table is essential for managing and auditing user information within the AWS Identity Store." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_identitystore_user_2.yaml.bak b/queries/aws_identitystore_user_2.yaml.bak new file mode 100755 index 000000000..b966fc335 --- /dev/null +++ b/queries/aws_identitystore_user_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_identitystore_user_2 +Title: "Query AWS Identity Store User Data in AWS Identity Store" +Description: "Allows users to query AWS Identity Store User data, providing details such as user ID, username, and ARN. This table is essential for managing and auditing user information within the AWS Identity Store." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name + from + aws_identitystore_user + where identity_store_id = 'd-1234567890' and name = 'test'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Identity Store diff --git a/queries/aws_inspector2_coverage_1.yaml b/queries/aws_inspector2_coverage_1.yaml index 68d457deb..e10118440 100755 --- a/queries/aws_inspector2_coverage_1.yaml +++ b/queries/aws_inspector2_coverage_1.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_coverage_1 Title: "List AWS Inspector Coverage Assessment Targets & Templates" Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_coverage_1.yaml.bak b/queries/aws_inspector2_coverage_1.yaml.bak new file mode 100755 index 000000000..68d457deb --- /dev/null +++ b/queries/aws_inspector2_coverage_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_inspector2_coverage_1 +Title: "List AWS Inspector Coverage Assessment Targets & Templates" +Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + source_account_id, + resource_id, + resource_type, + scan_type, + scan_status_reason, + scan_status_code + from + aws_inspector2_coverage; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_coverage_2.yaml b/queries/aws_inspector2_coverage_2.yaml index 1d8fd24a0..02129fbf4 100755 --- a/queries/aws_inspector2_coverage_2.yaml +++ b/queries/aws_inspector2_coverage_2.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_coverage_2 Title: "Find all AWS Inspector Coverage Details" Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_coverage_2.yaml.bak b/queries/aws_inspector2_coverage_2.yaml.bak new file mode 100755 index 000000000..1d8fd24a0 --- /dev/null +++ b/queries/aws_inspector2_coverage_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_inspector2_coverage_2 +Title: "Find all AWS Inspector Coverage Details" +Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + source_account_id, + resource_id, + resource_type, + scan_status_code + from + aws_inspector2_coverage + where + scan_status_code = 'INACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_coverage_3.yaml b/queries/aws_inspector2_coverage_3.yaml index 1283e2266..8e1bf47b8 100755 --- a/queries/aws_inspector2_coverage_3.yaml +++ b/queries/aws_inspector2_coverage_3.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_coverage_3 Title: "Find AWS Inspector Coverage and Assessment Templates" Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_coverage_3.yaml.bak b/queries/aws_inspector2_coverage_3.yaml.bak new file mode 100755 index 000000000..8e1bf47b8 --- /dev/null +++ b/queries/aws_inspector2_coverage_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_inspector2_coverage_3 +Title: "Find AWS Inspector Coverage and Assessment Templates" +Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + source_account_id, + scan_type, + resource_id as ec2_instance_id, + resource_type, + ec2_ami_id, + ec2_platform + from + aws_inspector2_coverage + where + resource_type = `aws_EC2_INSTANCE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_coverage_3.yaml.bak.bak b/queries/aws_inspector2_coverage_3.yaml.bak.bak new file mode 100755 index 000000000..8e1bf47b8 --- /dev/null +++ b/queries/aws_inspector2_coverage_3.yaml.bak.bak @@ -0,0 +1,31 @@ +ID: aws_inspector2_coverage_3 +Title: "Find AWS Inspector Coverage and Assessment Templates" +Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + source_account_id, + scan_type, + resource_id as ec2_instance_id, + resource_type, + ec2_ami_id, + ec2_platform + from + aws_inspector2_coverage + where + resource_type = `aws_EC2_INSTANCE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_coverage_4.yaml b/queries/aws_inspector2_coverage_4.yaml index 91070d988..e460794cd 100755 --- a/queries/aws_inspector2_coverage_4.yaml +++ b/queries/aws_inspector2_coverage_4.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_coverage_4 Title: "List AWS Inspector Coverage Data on Assessment Targets" Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_coverage_4.yaml.bak b/queries/aws_inspector2_coverage_4.yaml.bak new file mode 100755 index 000000000..91070d988 --- /dev/null +++ b/queries/aws_inspector2_coverage_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_inspector2_coverage_4 +Title: "List AWS Inspector Coverage Data on Assessment Targets" +Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + source_account_id, + scan_type, + resource_id as ec2_instance_id, + resource_type, + ec2_ami_id, + ec2_platform, + ec2_instance_tags + from + aws_inspector2_coverage + where + ec2_instance_tags = '{"foo": "bar", "foo1": "bar1"}'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_coverage_5.yaml b/queries/aws_inspector2_coverage_5.yaml index a44382718..3ade1f5f7 100755 --- a/queries/aws_inspector2_coverage_5.yaml +++ b/queries/aws_inspector2_coverage_5.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_coverage_5 Title: "List AWS Inspector Coverage Data on Assessment Targets" Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_coverage_5.yaml.bak b/queries/aws_inspector2_coverage_5.yaml.bak new file mode 100755 index 000000000..a44382718 --- /dev/null +++ b/queries/aws_inspector2_coverage_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_inspector2_coverage_5 +Title: "List AWS Inspector Coverage Data on Assessment Targets" +Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + source_account_id, + scan_type, + resource_id as ec2_instance_id, + resource_type, + lambda_function_name, + lambda_function_runtime, + lambda_function_tags + from + aws_inspector2_coverage + where + lambda_function_tags = '{"foo": "bar", "foo1": "bar1"}'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_coverage_6.yaml b/queries/aws_inspector2_coverage_6.yaml index be192e124..122643ab1 100755 --- a/queries/aws_inspector2_coverage_6.yaml +++ b/queries/aws_inspector2_coverage_6.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_coverage_6 Title: "Find AWS Inspector Coverage Data for Assessment Targets" Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_coverage_6.yaml.bak b/queries/aws_inspector2_coverage_6.yaml.bak new file mode 100755 index 000000000..be192e124 --- /dev/null +++ b/queries/aws_inspector2_coverage_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_inspector2_coverage_6 +Title: "Find AWS Inspector Coverage Data for Assessment Targets" +Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + source_account_id, + resource_id, + resource_type, + scan_type + from + aws_inspector2_coverage + where + scan_type = 'PACKAGE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_coverage_7.yaml b/queries/aws_inspector2_coverage_7.yaml index 869127c96..c22ae9752 100755 --- a/queries/aws_inspector2_coverage_7.yaml +++ b/queries/aws_inspector2_coverage_7.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_coverage_7 Title: "List all AWS Inspector Coverage Data Details" Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_coverage_7.yaml.bak b/queries/aws_inspector2_coverage_7.yaml.bak new file mode 100755 index 000000000..869127c96 --- /dev/null +++ b/queries/aws_inspector2_coverage_7.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_inspector2_coverage_7 +Title: "List all AWS Inspector Coverage Data Details" +Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + c.resource_id, + c.resource_type, + c.ecr_repository_name, + r.registry_id, + r.repository_uri, + r.encryption_configuration + from + aws_inspector2_coverage as c, + aws_ecr_repository as r + where + r.repository_name = c.ecr_repository_name + and + c.resource_type = `AWS_ECR_REPOSITORY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_coverage_8.yaml b/queries/aws_inspector2_coverage_8.yaml index 5ff4cefdc..197800a15 100755 --- a/queries/aws_inspector2_coverage_8.yaml +++ b/queries/aws_inspector2_coverage_8.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_coverage_8 Title: "Find AWS Inspector Coverage Data on Assessment Targets" Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_coverage_8.yaml.bak b/queries/aws_inspector2_coverage_8.yaml.bak new file mode 100755 index 000000000..5ff4cefdc --- /dev/null +++ b/queries/aws_inspector2_coverage_8.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_inspector2_coverage_8 +Title: "Find AWS Inspector Coverage Data on Assessment Targets" +Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + c.resource_id, + c.resource_type, + c.lambda_function_name, + f.arn as lambda_function_arn, + c.lambda_function_runtime, + f.code_sha_256, + f.code_size, + f.kms_key_arn, + f.package_type + from + aws_inspector2_coverage as c, + aws_lambda_function as f + where + f.name = c.lambda_function_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_coverage_9.yaml b/queries/aws_inspector2_coverage_9.yaml index 941765b55..5d1390ba1 100755 --- a/queries/aws_inspector2_coverage_9.yaml +++ b/queries/aws_inspector2_coverage_9.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_coverage_9 Title: "Find AWS Inspector Coverage Data for EC2 Instances" Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_coverage_9.yaml.bak b/queries/aws_inspector2_coverage_9.yaml.bak new file mode 100755 index 000000000..941765b55 --- /dev/null +++ b/queries/aws_inspector2_coverage_9.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_inspector2_coverage_9 +Title: "Find AWS Inspector Coverage Data for EC2 Instances" +Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + c.resource_id as ec2_instance_id, + c.resource_type, + c.ec2_ami_id, + i.instance_type, + i.instance_state, + i.disable_api_termination, + i.ebs_optimized + from + aws_inspector2_coverage as c, + aws_ec2_instance as i + where + i.instance_id = c.resource_id + and + c.resource_type = `AWS_EC2_INSTANCE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Inspector diff --git a/queries/aws_inspector2_coverage_statistics_1.yaml b/queries/aws_inspector2_coverage_statistics_1.yaml index 1ae1268f5..ddf9ef5db 100755 --- a/queries/aws_inspector2_coverage_statistics_1.yaml +++ b/queries/aws_inspector2_coverage_statistics_1.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_coverage_statistics_1 Title: "Find Detailed AWS Inspector2 Coverage Statistics" Description: "Allows users to query AWS Inspector2 Coverage Statistics to obtain detailed information about the assessment targets and the number of instances they cover." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_coverage_statistics_1.yaml.bak b/queries/aws_inspector2_coverage_statistics_1.yaml.bak new file mode 100755 index 000000000..1ae1268f5 --- /dev/null +++ b/queries/aws_inspector2_coverage_statistics_1.yaml.bak @@ -0,0 +1,23 @@ +ID: aws_inspector2_coverage_statistics_1 +Title: "Find Detailed AWS Inspector2 Coverage Statistics" +Description: "Allows users to query AWS Inspector2 Coverage Statistics to obtain detailed information about the assessment targets and the number of instances they cover." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + total_counts, + counts_by_group + from + aws_inspector2_coverage_statistics; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector2 diff --git a/queries/aws_inspector2_coverage_statistics_2.yaml b/queries/aws_inspector2_coverage_statistics_2.yaml index 4c42519a8..5c4cccfa2 100755 --- a/queries/aws_inspector2_coverage_statistics_2.yaml +++ b/queries/aws_inspector2_coverage_statistics_2.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_coverage_statistics_2 Title: "Find AWS Inspector2 Coverage Statistics Details" Description: "Allows users to query AWS Inspector2 Coverage Statistics to obtain detailed information about the assessment targets and the number of instances they cover." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_coverage_statistics_2.yaml.bak b/queries/aws_inspector2_coverage_statistics_2.yaml.bak new file mode 100755 index 000000000..5c4cccfa2 --- /dev/null +++ b/queries/aws_inspector2_coverage_statistics_2.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_inspector2_coverage_statistics_2 +Title: "Find AWS Inspector2 Coverage Statistics Details" +Description: "Allows users to query AWS Inspector2 Coverage Statistics to obtain detailed information about the assessment targets and the number of instances they cover." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + g ->> 'Count' as count, + g ->> 'GroupKey' as group_key + from + aws_inspector2_coverage_statistics, + jsonb_array_elements(counts_by_group) as g; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector2 diff --git a/queries/aws_inspector2_coverage_statistics_2.yaml.bak.bak b/queries/aws_inspector2_coverage_statistics_2.yaml.bak.bak new file mode 100755 index 000000000..5c4cccfa2 --- /dev/null +++ b/queries/aws_inspector2_coverage_statistics_2.yaml.bak.bak @@ -0,0 +1,24 @@ +ID: aws_inspector2_coverage_statistics_2 +Title: "Find AWS Inspector2 Coverage Statistics Details" +Description: "Allows users to query AWS Inspector2 Coverage Statistics to obtain detailed information about the assessment targets and the number of instances they cover." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + g ->> 'Count' as count, + g ->> 'GroupKey' as group_key + from + aws_inspector2_coverage_statistics, + jsonb_array_elements(counts_by_group) as g; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector2 diff --git a/queries/aws_inspector2_finding_1.yaml b/queries/aws_inspector2_finding_1.yaml index e4cc980e9..25d95bae0 100755 --- a/queries/aws_inspector2_finding_1.yaml +++ b/queries/aws_inspector2_finding_1.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_1 Title: "Find AWS Inspector Findings and Insights Using SQL" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_1.yaml.bak b/queries/aws_inspector2_finding_1.yaml.bak new file mode 100755 index 000000000..e4cc980e9 --- /dev/null +++ b/queries/aws_inspector2_finding_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_inspector2_finding_1 +Title: "Find AWS Inspector Findings and Insights Using SQL" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + description, + fix_available, + inspector_score, + severity, + finding_account_id + from + aws_inspector2_finding; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_10.yaml b/queries/aws_inspector2_finding_10.yaml index 5d97919e0..9d9752727 100755 --- a/queries/aws_inspector2_finding_10.yaml +++ b/queries/aws_inspector2_finding_10.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_10 Title: "Find all AWS Inspector findings with fix available" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_10.yaml.bak b/queries/aws_inspector2_finding_10.yaml.bak new file mode 100755 index 000000000..5d97919e0 --- /dev/null +++ b/queries/aws_inspector2_finding_10.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_inspector2_finding_10 +Title: "Find all AWS Inspector findings with fix available" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + finding_account_id, + first_observed_at, + fix_available, + exploit_available + from + aws_inspector2_finding + where + fix_available = 'YES'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_11.yaml b/queries/aws_inspector2_finding_11.yaml index e0b8a7542..acbc36afd 100755 --- a/queries/aws_inspector2_finding_11.yaml +++ b/queries/aws_inspector2_finding_11.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_11 Title: "Find AWS Inspector findings and security issues" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_11.yaml.bak b/queries/aws_inspector2_finding_11.yaml.bak new file mode 100755 index 000000000..e0b8a7542 --- /dev/null +++ b/queries/aws_inspector2_finding_11.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_inspector2_finding_11 +Title: "Find AWS Inspector findings and security issues" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + inspector_score, + first_observed_at, + last_observed_at + inspector_score_details + from + aws_inspector2_finding + order by + inspector_score desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_12.yaml b/queries/aws_inspector2_finding_12.yaml index 14f1260c5..e7ebe6817 100755 --- a/queries/aws_inspector2_finding_12.yaml +++ b/queries/aws_inspector2_finding_12.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_12 Title: "Find AWS Inspector findings and security issues" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_12.yaml.bak b/queries/aws_inspector2_finding_12.yaml.bak new file mode 100755 index 000000000..14f1260c5 --- /dev/null +++ b/queries/aws_inspector2_finding_12.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_inspector2_finding_12 +Title: "Find AWS Inspector findings and security issues" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + inspector_score_details -> 'AdjustedCvss' ->> 'Score' as adjusted_cvss_score, + inspector_score_details -> 'AdjustedCvss' ->> 'ScScoreSourceore' as adjusted_cvss_source_score, + inspector_score_details -> 'AdjustedCvss' ->> 'ScoScoringVectorre' as adjusted_cvss_scoring_vector, + inspector_score_details -> 'AdjustedCvss' ->> 'Version' as adjusted_cvss_version, + inspector_score_details -> 'AdjustedCvss' -> 'Adjustments' as adjusted_cvss_adjustments, + inspector_score_details -> 'AdjustedCvss' ->> 'CvssSource' as adjusted_cvss_cvss_source + from + aws_inspector2_finding; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_13.yaml b/queries/aws_inspector2_finding_13.yaml index 4328f836b..4ce685854 100755 --- a/queries/aws_inspector2_finding_13.yaml +++ b/queries/aws_inspector2_finding_13.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_13 Title: "Find all AWS Inspector findings for security insights" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_13.yaml.bak b/queries/aws_inspector2_finding_13.yaml.bak new file mode 100755 index 000000000..4ce685854 --- /dev/null +++ b/queries/aws_inspector2_finding_13.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_inspector2_finding_13 +Title: "Find all AWS Inspector findings for security insights" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + network_reachability_details -> 'NetworkPath' -> 'Steps' as network_pathsteps, + network_reachability_details -> 'OpenPortRange' ->> 'Begin' as open_port_range_begin, + network_reachability_details -> 'OpenPortRange' ->> 'End' as open_port_range_end, + network_reachability_details -> 'Protocol' as protocol + from + aws_inspector2_finding; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_13.yaml.bak.bak b/queries/aws_inspector2_finding_13.yaml.bak.bak new file mode 100755 index 000000000..4ce685854 --- /dev/null +++ b/queries/aws_inspector2_finding_13.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_inspector2_finding_13 +Title: "Find all AWS Inspector findings for security insights" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + network_reachability_details -> 'NetworkPath' -> 'Steps' as network_pathsteps, + network_reachability_details -> 'OpenPortRange' ->> 'Begin' as open_port_range_begin, + network_reachability_details -> 'OpenPortRange' ->> 'End' as open_port_range_end, + network_reachability_details -> 'Protocol' as protocol + from + aws_inspector2_finding; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_14.yaml b/queries/aws_inspector2_finding_14.yaml index 909c8dba2..43671913d 100755 --- a/queries/aws_inspector2_finding_14.yaml +++ b/queries/aws_inspector2_finding_14.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_14 Title: "List AWS Inspector Findings with Severity and Status" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_14.yaml.bak b/queries/aws_inspector2_finding_14.yaml.bak new file mode 100755 index 000000000..909c8dba2 --- /dev/null +++ b/queries/aws_inspector2_finding_14.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_inspector2_finding_14 +Title: "List AWS Inspector Findings with Severity and Status" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + finding_account_id, + first_observed_at, + fix_available, + exploit_available, + resource_tags + from + aws_inspector2_finding + where + resource_tags = '[{"key": "Name", "value": "Dev"}, {"key": "Name", "value": "Prod"}]'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_15.yaml b/queries/aws_inspector2_finding_15.yaml index 48de1c08b..ea3e773ce 100755 --- a/queries/aws_inspector2_finding_15.yaml +++ b/queries/aws_inspector2_finding_15.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_15 Title: "Find AWS Inspector Findings and Security Issues" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_15.yaml.bak b/queries/aws_inspector2_finding_15.yaml.bak new file mode 100755 index 000000000..48de1c08b --- /dev/null +++ b/queries/aws_inspector2_finding_15.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_inspector2_finding_15 +Title: "Find AWS Inspector Findings and Security Issues" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + finding_account_id, + first_observed_at, + fix_available, + exploit_available, + vulnerable_package + from + aws_inspector2_finding + where + vulnerable_package = '[{"architecture": "arc", "epoch": "231321", "name": "myVulere", "release": "v0.2.0", "sourceLambdaLayerArn": "arn:aws:lambda:us-west-2:123456789012:layer:my-layer:1", "sourceLayerHash": "dbasjkhda872", "version": "v0.1.0"}]'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_2.yaml b/queries/aws_inspector2_finding_2.yaml index 59a04d0ae..9ffced156 100755 --- a/queries/aws_inspector2_finding_2.yaml +++ b/queries/aws_inspector2_finding_2.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_2 Title: "Find AWS Inspector Findings with High Severity" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_2.yaml.bak b/queries/aws_inspector2_finding_2.yaml.bak new file mode 100755 index 000000000..59a04d0ae --- /dev/null +++ b/queries/aws_inspector2_finding_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_inspector2_finding_2 +Title: "Find AWS Inspector Findings with High Severity" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + source, + vendor_severity, + status, + severity + from + aws_inspector2_finding + where + severity = 'HIGH'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_3.yaml b/queries/aws_inspector2_finding_3.yaml index 90e6ab894..9934f9800 100755 --- a/queries/aws_inspector2_finding_3.yaml +++ b/queries/aws_inspector2_finding_3.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_3 Title: "Find Insights into AWS Inspector Security Issues" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_3.yaml.bak b/queries/aws_inspector2_finding_3.yaml.bak new file mode 100755 index 000000000..90e6ab894 --- /dev/null +++ b/queries/aws_inspector2_finding_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_inspector2_finding_3 +Title: "Find Insights into AWS Inspector Security Issues" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + severity, + count(severity) + from + aws_inspector2_finding + group by + severity + order by + severity; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_4.yaml b/queries/aws_inspector2_finding_4.yaml index b7ab08ab6..00fa4c0da 100755 --- a/queries/aws_inspector2_finding_4.yaml +++ b/queries/aws_inspector2_finding_4.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_4 Title: "Find all AWS Inspector findings with details" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_4.yaml.bak b/queries/aws_inspector2_finding_4.yaml.bak new file mode 100755 index 000000000..b7ab08ab6 --- /dev/null +++ b/queries/aws_inspector2_finding_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_inspector2_finding_4 +Title: "Find all AWS Inspector findings with details" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + arn, + severity + from + aws_inspector2_finding + where + last_observed_at >= now() - interval '10' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_5.yaml b/queries/aws_inspector2_finding_5.yaml index 7c090e8fb..aff9589c8 100755 --- a/queries/aws_inspector2_finding_5.yaml +++ b/queries/aws_inspector2_finding_5.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_5 Title: "Find AWS Inspector suppressed findings" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_5.yaml.bak b/queries/aws_inspector2_finding_5.yaml.bak new file mode 100755 index 000000000..7c090e8fb --- /dev/null +++ b/queries/aws_inspector2_finding_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_inspector2_finding_5 +Title: "Find AWS Inspector suppressed findings" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + status, + type, + resources, + vulnerable_packages + from + aws_inspector2_finding + where + status = 'SUPPRESSED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_6.yaml b/queries/aws_inspector2_finding_6.yaml index 0e294c522..a322ec6e7 100755 --- a/queries/aws_inspector2_finding_6.yaml +++ b/queries/aws_inspector2_finding_6.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_6 Title: "Find AWS Inspector findings to identify vulnerabilities" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_6.yaml.bak b/queries/aws_inspector2_finding_6.yaml.bak new file mode 100755 index 000000000..a322ec6e7 --- /dev/null +++ b/queries/aws_inspector2_finding_6.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_inspector2_finding_6 +Title: "Find AWS Inspector findings to identify vulnerabilities" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + status, + type, + resources, + vulnerable_packages + from + aws_inspector2_finding + where + type = 'PACKAGE_VULNERABILITY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_6.yaml.bak.bak b/queries/aws_inspector2_finding_6.yaml.bak.bak new file mode 100755 index 000000000..a322ec6e7 --- /dev/null +++ b/queries/aws_inspector2_finding_6.yaml.bak.bak @@ -0,0 +1,32 @@ +ID: aws_inspector2_finding_6 +Title: "Find AWS Inspector findings to identify vulnerabilities" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + status, + type, + resources, + vulnerable_packages + from + aws_inspector2_finding + where + type = 'PACKAGE_VULNERABILITY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_7.yaml b/queries/aws_inspector2_finding_7.yaml index 1dd642f17..52270275f 100755 --- a/queries/aws_inspector2_finding_7.yaml +++ b/queries/aws_inspector2_finding_7.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_7 Title: "Query AWS Inspector findings for security insights" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_7.yaml.bak b/queries/aws_inspector2_finding_7.yaml.bak new file mode 100755 index 000000000..1dd642f17 --- /dev/null +++ b/queries/aws_inspector2_finding_7.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_inspector2_finding_7 +Title: "Query AWS Inspector findings for security insights" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + f.arn as finding_arn, + r ->> 'Id' as resource_id, + r ->> 'Type' as resource_type, + r ->> 'Details' as resource_details, + r ->> 'Partition' as partition, + r ->> 'Tags' as resource_tags + from + aws_inspector2_finding as f, + jsonb_array_elements(resources) as r; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_8.yaml b/queries/aws_inspector2_finding_8.yaml index efa3bf15e..b91bdc943 100755 --- a/queries/aws_inspector2_finding_8.yaml +++ b/queries/aws_inspector2_finding_8.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_8 Title: "Find AWS Inspector findings and vulnerabilities via SQL" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_8.yaml.bak b/queries/aws_inspector2_finding_8.yaml.bak new file mode 100755 index 000000000..efa3bf15e --- /dev/null +++ b/queries/aws_inspector2_finding_8.yaml.bak @@ -0,0 +1,37 @@ +ID: aws_inspector2_finding_8 +Title: "Find AWS Inspector findings and vulnerabilities via SQL" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + f.arn, + f.vulnerability_id, + v ->> 'Name' as vulnerability_package_name, + v ->> 'Version' as vulnerability_package_version, + v ->> 'Arch' as vulnerability_package_arch, + v ->> 'Epoch' as vulnerability_package_epoch, + v ->> 'FilePath' as vulnerability_package_file_path, + v ->> 'FixedInVersion' as vulnerability_package_fixed_in_version, + v ->> 'PackageManager' as vulnerability_package_package_manager, + v ->> 'Release' as vulnerability_package_release, + v ->> 'Remediation' as vulnerability_package_remediation, + v ->> 'SourceLambdaLayerArn' as source_lambda_layer_arn, + v ->> 'Name' as source_layer_hash + from + aws_inspector2_finding as f, + jsonb_array_elements(vulnerable_packages) as v; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_finding_9.yaml b/queries/aws_inspector2_finding_9.yaml index a6b94693e..26abb7a56 100755 --- a/queries/aws_inspector2_finding_9.yaml +++ b/queries/aws_inspector2_finding_9.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_finding_9 Title: "Find and Query Insights into AWS Inspector Findings" Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_finding_9.yaml.bak b/queries/aws_inspector2_finding_9.yaml.bak new file mode 100755 index 000000000..a6b94693e --- /dev/null +++ b/queries/aws_inspector2_finding_9.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_inspector2_finding_9 +Title: "Find and Query Insights into AWS Inspector Findings" +Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + finding_account_id, + first_observed_at, + fix_available, + exploit_available + from + aws_inspector2_finding + where + exploit_available = 'YES'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_member_1.yaml b/queries/aws_inspector2_member_1.yaml index cfd6ae2ca..48b84cdf3 100755 --- a/queries/aws_inspector2_member_1.yaml +++ b/queries/aws_inspector2_member_1.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_member_1 Title: "Find all AWS Inspector Members and Their Details" Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_member_1.yaml.bak b/queries/aws_inspector2_member_1.yaml.bak new file mode 100755 index 000000000..cfd6ae2ca --- /dev/null +++ b/queries/aws_inspector2_member_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_inspector2_member_1 +Title: "Find all AWS Inspector Members and Their Details" +Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + member_account_id, + delegated_admin_account_id, + relationship_status, + updated_at + from + aws_inspector2_member; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_member_2.yaml b/queries/aws_inspector2_member_2.yaml index 70f449323..80d2e7b6d 100755 --- a/queries/aws_inspector2_member_2.yaml +++ b/queries/aws_inspector2_member_2.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_member_2 Title: "Find AWS Inspector Members Information" Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_member_2.yaml.bak b/queries/aws_inspector2_member_2.yaml.bak new file mode 100755 index 000000000..80d2e7b6d --- /dev/null +++ b/queries/aws_inspector2_member_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_inspector2_member_2 +Title: "Find AWS Inspector Members Information" +Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + member_account_id, + delegated_admin_account_id, + relationship_status, + updated_at + from + aws_inspector2_member + where + updated_at >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_member_2.yaml.bak.bak b/queries/aws_inspector2_member_2.yaml.bak.bak new file mode 100755 index 000000000..80d2e7b6d --- /dev/null +++ b/queries/aws_inspector2_member_2.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_inspector2_member_2 +Title: "Find AWS Inspector Members Information" +Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + member_account_id, + delegated_admin_account_id, + relationship_status, + updated_at + from + aws_inspector2_member + where + updated_at >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector2_member_3.yaml b/queries/aws_inspector2_member_3.yaml index 2bd294d74..36e4e2abc 100755 --- a/queries/aws_inspector2_member_3.yaml +++ b/queries/aws_inspector2_member_3.yaml @@ -1,7 +1,7 @@ ID: aws_inspector2_member_3 Title: "Find all AWS Inspector Member Accounts Information" Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector2_member_3.yaml.bak b/queries/aws_inspector2_member_3.yaml.bak new file mode 100755 index 000000000..2bd294d74 --- /dev/null +++ b/queries/aws_inspector2_member_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_inspector2_member_3 +Title: "Find all AWS Inspector Member Accounts Information" +Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + member_account_id, + delegated_admin_account_id, + relationship_status + from + aws_inspector2_member + where + relationship_status = 'INVITED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Inspector diff --git a/queries/aws_inspector_assessment_run_1.yaml b/queries/aws_inspector_assessment_run_1.yaml index 6814a8c37..7731f089c 100755 --- a/queries/aws_inspector_assessment_run_1.yaml +++ b/queries/aws_inspector_assessment_run_1.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_run_1 Title: "List all AWS Inspector Assessment Runs and Details" Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_run_1.yaml.bak b/queries/aws_inspector_assessment_run_1.yaml.bak new file mode 100755 index 000000000..6814a8c37 --- /dev/null +++ b/queries/aws_inspector_assessment_run_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_inspector_assessment_run_1 +Title: "List all AWS Inspector Assessment Runs and Details" +Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + assessment_template_arn, + created_at, + state, + region + from + aws_inspector_assessment_run; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_assessment_run_2.yaml b/queries/aws_inspector_assessment_run_2.yaml index b95ae1d9b..01dc83aca 100755 --- a/queries/aws_inspector_assessment_run_2.yaml +++ b/queries/aws_inspector_assessment_run_2.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_run_2 Title: "Find AWS Inspector Assessment Runs with Details" Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_run_2.yaml.bak b/queries/aws_inspector_assessment_run_2.yaml.bak new file mode 100755 index 000000000..b95ae1d9b --- /dev/null +++ b/queries/aws_inspector_assessment_run_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_inspector_assessment_run_2 +Title: "Find AWS Inspector Assessment Runs with Details" +Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + finding_counts ->> 'High' as high, + finding_counts ->> 'Low' as low, + finding_counts ->> 'Medium' as medium, + finding_counts ->> 'Informational' as informational, + state + from + aws_inspector_assessment_run; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_assessment_run_3.yaml b/queries/aws_inspector_assessment_run_3.yaml index 75b1de446..5cbeb0f66 100755 --- a/queries/aws_inspector_assessment_run_3.yaml +++ b/queries/aws_inspector_assessment_run_3.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_run_3 Title: "List all AWS Inspector Assessment Runs and Their Details" Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_run_3.yaml.bak b/queries/aws_inspector_assessment_run_3.yaml.bak new file mode 100755 index 000000000..75b1de446 --- /dev/null +++ b/queries/aws_inspector_assessment_run_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_inspector_assessment_run_3 +Title: "List all AWS Inspector Assessment Runs and Their Details" +Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + t.name as assessment_template_name, + r.name as assessment_run_name, + r.created_at as assessment_run_created_at, + r.state, + r.region + from + aws_inspector_assessment_run as r, + aws_inspector_assessment_template as t + where + r.assessment_template_arn = t.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Inspector diff --git a/queries/aws_inspector_assessment_run_4.yaml b/queries/aws_inspector_assessment_run_4.yaml index 2ec68c8d8..a1ab742ff 100755 --- a/queries/aws_inspector_assessment_run_4.yaml +++ b/queries/aws_inspector_assessment_run_4.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_run_4 Title: "List all AWS Inspector Assessment Runs and their details" Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_run_4.yaml.bak b/queries/aws_inspector_assessment_run_4.yaml.bak new file mode 100755 index 000000000..2ec68c8d8 --- /dev/null +++ b/queries/aws_inspector_assessment_run_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_inspector_assessment_run_4 +Title: "List all AWS Inspector Assessment Runs and their details" +Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + assessment_template_arn, + created_at, + state, + region + from + aws_inspector_assessment_run + where + state <> 'COMPLETED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_assessment_run_5.yaml b/queries/aws_inspector_assessment_run_5.yaml index 2ab74765d..3d4c79c52 100755 --- a/queries/aws_inspector_assessment_run_5.yaml +++ b/queries/aws_inspector_assessment_run_5.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_run_5 Title: "Query AWS Inspector Assessment Run Details" Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_run_5.yaml.bak b/queries/aws_inspector_assessment_run_5.yaml.bak new file mode 100755 index 000000000..2ab74765d --- /dev/null +++ b/queries/aws_inspector_assessment_run_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_inspector_assessment_run_5 +Title: "Query AWS Inspector Assessment Run Details" +Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + state, + jsonb_pretty(state_changes) as state_changes + from + aws_inspector_assessment_run; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_assessment_run_6.yaml b/queries/aws_inspector_assessment_run_6.yaml index a20b88ddc..3b86c42cb 100755 --- a/queries/aws_inspector_assessment_run_6.yaml +++ b/queries/aws_inspector_assessment_run_6.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_run_6 Title: "List all AWS Inspector Assessment Runs in Last Week" Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_run_6.yaml.bak b/queries/aws_inspector_assessment_run_6.yaml.bak new file mode 100755 index 000000000..3b86c42cb --- /dev/null +++ b/queries/aws_inspector_assessment_run_6.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_inspector_assessment_run_6 +Title: "List all AWS Inspector Assessment Runs in Last Week" +Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + assessment_template_arn, + created_at, + state, + region + from + aws_inspector_assessment_run + where + created_at >= (now() - interval '7' day); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_assessment_run_6.yaml.bak.bak b/queries/aws_inspector_assessment_run_6.yaml.bak.bak new file mode 100755 index 000000000..3b86c42cb --- /dev/null +++ b/queries/aws_inspector_assessment_run_6.yaml.bak.bak @@ -0,0 +1,31 @@ +ID: aws_inspector_assessment_run_6 +Title: "List all AWS Inspector Assessment Runs in Last Week" +Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + assessment_template_arn, + created_at, + state, + region + from + aws_inspector_assessment_run + where + created_at >= (now() - interval '7' day); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_assessment_target_1.yaml b/queries/aws_inspector_assessment_target_1.yaml index a46eae31a..705d97d2d 100755 --- a/queries/aws_inspector_assessment_target_1.yaml +++ b/queries/aws_inspector_assessment_target_1.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_target_1 Title: "List AWS Inspector Assessment Targets with Details" Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_target_1.yaml.bak b/queries/aws_inspector_assessment_target_1.yaml.bak new file mode 100755 index 000000000..a46eae31a --- /dev/null +++ b/queries/aws_inspector_assessment_target_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_inspector_assessment_target_1 +Title: "List AWS Inspector Assessment Targets with Details" +Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + resource_group_arn, + created_at, + updated_at, + region + from + aws_inspector_assessment_target; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Inspector diff --git a/queries/aws_inspector_assessment_target_2.yaml b/queries/aws_inspector_assessment_target_2.yaml index 44daaea1e..b8a5e8549 100755 --- a/queries/aws_inspector_assessment_target_2.yaml +++ b/queries/aws_inspector_assessment_target_2.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_target_2 Title: "Find AWS Inspector Assessment Targets Created in Last 7 Days" Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_target_2.yaml.bak b/queries/aws_inspector_assessment_target_2.yaml.bak new file mode 100755 index 000000000..b8a5e8549 --- /dev/null +++ b/queries/aws_inspector_assessment_target_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_inspector_assessment_target_2 +Title: "Find AWS Inspector Assessment Targets Created in Last 7 Days" +Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + resource_group_arn, + created_at, + updated_at, + region + from + aws_inspector_assessment_target + where + created_at > (current_date - interval '7' day); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_assessment_target_2.yaml.bak.bak b/queries/aws_inspector_assessment_target_2.yaml.bak.bak new file mode 100755 index 000000000..b8a5e8549 --- /dev/null +++ b/queries/aws_inspector_assessment_target_2.yaml.bak.bak @@ -0,0 +1,31 @@ +ID: aws_inspector_assessment_target_2 +Title: "Find AWS Inspector Assessment Targets Created in Last 7 Days" +Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + resource_group_arn, + created_at, + updated_at, + region + from + aws_inspector_assessment_target + where + created_at > (current_date - interval '7' day); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_assessment_target_3.yaml b/queries/aws_inspector_assessment_target_3.yaml index eefb3507c..fc4998b83 100755 --- a/queries/aws_inspector_assessment_target_3.yaml +++ b/queries/aws_inspector_assessment_target_3.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_target_3 Title: "List AWS Inspector Assessment Targets Details" Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_target_3.yaml.bak b/queries/aws_inspector_assessment_target_3.yaml.bak new file mode 100755 index 000000000..eefb3507c --- /dev/null +++ b/queries/aws_inspector_assessment_target_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_inspector_assessment_target_3 +Title: "List AWS Inspector Assessment Targets Details" +Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + resource_group_arn, + created_at, + updated_at, + region + from + aws_inspector_assessment_target + where + created_at != updated_at; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_assessment_template_1.yaml b/queries/aws_inspector_assessment_template_1.yaml index 3c485c00d..afc4b3aec 100755 --- a/queries/aws_inspector_assessment_template_1.yaml +++ b/queries/aws_inspector_assessment_template_1.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_template_1 Title: "Find AWS Inspector Assessment Templates" Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_template_1.yaml.bak b/queries/aws_inspector_assessment_template_1.yaml.bak new file mode 100755 index 000000000..3c485c00d --- /dev/null +++ b/queries/aws_inspector_assessment_template_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_inspector_assessment_template_1 +Title: "Find AWS Inspector Assessment Templates" +Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + assessment_run_count, + created_at, + assessment_target_arn, + region + from + aws_inspector_assessment_template; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_assessment_template_2.yaml b/queries/aws_inspector_assessment_template_2.yaml index a8e153c31..43212d57b 100755 --- a/queries/aws_inspector_assessment_template_2.yaml +++ b/queries/aws_inspector_assessment_template_2.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_template_2 Title: "List AWS Inspector Assessment Template Configurations" Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_template_2.yaml.bak b/queries/aws_inspector_assessment_template_2.yaml.bak new file mode 100755 index 000000000..a8e153c31 --- /dev/null +++ b/queries/aws_inspector_assessment_template_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_inspector_assessment_template_2 +Title: "List AWS Inspector Assessment Template Configurations" +Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + assessment_run_count, + created_at, + assessment_target_arn, + user_attributes_for_findings, + region + from + aws_inspector_assessment_template + where + user_attributes_for_findings = '[]'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Inspector diff --git a/queries/aws_inspector_assessment_template_3.yaml b/queries/aws_inspector_assessment_template_3.yaml index f06e1c059..5c71b02e1 100755 --- a/queries/aws_inspector_assessment_template_3.yaml +++ b/queries/aws_inspector_assessment_template_3.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_template_3 Title: "Find AWS Inspector Assessment Templates with 0 Runs" Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_template_3.yaml.bak b/queries/aws_inspector_assessment_template_3.yaml.bak new file mode 100755 index 000000000..f06e1c059 --- /dev/null +++ b/queries/aws_inspector_assessment_template_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_inspector_assessment_template_3 +Title: "Find AWS Inspector Assessment Templates with 0 Runs" +Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + assessment_run_count, + created_at, + assessment_target_arn, + user_attributes_for_findings, + region + from + aws_inspector_assessment_template + where + assessment_run_count = 0; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_assessment_template_4.yaml b/queries/aws_inspector_assessment_template_4.yaml index 080b64838..0af35d6e2 100755 --- a/queries/aws_inspector_assessment_template_4.yaml +++ b/queries/aws_inspector_assessment_template_4.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_template_4 Title: "List AWS Inspector Assessment Template Details" Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_template_4.yaml.bak b/queries/aws_inspector_assessment_template_4.yaml.bak new file mode 100755 index 000000000..080b64838 --- /dev/null +++ b/queries/aws_inspector_assessment_template_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_inspector_assessment_template_4 +Title: "List AWS Inspector Assessment Template Details" +Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + assessment_run_count, + created_at, + assessment_target_arn, + duration_in_seconds, + region + from + aws_inspector_assessment_template + where + duration_in_seconds < 3600; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_assessment_template_5.yaml b/queries/aws_inspector_assessment_template_5.yaml index 5a3c791a9..f4f1ee7e8 100755 --- a/queries/aws_inspector_assessment_template_5.yaml +++ b/queries/aws_inspector_assessment_template_5.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_template_5 Title: "Find all AWS Inspector Assessment Templates with No Runs" Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_template_5.yaml.bak b/queries/aws_inspector_assessment_template_5.yaml.bak new file mode 100755 index 000000000..5a3c791a9 --- /dev/null +++ b/queries/aws_inspector_assessment_template_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_inspector_assessment_template_5 +Title: "Find all AWS Inspector Assessment Templates with No Runs" +Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + assessment_run_count, + created_at, + assessment_target_arn, + user_attributes_for_findings, + region + from + aws_inspector_assessment_template + where + assessment_run_count = 0; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_assessment_template_6.yaml b/queries/aws_inspector_assessment_template_6.yaml index 0d9e8bdd1..e870e1853 100755 --- a/queries/aws_inspector_assessment_template_6.yaml +++ b/queries/aws_inspector_assessment_template_6.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_assessment_template_6 Title: "Find AWS Inspector Assessment Templates by Duration" Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_assessment_template_6.yaml.bak b/queries/aws_inspector_assessment_template_6.yaml.bak new file mode 100755 index 000000000..0d9e8bdd1 --- /dev/null +++ b/queries/aws_inspector_assessment_template_6.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_inspector_assessment_template_6 +Title: "Find AWS Inspector Assessment Templates by Duration" +Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + assessment_run_count, + created_at, + assessment_target_arn, + duration_in_seconds, + region + from + aws_inspector_assessment_template + where + duration_in_seconds < 3600; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_exclusion_1.yaml b/queries/aws_inspector_exclusion_1.yaml index 1e6d298bc..b0f81830b 100755 --- a/queries/aws_inspector_exclusion_1.yaml +++ b/queries/aws_inspector_exclusion_1.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_exclusion_1 Title: "List all AWS Inspector Exclusions with Descriptions" Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_exclusion_1.yaml.bak b/queries/aws_inspector_exclusion_1.yaml.bak new file mode 100755 index 000000000..b0f81830b --- /dev/null +++ b/queries/aws_inspector_exclusion_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_inspector_exclusion_1 +Title: "List all AWS Inspector Exclusions with Descriptions" +Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + attributes, + description, + title, + region + from + aws_inspector_exclusion; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_exclusion_1.yaml.bak.bak b/queries/aws_inspector_exclusion_1.yaml.bak.bak new file mode 100755 index 000000000..b0f81830b --- /dev/null +++ b/queries/aws_inspector_exclusion_1.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_inspector_exclusion_1 +Title: "List all AWS Inspector Exclusions with Descriptions" +Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + attributes, + description, + title, + region + from + aws_inspector_exclusion; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_exclusion_2.yaml b/queries/aws_inspector_exclusion_2.yaml index 4f2cd83ff..6d212da9d 100755 --- a/queries/aws_inspector_exclusion_2.yaml +++ b/queries/aws_inspector_exclusion_2.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_exclusion_2 Title: "Find AWS Inspector Exclusions including ARNs and Descriptions" Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_exclusion_2.yaml.bak b/queries/aws_inspector_exclusion_2.yaml.bak new file mode 100755 index 000000000..4f2cd83ff --- /dev/null +++ b/queries/aws_inspector_exclusion_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_inspector_exclusion_2 +Title: "Find AWS Inspector Exclusions including ARNs and Descriptions" +Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + attributes, + description, + title, + region + from + aws_inspector_exclusion + where + assessment_run_arn = 'arn:aws:inspector:us-east-1:012345678912:target/0-ywdTAdRg/template/0-rY1J4B4f/run/0-LRRwpQFz'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_exclusion_3.yaml b/queries/aws_inspector_exclusion_3.yaml index 6491c7390..3cfa3c300 100755 --- a/queries/aws_inspector_exclusion_3.yaml +++ b/queries/aws_inspector_exclusion_3.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_exclusion_3 Title: "List AWS Inspector Exclusions with Details" Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_exclusion_3.yaml.bak b/queries/aws_inspector_exclusion_3.yaml.bak new file mode 100755 index 000000000..6491c7390 --- /dev/null +++ b/queries/aws_inspector_exclusion_3.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_inspector_exclusion_3 +Title: "List AWS Inspector Exclusions with Details" +Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + jsonb_pretty(attributes) as attributes, + jsonb_pretty(scopes) as scopes + from + aws_inspector_exclusion; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Inspector diff --git a/queries/aws_inspector_exclusion_4.yaml b/queries/aws_inspector_exclusion_4.yaml index 567f421ca..24184a1c1 100755 --- a/queries/aws_inspector_exclusion_4.yaml +++ b/queries/aws_inspector_exclusion_4.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_exclusion_4 Title: "List all AWS Inspector Exclusions with Details" Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_exclusion_4.yaml.bak b/queries/aws_inspector_exclusion_4.yaml.bak new file mode 100755 index 000000000..567f421ca --- /dev/null +++ b/queries/aws_inspector_exclusion_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_inspector_exclusion_4 +Title: "List all AWS Inspector Exclusions with Details" +Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + region, + title, + count(arn) + from + aws_inspector_exclusion + group by + arn, + region, + title + order by + count desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Inspector diff --git a/queries/aws_inspector_exclusion_5.yaml b/queries/aws_inspector_exclusion_5.yaml index 59b011600..6da8d1666 100755 --- a/queries/aws_inspector_exclusion_5.yaml +++ b/queries/aws_inspector_exclusion_5.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_exclusion_5 Title: "List AWS Inspector Exclusions with ARNs and Recommendations" Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_exclusion_5.yaml.bak b/queries/aws_inspector_exclusion_5.yaml.bak new file mode 100755 index 000000000..59b011600 --- /dev/null +++ b/queries/aws_inspector_exclusion_5.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_inspector_exclusion_5 +Title: "List AWS Inspector Exclusions with ARNs and Recommendations" +Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + e.arn, + e.title, + jsonb_pretty(e.attributes) as attributes, + e.recommendation + from + aws_inspector_exclusion e, + aws_inspector_assessment_run r, + aws_inspector_assessment_template t + where + e.assessment_run_arn = r.arn + and + r.assessment_template_arn = t.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_finding_1.yaml b/queries/aws_inspector_finding_1.yaml index 04fc26559..afc128e7e 100755 --- a/queries/aws_inspector_finding_1.yaml +++ b/queries/aws_inspector_finding_1.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_finding_1 Title: "Find all AWS Inspector Findings details" Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_finding_1.yaml.bak b/queries/aws_inspector_finding_1.yaml.bak new file mode 100755 index 000000000..04fc26559 --- /dev/null +++ b/queries/aws_inspector_finding_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_inspector_finding_1 +Title: "Find all AWS Inspector Findings details" +Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + agent_id as instance_id, + asset_type, + confidence, + severity + from + aws_inspector_finding; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Inspector diff --git a/queries/aws_inspector_finding_10.yaml b/queries/aws_inspector_finding_10.yaml index 4d0221d40..96af7ee2b 100755 --- a/queries/aws_inspector_finding_10.yaml +++ b/queries/aws_inspector_finding_10.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_finding_10 Title: "List all AWS Inspector Findings with Details" Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_finding_10.yaml.bak b/queries/aws_inspector_finding_10.yaml.bak new file mode 100755 index 000000000..4d0221d40 --- /dev/null +++ b/queries/aws_inspector_finding_10.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_inspector_finding_10 +Title: "List all AWS Inspector Findings with Details" +Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + agent_id as instance_id, + asset_type, + confidence, + severity + from + aws_inspector_finding + order by + confidence; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Inspector diff --git a/queries/aws_inspector_finding_2.yaml b/queries/aws_inspector_finding_2.yaml index db4c1eda2..62bb52454 100755 --- a/queries/aws_inspector_finding_2.yaml +++ b/queries/aws_inspector_finding_2.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_finding_2 Title: "List High Severity Findings from AWS Inspector" Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_finding_2.yaml.bak b/queries/aws_inspector_finding_2.yaml.bak new file mode 100755 index 000000000..db4c1eda2 --- /dev/null +++ b/queries/aws_inspector_finding_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_inspector_finding_2 +Title: "List High Severity Findings from AWS Inspector" +Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + agent_id as instance_id, + asset_type, + confidence, + severity + from + aws_inspector_finding + where + severity = 'High'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Inspector diff --git a/queries/aws_inspector_finding_3.yaml b/queries/aws_inspector_finding_3.yaml index 174ab1f78..921244d7f 100755 --- a/queries/aws_inspector_finding_3.yaml +++ b/queries/aws_inspector_finding_3.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_finding_3 Title: "Find AWS Inspector Findings by Severity" Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_finding_3.yaml.bak b/queries/aws_inspector_finding_3.yaml.bak new file mode 100755 index 000000000..174ab1f78 --- /dev/null +++ b/queries/aws_inspector_finding_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_inspector_finding_3 +Title: "Find AWS Inspector Findings by Severity" +Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + severity, + count(severity) + from + aws_inspector_finding + group by + severity + order by + severity; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Inspector diff --git a/queries/aws_inspector_finding_4.yaml b/queries/aws_inspector_finding_4.yaml index af1d57448..59e1e7665 100755 --- a/queries/aws_inspector_finding_4.yaml +++ b/queries/aws_inspector_finding_4.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_finding_4 Title: "List AWS Inspector Findings from the Past 10 Days" Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_finding_4.yaml.bak b/queries/aws_inspector_finding_4.yaml.bak new file mode 100755 index 000000000..af1d57448 --- /dev/null +++ b/queries/aws_inspector_finding_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_inspector_finding_4 +Title: "List AWS Inspector Findings from the Past 10 Days" +Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + id, + confidence, + severity + from + aws_inspector_finding + where + created_at >= now() - interval '10' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Inspector diff --git a/queries/aws_inspector_finding_5.yaml b/queries/aws_inspector_finding_5.yaml index 13f874c38..631ec9cc2 100755 --- a/queries/aws_inspector_finding_5.yaml +++ b/queries/aws_inspector_finding_5.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_finding_5 Title: "List all AWS Inspector Findings with Detailed Information" Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_finding_5.yaml.bak b/queries/aws_inspector_finding_5.yaml.bak new file mode 100755 index 000000000..631ec9cc2 --- /dev/null +++ b/queries/aws_inspector_finding_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_inspector_finding_5 +Title: "List all AWS Inspector Findings with Detailed Information" +Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + id, + jsonb_pretty(attributes) as attributes + from + aws_inspector_finding; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Inspector diff --git a/queries/aws_inspector_finding_5.yaml.bak.bak b/queries/aws_inspector_finding_5.yaml.bak.bak new file mode 100755 index 000000000..631ec9cc2 --- /dev/null +++ b/queries/aws_inspector_finding_5.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_inspector_finding_5 +Title: "List all AWS Inspector Findings with Detailed Information" +Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + id, + jsonb_pretty(attributes) as attributes + from + aws_inspector_finding; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Inspector diff --git a/queries/aws_inspector_finding_6.yaml b/queries/aws_inspector_finding_6.yaml index b2c790323..90baa24ca 100755 --- a/queries/aws_inspector_finding_6.yaml +++ b/queries/aws_inspector_finding_6.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_finding_6 Title: "Find AWS Inspector Findings with Detailed Information" Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_finding_6.yaml.bak b/queries/aws_inspector_finding_6.yaml.bak new file mode 100755 index 000000000..b2c790323 --- /dev/null +++ b/queries/aws_inspector_finding_6.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_inspector_finding_6 +Title: "Find AWS Inspector Findings with Detailed Information" +Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + title, + asset_attributes ->> 'AgentId' as agent_id, + asset_attributes ->> 'AmiId' as ami_id, + asset_attributes ->> 'Hostname' as hostname, + asset_attributes ->> 'Tags' as tags + from + aws_inspector_finding; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Inspector diff --git a/queries/aws_inspector_finding_7.yaml b/queries/aws_inspector_finding_7.yaml index bfdd7b590..bf7c68346 100755 --- a/queries/aws_inspector_finding_7.yaml +++ b/queries/aws_inspector_finding_7.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_finding_7 Title: "List all High Severity AWS Inspector Findings" Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_finding_7.yaml.bak b/queries/aws_inspector_finding_7.yaml.bak new file mode 100755 index 000000000..bfdd7b590 --- /dev/null +++ b/queries/aws_inspector_finding_7.yaml.bak @@ -0,0 +1,37 @@ +ID: aws_inspector_finding_7 +Title: "List all High Severity AWS Inspector Findings" +Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + distinct i.instance_id, + i.instance_state, + i.instance_type, + f.title, + f.service, + f.severity, + f.confidence + from + aws_ec2_instance as i, + aws_inspector_finding as f + where + severity = 'High' + and + i.instance_id = f.agent_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Inspector diff --git a/queries/aws_inspector_finding_8.yaml b/queries/aws_inspector_finding_8.yaml index ff74254ff..eef4adf4a 100755 --- a/queries/aws_inspector_finding_8.yaml +++ b/queries/aws_inspector_finding_8.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_finding_8 Title: "Find all Detailed Information on AWS Inspector Findings" Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_finding_8.yaml.bak b/queries/aws_inspector_finding_8.yaml.bak new file mode 100755 index 000000000..ff74254ff --- /dev/null +++ b/queries/aws_inspector_finding_8.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_inspector_finding_8 +Title: "Find all Detailed Information on AWS Inspector Findings" +Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + title, + service_attributes ->> 'AssessmentRunArn' as assessment_run_arn, + service_attributes ->> 'RulesPackageArn' as rules_package_arn, + service_attributes ->> 'SchemaVersion' as schema_version, + from + aws_inspector_finding; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Inspector diff --git a/queries/aws_inspector_finding_9.yaml b/queries/aws_inspector_finding_9.yaml index ee41deff2..c5c84b8ba 100755 --- a/queries/aws_inspector_finding_9.yaml +++ b/queries/aws_inspector_finding_9.yaml @@ -1,7 +1,7 @@ ID: aws_inspector_finding_9 Title: "Find AWS Inspector Findings with Detailed Information" Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_inspector_finding_9.yaml.bak b/queries/aws_inspector_finding_9.yaml.bak new file mode 100755 index 000000000..ee41deff2 --- /dev/null +++ b/queries/aws_inspector_finding_9.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_inspector_finding_9 +Title: "Find AWS Inspector Findings with Detailed Information" +Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + f.id, + r.title, + f.service_attributes ->> 'AssessmentRunArn' as assessment_run_arn, + r.assessment_template_arn, + r.finding_counts + from + aws_inspector_finding as f, + aws_inspector_assessment_run as r + where + f.service_attributes ->> 'AssessmentRunArn' = r.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Inspector diff --git a/queries/aws_iot_fleet_metric_1.yaml b/queries/aws_iot_fleet_metric_1.yaml index 13f2d3279..0de0c456f 100755 --- a/queries/aws_iot_fleet_metric_1.yaml +++ b/queries/aws_iot_fleet_metric_1.yaml @@ -1,7 +1,7 @@ ID: aws_iot_fleet_metric_1 Title: "List all AWS IoT Fleet Metrics with details" Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_fleet_metric_1.yaml.bak b/queries/aws_iot_fleet_metric_1.yaml.bak new file mode 100755 index 000000000..0de0c456f --- /dev/null +++ b/queries/aws_iot_fleet_metric_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iot_fleet_metric_1 +Title: "List all AWS IoT Fleet Metrics with details" +Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + metric_name, + arn, + index_name, + creation_date, + last_modified_date + from + aws_iot_fleet_metric; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IoT Fleet Metrics diff --git a/queries/aws_iot_fleet_metric_1.yaml.bak.bak b/queries/aws_iot_fleet_metric_1.yaml.bak.bak new file mode 100755 index 000000000..0de0c456f --- /dev/null +++ b/queries/aws_iot_fleet_metric_1.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_iot_fleet_metric_1 +Title: "List all AWS IoT Fleet Metrics with details" +Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + metric_name, + arn, + index_name, + creation_date, + last_modified_date + from + aws_iot_fleet_metric; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IoT Fleet Metrics diff --git a/queries/aws_iot_fleet_metric_2.yaml b/queries/aws_iot_fleet_metric_2.yaml index e1b3c5e84..a81abd763 100755 --- a/queries/aws_iot_fleet_metric_2.yaml +++ b/queries/aws_iot_fleet_metric_2.yaml @@ -1,7 +1,7 @@ ID: aws_iot_fleet_metric_2 Title: "List all AWS IoT Fleet Metrics Configuration and Aggregation" Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_fleet_metric_2.yaml.bak b/queries/aws_iot_fleet_metric_2.yaml.bak new file mode 100755 index 000000000..e1b3c5e84 --- /dev/null +++ b/queries/aws_iot_fleet_metric_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iot_fleet_metric_2 +Title: "List all AWS IoT Fleet Metrics Configuration and Aggregation" +Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + metric_name, + aggregation_field, + creation_date, + aggregation_type_name, + query_string + from + aws_iot_fleet_metric + group by + aggregation_type_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - IoT Fleet Metrics diff --git a/queries/aws_iot_fleet_metric_3.yaml b/queries/aws_iot_fleet_metric_3.yaml index f453002a7..f3a1b34fa 100755 --- a/queries/aws_iot_fleet_metric_3.yaml +++ b/queries/aws_iot_fleet_metric_3.yaml @@ -1,7 +1,7 @@ ID: aws_iot_fleet_metric_3 Title: "List all AWS IoT Fleet Metrics with Details from Last 30 Days" Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_fleet_metric_3.yaml.bak b/queries/aws_iot_fleet_metric_3.yaml.bak new file mode 100755 index 000000000..f453002a7 --- /dev/null +++ b/queries/aws_iot_fleet_metric_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_iot_fleet_metric_3 +Title: "List all AWS IoT Fleet Metrics with Details from Last 30 Days" +Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + metric_name, + index_name, + creation_date, + last_modified_date, + query_version, + version + from + aws_iot_fleet_metric + where + last_modified_date >= now() - interval '30 days'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS IoT Fleet Metrics diff --git a/queries/aws_iot_thing_1.yaml b/queries/aws_iot_thing_1.yaml index b23b8d37d..2ab33822a 100755 --- a/queries/aws_iot_thing_1.yaml +++ b/queries/aws_iot_thing_1.yaml @@ -1,7 +1,7 @@ ID: aws_iot_thing_1 Title: "List all IoT Things with Details from AWS Account" Description: "Allows users to query AWS Internet of Things to retrieve detailed information about the the virtual model of a physical device with in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_thing_1.yaml.bak b/queries/aws_iot_thing_1.yaml.bak new file mode 100755 index 000000000..b23b8d37d --- /dev/null +++ b/queries/aws_iot_thing_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_iot_thing_1 +Title: "List all IoT Things with Details from AWS Account" +Description: "Allows users to query AWS Internet of Things to retrieve detailed information about the the virtual model of a physical device with in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + thing_name, + thing_id, + arn, + thing_type_name, + version + from + aws_iot_thing; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Internet of Things diff --git a/queries/aws_iot_thing_2.yaml b/queries/aws_iot_thing_2.yaml index 6d4d7f98d..792c8cd08 100755 --- a/queries/aws_iot_thing_2.yaml +++ b/queries/aws_iot_thing_2.yaml @@ -1,7 +1,7 @@ ID: aws_iot_thing_2 Title: "Find AWS IoT details for virtual device models" Description: "Allows users to query AWS Internet of Things to retrieve detailed information about the the virtual model of a physical device with in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_thing_2.yaml.bak b/queries/aws_iot_thing_2.yaml.bak new file mode 100755 index 000000000..6d4d7f98d --- /dev/null +++ b/queries/aws_iot_thing_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iot_thing_2 +Title: "Find AWS IoT details for virtual device models" +Description: "Allows users to query AWS Internet of Things to retrieve detailed information about the the virtual model of a physical device with in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + thing_name, + thing_id, + arn, + thing_type_name, + version + from + aws_iot_thing + where + attribute_name = 'foo'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS IoT diff --git a/queries/aws_iot_thing_3.yaml b/queries/aws_iot_thing_3.yaml index 3a7bed942..3c410a74a 100755 --- a/queries/aws_iot_thing_3.yaml +++ b/queries/aws_iot_thing_3.yaml @@ -1,7 +1,7 @@ ID: aws_iot_thing_3 Title: "List all AWS IoT things and attribute value details" Description: "Allows users to query AWS Internet of Things to retrieve detailed information about the the virtual model of a physical device with in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_thing_3.yaml.bak b/queries/aws_iot_thing_3.yaml.bak new file mode 100755 index 000000000..3a7bed942 --- /dev/null +++ b/queries/aws_iot_thing_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iot_thing_3 +Title: "List all AWS IoT things and attribute value details" +Description: "Allows users to query AWS Internet of Things to retrieve detailed information about the the virtual model of a physical device with in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + thing_name, + arn, + thing_id, + thing_type_name, + attribute_value + from + aws_iot_thing + where + thing_type_name = 'foo'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Internet of Things diff --git a/queries/aws_iot_thing_group_1.yaml b/queries/aws_iot_thing_group_1.yaml index 8901cb7a8..6326d2f42 100755 --- a/queries/aws_iot_thing_group_1.yaml +++ b/queries/aws_iot_thing_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_iot_thing_group_1 Title: "List insights into AWS IoT Thing Group configuration" Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_thing_group_1.yaml.bak b/queries/aws_iot_thing_group_1.yaml.bak new file mode 100755 index 000000000..8901cb7a8 --- /dev/null +++ b/queries/aws_iot_thing_group_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_iot_thing_group_1 +Title: "List insights into AWS IoT Thing Group configuration" +Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + group_name, + thing_group_id, + thing_group_description, + arn, + creation_date, + parent_group_name + from + aws_iot_thing_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IoT diff --git a/queries/aws_iot_thing_group_2.yaml b/queries/aws_iot_thing_group_2.yaml index 8c40f7199..5554ca1eb 100755 --- a/queries/aws_iot_thing_group_2.yaml +++ b/queries/aws_iot_thing_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_iot_thing_group_2 Title: "List all AWS IoT Thing Group Configurations" Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_thing_group_2.yaml.bak b/queries/aws_iot_thing_group_2.yaml.bak new file mode 100755 index 000000000..8c40f7199 --- /dev/null +++ b/queries/aws_iot_thing_group_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_iot_thing_group_2 +Title: "List all AWS IoT Thing Group Configurations" +Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + group_name, + thing_group_id, + creation_date, + parent_group_name, + version + from + aws_iot_thing_group + where + parent_group_name = 'foo'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS IoT diff --git a/queries/aws_iot_thing_group_3.yaml b/queries/aws_iot_thing_group_3.yaml index 728f5637e..e213499c7 100755 --- a/queries/aws_iot_thing_group_3.yaml +++ b/queries/aws_iot_thing_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_iot_thing_group_3 Title: "List all AWS IoT Thing Group Configurations" Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_thing_group_3.yaml.bak b/queries/aws_iot_thing_group_3.yaml.bak new file mode 100755 index 000000000..e213499c7 --- /dev/null +++ b/queries/aws_iot_thing_group_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_iot_thing_group_3 +Title: "List all AWS IoT Thing Group Configurations" +Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + group_name, + thing_group_id, + parent_group_name, + creation_date, + status + from + aws_iot_thing_group + where + creation_date >= now() - interval '30 days'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IoT diff --git a/queries/aws_iot_thing_group_3.yaml.bak.bak b/queries/aws_iot_thing_group_3.yaml.bak.bak new file mode 100755 index 000000000..e213499c7 --- /dev/null +++ b/queries/aws_iot_thing_group_3.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_iot_thing_group_3 +Title: "List all AWS IoT Thing Group Configurations" +Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + group_name, + thing_group_id, + parent_group_name, + creation_date, + status + from + aws_iot_thing_group + where + creation_date >= now() - interval '30 days'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IoT diff --git a/queries/aws_iot_thing_group_4.yaml b/queries/aws_iot_thing_group_4.yaml index a2aa1f83b..9219b861e 100755 --- a/queries/aws_iot_thing_group_4.yaml +++ b/queries/aws_iot_thing_group_4.yaml @@ -1,7 +1,7 @@ ID: aws_iot_thing_group_4 Title: "Find AWS IoT Thing Group Configurations and Details" Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_thing_group_4.yaml.bak b/queries/aws_iot_thing_group_4.yaml.bak new file mode 100755 index 000000000..a2aa1f83b --- /dev/null +++ b/queries/aws_iot_thing_group_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_iot_thing_group_4 +Title: "Find AWS IoT Thing Group Configurations and Details" +Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + group_name, + thing_group_id, + query_string, + query_version, + status + from + aws_iot_thing_group + where + status = 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS IoT Thing Group diff --git a/queries/aws_iot_thing_type_1.yaml b/queries/aws_iot_thing_type_1.yaml index a5c5d904e..0c9e7d26d 100755 --- a/queries/aws_iot_thing_type_1.yaml +++ b/queries/aws_iot_thing_type_1.yaml @@ -1,7 +1,7 @@ ID: aws_iot_thing_type_1 Title: "Find all AWS IoT Thing Types and Configurations" Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_thing_type_1.yaml.bak b/queries/aws_iot_thing_type_1.yaml.bak new file mode 100755 index 000000000..a5c5d904e --- /dev/null +++ b/queries/aws_iot_thing_type_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_iot_thing_type_1 +Title: "Find all AWS IoT Thing Types and Configurations" +Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + thing_type_name, + arn, + thing_type_id, + thing_type_description, + creation_date + from + aws_iot_thing_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - IoT diff --git a/queries/aws_iot_thing_type_2.yaml b/queries/aws_iot_thing_type_2.yaml index ea41a2132..609b8650e 100755 --- a/queries/aws_iot_thing_type_2.yaml +++ b/queries/aws_iot_thing_type_2.yaml @@ -1,7 +1,7 @@ ID: aws_iot_thing_type_2 Title: "List AWS IoT Thing Types and Their Configurations" Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_thing_type_2.yaml.bak b/queries/aws_iot_thing_type_2.yaml.bak new file mode 100755 index 000000000..ea41a2132 --- /dev/null +++ b/queries/aws_iot_thing_type_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_iot_thing_type_2 +Title: "List AWS IoT Thing Types and Their Configurations" +Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + thing_type_name, + arn, + thing_type_id, + thing_type_description, + creation_date, + deprecated + from + aws_iot_thing_type + where + deprecated; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS IoT Thing Type diff --git a/queries/aws_iot_thing_type_3.yaml b/queries/aws_iot_thing_type_3.yaml index edcec46eb..1b06fe60d 100755 --- a/queries/aws_iot_thing_type_3.yaml +++ b/queries/aws_iot_thing_type_3.yaml @@ -1,7 +1,7 @@ ID: aws_iot_thing_type_3 Title: "List all AWS IoT Thing Types with Configuration Details" Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_thing_type_3.yaml.bak b/queries/aws_iot_thing_type_3.yaml.bak new file mode 100755 index 000000000..edcec46eb --- /dev/null +++ b/queries/aws_iot_thing_type_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_iot_thing_type_3 +Title: "List all AWS IoT Thing Types with Configuration Details" +Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + thing_type_name, + arn, + thing_type_id, + thing_type_description, + creation_date, + deprecated, + searchable_attributes + from + aws_iot_thing_type + where + creation_date >= now() - interval '30 days'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - IoT diff --git a/queries/aws_iot_thing_type_4.yaml b/queries/aws_iot_thing_type_4.yaml index 6a5134766..5f468c27c 100755 --- a/queries/aws_iot_thing_type_4.yaml +++ b/queries/aws_iot_thing_type_4.yaml @@ -1,7 +1,7 @@ ID: aws_iot_thing_type_4 Title: "Find All AWS IoT Thing Types with Configuration Insights" Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_iot_thing_type_4.yaml.bak b/queries/aws_iot_thing_type_4.yaml.bak new file mode 100755 index 000000000..6a5134766 --- /dev/null +++ b/queries/aws_iot_thing_type_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_iot_thing_type_4 +Title: "Find All AWS IoT Thing Types with Configuration Insights" +Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + thing_type_name, + arn, + thing_type_id, + creation_date, + tags, + deprecation_date + from + aws_iot_thing_type + where + deprecation_date <= now() - interval '30 days'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - IoT diff --git a/queries/aws_kinesis_consumer_1.yaml b/queries/aws_kinesis_consumer_1.yaml index e38702695..fc4d085f4 100755 --- a/queries/aws_kinesis_consumer_1.yaml +++ b/queries/aws_kinesis_consumer_1.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_consumer_1 Title: "List All AWS Kinesis Consumers and Their Details" Description: "Allows users to query AWS Kinesis Consumers. This table provides information about Kinesis Consumers within AWS Kinesis Data Streams. It enables users to gather insights on consumers such as consumer ARN, creation timestamp, stream ARN and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_consumer_1.yaml.bak b/queries/aws_kinesis_consumer_1.yaml.bak new file mode 100755 index 000000000..e38702695 --- /dev/null +++ b/queries/aws_kinesis_consumer_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_kinesis_consumer_1 +Title: "List All AWS Kinesis Consumers and Their Details" +Description: "Allows users to query AWS Kinesis Consumers. This table provides information about Kinesis Consumers within AWS Kinesis Data Streams. It enables users to gather insights on consumers such as consumer ARN, creation timestamp, stream ARN and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + consumer_name, + consumer_arn, + consumer_status, + stream_arn + from + aws_kinesis_consumer; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Data Streams diff --git a/queries/aws_kinesis_consumer_2.yaml b/queries/aws_kinesis_consumer_2.yaml index 5019345c5..48a685356 100755 --- a/queries/aws_kinesis_consumer_2.yaml +++ b/queries/aws_kinesis_consumer_2.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_consumer_2 Title: "List all AWS Kinesis Consumers and their Status" Description: "Allows users to query AWS Kinesis Consumers. This table provides information about Kinesis Consumers within AWS Kinesis Data Streams. It enables users to gather insights on consumers such as consumer ARN, creation timestamp, stream ARN and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_consumer_2.yaml.bak b/queries/aws_kinesis_consumer_2.yaml.bak new file mode 100755 index 000000000..5019345c5 --- /dev/null +++ b/queries/aws_kinesis_consumer_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_kinesis_consumer_2 +Title: "List all AWS Kinesis Consumers and their Status" +Description: "Allows users to query AWS Kinesis Consumers. This table provides information about Kinesis Consumers within AWS Kinesis Data Streams. It enables users to gather insights on consumers such as consumer ARN, creation timestamp, stream ARN and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + consumer_name, + consumer_status, + consumer_arn + from + aws_kinesis_consumer + where + consumer_status != 'ACTIVE' + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Data Streams diff --git a/queries/aws_kinesis_firehose_delivery_stream_1.yaml b/queries/aws_kinesis_firehose_delivery_stream_1.yaml index c4e9afadf..8fd094526 100755 --- a/queries/aws_kinesis_firehose_delivery_stream_1.yaml +++ b/queries/aws_kinesis_firehose_delivery_stream_1.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_firehose_delivery_stream_1 Title: "List all AWS Kinesis Firehose Delivery Stream Details" Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_firehose_delivery_stream_1.yaml.bak b/queries/aws_kinesis_firehose_delivery_stream_1.yaml.bak new file mode 100755 index 000000000..c4e9afadf --- /dev/null +++ b/queries/aws_kinesis_firehose_delivery_stream_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_kinesis_firehose_delivery_stream_1 +Title: "List all AWS Kinesis Firehose Delivery Stream Details" +Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + delivery_stream_name, + arn, + create_timestamp, + delivery_stream_type + from + aws_kinesis_firehose_delivery_stream; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Firehose diff --git a/queries/aws_kinesis_firehose_delivery_stream_2.yaml b/queries/aws_kinesis_firehose_delivery_stream_2.yaml index b480c4886..500dfb9c2 100755 --- a/queries/aws_kinesis_firehose_delivery_stream_2.yaml +++ b/queries/aws_kinesis_firehose_delivery_stream_2.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_firehose_delivery_stream_2 Title: "List Delivery Streams for AWS Kinesis Firehose" Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_firehose_delivery_stream_2.yaml.bak b/queries/aws_kinesis_firehose_delivery_stream_2.yaml.bak new file mode 100755 index 000000000..b480c4886 --- /dev/null +++ b/queries/aws_kinesis_firehose_delivery_stream_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_kinesis_firehose_delivery_stream_2 +Title: "List Delivery Streams for AWS Kinesis Firehose" +Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + delivery_stream_name, + arn, + delivery_stream_status, + create_timestamp, + delivery_stream_type + from + aws_kinesis_firehose_delivery_stream + where + delivery_stream_status != 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Firehose diff --git a/queries/aws_kinesis_firehose_delivery_stream_3.yaml b/queries/aws_kinesis_firehose_delivery_stream_3.yaml index 44e49be91..a8ce8cf46 100755 --- a/queries/aws_kinesis_firehose_delivery_stream_3.yaml +++ b/queries/aws_kinesis_firehose_delivery_stream_3.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_firehose_delivery_stream_3 Title: "List all AWS Kinesis Firehose Delivery Stream details" Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_firehose_delivery_stream_3.yaml.bak b/queries/aws_kinesis_firehose_delivery_stream_3.yaml.bak new file mode 100755 index 000000000..44e49be91 --- /dev/null +++ b/queries/aws_kinesis_firehose_delivery_stream_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_kinesis_firehose_delivery_stream_3 +Title: "List all AWS Kinesis Firehose Delivery Stream details" +Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + delivery_stream_name, + arn, + delivery_stream_status, + create_timestamp, + delivery_stream_type, + delivery_stream_encryption_configuration ->> 'Status' as encryption_status + from + aws_kinesis_firehose_delivery_stream + where + delivery_stream_encryption_configuration ->> 'Status' = 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Firehose diff --git a/queries/aws_kinesis_firehose_delivery_stream_4.yaml b/queries/aws_kinesis_firehose_delivery_stream_4.yaml index 168e59b6b..9261396f5 100755 --- a/queries/aws_kinesis_firehose_delivery_stream_4.yaml +++ b/queries/aws_kinesis_firehose_delivery_stream_4.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_firehose_delivery_stream_4 Title: "List all AWS Kinesis Firehose Delivery Stream details" Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_firehose_delivery_stream_4.yaml.bak b/queries/aws_kinesis_firehose_delivery_stream_4.yaml.bak new file mode 100755 index 000000000..168e59b6b --- /dev/null +++ b/queries/aws_kinesis_firehose_delivery_stream_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_kinesis_firehose_delivery_stream_4 +Title: "List all AWS Kinesis Firehose Delivery Stream details" +Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + delivery_stream_name, + arn, + delivery_stream_status, + create_timestamp, + delivery_stream_type + from + aws_kinesis_firehose_delivery_stream + where + delivery_stream_type = 'DirectPut'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Firehose diff --git a/queries/aws_kinesis_firehose_delivery_stream_5.yaml b/queries/aws_kinesis_firehose_delivery_stream_5.yaml index c5d1cc66b..0e0024c33 100755 --- a/queries/aws_kinesis_firehose_delivery_stream_5.yaml +++ b/queries/aws_kinesis_firehose_delivery_stream_5.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_firehose_delivery_stream_5 Title: "List all AWS Kinesis Firehose Delivery Stream details" Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak b/queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak new file mode 100755 index 000000000..0e0024c33 --- /dev/null +++ b/queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_kinesis_firehose_delivery_stream_5 +Title: "List all AWS Kinesis Firehose Delivery Stream details" +Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + delivery_stream_name, + arn, + delivery_stream_status, + delivery_stream_type, + failure_description + from + aws_kinesis_firehose_delivery_stream + where + failure_description is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Firehose diff --git a/queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak.bak b/queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak.bak new file mode 100755 index 000000000..0e0024c33 --- /dev/null +++ b/queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_kinesis_firehose_delivery_stream_5 +Title: "List all AWS Kinesis Firehose Delivery Stream details" +Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + delivery_stream_name, + arn, + delivery_stream_status, + delivery_stream_type, + failure_description + from + aws_kinesis_firehose_delivery_stream + where + failure_description is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Firehose diff --git a/queries/aws_kinesis_stream_1.yaml b/queries/aws_kinesis_stream_1.yaml index 08b9811b7..593c3568b 100755 --- a/queries/aws_kinesis_stream_1.yaml +++ b/queries/aws_kinesis_stream_1.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_stream_1 Title: "List all AWS Kinesis Stream data and its details" Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_stream_1.yaml.bak b/queries/aws_kinesis_stream_1.yaml.bak new file mode 100755 index 000000000..08b9811b7 --- /dev/null +++ b/queries/aws_kinesis_stream_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_kinesis_stream_1 +Title: "List all AWS Kinesis Stream data and its details" +Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stream_name, + stream_arn, + stream_status, + consumer_count, + stream_creation_timestamp, + region + from + aws_kinesis_stream; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Stream diff --git a/queries/aws_kinesis_stream_2.yaml b/queries/aws_kinesis_stream_2.yaml index e610a7da4..170912fbe 100755 --- a/queries/aws_kinesis_stream_2.yaml +++ b/queries/aws_kinesis_stream_2.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_stream_2 Title: "List Attributes of AWS Kinesis Streams Excluding Active Status" Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_stream_2.yaml.bak b/queries/aws_kinesis_stream_2.yaml.bak new file mode 100755 index 000000000..e610a7da4 --- /dev/null +++ b/queries/aws_kinesis_stream_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_kinesis_stream_2 +Title: "List Attributes of AWS Kinesis Streams Excluding Active Status" +Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stream_name, + stream_arn, + stream_status, + consumer_count, + stream_creation_timestamp, + region + from + aws_kinesis_stream + where + stream_status != 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Stream diff --git a/queries/aws_kinesis_stream_3.yaml b/queries/aws_kinesis_stream_3.yaml index f8995f16b..9d7d86afa 100755 --- a/queries/aws_kinesis_stream_3.yaml +++ b/queries/aws_kinesis_stream_3.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_stream_3 Title: "List all AWS Kinesis Streams with Consumer Count Zero" Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_stream_3.yaml.bak b/queries/aws_kinesis_stream_3.yaml.bak new file mode 100755 index 000000000..f8995f16b --- /dev/null +++ b/queries/aws_kinesis_stream_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_kinesis_stream_3 +Title: "List all AWS Kinesis Streams with Consumer Count Zero" +Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stream_name, + stream_arn, + stream_status, + consumer_count, + stream_creation_timestamp, + region + from + aws_kinesis_stream + where + consumer_count = 0; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Stream diff --git a/queries/aws_kinesis_stream_4.yaml b/queries/aws_kinesis_stream_4.yaml index bc9be67a8..02c847b2d 100755 --- a/queries/aws_kinesis_stream_4.yaml +++ b/queries/aws_kinesis_stream_4.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_stream_4 Title: "List AWS Kinesis Stream details including name, status, and tags" Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_stream_4.yaml.bak b/queries/aws_kinesis_stream_4.yaml.bak new file mode 100755 index 000000000..bc9be67a8 --- /dev/null +++ b/queries/aws_kinesis_stream_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_kinesis_stream_4 +Title: "List AWS Kinesis Stream details including name, status, and tags" +Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stream_name, + stream_arn, + encryption_type, + key_id, + stream_creation_timestamp, + region + from + aws_kinesis_stream + where + encryption_type = 'NONE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Stream diff --git a/queries/aws_kinesis_stream_5.yaml b/queries/aws_kinesis_stream_5.yaml index c1443fa29..315984be3 100755 --- a/queries/aws_kinesis_stream_5.yaml +++ b/queries/aws_kinesis_stream_5.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_stream_5 Title: "List all AWS Kinesis Stream Data Including Creation Time" Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_stream_5.yaml.bak b/queries/aws_kinesis_stream_5.yaml.bak new file mode 100755 index 000000000..c1443fa29 --- /dev/null +++ b/queries/aws_kinesis_stream_5.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_kinesis_stream_5 +Title: "List all AWS Kinesis Stream Data Including Creation Time" +Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stream_name, + stream_arn, + encryption_type, + key_id, + stream_creation_timestamp, + region + from + aws_kinesis_stream + where + encryption_type != 'NONE' + and key_id = 'alias/aws/kinesis'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Stream diff --git a/queries/aws_kinesis_video_stream_1.yaml b/queries/aws_kinesis_video_stream_1.yaml index 1d6e26b40..864f034b4 100755 --- a/queries/aws_kinesis_video_stream_1.yaml +++ b/queries/aws_kinesis_video_stream_1.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_video_stream_1 Title: "List metadata for AWS Kinesis Video Streams" Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_video_stream_1.yaml.bak b/queries/aws_kinesis_video_stream_1.yaml.bak new file mode 100755 index 000000000..1d6e26b40 --- /dev/null +++ b/queries/aws_kinesis_video_stream_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_kinesis_video_stream_1 +Title: "List metadata for AWS Kinesis Video Streams" +Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stream_name, + stream_arn, + status, + creation_time, + region + from + aws_kinesis_video_stream; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Video Streams diff --git a/queries/aws_kinesis_video_stream_2.yaml b/queries/aws_kinesis_video_stream_2.yaml index 725f0b78a..c9a1254e3 100755 --- a/queries/aws_kinesis_video_stream_2.yaml +++ b/queries/aws_kinesis_video_stream_2.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_video_stream_2 Title: "List All Metadata of AWS Kinesis Video Streams" Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_video_stream_2.yaml.bak b/queries/aws_kinesis_video_stream_2.yaml.bak new file mode 100755 index 000000000..725f0b78a --- /dev/null +++ b/queries/aws_kinesis_video_stream_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_kinesis_video_stream_2 +Title: "List All Metadata of AWS Kinesis Video Streams" +Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stream_name, + stream_arn, + status, + creation_time, + region + from + aws_kinesis_video_stream + where + status != 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Video Streams diff --git a/queries/aws_kinesis_video_stream_3.yaml b/queries/aws_kinesis_video_stream_3.yaml index dd9db66fb..6dd93fa35 100755 --- a/queries/aws_kinesis_video_stream_3.yaml +++ b/queries/aws_kinesis_video_stream_3.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_video_stream_3 Title: "List all AWS Kinesis Video Streams with metadata" Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_video_stream_3.yaml.bak b/queries/aws_kinesis_video_stream_3.yaml.bak new file mode 100755 index 000000000..dd9db66fb --- /dev/null +++ b/queries/aws_kinesis_video_stream_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_kinesis_video_stream_3 +Title: "List all AWS Kinesis Video Streams with metadata" +Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stream_name, + stream_arn, + status, + kms_key_id, + creation_time, + region + from + aws_kinesis_video_stream + where + split_part(kms_key_id, ':', 6) = 'alias/aws/kinesisvideo'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Video Streams diff --git a/queries/aws_kinesis_video_stream_4.yaml b/queries/aws_kinesis_video_stream_4.yaml index 6c30fd88f..45321a50a 100755 --- a/queries/aws_kinesis_video_stream_4.yaml +++ b/queries/aws_kinesis_video_stream_4.yaml @@ -1,7 +1,7 @@ ID: aws_kinesis_video_stream_4 Title: "List All Kinesis Video Streams Metadata from AWS" Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesis_video_stream_4.yaml.bak b/queries/aws_kinesis_video_stream_4.yaml.bak new file mode 100755 index 000000000..6c30fd88f --- /dev/null +++ b/queries/aws_kinesis_video_stream_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_kinesis_video_stream_4 +Title: "List All Kinesis Video Streams Metadata from AWS" +Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + stream_name, + stream_arn, + status, + creation_time, + data_retention_in_hours, + region + from + aws_kinesis_video_stream + where + data_retention_in_hours < 168; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Video Stream diff --git a/queries/aws_kinesisanalyticsv2_application_1.yaml b/queries/aws_kinesisanalyticsv2_application_1.yaml index 628f0106a..41a46b26f 100755 --- a/queries/aws_kinesisanalyticsv2_application_1.yaml +++ b/queries/aws_kinesisanalyticsv2_application_1.yaml @@ -1,7 +1,7 @@ ID: aws_kinesisanalyticsv2_application_1 Title: "List AWS Kinesis Analytics Applications with Details" Description: "Allows users to query AWS Kinesis Analytics Applications to retrieve detailed information about each application, including the name, ARN, description, status, runtime environment, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesisanalyticsv2_application_1.yaml.bak b/queries/aws_kinesisanalyticsv2_application_1.yaml.bak new file mode 100755 index 000000000..628f0106a --- /dev/null +++ b/queries/aws_kinesisanalyticsv2_application_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_kinesisanalyticsv2_application_1 +Title: "List AWS Kinesis Analytics Applications with Details" +Description: "Allows users to query AWS Kinesis Analytics Applications to retrieve detailed information about each application, including the name, ARN, description, status, runtime environment, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + application_name, + application_arn, + application_version_id, + application_status, + application_description, + service_execution_role, + runtime_environment + from + aws_kinesisanalyticsv2_application; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Analytics diff --git a/queries/aws_kinesisanalyticsv2_application_2.yaml b/queries/aws_kinesisanalyticsv2_application_2.yaml index 9278f795d..eb95b6ecf 100755 --- a/queries/aws_kinesisanalyticsv2_application_2.yaml +++ b/queries/aws_kinesisanalyticsv2_application_2.yaml @@ -1,7 +1,7 @@ ID: aws_kinesisanalyticsv2_application_2 Title: "Find AWS Kinesis Analytics Applications and Details" Description: "Allows users to query AWS Kinesis Analytics Applications to retrieve detailed information about each application, including the name, ARN, description, status, runtime environment, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesisanalyticsv2_application_2.yaml.bak b/queries/aws_kinesisanalyticsv2_application_2.yaml.bak new file mode 100755 index 000000000..9278f795d --- /dev/null +++ b/queries/aws_kinesisanalyticsv2_application_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_kinesisanalyticsv2_application_2 +Title: "Find AWS Kinesis Analytics Applications and Details" +Description: "Allows users to query AWS Kinesis Analytics Applications to retrieve detailed information about each application, including the name, ARN, description, status, runtime environment, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + application_name, + application_version_id, + application_arn, + application_status + from + aws_kinesisanalyticsv2_application + where + application_version_id > 1; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Analytics diff --git a/queries/aws_kinesisanalyticsv2_application_3.yaml b/queries/aws_kinesisanalyticsv2_application_3.yaml index 34080cc26..8c1daf641 100755 --- a/queries/aws_kinesisanalyticsv2_application_3.yaml +++ b/queries/aws_kinesisanalyticsv2_application_3.yaml @@ -1,7 +1,7 @@ ID: aws_kinesisanalyticsv2_application_3 Title: "Find AWS Kinesis Analytics Applications and Details" Description: "Allows users to query AWS Kinesis Analytics Applications to retrieve detailed information about each application, including the name, ARN, description, status, runtime environment, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kinesisanalyticsv2_application_3.yaml.bak b/queries/aws_kinesisanalyticsv2_application_3.yaml.bak new file mode 100755 index 000000000..34080cc26 --- /dev/null +++ b/queries/aws_kinesisanalyticsv2_application_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_kinesisanalyticsv2_application_3 +Title: "Find AWS Kinesis Analytics Applications and Details" +Description: "Allows users to query AWS Kinesis Analytics Applications to retrieve detailed information about each application, including the name, ARN, description, status, runtime environment, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + application_name, + runtime_environment, + application_arn, + application_status + from + aws_kinesisanalyticsv2_application + where + runtime_environment = 'SQL-1_0'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Kinesis Analytics diff --git a/queries/aws_kms_alias_1.yaml b/queries/aws_kms_alias_1.yaml index 9fef92dc0..2140bc209 100755 --- a/queries/aws_kms_alias_1.yaml +++ b/queries/aws_kms_alias_1.yaml @@ -1,7 +1,7 @@ ID: aws_kms_alias_1 Title: "Find all AWS KMS alias details including keys" Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kms_alias_1.yaml.bak b/queries/aws_kms_alias_1.yaml.bak new file mode 100755 index 000000000..9fef92dc0 --- /dev/null +++ b/queries/aws_kms_alias_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_kms_alias_1 +Title: "Find all AWS KMS alias details including keys" +Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + alias_name, + title, + arn, + target_key_id, + creation_date + from + aws_kms_alias; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Key Management Service (KMS) diff --git a/queries/aws_kms_alias_2.yaml b/queries/aws_kms_alias_2.yaml index 2eaf92fe7..8e1a3d509 100755 --- a/queries/aws_kms_alias_2.yaml +++ b/queries/aws_kms_alias_2.yaml @@ -1,7 +1,7 @@ ID: aws_kms_alias_2 Title: "Find AWS KMS Alias and Associated Keys with SQL" Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kms_alias_2.yaml.bak b/queries/aws_kms_alias_2.yaml.bak new file mode 100755 index 000000000..2eaf92fe7 --- /dev/null +++ b/queries/aws_kms_alias_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_kms_alias_2 +Title: "Find AWS KMS Alias and Associated Keys with SQL" +Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + k.id as key_id, + k.key_rotation_enabled as key_rotation_enabled, + a.alias_name as alias_name, + a.arn as alias_arn + from + aws_kms_key as k, + aws_kms_alias as a + where + k.id = a.target_key_id and not key_rotation_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Key Management Service diff --git a/queries/aws_kms_alias_3.yaml b/queries/aws_kms_alias_3.yaml index 5be88c642..354534fec 100755 --- a/queries/aws_kms_alias_3.yaml +++ b/queries/aws_kms_alias_3.yaml @@ -1,7 +1,7 @@ ID: aws_kms_alias_3 Title: "List all AWS KMS aliases with key state pending deletion" Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kms_alias_3.yaml.bak b/queries/aws_kms_alias_3.yaml.bak new file mode 100755 index 000000000..354534fec --- /dev/null +++ b/queries/aws_kms_alias_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_kms_alias_3 +Title: "List all AWS KMS aliases with key state pending deletion" +Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.alias_name as alias_name, + k.id as key_id, + k.key_state as key_state, + k.deletion_date as key_deletion_date + from + aws_kms_key as k, + aws_kms_alias as a + where + k.id = a.target_key_id and key_state = 'PendingDeletion'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Key Management Service diff --git a/queries/aws_kms_alias_3.yaml.bak.bak b/queries/aws_kms_alias_3.yaml.bak.bak new file mode 100755 index 000000000..354534fec --- /dev/null +++ b/queries/aws_kms_alias_3.yaml.bak.bak @@ -0,0 +1,32 @@ +ID: aws_kms_alias_3 +Title: "List all AWS KMS aliases with key state pending deletion" +Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.alias_name as alias_name, + k.id as key_id, + k.key_state as key_state, + k.deletion_date as key_deletion_date + from + aws_kms_key as k, + aws_kms_alias as a + where + k.id = a.target_key_id and key_state = 'PendingDeletion'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Key Management Service diff --git a/queries/aws_kms_alias_4.yaml b/queries/aws_kms_alias_4.yaml index 8bb04b60c..16280e485 100755 --- a/queries/aws_kms_alias_4.yaml +++ b/queries/aws_kms_alias_4.yaml @@ -1,7 +1,7 @@ ID: aws_kms_alias_4 Title: "List all AWS KMS aliases and their associated keys" Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kms_alias_4.yaml.bak b/queries/aws_kms_alias_4.yaml.bak new file mode 100755 index 000000000..8bb04b60c --- /dev/null +++ b/queries/aws_kms_alias_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_kms_alias_4 +Title: "List all AWS KMS aliases and their associated keys" +Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + k.id as key_id, + count(a.alias_name) as count + from + aws_kms_key as k + left join aws_kms_alias as a + on k.id = a.target_key_id + group by + key_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - KMS diff --git a/queries/aws_kms_key_1.yaml b/queries/aws_kms_key_1.yaml index 914b03c64..787bc614d 100755 --- a/queries/aws_kms_key_1.yaml +++ b/queries/aws_kms_key_1.yaml @@ -1,7 +1,7 @@ ID: aws_kms_key_1 Title: "List all AWS KMS Keys and their metadata" Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kms_key_1.yaml.bak b/queries/aws_kms_key_1.yaml.bak new file mode 100755 index 000000000..914b03c64 --- /dev/null +++ b/queries/aws_kms_key_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_kms_key_1 +Title: "List all AWS KMS Keys and their metadata" +Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + title, + arn, + key_manager, + creation_date + from + aws_kms_key; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS KMS diff --git a/queries/aws_kms_key_2.yaml b/queries/aws_kms_key_2.yaml index 650c64216..51e14a82c 100755 --- a/queries/aws_kms_key_2.yaml +++ b/queries/aws_kms_key_2.yaml @@ -1,7 +1,7 @@ ID: aws_kms_key_2 Title: "Find AWS KMS Key Data with Metadata & Key Usage" Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kms_key_2.yaml.bak b/queries/aws_kms_key_2.yaml.bak new file mode 100755 index 000000000..650c64216 --- /dev/null +++ b/queries/aws_kms_key_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_kms_key_2 +Title: "Find AWS KMS Key Data with Metadata & Key Usage" +Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + key_rotation_enabled + from + aws_kms_key + where + not key_rotation_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - KMS diff --git a/queries/aws_kms_key_3.yaml b/queries/aws_kms_key_3.yaml index 8c20cbff1..3b998d3c8 100755 --- a/queries/aws_kms_key_3.yaml +++ b/queries/aws_kms_key_3.yaml @@ -1,7 +1,7 @@ ID: aws_kms_key_3 Title: "List AWS KMS Key data including cryptographic details" Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kms_key_3.yaml.bak b/queries/aws_kms_key_3.yaml.bak new file mode 100755 index 000000000..8c20cbff1 --- /dev/null +++ b/queries/aws_kms_key_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_kms_key_3 +Title: "List AWS KMS Key data including cryptographic details" +Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + key_state, + deletion_date + from + aws_kms_key + where + key_state = 'PendingDeletion'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - KMS Key diff --git a/queries/aws_kms_key_4.yaml b/queries/aws_kms_key_4.yaml index f414e99f5..c72bf2c84 100755 --- a/queries/aws_kms_key_4.yaml +++ b/queries/aws_kms_key_4.yaml @@ -1,7 +1,7 @@ ID: aws_kms_key_4 Title: "List all AWS KMS Key data including key state and usage" Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kms_key_4.yaml.bak b/queries/aws_kms_key_4.yaml.bak new file mode 100755 index 000000000..f414e99f5 --- /dev/null +++ b/queries/aws_kms_key_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_kms_key_4 +Title: "List all AWS KMS Key data including key state and usage" +Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + enabled as key_enabled + from + aws_kms_key + where + not enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - KMS diff --git a/queries/aws_kms_key_5.yaml b/queries/aws_kms_key_5.yaml index 7fc253fed..4972cdd8b 100755 --- a/queries/aws_kms_key_5.yaml +++ b/queries/aws_kms_key_5.yaml @@ -1,7 +1,7 @@ ID: aws_kms_key_5 Title: "List all AWS KMS Key data with cryptographic details" Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kms_key_5.yaml.bak b/queries/aws_kms_key_5.yaml.bak new file mode 100755 index 000000000..7fc253fed --- /dev/null +++ b/queries/aws_kms_key_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_kms_key_5 +Title: "List all AWS KMS Key data with cryptographic details" +Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key_manager, + count(key_manager) as count + from + aws_kms_key + group by + key_manager; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - KMS diff --git a/queries/aws_kms_key_rotation_1.yaml b/queries/aws_kms_key_rotation_1.yaml index 6edd4a2f2..966732a2e 100755 --- a/queries/aws_kms_key_rotation_1.yaml +++ b/queries/aws_kms_key_rotation_1.yaml @@ -1,7 +1,7 @@ ID: aws_kms_key_rotation_1 Title: "Find AWS KMS Key Rotation Schedule and Details" Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kms_key_rotation_1.yaml.bak b/queries/aws_kms_key_rotation_1.yaml.bak new file mode 100755 index 000000000..6edd4a2f2 --- /dev/null +++ b/queries/aws_kms_key_rotation_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_kms_key_rotation_1 +Title: "Find AWS KMS Key Rotation Schedule and Details" +Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key_id, + key_arn, + rotation_date, + rotation_type + from + aws_kms_key_rotation; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - KMS diff --git a/queries/aws_kms_key_rotation_2.yaml b/queries/aws_kms_key_rotation_2.yaml index ec5eb0c41..41e14c3fe 100755 --- a/queries/aws_kms_key_rotation_2.yaml +++ b/queries/aws_kms_key_rotation_2.yaml @@ -1,7 +1,7 @@ ID: aws_kms_key_rotation_2 Title: "List all AWS KMS Key Rotation Data" Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kms_key_rotation_2.yaml.bak b/queries/aws_kms_key_rotation_2.yaml.bak new file mode 100755 index 000000000..ec5eb0c41 --- /dev/null +++ b/queries/aws_kms_key_rotation_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_kms_key_rotation_2 +Title: "List all AWS KMS Key Rotation Data" +Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key_id, + key_arn, + rotation_date + from + aws_kms_key_rotation + where + rotation_date >= current_date - interval '30 days'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS KMS diff --git a/queries/aws_kms_key_rotation_3.yaml b/queries/aws_kms_key_rotation_3.yaml index ebc5df96d..ffbc6f2ef 100755 --- a/queries/aws_kms_key_rotation_3.yaml +++ b/queries/aws_kms_key_rotation_3.yaml @@ -1,7 +1,7 @@ ID: aws_kms_key_rotation_3 Title: "List AWS KMS Key Rotation Details and Schedule" Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kms_key_rotation_3.yaml.bak b/queries/aws_kms_key_rotation_3.yaml.bak new file mode 100755 index 000000000..ffbc6f2ef --- /dev/null +++ b/queries/aws_kms_key_rotation_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_kms_key_rotation_3 +Title: "List AWS KMS Key Rotation Details and Schedule" +Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + akr.key_id, + ak.title, + akr.rotation_date, + akr.rotation_type, + ak.key_manager + from + aws_kms_key_rotation akr + join + aws_kms_key ak + on + akr.key_id = ak.id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - KMS diff --git a/queries/aws_kms_key_rotation_3.yaml.bak.bak b/queries/aws_kms_key_rotation_3.yaml.bak.bak new file mode 100755 index 000000000..ffbc6f2ef --- /dev/null +++ b/queries/aws_kms_key_rotation_3.yaml.bak.bak @@ -0,0 +1,32 @@ +ID: aws_kms_key_rotation_3 +Title: "List AWS KMS Key Rotation Details and Schedule" +Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + akr.key_id, + ak.title, + akr.rotation_date, + akr.rotation_type, + ak.key_manager + from + aws_kms_key_rotation akr + join + aws_kms_key ak + on + akr.key_id = ak.id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - KMS diff --git a/queries/aws_kms_key_rotation_4.yaml b/queries/aws_kms_key_rotation_4.yaml index f7b683092..b29931975 100755 --- a/queries/aws_kms_key_rotation_4.yaml +++ b/queries/aws_kms_key_rotation_4.yaml @@ -1,7 +1,7 @@ ID: aws_kms_key_rotation_4 Title: "List AWS KMS Key Rotation Schedules and Types" Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_kms_key_rotation_4.yaml.bak b/queries/aws_kms_key_rotation_4.yaml.bak new file mode 100755 index 000000000..f7b683092 --- /dev/null +++ b/queries/aws_kms_key_rotation_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_kms_key_rotation_4 +Title: "List AWS KMS Key Rotation Schedules and Types" +Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + rotation_type, + count(key_id) as count + from + aws_kms_key_rotation + group by + rotation_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - KMS diff --git a/queries/aws_lambda_alias_1.yaml b/queries/aws_lambda_alias_1.yaml index c8d67e006..f753a6671 100755 --- a/queries/aws_lambda_alias_1.yaml +++ b/queries/aws_lambda_alias_1.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_alias_1 Title: "List AWS Lambda Alias with detailed information" Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_alias_1.yaml.bak b/queries/aws_lambda_alias_1.yaml.bak new file mode 100755 index 000000000..c8d67e006 --- /dev/null +++ b/queries/aws_lambda_alias_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_lambda_alias_1 +Title: "List AWS Lambda Alias with detailed information" +Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + function_name, + function_version + from + aws_lambda_alias; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda diff --git a/queries/aws_lambda_alias_2.yaml b/queries/aws_lambda_alias_2.yaml index 861a30482..4fdf64ea5 100755 --- a/queries/aws_lambda_alias_2.yaml +++ b/queries/aws_lambda_alias_2.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_alias_2 Title: "List all AWS Lambda Aliases with Detailed Information" Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_alias_2.yaml.bak b/queries/aws_lambda_alias_2.yaml.bak new file mode 100755 index 000000000..861a30482 --- /dev/null +++ b/queries/aws_lambda_alias_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_lambda_alias_2 +Title: "List all AWS Lambda Aliases with Detailed Information" +Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + function_name, + count(function_name) count + from + aws_lambda_alias + group by + function_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda diff --git a/queries/aws_lambda_alias_3.yaml b/queries/aws_lambda_alias_3.yaml index 3faea0ecc..3d2f06270 100755 --- a/queries/aws_lambda_alias_3.yaml +++ b/queries/aws_lambda_alias_3.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_alias_3 Title: "List all AWS Lambda Alias with detailed information" Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_alias_3.yaml.bak b/queries/aws_lambda_alias_3.yaml.bak new file mode 100755 index 000000000..3faea0ecc --- /dev/null +++ b/queries/aws_lambda_alias_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_lambda_alias_3 +Title: "List all AWS Lambda Alias with detailed information" +Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + jsonb_pretty(policy) as policy, + jsonb_pretty(policy_std) as policy_std + from + aws_lambda_alias; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_alias_4.yaml b/queries/aws_lambda_alias_4.yaml index aacb447bd..66e1e8fda 100755 --- a/queries/aws_lambda_alias_4.yaml +++ b/queries/aws_lambda_alias_4.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_alias_4 Title: "List all AWS Lambda Aliases and Configuration" Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_alias_4.yaml.bak b/queries/aws_lambda_alias_4.yaml.bak new file mode 100755 index 000000000..66e1e8fda --- /dev/null +++ b/queries/aws_lambda_alias_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_lambda_alias_4 +Title: "List all AWS Lambda Aliases and Configuration" +Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + function_name, + jsonb_pretty(url_config) as url_config + from + aws_lambda_alias; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda diff --git a/queries/aws_lambda_alias_4.yaml.bak.bak b/queries/aws_lambda_alias_4.yaml.bak.bak new file mode 100755 index 000000000..66e1e8fda --- /dev/null +++ b/queries/aws_lambda_alias_4.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_lambda_alias_4 +Title: "List all AWS Lambda Aliases and Configuration" +Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + function_name, + jsonb_pretty(url_config) as url_config + from + aws_lambda_alias; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda diff --git a/queries/aws_lambda_event_source_mapping_1.yaml b/queries/aws_lambda_event_source_mapping_1.yaml index 98e1bf9e6..e39d90a8e 100755 --- a/queries/aws_lambda_event_source_mapping_1.yaml +++ b/queries/aws_lambda_event_source_mapping_1.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_event_source_mapping_1 Title: "List AWS Lambda Event Source Mappings with Config Details" Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_event_source_mapping_1.yaml.bak b/queries/aws_lambda_event_source_mapping_1.yaml.bak new file mode 100755 index 000000000..98e1bf9e6 --- /dev/null +++ b/queries/aws_lambda_event_source_mapping_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_lambda_event_source_mapping_1 +Title: "List AWS Lambda Event Source Mappings with Config Details" +Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + function_arn, + function_name, + last_processing_result, + parallelization_factor, + state, + destination_config + from + aws_lambda_event_source_mapping; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_event_source_mapping_2.yaml b/queries/aws_lambda_event_source_mapping_2.yaml index d9c1431bd..632519dd3 100755 --- a/queries/aws_lambda_event_source_mapping_2.yaml +++ b/queries/aws_lambda_event_source_mapping_2.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_event_source_mapping_2 Title: "Find AWS Lambda Event Source Mappings with SQL" Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_event_source_mapping_2.yaml.bak b/queries/aws_lambda_event_source_mapping_2.yaml.bak new file mode 100755 index 000000000..d9c1431bd --- /dev/null +++ b/queries/aws_lambda_event_source_mapping_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_lambda_event_source_mapping_2 +Title: "Find AWS Lambda Event Source Mappings with SQL" +Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + function_name, + state, + last_modified, + state_transition_reason + from + aws_lambda_event_source_mapping + where + state = 'Disabled'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_event_source_mapping_3.yaml b/queries/aws_lambda_event_source_mapping_3.yaml index 571366ec6..ffb24f6c0 100755 --- a/queries/aws_lambda_event_source_mapping_3.yaml +++ b/queries/aws_lambda_event_source_mapping_3.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_event_source_mapping_3 Title: "Find AWS Lambda Event Source Mappings with SQL" Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_event_source_mapping_3.yaml.bak b/queries/aws_lambda_event_source_mapping_3.yaml.bak new file mode 100755 index 000000000..571366ec6 --- /dev/null +++ b/queries/aws_lambda_event_source_mapping_3.yaml.bak @@ -0,0 +1,23 @@ +ID: aws_lambda_event_source_mapping_3 +Title: "Find AWS Lambda Event Source Mappings with SQL" +Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + function_name, + jsonb_array_elements_text(jsonb_extract_path(self_managed_event_source, 'Endpoints', 'KAFKA_BOOTSTRAP_SERVERS')) + from + aws_lambda_event_source_mapping; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_event_source_mapping_4.yaml b/queries/aws_lambda_event_source_mapping_4.yaml index 9459bf559..4799b1e05 100755 --- a/queries/aws_lambda_event_source_mapping_4.yaml +++ b/queries/aws_lambda_event_source_mapping_4.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_event_source_mapping_4 Title: "Find AWS Lambda Event Source Mappings and Configurations" Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_event_source_mapping_4.yaml.bak b/queries/aws_lambda_event_source_mapping_4.yaml.bak new file mode 100755 index 000000000..9459bf559 --- /dev/null +++ b/queries/aws_lambda_event_source_mapping_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_lambda_event_source_mapping_4 +Title: "Find AWS Lambda Event Source Mappings and Configurations" +Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + uuid, + arn, + a ->> 'Type' as source_access_type, + a ->> 'URL' as source_access_url + from + aws_lambda_event_source_mapping, + jsonb_array_elements(source_access_configurations) as a; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_event_source_mapping_5.yaml b/queries/aws_lambda_event_source_mapping_5.yaml index 5aaf9f422..1e6f6d4b8 100755 --- a/queries/aws_lambda_event_source_mapping_5.yaml +++ b/queries/aws_lambda_event_source_mapping_5.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_event_source_mapping_5 Title: "List all AWS Lambda Event Source Mappings with Details" Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_event_source_mapping_5.yaml.bak b/queries/aws_lambda_event_source_mapping_5.yaml.bak new file mode 100755 index 000000000..5aaf9f422 --- /dev/null +++ b/queries/aws_lambda_event_source_mapping_5.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_lambda_event_source_mapping_5 +Title: "List all AWS Lambda Event Source Mappings with Details" +Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + uuid, + arn, + scaling_config ->> 'MaximumConcurrency' as maximum_concurrency + from + aws_lambda_event_source_mapping; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_event_source_mapping_6.yaml b/queries/aws_lambda_event_source_mapping_6.yaml index 553449ab6..1130d0276 100755 --- a/queries/aws_lambda_event_source_mapping_6.yaml +++ b/queries/aws_lambda_event_source_mapping_6.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_event_source_mapping_6 Title: "List all AWS Lambda Event Source Mappings and Configs" Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_event_source_mapping_6.yaml.bak b/queries/aws_lambda_event_source_mapping_6.yaml.bak new file mode 100755 index 000000000..553449ab6 --- /dev/null +++ b/queries/aws_lambda_event_source_mapping_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_lambda_event_source_mapping_6 +Title: "List all AWS Lambda Event Source Mappings and Configs" +Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + uuid, + function_name, + destination_config ->> 'OnFailure' as on_failure, + destination_config ->> 'OnSuccess' as on_success + from + aws_lambda_event_source_mapping; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_event_source_mapping_7.yaml b/queries/aws_lambda_event_source_mapping_7.yaml index f8b421348..0ea614f37 100755 --- a/queries/aws_lambda_event_source_mapping_7.yaml +++ b/queries/aws_lambda_event_source_mapping_7.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_event_source_mapping_7 Title: "Find AWS Lambda Event Source Mappings Configurations" Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_event_source_mapping_7.yaml.bak b/queries/aws_lambda_event_source_mapping_7.yaml.bak new file mode 100755 index 000000000..f8b421348 --- /dev/null +++ b/queries/aws_lambda_event_source_mapping_7.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_lambda_event_source_mapping_7 +Title: "Find AWS Lambda Event Source Mappings Configurations" +Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + uuid, + arn, + function_arn, + state, + filter ->> 'Pattern' as filter_criteria_pattern + from + aws_lambda_event_source_mapping, + jsonb_array_elements(filter_criteria -> 'Filters') as filter + where + filter ->> 'Pattern' like '{ \"Metadata\" : [ 1, 2 ]}'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda diff --git a/queries/aws_lambda_event_source_mapping_8.yaml b/queries/aws_lambda_event_source_mapping_8.yaml index cf806404e..d2db54ffe 100755 --- a/queries/aws_lambda_event_source_mapping_8.yaml +++ b/queries/aws_lambda_event_source_mapping_8.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_event_source_mapping_8 Title: "Find AWS Lambda Event Source Mappings Configuration" Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_event_source_mapping_8.yaml.bak b/queries/aws_lambda_event_source_mapping_8.yaml.bak new file mode 100755 index 000000000..cf806404e --- /dev/null +++ b/queries/aws_lambda_event_source_mapping_8.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_lambda_event_source_mapping_8 +Title: "Find AWS Lambda Event Source Mappings Configuration" +Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + m.arn, + m.function_arn, + f.runtime, + f.handler, + f.architectures + from + aws_lambda_event_source_mapping as m, + aws_lambda_function as f + where + f.name = m.function_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_function_1.yaml b/queries/aws_lambda_function_1.yaml index d46bdbcb4..04835a1db 100755 --- a/queries/aws_lambda_function_1.yaml +++ b/queries/aws_lambda_function_1.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_1 Title: "List AWS Lambda Function Configurations via SQL" Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_1.yaml.bak b/queries/aws_lambda_function_1.yaml.bak new file mode 100755 index 000000000..04835a1db --- /dev/null +++ b/queries/aws_lambda_function_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_lambda_function_1 +Title: "List AWS Lambda Function Configurations via SQL" +Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + handler, + kms_key_arn + from + aws_lambda_function; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_function_1.yaml.bak.bak b/queries/aws_lambda_function_1.yaml.bak.bak new file mode 100755 index 000000000..04835a1db --- /dev/null +++ b/queries/aws_lambda_function_1.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_lambda_function_1 +Title: "List AWS Lambda Function Configurations via SQL" +Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + handler, + kms_key_arn + from + aws_lambda_function; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_function_10.yaml b/queries/aws_lambda_function_10.yaml index bf6d13135..354cccc10 100755 --- a/queries/aws_lambda_function_10.yaml +++ b/queries/aws_lambda_function_10.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_10 Title: "Find AWS Lambda Functions with Specific Tracing Config" Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_10.yaml.bak b/queries/aws_lambda_function_10.yaml.bak new file mode 100755 index 000000000..bf6d13135 --- /dev/null +++ b/queries/aws_lambda_function_10.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_lambda_function_10 +Title: "Find AWS Lambda Functions with Specific Tracing Config" +Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + jsonb_pretty(tracing_config) as tracing_config + from + aws_lambda_function + where + tracing_config ->> 'Mode' = 'PassThrough'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_function_2.yaml b/queries/aws_lambda_function_2.yaml index bd8ba9894..14ea3a27a 100755 --- a/queries/aws_lambda_function_2.yaml +++ b/queries/aws_lambda_function_2.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_2 Title: "Find AWS Lambda Functions Without KMS Key ARN" Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_2.yaml.bak b/queries/aws_lambda_function_2.yaml.bak new file mode 100755 index 000000000..bd8ba9894 --- /dev/null +++ b/queries/aws_lambda_function_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_lambda_function_2 +Title: "Find AWS Lambda Functions Without KMS Key ARN" +Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + kms_key_arn + from + aws_lambda_function + where + kms_key_arn is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda Functions diff --git a/queries/aws_lambda_function_3.yaml b/queries/aws_lambda_function_3.yaml index ed22157d8..96bd90cfa 100755 --- a/queries/aws_lambda_function_3.yaml +++ b/queries/aws_lambda_function_3.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_3 Title: "List all AWS Lambda Functions with Runtime Details" Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_3.yaml.bak b/queries/aws_lambda_function_3.yaml.bak new file mode 100755 index 000000000..ed22157d8 --- /dev/null +++ b/queries/aws_lambda_function_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_lambda_function_3 +Title: "List all AWS Lambda Functions with Runtime Details" +Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + runtime, + count(*) + from + aws_lambda_function + group by + runtime; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_function_4.yaml b/queries/aws_lambda_function_4.yaml index 34e75cf08..69f445c69 100755 --- a/queries/aws_lambda_function_4.yaml +++ b/queries/aws_lambda_function_4.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_4 Title: "List AWS Lambda Functions with Logs Retention Less Than 30 Days" Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_4.yaml.bak b/queries/aws_lambda_function_4.yaml.bak new file mode 100755 index 000000000..34e75cf08 --- /dev/null +++ b/queries/aws_lambda_function_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_lambda_function_4 +Title: "List AWS Lambda Functions with Logs Retention Less Than 30 Days" +Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + fn.name, + lg.name, + lg.retention_in_days + from + aws_lambda_function as fn + inner join aws_cloudwatch_log_group as lg on ( + (lg.name = '/aws/lambda/') + or (lg.name = fn.name) + ) + where + lg.retention_in_days < 30; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda diff --git a/queries/aws_lambda_function_5.yaml b/queries/aws_lambda_function_5.yaml index 59cc2add2..2d875388c 100755 --- a/queries/aws_lambda_function_5.yaml +++ b/queries/aws_lambda_function_5.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_5 Title: "List all AWS Lambda Functions with Configuration Details" Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_5.yaml.bak b/queries/aws_lambda_function_5.yaml.bak new file mode 100755 index 000000000..59cc2add2 --- /dev/null +++ b/queries/aws_lambda_function_5.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_lambda_function_5 +Title: "List all AWS Lambda Functions with Configuration Details" +Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + fn.name, + fn.region, + count (availability_zone) as zone_count + from + aws_lambda_function as fn + cross join jsonb_array_elements_text(vpc_subnet_ids) as vpc_subnet + join aws_vpc_subnet as sub on sub.subnet_id = vpc_subnet + group by + fn.name, + fn.region + order by + zone_count; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda Function diff --git a/queries/aws_lambda_function_6.yaml b/queries/aws_lambda_function_6.yaml index 6fbde2809..465b1cc85 100755 --- a/queries/aws_lambda_function_6.yaml +++ b/queries/aws_lambda_function_6.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_6 Title: "Find AWS Lambda Functions and IAM Actions" Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_6.yaml.bak b/queries/aws_lambda_function_6.yaml.bak new file mode 100755 index 000000000..6fbde2809 --- /dev/null +++ b/queries/aws_lambda_function_6.yaml.bak @@ -0,0 +1,40 @@ +ID: aws_lambda_function_6 +Title: "Find AWS Lambda Functions and IAM Actions" +Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + f.name, + f.role, + a.action, + a.access_level, + a.description + from + aws_lambda_function as f, + aws_iam_role as r, + jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, + aws_iam_policy as p, + jsonb_array_elements(p.policy_std -> 'Statement') as stmt, + jsonb_array_elements_text(stmt -> 'Action') as action_glob, + glob(action_glob) as action_regex + join aws_iam_action a ON a.action LIKE action_regex + where + f.role = r.arn + and pol_arn = p.arn + and stmt ->> 'Effect' = 'Allow' + and f.name = 'hellopython'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda Function diff --git a/queries/aws_lambda_function_7.yaml b/queries/aws_lambda_function_7.yaml index ba8486b28..105e4e07c 100755 --- a/queries/aws_lambda_function_7.yaml +++ b/queries/aws_lambda_function_7.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_7 Title: "Find all AWS Lambda Functions with Missing DLQ" Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_7.yaml.bak b/queries/aws_lambda_function_7.yaml.bak new file mode 100755 index 000000000..ba8486b28 --- /dev/null +++ b/queries/aws_lambda_function_7.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_lambda_function_7 +Title: "Find all AWS Lambda Functions with Missing DLQ" +Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + dead_letter_config_target_arn + from + aws_lambda_function + where + dead_letter_config_target_arn is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda diff --git a/queries/aws_lambda_function_8.yaml b/queries/aws_lambda_function_8.yaml index 9076a796e..ab1c3d12b 100755 --- a/queries/aws_lambda_function_8.yaml +++ b/queries/aws_lambda_function_8.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_8 Title: "Find AWS Lambda Function Configuration and Details" Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_8.yaml.bak b/queries/aws_lambda_function_8.yaml.bak new file mode 100755 index 000000000..9076a796e --- /dev/null +++ b/queries/aws_lambda_function_8.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_lambda_function_8 +Title: "Find AWS Lambda Function Configuration and Details" +Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + runtime, + handler, + architectures + from + aws_lambda_function; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda diff --git a/queries/aws_lambda_function_9.yaml b/queries/aws_lambda_function_9.yaml index 6415a44f1..6421197ff 100755 --- a/queries/aws_lambda_function_9.yaml +++ b/queries/aws_lambda_function_9.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_9 Title: "List all AWS Lambda Function Configurations" Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_9.yaml.bak b/queries/aws_lambda_function_9.yaml.bak new file mode 100755 index 000000000..6415a44f1 --- /dev/null +++ b/queries/aws_lambda_function_9.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_lambda_function_9 +Title: "List all AWS Lambda Function Configurations" +Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + jsonb_pretty(url_config) as url_config + from + aws_lambda_function; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda Function diff --git a/queries/aws_lambda_function_metric_duration_daily_1.yaml b/queries/aws_lambda_function_metric_duration_daily_1.yaml index 9f62adec2..5bf3dfe72 100755 --- a/queries/aws_lambda_function_metric_duration_daily_1.yaml +++ b/queries/aws_lambda_function_metric_duration_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_metric_duration_daily_1 Title: "Find AWS Lambda Function Daily Duration Metrics" Description: "Allows users to query AWS Lambda Function daily duration metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_metric_duration_daily_1.yaml.bak b/queries/aws_lambda_function_metric_duration_daily_1.yaml.bak new file mode 100755 index 000000000..9f62adec2 --- /dev/null +++ b/queries/aws_lambda_function_metric_duration_daily_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_lambda_function_metric_duration_daily_1 +Title: "Find AWS Lambda Function Daily Duration Metrics" +Description: "Allows users to query AWS Lambda Function daily duration metrics." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_lambda_function_metric_duration_daily + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda diff --git a/queries/aws_lambda_function_metric_duration_daily_2.yaml b/queries/aws_lambda_function_metric_duration_daily_2.yaml index fc1b9da6f..463134eac 100755 --- a/queries/aws_lambda_function_metric_duration_daily_2.yaml +++ b/queries/aws_lambda_function_metric_duration_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_metric_duration_daily_2 Title: "Find AWS Lambda Function Daily Duration Metrics" Description: "Allows users to query AWS Lambda Function daily duration metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_metric_duration_daily_2.yaml.bak b/queries/aws_lambda_function_metric_duration_daily_2.yaml.bak new file mode 100755 index 000000000..fc1b9da6f --- /dev/null +++ b/queries/aws_lambda_function_metric_duration_daily_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_lambda_function_metric_duration_daily_2 +Title: "Find AWS Lambda Function Daily Duration Metrics" +Description: "Allows users to query AWS Lambda Function daily duration metrics." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + timestamp, + round(minimum::numeric,2) as min_duration, + round(maximum::numeric,2) as max_duration, + round(average::numeric,2) as avg_duration, + sample_count + from + aws_lambda_function_metric_duration_daily + where maximum > 100 + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda diff --git a/queries/aws_lambda_function_metric_duration_daily_3.yaml b/queries/aws_lambda_function_metric_duration_daily_3.yaml index e393a3c70..0a79a2152 100755 --- a/queries/aws_lambda_function_metric_duration_daily_3.yaml +++ b/queries/aws_lambda_function_metric_duration_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_metric_duration_daily_3 Title: "Find AWS Lambda Function Daily Duration Metrics" Description: "Allows users to query AWS Lambda Function daily duration metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_metric_duration_daily_3.yaml.bak b/queries/aws_lambda_function_metric_duration_daily_3.yaml.bak new file mode 100755 index 000000000..e393a3c70 --- /dev/null +++ b/queries/aws_lambda_function_metric_duration_daily_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_lambda_function_metric_duration_daily_3 +Title: "Find AWS Lambda Function Daily Duration Metrics" +Description: "Allows users to query AWS Lambda Function daily duration metrics." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + timestamp, + round(minimum::numeric,2) as min_duration, + round(maximum::numeric,2) as max_duration, + round(average::numeric,2) as avg_duration, + sample_count + from + aws_lambda_function_metric_duration_daily + where average < 5 + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_function_metric_errors_daily_1.yaml b/queries/aws_lambda_function_metric_errors_daily_1.yaml index 1b364a897..0bf85f370 100755 --- a/queries/aws_lambda_function_metric_errors_daily_1.yaml +++ b/queries/aws_lambda_function_metric_errors_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_metric_errors_daily_1 Title: "List AWS Lambda Function Daily Error Metrics" Description: "Allows users to query AWS Lambda Function error metrics on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_metric_errors_daily_1.yaml.bak b/queries/aws_lambda_function_metric_errors_daily_1.yaml.bak new file mode 100755 index 000000000..1b364a897 --- /dev/null +++ b/queries/aws_lambda_function_metric_errors_daily_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_lambda_function_metric_errors_daily_1 +Title: "List AWS Lambda Function Daily Error Metrics" +Description: "Allows users to query AWS Lambda Function error metrics on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_lambda_function_metric_errors_daily + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_function_metric_errors_daily_2.yaml b/queries/aws_lambda_function_metric_errors_daily_2.yaml index d296fe67c..aa6b01139 100755 --- a/queries/aws_lambda_function_metric_errors_daily_2.yaml +++ b/queries/aws_lambda_function_metric_errors_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_metric_errors_daily_2 Title: "List All AWS Lambda Function Errors Metrics Daily" Description: "Allows users to query AWS Lambda Function error metrics on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_metric_errors_daily_2.yaml.bak b/queries/aws_lambda_function_metric_errors_daily_2.yaml.bak new file mode 100755 index 000000000..d296fe67c --- /dev/null +++ b/queries/aws_lambda_function_metric_errors_daily_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_lambda_function_metric_errors_daily_2 +Title: "List All AWS Lambda Function Errors Metrics Daily" +Description: "Allows users to query AWS Lambda Function error metrics on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + timestamp, + round(minimum::numeric,2) as min_error, + round(maximum::numeric,2) as max_error, + round(average::numeric,2) as avg_error, + sample_count + from + aws_lambda_function_metric_errors_daily + where average < 1 + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_function_metric_invocations_daily_1.yaml b/queries/aws_lambda_function_metric_invocations_daily_1.yaml index fc8671970..cb4dba768 100755 --- a/queries/aws_lambda_function_metric_invocations_daily_1.yaml +++ b/queries/aws_lambda_function_metric_invocations_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_metric_invocations_daily_1 Title: "Find All Daily AWS Lambda Function Metrics Using SQL" Description: "Allows users to query AWS Lambda Function Metrics on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak b/queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak new file mode 100755 index 000000000..cb4dba768 --- /dev/null +++ b/queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_lambda_function_metric_invocations_daily_1 +Title: "Find All Daily AWS Lambda Function Metrics Using SQL" +Description: "Allows users to query AWS Lambda Function Metrics on a daily basis." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + timestamp, + sum + from + aws_lambda_function_metric_invocations_daily + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda Function diff --git a/queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak.bak b/queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak.bak new file mode 100755 index 000000000..cb4dba768 --- /dev/null +++ b/queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_lambda_function_metric_invocations_daily_1 +Title: "Find All Daily AWS Lambda Function Metrics Using SQL" +Description: "Allows users to query AWS Lambda Function Metrics on a daily basis." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + timestamp, + sum + from + aws_lambda_function_metric_invocations_daily + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda Function diff --git a/queries/aws_lambda_function_metric_invocations_daily_2.yaml b/queries/aws_lambda_function_metric_invocations_daily_2.yaml index b2c08592b..6cbce8711 100755 --- a/queries/aws_lambda_function_metric_invocations_daily_2.yaml +++ b/queries/aws_lambda_function_metric_invocations_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_function_metric_invocations_daily_2 Title: "Find AWS Lambda Function Metrics on a Daily Basis" Description: "Allows users to query AWS Lambda Function Metrics on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_function_metric_invocations_daily_2.yaml.bak b/queries/aws_lambda_function_metric_invocations_daily_2.yaml.bak new file mode 100755 index 000000000..b2c08592b --- /dev/null +++ b/queries/aws_lambda_function_metric_invocations_daily_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_lambda_function_metric_invocations_daily_2 +Title: "Find AWS Lambda Function Metrics on a Daily Basis" +Description: "Allows users to query AWS Lambda Function Metrics on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + timestamp, + round(sum::numeric,2) as sum_invocations, + sample_count + from + aws_lambda_function_metric_invocations_daily + where + date_part('day', now() - timestamp) <=3 + and sum > 10 + order by + name, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda Function Metrics diff --git a/queries/aws_lambda_layer_1.yaml b/queries/aws_lambda_layer_1.yaml index c746ec1ff..bf1207445 100755 --- a/queries/aws_lambda_layer_1.yaml +++ b/queries/aws_lambda_layer_1.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_layer_1 Title: "Find all AWS Lambda Layer Details" Description: "Allows users to query AWS Lambda Layers and retrieve information including layer ARNs, layer versions, compatible runtimes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_layer_1.yaml.bak b/queries/aws_lambda_layer_1.yaml.bak new file mode 100755 index 000000000..bf1207445 --- /dev/null +++ b/queries/aws_lambda_layer_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_lambda_layer_1 +Title: "Find all AWS Lambda Layer Details" +Description: "Allows users to query AWS Lambda Layers and retrieve information including layer ARNs, layer versions, compatible runtimes, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + layer_arn, + layer_name, + layer_version_arn, + created_date, + jsonb_pretty(compatible_runtimes) as compatible_runtimes, + jsonb_pretty(compatible_architectures) as compatible_architectures, + version + from + aws_lambda_layer; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda diff --git a/queries/aws_lambda_layer_1.yaml.bak.bak b/queries/aws_lambda_layer_1.yaml.bak.bak new file mode 100755 index 000000000..c746ec1ff --- /dev/null +++ b/queries/aws_lambda_layer_1.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_lambda_layer_1 +Title: "Find all AWS Lambda Layer Details" +Description: "Allows users to query AWS Lambda Layers and retrieve information including layer ARNs, layer versions, compatible runtimes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + layer_arn, + layer_name, + layer_version_arn, + created_date, + jsonb_pretty(compatible_runtimes) as compatible_runtimes, + jsonb_pretty(compatible_architectures) as compatible_architectures, + version + from + aws_lambda_layer; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lambda diff --git a/queries/aws_lambda_layer_version_1.yaml b/queries/aws_lambda_layer_version_1.yaml index 0853ef1d0..7b7982d00 100755 --- a/queries/aws_lambda_layer_version_1.yaml +++ b/queries/aws_lambda_layer_version_1.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_layer_version_1 Title: "Find AWS Lambda Layer Version Details" Description: "Allows users to query AWS Lambda Layer Versions, providing detailed information about each layer version, including its ARN, description, license info, compatible runtimes, created date, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_layer_version_1.yaml.bak b/queries/aws_lambda_layer_version_1.yaml.bak new file mode 100755 index 000000000..0853ef1d0 --- /dev/null +++ b/queries/aws_lambda_layer_version_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_lambda_layer_version_1 +Title: "Find AWS Lambda Layer Version Details" +Description: "Allows users to query AWS Lambda Layer Versions, providing detailed information about each layer version, including its ARN, description, license info, compatible runtimes, created date, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + layer_arn, + layer_name, + layer_version_arn, + created_date, + jsonb_pretty(policy) as policy, + jsonb_pretty(policy_std) as policy_std, + version + from + aws_lambda_layer_version; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_version_1.yaml b/queries/aws_lambda_version_1.yaml index 7b7dd335b..dcafc9e1c 100755 --- a/queries/aws_lambda_version_1.yaml +++ b/queries/aws_lambda_version_1.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_version_1 Title: "Find AWS Lambda Versions and Details" Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_version_1.yaml.bak b/queries/aws_lambda_version_1.yaml.bak new file mode 100755 index 000000000..dcafc9e1c --- /dev/null +++ b/queries/aws_lambda_version_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_lambda_version_1 +Title: "Find AWS Lambda Versions and Details" +Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + function_name, + version, + runtime, + handler + from + aws_lambda_version; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_version_1.yaml.bak.bak b/queries/aws_lambda_version_1.yaml.bak.bak new file mode 100755 index 000000000..dcafc9e1c --- /dev/null +++ b/queries/aws_lambda_version_1.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_lambda_version_1 +Title: "Find AWS Lambda Versions and Details" +Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + function_name, + version, + runtime, + handler + from + aws_lambda_version; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_version_2.yaml b/queries/aws_lambda_version_2.yaml index bb315c7f0..1353600c5 100755 --- a/queries/aws_lambda_version_2.yaml +++ b/queries/aws_lambda_version_2.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_version_2 Title: "List AWS Lambda Versions to Fetch Detailed Information" Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_version_2.yaml.bak b/queries/aws_lambda_version_2.yaml.bak new file mode 100755 index 000000000..bb315c7f0 --- /dev/null +++ b/queries/aws_lambda_version_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_lambda_version_2 +Title: "List AWS Lambda Versions to Fetch Detailed Information" +Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + function_name, + version, + timeout + from + aws_lambda_version + where + timeout :: int > 120; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_version_3.yaml b/queries/aws_lambda_version_3.yaml index ef21823dd..3ac4a2a09 100755 --- a/queries/aws_lambda_version_3.yaml +++ b/queries/aws_lambda_version_3.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_version_3 Title: "Find all Versions of a Specific AWS Lambda Function" Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_version_3.yaml.bak b/queries/aws_lambda_version_3.yaml.bak new file mode 100755 index 000000000..ef21823dd --- /dev/null +++ b/queries/aws_lambda_version_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_lambda_version_3 +Title: "Find all Versions of a Specific AWS Lambda Function" +Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + function_name, + version, + vpc_id, + vpc_security_group_ids, + vpc_subnet_ids + from + aws_lambda_version; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lambda_version_4.yaml b/queries/aws_lambda_version_4.yaml index 14ca15c1a..eebddae38 100755 --- a/queries/aws_lambda_version_4.yaml +++ b/queries/aws_lambda_version_4.yaml @@ -1,7 +1,7 @@ ID: aws_lambda_version_4 Title: "Query AWS Lambda Versions for Detailed Information" Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lambda_version_4.yaml.bak b/queries/aws_lambda_version_4.yaml.bak new file mode 100755 index 000000000..14ca15c1a --- /dev/null +++ b/queries/aws_lambda_version_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_lambda_version_4 +Title: "Query AWS Lambda Versions for Detailed Information" +Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + jsonb_pretty(policy) as policy, + jsonb_pretty(policy_std) as policy_std + from + aws_lambda_version; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lambda diff --git a/queries/aws_lightsail_bucket_1.yaml b/queries/aws_lightsail_bucket_1.yaml index 7b04c954c..d4cc279c4 100755 --- a/queries/aws_lightsail_bucket_1.yaml +++ b/queries/aws_lightsail_bucket_1.yaml @@ -1,7 +1,7 @@ ID: aws_lightsail_bucket_1 Title: "Find AWS Lightsail Buckets and Retrieve Detailed Information" Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lightsail_bucket_1.yaml.bak b/queries/aws_lightsail_bucket_1.yaml.bak new file mode 100755 index 000000000..7b04c954c --- /dev/null +++ b/queries/aws_lightsail_bucket_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_lightsail_bucket_1 +Title: "Find AWS Lightsail Buckets and Retrieve Detailed Information" +Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + state_code, + created_at + from + aws_lightsail_bucket; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Lightsail Buckets diff --git a/queries/aws_lightsail_bucket_2.yaml b/queries/aws_lightsail_bucket_2.yaml index 8c977ec7e..9014e4c38 100755 --- a/queries/aws_lightsail_bucket_2.yaml +++ b/queries/aws_lightsail_bucket_2.yaml @@ -1,7 +1,7 @@ ID: aws_lightsail_bucket_2 Title: "List all AWS Lightsail Buckets and Configurations" Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lightsail_bucket_2.yaml.bak b/queries/aws_lightsail_bucket_2.yaml.bak new file mode 100755 index 000000000..9014e4c38 --- /dev/null +++ b/queries/aws_lightsail_bucket_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_lightsail_bucket_2 +Title: "List all AWS Lightsail Buckets and Configurations" +Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + region, + count(*) as bucket_count + from + aws_lightsail_bucket + group by + region; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Lightsail diff --git a/queries/aws_lightsail_bucket_2.yaml.bak.bak b/queries/aws_lightsail_bucket_2.yaml.bak.bak new file mode 100755 index 000000000..9014e4c38 --- /dev/null +++ b/queries/aws_lightsail_bucket_2.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_lightsail_bucket_2 +Title: "List all AWS Lightsail Buckets and Configurations" +Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + region, + count(*) as bucket_count + from + aws_lightsail_bucket + group by + region; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Lightsail diff --git a/queries/aws_lightsail_bucket_3.yaml b/queries/aws_lightsail_bucket_3.yaml index 9895c67d2..741b0b597 100755 --- a/queries/aws_lightsail_bucket_3.yaml +++ b/queries/aws_lightsail_bucket_3.yaml @@ -1,7 +1,7 @@ ID: aws_lightsail_bucket_3 Title: "List all AWS Lightsail Buckets with Public Access" Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lightsail_bucket_3.yaml.bak b/queries/aws_lightsail_bucket_3.yaml.bak new file mode 100755 index 000000000..9895c67d2 --- /dev/null +++ b/queries/aws_lightsail_bucket_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_lightsail_bucket_3 +Title: "List all AWS Lightsail Buckets with Public Access" +Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + region, + access_rules ->> 'GetObject' as public_access + from + aws_lightsail_bucket + where + access_rules ->> 'GetObject' = 'public'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Lightsail diff --git a/queries/aws_lightsail_bucket_4.yaml b/queries/aws_lightsail_bucket_4.yaml index 8abd828d7..da3a0ca0d 100755 --- a/queries/aws_lightsail_bucket_4.yaml +++ b/queries/aws_lightsail_bucket_4.yaml @@ -1,7 +1,7 @@ ID: aws_lightsail_bucket_4 Title: "Find AWS Lightsail Buckets with Configuration Details" Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lightsail_bucket_4.yaml.bak b/queries/aws_lightsail_bucket_4.yaml.bak new file mode 100755 index 000000000..8abd828d7 --- /dev/null +++ b/queries/aws_lightsail_bucket_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_lightsail_bucket_4 +Title: "Find AWS Lightsail Buckets with Configuration Details" +Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_at + from + aws_lightsail_bucket + where + created_at >= (current_date - interval '30' day); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Lightsail diff --git a/queries/aws_lightsail_bucket_5.yaml b/queries/aws_lightsail_bucket_5.yaml index 42acbe8c7..5c622e886 100755 --- a/queries/aws_lightsail_bucket_5.yaml +++ b/queries/aws_lightsail_bucket_5.yaml @@ -1,7 +1,7 @@ ID: aws_lightsail_bucket_5 Title: "Find all AWS Lightsail Buckets without tags" Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lightsail_bucket_5.yaml.bak b/queries/aws_lightsail_bucket_5.yaml.bak new file mode 100755 index 000000000..42acbe8c7 --- /dev/null +++ b/queries/aws_lightsail_bucket_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_lightsail_bucket_5 +Title: "Find all AWS Lightsail Buckets without tags" +Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + tags + from + aws_lightsail_bucket + where + tags is null or tags = '[]'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Lightsail diff --git a/queries/aws_lightsail_bucket_6.yaml b/queries/aws_lightsail_bucket_6.yaml index 57b5b0fb4..334197bed 100755 --- a/queries/aws_lightsail_bucket_6.yaml +++ b/queries/aws_lightsail_bucket_6.yaml @@ -1,7 +1,7 @@ ID: aws_lightsail_bucket_6 Title: "Find AWS Lightsail Buckets with Enabled Versioning" Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lightsail_bucket_6.yaml.bak b/queries/aws_lightsail_bucket_6.yaml.bak new file mode 100755 index 000000000..57b5b0fb4 --- /dev/null +++ b/queries/aws_lightsail_bucket_6.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_lightsail_bucket_6 +Title: "Find AWS Lightsail Buckets with Enabled Versioning" +Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + object_versioning + from + aws_lightsail_bucket + where + object_versioning = 'Enabled'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Lightsail diff --git a/queries/aws_lightsail_bucket_7.yaml b/queries/aws_lightsail_bucket_7.yaml index b4d854242..4b647f772 100755 --- a/queries/aws_lightsail_bucket_7.yaml +++ b/queries/aws_lightsail_bucket_7.yaml @@ -1,7 +1,7 @@ ID: aws_lightsail_bucket_7 Title: "Find AWS Lightsail Bucket Configuration and Access Rules" Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lightsail_bucket_7.yaml.bak b/queries/aws_lightsail_bucket_7.yaml.bak new file mode 100755 index 000000000..b4d854242 --- /dev/null +++ b/queries/aws_lightsail_bucket_7.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_lightsail_bucket_7 +Title: "Find AWS Lightsail Bucket Configuration and Access Rules" +Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + access_log_config ->> 'Enabled' as access_log_enabled, + access_log_config ->> 'Destination' as access_log_destination, + access_log_config ->> 'Prefix' as access_log_prefix + from + aws_lightsail_bucket; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Lightsail diff --git a/queries/aws_lightsail_instance_1.yaml b/queries/aws_lightsail_instance_1.yaml index ea07e571a..ffe0bf0e2 100755 --- a/queries/aws_lightsail_instance_1.yaml +++ b/queries/aws_lightsail_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_lightsail_instance_1 Title: "List all AWS Lightsail instances with details" Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lightsail_instance_1.yaml.bak b/queries/aws_lightsail_instance_1.yaml.bak new file mode 100755 index 000000000..ea07e571a --- /dev/null +++ b/queries/aws_lightsail_instance_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_lightsail_instance_1 +Title: "List all AWS Lightsail instances with details" +Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + availability_zone as az, + bundle_id, + count(*) + from + aws_lightsail_instance + group by + availability_zone, + bundle_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lightsail diff --git a/queries/aws_lightsail_instance_2.yaml b/queries/aws_lightsail_instance_2.yaml index 5e4e60726..60feeca82 100755 --- a/queries/aws_lightsail_instance_2.yaml +++ b/queries/aws_lightsail_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_lightsail_instance_2 Title: "List all AWS Lightsail Instances with Stopped State" Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lightsail_instance_2.yaml.bak b/queries/aws_lightsail_instance_2.yaml.bak new file mode 100755 index 000000000..5e4e60726 --- /dev/null +++ b/queries/aws_lightsail_instance_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_lightsail_instance_2 +Title: "List all AWS Lightsail Instances with Stopped State" +Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + state_name + from + aws_lightsail_instance + where + state_name = 'stopped' + and created_at <= (current_date - interval '30' day); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lightsail diff --git a/queries/aws_lightsail_instance_3.yaml b/queries/aws_lightsail_instance_3.yaml index 3959cd7e4..6bea4b782 100755 --- a/queries/aws_lightsail_instance_3.yaml +++ b/queries/aws_lightsail_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_lightsail_instance_3 Title: "List AWS Lightsail Instances with State and Details" Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lightsail_instance_3.yaml.bak b/queries/aws_lightsail_instance_3.yaml.bak new file mode 100755 index 000000000..3959cd7e4 --- /dev/null +++ b/queries/aws_lightsail_instance_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_lightsail_instance_3 +Title: "List AWS Lightsail Instances with State and Details" +Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + state_name, + bundle_id, + region + from + aws_lightsail_instance + where + public_ip_address is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Lightsail diff --git a/queries/aws_lightsail_instance_4.yaml b/queries/aws_lightsail_instance_4.yaml index aa3b1d8f1..6109f4413 100755 --- a/queries/aws_lightsail_instance_4.yaml +++ b/queries/aws_lightsail_instance_4.yaml @@ -1,7 +1,7 @@ ID: aws_lightsail_instance_4 Title: "List all AWS Lightsail Instances and Their Details" Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lightsail_instance_4.yaml.bak b/queries/aws_lightsail_instance_4.yaml.bak new file mode 100755 index 000000000..aa3b1d8f1 --- /dev/null +++ b/queries/aws_lightsail_instance_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_lightsail_instance_4 +Title: "List all AWS Lightsail Instances and Their Details" +Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + tags + from + aws_lightsail_instance + where + not tags :: JSONB ? 'application'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Lightsail diff --git a/queries/aws_lightsail_instance_5.yaml b/queries/aws_lightsail_instance_5.yaml index 68b895eb4..2a2c863f1 100755 --- a/queries/aws_lightsail_instance_5.yaml +++ b/queries/aws_lightsail_instance_5.yaml @@ -1,7 +1,7 @@ ID: aws_lightsail_instance_5 Title: "Find AWS Lightsail Instances with Details" Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_lightsail_instance_5.yaml.bak b/queries/aws_lightsail_instance_5.yaml.bak new file mode 100755 index 000000000..68b895eb4 --- /dev/null +++ b/queries/aws_lightsail_instance_5.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_lightsail_instance_5 +Title: "Find AWS Lightsail Instances with Details" +Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + hardware ->> 'CpuCount' as "CPU Count", + hardware ->> 'RamSizeInGb' as "RAM Size (in GB)" + from + aws_lightsail_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Lightsail diff --git a/queries/aws_macie2_classification_job_1.yaml b/queries/aws_macie2_classification_job_1.yaml index ccdbea443..d53445b31 100755 --- a/queries/aws_macie2_classification_job_1.yaml +++ b/queries/aws_macie2_classification_job_1.yaml @@ -1,7 +1,7 @@ ID: aws_macie2_classification_job_1 Title: "List all AWS Macie2 Classification Jobs and Status" Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_macie2_classification_job_1.yaml.bak b/queries/aws_macie2_classification_job_1.yaml.bak new file mode 100755 index 000000000..ccdbea443 --- /dev/null +++ b/queries/aws_macie2_classification_job_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_macie2_classification_job_1 +Title: "List all AWS Macie2 Classification Jobs and Status" +Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + job_id, + arn, + name, + job_status, + region + from + aws_macie2_classification_job; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Macie2 diff --git a/queries/aws_macie2_classification_job_2.yaml b/queries/aws_macie2_classification_job_2.yaml index 64f062b2a..c7e52131b 100755 --- a/queries/aws_macie2_classification_job_2.yaml +++ b/queries/aws_macie2_classification_job_2.yaml @@ -1,7 +1,7 @@ ID: aws_macie2_classification_job_2 Title: "List AWS Macie2 Classification Jobs and Details" Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_macie2_classification_job_2.yaml.bak b/queries/aws_macie2_classification_job_2.yaml.bak new file mode 100755 index 000000000..64f062b2a --- /dev/null +++ b/queries/aws_macie2_classification_job_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_macie2_classification_job_2 +Title: "List AWS Macie2 Classification Jobs and Details" +Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + job_id, + detail -> 'AccountId' as account_id, + detail -> 'Buckets' as buckets + from + aws_macie2_classification_job, + jsonb_array_elements(s3_job_definition -> 'BucketDefinitions') as detail; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Macie2 diff --git a/queries/aws_macie2_classification_job_3.yaml b/queries/aws_macie2_classification_job_3.yaml index ff0e81576..0515ba077 100755 --- a/queries/aws_macie2_classification_job_3.yaml +++ b/queries/aws_macie2_classification_job_3.yaml @@ -1,7 +1,7 @@ ID: aws_macie2_classification_job_3 Title: "Find AWS Macie2 Classification Jobs with Cancelled or Paused Status" Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_macie2_classification_job_3.yaml.bak b/queries/aws_macie2_classification_job_3.yaml.bak new file mode 100755 index 000000000..ff0e81576 --- /dev/null +++ b/queries/aws_macie2_classification_job_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_macie2_classification_job_3 +Title: "Find AWS Macie2 Classification Jobs with Cancelled or Paused Status" +Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + job_id, + arn, + name, + job_status as status + from + aws_macie2_classification_job + where + job_status = 'CANCELLED' + or job_status = 'PAUSED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Macie2 diff --git a/queries/aws_macie2_classification_job_4.yaml b/queries/aws_macie2_classification_job_4.yaml index c0924007b..9d5a4990b 100755 --- a/queries/aws_macie2_classification_job_4.yaml +++ b/queries/aws_macie2_classification_job_4.yaml @@ -1,7 +1,7 @@ ID: aws_macie2_classification_job_4 Title: "List AWS Macie2 Classification Jobs and Details" Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_macie2_classification_job_4.yaml.bak b/queries/aws_macie2_classification_job_4.yaml.bak new file mode 100755 index 000000000..c0924007b --- /dev/null +++ b/queries/aws_macie2_classification_job_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_macie2_classification_job_4 +Title: "List AWS Macie2 Classification Jobs and Details" +Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + job_id, + arn, + statistics ->> 'ApproximateNumberOfObjectsToProcess' as approximate_number_of_objects_to_process, + statistics ->> 'NumberOfRuns' as number_of_runs + from + aws_macie2_classification_job; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Macie2 diff --git a/queries/aws_media_store_container_1.yaml b/queries/aws_media_store_container_1.yaml index 203582f9f..4485e84b9 100755 --- a/queries/aws_media_store_container_1.yaml +++ b/queries/aws_media_store_container_1.yaml @@ -1,7 +1,7 @@ ID: aws_media_store_container_1 Title: "List AWS MediaStore Container Details" Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_media_store_container_1.yaml.bak b/queries/aws_media_store_container_1.yaml.bak new file mode 100755 index 000000000..203582f9f --- /dev/null +++ b/queries/aws_media_store_container_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_media_store_container_1 +Title: "List AWS MediaStore Container Details" +Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + status, + access_logging_enabled, + creation_time, + endpoint + from + aws_media_store_container; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - MediaStore diff --git a/queries/aws_media_store_container_2.yaml b/queries/aws_media_store_container_2.yaml index 8efc82600..0366e92cc 100755 --- a/queries/aws_media_store_container_2.yaml +++ b/queries/aws_media_store_container_2.yaml @@ -1,7 +1,7 @@ ID: aws_media_store_container_2 Title: "List all AWS MediaStore Containers with details" Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_media_store_container_2.yaml.bak b/queries/aws_media_store_container_2.yaml.bak new file mode 100755 index 000000000..8efc82600 --- /dev/null +++ b/queries/aws_media_store_container_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_media_store_container_2 +Title: "List all AWS MediaStore Containers with details" +Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + status, + access_logging_enabled, + creation_time, + endpoint + from + aws_media_store_container + where + status = 'CREATING'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - MediaStore diff --git a/queries/aws_media_store_container_3.yaml b/queries/aws_media_store_container_3.yaml index 68f155271..f2fc82490 100755 --- a/queries/aws_media_store_container_3.yaml +++ b/queries/aws_media_store_container_3.yaml @@ -1,7 +1,7 @@ ID: aws_media_store_container_3 Title: "List AWS MediaStore Container Info with ARN and Status" Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_media_store_container_3.yaml.bak b/queries/aws_media_store_container_3.yaml.bak new file mode 100755 index 000000000..68f155271 --- /dev/null +++ b/queries/aws_media_store_container_3.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_media_store_container_3 +Title: "List AWS MediaStore Container Info with ARN and Status" +Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + jsonb_pretty(policy) as policy, + jsonb_pretty(policy_std) as policy_std + from + aws_media_store_container; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - MediaStore diff --git a/queries/aws_media_store_container_4.yaml b/queries/aws_media_store_container_4.yaml index d43608e1f..870746f67 100755 --- a/queries/aws_media_store_container_4.yaml +++ b/queries/aws_media_store_container_4.yaml @@ -1,7 +1,7 @@ ID: aws_media_store_container_4 Title: "Find AWS MediaStore Container Info with Access Logging" Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_media_store_container_4.yaml.bak b/queries/aws_media_store_container_4.yaml.bak new file mode 100755 index 000000000..d43608e1f --- /dev/null +++ b/queries/aws_media_store_container_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_media_store_container_4 +Title: "Find AWS MediaStore Container Info with Access Logging" +Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + access_logging_enabled + from + aws_media_store_container + where + access_logging_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - MediaStore diff --git a/queries/aws_memorydb_cluster_1.yaml b/queries/aws_memorydb_cluster_1.yaml index 8376c7754..f40dac2a8 100755 --- a/queries/aws_memorydb_cluster_1.yaml +++ b/queries/aws_memorydb_cluster_1.yaml @@ -1,7 +1,7 @@ ID: aws_memorydb_cluster_1 Title: "List all AWS MemoryDB Clusters and Configurations" Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_memorydb_cluster_1.yaml.bak b/queries/aws_memorydb_cluster_1.yaml.bak new file mode 100755 index 000000000..8376c7754 --- /dev/null +++ b/queries/aws_memorydb_cluster_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_memorydb_cluster_1 +Title: "List all AWS MemoryDB Clusters and Configurations" +Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + status, + node_type, + engine_version, + region + from + aws_memorydb_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - MemoryDB diff --git a/queries/aws_memorydb_cluster_2.yaml b/queries/aws_memorydb_cluster_2.yaml index 4397c0432..2bc431574 100755 --- a/queries/aws_memorydb_cluster_2.yaml +++ b/queries/aws_memorydb_cluster_2.yaml @@ -1,7 +1,7 @@ ID: aws_memorydb_cluster_2 Title: "List all AWS MemoryDB Clusters with SQL" Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_memorydb_cluster_2.yaml.bak b/queries/aws_memorydb_cluster_2.yaml.bak new file mode 100755 index 000000000..2bc431574 --- /dev/null +++ b/queries/aws_memorydb_cluster_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_memorydb_cluster_2 +Title: "List all AWS MemoryDB Clusters with SQL" +Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + auto_minor_version_upgrade + from + aws_memorydb_cluster + where + auto_minor_version_upgrade = true; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - MemoryDB diff --git a/queries/aws_memorydb_cluster_2.yaml.bak.bak b/queries/aws_memorydb_cluster_2.yaml.bak.bak new file mode 100755 index 000000000..2bc431574 --- /dev/null +++ b/queries/aws_memorydb_cluster_2.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_memorydb_cluster_2 +Title: "List all AWS MemoryDB Clusters with SQL" +Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + auto_minor_version_upgrade + from + aws_memorydb_cluster + where + auto_minor_version_upgrade = true; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - MemoryDB diff --git a/queries/aws_memorydb_cluster_3.yaml b/queries/aws_memorydb_cluster_3.yaml index 9430637fc..913499acf 100755 --- a/queries/aws_memorydb_cluster_3.yaml +++ b/queries/aws_memorydb_cluster_3.yaml @@ -1,7 +1,7 @@ ID: aws_memorydb_cluster_3 Title: "List all AWS MemoryDB clusters and their configurations" Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_memorydb_cluster_3.yaml.bak b/queries/aws_memorydb_cluster_3.yaml.bak new file mode 100755 index 000000000..9430637fc --- /dev/null +++ b/queries/aws_memorydb_cluster_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_memorydb_cluster_3 +Title: "List all AWS MemoryDB clusters and their configurations" +Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + availability_mode + from + aws_memorydb_cluster + where + availability_mode = 'multiaz'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - MemoryDB diff --git a/queries/aws_memorydb_cluster_4.yaml b/queries/aws_memorydb_cluster_4.yaml index 68c16a583..b25482d5d 100755 --- a/queries/aws_memorydb_cluster_4.yaml +++ b/queries/aws_memorydb_cluster_4.yaml @@ -1,7 +1,7 @@ ID: aws_memorydb_cluster_4 Title: "Find All AWS MemoryDB Clusters Without TLS Encryption" Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_memorydb_cluster_4.yaml.bak b/queries/aws_memorydb_cluster_4.yaml.bak new file mode 100755 index 000000000..68c16a583 --- /dev/null +++ b/queries/aws_memorydb_cluster_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_memorydb_cluster_4 +Title: "Find All AWS MemoryDB Clusters Without TLS Encryption" +Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + tls_enabled + from + aws_memorydb_cluster + where + tls_enabled = false; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - MemoryDB diff --git a/queries/aws_memorydb_cluster_5.yaml b/queries/aws_memorydb_cluster_5.yaml index 31ba17c19..cf6211ec4 100755 --- a/queries/aws_memorydb_cluster_5.yaml +++ b/queries/aws_memorydb_cluster_5.yaml @@ -1,7 +1,7 @@ ID: aws_memorydb_cluster_5 Title: "List All AWS MemoryDB Cluster Configurations and Statuses" Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_memorydb_cluster_5.yaml.bak b/queries/aws_memorydb_cluster_5.yaml.bak new file mode 100755 index 000000000..31ba17c19 --- /dev/null +++ b/queries/aws_memorydb_cluster_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_memorydb_cluster_5 +Title: "List All AWS MemoryDB Cluster Configurations and Statuses" +Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + maintenance_window + from + aws_memorydb_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - MemoryDB diff --git a/queries/aws_memorydb_cluster_6.yaml b/queries/aws_memorydb_cluster_6.yaml index 57b2e1499..091e90f1e 100755 --- a/queries/aws_memorydb_cluster_6.yaml +++ b/queries/aws_memorydb_cluster_6.yaml @@ -1,7 +1,7 @@ ID: aws_memorydb_cluster_6 Title: "Find AWS MemoryDB Cluster Configurations and Statuses" Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_memorydb_cluster_6.yaml.bak b/queries/aws_memorydb_cluster_6.yaml.bak new file mode 100755 index 000000000..57b2e1499 --- /dev/null +++ b/queries/aws_memorydb_cluster_6.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_memorydb_cluster_6 +Title: "Find AWS MemoryDB Cluster Configurations and Statuses" +Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + node_type + from + aws_memorydb_cluster + where + node_type = 'db.r6gd.xlarge'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - MemoryDB diff --git a/queries/aws_memorydb_cluster_7.yaml b/queries/aws_memorydb_cluster_7.yaml index 542b9505d..67598230a 100755 --- a/queries/aws_memorydb_cluster_7.yaml +++ b/queries/aws_memorydb_cluster_7.yaml @@ -1,7 +1,7 @@ ID: aws_memorydb_cluster_7 Title: "Find all AWS MemoryDB Cluster Configurations and Statuses" Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_memorydb_cluster_7.yaml.bak b/queries/aws_memorydb_cluster_7.yaml.bak new file mode 100755 index 000000000..542b9505d --- /dev/null +++ b/queries/aws_memorydb_cluster_7.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_memorydb_cluster_7 +Title: "Find all AWS MemoryDB Cluster Configurations and Statuses" +Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + number_of_shards, + shards + from + aws_memorydb_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - MemoryDB diff --git a/queries/aws_memorydb_cluster_8.yaml b/queries/aws_memorydb_cluster_8.yaml index 69531e06d..9c650e338 100755 --- a/queries/aws_memorydb_cluster_8.yaml +++ b/queries/aws_memorydb_cluster_8.yaml @@ -1,7 +1,7 @@ ID: aws_memorydb_cluster_8 Title: "Find AWS MemoryDB Clusters with Pending Updates" Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_memorydb_cluster_8.yaml.bak b/queries/aws_memorydb_cluster_8.yaml.bak new file mode 100755 index 000000000..69531e06d --- /dev/null +++ b/queries/aws_memorydb_cluster_8.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_memorydb_cluster_8 +Title: "Find AWS MemoryDB Clusters with Pending Updates" +Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + pending_updates + from + aws_memorydb_cluster + where + jsonb_array_length(pending_updates) > 0; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - MemoryDB diff --git a/queries/aws_memorydb_cluster_9.yaml b/queries/aws_memorydb_cluster_9.yaml index a1d262fd0..cb9fabe8e 100755 --- a/queries/aws_memorydb_cluster_9.yaml +++ b/queries/aws_memorydb_cluster_9.yaml @@ -1,7 +1,7 @@ ID: aws_memorydb_cluster_9 Title: "Find all AWS MemoryDB Clusters and their configurations" Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_memorydb_cluster_9.yaml.bak b/queries/aws_memorydb_cluster_9.yaml.bak new file mode 100755 index 000000000..a1d262fd0 --- /dev/null +++ b/queries/aws_memorydb_cluster_9.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_memorydb_cluster_9 +Title: "Find all AWS MemoryDB Clusters and their configurations" +Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + snapshot_retention_limit, + snapshot_window + from + aws_memorydb_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - MemoryDB diff --git a/queries/aws_mgn_application_1.yaml b/queries/aws_mgn_application_1.yaml index 0d7a1c0f9..3a3034a22 100755 --- a/queries/aws_mgn_application_1.yaml +++ b/queries/aws_mgn_application_1.yaml @@ -1,7 +1,7 @@ ID: aws_mgn_application_1 Title: "List all AWS Migration Service Applications with Details" Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_mgn_application_1.yaml.bak b/queries/aws_mgn_application_1.yaml.bak new file mode 100755 index 000000000..3a3034a22 --- /dev/null +++ b/queries/aws_mgn_application_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_mgn_application_1 +Title: "List all AWS Migration Service Applications with Details" +Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + application_id, + creation_date_time, + is_archived, + wave_id, + tags + from + aws_mgn_application; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Migration Service diff --git a/queries/aws_mgn_application_1.yaml.bak.bak b/queries/aws_mgn_application_1.yaml.bak.bak new file mode 100755 index 000000000..3a3034a22 --- /dev/null +++ b/queries/aws_mgn_application_1.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_mgn_application_1 +Title: "List all AWS Migration Service Applications with Details" +Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + application_id, + creation_date_time, + is_archived, + wave_id, + tags + from + aws_mgn_application; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Migration Service diff --git a/queries/aws_mgn_application_2.yaml b/queries/aws_mgn_application_2.yaml index a2e872085..482090ce1 100755 --- a/queries/aws_mgn_application_2.yaml +++ b/queries/aws_mgn_application_2.yaml @@ -1,7 +1,7 @@ ID: aws_mgn_application_2 Title: "List AWS Migration Service Applications with Details" Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_mgn_application_2.yaml.bak b/queries/aws_mgn_application_2.yaml.bak new file mode 100755 index 000000000..a2e872085 --- /dev/null +++ b/queries/aws_mgn_application_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_mgn_application_2 +Title: "List AWS Migration Service Applications with Details" +Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + application_id, + creation_date_time, + is_archived + from + aws_mgn_application + where + is_archived; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Migration Service diff --git a/queries/aws_mgn_application_3.yaml b/queries/aws_mgn_application_3.yaml index b4338f62a..2aabe2533 100755 --- a/queries/aws_mgn_application_3.yaml +++ b/queries/aws_mgn_application_3.yaml @@ -1,7 +1,7 @@ ID: aws_mgn_application_3 Title: "List All AWS Migration Service Applications Details" Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_mgn_application_3.yaml.bak b/queries/aws_mgn_application_3.yaml.bak new file mode 100755 index 000000000..b4338f62a --- /dev/null +++ b/queries/aws_mgn_application_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_mgn_application_3 +Title: "List All AWS Migration Service Applications Details" +Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + application_id, + application_aggregated_status ->> 'HealthStatus' as health_status, + application_aggregated_status ->> 'ProgressStatus' as progress_status, + application_aggregated_status ->> 'TotalSourceServers' as total_source_servers + from + aws_mgn_application; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Migration Service diff --git a/queries/aws_mgn_application_4.yaml b/queries/aws_mgn_application_4.yaml index ad8f54122..a7fa50fe7 100755 --- a/queries/aws_mgn_application_4.yaml +++ b/queries/aws_mgn_application_4.yaml @@ -1,7 +1,7 @@ ID: aws_mgn_application_4 Title: "List AWS Migration Service Applications with Details" Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_mgn_application_4.yaml.bak b/queries/aws_mgn_application_4.yaml.bak new file mode 100755 index 000000000..ad8f54122 --- /dev/null +++ b/queries/aws_mgn_application_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_mgn_application_4 +Title: "List AWS Migration Service Applications with Details" +Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + application_id, + creation_date_time, + is_archived, + wave_id + from + aws_mgn_application + where + creation_date_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Migration Service diff --git a/queries/aws_mq_broker_1.yaml b/queries/aws_mq_broker_1.yaml index a2c50e170..ffc01fbe5 100755 --- a/queries/aws_mq_broker_1.yaml +++ b/queries/aws_mq_broker_1.yaml @@ -1,7 +1,7 @@ ID: aws_mq_broker_1 Title: "List all AWS MQ Brokers with Key Details" Description: "Allows users to query AWS MQ Brokers." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_mq_broker_1.yaml.bak b/queries/aws_mq_broker_1.yaml.bak new file mode 100755 index 000000000..a2c50e170 --- /dev/null +++ b/queries/aws_mq_broker_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_mq_broker_1 +Title: "List all AWS MQ Brokers with Key Details" +Description: "Allows users to query AWS MQ Brokers." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + broker_name, + broker_state, + deployment_mode, + created, + host_instance_type, + engine_type, + engine_version + tags + from + aws_mq_broker; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - MQ diff --git a/queries/aws_mq_broker_2.yaml b/queries/aws_mq_broker_2.yaml index 371bbf7df..52c216124 100755 --- a/queries/aws_mq_broker_2.yaml +++ b/queries/aws_mq_broker_2.yaml @@ -1,7 +1,7 @@ ID: aws_mq_broker_2 Title: "Find AWS MQ Brokers with Reboot In Progress State" Description: "Allows users to query AWS MQ Brokers." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_mq_broker_2.yaml.bak b/queries/aws_mq_broker_2.yaml.bak new file mode 100755 index 000000000..371bbf7df --- /dev/null +++ b/queries/aws_mq_broker_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_mq_broker_2 +Title: "Find AWS MQ Brokers with Reboot In Progress State" +Description: "Allows users to query AWS MQ Brokers." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + broker_name, + broker_state, + created + data_replication_mode, + authentication_strategy + from + aws_mq_broker + where + broker_state = 'REBOOT_IN_PROGRESS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - MQ Brokers diff --git a/queries/aws_mq_broker_3.yaml b/queries/aws_mq_broker_3.yaml index 703fe9a25..b4a22fff3 100755 --- a/queries/aws_mq_broker_3.yaml +++ b/queries/aws_mq_broker_3.yaml @@ -1,7 +1,7 @@ ID: aws_mq_broker_3 Title: "List all AWS MQ Brokers with SQL Queries" Description: "Allows users to query AWS MQ Brokers." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_mq_broker_3.yaml.bak b/queries/aws_mq_broker_3.yaml.bak new file mode 100755 index 000000000..703fe9a25 --- /dev/null +++ b/queries/aws_mq_broker_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_mq_broker_3 +Title: "List all AWS MQ Brokers with SQL Queries" +Description: "Allows users to query AWS MQ Brokers." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + broker_name, + broker_state, + created + from + aws_mq_broker + where + publicly_accessible; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - MQ Brokers diff --git a/queries/aws_mq_broker_4.yaml b/queries/aws_mq_broker_4.yaml index 3786c1f7f..32fd0572c 100755 --- a/queries/aws_mq_broker_4.yaml +++ b/queries/aws_mq_broker_4.yaml @@ -1,7 +1,7 @@ ID: aws_mq_broker_4 Title: "Find all AWS MQ Brokers using SQL" Description: "Allows users to query AWS MQ Brokers." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_mq_broker_4.yaml.bak b/queries/aws_mq_broker_4.yaml.bak new file mode 100755 index 000000000..3786c1f7f --- /dev/null +++ b/queries/aws_mq_broker_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_mq_broker_4 +Title: "Find all AWS MQ Brokers using SQL" +Description: "Allows users to query AWS MQ Brokers." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + broker_name, + encryption_options ->> 'UseAwsOwnedKey' as use_aws_owned_key, + created + from + aws_mq_broker + where + encryption_options ->> 'UseAwsOwnedKey' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - MQ Broker diff --git a/queries/aws_mq_broker_5.yaml b/queries/aws_mq_broker_5.yaml index c7e9a41b6..68ab43633 100755 --- a/queries/aws_mq_broker_5.yaml +++ b/queries/aws_mq_broker_5.yaml @@ -1,7 +1,7 @@ ID: aws_mq_broker_5 Title: "Find all AWS MQ Brokers with Maintenance Window Info" Description: "Allows users to query AWS MQ Brokers." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_mq_broker_5.yaml.bak b/queries/aws_mq_broker_5.yaml.bak new file mode 100755 index 000000000..c7e9a41b6 --- /dev/null +++ b/queries/aws_mq_broker_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_mq_broker_5 +Title: "Find all AWS MQ Brokers with Maintenance Window Info" +Description: "Allows users to query AWS MQ Brokers." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + broker_name, + maintenance_window_start_time -> 'DayOfWeek' as day_of_week, + maintenance_window_start_time -> 'TimeOfDay' as time_of_day, + maintenance_window_start_time -> 'TimeZone' as time_zone + from + aws_mq_broker; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - MQ diff --git a/queries/aws_msk_cluster_1.yaml b/queries/aws_msk_cluster_1.yaml index a4901eab1..31c42e9db 100755 --- a/queries/aws_msk_cluster_1.yaml +++ b/queries/aws_msk_cluster_1.yaml @@ -1,7 +1,7 @@ ID: aws_msk_cluster_1 Title: "Find AWS MSK Clusters using SQL with Steampipe Table" Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_msk_cluster_1.yaml.bak b/queries/aws_msk_cluster_1.yaml.bak new file mode 100755 index 000000000..a4901eab1 --- /dev/null +++ b/queries/aws_msk_cluster_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_msk_cluster_1 +Title: "Find AWS MSK Clusters using SQL with Steampipe Table" +Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + cluster_name, + state, + cluster_type, + creation_time, + current_version, + region, + tags + from + aws_msk_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Managed Streaming for Apache Kafka diff --git a/queries/aws_msk_cluster_2.yaml b/queries/aws_msk_cluster_2.yaml index f6bd2decb..fab4ea26f 100755 --- a/queries/aws_msk_cluster_2.yaml +++ b/queries/aws_msk_cluster_2.yaml @@ -1,7 +1,7 @@ ID: aws_msk_cluster_2 Title: "List all AWS MSK Clusters and Their States" Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_msk_cluster_2.yaml.bak b/queries/aws_msk_cluster_2.yaml.bak new file mode 100755 index 000000000..fab4ea26f --- /dev/null +++ b/queries/aws_msk_cluster_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_msk_cluster_2 +Title: "List all AWS MSK Clusters and Their States" +Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + cluster_name, + state, + creation_time + from + aws_msk_cluster + where + state <> 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Managed Streaming for Apache Kafka diff --git a/queries/aws_msk_cluster_2.yaml.bak.bak b/queries/aws_msk_cluster_2.yaml.bak.bak new file mode 100755 index 000000000..fab4ea26f --- /dev/null +++ b/queries/aws_msk_cluster_2.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_msk_cluster_2 +Title: "List all AWS MSK Clusters and Their States" +Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + cluster_name, + state, + creation_time + from + aws_msk_cluster + where + state <> 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Managed Streaming for Apache Kafka diff --git a/queries/aws_msk_cluster_3.yaml b/queries/aws_msk_cluster_3.yaml index 223d737b6..627cf1182 100755 --- a/queries/aws_msk_cluster_3.yaml +++ b/queries/aws_msk_cluster_3.yaml @@ -1,7 +1,7 @@ ID: aws_msk_cluster_3 Title: "Find AWS MSK Clusters and Their Details" Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_msk_cluster_3.yaml.bak b/queries/aws_msk_cluster_3.yaml.bak new file mode 100755 index 000000000..223d737b6 --- /dev/null +++ b/queries/aws_msk_cluster_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_msk_cluster_3 +Title: "Find AWS MSK Clusters and Their Details" +Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + cluster_name, + state, + creation_time + from + aws_msk_cluster + where + provisioned -> 'BrokerNodeGroupInfo' -> 'ConnectivityInfo' -> 'PublicAccess' ->> 'Type' <> 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Managed Streaming for Apache Kafka (MSK) diff --git a/queries/aws_msk_cluster_4.yaml b/queries/aws_msk_cluster_4.yaml index 0de450604..978da7e64 100755 --- a/queries/aws_msk_cluster_4.yaml +++ b/queries/aws_msk_cluster_4.yaml @@ -1,7 +1,7 @@ ID: aws_msk_cluster_4 Title: "List all AWS MSK Clusters with Unencrypted Data" Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_msk_cluster_4.yaml.bak b/queries/aws_msk_cluster_4.yaml.bak new file mode 100755 index 000000000..0de450604 --- /dev/null +++ b/queries/aws_msk_cluster_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_msk_cluster_4 +Title: "List all AWS MSK Clusters with Unencrypted Data" +Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + cluster_name, + state, + creation_time + from + aws_msk_cluster + where + provisioned -> 'EncryptionInfo' -> 'EncryptionAtRest' is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Managed Streaming for Apache Kafka (MSK) diff --git a/queries/aws_msk_cluster_5.yaml b/queries/aws_msk_cluster_5.yaml index b6c4d8727..6c7b83079 100755 --- a/queries/aws_msk_cluster_5.yaml +++ b/queries/aws_msk_cluster_5.yaml @@ -1,7 +1,7 @@ ID: aws_msk_cluster_5 Title: "List All AWS MSK Clusters with Specific Encryption State" Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_msk_cluster_5.yaml.bak b/queries/aws_msk_cluster_5.yaml.bak new file mode 100755 index 000000000..b6c4d8727 --- /dev/null +++ b/queries/aws_msk_cluster_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_msk_cluster_5 +Title: "List All AWS MSK Clusters with Specific Encryption State" +Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + cluster_name, + state, + creation_time + from + aws_msk_cluster + where + provisioned -> 'EncryptionInfo' -> 'EncryptionInTransit' is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Managed Streaming for Apache Kafka diff --git a/queries/aws_msk_cluster_6.yaml b/queries/aws_msk_cluster_6.yaml index 0e204c8b5..8b23bfac4 100755 --- a/queries/aws_msk_cluster_6.yaml +++ b/queries/aws_msk_cluster_6.yaml @@ -1,7 +1,7 @@ ID: aws_msk_cluster_6 Title: "List all AWS MSK Clusters with Missing Logging Info" Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_msk_cluster_6.yaml.bak b/queries/aws_msk_cluster_6.yaml.bak new file mode 100755 index 000000000..0e204c8b5 --- /dev/null +++ b/queries/aws_msk_cluster_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_msk_cluster_6 +Title: "List all AWS MSK Clusters with Missing Logging Info" +Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + cluster_name, + state, + creation_time + from + aws_msk_cluster + where + provisioned -> 'LoggingInfo' is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Managed Streaming for Apache Kafka diff --git a/queries/aws_msk_cluster_7.yaml b/queries/aws_msk_cluster_7.yaml index 59cdd8b61..2b3e1a536 100755 --- a/queries/aws_msk_cluster_7.yaml +++ b/queries/aws_msk_cluster_7.yaml @@ -1,7 +1,7 @@ ID: aws_msk_cluster_7 Title: "Find Total Storage of AWS MSK Clusters" Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_msk_cluster_7.yaml.bak b/queries/aws_msk_cluster_7.yaml.bak new file mode 100755 index 000000000..59cdd8b61 --- /dev/null +++ b/queries/aws_msk_cluster_7.yaml.bak @@ -0,0 +1,22 @@ +ID: aws_msk_cluster_7 +Title: "Find Total Storage of AWS MSK Clusters" +Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + sum((provisioned -> 'BrokerNodeGroupInfo' -> 'StorageInfo' -> 'EbsStorageInfo' ->> 'VolumeSize')::int) as total_storage + from + aws_msk_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Managed Streaming for Apache Kafka diff --git a/queries/aws_msk_serverless_cluster_1.yaml b/queries/aws_msk_serverless_cluster_1.yaml index 803f253e4..a4d4b4058 100755 --- a/queries/aws_msk_serverless_cluster_1.yaml +++ b/queries/aws_msk_serverless_cluster_1.yaml @@ -1,7 +1,7 @@ ID: aws_msk_serverless_cluster_1 Title: "List AWS MSK Serverless Clusters with Detailed Info" Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_msk_serverless_cluster_1.yaml.bak b/queries/aws_msk_serverless_cluster_1.yaml.bak new file mode 100755 index 000000000..803f253e4 --- /dev/null +++ b/queries/aws_msk_serverless_cluster_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_msk_serverless_cluster_1 +Title: "List AWS MSK Serverless Clusters with Detailed Info" +Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + cluster_name, + state, + cluster_type, + creation_time, + current_version, + region, + tags + from + aws_msk_serverless_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Managed Streaming for Kafka (MSK) diff --git a/queries/aws_msk_serverless_cluster_2.yaml b/queries/aws_msk_serverless_cluster_2.yaml index 96562fdc3..bd673663d 100755 --- a/queries/aws_msk_serverless_cluster_2.yaml +++ b/queries/aws_msk_serverless_cluster_2.yaml @@ -1,7 +1,7 @@ ID: aws_msk_serverless_cluster_2 Title: "List all AWS MSK Serverless Clusters Using SQL" Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_msk_serverless_cluster_2.yaml.bak b/queries/aws_msk_serverless_cluster_2.yaml.bak new file mode 100755 index 000000000..96562fdc3 --- /dev/null +++ b/queries/aws_msk_serverless_cluster_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_msk_serverless_cluster_2 +Title: "List all AWS MSK Serverless Clusters Using SQL" +Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + cluster_name, + state, + creation_time + from + aws_msk_serverless_cluster + where + state <> 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - MSK diff --git a/queries/aws_msk_serverless_cluster_3.yaml b/queries/aws_msk_serverless_cluster_3.yaml index bac855459..a7f2b769f 100755 --- a/queries/aws_msk_serverless_cluster_3.yaml +++ b/queries/aws_msk_serverless_cluster_3.yaml @@ -1,7 +1,7 @@ ID: aws_msk_serverless_cluster_3 Title: "List all AWS MSK Serverless Clusters with Details" Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_msk_serverless_cluster_3.yaml.bak b/queries/aws_msk_serverless_cluster_3.yaml.bak new file mode 100755 index 000000000..bac855459 --- /dev/null +++ b/queries/aws_msk_serverless_cluster_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_msk_serverless_cluster_3 +Title: "List all AWS MSK Serverless Clusters with Details" +Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + cluster_name, + state, + creation_time + from + aws_msk_serverless_cluster + where + creation_time >= (current_date - interval '90' day) + order by + creation_time; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon MSK diff --git a/queries/aws_msk_serverless_cluster_4.yaml b/queries/aws_msk_serverless_cluster_4.yaml index e533129ca..02db8adce 100755 --- a/queries/aws_msk_serverless_cluster_4.yaml +++ b/queries/aws_msk_serverless_cluster_4.yaml @@ -1,7 +1,7 @@ ID: aws_msk_serverless_cluster_4 Title: "Find all AWS MSK Serverless Cluster details" Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_msk_serverless_cluster_4.yaml.bak b/queries/aws_msk_serverless_cluster_4.yaml.bak new file mode 100755 index 000000000..e533129ca --- /dev/null +++ b/queries/aws_msk_serverless_cluster_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_msk_serverless_cluster_4 +Title: "Find all AWS MSK Serverless Cluster details" +Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + cluster_name, + state, + vpc ->> 'SubnetIds' as subnet_ids, + vpc ->> 'SecurityGroupIds' as security_group_ids + from + aws_msk_serverless_cluster, + jsonb_array_elements(serverless -> 'VpcConfigs') as vpc + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Managed Streaming for Kafka (MSK) Serverless diff --git a/queries/aws_msk_serverless_cluster_5.yaml b/queries/aws_msk_serverless_cluster_5.yaml index 20166aa7b..281508a37 100755 --- a/queries/aws_msk_serverless_cluster_5.yaml +++ b/queries/aws_msk_serverless_cluster_5.yaml @@ -1,7 +1,7 @@ ID: aws_msk_serverless_cluster_5 Title: "Find AWS MSK Serverless Clusters with Specific Client Auth" Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_msk_serverless_cluster_5.yaml.bak b/queries/aws_msk_serverless_cluster_5.yaml.bak new file mode 100755 index 000000000..20166aa7b --- /dev/null +++ b/queries/aws_msk_serverless_cluster_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_msk_serverless_cluster_5 +Title: "Find AWS MSK Serverless Clusters with Specific Client Auth" +Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + cluster_name, + state, + serverless -> 'ClientAuthentication' as client_authentication + from + aws_msk_serverless_cluster + where + (serverless -> 'ClientAuthentication' -> 'Sasl' -> 'Iam' ->> 'Enabled')::boolean = false; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Managed Streaming for Kafka (MSK) diff --git a/queries/aws_neptune_db_cluster_1.yaml b/queries/aws_neptune_db_cluster_1.yaml index 60c913242..3639ef2d5 100755 --- a/queries/aws_neptune_db_cluster_1.yaml +++ b/queries/aws_neptune_db_cluster_1.yaml @@ -1,7 +1,7 @@ ID: aws_neptune_db_cluster_1 Title: "List all configurations and status of Neptune DB Clusters" Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_neptune_db_cluster_1.yaml.bak b/queries/aws_neptune_db_cluster_1.yaml.bak new file mode 100755 index 000000000..60c913242 --- /dev/null +++ b/queries/aws_neptune_db_cluster_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_neptune_db_cluster_1 +Title: "List all configurations and status of Neptune DB Clusters" +Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + allocated_storage, + kms_key_id + from + aws_neptune_db_cluster + where + kms_key_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Neptune diff --git a/queries/aws_neptune_db_cluster_2.yaml b/queries/aws_neptune_db_cluster_2.yaml index a097e23fd..bf8d0c3cf 100755 --- a/queries/aws_neptune_db_cluster_2.yaml +++ b/queries/aws_neptune_db_cluster_2.yaml @@ -1,7 +1,7 @@ ID: aws_neptune_db_cluster_2 Title: "List all Amazon Neptune DB clusters and their configurations" Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_neptune_db_cluster_2.yaml.bak b/queries/aws_neptune_db_cluster_2.yaml.bak new file mode 100755 index 000000000..a097e23fd --- /dev/null +++ b/queries/aws_neptune_db_cluster_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_neptune_db_cluster_2 +Title: "List all Amazon Neptune DB clusters and their configurations" +Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + backup_retention_period + from + aws_neptune_db_cluster + where + backup_retention_period > 7; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Neptune diff --git a/queries/aws_neptune_db_cluster_3.yaml b/queries/aws_neptune_db_cluster_3.yaml index bac24be17..61f1a7ae0 100755 --- a/queries/aws_neptune_db_cluster_3.yaml +++ b/queries/aws_neptune_db_cluster_3.yaml @@ -1,7 +1,7 @@ ID: aws_neptune_db_cluster_3 Title: "List all Amazon Neptune DB Clusters and Their Details" Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_neptune_db_cluster_3.yaml.bak b/queries/aws_neptune_db_cluster_3.yaml.bak new file mode 100755 index 000000000..61f1a7ae0 --- /dev/null +++ b/queries/aws_neptune_db_cluster_3.yaml.bak @@ -0,0 +1,23 @@ +ID: aws_neptune_db_cluster_3 +Title: "List all Amazon Neptune DB Clusters and Their Details" +Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + jsonb_array_length(availability_zones) availability_zones_count + from + aws_neptune_db_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Neptune diff --git a/queries/aws_neptune_db_cluster_3.yaml.bak.bak b/queries/aws_neptune_db_cluster_3.yaml.bak.bak new file mode 100755 index 000000000..61f1a7ae0 --- /dev/null +++ b/queries/aws_neptune_db_cluster_3.yaml.bak.bak @@ -0,0 +1,23 @@ +ID: aws_neptune_db_cluster_3 +Title: "List all Amazon Neptune DB Clusters and Their Details" +Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + jsonb_array_length(availability_zones) availability_zones_count + from + aws_neptune_db_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Neptune diff --git a/queries/aws_neptune_db_cluster_4.yaml b/queries/aws_neptune_db_cluster_4.yaml index 4ed5d4d5d..031e84639 100755 --- a/queries/aws_neptune_db_cluster_4.yaml +++ b/queries/aws_neptune_db_cluster_4.yaml @@ -1,7 +1,7 @@ ID: aws_neptune_db_cluster_4 Title: "Find Amazon Neptune DB Clusters including configuration & status" Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_neptune_db_cluster_4.yaml.bak b/queries/aws_neptune_db_cluster_4.yaml.bak new file mode 100755 index 000000000..4ed5d4d5d --- /dev/null +++ b/queries/aws_neptune_db_cluster_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_neptune_db_cluster_4 +Title: "Find Amazon Neptune DB Clusters including configuration & status" +Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + member ->> 'DBClusterParameterGroupStatus' as db_cluster_parameter_group_status, + member ->> 'DBInstanceIdentifier' as db_instance_identifier, + member ->> 'IsClusterWriter' as is_cluster_writer, + member ->> 'PromotionTier' as promotion_tier + from + aws_neptune_db_cluster + cross join jsonb_array_elements(db_cluster_members) as member; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Neptune DB diff --git a/queries/aws_neptune_db_cluster_snapshot_1.yaml b/queries/aws_neptune_db_cluster_snapshot_1.yaml index 6ebb7798c..6d4569b28 100755 --- a/queries/aws_neptune_db_cluster_snapshot_1.yaml +++ b/queries/aws_neptune_db_cluster_snapshot_1.yaml @@ -1,7 +1,7 @@ ID: aws_neptune_db_cluster_snapshot_1 Title: "List all AWS Neptune DB Cluster Snapshots for metadata" Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_neptune_db_cluster_snapshot_1.yaml.bak b/queries/aws_neptune_db_cluster_snapshot_1.yaml.bak new file mode 100755 index 000000000..6ebb7798c --- /dev/null +++ b/queries/aws_neptune_db_cluster_snapshot_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_neptune_db_cluster_snapshot_1 +Title: "List all AWS Neptune DB Cluster Snapshots for metadata" +Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_snapshot_identifier, + snapshot_type, + storage_encrypted + from + aws_neptune_db_cluster_snapshot + where + not storage_encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Neptune diff --git a/queries/aws_neptune_db_cluster_snapshot_2.yaml b/queries/aws_neptune_db_cluster_snapshot_2.yaml index 34c2b74f7..c8a9c0947 100755 --- a/queries/aws_neptune_db_cluster_snapshot_2.yaml +++ b/queries/aws_neptune_db_cluster_snapshot_2.yaml @@ -1,7 +1,7 @@ ID: aws_neptune_db_cluster_snapshot_2 Title: "Find all AWS Neptune DB Cluster Snapshots with metadata" Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_neptune_db_cluster_snapshot_2.yaml.bak b/queries/aws_neptune_db_cluster_snapshot_2.yaml.bak new file mode 100755 index 000000000..34c2b74f7 --- /dev/null +++ b/queries/aws_neptune_db_cluster_snapshot_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_neptune_db_cluster_snapshot_2 +Title: "Find all AWS Neptune DB Cluster Snapshots with metadata" +Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_snapshot_identifier, + cluster_create_time, + engine, + engine_version, + license_model + from + aws_neptune_db_cluster_snapshot; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Neptune diff --git a/queries/aws_neptune_db_cluster_snapshot_3.yaml b/queries/aws_neptune_db_cluster_snapshot_3.yaml index 6d2d6a6ae..0c8fe6f9f 100755 --- a/queries/aws_neptune_db_cluster_snapshot_3.yaml +++ b/queries/aws_neptune_db_cluster_snapshot_3.yaml @@ -1,7 +1,7 @@ ID: aws_neptune_db_cluster_snapshot_3 Title: "List all AWS Neptune DB Cluster Snapshots and Counts" Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_neptune_db_cluster_snapshot_3.yaml.bak b/queries/aws_neptune_db_cluster_snapshot_3.yaml.bak new file mode 100755 index 000000000..6d2d6a6ae --- /dev/null +++ b/queries/aws_neptune_db_cluster_snapshot_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_neptune_db_cluster_snapshot_3 +Title: "List all AWS Neptune DB Cluster Snapshots and Counts" +Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + count(db_cluster_snapshot_identifier) snapshot_count + from + aws_neptune_db_cluster_snapshot + group by + db_cluster_identifier; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Neptune diff --git a/queries/aws_neptune_db_cluster_snapshot_4.yaml b/queries/aws_neptune_db_cluster_snapshot_4.yaml index a9895a129..884b0d9ea 100755 --- a/queries/aws_neptune_db_cluster_snapshot_4.yaml +++ b/queries/aws_neptune_db_cluster_snapshot_4.yaml @@ -1,7 +1,7 @@ ID: aws_neptune_db_cluster_snapshot_4 Title: "Find all AWS Neptune DB Cluster Snapshot details" Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_neptune_db_cluster_snapshot_4.yaml.bak b/queries/aws_neptune_db_cluster_snapshot_4.yaml.bak new file mode 100755 index 000000000..a9895a129 --- /dev/null +++ b/queries/aws_neptune_db_cluster_snapshot_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_neptune_db_cluster_snapshot_4 +Title: "Find all AWS Neptune DB Cluster Snapshot details" +Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_snapshot_identifier, + engine, + snapshot_type + from + aws_neptune_db_cluster_snapshot, + jsonb_array_elements(db_cluster_snapshot_attributes) as cluster_snapshot + where + cluster_snapshot -> 'AttributeValues' = '["all"]'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Neptune DB diff --git a/queries/aws_networkfirewall_firewall_1.yaml b/queries/aws_networkfirewall_firewall_1.yaml index 3a9e4d897..c8d09a349 100755 --- a/queries/aws_networkfirewall_firewall_1.yaml +++ b/queries/aws_networkfirewall_firewall_1.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_1 Title: "Find all AWS Network Firewall properties and settings" Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_1.yaml.bak b/queries/aws_networkfirewall_firewall_1.yaml.bak new file mode 100755 index 000000000..3a9e4d897 --- /dev/null +++ b/queries/aws_networkfirewall_firewall_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_networkfirewall_firewall_1 +Title: "Find all AWS Network Firewall properties and settings" +Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name, + description, + vpc_id, + policy_arn, + region, + tags + from + aws_networkfirewall_firewall; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_2.yaml b/queries/aws_networkfirewall_firewall_2.yaml index d5e3be85c..4cee93166 100755 --- a/queries/aws_networkfirewall_firewall_2.yaml +++ b/queries/aws_networkfirewall_firewall_2.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_2 Title: "Find AWS Network Firewall details including encryption" Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_2.yaml.bak b/queries/aws_networkfirewall_firewall_2.yaml.bak new file mode 100755 index 000000000..d5e3be85c --- /dev/null +++ b/queries/aws_networkfirewall_firewall_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_networkfirewall_firewall_2 +Title: "Find AWS Network Firewall details including encryption" +Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name, + description, + encryption_configuration + from + aws_networkfirewall_firewall + where + encryption_configuration ->> 'Type' = `AWS_OWNED_KMS_KEY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_3.yaml b/queries/aws_networkfirewall_firewall_3.yaml index d77669fe2..471cf5a39 100755 --- a/queries/aws_networkfirewall_firewall_3.yaml +++ b/queries/aws_networkfirewall_firewall_3.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_3 Title: "Find AWS Network Firewalls for Properties and Settings" Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_3.yaml.bak b/queries/aws_networkfirewall_firewall_3.yaml.bak new file mode 100755 index 000000000..d77669fe2 --- /dev/null +++ b/queries/aws_networkfirewall_firewall_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_networkfirewall_firewall_3 +Title: "Find AWS Network Firewalls for Properties and Settings" +Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name, + description, + vpc_id + from + aws_networkfirewall_firewall + where + not delete_protection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Network Firewall diff --git a/queries/aws_networkfirewall_firewall_4.yaml b/queries/aws_networkfirewall_firewall_4.yaml index 77198bc57..b8e738ace 100755 --- a/queries/aws_networkfirewall_firewall_4.yaml +++ b/queries/aws_networkfirewall_firewall_4.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_4 Title: "Find All AWS Network Firewalls with Details" Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_4.yaml.bak b/queries/aws_networkfirewall_firewall_4.yaml.bak new file mode 100755 index 000000000..77198bc57 --- /dev/null +++ b/queries/aws_networkfirewall_firewall_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_networkfirewall_firewall_4 +Title: "Find All AWS Network Firewalls with Details" +Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name, + description, + vpc_id + from + aws_networkfirewall_firewall + where + not policy_change_protection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewalls diff --git a/queries/aws_networkfirewall_firewall_5.yaml b/queries/aws_networkfirewall_firewall_5.yaml index 2f44c36e8..43643af19 100755 --- a/queries/aws_networkfirewall_firewall_5.yaml +++ b/queries/aws_networkfirewall_firewall_5.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_5 Title: "Find AWS Network Firewall Properties and Settings" Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_5.yaml.bak b/queries/aws_networkfirewall_firewall_5.yaml.bak new file mode 100755 index 000000000..2f44c36e8 --- /dev/null +++ b/queries/aws_networkfirewall_firewall_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_networkfirewall_firewall_5 +Title: "Find AWS Network Firewall Properties and Settings" +Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name, + description, + vpc_id + from + aws_networkfirewall_firewall + where + not subnet_change_protection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_6.yaml b/queries/aws_networkfirewall_firewall_6.yaml index 7caaa0cfc..27e60e4ef 100755 --- a/queries/aws_networkfirewall_firewall_6.yaml +++ b/queries/aws_networkfirewall_firewall_6.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_6 Title: "List AWS Network Firewall properties and settings" Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_6.yaml.bak b/queries/aws_networkfirewall_firewall_6.yaml.bak new file mode 100755 index 000000000..7caaa0cfc --- /dev/null +++ b/queries/aws_networkfirewall_firewall_6.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_networkfirewall_firewall_6 +Title: "List AWS Network Firewall properties and settings" +Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + f.arn, + f.name, + f.vpc_id, + s ->> 'SubnetId' as subnet_id, + cidr_block, + availability_zone, + default_for_az + from + aws_networkfirewall_firewall f, + jsonb_array_elements(subnet_mappings) s, + aws_vpc_subnet vs + where + vs.subnet_id = s ->> 'SubnetId'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_7.yaml b/queries/aws_networkfirewall_firewall_7.yaml index ede717d10..62099048e 100755 --- a/queries/aws_networkfirewall_firewall_7.yaml +++ b/queries/aws_networkfirewall_firewall_7.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_7 Title: "Find details of AWS Network Firewalls properties and settings" Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_7.yaml.bak b/queries/aws_networkfirewall_firewall_7.yaml.bak new file mode 100755 index 000000000..ede717d10 --- /dev/null +++ b/queries/aws_networkfirewall_firewall_7.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_networkfirewall_firewall_7 +Title: "Find details of AWS Network Firewalls properties and settings" +Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + f.arn, + f.name, + f.vpc_id, + k.arn as key_arn, + key_rotation_enabled + from + aws_networkfirewall_firewall f, + aws_kms_key k + where + k.id = encryption_configuration ->> 'KeyId' + and not f.encryption_configuration ->> 'Type' = `AWS_OWNED_KMS_KEY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_8.yaml b/queries/aws_networkfirewall_firewall_8.yaml index d6dcef783..e7d88f5d5 100755 --- a/queries/aws_networkfirewall_firewall_8.yaml +++ b/queries/aws_networkfirewall_firewall_8.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_8 Title: "List all AWS Network Firewalls and Logging configurations" Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_8.yaml.bak b/queries/aws_networkfirewall_firewall_8.yaml.bak new file mode 100755 index 000000000..d6dcef783 --- /dev/null +++ b/queries/aws_networkfirewall_firewall_8.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_networkfirewall_firewall_8 +Title: "List all AWS Network Firewalls and Logging configurations" +Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + l -> 'LogDestination' as log_destination, + l ->> 'LogDestinationType' as log_destination_type, + l ->> 'LogType' as log_type + from + aws_networkfirewall_firewall, + jsonb_array_elements(logging_configuration) as l; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_policy_1.yaml b/queries/aws_networkfirewall_firewall_policy_1.yaml index 10b9f6831..b9f940997 100755 --- a/queries/aws_networkfirewall_firewall_policy_1.yaml +++ b/queries/aws_networkfirewall_firewall_policy_1.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_policy_1 Title: "" Description: "" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_policy_1.yaml.bak b/queries/aws_networkfirewall_firewall_policy_1.yaml.bak new file mode 100755 index 000000000..10b9f6831 --- /dev/null +++ b/queries/aws_networkfirewall_firewall_policy_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_networkfirewall_firewall_policy_1 +Title: "" +Description: "" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name, + description, + firewall_policy_status, + region, + tags + from + aws_networkfirewall_firewall_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_policy_2.yaml b/queries/aws_networkfirewall_firewall_policy_2.yaml index 1669937e4..c68407d96 100755 --- a/queries/aws_networkfirewall_firewall_policy_2.yaml +++ b/queries/aws_networkfirewall_firewall_policy_2.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_policy_2 Title: "" Description: "" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_policy_2.yaml.bak b/queries/aws_networkfirewall_firewall_policy_2.yaml.bak new file mode 100755 index 000000000..1669937e4 --- /dev/null +++ b/queries/aws_networkfirewall_firewall_policy_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_networkfirewall_firewall_policy_2 +Title: "" +Description: "" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name, + description, + firewall_policy_status, + encryption_configuration + from + aws_networkfirewall_firewall_policy + where + encryption_configuration ->> 'Type' = `aws_OWNED_KMS_KEY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_policy_3.yaml b/queries/aws_networkfirewall_firewall_policy_3.yaml index 03be54f2b..4a5049ca0 100755 --- a/queries/aws_networkfirewall_firewall_policy_3.yaml +++ b/queries/aws_networkfirewall_firewall_policy_3.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_policy_3 Title: "" Description: "" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_policy_3.yaml.bak b/queries/aws_networkfirewall_firewall_policy_3.yaml.bak new file mode 100755 index 000000000..03be54f2b --- /dev/null +++ b/queries/aws_networkfirewall_firewall_policy_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_networkfirewall_firewall_policy_3 +Title: "" +Description: "" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name, + description, + firewall_policy_status, + region, + tags + from + aws_networkfirewall_firewall_policy + where + firewall_policy_status != 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_policy_4.yaml b/queries/aws_networkfirewall_firewall_policy_4.yaml index 8ffea0e03..e63eb7845 100755 --- a/queries/aws_networkfirewall_firewall_policy_4.yaml +++ b/queries/aws_networkfirewall_firewall_policy_4.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_policy_4 Title: "" Description: "" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_policy_4.yaml.bak b/queries/aws_networkfirewall_firewall_policy_4.yaml.bak new file mode 100755 index 000000000..8ffea0e03 --- /dev/null +++ b/queries/aws_networkfirewall_firewall_policy_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_networkfirewall_firewall_policy_4 +Title: "" +Description: "" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name as firewall_policy_name, + firewall_policy_status, + firewall_policy -> 'StatefulDefaultActions' as stateful_default_actions, + firewall_policy -> 'StatefulRuleGroupReferences' as stateful_rule_group_references + from + aws_networkfirewall_firewall_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_policy_5.yaml b/queries/aws_networkfirewall_firewall_policy_5.yaml index fc79eaae9..f770bb033 100755 --- a/queries/aws_networkfirewall_firewall_policy_5.yaml +++ b/queries/aws_networkfirewall_firewall_policy_5.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_policy_5 Title: "" Description: "" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_policy_5.yaml.bak b/queries/aws_networkfirewall_firewall_policy_5.yaml.bak new file mode 100755 index 000000000..f770bb033 --- /dev/null +++ b/queries/aws_networkfirewall_firewall_policy_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_networkfirewall_firewall_policy_5 +Title: "" +Description: "" +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name as firewall_policy_name, + firewall_policy_status, + firewall_policy -> 'StatelessDefaultActions' as stateless_default_actions, + firewall_policy -> 'StatelessRuleGroupReferences' as stateless_rule_group_references + from + aws_networkfirewall_firewall_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - NetworkFirewall diff --git a/queries/aws_networkfirewall_firewall_policy_5.yaml.bak.bak b/queries/aws_networkfirewall_firewall_policy_5.yaml.bak.bak new file mode 100755 index 000000000..f770bb033 --- /dev/null +++ b/queries/aws_networkfirewall_firewall_policy_5.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_networkfirewall_firewall_policy_5 +Title: "" +Description: "" +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name as firewall_policy_name, + firewall_policy_status, + firewall_policy -> 'StatelessDefaultActions' as stateless_default_actions, + firewall_policy -> 'StatelessRuleGroupReferences' as stateless_rule_group_references + from + aws_networkfirewall_firewall_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - NetworkFirewall diff --git a/queries/aws_networkfirewall_firewall_policy_6.yaml b/queries/aws_networkfirewall_firewall_policy_6.yaml index adf8e4838..c95a74dd2 100755 --- a/queries/aws_networkfirewall_firewall_policy_6.yaml +++ b/queries/aws_networkfirewall_firewall_policy_6.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_policy_6 Title: "" Description: "" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_policy_6.yaml.bak b/queries/aws_networkfirewall_firewall_policy_6.yaml.bak new file mode 100755 index 000000000..adf8e4838 --- /dev/null +++ b/queries/aws_networkfirewall_firewall_policy_6.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_networkfirewall_firewall_policy_6 +Title: "" +Description: "" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name as firewall_policy_name, + firewall_policy_status, + firewall_policy -> 'StatelessFragmentDefaultActions' as stateless_default_actions, + firewall_policy -> 'StatelessRuleGroupReferences' as stateless_rule_group_references + from + aws_networkfirewall_firewall_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws diff --git a/queries/aws_networkfirewall_firewall_policy_7.yaml b/queries/aws_networkfirewall_firewall_policy_7.yaml index 8b6fe5324..78ced473a 100755 --- a/queries/aws_networkfirewall_firewall_policy_7.yaml +++ b/queries/aws_networkfirewall_firewall_policy_7.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_firewall_policy_7 Title: "" Description: "" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_firewall_policy_7.yaml.bak b/queries/aws_networkfirewall_firewall_policy_7.yaml.bak new file mode 100755 index 000000000..8b6fe5324 --- /dev/null +++ b/queries/aws_networkfirewall_firewall_policy_7.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_networkfirewall_firewall_policy_7 +Title: "" +Description: "" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + name as firewall_policy_name, + firewall_policy_status, + firewall_policy -> 'StatelessRuleGroupReferences' ->> 'ActionName' as custom_action_name, + firewall_policy -> 'StatelessRuleGroupReferences' ->> 'ActionDefinition' as custom_action_definition + from + aws_networkfirewall_firewall_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_rule_group_1.yaml b/queries/aws_networkfirewall_rule_group_1.yaml index 460633658..6d9d554d8 100755 --- a/queries/aws_networkfirewall_rule_group_1.yaml +++ b/queries/aws_networkfirewall_rule_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_rule_group_1 Title: "Find AWS Network Firewall Rule Group Details" Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_rule_group_1.yaml.bak b/queries/aws_networkfirewall_rule_group_1.yaml.bak new file mode 100755 index 000000000..460633658 --- /dev/null +++ b/queries/aws_networkfirewall_rule_group_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_networkfirewall_rule_group_1 +Title: "Find AWS Network Firewall Rule Group Details" +Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + rule_group_name, + rule_group_status, + type, + jsonb_pretty(rules_source) as rules_source + from + aws_networkfirewall_rule_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_rule_group_2.yaml b/queries/aws_networkfirewall_rule_group_2.yaml index 8ba6665c8..c66ca9850 100755 --- a/queries/aws_networkfirewall_rule_group_2.yaml +++ b/queries/aws_networkfirewall_rule_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_rule_group_2 Title: "Find AWS Network Firewall Rule Group Details" Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_rule_group_2.yaml.bak b/queries/aws_networkfirewall_rule_group_2.yaml.bak new file mode 100755 index 000000000..8ba6665c8 --- /dev/null +++ b/queries/aws_networkfirewall_rule_group_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_networkfirewall_rule_group_2 +Title: "Find AWS Network Firewall Rule Group Details" +Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + rule_group_name, + rule_group_status + from + aws_networkfirewall_rule_group + where + number_of_associations = 0; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_rule_group_3.yaml b/queries/aws_networkfirewall_rule_group_3.yaml index f51d1874c..3dbf3fba0 100755 --- a/queries/aws_networkfirewall_rule_group_3.yaml +++ b/queries/aws_networkfirewall_rule_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_rule_group_3 Title: "Find AWS Network Firewall Rule Group Details" Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_rule_group_3.yaml.bak b/queries/aws_networkfirewall_rule_group_3.yaml.bak new file mode 100755 index 000000000..f51d1874c --- /dev/null +++ b/queries/aws_networkfirewall_rule_group_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_networkfirewall_rule_group_3 +Title: "Find AWS Network Firewall Rule Group Details" +Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + rule_group_name, + rule_group_status, + jsonb_pretty(rules_source -> 'StatefulRules') as stateful_rules, + jsonb_pretty(rule_variables) as rule_variables, + stateful_rule_options + from + aws_networkfirewall_rule_group + where + type = 'STATEFUL'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_rule_group_4.yaml b/queries/aws_networkfirewall_rule_group_4.yaml index 382ed0d36..bd4e087c8 100755 --- a/queries/aws_networkfirewall_rule_group_4.yaml +++ b/queries/aws_networkfirewall_rule_group_4.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_rule_group_4 Title: "List all AWS Network Firewall Rule Group Details" Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_rule_group_4.yaml.bak b/queries/aws_networkfirewall_rule_group_4.yaml.bak new file mode 100755 index 000000000..382ed0d36 --- /dev/null +++ b/queries/aws_networkfirewall_rule_group_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_networkfirewall_rule_group_4 +Title: "List all AWS Network Firewall Rule Group Details" +Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + rule_group_name, + rule_group_status, + jsonb_pretty(rules_source -> 'StatelessRulesAndCustomActions' -> 'StatelessRules') as stateless_rules, + jsonb_pretty(rules_source -> 'StatelessRulesAndCustomActions' -> 'CustomActions') as custom_actions + from + aws_networkfirewall_rule_group + where + type = 'STATELESS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_networkfirewall_rule_group_5.yaml b/queries/aws_networkfirewall_rule_group_5.yaml index e5b46c626..af1feb70d 100755 --- a/queries/aws_networkfirewall_rule_group_5.yaml +++ b/queries/aws_networkfirewall_rule_group_5.yaml @@ -1,7 +1,7 @@ ID: aws_networkfirewall_rule_group_5 Title: "List AWS Network Firewall Rule Group Details" Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_networkfirewall_rule_group_5.yaml.bak b/queries/aws_networkfirewall_rule_group_5.yaml.bak new file mode 100755 index 000000000..e5b46c626 --- /dev/null +++ b/queries/aws_networkfirewall_rule_group_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_networkfirewall_rule_group_5 +Title: "List AWS Network Firewall Rule Group Details" +Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + rule_group_name, + rule_group_status, + number_of_associations + from + aws_networkfirewall_rule_group + where + type = 'STATELESS' and jsonb_array_length(rules_source -> 'StatelessRulesAndCustomActions' -> 'StatelessRules') = 0 + or type = 'STATEFUL' and jsonb_array_length(rules_source -> 'StatefulRules') = 0; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Network Firewall diff --git a/queries/aws_oam_link_1.yaml b/queries/aws_oam_link_1.yaml index a302083c3..30528e9ac 100755 --- a/queries/aws_oam_link_1.yaml +++ b/queries/aws_oam_link_1.yaml @@ -1,7 +1,7 @@ ID: aws_oam_link_1 Title: "List all AWS OAM resource links" Description: "Allows users to query AWS OAM Links to gather information about the link between an AWS resource and an AWS OAM resource." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_oam_link_1.yaml.bak b/queries/aws_oam_link_1.yaml.bak new file mode 100755 index 000000000..a302083c3 --- /dev/null +++ b/queries/aws_oam_link_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_oam_link_1 +Title: "List all AWS OAM resource links" +Description: "Allows users to query AWS OAM Links to gather information about the link between an AWS resource and an AWS OAM resource." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + sink_arn, + label, + resource_types + from + aws_oam_link; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - OAM diff --git a/queries/aws_oam_link_2.yaml b/queries/aws_oam_link_2.yaml index 346e0301b..e2d885878 100755 --- a/queries/aws_oam_link_2.yaml +++ b/queries/aws_oam_link_2.yaml @@ -1,7 +1,7 @@ ID: aws_oam_link_2 Title: "List all AWS OAM Links and Their Associated Sinks" Description: "Allows users to query AWS OAM Links to gather information about the link between an AWS resource and an AWS OAM resource." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_oam_link_2.yaml.bak b/queries/aws_oam_link_2.yaml.bak new file mode 100755 index 000000000..346e0301b --- /dev/null +++ b/queries/aws_oam_link_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_oam_link_2 +Title: "List all AWS OAM Links and Their Associated Sinks" +Description: "Allows users to query AWS OAM Links to gather information about the link between an AWS resource and an AWS OAM resource." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + l.id, + l.arn, + s.name as sink_name, + l.sink_arn + from + aws_oam_link as l, + aws_oam_sink as s; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - OAM diff --git a/queries/aws_oam_link_3.yaml b/queries/aws_oam_link_3.yaml index 9e581289f..4c7f442f9 100755 --- a/queries/aws_oam_link_3.yaml +++ b/queries/aws_oam_link_3.yaml @@ -1,7 +1,7 @@ ID: aws_oam_link_3 Title: "Find AWS OAM Links Between Resources" Description: "Allows users to query AWS OAM Links to gather information about the link between an AWS resource and an AWS OAM resource." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_oam_link_3.yaml.bak b/queries/aws_oam_link_3.yaml.bak new file mode 100755 index 000000000..9e581289f --- /dev/null +++ b/queries/aws_oam_link_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_oam_link_3 +Title: "Find AWS OAM Links Between Resources" +Description: "Allows users to query AWS OAM Links to gather information about the link between an AWS resource and an AWS OAM resource." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + l.id, + l.arn, + l.label, + l.label_template, + r as resource_type + from + aws_oam_link as l, + jsonb_array_elements_text(resource_types) as r + where + r = 'AWS::Logs::LogGroup'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - OAM diff --git a/queries/aws_oam_sink_1.yaml b/queries/aws_oam_sink_1.yaml index 995bfaeea..53f904eb4 100755 --- a/queries/aws_oam_sink_1.yaml +++ b/queries/aws_oam_sink_1.yaml @@ -1,7 +1,7 @@ ID: aws_oam_sink_1 Title: "Find AWS OAM Sink data for detailed information" Description: "Allows users to query AWS OAM Sink data, providing detailed information about each AWS OAM Sink in your AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_oam_sink_1.yaml.bak b/queries/aws_oam_sink_1.yaml.bak new file mode 100755 index 000000000..53f904eb4 --- /dev/null +++ b/queries/aws_oam_sink_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_oam_sink_1 +Title: "Find AWS OAM Sink data for detailed information" +Description: "Allows users to query AWS OAM Sink data, providing detailed information about each AWS OAM Sink in your AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + tags, + title + from + aws_oam_sink; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - OAM Sink diff --git a/queries/aws_oam_sink_1.yaml.bak.bak b/queries/aws_oam_sink_1.yaml.bak.bak new file mode 100755 index 000000000..53f904eb4 --- /dev/null +++ b/queries/aws_oam_sink_1.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_oam_sink_1 +Title: "Find AWS OAM Sink data for detailed information" +Description: "Allows users to query AWS OAM Sink data, providing detailed information about each AWS OAM Sink in your AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + tags, + title + from + aws_oam_sink; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - OAM Sink diff --git a/queries/aws_oam_sink_2.yaml b/queries/aws_oam_sink_2.yaml index 35416d793..9def58146 100755 --- a/queries/aws_oam_sink_2.yaml +++ b/queries/aws_oam_sink_2.yaml @@ -1,7 +1,7 @@ ID: aws_oam_sink_2 Title: "Find AWS OAM Sink Data with Detailed Information" Description: "Allows users to query AWS OAM Sink data, providing detailed information about each AWS OAM Sink in your AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_oam_sink_2.yaml.bak b/queries/aws_oam_sink_2.yaml.bak new file mode 100755 index 000000000..35416d793 --- /dev/null +++ b/queries/aws_oam_sink_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_oam_sink_2 +Title: "Find AWS OAM Sink Data with Detailed Information" +Description: "Allows users to query AWS OAM Sink data, providing detailed information about each AWS OAM Sink in your AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn + from + aws_oam_sink + where + id = 'hfj44c81-7bdf-3847-r7i3-5dfc61b17483'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS OAM Sink diff --git a/queries/aws_opensearch_domain_1.yaml b/queries/aws_opensearch_domain_1.yaml index 0c2220565..3a00c56bb 100755 --- a/queries/aws_opensearch_domain_1.yaml +++ b/queries/aws_opensearch_domain_1.yaml @@ -1,7 +1,7 @@ ID: aws_opensearch_domain_1 Title: "Find AWS OpenSearch Service Domains Configuration" Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_opensearch_domain_1.yaml.bak b/queries/aws_opensearch_domain_1.yaml.bak new file mode 100755 index 000000000..0c2220565 --- /dev/null +++ b/queries/aws_opensearch_domain_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_opensearch_domain_1 +Title: "Find AWS OpenSearch Service Domains Configuration" +Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + arn, + engine_version, + created + from + aws_opensearch_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - OpenSearch Service diff --git a/queries/aws_opensearch_domain_2.yaml b/queries/aws_opensearch_domain_2.yaml index 0953f8bd1..f09c028ce 100755 --- a/queries/aws_opensearch_domain_2.yaml +++ b/queries/aws_opensearch_domain_2.yaml @@ -1,7 +1,7 @@ ID: aws_opensearch_domain_2 Title: "Find All AWS OpenSearch Service Domains and Their Details" Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_opensearch_domain_2.yaml.bak b/queries/aws_opensearch_domain_2.yaml.bak new file mode 100755 index 000000000..0953f8bd1 --- /dev/null +++ b/queries/aws_opensearch_domain_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_opensearch_domain_2 +Title: "Find All AWS OpenSearch Service Domains and Their Details" +Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + encryption_at_rest_options ->> 'Enabled' as enabled, + encryption_at_rest_options ->> 'KmsKeyId' as kms_key_id + from + aws_opensearch_domain + where + encryption_at_rest_options ->> 'Enabled' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - OpenSearch Service diff --git a/queries/aws_opensearch_domain_3.yaml b/queries/aws_opensearch_domain_3.yaml index 1282bdb8b..a30f16d13 100755 --- a/queries/aws_opensearch_domain_3.yaml +++ b/queries/aws_opensearch_domain_3.yaml @@ -1,7 +1,7 @@ ID: aws_opensearch_domain_3 Title: "List all AWS OpenSearch Service Domains with SQL" Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_opensearch_domain_3.yaml.bak b/queries/aws_opensearch_domain_3.yaml.bak new file mode 100755 index 000000000..1282bdb8b --- /dev/null +++ b/queries/aws_opensearch_domain_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_opensearch_domain_3 +Title: "List all AWS OpenSearch Service Domains with SQL" +Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + ebs_options ->> 'VolumeSize' as volume_size, + ebs_options ->> 'VolumeType' as volume_type, + ebs_options ->> 'EBSEnabled' as ebs_enabled + from + aws_opensearch_domain + where + ebs_options ->> 'EBSEnabled' = 'true'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - OpenSearch Service diff --git a/queries/aws_opensearch_domain_4.yaml b/queries/aws_opensearch_domain_4.yaml index 281e0bbbd..d6239174d 100755 --- a/queries/aws_opensearch_domain_4.yaml +++ b/queries/aws_opensearch_domain_4.yaml @@ -1,7 +1,7 @@ ID: aws_opensearch_domain_4 Title: "List AWS OpenSearch Service Domains and Configurations" Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_opensearch_domain_4.yaml.bak b/queries/aws_opensearch_domain_4.yaml.bak new file mode 100755 index 000000000..281e0bbbd --- /dev/null +++ b/queries/aws_opensearch_domain_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_opensearch_domain_4 +Title: "List AWS OpenSearch Service Domains and Configurations" +Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + vpc_options ->> 'AvailabilityZones' as availability_zones, + vpc_options ->> 'SecurityGroupIds' as security_group_ids, + vpc_options ->> 'SubnetIds' as subnet_ids, + vpc_options ->> 'VPCId' as vpc_id + from + aws_opensearch_domain + where + vpc_options ->> 'AvailabilityZones' is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - OpenSearch Service diff --git a/queries/aws_opensearch_domain_5.yaml b/queries/aws_opensearch_domain_5.yaml index fddd7a51b..fdd2edfad 100755 --- a/queries/aws_opensearch_domain_5.yaml +++ b/queries/aws_opensearch_domain_5.yaml @@ -1,7 +1,7 @@ ID: aws_opensearch_domain_5 Title: "List all AWS OpenSearch Service Domains and Configurations" Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_opensearch_domain_5.yaml.bak b/queries/aws_opensearch_domain_5.yaml.bak new file mode 100755 index 000000000..fddd7a51b --- /dev/null +++ b/queries/aws_opensearch_domain_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_opensearch_domain_5 +Title: "List all AWS OpenSearch Service Domains and Configurations" +Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + cluster_config ->> 'InstanceType' as instance_type, + cluster_config ->> 'InstanceCount' as instance_count + from + aws_opensearch_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - OpenSearch Service diff --git a/queries/aws_opensearch_domain_6.yaml b/queries/aws_opensearch_domain_6.yaml index 7bee730cc..1cf72cde6 100755 --- a/queries/aws_opensearch_domain_6.yaml +++ b/queries/aws_opensearch_domain_6.yaml @@ -1,7 +1,7 @@ ID: aws_opensearch_domain_6 Title: "Find all AWS OpenSearch Service Domains and their details" Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_opensearch_domain_6.yaml.bak b/queries/aws_opensearch_domain_6.yaml.bak new file mode 100755 index 000000000..1cf72cde6 --- /dev/null +++ b/queries/aws_opensearch_domain_6.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_opensearch_domain_6 +Title: "Find all AWS OpenSearch Service Domains and their details" +Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + arn, + engine_version, + created + from + aws_opensearch_domain + where + vpc_options is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - OpenSearch Service diff --git a/queries/aws_opensearch_domain_6.yaml.bak.bak b/queries/aws_opensearch_domain_6.yaml.bak.bak new file mode 100755 index 000000000..1cf72cde6 --- /dev/null +++ b/queries/aws_opensearch_domain_6.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_opensearch_domain_6 +Title: "Find all AWS OpenSearch Service Domains and their details" +Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + arn, + engine_version, + created + from + aws_opensearch_domain + where + vpc_options is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - OpenSearch Service diff --git a/queries/aws_opensearch_domain_7.yaml b/queries/aws_opensearch_domain_7.yaml index 7f831c1ff..e00f1a6f9 100755 --- a/queries/aws_opensearch_domain_7.yaml +++ b/queries/aws_opensearch_domain_7.yaml @@ -1,7 +1,7 @@ ID: aws_opensearch_domain_7 Title: "Find AWS OpenSearch Service Domains Configuration" Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_opensearch_domain_7.yaml.bak b/queries/aws_opensearch_domain_7.yaml.bak new file mode 100755 index 000000000..7f831c1ff --- /dev/null +++ b/queries/aws_opensearch_domain_7.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_opensearch_domain_7 +Title: "Find AWS OpenSearch Service Domains Configuration" +Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + log_publishing_options + from + aws_opensearch_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - OpenSearch Service diff --git a/queries/aws_opensearch_domain_8.yaml b/queries/aws_opensearch_domain_8.yaml index 5b04d6f2c..7b7ec68be 100755 --- a/queries/aws_opensearch_domain_8.yaml +++ b/queries/aws_opensearch_domain_8.yaml @@ -1,7 +1,7 @@ ID: aws_opensearch_domain_8 Title: "List all AWS OpenSearch Service Domain Configurations" Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_opensearch_domain_8.yaml.bak b/queries/aws_opensearch_domain_8.yaml.bak new file mode 100755 index 000000000..5b04d6f2c --- /dev/null +++ b/queries/aws_opensearch_domain_8.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_opensearch_domain_8 +Title: "List all AWS OpenSearch Service Domain Configurations" +Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + domain_id, + log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'Enabled' as enabled, + log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'CloudWatchLogsLogGroupArn' as cloud_watch_logs_log_group_arn + from + aws_opensearch_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - OpenSearch Service diff --git a/queries/aws_organizations_account_1.yaml b/queries/aws_organizations_account_1.yaml index 5de0b8451..d64f88cf7 100755 --- a/queries/aws_organizations_account_1.yaml +++ b/queries/aws_organizations_account_1.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_account_1 Title: "List all AWS Organizations Accounts with Details" Description: "Allows users to query AWS Organizations Account and provides information about each AWS account that is a member of an organization in AWS Organizations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_account_1.yaml.bak b/queries/aws_organizations_account_1.yaml.bak new file mode 100755 index 000000000..5de0b8451 --- /dev/null +++ b/queries/aws_organizations_account_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_organizations_account_1 +Title: "List all AWS Organizations Accounts with Details" +Description: "Allows users to query AWS Organizations Account and provides information about each AWS account that is a member of an organization in AWS Organizations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + arn, + email, + joined_method, + joined_timestamp, + name, + status, + tags + from + aws_organizations_account; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Organizations diff --git a/queries/aws_organizations_account_2.yaml b/queries/aws_organizations_account_2.yaml index ad61b3463..456f79a85 100755 --- a/queries/aws_organizations_account_2.yaml +++ b/queries/aws_organizations_account_2.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_account_2 Title: "List all AWS Organizations Account in Suspended Status" Description: "Allows users to query AWS Organizations Account and provides information about each AWS account that is a member of an organization in AWS Organizations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_account_2.yaml.bak b/queries/aws_organizations_account_2.yaml.bak new file mode 100755 index 000000000..ad61b3463 --- /dev/null +++ b/queries/aws_organizations_account_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_organizations_account_2 +Title: "List all AWS Organizations Account in Suspended Status" +Description: "Allows users to query AWS Organizations Account and provides information about each AWS account that is a member of an organization in AWS Organizations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + arn, + email, + joined_method, + joined_timestamp, + status + from + aws_organizations_account + where + status = 'SUSPENDED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Organizations diff --git a/queries/aws_organizations_organizational_unit_1.yaml b/queries/aws_organizations_organizational_unit_1.yaml index aefd30af2..6cd89361e 100755 --- a/queries/aws_organizations_organizational_unit_1.yaml +++ b/queries/aws_organizations_organizational_unit_1.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_organizational_unit_1 Title: "List all AWS Organization Units with Details" Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_organizational_unit_1.yaml.bak b/queries/aws_organizations_organizational_unit_1.yaml.bak new file mode 100755 index 000000000..aefd30af2 --- /dev/null +++ b/queries/aws_organizations_organizational_unit_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_organizations_organizational_unit_1 +Title: "List all AWS Organization Units with Details" +Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + parent_id, + title, + akas + from + aws_organizations_organizational_unit; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_organizational_unit_2.yaml b/queries/aws_organizations_organizational_unit_2.yaml index 8bb672fea..3ee0041a6 100755 --- a/queries/aws_organizations_organizational_unit_2.yaml +++ b/queries/aws_organizations_organizational_unit_2.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_organizational_unit_2 Title: "List AWS Organizations Organizational Units" Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_organizational_unit_2.yaml.bak b/queries/aws_organizations_organizational_unit_2.yaml.bak new file mode 100755 index 000000000..8bb672fea --- /dev/null +++ b/queries/aws_organizations_organizational_unit_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_organizations_organizational_unit_2 +Title: "List AWS Organizations Organizational Units" +Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + parent_id, + path + from + aws_organizations_organizational_unit + where + path <@ 'r_wxnb.ou_wxnb_m8l8t123'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_organizational_unit_3.yaml b/queries/aws_organizations_organizational_unit_3.yaml index e0e0bf04c..d9f047406 100755 --- a/queries/aws_organizations_organizational_unit_3.yaml +++ b/queries/aws_organizations_organizational_unit_3.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_organizational_unit_3 Title: "Find AWS Organizations Organizational Units using SQL" Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_organizational_unit_3.yaml.bak b/queries/aws_organizations_organizational_unit_3.yaml.bak new file mode 100755 index 000000000..e0e0bf04c --- /dev/null +++ b/queries/aws_organizations_organizational_unit_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_organizations_organizational_unit_3 +Title: "Find AWS Organizations Organizational Units using SQL" +Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + parent_id, + path + from + aws_organizations_organizational_unit + where + nlevel(path) = 3; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_organizational_unit_4.yaml b/queries/aws_organizations_organizational_unit_4.yaml index 313fa0373..4a5eddaec 100755 --- a/queries/aws_organizations_organizational_unit_4.yaml +++ b/queries/aws_organizations_organizational_unit_4.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_organizational_unit_4 Title: "Find all AWS Organizations Organizational Units" Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_organizational_unit_4.yaml.bak b/queries/aws_organizations_organizational_unit_4.yaml.bak new file mode 100755 index 000000000..313fa0373 --- /dev/null +++ b/queries/aws_organizations_organizational_unit_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_organizations_organizational_unit_4 +Title: "Find all AWS Organizations Organizational Units" +Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + parent_id, + path + from + aws_organizations_organizational_unit + where + 'r_wxnb.ou_wxnb_m8l123aq.ou_wxnb_5gri123b' @> path; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_organizational_unit_5.yaml b/queries/aws_organizations_organizational_unit_5.yaml index 615ef05f4..84bdfb992 100755 --- a/queries/aws_organizations_organizational_unit_5.yaml +++ b/queries/aws_organizations_organizational_unit_5.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_organizational_unit_5 Title: "Find all AWS Organizations Organizational Units" Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_organizational_unit_5.yaml.bak b/queries/aws_organizations_organizational_unit_5.yaml.bak new file mode 100755 index 000000000..84bdfb992 --- /dev/null +++ b/queries/aws_organizations_organizational_unit_5.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_organizations_organizational_unit_5 +Title: "Find all AWS Organizations Organizational Units" +Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + parent_id, + path + from + aws_organizations_organizational_unit + where + parent_id = + ( + select + parent_id + from + aws_organizations_organizational_unit + where + name = 'Punisher' + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_organizational_unit_5.yaml.bak.bak b/queries/aws_organizations_organizational_unit_5.yaml.bak.bak new file mode 100755 index 000000000..84bdfb992 --- /dev/null +++ b/queries/aws_organizations_organizational_unit_5.yaml.bak.bak @@ -0,0 +1,35 @@ +ID: aws_organizations_organizational_unit_5 +Title: "Find all AWS Organizations Organizational Units" +Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + parent_id, + path + from + aws_organizations_organizational_unit + where + parent_id = + ( + select + parent_id + from + aws_organizations_organizational_unit + where + name = 'Punisher' + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_organizational_unit_6.yaml b/queries/aws_organizations_organizational_unit_6.yaml index ce9bd62be..b6021c274 100755 --- a/queries/aws_organizations_organizational_unit_6.yaml +++ b/queries/aws_organizations_organizational_unit_6.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_organizational_unit_6 Title: "List AWS Organizations Organizational Units" Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_organizational_unit_6.yaml.bak b/queries/aws_organizations_organizational_unit_6.yaml.bak new file mode 100755 index 000000000..ce9bd62be --- /dev/null +++ b/queries/aws_organizations_organizational_unit_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_organizations_organizational_unit_6 +Title: "List AWS Organizations Organizational Units" +Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + parent_id, + path + from + aws_organizations_organizational_unit + where + path ~ 'r_wxnb.*.ou_wxnb_m81234aq.*'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_policy_1.yaml b/queries/aws_organizations_policy_1.yaml index 6c5946698..bd816c2ba 100755 --- a/queries/aws_organizations_policy_1.yaml +++ b/queries/aws_organizations_policy_1.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_policy_1 Title: "Find AWS Organizations Policy Details with SQL" Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_policy_1.yaml.bak b/queries/aws_organizations_policy_1.yaml.bak new file mode 100755 index 000000000..6c5946698 --- /dev/null +++ b/queries/aws_organizations_policy_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_organizations_policy_1 +Title: "Find AWS Organizations Policy Details with SQL" +Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + type, + aws_managed + from + aws_organizations_policy + where + type = 'SERVICE_CONTROL_POLICY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations Policy diff --git a/queries/aws_organizations_policy_2.yaml b/queries/aws_organizations_policy_2.yaml index c8d63eee6..227614f66 100755 --- a/queries/aws_organizations_policy_2.yaml +++ b/queries/aws_organizations_policy_2.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_policy_2 Title: "List all Tag Policies in AWS Organizations" Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_policy_2.yaml.bak b/queries/aws_organizations_policy_2.yaml.bak new file mode 100755 index 000000000..c8d63eee6 --- /dev/null +++ b/queries/aws_organizations_policy_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_organizations_policy_2 +Title: "List all Tag Policies in AWS Organizations" +Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + arn, + type, + aws_managed + from + aws_organizations_policy + where + not aws_managed + and type = 'TAG_POLICY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_policy_3.yaml b/queries/aws_organizations_policy_3.yaml index b4c78afec..601fe6240 100755 --- a/queries/aws_organizations_policy_3.yaml +++ b/queries/aws_organizations_policy_3.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_policy_3 Title: "Find all AWS Organizations Backup Policies" Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_policy_3.yaml.bak b/queries/aws_organizations_policy_3.yaml.bak new file mode 100755 index 000000000..b4c78afec --- /dev/null +++ b/queries/aws_organizations_policy_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_organizations_policy_3 +Title: "Find all AWS Organizations Backup Policies" +Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + arn, + type, + aws_managed + from + aws_organizations_policy + where + type = 'BACKUP_POLICY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_policy_4.yaml b/queries/aws_organizations_policy_4.yaml index cf42523de..30668148b 100755 --- a/queries/aws_organizations_policy_4.yaml +++ b/queries/aws_organizations_policy_4.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_policy_4 Title: "Find AWS Organizations Policy Details" Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_policy_4.yaml.bak b/queries/aws_organizations_policy_4.yaml.bak new file mode 100755 index 000000000..cf42523de --- /dev/null +++ b/queries/aws_organizations_policy_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_organizations_policy_4 +Title: "Find AWS Organizations Policy Details" +Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + content ->> 'Version' as policy_version, + content ->> 'Statement' as policy_statement + from + aws_organizations_policy + where + type = 'SERVICE_CONTROL_POLICY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_policy_target_1.yaml b/queries/aws_organizations_policy_target_1.yaml index b444f7d37..bb61bb54c 100755 --- a/queries/aws_organizations_policy_target_1.yaml +++ b/queries/aws_organizations_policy_target_1.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_policy_target_1 Title: "List all AWS Organizations Policy Targets and Their Details" Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_policy_target_1.yaml.bak b/queries/aws_organizations_policy_target_1.yaml.bak new file mode 100755 index 000000000..b444f7d37 --- /dev/null +++ b/queries/aws_organizations_policy_target_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_organizations_policy_target_1 +Title: "List all AWS Organizations Policy Targets and Their Details" +Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + type, + aws_managed + from + aws_organizations_policy_target + where + type = 'SERVICE_CONTROL_POLICY' + and target_id = '123456789098'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_policy_target_2.yaml b/queries/aws_organizations_policy_target_2.yaml index 3eeab6c69..c1ca1f88b 100755 --- a/queries/aws_organizations_policy_target_2.yaml +++ b/queries/aws_organizations_policy_target_2.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_policy_target_2 Title: "List AWS Organizations Policy Targets with SQL Query" Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_policy_target_2.yaml.bak b/queries/aws_organizations_policy_target_2.yaml.bak new file mode 100755 index 000000000..3eeab6c69 --- /dev/null +++ b/queries/aws_organizations_policy_target_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_organizations_policy_target_2 +Title: "List AWS Organizations Policy Targets with SQL Query" +Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + arn, + type, + aws_managed + from + aws_organizations_policy_target + where + not aws_managed + and type = 'TAG_POLICY' + and target_id = 'ou-jsdhkek'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_policy_target_3.yaml b/queries/aws_organizations_policy_target_3.yaml index d56953ba2..a07898b06 100755 --- a/queries/aws_organizations_policy_target_3.yaml +++ b/queries/aws_organizations_policy_target_3.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_policy_target_3 Title: "Find AWS Organizations Policy Targets with SQL" Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_policy_target_3.yaml.bak b/queries/aws_organizations_policy_target_3.yaml.bak new file mode 100755 index 000000000..d56953ba2 --- /dev/null +++ b/queries/aws_organizations_policy_target_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_organizations_policy_target_3 +Title: "Find AWS Organizations Policy Targets with SQL" +Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + arn, + type, + aws_managed + from + aws_organizations_policy_target + where + type = 'BACKUP_POLICY' + and target_id = '123456789098'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Organizations diff --git a/queries/aws_organizations_policy_target_4.yaml b/queries/aws_organizations_policy_target_4.yaml index b60e6d911..46b2e2a5b 100755 --- a/queries/aws_organizations_policy_target_4.yaml +++ b/queries/aws_organizations_policy_target_4.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_policy_target_4 Title: "Find AWS Organizations Policy Targets Information" Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_policy_target_4.yaml.bak b/queries/aws_organizations_policy_target_4.yaml.bak new file mode 100755 index 000000000..46b2e2a5b --- /dev/null +++ b/queries/aws_organizations_policy_target_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_organizations_policy_target_4 +Title: "Find AWS Organizations Policy Targets Information" +Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + content ->> 'Version' as policy_version, + content ->> 'Statement' as policy_statement + from + aws_organizations_policy_target + where + type = 'SERVICE_CONTROL_POLICY' + and target_id = 'r-9ijkl7'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_policy_target_4.yaml.bak.bak b/queries/aws_organizations_policy_target_4.yaml.bak.bak new file mode 100755 index 000000000..46b2e2a5b --- /dev/null +++ b/queries/aws_organizations_policy_target_4.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_organizations_policy_target_4 +Title: "Find AWS Organizations Policy Targets Information" +Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + content ->> 'Version' as policy_version, + content ->> 'Statement' as policy_statement + from + aws_organizations_policy_target + where + type = 'SERVICE_CONTROL_POLICY' + and target_id = 'r-9ijkl7'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_root_1.yaml b/queries/aws_organizations_root_1.yaml index 4c76d1156..c48840c09 100755 --- a/queries/aws_organizations_root_1.yaml +++ b/queries/aws_organizations_root_1.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_root_1 Title: "Find AWS Organization Root Account Detailed Info" Description: "Allows users to query AWS Organizations Root to retrieve detailed information on AWS Organizations Root account. This table can be utilized to gain insights on organizations root account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_root_1.yaml.bak b/queries/aws_organizations_root_1.yaml.bak new file mode 100755 index 000000000..4c76d1156 --- /dev/null +++ b/queries/aws_organizations_root_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_organizations_root_1 +Title: "Find AWS Organization Root Account Detailed Info" +Description: "Allows users to query AWS Organizations Root to retrieve detailed information on AWS Organizations Root account. This table can be utilized to gain insights on organizations root account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn + from + aws_organizations_root; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_organizations_root_2.yaml b/queries/aws_organizations_root_2.yaml index fa2ea4506..c5803fb80 100755 --- a/queries/aws_organizations_root_2.yaml +++ b/queries/aws_organizations_root_2.yaml @@ -1,7 +1,7 @@ ID: aws_organizations_root_2 Title: "Find AWS Organizations Root and Policy Details" Description: "Allows users to query AWS Organizations Root to retrieve detailed information on AWS Organizations Root account. This table can be utilized to gain insights on organizations root account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_organizations_root_2.yaml.bak b/queries/aws_organizations_root_2.yaml.bak new file mode 100755 index 000000000..fa2ea4506 --- /dev/null +++ b/queries/aws_organizations_root_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_organizations_root_2 +Title: "Find AWS Organizations Root and Policy Details" +Description: "Allows users to query AWS Organizations Root to retrieve detailed information on AWS Organizations Root account. This table can be utilized to gain insights on organizations root account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + p ->> 'Status' as policy_status, + p ->> 'Type' as policy_type + from + aws_organizations_root, + jsonb_array_elements(policy_types) as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Organizations diff --git a/queries/aws_pinpoint_app_1.yaml b/queries/aws_pinpoint_app_1.yaml index eb9872ca5..2d0ffdf49 100755 --- a/queries/aws_pinpoint_app_1.yaml +++ b/queries/aws_pinpoint_app_1.yaml @@ -1,7 +1,7 @@ ID: aws_pinpoint_app_1 Title: "Find all details of AWS Pinpoint Applications" Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pinpoint_app_1.yaml.bak b/queries/aws_pinpoint_app_1.yaml.bak new file mode 100755 index 000000000..eb9872ca5 --- /dev/null +++ b/queries/aws_pinpoint_app_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_pinpoint_app_1 +Title: "Find all details of AWS Pinpoint Applications" +Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + arn, + limits + from + aws_pinpoint_app; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Pinpoint diff --git a/queries/aws_pinpoint_app_2.yaml b/queries/aws_pinpoint_app_2.yaml index ce8e60465..0e7c82db1 100755 --- a/queries/aws_pinpoint_app_2.yaml +++ b/queries/aws_pinpoint_app_2.yaml @@ -1,7 +1,7 @@ ID: aws_pinpoint_app_2 Title: "Find AWS Pinpoint Applications and Details" Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pinpoint_app_2.yaml.bak b/queries/aws_pinpoint_app_2.yaml.bak new file mode 100755 index 000000000..ce8e60465 --- /dev/null +++ b/queries/aws_pinpoint_app_2.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_pinpoint_app_2 +Title: "Find AWS Pinpoint Applications and Details" +Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + quiet_time -> 'Start' as start_time, + quiet_time -> 'End' as end_time + from + aws_pinpoint_app; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Pinpoint diff --git a/queries/aws_pinpoint_app_3.yaml b/queries/aws_pinpoint_app_3.yaml index dd25e7006..c22670555 100755 --- a/queries/aws_pinpoint_app_3.yaml +++ b/queries/aws_pinpoint_app_3.yaml @@ -1,7 +1,7 @@ ID: aws_pinpoint_app_3 Title: "Find all AWS Pinpoint App details and settings" Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pinpoint_app_3.yaml.bak b/queries/aws_pinpoint_app_3.yaml.bak new file mode 100755 index 000000000..dd25e7006 --- /dev/null +++ b/queries/aws_pinpoint_app_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_pinpoint_app_3 +Title: "Find all AWS Pinpoint App details and settings" +Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + campaign_hook -> 'LambdaFunctionName' as lambda_function_name, + campaign_hook -> 'Mode' as mode, + campaign_hook -> 'WebUrl' as web_url + from + aws_pinpoint_app; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Pinpoint diff --git a/queries/aws_pinpoint_app_4.yaml b/queries/aws_pinpoint_app_4.yaml index a6b8d7ae9..356690285 100755 --- a/queries/aws_pinpoint_app_4.yaml +++ b/queries/aws_pinpoint_app_4.yaml @@ -1,7 +1,7 @@ ID: aws_pinpoint_app_4 Title: "List AWS Pinpoint Application Details and Limits" Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pinpoint_app_4.yaml.bak b/queries/aws_pinpoint_app_4.yaml.bak new file mode 100755 index 000000000..a6b8d7ae9 --- /dev/null +++ b/queries/aws_pinpoint_app_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_pinpoint_app_4 +Title: "List AWS Pinpoint Application Details and Limits" +Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + limits -> 'Daily' as daily, + limits -> 'Total' as total, + limits -> 'Session' as session, + limits -> 'MaximumDuration' as maximum_duration, + limits -> 'MessagesPerSecond' as messages_per_second + from + aws_pinpoint_app; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Pinpoint diff --git a/queries/aws_pipes_pipe_1.yaml b/queries/aws_pipes_pipe_1.yaml index b2c6df969..97a77dcbc 100755 --- a/queries/aws_pipes_pipe_1.yaml +++ b/queries/aws_pipes_pipe_1.yaml @@ -1,7 +1,7 @@ ID: aws_pipes_pipe_1 Title: "Find AWS Pipe Details via SQL Query" Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pipes_pipe_1.yaml.bak b/queries/aws_pipes_pipe_1.yaml.bak new file mode 100755 index 000000000..b2c6df969 --- /dev/null +++ b/queries/aws_pipes_pipe_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_pipes_pipe_1 +Title: "Find AWS Pipe Details via SQL Query" +Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + current_state, + creation_time, + role_arn + from + aws_pipes_pipe; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Pipes diff --git a/queries/aws_pipes_pipe_2.yaml b/queries/aws_pipes_pipe_2.yaml index 1b8933b8c..811a24917 100755 --- a/queries/aws_pipes_pipe_2.yaml +++ b/queries/aws_pipes_pipe_2.yaml @@ -1,7 +1,7 @@ ID: aws_pipes_pipe_2 Title: "List all AWS Pipes with State Details" Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pipes_pipe_2.yaml.bak b/queries/aws_pipes_pipe_2.yaml.bak new file mode 100755 index 000000000..1b8933b8c --- /dev/null +++ b/queries/aws_pipes_pipe_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_pipes_pipe_2 +Title: "List all AWS Pipes with State Details" +Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + description, + creation_time, + current_state, + desired_state + from + aws_pipes_pipe + where + desired_state <> current_state; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Pipes diff --git a/queries/aws_pipes_pipe_3.yaml b/queries/aws_pipes_pipe_3.yaml index 1ead735df..db2ea8820 100755 --- a/queries/aws_pipes_pipe_3.yaml +++ b/queries/aws_pipes_pipe_3.yaml @@ -1,7 +1,7 @@ ID: aws_pipes_pipe_3 Title: "List all AWS Pipes with Detailed Parameters" Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pipes_pipe_3.yaml.bak b/queries/aws_pipes_pipe_3.yaml.bak new file mode 100755 index 000000000..1ead735df --- /dev/null +++ b/queries/aws_pipes_pipe_3.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_pipes_pipe_3 +Title: "List all AWS Pipes with Detailed Parameters" +Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + target_parameters ->> 'BatchJobParameters' as batch_job_parameters, + target_parameters ->> 'CloudWatchLogsParameters' as cloudwatch_logs_parameters, + target_parameters ->> 'EcsTaskParameters' as ecs_task_parameters, + target_parameters ->> 'EventBridgeEventBusParameters' as eventbridge_event_bus_parameters, + target_parameters ->> 'HttpParameters' as http_parameters, + target_parameters ->> 'InputTemplate' as input_template, + target_parameters ->> 'KinesisStreamParameters' as kinesis_stream_parameters, + target_parameters ->> 'LambdaFunctionParameters' as lambda_function_parameters, + target_parameters ->> 'RedshiftDataParameters' as redshift_data_parameters, + target_parameters ->> 'SageMakerPipelineParameters' as sage_maker_pipeline_parameters, + target_parameters ->> 'SqsQueueParameters' as sqs_queue_parameters, + target_parameters ->> 'StepFunctionStateMachineParameters' as step_function_state_machine_parameters + from + aws_pipes_pipe; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Pipes diff --git a/queries/aws_pipes_pipe_4.yaml b/queries/aws_pipes_pipe_4.yaml index 71c989e0f..106e46aa6 100755 --- a/queries/aws_pipes_pipe_4.yaml +++ b/queries/aws_pipes_pipe_4.yaml @@ -1,7 +1,7 @@ ID: aws_pipes_pipe_4 Title: "List All AWS Pipes and Their Details" Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pipes_pipe_4.yaml.bak b/queries/aws_pipes_pipe_4.yaml.bak new file mode 100755 index 000000000..71c989e0f --- /dev/null +++ b/queries/aws_pipes_pipe_4.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_pipes_pipe_4 +Title: "List All AWS Pipes and Their Details" +Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + enrichment_parameters ->> 'HttpParameters' as http_parameters, + enrichment_parameters ->> 'InputTemplate' as input_template + from + aws_pipes_pipe; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Pipes diff --git a/queries/aws_pipes_pipe_5.yaml b/queries/aws_pipes_pipe_5.yaml index f48122746..175fcb0c9 100755 --- a/queries/aws_pipes_pipe_5.yaml +++ b/queries/aws_pipes_pipe_5.yaml @@ -1,7 +1,7 @@ ID: aws_pipes_pipe_5 Title: "List AWS Pipes and Their Details Using SQL" Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pipes_pipe_5.yaml.bak b/queries/aws_pipes_pipe_5.yaml.bak new file mode 100755 index 000000000..f48122746 --- /dev/null +++ b/queries/aws_pipes_pipe_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_pipes_pipe_5 +Title: "List AWS Pipes and Their Details Using SQL" +Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + creation_time, + current_state, + desired_state, + enrichment, + target + from + aws_pipes_pipe + where + creation_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Pipes diff --git a/queries/aws_pipes_pipe_6.yaml b/queries/aws_pipes_pipe_6.yaml index f2d65cb66..ca1f23345 100755 --- a/queries/aws_pipes_pipe_6.yaml +++ b/queries/aws_pipes_pipe_6.yaml @@ -1,7 +1,7 @@ ID: aws_pipes_pipe_6 Title: "List AWS Pipes and Their Associated IAM Roles" Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pipes_pipe_6.yaml.bak b/queries/aws_pipes_pipe_6.yaml.bak new file mode 100755 index 000000000..ca1f23345 --- /dev/null +++ b/queries/aws_pipes_pipe_6.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_pipes_pipe_6 +Title: "List AWS Pipes and Their Associated IAM Roles" +Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + p.name, + r.arn as role_arn, + r.role_id, + r.permissions_boundary_arn, + r.role_last_used_region, + r.inline_policies, + r.assume_role_policy + from + aws_pipes_pipe as p, + aws_iam_role as r + where + p.role_arn = r.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Pipes diff --git a/queries/aws_pipes_pipe_6.yaml.bak.bak b/queries/aws_pipes_pipe_6.yaml.bak.bak new file mode 100755 index 000000000..f2d65cb66 --- /dev/null +++ b/queries/aws_pipes_pipe_6.yaml.bak.bak @@ -0,0 +1,33 @@ +ID: aws_pipes_pipe_6 +Title: "List AWS Pipes and Their Associated IAM Roles" +Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + p.name, + r.arn as role_arn, + r.role_id, + r.permissions_boundary_arn, + r.role_last_used_region, + r.inline_policies, + r.assume_role_policy + from + aws_pipes_pipe as p, + aws_iam_role as r + where + p.role_arn = r.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Pipes diff --git a/queries/aws_pricing_product_1.yaml b/queries/aws_pricing_product_1.yaml index bc275772d..eb3e58cba 100755 --- a/queries/aws_pricing_product_1.yaml +++ b/queries/aws_pricing_product_1.yaml @@ -1,7 +1,7 @@ ID: aws_pricing_product_1 Title: "Find AWS Pricing Product Details with Attributes" Description: "Allows users to query AWS Pricing Product details such as the product''s description, pricing details, and associated attributes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pricing_product_1.yaml.bak b/queries/aws_pricing_product_1.yaml.bak new file mode 100755 index 000000000..bc275772d --- /dev/null +++ b/queries/aws_pricing_product_1.yaml.bak @@ -0,0 +1,46 @@ +ID: aws_pricing_product_1 +Title: "Find AWS Pricing Product Details with Attributes" +Description: "Allows users to query AWS Pricing Product details such as the product''s description, pricing details, and associated attributes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + term, + purchase_option, + lease_contract_length, + unit, + price_per_unit::numeric::money, + currency, + begin_range, + end_range, + effective_date, + description, + attributes ->> 'instanceType', + attributes ->> 'vcpu', + attributes ->> 'memory', + attributes ->> 'operatingSystem', + attributes ->> 'preInstalledSw' + from + aws_pricing_product + where + service_code = 'AmazonEC2' + and filters = '{ + "regionCode": "eu-west-3", + "locationType": "AWS Region", + "instanceType": "c5.2xlarge", + "operatingSystem": "Linux", + "tenancy": "Shared", + "preInstalledSw": "NA", + "capacityStatus": "Used" }'::jsonb; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Pricing diff --git a/queries/aws_pricing_product_2.yaml b/queries/aws_pricing_product_2.yaml index be403b541..b39d569b2 100755 --- a/queries/aws_pricing_product_2.yaml +++ b/queries/aws_pricing_product_2.yaml @@ -1,7 +1,7 @@ ID: aws_pricing_product_2 Title: "List AWS Pricing Product Details by Service Code and Filters" Description: "Allows users to query AWS Pricing Product details such as the product''s description, pricing details, and associated attributes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pricing_product_2.yaml.bak b/queries/aws_pricing_product_2.yaml.bak new file mode 100755 index 000000000..be403b541 --- /dev/null +++ b/queries/aws_pricing_product_2.yaml.bak @@ -0,0 +1,40 @@ +ID: aws_pricing_product_2 +Title: "List AWS Pricing Product Details by Service Code and Filters" +Description: "Allows users to query AWS Pricing Product details such as the product''s description, pricing details, and associated attributes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + term, + purchase_option, + lease_contract_length, + unit, + price_per_unit::numeric::money, + currency, + attributes ->> 'instanceType', + attributes ->> 'vcpu', + attributes ->> 'memory', + attributes ->> 'databaseEngine', + attributes ->> 'deploymentOption' + from + aws_pricing_product + where + service_code = 'AmazonRDS' + and filters = '{ + "regionCode": "eu-west-3", + "locationType": "AWS Region", + "instanceType": "db.m5.xlarge", + "databaseEngine": "MySQL", + "deploymentOption": "Single-AZ" }'::jsonb; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Pricing Product diff --git a/queries/aws_pricing_product_3.yaml b/queries/aws_pricing_product_3.yaml index 6ce99b9bc..f5fb26aa0 100755 --- a/queries/aws_pricing_product_3.yaml +++ b/queries/aws_pricing_product_3.yaml @@ -1,7 +1,7 @@ ID: aws_pricing_product_3 Title: "Find AWS ElastiCache Pricing Product with Specific Attributes" Description: "Allows users to query AWS Pricing Product details such as the product''s description, pricing details, and associated attributes." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pricing_product_3.yaml.bak b/queries/aws_pricing_product_3.yaml.bak new file mode 100755 index 000000000..6ce99b9bc --- /dev/null +++ b/queries/aws_pricing_product_3.yaml.bak @@ -0,0 +1,40 @@ +ID: aws_pricing_product_3 +Title: "Find AWS ElastiCache Pricing Product with Specific Attributes" +Description: "Allows users to query AWS Pricing Product details such as the product''s description, pricing details, and associated attributes." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + term, + purchase_option, + lease_contract_length, + unit, + price_per_unit::numeric::money, + currency, + attributes ->> 'instanceType', + attributes ->> 'vcpu', + attributes ->> 'memory', + attributes ->> 'cacheEngine' + from + aws_pricing_product + where + service_code = 'AmazonElastiCache' + and filters = '{ + "regionCode": "eu-west-3", + "locationType": "AWS Region", + "instanceType": "cache.m5.xlarge", + "cacheEngine": "Redis" }'::jsonb; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Pricing Product diff --git a/queries/aws_pricing_service_attribute_1.yaml b/queries/aws_pricing_service_attribute_1.yaml index 6a9b0be96..20eaa19e1 100755 --- a/queries/aws_pricing_service_attribute_1.yaml +++ b/queries/aws_pricing_service_attribute_1.yaml @@ -1,7 +1,7 @@ ID: aws_pricing_service_attribute_1 Title: "List all AWS Pricing Service Attributes and Prices" Description: "Allows users to query AWS Pricing Service Attributes to gain insights into product attributes and their respective prices." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pricing_service_attribute_1.yaml.bak b/queries/aws_pricing_service_attribute_1.yaml.bak new file mode 100755 index 000000000..6a9b0be96 --- /dev/null +++ b/queries/aws_pricing_service_attribute_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_pricing_service_attribute_1 +Title: "List all AWS Pricing Service Attributes and Prices" +Description: "Allows users to query AWS Pricing Service Attributes to gain insights into product attributes and their respective prices." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_code, + attribute_name, + attribute_values + from + aws_pricing_service_attribute; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Pricing Service diff --git a/queries/aws_pricing_service_attribute_2.yaml b/queries/aws_pricing_service_attribute_2.yaml index 5aef29c1b..528644707 100755 --- a/queries/aws_pricing_service_attribute_2.yaml +++ b/queries/aws_pricing_service_attribute_2.yaml @@ -1,7 +1,7 @@ ID: aws_pricing_service_attribute_2 Title: "List all AWS Pricing Service Attributes" Description: "Allows users to query AWS Pricing Service Attributes to gain insights into product attributes and their respective prices." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pricing_service_attribute_2.yaml.bak b/queries/aws_pricing_service_attribute_2.yaml.bak new file mode 100755 index 000000000..5aef29c1b --- /dev/null +++ b/queries/aws_pricing_service_attribute_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_pricing_service_attribute_2 +Title: "List all AWS Pricing Service Attributes" +Description: "Allows users to query AWS Pricing Service Attributes to gain insights into product attributes and their respective prices." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_code, + attribute_name, + attribute_values + from + aws_pricing_service_attribute + where + service_code = 'AWSBackup'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Pricing Service diff --git a/queries/aws_pricing_service_attribute_3.yaml b/queries/aws_pricing_service_attribute_3.yaml index bf4629001..a99fd6af7 100755 --- a/queries/aws_pricing_service_attribute_3.yaml +++ b/queries/aws_pricing_service_attribute_3.yaml @@ -1,7 +1,7 @@ ID: aws_pricing_service_attribute_3 Title: "Find AWS Pricing Service Attributes for AWSBackup and termType" Description: "Allows users to query AWS Pricing Service Attributes to gain insights into product attributes and their respective prices." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_pricing_service_attribute_3.yaml.bak b/queries/aws_pricing_service_attribute_3.yaml.bak new file mode 100755 index 000000000..bf4629001 --- /dev/null +++ b/queries/aws_pricing_service_attribute_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_pricing_service_attribute_3 +Title: "Find AWS Pricing Service Attributes for AWSBackup and termType" +Description: "Allows users to query AWS Pricing Service Attributes to gain insights into product attributes and their respective prices." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_code, + attribute_name, + attribute_values + from + aws_pricing_service_attribute + where + service_code = 'AWSBackup' and attribute_name = 'termType'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Pricing Service diff --git a/queries/aws_ram_principal_association_1.yaml b/queries/aws_ram_principal_association_1.yaml index ad03bed62..12f6f9a81 100755 --- a/queries/aws_ram_principal_association_1.yaml +++ b/queries/aws_ram_principal_association_1.yaml @@ -1,7 +1,7 @@ ID: aws_ram_principal_association_1 Title: "List AWS RAM Principal Associations with SQL" Description: "Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` table in Steampipe provides information about principal associations within AWS Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific details, including resource share ARN, principal ARN, creation time, and associated tags. Users can utilize this table to gather insights on principal associations, such as their status, external status, and more. The schema outlines the various attributes of the principal association, including the resource share ARN, principal ARN, creation time, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ram_principal_association_1.yaml.bak b/queries/aws_ram_principal_association_1.yaml.bak new file mode 100755 index 000000000..ad03bed62 --- /dev/null +++ b/queries/aws_ram_principal_association_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ram_principal_association_1 +Title: "List AWS RAM Principal Associations with SQL" +Description: "Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` table in Steampipe provides information about principal associations within AWS Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific details, including resource share ARN, principal ARN, creation time, and associated tags. Users can utilize this table to gather insights on principal associations, such as their status, external status, and more. The schema outlines the various attributes of the principal association, including the resource share ARN, principal ARN, creation time, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_share_name, + resource_share_arn, + associated_entity, + status + from + aws_ram_principal_association; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Resource Access Manager diff --git a/queries/aws_ram_principal_association_2.yaml b/queries/aws_ram_principal_association_2.yaml index e11531d55..e81492044 100755 --- a/queries/aws_ram_principal_association_2.yaml +++ b/queries/aws_ram_principal_association_2.yaml @@ -1,7 +1,7 @@ ID: aws_ram_principal_association_2 Title: "List all AWS RAM Principal Associations by SQL Query" Description: "Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` table in Steampipe provides information about principal associations within AWS Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific details, including resource share ARN, principal ARN, creation time, and associated tags. Users can utilize this table to gather insights on principal associations, such as their status, external status, and more. The schema outlines the various attributes of the principal association, including the resource share ARN, principal ARN, creation time, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ram_principal_association_2.yaml.bak b/queries/aws_ram_principal_association_2.yaml.bak new file mode 100755 index 000000000..e11531d55 --- /dev/null +++ b/queries/aws_ram_principal_association_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ram_principal_association_2 +Title: "List all AWS RAM Principal Associations by SQL Query" +Description: "Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` table in Steampipe provides information about principal associations within AWS Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific details, including resource share ARN, principal ARN, creation time, and associated tags. Users can utilize this table to gather insights on principal associations, such as their status, external status, and more. The schema outlines the various attributes of the principal association, including the resource share ARN, principal ARN, creation time, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_share_name, + resource_share_arn, + associated_entity, + p ->> 'Arn' as resource_share_permission_arn, + p ->> 'Status' as resource_share_permission_status + from + aws_ram_principal_association, + jsonb_array_elements(resource_share_permission) p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Resource Access Manager diff --git a/queries/aws_ram_principal_association_3.yaml b/queries/aws_ram_principal_association_3.yaml index e7bd93597..65ef835b9 100755 --- a/queries/aws_ram_principal_association_3.yaml +++ b/queries/aws_ram_principal_association_3.yaml @@ -1,7 +1,7 @@ ID: aws_ram_principal_association_3 Title: "List all AWS RAM Principal Associations with Failed Status" Description: "Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` table in Steampipe provides information about principal associations within AWS Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific details, including resource share ARN, principal ARN, creation time, and associated tags. Users can utilize this table to gather insights on principal associations, such as their status, external status, and more. The schema outlines the various attributes of the principal association, including the resource share ARN, principal ARN, creation time, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ram_principal_association_3.yaml.bak b/queries/aws_ram_principal_association_3.yaml.bak new file mode 100755 index 000000000..e7bd93597 --- /dev/null +++ b/queries/aws_ram_principal_association_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ram_principal_association_3 +Title: "List all AWS RAM Principal Associations with Failed Status" +Description: "Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` table in Steampipe provides information about principal associations within AWS Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific details, including resource share ARN, principal ARN, creation time, and associated tags. Users can utilize this table to gather insights on principal associations, such as their status, external status, and more. The schema outlines the various attributes of the principal association, including the resource share ARN, principal ARN, creation time, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_share_name, + resource_share_arn, + associated_entity, + status + from + aws_ram_principal_association + where + status = 'FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Resource Access Manager diff --git a/queries/aws_ram_resource_association_1.yaml b/queries/aws_ram_resource_association_1.yaml index 0def52f40..425adb755 100755 --- a/queries/aws_ram_resource_association_1.yaml +++ b/queries/aws_ram_resource_association_1.yaml @@ -1,7 +1,7 @@ ID: aws_ram_resource_association_1 Title: "List all AWS RAM Resource Associations with SQL" Description: "Allows users to query AWS RAM Resource Associations to retrieve information about the associations between resources and resource shares." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ram_resource_association_1.yaml.bak b/queries/aws_ram_resource_association_1.yaml.bak new file mode 100755 index 000000000..0def52f40 --- /dev/null +++ b/queries/aws_ram_resource_association_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ram_resource_association_1 +Title: "List all AWS RAM Resource Associations with SQL" +Description: "Allows users to query AWS RAM Resource Associations to retrieve information about the associations between resources and resource shares." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_share_name, + resource_share_arn, + associated_entity, + status + from + aws_ram_resource_association; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS RAM diff --git a/queries/aws_ram_resource_association_2.yaml b/queries/aws_ram_resource_association_2.yaml index c7a943a7e..f8df7261e 100755 --- a/queries/aws_ram_resource_association_2.yaml +++ b/queries/aws_ram_resource_association_2.yaml @@ -1,7 +1,7 @@ ID: aws_ram_resource_association_2 Title: "List AWS RAM Resource Associations and Permissions" Description: "Allows users to query AWS RAM Resource Associations to retrieve information about the associations between resources and resource shares." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ram_resource_association_2.yaml.bak b/queries/aws_ram_resource_association_2.yaml.bak new file mode 100755 index 000000000..c7a943a7e --- /dev/null +++ b/queries/aws_ram_resource_association_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ram_resource_association_2 +Title: "List AWS RAM Resource Associations and Permissions" +Description: "Allows users to query AWS RAM Resource Associations to retrieve information about the associations between resources and resource shares." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_share_name, + resource_share_arn, + associated_entity, + p ->> 'Arn' as resource_share_permission_arn, + p ->> 'Status' as resource_share_permission_status + from + aws_ram_resource_association, + jsonb_array_elements(resource_share_permission) p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS RAM Resource Association diff --git a/queries/aws_ram_resource_association_3.yaml b/queries/aws_ram_resource_association_3.yaml index 7332c59a6..41425eedf 100755 --- a/queries/aws_ram_resource_association_3.yaml +++ b/queries/aws_ram_resource_association_3.yaml @@ -1,7 +1,7 @@ ID: aws_ram_resource_association_3 Title: "Find AWS RAM Resource Associations with SQL Query" Description: "Allows users to query AWS RAM Resource Associations to retrieve information about the associations between resources and resource shares." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ram_resource_association_3.yaml.bak b/queries/aws_ram_resource_association_3.yaml.bak new file mode 100755 index 000000000..7332c59a6 --- /dev/null +++ b/queries/aws_ram_resource_association_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ram_resource_association_3 +Title: "Find AWS RAM Resource Associations with SQL Query" +Description: "Allows users to query AWS RAM Resource Associations to retrieve information about the associations between resources and resource shares." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + resource_share_name, + resource_share_arn, + associated_entity, + status + from + aws_ram_resource_association + where + status = 'FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - RAM diff --git a/queries/aws_rds_db_cluster_1.yaml b/queries/aws_rds_db_cluster_1.yaml index 8b8cec140..89770d4e5 100755 --- a/queries/aws_rds_db_cluster_1.yaml +++ b/queries/aws_rds_db_cluster_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_cluster_1 Title: "Find all AWS RDS DB Clusters: Status & Security Details" Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_cluster_1.yaml.bak b/queries/aws_rds_db_cluster_1.yaml.bak new file mode 100755 index 000000000..8b8cec140 --- /dev/null +++ b/queries/aws_rds_db_cluster_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_rds_db_cluster_1 +Title: "Find all AWS RDS DB Clusters: Status & Security Details" +Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + allocated_storage, + kms_key_id + from + aws_rds_db_cluster + where + kms_key_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS DB Cluster diff --git a/queries/aws_rds_db_cluster_2.yaml b/queries/aws_rds_db_cluster_2.yaml index ce20612ab..b9874e67a 100755 --- a/queries/aws_rds_db_cluster_2.yaml +++ b/queries/aws_rds_db_cluster_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_cluster_2 Title: "List AWS RDS DB Clusters Status and Configurations" Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_cluster_2.yaml.bak b/queries/aws_rds_db_cluster_2.yaml.bak new file mode 100755 index 000000000..ce20612ab --- /dev/null +++ b/queries/aws_rds_db_cluster_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_cluster_2 +Title: "List AWS RDS DB Clusters Status and Configurations" +Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + backup_retention_period + from + aws_rds_db_cluster + where + backup_retention_period > 7; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_cluster_3.yaml b/queries/aws_rds_db_cluster_3.yaml index f4e2c3836..507847ccc 100755 --- a/queries/aws_rds_db_cluster_3.yaml +++ b/queries/aws_rds_db_cluster_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_cluster_3 Title: "Query AWS RDS DB Clusters for Status and Config Details" Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_cluster_3.yaml.bak b/queries/aws_rds_db_cluster_3.yaml.bak new file mode 100755 index 000000000..f4e2c3836 --- /dev/null +++ b/queries/aws_rds_db_cluster_3.yaml.bak @@ -0,0 +1,23 @@ +ID: aws_rds_db_cluster_3 +Title: "Query AWS RDS DB Clusters for Status and Config Details" +Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + jsonb_array_length(availability_zones) availability_zones_count + from + aws_rds_db_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS RDS diff --git a/queries/aws_rds_db_cluster_4.yaml b/queries/aws_rds_db_cluster_4.yaml index 8559009b7..97a8447bd 100755 --- a/queries/aws_rds_db_cluster_4.yaml +++ b/queries/aws_rds_db_cluster_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_cluster_4 Title: "List all AWS RDS DB Clusters status and settings" Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_cluster_4.yaml.bak b/queries/aws_rds_db_cluster_4.yaml.bak new file mode 100755 index 000000000..8559009b7 --- /dev/null +++ b/queries/aws_rds_db_cluster_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_rds_db_cluster_4 +Title: "List all AWS RDS DB Clusters status and settings" +Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + member ->> 'DBClusterParameterGroupStatus' as db_cluster_parameter_group_status, + member ->> 'DBInstanceIdentifier' as db_instance_identifier, + member ->> 'IsClusterWriter' as is_cluster_writer, + member ->> 'PromotionTier' as promotion_tier + from + aws_rds_db_cluster + cross join jsonb_array_elements(members) as member; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_cluster_5.yaml b/queries/aws_rds_db_cluster_5.yaml index 71a74c75b..2e824761b 100755 --- a/queries/aws_rds_db_cluster_5.yaml +++ b/queries/aws_rds_db_cluster_5.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_cluster_5 Title: "Find AWS RDS DB Clusters Status and Configuration" Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_cluster_5.yaml.bak b/queries/aws_rds_db_cluster_5.yaml.bak new file mode 100755 index 000000000..2e824761b --- /dev/null +++ b/queries/aws_rds_db_cluster_5.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_db_cluster_5 +Title: "Find AWS RDS DB Clusters Status and Configuration" +Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + actions ->> 'ResourceIdentifier' as db_cluster_identifier, + details ->> 'Action' as action, + details ->> 'OptInStatus' as opt_in_status, + details ->> 'ForcedApplyDate' as forced_apply_date, + details ->> 'CurrentApplyDate' as current_apply_date, + details ->> 'AutoAppliedAfterDate' as auto_applied_after_date + from + aws_rds_db_cluster, + jsonb_array_elements(pending_maintenance_actions) as actions, + jsonb_array_elements(actions -> 'PendingMaintenanceActionDetails') as details; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_cluster_5.yaml.bak.bak b/queries/aws_rds_db_cluster_5.yaml.bak.bak new file mode 100755 index 000000000..2e824761b --- /dev/null +++ b/queries/aws_rds_db_cluster_5.yaml.bak.bak @@ -0,0 +1,31 @@ +ID: aws_rds_db_cluster_5 +Title: "Find AWS RDS DB Clusters Status and Configuration" +Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + actions ->> 'ResourceIdentifier' as db_cluster_identifier, + details ->> 'Action' as action, + details ->> 'OptInStatus' as opt_in_status, + details ->> 'ForcedApplyDate' as forced_apply_date, + details ->> 'CurrentApplyDate' as current_apply_date, + details ->> 'AutoAppliedAfterDate' as auto_applied_after_date + from + aws_rds_db_cluster, + jsonb_array_elements(pending_maintenance_actions) as actions, + jsonb_array_elements(actions -> 'PendingMaintenanceActionDetails') as details; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_cluster_parameter_group_1.yaml b/queries/aws_rds_db_cluster_parameter_group_1.yaml index 44afa78f9..c117764a7 100755 --- a/queries/aws_rds_db_cluster_parameter_group_1.yaml +++ b/queries/aws_rds_db_cluster_parameter_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_cluster_parameter_group_1 Title: "Find AWS RDS DB Cluster Parameter Groups Configuration" Description: "Allows users to query AWS RDS DB Cluster Parameter Groups, providing detailed information about each parameter group''s configuration, including its name, family, description, and ARN. This table can be used to identify unused or misconfigured parameter groups and to ensure they comply with security and operational best practices." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_cluster_parameter_group_1.yaml.bak b/queries/aws_rds_db_cluster_parameter_group_1.yaml.bak new file mode 100755 index 000000000..44afa78f9 --- /dev/null +++ b/queries/aws_rds_db_cluster_parameter_group_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_rds_db_cluster_parameter_group_1 +Title: "Find AWS RDS DB Cluster Parameter Groups Configuration" +Description: "Allows users to query AWS RDS DB Cluster Parameter Groups, providing detailed information about each parameter group''s configuration, including its name, family, description, and ARN. This table can be used to identify unused or misconfigured parameter groups and to ensure they comply with security and operational best practices." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + db_parameter_group_family + from + aws_rds_db_cluster_parameter_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_cluster_parameter_group_2.yaml b/queries/aws_rds_db_cluster_parameter_group_2.yaml index cb6a05680..79f9c791f 100755 --- a/queries/aws_rds_db_cluster_parameter_group_2.yaml +++ b/queries/aws_rds_db_cluster_parameter_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_cluster_parameter_group_2 Title: "List all AWS RDS DB Cluster Parameter Groups with Details" Description: "Allows users to query AWS RDS DB Cluster Parameter Groups, providing detailed information about each parameter group''s configuration, including its name, family, description, and ARN. This table can be used to identify unused or misconfigured parameter groups and to ensure they comply with security and operational best practices." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_cluster_parameter_group_2.yaml.bak b/queries/aws_rds_db_cluster_parameter_group_2.yaml.bak new file mode 100755 index 000000000..cb6a05680 --- /dev/null +++ b/queries/aws_rds_db_cluster_parameter_group_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_rds_db_cluster_parameter_group_2 +Title: "List all AWS RDS DB Cluster Parameter Groups with Details" +Description: "Allows users to query AWS RDS DB Cluster Parameter Groups, providing detailed information about each parameter group''s configuration, including its name, family, description, and ARN. This table can be used to identify unused or misconfigured parameter groups and to ensure they comply with security and operational best practices." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + db_parameter_group_family, + pg ->> 'ParameterName' as parameter_name, + pg ->> 'ParameterValue' as parameter_value, + pg ->> 'AllowedValues' as allowed_values, + pg ->> 'ApplyType' as apply_type, + pg ->> 'IsModifiable' as is_modifiable, + pg ->> 'DataType' as data_type, + pg ->> 'Description' as description, + pg ->> 'MinimumEngineVersion' as minimum_engine_version + from + aws_rds_db_cluster_parameter_group + cross join jsonb_array_elements(parameters) as pg; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_cluster_snapshot_1.yaml b/queries/aws_rds_db_cluster_snapshot_1.yaml index a1a3edf88..579313407 100755 --- a/queries/aws_rds_db_cluster_snapshot_1.yaml +++ b/queries/aws_rds_db_cluster_snapshot_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_cluster_snapshot_1 Title: "Find AWS RDS DB Cluster Snapshot Details" Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_cluster_snapshot_1.yaml.bak b/queries/aws_rds_db_cluster_snapshot_1.yaml.bak new file mode 100755 index 000000000..a1a3edf88 --- /dev/null +++ b/queries/aws_rds_db_cluster_snapshot_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_rds_db_cluster_snapshot_1 +Title: "Find AWS RDS DB Cluster Snapshot Details" +Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_snapshot_identifier, + type, + storage_encrypted, + split_part(kms_key_id, '/', 1) kms_key_id + from + aws_rds_db_cluster_snapshot + where + not storage_encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_cluster_snapshot_2.yaml b/queries/aws_rds_db_cluster_snapshot_2.yaml index 86053d2e0..9949d513a 100755 --- a/queries/aws_rds_db_cluster_snapshot_2.yaml +++ b/queries/aws_rds_db_cluster_snapshot_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_cluster_snapshot_2 Title: "Find AWS RDS DB Cluster Snapshots Detailed Information" Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_cluster_snapshot_2.yaml.bak b/queries/aws_rds_db_cluster_snapshot_2.yaml.bak new file mode 100755 index 000000000..86053d2e0 --- /dev/null +++ b/queries/aws_rds_db_cluster_snapshot_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_rds_db_cluster_snapshot_2 +Title: "Find AWS RDS DB Cluster Snapshots Detailed Information" +Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_snapshot_identifier, + cluster_create_time, + engine, + engine_version, + license_model + from + aws_rds_db_cluster_snapshot; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_cluster_snapshot_3.yaml b/queries/aws_rds_db_cluster_snapshot_3.yaml index 11c438604..264f91ede 100755 --- a/queries/aws_rds_db_cluster_snapshot_3.yaml +++ b/queries/aws_rds_db_cluster_snapshot_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_cluster_snapshot_3 Title: "List all AWS RDS DB Cluster Snapshots with Details" Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_cluster_snapshot_3.yaml.bak b/queries/aws_rds_db_cluster_snapshot_3.yaml.bak new file mode 100755 index 000000000..11c438604 --- /dev/null +++ b/queries/aws_rds_db_cluster_snapshot_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_rds_db_cluster_snapshot_3 +Title: "List all AWS RDS DB Cluster Snapshots with Details" +Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_identifier, + count(db_cluster_snapshot_identifier) snapshot_count + from + aws_rds_db_cluster_snapshot + group by + db_cluster_identifier; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_cluster_snapshot_4.yaml b/queries/aws_rds_db_cluster_snapshot_4.yaml index 4c5551081..17c962eca 100755 --- a/queries/aws_rds_db_cluster_snapshot_4.yaml +++ b/queries/aws_rds_db_cluster_snapshot_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_cluster_snapshot_4 Title: "List all AWS RDS DB Cluster Snapshots with Details" Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_cluster_snapshot_4.yaml.bak b/queries/aws_rds_db_cluster_snapshot_4.yaml.bak new file mode 100755 index 000000000..4c5551081 --- /dev/null +++ b/queries/aws_rds_db_cluster_snapshot_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_rds_db_cluster_snapshot_4 +Title: "List all AWS RDS DB Cluster Snapshots with Details" +Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_cluster_snapshot_identifier, + engine, + type + from + aws_rds_db_cluster_snapshot + where + type = 'manual'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_engine_version_1.yaml b/queries/aws_rds_db_engine_version_1.yaml index 8f38c84b5..731134780 100755 --- a/queries/aws_rds_db_engine_version_1.yaml +++ b/queries/aws_rds_db_engine_version_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_engine_version_1 Title: "Find all AWS RDS DB Engine Versions with SQL" Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_engine_version_1.yaml.bak b/queries/aws_rds_db_engine_version_1.yaml.bak new file mode 100755 index 000000000..8f38c84b5 --- /dev/null +++ b/queries/aws_rds_db_engine_version_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_rds_db_engine_version_1 +Title: "Find all AWS RDS DB Engine Versions with SQL" +Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + engine, + engine_version, + db_engine_version_description, + status, + major_engine_version + from + aws_rds_db_engine_version; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_engine_version_2.yaml b/queries/aws_rds_db_engine_version_2.yaml index a7c44023e..f37d0e54a 100755 --- a/queries/aws_rds_db_engine_version_2.yaml +++ b/queries/aws_rds_db_engine_version_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_engine_version_2 Title: "List all AWS RDS DB Engine Versions Supporting Read Replicas" Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_engine_version_2.yaml.bak b/queries/aws_rds_db_engine_version_2.yaml.bak new file mode 100755 index 000000000..a7c44023e --- /dev/null +++ b/queries/aws_rds_db_engine_version_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_rds_db_engine_version_2 +Title: "List all AWS RDS DB Engine Versions Supporting Read Replicas" +Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + engine, + engine_version, + supports_read_replica + from + aws_rds_db_engine_version + where + supports_read_replica; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_engine_version_3.yaml b/queries/aws_rds_db_engine_version_3.yaml index 90cda5d55..a72958ba7 100755 --- a/queries/aws_rds_db_engine_version_3.yaml +++ b/queries/aws_rds_db_engine_version_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_engine_version_3 Title: "List all AWS RDS DB Engine Versions with Deprecated Status" Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_engine_version_3.yaml.bak b/queries/aws_rds_db_engine_version_3.yaml.bak new file mode 100755 index 000000000..90cda5d55 --- /dev/null +++ b/queries/aws_rds_db_engine_version_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_rds_db_engine_version_3 +Title: "List all AWS RDS DB Engine Versions with Deprecated Status" +Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + engine, + engine_version, + status + from + aws_rds_db_engine_version + where + status = 'deprecated'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_engine_version_4.yaml b/queries/aws_rds_db_engine_version_4.yaml index af2147113..5fb8b1590 100755 --- a/queries/aws_rds_db_engine_version_4.yaml +++ b/queries/aws_rds_db_engine_version_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_engine_version_4 Title: "Find AWS RDS DB Engine Versions with Detailed Information" Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_engine_version_4.yaml.bak b/queries/aws_rds_db_engine_version_4.yaml.bak new file mode 100755 index 000000000..af2147113 --- /dev/null +++ b/queries/aws_rds_db_engine_version_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_rds_db_engine_version_4 +Title: "Find AWS RDS DB Engine Versions with Detailed Information" +Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + engine, + engine_version, + supported_feature_names + from + aws_rds_db_engine_version + where + engine_version = 'specific_engine_version'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_engine_version_5.yaml b/queries/aws_rds_db_engine_version_5.yaml index 38437aae1..b05fdbdd6 100755 --- a/queries/aws_rds_db_engine_version_5.yaml +++ b/queries/aws_rds_db_engine_version_5.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_engine_version_5 Title: "List AWS RDS DB Engine Versions with Details" Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_engine_version_5.yaml.bak b/queries/aws_rds_db_engine_version_5.yaml.bak new file mode 100755 index 000000000..38437aae1 --- /dev/null +++ b/queries/aws_rds_db_engine_version_5.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_db_engine_version_5 +Title: "List AWS RDS DB Engine Versions with Details" +Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + engine, + engine_version, + create_time, + status, + db_engine_media_type, + default_only + from + aws_rds_db_engine_version + where + default_only; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_event_subscription_1.yaml b/queries/aws_rds_db_event_subscription_1.yaml index a869b5866..4cb38f1ab 100755 --- a/queries/aws_rds_db_event_subscription_1.yaml +++ b/queries/aws_rds_db_event_subscription_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_event_subscription_1 Title: "List all AWS RDS DB Event Subscriptions Information" Description: "Allows users to query AWS RDS DB Event Subscriptions to retrieve information about all event subscriptions for RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_event_subscription_1.yaml.bak b/queries/aws_rds_db_event_subscription_1.yaml.bak new file mode 100755 index 000000000..a869b5866 --- /dev/null +++ b/queries/aws_rds_db_event_subscription_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_rds_db_event_subscription_1 +Title: "List all AWS RDS DB Event Subscriptions Information" +Description: "Allows users to query AWS RDS DB Event Subscriptions to retrieve information about all event subscriptions for RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cust_subscription_id, + customer_aws_id, + arn, + status, + enabled + from + aws_rds_db_event_subscription; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_event_subscription_2.yaml b/queries/aws_rds_db_event_subscription_2.yaml index 76f861f43..17cdc8e87 100755 --- a/queries/aws_rds_db_event_subscription_2.yaml +++ b/queries/aws_rds_db_event_subscription_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_event_subscription_2 Title: "Find all AWS RDS DB Event Subscriptions" Description: "Allows users to query AWS RDS DB Event Subscriptions to retrieve information about all event subscriptions for RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_event_subscription_2.yaml.bak b/queries/aws_rds_db_event_subscription_2.yaml.bak new file mode 100755 index 000000000..76f861f43 --- /dev/null +++ b/queries/aws_rds_db_event_subscription_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_event_subscription_2 +Title: "Find all AWS RDS DB Event Subscriptions" +Description: "Allows users to query AWS RDS DB Event Subscriptions to retrieve information about all event subscriptions for RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cust_subscription_id, + enabled + from + aws_rds_db_event_subscription + where + enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_1.yaml b/queries/aws_rds_db_instance_1.yaml index b6b795dc9..4663609a5 100755 --- a/queries/aws_rds_db_instance_1.yaml +++ b/queries/aws_rds_db_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_1 Title: "Find all AWS RDS DB Instances Configuration Status" Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_1.yaml.bak b/queries/aws_rds_db_instance_1.yaml.bak new file mode 100755 index 000000000..b6b795dc9 --- /dev/null +++ b/queries/aws_rds_db_instance_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_rds_db_instance_1 +Title: "Find all AWS RDS DB Instances Configuration Status" +Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + class, + engine, + engine_version, + publicly_accessible + from + aws_rds_db_instance + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_10.yaml b/queries/aws_rds_db_instance_10.yaml index f3e17d499..ae0b20121 100755 --- a/queries/aws_rds_db_instance_10.yaml +++ b/queries/aws_rds_db_instance_10.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_10 Title: "Find AWS RDS DB Instances Configuration and Status" Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_10.yaml.bak b/queries/aws_rds_db_instance_10.yaml.bak new file mode 100755 index 000000000..f3e17d499 --- /dev/null +++ b/queries/aws_rds_db_instance_10.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_rds_db_instance_10 +Title: "Find AWS RDS DB Instances Configuration and Status" +Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + certificate ->> 'CertificateArn' as certificate_arn, + certificate ->> 'CertificateType' as certificate_type, + certificate ->> 'ValidFrom' as valid_from, + certificate ->> 'ValidTill' as valid_till + from + aws_rds_db_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_11.yaml b/queries/aws_rds_db_instance_11.yaml index d4d50601d..a4aaad1a8 100755 --- a/queries/aws_rds_db_instance_11.yaml +++ b/queries/aws_rds_db_instance_11.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_11 Title: "Query AWS RDS DB Instances for Configuration and Status" Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_11.yaml.bak b/queries/aws_rds_db_instance_11.yaml.bak new file mode 100755 index 000000000..d4d50601d --- /dev/null +++ b/queries/aws_rds_db_instance_11.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_rds_db_instance_11 +Title: "Query AWS RDS DB Instances for Configuration and Status" +Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + certificate ->> 'CertificateArn' as certificate_arn, + certificate ->> 'CertificateType' as certificate_type, + certificate ->> 'ValidFrom' as valid_from, + certificate ->> 'ValidTill' as valid_till + from + aws_rds_db_instance + where + (certificate ->> 'ValidTill')::timestamp <= (current_date - interval '90' day); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_12.yaml b/queries/aws_rds_db_instance_12.yaml index 795a19d08..60d875354 100755 --- a/queries/aws_rds_db_instance_12.yaml +++ b/queries/aws_rds_db_instance_12.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_12 Title: "Find Detailed Info on AWS RDS DB Instances" Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_12.yaml.bak b/queries/aws_rds_db_instance_12.yaml.bak new file mode 100755 index 000000000..795a19d08 --- /dev/null +++ b/queries/aws_rds_db_instance_12.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_db_instance_12 +Title: "Find Detailed Info on AWS RDS DB Instances" +Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + class, + engine, + engine_version, + kms_key_id, + processor_features + from + aws_rds_db_instance + where + processor_features not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_2.yaml b/queries/aws_rds_db_instance_2.yaml index 4728153db..f9b3e41df 100755 --- a/queries/aws_rds_db_instance_2.yaml +++ b/queries/aws_rds_db_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_2 Title: "List all AWS RDS DB Instances with Detailed Information" Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_2.yaml.bak b/queries/aws_rds_db_instance_2.yaml.bak new file mode 100755 index 000000000..4728153db --- /dev/null +++ b/queries/aws_rds_db_instance_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_instance_2 +Title: "List all AWS RDS DB Instances with Detailed Information" +Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + publicly_accessible + from + aws_rds_db_instance + where + publicly_accessible; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_3.yaml b/queries/aws_rds_db_instance_3.yaml index cda4a6cde..b97515dc4 100755 --- a/queries/aws_rds_db_instance_3.yaml +++ b/queries/aws_rds_db_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_3 Title: "Find all AWS RDS DB Instances without IAM Auth" Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_3.yaml.bak b/queries/aws_rds_db_instance_3.yaml.bak new file mode 100755 index 000000000..b97515dc4 --- /dev/null +++ b/queries/aws_rds_db_instance_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_instance_3 +Title: "Find all AWS RDS DB Instances without IAM Auth" +Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + iam_database_authentication_enabled + from + aws_rds_db_instance + where + not iam_database_authentication_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_3.yaml.bak.bak b/queries/aws_rds_db_instance_3.yaml.bak.bak new file mode 100755 index 000000000..b97515dc4 --- /dev/null +++ b/queries/aws_rds_db_instance_3.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_instance_3 +Title: "Find all AWS RDS DB Instances without IAM Auth" +Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + iam_database_authentication_enabled + from + aws_rds_db_instance + where + not iam_database_authentication_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_4.yaml b/queries/aws_rds_db_instance_4.yaml index 9c8ecb853..9f789351f 100755 --- a/queries/aws_rds_db_instance_4.yaml +++ b/queries/aws_rds_db_instance_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_4 Title: "List detailed configuration and status of AWS RDS DB Instances" Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_4.yaml.bak b/queries/aws_rds_db_instance_4.yaml.bak new file mode 100755 index 000000000..9c8ecb853 --- /dev/null +++ b/queries/aws_rds_db_instance_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_rds_db_instance_4 +Title: "List detailed configuration and status of AWS RDS DB Instances" +Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier as attached_vpc, + vsg ->> 'VpcSecurityGroupId' as vpc_security_group_id, + vsg ->> 'Status' as status, + sub -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, + sub ->> 'SubnetIdentifier' as subnet_identifier, + sub -> 'SubnetOutpost' ->> 'Arn' as subnet_outpost, + sub ->> 'SubnetStatus' as subnet_status + from + aws_rds_db_instance + cross join jsonb_array_elements(vpc_security_groups) as vsg + cross join jsonb_array_elements(subnets) as sub; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS RDS diff --git a/queries/aws_rds_db_instance_5.yaml b/queries/aws_rds_db_instance_5.yaml index e5b528a1a..57690554e 100755 --- a/queries/aws_rds_db_instance_5.yaml +++ b/queries/aws_rds_db_instance_5.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_5 Title: "List all AWS RDS DB Instances and their metadata" Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_5.yaml.bak b/queries/aws_rds_db_instance_5.yaml.bak new file mode 100755 index 000000000..e5b528a1a --- /dev/null +++ b/queries/aws_rds_db_instance_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_rds_db_instance_5 +Title: "List all AWS RDS DB Instances and their metadata" +Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + class, + engine, + engine_version, + deletion_protection + from + aws_rds_db_instance + where + not deletion_protection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_6.yaml b/queries/aws_rds_db_instance_6.yaml index 5f3a3b298..174322517 100755 --- a/queries/aws_rds_db_instance_6.yaml +++ b/queries/aws_rds_db_instance_6.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_6 Title: "List all AWS RDS DB Instances with Configuration Data" Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_6.yaml.bak b/queries/aws_rds_db_instance_6.yaml.bak new file mode 100755 index 000000000..5f3a3b298 --- /dev/null +++ b/queries/aws_rds_db_instance_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_instance_6 +Title: "List all AWS RDS DB Instances with Configuration Data" +Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + class, + allocated_storage, + deletion_protection + from + aws_rds_db_instance + where + not storage_encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_7.yaml b/queries/aws_rds_db_instance_7.yaml index 5c255efb9..f6a24dcb7 100755 --- a/queries/aws_rds_db_instance_7.yaml +++ b/queries/aws_rds_db_instance_7.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_7 Title: "Find Info on AWS RDS DB Instances' Configuration and Status" Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_7.yaml.bak b/queries/aws_rds_db_instance_7.yaml.bak new file mode 100755 index 000000000..5c255efb9 --- /dev/null +++ b/queries/aws_rds_db_instance_7.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_instance_7 +Title: "Find Info on AWS RDS DB Instances' Configuration and Status" +Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + endpoint_address, + endpoint_hosted_zone_id, + endpoint_port + from + aws_rds_db_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_8.yaml b/queries/aws_rds_db_instance_8.yaml index 74c0cdce1..4f3fb24fa 100755 --- a/queries/aws_rds_db_instance_8.yaml +++ b/queries/aws_rds_db_instance_8.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_8 Title: "List All AWS RDS DB Instances with SSL Parameter Details" Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_8.yaml.bak b/queries/aws_rds_db_instance_8.yaml.bak new file mode 100755 index 000000000..74c0cdce1 --- /dev/null +++ b/queries/aws_rds_db_instance_8.yaml.bak @@ -0,0 +1,54 @@ +ID: aws_rds_db_instance_8 +Title: "List All AWS RDS DB Instances with SSL Parameter Details" +Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with db_parameter_group as ( + select + name as db_parameter_group_name, + pg ->> 'ParameterName' as parameter_name, + pg ->> 'ParameterValue' as parameter_value + from + aws_rds_db_parameter_group, + jsonb_array_elements(parameters) as pg + where + -- The example is limited to SQL Server, this may change based on DB engine + pg ->> 'ParameterName' like 'rds.force_ssl' + and name not like 'default.%' + ), + rds_associated_parameter_group as ( + select + db_instance_identifier as db_instance_identifier, + arn, + pg ->> 'DBParameterGroupName' as DBParameterGroupName + from + aws_rds_db_instance, + jsonb_array_elements(db_parameter_groups) as pg + where + engine like 'sqlserve%' + ) + select + rds.db_instance_identifier as name, + rds.DBParameterGroupName, + parameter_name, + parameter_value + from + rds_associated_parameter_group as rds + left join db_parameter_group d on rds.DBParameterGroupName = d.db_parameter_group_name + where + parameter_value = '0' + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_9.yaml b/queries/aws_rds_db_instance_9.yaml index 61eae664d..32aee3df4 100755 --- a/queries/aws_rds_db_instance_9.yaml +++ b/queries/aws_rds_db_instance_9.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_9 Title: "List all AWS RDS DB Instances with Detailed Information" Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_9.yaml.bak b/queries/aws_rds_db_instance_9.yaml.bak new file mode 100755 index 000000000..61eae664d --- /dev/null +++ b/queries/aws_rds_db_instance_9.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_rds_db_instance_9 +Title: "List all AWS RDS DB Instances with Detailed Information" +Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + actions ->> 'ResourceIdentifier' as db_instance_identifier, + details ->> 'Action' as action, + details ->> 'OptInStatus' as opt_in_status, + details ->> 'ForcedApplyDate' as forced_apply_date, + details ->> 'CurrentApplyDate' as current_apply_date, + details ->> 'AutoAppliedAfterDate' as auto_applied_after_date + from + aws_rds_db_instance, + jsonb_array_elements(pending_maintenance_actions) as actions, + jsonb_array_elements(actions -> 'PendingMaintenanceActionDetails') as details; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_automated_backup_1.yaml b/queries/aws_rds_db_instance_automated_backup_1.yaml index 560360122..14c241a8a 100755 --- a/queries/aws_rds_db_instance_automated_backup_1.yaml +++ b/queries/aws_rds_db_instance_automated_backup_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_automated_backup_1 Title: "Find AWS RDS DB Instance Automated Backups" Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_automated_backup_1.yaml.bak b/queries/aws_rds_db_instance_automated_backup_1.yaml.bak new file mode 100755 index 000000000..560360122 --- /dev/null +++ b/queries/aws_rds_db_instance_automated_backup_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_rds_db_instance_automated_backup_1 +Title: "Find AWS RDS DB Instance Automated Backups" +Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + arn, + status, + allocated_storage, + encrypted, + engine + from + aws_rds_db_instance_automated_backup; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_automated_backup_2.yaml b/queries/aws_rds_db_instance_automated_backup_2.yaml index 06989932f..8d312f3bc 100755 --- a/queries/aws_rds_db_instance_automated_backup_2.yaml +++ b/queries/aws_rds_db_instance_automated_backup_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_automated_backup_2 Title: "Find AWS RDS DB Instance Automated Backups" Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_automated_backup_2.yaml.bak b/queries/aws_rds_db_instance_automated_backup_2.yaml.bak new file mode 100755 index 000000000..06989932f --- /dev/null +++ b/queries/aws_rds_db_instance_automated_backup_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_rds_db_instance_automated_backup_2 +Title: "Find AWS RDS DB Instance Automated Backups" +Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + arn, + status, + backup_target, + instance_create_time, + encrypted, + engine + from + aws_rds_db_instance_automated_backup + where + not encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_automated_backup_3.yaml b/queries/aws_rds_db_instance_automated_backup_3.yaml index b57609384..591452d4a 100755 --- a/queries/aws_rds_db_instance_automated_backup_3.yaml +++ b/queries/aws_rds_db_instance_automated_backup_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_automated_backup_3 Title: "Find Data on AWS RDS DB Instance Automated Backups" Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_automated_backup_3.yaml.bak b/queries/aws_rds_db_instance_automated_backup_3.yaml.bak new file mode 100755 index 000000000..b57609384 --- /dev/null +++ b/queries/aws_rds_db_instance_automated_backup_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_rds_db_instance_automated_backup_3 +Title: "Find Data on AWS RDS DB Instance Automated Backups" +Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + iam_database_authentication_enabled, + status, + availability_zone, + dbi_resource_id + from + aws_rds_db_instance_automated_backup + where + not iam_database_authentication_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_automated_backup_4.yaml b/queries/aws_rds_db_instance_automated_backup_4.yaml index 06c28e54a..9bc32f7e6 100755 --- a/queries/aws_rds_db_instance_automated_backup_4.yaml +++ b/queries/aws_rds_db_instance_automated_backup_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_automated_backup_4 Title: "List all Automated Backups for RDS DB Instances" Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_automated_backup_4.yaml.bak b/queries/aws_rds_db_instance_automated_backup_4.yaml.bak new file mode 100755 index 000000000..06c28e54a --- /dev/null +++ b/queries/aws_rds_db_instance_automated_backup_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_db_instance_automated_backup_4 +Title: "List all Automated Backups for RDS DB Instances" +Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + b.arn, + b.vpc_id, + v.cidr_block, + v.is_default, + v.instance_tenancy + from + aws_rds_db_instance_automated_backup as b, + aws_vpc as v + where + v.vpc_id = b.vpc_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_automated_backup_5.yaml b/queries/aws_rds_db_instance_automated_backup_5.yaml index 00624f063..676e58fc6 100755 --- a/queries/aws_rds_db_instance_automated_backup_5.yaml +++ b/queries/aws_rds_db_instance_automated_backup_5.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_automated_backup_5 Title: "List All AWS RDS DB Instance Automated Backups" Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_automated_backup_5.yaml.bak b/queries/aws_rds_db_instance_automated_backup_5.yaml.bak new file mode 100755 index 000000000..00624f063 --- /dev/null +++ b/queries/aws_rds_db_instance_automated_backup_5.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_rds_db_instance_automated_backup_5 +Title: "List All AWS RDS DB Instance Automated Backups" +Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + arn, + engine, + engine_version, + availability_zone, + backup_retention_period, + status + from + aws_rds_db_instance_automated_backup + where + status = 'retained'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_automated_backup_6.yaml b/queries/aws_rds_db_instance_automated_backup_6.yaml index c82c61a58..356b4ddc2 100755 --- a/queries/aws_rds_db_instance_automated_backup_6.yaml +++ b/queries/aws_rds_db_instance_automated_backup_6.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_automated_backup_6 Title: "Find AWS RDS DB Instance Automated Backups via SQL" Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_automated_backup_6.yaml.bak b/queries/aws_rds_db_instance_automated_backup_6.yaml.bak new file mode 100755 index 000000000..c82c61a58 --- /dev/null +++ b/queries/aws_rds_db_instance_automated_backup_6.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_automated_backup_6 +Title: "Find AWS RDS DB Instance Automated Backups via SQL" +Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + b.db_instance_identifier, + b.arn as automated_backup_arn, + b.engine, + b.kms_key_id, + k.creation_date as kms_key_creation_date, + k.key_state, + k.key_rotation_enabled + from + aws_rds_db_instance_automated_backup as b, + aws_kms_key as k + where + k.id = b.kms_key_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_connections_1.yaml b/queries/aws_rds_db_instance_metric_connections_1.yaml index 46b56d5ad..77627bb5e 100755 --- a/queries/aws_rds_db_instance_metric_connections_1.yaml +++ b/queries/aws_rds_db_instance_metric_connections_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_connections_1 Title: "Find AWS RDS DBInstance Metrics for Database Connections" Description: "Allows users to query AWS RDS DBInstance Metrics for a comprehensive view of the number of database connections." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_connections_1.yaml.bak b/queries/aws_rds_db_instance_metric_connections_1.yaml.bak new file mode 100755 index 000000000..46b56d5ad --- /dev/null +++ b/queries/aws_rds_db_instance_metric_connections_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_rds_db_instance_metric_connections_1 +Title: "Find AWS RDS DBInstance Metrics for Database Connections" +Description: "Allows users to query AWS RDS DBInstance Metrics for a comprehensive view of the number of database connections." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_rds_db_instance_metric_connections + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_connections_2.yaml b/queries/aws_rds_db_instance_metric_connections_2.yaml index 6aa01e11f..cdc8d1210 100755 --- a/queries/aws_rds_db_instance_metric_connections_2.yaml +++ b/queries/aws_rds_db_instance_metric_connections_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_connections_2 Title: "Find All AWS RDS DBInstance Connections Metrics" Description: "Allows users to query AWS RDS DBInstance Metrics for a comprehensive view of the number of database connections." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_connections_2.yaml.bak b/queries/aws_rds_db_instance_metric_connections_2.yaml.bak new file mode 100755 index 000000000..6aa01e11f --- /dev/null +++ b/queries/aws_rds_db_instance_metric_connections_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_rds_db_instance_metric_connections_2 +Title: "Find All AWS RDS DBInstance Connections Metrics" +Description: "Allows users to query AWS RDS DBInstance Metrics for a comprehensive view of the number of database connections." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_rds_db_instance_metric_connections + where + average > 100 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_connections_daily_1.yaml b/queries/aws_rds_db_instance_metric_connections_daily_1.yaml index 005d1caf3..544852a09 100755 --- a/queries/aws_rds_db_instance_metric_connections_daily_1.yaml +++ b/queries/aws_rds_db_instance_metric_connections_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_connections_daily_1 Title: "List AWS RDS DB Instance Daily Connections Metrics" Description: "Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving information about the number of database connections." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_connections_daily_1.yaml.bak b/queries/aws_rds_db_instance_metric_connections_daily_1.yaml.bak new file mode 100755 index 000000000..005d1caf3 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_connections_daily_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_rds_db_instance_metric_connections_daily_1 +Title: "List AWS RDS DB Instance Daily Connections Metrics" +Description: "Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving information about the number of database connections." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_rds_db_instance_metric_connections_daily + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_connections_daily_2.yaml b/queries/aws_rds_db_instance_metric_connections_daily_2.yaml index 0c6b1a495..f62688b8f 100755 --- a/queries/aws_rds_db_instance_metric_connections_daily_2.yaml +++ b/queries/aws_rds_db_instance_metric_connections_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_connections_daily_2 Title: "List All AWS RDS DB Instance Metric Connections Daily" Description: "Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving information about the number of database connections." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_connections_daily_2.yaml.bak b/queries/aws_rds_db_instance_metric_connections_daily_2.yaml.bak new file mode 100755 index 000000000..0c6b1a495 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_connections_daily_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_rds_db_instance_metric_connections_daily_2 +Title: "List All AWS RDS DB Instance Metric Connections Daily" +Description: "Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving information about the number of database connections." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_rds_db_instance_metric_connections_daily + where + average > 100 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS RDS diff --git a/queries/aws_rds_db_instance_metric_connections_daily_3.yaml b/queries/aws_rds_db_instance_metric_connections_daily_3.yaml index 4e4fca956..b6bd62b75 100755 --- a/queries/aws_rds_db_instance_metric_connections_daily_3.yaml +++ b/queries/aws_rds_db_instance_metric_connections_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_connections_daily_3 Title: "List all AWS RDS DB Instances with Zero Connections Daily" Description: "Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving information about the number of database connections." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_connections_daily_3.yaml.bak b/queries/aws_rds_db_instance_metric_connections_daily_3.yaml.bak new file mode 100755 index 000000000..4e4fca956 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_connections_daily_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_rds_db_instance_metric_connections_daily_3 +Title: "List all AWS RDS DB Instances with Zero Connections Daily" +Description: "Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving information about the number of database connections." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + sum(maximum) as total_connections + from + aws_rds_db_instance_metric_connections + where + timestamp > (current_date - interval '7' day) + group by + db_instance_identifier + having + sum(maximum) = 0 + ; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml b/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml index 026d5ec56..708000b76 100755 --- a/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml +++ b/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_connections_hourly_1 Title: "List all AWS RDS DB Instance Connection Metrics Hourly" Description: "Allows users to query AWS RDS DB Instance Metrics on an hourly basis, specifically the connection metrics. It provides data about the number of database connections to each DB instance in your Amazon RDS environment." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml.bak b/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml.bak new file mode 100755 index 000000000..026d5ec56 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_rds_db_instance_metric_connections_hourly_1 +Title: "List all AWS RDS DB Instance Connection Metrics Hourly" +Description: "Allows users to query AWS RDS DB Instance Metrics on an hourly basis, specifically the connection metrics. It provides data about the number of database connections to each DB instance in your Amazon RDS environment." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_rds_db_instance_metric_connections_hourly + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml b/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml index 59e5e1cda..32f6c86ce 100755 --- a/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml +++ b/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_connections_hourly_2 Title: "List all AWS RDS DB Instance Connection Metrics Hourly" Description: "Allows users to query AWS RDS DB Instance Metrics on an hourly basis, specifically the connection metrics. It provides data about the number of database connections to each DB instance in your Amazon RDS environment." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml.bak b/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml.bak new file mode 100755 index 000000000..59e5e1cda --- /dev/null +++ b/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_rds_db_instance_metric_connections_hourly_2 +Title: "List all AWS RDS DB Instance Connection Metrics Hourly" +Description: "Allows users to query AWS RDS DB Instance Metrics on an hourly basis, specifically the connection metrics. It provides data about the number of database connections to each DB instance in your Amazon RDS environment." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_rds_db_instance_metric_connections_hourly + where + average > 100 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml index a3e7e5725..f1dc9b32d 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_cpu_utilization_1 Title: "List all CPU utilization metrics for RDS DB instances" Description: "Allows users to query Amazon RDS DBInstanceCPUUtilization to fetch data about CPU utilization metrics for RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml.bak new file mode 100755 index 000000000..a3e7e5725 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_rds_db_instance_metric_cpu_utilization_1 +Title: "List all CPU utilization metrics for RDS DB instances" +Description: "Allows users to query Amazon RDS DBInstanceCPUUtilization to fetch data about CPU utilization metrics for RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_rds_db_instance_metric_cpu_utilization + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml index bd046e092..4c5ea06c4 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_cpu_utilization_2 Title: "List All Amazon RDS DB Instances with High CPU Utilization" Description: "Allows users to query Amazon RDS DBInstanceCPUUtilization to fetch data about CPU utilization metrics for RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml.bak new file mode 100755 index 000000000..bd046e092 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_db_instance_metric_cpu_utilization_2 +Title: "List All Amazon RDS DB Instances with High CPU Utilization" +Description: "Allows users to query Amazon RDS DBInstanceCPUUtilization to fetch data about CPU utilization metrics for RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_rds_db_instance_metric_cpu_utilization + where average > 80 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml index 5fd6c32bb..d596c4dd6 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_cpu_utilization_daily_1 Title: "List all AWS RDS DB Instances and daily CPU usage metrics" Description: "Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml.bak new file mode 100755 index 000000000..5fd6c32bb --- /dev/null +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_rds_db_instance_metric_cpu_utilization_daily_1 +Title: "List all AWS RDS DB Instances and daily CPU usage metrics" +Description: "Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization metrics." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_rds_db_instance_metric_cpu_utilization_daily + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml index 4861f5f53..a1aab1b6f 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_cpu_utilization_daily_2 Title: "Find AWS RDS DB Instances with High CPU Utilization" Description: "Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml.bak new file mode 100755 index 000000000..4861f5f53 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_db_instance_metric_cpu_utilization_daily_2 +Title: "Find AWS RDS DB Instances with High CPU Utilization" +Description: "Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization metrics." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_rds_db_instance_metric_cpu_utilization_daily + where average > 80 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml index 8a7d52793..555ec529d 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_cpu_utilization_daily_3 Title: "Find AWS RDS DB Instances' Daily CPU Utilization Metrics" Description: "Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization metrics." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml.bak new file mode 100755 index 000000000..8a7d52793 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_db_instance_metric_cpu_utilization_daily_3 +Title: "Find AWS RDS DB Instances' Daily CPU Utilization Metrics" +Description: "Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization metrics." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_rds_db_instance_metric_cpu_utilization_daily + where average < 2 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml index f2b2c1d89..7611992b7 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_cpu_utilization_hourly_1 Title: "Find AWS RDS DB Instance CPU Utilization Hourly Metrics" Description: "Allows users to query AWS RDS DB Instance CPU Utilization Metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml.bak new file mode 100755 index 000000000..f2b2c1d89 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_rds_db_instance_metric_cpu_utilization_hourly_1 +Title: "Find AWS RDS DB Instance CPU Utilization Hourly Metrics" +Description: "Allows users to query AWS RDS DB Instance CPU Utilization Metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_rds_db_instance_metric_cpu_utilization_hourly + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml index 18f67792f..64f74f57c 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_cpu_utilization_hourly_2 Title: "Find AWS RDS Instances with High CPU Utilization" Description: "Allows users to query AWS RDS DB Instance CPU Utilization Metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml.bak new file mode 100755 index 000000000..18f67792f --- /dev/null +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_db_instance_metric_cpu_utilization_hourly_2 +Title: "Find AWS RDS Instances with High CPU Utilization" +Description: "Allows users to query AWS RDS DB Instance CPU Utilization Metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_rds_db_instance_metric_cpu_utilization_hourly + where average > 80 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml index b0230897b..dab410916 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_cpu_utilization_hourly_3 Title: "Find AWS RDS DB Instance CPU Utilization on Hourly Basis" Description: "Allows users to query AWS RDS DB Instance CPU Utilization Metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml.bak new file mode 100755 index 000000000..b0230897b --- /dev/null +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_db_instance_metric_cpu_utilization_hourly_3 +Title: "Find AWS RDS DB Instance CPU Utilization on Hourly Basis" +Description: "Allows users to query AWS RDS DB Instance CPU Utilization Metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_rds_db_instance_metric_cpu_utilization_hourly + where average < 2 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_1.yaml b/queries/aws_rds_db_instance_metric_read_iops_1.yaml index f03b1effd..b05da8d2e 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_1.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_read_iops_1 Title: "Find AWS RDS Read IOPS Metrics for DB Instances" Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_read_iops_1.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_1.yaml.bak new file mode 100755 index 000000000..f03b1effd --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_db_instance_metric_read_iops_1 +Title: "Find AWS RDS Read IOPS Metrics for DB Instances" +Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_read_iops + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_2.yaml b/queries/aws_rds_db_instance_metric_read_iops_2.yaml index 8822735de..84d116cb9 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_2.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_read_iops_2 Title: "Find Read IOPS Metrics for AWS RDS DB Instances" Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_read_iops_2.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_2.yaml.bak new file mode 100755 index 000000000..8822735de --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_2.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_rds_db_instance_metric_read_iops_2 +Title: "Find Read IOPS Metrics for AWS RDS DB Instances" +Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_read_iops + where + average > 1000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_3.yaml b/queries/aws_rds_db_instance_metric_read_iops_3.yaml index 3fa1d9802..1762f4bbe 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_3.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_read_iops_3 Title: "Find AWS RDS DBInstance Read IOPS Metrics" Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_read_iops_3.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_3.yaml.bak new file mode 100755 index 000000000..3fa1d9802 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_3.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_rds_db_instance_metric_read_iops_3 +Title: "Find AWS RDS DBInstance Read IOPS Metrics" +Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_read_iops + where + maximum > 8000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_4.yaml b/queries/aws_rds_db_instance_metric_read_iops_4.yaml index 44b64460b..e770bd995 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_4.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_read_iops_4 Title: "Find AWS RDS DB Instance Read IOPS Metrics" Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak new file mode 100755 index 000000000..e770bd995 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_rds_db_instance_metric_read_iops_4 +Title: "Find AWS RDS DB Instance Read IOPS Metrics" +Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.db_instance_identifier, + r.timestamp, + round(r.average) + round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg, + round(r.maximum) + round(w.maximum) as iops_max, + round(r.maximum) as read_ops_max, + round(w.maximum) as write_ops_max, + round(r.minimum) + round(w.minimum) as iops_min, + round(r.minimum) as read_ops_min, + round(w.minimum) as write_ops_min + from + aws_rds_db_instance_metric_read_iops as r, + aws_rds_db_instance_metric_write_iops as w + where + r.db_instance_identifier = w.db_instance_identifier + and r.timestamp = w.timestamp + order by + r.db_instance_identifier, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak.bak b/queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak.bak new file mode 100755 index 000000000..44b64460b --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak.bak @@ -0,0 +1,39 @@ +ID: aws_rds_db_instance_metric_read_iops_4 +Title: "Find AWS RDS DB Instance Read IOPS Metrics" +Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.db_instance_identifier, + r.timestamp, + round(r.average) + round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg, + round(r.maximum) + round(w.maximum) as iops_max, + round(r.maximum) as read_ops_max, + round(w.maximum) as write_ops_max, + round(r.minimum) + round(w.minimum) as iops_min, + round(r.minimum) as read_ops_min, + round(w.minimum) as write_ops_min + from + aws_rds_db_instance_metric_read_iops as r, + aws_rds_db_instance_metric_write_iops as w + where + r.db_instance_identifier = w.db_instance_identifier + and r.timestamp = w.timestamp + order by + r.db_instance_identifier, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml b/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml index 8e9fba611..ba030cba0 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_read_iops_daily_1 Title: "Find AWS RDS DBInstance daily read IOPS metrics" Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml.bak new file mode 100755 index 000000000..8e9fba611 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_metric_read_iops_daily_1 +Title: "Find AWS RDS DBInstance daily read IOPS metrics" +Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_read_iops_daily + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml b/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml index 1de48a424..65554e22f 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_read_iops_daily_2 Title: "Find AWS RDS DBInstance Metrics for Daily Read IOPS" Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml.bak new file mode 100755 index 000000000..1de48a424 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_metric_read_iops_daily_2 +Title: "Find AWS RDS DBInstance Metrics for Daily Read IOPS" +Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_read_iops_daily + where + average > 1000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml b/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml index 8e08e6e4f..e5e3365c0 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_read_iops_daily_3 Title: "Find AWS RDS DBInstance Metrics for Daily Read IOPS" Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml.bak new file mode 100755 index 000000000..8e08e6e4f --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_rds_db_instance_metric_read_iops_daily_3 +Title: "Find AWS RDS DBInstance Metrics for Daily Read IOPS" +Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_read_iops_daily + where + maximum > 8000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml b/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml index ac2749f43..b627684e4 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_read_iops_daily_4 Title: "List all AWS RDS DBInstance daily read IOPS metrics" Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml.bak new file mode 100755 index 000000000..ac2749f43 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_rds_db_instance_metric_read_iops_daily_4 +Title: "List all AWS RDS DBInstance daily read IOPS metrics" +Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.db_instance_identifier, + r.timestamp, + round(r.average) + round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg, + round(r.maximum) + round(w.maximum) as iops_max, + round(r.maximum) as read_ops_max, + round(w.maximum) as write_ops_max, + round(r.minimum) + round(w.minimum) as iops_min, + round(r.minimum) as read_ops_min, + round(w.minimum) as write_ops_min + from + aws_rds_db_instance_metric_read_iops_daily as r, + aws_rds_db_instance_metric_write_iops_daily as w + where + r.db_instance_identifier = w.db_instance_identifier + and r.timestamp = w.timestamp + order by + r.db_instance_identifier, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml b/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml index be6dbcab6..3a95552b7 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_read_iops_hourly_1 Title: "List all AWS RDS DB Instances with Read IOPS Metrics" Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml.bak new file mode 100755 index 000000000..be6dbcab6 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_metric_read_iops_hourly_1 +Title: "List all AWS RDS DB Instances with Read IOPS Metrics" +Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_read_iops_hourly + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml b/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml index 3a9ccab9b..c04f28851 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_read_iops_hourly_2 Title: "Find AWS RDS DB Instances Hourly Read IOPS Over 1000" Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml.bak new file mode 100755 index 000000000..3a9ccab9b --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_rds_db_instance_metric_read_iops_hourly_2 +Title: "Find AWS RDS DB Instances Hourly Read IOPS Over 1000" +Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_read_iops_hourly + where + average > 1000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml b/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml index 7240f51e9..5d3afbd8e 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_read_iops_hourly_3 Title: "Find AWS RDS DB Instances Reading Over 8000 IOPS" Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak new file mode 100755 index 000000000..5d3afbd8e --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_metric_read_iops_hourly_3 +Title: "Find AWS RDS DB Instances Reading Over 8000 IOPS" +Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_read_iops_hourly + where + maximum > 8000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak.bak b/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak.bak new file mode 100755 index 000000000..5d3afbd8e --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_metric_read_iops_hourly_3 +Title: "Find AWS RDS DB Instances Reading Over 8000 IOPS" +Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_read_iops_hourly + where + maximum > 8000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml b/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml index 8a8f801cd..bbffcc81d 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_read_iops_hourly_4 Title: "Find AWS RDS Instances Hourly Read IOPS Metrics" Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml.bak new file mode 100755 index 000000000..8a8f801cd --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_rds_db_instance_metric_read_iops_hourly_4 +Title: "Find AWS RDS Instances Hourly Read IOPS Metrics" +Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.db_instance_identifier, + r.timestamp, + v.iops as provisioned_iops, + round(r.average) +round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg + from + aws_rds_db_instance_metric_read_iops_hourly as r, + aws_rds_db_instance_metric_write_iops_hourly as w, + aws_rds_db_instance as v + where + r.db_instance_identifier = w.db_instance_identifier + and r.timestamp = w.timestamp + and v.db_instance_identifier = r.db_instance_identifier + and r.average + w.average > v.iops + order by + r.db_instance_identifier, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml b/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml index 151a6a473..a16467fb5 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_read_iops_hourly_5 Title: "List all AWS RDS DB Instances with Hourly Read IOPS Metrics" Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml.bak new file mode 100755 index 000000000..151a6a473 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_rds_db_instance_metric_read_iops_hourly_5 +Title: "List all AWS RDS DB Instances with Hourly Read IOPS Metrics" +Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.db_instance_identifier, + r.timestamp, + round(r.average) + round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg, + round(r.maximum) + round(w.maximum) as iops_max, + round(r.maximum) as read_ops_max, + round(w.maximum) as write_ops_max, + round(r.minimum) + round(w.minimum) as iops_min, + round(r.minimum) as read_ops_min, + round(w.minimum) as write_ops_min + from + aws_rds_db_instance_metric_read_iops_hourly as r, + aws_rds_db_instance_metric_write_iops_hourly as w + where + r.db_instance_identifier = w.db_instance_identifier + and r.timestamp = w.timestamp + order by + r.db_instance_identifier, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_1.yaml b/queries/aws_rds_db_instance_metric_write_iops_1.yaml index 33651c8c1..be8224a97 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_1.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_write_iops_1 Title: "List AWS RDS DBInstance Write IOPS Metrics" Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_write_iops_1.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_1.yaml.bak new file mode 100755 index 000000000..33651c8c1 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_metric_write_iops_1 +Title: "List AWS RDS DBInstance Write IOPS Metrics" +Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_write_iops + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS DBInstance diff --git a/queries/aws_rds_db_instance_metric_write_iops_2.yaml b/queries/aws_rds_db_instance_metric_write_iops_2.yaml index 3887e2e67..d4a1f131e 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_2.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_write_iops_2 Title: "Find AWS RDS DBInstance Write IOPS Metrics" Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak new file mode 100755 index 000000000..d4a1f131e --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_metric_write_iops_2 +Title: "Find AWS RDS DBInstance Write IOPS Metrics" +Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_write_iops + where + average > 1000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak.bak b/queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak.bak new file mode 100755 index 000000000..d4a1f131e --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_metric_write_iops_2 +Title: "Find AWS RDS DBInstance Write IOPS Metrics" +Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_write_iops + where + average > 1000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_3.yaml b/queries/aws_rds_db_instance_metric_write_iops_3.yaml index ac07f157f..36be59e09 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_3.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_write_iops_3 Title: "List AWS RDS DBInstance Write IOPS Metrics" Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_write_iops_3.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_3.yaml.bak new file mode 100755 index 000000000..ac07f157f --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_metric_write_iops_3 +Title: "List AWS RDS DBInstance Write IOPS Metrics" +Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_write_iops + where + maximum > 8000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_4.yaml b/queries/aws_rds_db_instance_metric_write_iops_4.yaml index 6c2aad7d8..5509b4c42 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_4.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_write_iops_4 Title: "Find AWS RDS Write IOPS Metrics Using SQL" Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_write_iops_4.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_4.yaml.bak new file mode 100755 index 000000000..6c2aad7d8 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_4.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_rds_db_instance_metric_write_iops_4 +Title: "Find AWS RDS Write IOPS Metrics Using SQL" +Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.db_instance_identifier, + r.timestamp, + round(r.average) + round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg, + round(r.maximum) + round(w.maximum) as iops_max, + round(r.maximum) as read_ops_max, + round(w.maximum) as write_ops_max, + round(r.minimum) + round(w.minimum) as iops_min, + round(r.minimum) as read_ops_min, + round(w.minimum) as write_ops_min + from + aws_rds_db_instance_metric_read_iops as r, + aws_rds_db_instance_metric_write_iops as w + where + r.db_instance_identifier = w.db_instance_identifier + and r.timestamp = w.timestamp + order by + r.db_instance_identifier, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml b/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml index a613bcadb..6d399695b 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_write_iops_daily_1 Title: "List Daily Write IOPS for AWS RDS DBInstances" Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml.bak new file mode 100755 index 000000000..a613bcadb --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_db_instance_metric_write_iops_daily_1 +Title: "List Daily Write IOPS for AWS RDS DBInstances" +Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_write_iops_daily + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml b/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml index 8c029dc41..4c0702f7d 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_write_iops_daily_2 Title: "List all AWS RDS DBInstance Daily Write IOPS Metrics" Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml.bak new file mode 100755 index 000000000..8c029dc41 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_rds_db_instance_metric_write_iops_daily_2 +Title: "List all AWS RDS DBInstance Daily Write IOPS Metrics" +Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_write_iops_daily + where + average > 1000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml b/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml index 4b9869493..9b2c84503 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_write_iops_daily_3 Title: "List AWS RDS DBInstance Daily Write IOPS Metrics" Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak new file mode 100755 index 000000000..9b2c84503 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_metric_write_iops_daily_3 +Title: "List AWS RDS DBInstance Daily Write IOPS Metrics" +Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_write_iops_daily + where + maximum > 8000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak.bak b/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak.bak new file mode 100755 index 000000000..9b2c84503 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_metric_write_iops_daily_3 +Title: "List AWS RDS DBInstance Daily Write IOPS Metrics" +Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_write_iops_daily + where + maximum > 8000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml b/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml index 3304144b0..8272b882e 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_write_iops_daily_4 Title: "List all AWS RDS DBInstance Daily Write IOPS Metrics" Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml.bak new file mode 100755 index 000000000..3304144b0 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_rds_db_instance_metric_write_iops_daily_4 +Title: "List all AWS RDS DBInstance Daily Write IOPS Metrics" +Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.db_instance_identifier, + r.timestamp, + round(r.average) + round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg, + round(r.maximum) + round(w.maximum) as iops_max, + round(r.maximum) as read_ops_max, + round(w.maximum) as write_ops_max, + round(r.minimum) + round(w.minimum) as iops_min, + round(r.minimum) as read_ops_min, + round(w.minimum) as write_ops_min + from + aws_rds_db_instance_metric_read_iops_daily as r, + aws_rds_db_instance_metric_write_iops_daily as w + where + r.db_instance_identifier = w.db_instance_identifier + and r.timestamp = w.timestamp + order by + r.db_instance_identifier, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml b/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml index 8ba01f53d..100d56d36 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_write_iops_hourly_1 Title: "List All AWS RDS DBInstance Write IOPS Metrics Hourly" Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml.bak new file mode 100755 index 000000000..8ba01f53d --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_db_instance_metric_write_iops_hourly_1 +Title: "List All AWS RDS DBInstance Write IOPS Metrics Hourly" +Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_write_iops_hourly + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml b/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml index 1d9c151d4..05ecce3d2 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_write_iops_hourly_2 Title: "Find AWS RDS DBInstance Write IOPS Metrics Hourly" Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml.bak new file mode 100755 index 000000000..1d9c151d4 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_metric_write_iops_hourly_2 +Title: "Find AWS RDS DBInstance Write IOPS Metrics Hourly" +Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_write_iops_hourly + where + average > 1000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml b/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml index c9b882ec1..0c070c047 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_write_iops_hourly_3 Title: "Find AWS RDS DBInstance Write IOPS Metrics Hourly" Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml.bak new file mode 100755 index 000000000..c9b882ec1 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_rds_db_instance_metric_write_iops_hourly_3 +Title: "Find AWS RDS DBInstance Write IOPS Metrics Hourly" +Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_instance_identifier, + timestamp, + minimum, + maximum, + average, + sum, + sample_count + from + aws_rds_db_instance_metric_write_iops_hourly + where + maximum > 8000 + order by + db_instance_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml b/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml index 56daee944..5cbf91bb6 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_write_iops_hourly_4 Title: "List AWS RDS DBInstance Hourly Write IOPS Metrics" Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml.bak new file mode 100755 index 000000000..56daee944 --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_rds_db_instance_metric_write_iops_hourly_4 +Title: "List AWS RDS DBInstance Hourly Write IOPS Metrics" +Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.db_instance_identifier, + r.timestamp, + v.iops as provisioned_iops, + round(r.average) +round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg + from + aws_rds_db_instance_metric_read_iops_hourly as r, + aws_rds_db_instance_metric_write_iops_hourly as w, + aws_rds_db_instance as v + where + r.db_instance_identifier = w.db_instance_identifier + and r.timestamp = w.timestamp + and v.db_instance_identifier = r.db_instance_identifier + and r.average + w.average > v.iops + order by + r.db_instance_identifier, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml b/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml index 85b89404e..03c88cf2d 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_instance_metric_write_iops_hourly_5 Title: "Find AWS RDS DBInstance Write IOPS Metrics Hourly" Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml.bak new file mode 100755 index 000000000..85b89404e --- /dev/null +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_rds_db_instance_metric_write_iops_hourly_5 +Title: "Find AWS RDS DBInstance Write IOPS Metrics Hourly" +Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.db_instance_identifier, + r.timestamp, + round(r.average) + round(w.average) as iops_avg, + round(r.average) as read_ops_avg, + round(w.average) as write_ops_avg, + round(r.maximum) + round(w.maximum) as iops_max, + round(r.maximum) as read_ops_max, + round(w.maximum) as write_ops_max, + round(r.minimum) + round(w.minimum) as iops_min, + round(r.minimum) as read_ops_min, + round(w.minimum) as write_ops_min + from + aws_rds_db_instance_metric_read_iops_hourly as r, + aws_rds_db_instance_metric_write_iops_hourly as w + where + r.db_instance_identifier = w.db_instance_identifier + and r.timestamp = w.timestamp + order by + r.db_instance_identifier, + r.timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_option_group_1.yaml b/queries/aws_rds_db_option_group_1.yaml index ca5817875..4ac313e10 100755 --- a/queries/aws_rds_db_option_group_1.yaml +++ b/queries/aws_rds_db_option_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_option_group_1 Title: "List all AWS RDS DB Option Groups with details" Description: "Allows users to query AWS RDS DB Option Groups and provides information about the option groups within Amazon Relational Database Service (RDS)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_option_group_1.yaml.bak b/queries/aws_rds_db_option_group_1.yaml.bak new file mode 100755 index 000000000..ca5817875 --- /dev/null +++ b/queries/aws_rds_db_option_group_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_rds_db_option_group_1 +Title: "List all AWS RDS DB Option Groups with details" +Description: "Allows users to query AWS RDS DB Option Groups and provides information about the option groups within Amazon Relational Database Service (RDS)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + engine_name, + major_engine_version, + vpc_id + from + aws_rds_db_option_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Relational Database Service diff --git a/queries/aws_rds_db_option_group_2.yaml b/queries/aws_rds_db_option_group_2.yaml index da5a84070..ab22a1923 100755 --- a/queries/aws_rds_db_option_group_2.yaml +++ b/queries/aws_rds_db_option_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_option_group_2 Title: "List all AWS RDS DB Option Groups with SQL" Description: "Allows users to query AWS RDS DB Option Groups and provides information about the option groups within Amazon Relational Database Service (RDS)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_option_group_2.yaml.bak b/queries/aws_rds_db_option_group_2.yaml.bak new file mode 100755 index 000000000..da5a84070 --- /dev/null +++ b/queries/aws_rds_db_option_group_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_option_group_2 +Title: "List all AWS RDS DB Option Groups with SQL" +Description: "Allows users to query AWS RDS DB Option Groups and provides information about the option groups within Amazon Relational Database Service (RDS)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + engine_name, + allows_vpc_and_non_vpc_instance_memberships + from + aws_rds_db_option_group + where + allows_vpc_and_non_vpc_instance_memberships; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Relational Database Service diff --git a/queries/aws_rds_db_option_group_3.yaml b/queries/aws_rds_db_option_group_3.yaml index 51ce61dfd..78b27b662 100755 --- a/queries/aws_rds_db_option_group_3.yaml +++ b/queries/aws_rds_db_option_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_option_group_3 Title: "Find AWS RDS DB Option Groups within Amazon RDS" Description: "Allows users to query AWS RDS DB Option Groups and provides information about the option groups within Amazon Relational Database Service (RDS)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_option_group_3.yaml.bak b/queries/aws_rds_db_option_group_3.yaml.bak new file mode 100755 index 000000000..51ce61dfd --- /dev/null +++ b/queries/aws_rds_db_option_group_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_rds_db_option_group_3 +Title: "Find AWS RDS DB Option Groups within Amazon RDS" +Description: "Allows users to query AWS RDS DB Option Groups and provides information about the option groups within Amazon Relational Database Service (RDS)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + option ->> 'OptionName' as option_name, + option -> 'Permanent' as Permanent, + option -> 'Persistent' as Persistent, + option -> 'VpcSecurityGroupMemberships' as vpc_security_group_membership, + option -> 'Port' as Port + from + aws_rds_db_option_group + cross join jsonb_array_elements(options) as option; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_parameter_group_1.yaml b/queries/aws_rds_db_parameter_group_1.yaml index 0c28234e5..364153f93 100755 --- a/queries/aws_rds_db_parameter_group_1.yaml +++ b/queries/aws_rds_db_parameter_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_parameter_group_1 Title: "Find AWS RDS DB Parameter Groups' Configurations" Description: "Allows users to query AWS RDS DB Parameter Groups, providing information about the configurations that control the behavior of the databases that they are associated with." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_parameter_group_1.yaml.bak b/queries/aws_rds_db_parameter_group_1.yaml.bak new file mode 100755 index 000000000..0c28234e5 --- /dev/null +++ b/queries/aws_rds_db_parameter_group_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_rds_db_parameter_group_1 +Title: "Find AWS RDS DB Parameter Groups' Configurations" +Description: "Allows users to query AWS RDS DB Parameter Groups, providing information about the configurations that control the behavior of the databases that they are associated with." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + db_parameter_group_family + from + aws_rds_db_parameter_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS DB Parameter Groups diff --git a/queries/aws_rds_db_parameter_group_2.yaml b/queries/aws_rds_db_parameter_group_2.yaml index bba23b352..9fa49ec17 100755 --- a/queries/aws_rds_db_parameter_group_2.yaml +++ b/queries/aws_rds_db_parameter_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_parameter_group_2 Title: "List all AWS RDS DB Parameter Groups configurations" Description: "Allows users to query AWS RDS DB Parameter Groups, providing information about the configurations that control the behavior of the databases that they are associated with." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_parameter_group_2.yaml.bak b/queries/aws_rds_db_parameter_group_2.yaml.bak new file mode 100755 index 000000000..bba23b352 --- /dev/null +++ b/queries/aws_rds_db_parameter_group_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_rds_db_parameter_group_2 +Title: "List all AWS RDS DB Parameter Groups configurations" +Description: "Allows users to query AWS RDS DB Parameter Groups, providing information about the configurations that control the behavior of the databases that they are associated with." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + db_parameter_group_family, + pg ->> 'ParameterName' as parameter_name, + pg ->> 'ParameterValue' as parameter_value, + pg ->> 'AllowedValues' as allowed_values, + pg ->> 'ApplyType' as apply_type, + pg ->> 'IsModifiable' as is_modifiable, + pg ->> 'DataType' as data_type, + pg ->> 'Description' as description, + pg ->> 'MinimumEngineVersion' as minimum_engine_version + from + aws_rds_db_parameter_group + cross join jsonb_array_elements(parameters) as pg; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_proxy_1.yaml b/queries/aws_rds_db_proxy_1.yaml index ee10c99f0..0e2541ff1 100755 --- a/queries/aws_rds_db_proxy_1.yaml +++ b/queries/aws_rds_db_proxy_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_proxy_1 Title: "Find Amazon RDS DB Proxy Details via SQL Query" Description: "Allows users to query DB Proxies in Amazon RDS to fetch detailed information about each proxy, including its ARN, name, engine family, role ARN, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_proxy_1.yaml.bak b/queries/aws_rds_db_proxy_1.yaml.bak new file mode 100755 index 000000000..ee10c99f0 --- /dev/null +++ b/queries/aws_rds_db_proxy_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_rds_db_proxy_1 +Title: "Find Amazon RDS DB Proxy Details via SQL Query" +Description: "Allows users to query DB Proxies in Amazon RDS to fetch detailed information about each proxy, including its ARN, name, engine family, role ARN, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_proxy_name, + status, + engine_family + from + aws_rds_db_proxy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_proxy_2.yaml b/queries/aws_rds_db_proxy_2.yaml index 3e72f96ed..f70cf66a9 100755 --- a/queries/aws_rds_db_proxy_2.yaml +++ b/queries/aws_rds_db_proxy_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_proxy_2 Title: "List all Detailed Information of Amazon RDS DB Proxies" Description: "Allows users to query DB Proxies in Amazon RDS to fetch detailed information about each proxy, including its ARN, name, engine family, role ARN, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_proxy_2.yaml.bak b/queries/aws_rds_db_proxy_2.yaml.bak new file mode 100755 index 000000000..3e72f96ed --- /dev/null +++ b/queries/aws_rds_db_proxy_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_rds_db_proxy_2 +Title: "List all Detailed Information of Amazon RDS DB Proxies" +Description: "Allows users to query DB Proxies in Amazon RDS to fetch detailed information about each proxy, including its ARN, name, engine family, role ARN, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_proxy_name, + engine_family, + a ->> 'AuthScheme' as auth_scheme, + a ->> 'Description' as auth_description, + a ->> 'IAMAuth' as iam_auth, + a ->> 'SecretArn' as secret_arn, + a ->> 'UserName' as user_name + from + aws_rds_db_proxy, + jsonb_array_elements(auth) as a; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_recommendation_1.yaml b/queries/aws_rds_db_recommendation_1.yaml index e11ea6cbd..84f8f83ac 100755 --- a/queries/aws_rds_db_recommendation_1.yaml +++ b/queries/aws_rds_db_recommendation_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_recommendation_1 Title: "Find AWS RDS DB Recommendations with High Severity" Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_recommendation_1.yaml.bak b/queries/aws_rds_db_recommendation_1.yaml.bak new file mode 100755 index 000000000..e11ea6cbd --- /dev/null +++ b/queries/aws_rds_db_recommendation_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_rds_db_recommendation_1 +Title: "Find AWS RDS DB Recommendations with High Severity" +Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + recommendation_id, + title, + severity, + description, + created_time + from + aws_rds_db_recommendation + where + severity = 'high'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_recommendation_2.yaml b/queries/aws_rds_db_recommendation_2.yaml index 459b72910..217c9ccf8 100755 --- a/queries/aws_rds_db_recommendation_2.yaml +++ b/queries/aws_rds_db_recommendation_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_recommendation_2 Title: "List all AWS RDS DB Recommendations and Details" Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_recommendation_2.yaml.bak b/queries/aws_rds_db_recommendation_2.yaml.bak new file mode 100755 index 000000000..217c9ccf8 --- /dev/null +++ b/queries/aws_rds_db_recommendation_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_rds_db_recommendation_2 +Title: "List all AWS RDS DB Recommendations and Details" +Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + recommendation_id, + title, + created_time, + description + from + aws_rds_db_recommendation + where + created_time >= now() - interval '30 days'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_recommendation_2.yaml.bak.bak b/queries/aws_rds_db_recommendation_2.yaml.bak.bak new file mode 100755 index 000000000..217c9ccf8 --- /dev/null +++ b/queries/aws_rds_db_recommendation_2.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_rds_db_recommendation_2 +Title: "List all AWS RDS DB Recommendations and Details" +Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + recommendation_id, + title, + created_time, + description + from + aws_rds_db_recommendation + where + created_time >= now() - interval '30 days'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_recommendation_3.yaml b/queries/aws_rds_db_recommendation_3.yaml index b0f8448fb..f7f8f314f 100755 --- a/queries/aws_rds_db_recommendation_3.yaml +++ b/queries/aws_rds_db_recommendation_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_recommendation_3 Title: "Find All Recommendations and Actions for AWS RDS DB" Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_recommendation_3.yaml.bak b/queries/aws_rds_db_recommendation_3.yaml.bak new file mode 100755 index 000000000..b0f8448fb --- /dev/null +++ b/queries/aws_rds_db_recommendation_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_rds_db_recommendation_3 +Title: "Find All Recommendations and Actions for AWS RDS DB" +Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + recommendation_id, + title, + recommendation, + recommended_actions + from + aws_rds_db_recommendation; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_recommendation_4.yaml b/queries/aws_rds_db_recommendation_4.yaml index 4071bb239..a19d7beec 100755 --- a/queries/aws_rds_db_recommendation_4.yaml +++ b/queries/aws_rds_db_recommendation_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_recommendation_4 Title: "List all AWS RDS DB Recommendations and Suggested Actions" Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_recommendation_4.yaml.bak b/queries/aws_rds_db_recommendation_4.yaml.bak new file mode 100755 index 000000000..4071bb239 --- /dev/null +++ b/queries/aws_rds_db_recommendation_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_recommendation_4 +Title: "List all AWS RDS DB Recommendations and Suggested Actions" +Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + recommendation_id, + title, + impact, + description + from + aws_rds_db_recommendation + order by + impact desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_recommendation_5.yaml b/queries/aws_rds_db_recommendation_5.yaml index 3efae706f..0f98e87b5 100755 --- a/queries/aws_rds_db_recommendation_5.yaml +++ b/queries/aws_rds_db_recommendation_5.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_recommendation_5 Title: "Find AWS RDS DB Recommendations and Statuses" Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_recommendation_5.yaml.bak b/queries/aws_rds_db_recommendation_5.yaml.bak new file mode 100755 index 000000000..3efae706f --- /dev/null +++ b/queries/aws_rds_db_recommendation_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_recommendation_5 +Title: "Find AWS RDS DB Recommendations and Statuses" +Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + recommendation_id, + title, + status, + updated_time + from + aws_rds_db_recommendation + where + status != 'resolved'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_recommendation_6.yaml b/queries/aws_rds_db_recommendation_6.yaml index 1ae1bb53f..65581d69d 100755 --- a/queries/aws_rds_db_recommendation_6.yaml +++ b/queries/aws_rds_db_recommendation_6.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_recommendation_6 Title: "Find AWS RDS DB Recommendations and Their Statuses" Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_recommendation_6.yaml.bak b/queries/aws_rds_db_recommendation_6.yaml.bak new file mode 100755 index 000000000..1ae1bb53f --- /dev/null +++ b/queries/aws_rds_db_recommendation_6.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_rds_db_recommendation_6 +Title: "Find AWS RDS DB Recommendations and Their Statuses" +Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + recommendation_id, + issue_details -> 'PerformanceIssueDetails' ->> 'Analysis' as analysis, + issue_details -> 'PerformanceIssueDetails' ->> 'EndTime' as end_time, + issue_details -> 'PerformanceIssueDetails' ->> 'StartTime' as start_time, + issue_details -> 'PerformanceIssueDetails' -> 'Metrics' as metrics + from + aws_rds_db_recommendation + where + issue_details is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS DB Recommendation diff --git a/queries/aws_rds_db_recommendation_7.yaml b/queries/aws_rds_db_recommendation_7.yaml index 44f710bc1..23a6af7e0 100755 --- a/queries/aws_rds_db_recommendation_7.yaml +++ b/queries/aws_rds_db_recommendation_7.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_recommendation_7 Title: "Find all AWS RDS DB recommendation statuses and actions" Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_recommendation_7.yaml.bak b/queries/aws_rds_db_recommendation_7.yaml.bak new file mode 100755 index 000000000..44f710bc1 --- /dev/null +++ b/queries/aws_rds_db_recommendation_7.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_rds_db_recommendation_7 +Title: "Find all AWS RDS DB recommendation statuses and actions" +Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + recommendation_id, + action ->> 'Title' as title, + action ->> 'Status' as status, + action ->> 'ActionId' as action_id, + action ->> 'Operation' as operation, + action -> 'ApplyModes' as apply_modes, + action -> 'Parameters' as parameters, + action ->> 'Description' as description, + action ->> 'IssueDetails' as issue_details, + action -> 'ContextAttributes' as context_attributes + from + aws_rds_db_recommendation, + jsonb_array_elements(recommended_actions) as action; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_snapshot_1.yaml b/queries/aws_rds_db_snapshot_1.yaml index eb66bd852..eec48b865 100755 --- a/queries/aws_rds_db_snapshot_1.yaml +++ b/queries/aws_rds_db_snapshot_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_snapshot_1 Title: "Find Non-encrypted RDS DB Snapshots for AWS" Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_snapshot_1.yaml.bak b/queries/aws_rds_db_snapshot_1.yaml.bak new file mode 100755 index 000000000..eb66bd852 --- /dev/null +++ b/queries/aws_rds_db_snapshot_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_snapshot_1 +Title: "Find Non-encrypted RDS DB Snapshots for AWS" +Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_snapshot_identifier, + encrypted + from + aws_rds_db_snapshot + where + not encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_snapshot_2.yaml b/queries/aws_rds_db_snapshot_2.yaml index 8eaae12e5..9cc9daed3 100755 --- a/queries/aws_rds_db_snapshot_2.yaml +++ b/queries/aws_rds_db_snapshot_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_snapshot_2 Title: "List Amazon RDS DB manual snapshots" Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_snapshot_2.yaml.bak b/queries/aws_rds_db_snapshot_2.yaml.bak new file mode 100755 index 000000000..8eaae12e5 --- /dev/null +++ b/queries/aws_rds_db_snapshot_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_rds_db_snapshot_2 +Title: "List Amazon RDS DB manual snapshots" +Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_snapshot_identifier, + type + from + aws_rds_db_snapshot + where + type = 'manual'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_snapshot_3.yaml b/queries/aws_rds_db_snapshot_3.yaml index ce975c9cb..0951f3b37 100755 --- a/queries/aws_rds_db_snapshot_3.yaml +++ b/queries/aws_rds_db_snapshot_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_snapshot_3 Title: "Find Information on Amazon RDS DB Snapshots" Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_snapshot_3.yaml.bak b/queries/aws_rds_db_snapshot_3.yaml.bak new file mode 100755 index 000000000..ce975c9cb --- /dev/null +++ b/queries/aws_rds_db_snapshot_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_snapshot_3 +Title: "Find Information on Amazon RDS DB Snapshots" +Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_snapshot_identifier, + encrypted + from + aws_rds_db_snapshot + where + not encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_rds_db_snapshot_4.yaml b/queries/aws_rds_db_snapshot_4.yaml index d766b5b24..99fafafe7 100755 --- a/queries/aws_rds_db_snapshot_4.yaml +++ b/queries/aws_rds_db_snapshot_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_snapshot_4 Title: "List Amazon RDS DB Snapshots Information" Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_snapshot_4.yaml.bak b/queries/aws_rds_db_snapshot_4.yaml.bak new file mode 100755 index 000000000..d766b5b24 --- /dev/null +++ b/queries/aws_rds_db_snapshot_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_snapshot_4 +Title: "List Amazon RDS DB Snapshots Information" +Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + db_snapshot_identifier, + db_instance_identifier, + engine, + engine_version, + allocated_storage, + storage_type + from + aws_rds_db_snapshot; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_subnet_group_1.yaml b/queries/aws_rds_db_subnet_group_1.yaml index 15c978408..f955469fb 100755 --- a/queries/aws_rds_db_subnet_group_1.yaml +++ b/queries/aws_rds_db_subnet_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_subnet_group_1 Title: "Query AWS RDS DB Subnet Groups Information" Description: "Allows users to query AWS RDS DB Subnet Groups to retrieve information about each DB subnet group configured in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_subnet_group_1.yaml.bak b/queries/aws_rds_db_subnet_group_1.yaml.bak new file mode 100755 index 000000000..15c978408 --- /dev/null +++ b/queries/aws_rds_db_subnet_group_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_rds_db_subnet_group_1 +Title: "Query AWS RDS DB Subnet Groups Information" +Description: "Allows users to query AWS RDS DB Subnet Groups to retrieve information about each DB subnet group configured in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + status, + vpc_id + from + aws_rds_db_subnet_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_subnet_group_2.yaml b/queries/aws_rds_db_subnet_group_2.yaml index 89ab5755e..a4dff9482 100755 --- a/queries/aws_rds_db_subnet_group_2.yaml +++ b/queries/aws_rds_db_subnet_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_subnet_group_2 Title: "List all AWS RDS DB Subnet Groups Information" Description: "Allows users to query AWS RDS DB Subnet Groups to retrieve information about each DB subnet group configured in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_subnet_group_2.yaml.bak b/queries/aws_rds_db_subnet_group_2.yaml.bak new file mode 100755 index 000000000..89ab5755e --- /dev/null +++ b/queries/aws_rds_db_subnet_group_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_rds_db_subnet_group_2 +Title: "List all AWS RDS DB Subnet Groups Information" +Description: "Allows users to query AWS RDS DB Subnet Groups to retrieve information about each DB subnet group configured in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + subnet -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, + subnet ->> 'SubnetIdentifier' as subnet_identifier, + subnet -> 'SubnetOutpost' ->> 'Arn' as subnet_outpost, + subnet ->> 'SubnetStatus' as subnet_status + from + aws_rds_db_subnet_group + cross join jsonb_array_elements(subnets) as subnet; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_db_subnet_group_3.yaml b/queries/aws_rds_db_subnet_group_3.yaml index b7ac2eae5..c6aa02d0a 100755 --- a/queries/aws_rds_db_subnet_group_3.yaml +++ b/queries/aws_rds_db_subnet_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_db_subnet_group_3 Title: "List all AWS RDS DB Subnet Groups" Description: "Allows users to query AWS RDS DB Subnet Groups to retrieve information about each DB subnet group configured in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_db_subnet_group_3.yaml.bak b/queries/aws_rds_db_subnet_group_3.yaml.bak new file mode 100755 index 000000000..b7ac2eae5 --- /dev/null +++ b/queries/aws_rds_db_subnet_group_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_rds_db_subnet_group_3 +Title: "List all AWS RDS DB Subnet Groups" +Description: "Allows users to query AWS RDS DB Subnet Groups to retrieve information about each DB subnet group configured in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + tags + from + aws_rds_db_subnet_group + where + not tags :: JSONB ? 'application'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_reserved_db_instance_1.yaml b/queries/aws_rds_reserved_db_instance_1.yaml index 1d238fbb9..929acc7ad 100755 --- a/queries/aws_rds_reserved_db_instance_1.yaml +++ b/queries/aws_rds_reserved_db_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_rds_reserved_db_instance_1 Title: "List AWS RDS Reserved DB Instances and Details" Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_reserved_db_instance_1.yaml.bak b/queries/aws_rds_reserved_db_instance_1.yaml.bak new file mode 100755 index 000000000..929acc7ad --- /dev/null +++ b/queries/aws_rds_reserved_db_instance_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_rds_reserved_db_instance_1 +Title: "List AWS RDS Reserved DB Instances and Details" +Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_db_instance_id, + arn, + reserved_db_instances_offering_id, + state, + class + from + aws_rds_reserved_db_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_reserved_db_instance_1.yaml.bak.bak b/queries/aws_rds_reserved_db_instance_1.yaml.bak.bak new file mode 100755 index 000000000..929acc7ad --- /dev/null +++ b/queries/aws_rds_reserved_db_instance_1.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_rds_reserved_db_instance_1 +Title: "List AWS RDS Reserved DB Instances and Details" +Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_db_instance_id, + arn, + reserved_db_instances_offering_id, + state, + class + from + aws_rds_reserved_db_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_reserved_db_instance_2.yaml b/queries/aws_rds_reserved_db_instance_2.yaml index 283a2868f..9863980ce 100755 --- a/queries/aws_rds_reserved_db_instance_2.yaml +++ b/queries/aws_rds_reserved_db_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_rds_reserved_db_instance_2 Title: "List all AWS RDS Reserved DB Instances" Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_reserved_db_instance_2.yaml.bak b/queries/aws_rds_reserved_db_instance_2.yaml.bak new file mode 100755 index 000000000..283a2868f --- /dev/null +++ b/queries/aws_rds_reserved_db_instance_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_rds_reserved_db_instance_2 +Title: "List all AWS RDS Reserved DB Instances" +Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_db_instance_id, + arn, + reserved_db_instances_offering_id, + state, + class + from + aws_rds_reserved_db_instance + where + not multi_az; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_reserved_db_instance_3.yaml b/queries/aws_rds_reserved_db_instance_3.yaml index 35f58189e..e1084b760 100755 --- a/queries/aws_rds_reserved_db_instance_3.yaml +++ b/queries/aws_rds_reserved_db_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_rds_reserved_db_instance_3 Title: "Find all RDS Reserved DB Instances with Costs and Status" Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_reserved_db_instance_3.yaml.bak b/queries/aws_rds_reserved_db_instance_3.yaml.bak new file mode 100755 index 000000000..35f58189e --- /dev/null +++ b/queries/aws_rds_reserved_db_instance_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_rds_reserved_db_instance_3 +Title: "Find all RDS Reserved DB Instances with Costs and Status" +Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_db_instance_id, + arn, + reserved_db_instances_offering_id, + state, + class + from + aws_rds_reserved_db_instance + where + offering_type = 'All Upfront'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_reserved_db_instance_4.yaml b/queries/aws_rds_reserved_db_instance_4.yaml index 8a623857f..fcc9deb54 100755 --- a/queries/aws_rds_reserved_db_instance_4.yaml +++ b/queries/aws_rds_reserved_db_instance_4.yaml @@ -1,7 +1,7 @@ ID: aws_rds_reserved_db_instance_4 Title: "List all Reserved DB Instances in AWS RDS" Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_reserved_db_instance_4.yaml.bak b/queries/aws_rds_reserved_db_instance_4.yaml.bak new file mode 100755 index 000000000..8a623857f --- /dev/null +++ b/queries/aws_rds_reserved_db_instance_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_rds_reserved_db_instance_4 +Title: "List all Reserved DB Instances in AWS RDS" +Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_db_instance_id, + arn, + reserved_db_instances_offering_id, + state, + class + from + aws_rds_reserved_db_instance + order by + duration desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_reserved_db_instance_5.yaml b/queries/aws_rds_reserved_db_instance_5.yaml index 2ce3e5daf..a96db31e0 100755 --- a/queries/aws_rds_reserved_db_instance_5.yaml +++ b/queries/aws_rds_reserved_db_instance_5.yaml @@ -1,7 +1,7 @@ ID: aws_rds_reserved_db_instance_5 Title: "List all AWS RDS Reserved DB Instances and Details" Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_reserved_db_instance_5.yaml.bak b/queries/aws_rds_reserved_db_instance_5.yaml.bak new file mode 100755 index 000000000..2ce3e5daf --- /dev/null +++ b/queries/aws_rds_reserved_db_instance_5.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_reserved_db_instance_5 +Title: "List all AWS RDS Reserved DB Instances and Details" +Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_db_instance_id, + arn, + reserved_db_instances_offering_id, + state, + class, + usage_price + from + aws_rds_reserved_db_instance + order by + usage_price desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_provider: + - aws + cloud_service: + - RDS diff --git a/queries/aws_rds_reserved_db_instance_6.yaml b/queries/aws_rds_reserved_db_instance_6.yaml index 3f331d518..d9aea9ff9 100755 --- a/queries/aws_rds_reserved_db_instance_6.yaml +++ b/queries/aws_rds_reserved_db_instance_6.yaml @@ -1,7 +1,7 @@ ID: aws_rds_reserved_db_instance_6 Title: "List all AWS RDS Reserved DB Instances with details and costs" Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_rds_reserved_db_instance_6.yaml.bak b/queries/aws_rds_reserved_db_instance_6.yaml.bak new file mode 100755 index 000000000..3f331d518 --- /dev/null +++ b/queries/aws_rds_reserved_db_instance_6.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_rds_reserved_db_instance_6 +Title: "List all AWS RDS Reserved DB Instances with details and costs" +Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + reserved_db_instance_id, + arn, + reserved_db_instances_offering_id, + state, + class, + usage_price + from + aws_rds_reserved_db_instance + where + state <> 'active'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon RDS diff --git a/queries/aws_redshift_cluster_1.yaml b/queries/aws_redshift_cluster_1.yaml index aae539ed4..f2ad96feb 100755 --- a/queries/aws_redshift_cluster_1.yaml +++ b/queries/aws_redshift_cluster_1.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_cluster_1 Title: "List all AWS Redshift Clusters including Configurations" Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_cluster_1.yaml.bak b/queries/aws_redshift_cluster_1.yaml.bak new file mode 100755 index 000000000..aae539ed4 --- /dev/null +++ b/queries/aws_redshift_cluster_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_redshift_cluster_1 +Title: "List all AWS Redshift Clusters including Configurations" +Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_identifier, + arn, + node_type, + region + from + aws_redshift_cluster; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Redshift diff --git a/queries/aws_redshift_cluster_2.yaml b/queries/aws_redshift_cluster_2.yaml index 87d7eb8cc..9c256f205 100755 --- a/queries/aws_redshift_cluster_2.yaml +++ b/queries/aws_redshift_cluster_2.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_cluster_2 Title: "Find all AWS Redshift Clusters with Configuration Details" Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_cluster_2.yaml.bak b/queries/aws_redshift_cluster_2.yaml.bak new file mode 100755 index 000000000..9c256f205 --- /dev/null +++ b/queries/aws_redshift_cluster_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_redshift_cluster_2 +Title: "Find all AWS Redshift Clusters with Configuration Details" +Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_identifier, + node_type, + number_of_nodes, + publicly_accessible + from + aws_redshift_cluster + where + publicly_accessible; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_cluster_2.yaml.bak.bak b/queries/aws_redshift_cluster_2.yaml.bak.bak new file mode 100755 index 000000000..9c256f205 --- /dev/null +++ b/queries/aws_redshift_cluster_2.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_redshift_cluster_2 +Title: "Find all AWS Redshift Clusters with Configuration Details" +Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_identifier, + node_type, + number_of_nodes, + publicly_accessible + from + aws_redshift_cluster + where + publicly_accessible; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_cluster_3.yaml b/queries/aws_redshift_cluster_3.yaml index ae1056107..81448f467 100755 --- a/queries/aws_redshift_cluster_3.yaml +++ b/queries/aws_redshift_cluster_3.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_cluster_3 Title: "Find AWS Redshift Cluster Configurations and Details" Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_cluster_3.yaml.bak b/queries/aws_redshift_cluster_3.yaml.bak new file mode 100755 index 000000000..ae1056107 --- /dev/null +++ b/queries/aws_redshift_cluster_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_redshift_cluster_3 +Title: "Find AWS Redshift Cluster Configurations and Details" +Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_identifier, + node_type, + number_of_nodes, + vpc_id + from + aws_redshift_cluster + where + vpc_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_cluster_4.yaml b/queries/aws_redshift_cluster_4.yaml index 3b7048207..4cdd40050 100755 --- a/queries/aws_redshift_cluster_4.yaml +++ b/queries/aws_redshift_cluster_4.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_cluster_4 Title: "List all AWS Redshift Clusters and list configurations" Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_cluster_4.yaml.bak b/queries/aws_redshift_cluster_4.yaml.bak new file mode 100755 index 000000000..3b7048207 --- /dev/null +++ b/queries/aws_redshift_cluster_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_redshift_cluster_4 +Title: "List all AWS Redshift Clusters and list configurations" +Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_identifier, + node_type, + number_of_nodes, + encrypted + from + aws_redshift_cluster + where + not encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_cluster_5.yaml b/queries/aws_redshift_cluster_5.yaml index f88b1df71..b4995ffa9 100755 --- a/queries/aws_redshift_cluster_5.yaml +++ b/queries/aws_redshift_cluster_5.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_cluster_5 Title: "List all AWS Redshift Clusters and Their Status" Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_cluster_5.yaml.bak b/queries/aws_redshift_cluster_5.yaml.bak new file mode 100755 index 000000000..f88b1df71 --- /dev/null +++ b/queries/aws_redshift_cluster_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_redshift_cluster_5 +Title: "List all AWS Redshift Clusters and Their Status" +Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_identifier, + logging_status -> 'LoggingEnabled' as LoggingEnabled + from + aws_redshift_cluster + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml index 02733a73a..e522542e1 100755 --- a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml +++ b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_cluster_metric_cpu_utilization_daily_1 Title: "List AWS Redshift CPU Utilization Metrics by day" Description: "Allows users to query AWS Redshift Cluster CPU Utilization Metrics on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml.bak b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml.bak new file mode 100755 index 000000000..02733a73a --- /dev/null +++ b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_redshift_cluster_metric_cpu_utilization_daily_1 +Title: "List AWS Redshift CPU Utilization Metrics by day" +Description: "Allows users to query AWS Redshift Cluster CPU Utilization Metrics on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_identifier, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_redshift_cluster_metric_cpu_utilization_daily + order by + cluster_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml index 08bce09fa..6a67d763e 100755 --- a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml +++ b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_cluster_metric_cpu_utilization_daily_2 Title: "Find Daily AWS Redshift Cluster High CPU Utilization" Description: "Allows users to query AWS Redshift Cluster CPU Utilization Metrics on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml.bak b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml.bak new file mode 100755 index 000000000..08bce09fa --- /dev/null +++ b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_redshift_cluster_metric_cpu_utilization_daily_2 +Title: "Find Daily AWS Redshift Cluster High CPU Utilization" +Description: "Allows users to query AWS Redshift Cluster CPU Utilization Metrics on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_identifier, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_redshift_cluster_metric_cpu_utilization_daily + where average > 80 + order by + cluster_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml index d65527346..925e26395 100755 --- a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml +++ b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_cluster_metric_cpu_utilization_daily_3 Title: "List AWS Redshift Cluster CPU Utilization Metrics Daily" Description: "Allows users to query AWS Redshift Cluster CPU Utilization Metrics on a daily basis." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml.bak b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml.bak new file mode 100755 index 000000000..d65527346 --- /dev/null +++ b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_redshift_cluster_metric_cpu_utilization_daily_3 +Title: "List AWS Redshift Cluster CPU Utilization Metrics Daily" +Description: "Allows users to query AWS Redshift Cluster CPU Utilization Metrics on a daily basis." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_identifier, + timestamp, + round(minimum::numeric,2) as min_cpu, + round(maximum::numeric,2) as max_cpu, + round(average::numeric,2) as avg_cpu, + sample_count + from + aws_redshift_cluster_metric_cpu_utilization_daily + where average < 2 + order by + cluster_identifier, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_event_subscription_1.yaml b/queries/aws_redshift_event_subscription_1.yaml index b4868b54b..a2cafadfe 100755 --- a/queries/aws_redshift_event_subscription_1.yaml +++ b/queries/aws_redshift_event_subscription_1.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_event_subscription_1 Title: "List All AWS Redshift Event Subscription Configurations" Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_event_subscription_1.yaml.bak b/queries/aws_redshift_event_subscription_1.yaml.bak new file mode 100755 index 000000000..b4868b54b --- /dev/null +++ b/queries/aws_redshift_event_subscription_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_redshift_event_subscription_1 +Title: "List All AWS Redshift Event Subscription Configurations" +Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cust_subscription_id, + customer_aws_id, + status, + sns_topic_arn, + subscription_creation_time + from + aws_redshift_event_subscription; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_event_subscription_2.yaml b/queries/aws_redshift_event_subscription_2.yaml index f92f75123..af0f36489 100755 --- a/queries/aws_redshift_event_subscription_2.yaml +++ b/queries/aws_redshift_event_subscription_2.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_event_subscription_2 Title: "Find all AWS Redshift Event Subscriptions" Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_event_subscription_2.yaml.bak b/queries/aws_redshift_event_subscription_2.yaml.bak new file mode 100755 index 000000000..af0f36489 --- /dev/null +++ b/queries/aws_redshift_event_subscription_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_redshift_event_subscription_2 +Title: "Find all AWS Redshift Event Subscriptions" +Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cust_subscription_id, + customer_aws_id, + status, + enabled, + sns_topic_arn, + subscription_creation_time + from + aws_redshift_event_subscription + where + enabled is false; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_event_subscription_2.yaml.bak.bak b/queries/aws_redshift_event_subscription_2.yaml.bak.bak new file mode 100755 index 000000000..af0f36489 --- /dev/null +++ b/queries/aws_redshift_event_subscription_2.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_redshift_event_subscription_2 +Title: "Find all AWS Redshift Event Subscriptions" +Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cust_subscription_id, + customer_aws_id, + status, + enabled, + sns_topic_arn, + subscription_creation_time + from + aws_redshift_event_subscription + where + enabled is false; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_event_subscription_3.yaml b/queries/aws_redshift_event_subscription_3.yaml index a49d68b2d..226be4671 100755 --- a/queries/aws_redshift_event_subscription_3.yaml +++ b/queries/aws_redshift_event_subscription_3.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_event_subscription_3 Title: "List all AWS Redshift Event Subscriptions and Their Configurations" Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_event_subscription_3.yaml.bak b/queries/aws_redshift_event_subscription_3.yaml.bak new file mode 100755 index 000000000..a49d68b2d --- /dev/null +++ b/queries/aws_redshift_event_subscription_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_redshift_event_subscription_3 +Title: "List all AWS Redshift Event Subscriptions and Their Configurations" +Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cust_subscription_id, + severity, + source_type, + event_categories_list, + source_ids_list + from + aws_redshift_event_subscription; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_event_subscription_4.yaml b/queries/aws_redshift_event_subscription_4.yaml index d1628a3fa..d274034cb 100755 --- a/queries/aws_redshift_event_subscription_4.yaml +++ b/queries/aws_redshift_event_subscription_4.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_event_subscription_4 Title: "Find AWS Redshift Event Subscriptions with Configuration and Status" Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_event_subscription_4.yaml.bak b/queries/aws_redshift_event_subscription_4.yaml.bak new file mode 100755 index 000000000..d1628a3fa --- /dev/null +++ b/queries/aws_redshift_event_subscription_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_redshift_event_subscription_4 +Title: "Find AWS Redshift Event Subscriptions with Configuration and Status" +Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + e.cust_subscription_id, + e.status, + s.kms_master_key_id, + s.topic_arn as arn + from + aws_redshift_event_subscription as e + join aws_sns_topic as s on s.topic_arn = e.sns_topic_arn + where + s.kms_master_key_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Redshift diff --git a/queries/aws_redshift_parameter_group_1.yaml b/queries/aws_redshift_parameter_group_1.yaml index 85a522312..70c57cc59 100755 --- a/queries/aws_redshift_parameter_group_1.yaml +++ b/queries/aws_redshift_parameter_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_parameter_group_1 Title: "List all Amazon Redshift Parameter Groups configuration settings" Description: "Allows users to query Amazon Redshift Parameter Groups to obtain detailed information about the configuration parameters and settings for Redshift clusters. This can be useful for managing and optimizing the performance of Redshift databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_parameter_group_1.yaml.bak b/queries/aws_redshift_parameter_group_1.yaml.bak new file mode 100755 index 000000000..85a522312 --- /dev/null +++ b/queries/aws_redshift_parameter_group_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_redshift_parameter_group_1 +Title: "List all Amazon Redshift Parameter Groups configuration settings" +Description: "Allows users to query Amazon Redshift Parameter Groups to obtain detailed information about the configuration parameters and settings for Redshift clusters. This can be useful for managing and optimizing the performance of Redshift databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + family + from + aws_redshift_parameter_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Redshift diff --git a/queries/aws_redshift_parameter_group_2.yaml b/queries/aws_redshift_parameter_group_2.yaml index 923afbdee..f7eb34dd9 100755 --- a/queries/aws_redshift_parameter_group_2.yaml +++ b/queries/aws_redshift_parameter_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_parameter_group_2 Title: "Find Amazon Redshift Parameter Groups Configuration" Description: "Allows users to query Amazon Redshift Parameter Groups to obtain detailed information about the configuration parameters and settings for Redshift clusters. This can be useful for managing and optimizing the performance of Redshift databases." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_parameter_group_2.yaml.bak b/queries/aws_redshift_parameter_group_2.yaml.bak new file mode 100755 index 000000000..923afbdee --- /dev/null +++ b/queries/aws_redshift_parameter_group_2.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_redshift_parameter_group_2 +Title: "Find Amazon Redshift Parameter Groups Configuration" +Description: "Allows users to query Amazon Redshift Parameter Groups to obtain detailed information about the configuration parameters and settings for Redshift clusters. This can be useful for managing and optimizing the performance of Redshift databases." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + p ->> 'ParameterName' as parameter_name, + p ->> 'ParameterValue' as parameter_value, + p ->> 'Description' as description, + p ->> 'Source' as source, + p ->> 'DataType' as data_type, + p ->> 'ApplyType' as apply_type, + p ->> 'IsModifiable' as is_modifiable, + p ->> 'AllowedValues' as allowed_values, + p ->> 'MinimumEngineVersion' as minimum_engine_version + from + aws_redshift_parameter_group, + jsonb_array_elements(parameters) as p + where + p ->> 'ParameterName' = 'require_ssl' + and p ->> 'ParameterValue' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Redshift diff --git a/queries/aws_redshift_snapshot_1.yaml b/queries/aws_redshift_snapshot_1.yaml index 0d90a7460..75dc1f78c 100755 --- a/queries/aws_redshift_snapshot_1.yaml +++ b/queries/aws_redshift_snapshot_1.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_snapshot_1 Title: "List AWS Redshift Snapshots with Their Configuration" Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_snapshot_1.yaml.bak b/queries/aws_redshift_snapshot_1.yaml.bak new file mode 100755 index 000000000..0d90a7460 --- /dev/null +++ b/queries/aws_redshift_snapshot_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_redshift_snapshot_1 +Title: "List AWS Redshift Snapshots with Their Configuration" +Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_identifier, + cluster_identifier, + node_type, + encrypted + from + aws_redshift_snapshot; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_snapshot_2.yaml b/queries/aws_redshift_snapshot_2.yaml index e8fe2fed6..7ecec3991 100755 --- a/queries/aws_redshift_snapshot_2.yaml +++ b/queries/aws_redshift_snapshot_2.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_snapshot_2 Title: "List all AWS Redshift Snapshots with Configuration Details" Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_snapshot_2.yaml.bak b/queries/aws_redshift_snapshot_2.yaml.bak new file mode 100755 index 000000000..e8fe2fed6 --- /dev/null +++ b/queries/aws_redshift_snapshot_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_redshift_snapshot_2 +Title: "List all AWS Redshift Snapshots with Configuration Details" +Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_identifier, + snapshot_type + from + aws_redshift_snapshot + where + snapshot_type = 'manual'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_snapshot_3.yaml b/queries/aws_redshift_snapshot_3.yaml index 2e43d5f3e..67694b84b 100755 --- a/queries/aws_redshift_snapshot_3.yaml +++ b/queries/aws_redshift_snapshot_3.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_snapshot_3 Title: "List All AWS Redshift Snapshots Configuration and Status" Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_snapshot_3.yaml.bak b/queries/aws_redshift_snapshot_3.yaml.bak new file mode 100755 index 000000000..2e43d5f3e --- /dev/null +++ b/queries/aws_redshift_snapshot_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_redshift_snapshot_3 +Title: "List All AWS Redshift Snapshots Configuration and Status" +Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_identifier, + cluster_identifier, + node_type, + number_of_nodes, + encrypted + from + aws_redshift_snapshot + where + not encrypted; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_snapshot_4.yaml b/queries/aws_redshift_snapshot_4.yaml index 4f2847784..13a44c355 100755 --- a/queries/aws_redshift_snapshot_4.yaml +++ b/queries/aws_redshift_snapshot_4.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_snapshot_4 Title: "List all AWS Redshift Snapshots with Details" Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_snapshot_4.yaml.bak b/queries/aws_redshift_snapshot_4.yaml.bak new file mode 100755 index 000000000..4f2847784 --- /dev/null +++ b/queries/aws_redshift_snapshot_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_redshift_snapshot_4 +Title: "List all AWS Redshift Snapshots with Details" +Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_identifier, + cluster_identifier, + number_of_nodes, + cluster_version, + engine_full_version, + restorable_node_types + from + aws_redshift_snapshot; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_snapshot_5.yaml b/queries/aws_redshift_snapshot_5.yaml index b48c1a43d..aec643f2e 100755 --- a/queries/aws_redshift_snapshot_5.yaml +++ b/queries/aws_redshift_snapshot_5.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_snapshot_5 Title: "Find AWS Redshift Snapshots and Restore Access Details" Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_snapshot_5.yaml.bak b/queries/aws_redshift_snapshot_5.yaml.bak new file mode 100755 index 000000000..b48c1a43d --- /dev/null +++ b/queries/aws_redshift_snapshot_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_redshift_snapshot_5 +Title: "Find AWS Redshift Snapshots and Restore Access Details" +Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_identifier, + accounts_with_restore_access + from + aws_redshift_snapshot + where + accounts_with_restore_access is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_snapshot_6.yaml b/queries/aws_redshift_snapshot_6.yaml index 90271484f..84313b5b2 100755 --- a/queries/aws_redshift_snapshot_6.yaml +++ b/queries/aws_redshift_snapshot_6.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_snapshot_6 Title: "List all AWS Redshift Snapshots with details" Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_snapshot_6.yaml.bak b/queries/aws_redshift_snapshot_6.yaml.bak new file mode 100755 index 000000000..90271484f --- /dev/null +++ b/queries/aws_redshift_snapshot_6.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_redshift_snapshot_6 +Title: "List all AWS Redshift Snapshots with details" +Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + snapshot_identifier, + p ->> 'AccountId' as account_id, + p ->> 'AccountAlias' as account_alias + from + aws_redshift_snapshot, + jsonb_array_elements(accounts_with_restore_access) as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_subnet_group_1.yaml b/queries/aws_redshift_subnet_group_1.yaml index 5e73e63ba..73a2b2b16 100755 --- a/queries/aws_redshift_subnet_group_1.yaml +++ b/queries/aws_redshift_subnet_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_subnet_group_1 Title: "List all AWS Redshift Subnet Groups and their details" Description: "Allows users to query AWS Redshift Subnet Groups and get detailed information about each subnet group, including its name, description, VPC ID, subnet IDs, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_subnet_group_1.yaml.bak b/queries/aws_redshift_subnet_group_1.yaml.bak new file mode 100755 index 000000000..5e73e63ba --- /dev/null +++ b/queries/aws_redshift_subnet_group_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_redshift_subnet_group_1 +Title: "List all AWS Redshift Subnet Groups and their details" +Description: "Allows users to query AWS Redshift Subnet Groups and get detailed information about each subnet group, including its name, description, VPC ID, subnet IDs, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_subnet_group_name, + description, + subnet_group_status, + vpc_id + from + aws_redshift_subnet_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_subnet_group_2.yaml b/queries/aws_redshift_subnet_group_2.yaml index 32a7ad9e7..0d977ad56 100755 --- a/queries/aws_redshift_subnet_group_2.yaml +++ b/queries/aws_redshift_subnet_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_subnet_group_2 Title: "Find AWS Redshift Subnet Group Details and Status" Description: "Allows users to query AWS Redshift Subnet Groups and get detailed information about each subnet group, including its name, description, VPC ID, subnet IDs, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_subnet_group_2.yaml.bak b/queries/aws_redshift_subnet_group_2.yaml.bak new file mode 100755 index 000000000..32a7ad9e7 --- /dev/null +++ b/queries/aws_redshift_subnet_group_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_redshift_subnet_group_2 +Title: "Find AWS Redshift Subnet Group Details and Status" +Description: "Allows users to query AWS Redshift Subnet Groups and get detailed information about each subnet group, including its name, description, VPC ID, subnet IDs, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_subnet_group_name, + subnet -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, + subnet -> 'SubnetAvailabilityZone' ->> 'SupportedPlatforms' as supported_platforms, + subnet ->> 'SubnetIdentifier' as subnet_identifier, + subnet ->> 'SubnetStatus' as subnet_status + from + aws_redshift_subnet_group, + jsonb_array_elements(subnets) as subnet; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshift_subnet_group_3.yaml b/queries/aws_redshift_subnet_group_3.yaml index 78b56ac17..64bf2fc1f 100755 --- a/queries/aws_redshift_subnet_group_3.yaml +++ b/queries/aws_redshift_subnet_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_redshift_subnet_group_3 Title: "Find AWS Redshift Subnet Groups and Their Details" Description: "Allows users to query AWS Redshift Subnet Groups and get detailed information about each subnet group, including its name, description, VPC ID, subnet IDs, and status." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshift_subnet_group_3.yaml.bak b/queries/aws_redshift_subnet_group_3.yaml.bak new file mode 100755 index 000000000..78b56ac17 --- /dev/null +++ b/queries/aws_redshift_subnet_group_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_redshift_subnet_group_3 +Title: "Find AWS Redshift Subnet Groups and Their Details" +Description: "Allows users to query AWS Redshift Subnet Groups and get detailed information about each subnet group, including its name, description, VPC ID, subnet IDs, and status." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + cluster_subnet_group_name, + tags + from + aws_redshift_subnet_group + where + not tags :: JSONB ? 'application'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift diff --git a/queries/aws_redshiftserverless_namespace_1.yaml b/queries/aws_redshiftserverless_namespace_1.yaml index 1f136eaa1..3e28b71f2 100755 --- a/queries/aws_redshiftserverless_namespace_1.yaml +++ b/queries/aws_redshiftserverless_namespace_1.yaml @@ -1,7 +1,7 @@ ID: aws_redshiftserverless_namespace_1 Title: "List AWS Redshift Serverless Namespace Details" Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshiftserverless_namespace_1.yaml.bak b/queries/aws_redshiftserverless_namespace_1.yaml.bak new file mode 100755 index 000000000..1f136eaa1 --- /dev/null +++ b/queries/aws_redshiftserverless_namespace_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_redshiftserverless_namespace_1 +Title: "List AWS Redshift Serverless Namespace Details" +Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + namespace_name, + namespace_arn, + namespace_id, + creation_date, + db_name, + region, + status + from + aws_redshiftserverless_namespace; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift Serverless diff --git a/queries/aws_redshiftserverless_namespace_2.yaml b/queries/aws_redshiftserverless_namespace_2.yaml index b52692206..156233d91 100755 --- a/queries/aws_redshiftserverless_namespace_2.yaml +++ b/queries/aws_redshiftserverless_namespace_2.yaml @@ -1,7 +1,7 @@ ID: aws_redshiftserverless_namespace_2 Title: "List AWS Redshift Serverless Namespace Details" Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshiftserverless_namespace_2.yaml.bak b/queries/aws_redshiftserverless_namespace_2.yaml.bak new file mode 100755 index 000000000..b52692206 --- /dev/null +++ b/queries/aws_redshiftserverless_namespace_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_redshiftserverless_namespace_2 +Title: "List AWS Redshift Serverless Namespace Details" +Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + namespace_name, + namespace_arn, + namespace_id, + creation_date, + db_name, + region, + status + from + aws_redshiftserverless_namespace + where + status <> 'AVAILABLE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift Serverless diff --git a/queries/aws_redshiftserverless_namespace_3.yaml b/queries/aws_redshiftserverless_namespace_3.yaml index 4474d6e81..ece3ff6b2 100755 --- a/queries/aws_redshiftserverless_namespace_3.yaml +++ b/queries/aws_redshiftserverless_namespace_3.yaml @@ -1,7 +1,7 @@ ID: aws_redshiftserverless_namespace_3 Title: "List all AWS Redshift Serverless Namespace Data" Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshiftserverless_namespace_3.yaml.bak b/queries/aws_redshiftserverless_namespace_3.yaml.bak new file mode 100755 index 000000000..4474d6e81 --- /dev/null +++ b/queries/aws_redshiftserverless_namespace_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_redshiftserverless_namespace_3 +Title: "List all AWS Redshift Serverless Namespace Data" +Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + namespace_name, + namespace_arn, + namespace_id, + creation_date, + db_name, + region, + status + from + aws_redshiftserverless_namespace + where + kms_key_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift Serverless diff --git a/queries/aws_redshiftserverless_namespace_4.yaml b/queries/aws_redshiftserverless_namespace_4.yaml index 5bb0dc82d..fc28ad4ad 100755 --- a/queries/aws_redshiftserverless_namespace_4.yaml +++ b/queries/aws_redshiftserverless_namespace_4.yaml @@ -1,7 +1,7 @@ ID: aws_redshiftserverless_namespace_4 Title: "List AWS Redshift Serverless Namespace Details" Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshiftserverless_namespace_4.yaml.bak b/queries/aws_redshiftserverless_namespace_4.yaml.bak new file mode 100755 index 000000000..5bb0dc82d --- /dev/null +++ b/queries/aws_redshiftserverless_namespace_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_redshiftserverless_namespace_4 +Title: "List AWS Redshift Serverless Namespace Details" +Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + namespace_name, + namespace_arn, + namespace_id, + creation_date, + default_iam_role_arn + from + aws_redshiftserverless_namespace; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift Serverless diff --git a/queries/aws_redshiftserverless_workgroup_1.yaml b/queries/aws_redshiftserverless_workgroup_1.yaml index 865d0a8f4..19c113a64 100755 --- a/queries/aws_redshiftserverless_workgroup_1.yaml +++ b/queries/aws_redshiftserverless_workgroup_1.yaml @@ -1,7 +1,7 @@ ID: aws_redshiftserverless_workgroup_1 Title: "List AWS Redshift Serverless Workgroup Details" Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshiftserverless_workgroup_1.yaml.bak b/queries/aws_redshiftserverless_workgroup_1.yaml.bak new file mode 100755 index 000000000..865d0a8f4 --- /dev/null +++ b/queries/aws_redshiftserverless_workgroup_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_redshiftserverless_workgroup_1 +Title: "List AWS Redshift Serverless Workgroup Details" +Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workgroup_name, + workgroup_arn, + workgroup_id, + base_capacity, + creation_date, + region, + status + from + aws_redshiftserverless_workgroup; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift Serverless diff --git a/queries/aws_redshiftserverless_workgroup_2.yaml b/queries/aws_redshiftserverless_workgroup_2.yaml index 6972a4d9f..757399d9c 100755 --- a/queries/aws_redshiftserverless_workgroup_2.yaml +++ b/queries/aws_redshiftserverless_workgroup_2.yaml @@ -1,7 +1,7 @@ ID: aws_redshiftserverless_workgroup_2 Title: "List all AWS Redshift Serverless Workgroup details" Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshiftserverless_workgroup_2.yaml.bak b/queries/aws_redshiftserverless_workgroup_2.yaml.bak new file mode 100755 index 000000000..6972a4d9f --- /dev/null +++ b/queries/aws_redshiftserverless_workgroup_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_redshiftserverless_workgroup_2 +Title: "List all AWS Redshift Serverless Workgroup details" +Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workgroup_name, + workgroup_arn, + workgroup_id, + base_capacity, + creation_date, + region, + status + from + aws_redshiftserverless_workgroup + where + status <> 'AVAILABLE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift Serverless diff --git a/queries/aws_redshiftserverless_workgroup_3.yaml b/queries/aws_redshiftserverless_workgroup_3.yaml index 9d9c7a125..d8ee81d78 100755 --- a/queries/aws_redshiftserverless_workgroup_3.yaml +++ b/queries/aws_redshiftserverless_workgroup_3.yaml @@ -1,7 +1,7 @@ ID: aws_redshiftserverless_workgroup_3 Title: "List all AWS Redshift Serverless Workgroup Details" Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshiftserverless_workgroup_3.yaml.bak b/queries/aws_redshiftserverless_workgroup_3.yaml.bak new file mode 100755 index 000000000..9d9c7a125 --- /dev/null +++ b/queries/aws_redshiftserverless_workgroup_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_redshiftserverless_workgroup_3 +Title: "List all AWS Redshift Serverless Workgroup Details" +Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workgroup_name, + workgroup_arn, + workgroup_id, + base_capacity, + creation_date, + region, + status + from + aws_redshiftserverless_workgroup + where + publicly_accessible; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift Serverless diff --git a/queries/aws_redshiftserverless_workgroup_4.yaml b/queries/aws_redshiftserverless_workgroup_4.yaml index 5caf2d205..4bacc7961 100755 --- a/queries/aws_redshiftserverless_workgroup_4.yaml +++ b/queries/aws_redshiftserverless_workgroup_4.yaml @@ -1,7 +1,7 @@ ID: aws_redshiftserverless_workgroup_4 Title: "List all AWS Redshift Serverless Workgroup details" Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshiftserverless_workgroup_4.yaml.bak b/queries/aws_redshiftserverless_workgroup_4.yaml.bak new file mode 100755 index 000000000..5caf2d205 --- /dev/null +++ b/queries/aws_redshiftserverless_workgroup_4.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_redshiftserverless_workgroup_4 +Title: "List all AWS Redshift Serverless Workgroup details" +Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + sum(base_capacity) total_base_capacity + from + aws_redshiftserverless_workgroup + where + status = 'AVAILABLE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift Serverless diff --git a/queries/aws_redshiftserverless_workgroup_5.yaml b/queries/aws_redshiftserverless_workgroup_5.yaml index 4f81fb5dc..dfdd8ecc7 100755 --- a/queries/aws_redshiftserverless_workgroup_5.yaml +++ b/queries/aws_redshiftserverless_workgroup_5.yaml @@ -1,7 +1,7 @@ ID: aws_redshiftserverless_workgroup_5 Title: "List all AWS Redshift Serverless Workgroup details" Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshiftserverless_workgroup_5.yaml.bak b/queries/aws_redshiftserverless_workgroup_5.yaml.bak new file mode 100755 index 000000000..4f81fb5dc --- /dev/null +++ b/queries/aws_redshiftserverless_workgroup_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_redshiftserverless_workgroup_5 +Title: "List all AWS Redshift Serverless Workgroup details" +Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workgroup_arn, + endpoint ->> 'Address' as endpoint_address, + endpoint ->> 'Port' as endpoint_port, + endpoint -> 'VpcEndpoints' as endpoint_vpc_details + from + aws_redshiftserverless_workgroup; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift Serverless diff --git a/queries/aws_redshiftserverless_workgroup_6.yaml b/queries/aws_redshiftserverless_workgroup_6.yaml index 64cb02827..0908a347c 100755 --- a/queries/aws_redshiftserverless_workgroup_6.yaml +++ b/queries/aws_redshiftserverless_workgroup_6.yaml @@ -1,7 +1,7 @@ ID: aws_redshiftserverless_workgroup_6 Title: "List All Details of AWS Redshift Serverless Workgroup" Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_redshiftserverless_workgroup_6.yaml.bak b/queries/aws_redshiftserverless_workgroup_6.yaml.bak new file mode 100755 index 000000000..64cb02827 --- /dev/null +++ b/queries/aws_redshiftserverless_workgroup_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_redshiftserverless_workgroup_6 +Title: "List All Details of AWS Redshift Serverless Workgroup" +Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workgroup_arn, + p ->> 'ParameterKey' as parameter_key, + p ->> 'ParameterValue' as parameter_value + from + aws_redshiftserverless_workgroup, + jsonb_array_elements(config_parameters) p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Redshift Serverless diff --git a/queries/aws_region_1.yaml b/queries/aws_region_1.yaml index 23e792afe..87aa237ad 100755 --- a/queries/aws_region_1.yaml +++ b/queries/aws_region_1.yaml @@ -1,7 +1,7 @@ ID: aws_region_1 Title: "List all AWS Region Details Including Names and Statuses" Description: "Allows users to query AWS Region to retrieve details about AWS regions including their names, descriptions, and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_region_1.yaml.bak b/queries/aws_region_1.yaml.bak new file mode 100755 index 000000000..23e792afe --- /dev/null +++ b/queries/aws_region_1.yaml.bak @@ -0,0 +1,23 @@ +ID: aws_region_1 +Title: "List all AWS Region Details Including Names and Statuses" +Description: "Allows users to query AWS Region to retrieve details about AWS regions including their names, descriptions, and statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + opt_in_status + from + aws_region; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Regions diff --git a/queries/aws_region_2.yaml b/queries/aws_region_2.yaml index aa2349696..4dfc751fd 100755 --- a/queries/aws_region_2.yaml +++ b/queries/aws_region_2.yaml @@ -1,7 +1,7 @@ ID: aws_region_2 Title: "Find AWS Region Details and Statuses" Description: "Allows users to query AWS Region to retrieve details about AWS regions including their names, descriptions, and statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_region_2.yaml.bak b/queries/aws_region_2.yaml.bak new file mode 100755 index 000000000..aa2349696 --- /dev/null +++ b/queries/aws_region_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_region_2 +Title: "Find AWS Region Details and Statuses" +Description: "Allows users to query AWS Region to retrieve details about AWS regions including their names, descriptions, and statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + opt_in_status + from + aws_region + where + opt_in_status = 'not-opted-in'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Region diff --git a/queries/aws_resource_explorer_index_1.yaml b/queries/aws_resource_explorer_index_1.yaml index b7bf1697a..363542657 100755 --- a/queries/aws_resource_explorer_index_1.yaml +++ b/queries/aws_resource_explorer_index_1.yaml @@ -1,7 +1,7 @@ ID: aws_resource_explorer_index_1 Title: "List all resources across AWS services" Description: "Allows users to query AWS Resource Explorer Index, providing a comprehensive view of all resources across different AWS services in a single table." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_resource_explorer_index_1.yaml.bak b/queries/aws_resource_explorer_index_1.yaml.bak new file mode 100755 index 000000000..b7bf1697a --- /dev/null +++ b/queries/aws_resource_explorer_index_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_resource_explorer_index_1 +Title: "List all resources across AWS services" +Description: "Allows users to query AWS Resource Explorer Index, providing a comprehensive view of all resources across different AWS services in a single table." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + region, + type + from + aws_resource_explorer_index; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Resource Explorer diff --git a/queries/aws_resource_explorer_index_2.yaml b/queries/aws_resource_explorer_index_2.yaml index 5596aba32..34ca42c52 100755 --- a/queries/aws_resource_explorer_index_2.yaml +++ b/queries/aws_resource_explorer_index_2.yaml @@ -1,7 +1,7 @@ ID: aws_resource_explorer_index_2 Title: "List all AWS resources from Resource Explorer Index" Description: "Allows users to query AWS Resource Explorer Index, providing a comprehensive view of all resources across different AWS services in a single table." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_resource_explorer_index_2.yaml.bak b/queries/aws_resource_explorer_index_2.yaml.bak new file mode 100755 index 000000000..5596aba32 --- /dev/null +++ b/queries/aws_resource_explorer_index_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_resource_explorer_index_2 +Title: "List all AWS resources from Resource Explorer Index" +Description: "Allows users to query AWS Resource Explorer Index, providing a comprehensive view of all resources across different AWS services in a single table." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + region, + type + from + aws_resource_explorer_index + where + type = 'AGGREGATOR'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Resource Explorer diff --git a/queries/aws_resource_explorer_search_1.yaml b/queries/aws_resource_explorer_search_1.yaml index 9ebf0005a..25b3f04cc 100755 --- a/queries/aws_resource_explorer_search_1.yaml +++ b/queries/aws_resource_explorer_search_1.yaml @@ -1,7 +1,7 @@ ID: aws_resource_explorer_search_1 Title: "Find all AWS resources with details across services" Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_resource_explorer_search_1.yaml.bak b/queries/aws_resource_explorer_search_1.yaml.bak new file mode 100755 index 000000000..9ebf0005a --- /dev/null +++ b/queries/aws_resource_explorer_search_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_resource_explorer_search_1 +Title: "Find all AWS resources with details across services" +Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + region, + resource_type, + service, + owning_account_id + from + aws_resource_explorer_search; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Resource Explorer diff --git a/queries/aws_resource_explorer_search_2.yaml b/queries/aws_resource_explorer_search_2.yaml index 631793c17..02a189746 100755 --- a/queries/aws_resource_explorer_search_2.yaml +++ b/queries/aws_resource_explorer_search_2.yaml @@ -1,7 +1,7 @@ ID: aws_resource_explorer_search_2 Title: "Find AWS Resource Details with AWS Resource Explorer" Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_resource_explorer_search_2.yaml.bak b/queries/aws_resource_explorer_search_2.yaml.bak new file mode 100755 index 000000000..631793c17 --- /dev/null +++ b/queries/aws_resource_explorer_search_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_resource_explorer_search_2 +Title: "Find AWS Resource Details with AWS Resource Explorer" +Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + region, + resource_type, + service, + owning_account_id + from + aws_resource_explorer_search + where + query = '-service:iam'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_search_3.yaml b/queries/aws_resource_explorer_search_3.yaml index 4714225c4..ba0e0d22c 100755 --- a/queries/aws_resource_explorer_search_3.yaml +++ b/queries/aws_resource_explorer_search_3.yaml @@ -1,7 +1,7 @@ ID: aws_resource_explorer_search_3 Title: "List all AWS resources with detailed information" Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_resource_explorer_search_3.yaml.bak b/queries/aws_resource_explorer_search_3.yaml.bak new file mode 100755 index 000000000..4714225c4 --- /dev/null +++ b/queries/aws_resource_explorer_search_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_resource_explorer_search_3 +Title: "List all AWS resources with detailed information" +Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + region, + resource_type, + service, + owning_account_id + from + aws_resource_explorer_search + where + query = '-service:iam region:us-*'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Resource Explorer diff --git a/queries/aws_resource_explorer_search_4.yaml b/queries/aws_resource_explorer_search_4.yaml index faec018cf..7d64d52a5 100755 --- a/queries/aws_resource_explorer_search_4.yaml +++ b/queries/aws_resource_explorer_search_4.yaml @@ -1,7 +1,7 @@ ID: aws_resource_explorer_search_4 Title: "List All AWS Resources in Resource Explorer" Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_resource_explorer_search_4.yaml.bak b/queries/aws_resource_explorer_search_4.yaml.bak new file mode 100755 index 000000000..faec018cf --- /dev/null +++ b/queries/aws_resource_explorer_search_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_resource_explorer_search_4 +Title: "List All AWS Resources in Resource Explorer" +Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + region, + resource_type, + service, + owning_account_id + from + aws_resource_explorer_search + where + query = 'resourcetype:iam:user'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Resource Explorer diff --git a/queries/aws_resource_explorer_search_5.yaml b/queries/aws_resource_explorer_search_5.yaml index a19929ac1..25fa8ac35 100755 --- a/queries/aws_resource_explorer_search_5.yaml +++ b/queries/aws_resource_explorer_search_5.yaml @@ -1,7 +1,7 @@ ID: aws_resource_explorer_search_5 Title: "List all Resources Across AWS Services" Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_resource_explorer_search_5.yaml.bak b/queries/aws_resource_explorer_search_5.yaml.bak new file mode 100755 index 000000000..a19929ac1 --- /dev/null +++ b/queries/aws_resource_explorer_search_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_resource_explorer_search_5 +Title: "List all Resources Across AWS Services" +Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + region, + resource_type, + service, + owning_account_id + from + aws_resource_explorer_search + where + query = '-tag:none'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_search_6.yaml b/queries/aws_resource_explorer_search_6.yaml index 86eb4e76a..3c5135d42 100755 --- a/queries/aws_resource_explorer_search_6.yaml +++ b/queries/aws_resource_explorer_search_6.yaml @@ -1,7 +1,7 @@ ID: aws_resource_explorer_search_6 Title: "List all resources across AWS services" Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_resource_explorer_search_6.yaml.bak b/queries/aws_resource_explorer_search_6.yaml.bak new file mode 100755 index 000000000..3c5135d42 --- /dev/null +++ b/queries/aws_resource_explorer_search_6.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_resource_explorer_search_6 +Title: "List all resources across AWS services" +Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + region, + resource_type, + service, + owning_account_id + from + aws_resource_explorer_search + where + query = 'tag.key:environment'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_search_6.yaml.bak.bak b/queries/aws_resource_explorer_search_6.yaml.bak.bak new file mode 100755 index 000000000..3c5135d42 --- /dev/null +++ b/queries/aws_resource_explorer_search_6.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_resource_explorer_search_6 +Title: "List all resources across AWS services" +Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + region, + resource_type, + service, + owning_account_id + from + aws_resource_explorer_search + where + query = 'tag.key:environment'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_search_7.yaml b/queries/aws_resource_explorer_search_7.yaml index de26a188b..3475d94ed 100755 --- a/queries/aws_resource_explorer_search_7.yaml +++ b/queries/aws_resource_explorer_search_7.yaml @@ -1,7 +1,7 @@ ID: aws_resource_explorer_search_7 Title: "List all resources across AWS services" Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_resource_explorer_search_7.yaml.bak b/queries/aws_resource_explorer_search_7.yaml.bak new file mode 100755 index 000000000..de26a188b --- /dev/null +++ b/queries/aws_resource_explorer_search_7.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_resource_explorer_search_7 +Title: "List all resources across AWS services" +Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + region, + resource_type, + service, + owning_account_id + from + aws_resource_explorer_search + where + query = 'region:global'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_search_8.yaml b/queries/aws_resource_explorer_search_8.yaml index 4a76d17b7..5ba841fb2 100755 --- a/queries/aws_resource_explorer_search_8.yaml +++ b/queries/aws_resource_explorer_search_8.yaml @@ -1,7 +1,7 @@ ID: aws_resource_explorer_search_8 Title: "List all AWS resources with details using Resource Explorer" Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_resource_explorer_search_8.yaml.bak b/queries/aws_resource_explorer_search_8.yaml.bak new file mode 100755 index 000000000..4a76d17b7 --- /dev/null +++ b/queries/aws_resource_explorer_search_8.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_resource_explorer_search_8 +Title: "List all AWS resources with details using Resource Explorer" +Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + region, + resource_type, + service, + owning_account_id + from + aws_resource_explorer_search + where + view_arn = 'arn:aws:resource-explorer-2:ap-south-1:111122223333:view/view1/7c9e9845-4736-409f-9c0f-673fe7ce3e46'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_supported_resource_type_1.yaml b/queries/aws_resource_explorer_supported_resource_type_1.yaml index d09ed9cb6..6e0daf275 100755 --- a/queries/aws_resource_explorer_supported_resource_type_1.yaml +++ b/queries/aws_resource_explorer_supported_resource_type_1.yaml @@ -1,7 +1,7 @@ ID: aws_resource_explorer_supported_resource_type_1 Title: "Find AWS Resource Explorer Supported Resource Types" Description: "Allows users to query AWS Resource Explorer Supported Resource Types to obtain details about supported resource types for AWS Resource Groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_resource_explorer_supported_resource_type_1.yaml.bak b/queries/aws_resource_explorer_supported_resource_type_1.yaml.bak new file mode 100755 index 000000000..d09ed9cb6 --- /dev/null +++ b/queries/aws_resource_explorer_supported_resource_type_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_resource_explorer_supported_resource_type_1 +Title: "Find AWS Resource Explorer Supported Resource Types" +Description: "Allows users to query AWS Resource Explorer Supported Resource Types to obtain details about supported resource types for AWS Resource Groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + resource_type + from + aws_resource_explorer_supported_resource_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_supported_resource_type_2.yaml b/queries/aws_resource_explorer_supported_resource_type_2.yaml index 50f180360..9145813f3 100755 --- a/queries/aws_resource_explorer_supported_resource_type_2.yaml +++ b/queries/aws_resource_explorer_supported_resource_type_2.yaml @@ -1,7 +1,7 @@ ID: aws_resource_explorer_supported_resource_type_2 Title: "Find supported AWS Resource Explorer types for Resource Groups" Description: "Allows users to query AWS Resource Explorer Supported Resource Types to obtain details about supported resource types for AWS Resource Groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_resource_explorer_supported_resource_type_2.yaml.bak b/queries/aws_resource_explorer_supported_resource_type_2.yaml.bak new file mode 100755 index 000000000..50f180360 --- /dev/null +++ b/queries/aws_resource_explorer_supported_resource_type_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_resource_explorer_supported_resource_type_2 +Title: "Find supported AWS Resource Explorer types for Resource Groups" +Description: "Allows users to query AWS Resource Explorer Supported Resource Types to obtain details about supported resource types for AWS Resource Groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service, + resource_type + from + aws_resource_explorer_supported_resource_type + where + service = 'iam'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Resource Explorer diff --git a/queries/aws_route53_domain_1.yaml b/queries/aws_route53_domain_1.yaml index d901ac7a1..e4709d003 100755 --- a/queries/aws_route53_domain_1.yaml +++ b/queries/aws_route53_domain_1.yaml @@ -1,7 +1,7 @@ ID: aws_route53_domain_1 Title: "Find all AWS Route 53 Domains Information" Description: "Allows users to query AWS Route 53 Domains for detailed information about domain names, including their status, expiration date, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_domain_1.yaml.bak b/queries/aws_route53_domain_1.yaml.bak new file mode 100755 index 000000000..d901ac7a1 --- /dev/null +++ b/queries/aws_route53_domain_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_route53_domain_1 +Title: "Find all AWS Route 53 Domains Information" +Description: "Allows users to query AWS Route 53 Domains for detailed information about domain names, including their status, expiration date, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + auto_renew, + expiration_date + from + aws_route53_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_domain_2.yaml b/queries/aws_route53_domain_2.yaml index 21baa5bad..93cadbbbb 100755 --- a/queries/aws_route53_domain_2.yaml +++ b/queries/aws_route53_domain_2.yaml @@ -1,7 +1,7 @@ ID: aws_route53_domain_2 Title: "List all AWS Route 53 Domains with Details" Description: "Allows users to query AWS Route 53 Domains for detailed information about domain names, including their status, expiration date, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_domain_2.yaml.bak b/queries/aws_route53_domain_2.yaml.bak new file mode 100755 index 000000000..21baa5bad --- /dev/null +++ b/queries/aws_route53_domain_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_route53_domain_2 +Title: "List all AWS Route 53 Domains with Details" +Description: "Allows users to query AWS Route 53 Domains for detailed information about domain names, including their status, expiration date, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + auto_renew, + expiration_date + from + aws_route53_domain + where + auto_renew; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_domain_3.yaml b/queries/aws_route53_domain_3.yaml index fbf24296b..ac6afa86d 100755 --- a/queries/aws_route53_domain_3.yaml +++ b/queries/aws_route53_domain_3.yaml @@ -1,7 +1,7 @@ ID: aws_route53_domain_3 Title: "Find AWS Route 53 Domains with Transfer Lock Status" Description: "Allows users to query AWS Route 53 Domains for detailed information about domain names, including their status, expiration date, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_domain_3.yaml.bak b/queries/aws_route53_domain_3.yaml.bak new file mode 100755 index 000000000..fbf24296b --- /dev/null +++ b/queries/aws_route53_domain_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_route53_domain_3 +Title: "Find AWS Route 53 Domains with Transfer Lock Status" +Description: "Allows users to query AWS Route 53 Domains for detailed information about domain names, including their status, expiration date, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + domain_name, + expiration_date, + transfer_lock + from + aws_route53_domain + where + transfer_lock; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_health_check_1.yaml b/queries/aws_route53_health_check_1.yaml index 09f4a6be7..bbde88ba1 100755 --- a/queries/aws_route53_health_check_1.yaml +++ b/queries/aws_route53_health_check_1.yaml @@ -1,7 +1,7 @@ ID: aws_route53_health_check_1 Title: "List all Health Check Details in AWS Route 53" Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_health_check_1.yaml.bak b/queries/aws_route53_health_check_1.yaml.bak new file mode 100755 index 000000000..09f4a6be7 --- /dev/null +++ b/queries/aws_route53_health_check_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_route53_health_check_1 +Title: "List all Health Check Details in AWS Route 53" +Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + akas, + id, + health_check_version, + health_check_config + from + aws_route53_health_check; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_health_check_2.yaml b/queries/aws_route53_health_check_2.yaml index 0661af02d..6ffed78bd 100755 --- a/queries/aws_route53_health_check_2.yaml +++ b/queries/aws_route53_health_check_2.yaml @@ -1,7 +1,7 @@ ID: aws_route53_health_check_2 Title: "List all AWS Route 53 Health Check Data and Configuration" Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_health_check_2.yaml.bak b/queries/aws_route53_health_check_2.yaml.bak new file mode 100755 index 000000000..0661af02d --- /dev/null +++ b/queries/aws_route53_health_check_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_route53_health_check_2 +Title: "List all AWS Route 53 Health Check Data and Configuration" +Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + health_check_version, + cloud_watch_alarm_configuration ->> 'ComparisonOperator' as cloud_watch_comparison_operator, + cloud_watch_alarm_configuration ->> 'Dimensions' as cloud_watch_dimensions, + cloud_watch_alarm_configuration ->> 'EvaluationPeriods' as cloud_watch_evaluation_periods, + cloud_watch_alarm_configuration ->> 'MetricName' as cloud_watch_metric_name, + cloud_watch_alarm_configuration ->> 'Period' as cloud_watch_period, + cloud_watch_alarm_configuration ->> 'Statistic' as cloud_watch_statistic, + cloud_watch_alarm_configuration ->> 'Threshold' as cloud_watch_threshold + from + aws_route53_health_check + where + cloud_watch_alarm_configuration is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_health_check_3.yaml b/queries/aws_route53_health_check_3.yaml index a0e7a0e53..58258feda 100755 --- a/queries/aws_route53_health_check_3.yaml +++ b/queries/aws_route53_health_check_3.yaml @@ -1,7 +1,7 @@ ID: aws_route53_health_check_3 Title: "Find AWS Route 53 Health Check Configuration and Status" Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_health_check_3.yaml.bak b/queries/aws_route53_health_check_3.yaml.bak new file mode 100755 index 000000000..a0e7a0e53 --- /dev/null +++ b/queries/aws_route53_health_check_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_route53_health_check_3 +Title: "Find AWS Route 53 Health Check Configuration and Status" +Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + health_check_version, + linked_service_description, + linked_service_principal + from + aws_route53_health_check + where + linked_service_description is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_health_check_4.yaml b/queries/aws_route53_health_check_4.yaml index 75e9594c2..02c0ce22c 100755 --- a/queries/aws_route53_health_check_4.yaml +++ b/queries/aws_route53_health_check_4.yaml @@ -1,7 +1,7 @@ ID: aws_route53_health_check_4 Title: "List all AWS Route 53 Health Check using SQL" Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_health_check_4.yaml.bak b/queries/aws_route53_health_check_4.yaml.bak new file mode 100755 index 000000000..75e9594c2 --- /dev/null +++ b/queries/aws_route53_health_check_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_route53_health_check_4 +Title: "List all AWS Route 53 Health Check using SQL" +Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + health_check_version, + health_check_config ->> 'Disabled' as disabled + from + aws_route53_health_check + where + cast(health_check_config ->> 'Disabled' as boolean); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Route 53 diff --git a/queries/aws_route53_health_check_5.yaml b/queries/aws_route53_health_check_5.yaml index d0821e9fc..08fa77a6c 100755 --- a/queries/aws_route53_health_check_5.yaml +++ b/queries/aws_route53_health_check_5.yaml @@ -1,7 +1,7 @@ ID: aws_route53_health_check_5 Title: "Find AWS Route 53 Health Check Configuration Details" Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_health_check_5.yaml.bak b/queries/aws_route53_health_check_5.yaml.bak new file mode 100755 index 000000000..08fa77a6c --- /dev/null +++ b/queries/aws_route53_health_check_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_route53_health_check_5 +Title: "Find AWS Route 53 Health Check Configuration Details" +Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + health_check_version, + health_check_config ->> 'FullyQualifiedDomainName' as fully_qualified_domain_name, + health_check_config ->> 'IPAddress' as ip_address, + health_check_config ->> 'Port' as port, + health_check_config ->> 'Type' as type, + health_check_config ->> 'RequestInterval' as request_interval + from + aws_route53_health_check; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_health_check_5.yaml.bak.bak b/queries/aws_route53_health_check_5.yaml.bak.bak new file mode 100755 index 000000000..08fa77a6c --- /dev/null +++ b/queries/aws_route53_health_check_5.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_route53_health_check_5 +Title: "Find AWS Route 53 Health Check Configuration Details" +Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + health_check_version, + health_check_config ->> 'FullyQualifiedDomainName' as fully_qualified_domain_name, + health_check_config ->> 'IPAddress' as ip_address, + health_check_config ->> 'Port' as port, + health_check_config ->> 'Type' as type, + health_check_config ->> 'RequestInterval' as request_interval + from + aws_route53_health_check; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_health_check_6.yaml b/queries/aws_route53_health_check_6.yaml index b8f113bb6..d8dcb19b0 100755 --- a/queries/aws_route53_health_check_6.yaml +++ b/queries/aws_route53_health_check_6.yaml @@ -1,7 +1,7 @@ ID: aws_route53_health_check_6 Title: "Find AWS Route 53 Health Check Details and Status" Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_health_check_6.yaml.bak b/queries/aws_route53_health_check_6.yaml.bak new file mode 100755 index 000000000..b8f113bb6 --- /dev/null +++ b/queries/aws_route53_health_check_6.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_route53_health_check_6 +Title: "Find AWS Route 53 Health Check Details and Status" +Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + health_check_version, + health_check_config ->> 'FullyQualifiedDomainName' as fully_qualified_domain_name, + health_check_config ->> 'IPAddress' as ip_address, + health_check_config ->> 'Port' as port, + health_check_config ->> 'Type' as type, + health_check_config ->> 'RequestInterval' as request_interval, + health_check_config ->> 'AlarmIdentifier' as alarm_identifier + from + aws_route53_health_check + where + health_check_config ->> 'AlarmIdentifier' is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_health_check_7.yaml b/queries/aws_route53_health_check_7.yaml index 55698a76a..ad64c9b8f 100755 --- a/queries/aws_route53_health_check_7.yaml +++ b/queries/aws_route53_health_check_7.yaml @@ -1,7 +1,7 @@ ID: aws_route53_health_check_7 Title: "Find AWS Route 53 Health Check Details" Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_health_check_7.yaml.bak b/queries/aws_route53_health_check_7.yaml.bak new file mode 100755 index 000000000..55698a76a --- /dev/null +++ b/queries/aws_route53_health_check_7.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_route53_health_check_7 +Title: "Find AWS Route 53 Health Check Details" +Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.id, + r.health_check_version, + hc ->> 'IPAddress' as ip_address, + hc ->> 'Region' as region, + hc-> 'StatusReport' as status_report + from + aws_route53_health_check as r, + jsonb_array_elements(health_check_status) hc + where + hc-> 'StatusReport' ->> 'Status' not like '%Success%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_query_log_1.yaml b/queries/aws_route53_query_log_1.yaml index f76e7b883..3f7ad1178 100755 --- a/queries/aws_route53_query_log_1.yaml +++ b/queries/aws_route53_query_log_1.yaml @@ -1,7 +1,7 @@ ID: aws_route53_query_log_1 Title: "List all AWS Route 53 Query Log DNS queries" Description: "Allows users to query AWS Route 53 Query Log data, providing insights into DNS queries made to Route 53 hosted zones." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_query_log_1.yaml.bak b/queries/aws_route53_query_log_1.yaml.bak new file mode 100755 index 000000000..f76e7b883 --- /dev/null +++ b/queries/aws_route53_query_log_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_route53_query_log_1 +Title: "List all AWS Route 53 Query Log DNS queries" +Description: "Allows users to query AWS Route 53 Query Log data, providing insights into DNS queries made to Route 53 hosted zones." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + hosted_zone_id, + cloud_watch_logs_log_group_arn, + title, + akas + from + aws_route53_query_log; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_query_log_2.yaml b/queries/aws_route53_query_log_2.yaml index 4c4ea47b0..d7091c294 100755 --- a/queries/aws_route53_query_log_2.yaml +++ b/queries/aws_route53_query_log_2.yaml @@ -1,7 +1,7 @@ ID: aws_route53_query_log_2 Title: "Find AWS Route 53 Query Log Data with SQL" Description: "Allows users to query AWS Route 53 Query Log data, providing insights into DNS queries made to Route 53 hosted zones." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_query_log_2.yaml.bak b/queries/aws_route53_query_log_2.yaml.bak new file mode 100755 index 000000000..4c4ea47b0 --- /dev/null +++ b/queries/aws_route53_query_log_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_route53_query_log_2 +Title: "Find AWS Route 53 Query Log Data with SQL" +Description: "Allows users to query AWS Route 53 Query Log data, providing insights into DNS queries made to Route 53 hosted zones." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + l.id, + l.hosted_zone_id, + z.private_zone, + z.resource_record_set_count + from + aws_route53_query_log as l, + aws_route53_zone as z + where + z.id = l.hosted_zone_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_query_log_3.yaml b/queries/aws_route53_query_log_3.yaml index 9b328c579..d996a3067 100755 --- a/queries/aws_route53_query_log_3.yaml +++ b/queries/aws_route53_query_log_3.yaml @@ -1,7 +1,7 @@ ID: aws_route53_query_log_3 Title: "List all DNS Queries from AWS Route 53 Query Log" Description: "Allows users to query AWS Route 53 Query Log data, providing insights into DNS queries made to Route 53 hosted zones." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_query_log_3.yaml.bak b/queries/aws_route53_query_log_3.yaml.bak new file mode 100755 index 000000000..9b328c579 --- /dev/null +++ b/queries/aws_route53_query_log_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_route53_query_log_3 +Title: "List all DNS Queries from AWS Route 53 Query Log" +Description: "Allows users to query AWS Route 53 Query Log data, providing insights into DNS queries made to Route 53 hosted zones." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + hosted_zone_id, + count(id) + from + aws_route53_query_log + group by + hosted_zone_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_record_1.yaml b/queries/aws_route53_record_1.yaml index 9ce06d097..466f54bec 100755 --- a/queries/aws_route53_record_1.yaml +++ b/queries/aws_route53_record_1.yaml @@ -1,7 +1,7 @@ ID: aws_route53_record_1 Title: "Find AWS Route 53 Record Details Using SQL" Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_record_1.yaml.bak b/queries/aws_route53_record_1.yaml.bak new file mode 100755 index 000000000..9ce06d097 --- /dev/null +++ b/queries/aws_route53_record_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_route53_record_1 +Title: "Find AWS Route 53 Record Details Using SQL" +Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + type, + records, + alias_target + from + aws_route53_record; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_record_2.yaml b/queries/aws_route53_record_2.yaml index ee101fbe3..460f40b58 100755 --- a/queries/aws_route53_record_2.yaml +++ b/queries/aws_route53_record_2.yaml @@ -1,7 +1,7 @@ ID: aws_route53_record_2 Title: "Find AWS Route 53 DNS Records with Steampipe SQL" Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_record_2.yaml.bak b/queries/aws_route53_record_2.yaml.bak new file mode 100755 index 000000000..ee101fbe3 --- /dev/null +++ b/queries/aws_route53_record_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_route53_record_2 +Title: "Find AWS Route 53 DNS Records with Steampipe SQL" +Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.name, + r.type, + record + from + aws_route53_record as r, + jsonb_array_elements_text(records) as record + where + name = 'test.com.'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 DNS diff --git a/queries/aws_route53_record_3.yaml b/queries/aws_route53_record_3.yaml index 11be5f4b4..a5e6f2d9e 100755 --- a/queries/aws_route53_record_3.yaml +++ b/queries/aws_route53_record_3.yaml @@ -1,7 +1,7 @@ ID: aws_route53_record_3 Title: "Find DNS Records with AWS Route 53 Using Steampipe" Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_record_3.yaml.bak b/queries/aws_route53_record_3.yaml.bak new file mode 100755 index 000000000..11be5f4b4 --- /dev/null +++ b/queries/aws_route53_record_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_route53_record_3 +Title: "Find DNS Records with AWS Route 53 Using Steampipe" +Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.name, + r.type, + record + from + aws_route53_record as r, + jsonb_array_elements_text(records) as record + where + r.type = 'NS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_record_4.yaml b/queries/aws_route53_record_4.yaml index 8e486b51f..ae8caa315 100755 --- a/queries/aws_route53_record_4.yaml +++ b/queries/aws_route53_record_4.yaml @@ -1,7 +1,7 @@ ID: aws_route53_record_4 Title: "List AWS Route 53 DNS Record Details" Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_record_4.yaml.bak b/queries/aws_route53_record_4.yaml.bak new file mode 100755 index 000000000..8e486b51f --- /dev/null +++ b/queries/aws_route53_record_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_route53_record_4 +Title: "List AWS Route 53 DNS Record Details" +Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.name, + r.type, + record + from + aws_route53_record as r, + jsonb_array_elements_text(records) as record + where + r.name = 'test.com.' + and r.type = 'NS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_record_5.yaml b/queries/aws_route53_record_5.yaml index 4cf9c1e6c..e047d02e2 100755 --- a/queries/aws_route53_record_5.yaml +++ b/queries/aws_route53_record_5.yaml @@ -1,7 +1,7 @@ ID: aws_route53_record_5 Title: "Find DNS Record Details in AWS Route 53" Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_record_5.yaml.bak b/queries/aws_route53_record_5.yaml.bak new file mode 100755 index 000000000..4cf9c1e6c --- /dev/null +++ b/queries/aws_route53_record_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_route53_record_5 +Title: "Find DNS Record Details in AWS Route 53" +Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + type, + count(*) + from + aws_route53_record + group by + type + order by + count desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_record_6.yaml b/queries/aws_route53_record_6.yaml index bd5af688d..4fd8fab46 100755 --- a/queries/aws_route53_record_6.yaml +++ b/queries/aws_route53_record_6.yaml @@ -1,7 +1,7 @@ ID: aws_route53_record_6 Title: "List all DNS records in AWS Route 53 using SQL" Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_record_6.yaml.bak b/queries/aws_route53_record_6.yaml.bak new file mode 100755 index 000000000..bd5af688d --- /dev/null +++ b/queries/aws_route53_record_6.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_route53_record_6 +Title: "List all DNS records in AWS Route 53 using SQL" +Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + type, + records, + alias_target, + geo_location ->> 'ContinentCode' as continent, + geo_location ->> 'CountryCode' as country, + geo_location ->> 'SubdivisionCode' as subdivision + from + aws_route53_record + where + geo_location is not null + order by + name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - DNS diff --git a/queries/aws_route53_record_7.yaml b/queries/aws_route53_record_7.yaml index 3e014cae9..7ba125cd2 100755 --- a/queries/aws_route53_record_7.yaml +++ b/queries/aws_route53_record_7.yaml @@ -1,7 +1,7 @@ ID: aws_route53_record_7 Title: "Find all DNS Records in AWS Route 53" Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_record_7.yaml.bak b/queries/aws_route53_record_7.yaml.bak new file mode 100755 index 000000000..3e014cae9 --- /dev/null +++ b/queries/aws_route53_record_7.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_route53_record_7 +Title: "Find all DNS Records in AWS Route 53" +Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + type, + count(*) + from + aws_route53_record + left join jsonb_array_elements_text(records) as record on true + group by + name, + type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_resolver_endpoint_1.yaml b/queries/aws_route53_resolver_endpoint_1.yaml index 246d08224..38cdb4bb0 100755 --- a/queries/aws_route53_resolver_endpoint_1.yaml +++ b/queries/aws_route53_resolver_endpoint_1.yaml @@ -1,7 +1,7 @@ ID: aws_route53_resolver_endpoint_1 Title: "List all AWS Route 53 Resolver Endpoints with Details" Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_resolver_endpoint_1.yaml.bak b/queries/aws_route53_resolver_endpoint_1.yaml.bak new file mode 100755 index 000000000..246d08224 --- /dev/null +++ b/queries/aws_route53_resolver_endpoint_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_route53_resolver_endpoint_1 +Title: "List all AWS Route 53 Resolver Endpoints with Details" +Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + direction, + ip_address_count + status + from + aws_route53_resolver_endpoint; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 Resolver diff --git a/queries/aws_route53_resolver_endpoint_2.yaml b/queries/aws_route53_resolver_endpoint_2.yaml index eb235d2d1..0e231c71f 100755 --- a/queries/aws_route53_resolver_endpoint_2.yaml +++ b/queries/aws_route53_resolver_endpoint_2.yaml @@ -1,7 +1,7 @@ ID: aws_route53_resolver_endpoint_2 Title: "List AWS Route 53 Resolver Endpoints with Details" Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_resolver_endpoint_2.yaml.bak b/queries/aws_route53_resolver_endpoint_2.yaml.bak new file mode 100755 index 000000000..eb235d2d1 --- /dev/null +++ b/queries/aws_route53_resolver_endpoint_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_route53_resolver_endpoint_2 +Title: "List AWS Route 53 Resolver Endpoints with Details" +Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + direction, + ip_address_count + status + from + aws_route53_resolver_endpoint + where + id = 'rslvr-out-ebb7db0b7498463eb'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_resolver_endpoint_3.yaml b/queries/aws_route53_resolver_endpoint_3.yaml index 6e8b19570..be7b972e2 100755 --- a/queries/aws_route53_resolver_endpoint_3.yaml +++ b/queries/aws_route53_resolver_endpoint_3.yaml @@ -1,7 +1,7 @@ ID: aws_route53_resolver_endpoint_3 Title: "List all AWS Route 53 Resolver Endpoints Needing Action" Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_resolver_endpoint_3.yaml.bak b/queries/aws_route53_resolver_endpoint_3.yaml.bak new file mode 100755 index 000000000..6e8b19570 --- /dev/null +++ b/queries/aws_route53_resolver_endpoint_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_route53_resolver_endpoint_3 +Title: "List all AWS Route 53 Resolver Endpoints Needing Action" +Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + direction, + status, + status_message + from + aws_route53_resolver_endpoint + where + status = 'ACTION_NEEDED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 Resolver diff --git a/queries/aws_route53_resolver_endpoint_4.yaml b/queries/aws_route53_resolver_endpoint_4.yaml index d507321c7..3b5dfbae7 100755 --- a/queries/aws_route53_resolver_endpoint_4.yaml +++ b/queries/aws_route53_resolver_endpoint_4.yaml @@ -1,7 +1,7 @@ ID: aws_route53_resolver_endpoint_4 Title: "List All AWS Route 53 Resolver Endpoints and Details" Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_resolver_endpoint_4.yaml.bak b/queries/aws_route53_resolver_endpoint_4.yaml.bak new file mode 100755 index 000000000..d507321c7 --- /dev/null +++ b/queries/aws_route53_resolver_endpoint_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_route53_resolver_endpoint_4 +Title: "List All AWS Route 53 Resolver Endpoints and Details" +Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + p ->> 'Ip' as ip, + p ->> 'Status' as status, + p ->> 'SubnetId' as subnet_id + from + aws_route53_resolver_endpoint, + jsonb_array_elements(ip_addresses) as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_resolver_query_log_config_1.yaml b/queries/aws_route53_resolver_query_log_config_1.yaml index 6c7d4c374..3334a7a84 100755 --- a/queries/aws_route53_resolver_query_log_config_1.yaml +++ b/queries/aws_route53_resolver_query_log_config_1.yaml @@ -1,7 +1,7 @@ ID: aws_route53_resolver_query_log_config_1 Title: "Find Route 53 Resolver Query Log Configurations" Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_resolver_query_log_config_1.yaml.bak b/queries/aws_route53_resolver_query_log_config_1.yaml.bak new file mode 100755 index 000000000..6c7d4c374 --- /dev/null +++ b/queries/aws_route53_resolver_query_log_config_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_route53_resolver_query_log_config_1 +Title: "Find Route 53 Resolver Query Log Configurations" +Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + creation_time, + share_status, + status + from + aws_route53_resolver_query_log_config; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_resolver_query_log_config_2.yaml b/queries/aws_route53_resolver_query_log_config_2.yaml index 49895d478..f163e2892 100755 --- a/queries/aws_route53_resolver_query_log_config_2.yaml +++ b/queries/aws_route53_resolver_query_log_config_2.yaml @@ -1,7 +1,7 @@ ID: aws_route53_resolver_query_log_config_2 Title: "List all AWS Route 53 Resolver Query Log Configurations" Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_resolver_query_log_config_2.yaml.bak b/queries/aws_route53_resolver_query_log_config_2.yaml.bak new file mode 100755 index 000000000..49895d478 --- /dev/null +++ b/queries/aws_route53_resolver_query_log_config_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_route53_resolver_query_log_config_2 +Title: "List all AWS Route 53 Resolver Query Log Configurations" +Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + creation_time, + share_status, + status, + destination_arn + from + aws_route53_resolver_query_log_config + where + owner_id <> account_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 + cloud_traffic_analytics: + - "true" diff --git a/queries/aws_route53_resolver_query_log_config_3.yaml b/queries/aws_route53_resolver_query_log_config_3.yaml index 8e1fdcd56..e87143364 100755 --- a/queries/aws_route53_resolver_query_log_config_3.yaml +++ b/queries/aws_route53_resolver_query_log_config_3.yaml @@ -1,7 +1,7 @@ ID: aws_route53_resolver_query_log_config_3 Title: "Find AWS Route 53 Resolver Query Log Configurations" Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_resolver_query_log_config_3.yaml.bak b/queries/aws_route53_resolver_query_log_config_3.yaml.bak new file mode 100755 index 000000000..8e1fdcd56 --- /dev/null +++ b/queries/aws_route53_resolver_query_log_config_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_route53_resolver_query_log_config_3 +Title: "Find AWS Route 53 Resolver Query Log Configurations" +Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + creator_request_id, + destination_arn + from + aws_route53_resolver_query_log_config + where + status = 'FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_resolver_query_log_config_4.yaml b/queries/aws_route53_resolver_query_log_config_4.yaml index 5491d3f05..c06576960 100755 --- a/queries/aws_route53_resolver_query_log_config_4.yaml +++ b/queries/aws_route53_resolver_query_log_config_4.yaml @@ -1,7 +1,7 @@ ID: aws_route53_resolver_query_log_config_4 Title: "Find AWS Route 53 Resolver Query Log Configurations" Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_resolver_query_log_config_4.yaml.bak b/queries/aws_route53_resolver_query_log_config_4.yaml.bak new file mode 100755 index 000000000..5491d3f05 --- /dev/null +++ b/queries/aws_route53_resolver_query_log_config_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_route53_resolver_query_log_config_4 +Title: "Find AWS Route 53 Resolver Query Log Configurations" +Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + share_status, + association_count + from + aws_route53_resolver_query_log_config + where + share_status = 'SHARED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_resolver_query_log_config_5.yaml b/queries/aws_route53_resolver_query_log_config_5.yaml index ae9bb55fe..a154ed87a 100755 --- a/queries/aws_route53_resolver_query_log_config_5.yaml +++ b/queries/aws_route53_resolver_query_log_config_5.yaml @@ -1,7 +1,7 @@ ID: aws_route53_resolver_query_log_config_5 Title: "Find AWS Route 53 Resolver Query Log Configurations" Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_resolver_query_log_config_5.yaml.bak b/queries/aws_route53_resolver_query_log_config_5.yaml.bak new file mode 100755 index 000000000..a154ed87a --- /dev/null +++ b/queries/aws_route53_resolver_query_log_config_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_route53_resolver_query_log_config_5 +Title: "Find AWS Route 53 Resolver Query Log Configurations" +Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + creation_time, + destination_arn, + status + from + aws_route53_resolver_query_log_config + where + creation_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_resolver_query_log_config_5.yaml.bak.bak b/queries/aws_route53_resolver_query_log_config_5.yaml.bak.bak new file mode 100755 index 000000000..ae9bb55fe --- /dev/null +++ b/queries/aws_route53_resolver_query_log_config_5.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_route53_resolver_query_log_config_5 +Title: "Find AWS Route 53 Resolver Query Log Configurations" +Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + creation_time, + destination_arn, + status + from + aws_route53_resolver_query_log_config + where + creation_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_resolver_rule_1.yaml b/queries/aws_route53_resolver_rule_1.yaml index 641d2d13c..1fb924398 100755 --- a/queries/aws_route53_resolver_rule_1.yaml +++ b/queries/aws_route53_resolver_rule_1.yaml @@ -1,7 +1,7 @@ ID: aws_route53_resolver_rule_1 Title: "List all AWS Route 53 Resolver Rules" Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_resolver_rule_1.yaml.bak b/queries/aws_route53_resolver_rule_1.yaml.bak new file mode 100755 index 000000000..641d2d13c --- /dev/null +++ b/queries/aws_route53_resolver_rule_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_route53_resolver_rule_1 +Title: "List all AWS Route 53 Resolver Rules" +Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + domain_name owner_id, + resolver_endpoint_id, + rule_type, + share_status, + status + from + aws_route53_resolver_rule; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_resolver_rule_2.yaml b/queries/aws_route53_resolver_rule_2.yaml index 2b9b3c967..597e8718a 100755 --- a/queries/aws_route53_resolver_rule_2.yaml +++ b/queries/aws_route53_resolver_rule_2.yaml @@ -1,7 +1,7 @@ ID: aws_route53_resolver_rule_2 Title: "Find Route 53 Resolver Rules Configured in AWS Account" Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_resolver_rule_2.yaml.bak b/queries/aws_route53_resolver_rule_2.yaml.bak new file mode 100755 index 000000000..2b9b3c967 --- /dev/null +++ b/queries/aws_route53_resolver_rule_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_route53_resolver_rule_2 +Title: "Find Route 53 Resolver Rules Configured in AWS Account" +Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + resolver_rule_associations + from + aws_route53_resolver_rule + Where + resolver_rule_associations = '[]'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_resolver_rule_3.yaml b/queries/aws_route53_resolver_rule_3.yaml index 94f8f3545..0cd96c624 100755 --- a/queries/aws_route53_resolver_rule_3.yaml +++ b/queries/aws_route53_resolver_rule_3.yaml @@ -1,7 +1,7 @@ ID: aws_route53_resolver_rule_3 Title: "Find AWS Route 53 Resolver Rule Data in AWS Account" Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_resolver_rule_3.yaml.bak b/queries/aws_route53_resolver_rule_3.yaml.bak new file mode 100755 index 000000000..94f8f3545 --- /dev/null +++ b/queries/aws_route53_resolver_rule_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_route53_resolver_rule_3 +Title: "Find AWS Route 53 Resolver Rule Data in AWS Account" +Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + p ->> 'Ip' as ip, + p ->> 'Port' as port + from + aws_route53_resolver_rule, + jsonb_array_elements(target_ips) as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_resolver_rule_4.yaml b/queries/aws_route53_resolver_rule_4.yaml index b60aad9c1..7831dbc0a 100755 --- a/queries/aws_route53_resolver_rule_4.yaml +++ b/queries/aws_route53_resolver_rule_4.yaml @@ -1,7 +1,7 @@ ID: aws_route53_resolver_rule_4 Title: "Find all AWS Route 53 Resolver Rules Configuration" Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_resolver_rule_4.yaml.bak b/queries/aws_route53_resolver_rule_4.yaml.bak new file mode 100755 index 000000000..b60aad9c1 --- /dev/null +++ b/queries/aws_route53_resolver_rule_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_route53_resolver_rule_4 +Title: "Find all AWS Route 53 Resolver Rules Configuration" +Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + share_status, + rule_type + from + aws_route53_resolver_rule + where + share_status = 'SHARED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_traffic_policy_1.yaml b/queries/aws_route53_traffic_policy_1.yaml index b4a076ac9..e863415e7 100755 --- a/queries/aws_route53_traffic_policy_1.yaml +++ b/queries/aws_route53_traffic_policy_1.yaml @@ -1,7 +1,7 @@ ID: aws_route53_traffic_policy_1 Title: "List all AWS Route 53 Traffic Policies and Metadata" Description: "Allows users to query AWS Route 53 Traffic Policies to retrieve information about each policy''s versions, including the policy identifier, name, type, and document. This table also provides data related to the policy''s associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_traffic_policy_1.yaml.bak b/queries/aws_route53_traffic_policy_1.yaml.bak new file mode 100755 index 000000000..b4a076ac9 --- /dev/null +++ b/queries/aws_route53_traffic_policy_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_route53_traffic_policy_1 +Title: "List all AWS Route 53 Traffic Policies and Metadata" +Description: "Allows users to query AWS Route 53 Traffic Policies to retrieve information about each policy''s versions, including the policy identifier, name, type, and document. This table also provides data related to the policy''s associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + version, + document, + region + from + aws_route53_traffic_policy; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_traffic_policy_2.yaml b/queries/aws_route53_traffic_policy_2.yaml index a196198f7..4b0963cf2 100755 --- a/queries/aws_route53_traffic_policy_2.yaml +++ b/queries/aws_route53_traffic_policy_2.yaml @@ -1,7 +1,7 @@ ID: aws_route53_traffic_policy_2 Title: "Find All AWS Route 53 Traffic Policy Versions and Metadata" Description: "Allows users to query AWS Route 53 Traffic Policies to retrieve information about each policy''s versions, including the policy identifier, name, type, and document. This table also provides data related to the policy''s associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_traffic_policy_2.yaml.bak b/queries/aws_route53_traffic_policy_2.yaml.bak new file mode 100755 index 000000000..a196198f7 --- /dev/null +++ b/queries/aws_route53_traffic_policy_2.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_route53_traffic_policy_2 +Title: "Find All AWS Route 53 Traffic Policy Versions and Metadata" +Description: "Allows users to query AWS Route 53 Traffic Policies to retrieve information about each policy''s versions, including the policy identifier, name, type, and document. This table also provides data related to the policy''s associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + policy.id, + policy.version, + comment + from + aws_route53_traffic_policy policy, + (select + id, + max(version) as version + from + aws_route53_traffic_policy + group by + id) as latest + where + latest.id = policy.id + and latest.version = policy.version; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_traffic_policy_3.yaml b/queries/aws_route53_traffic_policy_3.yaml index 958e4a22b..d85f40de6 100755 --- a/queries/aws_route53_traffic_policy_3.yaml +++ b/queries/aws_route53_traffic_policy_3.yaml @@ -1,7 +1,7 @@ ID: aws_route53_traffic_policy_3 Title: "List all AWS Route 53 Traffic Policies with Versions" Description: "Allows users to query AWS Route 53 Traffic Policies to retrieve information about each policy''s versions, including the policy identifier, name, type, and document. This table also provides data related to the policy''s associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_traffic_policy_3.yaml.bak b/queries/aws_route53_traffic_policy_3.yaml.bak new file mode 100755 index 000000000..958e4a22b --- /dev/null +++ b/queries/aws_route53_traffic_policy_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_route53_traffic_policy_3 +Title: "List all AWS Route 53 Traffic Policies with Versions" +Description: "Allows users to query AWS Route 53 Traffic Policies to retrieve information about each policy''s versions, including the policy identifier, name, type, and document. This table also provides data related to the policy''s associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + document ->> 'RecordType' as dns_type, + count(id) as "policies" + from + aws_route53_traffic_policy + group by + dns_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_traffic_policy_instance_1.yaml b/queries/aws_route53_traffic_policy_instance_1.yaml index 5da36ad81..ec0c3175d 100755 --- a/queries/aws_route53_traffic_policy_instance_1.yaml +++ b/queries/aws_route53_traffic_policy_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_route53_traffic_policy_instance_1 Title: "List all AWS Route 53 Traffic Policy Instances" Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_traffic_policy_instance_1.yaml.bak b/queries/aws_route53_traffic_policy_instance_1.yaml.bak new file mode 100755 index 000000000..5da36ad81 --- /dev/null +++ b/queries/aws_route53_traffic_policy_instance_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_route53_traffic_policy_instance_1 +Title: "List all AWS Route 53 Traffic Policy Instances" +Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + hosted_zone_id, + ttl, + region + from + aws_route53_traffic_policy_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_traffic_policy_instance_2.yaml b/queries/aws_route53_traffic_policy_instance_2.yaml index 74ec38571..7e0e1f5d6 100755 --- a/queries/aws_route53_traffic_policy_instance_2.yaml +++ b/queries/aws_route53_traffic_policy_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_route53_traffic_policy_instance_2 Title: "List all AWS Route 53 Traffic Policy Instances" Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_traffic_policy_instance_2.yaml.bak b/queries/aws_route53_traffic_policy_instance_2.yaml.bak new file mode 100755 index 000000000..74ec38571 --- /dev/null +++ b/queries/aws_route53_traffic_policy_instance_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_route53_traffic_policy_instance_2 +Title: "List all AWS Route 53 Traffic Policy Instances" +Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i.name, + i.id, + h.id as hosted_zone_id, + h.name as hosted_zone_name, + h.caller_reference, + h.private_zone + from + aws_route53_traffic_policy_instance i + join aws_route53_zone h on i.hosted_zone_id = h.id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_traffic_policy_instance_3.yaml b/queries/aws_route53_traffic_policy_instance_3.yaml index 0a9eb30f1..824ceee0a 100755 --- a/queries/aws_route53_traffic_policy_instance_3.yaml +++ b/queries/aws_route53_traffic_policy_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_route53_traffic_policy_instance_3 Title: "List all AWS Route 53 Traffic Policy Instances" Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_traffic_policy_instance_3.yaml.bak b/queries/aws_route53_traffic_policy_instance_3.yaml.bak new file mode 100755 index 000000000..0a9eb30f1 --- /dev/null +++ b/queries/aws_route53_traffic_policy_instance_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_route53_traffic_policy_instance_3 +Title: "List all AWS Route 53 Traffic Policy Instances" +Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i.name, + i.id, + traffic_policy_id, + p.name as traffic_policy_name, + traffic_policy_type, + traffic_policy_version, + p.document + from + aws_route53_traffic_policy_instance i + join aws_route53_traffic_policy p on i.traffic_policy_id = p.id + and i.traffic_policy_version = p.version; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_traffic_policy_instance_4.yaml b/queries/aws_route53_traffic_policy_instance_4.yaml index ade70b0ab..11be6709f 100755 --- a/queries/aws_route53_traffic_policy_instance_4.yaml +++ b/queries/aws_route53_traffic_policy_instance_4.yaml @@ -1,7 +1,7 @@ ID: aws_route53_traffic_policy_instance_4 Title: "List All AWS Route 53 Traffic Policy Instances" Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_traffic_policy_instance_4.yaml.bak b/queries/aws_route53_traffic_policy_instance_4.yaml.bak new file mode 100755 index 000000000..ade70b0ab --- /dev/null +++ b/queries/aws_route53_traffic_policy_instance_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_route53_traffic_policy_instance_4 +Title: "List All AWS Route 53 Traffic Policy Instances" +Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + state, + hosted_zone_id, + message as failed_reason + from + aws_route53_traffic_policy_instance + where + state = 'Failed'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_vpc_association_authorization_1.yaml b/queries/aws_route53_vpc_association_authorization_1.yaml index 3016eaf9d..b1727c511 100755 --- a/queries/aws_route53_vpc_association_authorization_1.yaml +++ b/queries/aws_route53_vpc_association_authorization_1.yaml @@ -1,7 +1,7 @@ ID: aws_route53_vpc_association_authorization_1 Title: "List all VPCs created by other accounts for a hosted zone" Description: "Gets a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone because you''ve submitted one or more `CreateVPCAssociationAuthorization` requests." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_vpc_association_authorization_1.yaml.bak b/queries/aws_route53_vpc_association_authorization_1.yaml.bak new file mode 100755 index 000000000..3016eaf9d --- /dev/null +++ b/queries/aws_route53_vpc_association_authorization_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_route53_vpc_association_authorization_1 +Title: "List all VPCs created by other accounts for a hosted zone" +Description: "Gets a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone because you''ve submitted one or more `CreateVPCAssociationAuthorization` requests." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + hosted_zone_id, + vpc_id, + vpc_region + from + aws_route53_vpc_association_authorization + where + hosted_zone_id = 'Z3M3LMPEXAMPLE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route53 diff --git a/queries/aws_route53_vpc_association_authorization_2.yaml b/queries/aws_route53_vpc_association_authorization_2.yaml index 867175509..2a266544e 100755 --- a/queries/aws_route53_vpc_association_authorization_2.yaml +++ b/queries/aws_route53_vpc_association_authorization_2.yaml @@ -1,7 +1,7 @@ ID: aws_route53_vpc_association_authorization_2 Title: "List all VPCs from other accounts for Route53 association" Description: "Gets a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone because you''ve submitted one or more `CreateVPCAssociationAuthorization` requests." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_vpc_association_authorization_2.yaml.bak b/queries/aws_route53_vpc_association_authorization_2.yaml.bak new file mode 100755 index 000000000..867175509 --- /dev/null +++ b/queries/aws_route53_vpc_association_authorization_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_route53_vpc_association_authorization_2 +Title: "List all VPCs from other accounts for Route53 association" +Description: "Gets a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone because you''ve submitted one or more `CreateVPCAssociationAuthorization` requests." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + hosted_zone_id, + vpc_id, + vpc_region + from + aws_route53_vpc_association_authorization + where + hosted_zone_id = 'Z3M3LMPEXAMPLE' + order by + vpc_region desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route53 diff --git a/queries/aws_route53_vpc_association_authorization_3.yaml b/queries/aws_route53_vpc_association_authorization_3.yaml index cb7d12999..c54b994a2 100755 --- a/queries/aws_route53_vpc_association_authorization_3.yaml +++ b/queries/aws_route53_vpc_association_authorization_3.yaml @@ -1,7 +1,7 @@ ID: aws_route53_vpc_association_authorization_3 Title: "List all VPCs for AWS Route53 VPC Association Authorization" Description: "Gets a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone because you''ve submitted one or more `CreateVPCAssociationAuthorization` requests." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_vpc_association_authorization_3.yaml.bak b/queries/aws_route53_vpc_association_authorization_3.yaml.bak new file mode 100755 index 000000000..cb7d12999 --- /dev/null +++ b/queries/aws_route53_vpc_association_authorization_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_route53_vpc_association_authorization_3 +Title: "List all VPCs for AWS Route53 VPC Association Authorization" +Description: "Gets a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone because you''ve submitted one or more `CreateVPCAssociationAuthorization` requests." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + auth.hosted_zone_id, + z.name, + auth.vpc_id, + auth.vpc_region + from + aws_route53_vpc_association_authorization auth + inner join + aws_route53_zone z on auth.hosted_zone_id = z.id + where z.name = 'mycooldomain.xyz'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route53 diff --git a/queries/aws_route53_zone_1.yaml b/queries/aws_route53_zone_1.yaml index 4806cb725..6fa50ae2a 100755 --- a/queries/aws_route53_zone_1.yaml +++ b/queries/aws_route53_zone_1.yaml @@ -1,7 +1,7 @@ ID: aws_route53_zone_1 Title: "List AWS Route 53 Zone Details Including Hosted Zone ID" Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_zone_1.yaml.bak b/queries/aws_route53_zone_1.yaml.bak new file mode 100755 index 000000000..4806cb725 --- /dev/null +++ b/queries/aws_route53_zone_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_route53_zone_1 +Title: "List AWS Route 53 Zone Details Including Hosted Zone ID" +Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + private_zone, + resource_record_set_count + from + aws_route53_zone; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_zone_2.yaml b/queries/aws_route53_zone_2.yaml index cba2faa11..63667ef71 100755 --- a/queries/aws_route53_zone_2.yaml +++ b/queries/aws_route53_zone_2.yaml @@ -1,7 +1,7 @@ ID: aws_route53_zone_2 Title: "List all AWS Route 53 Zone Details Including Tags and Counts" Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_zone_2.yaml.bak b/queries/aws_route53_zone_2.yaml.bak new file mode 100755 index 000000000..cba2faa11 --- /dev/null +++ b/queries/aws_route53_zone_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_route53_zone_2 +Title: "List all AWS Route 53 Zone Details Including Tags and Counts" +Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + comment, + private_zone, + resource_record_set_count + from + aws_route53_zone + where + private_zone; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_zone_3.yaml b/queries/aws_route53_zone_3.yaml index 73f758e50..4e49ca242 100755 --- a/queries/aws_route53_zone_3.yaml +++ b/queries/aws_route53_zone_3.yaml @@ -1,7 +1,7 @@ ID: aws_route53_zone_3 Title: "List AWS Route 53 Zone Details Including Hosted Zone ID" Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_zone_3.yaml.bak b/queries/aws_route53_zone_3.yaml.bak new file mode 100755 index 000000000..4e49ca242 --- /dev/null +++ b/queries/aws_route53_zone_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_route53_zone_3 +Title: "List AWS Route 53 Zone Details Including Hosted Zone ID" +Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + comment, + private_zone, + resource_record_set_count + from + aws_route53_zone + where + not private_zone; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_zone_3.yaml.bak.bak b/queries/aws_route53_zone_3.yaml.bak.bak new file mode 100755 index 000000000..4e49ca242 --- /dev/null +++ b/queries/aws_route53_zone_3.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_route53_zone_3 +Title: "List AWS Route 53 Zone Details Including Hosted Zone ID" +Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + comment, + private_zone, + resource_record_set_count + from + aws_route53_zone + where + not private_zone; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_zone_4.yaml b/queries/aws_route53_zone_4.yaml index 4a171b3cf..0e652c063 100755 --- a/queries/aws_route53_zone_4.yaml +++ b/queries/aws_route53_zone_4.yaml @@ -1,7 +1,7 @@ ID: aws_route53_zone_4 Title: "List all AWS Route 53 Zone details including record count" Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_zone_4.yaml.bak b/queries/aws_route53_zone_4.yaml.bak new file mode 100755 index 000000000..4a171b3cf --- /dev/null +++ b/queries/aws_route53_zone_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_route53_zone_4 +Title: "List all AWS Route 53 Zone details including record count" +Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + private_zone, + resource_record_set_count + from + aws_route53_zone + where + name like '%.turbot.com. + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_zone_5.yaml b/queries/aws_route53_zone_5.yaml index eb4fcb402..2cfe68f84 100755 --- a/queries/aws_route53_zone_5.yaml +++ b/queries/aws_route53_zone_5.yaml @@ -1,7 +1,7 @@ ID: aws_route53_zone_5 Title: "List AWS Route 53 Zone Details with Associated Tags" Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_zone_5.yaml.bak b/queries/aws_route53_zone_5.yaml.bak new file mode 100755 index 000000000..eb4fcb402 --- /dev/null +++ b/queries/aws_route53_zone_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_route53_zone_5 +Title: "List AWS Route 53 Zone Details with Associated Tags" +Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + v ->> 'VPCId' as vpc_id, + v ->> 'VPCRegion' as vpc_region + from + aws_route53_zone, + jsonb_array_elements(vpcs) as v; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_route53_zone_6.yaml b/queries/aws_route53_zone_6.yaml index 7e4636bf0..558b6624e 100755 --- a/queries/aws_route53_zone_6.yaml +++ b/queries/aws_route53_zone_6.yaml @@ -1,7 +1,7 @@ ID: aws_route53_zone_6 Title: "List AWS Route 53 Zone Details including Hosted Zone ID" Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_route53_zone_6.yaml.bak b/queries/aws_route53_zone_6.yaml.bak new file mode 100755 index 000000000..7e4636bf0 --- /dev/null +++ b/queries/aws_route53_zone_6.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_route53_zone_6 +Title: "List AWS Route 53 Zone Details including Hosted Zone ID" +Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + v.vpc_id as vpc_id, + v.cidr_block as cidr_block, + v.is_default as is_default, + v.dhcp_options_id as dhcp_options_id + from + aws_route53_zone, + jsonb_array_elements(vpcs) as p, + aws_vpc as v + where + p ->> 'VPCId' = v.vpc_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Route 53 diff --git a/queries/aws_s3_access_point_1.yaml b/queries/aws_s3_access_point_1.yaml index b5fad09ce..0d2bd6bd3 100755 --- a/queries/aws_s3_access_point_1.yaml +++ b/queries/aws_s3_access_point_1.yaml @@ -1,7 +1,7 @@ ID: aws_s3_access_point_1 Title: "List all AWS S3 Access Point details using SQL" Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_access_point_1.yaml.bak b/queries/aws_s3_access_point_1.yaml.bak new file mode 100755 index 000000000..0d2bd6bd3 --- /dev/null +++ b/queries/aws_s3_access_point_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_s3_access_point_1 +Title: "List all AWS S3 Access Point details using SQL" +Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + access_point_arn, + bucket_name + from + aws_s3_access_point; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_access_point_1.yaml.bak.bak b/queries/aws_s3_access_point_1.yaml.bak.bak new file mode 100755 index 000000000..0d2bd6bd3 --- /dev/null +++ b/queries/aws_s3_access_point_1.yaml.bak.bak @@ -0,0 +1,24 @@ +ID: aws_s3_access_point_1 +Title: "List all AWS S3 Access Point details using SQL" +Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + access_point_arn, + bucket_name + from + aws_s3_access_point; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_access_point_2.yaml b/queries/aws_s3_access_point_2.yaml index 37b75f7ce..8d9ce75f9 100755 --- a/queries/aws_s3_access_point_2.yaml +++ b/queries/aws_s3_access_point_2.yaml @@ -1,7 +1,7 @@ ID: aws_s3_access_point_2 Title: "List all AWS S3 Access Point details" Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_access_point_2.yaml.bak b/queries/aws_s3_access_point_2.yaml.bak new file mode 100755 index 000000000..37b75f7ce --- /dev/null +++ b/queries/aws_s3_access_point_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_s3_access_point_2 +Title: "List all AWS S3 Access Point details" +Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + access_point_arn, + vpc_id + from + aws_s3_access_point + where + vpc_id is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_access_point_3.yaml b/queries/aws_s3_access_point_3.yaml index c35e43a00..a3aec7c1e 100755 --- a/queries/aws_s3_access_point_3.yaml +++ b/queries/aws_s3_access_point_3.yaml @@ -1,7 +1,7 @@ ID: aws_s3_access_point_3 Title: "Find AWS S3 Access Point details with public policies" Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_access_point_3.yaml.bak b/queries/aws_s3_access_point_3.yaml.bak new file mode 100755 index 000000000..c35e43a00 --- /dev/null +++ b/queries/aws_s3_access_point_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_s3_access_point_3 +Title: "Find AWS S3 Access Point details with public policies" +Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + block_public_acls, + block_public_policy, + ignore_public_acls, + restrict_public_buckets + from + aws_s3_access_point + where + not block_public_acls + or not block_public_policy + or not ignore_public_acls + or not restrict_public_buckets; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_access_point_4.yaml b/queries/aws_s3_access_point_4.yaml index 2af971fdd..db567107f 100755 --- a/queries/aws_s3_access_point_4.yaml +++ b/queries/aws_s3_access_point_4.yaml @@ -1,7 +1,7 @@ ID: aws_s3_access_point_4 Title: "List all AWS S3 Access Point details including name and policy" Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_access_point_4.yaml.bak b/queries/aws_s3_access_point_4.yaml.bak new file mode 100755 index 000000000..2af971fdd --- /dev/null +++ b/queries/aws_s3_access_point_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_s3_access_point_4 +Title: "List all AWS S3 Access Point details including name and policy" +Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + access_point_policy_is_public + from + aws_s3_access_point + where + access_point_policy_is_public; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_access_point_5.yaml b/queries/aws_s3_access_point_5.yaml index a3a032a48..d5dfd189f 100755 --- a/queries/aws_s3_access_point_5.yaml +++ b/queries/aws_s3_access_point_5.yaml @@ -1,7 +1,7 @@ ID: aws_s3_access_point_5 Title: "List AWS S3 Access Point Details Including Name, Bucket" Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_access_point_5.yaml.bak b/queries/aws_s3_access_point_5.yaml.bak new file mode 100755 index 000000000..a3a032a48 --- /dev/null +++ b/queries/aws_s3_access_point_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_s3_access_point_5 +Title: "List AWS S3 Access Point Details Including Name, Bucket" +Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + bucket_name, + count(name) access_point_count + from + aws_s3_access_point + group by + bucket_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 Access Point diff --git a/queries/aws_s3_bucket_1.yaml b/queries/aws_s3_bucket_1.yaml index bfcb18bf1..0461a9adc 100755 --- a/queries/aws_s3_bucket_1.yaml +++ b/queries/aws_s3_bucket_1.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_1 Title: "List all AWS S3 Buckets with Configuration and Policies" Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_1.yaml.bak b/queries/aws_s3_bucket_1.yaml.bak new file mode 100755 index 000000000..bfcb18bf1 --- /dev/null +++ b/queries/aws_s3_bucket_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_s3_bucket_1 +Title: "List all AWS S3 Buckets with Configuration and Policies" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + region, + account_id, + bucket_policy_is_public + from + aws_s3_bucket; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_10.yaml b/queries/aws_s3_bucket_10.yaml index b6b8611d7..ddb7a58b1 100755 --- a/queries/aws_s3_bucket_10.yaml +++ b/queries/aws_s3_bucket_10.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_10 Title: "Find AWS S3 Bucket Policies and Permissions" Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_10.yaml.bak b/queries/aws_s3_bucket_10.yaml.bak new file mode 100755 index 000000000..b6b8611d7 --- /dev/null +++ b/queries/aws_s3_bucket_10.yaml.bak @@ -0,0 +1,38 @@ +ID: aws_s3_bucket_10 +Title: "Find AWS S3 Bucket Policies and Permissions" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_s3_bucket, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + string_to_array(p, ':') as pa, + jsonb_array_elements_text(s -> 'Action') as a + where + s ->> 'Effect' = 'Allow' + and ( + pa[5] != account_id + or p = '*' + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_11.yaml b/queries/aws_s3_bucket_11.yaml index 7dd93d1d5..4256d8cca 100755 --- a/queries/aws_s3_bucket_11.yaml +++ b/queries/aws_s3_bucket_11.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_11 Title: "Find AWS S3 Buckets with Object Lock Enabled" Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_11.yaml.bak b/queries/aws_s3_bucket_11.yaml.bak new file mode 100755 index 000000000..7dd93d1d5 --- /dev/null +++ b/queries/aws_s3_bucket_11.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_s3_bucket_11 +Title: "Find AWS S3 Buckets with Object Lock Enabled" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + object_lock_configuration ->> 'ObjectLockEnabled' as object_lock_enabled + from + aws_s3_bucket + where + object_lock_configuration ->> 'ObjectLockEnabled' = 'Enabled'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_12.yaml b/queries/aws_s3_bucket_12.yaml index 6c83c5e06..69a3af587 100755 --- a/queries/aws_s3_bucket_12.yaml +++ b/queries/aws_s3_bucket_12.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_12 Title: "Find all detailed AWS S3 Bucket Information via SQL" Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_12.yaml.bak b/queries/aws_s3_bucket_12.yaml.bak new file mode 100755 index 000000000..6c83c5e06 --- /dev/null +++ b/queries/aws_s3_bucket_12.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_s3_bucket_12 +Title: "Find all detailed AWS S3 Bucket Information via SQL" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + website_configuration -> 'IndexDocument' ->> 'Suffix' as suffix + from + aws_s3_bucket + where + website_configuration -> 'IndexDocument' ->> 'Suffix' is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_13.yaml b/queries/aws_s3_bucket_13.yaml index 5482d5094..c542c23f9 100755 --- a/queries/aws_s3_bucket_13.yaml +++ b/queries/aws_s3_bucket_13.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_13 Title: "Find all AWS S3 Buckets Configuration and Permissions" Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_13.yaml.bak b/queries/aws_s3_bucket_13.yaml.bak new file mode 100755 index 000000000..5482d5094 --- /dev/null +++ b/queries/aws_s3_bucket_13.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_s3_bucket_13 +Title: "Find all AWS S3 Buckets Configuration and Permissions" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + b.name, + r ->> 'ObjectOwnership' as object_ownership + from + aws_s3_bucket as b, + jsonb_array_elements(object_ownership_controls -> 'Rules') as r; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_2.yaml b/queries/aws_s3_bucket_2.yaml index 269f56240..4dcee1a5c 100755 --- a/queries/aws_s3_bucket_2.yaml +++ b/queries/aws_s3_bucket_2.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_2 Title: "Find AWS S3 Buckets Missing Versioning Using SQL" Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_2.yaml.bak b/queries/aws_s3_bucket_2.yaml.bak new file mode 100755 index 000000000..269f56240 --- /dev/null +++ b/queries/aws_s3_bucket_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_s3_bucket_2 +Title: "Find AWS S3 Buckets Missing Versioning Using SQL" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + region, + account_id, + versioning_enabled + from + aws_s3_bucket + where + not versioning_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_3.yaml b/queries/aws_s3_bucket_3.yaml index d84b34611..cff0f89d9 100755 --- a/queries/aws_s3_bucket_3.yaml +++ b/queries/aws_s3_bucket_3.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_3 Title: "Find AWS S3 buckets with no server-side encryption" Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_3.yaml.bak b/queries/aws_s3_bucket_3.yaml.bak new file mode 100755 index 000000000..d84b34611 --- /dev/null +++ b/queries/aws_s3_bucket_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_s3_bucket_3 +Title: "Find AWS S3 buckets with no server-side encryption" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + server_side_encryption_configuration + from + aws_s3_bucket + where + server_side_encryption_configuration is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_4.yaml b/queries/aws_s3_bucket_4.yaml index ad12a8c49..e0e4d0d9a 100755 --- a/queries/aws_s3_bucket_4.yaml +++ b/queries/aws_s3_bucket_4.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_4 Title: "Find AWS S3 Buckets with Public Access Details" Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_4.yaml.bak b/queries/aws_s3_bucket_4.yaml.bak new file mode 100755 index 000000000..ad12a8c49 --- /dev/null +++ b/queries/aws_s3_bucket_4.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_s3_bucket_4 +Title: "Find AWS S3 Buckets with Public Access Details" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + block_public_acls, + block_public_policy, + ignore_public_acls, + restrict_public_buckets + from + aws_s3_bucket + where + not block_public_acls + or not block_public_policy + or not ignore_public_acls + or not restrict_public_buckets; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_5.yaml b/queries/aws_s3_bucket_5.yaml index 44768beb3..9d2209e99 100755 --- a/queries/aws_s3_bucket_5.yaml +++ b/queries/aws_s3_bucket_5.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_5 Title: "Find All AWS S3 Bucket Policies and Configurations" Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_5.yaml.bak b/queries/aws_s3_bucket_5.yaml.bak new file mode 100755 index 000000000..44768beb3 --- /dev/null +++ b/queries/aws_s3_bucket_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_s3_bucket_5 +Title: "Find All AWS S3 Bucket Policies and Configurations" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + bucket_policy_is_public + from + aws_s3_bucket + where + bucket_policy_is_public; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_6.yaml b/queries/aws_s3_bucket_6.yaml index 432006d00..9caacfeaa 100755 --- a/queries/aws_s3_bucket_6.yaml +++ b/queries/aws_s3_bucket_6.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_6 Title: "Find AWS S3 Buckets with Specific Logging Target" Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_6.yaml.bak b/queries/aws_s3_bucket_6.yaml.bak new file mode 100755 index 000000000..9caacfeaa --- /dev/null +++ b/queries/aws_s3_bucket_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_s3_bucket_6 +Title: "Find AWS S3 Buckets with Specific Logging Target" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + logging ->> 'TargetBucket' as target_bucket + from + aws_s3_bucket + where + logging ->> 'TargetBucket' = name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_6.yaml.bak.bak b/queries/aws_s3_bucket_6.yaml.bak.bak new file mode 100755 index 000000000..432006d00 --- /dev/null +++ b/queries/aws_s3_bucket_6.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_s3_bucket_6 +Title: "Find AWS S3 Buckets with Specific Logging Target" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + logging ->> 'TargetBucket' as target_bucket + from + aws_s3_bucket + where + logging ->> 'TargetBucket' = name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_7.yaml b/queries/aws_s3_bucket_7.yaml index 69f50e875..7426c8aa0 100755 --- a/queries/aws_s3_bucket_7.yaml +++ b/queries/aws_s3_bucket_7.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_7 Title: "Find all AWS S3 Buckets Information with SQL" Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_7.yaml.bak b/queries/aws_s3_bucket_7.yaml.bak new file mode 100755 index 000000000..69f50e875 --- /dev/null +++ b/queries/aws_s3_bucket_7.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_s3_bucket_7 +Title: "Find all AWS S3 Buckets Information with SQL" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + tags ->> 'fizz' as fizz + from + aws_s3_bucket + where + tags ->> 'application' is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_8.yaml b/queries/aws_s3_bucket_8.yaml index b168c25bb..51903d5af 100755 --- a/queries/aws_s3_bucket_8.yaml +++ b/queries/aws_s3_bucket_8.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_8 Title: "Find all AWS S3 buckets with insecure policies" Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_8.yaml.bak b/queries/aws_s3_bucket_8.yaml.bak new file mode 100755 index 000000000..b168c25bb --- /dev/null +++ b/queries/aws_s3_bucket_8.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_s3_bucket_8 +Title: "Find all AWS S3 buckets with insecure policies" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + p as principal, + a as action, + s ->> 'Effect' as effect, + s ->> 'Condition' as conditions, + ssl + from + aws_s3_bucket, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a, + jsonb_array_elements_text( + s -> 'Condition' -> 'Bool' -> 'aws:securetransport' + ) as ssl + where + p = '*' + and s ->> 'Effect' = 'Deny' + and ssl :: bool = false; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_9.yaml b/queries/aws_s3_bucket_9.yaml index c4c103349..b476856e1 100755 --- a/queries/aws_s3_bucket_9.yaml +++ b/queries/aws_s3_bucket_9.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_9 Title: "Find AWS S3 Buckets with Specific Policies and Permissions" Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_9.yaml.bak b/queries/aws_s3_bucket_9.yaml.bak new file mode 100755 index 000000000..c4c103349 --- /dev/null +++ b/queries/aws_s3_bucket_9.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_s3_bucket_9 +Title: "Find AWS S3 Buckets with Specific Policies and Permissions" +Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name + from + aws_s3_bucket + where + name not in ( + select + name + from + aws_s3_bucket, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a, + jsonb_array_elements_text( + s -> 'Condition' -> 'Bool' -> 'aws:securetransport' + ) as ssl + where + p = '*' + and s ->> 'Effect' = 'Deny' + and ssl :: bool = false + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml b/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml index a1efe79b3..d985906bf 100755 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_intelligent_tiering_configuration_1 Title: "List all Intelligent Tiering Configurations in AWS S3" Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml.bak b/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml.bak new file mode 100755 index 000000000..a1efe79b3 --- /dev/null +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_s3_bucket_intelligent_tiering_configuration_1 +Title: "List all Intelligent Tiering Configurations in AWS S3" +Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + bucket_name, + id, + status, + tierings + from + aws_s3_bucket_intelligent_tiering_configuration; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 Bucket diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml b/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml index a5a3be1b2..e604e8811 100755 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_intelligent_tiering_configuration_2 Title: "List all AWS S3 Buckets with Intelligent Tiering Configuration" Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml.bak b/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml.bak new file mode 100755 index 000000000..a5a3be1b2 --- /dev/null +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml.bak @@ -0,0 +1,45 @@ +ID: aws_s3_bucket_intelligent_tiering_configuration_2 +Title: "List all AWS S3 Buckets with Intelligent Tiering Configuration" +Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with intelligent_tiering_configuration as MATERIALIZED ( + select + bucket_name, id, status + from + aws_s3_bucket_intelligent_tiering_configuration ), + bucket as MATERIALIZED ( + select + name, region + from + aws_s3_bucket ) + select distinct + b.name, + b.region, + case + when + i.id is null + then + 'Bucket does not have intelligent tiering configured' + else + 'Bucket has intelligent tiering configured' + end + as intelligent_tiering_configuration_status + from + bucket as b + left join + intelligent_tiering_configuration as i + on b.name = i.bucket_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml b/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml index 0f0ed610c..e227c237a 100755 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_intelligent_tiering_configuration_3 Title: "List all Intelligent Tiering configurations for S3 buckets" Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml.bak b/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml.bak new file mode 100755 index 000000000..0f0ed610c --- /dev/null +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_s3_bucket_intelligent_tiering_configuration_3 +Title: "List all Intelligent Tiering configurations for S3 buckets" +Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + bucket_name, + id, + status, + tierings + from + aws_s3_bucket_intelligent_tiering_configuration + where + status = 'Enabled'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml b/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml index 6551b9b49..9d5cb265a 100755 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_intelligent_tiering_configuration_4 Title: "Find all Intelligent Tiering Configurations in AWS S3 Buckets" Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml.bak b/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml.bak new file mode 100755 index 000000000..6551b9b49 --- /dev/null +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_s3_bucket_intelligent_tiering_configuration_4 +Title: "Find all Intelligent Tiering Configurations in AWS S3 Buckets" +Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.bucket_name, + s.id, + s.status, + t ->> 'AccessTier' as access_tier, + t ->> 'Days' as days + from + aws_s3_bucket_intelligent_tiering_configuration as s, + jsonb_array_elements(tierings) as t; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml b/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml index cc9d4b4a3..ef4fa7dbb 100755 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml @@ -1,7 +1,7 @@ ID: aws_s3_bucket_intelligent_tiering_configuration_5 Title: "Find all Intelligent Tiering Configurations in AWS S3 Buckets" Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml.bak b/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml.bak new file mode 100755 index 000000000..cc9d4b4a3 --- /dev/null +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_s3_bucket_intelligent_tiering_configuration_5 +Title: "Find all Intelligent Tiering Configurations in AWS S3 Buckets" +Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + bucket_name, + id, + filter -> 'And' as filter_and, + filter -> 'Prefix' as filter_prefix, + filter -> 'Tag' as filter_tag + from + aws_s3_bucket_intelligent_tiering_configuration; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_multi_region_access_point_1.yaml b/queries/aws_s3_multi_region_access_point_1.yaml index 8356ab92c..83d793836 100755 --- a/queries/aws_s3_multi_region_access_point_1.yaml +++ b/queries/aws_s3_multi_region_access_point_1.yaml @@ -1,7 +1,7 @@ ID: aws_s3_multi_region_access_point_1 Title: "List all AWS S3 Multi-Region Access Points configuration and status" Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_multi_region_access_point_1.yaml.bak b/queries/aws_s3_multi_region_access_point_1.yaml.bak new file mode 100755 index 000000000..8356ab92c --- /dev/null +++ b/queries/aws_s3_multi_region_access_point_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_s3_multi_region_access_point_1 +Title: "List all AWS S3 Multi-Region Access Points configuration and status" +Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + alias, + status, + created_at + from + aws_s3_multi_region_access_point; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 Multi-Region Access Point diff --git a/queries/aws_s3_multi_region_access_point_2.yaml b/queries/aws_s3_multi_region_access_point_2.yaml index 821f4ffb5..e08806665 100755 --- a/queries/aws_s3_multi_region_access_point_2.yaml +++ b/queries/aws_s3_multi_region_access_point_2.yaml @@ -1,7 +1,7 @@ ID: aws_s3_multi_region_access_point_2 Title: "Find AWS S3 Multi-Region Access Points configuration and status" Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_multi_region_access_point_2.yaml.bak b/queries/aws_s3_multi_region_access_point_2.yaml.bak new file mode 100755 index 000000000..821f4ffb5 --- /dev/null +++ b/queries/aws_s3_multi_region_access_point_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_s3_multi_region_access_point_2 +Title: "Find AWS S3 Multi-Region Access Points configuration and status" +Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + public_access_block ->> 'BlockPublicAcls' as block_public_acls, + public_access_block ->> 'BlockPublicPolicy' as block_public_policy, + public_access_block ->> 'IgnorePublicAcls' as ignore_public_acls, + public_access_block ->> 'RestrictPublicBuckets' as restrict_public_buckets + from + aws_s3_multi_region_access_point + where + public_access_block ->> 'BlockPublicAcls'::text = 'true' + and public_access_block ->> 'BlockPublicPolicy'::text = 'true' + and public_access_block ->> 'IgnorePublicAcls'::text = 'true' + and public_access_block ->> 'RestrictPublicBuckets'::text = 'true'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_multi_region_access_point_3.yaml b/queries/aws_s3_multi_region_access_point_3.yaml index de57a62f3..cc1b16bb1 100755 --- a/queries/aws_s3_multi_region_access_point_3.yaml +++ b/queries/aws_s3_multi_region_access_point_3.yaml @@ -1,7 +1,7 @@ ID: aws_s3_multi_region_access_point_3 Title: "Find AWS S3 Multi-Region Access Point Configuration and Policies" Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_multi_region_access_point_3.yaml.bak b/queries/aws_s3_multi_region_access_point_3.yaml.bak new file mode 100755 index 000000000..de57a62f3 --- /dev/null +++ b/queries/aws_s3_multi_region_access_point_3.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_s3_multi_region_access_point_3 +Title: "Find AWS S3 Multi-Region Access Point Configuration and Policies" +Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + policy -> 'Established' -> 'Policy' as established_policy, + policy -> 'Proposed' -> 'Policy' as proposed_policy + from + aws_s3_multi_region_access_point; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_multi_region_access_point_4.yaml b/queries/aws_s3_multi_region_access_point_4.yaml index 4e52c3797..c4a4a2c47 100755 --- a/queries/aws_s3_multi_region_access_point_4.yaml +++ b/queries/aws_s3_multi_region_access_point_4.yaml @@ -1,7 +1,7 @@ ID: aws_s3_multi_region_access_point_4 Title: "List all AWS S3 Multi-Region Access Points and Configuration" Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_multi_region_access_point_4.yaml.bak b/queries/aws_s3_multi_region_access_point_4.yaml.bak new file mode 100755 index 000000000..c4a4a2c47 --- /dev/null +++ b/queries/aws_s3_multi_region_access_point_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_s3_multi_region_access_point_4 +Title: "List all AWS S3 Multi-Region Access Points and Configuration" +Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r ->> 'Bucket' as bucket_name, + count(name) access_point_count + from + aws_s3_multi_region_access_point, + jsonb_array_elements(regions) as r + group by + bucket_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS S3 diff --git a/queries/aws_s3_multi_region_access_point_4.yaml.bak.bak b/queries/aws_s3_multi_region_access_point_4.yaml.bak.bak new file mode 100755 index 000000000..c4a4a2c47 --- /dev/null +++ b/queries/aws_s3_multi_region_access_point_4.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_s3_multi_region_access_point_4 +Title: "List all AWS S3 Multi-Region Access Points and Configuration" +Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r ->> 'Bucket' as bucket_name, + count(name) access_point_count + from + aws_s3_multi_region_access_point, + jsonb_array_elements(regions) as r + group by + bucket_name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS S3 diff --git a/queries/aws_s3_multi_region_access_point_5.yaml b/queries/aws_s3_multi_region_access_point_5.yaml index 206ee1998..2fa929ea1 100755 --- a/queries/aws_s3_multi_region_access_point_5.yaml +++ b/queries/aws_s3_multi_region_access_point_5.yaml @@ -1,7 +1,7 @@ ID: aws_s3_multi_region_access_point_5 Title: "Query AWS S3 Multi-Region Access Points Configuration" Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_multi_region_access_point_5.yaml.bak b/queries/aws_s3_multi_region_access_point_5.yaml.bak new file mode 100755 index 000000000..206ee1998 --- /dev/null +++ b/queries/aws_s3_multi_region_access_point_5.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_s3_multi_region_access_point_5 +Title: "Query AWS S3 Multi-Region Access Points Configuration" +Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.name, + r ->> 'Bucket' as bucket_name, + b.creation_date as bucket_creation_date, + b.bucket_policy_is_public, + b.versioning_enabled + from + aws_s3_multi_region_access_point as a, + jsonb_array_elements(a.regions) as r, + aws_s3_bucket as b + where + b.name = r ->> 'Bucket'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_1.yaml b/queries/aws_s3_object_1.yaml index 34c9c7819..d2507f783 100755 --- a/queries/aws_s3_object_1.yaml +++ b/queries/aws_s3_object_1.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_1 Title: "Find AWS S3 Objects and Retrieve Metadata Details" Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_1.yaml.bak b/queries/aws_s3_object_1.yaml.bak new file mode 100755 index 000000000..34c9c7819 --- /dev/null +++ b/queries/aws_s3_object_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_s3_object_1 +Title: "Find AWS S3 Objects and Retrieve Metadata Details" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key, + arn, + bucket_name, + last_modified, + storage_class, + version_id + from + aws_s3_object + where + bucket_name = 'steampipe-test'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_10.yaml b/queries/aws_s3_object_10.yaml index 5b140d78a..f8c73f420 100755 --- a/queries/aws_s3_object_10.yaml +++ b/queries/aws_s3_object_10.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_10 Title: "Find AWS S3 Object Metadata and Details" Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_10.yaml.bak b/queries/aws_s3_object_10.yaml.bak new file mode 100755 index 000000000..f8c73f420 --- /dev/null +++ b/queries/aws_s3_object_10.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_s3_object_10 +Title: "Find AWS S3 Object Metadata and Details" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key, + bucket_name, + jsonb_pretty(tags) as tags + from + aws_s3_object + where + bucket_name = 'steampipe-test' + and tags ->> 'application' is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_10.yaml.bak.bak b/queries/aws_s3_object_10.yaml.bak.bak new file mode 100755 index 000000000..f8c73f420 --- /dev/null +++ b/queries/aws_s3_object_10.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_s3_object_10 +Title: "Find AWS S3 Object Metadata and Details" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key, + bucket_name, + jsonb_pretty(tags) as tags + from + aws_s3_object + where + bucket_name = 'steampipe-test' + and tags ->> 'application' is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_11.yaml b/queries/aws_s3_object_11.yaml index bd2d0d4eb..ba0b47d1c 100755 --- a/queries/aws_s3_object_11.yaml +++ b/queries/aws_s3_object_11.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_11 Title: "Find all AWS S3 Object Metadata and Details" Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_11.yaml.bak b/queries/aws_s3_object_11.yaml.bak new file mode 100755 index 000000000..bd2d0d4eb --- /dev/null +++ b/queries/aws_s3_object_11.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_s3_object_11 +Title: "Find all AWS S3 Object Metadata and Details" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key, + o.arn as object_arn, + bucket_name, + last_modified, + bucket_key_enabled + from + aws_s3_object as o, + aws_s3_bucket as b + where + o.bucket_name = b.name + and not bucket_key_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_12.yaml b/queries/aws_s3_object_12.yaml index 8cd04aa46..24f6cda58 100755 --- a/queries/aws_s3_object_12.yaml +++ b/queries/aws_s3_object_12.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_12 Title: "Find all AWS S3 Object Metadata and Details" Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_12.yaml.bak b/queries/aws_s3_object_12.yaml.bak new file mode 100755 index 000000000..8cd04aa46 --- /dev/null +++ b/queries/aws_s3_object_12.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_s3_object_12 +Title: "Find all AWS S3 Object Metadata and Details" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key, + arn, + bucket_name, + last_modified, + storage_class + from + aws_s3_object + where + bucket_name in + ( + select + name + from + aws_s3_bucket + where + not block_public_acls + or not block_public_policy + or not ignore_public_acls + or not restrict_public_buckets + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_13.yaml b/queries/aws_s3_object_13.yaml index 5bd5f58c2..c7b749d75 100755 --- a/queries/aws_s3_object_13.yaml +++ b/queries/aws_s3_object_13.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_13 Title: "List all AWS S3 Object Metadata and Details" Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_13.yaml.bak b/queries/aws_s3_object_13.yaml.bak new file mode 100755 index 000000000..5bd5f58c2 --- /dev/null +++ b/queries/aws_s3_object_13.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_s3_object_13 +Title: "List all AWS S3 Object Metadata and Details" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.key, + b ->> 'awsAccountId' as account_id, + b ->> 'digestEndTime' as digest_end_time, + b ->> 'digestPublicKeyFingerprint' as digest_public_key_fingerprint, + b ->> 'digestS3Bucket' as digest_s3_bucket, + b ->> 'digestStartTime' as digest_start_time + from + aws_s3_object as s, + jsonb_array_elements(body::jsonb) as b + where + bucket_name = 'steampipe-test' + and prefix = 'test1/log_text.txt'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_2.yaml b/queries/aws_s3_object_2.yaml index 2d0445ed5..efc45133e 100755 --- a/queries/aws_s3_object_2.yaml +++ b/queries/aws_s3_object_2.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_2 Title: "List all AWS S3 Object Metadata and Details" Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_2.yaml.bak b/queries/aws_s3_object_2.yaml.bak new file mode 100755 index 000000000..2d0445ed5 --- /dev/null +++ b/queries/aws_s3_object_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_s3_object_2 +Title: "List all AWS S3 Object Metadata and Details" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key, + arn, + bucket_name, + last_modified, + storage_class, + version_id + from + aws_s3_object + where + bucket_name = 'steampipe-test' + and prefix = 'test/logs/2021/03/01/12'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 Object diff --git a/queries/aws_s3_object_3.yaml b/queries/aws_s3_object_3.yaml index 23a9f8903..6030e8707 100755 --- a/queries/aws_s3_object_3.yaml +++ b/queries/aws_s3_object_3.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_3 Title: "Find AWS S3 Object Metadata and Details with SQL" Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_3.yaml.bak b/queries/aws_s3_object_3.yaml.bak new file mode 100755 index 000000000..23a9f8903 --- /dev/null +++ b/queries/aws_s3_object_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_s3_object_3 +Title: "Find AWS S3 Object Metadata and Details with SQL" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key, + arn, + bucket_name, + last_modified, + storage_class, + version_id + from + aws_s3_object + where + bucket_name = 'steampipe-test' + and prefix = 'test/logs/2021/03/01/12/abc.txt'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_4.yaml b/queries/aws_s3_object_4.yaml index b48ca06f8..aa67f0910 100755 --- a/queries/aws_s3_object_4.yaml +++ b/queries/aws_s3_object_4.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_4 Title: "List all AWS S3 Objects with Encryptions Using SQL" Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_4.yaml.bak b/queries/aws_s3_object_4.yaml.bak new file mode 100755 index 000000000..aa67f0910 --- /dev/null +++ b/queries/aws_s3_object_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_s3_object_4 +Title: "List all AWS S3 Objects with Encryptions Using SQL" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key, + arn, + bucket_name, + last_modified, + storage_class, + version_id + from + aws_s3_object + where + bucket_name = 'steampipe-test' + and sse_kms_key_id is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_4.yaml.bak.bak b/queries/aws_s3_object_4.yaml.bak.bak new file mode 100755 index 000000000..aa67f0910 --- /dev/null +++ b/queries/aws_s3_object_4.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_s3_object_4 +Title: "List all AWS S3 Objects with Encryptions Using SQL" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key, + arn, + bucket_name, + last_modified, + storage_class, + version_id + from + aws_s3_object + where + bucket_name = 'steampipe-test' + and sse_kms_key_id is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_5.yaml b/queries/aws_s3_object_5.yaml index 129251541..2f6db8da3 100755 --- a/queries/aws_s3_object_5.yaml +++ b/queries/aws_s3_object_5.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_5 Title: "List all AWS S3 Objects and Metadata" Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_5.yaml.bak b/queries/aws_s3_object_5.yaml.bak new file mode 100755 index 000000000..129251541 --- /dev/null +++ b/queries/aws_s3_object_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_s3_object_5 +Title: "List all AWS S3 Objects and Metadata" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key, + arn, + bucket_name, + last_modified, + storage_class, + version_id + from + aws_s3_object + where + bucket_name = 'steampipe-test' + and last_modified < current_date - interval '3 months'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_6.yaml b/queries/aws_s3_object_6.yaml index e7a374e12..819b0edf4 100755 --- a/queries/aws_s3_object_6.yaml +++ b/queries/aws_s3_object_6.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_6 Title: "List AWS S3 Objects and Retrieve Metadata Details" Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_6.yaml.bak b/queries/aws_s3_object_6.yaml.bak new file mode 100755 index 000000000..e7a374e12 --- /dev/null +++ b/queries/aws_s3_object_6.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_s3_object_6 +Title: "List AWS S3 Objects and Retrieve Metadata Details" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.key, + s.bucket_name, + s.owner, + acl_grant -> 'Grantee' as grantee, + acl_grant ->> 'Permission' as permission + from + aws_s3_object as s, + jsonb_array_elements(aws_s3_object.acl -> 'Grants') as acl_grant + where + bucket_name = 'steampipe-test' + and acl_grant ->> 'Permission' = 'FULL_CONTROL' + and acl_grant -> 'Grantee' ->> 'ID' != aws_s3_object.owner ->> 'ID'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_7.yaml b/queries/aws_s3_object_7.yaml index 8615a36ac..af716d6da 100755 --- a/queries/aws_s3_object_7.yaml +++ b/queries/aws_s3_object_7.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_7 Title: "Find all AWS S3 Object Metadata and Details" Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_7.yaml.bak b/queries/aws_s3_object_7.yaml.bak new file mode 100755 index 000000000..8615a36ac --- /dev/null +++ b/queries/aws_s3_object_7.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_s3_object_7 +Title: "Find all AWS S3 Object Metadata and Details" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key, + bucket_name, + object_lock_legal_hold_status + from + aws_s3_object + where + bucket_name = 'steampipe-test' + and object_lock_legal_hold_status = 'ON'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_8.yaml b/queries/aws_s3_object_8.yaml index a0a433e5e..34cb8d945 100755 --- a/queries/aws_s3_object_8.yaml +++ b/queries/aws_s3_object_8.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_8 Title: "List all AWS S3 Object Metadata and Details" Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_8.yaml.bak b/queries/aws_s3_object_8.yaml.bak new file mode 100755 index 000000000..34cb8d945 --- /dev/null +++ b/queries/aws_s3_object_8.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_s3_object_8 +Title: "List all AWS S3 Object Metadata and Details" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key, + bucket_name, + object_lock_retain_until_date, + object_lock_mode, + object_lock_legal_hold_status + from + aws_s3_object + where + bucket_name = 'steampipe-test' + and object_lock_mode = 'GOVERNANCE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_8.yaml.bak.bak b/queries/aws_s3_object_8.yaml.bak.bak new file mode 100755 index 000000000..34cb8d945 --- /dev/null +++ b/queries/aws_s3_object_8.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_s3_object_8 +Title: "List all AWS S3 Object Metadata and Details" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + key, + bucket_name, + object_lock_retain_until_date, + object_lock_mode, + object_lock_legal_hold_status + from + aws_s3_object + where + bucket_name = 'steampipe-test' + and object_lock_mode = 'GOVERNANCE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_9.yaml b/queries/aws_s3_object_9.yaml index 61841b32a..a19f5b7da 100755 --- a/queries/aws_s3_object_9.yaml +++ b/queries/aws_s3_object_9.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_9 Title: "Find metadata and details of AWS S3 Objects" Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_9.yaml.bak b/queries/aws_s3_object_9.yaml.bak new file mode 100755 index 000000000..61841b32a --- /dev/null +++ b/queries/aws_s3_object_9.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_s3_object_9 +Title: "Find metadata and details of AWS S3 Objects" +Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.key, + s.bucket_name, + s.object_lock_retain_until_date, + s.object_lock_mode, + s.object_lock_legal_hold_status + from + aws_s3_object as s + where + bucket_name = 'steampipe-test' + and object_lock_retain_until_date > current_date + interval '1 year'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_version_1.yaml b/queries/aws_s3_object_version_1.yaml index 848de53ca..4808d3d5c 100755 --- a/queries/aws_s3_object_version_1.yaml +++ b/queries/aws_s3_object_version_1.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_version_1 Title: "List all AWS S3 Object Versions in Bucket" Description: "Allows querying information about versions of objects stored in Amazon S3 buckets. This table provides details such as bucket name, delimiter, encoding type, version ID marker, prefix, whether the results are truncated, common prefixes, delete markers, and version information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_version_1.yaml.bak b/queries/aws_s3_object_version_1.yaml.bak new file mode 100755 index 000000000..848de53ca --- /dev/null +++ b/queries/aws_s3_object_version_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_s3_object_version_1 +Title: "List all AWS S3 Object Versions in Bucket" +Description: "Allows querying information about versions of objects stored in Amazon S3 buckets. This table provides details such as bucket name, delimiter, encoding type, version ID marker, prefix, whether the results are truncated, common prefixes, delete markers, and version information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + bucket_name, + key, + storage_class, + version_id, + is_latest, + size + from + aws_s3_object_version + where + bucket_name = 'testbucket'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon S3 diff --git a/queries/aws_s3_object_version_2.yaml b/queries/aws_s3_object_version_2.yaml index a821ca182..0f75f9758 100755 --- a/queries/aws_s3_object_version_2.yaml +++ b/queries/aws_s3_object_version_2.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_version_2 Title: "Find all AWS S3 Object Versions in Buckets" Description: "Allows querying information about versions of objects stored in Amazon S3 buckets. This table provides details such as bucket name, delimiter, encoding type, version ID marker, prefix, whether the results are truncated, common prefixes, delete markers, and version information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_s3_object_version_2.yaml.bak b/queries/aws_s3_object_version_2.yaml.bak new file mode 100755 index 000000000..a821ca182 --- /dev/null +++ b/queries/aws_s3_object_version_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_s3_object_version_2 +Title: "Find all AWS S3 Object Versions in Buckets" +Description: "Allows querying information about versions of objects stored in Amazon S3 buckets. This table provides details such as bucket name, delimiter, encoding type, version ID marker, prefix, whether the results are truncated, common prefixes, delete markers, and version information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + bucket_name, + key, + storage_class, + version_id, + is_latest, + size, + etag, + owner_id + from + aws_s3_object_version + where + bucket_name = 'testbucket' + and + key = 'test/template.txt'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_s3_object_version_3.yaml b/queries/aws_s3_object_version_3.yaml index dd47ffd6c..a6fa24881 100755 --- a/queries/aws_s3_object_version_3.yaml +++ b/queries/aws_s3_object_version_3.yaml @@ -1,7 +1,7 @@ ID: aws_s3_object_version_3 Title: "Find AWS S3 Object Versions and Details" Description: "Allows querying information about versions of objects stored in Amazon S3 buckets. This table provides details such as bucket name, delimiter, encoding type, version ID marker, prefix, whether the results are truncated, common prefixes, delete markers, and version information." -Connector: [] +IntegrationTypeName: [] Query: Engine: "" QueryToExecute: "" diff --git a/queries/aws_s3_object_version_3.yaml.bak b/queries/aws_s3_object_version_3.yaml.bak new file mode 100755 index 000000000..dd47ffd6c --- /dev/null +++ b/queries/aws_s3_object_version_3.yaml.bak @@ -0,0 +1,19 @@ +ID: aws_s3_object_version_3 +Title: "Find AWS S3 Object Versions and Details" +Description: "Allows querying information about versions of objects stored in Amazon S3 buckets. This table provides details such as bucket name, delimiter, encoding type, version ID marker, prefix, whether the results are truncated, common prefixes, delete markers, and version information." +Connector: [] +Query: + Engine: "" + QueryToExecute: "" + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - S3 diff --git a/queries/aws_sagemaker_app_1.yaml b/queries/aws_sagemaker_app_1.yaml index fa6cdcb53..b81de384f 100755 --- a/queries/aws_sagemaker_app_1.yaml +++ b/queries/aws_sagemaker_app_1.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_app_1 Title: "List all AWS SageMaker App configurations" Description: "Allows users to query AWS SageMaker App data, providing detailed insights into application configurations, user settings, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_app_1.yaml.bak b/queries/aws_sagemaker_app_1.yaml.bak new file mode 100755 index 000000000..fa6cdcb53 --- /dev/null +++ b/queries/aws_sagemaker_app_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_sagemaker_app_1 +Title: "List all AWS SageMaker App configurations" +Description: "Allows users to query AWS SageMaker App data, providing detailed insights into application configurations, user settings, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_time, + status + from + aws_sagemaker_app; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker diff --git a/queries/aws_sagemaker_app_2.yaml b/queries/aws_sagemaker_app_2.yaml index 2fcfaa4a2..1536d064e 100755 --- a/queries/aws_sagemaker_app_2.yaml +++ b/queries/aws_sagemaker_app_2.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_app_2 Title: "Find AWS SageMaker App Configurations and Metadata" Description: "Allows users to query AWS SageMaker App data, providing detailed insights into application configurations, user settings, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_app_2.yaml.bak b/queries/aws_sagemaker_app_2.yaml.bak new file mode 100755 index 000000000..2fcfaa4a2 --- /dev/null +++ b/queries/aws_sagemaker_app_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_sagemaker_app_2 +Title: "Find AWS SageMaker App Configurations and Metadata" +Description: "Allows users to query AWS SageMaker App data, providing detailed insights into application configurations, user settings, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_time, + status, + failure_reason + from + aws_sagemaker_app + where + status = 'Failed'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker App diff --git a/queries/aws_sagemaker_domain_1.yaml b/queries/aws_sagemaker_domain_1.yaml index 32b0d2eaa..8c2c6de77 100755 --- a/queries/aws_sagemaker_domain_1.yaml +++ b/queries/aws_sagemaker_domain_1.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_domain_1 Title: "Find AWS SageMaker Domains and Metadata Details" Description: "Allows users to query AWS SageMaker Domains to retrieve data about AWS SageMaker Studio domains, including domain details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_domain_1.yaml.bak b/queries/aws_sagemaker_domain_1.yaml.bak new file mode 100755 index 000000000..32b0d2eaa --- /dev/null +++ b/queries/aws_sagemaker_domain_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_sagemaker_domain_1 +Title: "Find AWS SageMaker Domains and Metadata Details" +Description: "Allows users to query AWS SageMaker Domains to retrieve data about AWS SageMaker Studio domains, including domain details, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_time, + status + from + aws_sagemaker_domain; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker Studio diff --git a/queries/aws_sagemaker_domain_2.yaml b/queries/aws_sagemaker_domain_2.yaml index 9ed9cab59..8e9216c29 100755 --- a/queries/aws_sagemaker_domain_2.yaml +++ b/queries/aws_sagemaker_domain_2.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_domain_2 Title: "List all AWS SageMaker Studio Domain Details and Status" Description: "Allows users to query AWS SageMaker Domains to retrieve data about AWS SageMaker Studio domains, including domain details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_domain_2.yaml.bak b/queries/aws_sagemaker_domain_2.yaml.bak new file mode 100755 index 000000000..9ed9cab59 --- /dev/null +++ b/queries/aws_sagemaker_domain_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_sagemaker_domain_2 +Title: "List all AWS SageMaker Studio Domain Details and Status" +Description: "Allows users to query AWS SageMaker Domains to retrieve data about AWS SageMaker Studio domains, including domain details, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + creation_time, + home_efs_file_system_id, + kms_key_id + from + aws_sagemaker_domain + where + kms_key_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker diff --git a/queries/aws_sagemaker_domain_3.yaml b/queries/aws_sagemaker_domain_3.yaml index d4cb0cfca..14d427ed6 100755 --- a/queries/aws_sagemaker_domain_3.yaml +++ b/queries/aws_sagemaker_domain_3.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_domain_3 Title: "Find AWS SageMaker Domains and Their Details" Description: "Allows users to query AWS SageMaker Domains to retrieve data about AWS SageMaker Studio domains, including domain details, status, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_domain_3.yaml.bak b/queries/aws_sagemaker_domain_3.yaml.bak new file mode 100755 index 000000000..d4cb0cfca --- /dev/null +++ b/queries/aws_sagemaker_domain_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_sagemaker_domain_3 +Title: "Find AWS SageMaker Domains and Their Details" +Description: "Allows users to query AWS SageMaker Domains to retrieve data about AWS SageMaker Studio domains, including domain details, status, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_time, + app_network_access_type + from + aws_sagemaker_domain + where + app_network_access_type = 'PublicInternetOnly'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker Studio diff --git a/queries/aws_sagemaker_endpoint_configuration_1.yaml b/queries/aws_sagemaker_endpoint_configuration_1.yaml index 075d02c31..8ed920bcf 100755 --- a/queries/aws_sagemaker_endpoint_configuration_1.yaml +++ b/queries/aws_sagemaker_endpoint_configuration_1.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_endpoint_configuration_1 Title: "List all AWS SageMaker Endpoint Configurations with Details" Description: "Allows users to query AWS SageMaker Endpoint Configurations to retrieve detailed information about each endpoint configuration in the AWS SageMaker service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_endpoint_configuration_1.yaml.bak b/queries/aws_sagemaker_endpoint_configuration_1.yaml.bak new file mode 100755 index 000000000..075d02c31 --- /dev/null +++ b/queries/aws_sagemaker_endpoint_configuration_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_sagemaker_endpoint_configuration_1 +Title: "List all AWS SageMaker Endpoint Configurations with Details" +Description: "Allows users to query AWS SageMaker Endpoint Configurations to retrieve detailed information about each endpoint configuration in the AWS SageMaker service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + kms_key_id, + creation_time, + production_variants, + tags + from + aws_sagemaker_endpoint_configuration; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker diff --git a/queries/aws_sagemaker_endpoint_configuration_2.yaml b/queries/aws_sagemaker_endpoint_configuration_2.yaml index d83bcb80c..ef958133c 100755 --- a/queries/aws_sagemaker_endpoint_configuration_2.yaml +++ b/queries/aws_sagemaker_endpoint_configuration_2.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_endpoint_configuration_2 Title: "Find AWS SageMaker Endpoint Configuration details" Description: "Allows users to query AWS SageMaker Endpoint Configurations to retrieve detailed information about each endpoint configuration in the AWS SageMaker service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_endpoint_configuration_2.yaml.bak b/queries/aws_sagemaker_endpoint_configuration_2.yaml.bak new file mode 100755 index 000000000..d83bcb80c --- /dev/null +++ b/queries/aws_sagemaker_endpoint_configuration_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_sagemaker_endpoint_configuration_2 +Title: "Find AWS SageMaker Endpoint Configuration details" +Description: "Allows users to query AWS SageMaker Endpoint Configurations to retrieve detailed information about each endpoint configuration in the AWS SageMaker service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + kms_key_id + from + aws_sagemaker_endpoint_configuration + where + kms_key_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker diff --git a/queries/aws_sagemaker_model_1.yaml b/queries/aws_sagemaker_model_1.yaml index 725dd55e4..2994bbe01 100755 --- a/queries/aws_sagemaker_model_1.yaml +++ b/queries/aws_sagemaker_model_1.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_model_1 Title: "Find all AWS SageMaker Models Using SQL" Description: "Allows users to query AWS SageMaker Models for detailed information about each model, including its name, ARN, creation time, execution role, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_model_1.yaml.bak b/queries/aws_sagemaker_model_1.yaml.bak new file mode 100755 index 000000000..725dd55e4 --- /dev/null +++ b/queries/aws_sagemaker_model_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_sagemaker_model_1 +Title: "Find all AWS SageMaker Models Using SQL" +Description: "Allows users to query AWS SageMaker Models for detailed information about each model, including its name, ARN, creation time, execution role, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_time, + enable_network_isolation + from + aws_sagemaker_model; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker diff --git a/queries/aws_sagemaker_model_2.yaml b/queries/aws_sagemaker_model_2.yaml index 3be4922e6..6e8aeb430 100755 --- a/queries/aws_sagemaker_model_2.yaml +++ b/queries/aws_sagemaker_model_2.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_model_2 Title: "List AWS SageMaker Models with Detailed Information" Description: "Allows users to query AWS SageMaker Models for detailed information about each model, including its name, ARN, creation time, execution role, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_model_2.yaml.bak b/queries/aws_sagemaker_model_2.yaml.bak new file mode 100755 index 000000000..3be4922e6 --- /dev/null +++ b/queries/aws_sagemaker_model_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_sagemaker_model_2 +Title: "List AWS SageMaker Models with Detailed Information" +Description: "Allows users to query AWS SageMaker Models for detailed information about each model, including its name, ARN, creation time, execution role, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_time, + enable_network_isolation + from + aws_sagemaker_model + where + enable_network_isolation; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker diff --git a/queries/aws_sagemaker_notebook_instance_1.yaml b/queries/aws_sagemaker_notebook_instance_1.yaml index cfe705620..47bcc6644 100755 --- a/queries/aws_sagemaker_notebook_instance_1.yaml +++ b/queries/aws_sagemaker_notebook_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_notebook_instance_1 Title: "Find all AWS SageMaker Notebook Instances Configuration" Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_notebook_instance_1.yaml.bak b/queries/aws_sagemaker_notebook_instance_1.yaml.bak new file mode 100755 index 000000000..cfe705620 --- /dev/null +++ b/queries/aws_sagemaker_notebook_instance_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_sagemaker_notebook_instance_1 +Title: "Find all AWS SageMaker Notebook Instances Configuration" +Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_time, + instance_type, + notebook_instance_status + from + aws_sagemaker_notebook_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker diff --git a/queries/aws_sagemaker_notebook_instance_2.yaml b/queries/aws_sagemaker_notebook_instance_2.yaml index 38a8dae74..44c8f8f1a 100755 --- a/queries/aws_sagemaker_notebook_instance_2.yaml +++ b/queries/aws_sagemaker_notebook_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_notebook_instance_2 Title: "List all AWS SageMaker Notebook Instance details" Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_notebook_instance_2.yaml.bak b/queries/aws_sagemaker_notebook_instance_2.yaml.bak new file mode 100755 index 000000000..38a8dae74 --- /dev/null +++ b/queries/aws_sagemaker_notebook_instance_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_sagemaker_notebook_instance_2 +Title: "List all AWS SageMaker Notebook Instance details" +Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + kms_key_id + from + aws_sagemaker_notebook_instance + where + kms_key_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS SageMaker diff --git a/queries/aws_sagemaker_notebook_instance_3.yaml b/queries/aws_sagemaker_notebook_instance_3.yaml index a4a9e603f..0d240f3d6 100755 --- a/queries/aws_sagemaker_notebook_instance_3.yaml +++ b/queries/aws_sagemaker_notebook_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_notebook_instance_3 Title: "List all AWS SageMaker Notebook Instances Configuration" Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_notebook_instance_3.yaml.bak b/queries/aws_sagemaker_notebook_instance_3.yaml.bak new file mode 100755 index 000000000..a4a9e603f --- /dev/null +++ b/queries/aws_sagemaker_notebook_instance_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_sagemaker_notebook_instance_3 +Title: "List all AWS SageMaker Notebook Instances Configuration" +Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + direct_internet_access + from + aws_sagemaker_notebook_instance + where + direct_internet_access = 'Disabled'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker diff --git a/queries/aws_sagemaker_notebook_instance_4.yaml b/queries/aws_sagemaker_notebook_instance_4.yaml index b60c1d8e1..3d196f8b8 100755 --- a/queries/aws_sagemaker_notebook_instance_4.yaml +++ b/queries/aws_sagemaker_notebook_instance_4.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_notebook_instance_4 Title: "Find AWS SageMaker Notebook Instances by Configuration" Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_notebook_instance_4.yaml.bak b/queries/aws_sagemaker_notebook_instance_4.yaml.bak new file mode 100755 index 000000000..b60c1d8e1 --- /dev/null +++ b/queries/aws_sagemaker_notebook_instance_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_sagemaker_notebook_instance_4 +Title: "Find AWS SageMaker Notebook Instances by Configuration" +Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + root_access + from + aws_sagemaker_notebook_instance + where + root_access = 'Enabled'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker diff --git a/queries/aws_sagemaker_training_job_1.yaml b/queries/aws_sagemaker_training_job_1.yaml index 2234ad90e..d74013900 100755 --- a/queries/aws_sagemaker_training_job_1.yaml +++ b/queries/aws_sagemaker_training_job_1.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_training_job_1 Title: "List all AWS SageMaker Training Jobs using SQL" Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_training_job_1.yaml.bak b/queries/aws_sagemaker_training_job_1.yaml.bak new file mode 100755 index 000000000..2234ad90e --- /dev/null +++ b/queries/aws_sagemaker_training_job_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_sagemaker_training_job_1 +Title: "List all AWS SageMaker Training Jobs using SQL" +Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + training_job_status, + creation_time, + last_modified_time + from + aws_sagemaker_training_job; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker diff --git a/queries/aws_sagemaker_training_job_2.yaml b/queries/aws_sagemaker_training_job_2.yaml index 4cd8dd68a..2a9ec9ca8 100755 --- a/queries/aws_sagemaker_training_job_2.yaml +++ b/queries/aws_sagemaker_training_job_2.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_training_job_2 Title: "List AWS SageMaker Training Jobs via SQL" Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_training_job_2.yaml.bak b/queries/aws_sagemaker_training_job_2.yaml.bak new file mode 100755 index 000000000..4cd8dd68a --- /dev/null +++ b/queries/aws_sagemaker_training_job_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_sagemaker_training_job_2 +Title: "List AWS SageMaker Training Jobs via SQL" +Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + resource_config ->> 'InstanceType' as instance_type, + resource_config ->> 'InstanceCount' as instance_count, + resource_config ->> 'VolumeKmsKeyId' as volume_kms_id, + resource_config ->> 'VolumeSizeInGB' as volume_size + from + aws_sagemaker_training_job; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker diff --git a/queries/aws_sagemaker_training_job_3.yaml b/queries/aws_sagemaker_training_job_3.yaml index 6dba51163..3f71ce365 100755 --- a/queries/aws_sagemaker_training_job_3.yaml +++ b/queries/aws_sagemaker_training_job_3.yaml @@ -1,7 +1,7 @@ ID: aws_sagemaker_training_job_3 Title: "Find AWS SageMaker Training Jobs with Status Failed" Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sagemaker_training_job_3.yaml.bak b/queries/aws_sagemaker_training_job_3.yaml.bak new file mode 100755 index 000000000..3f71ce365 --- /dev/null +++ b/queries/aws_sagemaker_training_job_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_sagemaker_training_job_3 +Title: "Find AWS SageMaker Training Jobs with Status Failed" +Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + training_job_status, + failure_reason + from + aws_sagemaker_training_job + where + training_job_status = 'Failed'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker diff --git a/queries/aws_sagemaker_training_job_3.yaml.bak.bak b/queries/aws_sagemaker_training_job_3.yaml.bak.bak new file mode 100755 index 000000000..6dba51163 --- /dev/null +++ b/queries/aws_sagemaker_training_job_3.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_sagemaker_training_job_3 +Title: "Find AWS SageMaker Training Jobs with Status Failed" +Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + training_job_status, + failure_reason + from + aws_sagemaker_training_job + where + training_job_status = 'Failed'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SageMaker diff --git a/queries/aws_secretsmanager_secret_1.yaml b/queries/aws_secretsmanager_secret_1.yaml index abd48d10c..59b72e869 100755 --- a/queries/aws_secretsmanager_secret_1.yaml +++ b/queries/aws_secretsmanager_secret_1.yaml @@ -1,7 +1,7 @@ ID: aws_secretsmanager_secret_1 Title: "List AWS Secrets Manager Secret Data and Metadata" Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_secretsmanager_secret_1.yaml.bak b/queries/aws_secretsmanager_secret_1.yaml.bak new file mode 100755 index 000000000..abd48d10c --- /dev/null +++ b/queries/aws_secretsmanager_secret_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_secretsmanager_secret_1 +Title: "List AWS Secrets Manager Secret Data and Metadata" +Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_date, + description, + last_accessed_date + from + aws_secretsmanager_secret; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Secrets Manager diff --git a/queries/aws_secretsmanager_secret_2.yaml b/queries/aws_secretsmanager_secret_2.yaml index 304786736..f1eb1fb09 100755 --- a/queries/aws_secretsmanager_secret_2.yaml +++ b/queries/aws_secretsmanager_secret_2.yaml @@ -1,7 +1,7 @@ ID: aws_secretsmanager_secret_2 Title: "List AWS Secrets Manager Secret Data Including Metadata" Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_secretsmanager_secret_2.yaml.bak b/queries/aws_secretsmanager_secret_2.yaml.bak new file mode 100755 index 000000000..304786736 --- /dev/null +++ b/queries/aws_secretsmanager_secret_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_secretsmanager_secret_2 +Title: "List AWS Secrets Manager Secret Data Including Metadata" +Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_date, + description, + rotation_enabled + from + aws_secretsmanager_secret + where + not rotation_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Secrets Manager diff --git a/queries/aws_secretsmanager_secret_3.yaml b/queries/aws_secretsmanager_secret_3.yaml index 561c35543..a9faf41eb 100755 --- a/queries/aws_secretsmanager_secret_3.yaml +++ b/queries/aws_secretsmanager_secret_3.yaml @@ -1,7 +1,7 @@ ID: aws_secretsmanager_secret_3 Title: "Find AWS Secrets Manager Secret Data and Metadata" Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_secretsmanager_secret_3.yaml.bak b/queries/aws_secretsmanager_secret_3.yaml.bak new file mode 100755 index 000000000..561c35543 --- /dev/null +++ b/queries/aws_secretsmanager_secret_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_secretsmanager_secret_3 +Title: "Find AWS Secrets Manager Secret Data and Metadata" +Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_date, + description, + rotation_enabled, + rotation_rules + from + aws_secretsmanager_secret + where + rotation_rules -> 'AutomaticallyAfterDays' > '7'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Secrets Manager diff --git a/queries/aws_secretsmanager_secret_4.yaml b/queries/aws_secretsmanager_secret_4.yaml index 9b60a6717..4a7697a03 100755 --- a/queries/aws_secretsmanager_secret_4.yaml +++ b/queries/aws_secretsmanager_secret_4.yaml @@ -1,7 +1,7 @@ ID: aws_secretsmanager_secret_4 Title: "Find AWS Secrets Manager Secret Data" Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_secretsmanager_secret_4.yaml.bak b/queries/aws_secretsmanager_secret_4.yaml.bak new file mode 100755 index 000000000..9b60a6717 --- /dev/null +++ b/queries/aws_secretsmanager_secret_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_secretsmanager_secret_4 +Title: "Find AWS Secrets Manager Secret Data" +Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + created_date, + description, + replication_status + from + aws_secretsmanager_secret + where + replication_status is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Secrets Manager diff --git a/queries/aws_secretsmanager_secret_5.yaml b/queries/aws_secretsmanager_secret_5.yaml index 5fed72f30..41dd34633 100755 --- a/queries/aws_secretsmanager_secret_5.yaml +++ b/queries/aws_secretsmanager_secret_5.yaml @@ -1,7 +1,7 @@ ID: aws_secretsmanager_secret_5 Title: "List AWS Secrets Manager Secret Data and Configuration" Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_secretsmanager_secret_5.yaml.bak b/queries/aws_secretsmanager_secret_5.yaml.bak new file mode 100755 index 000000000..5fed72f30 --- /dev/null +++ b/queries/aws_secretsmanager_secret_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_secretsmanager_secret_5 +Title: "List AWS Secrets Manager Secret Data and Configuration" +Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + jsonb_pretty(policy) as policy, + jsonb_pretty(policy_std) as policy_std + from + aws_secretsmanager_secret; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Secrets Manager diff --git a/queries/aws_securityhub_action_target_1.yaml b/queries/aws_securityhub_action_target_1.yaml index d5d4f0344..095429631 100755 --- a/queries/aws_securityhub_action_target_1.yaml +++ b/queries/aws_securityhub_action_target_1.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_action_target_1 Title: "List AWS Security Hub Action Targets" Description: "Allows users to query AWS Security Hub Action Targets, providing detailed information about each action target within AWS Security Hub, including its ARN, name, and description." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_action_target_1.yaml.bak b/queries/aws_securityhub_action_target_1.yaml.bak new file mode 100755 index 000000000..d5d4f0344 --- /dev/null +++ b/queries/aws_securityhub_action_target_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_securityhub_action_target_1 +Title: "List AWS Security Hub Action Targets" +Description: "Allows users to query AWS Security Hub Action Targets, providing detailed information about each action target within AWS Security Hub, including its ARN, name, and description." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + region + from + aws_securityhub_action_target; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_action_target_2.yaml b/queries/aws_securityhub_action_target_2.yaml index 3de580b33..f58be3cd5 100755 --- a/queries/aws_securityhub_action_target_2.yaml +++ b/queries/aws_securityhub_action_target_2.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_action_target_2 Title: "List AWS Security Hub Action Targets with Details" Description: "Allows users to query AWS Security Hub Action Targets, providing detailed information about each action target within AWS Security Hub, including its ARN, name, and description." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_action_target_2.yaml.bak b/queries/aws_securityhub_action_target_2.yaml.bak new file mode 100755 index 000000000..3de580b33 --- /dev/null +++ b/queries/aws_securityhub_action_target_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_securityhub_action_target_2 +Title: "List AWS Security Hub Action Targets with Details" +Description: "Allows users to query AWS Security Hub Action Targets, providing detailed information about each action target within AWS Security Hub, including its ARN, name, and description." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + region + from + aws_securityhub_action_target + where + arn = 'arn:aws:securityhub:ap-south-1:*****:action/custom/test'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_enabled_product_subscription_1.yaml b/queries/aws_securityhub_enabled_product_subscription_1.yaml index dfa103610..6ea9a8ff2 100755 --- a/queries/aws_securityhub_enabled_product_subscription_1.yaml +++ b/queries/aws_securityhub_enabled_product_subscription_1.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_enabled_product_subscription_1 Title: "Find AWS Security Hub Enabled Product Subscriptions" Description: "Allows users to query details of enabled product subscriptions in AWS Security Hub, providing insights into their activation, integration types, and company information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_enabled_product_subscription_1.yaml.bak b/queries/aws_securityhub_enabled_product_subscription_1.yaml.bak new file mode 100755 index 000000000..6ea9a8ff2 --- /dev/null +++ b/queries/aws_securityhub_enabled_product_subscription_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_securityhub_enabled_product_subscription_1 +Title: "Find AWS Security Hub Enabled Product Subscriptions" +Description: "Allows users to query details of enabled product subscriptions in AWS Security Hub, providing insights into their activation, integration types, and company information." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + title, + akas + from + aws_securityhub_enabled_product_subscription; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_enabled_product_subscription_1.yaml.bak.bak b/queries/aws_securityhub_enabled_product_subscription_1.yaml.bak.bak new file mode 100755 index 000000000..6ea9a8ff2 --- /dev/null +++ b/queries/aws_securityhub_enabled_product_subscription_1.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_securityhub_enabled_product_subscription_1 +Title: "Find AWS Security Hub Enabled Product Subscriptions" +Description: "Allows users to query details of enabled product subscriptions in AWS Security Hub, providing insights into their activation, integration types, and company information." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + title, + akas + from + aws_securityhub_enabled_product_subscription; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_enabled_product_subscription_2.yaml b/queries/aws_securityhub_enabled_product_subscription_2.yaml index afdf09e20..832fe1111 100755 --- a/queries/aws_securityhub_enabled_product_subscription_2.yaml +++ b/queries/aws_securityhub_enabled_product_subscription_2.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_enabled_product_subscription_2 Title: "Query AWS Security Hub Enabled Product Subscriptions" Description: "Allows users to query details of enabled product subscriptions in AWS Security Hub, providing insights into their activation, integration types, and company information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_enabled_product_subscription_2.yaml.bak b/queries/aws_securityhub_enabled_product_subscription_2.yaml.bak new file mode 100755 index 000000000..afdf09e20 --- /dev/null +++ b/queries/aws_securityhub_enabled_product_subscription_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_securityhub_enabled_product_subscription_2 +Title: "Query AWS Security Hub Enabled Product Subscriptions" +Description: "Allows users to query details of enabled product subscriptions in AWS Security Hub, providing insights into their activation, integration types, and company information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.arn as subscription_arn, + p.product_arn, + p.name as product_name, + p.company_name as product_company_name, + p.marketplace_url, + p.integration_types + from + aws_securityhub_enabled_product_subscription as s, + aws_securityhub_product as p, + jsonb_array_elements(p.product_subscription_resource_policy -> 'Statement') as m + where + (m ->> 'Resource') = s.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_1.yaml b/queries/aws_securityhub_finding_1.yaml index 76d50f3c0..5e78184d1 100755 --- a/queries/aws_securityhub_finding_1.yaml +++ b/queries/aws_securityhub_finding_1.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_1 Title: "Find AWS Security Hub Findings: Details and Remediation" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_1.yaml.bak b/queries/aws_securityhub_finding_1.yaml.bak new file mode 100755 index 000000000..76d50f3c0 --- /dev/null +++ b/queries/aws_securityhub_finding_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_securityhub_finding_1 +Title: "Find AWS Security Hub Findings: Details and Remediation" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + id, + company_name, + created_at, + criticality, + confidence + from + aws_securityhub_finding; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Hub diff --git a/queries/aws_securityhub_finding_10.yaml b/queries/aws_securityhub_finding_10.yaml index 3c3915952..8b1b3a82a 100755 --- a/queries/aws_securityhub_finding_10.yaml +++ b/queries/aws_securityhub_finding_10.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_10 Title: "Find all AWS Security Hub Findings with Status Details" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_10.yaml.bak b/queries/aws_securityhub_finding_10.yaml.bak new file mode 100755 index 000000000..8b1b3a82a --- /dev/null +++ b/queries/aws_securityhub_finding_10.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_securityhub_finding_10 +Title: "Find all AWS Security Hub Findings with Status Details" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + id, + product_arn, + product_name, + workflow_status + from + aws_securityhub_finding + where + workflow_status = 'NOTIFIED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Hub diff --git a/queries/aws_securityhub_finding_10.yaml.bak.bak b/queries/aws_securityhub_finding_10.yaml.bak.bak new file mode 100755 index 000000000..8b1b3a82a --- /dev/null +++ b/queries/aws_securityhub_finding_10.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_securityhub_finding_10 +Title: "Find all AWS Security Hub Findings with Status Details" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + id, + product_arn, + product_name, + workflow_status + from + aws_securityhub_finding + where + workflow_status = 'NOTIFIED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Hub diff --git a/queries/aws_securityhub_finding_11.yaml b/queries/aws_securityhub_finding_11.yaml index 6b45e9a14..05001f16f 100755 --- a/queries/aws_securityhub_finding_11.yaml +++ b/queries/aws_securityhub_finding_11.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_11 Title: "Find AWS EC2 Security Issues with Severity and Status" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_11.yaml.bak b/queries/aws_securityhub_finding_11.yaml.bak new file mode 100755 index 000000000..6b45e9a14 --- /dev/null +++ b/queries/aws_securityhub_finding_11.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_securityhub_finding_11 +Title: "Find AWS EC2 Security Issues with Severity and Status" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + id, + network ->> 'DestinationDomain' as network_destination_domain, + network ->> 'DestinationIpV4' as network_destination_ip_v4, + network ->> 'DestinationIpV6' as network_destination_ip_v6, + network ->> 'DestinationPort' as network_destination_port, + network ->> 'Protocol' as network_protocol, + network ->> 'SourceIpV4' as network_source_ip_v4, + network ->> 'SourceIpV6' as network_source_ip_v6, + network ->> 'SourcePort' as network_source_port + from + aws_securityhub_finding + where + title = 'EC2 instance involved in SSH brute force attacks.'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_12.yaml b/queries/aws_securityhub_finding_12.yaml index 3c8c46943..c47990da3 100755 --- a/queries/aws_securityhub_finding_12.yaml +++ b/queries/aws_securityhub_finding_12.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_12 Title: "List AWS Security Hub Findings with Details" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_12.yaml.bak b/queries/aws_securityhub_finding_12.yaml.bak new file mode 100755 index 000000000..3c8c46943 --- /dev/null +++ b/queries/aws_securityhub_finding_12.yaml.bak @@ -0,0 +1,40 @@ +ID: aws_securityhub_finding_12 +Title: "List AWS Security Hub Findings with Details" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + id, + patch_summary ->> 'Id' as patch_id, + patch_summary ->> 'FailedCount' as failed_count, + patch_summary ->> 'InstalledCount' as installed_count, + patch_summary ->> 'InstalledOtherCount' as installed_other_count, + patch_summary ->> 'InstalledPendingReboot' as installed_pending_reboot, + patch_summary ->> 'InstalledRejectedCount' as installed_rejected_count, + patch_summary ->> 'MissingCount' as missing_count, + patch_summary ->> 'Operation' as operation, + patch_summary ->> 'OperationEndTime' as operation_end_time, + patch_summary ->> 'OperationStartTime' as operation_start_time, + patch_summary ->> 'RebootOption' as reboot_option + from + aws_securityhub_finding + where + title = 'EC2 instance involved in SSH brute force attacks.'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_13.yaml b/queries/aws_securityhub_finding_13.yaml index 3596cf97a..aaa58a827 100755 --- a/queries/aws_securityhub_finding_13.yaml +++ b/queries/aws_securityhub_finding_13.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_13 Title: "Find AWS Security Hub Findings and their Details" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_13.yaml.bak b/queries/aws_securityhub_finding_13.yaml.bak new file mode 100755 index 000000000..3596cf97a --- /dev/null +++ b/queries/aws_securityhub_finding_13.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_securityhub_finding_13 +Title: "Find AWS Security Hub Findings and their Details" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + v ->> 'Id' as vulnerabilitie_id, + v -> 'Vendor' ->> 'Name' as vendor_name, + v -> 'Vendor' ->> 'Url' as vendor_url, + v -> 'Vendor' ->> 'VendorCreatedAt' as vendor_created_at, + v -> 'Vendor' ->> 'VendorSeverity' as vendor_severity, + v -> 'Vendor' ->> 'VendorUpdatedAt' as vendor_updated_at, + v ->> 'Cvss' as cvss, + v ->> 'ReferenceUrls' as reference_urls, + v ->> 'RelatedVulnerabilities' as related_vulnerabilities, + v ->> 'VulnerablePackages' as vulnerable_packages + from + aws_securityhub_finding, + jsonb_array_elements(vulnerabilities) as v + where + title = 'EC2 instance involved in SSH brute force attacks.'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_14.yaml b/queries/aws_securityhub_finding_14.yaml index fe7b3bc06..c7b82398c 100755 --- a/queries/aws_securityhub_finding_14.yaml +++ b/queries/aws_securityhub_finding_14.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_14 Title: "Find all AWS Security Hub Findings and Details" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_14.yaml.bak b/queries/aws_securityhub_finding_14.yaml.bak new file mode 100755 index 000000000..fe7b3bc06 --- /dev/null +++ b/queries/aws_securityhub_finding_14.yaml.bak @@ -0,0 +1,43 @@ +ID: aws_securityhub_finding_14 +Title: "Find all AWS Security Hub Findings and Details" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + distinct i.instance_id, + i.instance_state, + i.instance_type, + f.title, + f.compliance_status, + f.severity ->> 'Original' as severity_original + from + aws_ec2_instance as i, + aws_securityhub_finding as f, + jsonb_array_elements(resources) as r + where + compliance_status = 'FAILED' + and + r ->> 'Type' = 'AwsEc2Instance' + and + i.arn = r ->> 'Id'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_15.yaml b/queries/aws_securityhub_finding_15.yaml index 8c10c6781..c669cbff9 100755 --- a/queries/aws_securityhub_finding_15.yaml +++ b/queries/aws_securityhub_finding_15.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_15 Title: "List AWS Security Hub Findings by Resource Type" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_15.yaml.bak b/queries/aws_securityhub_finding_15.yaml.bak new file mode 100755 index 000000000..8c10c6781 --- /dev/null +++ b/queries/aws_securityhub_finding_15.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_securityhub_finding_15 +Title: "List AWS Security Hub Findings by Resource Type" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r ->> 'Type' as resource_type, + count(r ->> 'Type') + from + aws_securityhub_finding, + jsonb_array_elements(resources) as r + group by + r ->> 'Type' + order by + count desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_16.yaml b/queries/aws_securityhub_finding_16.yaml index 1fabdbfc8..cab746a73 100755 --- a/queries/aws_securityhub_finding_16.yaml +++ b/queries/aws_securityhub_finding_16.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_16 Title: "Find AWS Security Hub Findings Details Including Severity" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_16.yaml.bak b/queries/aws_securityhub_finding_16.yaml.bak new file mode 100755 index 000000000..1fabdbfc8 --- /dev/null +++ b/queries/aws_securityhub_finding_16.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_securityhub_finding_16 +Title: "Find AWS Security Hub Findings Details Including Severity" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + id, + company_name, + created_at, + criticality, + confidence + from + aws_securityhub_finding + where + standards_control_arn like '%cis-aws-foundations-benchmark%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_17.yaml b/queries/aws_securityhub_finding_17.yaml index 379b6474d..eea7f9b5d 100755 --- a/queries/aws_securityhub_finding_17.yaml +++ b/queries/aws_securityhub_finding_17.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_17 Title: "Find AWS Security Hub Findings and Severity Details" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_17.yaml.bak b/queries/aws_securityhub_finding_17.yaml.bak new file mode 100755 index 000000000..379b6474d --- /dev/null +++ b/queries/aws_securityhub_finding_17.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_securityhub_finding_17 +Title: "Find AWS Security Hub Findings and Severity Details" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + f.title, + f.id, + f.company_name, + f.created_at, + f.criticality, + f.confidence + from + aws_securityhub_finding as f, + aws_securityhub_standards_control as c + where + c.arn = f.standards_control_arn + and + c.control_id = 'Config.1'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_18.yaml b/queries/aws_securityhub_finding_18.yaml index 73d906f92..cbd6853d9 100755 --- a/queries/aws_securityhub_finding_18.yaml +++ b/queries/aws_securityhub_finding_18.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_18 Title: "List all AWS Security Hub Findings for Compliance Failures" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_18.yaml.bak b/queries/aws_securityhub_finding_18.yaml.bak new file mode 100755 index 000000000..73d906f92 --- /dev/null +++ b/queries/aws_securityhub_finding_18.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_securityhub_finding_18 +Title: "List all AWS Security Hub Findings for Compliance Failures" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + distinct r ->> 'Id' as resource_arn, + r ->> 'Type' as resource_type, + f.title, + f.compliance_status, + f.severity ->> 'Original' as severity_original + from + aws_securityhub_finding as f, + jsonb_array_elements(resources) as r + where + f.compliance_status = 'FAILED' + and + standards_control_arn like '%cis-aws-foundations-benchmark%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_19.yaml b/queries/aws_securityhub_finding_19.yaml index 33db1cdd6..fe3770005 100755 --- a/queries/aws_securityhub_finding_19.yaml +++ b/queries/aws_securityhub_finding_19.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_19 Title: "Find AWS Security Hub Findings in Production Environment" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_19.yaml.bak b/queries/aws_securityhub_finding_19.yaml.bak new file mode 100755 index 000000000..33db1cdd6 --- /dev/null +++ b/queries/aws_securityhub_finding_19.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_securityhub_finding_19 +Title: "Find AWS Security Hub Findings in Production Environment" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + distinct r ->> 'Id' as resource_arn, + r ->> 'Type' as resource_type, + f.title, + f.compliance_status, + f.severity ->> 'Original' as severity_original + from + aws_securityhub_finding as f, + jsonb_array_elements(resources) as r + where + r -> 'Tags' ->> 'Environment' = 'PROD'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_2.yaml b/queries/aws_securityhub_finding_2.yaml index 2e730f14c..7768172ff 100755 --- a/queries/aws_securityhub_finding_2.yaml +++ b/queries/aws_securityhub_finding_2.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_2 Title: "List AWS Security Hub Findings by Severity" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_2.yaml.bak b/queries/aws_securityhub_finding_2.yaml.bak new file mode 100755 index 000000000..2e730f14c --- /dev/null +++ b/queries/aws_securityhub_finding_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_securityhub_finding_2 +Title: "List AWS Security Hub Findings by Severity" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + product_arn, + product_name, + severity ->> 'Original' as severity_original + from + aws_securityhub_finding + where + severity ->> 'Original' = 'HIGH'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Hub diff --git a/queries/aws_securityhub_finding_20.yaml b/queries/aws_securityhub_finding_20.yaml index 16b93eec9..5add019b6 100755 --- a/queries/aws_securityhub_finding_20.yaml +++ b/queries/aws_securityhub_finding_20.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_20 Title: "List all Security Hub findings with environment tags" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_20.yaml.bak b/queries/aws_securityhub_finding_20.yaml.bak new file mode 100755 index 000000000..16b93eec9 --- /dev/null +++ b/queries/aws_securityhub_finding_20.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_securityhub_finding_20 +Title: "List all Security Hub findings with environment tags" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r -> 'Tags' ->> 'Environment' as environment, + count(r ->> 'Tags') + from + aws_securityhub_finding as f, + jsonb_array_elements(resources) as r + group by + r -> 'Tags' ->> 'Environment' + order by + count desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Hub diff --git a/queries/aws_securityhub_finding_21.yaml b/queries/aws_securityhub_finding_21.yaml index c6a0ec7eb..19d67dc74 100755 --- a/queries/aws_securityhub_finding_21.yaml +++ b/queries/aws_securityhub_finding_21.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_21 Title: "Find AWS Security Hub Findings with Details" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_21.yaml.bak b/queries/aws_securityhub_finding_21.yaml.bak new file mode 100755 index 000000000..c6a0ec7eb --- /dev/null +++ b/queries/aws_securityhub_finding_21.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_securityhub_finding_21 +Title: "Find AWS Security Hub Findings with Details" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + f.severity ->> 'Original' as severity, + r ->> 'Type' as resource_type, + source_account_id + from + aws_securityhub_finding as f, + jsonb_array_elements(resources) r + where + source_account_id = '0123456789012'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Hub diff --git a/queries/aws_securityhub_finding_22.yaml b/queries/aws_securityhub_finding_22.yaml index d126f6fa2..5860c0965 100755 --- a/queries/aws_securityhub_finding_22.yaml +++ b/queries/aws_securityhub_finding_22.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_22 Title: "Find all Security Hub Findings and Details" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_22.yaml.bak b/queries/aws_securityhub_finding_22.yaml.bak new file mode 100755 index 000000000..d126f6fa2 --- /dev/null +++ b/queries/aws_securityhub_finding_22.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_securityhub_finding_22 +Title: "Find all Security Hub Findings and Details" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + source_account_id, + count(*) as finding_count + from + aws_securityhub_finding + group by + source_account_id + order by + source_account_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_3.yaml b/queries/aws_securityhub_finding_3.yaml index 886d090b1..0f2eb3169 100755 --- a/queries/aws_securityhub_finding_3.yaml +++ b/queries/aws_securityhub_finding_3.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_3 Title: "List all AWS Security Hub Findings and Severity" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_3.yaml.bak b/queries/aws_securityhub_finding_3.yaml.bak new file mode 100755 index 000000000..886d090b1 --- /dev/null +++ b/queries/aws_securityhub_finding_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_securityhub_finding_3 +Title: "List all AWS Security Hub Findings and Severity" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + severity ->> 'Original' as severity_original, + count(severity ->> 'Original') + from + aws_securityhub_finding + group by + severity ->> 'Original' + order by + severity ->> 'Original'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_4.yaml b/queries/aws_securityhub_finding_4.yaml index 77f32a37e..02ad25d73 100755 --- a/queries/aws_securityhub_finding_4.yaml +++ b/queries/aws_securityhub_finding_4.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_4 Title: "Find AWS Security Hub Findings with Failed Status" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_4.yaml.bak b/queries/aws_securityhub_finding_4.yaml.bak new file mode 100755 index 000000000..77f32a37e --- /dev/null +++ b/queries/aws_securityhub_finding_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_securityhub_finding_4 +Title: "Find AWS Security Hub Findings with Failed Status" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + product_arn, + product_name, + compliance ->> 'Status' as compliance_status, + compliance ->> 'StatusReasons' as compliance_status_reasons + from + aws_securityhub_finding + where + compliance ->> 'Status' = 'FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_5.yaml b/queries/aws_securityhub_finding_5.yaml index 8ab9e93f0..4a36d1707 100755 --- a/queries/aws_securityhub_finding_5.yaml +++ b/queries/aws_securityhub_finding_5.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_5 Title: "Find all AWS Security Hub Findings with SQL" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_5.yaml.bak b/queries/aws_securityhub_finding_5.yaml.bak new file mode 100755 index 000000000..8ab9e93f0 --- /dev/null +++ b/queries/aws_securityhub_finding_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_securityhub_finding_5 +Title: "Find all AWS Security Hub Findings with SQL" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + product_arn, + product_name, + malware + from + aws_securityhub_finding + where + malware is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Hub diff --git a/queries/aws_securityhub_finding_6.yaml b/queries/aws_securityhub_finding_6.yaml index 763bdf663..ba86d0a4e 100755 --- a/queries/aws_securityhub_finding_6.yaml +++ b/queries/aws_securityhub_finding_6.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_6 Title: "List AWS Security Hub Findings for Critical Issues" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_6.yaml.bak b/queries/aws_securityhub_finding_6.yaml.bak new file mode 100755 index 000000000..763bdf663 --- /dev/null +++ b/queries/aws_securityhub_finding_6.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_securityhub_finding_6 +Title: "List AWS Security Hub Findings for Critical Issues" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + product_arn, + product_name, + severity ->> 'Original' as severity_original + from + aws_securityhub_finding + where + severity ->> 'Original' = 'CRITICAL' + and + created_at >= now() - interval '10' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_7.yaml b/queries/aws_securityhub_finding_7.yaml index d6ecee3ed..afd98ac64 100755 --- a/queries/aws_securityhub_finding_7.yaml +++ b/queries/aws_securityhub_finding_7.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_7 Title: "Find all AWS Security Hub Findings with SQL" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_7.yaml.bak b/queries/aws_securityhub_finding_7.yaml.bak new file mode 100755 index 000000000..d6ecee3ed --- /dev/null +++ b/queries/aws_securityhub_finding_7.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_securityhub_finding_7 +Title: "Find all AWS Security Hub Findings with SQL" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + product_arn, + product_name, + criticality + from + aws_securityhub_finding + order by + criticality desc nulls last; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Hub diff --git a/queries/aws_securityhub_finding_8.yaml b/queries/aws_securityhub_finding_8.yaml index 0606f4342..10b90a6ef 100755 --- a/queries/aws_securityhub_finding_8.yaml +++ b/queries/aws_securityhub_finding_8.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_8 Title: "Find all AWS Security Hub Findings with Issues" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_8.yaml.bak b/queries/aws_securityhub_finding_8.yaml.bak new file mode 100755 index 000000000..0606f4342 --- /dev/null +++ b/queries/aws_securityhub_finding_8.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_securityhub_finding_8 +Title: "Find all AWS Security Hub Findings with Issues" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + id, + product_arn, + product_name, + company_name + from + aws_securityhub_finding + where + company_name = 'Turbot'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_9.yaml b/queries/aws_securityhub_finding_9.yaml index 07243b6c4..500f960d9 100755 --- a/queries/aws_securityhub_finding_9.yaml +++ b/queries/aws_securityhub_finding_9.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_9 Title: "Find all Security Hub Findings within AWS Resources" Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_9.yaml.bak b/queries/aws_securityhub_finding_9.yaml.bak new file mode 100755 index 000000000..07243b6c4 --- /dev/null +++ b/queries/aws_securityhub_finding_9.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_securityhub_finding_9 +Title: "Find all Security Hub Findings within AWS Resources" +Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + product_arn, + product_name, + updated_at + from + aws_securityhub_finding + where + updated_at >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_finding_aggregator_1.yaml b/queries/aws_securityhub_finding_aggregator_1.yaml index 9c69ef0da..b1cb1bd82 100755 --- a/queries/aws_securityhub_finding_aggregator_1.yaml +++ b/queries/aws_securityhub_finding_aggregator_1.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_aggregator_1 Title: "List all findings in AWS Security Hub Aggregator" Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_aggregator_1.yaml.bak b/queries/aws_securityhub_finding_aggregator_1.yaml.bak new file mode 100755 index 000000000..9c69ef0da --- /dev/null +++ b/queries/aws_securityhub_finding_aggregator_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_securityhub_finding_aggregator_1 +Title: "List all findings in AWS Security Hub Aggregator" +Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + finding_aggregation_region, + region_linking_mode + from + aws_securityhub_finding_aggregator; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Hub diff --git a/queries/aws_securityhub_finding_aggregator_2.yaml b/queries/aws_securityhub_finding_aggregator_2.yaml index c9fce1060..e14f71265 100755 --- a/queries/aws_securityhub_finding_aggregator_2.yaml +++ b/queries/aws_securityhub_finding_aggregator_2.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_aggregator_2 Title: "Find information in AWS Security Hub Finding Aggregator" Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_aggregator_2.yaml.bak b/queries/aws_securityhub_finding_aggregator_2.yaml.bak new file mode 100755 index 000000000..c9fce1060 --- /dev/null +++ b/queries/aws_securityhub_finding_aggregator_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_securityhub_finding_aggregator_2 +Title: "Find information in AWS Security Hub Finding Aggregator" +Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + finding_aggregation_region, + region_linking_mode + from + aws_securityhub_finding_aggregator + where + region_linking_mode = 'ALL_REGIONS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub Finding Aggregator diff --git a/queries/aws_securityhub_finding_aggregator_3.yaml b/queries/aws_securityhub_finding_aggregator_3.yaml index d38ea238c..9567a51b4 100755 --- a/queries/aws_securityhub_finding_aggregator_3.yaml +++ b/queries/aws_securityhub_finding_aggregator_3.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_aggregator_3 Title: "Find Info About AWS Security Hub Finding Aggregator" Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_aggregator_3.yaml.bak b/queries/aws_securityhub_finding_aggregator_3.yaml.bak new file mode 100755 index 000000000..d38ea238c --- /dev/null +++ b/queries/aws_securityhub_finding_aggregator_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_securityhub_finding_aggregator_3 +Title: "Find Info About AWS Security Hub Finding Aggregator" +Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + region_linking_mode, + r as linked_region + from + aws_securityhub_finding_aggregator, + jsonb_array_elements_text(regions) as r + where + region_linking_mode = 'SPECIFIED_REGIONS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Hub diff --git a/queries/aws_securityhub_finding_aggregator_4.yaml b/queries/aws_securityhub_finding_aggregator_4.yaml index 60240ca14..aea948087 100755 --- a/queries/aws_securityhub_finding_aggregator_4.yaml +++ b/queries/aws_securityhub_finding_aggregator_4.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_finding_aggregator_4 Title: "Find Security Hub Findings Aggregator Details in AWS" Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_finding_aggregator_4.yaml.bak b/queries/aws_securityhub_finding_aggregator_4.yaml.bak new file mode 100755 index 000000000..60240ca14 --- /dev/null +++ b/queries/aws_securityhub_finding_aggregator_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_securityhub_finding_aggregator_4 +Title: "Find Security Hub Findings Aggregator Details in AWS" +Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + a.name as linked_region + from + aws_securityhub_finding_aggregator as f, + aws_region as a, + jsonb_array_elements_text(f.regions) as r + where + region_linking_mode = 'ALL_REGIONS_EXCEPT_SPECIFIED' + and + a.name <> r; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_hub_1.yaml b/queries/aws_securityhub_hub_1.yaml index 17deb09fd..0bb5b44ac 100755 --- a/queries/aws_securityhub_hub_1.yaml +++ b/queries/aws_securityhub_hub_1.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_hub_1 Title: "Find AWS Security Hub Resources Information" Description: "Allows users to query Security Hub to retrieve information about the Hub resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_hub_1.yaml.bak b/queries/aws_securityhub_hub_1.yaml.bak new file mode 100755 index 000000000..17deb09fd --- /dev/null +++ b/queries/aws_securityhub_hub_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_securityhub_hub_1 +Title: "Find AWS Security Hub Resources Information" +Description: "Allows users to query Security Hub to retrieve information about the Hub resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + hub_arn, + auto_enable_controls, + subscribed_at, + region + from + aws_securityhub_hub; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_hub_2.yaml b/queries/aws_securityhub_hub_2.yaml index 79ce9f876..28a7b5fe1 100755 --- a/queries/aws_securityhub_hub_2.yaml +++ b/queries/aws_securityhub_hub_2.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_hub_2 Title: "List all Hub resources from AWS Security Hub" Description: "Allows users to query Security Hub to retrieve information about the Hub resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_hub_2.yaml.bak b/queries/aws_securityhub_hub_2.yaml.bak new file mode 100755 index 000000000..79ce9f876 --- /dev/null +++ b/queries/aws_securityhub_hub_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_securityhub_hub_2 +Title: "List all Hub resources from AWS Security Hub" +Description: "Allows users to query Security Hub to retrieve information about the Hub resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + hub_arn, + auto_enable_controls + from + aws_securityhub_hub + where + not auto_enable_controls; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_hub_3.yaml b/queries/aws_securityhub_hub_3.yaml index 800103930..db15fd0d4 100755 --- a/queries/aws_securityhub_hub_3.yaml +++ b/queries/aws_securityhub_hub_3.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_hub_3 Title: "Find Administrator Account Info in AWS Security Hub" Description: "Allows users to query Security Hub to retrieve information about the Hub resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_hub_3.yaml.bak b/queries/aws_securityhub_hub_3.yaml.bak new file mode 100755 index 000000000..db15fd0d4 --- /dev/null +++ b/queries/aws_securityhub_hub_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_securityhub_hub_3 +Title: "Find Administrator Account Info in AWS Security Hub" +Description: "Allows users to query Security Hub to retrieve information about the Hub resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + hub_arn, + auto_enable_controls, + administrator_account ->> 'AccountId' as administrator_account_id, + administrator_account ->> 'InvitationId' as administrator_invitation_id, + administrator_account ->> 'InvitedAt' as administrator_invitation_time, + administrator_account ->> 'MemberStatus' as administrator_status + from + aws_securityhub_hub + where + administrator_account is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_hub_3.yaml.bak.bak b/queries/aws_securityhub_hub_3.yaml.bak.bak new file mode 100755 index 000000000..db15fd0d4 --- /dev/null +++ b/queries/aws_securityhub_hub_3.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_securityhub_hub_3 +Title: "Find Administrator Account Info in AWS Security Hub" +Description: "Allows users to query Security Hub to retrieve information about the Hub resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + hub_arn, + auto_enable_controls, + administrator_account ->> 'AccountId' as administrator_account_id, + administrator_account ->> 'InvitationId' as administrator_invitation_id, + administrator_account ->> 'InvitedAt' as administrator_invitation_time, + administrator_account ->> 'MemberStatus' as administrator_status + from + aws_securityhub_hub + where + administrator_account is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_insight_1.yaml b/queries/aws_securityhub_insight_1.yaml index a33182783..4e0176aec 100755 --- a/queries/aws_securityhub_insight_1.yaml +++ b/queries/aws_securityhub_insight_1.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_insight_1 Title: "Find Insights in AWS Security Hub with SQL" Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_insight_1.yaml.bak b/queries/aws_securityhub_insight_1.yaml.bak new file mode 100755 index 000000000..a33182783 --- /dev/null +++ b/queries/aws_securityhub_insight_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_securityhub_insight_1 +Title: "Find Insights in AWS Security Hub with SQL" +Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + group_by_attribute, + region + from + aws_securityhub_insight; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_insight_10.yaml b/queries/aws_securityhub_insight_10.yaml index da52ee9ba..944322885 100755 --- a/queries/aws_securityhub_insight_10.yaml +++ b/queries/aws_securityhub_insight_10.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_insight_10 Title: "Find AWS Security Hub Insights Details Using SQL" Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_insight_10.yaml.bak b/queries/aws_securityhub_insight_10.yaml.bak new file mode 100755 index 000000000..da52ee9ba --- /dev/null +++ b/queries/aws_securityhub_insight_10.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_securityhub_insight_10 +Title: "Find AWS Security Hub Insights Details Using SQL" +Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + filters ->> 'RecordState' as record_state + from + aws_securityhub_insight + where + name = 'sp'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_insight_2.yaml b/queries/aws_securityhub_insight_2.yaml index ad0a5f6fd..c198f559a 100755 --- a/queries/aws_securityhub_insight_2.yaml +++ b/queries/aws_securityhub_insight_2.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_insight_2 Title: "List all AWS Security Hub Insights with Details" Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_insight_2.yaml.bak b/queries/aws_securityhub_insight_2.yaml.bak new file mode 100755 index 000000000..ad0a5f6fd --- /dev/null +++ b/queries/aws_securityhub_insight_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_securityhub_insight_2 +Title: "List all AWS Security Hub Insights with Details" +Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + group_by_attribute, + region + from + aws_securityhub_insight + where + group_by_attribute = 'ResourceId'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_insight_3.yaml b/queries/aws_securityhub_insight_3.yaml index 9ec6344c5..32892c13f 100755 --- a/queries/aws_securityhub_insight_3.yaml +++ b/queries/aws_securityhub_insight_3.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_insight_3 Title: "Find AWS Security Hub Insights Details using SQL" Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_insight_3.yaml.bak b/queries/aws_securityhub_insight_3.yaml.bak new file mode 100755 index 000000000..9ec6344c5 --- /dev/null +++ b/queries/aws_securityhub_insight_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_securityhub_insight_3 +Title: "Find AWS Security Hub Insights Details using SQL" +Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + filters ->> 'WorkflowStatus' as workflow_status + from + aws_securityhub_insight; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_insight_4.yaml b/queries/aws_securityhub_insight_4.yaml index 4878b0f8e..8bc0c635d 100755 --- a/queries/aws_securityhub_insight_4.yaml +++ b/queries/aws_securityhub_insight_4.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_insight_4 Title: "Find AWS Security Hub Insights with Severity Filters" Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_insight_4.yaml.bak b/queries/aws_securityhub_insight_4.yaml.bak new file mode 100755 index 000000000..4878b0f8e --- /dev/null +++ b/queries/aws_securityhub_insight_4.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_securityhub_insight_4 +Title: "Find AWS Security Hub Insights with Severity Filters" +Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + filters ->> 'SeverityLabel' as severity_label + from + aws_securityhub_insight; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_insight_5.yaml b/queries/aws_securityhub_insight_5.yaml index 243d74602..f718d0329 100755 --- a/queries/aws_securityhub_insight_5.yaml +++ b/queries/aws_securityhub_insight_5.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_insight_5 Title: "Find AWS Security Hub Insights with Critical Severity" Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_insight_5.yaml.bak b/queries/aws_securityhub_insight_5.yaml.bak new file mode 100755 index 000000000..243d74602 --- /dev/null +++ b/queries/aws_securityhub_insight_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_securityhub_insight_5 +Title: "Find AWS Security Hub Insights with Critical Severity" +Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + filters ->> 'SeverityLabel' as severity + from + aws_securityhub_insight + where + filters ->> 'SeverityLabel' = '{"Comparison": "EQUALS", "Value": "CRITICAL"}' + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_insight_6.yaml b/queries/aws_securityhub_insight_6.yaml index 798bf13f6..23eb1d11a 100755 --- a/queries/aws_securityhub_insight_6.yaml +++ b/queries/aws_securityhub_insight_6.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_insight_6 Title: "List all AWS Security Hub Insights with Filters and Grouping" Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_insight_6.yaml.bak b/queries/aws_securityhub_insight_6.yaml.bak new file mode 100755 index 000000000..798bf13f6 --- /dev/null +++ b/queries/aws_securityhub_insight_6.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_securityhub_insight_6 +Title: "List all AWS Security Hub Insights with Filters and Grouping" +Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + filters ->> 'ThreatIntelIndicatorType' as threat_intelligence_details + from + aws_securityhub_insight + where + filters ->> 'ThreatIntelIndicatorType' = '{"Comparison": "EQUALS", "Value": "IPV4_ADDRESS"}' + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Hub diff --git a/queries/aws_securityhub_insight_7.yaml b/queries/aws_securityhub_insight_7.yaml index 2f02e404f..657ab0a0f 100755 --- a/queries/aws_securityhub_insight_7.yaml +++ b/queries/aws_securityhub_insight_7.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_insight_7 Title: "Find All AWS Security Hub Insights with SQL Query" Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_insight_7.yaml.bak b/queries/aws_securityhub_insight_7.yaml.bak new file mode 100755 index 000000000..2f02e404f --- /dev/null +++ b/queries/aws_securityhub_insight_7.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_securityhub_insight_7 +Title: "Find All AWS Security Hub Insights with SQL Query" +Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + filters ->> 'ComplianceStatus' as compliance_status + from + aws_securityhub_insight + where + filters ->> 'ComplianceStatus' = '{"Comparison": "EQUALS", "Value": "FAILED"}' + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_insight_8.yaml b/queries/aws_securityhub_insight_8.yaml index ae6a8a443..9c6cdded9 100755 --- a/queries/aws_securityhub_insight_8.yaml +++ b/queries/aws_securityhub_insight_8.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_insight_8 Title: "List all AWS Security Hub Insights with Details" Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_insight_8.yaml.bak b/queries/aws_securityhub_insight_8.yaml.bak new file mode 100755 index 000000000..ae6a8a443 --- /dev/null +++ b/queries/aws_securityhub_insight_8.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_securityhub_insight_8 +Title: "List all AWS Security Hub Insights with Details" +Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + filters ->> 'MalwareName' as malware_name, + filters ->> 'MalwarePath' as malware_path, + filters ->> 'MalwareType' as malware_type + from + aws_securityhub_insight; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_insight_9.yaml b/queries/aws_securityhub_insight_9.yaml index 1a9277117..82e853c9b 100755 --- a/queries/aws_securityhub_insight_9.yaml +++ b/queries/aws_securityhub_insight_9.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_insight_9 Title: "Find AWS Security Hub Insights and Network Attributes" Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_insight_9.yaml.bak b/queries/aws_securityhub_insight_9.yaml.bak new file mode 100755 index 000000000..1a9277117 --- /dev/null +++ b/queries/aws_securityhub_insight_9.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_securityhub_insight_9 +Title: "Find AWS Security Hub Insights and Network Attributes" +Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + filters ->> 'NetworkSourceDomain' as network_source_domain, + filters ->> 'NetworkDestinationDomain' as network_destination_domain, + filters ->> 'NetworkSourceIpV4' as network_source_ip_v4, + filters ->> 'NetworkDestinationIpV4' as network_destination_ip_v4, + filters ->> 'NetworkSourceIpV6' as network_source_ip_v6, + filters ->> 'NetworkDestinationIpV6' as network_destination_ip_v6, + filters ->> 'NetworkSourcePort' as network_source_port, + filters ->> 'NetworkDestinationPort' as network_destination_port + from + aws_securityhub_insight; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_member_1.yaml b/queries/aws_securityhub_member_1.yaml index 9b2d37cf3..96d4fd882 100755 --- a/queries/aws_securityhub_member_1.yaml +++ b/queries/aws_securityhub_member_1.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_member_1 Title: "Find AWS Security Hub Members for Detailed Information" Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_member_1.yaml.bak b/queries/aws_securityhub_member_1.yaml.bak new file mode 100755 index 000000000..9b2d37cf3 --- /dev/null +++ b/queries/aws_securityhub_member_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_securityhub_member_1 +Title: "Find AWS Security Hub Members for Detailed Information" +Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + member_account_id, + email, + administrator_id, + member_status, + updated_at + from + aws_securityhub_member; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_member_2.yaml b/queries/aws_securityhub_member_2.yaml index 72111d1cf..434633589 100755 --- a/queries/aws_securityhub_member_2.yaml +++ b/queries/aws_securityhub_member_2.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_member_2 Title: "Find AWS Security Hub Members with Detailed Info" Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_member_2.yaml.bak b/queries/aws_securityhub_member_2.yaml.bak new file mode 100755 index 000000000..72111d1cf --- /dev/null +++ b/queries/aws_securityhub_member_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_securityhub_member_2 +Title: "Find AWS Security Hub Members with Detailed Info" +Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + member_account_id, + email, + administrator_id, + member_status, + updated_at, + invited_at + from + aws_securityhub_member + where + member_status = 'Enabled'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_member_3.yaml b/queries/aws_securityhub_member_3.yaml index 9b40f6160..f9b9ae447 100755 --- a/queries/aws_securityhub_member_3.yaml +++ b/queries/aws_securityhub_member_3.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_member_3 Title: "List all AWS Security Hub Members with Detailed Information" Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_member_3.yaml.bak b/queries/aws_securityhub_member_3.yaml.bak new file mode 100755 index 000000000..9b40f6160 --- /dev/null +++ b/queries/aws_securityhub_member_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_securityhub_member_3 +Title: "List all AWS Security Hub Members with Detailed Information" +Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + member_account_id, + email, + administrator_id, + member_status, + updated_at + from + aws_securityhub_member + where + member_status = 'Created'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_member_4.yaml b/queries/aws_securityhub_member_4.yaml index 92ad84656..66e2d4621 100755 --- a/queries/aws_securityhub_member_4.yaml +++ b/queries/aws_securityhub_member_4.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_member_4 Title: "List all AWS Security Hub Members with details" Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_member_4.yaml.bak b/queries/aws_securityhub_member_4.yaml.bak new file mode 100755 index 000000000..92ad84656 --- /dev/null +++ b/queries/aws_securityhub_member_4.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_securityhub_member_4 +Title: "List all AWS Security Hub Members with details" +Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + member_account_id, + email, + administrator_id, + member_status, + updated_at, + invited_at + from + aws_securityhub_member + where + member_status = 'Enabled' + and + invited_at <= (now() - interval '10' day); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_product_1.yaml b/queries/aws_securityhub_product_1.yaml index 64d4c557b..89a8613a5 100755 --- a/queries/aws_securityhub_product_1.yaml +++ b/queries/aws_securityhub_product_1.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_product_1 Title: "Find AWS Security Hub Product Details for Security Insights" Description: "Allows users to query AWS Security Hub Product details for comprehensive security and compliance insights." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_product_1.yaml.bak b/queries/aws_securityhub_product_1.yaml.bak new file mode 100755 index 000000000..64d4c557b --- /dev/null +++ b/queries/aws_securityhub_product_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_securityhub_product_1 +Title: "Find AWS Security Hub Product Details for Security Insights" +Description: "Allows users to query AWS Security Hub Product details for comprehensive security and compliance insights." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + product_arn, + company_name, + description + from + aws_securityhub_product; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_product_2.yaml b/queries/aws_securityhub_product_2.yaml index 78652e9e4..2e1348f0e 100755 --- a/queries/aws_securityhub_product_2.yaml +++ b/queries/aws_securityhub_product_2.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_product_2 Title: "Find AWS Security Hub Product Details" Description: "Allows users to query AWS Security Hub Product details for comprehensive security and compliance insights." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_product_2.yaml.bak b/queries/aws_securityhub_product_2.yaml.bak new file mode 100755 index 000000000..78652e9e4 --- /dev/null +++ b/queries/aws_securityhub_product_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_securityhub_product_2 +Title: "Find AWS Security Hub Product Details" +Description: "Allows users to query AWS Security Hub Product details for comprehensive security and compliance insights." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + company_name, + description + from + aws_securityhub_product + where + company_name = 'AWS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_product_3.yaml b/queries/aws_securityhub_product_3.yaml index cefb7b540..2117ca594 100755 --- a/queries/aws_securityhub_product_3.yaml +++ b/queries/aws_securityhub_product_3.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_product_3 Title: "Find AWS Security Hub Products for Security Insights" Description: "Allows users to query AWS Security Hub Product details for comprehensive security and compliance insights." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_product_3.yaml.bak b/queries/aws_securityhub_product_3.yaml.bak new file mode 100755 index 000000000..cefb7b540 --- /dev/null +++ b/queries/aws_securityhub_product_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_securityhub_product_3 +Title: "Find AWS Security Hub Products for Security Insights" +Description: "Allows users to query AWS Security Hub Product details for comprehensive security and compliance insights." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + product_arn, + company_name + from + aws_securityhub_product, + jsonb_array_elements_text(integration_types) as i + where + i = 'SEND_FINDINGS_TO_SECURITY_HUB'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_standards_control_1.yaml b/queries/aws_securityhub_standards_control_1.yaml index b78b44cd9..f31475964 100755 --- a/queries/aws_securityhub_standards_control_1.yaml +++ b/queries/aws_securityhub_standards_control_1.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_standards_control_1 Title: "Find AWS Security Hub Standards Control Data" Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_standards_control_1.yaml.bak b/queries/aws_securityhub_standards_control_1.yaml.bak new file mode 100755 index 000000000..b78b44cd9 --- /dev/null +++ b/queries/aws_securityhub_standards_control_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_securityhub_standards_control_1 +Title: "Find AWS Security Hub Standards Control Data" +Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + control_id, + control_status, + severity_rating + from + aws_securityhub_standards_control; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_standards_control_2.yaml b/queries/aws_securityhub_standards_control_2.yaml index 305a23432..a7d09db90 100755 --- a/queries/aws_securityhub_standards_control_2.yaml +++ b/queries/aws_securityhub_standards_control_2.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_standards_control_2 Title: "List details of AWS Security Hub Standards Controls" Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_standards_control_2.yaml.bak b/queries/aws_securityhub_standards_control_2.yaml.bak new file mode 100755 index 000000000..305a23432 --- /dev/null +++ b/queries/aws_securityhub_standards_control_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_securityhub_standards_control_2 +Title: "List details of AWS Security Hub Standards Controls" +Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + control_id, + control_status, + severity_rating + from + aws_securityhub_standards_control + where + control_status = 'DISABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub Standards Control diff --git a/queries/aws_securityhub_standards_control_3.yaml b/queries/aws_securityhub_standards_control_3.yaml index 73a6925a5..873d890d2 100755 --- a/queries/aws_securityhub_standards_control_3.yaml +++ b/queries/aws_securityhub_standards_control_3.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_standards_control_3 Title: "List AWS Security Hub Standards Control Data Details" Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_standards_control_3.yaml.bak b/queries/aws_securityhub_standards_control_3.yaml.bak new file mode 100755 index 000000000..73a6925a5 --- /dev/null +++ b/queries/aws_securityhub_standards_control_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_securityhub_standards_control_3 +Title: "List AWS Security Hub Standards Control Data Details" +Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + severity_rating, + count(severity_rating) + from + aws_securityhub_standards_control + group by + severity_rating + order by + severity_rating; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_standards_control_4.yaml b/queries/aws_securityhub_standards_control_4.yaml index 04aa953b8..5c102f9b1 100755 --- a/queries/aws_securityhub_standards_control_4.yaml +++ b/queries/aws_securityhub_standards_control_4.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_standards_control_4 Title: "Find AWS Security Hub Standards Control with High Severity" Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_standards_control_4.yaml.bak b/queries/aws_securityhub_standards_control_4.yaml.bak new file mode 100755 index 000000000..04aa953b8 --- /dev/null +++ b/queries/aws_securityhub_standards_control_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_securityhub_standards_control_4 +Title: "Find AWS Security Hub Standards Control with High Severity" +Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + control_id, + control_status, + severity_rating + from + aws_securityhub_standards_control + where + severity_rating = 'HIGH'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_standards_control_5.yaml b/queries/aws_securityhub_standards_control_5.yaml index d7de56f4d..662322a73 100755 --- a/queries/aws_securityhub_standards_control_5.yaml +++ b/queries/aws_securityhub_standards_control_5.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_standards_control_5 Title: "Find details of AWS Security Hub Standards Control" Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_standards_control_5.yaml.bak b/queries/aws_securityhub_standards_control_5.yaml.bak new file mode 100755 index 000000000..d7de56f4d --- /dev/null +++ b/queries/aws_securityhub_standards_control_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_securityhub_standards_control_5 +Title: "Find details of AWS Security Hub Standards Control" +Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + control_id, + control_status, + severity_rating + from + aws_securityhub_standards_control + where + control_status_updated_at >= (now() - interval '30' day); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_standards_control_6.yaml b/queries/aws_securityhub_standards_control_6.yaml index 4f00d2c6f..5c0ac7610 100755 --- a/queries/aws_securityhub_standards_control_6.yaml +++ b/queries/aws_securityhub_standards_control_6.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_standards_control_6 Title: "List AWS Security Hub Standards Control Data" Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_standards_control_6.yaml.bak b/queries/aws_securityhub_standards_control_6.yaml.bak new file mode 100755 index 000000000..4f00d2c6f --- /dev/null +++ b/queries/aws_securityhub_standards_control_6.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_securityhub_standards_control_6 +Title: "List AWS Security Hub Standards Control Data" +Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + control_id, + control_status, + severity_rating + from + aws_securityhub_standards_control + where + severity_rating = 'CRITICAL' + and arn like '%cis-aws-foundations-benchmark%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Hub diff --git a/queries/aws_securityhub_standards_control_7.yaml b/queries/aws_securityhub_standards_control_7.yaml index 406c11036..4517ed3a8 100755 --- a/queries/aws_securityhub_standards_control_7.yaml +++ b/queries/aws_securityhub_standards_control_7.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_standards_control_7 Title: "Find AWS Security Hub Standards Control Details" Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_standards_control_7.yaml.bak b/queries/aws_securityhub_standards_control_7.yaml.bak new file mode 100755 index 000000000..406c11036 --- /dev/null +++ b/queries/aws_securityhub_standards_control_7.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_securityhub_standards_control_7 +Title: "Find AWS Security Hub Standards Control Details" +Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + control_id, + r as related_requirements + from + aws_securityhub_standards_control, + jsonb_array_elements_text(related_requirements) as r + where + control_id like '%S3%' + group by + control_id, r + order by + control_id, r; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_standards_control_8.yaml b/queries/aws_securityhub_standards_control_8.yaml index 5a996a411..9b45fad3b 100755 --- a/queries/aws_securityhub_standards_control_8.yaml +++ b/queries/aws_securityhub_standards_control_8.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_standards_control_8 Title: "Find AWS Security Hub Standards Control Data" Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_standards_control_8.yaml.bak b/queries/aws_securityhub_standards_control_8.yaml.bak new file mode 100755 index 000000000..5a996a411 --- /dev/null +++ b/queries/aws_securityhub_standards_control_8.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_securityhub_standards_control_8 +Title: "Find AWS Security Hub Standards Control Data" +Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r as related_requirements, + control_id + from + aws_securityhub_standards_control, + jsonb_array_elements_text(related_requirements) as r + where + r like '%PCI%' + group by + r, control_id + order by + r, control_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_standards_subscription_1.yaml b/queries/aws_securityhub_standards_subscription_1.yaml index 5fe676c04..7d106498a 100755 --- a/queries/aws_securityhub_standards_subscription_1.yaml +++ b/queries/aws_securityhub_standards_subscription_1.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_standards_subscription_1 Title: "Find AWS Security Hub Standards Subscription Details" Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_standards_subscription_1.yaml.bak b/queries/aws_securityhub_standards_subscription_1.yaml.bak new file mode 100755 index 000000000..5fe676c04 --- /dev/null +++ b/queries/aws_securityhub_standards_subscription_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_securityhub_standards_subscription_1 +Title: "Find AWS Security Hub Standards Subscription Details" +Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + standards_arn, + description, + region + from + aws_securityhub_standards_subscription; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub Standards diff --git a/queries/aws_securityhub_standards_subscription_2.yaml b/queries/aws_securityhub_standards_subscription_2.yaml index 81c7b1afe..6e4940bad 100755 --- a/queries/aws_securityhub_standards_subscription_2.yaml +++ b/queries/aws_securityhub_standards_subscription_2.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_standards_subscription_2 Title: "List all AWS Security Hub Standards Subscriptions" Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_standards_subscription_2.yaml.bak b/queries/aws_securityhub_standards_subscription_2.yaml.bak new file mode 100755 index 000000000..81c7b1afe --- /dev/null +++ b/queries/aws_securityhub_standards_subscription_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_securityhub_standards_subscription_2 +Title: "List all AWS Security Hub Standards Subscriptions" +Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + standards_arn, + enabled_by_default + from + aws_securityhub_standards_subscription + where + enabled_by_default; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_standards_subscription_3.yaml b/queries/aws_securityhub_standards_subscription_3.yaml index c48ba225b..82c9acd63 100755 --- a/queries/aws_securityhub_standards_subscription_3.yaml +++ b/queries/aws_securityhub_standards_subscription_3.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_standards_subscription_3 Title: "Find AWS Security Hub Standard Subscriptions Details" Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_standards_subscription_3.yaml.bak b/queries/aws_securityhub_standards_subscription_3.yaml.bak new file mode 100755 index 000000000..c48ba225b --- /dev/null +++ b/queries/aws_securityhub_standards_subscription_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_securityhub_standards_subscription_3 +Title: "Find AWS Security Hub Standard Subscriptions Details" +Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + standards_arn, + standards_subscription_arn, + standards_status, + standards_status_reason_code + from + aws_securityhub_standards_subscription + where + standards_status <> 'READY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Hub diff --git a/queries/aws_securityhub_standards_subscription_4.yaml b/queries/aws_securityhub_standards_subscription_4.yaml index a663b0cb1..4b2bf2367 100755 --- a/queries/aws_securityhub_standards_subscription_4.yaml +++ b/queries/aws_securityhub_standards_subscription_4.yaml @@ -1,7 +1,7 @@ ID: aws_securityhub_standards_subscription_4 Title: "Find all AWS Security Hub Standards Subscriptions" Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securityhub_standards_subscription_4.yaml.bak b/queries/aws_securityhub_standards_subscription_4.yaml.bak new file mode 100755 index 000000000..a663b0cb1 --- /dev/null +++ b/queries/aws_securityhub_standards_subscription_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_securityhub_standards_subscription_4 +Title: "Find all AWS Security Hub Standards Subscriptions" +Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + standards_arn, + standards_managed_by ->> 'Company' as standards_managed_by_company + from + aws_securityhub_standards_subscription + where + standards_managed_by ->> 'Company' <> 'AWS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Hub diff --git a/queries/aws_securitylake_data_lake_1.yaml b/queries/aws_securitylake_data_lake_1.yaml index 0538eb103..55745d8b1 100755 --- a/queries/aws_securitylake_data_lake_1.yaml +++ b/queries/aws_securitylake_data_lake_1.yaml @@ -1,7 +1,7 @@ ID: aws_securitylake_data_lake_1 Title: "List all AWS Lake Formation Data Lakes Information" Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securitylake_data_lake_1.yaml.bak b/queries/aws_securitylake_data_lake_1.yaml.bak new file mode 100755 index 000000000..0538eb103 --- /dev/null +++ b/queries/aws_securitylake_data_lake_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_securitylake_data_lake_1 +Title: "List all AWS Lake Formation Data Lakes Information" +Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + encryption_key, + replication_role_arn, + s3_bucket_arn, + status + from + aws_securitylake_data_lake; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Lake Formation diff --git a/queries/aws_securitylake_data_lake_2.yaml b/queries/aws_securitylake_data_lake_2.yaml index 3661dd949..3c3139d39 100755 --- a/queries/aws_securitylake_data_lake_2.yaml +++ b/queries/aws_securitylake_data_lake_2.yaml @@ -1,7 +1,7 @@ ID: aws_securitylake_data_lake_2 Title: "Find all AWS Lake Formation Data Lakes with Details" Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securitylake_data_lake_2.yaml.bak b/queries/aws_securitylake_data_lake_2.yaml.bak new file mode 100755 index 000000000..3661dd949 --- /dev/null +++ b/queries/aws_securitylake_data_lake_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_securitylake_data_lake_2 +Title: "Find all AWS Lake Formation Data Lakes with Details" +Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + distinct b.name as bucket_name, + l.s3_bucket_arn, + b.creation_date, + b.bucket_policy_is_public, + b.versioning_enabled, + b.block_public_acls + from + aws_securitylake_data_lake as l, + aws_s3_bucket as b + where + l.s3_bucket_arn = b.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Lake Formation diff --git a/queries/aws_securitylake_data_lake_3.yaml b/queries/aws_securitylake_data_lake_3.yaml index dddf0f568..2c11d87e8 100755 --- a/queries/aws_securitylake_data_lake_3.yaml +++ b/queries/aws_securitylake_data_lake_3.yaml @@ -1,7 +1,7 @@ ID: aws_securitylake_data_lake_3 Title: "List AWS Lake Formation Data Lakes with Key Details" Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securitylake_data_lake_3.yaml.bak b/queries/aws_securitylake_data_lake_3.yaml.bak new file mode 100755 index 000000000..dddf0f568 --- /dev/null +++ b/queries/aws_securitylake_data_lake_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_securitylake_data_lake_3 +Title: "List AWS Lake Formation Data Lakes with Key Details" +Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + l.encryption_key, + l.replication_role_arn, + l.s3_bucket_arn, + l.status, + r ->> 'RetentionPeriod' as retention_period, + r ->> 'StorageClass' as storage_class + from + aws_securitylake_data_lake as l, + jsonb_array_elements(retention_settings) as r; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Lake Formation diff --git a/queries/aws_securitylake_data_lake_4.yaml b/queries/aws_securitylake_data_lake_4.yaml index 577472329..4156d3912 100755 --- a/queries/aws_securitylake_data_lake_4.yaml +++ b/queries/aws_securitylake_data_lake_4.yaml @@ -1,7 +1,7 @@ ID: aws_securitylake_data_lake_4 Title: "List all AWS Lake Formation Data Lakes and Details" Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securitylake_data_lake_4.yaml.bak b/queries/aws_securitylake_data_lake_4.yaml.bak new file mode 100755 index 000000000..4156d3912 --- /dev/null +++ b/queries/aws_securitylake_data_lake_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_securitylake_data_lake_4 +Title: "List all AWS Lake Formation Data Lakes and Details" +Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + encryption_key, + replication_role_arn, + s3_bucket_arn, + status + from + aws_securitylake_data_lake + where + status = 'PENDING'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Lake Formation diff --git a/queries/aws_securitylake_data_lake_4.yaml.bak.bak b/queries/aws_securitylake_data_lake_4.yaml.bak.bak new file mode 100755 index 000000000..4156d3912 --- /dev/null +++ b/queries/aws_securitylake_data_lake_4.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_securitylake_data_lake_4 +Title: "List all AWS Lake Formation Data Lakes and Details" +Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + encryption_key, + replication_role_arn, + s3_bucket_arn, + status + from + aws_securitylake_data_lake + where + status = 'PENDING'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Lake Formation diff --git a/queries/aws_securitylake_subscriber_1.yaml b/queries/aws_securitylake_subscriber_1.yaml index 38589ca87..7bf36d6ee 100755 --- a/queries/aws_securitylake_subscriber_1.yaml +++ b/queries/aws_securitylake_subscriber_1.yaml @@ -1,7 +1,7 @@ ID: aws_securitylake_subscriber_1 Title: "List AWS Security Lake Subscriber Details" Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securitylake_subscriber_1.yaml.bak b/queries/aws_securitylake_subscriber_1.yaml.bak new file mode 100755 index 000000000..38589ca87 --- /dev/null +++ b/queries/aws_securitylake_subscriber_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_securitylake_subscriber_1 +Title: "List AWS Security Lake Subscriber Details" +Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + subscriber_name, + subscription_id, + created_at, + role_arn, + s3_bucket_arn, + subscription_endpoint + from + aws_securitylake_subscriber; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Lake diff --git a/queries/aws_securitylake_subscriber_2.yaml b/queries/aws_securitylake_subscriber_2.yaml index f0d773703..ffe220a0c 100755 --- a/queries/aws_securitylake_subscriber_2.yaml +++ b/queries/aws_securitylake_subscriber_2.yaml @@ -1,7 +1,7 @@ ID: aws_securitylake_subscriber_2 Title: "List all AWS Security Lake Subscriber details" Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securitylake_subscriber_2.yaml.bak b/queries/aws_securitylake_subscriber_2.yaml.bak new file mode 100755 index 000000000..f0d773703 --- /dev/null +++ b/queries/aws_securitylake_subscriber_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_securitylake_subscriber_2 +Title: "List all AWS Security Lake Subscriber details" +Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + subscriber_name, + subscription_id, + created_at, + role_arn, + s3_bucket_arn, + subscription_endpoint + from + aws_securitylake_subscriber + where + created_at <= created_at - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Lake diff --git a/queries/aws_securitylake_subscriber_3.yaml b/queries/aws_securitylake_subscriber_3.yaml index c412eedf0..d9cfcbf5c 100755 --- a/queries/aws_securitylake_subscriber_3.yaml +++ b/queries/aws_securitylake_subscriber_3.yaml @@ -1,7 +1,7 @@ ID: aws_securitylake_subscriber_3 Title: "List AWS Security Lake Subscriber Details and Roles" Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securitylake_subscriber_3.yaml.bak b/queries/aws_securitylake_subscriber_3.yaml.bak new file mode 100755 index 000000000..c412eedf0 --- /dev/null +++ b/queries/aws_securitylake_subscriber_3.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_securitylake_subscriber_3 +Title: "List AWS Security Lake Subscriber Details and Roles" +Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.subscriber_name, + s.subscription_id, + r.arn, + r.inline_policies, + r.attached_policy_arns, + r.assume_role_policy + from + aws_securitylake_subscriber as s, + aws_iam_role as r + where + s.role_arn = r.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Lake diff --git a/queries/aws_securitylake_subscriber_4.yaml b/queries/aws_securitylake_subscriber_4.yaml index 1fcd1740b..575759d96 100755 --- a/queries/aws_securitylake_subscriber_4.yaml +++ b/queries/aws_securitylake_subscriber_4.yaml @@ -1,7 +1,7 @@ ID: aws_securitylake_subscriber_4 Title: "Find all subscribers in AWS Security Lake with details" Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securitylake_subscriber_4.yaml.bak b/queries/aws_securitylake_subscriber_4.yaml.bak new file mode 100755 index 000000000..575759d96 --- /dev/null +++ b/queries/aws_securitylake_subscriber_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_securitylake_subscriber_4 +Title: "Find all subscribers in AWS Security Lake with details" +Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.subscriber_name, + s.subscription_id, + b.arn, + b.event_notification_configuration, + b.server_side_encryption_configuration, + b.acl + from + aws_securitylake_subscriber as s, + aws_s3_bucket as b + where + s.s3_bucket_arn = b.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Lake diff --git a/queries/aws_securitylake_subscriber_4.yaml.bak.bak b/queries/aws_securitylake_subscriber_4.yaml.bak.bak new file mode 100755 index 000000000..575759d96 --- /dev/null +++ b/queries/aws_securitylake_subscriber_4.yaml.bak.bak @@ -0,0 +1,32 @@ +ID: aws_securitylake_subscriber_4 +Title: "Find all subscribers in AWS Security Lake with details" +Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.subscriber_name, + s.subscription_id, + b.arn, + b.event_notification_configuration, + b.server_side_encryption_configuration, + b.acl + from + aws_securitylake_subscriber as s, + aws_s3_bucket as b + where + s.s3_bucket_arn = b.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Lake diff --git a/queries/aws_securitylake_subscriber_5.yaml b/queries/aws_securitylake_subscriber_5.yaml index b668cd344..046f6ad30 100755 --- a/queries/aws_securitylake_subscriber_5.yaml +++ b/queries/aws_securitylake_subscriber_5.yaml @@ -1,7 +1,7 @@ ID: aws_securitylake_subscriber_5 Title: "List all AWS Security Lake Subscriber Details" Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_securitylake_subscriber_5.yaml.bak b/queries/aws_securitylake_subscriber_5.yaml.bak new file mode 100755 index 000000000..b668cd344 --- /dev/null +++ b/queries/aws_securitylake_subscriber_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_securitylake_subscriber_5 +Title: "List all AWS Security Lake Subscriber Details" +Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + subscriber_name, + created_at, + subscription_status, + s3_bucket_arn, + sns_arn + from + aws_securitylake_subscriber + where + subscription_status <> 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Lake diff --git a/queries/aws_serverlessapplicationrepository_application_1.yaml b/queries/aws_serverlessapplicationrepository_application_1.yaml index 636895aa9..ccf6289b8 100755 --- a/queries/aws_serverlessapplicationrepository_application_1.yaml +++ b/queries/aws_serverlessapplicationrepository_application_1.yaml @@ -1,7 +1,7 @@ ID: aws_serverlessapplicationrepository_application_1 Title: "List AWS Serverless Application Repository Applications" Description: "Allows users to query AWS Serverless Application Repository Applications to fetch details like application name, status, author, description, labels, license URL, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_serverlessapplicationrepository_application_1.yaml.bak b/queries/aws_serverlessapplicationrepository_application_1.yaml.bak new file mode 100755 index 000000000..636895aa9 --- /dev/null +++ b/queries/aws_serverlessapplicationrepository_application_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_serverlessapplicationrepository_application_1 +Title: "List AWS Serverless Application Repository Applications" +Description: "Allows users to query AWS Serverless Application Repository Applications to fetch details like application name, status, author, description, labels, license URL, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + author, + creation_time, + description + from + aws_serverlessapplicationrepository_application; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Serverless Application Repository diff --git a/queries/aws_serverlessapplicationrepository_application_2.yaml b/queries/aws_serverlessapplicationrepository_application_2.yaml index 44b8955bb..96221897f 100755 --- a/queries/aws_serverlessapplicationrepository_application_2.yaml +++ b/queries/aws_serverlessapplicationrepository_application_2.yaml @@ -1,7 +1,7 @@ ID: aws_serverlessapplicationrepository_application_2 Title: "List AWS Serverless App Repo Applications by Verified Author" Description: "Allows users to query AWS Serverless Application Repository Applications to fetch details like application name, status, author, description, labels, license URL, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_serverlessapplicationrepository_application_2.yaml.bak b/queries/aws_serverlessapplicationrepository_application_2.yaml.bak new file mode 100755 index 000000000..44b8955bb --- /dev/null +++ b/queries/aws_serverlessapplicationrepository_application_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_serverlessapplicationrepository_application_2 +Title: "List AWS Serverless App Repo Applications by Verified Author" +Description: "Allows users to query AWS Serverless Application Repository Applications to fetch details like application name, status, author, description, labels, license URL, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + author, + is_verified_author + from + aws_serverlessapplicationrepository_application + where + is_verified_author; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Serverless Application Repository diff --git a/queries/aws_serverlessapplicationrepository_application_3.yaml b/queries/aws_serverlessapplicationrepository_application_3.yaml index 2ed98d82e..017ccd032 100755 --- a/queries/aws_serverlessapplicationrepository_application_3.yaml +++ b/queries/aws_serverlessapplicationrepository_application_3.yaml @@ -1,7 +1,7 @@ ID: aws_serverlessapplicationrepository_application_3 Title: "List all AWS Serverless Application Repository Applications" Description: "Allows users to query AWS Serverless Application Repository Applications to fetch details like application name, status, author, description, labels, license URL, creation time, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_serverlessapplicationrepository_application_3.yaml.bak b/queries/aws_serverlessapplicationrepository_application_3.yaml.bak new file mode 100755 index 000000000..2ed98d82e --- /dev/null +++ b/queries/aws_serverlessapplicationrepository_application_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_serverlessapplicationrepository_application_3 +Title: "List all AWS Serverless Application Repository Applications" +Description: "Allows users to query AWS Serverless Application Repository Applications to fetch details like application name, status, author, description, labels, license URL, creation time, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + jsonb_pretty(statement -> 'Actions') as actions, + jsonb_pretty(statement -> 'PrincipalOrgIDs') as principal_org_ids, + jsonb_pretty(statement -> 'Principals') as principals, + statement ->> 'StatementId' as statement_id + from + aws_serverlessapplicationrepository_application, + jsonb_array_elements(statements) as statement; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Serverless Application Repository diff --git a/queries/aws_service_discovery_instance_1.yaml b/queries/aws_service_discovery_instance_1.yaml index a0d9bf5e6..075e48006 100755 --- a/queries/aws_service_discovery_instance_1.yaml +++ b/queries/aws_service_discovery_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_instance_1 Title: "Find AWS Cloud Map Service Instances and Health Information" Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_instance_1.yaml.bak b/queries/aws_service_discovery_instance_1.yaml.bak new file mode 100755 index 000000000..a0d9bf5e6 --- /dev/null +++ b/queries/aws_service_discovery_instance_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_service_discovery_instance_1 +Title: "Find AWS Cloud Map Service Instances and Health Information" +Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + service_id, + ec2_instance_id, + attributes + from + aws_service_discovery_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Map diff --git a/queries/aws_service_discovery_instance_2.yaml b/queries/aws_service_discovery_instance_2.yaml index d75822f62..6ec622fed 100755 --- a/queries/aws_service_discovery_instance_2.yaml +++ b/queries/aws_service_discovery_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_instance_2 Title: "Find Unhealthy AWS Cloud Map Service Instances" Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_instance_2.yaml.bak b/queries/aws_service_discovery_instance_2.yaml.bak new file mode 100755 index 000000000..d75822f62 --- /dev/null +++ b/queries/aws_service_discovery_instance_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_service_discovery_instance_2 +Title: "Find Unhealthy AWS Cloud Map Service Instances" +Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + service_id, + init_health_status + from + aws_service_discovery_instance + where + init_health_status = 'UNHEALTHY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Map Service diff --git a/queries/aws_service_discovery_instance_3.yaml b/queries/aws_service_discovery_instance_3.yaml index 21533b48c..d02d4a6e0 100755 --- a/queries/aws_service_discovery_instance_3.yaml +++ b/queries/aws_service_discovery_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_instance_3 Title: "List all AWS Cloud Map Service Instances with Details" Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_instance_3.yaml.bak b/queries/aws_service_discovery_instance_3.yaml.bak new file mode 100755 index 000000000..21533b48c --- /dev/null +++ b/queries/aws_service_discovery_instance_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_service_discovery_instance_3 +Title: "List all AWS Cloud Map Service Instances with Details" +Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_id, + count(id) + from + aws_service_discovery_instance + group by + service_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cloud Map diff --git a/queries/aws_service_discovery_instance_4.yaml b/queries/aws_service_discovery_instance_4.yaml index 325091a61..70c645b68 100755 --- a/queries/aws_service_discovery_instance_4.yaml +++ b/queries/aws_service_discovery_instance_4.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_instance_4 Title: "List all AWS Cloud Map Service Instances with Details" Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_instance_4.yaml.bak b/queries/aws_service_discovery_instance_4.yaml.bak new file mode 100755 index 000000000..325091a61 --- /dev/null +++ b/queries/aws_service_discovery_instance_4.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_service_discovery_instance_4 +Title: "List all AWS Cloud Map Service Instances with Details" +Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i.id, + i.service_id, + s.name as service_name, + s.create_date as service_create_date, + s.namespace_id, + s.type + from + aws_service_discovery_instance as i, + aws_service_discovery_service as s + where + s.id = i.service_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Cloud Map diff --git a/queries/aws_service_discovery_instance_5.yaml b/queries/aws_service_discovery_instance_5.yaml index 6f8ea0c2c..0fc727332 100755 --- a/queries/aws_service_discovery_instance_5.yaml +++ b/queries/aws_service_discovery_instance_5.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_instance_5 Title: "List AWS Cloud Map Service Instances and Health Status" Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_instance_5.yaml.bak b/queries/aws_service_discovery_instance_5.yaml.bak new file mode 100755 index 000000000..0fc727332 --- /dev/null +++ b/queries/aws_service_discovery_instance_5.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_service_discovery_instance_5 +Title: "List AWS Cloud Map Service Instances and Health Status" +Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i.id, + i.service_id, + i.ec2_instance_id, + ei.instance_type, + ei.instance_state, + ei.launch_time + from + aws_service_discovery_instance as i, + aws_ec2_instance as ei + where + i.ec2_instance_id is not null + and + ei.instance_id = i.ec2_instance_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Map diff --git a/queries/aws_service_discovery_instance_5.yaml.bak.bak b/queries/aws_service_discovery_instance_5.yaml.bak.bak new file mode 100755 index 000000000..0fc727332 --- /dev/null +++ b/queries/aws_service_discovery_instance_5.yaml.bak.bak @@ -0,0 +1,34 @@ +ID: aws_service_discovery_instance_5 +Title: "List AWS Cloud Map Service Instances and Health Status" +Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i.id, + i.service_id, + i.ec2_instance_id, + ei.instance_type, + ei.instance_state, + ei.launch_time + from + aws_service_discovery_instance as i, + aws_ec2_instance as ei + where + i.ec2_instance_id is not null + and + ei.instance_id = i.ec2_instance_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Map diff --git a/queries/aws_service_discovery_instance_6.yaml b/queries/aws_service_discovery_instance_6.yaml index 22830ffa1..979347564 100755 --- a/queries/aws_service_discovery_instance_6.yaml +++ b/queries/aws_service_discovery_instance_6.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_instance_6 Title: "Find AWS Cloud Map Service Instances and Their Details" Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_instance_6.yaml.bak b/queries/aws_service_discovery_instance_6.yaml.bak new file mode 100755 index 000000000..22830ffa1 --- /dev/null +++ b/queries/aws_service_discovery_instance_6.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_service_discovery_instance_6 +Title: "Find AWS Cloud Map Service Instances and Their Details" +Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + service_id, + ec2_instance_id, + instance_ipv4, + instance_ipv6, + instance_port + from + aws_service_discovery_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Map diff --git a/queries/aws_service_discovery_namespace_1.yaml b/queries/aws_service_discovery_namespace_1.yaml index fab85a51b..f5c567c26 100755 --- a/queries/aws_service_discovery_namespace_1.yaml +++ b/queries/aws_service_discovery_namespace_1.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_namespace_1 Title: "Find AWS Cloud Map Service Discovery Namespaces" Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_namespace_1.yaml.bak b/queries/aws_service_discovery_namespace_1.yaml.bak new file mode 100755 index 000000000..fab85a51b --- /dev/null +++ b/queries/aws_service_discovery_namespace_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_service_discovery_namespace_1 +Title: "Find AWS Cloud Map Service Discovery Namespaces" +Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + type, + region + from + aws_service_discovery_namespace; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Map diff --git a/queries/aws_service_discovery_namespace_2.yaml b/queries/aws_service_discovery_namespace_2.yaml index b0be2a40d..7fdddb8b9 100755 --- a/queries/aws_service_discovery_namespace_2.yaml +++ b/queries/aws_service_discovery_namespace_2.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_namespace_2 Title: "Find AWS Cloud Map Service Discovery Namespace Details" Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_namespace_2.yaml.bak b/queries/aws_service_discovery_namespace_2.yaml.bak new file mode 100755 index 000000000..b0be2a40d --- /dev/null +++ b/queries/aws_service_discovery_namespace_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_service_discovery_namespace_2 +Title: "Find AWS Cloud Map Service Discovery Namespace Details" +Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + type, + service_count + from + aws_service_discovery_namespace + where + type ilike '%private%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Map diff --git a/queries/aws_service_discovery_namespace_3.yaml b/queries/aws_service_discovery_namespace_3.yaml index 1d59f4b96..f34df6425 100755 --- a/queries/aws_service_discovery_namespace_3.yaml +++ b/queries/aws_service_discovery_namespace_3.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_namespace_3 Title: "List all AWS Cloud Map Service Discovery Namespaces" Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_namespace_3.yaml.bak b/queries/aws_service_discovery_namespace_3.yaml.bak new file mode 100755 index 000000000..1d59f4b96 --- /dev/null +++ b/queries/aws_service_discovery_namespace_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_service_discovery_namespace_3 +Title: "List all AWS Cloud Map Service Discovery Namespaces" +Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + type, + service_count + from + aws_service_discovery_namespace + where + type = 'HTTP'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Map diff --git a/queries/aws_service_discovery_namespace_4.yaml b/queries/aws_service_discovery_namespace_4.yaml index db1f0f5b3..f0ba554f4 100755 --- a/queries/aws_service_discovery_namespace_4.yaml +++ b/queries/aws_service_discovery_namespace_4.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_namespace_4 Title: "List all AWS Cloud Map Service Discovery Namespaces" Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_namespace_4.yaml.bak b/queries/aws_service_discovery_namespace_4.yaml.bak new file mode 100755 index 000000000..db1f0f5b3 --- /dev/null +++ b/queries/aws_service_discovery_namespace_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_service_discovery_namespace_4 +Title: "List all AWS Cloud Map Service Discovery Namespaces" +Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + description, + create_date + from + aws_service_discovery_namespace + where + create_date >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Map Service Discovery diff --git a/queries/aws_service_discovery_namespace_5.yaml b/queries/aws_service_discovery_namespace_5.yaml index db99cf83c..22dd8309f 100755 --- a/queries/aws_service_discovery_namespace_5.yaml +++ b/queries/aws_service_discovery_namespace_5.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_namespace_5 Title: "List AWS Cloud Map Service Discovery Namespace Details" Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_namespace_5.yaml.bak b/queries/aws_service_discovery_namespace_5.yaml.bak new file mode 100755 index 000000000..db99cf83c --- /dev/null +++ b/queries/aws_service_discovery_namespace_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_service_discovery_namespace_5 +Title: "List AWS Cloud Map Service Discovery Namespace Details" +Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + http_properties ->> 'HttpName' as http_name + from + aws_service_discovery_namespace + where + type = 'HTTP'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Map diff --git a/queries/aws_service_discovery_namespace_6.yaml b/queries/aws_service_discovery_namespace_6.yaml index cefa0d160..754787927 100755 --- a/queries/aws_service_discovery_namespace_6.yaml +++ b/queries/aws_service_discovery_namespace_6.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_namespace_6 Title: "List AWS Cloud Map Service Discovery Namespaces" Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_namespace_6.yaml.bak b/queries/aws_service_discovery_namespace_6.yaml.bak new file mode 100755 index 000000000..cefa0d160 --- /dev/null +++ b/queries/aws_service_discovery_namespace_6.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_service_discovery_namespace_6 +Title: "List AWS Cloud Map Service Discovery Namespaces" +Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + dns_properties ->> 'HostedZoneId' as HostedZoneId, + dns_properties -> 'SOA' ->> 'TTL' as ttl + from + aws_service_discovery_namespace + where + type = 'DNS_PRIVATE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Map diff --git a/queries/aws_service_discovery_namespace_7.yaml b/queries/aws_service_discovery_namespace_7.yaml index d4b0901de..ab5f61765 100755 --- a/queries/aws_service_discovery_namespace_7.yaml +++ b/queries/aws_service_discovery_namespace_7.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_namespace_7 Title: "List all AWS Cloud Map Service Discovery Namespaces" Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_namespace_7.yaml.bak b/queries/aws_service_discovery_namespace_7.yaml.bak new file mode 100755 index 000000000..ab5f61765 --- /dev/null +++ b/queries/aws_service_discovery_namespace_7.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_service_discovery_namespace_7 +Title: "List all AWS Cloud Map Service Discovery Namespaces" +Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + type, + count(type) + from + aws_service_discovery_namespace + group by + type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Map Service Discovery diff --git a/queries/aws_service_discovery_namespace_7.yaml.bak.bak b/queries/aws_service_discovery_namespace_7.yaml.bak.bak new file mode 100755 index 000000000..ab5f61765 --- /dev/null +++ b/queries/aws_service_discovery_namespace_7.yaml.bak.bak @@ -0,0 +1,25 @@ +ID: aws_service_discovery_namespace_7 +Title: "List all AWS Cloud Map Service Discovery Namespaces" +Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + type, + count(type) + from + aws_service_discovery_namespace + group by + type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Cloud Map Service Discovery diff --git a/queries/aws_service_discovery_service_1.yaml b/queries/aws_service_discovery_service_1.yaml index d54f6dc18..351656d51 100755 --- a/queries/aws_service_discovery_service_1.yaml +++ b/queries/aws_service_discovery_service_1.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_service_1 Title: "Find AWS Service Discovery Services and Details" Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_service_1.yaml.bak b/queries/aws_service_discovery_service_1.yaml.bak new file mode 100755 index 000000000..d54f6dc18 --- /dev/null +++ b/queries/aws_service_discovery_service_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_service_discovery_service_1 +Title: "Find AWS Service Discovery Services and Details" +Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + type, + region + from + aws_service_discovery_service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Service Discovery Service diff --git a/queries/aws_service_discovery_service_2.yaml b/queries/aws_service_discovery_service_2.yaml index 362117efb..647314527 100755 --- a/queries/aws_service_discovery_service_2.yaml +++ b/queries/aws_service_discovery_service_2.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_service_2 Title: "Find AWS Service Discovery Services registered with Cloud Map" Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_service_2.yaml.bak b/queries/aws_service_discovery_service_2.yaml.bak new file mode 100755 index 000000000..362117efb --- /dev/null +++ b/queries/aws_service_discovery_service_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_service_discovery_service_2 +Title: "Find AWS Service Discovery Services registered with Cloud Map" +Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + type, + create_date + from + aws_service_discovery_service + where + type ilike '%dns%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Service Discovery diff --git a/queries/aws_service_discovery_service_3.yaml b/queries/aws_service_discovery_service_3.yaml index 970393925..3945c6b23 100755 --- a/queries/aws_service_discovery_service_3.yaml +++ b/queries/aws_service_discovery_service_3.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_service_3 Title: "Find all AWS Cloud Map resources by type" Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_service_3.yaml.bak b/queries/aws_service_discovery_service_3.yaml.bak new file mode 100755 index 000000000..970393925 --- /dev/null +++ b/queries/aws_service_discovery_service_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_service_discovery_service_3 +Title: "Find all AWS Cloud Map resources by type" +Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + type, + description + from + aws_service_discovery_service + where + type = 'HTTP'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Discovery diff --git a/queries/aws_service_discovery_service_4.yaml b/queries/aws_service_discovery_service_4.yaml index c59d1dce3..d9e228c73 100755 --- a/queries/aws_service_discovery_service_4.yaml +++ b/queries/aws_service_discovery_service_4.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_service_4 Title: "List all AWS Service Discovery Resources in Last 30 Days" Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_service_4.yaml.bak b/queries/aws_service_discovery_service_4.yaml.bak new file mode 100755 index 000000000..c59d1dce3 --- /dev/null +++ b/queries/aws_service_discovery_service_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_service_discovery_service_4 +Title: "List all AWS Service Discovery Resources in Last 30 Days" +Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + description, + create_date + from + aws_service_discovery_service + where + create_date >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Discovery diff --git a/queries/aws_service_discovery_service_5.yaml b/queries/aws_service_discovery_service_5.yaml index 8293b7a84..c7f8a0d47 100755 --- a/queries/aws_service_discovery_service_5.yaml +++ b/queries/aws_service_discovery_service_5.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_service_5 Title: "Find Details of Registered AWS resources Using SQL" Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_service_5.yaml.bak b/queries/aws_service_discovery_service_5.yaml.bak new file mode 100755 index 000000000..8293b7a84 --- /dev/null +++ b/queries/aws_service_discovery_service_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_service_discovery_service_5 +Title: "Find Details of Registered AWS resources Using SQL" +Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + type, + count(type) + from + aws_service_discovery_service + group by + type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Discovery diff --git a/queries/aws_service_discovery_service_6.yaml b/queries/aws_service_discovery_service_6.yaml index a12be8df3..59d67441d 100755 --- a/queries/aws_service_discovery_service_6.yaml +++ b/queries/aws_service_discovery_service_6.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_service_6 Title: "Find all AWS resources registered with Cloud Map" Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_service_6.yaml.bak b/queries/aws_service_discovery_service_6.yaml.bak new file mode 100755 index 000000000..a12be8df3 --- /dev/null +++ b/queries/aws_service_discovery_service_6.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_service_discovery_service_6 +Title: "Find all AWS resources registered with Cloud Map" +Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + health_check_config ->> 'Type' as health_check_type, + health_check_config ->> 'FailureThreshold' as failure_threshold, + health_check_config ->> 'ResourcePath' as resource_path + from + aws_service_discovery_service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Discovery diff --git a/queries/aws_service_discovery_service_7.yaml b/queries/aws_service_discovery_service_7.yaml index 42954aa55..ab3159efb 100755 --- a/queries/aws_service_discovery_service_7.yaml +++ b/queries/aws_service_discovery_service_7.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_service_7 Title: "Find AWS Service Discovery Service Resource Details" Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_service_7.yaml.bak b/queries/aws_service_discovery_service_7.yaml.bak new file mode 100755 index 000000000..42954aa55 --- /dev/null +++ b/queries/aws_service_discovery_service_7.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_service_discovery_service_7 +Title: "Find AWS Service Discovery Service Resource Details" +Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + health_check_custom_config ->> 'FailureThreshold' as failure_threshold + from + aws_service_discovery_service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Discovery diff --git a/queries/aws_service_discovery_service_8.yaml b/queries/aws_service_discovery_service_8.yaml index 3fca40233..a658a3657 100755 --- a/queries/aws_service_discovery_service_8.yaml +++ b/queries/aws_service_discovery_service_8.yaml @@ -1,7 +1,7 @@ ID: aws_service_discovery_service_8 Title: "List all AWS Service Discovery resources using SQL" Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_service_discovery_service_8.yaml.bak b/queries/aws_service_discovery_service_8.yaml.bak new file mode 100755 index 000000000..3fca40233 --- /dev/null +++ b/queries/aws_service_discovery_service_8.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_service_discovery_service_8 +Title: "List all AWS Service Discovery resources using SQL" +Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.name, + s.id, + s.namespace_id, + n.service_count, + n.type as namespace_type, + n.dns_properties + from + aws_service_discovery_service as s, + aws_service_discovery_namespace as n; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Service Discovery diff --git a/queries/aws_servicecatalog_portfolio_1.yaml b/queries/aws_servicecatalog_portfolio_1.yaml index 9a0b66a36..ee5b163bc 100755 --- a/queries/aws_servicecatalog_portfolio_1.yaml +++ b/queries/aws_servicecatalog_portfolio_1.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_portfolio_1 Title: "List Service Catalog Portfolios in AWS" Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_portfolio_1.yaml.bak b/queries/aws_servicecatalog_portfolio_1.yaml.bak new file mode 100755 index 000000000..9a0b66a36 --- /dev/null +++ b/queries/aws_servicecatalog_portfolio_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_servicecatalog_portfolio_1 +Title: "List Service Catalog Portfolios in AWS" +Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + display_name, + id, + arn, + region, + akas + from + aws_servicecatalog_portfolio; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Service Catalog diff --git a/queries/aws_servicecatalog_portfolio_2.yaml b/queries/aws_servicecatalog_portfolio_2.yaml index 05625bf28..a9cf14222 100755 --- a/queries/aws_servicecatalog_portfolio_2.yaml +++ b/queries/aws_servicecatalog_portfolio_2.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_portfolio_2 Title: "Find AWS Service Catalog Portfolio Details" Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_portfolio_2.yaml.bak b/queries/aws_servicecatalog_portfolio_2.yaml.bak new file mode 100755 index 000000000..05625bf28 --- /dev/null +++ b/queries/aws_servicecatalog_portfolio_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_servicecatalog_portfolio_2 +Title: "Find AWS Service Catalog Portfolio Details" +Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + display_name, + id, + description, + provider_name + from + aws_servicecatalog_portfolio + where + provider_name = 'my-portfolio'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicecatalog_portfolio_3.yaml b/queries/aws_servicecatalog_portfolio_3.yaml index a52bb7794..fac44fcd1 100755 --- a/queries/aws_servicecatalog_portfolio_3.yaml +++ b/queries/aws_servicecatalog_portfolio_3.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_portfolio_3 Title: "Find AWS Service Catalog Portfolio Details in Last 30 Days" Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_portfolio_3.yaml.bak b/queries/aws_servicecatalog_portfolio_3.yaml.bak new file mode 100755 index 000000000..a52bb7794 --- /dev/null +++ b/queries/aws_servicecatalog_portfolio_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_servicecatalog_portfolio_3 +Title: "Find AWS Service Catalog Portfolio Details in Last 30 Days" +Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + display_name, + id, + description, + created_time + from + aws_servicecatalog_portfolio + where + created_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicecatalog_portfolio_4.yaml b/queries/aws_servicecatalog_portfolio_4.yaml index 4c2cb9a23..ddc647300 100755 --- a/queries/aws_servicecatalog_portfolio_4.yaml +++ b/queries/aws_servicecatalog_portfolio_4.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_portfolio_4 Title: "Find AWS Service Catalog Portfolio Details Using SQL" Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_portfolio_4.yaml.bak b/queries/aws_servicecatalog_portfolio_4.yaml.bak new file mode 100755 index 000000000..4c2cb9a23 --- /dev/null +++ b/queries/aws_servicecatalog_portfolio_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_servicecatalog_portfolio_4 +Title: "Find AWS Service Catalog Portfolio Details Using SQL" +Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + sp.display_name, + sp.id, + b ->> 'BudgetName' as budget_name + from + aws_servicecatalog_portfolio as sp, + jsonb_array_elements(budgets) as b; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicecatalog_product_1.yaml b/queries/aws_servicecatalog_product_1.yaml index 53afd3f0e..56a931550 100755 --- a/queries/aws_servicecatalog_product_1.yaml +++ b/queries/aws_servicecatalog_product_1.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_product_1 Title: "List all AWS Service Catalog Product Details and Metadata" Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_product_1.yaml.bak b/queries/aws_servicecatalog_product_1.yaml.bak new file mode 100755 index 000000000..53afd3f0e --- /dev/null +++ b/queries/aws_servicecatalog_product_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_servicecatalog_product_1 +Title: "List all AWS Service Catalog Product Details and Metadata" +Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + product_id, + type, + akas, + support_url, + support_email + from + aws_servicecatalog_product; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicecatalog_product_2.yaml b/queries/aws_servicecatalog_product_2.yaml index 899d8d71f..33ee55d10 100755 --- a/queries/aws_servicecatalog_product_2.yaml +++ b/queries/aws_servicecatalog_product_2.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_product_2 Title: "Find all AWS Service Catalog Product Details" Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_product_2.yaml.bak b/queries/aws_servicecatalog_product_2.yaml.bak new file mode 100755 index 000000000..899d8d71f --- /dev/null +++ b/queries/aws_servicecatalog_product_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_servicecatalog_product_2 +Title: "Find all AWS Service Catalog Product Details" +Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + product_id, + type, + distributor, + owner, + has_default_path + from + aws_servicecatalog_product + where + has_default_path; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicecatalog_product_3.yaml b/queries/aws_servicecatalog_product_3.yaml index 455994e3a..3bc2aa7cb 100755 --- a/queries/aws_servicecatalog_product_3.yaml +++ b/queries/aws_servicecatalog_product_3.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_product_3 Title: "Find all AWS Service Catalog Product Details with Metadata" Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_product_3.yaml.bak b/queries/aws_servicecatalog_product_3.yaml.bak new file mode 100755 index 000000000..455994e3a --- /dev/null +++ b/queries/aws_servicecatalog_product_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_servicecatalog_product_3 +Title: "Find all AWS Service Catalog Product Details with Metadata" +Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + product_id, + type, + support_url, + support_description + from + aws_servicecatalog_product + where + type = 'MARKETPLACE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicecatalog_product_4.yaml b/queries/aws_servicecatalog_product_4.yaml index 43b883839..ce793df22 100755 --- a/queries/aws_servicecatalog_product_4.yaml +++ b/queries/aws_servicecatalog_product_4.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_product_4 Title: "List all AWS Service Catalog Product details" Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_product_4.yaml.bak b/queries/aws_servicecatalog_product_4.yaml.bak new file mode 100755 index 000000000..43b883839 --- /dev/null +++ b/queries/aws_servicecatalog_product_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_servicecatalog_product_4 +Title: "List all AWS Service Catalog Product details" +Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + sp.name, + sp.id, + sp.owner, + sp.product_id, + sp.short_description, + b ->> 'BudgetName' as budget_name + from + aws_servicecatalog_product as sp, + jsonb_array_elements(budgets) as b; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicecatalog_product_5.yaml b/queries/aws_servicecatalog_product_5.yaml index a4c64d093..e5903f840 100755 --- a/queries/aws_servicecatalog_product_5.yaml +++ b/queries/aws_servicecatalog_product_5.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_product_5 Title: "List all AWS Service Catalog Product Details" Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_product_5.yaml.bak b/queries/aws_servicecatalog_product_5.yaml.bak new file mode 100755 index 000000000..a4c64d093 --- /dev/null +++ b/queries/aws_servicecatalog_product_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_servicecatalog_product_5 +Title: "List all AWS Service Catalog Product Details" +Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + owner, + short_description, + l ->> 'Id' as launch_path_id, + l ->> 'Name' as launch_path_name + from + aws_servicecatalog_product, + jsonb_array_elements(launch_paths) as l; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicecatalog_product_6.yaml b/queries/aws_servicecatalog_product_6.yaml index 24cb69d7b..6295837e5 100755 --- a/queries/aws_servicecatalog_product_6.yaml +++ b/queries/aws_servicecatalog_product_6.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_product_6 Title: "List AWS Service Catalog Product Data Including Details and Metadata" Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_product_6.yaml.bak b/queries/aws_servicecatalog_product_6.yaml.bak new file mode 100755 index 000000000..24cb69d7b --- /dev/null +++ b/queries/aws_servicecatalog_product_6.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_servicecatalog_product_6 +Title: "List AWS Service Catalog Product Data Including Details and Metadata" +Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + p ->> 'Id' as provisioning_artifact_id, + p ->> 'Name' as provisioning_artifact_name, + p ->> 'CreatedTime' as provisioning_artifact_created_time, + p ->> 'Description' as provisioning_artifact_description, + p ->> 'Guidance' as provisioning_artifact_guidance + from + aws_servicecatalog_product, + jsonb_array_elements(provisioning_artifacts) as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicecatalog_provisioned_product_1.yaml b/queries/aws_servicecatalog_provisioned_product_1.yaml index 8907c4a1e..f1a271a3e 100755 --- a/queries/aws_servicecatalog_provisioned_product_1.yaml +++ b/queries/aws_servicecatalog_provisioned_product_1.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_provisioned_product_1 Title: "Find AWS Service Catalog Provisioned Product Details" Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_provisioned_product_1.yaml.bak b/queries/aws_servicecatalog_provisioned_product_1.yaml.bak new file mode 100755 index 000000000..8907c4a1e --- /dev/null +++ b/queries/aws_servicecatalog_provisioned_product_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_servicecatalog_provisioned_product_1 +Title: "Find AWS Service Catalog Provisioned Product Details" +Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + type, + product_id, + status, + created_time, + last_provisioning_record_id + from + aws_servicecatalog_provisioned_product; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicecatalog_provisioned_product_2.yaml b/queries/aws_servicecatalog_provisioned_product_2.yaml index 1d14dd344..6e52504f2 100755 --- a/queries/aws_servicecatalog_provisioned_product_2.yaml +++ b/queries/aws_servicecatalog_provisioned_product_2.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_provisioned_product_2 Title: "Find all AWS Service Catalog Provisioned Product details" Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_provisioned_product_2.yaml.bak b/queries/aws_servicecatalog_provisioned_product_2.yaml.bak new file mode 100755 index 000000000..1d14dd344 --- /dev/null +++ b/queries/aws_servicecatalog_provisioned_product_2.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_servicecatalog_provisioned_product_2 +Title: "Find all AWS Service Catalog Provisioned Product details" +Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + type, + product_id, + status, + created_time, + last_provisioning_record_id + from + aws_servicecatalog_provisioned_product + where + created_time >= (current_date - interval '7' day) + order by + created_time; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicecatalog_provisioned_product_3.yaml b/queries/aws_servicecatalog_provisioned_product_3.yaml index 52ba7b0dc..618a45ba6 100755 --- a/queries/aws_servicecatalog_provisioned_product_3.yaml +++ b/queries/aws_servicecatalog_provisioned_product_3.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_provisioned_product_3 Title: "List AWS Service Catalog Provisioned Products with Details" Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_provisioned_product_3.yaml.bak b/queries/aws_servicecatalog_provisioned_product_3.yaml.bak new file mode 100755 index 000000000..52ba7b0dc --- /dev/null +++ b/queries/aws_servicecatalog_provisioned_product_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_servicecatalog_provisioned_product_3 +Title: "List AWS Service Catalog Provisioned Products with Details" +Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + type, + product_id, + status, + created_time, + last_provisioning_record_id + from + aws_servicecatalog_provisioned_product + where + last_successful_provisioning_record_id is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicecatalog_provisioned_product_4.yaml b/queries/aws_servicecatalog_provisioned_product_4.yaml index 4c2aef01d..8b70994dd 100755 --- a/queries/aws_servicecatalog_provisioned_product_4.yaml +++ b/queries/aws_servicecatalog_provisioned_product_4.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_provisioned_product_4 Title: "List all AWS Service Catalog Provisioned Product details" Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_provisioned_product_4.yaml.bak b/queries/aws_servicecatalog_provisioned_product_4.yaml.bak new file mode 100755 index 000000000..4c2aef01d --- /dev/null +++ b/queries/aws_servicecatalog_provisioned_product_4.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_servicecatalog_provisioned_product_4 +Title: "List all AWS Service Catalog Provisioned Product details" +Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + pr.id as provisioning_id, + p.name as product_name, + p.id as product_view_id, + p.product_id, + p.type as product_type, + p.support_url as product_support_url, + p.support_email as product_support_email + from + aws_servicecatalog_provisioned_product as pr, + aws_servicecatalog_product as p + where + pr.product_id = p.product_id + and last_successful_provisioning_record_id is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicecatalog_provisioned_product_5.yaml b/queries/aws_servicecatalog_provisioned_product_5.yaml index 03b1d4c1a..e6751af6f 100755 --- a/queries/aws_servicecatalog_provisioned_product_5.yaml +++ b/queries/aws_servicecatalog_provisioned_product_5.yaml @@ -1,7 +1,7 @@ ID: aws_servicecatalog_provisioned_product_5 Title: "List AWS Service Catalog Provisioned Product Details" Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicecatalog_provisioned_product_5.yaml.bak b/queries/aws_servicecatalog_provisioned_product_5.yaml.bak new file mode 100755 index 000000000..03b1d4c1a --- /dev/null +++ b/queries/aws_servicecatalog_provisioned_product_5.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_servicecatalog_provisioned_product_5 +Title: "List AWS Service Catalog Provisioned Product Details" +Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + arn, + type, + product_id, + status, + created_time, + last_provisioning_record_id + from + aws_servicecatalog_provisioned_product + where + type = 'CFN_STACK' + and last_successful_provisioning_record_id is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Catalog diff --git a/queries/aws_servicequotas_default_service_quota_1.yaml b/queries/aws_servicequotas_default_service_quota_1.yaml index 613bfd43d..593bdc05b 100755 --- a/queries/aws_servicequotas_default_service_quota_1.yaml +++ b/queries/aws_servicequotas_default_service_quota_1.yaml @@ -1,7 +1,7 @@ ID: aws_servicequotas_default_service_quota_1 Title: "List all AWS Service Quotas Default Values" Description: "Allows users to query AWS Service Quotas Default Service Quota to retrieve information about the default values of service quotas for AWS services." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicequotas_default_service_quota_1.yaml.bak b/queries/aws_servicequotas_default_service_quota_1.yaml.bak new file mode 100755 index 000000000..613bfd43d --- /dev/null +++ b/queries/aws_servicequotas_default_service_quota_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_servicequotas_default_service_quota_1 +Title: "List all AWS Service Quotas Default Values" +Description: "Allows users to query AWS Service Quotas Default Service Quota to retrieve information about the default values of service quotas for AWS services." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + quota_name, + quota_code, + quota_arn, + service_name, + service_code, + value + from + aws_servicequotas_default_service_quota; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Quotas diff --git a/queries/aws_servicequotas_default_service_quota_2.yaml b/queries/aws_servicequotas_default_service_quota_2.yaml index fb8e2c33f..a53506fbf 100755 --- a/queries/aws_servicequotas_default_service_quota_2.yaml +++ b/queries/aws_servicequotas_default_service_quota_2.yaml @@ -1,7 +1,7 @@ ID: aws_servicequotas_default_service_quota_2 Title: "List all Default AWS Service Quotas using SQL" Description: "Allows users to query AWS Service Quotas Default Service Quota to retrieve information about the default values of service quotas for AWS services." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicequotas_default_service_quota_2.yaml.bak b/queries/aws_servicequotas_default_service_quota_2.yaml.bak new file mode 100755 index 000000000..fb8e2c33f --- /dev/null +++ b/queries/aws_servicequotas_default_service_quota_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_servicequotas_default_service_quota_2 +Title: "List all Default AWS Service Quotas using SQL" +Description: "Allows users to query AWS Service Quotas Default Service Quota to retrieve information about the default values of service quotas for AWS services." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + quota_name, + quota_code, + quota_arn, + service_name, + service_code, + value + from + aws_servicequotas_default_service_quota + where + global_quota; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Quotas diff --git a/queries/aws_servicequotas_default_service_quota_3.yaml b/queries/aws_servicequotas_default_service_quota_3.yaml index 8ce6a85d6..6f49d9926 100755 --- a/queries/aws_servicequotas_default_service_quota_3.yaml +++ b/queries/aws_servicequotas_default_service_quota_3.yaml @@ -1,7 +1,7 @@ ID: aws_servicequotas_default_service_quota_3 Title: "Find AWS Default Service Quotas for Services" Description: "Allows users to query AWS Service Quotas Default Service Quota to retrieve information about the default values of service quotas for AWS services." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicequotas_default_service_quota_3.yaml.bak b/queries/aws_servicequotas_default_service_quota_3.yaml.bak new file mode 100755 index 000000000..8ce6a85d6 --- /dev/null +++ b/queries/aws_servicequotas_default_service_quota_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_servicequotas_default_service_quota_3 +Title: "Find AWS Default Service Quotas for Services" +Description: "Allows users to query AWS Service Quotas Default Service Quota to retrieve information about the default values of service quotas for AWS services." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + quota_name, + quota_code, + quota_arn, + service_name, + service_code, + value + from + aws_servicequotas_default_service_quota + where + service_code = 'athena'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Quotas diff --git a/queries/aws_servicequotas_service_1.yaml b/queries/aws_servicequotas_service_1.yaml index 10e60c5a3..0b9489b0b 100755 --- a/queries/aws_servicequotas_service_1.yaml +++ b/queries/aws_servicequotas_service_1.yaml @@ -1,7 +1,7 @@ ID: aws_servicequotas_service_1 Title: "List all AWS Service Quotas with detailed service info" Description: "Allows users to query AWS Service Quotas services, providing detailed information about each service''s code and name." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicequotas_service_1.yaml.bak b/queries/aws_servicequotas_service_1.yaml.bak new file mode 100755 index 000000000..10e60c5a3 --- /dev/null +++ b/queries/aws_servicequotas_service_1.yaml.bak @@ -0,0 +1,23 @@ +ID: aws_servicequotas_service_1 +Title: "List all AWS Service Quotas with detailed service info" +Description: "Allows users to query AWS Service Quotas services, providing detailed information about each service''s code and name." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select distinct + service_code, + service_name + from + aws_servicequotas_service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Quotas diff --git a/queries/aws_servicequotas_service_2.yaml b/queries/aws_servicequotas_service_2.yaml index 377d97c83..cda54e720 100755 --- a/queries/aws_servicequotas_service_2.yaml +++ b/queries/aws_servicequotas_service_2.yaml @@ -1,7 +1,7 @@ ID: aws_servicequotas_service_2 Title: "Find AWS Service Quota Service Codes for CloudTrail" Description: "Allows users to query AWS Service Quotas services, providing detailed information about each service''s code and name." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicequotas_service_2.yaml.bak b/queries/aws_servicequotas_service_2.yaml.bak new file mode 100755 index 000000000..377d97c83 --- /dev/null +++ b/queries/aws_servicequotas_service_2.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_servicequotas_service_2 +Title: "Find AWS Service Quota Service Codes for CloudTrail" +Description: "Allows users to query AWS Service Quotas services, providing detailed information about each service''s code and name." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select distinct + service_code + from + aws_servicequotas_service + where + service_name = 'AWS CloudTrail'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Quotas diff --git a/queries/aws_servicequotas_service_quota_1.yaml b/queries/aws_servicequotas_service_quota_1.yaml index 67d600199..a7e8881ee 100755 --- a/queries/aws_servicequotas_service_quota_1.yaml +++ b/queries/aws_servicequotas_service_quota_1.yaml @@ -1,7 +1,7 @@ ID: aws_servicequotas_service_quota_1 Title: "List all AWS Service Quotas with Values and Details" Description: "Allows users to query AWS Service Quotas, providing detailed information about each quota''s value, default value, and whether it''s adjustable." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicequotas_service_quota_1.yaml.bak b/queries/aws_servicequotas_service_quota_1.yaml.bak new file mode 100755 index 000000000..67d600199 --- /dev/null +++ b/queries/aws_servicequotas_service_quota_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_servicequotas_service_quota_1 +Title: "List all AWS Service Quotas with Values and Details" +Description: "Allows users to query AWS Service Quotas, providing detailed information about each quota''s value, default value, and whether it''s adjustable." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + quota_name, + quota_code, + quota_arn, + service_name, + service_code, + value + from + aws_servicequotas_service_quota; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Quotas diff --git a/queries/aws_servicequotas_service_quota_2.yaml b/queries/aws_servicequotas_service_quota_2.yaml index 5860dfa6b..da4905614 100755 --- a/queries/aws_servicequotas_service_quota_2.yaml +++ b/queries/aws_servicequotas_service_quota_2.yaml @@ -1,7 +1,7 @@ ID: aws_servicequotas_service_quota_2 Title: "Find AWS Service Quotas with Details on Values" Description: "Allows users to query AWS Service Quotas, providing detailed information about each quota''s value, default value, and whether it''s adjustable." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicequotas_service_quota_2.yaml.bak b/queries/aws_servicequotas_service_quota_2.yaml.bak new file mode 100755 index 000000000..5860dfa6b --- /dev/null +++ b/queries/aws_servicequotas_service_quota_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_servicequotas_service_quota_2 +Title: "Find AWS Service Quotas with Details on Values" +Description: "Allows users to query AWS Service Quotas, providing detailed information about each quota''s value, default value, and whether it''s adjustable." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + quota_name, + quota_code, + quota_arn, + service_name, + service_code, + value + from + aws_servicequotas_service_quota + where + global_quota; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Quotas diff --git a/queries/aws_servicequotas_service_quota_3.yaml b/queries/aws_servicequotas_service_quota_3.yaml index 74db90541..110f432bb 100755 --- a/queries/aws_servicequotas_service_quota_3.yaml +++ b/queries/aws_servicequotas_service_quota_3.yaml @@ -1,7 +1,7 @@ ID: aws_servicequotas_service_quota_3 Title: "Find AWS Service Quotas for Specific Services" Description: "Allows users to query AWS Service Quotas, providing detailed information about each quota''s value, default value, and whether it''s adjustable." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicequotas_service_quota_3.yaml.bak b/queries/aws_servicequotas_service_quota_3.yaml.bak new file mode 100755 index 000000000..74db90541 --- /dev/null +++ b/queries/aws_servicequotas_service_quota_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_servicequotas_service_quota_3 +Title: "Find AWS Service Quotas for Specific Services" +Description: "Allows users to query AWS Service Quotas, providing detailed information about each quota''s value, default value, and whether it''s adjustable." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + quota_name, + quota_code, + quota_arn, + service_name, + service_code, + value + from + aws_servicequotas_service_quota + where + service_code = 'athena'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Quotas diff --git a/queries/aws_servicequotas_service_quota_change_request_1.yaml b/queries/aws_servicequotas_service_quota_change_request_1.yaml index fae1d5268..f76226fb8 100755 --- a/queries/aws_servicequotas_service_quota_change_request_1.yaml +++ b/queries/aws_servicequotas_service_quota_change_request_1.yaml @@ -1,7 +1,7 @@ ID: aws_servicequotas_service_quota_change_request_1 Title: "Find All AWS Service Quotas Change Requests" Description: "Allows users to query AWS Service Quotas change requests." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicequotas_service_quota_change_request_1.yaml.bak b/queries/aws_servicequotas_service_quota_change_request_1.yaml.bak new file mode 100755 index 000000000..fae1d5268 --- /dev/null +++ b/queries/aws_servicequotas_service_quota_change_request_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_servicequotas_service_quota_change_request_1 +Title: "Find All AWS Service Quotas Change Requests" +Description: "Allows users to query AWS Service Quotas change requests." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + case_id, + status, + quota_name, + quota_code, + desired_value + from + aws_servicequotas_service_quota_change_request; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Quotas diff --git a/queries/aws_servicequotas_service_quota_change_request_2.yaml b/queries/aws_servicequotas_service_quota_change_request_2.yaml index 5495d1f6e..3a4a2e6cd 100755 --- a/queries/aws_servicequotas_service_quota_change_request_2.yaml +++ b/queries/aws_servicequotas_service_quota_change_request_2.yaml @@ -1,7 +1,7 @@ ID: aws_servicequotas_service_quota_change_request_2 Title: "Find AWS Service Quota Change Requests Statuses" Description: "Allows users to query AWS Service Quotas change requests." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicequotas_service_quota_change_request_2.yaml.bak b/queries/aws_servicequotas_service_quota_change_request_2.yaml.bak new file mode 100755 index 000000000..5495d1f6e --- /dev/null +++ b/queries/aws_servicequotas_service_quota_change_request_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_servicequotas_service_quota_change_request_2 +Title: "Find AWS Service Quota Change Requests Statuses" +Description: "Allows users to query AWS Service Quotas change requests." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + case_id, + status, + quota_name, + quota_code, + desired_value + from + aws_servicequotas_service_quota_change_request + where + status = 'DENIED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Quotas diff --git a/queries/aws_servicequotas_service_quota_change_request_3.yaml b/queries/aws_servicequotas_service_quota_change_request_3.yaml index 32b9ed0a9..86b027178 100755 --- a/queries/aws_servicequotas_service_quota_change_request_3.yaml +++ b/queries/aws_servicequotas_service_quota_change_request_3.yaml @@ -1,7 +1,7 @@ ID: aws_servicequotas_service_quota_change_request_3 Title: "Find all AWS Service Quotas change requests" Description: "Allows users to query AWS Service Quotas change requests." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_servicequotas_service_quota_change_request_3.yaml.bak b/queries/aws_servicequotas_service_quota_change_request_3.yaml.bak new file mode 100755 index 000000000..32b9ed0a9 --- /dev/null +++ b/queries/aws_servicequotas_service_quota_change_request_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_servicequotas_service_quota_change_request_3 +Title: "Find all AWS Service Quotas change requests" +Description: "Allows users to query AWS Service Quotas change requests." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + case_id, + status, + quota_name, + quota_code, + desired_value + from + aws_servicequotas_service_quota_change_request + where + service_code = 'athena'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Service Quotas diff --git a/queries/aws_ses_domain_identity_1.yaml b/queries/aws_ses_domain_identity_1.yaml index 4983158fb..cd180ca79 100755 --- a/queries/aws_ses_domain_identity_1.yaml +++ b/queries/aws_ses_domain_identity_1.yaml @@ -1,7 +1,7 @@ ID: aws_ses_domain_identity_1 Title: "List all Amazon SES Domain Identities and Their Details" Description: "Allows users to query Amazon Simple Email Service Domain Identities. The aws_ses_domain_identity table in Steampipe provides information about domain identities within Amazon Simple Email Service (SES). This table allows DevOps engineers to query domain-specific details, including verification status, DKIM attributes, and associated metadata. Users can utilize this table to gather insights on domain identities, such as verification status, DKIM tokens, and more. The schema outlines the various attributes of the SES domain identity, including the identity name, verification status, DKIM enabled status, and DKIM tokens." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ses_domain_identity_1.yaml.bak b/queries/aws_ses_domain_identity_1.yaml.bak new file mode 100755 index 000000000..4983158fb --- /dev/null +++ b/queries/aws_ses_domain_identity_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ses_domain_identity_1 +Title: "List all Amazon SES Domain Identities and Their Details" +Description: "Allows users to query Amazon Simple Email Service Domain Identities. The aws_ses_domain_identity table in Steampipe provides information about domain identities within Amazon Simple Email Service (SES). This table allows DevOps engineers to query domain-specific details, including verification status, DKIM attributes, and associated metadata. Users can utilize this table to gather insights on domain identities, such as verification status, DKIM tokens, and more. The schema outlines the various attributes of the SES domain identity, including the identity name, verification status, DKIM enabled status, and DKIM tokens." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + identity, + arn, + region, + akas + from + aws_ses_domain_identity; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Simple Email Service diff --git a/queries/aws_ses_domain_identity_2.yaml b/queries/aws_ses_domain_identity_2.yaml index 2914b7449..d8dd345c1 100755 --- a/queries/aws_ses_domain_identity_2.yaml +++ b/queries/aws_ses_domain_identity_2.yaml @@ -1,7 +1,7 @@ ID: aws_ses_domain_identity_2 Title: "Find AWS SES Domain Identities with Verification Status Failed" Description: "Allows users to query Amazon Simple Email Service Domain Identities. The aws_ses_domain_identity table in Steampipe provides information about domain identities within Amazon Simple Email Service (SES). This table allows DevOps engineers to query domain-specific details, including verification status, DKIM attributes, and associated metadata. Users can utilize this table to gather insights on domain identities, such as verification status, DKIM tokens, and more. The schema outlines the various attributes of the SES domain identity, including the identity name, verification status, DKIM enabled status, and DKIM tokens." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ses_domain_identity_2.yaml.bak b/queries/aws_ses_domain_identity_2.yaml.bak new file mode 100755 index 000000000..2914b7449 --- /dev/null +++ b/queries/aws_ses_domain_identity_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ses_domain_identity_2 +Title: "Find AWS SES Domain Identities with Verification Status Failed" +Description: "Allows users to query Amazon Simple Email Service Domain Identities. The aws_ses_domain_identity table in Steampipe provides information about domain identities within Amazon Simple Email Service (SES). This table allows DevOps engineers to query domain-specific details, including verification status, DKIM attributes, and associated metadata. Users can utilize this table to gather insights on domain identities, such as verification status, DKIM tokens, and more. The schema outlines the various attributes of the SES domain identity, including the identity name, verification status, DKIM enabled status, and DKIM tokens." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + identity, + region, + verification_status + from + aws_ses_domain_identity + where + verification_status = 'Failed'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Simple Email Service diff --git a/queries/aws_ses_email_identity_1.yaml b/queries/aws_ses_email_identity_1.yaml index 1998a39c6..2369fc522 100755 --- a/queries/aws_ses_email_identity_1.yaml +++ b/queries/aws_ses_email_identity_1.yaml @@ -1,7 +1,7 @@ ID: aws_ses_email_identity_1 Title: "List All AWS SES Email Identities and Details" Description: "Allows users to query AWS SES Email Identity to retrieve information about the email identities (domains and email addresses) that you have verified with Amazon SES." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ses_email_identity_1.yaml.bak b/queries/aws_ses_email_identity_1.yaml.bak new file mode 100755 index 000000000..1998a39c6 --- /dev/null +++ b/queries/aws_ses_email_identity_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ses_email_identity_1 +Title: "List All AWS SES Email Identities and Details" +Description: "Allows users to query AWS SES Email Identity to retrieve information about the email identities (domains and email addresses) that you have verified with Amazon SES." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + identity, + arn, + region, + akas + from + aws_ses_email_identity; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - SES diff --git a/queries/aws_ses_email_identity_2.yaml b/queries/aws_ses_email_identity_2.yaml index 031a47017..908cf5cf3 100755 --- a/queries/aws_ses_email_identity_2.yaml +++ b/queries/aws_ses_email_identity_2.yaml @@ -1,7 +1,7 @@ ID: aws_ses_email_identity_2 Title: "List AWS SES Email Identities and Their Verification Status" Description: "Allows users to query AWS SES Email Identity to retrieve information about the email identities (domains and email addresses) that you have verified with Amazon SES." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ses_email_identity_2.yaml.bak b/queries/aws_ses_email_identity_2.yaml.bak new file mode 100755 index 000000000..031a47017 --- /dev/null +++ b/queries/aws_ses_email_identity_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ses_email_identity_2 +Title: "List AWS SES Email Identities and Their Verification Status" +Description: "Allows users to query AWS SES Email Identity to retrieve information about the email identities (domains and email addresses) that you have verified with Amazon SES." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + identity, + region, + verification_status + from + aws_ses_email_identity + where + verification_status = 'Failed'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - SES diff --git a/queries/aws_sfn_state_machine_1.yaml b/queries/aws_sfn_state_machine_1.yaml index 202ebc3b4..9340453dd 100755 --- a/queries/aws_sfn_state_machine_1.yaml +++ b/queries/aws_sfn_state_machine_1.yaml @@ -1,7 +1,7 @@ ID: aws_sfn_state_machine_1 Title: "Find all AWS Step Functions State Machines in SQL" Description: "Allows users to query AWS Step Functions State Machines to retrieve detailed information about each state machine." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sfn_state_machine_1.yaml.bak b/queries/aws_sfn_state_machine_1.yaml.bak new file mode 100755 index 000000000..202ebc3b4 --- /dev/null +++ b/queries/aws_sfn_state_machine_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_sfn_state_machine_1 +Title: "Find all AWS Step Functions State Machines in SQL" +Description: "Allows users to query AWS Step Functions State Machines to retrieve detailed information about each state machine." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + status, + type, + role_arn + from + aws_sfn_state_machine; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Step Functions diff --git a/queries/aws_sfn_state_machine_2.yaml b/queries/aws_sfn_state_machine_2.yaml index 8b8fb4ad8..46490c9ac 100755 --- a/queries/aws_sfn_state_machine_2.yaml +++ b/queries/aws_sfn_state_machine_2.yaml @@ -1,7 +1,7 @@ ID: aws_sfn_state_machine_2 Title: "Find AWS Step Functions State Machines Details" Description: "Allows users to query AWS Step Functions State Machines to retrieve detailed information about each state machine." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sfn_state_machine_2.yaml.bak b/queries/aws_sfn_state_machine_2.yaml.bak new file mode 100755 index 000000000..8b8fb4ad8 --- /dev/null +++ b/queries/aws_sfn_state_machine_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_sfn_state_machine_2 +Title: "Find AWS Step Functions State Machines Details" +Description: "Allows users to query AWS Step Functions State Machines to retrieve detailed information about each state machine." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + status + from + aws_sfn_state_machine + where + status = 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Step Functions diff --git a/queries/aws_sfn_state_machine_execution_1.yaml b/queries/aws_sfn_state_machine_execution_1.yaml index e3c75b9d4..b3a5048ef 100755 --- a/queries/aws_sfn_state_machine_execution_1.yaml +++ b/queries/aws_sfn_state_machine_execution_1.yaml @@ -1,7 +1,7 @@ ID: aws_sfn_state_machine_execution_1 Title: "List all AWS Step Functions Execution details" Description: "Allows users to query AWS Step Functions State Machine Execution data, including execution status, start and end times, and associated state machine details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sfn_state_machine_execution_1.yaml.bak b/queries/aws_sfn_state_machine_execution_1.yaml.bak new file mode 100755 index 000000000..e3c75b9d4 --- /dev/null +++ b/queries/aws_sfn_state_machine_execution_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_sfn_state_machine_execution_1 +Title: "List all AWS Step Functions Execution details" +Description: "Allows users to query AWS Step Functions State Machine Execution data, including execution status, start and end times, and associated state machine details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + execution_arn, + status, + state_machine_arn + from + aws_sfn_state_machine_execution; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Step Functions diff --git a/queries/aws_sfn_state_machine_execution_2.yaml b/queries/aws_sfn_state_machine_execution_2.yaml index c34e91e5a..bcf3a047c 100755 --- a/queries/aws_sfn_state_machine_execution_2.yaml +++ b/queries/aws_sfn_state_machine_execution_2.yaml @@ -1,7 +1,7 @@ ID: aws_sfn_state_machine_execution_2 Title: "Find AWS Step Functions Execution Status and Details" Description: "Allows users to query AWS Step Functions State Machine Execution data, including execution status, start and end times, and associated state machine details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sfn_state_machine_execution_2.yaml.bak b/queries/aws_sfn_state_machine_execution_2.yaml.bak new file mode 100755 index 000000000..c34e91e5a --- /dev/null +++ b/queries/aws_sfn_state_machine_execution_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_sfn_state_machine_execution_2 +Title: "Find AWS Step Functions Execution Status and Details" +Description: "Allows users to query AWS Step Functions State Machine Execution data, including execution status, start and end times, and associated state machine details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + execution_arn, + status, + state_machine_arn + from + aws_sfn_state_machine_execution + where + status = 'FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Step Functions diff --git a/queries/aws_sfn_state_machine_execution_history_1.yaml b/queries/aws_sfn_state_machine_execution_history_1.yaml index 048bc7362..ba798f830 100755 --- a/queries/aws_sfn_state_machine_execution_history_1.yaml +++ b/queries/aws_sfn_state_machine_execution_history_1.yaml @@ -1,7 +1,7 @@ ID: aws_sfn_state_machine_execution_history_1 Title: "Find AWS Step Functions State Machine Execution History" Description: "Allows users to query AWS Step Functions State Machine Execution History to fetch information about the execution history of a state machine." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sfn_state_machine_execution_history_1.yaml.bak b/queries/aws_sfn_state_machine_execution_history_1.yaml.bak new file mode 100755 index 000000000..048bc7362 --- /dev/null +++ b/queries/aws_sfn_state_machine_execution_history_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_sfn_state_machine_execution_history_1 +Title: "Find AWS Step Functions State Machine Execution History" +Description: "Allows users to query AWS Step Functions State Machine Execution History to fetch information about the execution history of a state machine." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + execution_arn, + previous_event_id, + timestamp, + type + from + aws_sfn_state_machine_execution_history; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Step Functions diff --git a/queries/aws_sfn_state_machine_execution_history_2.yaml b/queries/aws_sfn_state_machine_execution_history_2.yaml index 0cb353abc..c4a0ac138 100755 --- a/queries/aws_sfn_state_machine_execution_history_2.yaml +++ b/queries/aws_sfn_state_machine_execution_history_2.yaml @@ -1,7 +1,7 @@ ID: aws_sfn_state_machine_execution_history_2 Title: "Find AWS Step Functions State Machine Execution Details" Description: "Allows users to query AWS Step Functions State Machine Execution History to fetch information about the execution history of a state machine." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sfn_state_machine_execution_history_2.yaml.bak b/queries/aws_sfn_state_machine_execution_history_2.yaml.bak new file mode 100755 index 000000000..0cb353abc --- /dev/null +++ b/queries/aws_sfn_state_machine_execution_history_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_sfn_state_machine_execution_history_2 +Title: "Find AWS Step Functions State Machine Execution Details" +Description: "Allows users to query AWS Step Functions State Machine Execution History to fetch information about the execution history of a state machine." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + execution_arn, + execution_started_event_details -> 'Input' as event_input, + execution_started_event_details -> 'InputDetails' as event_input_details, + execution_started_event_details ->> 'RoleArn' as event_role_arn + from + aws_sfn_state_machine_execution_history + where + type = 'ExecutionStarted'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Step Functions diff --git a/queries/aws_simspaceweaver_simulation_1.yaml b/queries/aws_simspaceweaver_simulation_1.yaml index f153c5075..b4c03292b 100755 --- a/queries/aws_simspaceweaver_simulation_1.yaml +++ b/queries/aws_simspaceweaver_simulation_1.yaml @@ -1,7 +1,7 @@ ID: aws_simspaceweaver_simulation_1 Title: "List all AWS SimSpace Simulation with details" Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_simspaceweaver_simulation_1.yaml.bak b/queries/aws_simspaceweaver_simulation_1.yaml.bak new file mode 100755 index 000000000..f153c5075 --- /dev/null +++ b/queries/aws_simspaceweaver_simulation_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_simspaceweaver_simulation_1 +Title: "List all AWS SimSpace Simulation with details" +Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_time, + status, + execution_id, + schema_error + from + aws_simspaceweaver_simulation; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SimSpaceWeaver Simulation diff --git a/queries/aws_simspaceweaver_simulation_2.yaml b/queries/aws_simspaceweaver_simulation_2.yaml index 40ae78b94..4dcd68c45 100755 --- a/queries/aws_simspaceweaver_simulation_2.yaml +++ b/queries/aws_simspaceweaver_simulation_2.yaml @@ -1,7 +1,7 @@ ID: aws_simspaceweaver_simulation_2 Title: "List all AWS SimSpace Simulations from the past 30 days" Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_simspaceweaver_simulation_2.yaml.bak b/queries/aws_simspaceweaver_simulation_2.yaml.bak new file mode 100755 index 000000000..40ae78b94 --- /dev/null +++ b/queries/aws_simspaceweaver_simulation_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_simspaceweaver_simulation_2 +Title: "List all AWS SimSpace Simulations from the past 30 days" +Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_time, + status + from + aws_simspaceweaver_simulation + where + creation_time >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SimSpace diff --git a/queries/aws_simspaceweaver_simulation_3.yaml b/queries/aws_simspaceweaver_simulation_3.yaml index 37113f91b..50ef19e6c 100755 --- a/queries/aws_simspaceweaver_simulation_3.yaml +++ b/queries/aws_simspaceweaver_simulation_3.yaml @@ -1,7 +1,7 @@ ID: aws_simspaceweaver_simulation_3 Title: "List all AWS SimSpace Simulation details with SQL" Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_simspaceweaver_simulation_3.yaml.bak b/queries/aws_simspaceweaver_simulation_3.yaml.bak new file mode 100755 index 000000000..37113f91b --- /dev/null +++ b/queries/aws_simspaceweaver_simulation_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_simspaceweaver_simulation_3 +Title: "List all AWS SimSpace Simulation details with SQL" +Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + creation_time, + status + from + aws_simspaceweaver_simulation + where + status = 'FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SimSpace Simulation diff --git a/queries/aws_simspaceweaver_simulation_4.yaml b/queries/aws_simspaceweaver_simulation_4.yaml index a27be2082..ca66fa8b5 100755 --- a/queries/aws_simspaceweaver_simulation_4.yaml +++ b/queries/aws_simspaceweaver_simulation_4.yaml @@ -1,7 +1,7 @@ ID: aws_simspaceweaver_simulation_4 Title: "List AWS SimSpace Simulations and Details" Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_simspaceweaver_simulation_4.yaml.bak b/queries/aws_simspaceweaver_simulation_4.yaml.bak new file mode 100755 index 000000000..a27be2082 --- /dev/null +++ b/queries/aws_simspaceweaver_simulation_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_simspaceweaver_simulation_4 +Title: "List AWS SimSpace Simulations and Details" +Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + jsonb_pretty(d) + from + aws_simspaceweaver_simulation, + jsonb_array_elements(logging_configuration -> 'Destinations') as d; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SimSpace Simulation diff --git a/queries/aws_simspaceweaver_simulation_5.yaml b/queries/aws_simspaceweaver_simulation_5.yaml index fcf356681..772c5041e 100755 --- a/queries/aws_simspaceweaver_simulation_5.yaml +++ b/queries/aws_simspaceweaver_simulation_5.yaml @@ -1,7 +1,7 @@ ID: aws_simspaceweaver_simulation_5 Title: "Find AWS SimSpace Simulation Specific Details" Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_simspaceweaver_simulation_5.yaml.bak b/queries/aws_simspaceweaver_simulation_5.yaml.bak new file mode 100755 index 000000000..fcf356681 --- /dev/null +++ b/queries/aws_simspaceweaver_simulation_5.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_simspaceweaver_simulation_5 +Title: "Find AWS SimSpace Simulation Specific Details" +Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.name, + s.arn, + s.schema_s3_location ->> 'BucketName' as bucket_name, + s.schema_s3_location ->> 'ObjectKey' as object_key, + b.versioning_enabled, + b.block_public_acls, + b.acl + from + aws_simspaceweaver_simulation as s, + aws_s3_bucket as b + where + s.schema_s3_location ->> 'BucketName' = b.name; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SimSpace Weaver diff --git a/queries/aws_sns_subscription_1.yaml b/queries/aws_sns_subscription_1.yaml index 0666a84d4..cee70167e 100755 --- a/queries/aws_sns_subscription_1.yaml +++ b/queries/aws_sns_subscription_1.yaml @@ -1,7 +1,7 @@ ID: aws_sns_subscription_1 Title: "List all AWS SNS Topic Subscriptions Details" Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sns_subscription_1.yaml.bak b/queries/aws_sns_subscription_1.yaml.bak new file mode 100755 index 000000000..0666a84d4 --- /dev/null +++ b/queries/aws_sns_subscription_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_sns_subscription_1 +Title: "List all AWS SNS Topic Subscriptions Details" +Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + redrive_policy + from + aws_sns_subscription + where + redrive_policy is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Notification Service diff --git a/queries/aws_sns_subscription_2.yaml b/queries/aws_sns_subscription_2.yaml index 4670418fe..8753f6cb1 100755 --- a/queries/aws_sns_subscription_2.yaml +++ b/queries/aws_sns_subscription_2.yaml @@ -1,7 +1,7 @@ ID: aws_sns_subscription_2 Title: "List all AWS SNS Topic Subscriptions Details" Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sns_subscription_2.yaml.bak b/queries/aws_sns_subscription_2.yaml.bak new file mode 100755 index 000000000..4670418fe --- /dev/null +++ b/queries/aws_sns_subscription_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_sns_subscription_2 +Title: "List all AWS SNS Topic Subscriptions Details" +Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + filter_policy + from + aws_sns_subscription + where + filter_policy is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Notification Service diff --git a/queries/aws_sns_subscription_3.yaml b/queries/aws_sns_subscription_3.yaml index 42c6bfb82..3745a4d1b 100755 --- a/queries/aws_sns_subscription_3.yaml +++ b/queries/aws_sns_subscription_3.yaml @@ -1,7 +1,7 @@ ID: aws_sns_subscription_3 Title: "List AWS SNS Topic Subscription Details with SQL" Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sns_subscription_3.yaml.bak b/queries/aws_sns_subscription_3.yaml.bak new file mode 100755 index 000000000..42c6bfb82 --- /dev/null +++ b/queries/aws_sns_subscription_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_sns_subscription_3 +Title: "List AWS SNS Topic Subscription Details with SQL" +Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + count(subscription_arn) as subscription_count + from + aws_sns_subscription + group by + title; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Notification Service diff --git a/queries/aws_sns_topic_1.yaml b/queries/aws_sns_topic_1.yaml index 3f6626879..7bc46e0c7 100755 --- a/queries/aws_sns_topic_1.yaml +++ b/queries/aws_sns_topic_1.yaml @@ -1,7 +1,7 @@ ID: aws_sns_topic_1 Title: "Find AWS SNS Topics and Their Information" Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sns_topic_1.yaml.bak b/queries/aws_sns_topic_1.yaml.bak new file mode 100755 index 000000000..3f6626879 --- /dev/null +++ b/queries/aws_sns_topic_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_sns_topic_1 +Title: "Find AWS SNS Topics and Their Information" +Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + kms_master_key_id + from + aws_sns_topic + where + kms_master_key_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - SNS diff --git a/queries/aws_sns_topic_2.yaml b/queries/aws_sns_topic_2.yaml index e24413985..0bd49b416 100755 --- a/queries/aws_sns_topic_2.yaml +++ b/queries/aws_sns_topic_2.yaml @@ -1,7 +1,7 @@ ID: aws_sns_topic_2 Title: "Find AWS SNS Topics with KMS Key Information" Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sns_topic_2.yaml.bak b/queries/aws_sns_topic_2.yaml.bak new file mode 100755 index 000000000..e24413985 --- /dev/null +++ b/queries/aws_sns_topic_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_sns_topic_2 +Title: "Find AWS SNS Topics with KMS Key Information" +Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + kms_master_key_id + from + aws_sns_topic + where + kms_master_key_id = 'alias/aws/sns'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SNS diff --git a/queries/aws_sns_topic_3.yaml b/queries/aws_sns_topic_3.yaml index 0092402f1..796dbf28c 100755 --- a/queries/aws_sns_topic_3.yaml +++ b/queries/aws_sns_topic_3.yaml @@ -1,7 +1,7 @@ ID: aws_sns_topic_3 Title: "List all AWS SNS Topics and their details" Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sns_topic_3.yaml.bak b/queries/aws_sns_topic_3.yaml.bak new file mode 100755 index 000000000..0092402f1 --- /dev/null +++ b/queries/aws_sns_topic_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_sns_topic_3 +Title: "List all AWS SNS Topics and their details" +Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + tags + from + aws_sns_topic + where + not tags :: JSONB ? 'owner'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SNS diff --git a/queries/aws_sns_topic_4.yaml b/queries/aws_sns_topic_4.yaml index 08d52ba56..0078da366 100755 --- a/queries/aws_sns_topic_4.yaml +++ b/queries/aws_sns_topic_4.yaml @@ -1,7 +1,7 @@ ID: aws_sns_topic_4 Title: "Find AWS SNS Topics and Details" Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sns_topic_4.yaml.bak b/queries/aws_sns_topic_4.yaml.bak new file mode 100755 index 000000000..08d52ba56 --- /dev/null +++ b/queries/aws_sns_topic_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_sns_topic_4 +Title: "Find AWS SNS Topics and Details" +Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_sns_topic, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a + where + p = '*' + and s ->> 'Effect' = 'Allow'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SNS Topics diff --git a/queries/aws_sns_topic_5.yaml b/queries/aws_sns_topic_5.yaml index fcd2a2e4e..983e1acb1 100755 --- a/queries/aws_sns_topic_5.yaml +++ b/queries/aws_sns_topic_5.yaml @@ -1,7 +1,7 @@ ID: aws_sns_topic_5 Title: "List all AWS SNS Topics and their relevant details" Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sns_topic_5.yaml.bak b/queries/aws_sns_topic_5.yaml.bak new file mode 100755 index 000000000..fcd2a2e4e --- /dev/null +++ b/queries/aws_sns_topic_5.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_sns_topic_5 +Title: "List all AWS SNS Topics and their relevant details" +Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_sns_topic, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a + where + s ->> 'Effect' = 'Allow' + and a in ('*', 'sns:*'); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - SNS diff --git a/queries/aws_sns_topic_6.yaml b/queries/aws_sns_topic_6.yaml index 1da6f7d93..3f9b35395 100755 --- a/queries/aws_sns_topic_6.yaml +++ b/queries/aws_sns_topic_6.yaml @@ -1,7 +1,7 @@ ID: aws_sns_topic_6 Title: "List all details for AWS SNS Topics" Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sns_topic_6.yaml.bak b/queries/aws_sns_topic_6.yaml.bak new file mode 100755 index 000000000..1da6f7d93 --- /dev/null +++ b/queries/aws_sns_topic_6.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_sns_topic_6 +Title: "List all details for AWS SNS Topics" +Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title + from + aws_sns_topic + where + title not in ( + select + title + from + aws_sns_topic, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a, + jsonb_array_elements_text( + s -> 'Condition' -> 'Bool' -> 'aws:securetransport' + ) as ssl + where + p = '*' + and s ->> 'Effect' = 'Deny' + and ssl :: bool = false + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SNS diff --git a/queries/aws_sns_topic_7.yaml b/queries/aws_sns_topic_7.yaml index bdc13e362..0c292a68b 100755 --- a/queries/aws_sns_topic_7.yaml +++ b/queries/aws_sns_topic_7.yaml @@ -1,7 +1,7 @@ ID: aws_sns_topic_7 Title: "Find AWS SNS Topics Without Failure Feedback Roles" Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sns_topic_7.yaml.bak b/queries/aws_sns_topic_7.yaml.bak new file mode 100755 index 000000000..bdc13e362 --- /dev/null +++ b/queries/aws_sns_topic_7.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_sns_topic_7 +Title: "Find AWS SNS Topics Without Failure Feedback Roles" +Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + topic_arn, + region + from + aws_sns_topic + where + application_failure_feedback_role_arn is null and + firehose_failure_feedback_role_arn is null and + http_failure_feedback_role_arn is null and + lambda_failure_feedback_role_arn is null and + sqs_failure_feedback_role_arn is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SNS diff --git a/queries/aws_sns_topic_subscription_1.yaml b/queries/aws_sns_topic_subscription_1.yaml index f9c4b74f3..f90caf88f 100755 --- a/queries/aws_sns_topic_subscription_1.yaml +++ b/queries/aws_sns_topic_subscription_1.yaml @@ -1,7 +1,7 @@ ID: aws_sns_topic_subscription_1 Title: "Find AWS SNS Topic Subscriptions with No Redrive Policy" Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sns_topic_subscription_1.yaml.bak b/queries/aws_sns_topic_subscription_1.yaml.bak new file mode 100755 index 000000000..f9c4b74f3 --- /dev/null +++ b/queries/aws_sns_topic_subscription_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_sns_topic_subscription_1 +Title: "Find AWS SNS Topic Subscriptions with No Redrive Policy" +Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + redrive_policy + from + aws_sns_topic_subscription + where + redrive_policy is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SNS diff --git a/queries/aws_sns_topic_subscription_2.yaml b/queries/aws_sns_topic_subscription_2.yaml index e165f6e33..8c5c1b874 100755 --- a/queries/aws_sns_topic_subscription_2.yaml +++ b/queries/aws_sns_topic_subscription_2.yaml @@ -1,7 +1,7 @@ ID: aws_sns_topic_subscription_2 Title: "List all AWS SNS Topic Subscriptions and Details" Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sns_topic_subscription_2.yaml.bak b/queries/aws_sns_topic_subscription_2.yaml.bak new file mode 100755 index 000000000..e165f6e33 --- /dev/null +++ b/queries/aws_sns_topic_subscription_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_sns_topic_subscription_2 +Title: "List all AWS SNS Topic Subscriptions and Details" +Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + filter_policy + from + aws_sns_topic_subscription + where + filter_policy is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Notification Service diff --git a/queries/aws_sns_topic_subscription_3.yaml b/queries/aws_sns_topic_subscription_3.yaml index e870585fc..e3f95a9da 100755 --- a/queries/aws_sns_topic_subscription_3.yaml +++ b/queries/aws_sns_topic_subscription_3.yaml @@ -1,7 +1,7 @@ ID: aws_sns_topic_subscription_3 Title: "Find AWS SNS Topic Subscriptions Detailed Information" Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sns_topic_subscription_3.yaml.bak b/queries/aws_sns_topic_subscription_3.yaml.bak new file mode 100755 index 000000000..e870585fc --- /dev/null +++ b/queries/aws_sns_topic_subscription_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_sns_topic_subscription_3 +Title: "Find AWS SNS Topic Subscriptions Detailed Information" +Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + count(subscription_arn) as subscription_count + from + aws_sns_topic_subscription + group by + title; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Notification Service diff --git a/queries/aws_sqs_queue_1.yaml b/queries/aws_sqs_queue_1.yaml index f4fdd0128..833f79b5f 100755 --- a/queries/aws_sqs_queue_1.yaml +++ b/queries/aws_sqs_queue_1.yaml @@ -1,7 +1,7 @@ ID: aws_sqs_queue_1 Title: "List All AWS SQS Queues with Detailed Information" Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sqs_queue_1.yaml.bak b/queries/aws_sqs_queue_1.yaml.bak new file mode 100755 index 000000000..f4fdd0128 --- /dev/null +++ b/queries/aws_sqs_queue_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_sqs_queue_1 +Title: "List All AWS SQS Queues with Detailed Information" +Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + delay_seconds, + max_message_size, + receive_wait_time_seconds, + message_retention_seconds, + visibility_timeout_seconds + from + aws_sqs_queue; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Queue Service diff --git a/queries/aws_sqs_queue_10.yaml b/queries/aws_sqs_queue_10.yaml index e33391994..53e0c2337 100755 --- a/queries/aws_sqs_queue_10.yaml +++ b/queries/aws_sqs_queue_10.yaml @@ -1,7 +1,7 @@ ID: aws_sqs_queue_10 Title: "List AWS SQS Queues with Detailed Information" Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sqs_queue_10.yaml.bak b/queries/aws_sqs_queue_10.yaml.bak new file mode 100755 index 000000000..e33391994 --- /dev/null +++ b/queries/aws_sqs_queue_10.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_sqs_queue_10 +Title: "List AWS SQS Queues with Detailed Information" +Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_sqs_queue, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a + where + s ->> 'Effect' = 'Allow' + and a in ('*', 'sqs:*'); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Queue Service (SQS) diff --git a/queries/aws_sqs_queue_2.yaml b/queries/aws_sqs_queue_2.yaml index 515603051..44adddde8 100755 --- a/queries/aws_sqs_queue_2.yaml +++ b/queries/aws_sqs_queue_2.yaml @@ -1,7 +1,7 @@ ID: aws_sqs_queue_2 Title: "Find AWS SQS Queue Details with SQL" Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sqs_queue_2.yaml.bak b/queries/aws_sqs_queue_2.yaml.bak new file mode 100755 index 000000000..515603051 --- /dev/null +++ b/queries/aws_sqs_queue_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_sqs_queue_2 +Title: "Find AWS SQS Queue Details with SQL" +Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + kms_master_key_id, + sqs_managed_sse_enabled + from + aws_sqs_queue + where + kms_master_key_id is null + and not sqs_managed_sse_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Queue Service diff --git a/queries/aws_sqs_queue_3.yaml b/queries/aws_sqs_queue_3.yaml index 6b9542fc9..ec4d0cb45 100755 --- a/queries/aws_sqs_queue_3.yaml +++ b/queries/aws_sqs_queue_3.yaml @@ -1,7 +1,7 @@ ID: aws_sqs_queue_3 Title: "Find AWS SQS Queues with KMS Key Details" Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sqs_queue_3.yaml.bak b/queries/aws_sqs_queue_3.yaml.bak new file mode 100755 index 000000000..6b9542fc9 --- /dev/null +++ b/queries/aws_sqs_queue_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_sqs_queue_3 +Title: "Find AWS SQS Queues with KMS Key Details" +Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + kms_master_key_id, + sqs_managed_sse_enabled + from + aws_sqs_queue + where + kms_master_key_id is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Queue Service diff --git a/queries/aws_sqs_queue_4.yaml b/queries/aws_sqs_queue_4.yaml index 80c53267d..d83679957 100755 --- a/queries/aws_sqs_queue_4.yaml +++ b/queries/aws_sqs_queue_4.yaml @@ -1,7 +1,7 @@ ID: aws_sqs_queue_4 Title: "Find SQS queues with server-side encryption enabled" Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sqs_queue_4.yaml.bak b/queries/aws_sqs_queue_4.yaml.bak new file mode 100755 index 000000000..80c53267d --- /dev/null +++ b/queries/aws_sqs_queue_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_sqs_queue_4 +Title: "Find SQS queues with server-side encryption enabled" +Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + kms_master_key_id, + sqs_managed_sse_enabled + from + aws_sqs_queue + where + sqs_managed_sse_enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Queue Service diff --git a/queries/aws_sqs_queue_5.yaml b/queries/aws_sqs_queue_5.yaml index 87ca362ea..a71de5f00 100755 --- a/queries/aws_sqs_queue_5.yaml +++ b/queries/aws_sqs_queue_5.yaml @@ -1,7 +1,7 @@ ID: aws_sqs_queue_5 Title: "List all SQS queues with retention < 7 days in AWS" Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sqs_queue_5.yaml.bak b/queries/aws_sqs_queue_5.yaml.bak new file mode 100755 index 000000000..87ca362ea --- /dev/null +++ b/queries/aws_sqs_queue_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_sqs_queue_5 +Title: "List all SQS queues with retention < 7 days in AWS" +Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + message_retention_seconds + from + aws_sqs_queue + where + message_retention_seconds < '604800'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Queue Service diff --git a/queries/aws_sqs_queue_6.yaml b/queries/aws_sqs_queue_6.yaml index f0da1f2ff..d76dba13a 100755 --- a/queries/aws_sqs_queue_6.yaml +++ b/queries/aws_sqs_queue_6.yaml @@ -1,7 +1,7 @@ ID: aws_sqs_queue_6 Title: "List all AWS SQS queues without a redrive policy" Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sqs_queue_6.yaml.bak b/queries/aws_sqs_queue_6.yaml.bak new file mode 100755 index 000000000..f0da1f2ff --- /dev/null +++ b/queries/aws_sqs_queue_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_sqs_queue_6 +Title: "List all AWS SQS queues without a redrive policy" +Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + redrive_policy + from + aws_sqs_queue + where + redrive_policy is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Queue Service diff --git a/queries/aws_sqs_queue_7.yaml b/queries/aws_sqs_queue_7.yaml index d6b7a17d8..d9ffb46f1 100755 --- a/queries/aws_sqs_queue_7.yaml +++ b/queries/aws_sqs_queue_7.yaml @@ -1,7 +1,7 @@ ID: aws_sqs_queue_7 Title: "List all AWS SQS queues with details" Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sqs_queue_7.yaml.bak b/queries/aws_sqs_queue_7.yaml.bak new file mode 100755 index 000000000..d6b7a17d8 --- /dev/null +++ b/queries/aws_sqs_queue_7.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_sqs_queue_7 +Title: "List all AWS SQS queues with details" +Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + fifo_queue + from + aws_sqs_queue + where + fifo_queue; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Queue Service (SQS) diff --git a/queries/aws_sqs_queue_8.yaml b/queries/aws_sqs_queue_8.yaml index 266d492fd..0945d341d 100755 --- a/queries/aws_sqs_queue_8.yaml +++ b/queries/aws_sqs_queue_8.yaml @@ -1,7 +1,7 @@ ID: aws_sqs_queue_8 Title: "Query AWS SQS for Detailed Queue Information" Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sqs_queue_8.yaml.bak b/queries/aws_sqs_queue_8.yaml.bak new file mode 100755 index 000000000..266d492fd --- /dev/null +++ b/queries/aws_sqs_queue_8.yaml.bak @@ -0,0 +1,38 @@ +ID: aws_sqs_queue_8 +Title: "Query AWS SQS for Detailed Queue Information" +Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_sqs_queue, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + string_to_array(p, ':') as pa, + jsonb_array_elements_text(s -> 'Action') as a + where + s ->> 'Effect' = 'Allow' + and ( + pa[5] != account_id + or p = '*' + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Queue Service diff --git a/queries/aws_sqs_queue_9.yaml b/queries/aws_sqs_queue_9.yaml index 2a504f761..c6576512e 100755 --- a/queries/aws_sqs_queue_9.yaml +++ b/queries/aws_sqs_queue_9.yaml @@ -1,7 +1,7 @@ ID: aws_sqs_queue_9 Title: "Find all AWS SQS Queues and Their Policies" Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sqs_queue_9.yaml.bak b/queries/aws_sqs_queue_9.yaml.bak new file mode 100755 index 000000000..2a504f761 --- /dev/null +++ b/queries/aws_sqs_queue_9.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_sqs_queue_9 +Title: "Find all AWS SQS Queues and Their Policies" +Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + title, + p as principal, + a as action, + s ->> 'Effect' as effect, + s -> 'Condition' as conditions + from + aws_sqs_queue, + jsonb_array_elements(policy_std -> 'Statement') as s, + jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, + jsonb_array_elements_text(s -> 'Action') as a + where + p = '*' + and s ->> 'Effect' = 'Allow'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Simple Queue Service diff --git a/queries/aws_ssm_association_1.yaml b/queries/aws_ssm_association_1.yaml index df7f7e58b..7f952fb85 100755 --- a/queries/aws_ssm_association_1.yaml +++ b/queries/aws_ssm_association_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_association_1 Title: "Find AWS SSM Association Details including Parameters" Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_association_1.yaml.bak b/queries/aws_ssm_association_1.yaml.bak new file mode 100755 index 000000000..df7f7e58b --- /dev/null +++ b/queries/aws_ssm_association_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ssm_association_1 +Title: "Find AWS SSM Association Details including Parameters" +Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + association_id, + association_name, + arn, + association_version, + last_execution_date, + document_name, + compliance_severity, + region + from + aws_ssm_association; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Systems Manager diff --git a/queries/aws_ssm_association_2.yaml b/queries/aws_ssm_association_2.yaml index e2b81f4e7..6bfd0452a 100755 --- a/queries/aws_ssm_association_2.yaml +++ b/queries/aws_ssm_association_2.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_association_2 Title: "List all AWS SSM Associations with Failed Status" Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_association_2.yaml.bak b/queries/aws_ssm_association_2.yaml.bak new file mode 100755 index 000000000..e2b81f4e7 --- /dev/null +++ b/queries/aws_ssm_association_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ssm_association_2 +Title: "List all AWS SSM Associations with Failed Status" +Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + association_id, + overview ->> 'AssociationStatusAggregatedCount' as association_status_aggregated_count, + overview ->> 'DetailedStatus' as detailed_status, + overview ->> 'Status' as status + from + aws_ssm_association + where + overview ->> 'Status' = 'Failed'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Systems Manager diff --git a/queries/aws_ssm_association_3.yaml b/queries/aws_ssm_association_3.yaml index fb2158fb3..21168fd5e 100755 --- a/queries/aws_ssm_association_3.yaml +++ b/queries/aws_ssm_association_3.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_association_3 Title: "List AWS SSM Associations with Status and Targets" Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_association_3.yaml.bak b/queries/aws_ssm_association_3.yaml.bak new file mode 100755 index 000000000..fb2158fb3 --- /dev/null +++ b/queries/aws_ssm_association_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ssm_association_3 +Title: "List AWS SSM Associations with Status and Targets" +Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + association.association_id as association_id, + target ->> 'Key' as target_key, + target ->> 'Values' as target_value, + instances + from + aws_ssm_association as association, + jsonb_array_elements(targets) as target, + jsonb_array_elements_text(target -> 'Values') as instances + where + target ->> 'Key' = 'InstanceIds'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Systems Manager diff --git a/queries/aws_ssm_association_4.yaml b/queries/aws_ssm_association_4.yaml index e57d7fcbe..c0eab0d39 100755 --- a/queries/aws_ssm_association_4.yaml +++ b/queries/aws_ssm_association_4.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_association_4 Title: "Find AWS SSM Associations and Their Details" Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_association_4.yaml.bak b/queries/aws_ssm_association_4.yaml.bak new file mode 100755 index 000000000..e57d7fcbe --- /dev/null +++ b/queries/aws_ssm_association_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ssm_association_4 +Title: "Find AWS SSM Associations and Their Details" +Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + association_id, + association_name, + targets, + document_name + from + aws_ssm_association + where + compliance_severity = 'CRITICAL'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Systems Manager diff --git a/queries/aws_ssm_document_1.yaml b/queries/aws_ssm_document_1.yaml index aa8c777be..5aec272f3 100755 --- a/queries/aws_ssm_document_1.yaml +++ b/queries/aws_ssm_document_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_document_1 Title: "List all AWS SSM Documents with detailed information" Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_document_1.yaml.bak b/queries/aws_ssm_document_1.yaml.bak new file mode 100755 index 000000000..aa8c777be --- /dev/null +++ b/queries/aws_ssm_document_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ssm_document_1 +Title: "List all AWS SSM Documents with detailed information" +Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + document_version, + status, + owner, + document_format, + document_type, + platform_types, + region + from + aws_ssm_document; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Documents diff --git a/queries/aws_ssm_document_2.yaml b/queries/aws_ssm_document_2.yaml index a275bfe80..11c424f4f 100755 --- a/queries/aws_ssm_document_2.yaml +++ b/queries/aws_ssm_document_2.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_document_2 Title: "List AWS SSM Documents with Details using SQL" Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_document_2.yaml.bak b/queries/aws_ssm_document_2.yaml.bak new file mode 100755 index 000000000..11c424f4f --- /dev/null +++ b/queries/aws_ssm_document_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ssm_document_2 +Title: "List AWS SSM Documents with Details using SQL" +Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + owner, + document_version, + status, + document_format, + document_type + from + aws_ssm_document + where + owner_type = 'Self'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM diff --git a/queries/aws_ssm_document_2.yaml.bak.bak b/queries/aws_ssm_document_2.yaml.bak.bak new file mode 100755 index 000000000..11c424f4f --- /dev/null +++ b/queries/aws_ssm_document_2.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_ssm_document_2 +Title: "List AWS SSM Documents with Details using SQL" +Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + owner, + document_version, + status, + document_format, + document_type + from + aws_ssm_document + where + owner_type = 'Self'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM diff --git a/queries/aws_ssm_document_3.yaml b/queries/aws_ssm_document_3.yaml index 149bd43c0..992ec819b 100755 --- a/queries/aws_ssm_document_3.yaml +++ b/queries/aws_ssm_document_3.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_document_3 Title: "Find AWS SSM Documents with Various Attributes" Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_document_3.yaml.bak b/queries/aws_ssm_document_3.yaml.bak new file mode 100755 index 000000000..149bd43c0 --- /dev/null +++ b/queries/aws_ssm_document_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ssm_document_3 +Title: "Find AWS SSM Documents with Various Attributes" +Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + owner, + document_version, + status, + document_format, + document_type + from + aws_ssm_document + where + owner_type != 'Amazon'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM diff --git a/queries/aws_ssm_document_4.yaml b/queries/aws_ssm_document_4.yaml index ddd04d881..b2ecfe901 100755 --- a/queries/aws_ssm_document_4.yaml +++ b/queries/aws_ssm_document_4.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_document_4 Title: "Find AWS SSM Documents and Retrieve Detailed Information" Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_document_4.yaml.bak b/queries/aws_ssm_document_4.yaml.bak new file mode 100755 index 000000000..ddd04d881 --- /dev/null +++ b/queries/aws_ssm_document_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ssm_document_4 +Title: "Find AWS SSM Documents and Retrieve Detailed Information" +Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + owner, + account_ids + from + aws_ssm_document + where + owner_type = 'Self' + and account_ids :: jsonb ? 'all'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Document diff --git a/queries/aws_ssm_document_5.yaml b/queries/aws_ssm_document_5.yaml index c81a12f9f..e0a7c7c82 100755 --- a/queries/aws_ssm_document_5.yaml +++ b/queries/aws_ssm_document_5.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_document_5 Title: "Find all AWS SSM Document Details with SQL" Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_document_5.yaml.bak b/queries/aws_ssm_document_5.yaml.bak new file mode 100755 index 000000000..c81a12f9f --- /dev/null +++ b/queries/aws_ssm_document_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ssm_document_5 +Title: "Find all AWS SSM Document Details with SQL" +Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + approved_version, + created_date, + document_type + from + aws_ssm_document + where + arn = 'arn:aws:ssm:ap-south-1:112233445566:document/AWS-ASGEnterStandby'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM diff --git a/queries/aws_ssm_document_permission_1.yaml b/queries/aws_ssm_document_permission_1.yaml index 49572d9e9..ba04d8c0e 100755 --- a/queries/aws_ssm_document_permission_1.yaml +++ b/queries/aws_ssm_document_permission_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_document_permission_1 Title: "Find AWS SSM Document Permissions with Details" Description: "Allows users to query AWS SSM Document Permissions, providing detailed information about the permissions associated with Systems Manager (SSM) documents." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_document_permission_1.yaml.bak b/queries/aws_ssm_document_permission_1.yaml.bak new file mode 100755 index 000000000..49572d9e9 --- /dev/null +++ b/queries/aws_ssm_document_permission_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ssm_document_permission_1 +Title: "Find AWS SSM Document Permissions with Details" +Description: "Allows users to query AWS SSM Document Permissions, providing detailed information about the permissions associated with Systems Manager (SSM) documents." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + document_name, + shared_account_id, + shared_document_version, + account_ids, + title + from + aws_ssm_document_permission + where + document_name = 'ConfigureS3BucketLogging'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_document_permission_2.yaml b/queries/aws_ssm_document_permission_2.yaml index 9c884361c..fcade6714 100755 --- a/queries/aws_ssm_document_permission_2.yaml +++ b/queries/aws_ssm_document_permission_2.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_document_permission_2 Title: "Find AWS SSM Document Permissions Information" Description: "Allows users to query AWS SSM Document Permissions, providing detailed information about the permissions associated with Systems Manager (SSM) documents." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_document_permission_2.yaml.bak b/queries/aws_ssm_document_permission_2.yaml.bak new file mode 100755 index 000000000..9c884361c --- /dev/null +++ b/queries/aws_ssm_document_permission_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ssm_document_permission_2 +Title: "Find AWS SSM Document Permissions Information" +Description: "Allows users to query AWS SSM Document Permissions, providing detailed information about the permissions associated with Systems Manager (SSM) documents." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + p.document_name, + p.shared_account_id, + p.shared_document_version, + d.approved_version, + d.attachments_information, + d.created_date, + d.default_version + from + aws_ssm_document_permission as p, + aws_ssm_document as d + where + p.document_name = 'ConfigureS3BucketLogging'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_inventory_1.yaml b/queries/aws_ssm_inventory_1.yaml index ca356ae4f..defa8b064 100755 --- a/queries/aws_ssm_inventory_1.yaml +++ b/queries/aws_ssm_inventory_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_inventory_1 Title: "List all Managed Instances in AWS Systems Manager Inventory" Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_inventory_1.yaml.bak b/queries/aws_ssm_inventory_1.yaml.bak new file mode 100755 index 000000000..defa8b064 --- /dev/null +++ b/queries/aws_ssm_inventory_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ssm_inventory_1 +Title: "List all Managed Instances in AWS Systems Manager Inventory" +Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + type_name, + capture_time, + schema_version, + content, + region + from + aws_ssm_inventory; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Systems Manager diff --git a/queries/aws_ssm_inventory_1.yaml.bak.bak b/queries/aws_ssm_inventory_1.yaml.bak.bak new file mode 100755 index 000000000..defa8b064 --- /dev/null +++ b/queries/aws_ssm_inventory_1.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_ssm_inventory_1 +Title: "List all Managed Instances in AWS Systems Manager Inventory" +Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + type_name, + capture_time, + schema_version, + content, + region + from + aws_ssm_inventory; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Systems Manager diff --git a/queries/aws_ssm_inventory_2.yaml b/queries/aws_ssm_inventory_2.yaml index fb04029e2..f4e92f6ef 100755 --- a/queries/aws_ssm_inventory_2.yaml +++ b/queries/aws_ssm_inventory_2.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_inventory_2 Title: "List all AWS Systems Manager Inventory details" Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_inventory_2.yaml.bak b/queries/aws_ssm_inventory_2.yaml.bak new file mode 100755 index 000000000..fb04029e2 --- /dev/null +++ b/queries/aws_ssm_inventory_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_ssm_inventory_2 +Title: "List all AWS Systems Manager Inventory details" +Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + si.id, + c ->> 'AgentType' as agent_type, + c ->> 'IpAddress' as ip_address, + c ->> 'AgentVersion' as agent_version, + c ->> 'ComputerName' as computer_name, + c ->> 'PlatformName' as platform_name, + c ->> 'PlatformType' as platform_type, + c ->> 'ResourceType' as resource_type, + c ->> 'InstanceStatus' as instance_status, + c ->> 'PlatformVersion' as platform_version + from + aws_ssm_inventory as si, + jsonb_array_elements(content) as c + where + id = 'i-0665a65b1a1c2b47g'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_inventory_3.yaml b/queries/aws_ssm_inventory_3.yaml index 4d6dcb4d8..dacd7675b 100755 --- a/queries/aws_ssm_inventory_3.yaml +++ b/queries/aws_ssm_inventory_3.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_inventory_3 Title: "List all AWS Systems Manager Inventory Details" Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_inventory_3.yaml.bak b/queries/aws_ssm_inventory_3.yaml.bak new file mode 100755 index 000000000..4d6dcb4d8 --- /dev/null +++ b/queries/aws_ssm_inventory_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ssm_inventory_3 +Title: "List all AWS Systems Manager Inventory Details" +Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + s ->> 'Version' as schema_version, + s ->> 'TypeName' as type_name, + s ->> 'DisplayName' as display_name, + jsonb_pretty(s -> 'Attributes') as attributes + from + aws_ssm_inventory, + jsonb_array_elements(schema) as s + order by + id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_inventory_4.yaml b/queries/aws_ssm_inventory_4.yaml index e602cc589..c4c28033e 100755 --- a/queries/aws_ssm_inventory_4.yaml +++ b/queries/aws_ssm_inventory_4.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_inventory_4 Title: "Find all AWS Systems Manager managed instances inventory" Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_inventory_4.yaml.bak b/queries/aws_ssm_inventory_4.yaml.bak new file mode 100755 index 000000000..e602cc589 --- /dev/null +++ b/queries/aws_ssm_inventory_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ssm_inventory_4 +Title: "Find all AWS Systems Manager managed instances inventory" +Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + type_name, + capture_time, + schema_version, + content + from + aws_ssm_inventory + where + capture_time >= now() - interval '10' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Systems Manager diff --git a/queries/aws_ssm_inventory_5.yaml b/queries/aws_ssm_inventory_5.yaml index 97d6c0615..93e903b64 100755 --- a/queries/aws_ssm_inventory_5.yaml +++ b/queries/aws_ssm_inventory_5.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_inventory_5 Title: "List AWS Systems Manager Inventory Managed Instances" Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_inventory_5.yaml.bak b/queries/aws_ssm_inventory_5.yaml.bak new file mode 100755 index 000000000..97d6c0615 --- /dev/null +++ b/queries/aws_ssm_inventory_5.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_ssm_inventory_5 +Title: "List AWS Systems Manager Inventory Managed Instances" +Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + v.id, + i.instance_state, + i.instance_type, + c ->> 'AgentType' as agent_type, + c ->> 'IpAddress' as ip_address, + c ->> 'AgentVersion' as agent_version, + c ->> 'ComputerName' as computer_name, + c ->> 'PlatformName' as platform_name, + c ->> 'PlatformType' as platform_type, + c ->> 'ResourceType' as resource_type, + c ->> 'InstanceStatus' as instance_status, + c ->> 'PlatformVersion' as platform_version + from + aws_ssm_inventory as v, + aws_ec2_instance as i, + jsonb_array_elements(content) as c + where + v.id = i.instance_id + and + i.instance_state = 'running'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_inventory_entry_1.yaml b/queries/aws_ssm_inventory_entry_1.yaml index 4d77fcbea..85e1f175c 100755 --- a/queries/aws_ssm_inventory_entry_1.yaml +++ b/queries/aws_ssm_inventory_entry_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_inventory_entry_1 Title: "List all AWS Systems Manager Inventory Entries" Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_inventory_entry_1.yaml.bak b/queries/aws_ssm_inventory_entry_1.yaml.bak new file mode 100755 index 000000000..4d77fcbea --- /dev/null +++ b/queries/aws_ssm_inventory_entry_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ssm_inventory_entry_1 +Title: "List all AWS Systems Manager Inventory Entries" +Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + type_name, + capture_time, + schema_version, + entries + from + aws_ssm_inventory_entry; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_inventory_entry_2.yaml b/queries/aws_ssm_inventory_entry_2.yaml index 94fbfc9fa..372015a53 100755 --- a/queries/aws_ssm_inventory_entry_2.yaml +++ b/queries/aws_ssm_inventory_entry_2.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_inventory_entry_2 Title: "List all AWS Systems Manager Inventory Entries" Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_inventory_entry_2.yaml.bak b/queries/aws_ssm_inventory_entry_2.yaml.bak new file mode 100755 index 000000000..94fbfc9fa --- /dev/null +++ b/queries/aws_ssm_inventory_entry_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ssm_inventory_entry_2 +Title: "List all AWS Systems Manager Inventory Entries" +Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + type_name, + capture_time, + schema_version, + entries + from + aws_ssm_inventory_entry + where + capture_time >= time() - interval '30 day'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_inventory_entry_3.yaml b/queries/aws_ssm_inventory_entry_3.yaml index 69b17e8d0..bab54b6bf 100755 --- a/queries/aws_ssm_inventory_entry_3.yaml +++ b/queries/aws_ssm_inventory_entry_3.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_inventory_entry_3 Title: "List AWS SSM Inventory Entry Details by Instance" Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_inventory_entry_3.yaml.bak b/queries/aws_ssm_inventory_entry_3.yaml.bak new file mode 100755 index 000000000..69b17e8d0 --- /dev/null +++ b/queries/aws_ssm_inventory_entry_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ssm_inventory_entry_3 +Title: "List AWS SSM Inventory Entry Details by Instance" +Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + e.instance_id, + e.type_name, + i.schema_version, + i.schema + from + aws_ssm_inventory_entry as e, + aws_ssm_inventory as i + where + i.id = e.instance_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_inventory_entry_4.yaml b/queries/aws_ssm_inventory_entry_4.yaml index 2cbb08155..ce5d38f00 100755 --- a/queries/aws_ssm_inventory_entry_4.yaml +++ b/queries/aws_ssm_inventory_entry_4.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_inventory_entry_4 Title: "Find AWS Systems Manager Inventory Entries" Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_inventory_entry_4.yaml.bak b/queries/aws_ssm_inventory_entry_4.yaml.bak new file mode 100755 index 000000000..2cbb08155 --- /dev/null +++ b/queries/aws_ssm_inventory_entry_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ssm_inventory_entry_4 +Title: "Find AWS Systems Manager Inventory Entries" +Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + e.instance_id, + e.type_name, + i.resource_type, + i.association_status, + i.computer_name, + i.ip_address, + i.is_latest_version + from + aws_ssm_inventory_entry as e, + aws_ssm_managed_instance as i + where + i.instance_id = e.instance_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Systems Manager diff --git a/queries/aws_ssm_inventory_entry_5.yaml b/queries/aws_ssm_inventory_entry_5.yaml index 2ff962941..10bfc3c6a 100755 --- a/queries/aws_ssm_inventory_entry_5.yaml +++ b/queries/aws_ssm_inventory_entry_5.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_inventory_entry_5 Title: "List all AWS Systems Manager Inventory Entries" Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_inventory_entry_5.yaml.bak b/queries/aws_ssm_inventory_entry_5.yaml.bak new file mode 100755 index 000000000..2ff962941 --- /dev/null +++ b/queries/aws_ssm_inventory_entry_5.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ssm_inventory_entry_5 +Title: "List all AWS Systems Manager Inventory Entries" +Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + type_name, + capture_time, + schema_version, + entries + from + aws_ssm_inventory_entry + where + instance_id = 'i-1234567890abcwd4f' + and + type_name like 'Custom%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_maintenance_window_1.yaml b/queries/aws_ssm_maintenance_window_1.yaml index ef2cb3682..db3db54c7 100755 --- a/queries/aws_ssm_maintenance_window_1.yaml +++ b/queries/aws_ssm_maintenance_window_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_maintenance_window_1 Title: "List AWS Systems Manager Maintenance Windows Details" Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_maintenance_window_1.yaml.bak b/queries/aws_ssm_maintenance_window_1.yaml.bak new file mode 100755 index 000000000..ef2cb3682 --- /dev/null +++ b/queries/aws_ssm_maintenance_window_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ssm_maintenance_window_1 +Title: "List AWS Systems Manager Maintenance Windows Details" +Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + window_id, + enabled, + schedule, + tags_src, + region + from + aws_ssm_maintenance_window; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_maintenance_window_2.yaml b/queries/aws_ssm_maintenance_window_2.yaml index 76aedc486..1a3059bcd 100755 --- a/queries/aws_ssm_maintenance_window_2.yaml +++ b/queries/aws_ssm_maintenance_window_2.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_maintenance_window_2 Title: "Find AWS Systems Manager Maintenance Windows Details" Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_maintenance_window_2.yaml.bak b/queries/aws_ssm_maintenance_window_2.yaml.bak new file mode 100755 index 000000000..76aedc486 --- /dev/null +++ b/queries/aws_ssm_maintenance_window_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ssm_maintenance_window_2 +Title: "Find AWS Systems Manager Maintenance Windows Details" +Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + p ->> 'WindowTargetId' as window_target_id, + p ->> 'ResourceType' as resource_type, + p ->> 'Name' as target_name + from + aws_ssm_maintenance_window, + jsonb_array_elements(targets) as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_maintenance_window_3.yaml b/queries/aws_ssm_maintenance_window_3.yaml index b80b4a855..fb6f8bf45 100755 --- a/queries/aws_ssm_maintenance_window_3.yaml +++ b/queries/aws_ssm_maintenance_window_3.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_maintenance_window_3 Title: "List All Maintenance Windows in AWS Systems Manager" Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_maintenance_window_3.yaml.bak b/queries/aws_ssm_maintenance_window_3.yaml.bak new file mode 100755 index 000000000..b80b4a855 --- /dev/null +++ b/queries/aws_ssm_maintenance_window_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ssm_maintenance_window_3 +Title: "List All Maintenance Windows in AWS Systems Manager" +Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + p ->> 'WindowTaskId' as window_task_id, + p ->> 'ServiceRoleArn' as service_role_arn, + p ->> 'Name' as task_name + from + aws_ssm_maintenance_window, + jsonb_array_elements(tasks) as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_maintenance_window_4.yaml b/queries/aws_ssm_maintenance_window_4.yaml index a94fb9142..1f8575a0b 100755 --- a/queries/aws_ssm_maintenance_window_4.yaml +++ b/queries/aws_ssm_maintenance_window_4.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_maintenance_window_4 Title: "List all AWS Systems Manager Maintenance Windows" Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_maintenance_window_4.yaml.bak b/queries/aws_ssm_maintenance_window_4.yaml.bak new file mode 100755 index 000000000..1f8575a0b --- /dev/null +++ b/queries/aws_ssm_maintenance_window_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ssm_maintenance_window_4 +Title: "List all AWS Systems Manager Maintenance Windows" +Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + window_id, + enabled + from + aws_ssm_maintenance_window + where + enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Systems Manager diff --git a/queries/aws_ssm_maintenance_window_4.yaml.bak.bak b/queries/aws_ssm_maintenance_window_4.yaml.bak.bak new file mode 100755 index 000000000..1f8575a0b --- /dev/null +++ b/queries/aws_ssm_maintenance_window_4.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_ssm_maintenance_window_4 +Title: "List all AWS Systems Manager Maintenance Windows" +Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + window_id, + enabled + from + aws_ssm_maintenance_window + where + enabled; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Systems Manager diff --git a/queries/aws_ssm_managed_instance_1.yaml b/queries/aws_ssm_managed_instance_1.yaml index 18ef6f441..1c735dc25 100755 --- a/queries/aws_ssm_managed_instance_1.yaml +++ b/queries/aws_ssm_managed_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_managed_instance_1 Title: "List all AWS SSM Managed Instances Configuration and Status" Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_managed_instance_1.yaml.bak b/queries/aws_ssm_managed_instance_1.yaml.bak new file mode 100755 index 000000000..18ef6f441 --- /dev/null +++ b/queries/aws_ssm_managed_instance_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ssm_managed_instance_1 +Title: "List all AWS SSM Managed Instances Configuration and Status" +Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + arn, + resource_type, + association_status, + agent_version, + platform_type + from + aws_ssm_managed_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Managed Instances diff --git a/queries/aws_ssm_managed_instance_2.yaml b/queries/aws_ssm_managed_instance_2.yaml index d2f07410c..e4a38333a 100755 --- a/queries/aws_ssm_managed_instance_2.yaml +++ b/queries/aws_ssm_managed_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_managed_instance_2 Title: "Find AWS SSM Managed Instances with Config and Status" Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_managed_instance_2.yaml.bak b/queries/aws_ssm_managed_instance_2.yaml.bak new file mode 100755 index 000000000..e4a38333a --- /dev/null +++ b/queries/aws_ssm_managed_instance_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ssm_managed_instance_2 +Title: "Find AWS SSM Managed Instances with Config and Status" +Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + arn, + resource_type, + association_status + from + aws_ssm_managed_instance + where + association_status is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Managed Instances diff --git a/queries/aws_ssm_managed_instance_2.yaml.bak.bak b/queries/aws_ssm_managed_instance_2.yaml.bak.bak new file mode 100755 index 000000000..e4a38333a --- /dev/null +++ b/queries/aws_ssm_managed_instance_2.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_ssm_managed_instance_2 +Title: "Find AWS SSM Managed Instances with Config and Status" +Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + arn, + resource_type, + association_status + from + aws_ssm_managed_instance + where + association_status is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Managed Instances diff --git a/queries/aws_ssm_managed_instance_3.yaml b/queries/aws_ssm_managed_instance_3.yaml index d00f4e19b..88f961fc4 100755 --- a/queries/aws_ssm_managed_instance_3.yaml +++ b/queries/aws_ssm_managed_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_managed_instance_3 Title: "List all AWS SSM Managed Instances with Configurations" Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_managed_instance_3.yaml.bak b/queries/aws_ssm_managed_instance_3.yaml.bak new file mode 100755 index 000000000..d00f4e19b --- /dev/null +++ b/queries/aws_ssm_managed_instance_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ssm_managed_instance_3 +Title: "List all AWS SSM Managed Instances with Configurations" +Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i.instance_id, + i.arn, + m.instance_id is not null as ssm_managed + from + aws_ec2_instance i + left join aws_ssm_managed_instance m on m.instance_id = i.instance_id + where + m.instance_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Managed Instance diff --git a/queries/aws_ssm_managed_instance_compliance_1.yaml b/queries/aws_ssm_managed_instance_compliance_1.yaml index c26c17a47..525700e2a 100755 --- a/queries/aws_ssm_managed_instance_compliance_1.yaml +++ b/queries/aws_ssm_managed_instance_compliance_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_managed_instance_compliance_1 Title: "List AWS SSM Managed Instance Compliance Details" Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_managed_instance_compliance_1.yaml.bak b/queries/aws_ssm_managed_instance_compliance_1.yaml.bak new file mode 100755 index 000000000..c26c17a47 --- /dev/null +++ b/queries/aws_ssm_managed_instance_compliance_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_ssm_managed_instance_compliance_1 +Title: "List AWS SSM Managed Instance Compliance Details" +Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + resource_id, + status, + compliance_type, + severity + from + aws_ssm_managed_instance_compliance + where + resource_id = 'i-2a3dc8b11ed9d37a'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Managed Instance Compliance diff --git a/queries/aws_ssm_managed_instance_compliance_2.yaml b/queries/aws_ssm_managed_instance_compliance_2.yaml index 1925bbc96..18fd9e46e 100755 --- a/queries/aws_ssm_managed_instance_compliance_2.yaml +++ b/queries/aws_ssm_managed_instance_compliance_2.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_managed_instance_compliance_2 Title: "Find AWS SSM Managed Instance Compliance Details" Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_managed_instance_compliance_2.yaml.bak b/queries/aws_ssm_managed_instance_compliance_2.yaml.bak new file mode 100755 index 000000000..1925bbc96 --- /dev/null +++ b/queries/aws_ssm_managed_instance_compliance_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ssm_managed_instance_compliance_2 +Title: "Find AWS SSM Managed Instance Compliance Details" +Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + resource_id as instance_id, + status, + compliance_type, + severity + from + aws_ssm_managed_instance_compliance + where + resource_id = 'i-2a3dc8b11ed9d37a' + and compliance_type = 'Association' + and status <> 'COMPLIANT'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM diff --git a/queries/aws_ssm_managed_instance_compliance_3.yaml b/queries/aws_ssm_managed_instance_compliance_3.yaml index 3cb697951..f68f8fa31 100755 --- a/queries/aws_ssm_managed_instance_compliance_3.yaml +++ b/queries/aws_ssm_managed_instance_compliance_3.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_managed_instance_compliance_3 Title: "Find AWS SSM Managed Instance Compliance Data" Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_managed_instance_compliance_3.yaml.bak b/queries/aws_ssm_managed_instance_compliance_3.yaml.bak new file mode 100755 index 000000000..3cb697951 --- /dev/null +++ b/queries/aws_ssm_managed_instance_compliance_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_ssm_managed_instance_compliance_3 +Title: "Find AWS SSM Managed Instance Compliance Data" +Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + resource_id as instance_id, + status, + compliance_type, + severity + from + aws_ssm_managed_instance_compliance + where + resource_id = 'i-2a3dc8b11ed9d37a' + and compliance_type = 'Patch' + and status <> 'COMPLIANT'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS SSM diff --git a/queries/aws_ssm_managed_instance_compliance_4.yaml b/queries/aws_ssm_managed_instance_compliance_4.yaml index 2bb7342b0..7582cbb21 100755 --- a/queries/aws_ssm_managed_instance_compliance_4.yaml +++ b/queries/aws_ssm_managed_instance_compliance_4.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_managed_instance_compliance_4 Title: "List all AWS SSM Managed Instance Compliance Details" Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_managed_instance_compliance_4.yaml.bak b/queries/aws_ssm_managed_instance_compliance_4.yaml.bak new file mode 100755 index 000000000..2bb7342b0 --- /dev/null +++ b/queries/aws_ssm_managed_instance_compliance_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_ssm_managed_instance_compliance_4 +Title: "List all AWS SSM Managed Instance Compliance Details" +Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + c.resource_id as instance_id, + id, + status + from + aws_ssm_managed_instance i, + aws_ssm_managed_instance_compliance c + where + i.instance_id = c.resource_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM diff --git a/queries/aws_ssm_managed_instance_patch_state_1.yaml b/queries/aws_ssm_managed_instance_patch_state_1.yaml index 93755c331..bd75c7318 100755 --- a/queries/aws_ssm_managed_instance_patch_state_1.yaml +++ b/queries/aws_ssm_managed_instance_patch_state_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_managed_instance_patch_state_1 Title: "Find AWS Managed Instance Patch States in SSM" Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_managed_instance_patch_state_1.yaml.bak b/queries/aws_ssm_managed_instance_patch_state_1.yaml.bak new file mode 100755 index 000000000..93755c331 --- /dev/null +++ b/queries/aws_ssm_managed_instance_patch_state_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ssm_managed_instance_patch_state_1 +Title: "Find AWS Managed Instance Patch States in SSM" +Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + baseline_id, + operation, + patch_group, + failed_count, + installed_count, + installed_other_count + from + aws_ssm_managed_instance_patch_state; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager Managed Instance diff --git a/queries/aws_ssm_managed_instance_patch_state_2.yaml b/queries/aws_ssm_managed_instance_patch_state_2.yaml index 4e7a9d7b4..55edee1c1 100755 --- a/queries/aws_ssm_managed_instance_patch_state_2.yaml +++ b/queries/aws_ssm_managed_instance_patch_state_2.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_managed_instance_patch_state_2 Title: "Find AWS Systems Manager Managed Instance Patch State Details" Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_managed_instance_patch_state_2.yaml.bak b/queries/aws_ssm_managed_instance_patch_state_2.yaml.bak new file mode 100755 index 000000000..4e7a9d7b4 --- /dev/null +++ b/queries/aws_ssm_managed_instance_patch_state_2.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_ssm_managed_instance_patch_state_2 +Title: "Find AWS Systems Manager Managed Instance Patch State Details" +Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + baseline_id, + installed_count + from + aws_ssm_managed_instance_patch_state; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Systems Manager diff --git a/queries/aws_ssm_managed_instance_patch_state_3.yaml b/queries/aws_ssm_managed_instance_patch_state_3.yaml index 1bd1f36fb..d0386856a 100755 --- a/queries/aws_ssm_managed_instance_patch_state_3.yaml +++ b/queries/aws_ssm_managed_instance_patch_state_3.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_managed_instance_patch_state_3 Title: "List all AWS SSM Managed Instance Patch State" Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_managed_instance_patch_state_3.yaml.bak b/queries/aws_ssm_managed_instance_patch_state_3.yaml.bak new file mode 100755 index 000000000..1bd1f36fb --- /dev/null +++ b/queries/aws_ssm_managed_instance_patch_state_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ssm_managed_instance_patch_state_3 +Title: "List all AWS SSM Managed Instance Patch State" +Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + baseline_id, + installed_other_count + from + aws_ssm_managed_instance_patch_state; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_managed_instance_patch_state_4.yaml b/queries/aws_ssm_managed_instance_patch_state_4.yaml index 52f75f126..40205cceb 100755 --- a/queries/aws_ssm_managed_instance_patch_state_4.yaml +++ b/queries/aws_ssm_managed_instance_patch_state_4.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_managed_instance_patch_state_4 Title: "Find AWS Systems Manager Managed Instance Patch State" Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_managed_instance_patch_state_4.yaml.bak b/queries/aws_ssm_managed_instance_patch_state_4.yaml.bak new file mode 100755 index 000000000..52f75f126 --- /dev/null +++ b/queries/aws_ssm_managed_instance_patch_state_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ssm_managed_instance_patch_state_4 +Title: "Find AWS Systems Manager Managed Instance Patch State" +Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + baseline_id, + security_non_compliant_count + from + aws_ssm_managed_instance_patch_state; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_managed_instance_patch_state_5.yaml b/queries/aws_ssm_managed_instance_patch_state_5.yaml index 04a4ba10a..0fadf4051 100755 --- a/queries/aws_ssm_managed_instance_patch_state_5.yaml +++ b/queries/aws_ssm_managed_instance_patch_state_5.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_managed_instance_patch_state_5 Title: "List AWS SSM Managed Instance Patch States" Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_managed_instance_patch_state_5.yaml.bak b/queries/aws_ssm_managed_instance_patch_state_5.yaml.bak new file mode 100755 index 000000000..04a4ba10a --- /dev/null +++ b/queries/aws_ssm_managed_instance_patch_state_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ssm_managed_instance_patch_state_5 +Title: "List AWS SSM Managed Instance Patch States" +Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + baseline_id, + operation, + operation_end_time, + operation_start_time + from + aws_ssm_managed_instance_patch_state + where + operation_end_time >= now() - interval '10' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Systems Manager diff --git a/queries/aws_ssm_managed_instance_patch_state_6.yaml b/queries/aws_ssm_managed_instance_patch_state_6.yaml index 2c4349283..8ff54b166 100755 --- a/queries/aws_ssm_managed_instance_patch_state_6.yaml +++ b/queries/aws_ssm_managed_instance_patch_state_6.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_managed_instance_patch_state_6 Title: "Find AWS Systems Manager Managed Instance Patch State" Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_managed_instance_patch_state_6.yaml.bak b/queries/aws_ssm_managed_instance_patch_state_6.yaml.bak new file mode 100755 index 000000000..2c4349283 --- /dev/null +++ b/queries/aws_ssm_managed_instance_patch_state_6.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ssm_managed_instance_patch_state_6 +Title: "Find AWS Systems Manager Managed Instance Patch State" +Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + instance_id, + baseline_id, + operation + from + aws_ssm_managed_instance_patch_state + where + operation = 'Scan'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager diff --git a/queries/aws_ssm_parameter_1.yaml b/queries/aws_ssm_parameter_1.yaml index f8dae9f94..7c7a359cf 100755 --- a/queries/aws_ssm_parameter_1.yaml +++ b/queries/aws_ssm_parameter_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_parameter_1 Title: "Find AWS Systems Manager Parameters and Metadata" Description: "Allows users to query AWS Systems Manager Parameter Store to retrieve information about parameters, their types, values, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_parameter_1.yaml.bak b/queries/aws_ssm_parameter_1.yaml.bak new file mode 100755 index 000000000..f8dae9f94 --- /dev/null +++ b/queries/aws_ssm_parameter_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_ssm_parameter_1 +Title: "Find AWS Systems Manager Parameters and Metadata" +Description: "Allows users to query AWS Systems Manager Parameter Store to retrieve information about parameters, their types, values, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + type, + data_type, + tier, + region + from + aws_ssm_parameter; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager Parameter Store diff --git a/queries/aws_ssm_parameter_2.yaml b/queries/aws_ssm_parameter_2.yaml index 8f48623c4..c4fe7a7c4 100755 --- a/queries/aws_ssm_parameter_2.yaml +++ b/queries/aws_ssm_parameter_2.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_parameter_2 Title: "List AWS SSM Parameters with Details" Description: "Allows users to query AWS Systems Manager Parameter Store to retrieve information about parameters, their types, values, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_parameter_2.yaml.bak b/queries/aws_ssm_parameter_2.yaml.bak new file mode 100755 index 000000000..8f48623c4 --- /dev/null +++ b/queries/aws_ssm_parameter_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ssm_parameter_2 +Title: "List AWS SSM Parameters with Details" +Description: "Allows users to query AWS Systems Manager Parameter Store to retrieve information about parameters, their types, values, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + tier, + p ->> 'PolicyType' as policy_type, + p ->> 'PolicyStatus' as Policy_status, + p ->> 'PolicyText' as policy_text + from + aws_ssm_parameter, + jsonb_array_elements(policies) as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Systems Manager Parameter Store diff --git a/queries/aws_ssm_parameter_3.yaml b/queries/aws_ssm_parameter_3.yaml index de84a5d8a..ba07d73e0 100755 --- a/queries/aws_ssm_parameter_3.yaml +++ b/queries/aws_ssm_parameter_3.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_parameter_3 Title: "List all AWS SSM Parameters missing owner or app_id" Description: "Allows users to query AWS Systems Manager Parameter Store to retrieve information about parameters, their types, values, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_parameter_3.yaml.bak b/queries/aws_ssm_parameter_3.yaml.bak new file mode 100755 index 000000000..de84a5d8a --- /dev/null +++ b/queries/aws_ssm_parameter_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ssm_parameter_3 +Title: "List all AWS SSM Parameters missing owner or app_id" +Description: "Allows users to query AWS Systems Manager Parameter Store to retrieve information about parameters, their types, values, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name + from + aws_ssm_parameter + where + tags -> 'owner' is null + or tags -> 'app_id' is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Systems Manager Parameter Store diff --git a/queries/aws_ssm_patch_baseline_1.yaml b/queries/aws_ssm_patch_baseline_1.yaml index 0d0891041..8c890f734 100755 --- a/queries/aws_ssm_patch_baseline_1.yaml +++ b/queries/aws_ssm_patch_baseline_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_patch_baseline_1 Title: "List all AWS SSM Patch Baselines with Details" Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_patch_baseline_1.yaml.bak b/queries/aws_ssm_patch_baseline_1.yaml.bak new file mode 100755 index 000000000..0d0891041 --- /dev/null +++ b/queries/aws_ssm_patch_baseline_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ssm_patch_baseline_1 +Title: "List all AWS SSM Patch Baselines with Details" +Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + baseline_id, + name, + description, + operating_system, + created_date, + region + from + aws_ssm_patch_baseline; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Patch diff --git a/queries/aws_ssm_patch_baseline_2.yaml b/queries/aws_ssm_patch_baseline_2.yaml index 97d5953e0..73d033045 100755 --- a/queries/aws_ssm_patch_baseline_2.yaml +++ b/queries/aws_ssm_patch_baseline_2.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_patch_baseline_2 Title: "Find AWS SSM Patch Baseline details including creation dates" Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_patch_baseline_2.yaml.bak b/queries/aws_ssm_patch_baseline_2.yaml.bak new file mode 100755 index 000000000..97d5953e0 --- /dev/null +++ b/queries/aws_ssm_patch_baseline_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ssm_patch_baseline_2 +Title: "Find AWS SSM Patch Baseline details including creation dates" +Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + baseline_id, + name, + description, + created_date, + region + from + aws_ssm_patch_baseline + where + operating_system = 'UBUNTU'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Patch Baseline diff --git a/queries/aws_ssm_patch_baseline_3.yaml b/queries/aws_ssm_patch_baseline_3.yaml index 3f21463fc..802c43db0 100755 --- a/queries/aws_ssm_patch_baseline_3.yaml +++ b/queries/aws_ssm_patch_baseline_3.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_patch_baseline_3 Title: "List all AWS SSM Patch Baseline Details" Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_patch_baseline_3.yaml.bak b/queries/aws_ssm_patch_baseline_3.yaml.bak new file mode 100755 index 000000000..3f21463fc --- /dev/null +++ b/queries/aws_ssm_patch_baseline_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ssm_patch_baseline_3 +Title: "List all AWS SSM Patch Baseline Details" +Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + baseline_id, + name, + description, + operating_system, + created_date, + rejected_patches, + region + from + aws_ssm_patch_baseline + where + rejected_patches != '[]'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Patch Baseline diff --git a/queries/aws_ssm_patch_baseline_4.yaml b/queries/aws_ssm_patch_baseline_4.yaml index 091c40157..67e1f586c 100755 --- a/queries/aws_ssm_patch_baseline_4.yaml +++ b/queries/aws_ssm_patch_baseline_4.yaml @@ -1,7 +1,7 @@ ID: aws_ssm_patch_baseline_4 Title: "Find all AWS SSM Patch Baselines and Approval Rules" Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssm_patch_baseline_4.yaml.bak b/queries/aws_ssm_patch_baseline_4.yaml.bak new file mode 100755 index 000000000..091c40157 --- /dev/null +++ b/queries/aws_ssm_patch_baseline_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ssm_patch_baseline_4 +Title: "Find all AWS SSM Patch Baselines and Approval Rules" +Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + baseline_id, + p ->> 'ApproveAfterDays' as approve_after_days, + p ->> 'ApproveUntilDate' as approve_until_date, + p ->> 'ComplianceLevel' as compliance_level, + p -> 'PatchFilterGroup' ->> 'PatchFilters' as patch_filters + from + aws_ssm_patch_baseline, + jsonb_array_elements(approval_rules -> 'PatchRules') as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Patch Baseline diff --git a/queries/aws_ssmincidents_response_plan_1.yaml b/queries/aws_ssmincidents_response_plan_1.yaml index 3d034819b..fe0f66d46 100755 --- a/queries/aws_ssmincidents_response_plan_1.yaml +++ b/queries/aws_ssmincidents_response_plan_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssmincidents_response_plan_1 Title: "List AWS SSM Incidents Response Plan Data" Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssmincidents_response_plan_1.yaml.bak b/queries/aws_ssmincidents_response_plan_1.yaml.bak new file mode 100755 index 000000000..3d034819b --- /dev/null +++ b/queries/aws_ssmincidents_response_plan_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ssmincidents_response_plan_1 +Title: "List AWS SSM Incidents Response Plan Data" +Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + display_name, + chat_channel, + incident_template, + integrations, + title + from + aws_ssmincidents_response_plan; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Incidents diff --git a/queries/aws_ssmincidents_response_plan_2.yaml b/queries/aws_ssmincidents_response_plan_2.yaml index 2272e7baf..d9fb7c7ef 100755 --- a/queries/aws_ssmincidents_response_plan_2.yaml +++ b/queries/aws_ssmincidents_response_plan_2.yaml @@ -1,7 +1,7 @@ ID: aws_ssmincidents_response_plan_2 Title: "List all AWS SSM Incident Response Plan Data" Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssmincidents_response_plan_2.yaml.bak b/queries/aws_ssmincidents_response_plan_2.yaml.bak new file mode 100755 index 000000000..2272e7baf --- /dev/null +++ b/queries/aws_ssmincidents_response_plan_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_ssmincidents_response_plan_2 +Title: "List all AWS SSM Incident Response Plan Data" +Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + display_name, + chat_channel, + incident_template, + integrations, + title + from + aws_ssmincidents_response_plan + where + chat_channel is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Incidents diff --git a/queries/aws_ssmincidents_response_plan_3.yaml b/queries/aws_ssmincidents_response_plan_3.yaml index 30fbb463d..fd6d7076c 100755 --- a/queries/aws_ssmincidents_response_plan_3.yaml +++ b/queries/aws_ssmincidents_response_plan_3.yaml @@ -1,7 +1,7 @@ ID: aws_ssmincidents_response_plan_3 Title: "Find all Information on AWS SSM Incidents Response Plans" Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssmincidents_response_plan_3.yaml.bak b/queries/aws_ssmincidents_response_plan_3.yaml.bak new file mode 100755 index 000000000..30fbb463d --- /dev/null +++ b/queries/aws_ssmincidents_response_plan_3.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_ssmincidents_response_plan_3 +Title: "Find all Information on AWS SSM Incidents Response Plans" +Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + display_name, + incident_template -> 'Impact' as incident_template_impact, + incident_template -> 'Title' as incident_template_title, + incident_template -> 'DedupeString', + incident_template -> 'IncidentTags' as incident_template_tags, + incident_template -> 'NotificationTargets' as incident_notification_targets, + incident_template -> 'Summary' as incident_template_summary, + title + from + aws_ssmincidents_response_plan + where + incident_template is not null + and arn = 'arn:aws:ssm-incidents::111111111111:response-plan/response-plan-test'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Incidents diff --git a/queries/aws_ssmincidents_response_plan_4.yaml b/queries/aws_ssmincidents_response_plan_4.yaml index 196693f74..75eb1ee67 100755 --- a/queries/aws_ssmincidents_response_plan_4.yaml +++ b/queries/aws_ssmincidents_response_plan_4.yaml @@ -1,7 +1,7 @@ ID: aws_ssmincidents_response_plan_4 Title: "Find AWS SSM Incident Response Plans with Integrations" Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssmincidents_response_plan_4.yaml.bak b/queries/aws_ssmincidents_response_plan_4.yaml.bak new file mode 100755 index 000000000..196693f74 --- /dev/null +++ b/queries/aws_ssmincidents_response_plan_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_ssmincidents_response_plan_4 +Title: "Find AWS SSM Incident Response Plans with Integrations" +Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + display_name, + jsonb_pretty(integrations), + title + from + aws_ssmincidents_response_plan + where + integrations is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Incidents diff --git a/queries/aws_ssmincidents_response_plan_5.yaml b/queries/aws_ssmincidents_response_plan_5.yaml index 6de9377a3..be9d81022 100755 --- a/queries/aws_ssmincidents_response_plan_5.yaml +++ b/queries/aws_ssmincidents_response_plan_5.yaml @@ -1,7 +1,7 @@ ID: aws_ssmincidents_response_plan_5 Title: "Find AWS SSM Incidents Response Plan Information" Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssmincidents_response_plan_5.yaml.bak b/queries/aws_ssmincidents_response_plan_5.yaml.bak new file mode 100755 index 000000000..6de9377a3 --- /dev/null +++ b/queries/aws_ssmincidents_response_plan_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ssmincidents_response_plan_5 +Title: "Find AWS SSM Incidents Response Plan Information" +Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + display_name, + jsonb_pretty(engagements), + title + from + aws_ssmincidents_response_plan + where + engagements is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - SSM Incidents diff --git a/queries/aws_ssoadmin_account_assignment_1.yaml b/queries/aws_ssoadmin_account_assignment_1.yaml index a4f5fd37e..7325cd075 100755 --- a/queries/aws_ssoadmin_account_assignment_1.yaml +++ b/queries/aws_ssoadmin_account_assignment_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssoadmin_account_assignment_1 Title: "Find AWS SSO Admin Account Assignments" Description: "Allows users to query AWS SSO Admin Account Assignments. This table provides information about each AWS SSO admin account assignment within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssoadmin_account_assignment_1.yaml.bak b/queries/aws_ssoadmin_account_assignment_1.yaml.bak new file mode 100755 index 000000000..a4f5fd37e --- /dev/null +++ b/queries/aws_ssoadmin_account_assignment_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ssoadmin_account_assignment_1 +Title: "Find AWS SSO Admin Account Assignments" +Description: "Allows users to query AWS SSO Admin Account Assignments. This table provides information about each AWS SSO admin account assignment within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + permission_set_arn, + target_account_id, + principal_type, + principal_id + from + aws_ssoadmin_account_assignment + where + permission_set_arn = 'arn:aws:sso:::permissionSet/ssoins-0123456789abcdef/ps-0123456789abcdef' + and target_account_id = '012347678910'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS SSO Admin diff --git a/queries/aws_ssoadmin_account_assignment_2.yaml b/queries/aws_ssoadmin_account_assignment_2.yaml index 67ea5dac1..5f8206e99 100755 --- a/queries/aws_ssoadmin_account_assignment_2.yaml +++ b/queries/aws_ssoadmin_account_assignment_2.yaml @@ -1,7 +1,7 @@ ID: aws_ssoadmin_account_assignment_2 Title: "Find All AWS SSO Admin Account Assignments with SQL" Description: "Allows users to query AWS SSO Admin Account Assignments. This table provides information about each AWS SSO admin account assignment within an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssoadmin_account_assignment_2.yaml.bak b/queries/aws_ssoadmin_account_assignment_2.yaml.bak new file mode 100755 index 000000000..67ea5dac1 --- /dev/null +++ b/queries/aws_ssoadmin_account_assignment_2.yaml.bak @@ -0,0 +1,55 @@ +ID: aws_ssoadmin_account_assignment_2 +Title: "Find All AWS SSO Admin Account Assignments with SQL" +Description: "Allows users to query AWS SSO Admin Account Assignments. This table provides information about each AWS SSO admin account assignment within an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with aws_ssoadmin_principal as + ( + select + i.arn as instance_arn, + 'GROUP' as "type", + g.id, + g.title + from + aws_ssoadmin_instance i + left join + aws_identitystore_group g + on i.identity_store_id = g.identity_store_id + union + select + i.arn as instance_arn, + 'USER' as "type", + u.id, + u.title + from + aws_ssoadmin_instance i + left join + aws_identitystore_user u + on i.identity_store_id = u.identity_store_id + ) + select + a.target_account_id, + a.principal_type, + p.title as principal_title + from + aws_ssoadmin_account_assignment a + left join + aws_ssoadmin_principal p + on a.principal_type = p.type + and a.principal_id = p.id + and a.instance_arn = p.instance_arn + where + a.target_account_id = '012345678901' and a.permission_set_arn = 'arn:aws:sso:::permissionSet/ssoins-0123456789abcdef/ps-0123456789abcdef'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - SSO Admin diff --git a/queries/aws_ssoadmin_instance_1.yaml b/queries/aws_ssoadmin_instance_1.yaml index 108f25b92..81af859b2 100755 --- a/queries/aws_ssoadmin_instance_1.yaml +++ b/queries/aws_ssoadmin_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssoadmin_instance_1 Title: "Find All AWS SSO Admin Instances and Identity Stores" Description: "Allows users to query AWS SSO Admin Instance, providing information about each AWS SSO instance in your AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssoadmin_instance_1.yaml.bak b/queries/aws_ssoadmin_instance_1.yaml.bak new file mode 100755 index 000000000..108f25b92 --- /dev/null +++ b/queries/aws_ssoadmin_instance_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_ssoadmin_instance_1 +Title: "Find All AWS SSO Admin Instances and Identity Stores" +Description: "Allows users to query AWS SSO Admin Instance, providing information about each AWS SSO instance in your AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + identity_store_id + from + aws_ssoadmin_instance + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS SSO Admin diff --git a/queries/aws_ssoadmin_managed_policy_attachment_1.yaml b/queries/aws_ssoadmin_managed_policy_attachment_1.yaml index 04f1f984f..5a1d676c0 100755 --- a/queries/aws_ssoadmin_managed_policy_attachment_1.yaml +++ b/queries/aws_ssoadmin_managed_policy_attachment_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssoadmin_managed_policy_attachment_1 Title: "List All AWS SSO Managed Policy Attachments" Description: "Allows users to query AWS SSO Managed Policy Attachments, providing information about the managed policy attachments of AWS SSO permission sets." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssoadmin_managed_policy_attachment_1.yaml.bak b/queries/aws_ssoadmin_managed_policy_attachment_1.yaml.bak new file mode 100755 index 000000000..04f1f984f --- /dev/null +++ b/queries/aws_ssoadmin_managed_policy_attachment_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_ssoadmin_managed_policy_attachment_1 +Title: "List All AWS SSO Managed Policy Attachments" +Description: "Allows users to query AWS SSO Managed Policy Attachments, providing information about the managed policy attachments of AWS SSO permission sets." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + mpa.managed_policy_arn, + mpa.name + from + aws_ssoadmin_managed_policy_attachment as mpa + join + aws_ssoadmin_permission_set as ps on mpa.permission_set_arn = ps.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS SSO diff --git a/queries/aws_ssoadmin_permission_set_1.yaml b/queries/aws_ssoadmin_permission_set_1.yaml index 74508889d..d3e831afb 100755 --- a/queries/aws_ssoadmin_permission_set_1.yaml +++ b/queries/aws_ssoadmin_permission_set_1.yaml @@ -1,7 +1,7 @@ ID: aws_ssoadmin_permission_set_1 Title: "List all AWS SSO Permission Sets and their Details" Description: "Allows users to query AWS SSO Admin Permission Set to retrieve data related to the permissions sets of AWS Single Sign-On (SSO) service." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_ssoadmin_permission_set_1.yaml.bak b/queries/aws_ssoadmin_permission_set_1.yaml.bak new file mode 100755 index 000000000..74508889d --- /dev/null +++ b/queries/aws_ssoadmin_permission_set_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_ssoadmin_permission_set_1 +Title: "List all AWS SSO Permission Sets and their Details" +Description: "Allows users to query AWS SSO Admin Permission Set to retrieve data related to the permissions sets of AWS Single Sign-On (SSO) service." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + created_date, + description, + relay_state, + session_duration, + tags + from + aws_ssoadmin_permission_set; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - SSO Admin diff --git a/queries/aws_sts_caller_identity_1.yaml b/queries/aws_sts_caller_identity_1.yaml index 94903673c..63f5f34d1 100755 --- a/queries/aws_sts_caller_identity_1.yaml +++ b/queries/aws_sts_caller_identity_1.yaml @@ -1,7 +1,7 @@ ID: aws_sts_caller_identity_1 Title: "Find IAM User or Role Details in AWS STS Caller Identity" Description: "Allows users to query AWS Security Token Service Caller Identity to retrieve details about the IAM user or role whose credentials are used to call the operation." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sts_caller_identity_1.yaml.bak b/queries/aws_sts_caller_identity_1.yaml.bak new file mode 100755 index 000000000..94903673c --- /dev/null +++ b/queries/aws_sts_caller_identity_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_sts_caller_identity_1 +Title: "Find IAM User or Role Details in AWS STS Caller Identity" +Description: "Allows users to query AWS Security Token Service Caller Identity to retrieve details about the IAM user or role whose credentials are used to call the operation." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + user_id, + title, + account_id, + akas + from + aws_sts_caller_identity; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Token Service diff --git a/queries/aws_sts_caller_identity_2.yaml b/queries/aws_sts_caller_identity_2.yaml index 4fb53a1d3..2d29addb4 100755 --- a/queries/aws_sts_caller_identity_2.yaml +++ b/queries/aws_sts_caller_identity_2.yaml @@ -1,7 +1,7 @@ ID: aws_sts_caller_identity_2 Title: "Find AWS STS Caller Identity Details Using SQL" Description: "Allows users to query AWS Security Token Service Caller Identity to retrieve details about the IAM user or role whose credentials are used to call the operation." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sts_caller_identity_2.yaml.bak b/queries/aws_sts_caller_identity_2.yaml.bak new file mode 100755 index 000000000..4fb53a1d3 --- /dev/null +++ b/queries/aws_sts_caller_identity_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_sts_caller_identity_2 +Title: "Find AWS STS Caller Identity Details Using SQL" +Description: "Allows users to query AWS Security Token Service Caller Identity to retrieve details about the IAM user or role whose credentials are used to call the operation." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + caller_identity.arn, + caller_identity.user_id, + caller_identity.title, + caller_identity.account_id, + u.name, + u.create_date, + u.password_last_used + from + aws_sts_caller_identity as caller_identity, + aws_iam_user as u + where + caller_identity.user_id = u.user_id + and caller_identity.arn like '%assumed%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Security Token Service diff --git a/queries/aws_sts_caller_identity_3.yaml b/queries/aws_sts_caller_identity_3.yaml index df9ed2d0d..3377edacc 100755 --- a/queries/aws_sts_caller_identity_3.yaml +++ b/queries/aws_sts_caller_identity_3.yaml @@ -1,7 +1,7 @@ ID: aws_sts_caller_identity_3 Title: "Find AWS Security Token Service Caller Identity Details" Description: "Allows users to query AWS Security Token Service Caller Identity to retrieve details about the IAM user or role whose credentials are used to call the operation." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_sts_caller_identity_3.yaml.bak b/queries/aws_sts_caller_identity_3.yaml.bak new file mode 100755 index 000000000..df9ed2d0d --- /dev/null +++ b/queries/aws_sts_caller_identity_3.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_sts_caller_identity_3 +Title: "Find AWS Security Token Service Caller Identity Details" +Description: "Allows users to query AWS Security Token Service Caller Identity to retrieve details about the IAM user or role whose credentials are used to call the operation." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + caller_identity.arn, + caller_identity.user_id, + caller_identity.title, + caller_identity.account_id, + u.name, + u.create_date, + u.password_last_used + from + aws_sts_caller_identity as caller_identity, + aws_iam_user as u + where + caller_identity.user_id = u.user_id + and caller_identity.arn like '%federated%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Security Token Service diff --git a/queries/aws_tagging_resource_1.yaml b/queries/aws_tagging_resource_1.yaml index 3a6addde3..033713381 100755 --- a/queries/aws_tagging_resource_1.yaml +++ b/queries/aws_tagging_resource_1.yaml @@ -1,7 +1,7 @@ ID: aws_tagging_resource_1 Title: "List AWS Resource Tagging API Details with SQL" Description: "Allows users to query AWS Resource Tagging API to get details about resources and their associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_tagging_resource_1.yaml.bak b/queries/aws_tagging_resource_1.yaml.bak new file mode 100755 index 000000000..033713381 --- /dev/null +++ b/queries/aws_tagging_resource_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_tagging_resource_1 +Title: "List AWS Resource Tagging API Details with SQL" +Description: "Allows users to query AWS Resource Tagging API to get details about resources and their associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + compliance_status, + tags, + region + from + aws_tagging_resource; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Resource Tagging API diff --git a/queries/aws_tagging_resource_1.yaml.bak.bak b/queries/aws_tagging_resource_1.yaml.bak.bak new file mode 100755 index 000000000..033713381 --- /dev/null +++ b/queries/aws_tagging_resource_1.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_tagging_resource_1 +Title: "List AWS Resource Tagging API Details with SQL" +Description: "Allows users to query AWS Resource Tagging API to get details about resources and their associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + compliance_status, + tags, + region + from + aws_tagging_resource; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Resource Tagging API diff --git a/queries/aws_tagging_resource_2.yaml b/queries/aws_tagging_resource_2.yaml index 76f340e85..94d903c1c 100755 --- a/queries/aws_tagging_resource_2.yaml +++ b/queries/aws_tagging_resource_2.yaml @@ -1,7 +1,7 @@ ID: aws_tagging_resource_2 Title: "List all AWS Resource Tagging API details with SQL" Description: "Allows users to query AWS Resource Tagging API to get details about resources and their associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_tagging_resource_2.yaml.bak b/queries/aws_tagging_resource_2.yaml.bak new file mode 100755 index 000000000..76f340e85 --- /dev/null +++ b/queries/aws_tagging_resource_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_tagging_resource_2 +Title: "List all AWS Resource Tagging API details with SQL" +Description: "Allows users to query AWS Resource Tagging API to get details about resources and their associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + tags, + compliance_status + from + aws_tagging_resource + where + compliance_status; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Resource Tagging API diff --git a/queries/aws_timestreamwrite_database_1.yaml b/queries/aws_timestreamwrite_database_1.yaml index e5de61183..f6219b71e 100755 --- a/queries/aws_timestreamwrite_database_1.yaml +++ b/queries/aws_timestreamwrite_database_1.yaml @@ -1,7 +1,7 @@ ID: aws_timestreamwrite_database_1 Title: "List all AWS Timestream database configurations and statuses" Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_timestreamwrite_database_1.yaml.bak b/queries/aws_timestreamwrite_database_1.yaml.bak new file mode 100755 index 000000000..e5de61183 --- /dev/null +++ b/queries/aws_timestreamwrite_database_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_timestreamwrite_database_1 +Title: "List all AWS Timestream database configurations and statuses" +Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + database_name, + arn, + creation_time, + region, + kms_key_id + from + aws_timestreamwrite_database; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Timestream diff --git a/queries/aws_timestreamwrite_database_2.yaml b/queries/aws_timestreamwrite_database_2.yaml index f5e338ae7..253652761 100755 --- a/queries/aws_timestreamwrite_database_2.yaml +++ b/queries/aws_timestreamwrite_database_2.yaml @@ -1,7 +1,7 @@ ID: aws_timestreamwrite_database_2 Title: "Find all AWS Timestream Databases with Configurations" Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_timestreamwrite_database_2.yaml.bak b/queries/aws_timestreamwrite_database_2.yaml.bak new file mode 100755 index 000000000..f5e338ae7 --- /dev/null +++ b/queries/aws_timestreamwrite_database_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_timestreamwrite_database_2 +Title: "Find all AWS Timestream Databases with Configurations" +Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + database_name, + arn, + kms_key_id + from + aws_timestreamwrite_database + where + kms_key_id = 'your-kms-key-id'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Timestream diff --git a/queries/aws_timestreamwrite_database_3.yaml b/queries/aws_timestreamwrite_database_3.yaml index 2ae4bd56c..33610cece 100755 --- a/queries/aws_timestreamwrite_database_3.yaml +++ b/queries/aws_timestreamwrite_database_3.yaml @@ -1,7 +1,7 @@ ID: aws_timestreamwrite_database_3 Title: "List all AWS Timestream Database Configurations, Statuses" Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_timestreamwrite_database_3.yaml.bak b/queries/aws_timestreamwrite_database_3.yaml.bak new file mode 100755 index 000000000..33610cece --- /dev/null +++ b/queries/aws_timestreamwrite_database_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_timestreamwrite_database_3 +Title: "List all AWS Timestream Database Configurations, Statuses" +Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + database_name, + arn, + creation_time + from + aws_timestreamwrite_database + order by + creation_time desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Timestream diff --git a/queries/aws_timestreamwrite_database_3.yaml.bak.bak b/queries/aws_timestreamwrite_database_3.yaml.bak.bak new file mode 100755 index 000000000..33610cece --- /dev/null +++ b/queries/aws_timestreamwrite_database_3.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_timestreamwrite_database_3 +Title: "List all AWS Timestream Database Configurations, Statuses" +Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + database_name, + arn, + creation_time + from + aws_timestreamwrite_database + order by + creation_time desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Timestream diff --git a/queries/aws_timestreamwrite_database_4.yaml b/queries/aws_timestreamwrite_database_4.yaml index 1988f4eb9..7000b80d7 100755 --- a/queries/aws_timestreamwrite_database_4.yaml +++ b/queries/aws_timestreamwrite_database_4.yaml @@ -1,7 +1,7 @@ ID: aws_timestreamwrite_database_4 Title: "List all AWS Timestream Databases and Table Counts" Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_timestreamwrite_database_4.yaml.bak b/queries/aws_timestreamwrite_database_4.yaml.bak new file mode 100755 index 000000000..1988f4eb9 --- /dev/null +++ b/queries/aws_timestreamwrite_database_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_timestreamwrite_database_4 +Title: "List all AWS Timestream Databases and Table Counts" +Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + database_name, + arn, + table_count + from + aws_timestreamwrite_database + order by + table_count desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Timestream diff --git a/queries/aws_timestreamwrite_database_5.yaml b/queries/aws_timestreamwrite_database_5.yaml index 1e47921f3..fe6fa4a54 100755 --- a/queries/aws_timestreamwrite_database_5.yaml +++ b/queries/aws_timestreamwrite_database_5.yaml @@ -1,7 +1,7 @@ ID: aws_timestreamwrite_database_5 Title: "List all AWS Timestream Databases with Details" Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_timestreamwrite_database_5.yaml.bak b/queries/aws_timestreamwrite_database_5.yaml.bak new file mode 100755 index 000000000..1e47921f3 --- /dev/null +++ b/queries/aws_timestreamwrite_database_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_timestreamwrite_database_5 +Title: "List all AWS Timestream Databases with Details" +Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + database_name, + arn, + last_updated_time, + region + from + aws_timestreamwrite_database; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Timestream diff --git a/queries/aws_timestreamwrite_table_1.yaml b/queries/aws_timestreamwrite_table_1.yaml index de2a48cb5..3ef8f243f 100755 --- a/queries/aws_timestreamwrite_table_1.yaml +++ b/queries/aws_timestreamwrite_table_1.yaml @@ -1,7 +1,7 @@ ID: aws_timestreamwrite_table_1 Title: "List all AWS Timestream Tables with Configurations and Statuses" Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_timestreamwrite_table_1.yaml.bak b/queries/aws_timestreamwrite_table_1.yaml.bak new file mode 100755 index 000000000..de2a48cb5 --- /dev/null +++ b/queries/aws_timestreamwrite_table_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_timestreamwrite_table_1 +Title: "List all AWS Timestream Tables with Configurations and Statuses" +Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + table_name, + arn, + table_status, + creation_time, + last_updated_time, + region + from + aws_timestreamwrite_table; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Timestream diff --git a/queries/aws_timestreamwrite_table_2.yaml b/queries/aws_timestreamwrite_table_2.yaml index ca096ea17..5dabe3bec 100755 --- a/queries/aws_timestreamwrite_table_2.yaml +++ b/queries/aws_timestreamwrite_table_2.yaml @@ -1,7 +1,7 @@ ID: aws_timestreamwrite_table_2 Title: "List AWS Timestream Table Configurations and Statuses" Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_timestreamwrite_table_2.yaml.bak b/queries/aws_timestreamwrite_table_2.yaml.bak new file mode 100755 index 000000000..ca096ea17 --- /dev/null +++ b/queries/aws_timestreamwrite_table_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_timestreamwrite_table_2 +Title: "List AWS Timestream Table Configurations and Statuses" +Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + table_name, + arn, + table_status + from + aws_timestreamwrite_table + where + table_status = 'ACTIVE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Timestream diff --git a/queries/aws_timestreamwrite_table_3.yaml b/queries/aws_timestreamwrite_table_3.yaml index fe6577032..771f15157 100755 --- a/queries/aws_timestreamwrite_table_3.yaml +++ b/queries/aws_timestreamwrite_table_3.yaml @@ -1,7 +1,7 @@ ID: aws_timestreamwrite_table_3 Title: "Find AWS Timestream Table Configurations and Statuses" Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_timestreamwrite_table_3.yaml.bak b/queries/aws_timestreamwrite_table_3.yaml.bak new file mode 100755 index 000000000..fe6577032 --- /dev/null +++ b/queries/aws_timestreamwrite_table_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_timestreamwrite_table_3 +Title: "Find AWS Timestream Table Configurations and Statuses" +Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + table_name, + arn, + retention_properties + from + aws_timestreamwrite_table + where + retention_properties ->> 'MemoryStoreRetentionPeriodInHours' = '24' + and retention_properties ->> 'MagneticStoreRetentionPeriodInDays' = '7'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Timestream diff --git a/queries/aws_timestreamwrite_table_4.yaml b/queries/aws_timestreamwrite_table_4.yaml index 53f694b0e..e3455ee76 100755 --- a/queries/aws_timestreamwrite_table_4.yaml +++ b/queries/aws_timestreamwrite_table_4.yaml @@ -1,7 +1,7 @@ ID: aws_timestreamwrite_table_4 Title: "List AWS Timestream Tables with Specific Write Properties" Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_timestreamwrite_table_4.yaml.bak b/queries/aws_timestreamwrite_table_4.yaml.bak new file mode 100755 index 000000000..53f694b0e --- /dev/null +++ b/queries/aws_timestreamwrite_table_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_timestreamwrite_table_4 +Title: "List AWS Timestream Tables with Specific Write Properties" +Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + table_name, + arn, + magnetic_store_write_properties + from + aws_timestreamwrite_table + where + magnetic_store_write_properties ->> 'EnableMagneticStoreWrites' = 'true'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Timestream diff --git a/queries/aws_timestreamwrite_table_5.yaml b/queries/aws_timestreamwrite_table_5.yaml index 3ffa3c7b8..f1f5245a0 100755 --- a/queries/aws_timestreamwrite_table_5.yaml +++ b/queries/aws_timestreamwrite_table_5.yaml @@ -1,7 +1,7 @@ ID: aws_timestreamwrite_table_5 Title: "List all AWS Timestream Tables and Configurations" Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_timestreamwrite_table_5.yaml.bak b/queries/aws_timestreamwrite_table_5.yaml.bak new file mode 100755 index 000000000..f1f5245a0 --- /dev/null +++ b/queries/aws_timestreamwrite_table_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_timestreamwrite_table_5 +Title: "List all AWS Timestream Tables and Configurations" +Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + table_name, + arn, + creation_time + from + aws_timestreamwrite_table + order by + creation_time desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Timestream diff --git a/queries/aws_timestreamwrite_table_5.yaml.bak.bak b/queries/aws_timestreamwrite_table_5.yaml.bak.bak new file mode 100755 index 000000000..f1f5245a0 --- /dev/null +++ b/queries/aws_timestreamwrite_table_5.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_timestreamwrite_table_5 +Title: "List all AWS Timestream Tables and Configurations" +Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + table_name, + arn, + creation_time + from + aws_timestreamwrite_table + order by + creation_time desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Timestream diff --git a/queries/aws_timestreamwrite_table_6.yaml b/queries/aws_timestreamwrite_table_6.yaml index d1a50640e..afcb9acc0 100755 --- a/queries/aws_timestreamwrite_table_6.yaml +++ b/queries/aws_timestreamwrite_table_6.yaml @@ -1,7 +1,7 @@ ID: aws_timestreamwrite_table_6 Title: "List All AWS Timestream Table Configurations and Statuses" Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_timestreamwrite_table_6.yaml.bak b/queries/aws_timestreamwrite_table_6.yaml.bak new file mode 100755 index 000000000..d1a50640e --- /dev/null +++ b/queries/aws_timestreamwrite_table_6.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_timestreamwrite_table_6 +Title: "List All AWS Timestream Table Configurations and Statuses" +Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + table_name, + arn, + schema + from + aws_timestreamwrite_table; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Timestream diff --git a/queries/aws_transfer_server_1.yaml b/queries/aws_transfer_server_1.yaml index 236cd9b8a..36e3f24e4 100755 --- a/queries/aws_transfer_server_1.yaml +++ b/queries/aws_transfer_server_1.yaml @@ -1,7 +1,7 @@ ID: aws_transfer_server_1 Title: "Find all AWS SFTP Servers and their Details" Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_transfer_server_1.yaml.bak b/queries/aws_transfer_server_1.yaml.bak new file mode 100755 index 000000000..236cd9b8a --- /dev/null +++ b/queries/aws_transfer_server_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_transfer_server_1 +Title: "Find all AWS SFTP Servers and their Details" +Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + server_id, + domain, + identity_provider_type, + endpoint_type + from + aws_transfer_server; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Transfer diff --git a/queries/aws_transfer_server_2.yaml b/queries/aws_transfer_server_2.yaml index e825520d2..1cb8e6f86 100755 --- a/queries/aws_transfer_server_2.yaml +++ b/queries/aws_transfer_server_2.yaml @@ -1,7 +1,7 @@ ID: aws_transfer_server_2 Title: "List all Offline SFTP Servers in AWS Transfer" Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_transfer_server_2.yaml.bak b/queries/aws_transfer_server_2.yaml.bak new file mode 100755 index 000000000..e825520d2 --- /dev/null +++ b/queries/aws_transfer_server_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_transfer_server_2 +Title: "List all Offline SFTP Servers in AWS Transfer" +Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + server_id, + domain, + identity_provider_type, + endpoint_type, + state + from + aws_transfer_server + where + state = 'OFFLINE'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Transfer diff --git a/queries/aws_transfer_server_3.yaml b/queries/aws_transfer_server_3.yaml index 751eab3a3..4bb9edf62 100755 --- a/queries/aws_transfer_server_3.yaml +++ b/queries/aws_transfer_server_3.yaml @@ -1,7 +1,7 @@ ID: aws_transfer_server_3 Title: "Find all SFTP Servers and User Count in AWS Transfer" Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_transfer_server_3.yaml.bak b/queries/aws_transfer_server_3.yaml.bak new file mode 100755 index 000000000..751eab3a3 --- /dev/null +++ b/queries/aws_transfer_server_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_transfer_server_3 +Title: "Find all SFTP Servers and User Count in AWS Transfer" +Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + server_id, + user_count + from + aws_transfer_server + order by + user_count desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Transfer diff --git a/queries/aws_transfer_server_4.yaml b/queries/aws_transfer_server_4.yaml index 4a3b6b23b..1812b5183 100755 --- a/queries/aws_transfer_server_4.yaml +++ b/queries/aws_transfer_server_4.yaml @@ -1,7 +1,7 @@ ID: aws_transfer_server_4 Title: "List all AWS SFTP Servers and Details" Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_transfer_server_4.yaml.bak b/queries/aws_transfer_server_4.yaml.bak new file mode 100755 index 000000000..1812b5183 --- /dev/null +++ b/queries/aws_transfer_server_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_transfer_server_4 +Title: "List all AWS SFTP Servers and Details" +Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + server_id, + domain, + identity_provider_type, + endpoint_type, + workflow_details ->> 'OnUpload' as on_upload_workflow + from + aws_transfer_server; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Transfer diff --git a/queries/aws_transfer_server_4.yaml.bak.bak b/queries/aws_transfer_server_4.yaml.bak.bak new file mode 100755 index 000000000..1812b5183 --- /dev/null +++ b/queries/aws_transfer_server_4.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_transfer_server_4 +Title: "List all AWS SFTP Servers and Details" +Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + server_id, + domain, + identity_provider_type, + endpoint_type, + workflow_details ->> 'OnUpload' as on_upload_workflow + from + aws_transfer_server; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Transfer diff --git a/queries/aws_transfer_server_5.yaml b/queries/aws_transfer_server_5.yaml index 0609aa863..94c0e48f8 100755 --- a/queries/aws_transfer_server_5.yaml +++ b/queries/aws_transfer_server_5.yaml @@ -1,7 +1,7 @@ ID: aws_transfer_server_5 Title: "Find all AWS Transfer SFTP Servers and Details" Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_transfer_server_5.yaml.bak b/queries/aws_transfer_server_5.yaml.bak new file mode 100755 index 000000000..0609aa863 --- /dev/null +++ b/queries/aws_transfer_server_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_transfer_server_5 +Title: "Find all AWS Transfer SFTP Servers and Details" +Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + server_id, + domain, + identity_provider_type, + endpoint_type, + structured_log_destinations + from + aws_transfer_server; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Transfer for SFTP diff --git a/queries/aws_transfer_server_6.yaml b/queries/aws_transfer_server_6.yaml index bf961a6dd..e0c89f9ff 100755 --- a/queries/aws_transfer_server_6.yaml +++ b/queries/aws_transfer_server_6.yaml @@ -1,7 +1,7 @@ ID: aws_transfer_server_6 Title: "Find all SFTP Servers in AWS Transfer" Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_transfer_server_6.yaml.bak b/queries/aws_transfer_server_6.yaml.bak new file mode 100755 index 000000000..bf961a6dd --- /dev/null +++ b/queries/aws_transfer_server_6.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_transfer_server_6 +Title: "Find all SFTP Servers in AWS Transfer" +Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.server_id, + c.certificate_arn, + c.status as certificate_status, + c.key_algorithm + from + aws_transfer_server as s, + aws_acm_certificate as c + where + s.certificate = c.certificate_arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Transfer for SFTP diff --git a/queries/aws_transfer_user_1.yaml b/queries/aws_transfer_user_1.yaml index e5a42f258..aaab6ecdf 100755 --- a/queries/aws_transfer_user_1.yaml +++ b/queries/aws_transfer_user_1.yaml @@ -1,7 +1,7 @@ ID: aws_transfer_user_1 Title: "List all Users in AWS Transfer Server" Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_transfer_user_1.yaml.bak b/queries/aws_transfer_user_1.yaml.bak new file mode 100755 index 000000000..e5a42f258 --- /dev/null +++ b/queries/aws_transfer_user_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_transfer_user_1 +Title: "List all Users in AWS Transfer Server" +Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + server_id, + user_name + from + aws_transfer_user; + where + server_id = "s-xxxxxxxxxxxxxxxxx"; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Transfer diff --git a/queries/aws_transfer_user_2.yaml b/queries/aws_transfer_user_2.yaml index 61225016f..456cc6196 100755 --- a/queries/aws_transfer_user_2.yaml +++ b/queries/aws_transfer_user_2.yaml @@ -1,7 +1,7 @@ ID: aws_transfer_user_2 Title: "List all AWS Transfer users in a server" Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_transfer_user_2.yaml.bak b/queries/aws_transfer_user_2.yaml.bak new file mode 100755 index 000000000..61225016f --- /dev/null +++ b/queries/aws_transfer_user_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_transfer_user_2 +Title: "List all AWS Transfer users in a server" +Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + arn, + server_id, + user_name, + ssh_public_key_count + from + aws_transfer_user; + where + server_id = "s-xxxxxxxxxxxxxxxxx" + order by + ssh_public_key_count desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Transfer diff --git a/queries/aws_transfer_user_3.yaml b/queries/aws_transfer_user_3.yaml index 8943aa790..4e3a90645 100755 --- a/queries/aws_transfer_user_3.yaml +++ b/queries/aws_transfer_user_3.yaml @@ -1,7 +1,7 @@ ID: aws_transfer_user_3 Title: "Find all AWS Transfer users within a server using SQL" Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_transfer_user_3.yaml.bak b/queries/aws_transfer_user_3.yaml.bak new file mode 100755 index 000000000..8943aa790 --- /dev/null +++ b/queries/aws_transfer_user_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_transfer_user_3 +Title: "Find all AWS Transfer users within a server using SQL" +Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + server_id, + user_name, + arn + from + aws_transfer_user + where + server_id in (select server_id from aws_transfer_server) + and + user_name = 'my_user_to_search'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Transfer diff --git a/queries/aws_transfer_user_4.yaml b/queries/aws_transfer_user_4.yaml index b84c8dec6..c0ed3442a 100755 --- a/queries/aws_transfer_user_4.yaml +++ b/queries/aws_transfer_user_4.yaml @@ -1,7 +1,7 @@ ID: aws_transfer_user_4 Title: "List all AWS Transfer users in a server" Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_transfer_user_4.yaml.bak b/queries/aws_transfer_user_4.yaml.bak new file mode 100755 index 000000000..b84c8dec6 --- /dev/null +++ b/queries/aws_transfer_user_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_transfer_user_4 +Title: "List all AWS Transfer users in a server" +Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + count(*) as total_users, + server_id + from + aws_transfer_user + group by + server_id + order by + total_users desc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Transfer diff --git a/queries/aws_trusted_advisor_check_summary_1.yaml b/queries/aws_trusted_advisor_check_summary_1.yaml index f7b4ca454..c4ddf7fc0 100755 --- a/queries/aws_trusted_advisor_check_summary_1.yaml +++ b/queries/aws_trusted_advisor_check_summary_1.yaml @@ -1,7 +1,7 @@ ID: aws_trusted_advisor_check_summary_1 Title: "List Trusted Advisor Check Summaries in AWS" Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_trusted_advisor_check_summary_1.yaml.bak b/queries/aws_trusted_advisor_check_summary_1.yaml.bak new file mode 100755 index 000000000..f7b4ca454 --- /dev/null +++ b/queries/aws_trusted_advisor_check_summary_1.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_trusted_advisor_check_summary_1 +Title: "List Trusted Advisor Check Summaries in AWS" +Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + check_id, + category, + description, + status, + timestamp, + resources_flagged + from + aws_trusted_advisor_check_summary + where + language = 'en'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_data_security: + - "true" + cloud_finops: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Trusted Advisor diff --git a/queries/aws_trusted_advisor_check_summary_2.yaml b/queries/aws_trusted_advisor_check_summary_2.yaml index 9768886d8..5bbf20bc7 100755 --- a/queries/aws_trusted_advisor_check_summary_2.yaml +++ b/queries/aws_trusted_advisor_check_summary_2.yaml @@ -1,7 +1,7 @@ ID: aws_trusted_advisor_check_summary_2 Title: "List Trusted Advisor Check Summaries with Errors in AWS" Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_trusted_advisor_check_summary_2.yaml.bak b/queries/aws_trusted_advisor_check_summary_2.yaml.bak new file mode 100755 index 000000000..9768886d8 --- /dev/null +++ b/queries/aws_trusted_advisor_check_summary_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_trusted_advisor_check_summary_2 +Title: "List Trusted Advisor Check Summaries with Errors in AWS" +Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + check_id, + category, + status + from + aws_trusted_advisor_check_summary + where + language = 'en' + and + status = 'error'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Trusted Advisor diff --git a/queries/aws_trusted_advisor_check_summary_3.yaml b/queries/aws_trusted_advisor_check_summary_3.yaml index d1213543a..9458cd334 100755 --- a/queries/aws_trusted_advisor_check_summary_3.yaml +++ b/queries/aws_trusted_advisor_check_summary_3.yaml @@ -1,7 +1,7 @@ ID: aws_trusted_advisor_check_summary_3 Title: "List Trusted Advisor Check Summaries for AWS" Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_trusted_advisor_check_summary_3.yaml.bak b/queries/aws_trusted_advisor_check_summary_3.yaml.bak new file mode 100755 index 000000000..d1213543a --- /dev/null +++ b/queries/aws_trusted_advisor_check_summary_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_trusted_advisor_check_summary_3 +Title: "List Trusted Advisor Check Summaries for AWS" +Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + check_id, + description, + status, + timestamp + from + aws_trusted_advisor_check_summary + where + language = 'en' + and + timestamp >= now() - interval '5 day'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Trusted Advisor diff --git a/queries/aws_trusted_advisor_check_summary_4.yaml b/queries/aws_trusted_advisor_check_summary_4.yaml index 3ac9de4c5..f164fd072 100755 --- a/queries/aws_trusted_advisor_check_summary_4.yaml +++ b/queries/aws_trusted_advisor_check_summary_4.yaml @@ -1,7 +1,7 @@ ID: aws_trusted_advisor_check_summary_4 Title: "List all AWS Trusted Advisor Check Summaries" Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_trusted_advisor_check_summary_4.yaml.bak b/queries/aws_trusted_advisor_check_summary_4.yaml.bak new file mode 100755 index 000000000..3ac9de4c5 --- /dev/null +++ b/queries/aws_trusted_advisor_check_summary_4.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_trusted_advisor_check_summary_4 +Title: "List all AWS Trusted Advisor Check Summaries" +Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + check_id, + resources_flagged, + resources_ignored, + resources_processed, + resources_suppressed + from + aws_trusted_advisor_check_summary + where + language = 'en'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_finops: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Trusted Advisor diff --git a/queries/aws_vpc_1.yaml b/queries/aws_vpc_1.yaml index 8495368bf..319329dfe 100755 --- a/queries/aws_vpc_1.yaml +++ b/queries/aws_vpc_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_1 Title: "List all AWS VPCs and their configurations" Description: "Allows users to query VPCs within AWS. It provides information about each VPC''s configuration, including its ID, state, CIDR block, and whether it is the default VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_1.yaml.bak b/queries/aws_vpc_1.yaml.bak new file mode 100755 index 000000000..8495368bf --- /dev/null +++ b/queries/aws_vpc_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_1 +Title: "List all AWS VPCs and their configurations" +Description: "Allows users to query VPCs within AWS. It provides information about each VPC''s configuration, including its ID, state, CIDR block, and whether it is the default VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_id, + is_default, + cidr_block, + state, + account_id, + region + from + aws_vpc + where + is_default; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_2.yaml b/queries/aws_vpc_2.yaml index de39e64fc..bc955e7cf 100755 --- a/queries/aws_vpc_2.yaml +++ b/queries/aws_vpc_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_2 Title: "List all AWS VPCs and their configurations" Description: "Allows users to query VPCs within AWS. It provides information about each VPC''s configuration, including its ID, state, CIDR block, and whether it is the default VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_2.yaml.bak b/queries/aws_vpc_2.yaml.bak new file mode 100755 index 000000000..de39e64fc --- /dev/null +++ b/queries/aws_vpc_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_vpc_2 +Title: "List all AWS VPCs and their configurations" +Description: "Allows users to query VPCs within AWS. It provides information about each VPC''s configuration, including its ID, state, CIDR block, and whether it is the default VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_id, + cidr_block, + host(cidr_block), + broadcast(cidr_block), + netmask(cidr_block), + network(cidr_block) + from + aws_vpc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_3.yaml b/queries/aws_vpc_3.yaml index 0711262b5..33eb0e05d 100755 --- a/queries/aws_vpc_3.yaml +++ b/queries/aws_vpc_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_3 Title: "Find all AWS VPCs and Their Configurations" Description: "Allows users to query VPCs within AWS. It provides information about each VPC''s configuration, including its ID, state, CIDR block, and whether it is the default VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_3.yaml.bak b/queries/aws_vpc_3.yaml.bak new file mode 100755 index 000000000..0711262b5 --- /dev/null +++ b/queries/aws_vpc_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_vpc_3 +Title: "Find all AWS VPCs and Their Configurations" +Description: "Allows users to query VPCs within AWS. It provides information about each VPC''s configuration, including its ID, state, CIDR block, and whether it is the default VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_id, + cidr_block, + state, + region + from + aws_vpc + where + not cidr_block <<= '10.0.0.0/8' + and not cidr_block <<= '192.168.0.0/16' + and not cidr_block <<= '172.16.0.0/12'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_customer_gateway_1.yaml b/queries/aws_vpc_customer_gateway_1.yaml index d7f602c94..b4b54f862 100755 --- a/queries/aws_vpc_customer_gateway_1.yaml +++ b/queries/aws_vpc_customer_gateway_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_customer_gateway_1 Title: "Find all Customer Gateways in AWS VPC" Description: "Allows users to query AWS VPC Customer Gateway, providing detailed information about each Customer Gateway in a Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_customer_gateway_1.yaml.bak b/queries/aws_vpc_customer_gateway_1.yaml.bak new file mode 100755 index 000000000..d7f602c94 --- /dev/null +++ b/queries/aws_vpc_customer_gateway_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_vpc_customer_gateway_1 +Title: "Find all Customer Gateways in AWS VPC" +Description: "Allows users to query AWS VPC Customer Gateway, providing detailed information about each Customer Gateway in a Virtual Private Cloud (VPC)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + customer_gateway_id, + type, + state, + bgp_asn, + certificate_arn, + device_name, + ip_address + from + aws_vpc_customer_gateway; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_customer_gateway_2.yaml b/queries/aws_vpc_customer_gateway_2.yaml index 2a3a5243f..16a54cd1f 100755 --- a/queries/aws_vpc_customer_gateway_2.yaml +++ b/queries/aws_vpc_customer_gateway_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_customer_gateway_2 Title: "List all AWS VPC Customer Gateway details in VPC" Description: "Allows users to query AWS VPC Customer Gateway, providing detailed information about each Customer Gateway in a Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_customer_gateway_2.yaml.bak b/queries/aws_vpc_customer_gateway_2.yaml.bak new file mode 100755 index 000000000..2a3a5243f --- /dev/null +++ b/queries/aws_vpc_customer_gateway_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_vpc_customer_gateway_2 +Title: "List all AWS VPC Customer Gateway details in VPC" +Description: "Allows users to query AWS VPC Customer Gateway, providing detailed information about each Customer Gateway in a Virtual Private Cloud (VPC)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + type, + count(customer_gateway_id) as customer_gateway_id_count + from + aws_vpc_customer_gateway + group by + type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Virtual Private Cloud diff --git a/queries/aws_vpc_dhcp_options_1.yaml b/queries/aws_vpc_dhcp_options_1.yaml index 057d66595..7743575a7 100755 --- a/queries/aws_vpc_dhcp_options_1.yaml +++ b/queries/aws_vpc_dhcp_options_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_dhcp_options_1 Title: "List all DHCP Options associated with AWS VPC" Description: "Allows users to query DHCP Options associated with Virtual Private Cloud (VPC) in AWS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_dhcp_options_1.yaml.bak b/queries/aws_vpc_dhcp_options_1.yaml.bak new file mode 100755 index 000000000..057d66595 --- /dev/null +++ b/queries/aws_vpc_dhcp_options_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_dhcp_options_1 +Title: "List all DHCP Options associated with AWS VPC" +Description: "Allows users to query DHCP Options associated with Virtual Private Cloud (VPC) in AWS." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + dhcp_options_id, + domain_name, + domain_name_servers, + netbios_name_servers, + netbios_node_type, + ntp_servers + from + aws_vpc_dhcp_options; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Virtual Private Cloud diff --git a/queries/aws_vpc_dhcp_options_2.yaml b/queries/aws_vpc_dhcp_options_2.yaml index e26b71e86..8228497df 100755 --- a/queries/aws_vpc_dhcp_options_2.yaml +++ b/queries/aws_vpc_dhcp_options_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_dhcp_options_2 Title: "List AWS VPC DHCP Options with Domain Name Servers" Description: "Allows users to query DHCP Options associated with Virtual Private Cloud (VPC) in AWS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_dhcp_options_2.yaml.bak b/queries/aws_vpc_dhcp_options_2.yaml.bak new file mode 100755 index 000000000..e26b71e86 --- /dev/null +++ b/queries/aws_vpc_dhcp_options_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_vpc_dhcp_options_2 +Title: "List AWS VPC DHCP Options with Domain Name Servers" +Description: "Allows users to query DHCP Options associated with Virtual Private Cloud (VPC) in AWS." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + dhcp_options_id, + domain_name, + domain_name_servers + from + aws_vpc_dhcp_options + where + domain_name_servers ? 'AmazonProvidedDNS'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_dhcp_options_3.yaml b/queries/aws_vpc_dhcp_options_3.yaml index 746c02990..73f5bd56d 100755 --- a/queries/aws_vpc_dhcp_options_3.yaml +++ b/queries/aws_vpc_dhcp_options_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_dhcp_options_3 Title: "Find AWS VPC DHCP Options with Specific NetBIOS Types" Description: "Allows users to query DHCP Options associated with Virtual Private Cloud (VPC) in AWS." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_dhcp_options_3.yaml.bak b/queries/aws_vpc_dhcp_options_3.yaml.bak new file mode 100755 index 000000000..746c02990 --- /dev/null +++ b/queries/aws_vpc_dhcp_options_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_vpc_dhcp_options_3 +Title: "Find AWS VPC DHCP Options with Specific NetBIOS Types" +Description: "Allows users to query DHCP Options associated with Virtual Private Cloud (VPC) in AWS." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + dhcp_options_id, + netbios_node_type + from + aws_vpc_dhcp_options + cross join jsonb_array_elements_text(netbios_node_type) as i + where + not i.value :: int in (2); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC DHCP Options diff --git a/queries/aws_vpc_egress_only_internet_gateway_1.yaml b/queries/aws_vpc_egress_only_internet_gateway_1.yaml index f7220fb7a..2143687e3 100755 --- a/queries/aws_vpc_egress_only_internet_gateway_1.yaml +++ b/queries/aws_vpc_egress_only_internet_gateway_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_egress_only_internet_gateway_1 Title: "Find all AWS VPC Egress Only Internet Gateways" Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_egress_only_internet_gateway_1.yaml.bak b/queries/aws_vpc_egress_only_internet_gateway_1.yaml.bak new file mode 100755 index 000000000..f7220fb7a --- /dev/null +++ b/queries/aws_vpc_egress_only_internet_gateway_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_egress_only_internet_gateway_1 +Title: "Find all AWS VPC Egress Only Internet Gateways" +Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + att ->> 'State' as state, + att ->> 'VpcId' as vpc_id, + tags, + region + from + aws_vpc_egress_only_internet_gateway + cross join jsonb_array_elements(attachments) as att; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_egress_only_internet_gateway_2.yaml b/queries/aws_vpc_egress_only_internet_gateway_2.yaml index a5c0257ca..0936b3fc2 100755 --- a/queries/aws_vpc_egress_only_internet_gateway_2.yaml +++ b/queries/aws_vpc_egress_only_internet_gateway_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_egress_only_internet_gateway_2 Title: "Find AWS VPC Egress Only Internet Gateways" Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak b/queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak new file mode 100755 index 000000000..0936b3fc2 --- /dev/null +++ b/queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_egress_only_internet_gateway_2 +Title: "Find AWS VPC Egress Only Internet Gateways" +Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + attachments + from + aws_vpc_egress_only_internet_gateway + where + attachments is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak.bak b/queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak.bak new file mode 100755 index 000000000..0936b3fc2 --- /dev/null +++ b/queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_egress_only_internet_gateway_2 +Title: "Find AWS VPC Egress Only Internet Gateways" +Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + attachments + from + aws_vpc_egress_only_internet_gateway + where + attachments is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_egress_only_internet_gateway_3.yaml b/queries/aws_vpc_egress_only_internet_gateway_3.yaml index 53a40f662..8ab250145 100755 --- a/queries/aws_vpc_egress_only_internet_gateway_3.yaml +++ b/queries/aws_vpc_egress_only_internet_gateway_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_egress_only_internet_gateway_3 Title: "Find AWS VPC Egress Only Internet Gateways" Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_egress_only_internet_gateway_3.yaml.bak b/queries/aws_vpc_egress_only_internet_gateway_3.yaml.bak new file mode 100755 index 000000000..53a40f662 --- /dev/null +++ b/queries/aws_vpc_egress_only_internet_gateway_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_egress_only_internet_gateway_3 +Title: "Find AWS VPC Egress Only Internet Gateways" +Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vig.id, + vpc.is_default + from + aws_vpc_egress_only_internet_gateway as vig + cross join jsonb_array_elements(attachments) as i + join aws_vpc vpc on i ->> 'VpcId' = vpc.vpc_id + where + vpc.is_default = true; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_eip_1.yaml b/queries/aws_vpc_eip_1.yaml index de42ac6a8..546c565ba 100755 --- a/queries/aws_vpc_eip_1.yaml +++ b/queries/aws_vpc_eip_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_eip_1 Title: "Find all AWS VPC Elastic IP Addresses" Description: "Allows users to query AWS VPC Elastic IP Addresses" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_eip_1.yaml.bak b/queries/aws_vpc_eip_1.yaml.bak new file mode 100755 index 000000000..de42ac6a8 --- /dev/null +++ b/queries/aws_vpc_eip_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_eip_1 +Title: "Find all AWS VPC Elastic IP Addresses" +Description: "Allows users to query AWS VPC Elastic IP Addresses" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + public_ip, + domain association_id + from + aws_vpc_eip + where + association_id is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon VPC diff --git a/queries/aws_vpc_eip_2.yaml b/queries/aws_vpc_eip_2.yaml index 6536bae67..15bdb9dc0 100755 --- a/queries/aws_vpc_eip_2.yaml +++ b/queries/aws_vpc_eip_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_eip_2 Title: "Find AWS VPC Elastic IP Addresses" Description: "Allows users to query AWS VPC Elastic IP Addresses" -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_eip_2.yaml.bak b/queries/aws_vpc_eip_2.yaml.bak new file mode 100755 index 000000000..6536bae67 --- /dev/null +++ b/queries/aws_vpc_eip_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_eip_2 +Title: "Find AWS VPC Elastic IP Addresses" +Description: "Allows users to query AWS VPC Elastic IP Addresses" +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + public_ipv4_pool, + count(public_ip) as elastic_ips + from + aws_vpc_eip + group by + public_ipv4_pool; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_eip_address_transfer_1.yaml b/queries/aws_vpc_eip_address_transfer_1.yaml index d495f3b95..1f618d3d1 100755 --- a/queries/aws_vpc_eip_address_transfer_1.yaml +++ b/queries/aws_vpc_eip_address_transfer_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_eip_address_transfer_1 Title: "List all AWS VPC Elastic IP Address Transfers" Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_eip_address_transfer_1.yaml.bak b/queries/aws_vpc_eip_address_transfer_1.yaml.bak new file mode 100755 index 000000000..d495f3b95 --- /dev/null +++ b/queries/aws_vpc_eip_address_transfer_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_vpc_eip_address_transfer_1 +Title: "List all AWS VPC Elastic IP Address Transfers" +Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + allocation_id, + address_transfer_status, + public_ip, + transfer_account_id, + transfer_offer_accepted_timestamp + from + aws_vpc_eip_address_transfer; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_eip_address_transfer_2.yaml b/queries/aws_vpc_eip_address_transfer_2.yaml index 51e9c028d..1ba0776ee 100755 --- a/queries/aws_vpc_eip_address_transfer_2.yaml +++ b/queries/aws_vpc_eip_address_transfer_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_eip_address_transfer_2 Title: "List all Elastic IP Address Transfers in AWS VPC" Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_eip_address_transfer_2.yaml.bak b/queries/aws_vpc_eip_address_transfer_2.yaml.bak new file mode 100755 index 000000000..51e9c028d --- /dev/null +++ b/queries/aws_vpc_eip_address_transfer_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_vpc_eip_address_transfer_2 +Title: "List all Elastic IP Address Transfers in AWS VPC" +Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + allocation_id, + address_transfer_status, + public_ip, + transfer_account_id, + transfer_offer_accepted_timestamp + from + aws_vpc_eip_address_transfer + where + transfer_offer_accepted_timestamp >= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_eip_address_transfer_3.yaml b/queries/aws_vpc_eip_address_transfer_3.yaml index 382ae1599..991c5f7fa 100755 --- a/queries/aws_vpc_eip_address_transfer_3.yaml +++ b/queries/aws_vpc_eip_address_transfer_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_eip_address_transfer_3 Title: "Find AWS Elastic IP Address Transfers in VPC using SQL" Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_eip_address_transfer_3.yaml.bak b/queries/aws_vpc_eip_address_transfer_3.yaml.bak new file mode 100755 index 000000000..382ae1599 --- /dev/null +++ b/queries/aws_vpc_eip_address_transfer_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_vpc_eip_address_transfer_3 +Title: "Find AWS Elastic IP Address Transfers in VPC using SQL" +Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + allocation_id, + address_transfer_status, + public_ip, + transfer_account_id, + transfer_offer_expiration_timestamp + from + aws_vpc_eip_address_transfer + where + transfer_offer_expiration_timestamp >= now() - interval '10' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_eip_address_transfer_4.yaml b/queries/aws_vpc_eip_address_transfer_4.yaml index c745cbc80..e281e40fd 100755 --- a/queries/aws_vpc_eip_address_transfer_4.yaml +++ b/queries/aws_vpc_eip_address_transfer_4.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_eip_address_transfer_4 Title: "Find AWS VPC Elastic IP Address Transfers" Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_eip_address_transfer_4.yaml.bak b/queries/aws_vpc_eip_address_transfer_4.yaml.bak new file mode 100755 index 000000000..c745cbc80 --- /dev/null +++ b/queries/aws_vpc_eip_address_transfer_4.yaml.bak @@ -0,0 +1,39 @@ +ID: aws_vpc_eip_address_transfer_4 +Title: "Find AWS VPC Elastic IP Address Transfers" +Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + t.allocation_id, + t.address_transfer_status, + t.transfer_account_id, + i.vpc_id, + v.cidr_block, + v.state, + v.is_default + from + aws_vpc_eip eip, + aws_ec2_instance i, + aws_vpc_eip_address_transfer t, + aws_vpc v + where + eip.instance_id = i.instance_id + and t.allocation_id = eip.allocation_id + and v.vpc_id = i.vpc_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_endpoint_1.yaml b/queries/aws_vpc_endpoint_1.yaml index 45e102aa1..5787b74ba 100755 --- a/queries/aws_vpc_endpoint_1.yaml +++ b/queries/aws_vpc_endpoint_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_endpoint_1 Title: "List AWS VPC Endpoints with Configuration and Status" Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_endpoint_1.yaml.bak b/queries/aws_vpc_endpoint_1.yaml.bak new file mode 100755 index 000000000..45e102aa1 --- /dev/null +++ b/queries/aws_vpc_endpoint_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_vpc_endpoint_1 +Title: "List AWS VPC Endpoints with Configuration and Status" +Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_endpoint_id, + vpc_id, + service_name + from + aws_vpc_endpoint; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Endpoint diff --git a/queries/aws_vpc_endpoint_2.yaml b/queries/aws_vpc_endpoint_2.yaml index 2dfd3ed71..72f2edab2 100755 --- a/queries/aws_vpc_endpoint_2.yaml +++ b/queries/aws_vpc_endpoint_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_endpoint_2 Title: "List all AWS VPC Endpoints and retrieve configuration details" Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_endpoint_2.yaml.bak b/queries/aws_vpc_endpoint_2.yaml.bak new file mode 100755 index 000000000..2dfd3ed71 --- /dev/null +++ b/queries/aws_vpc_endpoint_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_vpc_endpoint_2 +Title: "List all AWS VPC Endpoints and retrieve configuration details" +Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_endpoint_id, + jsonb_array_length(subnet_ids) as subnet_id_count + from + aws_vpc_endpoint; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Endpoint diff --git a/queries/aws_vpc_endpoint_3.yaml b/queries/aws_vpc_endpoint_3.yaml index 2afc5789b..09d9fd13d 100755 --- a/queries/aws_vpc_endpoint_3.yaml +++ b/queries/aws_vpc_endpoint_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_endpoint_3 Title: "List all AWS VPC Endpoints and Related Information" Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_endpoint_3.yaml.bak b/queries/aws_vpc_endpoint_3.yaml.bak new file mode 100755 index 000000000..2afc5789b --- /dev/null +++ b/queries/aws_vpc_endpoint_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_vpc_endpoint_3 +Title: "List all AWS VPC Endpoints and Related Information" +Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_endpoint_id, + vpc_id, + jsonb_array_elements(subnet_ids) as subnet_ids, + jsonb_array_elements(network_interface_ids) as network_interface_ids, + jsonb_array_elements(route_table_ids) as route_table_ids, + sg ->> 'GroupName' as sg_name + from + aws_vpc_endpoint + cross join jsonb_array_elements(groups) as sg; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_endpoint_4.yaml b/queries/aws_vpc_endpoint_4.yaml index 3b1e39be7..e2af977b0 100755 --- a/queries/aws_vpc_endpoint_4.yaml +++ b/queries/aws_vpc_endpoint_4.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_endpoint_4 Title: "Find AWS VPC Endpoints with Configurations and Status" Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_endpoint_4.yaml.bak b/queries/aws_vpc_endpoint_4.yaml.bak new file mode 100755 index 000000000..e2af977b0 --- /dev/null +++ b/queries/aws_vpc_endpoint_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_vpc_endpoint_4 +Title: "Find AWS VPC Endpoints with Configurations and Status" +Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_endpoint_id, + private_dns_enabled, + dns ->> 'DnsName' as dns_name, + dns ->> 'HostedZoneId' as hosted_zone_id + from + aws_vpc_endpoint + cross join jsonb_array_elements(dns_entries) as dns; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Endpoint diff --git a/queries/aws_vpc_endpoint_4.yaml.bak.bak b/queries/aws_vpc_endpoint_4.yaml.bak.bak new file mode 100755 index 000000000..e2af977b0 --- /dev/null +++ b/queries/aws_vpc_endpoint_4.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_vpc_endpoint_4 +Title: "Find AWS VPC Endpoints with Configurations and Status" +Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_endpoint_id, + private_dns_enabled, + dns ->> 'DnsName' as dns_name, + dns ->> 'HostedZoneId' as hosted_zone_id + from + aws_vpc_endpoint + cross join jsonb_array_elements(dns_entries) as dns; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Endpoint diff --git a/queries/aws_vpc_endpoint_5.yaml b/queries/aws_vpc_endpoint_5.yaml index 63cecf492..cdaf3d885 100755 --- a/queries/aws_vpc_endpoint_5.yaml +++ b/queries/aws_vpc_endpoint_5.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_endpoint_5 Title: "List all AWS VPC Endpoints and their configurations" Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_endpoint_5.yaml.bak b/queries/aws_vpc_endpoint_5.yaml.bak new file mode 100755 index 000000000..63cecf492 --- /dev/null +++ b/queries/aws_vpc_endpoint_5.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_vpc_endpoint_5 +Title: "List all AWS VPC Endpoints and their configurations" +Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_id, + count(vpc_endpoint_id) as vpc_endpoint_count + from + aws_vpc_endpoint + group by + vpc_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_endpoint_service_1.yaml b/queries/aws_vpc_endpoint_service_1.yaml index 92272574a..9cfa61a05 100755 --- a/queries/aws_vpc_endpoint_service_1.yaml +++ b/queries/aws_vpc_endpoint_service_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_endpoint_service_1 Title: "List All AWS VPC Endpoint Services and Details" Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_endpoint_service_1.yaml.bak b/queries/aws_vpc_endpoint_service_1.yaml.bak new file mode 100755 index 000000000..92272574a --- /dev/null +++ b/queries/aws_vpc_endpoint_service_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_endpoint_service_1 +Title: "List All AWS VPC Endpoint Services and Details" +Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + service_id, + base_endpoint_dns_names, + private_dns_name + from + aws_vpc_endpoint_service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Endpoint Services diff --git a/queries/aws_vpc_endpoint_service_2.yaml b/queries/aws_vpc_endpoint_service_2.yaml index 96b4d50ca..2a702da50 100755 --- a/queries/aws_vpc_endpoint_service_2.yaml +++ b/queries/aws_vpc_endpoint_service_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_endpoint_service_2 Title: "List all AWS VPC Endpoint Services with Details" Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_endpoint_service_2.yaml.bak b/queries/aws_vpc_endpoint_service_2.yaml.bak new file mode 100755 index 000000000..96b4d50ca --- /dev/null +++ b/queries/aws_vpc_endpoint_service_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_vpc_endpoint_service_2 +Title: "List all AWS VPC Endpoint Services with Details" +Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + jsonb_array_length(availability_zones) as availability_zone_count + from + aws_vpc_endpoint_service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Endpoint Service diff --git a/queries/aws_vpc_endpoint_service_3.yaml b/queries/aws_vpc_endpoint_service_3.yaml index 58e79aa8a..3746d619e 100755 --- a/queries/aws_vpc_endpoint_service_3.yaml +++ b/queries/aws_vpc_endpoint_service_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_endpoint_service_3 Title: "Find AWS VPC Endpoint Service Details" Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_endpoint_service_3.yaml.bak b/queries/aws_vpc_endpoint_service_3.yaml.bak new file mode 100755 index 000000000..58e79aa8a --- /dev/null +++ b/queries/aws_vpc_endpoint_service_3.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_vpc_endpoint_service_3 +Title: "Find AWS VPC Endpoint Service Details" +Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + service_id, + base_endpoint_dns_names, + private_dns_name + from + aws_vpc_endpoint_service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Endpoint Service diff --git a/queries/aws_vpc_endpoint_service_4.yaml b/queries/aws_vpc_endpoint_service_4.yaml index 970b9933e..241bf38af 100755 --- a/queries/aws_vpc_endpoint_service_4.yaml +++ b/queries/aws_vpc_endpoint_service_4.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_endpoint_service_4 Title: "List AWS VPC Endpoint Services with Details" Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_endpoint_service_4.yaml.bak b/queries/aws_vpc_endpoint_service_4.yaml.bak new file mode 100755 index 000000000..970b9933e --- /dev/null +++ b/queries/aws_vpc_endpoint_service_4.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_vpc_endpoint_service_4 +Title: "List AWS VPC Endpoint Services with Details" +Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + service_id, + type ->> 'ServiceType' as service_type + from + aws_vpc_endpoint_service + cross join jsonb_array_elements(service_type) as type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS VPC Endpoint Services diff --git a/queries/aws_vpc_endpoint_service_5.yaml b/queries/aws_vpc_endpoint_service_5.yaml index 266836a80..f6062ddd4 100755 --- a/queries/aws_vpc_endpoint_service_5.yaml +++ b/queries/aws_vpc_endpoint_service_5.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_endpoint_service_5 Title: "List all Non-Policy Supported AWS VPC Endpoint Services" Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_endpoint_service_5.yaml.bak b/queries/aws_vpc_endpoint_service_5.yaml.bak new file mode 100755 index 000000000..266836a80 --- /dev/null +++ b/queries/aws_vpc_endpoint_service_5.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_vpc_endpoint_service_5 +Title: "List all Non-Policy Supported AWS VPC Endpoint Services" +Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + service_id, + vpc_endpoint_policy_supported + from + aws_vpc_endpoint_service + where + not vpc_endpoint_policy_supported; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Endpoint Service diff --git a/queries/aws_vpc_endpoint_service_6.yaml b/queries/aws_vpc_endpoint_service_6.yaml index 6de1e2feb..8f956172d 100755 --- a/queries/aws_vpc_endpoint_service_6.yaml +++ b/queries/aws_vpc_endpoint_service_6.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_endpoint_service_6 Title: "List all AWS VPC Endpoint Services" Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_endpoint_service_6.yaml.bak b/queries/aws_vpc_endpoint_service_6.yaml.bak new file mode 100755 index 000000000..8f956172d --- /dev/null +++ b/queries/aws_vpc_endpoint_service_6.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_vpc_endpoint_service_6 +Title: "List all AWS VPC Endpoint Services" +Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + service_id, + jsonb_pretty(vpc_endpoint_service_permissions) as allowed_principals + from + aws_vpc_endpoint_service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Endpoint Services diff --git a/queries/aws_vpc_endpoint_service_6.yaml.bak.bak b/queries/aws_vpc_endpoint_service_6.yaml.bak.bak new file mode 100755 index 000000000..8f956172d --- /dev/null +++ b/queries/aws_vpc_endpoint_service_6.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_vpc_endpoint_service_6 +Title: "List all AWS VPC Endpoint Services" +Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + service_id, + jsonb_pretty(vpc_endpoint_service_permissions) as allowed_principals + from + aws_vpc_endpoint_service; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Endpoint Services diff --git a/queries/aws_vpc_endpoint_service_7.yaml b/queries/aws_vpc_endpoint_service_7.yaml index def44933b..774a132a2 100755 --- a/queries/aws_vpc_endpoint_service_7.yaml +++ b/queries/aws_vpc_endpoint_service_7.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_endpoint_service_7 Title: "List all AWS VPC Endpoint Services Information" Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_endpoint_service_7.yaml.bak b/queries/aws_vpc_endpoint_service_7.yaml.bak new file mode 100755 index 000000000..def44933b --- /dev/null +++ b/queries/aws_vpc_endpoint_service_7.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_vpc_endpoint_service_7 +Title: "List all AWS VPC Endpoint Services Information" +Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + service_name, + service_id, + c ->> 'VpcEndpointId' as vpc_endpoint_id, + c ->> 'VpcEndpointOwner' as vpc_endpoint_owner, + c ->> 'VpcEndpointState' as vpc_endpoint_state, + jsonb_array_elements_text(c -> 'NetworkLoadBalancerArns') as network_loadBalancer_arns + from + aws_vpc_endpoint_service, + jsonb_array_elements(vpc_endpoint_connections) as c + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Endpoint Service diff --git a/queries/aws_vpc_flow_log_1.yaml b/queries/aws_vpc_flow_log_1.yaml index 0e4fe3811..52debf495 100755 --- a/queries/aws_vpc_flow_log_1.yaml +++ b/queries/aws_vpc_flow_log_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_flow_log_1 Title: "Find AWS VPC Flow Logs Information with SQL Query" Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_flow_log_1.yaml.bak b/queries/aws_vpc_flow_log_1.yaml.bak new file mode 100755 index 000000000..0e4fe3811 --- /dev/null +++ b/queries/aws_vpc_flow_log_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_vpc_flow_log_1 +Title: "Find AWS VPC Flow Logs Information with SQL Query" +Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + flow_log_id, + resource_id + from + aws_vpc_flow_log; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_2.yaml b/queries/aws_vpc_flow_log_2.yaml index 88f60746a..f88800199 100755 --- a/queries/aws_vpc_flow_log_2.yaml +++ b/queries/aws_vpc_flow_log_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_flow_log_2 Title: "Find Failed Logs in AWS VPC Flow" Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_flow_log_2.yaml.bak b/queries/aws_vpc_flow_log_2.yaml.bak new file mode 100755 index 000000000..88f60746a --- /dev/null +++ b/queries/aws_vpc_flow_log_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_flow_log_2 +Title: "Find Failed Logs in AWS VPC Flow" +Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + flow_log_id, + resource_id, + deliver_logs_error_message, + deliver_logs_status + from + aws_vpc_flow_log + where + deliver_logs_status = 'FAILED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_3.yaml b/queries/aws_vpc_flow_log_3.yaml index 6c78cf744..0dbeac59e 100755 --- a/queries/aws_vpc_flow_log_3.yaml +++ b/queries/aws_vpc_flow_log_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_flow_log_3 Title: "Find AWS VPC Flow Logs and IP Traffic Details" Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_flow_log_3.yaml.bak b/queries/aws_vpc_flow_log_3.yaml.bak new file mode 100755 index 000000000..6c78cf744 --- /dev/null +++ b/queries/aws_vpc_flow_log_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_vpc_flow_log_3 +Title: "Find AWS VPC Flow Logs and IP Traffic Details" +Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + flow_log_id, + log_destination_type, + log_destination, + log_group_name, + bucket_name + from + aws_vpc_flow_log; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Flow Log diff --git a/queries/aws_vpc_flow_log_4.yaml b/queries/aws_vpc_flow_log_4.yaml index 81d032ab6..b8de7f566 100755 --- a/queries/aws_vpc_flow_log_4.yaml +++ b/queries/aws_vpc_flow_log_4.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_flow_log_4 Title: "Find AWS VPC Flow Log Details with SQL Queries" Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_flow_log_4.yaml.bak b/queries/aws_vpc_flow_log_4.yaml.bak new file mode 100755 index 000000000..81d032ab6 --- /dev/null +++ b/queries/aws_vpc_flow_log_4.yaml.bak @@ -0,0 +1,23 @@ +ID: aws_vpc_flow_log_4 +Title: "Find AWS VPC Flow Log Details with SQL Queries" +Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + flow_log_id, + traffic_type + from + aws_vpc_flow_log; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_1.yaml b/queries/aws_vpc_flow_log_event_1.yaml index 3dec0aa76..b402cffa7 100755 --- a/queries/aws_vpc_flow_log_event_1.yaml +++ b/queries/aws_vpc_flow_log_event_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_flow_log_event_1 Title: "Find AWS VPC Flow Log Event Details in Last 5 Minutes" Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_flow_log_event_1.yaml.bak b/queries/aws_vpc_flow_log_event_1.yaml.bak new file mode 100755 index 000000000..3dec0aa76 --- /dev/null +++ b/queries/aws_vpc_flow_log_event_1.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_vpc_flow_log_event_1 +Title: "Find AWS VPC Flow Log Event Details in Last 5 Minutes" +Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + log_stream_name, + log_status, + action, + ingestion_time, + timestamp, + interface_id, + interface_account_id, + src_addr, + region + from + aws_vpc_flow_log_event + where + log_group_name = 'vpc-log-group-name' + and timestamp >= now() - interval '5 minutes'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_2.yaml b/queries/aws_vpc_flow_log_event_2.yaml index ff8d8a1f6..641d177be 100755 --- a/queries/aws_vpc_flow_log_event_2.yaml +++ b/queries/aws_vpc_flow_log_event_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_flow_log_event_2 Title: "List all AWS VPC Flow Log Events and IP Traffic Details" Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_flow_log_event_2.yaml.bak b/queries/aws_vpc_flow_log_event_2.yaml.bak new file mode 100755 index 000000000..ff8d8a1f6 --- /dev/null +++ b/queries/aws_vpc_flow_log_event_2.yaml.bak @@ -0,0 +1,40 @@ +ID: aws_vpc_flow_log_event_2 +Title: "List all AWS VPC Flow Log Events and IP Traffic Details" +Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + log_stream_name, + log_status, + action, + ingestion_time, + timestamp, + interface_id, + interface_account_id, + src_addr, + region + from + aws_vpc_flow_log_event + where + log_group_name = 'vpc-log-group-name' + and timestamp between (now() - interval '10 minutes') and (now() - interval '5 minutes') + order by + timestamp asc; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_3.yaml b/queries/aws_vpc_flow_log_event_3.yaml index 23ae398c2..3cf58170e 100755 --- a/queries/aws_vpc_flow_log_event_3.yaml +++ b/queries/aws_vpc_flow_log_event_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_flow_log_event_3 Title: "List all IP traffic from AWS VPC Flow Logs" Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_flow_log_event_3.yaml.bak b/queries/aws_vpc_flow_log_event_3.yaml.bak new file mode 100755 index 000000000..23ae398c2 --- /dev/null +++ b/queries/aws_vpc_flow_log_event_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_flow_log_event_3 +Title: "List all IP traffic from AWS VPC Flow Logs" +Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + distinct(interface_id) + from + aws_vpc_flow_log_event + where + log_group_name = 'vpc-log-group-name' + and timestamp >= now() - interval '1 hour'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_4.yaml b/queries/aws_vpc_flow_log_event_4.yaml index 36977ff5e..0fa54668c 100755 --- a/queries/aws_vpc_flow_log_event_4.yaml +++ b/queries/aws_vpc_flow_log_event_4.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_flow_log_event_4 Title: "Find all AWS VPC Flow Log Events Using SQL" Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_flow_log_event_4.yaml.bak b/queries/aws_vpc_flow_log_event_4.yaml.bak new file mode 100755 index 000000000..0fa54668c --- /dev/null +++ b/queries/aws_vpc_flow_log_event_4.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_vpc_flow_log_event_4 +Title: "Find all AWS VPC Flow Log Events Using SQL" +Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_stream_name, + timestamp, + interface_id, + interface_account_id, + src_addr, + src_port, + dst_addr, + dst_port + from + aws_vpc_flow_log_event + where + log_group_name = 'vpc-log-group-name' + and action = 'REJECT' + and timestamp >= now() - interval '1 hour'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_4.yaml.bak.bak b/queries/aws_vpc_flow_log_event_4.yaml.bak.bak new file mode 100755 index 000000000..0fa54668c --- /dev/null +++ b/queries/aws_vpc_flow_log_event_4.yaml.bak.bak @@ -0,0 +1,35 @@ +ID: aws_vpc_flow_log_event_4 +Title: "Find all AWS VPC Flow Log Events Using SQL" +Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_stream_name, + timestamp, + interface_id, + interface_account_id, + src_addr, + src_port, + dst_addr, + dst_port + from + aws_vpc_flow_log_event + where + log_group_name = 'vpc-log-group-name' + and action = 'REJECT' + and timestamp >= now() - interval '1 hour'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_5.yaml b/queries/aws_vpc_flow_log_event_5.yaml index 87f636273..6f03b18ad 100755 --- a/queries/aws_vpc_flow_log_event_5.yaml +++ b/queries/aws_vpc_flow_log_event_5.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_flow_log_event_5 Title: "Find AWS VPC Flow Log Events and IP Traffic Details" Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_flow_log_event_5.yaml.bak b/queries/aws_vpc_flow_log_event_5.yaml.bak new file mode 100755 index 000000000..87f636273 --- /dev/null +++ b/queries/aws_vpc_flow_log_event_5.yaml.bak @@ -0,0 +1,40 @@ +ID: aws_vpc_flow_log_event_5 +Title: "Find AWS VPC Flow Log Events and IP Traffic Details" +Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + log_stream_name, + log_status, + action, + ingestion_time, + timestamp, + interface_id, + interface_account_id, + src_addr, + region + from + aws_vpc_flow_log_event + where + log_group_name = 'vpc-log-group-name' + and log_stream_name = 'eni-1d47d21d-all' + and (src_addr = '10.85.14.210' or dst_addr = '10.85.14.213') + and timestamp >= now() - interval '1 hour' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_6.yaml b/queries/aws_vpc_flow_log_event_6.yaml index 220daa402..cbab30e06 100755 --- a/queries/aws_vpc_flow_log_event_6.yaml +++ b/queries/aws_vpc_flow_log_event_6.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_flow_log_event_6 Title: "Find all AWS VPC Flow Logs and IP Traffic Information" Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_flow_log_event_6.yaml.bak b/queries/aws_vpc_flow_log_event_6.yaml.bak new file mode 100755 index 000000000..220daa402 --- /dev/null +++ b/queries/aws_vpc_flow_log_event_6.yaml.bak @@ -0,0 +1,38 @@ +ID: aws_vpc_flow_log_event_6 +Title: "Find all AWS VPC Flow Logs and IP Traffic Information" +Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + log_group_name, + log_stream_name, + log_status, + action, + ingestion_time, + timestamp, + interface_id, + interface_account_id, + src_addr, + region + from + aws_vpc_flow_log_event + where + log_group_name = 'vpc-log-group-name' + and log_stream_name = 'eni-1d47d21d-all' + and src_addr << '10.0.0.0/8'::inet + and timestamp >= now() - interval '1 hour' + order by + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Flow Logs diff --git a/queries/aws_vpc_internet_gateway_1.yaml b/queries/aws_vpc_internet_gateway_1.yaml index febd02487..6c8d03ed1 100755 --- a/queries/aws_vpc_internet_gateway_1.yaml +++ b/queries/aws_vpc_internet_gateway_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_internet_gateway_1 Title: "List all AWS VPC Internet Gateway data insights" Description: "Allows users to query AWS VPC Internet Gateway data. This table can be used to gain insights into the Internet Gateways attached to your VPCs, including their state, attached VPCs, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_internet_gateway_1.yaml.bak b/queries/aws_vpc_internet_gateway_1.yaml.bak new file mode 100755 index 000000000..febd02487 --- /dev/null +++ b/queries/aws_vpc_internet_gateway_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_vpc_internet_gateway_1 +Title: "List all AWS VPC Internet Gateway data insights" +Description: "Allows users to query AWS VPC Internet Gateway data. This table can be used to gain insights into the Internet Gateways attached to your VPCs, including their state, attached VPCs, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + internet_gateway_id, + attachments + from + aws_vpc_internet_gateway + where + attachments is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Internet Gateway diff --git a/queries/aws_vpc_internet_gateway_2.yaml b/queries/aws_vpc_internet_gateway_2.yaml index 24b6d2bb6..cd9c05401 100755 --- a/queries/aws_vpc_internet_gateway_2.yaml +++ b/queries/aws_vpc_internet_gateway_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_internet_gateway_2 Title: "Find AWS VPC Internet Gateway Details and States" Description: "Allows users to query AWS VPC Internet Gateway data. This table can be used to gain insights into the Internet Gateways attached to your VPCs, including their state, attached VPCs, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_internet_gateway_2.yaml.bak b/queries/aws_vpc_internet_gateway_2.yaml.bak new file mode 100755 index 000000000..cd9c05401 --- /dev/null +++ b/queries/aws_vpc_internet_gateway_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_vpc_internet_gateway_2 +Title: "Find AWS VPC Internet Gateway Details and States" +Description: "Allows users to query AWS VPC Internet Gateway data. This table can be used to gain insights into the Internet Gateways attached to your VPCs, including their state, attached VPCs, and associated tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + internet_gateway_id, + att ->> 'VpcId' as vpc_id + from + aws_vpc_internet_gateway + cross join jsonb_array_elements(attachments) as att; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Internet Gateway diff --git a/queries/aws_vpc_internet_gateway_2.yaml.bak.bak b/queries/aws_vpc_internet_gateway_2.yaml.bak.bak new file mode 100755 index 000000000..24b6d2bb6 --- /dev/null +++ b/queries/aws_vpc_internet_gateway_2.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_vpc_internet_gateway_2 +Title: "Find AWS VPC Internet Gateway Details and States" +Description: "Allows users to query AWS VPC Internet Gateway data. This table can be used to gain insights into the Internet Gateways attached to your VPCs, including their state, attached VPCs, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + internet_gateway_id, + att ->> 'VpcId' as vpc_id + from + aws_vpc_internet_gateway + cross join jsonb_array_elements(attachments) as att; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Internet Gateway diff --git a/queries/aws_vpc_nat_gateway_1.yaml b/queries/aws_vpc_nat_gateway_1.yaml index 31a921ad6..e9866b481 100755 --- a/queries/aws_vpc_nat_gateway_1.yaml +++ b/queries/aws_vpc_nat_gateway_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_nat_gateway_1 Title: "List all details of AWS VPC NAT Gateways with SQL" Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_nat_gateway_1.yaml.bak b/queries/aws_vpc_nat_gateway_1.yaml.bak new file mode 100755 index 000000000..31a921ad6 --- /dev/null +++ b/queries/aws_vpc_nat_gateway_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_nat_gateway_1 +Title: "List all details of AWS VPC NAT Gateways with SQL" +Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + nat_gateway_id, + address ->> 'PrivateIp' as private_ip, + address ->> 'PublicIp' as public_ip, + address ->> 'NetworkInterfaceId' as nic_id, + address ->> 'AllocationId' as allocation_id + from + aws_vpc_nat_gateway + cross join jsonb_array_elements(nat_gateway_addresses) as address; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Virtual Private Cloud diff --git a/queries/aws_vpc_nat_gateway_2.yaml b/queries/aws_vpc_nat_gateway_2.yaml index 62e69553c..834d40d99 100755 --- a/queries/aws_vpc_nat_gateway_2.yaml +++ b/queries/aws_vpc_nat_gateway_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_nat_gateway_2 Title: "Find AWS VPC NAT Gateways and Subnet Details" Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_nat_gateway_2.yaml.bak b/queries/aws_vpc_nat_gateway_2.yaml.bak new file mode 100755 index 000000000..62e69553c --- /dev/null +++ b/queries/aws_vpc_nat_gateway_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_vpc_nat_gateway_2 +Title: "Find AWS VPC NAT Gateways and Subnet Details" +Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + nat_gateway_id, + vpc_id, + subnet_id + from + aws_vpc_nat_gateway; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_nat_gateway_3.yaml b/queries/aws_vpc_nat_gateway_3.yaml index f93117c61..65a37ff37 100755 --- a/queries/aws_vpc_nat_gateway_3.yaml +++ b/queries/aws_vpc_nat_gateway_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_nat_gateway_3 Title: "Find AWS VPC NAT Gateways and Their Details" Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_nat_gateway_3.yaml.bak b/queries/aws_vpc_nat_gateway_3.yaml.bak new file mode 100755 index 000000000..f93117c61 --- /dev/null +++ b/queries/aws_vpc_nat_gateway_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_nat_gateway_3 +Title: "Find AWS VPC NAT Gateways and Their Details" +Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + nat_gateway_id, + tags + from + aws_vpc_nat_gateway + where + not tags :: JSONB ? 'application'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_nat_gateway_4.yaml b/queries/aws_vpc_nat_gateway_4.yaml index 715192f46..48e733317 100755 --- a/queries/aws_vpc_nat_gateway_4.yaml +++ b/queries/aws_vpc_nat_gateway_4.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_nat_gateway_4 Title: "List All AWS VPC NAT Gateways and Their Subnet Associations" Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_nat_gateway_4.yaml.bak b/queries/aws_vpc_nat_gateway_4.yaml.bak new file mode 100755 index 000000000..715192f46 --- /dev/null +++ b/queries/aws_vpc_nat_gateway_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_nat_gateway_4 +Title: "List All AWS VPC NAT Gateways and Their Subnet Associations" +Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_id, + count(nat_gateway_id) as nat_gateway_id + from + aws_vpc_nat_gateway + group by + vpc_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon VPC diff --git a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml index 8c64e1061..2830a3328 100755 --- a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml +++ b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_nat_gateway_metric_bytes_out_to_destination_1 Title: "List all AWS NAT Gateway Metrics for Bytes Sent Out" Description: "Allows users to query AWS NAT Gateway metrics for bytes sent to the destination from the NAT gateway. The table provides information about the number of bytes sent out to the destination per NAT gateway in a VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml.bak b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml.bak new file mode 100755 index 000000000..8c64e1061 --- /dev/null +++ b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_vpc_nat_gateway_metric_bytes_out_to_destination_1 +Title: "List all AWS NAT Gateway Metrics for Bytes Sent Out" +Description: "Allows users to query AWS NAT Gateway metrics for bytes sent to the destination from the NAT gateway. The table provides information about the number of bytes sent out to the destination per NAT gateway in a VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + nat_gateway_id, + timestamp, + minimum, + maximum, + average, + sample_count + from + aws_vpc_nat_gateway_metric_bytes_out_to_destination + order by + nat_gateway_id, + timestamp; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - NAT Gateway diff --git a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml index 36e0e9c8c..55ab02f88 100755 --- a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml +++ b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_nat_gateway_metric_bytes_out_to_destination_2 Title: "Find AWS NAT Gateway Metrics for Bytes Sent to Destination" Description: "Allows users to query AWS NAT Gateway metrics for bytes sent to the destination from the NAT gateway. The table provides information about the number of bytes sent out to the destination per NAT gateway in a VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml.bak b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml.bak new file mode 100755 index 000000000..36e0e9c8c --- /dev/null +++ b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_vpc_nat_gateway_metric_bytes_out_to_destination_2 +Title: "Find AWS NAT Gateway Metrics for Bytes Sent to Destination" +Description: "Allows users to query AWS NAT Gateway metrics for bytes sent to the destination from the NAT gateway. The table provides information about the number of bytes sent out to the destination per NAT gateway in a VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + g.nat_gateway_id, + vpc_id, + subnet_id + from + aws_vpc_nat_gateway as g + left join aws_vpc_nat_gateway_metric_bytes_out_to_destination as d + on g.nat_gateway_id = d.nat_gateway_id + group by + g.nat_gateway_id, + vpc_id, + subnet_id + having + sum(average) = 0; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - CloudWatch diff --git a/queries/aws_vpc_network_acl_1.yaml b/queries/aws_vpc_network_acl_1.yaml index 61d22ddb3..c4cc898ca 100755 --- a/queries/aws_vpc_network_acl_1.yaml +++ b/queries/aws_vpc_network_acl_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_network_acl_1 Title: "Find AWS VPC Network ACLs Information" Description: "Allows users to query AWS VPC Network ACLs to retrieve detailed information about network access control lists in a specific AWS VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_network_acl_1.yaml.bak b/queries/aws_vpc_network_acl_1.yaml.bak new file mode 100755 index 000000000..61d22ddb3 --- /dev/null +++ b/queries/aws_vpc_network_acl_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_vpc_network_acl_1 +Title: "Find AWS VPC Network ACLs Information" +Description: "Allows users to query AWS VPC Network ACLs to retrieve detailed information about network access control lists in a specific AWS VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + network_acl_id, + arn, + vpc_id + from + aws_vpc_network_acl; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Network ACL diff --git a/queries/aws_vpc_network_acl_2.yaml b/queries/aws_vpc_network_acl_2.yaml index 71c8bb2f0..610f9e71a 100755 --- a/queries/aws_vpc_network_acl_2.yaml +++ b/queries/aws_vpc_network_acl_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_network_acl_2 Title: "Find AWS VPC Network ACLs in a Specific VPC" Description: "Allows users to query AWS VPC Network ACLs to retrieve detailed information about network access control lists in a specific AWS VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_network_acl_2.yaml.bak b/queries/aws_vpc_network_acl_2.yaml.bak new file mode 100755 index 000000000..71c8bb2f0 --- /dev/null +++ b/queries/aws_vpc_network_acl_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_vpc_network_acl_2 +Title: "Find AWS VPC Network ACLs in a Specific VPC" +Description: "Allows users to query AWS VPC Network ACLs to retrieve detailed information about network access control lists in a specific AWS VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + network_acl_id, + vpc_id, + is_default + from + aws_vpc_network_acl + where + is_default = true; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Network ACL diff --git a/queries/aws_vpc_network_acl_3.yaml b/queries/aws_vpc_network_acl_3.yaml index a159c2d8a..5a30ccf80 100755 --- a/queries/aws_vpc_network_acl_3.yaml +++ b/queries/aws_vpc_network_acl_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_network_acl_3 Title: "Find AWS VPC Network ACL Details" Description: "Allows users to query AWS VPC Network ACLs to retrieve detailed information about network access control lists in a specific AWS VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_network_acl_3.yaml.bak b/queries/aws_vpc_network_acl_3.yaml.bak new file mode 100755 index 000000000..a159c2d8a --- /dev/null +++ b/queries/aws_vpc_network_acl_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_vpc_network_acl_3 +Title: "Find AWS VPC Network ACL Details" +Description: "Allows users to query AWS VPC Network ACLs to retrieve detailed information about network access control lists in a specific AWS VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + network_acl_id, + vpc_id, + association ->> 'SubnetId' as subnet_id, + association ->> 'NetworkAclAssociationId' as network_acl_association_id + from + aws_vpc_network_acl + cross join jsonb_array_elements(associations) as association; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Network ACL diff --git a/queries/aws_vpc_peering_connection_1.yaml b/queries/aws_vpc_peering_connection_1.yaml index 3135f61b9..d490462e5 100755 --- a/queries/aws_vpc_peering_connection_1.yaml +++ b/queries/aws_vpc_peering_connection_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_peering_connection_1 Title: "List AWS VPC Peering Connections using SQL" Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_peering_connection_1.yaml.bak b/queries/aws_vpc_peering_connection_1.yaml.bak new file mode 100755 index 000000000..3135f61b9 --- /dev/null +++ b/queries/aws_vpc_peering_connection_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_peering_connection_1 +Title: "List AWS VPC Peering Connections using SQL" +Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + accepter_owner_id, + accepter_region, + accepter_vpc_id, + expiration_time, + requester_owner_id, + requester_region, + requester_vpc_id + from + aws_vpc_peering_connection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Virtual Private Cloud diff --git a/queries/aws_vpc_peering_connection_2.yaml b/queries/aws_vpc_peering_connection_2.yaml index cb0ccb2ff..30e53e1e2 100755 --- a/queries/aws_vpc_peering_connection_2.yaml +++ b/queries/aws_vpc_peering_connection_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_peering_connection_2 Title: "Find Pending AWS VPC Peering Connections" Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_peering_connection_2.yaml.bak b/queries/aws_vpc_peering_connection_2.yaml.bak new file mode 100755 index 000000000..cb0ccb2ff --- /dev/null +++ b/queries/aws_vpc_peering_connection_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_vpc_peering_connection_2 +Title: "Find Pending AWS VPC Peering Connections" +Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + accepter_vpc_id, + requester_vpc_id, + status_code, + status_message + from + aws_vpc_peering_connection + where + status_code = 'pending-acceptance'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon VPC diff --git a/queries/aws_vpc_peering_connection_3.yaml b/queries/aws_vpc_peering_connection_3.yaml index acd99d15e..5d301cb20 100755 --- a/queries/aws_vpc_peering_connection_3.yaml +++ b/queries/aws_vpc_peering_connection_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_peering_connection_3 Title: "Query All AWS VPC Peering Connections" Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_peering_connection_3.yaml.bak b/queries/aws_vpc_peering_connection_3.yaml.bak new file mode 100755 index 000000000..acd99d15e --- /dev/null +++ b/queries/aws_vpc_peering_connection_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_vpc_peering_connection_3 +Title: "Query All AWS VPC Peering Connections" +Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + requester_cidr_block, + requester_owner_id, + requester_region, + requester_vpc_id, + jsonb_pretty(requester_cidr_block_set) as requester_cidr_block_set, + jsonb_pretty(requester_ipv6_cidr_block_set) as requester_ipv6_cidr_block_set, + jsonb_pretty(requester_peering_options) as requester_peering_options + from + aws_vpc_peering_connection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon VPC diff --git a/queries/aws_vpc_peering_connection_4.yaml b/queries/aws_vpc_peering_connection_4.yaml index f1456868d..302f40308 100755 --- a/queries/aws_vpc_peering_connection_4.yaml +++ b/queries/aws_vpc_peering_connection_4.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_peering_connection_4 Title: "List all AWS VPC Peering Connections" Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_peering_connection_4.yaml.bak b/queries/aws_vpc_peering_connection_4.yaml.bak new file mode 100755 index 000000000..302f40308 --- /dev/null +++ b/queries/aws_vpc_peering_connection_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_peering_connection_4 +Title: "List all AWS VPC Peering Connections" +Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + accepter_cidr_block, + accepter_owner_id, + accepter_region, + accepter_vpc_id, + jsonb_pretty(accepter_cidr_block_set) as accepter_cidr_block_set, + jsonb_pretty(accepter_ipv6_cidr_block_set) as accepter_ipv6_cidr_block_set, + jsonb_pretty(accepter_peering_options) as accepter_peering_options + from + aws_vpc_peering_connection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_peering_connection_4.yaml.bak.bak b/queries/aws_vpc_peering_connection_4.yaml.bak.bak new file mode 100755 index 000000000..302f40308 --- /dev/null +++ b/queries/aws_vpc_peering_connection_4.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_peering_connection_4 +Title: "List all AWS VPC Peering Connections" +Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + accepter_cidr_block, + accepter_owner_id, + accepter_region, + accepter_vpc_id, + jsonb_pretty(accepter_cidr_block_set) as accepter_cidr_block_set, + jsonb_pretty(accepter_ipv6_cidr_block_set) as accepter_ipv6_cidr_block_set, + jsonb_pretty(accepter_peering_options) as accepter_peering_options + from + aws_vpc_peering_connection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_peering_connection_5.yaml b/queries/aws_vpc_peering_connection_5.yaml index 1d0f7b923..2c49ebf0f 100755 --- a/queries/aws_vpc_peering_connection_5.yaml +++ b/queries/aws_vpc_peering_connection_5.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_peering_connection_5 Title: "List all VPC Peering Connections in AWS" Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_peering_connection_5.yaml.bak b/queries/aws_vpc_peering_connection_5.yaml.bak new file mode 100755 index 000000000..1d0f7b923 --- /dev/null +++ b/queries/aws_vpc_peering_connection_5.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_vpc_peering_connection_5 +Title: "List all VPC Peering Connections in AWS" +Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + accepter_owner_id, + accepter_region, + accepter_vpc_id, + expiration_time, + requester_owner_id, + requester_region, + requester_vpc_id + from + aws_vpc_peering_connection + where + id in ('pcx-0a0403619dd2f3b24', 'pcx-048825e2c43ffd99e'); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon VPC diff --git a/queries/aws_vpc_peering_connection_6.yaml b/queries/aws_vpc_peering_connection_6.yaml index f19b7abd9..6bcc8392c 100755 --- a/queries/aws_vpc_peering_connection_6.yaml +++ b/queries/aws_vpc_peering_connection_6.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_peering_connection_6 Title: "Find all VPC Peering Connections in AWS VPC" Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_peering_connection_6.yaml.bak b/queries/aws_vpc_peering_connection_6.yaml.bak new file mode 100755 index 000000000..f19b7abd9 --- /dev/null +++ b/queries/aws_vpc_peering_connection_6.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_vpc_peering_connection_6 +Title: "Find all VPC Peering Connections in AWS VPC" +Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + jsonb_pretty(tags) as tags, + jsonb_pretty(tags_src) as tags_src + from + aws_vpc_peering_connection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Virtual Private Cloud diff --git a/queries/aws_vpc_peering_connection_7.yaml b/queries/aws_vpc_peering_connection_7.yaml index c2649773a..b0e75ef3a 100755 --- a/queries/aws_vpc_peering_connection_7.yaml +++ b/queries/aws_vpc_peering_connection_7.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_peering_connection_7 Title: "Find AWS VPC Peering Connections in Amazon VPC" Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_peering_connection_7.yaml.bak b/queries/aws_vpc_peering_connection_7.yaml.bak new file mode 100755 index 000000000..c2649773a --- /dev/null +++ b/queries/aws_vpc_peering_connection_7.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_vpc_peering_connection_7 +Title: "Find AWS VPC Peering Connections in Amazon VPC" +Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + tags ->> 'Name' as name + from + aws_vpc_peering_connection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_peering_connection_8.yaml b/queries/aws_vpc_peering_connection_8.yaml index 5d5f954ba..6844cd0dd 100755 --- a/queries/aws_vpc_peering_connection_8.yaml +++ b/queries/aws_vpc_peering_connection_8.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_peering_connection_8 Title: "List all VPC Peering Connections in AWS VPC" Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_peering_connection_8.yaml.bak b/queries/aws_vpc_peering_connection_8.yaml.bak new file mode 100755 index 000000000..6844cd0dd --- /dev/null +++ b/queries/aws_vpc_peering_connection_8.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_vpc_peering_connection_8 +Title: "List all VPC Peering Connections in AWS VPC" +Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + v.id, + jsonb_pretty(tags) as tags + from + aws_vpc_peering_connection as v, + jsonb_each(tags) + where + key = 'turbot:TurbotCreatedPeeringConnection'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_peering_connection_8.yaml.bak.bak b/queries/aws_vpc_peering_connection_8.yaml.bak.bak new file mode 100755 index 000000000..6844cd0dd --- /dev/null +++ b/queries/aws_vpc_peering_connection_8.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_vpc_peering_connection_8 +Title: "List all VPC Peering Connections in AWS VPC" +Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + v.id, + jsonb_pretty(tags) as tags + from + aws_vpc_peering_connection as v, + jsonb_each(tags) + where + key = 'turbot:TurbotCreatedPeeringConnection'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_peering_connection_9.yaml b/queries/aws_vpc_peering_connection_9.yaml index 496160759..72a5afef0 100755 --- a/queries/aws_vpc_peering_connection_9.yaml +++ b/queries/aws_vpc_peering_connection_9.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_peering_connection_9 Title: "Find AWS VPC Peering Connections in Amazon VPC" Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_peering_connection_9.yaml.bak b/queries/aws_vpc_peering_connection_9.yaml.bak new file mode 100755 index 000000000..496160759 --- /dev/null +++ b/queries/aws_vpc_peering_connection_9.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_peering_connection_9 +Title: "Find AWS VPC Peering Connections in Amazon VPC" +Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + jsonb_pretty(tags) as tags + from + aws_vpc_peering_connection + where + tags @> '{"Name": "vpc-0639e12347e5b6bfb <=> vpc-8e1234f5"}'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Virtual Private Cloud diff --git a/queries/aws_vpc_route_1.yaml b/queries/aws_vpc_route_1.yaml index 53995d1b3..55053fe0f 100755 --- a/queries/aws_vpc_route_1.yaml +++ b/queries/aws_vpc_route_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_route_1 Title: "List all AWS VPC Routes Information using SQL" Description: "Allows users to query AWS VPC Routes to retrieve detailed information about each route in a route table within a VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_route_1.yaml.bak b/queries/aws_vpc_route_1.yaml.bak new file mode 100755 index 000000000..53995d1b3 --- /dev/null +++ b/queries/aws_vpc_route_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_vpc_route_1 +Title: "List all AWS VPC Routes Information using SQL" +Description: "Allows users to query AWS VPC Routes to retrieve detailed information about each route in a route table within a VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + route_table_id, + gateway_id + from + aws_vpc_route + where + gateway_id ilike 'igw%' + and destination_cidr_block = '0.0.0.0/0'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_route_2.yaml b/queries/aws_vpc_route_2.yaml index da8dd22a8..b5865c971 100755 --- a/queries/aws_vpc_route_2.yaml +++ b/queries/aws_vpc_route_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_route_2 Title: "Find AWS VPC Routes for Specific Route Table States" Description: "Allows users to query AWS VPC Routes to retrieve detailed information about each route in a route table within a VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_route_2.yaml.bak b/queries/aws_vpc_route_2.yaml.bak new file mode 100755 index 000000000..da8dd22a8 --- /dev/null +++ b/queries/aws_vpc_route_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_route_2 +Title: "Find AWS VPC Routes for Specific Route Table States" +Description: "Allows users to query AWS VPC Routes to retrieve detailed information about each route in a route table within a VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + route_table_id, + state + from + aws_vpc_route + where + state = 'blackhole'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_route_3.yaml b/queries/aws_vpc_route_3.yaml index f86fdab9e..207e3a614 100755 --- a/queries/aws_vpc_route_3.yaml +++ b/queries/aws_vpc_route_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_route_3 Title: "Find AWS VPC Routes and Retrieve Route Information" Description: "Allows users to query AWS VPC Routes to retrieve detailed information about each route in a route table within a VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_route_3.yaml.bak b/queries/aws_vpc_route_3.yaml.bak new file mode 100755 index 000000000..f86fdab9e --- /dev/null +++ b/queries/aws_vpc_route_3.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_vpc_route_3 +Title: "Find AWS VPC Routes and Retrieve Route Information" +Description: "Allows users to query AWS VPC Routes to retrieve detailed information about each route in a route table within a VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + route_table_id, + state, + destination_cidr_block, + destination_ipv6_cidr_block, + carrier_gateway_id, + destination_prefix_list_id, + egress_only_internet_gateway_id, + gateway_id, + instance_id, + nat_gateway_id, + network_interface_id, + transit_gateway_id, + vpc_peering_connection_id + from + aws_vpc_route; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_route_table_1.yaml b/queries/aws_vpc_route_table_1.yaml index c6483a39d..3cdbcb480 100755 --- a/queries/aws_vpc_route_table_1.yaml +++ b/queries/aws_vpc_route_table_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_route_table_1 Title: "Find all AWS VPC Route Tables and their Details" Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_route_table_1.yaml.bak b/queries/aws_vpc_route_table_1.yaml.bak new file mode 100755 index 000000000..c6483a39d --- /dev/null +++ b/queries/aws_vpc_route_table_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_vpc_route_table_1 +Title: "Find all AWS VPC Route Tables and their Details" +Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_id, + count(route_table_id) as route_table_count + from + aws_vpc_route_table + group by + vpc_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Route Tables diff --git a/queries/aws_vpc_route_table_2.yaml b/queries/aws_vpc_route_table_2.yaml index f7871f665..d1dec4fe7 100755 --- a/queries/aws_vpc_route_table_2.yaml +++ b/queries/aws_vpc_route_table_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_route_table_2 Title: "List all AWS VPC Route Tables and Their Associations" Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_route_table_2.yaml.bak b/queries/aws_vpc_route_table_2.yaml.bak new file mode 100755 index 000000000..d1dec4fe7 --- /dev/null +++ b/queries/aws_vpc_route_table_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_vpc_route_table_2 +Title: "List all AWS VPC Route Tables and Their Associations" +Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + route_table_id, + associations_detail -> 'AssociationState' ->> 'State' as state, + associations_detail -> 'GatewayId' as gateway_id, + associations_detail -> 'SubnetId' as subnet_id, + associations_detail -> 'RouteTableAssociationId' as route_table_association_id, + associations_detail -> 'Main' as main_route_table + from + aws_vpc_route_table + cross join jsonb_array_elements(associations) as associations_detail; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_route_table_2.yaml.bak.bak b/queries/aws_vpc_route_table_2.yaml.bak.bak new file mode 100755 index 000000000..d1dec4fe7 --- /dev/null +++ b/queries/aws_vpc_route_table_2.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_vpc_route_table_2 +Title: "List all AWS VPC Route Tables and Their Associations" +Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + route_table_id, + associations_detail -> 'AssociationState' ->> 'State' as state, + associations_detail -> 'GatewayId' as gateway_id, + associations_detail -> 'SubnetId' as subnet_id, + associations_detail -> 'RouteTableAssociationId' as route_table_association_id, + associations_detail -> 'Main' as main_route_table + from + aws_vpc_route_table + cross join jsonb_array_elements(associations) as associations_detail; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_route_table_3.yaml b/queries/aws_vpc_route_table_3.yaml index 17df76fc0..04d82f394 100755 --- a/queries/aws_vpc_route_table_3.yaml +++ b/queries/aws_vpc_route_table_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_route_table_3 Title: "List all AWS VPC Route Tables with Detailed Info" Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_route_table_3.yaml.bak b/queries/aws_vpc_route_table_3.yaml.bak new file mode 100755 index 000000000..17df76fc0 --- /dev/null +++ b/queries/aws_vpc_route_table_3.yaml.bak @@ -0,0 +1,37 @@ +ID: aws_vpc_route_table_3 +Title: "List all AWS VPC Route Tables with Detailed Info" +Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + route_table_id, + route_detail -> 'CarrierGatewayId' ->> 'State' as carrier_gateway_id, + route_detail -> 'DestinationCidrBlock' as destination_CIDR_block, + route_detail -> 'DestinationIpv6CidrBlock' as destination_ipv6_CIDR_block, + route_detail -> 'EgressOnlyInternetGatewayId' as egress_only_internet_gateway, + route_detail -> 'GatewayId' as gateway_id, + route_detail -> 'InstanceId' as instance_id, + route_detail -> 'InstanceOwnerId' as instance_owner_id, + route_detail -> 'LocalGatewayId' as local_gateway_id, + route_detail -> 'NatGatewayId' as nat_gateway_id, + route_detail -> 'NetworkInterfaceId' as network_interface_id, + route_detail -> 'TransitGatewayId' as transit_gateway_id, + route_detail -> 'VpcPeeringConnectionId' as vpc_peering_connection_id + from + aws_vpc_route_table + cross join jsonb_array_elements(routes) as route_detail; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_security_group_1.yaml b/queries/aws_vpc_security_group_1.yaml index f4d9cfe53..be76419e5 100755 --- a/queries/aws_vpc_security_group_1.yaml +++ b/queries/aws_vpc_security_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_security_group_1 Title: "List all AWS VPC Security Groups with SQL Queries" Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_security_group_1.yaml.bak b/queries/aws_vpc_security_group_1.yaml.bak new file mode 100755 index 000000000..f4d9cfe53 --- /dev/null +++ b/queries/aws_vpc_security_group_1.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_vpc_security_group_1 +Title: "List all AWS VPC Security Groups with SQL Queries" +Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + group_name, + vpc_id, + perm ->> 'FromPort' as from_port, + perm ->> 'ToPort' as to_port, + perm ->> 'IpProtocol' as ip_protocol, + perm ->> 'IpRanges' as ip_ranges, + perm ->> 'Ipv6Ranges' as ipv6_ranges, + perm ->> 'UserIdGroupPairs' as user_id_group_pairs, + perm ->> 'PrefixListIds' as prefix_list_ids + from + aws_vpc_security_group as sg + cross join jsonb_array_elements(ip_permissions) as perm; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_security_group_2.yaml b/queries/aws_vpc_security_group_2.yaml index a35baf507..103039fc3 100755 --- a/queries/aws_vpc_security_group_2.yaml +++ b/queries/aws_vpc_security_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_security_group_2 Title: "Find AWS VPC Security Groups and Their Configurations" Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_security_group_2.yaml.bak b/queries/aws_vpc_security_group_2.yaml.bak new file mode 100755 index 000000000..103039fc3 --- /dev/null +++ b/queries/aws_vpc_security_group_2.yaml.bak @@ -0,0 +1,48 @@ +ID: aws_vpc_security_group_2 +Title: "Find AWS VPC Security Groups and Their Configurations" +Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + sg.group_name, + sg.group_id, + sgr.type, + sgr.ip_protocol, + sgr.from_port, + sgr.to_port, + cidr_ip + from + aws_vpc_security_group as sg + join aws_vpc_security_group_rule as sgr on sg.group_name = sgr.group_name + where + sgr.type = 'ingress' + and sgr.cidr_ip = '0.0.0.0/0' + and ( + ( + sgr.ip_protocol = '-1' -- all traffic + and sgr.from_port is null + ) + or ( + sgr.from_port <= 22 + and sgr.to_port >= 22 + ) + or ( + sgr.from_port <= 3389 + and sgr.to_port >= 3389 + ) + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_security_group_2.yaml.bak.bak b/queries/aws_vpc_security_group_2.yaml.bak.bak new file mode 100755 index 000000000..103039fc3 --- /dev/null +++ b/queries/aws_vpc_security_group_2.yaml.bak.bak @@ -0,0 +1,48 @@ +ID: aws_vpc_security_group_2 +Title: "Find AWS VPC Security Groups and Their Configurations" +Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + sg.group_name, + sg.group_id, + sgr.type, + sgr.ip_protocol, + sgr.from_port, + sgr.to_port, + cidr_ip + from + aws_vpc_security_group as sg + join aws_vpc_security_group_rule as sgr on sg.group_name = sgr.group_name + where + sgr.type = 'ingress' + and sgr.cidr_ip = '0.0.0.0/0' + and ( + ( + sgr.ip_protocol = '-1' -- all traffic + and sgr.from_port is null + ) + or ( + sgr.from_port <= 22 + and sgr.to_port >= 22 + ) + or ( + sgr.from_port <= 3389 + and sgr.to_port >= 3389 + ) + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_security_group_3.yaml b/queries/aws_vpc_security_group_3.yaml index 50e010d49..9d4a76c83 100755 --- a/queries/aws_vpc_security_group_3.yaml +++ b/queries/aws_vpc_security_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_security_group_3 Title: "List all AWS VPC Security Groups with Configurations" Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_security_group_3.yaml.bak b/queries/aws_vpc_security_group_3.yaml.bak new file mode 100755 index 000000000..50e010d49 --- /dev/null +++ b/queries/aws_vpc_security_group_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_security_group_3 +Title: "List all AWS VPC Security Groups with Configurations" +Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_id, + count(vpc_id) as count + from + aws_vpc_security_group + group by + vpc_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Security Group diff --git a/queries/aws_vpc_security_group_4.yaml b/queries/aws_vpc_security_group_4.yaml index a10669c02..03d0af5d2 100755 --- a/queries/aws_vpc_security_group_4.yaml +++ b/queries/aws_vpc_security_group_4.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_security_group_4 Title: "List all AWS VPC Security Groups and Metadata" Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_security_group_4.yaml.bak b/queries/aws_vpc_security_group_4.yaml.bak new file mode 100755 index 000000000..a10669c02 --- /dev/null +++ b/queries/aws_vpc_security_group_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_security_group_4 +Title: "List all AWS VPC Security Groups and Metadata" +Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + group_name, + group_id + from + aws_vpc_security_group + where + group_name like '%launch-wizard%'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_security_group_rule_1.yaml b/queries/aws_vpc_security_group_rule_1.yaml index c82b27f40..03d976a76 100755 --- a/queries/aws_vpc_security_group_rule_1.yaml +++ b/queries/aws_vpc_security_group_rule_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_security_group_rule_1 Title: "List AWS VPC Security Group Rules using SQL" Description: "Allows users to query AWS VPC Security Group Rule, providing detailed information about security group rules within Amazon Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_security_group_rule_1.yaml.bak b/queries/aws_vpc_security_group_rule_1.yaml.bak new file mode 100755 index 000000000..c82b27f40 --- /dev/null +++ b/queries/aws_vpc_security_group_rule_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_vpc_security_group_rule_1 +Title: "List AWS VPC Security Group Rules using SQL" +Description: "Allows users to query AWS VPC Security Group Rule, providing detailed information about security group rules within Amazon Virtual Private Cloud (VPC)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + security_group_rule_id, + group_id, + ip_protocol, + from_port, + to_port + from + aws_vpc_security_group_rule + where + cidr_ipv4 = '0.0.0.0/0' + and not is_egress; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon VPC diff --git a/queries/aws_vpc_security_group_rule_2.yaml b/queries/aws_vpc_security_group_rule_2.yaml index b859af26e..d31a46edb 100755 --- a/queries/aws_vpc_security_group_rule_2.yaml +++ b/queries/aws_vpc_security_group_rule_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_security_group_rule_2 Title: "Find AWS VPC Security Group Rule - Query with Details" Description: "Allows users to query AWS VPC Security Group Rule, providing detailed information about security group rules within Amazon Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_security_group_rule_2.yaml.bak b/queries/aws_vpc_security_group_rule_2.yaml.bak new file mode 100755 index 000000000..b859af26e --- /dev/null +++ b/queries/aws_vpc_security_group_rule_2.yaml.bak @@ -0,0 +1,46 @@ +ID: aws_vpc_security_group_rule_2 +Title: "Find AWS VPC Security Group Rule - Query with Details" +Description: "Allows users to query AWS VPC Security Group Rule, providing detailed information about security group rules within Amazon Virtual Private Cloud (VPC)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + security_group_rule_id, + group_id, + ip_protocol, + from_port, + to_port, + cidr_ipv4 + from + aws_vpc_security_group_rule + where + not is_egress + and cidr_ipv4 = '0.0.0.0/0' + and ( + ( + ip_protocol = '-1' -- all traffic + and from_port is null + ) + or ( + from_port <= 22 + and to_port >= 22 + ) + or ( + from_port <= 3389 + and to_port >= 3389 + ) + ); + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_security_group_rule_3.yaml b/queries/aws_vpc_security_group_rule_3.yaml index 57d77f126..d11fec0b3 100755 --- a/queries/aws_vpc_security_group_rule_3.yaml +++ b/queries/aws_vpc_security_group_rule_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_security_group_rule_3 Title: "List all AWS VPC Security Group Rules" Description: "Allows users to query AWS VPC Security Group Rule, providing detailed information about security group rules within Amazon Virtual Private Cloud (VPC)." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_security_group_rule_3.yaml.bak b/queries/aws_vpc_security_group_rule_3.yaml.bak new file mode 100755 index 000000000..57d77f126 --- /dev/null +++ b/queries/aws_vpc_security_group_rule_3.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_vpc_security_group_rule_3 +Title: "List all AWS VPC Security Group Rules" +Description: "Allows users to query AWS VPC Security Group Rule, providing detailed information about security group rules within Amazon Virtual Private Cloud (VPC)." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.security_group_rule_id, + r.ip_protocol, + r.from_port, + r.to_port, + r.cidr_ipv4, + r.group_id, + sg.group_name, + sg.vpc_id + from + aws_vpc_security_group_rule as r, + aws_vpc_security_group as sg + where + r.group_id = sg.group_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon Virtual Private Cloud diff --git a/queries/aws_vpc_subnet_1.yaml b/queries/aws_vpc_subnet_1.yaml index 8061a033e..4421ea96d 100755 --- a/queries/aws_vpc_subnet_1.yaml +++ b/queries/aws_vpc_subnet_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_subnet_1 Title: "List all AWS VPC Subnets with Detailed Information" Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_subnet_1.yaml.bak b/queries/aws_vpc_subnet_1.yaml.bak new file mode 100755 index 000000000..8061a033e --- /dev/null +++ b/queries/aws_vpc_subnet_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_vpc_subnet_1 +Title: "List all AWS VPC Subnets with Detailed Information" +Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_id, + subnet_id, + cidr_block, + assign_ipv6_address_on_creation, + map_customer_owned_ip_on_launch, + map_public_ip_on_launch, + ipv6_cidr_block_association_set + from + aws_vpc_subnet; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_subnet_2.yaml b/queries/aws_vpc_subnet_2.yaml index c8557ace1..4eaf42523 100755 --- a/queries/aws_vpc_subnet_2.yaml +++ b/queries/aws_vpc_subnet_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_subnet_2 Title: "List all AWS VPC Subnets with Details" Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_subnet_2.yaml.bak b/queries/aws_vpc_subnet_2.yaml.bak new file mode 100755 index 000000000..c8557ace1 --- /dev/null +++ b/queries/aws_vpc_subnet_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_vpc_subnet_2 +Title: "List all AWS VPC Subnets with Details" +Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_id, + subnet_id, + availability_zone, + availability_zone_id + from + aws_vpc_subnet + order by + vpc_id, + availability_zone; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_subnet_3.yaml b/queries/aws_vpc_subnet_3.yaml index aaaeb7707..9bd0314d4 100755 --- a/queries/aws_vpc_subnet_3.yaml +++ b/queries/aws_vpc_subnet_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_subnet_3 Title: "Find AWS VPC Subnets Information including CIDR Blocks" Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_subnet_3.yaml.bak b/queries/aws_vpc_subnet_3.yaml.bak new file mode 100755 index 000000000..aaaeb7707 --- /dev/null +++ b/queries/aws_vpc_subnet_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_subnet_3 +Title: "Find AWS VPC Subnets Information including CIDR Blocks" +Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + subnet_id, + cidr_block, + available_ip_address_count, + power(2, 32 - masklen(cidr_block :: cidr)) -1 as raw_size + from + aws_vpc_subnet; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_subnet_4.yaml b/queries/aws_vpc_subnet_4.yaml index 13acb2979..cd2d5f2b5 100755 --- a/queries/aws_vpc_subnet_4.yaml +++ b/queries/aws_vpc_subnet_4.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_subnet_4 Title: "Find AWS VPC Subnets with Configuration Details" Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_subnet_4.yaml.bak b/queries/aws_vpc_subnet_4.yaml.bak new file mode 100755 index 000000000..13acb2979 --- /dev/null +++ b/queries/aws_vpc_subnet_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_subnet_4 +Title: "Find AWS VPC Subnets with Configuration Details" +Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + associations_detail ->> 'SubnetId' as subnet_id, + route_table_id + from + aws_vpc_route_table as rt + cross join jsonb_array_elements(associations) as associations_detail + join aws_vpc_subnet as sub on sub.subnet_id = associations_detail ->> 'SubnetId'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_subnet_5.yaml b/queries/aws_vpc_subnet_5.yaml index 09fb0622c..336fb6409 100755 --- a/queries/aws_vpc_subnet_5.yaml +++ b/queries/aws_vpc_subnet_5.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_subnet_5 Title: "List all AWS VPC Subnets and Obtain Detailed Information" Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_subnet_5.yaml.bak b/queries/aws_vpc_subnet_5.yaml.bak new file mode 100755 index 000000000..09fb0622c --- /dev/null +++ b/queries/aws_vpc_subnet_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_subnet_5 +Title: "List all AWS VPC Subnets and Obtain Detailed Information" +Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpc_id, + count(subnet_id) as subnet_count + from + aws_vpc_subnet + group by + vpc_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_verified_access_endpoint_1.yaml b/queries/aws_vpc_verified_access_endpoint_1.yaml index f7ca68f0c..394b68c7b 100755 --- a/queries/aws_vpc_verified_access_endpoint_1.yaml +++ b/queries/aws_vpc_verified_access_endpoint_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_endpoint_1 Title: "List all AWS VPC Verified Access Endpoint Details" Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_endpoint_1.yaml.bak b/queries/aws_vpc_verified_access_endpoint_1.yaml.bak new file mode 100755 index 000000000..f7ca68f0c --- /dev/null +++ b/queries/aws_vpc_verified_access_endpoint_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_vpc_verified_access_endpoint_1 +Title: "List all AWS VPC Verified Access Endpoint Details" +Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + verified_access_endpoint_id, + verified_access_instance_id, + verified_access_group_id, + creation_time, + verified_access_instance_id, + domain_certificate_arn, + device_validation_domain, + status_code + from + aws_vpc_verified_access_endpoint; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Verified Access Endpoint diff --git a/queries/aws_vpc_verified_access_endpoint_2.yaml b/queries/aws_vpc_verified_access_endpoint_2.yaml index 43e0a91e1..da5018850 100755 --- a/queries/aws_vpc_verified_access_endpoint_2.yaml +++ b/queries/aws_vpc_verified_access_endpoint_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_endpoint_2 Title: "List All AWS VPC Verified Access Endpoint Data" Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_endpoint_2.yaml.bak b/queries/aws_vpc_verified_access_endpoint_2.yaml.bak new file mode 100755 index 000000000..43e0a91e1 --- /dev/null +++ b/queries/aws_vpc_verified_access_endpoint_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_vpc_verified_access_endpoint_2 +Title: "List All AWS VPC Verified Access Endpoint Data" +Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + verified_access_endpoint_id, + creation_time, + description, + status_code + from + aws_vpc_verified_access_endpoint + where + creation_time <= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Verified Access Endpoint diff --git a/queries/aws_vpc_verified_access_endpoint_3.yaml b/queries/aws_vpc_verified_access_endpoint_3.yaml index d972579b4..30bd74a5c 100755 --- a/queries/aws_vpc_verified_access_endpoint_3.yaml +++ b/queries/aws_vpc_verified_access_endpoint_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_endpoint_3 Title: "List all AWS VPC Verified Access Endpoint data with SQL" Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_endpoint_3.yaml.bak b/queries/aws_vpc_verified_access_endpoint_3.yaml.bak new file mode 100755 index 000000000..d972579b4 --- /dev/null +++ b/queries/aws_vpc_verified_access_endpoint_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_vpc_verified_access_endpoint_3 +Title: "List all AWS VPC Verified Access Endpoint data with SQL" +Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + verified_access_endpoint_id, + status_code, + creation_time, + deletion_time, + description, + device_validation_domain + from + aws_vpc_verified_access_endpoint + where + status_code <> 'active'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_verified_access_endpoint_4.yaml b/queries/aws_vpc_verified_access_endpoint_4.yaml index ff0797205..c2a8dcdc4 100755 --- a/queries/aws_vpc_verified_access_endpoint_4.yaml +++ b/queries/aws_vpc_verified_access_endpoint_4.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_endpoint_4 Title: "List all AWS VPC Verified Access Endpoint Configs" Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_endpoint_4.yaml.bak b/queries/aws_vpc_verified_access_endpoint_4.yaml.bak new file mode 100755 index 000000000..ff0797205 --- /dev/null +++ b/queries/aws_vpc_verified_access_endpoint_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_vpc_verified_access_endpoint_4 +Title: "List all AWS VPC Verified Access Endpoint Configs" +Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + e.verified_access_endpoint_id, + e.creation_time, + g.verified_access_group_id, + g.creation_time as group_create_time + from + aws_vpc_verified_access_endpoint as e, + aws_vpc_verified_access_group as g + where + e.verified_access_group_id = g.verified_access_group_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS VPC diff --git a/queries/aws_vpc_verified_access_endpoint_5.yaml b/queries/aws_vpc_verified_access_endpoint_5.yaml index cde17a987..9864351c1 100755 --- a/queries/aws_vpc_verified_access_endpoint_5.yaml +++ b/queries/aws_vpc_verified_access_endpoint_5.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_endpoint_5 Title: "List Verified Access Endpoints in AWS VPC" Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_endpoint_5.yaml.bak b/queries/aws_vpc_verified_access_endpoint_5.yaml.bak new file mode 100755 index 000000000..cde17a987 --- /dev/null +++ b/queries/aws_vpc_verified_access_endpoint_5.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_vpc_verified_access_endpoint_5 +Title: "List Verified Access Endpoints in AWS VPC" +Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + e.verified_access_group_id, + e.creation_time, + i.creation_time as instance_create_time, + i.verified_access_instance_id, + jsonb_pretty(i.verified_access_trust_providers) as verified_access_trust_providers + from + aws_vpc_verified_access_endpoint as e, + aws_vpc_verified_access_instance as i + where + e.verified_access_instance_id = i.verified_access_instance_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Verified Access Endpoint diff --git a/queries/aws_vpc_verified_access_endpoint_6.yaml b/queries/aws_vpc_verified_access_endpoint_6.yaml index 0713c0d20..632ac950a 100755 --- a/queries/aws_vpc_verified_access_endpoint_6.yaml +++ b/queries/aws_vpc_verified_access_endpoint_6.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_endpoint_6 Title: "List all AWS VPC Verified Access Endpoints configuration" Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_endpoint_6.yaml.bak b/queries/aws_vpc_verified_access_endpoint_6.yaml.bak new file mode 100755 index 000000000..632ac950a --- /dev/null +++ b/queries/aws_vpc_verified_access_endpoint_6.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_verified_access_endpoint_6 +Title: "List all AWS VPC Verified Access Endpoints configuration" +Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + verified_access_instance_id, + count(verified_access_endpoint_id) as instance_count + from + aws_vpc_verified_access_endpoint + group by + verified_access_instance_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Verified Access Endpoint diff --git a/queries/aws_vpc_verified_access_endpoint_6.yaml.bak.bak b/queries/aws_vpc_verified_access_endpoint_6.yaml.bak.bak new file mode 100755 index 000000000..632ac950a --- /dev/null +++ b/queries/aws_vpc_verified_access_endpoint_6.yaml.bak.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_verified_access_endpoint_6 +Title: "List all AWS VPC Verified Access Endpoints configuration" +Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + verified_access_instance_id, + count(verified_access_endpoint_id) as instance_count + from + aws_vpc_verified_access_endpoint + group by + verified_access_instance_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Verified Access Endpoint diff --git a/queries/aws_vpc_verified_access_endpoint_7.yaml b/queries/aws_vpc_verified_access_endpoint_7.yaml index ad9b8af84..6642f0462 100755 --- a/queries/aws_vpc_verified_access_endpoint_7.yaml +++ b/queries/aws_vpc_verified_access_endpoint_7.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_endpoint_7 Title: "List AWS VPC Verified Access Endpoints and Network Interface" Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_endpoint_7.yaml.bak b/queries/aws_vpc_verified_access_endpoint_7.yaml.bak new file mode 100755 index 000000000..ad9b8af84 --- /dev/null +++ b/queries/aws_vpc_verified_access_endpoint_7.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_vpc_verified_access_endpoint_7 +Title: "List AWS VPC Verified Access Endpoints and Network Interface" +Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + e.verified_access_endpoint_id, + i.network_interface_id, + i.interface_type, + i.private_ip_address, + i.association_public_ip, + jsonb_pretty(i.groups) as security_groups + from + aws_vpc_verified_access_endpoint as e, + aws_ec2_network_interface as i + where + e.network_interface_options ->> 'NetworkInterfaceId' = i.network_interface_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS VPC diff --git a/queries/aws_vpc_verified_access_group_1.yaml b/queries/aws_vpc_verified_access_group_1.yaml index d65eaf0be..cf3399d8d 100755 --- a/queries/aws_vpc_verified_access_group_1.yaml +++ b/queries/aws_vpc_verified_access_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_group_1 Title: "List all AWS VPC Verified Access Groups with Details" Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_group_1.yaml.bak b/queries/aws_vpc_verified_access_group_1.yaml.bak new file mode 100755 index 000000000..d65eaf0be --- /dev/null +++ b/queries/aws_vpc_verified_access_group_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_verified_access_group_1 +Title: "List all AWS VPC Verified Access Groups with Details" +Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + verified_access_group_id, + arn, + verified_access_instance_id, + creation_time, + description, + last_updated_time + from + aws_vpc_verified_access_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Virtual Private Cloud diff --git a/queries/aws_vpc_verified_access_group_2.yaml b/queries/aws_vpc_verified_access_group_2.yaml index 53e53a419..6e9a73b2f 100755 --- a/queries/aws_vpc_verified_access_group_2.yaml +++ b/queries/aws_vpc_verified_access_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_group_2 Title: "List all VPC Verified Access Groups in AWS" Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_group_2.yaml.bak b/queries/aws_vpc_verified_access_group_2.yaml.bak new file mode 100755 index 000000000..53e53a419 --- /dev/null +++ b/queries/aws_vpc_verified_access_group_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_verified_access_group_2 +Title: "List all VPC Verified Access Groups in AWS" +Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + verified_access_group_id, + creation_time, + description, + last_updated_time + from + aws_vpc_verified_access_group + where + creation_time <= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_verified_access_group_3.yaml b/queries/aws_vpc_verified_access_group_3.yaml index 52fd85eb2..214509658 100755 --- a/queries/aws_vpc_verified_access_group_3.yaml +++ b/queries/aws_vpc_verified_access_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_group_3 Title: "List all AWS VPC Verified Access Groups Information" Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_group_3.yaml.bak b/queries/aws_vpc_verified_access_group_3.yaml.bak new file mode 100755 index 000000000..52fd85eb2 --- /dev/null +++ b/queries/aws_vpc_verified_access_group_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_vpc_verified_access_group_3 +Title: "List all AWS VPC Verified Access Groups Information" +Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + verified_access_group_id, + creation_time, + deletion_time, + description, + last_updated_time + from + aws_vpc_verified_access_group + where + deletion_time is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Virtual Private Cloud diff --git a/queries/aws_vpc_verified_access_group_4.yaml b/queries/aws_vpc_verified_access_group_4.yaml index 9c36a3aab..d4431fa47 100755 --- a/queries/aws_vpc_verified_access_group_4.yaml +++ b/queries/aws_vpc_verified_access_group_4.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_group_4 Title: "List AWS VPC Verified Access Groups within AWS VPC" Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_group_4.yaml.bak b/queries/aws_vpc_verified_access_group_4.yaml.bak new file mode 100755 index 000000000..d4431fa47 --- /dev/null +++ b/queries/aws_vpc_verified_access_group_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_vpc_verified_access_group_4 +Title: "List AWS VPC Verified Access Groups within AWS VPC" +Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + g.verified_access_group_id, + g.creation_time, + i.creation_time as instance_create_time, + i.verified_access_instance_id, + jsonb_pretty(i.verified_access_trust_providers) as verified_access_trust_providers + from + aws_vpc_verified_access_group as g, + aws_vpc_verified_access_instance as i + where + g.verified_access_instance_id = i.verified_access_instance_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Virtual Private Cloud diff --git a/queries/aws_vpc_verified_access_group_4.yaml.bak.bak b/queries/aws_vpc_verified_access_group_4.yaml.bak.bak new file mode 100755 index 000000000..d4431fa47 --- /dev/null +++ b/queries/aws_vpc_verified_access_group_4.yaml.bak.bak @@ -0,0 +1,31 @@ +ID: aws_vpc_verified_access_group_4 +Title: "List AWS VPC Verified Access Groups within AWS VPC" +Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + g.verified_access_group_id, + g.creation_time, + i.creation_time as instance_create_time, + i.verified_access_instance_id, + jsonb_pretty(i.verified_access_trust_providers) as verified_access_trust_providers + from + aws_vpc_verified_access_group as g, + aws_vpc_verified_access_instance as i + where + g.verified_access_instance_id = i.verified_access_instance_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Virtual Private Cloud diff --git a/queries/aws_vpc_verified_access_instance_1.yaml b/queries/aws_vpc_verified_access_instance_1.yaml index 03cd1ce13..31e91e848 100755 --- a/queries/aws_vpc_verified_access_instance_1.yaml +++ b/queries/aws_vpc_verified_access_instance_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_instance_1 Title: "List AWS VPC Verified Access Instance Information" Description: "Allows users to query AWS VPC Verified Access Instances and provides information about the Amazon VPC verified access instances. This table can be used to gather details such as the instance ID, instance state, instance type, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_instance_1.yaml.bak b/queries/aws_vpc_verified_access_instance_1.yaml.bak new file mode 100755 index 000000000..03cd1ce13 --- /dev/null +++ b/queries/aws_vpc_verified_access_instance_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_vpc_verified_access_instance_1 +Title: "List AWS VPC Verified Access Instance Information" +Description: "Allows users to query AWS VPC Verified Access Instances and provides information about the Amazon VPC verified access instances. This table can be used to gather details such as the instance ID, instance state, instance type, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + verified_access_instance_id, + creation_time, + description, + last_updated_time, + verified_access_trust_providers + from + aws_vpc_verified_access_instance; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon VPC diff --git a/queries/aws_vpc_verified_access_instance_2.yaml b/queries/aws_vpc_verified_access_instance_2.yaml index 2ea80989d..f1c9140c1 100755 --- a/queries/aws_vpc_verified_access_instance_2.yaml +++ b/queries/aws_vpc_verified_access_instance_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_instance_2 Title: "Find AWS VPC Verified Access Instances with Details" Description: "Allows users to query AWS VPC Verified Access Instances and provides information about the Amazon VPC verified access instances. This table can be used to gather details such as the instance ID, instance state, instance type, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_instance_2.yaml.bak b/queries/aws_vpc_verified_access_instance_2.yaml.bak new file mode 100755 index 000000000..2ea80989d --- /dev/null +++ b/queries/aws_vpc_verified_access_instance_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_verified_access_instance_2 +Title: "Find AWS VPC Verified Access Instances with Details" +Description: "Allows users to query AWS VPC Verified Access Instances and provides information about the Amazon VPC verified access instances. This table can be used to gather details such as the instance ID, instance state, instance type, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + verified_access_instance_id, + creation_time, + description, + last_updated_time + from + aws_vpc_verified_access_instance + where + creation_time <= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Verified Access diff --git a/queries/aws_vpc_verified_access_instance_3.yaml b/queries/aws_vpc_verified_access_instance_3.yaml index d444744ac..e9f5fe6d7 100755 --- a/queries/aws_vpc_verified_access_instance_3.yaml +++ b/queries/aws_vpc_verified_access_instance_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_instance_3 Title: "List all AWS VPC Verified Access Instances and Details" Description: "Allows users to query AWS VPC Verified Access Instances and provides information about the Amazon VPC verified access instances. This table can be used to gather details such as the instance ID, instance state, instance type, and associated tags." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_instance_3.yaml.bak b/queries/aws_vpc_verified_access_instance_3.yaml.bak new file mode 100755 index 000000000..d444744ac --- /dev/null +++ b/queries/aws_vpc_verified_access_instance_3.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_vpc_verified_access_instance_3 +Title: "List all AWS VPC Verified Access Instances and Details" +Description: "Allows users to query AWS VPC Verified Access Instances and provides information about the Amazon VPC verified access instances. This table can be used to gather details such as the instance ID, instance state, instance type, and associated tags." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + i.verified_access_instance_id, + i.creation_time, + p ->> 'Description' as trust_provider_description, + p ->> 'TrustProviderType' as trust_provider_type, + p ->> 'UserTrustProviderType' as user_trust_provider_type, + p ->> 'DeviceTrustProviderType' as device_trust_provider_type, + p ->> 'VerifiedAccessTrustProviderId' as verified_access_trust_provider_id, + t.policy_reference_name as trust_access_policy_reference_name + from + aws_vpc_verified_access_instance as i, + aws_vpc_verified_access_trust_provider as t, + jsonb_array_elements(verified_access_trust_providers) as p + where + p ->> 'VerifiedAccessTrustProviderId' = t.verified_access_trust_provider_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_verified_access_trust_provider_1.yaml b/queries/aws_vpc_verified_access_trust_provider_1.yaml index b5889ebf3..696852fc8 100755 --- a/queries/aws_vpc_verified_access_trust_provider_1.yaml +++ b/queries/aws_vpc_verified_access_trust_provider_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_trust_provider_1 Title: "List AWS VPC Verified Access Trust Providers" Description: "Allows users to query AWS VPC Verified Access Trust Providers, providing information about the trust providers for VPC endpoints in AWS. This table can be used to gain insights into the trust relationships between VPC endpoints and the services they access." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_trust_provider_1.yaml.bak b/queries/aws_vpc_verified_access_trust_provider_1.yaml.bak new file mode 100755 index 000000000..b5889ebf3 --- /dev/null +++ b/queries/aws_vpc_verified_access_trust_provider_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_vpc_verified_access_trust_provider_1 +Title: "List AWS VPC Verified Access Trust Providers" +Description: "Allows users to query AWS VPC Verified Access Trust Providers, providing information about the trust providers for VPC endpoints in AWS. This table can be used to gain insights into the trust relationships between VPC endpoints and the services they access." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + verified_access_trust_provider_id, + creation_time, + device_trust_provider_type, + last_updated_time, + policy_reference_name, + trust_provider_type + from + aws_vpc_verified_access_trust_provider; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Verified Access diff --git a/queries/aws_vpc_verified_access_trust_provider_2.yaml b/queries/aws_vpc_verified_access_trust_provider_2.yaml index 8fd47253e..638a6103e 100755 --- a/queries/aws_vpc_verified_access_trust_provider_2.yaml +++ b/queries/aws_vpc_verified_access_trust_provider_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_trust_provider_2 Title: "List AWS VPC Verified Access Trust Providers' Details" Description: "Allows users to query AWS VPC Verified Access Trust Providers, providing information about the trust providers for VPC endpoints in AWS. This table can be used to gain insights into the trust relationships between VPC endpoints and the services they access." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_trust_provider_2.yaml.bak b/queries/aws_vpc_verified_access_trust_provider_2.yaml.bak new file mode 100755 index 000000000..8fd47253e --- /dev/null +++ b/queries/aws_vpc_verified_access_trust_provider_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_vpc_verified_access_trust_provider_2 +Title: "List AWS VPC Verified Access Trust Providers' Details" +Description: "Allows users to query AWS VPC Verified Access Trust Providers, providing information about the trust providers for VPC endpoints in AWS. This table can be used to gain insights into the trust relationships between VPC endpoints and the services they access." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + verified_access_trust_provider_id, + creation_time, + device_trust_provider_type, + last_updated_time, + policy_reference_name, + trust_provider_type + from + aws_vpc_verified_access_trust_provider + where + trust_provider_type = 'user'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC Verified Access diff --git a/queries/aws_vpc_verified_access_trust_provider_3.yaml b/queries/aws_vpc_verified_access_trust_provider_3.yaml index ec04dbc81..ae175b92b 100755 --- a/queries/aws_vpc_verified_access_trust_provider_3.yaml +++ b/queries/aws_vpc_verified_access_trust_provider_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_verified_access_trust_provider_3 Title: "List VPC Verified Access Trust Providers in AWS" Description: "Allows users to query AWS VPC Verified Access Trust Providers, providing information about the trust providers for VPC endpoints in AWS. This table can be used to gain insights into the trust relationships between VPC endpoints and the services they access." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_verified_access_trust_provider_3.yaml.bak b/queries/aws_vpc_verified_access_trust_provider_3.yaml.bak new file mode 100755 index 000000000..ec04dbc81 --- /dev/null +++ b/queries/aws_vpc_verified_access_trust_provider_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_vpc_verified_access_trust_provider_3 +Title: "List VPC Verified Access Trust Providers in AWS" +Description: "Allows users to query AWS VPC Verified Access Trust Providers, providing information about the trust providers for VPC endpoints in AWS. This table can be used to gain insights into the trust relationships between VPC endpoints and the services they access." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + verified_access_trust_provider_id, + creation_time, + last_updated_time, + policy_reference_name, + trust_provider_type + from + aws_vpc_verified_access_trust_provider + where + creation_time >= now() - interval '90' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_vpn_connection_1.yaml b/queries/aws_vpc_vpn_connection_1.yaml index 2619597b4..e22ff4f74 100755 --- a/queries/aws_vpc_vpn_connection_1.yaml +++ b/queries/aws_vpc_vpn_connection_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_vpn_connection_1 Title: "List all VPN Connections in an AWS VPC" Description: "Allows users to query VPN connections in an AWS VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_vpn_connection_1.yaml.bak b/queries/aws_vpc_vpn_connection_1.yaml.bak new file mode 100755 index 000000000..2619597b4 --- /dev/null +++ b/queries/aws_vpc_vpn_connection_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_vpn_connection_1 +Title: "List all VPN Connections in an AWS VPC" +Description: "Allows users to query VPN connections in an AWS VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpn_connection_id, + state, + type, + vpn_gateway_id, + customer_gateway_id, + region + from + aws_vpc_vpn_connection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC VPN diff --git a/queries/aws_vpc_vpn_connection_2.yaml b/queries/aws_vpc_vpn_connection_2.yaml index 1b1e4e17d..d6b85ec69 100755 --- a/queries/aws_vpc_vpn_connection_2.yaml +++ b/queries/aws_vpc_vpn_connection_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_vpn_connection_2 Title: "Find VPN Connections in AWS VPC" Description: "Allows users to query VPN connections in an AWS VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_vpn_connection_2.yaml.bak b/queries/aws_vpc_vpn_connection_2.yaml.bak new file mode 100755 index 000000000..1b1e4e17d --- /dev/null +++ b/queries/aws_vpc_vpn_connection_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_vpc_vpn_connection_2 +Title: "Find VPN Connections in AWS VPC" +Description: "Allows users to query VPN connections in an AWS VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpn_connection_id, + options -> 'EnableAcceleration' as enable_acceleration, + options ->> 'LocalIpv4NetworkCidr' as local_ipv4_network_cidr, + options ->> 'LocalIpv6NetworkCidr' as local_ipv6_network_cidr, + options ->> 'RemoteIpv4NetworkCidr' as remote_ipv4_network_cidr, + options ->> 'RemoteIpv6NetworkCidr' as remote_ipv6_network_cidr, + options -> 'StaticRoutesOnly' as static_routes_only, + options ->> 'TunnelInsideIpVersion' as tunnel_inside_ip_version, + options ->> 'TunnelOptions' as tunnel_options + from + aws_vpc_vpn_connection; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC VPN diff --git a/queries/aws_vpc_vpn_connection_3.yaml b/queries/aws_vpc_vpn_connection_3.yaml index e8e09bc64..e0d2b44a9 100755 --- a/queries/aws_vpc_vpn_connection_3.yaml +++ b/queries/aws_vpc_vpn_connection_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_vpn_connection_3 Title: "Find AWS VPC VPN Connection Using SQL" Description: "Allows users to query VPN connections in an AWS VPC." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_vpn_connection_3.yaml.bak b/queries/aws_vpc_vpn_connection_3.yaml.bak new file mode 100755 index 000000000..e8e09bc64 --- /dev/null +++ b/queries/aws_vpc_vpn_connection_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_vpc_vpn_connection_3 +Title: "Find AWS VPC VPN Connection Using SQL" +Description: "Allows users to query VPN connections in an AWS VPC." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpn_connection_id, + arn, + t ->> 'Status' as status + from + aws_vpc_vpn_connection, + jsonb_array_elements(vgw_telemetry) as t + where t ->> 'Status' = 'UP'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC diff --git a/queries/aws_vpc_vpn_gateway_1.yaml b/queries/aws_vpc_vpn_gateway_1.yaml index c4bd150d3..e607430bb 100755 --- a/queries/aws_vpc_vpn_gateway_1.yaml +++ b/queries/aws_vpc_vpn_gateway_1.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_vpn_gateway_1 Title: "Find AWS VPC VPN Gateway Details with SQL" Description: "Allows users to query AWS VPC VPN Gateway data, providing details about Virtual Private Cloud (VPC) VPN gateways in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_vpn_gateway_1.yaml.bak b/queries/aws_vpc_vpn_gateway_1.yaml.bak new file mode 100755 index 000000000..c4bd150d3 --- /dev/null +++ b/queries/aws_vpc_vpn_gateway_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_vpc_vpn_gateway_1 +Title: "Find AWS VPC VPN Gateway Details with SQL" +Description: "Allows users to query AWS VPC VPN Gateway data, providing details about Virtual Private Cloud (VPC) VPN gateways in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpn_gateway_id, + state, + type, + amazon_side_asn, + availability_zone, + vpc_attachments + from + aws_vpc_vpn_gateway; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC VPN Gateway diff --git a/queries/aws_vpc_vpn_gateway_2.yaml b/queries/aws_vpc_vpn_gateway_2.yaml index 7eb4f399c..ad6f8e6b0 100755 --- a/queries/aws_vpc_vpn_gateway_2.yaml +++ b/queries/aws_vpc_vpn_gateway_2.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_vpn_gateway_2 Title: "List all AWS VPC VPN Gateways without VPC Attachments" Description: "Allows users to query AWS VPC VPN Gateway data, providing details about Virtual Private Cloud (VPC) VPN gateways in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_vpn_gateway_2.yaml.bak b/queries/aws_vpc_vpn_gateway_2.yaml.bak new file mode 100755 index 000000000..7eb4f399c --- /dev/null +++ b/queries/aws_vpc_vpn_gateway_2.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_vpc_vpn_gateway_2 +Title: "List all AWS VPC VPN Gateways without VPC Attachments" +Description: "Allows users to query AWS VPC VPN Gateway data, providing details about Virtual Private Cloud (VPC) VPN gateways in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpn_gateway_id + from + aws_vpc_vpn_gateway + where + vpc_attachments is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Virtual Private Cloud (VPC) VPN Gateway diff --git a/queries/aws_vpc_vpn_gateway_3.yaml b/queries/aws_vpc_vpn_gateway_3.yaml index 2020c0721..6f0ebec7e 100755 --- a/queries/aws_vpc_vpn_gateway_3.yaml +++ b/queries/aws_vpc_vpn_gateway_3.yaml @@ -1,7 +1,7 @@ ID: aws_vpc_vpn_gateway_3 Title: "List all AWS VPC VPN Gateway Details for Default VPCs" Description: "Allows users to query AWS VPC VPN Gateway data, providing details about Virtual Private Cloud (VPC) VPN gateways in an AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_vpc_vpn_gateway_3.yaml.bak b/queries/aws_vpc_vpn_gateway_3.yaml.bak new file mode 100755 index 000000000..2020c0721 --- /dev/null +++ b/queries/aws_vpc_vpn_gateway_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_vpc_vpn_gateway_3 +Title: "List all AWS VPC VPN Gateway Details for Default VPCs" +Description: "Allows users to query AWS VPC VPN Gateway data, providing details about Virtual Private Cloud (VPC) VPN gateways in an AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + vpn_gateway_id, + vpc.is_default + from + aws_vpc_vpn_gateway + cross join jsonb_array_elements(vpc_attachments) as i + join aws_vpc vpc on i ->> 'VpcId' = vpc.vpc_id + where + vpc.is_default = true; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - VPC VPN Gateway diff --git a/queries/aws_waf_rate_based_rule_1.yaml b/queries/aws_waf_rate_based_rule_1.yaml index 0b017f8a3..21817c8be 100755 --- a/queries/aws_waf_rate_based_rule_1.yaml +++ b/queries/aws_waf_rate_based_rule_1.yaml @@ -1,7 +1,7 @@ ID: aws_waf_rate_based_rule_1 Title: "Find AWS WAF RateBasedRule info using SQL query" Description: "Allows users to query AWS WAF RateBasedRule to retrieve information about rate-based security rules that AWS Web Application Firewall (WAF) uses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_waf_rate_based_rule_1.yaml.bak b/queries/aws_waf_rate_based_rule_1.yaml.bak new file mode 100755 index 000000000..0b017f8a3 --- /dev/null +++ b/queries/aws_waf_rate_based_rule_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_waf_rate_based_rule_1 +Title: "Find AWS WAF RateBasedRule info using SQL query" +Description: "Allows users to query AWS WAF RateBasedRule to retrieve information about rate-based security rules that AWS Web Application Firewall (WAF) uses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + rule_id, + metric_name + from + aws_waf_rate_based_rule; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Web Application Firewall diff --git a/queries/aws_waf_rate_based_rule_2.yaml b/queries/aws_waf_rate_based_rule_2.yaml index 09530e046..b59d77938 100755 --- a/queries/aws_waf_rate_based_rule_2.yaml +++ b/queries/aws_waf_rate_based_rule_2.yaml @@ -1,7 +1,7 @@ ID: aws_waf_rate_based_rule_2 Title: "Find rate-based security rules in AWS WAF" Description: "Allows users to query AWS WAF RateBasedRule to retrieve information about rate-based security rules that AWS Web Application Firewall (WAF) uses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_waf_rate_based_rule_2.yaml.bak b/queries/aws_waf_rate_based_rule_2.yaml.bak new file mode 100755 index 000000000..09530e046 --- /dev/null +++ b/queries/aws_waf_rate_based_rule_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_waf_rate_based_rule_2 +Title: "Find rate-based security rules in AWS WAF" +Description: "Allows users to query AWS WAF RateBasedRule to retrieve information about rate-based security rules that AWS Web Application Firewall (WAF) uses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + rule_id, + p ->> 'DataId' as data_id, + p ->> 'Negated' as negated, + p ->> 'Type' as type + from + aws_waf_rate_based_rule, + jsonb_array_elements(predicates) as p + where + p ->> 'Negated' = 'True'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Web Application Firewall (WAF) diff --git a/queries/aws_waf_rule_1.yaml b/queries/aws_waf_rule_1.yaml index 7e1d80c77..75721b98a 100755 --- a/queries/aws_waf_rule_1.yaml +++ b/queries/aws_waf_rule_1.yaml @@ -1,7 +1,7 @@ ID: aws_waf_rule_1 Title: "List AWS WAF Rules" Description: "Allows users to query AWS Web Application Firewall (WAF) rules." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_waf_rule_1.yaml.bak b/queries/aws_waf_rule_1.yaml.bak new file mode 100755 index 000000000..7e1d80c77 --- /dev/null +++ b/queries/aws_waf_rule_1.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_waf_rule_1 +Title: "List AWS WAF Rules" +Description: "Allows users to query AWS Web Application Firewall (WAF) rules." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + rule_id, + metric_name + from + aws_waf_rule; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Web Application Firewall diff --git a/queries/aws_waf_rule_2.yaml b/queries/aws_waf_rule_2.yaml index 4d7137e28..6d533bbda 100755 --- a/queries/aws_waf_rule_2.yaml +++ b/queries/aws_waf_rule_2.yaml @@ -1,7 +1,7 @@ ID: aws_waf_rule_2 Title: "Find all AWS WAF rules with specific details" Description: "Allows users to query AWS Web Application Firewall (WAF) rules." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_waf_rule_2.yaml.bak b/queries/aws_waf_rule_2.yaml.bak new file mode 100755 index 000000000..4d7137e28 --- /dev/null +++ b/queries/aws_waf_rule_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_waf_rule_2 +Title: "Find all AWS WAF rules with specific details" +Description: "Allows users to query AWS Web Application Firewall (WAF) rules." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + rule_id, + p ->> 'DataId' as data_id, + p ->> 'Negated' as negated, + p ->> 'Type' as type + from + aws_waf_rule, + jsonb_array_elements(predicates) as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Web Application Firewall diff --git a/queries/aws_waf_rule_group_1.yaml b/queries/aws_waf_rule_group_1.yaml index 0206076bc..8184ba784 100755 --- a/queries/aws_waf_rule_group_1.yaml +++ b/queries/aws_waf_rule_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_waf_rule_group_1 Title: "Find AWS WAF Rule Group Details with Rules and Metadata" Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_waf_rule_group_1.yaml.bak b/queries/aws_waf_rule_group_1.yaml.bak new file mode 100755 index 000000000..8184ba784 --- /dev/null +++ b/queries/aws_waf_rule_group_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_waf_rule_group_1 +Title: "Find AWS WAF Rule Group Details with Rules and Metadata" +Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + rule_group_id, + metric_name, + activated_rules + from + aws_waf_rule_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WAF diff --git a/queries/aws_waf_rule_group_1.yaml.bak.bak b/queries/aws_waf_rule_group_1.yaml.bak.bak new file mode 100755 index 000000000..8184ba784 --- /dev/null +++ b/queries/aws_waf_rule_group_1.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_waf_rule_group_1 +Title: "Find AWS WAF Rule Group Details with Rules and Metadata" +Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + rule_group_id, + metric_name, + activated_rules + from + aws_waf_rule_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WAF diff --git a/queries/aws_waf_rule_group_2.yaml b/queries/aws_waf_rule_group_2.yaml index b38036fed..459250266 100755 --- a/queries/aws_waf_rule_group_2.yaml +++ b/queries/aws_waf_rule_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_waf_rule_group_2 Title: "Find AWS WAF Rule Groups with No Activated Rules" Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_waf_rule_group_2.yaml.bak b/queries/aws_waf_rule_group_2.yaml.bak new file mode 100755 index 000000000..b38036fed --- /dev/null +++ b/queries/aws_waf_rule_group_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_waf_rule_group_2 +Title: "Find AWS WAF Rule Groups with No Activated Rules" +Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + rule_group_id, + metric_name, + activated_rules + from + aws_waf_rule_group + where + activated_rules is null or jsonb_array_length(activated_rules) = 0; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF diff --git a/queries/aws_waf_rule_group_3.yaml b/queries/aws_waf_rule_group_3.yaml index 922af1b3a..f7dd1429a 100755 --- a/queries/aws_waf_rule_group_3.yaml +++ b/queries/aws_waf_rule_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_waf_rule_group_3 Title: "Query AWS WAF Rule Groups for Security Details" Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_waf_rule_group_3.yaml.bak b/queries/aws_waf_rule_group_3.yaml.bak new file mode 100755 index 000000000..922af1b3a --- /dev/null +++ b/queries/aws_waf_rule_group_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_waf_rule_group_3 +Title: "Query AWS WAF Rule Groups for Security Details" +Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as rule_group_name, + rule_group_id, + a ->> 'RuleId' as rule_id, + a -> 'Action' ->> 'Type' as rule_action_type, + a ->> 'Type' as rule_type + from + aws_waf_rule_group, + jsonb_array_elements(activated_rules) as a; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF diff --git a/queries/aws_waf_web_acl_1.yaml b/queries/aws_waf_web_acl_1.yaml index a157af0ec..8f633ff3c 100755 --- a/queries/aws_waf_web_acl_1.yaml +++ b/queries/aws_waf_web_acl_1.yaml @@ -1,7 +1,7 @@ ID: aws_waf_web_acl_1 Title: "List all AWS WAF WebACLs and their configurations" Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_waf_web_acl_1.yaml.bak b/queries/aws_waf_web_acl_1.yaml.bak new file mode 100755 index 000000000..a157af0ec --- /dev/null +++ b/queries/aws_waf_web_acl_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_waf_web_acl_1 +Title: "List all AWS WAF WebACLs and their configurations" +Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + web_acl_id, + arn, + region, + default_action, + tags + from + aws_waf_web_acl; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF diff --git a/queries/aws_waf_web_acl_2.yaml b/queries/aws_waf_web_acl_2.yaml index 51a6b4ff1..c0750a4c6 100755 --- a/queries/aws_waf_web_acl_2.yaml +++ b/queries/aws_waf_web_acl_2.yaml @@ -1,7 +1,7 @@ ID: aws_waf_web_acl_2 Title: "List all AWS WAF WebACLs configuration and rules" Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_waf_web_acl_2.yaml.bak b/queries/aws_waf_web_acl_2.yaml.bak new file mode 100755 index 000000000..51a6b4ff1 --- /dev/null +++ b/queries/aws_waf_web_acl_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_waf_web_acl_2 +Title: "List all AWS WAF WebACLs configuration and rules" +Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + web_acl_id, + r ->> 'RuleId' as rule_id, + r ->> 'Type' as rule_type, + r ->> 'ExcludedRules' as excluded_rules, + r ->> 'OverrideAction' as override_action, + r -> 'Action' ->> 'Type' as action_type + from + aws_waf_web_acl, + jsonb_array_elements(rules) as r; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF diff --git a/queries/aws_waf_web_acl_3.yaml b/queries/aws_waf_web_acl_3.yaml index ca838dceb..6f6690955 100755 --- a/queries/aws_waf_web_acl_3.yaml +++ b/queries/aws_waf_web_acl_3.yaml @@ -1,7 +1,7 @@ ID: aws_waf_web_acl_3 Title: "List all AWS WAF WebACLs and their configurations" Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_waf_web_acl_3.yaml.bak b/queries/aws_waf_web_acl_3.yaml.bak new file mode 100755 index 000000000..ca838dceb --- /dev/null +++ b/queries/aws_waf_web_acl_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_waf_web_acl_3 +Title: "List all AWS WAF WebACLs and their configurations" +Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + web_acl_id, + arn, + region, + default_action, + tags + from + aws_waf_web_acl + where + rules is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WAF diff --git a/queries/aws_waf_web_acl_4.yaml b/queries/aws_waf_web_acl_4.yaml index a910b51e5..7bd474530 100755 --- a/queries/aws_waf_web_acl_4.yaml +++ b/queries/aws_waf_web_acl_4.yaml @@ -1,7 +1,7 @@ ID: aws_waf_web_acl_4 Title: "Find AWS WAF WebACLs and Retrieve Configurations" Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_waf_web_acl_4.yaml.bak b/queries/aws_waf_web_acl_4.yaml.bak new file mode 100755 index 000000000..a910b51e5 --- /dev/null +++ b/queries/aws_waf_web_acl_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_waf_web_acl_4 +Title: "Find AWS WAF WebACLs and Retrieve Configurations" +Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + web_acl_id, + arn, + region, + default_action + from + aws_waf_web_acl + where + default_action = 'ALLOW'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WAF diff --git a/queries/aws_waf_web_acl_5.yaml b/queries/aws_waf_web_acl_5.yaml index b6e1a5b23..8140d41a4 100755 --- a/queries/aws_waf_web_acl_5.yaml +++ b/queries/aws_waf_web_acl_5.yaml @@ -1,7 +1,7 @@ ID: aws_waf_web_acl_5 Title: "Find AWS WAF WebACL Configuration and Metadata" Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_waf_web_acl_5.yaml.bak b/queries/aws_waf_web_acl_5.yaml.bak new file mode 100755 index 000000000..b6e1a5b23 --- /dev/null +++ b/queries/aws_waf_web_acl_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_waf_web_acl_5 +Title: "Find AWS WAF WebACL Configuration and Metadata" +Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + web_acl_id, + arn, + region + from + aws_waf_web_acl + where + logging_configuration is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WAF diff --git a/queries/aws_wafregional_rule_1.yaml b/queries/aws_wafregional_rule_1.yaml index b8d01539e..725e7ebd5 100755 --- a/queries/aws_wafregional_rule_1.yaml +++ b/queries/aws_wafregional_rule_1.yaml @@ -1,7 +1,7 @@ ID: aws_wafregional_rule_1 Title: "List AWS WAF Regional Rules and Details" Description: "Allows users to query AWS WAF Regional Rules for detailed information about each rule, including its ID, metric name, name, and the predicates associated with it." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafregional_rule_1.yaml.bak b/queries/aws_wafregional_rule_1.yaml.bak new file mode 100755 index 000000000..725e7ebd5 --- /dev/null +++ b/queries/aws_wafregional_rule_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_wafregional_rule_1 +Title: "List AWS WAF Regional Rules and Details" +Description: "Allows users to query AWS WAF Regional Rules for detailed information about each rule, including its ID, metric name, name, and the predicates associated with it." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + rule_id, + metric_name + from + aws_wafregional_rule; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF diff --git a/queries/aws_wafregional_rule_1.yaml.bak.bak b/queries/aws_wafregional_rule_1.yaml.bak.bak new file mode 100755 index 000000000..b8d01539e --- /dev/null +++ b/queries/aws_wafregional_rule_1.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_wafregional_rule_1 +Title: "List AWS WAF Regional Rules and Details" +Description: "Allows users to query AWS WAF Regional Rules for detailed information about each rule, including its ID, metric name, name, and the predicates associated with it." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + rule_id, + metric_name + from + aws_wafregional_rule; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF diff --git a/queries/aws_wafregional_rule_2.yaml b/queries/aws_wafregional_rule_2.yaml index 9bd812141..642a0ea6c 100755 --- a/queries/aws_wafregional_rule_2.yaml +++ b/queries/aws_wafregional_rule_2.yaml @@ -1,7 +1,7 @@ ID: aws_wafregional_rule_2 Title: "List all AWS WAF Regional Rules with Details" Description: "Allows users to query AWS WAF Regional Rules for detailed information about each rule, including its ID, metric name, name, and the predicates associated with it." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafregional_rule_2.yaml.bak b/queries/aws_wafregional_rule_2.yaml.bak new file mode 100755 index 000000000..9bd812141 --- /dev/null +++ b/queries/aws_wafregional_rule_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_wafregional_rule_2 +Title: "List all AWS WAF Regional Rules with Details" +Description: "Allows users to query AWS WAF Regional Rules for detailed information about each rule, including its ID, metric name, name, and the predicates associated with it." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + rule_id, + p ->> 'DataId' as data_id, + p ->> 'Negated' as negated, + p ->> 'Type' as type + from + aws_wafregional_rule, + jsonb_array_elements(predicates) as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF diff --git a/queries/aws_wafregional_rule_group_1.yaml b/queries/aws_wafregional_rule_group_1.yaml index d46dfb3df..8652611e2 100755 --- a/queries/aws_wafregional_rule_group_1.yaml +++ b/queries/aws_wafregional_rule_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_wafregional_rule_group_1 Title: "Find AWS WAF Regional Rule Groups Metadata and Details" Description: "Allows users to query AWS WAF Regional Rule Groups to gather information about each rule group''s metadata, associated rules, and other relevant details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafregional_rule_group_1.yaml.bak b/queries/aws_wafregional_rule_group_1.yaml.bak new file mode 100755 index 000000000..d46dfb3df --- /dev/null +++ b/queries/aws_wafregional_rule_group_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_wafregional_rule_group_1 +Title: "Find AWS WAF Regional Rule Groups Metadata and Details" +Description: "Allows users to query AWS WAF Regional Rule Groups to gather information about each rule group''s metadata, associated rules, and other relevant details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + rule_group_id, + metric_name, + activated_rules, + region + from + aws_wafregional_rule_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF Regional diff --git a/queries/aws_wafregional_rule_group_2.yaml b/queries/aws_wafregional_rule_group_2.yaml index 9f7f5db23..fdb38ebe2 100755 --- a/queries/aws_wafregional_rule_group_2.yaml +++ b/queries/aws_wafregional_rule_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_wafregional_rule_group_2 Title: "List all AWS WAF Regional Rule Groups" Description: "Allows users to query AWS WAF Regional Rule Groups to gather information about each rule group''s metadata, associated rules, and other relevant details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafregional_rule_group_2.yaml.bak b/queries/aws_wafregional_rule_group_2.yaml.bak new file mode 100755 index 000000000..9f7f5db23 --- /dev/null +++ b/queries/aws_wafregional_rule_group_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_wafregional_rule_group_2 +Title: "List all AWS WAF Regional Rule Groups" +Description: "Allows users to query AWS WAF Regional Rule Groups to gather information about each rule group''s metadata, associated rules, and other relevant details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + arn, + rule_group_id, + metric_name, + activated_rules + from + aws_wafregional_rule_group + where + activated_rules is null or jsonb_array_length(activated_rules) = 0; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF Regional diff --git a/queries/aws_wafregional_rule_group_3.yaml b/queries/aws_wafregional_rule_group_3.yaml index 2c75223ec..a6f2b9665 100755 --- a/queries/aws_wafregional_rule_group_3.yaml +++ b/queries/aws_wafregional_rule_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_wafregional_rule_group_3 Title: "List all AWS WAF Regional Rule Groups and Details" Description: "Allows users to query AWS WAF Regional Rule Groups to gather information about each rule group''s metadata, associated rules, and other relevant details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafregional_rule_group_3.yaml.bak b/queries/aws_wafregional_rule_group_3.yaml.bak new file mode 100755 index 000000000..2c75223ec --- /dev/null +++ b/queries/aws_wafregional_rule_group_3.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_wafregional_rule_group_3 +Title: "List all AWS WAF Regional Rule Groups and Details" +Description: "Allows users to query AWS WAF Regional Rule Groups to gather information about each rule group''s metadata, associated rules, and other relevant details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name as rule_group_name, + rule_group_id, + a ->> 'RuleId' as rule_id, + a -> 'Action' ->> 'Type' as rule_action_type, + a ->> 'Type' as rule_type + from + aws_wafregional_rule_group, + jsonb_array_elements(activated_rules) as a; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF Regional diff --git a/queries/aws_wafregional_web_acl_1.yaml b/queries/aws_wafregional_web_acl_1.yaml index 42074a5a9..a0564e524 100755 --- a/queries/aws_wafregional_web_acl_1.yaml +++ b/queries/aws_wafregional_web_acl_1.yaml @@ -1,7 +1,7 @@ ID: aws_wafregional_web_acl_1 Title: "List all AWS WAF Regional WebACL Information" Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafregional_web_acl_1.yaml.bak b/queries/aws_wafregional_web_acl_1.yaml.bak new file mode 100755 index 000000000..42074a5a9 --- /dev/null +++ b/queries/aws_wafregional_web_acl_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_wafregional_web_acl_1 +Title: "List all AWS WAF Regional WebACL Information" +Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + web_acl_id, + arn, + region, + default_action, + tags + from + aws_wafregional_web_acl; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF Regional diff --git a/queries/aws_wafregional_web_acl_2.yaml b/queries/aws_wafregional_web_acl_2.yaml index 1b5c5c7ad..21bc582e6 100755 --- a/queries/aws_wafregional_web_acl_2.yaml +++ b/queries/aws_wafregional_web_acl_2.yaml @@ -1,7 +1,7 @@ ID: aws_wafregional_web_acl_2 Title: "List all AWS WAF Regional WebACLs information" Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafregional_web_acl_2.yaml.bak b/queries/aws_wafregional_web_acl_2.yaml.bak new file mode 100755 index 000000000..1b5c5c7ad --- /dev/null +++ b/queries/aws_wafregional_web_acl_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_wafregional_web_acl_2 +Title: "List all AWS WAF Regional WebACLs information" +Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + web_acl_id, + r ->> 'RuleId' as rule_id, + r ->> 'Type' as rule_type, + r ->> 'ExcludedRules' as excluded_rules, + r ->> 'OverrideAction' as override_action, + r -> 'Action' ->> 'Type' as action_type + from + aws_wafregional_web_acl, + jsonb_array_elements(rules) as r; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF Regional diff --git a/queries/aws_wafregional_web_acl_3.yaml b/queries/aws_wafregional_web_acl_3.yaml index 299c952bb..257e52bad 100755 --- a/queries/aws_wafregional_web_acl_3.yaml +++ b/queries/aws_wafregional_web_acl_3.yaml @@ -1,7 +1,7 @@ ID: aws_wafregional_web_acl_3 Title: "Find AWS WAF Regional WebACL Information" Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafregional_web_acl_3.yaml.bak b/queries/aws_wafregional_web_acl_3.yaml.bak new file mode 100755 index 000000000..299c952bb --- /dev/null +++ b/queries/aws_wafregional_web_acl_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_wafregional_web_acl_3 +Title: "Find AWS WAF Regional WebACL Information" +Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + web_acl_id, + arn, + region, + default_action, + tags + from + aws_wafregional_web_acl + where + rules is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF Regional WebACL diff --git a/queries/aws_wafregional_web_acl_4.yaml b/queries/aws_wafregional_web_acl_4.yaml index df6f34799..8b5014259 100755 --- a/queries/aws_wafregional_web_acl_4.yaml +++ b/queries/aws_wafregional_web_acl_4.yaml @@ -1,7 +1,7 @@ ID: aws_wafregional_web_acl_4 Title: "Find AWS WAF Regional WebACL Details" Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafregional_web_acl_4.yaml.bak b/queries/aws_wafregional_web_acl_4.yaml.bak new file mode 100755 index 000000000..df6f34799 --- /dev/null +++ b/queries/aws_wafregional_web_acl_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_wafregional_web_acl_4 +Title: "Find AWS WAF Regional WebACL Details" +Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + web_acl_id, + arn, + region, + default_action + from + aws_wafregional_web_acl + where + default_action = 'ALLOW'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WAF Regional diff --git a/queries/aws_wafregional_web_acl_5.yaml b/queries/aws_wafregional_web_acl_5.yaml index d314a8774..19c3b9567 100755 --- a/queries/aws_wafregional_web_acl_5.yaml +++ b/queries/aws_wafregional_web_acl_5.yaml @@ -1,7 +1,7 @@ ID: aws_wafregional_web_acl_5 Title: "Find all AWS WAF Regional WebACL Details" Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafregional_web_acl_5.yaml.bak b/queries/aws_wafregional_web_acl_5.yaml.bak new file mode 100755 index 000000000..d314a8774 --- /dev/null +++ b/queries/aws_wafregional_web_acl_5.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_wafregional_web_acl_5 +Title: "Find all AWS WAF Regional WebACL Details" +Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + web_acl_id, + arn, + region + from + aws_wafregional_web_acl + where + logging_configuration is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - WAF Regional diff --git a/queries/aws_wafv2_ip_set_1.yaml b/queries/aws_wafv2_ip_set_1.yaml index 6933d1335..cda13529c 100755 --- a/queries/aws_wafv2_ip_set_1.yaml +++ b/queries/aws_wafv2_ip_set_1.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_ip_set_1 Title: "List all AWS WAFv2 IPSets with Detailed Information" Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_ip_set_1.yaml.bak b/queries/aws_wafv2_ip_set_1.yaml.bak new file mode 100755 index 000000000..6933d1335 --- /dev/null +++ b/queries/aws_wafv2_ip_set_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_wafv2_ip_set_1 +Title: "List all AWS WAFv2 IPSets with Detailed Information" +Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + arn, + id, + scope, + addresses, + ip_address_version, + region + from + aws_wafv2_ip_set; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WAFv2 diff --git a/queries/aws_wafv2_ip_set_2.yaml b/queries/aws_wafv2_ip_set_2.yaml index 9845f05ca..8254118c3 100755 --- a/queries/aws_wafv2_ip_set_2.yaml +++ b/queries/aws_wafv2_ip_set_2.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_ip_set_2 Title: "List all AWS WAFv2 IPSet Information with Metadata" Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_ip_set_2.yaml.bak b/queries/aws_wafv2_ip_set_2.yaml.bak new file mode 100755 index 000000000..9845f05ca --- /dev/null +++ b/queries/aws_wafv2_ip_set_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_wafv2_ip_set_2 +Title: "List all AWS WAFv2 IPSet Information with Metadata" +Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + arn, + id, + scope, + addresses, + ip_address_version, + region + from + aws_wafv2_ip_set + where + scope = 'CLOUDFRONT'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - WAFv2 diff --git a/queries/aws_wafv2_ip_set_3.yaml b/queries/aws_wafv2_ip_set_3.yaml index fbcdbf73f..01f203af8 100755 --- a/queries/aws_wafv2_ip_set_3.yaml +++ b/queries/aws_wafv2_ip_set_3.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_ip_set_3 Title: "Find AWS WAFv2 IPSet Information including IP Addresses" Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_ip_set_3.yaml.bak b/queries/aws_wafv2_ip_set_3.yaml.bak new file mode 100755 index 000000000..01f203af8 --- /dev/null +++ b/queries/aws_wafv2_ip_set_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_wafv2_ip_set_3 +Title: "Find AWS WAFv2 IPSet Information including IP Addresses" +Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + arn, + id, + scope, + addresses, + ip_address_version, + region + from + aws_wafv2_ip_set + where + ip_address_version = 'IPV4'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - WAFv2 diff --git a/queries/aws_wafv2_ip_set_3.yaml.bak.bak b/queries/aws_wafv2_ip_set_3.yaml.bak.bak new file mode 100755 index 000000000..01f203af8 --- /dev/null +++ b/queries/aws_wafv2_ip_set_3.yaml.bak.bak @@ -0,0 +1,33 @@ +ID: aws_wafv2_ip_set_3 +Title: "Find AWS WAFv2 IPSet Information including IP Addresses" +Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + arn, + id, + scope, + addresses, + ip_address_version, + region + from + aws_wafv2_ip_set + where + ip_address_version = 'IPV4'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - WAFv2 diff --git a/queries/aws_wafv2_ip_set_4.yaml b/queries/aws_wafv2_ip_set_4.yaml index 55719a903..1b038a0a1 100755 --- a/queries/aws_wafv2_ip_set_4.yaml +++ b/queries/aws_wafv2_ip_set_4.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_ip_set_4 Title: "Find AWS WAFv2 IPSet Information including IP Addresses" Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_ip_set_4.yaml.bak b/queries/aws_wafv2_ip_set_4.yaml.bak new file mode 100755 index 000000000..55719a903 --- /dev/null +++ b/queries/aws_wafv2_ip_set_4.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_wafv2_ip_set_4 +Title: "Find AWS WAFv2 IPSet Information including IP Addresses" +Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + arn, + ip_address_version, + region, + address + from + aws_wafv2_ip_set, + jsonb_array_elements_text(addresses) as address + where + address = '1.2.3.4/32'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - WAFv2 diff --git a/queries/aws_wafv2_regex_pattern_set_1.yaml b/queries/aws_wafv2_regex_pattern_set_1.yaml index 86061270d..96640f016 100755 --- a/queries/aws_wafv2_regex_pattern_set_1.yaml +++ b/queries/aws_wafv2_regex_pattern_set_1.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_regex_pattern_set_1 Title: "List all AWS WAFv2 Regex Pattern Sets in Steampipe" Description: "Allows users to query AWS WAFv2 Regex Pattern Set data, providing details about the regex pattern sets used in AWS WAFv2 to filter web requests." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_regex_pattern_set_1.yaml.bak b/queries/aws_wafv2_regex_pattern_set_1.yaml.bak new file mode 100755 index 000000000..86061270d --- /dev/null +++ b/queries/aws_wafv2_regex_pattern_set_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_wafv2_regex_pattern_set_1 +Title: "List all AWS WAFv2 Regex Pattern Sets in Steampipe" +Description: "Allows users to query AWS WAFv2 Regex Pattern Set data, providing details about the regex pattern sets used in AWS WAFv2 to filter web requests." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + arn, + id, + scope, + regular_expressions, + region + from + aws_wafv2_regex_pattern_set; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - WAFv2 diff --git a/queries/aws_wafv2_regex_pattern_set_2.yaml b/queries/aws_wafv2_regex_pattern_set_2.yaml index 2c888abfa..86306479e 100755 --- a/queries/aws_wafv2_regex_pattern_set_2.yaml +++ b/queries/aws_wafv2_regex_pattern_set_2.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_regex_pattern_set_2 Title: "Find AWS WAFv2 Regex Pattern Sets in CloudFront" Description: "Allows users to query AWS WAFv2 Regex Pattern Set data, providing details about the regex pattern sets used in AWS WAFv2 to filter web requests." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_regex_pattern_set_2.yaml.bak b/queries/aws_wafv2_regex_pattern_set_2.yaml.bak new file mode 100755 index 000000000..2c888abfa --- /dev/null +++ b/queries/aws_wafv2_regex_pattern_set_2.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_wafv2_regex_pattern_set_2 +Title: "Find AWS WAFv2 Regex Pattern Sets in CloudFront" +Description: "Allows users to query AWS WAFv2 Regex Pattern Set data, providing details about the regex pattern sets used in AWS WAFv2 to filter web requests." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + arn, + id, + scope, + regular_expressions, + region + from + aws_wafv2_regex_pattern_set + where + scope = 'CLOUDFRONT'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WAFv2 diff --git a/queries/aws_wafv2_regex_pattern_set_3.yaml b/queries/aws_wafv2_regex_pattern_set_3.yaml index 570ff312a..527b20f58 100755 --- a/queries/aws_wafv2_regex_pattern_set_3.yaml +++ b/queries/aws_wafv2_regex_pattern_set_3.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_regex_pattern_set_3 Title: "Find all AWS WAFv2 Regex Pattern Set data details" Description: "Allows users to query AWS WAFv2 Regex Pattern Set data, providing details about the regex pattern sets used in AWS WAFv2 to filter web requests." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_regex_pattern_set_3.yaml.bak b/queries/aws_wafv2_regex_pattern_set_3.yaml.bak new file mode 100755 index 000000000..570ff312a --- /dev/null +++ b/queries/aws_wafv2_regex_pattern_set_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_wafv2_regex_pattern_set_3 +Title: "Find all AWS WAFv2 Regex Pattern Set data details" +Description: "Allows users to query AWS WAFv2 Regex Pattern Set data, providing details about the regex pattern sets used in AWS WAFv2 to filter web requests." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + arn, + wrps.id, + scope, + regular_expressions, + region + from + aws_wafv2_regex_pattern_set as wrps, + jsonb_array_elements_text(regular_expressions) as regex + where + regex = '^steampipe'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WAFv2 diff --git a/queries/aws_wafv2_rule_group_1.yaml b/queries/aws_wafv2_rule_group_1.yaml index 2f83ae95f..4e85f66c9 100755 --- a/queries/aws_wafv2_rule_group_1.yaml +++ b/queries/aws_wafv2_rule_group_1.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_rule_group_1 Title: "List all AWS WAFv2 Rule Groups and their details" Description: "Allows users to query AWS WAFv2 Rule Groups and gather information such as the group''s ARN, capacity, description, rules, visibility configuration, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_rule_group_1.yaml.bak b/queries/aws_wafv2_rule_group_1.yaml.bak new file mode 100755 index 000000000..2f83ae95f --- /dev/null +++ b/queries/aws_wafv2_rule_group_1.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_wafv2_rule_group_1 +Title: "List all AWS WAFv2 Rule Groups and their details" +Description: "Allows users to query AWS WAFv2 Rule Groups and gather information such as the group''s ARN, capacity, description, rules, visibility configuration, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + arn, + id, + scope, + capacity, + rules, + region + from + aws_wafv2_rule_group; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WAFv2 diff --git a/queries/aws_wafv2_rule_group_2.yaml b/queries/aws_wafv2_rule_group_2.yaml index a026a9c55..041cc1fce 100755 --- a/queries/aws_wafv2_rule_group_2.yaml +++ b/queries/aws_wafv2_rule_group_2.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_rule_group_2 Title: "List all AWS WAFv2 Rule Groups with Capacity and Details" Description: "Allows users to query AWS WAFv2 Rule Groups and gather information such as the group''s ARN, capacity, description, rules, visibility configuration, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_rule_group_2.yaml.bak b/queries/aws_wafv2_rule_group_2.yaml.bak new file mode 100755 index 000000000..a026a9c55 --- /dev/null +++ b/queries/aws_wafv2_rule_group_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_wafv2_rule_group_2 +Title: "List all AWS WAFv2 Rule Groups with Capacity and Details" +Description: "Allows users to query AWS WAFv2 Rule Groups and gather information such as the group''s ARN, capacity, description, rules, visibility configuration, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + arn, + id, + scope, + capacity, + region + from + aws_wafv2_rule_group + where + scope = 'CLOUDFRONT'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WAFv2 diff --git a/queries/aws_wafv2_rule_group_3.yaml b/queries/aws_wafv2_rule_group_3.yaml index ccfb07a56..e0f13a7fe 100755 --- a/queries/aws_wafv2_rule_group_3.yaml +++ b/queries/aws_wafv2_rule_group_3.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_rule_group_3 Title: "List AWS WAFv2 Rule Groups with Capacity Info" Description: "Allows users to query AWS WAFv2 Rule Groups and gather information such as the group''s ARN, capacity, description, rules, visibility configuration, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_rule_group_3.yaml.bak b/queries/aws_wafv2_rule_group_3.yaml.bak new file mode 100755 index 000000000..ccfb07a56 --- /dev/null +++ b/queries/aws_wafv2_rule_group_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_wafv2_rule_group_3 +Title: "List AWS WAFv2 Rule Groups with Capacity Info" +Description: "Allows users to query AWS WAFv2 Rule Groups and gather information such as the group''s ARN, capacity, description, rules, visibility configuration, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + description, + arn, + id, + scope, + capacity, + region + from + aws_wafv2_rule_group + where + capacity < 5; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WAFv2 diff --git a/queries/aws_wafv2_web_acl_1.yaml b/queries/aws_wafv2_web_acl_1.yaml index 0a15bfcb0..7550241f2 100755 --- a/queries/aws_wafv2_web_acl_1.yaml +++ b/queries/aws_wafv2_web_acl_1.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_web_acl_1 Title: "Find AWS WAFv2 WebACL Resources Information" Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_web_acl_1.yaml.bak b/queries/aws_wafv2_web_acl_1.yaml.bak new file mode 100755 index 000000000..0a15bfcb0 --- /dev/null +++ b/queries/aws_wafv2_web_acl_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_wafv2_web_acl_1 +Title: "Find AWS WAFv2 WebACL Resources Information" +Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + scope, + description, + capacity, + managed_by_firewall_manager + from + aws_wafv2_web_acl; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WAFv2 diff --git a/queries/aws_wafv2_web_acl_2.yaml b/queries/aws_wafv2_web_acl_2.yaml index b1016970d..7e5e82e15 100755 --- a/queries/aws_wafv2_web_acl_2.yaml +++ b/queries/aws_wafv2_web_acl_2.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_web_acl_2 Title: "List all AWS WAFv2 WebACLs and their Metric Names" Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_web_acl_2.yaml.bak b/queries/aws_wafv2_web_acl_2.yaml.bak new file mode 100755 index 000000000..b1016970d --- /dev/null +++ b/queries/aws_wafv2_web_acl_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_wafv2_web_acl_2 +Title: "List all AWS WAFv2 WebACLs and their Metric Names" +Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + visibility_config ->> 'CloudWatchMetricsEnabled' as cloud_watch_metrics_enabled, + visibility_config ->> 'MetricName' as metric_name + from + aws_wafv2_web_acl; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WAFv2 diff --git a/queries/aws_wafv2_web_acl_3.yaml b/queries/aws_wafv2_web_acl_3.yaml index 59bb79e66..2aca1b458 100755 --- a/queries/aws_wafv2_web_acl_3.yaml +++ b/queries/aws_wafv2_web_acl_3.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_web_acl_3 Title: "Find all AWS WAFv2 WebACLs with Disabled Sampled Requests" Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_web_acl_3.yaml.bak b/queries/aws_wafv2_web_acl_3.yaml.bak new file mode 100755 index 000000000..59bb79e66 --- /dev/null +++ b/queries/aws_wafv2_web_acl_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_wafv2_web_acl_3 +Title: "Find all AWS WAFv2 WebACLs with Disabled Sampled Requests" +Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + visibility_config ->> 'SampledRequestsEnabled' as sampled_requests_enabled + from + aws_wafv2_web_acl + where + visibility_config ->> 'SampledRequestsEnabled' = 'false'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WAFv2 diff --git a/queries/aws_wafv2_web_acl_4.yaml b/queries/aws_wafv2_web_acl_4.yaml index d889323ec..b1da11222 100755 --- a/queries/aws_wafv2_web_acl_4.yaml +++ b/queries/aws_wafv2_web_acl_4.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_web_acl_4 Title: "List AWS WAFv2 WebACLs and Manage Information" Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_web_acl_4.yaml.bak b/queries/aws_wafv2_web_acl_4.yaml.bak new file mode 100755 index 000000000..d889323ec --- /dev/null +++ b/queries/aws_wafv2_web_acl_4.yaml.bak @@ -0,0 +1,41 @@ +ID: aws_wafv2_web_acl_4 +Title: "List AWS WAFv2 WebACLs and Manage Information" +Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + r ->> 'Name' as name, + r -> 'Statement' ->> 'AndStatement' as and_statement, + r -> 'Statement' ->> 'ByteMatchStatement' as byte_match_statement, + r -> 'Statement' ->> 'GeoMatchStatement' as geo_match_statement, + r -> 'Statement' ->> 'IPSetReferenceStatement' as ip_set_reference_statement, + r -> 'Statement' ->> 'NotStatement' as not_statement, + r -> 'Statement' ->> 'OrStatement' as or_statement, + r -> 'Statement' ->> 'RateBasedStatement' as rate_based_statement, + r -> 'Statement' ->> 'RegexPatternSetReferenceStatement' as regex_pattern_set_reference_statement, + r -> 'Statement' ->> 'RuleGroupReferenceStatement' as rule_group_reference_statement, + r -> 'Statement' ->> 'SizeConstraintStatement' as size_constraint_statement, + r -> 'Statement' ->> 'SqliMatchStatement' as sql_match_statement, + r -> 'Statement' ->> 'XssMatchStatement' as xss_match_statement + from + aws_wafv2_web_acl, + jsonb_array_elements(rules) as r; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WAFv2 diff --git a/queries/aws_wafv2_web_acl_5.yaml b/queries/aws_wafv2_web_acl_5.yaml index 3a2771030..f989647cb 100755 --- a/queries/aws_wafv2_web_acl_5.yaml +++ b/queries/aws_wafv2_web_acl_5.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_web_acl_5 Title: "Find AWS WAFv2 WebACLs and Manage WebACL Resources" Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_web_acl_5.yaml.bak b/queries/aws_wafv2_web_acl_5.yaml.bak new file mode 100755 index 000000000..3a2771030 --- /dev/null +++ b/queries/aws_wafv2_web_acl_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_wafv2_web_acl_5 +Title: "Find AWS WAFv2 WebACLs and Manage WebACL Resources" +Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + scope, + region + from + aws_wafv2_web_acl + where + scope = 'REGIONAL'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_provider: + - aws + cloud_service: + - WAFv2 diff --git a/queries/aws_wafv2_web_acl_6.yaml b/queries/aws_wafv2_web_acl_6.yaml index acda79491..5a27a67e5 100755 --- a/queries/aws_wafv2_web_acl_6.yaml +++ b/queries/aws_wafv2_web_acl_6.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_web_acl_6 Title: "Find WebACL Resources in AWS WAFv2 Without Logging" Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_web_acl_6.yaml.bak b/queries/aws_wafv2_web_acl_6.yaml.bak new file mode 100755 index 000000000..acda79491 --- /dev/null +++ b/queries/aws_wafv2_web_acl_6.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_wafv2_web_acl_6 +Title: "Find WebACL Resources in AWS WAFv2 Without Logging" +Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + id, + scope, + region + from + aws_wafv2_web_acl + where + logging_configuration is null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_network_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WAFv2 diff --git a/queries/aws_wafv2_web_acl_7.yaml b/queries/aws_wafv2_web_acl_7.yaml index ce1631fdc..77059c702 100755 --- a/queries/aws_wafv2_web_acl_7.yaml +++ b/queries/aws_wafv2_web_acl_7.yaml @@ -1,7 +1,7 @@ ID: aws_wafv2_web_acl_7 Title: "Find AWS WAFv2 WebACLs and Associated Load Balancers" Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wafv2_web_acl_7.yaml.bak b/queries/aws_wafv2_web_acl_7.yaml.bak new file mode 100755 index 000000000..ce1631fdc --- /dev/null +++ b/queries/aws_wafv2_web_acl_7.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_wafv2_web_acl_7 +Title: "Find AWS WAFv2 WebACLs and Associated Load Balancers" +Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lb.name as application_load_balancer_name, + w.name as web_acl_name, + w.id as web_acl_id, + w.scope as web_acl_scope, + lb.type as application_load_balancer_type + from + aws_ec2_application_load_balancer as lb, + aws_wafv2_web_acl as w, + jsonb_array_elements_text(associated_resources) as arns + where + lb.arn = arns; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WAFv2 diff --git a/queries/aws_wellarchitected_answer_1.yaml b/queries/aws_wellarchitected_answer_1.yaml index 201474fcb..1bc3c3bf2 100755 --- a/queries/aws_wellarchitected_answer_1.yaml +++ b/queries/aws_wellarchitected_answer_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_answer_1 Title: "List All AWS Well-Architected Tool Answer Data" Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_answer_1.yaml.bak b/queries/aws_wellarchitected_answer_1.yaml.bak new file mode 100755 index 000000000..201474fcb --- /dev/null +++ b/queries/aws_wellarchitected_answer_1.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_wellarchitected_answer_1 +Title: "List All AWS Well-Architected Tool Answer Data" +Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.question_id, + a.lens_alias, + a.workload_id, + a.is_applicable, + a.pillar_id, + a.question_title, + a.risk, + a.reason, + a.region + from + aws_wellarchitected_answer a; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_answer_2.yaml b/queries/aws_wellarchitected_answer_2.yaml index 7417617ec..771278747 100755 --- a/queries/aws_wellarchitected_answer_2.yaml +++ b/queries/aws_wellarchitected_answer_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_answer_2 Title: "List all AWS Well-Architected Tool Answers by Workload and Pillar" Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_answer_2.yaml.bak b/queries/aws_wellarchitected_answer_2.yaml.bak new file mode 100755 index 000000000..7417617ec --- /dev/null +++ b/queries/aws_wellarchitected_answer_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_wellarchitected_answer_2 +Title: "List all AWS Well-Architected Tool Answers by Workload and Pillar" +Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.workload_id, + a.pillar_id, + count(a.question_id) as total_questions + from + aws_wellarchitected_answer a + group by + a.workload_id, + a.pillar_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_answer_3.yaml b/queries/aws_wellarchitected_answer_3.yaml index 4a5b60a7c..de7f19e4c 100755 --- a/queries/aws_wellarchitected_answer_3.yaml +++ b/queries/aws_wellarchitected_answer_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_answer_3 Title: "Find AWS Well-Architected Tool Answer Data" Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_answer_3.yaml.bak b/queries/aws_wellarchitected_answer_3.yaml.bak new file mode 100755 index 000000000..4a5b60a7c --- /dev/null +++ b/queries/aws_wellarchitected_answer_3.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_wellarchitected_answer_3 +Title: "Find AWS Well-Architected Tool Answer Data" +Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.question_id, + a.lens_alias, + a.workload_id, + a.question_title, + a.question_description, + c ->> 'Title' as choice_title, + c ->> 'ChoiceId' as choice_id, + c ->> 'Description' as choice_description, + c ->> 'HelpfulResource' as choice_helpful_resource, + c ->> 'ImprovementPlan' as choice_improvement_plan + from + aws_wellarchitected_answer a, + jsonb_array_elements(choices) c; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_answer_4.yaml b/queries/aws_wellarchitected_answer_4.yaml index f25ac0cef..c9752bf79 100755 --- a/queries/aws_wellarchitected_answer_4.yaml +++ b/queries/aws_wellarchitected_answer_4.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_answer_4 Title: "List AWS Well-Architected Tool Answer Data" Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_answer_4.yaml.bak b/queries/aws_wellarchitected_answer_4.yaml.bak new file mode 100755 index 000000000..f25ac0cef --- /dev/null +++ b/queries/aws_wellarchitected_answer_4.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_wellarchitected_answer_4 +Title: "List AWS Well-Architected Tool Answer Data" +Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.question_id, + a.lens_alias, + a.workload_id, + a.question_title, + a.question_description, + c ->> 'Notes' as choice_notes, + c ->> 'Reason' as choice_reason, + c ->> 'Status' as choice_status, + c ->> 'ChoiceId' as choice_id + from + aws_wellarchitected_answer a, + jsonb_array_elements(choice_answers) c; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_answer_5.yaml b/queries/aws_wellarchitected_answer_5.yaml index ab0cbb9e8..10e326677 100755 --- a/queries/aws_wellarchitected_answer_5.yaml +++ b/queries/aws_wellarchitected_answer_5.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_answer_5 Title: "List all AWS Well-Architected Tools Answers and Details" Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_answer_5.yaml.bak b/queries/aws_wellarchitected_answer_5.yaml.bak new file mode 100755 index 000000000..ab0cbb9e8 --- /dev/null +++ b/queries/aws_wellarchitected_answer_5.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_wellarchitected_answer_5 +Title: "List all AWS Well-Architected Tools Answers and Details" +Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.question_id, + a.lens_alias, + a.workload_id, + a.question_title, + a.question_description, + reason + from + aws_wellarchitected_answer a + where + not is_applicable; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_answer_6.yaml b/queries/aws_wellarchitected_answer_6.yaml index 1425975f6..0b45479d1 100755 --- a/queries/aws_wellarchitected_answer_6.yaml +++ b/queries/aws_wellarchitected_answer_6.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_answer_6 Title: "List All AWS Well-Architected Tool Answer Data" Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_answer_6.yaml.bak b/queries/aws_wellarchitected_answer_6.yaml.bak new file mode 100755 index 000000000..1425975f6 --- /dev/null +++ b/queries/aws_wellarchitected_answer_6.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_wellarchitected_answer_6 +Title: "List All AWS Well-Architected Tool Answer Data" +Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + a.question_id, + a.lens_alias, + a.workload_id, + a.question_title, + a.risk, + c ->> 'ChoiceId' as choice_id, + c ->> 'Status' as choice_status, + c ->> 'Reason' as choice_reason, + c ->> 'Notes' as choice_notes + from + aws_wellarchitected_answer a, + jsonb_array_elements(choice_answers) c + where + risk = 'HIGH' + or risk = 'MEDIUM'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_answer_7.yaml b/queries/aws_wellarchitected_answer_7.yaml index fdbde3236..04ba0ef09 100755 --- a/queries/aws_wellarchitected_answer_7.yaml +++ b/queries/aws_wellarchitected_answer_7.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_answer_7 Title: "List all AWS Well-Architected Tool Answers by Risk" Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_answer_7.yaml.bak b/queries/aws_wellarchitected_answer_7.yaml.bak new file mode 100755 index 000000000..fdbde3236 --- /dev/null +++ b/queries/aws_wellarchitected_answer_7.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_wellarchitected_answer_7 +Title: "List all AWS Well-Architected Tool Answers by Risk" +Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + risk, + count(question_id) as total_questions + from + aws_wellarchitected_answer + where + risk = 'HIGH' + or risk = 'MEDIUM' + group by + workload_id, + risk; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_1.yaml b/queries/aws_wellarchitected_check_detail_1.yaml index f1fc40d2c..675656944 100755 --- a/queries/aws_wellarchitected_check_detail_1.yaml +++ b/queries/aws_wellarchitected_check_detail_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_check_detail_1 Title: "Find Details on AWS Well-Architected Tool Checks" Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_check_detail_1.yaml.bak b/queries/aws_wellarchitected_check_detail_1.yaml.bak new file mode 100755 index 000000000..f1fc40d2c --- /dev/null +++ b/queries/aws_wellarchitected_check_detail_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_wellarchitected_check_detail_1 +Title: "Find Details on AWS Well-Architected Tool Checks" +Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + lens_arn, + pillar_id, + question_id, + choice_id, + id, + name, + description, + status + from + aws_wellarchitected_check_detail; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_2.yaml b/queries/aws_wellarchitected_check_detail_2.yaml index 13aaefcaa..a240f86ee 100755 --- a/queries/aws_wellarchitected_check_detail_2.yaml +++ b/queries/aws_wellarchitected_check_detail_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_check_detail_2 Title: "List AWS Well-Architected Tool Check Details" Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_check_detail_2.yaml.bak b/queries/aws_wellarchitected_check_detail_2.yaml.bak new file mode 100755 index 000000000..13aaefcaa --- /dev/null +++ b/queries/aws_wellarchitected_check_detail_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_wellarchitected_check_detail_2 +Title: "List AWS Well-Architected Tool Check Details" +Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + status, + count(id) as checks + from + aws_wellarchitected_check_detail + group by + workload_id, + status; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_3.yaml b/queries/aws_wellarchitected_check_detail_3.yaml index 657cea399..5334ed498 100755 --- a/queries/aws_wellarchitected_check_detail_3.yaml +++ b/queries/aws_wellarchitected_check_detail_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_check_detail_3 Title: "Find AWS Well-Architected Tool Check Details for Security" Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_check_detail_3.yaml.bak b/queries/aws_wellarchitected_check_detail_3.yaml.bak new file mode 100755 index 000000000..657cea399 --- /dev/null +++ b/queries/aws_wellarchitected_check_detail_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_wellarchitected_check_detail_3 +Title: "Find AWS Well-Architected Tool Check Details for Security" +Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + lens_arn, + pillar_id, + question_id, + choice_id, + id, + name, + description, + status + from + aws_wellarchitected_check_detail + where + pillar_id = 'security'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_4.yaml b/queries/aws_wellarchitected_check_detail_4.yaml index 24421745d..479abd22c 100755 --- a/queries/aws_wellarchitected_check_detail_4.yaml +++ b/queries/aws_wellarchitected_check_detail_4.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_check_detail_4 Title: "Find AWS Well-Architected Tool Check Details Status" Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_check_detail_4.yaml.bak b/queries/aws_wellarchitected_check_detail_4.yaml.bak new file mode 100755 index 000000000..24421745d --- /dev/null +++ b/queries/aws_wellarchitected_check_detail_4.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_wellarchitected_check_detail_4 +Title: "Find AWS Well-Architected Tool Check Details Status" +Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + choice_id, + name, + pillar_id, + question_id, + flagged_resources, + updated_at + from + aws_wellarchitected_check_detail + where + status = 'ERROR'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_5.yaml b/queries/aws_wellarchitected_check_detail_5.yaml index 7f48fd819..38dfbaaf3 100755 --- a/queries/aws_wellarchitected_check_detail_5.yaml +++ b/queries/aws_wellarchitected_check_detail_5.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_check_detail_5 Title: "List all AWS Well-Architected Tool Check Details" Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_check_detail_5.yaml.bak b/queries/aws_wellarchitected_check_detail_5.yaml.bak new file mode 100755 index 000000000..7f48fd819 --- /dev/null +++ b/queries/aws_wellarchitected_check_detail_5.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_wellarchitected_check_detail_5 +Title: "List all AWS Well-Architected Tool Check Details" +Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + w.workload_name, + w.workload_id, + w.environment, + w.industry, + w.owner, + d.name as check_name, + d.flagged_resources, + d.pillar_id + from + aws_wellarchitected_check_detail d, + aws_wellarchitected_workload w + where + d.workload_id = w.workload_id + and d.status = 'ERROR'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_6.yaml b/queries/aws_wellarchitected_check_detail_6.yaml index a4e3f2dd7..0e9b22af8 100755 --- a/queries/aws_wellarchitected_check_detail_6.yaml +++ b/queries/aws_wellarchitected_check_detail_6.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_check_detail_6 Title: "Find AWS Well-Architected Tool Check Detail Information" Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_check_detail_6.yaml.bak b/queries/aws_wellarchitected_check_detail_6.yaml.bak new file mode 100755 index 000000000..0e9b22af8 --- /dev/null +++ b/queries/aws_wellarchitected_check_detail_6.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_wellarchitected_check_detail_6 +Title: "Find AWS Well-Architected Tool Check Detail Information" +Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + choice_id, + name, + pillar_id, + question_id, + flagged_resources, + status, + updated_at + from + aws_wellarchitected_check_detail + where + lens_arn = 'arn:aws:wellarchitected::aws:lens/wellarchitected' + and workload_id = 'abcdc851ac1d8d9d5b9938615da016ce'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_6.yaml.bak.bak b/queries/aws_wellarchitected_check_detail_6.yaml.bak.bak new file mode 100755 index 000000000..0e9b22af8 --- /dev/null +++ b/queries/aws_wellarchitected_check_detail_6.yaml.bak.bak @@ -0,0 +1,34 @@ +ID: aws_wellarchitected_check_detail_6 +Title: "Find AWS Well-Architected Tool Check Detail Information" +Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + choice_id, + name, + pillar_id, + question_id, + flagged_resources, + status, + updated_at + from + aws_wellarchitected_check_detail + where + lens_arn = 'arn:aws:wellarchitected::aws:lens/wellarchitected' + and workload_id = 'abcdc851ac1d8d9d5b9938615da016ce'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_summary_1.yaml b/queries/aws_wellarchitected_check_summary_1.yaml index 4fedc9b45..0b5b66d88 100755 --- a/queries/aws_wellarchitected_check_summary_1.yaml +++ b/queries/aws_wellarchitected_check_summary_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_check_summary_1 Title: "List all AWS Well-Architected Tool Check Summary Details" Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_check_summary_1.yaml.bak b/queries/aws_wellarchitected_check_summary_1.yaml.bak new file mode 100755 index 000000000..4fedc9b45 --- /dev/null +++ b/queries/aws_wellarchitected_check_summary_1.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_wellarchitected_check_summary_1 +Title: "List all AWS Well-Architected Tool Check Summary Details" +Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + id, + name, + description, + jsonb_pretty(account_summary) as account_summary, + choice_id, + lens_arn, + pillar_id, + question_id, + status, + region, + workload_id + from + aws_wellarchitected_check_summary; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_summary_2.yaml b/queries/aws_wellarchitected_check_summary_2.yaml index 7358c46cc..5f857aef6 100755 --- a/queries/aws_wellarchitected_check_summary_2.yaml +++ b/queries/aws_wellarchitected_check_summary_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_check_summary_2 Title: "Find AWS Well-Architected Tool Check Summary Details" Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_check_summary_2.yaml.bak b/queries/aws_wellarchitected_check_summary_2.yaml.bak new file mode 100755 index 000000000..7358c46cc --- /dev/null +++ b/queries/aws_wellarchitected_check_summary_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_wellarchitected_check_summary_2 +Title: "Find AWS Well-Architected Tool Check Summary Details" +Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + id, + name, + jsonb_pretty(account_summary) as account_summary, + status, + choice_id, + pillar_id, + question_id + from + aws_wellarchitected_check_summary + where + workload_id = 'abcdc851ac1d8d9d5b9938615da016ce'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_summary_3.yaml b/queries/aws_wellarchitected_check_summary_3.yaml index 5398b2ae4..0c6504766 100755 --- a/queries/aws_wellarchitected_check_summary_3.yaml +++ b/queries/aws_wellarchitected_check_summary_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_check_summary_3 Title: "Find AWS Well-Architected Tool Check Summaries" Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_check_summary_3.yaml.bak b/queries/aws_wellarchitected_check_summary_3.yaml.bak new file mode 100755 index 000000000..5398b2ae4 --- /dev/null +++ b/queries/aws_wellarchitected_check_summary_3.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_wellarchitected_check_summary_3 +Title: "Find AWS Well-Architected Tool Check Summaries" +Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + id, + name, + jsonb_pretty(account_summary) as account_summary, + pillar_id, + question_id + from + aws_wellarchitected_check_summary + where + status = 'ERROR'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_summary_4.yaml b/queries/aws_wellarchitected_check_summary_4.yaml index 74c30e80b..0008cd3ce 100755 --- a/queries/aws_wellarchitected_check_summary_4.yaml +++ b/queries/aws_wellarchitected_check_summary_4.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_check_summary_4 Title: "Query AWS Well-Architected Tool Check Summaries" Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_check_summary_4.yaml.bak b/queries/aws_wellarchitected_check_summary_4.yaml.bak new file mode 100755 index 000000000..74c30e80b --- /dev/null +++ b/queries/aws_wellarchitected_check_summary_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_wellarchitected_check_summary_4 +Title: "Query AWS Well-Architected Tool Check Summaries" +Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + id, + name, + account_summary ->> 'ERROR' as errors, + account_summary ->> 'FETCH_FAILED' as fetch_failed, + account_summary ->> 'NOT_AVAILABLE' as not_available, + account_summary ->> 'OKAY' as okay, + account_summary ->> 'WARNING' as warnings, + pillar_id, + question_id + from + aws_wellarchitected_check_summary; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_summary_5.yaml b/queries/aws_wellarchitected_check_summary_5.yaml index 3af3eb100..93d89d1eb 100755 --- a/queries/aws_wellarchitected_check_summary_5.yaml +++ b/queries/aws_wellarchitected_check_summary_5.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_check_summary_5 Title: "Find AWS Well-Architected Tool Check Summary Insights" Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_check_summary_5.yaml.bak b/queries/aws_wellarchitected_check_summary_5.yaml.bak new file mode 100755 index 000000000..3af3eb100 --- /dev/null +++ b/queries/aws_wellarchitected_check_summary_5.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_wellarchitected_check_summary_5 +Title: "Find AWS Well-Architected Tool Check Summary Insights" +Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + id, + name, + account_summary ->> 'ERROR' as errors, + account_summary ->> 'FETCH_FAILED' as fetch_failed, + account_summary ->> 'NOT_AVAILABLE' as not_available, + account_summary ->> 'OKAY' as okay, + account_summary ->> 'WARNING' as warnings, + pillar_id, + question_id + from + aws_wellarchitected_check_summary + where + lens_arn = 'arn:aws:wellarchitected::aws:lens/wellarchitected' + and workload_id = 'abcdc851ac1d8d9d5b9938615da016ce'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_consolidated_report_1.yaml b/queries/aws_wellarchitected_consolidated_report_1.yaml index 9d671bcb9..e5a8bfe58 100755 --- a/queries/aws_wellarchitected_consolidated_report_1.yaml +++ b/queries/aws_wellarchitected_consolidated_report_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_consolidated_report_1 Title: "List all AWS Well-Architected Tool Consolidated Reports" Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_consolidated_report_1.yaml.bak b/queries/aws_wellarchitected_consolidated_report_1.yaml.bak new file mode 100755 index 000000000..9d671bcb9 --- /dev/null +++ b/queries/aws_wellarchitected_consolidated_report_1.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_wellarchitected_consolidated_report_1 +Title: "List all AWS Well-Architected Tool Consolidated Reports" +Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_name, + workload_arn, + workload_id, + lenses_applied_count, + metric_type, + updated_at + from + aws_wellarchitected_consolidated_report; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_consolidated_report_2.yaml b/queries/aws_wellarchitected_consolidated_report_2.yaml index aec88608b..08a42f304 100755 --- a/queries/aws_wellarchitected_consolidated_report_2.yaml +++ b/queries/aws_wellarchitected_consolidated_report_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_consolidated_report_2 Title: "Find All AWS Well-Architected Consolidated Reports" Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_consolidated_report_2.yaml.bak b/queries/aws_wellarchitected_consolidated_report_2.yaml.bak new file mode 100755 index 000000000..08a42f304 --- /dev/null +++ b/queries/aws_wellarchitected_consolidated_report_2.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_wellarchitected_consolidated_report_2 +Title: "Find All AWS Well-Architected Consolidated Reports" +Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.workload_name, + r.workload_arn, + r.workload_id, + r.lenses_applied_count, + w.environment as workload_environment, + w.improvement_status as workload_improvement_status, + w.review_restriction_date as workload_review_restriction_date + from + aws_wellarchitected_consolidated_report as r, + aws_wellarchitected_workload as w + where + w.workload_id = r.workload_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_consolidated_report_2.yaml.bak.bak b/queries/aws_wellarchitected_consolidated_report_2.yaml.bak.bak new file mode 100755 index 000000000..08a42f304 --- /dev/null +++ b/queries/aws_wellarchitected_consolidated_report_2.yaml.bak.bak @@ -0,0 +1,33 @@ +ID: aws_wellarchitected_consolidated_report_2 +Title: "Find All AWS Well-Architected Consolidated Reports" +Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.workload_name, + r.workload_arn, + r.workload_id, + r.lenses_applied_count, + w.environment as workload_environment, + w.improvement_status as workload_improvement_status, + w.review_restriction_date as workload_review_restriction_date + from + aws_wellarchitected_consolidated_report as r, + aws_wellarchitected_workload as w + where + w.workload_id = r.workload_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_consolidated_report_3.yaml b/queries/aws_wellarchitected_consolidated_report_3.yaml index 63ce399ef..f6f655091 100755 --- a/queries/aws_wellarchitected_consolidated_report_3.yaml +++ b/queries/aws_wellarchitected_consolidated_report_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_consolidated_report_3 Title: "List all AWS Well-Architected Tool Consolidated Reports" Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_consolidated_report_3.yaml.bak b/queries/aws_wellarchitected_consolidated_report_3.yaml.bak new file mode 100755 index 000000000..63ce399ef --- /dev/null +++ b/queries/aws_wellarchitected_consolidated_report_3.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_wellarchitected_consolidated_report_3 +Title: "List all AWS Well-Architected Tool Consolidated Reports" +Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_name, + workload_id, + risk_counts -> 'HIGH' as high_risk_counts + from + aws_wellarchitected_consolidated_report; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_consolidated_report_4.yaml b/queries/aws_wellarchitected_consolidated_report_4.yaml index 4953b4c77..10c19f098 100755 --- a/queries/aws_wellarchitected_consolidated_report_4.yaml +++ b/queries/aws_wellarchitected_consolidated_report_4.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_consolidated_report_4 Title: "List all AWS Well-Architected Tool Consolidated Reports" Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_consolidated_report_4.yaml.bak b/queries/aws_wellarchitected_consolidated_report_4.yaml.bak new file mode 100755 index 000000000..4953b4c77 --- /dev/null +++ b/queries/aws_wellarchitected_consolidated_report_4.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_wellarchitected_consolidated_report_4 +Title: "List all AWS Well-Architected Tool Consolidated Reports" +Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_name, + workload_id, + l ->> 'LensArn' as lens_arn, + l -> 'Pillars' as pillars, + l -> 'RiskCounts' as risk_counts + from + aws_wellarchitected_consolidated_report, + jsonb_array_elements(lenses) as l; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_1.yaml b/queries/aws_wellarchitected_lens_1.yaml index 28a7810e8..9cda0bb47 100755 --- a/queries/aws_wellarchitected_lens_1.yaml +++ b/queries/aws_wellarchitected_lens_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_1 Title: "List all AWS Well-Architected Lenses with details" Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_1.yaml.bak b/queries/aws_wellarchitected_lens_1.yaml.bak new file mode 100755 index 000000000..28a7810e8 --- /dev/null +++ b/queries/aws_wellarchitected_lens_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_wellarchitected_lens_1 +Title: "List all AWS Well-Architected Lenses with details" +Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + lens_alias, + arn, + lens_status, + lens_type, + owner + from + aws_wellarchitected_lens; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected diff --git a/queries/aws_wellarchitected_lens_2.yaml b/queries/aws_wellarchitected_lens_2.yaml index 3c999f268..cf118996c 100755 --- a/queries/aws_wellarchitected_lens_2.yaml +++ b/queries/aws_wellarchitected_lens_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_2 Title: "List AWS Well-Architected Lens Details" Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_2.yaml.bak b/queries/aws_wellarchitected_lens_2.yaml.bak new file mode 100755 index 000000000..3c999f268 --- /dev/null +++ b/queries/aws_wellarchitected_lens_2.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_wellarchitected_lens_2 +Title: "List AWS Well-Architected Lens Details" +Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select distinct + on(arn) arn, + lens_name, + lens_status, + lens_type + from + aws_wellarchitected_lens; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Lens diff --git a/queries/aws_wellarchitected_lens_3.yaml b/queries/aws_wellarchitected_lens_3.yaml index 261c9a595..81ee048dc 100755 --- a/queries/aws_wellarchitected_lens_3.yaml +++ b/queries/aws_wellarchitected_lens_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_3 Title: "Find AWS Well-Architected Lens details" Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_3.yaml.bak b/queries/aws_wellarchitected_lens_3.yaml.bak new file mode 100755 index 000000000..261c9a595 --- /dev/null +++ b/queries/aws_wellarchitected_lens_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_wellarchitected_lens_3 +Title: "Find AWS Well-Architected Lens details" +Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + arn, + lens_status, + lens_type, + owner, + share_invitation_id + from + aws_wellarchitected_lens + where + lens_type = 'CUSTOM_SHARED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Lens diff --git a/queries/aws_wellarchitected_lens_4.yaml b/queries/aws_wellarchitected_lens_4.yaml index 5af1e231b..277d85048 100755 --- a/queries/aws_wellarchitected_lens_4.yaml +++ b/queries/aws_wellarchitected_lens_4.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_4 Title: "List all AWS Well-Architected Lens with Details" Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_4.yaml.bak b/queries/aws_wellarchitected_lens_4.yaml.bak new file mode 100755 index 000000000..5af1e231b --- /dev/null +++ b/queries/aws_wellarchitected_lens_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_wellarchitected_lens_4 +Title: "List all AWS Well-Architected Lens with Details" +Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + lens_status, + lens_type, + lens_version, + owner + from + aws_wellarchitected_lens + where + lens_status = 'DEPRECATED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Well-Architected Lens diff --git a/queries/aws_wellarchitected_lens_5.yaml b/queries/aws_wellarchitected_lens_5.yaml index fc287e03f..05fd213e1 100755 --- a/queries/aws_wellarchitected_lens_5.yaml +++ b/queries/aws_wellarchitected_lens_5.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_5 Title: "List all AWS Well-Architected Lens with Details" Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_5.yaml.bak b/queries/aws_wellarchitected_lens_5.yaml.bak new file mode 100755 index 000000000..05fd213e1 --- /dev/null +++ b/queries/aws_wellarchitected_lens_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_wellarchitected_lens_5 +Title: "List all AWS Well-Architected Lens with Details" +Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + lens_status, + lens_type, + created_at, + lens_version + from + aws_wellarchitected_lens + where + created_at <= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Lens diff --git a/queries/aws_wellarchitected_lens_5.yaml.bak.bak b/queries/aws_wellarchitected_lens_5.yaml.bak.bak new file mode 100755 index 000000000..05fd213e1 --- /dev/null +++ b/queries/aws_wellarchitected_lens_5.yaml.bak.bak @@ -0,0 +1,28 @@ +ID: aws_wellarchitected_lens_5 +Title: "List all AWS Well-Architected Lens with Details" +Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + lens_status, + lens_type, + created_at, + lens_version + from + aws_wellarchitected_lens + where + created_at <= now() - interval '30' day; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Lens diff --git a/queries/aws_wellarchitected_lens_6.yaml b/queries/aws_wellarchitected_lens_6.yaml index 8c8e51f05..cc80a6005 100755 --- a/queries/aws_wellarchitected_lens_6.yaml +++ b/queries/aws_wellarchitected_lens_6.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_6 Title: "List All AWS Well-Architected Lens Details" Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_6.yaml.bak b/queries/aws_wellarchitected_lens_6.yaml.bak new file mode 100755 index 000000000..8c8e51f05 --- /dev/null +++ b/queries/aws_wellarchitected_lens_6.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_wellarchitected_lens_6 +Title: "List All AWS Well-Architected Lens Details" +Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + lens_status, + lens_type, + lens_version, + owner, + account_id + from + aws_wellarchitected_lens + where + owner = account_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Lens diff --git a/queries/aws_wellarchitected_lens_review_1.yaml b/queries/aws_wellarchitected_lens_review_1.yaml index f47c53479..c3744682f 100755 --- a/queries/aws_wellarchitected_lens_review_1.yaml +++ b/queries/aws_wellarchitected_lens_review_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_review_1 Title: "List all AWS Well-Architected Tool Lens Reviews" Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_review_1.yaml.bak b/queries/aws_wellarchitected_lens_review_1.yaml.bak new file mode 100755 index 000000000..f47c53479 --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_wellarchitected_lens_review_1 +Title: "List all AWS Well-Architected Tool Lens Reviews" +Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + workload_id, + lens_arn, + lens_alias, + lens_version, + updated_at + from + aws_wellarchitected_lens_review; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_2.yaml b/queries/aws_wellarchitected_lens_review_2.yaml index bc066f9a6..16bcd6aa6 100755 --- a/queries/aws_wellarchitected_lens_review_2.yaml +++ b/queries/aws_wellarchitected_lens_review_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_review_2 Title: "List all AWS Well-Architected Lens Reviews with Status" Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_review_2.yaml.bak b/queries/aws_wellarchitected_lens_review_2.yaml.bak new file mode 100755 index 000000000..bc066f9a6 --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_wellarchitected_lens_review_2 +Title: "List all AWS Well-Architected Lens Reviews with Status" +Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + workload_id, + lens_alias, + lens_status + from + aws_wellarchitected_lens_review + where + lens_status = 'DEPRECATED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_3.yaml b/queries/aws_wellarchitected_lens_review_3.yaml index 104d6c952..117f0bf11 100755 --- a/queries/aws_wellarchitected_lens_review_3.yaml +++ b/queries/aws_wellarchitected_lens_review_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_review_3 Title: "List all AWS Well-Architected Tool Lens Review Information" Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_review_3.yaml.bak b/queries/aws_wellarchitected_lens_review_3.yaml.bak new file mode 100755 index 000000000..104d6c952 --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_wellarchitected_lens_review_3 +Title: "List all AWS Well-Architected Tool Lens Review Information" +Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + workload_id, + risk_counts -> 'HIGH' as high_risk_counts + from + aws_wellarchitected_lens_review; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_4.yaml b/queries/aws_wellarchitected_lens_review_4.yaml index d017283f8..b4154f228 100755 --- a/queries/aws_wellarchitected_lens_review_4.yaml +++ b/queries/aws_wellarchitected_lens_review_4.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_review_4 Title: "Query AWS Well-Architected Lens Reviews using SQL" Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_review_4.yaml.bak b/queries/aws_wellarchitected_lens_review_4.yaml.bak new file mode 100755 index 000000000..d017283f8 --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_4.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_wellarchitected_lens_review_4 +Title: "Query AWS Well-Architected Lens Reviews using SQL" +Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.lens_name, + r.workload_id, + r.lens_status, + r.lens_version, + w.architectural_design, + w.environment, + w.review_restriction_date + from + aws_wellarchitected_lens_review as r, + aws_wellarchitected_workload as w + where + r.workload_id = w.workload_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_5.yaml b/queries/aws_wellarchitected_lens_review_5.yaml index 1509f9f4a..f5f621769 100755 --- a/queries/aws_wellarchitected_lens_review_5.yaml +++ b/queries/aws_wellarchitected_lens_review_5.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_review_5 Title: "List AWS Well-Architected Tool Lens Reviews with SQL" Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_review_5.yaml.bak b/queries/aws_wellarchitected_lens_review_5.yaml.bak new file mode 100755 index 000000000..f5f621769 --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_5.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_wellarchitected_lens_review_5 +Title: "List AWS Well-Architected Tool Lens Reviews with SQL" +Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + lens_arn, + s ->> 'Notes' as pillar_review_summary_note, + s ->> 'PillarId' as pillar_id, + s ->> 'PillarName' as pillar_name, + s ->> 'RiskCounts' as RiskCounts + from + aws_wellarchitected_lens_review, + jsonb_array_elements(pillar_review_summaries) as s; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_5.yaml.bak.bak b/queries/aws_wellarchitected_lens_review_5.yaml.bak.bak new file mode 100755 index 000000000..f5f621769 --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_5.yaml.bak.bak @@ -0,0 +1,30 @@ +ID: aws_wellarchitected_lens_review_5 +Title: "List AWS Well-Architected Tool Lens Reviews with SQL" +Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + lens_arn, + s ->> 'Notes' as pillar_review_summary_note, + s ->> 'PillarId' as pillar_id, + s ->> 'PillarName' as pillar_name, + s ->> 'RiskCounts' as RiskCounts + from + aws_wellarchitected_lens_review, + jsonb_array_elements(pillar_review_summaries) as s; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_6.yaml b/queries/aws_wellarchitected_lens_review_6.yaml index 2e3e3eaa2..1f31e5ca1 100755 --- a/queries/aws_wellarchitected_lens_review_6.yaml +++ b/queries/aws_wellarchitected_lens_review_6.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_review_6 Title: "Find Lens Reviews with Workload and Milestone Info" Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_review_6.yaml.bak b/queries/aws_wellarchitected_lens_review_6.yaml.bak new file mode 100755 index 000000000..2e3e3eaa2 --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_6.yaml.bak @@ -0,0 +1,24 @@ +ID: aws_wellarchitected_lens_review_6 +Title: "Find Lens Reviews with Workload and Milestone Info" +Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + lens_arn, + jsonb_pretty(risk_counts) as risk_counts + from + aws_wellarchitected_lens_review; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_improvement_1.yaml b/queries/aws_wellarchitected_lens_review_improvement_1.yaml index 3e091359b..59a0d46e6 100755 --- a/queries/aws_wellarchitected_lens_review_improvement_1.yaml +++ b/queries/aws_wellarchitected_lens_review_improvement_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_review_improvement_1 Title: "List AWS Well-Architected Framework Lens Review Improvements" Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_review_improvement_1.yaml.bak b/queries/aws_wellarchitected_lens_review_improvement_1.yaml.bak new file mode 100755 index 000000000..3e091359b --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_improvement_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_wellarchitected_lens_review_improvement_1 +Title: "List AWS Well-Architected Framework Lens Review Improvements" +Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_alias, + lens_arn, + workload_id, + improvement_plan_url, + pillar_id, + question_id, + question_title + from + aws_wellarchitected_lens_review_improvement; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Framework diff --git a/queries/aws_wellarchitected_lens_review_improvement_2.yaml b/queries/aws_wellarchitected_lens_review_improvement_2.yaml index 22fe9b6c4..c27c53f47 100755 --- a/queries/aws_wellarchitected_lens_review_improvement_2.yaml +++ b/queries/aws_wellarchitected_lens_review_improvement_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_review_improvement_2 Title: "List All AWS Lens Review Improvements with High Risk" Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_review_improvement_2.yaml.bak b/queries/aws_wellarchitected_lens_review_improvement_2.yaml.bak new file mode 100755 index 000000000..22fe9b6c4 --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_improvement_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_wellarchitected_lens_review_improvement_2 +Title: "List All AWS Lens Review Improvements with High Risk" +Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_alias, + lens_arn, + workload_id, + improvement_plan_url, + question_id, + question_title, + risk + from + aws_wellarchitected_lens_review_improvement + where + workload_id = '4fca39b680a31bb118be6bc0d177849d' + and risk = 'HIGH'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Framework diff --git a/queries/aws_wellarchitected_lens_review_improvement_3.yaml b/queries/aws_wellarchitected_lens_review_improvement_3.yaml index 9d2558af6..f42f6433a 100755 --- a/queries/aws_wellarchitected_lens_review_improvement_3.yaml +++ b/queries/aws_wellarchitected_lens_review_improvement_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_review_improvement_3 Title: "List All Lens Review Improvements in AWS Well-Architected" Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_review_improvement_3.yaml.bak b/queries/aws_wellarchitected_lens_review_improvement_3.yaml.bak new file mode 100755 index 000000000..9d2558af6 --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_improvement_3.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_wellarchitected_lens_review_improvement_3 +Title: "List All Lens Review Improvements in AWS Well-Architected" +Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_arn, + workload_id, + risk, + count(risk) + from + aws_wellarchitected_lens_review_improvement + where + lens_alias = 'wellarchitected' + and workload_id = '4fca39b680a31bb118be6bc0d177849d' + group by + risk, + lens_arn, + workload_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Framework diff --git a/queries/aws_wellarchitected_lens_review_improvement_4.yaml b/queries/aws_wellarchitected_lens_review_improvement_4.yaml index 1c941c06e..2c5932c0f 100755 --- a/queries/aws_wellarchitected_lens_review_improvement_4.yaml +++ b/queries/aws_wellarchitected_lens_review_improvement_4.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_review_improvement_4 Title: "List AWS Well-Architected Framework Lens Review Improvements" Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_review_improvement_4.yaml.bak b/queries/aws_wellarchitected_lens_review_improvement_4.yaml.bak new file mode 100755 index 000000000..1c941c06e --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_improvement_4.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_wellarchitected_lens_review_improvement_4 +Title: "List AWS Well-Architected Framework Lens Review Improvements" +Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_alias, + workload_id, + p ->> 'ChoiceId' as choice_id, + p ->> 'DisplayText' as display_text, + p ->> 'ImprovementPlanUrl' as improvement_plan_url + from + aws_wellarchitected_lens_review_improvement, + jsonb_array_elements(improvement_plans) as p; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Framework diff --git a/queries/aws_wellarchitected_lens_review_report_1.yaml b/queries/aws_wellarchitected_lens_review_report_1.yaml index 0459317d3..34934929e 100755 --- a/queries/aws_wellarchitected_lens_review_report_1.yaml +++ b/queries/aws_wellarchitected_lens_review_report_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_review_report_1 Title: "Find AWS Well-Architected Tool Lens Review Reports" Description: "Allows users to query Lens Review Reports in the AWS Well-Architected Tool." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_review_report_1.yaml.bak b/queries/aws_wellarchitected_lens_review_report_1.yaml.bak new file mode 100755 index 000000000..0459317d3 --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_report_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_wellarchitected_lens_review_report_1 +Title: "Find AWS Well-Architected Tool Lens Review Reports" +Description: "Allows users to query Lens Review Reports in the AWS Well-Architected Tool." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_alias, + lens_arn, + workload_id, + milestone_number, + base64_string + from + aws_wellarchitected_lens_review_report; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_report_2.yaml b/queries/aws_wellarchitected_lens_review_report_2.yaml index 9e7cda16a..09c0a1f10 100755 --- a/queries/aws_wellarchitected_lens_review_report_2.yaml +++ b/queries/aws_wellarchitected_lens_review_report_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_review_report_2 Title: "List all AWS Well-Architected Tool Lens Review Reports" Description: "Allows users to query Lens Review Reports in the AWS Well-Architected Tool." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_review_report_2.yaml.bak b/queries/aws_wellarchitected_lens_review_report_2.yaml.bak new file mode 100755 index 000000000..9e7cda16a --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_report_2.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_wellarchitected_lens_review_report_2 +Title: "List all AWS Well-Architected Tool Lens Review Reports" +Description: "Allows users to query Lens Review Reports in the AWS Well-Architected Tool." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + w.workload_name, + r.workload_id, + r.base64_string, + w.environment, + w.is_review_owner_update_acknowledged + from + aws_wellarchitected_lens_review_report as r, + aws_wellarchitected_workload as w + where + r.workload_id = w.workload_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_report_3.yaml b/queries/aws_wellarchitected_lens_review_report_3.yaml index f6bb77fb4..4e62e7a83 100755 --- a/queries/aws_wellarchitected_lens_review_report_3.yaml +++ b/queries/aws_wellarchitected_lens_review_report_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_review_report_3 Title: "List all AWS Well-Architected Tool Lens Review Reports" Description: "Allows users to query Lens Review Reports in the AWS Well-Architected Tool." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_review_report_3.yaml.bak b/queries/aws_wellarchitected_lens_review_report_3.yaml.bak new file mode 100755 index 000000000..f6bb77fb4 --- /dev/null +++ b/queries/aws_wellarchitected_lens_review_report_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_wellarchitected_lens_review_report_3 +Title: "List all AWS Well-Architected Tool Lens Review Reports" +Description: "Allows users to query Lens Review Reports in the AWS Well-Architected Tool." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + r.lens_alias, + r.lens_arn, + r.base64_string, + l.lens_type + from + aws_wellarchitected_lens_review_report as r, + aws_wellarchitected_lens as l + where + l.lens_type <> `aws_OFFICIAL'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_share_1.yaml b/queries/aws_wellarchitected_lens_share_1.yaml index 76b73e7de..c935c69cf 100755 --- a/queries/aws_wellarchitected_lens_share_1.yaml +++ b/queries/aws_wellarchitected_lens_share_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_share_1 Title: "Find AWS Well-Architected Tool Lens Shares Details" Description: "Allows users to query Lens Shares in AWS Well-Architected Tool, providing details about shared lenses including the share ARN, share status, and the AWS account ID of the lens owner." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_share_1.yaml.bak b/queries/aws_wellarchitected_lens_share_1.yaml.bak new file mode 100755 index 000000000..76b73e7de --- /dev/null +++ b/queries/aws_wellarchitected_lens_share_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_wellarchitected_lens_share_1 +Title: "Find AWS Well-Architected Tool Lens Shares Details" +Description: "Allows users to query Lens Shares in AWS Well-Architected Tool, providing details about shared lenses including the share ARN, share status, and the AWS account ID of the lens owner." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + lens_alias, + lens_arn, + share_id, + shared_with + from + aws_wellarchitected_lens_share; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_share_2.yaml b/queries/aws_wellarchitected_lens_share_2.yaml index 337470341..bb0632a20 100755 --- a/queries/aws_wellarchitected_lens_share_2.yaml +++ b/queries/aws_wellarchitected_lens_share_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_share_2 Title: "Find AWS Well-Architected Tool Lens Shares Details" Description: "Allows users to query Lens Shares in AWS Well-Architected Tool, providing details about shared lenses including the share ARN, share status, and the AWS account ID of the lens owner." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_share_2.yaml.bak b/queries/aws_wellarchitected_lens_share_2.yaml.bak new file mode 100755 index 000000000..337470341 --- /dev/null +++ b/queries/aws_wellarchitected_lens_share_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_wellarchitected_lens_share_2 +Title: "Find AWS Well-Architected Tool Lens Shares Details" +Description: "Allows users to query Lens Shares in AWS Well-Architected Tool, providing details about shared lenses including the share ARN, share status, and the AWS account ID of the lens owner." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + s.lens_name, + l.arn, + l.lens_status, + l.lens_type, + l.owner, + l.share_invitation_id + from + aws_wellarchitected_lens_share as s, + aws_wellarchitected_lens as l + where + s.lens_arn = l.arn; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_share_3.yaml b/queries/aws_wellarchitected_lens_share_3.yaml index 6377eb4e2..3c73ae72f 100755 --- a/queries/aws_wellarchitected_lens_share_3.yaml +++ b/queries/aws_wellarchitected_lens_share_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_lens_share_3 Title: "List all AWS Well-Architected Tool Lens Shares" Description: "Allows users to query Lens Shares in AWS Well-Architected Tool, providing details about shared lenses including the share ARN, share status, and the AWS account ID of the lens owner." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_lens_share_3.yaml.bak b/queries/aws_wellarchitected_lens_share_3.yaml.bak new file mode 100755 index 000000000..6377eb4e2 --- /dev/null +++ b/queries/aws_wellarchitected_lens_share_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_wellarchitected_lens_share_3 +Title: "List all AWS Well-Architected Tool Lens Shares" +Description: "Allows users to query Lens Shares in AWS Well-Architected Tool, providing details about shared lenses including the share ARN, share status, and the AWS account ID of the lens owner." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_name, + lens_alias, + lens_arn, + share_id, + shared_with, + status + from + aws_wellarchitected_lens_share + where + status = 'PENDING'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_milestone_1.yaml b/queries/aws_wellarchitected_milestone_1.yaml index 6e44180e7..504871f64 100755 --- a/queries/aws_wellarchitected_milestone_1.yaml +++ b/queries/aws_wellarchitected_milestone_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_milestone_1 Title: "List all AWS Well-Architected Tool Milestones" Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_milestone_1.yaml.bak b/queries/aws_wellarchitected_milestone_1.yaml.bak new file mode 100755 index 000000000..6e44180e7 --- /dev/null +++ b/queries/aws_wellarchitected_milestone_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_wellarchitected_milestone_1 +Title: "List all AWS Well-Architected Tool Milestones" +Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + milestone_name, + milestone_number, + recorded_at, + region + from + aws_wellarchitected_milestone; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_milestone_2.yaml b/queries/aws_wellarchitected_milestone_2.yaml index 31c1369ee..2631d3b56 100755 --- a/queries/aws_wellarchitected_milestone_2.yaml +++ b/queries/aws_wellarchitected_milestone_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_milestone_2 Title: "List AWS Well-Architected Tool milestone details" Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_milestone_2.yaml.bak b/queries/aws_wellarchitected_milestone_2.yaml.bak new file mode 100755 index 000000000..31c1369ee --- /dev/null +++ b/queries/aws_wellarchitected_milestone_2.yaml.bak @@ -0,0 +1,42 @@ +ID: aws_wellarchitected_milestone_2 +Title: "List AWS Well-Architected Tool milestone details" +Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + with latest_milestones as + ( + select + max(milestone_number) as milestone_number, + workload_id + from + aws_wellarchitected_milestone + group by + workload_id + ) + select + m.workload_id, + m.milestone_name, + m.milestone_number as latest_milestone_number, + m.recorded_at, + m.region + from + aws_wellarchitected_milestone m, + latest_milestones l + where + m.milestone_number = l.milestone_number + and m.workload_id = l.workload_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_milestone_3.yaml b/queries/aws_wellarchitected_milestone_3.yaml index d2b53d6c9..2dd08b4ce 100755 --- a/queries/aws_wellarchitected_milestone_3.yaml +++ b/queries/aws_wellarchitected_milestone_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_milestone_3 Title: "Query AWS Well-Architected Tool Milestones in Detail" Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_milestone_3.yaml.bak b/queries/aws_wellarchitected_milestone_3.yaml.bak new file mode 100755 index 000000000..d2b53d6c9 --- /dev/null +++ b/queries/aws_wellarchitected_milestone_3.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_wellarchitected_milestone_3 +Title: "Query AWS Well-Architected Tool Milestones in Detail" +Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + m.milestone_name, + m.milestone_number, + w.workload_name, + w.workload_id, + w.environment, + w.industry, + w.owner + from + aws_wellarchitected_workload w, + aws_wellarchitected_milestone m + where + w.workload_id = m.workload_id; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_milestone_4.yaml b/queries/aws_wellarchitected_milestone_4.yaml index b65177851..38f1e994c 100755 --- a/queries/aws_wellarchitected_milestone_4.yaml +++ b/queries/aws_wellarchitected_milestone_4.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_milestone_4 Title: "Find All AWS Well-Architected Tool Milestones" Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_milestone_4.yaml.bak b/queries/aws_wellarchitected_milestone_4.yaml.bak new file mode 100755 index 000000000..b65177851 --- /dev/null +++ b/queries/aws_wellarchitected_milestone_4.yaml.bak @@ -0,0 +1,35 @@ +ID: aws_wellarchitected_milestone_4 +Title: "Find All AWS Well-Architected Tool Milestones" +Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + m.milestone_name, + m.milestone_number, + w.workload_name, + w.workload_id, + w.environment, + w.industry, + w.owner + from + aws_wellarchitected_workload w, + aws_wellarchitected_milestone m + where + w.workload_id = m.workload_id + and milestone_number = 1 + and w.workload_id = 'abcdec851ac1d8d9d5b9938615da016ce'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_notification_1.yaml b/queries/aws_wellarchitected_notification_1.yaml index 9a93bdb92..a2dbd3096 100755 --- a/queries/aws_wellarchitected_notification_1.yaml +++ b/queries/aws_wellarchitected_notification_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_notification_1 Title: "List AWS Well-Architected Tool Notifications" Description: "Allows users to query AWS Well-Architected Tool Notifications for detailed information about each notification." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_notification_1.yaml.bak b/queries/aws_wellarchitected_notification_1.yaml.bak new file mode 100755 index 000000000..9a93bdb92 --- /dev/null +++ b/queries/aws_wellarchitected_notification_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_wellarchitected_notification_1 +Title: "List AWS Well-Architected Tool Notifications" +Description: "Allows users to query AWS Well-Architected Tool Notifications for detailed information about each notification." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_name, + lens_alias, + lens_arn, + current_lens_version, + latest_lens_version + from + aws_wellarchitected_notification + where + type = 'LENS_VERSION_UPGRADED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_notification_2.yaml b/queries/aws_wellarchitected_notification_2.yaml index d692646b8..7e4caf20f 100755 --- a/queries/aws_wellarchitected_notification_2.yaml +++ b/queries/aws_wellarchitected_notification_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_notification_2 Title: "List AWS Well-Architected Tool Notification Details" Description: "Allows users to query AWS Well-Architected Tool Notifications for detailed information about each notification." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_notification_2.yaml.bak b/queries/aws_wellarchitected_notification_2.yaml.bak new file mode 100755 index 000000000..d692646b8 --- /dev/null +++ b/queries/aws_wellarchitected_notification_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_wellarchitected_notification_2 +Title: "List AWS Well-Architected Tool Notification Details" +Description: "Allows users to query AWS Well-Architected Tool Notifications for detailed information about each notification." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_name, + lens_alias, + lens_arn, + current_lens_version, + latest_lens_version + from + aws_wellarchitected_notification + where + type = 'LENS_VERSION_DEPRECATED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_notification_3.yaml b/queries/aws_wellarchitected_notification_3.yaml index 27eb57261..729c5f753 100755 --- a/queries/aws_wellarchitected_notification_3.yaml +++ b/queries/aws_wellarchitected_notification_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_notification_3 Title: "Find AWS Well-Architected Tool Notification Details" Description: "Allows users to query AWS Well-Architected Tool Notifications for detailed information about each notification." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_notification_3.yaml.bak b/queries/aws_wellarchitected_notification_3.yaml.bak new file mode 100755 index 000000000..27eb57261 --- /dev/null +++ b/queries/aws_wellarchitected_notification_3.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_wellarchitected_notification_3 +Title: "Find AWS Well-Architected Tool Notification Details" +Description: "Allows users to query AWS Well-Architected Tool Notifications for detailed information about each notification." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_name, + lens_alias, + lens_arn, + current_lens_version, + latest_lens_version + from + aws_wellarchitected_notification + where + workload_id = '123451c59cebcd4612f1f858bf75566'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_1.yaml b/queries/aws_wellarchitected_share_invitation_1.yaml index 2cb49f6aa..87d373101 100755 --- a/queries/aws_wellarchitected_share_invitation_1.yaml +++ b/queries/aws_wellarchitected_share_invitation_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_share_invitation_1 Title: "List AWS Well-Architected Tool Share Invitations" Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_share_invitation_1.yaml.bak b/queries/aws_wellarchitected_share_invitation_1.yaml.bak new file mode 100755 index 000000000..2cb49f6aa --- /dev/null +++ b/queries/aws_wellarchitected_share_invitation_1.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_wellarchitected_share_invitation_1 +Title: "List AWS Well-Architected Tool Share Invitations" +Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + share_invitation_id, + permission_type, + shared_by, + shared_with, + share_resource_type + from + aws_wellarchitected_share_invitation; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_2.yaml b/queries/aws_wellarchitected_share_invitation_2.yaml index c270398c0..e4708890d 100755 --- a/queries/aws_wellarchitected_share_invitation_2.yaml +++ b/queries/aws_wellarchitected_share_invitation_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_share_invitation_2 Title: "Find AWS Well-Architected Tool Share Invitations" Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_share_invitation_2.yaml.bak b/queries/aws_wellarchitected_share_invitation_2.yaml.bak new file mode 100755 index 000000000..c270398c0 --- /dev/null +++ b/queries/aws_wellarchitected_share_invitation_2.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_wellarchitected_share_invitation_2 +Title: "Find AWS Well-Architected Tool Share Invitations" +Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + lens_arn, + lens_name, + share_invitation_id, + permission_type, + shared_by, + shared_with + from + aws_wellarchitected_share_invitation + where + share_resource_type = 'LENS' + or lens_arn is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_3.yaml b/queries/aws_wellarchitected_share_invitation_3.yaml index 5c37045f9..f372bc7e8 100755 --- a/queries/aws_wellarchitected_share_invitation_3.yaml +++ b/queries/aws_wellarchitected_share_invitation_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_share_invitation_3 Title: "Find Share Invitations in AWS Well-Architected Tool" Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_share_invitation_3.yaml.bak b/queries/aws_wellarchitected_share_invitation_3.yaml.bak new file mode 100755 index 000000000..5c37045f9 --- /dev/null +++ b/queries/aws_wellarchitected_share_invitation_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_wellarchitected_share_invitation_3 +Title: "Find Share Invitations in AWS Well-Architected Tool" +Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + workload_name, + share_invitation_id, + permission_type, + shared_by, + shared_with + from + aws_wellarchitected_share_invitation + where + share_resource_type = 'WORKLOAD' + or workload_id is not null; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_4.yaml b/queries/aws_wellarchitected_share_invitation_4.yaml index e09e6a7cc..aa3e11f9e 100755 --- a/queries/aws_wellarchitected_share_invitation_4.yaml +++ b/queries/aws_wellarchitected_share_invitation_4.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_share_invitation_4 Title: "Find All AWS Well-Architected Tool Share Invitations" Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_share_invitation_4.yaml.bak b/queries/aws_wellarchitected_share_invitation_4.yaml.bak new file mode 100755 index 000000000..e09e6a7cc --- /dev/null +++ b/queries/aws_wellarchitected_share_invitation_4.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_wellarchitected_share_invitation_4 +Title: "Find All AWS Well-Architected Tool Share Invitations" +Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + share_invitation_id, + permission_type, + shared_by, + shared_with, + share_resource_type + from + aws_wellarchitected_share_invitation + where + permission_type = 'CONTRIBUTOR'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_5.yaml b/queries/aws_wellarchitected_share_invitation_5.yaml index 0073bb327..be38a6e31 100755 --- a/queries/aws_wellarchitected_share_invitation_5.yaml +++ b/queries/aws_wellarchitected_share_invitation_5.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_share_invitation_5 Title: "List all AWS Well-Architected Tool Share Invitations" Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_share_invitation_5.yaml.bak b/queries/aws_wellarchitected_share_invitation_5.yaml.bak new file mode 100755 index 000000000..0073bb327 --- /dev/null +++ b/queries/aws_wellarchitected_share_invitation_5.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_wellarchitected_share_invitation_5 +Title: "List all AWS Well-Architected Tool Share Invitations" +Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + share_invitation_id, + permission_type, + shared_by, + shared_with, + share_resource_type + from + aws_wellarchitected_share_invitation + where + permission_type = 'READONLY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_6.yaml b/queries/aws_wellarchitected_share_invitation_6.yaml index 29a982511..1843f6e0e 100755 --- a/queries/aws_wellarchitected_share_invitation_6.yaml +++ b/queries/aws_wellarchitected_share_invitation_6.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_share_invitation_6 Title: "List All Share Invitations in AWS Well-Architected Tool" Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_share_invitation_6.yaml.bak b/queries/aws_wellarchitected_share_invitation_6.yaml.bak new file mode 100755 index 000000000..1843f6e0e --- /dev/null +++ b/queries/aws_wellarchitected_share_invitation_6.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_wellarchitected_share_invitation_6 +Title: "List All Share Invitations in AWS Well-Architected Tool" +Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + count(*) as total, + share_resource_type + from + aws_wellarchitected_share_invitation + group by + share_resource_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_6.yaml.bak.bak b/queries/aws_wellarchitected_share_invitation_6.yaml.bak.bak new file mode 100755 index 000000000..1843f6e0e --- /dev/null +++ b/queries/aws_wellarchitected_share_invitation_6.yaml.bak.bak @@ -0,0 +1,25 @@ +ID: aws_wellarchitected_share_invitation_6 +Title: "List All Share Invitations in AWS Well-Architected Tool" +Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + count(*) as total, + share_resource_type + from + aws_wellarchitected_share_invitation + group by + share_resource_type; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_1.yaml b/queries/aws_wellarchitected_workload_1.yaml index 39e56bf97..947e0a035 100755 --- a/queries/aws_wellarchitected_workload_1.yaml +++ b/queries/aws_wellarchitected_workload_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_workload_1 Title: "List all AWS Well-Architected Tool Workloads including names, ARNs, and statuses" Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_workload_1.yaml.bak b/queries/aws_wellarchitected_workload_1.yaml.bak new file mode 100755 index 000000000..39e56bf97 --- /dev/null +++ b/queries/aws_wellarchitected_workload_1.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_wellarchitected_workload_1 +Title: "List all AWS Well-Architected Tool Workloads including names, ARNs, and statuses" +Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_name, + workload_id, + environment, + industry, + owner + from + aws_wellarchitected_workload; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_2.yaml b/queries/aws_wellarchitected_workload_2.yaml index 189967346..f92d36b93 100755 --- a/queries/aws_wellarchitected_workload_2.yaml +++ b/queries/aws_wellarchitected_workload_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_workload_2 Title: "List all AWS Well-Architected Tool Workloads Data" Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_workload_2.yaml.bak b/queries/aws_wellarchitected_workload_2.yaml.bak new file mode 100755 index 000000000..189967346 --- /dev/null +++ b/queries/aws_wellarchitected_workload_2.yaml.bak @@ -0,0 +1,28 @@ +ID: aws_wellarchitected_workload_2 +Title: "List all AWS Well-Architected Tool Workloads Data" +Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_name, + workload_id, + environment + from + aws_wellarchitected_workload + where + environment = 'PRODUCTION'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS Well-Architected Tool Workloads diff --git a/queries/aws_wellarchitected_workload_3.yaml b/queries/aws_wellarchitected_workload_3.yaml index 5e383fe2d..15a068d90 100755 --- a/queries/aws_wellarchitected_workload_3.yaml +++ b/queries/aws_wellarchitected_workload_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_workload_3 Title: "Find AWS Well-Architected Workloads Risk and IDs" Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_workload_3.yaml.bak b/queries/aws_wellarchitected_workload_3.yaml.bak new file mode 100755 index 000000000..5e383fe2d --- /dev/null +++ b/queries/aws_wellarchitected_workload_3.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_wellarchitected_workload_3 +Title: "Find AWS Well-Architected Workloads Risk and IDs" +Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_name, + workload_id, + risk_counts -> 'HIGH' as high_risk_counts + from + aws_wellarchitected_workload; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_4.yaml b/queries/aws_wellarchitected_workload_4.yaml index d8df0b29f..8ec420aa4 100755 --- a/queries/aws_wellarchitected_workload_4.yaml +++ b/queries/aws_wellarchitected_workload_4.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_workload_4 Title: "Find all AWS Well-Architected Tool Workloads" Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_workload_4.yaml.bak b/queries/aws_wellarchitected_workload_4.yaml.bak new file mode 100755 index 000000000..8ec420aa4 --- /dev/null +++ b/queries/aws_wellarchitected_workload_4.yaml.bak @@ -0,0 +1,26 @@ +ID: aws_wellarchitected_workload_4 +Title: "Find all AWS Well-Architected Tool Workloads" +Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_name, + workload_id, + is_review_owner_update_acknowledged + from + aws_wellarchitected_workload + where + not is_review_owner_update_acknowledged; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_4.yaml.bak.bak b/queries/aws_wellarchitected_workload_4.yaml.bak.bak new file mode 100755 index 000000000..8ec420aa4 --- /dev/null +++ b/queries/aws_wellarchitected_workload_4.yaml.bak.bak @@ -0,0 +1,26 @@ +ID: aws_wellarchitected_workload_4 +Title: "Find all AWS Well-Architected Tool Workloads" +Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_name, + workload_id, + is_review_owner_update_acknowledged + from + aws_wellarchitected_workload + where + not is_review_owner_update_acknowledged; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_share_1.yaml b/queries/aws_wellarchitected_workload_share_1.yaml index 6aa65765b..338203c87 100755 --- a/queries/aws_wellarchitected_workload_share_1.yaml +++ b/queries/aws_wellarchitected_workload_share_1.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_workload_share_1 Title: "Find Shared Workloads in AWS Well-Architected Tool" Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_workload_share_1.yaml.bak b/queries/aws_wellarchitected_workload_share_1.yaml.bak new file mode 100755 index 000000000..6aa65765b --- /dev/null +++ b/queries/aws_wellarchitected_workload_share_1.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_wellarchitected_workload_share_1 +Title: "Find Shared Workloads in AWS Well-Architected Tool" +Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + share_id, + shared_with + permission_type, + status, + region + from + aws_wellarchitected_workload_share; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_share_2.yaml b/queries/aws_wellarchitected_workload_share_2.yaml index 2170db113..d6aba855e 100755 --- a/queries/aws_wellarchitected_workload_share_2.yaml +++ b/queries/aws_wellarchitected_workload_share_2.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_workload_share_2 Title: "List all AWS Well-Architected Workload Shares" Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_workload_share_2.yaml.bak b/queries/aws_wellarchitected_workload_share_2.yaml.bak new file mode 100755 index 000000000..2170db113 --- /dev/null +++ b/queries/aws_wellarchitected_workload_share_2.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_wellarchitected_workload_share_2 +Title: "List all AWS Well-Architected Workload Shares" +Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + share_id, + shared_with + permission_type, + status, + region + from + aws_wellarchitected_workload_share + where + status = 'PENDING'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_share_3.yaml b/queries/aws_wellarchitected_workload_share_3.yaml index b41c40eec..995a46d68 100755 --- a/queries/aws_wellarchitected_workload_share_3.yaml +++ b/queries/aws_wellarchitected_workload_share_3.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_workload_share_3 Title: "List all AWS Well-Architected Tool Workload Shares" Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_workload_share_3.yaml.bak b/queries/aws_wellarchitected_workload_share_3.yaml.bak new file mode 100755 index 000000000..995a46d68 --- /dev/null +++ b/queries/aws_wellarchitected_workload_share_3.yaml.bak @@ -0,0 +1,29 @@ +ID: aws_wellarchitected_workload_share_3 +Title: "List all AWS Well-Architected Tool Workload Shares" +Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + share_id, + shared_with + permission_type, + status, + region + from + aws_wellarchitected_workload_share + where + permission_type = 'CONTRIBUTOR'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_share_3.yaml.bak.bak b/queries/aws_wellarchitected_workload_share_3.yaml.bak.bak new file mode 100755 index 000000000..995a46d68 --- /dev/null +++ b/queries/aws_wellarchitected_workload_share_3.yaml.bak.bak @@ -0,0 +1,29 @@ +ID: aws_wellarchitected_workload_share_3 +Title: "List all AWS Well-Architected Tool Workload Shares" +Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + share_id, + shared_with + permission_type, + status, + region + from + aws_wellarchitected_workload_share + where + permission_type = 'CONTRIBUTOR'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_share_4.yaml b/queries/aws_wellarchitected_workload_share_4.yaml index f3d930197..54cfa8d37 100755 --- a/queries/aws_wellarchitected_workload_share_4.yaml +++ b/queries/aws_wellarchitected_workload_share_4.yaml @@ -1,7 +1,7 @@ ID: aws_wellarchitected_workload_share_4 Title: "Find AWS Well-Architected Workload Share With Read-Only Permission" Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_wellarchitected_workload_share_4.yaml.bak b/queries/aws_wellarchitected_workload_share_4.yaml.bak new file mode 100755 index 000000000..f3d930197 --- /dev/null +++ b/queries/aws_wellarchitected_workload_share_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_wellarchitected_workload_share_4 +Title: "Find AWS Well-Architected Workload Share With Read-Only Permission" +Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + workload_id, + share_id, + shared_with + permission_type, + status, + region + from + aws_wellarchitected_workload_share + where + permission_type = 'READONLY'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - Well-Architected Tool diff --git a/queries/aws_workspaces_directory_1.yaml b/queries/aws_workspaces_directory_1.yaml index 33cbd8bcd..48df47651 100755 --- a/queries/aws_workspaces_directory_1.yaml +++ b/queries/aws_workspaces_directory_1.yaml @@ -1,7 +1,7 @@ ID: aws_workspaces_directory_1 Title: "Find AWS WorkSpaces Directory Information Details" Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_workspaces_directory_1.yaml.bak b/queries/aws_workspaces_directory_1.yaml.bak new file mode 100755 index 000000000..33cbd8bcd --- /dev/null +++ b/queries/aws_workspaces_directory_1.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_workspaces_directory_1 +Title: "Find AWS WorkSpaces Directory Information Details" +Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + directory_id, + arn, + alias, + customer_user_name, + directory_type, + state + from + aws_workspaces_directory; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WorkSpaces diff --git a/queries/aws_workspaces_directory_2.yaml b/queries/aws_workspaces_directory_2.yaml index 25a40d858..2a94c98c6 100755 --- a/queries/aws_workspaces_directory_2.yaml +++ b/queries/aws_workspaces_directory_2.yaml @@ -1,7 +1,7 @@ ID: aws_workspaces_directory_2 Title: "Find all AWS WorkSpaces Directory Details via SQL" Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_workspaces_directory_2.yaml.bak b/queries/aws_workspaces_directory_2.yaml.bak new file mode 100755 index 000000000..25a40d858 --- /dev/null +++ b/queries/aws_workspaces_directory_2.yaml.bak @@ -0,0 +1,34 @@ +ID: aws_workspaces_directory_2 +Title: "Find all AWS WorkSpaces Directory Details via SQL" +Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + directory_id, + arn, + alias, + customer_user_name, + directory_type, + state + from + aws_workspaces_directory + where + certificate_based_auth_properties ->> 'Status' = 'ENABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WorkSpaces diff --git a/queries/aws_workspaces_directory_3.yaml b/queries/aws_workspaces_directory_3.yaml index aeb560195..a682f1fe1 100755 --- a/queries/aws_workspaces_directory_3.yaml +++ b/queries/aws_workspaces_directory_3.yaml @@ -1,7 +1,7 @@ ID: aws_workspaces_directory_3 Title: "Find AWS WorkSpaces Directory Information" Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_workspaces_directory_3.yaml.bak b/queries/aws_workspaces_directory_3.yaml.bak new file mode 100755 index 000000000..aeb560195 --- /dev/null +++ b/queries/aws_workspaces_directory_3.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_workspaces_directory_3 +Title: "Find AWS WorkSpaces Directory Information" +Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + directory_id, + arn, + alias, + customer_user_name, + directory_type, + state + from + aws_workspaces_directory + where + directory_type = 'SIMPLE_AD'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - WorkSpaces diff --git a/queries/aws_workspaces_directory_4.yaml b/queries/aws_workspaces_directory_4.yaml index cd40f481e..d67e732b1 100755 --- a/queries/aws_workspaces_directory_4.yaml +++ b/queries/aws_workspaces_directory_4.yaml @@ -1,7 +1,7 @@ ID: aws_workspaces_directory_4 Title: "Find all AWS WorkSpaces Directory Information" Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_workspaces_directory_4.yaml.bak b/queries/aws_workspaces_directory_4.yaml.bak new file mode 100755 index 000000000..d67e732b1 --- /dev/null +++ b/queries/aws_workspaces_directory_4.yaml.bak @@ -0,0 +1,31 @@ +ID: aws_workspaces_directory_4 +Title: "Find all AWS WorkSpaces Directory Information" +Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + directory_id, + arn, + saml_properties ->> 'RelayStateParameterName' as saml_relay_state_parameter_name, + saml_properties ->> 'Status' as saml_status, + saml_properties ->> 'UserAccessUrl' as saml_user_access_url + from + aws_workspaces_directory + where + directory_id = 'd-96676995ea'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WorkSpaces diff --git a/queries/aws_workspaces_directory_4.yaml.bak.bak b/queries/aws_workspaces_directory_4.yaml.bak.bak new file mode 100755 index 000000000..d67e732b1 --- /dev/null +++ b/queries/aws_workspaces_directory_4.yaml.bak.bak @@ -0,0 +1,31 @@ +ID: aws_workspaces_directory_4 +Title: "Find all AWS WorkSpaces Directory Information" +Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + directory_id, + arn, + saml_properties ->> 'RelayStateParameterName' as saml_relay_state_parameter_name, + saml_properties ->> 'Status' as saml_status, + saml_properties ->> 'UserAccessUrl' as saml_user_access_url + from + aws_workspaces_directory + where + directory_id = 'd-96676995ea'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_identity_security: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WorkSpaces diff --git a/queries/aws_workspaces_directory_5.yaml b/queries/aws_workspaces_directory_5.yaml index 5c97242d4..824df0319 100755 --- a/queries/aws_workspaces_directory_5.yaml +++ b/queries/aws_workspaces_directory_5.yaml @@ -1,7 +1,7 @@ ID: aws_workspaces_directory_5 Title: "List AWS WorkSpaces Directory Information" Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_workspaces_directory_5.yaml.bak b/queries/aws_workspaces_directory_5.yaml.bak new file mode 100755 index 000000000..5c97242d4 --- /dev/null +++ b/queries/aws_workspaces_directory_5.yaml.bak @@ -0,0 +1,33 @@ +ID: aws_workspaces_directory_5 +Title: "List AWS WorkSpaces Directory Information" +Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + directory_id, + arn, + alias, + customer_user_name, + directory_type, + state, + selfservice_permissions ->> 'SwitchRunningMode' as switch_running_mode + from + aws_workspaces_directory + where + selfservice_permissions ->> 'SwitchRunningMode' = 'ENABLED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_ops: + - "true" + cloud_provider: + - aws + cloud_service: + - WorkSpaces diff --git a/queries/aws_workspaces_directory_6.yaml b/queries/aws_workspaces_directory_6.yaml index be486b51f..30da59408 100755 --- a/queries/aws_workspaces_directory_6.yaml +++ b/queries/aws_workspaces_directory_6.yaml @@ -1,7 +1,7 @@ ID: aws_workspaces_directory_6 Title: "Find AWS WorkSpaces Directory Details Including IDs and Properties" Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_workspaces_directory_6.yaml.bak b/queries/aws_workspaces_directory_6.yaml.bak new file mode 100755 index 000000000..be486b51f --- /dev/null +++ b/queries/aws_workspaces_directory_6.yaml.bak @@ -0,0 +1,32 @@ +ID: aws_workspaces_directory_6 +Title: "Find AWS WorkSpaces Directory Details Including IDs and Properties" +Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + directory_id, + arn, + workspace_creation_properties ->> 'CustomSecurityGroupId' as custom_security_group_id, + workspace_creation_properties ->> 'DefaultOu' as default_ou, + workspace_creation_properties ->> 'EnableInternetAccess' as enable_internet_access, + workspace_creation_properties ->> 'EnableMaintenanceMode' as enable_maintenance_mode, + workspace_creation_properties ->> 'EnableWorkDocs' as enable_work_docs, + workspace_creation_properties ->> 'UserEnabledAsLocalAdministrator' as user_enabled_as_local_administrator + from + aws_workspaces_directory + where + directory_id = 'd-96676995ea'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WorkSpaces diff --git a/queries/aws_workspaces_directory_7.yaml b/queries/aws_workspaces_directory_7.yaml index b0258fed5..96fa15317 100755 --- a/queries/aws_workspaces_directory_7.yaml +++ b/queries/aws_workspaces_directory_7.yaml @@ -1,7 +1,7 @@ ID: aws_workspaces_directory_7 Title: "List all AWS WorkSpaces Directory Information" Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_workspaces_directory_7.yaml.bak b/queries/aws_workspaces_directory_7.yaml.bak new file mode 100755 index 000000000..b0258fed5 --- /dev/null +++ b/queries/aws_workspaces_directory_7.yaml.bak @@ -0,0 +1,30 @@ +ID: aws_workspaces_directory_7 +Title: "List all AWS WorkSpaces Directory Information" +Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + directory_id, + arn, + alias, + customer_user_name, + directory_type, + state + from + aws_workspaces_directory + where + state = 'REGISTERED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - WorkSpaces diff --git a/queries/aws_workspaces_directory_8.yaml b/queries/aws_workspaces_directory_8.yaml index f77ff099e..7917be109 100755 --- a/queries/aws_workspaces_directory_8.yaml +++ b/queries/aws_workspaces_directory_8.yaml @@ -1,7 +1,7 @@ ID: aws_workspaces_directory_8 Title: "List AWS WorkSpaces Directory Details Using SQL" Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_workspaces_directory_8.yaml.bak b/queries/aws_workspaces_directory_8.yaml.bak new file mode 100755 index 000000000..7917be109 --- /dev/null +++ b/queries/aws_workspaces_directory_8.yaml.bak @@ -0,0 +1,36 @@ +ID: aws_workspaces_directory_8 +Title: "List AWS WorkSpaces Directory Details Using SQL" +Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + directory_id, + arn, + workspace_access_properties ->> 'DeviceTypeAndroid' as device_type_android, + workspace_access_properties ->> 'DeviceTypeChromeOs' as device_type_chrome_os, + workspace_access_properties ->> 'DeviceTypeIos' as device_type_ios, + workspace_access_properties ->> 'DeviceTypeLinux' as device_type_linux, + workspace_access_properties ->> 'DeviceTypeOsx' as device_type_osx, + workspace_access_properties ->> 'DeviceTypeWeb' as device_type_web, + workspace_access_properties ->> 'DeviceTypeWindows' as device_type_windows, + workspace_access_properties ->> 'DeviceTypeZeroClient' as device_type_zero_client + from + aws_workspaces_directory + where + directory_id = 'd-96676995ea'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WorkSpaces diff --git a/queries/aws_workspaces_directory_8.yaml.bak.bak b/queries/aws_workspaces_directory_8.yaml.bak.bak new file mode 100755 index 000000000..7917be109 --- /dev/null +++ b/queries/aws_workspaces_directory_8.yaml.bak.bak @@ -0,0 +1,36 @@ +ID: aws_workspaces_directory_8 +Title: "List AWS WorkSpaces Directory Details Using SQL" +Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." +IntegrationTypeName: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + directory_id, + arn, + workspace_access_properties ->> 'DeviceTypeAndroid' as device_type_android, + workspace_access_properties ->> 'DeviceTypeChromeOs' as device_type_chrome_os, + workspace_access_properties ->> 'DeviceTypeIos' as device_type_ios, + workspace_access_properties ->> 'DeviceTypeLinux' as device_type_linux, + workspace_access_properties ->> 'DeviceTypeOsx' as device_type_osx, + workspace_access_properties ->> 'DeviceTypeWeb' as device_type_web, + workspace_access_properties ->> 'DeviceTypeWindows' as device_type_windows, + workspace_access_properties ->> 'DeviceTypeZeroClient' as device_type_zero_client + from + aws_workspaces_directory + where + directory_id = 'd-96676995ea'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_identity_security: + - "true" + cloud_provider: + - aws + cloud_service: + - AWS WorkSpaces diff --git a/queries/aws_workspaces_workspace_1.yaml b/queries/aws_workspaces_workspace_1.yaml index 300b4f380..f835ab222 100755 --- a/queries/aws_workspaces_workspace_1.yaml +++ b/queries/aws_workspaces_workspace_1.yaml @@ -1,7 +1,7 @@ ID: aws_workspaces_workspace_1 Title: "List all Amazon WorkSpaces Workspace details" Description: "Allows users to query Amazon WorkSpaces Workspace to retrieve details about each workspace in the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_workspaces_workspace_1.yaml.bak b/queries/aws_workspaces_workspace_1.yaml.bak new file mode 100755 index 000000000..300b4f380 --- /dev/null +++ b/queries/aws_workspaces_workspace_1.yaml.bak @@ -0,0 +1,25 @@ +ID: aws_workspaces_workspace_1 +Title: "List all Amazon WorkSpaces Workspace details" +Description: "Allows users to query Amazon WorkSpaces Workspace to retrieve details about each workspace in the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + workspace_id, + arn, + state + from + aws_workspaces_workspace; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon WorkSpaces diff --git a/queries/aws_workspaces_workspace_2.yaml b/queries/aws_workspaces_workspace_2.yaml index f636358c5..8282cc2c5 100755 --- a/queries/aws_workspaces_workspace_2.yaml +++ b/queries/aws_workspaces_workspace_2.yaml @@ -1,7 +1,7 @@ ID: aws_workspaces_workspace_2 Title: "Find Amazon WorkSpaces Workspace details in AWS" Description: "Allows users to query Amazon WorkSpaces Workspace to retrieve details about each workspace in the AWS account." -Connector: +IntegrationTypeName: - aws Query: Engine: CloudQL-v0.0.1 diff --git a/queries/aws_workspaces_workspace_2.yaml.bak b/queries/aws_workspaces_workspace_2.yaml.bak new file mode 100755 index 000000000..f636358c5 --- /dev/null +++ b/queries/aws_workspaces_workspace_2.yaml.bak @@ -0,0 +1,27 @@ +ID: aws_workspaces_workspace_2 +Title: "Find Amazon WorkSpaces Workspace details in AWS" +Description: "Allows users to query Amazon WorkSpaces Workspace to retrieve details about each workspace in the AWS account." +Connector: +- aws +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + name, + workspace_id, + arn, + state + from + aws_workspaces_workspace + where + state = 'TERMINATED'; + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Amazon WorkSpaces diff --git a/queries/bulk_update_yaml.sh b/queries/bulk_update_yaml.sh index 5dab704c4..006c17a9f 100755 --- a/queries/bulk_update_yaml.sh +++ b/queries/bulk_update_yaml.sh @@ -1,41 +1,47 @@ #!/bin/bash # Description: -# This script traverses all subdirectories to find YAML files containing the 'Connector' key -# and renames the key to 'IntegrationTypeName' while mapping specific values. - -# Define the root directory (current directory) -ROOT_DIR="." - -# Create or clear the log files -> processed_files.log -> error_files.log -> error_messages.log - -# Function to process each file -process_file() { - local file="$1" - echo "Processing: $file" - - # Apply the yq transformation - if yq eval -i '.IntegrationTypeName = (if (.Connector | type) == "array" then .Connector | map({"aws": "aws_cloud", "azure": "azure_subscription"}[.] // .) else {"aws": "aws_cloud", "azure": "azure_subscription"}[.Connector] // .Connector end) | del(.Connector)' "$file" - then - echo "$file processed successfully." >> processed_files.log - else - echo "Error processing $file" >> error_files.log - # Capture detailed error messages - yq eval '.IntegrationTypeName = (if (.Connector | type) == "array" then .Connector | map({"aws": "aws_cloud", "azure": "azure_subscription"}[.] // .) else {"aws": "aws_cloud", "azure": "azure_subscription"}[.Connector] // .Connector end) | del(.Connector)' "$file" 2>> error_messages.log - fi +# This script replaces "IntegrationTypeName:" with "IntegrationTypeName:" in specified files or +# recursively in all files within subdirectories if no files are specified. +# It creates a backup of each original file with a .bak extension before making changes. + +# Usage: +# ./replace_connector.sh [file1 file2 ... fileN] +# If no files are specified, the script processes all regular files in subdirectories. + +# Function to perform the replacement on a single file +replace_in_file() { + local file="$1" + # Use sed to perform the replacement + # -i.bak creates a backup file with .bak extension + sed -i.bak 's/IntegrationTypeName:/IntegrationTypeName:/g' "$file" + + # Check if sed was successful + if [ $? -eq 0 ]; then + echo "Successfully processed: $file (backup: $file.bak)" + else + echo "Error processing: $file" + fi } -export -f process_file - -# Find and process all .yaml and .yml files containing the 'Connector' key -find "$ROOT_DIR" -type f \( -iname "*.yaml" -o -iname "*.yml" \) -print0 | while IFS= read -r -d '' file; do - if grep -q '^Connector:' "$file"; then - process_file "$file" - fi -done - -echo "Bulk update completed. Check 'processed_files.log' for details." -echo "Any errors are logged in 'error_files.log' and 'error_messages.log'." \ No newline at end of file +# Check if at least one filename is provided +if [ "$#" -ge 1 ]; then + # Loop through all provided files + for file in "$@"; do + if [ -f "$file" ]; then + replace_in_file "$file" + else + echo "Skipping: $file (not a regular file)" + fi + done +else + # No arguments provided; process all regular files in subdirectories + echo "No files specified. Processing all regular files in subdirectories..." + + # Find all regular files and loop through them + find . -type f | while read -r file; do + replace_in_file "$file" + done + + echo "Replacement complete for all files in subdirectories. Backup files have a .bak extension." +fi diff --git a/queries/bulk_update_yaml.sh.bak b/queries/bulk_update_yaml.sh.bak new file mode 100755 index 000000000..390884ee7 --- /dev/null +++ b/queries/bulk_update_yaml.sh.bak @@ -0,0 +1,47 @@ +#!/bin/bash + +# Description: +# This script replaces "Connector:" with "IntegrationTypeName:" in specified files or +# recursively in all files within subdirectories if no files are specified. +# It creates a backup of each original file with a .bak extension before making changes. + +# Usage: +# ./replace_connector.sh [file1 file2 ... fileN] +# If no files are specified, the script processes all regular files in subdirectories. + +# Function to perform the replacement on a single file +replace_in_file() { + local file="$1" + # Use sed to perform the replacement + # -i.bak creates a backup file with .bak extension + sed -i.bak 's/Connector:/IntegrationTypeName:/g' "$file" + + # Check if sed was successful + if [ $? -eq 0 ]; then + echo "Successfully processed: $file (backup: $file.bak)" + else + echo "Error processing: $file" + fi +} + +# Check if at least one filename is provided +if [ "$#" -ge 1 ]; then + # Loop through all provided files + for file in "$@"; do + if [ -f "$file" ]; then + replace_in_file "$file" + else + echo "Skipping: $file (not a regular file)" + fi + done +else + # No arguments provided; process all regular files in subdirectories + echo "No files specified. Processing all regular files in subdirectories..." + + # Find all regular files and loop through them + find . -type f | while read -r file; do + replace_in_file "$file" + done + + echo "Replacement complete for all files in subdirectories. Backup files have a .bak extension." +fi diff --git a/queries/cloud_managed_software.yaml b/queries/cloud_managed_software.yaml index 086ca44a8..c000d10dc 100755 --- a/queries/cloud_managed_software.yaml +++ b/queries/cloud_managed_software.yaml @@ -1,7 +1,7 @@ ID: cloud_managed_software Title: "Cloud Managed Software" Description: "" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/cloud_managed_software.yaml.bak b/queries/cloud_managed_software.yaml.bak new file mode 100755 index 000000000..086ca44a8 --- /dev/null +++ b/queries/cloud_managed_software.yaml.bak @@ -0,0 +1,36 @@ +ID: cloud_managed_software +Title: "Cloud Managed Software" +Description: "" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + case + when resource_type like 'aws::%' then 'AWS' + else 'Azure' + end as provider, + c.name as cloud_account_name, + c.id as _discovered_provider_id, + r.name as name, + r.region as location, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered + from + og_resources r inner join og_connections c on r.connection_id = c.og_id + where + resource_type IN ('aws::kafka::cluster', 'aws::mwaa::environment', 'aws::amp::workspace', 'microsoft.dashboard/grafana') + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + cloud_service: + - Managed Software diff --git a/queries/cloud_networks.yaml b/queries/cloud_networks.yaml index ca4ac8bfd..895419ef1 100755 --- a/queries/cloud_networks.yaml +++ b/queries/cloud_networks.yaml @@ -1,7 +1,7 @@ ID: cloud_networks Title: "Cloud Networks" Description: "" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/cloud_networks.yaml.bak b/queries/cloud_networks.yaml.bak new file mode 100755 index 000000000..ca4ac8bfd --- /dev/null +++ b/queries/cloud_networks.yaml.bak @@ -0,0 +1,37 @@ +ID: cloud_networks +Title: "Cloud Networks" +Description: "" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + case + when resource_type like 'aws::%' then 'AWS' + else 'Azure' + end as provider, + c.name as cloud_account_name, + c.id as _discovered_provider_id, + r.name as name, + r.region as location, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered + from + og_resources r inner join og_connections c on r.connection_id = c.og_id + where + resource_type IN ('aws::ec2::vpc', 'microsoft.network/virtualnetworks') + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + - azure + cloud_service: + - Network diff --git a/queries/container_workload.yaml b/queries/container_workload.yaml index ae1a83900..c18a82d98 100755 --- a/queries/container_workload.yaml +++ b/queries/container_workload.yaml @@ -1,7 +1,7 @@ ID: container_workload Title: "Container Workload" Description: "" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/container_workload.yaml.bak b/queries/container_workload.yaml.bak new file mode 100755 index 000000000..ae1a83900 --- /dev/null +++ b/queries/container_workload.yaml.bak @@ -0,0 +1,36 @@ +ID: container_workload +Title: "Container Workload" +Description: "" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + case + when resource_type like 'aws::%' then 'AWS' + else 'Azure' + end as provider, + c.name as cloud_account_name, + c.id as _discovered_provider_id, + r.name as name, + r.region as location, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered + from + og_resources r inner join og_connections c on r.connection_id = c.og_id + where + resource_type IN ('aws::eks::cluster', 'aws::ecs::cluster', 'microsoft.containerregistry/registries', 'microsoft.containerservice/managedclusters', 'microsoft.app/containerapps') + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws and azure + cloud_service: + - Container Workload diff --git a/queries/database_workload.yaml b/queries/database_workload.yaml index 1cade3dc7..4a73f0058 100755 --- a/queries/database_workload.yaml +++ b/queries/database_workload.yaml @@ -1,7 +1,7 @@ ID: database_workload Title: "List Database Workloads and Cloud Provider Information" Description: "" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/database_workload.yaml.bak b/queries/database_workload.yaml.bak new file mode 100755 index 000000000..1cade3dc7 --- /dev/null +++ b/queries/database_workload.yaml.bak @@ -0,0 +1,40 @@ +ID: database_workload +Title: "List Database Workloads and Cloud Provider Information" +Description: "" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + case + when resource_type like 'aws::%' then 'AWS' + else 'Azure' + end as provider, + c.name as cloud_account_name, + c.id as _discovered_provider_id, + r.name as name, + r.region as location, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered + from + og_resources r inner join og_connections c on r.connection_id = c.og_id + where + resource_type IN ('aws::memorydb::cluster', 'aws::neptune::database', 'aws::dynamodb::table', 'aws::rds::dbinstance', + 'aws::elasticache::cluster', 'aws::redshift::cluster', 'aws::dms::replicationinstance', 'aws::redshiftserverless::namespace', + 'aws::opensearchserverless::collection', 'microsoft.dbforpostgresql/servers', 'microsoft.documentdb/sqldatabases', 'microsoft.sql/servers', + 'microsoft.dbformysql/servers','microsoft.sql/managedinstances') + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + - azure + cloud_service: + - Database diff --git a/queries/devops.yaml b/queries/devops.yaml index 29bd7ef7c..28b1ba195 100755 --- a/queries/devops.yaml +++ b/queries/devops.yaml @@ -1,7 +1,7 @@ ID: devops Title: "DevOps" Description: "" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/devops.yaml.bak b/queries/devops.yaml.bak new file mode 100755 index 000000000..29bd7ef7c --- /dev/null +++ b/queries/devops.yaml.bak @@ -0,0 +1,38 @@ +ID: devops +Title: "DevOps" +Description: "" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + case + when resource_type like 'aws::%' then 'AWS' + else 'Azure' + end as provider, + c.name as cloud_account_name, + c.id as _discovered_provider_id, + r.name as name, + r.region as location, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered + from + og_resources r inner join og_connections c on r.connection_id = c.og_id + where + resource_type IN ('aws::codecommit::repository', 'aws::codedeploy::deploymentgroup') + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + - azure + cloud_service: + - Codecommit + - Codedeploy diff --git a/queries/error_files.log b/queries/error_files.log index 52c6d0a46..ac6c153c2 100644 --- a/queries/error_files.log +++ b/queries/error_files.log @@ -24,13 +24,3 @@ Error processing ./aws_vpc_peering_connection_8.yaml Error processing ./aws_resource_explorer_search_6.yaml Error processing ./aws_availability_zone_2.yaml Error processing ./aws_guardduty_publishing_destination_1.yaml -Error processing ./aws_inspector2_coverage_3.yaml -Error processing ./aws_kms_alias_3.yaml -Error processing ./aws_wellarchitected_share_invitation_6.yaml -Error processing ./aws_iam_server_certificate_1.yaml -Error processing ./aws_accessanalyzer_analyzer_2.yaml -Error processing ./aws_emr_block_public_access_configuration_1.yaml -Error processing ./aws_tagging_resource_1.yaml -Error processing ./aws_s3_object_8.yaml -Error processing ./aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml -Error processing ./aws_securitylake_data_lake_4.yaml diff --git a/queries/error_files.log.bak b/queries/error_files.log.bak new file mode 100644 index 000000000..ac6c153c2 --- /dev/null +++ b/queries/error_files.log.bak @@ -0,0 +1,26 @@ +Error processing ./aws_workspaces_directory_8.yaml +Error processing ./aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml +Error processing ./aws_route53_health_check_5.yaml +Error processing ./aws_wafv2_ip_set_3.yaml +Error processing ./aws_iam_service_specific_credential_2.yaml +Error processing ./aws_securityhub_hub_3.yaml +Error processing ./aws_ecr_repository_2.yaml +Error processing ./aws_glacier_vault_2.yaml +Error processing ./aws_athena_query_execution_3.yaml +Error processing ./aws_wellarchitected_workload_4.yaml +Error processing ./aws_ebs_volume_metric_write_ops_daily_2.yaml +Error processing ./aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml +Error processing ./aws_securitylake_subscriber_4.yaml +Error processing ./17-azure_insight_compute_disk_unattached.yaml +Error processing ./aws_cloudwatch_log_event_5.yaml +Error processing ./aws_ebs_volume_metric_read_ops_1.yaml +Error processing ./aws_eks_addon_3.yaml +Error processing ./aws_vpc_flow_log_event_4.yaml +Error processing ./aws_iot_thing_group_3.yaml +Error processing ./aws_ec2_instance_type_2.yaml +Error processing ./aws_msk_cluster_2.yaml +Error processing ./aws_cloudtrail_import_5.yaml +Error processing ./aws_vpc_peering_connection_8.yaml +Error processing ./aws_resource_explorer_search_6.yaml +Error processing ./aws_availability_zone_2.yaml +Error processing ./aws_guardduty_publishing_destination_1.yaml diff --git a/queries/error_messages.log b/queries/error_messages.log index 6769e53f8..9e850e76d 100644 --- a/queries/error_messages.log +++ b/queries/error_messages.log @@ -1,35 +1,25 @@ -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." -Error: 1:25: invalid input text "if (.Connector |..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." diff --git a/queries/error_messages.log.bak b/queries/error_messages.log.bak new file mode 100644 index 000000000..9e850e76d --- /dev/null +++ b/queries/error_messages.log.bak @@ -0,0 +1,25 @@ +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." +Error: 2:1: invalid input text "if has(\"Connecto..." diff --git a/queries/keys_and_secrets.yaml b/queries/keys_and_secrets.yaml index e80acb1d8..f3f229422 100755 --- a/queries/keys_and_secrets.yaml +++ b/queries/keys_and_secrets.yaml @@ -1,7 +1,7 @@ ID: keys_and_secrets Title: "Keys and Secrets" Description: "" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/keys_and_secrets.yaml.bak b/queries/keys_and_secrets.yaml.bak new file mode 100755 index 000000000..e80acb1d8 --- /dev/null +++ b/queries/keys_and_secrets.yaml.bak @@ -0,0 +1,39 @@ +ID: keys_and_secrets +Title: "Keys and Secrets" +Description: "" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + case + when resource_type like 'aws::%' then 'AWS' + else 'Azure' + end as provider, + c.name as cloud_account_name, + c.id as _discovered_provider_id, + r.name as name, + r.region as location, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered + from + og_resources r inner join og_connections c on r.connection_id = c.og_id + where + resource_type IN ('aws::secretsmanager::secret', 'microsoft.keyvault/vaults', 'microsoft.compute/sshpublickeys', 'aws::ec2::keypair') + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + - azure + cloud_service: + - Secrets Manager + - Key Vault + - EC2 diff --git a/queries/kubernetes_clusters.yaml b/queries/kubernetes_clusters.yaml index 48198f079..6d173e8f6 100755 --- a/queries/kubernetes_clusters.yaml +++ b/queries/kubernetes_clusters.yaml @@ -1,7 +1,7 @@ ID: kubernetes_clusters Title: "List All Kubernetes Clusters with Details" Description: "" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/kubernetes_clusters.yaml.bak b/queries/kubernetes_clusters.yaml.bak new file mode 100755 index 000000000..48198f079 --- /dev/null +++ b/queries/kubernetes_clusters.yaml.bak @@ -0,0 +1,54 @@ +ID: kubernetes_clusters +Title: "List All Kubernetes Clusters with Details" +Description: "" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select c.name as cloud_account_name, c.id as _discovered_provider_id, t.* from ( + (select + 'AWS' as provider, + r.name as name, + r.region as location, + jsonb_path_query(r.description, '$.Cluster.Tags') as _tags, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + jsonb_path_query(r.description, '$.Cluster.PlatformVersion') as kubernetes_version, + r.created_at as _last_discovered + from + og_resources r + where + resource_type = 'aws::eks::cluster') + + union + + (select + 'Azure' as provider, + r.name as vm_name, + r.region as location, + jsonb_path_query(r.description, '$.ManagedCluster.Tags') as _tags, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + jsonb_path_query(r.description, '$.ManagedCluster.Properties.KubernetesVersion') as kubernetes_version, + r.created_at as _last_discovered + from + og_resources r + where + resource_type = 'microsoft.containerservice/managedclusters') + + ) as t inner join og_connections c on t._og_connection_id = c.og_id + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + - azure + cloud_service: + - Kubernetes diff --git a/queries/load_balancers.yaml b/queries/load_balancers.yaml index 65571ffdd..f72a90e3e 100755 --- a/queries/load_balancers.yaml +++ b/queries/load_balancers.yaml @@ -1,7 +1,7 @@ ID: load_balancers Title: "Load Balancers" Description: "Load Balancers" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/load_balancers.yaml.bak b/queries/load_balancers.yaml.bak new file mode 100755 index 000000000..65571ffdd --- /dev/null +++ b/queries/load_balancers.yaml.bak @@ -0,0 +1,40 @@ +ID: load_balancers +Title: "Load Balancers" +Description: "Load Balancers" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + case + when resource_type like 'aws::%' then 'AWS' + else 'Azure' + end as provider, + c.name as cloud_account_name, + c.id as _discovered_provider_id, + r.name as name, + r.region as location, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered, + r.description -> 'LoadBalancer' -> 'Scheme' as scheme + from + og_resources r inner join og_connections c on r.connection_id = c.og_id + where + resource_type IN ('aws::elasticloadbalancing::loadbalancer', 'microsoft.network/loadbalancers', 'microsoft.network/applicationgateways') + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + - azure + cloud_service: + - Elastic Load Balancing + - Azure Load Balancer + - Azure Application Gateway diff --git a/queries/network_&_file_stores.yaml b/queries/network_&_file_stores.yaml index fb71a4f9d..9926765f3 100755 --- a/queries/network_&_file_stores.yaml +++ b/queries/network_&_file_stores.yaml @@ -1,7 +1,7 @@ ID: network_&_file_stores Title: "Network & File Stores" Description: "" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/network_&_file_stores.yaml.bak b/queries/network_&_file_stores.yaml.bak new file mode 100755 index 000000000..fb71a4f9d --- /dev/null +++ b/queries/network_&_file_stores.yaml.bak @@ -0,0 +1,34 @@ +ID: network_&_file_stores +Title: "Network & File Stores" +Description: "" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + case + when resource_type like 'aws::%' then 'AWS' + else 'Azure' + end as provider, + c.name as cloud_account_name, + c.id as _discovered_provider_id, + r.name as name, + r.region as location, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered + from + og_resources r inner join og_connections c on r.connection_id = c.og_id + where + resource_type IN ('aws::fsx::filesystem', 'aws::efs::filesystem') + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws diff --git a/queries/object_stores.yaml b/queries/object_stores.yaml index f999a5050..b7ba40986 100755 --- a/queries/object_stores.yaml +++ b/queries/object_stores.yaml @@ -1,7 +1,7 @@ ID: object_stores Title: "Object Stores" Description: "Object Stores" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/object_stores.yaml.bak b/queries/object_stores.yaml.bak new file mode 100755 index 000000000..f999a5050 --- /dev/null +++ b/queries/object_stores.yaml.bak @@ -0,0 +1,39 @@ +ID: object_stores +Title: "Object Stores" +Description: "Object Stores" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + case + when resource_type like 'aws::%' then 'AWS' + else 'Azure' + end as provider, + c.name as cloud_account_name, + c.id as _discovered_provider_id, + r.name as name, + r.region as location, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered + from + og_resources r inner join og_connections c on r.connection_id = c.og_id + where + resource_type IN ('aws::s3::bucket', 'aws::glacier::vault', 'microsoft.storage/storageaccounts') + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + - azure + cloud_service: + - S3 + - Glacier + - Storage Accounts diff --git a/queries/processed_files.log.bak b/queries/processed_files.log.bak new file mode 100644 index 000000000..e69de29bb diff --git a/queries/server_workload.yaml b/queries/server_workload.yaml index fe65825b4..665c5dfba 100755 --- a/queries/server_workload.yaml +++ b/queries/server_workload.yaml @@ -1,7 +1,7 @@ ID: server_workload Title: "List Cloud VM Workloads for AWS and Azure" Description: "List Cloud VM Workloads for AWS and Azure" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/server_workload.yaml.bak b/queries/server_workload.yaml.bak new file mode 100755 index 000000000..fe65825b4 --- /dev/null +++ b/queries/server_workload.yaml.bak @@ -0,0 +1,61 @@ +ID: server_workload +Title: "List Cloud VM Workloads for AWS and Azure" +Description: "List Cloud VM Workloads for AWS and Azure" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select c.name as cloud_account_name, c.id as _discovered_provider_id, t.* from ( + (select + 'AWS' as provider, + r.name as vm_name, + r.region as location, + jsonb_path_query(r.description, '$.Instance.InstanceType') as instance_size, + jsonb_path_query(r.description, '$.Instance.NetworkInterfaces[*].PrivateIpAddress') as private_ip, + jsonb_path_query(r.description, '$.Instance.PlatformDetails') as platform, + jsonb_path_query(r.description, '$.InstanceStatus.InstanceState.Name') as state, + jsonb_path_query(r.description, '$.Instance.Tags') as _tags, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered + from + og_resources r + where + resource_type = 'aws::ec2::instance') + + union + + (select + 'Azure' as provider, + r.name as vm_name, + r.region as location, + jsonb_path_query(r.description, '$.VirtualMachine.Properties.HardwareProfile.VMSize') as instance_size, + jsonb_path_query(r.description, '$.InterfaceIPConfigurations[*].Properties.PrivateIPAddress') as private_ip, + jsonb_path_query(r.description, '$.VirtualMachineInstanceView.OSName') as platform, + jsonb_path_query(r.description, '$.VirtualMachineInstanceView.Statuses') as state, + jsonb_path_query(r.description, '$.VirtualMachine.Tags') as _tags, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered + from + og_resources r + where + resource_type = 'microsoft.compute/virtualmachines') + + ) as t inner join og_connections c on t._og_connection_id = c.og_id + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + - azure + cloud_service: + - EC2 + - Virtual Machines diff --git a/queries/snapshots_&_backup_media.yaml b/queries/snapshots_&_backup_media.yaml index 06039fc0b..ee9af0144 100755 --- a/queries/snapshots_&_backup_media.yaml +++ b/queries/snapshots_&_backup_media.yaml @@ -1,7 +1,7 @@ ID: snapshots_&_backup_media Title: "Snapshots and Backup Resources by Cloud Account" Description: "Snapshots and Backup Resources by Cloud Account" -Connector: +IntegrationTypeName: - aws - azure Query: diff --git a/queries/snapshots_&_backup_media.yaml.bak b/queries/snapshots_&_backup_media.yaml.bak new file mode 100755 index 000000000..06039fc0b --- /dev/null +++ b/queries/snapshots_&_backup_media.yaml.bak @@ -0,0 +1,39 @@ +ID: snapshots_&_backup_media +Title: "Snapshots and Backup Resources by Cloud Account" +Description: "Snapshots and Backup Resources by Cloud Account" +Connector: +- aws +- azure +Query: + Engine: CloudQL-v0.0.1 + QueryToExecute: |- + select + case + when resource_type like 'aws::%' then 'AWS' + else 'Azure' + end as provider, + c.name as cloud_account_name, + c.id as _discovered_provider_id, + r.name as name, + r.region as location, + r.connection_id as _og_connection_id, + r.resource_id as _resource_id, + r.resource_type as _resource_type, + r.created_at as _last_discovered + from + og_resources r inner join og_connections c on r.connection_id = c.og_id + where + resource_type IN ('aws::ec2::image', 'aws::elasticache::cluster', 'aws::rds::dbsnapshot') + PrimaryTable: null + ListOfTables: [] + Parameters: [] +Tags: + cloud_asset_management: + - "true" + cloud_provider: + - aws + - azure + cloud_service: + - EC2 + - Elasticache + - RDS From 4d1ece09723d78adb11c37a193c26d79ab5ffb58 Mon Sep 17 00:00:00 2001 From: Anil Chandra <120965339+acx1729@users.noreply.github.com> Date: Sun, 10 Nov 2024 13:51:00 -0500 Subject: [PATCH 2/4] updating to integrations --- ...lambda_function_not_cmk_encrypted.yaml.bak | 22 ----- ...ate_transparency_logging_disabled.yaml.bak | 21 ----- ...s_insight_acm_certificate_expired.yaml.bak | 22 ----- ...ight_ebs_snapshot_older_than_year.yaml.bak | 17 ---- ...insight_ec2_classic_load_balancer.yaml.bak | 21 ----- ...lb_classic_lb_use_ssl_certificate.yaml.bak | 45 ----------- ...ht_elb_application_lb_waf_enabled.yaml.bak | 31 ------- ...-aws_insight_vpc_with_public_cidr.yaml.bak | 29 ------- ...e_insight_compute_disk_unattached.yaml.bak | 23 ------ ...sight_compute_disk_unattached.yaml.bak.bak | 23 ------ ...e_disk_unavailable_in_multiple_az.yaml.bak | 26 ------ ...k_not_encrypted_with_customer_key.yaml.bak | 27 ------- ...etention_period_less_than_30_days.yaml.bak | 29 ------- ..._with_disabled_automatic_failover.yaml.bak | 24 ------ ...ic_from_all_networks_and_internet.yaml.bak | 24 ------ ...y_vault_with_disabled_soft_delete.yaml.bak | 26 ------ ...rnetes_cluster_with_rbac_disabled.yaml.bak | 27 ------- ...es_cluster_with_undesired_version.yaml.bak | 31 ------- queries/25-azure_insight_lb_failed.yaml.bak | 27 ------- ...ithout_managed_disk_configuration.yaml.bak | 25 ------ ..._minimum_ssl_older_than_1_point_2.yaml.bak | 26 ------ ..._virtual_network_with_public_cidr.yaml.bak | 30 ------- ...e_account_with_public_blob_access.yaml.bak | 24 ------ ..._function_with_unsupported_engine.yaml.bak | 20 ----- ...ction_with_unsupported_engine.yaml.bak.bak | 20 ----- ...th_disabled_encryption_in_transit.yaml.bak | 24 ------ ...emote_access_restricted_all_ports.yaml.bak | 48 ----------- ...e_access_restricted_all_ports.yaml.bak.bak | 48 ----------- ...t_loadbalancer_classic_no_logging.yaml.bak | 25 ------ ...adbalancer_application_no_logging.yaml.bak | 28 ------- ...t_loadbalancer_network_no_logging.yaml.bak | 28 ------- ...ctionapp_with_unsupported_runtime.yaml.bak | 63 --------------- .../36-aws_insight_deprecated_eks.yaml.bak | 19 ----- ...nsight_legacy_application_gateway.yaml.bak | 19 ----- ...re_insight_legacy_virtual_machine.yaml.bak | 21 ----- ...-aws_insight_legacy_rds_instances.yaml.bak | 19 ----- ...ws_insight_ebs_volume_unencrypted.yaml.bak | 24 ------ ...sight_accounts_without_cloudtrail.yaml.bak | 21 ----- ...s_insight_root_login_last_90_days.yaml.bak | 20 ----- ...ight_account_with_root_access_key.yaml.bak | 20 ----- ..._insight_account_without_root_mfa.yaml.bak | 20 ----- ..._account_with_many_saml_providers.yaml.bak | 25 ------ ...5-aws_insight_account_without_mfa.yaml.bak | 19 ----- ...ght_account_with_key_and_password.yaml.bak | 19 ----- ...s_insight_account_with_unused_key.yaml.bak | 19 ----- ...ws_insight_iam_user_with_old_keys.yaml.bak | 19 ----- ...nsight_iam_user_with_old_password.yaml.bak | 19 ----- ...aws_insight_ebs_volume_unattached.yaml.bak | 21 ----- ...ht_ec2_instance_of_undesired_type.yaml.bak | 19 ----- ...nsight_iam_user_with_admin_access.yaml.bak | 21 ----- ...ht_iam_user_with_admin_access.yaml.bak.bak | 21 ----- ...nsight_iam_user_with_mfa_disabled.yaml.bak | 24 ------ ...ght_iam_user_with_inline_policies.yaml.bak | 23 ------ queries/ai_workload.yaml.bak | 41 ---------- queries/autoscaling_workload.yaml.bak | 39 --------- .../aws_accessanalyzer_analyzer_1.yaml.bak | 28 ------- .../aws_accessanalyzer_analyzer_2.yaml.bak | 30 ------- ...aws_accessanalyzer_analyzer_2.yaml.bak.bak | 30 ------- .../aws_accessanalyzer_analyzer_3.yaml.bak | 30 ------- queries/aws_accessanalyzer_finding_1.yaml.bak | 27 ------- .../aws_accessanalyzer_finding_1.yaml.bak.bak | 27 ------- queries/aws_accessanalyzer_finding_2.yaml.bak | 28 ------- queries/aws_accessanalyzer_finding_3.yaml.bak | 27 ------- queries/aws_accessanalyzer_finding_4.yaml.bak | 27 ------- queries/aws_account_1.yaml.bak | 27 ------- queries/aws_account_2.yaml.bak | 27 ------- queries/aws_account_2.yaml.bak.bak | 27 ------- .../aws_account_alternate_contact_1.yaml.bak | 29 ------- .../aws_account_alternate_contact_2.yaml.bak | 31 ------- .../aws_account_alternate_contact_3.yaml.bak | 31 ------- .../aws_account_alternate_contact_4.yaml.bak | 32 -------- queries/aws_account_contact_1.yaml.bak | 30 ------- queries/aws_account_contact_2.yaml.bak | 30 ------- queries/aws_acm_certificate_1.yaml.bak | 29 ------- queries/aws_acm_certificate_2.yaml.bak | 26 ------ queries/aws_acm_certificate_3.yaml.bak | 28 ------- queries/aws_acm_certificate_4.yaml.bak | 27 ------- ...ws_acmpca_certificate_authority_1.yaml.bak | 30 ------- ...ws_acmpca_certificate_authority_2.yaml.bak | 36 --------- ...ws_acmpca_certificate_authority_3.yaml.bak | 27 ------- ...ws_acmpca_certificate_authority_4.yaml.bak | 29 ------- queries/aws_amplify_app_1.yaml.bak | 28 ------- queries/aws_amplify_app_2.yaml.bak | 30 ------- queries/aws_amplify_app_3.yaml.bak | 28 ------- queries/aws_amplify_app_4.yaml.bak | 26 ------ queries/aws_amplify_app_5.yaml.bak | 31 ------- queries/aws_amplify_app_6.yaml.bak | 30 ------- queries/aws_amplify_app_6.yaml.bak.bak | 30 ------- queries/aws_amplify_app_7.yaml.bak | 29 ------- queries/aws_api_gateway_api_key_1.yaml.bak | 30 ------- queries/aws_api_gateway_api_key_2.yaml.bak | 28 ------- queries/aws_api_gateway_authorizer_1.yaml.bak | 30 ------- queries/aws_api_gateway_authorizer_2.yaml.bak | 29 ------- .../aws_api_gateway_domain_name_1.yaml.bak | 27 ------- .../aws_api_gateway_domain_name_2.yaml.bak | 30 ------- .../aws_api_gateway_domain_name_3.yaml.bak | 33 -------- .../aws_api_gateway_domain_name_4.yaml.bak | 24 ------ .../aws_api_gateway_domain_name_5.yaml.bak | 27 ------- queries/aws_api_gateway_method_1.yaml.bak | 28 ------- queries/aws_api_gateway_method_2.yaml.bak | 27 ------- queries/aws_api_gateway_method_3.yaml.bak | 31 ------- queries/aws_api_gateway_method_4.yaml.bak | 41 ---------- queries/aws_api_gateway_rest_api_1.yaml.bak | 28 ------- queries/aws_api_gateway_rest_api_2.yaml.bak | 29 ------- queries/aws_api_gateway_rest_api_3.yaml.bak | 30 ------- queries/aws_api_gateway_rest_api_4.yaml.bak | 36 --------- queries/aws_api_gateway_rest_api_5.yaml.bak | 34 -------- queries/aws_api_gateway_stage_1.yaml.bak | 25 ------ queries/aws_api_gateway_stage_2.yaml.bak | 29 ------- queries/aws_api_gateway_stage_3.yaml.bak | 25 ------ queries/aws_api_gateway_stage_4.yaml.bak | 29 ------- queries/aws_api_gateway_usage_plan_1.yaml.bak | 26 ------ queries/aws_api_gateway_usage_plan_2.yaml.bak | 26 ------ queries/aws_api_gateway_usage_plan_3.yaml.bak | 28 ------- .../aws_api_gateway_usage_plan_3.yaml.bak.bak | 28 ------- queries/aws_api_gatewayv2_api_1.yaml.bak | 29 ------- queries/aws_api_gatewayv2_api_2.yaml.bak | 26 ------ queries/aws_api_gatewayv2_api_3.yaml.bak | 26 ------ .../aws_api_gatewayv2_domain_name_1.yaml.bak | 28 ------- .../aws_api_gatewayv2_domain_name_2.yaml.bak | 28 ------- .../aws_api_gatewayv2_domain_name_3.yaml.bak | 37 --------- .../aws_api_gatewayv2_domain_name_4.yaml.bak | 27 ------- .../aws_api_gatewayv2_domain_name_5.yaml.bak | 32 -------- .../aws_api_gatewayv2_integration_1.yaml.bak | 28 ------- ...s_api_gatewayv2_integration_1.yaml.bak.bak | 28 ------- .../aws_api_gatewayv2_integration_2.yaml.bak | 25 ------ queries/aws_api_gatewayv2_route_1.yaml.bak | 26 ------ queries/aws_api_gatewayv2_route_2.yaml.bak | 26 ------ queries/aws_api_gatewayv2_route_3.yaml.bak | 28 ------- queries/aws_api_gatewayv2_stage_1.yaml.bak | 28 ------- queries/aws_api_gatewayv2_stage_2.yaml.bak | 27 ------- queries/aws_api_gatewayv2_stage_3.yaml.bak | 27 ------- queries/aws_api_gatewayv2_stage_4.yaml.bak | 27 ------- queries/aws_app_runner_service_1.yaml.bak | 30 ------- queries/aws_app_runner_service_2.yaml.bak | 28 ------- queries/aws_app_runner_service_3.yaml.bak | 28 ------- queries/aws_app_runner_service_4.yaml.bak | 30 ------- queries/aws_app_runner_service_5.yaml.bak | 26 ------ queries/aws_app_runner_service_6.yaml.bak | 24 ------ queries/aws_appautoscaling_policy_1.yaml.bak | 28 ------- .../aws_appautoscaling_policy_1.yaml.bak.bak | 28 ------- queries/aws_appautoscaling_policy_2.yaml.bak | 26 ------ queries/aws_appautoscaling_policy_3.yaml.bak | 28 ------- queries/aws_appautoscaling_policy_4.yaml.bak | 28 ------- queries/aws_appautoscaling_policy_5.yaml.bak | 29 ------- queries/aws_appautoscaling_target_1.yaml.bak | 27 ------- queries/aws_appautoscaling_target_2.yaml.bak | 29 ------- queries/aws_appconfig_application_1.yaml.bak | 26 ------ queries/aws_appstream_fleet_1.yaml.bak | 32 -------- queries/aws_appstream_fleet_1.yaml.bak.bak | 32 -------- queries/aws_appstream_fleet_10.yaml.bak | 30 ------- queries/aws_appstream_fleet_2.yaml.bak | 32 -------- queries/aws_appstream_fleet_3.yaml.bak | 32 -------- queries/aws_appstream_fleet_4.yaml.bak | 31 ------- queries/aws_appstream_fleet_5.yaml.bak | 35 -------- queries/aws_appstream_fleet_6.yaml.bak | 29 ------- queries/aws_appstream_fleet_7.yaml.bak | 26 ------ queries/aws_appstream_fleet_8.yaml.bak | 27 ------- queries/aws_appstream_fleet_9.yaml.bak | 27 ------- queries/aws_appstream_image_1.yaml.bak | 31 ------- queries/aws_appstream_image_2.yaml.bak | 28 ------- queries/aws_appstream_image_3.yaml.bak | 31 ------- queries/aws_appstream_image_4.yaml.bak | 31 ------- queries/aws_appstream_image_5.yaml.bak | 29 ------- queries/aws_appstream_image_6.yaml.bak | 40 --------- queries/aws_appstream_image_7.yaml.bak | 27 ------- queries/aws_appstream_image_7.yaml.bak.bak | 27 ------- queries/aws_appstream_image_8.yaml.bak | 29 ------- queries/aws_appsync_graphql_api_1.yaml.bak | 30 ------- queries/aws_appsync_graphql_api_2.yaml.bak | 28 ------- queries/aws_appsync_graphql_api_3.yaml.bak | 27 ------- queries/aws_athena_query_execution_1.yaml.bak | 27 ------- queries/aws_athena_query_execution_2.yaml.bak | 25 ------ queries/aws_athena_query_execution_3.yaml.bak | 29 ------- .../aws_athena_query_execution_3.yaml.bak.bak | 29 ------- queries/aws_athena_query_execution_4.yaml.bak | 27 ------- queries/aws_athena_workgroup_1.yaml.bak | 28 ------- queries/aws_athena_workgroup_2.yaml.bak | 25 ------ queries/aws_athena_workgroup_2.yaml.bak.bak | 25 ------ queries/aws_athena_workgroup_3.yaml.bak | 25 ------ queries/aws_athena_workgroup_4.yaml.bak | 26 ------ .../aws_auditmanager_assessment_1.yaml.bak | 25 ------ .../aws_auditmanager_assessment_2.yaml.bak | 31 ------- .../aws_auditmanager_assessment_3.yaml.bak | 28 ------- queries/aws_auditmanager_control_1.yaml.bak | 25 ------ queries/aws_auditmanager_control_2.yaml.bak | 28 ------- queries/aws_auditmanager_evidence_1.yaml.bak | 27 ------- queries/aws_auditmanager_evidence_2.yaml.bak | 29 ------- ...ws_auditmanager_evidence_folder_1.yaml.bak | 28 ------- ...ws_auditmanager_evidence_folder_2.yaml.bak | 25 ------ queries/aws_auditmanager_framework_1.yaml.bak | 25 ------ queries/aws_auditmanager_framework_2.yaml.bak | 27 ------- queries/aws_availability_zone_1.yaml.bak | 26 ------ queries/aws_availability_zone_2.yaml.bak | 27 ------- queries/aws_availability_zone_2.yaml.bak.bak | 27 ------- queries/aws_availability_zone_3.yaml.bak | 27 ------- queries/aws_backup_framework_1.yaml.bak | 33 -------- queries/aws_backup_framework_2.yaml.bak | 29 ------- queries/aws_backup_framework_3.yaml.bak | 25 ------ queries/aws_backup_framework_4.yaml.bak | 28 ------- queries/aws_backup_framework_5.yaml.bak | 49 ----------- queries/aws_backup_framework_6.yaml.bak | 50 ------------ queries/aws_backup_job_1.yaml.bak | 25 ------ queries/aws_backup_job_1.yaml.bak.bak | 25 ------ queries/aws_backup_job_2.yaml.bak | 31 ------- queries/aws_backup_job_3.yaml.bak | 25 ------ queries/aws_backup_legal_hold_1.yaml.bak | 27 ------- queries/aws_backup_legal_hold_2.yaml.bak | 34 -------- queries/aws_backup_legal_hold_3.yaml.bak | 27 ------- queries/aws_backup_legal_hold_3.yaml.bak.bak | 27 ------- queries/aws_backup_plan_1.yaml.bak | 30 ------- queries/aws_backup_plan_2.yaml.bak | 32 -------- queries/aws_backup_plan_3.yaml.bak | 31 ------- .../aws_backup_protected_resource_1.yaml.bak | 24 ------ .../aws_backup_protected_resource_2.yaml.bak | 28 ------- queries/aws_backup_recovery_point_1.yaml.bak | 25 ------ queries/aws_backup_recovery_point_2.yaml.bak | 30 ------- queries/aws_backup_recovery_point_3.yaml.bak | 41 ---------- queries/aws_backup_report_plan_1.yaml.bak | 28 ------- queries/aws_backup_report_plan_2.yaml.bak | 32 -------- queries/aws_backup_report_plan_3.yaml.bak | 30 ------- queries/aws_backup_report_plan_4.yaml.bak | 34 -------- queries/aws_backup_report_plan_5.yaml.bak | 28 ------- queries/aws_backup_report_plan_6.yaml.bak | 31 ------- queries/aws_backup_selection_1.yaml.bak | 26 ------ queries/aws_backup_selection_2.yaml.bak | 34 -------- queries/aws_backup_selection_2.yaml.bak.bak | 34 -------- queries/aws_backup_vault_1.yaml.bak | 24 ------ queries/aws_backup_vault_2.yaml.bak | 30 ------- queries/aws_backup_vault_2.yaml.bak.bak | 30 ------- queries/aws_backup_vault_3.yaml.bak | 29 ------- queries/aws_backup_vault_4.yaml.bak | 26 ------ queries/aws_cloudcontrol_resource_1.yaml.bak | 30 ------- queries/aws_cloudcontrol_resource_2.yaml.bak | 32 -------- queries/aws_cloudcontrol_resource_3.yaml.bak | 29 ------- .../aws_cloudcontrol_resource_3.yaml.bak.bak | 29 ------- queries/aws_cloudcontrol_resource_4.yaml.bak | 29 ------- queries/aws_cloudformation_stack_1.yaml.bak | 26 ------ queries/aws_cloudformation_stack_2.yaml.bak | 25 ------ .../aws_cloudformation_stack_2.yaml.bak.bak | 25 ------ queries/aws_cloudformation_stack_3.yaml.bak | 25 ------ queries/aws_cloudformation_stack_4.yaml.bak | 26 ------ queries/aws_cloudformation_stack_5.yaml.bak | 25 ------ ...s_cloudformation_stack_resource_1.yaml.bak | 28 ------- ...s_cloudformation_stack_resource_2.yaml.bak | 29 ------- ...s_cloudformation_stack_resource_3.yaml.bak | 32 -------- ...s_cloudformation_stack_resource_4.yaml.bak | 28 ------- ...s_cloudformation_stack_resource_5.yaml.bak | 27 ------- .../aws_cloudformation_stack_set_1.yaml.bak | 26 ------ .../aws_cloudformation_stack_set_2.yaml.bak | 30 ------- .../aws_cloudformation_stack_set_3.yaml.bak | 30 ------- .../aws_cloudformation_stack_set_4.yaml.bak | 31 ------- .../aws_cloudfront_cache_policy_1.yaml.bak | 29 ------- .../aws_cloudfront_cache_policy_2.yaml.bak | 28 ------- .../aws_cloudfront_cache_policy_3.yaml.bak | 26 ------ .../aws_cloudfront_distribution_1.yaml.bak | 31 ------- .../aws_cloudfront_distribution_2.yaml.bak | 29 ------- .../aws_cloudfront_distribution_3.yaml.bak | 27 ------- .../aws_cloudfront_distribution_4.yaml.bak | 31 ------- ...aws_cloudfront_distribution_4.yaml.bak.bak | 31 ------- .../aws_cloudfront_distribution_5.yaml.bak | 32 -------- .../aws_cloudfront_distribution_6.yaml.bak | 30 ------- queries/aws_cloudfront_function_1.yaml.bak | 26 ------ .../aws_cloudfront_function_1.yaml.bak.bak | 26 ------ queries/aws_cloudfront_function_2.yaml.bak | 28 ------- queries/aws_cloudfront_function_3.yaml.bak | 29 ------- queries/aws_cloudfront_function_4.yaml.bak | 30 ------- ...oudfront_origin_access_identity_1.yaml.bak | 28 ------- ...oudfront_origin_access_identity_2.yaml.bak | 27 ------- ...ront_origin_access_identity_2.yaml.bak.bak | 27 ------- ...loudfront_origin_request_policy_1.yaml.bak | 26 ------ ...loudfront_origin_request_policy_2.yaml.bak | 25 ------ ...udfront_response_headers_policy_1.yaml.bak | 26 ------ ...udfront_response_headers_policy_2.yaml.bak | 28 ------- ...udfront_response_headers_policy_3.yaml.bak | 28 ------- ...ont_response_headers_policy_3.yaml.bak.bak | 28 ------- queries/aws_cloudsearch_domain_1.yaml.bak | 27 ------- queries/aws_cloudsearch_domain_2.yaml.bak | 28 ------- queries/aws_cloudsearch_domain_3.yaml.bak | 26 ------ queries/aws_cloudtrail_channel_1.yaml.bak | 27 ------- queries/aws_cloudtrail_channel_2.yaml.bak | 30 ------- queries/aws_cloudtrail_channel_3.yaml.bak | 25 ------ ...aws_cloudtrail_event_data_store_1.yaml.bak | 30 ------- ...aws_cloudtrail_event_data_store_2.yaml.bak | 34 -------- ...aws_cloudtrail_event_data_store_3.yaml.bak | 34 -------- queries/aws_cloudtrail_import_1.yaml.bak | 25 ------ queries/aws_cloudtrail_import_2.yaml.bak | 26 ------ queries/aws_cloudtrail_import_3.yaml.bak | 28 ------- queries/aws_cloudtrail_import_4.yaml.bak | 26 ------ queries/aws_cloudtrail_import_5.yaml.bak | 28 ------- queries/aws_cloudtrail_import_5.yaml.bak.bak | 28 ------- .../aws_cloudtrail_lookup_event_1.yaml.bak | 33 -------- .../aws_cloudtrail_lookup_event_2.yaml.bak | 34 -------- .../aws_cloudtrail_lookup_event_3.yaml.bak | 30 ------- queries/aws_cloudtrail_query_1.yaml.bak | 30 ------- queries/aws_cloudtrail_query_2.yaml.bak | 29 ------- queries/aws_cloudtrail_query_3.yaml.bak | 35 -------- queries/aws_cloudtrail_query_3.yaml.bak.bak | 35 -------- queries/aws_cloudtrail_query_4.yaml.bak | 31 ------- queries/aws_cloudtrail_trail_1.yaml.bak | 26 ------ queries/aws_cloudtrail_trail_2.yaml.bak | 27 ------- queries/aws_cloudtrail_trail_3.yaml.bak | 29 ------- queries/aws_cloudtrail_trail_4.yaml.bak | 27 ------- queries/aws_cloudtrail_trail_5.yaml.bak | 27 ------- queries/aws_cloudtrail_trail_6.yaml.bak | 26 ------ queries/aws_cloudtrail_trail_7.yaml.bak | 28 ------- queries/aws_cloudtrail_trail_7.yaml.bak.bak | 28 ------- queries/aws_cloudtrail_trail_event_1.yaml.bak | 35 -------- queries/aws_cloudtrail_trail_event_2.yaml.bak | 35 -------- .../aws_cloudtrail_trail_event_2.yaml.bak.bak | 35 -------- queries/aws_cloudtrail_trail_event_3.yaml.bak | 38 --------- queries/aws_cloudtrail_trail_event_4.yaml.bak | 36 --------- queries/aws_cloudtrail_trail_event_5.yaml.bak | 35 -------- queries/aws_cloudtrail_trail_event_6.yaml.bak | 37 --------- queries/aws_cloudtrail_trail_event_7.yaml.bak | 37 --------- queries/aws_cloudtrail_trail_event_8.yaml.bak | 39 --------- queries/aws_cloudtrail_trail_event_9.yaml.bak | 39 --------- queries/aws_cloudwatch_alarm_1.yaml.bak | 30 ------- queries/aws_cloudwatch_alarm_2.yaml.bak | 27 ------- queries/aws_cloudwatch_alarm_3.yaml.bak | 26 ------ queries/aws_cloudwatch_alarm_4.yaml.bak | 29 ------- queries/aws_cloudwatch_alarm_5.yaml.bak | 31 ------- queries/aws_cloudwatch_log_event_1.yaml.bak | 32 -------- queries/aws_cloudwatch_log_event_2.yaml.bak | 32 -------- queries/aws_cloudwatch_log_event_3.yaml.bak | 33 -------- queries/aws_cloudwatch_log_event_4.yaml.bak | 35 -------- queries/aws_cloudwatch_log_event_5.yaml.bak | 34 -------- .../aws_cloudwatch_log_event_5.yaml.bak.bak | 34 -------- queries/aws_cloudwatch_log_event_6.yaml.bak | 33 -------- queries/aws_cloudwatch_log_group_1.yaml.bak | 29 ------- queries/aws_cloudwatch_log_group_2.yaml.bak | 27 ------- queries/aws_cloudwatch_log_group_3.yaml.bak | 27 ------- queries/aws_cloudwatch_log_group_4.yaml.bak | 32 -------- queries/aws_cloudwatch_log_group_5.yaml.bak | 28 ------- ...ws_cloudwatch_log_metric_filter_1.yaml.bak | 30 ------- ...ws_cloudwatch_log_metric_filter_2.yaml.bak | 26 ------ ...loudwatch_log_metric_filter_2.yaml.bak.bak | 26 ------ ...ws_cloudwatch_log_metric_filter_3.yaml.bak | 27 ------- ..._cloudwatch_log_resource_policy_1.yaml.bak | 25 ------ queries/aws_cloudwatch_log_stream_1.yaml.bak | 26 ------ queries/aws_cloudwatch_log_stream_2.yaml.bak | 25 ------ ...udwatch_log_subscription_filter_1.yaml.bak | 26 ------ ...udwatch_log_subscription_filter_2.yaml.bak | 26 ------ ...udwatch_log_subscription_filter_3.yaml.bak | 27 ------- queries/aws_cloudwatch_metric_1.yaml.bak | 26 ------ queries/aws_cloudwatch_metric_2.yaml.bak | 26 ------ queries/aws_cloudwatch_metric_3.yaml.bak | 27 ------- queries/aws_cloudwatch_metric_3.yaml.bak.bak | 27 ------- queries/aws_cloudwatch_metric_4.yaml.bak | 28 ------- queries/aws_cloudwatch_metric_5.yaml.bak | 29 ------- ...ws_cloudwatch_metric_data_point_1.yaml.bak | 34 -------- ...ws_cloudwatch_metric_data_point_2.yaml.bak | 32 -------- ...loudwatch_metric_data_point_2.yaml.bak.bak | 32 -------- ...ws_cloudwatch_metric_data_point_3.yaml.bak | 48 ----------- ...ws_cloudwatch_metric_data_point_4.yaml.bak | 45 ----------- ...ws_cloudwatch_metric_data_point_5.yaml.bak | 43 ---------- ...ws_cloudwatch_metric_data_point_6.yaml.bak | 49 ----------- ...tch_metric_statistic_data_point_1.yaml.bak | 35 -------- ...tch_metric_statistic_data_point_2.yaml.bak | 34 -------- ...tch_metric_statistic_data_point_3.yaml.bak | 37 --------- ...tch_metric_statistic_data_point_4.yaml.bak | 34 -------- ...tch_metric_statistic_data_point_5.yaml.bak | 36 --------- ...tch_metric_statistic_data_point_6.yaml.bak | 34 -------- ...tch_metric_statistic_data_point_7.yaml.bak | 35 -------- queries/aws_codeartifact_domain_1.yaml.bak | 29 ------- queries/aws_codeartifact_domain_2.yaml.bak | 34 -------- queries/aws_codeartifact_domain_3.yaml.bak | 30 ------- queries/aws_codeartifact_domain_4.yaml.bak | 37 --------- .../aws_codeartifact_domain_4.yaml.bak.bak | 37 --------- queries/aws_codeartifact_domain_5.yaml.bak | 30 ------- queries/aws_codeartifact_domain_6.yaml.bak | 28 ------- queries/aws_codeartifact_domain_7.yaml.bak | 30 ------- .../aws_codeartifact_repository_1.yaml.bak | 28 ------- .../aws_codeartifact_repository_2.yaml.bak | 28 ------- .../aws_codeartifact_repository_3.yaml.bak | 37 --------- .../aws_codeartifact_repository_4.yaml.bak | 28 ------- queries/aws_codebuild_build_1.yaml.bak | 32 -------- queries/aws_codebuild_build_10.yaml.bak | 33 -------- queries/aws_codebuild_build_10.yaml.bak.bak | 33 -------- queries/aws_codebuild_build_11.yaml.bak | 30 ------- queries/aws_codebuild_build_2.yaml.bak | 26 ------ queries/aws_codebuild_build_2.yaml.bak.bak | 26 ------ queries/aws_codebuild_build_3.yaml.bak | 29 ------- queries/aws_codebuild_build_4.yaml.bak | 26 ------ queries/aws_codebuild_build_5.yaml.bak | 29 ------- queries/aws_codebuild_build_6.yaml.bak | 32 -------- queries/aws_codebuild_build_7.yaml.bak | 35 -------- queries/aws_codebuild_build_8.yaml.bak | 24 ------ queries/aws_codebuild_build_9.yaml.bak | 29 ------- queries/aws_codebuild_project_1.yaml.bak | 32 -------- queries/aws_codebuild_project_2.yaml.bak | 33 -------- queries/aws_codebuild_project_3.yaml.bak | 28 ------- queries/aws_codebuild_project_4.yaml.bak | 30 ------- queries/aws_codebuild_project_5.yaml.bak | 28 ------- ...aws_codebuild_source_credential_1.yaml.bak | 25 ------ ...aws_codebuild_source_credential_2.yaml.bak | 31 ------- queries/aws_codecommit_repository_1.yaml.bak | 28 ------- queries/aws_codedeploy_app_1.yaml.bak | 27 ------- queries/aws_codedeploy_app_1.yaml.bak.bak | 27 ------- queries/aws_codedeploy_app_2.yaml.bak | 25 ------ queries/aws_codedeploy_app_3.yaml.bak | 28 ------- ...ws_codedeploy_deployment_config_1.yaml.bak | 29 ------- ...ws_codedeploy_deployment_config_2.yaml.bak | 27 ------- ...ws_codedeploy_deployment_config_3.yaml.bak | 29 ------- ...ws_codedeploy_deployment_config_4.yaml.bak | 30 ------- ...ws_codedeploy_deployment_config_5.yaml.bak | 28 ------- ...ws_codedeploy_deployment_config_6.yaml.bak | 30 ------- ...aws_codedeploy_deployment_group_1.yaml.bak | 29 ------- ...aws_codedeploy_deployment_group_2.yaml.bak | 25 ------ ...aws_codedeploy_deployment_group_3.yaml.bak | 26 ------ ...aws_codedeploy_deployment_group_4.yaml.bak | 27 ------- ...aws_codedeploy_deployment_group_5.yaml.bak | 29 ------- ...aws_codedeploy_deployment_group_6.yaml.bak | 31 ------- ...codedeploy_deployment_group_6.yaml.bak.bak | 31 ------- ...aws_codedeploy_deployment_group_7.yaml.bak | 27 ------- queries/aws_codepipeline_pipeline_1.yaml.bak | 26 ------ queries/aws_codepipeline_pipeline_2.yaml.bak | 28 ------- .../aws_codestar_notification_rule_1.yaml.bak | 25 ------ .../aws_codestar_notification_rule_2.yaml.bak | 25 ------ .../aws_codestar_notification_rule_3.yaml.bak | 26 ------ .../aws_codestar_notification_rule_4.yaml.bak | 28 ------- .../aws_codestar_notification_rule_5.yaml.bak | 38 --------- queries/aws_cognito_identity_pool_1.yaml.bak | 28 ------- queries/aws_cognito_identity_pool_2.yaml.bak | 28 ------- queries/aws_cognito_identity_pool_3.yaml.bak | 28 ------- queries/aws_cognito_identity_pool_4.yaml.bak | 31 ------- .../aws_cognito_identity_provider_1.yaml.bak | 29 ------- .../aws_cognito_identity_provider_2.yaml.bak | 27 ------- queries/aws_cognito_user_pool_1.yaml.bak | 29 ------- queries/aws_cognito_user_pool_2.yaml.bak | 28 ------- ..._config_aggregate_authorization_1.yaml.bak | 27 ------- ...s_config_configuration_recorder_1.yaml.bak | 28 ------- ...s_config_configuration_recorder_2.yaml.bak | 29 ------- ...s_config_configuration_recorder_3.yaml.bak | 28 ------- .../aws_config_conformance_pack_1.yaml.bak | 27 ------- ...aws_config_conformance_pack_1.yaml.bak.bak | 27 ------- .../aws_config_conformance_pack_2.yaml.bak | 27 ------- .../aws_config_conformance_pack_3.yaml.bak | 29 ------- ..._config_retention_configuration_1.yaml.bak | 25 ------ ..._config_retention_configuration_2.yaml.bak | 26 ------ ..._config_retention_configuration_3.yaml.bak | 27 ------- ..._config_retention_configuration_4.yaml.bak | 30 ------- queries/aws_config_rule_1.yaml.bak | 29 ------- queries/aws_config_rule_2.yaml.bak | 29 ------- queries/aws_config_rule_3.yaml.bak | 28 ------- queries/aws_config_rule_4.yaml.bak | 26 ------ queries/aws_config_rule_5.yaml.bak | 26 ------ queries/aws_config_rule_5.yaml.bak.bak | 26 ------ queries/aws_config_rule_6.yaml.bak | 26 ------ queries/aws_cost_by_account_daily_1.yaml.bak | 33 -------- queries/aws_cost_by_account_daily_2.yaml.bak | 31 ------- queries/aws_cost_by_account_daily_3.yaml.bak | 28 ------- .../aws_cost_by_account_monthly_1.yaml.bak | 31 ------- .../aws_cost_by_account_monthly_2.yaml.bak | 31 ------- .../aws_cost_by_account_monthly_3.yaml.bak | 27 ------- .../aws_cost_by_account_monthly_4.yaml.bak | 40 --------- .../aws_cost_by_record_type_daily_1.yaml.bak | 34 -------- .../aws_cost_by_record_type_daily_2.yaml.bak | 33 -------- .../aws_cost_by_record_type_daily_3.yaml.bak | 29 ------- ...aws_cost_by_record_type_monthly_1.yaml.bak | 34 -------- ...aws_cost_by_record_type_monthly_2.yaml.bak | 33 -------- ...aws_cost_by_record_type_monthly_3.yaml.bak | 26 ------ ...cost_by_record_type_monthly_3.yaml.bak.bak | 26 ------ queries/aws_cost_by_service_daily_1.yaml.bak | 35 -------- queries/aws_cost_by_service_daily_2.yaml.bak | 31 ------- queries/aws_cost_by_service_daily_3.yaml.bak | 33 -------- queries/aws_cost_by_service_daily_4.yaml.bak | 31 ------- queries/aws_cost_by_service_daily_5.yaml.bak | 30 ------- .../aws_cost_by_service_daily_5.yaml.bak.bak | 30 ------- .../aws_cost_by_service_monthly_1.yaml.bak | 33 -------- .../aws_cost_by_service_monthly_2.yaml.bak | 29 ------- .../aws_cost_by_service_monthly_3.yaml.bak | 31 ------- .../aws_cost_by_service_monthly_4.yaml.bak | 29 ------- .../aws_cost_by_service_monthly_5.yaml.bak | 32 -------- .../aws_cost_by_service_monthly_6.yaml.bak | 42 ---------- ...ost_by_service_usage_type_daily_1.yaml.bak | 34 -------- ...ost_by_service_usage_type_daily_2.yaml.bak | 34 -------- ...ost_by_service_usage_type_daily_3.yaml.bak | 25 ------ ...ost_by_service_usage_type_daily_4.yaml.bak | 31 ------- ...t_by_service_usage_type_monthly_1.yaml.bak | 34 -------- ...t_by_service_usage_type_monthly_2.yaml.bak | 34 -------- ...t_by_service_usage_type_monthly_3.yaml.bak | 31 ------- ...t_by_service_usage_type_monthly_4.yaml.bak | 33 -------- queries/aws_cost_by_tag_1.yaml.bak | 27 ------- queries/aws_cost_by_tag_2.yaml.bak | 30 ------- queries/aws_cost_by_tag_3.yaml.bak | 42 ---------- queries/aws_cost_forecast_daily_1.yaml.bak | 26 ------ queries/aws_cost_forecast_monthly_1.yaml.bak | 28 ------- queries/aws_cost_forecast_monthly_2.yaml.bak | 41 ---------- queries/aws_cost_usage_1.yaml.bak | 34 -------- queries/aws_cost_usage_2.yaml.bak | 42 ---------- queries/aws_cost_usage_3.yaml.bak | 34 -------- queries/aws_cost_usage_4.yaml.bak | 35 -------- queries/aws_dax_cluster_1.yaml.bak | 27 ------- queries/aws_dax_cluster_2.yaml.bak | 28 ------- queries/aws_dax_cluster_3.yaml.bak | 30 ------- queries/aws_dax_cluster_4.yaml.bak | 29 ------- queries/aws_dax_cluster_4.yaml.bak.bak | 29 ------- queries/aws_dax_parameter_1.yaml.bak | 26 ------ queries/aws_dax_parameter_2.yaml.bak | 29 ------- queries/aws_dax_parameter_2.yaml.bak.bak | 29 ------- queries/aws_dax_parameter_3.yaml.bak | 31 ------- queries/aws_dax_parameter_group_1.yaml.bak | 24 ------ queries/aws_dax_parameter_group_2.yaml.bak | 28 ------- queries/aws_dax_subnet_group_1.yaml.bak | 26 ------ queries/aws_dax_subnet_group_2.yaml.bak | 32 -------- queries/aws_dax_subnet_group_3.yaml.bak | 31 ------- ...s_directory_service_certificate_1.yaml.bak | 27 ------- ...s_directory_service_certificate_2.yaml.bak | 32 -------- ...rectory_service_certificate_2.yaml.bak.bak | 32 -------- ...s_directory_service_certificate_3.yaml.bak | 27 ------- ...s_directory_service_certificate_4.yaml.bak | 29 ------- ...s_directory_service_certificate_5.yaml.bak | 27 ------- ...s_directory_service_certificate_6.yaml.bak | 25 ------ ...s_directory_service_certificate_7.yaml.bak | 30 ------- ...s_directory_service_certificate_8.yaml.bak | 28 ------- ...aws_directory_service_directory_1.yaml.bak | 26 ------ ...aws_directory_service_directory_2.yaml.bak | 29 ------- ...aws_directory_service_directory_3.yaml.bak | 30 ------- ...aws_directory_service_directory_4.yaml.bak | 28 ------- ...aws_directory_service_directory_5.yaml.bak | 30 ------- ...rectory_servicelog_subscription_1.yaml.bak | 26 ------ ...rectory_servicelog_subscription_2.yaml.bak | 29 ------- ...ory_servicelog_subscription_2.yaml.bak.bak | 29 ------- queries/aws_dlm_lifecycle_policy_1.yaml.bak | 26 ------ queries/aws_dlm_lifecycle_policy_2.yaml.bak | 29 ------- queries/aws_dlm_lifecycle_policy_3.yaml.bak | 29 ------- queries/aws_dlm_lifecycle_policy_4.yaml.bak | 31 ------- queries/aws_dms_certificate_1.yaml.bak | 29 ------- queries/aws_dms_certificate_2.yaml.bak | 32 -------- queries/aws_dms_certificate_2.yaml.bak.bak | 32 -------- queries/aws_dms_certificate_3.yaml.bak | 30 ------- queries/aws_dms_certificate_4.yaml.bak | 29 ------- queries/aws_dms_certificate_5.yaml.bak | 28 ------- queries/aws_dms_endpoint_1.yaml.bak | 28 ------- queries/aws_dms_endpoint_2.yaml.bak | 28 ------- queries/aws_dms_endpoint_3.yaml.bak | 30 ------- queries/aws_dms_endpoint_4.yaml.bak | 32 -------- queries/aws_dms_endpoint_5.yaml.bak | 40 --------- .../aws_dms_replication_instance_1.yaml.bak | 28 ------- .../aws_dms_replication_instance_2.yaml.bak | 29 ------- .../aws_dms_replication_instance_3.yaml.bak | 29 ------- .../aws_dms_replication_instance_4.yaml.bak | 27 ------- .../aws_dms_replication_instance_5.yaml.bak | 28 ------- queries/aws_dms_replication_task_1.yaml.bak | 30 ------- queries/aws_dms_replication_task_2.yaml.bak | 28 ------- queries/aws_dms_replication_task_3.yaml.bak | 28 ------- queries/aws_dms_replication_task_4.yaml.bak | 34 -------- queries/aws_dms_replication_task_5.yaml.bak | 30 ------- queries/aws_dms_replication_task_6.yaml.bak | 28 ------- queries/aws_dms_replication_task_7.yaml.bak | 29 ------- .../aws_dms_replication_task_7.yaml.bak.bak | 29 ------- queries/aws_docdb_cluster_1.yaml.bak | 27 ------- queries/aws_docdb_cluster_2.yaml.bak | 30 ------- queries/aws_docdb_cluster_3.yaml.bak | 27 ------- queries/aws_docdb_cluster_3.yaml.bak.bak | 27 ------- queries/aws_docdb_cluster_4.yaml.bak | 25 ------ queries/aws_docdb_cluster_5.yaml.bak | 29 ------- queries/aws_docdb_cluster_6.yaml.bak | 29 ------- queries/aws_docdb_cluster_7.yaml.bak | 29 ------- queries/aws_docdb_cluster_instance_1.yaml.bak | 27 ------- queries/aws_docdb_cluster_instance_2.yaml.bak | 29 ------- queries/aws_docdb_cluster_instance_3.yaml.bak | 27 ------- queries/aws_docdb_cluster_instance_4.yaml.bak | 30 ------- queries/aws_docdb_cluster_instance_5.yaml.bak | 26 ------ queries/aws_docdb_cluster_instance_6.yaml.bak | 26 ------ queries/aws_docdb_cluster_instance_7.yaml.bak | 25 ------ queries/aws_docdb_cluster_snapshot_1.yaml.bak | 27 ------- queries/aws_docdb_cluster_snapshot_2.yaml.bak | 25 ------ queries/aws_docdb_cluster_snapshot_3.yaml.bak | 25 ------ queries/aws_docdb_cluster_snapshot_4.yaml.bak | 26 ------ queries/aws_drs_job_1.yaml.bak | 27 ------- queries/aws_drs_job_2.yaml.bak | 28 ------- queries/aws_drs_job_3.yaml.bak | 32 -------- queries/aws_drs_recovery_instance_1.yaml.bak | 26 ------ queries/aws_drs_recovery_instance_2.yaml.bak | 32 -------- queries/aws_drs_recovery_instance_3.yaml.bak | 37 --------- queries/aws_drs_recovery_instance_4.yaml.bak | 28 ------- queries/aws_drs_recovery_instance_5.yaml.bak | 30 ------- queries/aws_drs_recovery_snapshot_1.yaml.bak | 28 ------- queries/aws_drs_recovery_snapshot_2.yaml.bak | 31 ------- queries/aws_drs_recovery_snapshot_3.yaml.bak | 27 ------- queries/aws_drs_recovery_snapshot_4.yaml.bak | 29 ------- queries/aws_drs_recovery_snapshot_5.yaml.bak | 38 --------- queries/aws_drs_source_server_1.yaml.bak | 27 ------- queries/aws_drs_source_server_2.yaml.bak | 28 ------- queries/aws_drs_source_server_3.yaml.bak | 31 ------- queries/aws_drs_source_server_4.yaml.bak | 30 ------- queries/aws_drs_source_server_5.yaml.bak | 31 ------- queries/aws_drs_source_server_6.yaml.bak | 27 ------- queries/aws_drs_source_server_6.yaml.bak.bak | 27 ------- queries/aws_drs_source_server_7.yaml.bak | 31 ------- queries/aws_dynamodb_backup_1.yaml.bak | 24 ------ queries/aws_dynamodb_backup_2.yaml.bak | 28 ------- queries/aws_dynamodb_global_table_1.yaml.bak | 24 ------ queries/aws_dynamodb_global_table_2.yaml.bak | 30 ------- ..._provisioned_read_capacity_util_1.yaml.bak | 30 ------- ...visioned_read_capacity_util_1.yaml.bak.bak | 30 ------- ..._provisioned_read_capacity_util_2.yaml.bak | 32 -------- ...provisioned_write_capacity_util_1.yaml.bak | 30 ------- ...isioned_write_capacity_util_1.yaml.bak.bak | 30 ------- ...provisioned_write_capacity_util_2.yaml.bak | 32 -------- queries/aws_dynamodb_table_1.yaml.bak | 27 ------- queries/aws_dynamodb_table_2.yaml.bak | 25 ------ queries/aws_dynamodb_table_3.yaml.bak | 25 ------ queries/aws_dynamodb_table_4.yaml.bak | 25 ------ queries/aws_dynamodb_table_export_1.yaml.bak | 26 ------ queries/aws_dynamodb_table_export_2.yaml.bak | 30 ------- .../aws_dynamodb_table_export_2.yaml.bak.bak | 30 ------- queries/aws_dynamodb_table_export_3.yaml.bak | 31 ------- queries/aws_ebs_snapshot_1.yaml.bak | 28 ------- queries/aws_ebs_snapshot_2.yaml.bak | 29 ------- queries/aws_ebs_snapshot_3.yaml.bak | 27 ------- queries/aws_ebs_snapshot_4.yaml.bak | 25 ------ queries/aws_ebs_snapshot_4.yaml.bak.bak | 25 ------ queries/aws_ebs_snapshot_5.yaml.bak | 27 ------- queries/aws_ebs_snapshot_6.yaml.bak | 29 ------- queries/aws_ebs_snapshot_7.yaml.bak | 29 ------- queries/aws_ebs_volume_1.yaml.bak | 27 ------- queries/aws_ebs_volume_2.yaml.bak | 27 ------- queries/aws_ebs_volume_3.yaml.bak | 27 ------- queries/aws_ebs_volume_3.yaml.bak.bak | 27 ------- queries/aws_ebs_volume_4.yaml.bak | 27 ------- queries/aws_ebs_volume_5.yaml.bak | 27 ------- queries/aws_ebs_volume_6.yaml.bak | 30 ------- queries/aws_ebs_volume_7.yaml.bak | 27 ------- .../aws_ebs_volume_metric_read_ops_1.yaml.bak | 33 -------- ..._ebs_volume_metric_read_ops_1.yaml.bak.bak | 33 -------- .../aws_ebs_volume_metric_read_ops_2.yaml.bak | 33 -------- .../aws_ebs_volume_metric_read_ops_3.yaml.bak | 35 -------- .../aws_ebs_volume_metric_read_ops_4.yaml.bak | 39 --------- ...bs_volume_metric_read_ops_daily_1.yaml.bak | 31 ------- ...bs_volume_metric_read_ops_daily_2.yaml.bak | 33 -------- ...bs_volume_metric_read_ops_daily_3.yaml.bak | 33 -------- ...bs_volume_metric_read_ops_daily_4.yaml.bak | 41 ---------- ...s_volume_metric_read_ops_hourly_1.yaml.bak | 33 -------- ...s_volume_metric_read_ops_hourly_2.yaml.bak | 35 -------- ...s_volume_metric_read_ops_hourly_3.yaml.bak | 35 -------- ...s_volume_metric_read_ops_hourly_4.yaml.bak | 37 --------- ...s_volume_metric_read_ops_hourly_5.yaml.bak | 39 --------- ...aws_ebs_volume_metric_write_ops_1.yaml.bak | 33 -------- ...aws_ebs_volume_metric_write_ops_2.yaml.bak | 33 -------- ...aws_ebs_volume_metric_write_ops_3.yaml.bak | 35 -------- ...ebs_volume_metric_write_ops_3.yaml.bak.bak | 35 -------- ...aws_ebs_volume_metric_write_ops_4.yaml.bak | 41 ---------- ...s_volume_metric_write_ops_daily_1.yaml.bak | 33 -------- ...s_volume_metric_write_ops_daily_2.yaml.bak | 35 -------- ...lume_metric_write_ops_daily_2.yaml.bak.bak | 35 -------- ...s_volume_metric_write_ops_daily_3.yaml.bak | 35 -------- ...s_volume_metric_write_ops_daily_4.yaml.bak | 39 --------- ..._volume_metric_write_ops_hourly_1.yaml.bak | 31 ------- ..._volume_metric_write_ops_hourly_2.yaml.bak | 33 -------- ..._volume_metric_write_ops_hourly_3.yaml.bak | 33 -------- ..._volume_metric_write_ops_hourly_4.yaml.bak | 39 --------- ..._volume_metric_write_ops_hourly_5.yaml.bak | 41 ---------- queries/aws_ec2_ami_1.yaml.bak | 30 ------- queries/aws_ec2_ami_2.yaml.bak | 26 ------ queries/aws_ec2_ami_3.yaml.bak | 29 ------- queries/aws_ec2_ami_3.yaml.bak.bak | 29 ------- queries/aws_ec2_ami_4.yaml.bak | 31 ------- queries/aws_ec2_ami_shared_1.yaml.bak | 32 -------- queries/aws_ec2_ami_shared_2.yaml.bak | 33 -------- queries/aws_ec2_ami_shared_2.yaml.bak.bak | 33 -------- queries/aws_ec2_ami_shared_3.yaml.bak | 30 ------- ...s_ec2_application_load_balancer_1.yaml.bak | 25 ------ ...s_ec2_application_load_balancer_2.yaml.bak | 31 ------- ...s_ec2_application_load_balancer_3.yaml.bak | 26 ------ ...s_ec2_application_load_balancer_4.yaml.bak | 28 ------- ...s_ec2_application_load_balancer_5.yaml.bak | 32 -------- ...d_balancer_metric_request_count_1.yaml.bak | 32 -------- ...d_balancer_metric_request_count_2.yaml.bak | 36 --------- ...ncer_metric_request_count_daily_1.yaml.bak | 34 -------- ...ncer_metric_request_count_daily_2.yaml.bak | 34 -------- queries/aws_ec2_autoscaling_group_1.yaml.bak | 31 ------- queries/aws_ec2_autoscaling_group_2.yaml.bak | 25 ------ queries/aws_ec2_autoscaling_group_3.yaml.bak | 33 -------- queries/aws_ec2_autoscaling_group_4.yaml.bak | 24 ------ .../aws_ec2_capacity_reservation_1.yaml.bak | 25 ------ .../aws_ec2_capacity_reservation_2.yaml.bak | 29 ------- .../aws_ec2_capacity_reservation_3.yaml.bak | 29 ------- .../aws_ec2_classic_load_balancer_1.yaml.bak | 25 ------ .../aws_ec2_classic_load_balancer_2.yaml.bak | 25 ------ .../aws_ec2_classic_load_balancer_3.yaml.bak | 25 ------ .../aws_ec2_classic_load_balancer_4.yaml.bak | 29 ------- .../aws_ec2_classic_load_balancer_5.yaml.bak | 27 ------- .../aws_ec2_client_vpn_endpoint_1.yaml.bak | 30 ------- .../aws_ec2_client_vpn_endpoint_2.yaml.bak | 30 ------- .../aws_ec2_client_vpn_endpoint_3.yaml.bak | 30 ------- .../aws_ec2_client_vpn_endpoint_4.yaml.bak | 34 -------- .../aws_ec2_client_vpn_endpoint_5.yaml.bak | 32 -------- .../aws_ec2_client_vpn_endpoint_6.yaml.bak | 30 ------- .../aws_ec2_client_vpn_endpoint_7.yaml.bak | 31 ------- .../aws_ec2_gateway_load_balancer_1.yaml.bak | 27 ------- .../aws_ec2_gateway_load_balancer_2.yaml.bak | 29 ------- .../aws_ec2_gateway_load_balancer_3.yaml.bak | 30 ------- .../aws_ec2_gateway_load_balancer_4.yaml.bak | 30 ------- ...s_ec2_gateway_load_balancer_4.yaml.bak.bak | 30 ------- .../aws_ec2_gateway_load_balancer_5.yaml.bak | 28 ------- .../aws_ec2_gateway_load_balancer_6.yaml.bak | 25 ------ .../aws_ec2_gateway_load_balancer_7.yaml.bak | 27 ------- queries/aws_ec2_instance_1.yaml.bak | 27 ------- queries/aws_ec2_instance_10.yaml.bak | 27 ------- queries/aws_ec2_instance_11.yaml.bak | 27 ------- queries/aws_ec2_instance_12.yaml.bak | 30 ------- queries/aws_ec2_instance_12.yaml.bak.bak | 30 ------- queries/aws_ec2_instance_13.yaml.bak | 28 ------- queries/aws_ec2_instance_14.yaml.bak | 31 ------- queries/aws_ec2_instance_15.yaml.bak | 30 ------- queries/aws_ec2_instance_2.yaml.bak | 27 ------- queries/aws_ec2_instance_3.yaml.bak | 25 ------ queries/aws_ec2_instance_4.yaml.bak | 30 ------- queries/aws_ec2_instance_5.yaml.bak | 27 ------- queries/aws_ec2_instance_6.yaml.bak | 27 ------- queries/aws_ec2_instance_7.yaml.bak | 26 ------ queries/aws_ec2_instance_8.yaml.bak | 31 ------- queries/aws_ec2_instance_9.yaml.bak | 29 ------- .../aws_ec2_instance_availability_1.yaml.bak | 27 ------- .../aws_ec2_instance_availability_2.yaml.bak | 28 ------- ...instance_metric_cpu_utilization_1.yaml.bak | 30 ------- ...instance_metric_cpu_utilization_2.yaml.bak | 31 ------- ...ce_metric_cpu_utilization_daily_1.yaml.bak | 30 ------- ...ce_metric_cpu_utilization_daily_2.yaml.bak | 35 -------- ...ce_metric_cpu_utilization_daily_3.yaml.bak | 31 ------- ...e_metric_cpu_utilization_hourly_1.yaml.bak | 32 -------- ...tric_cpu_utilization_hourly_1.yaml.bak.bak | 32 -------- ...e_metric_cpu_utilization_hourly_2.yaml.bak | 31 ------- ...e_metric_cpu_utilization_hourly_3.yaml.bak | 33 -------- queries/aws_ec2_instance_type_1.yaml.bak | 27 ------- queries/aws_ec2_instance_type_2.yaml.bak | 27 ------- queries/aws_ec2_instance_type_2.yaml.bak.bak | 27 ------- queries/aws_ec2_instance_type_3.yaml.bak | 32 -------- queries/aws_ec2_instance_type_4.yaml.bak | 27 ------- queries/aws_ec2_instance_type_5.yaml.bak | 25 ------ queries/aws_ec2_key_pair_1.yaml.bak | 26 ------ queries/aws_ec2_key_pair_2.yaml.bak | 25 ------ .../aws_ec2_launch_configuration_1.yaml.bak | 29 ------- .../aws_ec2_launch_configuration_2.yaml.bak | 23 ------ .../aws_ec2_launch_configuration_3.yaml.bak | 27 ------- .../aws_ec2_launch_configuration_4.yaml.bak | 23 ------ .../aws_ec2_launch_configuration_5.yaml.bak | 28 ------- queries/aws_ec2_launch_template_1.yaml.bak | 27 ------- queries/aws_ec2_launch_template_2.yaml.bak | 27 ------- queries/aws_ec2_launch_template_3.yaml.bak | 26 ------ ...aws_ec2_launch_template_version_1.yaml.bak | 29 ------- ...aws_ec2_launch_template_version_2.yaml.bak | 29 ------- ...aws_ec2_launch_template_version_3.yaml.bak | 30 ------- ...aws_ec2_launch_template_version_4.yaml.bak | 30 ------- ...aws_ec2_launch_template_version_5.yaml.bak | 25 ------ ...aws_ec2_launch_template_version_6.yaml.bak | 51 ------------ ...aws_ec2_launch_template_version_7.yaml.bak | 28 ------- ...aws_ec2_launch_template_version_8.yaml.bak | 28 ------- ...aws_ec2_launch_template_version_9.yaml.bak | 27 ------- .../aws_ec2_load_balancer_listener_1.yaml.bak | 25 ------ .../aws_ec2_load_balancer_listener_2.yaml.bak | 29 ------- ..._ec2_load_balancer_listener_2.yaml.bak.bak | 29 ------- .../aws_ec2_load_balancer_listener_3.yaml.bak | 29 ------- ...ec2_load_balancer_listener_rule_1.yaml.bak | 30 ------- ...ec2_load_balancer_listener_rule_2.yaml.bak | 30 ------- ...ec2_load_balancer_listener_rule_3.yaml.bak | 35 -------- ...ec2_load_balancer_listener_rule_4.yaml.bak | 27 ------- ...ec2_load_balancer_listener_rule_5.yaml.bak | 33 -------- ...ec2_load_balancer_listener_rule_6.yaml.bak | 35 -------- .../aws_ec2_managed_prefix_list_1.yaml.bak | 28 ------- ...aws_ec2_managed_prefix_list_1.yaml.bak.bak | 28 ------- .../aws_ec2_managed_prefix_list_2.yaml.bak | 30 ------- .../aws_ec2_managed_prefix_list_3.yaml.bak | 28 ------- .../aws_ec2_managed_prefix_list_4.yaml.bak | 28 ------- .../aws_ec2_managed_prefix_list_5.yaml.bak | 30 ------- .../aws_ec2_managed_prefix_list_6.yaml.bak | 28 ------- ...s_ec2_managed_prefix_list_entry_1.yaml.bak | 24 ------ ...s_ec2_managed_prefix_list_entry_2.yaml.bak | 30 ------- ...s_ec2_managed_prefix_list_entry_3.yaml.bak | 27 ------- queries/aws_ec2_network_interface_1.yaml.bak | 29 ------- queries/aws_ec2_network_interface_2.yaml.bak | 31 ------- queries/aws_ec2_network_interface_3.yaml.bak | 29 ------- .../aws_ec2_network_interface_3.yaml.bak.bak | 29 ------- queries/aws_ec2_network_interface_4.yaml.bak | 29 ------- queries/aws_ec2_network_interface_5.yaml.bak | 33 -------- .../aws_ec2_network_load_balancer_1.yaml.bak | 28 ------- .../aws_ec2_network_load_balancer_2.yaml.bak | 30 ------- .../aws_ec2_network_load_balancer_3.yaml.bak | 30 ------- .../aws_ec2_network_load_balancer_4.yaml.bak | 28 ------- ..._balancer_metric_net_flow_count_1.yaml.bak | 33 -------- ..._balancer_metric_net_flow_count_2.yaml.bak | 36 --------- ...cer_metric_net_flow_count_daily_1.yaml.bak | 35 -------- ...cer_metric_net_flow_count_daily_2.yaml.bak | 36 --------- queries/aws_ec2_regional_settings_1.yaml.bak | 27 ------- queries/aws_ec2_regional_settings_2.yaml.bak | 27 ------- queries/aws_ec2_regional_settings_3.yaml.bak | 26 ------ queries/aws_ec2_reserved_instance_1.yaml.bak | 31 ------- .../aws_ec2_reserved_instance_1.yaml.bak.bak | 31 ------- queries/aws_ec2_reserved_instance_2.yaml.bak | 27 ------- queries/aws_ec2_reserved_instance_3.yaml.bak | 27 ------- queries/aws_ec2_reserved_instance_4.yaml.bak | 28 ------- queries/aws_ec2_reserved_instance_5.yaml.bak | 28 ------- queries/aws_ec2_spot_price_1.yaml.bak | 37 --------- queries/aws_ec2_ssl_policy_1.yaml.bak | 25 ------ queries/aws_ec2_ssl_policy_1.yaml.bak.bak | 25 ------ queries/aws_ec2_ssl_policy_2.yaml.bak | 31 ------- queries/aws_ec2_target_group_1.yaml.bak | 25 ------ queries/aws_ec2_target_group_2.yaml.bak | 32 -------- queries/aws_ec2_target_group_3.yaml.bak | 29 ------- queries/aws_ec2_target_group_4.yaml.bak | 29 ------- queries/aws_ec2_transit_gateway_1.yaml.bak | 27 ------- queries/aws_ec2_transit_gateway_2.yaml.bak | 25 ------ queries/aws_ec2_transit_gateway_3.yaml.bak | 27 ------- queries/aws_ec2_transit_gateway_4.yaml.bak | 25 ------ .../aws_ec2_transit_gateway_4.yaml.bak.bak | 25 ------ .../aws_ec2_transit_gateway_route_1.yaml.bak | 28 ------- .../aws_ec2_transit_gateway_route_2.yaml.bak | 29 ------- ...ec2_transit_gateway_route_table_1.yaml.bak | 25 ------ ...ec2_transit_gateway_route_table_2.yaml.bak | 27 ------- ..._transit_gateway_vpc_attachment_1.yaml.bak | 29 ------- ..._transit_gateway_vpc_attachment_2.yaml.bak | 27 ------- queries/aws_ecr_image_1.yaml.bak | 28 ------- queries/aws_ecr_image_2.yaml.bak | 25 ------ queries/aws_ecr_image_2.yaml.bak.bak | 25 ------ queries/aws_ecr_image_3.yaml.bak | 25 ------ queries/aws_ecr_image_4.yaml.bak | 31 ------- queries/aws_ecr_image_5.yaml.bak | 32 -------- queries/aws_ecr_image_6.yaml.bak | 33 -------- queries/aws_ecr_image_7.yaml.bak | 31 ------- queries/aws_ecr_image_scan_finding_1.yaml.bak | 38 --------- queries/aws_ecr_image_scan_finding_2.yaml.bak | 39 --------- ...registry_scanning_configuration_1.yaml.bak | 26 ------ ...registry_scanning_configuration_2.yaml.bak | 28 ------- ...registry_scanning_configuration_3.yaml.bak | 25 ------ queries/aws_ecr_repository_1.yaml.bak | 30 ------- queries/aws_ecr_repository_10.yaml.bak | 27 ------- queries/aws_ecr_repository_11.yaml.bak | 29 ------- queries/aws_ecr_repository_2.yaml.bak | 28 ------- queries/aws_ecr_repository_2.yaml.bak.bak | 28 ------- queries/aws_ecr_repository_3.yaml.bak | 27 ------- queries/aws_ecr_repository_4.yaml.bak | 32 -------- queries/aws_ecr_repository_5.yaml.bak | 30 ------- queries/aws_ecr_repository_6.yaml.bak | 25 ------ queries/aws_ecr_repository_7.yaml.bak | 34 -------- queries/aws_ecr_repository_8.yaml.bak | 32 -------- queries/aws_ecr_repository_9.yaml.bak | 27 ------- queries/aws_ecrpublic_repository_1.yaml.bak | 30 ------- queries/aws_ecrpublic_repository_2.yaml.bak | 34 -------- queries/aws_ecs_cluster_1.yaml.bak | 27 ------- queries/aws_ecs_cluster_2.yaml.bak | 27 ------- queries/aws_ecs_cluster_3.yaml.bak | 26 ------ queries/aws_ecs_cluster_4.yaml.bak | 29 ------- ..._cluster_metric_cpu_utilization_1.yaml.bak | 30 ------- ..._cluster_metric_cpu_utilization_2.yaml.bak | 34 -------- ...er_metric_cpu_utilization_daily_1.yaml.bak | 32 -------- ...er_metric_cpu_utilization_daily_2.yaml.bak | 32 -------- ...er_metric_cpu_utilization_daily_3.yaml.bak | 32 -------- ...r_metric_cpu_utilization_hourly_1.yaml.bak | 30 ------- ...r_metric_cpu_utilization_hourly_2.yaml.bak | 32 -------- ...r_metric_cpu_utilization_hourly_3.yaml.bak | 32 -------- queries/aws_ecs_container_instance_1.yaml.bak | 29 ------- queries/aws_ecs_container_instance_2.yaml.bak | 26 ------ queries/aws_ecs_container_instance_3.yaml.bak | 26 ------ queries/aws_ecs_container_instance_4.yaml.bak | 28 ------- queries/aws_ecs_service_1.yaml.bak | 28 ------- queries/aws_ecs_service_2.yaml.bak | 28 ------- queries/aws_ecs_service_3.yaml.bak | 28 ------- queries/aws_ecs_task_1.yaml.bak | 27 ------- queries/aws_ecs_task_2.yaml.bak | 30 ------- queries/aws_ecs_task_3.yaml.bak | 25 ------ queries/aws_ecs_task_3.yaml.bak.bak | 25 ------ queries/aws_ecs_task_definition_1.yaml.bak | 29 ------- queries/aws_ecs_task_definition_2.yaml.bak | 25 ------ queries/aws_ecs_task_definition_3.yaml.bak | 27 ------- .../aws_ecs_task_definition_3.yaml.bak.bak | 27 ------- queries/aws_ecs_task_definition_4.yaml.bak | 29 ------- queries/aws_efs_access_point_1.yaml.bak | 30 ------- queries/aws_efs_access_point_2.yaml.bak | 28 ------- queries/aws_efs_access_point_3.yaml.bak | 29 ------- queries/aws_efs_file_system_1.yaml.bak | 31 ------- queries/aws_efs_file_system_2.yaml.bak | 29 ------- queries/aws_efs_file_system_3.yaml.bak | 26 ------ queries/aws_efs_file_system_4.yaml.bak | 33 -------- queries/aws_efs_file_system_5.yaml.bak | 39 --------- queries/aws_efs_file_system_6.yaml.bak | 27 ------- queries/aws_efs_mount_target_1.yaml.bak | 28 ------- queries/aws_efs_mount_target_2.yaml.bak | 25 ------ queries/aws_eks_addon_1.yaml.bak | 29 ------- queries/aws_eks_addon_2.yaml.bak | 29 ------- queries/aws_eks_addon_3.yaml.bak | 27 ------- queries/aws_eks_addon_3.yaml.bak.bak | 27 ------- queries/aws_eks_addon_version_1.yaml.bak | 24 ------ queries/aws_eks_addon_version_2.yaml.bak | 27 ------- queries/aws_eks_addon_version_3.yaml.bak | 27 ------- queries/aws_eks_cluster_1.yaml.bak | 26 ------ queries/aws_eks_cluster_2.yaml.bak | 31 ------- queries/aws_eks_cluster_3.yaml.bak | 29 ------- queries/aws_eks_cluster_4.yaml.bak | 28 ------- queries/aws_eks_fargate_profile_1.yaml.bak | 29 ------- .../aws_eks_fargate_profile_1.yaml.bak.bak | 29 ------- queries/aws_eks_fargate_profile_2.yaml.bak | 30 ------- queries/aws_eks_fargate_profile_3.yaml.bak | 32 -------- queries/aws_eks_fargate_profile_4.yaml.bak | 34 -------- ...ws_eks_identity_provider_config_1.yaml.bak | 26 ------ ...ws_eks_identity_provider_config_2.yaml.bak | 27 ------- queries/aws_eks_node_group_1.yaml.bak | 28 ------- queries/aws_eks_node_group_2.yaml.bak | 30 ------- queries/aws_eks_node_group_3.yaml.bak | 26 ------ queries/aws_eks_node_group_4.yaml.bak | 26 ------ ...s_elastic_beanstalk_application_1.yaml.bak | 29 ------- ...s_elastic_beanstalk_application_2.yaml.bak | 25 ------ ...c_beanstalk_application_version_1.yaml.bak | 30 ------- ...c_beanstalk_application_version_2.yaml.bak | 29 ------- ...c_beanstalk_application_version_3.yaml.bak | 27 ------- ...c_beanstalk_application_version_4.yaml.bak | 30 ------- ...c_beanstalk_application_version_5.yaml.bak | 27 ------- ...c_beanstalk_application_version_6.yaml.bak | 26 ------ ...s_elastic_beanstalk_environment_1.yaml.bak | 26 ------ ...s_elastic_beanstalk_environment_2.yaml.bak | 25 ------ ...s_elastic_beanstalk_environment_3.yaml.bak | 29 ------- ...astic_beanstalk_environment_3.yaml.bak.bak | 29 ------- ...s_elastic_beanstalk_environment_4.yaml.bak | 25 ------ ...s_elastic_beanstalk_environment_5.yaml.bak | 28 ------- ...s_elastic_beanstalk_environment_6.yaml.bak | 37 --------- queries/aws_elasticache_cluster_1.yaml.bak | 28 ------- queries/aws_elasticache_cluster_2.yaml.bak | 25 ------ .../aws_elasticache_cluster_2.yaml.bak.bak | 25 ------ queries/aws_elasticache_cluster_3.yaml.bak | 28 ------- queries/aws_elasticache_cluster_4.yaml.bak | 27 ------- queries/aws_elasticache_cluster_5.yaml.bak | 27 ------- queries/aws_elasticache_cluster_6.yaml.bak | 27 ------- queries/aws_elasticache_cluster_7.yaml.bak | 29 ------- ...aws_elasticache_parameter_group_1.yaml.bak | 26 ------ ...aws_elasticache_parameter_group_2.yaml.bak | 27 ------- ..._redis_metric_cache_hits_hourly_1.yaml.bak | 31 ------- ..._redis_metric_cache_hits_hourly_2.yaml.bak | 32 -------- ..._redis_metric_cache_hits_hourly_3.yaml.bak | 31 ------- ..._metric_curr_connections_hourly_1.yaml.bak | 31 ------- ..._metric_curr_connections_hourly_2.yaml.bak | 33 -------- ...ic_engine_cpu_utilization_daily_1.yaml.bak | 32 -------- ...ic_engine_cpu_utilization_daily_2.yaml.bak | 31 ------- ...ic_engine_cpu_utilization_daily_3.yaml.bak | 31 ------- ...c_engine_cpu_utilization_hourly_1.yaml.bak | 30 ------- ...c_engine_cpu_utilization_hourly_2.yaml.bak | 33 -------- ...gine_cpu_utilization_hourly_2.yaml.bak.bak | 33 -------- ...c_engine_cpu_utilization_hourly_3.yaml.bak | 33 -------- ...dis_metric_get_type_cmds_hourly_1.yaml.bak | 30 ------- ...dis_metric_get_type_cmds_hourly_2.yaml.bak | 31 ------- ...metric_get_type_cmds_hourly_2.yaml.bak.bak | 31 ------- ...s_metric_list_based_cmds_hourly_1.yaml.bak | 31 ------- ...s_metric_list_based_cmds_hourly_2.yaml.bak | 33 -------- ...s_metric_new_connections_hourly_1.yaml.bak | 29 ------- ...s_metric_new_connections_hourly_2.yaml.bak | 31 ------- ...s_elasticache_replication_group_1.yaml.bak | 27 ------- ...s_elasticache_replication_group_2.yaml.bak | 30 ------- ...asticache_replication_group_2.yaml.bak.bak | 30 ------- ...s_elasticache_replication_group_3.yaml.bak | 28 ------- ...s_elasticache_replication_group_4.yaml.bak | 29 ------- ...s_elasticache_replication_group_5.yaml.bak | 27 ------- ...s_elasticache_replication_group_6.yaml.bak | 23 ------ ...elasticache_reserved_cache_node_1.yaml.bak | 26 ------ ...elasticache_reserved_cache_node_2.yaml.bak | 30 ------- ...ticache_reserved_cache_node_2.yaml.bak.bak | 30 ------- ...elasticache_reserved_cache_node_3.yaml.bak | 28 ------- ...elasticache_reserved_cache_node_4.yaml.bak | 28 ------- ...elasticache_reserved_cache_node_5.yaml.bak | 28 ------- .../aws_elasticache_subnet_group_1.yaml.bak | 25 ------ .../aws_elasticache_subnet_group_2.yaml.bak | 28 ------- .../aws_elasticache_subnet_group_3.yaml.bak | 27 ------- queries/aws_elasticsearch_domain_1.yaml.bak | 28 ------- queries/aws_elasticsearch_domain_2.yaml.bak | 31 ------- queries/aws_elasticsearch_domain_3.yaml.bak | 30 ------- queries/aws_elasticsearch_domain_4.yaml.bak | 30 ------- queries/aws_elasticsearch_domain_5.yaml.bak | 27 ------- queries/aws_elasticsearch_domain_6.yaml.bak | 33 -------- queries/aws_elasticsearch_domain_7.yaml.bak | 28 ------- queries/aws_elasticsearch_domain_8.yaml.bak | 27 ------- .../aws_elasticsearch_domain_8.yaml.bak.bak | 27 ------- ...ock_public_access_configuration_1.yaml.bak | 31 ------- ...public_access_configuration_1.yaml.bak.bak | 31 ------- ...ock_public_access_configuration_2.yaml.bak | 27 ------- ...ock_public_access_configuration_3.yaml.bak | 28 ------- ...ock_public_access_configuration_4.yaml.bak | 25 ------ queries/aws_emr_cluster_1.yaml.bak | 27 ------- queries/aws_emr_cluster_2.yaml.bak | 26 ------ queries/aws_emr_cluster_3.yaml.bak | 29 ------- queries/aws_emr_cluster_4.yaml.bak | 26 ------ queries/aws_emr_cluster_5.yaml.bak | 26 ------ queries/aws_emr_cluster_6.yaml.bak | 29 ------- .../aws_emr_cluster_metric_is_idle_1.yaml.bak | 30 ------- queries/aws_emr_instance_1.yaml.bak | 29 ------- queries/aws_emr_instance_2.yaml.bak | 28 ------- queries/aws_emr_instance_3.yaml.bak | 28 ------- queries/aws_emr_instance_4.yaml.bak | 31 ------- queries/aws_emr_instance_fleet_1.yaml.bak | 28 ------- queries/aws_emr_instance_fleet_2.yaml.bak | 29 ------- queries/aws_emr_instance_fleet_3.yaml.bak | 26 ------ queries/aws_emr_instance_group_1.yaml.bak | 26 ------ queries/aws_emr_instance_group_2.yaml.bak | 31 ------- queries/aws_emr_instance_group_3.yaml.bak | 28 ------- .../aws_emr_security_configuration_1.yaml.bak | 30 ------- .../aws_emr_security_configuration_2.yaml.bak | 28 ------- .../aws_emr_security_configuration_3.yaml.bak | 32 -------- queries/aws_eventbridge_bus_1.yaml.bak | 27 ------- queries/aws_eventbridge_rule_1.yaml.bak | 28 ------- queries/aws_eventbridge_rule_2.yaml.bak | 27 ------- queries/aws_eventbridge_rule_2.yaml.bak.bak | 27 ------- queries/aws_eventbridge_rule_3.yaml.bak | 28 ------- queries/aws_fms_app_list_1.yaml.bak | 25 ------ queries/aws_fms_app_list_2.yaml.bak | 29 ------- queries/aws_fms_app_list_3.yaml.bak | 29 ------- queries/aws_fms_policy_1.yaml.bak | 28 ------- queries/aws_fms_policy_2.yaml.bak | 31 ------- queries/aws_fms_policy_3.yaml.bak | 27 ------- queries/aws_fms_policy_4.yaml.bak | 28 ------- queries/aws_fsx_file_system_1.yaml.bak | 30 ------- queries/aws_fsx_file_system_2.yaml.bak | 30 ------- queries/aws_glacier_vault_1.yaml.bak | 26 ------ queries/aws_glacier_vault_2.yaml.bak | 32 -------- queries/aws_glacier_vault_2.yaml.bak.bak | 32 -------- queries/aws_glacier_vault_3.yaml.bak | 32 -------- queries/aws_glacier_vault_4.yaml.bak | 29 ------- queries/aws_glacier_vault_5.yaml.bak | 25 ------ queries/aws_glacier_vault_6.yaml.bak | 26 ------ ...s_globalaccelerator_accelerator_1.yaml.bak | 28 ------- ...s_globalaccelerator_accelerator_2.yaml.bak | 32 -------- ...s_globalaccelerator_accelerator_3.yaml.bak | 25 ------ ...lobalaccelerator_endpoint_group_1.yaml.bak | 33 -------- ...lobalaccelerator_endpoint_group_2.yaml.bak | 35 -------- ...lobalaccelerator_endpoint_group_3.yaml.bak | 41 ---------- ...laccelerator_endpoint_group_3.yaml.bak.bak | 41 ---------- .../aws_globalaccelerator_listener_1.yaml.bak | 25 ------ .../aws_globalaccelerator_listener_2.yaml.bak | 27 ------- .../aws_globalaccelerator_listener_3.yaml.bak | 30 ------- .../aws_globalaccelerator_listener_4.yaml.bak | 33 -------- queries/aws_glue_catalog_database_1.yaml.bak | 27 ------- queries/aws_glue_catalog_database_2.yaml.bak | 27 ------- queries/aws_glue_catalog_table_1.yaml.bak | 20 ----- queries/aws_glue_catalog_table_2.yaml.bak | 27 ------- queries/aws_glue_catalog_table_3.yaml.bak | 28 ------- queries/aws_glue_connection_1.yaml.bak | 26 ------ queries/aws_glue_connection_2.yaml.bak | 28 ------- queries/aws_glue_connection_3.yaml.bak | 29 ------- queries/aws_glue_connection_3.yaml.bak.bak | 29 ------- queries/aws_glue_connection_4.yaml.bak | 31 ------- queries/aws_glue_crawler_1.yaml.bak | 29 ------- queries/aws_glue_crawler_2.yaml.bak | 31 ------- ...ata_catalog_encryption_settings_1.yaml.bak | 27 ------- ...ata_catalog_encryption_settings_2.yaml.bak | 27 ------- ...ata_catalog_encryption_settings_3.yaml.bak | 29 ------- ...ata_catalog_encryption_settings_4.yaml.bak | 30 ------- ...ata_catalog_encryption_settings_5.yaml.bak | 30 ------- .../aws_glue_data_quality_ruleset_1.yaml.bak | 30 ------- .../aws_glue_data_quality_ruleset_2.yaml.bak | 32 -------- .../aws_glue_data_quality_ruleset_3.yaml.bak | 27 ------- .../aws_glue_data_quality_ruleset_4.yaml.bak | 33 -------- .../aws_glue_data_quality_ruleset_5.yaml.bak | 25 ------ queries/aws_glue_dev_endpoint_1.yaml.bak | 31 ------- queries/aws_glue_dev_endpoint_2.yaml.bak | 32 -------- queries/aws_glue_dev_endpoint_2.yaml.bak.bak | 32 -------- queries/aws_glue_dev_endpoint_3.yaml.bak | 30 ------- queries/aws_glue_dev_endpoint_4.yaml.bak | 30 ------- queries/aws_glue_dev_endpoint_5.yaml.bak | 36 --------- queries/aws_glue_dev_endpoint_6.yaml.bak | 34 -------- queries/aws_glue_job_1.yaml.bak | 30 ------- queries/aws_glue_job_10.yaml.bak | 29 ------- queries/aws_glue_job_10.yaml.bak.bak | 29 ------- queries/aws_glue_job_2.yaml.bak | 29 ------- queries/aws_glue_job_3.yaml.bak | 31 ------- queries/aws_glue_job_4.yaml.bak | 32 -------- queries/aws_glue_job_5.yaml.bak | 34 -------- queries/aws_glue_job_6.yaml.bak | 33 -------- queries/aws_glue_job_7.yaml.bak | 28 ------- queries/aws_glue_job_8.yaml.bak | 30 ------- queries/aws_glue_job_9.yaml.bak | 29 ------- ...aws_glue_security_configuration_1.yaml.bak | 30 ------- ...aws_glue_security_configuration_2.yaml.bak | 28 ------- ...aws_glue_security_configuration_3.yaml.bak | 28 ------- ...aws_glue_security_configuration_4.yaml.bak | 29 ------- queries/aws_guardduty_detector_1.yaml.bak | 26 ------ queries/aws_guardduty_detector_2.yaml.bak | 26 ------ queries/aws_guardduty_detector_3.yaml.bak | 28 ------- queries/aws_guardduty_detector_4.yaml.bak | 26 ------ queries/aws_guardduty_filter_1.yaml.bak | 27 ------- queries/aws_guardduty_filter_2.yaml.bak | 29 ------- queries/aws_guardduty_filter_3.yaml.bak | 30 ------- queries/aws_guardduty_filter_4.yaml.bak | 25 ------ queries/aws_guardduty_filter_5.yaml.bak | 29 ------- queries/aws_guardduty_finding_1.yaml.bak | 27 ------- queries/aws_guardduty_finding_2.yaml.bak | 29 ------- queries/aws_guardduty_ipset_1.yaml.bak | 28 ------- queries/aws_guardduty_ipset_2.yaml.bak | 28 ------- queries/aws_guardduty_member_1.yaml.bak | 27 ------- queries/aws_guardduty_member_2.yaml.bak | 27 ------- queries/aws_guardduty_member_3.yaml.bak | 29 ------- queries/aws_guardduty_member_4.yaml.bak | 31 ------- queries/aws_guardduty_member_4.yaml.bak.bak | 31 ------- ...uardduty_publishing_destination_1.yaml.bak | 28 ------- ...duty_publishing_destination_1.yaml.bak.bak | 28 ------- ...uardduty_publishing_destination_2.yaml.bak | 28 ------- ...uardduty_publishing_destination_3.yaml.bak | 31 ------- ...uardduty_publishing_destination_4.yaml.bak | 27 ------- ...uardduty_publishing_destination_5.yaml.bak | 34 -------- ...uardduty_publishing_destination_6.yaml.bak | 35 -------- .../aws_guardduty_threat_intel_set_1.yaml.bak | 30 ------- .../aws_guardduty_threat_intel_set_2.yaml.bak | 27 ------- queries/aws_health_affected_entity_1.yaml.bak | 29 ------- queries/aws_health_affected_entity_2.yaml.bak | 31 ------- queries/aws_health_affected_entity_3.yaml.bak | 30 ------- queries/aws_health_event_1.yaml.bak | 32 -------- queries/aws_health_event_2.yaml.bak | 25 ------ queries/aws_health_event_3.yaml.bak | 31 ------- queries/aws_health_event_4.yaml.bak | 32 -------- queries/aws_iam_access_advisor_1.yaml.bak | 32 -------- queries/aws_iam_access_advisor_2.yaml.bak | 28 ------- queries/aws_iam_access_advisor_2.yaml.bak.bak | 28 ------- queries/aws_iam_access_advisor_3.yaml.bak | 34 -------- queries/aws_iam_access_advisor_4.yaml.bak | 41 ---------- queries/aws_iam_access_advisor_5.yaml.bak | 36 --------- queries/aws_iam_access_advisor_6.yaml.bak | 29 ------- queries/aws_iam_access_key_1.yaml.bak | 26 ------ queries/aws_iam_access_key_2.yaml.bak | 30 ------- queries/aws_iam_access_key_3.yaml.bak | 27 ------- ...aws_iam_account_password_policy_1.yaml.bak | 33 -------- ...aws_iam_account_password_policy_2.yaml.bak | 22 ----- ...aws_iam_account_password_policy_3.yaml.bak | 22 ----- ...aws_iam_account_password_policy_4.yaml.bak | 24 ------ ...aws_iam_account_password_policy_5.yaml.bak | 24 ------ ...aws_iam_account_password_policy_6.yaml.bak | 24 ------ ...aws_iam_account_password_policy_7.yaml.bak | 22 ----- ...aws_iam_account_password_policy_8.yaml.bak | 24 ------ queries/aws_iam_account_summary_1.yaml.bak | 24 ------ queries/aws_iam_account_summary_2.yaml.bak | 22 ----- queries/aws_iam_account_summary_3.yaml.bak | 25 ------ queries/aws_iam_action_1.yaml.bak | 29 ------- queries/aws_iam_action_2.yaml.bak | 24 ------ queries/aws_iam_action_3.yaml.bak | 26 ------ queries/aws_iam_action_4.yaml.bak | 32 -------- queries/aws_iam_action_5.yaml.bak | 40 --------- queries/aws_iam_credential_report_1.yaml.bak | 25 ------ queries/aws_iam_credential_report_2.yaml.bak | 33 -------- queries/aws_iam_credential_report_3.yaml.bak | 24 ------ queries/aws_iam_credential_report_4.yaml.bak | 31 ------- queries/aws_iam_credential_report_5.yaml.bak | 29 ------- queries/aws_iam_credential_report_6.yaml.bak | 27 ------- .../aws_iam_credential_report_6.yaml.bak.bak | 27 ------- queries/aws_iam_group_1.yaml.bak | 30 ------- queries/aws_iam_group_2.yaml.bak | 28 ------- queries/aws_iam_group_3.yaml.bak | 24 ------ queries/aws_iam_group_4.yaml.bak | 25 ------ ...ws_iam_open_id_connect_provider_1.yaml.bak | 29 ------- ...ws_iam_open_id_connect_provider_2.yaml.bak | 33 -------- ...am_open_id_connect_provider_2.yaml.bak.bak | 33 -------- ...ws_iam_open_id_connect_provider_3.yaml.bak | 32 -------- ...ws_iam_open_id_connect_provider_4.yaml.bak | 29 ------- queries/aws_iam_policy_1.yaml.bak | 27 ------- queries/aws_iam_policy_2.yaml.bak | 28 ------- queries/aws_iam_policy_3.yaml.bak | 28 ------- queries/aws_iam_policy_4.yaml.bak | 30 ------- queries/aws_iam_policy_5.yaml.bak | 32 -------- queries/aws_iam_policy_6.yaml.bak | 35 -------- queries/aws_iam_policy_7.yaml.bak | 35 -------- queries/aws_iam_policy_attachment_1.yaml.bak | 28 ------- queries/aws_iam_policy_attachment_2.yaml.bak | 26 ------ queries/aws_iam_policy_attachment_3.yaml.bak | 29 ------- queries/aws_iam_policy_simulator_1.yaml.bak | 26 ------ queries/aws_iam_policy_simulator_2.yaml.bak | 27 ------- queries/aws_iam_policy_simulator_3.yaml.bak | 28 ------- queries/aws_iam_role_1.yaml.bak | 27 ------- queries/aws_iam_role_10.yaml.bak | 40 --------- queries/aws_iam_role_2.yaml.bak | 27 ------- queries/aws_iam_role_3.yaml.bak | 27 ------- queries/aws_iam_role_4.yaml.bak | 33 -------- queries/aws_iam_role_4.yaml.bak.bak | 33 -------- queries/aws_iam_role_5.yaml.bak | 36 --------- queries/aws_iam_role_6.yaml.bak | 40 --------- queries/aws_iam_role_7.yaml.bak | 81 ------------------- queries/aws_iam_role_8.yaml.bak | 41 ---------- queries/aws_iam_role_9.yaml.bak | 30 ------- queries/aws_iam_saml_provider_1.yaml.bak | 28 ------- queries/aws_iam_saml_provider_2.yaml.bak | 32 -------- queries/aws_iam_saml_provider_3.yaml.bak | 30 ------- queries/aws_iam_server_certificate_1.yaml.bak | 26 ------ .../aws_iam_server_certificate_1.yaml.bak.bak | 26 ------ queries/aws_iam_server_certificate_2.yaml.bak | 26 ------ ...iam_service_specific_credential_1.yaml.bak | 27 ------- ...iam_service_specific_credential_2.yaml.bak | 32 -------- ...service_specific_credential_2.yaml.bak.bak | 32 -------- ...iam_service_specific_credential_3.yaml.bak | 29 ------- queries/aws_iam_user_1.yaml.bak | 30 ------- queries/aws_iam_user_2.yaml.bak | 30 ------- queries/aws_iam_user_2.yaml.bak.bak | 30 ------- queries/aws_iam_user_3.yaml.bak | 30 ------- queries/aws_iam_user_4.yaml.bak | 28 ------- queries/aws_iam_user_5.yaml.bak | 28 ------- queries/aws_iam_user_6.yaml.bak | 27 ------- queries/aws_iam_virtual_mfa_device_1.yaml.bak | 26 ------ queries/aws_iam_virtual_mfa_device_2.yaml.bak | 30 ------- queries/aws_identitystore_group_1.yaml.bak | 26 ------ queries/aws_identitystore_group_2.yaml.bak | 24 ------ ..._identitystore_group_membership_1.yaml.bak | 27 ------- ..._identitystore_group_membership_2.yaml.bak | 30 ------- ..._identitystore_group_membership_3.yaml.bak | 30 ------- queries/aws_identitystore_user_1.yaml.bak | 26 ------ queries/aws_identitystore_user_2.yaml.bak | 28 ------- queries/aws_inspector2_coverage_1.yaml.bak | 27 ------- queries/aws_inspector2_coverage_2.yaml.bak | 29 ------- queries/aws_inspector2_coverage_3.yaml.bak | 31 ------- .../aws_inspector2_coverage_3.yaml.bak.bak | 31 ------- queries/aws_inspector2_coverage_4.yaml.bak | 32 -------- queries/aws_inspector2_coverage_5.yaml.bak | 30 ------- queries/aws_inspector2_coverage_6.yaml.bak | 27 ------- queries/aws_inspector2_coverage_7.yaml.bak | 34 -------- queries/aws_inspector2_coverage_8.yaml.bak | 35 -------- queries/aws_inspector2_coverage_9.yaml.bak | 35 -------- ..._inspector2_coverage_statistics_1.yaml.bak | 23 ------ ..._inspector2_coverage_statistics_2.yaml.bak | 24 ------ ...pector2_coverage_statistics_2.yaml.bak.bak | 24 ------ queries/aws_inspector2_finding_1.yaml.bak | 29 ------- queries/aws_inspector2_finding_10.yaml.bak | 32 -------- queries/aws_inspector2_finding_11.yaml.bak | 32 -------- queries/aws_inspector2_finding_12.yaml.bak | 32 -------- queries/aws_inspector2_finding_13.yaml.bak | 28 ------- .../aws_inspector2_finding_13.yaml.bak.bak | 28 ------- queries/aws_inspector2_finding_14.yaml.bak | 31 ------- queries/aws_inspector2_finding_15.yaml.bak | 31 ------- queries/aws_inspector2_finding_2.yaml.bak | 32 -------- queries/aws_inspector2_finding_3.yaml.bak | 29 ------- queries/aws_inspector2_finding_4.yaml.bak | 30 ------- queries/aws_inspector2_finding_5.yaml.bak | 30 ------- queries/aws_inspector2_finding_6.yaml.bak | 32 -------- queries/aws_inspector2_finding_6.yaml.bak.bak | 32 -------- queries/aws_inspector2_finding_7.yaml.bak | 30 ------- queries/aws_inspector2_finding_8.yaml.bak | 37 --------- queries/aws_inspector2_finding_9.yaml.bak | 32 -------- queries/aws_inspector2_member_1.yaml.bak | 25 ------ queries/aws_inspector2_member_2.yaml.bak | 29 ------- queries/aws_inspector2_member_2.yaml.bak.bak | 29 ------- queries/aws_inspector2_member_3.yaml.bak | 28 ------- .../aws_inspector_assessment_run_1.yaml.bak | 27 ------- .../aws_inspector_assessment_run_2.yaml.bak | 29 ------- .../aws_inspector_assessment_run_3.yaml.bak | 31 ------- .../aws_inspector_assessment_run_4.yaml.bak | 31 ------- .../aws_inspector_assessment_run_5.yaml.bak | 25 ------ .../aws_inspector_assessment_run_6.yaml.bak | 31 ------- ...ws_inspector_assessment_run_6.yaml.bak.bak | 31 ------- ...aws_inspector_assessment_target_1.yaml.bak | 29 ------- ...aws_inspector_assessment_target_2.yaml.bak | 31 ------- ...inspector_assessment_target_2.yaml.bak.bak | 31 ------- ...aws_inspector_assessment_target_3.yaml.bak | 31 ------- ...s_inspector_assessment_template_1.yaml.bak | 29 ------- ...s_inspector_assessment_template_2.yaml.bak | 32 -------- ...s_inspector_assessment_template_3.yaml.bak | 30 ------- ...s_inspector_assessment_template_4.yaml.bak | 30 ------- ...s_inspector_assessment_template_5.yaml.bak | 30 ------- ...s_inspector_assessment_template_6.yaml.bak | 32 -------- queries/aws_inspector_exclusion_1.yaml.bak | 28 ------- .../aws_inspector_exclusion_1.yaml.bak.bak | 28 ------- queries/aws_inspector_exclusion_2.yaml.bak | 30 ------- queries/aws_inspector_exclusion_3.yaml.bak | 24 ------ queries/aws_inspector_exclusion_4.yaml.bak | 31 ------- queries/aws_inspector_exclusion_5.yaml.bak | 31 ------- queries/aws_inspector_finding_1.yaml.bak | 29 ------- queries/aws_inspector_finding_10.yaml.bak | 31 ------- queries/aws_inspector_finding_2.yaml.bak | 31 ------- queries/aws_inspector_finding_3.yaml.bak | 27 ------- queries/aws_inspector_finding_4.yaml.bak | 27 ------- queries/aws_inspector_finding_5.yaml.bak | 26 ------ queries/aws_inspector_finding_5.yaml.bak.bak | 26 ------ queries/aws_inspector_finding_6.yaml.bak | 29 ------- queries/aws_inspector_finding_7.yaml.bak | 37 --------- queries/aws_inspector_finding_8.yaml.bak | 26 ------ queries/aws_inspector_finding_9.yaml.bak | 31 ------- queries/aws_iot_fleet_metric_1.yaml.bak | 28 ------- queries/aws_iot_fleet_metric_1.yaml.bak.bak | 28 ------- queries/aws_iot_fleet_metric_2.yaml.bak | 28 ------- queries/aws_iot_fleet_metric_3.yaml.bak | 31 ------- queries/aws_iot_thing_1.yaml.bak | 26 ------ queries/aws_iot_thing_2.yaml.bak | 28 ------- queries/aws_iot_thing_3.yaml.bak | 28 ------- queries/aws_iot_thing_group_1.yaml.bak | 29 ------- queries/aws_iot_thing_group_2.yaml.bak | 28 ------- queries/aws_iot_thing_group_3.yaml.bak | 30 ------- queries/aws_iot_thing_group_3.yaml.bak.bak | 30 ------- queries/aws_iot_thing_group_4.yaml.bak | 30 ------- queries/aws_iot_thing_type_1.yaml.bak | 26 ------ queries/aws_iot_thing_type_2.yaml.bak | 31 ------- queries/aws_iot_thing_type_3.yaml.bak | 30 ------- queries/aws_iot_thing_type_4.yaml.bak | 31 ------- queries/aws_kinesis_consumer_1.yaml.bak | 25 ------ queries/aws_kinesis_consumer_2.yaml.bak | 28 ------- ...inesis_firehose_delivery_stream_1.yaml.bak | 25 ------ ...inesis_firehose_delivery_stream_2.yaml.bak | 30 ------- ...inesis_firehose_delivery_stream_3.yaml.bak | 31 ------- ...inesis_firehose_delivery_stream_4.yaml.bak | 30 ------- ...inesis_firehose_delivery_stream_5.yaml.bak | 30 ------- ...is_firehose_delivery_stream_5.yaml.bak.bak | 30 ------- queries/aws_kinesis_stream_1.yaml.bak | 29 ------- queries/aws_kinesis_stream_2.yaml.bak | 31 ------- queries/aws_kinesis_stream_3.yaml.bak | 29 ------- queries/aws_kinesis_stream_4.yaml.bak | 29 ------- queries/aws_kinesis_stream_5.yaml.bak | 32 -------- queries/aws_kinesis_video_stream_1.yaml.bak | 28 ------- queries/aws_kinesis_video_stream_2.yaml.bak | 28 ------- queries/aws_kinesis_video_stream_3.yaml.bak | 31 ------- queries/aws_kinesis_video_stream_4.yaml.bak | 31 ------- ..._kinesisanalyticsv2_application_1.yaml.bak | 30 ------- ..._kinesisanalyticsv2_application_2.yaml.bak | 29 ------- ..._kinesisanalyticsv2_application_3.yaml.bak | 29 ------- queries/aws_kms_alias_1.yaml.bak | 28 ------- queries/aws_kms_alias_2.yaml.bak | 30 ------- queries/aws_kms_alias_3.yaml.bak | 32 -------- queries/aws_kms_alias_3.yaml.bak.bak | 32 -------- queries/aws_kms_alias_4.yaml.bak | 29 ------- queries/aws_kms_key_1.yaml.bak | 28 ------- queries/aws_kms_key_2.yaml.bak | 27 ------- queries/aws_kms_key_3.yaml.bak | 28 ------- queries/aws_kms_key_4.yaml.bak | 27 ------- queries/aws_kms_key_5.yaml.bak | 27 ------- queries/aws_kms_key_rotation_1.yaml.bak | 27 ------- queries/aws_kms_key_rotation_2.yaml.bak | 28 ------- queries/aws_kms_key_rotation_3.yaml.bak | 32 -------- queries/aws_kms_key_rotation_3.yaml.bak.bak | 32 -------- queries/aws_kms_key_rotation_4.yaml.bak | 29 ------- queries/aws_lambda_alias_1.yaml.bak | 24 ------ queries/aws_lambda_alias_2.yaml.bak | 25 ------ queries/aws_lambda_alias_3.yaml.bak | 25 ------ queries/aws_lambda_alias_4.yaml.bak | 26 ------ queries/aws_lambda_alias_4.yaml.bak.bak | 26 ------ ...aws_lambda_event_source_mapping_1.yaml.bak | 28 ------- ...aws_lambda_event_source_mapping_2.yaml.bak | 27 ------- ...aws_lambda_event_source_mapping_3.yaml.bak | 23 ------ ...aws_lambda_event_source_mapping_4.yaml.bak | 26 ------ ...aws_lambda_event_source_mapping_5.yaml.bak | 24 ------ ...aws_lambda_event_source_mapping_6.yaml.bak | 27 ------- ...aws_lambda_event_source_mapping_7.yaml.bak | 29 ------- ...aws_lambda_event_source_mapping_8.yaml.bak | 29 ------- queries/aws_lambda_function_1.yaml.bak | 27 ------- queries/aws_lambda_function_1.yaml.bak.bak | 27 ------- queries/aws_lambda_function_10.yaml.bak | 26 ------ queries/aws_lambda_function_2.yaml.bak | 25 ------ queries/aws_lambda_function_3.yaml.bak | 27 ------- queries/aws_lambda_function_4.yaml.bak | 32 -------- queries/aws_lambda_function_5.yaml.bak | 33 -------- queries/aws_lambda_function_6.yaml.bak | 40 --------- queries/aws_lambda_function_7.yaml.bak | 25 ------ queries/aws_lambda_function_8.yaml.bak | 25 ------ queries/aws_lambda_function_9.yaml.bak | 26 ------ ..._function_metric_duration_daily_1.yaml.bak | 30 ------- ..._function_metric_duration_daily_2.yaml.bak | 31 ------- ..._function_metric_duration_daily_3.yaml.bak | 31 ------- ...da_function_metric_errors_daily_1.yaml.bak | 30 ------- ...da_function_metric_errors_daily_2.yaml.bak | 31 ------- ...nction_metric_invocations_daily_1.yaml.bak | 27 ------- ...on_metric_invocations_daily_1.yaml.bak.bak | 27 ------- ...nction_metric_invocations_daily_2.yaml.bak | 31 ------- queries/aws_lambda_layer_1.yaml.bak | 30 ------- queries/aws_lambda_layer_1.yaml.bak.bak | 30 ------- queries/aws_lambda_layer_version_1.yaml.bak | 28 ------- queries/aws_lambda_version_1.yaml.bak | 27 ------- queries/aws_lambda_version_1.yaml.bak.bak | 27 ------- queries/aws_lambda_version_2.yaml.bak | 26 ------ queries/aws_lambda_version_3.yaml.bak | 26 ------ queries/aws_lambda_version_4.yaml.bak | 25 ------ queries/aws_lightsail_bucket_1.yaml.bak | 25 ------ queries/aws_lightsail_bucket_2.yaml.bak | 27 ------- queries/aws_lightsail_bucket_2.yaml.bak.bak | 27 ------- queries/aws_lightsail_bucket_3.yaml.bak | 26 ------ queries/aws_lightsail_bucket_4.yaml.bak | 25 ------ queries/aws_lightsail_bucket_5.yaml.bak | 25 ------ queries/aws_lightsail_bucket_6.yaml.bak | 25 ------ queries/aws_lightsail_bucket_7.yaml.bak | 27 ------- queries/aws_lightsail_instance_1.yaml.bak | 29 ------- queries/aws_lightsail_instance_2.yaml.bak | 28 ------- queries/aws_lightsail_instance_3.yaml.bak | 29 ------- queries/aws_lightsail_instance_4.yaml.bak | 25 ------ queries/aws_lightsail_instance_5.yaml.bak | 24 ------ .../aws_macie2_classification_job_1.yaml.bak | 26 ------ .../aws_macie2_classification_job_2.yaml.bak | 27 ------- .../aws_macie2_classification_job_3.yaml.bak | 28 ------- .../aws_macie2_classification_job_4.yaml.bak | 25 ------ queries/aws_media_store_container_1.yaml.bak | 29 ------- queries/aws_media_store_container_2.yaml.bak | 29 ------- queries/aws_media_store_container_3.yaml.bak | 24 ------ queries/aws_media_store_container_4.yaml.bak | 28 ------- queries/aws_memorydb_cluster_1.yaml.bak | 29 ------- queries/aws_memorydb_cluster_2.yaml.bak | 28 ------- queries/aws_memorydb_cluster_2.yaml.bak.bak | 28 ------- queries/aws_memorydb_cluster_3.yaml.bak | 26 ------ queries/aws_memorydb_cluster_4.yaml.bak | 26 ------ queries/aws_memorydb_cluster_5.yaml.bak | 26 ------ queries/aws_memorydb_cluster_6.yaml.bak | 28 ------- queries/aws_memorydb_cluster_7.yaml.bak | 25 ------ queries/aws_memorydb_cluster_8.yaml.bak | 28 ------- queries/aws_memorydb_cluster_9.yaml.bak | 27 ------- queries/aws_mgn_application_1.yaml.bak | 28 ------- queries/aws_mgn_application_1.yaml.bak.bak | 28 ------- queries/aws_mgn_application_2.yaml.bak | 30 ------- queries/aws_mgn_application_3.yaml.bak | 28 ------- queries/aws_mgn_application_4.yaml.bak | 30 ------- queries/aws_mq_broker_1.yaml.bak | 32 -------- queries/aws_mq_broker_2.yaml.bak | 31 ------- queries/aws_mq_broker_3.yaml.bak | 27 ------- queries/aws_mq_broker_4.yaml.bak | 27 ------- queries/aws_mq_broker_5.yaml.bak | 26 ------ queries/aws_msk_cluster_1.yaml.bak | 29 ------- queries/aws_msk_cluster_2.yaml.bak | 27 ------- queries/aws_msk_cluster_2.yaml.bak.bak | 27 ------- queries/aws_msk_cluster_3.yaml.bak | 29 ------- queries/aws_msk_cluster_4.yaml.bak | 29 ------- queries/aws_msk_cluster_5.yaml.bak | 27 ------- queries/aws_msk_cluster_6.yaml.bak | 27 ------- queries/aws_msk_cluster_7.yaml.bak | 22 ----- queries/aws_msk_serverless_cluster_1.yaml.bak | 31 ------- queries/aws_msk_serverless_cluster_2.yaml.bak | 27 ------- queries/aws_msk_serverless_cluster_3.yaml.bak | 31 ------- queries/aws_msk_serverless_cluster_4.yaml.bak | 29 ------- queries/aws_msk_serverless_cluster_5.yaml.bak | 29 ------- queries/aws_neptune_db_cluster_1.yaml.bak | 28 ------- queries/aws_neptune_db_cluster_2.yaml.bak | 25 ------ queries/aws_neptune_db_cluster_3.yaml.bak | 23 ------ queries/aws_neptune_db_cluster_3.yaml.bak.bak | 23 ------ queries/aws_neptune_db_cluster_4.yaml.bak | 27 ------- ...aws_neptune_db_cluster_snapshot_1.yaml.bak | 26 ------ ...aws_neptune_db_cluster_snapshot_2.yaml.bak | 26 ------ ...aws_neptune_db_cluster_snapshot_3.yaml.bak | 27 ------- ...aws_neptune_db_cluster_snapshot_4.yaml.bak | 27 ------- .../aws_networkfirewall_firewall_1.yaml.bak | 32 -------- .../aws_networkfirewall_firewall_2.yaml.bak | 29 ------- .../aws_networkfirewall_firewall_3.yaml.bak | 29 ------- .../aws_networkfirewall_firewall_4.yaml.bak | 29 ------- .../aws_networkfirewall_firewall_5.yaml.bak | 29 ------- .../aws_networkfirewall_firewall_6.yaml.bak | 36 --------- .../aws_networkfirewall_firewall_7.yaml.bak | 32 -------- .../aws_networkfirewall_firewall_8.yaml.bak | 29 ------- ...networkfirewall_firewall_policy_1.yaml.bak | 29 ------- ...networkfirewall_firewall_policy_2.yaml.bak | 28 ------- ...networkfirewall_firewall_policy_3.yaml.bak | 29 ------- ...networkfirewall_firewall_policy_4.yaml.bak | 28 ------- ...networkfirewall_firewall_policy_5.yaml.bak | 28 ------- ...orkfirewall_firewall_policy_5.yaml.bak.bak | 28 ------- ...networkfirewall_firewall_policy_6.yaml.bak | 26 ------ ...networkfirewall_firewall_policy_7.yaml.bak | 26 ------ .../aws_networkfirewall_rule_group_1.yaml.bak | 27 ------- .../aws_networkfirewall_rule_group_2.yaml.bak | 27 ------- .../aws_networkfirewall_rule_group_3.yaml.bak | 30 ------- .../aws_networkfirewall_rule_group_4.yaml.bak | 29 ------- .../aws_networkfirewall_rule_group_5.yaml.bak | 27 ------- queries/aws_oam_link_1.yaml.bak | 28 ------- queries/aws_oam_link_2.yaml.bak | 26 ------ queries/aws_oam_link_3.yaml.bak | 29 ------- queries/aws_oam_sink_1.yaml.bak | 28 ------- queries/aws_oam_sink_1.yaml.bak.bak | 28 ------- queries/aws_oam_sink_2.yaml.bak | 28 ------- queries/aws_opensearch_domain_1.yaml.bak | 26 ------ queries/aws_opensearch_domain_2.yaml.bak | 29 ------- queries/aws_opensearch_domain_3.yaml.bak | 30 ------- queries/aws_opensearch_domain_4.yaml.bak | 32 -------- queries/aws_opensearch_domain_5.yaml.bak | 27 ------- queries/aws_opensearch_domain_6.yaml.bak | 30 ------- queries/aws_opensearch_domain_6.yaml.bak.bak | 30 ------- queries/aws_opensearch_domain_7.yaml.bak | 26 ------ queries/aws_opensearch_domain_8.yaml.bak | 25 ------ queries/aws_organizations_account_1.yaml.bak | 29 ------- queries/aws_organizations_account_2.yaml.bak | 32 -------- ...ganizations_organizational_unit_1.yaml.bak | 27 ------- ...ganizations_organizational_unit_2.yaml.bak | 27 ------- ...ganizations_organizational_unit_3.yaml.bak | 27 ------- ...ganizations_organizational_unit_4.yaml.bak | 27 ------- ...ganizations_organizational_unit_5.yaml.bak | 35 -------- ...zations_organizational_unit_5.yaml.bak.bak | 35 -------- ...ganizations_organizational_unit_6.yaml.bak | 27 ------- queries/aws_organizations_policy_1.yaml.bak | 30 ------- queries/aws_organizations_policy_2.yaml.bak | 31 ------- queries/aws_organizations_policy_3.yaml.bak | 30 ------- queries/aws_organizations_policy_4.yaml.bak | 29 ------- ...aws_organizations_policy_target_1.yaml.bak | 31 ------- ...aws_organizations_policy_target_2.yaml.bak | 32 -------- ...aws_organizations_policy_target_3.yaml.bak | 31 ------- ...aws_organizations_policy_target_4.yaml.bak | 28 ------- ...organizations_policy_target_4.yaml.bak.bak | 28 ------- queries/aws_organizations_root_1.yaml.bak | 24 ------ queries/aws_organizations_root_2.yaml.bak | 28 ------- queries/aws_pinpoint_app_1.yaml.bak | 27 ------- queries/aws_pinpoint_app_2.yaml.bak | 24 ------ queries/aws_pinpoint_app_3.yaml.bak | 25 ------ queries/aws_pinpoint_app_4.yaml.bak | 27 ------- queries/aws_pipes_pipe_1.yaml.bak | 26 ------ queries/aws_pipes_pipe_2.yaml.bak | 31 ------- queries/aws_pipes_pipe_3.yaml.bak | 34 -------- queries/aws_pipes_pipe_4.yaml.bak | 24 ------ queries/aws_pipes_pipe_5.yaml.bak | 29 ------- queries/aws_pipes_pipe_6.yaml.bak | 33 -------- queries/aws_pipes_pipe_6.yaml.bak.bak | 33 -------- queries/aws_pricing_product_1.yaml.bak | 46 ----------- queries/aws_pricing_product_2.yaml.bak | 40 --------- queries/aws_pricing_product_3.yaml.bak | 40 --------- .../aws_pricing_service_attribute_1.yaml.bak | 24 ------ .../aws_pricing_service_attribute_2.yaml.bak | 28 ------- .../aws_pricing_service_attribute_3.yaml.bak | 26 ------ .../aws_ram_principal_association_1.yaml.bak | 27 ------- .../aws_ram_principal_association_2.yaml.bak | 29 ------- .../aws_ram_principal_association_3.yaml.bak | 27 ------- .../aws_ram_resource_association_1.yaml.bak | 25 ------ .../aws_ram_resource_association_2.yaml.bak | 29 ------- .../aws_ram_resource_association_3.yaml.bak | 27 ------- queries/aws_rds_db_cluster_1.yaml.bak | 30 ------- queries/aws_rds_db_cluster_2.yaml.bak | 27 ------- queries/aws_rds_db_cluster_3.yaml.bak | 23 ------ queries/aws_rds_db_cluster_4.yaml.bak | 29 ------- queries/aws_rds_db_cluster_5.yaml.bak | 31 ------- queries/aws_rds_db_cluster_5.yaml.bak.bak | 31 ------- ..._rds_db_cluster_parameter_group_1.yaml.bak | 26 ------ ..._rds_db_cluster_parameter_group_2.yaml.bak | 34 -------- .../aws_rds_db_cluster_snapshot_1.yaml.bak | 29 ------- .../aws_rds_db_cluster_snapshot_2.yaml.bak | 26 ------ .../aws_rds_db_cluster_snapshot_3.yaml.bak | 25 ------ .../aws_rds_db_cluster_snapshot_4.yaml.bak | 28 ------- queries/aws_rds_db_engine_version_1.yaml.bak | 26 ------ queries/aws_rds_db_engine_version_2.yaml.bak | 26 ------ queries/aws_rds_db_engine_version_3.yaml.bak | 28 ------- queries/aws_rds_db_engine_version_4.yaml.bak | 26 ------ queries/aws_rds_db_engine_version_5.yaml.bak | 31 ------- .../aws_rds_db_event_subscription_1.yaml.bak | 28 ------- .../aws_rds_db_event_subscription_2.yaml.bak | 27 ------- queries/aws_rds_db_instance_1.yaml.bak | 26 ------ queries/aws_rds_db_instance_10.yaml.bak | 28 ------- queries/aws_rds_db_instance_11.yaml.bak | 30 ------- queries/aws_rds_db_instance_12.yaml.bak | 31 ------- queries/aws_rds_db_instance_2.yaml.bak | 27 ------- queries/aws_rds_db_instance_3.yaml.bak | 27 ------- queries/aws_rds_db_instance_3.yaml.bak.bak | 27 ------- queries/aws_rds_db_instance_4.yaml.bak | 32 -------- queries/aws_rds_db_instance_5.yaml.bak | 28 ------- queries/aws_rds_db_instance_6.yaml.bak | 27 ------- queries/aws_rds_db_instance_7.yaml.bak | 27 ------- queries/aws_rds_db_instance_8.yaml.bak | 54 ------------- queries/aws_rds_db_instance_9.yaml.bak | 29 ------- ...ds_db_instance_automated_backup_1.yaml.bak | 29 ------- ...ds_db_instance_automated_backup_2.yaml.bak | 32 -------- ...ds_db_instance_automated_backup_3.yaml.bak | 32 -------- ...ds_db_instance_automated_backup_4.yaml.bak | 31 ------- ...ds_db_instance_automated_backup_5.yaml.bak | 32 -------- ...ds_db_instance_automated_backup_6.yaml.bak | 33 -------- ..._db_instance_metric_connections_1.yaml.bak | 32 -------- ..._db_instance_metric_connections_2.yaml.bak | 34 -------- ...stance_metric_connections_daily_1.yaml.bak | 30 ------- ...stance_metric_connections_daily_2.yaml.bak | 32 -------- ...stance_metric_connections_daily_3.yaml.bak | 32 -------- ...tance_metric_connections_hourly_1.yaml.bak | 32 -------- ...tance_metric_connections_hourly_2.yaml.bak | 32 -------- ...instance_metric_cpu_utilization_1.yaml.bak | 30 ------- ...instance_metric_cpu_utilization_2.yaml.bak | 31 ------- ...ce_metric_cpu_utilization_daily_1.yaml.bak | 30 ------- ...ce_metric_cpu_utilization_daily_2.yaml.bak | 31 ------- ...ce_metric_cpu_utilization_daily_3.yaml.bak | 31 ------- ...e_metric_cpu_utilization_hourly_1.yaml.bak | 32 -------- ...e_metric_cpu_utilization_hourly_2.yaml.bak | 31 ------- ...e_metric_cpu_utilization_hourly_3.yaml.bak | 31 ------- ...ds_db_instance_metric_read_iops_1.yaml.bak | 31 ------- ...ds_db_instance_metric_read_iops_2.yaml.bak | 35 -------- ...ds_db_instance_metric_read_iops_3.yaml.bak | 35 -------- ...ds_db_instance_metric_read_iops_4.yaml.bak | 39 --------- ...b_instance_metric_read_iops_4.yaml.bak.bak | 39 --------- ...instance_metric_read_iops_daily_1.yaml.bak | 33 -------- ...instance_metric_read_iops_daily_2.yaml.bak | 33 -------- ...instance_metric_read_iops_daily_3.yaml.bak | 35 -------- ...instance_metric_read_iops_daily_4.yaml.bak | 39 --------- ...nstance_metric_read_iops_hourly_1.yaml.bak | 33 -------- ...nstance_metric_read_iops_hourly_2.yaml.bak | 35 -------- ...nstance_metric_read_iops_hourly_3.yaml.bak | 33 -------- ...nce_metric_read_iops_hourly_3.yaml.bak.bak | 33 -------- ...nstance_metric_read_iops_hourly_4.yaml.bak | 39 --------- ...nstance_metric_read_iops_hourly_5.yaml.bak | 41 ---------- ...s_db_instance_metric_write_iops_1.yaml.bak | 33 -------- ...s_db_instance_metric_write_iops_2.yaml.bak | 33 -------- ..._instance_metric_write_iops_2.yaml.bak.bak | 33 -------- ...s_db_instance_metric_write_iops_3.yaml.bak | 33 -------- ...s_db_instance_metric_write_iops_4.yaml.bak | 39 --------- ...nstance_metric_write_iops_daily_1.yaml.bak | 31 ------- ...nstance_metric_write_iops_daily_2.yaml.bak | 35 -------- ...nstance_metric_write_iops_daily_3.yaml.bak | 33 -------- ...nce_metric_write_iops_daily_3.yaml.bak.bak | 33 -------- ...nstance_metric_write_iops_daily_4.yaml.bak | 39 --------- ...stance_metric_write_iops_hourly_1.yaml.bak | 31 ------- ...stance_metric_write_iops_hourly_2.yaml.bak | 33 -------- ...stance_metric_write_iops_hourly_3.yaml.bak | 33 -------- ...stance_metric_write_iops_hourly_4.yaml.bak | 39 --------- ...stance_metric_write_iops_hourly_5.yaml.bak | 41 ---------- queries/aws_rds_db_option_group_1.yaml.bak | 26 ------ queries/aws_rds_db_option_group_2.yaml.bak | 27 ------- queries/aws_rds_db_option_group_3.yaml.bak | 30 ------- queries/aws_rds_db_parameter_group_1.yaml.bak | 26 ------ queries/aws_rds_db_parameter_group_2.yaml.bak | 34 -------- queries/aws_rds_db_proxy_1.yaml.bak | 24 ------ queries/aws_rds_db_proxy_2.yaml.bak | 29 ------- queries/aws_rds_db_recommendation_1.yaml.bak | 28 ------- queries/aws_rds_db_recommendation_2.yaml.bak | 29 ------- .../aws_rds_db_recommendation_2.yaml.bak.bak | 29 ------- queries/aws_rds_db_recommendation_3.yaml.bak | 25 ------ queries/aws_rds_db_recommendation_4.yaml.bak | 27 ------- queries/aws_rds_db_recommendation_5.yaml.bak | 27 ------- queries/aws_rds_db_recommendation_6.yaml.bak | 28 ------- queries/aws_rds_db_recommendation_7.yaml.bak | 34 -------- queries/aws_rds_db_snapshot_1.yaml.bak | 27 ------- queries/aws_rds_db_snapshot_2.yaml.bak | 25 ------ queries/aws_rds_db_snapshot_3.yaml.bak | 27 ------- queries/aws_rds_db_snapshot_4.yaml.bak | 27 ------- queries/aws_rds_db_subnet_group_1.yaml.bak | 26 ------ queries/aws_rds_db_subnet_group_2.yaml.bak | 27 ------- queries/aws_rds_db_subnet_group_3.yaml.bak | 25 ------ .../aws_rds_reserved_db_instance_1.yaml.bak | 28 ------- ...ws_rds_reserved_db_instance_1.yaml.bak.bak | 28 ------- .../aws_rds_reserved_db_instance_2.yaml.bak | 30 ------- .../aws_rds_reserved_db_instance_3.yaml.bak | 30 ------- .../aws_rds_reserved_db_instance_4.yaml.bak | 30 ------- .../aws_rds_reserved_db_instance_5.yaml.bak | 31 ------- .../aws_rds_reserved_db_instance_6.yaml.bak | 31 ------- queries/aws_redshift_cluster_1.yaml.bak | 27 ------- queries/aws_redshift_cluster_2.yaml.bak | 29 ------- queries/aws_redshift_cluster_2.yaml.bak.bak | 29 ------- queries/aws_redshift_cluster_3.yaml.bak | 29 ------- queries/aws_redshift_cluster_4.yaml.bak | 29 ------- queries/aws_redshift_cluster_5.yaml.bak | 25 ------ ...er_metric_cpu_utilization_daily_1.yaml.bak | 30 ------- ...er_metric_cpu_utilization_daily_2.yaml.bak | 31 ------- ...er_metric_cpu_utilization_daily_3.yaml.bak | 31 ------- ...aws_redshift_event_subscription_1.yaml.bak | 28 ------- ...aws_redshift_event_subscription_2.yaml.bak | 29 ------- ...redshift_event_subscription_2.yaml.bak.bak | 29 ------- ...aws_redshift_event_subscription_3.yaml.bak | 26 ------ ...aws_redshift_event_subscription_4.yaml.bak | 28 ------- .../aws_redshift_parameter_group_1.yaml.bak | 26 ------ .../aws_redshift_parameter_group_2.yaml.bak | 35 -------- queries/aws_redshift_snapshot_1.yaml.bak | 25 ------ queries/aws_redshift_snapshot_2.yaml.bak | 25 ------ queries/aws_redshift_snapshot_3.yaml.bak | 28 ------- queries/aws_redshift_snapshot_4.yaml.bak | 27 ------- queries/aws_redshift_snapshot_5.yaml.bak | 25 ------ queries/aws_redshift_snapshot_6.yaml.bak | 25 ------ queries/aws_redshift_subnet_group_1.yaml.bak | 25 ------ queries/aws_redshift_subnet_group_2.yaml.bak | 29 ------- queries/aws_redshift_subnet_group_3.yaml.bak | 25 ------ ...ws_redshiftserverless_namespace_1.yaml.bak | 30 ------- ...ws_redshiftserverless_namespace_2.yaml.bak | 32 -------- ...ws_redshiftserverless_namespace_3.yaml.bak | 32 -------- ...ws_redshiftserverless_namespace_4.yaml.bak | 28 ------- ...ws_redshiftserverless_workgroup_1.yaml.bak | 30 ------- ...ws_redshiftserverless_workgroup_2.yaml.bak | 32 -------- ...ws_redshiftserverless_workgroup_3.yaml.bak | 30 ------- ...ws_redshiftserverless_workgroup_4.yaml.bak | 24 ------ ...ws_redshiftserverless_workgroup_5.yaml.bak | 27 ------- ...ws_redshiftserverless_workgroup_6.yaml.bak | 27 ------- queries/aws_region_1.yaml.bak | 23 ------ queries/aws_region_2.yaml.bak | 27 ------- .../aws_resource_explorer_index_1.yaml.bak | 24 ------ .../aws_resource_explorer_index_2.yaml.bak | 28 ------- .../aws_resource_explorer_search_1.yaml.bak | 28 ------- .../aws_resource_explorer_search_2.yaml.bak | 30 ------- .../aws_resource_explorer_search_3.yaml.bak | 28 ------- .../aws_resource_explorer_search_4.yaml.bak | 30 ------- .../aws_resource_explorer_search_5.yaml.bak | 30 ------- .../aws_resource_explorer_search_6.yaml.bak | 28 ------- ...ws_resource_explorer_search_6.yaml.bak.bak | 28 ------- .../aws_resource_explorer_search_7.yaml.bak | 30 ------- .../aws_resource_explorer_search_8.yaml.bak | 28 ------- ...xplorer_supported_resource_type_1.yaml.bak | 25 ------ ...xplorer_supported_resource_type_2.yaml.bak | 27 ------- queries/aws_route53_domain_1.yaml.bak | 24 ------ queries/aws_route53_domain_2.yaml.bak | 28 ------- queries/aws_route53_domain_3.yaml.bak | 26 ------ queries/aws_route53_health_check_1.yaml.bak | 25 ------ queries/aws_route53_health_check_2.yaml.bak | 32 -------- queries/aws_route53_health_check_3.yaml.bak | 29 ------- queries/aws_route53_health_check_4.yaml.bak | 26 ------ queries/aws_route53_health_check_5.yaml.bak | 28 ------- .../aws_route53_health_check_5.yaml.bak.bak | 28 ------- queries/aws_route53_health_check_6.yaml.bak | 31 ------- queries/aws_route53_health_check_7.yaml.bak | 33 -------- queries/aws_route53_query_log_1.yaml.bak | 28 ------- queries/aws_route53_query_log_2.yaml.bak | 30 ------- queries/aws_route53_query_log_3.yaml.bak | 27 ------- queries/aws_route53_record_1.yaml.bak | 27 ------- queries/aws_route53_record_2.yaml.bak | 29 ------- queries/aws_route53_record_3.yaml.bak | 27 ------- queries/aws_route53_record_4.yaml.bak | 30 ------- queries/aws_route53_record_5.yaml.bak | 27 ------- queries/aws_route53_record_6.yaml.bak | 32 -------- queries/aws_route53_record_7.yaml.bak | 30 ------- .../aws_route53_resolver_endpoint_1.yaml.bak | 26 ------ .../aws_route53_resolver_endpoint_2.yaml.bak | 28 ------- .../aws_route53_resolver_endpoint_3.yaml.bak | 28 ------- .../aws_route53_resolver_endpoint_4.yaml.bak | 26 ------ ...ute53_resolver_query_log_config_1.yaml.bak | 27 ------- ...ute53_resolver_query_log_config_2.yaml.bak | 34 -------- ...ute53_resolver_query_log_config_3.yaml.bak | 27 ------- ...ute53_resolver_query_log_config_4.yaml.bak | 27 ------- ...ute53_resolver_query_log_config_5.yaml.bak | 28 ------- ...3_resolver_query_log_config_5.yaml.bak.bak | 28 ------- queries/aws_route53_resolver_rule_1.yaml.bak | 27 ------- queries/aws_route53_resolver_rule_2.yaml.bak | 29 ------- queries/aws_route53_resolver_rule_3.yaml.bak | 25 ------ queries/aws_route53_resolver_rule_4.yaml.bak | 29 ------- queries/aws_route53_traffic_policy_1.yaml.bak | 26 ------ queries/aws_route53_traffic_policy_2.yaml.bak | 35 -------- queries/aws_route53_traffic_policy_3.yaml.bak | 25 ------ ...route53_traffic_policy_instance_1.yaml.bak | 26 ------ ...route53_traffic_policy_instance_2.yaml.bak | 28 ------- ...route53_traffic_policy_instance_3.yaml.bak | 30 ------- ...route53_traffic_policy_instance_4.yaml.bak | 30 ------- ...3_vpc_association_authorization_1.yaml.bak | 26 ------ ...3_vpc_association_authorization_2.yaml.bak | 28 ------- ...3_vpc_association_authorization_3.yaml.bak | 30 ------- queries/aws_route53_zone_1.yaml.bak | 25 ------ queries/aws_route53_zone_2.yaml.bak | 28 ------- queries/aws_route53_zone_3.yaml.bak | 30 ------- queries/aws_route53_zone_3.yaml.bak.bak | 30 ------- queries/aws_route53_zone_4.yaml.bak | 27 ------- queries/aws_route53_zone_5.yaml.bak | 26 ------ queries/aws_route53_zone_6.yaml.bak | 31 ------- queries/aws_s3_access_point_1.yaml.bak | 24 ------ queries/aws_s3_access_point_1.yaml.bak.bak | 24 ------ queries/aws_s3_access_point_2.yaml.bak | 28 ------- queries/aws_s3_access_point_3.yaml.bak | 33 -------- queries/aws_s3_access_point_4.yaml.bak | 27 ------- queries/aws_s3_access_point_5.yaml.bak | 25 ------ queries/aws_s3_bucket_1.yaml.bak | 27 ------- queries/aws_s3_bucket_10.yaml.bak | 38 --------- queries/aws_s3_bucket_11.yaml.bak | 27 ------- queries/aws_s3_bucket_12.yaml.bak | 27 ------- queries/aws_s3_bucket_13.yaml.bak | 26 ------ queries/aws_s3_bucket_2.yaml.bak | 29 ------- queries/aws_s3_bucket_3.yaml.bak | 29 ------- queries/aws_s3_bucket_4.yaml.bak | 33 -------- queries/aws_s3_bucket_5.yaml.bak | 27 ------- queries/aws_s3_bucket_6.yaml.bak | 27 ------- queries/aws_s3_bucket_6.yaml.bak.bak | 27 ------- queries/aws_s3_bucket_7.yaml.bak | 27 ------- queries/aws_s3_bucket_8.yaml.bak | 39 --------- queries/aws_s3_bucket_9.yaml.bak | 41 ---------- ...telligent_tiering_configuration_1.yaml.bak | 27 ------- ...telligent_tiering_configuration_2.yaml.bak | 45 ----------- ...telligent_tiering_configuration_3.yaml.bak | 29 ------- ...telligent_tiering_configuration_4.yaml.bak | 29 ------- ...telligent_tiering_configuration_5.yaml.bak | 26 ------ ...ws_s3_multi_region_access_point_1.yaml.bak | 26 ------ ...ws_s3_multi_region_access_point_2.yaml.bak | 31 ------- ...ws_s3_multi_region_access_point_3.yaml.bak | 24 ------ ...ws_s3_multi_region_access_point_4.yaml.bak | 26 ------ ...3_multi_region_access_point_4.yaml.bak.bak | 26 ------ ...ws_s3_multi_region_access_point_5.yaml.bak | 32 -------- queries/aws_s3_object_1.yaml.bak | 31 ------- queries/aws_s3_object_10.yaml.bak | 27 ------- queries/aws_s3_object_10.yaml.bak.bak | 27 ------- queries/aws_s3_object_11.yaml.bak | 32 -------- queries/aws_s3_object_12.yaml.bak | 41 ---------- queries/aws_s3_object_13.yaml.bak | 31 ------- queries/aws_s3_object_2.yaml.bak | 30 ------- queries/aws_s3_object_3.yaml.bak | 30 ------- queries/aws_s3_object_4.yaml.bak | 30 ------- queries/aws_s3_object_4.yaml.bak.bak | 30 ------- queries/aws_s3_object_5.yaml.bak | 30 ------- queries/aws_s3_object_6.yaml.bak | 31 ------- queries/aws_s3_object_7.yaml.bak | 29 ------- queries/aws_s3_object_8.yaml.bak | 29 ------- queries/aws_s3_object_8.yaml.bak.bak | 29 ------- queries/aws_s3_object_9.yaml.bak | 33 -------- queries/aws_s3_object_version_1.yaml.bak | 29 ------- queries/aws_s3_object_version_2.yaml.bak | 33 -------- queries/aws_s3_object_version_3.yaml.bak | 19 ----- queries/aws_sagemaker_app_1.yaml.bak | 25 ------ queries/aws_sagemaker_app_2.yaml.bak | 30 ------- queries/aws_sagemaker_domain_1.yaml.bak | 25 ------ queries/aws_sagemaker_domain_2.yaml.bak | 29 ------- queries/aws_sagemaker_domain_3.yaml.bak | 29 ------- ...agemaker_endpoint_configuration_1.yaml.bak | 27 ------- ...agemaker_endpoint_configuration_2.yaml.bak | 28 ------- queries/aws_sagemaker_model_1.yaml.bak | 25 ------ queries/aws_sagemaker_model_2.yaml.bak | 27 ------- ...aws_sagemaker_notebook_instance_1.yaml.bak | 28 ------- ...aws_sagemaker_notebook_instance_2.yaml.bak | 27 ------- ...aws_sagemaker_notebook_instance_3.yaml.bak | 27 ------- ...aws_sagemaker_notebook_instance_4.yaml.bak | 27 ------- queries/aws_sagemaker_training_job_1.yaml.bak | 26 ------ queries/aws_sagemaker_training_job_2.yaml.bak | 29 ------- queries/aws_sagemaker_training_job_3.yaml.bak | 29 ------- .../aws_sagemaker_training_job_3.yaml.bak.bak | 29 ------- queries/aws_secretsmanager_secret_1.yaml.bak | 25 ------ queries/aws_secretsmanager_secret_2.yaml.bak | 31 ------- queries/aws_secretsmanager_secret_3.yaml.bak | 28 ------- queries/aws_secretsmanager_secret_4.yaml.bak | 31 ------- queries/aws_secretsmanager_secret_5.yaml.bak | 26 ------ .../aws_securityhub_action_target_1.yaml.bak | 24 ------ .../aws_securityhub_action_target_2.yaml.bak | 28 ------- ...ub_enabled_product_subscription_1.yaml.bak | 26 ------ ...nabled_product_subscription_1.yaml.bak.bak | 26 ------ ...ub_enabled_product_subscription_2.yaml.bak | 31 ------- queries/aws_securityhub_finding_1.yaml.bak | 31 ------- queries/aws_securityhub_finding_10.yaml.bak | 30 ------- .../aws_securityhub_finding_10.yaml.bak.bak | 30 ------- queries/aws_securityhub_finding_11.yaml.bak | 33 -------- queries/aws_securityhub_finding_12.yaml.bak | 40 --------- queries/aws_securityhub_finding_13.yaml.bak | 39 --------- queries/aws_securityhub_finding_14.yaml.bak | 43 ---------- queries/aws_securityhub_finding_15.yaml.bak | 30 ------- queries/aws_securityhub_finding_16.yaml.bak | 33 -------- queries/aws_securityhub_finding_17.yaml.bak | 34 -------- queries/aws_securityhub_finding_18.yaml.bak | 35 -------- queries/aws_securityhub_finding_19.yaml.bak | 31 ------- queries/aws_securityhub_finding_2.yaml.bak | 27 ------- queries/aws_securityhub_finding_20.yaml.bak | 30 ------- queries/aws_securityhub_finding_21.yaml.bak | 30 ------- queries/aws_securityhub_finding_22.yaml.bak | 29 ------- queries/aws_securityhub_finding_3.yaml.bak | 29 ------- queries/aws_securityhub_finding_4.yaml.bak | 32 -------- queries/aws_securityhub_finding_5.yaml.bak | 29 ------- queries/aws_securityhub_finding_6.yaml.bak | 33 -------- queries/aws_securityhub_finding_7.yaml.bak | 29 ------- queries/aws_securityhub_finding_8.yaml.bak | 30 ------- queries/aws_securityhub_finding_9.yaml.bak | 29 ------- ..._securityhub_finding_aggregator_1.yaml.bak | 26 ------ ..._securityhub_finding_aggregator_2.yaml.bak | 28 ------- ..._securityhub_finding_aggregator_3.yaml.bak | 29 ------- ..._securityhub_finding_aggregator_4.yaml.bak | 31 ------- queries/aws_securityhub_hub_1.yaml.bak | 27 ------- queries/aws_securityhub_hub_2.yaml.bak | 27 ------- queries/aws_securityhub_hub_3.yaml.bak | 29 ------- queries/aws_securityhub_hub_3.yaml.bak.bak | 29 ------- queries/aws_securityhub_insight_1.yaml.bak | 25 ------ queries/aws_securityhub_insight_10.yaml.bak | 28 ------- queries/aws_securityhub_insight_2.yaml.bak | 29 ------- queries/aws_securityhub_insight_3.yaml.bak | 26 ------ queries/aws_securityhub_insight_4.yaml.bak | 24 ------ queries/aws_securityhub_insight_5.yaml.bak | 28 ------- queries/aws_securityhub_insight_6.yaml.bak | 28 ------- queries/aws_securityhub_insight_7.yaml.bak | 28 ------- queries/aws_securityhub_insight_8.yaml.bak | 26 ------ queries/aws_securityhub_insight_9.yaml.bak | 35 -------- queries/aws_securityhub_member_1.yaml.bak | 28 ------- queries/aws_securityhub_member_2.yaml.bak | 31 ------- queries/aws_securityhub_member_3.yaml.bak | 30 ------- queries/aws_securityhub_member_4.yaml.bak | 33 -------- queries/aws_securityhub_product_1.yaml.bak | 25 ------ queries/aws_securityhub_product_2.yaml.bak | 26 ------ queries/aws_securityhub_product_3.yaml.bak | 29 ------- ...s_securityhub_standards_control_1.yaml.bak | 26 ------ ...s_securityhub_standards_control_2.yaml.bak | 26 ------ ...s_securityhub_standards_control_3.yaml.bak | 31 ------- ...s_securityhub_standards_control_4.yaml.bak | 28 ------- ...s_securityhub_standards_control_5.yaml.bak | 26 ------ ...s_securityhub_standards_control_6.yaml.bak | 29 ------- ...s_securityhub_standards_control_7.yaml.bak | 32 -------- ...s_securityhub_standards_control_8.yaml.bak | 30 ------- ...urityhub_standards_subscription_1.yaml.bak | 27 ------- ...urityhub_standards_subscription_2.yaml.bak | 28 ------- ...urityhub_standards_subscription_3.yaml.bak | 30 ------- ...urityhub_standards_subscription_4.yaml.bak | 26 ------ queries/aws_securitylake_data_lake_1.yaml.bak | 27 ------- queries/aws_securitylake_data_lake_2.yaml.bak | 32 -------- queries/aws_securitylake_data_lake_3.yaml.bak | 30 ------- queries/aws_securitylake_data_lake_4.yaml.bak | 29 ------- .../aws_securitylake_data_lake_4.yaml.bak.bak | 29 ------- .../aws_securitylake_subscriber_1.yaml.bak | 27 ------- .../aws_securitylake_subscriber_2.yaml.bak | 29 ------- .../aws_securitylake_subscriber_3.yaml.bak | 34 -------- .../aws_securitylake_subscriber_4.yaml.bak | 32 -------- ...aws_securitylake_subscriber_4.yaml.bak.bak | 32 -------- .../aws_securitylake_subscriber_5.yaml.bak | 30 ------- ...plicationrepository_application_1.yaml.bak | 26 ------ ...plicationrepository_application_2.yaml.bak | 29 ------- ...plicationrepository_application_3.yaml.bak | 27 ------- .../aws_service_discovery_instance_1.yaml.bak | 27 ------- .../aws_service_discovery_instance_2.yaml.bak | 28 ------- .../aws_service_discovery_instance_3.yaml.bak | 27 ------- .../aws_service_discovery_instance_4.yaml.bak | 34 -------- .../aws_service_discovery_instance_5.yaml.bak | 34 -------- ..._service_discovery_instance_5.yaml.bak.bak | 34 -------- .../aws_service_discovery_instance_6.yaml.bak | 29 ------- ...aws_service_discovery_namespace_1.yaml.bak | 26 ------ ...aws_service_discovery_namespace_2.yaml.bak | 28 ------- ...aws_service_discovery_namespace_3.yaml.bak | 28 ------- ...aws_service_discovery_namespace_4.yaml.bak | 27 ------- ...aws_service_discovery_namespace_5.yaml.bak | 26 ------ ...aws_service_discovery_namespace_6.yaml.bak | 29 ------- ...aws_service_discovery_namespace_7.yaml.bak | 25 ------ ...service_discovery_namespace_7.yaml.bak.bak | 25 ------ .../aws_service_discovery_service_1.yaml.bak | 26 ------ .../aws_service_discovery_service_2.yaml.bak | 28 ------- .../aws_service_discovery_service_3.yaml.bak | 28 ------- .../aws_service_discovery_service_4.yaml.bak | 27 ------- .../aws_service_discovery_service_5.yaml.bak | 25 ------ .../aws_service_discovery_service_6.yaml.bak | 28 ------- .../aws_service_discovery_service_7.yaml.bak | 24 ------ .../aws_service_discovery_service_8.yaml.bak | 30 ------- .../aws_servicecatalog_portfolio_1.yaml.bak | 28 ------- .../aws_servicecatalog_portfolio_2.yaml.bak | 29 ------- .../aws_servicecatalog_portfolio_3.yaml.bak | 29 ------- .../aws_servicecatalog_portfolio_4.yaml.bak | 27 ------- queries/aws_servicecatalog_product_1.yaml.bak | 28 ------- queries/aws_servicecatalog_product_2.yaml.bak | 30 ------- queries/aws_servicecatalog_product_3.yaml.bak | 29 ------- queries/aws_servicecatalog_product_4.yaml.bak | 28 ------- queries/aws_servicecatalog_product_5.yaml.bak | 28 ------- queries/aws_servicecatalog_product_6.yaml.bak | 29 ------- ...vicecatalog_provisioned_product_1.yaml.bak | 31 ------- ...vicecatalog_provisioned_product_2.yaml.bak | 35 -------- ...vicecatalog_provisioned_product_3.yaml.bak | 33 -------- ...vicecatalog_provisioned_product_4.yaml.bak | 34 -------- ...vicecatalog_provisioned_product_5.yaml.bak | 34 -------- ...icequotas_default_service_quota_1.yaml.bak | 27 ------- ...icequotas_default_service_quota_2.yaml.bak | 29 ------- ...icequotas_default_service_quota_3.yaml.bak | 29 ------- queries/aws_servicequotas_service_1.yaml.bak | 23 ------ queries/aws_servicequotas_service_2.yaml.bak | 24 ------ ...aws_servicequotas_service_quota_1.yaml.bak | 29 ------- ...aws_servicequotas_service_quota_2.yaml.bak | 29 ------- ...aws_servicequotas_service_quota_3.yaml.bak | 31 ------- ...as_service_quota_change_request_1.yaml.bak | 27 ------- ...as_service_quota_change_request_2.yaml.bak | 29 ------- ...as_service_quota_change_request_3.yaml.bak | 29 ------- queries/aws_ses_domain_identity_1.yaml.bak | 25 ------ queries/aws_ses_domain_identity_2.yaml.bak | 28 ------- queries/aws_ses_email_identity_1.yaml.bak | 27 ------- queries/aws_ses_email_identity_2.yaml.bak | 28 ------- queries/aws_sfn_state_machine_1.yaml.bak | 28 ------- queries/aws_sfn_state_machine_2.yaml.bak | 28 ------- ...aws_sfn_state_machine_execution_1.yaml.bak | 27 ------- ...aws_sfn_state_machine_execution_2.yaml.bak | 29 ------- ...state_machine_execution_history_1.yaml.bak | 28 ------- ...state_machine_execution_history_2.yaml.bak | 30 ------- .../aws_simspaceweaver_simulation_1.yaml.bak | 29 ------- .../aws_simspaceweaver_simulation_2.yaml.bak | 29 ------- .../aws_simspaceweaver_simulation_3.yaml.bak | 27 ------- .../aws_simspaceweaver_simulation_4.yaml.bak | 25 ------ .../aws_simspaceweaver_simulation_5.yaml.bak | 33 -------- queries/aws_sns_subscription_1.yaml.bak | 25 ------ queries/aws_sns_subscription_2.yaml.bak | 27 ------- queries/aws_sns_subscription_3.yaml.bak | 25 ------ queries/aws_sns_topic_1.yaml.bak | 25 ------ queries/aws_sns_topic_2.yaml.bak | 27 ------- queries/aws_sns_topic_3.yaml.bak | 25 ------ queries/aws_sns_topic_4.yaml.bak | 32 -------- queries/aws_sns_topic_5.yaml.bak | 34 -------- queries/aws_sns_topic_6.yaml.bak | 39 --------- queries/aws_sns_topic_7.yaml.bak | 30 ------- queries/aws_sns_topic_subscription_1.yaml.bak | 25 ------ queries/aws_sns_topic_subscription_2.yaml.bak | 25 ------ queries/aws_sns_topic_subscription_3.yaml.bak | 27 ------- queries/aws_sqs_queue_1.yaml.bak | 27 ------- queries/aws_sqs_queue_10.yaml.bak | 32 -------- queries/aws_sqs_queue_2.yaml.bak | 29 ------- queries/aws_sqs_queue_3.yaml.bak | 28 ------- queries/aws_sqs_queue_4.yaml.bak | 28 ------- queries/aws_sqs_queue_5.yaml.bak | 25 ------ queries/aws_sqs_queue_6.yaml.bak | 27 ------- queries/aws_sqs_queue_7.yaml.bak | 27 ------- queries/aws_sqs_queue_8.yaml.bak | 38 --------- queries/aws_sqs_queue_9.yaml.bak | 34 -------- queries/aws_ssm_association_1.yaml.bak | 31 ------- queries/aws_ssm_association_2.yaml.bak | 27 ------- queries/aws_ssm_association_3.yaml.bak | 29 ------- queries/aws_ssm_association_4.yaml.bak | 29 ------- queries/aws_ssm_document_1.yaml.bak | 29 ------- queries/aws_ssm_document_2.yaml.bak | 29 ------- queries/aws_ssm_document_2.yaml.bak.bak | 29 ------- queries/aws_ssm_document_3.yaml.bak | 31 ------- queries/aws_ssm_document_4.yaml.bak | 27 ------- queries/aws_ssm_document_5.yaml.bak | 30 ------- .../aws_ssm_document_permission_1.yaml.bak | 30 ------- .../aws_ssm_document_permission_2.yaml.bak | 31 ------- queries/aws_ssm_inventory_1.yaml.bak | 27 ------- queries/aws_ssm_inventory_1.yaml.bak.bak | 27 ------- queries/aws_ssm_inventory_2.yaml.bak | 34 -------- queries/aws_ssm_inventory_3.yaml.bak | 29 ------- queries/aws_ssm_inventory_4.yaml.bak | 30 ------- queries/aws_ssm_inventory_5.yaml.bak | 39 --------- queries/aws_ssm_inventory_entry_1.yaml.bak | 28 ------- queries/aws_ssm_inventory_entry_2.yaml.bak | 30 ------- queries/aws_ssm_inventory_entry_3.yaml.bak | 30 ------- queries/aws_ssm_inventory_entry_4.yaml.bak | 31 ------- queries/aws_ssm_inventory_entry_5.yaml.bak | 32 -------- queries/aws_ssm_maintenance_window_1.yaml.bak | 29 ------- queries/aws_ssm_maintenance_window_2.yaml.bak | 28 ------- queries/aws_ssm_maintenance_window_3.yaml.bak | 28 ------- queries/aws_ssm_maintenance_window_4.yaml.bak | 26 ------ .../aws_ssm_maintenance_window_4.yaml.bak.bak | 26 ------ queries/aws_ssm_managed_instance_1.yaml.bak | 29 ------- queries/aws_ssm_managed_instance_2.yaml.bak | 27 ------- .../aws_ssm_managed_instance_2.yaml.bak.bak | 27 ------- queries/aws_ssm_managed_instance_3.yaml.bak | 29 ------- ...ssm_managed_instance_compliance_1.yaml.bak | 31 ------- ...ssm_managed_instance_compliance_2.yaml.bak | 33 -------- ...ssm_managed_instance_compliance_3.yaml.bak | 33 -------- ...ssm_managed_instance_compliance_4.yaml.bak | 29 ------- ...sm_managed_instance_patch_state_1.yaml.bak | 30 ------- ...sm_managed_instance_patch_state_2.yaml.bak | 24 ------ ...sm_managed_instance_patch_state_3.yaml.bak | 26 ------ ...sm_managed_instance_patch_state_4.yaml.bak | 26 ------ ...sm_managed_instance_patch_state_5.yaml.bak | 30 ------- ...sm_managed_instance_patch_state_6.yaml.bak | 28 ------- queries/aws_ssm_parameter_1.yaml.bak | 26 ------ queries/aws_ssm_parameter_2.yaml.bak | 27 ------- queries/aws_ssm_parameter_3.yaml.bak | 25 ------ queries/aws_ssm_patch_baseline_1.yaml.bak | 27 ------- queries/aws_ssm_patch_baseline_2.yaml.bak | 30 ------- queries/aws_ssm_patch_baseline_3.yaml.bak | 32 -------- queries/aws_ssm_patch_baseline_4.yaml.bak | 27 ------- .../aws_ssmincidents_response_plan_1.yaml.bak | 28 ------- .../aws_ssmincidents_response_plan_2.yaml.bak | 32 -------- .../aws_ssmincidents_response_plan_3.yaml.bak | 34 -------- .../aws_ssmincidents_response_plan_4.yaml.bak | 28 ------- .../aws_ssmincidents_response_plan_5.yaml.bak | 30 ------- ...aws_ssoadmin_account_assignment_1.yaml.bak | 30 ------- ...aws_ssoadmin_account_assignment_2.yaml.bak | 55 ------------- queries/aws_ssoadmin_instance_1.yaml.bak | 25 ------ ...admin_managed_policy_attachment_1.yaml.bak | 27 ------- .../aws_ssoadmin_permission_set_1.yaml.bak | 30 ------- queries/aws_sts_caller_identity_1.yaml.bak | 28 ------- queries/aws_sts_caller_identity_2.yaml.bak | 34 -------- queries/aws_sts_caller_identity_3.yaml.bak | 34 -------- queries/aws_tagging_resource_1.yaml.bak | 28 ------- queries/aws_tagging_resource_1.yaml.bak.bak | 28 ------- queries/aws_tagging_resource_2.yaml.bak | 27 ------- .../aws_timestreamwrite_database_1.yaml.bak | 26 ------ .../aws_timestreamwrite_database_2.yaml.bak | 26 ------ .../aws_timestreamwrite_database_3.yaml.bak | 28 ------- ...ws_timestreamwrite_database_3.yaml.bak.bak | 28 ------- .../aws_timestreamwrite_database_4.yaml.bak | 28 ------- .../aws_timestreamwrite_database_5.yaml.bak | 25 ------ queries/aws_timestreamwrite_table_1.yaml.bak | 27 ------- queries/aws_timestreamwrite_table_2.yaml.bak | 26 ------ queries/aws_timestreamwrite_table_3.yaml.bak | 29 ------- queries/aws_timestreamwrite_table_4.yaml.bak | 26 ------ queries/aws_timestreamwrite_table_5.yaml.bak | 28 ------- .../aws_timestreamwrite_table_5.yaml.bak.bak | 28 ------- queries/aws_timestreamwrite_table_6.yaml.bak | 24 ------ queries/aws_transfer_server_1.yaml.bak | 25 ------ queries/aws_transfer_server_2.yaml.bak | 30 ------- queries/aws_transfer_server_3.yaml.bak | 25 ------ queries/aws_transfer_server_4.yaml.bak | 26 ------ queries/aws_transfer_server_4.yaml.bak.bak | 26 ------ queries/aws_transfer_server_5.yaml.bak | 26 ------ queries/aws_transfer_server_6.yaml.bak | 30 ------- queries/aws_transfer_user_1.yaml.bak | 28 ------- queries/aws_transfer_user_2.yaml.bak | 29 ------- queries/aws_transfer_user_3.yaml.bak | 30 ------- queries/aws_transfer_user_4.yaml.bak | 29 ------- ...s_trusted_advisor_check_summary_1.yaml.bak | 36 --------- ...s_trusted_advisor_check_summary_2.yaml.bak | 33 -------- ...s_trusted_advisor_check_summary_3.yaml.bak | 30 ------- ...s_trusted_advisor_check_summary_4.yaml.bak | 33 -------- queries/aws_vpc_1.yaml.bak | 29 ------- queries/aws_vpc_2.yaml.bak | 31 ------- queries/aws_vpc_3.yaml.bak | 31 ------- queries/aws_vpc_customer_gateway_1.yaml.bak | 30 ------- queries/aws_vpc_customer_gateway_2.yaml.bak | 25 ------ queries/aws_vpc_dhcp_options_1.yaml.bak | 29 ------- queries/aws_vpc_dhcp_options_2.yaml.bak | 26 ------ queries/aws_vpc_dhcp_options_3.yaml.bak | 26 ------ ...pc_egress_only_internet_gateway_1.yaml.bak | 29 ------- ...pc_egress_only_internet_gateway_2.yaml.bak | 27 ------- ...gress_only_internet_gateway_2.yaml.bak.bak | 27 ------- ...pc_egress_only_internet_gateway_3.yaml.bak | 29 ------- queries/aws_vpc_eip_1.yaml.bak | 27 ------- queries/aws_vpc_eip_2.yaml.bak | 27 ------- .../aws_vpc_eip_address_transfer_1.yaml.bak | 28 ------- .../aws_vpc_eip_address_transfer_2.yaml.bak | 28 ------- .../aws_vpc_eip_address_transfer_3.yaml.bak | 30 ------- .../aws_vpc_eip_address_transfer_4.yaml.bak | 39 --------- queries/aws_vpc_endpoint_1.yaml.bak | 26 ------ queries/aws_vpc_endpoint_2.yaml.bak | 25 ------ queries/aws_vpc_endpoint_3.yaml.bak | 30 ------- queries/aws_vpc_endpoint_4.yaml.bak | 28 ------- queries/aws_vpc_endpoint_4.yaml.bak.bak | 28 ------- queries/aws_vpc_endpoint_5.yaml.bak | 25 ------ queries/aws_vpc_endpoint_service_1.yaml.bak | 27 ------- queries/aws_vpc_endpoint_service_2.yaml.bak | 25 ------ queries/aws_vpc_endpoint_service_3.yaml.bak | 25 ------ queries/aws_vpc_endpoint_service_4.yaml.bak | 25 ------ queries/aws_vpc_endpoint_service_5.yaml.bak | 26 ------ queries/aws_vpc_endpoint_service_6.yaml.bak | 26 ------ .../aws_vpc_endpoint_service_6.yaml.bak.bak | 26 ------ queries/aws_vpc_endpoint_service_7.yaml.bak | 30 ------- queries/aws_vpc_flow_log_1.yaml.bak | 25 ------ queries/aws_vpc_flow_log_2.yaml.bak | 29 ------- queries/aws_vpc_flow_log_3.yaml.bak | 28 ------- queries/aws_vpc_flow_log_4.yaml.bak | 23 ------ queries/aws_vpc_flow_log_event_1.yaml.bak | 36 --------- queries/aws_vpc_flow_log_event_2.yaml.bak | 40 --------- queries/aws_vpc_flow_log_event_3.yaml.bak | 27 ------- queries/aws_vpc_flow_log_event_4.yaml.bak | 35 -------- queries/aws_vpc_flow_log_event_4.yaml.bak.bak | 35 -------- queries/aws_vpc_flow_log_event_5.yaml.bak | 40 --------- queries/aws_vpc_flow_log_event_6.yaml.bak | 38 --------- queries/aws_vpc_internet_gateway_1.yaml.bak | 25 ------ queries/aws_vpc_internet_gateway_2.yaml.bak | 26 ------ .../aws_vpc_internet_gateway_2.yaml.bak.bak | 26 ------ queries/aws_vpc_nat_gateway_1.yaml.bak | 29 ------- queries/aws_vpc_nat_gateway_2.yaml.bak | 26 ------ queries/aws_vpc_nat_gateway_3.yaml.bak | 27 ------- queries/aws_vpc_nat_gateway_4.yaml.bak | 27 ------- ...metric_bytes_out_to_destination_1.yaml.bak | 32 -------- ...metric_bytes_out_to_destination_2.yaml.bak | 34 -------- queries/aws_vpc_network_acl_1.yaml.bak | 26 ------ queries/aws_vpc_network_acl_2.yaml.bak | 28 ------- queries/aws_vpc_network_acl_3.yaml.bak | 28 ------- queries/aws_vpc_peering_connection_1.yaml.bak | 29 ------- queries/aws_vpc_peering_connection_2.yaml.bak | 30 ------- queries/aws_vpc_peering_connection_3.yaml.bak | 31 ------- queries/aws_vpc_peering_connection_4.yaml.bak | 29 ------- .../aws_vpc_peering_connection_4.yaml.bak.bak | 29 ------- queries/aws_vpc_peering_connection_5.yaml.bak | 33 -------- queries/aws_vpc_peering_connection_6.yaml.bak | 24 ------ queries/aws_vpc_peering_connection_7.yaml.bak | 25 ------ queries/aws_vpc_peering_connection_8.yaml.bak | 28 ------- .../aws_vpc_peering_connection_8.yaml.bak.bak | 28 ------- queries/aws_vpc_peering_connection_9.yaml.bak | 27 ------- queries/aws_vpc_route_1.yaml.bak | 30 ------- queries/aws_vpc_route_2.yaml.bak | 27 ------- queries/aws_vpc_route_3.yaml.bak | 36 --------- queries/aws_vpc_route_table_1.yaml.bak | 25 ------ queries/aws_vpc_route_table_2.yaml.bak | 30 ------- queries/aws_vpc_route_table_2.yaml.bak.bak | 30 ------- queries/aws_vpc_route_table_3.yaml.bak | 37 --------- queries/aws_vpc_security_group_1.yaml.bak | 33 -------- queries/aws_vpc_security_group_2.yaml.bak | 48 ----------- queries/aws_vpc_security_group_2.yaml.bak.bak | 48 ----------- queries/aws_vpc_security_group_3.yaml.bak | 27 ------- queries/aws_vpc_security_group_4.yaml.bak | 27 ------- .../aws_vpc_security_group_rule_1.yaml.bak | 31 ------- .../aws_vpc_security_group_rule_2.yaml.bak | 46 ----------- .../aws_vpc_security_group_rule_3.yaml.bak | 34 -------- queries/aws_vpc_subnet_1.yaml.bak | 30 ------- queries/aws_vpc_subnet_2.yaml.bak | 30 ------- queries/aws_vpc_subnet_3.yaml.bak | 27 ------- queries/aws_vpc_subnet_4.yaml.bak | 27 ------- queries/aws_vpc_subnet_5.yaml.bak | 27 ------- ...ws_vpc_verified_access_endpoint_1.yaml.bak | 31 ------- ...ws_vpc_verified_access_endpoint_2.yaml.bak | 31 ------- ...ws_vpc_verified_access_endpoint_3.yaml.bak | 31 ------- ...ws_vpc_verified_access_endpoint_4.yaml.bak | 32 -------- ...ws_vpc_verified_access_endpoint_5.yaml.bak | 31 ------- ...ws_vpc_verified_access_endpoint_6.yaml.bak | 27 ------- ...pc_verified_access_endpoint_6.yaml.bak.bak | 27 ------- ...ws_vpc_verified_access_endpoint_7.yaml.bak | 32 -------- .../aws_vpc_verified_access_group_1.yaml.bak | 29 ------- .../aws_vpc_verified_access_group_2.yaml.bak | 29 ------- .../aws_vpc_verified_access_group_3.yaml.bak | 30 ------- .../aws_vpc_verified_access_group_4.yaml.bak | 31 ------- ...s_vpc_verified_access_group_4.yaml.bak.bak | 31 ------- ...ws_vpc_verified_access_instance_1.yaml.bak | 28 ------- ...ws_vpc_verified_access_instance_2.yaml.bak | 29 ------- ...ws_vpc_verified_access_instance_3.yaml.bak | 35 -------- ..._verified_access_trust_provider_1.yaml.bak | 27 ------- ..._verified_access_trust_provider_2.yaml.bak | 31 ------- ..._verified_access_trust_provider_3.yaml.bak | 30 ------- queries/aws_vpc_vpn_connection_1.yaml.bak | 29 ------- queries/aws_vpc_vpn_connection_2.yaml.bak | 32 -------- queries/aws_vpc_vpn_connection_3.yaml.bak | 28 ------- queries/aws_vpc_vpn_gateway_1.yaml.bak | 31 ------- queries/aws_vpc_vpn_gateway_2.yaml.bak | 26 ------ queries/aws_vpc_vpn_gateway_3.yaml.bak | 29 ------- queries/aws_waf_rate_based_rule_1.yaml.bak | 26 ------ queries/aws_waf_rate_based_rule_2.yaml.bak | 31 ------- queries/aws_waf_rule_1.yaml.bak | 24 ------ queries/aws_waf_rule_2.yaml.bak | 27 ------- queries/aws_waf_rule_group_1.yaml.bak | 28 ------- queries/aws_waf_rule_group_1.yaml.bak.bak | 28 ------- queries/aws_waf_rule_group_2.yaml.bak | 30 ------- queries/aws_waf_rule_group_3.yaml.bak | 29 ------- queries/aws_waf_web_acl_1.yaml.bak | 29 ------- queries/aws_waf_web_acl_2.yaml.bak | 33 -------- queries/aws_waf_web_acl_3.yaml.bak | 31 ------- queries/aws_waf_web_acl_4.yaml.bak | 30 ------- queries/aws_waf_web_acl_5.yaml.bak | 27 ------- queries/aws_wafregional_rule_1.yaml.bak | 26 ------ queries/aws_wafregional_rule_1.yaml.bak.bak | 26 ------ queries/aws_wafregional_rule_2.yaml.bak | 27 ------- queries/aws_wafregional_rule_group_1.yaml.bak | 27 ------- queries/aws_wafregional_rule_group_2.yaml.bak | 30 ------- queries/aws_wafregional_rule_group_3.yaml.bak | 27 ------- queries/aws_wafregional_web_acl_1.yaml.bak | 27 ------- queries/aws_wafregional_web_acl_2.yaml.bak | 31 ------- queries/aws_wafregional_web_acl_3.yaml.bak | 29 ------- queries/aws_wafregional_web_acl_4.yaml.bak | 28 ------- queries/aws_wafregional_web_acl_5.yaml.bak | 27 ------- queries/aws_wafv2_ip_set_1.yaml.bak | 31 ------- queries/aws_wafv2_ip_set_2.yaml.bak | 31 ------- queries/aws_wafv2_ip_set_3.yaml.bak | 33 -------- queries/aws_wafv2_ip_set_3.yaml.bak.bak | 33 -------- queries/aws_wafv2_ip_set_4.yaml.bak | 30 ------- .../aws_wafv2_regex_pattern_set_1.yaml.bak | 28 ------- .../aws_wafv2_regex_pattern_set_2.yaml.bak | 32 -------- .../aws_wafv2_regex_pattern_set_3.yaml.bak | 33 -------- queries/aws_wafv2_rule_group_1.yaml.bak | 31 ------- queries/aws_wafv2_rule_group_2.yaml.bak | 34 -------- queries/aws_wafv2_rule_group_3.yaml.bak | 32 -------- queries/aws_wafv2_web_acl_1.yaml.bak | 29 ------- queries/aws_wafv2_web_acl_2.yaml.bak | 25 ------ queries/aws_wafv2_web_acl_3.yaml.bak | 28 ------- queries/aws_wafv2_web_acl_4.yaml.bak | 41 ---------- queries/aws_wafv2_web_acl_5.yaml.bak | 29 ------- queries/aws_wafv2_web_acl_6.yaml.bak | 31 ------- queries/aws_wafv2_web_acl_7.yaml.bak | 32 -------- queries/aws_wellarchitected_answer_1.yaml.bak | 32 -------- queries/aws_wellarchitected_answer_2.yaml.bak | 29 ------- queries/aws_wellarchitected_answer_3.yaml.bak | 34 -------- queries/aws_wellarchitected_answer_4.yaml.bak | 33 -------- queries/aws_wellarchitected_answer_5.yaml.bak | 29 ------- queries/aws_wellarchitected_answer_6.yaml.bak | 36 --------- queries/aws_wellarchitected_answer_7.yaml.bak | 32 -------- ...ws_wellarchitected_check_detail_1.yaml.bak | 30 ------- ...ws_wellarchitected_check_detail_2.yaml.bak | 27 ------- ...ws_wellarchitected_check_detail_3.yaml.bak | 32 -------- ...ws_wellarchitected_check_detail_4.yaml.bak | 32 -------- ...ws_wellarchitected_check_detail_5.yaml.bak | 35 -------- ...ws_wellarchitected_check_detail_6.yaml.bak | 34 -------- ...ellarchitected_check_detail_6.yaml.bak.bak | 34 -------- ...s_wellarchitected_check_summary_1.yaml.bak | 34 -------- ...s_wellarchitected_check_summary_2.yaml.bak | 33 -------- ...s_wellarchitected_check_summary_3.yaml.bak | 31 ------- ...s_wellarchitected_check_summary_4.yaml.bak | 31 ------- ...s_wellarchitected_check_summary_5.yaml.bak | 36 --------- ...architected_consolidated_report_1.yaml.bak | 29 ------- ...architected_consolidated_report_2.yaml.bak | 33 -------- ...itected_consolidated_report_2.yaml.bak.bak | 33 -------- ...architected_consolidated_report_3.yaml.bak | 24 ------ ...architected_consolidated_report_4.yaml.bak | 29 ------- queries/aws_wellarchitected_lens_1.yaml.bak | 27 ------- queries/aws_wellarchitected_lens_2.yaml.bak | 25 ------ queries/aws_wellarchitected_lens_3.yaml.bak | 29 ------- queries/aws_wellarchitected_lens_4.yaml.bak | 28 ------- queries/aws_wellarchitected_lens_5.yaml.bak | 28 ------- .../aws_wellarchitected_lens_5.yaml.bak.bak | 28 ------- queries/aws_wellarchitected_lens_6.yaml.bak | 31 ------- ...aws_wellarchitected_lens_review_1.yaml.bak | 27 ------- ...aws_wellarchitected_lens_review_2.yaml.bak | 27 ------- ...aws_wellarchitected_lens_review_3.yaml.bak | 26 ------ ...aws_wellarchitected_lens_review_4.yaml.bak | 33 -------- ...aws_wellarchitected_lens_review_5.yaml.bak | 30 ------- ...wellarchitected_lens_review_5.yaml.bak.bak | 30 ------- ...aws_wellarchitected_lens_review_6.yaml.bak | 24 ------ ...itected_lens_review_improvement_1.yaml.bak | 30 ------- ...itected_lens_review_improvement_2.yaml.bak | 31 ------- ...itected_lens_review_improvement_3.yaml.bak | 32 -------- ...itected_lens_review_improvement_4.yaml.bak | 27 ------- ...larchitected_lens_review_report_1.yaml.bak | 28 ------- ...larchitected_lens_review_report_2.yaml.bak | 29 ------- ...larchitected_lens_review_report_3.yaml.bak | 30 ------- .../aws_wellarchitected_lens_share_1.yaml.bak | 26 ------ .../aws_wellarchitected_lens_share_2.yaml.bak | 30 ------- .../aws_wellarchitected_lens_share_3.yaml.bak | 29 ------- .../aws_wellarchitected_milestone_1.yaml.bak | 26 ------ .../aws_wellarchitected_milestone_2.yaml.bak | 42 ---------- .../aws_wellarchitected_milestone_3.yaml.bak | 33 -------- .../aws_wellarchitected_milestone_4.yaml.bak | 35 -------- ...ws_wellarchitected_notification_1.yaml.bak | 28 ------- ...ws_wellarchitected_notification_2.yaml.bak | 28 ------- ...ws_wellarchitected_notification_3.yaml.bak | 28 ------- ...ellarchitected_share_invitation_1.yaml.bak | 26 ------ ...ellarchitected_share_invitation_2.yaml.bak | 30 ------- ...ellarchitected_share_invitation_3.yaml.bak | 30 ------- ...ellarchitected_share_invitation_4.yaml.bak | 28 ------- ...ellarchitected_share_invitation_5.yaml.bak | 28 ------- ...ellarchitected_share_invitation_6.yaml.bak | 25 ------ ...rchitected_share_invitation_6.yaml.bak.bak | 25 ------ .../aws_wellarchitected_workload_1.yaml.bak | 28 ------- .../aws_wellarchitected_workload_2.yaml.bak | 28 ------- .../aws_wellarchitected_workload_3.yaml.bak | 26 ------ .../aws_wellarchitected_workload_4.yaml.bak | 26 ------ ...ws_wellarchitected_workload_4.yaml.bak.bak | 26 ------ ..._wellarchitected_workload_share_1.yaml.bak | 27 ------- ..._wellarchitected_workload_share_2.yaml.bak | 31 ------- ..._wellarchitected_workload_share_3.yaml.bak | 29 ------- ...larchitected_workload_share_3.yaml.bak.bak | 29 ------- ..._wellarchitected_workload_share_4.yaml.bak | 31 ------- queries/aws_workspaces_directory_1.yaml.bak | 30 ------- queries/aws_workspaces_directory_2.yaml.bak | 34 -------- queries/aws_workspaces_directory_3.yaml.bak | 30 ------- queries/aws_workspaces_directory_4.yaml.bak | 31 ------- .../aws_workspaces_directory_4.yaml.bak.bak | 31 ------- queries/aws_workspaces_directory_5.yaml.bak | 33 -------- queries/aws_workspaces_directory_6.yaml.bak | 32 -------- queries/aws_workspaces_directory_7.yaml.bak | 30 ------- queries/aws_workspaces_directory_8.yaml.bak | 36 --------- .../aws_workspaces_directory_8.yaml.bak.bak | 36 --------- queries/aws_workspaces_workspace_1.yaml.bak | 25 ------ queries/aws_workspaces_workspace_2.yaml.bak | 27 ------- queries/bulk_update_yaml.sh.bak | 47 ----------- queries/cloud_managed_software.yaml.bak | 36 --------- queries/cloud_networks.yaml.bak | 37 --------- queries/container_workload.yaml.bak | 36 --------- queries/database_workload.yaml.bak | 40 --------- queries/devops.yaml.bak | 38 --------- queries/error_files.log.bak | 26 ------ queries/error_messages.log.bak | 25 ------ queries/keys_and_secrets.yaml.bak | 39 --------- queries/kubernetes_clusters.yaml.bak | 54 ------------- queries/load_balancers.yaml.bak | 40 --------- queries/network_&_file_stores.yaml.bak | 34 -------- queries/object_stores.yaml.bak | 39 --------- queries/processed_files.log.bak | 0 queries/server_workload.yaml.bak | 61 -------------- queries/snapshots_&_backup_media.yaml.bak | 39 --------- 2297 files changed, 67170 deletions(-) delete mode 100755 queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml.bak delete mode 100755 queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml.bak delete mode 100755 queries/11-aws_insight_acm_certificate_expired.yaml.bak delete mode 100755 queries/12-aws_insight_ebs_snapshot_older_than_year.yaml.bak delete mode 100755 queries/13-aws_insight_ec2_classic_load_balancer.yaml.bak delete mode 100755 queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml.bak delete mode 100755 queries/15-aws_insight_elb_application_lb_waf_enabled.yaml.bak delete mode 100755 queries/16-aws_insight_vpc_with_public_cidr.yaml.bak delete mode 100755 queries/17-azure_insight_compute_disk_unattached.yaml.bak delete mode 100755 queries/17-azure_insight_compute_disk_unattached.yaml.bak.bak delete mode 100755 queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml.bak delete mode 100755 queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml.bak delete mode 100755 queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml.bak delete mode 100755 queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml.bak delete mode 100755 queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml.bak delete mode 100755 queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml.bak delete mode 100755 queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml.bak delete mode 100755 queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml.bak delete mode 100755 queries/25-azure_insight_lb_failed.yaml.bak delete mode 100755 queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml.bak delete mode 100755 queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml.bak delete mode 100755 queries/28-azure_insight_virtual_network_with_public_cidr.yaml.bak delete mode 100755 queries/29-azure_insight_storage_account_with_public_blob_access.yaml.bak delete mode 100755 queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak delete mode 100755 queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak.bak delete mode 100755 queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml.bak delete mode 100755 queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak delete mode 100755 queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak.bak delete mode 100755 queries/32-aws_insight_loadbalancer_classic_no_logging.yaml.bak delete mode 100755 queries/33-aws_insight_loadbalancer_application_no_logging.yaml.bak delete mode 100755 queries/34-aws_insight_loadbalancer_network_no_logging.yaml.bak delete mode 100755 queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml.bak delete mode 100755 queries/36-aws_insight_deprecated_eks.yaml.bak delete mode 100755 queries/37-azure_insight_legacy_application_gateway.yaml.bak delete mode 100755 queries/38-azure_insight_legacy_virtual_machine.yaml.bak delete mode 100755 queries/39-aws_insight_legacy_rds_instances.yaml.bak delete mode 100755 queries/4-aws_insight_ebs_volume_unencrypted.yaml.bak delete mode 100755 queries/40-aws_insight_accounts_without_cloudtrail.yaml.bak delete mode 100755 queries/41-aws_insight_root_login_last_90_days.yaml.bak delete mode 100755 queries/42-aws_insight_account_with_root_access_key.yaml.bak delete mode 100755 queries/43-aws_insight_account_without_root_mfa.yaml.bak delete mode 100755 queries/44-aws_insight_account_with_many_saml_providers.yaml.bak delete mode 100755 queries/45-aws_insight_account_without_mfa.yaml.bak delete mode 100755 queries/46-aws_insight_account_with_key_and_password.yaml.bak delete mode 100755 queries/47-aws_insight_account_with_unused_key.yaml.bak delete mode 100755 queries/48-aws_insight_iam_user_with_old_keys.yaml.bak delete mode 100755 queries/49-aws_insight_iam_user_with_old_password.yaml.bak delete mode 100755 queries/5-aws_insight_ebs_volume_unattached.yaml.bak delete mode 100755 queries/6-aws_insight_ec2_instance_of_undesired_type.yaml.bak delete mode 100755 queries/7-aws_insight_iam_user_with_admin_access.yaml.bak delete mode 100755 queries/7-aws_insight_iam_user_with_admin_access.yaml.bak.bak delete mode 100755 queries/8-aws_insight_iam_user_with_mfa_disabled.yaml.bak delete mode 100755 queries/9-aws_insight_iam_user_with_inline_policies.yaml.bak delete mode 100755 queries/ai_workload.yaml.bak delete mode 100755 queries/autoscaling_workload.yaml.bak delete mode 100755 queries/aws_accessanalyzer_analyzer_1.yaml.bak delete mode 100755 queries/aws_accessanalyzer_analyzer_2.yaml.bak delete mode 100755 queries/aws_accessanalyzer_analyzer_2.yaml.bak.bak delete mode 100755 queries/aws_accessanalyzer_analyzer_3.yaml.bak delete mode 100755 queries/aws_accessanalyzer_finding_1.yaml.bak delete mode 100755 queries/aws_accessanalyzer_finding_1.yaml.bak.bak delete mode 100755 queries/aws_accessanalyzer_finding_2.yaml.bak delete mode 100755 queries/aws_accessanalyzer_finding_3.yaml.bak delete mode 100755 queries/aws_accessanalyzer_finding_4.yaml.bak delete mode 100755 queries/aws_account_1.yaml.bak delete mode 100755 queries/aws_account_2.yaml.bak delete mode 100755 queries/aws_account_2.yaml.bak.bak delete mode 100755 queries/aws_account_alternate_contact_1.yaml.bak delete mode 100755 queries/aws_account_alternate_contact_2.yaml.bak delete mode 100755 queries/aws_account_alternate_contact_3.yaml.bak delete mode 100755 queries/aws_account_alternate_contact_4.yaml.bak delete mode 100755 queries/aws_account_contact_1.yaml.bak delete mode 100755 queries/aws_account_contact_2.yaml.bak delete mode 100755 queries/aws_acm_certificate_1.yaml.bak delete mode 100755 queries/aws_acm_certificate_2.yaml.bak delete mode 100755 queries/aws_acm_certificate_3.yaml.bak delete mode 100755 queries/aws_acm_certificate_4.yaml.bak delete mode 100755 queries/aws_acmpca_certificate_authority_1.yaml.bak delete mode 100755 queries/aws_acmpca_certificate_authority_2.yaml.bak delete mode 100755 queries/aws_acmpca_certificate_authority_3.yaml.bak delete mode 100755 queries/aws_acmpca_certificate_authority_4.yaml.bak delete mode 100755 queries/aws_amplify_app_1.yaml.bak delete mode 100755 queries/aws_amplify_app_2.yaml.bak delete mode 100755 queries/aws_amplify_app_3.yaml.bak delete mode 100755 queries/aws_amplify_app_4.yaml.bak delete mode 100755 queries/aws_amplify_app_5.yaml.bak delete mode 100755 queries/aws_amplify_app_6.yaml.bak delete mode 100755 queries/aws_amplify_app_6.yaml.bak.bak delete mode 100755 queries/aws_amplify_app_7.yaml.bak delete mode 100755 queries/aws_api_gateway_api_key_1.yaml.bak delete mode 100755 queries/aws_api_gateway_api_key_2.yaml.bak delete mode 100755 queries/aws_api_gateway_authorizer_1.yaml.bak delete mode 100755 queries/aws_api_gateway_authorizer_2.yaml.bak delete mode 100755 queries/aws_api_gateway_domain_name_1.yaml.bak delete mode 100755 queries/aws_api_gateway_domain_name_2.yaml.bak delete mode 100755 queries/aws_api_gateway_domain_name_3.yaml.bak delete mode 100755 queries/aws_api_gateway_domain_name_4.yaml.bak delete mode 100755 queries/aws_api_gateway_domain_name_5.yaml.bak delete mode 100755 queries/aws_api_gateway_method_1.yaml.bak delete mode 100755 queries/aws_api_gateway_method_2.yaml.bak delete mode 100755 queries/aws_api_gateway_method_3.yaml.bak delete mode 100755 queries/aws_api_gateway_method_4.yaml.bak delete mode 100755 queries/aws_api_gateway_rest_api_1.yaml.bak delete mode 100755 queries/aws_api_gateway_rest_api_2.yaml.bak delete mode 100755 queries/aws_api_gateway_rest_api_3.yaml.bak delete mode 100755 queries/aws_api_gateway_rest_api_4.yaml.bak delete mode 100755 queries/aws_api_gateway_rest_api_5.yaml.bak delete mode 100755 queries/aws_api_gateway_stage_1.yaml.bak delete mode 100755 queries/aws_api_gateway_stage_2.yaml.bak delete mode 100755 queries/aws_api_gateway_stage_3.yaml.bak delete mode 100755 queries/aws_api_gateway_stage_4.yaml.bak delete mode 100755 queries/aws_api_gateway_usage_plan_1.yaml.bak delete mode 100755 queries/aws_api_gateway_usage_plan_2.yaml.bak delete mode 100755 queries/aws_api_gateway_usage_plan_3.yaml.bak delete mode 100755 queries/aws_api_gateway_usage_plan_3.yaml.bak.bak delete mode 100755 queries/aws_api_gatewayv2_api_1.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_api_2.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_api_3.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_domain_name_1.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_domain_name_2.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_domain_name_3.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_domain_name_4.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_domain_name_5.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_integration_1.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_integration_1.yaml.bak.bak delete mode 100755 queries/aws_api_gatewayv2_integration_2.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_route_1.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_route_2.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_route_3.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_stage_1.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_stage_2.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_stage_3.yaml.bak delete mode 100755 queries/aws_api_gatewayv2_stage_4.yaml.bak delete mode 100755 queries/aws_app_runner_service_1.yaml.bak delete mode 100755 queries/aws_app_runner_service_2.yaml.bak delete mode 100755 queries/aws_app_runner_service_3.yaml.bak delete mode 100755 queries/aws_app_runner_service_4.yaml.bak delete mode 100755 queries/aws_app_runner_service_5.yaml.bak delete mode 100755 queries/aws_app_runner_service_6.yaml.bak delete mode 100755 queries/aws_appautoscaling_policy_1.yaml.bak delete mode 100755 queries/aws_appautoscaling_policy_1.yaml.bak.bak delete mode 100755 queries/aws_appautoscaling_policy_2.yaml.bak delete mode 100755 queries/aws_appautoscaling_policy_3.yaml.bak delete mode 100755 queries/aws_appautoscaling_policy_4.yaml.bak delete mode 100755 queries/aws_appautoscaling_policy_5.yaml.bak delete mode 100755 queries/aws_appautoscaling_target_1.yaml.bak delete mode 100755 queries/aws_appautoscaling_target_2.yaml.bak delete mode 100755 queries/aws_appconfig_application_1.yaml.bak delete mode 100755 queries/aws_appstream_fleet_1.yaml.bak delete mode 100755 queries/aws_appstream_fleet_1.yaml.bak.bak delete mode 100755 queries/aws_appstream_fleet_10.yaml.bak delete mode 100755 queries/aws_appstream_fleet_2.yaml.bak delete mode 100755 queries/aws_appstream_fleet_3.yaml.bak delete mode 100755 queries/aws_appstream_fleet_4.yaml.bak delete mode 100755 queries/aws_appstream_fleet_5.yaml.bak delete mode 100755 queries/aws_appstream_fleet_6.yaml.bak delete mode 100755 queries/aws_appstream_fleet_7.yaml.bak delete mode 100755 queries/aws_appstream_fleet_8.yaml.bak delete mode 100755 queries/aws_appstream_fleet_9.yaml.bak delete mode 100755 queries/aws_appstream_image_1.yaml.bak delete mode 100755 queries/aws_appstream_image_2.yaml.bak delete mode 100755 queries/aws_appstream_image_3.yaml.bak delete mode 100755 queries/aws_appstream_image_4.yaml.bak delete mode 100755 queries/aws_appstream_image_5.yaml.bak delete mode 100755 queries/aws_appstream_image_6.yaml.bak delete mode 100755 queries/aws_appstream_image_7.yaml.bak delete mode 100755 queries/aws_appstream_image_7.yaml.bak.bak delete mode 100755 queries/aws_appstream_image_8.yaml.bak delete mode 100755 queries/aws_appsync_graphql_api_1.yaml.bak delete mode 100755 queries/aws_appsync_graphql_api_2.yaml.bak delete mode 100755 queries/aws_appsync_graphql_api_3.yaml.bak delete mode 100755 queries/aws_athena_query_execution_1.yaml.bak delete mode 100755 queries/aws_athena_query_execution_2.yaml.bak delete mode 100755 queries/aws_athena_query_execution_3.yaml.bak delete mode 100755 queries/aws_athena_query_execution_3.yaml.bak.bak delete mode 100755 queries/aws_athena_query_execution_4.yaml.bak delete mode 100755 queries/aws_athena_workgroup_1.yaml.bak delete mode 100755 queries/aws_athena_workgroup_2.yaml.bak delete mode 100755 queries/aws_athena_workgroup_2.yaml.bak.bak delete mode 100755 queries/aws_athena_workgroup_3.yaml.bak delete mode 100755 queries/aws_athena_workgroup_4.yaml.bak delete mode 100755 queries/aws_auditmanager_assessment_1.yaml.bak delete mode 100755 queries/aws_auditmanager_assessment_2.yaml.bak delete mode 100755 queries/aws_auditmanager_assessment_3.yaml.bak delete mode 100755 queries/aws_auditmanager_control_1.yaml.bak delete mode 100755 queries/aws_auditmanager_control_2.yaml.bak delete mode 100755 queries/aws_auditmanager_evidence_1.yaml.bak delete mode 100755 queries/aws_auditmanager_evidence_2.yaml.bak delete mode 100755 queries/aws_auditmanager_evidence_folder_1.yaml.bak delete mode 100755 queries/aws_auditmanager_evidence_folder_2.yaml.bak delete mode 100755 queries/aws_auditmanager_framework_1.yaml.bak delete mode 100755 queries/aws_auditmanager_framework_2.yaml.bak delete mode 100755 queries/aws_availability_zone_1.yaml.bak delete mode 100755 queries/aws_availability_zone_2.yaml.bak delete mode 100755 queries/aws_availability_zone_2.yaml.bak.bak delete mode 100755 queries/aws_availability_zone_3.yaml.bak delete mode 100755 queries/aws_backup_framework_1.yaml.bak delete mode 100755 queries/aws_backup_framework_2.yaml.bak delete mode 100755 queries/aws_backup_framework_3.yaml.bak delete mode 100755 queries/aws_backup_framework_4.yaml.bak delete mode 100755 queries/aws_backup_framework_5.yaml.bak delete mode 100755 queries/aws_backup_framework_6.yaml.bak delete mode 100755 queries/aws_backup_job_1.yaml.bak delete mode 100755 queries/aws_backup_job_1.yaml.bak.bak delete mode 100755 queries/aws_backup_job_2.yaml.bak delete mode 100755 queries/aws_backup_job_3.yaml.bak delete mode 100755 queries/aws_backup_legal_hold_1.yaml.bak delete mode 100755 queries/aws_backup_legal_hold_2.yaml.bak delete mode 100755 queries/aws_backup_legal_hold_3.yaml.bak delete mode 100755 queries/aws_backup_legal_hold_3.yaml.bak.bak delete mode 100755 queries/aws_backup_plan_1.yaml.bak delete mode 100755 queries/aws_backup_plan_2.yaml.bak delete mode 100755 queries/aws_backup_plan_3.yaml.bak delete mode 100755 queries/aws_backup_protected_resource_1.yaml.bak delete mode 100755 queries/aws_backup_protected_resource_2.yaml.bak delete mode 100755 queries/aws_backup_recovery_point_1.yaml.bak delete mode 100755 queries/aws_backup_recovery_point_2.yaml.bak delete mode 100755 queries/aws_backup_recovery_point_3.yaml.bak delete mode 100755 queries/aws_backup_report_plan_1.yaml.bak delete mode 100755 queries/aws_backup_report_plan_2.yaml.bak delete mode 100755 queries/aws_backup_report_plan_3.yaml.bak delete mode 100755 queries/aws_backup_report_plan_4.yaml.bak delete mode 100755 queries/aws_backup_report_plan_5.yaml.bak delete mode 100755 queries/aws_backup_report_plan_6.yaml.bak delete mode 100755 queries/aws_backup_selection_1.yaml.bak delete mode 100755 queries/aws_backup_selection_2.yaml.bak delete mode 100755 queries/aws_backup_selection_2.yaml.bak.bak delete mode 100755 queries/aws_backup_vault_1.yaml.bak delete mode 100755 queries/aws_backup_vault_2.yaml.bak delete mode 100755 queries/aws_backup_vault_2.yaml.bak.bak delete mode 100755 queries/aws_backup_vault_3.yaml.bak delete mode 100755 queries/aws_backup_vault_4.yaml.bak delete mode 100755 queries/aws_cloudcontrol_resource_1.yaml.bak delete mode 100755 queries/aws_cloudcontrol_resource_2.yaml.bak delete mode 100755 queries/aws_cloudcontrol_resource_3.yaml.bak delete mode 100755 queries/aws_cloudcontrol_resource_3.yaml.bak.bak delete mode 100755 queries/aws_cloudcontrol_resource_4.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_1.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_2.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_2.yaml.bak.bak delete mode 100755 queries/aws_cloudformation_stack_3.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_4.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_5.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_resource_1.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_resource_2.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_resource_3.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_resource_4.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_resource_5.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_set_1.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_set_2.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_set_3.yaml.bak delete mode 100755 queries/aws_cloudformation_stack_set_4.yaml.bak delete mode 100755 queries/aws_cloudfront_cache_policy_1.yaml.bak delete mode 100755 queries/aws_cloudfront_cache_policy_2.yaml.bak delete mode 100755 queries/aws_cloudfront_cache_policy_3.yaml.bak delete mode 100755 queries/aws_cloudfront_distribution_1.yaml.bak delete mode 100755 queries/aws_cloudfront_distribution_2.yaml.bak delete mode 100755 queries/aws_cloudfront_distribution_3.yaml.bak delete mode 100755 queries/aws_cloudfront_distribution_4.yaml.bak delete mode 100755 queries/aws_cloudfront_distribution_4.yaml.bak.bak delete mode 100755 queries/aws_cloudfront_distribution_5.yaml.bak delete mode 100755 queries/aws_cloudfront_distribution_6.yaml.bak delete mode 100755 queries/aws_cloudfront_function_1.yaml.bak delete mode 100755 queries/aws_cloudfront_function_1.yaml.bak.bak delete mode 100755 queries/aws_cloudfront_function_2.yaml.bak delete mode 100755 queries/aws_cloudfront_function_3.yaml.bak delete mode 100755 queries/aws_cloudfront_function_4.yaml.bak delete mode 100755 queries/aws_cloudfront_origin_access_identity_1.yaml.bak delete mode 100755 queries/aws_cloudfront_origin_access_identity_2.yaml.bak delete mode 100755 queries/aws_cloudfront_origin_access_identity_2.yaml.bak.bak delete mode 100755 queries/aws_cloudfront_origin_request_policy_1.yaml.bak delete mode 100755 queries/aws_cloudfront_origin_request_policy_2.yaml.bak delete mode 100755 queries/aws_cloudfront_response_headers_policy_1.yaml.bak delete mode 100755 queries/aws_cloudfront_response_headers_policy_2.yaml.bak delete mode 100755 queries/aws_cloudfront_response_headers_policy_3.yaml.bak delete mode 100755 queries/aws_cloudfront_response_headers_policy_3.yaml.bak.bak delete mode 100755 queries/aws_cloudsearch_domain_1.yaml.bak delete mode 100755 queries/aws_cloudsearch_domain_2.yaml.bak delete mode 100755 queries/aws_cloudsearch_domain_3.yaml.bak delete mode 100755 queries/aws_cloudtrail_channel_1.yaml.bak delete mode 100755 queries/aws_cloudtrail_channel_2.yaml.bak delete mode 100755 queries/aws_cloudtrail_channel_3.yaml.bak delete mode 100755 queries/aws_cloudtrail_event_data_store_1.yaml.bak delete mode 100755 queries/aws_cloudtrail_event_data_store_2.yaml.bak delete mode 100755 queries/aws_cloudtrail_event_data_store_3.yaml.bak delete mode 100755 queries/aws_cloudtrail_import_1.yaml.bak delete mode 100755 queries/aws_cloudtrail_import_2.yaml.bak delete mode 100755 queries/aws_cloudtrail_import_3.yaml.bak delete mode 100755 queries/aws_cloudtrail_import_4.yaml.bak delete mode 100755 queries/aws_cloudtrail_import_5.yaml.bak delete mode 100755 queries/aws_cloudtrail_import_5.yaml.bak.bak delete mode 100755 queries/aws_cloudtrail_lookup_event_1.yaml.bak delete mode 100755 queries/aws_cloudtrail_lookup_event_2.yaml.bak delete mode 100755 queries/aws_cloudtrail_lookup_event_3.yaml.bak delete mode 100755 queries/aws_cloudtrail_query_1.yaml.bak delete mode 100755 queries/aws_cloudtrail_query_2.yaml.bak delete mode 100755 queries/aws_cloudtrail_query_3.yaml.bak delete mode 100755 queries/aws_cloudtrail_query_3.yaml.bak.bak delete mode 100755 queries/aws_cloudtrail_query_4.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_1.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_2.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_3.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_4.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_5.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_6.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_7.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_7.yaml.bak.bak delete mode 100755 queries/aws_cloudtrail_trail_event_1.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_event_2.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_event_2.yaml.bak.bak delete mode 100755 queries/aws_cloudtrail_trail_event_3.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_event_4.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_event_5.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_event_6.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_event_7.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_event_8.yaml.bak delete mode 100755 queries/aws_cloudtrail_trail_event_9.yaml.bak delete mode 100755 queries/aws_cloudwatch_alarm_1.yaml.bak delete mode 100755 queries/aws_cloudwatch_alarm_2.yaml.bak delete mode 100755 queries/aws_cloudwatch_alarm_3.yaml.bak delete mode 100755 queries/aws_cloudwatch_alarm_4.yaml.bak delete mode 100755 queries/aws_cloudwatch_alarm_5.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_event_1.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_event_2.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_event_3.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_event_4.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_event_5.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_event_5.yaml.bak.bak delete mode 100755 queries/aws_cloudwatch_log_event_6.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_group_1.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_group_2.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_group_3.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_group_4.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_group_5.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_metric_filter_1.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_metric_filter_2.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_metric_filter_2.yaml.bak.bak delete mode 100755 queries/aws_cloudwatch_log_metric_filter_3.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_resource_policy_1.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_stream_1.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_stream_2.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_subscription_filter_1.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_subscription_filter_2.yaml.bak delete mode 100755 queries/aws_cloudwatch_log_subscription_filter_3.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_1.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_2.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_3.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_3.yaml.bak.bak delete mode 100755 queries/aws_cloudwatch_metric_4.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_5.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_data_point_1.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_data_point_2.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_data_point_2.yaml.bak.bak delete mode 100755 queries/aws_cloudwatch_metric_data_point_3.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_data_point_4.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_data_point_5.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_data_point_6.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_1.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_2.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_3.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_4.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_5.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_6.yaml.bak delete mode 100755 queries/aws_cloudwatch_metric_statistic_data_point_7.yaml.bak delete mode 100755 queries/aws_codeartifact_domain_1.yaml.bak delete mode 100755 queries/aws_codeartifact_domain_2.yaml.bak delete mode 100755 queries/aws_codeartifact_domain_3.yaml.bak delete mode 100755 queries/aws_codeartifact_domain_4.yaml.bak delete mode 100755 queries/aws_codeartifact_domain_4.yaml.bak.bak delete mode 100755 queries/aws_codeartifact_domain_5.yaml.bak delete mode 100755 queries/aws_codeartifact_domain_6.yaml.bak delete mode 100755 queries/aws_codeartifact_domain_7.yaml.bak delete mode 100755 queries/aws_codeartifact_repository_1.yaml.bak delete mode 100755 queries/aws_codeartifact_repository_2.yaml.bak delete mode 100755 queries/aws_codeartifact_repository_3.yaml.bak delete mode 100755 queries/aws_codeartifact_repository_4.yaml.bak delete mode 100755 queries/aws_codebuild_build_1.yaml.bak delete mode 100755 queries/aws_codebuild_build_10.yaml.bak delete mode 100755 queries/aws_codebuild_build_10.yaml.bak.bak delete mode 100755 queries/aws_codebuild_build_11.yaml.bak delete mode 100755 queries/aws_codebuild_build_2.yaml.bak delete mode 100755 queries/aws_codebuild_build_2.yaml.bak.bak delete mode 100755 queries/aws_codebuild_build_3.yaml.bak delete mode 100755 queries/aws_codebuild_build_4.yaml.bak delete mode 100755 queries/aws_codebuild_build_5.yaml.bak delete mode 100755 queries/aws_codebuild_build_6.yaml.bak delete mode 100755 queries/aws_codebuild_build_7.yaml.bak delete mode 100755 queries/aws_codebuild_build_8.yaml.bak delete mode 100755 queries/aws_codebuild_build_9.yaml.bak delete mode 100755 queries/aws_codebuild_project_1.yaml.bak delete mode 100755 queries/aws_codebuild_project_2.yaml.bak delete mode 100755 queries/aws_codebuild_project_3.yaml.bak delete mode 100755 queries/aws_codebuild_project_4.yaml.bak delete mode 100755 queries/aws_codebuild_project_5.yaml.bak delete mode 100755 queries/aws_codebuild_source_credential_1.yaml.bak delete mode 100755 queries/aws_codebuild_source_credential_2.yaml.bak delete mode 100755 queries/aws_codecommit_repository_1.yaml.bak delete mode 100755 queries/aws_codedeploy_app_1.yaml.bak delete mode 100755 queries/aws_codedeploy_app_1.yaml.bak.bak delete mode 100755 queries/aws_codedeploy_app_2.yaml.bak delete mode 100755 queries/aws_codedeploy_app_3.yaml.bak delete mode 100755 queries/aws_codedeploy_deployment_config_1.yaml.bak delete mode 100755 queries/aws_codedeploy_deployment_config_2.yaml.bak delete mode 100755 queries/aws_codedeploy_deployment_config_3.yaml.bak delete mode 100755 queries/aws_codedeploy_deployment_config_4.yaml.bak delete mode 100755 queries/aws_codedeploy_deployment_config_5.yaml.bak delete mode 100755 queries/aws_codedeploy_deployment_config_6.yaml.bak delete mode 100755 queries/aws_codedeploy_deployment_group_1.yaml.bak delete mode 100755 queries/aws_codedeploy_deployment_group_2.yaml.bak delete mode 100755 queries/aws_codedeploy_deployment_group_3.yaml.bak delete mode 100755 queries/aws_codedeploy_deployment_group_4.yaml.bak delete mode 100755 queries/aws_codedeploy_deployment_group_5.yaml.bak delete mode 100755 queries/aws_codedeploy_deployment_group_6.yaml.bak delete mode 100755 queries/aws_codedeploy_deployment_group_6.yaml.bak.bak delete mode 100755 queries/aws_codedeploy_deployment_group_7.yaml.bak delete mode 100755 queries/aws_codepipeline_pipeline_1.yaml.bak delete mode 100755 queries/aws_codepipeline_pipeline_2.yaml.bak delete mode 100755 queries/aws_codestar_notification_rule_1.yaml.bak delete mode 100755 queries/aws_codestar_notification_rule_2.yaml.bak delete mode 100755 queries/aws_codestar_notification_rule_3.yaml.bak delete mode 100755 queries/aws_codestar_notification_rule_4.yaml.bak delete mode 100755 queries/aws_codestar_notification_rule_5.yaml.bak delete mode 100755 queries/aws_cognito_identity_pool_1.yaml.bak delete mode 100755 queries/aws_cognito_identity_pool_2.yaml.bak delete mode 100755 queries/aws_cognito_identity_pool_3.yaml.bak delete mode 100755 queries/aws_cognito_identity_pool_4.yaml.bak delete mode 100755 queries/aws_cognito_identity_provider_1.yaml.bak delete mode 100755 queries/aws_cognito_identity_provider_2.yaml.bak delete mode 100755 queries/aws_cognito_user_pool_1.yaml.bak delete mode 100755 queries/aws_cognito_user_pool_2.yaml.bak delete mode 100755 queries/aws_config_aggregate_authorization_1.yaml.bak delete mode 100755 queries/aws_config_configuration_recorder_1.yaml.bak delete mode 100755 queries/aws_config_configuration_recorder_2.yaml.bak delete mode 100755 queries/aws_config_configuration_recorder_3.yaml.bak delete mode 100755 queries/aws_config_conformance_pack_1.yaml.bak delete mode 100755 queries/aws_config_conformance_pack_1.yaml.bak.bak delete mode 100755 queries/aws_config_conformance_pack_2.yaml.bak delete mode 100755 queries/aws_config_conformance_pack_3.yaml.bak delete mode 100755 queries/aws_config_retention_configuration_1.yaml.bak delete mode 100755 queries/aws_config_retention_configuration_2.yaml.bak delete mode 100755 queries/aws_config_retention_configuration_3.yaml.bak delete mode 100755 queries/aws_config_retention_configuration_4.yaml.bak delete mode 100755 queries/aws_config_rule_1.yaml.bak delete mode 100755 queries/aws_config_rule_2.yaml.bak delete mode 100755 queries/aws_config_rule_3.yaml.bak delete mode 100755 queries/aws_config_rule_4.yaml.bak delete mode 100755 queries/aws_config_rule_5.yaml.bak delete mode 100755 queries/aws_config_rule_5.yaml.bak.bak delete mode 100755 queries/aws_config_rule_6.yaml.bak delete mode 100755 queries/aws_cost_by_account_daily_1.yaml.bak delete mode 100755 queries/aws_cost_by_account_daily_2.yaml.bak delete mode 100755 queries/aws_cost_by_account_daily_3.yaml.bak delete mode 100755 queries/aws_cost_by_account_monthly_1.yaml.bak delete mode 100755 queries/aws_cost_by_account_monthly_2.yaml.bak delete mode 100755 queries/aws_cost_by_account_monthly_3.yaml.bak delete mode 100755 queries/aws_cost_by_account_monthly_4.yaml.bak delete mode 100755 queries/aws_cost_by_record_type_daily_1.yaml.bak delete mode 100755 queries/aws_cost_by_record_type_daily_2.yaml.bak delete mode 100755 queries/aws_cost_by_record_type_daily_3.yaml.bak delete mode 100755 queries/aws_cost_by_record_type_monthly_1.yaml.bak delete mode 100755 queries/aws_cost_by_record_type_monthly_2.yaml.bak delete mode 100755 queries/aws_cost_by_record_type_monthly_3.yaml.bak delete mode 100755 queries/aws_cost_by_record_type_monthly_3.yaml.bak.bak delete mode 100755 queries/aws_cost_by_service_daily_1.yaml.bak delete mode 100755 queries/aws_cost_by_service_daily_2.yaml.bak delete mode 100755 queries/aws_cost_by_service_daily_3.yaml.bak delete mode 100755 queries/aws_cost_by_service_daily_4.yaml.bak delete mode 100755 queries/aws_cost_by_service_daily_5.yaml.bak delete mode 100755 queries/aws_cost_by_service_daily_5.yaml.bak.bak delete mode 100755 queries/aws_cost_by_service_monthly_1.yaml.bak delete mode 100755 queries/aws_cost_by_service_monthly_2.yaml.bak delete mode 100755 queries/aws_cost_by_service_monthly_3.yaml.bak delete mode 100755 queries/aws_cost_by_service_monthly_4.yaml.bak delete mode 100755 queries/aws_cost_by_service_monthly_5.yaml.bak delete mode 100755 queries/aws_cost_by_service_monthly_6.yaml.bak delete mode 100755 queries/aws_cost_by_service_usage_type_daily_1.yaml.bak delete mode 100755 queries/aws_cost_by_service_usage_type_daily_2.yaml.bak delete mode 100755 queries/aws_cost_by_service_usage_type_daily_3.yaml.bak delete mode 100755 queries/aws_cost_by_service_usage_type_daily_4.yaml.bak delete mode 100755 queries/aws_cost_by_service_usage_type_monthly_1.yaml.bak delete mode 100755 queries/aws_cost_by_service_usage_type_monthly_2.yaml.bak delete mode 100755 queries/aws_cost_by_service_usage_type_monthly_3.yaml.bak delete mode 100755 queries/aws_cost_by_service_usage_type_monthly_4.yaml.bak delete mode 100755 queries/aws_cost_by_tag_1.yaml.bak delete mode 100755 queries/aws_cost_by_tag_2.yaml.bak delete mode 100755 queries/aws_cost_by_tag_3.yaml.bak delete mode 100755 queries/aws_cost_forecast_daily_1.yaml.bak delete mode 100755 queries/aws_cost_forecast_monthly_1.yaml.bak delete mode 100755 queries/aws_cost_forecast_monthly_2.yaml.bak delete mode 100755 queries/aws_cost_usage_1.yaml.bak delete mode 100755 queries/aws_cost_usage_2.yaml.bak delete mode 100755 queries/aws_cost_usage_3.yaml.bak delete mode 100755 queries/aws_cost_usage_4.yaml.bak delete mode 100755 queries/aws_dax_cluster_1.yaml.bak delete mode 100755 queries/aws_dax_cluster_2.yaml.bak delete mode 100755 queries/aws_dax_cluster_3.yaml.bak delete mode 100755 queries/aws_dax_cluster_4.yaml.bak delete mode 100755 queries/aws_dax_cluster_4.yaml.bak.bak delete mode 100755 queries/aws_dax_parameter_1.yaml.bak delete mode 100755 queries/aws_dax_parameter_2.yaml.bak delete mode 100755 queries/aws_dax_parameter_2.yaml.bak.bak delete mode 100755 queries/aws_dax_parameter_3.yaml.bak delete mode 100755 queries/aws_dax_parameter_group_1.yaml.bak delete mode 100755 queries/aws_dax_parameter_group_2.yaml.bak delete mode 100755 queries/aws_dax_subnet_group_1.yaml.bak delete mode 100755 queries/aws_dax_subnet_group_2.yaml.bak delete mode 100755 queries/aws_dax_subnet_group_3.yaml.bak delete mode 100755 queries/aws_directory_service_certificate_1.yaml.bak delete mode 100755 queries/aws_directory_service_certificate_2.yaml.bak delete mode 100755 queries/aws_directory_service_certificate_2.yaml.bak.bak delete mode 100755 queries/aws_directory_service_certificate_3.yaml.bak delete mode 100755 queries/aws_directory_service_certificate_4.yaml.bak delete mode 100755 queries/aws_directory_service_certificate_5.yaml.bak delete mode 100755 queries/aws_directory_service_certificate_6.yaml.bak delete mode 100755 queries/aws_directory_service_certificate_7.yaml.bak delete mode 100755 queries/aws_directory_service_certificate_8.yaml.bak delete mode 100755 queries/aws_directory_service_directory_1.yaml.bak delete mode 100755 queries/aws_directory_service_directory_2.yaml.bak delete mode 100755 queries/aws_directory_service_directory_3.yaml.bak delete mode 100755 queries/aws_directory_service_directory_4.yaml.bak delete mode 100755 queries/aws_directory_service_directory_5.yaml.bak delete mode 100755 queries/aws_directory_servicelog_subscription_1.yaml.bak delete mode 100755 queries/aws_directory_servicelog_subscription_2.yaml.bak delete mode 100755 queries/aws_directory_servicelog_subscription_2.yaml.bak.bak delete mode 100755 queries/aws_dlm_lifecycle_policy_1.yaml.bak delete mode 100755 queries/aws_dlm_lifecycle_policy_2.yaml.bak delete mode 100755 queries/aws_dlm_lifecycle_policy_3.yaml.bak delete mode 100755 queries/aws_dlm_lifecycle_policy_4.yaml.bak delete mode 100755 queries/aws_dms_certificate_1.yaml.bak delete mode 100755 queries/aws_dms_certificate_2.yaml.bak delete mode 100755 queries/aws_dms_certificate_2.yaml.bak.bak delete mode 100755 queries/aws_dms_certificate_3.yaml.bak delete mode 100755 queries/aws_dms_certificate_4.yaml.bak delete mode 100755 queries/aws_dms_certificate_5.yaml.bak delete mode 100755 queries/aws_dms_endpoint_1.yaml.bak delete mode 100755 queries/aws_dms_endpoint_2.yaml.bak delete mode 100755 queries/aws_dms_endpoint_3.yaml.bak delete mode 100755 queries/aws_dms_endpoint_4.yaml.bak delete mode 100755 queries/aws_dms_endpoint_5.yaml.bak delete mode 100755 queries/aws_dms_replication_instance_1.yaml.bak delete mode 100755 queries/aws_dms_replication_instance_2.yaml.bak delete mode 100755 queries/aws_dms_replication_instance_3.yaml.bak delete mode 100755 queries/aws_dms_replication_instance_4.yaml.bak delete mode 100755 queries/aws_dms_replication_instance_5.yaml.bak delete mode 100755 queries/aws_dms_replication_task_1.yaml.bak delete mode 100755 queries/aws_dms_replication_task_2.yaml.bak delete mode 100755 queries/aws_dms_replication_task_3.yaml.bak delete mode 100755 queries/aws_dms_replication_task_4.yaml.bak delete mode 100755 queries/aws_dms_replication_task_5.yaml.bak delete mode 100755 queries/aws_dms_replication_task_6.yaml.bak delete mode 100755 queries/aws_dms_replication_task_7.yaml.bak delete mode 100755 queries/aws_dms_replication_task_7.yaml.bak.bak delete mode 100755 queries/aws_docdb_cluster_1.yaml.bak delete mode 100755 queries/aws_docdb_cluster_2.yaml.bak delete mode 100755 queries/aws_docdb_cluster_3.yaml.bak delete mode 100755 queries/aws_docdb_cluster_3.yaml.bak.bak delete mode 100755 queries/aws_docdb_cluster_4.yaml.bak delete mode 100755 queries/aws_docdb_cluster_5.yaml.bak delete mode 100755 queries/aws_docdb_cluster_6.yaml.bak delete mode 100755 queries/aws_docdb_cluster_7.yaml.bak delete mode 100755 queries/aws_docdb_cluster_instance_1.yaml.bak delete mode 100755 queries/aws_docdb_cluster_instance_2.yaml.bak delete mode 100755 queries/aws_docdb_cluster_instance_3.yaml.bak delete mode 100755 queries/aws_docdb_cluster_instance_4.yaml.bak delete mode 100755 queries/aws_docdb_cluster_instance_5.yaml.bak delete mode 100755 queries/aws_docdb_cluster_instance_6.yaml.bak delete mode 100755 queries/aws_docdb_cluster_instance_7.yaml.bak delete mode 100755 queries/aws_docdb_cluster_snapshot_1.yaml.bak delete mode 100755 queries/aws_docdb_cluster_snapshot_2.yaml.bak delete mode 100755 queries/aws_docdb_cluster_snapshot_3.yaml.bak delete mode 100755 queries/aws_docdb_cluster_snapshot_4.yaml.bak delete mode 100755 queries/aws_drs_job_1.yaml.bak delete mode 100755 queries/aws_drs_job_2.yaml.bak delete mode 100755 queries/aws_drs_job_3.yaml.bak delete mode 100755 queries/aws_drs_recovery_instance_1.yaml.bak delete mode 100755 queries/aws_drs_recovery_instance_2.yaml.bak delete mode 100755 queries/aws_drs_recovery_instance_3.yaml.bak delete mode 100755 queries/aws_drs_recovery_instance_4.yaml.bak delete mode 100755 queries/aws_drs_recovery_instance_5.yaml.bak delete mode 100755 queries/aws_drs_recovery_snapshot_1.yaml.bak delete mode 100755 queries/aws_drs_recovery_snapshot_2.yaml.bak delete mode 100755 queries/aws_drs_recovery_snapshot_3.yaml.bak delete mode 100755 queries/aws_drs_recovery_snapshot_4.yaml.bak delete mode 100755 queries/aws_drs_recovery_snapshot_5.yaml.bak delete mode 100755 queries/aws_drs_source_server_1.yaml.bak delete mode 100755 queries/aws_drs_source_server_2.yaml.bak delete mode 100755 queries/aws_drs_source_server_3.yaml.bak delete mode 100755 queries/aws_drs_source_server_4.yaml.bak delete mode 100755 queries/aws_drs_source_server_5.yaml.bak delete mode 100755 queries/aws_drs_source_server_6.yaml.bak delete mode 100755 queries/aws_drs_source_server_6.yaml.bak.bak delete mode 100755 queries/aws_drs_source_server_7.yaml.bak delete mode 100755 queries/aws_dynamodb_backup_1.yaml.bak delete mode 100755 queries/aws_dynamodb_backup_2.yaml.bak delete mode 100755 queries/aws_dynamodb_global_table_1.yaml.bak delete mode 100755 queries/aws_dynamodb_global_table_2.yaml.bak delete mode 100755 queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak delete mode 100755 queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak.bak delete mode 100755 queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml.bak delete mode 100755 queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak delete mode 100755 queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak.bak delete mode 100755 queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml.bak delete mode 100755 queries/aws_dynamodb_table_1.yaml.bak delete mode 100755 queries/aws_dynamodb_table_2.yaml.bak delete mode 100755 queries/aws_dynamodb_table_3.yaml.bak delete mode 100755 queries/aws_dynamodb_table_4.yaml.bak delete mode 100755 queries/aws_dynamodb_table_export_1.yaml.bak delete mode 100755 queries/aws_dynamodb_table_export_2.yaml.bak delete mode 100755 queries/aws_dynamodb_table_export_2.yaml.bak.bak delete mode 100755 queries/aws_dynamodb_table_export_3.yaml.bak delete mode 100755 queries/aws_ebs_snapshot_1.yaml.bak delete mode 100755 queries/aws_ebs_snapshot_2.yaml.bak delete mode 100755 queries/aws_ebs_snapshot_3.yaml.bak delete mode 100755 queries/aws_ebs_snapshot_4.yaml.bak delete mode 100755 queries/aws_ebs_snapshot_4.yaml.bak.bak delete mode 100755 queries/aws_ebs_snapshot_5.yaml.bak delete mode 100755 queries/aws_ebs_snapshot_6.yaml.bak delete mode 100755 queries/aws_ebs_snapshot_7.yaml.bak delete mode 100755 queries/aws_ebs_volume_1.yaml.bak delete mode 100755 queries/aws_ebs_volume_2.yaml.bak delete mode 100755 queries/aws_ebs_volume_3.yaml.bak delete mode 100755 queries/aws_ebs_volume_3.yaml.bak.bak delete mode 100755 queries/aws_ebs_volume_4.yaml.bak delete mode 100755 queries/aws_ebs_volume_5.yaml.bak delete mode 100755 queries/aws_ebs_volume_6.yaml.bak delete mode 100755 queries/aws_ebs_volume_7.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_1.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_1.yaml.bak.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_2.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_3.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_4.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_daily_1.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_daily_2.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_daily_3.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_daily_4.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_1.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_2.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_3.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_3.yaml.bak.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_4.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_daily_1.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_daily_3.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_daily_4.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml.bak delete mode 100755 queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml.bak delete mode 100755 queries/aws_ec2_ami_1.yaml.bak delete mode 100755 queries/aws_ec2_ami_2.yaml.bak delete mode 100755 queries/aws_ec2_ami_3.yaml.bak delete mode 100755 queries/aws_ec2_ami_3.yaml.bak.bak delete mode 100755 queries/aws_ec2_ami_4.yaml.bak delete mode 100755 queries/aws_ec2_ami_shared_1.yaml.bak delete mode 100755 queries/aws_ec2_ami_shared_2.yaml.bak delete mode 100755 queries/aws_ec2_ami_shared_2.yaml.bak.bak delete mode 100755 queries/aws_ec2_ami_shared_3.yaml.bak delete mode 100755 queries/aws_ec2_application_load_balancer_1.yaml.bak delete mode 100755 queries/aws_ec2_application_load_balancer_2.yaml.bak delete mode 100755 queries/aws_ec2_application_load_balancer_3.yaml.bak delete mode 100755 queries/aws_ec2_application_load_balancer_4.yaml.bak delete mode 100755 queries/aws_ec2_application_load_balancer_5.yaml.bak delete mode 100755 queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml.bak delete mode 100755 queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml.bak delete mode 100755 queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml.bak delete mode 100755 queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml.bak delete mode 100755 queries/aws_ec2_autoscaling_group_1.yaml.bak delete mode 100755 queries/aws_ec2_autoscaling_group_2.yaml.bak delete mode 100755 queries/aws_ec2_autoscaling_group_3.yaml.bak delete mode 100755 queries/aws_ec2_autoscaling_group_4.yaml.bak delete mode 100755 queries/aws_ec2_capacity_reservation_1.yaml.bak delete mode 100755 queries/aws_ec2_capacity_reservation_2.yaml.bak delete mode 100755 queries/aws_ec2_capacity_reservation_3.yaml.bak delete mode 100755 queries/aws_ec2_classic_load_balancer_1.yaml.bak delete mode 100755 queries/aws_ec2_classic_load_balancer_2.yaml.bak delete mode 100755 queries/aws_ec2_classic_load_balancer_3.yaml.bak delete mode 100755 queries/aws_ec2_classic_load_balancer_4.yaml.bak delete mode 100755 queries/aws_ec2_classic_load_balancer_5.yaml.bak delete mode 100755 queries/aws_ec2_client_vpn_endpoint_1.yaml.bak delete mode 100755 queries/aws_ec2_client_vpn_endpoint_2.yaml.bak delete mode 100755 queries/aws_ec2_client_vpn_endpoint_3.yaml.bak delete mode 100755 queries/aws_ec2_client_vpn_endpoint_4.yaml.bak delete mode 100755 queries/aws_ec2_client_vpn_endpoint_5.yaml.bak delete mode 100755 queries/aws_ec2_client_vpn_endpoint_6.yaml.bak delete mode 100755 queries/aws_ec2_client_vpn_endpoint_7.yaml.bak delete mode 100755 queries/aws_ec2_gateway_load_balancer_1.yaml.bak delete mode 100755 queries/aws_ec2_gateway_load_balancer_2.yaml.bak delete mode 100755 queries/aws_ec2_gateway_load_balancer_3.yaml.bak delete mode 100755 queries/aws_ec2_gateway_load_balancer_4.yaml.bak delete mode 100755 queries/aws_ec2_gateway_load_balancer_4.yaml.bak.bak delete mode 100755 queries/aws_ec2_gateway_load_balancer_5.yaml.bak delete mode 100755 queries/aws_ec2_gateway_load_balancer_6.yaml.bak delete mode 100755 queries/aws_ec2_gateway_load_balancer_7.yaml.bak delete mode 100755 queries/aws_ec2_instance_1.yaml.bak delete mode 100755 queries/aws_ec2_instance_10.yaml.bak delete mode 100755 queries/aws_ec2_instance_11.yaml.bak delete mode 100755 queries/aws_ec2_instance_12.yaml.bak delete mode 100755 queries/aws_ec2_instance_12.yaml.bak.bak delete mode 100755 queries/aws_ec2_instance_13.yaml.bak delete mode 100755 queries/aws_ec2_instance_14.yaml.bak delete mode 100755 queries/aws_ec2_instance_15.yaml.bak delete mode 100755 queries/aws_ec2_instance_2.yaml.bak delete mode 100755 queries/aws_ec2_instance_3.yaml.bak delete mode 100755 queries/aws_ec2_instance_4.yaml.bak delete mode 100755 queries/aws_ec2_instance_5.yaml.bak delete mode 100755 queries/aws_ec2_instance_6.yaml.bak delete mode 100755 queries/aws_ec2_instance_7.yaml.bak delete mode 100755 queries/aws_ec2_instance_8.yaml.bak delete mode 100755 queries/aws_ec2_instance_9.yaml.bak delete mode 100755 queries/aws_ec2_instance_availability_1.yaml.bak delete mode 100755 queries/aws_ec2_instance_availability_2.yaml.bak delete mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_1.yaml.bak delete mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_2.yaml.bak delete mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml.bak delete mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml.bak delete mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml.bak delete mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak delete mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak.bak delete mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml.bak delete mode 100755 queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml.bak delete mode 100755 queries/aws_ec2_instance_type_1.yaml.bak delete mode 100755 queries/aws_ec2_instance_type_2.yaml.bak delete mode 100755 queries/aws_ec2_instance_type_2.yaml.bak.bak delete mode 100755 queries/aws_ec2_instance_type_3.yaml.bak delete mode 100755 queries/aws_ec2_instance_type_4.yaml.bak delete mode 100755 queries/aws_ec2_instance_type_5.yaml.bak delete mode 100755 queries/aws_ec2_key_pair_1.yaml.bak delete mode 100755 queries/aws_ec2_key_pair_2.yaml.bak delete mode 100755 queries/aws_ec2_launch_configuration_1.yaml.bak delete mode 100755 queries/aws_ec2_launch_configuration_2.yaml.bak delete mode 100755 queries/aws_ec2_launch_configuration_3.yaml.bak delete mode 100755 queries/aws_ec2_launch_configuration_4.yaml.bak delete mode 100755 queries/aws_ec2_launch_configuration_5.yaml.bak delete mode 100755 queries/aws_ec2_launch_template_1.yaml.bak delete mode 100755 queries/aws_ec2_launch_template_2.yaml.bak delete mode 100755 queries/aws_ec2_launch_template_3.yaml.bak delete mode 100755 queries/aws_ec2_launch_template_version_1.yaml.bak delete mode 100755 queries/aws_ec2_launch_template_version_2.yaml.bak delete mode 100755 queries/aws_ec2_launch_template_version_3.yaml.bak delete mode 100755 queries/aws_ec2_launch_template_version_4.yaml.bak delete mode 100755 queries/aws_ec2_launch_template_version_5.yaml.bak delete mode 100755 queries/aws_ec2_launch_template_version_6.yaml.bak delete mode 100755 queries/aws_ec2_launch_template_version_7.yaml.bak delete mode 100755 queries/aws_ec2_launch_template_version_8.yaml.bak delete mode 100755 queries/aws_ec2_launch_template_version_9.yaml.bak delete mode 100755 queries/aws_ec2_load_balancer_listener_1.yaml.bak delete mode 100755 queries/aws_ec2_load_balancer_listener_2.yaml.bak delete mode 100755 queries/aws_ec2_load_balancer_listener_2.yaml.bak.bak delete mode 100755 queries/aws_ec2_load_balancer_listener_3.yaml.bak delete mode 100755 queries/aws_ec2_load_balancer_listener_rule_1.yaml.bak delete mode 100755 queries/aws_ec2_load_balancer_listener_rule_2.yaml.bak delete mode 100755 queries/aws_ec2_load_balancer_listener_rule_3.yaml.bak delete mode 100755 queries/aws_ec2_load_balancer_listener_rule_4.yaml.bak delete mode 100755 queries/aws_ec2_load_balancer_listener_rule_5.yaml.bak delete mode 100755 queries/aws_ec2_load_balancer_listener_rule_6.yaml.bak delete mode 100755 queries/aws_ec2_managed_prefix_list_1.yaml.bak delete mode 100755 queries/aws_ec2_managed_prefix_list_1.yaml.bak.bak delete mode 100755 queries/aws_ec2_managed_prefix_list_2.yaml.bak delete mode 100755 queries/aws_ec2_managed_prefix_list_3.yaml.bak delete mode 100755 queries/aws_ec2_managed_prefix_list_4.yaml.bak delete mode 100755 queries/aws_ec2_managed_prefix_list_5.yaml.bak delete mode 100755 queries/aws_ec2_managed_prefix_list_6.yaml.bak delete mode 100755 queries/aws_ec2_managed_prefix_list_entry_1.yaml.bak delete mode 100755 queries/aws_ec2_managed_prefix_list_entry_2.yaml.bak delete mode 100755 queries/aws_ec2_managed_prefix_list_entry_3.yaml.bak delete mode 100755 queries/aws_ec2_network_interface_1.yaml.bak delete mode 100755 queries/aws_ec2_network_interface_2.yaml.bak delete mode 100755 queries/aws_ec2_network_interface_3.yaml.bak delete mode 100755 queries/aws_ec2_network_interface_3.yaml.bak.bak delete mode 100755 queries/aws_ec2_network_interface_4.yaml.bak delete mode 100755 queries/aws_ec2_network_interface_5.yaml.bak delete mode 100755 queries/aws_ec2_network_load_balancer_1.yaml.bak delete mode 100755 queries/aws_ec2_network_load_balancer_2.yaml.bak delete mode 100755 queries/aws_ec2_network_load_balancer_3.yaml.bak delete mode 100755 queries/aws_ec2_network_load_balancer_4.yaml.bak delete mode 100755 queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml.bak delete mode 100755 queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml.bak delete mode 100755 queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml.bak delete mode 100755 queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml.bak delete mode 100755 queries/aws_ec2_regional_settings_1.yaml.bak delete mode 100755 queries/aws_ec2_regional_settings_2.yaml.bak delete mode 100755 queries/aws_ec2_regional_settings_3.yaml.bak delete mode 100755 queries/aws_ec2_reserved_instance_1.yaml.bak delete mode 100755 queries/aws_ec2_reserved_instance_1.yaml.bak.bak delete mode 100755 queries/aws_ec2_reserved_instance_2.yaml.bak delete mode 100755 queries/aws_ec2_reserved_instance_3.yaml.bak delete mode 100755 queries/aws_ec2_reserved_instance_4.yaml.bak delete mode 100755 queries/aws_ec2_reserved_instance_5.yaml.bak delete mode 100755 queries/aws_ec2_spot_price_1.yaml.bak delete mode 100755 queries/aws_ec2_ssl_policy_1.yaml.bak delete mode 100755 queries/aws_ec2_ssl_policy_1.yaml.bak.bak delete mode 100755 queries/aws_ec2_ssl_policy_2.yaml.bak delete mode 100755 queries/aws_ec2_target_group_1.yaml.bak delete mode 100755 queries/aws_ec2_target_group_2.yaml.bak delete mode 100755 queries/aws_ec2_target_group_3.yaml.bak delete mode 100755 queries/aws_ec2_target_group_4.yaml.bak delete mode 100755 queries/aws_ec2_transit_gateway_1.yaml.bak delete mode 100755 queries/aws_ec2_transit_gateway_2.yaml.bak delete mode 100755 queries/aws_ec2_transit_gateway_3.yaml.bak delete mode 100755 queries/aws_ec2_transit_gateway_4.yaml.bak delete mode 100755 queries/aws_ec2_transit_gateway_4.yaml.bak.bak delete mode 100755 queries/aws_ec2_transit_gateway_route_1.yaml.bak delete mode 100755 queries/aws_ec2_transit_gateway_route_2.yaml.bak delete mode 100755 queries/aws_ec2_transit_gateway_route_table_1.yaml.bak delete mode 100755 queries/aws_ec2_transit_gateway_route_table_2.yaml.bak delete mode 100755 queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml.bak delete mode 100755 queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml.bak delete mode 100755 queries/aws_ecr_image_1.yaml.bak delete mode 100755 queries/aws_ecr_image_2.yaml.bak delete mode 100755 queries/aws_ecr_image_2.yaml.bak.bak delete mode 100755 queries/aws_ecr_image_3.yaml.bak delete mode 100755 queries/aws_ecr_image_4.yaml.bak delete mode 100755 queries/aws_ecr_image_5.yaml.bak delete mode 100755 queries/aws_ecr_image_6.yaml.bak delete mode 100755 queries/aws_ecr_image_7.yaml.bak delete mode 100755 queries/aws_ecr_image_scan_finding_1.yaml.bak delete mode 100755 queries/aws_ecr_image_scan_finding_2.yaml.bak delete mode 100755 queries/aws_ecr_registry_scanning_configuration_1.yaml.bak delete mode 100755 queries/aws_ecr_registry_scanning_configuration_2.yaml.bak delete mode 100755 queries/aws_ecr_registry_scanning_configuration_3.yaml.bak delete mode 100755 queries/aws_ecr_repository_1.yaml.bak delete mode 100755 queries/aws_ecr_repository_10.yaml.bak delete mode 100755 queries/aws_ecr_repository_11.yaml.bak delete mode 100755 queries/aws_ecr_repository_2.yaml.bak delete mode 100755 queries/aws_ecr_repository_2.yaml.bak.bak delete mode 100755 queries/aws_ecr_repository_3.yaml.bak delete mode 100755 queries/aws_ecr_repository_4.yaml.bak delete mode 100755 queries/aws_ecr_repository_5.yaml.bak delete mode 100755 queries/aws_ecr_repository_6.yaml.bak delete mode 100755 queries/aws_ecr_repository_7.yaml.bak delete mode 100755 queries/aws_ecr_repository_8.yaml.bak delete mode 100755 queries/aws_ecr_repository_9.yaml.bak delete mode 100755 queries/aws_ecrpublic_repository_1.yaml.bak delete mode 100755 queries/aws_ecrpublic_repository_2.yaml.bak delete mode 100755 queries/aws_ecs_cluster_1.yaml.bak delete mode 100755 queries/aws_ecs_cluster_2.yaml.bak delete mode 100755 queries/aws_ecs_cluster_3.yaml.bak delete mode 100755 queries/aws_ecs_cluster_4.yaml.bak delete mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml.bak delete mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml.bak delete mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml.bak delete mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml.bak delete mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml.bak delete mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml.bak delete mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml.bak delete mode 100755 queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml.bak delete mode 100755 queries/aws_ecs_container_instance_1.yaml.bak delete mode 100755 queries/aws_ecs_container_instance_2.yaml.bak delete mode 100755 queries/aws_ecs_container_instance_3.yaml.bak delete mode 100755 queries/aws_ecs_container_instance_4.yaml.bak delete mode 100755 queries/aws_ecs_service_1.yaml.bak delete mode 100755 queries/aws_ecs_service_2.yaml.bak delete mode 100755 queries/aws_ecs_service_3.yaml.bak delete mode 100755 queries/aws_ecs_task_1.yaml.bak delete mode 100755 queries/aws_ecs_task_2.yaml.bak delete mode 100755 queries/aws_ecs_task_3.yaml.bak delete mode 100755 queries/aws_ecs_task_3.yaml.bak.bak delete mode 100755 queries/aws_ecs_task_definition_1.yaml.bak delete mode 100755 queries/aws_ecs_task_definition_2.yaml.bak delete mode 100755 queries/aws_ecs_task_definition_3.yaml.bak delete mode 100755 queries/aws_ecs_task_definition_3.yaml.bak.bak delete mode 100755 queries/aws_ecs_task_definition_4.yaml.bak delete mode 100755 queries/aws_efs_access_point_1.yaml.bak delete mode 100755 queries/aws_efs_access_point_2.yaml.bak delete mode 100755 queries/aws_efs_access_point_3.yaml.bak delete mode 100755 queries/aws_efs_file_system_1.yaml.bak delete mode 100755 queries/aws_efs_file_system_2.yaml.bak delete mode 100755 queries/aws_efs_file_system_3.yaml.bak delete mode 100755 queries/aws_efs_file_system_4.yaml.bak delete mode 100755 queries/aws_efs_file_system_5.yaml.bak delete mode 100755 queries/aws_efs_file_system_6.yaml.bak delete mode 100755 queries/aws_efs_mount_target_1.yaml.bak delete mode 100755 queries/aws_efs_mount_target_2.yaml.bak delete mode 100755 queries/aws_eks_addon_1.yaml.bak delete mode 100755 queries/aws_eks_addon_2.yaml.bak delete mode 100755 queries/aws_eks_addon_3.yaml.bak delete mode 100755 queries/aws_eks_addon_3.yaml.bak.bak delete mode 100755 queries/aws_eks_addon_version_1.yaml.bak delete mode 100755 queries/aws_eks_addon_version_2.yaml.bak delete mode 100755 queries/aws_eks_addon_version_3.yaml.bak delete mode 100755 queries/aws_eks_cluster_1.yaml.bak delete mode 100755 queries/aws_eks_cluster_2.yaml.bak delete mode 100755 queries/aws_eks_cluster_3.yaml.bak delete mode 100755 queries/aws_eks_cluster_4.yaml.bak delete mode 100755 queries/aws_eks_fargate_profile_1.yaml.bak delete mode 100755 queries/aws_eks_fargate_profile_1.yaml.bak.bak delete mode 100755 queries/aws_eks_fargate_profile_2.yaml.bak delete mode 100755 queries/aws_eks_fargate_profile_3.yaml.bak delete mode 100755 queries/aws_eks_fargate_profile_4.yaml.bak delete mode 100755 queries/aws_eks_identity_provider_config_1.yaml.bak delete mode 100755 queries/aws_eks_identity_provider_config_2.yaml.bak delete mode 100755 queries/aws_eks_node_group_1.yaml.bak delete mode 100755 queries/aws_eks_node_group_2.yaml.bak delete mode 100755 queries/aws_eks_node_group_3.yaml.bak delete mode 100755 queries/aws_eks_node_group_4.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_application_1.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_application_2.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_application_version_1.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_application_version_2.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_application_version_3.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_application_version_4.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_application_version_5.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_application_version_6.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_environment_1.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_environment_2.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_environment_3.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_environment_3.yaml.bak.bak delete mode 100755 queries/aws_elastic_beanstalk_environment_4.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_environment_5.yaml.bak delete mode 100755 queries/aws_elastic_beanstalk_environment_6.yaml.bak delete mode 100755 queries/aws_elasticache_cluster_1.yaml.bak delete mode 100755 queries/aws_elasticache_cluster_2.yaml.bak delete mode 100755 queries/aws_elasticache_cluster_2.yaml.bak.bak delete mode 100755 queries/aws_elasticache_cluster_3.yaml.bak delete mode 100755 queries/aws_elasticache_cluster_4.yaml.bak delete mode 100755 queries/aws_elasticache_cluster_5.yaml.bak delete mode 100755 queries/aws_elasticache_cluster_6.yaml.bak delete mode 100755 queries/aws_elasticache_cluster_7.yaml.bak delete mode 100755 queries/aws_elasticache_parameter_group_1.yaml.bak delete mode 100755 queries/aws_elasticache_parameter_group_2.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak.bak delete mode 100755 queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak.bak delete mode 100755 queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml.bak delete mode 100755 queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml.bak delete mode 100755 queries/aws_elasticache_replication_group_1.yaml.bak delete mode 100755 queries/aws_elasticache_replication_group_2.yaml.bak delete mode 100755 queries/aws_elasticache_replication_group_2.yaml.bak.bak delete mode 100755 queries/aws_elasticache_replication_group_3.yaml.bak delete mode 100755 queries/aws_elasticache_replication_group_4.yaml.bak delete mode 100755 queries/aws_elasticache_replication_group_5.yaml.bak delete mode 100755 queries/aws_elasticache_replication_group_6.yaml.bak delete mode 100755 queries/aws_elasticache_reserved_cache_node_1.yaml.bak delete mode 100755 queries/aws_elasticache_reserved_cache_node_2.yaml.bak delete mode 100755 queries/aws_elasticache_reserved_cache_node_2.yaml.bak.bak delete mode 100755 queries/aws_elasticache_reserved_cache_node_3.yaml.bak delete mode 100755 queries/aws_elasticache_reserved_cache_node_4.yaml.bak delete mode 100755 queries/aws_elasticache_reserved_cache_node_5.yaml.bak delete mode 100755 queries/aws_elasticache_subnet_group_1.yaml.bak delete mode 100755 queries/aws_elasticache_subnet_group_2.yaml.bak delete mode 100755 queries/aws_elasticache_subnet_group_3.yaml.bak delete mode 100755 queries/aws_elasticsearch_domain_1.yaml.bak delete mode 100755 queries/aws_elasticsearch_domain_2.yaml.bak delete mode 100755 queries/aws_elasticsearch_domain_3.yaml.bak delete mode 100755 queries/aws_elasticsearch_domain_4.yaml.bak delete mode 100755 queries/aws_elasticsearch_domain_5.yaml.bak delete mode 100755 queries/aws_elasticsearch_domain_6.yaml.bak delete mode 100755 queries/aws_elasticsearch_domain_7.yaml.bak delete mode 100755 queries/aws_elasticsearch_domain_8.yaml.bak delete mode 100755 queries/aws_elasticsearch_domain_8.yaml.bak.bak delete mode 100755 queries/aws_emr_block_public_access_configuration_1.yaml.bak delete mode 100755 queries/aws_emr_block_public_access_configuration_1.yaml.bak.bak delete mode 100755 queries/aws_emr_block_public_access_configuration_2.yaml.bak delete mode 100755 queries/aws_emr_block_public_access_configuration_3.yaml.bak delete mode 100755 queries/aws_emr_block_public_access_configuration_4.yaml.bak delete mode 100755 queries/aws_emr_cluster_1.yaml.bak delete mode 100755 queries/aws_emr_cluster_2.yaml.bak delete mode 100755 queries/aws_emr_cluster_3.yaml.bak delete mode 100755 queries/aws_emr_cluster_4.yaml.bak delete mode 100755 queries/aws_emr_cluster_5.yaml.bak delete mode 100755 queries/aws_emr_cluster_6.yaml.bak delete mode 100755 queries/aws_emr_cluster_metric_is_idle_1.yaml.bak delete mode 100755 queries/aws_emr_instance_1.yaml.bak delete mode 100755 queries/aws_emr_instance_2.yaml.bak delete mode 100755 queries/aws_emr_instance_3.yaml.bak delete mode 100755 queries/aws_emr_instance_4.yaml.bak delete mode 100755 queries/aws_emr_instance_fleet_1.yaml.bak delete mode 100755 queries/aws_emr_instance_fleet_2.yaml.bak delete mode 100755 queries/aws_emr_instance_fleet_3.yaml.bak delete mode 100755 queries/aws_emr_instance_group_1.yaml.bak delete mode 100755 queries/aws_emr_instance_group_2.yaml.bak delete mode 100755 queries/aws_emr_instance_group_3.yaml.bak delete mode 100755 queries/aws_emr_security_configuration_1.yaml.bak delete mode 100755 queries/aws_emr_security_configuration_2.yaml.bak delete mode 100755 queries/aws_emr_security_configuration_3.yaml.bak delete mode 100755 queries/aws_eventbridge_bus_1.yaml.bak delete mode 100755 queries/aws_eventbridge_rule_1.yaml.bak delete mode 100755 queries/aws_eventbridge_rule_2.yaml.bak delete mode 100755 queries/aws_eventbridge_rule_2.yaml.bak.bak delete mode 100755 queries/aws_eventbridge_rule_3.yaml.bak delete mode 100755 queries/aws_fms_app_list_1.yaml.bak delete mode 100755 queries/aws_fms_app_list_2.yaml.bak delete mode 100755 queries/aws_fms_app_list_3.yaml.bak delete mode 100755 queries/aws_fms_policy_1.yaml.bak delete mode 100755 queries/aws_fms_policy_2.yaml.bak delete mode 100755 queries/aws_fms_policy_3.yaml.bak delete mode 100755 queries/aws_fms_policy_4.yaml.bak delete mode 100755 queries/aws_fsx_file_system_1.yaml.bak delete mode 100755 queries/aws_fsx_file_system_2.yaml.bak delete mode 100755 queries/aws_glacier_vault_1.yaml.bak delete mode 100755 queries/aws_glacier_vault_2.yaml.bak delete mode 100755 queries/aws_glacier_vault_2.yaml.bak.bak delete mode 100755 queries/aws_glacier_vault_3.yaml.bak delete mode 100755 queries/aws_glacier_vault_4.yaml.bak delete mode 100755 queries/aws_glacier_vault_5.yaml.bak delete mode 100755 queries/aws_glacier_vault_6.yaml.bak delete mode 100755 queries/aws_globalaccelerator_accelerator_1.yaml.bak delete mode 100755 queries/aws_globalaccelerator_accelerator_2.yaml.bak delete mode 100755 queries/aws_globalaccelerator_accelerator_3.yaml.bak delete mode 100755 queries/aws_globalaccelerator_endpoint_group_1.yaml.bak delete mode 100755 queries/aws_globalaccelerator_endpoint_group_2.yaml.bak delete mode 100755 queries/aws_globalaccelerator_endpoint_group_3.yaml.bak delete mode 100755 queries/aws_globalaccelerator_endpoint_group_3.yaml.bak.bak delete mode 100755 queries/aws_globalaccelerator_listener_1.yaml.bak delete mode 100755 queries/aws_globalaccelerator_listener_2.yaml.bak delete mode 100755 queries/aws_globalaccelerator_listener_3.yaml.bak delete mode 100755 queries/aws_globalaccelerator_listener_4.yaml.bak delete mode 100755 queries/aws_glue_catalog_database_1.yaml.bak delete mode 100755 queries/aws_glue_catalog_database_2.yaml.bak delete mode 100755 queries/aws_glue_catalog_table_1.yaml.bak delete mode 100755 queries/aws_glue_catalog_table_2.yaml.bak delete mode 100755 queries/aws_glue_catalog_table_3.yaml.bak delete mode 100755 queries/aws_glue_connection_1.yaml.bak delete mode 100755 queries/aws_glue_connection_2.yaml.bak delete mode 100755 queries/aws_glue_connection_3.yaml.bak delete mode 100755 queries/aws_glue_connection_3.yaml.bak.bak delete mode 100755 queries/aws_glue_connection_4.yaml.bak delete mode 100755 queries/aws_glue_crawler_1.yaml.bak delete mode 100755 queries/aws_glue_crawler_2.yaml.bak delete mode 100755 queries/aws_glue_data_catalog_encryption_settings_1.yaml.bak delete mode 100755 queries/aws_glue_data_catalog_encryption_settings_2.yaml.bak delete mode 100755 queries/aws_glue_data_catalog_encryption_settings_3.yaml.bak delete mode 100755 queries/aws_glue_data_catalog_encryption_settings_4.yaml.bak delete mode 100755 queries/aws_glue_data_catalog_encryption_settings_5.yaml.bak delete mode 100755 queries/aws_glue_data_quality_ruleset_1.yaml.bak delete mode 100755 queries/aws_glue_data_quality_ruleset_2.yaml.bak delete mode 100755 queries/aws_glue_data_quality_ruleset_3.yaml.bak delete mode 100755 queries/aws_glue_data_quality_ruleset_4.yaml.bak delete mode 100755 queries/aws_glue_data_quality_ruleset_5.yaml.bak delete mode 100755 queries/aws_glue_dev_endpoint_1.yaml.bak delete mode 100755 queries/aws_glue_dev_endpoint_2.yaml.bak delete mode 100755 queries/aws_glue_dev_endpoint_2.yaml.bak.bak delete mode 100755 queries/aws_glue_dev_endpoint_3.yaml.bak delete mode 100755 queries/aws_glue_dev_endpoint_4.yaml.bak delete mode 100755 queries/aws_glue_dev_endpoint_5.yaml.bak delete mode 100755 queries/aws_glue_dev_endpoint_6.yaml.bak delete mode 100755 queries/aws_glue_job_1.yaml.bak delete mode 100755 queries/aws_glue_job_10.yaml.bak delete mode 100755 queries/aws_glue_job_10.yaml.bak.bak delete mode 100755 queries/aws_glue_job_2.yaml.bak delete mode 100755 queries/aws_glue_job_3.yaml.bak delete mode 100755 queries/aws_glue_job_4.yaml.bak delete mode 100755 queries/aws_glue_job_5.yaml.bak delete mode 100755 queries/aws_glue_job_6.yaml.bak delete mode 100755 queries/aws_glue_job_7.yaml.bak delete mode 100755 queries/aws_glue_job_8.yaml.bak delete mode 100755 queries/aws_glue_job_9.yaml.bak delete mode 100755 queries/aws_glue_security_configuration_1.yaml.bak delete mode 100755 queries/aws_glue_security_configuration_2.yaml.bak delete mode 100755 queries/aws_glue_security_configuration_3.yaml.bak delete mode 100755 queries/aws_glue_security_configuration_4.yaml.bak delete mode 100755 queries/aws_guardduty_detector_1.yaml.bak delete mode 100755 queries/aws_guardduty_detector_2.yaml.bak delete mode 100755 queries/aws_guardduty_detector_3.yaml.bak delete mode 100755 queries/aws_guardduty_detector_4.yaml.bak delete mode 100755 queries/aws_guardduty_filter_1.yaml.bak delete mode 100755 queries/aws_guardduty_filter_2.yaml.bak delete mode 100755 queries/aws_guardduty_filter_3.yaml.bak delete mode 100755 queries/aws_guardduty_filter_4.yaml.bak delete mode 100755 queries/aws_guardduty_filter_5.yaml.bak delete mode 100755 queries/aws_guardduty_finding_1.yaml.bak delete mode 100755 queries/aws_guardduty_finding_2.yaml.bak delete mode 100755 queries/aws_guardduty_ipset_1.yaml.bak delete mode 100755 queries/aws_guardduty_ipset_2.yaml.bak delete mode 100755 queries/aws_guardduty_member_1.yaml.bak delete mode 100755 queries/aws_guardduty_member_2.yaml.bak delete mode 100755 queries/aws_guardduty_member_3.yaml.bak delete mode 100755 queries/aws_guardduty_member_4.yaml.bak delete mode 100755 queries/aws_guardduty_member_4.yaml.bak.bak delete mode 100755 queries/aws_guardduty_publishing_destination_1.yaml.bak delete mode 100755 queries/aws_guardduty_publishing_destination_1.yaml.bak.bak delete mode 100755 queries/aws_guardduty_publishing_destination_2.yaml.bak delete mode 100755 queries/aws_guardduty_publishing_destination_3.yaml.bak delete mode 100755 queries/aws_guardduty_publishing_destination_4.yaml.bak delete mode 100755 queries/aws_guardduty_publishing_destination_5.yaml.bak delete mode 100755 queries/aws_guardduty_publishing_destination_6.yaml.bak delete mode 100755 queries/aws_guardduty_threat_intel_set_1.yaml.bak delete mode 100755 queries/aws_guardduty_threat_intel_set_2.yaml.bak delete mode 100755 queries/aws_health_affected_entity_1.yaml.bak delete mode 100755 queries/aws_health_affected_entity_2.yaml.bak delete mode 100755 queries/aws_health_affected_entity_3.yaml.bak delete mode 100755 queries/aws_health_event_1.yaml.bak delete mode 100755 queries/aws_health_event_2.yaml.bak delete mode 100755 queries/aws_health_event_3.yaml.bak delete mode 100755 queries/aws_health_event_4.yaml.bak delete mode 100755 queries/aws_iam_access_advisor_1.yaml.bak delete mode 100755 queries/aws_iam_access_advisor_2.yaml.bak delete mode 100755 queries/aws_iam_access_advisor_2.yaml.bak.bak delete mode 100755 queries/aws_iam_access_advisor_3.yaml.bak delete mode 100755 queries/aws_iam_access_advisor_4.yaml.bak delete mode 100755 queries/aws_iam_access_advisor_5.yaml.bak delete mode 100755 queries/aws_iam_access_advisor_6.yaml.bak delete mode 100755 queries/aws_iam_access_key_1.yaml.bak delete mode 100755 queries/aws_iam_access_key_2.yaml.bak delete mode 100755 queries/aws_iam_access_key_3.yaml.bak delete mode 100755 queries/aws_iam_account_password_policy_1.yaml.bak delete mode 100755 queries/aws_iam_account_password_policy_2.yaml.bak delete mode 100755 queries/aws_iam_account_password_policy_3.yaml.bak delete mode 100755 queries/aws_iam_account_password_policy_4.yaml.bak delete mode 100755 queries/aws_iam_account_password_policy_5.yaml.bak delete mode 100755 queries/aws_iam_account_password_policy_6.yaml.bak delete mode 100755 queries/aws_iam_account_password_policy_7.yaml.bak delete mode 100755 queries/aws_iam_account_password_policy_8.yaml.bak delete mode 100755 queries/aws_iam_account_summary_1.yaml.bak delete mode 100755 queries/aws_iam_account_summary_2.yaml.bak delete mode 100755 queries/aws_iam_account_summary_3.yaml.bak delete mode 100755 queries/aws_iam_action_1.yaml.bak delete mode 100755 queries/aws_iam_action_2.yaml.bak delete mode 100755 queries/aws_iam_action_3.yaml.bak delete mode 100755 queries/aws_iam_action_4.yaml.bak delete mode 100755 queries/aws_iam_action_5.yaml.bak delete mode 100755 queries/aws_iam_credential_report_1.yaml.bak delete mode 100755 queries/aws_iam_credential_report_2.yaml.bak delete mode 100755 queries/aws_iam_credential_report_3.yaml.bak delete mode 100755 queries/aws_iam_credential_report_4.yaml.bak delete mode 100755 queries/aws_iam_credential_report_5.yaml.bak delete mode 100755 queries/aws_iam_credential_report_6.yaml.bak delete mode 100755 queries/aws_iam_credential_report_6.yaml.bak.bak delete mode 100755 queries/aws_iam_group_1.yaml.bak delete mode 100755 queries/aws_iam_group_2.yaml.bak delete mode 100755 queries/aws_iam_group_3.yaml.bak delete mode 100755 queries/aws_iam_group_4.yaml.bak delete mode 100755 queries/aws_iam_open_id_connect_provider_1.yaml.bak delete mode 100755 queries/aws_iam_open_id_connect_provider_2.yaml.bak delete mode 100755 queries/aws_iam_open_id_connect_provider_2.yaml.bak.bak delete mode 100755 queries/aws_iam_open_id_connect_provider_3.yaml.bak delete mode 100755 queries/aws_iam_open_id_connect_provider_4.yaml.bak delete mode 100755 queries/aws_iam_policy_1.yaml.bak delete mode 100755 queries/aws_iam_policy_2.yaml.bak delete mode 100755 queries/aws_iam_policy_3.yaml.bak delete mode 100755 queries/aws_iam_policy_4.yaml.bak delete mode 100755 queries/aws_iam_policy_5.yaml.bak delete mode 100755 queries/aws_iam_policy_6.yaml.bak delete mode 100755 queries/aws_iam_policy_7.yaml.bak delete mode 100755 queries/aws_iam_policy_attachment_1.yaml.bak delete mode 100755 queries/aws_iam_policy_attachment_2.yaml.bak delete mode 100755 queries/aws_iam_policy_attachment_3.yaml.bak delete mode 100755 queries/aws_iam_policy_simulator_1.yaml.bak delete mode 100755 queries/aws_iam_policy_simulator_2.yaml.bak delete mode 100755 queries/aws_iam_policy_simulator_3.yaml.bak delete mode 100755 queries/aws_iam_role_1.yaml.bak delete mode 100755 queries/aws_iam_role_10.yaml.bak delete mode 100755 queries/aws_iam_role_2.yaml.bak delete mode 100755 queries/aws_iam_role_3.yaml.bak delete mode 100755 queries/aws_iam_role_4.yaml.bak delete mode 100755 queries/aws_iam_role_4.yaml.bak.bak delete mode 100755 queries/aws_iam_role_5.yaml.bak delete mode 100755 queries/aws_iam_role_6.yaml.bak delete mode 100755 queries/aws_iam_role_7.yaml.bak delete mode 100755 queries/aws_iam_role_8.yaml.bak delete mode 100755 queries/aws_iam_role_9.yaml.bak delete mode 100755 queries/aws_iam_saml_provider_1.yaml.bak delete mode 100755 queries/aws_iam_saml_provider_2.yaml.bak delete mode 100755 queries/aws_iam_saml_provider_3.yaml.bak delete mode 100755 queries/aws_iam_server_certificate_1.yaml.bak delete mode 100755 queries/aws_iam_server_certificate_1.yaml.bak.bak delete mode 100755 queries/aws_iam_server_certificate_2.yaml.bak delete mode 100755 queries/aws_iam_service_specific_credential_1.yaml.bak delete mode 100755 queries/aws_iam_service_specific_credential_2.yaml.bak delete mode 100755 queries/aws_iam_service_specific_credential_2.yaml.bak.bak delete mode 100755 queries/aws_iam_service_specific_credential_3.yaml.bak delete mode 100755 queries/aws_iam_user_1.yaml.bak delete mode 100755 queries/aws_iam_user_2.yaml.bak delete mode 100755 queries/aws_iam_user_2.yaml.bak.bak delete mode 100755 queries/aws_iam_user_3.yaml.bak delete mode 100755 queries/aws_iam_user_4.yaml.bak delete mode 100755 queries/aws_iam_user_5.yaml.bak delete mode 100755 queries/aws_iam_user_6.yaml.bak delete mode 100755 queries/aws_iam_virtual_mfa_device_1.yaml.bak delete mode 100755 queries/aws_iam_virtual_mfa_device_2.yaml.bak delete mode 100755 queries/aws_identitystore_group_1.yaml.bak delete mode 100755 queries/aws_identitystore_group_2.yaml.bak delete mode 100755 queries/aws_identitystore_group_membership_1.yaml.bak delete mode 100755 queries/aws_identitystore_group_membership_2.yaml.bak delete mode 100755 queries/aws_identitystore_group_membership_3.yaml.bak delete mode 100755 queries/aws_identitystore_user_1.yaml.bak delete mode 100755 queries/aws_identitystore_user_2.yaml.bak delete mode 100755 queries/aws_inspector2_coverage_1.yaml.bak delete mode 100755 queries/aws_inspector2_coverage_2.yaml.bak delete mode 100755 queries/aws_inspector2_coverage_3.yaml.bak delete mode 100755 queries/aws_inspector2_coverage_3.yaml.bak.bak delete mode 100755 queries/aws_inspector2_coverage_4.yaml.bak delete mode 100755 queries/aws_inspector2_coverage_5.yaml.bak delete mode 100755 queries/aws_inspector2_coverage_6.yaml.bak delete mode 100755 queries/aws_inspector2_coverage_7.yaml.bak delete mode 100755 queries/aws_inspector2_coverage_8.yaml.bak delete mode 100755 queries/aws_inspector2_coverage_9.yaml.bak delete mode 100755 queries/aws_inspector2_coverage_statistics_1.yaml.bak delete mode 100755 queries/aws_inspector2_coverage_statistics_2.yaml.bak delete mode 100755 queries/aws_inspector2_coverage_statistics_2.yaml.bak.bak delete mode 100755 queries/aws_inspector2_finding_1.yaml.bak delete mode 100755 queries/aws_inspector2_finding_10.yaml.bak delete mode 100755 queries/aws_inspector2_finding_11.yaml.bak delete mode 100755 queries/aws_inspector2_finding_12.yaml.bak delete mode 100755 queries/aws_inspector2_finding_13.yaml.bak delete mode 100755 queries/aws_inspector2_finding_13.yaml.bak.bak delete mode 100755 queries/aws_inspector2_finding_14.yaml.bak delete mode 100755 queries/aws_inspector2_finding_15.yaml.bak delete mode 100755 queries/aws_inspector2_finding_2.yaml.bak delete mode 100755 queries/aws_inspector2_finding_3.yaml.bak delete mode 100755 queries/aws_inspector2_finding_4.yaml.bak delete mode 100755 queries/aws_inspector2_finding_5.yaml.bak delete mode 100755 queries/aws_inspector2_finding_6.yaml.bak delete mode 100755 queries/aws_inspector2_finding_6.yaml.bak.bak delete mode 100755 queries/aws_inspector2_finding_7.yaml.bak delete mode 100755 queries/aws_inspector2_finding_8.yaml.bak delete mode 100755 queries/aws_inspector2_finding_9.yaml.bak delete mode 100755 queries/aws_inspector2_member_1.yaml.bak delete mode 100755 queries/aws_inspector2_member_2.yaml.bak delete mode 100755 queries/aws_inspector2_member_2.yaml.bak.bak delete mode 100755 queries/aws_inspector2_member_3.yaml.bak delete mode 100755 queries/aws_inspector_assessment_run_1.yaml.bak delete mode 100755 queries/aws_inspector_assessment_run_2.yaml.bak delete mode 100755 queries/aws_inspector_assessment_run_3.yaml.bak delete mode 100755 queries/aws_inspector_assessment_run_4.yaml.bak delete mode 100755 queries/aws_inspector_assessment_run_5.yaml.bak delete mode 100755 queries/aws_inspector_assessment_run_6.yaml.bak delete mode 100755 queries/aws_inspector_assessment_run_6.yaml.bak.bak delete mode 100755 queries/aws_inspector_assessment_target_1.yaml.bak delete mode 100755 queries/aws_inspector_assessment_target_2.yaml.bak delete mode 100755 queries/aws_inspector_assessment_target_2.yaml.bak.bak delete mode 100755 queries/aws_inspector_assessment_target_3.yaml.bak delete mode 100755 queries/aws_inspector_assessment_template_1.yaml.bak delete mode 100755 queries/aws_inspector_assessment_template_2.yaml.bak delete mode 100755 queries/aws_inspector_assessment_template_3.yaml.bak delete mode 100755 queries/aws_inspector_assessment_template_4.yaml.bak delete mode 100755 queries/aws_inspector_assessment_template_5.yaml.bak delete mode 100755 queries/aws_inspector_assessment_template_6.yaml.bak delete mode 100755 queries/aws_inspector_exclusion_1.yaml.bak delete mode 100755 queries/aws_inspector_exclusion_1.yaml.bak.bak delete mode 100755 queries/aws_inspector_exclusion_2.yaml.bak delete mode 100755 queries/aws_inspector_exclusion_3.yaml.bak delete mode 100755 queries/aws_inspector_exclusion_4.yaml.bak delete mode 100755 queries/aws_inspector_exclusion_5.yaml.bak delete mode 100755 queries/aws_inspector_finding_1.yaml.bak delete mode 100755 queries/aws_inspector_finding_10.yaml.bak delete mode 100755 queries/aws_inspector_finding_2.yaml.bak delete mode 100755 queries/aws_inspector_finding_3.yaml.bak delete mode 100755 queries/aws_inspector_finding_4.yaml.bak delete mode 100755 queries/aws_inspector_finding_5.yaml.bak delete mode 100755 queries/aws_inspector_finding_5.yaml.bak.bak delete mode 100755 queries/aws_inspector_finding_6.yaml.bak delete mode 100755 queries/aws_inspector_finding_7.yaml.bak delete mode 100755 queries/aws_inspector_finding_8.yaml.bak delete mode 100755 queries/aws_inspector_finding_9.yaml.bak delete mode 100755 queries/aws_iot_fleet_metric_1.yaml.bak delete mode 100755 queries/aws_iot_fleet_metric_1.yaml.bak.bak delete mode 100755 queries/aws_iot_fleet_metric_2.yaml.bak delete mode 100755 queries/aws_iot_fleet_metric_3.yaml.bak delete mode 100755 queries/aws_iot_thing_1.yaml.bak delete mode 100755 queries/aws_iot_thing_2.yaml.bak delete mode 100755 queries/aws_iot_thing_3.yaml.bak delete mode 100755 queries/aws_iot_thing_group_1.yaml.bak delete mode 100755 queries/aws_iot_thing_group_2.yaml.bak delete mode 100755 queries/aws_iot_thing_group_3.yaml.bak delete mode 100755 queries/aws_iot_thing_group_3.yaml.bak.bak delete mode 100755 queries/aws_iot_thing_group_4.yaml.bak delete mode 100755 queries/aws_iot_thing_type_1.yaml.bak delete mode 100755 queries/aws_iot_thing_type_2.yaml.bak delete mode 100755 queries/aws_iot_thing_type_3.yaml.bak delete mode 100755 queries/aws_iot_thing_type_4.yaml.bak delete mode 100755 queries/aws_kinesis_consumer_1.yaml.bak delete mode 100755 queries/aws_kinesis_consumer_2.yaml.bak delete mode 100755 queries/aws_kinesis_firehose_delivery_stream_1.yaml.bak delete mode 100755 queries/aws_kinesis_firehose_delivery_stream_2.yaml.bak delete mode 100755 queries/aws_kinesis_firehose_delivery_stream_3.yaml.bak delete mode 100755 queries/aws_kinesis_firehose_delivery_stream_4.yaml.bak delete mode 100755 queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak delete mode 100755 queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak.bak delete mode 100755 queries/aws_kinesis_stream_1.yaml.bak delete mode 100755 queries/aws_kinesis_stream_2.yaml.bak delete mode 100755 queries/aws_kinesis_stream_3.yaml.bak delete mode 100755 queries/aws_kinesis_stream_4.yaml.bak delete mode 100755 queries/aws_kinesis_stream_5.yaml.bak delete mode 100755 queries/aws_kinesis_video_stream_1.yaml.bak delete mode 100755 queries/aws_kinesis_video_stream_2.yaml.bak delete mode 100755 queries/aws_kinesis_video_stream_3.yaml.bak delete mode 100755 queries/aws_kinesis_video_stream_4.yaml.bak delete mode 100755 queries/aws_kinesisanalyticsv2_application_1.yaml.bak delete mode 100755 queries/aws_kinesisanalyticsv2_application_2.yaml.bak delete mode 100755 queries/aws_kinesisanalyticsv2_application_3.yaml.bak delete mode 100755 queries/aws_kms_alias_1.yaml.bak delete mode 100755 queries/aws_kms_alias_2.yaml.bak delete mode 100755 queries/aws_kms_alias_3.yaml.bak delete mode 100755 queries/aws_kms_alias_3.yaml.bak.bak delete mode 100755 queries/aws_kms_alias_4.yaml.bak delete mode 100755 queries/aws_kms_key_1.yaml.bak delete mode 100755 queries/aws_kms_key_2.yaml.bak delete mode 100755 queries/aws_kms_key_3.yaml.bak delete mode 100755 queries/aws_kms_key_4.yaml.bak delete mode 100755 queries/aws_kms_key_5.yaml.bak delete mode 100755 queries/aws_kms_key_rotation_1.yaml.bak delete mode 100755 queries/aws_kms_key_rotation_2.yaml.bak delete mode 100755 queries/aws_kms_key_rotation_3.yaml.bak delete mode 100755 queries/aws_kms_key_rotation_3.yaml.bak.bak delete mode 100755 queries/aws_kms_key_rotation_4.yaml.bak delete mode 100755 queries/aws_lambda_alias_1.yaml.bak delete mode 100755 queries/aws_lambda_alias_2.yaml.bak delete mode 100755 queries/aws_lambda_alias_3.yaml.bak delete mode 100755 queries/aws_lambda_alias_4.yaml.bak delete mode 100755 queries/aws_lambda_alias_4.yaml.bak.bak delete mode 100755 queries/aws_lambda_event_source_mapping_1.yaml.bak delete mode 100755 queries/aws_lambda_event_source_mapping_2.yaml.bak delete mode 100755 queries/aws_lambda_event_source_mapping_3.yaml.bak delete mode 100755 queries/aws_lambda_event_source_mapping_4.yaml.bak delete mode 100755 queries/aws_lambda_event_source_mapping_5.yaml.bak delete mode 100755 queries/aws_lambda_event_source_mapping_6.yaml.bak delete mode 100755 queries/aws_lambda_event_source_mapping_7.yaml.bak delete mode 100755 queries/aws_lambda_event_source_mapping_8.yaml.bak delete mode 100755 queries/aws_lambda_function_1.yaml.bak delete mode 100755 queries/aws_lambda_function_1.yaml.bak.bak delete mode 100755 queries/aws_lambda_function_10.yaml.bak delete mode 100755 queries/aws_lambda_function_2.yaml.bak delete mode 100755 queries/aws_lambda_function_3.yaml.bak delete mode 100755 queries/aws_lambda_function_4.yaml.bak delete mode 100755 queries/aws_lambda_function_5.yaml.bak delete mode 100755 queries/aws_lambda_function_6.yaml.bak delete mode 100755 queries/aws_lambda_function_7.yaml.bak delete mode 100755 queries/aws_lambda_function_8.yaml.bak delete mode 100755 queries/aws_lambda_function_9.yaml.bak delete mode 100755 queries/aws_lambda_function_metric_duration_daily_1.yaml.bak delete mode 100755 queries/aws_lambda_function_metric_duration_daily_2.yaml.bak delete mode 100755 queries/aws_lambda_function_metric_duration_daily_3.yaml.bak delete mode 100755 queries/aws_lambda_function_metric_errors_daily_1.yaml.bak delete mode 100755 queries/aws_lambda_function_metric_errors_daily_2.yaml.bak delete mode 100755 queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak delete mode 100755 queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak.bak delete mode 100755 queries/aws_lambda_function_metric_invocations_daily_2.yaml.bak delete mode 100755 queries/aws_lambda_layer_1.yaml.bak delete mode 100755 queries/aws_lambda_layer_1.yaml.bak.bak delete mode 100755 queries/aws_lambda_layer_version_1.yaml.bak delete mode 100755 queries/aws_lambda_version_1.yaml.bak delete mode 100755 queries/aws_lambda_version_1.yaml.bak.bak delete mode 100755 queries/aws_lambda_version_2.yaml.bak delete mode 100755 queries/aws_lambda_version_3.yaml.bak delete mode 100755 queries/aws_lambda_version_4.yaml.bak delete mode 100755 queries/aws_lightsail_bucket_1.yaml.bak delete mode 100755 queries/aws_lightsail_bucket_2.yaml.bak delete mode 100755 queries/aws_lightsail_bucket_2.yaml.bak.bak delete mode 100755 queries/aws_lightsail_bucket_3.yaml.bak delete mode 100755 queries/aws_lightsail_bucket_4.yaml.bak delete mode 100755 queries/aws_lightsail_bucket_5.yaml.bak delete mode 100755 queries/aws_lightsail_bucket_6.yaml.bak delete mode 100755 queries/aws_lightsail_bucket_7.yaml.bak delete mode 100755 queries/aws_lightsail_instance_1.yaml.bak delete mode 100755 queries/aws_lightsail_instance_2.yaml.bak delete mode 100755 queries/aws_lightsail_instance_3.yaml.bak delete mode 100755 queries/aws_lightsail_instance_4.yaml.bak delete mode 100755 queries/aws_lightsail_instance_5.yaml.bak delete mode 100755 queries/aws_macie2_classification_job_1.yaml.bak delete mode 100755 queries/aws_macie2_classification_job_2.yaml.bak delete mode 100755 queries/aws_macie2_classification_job_3.yaml.bak delete mode 100755 queries/aws_macie2_classification_job_4.yaml.bak delete mode 100755 queries/aws_media_store_container_1.yaml.bak delete mode 100755 queries/aws_media_store_container_2.yaml.bak delete mode 100755 queries/aws_media_store_container_3.yaml.bak delete mode 100755 queries/aws_media_store_container_4.yaml.bak delete mode 100755 queries/aws_memorydb_cluster_1.yaml.bak delete mode 100755 queries/aws_memorydb_cluster_2.yaml.bak delete mode 100755 queries/aws_memorydb_cluster_2.yaml.bak.bak delete mode 100755 queries/aws_memorydb_cluster_3.yaml.bak delete mode 100755 queries/aws_memorydb_cluster_4.yaml.bak delete mode 100755 queries/aws_memorydb_cluster_5.yaml.bak delete mode 100755 queries/aws_memorydb_cluster_6.yaml.bak delete mode 100755 queries/aws_memorydb_cluster_7.yaml.bak delete mode 100755 queries/aws_memorydb_cluster_8.yaml.bak delete mode 100755 queries/aws_memorydb_cluster_9.yaml.bak delete mode 100755 queries/aws_mgn_application_1.yaml.bak delete mode 100755 queries/aws_mgn_application_1.yaml.bak.bak delete mode 100755 queries/aws_mgn_application_2.yaml.bak delete mode 100755 queries/aws_mgn_application_3.yaml.bak delete mode 100755 queries/aws_mgn_application_4.yaml.bak delete mode 100755 queries/aws_mq_broker_1.yaml.bak delete mode 100755 queries/aws_mq_broker_2.yaml.bak delete mode 100755 queries/aws_mq_broker_3.yaml.bak delete mode 100755 queries/aws_mq_broker_4.yaml.bak delete mode 100755 queries/aws_mq_broker_5.yaml.bak delete mode 100755 queries/aws_msk_cluster_1.yaml.bak delete mode 100755 queries/aws_msk_cluster_2.yaml.bak delete mode 100755 queries/aws_msk_cluster_2.yaml.bak.bak delete mode 100755 queries/aws_msk_cluster_3.yaml.bak delete mode 100755 queries/aws_msk_cluster_4.yaml.bak delete mode 100755 queries/aws_msk_cluster_5.yaml.bak delete mode 100755 queries/aws_msk_cluster_6.yaml.bak delete mode 100755 queries/aws_msk_cluster_7.yaml.bak delete mode 100755 queries/aws_msk_serverless_cluster_1.yaml.bak delete mode 100755 queries/aws_msk_serverless_cluster_2.yaml.bak delete mode 100755 queries/aws_msk_serverless_cluster_3.yaml.bak delete mode 100755 queries/aws_msk_serverless_cluster_4.yaml.bak delete mode 100755 queries/aws_msk_serverless_cluster_5.yaml.bak delete mode 100755 queries/aws_neptune_db_cluster_1.yaml.bak delete mode 100755 queries/aws_neptune_db_cluster_2.yaml.bak delete mode 100755 queries/aws_neptune_db_cluster_3.yaml.bak delete mode 100755 queries/aws_neptune_db_cluster_3.yaml.bak.bak delete mode 100755 queries/aws_neptune_db_cluster_4.yaml.bak delete mode 100755 queries/aws_neptune_db_cluster_snapshot_1.yaml.bak delete mode 100755 queries/aws_neptune_db_cluster_snapshot_2.yaml.bak delete mode 100755 queries/aws_neptune_db_cluster_snapshot_3.yaml.bak delete mode 100755 queries/aws_neptune_db_cluster_snapshot_4.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_1.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_2.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_3.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_4.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_5.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_6.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_7.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_8.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_policy_1.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_policy_2.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_policy_3.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_policy_4.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_policy_5.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_policy_5.yaml.bak.bak delete mode 100755 queries/aws_networkfirewall_firewall_policy_6.yaml.bak delete mode 100755 queries/aws_networkfirewall_firewall_policy_7.yaml.bak delete mode 100755 queries/aws_networkfirewall_rule_group_1.yaml.bak delete mode 100755 queries/aws_networkfirewall_rule_group_2.yaml.bak delete mode 100755 queries/aws_networkfirewall_rule_group_3.yaml.bak delete mode 100755 queries/aws_networkfirewall_rule_group_4.yaml.bak delete mode 100755 queries/aws_networkfirewall_rule_group_5.yaml.bak delete mode 100755 queries/aws_oam_link_1.yaml.bak delete mode 100755 queries/aws_oam_link_2.yaml.bak delete mode 100755 queries/aws_oam_link_3.yaml.bak delete mode 100755 queries/aws_oam_sink_1.yaml.bak delete mode 100755 queries/aws_oam_sink_1.yaml.bak.bak delete mode 100755 queries/aws_oam_sink_2.yaml.bak delete mode 100755 queries/aws_opensearch_domain_1.yaml.bak delete mode 100755 queries/aws_opensearch_domain_2.yaml.bak delete mode 100755 queries/aws_opensearch_domain_3.yaml.bak delete mode 100755 queries/aws_opensearch_domain_4.yaml.bak delete mode 100755 queries/aws_opensearch_domain_5.yaml.bak delete mode 100755 queries/aws_opensearch_domain_6.yaml.bak delete mode 100755 queries/aws_opensearch_domain_6.yaml.bak.bak delete mode 100755 queries/aws_opensearch_domain_7.yaml.bak delete mode 100755 queries/aws_opensearch_domain_8.yaml.bak delete mode 100755 queries/aws_organizations_account_1.yaml.bak delete mode 100755 queries/aws_organizations_account_2.yaml.bak delete mode 100755 queries/aws_organizations_organizational_unit_1.yaml.bak delete mode 100755 queries/aws_organizations_organizational_unit_2.yaml.bak delete mode 100755 queries/aws_organizations_organizational_unit_3.yaml.bak delete mode 100755 queries/aws_organizations_organizational_unit_4.yaml.bak delete mode 100755 queries/aws_organizations_organizational_unit_5.yaml.bak delete mode 100755 queries/aws_organizations_organizational_unit_5.yaml.bak.bak delete mode 100755 queries/aws_organizations_organizational_unit_6.yaml.bak delete mode 100755 queries/aws_organizations_policy_1.yaml.bak delete mode 100755 queries/aws_organizations_policy_2.yaml.bak delete mode 100755 queries/aws_organizations_policy_3.yaml.bak delete mode 100755 queries/aws_organizations_policy_4.yaml.bak delete mode 100755 queries/aws_organizations_policy_target_1.yaml.bak delete mode 100755 queries/aws_organizations_policy_target_2.yaml.bak delete mode 100755 queries/aws_organizations_policy_target_3.yaml.bak delete mode 100755 queries/aws_organizations_policy_target_4.yaml.bak delete mode 100755 queries/aws_organizations_policy_target_4.yaml.bak.bak delete mode 100755 queries/aws_organizations_root_1.yaml.bak delete mode 100755 queries/aws_organizations_root_2.yaml.bak delete mode 100755 queries/aws_pinpoint_app_1.yaml.bak delete mode 100755 queries/aws_pinpoint_app_2.yaml.bak delete mode 100755 queries/aws_pinpoint_app_3.yaml.bak delete mode 100755 queries/aws_pinpoint_app_4.yaml.bak delete mode 100755 queries/aws_pipes_pipe_1.yaml.bak delete mode 100755 queries/aws_pipes_pipe_2.yaml.bak delete mode 100755 queries/aws_pipes_pipe_3.yaml.bak delete mode 100755 queries/aws_pipes_pipe_4.yaml.bak delete mode 100755 queries/aws_pipes_pipe_5.yaml.bak delete mode 100755 queries/aws_pipes_pipe_6.yaml.bak delete mode 100755 queries/aws_pipes_pipe_6.yaml.bak.bak delete mode 100755 queries/aws_pricing_product_1.yaml.bak delete mode 100755 queries/aws_pricing_product_2.yaml.bak delete mode 100755 queries/aws_pricing_product_3.yaml.bak delete mode 100755 queries/aws_pricing_service_attribute_1.yaml.bak delete mode 100755 queries/aws_pricing_service_attribute_2.yaml.bak delete mode 100755 queries/aws_pricing_service_attribute_3.yaml.bak delete mode 100755 queries/aws_ram_principal_association_1.yaml.bak delete mode 100755 queries/aws_ram_principal_association_2.yaml.bak delete mode 100755 queries/aws_ram_principal_association_3.yaml.bak delete mode 100755 queries/aws_ram_resource_association_1.yaml.bak delete mode 100755 queries/aws_ram_resource_association_2.yaml.bak delete mode 100755 queries/aws_ram_resource_association_3.yaml.bak delete mode 100755 queries/aws_rds_db_cluster_1.yaml.bak delete mode 100755 queries/aws_rds_db_cluster_2.yaml.bak delete mode 100755 queries/aws_rds_db_cluster_3.yaml.bak delete mode 100755 queries/aws_rds_db_cluster_4.yaml.bak delete mode 100755 queries/aws_rds_db_cluster_5.yaml.bak delete mode 100755 queries/aws_rds_db_cluster_5.yaml.bak.bak delete mode 100755 queries/aws_rds_db_cluster_parameter_group_1.yaml.bak delete mode 100755 queries/aws_rds_db_cluster_parameter_group_2.yaml.bak delete mode 100755 queries/aws_rds_db_cluster_snapshot_1.yaml.bak delete mode 100755 queries/aws_rds_db_cluster_snapshot_2.yaml.bak delete mode 100755 queries/aws_rds_db_cluster_snapshot_3.yaml.bak delete mode 100755 queries/aws_rds_db_cluster_snapshot_4.yaml.bak delete mode 100755 queries/aws_rds_db_engine_version_1.yaml.bak delete mode 100755 queries/aws_rds_db_engine_version_2.yaml.bak delete mode 100755 queries/aws_rds_db_engine_version_3.yaml.bak delete mode 100755 queries/aws_rds_db_engine_version_4.yaml.bak delete mode 100755 queries/aws_rds_db_engine_version_5.yaml.bak delete mode 100755 queries/aws_rds_db_event_subscription_1.yaml.bak delete mode 100755 queries/aws_rds_db_event_subscription_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_10.yaml.bak delete mode 100755 queries/aws_rds_db_instance_11.yaml.bak delete mode 100755 queries/aws_rds_db_instance_12.yaml.bak delete mode 100755 queries/aws_rds_db_instance_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_3.yaml.bak delete mode 100755 queries/aws_rds_db_instance_3.yaml.bak.bak delete mode 100755 queries/aws_rds_db_instance_4.yaml.bak delete mode 100755 queries/aws_rds_db_instance_5.yaml.bak delete mode 100755 queries/aws_rds_db_instance_6.yaml.bak delete mode 100755 queries/aws_rds_db_instance_7.yaml.bak delete mode 100755 queries/aws_rds_db_instance_8.yaml.bak delete mode 100755 queries/aws_rds_db_instance_9.yaml.bak delete mode 100755 queries/aws_rds_db_instance_automated_backup_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_automated_backup_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_automated_backup_3.yaml.bak delete mode 100755 queries/aws_rds_db_instance_automated_backup_4.yaml.bak delete mode 100755 queries/aws_rds_db_instance_automated_backup_5.yaml.bak delete mode 100755 queries/aws_rds_db_instance_automated_backup_6.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_connections_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_connections_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_connections_daily_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_connections_daily_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_connections_daily_3.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_connections_hourly_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_connections_hourly_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_3.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_3.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_4.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml.bak delete mode 100755 queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml.bak delete mode 100755 queries/aws_rds_db_option_group_1.yaml.bak delete mode 100755 queries/aws_rds_db_option_group_2.yaml.bak delete mode 100755 queries/aws_rds_db_option_group_3.yaml.bak delete mode 100755 queries/aws_rds_db_parameter_group_1.yaml.bak delete mode 100755 queries/aws_rds_db_parameter_group_2.yaml.bak delete mode 100755 queries/aws_rds_db_proxy_1.yaml.bak delete mode 100755 queries/aws_rds_db_proxy_2.yaml.bak delete mode 100755 queries/aws_rds_db_recommendation_1.yaml.bak delete mode 100755 queries/aws_rds_db_recommendation_2.yaml.bak delete mode 100755 queries/aws_rds_db_recommendation_2.yaml.bak.bak delete mode 100755 queries/aws_rds_db_recommendation_3.yaml.bak delete mode 100755 queries/aws_rds_db_recommendation_4.yaml.bak delete mode 100755 queries/aws_rds_db_recommendation_5.yaml.bak delete mode 100755 queries/aws_rds_db_recommendation_6.yaml.bak delete mode 100755 queries/aws_rds_db_recommendation_7.yaml.bak delete mode 100755 queries/aws_rds_db_snapshot_1.yaml.bak delete mode 100755 queries/aws_rds_db_snapshot_2.yaml.bak delete mode 100755 queries/aws_rds_db_snapshot_3.yaml.bak delete mode 100755 queries/aws_rds_db_snapshot_4.yaml.bak delete mode 100755 queries/aws_rds_db_subnet_group_1.yaml.bak delete mode 100755 queries/aws_rds_db_subnet_group_2.yaml.bak delete mode 100755 queries/aws_rds_db_subnet_group_3.yaml.bak delete mode 100755 queries/aws_rds_reserved_db_instance_1.yaml.bak delete mode 100755 queries/aws_rds_reserved_db_instance_1.yaml.bak.bak delete mode 100755 queries/aws_rds_reserved_db_instance_2.yaml.bak delete mode 100755 queries/aws_rds_reserved_db_instance_3.yaml.bak delete mode 100755 queries/aws_rds_reserved_db_instance_4.yaml.bak delete mode 100755 queries/aws_rds_reserved_db_instance_5.yaml.bak delete mode 100755 queries/aws_rds_reserved_db_instance_6.yaml.bak delete mode 100755 queries/aws_redshift_cluster_1.yaml.bak delete mode 100755 queries/aws_redshift_cluster_2.yaml.bak delete mode 100755 queries/aws_redshift_cluster_2.yaml.bak.bak delete mode 100755 queries/aws_redshift_cluster_3.yaml.bak delete mode 100755 queries/aws_redshift_cluster_4.yaml.bak delete mode 100755 queries/aws_redshift_cluster_5.yaml.bak delete mode 100755 queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml.bak delete mode 100755 queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml.bak delete mode 100755 queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml.bak delete mode 100755 queries/aws_redshift_event_subscription_1.yaml.bak delete mode 100755 queries/aws_redshift_event_subscription_2.yaml.bak delete mode 100755 queries/aws_redshift_event_subscription_2.yaml.bak.bak delete mode 100755 queries/aws_redshift_event_subscription_3.yaml.bak delete mode 100755 queries/aws_redshift_event_subscription_4.yaml.bak delete mode 100755 queries/aws_redshift_parameter_group_1.yaml.bak delete mode 100755 queries/aws_redshift_parameter_group_2.yaml.bak delete mode 100755 queries/aws_redshift_snapshot_1.yaml.bak delete mode 100755 queries/aws_redshift_snapshot_2.yaml.bak delete mode 100755 queries/aws_redshift_snapshot_3.yaml.bak delete mode 100755 queries/aws_redshift_snapshot_4.yaml.bak delete mode 100755 queries/aws_redshift_snapshot_5.yaml.bak delete mode 100755 queries/aws_redshift_snapshot_6.yaml.bak delete mode 100755 queries/aws_redshift_subnet_group_1.yaml.bak delete mode 100755 queries/aws_redshift_subnet_group_2.yaml.bak delete mode 100755 queries/aws_redshift_subnet_group_3.yaml.bak delete mode 100755 queries/aws_redshiftserverless_namespace_1.yaml.bak delete mode 100755 queries/aws_redshiftserverless_namespace_2.yaml.bak delete mode 100755 queries/aws_redshiftserverless_namespace_3.yaml.bak delete mode 100755 queries/aws_redshiftserverless_namespace_4.yaml.bak delete mode 100755 queries/aws_redshiftserverless_workgroup_1.yaml.bak delete mode 100755 queries/aws_redshiftserverless_workgroup_2.yaml.bak delete mode 100755 queries/aws_redshiftserverless_workgroup_3.yaml.bak delete mode 100755 queries/aws_redshiftserverless_workgroup_4.yaml.bak delete mode 100755 queries/aws_redshiftserverless_workgroup_5.yaml.bak delete mode 100755 queries/aws_redshiftserverless_workgroup_6.yaml.bak delete mode 100755 queries/aws_region_1.yaml.bak delete mode 100755 queries/aws_region_2.yaml.bak delete mode 100755 queries/aws_resource_explorer_index_1.yaml.bak delete mode 100755 queries/aws_resource_explorer_index_2.yaml.bak delete mode 100755 queries/aws_resource_explorer_search_1.yaml.bak delete mode 100755 queries/aws_resource_explorer_search_2.yaml.bak delete mode 100755 queries/aws_resource_explorer_search_3.yaml.bak delete mode 100755 queries/aws_resource_explorer_search_4.yaml.bak delete mode 100755 queries/aws_resource_explorer_search_5.yaml.bak delete mode 100755 queries/aws_resource_explorer_search_6.yaml.bak delete mode 100755 queries/aws_resource_explorer_search_6.yaml.bak.bak delete mode 100755 queries/aws_resource_explorer_search_7.yaml.bak delete mode 100755 queries/aws_resource_explorer_search_8.yaml.bak delete mode 100755 queries/aws_resource_explorer_supported_resource_type_1.yaml.bak delete mode 100755 queries/aws_resource_explorer_supported_resource_type_2.yaml.bak delete mode 100755 queries/aws_route53_domain_1.yaml.bak delete mode 100755 queries/aws_route53_domain_2.yaml.bak delete mode 100755 queries/aws_route53_domain_3.yaml.bak delete mode 100755 queries/aws_route53_health_check_1.yaml.bak delete mode 100755 queries/aws_route53_health_check_2.yaml.bak delete mode 100755 queries/aws_route53_health_check_3.yaml.bak delete mode 100755 queries/aws_route53_health_check_4.yaml.bak delete mode 100755 queries/aws_route53_health_check_5.yaml.bak delete mode 100755 queries/aws_route53_health_check_5.yaml.bak.bak delete mode 100755 queries/aws_route53_health_check_6.yaml.bak delete mode 100755 queries/aws_route53_health_check_7.yaml.bak delete mode 100755 queries/aws_route53_query_log_1.yaml.bak delete mode 100755 queries/aws_route53_query_log_2.yaml.bak delete mode 100755 queries/aws_route53_query_log_3.yaml.bak delete mode 100755 queries/aws_route53_record_1.yaml.bak delete mode 100755 queries/aws_route53_record_2.yaml.bak delete mode 100755 queries/aws_route53_record_3.yaml.bak delete mode 100755 queries/aws_route53_record_4.yaml.bak delete mode 100755 queries/aws_route53_record_5.yaml.bak delete mode 100755 queries/aws_route53_record_6.yaml.bak delete mode 100755 queries/aws_route53_record_7.yaml.bak delete mode 100755 queries/aws_route53_resolver_endpoint_1.yaml.bak delete mode 100755 queries/aws_route53_resolver_endpoint_2.yaml.bak delete mode 100755 queries/aws_route53_resolver_endpoint_3.yaml.bak delete mode 100755 queries/aws_route53_resolver_endpoint_4.yaml.bak delete mode 100755 queries/aws_route53_resolver_query_log_config_1.yaml.bak delete mode 100755 queries/aws_route53_resolver_query_log_config_2.yaml.bak delete mode 100755 queries/aws_route53_resolver_query_log_config_3.yaml.bak delete mode 100755 queries/aws_route53_resolver_query_log_config_4.yaml.bak delete mode 100755 queries/aws_route53_resolver_query_log_config_5.yaml.bak delete mode 100755 queries/aws_route53_resolver_query_log_config_5.yaml.bak.bak delete mode 100755 queries/aws_route53_resolver_rule_1.yaml.bak delete mode 100755 queries/aws_route53_resolver_rule_2.yaml.bak delete mode 100755 queries/aws_route53_resolver_rule_3.yaml.bak delete mode 100755 queries/aws_route53_resolver_rule_4.yaml.bak delete mode 100755 queries/aws_route53_traffic_policy_1.yaml.bak delete mode 100755 queries/aws_route53_traffic_policy_2.yaml.bak delete mode 100755 queries/aws_route53_traffic_policy_3.yaml.bak delete mode 100755 queries/aws_route53_traffic_policy_instance_1.yaml.bak delete mode 100755 queries/aws_route53_traffic_policy_instance_2.yaml.bak delete mode 100755 queries/aws_route53_traffic_policy_instance_3.yaml.bak delete mode 100755 queries/aws_route53_traffic_policy_instance_4.yaml.bak delete mode 100755 queries/aws_route53_vpc_association_authorization_1.yaml.bak delete mode 100755 queries/aws_route53_vpc_association_authorization_2.yaml.bak delete mode 100755 queries/aws_route53_vpc_association_authorization_3.yaml.bak delete mode 100755 queries/aws_route53_zone_1.yaml.bak delete mode 100755 queries/aws_route53_zone_2.yaml.bak delete mode 100755 queries/aws_route53_zone_3.yaml.bak delete mode 100755 queries/aws_route53_zone_3.yaml.bak.bak delete mode 100755 queries/aws_route53_zone_4.yaml.bak delete mode 100755 queries/aws_route53_zone_5.yaml.bak delete mode 100755 queries/aws_route53_zone_6.yaml.bak delete mode 100755 queries/aws_s3_access_point_1.yaml.bak delete mode 100755 queries/aws_s3_access_point_1.yaml.bak.bak delete mode 100755 queries/aws_s3_access_point_2.yaml.bak delete mode 100755 queries/aws_s3_access_point_3.yaml.bak delete mode 100755 queries/aws_s3_access_point_4.yaml.bak delete mode 100755 queries/aws_s3_access_point_5.yaml.bak delete mode 100755 queries/aws_s3_bucket_1.yaml.bak delete mode 100755 queries/aws_s3_bucket_10.yaml.bak delete mode 100755 queries/aws_s3_bucket_11.yaml.bak delete mode 100755 queries/aws_s3_bucket_12.yaml.bak delete mode 100755 queries/aws_s3_bucket_13.yaml.bak delete mode 100755 queries/aws_s3_bucket_2.yaml.bak delete mode 100755 queries/aws_s3_bucket_3.yaml.bak delete mode 100755 queries/aws_s3_bucket_4.yaml.bak delete mode 100755 queries/aws_s3_bucket_5.yaml.bak delete mode 100755 queries/aws_s3_bucket_6.yaml.bak delete mode 100755 queries/aws_s3_bucket_6.yaml.bak.bak delete mode 100755 queries/aws_s3_bucket_7.yaml.bak delete mode 100755 queries/aws_s3_bucket_8.yaml.bak delete mode 100755 queries/aws_s3_bucket_9.yaml.bak delete mode 100755 queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml.bak delete mode 100755 queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml.bak delete mode 100755 queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml.bak delete mode 100755 queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml.bak delete mode 100755 queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml.bak delete mode 100755 queries/aws_s3_multi_region_access_point_1.yaml.bak delete mode 100755 queries/aws_s3_multi_region_access_point_2.yaml.bak delete mode 100755 queries/aws_s3_multi_region_access_point_3.yaml.bak delete mode 100755 queries/aws_s3_multi_region_access_point_4.yaml.bak delete mode 100755 queries/aws_s3_multi_region_access_point_4.yaml.bak.bak delete mode 100755 queries/aws_s3_multi_region_access_point_5.yaml.bak delete mode 100755 queries/aws_s3_object_1.yaml.bak delete mode 100755 queries/aws_s3_object_10.yaml.bak delete mode 100755 queries/aws_s3_object_10.yaml.bak.bak delete mode 100755 queries/aws_s3_object_11.yaml.bak delete mode 100755 queries/aws_s3_object_12.yaml.bak delete mode 100755 queries/aws_s3_object_13.yaml.bak delete mode 100755 queries/aws_s3_object_2.yaml.bak delete mode 100755 queries/aws_s3_object_3.yaml.bak delete mode 100755 queries/aws_s3_object_4.yaml.bak delete mode 100755 queries/aws_s3_object_4.yaml.bak.bak delete mode 100755 queries/aws_s3_object_5.yaml.bak delete mode 100755 queries/aws_s3_object_6.yaml.bak delete mode 100755 queries/aws_s3_object_7.yaml.bak delete mode 100755 queries/aws_s3_object_8.yaml.bak delete mode 100755 queries/aws_s3_object_8.yaml.bak.bak delete mode 100755 queries/aws_s3_object_9.yaml.bak delete mode 100755 queries/aws_s3_object_version_1.yaml.bak delete mode 100755 queries/aws_s3_object_version_2.yaml.bak delete mode 100755 queries/aws_s3_object_version_3.yaml.bak delete mode 100755 queries/aws_sagemaker_app_1.yaml.bak delete mode 100755 queries/aws_sagemaker_app_2.yaml.bak delete mode 100755 queries/aws_sagemaker_domain_1.yaml.bak delete mode 100755 queries/aws_sagemaker_domain_2.yaml.bak delete mode 100755 queries/aws_sagemaker_domain_3.yaml.bak delete mode 100755 queries/aws_sagemaker_endpoint_configuration_1.yaml.bak delete mode 100755 queries/aws_sagemaker_endpoint_configuration_2.yaml.bak delete mode 100755 queries/aws_sagemaker_model_1.yaml.bak delete mode 100755 queries/aws_sagemaker_model_2.yaml.bak delete mode 100755 queries/aws_sagemaker_notebook_instance_1.yaml.bak delete mode 100755 queries/aws_sagemaker_notebook_instance_2.yaml.bak delete mode 100755 queries/aws_sagemaker_notebook_instance_3.yaml.bak delete mode 100755 queries/aws_sagemaker_notebook_instance_4.yaml.bak delete mode 100755 queries/aws_sagemaker_training_job_1.yaml.bak delete mode 100755 queries/aws_sagemaker_training_job_2.yaml.bak delete mode 100755 queries/aws_sagemaker_training_job_3.yaml.bak delete mode 100755 queries/aws_sagemaker_training_job_3.yaml.bak.bak delete mode 100755 queries/aws_secretsmanager_secret_1.yaml.bak delete mode 100755 queries/aws_secretsmanager_secret_2.yaml.bak delete mode 100755 queries/aws_secretsmanager_secret_3.yaml.bak delete mode 100755 queries/aws_secretsmanager_secret_4.yaml.bak delete mode 100755 queries/aws_secretsmanager_secret_5.yaml.bak delete mode 100755 queries/aws_securityhub_action_target_1.yaml.bak delete mode 100755 queries/aws_securityhub_action_target_2.yaml.bak delete mode 100755 queries/aws_securityhub_enabled_product_subscription_1.yaml.bak delete mode 100755 queries/aws_securityhub_enabled_product_subscription_1.yaml.bak.bak delete mode 100755 queries/aws_securityhub_enabled_product_subscription_2.yaml.bak delete mode 100755 queries/aws_securityhub_finding_1.yaml.bak delete mode 100755 queries/aws_securityhub_finding_10.yaml.bak delete mode 100755 queries/aws_securityhub_finding_10.yaml.bak.bak delete mode 100755 queries/aws_securityhub_finding_11.yaml.bak delete mode 100755 queries/aws_securityhub_finding_12.yaml.bak delete mode 100755 queries/aws_securityhub_finding_13.yaml.bak delete mode 100755 queries/aws_securityhub_finding_14.yaml.bak delete mode 100755 queries/aws_securityhub_finding_15.yaml.bak delete mode 100755 queries/aws_securityhub_finding_16.yaml.bak delete mode 100755 queries/aws_securityhub_finding_17.yaml.bak delete mode 100755 queries/aws_securityhub_finding_18.yaml.bak delete mode 100755 queries/aws_securityhub_finding_19.yaml.bak delete mode 100755 queries/aws_securityhub_finding_2.yaml.bak delete mode 100755 queries/aws_securityhub_finding_20.yaml.bak delete mode 100755 queries/aws_securityhub_finding_21.yaml.bak delete mode 100755 queries/aws_securityhub_finding_22.yaml.bak delete mode 100755 queries/aws_securityhub_finding_3.yaml.bak delete mode 100755 queries/aws_securityhub_finding_4.yaml.bak delete mode 100755 queries/aws_securityhub_finding_5.yaml.bak delete mode 100755 queries/aws_securityhub_finding_6.yaml.bak delete mode 100755 queries/aws_securityhub_finding_7.yaml.bak delete mode 100755 queries/aws_securityhub_finding_8.yaml.bak delete mode 100755 queries/aws_securityhub_finding_9.yaml.bak delete mode 100755 queries/aws_securityhub_finding_aggregator_1.yaml.bak delete mode 100755 queries/aws_securityhub_finding_aggregator_2.yaml.bak delete mode 100755 queries/aws_securityhub_finding_aggregator_3.yaml.bak delete mode 100755 queries/aws_securityhub_finding_aggregator_4.yaml.bak delete mode 100755 queries/aws_securityhub_hub_1.yaml.bak delete mode 100755 queries/aws_securityhub_hub_2.yaml.bak delete mode 100755 queries/aws_securityhub_hub_3.yaml.bak delete mode 100755 queries/aws_securityhub_hub_3.yaml.bak.bak delete mode 100755 queries/aws_securityhub_insight_1.yaml.bak delete mode 100755 queries/aws_securityhub_insight_10.yaml.bak delete mode 100755 queries/aws_securityhub_insight_2.yaml.bak delete mode 100755 queries/aws_securityhub_insight_3.yaml.bak delete mode 100755 queries/aws_securityhub_insight_4.yaml.bak delete mode 100755 queries/aws_securityhub_insight_5.yaml.bak delete mode 100755 queries/aws_securityhub_insight_6.yaml.bak delete mode 100755 queries/aws_securityhub_insight_7.yaml.bak delete mode 100755 queries/aws_securityhub_insight_8.yaml.bak delete mode 100755 queries/aws_securityhub_insight_9.yaml.bak delete mode 100755 queries/aws_securityhub_member_1.yaml.bak delete mode 100755 queries/aws_securityhub_member_2.yaml.bak delete mode 100755 queries/aws_securityhub_member_3.yaml.bak delete mode 100755 queries/aws_securityhub_member_4.yaml.bak delete mode 100755 queries/aws_securityhub_product_1.yaml.bak delete mode 100755 queries/aws_securityhub_product_2.yaml.bak delete mode 100755 queries/aws_securityhub_product_3.yaml.bak delete mode 100755 queries/aws_securityhub_standards_control_1.yaml.bak delete mode 100755 queries/aws_securityhub_standards_control_2.yaml.bak delete mode 100755 queries/aws_securityhub_standards_control_3.yaml.bak delete mode 100755 queries/aws_securityhub_standards_control_4.yaml.bak delete mode 100755 queries/aws_securityhub_standards_control_5.yaml.bak delete mode 100755 queries/aws_securityhub_standards_control_6.yaml.bak delete mode 100755 queries/aws_securityhub_standards_control_7.yaml.bak delete mode 100755 queries/aws_securityhub_standards_control_8.yaml.bak delete mode 100755 queries/aws_securityhub_standards_subscription_1.yaml.bak delete mode 100755 queries/aws_securityhub_standards_subscription_2.yaml.bak delete mode 100755 queries/aws_securityhub_standards_subscription_3.yaml.bak delete mode 100755 queries/aws_securityhub_standards_subscription_4.yaml.bak delete mode 100755 queries/aws_securitylake_data_lake_1.yaml.bak delete mode 100755 queries/aws_securitylake_data_lake_2.yaml.bak delete mode 100755 queries/aws_securitylake_data_lake_3.yaml.bak delete mode 100755 queries/aws_securitylake_data_lake_4.yaml.bak delete mode 100755 queries/aws_securitylake_data_lake_4.yaml.bak.bak delete mode 100755 queries/aws_securitylake_subscriber_1.yaml.bak delete mode 100755 queries/aws_securitylake_subscriber_2.yaml.bak delete mode 100755 queries/aws_securitylake_subscriber_3.yaml.bak delete mode 100755 queries/aws_securitylake_subscriber_4.yaml.bak delete mode 100755 queries/aws_securitylake_subscriber_4.yaml.bak.bak delete mode 100755 queries/aws_securitylake_subscriber_5.yaml.bak delete mode 100755 queries/aws_serverlessapplicationrepository_application_1.yaml.bak delete mode 100755 queries/aws_serverlessapplicationrepository_application_2.yaml.bak delete mode 100755 queries/aws_serverlessapplicationrepository_application_3.yaml.bak delete mode 100755 queries/aws_service_discovery_instance_1.yaml.bak delete mode 100755 queries/aws_service_discovery_instance_2.yaml.bak delete mode 100755 queries/aws_service_discovery_instance_3.yaml.bak delete mode 100755 queries/aws_service_discovery_instance_4.yaml.bak delete mode 100755 queries/aws_service_discovery_instance_5.yaml.bak delete mode 100755 queries/aws_service_discovery_instance_5.yaml.bak.bak delete mode 100755 queries/aws_service_discovery_instance_6.yaml.bak delete mode 100755 queries/aws_service_discovery_namespace_1.yaml.bak delete mode 100755 queries/aws_service_discovery_namespace_2.yaml.bak delete mode 100755 queries/aws_service_discovery_namespace_3.yaml.bak delete mode 100755 queries/aws_service_discovery_namespace_4.yaml.bak delete mode 100755 queries/aws_service_discovery_namespace_5.yaml.bak delete mode 100755 queries/aws_service_discovery_namespace_6.yaml.bak delete mode 100755 queries/aws_service_discovery_namespace_7.yaml.bak delete mode 100755 queries/aws_service_discovery_namespace_7.yaml.bak.bak delete mode 100755 queries/aws_service_discovery_service_1.yaml.bak delete mode 100755 queries/aws_service_discovery_service_2.yaml.bak delete mode 100755 queries/aws_service_discovery_service_3.yaml.bak delete mode 100755 queries/aws_service_discovery_service_4.yaml.bak delete mode 100755 queries/aws_service_discovery_service_5.yaml.bak delete mode 100755 queries/aws_service_discovery_service_6.yaml.bak delete mode 100755 queries/aws_service_discovery_service_7.yaml.bak delete mode 100755 queries/aws_service_discovery_service_8.yaml.bak delete mode 100755 queries/aws_servicecatalog_portfolio_1.yaml.bak delete mode 100755 queries/aws_servicecatalog_portfolio_2.yaml.bak delete mode 100755 queries/aws_servicecatalog_portfolio_3.yaml.bak delete mode 100755 queries/aws_servicecatalog_portfolio_4.yaml.bak delete mode 100755 queries/aws_servicecatalog_product_1.yaml.bak delete mode 100755 queries/aws_servicecatalog_product_2.yaml.bak delete mode 100755 queries/aws_servicecatalog_product_3.yaml.bak delete mode 100755 queries/aws_servicecatalog_product_4.yaml.bak delete mode 100755 queries/aws_servicecatalog_product_5.yaml.bak delete mode 100755 queries/aws_servicecatalog_product_6.yaml.bak delete mode 100755 queries/aws_servicecatalog_provisioned_product_1.yaml.bak delete mode 100755 queries/aws_servicecatalog_provisioned_product_2.yaml.bak delete mode 100755 queries/aws_servicecatalog_provisioned_product_3.yaml.bak delete mode 100755 queries/aws_servicecatalog_provisioned_product_4.yaml.bak delete mode 100755 queries/aws_servicecatalog_provisioned_product_5.yaml.bak delete mode 100755 queries/aws_servicequotas_default_service_quota_1.yaml.bak delete mode 100755 queries/aws_servicequotas_default_service_quota_2.yaml.bak delete mode 100755 queries/aws_servicequotas_default_service_quota_3.yaml.bak delete mode 100755 queries/aws_servicequotas_service_1.yaml.bak delete mode 100755 queries/aws_servicequotas_service_2.yaml.bak delete mode 100755 queries/aws_servicequotas_service_quota_1.yaml.bak delete mode 100755 queries/aws_servicequotas_service_quota_2.yaml.bak delete mode 100755 queries/aws_servicequotas_service_quota_3.yaml.bak delete mode 100755 queries/aws_servicequotas_service_quota_change_request_1.yaml.bak delete mode 100755 queries/aws_servicequotas_service_quota_change_request_2.yaml.bak delete mode 100755 queries/aws_servicequotas_service_quota_change_request_3.yaml.bak delete mode 100755 queries/aws_ses_domain_identity_1.yaml.bak delete mode 100755 queries/aws_ses_domain_identity_2.yaml.bak delete mode 100755 queries/aws_ses_email_identity_1.yaml.bak delete mode 100755 queries/aws_ses_email_identity_2.yaml.bak delete mode 100755 queries/aws_sfn_state_machine_1.yaml.bak delete mode 100755 queries/aws_sfn_state_machine_2.yaml.bak delete mode 100755 queries/aws_sfn_state_machine_execution_1.yaml.bak delete mode 100755 queries/aws_sfn_state_machine_execution_2.yaml.bak delete mode 100755 queries/aws_sfn_state_machine_execution_history_1.yaml.bak delete mode 100755 queries/aws_sfn_state_machine_execution_history_2.yaml.bak delete mode 100755 queries/aws_simspaceweaver_simulation_1.yaml.bak delete mode 100755 queries/aws_simspaceweaver_simulation_2.yaml.bak delete mode 100755 queries/aws_simspaceweaver_simulation_3.yaml.bak delete mode 100755 queries/aws_simspaceweaver_simulation_4.yaml.bak delete mode 100755 queries/aws_simspaceweaver_simulation_5.yaml.bak delete mode 100755 queries/aws_sns_subscription_1.yaml.bak delete mode 100755 queries/aws_sns_subscription_2.yaml.bak delete mode 100755 queries/aws_sns_subscription_3.yaml.bak delete mode 100755 queries/aws_sns_topic_1.yaml.bak delete mode 100755 queries/aws_sns_topic_2.yaml.bak delete mode 100755 queries/aws_sns_topic_3.yaml.bak delete mode 100755 queries/aws_sns_topic_4.yaml.bak delete mode 100755 queries/aws_sns_topic_5.yaml.bak delete mode 100755 queries/aws_sns_topic_6.yaml.bak delete mode 100755 queries/aws_sns_topic_7.yaml.bak delete mode 100755 queries/aws_sns_topic_subscription_1.yaml.bak delete mode 100755 queries/aws_sns_topic_subscription_2.yaml.bak delete mode 100755 queries/aws_sns_topic_subscription_3.yaml.bak delete mode 100755 queries/aws_sqs_queue_1.yaml.bak delete mode 100755 queries/aws_sqs_queue_10.yaml.bak delete mode 100755 queries/aws_sqs_queue_2.yaml.bak delete mode 100755 queries/aws_sqs_queue_3.yaml.bak delete mode 100755 queries/aws_sqs_queue_4.yaml.bak delete mode 100755 queries/aws_sqs_queue_5.yaml.bak delete mode 100755 queries/aws_sqs_queue_6.yaml.bak delete mode 100755 queries/aws_sqs_queue_7.yaml.bak delete mode 100755 queries/aws_sqs_queue_8.yaml.bak delete mode 100755 queries/aws_sqs_queue_9.yaml.bak delete mode 100755 queries/aws_ssm_association_1.yaml.bak delete mode 100755 queries/aws_ssm_association_2.yaml.bak delete mode 100755 queries/aws_ssm_association_3.yaml.bak delete mode 100755 queries/aws_ssm_association_4.yaml.bak delete mode 100755 queries/aws_ssm_document_1.yaml.bak delete mode 100755 queries/aws_ssm_document_2.yaml.bak delete mode 100755 queries/aws_ssm_document_2.yaml.bak.bak delete mode 100755 queries/aws_ssm_document_3.yaml.bak delete mode 100755 queries/aws_ssm_document_4.yaml.bak delete mode 100755 queries/aws_ssm_document_5.yaml.bak delete mode 100755 queries/aws_ssm_document_permission_1.yaml.bak delete mode 100755 queries/aws_ssm_document_permission_2.yaml.bak delete mode 100755 queries/aws_ssm_inventory_1.yaml.bak delete mode 100755 queries/aws_ssm_inventory_1.yaml.bak.bak delete mode 100755 queries/aws_ssm_inventory_2.yaml.bak delete mode 100755 queries/aws_ssm_inventory_3.yaml.bak delete mode 100755 queries/aws_ssm_inventory_4.yaml.bak delete mode 100755 queries/aws_ssm_inventory_5.yaml.bak delete mode 100755 queries/aws_ssm_inventory_entry_1.yaml.bak delete mode 100755 queries/aws_ssm_inventory_entry_2.yaml.bak delete mode 100755 queries/aws_ssm_inventory_entry_3.yaml.bak delete mode 100755 queries/aws_ssm_inventory_entry_4.yaml.bak delete mode 100755 queries/aws_ssm_inventory_entry_5.yaml.bak delete mode 100755 queries/aws_ssm_maintenance_window_1.yaml.bak delete mode 100755 queries/aws_ssm_maintenance_window_2.yaml.bak delete mode 100755 queries/aws_ssm_maintenance_window_3.yaml.bak delete mode 100755 queries/aws_ssm_maintenance_window_4.yaml.bak delete mode 100755 queries/aws_ssm_maintenance_window_4.yaml.bak.bak delete mode 100755 queries/aws_ssm_managed_instance_1.yaml.bak delete mode 100755 queries/aws_ssm_managed_instance_2.yaml.bak delete mode 100755 queries/aws_ssm_managed_instance_2.yaml.bak.bak delete mode 100755 queries/aws_ssm_managed_instance_3.yaml.bak delete mode 100755 queries/aws_ssm_managed_instance_compliance_1.yaml.bak delete mode 100755 queries/aws_ssm_managed_instance_compliance_2.yaml.bak delete mode 100755 queries/aws_ssm_managed_instance_compliance_3.yaml.bak delete mode 100755 queries/aws_ssm_managed_instance_compliance_4.yaml.bak delete mode 100755 queries/aws_ssm_managed_instance_patch_state_1.yaml.bak delete mode 100755 queries/aws_ssm_managed_instance_patch_state_2.yaml.bak delete mode 100755 queries/aws_ssm_managed_instance_patch_state_3.yaml.bak delete mode 100755 queries/aws_ssm_managed_instance_patch_state_4.yaml.bak delete mode 100755 queries/aws_ssm_managed_instance_patch_state_5.yaml.bak delete mode 100755 queries/aws_ssm_managed_instance_patch_state_6.yaml.bak delete mode 100755 queries/aws_ssm_parameter_1.yaml.bak delete mode 100755 queries/aws_ssm_parameter_2.yaml.bak delete mode 100755 queries/aws_ssm_parameter_3.yaml.bak delete mode 100755 queries/aws_ssm_patch_baseline_1.yaml.bak delete mode 100755 queries/aws_ssm_patch_baseline_2.yaml.bak delete mode 100755 queries/aws_ssm_patch_baseline_3.yaml.bak delete mode 100755 queries/aws_ssm_patch_baseline_4.yaml.bak delete mode 100755 queries/aws_ssmincidents_response_plan_1.yaml.bak delete mode 100755 queries/aws_ssmincidents_response_plan_2.yaml.bak delete mode 100755 queries/aws_ssmincidents_response_plan_3.yaml.bak delete mode 100755 queries/aws_ssmincidents_response_plan_4.yaml.bak delete mode 100755 queries/aws_ssmincidents_response_plan_5.yaml.bak delete mode 100755 queries/aws_ssoadmin_account_assignment_1.yaml.bak delete mode 100755 queries/aws_ssoadmin_account_assignment_2.yaml.bak delete mode 100755 queries/aws_ssoadmin_instance_1.yaml.bak delete mode 100755 queries/aws_ssoadmin_managed_policy_attachment_1.yaml.bak delete mode 100755 queries/aws_ssoadmin_permission_set_1.yaml.bak delete mode 100755 queries/aws_sts_caller_identity_1.yaml.bak delete mode 100755 queries/aws_sts_caller_identity_2.yaml.bak delete mode 100755 queries/aws_sts_caller_identity_3.yaml.bak delete mode 100755 queries/aws_tagging_resource_1.yaml.bak delete mode 100755 queries/aws_tagging_resource_1.yaml.bak.bak delete mode 100755 queries/aws_tagging_resource_2.yaml.bak delete mode 100755 queries/aws_timestreamwrite_database_1.yaml.bak delete mode 100755 queries/aws_timestreamwrite_database_2.yaml.bak delete mode 100755 queries/aws_timestreamwrite_database_3.yaml.bak delete mode 100755 queries/aws_timestreamwrite_database_3.yaml.bak.bak delete mode 100755 queries/aws_timestreamwrite_database_4.yaml.bak delete mode 100755 queries/aws_timestreamwrite_database_5.yaml.bak delete mode 100755 queries/aws_timestreamwrite_table_1.yaml.bak delete mode 100755 queries/aws_timestreamwrite_table_2.yaml.bak delete mode 100755 queries/aws_timestreamwrite_table_3.yaml.bak delete mode 100755 queries/aws_timestreamwrite_table_4.yaml.bak delete mode 100755 queries/aws_timestreamwrite_table_5.yaml.bak delete mode 100755 queries/aws_timestreamwrite_table_5.yaml.bak.bak delete mode 100755 queries/aws_timestreamwrite_table_6.yaml.bak delete mode 100755 queries/aws_transfer_server_1.yaml.bak delete mode 100755 queries/aws_transfer_server_2.yaml.bak delete mode 100755 queries/aws_transfer_server_3.yaml.bak delete mode 100755 queries/aws_transfer_server_4.yaml.bak delete mode 100755 queries/aws_transfer_server_4.yaml.bak.bak delete mode 100755 queries/aws_transfer_server_5.yaml.bak delete mode 100755 queries/aws_transfer_server_6.yaml.bak delete mode 100755 queries/aws_transfer_user_1.yaml.bak delete mode 100755 queries/aws_transfer_user_2.yaml.bak delete mode 100755 queries/aws_transfer_user_3.yaml.bak delete mode 100755 queries/aws_transfer_user_4.yaml.bak delete mode 100755 queries/aws_trusted_advisor_check_summary_1.yaml.bak delete mode 100755 queries/aws_trusted_advisor_check_summary_2.yaml.bak delete mode 100755 queries/aws_trusted_advisor_check_summary_3.yaml.bak delete mode 100755 queries/aws_trusted_advisor_check_summary_4.yaml.bak delete mode 100755 queries/aws_vpc_1.yaml.bak delete mode 100755 queries/aws_vpc_2.yaml.bak delete mode 100755 queries/aws_vpc_3.yaml.bak delete mode 100755 queries/aws_vpc_customer_gateway_1.yaml.bak delete mode 100755 queries/aws_vpc_customer_gateway_2.yaml.bak delete mode 100755 queries/aws_vpc_dhcp_options_1.yaml.bak delete mode 100755 queries/aws_vpc_dhcp_options_2.yaml.bak delete mode 100755 queries/aws_vpc_dhcp_options_3.yaml.bak delete mode 100755 queries/aws_vpc_egress_only_internet_gateway_1.yaml.bak delete mode 100755 queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak delete mode 100755 queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak.bak delete mode 100755 queries/aws_vpc_egress_only_internet_gateway_3.yaml.bak delete mode 100755 queries/aws_vpc_eip_1.yaml.bak delete mode 100755 queries/aws_vpc_eip_2.yaml.bak delete mode 100755 queries/aws_vpc_eip_address_transfer_1.yaml.bak delete mode 100755 queries/aws_vpc_eip_address_transfer_2.yaml.bak delete mode 100755 queries/aws_vpc_eip_address_transfer_3.yaml.bak delete mode 100755 queries/aws_vpc_eip_address_transfer_4.yaml.bak delete mode 100755 queries/aws_vpc_endpoint_1.yaml.bak delete mode 100755 queries/aws_vpc_endpoint_2.yaml.bak delete mode 100755 queries/aws_vpc_endpoint_3.yaml.bak delete mode 100755 queries/aws_vpc_endpoint_4.yaml.bak delete mode 100755 queries/aws_vpc_endpoint_4.yaml.bak.bak delete mode 100755 queries/aws_vpc_endpoint_5.yaml.bak delete mode 100755 queries/aws_vpc_endpoint_service_1.yaml.bak delete mode 100755 queries/aws_vpc_endpoint_service_2.yaml.bak delete mode 100755 queries/aws_vpc_endpoint_service_3.yaml.bak delete mode 100755 queries/aws_vpc_endpoint_service_4.yaml.bak delete mode 100755 queries/aws_vpc_endpoint_service_5.yaml.bak delete mode 100755 queries/aws_vpc_endpoint_service_6.yaml.bak delete mode 100755 queries/aws_vpc_endpoint_service_6.yaml.bak.bak delete mode 100755 queries/aws_vpc_endpoint_service_7.yaml.bak delete mode 100755 queries/aws_vpc_flow_log_1.yaml.bak delete mode 100755 queries/aws_vpc_flow_log_2.yaml.bak delete mode 100755 queries/aws_vpc_flow_log_3.yaml.bak delete mode 100755 queries/aws_vpc_flow_log_4.yaml.bak delete mode 100755 queries/aws_vpc_flow_log_event_1.yaml.bak delete mode 100755 queries/aws_vpc_flow_log_event_2.yaml.bak delete mode 100755 queries/aws_vpc_flow_log_event_3.yaml.bak delete mode 100755 queries/aws_vpc_flow_log_event_4.yaml.bak delete mode 100755 queries/aws_vpc_flow_log_event_4.yaml.bak.bak delete mode 100755 queries/aws_vpc_flow_log_event_5.yaml.bak delete mode 100755 queries/aws_vpc_flow_log_event_6.yaml.bak delete mode 100755 queries/aws_vpc_internet_gateway_1.yaml.bak delete mode 100755 queries/aws_vpc_internet_gateway_2.yaml.bak delete mode 100755 queries/aws_vpc_internet_gateway_2.yaml.bak.bak delete mode 100755 queries/aws_vpc_nat_gateway_1.yaml.bak delete mode 100755 queries/aws_vpc_nat_gateway_2.yaml.bak delete mode 100755 queries/aws_vpc_nat_gateway_3.yaml.bak delete mode 100755 queries/aws_vpc_nat_gateway_4.yaml.bak delete mode 100755 queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml.bak delete mode 100755 queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml.bak delete mode 100755 queries/aws_vpc_network_acl_1.yaml.bak delete mode 100755 queries/aws_vpc_network_acl_2.yaml.bak delete mode 100755 queries/aws_vpc_network_acl_3.yaml.bak delete mode 100755 queries/aws_vpc_peering_connection_1.yaml.bak delete mode 100755 queries/aws_vpc_peering_connection_2.yaml.bak delete mode 100755 queries/aws_vpc_peering_connection_3.yaml.bak delete mode 100755 queries/aws_vpc_peering_connection_4.yaml.bak delete mode 100755 queries/aws_vpc_peering_connection_4.yaml.bak.bak delete mode 100755 queries/aws_vpc_peering_connection_5.yaml.bak delete mode 100755 queries/aws_vpc_peering_connection_6.yaml.bak delete mode 100755 queries/aws_vpc_peering_connection_7.yaml.bak delete mode 100755 queries/aws_vpc_peering_connection_8.yaml.bak delete mode 100755 queries/aws_vpc_peering_connection_8.yaml.bak.bak delete mode 100755 queries/aws_vpc_peering_connection_9.yaml.bak delete mode 100755 queries/aws_vpc_route_1.yaml.bak delete mode 100755 queries/aws_vpc_route_2.yaml.bak delete mode 100755 queries/aws_vpc_route_3.yaml.bak delete mode 100755 queries/aws_vpc_route_table_1.yaml.bak delete mode 100755 queries/aws_vpc_route_table_2.yaml.bak delete mode 100755 queries/aws_vpc_route_table_2.yaml.bak.bak delete mode 100755 queries/aws_vpc_route_table_3.yaml.bak delete mode 100755 queries/aws_vpc_security_group_1.yaml.bak delete mode 100755 queries/aws_vpc_security_group_2.yaml.bak delete mode 100755 queries/aws_vpc_security_group_2.yaml.bak.bak delete mode 100755 queries/aws_vpc_security_group_3.yaml.bak delete mode 100755 queries/aws_vpc_security_group_4.yaml.bak delete mode 100755 queries/aws_vpc_security_group_rule_1.yaml.bak delete mode 100755 queries/aws_vpc_security_group_rule_2.yaml.bak delete mode 100755 queries/aws_vpc_security_group_rule_3.yaml.bak delete mode 100755 queries/aws_vpc_subnet_1.yaml.bak delete mode 100755 queries/aws_vpc_subnet_2.yaml.bak delete mode 100755 queries/aws_vpc_subnet_3.yaml.bak delete mode 100755 queries/aws_vpc_subnet_4.yaml.bak delete mode 100755 queries/aws_vpc_subnet_5.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_endpoint_1.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_endpoint_2.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_endpoint_3.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_endpoint_4.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_endpoint_5.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_endpoint_6.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_endpoint_6.yaml.bak.bak delete mode 100755 queries/aws_vpc_verified_access_endpoint_7.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_group_1.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_group_2.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_group_3.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_group_4.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_group_4.yaml.bak.bak delete mode 100755 queries/aws_vpc_verified_access_instance_1.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_instance_2.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_instance_3.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_trust_provider_1.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_trust_provider_2.yaml.bak delete mode 100755 queries/aws_vpc_verified_access_trust_provider_3.yaml.bak delete mode 100755 queries/aws_vpc_vpn_connection_1.yaml.bak delete mode 100755 queries/aws_vpc_vpn_connection_2.yaml.bak delete mode 100755 queries/aws_vpc_vpn_connection_3.yaml.bak delete mode 100755 queries/aws_vpc_vpn_gateway_1.yaml.bak delete mode 100755 queries/aws_vpc_vpn_gateway_2.yaml.bak delete mode 100755 queries/aws_vpc_vpn_gateway_3.yaml.bak delete mode 100755 queries/aws_waf_rate_based_rule_1.yaml.bak delete mode 100755 queries/aws_waf_rate_based_rule_2.yaml.bak delete mode 100755 queries/aws_waf_rule_1.yaml.bak delete mode 100755 queries/aws_waf_rule_2.yaml.bak delete mode 100755 queries/aws_waf_rule_group_1.yaml.bak delete mode 100755 queries/aws_waf_rule_group_1.yaml.bak.bak delete mode 100755 queries/aws_waf_rule_group_2.yaml.bak delete mode 100755 queries/aws_waf_rule_group_3.yaml.bak delete mode 100755 queries/aws_waf_web_acl_1.yaml.bak delete mode 100755 queries/aws_waf_web_acl_2.yaml.bak delete mode 100755 queries/aws_waf_web_acl_3.yaml.bak delete mode 100755 queries/aws_waf_web_acl_4.yaml.bak delete mode 100755 queries/aws_waf_web_acl_5.yaml.bak delete mode 100755 queries/aws_wafregional_rule_1.yaml.bak delete mode 100755 queries/aws_wafregional_rule_1.yaml.bak.bak delete mode 100755 queries/aws_wafregional_rule_2.yaml.bak delete mode 100755 queries/aws_wafregional_rule_group_1.yaml.bak delete mode 100755 queries/aws_wafregional_rule_group_2.yaml.bak delete mode 100755 queries/aws_wafregional_rule_group_3.yaml.bak delete mode 100755 queries/aws_wafregional_web_acl_1.yaml.bak delete mode 100755 queries/aws_wafregional_web_acl_2.yaml.bak delete mode 100755 queries/aws_wafregional_web_acl_3.yaml.bak delete mode 100755 queries/aws_wafregional_web_acl_4.yaml.bak delete mode 100755 queries/aws_wafregional_web_acl_5.yaml.bak delete mode 100755 queries/aws_wafv2_ip_set_1.yaml.bak delete mode 100755 queries/aws_wafv2_ip_set_2.yaml.bak delete mode 100755 queries/aws_wafv2_ip_set_3.yaml.bak delete mode 100755 queries/aws_wafv2_ip_set_3.yaml.bak.bak delete mode 100755 queries/aws_wafv2_ip_set_4.yaml.bak delete mode 100755 queries/aws_wafv2_regex_pattern_set_1.yaml.bak delete mode 100755 queries/aws_wafv2_regex_pattern_set_2.yaml.bak delete mode 100755 queries/aws_wafv2_regex_pattern_set_3.yaml.bak delete mode 100755 queries/aws_wafv2_rule_group_1.yaml.bak delete mode 100755 queries/aws_wafv2_rule_group_2.yaml.bak delete mode 100755 queries/aws_wafv2_rule_group_3.yaml.bak delete mode 100755 queries/aws_wafv2_web_acl_1.yaml.bak delete mode 100755 queries/aws_wafv2_web_acl_2.yaml.bak delete mode 100755 queries/aws_wafv2_web_acl_3.yaml.bak delete mode 100755 queries/aws_wafv2_web_acl_4.yaml.bak delete mode 100755 queries/aws_wafv2_web_acl_5.yaml.bak delete mode 100755 queries/aws_wafv2_web_acl_6.yaml.bak delete mode 100755 queries/aws_wafv2_web_acl_7.yaml.bak delete mode 100755 queries/aws_wellarchitected_answer_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_answer_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_answer_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_answer_4.yaml.bak delete mode 100755 queries/aws_wellarchitected_answer_5.yaml.bak delete mode 100755 queries/aws_wellarchitected_answer_6.yaml.bak delete mode 100755 queries/aws_wellarchitected_answer_7.yaml.bak delete mode 100755 queries/aws_wellarchitected_check_detail_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_check_detail_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_check_detail_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_check_detail_4.yaml.bak delete mode 100755 queries/aws_wellarchitected_check_detail_5.yaml.bak delete mode 100755 queries/aws_wellarchitected_check_detail_6.yaml.bak delete mode 100755 queries/aws_wellarchitected_check_detail_6.yaml.bak.bak delete mode 100755 queries/aws_wellarchitected_check_summary_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_check_summary_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_check_summary_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_check_summary_4.yaml.bak delete mode 100755 queries/aws_wellarchitected_check_summary_5.yaml.bak delete mode 100755 queries/aws_wellarchitected_consolidated_report_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_consolidated_report_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_consolidated_report_2.yaml.bak.bak delete mode 100755 queries/aws_wellarchitected_consolidated_report_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_consolidated_report_4.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_4.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_5.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_5.yaml.bak.bak delete mode 100755 queries/aws_wellarchitected_lens_6.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_review_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_review_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_review_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_review_4.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_review_5.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_review_5.yaml.bak.bak delete mode 100755 queries/aws_wellarchitected_lens_review_6.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_review_improvement_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_review_improvement_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_review_improvement_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_review_improvement_4.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_review_report_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_review_report_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_review_report_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_share_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_share_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_lens_share_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_milestone_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_milestone_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_milestone_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_milestone_4.yaml.bak delete mode 100755 queries/aws_wellarchitected_notification_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_notification_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_notification_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_share_invitation_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_share_invitation_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_share_invitation_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_share_invitation_4.yaml.bak delete mode 100755 queries/aws_wellarchitected_share_invitation_5.yaml.bak delete mode 100755 queries/aws_wellarchitected_share_invitation_6.yaml.bak delete mode 100755 queries/aws_wellarchitected_share_invitation_6.yaml.bak.bak delete mode 100755 queries/aws_wellarchitected_workload_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_workload_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_workload_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_workload_4.yaml.bak delete mode 100755 queries/aws_wellarchitected_workload_4.yaml.bak.bak delete mode 100755 queries/aws_wellarchitected_workload_share_1.yaml.bak delete mode 100755 queries/aws_wellarchitected_workload_share_2.yaml.bak delete mode 100755 queries/aws_wellarchitected_workload_share_3.yaml.bak delete mode 100755 queries/aws_wellarchitected_workload_share_3.yaml.bak.bak delete mode 100755 queries/aws_wellarchitected_workload_share_4.yaml.bak delete mode 100755 queries/aws_workspaces_directory_1.yaml.bak delete mode 100755 queries/aws_workspaces_directory_2.yaml.bak delete mode 100755 queries/aws_workspaces_directory_3.yaml.bak delete mode 100755 queries/aws_workspaces_directory_4.yaml.bak delete mode 100755 queries/aws_workspaces_directory_4.yaml.bak.bak delete mode 100755 queries/aws_workspaces_directory_5.yaml.bak delete mode 100755 queries/aws_workspaces_directory_6.yaml.bak delete mode 100755 queries/aws_workspaces_directory_7.yaml.bak delete mode 100755 queries/aws_workspaces_directory_8.yaml.bak delete mode 100755 queries/aws_workspaces_directory_8.yaml.bak.bak delete mode 100755 queries/aws_workspaces_workspace_1.yaml.bak delete mode 100755 queries/aws_workspaces_workspace_2.yaml.bak delete mode 100755 queries/bulk_update_yaml.sh.bak delete mode 100755 queries/cloud_managed_software.yaml.bak delete mode 100755 queries/cloud_networks.yaml.bak delete mode 100755 queries/container_workload.yaml.bak delete mode 100755 queries/database_workload.yaml.bak delete mode 100755 queries/devops.yaml.bak delete mode 100644 queries/error_files.log.bak delete mode 100644 queries/error_messages.log.bak delete mode 100755 queries/keys_and_secrets.yaml.bak delete mode 100755 queries/kubernetes_clusters.yaml.bak delete mode 100755 queries/load_balancers.yaml.bak delete mode 100755 queries/network_&_file_stores.yaml.bak delete mode 100755 queries/object_stores.yaml.bak delete mode 100644 queries/processed_files.log.bak delete mode 100755 queries/server_workload.yaml.bak delete mode 100755 queries/snapshots_&_backup_media.yaml.bak diff --git a/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml.bak b/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml.bak deleted file mode 100755 index 81f5c71e3..000000000 --- a/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml.bak +++ /dev/null @@ -1,22 +0,0 @@ -ID: aws_insight_lambda_function_not_cmk_encrypted -Title: "Unencrypted Lambda" -Description: "List of lambda functions which are not encrypted with CMK" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - kms_key_arn, account_id, og_account_id, og_resource_id - from - aws_lambda_function - where - kms_key_arn is null; - PrimaryTable: aws_lambda_function - ListOfTables: - - aws_lambda_function - Parameters: [] -Tags: - category: - - Security diff --git a/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml.bak b/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml.bak deleted file mode 100755 index 6d7a14003..000000000 --- a/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml.bak +++ /dev/null @@ -1,21 +0,0 @@ -ID: aws_insight_acm_certificate_transparency_logging_disabled -Title: "Certificates with no Logging" -Description: "List certificates for which transparency logging is disabled" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select certificate_arn, domain_name, status, account_id, og_account_id, og_resource_id from - aws_acm_certificate - where - certificate_transparency_logging_preference <> 'ENABLED'; - PrimaryTable: aws_acm_certificate - ListOfTables: - - aws_acm_certificate - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Resiliency diff --git a/queries/11-aws_insight_acm_certificate_expired.yaml.bak b/queries/11-aws_insight_acm_certificate_expired.yaml.bak deleted file mode 100755 index c0de5b269..000000000 --- a/queries/11-aws_insight_acm_certificate_expired.yaml.bak +++ /dev/null @@ -1,22 +0,0 @@ -ID: aws_insight_acm_certificate_expired -Title: "Expired Certificates" -Description: "List of expired certificates" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select certificate_arn, domain_name, status, account_id, og_account_id, og_resource_id from - aws_acm_certificate - where - status = 'EXPIRED'; - PrimaryTable: aws_acm_certificate - ListOfTables: - - aws_acm_certificate - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Resiliency - - Cost Management diff --git a/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml.bak b/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml.bak deleted file mode 100755 index 8fe7f3e6f..000000000 --- a/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml.bak +++ /dev/null @@ -1,17 +0,0 @@ -ID: aws_insight_ebs_snapshot_older_than_year -Title: "Snapshots older than a year" -Description: "List Snapshots older than 365 days" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: SELECT snapshot_id, arn, start_time, account_id, og_account_id, og_resource_id FROM aws_ebs_snapshot WHERE start_time < now() - interval '1 year'; - PrimaryTable: aws_ebs_snapshot - ListOfTables: - - aws_ebs_snapshot - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Cost Management diff --git a/queries/13-aws_insight_ec2_classic_load_balancer.yaml.bak b/queries/13-aws_insight_ec2_classic_load_balancer.yaml.bak deleted file mode 100755 index a72d34a16..000000000 --- a/queries/13-aws_insight_ec2_classic_load_balancer.yaml.bak +++ /dev/null @@ -1,21 +0,0 @@ -ID: aws_insight_ec2_classic_load_balancer -Title: "Classic Load Balancers" -Description: "List all Classic Load Balancer. Link here." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: SELECT name, arn, account_id, og_account_id, og_resource_id FROM aws_ec2_classic_load_balancer - PrimaryTable: aws_ec2_classic_load_balancer - ListOfTables: - - aws_ec2_classic_load_balancer - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Resiliency - persona: - - Executive - - Product - - FinOps diff --git a/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml.bak b/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml.bak deleted file mode 100755 index 943bda927..000000000 --- a/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml.bak +++ /dev/null @@ -1,45 +0,0 @@ -ID: aws_insight_elb_classic_lb_use_ssl_certificate -Title: "Load Balancers with no SSL" -Description: "List all Load Balancers with out SSL" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with detailed_classic_listeners as ( - select - name - from - aws_ec2_classic_load_balancer, - jsonb_array_elements(listener_descriptions) as listener_description - where - listener_description -> 'Listener' ->> 'Protocol' in ('HTTPS', 'SSL', 'TLS') - and listener_description -> 'Listener' ->> 'SSLCertificateId' like 'arn:aws:acm%' - ) - select - -- Required Columns - 'arn:' || a.partition || ':elasticloadbalancing:' || a.region || ':' || a.account_id || ':loadbalancer/' || a.name as resource, - case - when a.listener_descriptions is null then 'skip' - when b.name is not null then 'alarm' - else 'ok' - end as status, - case - when a.listener_descriptions is null then a.title || ' has no listener.' - when b.name is not null then a.title || ' does not use certificates provided by ACM.' - else a.title || ' uses certificates provided by ACM.' - end as reason, - -- Additional Dimensions - region, - account_id, og_account_id, og_resource_id - from - aws_ec2_classic_load_balancer as a - left join detailed_classic_listeners as b on a.name = b.name; - PrimaryTable: aws_ec2_classic_load_balancer - ListOfTables: - - aws_ec2_classic_load_balancer - Parameters: [] -Tags: - category: - - Security - - Technical Debt diff --git a/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml.bak b/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml.bak deleted file mode 100755 index 6213d0d23..000000000 --- a/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_insight_elb_application_lb_waf_enabled -Title: "Load Balancers with no WAF" -Description: "List all ELB with no WAF." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - -- Required Columns - arn as resource, account_id, og_account_id, og_resource_id, - case - when load_balancer_attributes @> '[{"Key":"waf.fail_open.enabled","Value":"true"}]' then 'ok' - else 'alarm' - end as status, - case - when load_balancer_attributes @> '[{"Key":"waf.fail_open.enabled","Value":"true"}]' then title || ' WAF enabled.' - else title || ' WAF disabled.' - end as reason, - -- Additional Dimensions - region - from - aws_ec2_application_load_balancer; - PrimaryTable: aws_ec2_application_load_balancer - ListOfTables: - - aws_ec2_application_load_balancer - Parameters: [] -Tags: - category: - - Security - - Technical Debt diff --git a/queries/16-aws_insight_vpc_with_public_cidr.yaml.bak b/queries/16-aws_insight_vpc_with_public_cidr.yaml.bak deleted file mode 100755 index d73ff5ef9..000000000 --- a/queries/16-aws_insight_vpc_with_public_cidr.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_insight_vpc_with_public_cidr -Title: "VPCs with Public IP Range" -Description: "List VPCs with public CIDR blocks" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - cidr_block, - state, - region, account_id, og_account_id, og_resource_id - from - aws_vpc - where - (not cidr_block <<= '10.0.0.0/8' - and not cidr_block <<= '192.168.0.0/16' - and not cidr_block <<= '172.16.0.0/12'); - PrimaryTable: aws_vpc - ListOfTables: - - aws_vpc - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Resiliency - - Cost Management diff --git a/queries/17-azure_insight_compute_disk_unattached.yaml.bak b/queries/17-azure_insight_compute_disk_unattached.yaml.bak deleted file mode 100755 index b12f62f39..000000000 --- a/queries/17-azure_insight_compute_disk_unattached.yaml.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: azure_insight_compute_disk_unattached -Title: "Unused Azure Disks" -Description: "List of unattached Disks" -IntegrationTypeName: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - disk_state, subscription_id, og_account_id, og_resource_id - from - azure_compute_disk - where - disk_state = 'Unattached'; - PrimaryTable: azure_compute_disk - ListOfTables: - - azure_compute_disk - Parameters: [] -Tags: - category: - - Technical Debt - - Cost Management diff --git a/queries/17-azure_insight_compute_disk_unattached.yaml.bak.bak b/queries/17-azure_insight_compute_disk_unattached.yaml.bak.bak deleted file mode 100755 index b12f62f39..000000000 --- a/queries/17-azure_insight_compute_disk_unattached.yaml.bak.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: azure_insight_compute_disk_unattached -Title: "Unused Azure Disks" -Description: "List of unattached Disks" -IntegrationTypeName: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - disk_state, subscription_id, og_account_id, og_resource_id - from - azure_compute_disk - where - disk_state = 'Unattached'; - PrimaryTable: azure_compute_disk - ListOfTables: - - azure_compute_disk - Parameters: [] -Tags: - category: - - Technical Debt - - Cost Management diff --git a/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml.bak b/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml.bak deleted file mode 100755 index d3319a7fe..000000000 --- a/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: azure_insight_compute_disk_unavailable_in_multiple_az -Title: "Non-Resiliency Azure Disks" -Description: "List of compute disks which are not available in multiple az" -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - az, - region, subscription_id, og_account_id, og_resource_id - from - azure_compute_disk - cross join jsonb_array_elements(zones) az - where - zones is not null; - PrimaryTable: azure_compute_disk - ListOfTables: - - azure_compute_disk - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Resiliency diff --git a/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml.bak b/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml.bak deleted file mode 100755 index df7acc82d..000000000 --- a/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: azure_insight_compute_disk_not_encrypted_with_customer_key -Title: "Unecrypted Disks" -Description: "List of compute disks which are not encrypted with customer key" -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - encryption_type, subscription_id, og_account_id, og_resource_id - from - azure_compute_disk - where - encryption_type <> 'EncryptionAtRestWithCustomerKey'; - PrimaryTable: azure_compute_disk - ListOfTables: - - azure_compute_disk - Parameters: [] -Tags: - category: - - Security - - Technical Debt - persona: - - Security - - DevOps - - Product diff --git a/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml.bak b/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml.bak deleted file mode 100755 index d7b64f70c..000000000 --- a/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_insight_lambda_function_retention_period_less_than_30_days -Title: "" -Description: "List of lambda function whose retention period is less than 30 days" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - fn.name, - lg.name, - lg.retention_in_days, fn.account_id, fn.og_account_id, fn.og_resource_id - from - aws_lambda_function as fn - inner join aws_cloudwatch_log_group as lg on ( - lg.og_account_id = fn.og_account_id AND ((lg.name = '/aws/lambda/') - or (lg.name = fn.name)) - ) - where - lg.retention_in_days < 30 - PrimaryTable: null - ListOfTables: - - aws_lambda_function - - aws_cloudwatch_log_group - Parameters: [] -Tags: - category: - - Technical Debt - - Resiliency diff --git a/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml.bak b/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml.bak deleted file mode 100755 index c8315cef8..000000000 --- a/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: azure_insight_cosmosdb_account_with_disabled_automatic_failover -Title: "Database with no Auto Failover" -Description: "List of database accounts where automatic failover is not enabled" -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - region, - enable_automatic_failover, - resource_group, subscription_id, og_account_id, og_resource_id - from - azure_cosmosdb_account - where - not enable_automatic_failover; - PrimaryTable: azure_cosmosdb_account - ListOfTables: - - azure_cosmosdb_account - Parameters: [] -Tags: - category: - - Resiliency diff --git a/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml.bak b/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml.bak deleted file mode 100755 index 8ffc34acc..000000000 --- a/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet -Title: "Database Accounts with Public access" -Description: "List of database accounts which allows traffic from all networks, including the public Internet." -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - region, - virtual_network_rules, subscription_id, og_account_id, og_resource_id - from - azure_cosmosdb_account - where - virtual_network_rules = '[]'; - PrimaryTable: azure_cosmosdb_account - ListOfTables: - - azure_cosmosdb_account - Parameters: [] -Tags: - category: - - Security - - Technical Debt diff --git a/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml.bak b/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml.bak deleted file mode 100755 index 3890674f7..000000000 --- a/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: azure_insight_key_vault_with_disabled_soft_delete -Title: "Key Vaults with no Deletion Protection" -Description: "List of key vaults where soft deletion is not enabled" -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - soft_delete_enabled, - soft_delete_retention_in_days, subscription_id, og_account_id, og_resource_id - from - azure_key_vault - where - not soft_delete_enabled; - PrimaryTable: azure_key_vault - ListOfTables: - - azure_key_vault - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Resiliency diff --git a/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml.bak b/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml.bak deleted file mode 100755 index 86de06908..000000000 --- a/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: azure_insight_kubernetes_cluster_with_rbac_disabled -Title: "Clusters with no RBAC" -Description: "List clusters that have role-based access control (RBAC) disabled" -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - location, - type, - identity, - enable_rbac, - sku, subscription_id, og_account_id, og_resource_id - from - azure_kubernetes_cluster - where - not enable_rbac; - PrimaryTable: azure_kubernetes_cluster - ListOfTables: - - azure_kubernetes_cluster - Parameters: [] -Tags: - category: - - Security diff --git a/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml.bak b/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml.bak deleted file mode 100755 index c3d4c12a7..000000000 --- a/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: azure_insight_kubernetes_cluster_with_undesired_version -Title: "Legacy Kubernetes Clusters" -Description: "List clusters with an undesirable version (older than 1.20.5)" -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - location, - type, - kubernetes_version, subscription_id, og_account_id, og_resource_id - from - azure_kubernetes_cluster - where - kubernetes_version < '1.24'; - PrimaryTable: azure_kubernetes_cluster - ListOfTables: - - azure_kubernetes_cluster - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Resiliency - persona: - - Executive - - Product - - FinOps diff --git a/queries/25-azure_insight_lb_failed.yaml.bak b/queries/25-azure_insight_lb_failed.yaml.bak deleted file mode 100755 index 381d88601..000000000 --- a/queries/25-azure_insight_lb_failed.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: azure_insight_lb_failed -Title: "Unhealthy Load Balancers" -Description: "List failed load balancers" -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - type, - provisioning_state, subscription_id, og_account_id, og_resource_id - from - azure_lb - where - provisioning_state = 'Failed'; - PrimaryTable: azure_lb - ListOfTables: - - azure_lb - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Resiliency - - Cost Management diff --git a/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml.bak b/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml.bak deleted file mode 100755 index 873d7f29a..000000000 --- a/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: azure_insight_compute_availability_set_without_managed_disk_configuration -Title: "AV Sets with Legacy Disks" -Description: "List of availability sets which does not use managed disks configuration" -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - sku_name, subscription_id, og_account_id, og_resource_id - from - azure_compute_availability_set - where - sku_name = 'Classic'; - PrimaryTable: azure_compute_availability_set - ListOfTables: - - azure_compute_availability_set - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Resiliency - - Cost Management diff --git a/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml.bak b/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml.bak deleted file mode 100755 index 20b632bb0..000000000 --- a/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2 -Title: "Servers with Vulnerable TLSA" -Description: "List servers with minimum TLS version lower than 1.2" -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - minimal_tls_version, subscription_id, og_account_id, og_resource_id - from - azure_mysql_server - where - (minimal_tls_version = 'TLS1_0' - or minimal_tls_version = 'TLS1_1'); - PrimaryTable: azure_mysql_server - ListOfTables: - - azure_mysql_server - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Cost Management diff --git a/queries/28-azure_insight_virtual_network_with_public_cidr.yaml.bak b/queries/28-azure_insight_virtual_network_with_public_cidr.yaml.bak deleted file mode 100755 index 2eb7bdf47..000000000 --- a/queries/28-azure_insight_virtual_network_with_public_cidr.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: azure_insight_virtual_network_with_public_cidr -Title: "vNets with Public IP Range" -Description: "List Virtual Networks with public CIDR blocks" -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cidr_block, - region, - resource_group, subscription_id, og_account_id, og_resource_id - from - azure_virtual_network - cross join jsonb_array_elements_text(address_prefixes) as cidr_block - where - (not cidr_block :: cidr <<= '10.0.0.0/16' - and not cidr_block :: cidr <<= '192.168.0.0/16' - and not cidr_block :: cidr <<= '172.16.0.0/12'); - PrimaryTable: azure_virtual_network - ListOfTables: - - azure_virtual_network - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Resiliency - - Resiliency diff --git a/queries/29-azure_insight_storage_account_with_public_blob_access.yaml.bak b/queries/29-azure_insight_storage_account_with_public_blob_access.yaml.bak deleted file mode 100755 index 811bf72a0..000000000 --- a/queries/29-azure_insight_storage_account_with_public_blob_access.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: azure_insight_storage_account_with_public_blob_access -Title: "Storage Accounts with Public Internet" -Description: "List storage accounts that allow blob public access" -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - allow_blob_public_access, subscription_id, og_account_id, og_resource_id - from - azure_storage_account - where - allow_blob_public_access; - PrimaryTable: azure_storage_account - ListOfTables: - - azure_storage_account - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Resiliency diff --git a/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak b/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak deleted file mode 100755 index 7ffbf78ea..000000000 --- a/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak +++ /dev/null @@ -1,20 +0,0 @@ -ID: aws_insight_lambda_function_with_unsupported_engine -Title: "List Lambda Functions with unsupported engines" -Description: "List Lambda Functions which are using unsupported engines" -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: select name, runtime, handler, arn, account_id, og_account_id, og_resource_id from aws_lambda_function WHERE (runtime != 'nodejs18.x' AND runtime != 'nodejs16.x' AND runtime != 'nodejs14.x' AND runtime != 'python3.11' AND runtime != 'python3.10' AND runtime != 'python3.9' AND runtime != 'python3.8' AND runtime != 'python3.7' AND runtime != 'java17' AND runtime != 'java11' AND runtime != 'java8.al2' AND runtime != 'java8' AND runtime != 'dotnet7' AND runtime != 'dotnet6' AND runtime != 'go1.x' AND runtime != 'ruby3.2' AND runtime != 'ruby2.7' AND runtime != 'provided.al2' AND runtime != 'provided'); - PrimaryTable: aws_lambda_function - ListOfTables: - - aws_lambda_function - Parameters: [] -Tags: - category: - - Technical Debt - - Resiliency - persona: - - Executive - - Product - - FinOps diff --git a/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak.bak b/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak.bak deleted file mode 100755 index 7ffbf78ea..000000000 --- a/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml.bak.bak +++ /dev/null @@ -1,20 +0,0 @@ -ID: aws_insight_lambda_function_with_unsupported_engine -Title: "List Lambda Functions with unsupported engines" -Description: "List Lambda Functions which are using unsupported engines" -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: select name, runtime, handler, arn, account_id, og_account_id, og_resource_id from aws_lambda_function WHERE (runtime != 'nodejs18.x' AND runtime != 'nodejs16.x' AND runtime != 'nodejs14.x' AND runtime != 'python3.11' AND runtime != 'python3.10' AND runtime != 'python3.9' AND runtime != 'python3.8' AND runtime != 'python3.7' AND runtime != 'java17' AND runtime != 'java11' AND runtime != 'java8.al2' AND runtime != 'java8' AND runtime != 'dotnet7' AND runtime != 'dotnet6' AND runtime != 'go1.x' AND runtime != 'ruby3.2' AND runtime != 'ruby2.7' AND runtime != 'provided.al2' AND runtime != 'provided'); - PrimaryTable: aws_lambda_function - ListOfTables: - - aws_lambda_function - Parameters: [] -Tags: - category: - - Technical Debt - - Resiliency - persona: - - Executive - - Product - - FinOps diff --git a/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml.bak b/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml.bak deleted file mode 100755 index 7ff999b60..000000000 --- a/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: azure_insight_storage_account_with_disabled_encryption_in_transit -Title: "Storage Accounts No Unecrypted Transit" -Description: "List storage accounts with encryption in transit disabled" -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - enable_https_traffic_only, subscription_id, og_account_id, og_resource_id - from - azure_storage_account - where - not enable_https_traffic_only; - PrimaryTable: azure_storage_account - ListOfTables: - - azure_storage_account - Parameters: [] -Tags: - category: - - Security - - Technical Debt - - Resiliency diff --git a/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak b/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak deleted file mode 100755 index b1ad3baa6..000000000 --- a/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak +++ /dev/null @@ -1,48 +0,0 @@ -ID: azure_insight_compute_vm_remote_access_restricted_all_ports -Title: "VMs with restricts remote access from internet" -Description: "VMs with restricts remote access from internet" -IntegrationTypeName: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with network_sg as ( - select - distinct name as sg_name, - network_interfaces - from - azure_network_security_group as nsg, - jsonb_array_elements(security_rules) as sg, - jsonb_array_elements_text(sg -> 'properties' -> 'destinationPortRanges' || (sg -> 'properties' -> 'destinationPortRange') :: jsonb) as dport, - jsonb_array_elements_text(sg -> 'properties' -> 'sourceAddressPrefixes' || (sg -> 'properties' -> 'sourceAddressPrefix') :: jsonb) as sip - where - sg -> 'properties' ->> 'access' = 'Allow' - and sg -> 'properties' ->> 'direction' = 'Inbound' - and sg -> 'properties' ->> 'protocol' in ('TCP','*') - and sip in ('*', '0.0.0.0', '0.0.0.0/0', 'Internet', '/0', '/0') - ) - select - vm.vm_id as resource, - vm.subscription_id, vm.og_account_id, vm.og_resource_id, - case - when sg.sg_name is null then 'ok' - else 'alarm' - end as status, - case - when sg.sg_name is null then vm.title || ' restricts remote access from internet.' - else vm.title || ' allows remote access from internet.' - end as reason - - , vm.resource_group as resource_group - , sub.display_name as subscription - from - azure_compute_virtual_machine as vm - left join network_sg as sg on sg.network_interfaces @> vm.network_interfaces - join azure_subscription as sub on sub.subscription_id = vm.subscription_id; - PrimaryTable: azure_compute_disk - ListOfTables: - - azure_compute_disk - Parameters: [] -Tags: - category: - - Security diff --git a/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak.bak b/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak.bak deleted file mode 100755 index b1ad3baa6..000000000 --- a/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml.bak.bak +++ /dev/null @@ -1,48 +0,0 @@ -ID: azure_insight_compute_vm_remote_access_restricted_all_ports -Title: "VMs with restricts remote access from internet" -Description: "VMs with restricts remote access from internet" -IntegrationTypeName: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with network_sg as ( - select - distinct name as sg_name, - network_interfaces - from - azure_network_security_group as nsg, - jsonb_array_elements(security_rules) as sg, - jsonb_array_elements_text(sg -> 'properties' -> 'destinationPortRanges' || (sg -> 'properties' -> 'destinationPortRange') :: jsonb) as dport, - jsonb_array_elements_text(sg -> 'properties' -> 'sourceAddressPrefixes' || (sg -> 'properties' -> 'sourceAddressPrefix') :: jsonb) as sip - where - sg -> 'properties' ->> 'access' = 'Allow' - and sg -> 'properties' ->> 'direction' = 'Inbound' - and sg -> 'properties' ->> 'protocol' in ('TCP','*') - and sip in ('*', '0.0.0.0', '0.0.0.0/0', 'Internet', '/0', '/0') - ) - select - vm.vm_id as resource, - vm.subscription_id, vm.og_account_id, vm.og_resource_id, - case - when sg.sg_name is null then 'ok' - else 'alarm' - end as status, - case - when sg.sg_name is null then vm.title || ' restricts remote access from internet.' - else vm.title || ' allows remote access from internet.' - end as reason - - , vm.resource_group as resource_group - , sub.display_name as subscription - from - azure_compute_virtual_machine as vm - left join network_sg as sg on sg.network_interfaces @> vm.network_interfaces - join azure_subscription as sub on sub.subscription_id = vm.subscription_id; - PrimaryTable: azure_compute_disk - ListOfTables: - - azure_compute_disk - Parameters: [] -Tags: - category: - - Security diff --git a/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml.bak b/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml.bak deleted file mode 100755 index 0f142397e..000000000 --- a/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_insight_loadbalancer_classic_no_logging -Title: "Classic Load Balancers without logging" -Description: "List classic Load Balancers without logging" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_log_enabled, account_id, og_account_id, og_resource_id - from - aws_ec2_classic_load_balancer - where - access_log_enabled = 'false'; - PrimaryTable: aws_ec2_classic_load_balancer - ListOfTables: - - aws_ec2_classic_load_balancer - Parameters: [] -Tags: - category: - - Technical Debt - persona: - - Security - - DevOps diff --git a/queries/33-aws_insight_loadbalancer_application_no_logging.yaml.bak b/queries/33-aws_insight_loadbalancer_application_no_logging.yaml.bak deleted file mode 100755 index aa495c324..000000000 --- a/queries/33-aws_insight_loadbalancer_application_no_logging.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_insight_loadbalancer_application_no_logging -Title: "Application Load Balancers without logging" -Description: "List application Load Balancers without logging" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as logging_key, - lb ->> 'Value' as logging_value, account_id, og_account_id, og_resource_id - from - aws_ec2_application_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'access_logs.s3.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: aws_ec2_application_load_balancer - ListOfTables: - - aws_ec2_application_load_balancer - Parameters: [] -Tags: - category: - - Technical Debt - persona: - - Security - - DevOps diff --git a/queries/34-aws_insight_loadbalancer_network_no_logging.yaml.bak b/queries/34-aws_insight_loadbalancer_network_no_logging.yaml.bak deleted file mode 100755 index 2f0614a28..000000000 --- a/queries/34-aws_insight_loadbalancer_network_no_logging.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_insight_loadbalancer_network_no_logging -Title: "Network Load Balancers without logging" -Description: "List network Load Balancers without logging" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as logging_key, - lb ->> 'Value' as logging_value, account_id, og_account_id, og_resource_id - from - aws_ec2_network_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'access_logs.s3.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: aws_ec2_network_load_balancer - ListOfTables: - - aws_ec2_network_load_balancer - Parameters: [] -Tags: - category: - - Technical Debt - persona: - - Security - - DevOps diff --git a/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml.bak b/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml.bak deleted file mode 100755 index aa7038cf1..000000000 --- a/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml.bak +++ /dev/null @@ -1,63 +0,0 @@ -ID: azure_insight_functionapp_with_unsupported_runtime -Title: "Function Apps with unsupported runtime" -Description: "List Function Apps with unsupported runtime" -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - SELECT - id, language_runtime_type, language_runtime_version, subscription_id, og_account_id, og_resource_id - FROM azure_app_service_function_app - WHERE ( - ( - language_runtime_type = 'dotnet' AND ( - language_runtime_version != '6' AND - language_runtime_version != '7' - ) - ) OR ( - language_runtime_type = 'dotnetcore' AND ( - language_runtime_version != 'v4.0' AND - language_runtime_version != 'v6.0' AND - language_runtime_version != 'v7.0' AND - language_runtime_version != '6' AND - language_runtime_version != '7' AND - language_runtime_version != '4' AND - language_runtime_version != '4.8' - ) - ) OR ( - language_runtime_type = 'python' AND ( - language_runtime_version != '3.7' AND - language_runtime_version != '3.8' AND - language_runtime_version != '3.9' AND - language_runtime_version != '3.10' AND - language_runtime_version != '3.11' - ) - ) OR ( - language_runtime_type = 'java' AND ( - language_runtime_version != '8' AND - language_runtime_version != '11' AND - language_runtime_version != '17' - ) - ) OR ( - language_runtime_type = 'powershell' AND ( - language_runtime_version != '7.2' - ) - ) OR ( - language_runtime_type = 'node' AND ( - language_runtime_version != '14' AND - language_runtime_version != '16' AND - language_runtime_version != '18' AND - language_runtime_version != '~14' AND - language_runtime_version != '~16' AND - language_runtime_version != '~18' - ) - ) - ); - PrimaryTable: azure_app_service_function_app - ListOfTables: - - azure_app_service_function_app - Parameters: [] -Tags: - category: - - Technical Debt diff --git a/queries/36-aws_insight_deprecated_eks.yaml.bak b/queries/36-aws_insight_deprecated_eks.yaml.bak deleted file mode 100755 index 7c7d5dba4..000000000 --- a/queries/36-aws_insight_deprecated_eks.yaml.bak +++ /dev/null @@ -1,19 +0,0 @@ -ID: aws_insight_deprecated_eks -Title: "Deprecated EKS clusters" -Description: "EKS clusters running anything other than 1.27, 1.26, 1.25, 1.24, 1.23" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: SELECT name, arn, version, account_id, og_account_id, og_resource_id FROM aws_eks_cluster WHERE version != '1.27' AND version != '1.26' AND version != '1.25' AND version != '1.24' AND version != '1.23' - PrimaryTable: aws_eks_cluster - ListOfTables: - - aws_eks_cluster - Parameters: [] -Tags: - category: - - Technical Debt - persona: - - Executive - - Product - - FinOps diff --git a/queries/37-azure_insight_legacy_application_gateway.yaml.bak b/queries/37-azure_insight_legacy_application_gateway.yaml.bak deleted file mode 100755 index 9526f0ce0..000000000 --- a/queries/37-azure_insight_legacy_application_gateway.yaml.bak +++ /dev/null @@ -1,19 +0,0 @@ -ID: azure_insight_legacy_application_gateway -Title: "Legacy Application Gateways" -Description: "This insight returns all legacy application gateways." -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: SELECT name, id, sku->'tier' AS tier, subscription_id, og_account_id, og_resource_id FROM azure_application_gateway WHERE NOT sku IS NULL AND sku->>'tier' = 'Standard_v2'; - PrimaryTable: azure_application_gateway - ListOfTables: - - azure_application_gateway - Parameters: [] -Tags: - category: - - Technical Debt - persona: - - Executive - - Product - - FinOps diff --git a/queries/38-azure_insight_legacy_virtual_machine.yaml.bak b/queries/38-azure_insight_legacy_virtual_machine.yaml.bak deleted file mode 100755 index 9ca6d22b5..000000000 --- a/queries/38-azure_insight_legacy_virtual_machine.yaml.bak +++ /dev/null @@ -1,21 +0,0 @@ -ID: azure_insight_legacy_virtual_machine -Title: "Legacy Virtual Machine" -Description: "This insight identifies virtual machines that are running on legacy hardware." -Connector: -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - SELECT name, power_state, id, subscription_id, og_account_id, og_resource_id FROM azure_compute_virtual_machine WHERE (size = 'Standard_F1' OR size = 'Standard_F2' OR size = 'Standard_F4' OR size = 'Standard_F8' OR size = 'Standard_F16' OR size = 'Standard_F1s' OR size = 'Standard_F2s' OR size = 'Standard_F4s' OR size = 'Standard_F8s' OR size = 'Standard_F16s' OR size = 'Standard_NV6s_v2' OR size = 'Standard_NV12s_v2' OR size = 'Standard_NV24s_v2' OR size = 'A0\Basic_A0' OR size = 'A1\Basic_A1' OR size = 'A2\Basic_A2' OR size = 'A3\Basic_A3' OR size = 'A4\Basic_A4' OR size = 'Standard_A0' OR size = 'Standard_A1' OR size = 'Standard_A2' OR size = 'Standard_A3' OR size = 'Standard_A4' OR size = 'Standard_A5' OR size = 'Standard_A6' OR size = 'Standard_A7' OR size = 'Standard_A8' OR size = 'Standard_A9' OR size = 'Standard_A10' OR size = 'Standard_A11' OR size = 'Standard_D1' OR size = 'Standard_D2' OR size = 'Standard_D3' OR size = 'Standard_D4' OR size = 'Standard_D11' OR size = 'Standard_D12' OR size = 'Standard_D13' OR size = 'Standard_D14' OR size = 'Standard_DC2s' OR size = 'Standard_DC4s' OR size = 'Standard_DS1' OR size = 'Standard_DS2' OR size = 'Standard_DS3' OR size = 'Standard_DS4' OR size = 'Standard_DS11' OR size = 'Standard_DS12' OR size = 'Standard_DS13' OR size = 'Standard_DS14' OR size = 'Standard_L4s' OR size = 'Standard_L8s' OR size = 'Standard_L16s' OR size = 'Standard_L32s' OR size = 'Standard_GS1' OR size = 'Standard_GS2' OR size = 'Standard_GS3' OR size = 'Standard_GS4' OR size = 'Standard_GS5' OR size = 'Standard_G1' OR size = 'Standard_G2' OR size = 'Standard_G3' OR size = 'Standard_G4' OR size = 'Standard_G5' OR size = 'Standard_NC6' OR size = 'Standard_NC12' OR size = 'Standard_NC24' OR size = 'Standard_NC24r' OR size = 'Standard_NC6s_v2' OR size = 'Standard_NC12s_v2' OR size = 'Standard_NC24s_v2' OR size = 'Standard_NC24rs_v2' OR size = 'Standard_ND6s' OR size = 'Standard_ND12s' OR size = 'Standard_ND24s' OR size = 'Standard_ND24rs') - ; - PrimaryTable: azure_application_gateway - ListOfTables: - - azure_application_gateway - Parameters: [] -Tags: - category: - - Technical Debt - persona: - - Executive - - Product - - FinOps diff --git a/queries/39-aws_insight_legacy_rds_instances.yaml.bak b/queries/39-aws_insight_legacy_rds_instances.yaml.bak deleted file mode 100755 index 6a726a790..000000000 --- a/queries/39-aws_insight_legacy_rds_instances.yaml.bak +++ /dev/null @@ -1,19 +0,0 @@ -ID: aws_insight_legacy_rds_instances -Title: "Legacy RDS Instances" -Description: "RDS instances that are not using the supported instance types" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: SELECT db_instance_identifier, arn, status, class, account_id, og_account_id, og_resource_id FROM aws_rds_db_instance WHERE (class LIKE ANY(ARRAY['db.m1.%','db.m2.%','db.r3.%'])) - PrimaryTable: aws_rds_db_instance - ListOfTables: - - aws_rds_db_instance - Parameters: [] -Tags: - category: - - Technical Debt - persona: - - Executive - - Product - - FinOps diff --git a/queries/4-aws_insight_ebs_volume_unencrypted.yaml.bak b/queries/4-aws_insight_ebs_volume_unencrypted.yaml.bak deleted file mode 100755 index eb724041f..000000000 --- a/queries/4-aws_insight_ebs_volume_unencrypted.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_insight_ebs_volume_unencrypted -Title: "Unencrypted EBS Disks" -Description: "List of unencrypted EBS volumes" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select volume_id, encrypted, account_id, og_account_id, og_resource_id from - aws_ebs_volume - where - not encrypted; - PrimaryTable: aws_ebs_volume - ListOfTables: - - aws_ebs_volume - Parameters: [] -Tags: - category: - - Security - - Technical Debt - persona: - - Security - - DevOps - - Product diff --git a/queries/40-aws_insight_accounts_without_cloudtrail.yaml.bak b/queries/40-aws_insight_accounts_without_cloudtrail.yaml.bak deleted file mode 100755 index e059298a5..000000000 --- a/queries/40-aws_insight_accounts_without_cloudtrail.yaml.bak +++ /dev/null @@ -1,21 +0,0 @@ -ID: aws_insight_accounts_without_cloudtrail -Title: "AWS Accounts without CloudTrail" -Description: "AWS Accounts with CloudTrail disabled" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: select id AS account_id, og_id AS og_account_id from og_connections where (connector = 'AWS' AND lifecycle_state = 'onboard' AND id NOT IN (select distinct account_id from aws_cloudtrail_trail)) - PrimaryTable: null - ListOfTables: - - og_connections - - aws_cloudtrail_trail - Parameters: [] -Tags: - category: - - Security - persona: - - DevOps - - Security - - Executive - - Product diff --git a/queries/41-aws_insight_root_login_last_90_days.yaml.bak b/queries/41-aws_insight_root_login_last_90_days.yaml.bak deleted file mode 100755 index c775d8f8a..000000000 --- a/queries/41-aws_insight_root_login_last_90_days.yaml.bak +++ /dev/null @@ -1,20 +0,0 @@ -ID: aws_insight_root_login_last_90_days -Title: "AWS accounts with root login in the last 90 days" -Description: "AWS accounts whose root user has logged in within the last 90 days" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: select user_arn, password_last_used, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (user_name = '' AND (current_date - DATE(password_last_used)) > 90) - PrimaryTable: aws_iam_credential_report - ListOfTables: - - aws_iam_credential_report - Parameters: [] -Tags: - category: - - Security - persona: - - DevOps - - Security - - Executive - - Product diff --git a/queries/42-aws_insight_account_with_root_access_key.yaml.bak b/queries/42-aws_insight_account_with_root_access_key.yaml.bak deleted file mode 100755 index b00887f35..000000000 --- a/queries/42-aws_insight_account_with_root_access_key.yaml.bak +++ /dev/null @@ -1,20 +0,0 @@ -ID: aws_insight_account_with_root_access_key -Title: "AWS Account with Root Access Key Enabled" -Description: "AWS Account whose root user has an access key enabled." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: select user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (user_name = '' AND (access_key_1_active = true OR access_key_2_active = true)) - PrimaryTable: aws_iam_credential_report - ListOfTables: - - aws_iam_credential_report - Parameters: [] -Tags: - category: - - Security - persona: - - DevOps - - Security - - Executive - - Product diff --git a/queries/43-aws_insight_account_without_root_mfa.yaml.bak b/queries/43-aws_insight_account_without_root_mfa.yaml.bak deleted file mode 100755 index 556fff266..000000000 --- a/queries/43-aws_insight_account_without_root_mfa.yaml.bak +++ /dev/null @@ -1,20 +0,0 @@ -ID: aws_insight_account_without_root_mfa -Title: "AWS Account without Root MFA" -Description: "AWS account whose root user does not have MFA enabled." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: select user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (user_name = '' AND mfa_active = false) - PrimaryTable: aws_iam_credential_report - ListOfTables: - - aws_iam_credential_report - Parameters: [] -Tags: - category: - - Security - persona: - - DevOps - - Security - - Executive - - Product diff --git a/queries/44-aws_insight_account_with_many_saml_providers.yaml.bak b/queries/44-aws_insight_account_with_many_saml_providers.yaml.bak deleted file mode 100755 index 940308764..000000000 --- a/queries/44-aws_insight_account_with_many_saml_providers.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_insight_account_with_many_saml_providers -Title: "AWS Account with many SAML providers" -Description: "AWS Account with more than 1 SAML provider" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - SELECT account_id, og_account_id, CAST(SUM(saml_provider_count) AS INTEGER) AS saml_provider_count FROM ( - SELECT account_id, og_account_id, COUNT(*) as saml_provider_count FROM aws_iam_saml_provider GROUP BY account_id, og_account_id - UNION - SELECT account_id, og_account_id, COUNT(*) as saml_provider_count FROM aws_iam_open_id_connect_provider GROUP BY account_id, og_account_id - ) AS final WHERE saml_provider_count > 1 GROUP BY account_id, og_account_id - PrimaryTable: aws_iam_credential_report - ListOfTables: - - aws_iam_credential_report - Parameters: [] -Tags: - category: - - Security - persona: - - DevOps - - Security - - Executive - - Product diff --git a/queries/45-aws_insight_account_without_mfa.yaml.bak b/queries/45-aws_insight_account_without_mfa.yaml.bak deleted file mode 100755 index 6f70c5b4a..000000000 --- a/queries/45-aws_insight_account_without_mfa.yaml.bak +++ /dev/null @@ -1,19 +0,0 @@ -ID: aws_insight_account_without_mfa -Title: "AWS Account without MFA" -Description: "AWS accounts without MFA enabled" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: select account_id, og_account_id from aws_iam_account_summary where account_mfa_enabled = false - PrimaryTable: aws_iam_credential_report - ListOfTables: - - aws_iam_credential_report - Parameters: [] -Tags: - category: - - Security - persona: - - DevOps - - Security - - Executive diff --git a/queries/46-aws_insight_account_with_key_and_password.yaml.bak b/queries/46-aws_insight_account_with_key_and_password.yaml.bak deleted file mode 100755 index 7867ad73e..000000000 --- a/queries/46-aws_insight_account_with_key_and_password.yaml.bak +++ /dev/null @@ -1,19 +0,0 @@ -ID: aws_insight_account_with_key_and_password -Title: "AWS Account with Access Key and Console Password" -Description: "AWS accounts with access key and console password both enabled" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: select user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (password_enabled = true AND (access_key_1_active = true OR access_key_2_active = true)) - PrimaryTable: aws_iam_credential_report - ListOfTables: - - aws_iam_credential_report - Parameters: [] -Tags: - category: - - Security - persona: - - DevOps - - Security - - Executive diff --git a/queries/47-aws_insight_account_with_unused_key.yaml.bak b/queries/47-aws_insight_account_with_unused_key.yaml.bak deleted file mode 100755 index 7d73f8b02..000000000 --- a/queries/47-aws_insight_account_with_unused_key.yaml.bak +++ /dev/null @@ -1,19 +0,0 @@ -ID: aws_insight_account_with_unused_key -Title: "AWS Accounts with Unused Access Keys" -Description: "This insight returns a list of AWS accounts with unused access keys." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: select access_key_1_active, access_key_1_last_used_date, access_key_2_active, access_key_2_last_used_date, user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where ((access_key_1_active = true AND (access_key_1_last_used_date IS NULL OR (current_date - DATE(access_key_1_last_used_date)) > 90)) OR (access_key_2_active = true AND (access_key_2_last_used_date IS NULL OR (current_date - DATE(access_key_2_last_used_date)) > 90))) - PrimaryTable: aws_iam_credential_report - ListOfTables: - - aws_iam_credential_report - Parameters: [] -Tags: - category: - - Security - persona: - - DevOps - - Security - - Executive diff --git a/queries/48-aws_insight_iam_user_with_old_keys.yaml.bak b/queries/48-aws_insight_iam_user_with_old_keys.yaml.bak deleted file mode 100755 index af2dc9b38..000000000 --- a/queries/48-aws_insight_iam_user_with_old_keys.yaml.bak +++ /dev/null @@ -1,19 +0,0 @@ -ID: aws_insight_iam_user_with_old_keys -Title: "IAM Users with old access keys" -Description: "IAM users with access keys older than 90 days" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: select access_key_1_active, access_key_1_last_rotated, access_key_2_active, access_key_2_last_rotated, user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where ((access_key_1_active = true AND (access_key_1_last_rotated IS NULL OR (current_date - DATE(access_key_1_last_rotated)) > 90)) OR (access_key_2_active = true AND (access_key_2_last_rotated IS NULL OR (current_date - DATE(access_key_2_last_rotated)) > 90))) - PrimaryTable: aws_iam_credential_report - ListOfTables: - - aws_iam_credential_report - Parameters: [] -Tags: - category: - - Security - persona: - - DevOps - - Security - - Executive diff --git a/queries/49-aws_insight_iam_user_with_old_password.yaml.bak b/queries/49-aws_insight_iam_user_with_old_password.yaml.bak deleted file mode 100755 index dea1fb62f..000000000 --- a/queries/49-aws_insight_iam_user_with_old_password.yaml.bak +++ /dev/null @@ -1,19 +0,0 @@ -ID: aws_insight_iam_user_with_old_password -Title: "IAM Users with old access password" -Description: "IAM users with password older than 90 days" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: select password_enabled, password_last_changed, user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (password_enabled = true AND (password_last_changed IS NULL OR (current_date - DATE(password_last_changed)) > 90)) - PrimaryTable: aws_iam_credential_report - ListOfTables: - - aws_iam_credential_report - Parameters: [] -Tags: - category: - - Security - persona: - - DevOps - - Security - - Executive diff --git a/queries/5-aws_insight_ebs_volume_unattached.yaml.bak b/queries/5-aws_insight_ebs_volume_unattached.yaml.bak deleted file mode 100755 index 28da3fd24..000000000 --- a/queries/5-aws_insight_ebs_volume_unattached.yaml.bak +++ /dev/null @@ -1,21 +0,0 @@ -ID: aws_insight_ebs_volume_unattached -Title: "Unused EBS Disks" -Description: "List of unattached EBS Volumes" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select volume_id, volume_type, account_id, og_account_id, og_resource_id - from - aws_ebs_volume - where - jsonb_array_length(attachments) = 0; - PrimaryTable: aws_ebs_volume - ListOfTables: - - aws_ebs_volume - Parameters: [] -Tags: - category: - - Technical Debt - - Cost Management diff --git a/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml.bak b/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml.bak deleted file mode 100755 index 6d822d392..000000000 --- a/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml.bak +++ /dev/null @@ -1,19 +0,0 @@ -ID: aws_insight_ec2_instance_of_undesired_type -Title: "Legacy Instance Types" -Description: "List of Instances which are not of the desired type." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: SELECT instance_id, arn, instance_type, instance_state, account_id, og_account_id, og_resource_id FROM aws_ec2_instance WHERE instance_type LIKE ANY(array['m1.%', 'm2.%', 'm3.%', 'c1.%', 'c3.%', 'g2.%', 'cr1.%', 'r3.%', 'i2.%', 'hs1.%', 't1.%']); - PrimaryTable: aws_ec2_instance - ListOfTables: - - aws_ec2_instance - Parameters: [] -Tags: - category: - - Technical Debt - persona: - - Executive - - Product - - FinOps diff --git a/queries/7-aws_insight_iam_user_with_admin_access.yaml.bak b/queries/7-aws_insight_iam_user_with_admin_access.yaml.bak deleted file mode 100755 index cb4f2998b..000000000 --- a/queries/7-aws_insight_iam_user_with_admin_access.yaml.bak +++ /dev/null @@ -1,21 +0,0 @@ -ID: aws_insight_iam_user_with_admin_access -Title: "Admin Users" -Description: "List all the users having Administrator access" -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select name as user_name, split_part(attachments, '/', 2) as attached_policies, aws_iam_user.account_id, aws_iam_user.og_account_id, aws_iam_user.og_resource_id - from - aws_iam_user - cross join jsonb_array_elements_text(attached_policy_arns) as attachments - where - split_part(attachments, '/', 2) = 'AdministratorAccess'; - PrimaryTable: aws_iam_user - ListOfTables: - - aws_iam_user - Parameters: [] -Tags: - category: - - Security diff --git a/queries/7-aws_insight_iam_user_with_admin_access.yaml.bak.bak b/queries/7-aws_insight_iam_user_with_admin_access.yaml.bak.bak deleted file mode 100755 index cb4f2998b..000000000 --- a/queries/7-aws_insight_iam_user_with_admin_access.yaml.bak.bak +++ /dev/null @@ -1,21 +0,0 @@ -ID: aws_insight_iam_user_with_admin_access -Title: "Admin Users" -Description: "List all the users having Administrator access" -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select name as user_name, split_part(attachments, '/', 2) as attached_policies, aws_iam_user.account_id, aws_iam_user.og_account_id, aws_iam_user.og_resource_id - from - aws_iam_user - cross join jsonb_array_elements_text(attached_policy_arns) as attachments - where - split_part(attachments, '/', 2) = 'AdministratorAccess'; - PrimaryTable: aws_iam_user - ListOfTables: - - aws_iam_user - Parameters: [] -Tags: - category: - - Security diff --git a/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml.bak b/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml.bak deleted file mode 100755 index c581e2cb7..000000000 --- a/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_insight_iam_user_with_mfa_disabled -Title: "Users with no MFA" -Description: "List all the users for whom MFA is not enabled" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - user_id, - mfa_enabled, account_id, og_account_id, og_resource_id - from - aws_iam_user - where - not mfa_enabled; - PrimaryTable: aws_iam_user - ListOfTables: - - aws_iam_user - Parameters: [] -Tags: - category: - - Security - - Technical Debt diff --git a/queries/9-aws_insight_iam_user_with_inline_policies.yaml.bak b/queries/9-aws_insight_iam_user_with_inline_policies.yaml.bak deleted file mode 100755 index 897faae40..000000000 --- a/queries/9-aws_insight_iam_user_with_inline_policies.yaml.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: aws_insight_iam_user_with_inline_policies -Title: "Users with Inline Policies" -Description: "List users that have inline policies" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as user_name, - inline_policies, account_id, og_account_id, og_resource_id - from - aws_iam_user - where - inline_policies is not null; - PrimaryTable: aws_iam_user - ListOfTables: - - aws_iam_user - Parameters: [] -Tags: - category: - - Security - - Technical Debt diff --git a/queries/ai_workload.yaml.bak b/queries/ai_workload.yaml.bak deleted file mode 100755 index 2d9e73451..000000000 --- a/queries/ai_workload.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: ai_workload -Title: "AI Workload" -Description: "AI Workload" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('microsoft.cognitiveservices/accounts') - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - - azure - cloud_service: - - Cognitive Services - platform_queries_bookmark: - - "true" diff --git a/queries/autoscaling_workload.yaml.bak b/queries/autoscaling_workload.yaml.bak deleted file mode 100755 index 966537563..000000000 --- a/queries/autoscaling_workload.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: autoscaling_workload -Title: "List All Autoscaling Groups and VM Scale Sets" -Description: "List All Autoscaling Groups and VM Scale Sets" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::autoscaling::autoscalinggroup', 'microsoft.compute/virtualmachinescalesets') - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - - azure - cloud_service: - - Auto Scaling and VM Scale Set diff --git a/queries/aws_accessanalyzer_analyzer_1.yaml.bak b/queries/aws_accessanalyzer_analyzer_1.yaml.bak deleted file mode 100755 index fad345240..000000000 --- a/queries/aws_accessanalyzer_analyzer_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_accessanalyzer_analyzer_1 -Title: "List all AWS Access Analyzer Information" -Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - last_resource_analyzed, - last_resource_analyzed_at, - status, - type - from - aws_accessanalyzer_analyzer; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Access Analyzer diff --git a/queries/aws_accessanalyzer_analyzer_2.yaml.bak b/queries/aws_accessanalyzer_analyzer_2.yaml.bak deleted file mode 100755 index 8471ade2e..000000000 --- a/queries/aws_accessanalyzer_analyzer_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_accessanalyzer_analyzer_2 -Title: "Find AWS IAM Access Analyzer Analyzers Information" -Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - status - last_resource_analyzed, - last_resource_analyzed_at, - tags - from - aws_accessanalyzer_analyzer - where - status = 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Access Analyzer diff --git a/queries/aws_accessanalyzer_analyzer_2.yaml.bak.bak b/queries/aws_accessanalyzer_analyzer_2.yaml.bak.bak deleted file mode 100755 index 8471ade2e..000000000 --- a/queries/aws_accessanalyzer_analyzer_2.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_accessanalyzer_analyzer_2 -Title: "Find AWS IAM Access Analyzer Analyzers Information" -Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - status - last_resource_analyzed, - last_resource_analyzed_at, - tags - from - aws_accessanalyzer_analyzer - where - status = 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Access Analyzer diff --git a/queries/aws_accessanalyzer_analyzer_3.yaml.bak b/queries/aws_accessanalyzer_analyzer_3.yaml.bak deleted file mode 100755 index 20614a683..000000000 --- a/queries/aws_accessanalyzer_analyzer_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_accessanalyzer_analyzer_3 -Title: "Find AWS IAM Access Analyzer Details" -Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - status, - type, - last_resource_analyzed - from - aws_accessanalyzer_analyzer - where - status = 'ACTIVE' - and findings is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Access Analyzer diff --git a/queries/aws_accessanalyzer_finding_1.yaml.bak b/queries/aws_accessanalyzer_finding_1.yaml.bak deleted file mode 100755 index 97b03183a..000000000 --- a/queries/aws_accessanalyzer_finding_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_accessanalyzer_finding_1 -Title: "Find AWS IAM Access Analyzer Findings for Security Risks" -Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - access_analyzer_arn, - analyzed_at, - resource_type, - status, - is_public - from - aws_accessanalyzer_finding; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Access Analyzer diff --git a/queries/aws_accessanalyzer_finding_1.yaml.bak.bak b/queries/aws_accessanalyzer_finding_1.yaml.bak.bak deleted file mode 100755 index 97b03183a..000000000 --- a/queries/aws_accessanalyzer_finding_1.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_accessanalyzer_finding_1 -Title: "Find AWS IAM Access Analyzer Findings for Security Risks" -Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - access_analyzer_arn, - analyzed_at, - resource_type, - status, - is_public - from - aws_accessanalyzer_finding; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Access Analyzer diff --git a/queries/aws_accessanalyzer_finding_2.yaml.bak b/queries/aws_accessanalyzer_finding_2.yaml.bak deleted file mode 100755 index f75c5a9c1..000000000 --- a/queries/aws_accessanalyzer_finding_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_accessanalyzer_finding_2 -Title: "Find all AWS IAM Access Analyzer public findings" -Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - resource_type, - access_analyzer_arn, - status, - is_public - from - aws_accessanalyzer_finding - where - is_public = true; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Access Analyzer diff --git a/queries/aws_accessanalyzer_finding_3.yaml.bak b/queries/aws_accessanalyzer_finding_3.yaml.bak deleted file mode 100755 index 87321cd41..000000000 --- a/queries/aws_accessanalyzer_finding_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_accessanalyzer_finding_3 -Title: "List AWS Access Analyzer Findings Security Risks" -Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_type, - count(*) as findings_count - from - aws_accessanalyzer_finding - group by - resource_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Access Analyzer diff --git a/queries/aws_accessanalyzer_finding_4.yaml.bak b/queries/aws_accessanalyzer_finding_4.yaml.bak deleted file mode 100755 index 232575b4d..000000000 --- a/queries/aws_accessanalyzer_finding_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_accessanalyzer_finding_4 -Title: "Find AWS Access Analyzer Findings in Last 30 Days" -Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - resource, - status, - analyzed_at - from - aws_accessanalyzer_finding - where - analyzed_at > current_date - interval '30 days'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Access Analyzer diff --git a/queries/aws_account_1.yaml.bak b/queries/aws_account_1.yaml.bak deleted file mode 100755 index abd5ca57f..000000000 --- a/queries/aws_account_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_account_1 -Title: "List all AWS Account Details with Status and Owner" -Description: "Allows users to query AWS Account information, including details about the account''s status, owner, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - alias, - arn, - organization_id, - organization_master_account_email, - organization_master_account_id - from - aws_account - cross join jsonb_array_elements(account_aliases) as alias; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Account diff --git a/queries/aws_account_2.yaml.bak b/queries/aws_account_2.yaml.bak deleted file mode 100755 index 89e6cb185..000000000 --- a/queries/aws_account_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_account_2 -Title: "Find AWS Account Information and Associated Resources" -Description: "Allows users to query AWS Account information, including details about the account''s status, owner, and associated resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - organization_id, - policy ->> 'Type' as policy_type, - policy ->> 'Status' as policy_status - from - aws_account - cross join jsonb_array_elements(organization_available_policy_types) as policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Account diff --git a/queries/aws_account_2.yaml.bak.bak b/queries/aws_account_2.yaml.bak.bak deleted file mode 100755 index 89e6cb185..000000000 --- a/queries/aws_account_2.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_account_2 -Title: "Find AWS Account Information and Associated Resources" -Description: "Allows users to query AWS Account information, including details about the account''s status, owner, and associated resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - organization_id, - policy ->> 'Type' as policy_type, - policy ->> 'Status' as policy_status - from - aws_account - cross join jsonb_array_elements(organization_available_policy_types) as policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Account diff --git a/queries/aws_account_alternate_contact_1.yaml.bak b/queries/aws_account_alternate_contact_1.yaml.bak deleted file mode 100755 index 97a3148c9..000000000 --- a/queries/aws_account_alternate_contact_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_account_alternate_contact_1 -Title: "Find AWS Account Alternate Contact Details" -Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - linked_account_id, - contact_type, - email_address, - phone_number, - contact_title - from - aws_account_alternate_contact; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Account diff --git a/queries/aws_account_alternate_contact_2.yaml.bak b/queries/aws_account_alternate_contact_2.yaml.bak deleted file mode 100755 index 76b6e41ba..000000000 --- a/queries/aws_account_alternate_contact_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_account_alternate_contact_2 -Title: "Find AWS Account Alternate Contact Details" -Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - linked_account_id, - contact_type, - email_address, - phone_number, - contact_title - from - aws_account_alternate_contact - where - contact_type = 'BILLING'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Account diff --git a/queries/aws_account_alternate_contact_3.yaml.bak b/queries/aws_account_alternate_contact_3.yaml.bak deleted file mode 100755 index 946a1260f..000000000 --- a/queries/aws_account_alternate_contact_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_account_alternate_contact_3 -Title: "Find AWS Account Alternate Contact Details" -Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - linked_account_id, - contact_type, - email_address, - phone_number, - contact_title - from - aws_account_alternate_contact - where - linked_account_id = '123456789012'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Account Management diff --git a/queries/aws_account_alternate_contact_4.yaml.bak b/queries/aws_account_alternate_contact_4.yaml.bak deleted file mode 100755 index 7e298d3cc..000000000 --- a/queries/aws_account_alternate_contact_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_account_alternate_contact_4 -Title: "Find all AWS Account Alternate Contacts using SQL" -Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - linked_account_id, - contact_type, - email_address, - phone_number, - contact_title - from - aws_account_alternate_contact - where - linked_account_id = '123456789012' - and contact_type = 'SECURITY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Account Management diff --git a/queries/aws_account_contact_1.yaml.bak b/queries/aws_account_contact_1.yaml.bak deleted file mode 100755 index fc3bfa683..000000000 --- a/queries/aws_account_contact_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_account_contact_1 -Title: "List AWS Account Contact Details using SQL" -Description: "Allows users to query AWS Account Contact details, including email, mobile, and address information associated with an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - full_name, - company_name, - city, - phone_number, - postal_code, - state_or_region, - website_url - from - aws_account_contact; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Account Contact diff --git a/queries/aws_account_contact_2.yaml.bak b/queries/aws_account_contact_2.yaml.bak deleted file mode 100755 index ee9a0619c..000000000 --- a/queries/aws_account_contact_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_account_contact_2 -Title: "Find AWS Account Contact details using SQL" -Description: "Allows users to query AWS Account Contact details, including email, mobile, and address information associated with an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - full_name, - company_name, - city, - phone_number, - postal_code, - state_or_region, - website_url - from - aws_account_contact - where - linked_account_id = '123456789012'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Account Contact diff --git a/queries/aws_acm_certificate_1.yaml.bak b/queries/aws_acm_certificate_1.yaml.bak deleted file mode 100755 index 4852a8892..000000000 --- a/queries/aws_acm_certificate_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_acm_certificate_1 -Title: "Find AWS ACM Certificates and Their Details" -Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_arn, - domain_name, - failure_reason, - in_use_by, - status, - key_algorithm - from - aws_acm_certificate; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Certificate Manager diff --git a/queries/aws_acm_certificate_2.yaml.bak b/queries/aws_acm_certificate_2.yaml.bak deleted file mode 100755 index 94de12ba4..000000000 --- a/queries/aws_acm_certificate_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_acm_certificate_2 -Title: "List all AWS Certificate Manager certificates status" -Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_arn, - domain_name, - status - from - aws_acm_certificate - where - status = 'EXPIRED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Certificate Manager diff --git a/queries/aws_acm_certificate_3.yaml.bak b/queries/aws_acm_certificate_3.yaml.bak deleted file mode 100755 index 4ca472f1e..000000000 --- a/queries/aws_acm_certificate_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_acm_certificate_3 -Title: "Find all AWS Certificate Manager certificates details" -Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_arn, - domain_name, - status - from - aws_acm_certificate - where - certificate_transparency_logging_preference <> 'ENABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Certificate Manager diff --git a/queries/aws_acm_certificate_4.yaml.bak b/queries/aws_acm_certificate_4.yaml.bak deleted file mode 100755 index 3621ef82c..000000000 --- a/queries/aws_acm_certificate_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_acm_certificate_4 -Title: "List all AWS Certificate Manager certificates with SQL" -Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_arn, - tags - from - aws_acm_certificate - where - not tags :: JSONB ? 'application'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Certificate Manager diff --git a/queries/aws_acmpca_certificate_authority_1.yaml.bak b/queries/aws_acmpca_certificate_authority_1.yaml.bak deleted file mode 100755 index dd9ba523f..000000000 --- a/queries/aws_acmpca_certificate_authority_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_acmpca_certificate_authority_1 -Title: "List all AWS ACM PCA Certificate Authorities details" -Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - status, - created_at, - not_before, - not_after, - key_storage_security_standard, - failure_reason - from - aws_acmpca_certificate_authority; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ACM PCA diff --git a/queries/aws_acmpca_certificate_authority_2.yaml.bak b/queries/aws_acmpca_certificate_authority_2.yaml.bak deleted file mode 100755 index 93f6f740e..000000000 --- a/queries/aws_acmpca_certificate_authority_2.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_acmpca_certificate_authority_2 -Title: "List all AWS ACM PCA Certificate Authority Details" -Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - status, - key_storage_security_standard - from - aws_acmpca_certificate_authority - where - key_storage_security_standard = 'FIPS_140_2_LEVEL_3_OR_HIGHER'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "false" - cloud_data_security: - - "false" - cloud_finops: - - "false" - cloud_identity_security: - - "true" - cloud_network_security: - - "false" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ACM PCA diff --git a/queries/aws_acmpca_certificate_authority_3.yaml.bak b/queries/aws_acmpca_certificate_authority_3.yaml.bak deleted file mode 100755 index c73ae790b..000000000 --- a/queries/aws_acmpca_certificate_authority_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_acmpca_certificate_authority_3 -Title: "List all AWS ACM PCA Certificate Authorities details and status" -Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - status, - created_at, - last_state_change_at - from - aws_acmpca_certificate_authority - where - status = 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ACM PCA diff --git a/queries/aws_acmpca_certificate_authority_4.yaml.bak b/queries/aws_acmpca_certificate_authority_4.yaml.bak deleted file mode 100755 index bff793e58..000000000 --- a/queries/aws_acmpca_certificate_authority_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_acmpca_certificate_authority_4 -Title: "List all AWS ACM PCA Certificate Authorities details" -Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - tags - from - aws_acmpca_certificate_authority - where - (tags ->> 'Project') = 'MyProject'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ACM PCA diff --git a/queries/aws_amplify_app_1.yaml.bak b/queries/aws_amplify_app_1.yaml.bak deleted file mode 100755 index 0239266f1..000000000 --- a/queries/aws_amplify_app_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_amplify_app_1 -Title: "Find all detailed information about AWS Amplify Apps" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - app_id, - name, - description, - arn, - platform, - create_time, - build_spec - from - aws_amplify_app; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Amplify diff --git a/queries/aws_amplify_app_2.yaml.bak b/queries/aws_amplify_app_2.yaml.bak deleted file mode 100755 index f65dc1dc4..000000000 --- a/queries/aws_amplify_app_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_amplify_app_2 -Title: "List AWS Amplify Apps with Details Including Creation Date" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - app_id, - create_time - from - aws_amplify_app - where - create_time >= (now() - interval '90' day) - order by - create_time; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Amplify diff --git a/queries/aws_amplify_app_3.yaml.bak b/queries/aws_amplify_app_3.yaml.bak deleted file mode 100755 index c75410d43..000000000 --- a/queries/aws_amplify_app_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_amplify_app_3 -Title: "List all AWS Amplify Apps with Recent Update Time" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - app_id, - update_time - from - aws_amplify_app - where - update_time >= (now() - interval '1' hour) - order by - update_time; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amplify diff --git a/queries/aws_amplify_app_4.yaml.bak b/queries/aws_amplify_app_4.yaml.bak deleted file mode 100755 index ba4feaa55..000000000 --- a/queries/aws_amplify_app_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_amplify_app_4 -Title: "Find AWS Amplify Apps with Branch Details" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - production_branch ->> 'BranchName' as branch_name, - production_branch ->> 'LastDeployTime' as last_deploy_time, - production_branch ->> 'Status' as status - from - aws_amplify_app - where - name = 'amplify_app_name'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amplify diff --git a/queries/aws_amplify_app_5.yaml.bak b/queries/aws_amplify_app_5.yaml.bak deleted file mode 100755 index 570f6b83c..000000000 --- a/queries/aws_amplify_app_5.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_amplify_app_5 -Title: "List all AWS Amplify Apps with Detailed Information" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - app_id, - build_spec ->> 'backend' as build_backend_spec, - build_spec ->> 'frontend' as build_frontend_spec, - build_spec ->> 'test' as build_test_spec, - build_spec ->> 'env' as build_env_settings - from - aws_amplify_app - where - name = 'amplify_app_name'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amplify diff --git a/queries/aws_amplify_app_6.yaml.bak b/queries/aws_amplify_app_6.yaml.bak deleted file mode 100755 index 6ac185c5e..000000000 --- a/queries/aws_amplify_app_6.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_amplify_app_6 -Title: "Find AWS Amplify Apps with Detailed Information" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - redirects_array ->> 'Condition' as country_code, - redirects_array ->> 'Source' as source_address, - redirects_array ->> 'Status' as redirect_type, - redirects_array ->> 'Target' as destination_address - from - aws_amplify_app, - jsonb_array_elements(custom_rules) as redirects_array - where - redirects_array ->> 'Status' = '200' - and name = 'amplify_app_name'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amplify diff --git a/queries/aws_amplify_app_6.yaml.bak.bak b/queries/aws_amplify_app_6.yaml.bak.bak deleted file mode 100755 index 6ac185c5e..000000000 --- a/queries/aws_amplify_app_6.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_amplify_app_6 -Title: "Find AWS Amplify Apps with Detailed Information" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - redirects_array ->> 'Condition' as country_code, - redirects_array ->> 'Source' as source_address, - redirects_array ->> 'Status' as redirect_type, - redirects_array ->> 'Target' as destination_address - from - aws_amplify_app, - jsonb_array_elements(custom_rules) as redirects_array - where - redirects_array ->> 'Status' = '200' - and name = 'amplify_app_name'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amplify diff --git a/queries/aws_amplify_app_7.yaml.bak b/queries/aws_amplify_app_7.yaml.bak deleted file mode 100755 index 0eb01fa92..000000000 --- a/queries/aws_amplify_app_7.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_amplify_app_7 -Title: "List all AWS Amplify Apps with Auto Build enabled" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - app_id, - name, - description, - arn - from - aws_amplify_app - where - enable_branch_auto_build = true; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amplify diff --git a/queries/aws_api_gateway_api_key_1.yaml.bak b/queries/aws_api_gateway_api_key_1.yaml.bak deleted file mode 100755 index 0a9ba4d4e..000000000 --- a/queries/aws_api_gateway_api_key_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_api_gateway_api_key_1 -Title: "List All API Keys Details in AWS API Gateway" -Description: "Allows users to query API Keys in AWS API Gateway. The `aws_api_gateway_api_key` table in Steampipe provides information about API Keys within AWS API Gateway. This table allows DevOps engineers to query API Key-specific details, including its ID, value, enabled status, and associated metadata. Users can utilize this table to gather insights on API Keys, such as keys that are enabled, keys associated with specific stages, and more. The schema outlines the various attributes of the API Key, including the key ID, creation date, enabled status, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - enabled, - created_date, - last_updated_date, - customer_id, - stage_keys - from - aws_api_gateway_api_key; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_api_key_2.yaml.bak b/queries/aws_api_gateway_api_key_2.yaml.bak deleted file mode 100755 index ef4280083..000000000 --- a/queries/aws_api_gateway_api_key_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_api_gateway_api_key_2 -Title: "Find AWS API Gateway API Keys That Are Disabled" -Description: "Allows users to query API Keys in AWS API Gateway. The `aws_api_gateway_api_key` table in Steampipe provides information about API Keys within AWS API Gateway. This table allows DevOps engineers to query API Key-specific details, including its ID, value, enabled status, and associated metadata. Users can utilize this table to gather insights on API Keys, such as keys that are enabled, keys associated with specific stages, and more. The schema outlines the various attributes of the API Key, including the key ID, creation date, enabled status, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - customer_id - from - aws_api_gateway_api_key - where - not enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_authorizer_1.yaml.bak b/queries/aws_api_gateway_authorizer_1.yaml.bak deleted file mode 100755 index 1b4d6ac29..000000000 --- a/queries/aws_api_gateway_authorizer_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_api_gateway_authorizer_1 -Title: "Find AWS API Gateway Authorizer Configuration Details" -Description: "Allows users to query AWS API Gateway Authorizer and access data about API Gateway Authorizers in an AWS account. This data includes the authorizer''s ID, name, type, provider ARNs, and other configuration details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - rest_api_id, - auth_type, - authorizer_credentials, - identity_validation_expression, - identity_source - from - aws_api_gateway_authorizer; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_authorizer_2.yaml.bak b/queries/aws_api_gateway_authorizer_2.yaml.bak deleted file mode 100755 index e9cd2f378..000000000 --- a/queries/aws_api_gateway_authorizer_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_api_gateway_authorizer_2 -Title: "List all AWS API Gateway Authorizers with Cognito User Pools" -Description: "Allows users to query AWS API Gateway Authorizer and access data about API Gateway Authorizers in an AWS account. This data includes the authorizer''s ID, name, type, provider ARNs, and other configuration details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - rest_api_id, - auth_type - from - aws_api_gateway_authorizer - where - auth_type = 'cognito_user_pools'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_domain_name_1.yaml.bak b/queries/aws_api_gateway_domain_name_1.yaml.bak deleted file mode 100755 index 31433ee15..000000000 --- a/queries/aws_api_gateway_domain_name_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_api_gateway_domain_name_1 -Title: "List all AWS API Gateway Domain Names with Configuration" -Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - certificate_arn, - distribution_domain_name, - distribution_hosted_zone_id, - domain_name_status, - ownership_verification_certificate_arn - from - aws_api_gateway_domain_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_domain_name_2.yaml.bak b/queries/aws_api_gateway_domain_name_2.yaml.bak deleted file mode 100755 index 2a4720fce..000000000 --- a/queries/aws_api_gateway_domain_name_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_api_gateway_domain_name_2 -Title: "Find AWS API Gateway Domain Names and Configurations" -Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - certificate_arn, - certificate_upload_date, - regional_certificate_arn, - domain_name_status - from - aws_api_gateway_domain_name - where - domain_name_status = 'AVAILABLE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_domain_name_3.yaml.bak b/queries/aws_api_gateway_domain_name_3.yaml.bak deleted file mode 100755 index e025de6b5..000000000 --- a/queries/aws_api_gateway_domain_name_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_api_gateway_domain_name_3 -Title: "Find AWS API Gateway Domain Names and Certificates" -Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.domain_name, - d.regional_certificate_arn, - c.certificate, - c.certificate_transparency_logging_preference, - c.created_at, - c.imported_at, - c.issuer, - c.issued_at, - c.key_algorithm - from - aws_api_gateway_domain_name as d, - aws_acm_certificate as c - where - c.certificate_arn = d.regional_certificate_arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_domain_name_4.yaml.bak b/queries/aws_api_gateway_domain_name_4.yaml.bak deleted file mode 100755 index 302bff709..000000000 --- a/queries/aws_api_gateway_domain_name_4.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_api_gateway_domain_name_4 -Title: "Find AWS API Gateway Domain Names Configuration Certificates" -Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - endpoint_configuration -> 'Types' as endpoint_types, - endpoint_configuration -> 'VpcEndpointIds' as vpc_endpoint_ids - from - aws_api_gateway_domain_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_domain_name_5.yaml.bak b/queries/aws_api_gateway_domain_name_5.yaml.bak deleted file mode 100755 index 96be1a5b3..000000000 --- a/queries/aws_api_gateway_domain_name_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_api_gateway_domain_name_5 -Title: "Find AWS API Gateway Domain Configuration and Certificates" -Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - mutual_tls_authentication ->> 'TruststoreUri' as truststore_uri, - mutual_tls_authentication ->> 'TruststoreVersion' as truststore_version, - mutual_tls_authentication ->> 'TruststoreWarnings' as truststore_warnings - from - aws_api_gateway_domain_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_method_1.yaml.bak b/queries/aws_api_gateway_method_1.yaml.bak deleted file mode 100755 index 0e7a5448d..000000000 --- a/queries/aws_api_gateway_method_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_api_gateway_method_1 -Title: "List all AWS API Gateway Methods" -Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rest_api_id, - resource_id, - http_method, - path, - api_key_required - from - aws_api_gateway_method; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_method_2.yaml.bak b/queries/aws_api_gateway_method_2.yaml.bak deleted file mode 100755 index 6f9837ef9..000000000 --- a/queries/aws_api_gateway_method_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_api_gateway_method_2 -Title: "Find AWS API Gateway Methods with SQL Queries" -Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rest_api_id, - resource_id, - http_method, - operation_name - from - aws_api_gateway_method - where - http_method = 'GET'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_method_3.yaml.bak b/queries/aws_api_gateway_method_3.yaml.bak deleted file mode 100755 index 0db8ff704..000000000 --- a/queries/aws_api_gateway_method_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_api_gateway_method_3 -Title: "List AWS API Gateway Methods Using SQL" -Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rest_api_id, - resource_id, - http_method, - path, - authorization_type, - authorizer_id - from - aws_api_gateway_method - where - authorization_type = 'none'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_method_4.yaml.bak b/queries/aws_api_gateway_method_4.yaml.bak deleted file mode 100755 index 5aee9995a..000000000 --- a/queries/aws_api_gateway_method_4.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_api_gateway_method_4 -Title: "List all AWS API Gateway Methods using SQL" -Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rest_api_id, - resource_id, - http_method, - method_integration -> 'CacheKeyParameters' as cache_key_parameters, - method_integration ->> 'CacheNamespace' as cache_namespace, - method_integration ->> 'ConnectionId' as connection_id, - method_integration ->> 'ConnectionType' as connection_type, - method_integration ->> 'ContentHandling' as content_handling, - method_integration ->> 'Credentials' as credentials, - method_integration ->> 'HttpMethod' as http_method, - method_integration ->> 'PassthroughBehavior' as passthrough_behavior, - method_integration ->> 'RequestParameters' as request_parameters, - method_integration -> 'RequestTemplates' as request_templates, - method_integration ->> 'TimeoutInMillis' as timeout_in_millis, - method_integration ->> 'tls_config' as tls_config, - method_integration ->> 'Type' as type, - method_integration ->> 'Uri' as uri, - method_integration -> 'IntegrationResponses' as integration_responses - from - aws_api_gateway_method; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_rest_api_1.yaml.bak b/queries/aws_api_gateway_rest_api_1.yaml.bak deleted file mode 100755 index 43e042377..000000000 --- a/queries/aws_api_gateway_rest_api_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_api_gateway_rest_api_1 -Title: "List all AWS API Gateway REST APIs with details" -Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - api_key_source, - minimum_compression_size, - binary_media_types - from - aws_api_gateway_rest_api; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_rest_api_2.yaml.bak b/queries/aws_api_gateway_rest_api_2.yaml.bak deleted file mode 100755 index eb86f2263..000000000 --- a/queries/aws_api_gateway_rest_api_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_api_gateway_rest_api_2 -Title: "List all AWS API Gateway REST APIs with SQL" -Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - api_key_source, - minimum_compression_size - from - aws_api_gateway_rest_api - where - minimum_compression_size is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_rest_api_3.yaml.bak b/queries/aws_api_gateway_rest_api_3.yaml.bak deleted file mode 100755 index a255d3982..000000000 --- a/queries/aws_api_gateway_rest_api_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_api_gateway_rest_api_3 -Title: "List AWS API Gateway REST APIs Information" -Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - api_key_source, - endpoint_configuration_types, - endpoint_configuration_vpc_endpoint_ids - from - aws_api_gateway_rest_api - where - not endpoint_configuration_types ? 'PRIVATE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_rest_api_4.yaml.bak b/queries/aws_api_gateway_rest_api_4.yaml.bak deleted file mode 100755 index 6e5bf3b8f..000000000 --- a/queries/aws_api_gateway_rest_api_4.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_api_gateway_rest_api_4 -Title: "Find AWS API Gateway REST APIs Information" -Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_api_gateway_rest_api, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - string_to_array(p, ':') as pa, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and ( - pa [5] != account_id - or p = '*' - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_rest_api_5.yaml.bak b/queries/aws_api_gateway_rest_api_5.yaml.bak deleted file mode 100755 index 0a85864fe..000000000 --- a/queries/aws_api_gateway_rest_api_5.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_api_gateway_rest_api_5 -Title: "List all AWS API Gateway REST APIs and Their Policies" -Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_api_gateway_rest_api, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - p = '*' - and s ->> 'Effect' = 'Allow'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_stage_1.yaml.bak b/queries/aws_api_gateway_stage_1.yaml.bak deleted file mode 100755 index 297ab7190..000000000 --- a/queries/aws_api_gateway_stage_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_api_gateway_stage_1 -Title: "Find AWS API Gateway Stages and Deployment Details" -Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rest_api_id, - count(name) stage_count - from - aws_api_gateway_stage - group by - rest_api_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_stage_2.yaml.bak b/queries/aws_api_gateway_stage_2.yaml.bak deleted file mode 100755 index 8ee323067..000000000 --- a/queries/aws_api_gateway_stage_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_api_gateway_stage_2 -Title: "List all AWS API Gateway stages with cache enabled" -Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rest_api_id, - cache_cluster_enabled, - cache_cluster_size - from - aws_api_gateway_stage - where - cache_cluster_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_stage_3.yaml.bak b/queries/aws_api_gateway_stage_3.yaml.bak deleted file mode 100755 index ee613ba7c..000000000 --- a/queries/aws_api_gateway_stage_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_api_gateway_stage_3 -Title: "Find AWS API Gateway Stages for deployments and APIs" -Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - split_part(web_acl_arn, '/', 3) as web_acl_name - from - aws_api_gateway_stage; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_stage_4.yaml.bak b/queries/aws_api_gateway_stage_4.yaml.bak deleted file mode 100755 index 464cace95..000000000 --- a/queries/aws_api_gateway_stage_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_api_gateway_stage_4 -Title: "Find AWS API Gateway Stages for Deployment and API Details" -Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - deployment_id, - name, - tracing_enabled, - method_settings -> '*/*' ->> 'LoggingLevel' as cloudwatch_log_level - from - aws_api_gateway_stage - where - method_settings -> '*/*' ->> 'LoggingLevel' = 'OFF'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_usage_plan_1.yaml.bak b/queries/aws_api_gateway_usage_plan_1.yaml.bak deleted file mode 100755 index 11f3731ec..000000000 --- a/queries/aws_api_gateway_usage_plan_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_api_gateway_usage_plan_1 -Title: "Find AWS API Gateway Usage Plans Information" -Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - product_code, - description, - api_stages - from - aws_api_gateway_usage_plan; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_usage_plan_2.yaml.bak b/queries/aws_api_gateway_usage_plan_2.yaml.bak deleted file mode 100755 index ea50097ad..000000000 --- a/queries/aws_api_gateway_usage_plan_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_api_gateway_usage_plan_2 -Title: "List all AWS API Gateway Usage Plans Information" -Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - quota - from - aws_api_gateway_usage_plan - where - quota is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_usage_plan_3.yaml.bak b/queries/aws_api_gateway_usage_plan_3.yaml.bak deleted file mode 100755 index ae2053413..000000000 --- a/queries/aws_api_gateway_usage_plan_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_api_gateway_usage_plan_3 -Title: "Find AWS API Gateway Usage Plans Details via SQL" -Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - throttle - from - aws_api_gateway_usage_plan - where - throttle is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gateway_usage_plan_3.yaml.bak.bak b/queries/aws_api_gateway_usage_plan_3.yaml.bak.bak deleted file mode 100755 index 826f0a03a..000000000 --- a/queries/aws_api_gateway_usage_plan_3.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_api_gateway_usage_plan_3 -Title: "Find AWS API Gateway Usage Plans Details via SQL" -Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - throttle - from - aws_api_gateway_usage_plan - where - throttle is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_api_1.yaml.bak b/queries/aws_api_gatewayv2_api_1.yaml.bak deleted file mode 100755 index eac84f6db..000000000 --- a/queries/aws_api_gatewayv2_api_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_api_gatewayv2_api_1 -Title: "List all Details of AWS API Gateway APIs" -Description: "Allows users to query API Gateway APIs and retrieve detailed information about each API, including its ID, name, protocol type, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - api_endpoint, - protocol_type, - api_key_selection_expression, - route_selection_expression - from - aws_api_gatewayv2_api; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_api_2.yaml.bak b/queries/aws_api_gatewayv2_api_2.yaml.bak deleted file mode 100755 index aa2a5d81a..000000000 --- a/queries/aws_api_gatewayv2_api_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_api_gatewayv2_api_2 -Title: "List all API Gateway APIs with name, ID, and protocol" -Description: "Allows users to query API Gateway APIs and retrieve detailed information about each API, including its ID, name, protocol type, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - protocol_type - from - aws_api_gatewayv2_api - where - protocol_type = 'WEBSOCKET'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_api_3.yaml.bak b/queries/aws_api_gatewayv2_api_3.yaml.bak deleted file mode 100755 index 344d400be..000000000 --- a/queries/aws_api_gatewayv2_api_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_api_gatewayv2_api_3 -Title: "List All AWS API Gateway APIs and Retrieve Details" -Description: "Allows users to query API Gateway APIs and retrieve detailed information about each API, including its ID, name, protocol type, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - api_endpoint - from - aws_api_gatewayv2_api - where - not disable_execute_api_endpoint; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_domain_name_1.yaml.bak b/queries/aws_api_gatewayv2_domain_name_1.yaml.bak deleted file mode 100755 index 34ba670ae..000000000 --- a/queries/aws_api_gatewayv2_domain_name_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_api_gatewayv2_domain_name_1 -Title: "Find all AWS API Gateway Domain Names Details using SQL" -Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - mutual_tls_authentication, - tags, - title, - akas - from - aws_api_gatewayv2_domain_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_domain_name_2.yaml.bak b/queries/aws_api_gatewayv2_domain_name_2.yaml.bak deleted file mode 100755 index 14e4a3c9c..000000000 --- a/queries/aws_api_gatewayv2_domain_name_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_api_gatewayv2_domain_name_2 -Title: "List all AWS API Gateway Domain Names with Details" -Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - config ->> 'EndpointType' as endpoint_type - from - aws_api_gatewayv2_domain_name - cross join jsonb_array_elements(domain_name_configurations) as config - where - config ->> 'EndpointType' = 'EDGE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_domain_name_3.yaml.bak b/queries/aws_api_gatewayv2_domain_name_3.yaml.bak deleted file mode 100755 index f8545a09e..000000000 --- a/queries/aws_api_gatewayv2_domain_name_3.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_api_gatewayv2_domain_name_3 -Title: "List all AWS API Gateway Domain Names and Details" -Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - config ->> 'EndpointType' as endpoint_type, - config ->> 'CertificateName' as certificate_name, - config ->> 'CertificateArn' as certificate_arn, - config ->> 'CertificateUploadDate' as certificate_upload_date, - config ->> 'DomainNameStatus' as domain_name_status, - config ->> 'DomainNameStatusMessage' as domain_name_status_message, - config ->> 'ApiGatewayDomainName' as api_gateway_domain_name, - config ->> 'HostedZoneId' as hosted_zone_id, - config ->> 'OwnershipVerificationCertificateArn' as ownership_verification_certificate_arn, - config -> 'SecurityPolicy' as security_policy - from - aws_api_gatewayv2_domain_name - cross join jsonb_array_elements(domain_name_configurations) as config; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_domain_name_4.yaml.bak b/queries/aws_api_gatewayv2_domain_name_4.yaml.bak deleted file mode 100755 index 802ecaf6e..000000000 --- a/queries/aws_api_gatewayv2_domain_name_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_api_gatewayv2_domain_name_4 -Title: "Find all AWS API Gateway Domain Names and Their Details" -Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - mutual_tls_authentication ->> 'TruststoreUri' as truststore_uri, - mutual_tls_authentication ->> 'TruststoreVersion' as truststore_version, - mutual_tls_authentication ->> 'TruststoreWarnings' as truststore_warnings - from - aws_api_gatewayv2_domain_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_domain_name_5.yaml.bak b/queries/aws_api_gatewayv2_domain_name_5.yaml.bak deleted file mode 100755 index 4585a9685..000000000 --- a/queries/aws_api_gatewayv2_domain_name_5.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_api_gatewayv2_domain_name_5 -Title: "List AWS API Gateway Domain Name Details with Certificate Info" -Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.domain_name, - config ->> 'CertificateArn' as certificate_arn, - c.certificate, - c.certificate_transparency_logging_preference, - c.created_at, - c.imported_at, - c.issuer, - c.issued_at, - c.key_algorithm - from - aws_api_gatewayv2_domain_name AS d - cross join jsonb_array_elements(d.domain_name_configurations) AS config - left join aws_acm_certificate AS c ON c.certificate_arn = config ->> 'CertificateArn'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_integration_1.yaml.bak b/queries/aws_api_gatewayv2_integration_1.yaml.bak deleted file mode 100755 index 1d232e88c..000000000 --- a/queries/aws_api_gatewayv2_integration_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_api_gatewayv2_integration_1 -Title: "Find AWS API Gateway Integrations with SQL" -Description: "Allows users to query AWS API Gateway Integrations to retrieve detailed information about each integration within the API Gateway." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - integration_id, - api_id, - integration_type, - integration_uri, - description - from - aws_api_gatewayv2_integration; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_integration_1.yaml.bak.bak b/queries/aws_api_gatewayv2_integration_1.yaml.bak.bak deleted file mode 100755 index 1d232e88c..000000000 --- a/queries/aws_api_gatewayv2_integration_1.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_api_gatewayv2_integration_1 -Title: "Find AWS API Gateway Integrations with SQL" -Description: "Allows users to query AWS API Gateway Integrations to retrieve detailed information about each integration within the API Gateway." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - integration_id, - api_id, - integration_type, - integration_uri, - description - from - aws_api_gatewayv2_integration; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_integration_2.yaml.bak b/queries/aws_api_gatewayv2_integration_2.yaml.bak deleted file mode 100755 index 21a4c40d6..000000000 --- a/queries/aws_api_gatewayv2_integration_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_api_gatewayv2_integration_2 -Title: "Find all AWS API Gateway Integrations Details" -Description: "Allows users to query AWS API Gateway Integrations to retrieve detailed information about each integration within the API Gateway." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - api_id, - count(integration_id) as integration_count - from - aws_api_gatewayv2_integration - group by - api_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_route_1.yaml.bak b/queries/aws_api_gatewayv2_route_1.yaml.bak deleted file mode 100755 index cb3b669f9..000000000 --- a/queries/aws_api_gatewayv2_route_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_api_gatewayv2_route_1 -Title: "Find AWS API Gateway V2 Route Details" -Description: "Allows users to query AWS API Gateway V2 Routes and obtain detailed information about each route, including the route key, route response selection expression, and target." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_key, - api_id, - route_id, - api_gateway_managed, - api_key_required - from - aws_api_gatewayv2_route; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway V2 diff --git a/queries/aws_api_gatewayv2_route_2.yaml.bak b/queries/aws_api_gatewayv2_route_2.yaml.bak deleted file mode 100755 index aa1ca060f..000000000 --- a/queries/aws_api_gatewayv2_route_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_api_gatewayv2_route_2 -Title: "List all AWS API Gateway V2 Routes including details" -Description: "Allows users to query AWS API Gateway V2 Routes and obtain detailed information about each route, including the route key, route response selection expression, and target." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_key, - api_id, - route_id - from - aws_api_gatewayv2_route - where - api_id = 'w5n71b2m85'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway V2 diff --git a/queries/aws_api_gatewayv2_route_3.yaml.bak b/queries/aws_api_gatewayv2_route_3.yaml.bak deleted file mode 100755 index 694c81ccc..000000000 --- a/queries/aws_api_gatewayv2_route_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_api_gatewayv2_route_3 -Title: "Find all AWS API Gateway V2 Routes with Details" -Description: "Allows users to query AWS API Gateway V2 Routes and obtain detailed information about each route, including the route key, route response selection expression, and target." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.route_id, - a.name, - a.api_id, - a.api_endpoint - from - aws_api_gatewayv2_route as r, - aws_api_gatewayv2_api as a - where - not a.disable_execute_api_endpoint; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway V2 diff --git a/queries/aws_api_gatewayv2_stage_1.yaml.bak b/queries/aws_api_gatewayv2_stage_1.yaml.bak deleted file mode 100755 index b4108abf7..000000000 --- a/queries/aws_api_gatewayv2_stage_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_api_gatewayv2_stage_1 -Title: "List all AWS API Gateway Stages with Trace Data Disabled" -Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stage_name, - api_id, - default_route_data_trace_enabled - from - aws_api_gatewayv2_stage - where - not default_route_data_trace_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_stage_2.yaml.bak b/queries/aws_api_gatewayv2_stage_2.yaml.bak deleted file mode 100755 index 2bf068e2c..000000000 --- a/queries/aws_api_gatewayv2_stage_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_api_gatewayv2_stage_2 -Title: "Find AWS API Gateway Stages and Details" -Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stage_name, - api_id, - default_route_data_trace_enabled, - default_route_detailed_metrics_enabled, - default_route_throttling_burst_limit, - default_route_throttling_rate_limit - from - aws_api_gatewayv2_stage; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_stage_3.yaml.bak b/queries/aws_api_gatewayv2_stage_3.yaml.bak deleted file mode 100755 index ccac682bc..000000000 --- a/queries/aws_api_gatewayv2_stage_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_api_gatewayv2_stage_3 -Title: "List all AWS API Gateway Stages and Details" -Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - api_id, - count(stage_name) stage_count - from - aws_api_gatewayv2_stage - group by - api_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_api_gatewayv2_stage_4.yaml.bak b/queries/aws_api_gatewayv2_stage_4.yaml.bak deleted file mode 100755 index 6a1304c13..000000000 --- a/queries/aws_api_gatewayv2_stage_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_api_gatewayv2_stage_4 -Title: "Find AWS API Gateway Stages and Details using SQL" -Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stage_name, - api_id, - default_route_data_trace_enabled, - jsonb_pretty(access_log_settings) as access_log_settings - from - aws_api_gatewayv2_stage; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - API Gateway diff --git a/queries/aws_app_runner_service_1.yaml.bak b/queries/aws_app_runner_service_1.yaml.bak deleted file mode 100755 index ee84309a1..000000000 --- a/queries/aws_app_runner_service_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_app_runner_service_1 -Title: "Find all AWS App Runner Services with configurations" -Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - region, - created_at, - updated_at - from - aws_app_runner_service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - App Runner diff --git a/queries/aws_app_runner_service_2.yaml.bak b/queries/aws_app_runner_service_2.yaml.bak deleted file mode 100755 index 1736430aa..000000000 --- a/queries/aws_app_runner_service_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_app_runner_service_2 -Title: "List all AWS App Runner Services with Network Configurations" -Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - network_configuration - from - aws_app_runner_service - where - (network_configuration -> 'EgressConfiguration' ->> 'VpcConnectorArn') is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - App Runner diff --git a/queries/aws_app_runner_service_3.yaml.bak b/queries/aws_app_runner_service_3.yaml.bak deleted file mode 100755 index 5c57679a0..000000000 --- a/queries/aws_app_runner_service_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_app_runner_service_3 -Title: "List all AWS App Runner Services with Auto Scaling Info" -Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - auto_scaling_configuration_summary - from - aws_app_runner_service - where - jsonb_path_exists(auto_scaling_configuration_summary, '$.AutoScalingConfigurationArn'); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - App Runner diff --git a/queries/aws_app_runner_service_4.yaml.bak b/queries/aws_app_runner_service_4.yaml.bak deleted file mode 100755 index 79492e2ad..000000000 --- a/queries/aws_app_runner_service_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_app_runner_service_4 -Title: "Find all AWS App Runner services and configurations" -Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - observability_configuration - from - aws_app_runner_service - where - (observability_configuration ->> 'ObservabilityConfigurationArn') is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - App Runner diff --git a/queries/aws_app_runner_service_5.yaml.bak b/queries/aws_app_runner_service_5.yaml.bak deleted file mode 100755 index 69bc84be1..000000000 --- a/queries/aws_app_runner_service_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_app_runner_service_5 -Title: "List All AWS App Runner Services with Configs and Networking" -Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - created_at - from - aws_app_runner_service - where - created_at >= '2023-01-01T00:00:00Z' and created_at <= '2023-12-31T23:59:59Z'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - App Runner diff --git a/queries/aws_app_runner_service_6.yaml.bak b/queries/aws_app_runner_service_6.yaml.bak deleted file mode 100755 index a1a5cd222..000000000 --- a/queries/aws_app_runner_service_6.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_app_runner_service_6 -Title: "Find AWS App Runner Service Details and Configurations" -Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - service_url - from - aws_app_runner_service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - App Runner diff --git a/queries/aws_appautoscaling_policy_1.yaml.bak b/queries/aws_appautoscaling_policy_1.yaml.bak deleted file mode 100755 index 6409ea28a..000000000 --- a/queries/aws_appautoscaling_policy_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_appautoscaling_policy_1 -Title: "List AWS Application Auto Scaling Policies Configuration" -Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_namespace, - scalable_dimension, - policy_type, - resource_id, - creation_time - from - aws_appautoscaling_policy - where - service_namespace = 'ecs'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Application Auto Scaling diff --git a/queries/aws_appautoscaling_policy_1.yaml.bak.bak b/queries/aws_appautoscaling_policy_1.yaml.bak.bak deleted file mode 100755 index 6409ea28a..000000000 --- a/queries/aws_appautoscaling_policy_1.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_appautoscaling_policy_1 -Title: "List AWS Application Auto Scaling Policies Configuration" -Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_namespace, - scalable_dimension, - policy_type, - resource_id, - creation_time - from - aws_appautoscaling_policy - where - service_namespace = 'ecs'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Application Auto Scaling diff --git a/queries/aws_appautoscaling_policy_2.yaml.bak b/queries/aws_appautoscaling_policy_2.yaml.bak deleted file mode 100755 index 851a684bc..000000000 --- a/queries/aws_appautoscaling_policy_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_appautoscaling_policy_2 -Title: "Find AWS Application Auto Scaling Policies Configuration" -Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_id, - policy_type - from - aws_appautoscaling_policy - where - service_namespace = 'ecs' - and policy_type = 'StepScaling'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Application Auto Scaling diff --git a/queries/aws_appautoscaling_policy_3.yaml.bak b/queries/aws_appautoscaling_policy_3.yaml.bak deleted file mode 100755 index 8aa2297f4..000000000 --- a/queries/aws_appautoscaling_policy_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_appautoscaling_policy_3 -Title: "Find AWS Auto Scaling Policies for ECS Resources" -Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_id, - policy_type - from - aws_appautoscaling_policy - where - service_namespace = 'ecs' - and creation_time > now() - interval '30 days'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Application Auto Scaling diff --git a/queries/aws_appautoscaling_policy_4.yaml.bak b/queries/aws_appautoscaling_policy_4.yaml.bak deleted file mode 100755 index 9e48d4911..000000000 --- a/queries/aws_appautoscaling_policy_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_appautoscaling_policy_4 -Title: "Find all AWS Auto Scaling Policies and Configurations" -Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_id, - policy_type, - jsonb_array_elements(alarms) -> 'AlarmName' as alarm_name - from - aws_appautoscaling_policy - where - service_namespace = 'ecs'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Application Auto Scaling diff --git a/queries/aws_appautoscaling_policy_5.yaml.bak b/queries/aws_appautoscaling_policy_5.yaml.bak deleted file mode 100755 index b702434b1..000000000 --- a/queries/aws_appautoscaling_policy_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_appautoscaling_policy_5 -Title: "List AWS App Auto Scaling Policies and Configurations" -Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_id, - policy_type, - step_scaling_policy_configuration - from - aws_appautoscaling_policy - where - service_namespace = 'ecs' - and policy_type = 'StepScaling'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Application Auto Scaling diff --git a/queries/aws_appautoscaling_target_1.yaml.bak b/queries/aws_appautoscaling_target_1.yaml.bak deleted file mode 100755 index b972af859..000000000 --- a/queries/aws_appautoscaling_target_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_appautoscaling_target_1 -Title: "Find AWS Application Auto Scaling Targets using SQL" -Description: "Allows users to query AWS Application Auto Scaling Targets. This table provides information about each target, including the service namespace, scalable dimension, resource ID, and the associated scaling policies." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_namespace, - scalable_dimension, - resource_id, - creation_time - from - aws_appautoscaling_target - where - service_namespace = 'dynamodb'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Application Auto Scaling diff --git a/queries/aws_appautoscaling_target_2.yaml.bak b/queries/aws_appautoscaling_target_2.yaml.bak deleted file mode 100755 index 70e033d75..000000000 --- a/queries/aws_appautoscaling_target_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_appautoscaling_target_2 -Title: "Find AWS Application Auto Scaling Targets Details" -Description: "Allows users to query AWS Application Auto Scaling Targets. This table provides information about each target, including the service namespace, scalable dimension, resource ID, and the associated scaling policies." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_id, - scalable_dimension - from - aws_appautoscaling_target - where - service_namespace = 'dynamodb' - and scalable_dimension = 'dynamodb:table:ReadCapacityUnits' - or scalable_dimension = 'dynamodb:table:WriteCapacityUnits'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Application Auto Scaling diff --git a/queries/aws_appconfig_application_1.yaml.bak b/queries/aws_appconfig_application_1.yaml.bak deleted file mode 100755 index 897a88f04..000000000 --- a/queries/aws_appconfig_application_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_appconfig_application_1 -Title: "Find AWS AppConfig Application Details" -Description: "Allows users to query AWS AppConfig Applications to gather detailed information about each application, including its name, description, associated environments, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - id, - name, - description, - tags - from - aws_appconfig_application; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AppConfig diff --git a/queries/aws_appstream_fleet_1.yaml.bak b/queries/aws_appstream_fleet_1.yaml.bak deleted file mode 100755 index eed447288..000000000 --- a/queries/aws_appstream_fleet_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_appstream_fleet_1 -Title: "List all AWS AppStream Fleets with detailed information" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - instance_type, - description, - created_time, - display_name, - state, - directory_name, - enable_default_internet_access - from - aws_appstream_fleet; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_fleet_1.yaml.bak.bak b/queries/aws_appstream_fleet_1.yaml.bak.bak deleted file mode 100755 index eed447288..000000000 --- a/queries/aws_appstream_fleet_1.yaml.bak.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_appstream_fleet_1 -Title: "List all AWS AppStream Fleets with detailed information" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - instance_type, - description, - created_time, - display_name, - state, - directory_name, - enable_default_internet_access - from - aws_appstream_fleet; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_fleet_10.yaml.bak b/queries/aws_appstream_fleet_10.yaml.bak deleted file mode 100755 index caf01f5e6..000000000 --- a/queries/aws_appstream_fleet_10.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_appstream_fleet_10 -Title: "List all AWS AppStream Fleets with State and Details" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - state, - created_time, - description - from - aws_appstream_fleet - where - state = 'RUNNING'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_fleet_2.yaml.bak b/queries/aws_appstream_fleet_2.yaml.bak deleted file mode 100755 index 5afc94ddb..000000000 --- a/queries/aws_appstream_fleet_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_appstream_fleet_2 -Title: "List all AWS AppStream Fleets with Detailed Information" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - instance_type, - description, - created_time, - display_name, - state, - enable_default_internet_access - from - aws_appstream_fleet - where enable_default_internet_access; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_fleet_3.yaml.bak b/queries/aws_appstream_fleet_3.yaml.bak deleted file mode 100755 index d7ab5acdf..000000000 --- a/queries/aws_appstream_fleet_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_appstream_fleet_3 -Title: "List all AWS AppStream Fleets with Details" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - fleet_type, - instance_type, - display_name, - image_arn, - image_name - from - aws_appstream_fleet - where - fleet_type = 'ON_DEMAND'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_fleet_4.yaml.bak b/queries/aws_appstream_fleet_4.yaml.bak deleted file mode 100755 index 4bcfcf0ca..000000000 --- a/queries/aws_appstream_fleet_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_appstream_fleet_4 -Title: "List all AWS AppStream Fleets and their details" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - display_name, - enable_default_internet_access, - max_concurrent_sessions, - max_user_duration_in_seconds - from - aws_appstream_fleet - where - created_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_fleet_5.yaml.bak b/queries/aws_appstream_fleet_5.yaml.bak deleted file mode 100755 index dc4787519..000000000 --- a/queries/aws_appstream_fleet_5.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_appstream_fleet_5 -Title: "Find AWS AppStream Fleets and Detailed Stack Info" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.name, - f.created_time, - f.display_name, - f.image_arn, - i.base_image_arn, - i.image_builder_name, - i.visibility - from - aws_appstream_fleet as f, - aws_appstream_image as i - where - i.arn = f.image_arn - and - i.visibility = 'PRIVATE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_fleet_6.yaml.bak b/queries/aws_appstream_fleet_6.yaml.bak deleted file mode 100755 index e379743d5..000000000 --- a/queries/aws_appstream_fleet_6.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_appstream_fleet_6 -Title: "List AWS AppStream Fleet details including state and type" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - compute_capacity_status ->> 'Available' as available, - compute_capacity_status ->> 'Desired' as desired, - compute_capacity_status ->> 'InUse' as in_use, - compute_capacity_status ->> 'Running' as running - from - aws_appstream_fleet; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS AppStream diff --git a/queries/aws_appstream_fleet_7.yaml.bak b/queries/aws_appstream_fleet_7.yaml.bak deleted file mode 100755 index 7d59d2b69..000000000 --- a/queries/aws_appstream_fleet_7.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_appstream_fleet_7 -Title: "Find AWS AppStream Fleet Details Including State and Instance Type" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - e ->> 'ErrorCode' as error_code, - e ->> 'ErrorMessage' as error_message - from - aws_appstream_fleet, - jsonb_array_elements(fleet_errors) as e; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_fleet_8.yaml.bak b/queries/aws_appstream_fleet_8.yaml.bak deleted file mode 100755 index 4ba094296..000000000 --- a/queries/aws_appstream_fleet_8.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_appstream_fleet_8 -Title: "Find All AWS AppStream Fleet Details and States" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - vpc_config -> 'SecurityGroupIds' as security_group_ids, - vpc_config -> 'SubnetIds' as subnet_ids - from - aws_appstream_fleet; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS AppStream Fleet diff --git a/queries/aws_appstream_fleet_9.yaml.bak b/queries/aws_appstream_fleet_9.yaml.bak deleted file mode 100755 index 6eecb5e5e..000000000 --- a/queries/aws_appstream_fleet_9.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_appstream_fleet_9 -Title: "List AWS AppStream Fleet Details by Instance Type" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - instance_type, - Count(instance_type) as number_of_fleets - from - aws_appstream_fleet - group by - instance_type, - name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_image_1.yaml.bak b/queries/aws_appstream_image_1.yaml.bak deleted file mode 100755 index f1b12f6ee..000000000 --- a/queries/aws_appstream_image_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_appstream_image_1 -Title: "List AWS AppStream Images and Metadata" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - base_image_arn, - description, - created_time, - display_name, - image_builder_name, - tags - from - aws_appstream_image; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_image_2.yaml.bak b/queries/aws_appstream_image_2.yaml.bak deleted file mode 100755 index 39e642fa6..000000000 --- a/queries/aws_appstream_image_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_appstream_image_2 -Title: "Find AWS AppStream Images and Their Properties" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - display_name, - platform, - state - from - aws_appstream_image - where - state = 'AVAILABLE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_image_3.yaml.bak b/queries/aws_appstream_image_3.yaml.bak deleted file mode 100755 index 88148c725..000000000 --- a/queries/aws_appstream_image_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_appstream_image_3 -Title: "Find all AWS AppStream Image Details and Metadata" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - base_image_arn, - display_name, - image_builder_supported, - image_builder_name - from - aws_appstream_image - where - platform = 'WINDOWS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_image_4.yaml.bak b/queries/aws_appstream_image_4.yaml.bak deleted file mode 100755 index fc8855023..000000000 --- a/queries/aws_appstream_image_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_appstream_image_4 -Title: "List all AWS AppStream Image properties and states" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - base_image_arn, - display_name, - image_builder_supported, - image_builder_name - from - aws_appstream_image - where - image_builder_supported; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_image_5.yaml.bak b/queries/aws_appstream_image_5.yaml.bak deleted file mode 100755 index bbb1d915d..000000000 --- a/queries/aws_appstream_image_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_appstream_image_5 -Title: "Find AWS AppStream Images and Their States" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - base_image_arn, - display_name, - image_builder_name, - visibility - from - aws_appstream_image - where - visibility = 'PRIVATE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_image_6.yaml.bak b/queries/aws_appstream_image_6.yaml.bak deleted file mode 100755 index ede2c6419..000000000 --- a/queries/aws_appstream_image_6.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: aws_appstream_image_6 -Title: "List AWS AppStream Images and Metadata" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - a ->> 'AppBlockArn' as app_block_arn, - a ->> 'Arn' as app_arn, - a ->> 'CreatedTime' as app_created_time, - a ->> 'Description' as app_description, - a ->> 'DisplayName' as app_display_name, - a ->> 'Enabled' as app_enabled, - a ->> 'IconS3Location' as app_icon_s3_location, - a ->> 'IconURL' as app_icon_url, - a ->> 'InstanceFamilies' as app_instance_families, - a ->> 'LaunchParameters' as app_launch_parameters, - a ->> 'LaunchPath' as app_launch_path, - a ->> 'Name' as app_name, - a ->> 'Platforms' as app_platforms, - a ->> 'WorkingDirectory' as app_WorkingDirectory - from - aws_appstream_image, - jsonb_array_elements(applications) as a; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_image_7.yaml.bak b/queries/aws_appstream_image_7.yaml.bak deleted file mode 100755 index e5dab4cfa..000000000 --- a/queries/aws_appstream_image_7.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_appstream_image_7 -Title: "Find AWS AppStream Images Properties and States" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - image_permissions ->> 'AllowFleet' as allow_fleet, - image_permissions ->> 'AllowImageBuilder' as allow_image_builder - from - aws_appstream_image; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_image_7.yaml.bak.bak b/queries/aws_appstream_image_7.yaml.bak.bak deleted file mode 100755 index e5dab4cfa..000000000 --- a/queries/aws_appstream_image_7.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_appstream_image_7 -Title: "Find AWS AppStream Images Properties and States" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - image_permissions ->> 'AllowFleet' as allow_fleet, - image_permissions ->> 'AllowImageBuilder' as allow_image_builder - from - aws_appstream_image; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appstream_image_8.yaml.bak b/queries/aws_appstream_image_8.yaml.bak deleted file mode 100755 index 5891cd861..000000000 --- a/queries/aws_appstream_image_8.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_appstream_image_8 -Title: "List AWS AppStream Images and Their Error Details" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - e ->> 'ErrorCode' as error_code, - e ->> 'ErrorMessage' as error_message, - e ->> 'ErrorTimestamp' as error_timestamp - from - aws_appstream_image, - jsonb_array_elements(image_errors) as e; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppStream diff --git a/queries/aws_appsync_graphql_api_1.yaml.bak b/queries/aws_appsync_graphql_api_1.yaml.bak deleted file mode 100755 index d6cde68ea..000000000 --- a/queries/aws_appsync_graphql_api_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_appsync_graphql_api_1 -Title: "Find details of AWS AppSync GraphQL APIs using SQL" -Description: "Allows users to query AppSync GraphQL APIs to retrieve detailed information about each individual GraphQL API." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - arn, - api_type, - authentication_type, - owner, - owner_contact - from - aws_appsync_graphql_api - where - api_type = 'MERGED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AppSync diff --git a/queries/aws_appsync_graphql_api_2.yaml.bak b/queries/aws_appsync_graphql_api_2.yaml.bak deleted file mode 100755 index c83fbabad..000000000 --- a/queries/aws_appsync_graphql_api_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_appsync_graphql_api_2 -Title: "List all AWS AppSync GraphQL API details" -Description: "Allows users to query AppSync GraphQL APIs to retrieve detailed information about each individual GraphQL API." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - api_type, - visibility - from - aws_appsync_graphql_api - where - visibility = 'GLOBAL' - and owner = account_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AppSync diff --git a/queries/aws_appsync_graphql_api_3.yaml.bak b/queries/aws_appsync_graphql_api_3.yaml.bak deleted file mode 100755 index eff716851..000000000 --- a/queries/aws_appsync_graphql_api_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_appsync_graphql_api_3 -Title: "Find AWS AppSync GraphQL API Details" -Description: "Allows users to query AppSync GraphQL APIs to retrieve detailed information about each individual GraphQL API." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - owner, - log_config ->> 'CloudWatchLogsRoleArn' as cloud_watch_logs_role_arn, - log_config ->> 'FieldLogLevel' as field_log_level, - log_config ->> 'ExcludeVerboseContent' as exclude_verbose_content - from - aws_appsync_graphql_api; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AppSync diff --git a/queries/aws_athena_query_execution_1.yaml.bak b/queries/aws_athena_query_execution_1.yaml.bak deleted file mode 100755 index 994555ebe..000000000 --- a/queries/aws_athena_query_execution_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_athena_query_execution_1 -Title: "List AWS Athena Queries with Errors" -Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - query, - error_message, - error_type - from - aws_athena_query_execution - where - error_message is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Athena diff --git a/queries/aws_athena_query_execution_2.yaml.bak b/queries/aws_athena_query_execution_2.yaml.bak deleted file mode 100755 index a73fb4dbe..000000000 --- a/queries/aws_athena_query_execution_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_athena_query_execution_2 -Title: "Find AWS Athena Query Executions Detailed Information" -Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workgroup, - sum(data_scanned_in_bytes) - from - aws_athena_query_execution - group by - workgroup; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Athena diff --git a/queries/aws_athena_query_execution_3.yaml.bak b/queries/aws_athena_query_execution_3.yaml.bak deleted file mode 100755 index 432c5dc7f..000000000 --- a/queries/aws_athena_query_execution_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_athena_query_execution_3 -Title: "Find AWS Athena Query Executions with Execution Time" -Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - query, - workgroup, - engine_execution_time_in_millis - from - aws_athena_query_execution - order by - engine_execution_time_in_millis limit 5; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Athena diff --git a/queries/aws_athena_query_execution_3.yaml.bak.bak b/queries/aws_athena_query_execution_3.yaml.bak.bak deleted file mode 100755 index 432c5dc7f..000000000 --- a/queries/aws_athena_query_execution_3.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_athena_query_execution_3 -Title: "Find AWS Athena Query Executions with Execution Time" -Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - query, - workgroup, - engine_execution_time_in_millis - from - aws_athena_query_execution - order by - engine_execution_time_in_millis limit 5; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Athena diff --git a/queries/aws_athena_query_execution_4.yaml.bak b/queries/aws_athena_query_execution_4.yaml.bak deleted file mode 100755 index c120b00bf..000000000 --- a/queries/aws_athena_query_execution_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_athena_query_execution_4 -Title: "Find top AWS Athena query executions" -Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database, - count(id) as nb_query - from - aws_athena_query_execution - group by - database - order by - nb_query limit 5; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Athena diff --git a/queries/aws_athena_workgroup_1.yaml.bak b/queries/aws_athena_workgroup_1.yaml.bak deleted file mode 100755 index 0f93970da..000000000 --- a/queries/aws_athena_workgroup_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_athena_workgroup_1 -Title: "List all AWS Athena Workgroup details and creation time" -Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - effective_engine_version, - output_location, - creation_time - from - aws_athena_workgroup - order by - creation_time; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Athena diff --git a/queries/aws_athena_workgroup_2.yaml.bak b/queries/aws_athena_workgroup_2.yaml.bak deleted file mode 100755 index d4a764ba0..000000000 --- a/queries/aws_athena_workgroup_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_athena_workgroup_2 -Title: "Find AWS Athena Workgroup Details Including Name and State" -Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description - from - aws_athena_workgroup - where - effective_engine_version = 'Athena engine version 3'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Athena Workgroup diff --git a/queries/aws_athena_workgroup_2.yaml.bak.bak b/queries/aws_athena_workgroup_2.yaml.bak.bak deleted file mode 100755 index d4a764ba0..000000000 --- a/queries/aws_athena_workgroup_2.yaml.bak.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_athena_workgroup_2 -Title: "Find AWS Athena Workgroup Details Including Name and State" -Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description - from - aws_athena_workgroup - where - effective_engine_version = 'Athena engine version 3'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Athena Workgroup diff --git a/queries/aws_athena_workgroup_3.yaml.bak b/queries/aws_athena_workgroup_3.yaml.bak deleted file mode 100755 index f2d8540a7..000000000 --- a/queries/aws_athena_workgroup_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_athena_workgroup_3 -Title: "List AWS Athena Workgroup details including state" -Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - region, - count(*) - from - aws_athena_workgroup - group by - region; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Athena diff --git a/queries/aws_athena_workgroup_4.yaml.bak b/queries/aws_athena_workgroup_4.yaml.bak deleted file mode 100755 index 161dcf9f4..000000000 --- a/queries/aws_athena_workgroup_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_athena_workgroup_4 -Title: "List all AWS Athena Workgroup details using SQL" -Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - creation_time - from - aws_athena_workgroup - where - state = 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Athena diff --git a/queries/aws_auditmanager_assessment_1.yaml.bak b/queries/aws_auditmanager_assessment_1.yaml.bak deleted file mode 100755 index 1d2d3eda9..000000000 --- a/queries/aws_auditmanager_assessment_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_auditmanager_assessment_1 -Title: "List all AWS Audit Manager Assessments" -Description: "Allows users to query AWS Audit Manager Assessments to retrieve detailed information about each assessment." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - compliance_type - from - aws_auditmanager_assessment; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Audit Manager diff --git a/queries/aws_auditmanager_assessment_2.yaml.bak b/queries/aws_auditmanager_assessment_2.yaml.bak deleted file mode 100755 index bdf4325b9..000000000 --- a/queries/aws_auditmanager_assessment_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_auditmanager_assessment_2 -Title: "Find all AWS Audit Manager Assessment details" -Description: "Allows users to query AWS Audit Manager Assessments to retrieve detailed information about each assessment." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.name, - a.arn, - a.assessment_report_destination, - a.assessment_report_destination_type, - b.bucket_policy_is_public as is_public_bucket - from - aws_auditmanager_assessment as a - join aws_s3_bucket as b on a.assessment_report_destination = 's3://' || b.Name and b.bucket_policy_is_public; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Audit Manager diff --git a/queries/aws_auditmanager_assessment_3.yaml.bak b/queries/aws_auditmanager_assessment_3.yaml.bak deleted file mode 100755 index c1c580012..000000000 --- a/queries/aws_auditmanager_assessment_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_auditmanager_assessment_3 -Title: "List all AWS Audit Manager assessments information" -Description: "Allows users to query AWS Audit Manager Assessments to retrieve detailed information about each assessment." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status - from - aws_auditmanager_assessment - where - status <> 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Audit Manager diff --git a/queries/aws_auditmanager_control_1.yaml.bak b/queries/aws_auditmanager_control_1.yaml.bak deleted file mode 100755 index 33f741ca5..000000000 --- a/queries/aws_auditmanager_control_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_auditmanager_control_1 -Title: "List all AWS Audit Manager Controls with Details" -Description: "Allows users to query AWS Audit Manager Control data, providing information about controls within AWS Audit Manager. This table enables users to access detailed information about controls, such as control source, control type, description, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - description, - type - from - aws_auditmanager_control; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Audit Manager diff --git a/queries/aws_auditmanager_control_2.yaml.bak b/queries/aws_auditmanager_control_2.yaml.bak deleted file mode 100755 index a2bec18d0..000000000 --- a/queries/aws_auditmanager_control_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_auditmanager_control_2 -Title: "List AWS Audit Manager Control Data" -Description: "Allows users to query AWS Audit Manager Control data, providing information about controls within AWS Audit Manager. This table enables users to access detailed information about controls, such as control source, control type, description, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - type - from - aws_auditmanager_control - where - type = 'Custom'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Audit Manager diff --git a/queries/aws_auditmanager_evidence_1.yaml.bak b/queries/aws_auditmanager_evidence_1.yaml.bak deleted file mode 100755 index 514cf3f0c..000000000 --- a/queries/aws_auditmanager_evidence_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_auditmanager_evidence_1 -Title: "Find AWS Audit Manager Evidence with Detailed Info" -Description: "Allows users to query AWS Audit Manager Evidence, providing detailed information about evidence resources associated with assessments in AWS Audit Manager." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - evidence_folder_id, - evidence_by_type, - iam_id, - control_set_id - from - aws_auditmanager_evidence; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Audit Manager diff --git a/queries/aws_auditmanager_evidence_2.yaml.bak b/queries/aws_auditmanager_evidence_2.yaml.bak deleted file mode 100755 index 220160a70..000000000 --- a/queries/aws_auditmanager_evidence_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_auditmanager_evidence_2 -Title: "List all evidence resources in AWS Audit Manager" -Description: "Allows users to query AWS Audit Manager Evidence, providing detailed information about evidence resources associated with assessments in AWS Audit Manager." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - evidence_folder_id, - count(id) as evidence_count - from - aws_auditmanager_evidence - group by - evidence_folder_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Audit Manager diff --git a/queries/aws_auditmanager_evidence_folder_1.yaml.bak b/queries/aws_auditmanager_evidence_folder_1.yaml.bak deleted file mode 100755 index 7c2723fcf..000000000 --- a/queries/aws_auditmanager_evidence_folder_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_auditmanager_evidence_folder_1 -Title: "List all AWS Audit Manager Evidence Folders" -Description: "Allows users to query AWS Audit Manager Evidence Folders to get comprehensive details about the evidence folders in the AWS Audit Manager service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - assessment_id, - control_set_id, - control_id, - total_evidence - from - aws_auditmanager_evidence_folder; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Audit Manager diff --git a/queries/aws_auditmanager_evidence_folder_2.yaml.bak b/queries/aws_auditmanager_evidence_folder_2.yaml.bak deleted file mode 100755 index 6ef19366d..000000000 --- a/queries/aws_auditmanager_evidence_folder_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_auditmanager_evidence_folder_2 -Title: "List all Evidence Folders in AWS Audit Manager" -Description: "Allows users to query AWS Audit Manager Evidence Folders to get comprehensive details about the evidence folders in the AWS Audit Manager service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - assessment_id, - count(id) as evidence_folder_count - from - aws_auditmanager_evidence_folder - group by - assessment_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Audit Manager diff --git a/queries/aws_auditmanager_framework_1.yaml.bak b/queries/aws_auditmanager_framework_1.yaml.bak deleted file mode 100755 index 86dba5926..000000000 --- a/queries/aws_auditmanager_framework_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_auditmanager_framework_1 -Title: "Find all AWS Audit Manager Frameworks" -Description: "Allows users to query AWS Audit Manager Frameworks" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - id, - type - from - aws_auditmanager_framework; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Audit Manager diff --git a/queries/aws_auditmanager_framework_2.yaml.bak b/queries/aws_auditmanager_framework_2.yaml.bak deleted file mode 100755 index 0e2aeef58..000000000 --- a/queries/aws_auditmanager_framework_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_auditmanager_framework_2 -Title: "Find AWS Audit Manager Frameworks with SQL" -Description: "Allows users to query AWS Audit Manager Frameworks" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - id, - type - from - aws_auditmanager_framework - where - type = 'Custom'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Audit Manager diff --git a/queries/aws_availability_zone_1.yaml.bak b/queries/aws_availability_zone_1.yaml.bak deleted file mode 100755 index 854e7a9a0..000000000 --- a/queries/aws_availability_zone_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_availability_zone_1 -Title: "List all EC2 Availability Zones with Details" -Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - zone_id, - zone_type, - group_name, - region_name - from - aws_availability_zone; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_availability_zone_2.yaml.bak b/queries/aws_availability_zone_2.yaml.bak deleted file mode 100755 index 3ded35598..000000000 --- a/queries/aws_availability_zone_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_availability_zone_2 -Title: "List all EC2 Availability Zones details in AWS" -Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - region_name, - count(name) as zone_count - from - aws_availability_zone - group by - region_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_availability_zone_2.yaml.bak.bak b/queries/aws_availability_zone_2.yaml.bak.bak deleted file mode 100755 index 3ded35598..000000000 --- a/queries/aws_availability_zone_2.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_availability_zone_2 -Title: "List all EC2 Availability Zones details in AWS" -Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - region_name, - count(name) as zone_count - from - aws_availability_zone - group by - region_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_availability_zone_3.yaml.bak b/queries/aws_availability_zone_3.yaml.bak deleted file mode 100755 index c0a7de13a..000000000 --- a/queries/aws_availability_zone_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_availability_zone_3 -Title: "List all EC2 Availability Zones with details in AWS" -Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - zone_id, - region_name, - opt_in_status - from - aws_availability_zone - where - opt_in_status = 'not-opted-in'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_backup_framework_1.yaml.bak b/queries/aws_backup_framework_1.yaml.bak deleted file mode 100755 index 9cdebf56b..000000000 --- a/queries/aws_backup_framework_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_backup_framework_1 -Title: "List AWS Backup Frameworks with Comprehensive Details" -Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_id, - arn, - creation_time, - deployment_status, - framework_controls, - framework_description,framework_name, - framework_status, - number_of_controls, - region, - tags - from - aws_backup_framework; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_framework_2.yaml.bak b/queries/aws_backup_framework_2.yaml.bak deleted file mode 100755 index cfa209e21..000000000 --- a/queries/aws_backup_framework_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_backup_framework_2 -Title: "List all AWS Backup Frameworks and Detailed Information" -Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - framework_name, - arn, - creation_time, - number_of_controls - from - aws_backup_framework - where - creation_time >= (current_date - interval '90' day) - order by - creation_time; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_framework_3.yaml.bak b/queries/aws_backup_framework_3.yaml.bak deleted file mode 100755 index 9aedfbede..000000000 --- a/queries/aws_backup_framework_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_backup_framework_3 -Title: "List AWS Backup Frameworks and Detailed Plans" -Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - framework_name - from - aws_backup_framework, - jsonb_array_elements(framework_controls) as controls - where - controls ->> 'ControlName' = 'BACKUP_RESOURCES_PROTECTED_BY_BACKUP_VAULT_LOCK'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_framework_4.yaml.bak b/queries/aws_backup_framework_4.yaml.bak deleted file mode 100755 index d70e97b98..000000000 --- a/queries/aws_backup_framework_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_backup_framework_4 -Title: "Find AWS Backup Frameworks and Retrieve Comprehensive Data" -Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - framework_name, - controls ->> 'ControlName' as control_name, - control_scope - from - aws_backup_framework, - jsonb_array_elements(framework_controls) as controls, - json_array_elements_text(coalesce(controls -> 'ControlScope' ->> 'ComplianceResourceTypes', '[""]')::json) as control_scope - where - framework_name = 'framework_name'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_framework_5.yaml.bak b/queries/aws_backup_framework_5.yaml.bak deleted file mode 100755 index 78b21f858..000000000 --- a/queries/aws_backup_framework_5.yaml.bak +++ /dev/null @@ -1,49 +0,0 @@ -ID: aws_backup_framework_5 -Title: "Find AWS Backup Frameworks and Compliance Types" -Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_name, - compliance_result -> 'Compliance' ->> 'ComplianceType' as compliance_type, - compliance_result -> 'Compliance' -> 'ComplianceContributorCount' ->> 'CappedCount' as count_of_noncompliant_resources - from - aws_config_rule - inner join - ( - -- The sub-query will create the AWS Config rule name from information stored in the AWS Backup framework table. - select - case when framework_information.control_scope = '' then concat(framework_information.control_name, '-', framework_information.framework_uuid) - else concat(upper(framework_information.control_scope), '-', framework_information.control_name, '-', framework_information.framework_uuid) - end as rule_name - from - ( - select - framework_name, - controls ->> 'ControlName' as control_name, - control_scope, - right(arn, 36) as framework_uuid - from - aws_backup_framework, - jsonb_array_elements(framework_controls) as controls, - json_array_elements_text(coalesce(controls -> 'ControlScope' ->> 'ComplianceResourceTypes', '[""]')::json) as control_scope - ) as framework_information - ) as backup_framework - on - aws_config_rule.name = backup_framework.rule_name, - jsonb_array_elements(compliance_by_config_rule) as compliance_result - where - compliance_result -> 'Compliance' ->> 'ComplianceType' = 'NON_COMPLIANT'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_framework_6.yaml.bak b/queries/aws_backup_framework_6.yaml.bak deleted file mode 100755 index 6c368ee6d..000000000 --- a/queries/aws_backup_framework_6.yaml.bak +++ /dev/null @@ -1,50 +0,0 @@ -ID: aws_backup_framework_6 -Title: "Find AWS Backup Frameworks with Compliance Status" -Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_name, - compliance_result -> 'Compliance' ->> 'ComplianceType' as compliance_type - from - aws_config_rule - inner join - ( - -- The sub-query will create the AWS Config rule name from information stored in the AWS Backup framework table. - select - case when framework_information.control_scope = '' then concat(framework_information.control_name, '-', framework_information.framework_uuid) - else concat(upper(framework_information.control_scope), '-', framework_information.control_name, '-', framework_information.framework_uuid) - end as rule_name - from - ( - select - framework_name, - controls ->> 'ControlName' as control_name, - control_scope, - right(arn, 36) as framework_uuid - from - aws_backup_framework, - jsonb_array_elements(framework_controls) as controls, - json_array_elements_text(coalesce(controls -> 'ControlScope' ->> 'ComplianceResourceTypes', '[""]')::json) as control_scope - ) as framework_information - ) as backup_framework - on - aws_config_rule.name = backup_framework.rule_name, - jsonb_array_elements(compliance_by_config_rule) as compliance_result - where - compliance_result -> 'Compliance' ->> 'ComplianceType' = 'COMPLIANT'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_job_1.yaml.bak b/queries/aws_backup_job_1.yaml.bak deleted file mode 100755 index e64694c90..000000000 --- a/queries/aws_backup_job_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_backup_job_1 -Title: "Find all AWS Backup Job details including status" -Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - job_id, - recovery_point_arn, - backup_vault_arn, - status - from - aws_backup_job - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Backup diff --git a/queries/aws_backup_job_1.yaml.bak.bak b/queries/aws_backup_job_1.yaml.bak.bak deleted file mode 100755 index e64694c90..000000000 --- a/queries/aws_backup_job_1.yaml.bak.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_backup_job_1 -Title: "Find all AWS Backup Job details including status" -Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - job_id, - recovery_point_arn, - backup_vault_arn, - status - from - aws_backup_job - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Backup diff --git a/queries/aws_backup_job_2.yaml.bak b/queries/aws_backup_job_2.yaml.bak deleted file mode 100755 index 19c6e0528..000000000 --- a/queries/aws_backup_job_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_backup_job_2 -Title: "List All Incomplete AWS Backup Jobs" -Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - job_id, - recovery_point_arn, - backup_vault_arn, - status, - current_date - from - aws_backup_job - where - status != 'COMPLETED' - and creation_date > current_date - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Backup diff --git a/queries/aws_backup_job_3.yaml.bak b/queries/aws_backup_job_3.yaml.bak deleted file mode 100755 index 7f05d4e2e..000000000 --- a/queries/aws_backup_job_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_backup_job_3 -Title: "List all AWS Backup Jobs with Status Details" -Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_type, - count(*) - from - aws_backup_job - group by - resource_type - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Backup diff --git a/queries/aws_backup_legal_hold_1.yaml.bak b/queries/aws_backup_legal_hold_1.yaml.bak deleted file mode 100755 index 9f0211b78..000000000 --- a/queries/aws_backup_legal_hold_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_backup_legal_hold_1 -Title: "List AWS Backup Legal Hold Settings" -Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - legal_hold_id, - arn, - creation_date, - cancellation_date - from - aws_backup_legal_hold; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_legal_hold_2.yaml.bak b/queries/aws_backup_legal_hold_2.yaml.bak deleted file mode 100755 index 74670c1fc..000000000 --- a/queries/aws_backup_legal_hold_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_backup_legal_hold_2 -Title: "Find AWS Backup Legal Hold Settings" -Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - legal_hold_id, - arn, - creation_date, - creation_date, - retain_record_until - from - aws_backup_legal_hold - where - creation_date <= current_date - interval '10' day - order by - creation_date; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_legal_hold_3.yaml.bak b/queries/aws_backup_legal_hold_3.yaml.bak deleted file mode 100755 index e6a6ed0ee..000000000 --- a/queries/aws_backup_legal_hold_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_backup_legal_hold_3 -Title: "List all AWS Backup Legal Hold settings" -Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - legal_hold_id, - recovery_point_selection -> 'DateRange' ->> 'ToDate' as to_date, - recovery_point_selection -> 'DateRange' ->> 'FromDate' as from_date, - recovery_point_selection -> 'VaultNames' as vault_names, - recovery_point_selection ->> 'ResourceIdentifiers' as resource_identifiers - from - aws_backup_legal_hold; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_legal_hold_3.yaml.bak.bak b/queries/aws_backup_legal_hold_3.yaml.bak.bak deleted file mode 100755 index e6a6ed0ee..000000000 --- a/queries/aws_backup_legal_hold_3.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_backup_legal_hold_3 -Title: "List all AWS Backup Legal Hold settings" -Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - legal_hold_id, - recovery_point_selection -> 'DateRange' ->> 'ToDate' as to_date, - recovery_point_selection -> 'DateRange' ->> 'FromDate' as from_date, - recovery_point_selection -> 'VaultNames' as vault_names, - recovery_point_selection ->> 'ResourceIdentifiers' as resource_identifiers - from - aws_backup_legal_hold; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_plan_1.yaml.bak b/queries/aws_backup_plan_1.yaml.bak deleted file mode 100755 index 3fc844db0..000000000 --- a/queries/aws_backup_plan_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_backup_plan_1 -Title: "Find AWS Backup Plans Information for Data Recovery" -Description: "Allows users to query AWS Backup Plan data, providing detailed information about each backup plan created within an AWS account. Useful for DevOps engineers to monitor and manage backup strategies and ensure data recovery processes are in place." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - backup_plan_id, - arn, - creation_date, - last_execution_date - from - aws_backup_plan; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_plan_2.yaml.bak b/queries/aws_backup_plan_2.yaml.bak deleted file mode 100755 index 42bc21027..000000000 --- a/queries/aws_backup_plan_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_backup_plan_2 -Title: "List all AWS Backup Plans and details within 90 days" -Description: "Allows users to query AWS Backup Plan data, providing detailed information about each backup plan created within an AWS account. Useful for DevOps engineers to monitor and manage backup strategies and ensure data recovery processes are in place." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - backup_plan_id, - arn, - creation_date, - last_execution_date - from - aws_backup_plan - where - creation_date <= (current_date - interval '90' day) - order by - creation_date; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup Plan diff --git a/queries/aws_backup_plan_3.yaml.bak b/queries/aws_backup_plan_3.yaml.bak deleted file mode 100755 index d3c9951a8..000000000 --- a/queries/aws_backup_plan_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_backup_plan_3 -Title: "List all AWS Backup Plans with Details" -Description: "Allows users to query AWS Backup Plan data, providing detailed information about each backup plan created within an AWS account. Useful for DevOps engineers to monitor and manage backup strategies and ensure data recovery processes are in place." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_date, - deletion_date - from - aws_backup_plan - where - deletion_date > current_date - 7 - order by - deletion_date; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Backup diff --git a/queries/aws_backup_protected_resource_1.yaml.bak b/queries/aws_backup_protected_resource_1.yaml.bak deleted file mode 100755 index 025358912..000000000 --- a/queries/aws_backup_protected_resource_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_backup_protected_resource_1 -Title: "List all AWS Backup Protected Resource details" -Description: "Allows users to query AWS Backup Protected Resources to retrieve detailed information about the resources that are backed up by AWS Backup service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_arn, - resource_type, - last_backup_time - from - aws_backup_protected_resource; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_protected_resource_2.yaml.bak b/queries/aws_backup_protected_resource_2.yaml.bak deleted file mode 100755 index acf4968cd..000000000 --- a/queries/aws_backup_protected_resource_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_backup_protected_resource_2 -Title: "Find AWS Backup Protected Resources Information" -Description: "Allows users to query AWS Backup Protected Resources to retrieve detailed information about the resources that are backed up by AWS Backup service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_arn, - resource_type, - last_backup_time - from - aws_backup_protected_resource - where - resource_type = 'EBS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_recovery_point_1.yaml.bak b/queries/aws_backup_recovery_point_1.yaml.bak deleted file mode 100755 index cb48429be..000000000 --- a/queries/aws_backup_recovery_point_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_backup_recovery_point_1 -Title: "List all AWS Backup Recovery Points in a Backup Vault" -Description: "Allows users to query AWS Backup Recovery Points to gather comprehensive information about each recovery point within an AWS Backup vault." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - backup_vault_name, - recovery_point_arn, - resource_type, - status - from - aws_backup_recovery_point; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_recovery_point_2.yaml.bak b/queries/aws_backup_recovery_point_2.yaml.bak deleted file mode 100755 index aa35a33f9..000000000 --- a/queries/aws_backup_recovery_point_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_backup_recovery_point_2 -Title: "List all AWS Backup Recovery Points in Vault" -Description: "Allows users to query AWS Backup Recovery Points to gather comprehensive information about each recovery point within an AWS Backup vault." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - backup_vault_name, - recovery_point_arn, - resource_type, - status, - is_encrypted - from - aws_backup_recovery_point - where - is_encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_recovery_point_3.yaml.bak b/queries/aws_backup_recovery_point_3.yaml.bak deleted file mode 100755 index 66d8dd836..000000000 --- a/queries/aws_backup_recovery_point_3.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_backup_recovery_point_3 -Title: "List all AWS Backup Recovery Points in a Vault" -Description: "Allows users to query AWS Backup Recovery Points to gather comprehensive information about each recovery point within an AWS Backup vault." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.backup_vault_name as backup_vault_name, - r.recovery_point_arn as recovery_point_arn, - r.resource_type as resource_type, - case - when r.resource_type = 'EBS' then ( - select tags from aws_ebs_snapshot where arn = concat( - (string_to_array(r.recovery_point_arn, '::'))[1], - ':', - r.account_id, - ':', - (string_to_array(r.recovery_point_arn, '::'))[2] - ) - ) - when r.resource_type = 'EC2' then ( - select tags from aws_ec2_ami where image_id = (string_to_array(r.recovery_point_arn, '::image/'))[2] - ) - when r.resource_type in ('S3', 'EFS') then r.tags - end as tags, - r.region, - r.account_id - from - aws_backup_recovery_point as r; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_report_plan_1.yaml.bak b/queries/aws_backup_report_plan_1.yaml.bak deleted file mode 100755 index b0de35c92..000000000 --- a/queries/aws_backup_report_plan_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_backup_report_plan_1 -Title: "List all AWS Backup Report Plan details" -Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - creation_time, - last_attempted_execution_time, - deployment_status - from - aws_backup_report_plan; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_report_plan_2.yaml.bak b/queries/aws_backup_report_plan_2.yaml.bak deleted file mode 100755 index 76751422c..000000000 --- a/queries/aws_backup_report_plan_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_backup_report_plan_2 -Title: "List all AWS Backup Report Plan data details" -Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - creation_time, - last_attempted_execution_time, - deployment_status - from - aws_backup_report_plan - where - creation_time <= (current_date - interval '90' day) - order by - creation_time; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_report_plan_3.yaml.bak b/queries/aws_backup_report_plan_3.yaml.bak deleted file mode 100755 index 6d480bce2..000000000 --- a/queries/aws_backup_report_plan_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_backup_report_plan_3 -Title: "List AWS Backup Report Plan Data with Details" -Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - creation_time, - last_attempted_execution_time, - deployment_status - from - aws_backup_report_plan - where - last_successful_execution_time > current_date - 7 - order by - last_successful_execution_time; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_report_plan_4.yaml.bak b/queries/aws_backup_report_plan_4.yaml.bak deleted file mode 100755 index c64756aed..000000000 --- a/queries/aws_backup_report_plan_4.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_backup_report_plan_4 -Title: "List AWS Backup Report Plan Data Details" -Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - creation_time, - report_setting ->> 'ReportTemplate' as report_template, - report_setting ->> 'Accounts' as accounts, - report_setting ->> 'FrameworkArns' as framework_arns, - report_setting ->> 'NumberOfFrameworks' as number_of_frameworks, - report_setting ->> 'OrganizationUnits' as organization_units, - report_setting ->> 'Regions' as regions - from - aws_backup_report_plan - where - title = 'backup_jobs_report_12_07_2023'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Backup diff --git a/queries/aws_backup_report_plan_5.yaml.bak b/queries/aws_backup_report_plan_5.yaml.bak deleted file mode 100755 index 2957b9040..000000000 --- a/queries/aws_backup_report_plan_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_backup_report_plan_5 -Title: "Query AWS Backup Report Plan Details" -Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - creation_time, - last_attempted_execution_time, - deployment_status - from - aws_backup_report_plan - where - deployment_status = 'COMPLETED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Backup Report Plan diff --git a/queries/aws_backup_report_plan_6.yaml.bak b/queries/aws_backup_report_plan_6.yaml.bak deleted file mode 100755 index 9683ed2e6..000000000 --- a/queries/aws_backup_report_plan_6.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_backup_report_plan_6 -Title: "Query AWS Backup Report Plan data with details" -Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - creation_time, - report_delivery_channel ->> 'Formats' as formats, - report_delivery_channel ->> 'S3BucketName' as s3_bucket_name, - report_delivery_channel ->> 'S3KeyPrefix' as s3_key_prefix - from - aws_backup_report_plan - where - title = 'backup_jobs_report_12_07_2023'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup Report Plan diff --git a/queries/aws_backup_selection_1.yaml.bak b/queries/aws_backup_selection_1.yaml.bak deleted file mode 100755 index b5f3e010b..000000000 --- a/queries/aws_backup_selection_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_backup_selection_1 -Title: "Find AWS Backup Selections Information" -Description: "Allows users to query AWS Backup Selections to obtain detailed information about the backup selection resources within AWS Backup service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - selection_name, - backup_plan_id, - iam_role_arn, - region, - account_id - from - aws_backup_selection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_selection_2.yaml.bak b/queries/aws_backup_selection_2.yaml.bak deleted file mode 100755 index 4007dca63..000000000 --- a/queries/aws_backup_selection_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_backup_selection_2 -Title: "List all AWS Backup Selection Details" -Description: "Allows users to query AWS Backup Selections to obtain detailed information about the backup selection resources within AWS Backup service." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with filtered_data as ( - select - backup_plan_id, - jsonb_agg(r) as assigned_resource - from - aws_backup_selection, - jsonb_array_elements(resources) as r - group by backup_plan_id - ) - select - v.volume_id, - v.region, - v.account_id - from - aws_ebs_volume as v - join filtered_data t on t.assigned_resource ?| array[v.arn]; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_selection_2.yaml.bak.bak b/queries/aws_backup_selection_2.yaml.bak.bak deleted file mode 100755 index 4007dca63..000000000 --- a/queries/aws_backup_selection_2.yaml.bak.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_backup_selection_2 -Title: "List all AWS Backup Selection Details" -Description: "Allows users to query AWS Backup Selections to obtain detailed information about the backup selection resources within AWS Backup service." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with filtered_data as ( - select - backup_plan_id, - jsonb_agg(r) as assigned_resource - from - aws_backup_selection, - jsonb_array_elements(resources) as r - group by backup_plan_id - ) - select - v.volume_id, - v.region, - v.account_id - from - aws_ebs_volume as v - join filtered_data t on t.assigned_resource ?| array[v.arn]; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_vault_1.yaml.bak b/queries/aws_backup_vault_1.yaml.bak deleted file mode 100755 index 248b24bf3..000000000 --- a/queries/aws_backup_vault_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_backup_vault_1 -Title: "Query AWS Backup Vaults for Detailed Information" -Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_date - from - aws_backup_vault; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Backup diff --git a/queries/aws_backup_vault_2.yaml.bak b/queries/aws_backup_vault_2.yaml.bak deleted file mode 100755 index 38b6938c1..000000000 --- a/queries/aws_backup_vault_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_backup_vault_2 -Title: "List all AWS Backup Vaults with Detailed Information" -Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_date - from - aws_backup_vault - where - creation_date <= (current_date - interval '90' day) - order by - creation_date; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Backup diff --git a/queries/aws_backup_vault_2.yaml.bak.bak b/queries/aws_backup_vault_2.yaml.bak.bak deleted file mode 100755 index 38b6938c1..000000000 --- a/queries/aws_backup_vault_2.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_backup_vault_2 -Title: "List all AWS Backup Vaults with Detailed Information" -Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_date - from - aws_backup_vault - where - creation_date <= (current_date - interval '90' day) - order by - creation_date; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Backup diff --git a/queries/aws_backup_vault_3.yaml.bak b/queries/aws_backup_vault_3.yaml.bak deleted file mode 100755 index 6083cbdd8..000000000 --- a/queries/aws_backup_vault_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_backup_vault_3 -Title: "Find AWS Backup Vaults with Specific Policy Details" -Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name - from - aws_backup_vault, - jsonb_array_elements(policy -> 'Statement') as s - where - s ->> 'Principal' = '*' - and s ->> 'Effect' != 'Deny' - and s ->> 'Action' like '%DeleteBackupVault%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Backup Vault diff --git a/queries/aws_backup_vault_4.yaml.bak b/queries/aws_backup_vault_4.yaml.bak deleted file mode 100755 index e82af78d7..000000000 --- a/queries/aws_backup_vault_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_backup_vault_4 -Title: "Find all AWS Backup Vaults with Details" -Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_backup_vault; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Backup diff --git a/queries/aws_cloudcontrol_resource_1.yaml.bak b/queries/aws_cloudcontrol_resource_1.yaml.bak deleted file mode 100755 index 1c4512c31..000000000 --- a/queries/aws_cloudcontrol_resource_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cloudcontrol_resource_1 -Title: "Find AWS Cloud Control API Resource Data for AWS Lambda" -Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identifier, - properties ->> 'Arn' as arn, - properties ->> 'MemorySize' as memory_size, - properties ->> 'Runtime' as runtime, - region - from - aws_cloudcontrol_resource - where - type_name = 'AWS::Lambda::Function'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cloud Control API diff --git a/queries/aws_cloudcontrol_resource_2.yaml.bak b/queries/aws_cloudcontrol_resource_2.yaml.bak deleted file mode 100755 index a6bf858c6..000000000 --- a/queries/aws_cloudcontrol_resource_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_cloudcontrol_resource_2 -Title: "Find AWS Cloud Control API Resource Data" -Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identifier, - properties ->> 'AlpnPolicy' as alpn_policy, - properties ->> 'Certificates' as certificates, - properties ->> 'Port' as port, - properties ->> 'Protocol' as protocol, - region, - account_id - from - aws_cloudcontrol_resource - where - type_name = 'AWS::ElasticLoadBalancingV2::Listener' - and resource_model = '{"LoadBalancerArn": "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/app/test-lb/4e695b8755d7003c"}' - and region = 'us-east-1'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Control diff --git a/queries/aws_cloudcontrol_resource_3.yaml.bak b/queries/aws_cloudcontrol_resource_3.yaml.bak deleted file mode 100755 index e047de6a2..000000000 --- a/queries/aws_cloudcontrol_resource_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cloudcontrol_resource_3 -Title: "Find AWS Cloud Control API Resource using SQL" -Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identifier, - properties ->> 'IncludeGlobalServiceEvents' as include_global_service_events, - properties ->> 'IsLogging' as is_logging, - properties ->> 'IsMultiRegionTrail' as is_multi_region_trail, - region - from - aws_cloudcontrol_resource - where - type_name = 'AWS::CloudTrail::Trail' - and identifier = 'my-trail'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Control API Resource diff --git a/queries/aws_cloudcontrol_resource_3.yaml.bak.bak b/queries/aws_cloudcontrol_resource_3.yaml.bak.bak deleted file mode 100755 index e047de6a2..000000000 --- a/queries/aws_cloudcontrol_resource_3.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cloudcontrol_resource_3 -Title: "Find AWS Cloud Control API Resource using SQL" -Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identifier, - properties ->> 'IncludeGlobalServiceEvents' as include_global_service_events, - properties ->> 'IsLogging' as is_logging, - properties ->> 'IsMultiRegionTrail' as is_multi_region_trail, - region - from - aws_cloudcontrol_resource - where - type_name = 'AWS::CloudTrail::Trail' - and identifier = 'my-trail'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Control API Resource diff --git a/queries/aws_cloudcontrol_resource_4.yaml.bak b/queries/aws_cloudcontrol_resource_4.yaml.bak deleted file mode 100755 index 460b40227..000000000 --- a/queries/aws_cloudcontrol_resource_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cloudcontrol_resource_4 -Title: "List all AWS IAM Roles in us-east-1 using SQL" -Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - properties ->> 'RoleName' as name - from - aws_cloudcontrol_resource - where - type_name = 'AWS::IAM::Role' - and region = 'us-east-1' - order by - name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Control API diff --git a/queries/aws_cloudformation_stack_1.yaml.bak b/queries/aws_cloudformation_stack_1.yaml.bak deleted file mode 100755 index 3144213c4..000000000 --- a/queries/aws_cloudformation_stack_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudformation_stack_1 -Title: "List all AWS CloudFormation Stacks with Details" -Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - status - from - aws_cloudformation_stack; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation Stack diff --git a/queries/aws_cloudformation_stack_2.yaml.bak b/queries/aws_cloudformation_stack_2.yaml.bak deleted file mode 100755 index ab291d71f..000000000 --- a/queries/aws_cloudformation_stack_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_cloudformation_stack_2 -Title: "List AWS CloudFormation Stack data and status" -Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - disable_rollback - from - aws_cloudformation_stack - where - disable_rollback; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudformation_stack_2.yaml.bak.bak b/queries/aws_cloudformation_stack_2.yaml.bak.bak deleted file mode 100755 index ab291d71f..000000000 --- a/queries/aws_cloudformation_stack_2.yaml.bak.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_cloudformation_stack_2 -Title: "List AWS CloudFormation Stack data and status" -Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - disable_rollback - from - aws_cloudformation_stack - where - disable_rollback; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudformation_stack_3.yaml.bak b/queries/aws_cloudformation_stack_3.yaml.bak deleted file mode 100755 index b01464fca..000000000 --- a/queries/aws_cloudformation_stack_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_cloudformation_stack_3 -Title: "List AWS CloudFormation Stack Data with SQL" -Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - enable_termination_protection - from - aws_cloudformation_stack - where - not enable_termination_protection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudformation_stack_4.yaml.bak b/queries/aws_cloudformation_stack_4.yaml.bak deleted file mode 100755 index 38bc53905..000000000 --- a/queries/aws_cloudformation_stack_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudformation_stack_4 -Title: "Find AWS CloudFormation Stack Data, Status, and Tags" -Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rollback_configuration ->> 'MonitoringTimeInMinutes' as monitoring_time_in_min, - rollback_configuration ->> 'RollbackTriggers' as rollback_triggers - from - aws_cloudformation_stack; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudformation_stack_5.yaml.bak b/queries/aws_cloudformation_stack_5.yaml.bak deleted file mode 100755 index 07527aaad..000000000 --- a/queries/aws_cloudformation_stack_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_cloudformation_stack_5 -Title: "List all AWS CloudFormation Stacks and Resource ARNs" -Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_array_elements_text(notification_arns) as resource_arns - from - aws_cloudformation_stack; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudformation_stack_resource_1.yaml.bak b/queries/aws_cloudformation_stack_resource_1.yaml.bak deleted file mode 100755 index 1339c60aa..000000000 --- a/queries/aws_cloudformation_stack_resource_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudformation_stack_resource_1 -Title: "Find AWS CloudFormation Stack Resource Information" -Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_name, - stack_id, - logical_resource_id, - resource_type, - resource_status - from - aws_cloudformation_stack_resource; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudformation_stack_resource_2.yaml.bak b/queries/aws_cloudformation_stack_resource_2.yaml.bak deleted file mode 100755 index 4e2642cd6..000000000 --- a/queries/aws_cloudformation_stack_resource_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cloudformation_stack_resource_2 -Title: "Find AWS CloudFormation Stack Resource Details and Status" -Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.name, - s.disable_rollback, - r.logical_resource_id, - r.resource_status - from - aws_cloudformation_stack_resource as r, - aws_cloudformation_stack as s - where - r.stack_id = s.id - and s.disable_rollback; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudformation_stack_resource_3.yaml.bak b/queries/aws_cloudformation_stack_resource_3.yaml.bak deleted file mode 100755 index ab6022207..000000000 --- a/queries/aws_cloudformation_stack_resource_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_cloudformation_stack_resource_3 -Title: "List all AWS CloudFormation Stack Resources with Details" -Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.name, - s.enable_termination_protection, - s.disable_rollback, - r.logical_resource_id, - r.resource_status - from - aws_cloudformation_stack_resource as r, - aws_cloudformation_stack as s - where - r.stack_id = s.id - and not enable_termination_protection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudformation_stack_resource_4.yaml.bak b/queries/aws_cloudformation_stack_resource_4.yaml.bak deleted file mode 100755 index a5b6e4d70..000000000 --- a/queries/aws_cloudformation_stack_resource_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudformation_stack_resource_4 -Title: "Find AWS CloudFormation Stack Resource Details" -Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_name, - stack_id, - logical_resource_id, - resource_status, - resource_type - from - aws_cloudformation_stack_resource - where - resource_type = 'AWS::EC2::VPC'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudformation_stack_resource_5.yaml.bak b/queries/aws_cloudformation_stack_resource_5.yaml.bak deleted file mode 100755 index fc21225df..000000000 --- a/queries/aws_cloudformation_stack_resource_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudformation_stack_resource_5 -Title: "List all AWS CloudFormation Stack Resources’ Details" -Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_name, - logical_resource_id, - resource_status, - resource_type - from - aws_cloudformation_stack_resource - where - resource_status = 'UPDATE_FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudformation_stack_set_1.yaml.bak b/queries/aws_cloudformation_stack_set_1.yaml.bak deleted file mode 100755 index 09e2c8f49..000000000 --- a/queries/aws_cloudformation_stack_set_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudformation_stack_set_1 -Title: "List all AWS CloudFormation StackSets configurations" -Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_set_id, - stack_set_name, - status, - arn, - description - from - aws_cloudformation_stack_set; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudformation_stack_set_2.yaml.bak b/queries/aws_cloudformation_stack_set_2.yaml.bak deleted file mode 100755 index 9f3220e32..000000000 --- a/queries/aws_cloudformation_stack_set_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cloudformation_stack_set_2 -Title: "List all AWS CloudFormation StackSets and Associated Resources" -Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_set_id, - stack_set_name, - status, - permission_model, - auto_deployment - from - aws_cloudformation_stack_set - where - status = 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudformation_stack_set_3.yaml.bak b/queries/aws_cloudformation_stack_set_3.yaml.bak deleted file mode 100755 index fb88df3dd..000000000 --- a/queries/aws_cloudformation_stack_set_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cloudformation_stack_set_3 -Title: "List all AWS CloudFormation StackSets with Parameters" -Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_set_name, - stack_set_id, - p ->> 'ParameterKey' as parameter_key, - p ->> 'ParameterValue' as parameter_value, - p ->> 'ResolvedValue' as resolved_value, - p ->> 'UsePreviousValue' as use_previous_value - from - aws_cloudformation_stack_set, - jsonb_array_elements(parameters) as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudformation_stack_set_4.yaml.bak b/queries/aws_cloudformation_stack_set_4.yaml.bak deleted file mode 100755 index 4fabbe9ce..000000000 --- a/queries/aws_cloudformation_stack_set_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cloudformation_stack_set_4 -Title: "List all detailed AWS CloudFormation StackSets status" -Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_set_name, - stack_set_id, - stack_set_drift_detection_details ->> 'DriftDetectionStatus' as drift_detection_status, - stack_set_drift_detection_details ->> 'DriftStatus' as drift_status, - stack_set_drift_detection_details ->> 'DriftedStackInstancesCount' as drifted_stack_instances_count, - stack_set_drift_detection_details ->> 'FailedStackInstancesCount' as failed_stack_instances_count, - stack_set_drift_detection_details ->> 'InProgressStackInstancesCount' as in_progress_stack_instances_count, - stack_set_drift_detection_details ->> 'InSyncStackInstancesCount' as in_sync_stack_instances_count, - stack_set_drift_detection_details ->> 'LastDriftCheckTimestamp' as last_drift_check_timestamp, - stack_set_drift_detection_details ->> 'TotalStackInstancesCount' as total_stack_instances_count - from - aws_cloudformation_stack_set; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFormation diff --git a/queries/aws_cloudfront_cache_policy_1.yaml.bak b/queries/aws_cloudfront_cache_policy_1.yaml.bak deleted file mode 100755 index e70a60167..000000000 --- a/queries/aws_cloudfront_cache_policy_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cloudfront_cache_policy_1 -Title: "List AWS CloudFront Cache Policies Details" -Description: "Allows users to query AWS CloudFront Cache Policies for details about their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - comment, - min_ttl, - etag, - last_modified_time - from - aws_cloudfront_cache_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_cache_policy_2.yaml.bak b/queries/aws_cloudfront_cache_policy_2.yaml.bak deleted file mode 100755 index 4ed572093..000000000 --- a/queries/aws_cloudfront_cache_policy_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudfront_cache_policy_2 -Title: "Find AWS CloudFront Cache Policies and Details" -Description: "Allows users to query AWS CloudFront Cache Policies for details about their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingGzip' as enable_gzip - from - aws_cloudfront_cache_policy - where - parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingGzip' <> 'true'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_cache_policy_3.yaml.bak b/queries/aws_cloudfront_cache_policy_3.yaml.bak deleted file mode 100755 index f6a1e605d..000000000 --- a/queries/aws_cloudfront_cache_policy_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudfront_cache_policy_3 -Title: "List AWS CloudFront Cache Policies and Their States" -Description: "Allows users to query AWS CloudFront Cache Policies for details about their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingBrotli' as enable_brotli - from - aws_cloudfront_cache_policy - where - parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingBrotli' <> 'true'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_distribution_1.yaml.bak b/queries/aws_cloudfront_distribution_1.yaml.bak deleted file mode 100755 index 47648e756..000000000 --- a/queries/aws_cloudfront_distribution_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cloudfront_distribution_1 -Title: "List all AWS CloudFront Distributions and Metadata" -Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - status, - domain_name, - enabled, - e_tag, - http_version, - is_ipv6_enabled - from - aws_cloudfront_distribution; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_distribution_2.yaml.bak b/queries/aws_cloudfront_distribution_2.yaml.bak deleted file mode 100755 index 482ac5867..000000000 --- a/queries/aws_cloudfront_distribution_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cloudfront_distribution_2 -Title: "Find Disabled AWS CloudFront Distribution Logging" -Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - logging ->> 'Bucket' as bucket, - logging ->> 'Enabled' as logging_enabled, - logging ->> 'IncludeCookies' as include_cookies - from - aws_cloudfront_distribution - where - logging ->> 'Enabled' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_distribution_3.yaml.bak b/queries/aws_cloudfront_distribution_3.yaml.bak deleted file mode 100755 index de0b7f33d..000000000 --- a/queries/aws_cloudfront_distribution_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudfront_distribution_3 -Title: "List all AWS CloudFront Distributions and Their Configurations" -Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - status, - is_ipv6_enabled - from - aws_cloudfront_distribution - where - is_ipv6_enabled = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_distribution_4.yaml.bak b/queries/aws_cloudfront_distribution_4.yaml.bak deleted file mode 100755 index ec0cccc85..000000000 --- a/queries/aws_cloudfront_distribution_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cloudfront_distribution_4 -Title: "Find details of AWS CloudFront Distributions with SQL" -Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - default_cache_behavior ->> 'FieldLevelEncryptionId' as field_level_encryption_id, - default_cache_behavior ->> 'DefaultTTL' as default_ttl - from - aws_cloudfront_distribution - where - default_cache_behavior ->> 'FieldLevelEncryptionId' <> ''; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_distribution_4.yaml.bak.bak b/queries/aws_cloudfront_distribution_4.yaml.bak.bak deleted file mode 100755 index ec0cccc85..000000000 --- a/queries/aws_cloudfront_distribution_4.yaml.bak.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cloudfront_distribution_4 -Title: "Find details of AWS CloudFront Distributions with SQL" -Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - default_cache_behavior ->> 'FieldLevelEncryptionId' as field_level_encryption_id, - default_cache_behavior ->> 'DefaultTTL' as default_ttl - from - aws_cloudfront_distribution - where - default_cache_behavior ->> 'FieldLevelEncryptionId' <> ''; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_distribution_5.yaml.bak b/queries/aws_cloudfront_distribution_5.yaml.bak deleted file mode 100755 index a95d3ad46..000000000 --- a/queries/aws_cloudfront_distribution_5.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_cloudfront_distribution_5 -Title: "Query AWS CloudFront Distributions and Insights" -Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - p -> 'CustomOriginConfig' -> 'HTTPPort' as http_port, - p -> 'CustomOriginConfig' -> 'HTTPSPort' as https_port, - p -> 'CustomOriginConfig' -> 'OriginKeepaliveTimeout' as origin_keepalive_timeout, - p -> 'CustomOriginConfig' -> 'OriginProtocolPolicy' as origin_protocol_policy - from - aws_cloudfront_distribution, - jsonb_array_elements(origins) as p - where - p -> 'CustomOriginConfig' ->> 'OriginProtocolPolicy' = 'https-only'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_distribution_6.yaml.bak b/queries/aws_cloudfront_distribution_6.yaml.bak deleted file mode 100755 index d5e0dcc9a..000000000 --- a/queries/aws_cloudfront_distribution_6.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cloudfront_distribution_6 -Title: "Find AWS CloudFront Distributions Configuration & Status" -Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - p -> 'CustomOriginConfig' -> 'OriginSslProtocols' -> 'Items' as items, - p -> 'CustomOriginConfig' -> 'OriginSslProtocols' -> 'Quantity' as quantity - from - aws_cloudfront_distribution, - jsonb_array_elements(origins) as p - where - p -> 'CustomOriginConfig' -> 'OriginSslProtocols' -> 'Items' ?& array['SSLv3']; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_function_1.yaml.bak b/queries/aws_cloudfront_function_1.yaml.bak deleted file mode 100755 index f0275d969..000000000 --- a/queries/aws_cloudfront_function_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudfront_function_1 -Title: "List all AWS CloudFront Functions with details" -Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - status, - arn, - e_tag, - function_config - from - aws_cloudfront_function; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_function_1.yaml.bak.bak b/queries/aws_cloudfront_function_1.yaml.bak.bak deleted file mode 100755 index f0275d969..000000000 --- a/queries/aws_cloudfront_function_1.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudfront_function_1 -Title: "List all AWS CloudFront Functions with details" -Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - status, - arn, - e_tag, - function_config - from - aws_cloudfront_function; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_function_2.yaml.bak b/queries/aws_cloudfront_function_2.yaml.bak deleted file mode 100755 index 9be64516f..000000000 --- a/queries/aws_cloudfront_function_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudfront_function_2 -Title: "List All AWS CloudFront Functions with Detailed Info" -Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - function_config ->> 'Comment' as comment, - arn, - status, - e_tag - from - aws_cloudfront_function - where - function_metadata ->> 'Stage' = 'LIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_function_3.yaml.bak b/queries/aws_cloudfront_function_3.yaml.bak deleted file mode 100755 index d14a6c618..000000000 --- a/queries/aws_cloudfront_function_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cloudfront_function_3 -Title: "List AWS CloudFront Functions by ARN, Stage, and Status" -Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - function_metadata ->> 'Stage' as stage, - status, - function_metadata ->> 'CreatedTime' as created_time, - function_metadata ->> 'LastModifiedTime' as last_modified_time - from - aws_cloudfront_function - order by - function_metadata ->> 'CreatedTime' DESC; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_function_4.yaml.bak b/queries/aws_cloudfront_function_4.yaml.bak deleted file mode 100755 index f725dc286..000000000 --- a/queries/aws_cloudfront_function_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cloudfront_function_4 -Title: "List of AWS CloudFront Functions with Detailed Information" -Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - function_metadata ->> 'Stage' as stage, - status, - function_metadata ->> 'LastModifiedTime' as last_modified_time - from - aws_cloudfront_function - where - (function_metadata ->> 'LastModifiedTime')::timestamp >= (now() - interval '1' hour) - order by - function_metadata ->> 'LastModifiedTime' DESC; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_origin_access_identity_1.yaml.bak b/queries/aws_cloudfront_origin_access_identity_1.yaml.bak deleted file mode 100755 index b496f852b..000000000 --- a/queries/aws_cloudfront_origin_access_identity_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudfront_origin_access_identity_1 -Title: "Find AWS CloudFront Origin Access Identities and Details" -Description: "Allows users to query AWS CloudFront Origin Access Identity to fetch detailed information about each identity, including its ID, S3 canonical user ID, caller reference, and associated comment." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - comment, - s3_canonical_user_id, - etag - from - aws_cloudfront_origin_access_identity; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_origin_access_identity_2.yaml.bak b/queries/aws_cloudfront_origin_access_identity_2.yaml.bak deleted file mode 100755 index fecd78b8a..000000000 --- a/queries/aws_cloudfront_origin_access_identity_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudfront_origin_access_identity_2 -Title: "Find all AWS CloudFront Origin Access Identity details" -Description: "Allows users to query AWS CloudFront Origin Access Identity to fetch detailed information about each identity, including its ID, S3 canonical user ID, caller reference, and associated comment." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - comment, - caller_reference - from - aws_cloudfront_origin_access_identity - where - comment <> ''; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_origin_access_identity_2.yaml.bak.bak b/queries/aws_cloudfront_origin_access_identity_2.yaml.bak.bak deleted file mode 100755 index fecd78b8a..000000000 --- a/queries/aws_cloudfront_origin_access_identity_2.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudfront_origin_access_identity_2 -Title: "Find all AWS CloudFront Origin Access Identity details" -Description: "Allows users to query AWS CloudFront Origin Access Identity to fetch detailed information about each identity, including its ID, S3 canonical user ID, caller reference, and associated comment." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - comment, - caller_reference - from - aws_cloudfront_origin_access_identity - where - comment <> ''; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_origin_request_policy_1.yaml.bak b/queries/aws_cloudfront_origin_request_policy_1.yaml.bak deleted file mode 100755 index ee2e25547..000000000 --- a/queries/aws_cloudfront_origin_request_policy_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudfront_origin_request_policy_1 -Title: "List all AWS CloudFront Origin Request Policies" -Description: "Allows users to query AWS CloudFront Origin Request Policies, providing details about each policy such as ID, name, comment, cookies configuration, headers configuration, query strings configuration, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - comment, - etag, - last_modified_time - from - aws_cloudfront_origin_request_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_origin_request_policy_2.yaml.bak b/queries/aws_cloudfront_origin_request_policy_2.yaml.bak deleted file mode 100755 index 232c1e5bb..000000000 --- a/queries/aws_cloudfront_origin_request_policy_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_cloudfront_origin_request_policy_2 -Title: "List all AWS CloudFront Origin Request Policies" -Description: "Allows users to query AWS CloudFront Origin Request Policies, providing details about each policy such as ID, name, comment, cookies configuration, headers configuration, query strings configuration, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - headers_config ->> 'HeaderBehavior' as header_behavior, - headers_config ->> 'Headers' as headers - from - aws_cloudfront_origin_request_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_response_headers_policy_1.yaml.bak b/queries/aws_cloudfront_response_headers_policy_1.yaml.bak deleted file mode 100755 index 32661080a..000000000 --- a/queries/aws_cloudfront_response_headers_policy_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudfront_response_headers_policy_1 -Title: "List all AWS CloudFront Response Headers Policies" -Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - response_headers_policy_config ->> 'Comment' as description, - type, - last_modified_time - from - aws_cloudfront_response_headers_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_response_headers_policy_2.yaml.bak b/queries/aws_cloudfront_response_headers_policy_2.yaml.bak deleted file mode 100755 index e26e11058..000000000 --- a/queries/aws_cloudfront_response_headers_policy_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudfront_response_headers_policy_2 -Title: "Find AWS CloudFront Response Headers Policies" -Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - response_headers_policy_config ->> 'Comment' as description, - type, - last_modified_time - from - aws_cloudfront_response_headers_policy - where - type = 'custom'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_response_headers_policy_3.yaml.bak b/queries/aws_cloudfront_response_headers_policy_3.yaml.bak deleted file mode 100755 index 10d2c227d..000000000 --- a/queries/aws_cloudfront_response_headers_policy_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudfront_response_headers_policy_3 -Title: "Find AWS CloudFront Response Headers Policies Info" -Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - last_modified_time - from - aws_cloudfront_response_headers_policy - where - last_modified_time >= (now() - interval '1' hour) - order by - last_modified_time DESC; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudfront_response_headers_policy_3.yaml.bak.bak b/queries/aws_cloudfront_response_headers_policy_3.yaml.bak.bak deleted file mode 100755 index 10d2c227d..000000000 --- a/queries/aws_cloudfront_response_headers_policy_3.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudfront_response_headers_policy_3 -Title: "Find AWS CloudFront Response Headers Policies Info" -Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - last_modified_time - from - aws_cloudfront_response_headers_policy - where - last_modified_time >= (now() - interval '1' hour) - order by - last_modified_time DESC; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudFront diff --git a/queries/aws_cloudsearch_domain_1.yaml.bak b/queries/aws_cloudsearch_domain_1.yaml.bak deleted file mode 100755 index d26a3026b..000000000 --- a/queries/aws_cloudsearch_domain_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudsearch_domain_1 -Title: "List all AWS CloudSearch Domain Details" -Description: "Allows users to query AWS CloudSearch Domain to retrieve detailed information about each search domain configured within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - arn, - created, - search_instance_type, - search_instance_count - from - aws_cloudsearch_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudSearch diff --git a/queries/aws_cloudsearch_domain_2.yaml.bak b/queries/aws_cloudsearch_domain_2.yaml.bak deleted file mode 100755 index fd7b9a33c..000000000 --- a/queries/aws_cloudsearch_domain_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudsearch_domain_2 -Title: "List AWS CloudSearch Domains and Their Details" -Description: "Allows users to query AWS CloudSearch Domain to retrieve detailed information about each search domain configured within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - arn, - created, - search_instance_type - from - aws_cloudsearch_domain - where - search_instance_type = 'search.small'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudSearch diff --git a/queries/aws_cloudsearch_domain_3.yaml.bak b/queries/aws_cloudsearch_domain_3.yaml.bak deleted file mode 100755 index 7d641bc25..000000000 --- a/queries/aws_cloudsearch_domain_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudsearch_domain_3 -Title: "List All AWS CloudSearch Domains with Detailed Info" -Description: "Allows users to query AWS CloudSearch Domain to retrieve detailed information about each search domain configured within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - search_service ->> 'Endpoint' as search_service_endpoint, - limits ->> 'MaximumPartitionCount' as maximum_partition_count, - limits ->> 'MaximumReplicationCount' as maximum_replication_count - from - aws_cloudsearch_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudSearch diff --git a/queries/aws_cloudtrail_channel_1.yaml.bak b/queries/aws_cloudtrail_channel_1.yaml.bak deleted file mode 100755 index 3baeeb48a..000000000 --- a/queries/aws_cloudtrail_channel_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudtrail_channel_1 -Title: "Find AWS CloudTrail Channel Configurations with SQL" -Description: "Allows users to query AWS CloudTrail Channel data, including trail configurations, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - source, - apply_to_all_regions - from - aws_cloudtrail_channel; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_channel_2.yaml.bak b/queries/aws_cloudtrail_channel_2.yaml.bak deleted file mode 100755 index 652886899..000000000 --- a/queries/aws_cloudtrail_channel_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cloudtrail_channel_2 -Title: "List all AWS CloudTrail Channel data and configurations" -Description: "Allows users to query AWS CloudTrail Channel data, including trail configurations, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - source, - apply_to_all_regions, - advanced_event_selectors - from - aws_cloudtrail_channel - where - not apply_to_all_regions; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_channel_3.yaml.bak b/queries/aws_cloudtrail_channel_3.yaml.bak deleted file mode 100755 index 488aaa644..000000000 --- a/queries/aws_cloudtrail_channel_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_cloudtrail_channel_3 -Title: "List all AWS CloudTrail Channel Data and Metadata" -Description: "Allows users to query AWS CloudTrail Channel data, including trail configurations, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - a ->> 'Name' as advanced_event_selector_name, - a ->> 'FieldSelectors' as field_selectors - from - aws_cloudtrail_channel, - jsonb_array_elements(advanced_event_selectors) as a; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_event_data_store_1.yaml.bak b/queries/aws_cloudtrail_event_data_store_1.yaml.bak deleted file mode 100755 index e47f688df..000000000 --- a/queries/aws_cloudtrail_event_data_store_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cloudtrail_event_data_store_1 -Title: "List all AWS CloudTrail Event Data" -Description: "Allows users to query AWS CloudTrail Event Data, providing information about API activity in AWS accounts. This includes details about API calls, logins, and other events captured by AWS CloudTrail." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - created_timestamp, - multi_region_enabled, - organization_enabled, - termination_protection_enabled - from - aws_cloudtrail_event_data_store; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_event_data_store_2.yaml.bak b/queries/aws_cloudtrail_event_data_store_2.yaml.bak deleted file mode 100755 index f3fb5f1bc..000000000 --- a/queries/aws_cloudtrail_event_data_store_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cloudtrail_event_data_store_2 -Title: "List API Activity in AWS Accounts with CloudTrail Data" -Description: "Allows users to query AWS CloudTrail Event Data, providing information about API activity in AWS accounts. This includes details about API calls, logins, and other events captured by AWS CloudTrail." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - created_timestamp, - multi_region_enabled, - organization_enabled, - termination_protection_enabled - from - aws_cloudtrail_event_data_store - where - status <> 'ENABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_event_data_store_3.yaml.bak b/queries/aws_cloudtrail_event_data_store_3.yaml.bak deleted file mode 100755 index 4e302009f..000000000 --- a/queries/aws_cloudtrail_event_data_store_3.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cloudtrail_event_data_store_3 -Title: "List all AWS CloudTrail Event Data and API Activity" -Description: "Allows users to query AWS CloudTrail Event Data, providing information about API activity in AWS accounts. This includes details about API calls, logins, and other events captured by AWS CloudTrail." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - created_timestamp, - multi_region_enabled, - organization_enabled, - termination_protection_enabled - from - aws_cloudtrail_event_data_store - where - not termination_protection_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_import_1.yaml.bak b/queries/aws_cloudtrail_import_1.yaml.bak deleted file mode 100755 index 78a6cbaa2..000000000 --- a/queries/aws_cloudtrail_import_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_cloudtrail_import_1 -Title: "Find all imported trail files from AWS CloudTrail" -Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - import_id, - created_timestamp, - import_status, - destinations - from - aws_cloudtrail_import; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_import_2.yaml.bak b/queries/aws_cloudtrail_import_2.yaml.bak deleted file mode 100755 index 6b6c86bfd..000000000 --- a/queries/aws_cloudtrail_import_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudtrail_import_2 -Title: "List AWS CloudTrail Imports and Their Details" -Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - import_id, - created_timestamp, - import_source - from - aws_cloudtrail_import - where - import_status <> 'COMPLETED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_import_3.yaml.bak b/queries/aws_cloudtrail_import_3.yaml.bak deleted file mode 100755 index a94dd2f28..000000000 --- a/queries/aws_cloudtrail_import_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudtrail_import_3 -Title: "List all AWS CloudTrail Import Details" -Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - import_id, - created_timestamp, - import_status, - start_event_time, - end_event_time - from - aws_cloudtrail_import - where - created_timestamp >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_import_4.yaml.bak b/queries/aws_cloudtrail_import_4.yaml.bak deleted file mode 100755 index 0da403c99..000000000 --- a/queries/aws_cloudtrail_import_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudtrail_import_4 -Title: "Find all AWS CloudTrail import details using SQL" -Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - import_id, - import_status, - import_source ->> 'S3BucketAccessRoleArn' as s3_bucket_access_role_arn, - import_source ->> 'S3BucketRegion' as s3_bucket_region, - import_source ->> 'S3LocationUri' as s3_location_uri - from - aws_cloudtrail_import; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_import_5.yaml.bak b/queries/aws_cloudtrail_import_5.yaml.bak deleted file mode 100755 index 3bc7cf4bb..000000000 --- a/queries/aws_cloudtrail_import_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudtrail_import_5 -Title: "List all AWS CloudTrail import details" -Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - import_id, - import_status, - import_statistics -> 'EventsCompleted' as events_completed, - import_statistics -> 'FailedEntries' as failed_entries, - import_statistics -> 'FilesCompleted' as files_completed, - import_statistics -> 'FilesCompleted' as prefixes_completed, - import_statistics -> 'PrefixesFound' as PrefixesFound - from - aws_cloudtrail_import; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_import_5.yaml.bak.bak b/queries/aws_cloudtrail_import_5.yaml.bak.bak deleted file mode 100755 index 3bc7cf4bb..000000000 --- a/queries/aws_cloudtrail_import_5.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudtrail_import_5 -Title: "List all AWS CloudTrail import details" -Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - import_id, - import_status, - import_statistics -> 'EventsCompleted' as events_completed, - import_statistics -> 'FailedEntries' as failed_entries, - import_statistics -> 'FilesCompleted' as files_completed, - import_statistics -> 'FilesCompleted' as prefixes_completed, - import_statistics -> 'PrefixesFound' as PrefixesFound - from - aws_cloudtrail_import; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_lookup_event_1.yaml.bak b/queries/aws_cloudtrail_lookup_event_1.yaml.bak deleted file mode 100755 index 8a1c9e553..000000000 --- a/queries/aws_cloudtrail_lookup_event_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_cloudtrail_lookup_event_1 -Title: "Find AWS CloudTrail Lookup Events with SQL" -Description: "Allows users to query AWS CloudTrail Lookup Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - username, - jsonb_pretty(cloud_trail_event) as cloud_trail_event - from - aws_cloudtrail_lookup_event - where - start_time = now() - interval '5 minutes' - and end_time = now(); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_lookup_event_2.yaml.bak b/queries/aws_cloudtrail_lookup_event_2.yaml.bak deleted file mode 100755 index 7fc6df876..000000000 --- a/queries/aws_cloudtrail_lookup_event_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cloudtrail_lookup_event_2 -Title: "Find AWS CloudTrail Lookup Events for Specific Trail Events" -Description: "Allows users to query AWS CloudTrail Lookup Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - username, - jsonb_pretty(cloud_trail_event) as cloud_trail_event - from - aws_cloudtrail_lookup_event - where - start_time = now() - and end_time = now() - interval '1 hour' - and read_only = 'true' - order by - event_time asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_lookup_event_3.yaml.bak b/queries/aws_cloudtrail_lookup_event_3.yaml.bak deleted file mode 100755 index 9f7d2a689..000000000 --- a/queries/aws_cloudtrail_lookup_event_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cloudtrail_lookup_event_3 -Title: "Find AWS CloudTrail Events with IAM Source" -Description: "Allows users to query AWS CloudTrail Lookup Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - jsonb_pretty(cloud_trail_event) as cloud_trail_event - from - aws_cloudtrail_lookup_event - where - and event_source = 'iam.amazonaws.com' - and event_time >= now() - interval '1 hour'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_query_1.yaml.bak b/queries/aws_cloudtrail_query_1.yaml.bak deleted file mode 100755 index ef140bb52..000000000 --- a/queries/aws_cloudtrail_query_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cloudtrail_query_1 -Title: "Find AWS CloudTrail events for account activity" -Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - query_id, - event_data_store_arn, - query_status, - query_status, - creation_time, - events_matched, - events_scanned - from - aws_cloudtrail_query; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_query_2.yaml.bak b/queries/aws_cloudtrail_query_2.yaml.bak deleted file mode 100755 index 9829bbb78..000000000 --- a/queries/aws_cloudtrail_query_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cloudtrail_query_2 -Title: "Find failed AWS CloudTrail queries using SQL" -Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - query_id, - event_data_store_arn, - query_status, - creation_time, - query_string, - execution_time_in_millis - from - aws_cloudtrail_query - where - query_status = 'FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_query_3.yaml.bak b/queries/aws_cloudtrail_query_3.yaml.bak deleted file mode 100755 index b7d9d4c4f..000000000 --- a/queries/aws_cloudtrail_query_3.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_cloudtrail_query_3 -Title: "Find all AWS CloudTrail events account activity" -Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - q.query_id as query_id, - q.event_data_store_arn as event_data_store_arn, - s.name as event_data_store_name, - s.status as event_data_store_status, - s.multi_region_enabled as multi_region_enabled, - s.termination_protection_enabled as termination_protection_enabled, - s.updated_timestamp as event_data_store_updated_timestamp - from - aws_cloudtrail_query as q, - aws_cloudtrail_event_data_store as s - where - s.arn = q.event_data_store_arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_query_3.yaml.bak.bak b/queries/aws_cloudtrail_query_3.yaml.bak.bak deleted file mode 100755 index b7d9d4c4f..000000000 --- a/queries/aws_cloudtrail_query_3.yaml.bak.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_cloudtrail_query_3 -Title: "Find all AWS CloudTrail events account activity" -Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - q.query_id as query_id, - q.event_data_store_arn as event_data_store_arn, - s.name as event_data_store_name, - s.status as event_data_store_status, - s.multi_region_enabled as multi_region_enabled, - s.termination_protection_enabled as termination_protection_enabled, - s.updated_timestamp as event_data_store_updated_timestamp - from - aws_cloudtrail_query as q, - aws_cloudtrail_event_data_store as s - where - s.arn = q.event_data_store_arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_query_4.yaml.bak b/queries/aws_cloudtrail_query_4.yaml.bak deleted file mode 100755 index c346b1b8a..000000000 --- a/queries/aws_cloudtrail_query_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cloudtrail_query_4 -Title: "Find all AWS CloudTrail events for account activities" -Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - query_id, - event_data_store_arn, - query_status, - creation_time, - query_string, - execution_time_in_millis - from - aws_cloudtrail_query - where - creation_time <= now() - interval '3' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_1.yaml.bak b/queries/aws_cloudtrail_trail_1.yaml.bak deleted file mode 100755 index a52827a14..000000000 --- a/queries/aws_cloudtrail_trail_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudtrail_trail_1 -Title: "List all AWS CloudTrail Trail Records" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - home_region, - is_multi_region_trail - from - aws_cloudtrail_trail - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_2.yaml.bak b/queries/aws_cloudtrail_trail_2.yaml.bak deleted file mode 100755 index 519f32843..000000000 --- a/queries/aws_cloudtrail_trail_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudtrail_trail_2 -Title: "List all AWS CloudTrail Trails with Trail Records" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - kms_key_id - from - aws_cloudtrail_trail - where - kms_key_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_3.yaml.bak b/queries/aws_cloudtrail_trail_3.yaml.bak deleted file mode 100755 index c1480a1c4..000000000 --- a/queries/aws_cloudtrail_trail_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cloudtrail_trail_3 -Title: "Find AWS CloudTrail Trail and Public S3 Bucket Info" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - trail.name as trail_name, - bucket.name as bucket_name, - bucket.bucket_policy_is_public as is_publicly_accessible - from - aws_cloudtrail_trail as trail - join aws_s3_bucket as bucket on trail.s3_bucket_name = bucket.name - where - bucket.bucket_policy_is_public; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_4.yaml.bak b/queries/aws_cloudtrail_trail_4.yaml.bak deleted file mode 100755 index 45ff8d747..000000000 --- a/queries/aws_cloudtrail_trail_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudtrail_trail_4 -Title: "List all AWS CloudTrail Trails with Bucket Details" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - trail.name as trail_name, - bucket.name as bucket_name, - logging - from - aws_cloudtrail_trail as trail - join aws_s3_bucket as bucket on trail.s3_bucket_name = bucket.name - where - not versioning_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS CloudTrail diff --git a/queries/aws_cloudtrail_trail_5.yaml.bak b/queries/aws_cloudtrail_trail_5.yaml.bak deleted file mode 100755 index 6497ca674..000000000 --- a/queries/aws_cloudtrail_trail_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudtrail_trail_5 -Title: "List all AWS CloudTrail Trails configuration and metadata" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - is_logging - from - aws_cloudtrail_trail - where - not is_logging; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_6.yaml.bak b/queries/aws_cloudtrail_trail_6.yaml.bak deleted file mode 100755 index 933b01ef3..000000000 --- a/queries/aws_cloudtrail_trail_6.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudtrail_trail_6 -Title: "List all AWS CloudTrail Trails and their Status" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - log_file_validation_enabled - from - aws_cloudtrail_trail - where - not log_file_validation_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_7.yaml.bak b/queries/aws_cloudtrail_trail_7.yaml.bak deleted file mode 100755 index d5891364f..000000000 --- a/queries/aws_cloudtrail_trail_7.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudtrail_trail_7 -Title: "List AWS CloudTrail Trails with Multi-Region Configuration" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - region, - home_region - from - aws_cloudtrail_trail - where - is_multi_region_trail - and home_region <> region; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_7.yaml.bak.bak b/queries/aws_cloudtrail_trail_7.yaml.bak.bak deleted file mode 100755 index d5891364f..000000000 --- a/queries/aws_cloudtrail_trail_7.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudtrail_trail_7 -Title: "List AWS CloudTrail Trails with Multi-Region Configuration" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - region, - home_region - from - aws_cloudtrail_trail - where - is_multi_region_trail - and home_region <> region; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_1.yaml.bak b/queries/aws_cloudtrail_trail_event_1.yaml.bak deleted file mode 100755 index b2b279aff..000000000 --- a/queries/aws_cloudtrail_trail_event_1.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_cloudtrail_trail_event_1 -Title: "Find AWS CloudTrail Events with Details in Table Format" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - username, - user_identifier, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and timestamp >= now() - interval '5 minutes'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_2.yaml.bak b/queries/aws_cloudtrail_trail_event_2.yaml.bak deleted file mode 100755 index 1ab82cac0..000000000 --- a/queries/aws_cloudtrail_trail_event_2.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_cloudtrail_trail_event_2 -Title: "Find CloudTrail Events in AWS with Event Details" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - username, - user_identifier, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and timestamp between (now() - interval '10 minutes') and (now() - interval '5 minutes') - order by - event_time asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_2.yaml.bak.bak b/queries/aws_cloudtrail_trail_event_2.yaml.bak.bak deleted file mode 100755 index 1ab82cac0..000000000 --- a/queries/aws_cloudtrail_trail_event_2.yaml.bak.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_cloudtrail_trail_event_2 -Title: "Find CloudTrail Events in AWS with Event Details" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - username, - user_identifier, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and timestamp between (now() - interval '10 minutes') and (now() - interval '5 minutes') - order by - event_time asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_3.yaml.bak b/queries/aws_cloudtrail_trail_event_3.yaml.bak deleted file mode 100755 index 5d2ab506d..000000000 --- a/queries/aws_cloudtrail_trail_event_3.yaml.bak +++ /dev/null @@ -1,38 +0,0 @@ -ID: aws_cloudtrail_trail_event_3 -Title: "Query AWS CloudTrail Events within AWS CloudTrail" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - username, - user_identifier, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and not read_only - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_4.yaml.bak b/queries/aws_cloudtrail_trail_event_4.yaml.bak deleted file mode 100755 index e992948c4..000000000 --- a/queries/aws_cloudtrail_trail_event_4.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_cloudtrail_trail_event_4 -Title: "Find AWS CloudTrail Events with Detailed Information" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - user_identifier, - jsonb_pretty(request_parameters) as request_parameters, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and event_source = 'iam.amazonaws.com' - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_5.yaml.bak b/queries/aws_cloudtrail_trail_event_5.yaml.bak deleted file mode 100755 index e8e018019..000000000 --- a/queries/aws_cloudtrail_trail_event_5.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_cloudtrail_trail_event_5 -Title: "Find AWS CloudTrail Events with Detailed Information" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - username, - user_identifier, - jsonb_pretty(request_parameters) as request_parameters, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and username = 'steampipe' - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_6.yaml.bak b/queries/aws_cloudtrail_trail_event_6.yaml.bak deleted file mode 100755 index 799950e1e..000000000 --- a/queries/aws_cloudtrail_trail_event_6.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_cloudtrail_trail_event_6 -Title: "Find AWS CloudTrail Events within AWS CloudTrail" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - username, - user_identifier, - jsonb_pretty(request_parameters) as request_parameters, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and user_type = 'IAMUser' - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_7.yaml.bak b/queries/aws_cloudtrail_trail_event_7.yaml.bak deleted file mode 100755 index 8b37fa5f6..000000000 --- a/queries/aws_cloudtrail_trail_event_7.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_cloudtrail_trail_event_7 -Title: "List all AWS CloudTrail Events using SQL Queries" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - username, - user_identifier, - jsonb_pretty(request_parameters) as request_parameters, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and user_type = 'AssumedRole' - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_8.yaml.bak b/queries/aws_cloudtrail_trail_event_8.yaml.bak deleted file mode 100755 index 462b738bf..000000000 --- a/queries/aws_cloudtrail_trail_event_8.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_cloudtrail_trail_event_8 -Title: "Find AWS CloudTrail Events With Errors From Last Hour" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - error_code, - error_message, - user_type, - username, - user_identifier, - jsonb_pretty(request_parameters) as request_parameters, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and error_code is not null - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_9.yaml.bak b/queries/aws_cloudtrail_trail_event_9.yaml.bak deleted file mode 100755 index db0fa273c..000000000 --- a/queries/aws_cloudtrail_trail_event_9.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_cloudtrail_trail_event_9 -Title: "Find All AWS CloudTrail Events with Detailed Information" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - error_code, - error_message, - user_type, - username, - user_identifier, - jsonb_pretty(request_parameters) as request_parameters, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and filter = '{ $.sourceIPAddress = 203.189.* }' - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudTrail diff --git a/queries/aws_cloudwatch_alarm_1.yaml.bak b/queries/aws_cloudwatch_alarm_1.yaml.bak deleted file mode 100755 index 506959842..000000000 --- a/queries/aws_cloudwatch_alarm_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cloudwatch_alarm_1 -Title: "List all AWS CloudWatch Alarms with Detailed Configuration" -Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - state_value, - metric_name, - actions_enabled, - comparison_operator, - namespace, - statistic - from - aws_cloudwatch_alarm; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_alarm_2.yaml.bak b/queries/aws_cloudwatch_alarm_2.yaml.bak deleted file mode 100755 index 9b83a4215..000000000 --- a/queries/aws_cloudwatch_alarm_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudwatch_alarm_2 -Title: "List AWS CloudWatch Alarms with Detailed Information" -Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - state_value, - state_reason - from - aws_cloudwatch_alarm - where - state_value = 'ALARM'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_alarm_3.yaml.bak b/queries/aws_cloudwatch_alarm_3.yaml.bak deleted file mode 100755 index 21c89c132..000000000 --- a/queries/aws_cloudwatch_alarm_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudwatch_alarm_3 -Title: "List all AWS CloudWatch Alarms with Details" -Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - actions_enabled, - alarm_actions - from - aws_cloudwatch_alarm - where - actions_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_alarm_4.yaml.bak b/queries/aws_cloudwatch_alarm_4.yaml.bak deleted file mode 100755 index f4514730f..000000000 --- a/queries/aws_cloudwatch_alarm_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cloudwatch_alarm_4 -Title: "List AWS CloudWatch Alarms with Metric Names" -Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - period, - statistic, - dimensions - from - aws_cloudwatch_alarm - where - metric_name is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_alarm_5.yaml.bak b/queries/aws_cloudwatch_alarm_5.yaml.bak deleted file mode 100755 index 4ad8209ad..000000000 --- a/queries/aws_cloudwatch_alarm_5.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cloudwatch_alarm_5 -Title: "Query AWS CloudWatch Alarms for Detailed Information" -Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric ->> 'Id' as metric_id, - metric ->> 'Expression' as metric_expression, - metric -> 'MetricStat' -> 'Metric' ->> 'MetricName' as metric_name, - metric -> 'MetricStat' -> 'Metric' ->> 'Namespace' as metric_namespace, - metric -> 'MetricStat' -> 'Metric' ->> 'Dimensions' as metric_dimensions, - metric ->> 'ReturnData' as metric_return_data - from - aws_cloudwatch_alarm, - jsonb_array_elements(metrics) as metric; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_1.yaml.bak b/queries/aws_cloudwatch_log_event_1.yaml.bak deleted file mode 100755 index e0449e8df..000000000 --- a/queries/aws_cloudwatch_log_event_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_cloudwatch_log_event_1 -Title: "List AWS CloudWatch Log Events for Monitoring" -Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - event_id, - timestamp, - ingestion_time, - message - from - aws_cloudwatch_log_event - where - log_group_name = 'cloudwatch-log-event-group-name' - and timestamp >= now() - interval '5 minutes'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_2.yaml.bak b/queries/aws_cloudwatch_log_event_2.yaml.bak deleted file mode 100755 index d67fd1229..000000000 --- a/queries/aws_cloudwatch_log_event_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_cloudwatch_log_event_2 -Title: "List all AWS CloudWatch Log Events for Monitoring" -Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - event_id, - timestamp, - ingestion_time, - message - from - aws_cloudwatch_log_event - where - log_group_name = 'cloudwatch-log-event-group-name' - and timestamp between (now() - interval '10 minutes') and (now() - interval '5 minutes') - order by - timestamp asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_3.yaml.bak b/queries/aws_cloudwatch_log_event_3.yaml.bak deleted file mode 100755 index 12a55314a..000000000 --- a/queries/aws_cloudwatch_log_event_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_cloudwatch_log_event_3 -Title: "Find AWS CloudWatch Log Events to Monitor Systems" -Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - event_id, - timestamp, - ingestion_time, - message - from - aws_cloudwatch_log_event - where - log_group_name = 'cloudwatch-log-event-group-name' - and filter = '{$.eventName="DescribeVpcs"}' - and timestamp >= now() - interval '1 hour'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_4.yaml.bak b/queries/aws_cloudwatch_log_event_4.yaml.bak deleted file mode 100755 index 835e45ddb..000000000 --- a/queries/aws_cloudwatch_log_event_4.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_cloudwatch_log_event_4 -Title: "Query AWS CloudWatch Log Events for Unauthorized Access" -Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - event_id, - timestamp, - ingestion_time, - message - from - aws_cloudwatch_log_event - where - log_group_name = 'cloudwatch-log-event-group-name' - and filter = '{ ($.errorCode = "*UnauthorizedOperation") || ($.errorCode = "AccessDenied*") }' - and timestamp >= now() - interval '1 hour'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_5.yaml.bak b/queries/aws_cloudwatch_log_event_5.yaml.bak deleted file mode 100755 index 9d2c9dd24..000000000 --- a/queries/aws_cloudwatch_log_event_5.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cloudwatch_log_event_5 -Title: "Find All AWS CloudWatch Log Events for Security Groups" -Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - event_id, - timestamp, - ingestion_time, - message - from - aws_cloudwatch_log_event - where - log_group_name = 'cloudwatch-log-event-group-name' - and filter = '{($.eventName = AuthorizeSecurityGroupIngress) || ($.eventName = AuthorizeSecurityGroupEgress) || ($.eventName = RevokeSecurityGroupIngress) || ($.eventName = RevokeSecurityGroupEgress) || ($.eventName = CreateSecurityGroup) || ($.eventName = DeleteSecurityGroup)}' - and region = 'us-east-1' - and timestamp >= now() - interval '1 hour'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_5.yaml.bak.bak b/queries/aws_cloudwatch_log_event_5.yaml.bak.bak deleted file mode 100755 index 9d2c9dd24..000000000 --- a/queries/aws_cloudwatch_log_event_5.yaml.bak.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cloudwatch_log_event_5 -Title: "Find All AWS CloudWatch Log Events for Security Groups" -Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - event_id, - timestamp, - ingestion_time, - message - from - aws_cloudwatch_log_event - where - log_group_name = 'cloudwatch-log-event-group-name' - and filter = '{($.eventName = AuthorizeSecurityGroupIngress) || ($.eventName = AuthorizeSecurityGroupEgress) || ($.eventName = RevokeSecurityGroupIngress) || ($.eventName = RevokeSecurityGroupEgress) || ($.eventName = CreateSecurityGroup) || ($.eventName = DeleteSecurityGroup)}' - and region = 'us-east-1' - and timestamp >= now() - interval '1 hour'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_event_6.yaml.bak b/queries/aws_cloudwatch_log_event_6.yaml.bak deleted file mode 100755 index 33e230042..000000000 --- a/queries/aws_cloudwatch_log_event_6.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_cloudwatch_log_event_6 -Title: "List all AWS CloudWatch Log Events within 1 Day" -Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - event_id, - timestamp, - ingestion_time, - message - from - aws_cloudwatch_log_event - where - log_group_name = 'cloudwatch-log-event-group-name' - and filter = '{$.userIdentity.sessionContext.sessionIssuer.userName="turbot_superuser"}' - and timestamp >= now() - interval '1 day'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_group_1.yaml.bak b/queries/aws_cloudwatch_log_group_1.yaml.bak deleted file mode 100755 index e8944d4e3..000000000 --- a/queries/aws_cloudwatch_log_group_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cloudwatch_log_group_1 -Title: "List AWS CloudWatch Log Groups Details Including Metrics" -Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - kms_key_id, - metric_filter_count, - retention_in_days - from - aws_cloudwatch_log_group - where - kms_key_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_group_2.yaml.bak b/queries/aws_cloudwatch_log_group_2.yaml.bak deleted file mode 100755 index 0e0fc8fc7..000000000 --- a/queries/aws_cloudwatch_log_group_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudwatch_log_group_2 -Title: "Find AWS CloudWatch Log Groups with Retention Time < 7 Days" -Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - retention_in_days - from - aws_cloudwatch_log_group - where - retention_in_days < 7; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_group_3.yaml.bak b/queries/aws_cloudwatch_log_group_3.yaml.bak deleted file mode 100755 index 3e0470b87..000000000 --- a/queries/aws_cloudwatch_log_group_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudwatch_log_group_3 -Title: "Find AWS CloudWatch Log Groups and Their Attributes" -Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - groups.name as log_group_name, - metric.name as metric_filter_name, - metric.filter_pattern, - metric.metric_transformation_name, - metric.metric_transformation_value - from - aws_cloudwatch_log_group groups - join aws_cloudwatch_log_metric_filter metric on groups.name = metric.log_group_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_group_4.yaml.bak b/queries/aws_cloudwatch_log_group_4.yaml.bak deleted file mode 100755 index dd46c7eba..000000000 --- a/queries/aws_cloudwatch_log_group_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_cloudwatch_log_group_4 -Title: "Find AWS CloudWatch Log Groups and Retrieve Attributes" -Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i as data_identifier, - s -> 'Operation' -> 'Audit' -> 'FindingsDestination' -> 'S3' -> 'Bucket' as destination_bucket, - s -> 'Operation' -> 'Audit' -> 'FindingsDestination' -> 'CloudWatchLogs' -> 'LogGroup'as destination_log_group, - s -> 'Operation' -> 'Audit' -> 'FindingsDestination' -> 'Firehose' -> 'DeliveryStream'as destination_delivery_stream - from - aws_cloudwatch_log_group, - jsonb_array_elements(data_protection_policy -> 'Statement') as s, - jsonb_array_elements_text(s -> 'DataIdentifier') as i - where - s ->> 'Sid' = 'audit-policy' - and name = 'log-group-name'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch Log Groups diff --git a/queries/aws_cloudwatch_log_group_5.yaml.bak b/queries/aws_cloudwatch_log_group_5.yaml.bak deleted file mode 100755 index 3c3dc2920..000000000 --- a/queries/aws_cloudwatch_log_group_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudwatch_log_group_5 -Title: "Find AWS CloudWatch Log Groups and Retrieve Attributes" -Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - creation_time - from - aws_cloudwatch_log_group - where - data_protection_policy is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_metric_filter_1.yaml.bak b/queries/aws_cloudwatch_log_metric_filter_1.yaml.bak deleted file mode 100755 index f6476f715..000000000 --- a/queries/aws_cloudwatch_log_metric_filter_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cloudwatch_log_metric_filter_1 -Title: "Find all AWS CloudWatch log metric filters" -Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - log_group_name, - creation_time, - filter_pattern, - metric_transformation_name, - metric_transformation_namespace, - metric_transformation_value - from - aws_cloudwatch_log_metric_filter; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_metric_filter_2.yaml.bak b/queries/aws_cloudwatch_log_metric_filter_2.yaml.bak deleted file mode 100755 index 08b06ecef..000000000 --- a/queries/aws_cloudwatch_log_metric_filter_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudwatch_log_metric_filter_2 -Title: "List all AWS CloudWatch log metric filters and details" -Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - log_group_name, - filter_pattern - from - aws_cloudwatch_log_metric_filter - where - filter_pattern ilike '%error%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_metric_filter_2.yaml.bak.bak b/queries/aws_cloudwatch_log_metric_filter_2.yaml.bak.bak deleted file mode 100755 index 08b06ecef..000000000 --- a/queries/aws_cloudwatch_log_metric_filter_2.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudwatch_log_metric_filter_2 -Title: "List all AWS CloudWatch log metric filters and details" -Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - log_group_name, - filter_pattern - from - aws_cloudwatch_log_metric_filter - where - filter_pattern ilike '%error%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_metric_filter_3.yaml.bak b/queries/aws_cloudwatch_log_metric_filter_3.yaml.bak deleted file mode 100755 index 6105121e5..000000000 --- a/queries/aws_cloudwatch_log_metric_filter_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudwatch_log_metric_filter_3 -Title: "Find AWS CloudWatch log metric filters with details" -Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - count(name) as metric_filter_count - from - aws_cloudwatch_log_metric_filter - group by - log_group_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_resource_policy_1.yaml.bak b/queries/aws_cloudwatch_log_resource_policy_1.yaml.bak deleted file mode 100755 index c6970f371..000000000 --- a/queries/aws_cloudwatch_log_resource_policy_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_cloudwatch_log_resource_policy_1 -Title: "Find all AWS CloudWatch Log Resource Policies" -Description: "Allows users to query AWS CloudWatch Log Resource Policies, providing details such as the policy name, policy document, and last updated timestamp." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_name, - last_updated_time, - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_cloudwatch_log_resource_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_stream_1.yaml.bak b/queries/aws_cloudwatch_log_stream_1.yaml.bak deleted file mode 100755 index bd901c746..000000000 --- a/queries/aws_cloudwatch_log_stream_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudwatch_log_stream_1 -Title: "Find AWS CloudWatch Log Streams Using SQL" -Description: "Allows users to query AWS CloudWatch Log Stream to retrieve detailed information about each log stream within a log group." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - log_group_name, - region - from - aws_cloudwatch_log_stream; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch Log Stream diff --git a/queries/aws_cloudwatch_log_stream_2.yaml.bak b/queries/aws_cloudwatch_log_stream_2.yaml.bak deleted file mode 100755 index 33d8b956e..000000000 --- a/queries/aws_cloudwatch_log_stream_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_cloudwatch_log_stream_2 -Title: "List all AWS CloudWatch Log Stream information" -Description: "Allows users to query AWS CloudWatch Log Stream to retrieve detailed information about each log stream within a log group." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - count(*) as log_stream_count - from - aws_cloudwatch_log_stream - group by - log_group_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch Log Stream diff --git a/queries/aws_cloudwatch_log_subscription_filter_1.yaml.bak b/queries/aws_cloudwatch_log_subscription_filter_1.yaml.bak deleted file mode 100755 index dbf0cb777..000000000 --- a/queries/aws_cloudwatch_log_subscription_filter_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudwatch_log_subscription_filter_1 -Title: "List AWS CloudWatch Log Subscription Filters" -Description: "Allows users to query AWS CloudWatch Log Subscription Filters, providing information about each subscription filter associated with the specified log group." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - log_group_name, - creation_time, - filter_pattern, - destination_arn - from - aws_cloudwatch_log_subscription_filter; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_subscription_filter_2.yaml.bak b/queries/aws_cloudwatch_log_subscription_filter_2.yaml.bak deleted file mode 100755 index 1c81b7d14..000000000 --- a/queries/aws_cloudwatch_log_subscription_filter_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudwatch_log_subscription_filter_2 -Title: "List all AWS CloudWatch Log Subscription Filters" -Description: "Allows users to query AWS CloudWatch Log Subscription Filters, providing information about each subscription filter associated with the specified log group." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - log_group_name, - filter_pattern - from - aws_cloudwatch_log_subscription_filter - where - filter_pattern ilike '%error%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_log_subscription_filter_3.yaml.bak b/queries/aws_cloudwatch_log_subscription_filter_3.yaml.bak deleted file mode 100755 index 1291b8763..000000000 --- a/queries/aws_cloudwatch_log_subscription_filter_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudwatch_log_subscription_filter_3 -Title: "List all AWS CloudWatch Log Subscription Filters" -Description: "Allows users to query AWS CloudWatch Log Subscription Filters, providing information about each subscription filter associated with the specified log group." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - count(name) as subscription_filter_count - from - aws_cloudwatch_log_subscription_filter - group by - log_group_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_1.yaml.bak b/queries/aws_cloudwatch_metric_1.yaml.bak deleted file mode 100755 index cd9f8c7c5..000000000 --- a/queries/aws_cloudwatch_metric_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudwatch_metric_1 -Title: "List AWS CloudWatch Metrics with SQL Queries" -Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - namespace, - dimensions - from - aws_cloudwatch_metric; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_2.yaml.bak b/queries/aws_cloudwatch_metric_2.yaml.bak deleted file mode 100755 index 716b2ff23..000000000 --- a/queries/aws_cloudwatch_metric_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cloudwatch_metric_2 -Title: "Find AWS Resources Performance via CloudWatch Metrics" -Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - namespace, - dimensions - from - aws_cloudwatch_metric - where - namespace = 'AWS/EBS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_3.yaml.bak b/queries/aws_cloudwatch_metric_3.yaml.bak deleted file mode 100755 index a2d2f58d7..000000000 --- a/queries/aws_cloudwatch_metric_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudwatch_metric_3 -Title: "List all AWS CloudWatch metrics for EBS VolumeReadOps" -Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - namespace, - dimensions - from - aws_cloudwatch_metric - where - namespace = 'AWS/EBS' - and metric_name = 'VolumeReadOps'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_3.yaml.bak.bak b/queries/aws_cloudwatch_metric_3.yaml.bak.bak deleted file mode 100755 index a2d2f58d7..000000000 --- a/queries/aws_cloudwatch_metric_3.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cloudwatch_metric_3 -Title: "List all AWS CloudWatch metrics for EBS VolumeReadOps" -Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - namespace, - dimensions - from - aws_cloudwatch_metric - where - namespace = 'AWS/EBS' - and metric_name = 'VolumeReadOps'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_4.yaml.bak b/queries/aws_cloudwatch_metric_4.yaml.bak deleted file mode 100755 index f6de4dd15..000000000 --- a/queries/aws_cloudwatch_metric_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cloudwatch_metric_4 -Title: "Find AWS CloudWatch Metrics for Resource Performance" -Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - namespace, - dimensions - from - aws_cloudwatch_metric - where - dimensions_filter = '[ - {"Name": "ClusterIdentifier", "Value": "my-cluster-1"} - ]'::jsonb; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch Metrics diff --git a/queries/aws_cloudwatch_metric_5.yaml.bak b/queries/aws_cloudwatch_metric_5.yaml.bak deleted file mode 100755 index cf445c809..000000000 --- a/queries/aws_cloudwatch_metric_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cloudwatch_metric_5 -Title: "Find AWS CloudWatch Metrics for Performance Information" -Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - namespace, - dimensions - from - aws_cloudwatch_metric - where - dimensions_filter = '[ - {"Name": "Type", "Value": "API"}, - {"Name": "Service", "Value": "EC2"} - ]'::jsonb; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_1.yaml.bak b/queries/aws_cloudwatch_metric_data_point_1.yaml.bak deleted file mode 100755 index 305e93ec1..000000000 --- a/queries/aws_cloudwatch_metric_data_point_1.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cloudwatch_metric_data_point_1 -Title: "List All AWS CloudWatch Metric Data Points" -Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - label, - timestamp, - period, - value, - expression - from - aws_cloudwatch_metric_data_point - where - id = 'm1' - and expression = 'select max(CPUUtilization) from schema("AWS/EC2", InstanceId)' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_2.yaml.bak b/queries/aws_cloudwatch_metric_data_point_2.yaml.bak deleted file mode 100755 index f38898395..000000000 --- a/queries/aws_cloudwatch_metric_data_point_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_cloudwatch_metric_data_point_2 -Title: "Find AWS CloudWatch MetricDataPoints details" -Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - label, - timestamp, - period, - value, - expression - from - aws_cloudwatch_metric_data_point - where - id = 'e1' - and expression = 'SUM(METRICS(''error''))' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_2.yaml.bak.bak b/queries/aws_cloudwatch_metric_data_point_2.yaml.bak.bak deleted file mode 100755 index f38898395..000000000 --- a/queries/aws_cloudwatch_metric_data_point_2.yaml.bak.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_cloudwatch_metric_data_point_2 -Title: "Find AWS CloudWatch MetricDataPoints details" -Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - label, - timestamp, - period, - value, - expression - from - aws_cloudwatch_metric_data_point - where - id = 'e1' - and expression = 'SUM(METRICS(''error''))' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_3.yaml.bak b/queries/aws_cloudwatch_metric_data_point_3.yaml.bak deleted file mode 100755 index 6fb530dab..000000000 --- a/queries/aws_cloudwatch_metric_data_point_3.yaml.bak +++ /dev/null @@ -1,48 +0,0 @@ -ID: aws_cloudwatch_metric_data_point_3 -Title: "List All AWS CloudWatch MetricDataPoints" -Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - label, - timestamp, - period, - round(value::numeric, 2) as avg_cpu, - metric_stat - from - aws_cloudwatch_metric_data_point - where - id = 'm1' - and value > 80 - and timestamp >= now() - interval '5 day' - and metric_stat = '{ - "Metric": { - "Namespace": "AWS/EC2", - "MetricName": "CPUUtilization", - "Dimensions": [ - { - "Name": "InstanceId", - "Value": "i-0353536c53f7c8235" - }, - { - "Name": "InstanceId", - "Value": "i-0dd7043e0f6f0f36d" - } - ]}, - "Stat": "Average"}' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_4.yaml.bak b/queries/aws_cloudwatch_metric_data_point_4.yaml.bak deleted file mode 100755 index 13d296f44..000000000 --- a/queries/aws_cloudwatch_metric_data_point_4.yaml.bak +++ /dev/null @@ -1,45 +0,0 @@ -ID: aws_cloudwatch_metric_data_point_4 -Title: "Find AWS CloudWatch MetricDataPoints for defined metric" -Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - label, - timestamp, - value, - metric_stat - from - aws_cloudwatch_metric_data_point - where - id = 'm1' - and value > 1000 - and period = 86400 - and scan_by = 'TimestampDescending' - and timestamp between '2023-03-10T00:00:00Z' and '2023-03-16T00:00:00Z' - and metric_stat = '{ - "Metric": { - "Namespace": "AWS/EBS", - "MetricName": "VolumeReadOps", - "Dimensions": [ - { - "Name": "VolumeId", - "Value": "vol-00607053b218c6d74" - } - ]}, - "Stat": "Average"}'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_5.yaml.bak b/queries/aws_cloudwatch_metric_data_point_5.yaml.bak deleted file mode 100755 index 526ca935e..000000000 --- a/queries/aws_cloudwatch_metric_data_point_5.yaml.bak +++ /dev/null @@ -1,43 +0,0 @@ -ID: aws_cloudwatch_metric_data_point_5 -Title: "List all AWS CloudWatch Metric Data Points" -Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - label, - timestamp, - value, - metric_stat - from - aws_cloudwatch_metric_data_point - where - id = 'e1' - and value < 10 - and timestamp >= now() - interval '7 day' - and metric_stat = '{ - "Metric": { - "Namespace": "AWS/ElastiCache", - "MetricName": "CacheHits", - "Dimensions": [ - { - "Name": "CacheClusterId", - "Value": "cluster-delete-001" - } - ]}, - "Stat": "Sum"}' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_data_point_6.yaml.bak b/queries/aws_cloudwatch_metric_data_point_6.yaml.bak deleted file mode 100755 index e680241db..000000000 --- a/queries/aws_cloudwatch_metric_data_point_6.yaml.bak +++ /dev/null @@ -1,49 +0,0 @@ -ID: aws_cloudwatch_metric_data_point_6 -Title: "Query AWS CloudWatch Metric Data Points for Detailed Info" -Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - label, - timestamp, - value, - metric_stat - from - aws_cloudwatch_metric_data_point - where - id = 'e1' - and source_account_id = '533743456432100' - and timestamp between '2023-03-10T00:00:00Z' and '2023-03-16T00:00:00Z' - and metric_stat = '{ - "Metric": { - "Namespace": "AWS/S3", - "MetricName": "BucketSizeBytes", - "Dimensions": [ - { - "Name": "BucketName", - "Value": "steampipe-test" - }, - { - "Name": "StorageType", - "Value": "StandardStorage" - } - ]}, - "Stat": "Maximum"}' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml.bak deleted file mode 100755 index a1d4c6ace..000000000 --- a/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_cloudwatch_metric_statistic_data_point_1 -Title: "Query AWS CloudWatch Metric Statistics Data Points" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - timestamp, - round(minimum::numeric, 2) as min_cpu, - round(maximum::numeric, 2) as max_cpu, - round(average::numeric, 2) as avg_cpu, - sum, - sample_count - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/EC2' - and metric_name = 'CPUUtilization' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml.bak deleted file mode 100755 index 77ac3d9ee..000000000 --- a/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cloudwatch_metric_statistic_data_point_2 -Title: "List AWS CloudWatch Metric Statistics Data Points" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(dimensions) as dimensions, - timestamp, - round(average::numeric, 2) as avg_cpu - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/EC2' - and metric_name = 'CPUUtilization' - and average > 80 - and timestamp >= now() - interval '5 day' - and dimensions = '[ - {"Name": "InstanceId", "Value": "i-0dd7043e0f6f0f36d"} - ]' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml.bak deleted file mode 100755 index 57f5d2c48..000000000 --- a/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_cloudwatch_metric_statistic_data_point_3 -Title: "Find AWS CloudWatch Metric Statistic Data Points" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(dimensions) as dimensions, - timestamp, - average - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/EBS' - and metric_name = 'VolumeReadOps' - and average > 1000 - and timestamp between '2023-03-10T00:00:00Z' and '2023-03-16T00:00:00Z' - and period = 300 - and dimensions = '[ - {"Name": "VolumeId", "Value": "vol-00607053b218c6d74"} - ]' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml.bak deleted file mode 100755 index 125991533..000000000 --- a/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cloudwatch_metric_statistic_data_point_4 -Title: "Find AWS CloudWatch Metric Statistics Data Points" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(dimensions) as dimensions, - timestamp, - sum - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/ElastiCache' - and metric_name = 'CacheHits' - and sum < 10 - and timestamp >= now() - interval '7 day' - and dimensions = '[ - {"Name": "CacheClusterId", "Value": "cluster-delete-001"} - ]' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch Metric Statistics diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml.bak deleted file mode 100755 index 26d5a4ca3..000000000 --- a/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_cloudwatch_metric_statistic_data_point_5 -Title: "List All AWS CloudWatch Metric Statistics Data Points" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(dimensions) as dimensions, - timestamp, - maximum - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/Lambda' - and metric_name = 'Duration' - and maximum > 100 - and timestamp >= '2023-02-15T00:00:00Z' - and timestamp <= '2023-03-15T00:00:00Z' - and period = 86400 - and dimensions = '[ - {"Name": "FunctionName", "Value": "test"} - ]' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml.bak deleted file mode 100755 index 4d970d27f..000000000 --- a/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cloudwatch_metric_statistic_data_point_6 -Title: "Find AWS CloudWatch Metric Statistics Data for RDS CPU Utilization" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(dimensions) as dimensions, - timestamp, - round(average::numeric, 2) as avg_cpu - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/RDS' - and metric_name = 'CPUUtilization' - and average > 80 - and timestamp >= now() - interval '30 day' - and dimensions = '[ - {"Name": "DBInstanceIdentifier", "Value": "database-1"} - ]' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml.bak b/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml.bak deleted file mode 100755 index a8e64631f..000000000 --- a/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_cloudwatch_metric_statistic_data_point_7 -Title: "List AWS CloudWatch Metric Statistics for S3 Buckets" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(dimensions) as dimensions, - timestamp, - minimum - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/S3' - and metric_name = 'BucketSizeBytes' - and timestamp between '2023-03-6T00:00:00Z' and '2023-03-15T00:00:00Z' - and period = 86400 - and dimensions = '[ - {"Name": "BucketName", "Value": "steampipe-test"}, - {"Name": "StorageType", "Value": "StandardStorage"} - ]' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_codeartifact_domain_1.yaml.bak b/queries/aws_codeartifact_domain_1.yaml.bak deleted file mode 100755 index df24286f9..000000000 --- a/queries/aws_codeartifact_domain_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_codeartifact_domain_1 -Title: "Find AWS CodeArtifact Domains and Details" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - created_time, - encryption_key, - status, - owner, - tags - from - aws_codeartifact_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeArtifact diff --git a/queries/aws_codeartifact_domain_2.yaml.bak b/queries/aws_codeartifact_domain_2.yaml.bak deleted file mode 100755 index 0ad9e7afc..000000000 --- a/queries/aws_codeartifact_domain_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_codeartifact_domain_2 -Title: "Find AWS CodeArtifact Domains and Their Details" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - created_time, - status, - s3_bucket_arn, - tags - from - aws_codeartifact_domain - where - encryption_key is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeArtifact diff --git a/queries/aws_codeartifact_domain_3.yaml.bak b/queries/aws_codeartifact_domain_3.yaml.bak deleted file mode 100755 index e595860ff..000000000 --- a/queries/aws_codeartifact_domain_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_codeartifact_domain_3 -Title: "Find AWS CodeArtifact Domains Ownership, Encryption, Policy Info" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - created_time, - status, - s3_bucket_arn, - tags - from - aws_codeartifact_domain - where - status != 'Active'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeArtifact diff --git a/queries/aws_codeartifact_domain_4.yaml.bak b/queries/aws_codeartifact_domain_4.yaml.bak deleted file mode 100755 index 7af1e797d..000000000 --- a/queries/aws_codeartifact_domain_4.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_codeartifact_domain_4 -Title: "Find AWS CodeArtifact Domains for Ownership, Key, Policy" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - p as principal, - a as action, - s ->> 'Effect' as effect - from - aws_codeartifact_domain, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - string_to_array(p, ':') as pa, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and ( - pa [5] != account_id - or p = '*' - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeArtifact diff --git a/queries/aws_codeartifact_domain_4.yaml.bak.bak b/queries/aws_codeartifact_domain_4.yaml.bak.bak deleted file mode 100755 index 7af1e797d..000000000 --- a/queries/aws_codeartifact_domain_4.yaml.bak.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_codeartifact_domain_4 -Title: "Find AWS CodeArtifact Domains for Ownership, Key, Policy" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - p as principal, - a as action, - s ->> 'Effect' as effect - from - aws_codeartifact_domain, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - string_to_array(p, ':') as pa, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and ( - pa [5] != account_id - or p = '*' - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeArtifact diff --git a/queries/aws_codeartifact_domain_5.yaml.bak b/queries/aws_codeartifact_domain_5.yaml.bak deleted file mode 100755 index b055fb274..000000000 --- a/queries/aws_codeartifact_domain_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_codeartifact_domain_5 -Title: "Find AWS CodeArtifact Domain Ownership & Encryption Key" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.arn as domain_arn, - b.arn as bucket_arn, - d.encryption_key domain_encryption_key, - bucket_policy_is_public - from - aws_codeartifact_domain d - join aws_s3_bucket b on d.s3_bucket_arn = b.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeArtifact diff --git a/queries/aws_codeartifact_domain_6.yaml.bak b/queries/aws_codeartifact_domain_6.yaml.bak deleted file mode 100755 index 345915c9d..000000000 --- a/queries/aws_codeartifact_domain_6.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_codeartifact_domain_6 -Title: "Find AWS CodeArtifact Domains with Metadata" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.arn as domain_arn, - d.encryption_key domain_encryption_key, - key_manager, - key_state - from - aws_codeartifact_domain d - join aws_kms_key k on d.encryption_key = k.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeArtifact diff --git a/queries/aws_codeartifact_domain_7.yaml.bak b/queries/aws_codeartifact_domain_7.yaml.bak deleted file mode 100755 index 5b1a50293..000000000 --- a/queries/aws_codeartifact_domain_7.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_codeartifact_domain_7 -Title: "Find all AWS CodeArtifact Domains and Encryption Details" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.arn as domain_arn, - d.encryption_key domain_encryption_key, - key_manager, - key_state - from - aws_codeartifact_domain d - join aws_kms_key k on d.encryption_key = k.arn - where - key_manager = 'CUSTOMER'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeArtifact diff --git a/queries/aws_codeartifact_repository_1.yaml.bak b/queries/aws_codeartifact_repository_1.yaml.bak deleted file mode 100755 index dfdb5d814..000000000 --- a/queries/aws_codeartifact_repository_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_codeartifact_repository_1 -Title: "List all AWS CodeArtifact Repository with Domain Details" -Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - domain_name, - domain_owner, - upstreams, - tags - from - aws_codeartifact_repository; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS CodeArtifact diff --git a/queries/aws_codeartifact_repository_2.yaml.bak b/queries/aws_codeartifact_repository_2.yaml.bak deleted file mode 100755 index 95be43faf..000000000 --- a/queries/aws_codeartifact_repository_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_codeartifact_repository_2 -Title: "List all details about AWS CodeArtifact Repositories" -Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - domain_name, - domain_owner, - tags, - repository_endpoint - from - aws_codeartifact_repository - where - repository_endpoint is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeArtifact diff --git a/queries/aws_codeartifact_repository_3.yaml.bak b/queries/aws_codeartifact_repository_3.yaml.bak deleted file mode 100755 index 37260d529..000000000 --- a/queries/aws_codeartifact_repository_3.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_codeartifact_repository_3 -Title: "List all AWS CodeArtifact Repositories with SQL Queries" -Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - p as principal, - a as action, - s ->> 'Effect' as effect - from - aws_codeartifact_repository, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - string_to_array(p, ':') as pa, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and ( - pa [5] != account_id - or p = '*' - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS CodeArtifact diff --git a/queries/aws_codeartifact_repository_4.yaml.bak b/queries/aws_codeartifact_repository_4.yaml.bak deleted file mode 100755 index 19835e2fb..000000000 --- a/queries/aws_codeartifact_repository_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_codeartifact_repository_4 -Title: "Find AWS CodeArtifact Repository Details with SQL" -Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - domain_name, - domain_owner, - u ->> 'RepositoryName' as upstream_repo_name - from - aws_codeartifact_repository, - jsonb_array_elements(upstreams) u; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeArtifact diff --git a/queries/aws_codebuild_build_1.yaml.bak b/queries/aws_codebuild_build_1.yaml.bak deleted file mode 100755 index 994b848a1..000000000 --- a/queries/aws_codebuild_build_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_codebuild_build_1 -Title: "List all AWS CodeBuild Build Information" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - id, - build_complete, - timeout_in_minutes, - project_name, - build_status, - encryption_key, - end_time, - region - from - aws_codebuild_build; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_build_10.yaml.bak b/queries/aws_codebuild_build_10.yaml.bak deleted file mode 100755 index 4c45eb5ab..000000000 --- a/queries/aws_codebuild_build_10.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_codebuild_build_10 -Title: "Find AWS CodeBuild Build Projects Details" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - source ->> 'Auth' as source_auth, - source ->> 'BuildStatusConfig' as source_BuildStatusConfig, - source ->> 'Buildspec' as source_buildspec, - source ->> 'GitCloneDepth' as source_git_clone_depth, - source ->> 'GitSubmodulesConfig' as source_git_submodules_config, - source ->> 'GitCloneDepth' as source_git_clone_depth, - source ->> 'InsecureSsl' as source_insecure_ssl, - source ->> 'Location' as source_location, - source ->> 'ReportBuildStatus' as source_report_build_status, - source ->> 'SourceIdentifier' as source_identifier, - source ->> 'Type' as source_type - from - aws_codebuild_build; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS CodeBuild diff --git a/queries/aws_codebuild_build_10.yaml.bak.bak b/queries/aws_codebuild_build_10.yaml.bak.bak deleted file mode 100755 index 4c45eb5ab..000000000 --- a/queries/aws_codebuild_build_10.yaml.bak.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_codebuild_build_10 -Title: "Find AWS CodeBuild Build Projects Details" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - source ->> 'Auth' as source_auth, - source ->> 'BuildStatusConfig' as source_BuildStatusConfig, - source ->> 'Buildspec' as source_buildspec, - source ->> 'GitCloneDepth' as source_git_clone_depth, - source ->> 'GitSubmodulesConfig' as source_git_submodules_config, - source ->> 'GitCloneDepth' as source_git_clone_depth, - source ->> 'InsecureSsl' as source_insecure_ssl, - source ->> 'Location' as source_location, - source ->> 'ReportBuildStatus' as source_report_build_status, - source ->> 'SourceIdentifier' as source_identifier, - source ->> 'Type' as source_type - from - aws_codebuild_build; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS CodeBuild diff --git a/queries/aws_codebuild_build_11.yaml.bak b/queries/aws_codebuild_build_11.yaml.bak deleted file mode 100755 index b9b639946..000000000 --- a/queries/aws_codebuild_build_11.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_codebuild_build_11 -Title: "Find all AWS CodeBuild project builds information" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - f ->> 'Identifier' as file_system_identifier, - f ->> 'Location' as file_system_location, - f ->> 'MountOptions' as file_system_mount_options, - f ->> 'MountPoint' as file_system_mount_point, - f ->> 'Type' as file_system_type - from - aws_codebuild_build, - jsonb_array_elements(file_system_locations) as f; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS CodeBuild diff --git a/queries/aws_codebuild_build_2.yaml.bak b/queries/aws_codebuild_build_2.yaml.bak deleted file mode 100755 index b981965ad..000000000 --- a/queries/aws_codebuild_build_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_codebuild_build_2 -Title: "List AWS CodeBuild Build details with encryption key" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - id, - encryption_key - from - aws_codebuild_build - where - encryption_key is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_build_2.yaml.bak.bak b/queries/aws_codebuild_build_2.yaml.bak.bak deleted file mode 100755 index b981965ad..000000000 --- a/queries/aws_codebuild_build_2.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_codebuild_build_2 -Title: "List AWS CodeBuild Build details with encryption key" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - id, - encryption_key - from - aws_codebuild_build - where - encryption_key is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_build_3.yaml.bak b/queries/aws_codebuild_build_3.yaml.bak deleted file mode 100755 index ba67f9f5d..000000000 --- a/queries/aws_codebuild_build_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_codebuild_build_3 -Title: "Find completed builds of AWS CodeBuild projects" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - artifacts, - build_complete - from - aws_codebuild_build - where - build_complete; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_build_4.yaml.bak b/queries/aws_codebuild_build_4.yaml.bak deleted file mode 100755 index 0fe44ca0d..000000000 --- a/queries/aws_codebuild_build_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_codebuild_build_4 -Title: "List all AWS CodeBuild projects' builds information" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - vpc_config ->> 'SecurityGroupIds' as security_group_id, - vpc_config ->> 'Subnets' as subnets, - vpc_config ->> 'VpcId' as vpc_id - from - aws_codebuild_build; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_build_5.yaml.bak b/queries/aws_codebuild_build_5.yaml.bak deleted file mode 100755 index 7944ca20a..000000000 --- a/queries/aws_codebuild_build_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_codebuild_build_5 -Title: "Find all AWS CodeBuild Build Project Details" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - artifacts ->> 'ArtifactIdentifier' as artifact_id, - artifacts ->> 'BucketOwnerAccess' as bucket_owner_access, - artifacts ->> 'EncryptionDisabled' as encryption_disabled, - artifacts ->> 'OverrideArtifactName' as override_artifact_name - from - aws_codebuild_build; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_build_6.yaml.bak b/queries/aws_codebuild_build_6.yaml.bak deleted file mode 100755 index 0cbfe9639..000000000 --- a/queries/aws_codebuild_build_6.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_codebuild_build_6 -Title: "Find AWS CodeBuild Build Information with SQL" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - environment ->> 'Certificate' as environment_certificate, - environment ->> 'ComputeType' as environment_compute_type, - environment ->> 'EnvironmentVariables' as environment_variables, - environment ->> 'Image' as environment_image, - environment ->> 'ImagePullCredentialsType' as environment_image_pull_credentials_type, - environment ->> 'PrivilegedMode' as environment_privileged_mode, - environment ->> 'RegistryCredential' as environment_registry_credential, - environment ->> 'Type' as environment_type - from - aws_codebuild_build; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS CodeBuild diff --git a/queries/aws_codebuild_build_7.yaml.bak b/queries/aws_codebuild_build_7.yaml.bak deleted file mode 100755 index e78ad17be..000000000 --- a/queries/aws_codebuild_build_7.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_codebuild_build_7 -Title: "Find AWS CodeBuild project builds using SQL" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - logs -> 'S3Logs' ->> 'Status' as s3_log_status, - logs -> 'S3Logs' ->> 'Location' as s3_log_location, - logs -> 'S3Logs' ->> 'BucketOwnerAccess' as s3_log_bucket_owner_access, - logs -> 'S3Logs' ->> 'EncryptionDisabled' as s3_log_encryption_disabled, - logs ->> 'DeepLink' as deep_link, - logs ->> 'GroupName' as group_name, - logs ->> 'S3LogsArn' as s3_logs_arn, - logs ->> 'S3DeepLink' as s3_deep_link, - logs ->> 'StreamName' as stream_name, - logs ->> 'CloudWatchLogsArn' as cloud_watch_logs_arn, - logs -> 'CloudWatchLogs' ->> 'Status' as cloud_watch_logs_status, - logs -> 'CloudWatchLogs' ->> 'GroupName' as cloud_watch_logs_group_name, - logs -> 'CloudWatchLogs' ->> 'StreamName' as cloud_watch_logs_stream_name - from - aws_codebuild_build; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_build_8.yaml.bak b/queries/aws_codebuild_build_8.yaml.bak deleted file mode 100755 index e596ec28f..000000000 --- a/queries/aws_codebuild_build_8.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_codebuild_build_8 -Title: "Find all AWS CodeBuild Build Information" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - network_interface ->> 'NetworkInterfaceId' as network_interface_id, - network_interface ->> 'SubnetId' as subnet_id, - from - aws_codebuild_build; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_build_9.yaml.bak b/queries/aws_codebuild_build_9.yaml.bak deleted file mode 100755 index 67bee01eb..000000000 --- a/queries/aws_codebuild_build_9.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_codebuild_build_9 -Title: "List AWS CodeBuild Build Phases and Durations" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - p ->> 'EndTime' as end_time, - p ->> 'Contexts' as contexts, - p ->> 'PhaseType' as phase_type, - p ->> 'StartTime' as start_time, - p ->> 'DurationInSeconds' as duration_in_seconds, - p ->> 'PhaseStatus' as phase_status - from - aws_codebuild_build, - jsonb_array_elements(phases) as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_project_1.yaml.bak b/queries/aws_codebuild_project_1.yaml.bak deleted file mode 100755 index e060ecf1a..000000000 --- a/queries/aws_codebuild_project_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_codebuild_project_1 -Title: "Find AWS CodeBuild Projects with Comprehensive Details" -Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - encryption_key, - concurrent_build_limit, - source_version, - service_role, - created, - last_modified, - region - from - aws_codebuild_project; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_project_2.yaml.bak b/queries/aws_codebuild_project_2.yaml.bak deleted file mode 100755 index 53ad1f461..000000000 --- a/queries/aws_codebuild_project_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_codebuild_project_2 -Title: "List all AWS CodeBuild Projects and Details" -Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - source_version, - source ->> 'Auth' as auth, - source ->> 'BuildStatusConfig' as build_status_config, - source ->> 'Buildspec' as build_spec, - source ->> 'GitCloneDepth' as git_clone_depth, - source ->> 'GitSubmodulesConfig' as git_submodules_config, - source ->> 'InsecureSsl' as insecure_ssl, - source ->> 'Location' as location, - source ->> 'ReportBuildStatus' as report_build_status, - source ->> 'SourceIdentifier' as source_identifier, - source ->> 'Type' as type - from - aws_codebuild_project; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_project_3.yaml.bak b/queries/aws_codebuild_project_3.yaml.bak deleted file mode 100755 index 249c6d463..000000000 --- a/queries/aws_codebuild_project_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_codebuild_project_3 -Title: "List all AWS CodeBuild Projects and their details" -Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - vpc_config - from - aws_codebuild_project - where - vpc_config is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_project_4.yaml.bak b/queries/aws_codebuild_project_4.yaml.bak deleted file mode 100755 index 88d8e1a7f..000000000 --- a/queries/aws_codebuild_project_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_codebuild_project_4 -Title: "List all AWS CodeBuild Projects" -Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - logs_config -> 'CloudWatchLogs' ->> 'Status' as cloud_watch_logs_status, - logs_config -> 'S3Logs' ->> 'Status' as s3_logs_status - from - aws_codebuild_project - where - logs_config -> 'CloudWatchLogs' ->> 'Status' = 'DISABLED' - and logs_config -> 'S3Logs' ->> 'Status' = 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_project_5.yaml.bak b/queries/aws_codebuild_project_5.yaml.bak deleted file mode 100755 index f7c981bf9..000000000 --- a/queries/aws_codebuild_project_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_codebuild_project_5 -Title: "List all AWS CodeBuild Projects with Private Visibility" -Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - project_visibility - from - aws_codebuild_project - where - project_visibility = 'PRIVATE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_source_credential_1.yaml.bak b/queries/aws_codebuild_source_credential_1.yaml.bak deleted file mode 100755 index 3120a1c0a..000000000 --- a/queries/aws_codebuild_source_credential_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_codebuild_source_credential_1 -Title: "Find all AWS CodeBuild Source Credentials" -Description: "Allows users to query AWS CodeBuild Source Credentials" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - server_type, - auth_type, - region - from - aws_codebuild_source_credential; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codebuild_source_credential_2.yaml.bak b/queries/aws_codebuild_source_credential_2.yaml.bak deleted file mode 100755 index 367593ca2..000000000 --- a/queries/aws_codebuild_source_credential_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_codebuild_source_credential_2 -Title: "Find all AWS CodeBuild Source Credentials" -Description: "Allows users to query AWS CodeBuild Source Credentials" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - p.arn as project_arn, - p.source ->> 'Location' as source_repository, - p.source ->> 'Type' as source_repository_type, - c.auth_type as authorization_type - from - aws_codebuild_project as p - join aws_codebuild_source_credential as c on (p.region = c.region and p.source ->> 'Type' = c.server_type) - where - p.source ->> 'Type' = 'GITHUB' - and c.auth_type = 'OAUTH'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeBuild diff --git a/queries/aws_codecommit_repository_1.yaml.bak b/queries/aws_codecommit_repository_1.yaml.bak deleted file mode 100755 index c865d6ae4..000000000 --- a/queries/aws_codecommit_repository_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_codecommit_repository_1 -Title: "List AWS CodeCommit Repositories with Details" -Description: "Allows users to query AWS CodeCommit repositories and retrieve data such as repository name, ARN, description, clone URL, last modified date, and other related details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - repository_id, - arn, - creation_date, - region - from - aws_codecommit_repository; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeCommit diff --git a/queries/aws_codedeploy_app_1.yaml.bak b/queries/aws_codedeploy_app_1.yaml.bak deleted file mode 100755 index d08b60abb..000000000 --- a/queries/aws_codedeploy_app_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_codedeploy_app_1 -Title: "List AWS CodeDeploy Apps with Details" -Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - application_id, - application_name - compute_platform, - create_time, - region - from - aws_codedeploy_app; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_app_1.yaml.bak.bak b/queries/aws_codedeploy_app_1.yaml.bak.bak deleted file mode 100755 index d08b60abb..000000000 --- a/queries/aws_codedeploy_app_1.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_codedeploy_app_1 -Title: "List AWS CodeDeploy Apps with Details" -Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - application_id, - application_name - compute_platform, - create_time, - region - from - aws_codedeploy_app; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_app_2.yaml.bak b/queries/aws_codedeploy_app_2.yaml.bak deleted file mode 100755 index 562c91c2b..000000000 --- a/queries/aws_codedeploy_app_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_codedeploy_app_2 -Title: "List all AWS CodeDeploy Applications and Deployment Groups" -Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - count(arn) as application_count, - compute_platform - from - aws_codedeploy_app - group by - compute_platform; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_app_3.yaml.bak b/queries/aws_codedeploy_app_3.yaml.bak deleted file mode 100755 index 95907e946..000000000 --- a/queries/aws_codedeploy_app_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_codedeploy_app_3 -Title: "List all AWS CodeDeploy Apps Linked to GitHub" -Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - application_id, - compute_platform, - create_time, - github_account_name - from - aws_codedeploy_app - where - linked_to_github; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_config_1.yaml.bak b/queries/aws_codedeploy_deployment_config_1.yaml.bak deleted file mode 100755 index b8f252baa..000000000 --- a/queries/aws_codedeploy_deployment_config_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_codedeploy_deployment_config_1 -Title: "List AWS CodeDeploy Deployment Configs and Details" -Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_config_id, - deployment_config_name, - compute_platform, - create_time, - region - from - aws_codedeploy_deployment_config; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_config_2.yaml.bak b/queries/aws_codedeploy_deployment_config_2.yaml.bak deleted file mode 100755 index 5f2eb1d0c..000000000 --- a/queries/aws_codedeploy_deployment_config_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_codedeploy_deployment_config_2 -Title: "List all AWS CodeDeploy Deployment Configurations" -Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - count(arn) as configuration_count, - compute_platform - from - aws_codedeploy_deployment_config - group by - compute_platform; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_config_3.yaml.bak b/queries/aws_codedeploy_deployment_config_3.yaml.bak deleted file mode 100755 index 6751dd81f..000000000 --- a/queries/aws_codedeploy_deployment_config_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_codedeploy_deployment_config_3 -Title: "List AWS CodeDeploy Deployment Configurations" -Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_config_id, - deployment_config_name - compute_platform, - create_time, - region - from - aws_codedeploy_deployment_config - where - create_time is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_config_4.yaml.bak b/queries/aws_codedeploy_deployment_config_4.yaml.bak deleted file mode 100755 index 90b9ae2c9..000000000 --- a/queries/aws_codedeploy_deployment_config_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_codedeploy_deployment_config_4 -Title: "List all AWS CodeDeploy Deployment Configurations" -Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_config_id, - deployment_config_name - compute_platform, - minimum_healthy_hosts ->> 'Type' as host_type, - minimum_healthy_hosts ->> 'Value' as host_value, - region - from - aws_codedeploy_deployment_config - where - create_time is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_config_5.yaml.bak b/queries/aws_codedeploy_deployment_config_5.yaml.bak deleted file mode 100755 index 16bd73b30..000000000 --- a/queries/aws_codedeploy_deployment_config_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_codedeploy_deployment_config_5 -Title: "Find AWS CodeDeploy Deployment Configurations" -Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_config_id, - deployment_config_name, - traffic_routing_config -> 'TimeBasedCanary' ->> 'CanaryInterval' as canary_interval, - traffic_routing_config -> 'TimeBasedCanary' ->> 'CanaryPercentage' as canary_percentage - from - aws_codedeploy_deployment_config - where - traffic_routing_config ->> 'Type' = 'TimeBasedCanary'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_config_6.yaml.bak b/queries/aws_codedeploy_deployment_config_6.yaml.bak deleted file mode 100755 index e25de9ad5..000000000 --- a/queries/aws_codedeploy_deployment_config_6.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_codedeploy_deployment_config_6 -Title: "Find AWS CodeDeploy deployment configurations" -Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_config_id, - deployment_config_name, - traffic_routing_config -> 'TimeBasedLinear' ->> 'LinearInterval' as linear_interval, - traffic_routing_config -> 'TimeBasedLinear' ->> 'LinearPercentage' as linear_percentage - from - aws_codedeploy_deployment_config - where - traffic_routing_config ->> 'Type' = 'TimeBasedLinear'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_1.yaml.bak b/queries/aws_codedeploy_deployment_group_1.yaml.bak deleted file mode 100755 index a04e13bed..000000000 --- a/queries/aws_codedeploy_deployment_group_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_codedeploy_deployment_group_1 -Title: "Find AWS CodeDeploy Deployment Group Details" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_group_id, - deployment_group_name, - application_name, - deployment_style, - region - from - aws_codedeploy_deployment_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_2.yaml.bak b/queries/aws_codedeploy_deployment_group_2.yaml.bak deleted file mode 100755 index ddd45c746..000000000 --- a/queries/aws_codedeploy_deployment_group_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_codedeploy_deployment_group_2 -Title: "List AWS CodeDeploy Deployment Group Details and Configurations" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - count(arn) as group_count, - compute_platform - from - aws_codedeploy_deployment_group - group by - compute_platform; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_3.yaml.bak b/queries/aws_codedeploy_deployment_group_3.yaml.bak deleted file mode 100755 index 9a3113d81..000000000 --- a/queries/aws_codedeploy_deployment_group_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_codedeploy_deployment_group_3 -Title: "Find AWS CodeDeploy Deployment Group Details" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_group_id, - last_successful_deployment - from - aws_codedeploy_deployment_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_4.yaml.bak b/queries/aws_codedeploy_deployment_group_4.yaml.bak deleted file mode 100755 index 699a5799a..000000000 --- a/queries/aws_codedeploy_deployment_group_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_codedeploy_deployment_group_4 -Title: "List all AWS CodeDeploy Deployment Group Details" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - count(arn) as group_count, - deployment_style - from - aws_codedeploy_deployment_group - group by - deployment_style; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_5.yaml.bak b/queries/aws_codedeploy_deployment_group_5.yaml.bak deleted file mode 100755 index a5b796ec2..000000000 --- a/queries/aws_codedeploy_deployment_group_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_codedeploy_deployment_group_5 -Title: "Find AWS CodeDeploy Deployment Group Details including Alarms" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_group_id, - deployment_group_name, - auto_rollback_configuration ->> 'Enabled' as auto_rollback_configuration_enabled - from - aws_codedeploy_deployment_group - where - auto_rollback_configuration ->> 'Enabled' = 'true'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_6.yaml.bak b/queries/aws_codedeploy_deployment_group_6.yaml.bak deleted file mode 100755 index 272f3275b..000000000 --- a/queries/aws_codedeploy_deployment_group_6.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_codedeploy_deployment_group_6 -Title: "Find AWS CodeDeploy Deployment Group Details" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn as group_arn, - deployment_group_id, - deployment_group_name, - auto_scaling_groups ->> 'Hook' as auto_scaling_group_hook, - auto_scaling_groups ->> 'Name' as auto_scaling_group_name - from - aws_codedeploy_deployment_group - where - application_name = 'abc' - and deployment_group_name = 'def'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_6.yaml.bak.bak b/queries/aws_codedeploy_deployment_group_6.yaml.bak.bak deleted file mode 100755 index 272f3275b..000000000 --- a/queries/aws_codedeploy_deployment_group_6.yaml.bak.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_codedeploy_deployment_group_6 -Title: "Find AWS CodeDeploy Deployment Group Details" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn as group_arn, - deployment_group_id, - deployment_group_name, - auto_scaling_groups ->> 'Hook' as auto_scaling_group_hook, - auto_scaling_groups ->> 'Name' as auto_scaling_group_name - from - aws_codedeploy_deployment_group - where - application_name = 'abc' - and deployment_group_name = 'def'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codedeploy_deployment_group_7.yaml.bak b/queries/aws_codedeploy_deployment_group_7.yaml.bak deleted file mode 100755 index 1036ffa01..000000000 --- a/queries/aws_codedeploy_deployment_group_7.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_codedeploy_deployment_group_7 -Title: "Find AWS CodeDeploy Deployment Groups with Alarm Configs" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_group_id, - deployment_group_name, - alarm_configuration ->> 'Enabled' as alarm_configuration_enabled - from - aws_codedeploy_deployment_group - where - alarm_configuration ->> 'Enabled' = 'true'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeDeploy diff --git a/queries/aws_codepipeline_pipeline_1.yaml.bak b/queries/aws_codepipeline_pipeline_1.yaml.bak deleted file mode 100755 index 35c1a81dc..000000000 --- a/queries/aws_codepipeline_pipeline_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_codepipeline_pipeline_1 -Title: "List all AWS CodePipeline Pipeline Data" -Description: "Allows users to query AWS CodePipeline Pipeline data, including pipeline names, statuses, stages, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - tags_src, - region, - account_id - from - aws_codepipeline_pipeline; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - CodePipeline diff --git a/queries/aws_codepipeline_pipeline_2.yaml.bak b/queries/aws_codepipeline_pipeline_2.yaml.bak deleted file mode 100755 index 32f830c70..000000000 --- a/queries/aws_codepipeline_pipeline_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_codepipeline_pipeline_2 -Title: "List all AWS CodePipeline Pipelines and Metadata" -Description: "Allows users to query AWS CodePipeline Pipeline data, including pipeline names, statuses, stages, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - encryption_key - from - aws_codepipeline_pipeline - where - encryption_key is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS CodePipeline diff --git a/queries/aws_codestar_notification_rule_1.yaml.bak b/queries/aws_codestar_notification_rule_1.yaml.bak deleted file mode 100755 index 2988a9364..000000000 --- a/queries/aws_codestar_notification_rule_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_codestar_notification_rule_1 -Title: "Find all CodeStar notification rules in AWS using SQL" -Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - resource, - detail_type, - status - from - aws_codestar_notification_rule; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeStar diff --git a/queries/aws_codestar_notification_rule_2.yaml.bak b/queries/aws_codestar_notification_rule_2.yaml.bak deleted file mode 100755 index 9f9ced62d..000000000 --- a/queries/aws_codestar_notification_rule_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_codestar_notification_rule_2 -Title: "Find AWS CodeStar notification rules using SQL" -Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - pipeline.name as pipeline, - notification_rule.name notification_rule, - notification_rule.status - from - aws_codepipeline_pipeline as pipeline - left join aws_codestar_notification_rule as notification_rule on pipeline.arn = notification_rule.resource; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeStar diff --git a/queries/aws_codestar_notification_rule_3.yaml.bak b/queries/aws_codestar_notification_rule_3.yaml.bak deleted file mode 100755 index daceea6a3..000000000 --- a/queries/aws_codestar_notification_rule_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_codestar_notification_rule_3 -Title: "List all AWS CodeStar notification rules with no targets" -Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name - from - aws_codestar_notification_rule - where - jsonb_array_length(targets) = 0; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeStar diff --git a/queries/aws_codestar_notification_rule_4.yaml.bak b/queries/aws_codestar_notification_rule_4.yaml.bak deleted file mode 100755 index d14783c2a..000000000 --- a/queries/aws_codestar_notification_rule_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_codestar_notification_rule_4 -Title: "List all AWS CodeStar Notification Rules with Target Details" -Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - notification_rule.name as notification_rule, - target ->> 'TargetType' as target_type, - topic.title as target_topic - from - aws_codestar_notification_rule as notification_rule cross - join jsonb_array_elements(notification_rule.targets) as target - left join aws_sns_topic as topic on target ->> 'TargetAddress' = topic.topic_arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeStar diff --git a/queries/aws_codestar_notification_rule_5.yaml.bak b/queries/aws_codestar_notification_rule_5.yaml.bak deleted file mode 100755 index d3ead873e..000000000 --- a/queries/aws_codestar_notification_rule_5.yaml.bak +++ /dev/null @@ -1,38 +0,0 @@ -ID: aws_codestar_notification_rule_5 -Title: "List AWS CodeStar Notification Rules with Targets" -Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with rule_target as ( - select - arn, - target ->> 'TargetAddress' as target_address, - target ->> 'TargetStatus' as target_status, - target ->> 'TargetType' as target_type - from - aws_codestar_notification_rule cross - join jsonb_array_elements(targets) as target - ) - select - notification_rule.name as notification_rule, - rule_target.target_type, - topic.title as target_topic - from - aws_codestar_notification_rule as notification_rule - left join rule_target on rule_target.arn = notification_rule.arn - left join aws_sns_topic as topic on rule_target.target_address = topic.topic_arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CodeStar diff --git a/queries/aws_cognito_identity_pool_1.yaml.bak b/queries/aws_cognito_identity_pool_1.yaml.bak deleted file mode 100755 index 81abcf19c..000000000 --- a/queries/aws_cognito_identity_pool_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cognito_identity_pool_1 -Title: "List AWS Cognito Identity Pools with Config and Roles" -Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity_pool_id, - identity_pool_name, - tags, - region, - account_id - from - aws_cognito_identity_pool; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Cognito diff --git a/queries/aws_cognito_identity_pool_2.yaml.bak b/queries/aws_cognito_identity_pool_2.yaml.bak deleted file mode 100755 index 22aca55ad..000000000 --- a/queries/aws_cognito_identity_pool_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cognito_identity_pool_2 -Title: "List AWS Cognito Identity Pools and Their Configurations" -Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity_pool_id, - identity_pool_name, - allow_classic_flow - from - aws_cognito_identity_pool - where - allow_classic_flow; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Cognito diff --git a/queries/aws_cognito_identity_pool_3.yaml.bak b/queries/aws_cognito_identity_pool_3.yaml.bak deleted file mode 100755 index 38b7fea0d..000000000 --- a/queries/aws_cognito_identity_pool_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cognito_identity_pool_3 -Title: "List AWS Cognito Identity Pools and Configurations" -Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity_pool_id, - identity_pool_name, - allow_classic_flow - from - aws_cognito_identity_pool - where - allow_unauthenticated_identities; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Cognito Identity Pools diff --git a/queries/aws_cognito_identity_pool_4.yaml.bak b/queries/aws_cognito_identity_pool_4.yaml.bak deleted file mode 100755 index 5d369a86a..000000000 --- a/queries/aws_cognito_identity_pool_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cognito_identity_pool_4 -Title: "List all AWS Cognito Identity Pools with Detailed Info" -Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity_pool_id, - identity_pool_name, - allow_classic_flow, - cognito_identity_providers ->> 'ClientId' as identity_provider_client_id, - cognito_identity_providers ->> 'ProviderName' as identity_provider_name, - cognito_identity_providers ->> 'ServerSideTokenCheck' as server_side_token_enabled - from - aws_cognito_identity_pool - where - identity_pool_id = 'eu-west-3:e96205bf-1ef2-4fe6-a748-65e948673960'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Cognito Identity Pools diff --git a/queries/aws_cognito_identity_provider_1.yaml.bak b/queries/aws_cognito_identity_provider_1.yaml.bak deleted file mode 100755 index f0a040ac7..000000000 --- a/queries/aws_cognito_identity_provider_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cognito_identity_provider_1 -Title: "Find AWS Cognito Identity Provider Configurations" -Description: "Allows users to query AWS Cognito Identity Providers, providing essential details about the identity provider configurations within AWS Cognito User Pools." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - provider_name, - user_pool_id, - region, - account_id - from - aws_cognito_identity_provider - where - user_pool_id = 'us-east-1_012345678'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Cognito diff --git a/queries/aws_cognito_identity_provider_2.yaml.bak b/queries/aws_cognito_identity_provider_2.yaml.bak deleted file mode 100755 index b0fb77744..000000000 --- a/queries/aws_cognito_identity_provider_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cognito_identity_provider_2 -Title: "Find AWS Cognito Identity Providers Using SQL" -Description: "Allows users to query AWS Cognito Identity Providers, providing essential details about the identity provider configurations within AWS Cognito User Pools." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - provider_name, - user_pool_id, - provider_details - from - aws_cognito_identity_provider - where - provider_type = 'Google' - and user_pool_id = 'us-east-1_012345678'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cognito diff --git a/queries/aws_cognito_user_pool_1.yaml.bak b/queries/aws_cognito_user_pool_1.yaml.bak deleted file mode 100755 index e36aece09..000000000 --- a/queries/aws_cognito_user_pool_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cognito_user_pool_1 -Title: "Find AWS Cognito User Pools and their configuration" -Description: "Allows users to query AWS Cognito User Pools to fetch detailed information about each user pool, including the pool''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - tags, - region, - account_id - from - aws_cognito_user_pool; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cognito User Pools diff --git a/queries/aws_cognito_user_pool_2.yaml.bak b/queries/aws_cognito_user_pool_2.yaml.bak deleted file mode 100755 index f04fda858..000000000 --- a/queries/aws_cognito_user_pool_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cognito_user_pool_2 -Title: "List All AWS Cognito User Pools with MFA Configuration" -Description: "Allows users to query AWS Cognito User Pools to fetch detailed information about each user pool, including the pool''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - mfa_configuration - from - aws_cognito_user_pool - where - mfa_configuration != 'OFF'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Cognito diff --git a/queries/aws_config_aggregate_authorization_1.yaml.bak b/queries/aws_config_aggregate_authorization_1.yaml.bak deleted file mode 100755 index 8847f1586..000000000 --- a/queries/aws_config_aggregate_authorization_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_config_aggregate_authorization_1 -Title: "Find AWS Config Aggregate Authorizations Info" -Description: "Allows users to query AWS Config Aggregate Authorizations, providing vital information about AWS Config rules and their respective authorizations in an aggregated form." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - authorized_account_id, - authorized_aws_region, - creation_time - from - aws_config_aggregate_authorization; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_configuration_recorder_1.yaml.bak b/queries/aws_config_configuration_recorder_1.yaml.bak deleted file mode 100755 index bf9e0dba4..000000000 --- a/queries/aws_config_configuration_recorder_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_config_configuration_recorder_1 -Title: "Find AWS Config Configuration Recorder using SQL" -Description: "Allows users to query AWS Config Configuration Recorder" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - role_arn, - status, - recording_group, - status_recording, - akas, - title - from - aws_config_configuration_recorder; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Config Configuration Recorder diff --git a/queries/aws_config_configuration_recorder_2.yaml.bak b/queries/aws_config_configuration_recorder_2.yaml.bak deleted file mode 100755 index 6336db0df..000000000 --- a/queries/aws_config_configuration_recorder_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_config_configuration_recorder_2 -Title: "Find AWS Config Configuration Recorder Status" -Description: "Allows users to query AWS Config Configuration Recorder" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - role_arn, - status_recording, - title - from - aws_config_configuration_recorder - where - not status_recording; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_configuration_recorder_3.yaml.bak b/queries/aws_config_configuration_recorder_3.yaml.bak deleted file mode 100755 index f158236ab..000000000 --- a/queries/aws_config_configuration_recorder_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_config_configuration_recorder_3 -Title: "Find all AWS Config Configuration Recorder using SQL" -Description: "Allows users to query AWS Config Configuration Recorder" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - status ->> 'LastStatus' as last_status, - status ->> 'LastStatusChangeTime' as last_status_change_time, - status ->> 'LastErrorCode' as last_error_code, - status ->> 'LastErrorMessage' as last_error_message - from - aws_config_configuration_recorder - where - status ->> 'LastStatus' = 'FAILURE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_conformance_pack_1.yaml.bak b/queries/aws_config_conformance_pack_1.yaml.bak deleted file mode 100755 index 2da34e187..000000000 --- a/queries/aws_config_conformance_pack_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_config_conformance_pack_1 -Title: "List all AWS Config Conformance Packs" -Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - conformance_pack_id, - created_by, - last_update_requested_time, - title, - akas - from - aws_config_conformance_pack; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_conformance_pack_1.yaml.bak.bak b/queries/aws_config_conformance_pack_1.yaml.bak.bak deleted file mode 100755 index 2da34e187..000000000 --- a/queries/aws_config_conformance_pack_1.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_config_conformance_pack_1 -Title: "List all AWS Config Conformance Packs" -Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - conformance_pack_id, - created_by, - last_update_requested_time, - title, - akas - from - aws_config_conformance_pack; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_conformance_pack_2.yaml.bak b/queries/aws_config_conformance_pack_2.yaml.bak deleted file mode 100755 index fa1ab8f11..000000000 --- a/queries/aws_config_conformance_pack_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_config_conformance_pack_2 -Title: "List all AWS Config Conformance Packs Info" -Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - conformance_pack_id, - delivery_s3_bucket, - delivery_s3_key_prefix - from - aws_config_conformance_pack; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_conformance_pack_3.yaml.bak b/queries/aws_config_conformance_pack_3.yaml.bak deleted file mode 100755 index 05987a513..000000000 --- a/queries/aws_config_conformance_pack_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_config_conformance_pack_3 -Title: "Find all AWS Config Conformance Packs and Parameters" -Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - inp ->> 'ParameterName' as parameter_name, - inp ->> 'ParameterValue' as parameter_value, - title, - akas - from - aws_config_conformance_pack, - jsonb_array_elements(input_parameters) as inp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_retention_configuration_1.yaml.bak b/queries/aws_config_retention_configuration_1.yaml.bak deleted file mode 100755 index ac7546f2c..000000000 --- a/queries/aws_config_retention_configuration_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_config_retention_configuration_1 -Title: "List AWS Config Retention Configuration Details" -Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - retention_period_in_days, - title, - region - from - aws_config_retention_configuration; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_retention_configuration_2.yaml.bak b/queries/aws_config_retention_configuration_2.yaml.bak deleted file mode 100755 index 24734f277..000000000 --- a/queries/aws_config_retention_configuration_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_config_retention_configuration_2 -Title: "Find AWS Config Retention Configuration Details" -Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - retention_period_in_days, - title - from - aws_config_retention_configuration - where - retention_period_in_days < 356; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_retention_configuration_3.yaml.bak b/queries/aws_config_retention_configuration_3.yaml.bak deleted file mode 100755 index 32cec67e6..000000000 --- a/queries/aws_config_retention_configuration_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_config_retention_configuration_3 -Title: "Find AWS Config Retention Configuration Retention Period" -Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - retention_period_in_days, - title, - region - from - aws_config_retention_configuration - where - region = 'us-east-1'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_retention_configuration_4.yaml.bak b/queries/aws_config_retention_configuration_4.yaml.bak deleted file mode 100755 index be8106577..000000000 --- a/queries/aws_config_retention_configuration_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_config_retention_configuration_4 -Title: "Find AWS Config Retention Configuration Using SQL" -Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.title as configuration_recorder, - r.name as retention_configuration_name, - r.retention_period_in_days, - r.region - from - aws_config_retention_configuration as r - left join aws_config_configuration_recorder as c - on - r.region = c.region; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_rule_1.yaml.bak b/queries/aws_config_rule_1.yaml.bak deleted file mode 100755 index 58fbee4c6..000000000 --- a/queries/aws_config_rule_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_config_rule_1 -Title: "List all AWS Config Rules with Details" -Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - arn, - rule_state, - created_by, - scope - from - aws_config_rule; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Config diff --git a/queries/aws_config_rule_2.yaml.bak b/queries/aws_config_rule_2.yaml.bak deleted file mode 100755 index 7c44c4120..000000000 --- a/queries/aws_config_rule_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_config_rule_2 -Title: "Find AWS Config Rules with Inactive Rule State" -Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - arn, - rule_state - from - aws_config_rule - where - rule_state <> 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Config diff --git a/queries/aws_config_rule_3.yaml.bak b/queries/aws_config_rule_3.yaml.bak deleted file mode 100755 index 906f058a8..000000000 --- a/queries/aws_config_rule_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_config_rule_3 -Title: "Find AWS Config Rules for S3 Buckets by Name" -Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - tags - from - aws_config_rule - where - name Like '%s3-bucket%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_rule_4.yaml.bak b/queries/aws_config_rule_4.yaml.bak deleted file mode 100755 index a4960ca5c..000000000 --- a/queries/aws_config_rule_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_config_rule_4 -Title: "Find AWS Config Rule Info Including Compliance Status" -Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(compliance_by_config_rule) as compliance_info - from - aws_config_rule - where - name = 'approved-amis-by-id'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_rule_5.yaml.bak b/queries/aws_config_rule_5.yaml.bak deleted file mode 100755 index 7ad6603ea..000000000 --- a/queries/aws_config_rule_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_config_rule_5 -Title: "Find Config Rules in AWS with Compliance Status" -Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as config_rule_name, - compliance_status -> 'Compliance' -> 'ComplianceType' as compliance_type - from - aws_config_rule, - jsonb_array_elements(compliance_by_config_rule) as compliance_status; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_rule_5.yaml.bak.bak b/queries/aws_config_rule_5.yaml.bak.bak deleted file mode 100755 index 7ad6603ea..000000000 --- a/queries/aws_config_rule_5.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_config_rule_5 -Title: "Find Config Rules in AWS with Compliance Status" -Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as config_rule_name, - compliance_status -> 'Compliance' -> 'ComplianceType' as compliance_type - from - aws_config_rule, - jsonb_array_elements(compliance_by_config_rule) as compliance_status; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Config diff --git a/queries/aws_config_rule_6.yaml.bak b/queries/aws_config_rule_6.yaml.bak deleted file mode 100755 index 73dd53291..000000000 --- a/queries/aws_config_rule_6.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_config_rule_6 -Title: "List all AWS Config Rules with Proactive Evaluation Mode" -Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as config_rule_name, - c ->> 'Mode' as evaluation_mode - from - aws_config_rule, - jsonb_array_elements(evaluation_modes) as c - where - c ->> 'Mode' = 'PROACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Config Rules diff --git a/queries/aws_cost_by_account_daily_1.yaml.bak b/queries/aws_cost_by_account_daily_1.yaml.bak deleted file mode 100755 index 9f2b9cb38..000000000 --- a/queries/aws_cost_by_account_daily_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_cost_by_account_daily_1 -Title: "Find AWS Cost and Usage By Account Daily" -Description: "Allows users to query daily AWS costs by account. This table provides an overview of AWS usage and cost data for each AWS account on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_account_daily - order by - linked_account_id, - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_account_daily_2.yaml.bak b/queries/aws_cost_by_account_daily_2.yaml.bak deleted file mode 100755 index 8d48ed3fd..000000000 --- a/queries/aws_cost_by_account_daily_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cost_by_account_daily_2 -Title: "List AWS Daily Costs by Account Overview with SQL" -Description: "Allows users to query daily AWS costs by account. This table provides an overview of AWS usage and cost data for each AWS account on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_account_daily - group by - linked_account_id - order by - linked_account_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cost Explorer diff --git a/queries/aws_cost_by_account_daily_3.yaml.bak b/queries/aws_cost_by_account_daily_3.yaml.bak deleted file mode 100755 index 816db5bee..000000000 --- a/queries/aws_cost_by_account_daily_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cost_by_account_daily_3 -Title: "Find Daily AWS Costs by Account" -Description: "Allows users to query daily AWS costs by account. This table provides an overview of AWS usage and cost data for each AWS account on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with ranked_costs as ( - select - linked_account_id, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by linked_account_id order by unblended_cost_amount desc) - from - aws_cost_by_account_daily - ) - select * from ranked_costs where rank <= 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_account_monthly_1.yaml.bak b/queries/aws_cost_by_account_monthly_1.yaml.bak deleted file mode 100755 index 7c7da0236..000000000 --- a/queries/aws_cost_by_account_monthly_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cost_by_account_monthly_1 -Title: "List AWS Monthly Costs Per Account Using AWS Cost Explorer" -Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_account_monthly - order by - linked_account_id, - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cost Explorer diff --git a/queries/aws_cost_by_account_monthly_2.yaml.bak b/queries/aws_cost_by_account_monthly_2.yaml.bak deleted file mode 100755 index b558182c1..000000000 --- a/queries/aws_cost_by_account_monthly_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cost_by_account_monthly_2 -Title: "Find Monthly AWS Costs Per Account" -Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_account_monthly - group by - linked_account_id - order by - linked_account_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_account_monthly_3.yaml.bak b/queries/aws_cost_by_account_monthly_3.yaml.bak deleted file mode 100755 index 1e5bd2ad9..000000000 --- a/queries/aws_cost_by_account_monthly_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cost_by_account_monthly_3 -Title: "List all Monthly AWS Costs Per Account" -Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by linked_account_id order by unblended_cost_amount desc) - from - aws_cost_by_account_monthly; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer Service diff --git a/queries/aws_cost_by_account_monthly_4.yaml.bak b/queries/aws_cost_by_account_monthly_4.yaml.bak deleted file mode 100755 index 1abb85bc0..000000000 --- a/queries/aws_cost_by_account_monthly_4.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: aws_cost_by_account_monthly_4 -Title: "Find AWS Monthly Cost Per Account for Management" -Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with cost_data as ( - select - linked_account_id, - period_start, - unblended_cost_amount as this_month, - lag(unblended_cost_amount,-1) over(partition by linked_account_id order by period_start desc) as previous_month - from - aws_cost_by_account_monthly - ) - select - linked_account_id, - period_start, - this_month::numeric::money, - previous_month::numeric::money, - round((100 * ( (this_month - previous_month) / previous_month))::numeric, 2) as percent_change - from - cost_data - order by - linked_account_id, - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_record_type_daily_1.yaml.bak b/queries/aws_cost_by_record_type_daily_1.yaml.bak deleted file mode 100755 index 5475316fa..000000000 --- a/queries/aws_cost_by_record_type_daily_1.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cost_by_record_type_daily_1 -Title: "List Daily AWS Cost Data by Record Type" -Description: "Allows users to query daily AWS cost data by record type. This table provides information about AWS costs incurred per record type on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - record_type, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_record_type_daily - order by - linked_account_id, - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cost and Usage Report diff --git a/queries/aws_cost_by_record_type_daily_2.yaml.bak b/queries/aws_cost_by_record_type_daily_2.yaml.bak deleted file mode 100755 index 61599000f..000000000 --- a/queries/aws_cost_by_record_type_daily_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_cost_by_record_type_daily_2 -Title: "List all AWS costs by record type on a daily basis" -Description: "Allows users to query daily AWS cost data by record type. This table provides information about AWS costs incurred per record type on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - record_type, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_record_type_daily - group by - linked_account_id, - record_type - order by - linked_account_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost and Usage Report diff --git a/queries/aws_cost_by_record_type_daily_3.yaml.bak b/queries/aws_cost_by_record_type_daily_3.yaml.bak deleted file mode 100755 index 5f6aac779..000000000 --- a/queries/aws_cost_by_record_type_daily_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cost_by_record_type_daily_3 -Title: "List All Daily AWS Costs by Record Type" -Description: "Allows users to query daily AWS cost data by record type. This table provides information about AWS costs incurred per record type on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with ranked_costs as ( - select - linked_account_id, - record_type, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by linked_account_id, record_type order by unblended_cost_amount desc) - from - aws_cost_by_record_type_daily - ) - select * from ranked_costs where rank <= 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost and Usage Report diff --git a/queries/aws_cost_by_record_type_monthly_1.yaml.bak b/queries/aws_cost_by_record_type_monthly_1.yaml.bak deleted file mode 100755 index a8c833e0d..000000000 --- a/queries/aws_cost_by_record_type_monthly_1.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cost_by_record_type_monthly_1 -Title: "Find AWS Cost and Usage Report Records Monthly" -Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - record_type, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_record_type_monthly - order by - linked_account_id, - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost and Usage Report diff --git a/queries/aws_cost_by_record_type_monthly_2.yaml.bak b/queries/aws_cost_by_record_type_monthly_2.yaml.bak deleted file mode 100755 index 505ede410..000000000 --- a/queries/aws_cost_by_record_type_monthly_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_cost_by_record_type_monthly_2 -Title: "Find AWS Monthly Cost and Usage Report Records" -Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - record_type, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_record_type_monthly - group by - linked_account_id, - record_type - order by - linked_account_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost and Usage Report diff --git a/queries/aws_cost_by_record_type_monthly_3.yaml.bak b/queries/aws_cost_by_record_type_monthly_3.yaml.bak deleted file mode 100755 index 15af52a83..000000000 --- a/queries/aws_cost_by_record_type_monthly_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cost_by_record_type_monthly_3 -Title: "List AWS Cost and Usage Report Records Monthly" -Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - record_type, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by linked_account_id, record_type order by unblended_cost_amount desc) - from - aws_cost_by_record_type_monthly; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost and Usage Report diff --git a/queries/aws_cost_by_record_type_monthly_3.yaml.bak.bak b/queries/aws_cost_by_record_type_monthly_3.yaml.bak.bak deleted file mode 100755 index 15af52a83..000000000 --- a/queries/aws_cost_by_record_type_monthly_3.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cost_by_record_type_monthly_3 -Title: "List AWS Cost and Usage Report Records Monthly" -Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - record_type, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by linked_account_id, record_type order by unblended_cost_amount desc) - from - aws_cost_by_record_type_monthly; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost and Usage Report diff --git a/queries/aws_cost_by_service_daily_1.yaml.bak b/queries/aws_cost_by_service_daily_1.yaml.bak deleted file mode 100755 index 0947167ab..000000000 --- a/queries/aws_cost_by_service_daily_1.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_cost_by_service_daily_1 -Title: "List all Daily AWS Costs by Service" -Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_service_daily - order by - service, - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_service_daily_2.yaml.bak b/queries/aws_cost_by_service_daily_2.yaml.bak deleted file mode 100755 index 76a36b5e3..000000000 --- a/queries/aws_cost_by_service_daily_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cost_by_service_daily_2 -Title: "List AWS Cost Explorer Daily Service Cost Breakdown" -Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_daily - group by - service - order by - service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cost Explorer diff --git a/queries/aws_cost_by_service_daily_3.yaml.bak b/queries/aws_cost_by_service_daily_3.yaml.bak deleted file mode 100755 index 8fb24e022..000000000 --- a/queries/aws_cost_by_service_daily_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_cost_by_service_daily_3 -Title: "Find daily cost breakdown by AWS service" -Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_daily - group by - service - order by - average desc - limit 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cost Explorer diff --git a/queries/aws_cost_by_service_daily_4.yaml.bak b/queries/aws_cost_by_service_daily_4.yaml.bak deleted file mode 100755 index b34a308ed..000000000 --- a/queries/aws_cost_by_service_daily_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cost_by_service_daily_4 -Title: "List all AWS Cost Breakdown by Service" -Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_daily - group by - service - order by - sum desc - limit 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_service_daily_5.yaml.bak b/queries/aws_cost_by_service_daily_5.yaml.bak deleted file mode 100755 index 8a6d1377e..000000000 --- a/queries/aws_cost_by_service_daily_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cost_by_service_daily_5 -Title: "Find Top 10 AWS Daily Costs by Service" -Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with ranked_costs as ( - select - service, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by service order by unblended_cost_amount desc) - from - aws_cost_by_service_daily - ) - select * from ranked_costs where rank <= 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_service_daily_5.yaml.bak.bak b/queries/aws_cost_by_service_daily_5.yaml.bak.bak deleted file mode 100755 index 8a6d1377e..000000000 --- a/queries/aws_cost_by_service_daily_5.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cost_by_service_daily_5 -Title: "Find Top 10 AWS Daily Costs by Service" -Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with ranked_costs as ( - select - service, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by service order by unblended_cost_amount desc) - from - aws_cost_by_service_daily - ) - select * from ranked_costs where rank <= 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_service_monthly_1.yaml.bak b/queries/aws_cost_by_service_monthly_1.yaml.bak deleted file mode 100755 index 7ffc5f257..000000000 --- a/queries/aws_cost_by_service_monthly_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_cost_by_service_monthly_1 -Title: "List AWS monthly cost breakdown by service" -Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_service_monthly - order by - service, - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cost Explorer Service diff --git a/queries/aws_cost_by_service_monthly_2.yaml.bak b/queries/aws_cost_by_service_monthly_2.yaml.bak deleted file mode 100755 index e2a5fd65e..000000000 --- a/queries/aws_cost_by_service_monthly_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cost_by_service_monthly_2 -Title: "List AWS Monthly Cost Breakdown by Service" -Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_monthly - group by - service - order by - service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cost Explorer diff --git a/queries/aws_cost_by_service_monthly_3.yaml.bak b/queries/aws_cost_by_service_monthly_3.yaml.bak deleted file mode 100755 index 5e195d04c..000000000 --- a/queries/aws_cost_by_service_monthly_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cost_by_service_monthly_3 -Title: "Find AWS Monthly Cost Breakdown by Service" -Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_monthly - group by - service - order by - average desc - limit 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cost Explorer Service diff --git a/queries/aws_cost_by_service_monthly_4.yaml.bak b/queries/aws_cost_by_service_monthly_4.yaml.bak deleted file mode 100755 index a8600680d..000000000 --- a/queries/aws_cost_by_service_monthly_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_cost_by_service_monthly_4 -Title: "List all AWS monthly cost breakdown by service" -Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_monthly - group by - service - order by - sum desc - limit 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_service_monthly_5.yaml.bak b/queries/aws_cost_by_service_monthly_5.yaml.bak deleted file mode 100755 index c32250e92..000000000 --- a/queries/aws_cost_by_service_monthly_5.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_cost_by_service_monthly_5 -Title: "List all AWS monthly cost breakdowns by service" -Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with ranked_costs as ( - select - service, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by service order by unblended_cost_amount desc) - from - aws_cost_by_service_monthly - ) - select * from ranked_costs where rank = 1; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_service_monthly_6.yaml.bak b/queries/aws_cost_by_service_monthly_6.yaml.bak deleted file mode 100755 index 2aa509637..000000000 --- a/queries/aws_cost_by_service_monthly_6.yaml.bak +++ /dev/null @@ -1,42 +0,0 @@ -ID: aws_cost_by_service_monthly_6 -Title: "List AWS Monthly Cost Breakdown by Service" -Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with cost_data as ( - select - service, - period_start, - unblended_cost_amount as this_month, - lag(unblended_cost_amount,-1) over(partition by service order by period_start desc) as previous_month - from - aws_cost_by_service_monthly - ) - select - service, - period_start, - this_month::numeric::money, - previous_month::numeric::money, - case - when previous_month = 0 and this_month = 0 then 0 - when previous_month = 0 then 999 - else round((100 * ( (this_month - previous_month) / previous_month))::numeric, 2) - end as percent_change - from - cost_data - order by - service, - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cost Explorer diff --git a/queries/aws_cost_by_service_usage_type_daily_1.yaml.bak b/queries/aws_cost_by_service_usage_type_daily_1.yaml.bak deleted file mode 100755 index 323ca048c..000000000 --- a/queries/aws_cost_by_service_usage_type_daily_1.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cost_by_service_usage_type_daily_1 -Title: "Find daily AWS Cost Explorer Service usage and costs" -Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_service_usage_type_daily - order by - service, - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_service_usage_type_daily_2.yaml.bak b/queries/aws_cost_by_service_usage_type_daily_2.yaml.bak deleted file mode 100755 index e485bed6d..000000000 --- a/queries/aws_cost_by_service_usage_type_daily_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cost_by_service_usage_type_daily_2 -Title: "List all AWS service usage and costs by usage type" -Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_usage_type_daily - group by - service, - usage_type - order by - service, - usage_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer Service diff --git a/queries/aws_cost_by_service_usage_type_daily_3.yaml.bak b/queries/aws_cost_by_service_usage_type_daily_3.yaml.bak deleted file mode 100755 index a0aba2e7a..000000000 --- a/queries/aws_cost_by_service_usage_type_daily_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_cost_by_service_usage_type_daily_3 -Title: "" -Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_usage_type_daily - group by - service, - usage_type - order by - average desc - limit 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: {} diff --git a/queries/aws_cost_by_service_usage_type_daily_4.yaml.bak b/queries/aws_cost_by_service_usage_type_daily_4.yaml.bak deleted file mode 100755 index cf2d556fc..000000000 --- a/queries/aws_cost_by_service_usage_type_daily_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cost_by_service_usage_type_daily_4 -Title: "List AWS Daily Service Usage and Costs" -Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_usage_type_daily - group by - service, - usage_type - order by - sum desc - limit 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_service_usage_type_monthly_1.yaml.bak b/queries/aws_cost_by_service_usage_type_monthly_1.yaml.bak deleted file mode 100755 index 4e38b4cbc..000000000 --- a/queries/aws_cost_by_service_usage_type_monthly_1.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cost_by_service_usage_type_monthly_1 -Title: "Find AWS Monthly Cost by Service and Usage Type" -Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_service_usage_type_monthly - order by - service, - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_service_usage_type_monthly_2.yaml.bak b/queries/aws_cost_by_service_usage_type_monthly_2.yaml.bak deleted file mode 100755 index 3a4414c8b..000000000 --- a/queries/aws_cost_by_service_usage_type_monthly_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cost_by_service_usage_type_monthly_2 -Title: "Query AWS Cost Explorer for Service & Usage Monthly" -Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_usage_type_monthly - group by - service, - usage_type - order by - service, - usage_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cost Explorer diff --git a/queries/aws_cost_by_service_usage_type_monthly_3.yaml.bak b/queries/aws_cost_by_service_usage_type_monthly_3.yaml.bak deleted file mode 100755 index fd67268a8..000000000 --- a/queries/aws_cost_by_service_usage_type_monthly_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_cost_by_service_usage_type_monthly_3 -Title: "Find AWS Cost by Service and Usage Type Monthly" -Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_usage_type_monthly - group by - service, - usage_type - order by - average desc - limit 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_service_usage_type_monthly_4.yaml.bak b/queries/aws_cost_by_service_usage_type_monthly_4.yaml.bak deleted file mode 100755 index 960d8b3c7..000000000 --- a/queries/aws_cost_by_service_usage_type_monthly_4.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_cost_by_service_usage_type_monthly_4 -Title: "List all AWS Cost per Service and Usage Type Monthly" -Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_usage_type_monthly - group by - service, - usage_type - order by - sum desc - limit 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_by_tag_1.yaml.bak b/queries/aws_cost_by_tag_1.yaml.bak deleted file mode 100755 index 9396024c8..000000000 --- a/queries/aws_cost_by_tag_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_cost_by_tag_1 -Title: "Find all AWS Cost Allocation Tags and Associated Costs" -Description: "Allows users to query AWS Cost Explorer to obtain cost allocation tags and associated costs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - tag_key_1, - tag_value_1, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_tag - where - granularity = 'DAILY' - and - tag_key_1 = 'Name'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: {} diff --git a/queries/aws_cost_by_tag_2.yaml.bak b/queries/aws_cost_by_tag_2.yaml.bak deleted file mode 100755 index 04eceb94b..000000000 --- a/queries/aws_cost_by_tag_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_cost_by_tag_2 -Title: "Find AWS Cost Explorer Tag Allocations and Costs" -Description: "Allows users to query AWS Cost Explorer to obtain cost allocation tags and associated costs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - tag_key_1, - tag_value_1, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_tag - where - granularity = 'DAILY' - and - tag_key_1 = 'Name' - group by - tag_key_1, tag_value_1; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws diff --git a/queries/aws_cost_by_tag_3.yaml.bak b/queries/aws_cost_by_tag_3.yaml.bak deleted file mode 100755 index 52437182a..000000000 --- a/queries/aws_cost_by_tag_3.yaml.bak +++ /dev/null @@ -1,42 +0,0 @@ -ID: aws_cost_by_tag_3 -Title: "List Top 10 AWS Costs by Tag Using SQL" -Description: "Allows users to query AWS Cost Explorer to obtain cost allocation tags and associated costs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with ranked_costs as - ( - select - tag_key_1, - tag_value_1, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by tag_key_1 - order by - unblended_cost_amount desc) - from - aws_cost_by_tag - where - granularity = 'DAILY' - and tag_key_1 = 'Name' - ) - select - * - from - ranked_costs - where - rank <= 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_forecast_daily_1.yaml.bak b/queries/aws_cost_forecast_daily_1.yaml.bak deleted file mode 100755 index 06f052a59..000000000 --- a/queries/aws_cost_forecast_daily_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_cost_forecast_daily_1 -Title: "Find Daily Cost Forecast Insights with AWS Cost Explorer" -Description: "Allows users to query AWS Cost Explorer''s daily cost forecast data, providing insights into projected daily costs based on historical data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - period_start, - period_end, - mean_value::numeric::money - from - aws_cost_forecast_daily - order by - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cost Explorer diff --git a/queries/aws_cost_forecast_monthly_1.yaml.bak b/queries/aws_cost_forecast_monthly_1.yaml.bak deleted file mode 100755 index c05005675..000000000 --- a/queries/aws_cost_forecast_monthly_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_cost_forecast_monthly_1 -Title: "Find Cost Forecasts in AWS Cost Explorer for Monthly Costs" -Description: "Allows users to query Cost Forecasts in AWS Cost Explorer for monthly cost predictions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - period_start, - period_end, - mean_value::numeric::money - from - aws_cost_forecast_monthly - order by - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_forecast_monthly_2.yaml.bak b/queries/aws_cost_forecast_monthly_2.yaml.bak deleted file mode 100755 index 0f7888c52..000000000 --- a/queries/aws_cost_forecast_monthly_2.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_cost_forecast_monthly_2 -Title: "List AWS Monthly Cost Forecasts using SQL" -Description: "Allows users to query Cost Forecasts in AWS Cost Explorer for monthly cost predictions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with cost_data as ( - select - period_start, - mean_value as this_month, - lag(mean_value,-1) over(order by period_start desc) as previous_month - from - aws_cost_forecast_monthly - ) - select - period_start, - this_month::numeric::money, - previous_month::numeric::money, - case - when previous_month = 0 and this_month = 0 then 0 - when previous_month = 0 then 999 - else round((100 * ( (this_month - previous_month) / previous_month))::numeric, 2) - end as percent_change - from - cost_data - order by - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_usage_1.yaml.bak b/queries/aws_cost_usage_1.yaml.bak deleted file mode 100755 index 4923edd67..000000000 --- a/queries/aws_cost_usage_1.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cost_usage_1 -Title: "Find AWS Cost Explorer Service Cost and Usage Data" -Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - period_start, - dimension_1 as account_id, - dimension_2 as service_name, - net_unblended_cost_amount::numeric::money - from - aws_cost_usage - where - granularity = 'MONTHLY' - and dimension_type_1 = 'LINKED_ACCOUNT' - and dimension_type_2 = 'SERVICE' - order by - dimension_1, - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer Service diff --git a/queries/aws_cost_usage_2.yaml.bak b/queries/aws_cost_usage_2.yaml.bak deleted file mode 100755 index ab3962b35..000000000 --- a/queries/aws_cost_usage_2.yaml.bak +++ /dev/null @@ -1,42 +0,0 @@ -ID: aws_cost_usage_2 -Title: "List Top 5 AWS Cost and Usage Data" -Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with ranked_costs as ( - select - dimension_1 as account_id, - dimension_2 as service_name, - sum(net_unblended_cost_amount)::numeric::money as net_unblended_cost, - rank() over(partition by dimension_1 order by sum(net_unblended_cost_amount) desc) - from - aws_cost_usage - where - granularity = 'MONTHLY' - and dimension_type_1 = 'LINKED_ACCOUNT' - and dimension_type_2 = 'SERVICE' - group by - dimension_1, - dimension_2 - order by - dimension_1, - net_unblended_cost desc - ) - select * from ranked_costs where rank <=5 - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer diff --git a/queries/aws_cost_usage_3.yaml.bak b/queries/aws_cost_usage_3.yaml.bak deleted file mode 100755 index 1da41ea08..000000000 --- a/queries/aws_cost_usage_3.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_cost_usage_3 -Title: "Find All AWS Monthly Cost and Usage Data" -Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - period_start, - dimension_1 as account_id, - dimension_2 as record_type, - net_unblended_cost_amount::numeric::money - from - aws_cost_usage - where - granularity = 'MONTHLY' - and dimension_type_1 = 'LINKED_ACCOUNT' - and dimension_type_2 = 'RECORD_TYPE' - order by - dimension_1, - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cost Explorer diff --git a/queries/aws_cost_usage_4.yaml.bak b/queries/aws_cost_usage_4.yaml.bak deleted file mode 100755 index 91c98e436..000000000 --- a/queries/aws_cost_usage_4.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_cost_usage_4 -Title: "List all AWS Cost and Usage Data from Cost Explorer Service" -Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - period_start, - dimension_1 as account_id, - dimension_2 as record_type, - net_unblended_cost_amount::numeric::money - from - aws_cost_usage - where - granularity = 'MONTHLY' - and dimension_type_1 = 'LINKED_ACCOUNT' - and dimension_type_2 = 'RECORD_TYPE' - and dimension_2 in ('DiscountedUsage', 'Credit') - order by - dimension_1, - period_start; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cost Explorer Service diff --git a/queries/aws_dax_cluster_1.yaml.bak b/queries/aws_dax_cluster_1.yaml.bak deleted file mode 100755 index 33aa16dc5..000000000 --- a/queries/aws_dax_cluster_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_dax_cluster_1 -Title: "List all AWS DAX Clusters with Configuration Details" -Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - description, - active_nodes, - iam_role_arn, - status, - region - from - aws_dax_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DAX diff --git a/queries/aws_dax_cluster_2.yaml.bak b/queries/aws_dax_cluster_2.yaml.bak deleted file mode 100755 index 65fe5acef..000000000 --- a/queries/aws_dax_cluster_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_dax_cluster_2 -Title: "List all AWS DAX Clusters and Their Configurations" -Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - description, - sse_description ->> 'Status' as sse_status - from - aws_dax_cluster - where - sse_description ->> 'Status' = 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DAX diff --git a/queries/aws_dax_cluster_3.yaml.bak b/queries/aws_dax_cluster_3.yaml.bak deleted file mode 100755 index 4e176d9c0..000000000 --- a/queries/aws_dax_cluster_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_dax_cluster_3 -Title: "List all AWS DAX Clusters with Configuration and Status" -Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - node_type, - count(*) as count - from - aws_dax_cluster - where - node_type not in ('cache.m5.large', 'cache.m4.4xlarge') - group by - cluster_name, node_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DAX diff --git a/queries/aws_dax_cluster_4.yaml.bak b/queries/aws_dax_cluster_4.yaml.bak deleted file mode 100755 index 8ff4b873e..000000000 --- a/queries/aws_dax_cluster_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_dax_cluster_4 -Title: "Find AWS DAX Cluster Configurations and Status" -Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - subnet_group, - sg ->> 'SecurityGroupIdentifier' as sg_id, - n ->> 'AvailabilityZone' as az_name, - cluster_discovery_endpoint ->> 'Address' as cluster_discovery_endpoint_address, - cluster_discovery_endpoint ->> 'Port' as cluster_discovery_endpoint_port - from - aws_dax_cluster, - jsonb_array_elements(security_groups) as sg, - jsonb_array_elements(nodes) as n; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DAX diff --git a/queries/aws_dax_cluster_4.yaml.bak.bak b/queries/aws_dax_cluster_4.yaml.bak.bak deleted file mode 100755 index 8ff4b873e..000000000 --- a/queries/aws_dax_cluster_4.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_dax_cluster_4 -Title: "Find AWS DAX Cluster Configurations and Status" -Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - subnet_group, - sg ->> 'SecurityGroupIdentifier' as sg_id, - n ->> 'AvailabilityZone' as az_name, - cluster_discovery_endpoint ->> 'Address' as cluster_discovery_endpoint_address, - cluster_discovery_endpoint ->> 'Port' as cluster_discovery_endpoint_port - from - aws_dax_cluster, - jsonb_array_elements(security_groups) as sg, - jsonb_array_elements(nodes) as n; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DAX diff --git a/queries/aws_dax_parameter_1.yaml.bak b/queries/aws_dax_parameter_1.yaml.bak deleted file mode 100755 index 8f5dcf9bb..000000000 --- a/queries/aws_dax_parameter_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_dax_parameter_1 -Title: "Find AWS DAX Parameter Groups Configuration Settings" -Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - parameter_name, - parameter_group_name, - parameter_value, - data_type, - parameter_type - from - aws_dax_parameter; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DAX diff --git a/queries/aws_dax_parameter_2.yaml.bak b/queries/aws_dax_parameter_2.yaml.bak deleted file mode 100755 index fa28cdd2e..000000000 --- a/queries/aws_dax_parameter_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_dax_parameter_2 -Title: "List AWS DAX Parameter Groups and Their Settings" -Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - parameter_group_name, - region, - count(parameter_name) as number_of_parameters - from - aws_dax_parameter - group by - parameter_group_name, - region; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DAX diff --git a/queries/aws_dax_parameter_2.yaml.bak.bak b/queries/aws_dax_parameter_2.yaml.bak.bak deleted file mode 100755 index fa28cdd2e..000000000 --- a/queries/aws_dax_parameter_2.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_dax_parameter_2 -Title: "List AWS DAX Parameter Groups and Their Settings" -Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - parameter_group_name, - region, - count(parameter_name) as number_of_parameters - from - aws_dax_parameter - group by - parameter_group_name, - region; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DAX diff --git a/queries/aws_dax_parameter_3.yaml.bak b/queries/aws_dax_parameter_3.yaml.bak deleted file mode 100755 index 49cd8a901..000000000 --- a/queries/aws_dax_parameter_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_dax_parameter_3 -Title: "List All DAX Parameter Groups and Configurations in AWS" -Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - parameter_name, - parameter_group_name, - parameter_value, - data_type, - parameter_type, - is_modifiable - from - aws_dax_parameter - where - is_modifiable = 'TRUE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DAX diff --git a/queries/aws_dax_parameter_group_1.yaml.bak b/queries/aws_dax_parameter_group_1.yaml.bak deleted file mode 100755 index b4122bd4a..000000000 --- a/queries/aws_dax_parameter_group_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_dax_parameter_group_1 -Title: "List AWS DAX Parameter Groups and Details" -Description: "Allows users to query AWS DynamoDB Accelerator (DAX) Parameter Groups, providing details such as parameter group name, ARN, description, and parameter settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - parameter_group_name, - description, - region - from - aws_dax_parameter_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB Accelerator (DAX) diff --git a/queries/aws_dax_parameter_group_2.yaml.bak b/queries/aws_dax_parameter_group_2.yaml.bak deleted file mode 100755 index 48e2c299d..000000000 --- a/queries/aws_dax_parameter_group_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_dax_parameter_group_2 -Title: "Find all AWS DAX Parameter Groups and their Settings" -Description: "Allows users to query AWS DynamoDB Accelerator (DAX) Parameter Groups, providing details such as parameter group name, ARN, description, and parameter settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - p.parameter_group_name, - c.cluster_name, - c.node_type, - c.status - from - aws_dax_parameter_group as p, - aws_dax_cluster as c - where - c.parameter_group ->> 'ParameterGroupName' = p.parameter_group_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB Accelerator diff --git a/queries/aws_dax_subnet_group_1.yaml.bak b/queries/aws_dax_subnet_group_1.yaml.bak deleted file mode 100755 index 916d18921..000000000 --- a/queries/aws_dax_subnet_group_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_dax_subnet_group_1 -Title: "List AWS DAX Subnet Group Details" -Description: "Allows users to query AWS DAX Subnet Group details, such as the subnet group name, description, VPC ID, and the subnets in the group." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subnet_group_name, - description, - vpc_id, - subnets, - region - from - aws_dax_subnet_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS DAX diff --git a/queries/aws_dax_subnet_group_2.yaml.bak b/queries/aws_dax_subnet_group_2.yaml.bak deleted file mode 100755 index 6e4697057..000000000 --- a/queries/aws_dax_subnet_group_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_dax_subnet_group_2 -Title: "Find AWS DAX Subnet Group details including VPC info" -Description: "Allows users to query AWS DAX Subnet Group details, such as the subnet group name, description, VPC ID, and the subnets in the group." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subnet_group_name, - v.vpc_id, - v.arn as vpc_arn, - v.cidr_block as vpc_cidr_block, - v.state as vpc_state, - v.is_default as is_default_vpc, - v.region - from - aws_dax_subnet_group g - join aws_vpc v - on v.vpc_id = g.vpc_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - DAX diff --git a/queries/aws_dax_subnet_group_3.yaml.bak b/queries/aws_dax_subnet_group_3.yaml.bak deleted file mode 100755 index 8279b2327..000000000 --- a/queries/aws_dax_subnet_group_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_dax_subnet_group_3 -Title: "List all AWS DAX Subnet Group details" -Description: "Allows users to query AWS DAX Subnet Group details, such as the subnet group name, description, VPC ID, and the subnets in the group." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subnet_group_name, - g.vpc_id, - vs.subnet_arn, - vs.cidr_block as subnet_cidr_block, - vs.state as subnet_state, - vs.availability_zone as subnet_availability_zone, - vs.region - from - aws_dax_subnet_group g, - jsonb_array_elements(subnets) s - join aws_vpc_subnet vs - on vs.subnet_id = s ->> 'SubnetIdentifier'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DAX Subnet Group diff --git a/queries/aws_directory_service_certificate_1.yaml.bak b/queries/aws_directory_service_certificate_1.yaml.bak deleted file mode 100755 index c7afcd6c1..000000000 --- a/queries/aws_directory_service_certificate_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_directory_service_certificate_1 -Title: "Find AWS Directory Service Certificates and Details" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - directory_id, - certificate_id, - common_name, - type, - state, - expiry_date_time - from - aws_directory_service_certificate; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Directory Service diff --git a/queries/aws_directory_service_certificate_2.yaml.bak b/queries/aws_directory_service_certificate_2.yaml.bak deleted file mode 100755 index 6a1a2afae..000000000 --- a/queries/aws_directory_service_certificate_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_directory_service_certificate_2 -Title: "List all AWS Directory Service Certificates" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.certificate_id, - c.common_name, - c.directory_id, - c.type as certificate_type, - d.name as directory_name, - d.type as directory_type - from - aws_directory_service_certificate c, - aws_directory_service_directory d - where - d.type = 'MicrosoftAD'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Directory Service diff --git a/queries/aws_directory_service_certificate_2.yaml.bak.bak b/queries/aws_directory_service_certificate_2.yaml.bak.bak deleted file mode 100755 index 6a1a2afae..000000000 --- a/queries/aws_directory_service_certificate_2.yaml.bak.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_directory_service_certificate_2 -Title: "List all AWS Directory Service Certificates" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.certificate_id, - c.common_name, - c.directory_id, - c.type as certificate_type, - d.name as directory_name, - d.type as directory_type - from - aws_directory_service_certificate c, - aws_directory_service_directory d - where - d.type = 'MicrosoftAD'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Directory Service diff --git a/queries/aws_directory_service_certificate_3.yaml.bak b/queries/aws_directory_service_certificate_3.yaml.bak deleted file mode 100755 index 33dad67aa..000000000 --- a/queries/aws_directory_service_certificate_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_directory_service_certificate_3 -Title: "Find AWS Directory Service Certificates with Specific States" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - common_name, - directory_id, - type, - state - from - aws_directory_service_certificate - where - state = 'Deregistered'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Directory Service diff --git a/queries/aws_directory_service_certificate_4.yaml.bak b/queries/aws_directory_service_certificate_4.yaml.bak deleted file mode 100755 index 00dc27267..000000000 --- a/queries/aws_directory_service_certificate_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_directory_service_certificate_4 -Title: "Find AWS Directory Service Certificates with SQL Query" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - directory_id, - certificate_id, - common_name, - type, - state, - expiry_date_time - from - aws_directory_service_certificate - where - expiry_date_time >= now() + interval '7' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Directory Service diff --git a/queries/aws_directory_service_certificate_5.yaml.bak b/queries/aws_directory_service_certificate_5.yaml.bak deleted file mode 100755 index 662e221a4..000000000 --- a/queries/aws_directory_service_certificate_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_directory_service_certificate_5 -Title: "List all AWS Directory Service Certificates' Information" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - directory_id, - certificate_id, - common_name, - client_cert_auth_settings -> 'OCSPUrl' as ocsp_url - from - aws_directory_service_certificate; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Directory Service diff --git a/queries/aws_directory_service_certificate_6.yaml.bak b/queries/aws_directory_service_certificate_6.yaml.bak deleted file mode 100755 index 31a0c8be4..000000000 --- a/queries/aws_directory_service_certificate_6.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_directory_service_certificate_6 -Title: "List all Directory Service Certificates in AWS" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - directory_id, - count(*) as certificate_count - from - aws_directory_service_certificate - group by - directory_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Directory Service diff --git a/queries/aws_directory_service_certificate_7.yaml.bak b/queries/aws_directory_service_certificate_7.yaml.bak deleted file mode 100755 index 06ffa1b4b..000000000 --- a/queries/aws_directory_service_certificate_7.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_directory_service_certificate_7 -Title: "Find AWS Directory Service Certificates older than 1 year" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - common_name, - directory_id, - type, - state - from - aws_directory_service_certificate - where - registered_date_time <= now() - interval '1 year' - and state not like 'Deregister%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Directory Service diff --git a/queries/aws_directory_service_certificate_8.yaml.bak b/queries/aws_directory_service_certificate_8.yaml.bak deleted file mode 100755 index 8c0c31fab..000000000 --- a/queries/aws_directory_service_certificate_8.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_directory_service_certificate_8 -Title: "Find AWS Directory Service Certificates Details" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct partition, - registered_date_time - from - aws_directory_service_certificate - order by - partition, - registered_date_time desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Directory Service diff --git a/queries/aws_directory_service_directory_1.yaml.bak b/queries/aws_directory_service_directory_1.yaml.bak deleted file mode 100755 index 0e911215d..000000000 --- a/queries/aws_directory_service_directory_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_directory_service_directory_1 -Title: "Query AWS Directory Service Directories for Information" -Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - directory_id - from - aws_directory_service_directory; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Directory Service diff --git a/queries/aws_directory_service_directory_2.yaml.bak b/queries/aws_directory_service_directory_2.yaml.bak deleted file mode 100755 index fd38d7f1e..000000000 --- a/queries/aws_directory_service_directory_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_directory_service_directory_2 -Title: "Find AWS Managed and Simple AD Directory Details" -Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - directory_id, - type - from - aws_directory_service_directory - where - type = 'MicrosoftAD'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Directory Service diff --git a/queries/aws_directory_service_directory_3.yaml.bak b/queries/aws_directory_service_directory_3.yaml.bak deleted file mode 100755 index a6728aecc..000000000 --- a/queries/aws_directory_service_directory_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_directory_service_directory_3 -Title: "List all AWS Managed and Simple AD Directory Info" -Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - sd ->> 'ShareMethod' share_method, - sd ->> 'ShareStatus' share_status, - sd ->> 'SharedAccountId' shared_account_id, - sd ->> 'SharedDirectoryId' shared_directory_id - from - aws_directory_service_directory, - jsonb_array_elements(shared_directories) sd; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Directory Service diff --git a/queries/aws_directory_service_directory_4.yaml.bak b/queries/aws_directory_service_directory_4.yaml.bak deleted file mode 100755 index 0f59d31e9..000000000 --- a/queries/aws_directory_service_directory_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_directory_service_directory_4 -Title: "List all AWS Directory Service Directories" -Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - snapshot_limit ->> 'ManualSnapshotsCurrentCount' as manual_snapshots_current_count, - snapshot_limit ->> 'ManualSnapshotsLimit' as manual_snapshots_limit, - snapshot_limit ->> 'ManualSnapshotsLimitReached' as manual_snapshots_limit_reached - from - aws_directory_service_directory; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Directory Service diff --git a/queries/aws_directory_service_directory_5.yaml.bak b/queries/aws_directory_service_directory_5.yaml.bak deleted file mode 100755 index ff1624ce8..000000000 --- a/queries/aws_directory_service_directory_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_directory_service_directory_5 -Title: "List All AWS Directory Service Directory Information" -Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - e ->> 'CreatedDateTime' as topic_created_date_time, - e ->> 'Status' as topic_status, - e ->> 'TopicArn' as topic_arn, - e ->> 'TopicName' as topic_name - from - aws_directory_service_directory, - jsonb_array_elements(event_topics) as e; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Directory Service diff --git a/queries/aws_directory_servicelog_subscription_1.yaml.bak b/queries/aws_directory_servicelog_subscription_1.yaml.bak deleted file mode 100755 index 7079c690b..000000000 --- a/queries/aws_directory_servicelog_subscription_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_directory_servicelog_subscription_1 -Title: "List all AWS Directory Service Log Subscriptions" -Description: "Allows users to query AWS Directory Service Log Subscription to obtain detailed information about each log subscription associated with the AWS Directory Service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - partition, - subscription_created_date_time, - directory_id, - title - from - aws_directory_service_log_subscription; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Directory Service diff --git a/queries/aws_directory_servicelog_subscription_2.yaml.bak b/queries/aws_directory_servicelog_subscription_2.yaml.bak deleted file mode 100755 index a99c14a7d..000000000 --- a/queries/aws_directory_servicelog_subscription_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_directory_servicelog_subscription_2 -Title: "List AWS Directory Service Log Subscriptions with Details" -Description: "Allows users to query AWS Directory Service Log Subscription to obtain detailed information about each log subscription associated with the AWS Directory Service." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.log_group_name, - d.name as directory_name, - d.arn as directory_arn, - d.directory_id, - d.type as directory_type - from - aws_directory_service_log_subscription as s - left join aws_directory_service_directory as d on s.directory_id = d.directory_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Directory Service diff --git a/queries/aws_directory_servicelog_subscription_2.yaml.bak.bak b/queries/aws_directory_servicelog_subscription_2.yaml.bak.bak deleted file mode 100755 index a99c14a7d..000000000 --- a/queries/aws_directory_servicelog_subscription_2.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_directory_servicelog_subscription_2 -Title: "List AWS Directory Service Log Subscriptions with Details" -Description: "Allows users to query AWS Directory Service Log Subscription to obtain detailed information about each log subscription associated with the AWS Directory Service." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.log_group_name, - d.name as directory_name, - d.arn as directory_arn, - d.directory_id, - d.type as directory_type - from - aws_directory_service_log_subscription as s - left join aws_directory_service_directory as d on s.directory_id = d.directory_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Directory Service diff --git a/queries/aws_dlm_lifecycle_policy_1.yaml.bak b/queries/aws_dlm_lifecycle_policy_1.yaml.bak deleted file mode 100755 index 02d683725..000000000 --- a/queries/aws_dlm_lifecycle_policy_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_dlm_lifecycle_policy_1 -Title: "List AWS DLM Lifecycle Policies and Details" -Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_id, - arn, - date_created - from - aws_dlm_lifecycle_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS DLM diff --git a/queries/aws_dlm_lifecycle_policy_2.yaml.bak b/queries/aws_dlm_lifecycle_policy_2.yaml.bak deleted file mode 100755 index 00b8bfc21..000000000 --- a/queries/aws_dlm_lifecycle_policy_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_dlm_lifecycle_policy_2 -Title: "List All AWS DLM Lifecycle Policies and Details" -Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_id, - arn, - date_created, - policy_type, - s ->> 'ShareRules' as share_rules - from - aws_dlm_lifecycle_policy, - jsonb_array_elements(policy_details -> 'Schedules') s - where - s ->> 'ShareRules' is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DLM Lifecycle Policy diff --git a/queries/aws_dlm_lifecycle_policy_3.yaml.bak b/queries/aws_dlm_lifecycle_policy_3.yaml.bak deleted file mode 100755 index 45fbaddb1..000000000 --- a/queries/aws_dlm_lifecycle_policy_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_dlm_lifecycle_policy_3 -Title: "List all AWS DLM Lifecycle Policies with Configuration" -Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_id, - arn, - date_created, - policy_type, - s ->> 'CrossRegionCopyRules' as cross_region_copy_rules - from - aws_dlm_lifecycle_policy, - jsonb_array_elements(policy_details -> 'Schedules') s - where - s ->> 'CrossRegionCopyRules' is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DLM diff --git a/queries/aws_dlm_lifecycle_policy_4.yaml.bak b/queries/aws_dlm_lifecycle_policy_4.yaml.bak deleted file mode 100755 index c5cf2651f..000000000 --- a/queries/aws_dlm_lifecycle_policy_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_dlm_lifecycle_policy_4 -Title: "List AWS DLM Lifecycle Policies with Configuration and Status" -Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_id, - arn, - date_created, - policy_type, - s -> 'RetainRule' ->> 'Count' as retain_count - from - aws_dlm_lifecycle_policy, - jsonb_array_elements(policy_details -> 'Schedules') s - where - s -> 'RetainRule' is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS DLM diff --git a/queries/aws_dms_certificate_1.yaml.bak b/queries/aws_dms_certificate_1.yaml.bak deleted file mode 100755 index face30601..000000000 --- a/queries/aws_dms_certificate_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_dms_certificate_1 -Title: "Find all AWS DMS Certificates and Their Details" -Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_identifier, - arn, - certificate_creation_date, - signing_algorithm, - valid_to_date, - region - from - aws_dms_certificate; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_dms_certificate_2.yaml.bak b/queries/aws_dms_certificate_2.yaml.bak deleted file mode 100755 index 2ca789faa..000000000 --- a/queries/aws_dms_certificate_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_dms_certificate_2 -Title: "Find all AWS DMS Certificates Expiring in 10 Days" -Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_identifier, - arn, - key_length, - signing_algorithm, - valid_to_date - from - aws_dms_certificate - where - valid_to_date <= current_date + interval '10' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_dms_certificate_2.yaml.bak.bak b/queries/aws_dms_certificate_2.yaml.bak.bak deleted file mode 100755 index 2ca789faa..000000000 --- a/queries/aws_dms_certificate_2.yaml.bak.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_dms_certificate_2 -Title: "Find all AWS DMS Certificates Expiring in 10 Days" -Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_identifier, - arn, - key_length, - signing_algorithm, - valid_to_date - from - aws_dms_certificate - where - valid_to_date <= current_date + interval '10' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_dms_certificate_3.yaml.bak b/queries/aws_dms_certificate_3.yaml.bak deleted file mode 100755 index 6176ff069..000000000 --- a/queries/aws_dms_certificate_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_dms_certificate_3 -Title: "List all AWS DMS Certificates and Details" -Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_identifier, - arn, - signing_algorithm, - key_length, - certificate_owner - from - aws_dms_certificate - where - signing_algorithm = 'SHA256withRSA'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - DMS diff --git a/queries/aws_dms_certificate_4.yaml.bak b/queries/aws_dms_certificate_4.yaml.bak deleted file mode 100755 index 62b3e8d14..000000000 --- a/queries/aws_dms_certificate_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_dms_certificate_4 -Title: "Find AWS DMS Certificates for Data Migration Security" -Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_identifier, - arn, - certificate_owner, - account_id - from - aws_dms_certificate - where - certificate_owner <> account_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_dms_certificate_5.yaml.bak b/queries/aws_dms_certificate_5.yaml.bak deleted file mode 100755 index d8f98ac28..000000000 --- a/queries/aws_dms_certificate_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_dms_certificate_5 -Title: "Find all AWS DMS Certificates with Details" -Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_identifier, - arn, - certificate_owner, - (valid_to_date - current_date) as days_left, - region - from - aws_dms_certificate; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_dms_endpoint_1.yaml.bak b/queries/aws_dms_endpoint_1.yaml.bak deleted file mode 100755 index 7d7e6674b..000000000 --- a/queries/aws_dms_endpoint_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_dms_endpoint_1 -Title: "Find AWS DMS Endpoints Connection Info for Databases" -Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_identifier, - arn, - certificate_arn, - database_name, - endpoint_type, - engine_display_name, - engine_name - from - aws_dms_endpoint; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_dms_endpoint_2.yaml.bak b/queries/aws_dms_endpoint_2.yaml.bak deleted file mode 100755 index b3198ee1a..000000000 --- a/queries/aws_dms_endpoint_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_dms_endpoint_2 -Title: "Find AWS DMS Endpoints Connection Info for Migration" -Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_identifier, - arn, - engine_display_name, - endpoint_type, - engine_name - from - aws_dms_endpoint - where - endpoint_type = 'SOURCE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DMS diff --git a/queries/aws_dms_endpoint_3.yaml.bak b/queries/aws_dms_endpoint_3.yaml.bak deleted file mode 100755 index 89fd7dcd8..000000000 --- a/queries/aws_dms_endpoint_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_dms_endpoint_3 -Title: "List all AWS DMS Endpoints for connection details" -Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_identifier, - arn, - engine_name, - instance_create_time, - my_sql_settings - from - aws_dms_endpoint - where - engine_name = 'mysql'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - DMS diff --git a/queries/aws_dms_endpoint_4.yaml.bak b/queries/aws_dms_endpoint_4.yaml.bak deleted file mode 100755 index 1b3c3c331..000000000 --- a/queries/aws_dms_endpoint_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_dms_endpoint_4 -Title: "List All AWS DMS Endpoints for Database Migrations" -Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_identifier, - kms_key_id, - server_name, - service_access_role_arn, - ssl_mode - from - aws_dms_endpoint - where - ssl_mode <> 'none'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_dms_endpoint_5.yaml.bak b/queries/aws_dms_endpoint_5.yaml.bak deleted file mode 100755 index 95ef25a99..000000000 --- a/queries/aws_dms_endpoint_5.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: aws_dms_endpoint_5 -Title: "Find AWS DMS Endpoints and Retrieve Connection Information" -Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_identifier, - arn, - my_sql_settings ->> 'AfterConnectScript' as after_connect_script, - (my_sql_settings ->> 'CleanSourceMetadataOnMismatch')::boolean as clean_source_metadata_on_mismatch, - my_sql_settings ->> 'DatabaseName' as database_name, - (my_sql_settings ->> 'EventsPollInterval')::integer as events_poll_interval, - (my_sql_settings ->> 'ExecuteTimeout')::integer as execute_timeout, - (my_sql_settings ->> 'MaxFileSize')::integer as max_file_size, - (my_sql_settings ->> 'ParallelLoadThreads')::integer as parallel_load_threads, - my_sql_settings ->> 'Password' as password, - (my_sql_settings ->> 'Port')::integer as port, - my_sql_settings ->> 'SecretsManagerAccessRoleArn' as secrets_manager_access_role_arn, - my_sql_settings ->> 'SecretsManagerSecretId' as secrets_manager_secret_id, - my_sql_settings ->> 'ServerName' as server_name, - my_sql_settings ->> 'ServerTimezone' as server_timezone, - my_sql_settings ->> 'TargetDbType' as target_db_type, - my_sql_settings ->> 'Username' as username - from - aws_dms_endpoint - where - engine_name = 'mysql'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS DMS Endpoints diff --git a/queries/aws_dms_replication_instance_1.yaml.bak b/queries/aws_dms_replication_instance_1.yaml.bak deleted file mode 100755 index fd3f52c5e..000000000 --- a/queries/aws_dms_replication_instance_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_dms_replication_instance_1 -Title: "List all AWS DMS Replication Instances" -Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_instance_identifier, - arn, - engine_version, - instance_create_time, - kms_key_id, - publicly_accessible, - region - from - aws_dms_replication_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_dms_replication_instance_2.yaml.bak b/queries/aws_dms_replication_instance_2.yaml.bak deleted file mode 100755 index ef2de1139..000000000 --- a/queries/aws_dms_replication_instance_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_dms_replication_instance_2 -Title: "List all AWS DMS Replication Instances for Asset Management" -Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_instance_identifier, - arn, - engine_version, - instance_create_time, - auto_minor_version_upgrade, - region - from - aws_dms_replication_instance - where - not auto_minor_version_upgrade; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_dms_replication_instance_3.yaml.bak b/queries/aws_dms_replication_instance_3.yaml.bak deleted file mode 100755 index be727552e..000000000 --- a/queries/aws_dms_replication_instance_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_dms_replication_instance_3 -Title: "Find AWS Database Migration Service Replication Instances" -Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_instance_identifier, - arn, - engine_version, - instance_create_time, - replication_instance_class, - region - from - aws_dms_replication_instance - where - replication_instance_class not in ('dms.r5.16xlarge', 'dms.r5.24xlarge'); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_dms_replication_instance_4.yaml.bak b/queries/aws_dms_replication_instance_4.yaml.bak deleted file mode 100755 index d0784ab08..000000000 --- a/queries/aws_dms_replication_instance_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_dms_replication_instance_4 -Title: "List all AWS Database Migration Service Replication Instances" -Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_instance_identifier, - arn, - publicly_accessible, - region - from - aws_dms_replication_instance - where - publicly_accessible; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_dms_replication_instance_5.yaml.bak b/queries/aws_dms_replication_instance_5.yaml.bak deleted file mode 100755 index e9caaf772..000000000 --- a/queries/aws_dms_replication_instance_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_dms_replication_instance_5 -Title: "Find AWS Database Migration Service Replication Instances" -Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_instance_identifier, - arn, - publicly_accessible, - multi_az, - region - from - aws_dms_replication_instance - where - not multi_az; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_dms_replication_task_1.yaml.bak b/queries/aws_dms_replication_task_1.yaml.bak deleted file mode 100755 index 23efa7d20..000000000 --- a/queries/aws_dms_replication_task_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_dms_replication_task_1 -Title: "List AWS DMS Replication Task Information" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_task_identifier, - arn, - migration_type, - status, - replication_task_creation_date - from - aws_dms_replication_task; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS DMS Replication Tasks diff --git a/queries/aws_dms_replication_task_2.yaml.bak b/queries/aws_dms_replication_task_2.yaml.bak deleted file mode 100755 index 924f45a81..000000000 --- a/queries/aws_dms_replication_task_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_dms_replication_task_2 -Title: "List AWS DMS Replication Tasks for Data Migration" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_task_identifier, - migration_type, - status - from - aws_dms_replication_task - where - migration_type = 'full-load'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - DMS diff --git a/queries/aws_dms_replication_task_3.yaml.bak b/queries/aws_dms_replication_task_3.yaml.bak deleted file mode 100755 index 8c253bf7d..000000000 --- a/queries/aws_dms_replication_task_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_dms_replication_task_3 -Title: "Find AWS DMS Tasks with Failed Status Using SQL" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_task_identifier, - status, - last_failure_message - from - aws_dms_replication_task - where - status = 'failed'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DMS diff --git a/queries/aws_dms_replication_task_4.yaml.bak b/queries/aws_dms_replication_task_4.yaml.bak deleted file mode 100755 index db6de646b..000000000 --- a/queries/aws_dms_replication_task_4.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_dms_replication_task_4 -Title: "Find AWS DMS Replication Task Details for Data Migration" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_task_identifier, - status, - replication_task_stats -> 'ElapsedTimeMillis' as elapsed_time_millis, - replication_task_stats -> 'FreshStartDate' as fresh_start_date, - replication_task_stats -> 'FullLoadFinishDate' as full_load_finish_date, - replication_task_stats -> 'FullLoadProgressPercent' as full_load_progress_percent, - replication_task_stats -> 'FullLoadStartDate' as full_load_start_date, - replication_task_stats -> 'StartDate' as start_date, - replication_task_stats -> 'StopDate' as stop_date, - replication_task_stats -> 'TablesErrored' as tables_errored, - replication_task_stats -> 'TablesLoaded' as tables_loaded, - replication_task_stats -> 'TablesLoading' as tables_loading, - replication_task_stats -> 'TablesQueued' as tables_queued - from - aws_dms_replication_task; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DMS diff --git a/queries/aws_dms_replication_task_5.yaml.bak b/queries/aws_dms_replication_task_5.yaml.bak deleted file mode 100755 index c7cbfc979..000000000 --- a/queries/aws_dms_replication_task_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_dms_replication_task_5 -Title: "List all AWS DMS Replication Tasks with Details" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - t.replication_task_identifier, - t.arn as task_arn, - i.replication_instance_class, - i.engine_version, - i.publicly_accessible, - i.dns_name_servers - from - aws_dms_replication_task t - join aws_dms_replication_instance i on t.replication_instance_arn = i.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS DMS diff --git a/queries/aws_dms_replication_task_6.yaml.bak b/queries/aws_dms_replication_task_6.yaml.bak deleted file mode 100755 index be9180f77..000000000 --- a/queries/aws_dms_replication_task_6.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_dms_replication_task_6 -Title: "Find AWS DMS Replication Tasks for Data Migration" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_task_identifier, - source_endpoint_arn, - status - from - aws_dms_replication_task - where - endpoint_type = 'source'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - DMS diff --git a/queries/aws_dms_replication_task_7.yaml.bak b/queries/aws_dms_replication_task_7.yaml.bak deleted file mode 100755 index e113d04c6..000000000 --- a/queries/aws_dms_replication_task_7.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_dms_replication_task_7 -Title: "List all AWS DMS Replication Task Details" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_type, - count(*) as task_count - from - aws_dms_replication_task - group by - endpoint_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DMS diff --git a/queries/aws_dms_replication_task_7.yaml.bak.bak b/queries/aws_dms_replication_task_7.yaml.bak.bak deleted file mode 100755 index e113d04c6..000000000 --- a/queries/aws_dms_replication_task_7.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_dms_replication_task_7 -Title: "List all AWS DMS Replication Task Details" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_type, - count(*) as task_count - from - aws_dms_replication_task - group by - endpoint_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DMS diff --git a/queries/aws_docdb_cluster_1.yaml.bak b/queries/aws_docdb_cluster_1.yaml.bak deleted file mode 100755 index b31fc186c..000000000 --- a/queries/aws_docdb_cluster_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_docdb_cluster_1 -Title: "Find Amazon DocumentDB Cluster Configuration and Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - db_cluster_identifier, - deletion_protection, - engine, - status, - region - from - aws_docdb_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_2.yaml.bak b/queries/aws_docdb_cluster_2.yaml.bak deleted file mode 100755 index 8a53ebc75..000000000 --- a/queries/aws_docdb_cluster_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_docdb_cluster_2 -Title: "Find Amazon DocumentDB Cluster Configuration and Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - status, - cluster_create_time, - kms_key_id, - storage_encrypted - from - aws_docdb_cluster - where - not storage_encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_3.yaml.bak b/queries/aws_docdb_cluster_3.yaml.bak deleted file mode 100755 index 042a6dae1..000000000 --- a/queries/aws_docdb_cluster_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_docdb_cluster_3 -Title: "Find Amazon DocumentDB Cluster Config and Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - backup_retention_period - from - aws_docdb_cluster - where - backup_retention_period > 7; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DocumentDB diff --git a/queries/aws_docdb_cluster_3.yaml.bak.bak b/queries/aws_docdb_cluster_3.yaml.bak.bak deleted file mode 100755 index 042a6dae1..000000000 --- a/queries/aws_docdb_cluster_3.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_docdb_cluster_3 -Title: "Find Amazon DocumentDB Cluster Config and Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - backup_retention_period - from - aws_docdb_cluster - where - backup_retention_period > 7; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DocumentDB diff --git a/queries/aws_docdb_cluster_4.yaml.bak b/queries/aws_docdb_cluster_4.yaml.bak deleted file mode 100755 index 30f6ee0c5..000000000 --- a/queries/aws_docdb_cluster_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_docdb_cluster_4 -Title: "List all Amazon DocumentDB Cluster Configuration and Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - jsonb_array_length(availability_zones) as availability_zones_count - from - aws_docdb_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_5.yaml.bak b/queries/aws_docdb_cluster_5.yaml.bak deleted file mode 100755 index 52f16f4df..000000000 --- a/queries/aws_docdb_cluster_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_docdb_cluster_5 -Title: "List Amazon DocumentDB Clusters and Their Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - status, - cluster_create_time, - deletion_protection - from - aws_docdb_cluster - where - not deletion_protection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DocumentDB diff --git a/queries/aws_docdb_cluster_6.yaml.bak b/queries/aws_docdb_cluster_6.yaml.bak deleted file mode 100755 index f1ddf78d7..000000000 --- a/queries/aws_docdb_cluster_6.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_docdb_cluster_6 -Title: "List all Amazon DocumentDB Clusters for Configuration and Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - member ->> 'DBClusterParameterGroupStatus' as db_cluster_parameter_group_status, - member ->> 'DBInstanceIdentifier' as db_instance_identifier, - member ->> 'IsClusterWriter' as is_cluster_writer, - member ->> 'PromotionTier' as promotion_tier - from - aws_docdb_cluster - cross join jsonb_array_elements(members) as member; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DocumentDB diff --git a/queries/aws_docdb_cluster_7.yaml.bak b/queries/aws_docdb_cluster_7.yaml.bak deleted file mode 100755 index 021e798d1..000000000 --- a/queries/aws_docdb_cluster_7.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_docdb_cluster_7 -Title: "Find Amazon DocumentDB Clusters and Configuration Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - status, - cluster_create_time, - deletion_protection - from - aws_docdb_cluster - where - not deletion_protection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_instance_1.yaml.bak b/queries/aws_docdb_cluster_instance_1.yaml.bak deleted file mode 100755 index c009d8dbd..000000000 --- a/queries/aws_docdb_cluster_instance_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_docdb_cluster_instance_1 -Title: "List Amazon DocumentDB Cluster Instances" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - db_cluster_identifier, - engine, - engine_version, - db_instance_class, - availability_zone - from - aws_docdb_cluster_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_instance_2.yaml.bak b/queries/aws_docdb_cluster_instance_2.yaml.bak deleted file mode 100755 index 4c29de451..000000000 --- a/queries/aws_docdb_cluster_instance_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_docdb_cluster_instance_2 -Title: "List all Amazon DocumentDB Cluster Instances" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - db_cluster_identifier, - engine, - engine_version, - db_instance_class, - availability_zone - from - aws_docdb_cluster_instance - where - publicly_accessible; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DocumentDB diff --git a/queries/aws_docdb_cluster_instance_3.yaml.bak b/queries/aws_docdb_cluster_instance_3.yaml.bak deleted file mode 100755 index 481682854..000000000 --- a/queries/aws_docdb_cluster_instance_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_docdb_cluster_instance_3 -Title: "Find all Amazon DocumentDB Cluster Instances with Details" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_subnet_group_arn, - db_subnet_group_name, - db_subnet_group_description, - db_subnet_group_status - from - aws_docdb_cluster_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_instance_4.yaml.bak b/queries/aws_docdb_cluster_instance_4.yaml.bak deleted file mode 100755 index 911a9d594..000000000 --- a/queries/aws_docdb_cluster_instance_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_docdb_cluster_instance_4 -Title: "List all Information of Amazon DocumentDB Clusters" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier as attached_vpc, - vsg ->> 'VpcSecurityGroupId' as vpc_security_group_id, - vsg ->> 'Status' as status, - sub -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, - sub ->> 'SubnetIdentifier' as subnet_identifier, - sub -> 'SubnetOutpost' ->> 'Arn' as subnet_outpost, - sub ->> 'SubnetStatus' as subnet_status - from - aws_docdb_cluster_instance - cross join jsonb_array_elements(vpc_security_groups) as vsg - cross join jsonb_array_elements(subnets) as sub; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_instance_5.yaml.bak b/queries/aws_docdb_cluster_instance_5.yaml.bak deleted file mode 100755 index 46a26fdd8..000000000 --- a/queries/aws_docdb_cluster_instance_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_docdb_cluster_instance_5 -Title: "Find all Amazon DocumentDB Cluster Instances using SQL" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - db_cluster_identifier, - db_instance_class - from - aws_docdb_cluster_instance - where - not storage_encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_instance_6.yaml.bak b/queries/aws_docdb_cluster_instance_6.yaml.bak deleted file mode 100755 index 8af20be8a..000000000 --- a/queries/aws_docdb_cluster_instance_6.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_docdb_cluster_instance_6 -Title: "List Amazon DocumentDB Cluster Instances with SQL" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - db_cluster_identifier, - db_instance_class - from - aws_docdb_cluster_instance - where - enabled_cloudwatch_logs_exports is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_instance_7.yaml.bak b/queries/aws_docdb_cluster_instance_7.yaml.bak deleted file mode 100755 index 2b4366302..000000000 --- a/queries/aws_docdb_cluster_instance_7.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_docdb_cluster_instance_7 -Title: "List all Amazon DocumentDB Cluster Instances and Details" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - endpoint_address, - endpoint_hosted_zone_id, - endpoint_port - from - aws_docdb_cluster_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_snapshot_1.yaml.bak b/queries/aws_docdb_cluster_snapshot_1.yaml.bak deleted file mode 100755 index 7836b0295..000000000 --- a/queries/aws_docdb_cluster_snapshot_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_docdb_cluster_snapshot_1 -Title: "Find Amazon DocumentDB Cluster Snapshots Configuration and Status" -Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - snapshot_type, - not storage_encrypted as storage_not_encrypted, - split_part(kms_key_id, '/', 1) as kms_key_id - from - aws_docdb_cluster_snapshot - where - not storage_encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_snapshot_2.yaml.bak b/queries/aws_docdb_cluster_snapshot_2.yaml.bak deleted file mode 100755 index 287568ee2..000000000 --- a/queries/aws_docdb_cluster_snapshot_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_docdb_cluster_snapshot_2 -Title: "Find Amazon DocumentDB Cluster Snapshot Details" -Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - cluster_create_time, - engine, - engine_version - from - aws_docdb_cluster_snapshot; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DocumentDB diff --git a/queries/aws_docdb_cluster_snapshot_3.yaml.bak b/queries/aws_docdb_cluster_snapshot_3.yaml.bak deleted file mode 100755 index a57758ce4..000000000 --- a/queries/aws_docdb_cluster_snapshot_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_docdb_cluster_snapshot_3 -Title: "List Amazon DocumentDB Cluster Snapshots and their Details" -Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - count(db_cluster_snapshot_identifier) as snapshot_count - from - aws_docdb_cluster_snapshot - group by - db_cluster_identifier; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon DocumentDB diff --git a/queries/aws_docdb_cluster_snapshot_4.yaml.bak b/queries/aws_docdb_cluster_snapshot_4.yaml.bak deleted file mode 100755 index 1245ee67b..000000000 --- a/queries/aws_docdb_cluster_snapshot_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_docdb_cluster_snapshot_4 -Title: "Find Amazon DocumentDB Cluster Snapshot details" -Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - engine, - snapshot_type - from - aws_docdb_cluster_snapshot - where - snapshot_type = 'manual'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon DocumentDB diff --git a/queries/aws_drs_job_1.yaml.bak b/queries/aws_drs_job_1.yaml.bak deleted file mode 100755 index a862cd659..000000000 --- a/queries/aws_drs_job_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_drs_job_1 -Title: "List all AWS Data Replication Service Jobs Details" -Description: "Allows users to query AWS Data Replication Service Jobs and retrieve key job details such as job ID, job status, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - status, - initiated_by - from - aws_drs_job; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Data Replication Service diff --git a/queries/aws_drs_job_2.yaml.bak b/queries/aws_drs_job_2.yaml.bak deleted file mode 100755 index feab23dca..000000000 --- a/queries/aws_drs_job_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_drs_job_2 -Title: "Find AWS Data Replication Service Job Details" -Description: "Allows users to query AWS Data Replication Service Jobs and retrieve key job details such as job ID, job status, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - status, - initiated_by, - creation_date_time - from - aws_drs_job - where - status = 'PENDING'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Data Replication Service diff --git a/queries/aws_drs_job_3.yaml.bak b/queries/aws_drs_job_3.yaml.bak deleted file mode 100755 index f8a26e7c7..000000000 --- a/queries/aws_drs_job_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_drs_job_3 -Title: "List AWS Data Replication Service Job Details" -Description: "Allows users to query AWS Data Replication Service Jobs and retrieve key job details such as job ID, job status, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - status, - initiated_by, - type, - creation_date_time, - end_date_time - from - aws_drs_job - where - creation_date_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Data Replication Service diff --git a/queries/aws_drs_recovery_instance_1.yaml.bak b/queries/aws_drs_recovery_instance_1.yaml.bak deleted file mode 100755 index ef80140af..000000000 --- a/queries/aws_drs_recovery_instance_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_drs_recovery_instance_1 -Title: "List AWS Disaster Recovery Service Recovery Instances" -Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recovery_instance_id, - arn, - source_server_id, - ec2_instance_id, - ec2_instance_state - from - aws_drs_recovery_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_instance_2.yaml.bak b/queries/aws_drs_recovery_instance_2.yaml.bak deleted file mode 100755 index 6dba32326..000000000 --- a/queries/aws_drs_recovery_instance_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_drs_recovery_instance_2 -Title: "Query AWS DRS Recovery Instances for Detailed Information" -Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recovery_instance_id - arn, - recovery_instance_properties ->> 'Cpus' as recovery_instance_cpus, - recovery_instance_properties ->> 'Disks' as recovery_instance_disks, - recovery_instance_properties ->> 'IdentificationHints' as recovery_instance_identification_hints, - recovery_instance_properties ->> 'LastUpdatedDateTime' as recovery_instance_last_updated_date_time, - recovery_instance_properties ->> 'NetworkInterfaces' as recovery_instance_network_interfaces, - recovery_instance_properties ->> 'Os' as recovery_instance_os, - recovery_instance_properties ->> 'RamBytes' as recovery_instance_ram_bytes - from - aws_drs_recovery_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_instance_3.yaml.bak b/queries/aws_drs_recovery_instance_3.yaml.bak deleted file mode 100755 index f681f6cbf..000000000 --- a/queries/aws_drs_recovery_instance_3.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_drs_recovery_instance_3 -Title: "List all AWS Disaster Recovery Recovery Instances" -Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recovery_instance_id, - arn, - source_server_id, - ec2_instance_id, - failback ->> 'AgentLastSeenByServiceDateTime' as agent_last_seen_by_service_date_time, - failback ->> 'ElapsedReplicationDuration' as elapsed_replication_duration, - failback ->> 'FailbackClientID' as failback_client_id, - failback ->> 'FailbackClientLastSeenByServiceDateTime' as failback_client_last_seen_by_service_date_time, - failback ->> 'FailbackInitiationTime' as failback_initiation_time, - failback -> 'FailbackJobID' as failback_job_id, - failback -> 'FailbackLaunchType' as failback_launch_type, - failback -> 'FailbackToOriginalServer' as failback_to_original_server, - failback -> 'FirstByteDateTime' as failback_first_byte_date_time, - failback -> 'State' as failback_state - from - aws_drs_recovery_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_instance_4.yaml.bak b/queries/aws_drs_recovery_instance_4.yaml.bak deleted file mode 100755 index 3c89b3818..000000000 --- a/queries/aws_drs_recovery_instance_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_drs_recovery_instance_4 -Title: "List All AWS Disaster Recovery Service Recovery Instances" -Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recovery_instance_id, - arn, - data_replication_info -> 'DataReplicationInitiation' ->> 'StartDateTime' as data_replication_start_date_time, - data_replication_info -> 'DataReplicationInitiation' ->> 'NextAttemptDateTime' as data_replication_next_attempt_date_time, - data_replication_info ->> 'DataReplicationError' as data_replication_error, - data_replication_info ->> 'DataReplicationState' as data_replication_state, - data_replication_info ->> 'ReplicatedDisks' as data_replication_replicated_disks - from - aws_drs_recovery_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_instance_5.yaml.bak b/queries/aws_drs_recovery_instance_5.yaml.bak deleted file mode 100755 index c7bf1a811..000000000 --- a/queries/aws_drs_recovery_instance_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_drs_recovery_instance_5 -Title: "List all AWS Disaster Recovery Service Recovery Instances" -Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recovery_instance_id, - arn, - source_server_id, - ec2_instance_id, - ec2_instance_state, - is_drill, - job_id - from - aws_drs_recovery_instance - where - not is_drill; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_snapshot_1.yaml.bak b/queries/aws_drs_recovery_snapshot_1.yaml.bak deleted file mode 100755 index 9150c59e8..000000000 --- a/queries/aws_drs_recovery_snapshot_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_drs_recovery_snapshot_1 -Title: "List AWS DRS Recovery Snapshot Data with Details" -Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - source_server_id, - expected_timestamp, - timestamp, - title - from - aws_drs_recovery_snapshot; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_snapshot_2.yaml.bak b/queries/aws_drs_recovery_snapshot_2.yaml.bak deleted file mode 100755 index 7aac49a8d..000000000 --- a/queries/aws_drs_recovery_snapshot_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_drs_recovery_snapshot_2 -Title: "List AWS DRS Recovery Snapshot Details and Metadata" -Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.snapshot_id, - r.source_server_id, - s.arn as source_server_arn, - s.recovery_instance_id, - s.replication_direction - from - aws_drs_recovery_snapshot r, - aws_drs_source_server as s - where - r.source_server_id = s.source_server_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_snapshot_3.yaml.bak b/queries/aws_drs_recovery_snapshot_3.yaml.bak deleted file mode 100755 index 9772065e7..000000000 --- a/queries/aws_drs_recovery_snapshot_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_drs_recovery_snapshot_3 -Title: "List all Recovery Snapshot Data in AWS DRS" -Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_server_id, - count(snapshot_id) as recovery_snapshot_count - from - aws_drs_recovery_snapshot - group by - source_server_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_snapshot_4.yaml.bak b/queries/aws_drs_recovery_snapshot_4.yaml.bak deleted file mode 100755 index 45cd6f093..000000000 --- a/queries/aws_drs_recovery_snapshot_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_drs_recovery_snapshot_4 -Title: "List AWS DRS Recovery Snapshots with Metadata Details" -Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - source_server_id, - expected_timestamp, - timestamp - from - aws_drs_recovery_snapshot - where - timestamp <= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Disaster Recovery Service diff --git a/queries/aws_drs_recovery_snapshot_5.yaml.bak b/queries/aws_drs_recovery_snapshot_5.yaml.bak deleted file mode 100755 index 9dd9cb210..000000000 --- a/queries/aws_drs_recovery_snapshot_5.yaml.bak +++ /dev/null @@ -1,38 +0,0 @@ -ID: aws_drs_recovery_snapshot_5 -Title: "List all AWS DRS Recovery Snapshot Data" -Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.snapshot_id, - r.source_server_id, - s as ebs_snapshot_id, - e.state as snapshot_state, - e.volume_size, - e.volume_id, - e.encrypted, - e.kms_key_id, - e.data_encryption_key_id - from - aws_drs_recovery_snapshot as r, - jsonb_array_elements_text(ebs_snapshots) as s, - aws_ebs_snapshot as e - where - r.snapshot_id = 'pit-3367d3f930778a9c3' - and - s = e.snapshot_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Disaster Recovery Service diff --git a/queries/aws_drs_source_server_1.yaml.bak b/queries/aws_drs_source_server_1.yaml.bak deleted file mode 100755 index 92cbedd36..000000000 --- a/queries/aws_drs_source_server_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_drs_source_server_1 -Title: "List all AWS Database Migration Service Source Servers" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - last_launch_result, - source_server_id, - title - from - aws_drs_source_server; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_drs_source_server_2.yaml.bak b/queries/aws_drs_source_server_2.yaml.bak deleted file mode 100755 index 8e56f3670..000000000 --- a/queries/aws_drs_source_server_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_drs_source_server_2 -Title: "List all AWS DMS Source Servers for Detailed Info" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - title, - source_cloud_properties ->> 'OriginAccountID' as source_cloud_origin_account_id, - source_cloud_properties ->> 'OriginAvailabilityZone' as source_cloud_origin_availability_zone, - source_cloud_properties ->> 'OriginRegion' as source_cloud_origin_region - from - aws_drs_source_server; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_drs_source_server_3.yaml.bak b/queries/aws_drs_source_server_3.yaml.bak deleted file mode 100755 index 5b7493160..000000000 --- a/queries/aws_drs_source_server_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_drs_source_server_3 -Title: "Query AWS DMS Source Servers for Replication Details" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - title, - source_properties ->> 'Cpus' as source_cpus, - source_properties ->> 'Disks' as source_disks, - source_properties -> 'IdentificationHints' ->> 'Hostname' as source_hostname, - source_properties ->> 'NetworkInterfaces' as source_network_interfaces, - source_properties -> 'Os' ->> 'FullString' as source_os, - source_properties -> 'RamBytes' as source_ram_bytes, - source_properties -> 'RecommendedInstanceType' as source_recommended_instance_type, - source_properties -> 'LastUpdatedDateTime' as source_last_updated_date_time - from - aws_drs_source_server; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_drs_source_server_4.yaml.bak b/queries/aws_drs_source_server_4.yaml.bak deleted file mode 100755 index 311b59711..000000000 --- a/queries/aws_drs_source_server_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_drs_source_server_4 -Title: "List all AWS DMS Source Servers with Replication Info" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - title, - data_replication_info -> 'DataReplicationInitiation' ->> 'StartDateTime' as data_replication_start_date_time, - data_replication_info -> 'DataReplicationInitiation' ->> 'NextAttemptDateTime' as data_replication_next_attempt_date_time, - data_replication_info ->> 'DataReplicationError' as data_replication_error, - data_replication_info ->> 'DataReplicationState' as data_replication_state, - data_replication_info ->> 'ReplicatedDisks' as data_replication_replicated_disks - from - aws_drs_source_server; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_drs_source_server_5.yaml.bak b/queries/aws_drs_source_server_5.yaml.bak deleted file mode 100755 index cf673d2f4..000000000 --- a/queries/aws_drs_source_server_5.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_drs_source_server_5 -Title: "List AWS DMS Source Servers with Detailed Information" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - title, - launch_configuration ->> 'Name' as launch_configuration_name, - launch_configuration ->> 'CopyPrivateIp' as launch_configuration_copy_private_ip, - launch_configuration ->> 'CopyTags' as launch_configuration_copy_tags, - launch_configuration ->> 'Ec2LaunchTemplateID' as launch_configuration_ec2_launch_template_id, - launch_configuration ->> 'LaunchDisposition' as launch_configuration_disposition, - launch_configuration ->> 'TargetInstanceTypeRightSizingMethod' as launch_configuration_target_instance_type_right_sizing_method, - launch_configuration -> 'Licensing' as launch_configuration_licensing, - launch_configuration -> 'ResultMetadata' as launch_configuration_result_metadata - from - aws_drs_source_server; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_drs_source_server_6.yaml.bak b/queries/aws_drs_source_server_6.yaml.bak deleted file mode 100755 index 72fd284fc..000000000 --- a/queries/aws_drs_source_server_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_drs_source_server_6 -Title: "Find Failed AWS Database Migration Source Servers" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - last_launch_result, - source_server_id - from - aws_drs_source_server - where - last_launch_result = 'FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_drs_source_server_6.yaml.bak.bak b/queries/aws_drs_source_server_6.yaml.bak.bak deleted file mode 100755 index 72fd284fc..000000000 --- a/queries/aws_drs_source_server_6.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_drs_source_server_6 -Title: "Find Failed AWS Database Migration Source Servers" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - last_launch_result, - source_server_id - from - aws_drs_source_server - where - last_launch_result = 'FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_drs_source_server_7.yaml.bak b/queries/aws_drs_source_server_7.yaml.bak deleted file mode 100755 index da3969927..000000000 --- a/queries/aws_drs_source_server_7.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_drs_source_server_7 -Title: "Find AWS DMS Source Server Data Replication Details" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - data_replication_info ->> 'DataReplicationState' as data_replication_state, - data_replication_info ->> 'DataReplicationError' as data_replication_error, - data_replication_info -> 'DataReplicationInitiation' ->> 'StartDateTime' as data_replication_start_date_time, - data_replication_info -> 'DataReplicationInitiation' ->> 'NextAttemptDateTime' as data_replication_next_attempt_date_time - from - aws_drs_source_server - where - data_replication_info ->> 'DataReplicationState' = 'DISCONNECTED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Database Migration Service diff --git a/queries/aws_dynamodb_backup_1.yaml.bak b/queries/aws_dynamodb_backup_1.yaml.bak deleted file mode 100755 index a0489a9f0..000000000 --- a/queries/aws_dynamodb_backup_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_dynamodb_backup_1 -Title: "List all DynamoDB Backup details with SQL query" -Description: "Allows users to query DynamoDB Backup details such as backup ARN, backup creation date, backup size, backup status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - table_name, - table_id - from - aws_dynamodb_backup; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_backup_2.yaml.bak b/queries/aws_dynamodb_backup_2.yaml.bak deleted file mode 100755 index 44dc0ddd8..000000000 --- a/queries/aws_dynamodb_backup_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_dynamodb_backup_2 -Title: "List all AWS DynamoDB Backup Details" -Description: "Allows users to query DynamoDB Backup details such as backup ARN, backup creation date, backup size, backup status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - backup_status, - backup_type, - backup_expiry_datetime, - backup_size_bytes - from - aws_dynamodb_backup; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_global_table_1.yaml.bak b/queries/aws_dynamodb_global_table_1.yaml.bak deleted file mode 100755 index 769a91275..000000000 --- a/queries/aws_dynamodb_global_table_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_dynamodb_global_table_1 -Title: "List all AWS DynamoDB Global Tables and their Regions" -Description: "Allows users to query AWS DynamoDB Global Tables to gather information about the global tables, including the table name, creation time, status, and other related details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - global_table_name, - rg -> 'RegionName' as region_name - from - aws_dynamodb_global_table - cross join jsonb_array_elements(replication_group) as rg; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB Global Table diff --git a/queries/aws_dynamodb_global_table_2.yaml.bak b/queries/aws_dynamodb_global_table_2.yaml.bak deleted file mode 100755 index 97d2d7793..000000000 --- a/queries/aws_dynamodb_global_table_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_dynamodb_global_table_2 -Title: "List all AWS DynamoDB Global Tables with Details" -Description: "Allows users to query AWS DynamoDB Global Tables to gather information about the global tables, including the table name, creation time, status, and other related details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - global_table_name, - global_table_status, - rg -> 'GlobalSecondaryIndexes' as global_secondary_indexes, - rg -> 'RegionName' as region_name, - rg -> 'ReplicaInaccessibleDateTime' as replica_inaccessible_date_time, - rg -> 'ReplicaStatus' as replica_status, - rg -> 'ReplicaStatusDescription' as replica_status_description, - rg -> 'ReplicaStatusPercentProgress' as replica_status_percent_progress - from - aws_dynamodb_global_table - cross join jsonb_array_elements(replication_group) as rg; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak deleted file mode 100755 index fbb7bf723..000000000 --- a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_dynamodb_metric_account_provisioned_read_capacity_util_1 -Title: "List AWS DynamoDB Metrics on Read Capacity Utilization" -Description: "Allows users to query DynamoDB Metrics on account provisioned read capacity utilization." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_dynamodb_metric_account_provisioned_read_capacity_util - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak.bak b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak.bak deleted file mode 100755 index fbb7bf723..000000000 --- a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_dynamodb_metric_account_provisioned_read_capacity_util_1 -Title: "List AWS DynamoDB Metrics on Read Capacity Utilization" -Description: "Allows users to query DynamoDB Metrics on account provisioned read capacity utilization." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_dynamodb_metric_account_provisioned_read_capacity_util - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml.bak b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml.bak deleted file mode 100755 index 680f2290e..000000000 --- a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_dynamodb_metric_account_provisioned_read_capacity_util_2 -Title: "List all AWS DynamoDB Metrics on Read Capacity Utilization" -Description: "Allows users to query DynamoDB Metrics on account provisioned read capacity utilization." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_dynamodb_metric_account_provisioned_read_capacity_util - where - maximum > 80 - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak deleted file mode 100755 index 92801c904..000000000 --- a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_dynamodb_metric_account_provisioned_write_capacity_util_1 -Title: "List AWS DynamoDB Metrics for Write Capacity Utilization" -Description: "Allows users to query AWS DynamoDB Metrics for account provisioned write capacity utilization." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_dynamodb_metric_account_provisioned_write_capacity_util - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak.bak b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak.bak deleted file mode 100755 index 32f053cff..000000000 --- a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_dynamodb_metric_account_provisioned_write_capacity_util_1 -Title: "List AWS DynamoDB Metrics for Write Capacity Utilization" -Description: "Allows users to query AWS DynamoDB Metrics for account provisioned write capacity utilization." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_dynamodb_metric_account_provisioned_write_capacity_util - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml.bak b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml.bak deleted file mode 100755 index 36203fa48..000000000 --- a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_dynamodb_metric_account_provisioned_write_capacity_util_2 -Title: "List AWS DynamoDB Account Write Capacity Utilization Metrics" -Description: "Allows users to query AWS DynamoDB Metrics for account provisioned write capacity utilization." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_dynamodb_metric_account_provisioned_write_capacity_util - where - maximum > 80 - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_table_1.yaml.bak b/queries/aws_dynamodb_table_1.yaml.bak deleted file mode 100755 index 1b91f3e8c..000000000 --- a/queries/aws_dynamodb_table_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_dynamodb_table_1 -Title: "Find AWS DynamoDB Tables with Missing SSE Description" -Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - sse_description - from - aws_dynamodb_table - where - sse_description is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_table_2.yaml.bak b/queries/aws_dynamodb_table_2.yaml.bak deleted file mode 100755 index 99da14340..000000000 --- a/queries/aws_dynamodb_table_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_dynamodb_table_2 -Title: "List all AWS DynamoDB Tables with Disabled Backups" -Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - continuous_backups_status - from - aws_dynamodb_table - where - continuous_backups_status = 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_table_3.yaml.bak b/queries/aws_dynamodb_table_3.yaml.bak deleted file mode 100755 index 83d9f54bb..000000000 --- a/queries/aws_dynamodb_table_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_dynamodb_table_3 -Title: "List all AWS DynamoDB Tables and retrieve their status" -Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - point_in_time_recovery_description ->> 'EarliestRestorableDateTime' as earliest_restorable_date_time, - point_in_time_recovery_description ->> 'LatestRestorableDateTime' as latest_restorable_date_time, - point_in_time_recovery_description ->> 'PointInTimeRecoveryStatus' as point_in_time_recovery_status - from - aws_dynamodb_table; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_table_4.yaml.bak b/queries/aws_dynamodb_table_4.yaml.bak deleted file mode 100755 index 20a263148..000000000 --- a/queries/aws_dynamodb_table_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_dynamodb_table_4 -Title: "List all AWS DynamoDB table configurations and status" -Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - d ->> 'StreamArn' as kinesis_stream_arn, - d ->> 'DestinationStatus' as stream_status - from - aws_dynamodb_table, - jsonb_array_elements(streaming_destination -> 'KinesisDataStreamDestinations') as d - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_table_export_1.yaml.bak b/queries/aws_dynamodb_table_export_1.yaml.bak deleted file mode 100755 index ac9a2cc7b..000000000 --- a/queries/aws_dynamodb_table_export_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_dynamodb_table_export_1 -Title: "List all details of AWS DynamoDB Table Exports" -Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - end_time, - export_format, - export_status, - s3_bucket - from - aws_dynamodb_table_export; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_table_export_2.yaml.bak b/queries/aws_dynamodb_table_export_2.yaml.bak deleted file mode 100755 index 3c47d03d5..000000000 --- a/queries/aws_dynamodb_table_export_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_dynamodb_table_export_2 -Title: "List all AWS DynamoDB Table Exports with Details" -Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - end_time, - export_format, - export_status, - s3_bucket - from - aws_dynamodb_table_export - where - export_status <> 'COMPLETED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_table_export_2.yaml.bak.bak b/queries/aws_dynamodb_table_export_2.yaml.bak.bak deleted file mode 100755 index 3c47d03d5..000000000 --- a/queries/aws_dynamodb_table_export_2.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_dynamodb_table_export_2 -Title: "List all AWS DynamoDB Table Exports with Details" -Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - end_time, - export_format, - export_status, - s3_bucket - from - aws_dynamodb_table_export - where - export_status <> 'COMPLETED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_dynamodb_table_export_3.yaml.bak b/queries/aws_dynamodb_table_export_3.yaml.bak deleted file mode 100755 index 82fe9066c..000000000 --- a/queries/aws_dynamodb_table_export_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_dynamodb_table_export_3 -Title: "Find AWS DynamoDB Table Exports with Detailed Info" -Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - end_time, - export_format, - export_status, - export_time, - s3_bucket - from - aws_dynamodb_table_export - where - export_time >= now() - interval '10' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - DynamoDB diff --git a/queries/aws_ebs_snapshot_1.yaml.bak b/queries/aws_ebs_snapshot_1.yaml.bak deleted file mode 100755 index 388302e5b..000000000 --- a/queries/aws_ebs_snapshot_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ebs_snapshot_1 -Title: "Find Detailed Information About AWS EBS Snapshots" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - arn, - encrypted - from - aws_ebs_snapshot - where - not encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_snapshot_2.yaml.bak b/queries/aws_ebs_snapshot_2.yaml.bak deleted file mode 100755 index ef1ab1b93..000000000 --- a/queries/aws_ebs_snapshot_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ebs_snapshot_2 -Title: "Find AWS EBS Snapshots with User and Group Details" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - arn, - volume_id, - perm ->> 'UserId' as userid, - perm ->> 'Group' as group - from - aws_ebs_snapshot - cross join jsonb_array_elements(create_volume_permissions) as perm - where - perm ->> 'Group' = 'all'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_snapshot_3.yaml.bak b/queries/aws_ebs_snapshot_3.yaml.bak deleted file mode 100755 index bf3285318..000000000 --- a/queries/aws_ebs_snapshot_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ebs_snapshot_3 -Title: "List all AWS EBS snapshots with details" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - volume_id, - perm ->> 'UserId' as account_ids - from - aws_ebs_snapshot - cross join jsonb_array_elements(create_volume_permissions) as perm; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_snapshot_4.yaml.bak b/queries/aws_ebs_snapshot_4.yaml.bak deleted file mode 100755 index 3c5c73505..000000000 --- a/queries/aws_ebs_snapshot_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ebs_snapshot_4 -Title: "List all AWS EBS snapshots with configuration details" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - count(snapshot_id) as snapshot_id - from - aws_ebs_snapshot - group by - volume_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_snapshot_4.yaml.bak.bak b/queries/aws_ebs_snapshot_4.yaml.bak.bak deleted file mode 100755 index b75436496..000000000 --- a/queries/aws_ebs_snapshot_4.yaml.bak.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ebs_snapshot_4 -Title: "List all AWS EBS snapshots with configuration details" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - count(snapshot_id) as snapshot_id - from - aws_ebs_snapshot - group by - volume_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_snapshot_5.yaml.bak b/queries/aws_ebs_snapshot_5.yaml.bak deleted file mode 100755 index d2012bc4f..000000000 --- a/queries/aws_ebs_snapshot_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ebs_snapshot_5 -Title: "Find details of AWS EBS snapshot configurations" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - arn, - encrypted, - owner_id - from - aws_ebs_snapshot - where - owner_id = '859788737657'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_snapshot_6.yaml.bak b/queries/aws_ebs_snapshot_6.yaml.bak deleted file mode 100755 index f0d483757..000000000 --- a/queries/aws_ebs_snapshot_6.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ebs_snapshot_6 -Title: "Find EBS Snapshots Configuration and Metadata in AWS" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - arn, - encrypted, - owner_id - from - aws_ebs_snapshot - where - snapshot_id = 'snap-07bf4f91353ad71ae'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_snapshot_7.yaml.bak b/queries/aws_ebs_snapshot_7.yaml.bak deleted file mode 100755 index 532c4d8c0..000000000 --- a/queries/aws_ebs_snapshot_7.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ebs_snapshot_7 -Title: "List all AWS EBS Snapshot Configurations and Status" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - arn, - encrypted, - owner_id - from - aws_ebs_snapshot - where - owner_alias = 'amazon' - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_volume_1.yaml.bak b/queries/aws_ebs_volume_1.yaml.bak deleted file mode 100755 index c6468f9ea..000000000 --- a/queries/aws_ebs_volume_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ebs_volume_1 -Title: "Find All Unencrypted EBS Volumes in AWS" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - encrypted - from - aws_ebs_volume - where - not encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_volume_2.yaml.bak b/queries/aws_ebs_volume_2.yaml.bak deleted file mode 100755 index 02b631158..000000000 --- a/queries/aws_ebs_volume_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ebs_volume_2 -Title: "List all AWS EBS volumes with no attachments" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - volume_type - from - aws_ebs_volume - where - jsonb_array_length(attachments) = 0; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_volume_3.yaml.bak b/queries/aws_ebs_volume_3.yaml.bak deleted file mode 100755 index d9b42c04a..000000000 --- a/queries/aws_ebs_volume_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ebs_volume_3 -Title: "List all AWS EBS Volumes and Their Details" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - volume_type - from - aws_ebs_volume - where - volume_type = 'io1'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_volume_3.yaml.bak.bak b/queries/aws_ebs_volume_3.yaml.bak.bak deleted file mode 100755 index b58bda1ec..000000000 --- a/queries/aws_ebs_volume_3.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ebs_volume_3 -Title: "List all AWS EBS Volumes and Their Details" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - volume_type - from - aws_ebs_volume - where - volume_type = 'io1'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_volume_4.yaml.bak b/queries/aws_ebs_volume_4.yaml.bak deleted file mode 100755 index 8059789b3..000000000 --- a/queries/aws_ebs_volume_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ebs_volume_4 -Title: "List all AWS EBS volumes with configuration and status details" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - size - from - aws_ebs_volume - where - size > '100'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_volume_5.yaml.bak b/queries/aws_ebs_volume_5.yaml.bak deleted file mode 100755 index 79a8ee80f..000000000 --- a/queries/aws_ebs_volume_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ebs_volume_5 -Title: "List all AWS EBS Volumes and Configuration Details" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_type, - count(volume_type) as count - from - aws_ebs_volume - group by - volume_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_volume_6.yaml.bak b/queries/aws_ebs_volume_6.yaml.bak deleted file mode 100755 index 987fb78a3..000000000 --- a/queries/aws_ebs_volume_6.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ebs_volume_6 -Title: "List all AWS EBS volumes and their stopped instances" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - size, - att ->> 'InstanceId' as instance_id - from - aws_ebs_volume - cross join jsonb_array_elements(attachments) as att - join aws_ec2_instance as i on i.instance_id = att ->> 'InstanceId' - where - instance_state = 'stopped'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store (EBS) diff --git a/queries/aws_ebs_volume_7.yaml.bak b/queries/aws_ebs_volume_7.yaml.bak deleted file mode 100755 index c812df3e2..000000000 --- a/queries/aws_ebs_volume_7.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ebs_volume_7 -Title: "List AWS EBS Volumes for Configuration and Status" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - volume_type - from - aws_ebs_volume - where - volume_type = 'io1'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_volume_metric_read_ops_1.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_1.yaml.bak deleted file mode 100755 index 71edb46e1..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_1 -Title: "List all AWS EBS Volume read operations metrics" -Description: "Allows users to query AWS EBS Volume read operations metrics." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS Volume diff --git a/queries/aws_ebs_volume_metric_read_ops_1.yaml.bak.bak b/queries/aws_ebs_volume_metric_read_ops_1.yaml.bak.bak deleted file mode 100755 index 71edb46e1..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_1.yaml.bak.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_1 -Title: "List all AWS EBS Volume read operations metrics" -Description: "Allows users to query AWS EBS Volume read operations metrics." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS Volume diff --git a/queries/aws_ebs_volume_metric_read_ops_2.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_2.yaml.bak deleted file mode 100755 index 0e74c6a6f..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_2 -Title: "Find Read Ops Metrics of AWS EBS Volumes with SQL" -Description: "Allows users to query AWS EBS Volume read operations metrics." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops - where - average > 1000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_3.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_3.yaml.bak deleted file mode 100755 index 2b45be172..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_3.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_3 -Title: "List all AWS EBS Volume read operations metrics" -Description: "Allows users to query AWS EBS Volume read operations metrics." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops - where - maximum > 8000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_4.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_4.yaml.bak deleted file mode 100755 index 102ab9281..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_4.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_4 -Title: "List All AWS EBS Volume Read Operations Metrics" -Description: "Allows users to query AWS EBS Volume read operations metrics." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_ebs_volume_metric_read_ops as r, - aws_ebs_volume_metric_write_ops as w - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - order by - r.volume_id, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml.bak deleted file mode 100755 index 56cdae947..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_daily_1 -Title: "List AWS EBS Volume Metrics for Daily Read Ops" -Description: "Allows users to query AWS EBS Volume metrics for daily read operations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops_daily - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml.bak deleted file mode 100755 index bbc5fdd1b..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_daily_2 -Title: "Find Daily AWS EBS Volume Read Ops Metrics using SQL" -Description: "Allows users to query AWS EBS Volume metrics for daily read operations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops_daily - where - average > 1000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml.bak deleted file mode 100755 index 777415438..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_daily_3 -Title: "Find all AWS EBS Volume daily read operations metrics" -Description: "Allows users to query AWS EBS Volume metrics for daily read operations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops_daily - where - maximum > 8000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml.bak deleted file mode 100755 index cc42a62ed..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_daily_4 -Title: "Find AWS EBS Volume Metrics for Daily Read Operations" -Description: "Allows users to query AWS EBS Volume metrics for daily read operations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_ebs_volume_metric_read_ops_daily as r, - aws_ebs_volume_metric_write_ops_daily as w - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - order by - r.volume_id, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml.bak deleted file mode 100755 index 6dcea420e..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_hourly_1 -Title: "Find Amazon EC2 EBS Volume Read Operations Metrics Hourly" -Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops_hourly - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EC2 EBS diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml.bak deleted file mode 100755 index a8a568cc2..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_hourly_2 -Title: "List all Amazon EC2 EBS Volume Read Ops metrics hourly" -Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops_hourly - where - average > 1000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EC2 diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml.bak deleted file mode 100755 index 804457456..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_hourly_3 -Title: "Find Amazon EC2 EBS Volume Read Ops Metrics Hourly" -Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops_hourly - where - maximum > 8000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EC2 diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml.bak deleted file mode 100755 index ea84534e6..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_hourly_4 -Title: "List all Amazon EC2 EBS Volume Read Ops Metrics Hourly" -Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - v.iops as provisioned_iops, - round(r.average) +round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg - from - aws_ebs_volume_metric_read_ops_hourly as r, - aws_ebs_volume_metric_write_ops_hourly as w, - aws_ebs_volume as v - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - and v.volume_id = r.volume_id - and r.average + w.average > v.iops - order by - r.volume_id, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EC2 diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml.bak b/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml.bak deleted file mode 100755 index d2e6fd281..000000000 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_ebs_volume_metric_read_ops_hourly_5 -Title: "Find AWS EC2 EBS Volume Read Ops Metrics Hourly" -Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_ebs_volume_metric_read_ops_hourly as r, - aws_ebs_volume_metric_write_ops_hourly as w - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - order by - r.volume_id, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EC2 EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_1.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_1.yaml.bak deleted file mode 100755 index b90872c82..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_1 -Title: "Find AWS EBS Volume Write Operations Metrics" -Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_volume_metric_write_ops_2.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_2.yaml.bak deleted file mode 100755 index fe69e94b8..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_2 -Title: "List AWS EBS Volume Write Ops Metrics via SQL" -Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops - where - average > 1000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_volume_metric_write_ops_3.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_3.yaml.bak deleted file mode 100755 index cc2d5e4a4..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_3.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_3 -Title: "Find AWS EBS volume write ops metrics" -Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops - where - maximum > 8000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_volume_metric_write_ops_3.yaml.bak.bak b/queries/aws_ebs_volume_metric_write_ops_3.yaml.bak.bak deleted file mode 100755 index cc2d5e4a4..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_3.yaml.bak.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_3 -Title: "Find AWS EBS volume write ops metrics" -Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops - where - maximum > 8000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_volume_metric_write_ops_4.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_4.yaml.bak deleted file mode 100755 index bd6ebaace..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_4.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_4 -Title: "List EBS Volume Write Ops Metrics using SQL" -Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_ebs_volume_metric_read_ops as r, - aws_ebs_volume_metric_write_ops as w - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - order by - r.volume_id, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Block Store diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml.bak deleted file mode 100755 index f0a72ec1a..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_daily_1 -Title: "List all AWS EBS Volume Metrics for daily write operations" -Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops_daily - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak deleted file mode 100755 index ffa5ec597..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_daily_2 -Title: "Find daily AWS EBS Volume Metrics for write operations" -Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops_daily - where - average > 1000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak.bak b/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak.bak deleted file mode 100755 index ffa5ec597..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml.bak.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_daily_2 -Title: "Find daily AWS EBS Volume Metrics for write operations" -Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops_daily - where - average > 1000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml.bak deleted file mode 100755 index da07573be..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_daily_3 -Title: "Find AWS EBS Volume Write Ops Metrics Daily" -Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops_daily - where - maximum > 8000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml.bak deleted file mode 100755 index e3c7e11ac..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_daily_4 -Title: "Query Daily AWS EBS Volume Write Ops Metrics" -Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_ebs_volume_metric_read_ops_daily as r, - aws_ebs_volume_metric_write_ops_daily as w - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - order by - r.volume_id, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml.bak deleted file mode 100755 index ed08a8048..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_hourly_1 -Title: "Find AWS EBS Volume Metrics on Hourly Write Operations" -Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops_hourly - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml.bak deleted file mode 100755 index 9fc063589..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_hourly_2 -Title: "Query AWS EBS Volume Hourly Write Operations Metrics" -Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops_hourly - where - average > 1000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml.bak deleted file mode 100755 index 6554e0e03..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_hourly_3 -Title: "List all AWS EBS Volume Metrics on Hourly Write Ops" -Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops_hourly - where - maximum > 8000 - order by - volume_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml.bak deleted file mode 100755 index 9c446308b..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_hourly_4 -Title: "Find AWS EBS Volume Hourly Write Operation Metrics" -Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - v.iops as provisioned_iops, - round(r.average) +round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg - from - aws_ebs_volume_metric_read_ops_hourly as r, - aws_ebs_volume_metric_write_ops_hourly as w, - aws_ebs_volume as v - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - and v.volume_id = r.volume_id - and r.average + w.average > v.iops - order by - r.volume_id, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml.bak b/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml.bak deleted file mode 100755 index 9ec155a2a..000000000 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_ebs_volume_metric_write_ops_hourly_5 -Title: "Find AWS EBS Volume Metrics on Hourly Write Ops" -Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_ebs_volume_metric_read_ops_hourly as r, - aws_ebs_volume_metric_write_ops_hourly as w - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - order by - r.volume_id, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EBS diff --git a/queries/aws_ec2_ami_1.yaml.bak b/queries/aws_ec2_ami_1.yaml.bak deleted file mode 100755 index ab735156d..000000000 --- a/queries/aws_ec2_ami_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_ami_1 -Title: "List all AWS EC2 AMIs with Details via SQL" -Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - state, - image_location, - creation_date, - public, - root_device_name - from - aws_ec2_ami; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_ami_2.yaml.bak b/queries/aws_ec2_ami_2.yaml.bak deleted file mode 100755 index 85711e6ee..000000000 --- a/queries/aws_ec2_ami_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ec2_ami_2 -Title: "List all AWS EC2 AMIs to Retrieve Detailed Information" -Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - public - from - aws_ec2_ami - where - public; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_ami_3.yaml.bak b/queries/aws_ec2_ami_3.yaml.bak deleted file mode 100755 index bcc210f50..000000000 --- a/queries/aws_ec2_ami_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_ami_3 -Title: "List all AWS EC2 AMI Details with Failed State" -Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - public, - state - from - aws_ec2_ami - where - state = 'failed'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_ami_3.yaml.bak.bak b/queries/aws_ec2_ami_3.yaml.bak.bak deleted file mode 100755 index bcc210f50..000000000 --- a/queries/aws_ec2_ami_3.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_ami_3 -Title: "List all AWS EC2 AMI Details with Failed State" -Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - public, - state - from - aws_ec2_ami - where - state = 'failed'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_ami_4.yaml.bak b/queries/aws_ec2_ami_4.yaml.bak deleted file mode 100755 index 6cced891b..000000000 --- a/queries/aws_ec2_ami_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ec2_ami_4 -Title: "List all AWS EC2 AMIs with Detailed Information" -Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - mapping -> 'Ebs' ->> 'VolumeSize' as volume_size, - mapping -> 'Ebs' ->> 'VolumeType' as volume_type, - mapping -> 'Ebs' ->> 'Encrypted' as encryption_status, - mapping -> 'Ebs' ->> 'KmsKeyId' as kms_key, - mapping -> 'Ebs' ->> 'DeleteOnTermination' as delete_on_termination - from - aws_ec2_ami - cross join jsonb_array_elements(block_device_mappings) as mapping; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 AMI diff --git a/queries/aws_ec2_ami_shared_1.yaml.bak b/queries/aws_ec2_ami_shared_1.yaml.bak deleted file mode 100755 index 0fea12016..000000000 --- a/queries/aws_ec2_ami_shared_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ec2_ami_shared_1 -Title: "Find shared Amazon Machine Images (AMIs) in AWS EC2" -Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - state, - image_location, - creation_date, - public, - root_device_name - from - aws_ec2_ami_shared - where - owner_id = '137112412989'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_ami_shared_2.yaml.bak b/queries/aws_ec2_ami_shared_2.yaml.bak deleted file mode 100755 index 64bc6b341..000000000 --- a/queries/aws_ec2_ami_shared_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ec2_ami_shared_2 -Title: "Find Shared Amazon Machine Images (AMIs) in AWS EC2" -Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - state, - image_location, - creation_date, - public, - root_device_name - from - aws_ec2_ami_shared - where - owner_id = '137112412989' - and architecture = 'arm64'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_ami_shared_2.yaml.bak.bak b/queries/aws_ec2_ami_shared_2.yaml.bak.bak deleted file mode 100755 index 64bc6b341..000000000 --- a/queries/aws_ec2_ami_shared_2.yaml.bak.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ec2_ami_shared_2 -Title: "Find Shared Amazon Machine Images (AMIs) in AWS EC2" -Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - state, - image_location, - creation_date, - public, - root_device_name - from - aws_ec2_ami_shared - where - owner_id = '137112412989' - and architecture = 'arm64'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_ami_shared_3.yaml.bak b/queries/aws_ec2_ami_shared_3.yaml.bak deleted file mode 100755 index a1af0abf5..000000000 --- a/queries/aws_ec2_ami_shared_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_ami_shared_3 -Title: "List all shared Amazon Machine Images (AMIs) in AWS EC2" -Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.title, - i.instance_id, - i.image_id, - ami.name, - ami.description, - ami.platform_details - from - aws_ec2_instance as i - join aws_ec2_ami_shared as ami on i.image_id = ami.image_id - where - ami.owner_id = '137112412989'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_application_load_balancer_1.yaml.bak b/queries/aws_ec2_application_load_balancer_1.yaml.bak deleted file mode 100755 index c163bf9e5..000000000 --- a/queries/aws_ec2_application_load_balancer_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_application_load_balancer_1 -Title: "Find AWS EC2 Load Balancers with Security Groups" -Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_array_elements_text(security_groups) as attached_security_group - from - aws_ec2_application_load_balancer; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_2.yaml.bak b/queries/aws_ec2_application_load_balancer_2.yaml.bak deleted file mode 100755 index 759929c71..000000000 --- a/queries/aws_ec2_application_load_balancer_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ec2_application_load_balancer_2 -Title: "List All AWS EC2 Application Load Balancers with Details" -Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - az ->> 'LoadBalancerAddresses' as load_balancer_addresses, - az ->> 'OutpostId' as outpost_id, - az ->> 'SubnetId' as subnet_id, - az ->> 'ZoneName' as zone_name - from - aws_ec2_application_load_balancer - cross join jsonb_array_elements(availability_zones) as az; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_3.yaml.bak b/queries/aws_ec2_application_load_balancer_3.yaml.bak deleted file mode 100755 index 505bb66b7..000000000 --- a/queries/aws_ec2_application_load_balancer_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ec2_application_load_balancer_3 -Title: "List All AWS EC2 ALBs with Detailed Information" -Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - count(az ->> 'ZoneName') < 2 as zone_count_1 - from - aws_ec2_application_load_balancer - cross join jsonb_array_elements(availability_zones) as az - group by - name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_4.yaml.bak b/queries/aws_ec2_application_load_balancer_4.yaml.bak deleted file mode 100755 index 7675d6597..000000000 --- a/queries/aws_ec2_application_load_balancer_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_application_load_balancer_4 -Title: "List all AWS EC2 Application Load Balancers and Attributes" -Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as logging_key, - lb ->> 'Value' as logging_value - from - aws_ec2_application_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'access_logs.s3.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_5.yaml.bak b/queries/aws_ec2_application_load_balancer_5.yaml.bak deleted file mode 100755 index ef60fa395..000000000 --- a/queries/aws_ec2_application_load_balancer_5.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ec2_application_load_balancer_5 -Title: "List all AWS EC2 Application Load Balancer Details" -Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as deletion_protection_key, - lb ->> 'Value' as deletion_protection_value - from - aws_ec2_application_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'deletion_protection.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml.bak b/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml.bak deleted file mode 100755 index f33069b65..000000000 --- a/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ec2_application_load_balancer_metric_request_count_1 -Title: "Query AWS EC2 Application Load Balancer Request Count" -Description: "Allows users to query AWS EC2 Application Load Balancer Metrics, specifically the request count." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - average, - maximum, - minimum, - sample_count, - timestamp - from - aws_ec2_application_load_balancer_metric_request_count - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml.bak b/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml.bak deleted file mode 100755 index 2f189bef2..000000000 --- a/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_ec2_application_load_balancer_metric_request_count_2 -Title: "List AWS EC2 Application Load Balancer Request Counts" -Description: "Allows users to query AWS EC2 Application Load Balancer Metrics, specifically the request count." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - maximum, - minimum, - average - sample_count, - timestamp - from - aws_ec2_application_load_balancer_metric_request_count - where - average < 100 - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml.bak b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml.bak deleted file mode 100755 index 7984bdb4a..000000000 --- a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_ec2_application_load_balancer_metric_request_count_daily_1 -Title: "Find daily request count metrics of AWS EC2 ALB" -Description: "Allows users to query daily request count metrics of the AWS EC2 Application Load Balancer." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - average, - maximum, - minimum, - sample_count, - timestamp - from - aws_ec2_application_load_balancer_metric_request_count_daily - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Application Load Balancer diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml.bak b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml.bak deleted file mode 100755 index 1cbf44d2a..000000000 --- a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_ec2_application_load_balancer_metric_request_count_daily_2 -Title: "List all daily request count metrics for AWS EC2 Application Load Balancer" -Description: "Allows users to query daily request count metrics of the AWS EC2 Application Load Balancer." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - maximum, - minimum, - average - sample_count, - timestamp - from - aws_ec2_application_load_balancer_metric_request_count_daily - where - average < 100 - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Application Load Balancer diff --git a/queries/aws_ec2_autoscaling_group_1.yaml.bak b/queries/aws_ec2_autoscaling_group_1.yaml.bak deleted file mode 100755 index 5107cf597..000000000 --- a/queries/aws_ec2_autoscaling_group_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ec2_autoscaling_group_1 -Title: "List all AWS EC2 Auto Scaling Groups with Details" -Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - load_balancer_names, - availability_zones, - service_linked_role_arn, - default_cooldown, - max_size, - min_size, - new_instances_protected_from_scale_in - from - aws_ec2_autoscaling_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Auto Scaling diff --git a/queries/aws_ec2_autoscaling_group_2.yaml.bak b/queries/aws_ec2_autoscaling_group_2.yaml.bak deleted file mode 100755 index 613d9485c..000000000 --- a/queries/aws_ec2_autoscaling_group_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_autoscaling_group_2 -Title: "Find AWS EC2 Auto Scaling Groups with Less than 2 AZs" -Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_array_length(availability_zones) as az_count - from - aws_ec2_autoscaling_group - where - jsonb_array_length(availability_zones) < 2; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Auto Scaling diff --git a/queries/aws_ec2_autoscaling_group_3.yaml.bak b/queries/aws_ec2_autoscaling_group_3.yaml.bak deleted file mode 100755 index 9ee5b77c9..000000000 --- a/queries/aws_ec2_autoscaling_group_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ec2_autoscaling_group_3 -Title: "List all AWS EC2 Auto Scaling Groups and Details" -Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as autoscaling_group_name, - ins_detail ->> 'InstanceId' as instance_id, - ins_detail ->> 'InstanceType' as instance_type, - ins_detail ->> 'AvailabilityZone' as az, - ins_detail ->> 'HealthStatus' as health_status, - ins_detail ->> 'LaunchConfigurationName' as launch_configuration_name, - ins_detail -> 'LaunchTemplate' ->> 'LaunchTemplateName' as launch_template_name, - ins_detail -> 'LaunchTemplate' ->> 'Version' as launch_template_version, - ins_detail ->> 'ProtectedFromScaleIn' as protected_from_scale_in - from - aws_ec2_autoscaling_group, - jsonb_array_elements(instances) as ins_detail; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Auto Scaling diff --git a/queries/aws_ec2_autoscaling_group_4.yaml.bak b/queries/aws_ec2_autoscaling_group_4.yaml.bak deleted file mode 100755 index 3f2315e8a..000000000 --- a/queries/aws_ec2_autoscaling_group_4.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_ec2_autoscaling_group_4 -Title: "List AWS EC2 Auto Scaling Groups and Their Configurations" -Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - health_check_type, - health_check_grace_period - from - aws_ec2_autoscaling_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Auto Scaling diff --git a/queries/aws_ec2_capacity_reservation_1.yaml.bak b/queries/aws_ec2_capacity_reservation_1.yaml.bak deleted file mode 100755 index 8ac69d474..000000000 --- a/queries/aws_ec2_capacity_reservation_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_capacity_reservation_1 -Title: "Find All AWS EC2 Capacity Reservations via SQL" -Description: "Allows users to query AWS EC2 Capacity Reservations to provide information about the reservations within AWS Elastic Compute Cloud (EC2)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - capacity_reservation_id, - capacity_reservation_arn, - instance_type, - state - from - aws_ec2_capacity_reservation; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Compute Cloud (EC2) diff --git a/queries/aws_ec2_capacity_reservation_2.yaml.bak b/queries/aws_ec2_capacity_reservation_2.yaml.bak deleted file mode 100755 index a49bdbe63..000000000 --- a/queries/aws_ec2_capacity_reservation_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_capacity_reservation_2 -Title: "Find AWS EC2 Capacity Reservations with SQL Query" -Description: "Allows users to query AWS EC2 Capacity Reservations to provide information about the reservations within AWS Elastic Compute Cloud (EC2)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - capacity_reservation_id, - capacity_reservation_arn, - instance_type, - state - from - aws_ec2_capacity_reservation - where - state = 'expired'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_capacity_reservation_3.yaml.bak b/queries/aws_ec2_capacity_reservation_3.yaml.bak deleted file mode 100755 index b14c24f07..000000000 --- a/queries/aws_ec2_capacity_reservation_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_capacity_reservation_3 -Title: "List AWS EC2 Capacity Reservations Details" -Description: "Allows users to query AWS EC2 Capacity Reservations to provide information about the reservations within AWS Elastic Compute Cloud (EC2)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - capacity_reservation_id, - capacity_reservation_arn, - instance_type, - state - from - aws_ec2_capacity_reservation - where - capacity_reservation_id = 'cr-0b30935e9fc2da81e'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Compute Cloud (EC2) diff --git a/queries/aws_ec2_classic_load_balancer_1.yaml.bak b/queries/aws_ec2_classic_load_balancer_1.yaml.bak deleted file mode 100755 index 2c1558cfb..000000000 --- a/queries/aws_ec2_classic_load_balancer_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_classic_load_balancer_1 -Title: "List all AWS EC2 Classic Load Balancers with Instances" -Description: "Allows users to query Classic Load Balancers within Amazon EC2." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - instances - from - aws_ec2_classic_load_balancer; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EC2 diff --git a/queries/aws_ec2_classic_load_balancer_2.yaml.bak b/queries/aws_ec2_classic_load_balancer_2.yaml.bak deleted file mode 100755 index 6b0ed6b99..000000000 --- a/queries/aws_ec2_classic_load_balancer_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_classic_load_balancer_2 -Title: "List all disabled access logs on EC2 Classic Load Balancers" -Description: "Allows users to query Classic Load Balancers within Amazon EC2." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_log_enabled - from - aws_ec2_classic_load_balancer - where - access_log_enabled = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Classic Load Balancer diff --git a/queries/aws_ec2_classic_load_balancer_3.yaml.bak b/queries/aws_ec2_classic_load_balancer_3.yaml.bak deleted file mode 100755 index 637b9f9ca..000000000 --- a/queries/aws_ec2_classic_load_balancer_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_classic_load_balancer_3 -Title: "List all Classic Load Balancers within Amazon EC2" -Description: "Allows users to query Classic Load Balancers within Amazon EC2." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_array_elements_text(security_groups) as sg - from - aws_ec2_classic_load_balancer; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_classic_load_balancer_4.yaml.bak b/queries/aws_ec2_classic_load_balancer_4.yaml.bak deleted file mode 100755 index b09b60996..000000000 --- a/queries/aws_ec2_classic_load_balancer_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_classic_load_balancer_4 -Title: "Find all Load Balancers in AWS EC2 Classic" -Description: "Allows users to query Classic Load Balancers within Amazon EC2." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - listener_description -> 'Listener' ->> 'InstancePort' as instance_port, - listener_description -> 'Listener' ->> 'InstanceProtocol' as instance_protocol, - listener_description -> 'Listener' ->> 'LoadBalancerPort' as load_balancer_port, - listener_description -> 'Listener' ->> 'Protocol' as load_balancer_protocol, - listener_description -> 'SSLCertificateId' ->> 'SSLCertificateId' as ssl_certificate, - listener_description -> 'Listener' ->> 'PolicyNames' as policy_names - from - aws_ec2_classic_load_balancer - cross join jsonb_array_elements(listener_descriptions) as listener_description; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_classic_load_balancer_5.yaml.bak b/queries/aws_ec2_classic_load_balancer_5.yaml.bak deleted file mode 100755 index 3fa54f1f8..000000000 --- a/queries/aws_ec2_classic_load_balancer_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_classic_load_balancer_5 -Title: "List all EC2 Classic Load Balancers and Health Configs" -Description: "Allows users to query Classic Load Balancers within Amazon EC2." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - healthy_threshold, - health_check_interval, - health_check_target, - health_check_timeout, - unhealthy_threshold - from - aws_ec2_classic_load_balancer; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_client_vpn_endpoint_1.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_1.yaml.bak deleted file mode 100755 index a5df7c4f6..000000000 --- a/queries/aws_ec2_client_vpn_endpoint_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_client_vpn_endpoint_1 -Title: "Find AWS EC2 Client VPN Endpoints Configuration and Status" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - description, - status, - client_vpn_endpoint_id, - transport_protocol, - creation_time, - tags - from - aws_ec2_client_vpn_endpoint; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Client VPN diff --git a/queries/aws_ec2_client_vpn_endpoint_2.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_2.yaml.bak deleted file mode 100755 index 15f86aa08..000000000 --- a/queries/aws_ec2_client_vpn_endpoint_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_client_vpn_endpoint_2 -Title: "Find AWS EC2 Client VPN Endpoint Network Details" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - status, - client_vpn_endpoint_id, - transport_protocol, - tags - from - aws_ec2_client_vpn_endpoint - where - status ->> 'Code' <> 'available'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Client VPN diff --git a/queries/aws_ec2_client_vpn_endpoint_3.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_3.yaml.bak deleted file mode 100755 index 8e12d0003..000000000 --- a/queries/aws_ec2_client_vpn_endpoint_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_client_vpn_endpoint_3 -Title: "List all AWS EC2 Client VPN Endpoint Details" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - status ->> 'Code' as status, - client_vpn_endpoint_id, - transport_protocol, - tags - from - aws_ec2_client_vpn_endpoint - where - creation_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Client VPN diff --git a/queries/aws_ec2_client_vpn_endpoint_4.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_4.yaml.bak deleted file mode 100755 index cfe588c8c..000000000 --- a/queries/aws_ec2_client_vpn_endpoint_4.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_ec2_client_vpn_endpoint_4 -Title: "Find Configuration and Status of AWS EC2 Client VPN Endpoints" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - status ->> 'Code' as status, - client_vpn_endpoint_id, - security_group_ids, - vpc_id, - vpn_port, - vpn_protocol, - transport_protocol, - tags - from - aws_ec2_client_vpn_endpoint - where - creation_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Client VPN diff --git a/queries/aws_ec2_client_vpn_endpoint_5.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_5.yaml.bak deleted file mode 100755 index 6c562b40f..000000000 --- a/queries/aws_ec2_client_vpn_endpoint_5.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ec2_client_vpn_endpoint_5 -Title: "Find AWS EC2 Client VPN Endpoints Configuration Details" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - status ->> 'Code' as status, - client_vpn_endpoint_id, - security_group_ids, - vpc_id, - vpn_port, - vpn_protocol, - transport_protocol, - tags - from - aws_ec2_client_vpn_endpoint; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_client_vpn_endpoint_6.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_6.yaml.bak deleted file mode 100755 index 3914353a5..000000000 --- a/queries/aws_ec2_client_vpn_endpoint_6.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_client_vpn_endpoint_6 -Title: "List all AWS EC2 Client VPN Endpoints with Details" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - status ->> 'Code' as status, - client_vpn_endpoint_id, - connection_log_options ->> 'Enabled' as connection_log_options_enabled, - connection_log_options ->> 'CloudwatchLogGroup' as connection_log_options_cloudwatch_log_group, - connection_log_options ->> 'CloudwatchLogStream' as connection_log_options_cloudwatch_log_stream, - tags - from - aws_ec2_client_vpn_endpoint; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Client VPN diff --git a/queries/aws_ec2_client_vpn_endpoint_7.yaml.bak b/queries/aws_ec2_client_vpn_endpoint_7.yaml.bak deleted file mode 100755 index 4b831848f..000000000 --- a/queries/aws_ec2_client_vpn_endpoint_7.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ec2_client_vpn_endpoint_7 -Title: "List all Configuration and Status of EC2 Client VPN Endpoints" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - status ->> 'Code' as status, - client_vpn_endpoint_id, - autentication ->> 'Type' as authentication_options_type, - autentication -> 'MutualAuthentication' ->> 'ClientRootCertificateChain' as authentication_client_root_certificate_chain, - authentication_options, - tags - from - aws_ec2_client_vpn_endpoint, - jsonb_array_elements(authentication_options) as autentication; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_gateway_load_balancer_1.yaml.bak b/queries/aws_ec2_gateway_load_balancer_1.yaml.bak deleted file mode 100755 index 4c5e9eac5..000000000 --- a/queries/aws_ec2_gateway_load_balancer_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_gateway_load_balancer_1 -Title: "Find AWS EC2 Gateway Load Balancer details, config & state" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - type, - state_code, - vpc_id, - availability_zones - from - aws_ec2_gateway_load_balancer; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_2.yaml.bak b/queries/aws_ec2_gateway_load_balancer_2.yaml.bak deleted file mode 100755 index cfab0f9a5..000000000 --- a/queries/aws_ec2_gateway_load_balancer_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_gateway_load_balancer_2 -Title: "List all AWS EC2 Gateway Load Balancer Details" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - az ->> 'LoadBalancerAddresses' as load_balancer_addresses, - az ->> 'OutpostId' as outpost_id, - az ->> 'SubnetId' as subnet_id, - az ->> 'ZoneName' as zone_name - from - aws_ec2_gateway_load_balancer, - jsonb_array_elements(availability_zones) as az; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_3.yaml.bak b/queries/aws_ec2_gateway_load_balancer_3.yaml.bak deleted file mode 100755 index 4ebce86af..000000000 --- a/queries/aws_ec2_gateway_load_balancer_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_gateway_load_balancer_3 -Title: "Find AWS EC2 Gateway Load Balancer Details and Configuration" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - count(az ->> 'ZoneName') as zone_count - from - aws_ec2_gateway_load_balancer, - jsonb_array_elements(availability_zones) as az - group by - name - having - count(az ->> 'ZoneName') < 2; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_4.yaml.bak b/queries/aws_ec2_gateway_load_balancer_4.yaml.bak deleted file mode 100755 index ab144b885..000000000 --- a/queries/aws_ec2_gateway_load_balancer_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_gateway_load_balancer_4 -Title: "Find AWS EC2 Gateway Load Balancer with deletion protection" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as deletion_protection_key, - lb ->> 'Value' as deletion_protection_value - from - aws_ec2_gateway_load_balancer, - jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'deletion_protection.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_4.yaml.bak.bak b/queries/aws_ec2_gateway_load_balancer_4.yaml.bak.bak deleted file mode 100755 index ab144b885..000000000 --- a/queries/aws_ec2_gateway_load_balancer_4.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_gateway_load_balancer_4 -Title: "Find AWS EC2 Gateway Load Balancer with deletion protection" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as deletion_protection_key, - lb ->> 'Value' as deletion_protection_value - from - aws_ec2_gateway_load_balancer, - jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'deletion_protection.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_5.yaml.bak b/queries/aws_ec2_gateway_load_balancer_5.yaml.bak deleted file mode 100755 index 8bdc8083e..000000000 --- a/queries/aws_ec2_gateway_load_balancer_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_gateway_load_balancer_5 -Title: "Find AWS EC2 Gateway Load Balancer Configuration Details" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as load_balancing_cross_zone_key, - lb ->> 'Value' as load_balancing_cross_zone_value - from - aws_ec2_gateway_load_balancer, - jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'load_balancing.cross_zone.enabled' - and lb ->> 'Value' = 'true'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_6.yaml.bak b/queries/aws_ec2_gateway_load_balancer_6.yaml.bak deleted file mode 100755 index 83aff26ae..000000000 --- a/queries/aws_ec2_gateway_load_balancer_6.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_gateway_load_balancer_6 -Title: "Find AWS EC2 Gateway Load Balancer Details" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_array_elements_text(security_groups) as attached_security_group - from - aws_ec2_gateway_load_balancer; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_gateway_load_balancer_7.yaml.bak b/queries/aws_ec2_gateway_load_balancer_7.yaml.bak deleted file mode 100755 index 6170b9451..000000000 --- a/queries/aws_ec2_gateway_load_balancer_7.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_gateway_load_balancer_7 -Title: "Find AWS EC2 Gateway Load Balancer details, state, type" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - state_code - from - aws_ec2_gateway_load_balancer - where - state_code <> 'active'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Gateway Load Balancer diff --git a/queries/aws_ec2_instance_1.yaml.bak b/queries/aws_ec2_instance_1.yaml.bak deleted file mode 100755 index 534d71cbc..000000000 --- a/queries/aws_ec2_instance_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_instance_1 -Title: "List all AWS EC2 Instances with Type and State Info" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - placement_availability_zone as az, - instance_type, - count(*) - from - aws_ec2_instance - group by - placement_availability_zone, - instance_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_10.yaml.bak b/queries/aws_ec2_instance_10.yaml.bak deleted file mode 100755 index 2e702684b..000000000 --- a/queries/aws_ec2_instance_10.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_instance_10 -Title: "Find all AWS EC2 Instances with API Termination Enabled" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - disable_api_termination - from - aws_ec2_instance - where - not disable_api_termination; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_11.yaml.bak b/queries/aws_ec2_instance_11.yaml.bak deleted file mode 100755 index 88ef49825..000000000 --- a/queries/aws_ec2_instance_11.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_instance_11 -Title: "List all AWS EC2 Instances with Group Details" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - sg ->> 'GroupId' as group_id, - sg ->> 'GroupName' as group_name - from - aws_ec2_instance - cross join jsonb_array_elements(security_groups) as sg - where - sg ->> 'GroupName' = 'default'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_12.yaml.bak b/queries/aws_ec2_instance_12.yaml.bak deleted file mode 100755 index d6e487b31..000000000 --- a/queries/aws_ec2_instance_12.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_instance_12 -Title: "List all AWS EC2 Instances and Volume Encryption Status" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.instance_id, - vols -> 'Ebs' ->> 'VolumeId' as vol_id, - vol.encrypted - from - aws_ec2_instance as i - cross join jsonb_array_elements(block_device_mappings) as vols - join aws_ebs_volume as vol on vol.volume_id = vols -> 'Ebs' ->> 'VolumeId' - where - not vol.encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_12.yaml.bak.bak b/queries/aws_ec2_instance_12.yaml.bak.bak deleted file mode 100755 index d6e487b31..000000000 --- a/queries/aws_ec2_instance_12.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_instance_12 -Title: "List all AWS EC2 Instances and Volume Encryption Status" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.instance_id, - vols -> 'Ebs' ->> 'VolumeId' as vol_id, - vol.encrypted - from - aws_ec2_instance as i - cross join jsonb_array_elements(block_device_mappings) as vols - join aws_ebs_volume as vol on vol.volume_id = vols -> 'Ebs' ->> 'VolumeId' - where - not vol.encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_13.yaml.bak b/queries/aws_ec2_instance_13.yaml.bak deleted file mode 100755 index 0bd7fa2c7..000000000 --- a/queries/aws_ec2_instance_13.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_instance_13 -Title: "Find EC2 Instances with Sensitive Data in User Data" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - user_data - from - aws_ec2_instance - where - user_data like any (array ['%pass%', '%secret%','%token%','%key%']) - or user_data ~ '(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_14.yaml.bak b/queries/aws_ec2_instance_14.yaml.bak deleted file mode 100755 index e3ce339b0..000000000 --- a/queries/aws_ec2_instance_14.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ec2_instance_14 -Title: "List All AWS EC2 Instances with Detailed Information" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - launch_template_data -> 'ImageId' as image_id, - launch_template_data -> 'Placement' as placement, - launch_template_data -> 'DisableApiStop' as disable_api_stop, - launch_template_data -> 'MetadataOptions' as metadata_options, - launch_template_data -> 'NetworkInterfaces' as network_interfaces, - launch_template_data -> 'BlockDeviceMappings' as block_device_mappings, - launch_template_data -> 'CapacityReservationSpecification' as capacity_reservation_specification - from - aws_ec2_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_15.yaml.bak b/queries/aws_ec2_instance_15.yaml.bak deleted file mode 100755 index 23c1b53d1..000000000 --- a/queries/aws_ec2_instance_15.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_instance_15 -Title: "List all AWS EC2 Instances with Comprehensive Data" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.instance_id, - i.vpc_id, - i.subnet_id, - s.tags ->> 'Name' as subnet_name - from - aws_ec2_instance as i, - aws_vpc_subnet as s - where - i.subnet_id = s.subnet_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_2.yaml.bak b/queries/aws_ec2_instance_2.yaml.bak deleted file mode 100755 index aa9c8aa82..000000000 --- a/queries/aws_ec2_instance_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_instance_2 -Title: "List all AWS EC2 Instances and Their States" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - monitoring_state - from - aws_ec2_instance - where - monitoring_state = 'disabled'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_3.yaml.bak b/queries/aws_ec2_instance_3.yaml.bak deleted file mode 100755 index 70e5b2b78..000000000 --- a/queries/aws_ec2_instance_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_instance_3 -Title: "List all AWS EC2 Instances with Types and Counts" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - count(instance_type) as count - from - aws_ec2_instance - group by - instance_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_4.yaml.bak b/queries/aws_ec2_instance_4.yaml.bak deleted file mode 100755 index 4bd06b933..000000000 --- a/queries/aws_ec2_instance_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_instance_4 -Title: "Find AWS EC2 Instances Stopped Over 30 days Ago" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - instance_state, - launch_time, - state_transition_time - from - aws_ec2_instance - where - instance_state = 'stopped' - and state_transition_time <= (current_date - interval '30' day); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_5.yaml.bak b/queries/aws_ec2_instance_5.yaml.bak deleted file mode 100755 index b5398f1ba..000000000 --- a/queries/aws_ec2_instance_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_instance_5 -Title: "List all AWS EC2 Instances with Comprehensive Data" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - tags - from - aws_ec2_instance - where - not tags :: JSONB ? 'application'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_6.yaml.bak b/queries/aws_ec2_instance_6.yaml.bak deleted file mode 100755 index 1a763a3c5..000000000 --- a/queries/aws_ec2_instance_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_instance_6 -Title: "Find all EC2 Instances with Detailed Information" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - instance_state, - launch_time, - maintenance_options ->> 'AutoRecovery' as auto_recovery - from - aws_ec2_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_7.yaml.bak b/queries/aws_ec2_instance_7.yaml.bak deleted file mode 100755 index da8a12962..000000000 --- a/queries/aws_ec2_instance_7.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ec2_instance_7 -Title: "List all AWS EC2 instances including detailed data" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - instance_type, - instance_state, - l ->> 'LicenseConfigurationArn' as license_configuration_arn - from - aws_ec2_instance, - jsonb_array_elements(licenses) as l; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_8.yaml.bak b/queries/aws_ec2_instance_8.yaml.bak deleted file mode 100755 index 87a61a8fe..000000000 --- a/queries/aws_ec2_instance_8.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ec2_instance_8 -Title: "List all AWS EC2 Instances with Detailed Attributes" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - instance_state, - placement_affinity, - placement_group_id, - placement_group_name, - placement_availability_zone, - placement_host_id, - placement_host_resource_group_arn, - placement_partition_number, - placement_tenancy - from - aws_ec2_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_9.yaml.bak b/queries/aws_ec2_instance_9.yaml.bak deleted file mode 100755 index 704225a7b..000000000 --- a/queries/aws_ec2_instance_9.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_instance_9 -Title: "List all AWS EC2 Instances with Instance Type Count" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - count(*) as count - from - aws_ec2_instance - where - instance_type not in ('t2.large', 'm3.medium') - group by - instance_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_availability_1.yaml.bak b/queries/aws_ec2_instance_availability_1.yaml.bak deleted file mode 100755 index 8a27be0cd..000000000 --- a/queries/aws_ec2_instance_availability_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_instance_availability_1 -Title: "List all AWS EC2 Instance Availability by Region" -Description: "Allows users to query AWS EC2 Instance Availability and retrieve detailed information about the availability of EC2 instances in each AWS region." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - location - from - aws_ec2_instance_availability - where - location = 'us-east-1'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_availability_2.yaml.bak b/queries/aws_ec2_instance_availability_2.yaml.bak deleted file mode 100755 index afe649d4a..000000000 --- a/queries/aws_ec2_instance_availability_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_instance_availability_2 -Title: "List all AWS EC2 Instance Availability by Region" -Description: "Allows users to query AWS EC2 Instance Availability and retrieve detailed information about the availability of EC2 instances in each AWS region." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - location - from - aws_ec2_instance_availability - where - location = 'af-south' - and instance_type = 'r5.12xlarge'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml.bak deleted file mode 100755 index ea75cfef7..000000000 --- a/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_instance_metric_cpu_utilization_1 -Title: "Find AWS EC2 Instance CPU Utilization Metrics" -Description: "Allows users to query EC2 Instance CPU Utilization metrics from AWS CloudWatch." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_ec2_instance_metric_cpu_utilization - order by - instance_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml.bak deleted file mode 100755 index 79f138c97..000000000 --- a/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ec2_instance_metric_cpu_utilization_2 -Title: "Find AWS EC2 Instances with High CPU Utilization" -Description: "Allows users to query EC2 Instance CPU Utilization metrics from AWS CloudWatch." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ec2_instance_metric_cpu_utilization - where average > 80 - order by - instance_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml.bak deleted file mode 100755 index 2c51adcf4..000000000 --- a/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_instance_metric_cpu_utilization_daily_1 -Title: "List AWS EC2 Instances Daily CPU Utilization Metrics" -Description: "Allows users to query daily CPU utilization metrics of AWS EC2 instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_ec2_instance_metric_cpu_utilization_daily - order by - instance_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml.bak deleted file mode 100755 index 2e743873e..000000000 --- a/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_ec2_instance_metric_cpu_utilization_daily_2 -Title: "Find AWS EC2 Instances with High Daily CPU Utilization" -Description: "Allows users to query daily CPU utilization metrics of AWS EC2 instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ec2_instance_metric_cpu_utilization_daily - where average > 80 - order by - instance_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml.bak deleted file mode 100755 index 6da90ac48..000000000 --- a/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ec2_instance_metric_cpu_utilization_daily_3 -Title: "Find Daily CPU Utilization Metrics of AWS EC2 Instances" -Description: "Allows users to query daily CPU utilization metrics of AWS EC2 instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ec2_instance_metric_cpu_utilization_daily - where average < 1 - order by - instance_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak deleted file mode 100755 index 62f46697f..000000000 --- a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ec2_instance_metric_cpu_utilization_hourly_1 -Title: "Query AWS EC2 Instance CPU Utilization Metrics Hourly" -Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_ec2_instance_metric_cpu_utilization_hourly - order by - instance_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Instance diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak.bak b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak.bak deleted file mode 100755 index 62f46697f..000000000 --- a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml.bak.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ec2_instance_metric_cpu_utilization_hourly_1 -Title: "Query AWS EC2 Instance CPU Utilization Metrics Hourly" -Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_ec2_instance_metric_cpu_utilization_hourly - order by - instance_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Instance diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml.bak deleted file mode 100755 index 68f71ddca..000000000 --- a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ec2_instance_metric_cpu_utilization_hourly_2 -Title: "Find all AWS EC2 Instance CPU Utilization hourly metrics" -Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ec2_instance_metric_cpu_utilization_hourly - where average > 80 - order by - instance_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml.bak b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml.bak deleted file mode 100755 index d18bf4c20..000000000 --- a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ec2_instance_metric_cpu_utilization_hourly_3 -Title: "Find EC2 Instance Hourly CPU Utilization Metrics in AWS" -Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ec2_instance_metric_cpu_utilization_hourly - where average < 1 - order by - instance_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_type_1.yaml.bak b/queries/aws_ec2_instance_type_1.yaml.bak deleted file mode 100755 index caaa15457..000000000 --- a/queries/aws_ec2_instance_type_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_instance_type_1 -Title: "List all AWS EC2 Instance Type Data and Details" -Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - dedicated_hosts_supported - from - aws_ec2_instance_type - where - dedicated_hosts_supported; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Instance Type diff --git a/queries/aws_ec2_instance_type_2.yaml.bak b/queries/aws_ec2_instance_type_2.yaml.bak deleted file mode 100755 index 442db0b4c..000000000 --- a/queries/aws_ec2_instance_type_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_instance_type_2 -Title: "Find All AWS EC2 Instance Types and Recovery Support" -Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - auto_recovery_supported - from - aws_ec2_instance_type - where - not auto_recovery_supported; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Instance Type diff --git a/queries/aws_ec2_instance_type_2.yaml.bak.bak b/queries/aws_ec2_instance_type_2.yaml.bak.bak deleted file mode 100755 index 442db0b4c..000000000 --- a/queries/aws_ec2_instance_type_2.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_instance_type_2 -Title: "Find All AWS EC2 Instance Types and Recovery Support" -Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - auto_recovery_supported - from - aws_ec2_instance_type - where - not auto_recovery_supported; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Instance Type diff --git a/queries/aws_ec2_instance_type_3.yaml.bak b/queries/aws_ec2_instance_type_3.yaml.bak deleted file mode 100755 index 3d6a9daae..000000000 --- a/queries/aws_ec2_instance_type_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ec2_instance_type_3 -Title: "Find AWS EC2 Instance Types with Detailed Specs" -Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - dedicated_hosts_supported, - v_cpu_info -> 'DefaultCores' as default_cores, - v_cpu_info -> 'DefaultThreadsPerCore' as default_threads_per_core, - v_cpu_info -> 'DefaultVCpus' as default_vcpus, - v_cpu_info -> 'ValidCores' as valid_cores, - v_cpu_info -> 'ValidThreadsPerCore' as valid_threads_per_core - from - aws_ec2_instance_type - where - v_cpu_info ->> 'DefaultCores' > '24'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_type_4.yaml.bak b/queries/aws_ec2_instance_type_4.yaml.bak deleted file mode 100755 index 2581e0349..000000000 --- a/queries/aws_ec2_instance_type_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_instance_type_4 -Title: "Find all AWS EC2 Instance Types with Unsupported Encryption" -Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - ebs_info ->> 'EncryptionSupport' as encryption_support - from - aws_ec2_instance_type - where - ebs_info ->> 'EncryptionSupport' = 'unsupported'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_instance_type_5.yaml.bak b/queries/aws_ec2_instance_type_5.yaml.bak deleted file mode 100755 index 7ca34526a..000000000 --- a/queries/aws_ec2_instance_type_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_instance_type_5 -Title: "List all AWS EC2 Instance Types with Free Tier Eligibility" -Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - free_tier_eligible - from - aws_ec2_instance_type - where - free_tier_eligible; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_key_pair_1.yaml.bak b/queries/aws_ec2_key_pair_1.yaml.bak deleted file mode 100755 index 55dd64d9c..000000000 --- a/queries/aws_ec2_key_pair_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ec2_key_pair_1 -Title: "List all AWS EC2 Key Pairs with Name and ID" -Description: "Allows users to query AWS EC2 Key Pairs, providing information about key pairs which are used to securely log into EC2 instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key_name, - key_pair_id, - region - from - aws_ec2_key_pair; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_key_pair_2.yaml.bak b/queries/aws_ec2_key_pair_2.yaml.bak deleted file mode 100755 index 84ea1064c..000000000 --- a/queries/aws_ec2_key_pair_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_key_pair_2 -Title: "List all AWS EC2 Key Pairs to Securely Log Into EC2 Instances" -Description: "Allows users to query AWS EC2 Key Pairs, providing information about key pairs which are used to securely log into EC2 instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key_name, - tags - from - aws_ec2_key_pair - where - not tags :: JSONB ? 'owner'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Key Pairs diff --git a/queries/aws_ec2_launch_configuration_1.yaml.bak b/queries/aws_ec2_launch_configuration_1.yaml.bak deleted file mode 100755 index 37d75d1dd..000000000 --- a/queries/aws_ec2_launch_configuration_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_launch_configuration_1 -Title: "List all AWS EC2 Launch Configurations and Metadata" -Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - associate_public_ip_address, - ebs_optimized, - image_id, - instance_monitoring_enabled, - instance_type, - key_name - from - aws_ec2_launch_configuration; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_configuration_2.yaml.bak b/queries/aws_ec2_launch_configuration_2.yaml.bak deleted file mode 100755 index 9823218e5..000000000 --- a/queries/aws_ec2_launch_configuration_2.yaml.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: aws_ec2_launch_configuration_2 -Title: "List all AWS EC2 Launch Configurations and Metadata" -Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - iam_instance_profile - from - aws_ec2_launch_configuration; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_configuration_3.yaml.bak b/queries/aws_ec2_launch_configuration_3.yaml.bak deleted file mode 100755 index 4d35fb06c..000000000 --- a/queries/aws_ec2_launch_configuration_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_launch_configuration_3 -Title: "Find AWS EC2 Launch Configurations and Metadata" -Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - associate_public_ip_address - from - aws_ec2_launch_configuration - where - associate_public_ip_address; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_configuration_4.yaml.bak b/queries/aws_ec2_launch_configuration_4.yaml.bak deleted file mode 100755 index f1c945b70..000000000 --- a/queries/aws_ec2_launch_configuration_4.yaml.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: aws_ec2_launch_configuration_4 -Title: "Find AWS EC2 Launch Configurations and Security Groups" -Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_array_elements_text(security_groups) as security_groups - from - aws_ec2_launch_configuration; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_configuration_5.yaml.bak b/queries/aws_ec2_launch_configuration_5.yaml.bak deleted file mode 100755 index 130704921..000000000 --- a/queries/aws_ec2_launch_configuration_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_launch_configuration_5 -Title: "Find AWS EC2 Launch Configurations With Sensitive Data" -Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - user_data - from - aws_ec2_launch_configuration - where - user_data like any (array ['%pass%', '%secret%','%token%','%key%']) - or user_data ~ '(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_template_1.yaml.bak b/queries/aws_ec2_launch_template_1.yaml.bak deleted file mode 100755 index 6ee42f106..000000000 --- a/queries/aws_ec2_launch_template_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_launch_template_1 -Title: "List all AWS EC2 Launch Templates and Details" -Description: "Allows users to query AWS EC2 Launch Templates to retrieve detailed information, including the associated AMI, instance type, key pair, security groups, and user data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - created_time, - created_by, - default_version_number, - latest_version_number - from - aws_ec2_launch_template; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_template_2.yaml.bak b/queries/aws_ec2_launch_template_2.yaml.bak deleted file mode 100755 index e8a20efb5..000000000 --- a/queries/aws_ec2_launch_template_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_launch_template_2 -Title: "Find AWS EC2 Launch Templates with detailed information" -Description: "Allows users to query AWS EC2 Launch Templates to retrieve detailed information, including the associated AMI, instance type, key pair, security groups, and user data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - create_time, - created_by - from - aws_ec2_launch_template - where - created_by like '%turbot'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Launch Templates diff --git a/queries/aws_ec2_launch_template_3.yaml.bak b/queries/aws_ec2_launch_template_3.yaml.bak deleted file mode 100755 index 7ea411fd2..000000000 --- a/queries/aws_ec2_launch_template_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ec2_launch_template_3 -Title: "List all AWS EC2 Launch Templates with Details" -Description: "Allows users to query AWS EC2 Launch Templates to retrieve detailed information, including the associated AMI, instance type, key pair, security groups, and user data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - create_time - from - aws_ec2_launch_template - where - create_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_template_version_1.yaml.bak b/queries/aws_ec2_launch_template_version_1.yaml.bak deleted file mode 100755 index 06941e150..000000000 --- a/queries/aws_ec2_launch_template_version_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_launch_template_version_1 -Title: "List all AWS EC2 Launch Template Versions and their Details" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - created_by, - default_version, - version_description, - version_number - from - aws_ec2_launch_template_version; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_template_version_2.yaml.bak b/queries/aws_ec2_launch_template_version_2.yaml.bak deleted file mode 100755 index 0d154c43c..000000000 --- a/queries/aws_ec2_launch_template_version_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_launch_template_version_2 -Title: "List AWS EC2 Launch Template Version Details" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - create_time, - created_by, - version_description, - version_number - from - aws_ec2_launch_template_version - where - created_by like '%turbot'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_template_version_3.yaml.bak b/queries/aws_ec2_launch_template_version_3.yaml.bak deleted file mode 100755 index c72d485e1..000000000 --- a/queries/aws_ec2_launch_template_version_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_launch_template_version_3 -Title: "Find AWS EC2 Launch Template Versions Details" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - create_time, - default_version, - version_number - from - aws_ec2_launch_template_version - where - create_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_template_version_4.yaml.bak b/queries/aws_ec2_launch_template_version_4.yaml.bak deleted file mode 100755 index 4a699d46a..000000000 --- a/queries/aws_ec2_launch_template_version_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_launch_template_version_4 -Title: "List all AWS EC2 Launch Template Versions" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - create_time, - default_version, - version_number - from - aws_ec2_launch_template_version - where - default_version; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EC2 diff --git a/queries/aws_ec2_launch_template_version_5.yaml.bak b/queries/aws_ec2_launch_template_version_5.yaml.bak deleted file mode 100755 index d0f47d9af..000000000 --- a/queries/aws_ec2_launch_template_version_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_launch_template_version_5 -Title: "List all AWS EC2 Launch Template Versions" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_id, - count(version_number) as number_of_versions - from - aws_ec2_launch_template_version - group by - launch_template_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_template_version_6.yaml.bak b/queries/aws_ec2_launch_template_version_6.yaml.bak deleted file mode 100755 index fb503aa50..000000000 --- a/queries/aws_ec2_launch_template_version_6.yaml.bak +++ /dev/null @@ -1,51 +0,0 @@ -ID: aws_ec2_launch_template_version_6 -Title: "List AWS EC2 Launch Template Versions with Details" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - version_number, - launch_template_data -> 'BlockDeviceMappings' as block_device_mappings, - launch_template_data -> 'CapacityReservationSpecification' as capacity_reservation_specification, - launch_template_data -> 'CpuOptions' as cpu_options, - launch_template_data -> 'CreditSpecification' as credit_specification, - launch_template_data -> 'DisableApiStop' as disable_api_stop, - launch_template_data -> 'DisableApiTermination' as disable_api_termination, - launch_template_data -> 'EbsOptimized' as ebs_optimized, - launch_template_data -> 'ElasticGpuSpecifications' as elastic_gpu_specifications, - launch_template_data -> 'ElasticInferenceAccelerators' as elastic_inference_accelerators, - launch_template_data -> 'EnclaveOptions' as enclave_options, - launch_template_data -> 'IamInstanceProfile' as iam_instance_profile, - launch_template_data -> 'ImageId' as image_id, - launch_template_data -> 'InstanceInitiatedShutdownBehavior' as instance_initiated_shutdown_behavior, - launch_template_data -> 'InstanceRequirements' as instance_requirements, - launch_template_data -> 'InstanceType' as instance_type, - launch_template_data -> 'KernelId' as kernel_id, - launch_template_data -> 'LicenseSpecifications' as license_specifications, - launch_template_data -> 'MaintenanceOptions' as maintenance_options, - launch_template_data -> 'MetadataOptions' as metadata_options, - launch_template_data -> 'Monitoring' as monitoring, - launch_template_data -> 'NetworkInterfaces' as network_interfaces, - launch_template_data -> 'PrivateDnsNameOptions' as private_dns_name_options, - launch_template_data -> 'RamDiskId' as ram_disk_id, - launch_template_data -> 'SecurityGroupIds' as security_group_ids, - launch_template_data -> 'SecurityGroups' as security_groups, - launch_template_data -> 'TagSpecifications' as tag_specifications, - launch_template_data -> 'UserData' as user_data - from - aws_ec2_launch_template_version; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_template_version_7.yaml.bak b/queries/aws_ec2_launch_template_version_7.yaml.bak deleted file mode 100755 index 3a4be6ee4..000000000 --- a/queries/aws_ec2_launch_template_version_7.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_launch_template_version_7 -Title: "List all AWS EC2 Launch Template Versions and Details" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - version_number, - version_description, - ebs_optimized - from - aws_ec2_launch_template_version - where - ebs_optimized; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_template_version_8.yaml.bak b/queries/aws_ec2_launch_template_version_8.yaml.bak deleted file mode 100755 index 45a4adefd..000000000 --- a/queries/aws_ec2_launch_template_version_8.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_launch_template_version_8 -Title: "List all AWS EC2 Launch Template Versions" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - version_number, - version_description, - disable_api_termination - from - aws_ec2_launch_template_version - where - disable_api_termination; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_launch_template_version_9.yaml.bak b/queries/aws_ec2_launch_template_version_9.yaml.bak deleted file mode 100755 index a46f31ee1..000000000 --- a/queries/aws_ec2_launch_template_version_9.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_launch_template_version_9 -Title: "Find AWS EC2 Launch Template Versions and Details" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - version_number, - disable_api_stop - from - aws_ec2_launch_template_version - where - disable_api_stop; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_load_balancer_listener_1.yaml.bak b/queries/aws_ec2_load_balancer_listener_1.yaml.bak deleted file mode 100755 index 1eaccf390..000000000 --- a/queries/aws_ec2_load_balancer_listener_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_load_balancer_listener_1 -Title: "Find AWS EC2 Load Balancer Listeners" -Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - port, - protocol - from - aws_ec2_load_balancer_listener; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Load Balancer diff --git a/queries/aws_ec2_load_balancer_listener_2.yaml.bak b/queries/aws_ec2_load_balancer_listener_2.yaml.bak deleted file mode 100755 index 521725e5a..000000000 --- a/queries/aws_ec2_load_balancer_listener_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_load_balancer_listener_2 -Title: "List all AWS EC2 Load Balancer Listeners" -Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - action ->> 'AuthenticateCognitoConfig' as authenticate_cognito_config, - action ->> 'AuthenticateOidcConfig' as authenticate_Oidc_config, - action ->> 'FixedResponseConfig' as fixed_response_config, - action -> 'ForwardConfig' -> 'TargetGroupStickinessConfig' ->> 'DurationSeconds' as duration_seconds, - action -> 'ForwardConfig' -> 'TargetGroupStickinessConfig' ->> 'Enabled' as target_group_stickiness_config_enabled - from - aws_ec2_load_balancer_listener - cross join jsonb_array_elements(default_actions) as action; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_load_balancer_listener_2.yaml.bak.bak b/queries/aws_ec2_load_balancer_listener_2.yaml.bak.bak deleted file mode 100755 index 521725e5a..000000000 --- a/queries/aws_ec2_load_balancer_listener_2.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_load_balancer_listener_2 -Title: "List all AWS EC2 Load Balancer Listeners" -Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - action ->> 'AuthenticateCognitoConfig' as authenticate_cognito_config, - action ->> 'AuthenticateOidcConfig' as authenticate_Oidc_config, - action ->> 'FixedResponseConfig' as fixed_response_config, - action -> 'ForwardConfig' -> 'TargetGroupStickinessConfig' ->> 'DurationSeconds' as duration_seconds, - action -> 'ForwardConfig' -> 'TargetGroupStickinessConfig' ->> 'Enabled' as target_group_stickiness_config_enabled - from - aws_ec2_load_balancer_listener - cross join jsonb_array_elements(default_actions) as action; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_load_balancer_listener_3.yaml.bak b/queries/aws_ec2_load_balancer_listener_3.yaml.bak deleted file mode 100755 index 5f08c8603..000000000 --- a/queries/aws_ec2_load_balancer_listener_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_load_balancer_listener_3 -Title: "Find AWS EC2 Load Balancer Listeners by Protocol" -Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - port, - protocol - from - aws_ec2_load_balancer_listener - where - protocol = 'HTTP'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Load Balancer diff --git a/queries/aws_ec2_load_balancer_listener_rule_1.yaml.bak b/queries/aws_ec2_load_balancer_listener_rule_1.yaml.bak deleted file mode 100755 index 2b7b78692..000000000 --- a/queries/aws_ec2_load_balancer_listener_rule_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_load_balancer_listener_rule_1 -Title: "Find AWS EC2 Load Balancer Listener Rules Details" -Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - listener_arn, - priority, - is_default, - region - from - aws_ec2_load_balancer_listener_rule - where - arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789098:listener-rule/app/test53333/f7cc8cdc44ff910b/c9418b57592205f0/a8fe6d8842838dfa'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Load Balancer diff --git a/queries/aws_ec2_load_balancer_listener_rule_2.yaml.bak b/queries/aws_ec2_load_balancer_listener_rule_2.yaml.bak deleted file mode 100755 index 626319c07..000000000 --- a/queries/aws_ec2_load_balancer_listener_rule_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_load_balancer_listener_rule_2 -Title: "Find AWS EC2 Load Balancer Listener Rules: Actions & Conditions" -Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - priority, - is_default, - actions, - conditions - from - aws_ec2_load_balancer_listener_rule - where - listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Load Balancer diff --git a/queries/aws_ec2_load_balancer_listener_rule_3.yaml.bak b/queries/aws_ec2_load_balancer_listener_rule_3.yaml.bak deleted file mode 100755 index c00cb4bdf..000000000 --- a/queries/aws_ec2_load_balancer_listener_rule_3.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_ec2_load_balancer_listener_rule_3 -Title: "Find All AWS EC2 Load Balancer Listener Rules Details" -Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - a ->> 'Type' as action_type, - a ->> 'Order' as action_order, - a ->> 'TargetGroupArn' as target_group_arn, - a -> 'RedirectConfig' as redirect_config, - a -> 'ForwardConfig' as forward_config, - a -> 'FixedResponseConfig' as fixed_response_config, - a -> 'AuthenticateOidcConfig' as authenticate_oidc_config, - a -> 'AuthenticateCognitoConfig' as authenticate_cognito_config - from - aws_ec2_load_balancer_listener_rule, - jsonb_array_elements(actions) as a - where - listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Load Balancer diff --git a/queries/aws_ec2_load_balancer_listener_rule_4.yaml.bak b/queries/aws_ec2_load_balancer_listener_rule_4.yaml.bak deleted file mode 100755 index f673d12ac..000000000 --- a/queries/aws_ec2_load_balancer_listener_rule_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_load_balancer_listener_rule_4 -Title: "List all AWS EC2 Load Balancer Listener Rules" -Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - listener_arn, - priority - from - aws_ec2_load_balancer_listener_rule - where - listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272' - and is_default = true; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Load Balancer diff --git a/queries/aws_ec2_load_balancer_listener_rule_5.yaml.bak b/queries/aws_ec2_load_balancer_listener_rule_5.yaml.bak deleted file mode 100755 index 9480ad100..000000000 --- a/queries/aws_ec2_load_balancer_listener_rule_5.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ec2_load_balancer_listener_rule_5 -Title: "List all AWS EC2 Load Balancer Listener Rules" -Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.arn, - r.listener_arn, - l.load_balancer_arn, - l.protocol as listener_protocol, - l.ssl_policy, - r.priority, - r.is_default, - r.actions, - r.conditions - from - aws_ec2_load_balancer_listener_rule as r - join aws_ec2_load_balancer_listener as l on r.listener_arn = l.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_load_balancer_listener_rule_6.yaml.bak b/queries/aws_ec2_load_balancer_listener_rule_6.yaml.bak deleted file mode 100755 index ad7c81dff..000000000 --- a/queries/aws_ec2_load_balancer_listener_rule_6.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_ec2_load_balancer_listener_rule_6 -Title: "List AWS EC2 Load Balancer Listener Rules with Conditions & Actions" -Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.arn, - r.listener_arn, - l.load_balancer_arn, - l.protocol as listener_protocol, - l.ssl_policy, - a.canonical_hosted_zone_id, - a.dns_name, - a.ip_address_type, - r.priority, - r.is_default, - r.actions, - r.conditions - from - aws_ec2_load_balancer_listener_rule as r - join aws_ec2_load_balancer_listener as l on r.listener_arn = l.arn - join aws_ec2_application_load_balancer as a on l.load_balancer_arn = a.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_1.yaml.bak b/queries/aws_ec2_managed_prefix_list_1.yaml.bak deleted file mode 100755 index 20db78cfa..000000000 --- a/queries/aws_ec2_managed_prefix_list_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_managed_prefix_list_1 -Title: "List AWS EC2 Managed Prefix Lists and Metadata" -Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - state, - owner_id - from - aws_ec2_managed_prefix_list; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_1.yaml.bak.bak b/queries/aws_ec2_managed_prefix_list_1.yaml.bak.bak deleted file mode 100755 index 20db78cfa..000000000 --- a/queries/aws_ec2_managed_prefix_list_1.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_managed_prefix_list_1 -Title: "List AWS EC2 Managed Prefix Lists and Metadata" -Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - state, - owner_id - from - aws_ec2_managed_prefix_list; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_2.yaml.bak b/queries/aws_ec2_managed_prefix_list_2.yaml.bak deleted file mode 100755 index 4a9d25f97..000000000 --- a/queries/aws_ec2_managed_prefix_list_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_managed_prefix_list_2 -Title: "List all AWS EC2 Managed Prefix Lists with SQL" -Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - state, - owner_id - from - aws_ec2_managed_prefix_list - where - owner_id <> 'AWS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_3.yaml.bak b/queries/aws_ec2_managed_prefix_list_3.yaml.bak deleted file mode 100755 index f12bc7077..000000000 --- a/queries/aws_ec2_managed_prefix_list_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_managed_prefix_list_3 -Title: "Find AWS EC2 Managed Prefix Lists by IP Address Family" -Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - address_family - from - aws_ec2_managed_prefix_list - where - address_family = 'IPv6'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_4.yaml.bak b/queries/aws_ec2_managed_prefix_list_4.yaml.bak deleted file mode 100755 index 530fa0f59..000000000 --- a/queries/aws_ec2_managed_prefix_list_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_managed_prefix_list_4 -Title: "List AWS EC2 Managed Prefix List Details" -Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - state, - owner_id - from - aws_ec2_managed_prefix_list - where - id in ('pl-03a3e735e3467c0c4', 'pl-4ca54025'); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_5.yaml.bak b/queries/aws_ec2_managed_prefix_list_5.yaml.bak deleted file mode 100755 index 8a7eeafe4..000000000 --- a/queries/aws_ec2_managed_prefix_list_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_managed_prefix_list_5 -Title: "List all AWS EC2 Managed Prefix Lists with details" -Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - state, - owner_id - from - aws_ec2_managed_prefix_list - where - name in ('testPrefix', 'com.amazonaws.us-east-2.dynamodb'); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_6.yaml.bak b/queries/aws_ec2_managed_prefix_list_6.yaml.bak deleted file mode 100755 index 1cc5b283d..000000000 --- a/queries/aws_ec2_managed_prefix_list_6.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_managed_prefix_list_6 -Title: "Find AWS EC2 Managed Prefix Lists with permissions" -Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - state, - owner_id - from - aws_ec2_managed_prefix_list - where - owner_id = '632901234528'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_entry_1.yaml.bak b/queries/aws_ec2_managed_prefix_list_entry_1.yaml.bak deleted file mode 100755 index d261e794b..000000000 --- a/queries/aws_ec2_managed_prefix_list_entry_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_ec2_managed_prefix_list_entry_1 -Title: "List AWS EC2 Managed Prefix List Entry Details" -Description: "Allows users to query AWS EC2 Managed Prefix List Entries, providing details such as the CIDR block, description, and the prefix list ID. This table is useful for understanding the IP address ranges included in a managed prefix list." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - prefix_list_id, - cidr, - description - from - aws_ec2_managed_prefix_list_entry; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_entry_2.yaml.bak b/queries/aws_ec2_managed_prefix_list_entry_2.yaml.bak deleted file mode 100755 index 2c1b10d1e..000000000 --- a/queries/aws_ec2_managed_prefix_list_entry_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_managed_prefix_list_entry_2 -Title: "Find AWS EC2 Managed Prefix List Entries with Details" -Description: "Allows users to query AWS EC2 Managed Prefix List Entries, providing details such as the CIDR block, description, and the prefix list ID. This table is useful for understanding the IP address ranges included in a managed prefix list." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - l.name, - l.id, - e.cidr, - e.description, - l.state, - l.owner_id - from - aws_ec2_managed_prefix_list_entry as e, - aws_ec2_managed_prefix_list as l - where - l.owner_id <> 'AWS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_managed_prefix_list_entry_3.yaml.bak b/queries/aws_ec2_managed_prefix_list_entry_3.yaml.bak deleted file mode 100755 index f26588d15..000000000 --- a/queries/aws_ec2_managed_prefix_list_entry_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_managed_prefix_list_entry_3 -Title: "List AWS EC2 Managed Prefix List Entries with Details" -Description: "Allows users to query AWS EC2 Managed Prefix List Entries, providing details such as the CIDR block, description, and the prefix list ID. This table is useful for understanding the IP address ranges included in a managed prefix list." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - prefix_list_id, - count(cidr) as numbers_of_entries - from - aws_ec2_managed_prefix_list_entry - group by - prefix_list_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_network_interface_1.yaml.bak b/queries/aws_ec2_network_interface_1.yaml.bak deleted file mode 100755 index 70a1b98c4..000000000 --- a/queries/aws_ec2_network_interface_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_network_interface_1 -Title: "Find all AWS EC2 Network Interfaces & Associated Details" -Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - network_interface_id, - interface_type, - description, - private_ip_address, - association_public_ip, - mac_address - from - aws_ec2_network_interface; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_network_interface_2.yaml.bak b/queries/aws_ec2_network_interface_2.yaml.bak deleted file mode 100755 index 52b6f0187..000000000 --- a/queries/aws_ec2_network_interface_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ec2_network_interface_2 -Title: "Find AWS EC2 Network Interfaces and Details" -Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - network_interface_id, - interface_type, - description, - private_ip_address, - association_public_ip, - mac_address - from - aws_ec2_network_interface - where - private_ip_address :: cidr <<= '10.66.0.0/16'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_network_interface_3.yaml.bak b/queries/aws_ec2_network_interface_3.yaml.bak deleted file mode 100755 index 8b6292299..000000000 --- a/queries/aws_ec2_network_interface_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_network_interface_3 -Title: "Find Details of AWS EC2 Network Interfaces" -Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - interface_type, - count(interface_type) as count - from - aws_ec2_network_interface - group by - interface_type - order by - count desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_network_interface_3.yaml.bak.bak b/queries/aws_ec2_network_interface_3.yaml.bak.bak deleted file mode 100755 index 8b6292299..000000000 --- a/queries/aws_ec2_network_interface_3.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_network_interface_3 -Title: "Find Details of AWS EC2 Network Interfaces" -Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - interface_type, - count(interface_type) as count - from - aws_ec2_network_interface - group by - interface_type - order by - count desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_network_interface_4.yaml.bak b/queries/aws_ec2_network_interface_4.yaml.bak deleted file mode 100755 index e719df560..000000000 --- a/queries/aws_ec2_network_interface_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_network_interface_4 -Title: "List all AWS EC2 Network Interfaces and Associated Details" -Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - network_interface_id as eni, - sg ->> 'GroupId' as "security group id", - sg ->> 'GroupName' as "security group name" - from - aws_ec2_network_interface - cross join jsonb_array_elements(groups) as sg - order by - eni; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_network_interface_5.yaml.bak b/queries/aws_ec2_network_interface_5.yaml.bak deleted file mode 100755 index 3fd6bc8db..000000000 --- a/queries/aws_ec2_network_interface_5.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ec2_network_interface_5 -Title: "Find AWS EC2 Network Interfaces and Details" -Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.network_interface_id, - v.vpc_id, - v.is_default, - v.cidr_block, - v.state, - v.account_id, - v.region - from - aws_ec2_network_interface e, - aws_vpc v - where - e.vpc_id = v.vpc_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_network_load_balancer_1.yaml.bak b/queries/aws_ec2_network_load_balancer_1.yaml.bak deleted file mode 100755 index 3178af29e..000000000 --- a/queries/aws_ec2_network_load_balancer_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_network_load_balancer_1 -Title: "List all AWS EC2 Network Load Balancer Configurations" -Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - count(az ->> 'ZoneName') as zone_count - from - aws_ec2_network_load_balancer - cross join jsonb_array_elements(availability_zones) as az - group by - name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_2.yaml.bak b/queries/aws_ec2_network_load_balancer_2.yaml.bak deleted file mode 100755 index bd99f567c..000000000 --- a/queries/aws_ec2_network_load_balancer_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_network_load_balancer_2 -Title: "Find AWS EC2 Network Load Balancer Configuration and Status" -Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as cross_zone, - lb ->> 'Value' as cross_zone_value - from - aws_ec2_network_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'load_balancing.cross_zone.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_3.yaml.bak b/queries/aws_ec2_network_load_balancer_3.yaml.bak deleted file mode 100755 index f26ca0592..000000000 --- a/queries/aws_ec2_network_load_balancer_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ec2_network_load_balancer_3 -Title: "Find AWS EC2 NLB with Access Logs Disabled" -Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as logging_key, - lb ->> 'Value' as logging_value - from - aws_ec2_network_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'access_logs.s3.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_4.yaml.bak b/queries/aws_ec2_network_load_balancer_4.yaml.bak deleted file mode 100755 index 0154fa43b..000000000 --- a/queries/aws_ec2_network_load_balancer_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_network_load_balancer_4 -Title: "List all AWS EC2 Network Load Balancer Deletion Protection" -Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as deletion_protection_key, - lb ->> 'Value' as deletion_protection_value - from - aws_ec2_network_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'deletion_protection.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml.bak b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml.bak deleted file mode 100755 index 98383ce0c..000000000 --- a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ec2_network_load_balancer_metric_net_flow_count_1 -Title: "Query AWS EC2 Network Load Balancer Net Flow Counts" -Description: "Allows users to query AWS EC2 Network Load Balancer Metrics for net flow count data. This includes information such as the number of new or terminated flows per minute from a network load balancer." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - maximum, - minimum, - sample_count, - timestamp - from - aws_ec2_network_load_balancer_metric_net_flow_count - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml.bak b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml.bak deleted file mode 100755 index 2161c86c7..000000000 --- a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_ec2_network_load_balancer_metric_net_flow_count_2 -Title: "Find AWS EC2 Network Load Balancer Net Flow Counts" -Description: "Allows users to query AWS EC2 Network Load Balancer Metrics for net flow count data. This includes information such as the number of new or terminated flows per minute from a network load balancer." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - maximum, - minimum, - average, - sample_count, - timestamp - from - aws_ec2_network_load_balancer_metric_net_flow_count - where - average < 100 - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml.bak b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml.bak deleted file mode 100755 index 36a7f6700..000000000 --- a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_ec2_network_load_balancer_metric_net_flow_count_daily_1 -Title: "Find Network Load Balancer Metrics and Traffic Patterns" -Description: "Allows users to query Network Load Balancer Metrics in EC2, specifically the daily net flow count, providing insights into network traffic patterns and potential anomalies." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - maximum, - minimum, - sample_count, - timestamp - from - aws_ec2_network_load_balancer_metric_net_flow_count_daily - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Network Load Balancer diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml.bak b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml.bak deleted file mode 100755 index feb5203d0..000000000 --- a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_ec2_network_load_balancer_metric_net_flow_count_daily_2 -Title: "List Network Load Balancer Metrics in EC2 Daily" -Description: "Allows users to query Network Load Balancer Metrics in EC2, specifically the daily net flow count, providing insights into network traffic patterns and potential anomalies." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - maximum, - minimum, - average, - sample_count, - timestamp - from - aws_ec2_network_load_balancer_metric_net_flow_count_daily - where - average < 100 - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Network Load Balancer diff --git a/queries/aws_ec2_regional_settings_1.yaml.bak b/queries/aws_ec2_regional_settings_1.yaml.bak deleted file mode 100755 index f2fb7faf4..000000000 --- a/queries/aws_ec2_regional_settings_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_regional_settings_1 -Title: "List AWS EC2 Regional Settings including EBS Encryption" -Description: "Allows users to query AWS EC2 regional settings, including default EBS encryption and default EBS encryption KMS key." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - default_ebs_encryption_enabled, - default_ebs_encryption_key, - title, - region - from - aws_ec2_regional_settings; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_regional_settings_2.yaml.bak b/queries/aws_ec2_regional_settings_2.yaml.bak deleted file mode 100755 index ea3b7d5ab..000000000 --- a/queries/aws_ec2_regional_settings_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_regional_settings_2 -Title: "List all AWS EC2 Regional Settings including EBS encryption" -Description: "Allows users to query AWS EC2 regional settings, including default EBS encryption and default EBS encryption KMS key." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - default_ebs_encryption_enabled, - default_ebs_encryption_key, - title, - region - from - aws_ec2_regional_settings - where - region = 'ap-south-1'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_regional_settings_3.yaml.bak b/queries/aws_ec2_regional_settings_3.yaml.bak deleted file mode 100755 index 41d1587f3..000000000 --- a/queries/aws_ec2_regional_settings_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ec2_regional_settings_3 -Title: "List All AWS EC2 Regions With Encryption Settings" -Description: "Allows users to query AWS EC2 regional settings, including default EBS encryption and default EBS encryption KMS key." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - region, - default_ebs_encryption_enabled, - default_ebs_encryption_key - from - aws_ec2_regional_settings - where - default_ebs_encryption_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_reserved_instance_1.yaml.bak b/queries/aws_ec2_reserved_instance_1.yaml.bak deleted file mode 100755 index 74213ef9f..000000000 --- a/queries/aws_ec2_reserved_instance_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ec2_reserved_instance_1 -Title: "Find AWS EC2 Reserved Instances: Configurations and State" -Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_instance_id, - arn, - instance_type, - instance_state, - currency_code, - CAST(fixed_price AS varchar), - offering_class, scope, - CAST(usage_price AS varchar) - from - aws_ec2_reserved_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_reserved_instance_1.yaml.bak.bak b/queries/aws_ec2_reserved_instance_1.yaml.bak.bak deleted file mode 100755 index 74213ef9f..000000000 --- a/queries/aws_ec2_reserved_instance_1.yaml.bak.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ec2_reserved_instance_1 -Title: "Find AWS EC2 Reserved Instances: Configurations and State" -Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_instance_id, - arn, - instance_type, - instance_state, - currency_code, - CAST(fixed_price AS varchar), - offering_class, scope, - CAST(usage_price AS varchar) - from - aws_ec2_reserved_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_reserved_instance_2.yaml.bak b/queries/aws_ec2_reserved_instance_2.yaml.bak deleted file mode 100755 index 07354e644..000000000 --- a/queries/aws_ec2_reserved_instance_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_reserved_instance_2 -Title: "Find AWS EC2 Reserved Instances by Type" -Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - count(instance_count) as count - from - aws_ec2_reserved_instance - group by - instance_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_reserved_instance_3.yaml.bak b/queries/aws_ec2_reserved_instance_3.yaml.bak deleted file mode 100755 index 0d3af6fc1..000000000 --- a/queries/aws_ec2_reserved_instance_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_reserved_instance_3 -Title: "List all AWS EC2 Reserved Instances and their configurations" -Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - count(*) as count - from - aws_ec2_reserved_instance - where - instance_type not in ('t2.large', 'm3.medium') - group by - instance_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Reserved Instances diff --git a/queries/aws_ec2_reserved_instance_4.yaml.bak b/queries/aws_ec2_reserved_instance_4.yaml.bak deleted file mode 100755 index a96702505..000000000 --- a/queries/aws_ec2_reserved_instance_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_reserved_instance_4 -Title: "List all AWS EC2 Reserved Instances and configurations" -Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_instance_id, - instance_type, - offering_class - from - aws_ec2_reserved_instance - where - offering_class = 'standard'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_reserved_instance_5.yaml.bak b/queries/aws_ec2_reserved_instance_5.yaml.bak deleted file mode 100755 index e198f74b3..000000000 --- a/queries/aws_ec2_reserved_instance_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_reserved_instance_5 -Title: "Find AWS EC2 Reserved Instances and Their Configurations" -Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_instance_id, - instance_type, - instance_state - from - aws_ec2_reserved_instance - where - instance_state = 'active'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_spot_price_1.yaml.bak b/queries/aws_ec2_spot_price_1.yaml.bak deleted file mode 100755 index 3d0a18e72..000000000 --- a/queries/aws_ec2_spot_price_1.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_ec2_spot_price_1 -Title: "Find AWS EC2 Spot Price Data for Specific Instances" -Description: "Allows users to query AWS EC2 Spot Price data, including information about the instance type, product description, spot price, and the date and time the price was set." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - availability_zone, - instance_type, - product_description, - spot_price::numeric as spot_price, - create_timestamp as start_time, - lead(create_timestamp, 1, now()) over (partition by instance_type, availability_zone, product_description order by create_timestamp) as stop_time - from - aws_ec2_spot_price - where - instance_type = 'm5.4xlarge' - and product_description = 'Linux/UNIX' - and availability_zone in - ( - 'eu-west-3a', - 'eu-west-3b' - ) - and start_time = now() - interval '1' month - and end_time = now() - interval '1' minute; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_ssl_policy_1.yaml.bak b/queries/aws_ec2_ssl_policy_1.yaml.bak deleted file mode 100755 index 84aee7ed8..000000000 --- a/queries/aws_ec2_ssl_policy_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_ssl_policy_1 -Title: "Find AWS EC2 SSL Policies Used in Load Balancers" -Description: "Allows users to query AWS EC2 SSL Policies to retrieve detailed information about SSL policies used in AWS EC2 Load Balancers." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - ssl_protocols - from - aws_ec2_ssl_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_ssl_policy_1.yaml.bak.bak b/queries/aws_ec2_ssl_policy_1.yaml.bak.bak deleted file mode 100755 index 84aee7ed8..000000000 --- a/queries/aws_ec2_ssl_policy_1.yaml.bak.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_ssl_policy_1 -Title: "Find AWS EC2 SSL Policies Used in Load Balancers" -Description: "Allows users to query AWS EC2 SSL Policies to retrieve detailed information about SSL policies used in AWS EC2 Load Balancers." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - ssl_protocols - from - aws_ec2_ssl_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_ssl_policy_2.yaml.bak b/queries/aws_ec2_ssl_policy_2.yaml.bak deleted file mode 100755 index db13e6563..000000000 --- a/queries/aws_ec2_ssl_policy_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ec2_ssl_policy_2 -Title: "Find AWS EC2 SSL Policies Used in Load Balancers" -Description: "Allows users to query AWS EC2 SSL Policies to retrieve detailed information about SSL policies used in AWS EC2 Load Balancers." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - ssl_policy - from - aws_ec2_load_balancer_listener listener - join - aws_ec2_ssl_policy ssl_policy - on - listener.ssl_policy = ssl_policy.Name - where - ssl_policy.ciphers @> '[{"Name":"DES-CBC3-SHA"}]'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_target_group_1.yaml.bak b/queries/aws_ec2_target_group_1.yaml.bak deleted file mode 100755 index a3a539b82..000000000 --- a/queries/aws_ec2_target_group_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_target_group_1 -Title: "Find EC2 Target Groups in AWS Account" -Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - target_group_name, - target_type, - load_balancer_arns, - vpc_id - from - aws_ec2_target_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_target_group_2.yaml.bak b/queries/aws_ec2_target_group_2.yaml.bak deleted file mode 100755 index 6476dcdc0..000000000 --- a/queries/aws_ec2_target_group_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ec2_target_group_2 -Title: "Find AWS EC2 Target Groups with Health Check Info" -Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - health_check_enabled, - protocol, - matcher_http_code, - healthy_threshold_count, - unhealthy_threshold_count, - health_check_enabled, - health_check_interval_seconds, - health_check_path, - health_check_port, - health_check_protocol, - health_check_timeout_seconds - from - aws_ec2_target_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_target_group_3.yaml.bak b/queries/aws_ec2_target_group_3.yaml.bak deleted file mode 100755 index ec8d2508b..000000000 --- a/queries/aws_ec2_target_group_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_target_group_3 -Title: "List all AWS EC2 Target Groups and Relevant Details" -Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - target_group_name, - target_type, - target -> 'Target' ->> 'AvailabilityZone' as availability_zone, - target -> 'Target' ->> 'Id' as id, - target -> 'Target' ->> 'Port' as port - from - aws_ec2_target_group - cross join jsonb_array_elements(target_health_descriptions) as target; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS EC2 diff --git a/queries/aws_ec2_target_group_4.yaml.bak b/queries/aws_ec2_target_group_4.yaml.bak deleted file mode 100755 index 4e856e479..000000000 --- a/queries/aws_ec2_target_group_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_target_group_4 -Title: "Find all AWS EC2 Target Groups and their states" -Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - target_group_name, - target_type, - target -> 'TargetHealth' ->> 'Description' as description, - target -> 'TargetHealth' ->> 'Reason' reason, - target -> 'TargetHealth' ->> 'State' as state - from - aws_ec2_target_group - cross join jsonb_array_elements(target_health_descriptions) as target; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_transit_gateway_1.yaml.bak b/queries/aws_ec2_transit_gateway_1.yaml.bak deleted file mode 100755 index 02464c654..000000000 --- a/queries/aws_ec2_transit_gateway_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_transit_gateway_1 -Title: "List all AWS EC2 Transit Gateway configurations and statuses" -Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_id, - state, - owner_id, - creation_time - from - aws_ec2_transit_gateway; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_2.yaml.bak b/queries/aws_ec2_transit_gateway_2.yaml.bak deleted file mode 100755 index 214090973..000000000 --- a/queries/aws_ec2_transit_gateway_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_transit_gateway_2 -Title: "Find AWS EC2 Transit Gateway Configuration Details" -Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_id, - auto_accept_shared_attachments - from - aws_ec2_transit_gateway - where - auto_accept_shared_attachments = 'enable'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_3.yaml.bak b/queries/aws_ec2_transit_gateway_3.yaml.bak deleted file mode 100755 index c7327a7b9..000000000 --- a/queries/aws_ec2_transit_gateway_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_transit_gateway_3 -Title: "Find AWS EC2 Transit Gateway Configuration and Status" -Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - association_default_route_table_id, - count(transit_gateway_id) as transit_gateway - from - aws_ec2_transit_gateway - group by - association_default_route_table_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_4.yaml.bak b/queries/aws_ec2_transit_gateway_4.yaml.bak deleted file mode 100755 index 5ac5b8264..000000000 --- a/queries/aws_ec2_transit_gateway_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_transit_gateway_4 -Title: "Find AWS EC2 Transit Gateway Details" -Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_id, - tags - from - aws_ec2_transit_gateway - where - not tags :: JSONB ? 'application'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_4.yaml.bak.bak b/queries/aws_ec2_transit_gateway_4.yaml.bak.bak deleted file mode 100755 index 5ac5b8264..000000000 --- a/queries/aws_ec2_transit_gateway_4.yaml.bak.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_transit_gateway_4 -Title: "Find AWS EC2 Transit Gateway Details" -Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_id, - tags - from - aws_ec2_transit_gateway - where - not tags :: JSONB ? 'application'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_route_1.yaml.bak b/queries/aws_ec2_transit_gateway_route_1.yaml.bak deleted file mode 100755 index 50cb9bf6c..000000000 --- a/queries/aws_ec2_transit_gateway_route_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ec2_transit_gateway_route_1 -Title: "Find AWS EC2 Transit Gateway Routes Information" -Description: "Allows users to query AWS EC2 Transit Gateway Routes for detailed information about each route, including the destination CIDR block, the route''s current state, and the transit gateway attachments." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_route_table_id, - destination_cidr_block, - prefix_list_id, - state, - type - from - aws_ec2_transit_gateway_route; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_route_2.yaml.bak b/queries/aws_ec2_transit_gateway_route_2.yaml.bak deleted file mode 100755 index 2e86ed118..000000000 --- a/queries/aws_ec2_transit_gateway_route_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_transit_gateway_route_2 -Title: "Find All AWS EC2 Transit Gateway Routes by State" -Description: "Allows users to query AWS EC2 Transit Gateway Routes for detailed information about each route, including the destination CIDR block, the route''s current state, and the transit gateway attachments." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_route_table_id, - destination_cidr_block, - state, - type - from - aws_ec2_transit_gateway_route - where - state = 'active'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_route_table_1.yaml.bak b/queries/aws_ec2_transit_gateway_route_table_1.yaml.bak deleted file mode 100755 index ef662dee6..000000000 --- a/queries/aws_ec2_transit_gateway_route_table_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ec2_transit_gateway_route_table_1 -Title: "List all AWS EC2 Transit Gateway Route Tables with Details" -Description: "Allows users to query AWS EC2 Transit Gateway Route Tables and retrieve detailed information about each route table, including its ID, state, transit gateway ID, and other associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_route_table_id, - transit_gateway_id, - default_association_route_table, - default_propagation_route_table - from - aws_ec2_transit_gateway_route_table; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_route_table_2.yaml.bak b/queries/aws_ec2_transit_gateway_route_table_2.yaml.bak deleted file mode 100755 index 8deb03d75..000000000 --- a/queries/aws_ec2_transit_gateway_route_table_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_transit_gateway_route_table_2 -Title: "List all AWS EC2 Transit Gateway Route Tables by ID and State" -Description: "Allows users to query AWS EC2 Transit Gateway Route Tables and retrieve detailed information about each route table, including its ID, state, transit gateway ID, and other associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_id, - count(transit_gateway_route_table_id) as transit_gateway_route_table_count - from - aws_ec2_transit_gateway_route_table - group by - transit_gateway_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Transit Gateway diff --git a/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml.bak b/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml.bak deleted file mode 100755 index 590087678..000000000 --- a/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ec2_transit_gateway_vpc_attachment_1 -Title: "List all AWS EC2 Transit Gateway VPC Attachments" -Description: "Allows users to query AWS EC2 Transit Gateway VPC Attachments for details such as the attachment state, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_attachment_id, - transit_gateway_id, - state, - transit_gateway_owner_id, - creation_time, - association_state - from - aws_ec2_transit_gateway_vpc_attachment; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 diff --git a/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml.bak b/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml.bak deleted file mode 100755 index 770ae5462..000000000 --- a/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ec2_transit_gateway_vpc_attachment_2 -Title: "List all AWS EC2 Transit Gateway VPC Attachments by Resource Type" -Description: "Allows users to query AWS EC2 Transit Gateway VPC Attachments for details such as the attachment state, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_type, - count(transit_gateway_attachment_id) as count - from - aws_ec2_transit_gateway_vpc_attachment - group by - resource_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EC2 Transit Gateway diff --git a/queries/aws_ecr_image_1.yaml.bak b/queries/aws_ecr_image_1.yaml.bak deleted file mode 100755 index e86f61413..000000000 --- a/queries/aws_ecr_image_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ecr_image_1 -Title: "List all Amazon ECR Images with Detailed Information" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - image_digest, - image_pushed_at, - image_size_in_bytes, - registry_id, - image_scan_status, - image_tags - from - aws_ecr_image; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon ECR diff --git a/queries/aws_ecr_image_2.yaml.bak b/queries/aws_ecr_image_2.yaml.bak deleted file mode 100755 index 7fab94a2d..000000000 --- a/queries/aws_ecr_image_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ecr_image_2 -Title: "List all Amazon ECR Images with Detailed Information" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - image_scan_findings_summary ->> 'FindingSeverityCounts' as finding_severity_counts, - image_scan_findings_summary ->> 'ImageScanCompletedAt' as image_scan_completed_at, - image_scan_findings_summary ->> 'VulnerabilitySourceUpdatedAt' as vulnerability_source_updated_at - from - aws_ecr_image; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecr_image_2.yaml.bak.bak b/queries/aws_ecr_image_2.yaml.bak.bak deleted file mode 100755 index 7fab94a2d..000000000 --- a/queries/aws_ecr_image_2.yaml.bak.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ecr_image_2 -Title: "List all Amazon ECR Images with Detailed Information" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - image_scan_findings_summary ->> 'FindingSeverityCounts' as finding_severity_counts, - image_scan_findings_summary ->> 'ImageScanCompletedAt' as image_scan_completed_at, - image_scan_findings_summary ->> 'VulnerabilitySourceUpdatedAt' as vulnerability_source_updated_at - from - aws_ecr_image; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecr_image_3.yaml.bak b/queries/aws_ecr_image_3.yaml.bak deleted file mode 100755 index 39f335fb5..000000000 --- a/queries/aws_ecr_image_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ecr_image_3 -Title: "List all Amazon ECR Images and Retrieve Detailed Info" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - registry_id, - image_digest, - image_tags - from - aws_ecr_image; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Elastic Container Registry diff --git a/queries/aws_ecr_image_4.yaml.bak b/queries/aws_ecr_image_4.yaml.bak deleted file mode 100755 index 99a51d9ee..000000000 --- a/queries/aws_ecr_image_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ecr_image_4 -Title: "List All Amazon ECR Images and Their Details" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - image_digest, - image_pushed_at, - image_size_in_bytes - from - aws_ecr_image - where - image_pushed_at >= now() - interval '10' day - and - repository_name = 'test1'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Elastic Container Registry diff --git a/queries/aws_ecr_image_5.yaml.bak b/queries/aws_ecr_image_5.yaml.bak deleted file mode 100755 index 9a5509b48..000000000 --- a/queries/aws_ecr_image_5.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ecr_image_5 -Title: "Find all Amazon ECR Images and Retrieve Detailed Info" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.repository_name as repository_name, - r.repository_uri as repository_uri, - i.image_digest as image_digest, - i.image_tags as image_tags - from - aws_ecr_image as i, - aws_ecr_repository as r - where - i.repository_name = r.repository_name - and - r.created_at >= now() - interval '20' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Elastic Container Registry diff --git a/queries/aws_ecr_image_6.yaml.bak b/queries/aws_ecr_image_6.yaml.bak deleted file mode 100755 index 0f168bb8c..000000000 --- a/queries/aws_ecr_image_6.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ecr_image_6 -Title: "Find Amazon ECR Images and Retrieve Detailed Information" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.repository_name as repository_name, - r.repository_uri as repository_uri, - i.image_digest as image_digest, - i.image_tags as image_tags, - s ->> 'Effect' as effect, - s ->> 'Action' as action, - s ->> 'Condition' as condition, - s ->> 'Principal' as principal - from - aws_ecr_image as i, - aws_ecr_repository as r, - jsonb_array_elements(r.policy -> 'Statement') as s - where - i.repository_name = r.repository_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Elastic Container Registry diff --git a/queries/aws_ecr_image_7.yaml.bak b/queries/aws_ecr_image_7.yaml.bak deleted file mode 100755 index d3c082868..000000000 --- a/queries/aws_ecr_image_7.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ecr_image_7 -Title: "List all Amazon ECR Images with Details" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - artifact_name, - artifact_type, - metadata, - results - from - trivy_scan_artifact as a, - aws_ecr_image as i - where - artifact_name = image_uri - and repository_name = 'hello'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Elastic Container Registry diff --git a/queries/aws_ecr_image_scan_finding_1.yaml.bak b/queries/aws_ecr_image_scan_finding_1.yaml.bak deleted file mode 100755 index 5cfcce7db..000000000 --- a/queries/aws_ecr_image_scan_finding_1.yaml.bak +++ /dev/null @@ -1,38 +0,0 @@ -ID: aws_ecr_image_scan_finding_1 -Title: "Find all AWS ECR Image Scan Findings Details" -Description: "Allows users to query Amazon ECR Image Scan Findings to retrieve detailed information about image scan findings, including attributes such as the severity of the finding, description, and package name where the vulnerability was found." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - image_tag, - name, - severity, - description, - attributes, - uri, - image_scan_status, - image_scan_completed_at, - vulnerability_source_updated_at - from - aws_ecr_image_scan_finding - where - repository_name = 'my-repo' - and image_tag = 'my-image-tag'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecr_image_scan_finding_2.yaml.bak b/queries/aws_ecr_image_scan_finding_2.yaml.bak deleted file mode 100755 index 45d356012..000000000 --- a/queries/aws_ecr_image_scan_finding_2.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_ecr_image_scan_finding_2 -Title: "Find Amazon ECR Image Scan Findings for Recent Images" -Description: "Allows users to query Amazon ECR Image Scan Findings to retrieve detailed information about image scan findings, including attributes such as the severity of the finding, description, and package name where the vulnerability was found." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.repository_name, - f.image_tag, - f.name, - f.severity, - jsonb_pretty(f.attributes) as attributes - from - ( - select - repository_name, - jsonb_array_elements_text(image_tags) as image_tag - from - aws_ecr_image as i - where - i.image_pushed_at > now() - interval '24' hour - ) - images - left outer join - aws_ecr_image_scan_finding as f - on images.repository_name = f.repository_name - and images.image_tag = f.image_tag; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon ECR diff --git a/queries/aws_ecr_registry_scanning_configuration_1.yaml.bak b/queries/aws_ecr_registry_scanning_configuration_1.yaml.bak deleted file mode 100755 index 4823bc31b..000000000 --- a/queries/aws_ecr_registry_scanning_configuration_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ecr_registry_scanning_configuration_1 -Title: "List AWS ECR Registry Scanning Configurations by Region" -Description: "Allows users to query AWS ECR Registry Scanning Configuration at the private registry level on a per-region basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - registry_id, - jsonb_pretty(scanning_configuration), - region - from - aws_ecr_registry_scanning_configuration; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ECR diff --git a/queries/aws_ecr_registry_scanning_configuration_2.yaml.bak b/queries/aws_ecr_registry_scanning_configuration_2.yaml.bak deleted file mode 100755 index 305c0eb18..000000000 --- a/queries/aws_ecr_registry_scanning_configuration_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ecr_registry_scanning_configuration_2 -Title: "Find AWS ECR Registry Scanning Configuration per Region" -Description: "Allows users to query AWS ECR Registry Scanning Configuration at the private registry level on a per-region basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - registry_id, - jsonb_pretty(scanning_configuration), - region - from - aws_ecr_registry_scanning_configuration - where - region = 'ap-south-1'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ECR diff --git a/queries/aws_ecr_registry_scanning_configuration_3.yaml.bak b/queries/aws_ecr_registry_scanning_configuration_3.yaml.bak deleted file mode 100755 index 2a99992a1..000000000 --- a/queries/aws_ecr_registry_scanning_configuration_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ecr_registry_scanning_configuration_3 -Title: "Query AWS ECR Registry Scanning Configuration by Region" -Description: "Allows users to query AWS ECR Registry Scanning Configuration at the private registry level on a per-region basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - registry_id, - region - from - aws_ecr_registry_scanning_configuration - where - scanning_configuration ->> 'ScanType' = 'ENHANCED' - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ECR Registry diff --git a/queries/aws_ecr_repository_1.yaml.bak b/queries/aws_ecr_repository_1.yaml.bak deleted file mode 100755 index 674315e09..000000000 --- a/queries/aws_ecr_repository_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ecr_repository_1 -Title: "List all AWS ECR Repositories and Retrieve Details" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - registry_id, - arn, - repository_uri, - created_at, - region, - account_id - from - aws_ecr_repository; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecr_repository_10.yaml.bak b/queries/aws_ecr_repository_10.yaml.bak deleted file mode 100755 index 05ec54cec..000000000 --- a/queries/aws_ecr_repository_10.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ecr_repository_10 -Title: "List all AWS ECR Repositories with Detailed Information" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - r ->> 'RepositoryArn' as repository_arn, - r ->> 'ScanFrequency' as scan_frequency - from - aws_ecr_repository, - jsonb_array_elements(repository_scanning_configuration -> 'ScanningConfigurations') as r - where - r ->> 'ScanFrequency' = 'MANUAL'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry (ECR) diff --git a/queries/aws_ecr_repository_11.yaml.bak b/queries/aws_ecr_repository_11.yaml.bak deleted file mode 100755 index 9b7ad6c46..000000000 --- a/queries/aws_ecr_repository_11.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ecr_repository_11 -Title: "List AWS ECR Repositories and their Scan Status" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - r ->> 'RepositoryArn' as repository_arn, - r ->> 'ScanOnPush' as scan_on_push - from - aws_ecr_repository, - jsonb_array_elements(repository_scanning_configuration -> 'ScanningConfigurations') as r - where - r ->> 'ScanOnPush' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecr_repository_2.yaml.bak b/queries/aws_ecr_repository_2.yaml.bak deleted file mode 100755 index 22336bdf3..000000000 --- a/queries/aws_ecr_repository_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ecr_repository_2 -Title: "Find AWS ECR Repositories with AES256 Encryption" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - encryption_configuration ->> 'EncryptionType' as encryption_type, - encryption_configuration ->> 'KmsKey' as kms_key - from - aws_ecr_repository - where - encryption_configuration ->> 'EncryptionType' = 'AES256'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecr_repository_2.yaml.bak.bak b/queries/aws_ecr_repository_2.yaml.bak.bak deleted file mode 100755 index 22336bdf3..000000000 --- a/queries/aws_ecr_repository_2.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ecr_repository_2 -Title: "Find AWS ECR Repositories with AES256 Encryption" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - encryption_configuration ->> 'EncryptionType' as encryption_type, - encryption_configuration ->> 'KmsKey' as kms_key - from - aws_ecr_repository - where - encryption_configuration ->> 'EncryptionType' = 'AES256'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecr_repository_3.yaml.bak b/queries/aws_ecr_repository_3.yaml.bak deleted file mode 100755 index 049605c3c..000000000 --- a/queries/aws_ecr_repository_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ecr_repository_3 -Title: "Find AWS ECR Repositories Not Scanning on Push" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - image_scanning_configuration ->> 'ScanOnPush' as scan_on_push - from - aws_ecr_repository - where - image_scanning_configuration ->> 'ScanOnPush' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecr_repository_4.yaml.bak b/queries/aws_ecr_repository_4.yaml.bak deleted file mode 100755 index 50a5def0e..000000000 --- a/queries/aws_ecr_repository_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ecr_repository_4 -Title: "List All AWS ECR Repositories and Retrieve Details" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.repository_name as repository_name, - i.image_digest as image_digest, - i.image_tags as image_tags, - i.image_pushed_at as image_pushed_at, - i.image_size_in_bytes as image_size_in_bytes, - i.last_recorded_pull_time as last_recorded_pull_time, - i.registry_id as registry_id, - i.image_scan_status as image_scan_status - from - aws_ecr_repository as r, - aws_ecr_image as i - where - r.repository_name = i.repository_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecr_repository_5.yaml.bak b/queries/aws_ecr_repository_5.yaml.bak deleted file mode 100755 index 1498828d0..000000000 --- a/queries/aws_ecr_repository_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ecr_repository_5 -Title: "Find AWS ECR Repositories with Failed Image Scans" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.repository_name as repository_name, - i.image_digest as image_digest, - i.image_scan_status as image_scan_status - from - aws_ecr_repository as r, - aws_ecr_image as i - where - r.repository_name = i.repository_name - and i.image_scan_status ->> 'Status' = 'FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecr_repository_6.yaml.bak b/queries/aws_ecr_repository_6.yaml.bak deleted file mode 100755 index 9a8a61861..000000000 --- a/queries/aws_ecr_repository_6.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ecr_repository_6 -Title: "List all AWS ECR Repositories with Immutable Tags" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - image_tag_mutability - from - aws_ecr_repository - where - image_tag_mutability = 'IMMUTABLE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecr_repository_7.yaml.bak b/queries/aws_ecr_repository_7.yaml.bak deleted file mode 100755 index c15722cce..000000000 --- a/queries/aws_ecr_repository_7.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_ecr_repository_7 -Title: "List all AWS ECR Repositories and Retrieve Detailed Information" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - r -> 'selection' ->> 'tagStatus' as tag_status, - r -> 'selection' ->> 'countType' as count_type - from - aws_ecr_repository, - jsonb_array_elements(lifecycle_policy -> 'rules') as r - where - ( - (r -> 'selection' ->> 'tagStatus' <> 'untagged') - and ( - r -> 'selection' ->> 'countType' <> 'sinceImagePushed' - ) - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecr_repository_8.yaml.bak b/queries/aws_ecr_repository_8.yaml.bak deleted file mode 100755 index 2cdebec79..000000000 --- a/queries/aws_ecr_repository_8.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ecr_repository_8 -Title: "Find AWS ECR Repositories Details with SQL Query" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_ecr_repository, - jsonb_array_elements(policy -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and a in ('*', 'ecr:*'); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecr_repository_9.yaml.bak b/queries/aws_ecr_repository_9.yaml.bak deleted file mode 100755 index 36c671f2e..000000000 --- a/queries/aws_ecr_repository_9.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ecr_repository_9 -Title: "Find All Repositories in AWS ECR with Details" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - r ->> 'AppliedScanFilters' as applied_scan_filters, - r ->> 'RepositoryArn' as repository_arn, - r ->> 'ScanFrequency' as scan_frequency, - r ->> 'ScanOnPush' as scan_on_push - from - aws_ecr_repository, - jsonb_array_elements(repository_scanning_configuration -> 'ScanningConfigurations') as r; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry diff --git a/queries/aws_ecrpublic_repository_1.yaml.bak b/queries/aws_ecrpublic_repository_1.yaml.bak deleted file mode 100755 index db7d7fa3d..000000000 --- a/queries/aws_ecrpublic_repository_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ecrpublic_repository_1 -Title: "Find all AWS Elastic Container Registry Public Repositories" -Description: "Allows users to query AWS Elastic Container Registry Public Repository to get detailed information about each ECR public repository within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - registry_id, - arn, - repository_uri, - created_at, - region, - account_id - from - aws_ecrpublic_repository; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry Public diff --git a/queries/aws_ecrpublic_repository_2.yaml.bak b/queries/aws_ecrpublic_repository_2.yaml.bak deleted file mode 100755 index e94348444..000000000 --- a/queries/aws_ecrpublic_repository_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_ecrpublic_repository_2 -Title: "Query Detailed Info for AWS ECR Public Repositories" -Description: "Allows users to query AWS Elastic Container Registry Public Repository to get detailed information about each ECR public repository within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_ecrpublic_repository, - jsonb_array_elements(policy -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and a in ('*', 'ecr-public:*'); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Registry Public diff --git a/queries/aws_ecs_cluster_1.yaml.bak b/queries/aws_ecs_cluster_1.yaml.bak deleted file mode 100755 index a6cb36731..000000000 --- a/queries/aws_ecs_cluster_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ecs_cluster_1 -Title: "List AWS ECS Clusters and Their Configuration Status" -Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_arn, - cluster_name, - active_services_count, - attachments, - attachments_status, - status - from - aws_ecs_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_cluster_2.yaml.bak b/queries/aws_ecs_cluster_2.yaml.bak deleted file mode 100755 index 64eccc3fb..000000000 --- a/queries/aws_ecs_cluster_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ecs_cluster_2 -Title: "Find AWS ECS Clusters with Detailed Information" -Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_arn, - status - from - aws_ecs_cluster - where - status = 'FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_cluster_3.yaml.bak b/queries/aws_ecs_cluster_3.yaml.bak deleted file mode 100755 index 619f2f09c..000000000 --- a/queries/aws_ecs_cluster_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ecs_cluster_3 -Title: "List all AWS ECS Clusters with detailed configuration and status" -Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_arn, - attachment ->> 'id' as attachment_id, - attachment ->> 'status' as attachment_status, - attachment ->> 'type' as attachment_type - from - aws_ecs_cluster, - jsonb_array_elements(attachments) as attachment; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_cluster_4.yaml.bak b/queries/aws_ecs_cluster_4.yaml.bak deleted file mode 100755 index fbba2c17e..000000000 --- a/queries/aws_ecs_cluster_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ecs_cluster_4 -Title: "Find AWS ECS Clusters Configuration and Status" -Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_arn, - setting ->> 'Name' as name, - setting ->> 'Value' as value - from - aws_ecs_cluster, - jsonb_array_elements(settings) as setting - where - setting ->> 'Value' = 'disabled'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml.bak deleted file mode 100755 index 12d73186f..000000000 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ecs_cluster_metric_cpu_utilization_1 -Title: "Find AWS ECS Cluster CPU Utilization Metrics for a Period" -Description: "Allows users to query ECS Cluster CPU Utilization Metrics for a specified period." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization - order by - cluster_name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml.bak deleted file mode 100755 index ef767b423..000000000 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_ecs_cluster_metric_cpu_utilization_2 -Title: "Find ECS Cluster CPU Utilization Metrics Over Period" -Description: "Allows users to query ECS Cluster CPU Utilization Metrics for a specified period." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization - where - average > 80 - order by - cluster_name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml.bak deleted file mode 100755 index 324635275..000000000 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ecs_cluster_metric_cpu_utilization_daily_1 -Title: "List all AWS ECS Cluster Metrics for Daily CPU Utilization" -Description: "Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, specifically CPU utilization on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization_daily - order by - cluster_name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Service diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml.bak deleted file mode 100755 index 5d2cf679d..000000000 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ecs_cluster_metric_cpu_utilization_daily_2 -Title: "List all AWS ECS Cluster Metrics for Daily CPU Utilization" -Description: "Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, specifically CPU utilization on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization_daily - where - average > 80 - order by - cluster_name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Service diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml.bak deleted file mode 100755 index 32b519b50..000000000 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ecs_cluster_metric_cpu_utilization_daily_3 -Title: "Find AWS ECS Cluster Daily CPU Utilization Metrics" -Description: "Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, specifically CPU utilization on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization_daily - where - average < 1 - order by - cluster_name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Service diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml.bak deleted file mode 100755 index 796c1a5b9..000000000 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ecs_cluster_metric_cpu_utilization_hourly_1 -Title: "List AWS ECS Cluster Hourly CPU Utilization Metrics" -Description: "Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization_hourly - order by - cluster_name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon ECS diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml.bak deleted file mode 100755 index 8cedccb8d..000000000 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ecs_cluster_metric_cpu_utilization_hourly_2 -Title: "List AWS ECS Cluster CPU Utilization Metrics Hourly" -Description: "Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization_hourly - where - average > 80 - order by - cluster_name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml.bak b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml.bak deleted file mode 100755 index 2a97bed8c..000000000 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ecs_cluster_metric_cpu_utilization_hourly_3 -Title: "Find AWS ECS Cluster CPU Utilization Metrics Hourly" -Description: "Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization_hourly - where - average < 1 - order by - cluster_name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_container_instance_1.yaml.bak b/queries/aws_ecs_container_instance_1.yaml.bak deleted file mode 100755 index cb790e595..000000000 --- a/queries/aws_ecs_container_instance_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ecs_container_instance_1 -Title: "Find All Running and Pending Tasks for AWS ECS Instances" -Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - ec2_instance_id, - status, - status_reason, - running_tasks_count, - pending_tasks_count - from - aws_ecs_container_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Elastic Container Service (ECS) diff --git a/queries/aws_ecs_container_instance_2.yaml.bak b/queries/aws_ecs_container_instance_2.yaml.bak deleted file mode 100755 index b8fb5f9f4..000000000 --- a/queries/aws_ecs_container_instance_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ecs_container_instance_2 -Title: "Find All AWS ECS Container Instances with Registration Failed" -Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - status, - status_reason - from - aws_ecs_container_instance - where - status = 'REGISTRATION_FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Service diff --git a/queries/aws_ecs_container_instance_3.yaml.bak b/queries/aws_ecs_container_instance_3.yaml.bak deleted file mode 100755 index 8030d2e6f..000000000 --- a/queries/aws_ecs_container_instance_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ecs_container_instance_3 -Title: "List all AWS ECS Container Instances with SQL" -Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - attachment ->> 'id' as attachment_id, - attachment ->> 'status' as attachment_status, - attachment ->> 'type' as attachment_type - from - aws_ecs_container_instance, - jsonb_array_elements(attachments) as attachment; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Elastic Container Service diff --git a/queries/aws_ecs_container_instance_4.yaml.bak b/queries/aws_ecs_container_instance_4.yaml.bak deleted file mode 100755 index 7b577c9fe..000000000 --- a/queries/aws_ecs_container_instance_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ecs_container_instance_4 -Title: "Find AWS ECS Container Instances with Specific AMI IDs" -Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - setting ->> 'Name' as name, - setting ->> 'Value' as value - from - aws_ecs_container_instance, - jsonb_array_elements(attributes) as setting - where - setting ->> 'Name' = 'ecs.ami-id' and - setting ->> 'Value' = 'ami-0babb0c4a4e5769b8'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Elastic Container Service diff --git a/queries/aws_ecs_service_1.yaml.bak b/queries/aws_ecs_service_1.yaml.bak deleted file mode 100755 index 26096176a..000000000 --- a/queries/aws_ecs_service_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ecs_service_1 -Title: "List all services within AWS Elastic Container Service" -Description: "Allows users to query AWS Elastic Container Service (ECS) to retrieve information about the services within the ECS clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - cluster_arn, - task_definition, - status - from - aws_ecs_service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Service diff --git a/queries/aws_ecs_service_2.yaml.bak b/queries/aws_ecs_service_2.yaml.bak deleted file mode 100755 index 1cdad04ca..000000000 --- a/queries/aws_ecs_service_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ecs_service_2 -Title: "List all AWS ECS services in clusters" -Description: "Allows users to query AWS Elastic Container Service (ECS) to retrieve information about the services within the ECS clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - launch_type, - platform_version - from - aws_ecs_service - where - launch_type = 'FARGATE' - and platform_version is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Service diff --git a/queries/aws_ecs_service_3.yaml.bak b/queries/aws_ecs_service_3.yaml.bak deleted file mode 100755 index 2a16cecac..000000000 --- a/queries/aws_ecs_service_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ecs_service_3 -Title: "List all inactive services in AWS ECS clusters" -Description: "Allows users to query AWS Elastic Container Service (ECS) to retrieve information about the services within the ECS clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - status - from - aws_ecs_service - where - status = 'INACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Container Service diff --git a/queries/aws_ecs_task_1.yaml.bak b/queries/aws_ecs_task_1.yaml.bak deleted file mode 100755 index 020961b6b..000000000 --- a/queries/aws_ecs_task_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ecs_task_1 -Title: "List all AWS ECS Tasks with their Status and Metadata" -Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - desired_status, - launch_type, - task_arn - from - aws_ecs_task; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_task_2.yaml.bak b/queries/aws_ecs_task_2.yaml.bak deleted file mode 100755 index a77810bcc..000000000 --- a/queries/aws_ecs_task_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ecs_task_2 -Title: "List all AWS ECS Tasks with Status, Definition, and Metadata" -Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - task_arn, - a ->> 'Id' as attachment_id, - a ->> 'Status' as attachment_status, - a ->> 'Type' as attachment_type, - jsonb_pretty(a -> 'Details') as attachment_details - from - aws_ecs_task, - jsonb_array_elements(attachments) as a; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_task_3.yaml.bak b/queries/aws_ecs_task_3.yaml.bak deleted file mode 100755 index 9d80f2580..000000000 --- a/queries/aws_ecs_task_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ecs_task_3 -Title: "List all AWS ECS Tasks with Detailed Metadata" -Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - task_arn, - protection ->> 'ProtectionEnabled' as protection_enabled, - protection ->> 'ExpirationDate' as protection_expiration_date - from - aws_ecs_task; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_task_3.yaml.bak.bak b/queries/aws_ecs_task_3.yaml.bak.bak deleted file mode 100755 index 9d80f2580..000000000 --- a/queries/aws_ecs_task_3.yaml.bak.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ecs_task_3 -Title: "List all AWS ECS Tasks with Detailed Metadata" -Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - task_arn, - protection ->> 'ProtectionEnabled' as protection_enabled, - protection ->> 'ExpirationDate' as protection_expiration_date - from - aws_ecs_task; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_task_definition_1.yaml.bak b/queries/aws_ecs_task_definition_1.yaml.bak deleted file mode 100755 index 614a929e9..000000000 --- a/queries/aws_ecs_task_definition_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ecs_task_definition_1 -Title: "List AWS ECS Task Definitions to Gain Service Insights" -Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - task_definition_arn, - cpu, - network_mode, - title, - status, - tags - from - aws_ecs_task_definition; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_task_definition_2.yaml.bak b/queries/aws_ecs_task_definition_2.yaml.bak deleted file mode 100755 index ce954daa0..000000000 --- a/queries/aws_ecs_task_definition_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ecs_task_definition_2 -Title: "Find AWS ECS Task Definitions Configuration Details" -Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - task_definition_arn, - jsonb_array_length(container_definitions) as num_of_conatiners - from - aws_ecs_task_definition; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_task_definition_3.yaml.bak b/queries/aws_ecs_task_definition_3.yaml.bak deleted file mode 100755 index 5bb62a778..000000000 --- a/queries/aws_ecs_task_definition_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ecs_task_definition_3 -Title: "List all AWS ECS Task Definitions with Privileged Containers" -Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - task_definition_arn, - cd ->> 'Privileged' as privileged, - cd ->> 'Name' as container_name - from - aws_ecs_task_definition, - jsonb_array_elements(container_definitions) as cd - where - cd ->> 'Privileged' = 'true'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_task_definition_3.yaml.bak.bak b/queries/aws_ecs_task_definition_3.yaml.bak.bak deleted file mode 100755 index 5bb62a778..000000000 --- a/queries/aws_ecs_task_definition_3.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ecs_task_definition_3 -Title: "List all AWS ECS Task Definitions with Privileged Containers" -Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - task_definition_arn, - cd ->> 'Privileged' as privileged, - cd ->> 'Name' as container_name - from - aws_ecs_task_definition, - jsonb_array_elements(container_definitions) as cd - where - cd ->> 'Privileged' = 'true'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_ecs_task_definition_4.yaml.bak b/queries/aws_ecs_task_definition_4.yaml.bak deleted file mode 100755 index 34319e329..000000000 --- a/queries/aws_ecs_task_definition_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ecs_task_definition_4 -Title: "Find AWS ECS Task Definitions Without Log Config" -Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - task_definition_arn, - cd ->> 'Name' as container_name, - cd ->> 'LogConfiguration' as log_configuration - from - aws_ecs_task_definition, - jsonb_array_elements(container_definitions) as cd - where - cd ->> 'LogConfiguration' is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ECS diff --git a/queries/aws_efs_access_point_1.yaml.bak b/queries/aws_efs_access_point_1.yaml.bak deleted file mode 100755 index 51897c397..000000000 --- a/queries/aws_efs_access_point_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_efs_access_point_1 -Title: "List all Amazon EFS Access Points Configurations" -Description: "Allows users to query Amazon EFS Access Points, providing detailed information about each access point''s configuration, including the file system it is associated with, its access point ID, and other related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_point_id, - access_point_arn, - file_system_id, - life_cycle_state, - owner_id, - root_directory - from - aws_efs_access_point; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EFS diff --git a/queries/aws_efs_access_point_2.yaml.bak b/queries/aws_efs_access_point_2.yaml.bak deleted file mode 100755 index ee10784b9..000000000 --- a/queries/aws_efs_access_point_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_efs_access_point_2 -Title: "Find all Detailed Info About AWS EFS Access Points" -Description: "Allows users to query Amazon EFS Access Points, providing detailed information about each access point''s configuration, including the file system it is associated with, its access point ID, and other related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_point_id, - file_system_id, - owner_id, - root_directory - from - aws_efs_access_point - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EFS diff --git a/queries/aws_efs_access_point_3.yaml.bak b/queries/aws_efs_access_point_3.yaml.bak deleted file mode 100755 index bdaa6694a..000000000 --- a/queries/aws_efs_access_point_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_efs_access_point_3 -Title: "List all Amazon EFS Access Points with State 'Error'" -Description: "Allows users to query Amazon EFS Access Points, providing detailed information about each access point''s configuration, including the file system it is associated with, its access point ID, and other related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_point_id, - life_cycle_state, - file_system_id, - owner_id, - root_directory - from - aws_efs_access_point - where - life_cycle_state = 'error'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EFS diff --git a/queries/aws_efs_file_system_1.yaml.bak b/queries/aws_efs_file_system_1.yaml.bak deleted file mode 100755 index dc343e1ca..000000000 --- a/queries/aws_efs_file_system_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_efs_file_system_1 -Title: "Find EFS File Systems with Details from AWS" -Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - file_system_id, - owner_id, - automatic_backups, - creation_token, - creation_time, - life_cycle_state, - number_of_mount_targets, - performance_mode, - throughput_mode - from - aws_efs_file_system; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic File System diff --git a/queries/aws_efs_file_system_2.yaml.bak b/queries/aws_efs_file_system_2.yaml.bak deleted file mode 100755 index 7ca28451a..000000000 --- a/queries/aws_efs_file_system_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_efs_file_system_2 -Title: "Find AWS EFS file systems with detailed information" -Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - file_system_id, - encrypted, - kms_key_id, - region - from - aws_efs_file_system - where - not encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic File System diff --git a/queries/aws_efs_file_system_3.yaml.bak b/queries/aws_efs_file_system_3.yaml.bak deleted file mode 100755 index 4abcdc541..000000000 --- a/queries/aws_efs_file_system_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_efs_file_system_3 -Title: "Find detailed info about AWS EFS file systems" -Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - file_system_id, - size_in_bytes ->> 'Value' as data_size, - size_in_bytes ->> 'Timestamp' as data_size_timestamp, - size_in_bytes ->> 'ValueInIA' as data_size_infrequent_access_storage, - size_in_bytes ->> 'ValueInStandard' as data_size_standard_storage - from - aws_efs_file_system; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic File System diff --git a/queries/aws_efs_file_system_4.yaml.bak b/queries/aws_efs_file_system_4.yaml.bak deleted file mode 100755 index ea5f9cd0b..000000000 --- a/queries/aws_efs_file_system_4.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_efs_file_system_4 -Title: "Find AWS EFS File System with Specific Client Root Access" -Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_efs_file_system, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - a in ('elasticfilesystem:clientrootaccess'); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic File System diff --git a/queries/aws_efs_file_system_5.yaml.bak b/queries/aws_efs_file_system_5.yaml.bak deleted file mode 100755 index ce52f9a4c..000000000 --- a/queries/aws_efs_file_system_5.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_efs_file_system_5 -Title: "List all AWS EFS File Systems with Detailed Information" -Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title - from - aws_efs_file_system - where - title not in ( - select - title - from - aws_efs_file_system, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a, - jsonb_array_elements_text( - s -> 'Condition' -> 'Bool' -> 'aws:securetransport' - ) as ssl - where - p = '*' - and s ->> 'Effect' = 'Deny' - and ssl :: bool = false - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic File System diff --git a/queries/aws_efs_file_system_6.yaml.bak b/queries/aws_efs_file_system_6.yaml.bak deleted file mode 100755 index 65fb9d0a6..000000000 --- a/queries/aws_efs_file_system_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_efs_file_system_6 -Title: "List AWS EFS file systems with automatic backups enabled" -Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - automatic_backups, - arn, - file_system_id - from - aws_efs_file_system - where - automatic_backups = 'enabled'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic File System (EFS) diff --git a/queries/aws_efs_mount_target_1.yaml.bak b/queries/aws_efs_mount_target_1.yaml.bak deleted file mode 100755 index e769feecd..000000000 --- a/queries/aws_efs_mount_target_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_efs_mount_target_1 -Title: "Find AWS EFS Mount Targets Configuration and Status" -Description: "Allows users to query AWS EFS Mount Targets for detailed information about each mount target''s configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - mount_target_id, - file_system_id, - life_cycle_state, - availability_zone_id, - availability_zone_name - from - aws_efs_mount_target; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EFS diff --git a/queries/aws_efs_mount_target_2.yaml.bak b/queries/aws_efs_mount_target_2.yaml.bak deleted file mode 100755 index 7ecad43af..000000000 --- a/queries/aws_efs_mount_target_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_efs_mount_target_2 -Title: "Find AWS EFS Mount Targets Configuration and Status" -Description: "Allows users to query AWS EFS Mount Targets for detailed information about each mount target''s configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - mount_target_id, - network_interface_id, - subnet_id, - vpc_id - from - aws_efs_mount_target; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EFS Mount Targets diff --git a/queries/aws_eks_addon_1.yaml.bak b/queries/aws_eks_addon_1.yaml.bak deleted file mode 100755 index ce0c1901f..000000000 --- a/queries/aws_eks_addon_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_eks_addon_1 -Title: "Find AWS EKS Add-Ons Information" -Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - addon_name, - arn, - addon_version, - cluster_name, - status, - service_account_role_arn - from - aws_eks_addon; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EKS diff --git a/queries/aws_eks_addon_2.yaml.bak b/queries/aws_eks_addon_2.yaml.bak deleted file mode 100755 index a98284fa4..000000000 --- a/queries/aws_eks_addon_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_eks_addon_2 -Title: "Find all AWS EKS add-ons associated with EKS clusters" -Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - addon_name, - arn, - cluster_name, - status - from - aws_eks_addon - where - status <> 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EKS diff --git a/queries/aws_eks_addon_3.yaml.bak b/queries/aws_eks_addon_3.yaml.bak deleted file mode 100755 index 543457338..000000000 --- a/queries/aws_eks_addon_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_eks_addon_3 -Title: "List all Add-Ons Associated with Each Amazon EKS Cluster" -Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - count(addon_name) as addon_count - from - aws_eks_addon - group by - cluster_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EKS diff --git a/queries/aws_eks_addon_3.yaml.bak.bak b/queries/aws_eks_addon_3.yaml.bak.bak deleted file mode 100755 index 543457338..000000000 --- a/queries/aws_eks_addon_3.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_eks_addon_3 -Title: "List all Add-Ons Associated with Each Amazon EKS Cluster" -Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - count(addon_name) as addon_count - from - aws_eks_addon - group by - cluster_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EKS diff --git a/queries/aws_eks_addon_version_1.yaml.bak b/queries/aws_eks_addon_version_1.yaml.bak deleted file mode 100755 index 9460577f6..000000000 --- a/queries/aws_eks_addon_version_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_eks_addon_version_1 -Title: "List AWS EKS Add-On Versions" -Description: "Allows users to query AWS EKS Add-On Versions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - addon_name, - addon_version, - type - from - aws_eks_addon_version; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EKS diff --git a/queries/aws_eks_addon_version_2.yaml.bak b/queries/aws_eks_addon_version_2.yaml.bak deleted file mode 100755 index 9f7fb4ce6..000000000 --- a/queries/aws_eks_addon_version_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_eks_addon_version_2 -Title: "List All AWS EKS Add-On Versions and Their Counts" -Description: "Allows users to query AWS EKS Add-On Versions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - addon_name, - count(addon_version) as addon_version_count - from - aws_eks_addon_version - group by - addon_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EKS diff --git a/queries/aws_eks_addon_version_3.yaml.bak b/queries/aws_eks_addon_version_3.yaml.bak deleted file mode 100755 index c3be2e23f..000000000 --- a/queries/aws_eks_addon_version_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_eks_addon_version_3 -Title: "Find AWS EKS Add-On Versions" -Description: "Allows users to query AWS EKS Add-On Versions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - addon_name, - addon_version, - addon_configuration -> '$defs' -> 'extraVolumeTags' ->> 'description' as addon_configuration_def_description, - addon_configuration -> '$defs' -> 'extraVolumeTags' -> 'propertyNames' as addon_configuration_def_property_names, - addon_configuration -> '$defs' -> 'extraVolumeTags' -> 'patternProperties' as addon_configuration_def_pattern_properties, - addon_configuration -> 'properties' as addon_configuration_properties - from - aws_eks_addon_version limit 10; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EKS diff --git a/queries/aws_eks_cluster_1.yaml.bak b/queries/aws_eks_cluster_1.yaml.bak deleted file mode 100755 index bc90c2492..000000000 --- a/queries/aws_eks_cluster_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_eks_cluster_1 -Title: "Query AWS EKS Cluster Configuration and Statuses" -Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - endpoint, - identity, - status - from - aws_eks_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Kubernetes Service diff --git a/queries/aws_eks_cluster_2.yaml.bak b/queries/aws_eks_cluster_2.yaml.bak deleted file mode 100755 index 5af18cad9..000000000 --- a/queries/aws_eks_cluster_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_eks_cluster_2 -Title: "Find AWS EKS Cluster Configurations and Metadata" -Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - resources_vpc_config ->> 'ClusterSecurityGroupId' as cluster_security_group_id, - resources_vpc_config ->> 'EndpointPrivateAccess' as endpoint_private_access, - resources_vpc_config ->> 'EndpointPublicAccess' as endpoint_public_access, - resources_vpc_config ->> 'PublicAccessCidrs' as public_access_cidrs, - resources_vpc_config ->> 'SecurityGroupIds' as security_group_ids, - resources_vpc_config -> 'SubnetIds' as subnet_ids, - resources_vpc_config ->> 'VpcId' as vpc_id - from - aws_eks_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Kubernetes Service diff --git a/queries/aws_eks_cluster_3.yaml.bak b/queries/aws_eks_cluster_3.yaml.bak deleted file mode 100755 index 47b52b472..000000000 --- a/queries/aws_eks_cluster_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_eks_cluster_3 -Title: "Find AWS EKS Cluster Configurations and Statuses" -Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - i ->> 'Enabled' as enabled, - i ->> 'Types' as types - from - aws_eks_cluster, - jsonb_array_elements(logging -> 'ClusterLogging') as i - where - i ->> 'Enabled' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Kubernetes Service diff --git a/queries/aws_eks_cluster_4.yaml.bak b/queries/aws_eks_cluster_4.yaml.bak deleted file mode 100755 index 074199b30..000000000 --- a/queries/aws_eks_cluster_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_eks_cluster_4 -Title: "Find AWS EKS Cluster Configurations and Statuses" -Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - version - from - aws_eks_cluster - where - version <> '1.19'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Kubernetes Service diff --git a/queries/aws_eks_fargate_profile_1.yaml.bak b/queries/aws_eks_fargate_profile_1.yaml.bak deleted file mode 100755 index 59767ba08..000000000 --- a/queries/aws_eks_fargate_profile_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_eks_fargate_profile_1 -Title: "List all AWS EKS Fargate Profiles and their Details" -Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - fargate_profile_name, - fargate_profile_arn, - cluster_name, - created_at, - status, - tags - from - aws_eks_fargate_profile; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EKS diff --git a/queries/aws_eks_fargate_profile_1.yaml.bak.bak b/queries/aws_eks_fargate_profile_1.yaml.bak.bak deleted file mode 100755 index 59767ba08..000000000 --- a/queries/aws_eks_fargate_profile_1.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_eks_fargate_profile_1 -Title: "List all AWS EKS Fargate Profiles and their Details" -Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - fargate_profile_name, - fargate_profile_arn, - cluster_name, - created_at, - status, - tags - from - aws_eks_fargate_profile; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EKS diff --git a/queries/aws_eks_fargate_profile_2.yaml.bak b/queries/aws_eks_fargate_profile_2.yaml.bak deleted file mode 100755 index fbd91a5e2..000000000 --- a/queries/aws_eks_fargate_profile_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_eks_fargate_profile_2 -Title: "List all AWS EKS Fargate Profiles by name, ARN, and status" -Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - fargate_profile_name, - fargate_profile_arn, - cluster_name, - created_at, - status - from - aws_eks_fargate_profile - where - status <> 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EKS diff --git a/queries/aws_eks_fargate_profile_3.yaml.bak b/queries/aws_eks_fargate_profile_3.yaml.bak deleted file mode 100755 index b38aa06ff..000000000 --- a/queries/aws_eks_fargate_profile_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_eks_fargate_profile_3 -Title: "Find AWS EKS Fargate Profile Details with SQL" -Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.fargate_profile_name, - f.cluster_name, - f.status as fargate_profile_status, - s.availability_zone, - s.available_ip_address_count, - s.cidr_block, - s.vpc_id - from - aws_eks_fargate_profile as f, - aws_vpc_subnet as s, - jsonb_array_elements(f.subnets) as subnet_id - where - s.subnet_id = subnet_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EKS diff --git a/queries/aws_eks_fargate_profile_4.yaml.bak b/queries/aws_eks_fargate_profile_4.yaml.bak deleted file mode 100755 index e9f01938c..000000000 --- a/queries/aws_eks_fargate_profile_4.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_eks_fargate_profile_4 -Title: "List AWS EKS Fargate Profiles with Details" -Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.name as cluster_name, - c.arn as cluster_arn, - c.version as cluster_version, - f.fargate_profile_name as fargate_profile_name, - f.fargate_profile_arn as fargate_profile_arn, - f.created_at as created_at, - f.pod_execution_role_arn as pod_execution_role_arn, - f.status as fargate_profile_status - from - aws_eks_fargate_profile as f, - aws_eks_cluster as c - where - c.version::float > 1.19 and f.cluster_name = c.name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EKS diff --git a/queries/aws_eks_identity_provider_config_1.yaml.bak b/queries/aws_eks_identity_provider_config_1.yaml.bak deleted file mode 100755 index 8d08d7345..000000000 --- a/queries/aws_eks_identity_provider_config_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_eks_identity_provider_config_1 -Title: "Find Amazon EKS Identity Providers' Configurations" -Description: "Allows users to query Amazon EKS Identity Provider Configurations for detailed information about the identity provider configurations for Amazon EKS clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - cluster_name, - tags, - status - from - aws_eks_identity_provider_config; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EKS diff --git a/queries/aws_eks_identity_provider_config_2.yaml.bak b/queries/aws_eks_identity_provider_config_2.yaml.bak deleted file mode 100755 index 34beda465..000000000 --- a/queries/aws_eks_identity_provider_config_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_eks_identity_provider_config_2 -Title: "Find all Amazon EKS Identity Provider Configurations" -Description: "Allows users to query Amazon EKS Identity Provider Configurations for detailed information about the identity provider configurations for Amazon EKS clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - cluster_name, - type - from - aws_eks_identity_provider_config - where - type = 'oidc'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon EKS diff --git a/queries/aws_eks_node_group_1.yaml.bak b/queries/aws_eks_node_group_1.yaml.bak deleted file mode 100755 index 6fa0e73a1..000000000 --- a/queries/aws_eks_node_group_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_eks_node_group_1 -Title: "List all node groups in AWS EKS clusters using SQL" -Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nodegroup_name, - arn, - created_at, - cluster_name, - status - from - aws_eks_node_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EKS diff --git a/queries/aws_eks_node_group_2.yaml.bak b/queries/aws_eks_node_group_2.yaml.bak deleted file mode 100755 index 687ab61fe..000000000 --- a/queries/aws_eks_node_group_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_eks_node_group_2 -Title: "List all AWS EKS Node Group data within a cluster" -Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nodegroup_name, - arn, - created_at, - cluster_name, - status - from - aws_eks_node_group - where - status <> 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Kubernetes Service (EKS) diff --git a/queries/aws_eks_node_group_3.yaml.bak b/queries/aws_eks_node_group_3.yaml.bak deleted file mode 100755 index 7acfdb753..000000000 --- a/queries/aws_eks_node_group_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_eks_node_group_3 -Title: "List all AWS EKS Node Groups with Health Information" -Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nodegroup_name, - cluster_name, - jsonb_pretty(health) as health - from - aws_eks_node_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Kubernetes Service diff --git a/queries/aws_eks_node_group_4.yaml.bak b/queries/aws_eks_node_group_4.yaml.bak deleted file mode 100755 index c5ba6fb55..000000000 --- a/queries/aws_eks_node_group_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_eks_node_group_4 -Title: "List all AWS EKS Node Groups with Template Info" -Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nodegroup_name, - cluster_name, - jsonb_pretty(launch_template) as launch_template - from - aws_eks_node_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EKS diff --git a/queries/aws_elastic_beanstalk_application_1.yaml.bak b/queries/aws_elastic_beanstalk_application_1.yaml.bak deleted file mode 100755 index 4147273c3..000000000 --- a/queries/aws_elastic_beanstalk_application_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_elastic_beanstalk_application_1 -Title: "Find AWS Elastic Beanstalk Application Details" -Description: "Allows users to query AWS Elastic Beanstalk Applications to obtain details about their configurations, versions, environment, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - description, - date_created, - date_updated, - versions - from - aws_elastic_beanstalk_application; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_2.yaml.bak b/queries/aws_elastic_beanstalk_application_2.yaml.bak deleted file mode 100755 index 90a7d55c7..000000000 --- a/queries/aws_elastic_beanstalk_application_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_elastic_beanstalk_application_2 -Title: "List all AWS Elastic Beanstalk Application Configurations" -Description: "Allows users to query AWS Elastic Beanstalk Applications to obtain details about their configurations, versions, environment, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - resource_lifecycle_config ->> 'ServiceRole' as role, - resource_lifecycle_config -> 'VersionLifecycleConfig' ->> 'MaxAgeRule' as max_age_rule, - resource_lifecycle_config -> 'VersionLifecycleConfig' ->> 'MaxCountRule' as max_count_rule - from - aws_elastic_beanstalk_application; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_version_1.yaml.bak b/queries/aws_elastic_beanstalk_application_version_1.yaml.bak deleted file mode 100755 index 4c1f45984..000000000 --- a/queries/aws_elastic_beanstalk_application_version_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_elastic_beanstalk_application_version_1 -Title: "Find Elastic Beanstalk Application Versions Details" -Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_arn, - version_label, - description, - date_created, - date_updated, - source_bundle - from - aws_elastic_beanstalk_application_version; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_version_2.yaml.bak b/queries/aws_elastic_beanstalk_application_version_2.yaml.bak deleted file mode 100755 index d9ce415cc..000000000 --- a/queries/aws_elastic_beanstalk_application_version_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_elastic_beanstalk_application_version_2 -Title: "List all details of AWS Elastic Beanstalk Versions" -Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_arn, - version_label, - date_updated - from - aws_elastic_beanstalk_application_version - order by - date_updated desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_version_3.yaml.bak b/queries/aws_elastic_beanstalk_application_version_3.yaml.bak deleted file mode 100755 index af14a3e9e..000000000 --- a/queries/aws_elastic_beanstalk_application_version_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_elastic_beanstalk_application_version_3 -Title: "List AWS Elastic Beanstalk Application Versions Details" -Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_arn, - version_label, - status - from - aws_elastic_beanstalk_application_version - where - status = 'Processed'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_version_4.yaml.bak b/queries/aws_elastic_beanstalk_application_version_4.yaml.bak deleted file mode 100755 index d6d0261c8..000000000 --- a/queries/aws_elastic_beanstalk_application_version_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_elastic_beanstalk_application_version_4 -Title: "List all AWS Elastic Beanstalk App Version Details" -Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_arn, - version_label, - description, - date_created, - date_updated, - source_bundle - from - aws_elastic_beanstalk_application_version - where - application_name = 'my-application'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_version_5.yaml.bak b/queries/aws_elastic_beanstalk_application_version_5.yaml.bak deleted file mode 100755 index 2547ee7be..000000000 --- a/queries/aws_elastic_beanstalk_application_version_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_elastic_beanstalk_application_version_5 -Title: "Find Elastic Beanstalk App Version Details and Metadata" -Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_arn, - version_label, - tags - from - aws_elastic_beanstalk_application_version - where - tags ->> 'Environment' = 'Production'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_application_version_6.yaml.bak b/queries/aws_elastic_beanstalk_application_version_6.yaml.bak deleted file mode 100755 index 9d5a54b2c..000000000 --- a/queries/aws_elastic_beanstalk_application_version_6.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_elastic_beanstalk_application_version_6 -Title: "List all AWS Elastic Beanstalk Application Versions Details" -Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_arn, - version_label - from - aws_elastic_beanstalk_application_version - where - source_build_information ->> 'SourceRepository' = 'CodeCommit'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_1.yaml.bak b/queries/aws_elastic_beanstalk_environment_1.yaml.bak deleted file mode 100755 index 8733b2614..000000000 --- a/queries/aws_elastic_beanstalk_environment_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_elastic_beanstalk_environment_1 -Title: "List all AWS Elastic Beanstalk Environment Details" -Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - environment_id, - environment_name, - application_name, - arn, - tier - from - aws_elastic_beanstalk_environment; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_2.yaml.bak b/queries/aws_elastic_beanstalk_environment_2.yaml.bak deleted file mode 100755 index d1f94a520..000000000 --- a/queries/aws_elastic_beanstalk_environment_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_elastic_beanstalk_environment_2 -Title: "Find AWS Elastic Beanstalk Environments and Operations" -Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - environment_name, - abortable_operation_in_progress - from - aws_elastic_beanstalk_environment - where - abortable_operation_in_progress = 'true'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_3.yaml.bak b/queries/aws_elastic_beanstalk_environment_3.yaml.bak deleted file mode 100755 index c8c1fe364..000000000 --- a/queries/aws_elastic_beanstalk_environment_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_elastic_beanstalk_environment_3 -Title: "Find AWS Elastic Beanstalk Environments with Health Status Red" -Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - environment_name, - application_name, - environment_id, - health - from - aws_elastic_beanstalk_environment - where - health = 'Red'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_3.yaml.bak.bak b/queries/aws_elastic_beanstalk_environment_3.yaml.bak.bak deleted file mode 100755 index c8c1fe364..000000000 --- a/queries/aws_elastic_beanstalk_environment_3.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_elastic_beanstalk_environment_3 -Title: "Find AWS Elastic Beanstalk Environments with Health Status Red" -Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - environment_name, - application_name, - environment_id, - health - from - aws_elastic_beanstalk_environment - where - health = 'Red'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_4.yaml.bak b/queries/aws_elastic_beanstalk_environment_4.yaml.bak deleted file mode 100755 index 598f25755..000000000 --- a/queries/aws_elastic_beanstalk_environment_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_elastic_beanstalk_environment_4 -Title: "Find all AWS Elastic Beanstalk Environments' Health Status" -Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - environment_name, - health_status - from - aws_elastic_beanstalk_environment - where - health_status = 'Suspended'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_5.yaml.bak b/queries/aws_elastic_beanstalk_environment_5.yaml.bak deleted file mode 100755 index 876f9c95e..000000000 --- a/queries/aws_elastic_beanstalk_environment_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_elastic_beanstalk_environment_5 -Title: "List All AWS Elastic Beanstalk Environment Configurations and Status" -Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - environment_name, - a ->> 'ActionDescription' as action_description, - a ->> 'ActionId' as action_id, - a ->> 'ActionType' as action_type, - a ->> 'Status' as action_status, - a ->> 'WindowStartTime' as action_window_start_time - from - aws_elastic_beanstalk_environment, - jsonb_array_elements(managed_actions) as a; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Beanstalk diff --git a/queries/aws_elastic_beanstalk_environment_6.yaml.bak b/queries/aws_elastic_beanstalk_environment_6.yaml.bak deleted file mode 100755 index df829dc1c..000000000 --- a/queries/aws_elastic_beanstalk_environment_6.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_elastic_beanstalk_environment_6 -Title: "List all AWS Elastic Beanstalk Environments with Metadata" -Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - environment_name, - application_name, - c ->> 'DateCreated' as date_created, - c ->> 'DateUpdated' as date_updated, - c ->> 'DeploymentStatus' as deployment_status, - c ->> 'Description' as description, - c -> 'OptionSettings' ->> 'Namespace' as option_settings_namespace, - c -> 'OptionSettings' ->> 'OptionName' as option_name, - c -> 'OptionSettings' ->> 'ResourceName' as option_resource_name, - c -> 'OptionSettings' ->> 'Value' as option_value, - c ->> 'PlatformArn' as platform_arn, - c ->> 'SolutionStackName' as solution_stack_name, - c ->> 'TemplateName' as template_name - from - aws_elastic_beanstalk_environment, - jsonb_array_elements(configuration_settings) as c; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic Beanstalk diff --git a/queries/aws_elasticache_cluster_1.yaml.bak b/queries/aws_elasticache_cluster_1.yaml.bak deleted file mode 100755 index 3912e80b3..000000000 --- a/queries/aws_elasticache_cluster_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_elasticache_cluster_1 -Title: "List all AWS ElastiCache Clusters with Encryption Disabled" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - cache_node_type, - at_rest_encryption_enabled - from - aws_elasticache_cluster - where - not at_rest_encryption_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_cluster_2.yaml.bak b/queries/aws_elasticache_cluster_2.yaml.bak deleted file mode 100755 index 24321495c..000000000 --- a/queries/aws_elasticache_cluster_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_elasticache_cluster_2 -Title: "Find Amazon ElastiCache Cluster Information within AWS" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - preferred_availability_zone - from - aws_elasticache_cluster - where - preferred_availability_zone <> 'Multiple'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon ElastiCache diff --git a/queries/aws_elasticache_cluster_2.yaml.bak.bak b/queries/aws_elasticache_cluster_2.yaml.bak.bak deleted file mode 100755 index 24321495c..000000000 --- a/queries/aws_elasticache_cluster_2.yaml.bak.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_elasticache_cluster_2 -Title: "Find Amazon ElastiCache Cluster Information within AWS" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - preferred_availability_zone - from - aws_elasticache_cluster - where - preferred_availability_zone <> 'Multiple'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon ElastiCache diff --git a/queries/aws_elasticache_cluster_3.yaml.bak b/queries/aws_elasticache_cluster_3.yaml.bak deleted file mode 100755 index 1ebd1d0e7..000000000 --- a/queries/aws_elasticache_cluster_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_elasticache_cluster_3 -Title: "Query Amazon ElastiCache Cluster Data with SQL" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - cache_node_type, - transit_encryption_enabled - from - aws_elasticache_cluster - where - not transit_encryption_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon ElastiCache diff --git a/queries/aws_elasticache_cluster_4.yaml.bak b/queries/aws_elasticache_cluster_4.yaml.bak deleted file mode 100755 index 7ee1b867a..000000000 --- a/queries/aws_elasticache_cluster_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_elasticache_cluster_4 -Title: "List all Amazon ElastiCache Cluster data in AWS account" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_node_type, - count(*) as count - from - aws_elasticache_cluster - where - cache_node_type not in ('cache.m5.large', 'cache.m4.4xlarge') - group by - cache_node_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon ElastiCache diff --git a/queries/aws_elasticache_cluster_5.yaml.bak b/queries/aws_elasticache_cluster_5.yaml.bak deleted file mode 100755 index e1278a745..000000000 --- a/queries/aws_elasticache_cluster_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_elasticache_cluster_5 -Title: "Find Inactive Amazon ElastiCache Clusters" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - cache_cluster_status, - notification_configuration ->> 'TopicArn' as topic_arn, - notification_configuration ->> 'TopicStatus' as topic_status - from - aws_elasticache_cluster - where - notification_configuration ->> 'TopicStatus' = 'inactive'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon ElastiCache diff --git a/queries/aws_elasticache_cluster_6.yaml.bak b/queries/aws_elasticache_cluster_6.yaml.bak deleted file mode 100755 index 1718ccffa..000000000 --- a/queries/aws_elasticache_cluster_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_elasticache_cluster_6 -Title: "List All Amazon ElastiCache Clusters with Security Details" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - sg ->> 'SecurityGroupId' as security_group_id, - sg ->> 'Status' as status - from - aws_elasticache_cluster, - jsonb_array_elements(security_groups) as sg; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_cluster_7.yaml.bak b/queries/aws_elasticache_cluster_7.yaml.bak deleted file mode 100755 index fca001e56..000000000 --- a/queries/aws_elasticache_cluster_7.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_elasticache_cluster_7 -Title: "List all information about each ElastiCache Cluster" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - cache_node_type, - cache_cluster_status, - snapshot_retention_limit - from - aws_elasticache_cluster - where - snapshot_retention_limit is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_parameter_group_1.yaml.bak b/queries/aws_elasticache_parameter_group_1.yaml.bak deleted file mode 100755 index b4000579d..000000000 --- a/queries/aws_elasticache_parameter_group_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_elasticache_parameter_group_1 -Title: "Find AWS Elasticache Parameter Groups configurations" -Description: "Allows users to query AWS Elasticache Parameter Groups, providing detailed information about each group''s configurations, parameters, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_parameter_group_name, - description, - cache_parameter_group_family, - description, - is_global - from - aws_elasticache_parameter_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elasticache diff --git a/queries/aws_elasticache_parameter_group_2.yaml.bak b/queries/aws_elasticache_parameter_group_2.yaml.bak deleted file mode 100755 index f9e71e680..000000000 --- a/queries/aws_elasticache_parameter_group_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_elasticache_parameter_group_2 -Title: "Find AWS Elasticache Parameter Groups and Configurations" -Description: "Allows users to query AWS Elasticache Parameter Groups, providing detailed information about each group''s configurations, parameters, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_parameter_group_family, - count(*) as count - from - aws_elasticache_parameter_group - where - cache_parameter_group_family not in ('redis5.0', 'memcached1.5') - group by - cache_parameter_group_family; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elasticache diff --git a/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml.bak b/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml.bak deleted file mode 100755 index 9f69149fc..000000000 --- a/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_elasticache_redis_metric_cache_hits_hourly_1 -Title: "List All AWS ElastiCache Redis Cache Hits Hourly" -Description: "Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_elasticache_redis_metric_cache_hits_hourly - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml.bak b/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml.bak deleted file mode 100755 index 8bbc922c6..000000000 --- a/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_elasticache_redis_metric_cache_hits_hourly_2 -Title: "List All Amazon ElastiCache Redis Hourly Cache Hits" -Description: "Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(sum::numeric,2) as sum_cachehits, - round(average::numeric,2) as average_cachehits, - sample_count - from - aws_elasticache_redis_metric_cache_hits_hourly - where sum < 10 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon ElastiCache diff --git a/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml.bak b/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml.bak deleted file mode 100755 index 03e5ee65d..000000000 --- a/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_elasticache_redis_metric_cache_hits_hourly_3 -Title: "Find hourly Amazon ElastiCache Redis Cache Hits" -Description: "Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_cachehits, - round(maximum::numeric,2) as max_cachehits, - round(average::numeric,2) as avg_cachehits, - sample_count - from - aws_elasticache_redis_metric_cache_hits_hourly - where average < 100 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml.bak b/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml.bak deleted file mode 100755 index 35fe9407e..000000000 --- a/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_elasticache_redis_metric_curr_connections_hourly_1 -Title: "List all Redis current connections metrics hourly" -Description: "Allows users to query ElastiCache Redis current connections metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_elasticache_redis_metric_curr_connections_hourly - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml.bak b/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml.bak deleted file mode 100755 index e7e27148f..000000000 --- a/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_elasticache_redis_metric_curr_connections_hourly_2 -Title: "Find ElastiCache Redis Current Hourly Connections" -Description: "Allows users to query ElastiCache Redis current connections metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_currconnections, - round(maximum::numeric,2) as max_currconnections, - round(average::numeric,2) as avg_currconnections, - sample_count - from - aws_elasticache_redis_metric_curr_connections_hourly - where average > 100 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml.bak deleted file mode 100755 index 06b8eff18..000000000 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_elasticache_redis_metric_engine_cpu_utilization_daily_1 -Title: "List all AWS ElastiCache Redis Engine CPU Utilization Metrics" -Description: "Allows users to query ElastiCache Redis Metrics and provides daily statistics for Engine CPU Utilization." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_elasticache_redis_metric_engine_cpu_utilization_daily - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml.bak deleted file mode 100755 index 602133967..000000000 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_elasticache_redis_metric_engine_cpu_utilization_daily_2 -Title: "Find ElastiCache Redis CPU Utilization Metrics Daily" -Description: "Allows users to query ElastiCache Redis Metrics and provides daily statistics for Engine CPU Utilization." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_elasticache_redis_metric_engine_cpu_utilization_daily - where average > 80 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml.bak deleted file mode 100755 index 40a95c246..000000000 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_elasticache_redis_metric_engine_cpu_utilization_daily_3 -Title: "List All AWS ElastiCache Redis Engine CPU Utilization Daily" -Description: "Allows users to query ElastiCache Redis Metrics and provides daily statistics for Engine CPU Utilization." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_elasticache_redis_metric_engine_cpu_utilization_daily - where average < 2 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml.bak deleted file mode 100755 index 8ff097a25..000000000 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1 -Title: "List hourly CPU utilization metrics for ElastiCache Redis" -Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_elasticache_redis_metric_engine_cpu_utilization_hourly - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak deleted file mode 100755 index f434919b2..000000000 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2 -Title: "List All Hourly CPU Utilization Metrics for AWS ElastiCache Redis" -Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_elasticache_redis_metric_engine_cpu_utilization_hourly - where average > 80 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak.bak deleted file mode 100755 index f434919b2..000000000 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml.bak.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2 -Title: "List All Hourly CPU Utilization Metrics for AWS ElastiCache Redis" -Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_elasticache_redis_metric_engine_cpu_utilization_hourly - where average > 80 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml.bak b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml.bak deleted file mode 100755 index 7fba6234a..000000000 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3 -Title: "List all hourly CPU utilization metrics for ElastiCache Redis" -Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_elasticache_redis_metric_engine_cpu_utilization_hourly - where average < 2 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml.bak b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml.bak deleted file mode 100755 index a4a2ad13e..000000000 --- a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_elasticache_redis_metric_get_type_cmds_hourly_1 -Title: "List all ElastiCache Redis Metrics on GET Commands Hourly" -Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis. This includes information on GET type commands executed in the selected ElastiCache Redis cluster during the last hour." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_elasticache_redis_metric_get_type_cmds_hourly - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak deleted file mode 100755 index 219a64524..000000000 --- a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_elasticache_redis_metric_get_type_cmds_hourly_2 -Title: "List ElastiCache Redis GET Commands Executed Hourly" -Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis. This includes information on GET type commands executed in the selected ElastiCache Redis cluster during the last hour." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_gettypecmds, - round(maximum::numeric,2) as max_gettypecmds, - round(average::numeric,2) as avg_gettypecmds, - round(sum::numeric,2) as sum_gettypecmds - from - aws_elasticache_redis_metric_get_type_cmds_hourly - where sum > 100 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak.bak b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak.bak deleted file mode 100755 index 219a64524..000000000 --- a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml.bak.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_elasticache_redis_metric_get_type_cmds_hourly_2 -Title: "List ElastiCache Redis GET Commands Executed Hourly" -Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis. This includes information on GET type commands executed in the selected ElastiCache Redis cluster during the last hour." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_gettypecmds, - round(maximum::numeric,2) as max_gettypecmds, - round(average::numeric,2) as avg_gettypecmds, - round(sum::numeric,2) as sum_gettypecmds - from - aws_elasticache_redis_metric_get_type_cmds_hourly - where sum > 100 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml.bak b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml.bak deleted file mode 100755 index ecd2f95d1..000000000 --- a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_elasticache_redis_metric_list_based_cmds_hourly_1 -Title: "List All ElastiCache Redis List-Based Command Metrics" -Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis, providing data on list-based commands executed in the ElastiCache Redis environment." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average, - sample_count, - sum - from - aws_elasticache_redis_metric_list_based_cmds_hourly - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml.bak b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml.bak deleted file mode 100755 index b04383ce0..000000000 --- a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_elasticache_redis_metric_list_based_cmds_hourly_2 -Title: "List All Hourly AWS ElastiCache Redis List-based Metrics" -Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis, providing data on list-based commands executed in the ElastiCache Redis environment." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_listbasedcmds, - round(maximum::numeric,2) as max_listbasedcmds, - round(average::numeric,2) as avg_listbasedcmds, - round(sum::numeric,2) as sum_listbasedcmds - from - aws_elasticache_redis_metric_list_based_cmds_hourly - where sum > 100 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml.bak b/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml.bak deleted file mode 100755 index 006225f82..000000000 --- a/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_elasticache_redis_metric_new_connections_hourly_1 -Title: "List hourly AWS ElastiCache Redis new connection metrics" -Description: "Allows users to query AWS ElastiCache Redis Metrics to get hourly data on new connections." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average - from - aws_elasticache_redis_metric_new_connections_hourly - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS ElastiCache diff --git a/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml.bak b/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml.bak deleted file mode 100755 index d7f56b5f0..000000000 --- a/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_elasticache_redis_metric_new_connections_hourly_2 -Title: "List hourly AWS ElastiCache Redis new connections" -Description: "Allows users to query AWS ElastiCache Redis Metrics to get hourly data on new connections." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_newconnections, - round(maximum::numeric,2) as max_newconnections, - round(average::numeric,2) as avg_newconnections, - round(sum::numeric,2) as sum_newconnections - from - aws_elasticache_redis_metric_new_connections_hourly - where sum > 10 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_replication_group_1.yaml.bak b/queries/aws_elasticache_replication_group_1.yaml.bak deleted file mode 100755 index 556e99955..000000000 --- a/queries/aws_elasticache_replication_group_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_elasticache_replication_group_1 -Title: "List all AWS ElastiCache Replication Groups with SQL" -Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_group_id, - description, - cache_node_type, - cluster_enabled, - auth_token_enabled, - automatic_failover - from - aws_elasticache_replication_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_replication_group_2.yaml.bak b/queries/aws_elasticache_replication_group_2.yaml.bak deleted file mode 100755 index 8e23cbb0c..000000000 --- a/queries/aws_elasticache_replication_group_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_elasticache_replication_group_2 -Title: "List AWS ElastiCache Replication Groups Configuration" -Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_group_id, - cache_node_type, - at_rest_encryption_enabled - from - aws_elasticache_replication_group - where - not at_rest_encryption_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_replication_group_2.yaml.bak.bak b/queries/aws_elasticache_replication_group_2.yaml.bak.bak deleted file mode 100755 index 8e23cbb0c..000000000 --- a/queries/aws_elasticache_replication_group_2.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_elasticache_replication_group_2 -Title: "List AWS ElastiCache Replication Groups Configuration" -Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_group_id, - cache_node_type, - at_rest_encryption_enabled - from - aws_elasticache_replication_group - where - not at_rest_encryption_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_replication_group_3.yaml.bak b/queries/aws_elasticache_replication_group_3.yaml.bak deleted file mode 100755 index 608259323..000000000 --- a/queries/aws_elasticache_replication_group_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_elasticache_replication_group_3 -Title: "Find AWS ElastiCache Replication Groups Configuration" -Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_group_id, - cache_node_type, - multi_az - from - aws_elasticache_replication_group - where - multi_az = 'disabled'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_replication_group_4.yaml.bak b/queries/aws_elasticache_replication_group_4.yaml.bak deleted file mode 100755 index 0771397df..000000000 --- a/queries/aws_elasticache_replication_group_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_elasticache_replication_group_4 -Title: "List all AWS ElastiCache Replication Groups with Config and Status" -Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_group_id, - snapshot_retention_limit, - snapshot_window, - snapshotting_cluster_id - from - aws_elasticache_replication_group - where - snapshot_retention_limit < 30; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_replication_group_5.yaml.bak b/queries/aws_elasticache_replication_group_5.yaml.bak deleted file mode 100755 index b9f9e1a41..000000000 --- a/queries/aws_elasticache_replication_group_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_elasticache_replication_group_5 -Title: "List all AWS ElastiCache Replication Groups Configurations" -Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_node_type, - count (*) - from - aws_elasticache_replication_group - group by - cache_node_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_replication_group_6.yaml.bak b/queries/aws_elasticache_replication_group_6.yaml.bak deleted file mode 100755 index 6f59018ce..000000000 --- a/queries/aws_elasticache_replication_group_6.yaml.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: aws_elasticache_replication_group_6 -Title: "Find AWS ElastiCache Replication Groups and Status" -Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_group_id, - jsonb_array_elements_text(member_clusters) as member_clusters - from - aws_elasticache_replication_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_reserved_cache_node_1.yaml.bak b/queries/aws_elasticache_reserved_cache_node_1.yaml.bak deleted file mode 100755 index 56b40965d..000000000 --- a/queries/aws_elasticache_reserved_cache_node_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_elasticache_reserved_cache_node_1 -Title: "List all AWS ElastiCache Reserved Cache Nodes details" -Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_cache_node_id, - arn, - reserved_cache_nodes_offering_id, - state, - cache_node_type - from - aws_elasticache_reserved_cache_node; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_reserved_cache_node_2.yaml.bak b/queries/aws_elasticache_reserved_cache_node_2.yaml.bak deleted file mode 100755 index 2d4c03778..000000000 --- a/queries/aws_elasticache_reserved_cache_node_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_elasticache_reserved_cache_node_2 -Title: "Find AWS ElastiCache Reserved Cache Node Details" -Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_cache_node_id, - arn, - reserved_cache_nodes_offering_id, - state, - cache_node_type - from - aws_elasticache_reserved_cache_node - where - offering_type = 'All Upfront'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_reserved_cache_node_2.yaml.bak.bak b/queries/aws_elasticache_reserved_cache_node_2.yaml.bak.bak deleted file mode 100755 index 347764347..000000000 --- a/queries/aws_elasticache_reserved_cache_node_2.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_elasticache_reserved_cache_node_2 -Title: "Find AWS ElastiCache Reserved Cache Node Details" -Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_cache_node_id, - arn, - reserved_cache_nodes_offering_id, - state, - cache_node_type - from - aws_elasticache_reserved_cache_node - where - offering_type = 'All Upfront'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_reserved_cache_node_3.yaml.bak b/queries/aws_elasticache_reserved_cache_node_3.yaml.bak deleted file mode 100755 index f85a59723..000000000 --- a/queries/aws_elasticache_reserved_cache_node_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_elasticache_reserved_cache_node_3 -Title: "List AWS ElastiCache Reserved Cache Nodes with Details" -Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_cache_node_id, - arn, - reserved_cache_nodes_offering_id, - state, - cache_node_type - from - aws_elasticache_reserved_cache_node - order by - duration desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_reserved_cache_node_4.yaml.bak b/queries/aws_elasticache_reserved_cache_node_4.yaml.bak deleted file mode 100755 index 2ba5d58ba..000000000 --- a/queries/aws_elasticache_reserved_cache_node_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_elasticache_reserved_cache_node_4 -Title: "List all AWS ElastiCache Reserved Cache Nodes" -Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_cache_node_id, - arn, - reserved_cache_nodes_offering_id, - state, - cache_node_type - from - aws_elasticache_reserved_cache_node - order by - usage_price desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_reserved_cache_node_5.yaml.bak b/queries/aws_elasticache_reserved_cache_node_5.yaml.bak deleted file mode 100755 index c0e0b1f49..000000000 --- a/queries/aws_elasticache_reserved_cache_node_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_elasticache_reserved_cache_node_5 -Title: "Find AWS ElastiCache Reserved Cache Nodes Details" -Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_cache_node_id, - arn, - reserved_cache_nodes_offering_id, - state, - cache_node_type - from - aws_elasticache_reserved_cache_node - where - state <> 'active'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_subnet_group_1.yaml.bak b/queries/aws_elasticache_subnet_group_1.yaml.bak deleted file mode 100755 index 587fd5f9e..000000000 --- a/queries/aws_elasticache_subnet_group_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_elasticache_subnet_group_1 -Title: "List all AWS ElastiCache Subnet Groups and Details" -Description: "Allows users to query AWS ElastiCache Subnet Groups, providing details about each subnet group within their ElastiCache service, including the associated VPC, subnets, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_subnet_group_name, - cache_subnet_group_description, - region, - account_id - from - aws_elasticache_subnet_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_subnet_group_2.yaml.bak b/queries/aws_elasticache_subnet_group_2.yaml.bak deleted file mode 100755 index 00edb61b2..000000000 --- a/queries/aws_elasticache_subnet_group_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_elasticache_subnet_group_2 -Title: "List all AWS ElastiCache Subnet Groups and Details" -Description: "Allows users to query AWS ElastiCache Subnet Groups, providing details about each subnet group within their ElastiCache service, including the associated VPC, subnets, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - sub -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, - sub ->> 'SubnetIdentifier' as subnet_identifier, - sub ->> 'SubnetOutpost' as subnet_outpost - from - aws_elasticache_subnet_group, - jsonb_array_elements(subnets) as sub; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticache_subnet_group_3.yaml.bak b/queries/aws_elasticache_subnet_group_3.yaml.bak deleted file mode 100755 index b56a415cf..000000000 --- a/queries/aws_elasticache_subnet_group_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_elasticache_subnet_group_3 -Title: "Find AWS ElastiCache Subnet Groups and VPC Details" -Description: "Allows users to query AWS ElastiCache Subnet Groups, providing details about each subnet group within their ElastiCache service, including the associated VPC, subnets, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.cache_cluster_id, - sg.cache_subnet_group_name, - sg.vpc_id - from - aws_elasticache_subnet_group as sg - join aws_elasticache_cluster as c on sg.cache_subnet_group_name = c.cache_subnet_group_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - ElastiCache diff --git a/queries/aws_elasticsearch_domain_1.yaml.bak b/queries/aws_elasticsearch_domain_1.yaml.bak deleted file mode 100755 index 6b04c0d64..000000000 --- a/queries/aws_elasticsearch_domain_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_elasticsearch_domain_1 -Title: "Find all AWS Elasticsearch Service Domain details using SQL" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - arn, - elasticsearch_version, - created - from - aws_elasticsearch_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_2.yaml.bak b/queries/aws_elasticsearch_domain_2.yaml.bak deleted file mode 100755 index d17c404d9..000000000 --- a/queries/aws_elasticsearch_domain_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_elasticsearch_domain_2 -Title: "List all AWS Elasticsearch Service Domains with Disabled Encryption" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - encryption_at_rest_options ->> 'Enabled' as enabled, - encryption_at_rest_options ->> 'KmsKeyId' as kms_key_id - from - aws_elasticsearch_domain - where - encryption_at_rest_options ->> 'Enabled' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_3.yaml.bak b/queries/aws_elasticsearch_domain_3.yaml.bak deleted file mode 100755 index b6f580bae..000000000 --- a/queries/aws_elasticsearch_domain_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_elasticsearch_domain_3 -Title: "List all AWS Elasticsearch Service Domains with Configuration" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - ebs_options ->> 'VolumeSize' as volume_size, - ebs_options ->> 'VolumeType' as volume_type, - ebs_options ->> 'EBSEnabled' as ebs_enabled - from - aws_elasticsearch_domain - where - ebs_options ->> 'EBSEnabled' = 'true'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_4.yaml.bak b/queries/aws_elasticsearch_domain_4.yaml.bak deleted file mode 100755 index 59753fe24..000000000 --- a/queries/aws_elasticsearch_domain_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_elasticsearch_domain_4 -Title: "List all AWS Elasticsearch Service Domains configuration" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - vpc_options ->> 'AvailabilityZones' as availability_zones, - vpc_options ->> 'SecurityGroupIds' as security_group_ids, - vpc_options ->> 'SubnetIds' as subnet_ids, - vpc_options ->> 'VPCId' as vpc_id - from - aws_elasticsearch_domain - where - vpc_options ->> 'AvailabilityZones' is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_5.yaml.bak b/queries/aws_elasticsearch_domain_5.yaml.bak deleted file mode 100755 index fdc895e54..000000000 --- a/queries/aws_elasticsearch_domain_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_elasticsearch_domain_5 -Title: "Find AWS Elasticsearch Domain Configuration and Status" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - elasticsearch_cluster_config ->> 'InstanceType' as instance_type, - elasticsearch_cluster_config ->> 'InstanceCount' as instance_count - from - aws_elasticsearch_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_6.yaml.bak b/queries/aws_elasticsearch_domain_6.yaml.bak deleted file mode 100755 index a215d0d13..000000000 --- a/queries/aws_elasticsearch_domain_6.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_elasticsearch_domain_6 -Title: "Find AWS Elasticsearch Service Domain Config and Status" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - p as principal, - a as action, - s ->> 'Effect' as effect - from - aws_elasticsearch_domain, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - p = '*' - and s ->> 'Effect' = 'Allow'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_7.yaml.bak b/queries/aws_elasticsearch_domain_7.yaml.bak deleted file mode 100755 index d079cc530..000000000 --- a/queries/aws_elasticsearch_domain_7.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_elasticsearch_domain_7 -Title: "Find AWS Elasticsearch Service Domain Details" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - log_publishing_options - from - aws_elasticsearch_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_8.yaml.bak b/queries/aws_elasticsearch_domain_8.yaml.bak deleted file mode 100755 index 1611490e5..000000000 --- a/queries/aws_elasticsearch_domain_8.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_elasticsearch_domain_8 -Title: "Find AWS Elasticsearch Service Domain Configuration" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'Enabled' as enabled, - log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'CloudWatchLogsLogGroupArn' as cloud_watch_logs_log_group_arn - from - aws_elasticsearch_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elasticsearch Service diff --git a/queries/aws_elasticsearch_domain_8.yaml.bak.bak b/queries/aws_elasticsearch_domain_8.yaml.bak.bak deleted file mode 100755 index 1611490e5..000000000 --- a/queries/aws_elasticsearch_domain_8.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_elasticsearch_domain_8 -Title: "Find AWS Elasticsearch Service Domain Configuration" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'Enabled' as enabled, - log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'CloudWatchLogsLogGroupArn' as cloud_watch_logs_log_group_arn - from - aws_elasticsearch_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Elasticsearch Service diff --git a/queries/aws_emr_block_public_access_configuration_1.yaml.bak b/queries/aws_emr_block_public_access_configuration_1.yaml.bak deleted file mode 100755 index b2b76ae3d..000000000 --- a/queries/aws_emr_block_public_access_configuration_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_emr_block_public_access_configuration_1 -Title: "Find AWS EMR Block Public Access Configuration Details" -Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - created_by_arn, - block_public_security_group_rules, - creation_date, - classification, - permitted_public_security_group_rule_ranges - from - aws_emr_block_public_access_configuration - order by - created_by_arn, - creation_date; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_block_public_access_configuration_1.yaml.bak.bak b/queries/aws_emr_block_public_access_configuration_1.yaml.bak.bak deleted file mode 100755 index b2b76ae3d..000000000 --- a/queries/aws_emr_block_public_access_configuration_1.yaml.bak.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_emr_block_public_access_configuration_1 -Title: "Find AWS EMR Block Public Access Configuration Details" -Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - created_by_arn, - block_public_security_group_rules, - creation_date, - classification, - permitted_public_security_group_rule_ranges - from - aws_emr_block_public_access_configuration - order by - created_by_arn, - creation_date; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_block_public_access_configuration_2.yaml.bak b/queries/aws_emr_block_public_access_configuration_2.yaml.bak deleted file mode 100755 index 8cb085f12..000000000 --- a/queries/aws_emr_block_public_access_configuration_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_emr_block_public_access_configuration_2 -Title: "List AWS EMR Block Public Access Configuration Details" -Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - created_by_arn, - creation_date - from - aws_emr_block_public_access_configuration - where - block_public_security_group_rules; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS EMR diff --git a/queries/aws_emr_block_public_access_configuration_3.yaml.bak b/queries/aws_emr_block_public_access_configuration_3.yaml.bak deleted file mode 100755 index b785834a3..000000000 --- a/queries/aws_emr_block_public_access_configuration_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_emr_block_public_access_configuration_3 -Title: "Find AWS EMR Block Public Access Configurations" -Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - created_by_arn, - creation_date, - rules ->> 'MaxRange' as max_range, - rules ->> 'MinRange' as min_range - from - aws_emr_block_public_access_configuration - cross join jsonb_array_elements(permitted_public_security_group_rule_ranges) as rules; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR Block Public Access Configuration diff --git a/queries/aws_emr_block_public_access_configuration_4.yaml.bak b/queries/aws_emr_block_public_access_configuration_4.yaml.bak deleted file mode 100755 index 3156dedee..000000000 --- a/queries/aws_emr_block_public_access_configuration_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_emr_block_public_access_configuration_4 -Title: "Find AWS EMR Block Public Access Configuration Details" -Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - created_by_arn, - creation_date - from - aws_emr_block_public_access_configuration - where - date_part('day', now() - creation_date) < 90; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_cluster_1.yaml.bak b/queries/aws_emr_cluster_1.yaml.bak deleted file mode 100755 index b6f5ad409..000000000 --- a/queries/aws_emr_cluster_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_emr_cluster_1 -Title: "List all AWS Elastic MapReduce Cluster data" -Description: "Allows users to query AWS Elastic MapReduce Cluster data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - cluster_arn, - name, - auto_terminate, - status ->> 'State' as state, - tags - from - aws_emr_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic MapReduce diff --git a/queries/aws_emr_cluster_2.yaml.bak b/queries/aws_emr_cluster_2.yaml.bak deleted file mode 100755 index 5b4f568c3..000000000 --- a/queries/aws_emr_cluster_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_emr_cluster_2 -Title: "Find AWS EMR Clusters That Do Not Auto-Terminate" -Description: "Allows users to query AWS Elastic MapReduce Cluster data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cluster_arn, - auto_terminate - from - aws_emr_cluster - where - not auto_terminate; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic MapReduce diff --git a/queries/aws_emr_cluster_3.yaml.bak b/queries/aws_emr_cluster_3.yaml.bak deleted file mode 100755 index f312002d0..000000000 --- a/queries/aws_emr_cluster_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_emr_cluster_3 -Title: "Find AWS Elastic MapReduce Clusters with Errors" -Description: "Allows users to query AWS Elastic MapReduce Cluster data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - status ->> 'State' as state, - status -> 'StateChangeReason' ->> 'Message' as state_change_reason - from - aws_emr_cluster - where - status ->> 'State' = 'TERMINATED_WITH_ERRORS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic MapReduce diff --git a/queries/aws_emr_cluster_4.yaml.bak b/queries/aws_emr_cluster_4.yaml.bak deleted file mode 100755 index 18f069d3d..000000000 --- a/queries/aws_emr_cluster_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_emr_cluster_4 -Title: "Find AWS Elastic MapReduce Cluster Data" -Description: "Allows users to query AWS Elastic MapReduce Cluster data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cluster_arn, - a ->> 'Name' as application_name, - a ->> 'Version' as application_version - from - aws_emr_cluster, - jsonb_array_elements(applications) as a; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic MapReduce diff --git a/queries/aws_emr_cluster_5.yaml.bak b/queries/aws_emr_cluster_5.yaml.bak deleted file mode 100755 index 8054b6850..000000000 --- a/queries/aws_emr_cluster_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_emr_cluster_5 -Title: "Find AWS Elastic MapReduce Cluster Data" -Description: "Allows users to query AWS Elastic MapReduce Cluster data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cluster_arn, - log_uri - from - aws_emr_cluster - where - log_uri is null - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic MapReduce diff --git a/queries/aws_emr_cluster_6.yaml.bak b/queries/aws_emr_cluster_6.yaml.bak deleted file mode 100755 index 3ba362b20..000000000 --- a/queries/aws_emr_cluster_6.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_emr_cluster_6 -Title: "Find AWS EMR Cluster Data with Specific Log URIs" -Description: "Allows users to query AWS Elastic MapReduce Cluster data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cluster_arn, - log_uri, - log_encryption_kms_key_id - from - aws_emr_cluster - where - log_uri is not null and log_encryption_kms_key_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Elastic MapReduce diff --git a/queries/aws_emr_cluster_metric_is_idle_1.yaml.bak b/queries/aws_emr_cluster_metric_is_idle_1.yaml.bak deleted file mode 100755 index 97f69c560..000000000 --- a/queries/aws_emr_cluster_metric_is_idle_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_emr_cluster_metric_is_idle_1 -Title: "Find Idle Status of AWS EMR Cluster Metrics" -Description: "Allows users to query AWS EMR Cluster Metrics to determine if a cluster is idle." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_emr_cluster_metric_is_idle - order by - id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_instance_1.yaml.bak b/queries/aws_emr_instance_1.yaml.bak deleted file mode 100755 index df8450fa5..000000000 --- a/queries/aws_emr_instance_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_emr_instance_1 -Title: "Find all AWS EMR Instances for status and configuration" -Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - cluster_id, - ec2_instance_id, - instance_type, - private_dns_name, - private_ip_address - from - aws_emr_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_instance_2.yaml.bak b/queries/aws_emr_instance_2.yaml.bak deleted file mode 100755 index 1a8dc0c7e..000000000 --- a/queries/aws_emr_instance_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_emr_instance_2 -Title: "Find detailed AWS EMR Instances status and configuration" -Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - ec2_instance_id, - instance_type - from - aws_emr_instance - where - instance_type = 'm2.4xlarge'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_instance_3.yaml.bak b/queries/aws_emr_instance_3.yaml.bak deleted file mode 100755 index 8baadd16d..000000000 --- a/queries/aws_emr_instance_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_emr_instance_3 -Title: "Find all AWS EMR Instances with Detailed Information" -Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - ec2_instance_id, - instance_type - from - aws_emr_instance - where - cluster_id = 'j-21HIX5R2NZMXJ'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_instance_4.yaml.bak b/queries/aws_emr_instance_4.yaml.bak deleted file mode 100755 index 5010667a5..000000000 --- a/queries/aws_emr_instance_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_emr_instance_4 -Title: "Query AWS EMR Instances and Detailed Metadata" -Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - ec2_instance_id, - instance_type, - v -> 'Device' as device, - v -> 'VolumeId' as volume_id - from - aws_emr_instance, - jsonb_array_elements(ebs_volumes) as v - where - ei.id = 'ci-ULCFS2ZN0FK7'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_instance_fleet_1.yaml.bak b/queries/aws_emr_instance_fleet_1.yaml.bak deleted file mode 100755 index eae03d5d8..000000000 --- a/queries/aws_emr_instance_fleet_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_emr_instance_fleet_1 -Title: "List all AWS EMR Instance Fleets with Configuration Details" -Description: "Allows users to query AWS EMR Instance Fleets to obtain detailed information about each instance fleet, including its configuration, instance type specifications, target capacities, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - cluster_id, - instance_fleet_type, - state - from - aws_emr_instance_fleet; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_instance_fleet_2.yaml.bak b/queries/aws_emr_instance_fleet_2.yaml.bak deleted file mode 100755 index 75cb5c9ac..000000000 --- a/queries/aws_emr_instance_fleet_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_emr_instance_fleet_2 -Title: "List all AWS EMR Instance Fleets with Configuration Details" -Description: "Allows users to query AWS EMR Instance Fleets to obtain detailed information about each instance fleet, including its configuration, instance type specifications, target capacities, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_id, - c.name as cluster_name, - c.state as cluster_state - from - aws_emr_instance_fleet as f, - aws_emr_cluster as c - where - f.cluster_id = c.id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_instance_fleet_3.yaml.bak b/queries/aws_emr_instance_fleet_3.yaml.bak deleted file mode 100755 index 394937d52..000000000 --- a/queries/aws_emr_instance_fleet_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_emr_instance_fleet_3 -Title: "List all AWS EMR Instance Fleets and Their Capabilities" -Description: "Allows users to query AWS EMR Instance Fleets to obtain detailed information about each instance fleet, including its configuration, instance type specifications, target capacities, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_id, - provisioned_on_demand_capacity, - target_on_demand_capacity - from - aws_emr_instance_fleet; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR Instance Fleet diff --git a/queries/aws_emr_instance_group_1.yaml.bak b/queries/aws_emr_instance_group_1.yaml.bak deleted file mode 100755 index 6ea8b11cd..000000000 --- a/queries/aws_emr_instance_group_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_emr_instance_group_1 -Title: "Find AWS EMR Instance Groups within a Cluster" -Description: "Allows users to query AWS EMR Instance Groups to fetch details about each instance group within an EMR cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - cluster_id, - instance_group_type, - state - from - aws_emr_instance_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_instance_group_2.yaml.bak b/queries/aws_emr_instance_group_2.yaml.bak deleted file mode 100755 index 0a955f818..000000000 --- a/queries/aws_emr_instance_group_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_emr_instance_group_2 -Title: "List AWS EMR instance groups within clusters" -Description: "Allows users to query AWS EMR Instance Groups to fetch details about each instance group within an EMR cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - ig.id as instance_group_id, - ig.cluster_id, - c.name as cluster_name, - ig.instance_type - from - aws_emr_instance_group as ig, - aws_emr_cluster as c - where - ig.cluster_id = c.id - and ig.instance_group_type = 'MASTER'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_instance_group_3.yaml.bak b/queries/aws_emr_instance_group_3.yaml.bak deleted file mode 100755 index 73920423e..000000000 --- a/queries/aws_emr_instance_group_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_emr_instance_group_3 -Title: "List All AWS EMR Instance Groups and Running Instances" -Description: "Allows users to query AWS EMR Instance Groups to fetch details about each instance group within an EMR cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_id, - sum(running_instance_count) as running_instance_count - from - aws_emr_instance_group - where - state = 'RUNNING' - group by cluster_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS EMR diff --git a/queries/aws_emr_security_configuration_1.yaml.bak b/queries/aws_emr_security_configuration_1.yaml.bak deleted file mode 100755 index 7290baf08..000000000 --- a/queries/aws_emr_security_configuration_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_emr_security_configuration_1 -Title: "Find AWS EMR Security Configurations Details" -Description: "Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. This table provides information about security settings and configurations that can be applied to EMR clusters, managing encryption, authentication, and authorization. These configurations are crucial for ensuring the secure handling of data, protecting sensitive information, and complying with various data security standards and regulations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - creation_date_time, - encryption_configuration, - instance_metadata_service_configuration, - security_configuration - from - aws_emr_security_configuration; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_security_configuration_2.yaml.bak b/queries/aws_emr_security_configuration_2.yaml.bak deleted file mode 100755 index 9018a0cd1..000000000 --- a/queries/aws_emr_security_configuration_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_emr_security_configuration_2 -Title: "List EMR Security Configs from Last 30 Days" -Description: "Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. This table provides information about security settings and configurations that can be applied to EMR clusters, managing encryption, authentication, and authorization. These configurations are crucial for ensuring the secure handling of data, protecting sensitive information, and complying with various data security standards and regulations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - creation_date_time, - security_configuration - from - aws_emr_security_configuration - where - creation_date_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_emr_security_configuration_3.yaml.bak b/queries/aws_emr_security_configuration_3.yaml.bak deleted file mode 100755 index fdad48e53..000000000 --- a/queries/aws_emr_security_configuration_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_emr_security_configuration_3 -Title: "List all AWS EMR Security Configurations using SQL" -Description: "Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. This table provides information about security settings and configurations that can be applied to EMR clusters, managing encryption, authentication, and authorization. These configurations are crucial for ensuring the secure handling of data, protecting sensitive information, and complying with various data security standards and regulations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - creation_date_time, - encryption_configuration -> 'AtRestEncryptionConfiguration' -> 'LocalDiskEncryptionConfiguration' ->> 'AwsKmsKey' as aws_kms_key, - encryption_configuration -> 'AtRestEncryptionConfiguration' -> 'LocalDiskEncryptionConfiguration' ->> 'EnableEbsEncryption' as enable_ebs_encryption, - encryption_configuration -> 'AtRestEncryptionConfiguration' -> 'LocalDiskEncryptionConfiguration' ->> 'EncryptionKeyProviderType' as encryption_key_provider_type, - encryption_configuration -> 'S3EncryptionConfiguration' as s3_encryption_configuration, - encryption_configuration ->> 'EnableAtRestEncryption' as enable_at_rest_encryption, - encryption_configuration ->> 'EnableInTransitEncryption' as enable_in_transit_encryption, - encryption_configuration -> 'InTransitEncryptionConfiguration' as in_transit_encryption_configuration - from - aws_emr_security_configuration; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - EMR diff --git a/queries/aws_eventbridge_bus_1.yaml.bak b/queries/aws_eventbridge_bus_1.yaml.bak deleted file mode 100755 index 2278218d2..000000000 --- a/queries/aws_eventbridge_bus_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_eventbridge_bus_1 -Title: "Find all AWS EventBridge Buses and their Details" -Description: "Allows users to query AWS EventBridge Buses for detailed information about each bus, including its name, ARN, policy, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_eventbridge_bus; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EventBridge diff --git a/queries/aws_eventbridge_rule_1.yaml.bak b/queries/aws_eventbridge_rule_1.yaml.bak deleted file mode 100755 index 5c13947d2..000000000 --- a/queries/aws_eventbridge_rule_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_eventbridge_rule_1 -Title: "Find EventBridge Rule Information in AWS Account" -Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - state, - created_by, - event_bus_name - from - aws_eventbridge_rule; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EventBridge diff --git a/queries/aws_eventbridge_rule_2.yaml.bak b/queries/aws_eventbridge_rule_2.yaml.bak deleted file mode 100755 index 52194dd0b..000000000 --- a/queries/aws_eventbridge_rule_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_eventbridge_rule_2 -Title: "Find all AWS EventBridge Rules not enabled" -Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - state, - created_by - from - aws_eventbridge_rule - where - state != 'ENABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EventBridge diff --git a/queries/aws_eventbridge_rule_2.yaml.bak.bak b/queries/aws_eventbridge_rule_2.yaml.bak.bak deleted file mode 100755 index 2a370abd3..000000000 --- a/queries/aws_eventbridge_rule_2.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_eventbridge_rule_2 -Title: "Find all AWS EventBridge Rules not enabled" -Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - state, - created_by - from - aws_eventbridge_rule - where - state != 'ENABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EventBridge diff --git a/queries/aws_eventbridge_rule_3.yaml.bak b/queries/aws_eventbridge_rule_3.yaml.bak deleted file mode 100755 index 9cc6db0be..000000000 --- a/queries/aws_eventbridge_rule_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_eventbridge_rule_3 -Title: "Find AWS EventBridge Rules using SQL" -Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cd ->> 'Id' as target_id, - cd ->> 'Arn' as target_arn, - cd ->> 'RoleArn' as role_arn - from - aws_eventbridge_rule, - jsonb_array_elements(targets) as cd; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - EventBridge diff --git a/queries/aws_fms_app_list_1.yaml.bak b/queries/aws_fms_app_list_1.yaml.bak deleted file mode 100755 index 808f3691b..000000000 --- a/queries/aws_fms_app_list_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_fms_app_list_1 -Title: "Find AWS Firewall Manager Application Details" -Description: "Allows users to query AWS Firewall Manager Applications to obtain comprehensive details about each application, including application ID, protocol, source and destination IP ranges, and source and destination ports." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - list_name, - list_id, - arn, - create_time - from - aws_fms_app_list; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Firewall Manager diff --git a/queries/aws_fms_app_list_2.yaml.bak b/queries/aws_fms_app_list_2.yaml.bak deleted file mode 100755 index ce2d93e1e..000000000 --- a/queries/aws_fms_app_list_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_fms_app_list_2 -Title: "Find AWS Firewall Manager Application Details in Last 30 Days" -Description: "Allows users to query AWS Firewall Manager Applications to obtain comprehensive details about each application, including application ID, protocol, source and destination IP ranges, and source and destination ports." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - list_name, - list_id, - arn, - create_time - from - aws_fms_app_list - where - create_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Firewall Manager diff --git a/queries/aws_fms_app_list_3.yaml.bak b/queries/aws_fms_app_list_3.yaml.bak deleted file mode 100755 index 7176843a6..000000000 --- a/queries/aws_fms_app_list_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_fms_app_list_3 -Title: "Query AWS Firewall Manager Applications with Details" -Description: "Allows users to query AWS Firewall Manager Applications to obtain comprehensive details about each application, including application ID, protocol, source and destination IP ranges, and source and destination ports." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - list_name, - list_id, - a ->> 'AppName' as app_name, - a ->> 'Port' as port, - a ->> 'Protocol' as protocol - from - aws_fms_app_list, - jsonb_array_elements(apps_list -> 'AppsList') as a; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Firewall Manager diff --git a/queries/aws_fms_policy_1.yaml.bak b/queries/aws_fms_policy_1.yaml.bak deleted file mode 100755 index d6d6b5898..000000000 --- a/queries/aws_fms_policy_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_fms_policy_1 -Title: "List All AWS Firewall Manager Policy Details" -Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_name, - policy_id, - arn, - policy_description, - resource_type - from - aws_fms_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Firewall Manager diff --git a/queries/aws_fms_policy_2.yaml.bak b/queries/aws_fms_policy_2.yaml.bak deleted file mode 100755 index a8e7778b6..000000000 --- a/queries/aws_fms_policy_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_fms_policy_2 -Title: "Find AWS Firewall Manager Policies with SQL" -Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_name, - policy_id, - arn, - policy_description, - resource_type, - remediation_enabled - from - aws_fms_policy - where - remediation_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Firewall Manager diff --git a/queries/aws_fms_policy_3.yaml.bak b/queries/aws_fms_policy_3.yaml.bak deleted file mode 100755 index 39d2a812a..000000000 --- a/queries/aws_fms_policy_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_fms_policy_3 -Title: "List all AWS Firewall Manager Policies and Details" -Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_name, - resource_type, - count(policy_id) as policy_applied - from - aws_fms_policy - group by - policy_name, - resource_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Firewall Manager diff --git a/queries/aws_fms_policy_4.yaml.bak b/queries/aws_fms_policy_4.yaml.bak deleted file mode 100755 index 3e85bf785..000000000 --- a/queries/aws_fms_policy_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_fms_policy_4 -Title: "List AWS Firewall Manager (FMS) Policies Details" -Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_name, - policy_id, - policy_status - from - aws_fms_policy - where - policy_status <> 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Firewall Manager diff --git a/queries/aws_fsx_file_system_1.yaml.bak b/queries/aws_fsx_file_system_1.yaml.bak deleted file mode 100755 index 5cb5e8bbd..000000000 --- a/queries/aws_fsx_file_system_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_fsx_file_system_1 -Title: "List AWS FSx File Systems details including lifecycle" -Description: "Allows users to query AWS FSx File Systems to gather information about the file system''s details, including its lifecycle, type, storage capacity, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - file_system_id, - arn, - dns_name, - owner_id, - creation_time, - lifecycle, - storage_capacity - from - aws_fsx_file_system; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - FSx diff --git a/queries/aws_fsx_file_system_2.yaml.bak b/queries/aws_fsx_file_system_2.yaml.bak deleted file mode 100755 index c0fe40c8d..000000000 --- a/queries/aws_fsx_file_system_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_fsx_file_system_2 -Title: "List AWS FSx File Systems and Details" -Description: "Allows users to query AWS FSx File Systems to gather information about the file system''s details, including its lifecycle, type, storage capacity, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - file_system_id, - kms_key_id, - region - from - aws_fsx_file_system - where - kms_key_id is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - FSx diff --git a/queries/aws_glacier_vault_1.yaml.bak b/queries/aws_glacier_vault_1.yaml.bak deleted file mode 100755 index c7f84c401..000000000 --- a/queries/aws_glacier_vault_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_glacier_vault_1 -Title: "List all AWS Glacier Vault details with SQL Query" -Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vault_name, - creation_date, - last_inventory_date, - number_of_archives, - size_in_bytes - from - aws_glacier_vault; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Glacier diff --git a/queries/aws_glacier_vault_2.yaml.bak b/queries/aws_glacier_vault_2.yaml.bak deleted file mode 100755 index cc555bacd..000000000 --- a/queries/aws_glacier_vault_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_glacier_vault_2 -Title: "Find all AWS Glacier Vaults and Detailed Information" -Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_glacier_vault, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and a in ('*', 'glacier:*'); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glacier diff --git a/queries/aws_glacier_vault_2.yaml.bak.bak b/queries/aws_glacier_vault_2.yaml.bak.bak deleted file mode 100755 index cc555bacd..000000000 --- a/queries/aws_glacier_vault_2.yaml.bak.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_glacier_vault_2 -Title: "Find all AWS Glacier Vaults and Detailed Information" -Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_glacier_vault, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and a in ('*', 'glacier:*'); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glacier diff --git a/queries/aws_glacier_vault_3.yaml.bak b/queries/aws_glacier_vault_3.yaml.bak deleted file mode 100755 index e271dda30..000000000 --- a/queries/aws_glacier_vault_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_glacier_vault_3 -Title: "List AWS Glacier Vaults with Detailed Information" -Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_glacier_vault, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - p = '*' - and s ->> 'Effect' = 'Allow'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Glacier diff --git a/queries/aws_glacier_vault_4.yaml.bak b/queries/aws_glacier_vault_4.yaml.bak deleted file mode 100755 index 126c51e94..000000000 --- a/queries/aws_glacier_vault_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_glacier_vault_4 -Title: "Find AWS Glacier Vault Details including Name, ARN, and Archives" -Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' -> 'NumericLessThan' ->> 'glacier:archiveageindays' as archive_age_in_days - from - aws_glacier_vault, - jsonb_array_elements(vault_lock_policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Action') as a; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glacier diff --git a/queries/aws_glacier_vault_5.yaml.bak b/queries/aws_glacier_vault_5.yaml.bak deleted file mode 100755 index 326d927dd..000000000 --- a/queries/aws_glacier_vault_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_glacier_vault_5 -Title: "List all AWS Glacier Vaults for Detailed Information" -Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vault_name, - tags - from - aws_glacier_vault - where - not tags :: JSONB ? 'owner'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Glacier diff --git a/queries/aws_glacier_vault_6.yaml.bak b/queries/aws_glacier_vault_6.yaml.bak deleted file mode 100755 index 721dc2350..000000000 --- a/queries/aws_glacier_vault_6.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_glacier_vault_6 -Title: "Find all AWS Glacier Vaults and Notification Configs" -Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vault_name, - vault_notification_config ->> 'SNSTopic' as sns_topic, - vault_notification_config ->> 'Events' as notification_events - from - aws_glacier_vault - where - vault_notification_config is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Glacier diff --git a/queries/aws_globalaccelerator_accelerator_1.yaml.bak b/queries/aws_globalaccelerator_accelerator_1.yaml.bak deleted file mode 100755 index 1c53f29fb..000000000 --- a/queries/aws_globalaccelerator_accelerator_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_globalaccelerator_accelerator_1 -Title: "Find all AWS Global Accelerator Accelerators" -Description: "Allows users to query AWS Global Accelerator''s accelerators." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - dns_name, - enabled, - ip_address_type, - last_modified_time, - status - from - aws_globalaccelerator_accelerator; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Global Accelerator diff --git a/queries/aws_globalaccelerator_accelerator_2.yaml.bak b/queries/aws_globalaccelerator_accelerator_2.yaml.bak deleted file mode 100755 index 9caa3ad62..000000000 --- a/queries/aws_globalaccelerator_accelerator_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_globalaccelerator_accelerator_2 -Title: "Find all AWS Global Accelerator accelerators" -Description: "Allows users to query AWS Global Accelerator''s accelerators." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - dns_name, - enabled, - ip_address_type, - last_modified_time, - status, - anycast_ip - from - aws_globalaccelerator_accelerator, - jsonb_array_elements(ip_sets -> 0 -> 'IpAddresses') as anycast_ip; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Global Accelerator diff --git a/queries/aws_globalaccelerator_accelerator_3.yaml.bak b/queries/aws_globalaccelerator_accelerator_3.yaml.bak deleted file mode 100755 index 144b9033f..000000000 --- a/queries/aws_globalaccelerator_accelerator_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_globalaccelerator_accelerator_3 -Title: "Find AWS Global Accelerator's Accelerators" -Description: "Allows users to query AWS Global Accelerator''s accelerators." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - tags - from - aws_globalaccelerator_accelerator - where - not tags::JSONB ? 'owner'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Global Accelerator diff --git a/queries/aws_globalaccelerator_endpoint_group_1.yaml.bak b/queries/aws_globalaccelerator_endpoint_group_1.yaml.bak deleted file mode 100755 index af55b1403..000000000 --- a/queries/aws_globalaccelerator_endpoint_group_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_globalaccelerator_endpoint_group_1 -Title: "List AWS Global Accelerator Endpoint Groups Configuration" -Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - endpoint_descriptions, - endpoint_group_region, - traffic_dial_percentage, - port_overrides, - health_check_interval_seconds, - health_check_path, - health_check_port, - health_check_protocol, - threshold_count - from - aws_globalaccelerator_endpoint_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Global Accelerator diff --git a/queries/aws_globalaccelerator_endpoint_group_2.yaml.bak b/queries/aws_globalaccelerator_endpoint_group_2.yaml.bak deleted file mode 100755 index e062af54d..000000000 --- a/queries/aws_globalaccelerator_endpoint_group_2.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_globalaccelerator_endpoint_group_2 -Title: "List all AWS Global Accelerator Endpoint Groups" -Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - endpoint_descriptions, - endpoint_group_region, - traffic_dial_percentage, - port_overrides, - health_check_interval_seconds, - health_check_path, - health_check_port, - health_check_protocol, - threshold_count - from - aws_globalaccelerator_endpoint_group - where - listener_arn = 'arn:aws:globalaccelerator::012345678901:accelerator/1234abcd-abcd-1234-abcd-1234abcdefgh/listener/abcdef1234'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Global Accelerator diff --git a/queries/aws_globalaccelerator_endpoint_group_3.yaml.bak b/queries/aws_globalaccelerator_endpoint_group_3.yaml.bak deleted file mode 100755 index 13b4d5bd7..000000000 --- a/queries/aws_globalaccelerator_endpoint_group_3.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_globalaccelerator_endpoint_group_3 -Title: "Find AWS Global Accelerator Endpoint Groups Configuration" -Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.name as accelerator_name, - l.client_affinity as listener_client_affinity, - l.port_ranges as listener_port_ranges, - l.protocol as listener_protocol, - eg.endpoint_descriptions, - eg.endpoint_group_region, - eg.traffic_dial_percentage, - eg.port_overrides, - eg.health_check_interval_seconds, - eg.health_check_path, - eg.health_check_port, - eg.health_check_protocol, - eg.threshold_count - from - aws_globalaccelerator_accelerator a, - aws_globalaccelerator_listener l, - aws_globalaccelerator_endpoint_group eg - where - eg.listener_arn = l.arn - and l.accelerator_arn = a.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Global Accelerator diff --git a/queries/aws_globalaccelerator_endpoint_group_3.yaml.bak.bak b/queries/aws_globalaccelerator_endpoint_group_3.yaml.bak.bak deleted file mode 100755 index 13b4d5bd7..000000000 --- a/queries/aws_globalaccelerator_endpoint_group_3.yaml.bak.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_globalaccelerator_endpoint_group_3 -Title: "Find AWS Global Accelerator Endpoint Groups Configuration" -Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.name as accelerator_name, - l.client_affinity as listener_client_affinity, - l.port_ranges as listener_port_ranges, - l.protocol as listener_protocol, - eg.endpoint_descriptions, - eg.endpoint_group_region, - eg.traffic_dial_percentage, - eg.port_overrides, - eg.health_check_interval_seconds, - eg.health_check_path, - eg.health_check_port, - eg.health_check_protocol, - eg.threshold_count - from - aws_globalaccelerator_accelerator a, - aws_globalaccelerator_listener l, - aws_globalaccelerator_endpoint_group eg - where - eg.listener_arn = l.arn - and l.accelerator_arn = a.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Global Accelerator diff --git a/queries/aws_globalaccelerator_listener_1.yaml.bak b/queries/aws_globalaccelerator_listener_1.yaml.bak deleted file mode 100755 index bda315832..000000000 --- a/queries/aws_globalaccelerator_listener_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_globalaccelerator_listener_1 -Title: "List all AWS Global Accelerator Listener details" -Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - client_affinity, - port_ranges, - protocol - from - aws_globalaccelerator_listener; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Global Accelerator diff --git a/queries/aws_globalaccelerator_listener_2.yaml.bak b/queries/aws_globalaccelerator_listener_2.yaml.bak deleted file mode 100755 index 3dbcc1235..000000000 --- a/queries/aws_globalaccelerator_listener_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_globalaccelerator_listener_2 -Title: "Find AWS Global Accelerator Listener Details" -Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - client_affinity, - port_ranges, - protocol - from - aws_globalaccelerator_listener - where - accelerator_arn = 'arn:aws:globalaccelerator::012345678901:accelerator/1234abcd'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Global Accelerator diff --git a/queries/aws_globalaccelerator_listener_3.yaml.bak b/queries/aws_globalaccelerator_listener_3.yaml.bak deleted file mode 100755 index ddc412070..000000000 --- a/queries/aws_globalaccelerator_listener_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_globalaccelerator_listener_3 -Title: "Find AWS Global Accelerator Listener Details" -Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.name as accelerator_name, - a.status as accelerator_status, - l.title as listener_title, - l.client_affinity as listener_client_affinity, - l.port_ranges as listener_port_ranges, - l.protocol as listener_protocol - from - aws_globalaccelerator_accelerator a, - aws_globalaccelerator_listener l - where - l.accelerator_arn = a.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Global Accelerator diff --git a/queries/aws_globalaccelerator_listener_4.yaml.bak b/queries/aws_globalaccelerator_listener_4.yaml.bak deleted file mode 100755 index 4ad879ddf..000000000 --- a/queries/aws_globalaccelerator_listener_4.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_globalaccelerator_listener_4 -Title: "List all AWS Global Accelerator Listener including details" -Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.name as accelerator_name, - a.status as accelerator_status, - l.protocol, - port_range -> 'FromPort' as from_port, - port_range -> 'ToPort' as to_port - from - aws_globalaccelerator_accelerator a, - aws_globalaccelerator_listener l, - jsonb_array_elements(l.port_ranges) as port_range - where - l.accelerator_arn = a.arn - and l.protocol = 'TCP' - and (port_range -> 'FromPort')::int <= 443 - and (port_range -> 'ToPort')::int >= 443; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Global Accelerator diff --git a/queries/aws_glue_catalog_database_1.yaml.bak b/queries/aws_glue_catalog_database_1.yaml.bak deleted file mode 100755 index 998b112fd..000000000 --- a/queries/aws_glue_catalog_database_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_glue_catalog_database_1 -Title: "List All AWS Glue Catalog Databases with Details" -Description: "Allows users to query AWS Glue Databases for detailed information about their Glue Catalog Databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - catalog_id, - create_time, - description, - location_uri, - create_table_default_permissions - from - aws_glue_catalog_database; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_catalog_database_2.yaml.bak b/queries/aws_glue_catalog_database_2.yaml.bak deleted file mode 100755 index 22e83d27f..000000000 --- a/queries/aws_glue_catalog_database_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_glue_catalog_database_2 -Title: "Find all AWS Glue Databases with Catalog Info" -Description: "Allows users to query AWS Glue Databases for detailed information about their Glue Catalog Databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - catalog_id, - count(name) as database_count - from - aws_glue_catalog_database - group by - catalog_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_catalog_table_1.yaml.bak b/queries/aws_glue_catalog_table_1.yaml.bak deleted file mode 100755 index 17012ef56..000000000 --- a/queries/aws_glue_catalog_table_1.yaml.bak +++ /dev/null @@ -1,20 +0,0 @@ -ID: aws_glue_catalog_table_1 -Title: "Find AWS Glue Catalog Table Metadata" -Description: "Allows users to query AWS Glue Catalog Tables for a comprehensive overview of table metadata, including table names, database names, owner information, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - catalog_id, - create_time, - description, - database_name - from - aws_glue_catalog_table; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: {} diff --git a/queries/aws_glue_catalog_table_2.yaml.bak b/queries/aws_glue_catalog_table_2.yaml.bak deleted file mode 100755 index cd6f972ee..000000000 --- a/queries/aws_glue_catalog_table_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_glue_catalog_table_2 -Title: "List all AWS Glue Catalog Tables and Metadata" -Description: "Allows users to query AWS Glue Catalog Tables for a comprehensive overview of table metadata, including table names, database names, owner information, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - catalog_id, - count(name) as table_count - from - aws_glue_catalog_table - group by - catalog_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue Catalog diff --git a/queries/aws_glue_catalog_table_3.yaml.bak b/queries/aws_glue_catalog_table_3.yaml.bak deleted file mode 100755 index 57b9b5ece..000000000 --- a/queries/aws_glue_catalog_table_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_glue_catalog_table_3 -Title: "List all AWS Glue Catalog Tables with metadata" -Description: "Allows users to query AWS Glue Catalog Tables for a comprehensive overview of table metadata, including table names, database names, owner information, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - catalog_id, - create_time, - description, - retention - from - aws_glue_catalog_table - where - retention < 30; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_connection_1.yaml.bak b/queries/aws_glue_connection_1.yaml.bak deleted file mode 100755 index c57c2e183..000000000 --- a/queries/aws_glue_connection_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_glue_connection_1 -Title: "List all AWS Glue Connections with Details" -Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - connection_type, - creation_time, - description, - region - from - aws_glue_connection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_connection_2.yaml.bak b/queries/aws_glue_connection_2.yaml.bak deleted file mode 100755 index aaeb648a3..000000000 --- a/queries/aws_glue_connection_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_glue_connection_2 -Title: "List all SQL Queryable AWS Glue Connections" -Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - connection_type, - connection_properties ->> 'JDBC_CONNECTION_URL' as connection_url, - connection_properties ->> 'JDBC_ENFORCE_SSL' as ssl_enabled, - creation_time - from - aws_glue_connection - where - connection_type = 'JDBC'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_connection_3.yaml.bak b/queries/aws_glue_connection_3.yaml.bak deleted file mode 100755 index 6e6c3099a..000000000 --- a/queries/aws_glue_connection_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_glue_connection_3 -Title: "List all AWS Glue Connections with JDBC not enforcing SSL" -Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - connection_type, - connection_properties ->> 'CONNECTION_URL' as connection_url, - connection_properties ->> 'JDBC_ENFORCE_SSL' as ssl_enabled, - creation_time - from - aws_glue_connection - where - connection_type = 'JDBC' - and connection_properties ->> 'JDBC_ENFORCE_SSL' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_connection_3.yaml.bak.bak b/queries/aws_glue_connection_3.yaml.bak.bak deleted file mode 100755 index 6e6c3099a..000000000 --- a/queries/aws_glue_connection_3.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_glue_connection_3 -Title: "List all AWS Glue Connections with JDBC not enforcing SSL" -Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - connection_type, - connection_properties ->> 'CONNECTION_URL' as connection_url, - connection_properties ->> 'JDBC_ENFORCE_SSL' as ssl_enabled, - creation_time - from - aws_glue_connection - where - connection_type = 'JDBC' - and connection_properties ->> 'JDBC_ENFORCE_SSL' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_connection_4.yaml.bak b/queries/aws_glue_connection_4.yaml.bak deleted file mode 100755 index a525fc401..000000000 --- a/queries/aws_glue_connection_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_glue_connection_4 -Title: "Find AWS Glue Connections Details" -Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.name as connection_name, - s.vpc_id as vpc_id, - s.title as subnet_name, - physical_connection_requirements ->> 'SubnetId' as subnet_id, - physical_connection_requirements ->> 'AvailabilityZone' as availability_zone, - cidr_block, - physical_connection_requirements ->> 'SecurityGroupIdList' as security_group_ids - from - aws_glue_connection c - join aws_vpc_subnet s on physical_connection_requirements ->> 'SubnetId' = s.subnet_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_crawler_1.yaml.bak b/queries/aws_glue_crawler_1.yaml.bak deleted file mode 100755 index c2c962a34..000000000 --- a/queries/aws_glue_crawler_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_glue_crawler_1 -Title: "List all AWS Glue Crawlers and Their Essential Information" -Description: "Allows users to query AWS Glue Crawlers and retrieve essential information about the crawler''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - state, - database_name, - creation_time, - description, - recrawl_behavior - from - aws_glue_crawler; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_crawler_2.yaml.bak b/queries/aws_glue_crawler_2.yaml.bak deleted file mode 100755 index 9eb7ec041..000000000 --- a/queries/aws_glue_crawler_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_glue_crawler_2 -Title: "List all AWS Glue Crawlers and Retrieve their Metadata" -Description: "Allows users to query AWS Glue Crawlers and retrieve essential information about the crawler''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - state, - database_name, - creation_time, - description, - recrawl_behavior - from - aws_glue_crawler - where - state = 'RUNNING'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_data_catalog_encryption_settings_1.yaml.bak b/queries/aws_glue_data_catalog_encryption_settings_1.yaml.bak deleted file mode 100755 index c491781a4..000000000 --- a/queries/aws_glue_data_catalog_encryption_settings_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_glue_data_catalog_encryption_settings_1 -Title: "Find AWS Glue Data Catalog Encryption Settings" -Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - encryption_at_rest, - connection_password_encryption, - region, - account_id - from - aws_glue_data_catalog_encryption_settings; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_data_catalog_encryption_settings_2.yaml.bak b/queries/aws_glue_data_catalog_encryption_settings_2.yaml.bak deleted file mode 100755 index 611537cd4..000000000 --- a/queries/aws_glue_data_catalog_encryption_settings_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_glue_data_catalog_encryption_settings_2 -Title: "Find AWS Glue Data Catalog Encryption Settings" -Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - encryption_at_rest, - connection_password_encryption, - region, - account_id - from - aws_glue_data_catalog_encryption_settings - where - encryption_at_rest ->> 'CatalogEncryptionMode' = 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue Data Catalog diff --git a/queries/aws_glue_data_catalog_encryption_settings_3.yaml.bak b/queries/aws_glue_data_catalog_encryption_settings_3.yaml.bak deleted file mode 100755 index 50043d01b..000000000 --- a/queries/aws_glue_data_catalog_encryption_settings_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_glue_data_catalog_encryption_settings_3 -Title: "List all AWS Glue Data Catalog Encryption Settings" -Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - encryption_at_rest, - connection_password_encryption, - region, - account_id - from - aws_glue_data_catalog_encryption_settings - where - connection_password_encryption ->> 'ReturnConnectionPasswordEncrypted' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue Data Catalog diff --git a/queries/aws_glue_data_catalog_encryption_settings_4.yaml.bak b/queries/aws_glue_data_catalog_encryption_settings_4.yaml.bak deleted file mode 100755 index 523e28db8..000000000 --- a/queries/aws_glue_data_catalog_encryption_settings_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_glue_data_catalog_encryption_settings_4 -Title: "Query AWS Glue Data Catalog Encryption Settings" -Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - encryption_at_rest ->> 'SseAwsKmsKeyId' as key_arn, - k.key_manager as key_manager, - k.creation_date as key_creation_date, - s.region, - s.account_id - from - aws_glue_data_catalog_encryption_settings s - join aws_kms_key k on s.encryption_at_rest ->> 'SseAwsKmsKeyId' = k.arn - and s.region = k.region; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue Data Catalog diff --git a/queries/aws_glue_data_catalog_encryption_settings_5.yaml.bak b/queries/aws_glue_data_catalog_encryption_settings_5.yaml.bak deleted file mode 100755 index 815b1250f..000000000 --- a/queries/aws_glue_data_catalog_encryption_settings_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_glue_data_catalog_encryption_settings_5 -Title: "Find AWS Glue Data Catalog Encryption Settings" -Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - connection_password_encryption ->> 'AwsKmsKeyId' as key_arn, - k.key_manager as key_manager, - k.creation_date as key_creation_date, - s.region, - s.account_id - from - aws_glue_data_catalog_encryption_settings s - join aws_kms_key k on s.connection_password_encryption ->> 'AwsKmsKeyId' = k.arn - and s.region = k.region; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_data_quality_ruleset_1.yaml.bak b/queries/aws_glue_data_quality_ruleset_1.yaml.bak deleted file mode 100755 index 2616675c9..000000000 --- a/queries/aws_glue_data_quality_ruleset_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_glue_data_quality_ruleset_1 -Title: "List all AWS Glue Data Quality Rulesets" -Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - database_name, - table_name, - created_on, - description, - rule_set, - recommendation_run_id - from - aws_glue_data_quality_ruleset; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_data_quality_ruleset_2.yaml.bak b/queries/aws_glue_data_quality_ruleset_2.yaml.bak deleted file mode 100755 index 8ea563279..000000000 --- a/queries/aws_glue_data_quality_ruleset_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_glue_data_quality_ruleset_2 -Title: "Query AWS Glue Data Quality Rulesets" -Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - database_name, - table_name, - created_on, - description, - rule_set, - recommendation_run_id - from - aws_glue_data_quality_ruleset - where - created_on >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_data_quality_ruleset_3.yaml.bak b/queries/aws_glue_data_quality_ruleset_3.yaml.bak deleted file mode 100755 index d2a34447e..000000000 --- a/queries/aws_glue_data_quality_ruleset_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_glue_data_quality_ruleset_3 -Title: "List All AWS Glue Data Quality Rulesets by Database" -Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database_name, - count("name") as rulset_count - from - aws_glue_data_quality_ruleset - group by - database_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_data_quality_ruleset_4.yaml.bak b/queries/aws_glue_data_quality_ruleset_4.yaml.bak deleted file mode 100755 index 47e314081..000000000 --- a/queries/aws_glue_data_quality_ruleset_4.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_glue_data_quality_ruleset_4 -Title: "List all Glue Data Quality Rulesets in AWS" -Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name, - r.database_name, - d.catalog_id, - d.create_time as databse_create_time, - d.location_uri - from - aws_glue_data_quality_ruleset as r, - aws_glue_catalog_database as d - where - r.database_name = d.name - and - r.name = 'ruleset1'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_data_quality_ruleset_5.yaml.bak b/queries/aws_glue_data_quality_ruleset_5.yaml.bak deleted file mode 100755 index d624b5a37..000000000 --- a/queries/aws_glue_data_quality_ruleset_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_glue_data_quality_ruleset_5 -Title: "Find AWS Glue Data Quality Rulesets with Rule Count" -Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_count - from - aws_glue_data_quality_ruleset; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_dev_endpoint_1.yaml.bak b/queries/aws_glue_dev_endpoint_1.yaml.bak deleted file mode 100755 index 86dad1a8d..000000000 --- a/queries/aws_glue_dev_endpoint_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_glue_dev_endpoint_1 -Title: "List all AWS Glue Development Endpoints and Metadata" -Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_name, - status, - availability_zone, - created_timestamp, - extra_jars_s3_path, - glue_version, - private_address, - public_address - from - aws_glue_dev_endpoint; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_dev_endpoint_2.yaml.bak b/queries/aws_glue_dev_endpoint_2.yaml.bak deleted file mode 100755 index 7207ebfe7..000000000 --- a/queries/aws_glue_dev_endpoint_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_glue_dev_endpoint_2 -Title: "Find all AWS Glue Development Endpoints with Metadata" -Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_name, - status, - created_timestamp, - extra_jars_s3_path, - glue_version, - private_address, - public_address - from - aws_glue_dev_endpoint - where - status <> 'READY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_dev_endpoint_2.yaml.bak.bak b/queries/aws_glue_dev_endpoint_2.yaml.bak.bak deleted file mode 100755 index 7207ebfe7..000000000 --- a/queries/aws_glue_dev_endpoint_2.yaml.bak.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_glue_dev_endpoint_2 -Title: "Find all AWS Glue Development Endpoints with Metadata" -Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_name, - status, - created_timestamp, - extra_jars_s3_path, - glue_version, - private_address, - public_address - from - aws_glue_dev_endpoint - where - status <> 'READY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_dev_endpoint_3.yaml.bak b/queries/aws_glue_dev_endpoint_3.yaml.bak deleted file mode 100755 index e2a4b091d..000000000 --- a/queries/aws_glue_dev_endpoint_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_glue_dev_endpoint_3 -Title: "List all AWS Glue Development Endpoints with Metadata" -Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - status, - glue_version, - last_modified_timestamp - from - aws_glue_dev_endpoint - where - last_modified_timestamp >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue Development Endpoint diff --git a/queries/aws_glue_dev_endpoint_4.yaml.bak b/queries/aws_glue_dev_endpoint_4.yaml.bak deleted file mode 100755 index e3268b478..000000000 --- a/queries/aws_glue_dev_endpoint_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_glue_dev_endpoint_4 -Title: "List AWS Glue Development Endpoints and Configurations" -Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_name, - arn, - status, - glue_version, - created_timestamp - from - aws_glue_dev_endpoint - where - created_timestamp >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_dev_endpoint_5.yaml.bak b/queries/aws_glue_dev_endpoint_5.yaml.bak deleted file mode 100755 index 031d1ce0f..000000000 --- a/queries/aws_glue_dev_endpoint_5.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_glue_dev_endpoint_5 -Title: "Find AWS Glue Development Endpoints and Subnet Details" -Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.endpoint_name, - s.availability_zone, - s.available_ip_address_count, - s.cidr_block, - s.default_for_az, - s.map_customer_owned_ip_on_launch, - s.map_public_ip_on_launch, - s.state - from - aws_glue_dev_endpoint as e, - aws_vpc_subnet as s - where - e.endpoint_name = 'test5' - and - e.subnet_id = s.subnet_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_dev_endpoint_6.yaml.bak b/queries/aws_glue_dev_endpoint_6.yaml.bak deleted file mode 100755 index cc4e446f3..000000000 --- a/queries/aws_glue_dev_endpoint_6.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_glue_dev_endpoint_6 -Title: "Find AWS Glue Development Endpoints Configurations and Metadata" -Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.endpoint_name, - split_part(j, '/', '3') as extra_jars_s3_bucket, - b.versioning_enabled, - b.policy, - b.object_lock_configuration, - b.restrict_public_buckets, - b.policy - from - aws_glue_dev_endpoint as e, - aws_s3_bucket as b, - unnest (string_to_array(e.extra_jars_s3_path, ',')) as j - where - b.name = split_part(j, '/', '3') - and - e.endpoint_name = 'test34'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_job_1.yaml.bak b/queries/aws_glue_job_1.yaml.bak deleted file mode 100755 index ee3b69768..000000000 --- a/queries/aws_glue_job_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_glue_job_1 -Title: "List AWS Glue Jobs with Details on Execution and Status" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_on, - description, - max_capacity, - number_of_workers, - region, - timeout - from - aws_glue_job; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_job_10.yaml.bak b/queries/aws_glue_job_10.yaml.bak deleted file mode 100755 index a427bfb01..000000000 --- a/queries/aws_glue_job_10.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_glue_job_10 -Title: "Find AWS Glue Jobs Missing Encryption Type" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - created_on - region, - account_id, - default_arguments ->> '--encryption-type' as encryption_type - from - aws_glue_job - where - default_arguments ->> '--encryption-type' is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_job_10.yaml.bak.bak b/queries/aws_glue_job_10.yaml.bak.bak deleted file mode 100755 index a427bfb01..000000000 --- a/queries/aws_glue_job_10.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_glue_job_10 -Title: "Find AWS Glue Jobs Missing Encryption Type" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - created_on - region, - account_id, - default_arguments ->> '--encryption-type' as encryption_type - from - aws_glue_job - where - default_arguments ->> '--encryption-type' is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_job_2.yaml.bak b/queries/aws_glue_job_2.yaml.bak deleted file mode 100755 index 8f8dee97e..000000000 --- a/queries/aws_glue_job_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_glue_job_2 -Title: "Find AWS Glue Jobs and Their Detailed Job Properties" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - created_on, - connections -> 'Connections' as connections - from - aws_glue_job - where - connections is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_job_3.yaml.bak b/queries/aws_glue_job_3.yaml.bak deleted file mode 100755 index f158d6a85..000000000 --- a/queries/aws_glue_job_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_glue_job_3 -Title: "List all AWS Glue Jobs with detailed properties" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - created_on, - job_bookmark ->> 'Attempt' as total_attempts, - job_bookmark ->> 'Run' as total_runs, - job_bookmark ->> 'RunId' as run_id - from - aws_glue_job - where - job_bookmark is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_job_4.yaml.bak b/queries/aws_glue_job_4.yaml.bak deleted file mode 100755 index 4e34f134b..000000000 --- a/queries/aws_glue_job_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_glue_job_4 -Title: "Find all AWS Glue Jobs with Query Execution Detail" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - j.title, - j.arn, - j.created_on, - j.region, - j.account_id, - cloud_watch_encryption - from - aws_glue_job j - left join aws_glue_security_configuration s on j.security_configuration = s.name - where - cloud_watch_encryption is null or cloud_watch_encryption ->> 'CloudWatchEncryptionMode' = 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_job_5.yaml.bak b/queries/aws_glue_job_5.yaml.bak deleted file mode 100755 index 45d69ef12..000000000 --- a/queries/aws_glue_job_5.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_glue_job_5 -Title: "List all AWS Glue Jobs Detailing Status and Properties" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - j.title, - j.arn, - j.created_on, - j.region, - j.account_id, - job_bookmarks_encryption - from - aws_glue_job j - left join aws_glue_security_configuration s on j.security_configuration = s.name - where - job_bookmarks_encryption is null or job_bookmarks_encryption ->> 'JobBookmarksEncryptionMode' = 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_job_6.yaml.bak b/queries/aws_glue_job_6.yaml.bak deleted file mode 100755 index e296a6a3d..000000000 --- a/queries/aws_glue_job_6.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_glue_job_6 -Title: "Find all AWS Glue Jobs with Detailed Information" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - j.title, - j.arn, - j.created_on, - j.region, - j.account_id, - e as s3_encryption - from - aws_glue_job j - left join aws_glue_security_configuration s on j.security_configuration = s.name, - jsonb_array_elements(s.s3_encryption) e - where - e is null or e ->> 'S3EncryptionMode' = 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_job_7.yaml.bak b/queries/aws_glue_job_7.yaml.bak deleted file mode 100755 index 461c5a912..000000000 --- a/queries/aws_glue_job_7.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_glue_job_7 -Title: "List all AWS Glue Jobs with Continuous CloudWatch Logs Disabled" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - created_on - region, - account_id - from - aws_glue_job - where - default_arguments ->> '--enable-continuous-cloudwatch-log' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_job_8.yaml.bak b/queries/aws_glue_job_8.yaml.bak deleted file mode 100755 index 247de01eb..000000000 --- a/queries/aws_glue_job_8.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_glue_job_8 -Title: "List AWS Glue Jobs with Detailed Properties and Status" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - created_on - region, - account_id - from - aws_glue_job - where - default_arguments ->> '--enable-metrics' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Glue diff --git a/queries/aws_glue_job_9.yaml.bak b/queries/aws_glue_job_9.yaml.bak deleted file mode 100755 index 177c0e26e..000000000 --- a/queries/aws_glue_job_9.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_glue_job_9 -Title: "List all AWS Glue Job Properties and Execution Details" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - created_on, - command ->> 'Name' as script_name, - command ->> 'ScriptLocation' as script_location, - default_arguments ->> '--job-language' as job_language - from - aws_glue_job; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_security_configuration_1.yaml.bak b/queries/aws_glue_security_configuration_1.yaml.bak deleted file mode 100755 index 6debca620..000000000 --- a/queries/aws_glue_security_configuration_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_glue_security_configuration_1 -Title: "Find AWS Glue Security Configurations and Insights" -Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time_stamp, - cloud_watch_encryption, - job_bookmarks_encryption, - s3_encryption - from - aws_glue_security_configuration; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_security_configuration_2.yaml.bak b/queries/aws_glue_security_configuration_2.yaml.bak deleted file mode 100755 index 882a981ec..000000000 --- a/queries/aws_glue_security_configuration_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_glue_security_configuration_2 -Title: "Find AWS Glue Security Configurations with Encryption" -Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cloud_watch_encryption ->> 'CloudWatchEncryptionMode' as encyption_mode, - cloud_watch_encryption ->> 'KmsKeyArn' as kms_key_arn - from - aws_glue_security_configuration - where - cloud_watch_encryption ->> 'CloudWatchEncryptionMode' != 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue Security diff --git a/queries/aws_glue_security_configuration_3.yaml.bak b/queries/aws_glue_security_configuration_3.yaml.bak deleted file mode 100755 index 3bac288b8..000000000 --- a/queries/aws_glue_security_configuration_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_glue_security_configuration_3 -Title: "List all AWS Glue Security Configurations and Encryption Modes" -Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - job_bookmarks_encryption ->> 'JobBookmarksEncryptionMode' as encyption_mode, - job_bookmarks_encryption ->> 'KmsKeyArn' as kms_key_arn - from - aws_glue_security_configuration - where - job_bookmarks_encryption ->> 'JobBookmarksEncryptionMode' != 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_glue_security_configuration_4.yaml.bak b/queries/aws_glue_security_configuration_4.yaml.bak deleted file mode 100755 index 7e652ffc1..000000000 --- a/queries/aws_glue_security_configuration_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_glue_security_configuration_4 -Title: "Find AWS Glue Security Configurations" -Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - e ->> 'S3EncryptionMode' as encyption_mode, - e ->> 'KmsKeyArn' as kms_key_arn - from - aws_glue_security_configuration, - jsonb_array_elements(s3_encryption) e - where - e ->> 'S3EncryptionMode' != 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Glue diff --git a/queries/aws_guardduty_detector_1.yaml.bak b/queries/aws_guardduty_detector_1.yaml.bak deleted file mode 100755 index e52d8593e..000000000 --- a/queries/aws_guardduty_detector_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_guardduty_detector_1 -Title: "Find AWS GuardDuty Detector Details and Status" -Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - arn, - created_at, - status, - service_role - from - aws_guardduty_detector; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_detector_2.yaml.bak b/queries/aws_guardduty_detector_2.yaml.bak deleted file mode 100755 index b77964160..000000000 --- a/queries/aws_guardduty_detector_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_guardduty_detector_2 -Title: "List all AWS GuardDuty Detectors and their Status" -Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - created_at, - status - from - aws_guardduty_detector - where - status = 'ENABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_detector_3.yaml.bak b/queries/aws_guardduty_detector_3.yaml.bak deleted file mode 100755 index 22fa8d658..000000000 --- a/queries/aws_guardduty_detector_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_guardduty_detector_3 -Title: "List all AWS GuardDuty Detector details and status" -Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - status as detector_status, - data_sources -> 'CloudTrail' ->> 'Status' as cloud_trail_status, - data_sources -> 'DNSLogs' ->> 'Status' as dns_logs_status, - data_sources -> 'FlowLogs' ->> 'Status' as flow_logs_status - from - aws_guardduty_detector; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_detector_4.yaml.bak b/queries/aws_guardduty_detector_4.yaml.bak deleted file mode 100755 index 113c2b5ea..000000000 --- a/queries/aws_guardduty_detector_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_guardduty_detector_4 -Title: "Find AWS GuardDuty Detector with SQL" -Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - master_account ->> 'AccountId' as master_account_id, - master_account ->> 'InvitationId' as invitation_id, - master_account ->> 'RelationshipStatus' as relationship_status - from - aws_guardduty_detector - where master_account is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_filter_1.yaml.bak b/queries/aws_guardduty_filter_1.yaml.bak deleted file mode 100755 index 6d4261617..000000000 --- a/queries/aws_guardduty_filter_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_guardduty_filter_1 -Title: "Find AWS GuardDuty Filters and Associated Metadata" -Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - detector_id, - action, - rank - from - aws_guardduty_filter; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_filter_2.yaml.bak b/queries/aws_guardduty_filter_2.yaml.bak deleted file mode 100755 index beb1f7053..000000000 --- a/queries/aws_guardduty_filter_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_guardduty_filter_2 -Title: "Find AWS GuardDuty Filter Information with SQL" -Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - detector_id, - action, - rank - from - aws_guardduty_filter - where - action = 'ARCHIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_filter_3.yaml.bak b/queries/aws_guardduty_filter_3.yaml.bak deleted file mode 100755 index 6cbe55c47..000000000 --- a/queries/aws_guardduty_filter_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_guardduty_filter_3 -Title: "Find AWS GuardDuty Filter Conditions, Actions, Metadata" -Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - region, - detector_id, - action, - rank - from - aws_guardduty_filter - where - rank = 1; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_filter_4.yaml.bak b/queries/aws_guardduty_filter_4.yaml.bak deleted file mode 100755 index 24d34ba8e..000000000 --- a/queries/aws_guardduty_filter_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_guardduty_filter_4 -Title: "Find AWS GuardDuty Filter Information using SQL" -Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_pretty(finding_criteria) as finding_criteria - from - aws_guardduty_filter - where - name = 'filter-1'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_filter_5.yaml.bak b/queries/aws_guardduty_filter_5.yaml.bak deleted file mode 100755 index 4d1f90f8b..000000000 --- a/queries/aws_guardduty_filter_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_guardduty_filter_5 -Title: "List AWS GuardDuty Filters and Associated Metadata" -Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - region, - detector_id, - count(name) - from - aws_guardduty_filter - group by - region, - detector_id - order by - count desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_finding_1.yaml.bak b/queries/aws_guardduty_finding_1.yaml.bak deleted file mode 100755 index 60d96d154..000000000 --- a/queries/aws_guardduty_finding_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_guardduty_finding_1 -Title: "Find all AWS GuardDuty Findings for Security Threats" -Description: "Allows users to query AWS GuardDuty Findings to access detailed information about potential security threats or suspicious activities detected in their AWS environment." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - detector_id, - arn, - created_at - from - aws_guardduty_finding; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_finding_2.yaml.bak b/queries/aws_guardduty_finding_2.yaml.bak deleted file mode 100755 index c7970782c..000000000 --- a/queries/aws_guardduty_finding_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_guardduty_finding_2 -Title: "Find AWS GuardDuty Findings on Security Threats" -Description: "Allows users to query AWS GuardDuty Findings to access detailed information about potential security threats or suspicious activities detected in their AWS environment." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - detector_id, - arn, - created_at - from - aws_guardduty_finding - where - service ->> 'Archived' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_ipset_1.yaml.bak b/queries/aws_guardduty_ipset_1.yaml.bak deleted file mode 100755 index 66c9b6d80..000000000 --- a/queries/aws_guardduty_ipset_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_guardduty_ipset_1 -Title: "Find AWS GuardDuty IPSets with Details" -Description: "Allows users to query AWS GuardDuty IPSet to retrieve information about the IPSet, such as the detector ID, IPSet ID, name, format, location, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - ipset_id, - name, - format, - location - from - aws_guardduty_ipset; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_ipset_2.yaml.bak b/queries/aws_guardduty_ipset_2.yaml.bak deleted file mode 100755 index 5342c1423..000000000 --- a/queries/aws_guardduty_ipset_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_guardduty_ipset_2 -Title: "List All Inactive IP Sets in AWS GuardDuty" -Description: "Allows users to query AWS GuardDuty IPSet to retrieve information about the IPSet, such as the detector ID, IPSet ID, name, format, location, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - ipset_id, - name, - status - from - aws_guardduty_ipset - where - status = 'INACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_member_1.yaml.bak b/queries/aws_guardduty_member_1.yaml.bak deleted file mode 100755 index 98dff354b..000000000 --- a/queries/aws_guardduty_member_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_guardduty_member_1 -Title: "Find AWS GuardDuty Member Data, Details, and Status" -Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - detector_id, - invited_at, - relationship_status - from - aws_guardduty_member; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_member_2.yaml.bak b/queries/aws_guardduty_member_2.yaml.bak deleted file mode 100755 index 416bf4b02..000000000 --- a/queries/aws_guardduty_member_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_guardduty_member_2 -Title: "Find AWS GuardDuty Member Account Details and Status" -Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - detector_id, - invited_at, - relationship_status - from - aws_guardduty_member - where - relationship_status = 'EmailVerificationFailed'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_member_3.yaml.bak b/queries/aws_guardduty_member_3.yaml.bak deleted file mode 100755 index 18e53025d..000000000 --- a/queries/aws_guardduty_member_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_guardduty_member_3 -Title: "Find AWS GuardDuty Member Details" -Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - detector_id, - invited_at, - relationship_status - from - aws_guardduty_member - where - invited_at is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_member_4.yaml.bak b/queries/aws_guardduty_member_4.yaml.bak deleted file mode 100755 index da5967e95..000000000 --- a/queries/aws_guardduty_member_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_guardduty_member_4 -Title: "Find all AWS GuardDuty Member with details" -Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - detector_id, - invited_at, - relationship_status - from - aws_guardduty_member - where - invited_at >= (now() - interval '10' day); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_member_4.yaml.bak.bak b/queries/aws_guardduty_member_4.yaml.bak.bak deleted file mode 100755 index da5967e95..000000000 --- a/queries/aws_guardduty_member_4.yaml.bak.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_guardduty_member_4 -Title: "Find all AWS GuardDuty Member with details" -Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - detector_id, - invited_at, - relationship_status - from - aws_guardduty_member - where - invited_at >= (now() - interval '10' day); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_1.yaml.bak b/queries/aws_guardduty_publishing_destination_1.yaml.bak deleted file mode 100755 index 219a76de8..000000000 --- a/queries/aws_guardduty_publishing_destination_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_guardduty_publishing_destination_1 -Title: "List AWS GuardDuty Publishing Destinations Info" -Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - destination_id, - arn, - destination_arn, - status - from - aws_guardduty_publishing_destination; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_1.yaml.bak.bak b/queries/aws_guardduty_publishing_destination_1.yaml.bak.bak deleted file mode 100755 index 219a76de8..000000000 --- a/queries/aws_guardduty_publishing_destination_1.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_guardduty_publishing_destination_1 -Title: "List AWS GuardDuty Publishing Destinations Info" -Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - destination_id, - arn, - destination_arn, - status - from - aws_guardduty_publishing_destination; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_2.yaml.bak b/queries/aws_guardduty_publishing_destination_2.yaml.bak deleted file mode 100755 index 46c36ce87..000000000 --- a/queries/aws_guardduty_publishing_destination_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_guardduty_publishing_destination_2 -Title: "Find AWS GuardDuty Publishing Destinations" -Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - destination_id, - arn, - status - from - aws_guardduty_publishing_destination - where - status = 'PENDING_VERIFICATION'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_3.yaml.bak b/queries/aws_guardduty_publishing_destination_3.yaml.bak deleted file mode 100755 index be4b78787..000000000 --- a/queries/aws_guardduty_publishing_destination_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_guardduty_publishing_destination_3 -Title: "List All AWS GuardDuty Publishing Destinations" -Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - destination_id, - kms_key_arn, - status, - destination_type - from - aws_guardduty_publishing_destination - where - kms_key_arn is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_4.yaml.bak b/queries/aws_guardduty_publishing_destination_4.yaml.bak deleted file mode 100755 index a1560cfc6..000000000 --- a/queries/aws_guardduty_publishing_destination_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_guardduty_publishing_destination_4 -Title: "List all AWS GuardDuty Publishing Destination Types" -Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - destination_type, - count(destination_id) - from - aws_guardduty_publishing_destination - group by - destination_type - order by - count desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_5.yaml.bak b/queries/aws_guardduty_publishing_destination_5.yaml.bak deleted file mode 100755 index c48bb58c2..000000000 --- a/queries/aws_guardduty_publishing_destination_5.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_guardduty_publishing_destination_5 -Title: "Find AWS GuardDuty Publishing Destinations" -Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.destination_id, - d.destination_arn, - d.destination_type, - p ->> 'Sid' as sid, - p ->> 'Action' as policy_action, - p ->> 'Effect' as effect, - p -> 'Principal' ->> 'Service' as principal_service - from - aws_guardduty_publishing_destination as d, - aws_s3_bucket as s, - jsonb_array_elements(s.policy -> 'Statement') as p - where - d.destination_type = 'S3' - and - s.arn = d.destination_arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_publishing_destination_6.yaml.bak b/queries/aws_guardduty_publishing_destination_6.yaml.bak deleted file mode 100755 index 4c1fba53d..000000000 --- a/queries/aws_guardduty_publishing_destination_6.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_guardduty_publishing_destination_6 -Title: "Find all AWS GuardDuty Publishing Destinations" -Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.destination_id, - p ->> 'Sid' as sid, - p ->> 'Action' as policy_action, - p ->> 'Effect' as effect, - p ->> 'Principal' as policy_principal, - p ->> 'Condition' as policy_condition - from - aws_guardduty_publishing_destination as d, - aws_kms_key as k, - jsonb_array_elements(k.policy -> 'Statement') as p - where - d.kms_key_arn is not null - and - k.arn = d.kms_key_arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_threat_intel_set_1.yaml.bak b/queries/aws_guardduty_threat_intel_set_1.yaml.bak deleted file mode 100755 index 5e94328e2..000000000 --- a/queries/aws_guardduty_threat_intel_set_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_guardduty_threat_intel_set_1 -Title: "Find AWS GuardDuty ThreatIntelSet Information" -Description: "Allows users to query AWS GuardDuty ThreatIntelSet to fetch information about threat intelligence sets that are associated with a GuardDuty detector." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - threat_intel_set_id, - name, - format, - location - from - aws_guardduty_threat_intel_set; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_guardduty_threat_intel_set_2.yaml.bak b/queries/aws_guardduty_threat_intel_set_2.yaml.bak deleted file mode 100755 index 8259e9ba2..000000000 --- a/queries/aws_guardduty_threat_intel_set_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_guardduty_threat_intel_set_2 -Title: "Find all AWS GuardDuty ThreatIntelSet threat data" -Description: "Allows users to query AWS GuardDuty ThreatIntelSet to fetch information about threat intelligence sets that are associated with a GuardDuty detector." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - threat_intel_set_id, - status - from - aws_guardduty_threat_intel_set - where - status = 'INACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - GuardDuty diff --git a/queries/aws_health_affected_entity_1.yaml.bak b/queries/aws_health_affected_entity_1.yaml.bak deleted file mode 100755 index 2b42b1dfb..000000000 --- a/queries/aws_health_affected_entity_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_health_affected_entity_1 -Title: "Find Health Status of AWS Resources via SQL" -Description: "Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` table provides comprehensive details about each entity affected by AWS Health events. It can be utilized to gain insights into the health status of AWS resources, allowing for proactive monitoring and maintenance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - entity_url, - entity_value, - event_arn, - last_updated_time, - status_code - from - aws_health_affected_entity; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Health diff --git a/queries/aws_health_affected_entity_2.yaml.bak b/queries/aws_health_affected_entity_2.yaml.bak deleted file mode 100755 index 675ea8a23..000000000 --- a/queries/aws_health_affected_entity_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_health_affected_entity_2 -Title: "List all AWS Health Affected Entities" -Description: "Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` table provides comprehensive details about each entity affected by AWS Health events. It can be utilized to gain insights into the health status of AWS resources, allowing for proactive monitoring and maintenance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - entity_url, - entity_value, - event_arn, - last_updated_time, - status_code - from - aws_health_affected_entity - where - status_code = 'UNIMPAIRED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Health diff --git a/queries/aws_health_affected_entity_3.yaml.bak b/queries/aws_health_affected_entity_3.yaml.bak deleted file mode 100755 index 765a0099a..000000000 --- a/queries/aws_health_affected_entity_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_health_affected_entity_3 -Title: "List AWS Health Affected Entities with Detailed Insights" -Description: "Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` table provides comprehensive details about each entity affected by AWS Health events. It can be utilized to gain insights into the health status of AWS resources, allowing for proactive monitoring and maintenance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.arn, - e.entity_url, - e.event_arn, - v.event_type_category, - v.event_type_code, - v.service - from - aws_health_affected_entity as e, - aws_health_event as v; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Health diff --git a/queries/aws_health_event_1.yaml.bak b/queries/aws_health_event_1.yaml.bak deleted file mode 100755 index 260d92bd0..000000000 --- a/queries/aws_health_event_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_health_event_1 -Title: "Query AWS Health Events Affecting Services and Accounts" -Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - availability_zone, - start_time, - end_time, - event_type_category, - event_type_code, - event_scope_code, - service, - region - from - aws_health_event; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Health diff --git a/queries/aws_health_event_2.yaml.bak b/queries/aws_health_event_2.yaml.bak deleted file mode 100755 index 63a72ac83..000000000 --- a/queries/aws_health_event_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_health_event_2 -Title: "" -Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - start_time, - end_time, - event_type_category, - event_type_code, - event_scope_code, - status_code, - service - from - aws_health_event - where - status_code = 'upcoming'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: {} diff --git a/queries/aws_health_event_3.yaml.bak b/queries/aws_health_event_3.yaml.bak deleted file mode 100755 index 4ddc38000..000000000 --- a/queries/aws_health_event_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_health_event_3 -Title: "Find AWS Health Events Affecting Services and Accounts" -Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - start_time, - end_time, - event_type_category, - event_type_code, - event_scope_code, - status_code, - service - from - aws_health_event - where - service = 'EC2'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Health Events diff --git a/queries/aws_health_event_4.yaml.bak b/queries/aws_health_event_4.yaml.bak deleted file mode 100755 index 4de91ec33..000000000 --- a/queries/aws_health_event_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_health_event_4 -Title: "List all AWS Health Events affecting services and accounts" -Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - availability_zone, - start_time, - end_time, - event_type_category, - event_type_code, - event_scope_code, - status_code, - service - from - aws_health_event - where - availability_zone = 'us-east-1a'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Health diff --git a/queries/aws_iam_access_advisor_1.yaml.bak b/queries/aws_iam_access_advisor_1.yaml.bak deleted file mode 100755 index acaf28de6..000000000 --- a/queries/aws_iam_access_advisor_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_iam_access_advisor_1 -Title: "Find AWS IAM Access Info via SQL Query" -Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - principal_arn, - service_name, - last_authenticated, - age(last_authenticated::date) - from - aws_iam_access_advisor - where - principal_arn = 'arn:aws:iam::123456789123:user/john' - and last_authenticated is not null - order by - age asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Access Advisor diff --git a/queries/aws_iam_access_advisor_2.yaml.bak b/queries/aws_iam_access_advisor_2.yaml.bak deleted file mode 100755 index 8f733a5ed..000000000 --- a/queries/aws_iam_access_advisor_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iam_access_advisor_2 -Title: "List all AWS IAM entities with no recent service access" -Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - principal_arn, - service_name - from - aws_iam_access_advisor - where - principal_arn = 'arn:aws:iam::123456789123:role/turbot/admin' - and last_authenticated is null - order by - service_name - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Access Advisor diff --git a/queries/aws_iam_access_advisor_2.yaml.bak.bak b/queries/aws_iam_access_advisor_2.yaml.bak.bak deleted file mode 100755 index 8f733a5ed..000000000 --- a/queries/aws_iam_access_advisor_2.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iam_access_advisor_2 -Title: "List all AWS IAM entities with no recent service access" -Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - principal_arn, - service_name - from - aws_iam_access_advisor - where - principal_arn = 'arn:aws:iam::123456789123:role/turbot/admin' - and last_authenticated is null - order by - service_name - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Access Advisor diff --git a/queries/aws_iam_access_advisor_3.yaml.bak b/queries/aws_iam_access_advisor_3.yaml.bak deleted file mode 100755 index f7147210a..000000000 --- a/queries/aws_iam_access_advisor_3.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_iam_access_advisor_3 -Title: "Find AWS IAM Access Advisor Info for Service Access Data" -Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - principal_arn, - service_name, - last_authenticated, - age(last_authenticated::date), - last_authenticated_entity, - last_authenticated_region - from - aws_iam_access_advisor - where - principal_arn = 'arn:aws:iam::aws:policy/AdministratorAccess' - and last_authenticated is not null - order by - age asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Access Advisor diff --git a/queries/aws_iam_access_advisor_4.yaml.bak b/queries/aws_iam_access_advisor_4.yaml.bak deleted file mode 100755 index cbe94f006..000000000 --- a/queries/aws_iam_access_advisor_4.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_iam_access_advisor_4 -Title: "Find AWS IAM Access Advisor Data for User Entities" -Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - adv.service_name, - action as action_granted, - attached as granted_in, - adv.service_namespace - from - aws_iam_access_advisor as adv, - aws_iam_role as r, - jsonb_array_elements_text(r.attached_policy_arns) as attached, - aws_iam_policy as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action - where - principal_arn = 'arn:aws:iam::123456789123:role/turbot/admin' - and r.arn = adv.principal_arn - and last_authenticated is null - and attached = p.arn - and stmt ->> 'Effect' = 'Allow' - and action like adv.service_namespace || ':%' - order by - adv.service_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_access_advisor_5.yaml.bak b/queries/aws_iam_access_advisor_5.yaml.bak deleted file mode 100755 index 1e2bbfa1c..000000000 --- a/queries/aws_iam_access_advisor_5.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_iam_access_advisor_5 -Title: "Find All AWS IAM Access Advisor Last Access Data" -Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - principal_arn, - service_name, - last_authenticated, - age(last_authenticated::date), - a ->> 'ActionName' as action_name, - a ->> 'LastAccessedEntity' as action_last_accessed_entity, - a ->> 'LastAccessedRegion' as action_last_accessed_region, - a ->> 'LastAccessedTime' as action_last_accessed_time - from - aws_iam_access_advisor, - jsonb_array_elements(tracked_actions_last_accessed) as a - where - principal_arn = 'arn:aws:iam::123456789123:user/jane' - and last_authenticated is not null - and service_namespace = 's3' - order by - age asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Access Advisor diff --git a/queries/aws_iam_access_advisor_6.yaml.bak b/queries/aws_iam_access_advisor_6.yaml.bak deleted file mode 100755 index bdc559904..000000000 --- a/queries/aws_iam_access_advisor_6.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_iam_access_advisor_6 -Title: "List IAM Access Advisor Data for AWS Entities" -Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - principal_arn, - service_name - from - aws_iam_user as u, - aws_iam_access_advisor as adv - where - adv.principal_arn = u.arn - and last_authenticated is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Access Advisor diff --git a/queries/aws_iam_access_key_1.yaml.bak b/queries/aws_iam_access_key_1.yaml.bak deleted file mode 100755 index c09a80d57..000000000 --- a/queries/aws_iam_access_key_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_iam_access_key_1 -Title: "Find AWS IAM User Access Keys Details" -Description: "Allows users to query IAM Access Keys in AWS to obtain details about the access keys associated with an IAM user. This includes the access key ID, status, creation date, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - access_key_id, - user_name, - create_date - from - aws_iam_access_key; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_access_key_2.yaml.bak b/queries/aws_iam_access_key_2.yaml.bak deleted file mode 100755 index 50ed18c1e..000000000 --- a/queries/aws_iam_access_key_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iam_access_key_2 -Title: "Find Inactive IAM Access Keys with AWS via SQL" -Description: "Allows users to query IAM Access Keys in AWS to obtain details about the access keys associated with an IAM user. This includes the access key ID, status, creation date, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - access_key_id, - user_name, - status - from - aws_iam_access_key - where - status = 'Inactive'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_access_key_3.yaml.bak b/queries/aws_iam_access_key_3.yaml.bak deleted file mode 100755 index 5d5be57b4..000000000 --- a/queries/aws_iam_access_key_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_iam_access_key_3 -Title: "List all AWS IAM Access Keys with User Details" -Description: "Allows users to query IAM Access Keys in AWS to obtain details about the access keys associated with an IAM user. This includes the access key ID, status, creation date, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name, - count (access_key_id) as access_key_count - from - aws_iam_access_key - group by - user_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Access Keys diff --git a/queries/aws_iam_account_password_policy_1.yaml.bak b/queries/aws_iam_account_password_policy_1.yaml.bak deleted file mode 100755 index 78540d28d..000000000 --- a/queries/aws_iam_account_password_policy_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_iam_account_password_policy_1 -Title: "Find AWS IAM Account Password Policy Details" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - allow_users_to_change_password, - expire_passwords, - hard_expiry, - max_password_age, - minimum_password_length, - password_reuse_prevention, - require_lowercase_characters, - require_numbers, - require_symbols, - require_uppercase_characters - from - aws_iam_account_password_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_account_password_policy_2.yaml.bak b/queries/aws_iam_account_password_policy_2.yaml.bak deleted file mode 100755 index 5ad888dc4..000000000 --- a/queries/aws_iam_account_password_policy_2.yaml.bak +++ /dev/null @@ -1,22 +0,0 @@ -ID: aws_iam_account_password_policy_2 -Title: "Find AWS IAM Account Password Policy Requirements" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - require_uppercase_characters - from - aws_iam_account_password_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_account_password_policy_3.yaml.bak b/queries/aws_iam_account_password_policy_3.yaml.bak deleted file mode 100755 index bea21892f..000000000 --- a/queries/aws_iam_account_password_policy_3.yaml.bak +++ /dev/null @@ -1,22 +0,0 @@ -ID: aws_iam_account_password_policy_3 -Title: "Find AWS IAM Account Password Policy Details" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - require_lowercase_characters - from - aws_iam_account_password_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_account_password_policy_4.yaml.bak b/queries/aws_iam_account_password_policy_4.yaml.bak deleted file mode 100755 index 2bda251a3..000000000 --- a/queries/aws_iam_account_password_policy_4.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_iam_account_password_policy_4 -Title: "Find AWS IAM Account Password Policy Requirements" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - require_symbols - from - aws_iam_account_password_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Account Password Policies diff --git a/queries/aws_iam_account_password_policy_5.yaml.bak b/queries/aws_iam_account_password_policy_5.yaml.bak deleted file mode 100755 index 865be5e48..000000000 --- a/queries/aws_iam_account_password_policy_5.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_iam_account_password_policy_5 -Title: "List AWS IAM Account Password Policies with SQL" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - require_numbers - from - aws_iam_account_password_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_account_password_policy_6.yaml.bak b/queries/aws_iam_account_password_policy_6.yaml.bak deleted file mode 100755 index 4f33ebad4..000000000 --- a/queries/aws_iam_account_password_policy_6.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_iam_account_password_policy_6 -Title: "Find AWS IAM Account Password Policies Details" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - minimum_password_length >= 14 - from - aws_iam_account_password_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_account_password_policy_7.yaml.bak b/queries/aws_iam_account_password_policy_7.yaml.bak deleted file mode 100755 index c4ce08dae..000000000 --- a/queries/aws_iam_account_password_policy_7.yaml.bak +++ /dev/null @@ -1,22 +0,0 @@ -ID: aws_iam_account_password_policy_7 -Title: "Find AWS IAM Account Password Policies with SQL" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - password_reuse_prevention - from - aws_iam_account_password_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_account_password_policy_8.yaml.bak b/queries/aws_iam_account_password_policy_8.yaml.bak deleted file mode 100755 index 6caad373c..000000000 --- a/queries/aws_iam_account_password_policy_8.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_iam_account_password_policy_8 -Title: "Find AWS IAM Account Password Policies" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - (expire_passwords and max_password_age <= 90) - from - aws_iam_account_password_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_account_summary_1.yaml.bak b/queries/aws_iam_account_summary_1.yaml.bak deleted file mode 100755 index f6a845eaa..000000000 --- a/queries/aws_iam_account_summary_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_iam_account_summary_1 -Title: "List AWS IAM Account Summary Overview and Resource Usage" -Description: "Allows users to query AWS IAM Account Summary to get a detailed overview of the account''s IAM usage and resource consumption." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - * - from - aws_iam_account_summary; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_iam_account_summary_2.yaml.bak b/queries/aws_iam_account_summary_2.yaml.bak deleted file mode 100755 index 79847b28e..000000000 --- a/queries/aws_iam_account_summary_2.yaml.bak +++ /dev/null @@ -1,22 +0,0 @@ -ID: aws_iam_account_summary_2 -Title: "Find AWS IAM Account Summary with SQL Query" -Description: "Allows users to query AWS IAM Account Summary to get a detailed overview of the account''s IAM usage and resource consumption." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_mfa_enabled - from - aws_iam_account_summary; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_iam_account_summary_3.yaml.bak b/queries/aws_iam_account_summary_3.yaml.bak deleted file mode 100755 index 5810815a8..000000000 --- a/queries/aws_iam_account_summary_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_iam_account_summary_3 -Title: "Find AWS IAM Account Summary Details" -Description: "Allows users to query AWS IAM Account Summary to get a detailed overview of the account''s IAM usage and resource consumption." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - users, - groups, - roles, - policies - from - aws_iam_account_summary; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_action_1.yaml.bak b/queries/aws_iam_action_1.yaml.bak deleted file mode 100755 index 1ce25e18e..000000000 --- a/queries/aws_iam_action_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_iam_action_1 -Title: "Find IAM Actions in AWS IAM with SQL" -Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - action, - description - from - aws_iam_action - where - prefix = 's3' - order by - action; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_iam_action_2.yaml.bak b/queries/aws_iam_action_2.yaml.bak deleted file mode 100755 index 396e38b9c..000000000 --- a/queries/aws_iam_action_2.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_iam_action_2 -Title: "Find all IAM Actions in AWS Identity and Access Management" -Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - description - from - aws_iam_action - where - action = 's3:deleteobject'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_iam_action_3.yaml.bak b/queries/aws_iam_action_3.yaml.bak deleted file mode 100755 index ab737f329..000000000 --- a/queries/aws_iam_action_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_iam_action_3 -Title: "Find IAM Actions in AWS Identity and Access Management" -Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.action, - a.description - from - aws_iam_action as a, - glob('s3:d*') as action_name - where - a.action like action_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_iam_action_4.yaml.bak b/queries/aws_iam_action_4.yaml.bak deleted file mode 100755 index b3102702b..000000000 --- a/queries/aws_iam_action_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_iam_action_4 -Title: "Find IAM Actions in AWS Identity and Access Management" -Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.action, - a.access_level - from - aws_iam_policy p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob(action_glob) as action_regex - join aws_iam_action a ON a.action LIKE action_regex - where - p.name = 'AmazonEC2ReadOnlyAccess' - and stmt ->> 'Effect' = 'Allow' - order by - a.action; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Identity and Access Management (IAM) diff --git a/queries/aws_iam_action_5.yaml.bak b/queries/aws_iam_action_5.yaml.bak deleted file mode 100755 index 501fd2774..000000000 --- a/queries/aws_iam_action_5.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: aws_iam_action_5 -Title: "Find AWS IAM Actions in AWS Identity and Access Management" -Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.name, - f.role, - a.action, - a.access_level, - a.description - from - aws_lambda_function as f, - aws_iam_role as r, - jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, - aws_iam_policy as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob(action_glob) as action_regex - join aws_iam_action a ON a.action LIKE action_regex - where - f.role = r.arn - and pol_arn = p.arn - and stmt ->> 'Effect' = 'Allow' - and f.name = 'hellopython'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_iam_credential_report_1.yaml.bak b/queries/aws_iam_credential_report_1.yaml.bak deleted file mode 100755 index 7d8389496..000000000 --- a/queries/aws_iam_credential_report_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_iam_credential_report_1 -Title: "Find AWS IAM Credential Reports for Users with Activity" -Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name - from - aws_iam_credential_report - where - password_enabled - and password_last_used > (current_date - interval '90' day); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Identity and Access Management diff --git a/queries/aws_iam_credential_report_2.yaml.bak b/queries/aws_iam_credential_report_2.yaml.bak deleted file mode 100755 index e3ea4b89f..000000000 --- a/queries/aws_iam_credential_report_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_iam_credential_report_2 -Title: "Find AWS IAM Credential Reports and User Statuses" -Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name, - password_last_used, - age(password_last_used) - from - aws_iam_credential_report - where - password_enabled - and password_last_used <= (current_date - interval '90' day) - order by - password_last_used; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_credential_report_3.yaml.bak b/queries/aws_iam_credential_report_3.yaml.bak deleted file mode 100755 index eb5ee861a..000000000 --- a/queries/aws_iam_credential_report_3.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_iam_credential_report_3 -Title: "Find AWS IAM Users with Never Used Passwords" -Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name - from - aws_iam_credential_report - where - password_status = 'never_used'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Credential Reports diff --git a/queries/aws_iam_credential_report_4.yaml.bak b/queries/aws_iam_credential_report_4.yaml.bak deleted file mode 100755 index dc100eb8a..000000000 --- a/queries/aws_iam_credential_report_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_iam_credential_report_4 -Title: "Find all AWS IAM Credential Reports for Key Rotation" -Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name, - access_key_1_last_rotated, - age(access_key_1_last_rotated) as access_key_1_age, - access_key_2_last_rotated, - age(access_key_2_last_rotated) as access_key_2_age - from - aws_iam_credential_report - where - access_key_1_last_rotated <= (current_date - interval '90' day) - or access_key_2_last_rotated <= (current_date - interval '90' day) - order by - user_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management (IAM) diff --git a/queries/aws_iam_credential_report_5.yaml.bak b/queries/aws_iam_credential_report_5.yaml.bak deleted file mode 100755 index 490b0d7f6..000000000 --- a/queries/aws_iam_credential_report_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_iam_credential_report_5 -Title: "Find AWS IAM Users Without MFA and With Password Enabled" -Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name, - mfa_active, - password_enabled - from - aws_iam_credential_report - where - password_enabled - and not mfa_active; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Credential Report diff --git a/queries/aws_iam_credential_report_6.yaml.bak b/queries/aws_iam_credential_report_6.yaml.bak deleted file mode 100755 index 2e68ad6ef..000000000 --- a/queries/aws_iam_credential_report_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_iam_credential_report_6 -Title: "List all AWS IAM users and their credential status" -Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name, - mfa_active - from - aws_iam_credential_report - where - user_name = ''; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Credential Report diff --git a/queries/aws_iam_credential_report_6.yaml.bak.bak b/queries/aws_iam_credential_report_6.yaml.bak.bak deleted file mode 100755 index 2e68ad6ef..000000000 --- a/queries/aws_iam_credential_report_6.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_iam_credential_report_6 -Title: "List all AWS IAM users and their credential status" -Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name, - mfa_active - from - aws_iam_credential_report - where - user_name = ''; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Credential Report diff --git a/queries/aws_iam_group_1.yaml.bak b/queries/aws_iam_group_1.yaml.bak deleted file mode 100755 index 3e781ae44..000000000 --- a/queries/aws_iam_group_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iam_group_1 -Title: "Find AWS IAM Group Data using SQL Query" -Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as group_name, - iam_user ->> 'UserName' as user_name, - iam_user ->> 'UserId' as user_id, - iam_user ->> 'PermissionsBoundary' as permission_boundary, - iam_user ->> 'PasswordLastUsed' as password_last_used, - iam_user ->> 'CreateDate' as user_create_date - from - aws_iam_group - cross join jsonb_array_elements(users) as iam_user; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_iam_group_2.yaml.bak b/queries/aws_iam_group_2.yaml.bak deleted file mode 100755 index e959a3104..000000000 --- a/queries/aws_iam_group_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iam_group_2 -Title: "Find AWS IAM Group Data: Name, Path, and ARN" -Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as group_name, - iam_user ->> 'UserName' as user_name, - split_part(attachments, '/', 2) as attached_policies - from - aws_iam_group - cross join jsonb_array_elements(users) as iam_user, - jsonb_array_elements_text(attached_policy_arns) as attachments - where - split_part(attachments, '/', 2) = 'AdministratorAccess'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_iam_group_3.yaml.bak b/queries/aws_iam_group_3.yaml.bak deleted file mode 100755 index d0580245e..000000000 --- a/queries/aws_iam_group_3.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_iam_group_3 -Title: "Find all AWS IAM Group details with their attached policies" -Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as group_name, - split_part(attachments, '/', 2) as attached_policies - from - aws_iam_group - cross join jsonb_array_elements_text(attached_policy_arns) as attachments; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_group_4.yaml.bak b/queries/aws_iam_group_4.yaml.bak deleted file mode 100755 index 27fa73af5..000000000 --- a/queries/aws_iam_group_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_iam_group_4 -Title: "Find all AWS IAM Group information like name and path" -Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as group_name, - inline_policies - from - aws_iam_group - where - inline_policies is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_open_id_connect_provider_1.yaml.bak b/queries/aws_iam_open_id_connect_provider_1.yaml.bak deleted file mode 100755 index a685a71d2..000000000 --- a/queries/aws_iam_open_id_connect_provider_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_iam_open_id_connect_provider_1 -Title: "Find AWS IAM OpenID Connect Providers and Details" -Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - client_id_list, - thumbprint_list, - url, - account_id - from - aws_iam_open_id_connect_provider; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_open_id_connect_provider_2.yaml.bak b/queries/aws_iam_open_id_connect_provider_2.yaml.bak deleted file mode 100755 index 8cd79925e..000000000 --- a/queries/aws_iam_open_id_connect_provider_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_iam_open_id_connect_provider_2 -Title: "List all AWS IAM OpenID Connect Providers in Account" -Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - client_id_list, - thumbprint_list, - url, - account_id - from - aws_iam_open_id_connect_provider - where - create_date <= (current_date - interval '90' day) - order by - create_date; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_open_id_connect_provider_2.yaml.bak.bak b/queries/aws_iam_open_id_connect_provider_2.yaml.bak.bak deleted file mode 100755 index 8cd79925e..000000000 --- a/queries/aws_iam_open_id_connect_provider_2.yaml.bak.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_iam_open_id_connect_provider_2 -Title: "List all AWS IAM OpenID Connect Providers in Account" -Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - client_id_list, - thumbprint_list, - url, - account_id - from - aws_iam_open_id_connect_provider - where - create_date <= (current_date - interval '90' day) - order by - create_date; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_open_id_connect_provider_3.yaml.bak b/queries/aws_iam_open_id_connect_provider_3.yaml.bak deleted file mode 100755 index 1527fc399..000000000 --- a/queries/aws_iam_open_id_connect_provider_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_iam_open_id_connect_provider_3 -Title: "Find AWS IAM OpenID Connect Providers and Retrieve Details" -Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - client_id_list, - thumbprint_list, - tags, - url, - account_id - from - aws_iam_open_id_connect_provider - where - tags ->> 'Environment' = 'Production'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_open_id_connect_provider_4.yaml.bak b/queries/aws_iam_open_id_connect_provider_4.yaml.bak deleted file mode 100755 index 4a3dff63d..000000000 --- a/queries/aws_iam_open_id_connect_provider_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_iam_open_id_connect_provider_4 -Title: "Find all AWS IAM OpenID Connect Providers with Details" -Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - client_id_list, - thumbprint_list, - tags, - url, - account_id - from - aws_iam_open_id_connect_provider - where - client_id_list @> '["sts.amazonaws.com"]'::jsonb - and not thumbprint_list @> '["1c58a3a8518e8759bf075b76b750d4f2df264fcd", "6938fd4d98bab03faadb97b34396831e3780aea1"]'::jsonb - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws diff --git a/queries/aws_iam_policy_1.yaml.bak b/queries/aws_iam_policy_1.yaml.bak deleted file mode 100755 index 3585e653d..000000000 --- a/queries/aws_iam_policy_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_iam_policy_1 -Title: "Find all AWS IAM Policies with Detailed Information" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn - from - aws_iam_policy - where - not is_aws_managed; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_policy_2.yaml.bak b/queries/aws_iam_policy_2.yaml.bak deleted file mode 100755 index 974af1c82..000000000 --- a/queries/aws_iam_policy_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iam_policy_2 -Title: "Find all AWS IAM Policies and associated metadata" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn - from - aws_iam_policy - where - not is_aws_managed - and path = '/turbot/'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Policy diff --git a/queries/aws_iam_policy_3.yaml.bak b/queries/aws_iam_policy_3.yaml.bak deleted file mode 100755 index 92c695f03..000000000 --- a/queries/aws_iam_policy_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iam_policy_3 -Title: "List all AWS IAM Policies and their Details" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - permissions_boundary_usage_count - from - aws_iam_policy - where - is_attached; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_policy_4.yaml.bak b/queries/aws_iam_policy_4.yaml.bak deleted file mode 100755 index 582502985..000000000 --- a/queries/aws_iam_policy_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iam_policy_4 -Title: "List all AWS IAM Policies with Detailed Information" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - attachment_count, - permissions_boundary_usage_count - from - aws_iam_policy - where - not is_aws_managed - and not is_attached - and permissions_boundary_usage_count = 0; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_policy_5.yaml.bak b/queries/aws_iam_policy_5.yaml.bak deleted file mode 100755 index 9db555727..000000000 --- a/queries/aws_iam_policy_5.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_iam_policy_5 -Title: "Find all AWS IAM Policies with permissions and metadata" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - action, - s ->> 'Effect' as effect - from - aws_iam_policy, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Action') as action - where - action in ('*', '*:*') - and s ->> 'Effect' = 'Allow'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_policy_6.yaml.bak b/queries/aws_iam_policy_6.yaml.bak deleted file mode 100755 index 1cfc85313..000000000 --- a/queries/aws_iam_policy_6.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_iam_policy_6 -Title: "Find all AWS IAM Policies with Permissions and Metadata" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - action, - s ->> 'Effect' as effect - from - aws_iam_policy, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Action') as action - where - s ->> 'Effect' = 'Allow' - and ( - action = '*' - or action like '%:*' - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_policy_7.yaml.bak b/queries/aws_iam_policy_7.yaml.bak deleted file mode 100755 index 36c3b4c31..000000000 --- a/queries/aws_iam_policy_7.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_iam_policy_7 -Title: "Find AWS IAM Policies with Detailed Information" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.action, - a.access_level, - a.description - from - aws_iam_policy p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob(action_glob) as action_regex - join aws_iam_action a ON a.action LIKE action_regex - where - p.name = 'AmazonEC2ReadOnlyAccess' - and stmt ->> 'Effect' = 'Allow' - order by - a.action; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_policy_attachment_1.yaml.bak b/queries/aws_iam_policy_attachment_1.yaml.bak deleted file mode 100755 index caef95d91..000000000 --- a/queries/aws_iam_policy_attachment_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iam_policy_attachment_1 -Title: "Find all AWS IAM Policy Attachments and Associations" -Description: "Allows users to query IAM Policy Attachments in AWS to gather information about the relationship between IAM policies and their associated entities (users, groups, and roles)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_arn, - is_attached, - policy_groups - from - aws_iam_policy_attachment - where - is_attached; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_policy_attachment_2.yaml.bak b/queries/aws_iam_policy_attachment_2.yaml.bak deleted file mode 100755 index 5f4d96a14..000000000 --- a/queries/aws_iam_policy_attachment_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_iam_policy_attachment_2 -Title: "Find IAM Policy Attachments in AWS" -Description: "Allows users to query IAM Policy Attachments in AWS to gather information about the relationship between IAM policies and their associated entities (users, groups, and roles)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_arn, - is_attached, - policy_users - from - aws_iam_policy_attachment - where - is_attached; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_policy_attachment_3.yaml.bak b/queries/aws_iam_policy_attachment_3.yaml.bak deleted file mode 100755 index bfdd3aba9..000000000 --- a/queries/aws_iam_policy_attachment_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_iam_policy_attachment_3 -Title: "Find Relationships Between AWS IAM Policies and Entities" -Description: "Allows users to query IAM Policy Attachments in AWS to gather information about the relationship between IAM policies and their associated entities (users, groups, and roles)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as policy_name, - policy_arn, - jsonb_pretty(policy_users) as policy_users - from - aws_iam_policy p - left join aws_iam_policy_attachment a on p.arn = a.policy_arn - where - name = 'AdministratorAccess' and a.is_attached; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Policy diff --git a/queries/aws_iam_policy_simulator_1.yaml.bak b/queries/aws_iam_policy_simulator_1.yaml.bak deleted file mode 100755 index 02eca0ab6..000000000 --- a/queries/aws_iam_policy_simulator_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_iam_policy_simulator_1 -Title: "Find IAM Policy Simulator Results for Access Control Evaluation" -Description: "Allows users to query IAM Policy Simulator for evaluating the effects of IAM access control policies. It provides information such as evaluation results, matching resources, and involved actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - decision - from - aws_iam_policy_simulator - where - action = 's3:DeleteBucket' - and resource_arn = '*' - and principal_arn = 'arn:aws:iam::012345678901:user/bob'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Policy Simulator diff --git a/queries/aws_iam_policy_simulator_2.yaml.bak b/queries/aws_iam_policy_simulator_2.yaml.bak deleted file mode 100755 index 7e0e4cb90..000000000 --- a/queries/aws_iam_policy_simulator_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_iam_policy_simulator_2 -Title: "Find AWS IAM Policy Simulator Evaluation Results for Control Policies" -Description: "Allows users to query IAM Policy Simulator for evaluating the effects of IAM access control policies. It provides information such as evaluation results, matching resources, and involved actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - decision, - jsonb_pretty(matched_statements) - from - aws_iam_policy_simulator - where - action = 'ec2:terminateinstances' - and resource_arn = '*' - and principal_arn = 'arn:aws:iam::012345678901:user/bob'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Policy Simulator diff --git a/queries/aws_iam_policy_simulator_3.yaml.bak b/queries/aws_iam_policy_simulator_3.yaml.bak deleted file mode 100755 index 3cb4b761e..000000000 --- a/queries/aws_iam_policy_simulator_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iam_policy_simulator_3 -Title: "List all AWS IAM Policy Simulator evaluation results" -Description: "Allows users to query IAM Policy Simulator for evaluating the effects of IAM access control policies. It provides information such as evaluation results, matching resources, and involved actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - u.name, - decision - from - aws_iam_policy_simulator p, - aws_iam_user u - where - action = 'sts:AssumeRole' - and resource_arn = '*' - and p.principal_arn = u.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Policy Simulator diff --git a/queries/aws_iam_role_1.yaml.bak b/queries/aws_iam_role_1.yaml.bak deleted file mode 100755 index effba2eae..000000000 --- a/queries/aws_iam_role_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_iam_role_1 -Title: "Find IAM Roles with Inline Policies in AWS" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - create_date - from - aws_iam_role - where - inline_policies is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_role_10.yaml.bak b/queries/aws_iam_role_10.yaml.bak deleted file mode 100755 index 8e3400817..000000000 --- a/queries/aws_iam_role_10.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: aws_iam_role_10 -Title: "Find all AWS Identity and Access Management (IAM) Roles" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - iam.arn as resource, - iam.description, - iam.assume_role_policy_std, - case - when pstatement -> 'Condition' -> 'StringLike' -> 'token.actions.githubusercontent.com:sub' is not null - or pstatement -> 'Condition' -> 'StringEquals' -> 'token.actions.githubusercontent.com:sub' is not null then 'ok' - else 'alarm' - end as status, - case - when pstatement -> 'Condition' -> 'StringLike' -> 'token.actions.githubusercontent.com:sub' is not null - or pstatement -> 'Condition' -> 'StringEquals' -> 'token.actions.githubusercontent.com:sub' is not null then iam.arn || ' Condition Check Exists' - else iam.arn || ' Missing Condition Check' - end as reason - from - aws_iam_role as iam, - jsonb_array_elements(iam.assume_role_policy_std -> 'Statement') as pstatement - where - pstatement -> 'Action' ?& array [ 'sts:assumerolewithwebidentity' ] - and (pstatement -> 'Principal' -> 'Federated') :: text like '%token.actions.githubusercontent.com%' - order by - status asc - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM Roles diff --git a/queries/aws_iam_role_2.yaml.bak b/queries/aws_iam_role_2.yaml.bak deleted file mode 100755 index 6f4d4af93..000000000 --- a/queries/aws_iam_role_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_iam_role_2 -Title: "Find AWS IAM Roles' Permissions, Policies & Metadata" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - split_part(policy, '/', 3) as attached_policy - from - aws_iam_role - cross join jsonb_array_elements_text(attached_policy_arns) as policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_iam_role_3.yaml.bak b/queries/aws_iam_role_3.yaml.bak deleted file mode 100755 index 063f4d535..000000000 --- a/queries/aws_iam_role_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_iam_role_3 -Title: "Find AWS IAM Roles and Their Associated Metadata" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - permissions_boundary_arn, - permissions_boundary_type - from - aws_iam_role; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_role_4.yaml.bak b/queries/aws_iam_role_4.yaml.bak deleted file mode 100755 index 6b1d3215a..000000000 --- a/queries/aws_iam_role_4.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_iam_role_4 -Title: "Find all AWS IAM Role Permissions and Trust Policies" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name as role_name, - p.name as policy_name - from - aws_iam_role as r, - jsonb_array_elements_text(r.attached_policy_arns) as policy_arn, - aws_iam_policy as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action - where - policy_arn = p.arn - and stmt ->> 'Effect' = 'Allow' - and action = '*' - order by - r.name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_role_4.yaml.bak.bak b/queries/aws_iam_role_4.yaml.bak.bak deleted file mode 100755 index 6b1d3215a..000000000 --- a/queries/aws_iam_role_4.yaml.bak.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_iam_role_4 -Title: "Find all AWS IAM Role Permissions and Trust Policies" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name as role_name, - p.name as policy_name - from - aws_iam_role as r, - jsonb_array_elements_text(r.attached_policy_arns) as policy_arn, - aws_iam_policy as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action - where - policy_arn = p.arn - and stmt ->> 'Effect' = 'Allow' - and action = '*' - order by - r.name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_role_5.yaml.bak b/queries/aws_iam_role_5.yaml.bak deleted file mode 100755 index a6a833cd6..000000000 --- a/queries/aws_iam_role_5.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_iam_role_5 -Title: "Find AWS IAM Roles and Policies Permissions Metadata" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name as role_name, - p.name as policy_name, - stmt ->> 'Sid' as statement, - action - from - aws_iam_role as r, - jsonb_array_elements_text(r.attached_policy_arns) as policy_arn, - aws_iam_policy as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action - where - r.name = 'owner' - and policy_arn = p.arn - and ( - action like '%*%' - or action like '%?%' - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_iam_role_6.yaml.bak b/queries/aws_iam_role_6.yaml.bak deleted file mode 100755 index abbf002f0..000000000 --- a/queries/aws_iam_role_6.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: aws_iam_role_6 -Title: "Find All AWS IAM Roles, Permissions, Trust Policies" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name, - a.action, - a.access_level, - a.description - from - aws_iam_role as r, - jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, - aws_iam_policy as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob(action_glob) as action_regex - join aws_iam_action as a on a.action like action_regex - where - pol_arn = p.arn - and stmt ->> 'Effect' = 'Allow' - and r.name = 'AWSServiceRoleForRDS' - and access_level not in ('List', 'Read') - order by - action; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_role_7.yaml.bak b/queries/aws_iam_role_7.yaml.bak deleted file mode 100755 index d0754f8a1..000000000 --- a/queries/aws_iam_role_7.yaml.bak +++ /dev/null @@ -1,81 +0,0 @@ -ID: aws_iam_role_7 -Title: "Find All AWS IAM Roles Permissions and Trust Policies" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with roles as ( - select - name, - attached_policy_arns - from - aws_iam_role - where - name in ('AWSServiceRoleForSSO', 'AWSServiceRoleForRDS') - ), - policies as ( - select - name, - arn, - policy_std - from - aws_iam_policy - ), - role1_permissions as ( - select - r.name, - a.action, - a.access_level, - a.description - from - roles as r, - jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, - policies as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob (action_glob) as action_regex - join aws_iam_action a on a.action like action_regex - where - pol_arn = p.arn - and stmt ->> 'Effect' = 'Allow' - and r.name = 'AWSServiceRoleForSSO' - ), - role2_permissions as ( - select - r.name, - a.action, - a.access_level, - a.description - from - roles as r, - jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, - policies as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob (action_glob) as action_regex - join aws_iam_action a on a.action like action_regex - where - pol_arn = p.arn - and stmt ->> 'Effect' = 'Allow' - and r.name = 'AWSServiceRoleForRDS' - ) - select - * - from - role2_permissions - where - action not in ( select action from role1_permissions) - order by - action; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_role_8.yaml.bak b/queries/aws_iam_role_8.yaml.bak deleted file mode 100755 index 44e1f2c6a..000000000 --- a/queries/aws_iam_role_8.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_iam_role_8 -Title: "Find IAM Roles, Insights into Permissions and Policies in AWS" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - maintenance.name, - admin.name, - jsonb_pretty(maintenance_stmt), - jsonb_pretty(admin_stmt) - from - -- use the account to get the organization_id - aws_account as a, - -- check any role as the "maintenance-role" - aws_iam_role as maintenance, - -- Combine via join with any role as the "admin-role" - aws_iam_role as admin, - jsonb_array_elements(maintenance.assume_role_policy_std -> 'Statement') as maintenance_stmt, - jsonb_array_elements(admin.assume_role_policy_std -> 'Statement') as admin_stmt - where - -- maintenance role can be assumed by any AWS principal - maintenance_stmt -> 'Principal' -> 'AWS' ? '*' - -- maintenance role principal must be in same account - and maintenance_stmt -> 'Condition' -> 'StringEquals' -> 'aws:principalorgid' ? a.organization_id - -- admin role specifically allow maintenance role - and admin_stmt -> 'Principal' -> 'AWS' ? maintenance.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_role_9.yaml.bak b/queries/aws_iam_role_9.yaml.bak deleted file mode 100755 index e1b68cce1..000000000 --- a/queries/aws_iam_role_9.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iam_role_9 -Title: "Find all AWS IAM Roles with Permissions and Trust Policies" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name, - stmt - from - aws_iam_role as r, - jsonb_array_elements(r.assume_role_policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Principal' -> 'AWS') as trust - where - trust = '*' - or trust like 'arn:aws:iam::%:role/%' - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_saml_provider_1.yaml.bak b/queries/aws_iam_saml_provider_1.yaml.bak deleted file mode 100755 index b978502d7..000000000 --- a/queries/aws_iam_saml_provider_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iam_saml_provider_1 -Title: "Find AWS IAM SAML Providers with Details" -Description: "Allows users to query AWS IAM SAML Providers and retrieve detailed information about each SAML provider within AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - valid_until, - region, - account_id - from - aws_iam_saml_provider; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management (IAM) diff --git a/queries/aws_iam_saml_provider_2.yaml.bak b/queries/aws_iam_saml_provider_2.yaml.bak deleted file mode 100755 index 89a981ed3..000000000 --- a/queries/aws_iam_saml_provider_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_iam_saml_provider_2 -Title: "Find all AWS IAM SAML Providers and Details" -Description: "Allows users to query AWS IAM SAML Providers and retrieve detailed information about each SAML provider within AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - valid_until, - region, - account_id - from - aws_iam_saml_provider - where - create_date <= (current_date - interval '90' day) - order by - create_date; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_iam_saml_provider_3.yaml.bak b/queries/aws_iam_saml_provider_3.yaml.bak deleted file mode 100755 index 40aed3522..000000000 --- a/queries/aws_iam_saml_provider_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iam_saml_provider_3 -Title: "Find AWS IAM SAML Providers expiring within 30 days" -Description: "Allows users to query AWS IAM SAML Providers and retrieve detailed information about each SAML provider within AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - valid_until, - region, - account_id - from - aws_iam_saml_provider - where - valid_until <= (current_date - interval '30' day) - order by - valid_until; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_iam_server_certificate_1.yaml.bak b/queries/aws_iam_server_certificate_1.yaml.bak deleted file mode 100755 index 099f251ad..000000000 --- a/queries/aws_iam_server_certificate_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_iam_server_certificate_1 -Title: "Find AWS IAM Server Certificates" -Description: "Allows users to query AWS IAM Server Certificates" -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - server_certificate_id, - upload_date, - expiration - from - aws_iam_server_certificate; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_server_certificate_1.yaml.bak.bak b/queries/aws_iam_server_certificate_1.yaml.bak.bak deleted file mode 100755 index 099f251ad..000000000 --- a/queries/aws_iam_server_certificate_1.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_iam_server_certificate_1 -Title: "Find AWS IAM Server Certificates" -Description: "Allows users to query AWS IAM Server Certificates" -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - server_certificate_id, - upload_date, - expiration - from - aws_iam_server_certificate; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_server_certificate_2.yaml.bak b/queries/aws_iam_server_certificate_2.yaml.bak deleted file mode 100755 index 6f36c7cb3..000000000 --- a/queries/aws_iam_server_certificate_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_iam_server_certificate_2 -Title: "Find AWS IAM Server Certificates with Expiry Info" -Description: "Allows users to query AWS IAM Server Certificates" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - expiration - from - aws_iam_server_certificate - where - expiration < now()::timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_service_specific_credential_1.yaml.bak b/queries/aws_iam_service_specific_credential_1.yaml.bak deleted file mode 100755 index 89478d62c..000000000 --- a/queries/aws_iam_service_specific_credential_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_iam_service_specific_credential_1 -Title: "Find AWS IAM Service Specific Credentials Details" -Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_specific_credential_id, - create_date, - user_name - from - aws_iam_service_specific_credential; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_service_specific_credential_2.yaml.bak b/queries/aws_iam_service_specific_credential_2.yaml.bak deleted file mode 100755 index 055aa3f87..000000000 --- a/queries/aws_iam_service_specific_credential_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_iam_service_specific_credential_2 -Title: "List AWS IAM Service Specific Credentials Details" -Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.service_name as service_name, - s.service_specific_credential_id as service_specific_credential_id, - u.name as user_name, - u.user_id as user_id, - u.password_last_used as password_last_used, - u.mfa_enabled as mfa_enabled - from - aws_iam_service_specific_credential as s, - aws_iam_user as u - where - s.user_name = u.name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_service_specific_credential_2.yaml.bak.bak b/queries/aws_iam_service_specific_credential_2.yaml.bak.bak deleted file mode 100755 index 055aa3f87..000000000 --- a/queries/aws_iam_service_specific_credential_2.yaml.bak.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_iam_service_specific_credential_2 -Title: "List AWS IAM Service Specific Credentials Details" -Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.service_name as service_name, - s.service_specific_credential_id as service_specific_credential_id, - u.name as user_name, - u.user_id as user_id, - u.password_last_used as password_last_used, - u.mfa_enabled as mfa_enabled - from - aws_iam_service_specific_credential as s, - aws_iam_user as u - where - s.user_name = u.name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_service_specific_credential_3.yaml.bak b/queries/aws_iam_service_specific_credential_3.yaml.bak deleted file mode 100755 index 1159b20dd..000000000 --- a/queries/aws_iam_service_specific_credential_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_iam_service_specific_credential_3 -Title: "Find AWS IAM Service Credentials and Detailed Info" -Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_specific_credential_id, - create_date, - user_name - from - aws_iam_service_specific_credential - where - create_date <= current_date - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_user_1.yaml.bak b/queries/aws_iam_user_1.yaml.bak deleted file mode 100755 index 0cb12b2ef..000000000 --- a/queries/aws_iam_user_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iam_user_1 -Title: "List all AWS IAM User details with creation date" -Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - user_id, - path, - create_date, - password_last_used - from - aws_iam_user; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_user_2.yaml.bak b/queries/aws_iam_user_2.yaml.bak deleted file mode 100755 index 5e93f2fa3..000000000 --- a/queries/aws_iam_user_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iam_user_2 -Title: "Find AWS IAM User Data for Security Audits & Enforcement" -Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as user_name, - iam_group ->> 'GroupName' as group_name, - iam_group ->> 'GroupId' as group_id, - iam_group ->> 'CreateDate' as create_date - from - aws_iam_user - cross join jsonb_array_elements(groups) as iam_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_user_2.yaml.bak.bak b/queries/aws_iam_user_2.yaml.bak.bak deleted file mode 100755 index 5e93f2fa3..000000000 --- a/queries/aws_iam_user_2.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iam_user_2 -Title: "Find AWS IAM User Data for Security Audits & Enforcement" -Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as user_name, - iam_group ->> 'GroupName' as group_name, - iam_group ->> 'GroupId' as group_id, - iam_group ->> 'CreateDate' as create_date - from - aws_iam_user - cross join jsonb_array_elements(groups) as iam_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_user_3.yaml.bak b/queries/aws_iam_user_3.yaml.bak deleted file mode 100755 index 1a99d6f85..000000000 --- a/queries/aws_iam_user_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iam_user_3 -Title: "Find all AWS IAM Users with Specific Policies" -Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as user_name, - split_part(attachments, '/', 2) as attached_policies - from - aws_iam_user - cross join jsonb_array_elements_text(attached_policy_arns) as attachments - where - split_part(attachments, '/', 2) = 'AdministratorAccess'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_user_4.yaml.bak b/queries/aws_iam_user_4.yaml.bak deleted file mode 100755 index 87428a918..000000000 --- a/queries/aws_iam_user_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iam_user_4 -Title: "Find all non-MFA enabled AWS IAM Users with SQL" -Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - user_id, - mfa_enabled - from - aws_iam_user - where - not mfa_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_user_5.yaml.bak b/queries/aws_iam_user_5.yaml.bak deleted file mode 100755 index e2b0fb400..000000000 --- a/queries/aws_iam_user_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iam_user_5 -Title: "Find all AWS IAM User Data for Audits and Troubleshooting" -Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as user_name, - split_part(attachments, '/', 2) as attached_policies - from - aws_iam_user - cross join jsonb_array_elements_text(attached_policy_arns) as attachments; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_user_6.yaml.bak b/queries/aws_iam_user_6.yaml.bak deleted file mode 100755 index 85448e1d8..000000000 --- a/queries/aws_iam_user_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_iam_user_6 -Title: "Find AWS IAM Users with Inline Policies" -Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as user_name, - inline_policies - from - aws_iam_user - where - inline_policies is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IAM diff --git a/queries/aws_iam_virtual_mfa_device_1.yaml.bak b/queries/aws_iam_virtual_mfa_device_1.yaml.bak deleted file mode 100755 index 49b264221..000000000 --- a/queries/aws_iam_virtual_mfa_device_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_iam_virtual_mfa_device_1 -Title: "Find all AWS IAM Virtual MFA Devices" -Description: "Allows users to query Virtual MFA Devices in AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - serial_number, - enable_date, - user_name - from - aws_iam_virtual_mfa_device; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_iam_virtual_mfa_device_2.yaml.bak b/queries/aws_iam_virtual_mfa_device_2.yaml.bak deleted file mode 100755 index a12ea4078..000000000 --- a/queries/aws_iam_virtual_mfa_device_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iam_virtual_mfa_device_2 -Title: "Find all AWS IAM Virtual MFA Devices" -Description: "Allows users to query Virtual MFA Devices in AWS Identity and Access Management (IAM)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - u.user_id, - mfa.serial_number, - path, - create_date, - password_last_used - from - aws_iam_user u - inner join aws_iam_virtual_mfa_device mfa on u.name = mfa.user_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity and Access Management diff --git a/queries/aws_identitystore_group_1.yaml.bak b/queries/aws_identitystore_group_1.yaml.bak deleted file mode 100755 index 724146463..000000000 --- a/queries/aws_identitystore_group_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_identitystore_group_1 -Title: "Find AWS Identity Store Groups Information" -Description: "Allows users to query AWS Identity Store Groups to obtain information about the identity and attributes of groups in AWS." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name - from - aws_identitystore_group - where identity_store_id = 'd-1234567890' and id = '1234567890-12345678-abcd-abcd-abcd-1234567890ab'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity Store diff --git a/queries/aws_identitystore_group_2.yaml.bak b/queries/aws_identitystore_group_2.yaml.bak deleted file mode 100755 index c650baf0b..000000000 --- a/queries/aws_identitystore_group_2.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_identitystore_group_2 -Title: "Find AWS Identity Store Groups Information" -Description: "Allows users to query AWS Identity Store Groups to obtain information about the identity and attributes of groups in AWS." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name - from - aws_identitystore_group - where identity_store_id = 'd-1234567890' and name = 'test'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity Store diff --git a/queries/aws_identitystore_group_membership_1.yaml.bak b/queries/aws_identitystore_group_membership_1.yaml.bak deleted file mode 100755 index 0f4e8062f..000000000 --- a/queries/aws_identitystore_group_membership_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_identitystore_group_membership_1 -Title: "Find All AWS Identity Store Group Memberships" -Description: "Allows users to query AWS Identity Store Group Memberships, providing information about AWS users'' membership status within various identity groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity_store_id, - group_id, - membership_id, - member_id - from - aws_identitystore_group_membership - where - identity_store_id = 'd-1234567890'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Identity Store diff --git a/queries/aws_identitystore_group_membership_2.yaml.bak b/queries/aws_identitystore_group_membership_2.yaml.bak deleted file mode 100755 index 4014c23b6..000000000 --- a/queries/aws_identitystore_group_membership_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_identitystore_group_membership_2 -Title: "Find AWS Identity Store Group Memberships" -Description: "Allows users to query AWS Identity Store Group Memberships, providing information about AWS users'' membership status within various identity groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - m.membership_id, - m.group_id, - m.identity_store_id, - u.name as user_name - from - aws_identitystore_group_membership as m, - aws_identitystore_user as u - where - m.identity_store_id = 'd-1234567890' - and u.identity_store_id = m.identity_store_id - and u.id = m.member_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity Store diff --git a/queries/aws_identitystore_group_membership_3.yaml.bak b/queries/aws_identitystore_group_membership_3.yaml.bak deleted file mode 100755 index c41455c4e..000000000 --- a/queries/aws_identitystore_group_membership_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_identitystore_group_membership_3 -Title: "Find AWS Identity Store Group Membership Details" -Description: "Allows users to query AWS Identity Store Group Memberships, providing information about AWS users'' membership status within various identity groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - m.membership_id, - m.group_id, - m.identity_store_id, - g.name as group_name - from - aws_identitystore_group_membership as m, - aws_identitystore_group as g - where - m.identity_store_id = 'd-1234567890' - and g.identity_store_id = m.identity_store_id - and g.id = m.group_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity Store diff --git a/queries/aws_identitystore_user_1.yaml.bak b/queries/aws_identitystore_user_1.yaml.bak deleted file mode 100755 index 956492963..000000000 --- a/queries/aws_identitystore_user_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_identitystore_user_1 -Title: "List AWS Identity Store User Details by ID and Identity Store ID" -Description: "Allows users to query AWS Identity Store User data, providing details such as user ID, username, and ARN. This table is essential for managing and auditing user information within the AWS Identity Store." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name - from - aws_identitystore_user - where identity_store_id = 'd-1234567890' and id = '1234567890-12345678-abcd-abcd-abcd-1234567890ab'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Identity Store diff --git a/queries/aws_identitystore_user_2.yaml.bak b/queries/aws_identitystore_user_2.yaml.bak deleted file mode 100755 index b966fc335..000000000 --- a/queries/aws_identitystore_user_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_identitystore_user_2 -Title: "Query AWS Identity Store User Data in AWS Identity Store" -Description: "Allows users to query AWS Identity Store User data, providing details such as user ID, username, and ARN. This table is essential for managing and auditing user information within the AWS Identity Store." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name - from - aws_identitystore_user - where identity_store_id = 'd-1234567890' and name = 'test'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Identity Store diff --git a/queries/aws_inspector2_coverage_1.yaml.bak b/queries/aws_inspector2_coverage_1.yaml.bak deleted file mode 100755 index 68d457deb..000000000 --- a/queries/aws_inspector2_coverage_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_inspector2_coverage_1 -Title: "List AWS Inspector Coverage Assessment Targets & Templates" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - resource_id, - resource_type, - scan_type, - scan_status_reason, - scan_status_code - from - aws_inspector2_coverage; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_coverage_2.yaml.bak b/queries/aws_inspector2_coverage_2.yaml.bak deleted file mode 100755 index 1d8fd24a0..000000000 --- a/queries/aws_inspector2_coverage_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_inspector2_coverage_2 -Title: "Find all AWS Inspector Coverage Details" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - resource_id, - resource_type, - scan_status_code - from - aws_inspector2_coverage - where - scan_status_code = 'INACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_coverage_3.yaml.bak b/queries/aws_inspector2_coverage_3.yaml.bak deleted file mode 100755 index 8e1bf47b8..000000000 --- a/queries/aws_inspector2_coverage_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector2_coverage_3 -Title: "Find AWS Inspector Coverage and Assessment Templates" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - scan_type, - resource_id as ec2_instance_id, - resource_type, - ec2_ami_id, - ec2_platform - from - aws_inspector2_coverage - where - resource_type = `aws_EC2_INSTANCE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_coverage_3.yaml.bak.bak b/queries/aws_inspector2_coverage_3.yaml.bak.bak deleted file mode 100755 index 8e1bf47b8..000000000 --- a/queries/aws_inspector2_coverage_3.yaml.bak.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector2_coverage_3 -Title: "Find AWS Inspector Coverage and Assessment Templates" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - scan_type, - resource_id as ec2_instance_id, - resource_type, - ec2_ami_id, - ec2_platform - from - aws_inspector2_coverage - where - resource_type = `aws_EC2_INSTANCE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_coverage_4.yaml.bak b/queries/aws_inspector2_coverage_4.yaml.bak deleted file mode 100755 index 91070d988..000000000 --- a/queries/aws_inspector2_coverage_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_inspector2_coverage_4 -Title: "List AWS Inspector Coverage Data on Assessment Targets" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - scan_type, - resource_id as ec2_instance_id, - resource_type, - ec2_ami_id, - ec2_platform, - ec2_instance_tags - from - aws_inspector2_coverage - where - ec2_instance_tags = '{"foo": "bar", "foo1": "bar1"}'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_coverage_5.yaml.bak b/queries/aws_inspector2_coverage_5.yaml.bak deleted file mode 100755 index a44382718..000000000 --- a/queries/aws_inspector2_coverage_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_inspector2_coverage_5 -Title: "List AWS Inspector Coverage Data on Assessment Targets" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - scan_type, - resource_id as ec2_instance_id, - resource_type, - lambda_function_name, - lambda_function_runtime, - lambda_function_tags - from - aws_inspector2_coverage - where - lambda_function_tags = '{"foo": "bar", "foo1": "bar1"}'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_coverage_6.yaml.bak b/queries/aws_inspector2_coverage_6.yaml.bak deleted file mode 100755 index be192e124..000000000 --- a/queries/aws_inspector2_coverage_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_inspector2_coverage_6 -Title: "Find AWS Inspector Coverage Data for Assessment Targets" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - resource_id, - resource_type, - scan_type - from - aws_inspector2_coverage - where - scan_type = 'PACKAGE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_coverage_7.yaml.bak b/queries/aws_inspector2_coverage_7.yaml.bak deleted file mode 100755 index 869127c96..000000000 --- a/queries/aws_inspector2_coverage_7.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_inspector2_coverage_7 -Title: "List all AWS Inspector Coverage Data Details" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.resource_id, - c.resource_type, - c.ecr_repository_name, - r.registry_id, - r.repository_uri, - r.encryption_configuration - from - aws_inspector2_coverage as c, - aws_ecr_repository as r - where - r.repository_name = c.ecr_repository_name - and - c.resource_type = `AWS_ECR_REPOSITORY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_coverage_8.yaml.bak b/queries/aws_inspector2_coverage_8.yaml.bak deleted file mode 100755 index 5ff4cefdc..000000000 --- a/queries/aws_inspector2_coverage_8.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_inspector2_coverage_8 -Title: "Find AWS Inspector Coverage Data on Assessment Targets" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.resource_id, - c.resource_type, - c.lambda_function_name, - f.arn as lambda_function_arn, - c.lambda_function_runtime, - f.code_sha_256, - f.code_size, - f.kms_key_arn, - f.package_type - from - aws_inspector2_coverage as c, - aws_lambda_function as f - where - f.name = c.lambda_function_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_coverage_9.yaml.bak b/queries/aws_inspector2_coverage_9.yaml.bak deleted file mode 100755 index 941765b55..000000000 --- a/queries/aws_inspector2_coverage_9.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_inspector2_coverage_9 -Title: "Find AWS Inspector Coverage Data for EC2 Instances" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.resource_id as ec2_instance_id, - c.resource_type, - c.ec2_ami_id, - i.instance_type, - i.instance_state, - i.disable_api_termination, - i.ebs_optimized - from - aws_inspector2_coverage as c, - aws_ec2_instance as i - where - i.instance_id = c.resource_id - and - c.resource_type = `AWS_EC2_INSTANCE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Inspector diff --git a/queries/aws_inspector2_coverage_statistics_1.yaml.bak b/queries/aws_inspector2_coverage_statistics_1.yaml.bak deleted file mode 100755 index 1ae1268f5..000000000 --- a/queries/aws_inspector2_coverage_statistics_1.yaml.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: aws_inspector2_coverage_statistics_1 -Title: "Find Detailed AWS Inspector2 Coverage Statistics" -Description: "Allows users to query AWS Inspector2 Coverage Statistics to obtain detailed information about the assessment targets and the number of instances they cover." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - total_counts, - counts_by_group - from - aws_inspector2_coverage_statistics; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector2 diff --git a/queries/aws_inspector2_coverage_statistics_2.yaml.bak b/queries/aws_inspector2_coverage_statistics_2.yaml.bak deleted file mode 100755 index 5c4cccfa2..000000000 --- a/queries/aws_inspector2_coverage_statistics_2.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_inspector2_coverage_statistics_2 -Title: "Find AWS Inspector2 Coverage Statistics Details" -Description: "Allows users to query AWS Inspector2 Coverage Statistics to obtain detailed information about the assessment targets and the number of instances they cover." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - g ->> 'Count' as count, - g ->> 'GroupKey' as group_key - from - aws_inspector2_coverage_statistics, - jsonb_array_elements(counts_by_group) as g; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector2 diff --git a/queries/aws_inspector2_coverage_statistics_2.yaml.bak.bak b/queries/aws_inspector2_coverage_statistics_2.yaml.bak.bak deleted file mode 100755 index 5c4cccfa2..000000000 --- a/queries/aws_inspector2_coverage_statistics_2.yaml.bak.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_inspector2_coverage_statistics_2 -Title: "Find AWS Inspector2 Coverage Statistics Details" -Description: "Allows users to query AWS Inspector2 Coverage Statistics to obtain detailed information about the assessment targets and the number of instances they cover." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - g ->> 'Count' as count, - g ->> 'GroupKey' as group_key - from - aws_inspector2_coverage_statistics, - jsonb_array_elements(counts_by_group) as g; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector2 diff --git a/queries/aws_inspector2_finding_1.yaml.bak b/queries/aws_inspector2_finding_1.yaml.bak deleted file mode 100755 index e4cc980e9..000000000 --- a/queries/aws_inspector2_finding_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_inspector2_finding_1 -Title: "Find AWS Inspector Findings and Insights Using SQL" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - fix_available, - inspector_score, - severity, - finding_account_id - from - aws_inspector2_finding; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_10.yaml.bak b/queries/aws_inspector2_finding_10.yaml.bak deleted file mode 100755 index 5d97919e0..000000000 --- a/queries/aws_inspector2_finding_10.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_inspector2_finding_10 -Title: "Find all AWS Inspector findings with fix available" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - finding_account_id, - first_observed_at, - fix_available, - exploit_available - from - aws_inspector2_finding - where - fix_available = 'YES'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_11.yaml.bak b/queries/aws_inspector2_finding_11.yaml.bak deleted file mode 100755 index e0b8a7542..000000000 --- a/queries/aws_inspector2_finding_11.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_inspector2_finding_11 -Title: "Find AWS Inspector findings and security issues" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - inspector_score, - first_observed_at, - last_observed_at - inspector_score_details - from - aws_inspector2_finding - order by - inspector_score desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_12.yaml.bak b/queries/aws_inspector2_finding_12.yaml.bak deleted file mode 100755 index 14f1260c5..000000000 --- a/queries/aws_inspector2_finding_12.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_inspector2_finding_12 -Title: "Find AWS Inspector findings and security issues" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - inspector_score_details -> 'AdjustedCvss' ->> 'Score' as adjusted_cvss_score, - inspector_score_details -> 'AdjustedCvss' ->> 'ScScoreSourceore' as adjusted_cvss_source_score, - inspector_score_details -> 'AdjustedCvss' ->> 'ScoScoringVectorre' as adjusted_cvss_scoring_vector, - inspector_score_details -> 'AdjustedCvss' ->> 'Version' as adjusted_cvss_version, - inspector_score_details -> 'AdjustedCvss' -> 'Adjustments' as adjusted_cvss_adjustments, - inspector_score_details -> 'AdjustedCvss' ->> 'CvssSource' as adjusted_cvss_cvss_source - from - aws_inspector2_finding; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_13.yaml.bak b/queries/aws_inspector2_finding_13.yaml.bak deleted file mode 100755 index 4ce685854..000000000 --- a/queries/aws_inspector2_finding_13.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_inspector2_finding_13 -Title: "Find all AWS Inspector findings for security insights" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - network_reachability_details -> 'NetworkPath' -> 'Steps' as network_pathsteps, - network_reachability_details -> 'OpenPortRange' ->> 'Begin' as open_port_range_begin, - network_reachability_details -> 'OpenPortRange' ->> 'End' as open_port_range_end, - network_reachability_details -> 'Protocol' as protocol - from - aws_inspector2_finding; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_13.yaml.bak.bak b/queries/aws_inspector2_finding_13.yaml.bak.bak deleted file mode 100755 index 4ce685854..000000000 --- a/queries/aws_inspector2_finding_13.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_inspector2_finding_13 -Title: "Find all AWS Inspector findings for security insights" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - network_reachability_details -> 'NetworkPath' -> 'Steps' as network_pathsteps, - network_reachability_details -> 'OpenPortRange' ->> 'Begin' as open_port_range_begin, - network_reachability_details -> 'OpenPortRange' ->> 'End' as open_port_range_end, - network_reachability_details -> 'Protocol' as protocol - from - aws_inspector2_finding; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_14.yaml.bak b/queries/aws_inspector2_finding_14.yaml.bak deleted file mode 100755 index 909c8dba2..000000000 --- a/queries/aws_inspector2_finding_14.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector2_finding_14 -Title: "List AWS Inspector Findings with Severity and Status" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - finding_account_id, - first_observed_at, - fix_available, - exploit_available, - resource_tags - from - aws_inspector2_finding - where - resource_tags = '[{"key": "Name", "value": "Dev"}, {"key": "Name", "value": "Prod"}]'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_15.yaml.bak b/queries/aws_inspector2_finding_15.yaml.bak deleted file mode 100755 index 48de1c08b..000000000 --- a/queries/aws_inspector2_finding_15.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector2_finding_15 -Title: "Find AWS Inspector Findings and Security Issues" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - finding_account_id, - first_observed_at, - fix_available, - exploit_available, - vulnerable_package - from - aws_inspector2_finding - where - vulnerable_package = '[{"architecture": "arc", "epoch": "231321", "name": "myVulere", "release": "v0.2.0", "sourceLambdaLayerArn": "arn:aws:lambda:us-west-2:123456789012:layer:my-layer:1", "sourceLayerHash": "dbasjkhda872", "version": "v0.1.0"}]'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_2.yaml.bak b/queries/aws_inspector2_finding_2.yaml.bak deleted file mode 100755 index 59a04d0ae..000000000 --- a/queries/aws_inspector2_finding_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_inspector2_finding_2 -Title: "Find AWS Inspector Findings with High Severity" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - source, - vendor_severity, - status, - severity - from - aws_inspector2_finding - where - severity = 'HIGH'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_3.yaml.bak b/queries/aws_inspector2_finding_3.yaml.bak deleted file mode 100755 index 90e6ab894..000000000 --- a/queries/aws_inspector2_finding_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_inspector2_finding_3 -Title: "Find Insights into AWS Inspector Security Issues" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - severity, - count(severity) - from - aws_inspector2_finding - group by - severity - order by - severity; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_4.yaml.bak b/queries/aws_inspector2_finding_4.yaml.bak deleted file mode 100755 index b7ab08ab6..000000000 --- a/queries/aws_inspector2_finding_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_inspector2_finding_4 -Title: "Find all AWS Inspector findings with details" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - severity - from - aws_inspector2_finding - where - last_observed_at >= now() - interval '10' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_5.yaml.bak b/queries/aws_inspector2_finding_5.yaml.bak deleted file mode 100755 index 7c090e8fb..000000000 --- a/queries/aws_inspector2_finding_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_inspector2_finding_5 -Title: "Find AWS Inspector suppressed findings" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - status, - type, - resources, - vulnerable_packages - from - aws_inspector2_finding - where - status = 'SUPPRESSED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_6.yaml.bak b/queries/aws_inspector2_finding_6.yaml.bak deleted file mode 100755 index a322ec6e7..000000000 --- a/queries/aws_inspector2_finding_6.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_inspector2_finding_6 -Title: "Find AWS Inspector findings to identify vulnerabilities" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - status, - type, - resources, - vulnerable_packages - from - aws_inspector2_finding - where - type = 'PACKAGE_VULNERABILITY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_6.yaml.bak.bak b/queries/aws_inspector2_finding_6.yaml.bak.bak deleted file mode 100755 index a322ec6e7..000000000 --- a/queries/aws_inspector2_finding_6.yaml.bak.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_inspector2_finding_6 -Title: "Find AWS Inspector findings to identify vulnerabilities" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - status, - type, - resources, - vulnerable_packages - from - aws_inspector2_finding - where - type = 'PACKAGE_VULNERABILITY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_7.yaml.bak b/queries/aws_inspector2_finding_7.yaml.bak deleted file mode 100755 index 1dd642f17..000000000 --- a/queries/aws_inspector2_finding_7.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_inspector2_finding_7 -Title: "Query AWS Inspector findings for security insights" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.arn as finding_arn, - r ->> 'Id' as resource_id, - r ->> 'Type' as resource_type, - r ->> 'Details' as resource_details, - r ->> 'Partition' as partition, - r ->> 'Tags' as resource_tags - from - aws_inspector2_finding as f, - jsonb_array_elements(resources) as r; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_8.yaml.bak b/queries/aws_inspector2_finding_8.yaml.bak deleted file mode 100755 index efa3bf15e..000000000 --- a/queries/aws_inspector2_finding_8.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_inspector2_finding_8 -Title: "Find AWS Inspector findings and vulnerabilities via SQL" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.arn, - f.vulnerability_id, - v ->> 'Name' as vulnerability_package_name, - v ->> 'Version' as vulnerability_package_version, - v ->> 'Arch' as vulnerability_package_arch, - v ->> 'Epoch' as vulnerability_package_epoch, - v ->> 'FilePath' as vulnerability_package_file_path, - v ->> 'FixedInVersion' as vulnerability_package_fixed_in_version, - v ->> 'PackageManager' as vulnerability_package_package_manager, - v ->> 'Release' as vulnerability_package_release, - v ->> 'Remediation' as vulnerability_package_remediation, - v ->> 'SourceLambdaLayerArn' as source_lambda_layer_arn, - v ->> 'Name' as source_layer_hash - from - aws_inspector2_finding as f, - jsonb_array_elements(vulnerable_packages) as v; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_finding_9.yaml.bak b/queries/aws_inspector2_finding_9.yaml.bak deleted file mode 100755 index a6b94693e..000000000 --- a/queries/aws_inspector2_finding_9.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_inspector2_finding_9 -Title: "Find and Query Insights into AWS Inspector Findings" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - finding_account_id, - first_observed_at, - fix_available, - exploit_available - from - aws_inspector2_finding - where - exploit_available = 'YES'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_member_1.yaml.bak b/queries/aws_inspector2_member_1.yaml.bak deleted file mode 100755 index cfd6ae2ca..000000000 --- a/queries/aws_inspector2_member_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_inspector2_member_1 -Title: "Find all AWS Inspector Members and Their Details" -Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - delegated_admin_account_id, - relationship_status, - updated_at - from - aws_inspector2_member; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_member_2.yaml.bak b/queries/aws_inspector2_member_2.yaml.bak deleted file mode 100755 index 80d2e7b6d..000000000 --- a/queries/aws_inspector2_member_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_inspector2_member_2 -Title: "Find AWS Inspector Members Information" -Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - delegated_admin_account_id, - relationship_status, - updated_at - from - aws_inspector2_member - where - updated_at >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_member_2.yaml.bak.bak b/queries/aws_inspector2_member_2.yaml.bak.bak deleted file mode 100755 index 80d2e7b6d..000000000 --- a/queries/aws_inspector2_member_2.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_inspector2_member_2 -Title: "Find AWS Inspector Members Information" -Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - delegated_admin_account_id, - relationship_status, - updated_at - from - aws_inspector2_member - where - updated_at >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector2_member_3.yaml.bak b/queries/aws_inspector2_member_3.yaml.bak deleted file mode 100755 index 2bd294d74..000000000 --- a/queries/aws_inspector2_member_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_inspector2_member_3 -Title: "Find all AWS Inspector Member Accounts Information" -Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - delegated_admin_account_id, - relationship_status - from - aws_inspector2_member - where - relationship_status = 'INVITED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Inspector diff --git a/queries/aws_inspector_assessment_run_1.yaml.bak b/queries/aws_inspector_assessment_run_1.yaml.bak deleted file mode 100755 index 6814a8c37..000000000 --- a/queries/aws_inspector_assessment_run_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_inspector_assessment_run_1 -Title: "List all AWS Inspector Assessment Runs and Details" -Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_template_arn, - created_at, - state, - region - from - aws_inspector_assessment_run; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_assessment_run_2.yaml.bak b/queries/aws_inspector_assessment_run_2.yaml.bak deleted file mode 100755 index b95ae1d9b..000000000 --- a/queries/aws_inspector_assessment_run_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_inspector_assessment_run_2 -Title: "Find AWS Inspector Assessment Runs with Details" -Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - finding_counts ->> 'High' as high, - finding_counts ->> 'Low' as low, - finding_counts ->> 'Medium' as medium, - finding_counts ->> 'Informational' as informational, - state - from - aws_inspector_assessment_run; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_assessment_run_3.yaml.bak b/queries/aws_inspector_assessment_run_3.yaml.bak deleted file mode 100755 index 75b1de446..000000000 --- a/queries/aws_inspector_assessment_run_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector_assessment_run_3 -Title: "List all AWS Inspector Assessment Runs and Their Details" -Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - t.name as assessment_template_name, - r.name as assessment_run_name, - r.created_at as assessment_run_created_at, - r.state, - r.region - from - aws_inspector_assessment_run as r, - aws_inspector_assessment_template as t - where - r.assessment_template_arn = t.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Inspector diff --git a/queries/aws_inspector_assessment_run_4.yaml.bak b/queries/aws_inspector_assessment_run_4.yaml.bak deleted file mode 100755 index 2ec68c8d8..000000000 --- a/queries/aws_inspector_assessment_run_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector_assessment_run_4 -Title: "List all AWS Inspector Assessment Runs and their details" -Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_template_arn, - created_at, - state, - region - from - aws_inspector_assessment_run - where - state <> 'COMPLETED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_assessment_run_5.yaml.bak b/queries/aws_inspector_assessment_run_5.yaml.bak deleted file mode 100755 index 2ab74765d..000000000 --- a/queries/aws_inspector_assessment_run_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_inspector_assessment_run_5 -Title: "Query AWS Inspector Assessment Run Details" -Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - state, - jsonb_pretty(state_changes) as state_changes - from - aws_inspector_assessment_run; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_assessment_run_6.yaml.bak b/queries/aws_inspector_assessment_run_6.yaml.bak deleted file mode 100755 index 3b86c42cb..000000000 --- a/queries/aws_inspector_assessment_run_6.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector_assessment_run_6 -Title: "List all AWS Inspector Assessment Runs in Last Week" -Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_template_arn, - created_at, - state, - region - from - aws_inspector_assessment_run - where - created_at >= (now() - interval '7' day); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_assessment_run_6.yaml.bak.bak b/queries/aws_inspector_assessment_run_6.yaml.bak.bak deleted file mode 100755 index 3b86c42cb..000000000 --- a/queries/aws_inspector_assessment_run_6.yaml.bak.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector_assessment_run_6 -Title: "List all AWS Inspector Assessment Runs in Last Week" -Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_template_arn, - created_at, - state, - region - from - aws_inspector_assessment_run - where - created_at >= (now() - interval '7' day); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_assessment_target_1.yaml.bak b/queries/aws_inspector_assessment_target_1.yaml.bak deleted file mode 100755 index a46eae31a..000000000 --- a/queries/aws_inspector_assessment_target_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_inspector_assessment_target_1 -Title: "List AWS Inspector Assessment Targets with Details" -Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - resource_group_arn, - created_at, - updated_at, - region - from - aws_inspector_assessment_target; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Inspector diff --git a/queries/aws_inspector_assessment_target_2.yaml.bak b/queries/aws_inspector_assessment_target_2.yaml.bak deleted file mode 100755 index b8a5e8549..000000000 --- a/queries/aws_inspector_assessment_target_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector_assessment_target_2 -Title: "Find AWS Inspector Assessment Targets Created in Last 7 Days" -Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - resource_group_arn, - created_at, - updated_at, - region - from - aws_inspector_assessment_target - where - created_at > (current_date - interval '7' day); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_assessment_target_2.yaml.bak.bak b/queries/aws_inspector_assessment_target_2.yaml.bak.bak deleted file mode 100755 index b8a5e8549..000000000 --- a/queries/aws_inspector_assessment_target_2.yaml.bak.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector_assessment_target_2 -Title: "Find AWS Inspector Assessment Targets Created in Last 7 Days" -Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - resource_group_arn, - created_at, - updated_at, - region - from - aws_inspector_assessment_target - where - created_at > (current_date - interval '7' day); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_assessment_target_3.yaml.bak b/queries/aws_inspector_assessment_target_3.yaml.bak deleted file mode 100755 index eefb3507c..000000000 --- a/queries/aws_inspector_assessment_target_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector_assessment_target_3 -Title: "List AWS Inspector Assessment Targets Details" -Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - resource_group_arn, - created_at, - updated_at, - region - from - aws_inspector_assessment_target - where - created_at != updated_at; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_assessment_template_1.yaml.bak b/queries/aws_inspector_assessment_template_1.yaml.bak deleted file mode 100755 index 3c485c00d..000000000 --- a/queries/aws_inspector_assessment_template_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_inspector_assessment_template_1 -Title: "Find AWS Inspector Assessment Templates" -Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_run_count, - created_at, - assessment_target_arn, - region - from - aws_inspector_assessment_template; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_assessment_template_2.yaml.bak b/queries/aws_inspector_assessment_template_2.yaml.bak deleted file mode 100755 index a8e153c31..000000000 --- a/queries/aws_inspector_assessment_template_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_inspector_assessment_template_2 -Title: "List AWS Inspector Assessment Template Configurations" -Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_run_count, - created_at, - assessment_target_arn, - user_attributes_for_findings, - region - from - aws_inspector_assessment_template - where - user_attributes_for_findings = '[]'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Inspector diff --git a/queries/aws_inspector_assessment_template_3.yaml.bak b/queries/aws_inspector_assessment_template_3.yaml.bak deleted file mode 100755 index f06e1c059..000000000 --- a/queries/aws_inspector_assessment_template_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_inspector_assessment_template_3 -Title: "Find AWS Inspector Assessment Templates with 0 Runs" -Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_run_count, - created_at, - assessment_target_arn, - user_attributes_for_findings, - region - from - aws_inspector_assessment_template - where - assessment_run_count = 0; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_assessment_template_4.yaml.bak b/queries/aws_inspector_assessment_template_4.yaml.bak deleted file mode 100755 index 080b64838..000000000 --- a/queries/aws_inspector_assessment_template_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_inspector_assessment_template_4 -Title: "List AWS Inspector Assessment Template Details" -Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_run_count, - created_at, - assessment_target_arn, - duration_in_seconds, - region - from - aws_inspector_assessment_template - where - duration_in_seconds < 3600; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_assessment_template_5.yaml.bak b/queries/aws_inspector_assessment_template_5.yaml.bak deleted file mode 100755 index 5a3c791a9..000000000 --- a/queries/aws_inspector_assessment_template_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_inspector_assessment_template_5 -Title: "Find all AWS Inspector Assessment Templates with No Runs" -Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_run_count, - created_at, - assessment_target_arn, - user_attributes_for_findings, - region - from - aws_inspector_assessment_template - where - assessment_run_count = 0; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_assessment_template_6.yaml.bak b/queries/aws_inspector_assessment_template_6.yaml.bak deleted file mode 100755 index 0d9e8bdd1..000000000 --- a/queries/aws_inspector_assessment_template_6.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_inspector_assessment_template_6 -Title: "Find AWS Inspector Assessment Templates by Duration" -Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_run_count, - created_at, - assessment_target_arn, - duration_in_seconds, - region - from - aws_inspector_assessment_template - where - duration_in_seconds < 3600; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_exclusion_1.yaml.bak b/queries/aws_inspector_exclusion_1.yaml.bak deleted file mode 100755 index b0f81830b..000000000 --- a/queries/aws_inspector_exclusion_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_inspector_exclusion_1 -Title: "List all AWS Inspector Exclusions with Descriptions" -Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - attributes, - description, - title, - region - from - aws_inspector_exclusion; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_exclusion_1.yaml.bak.bak b/queries/aws_inspector_exclusion_1.yaml.bak.bak deleted file mode 100755 index b0f81830b..000000000 --- a/queries/aws_inspector_exclusion_1.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_inspector_exclusion_1 -Title: "List all AWS Inspector Exclusions with Descriptions" -Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - attributes, - description, - title, - region - from - aws_inspector_exclusion; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_exclusion_2.yaml.bak b/queries/aws_inspector_exclusion_2.yaml.bak deleted file mode 100755 index 4f2cd83ff..000000000 --- a/queries/aws_inspector_exclusion_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_inspector_exclusion_2 -Title: "Find AWS Inspector Exclusions including ARNs and Descriptions" -Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - attributes, - description, - title, - region - from - aws_inspector_exclusion - where - assessment_run_arn = 'arn:aws:inspector:us-east-1:012345678912:target/0-ywdTAdRg/template/0-rY1J4B4f/run/0-LRRwpQFz'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_exclusion_3.yaml.bak b/queries/aws_inspector_exclusion_3.yaml.bak deleted file mode 100755 index 6491c7390..000000000 --- a/queries/aws_inspector_exclusion_3.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_inspector_exclusion_3 -Title: "List AWS Inspector Exclusions with Details" -Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - jsonb_pretty(attributes) as attributes, - jsonb_pretty(scopes) as scopes - from - aws_inspector_exclusion; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Inspector diff --git a/queries/aws_inspector_exclusion_4.yaml.bak b/queries/aws_inspector_exclusion_4.yaml.bak deleted file mode 100755 index 567f421ca..000000000 --- a/queries/aws_inspector_exclusion_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector_exclusion_4 -Title: "List all AWS Inspector Exclusions with Details" -Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - title, - count(arn) - from - aws_inspector_exclusion - group by - arn, - region, - title - order by - count desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Inspector diff --git a/queries/aws_inspector_exclusion_5.yaml.bak b/queries/aws_inspector_exclusion_5.yaml.bak deleted file mode 100755 index 59b011600..000000000 --- a/queries/aws_inspector_exclusion_5.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector_exclusion_5 -Title: "List AWS Inspector Exclusions with ARNs and Recommendations" -Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.arn, - e.title, - jsonb_pretty(e.attributes) as attributes, - e.recommendation - from - aws_inspector_exclusion e, - aws_inspector_assessment_run r, - aws_inspector_assessment_template t - where - e.assessment_run_arn = r.arn - and - r.assessment_template_arn = t.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_finding_1.yaml.bak b/queries/aws_inspector_finding_1.yaml.bak deleted file mode 100755 index 04fc26559..000000000 --- a/queries/aws_inspector_finding_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_inspector_finding_1 -Title: "Find all AWS Inspector Findings details" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - agent_id as instance_id, - asset_type, - confidence, - severity - from - aws_inspector_finding; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Inspector diff --git a/queries/aws_inspector_finding_10.yaml.bak b/queries/aws_inspector_finding_10.yaml.bak deleted file mode 100755 index 4d0221d40..000000000 --- a/queries/aws_inspector_finding_10.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector_finding_10 -Title: "List all AWS Inspector Findings with Details" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - agent_id as instance_id, - asset_type, - confidence, - severity - from - aws_inspector_finding - order by - confidence; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Inspector diff --git a/queries/aws_inspector_finding_2.yaml.bak b/queries/aws_inspector_finding_2.yaml.bak deleted file mode 100755 index db4c1eda2..000000000 --- a/queries/aws_inspector_finding_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector_finding_2 -Title: "List High Severity Findings from AWS Inspector" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - agent_id as instance_id, - asset_type, - confidence, - severity - from - aws_inspector_finding - where - severity = 'High'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Inspector diff --git a/queries/aws_inspector_finding_3.yaml.bak b/queries/aws_inspector_finding_3.yaml.bak deleted file mode 100755 index 174ab1f78..000000000 --- a/queries/aws_inspector_finding_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_inspector_finding_3 -Title: "Find AWS Inspector Findings by Severity" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - severity, - count(severity) - from - aws_inspector_finding - group by - severity - order by - severity; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Inspector diff --git a/queries/aws_inspector_finding_4.yaml.bak b/queries/aws_inspector_finding_4.yaml.bak deleted file mode 100755 index af1d57448..000000000 --- a/queries/aws_inspector_finding_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_inspector_finding_4 -Title: "List AWS Inspector Findings from the Past 10 Days" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - confidence, - severity - from - aws_inspector_finding - where - created_at >= now() - interval '10' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Inspector diff --git a/queries/aws_inspector_finding_5.yaml.bak b/queries/aws_inspector_finding_5.yaml.bak deleted file mode 100755 index 631ec9cc2..000000000 --- a/queries/aws_inspector_finding_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_inspector_finding_5 -Title: "List all AWS Inspector Findings with Detailed Information" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - jsonb_pretty(attributes) as attributes - from - aws_inspector_finding; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Inspector diff --git a/queries/aws_inspector_finding_5.yaml.bak.bak b/queries/aws_inspector_finding_5.yaml.bak.bak deleted file mode 100755 index 631ec9cc2..000000000 --- a/queries/aws_inspector_finding_5.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_inspector_finding_5 -Title: "List all AWS Inspector Findings with Detailed Information" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - jsonb_pretty(attributes) as attributes - from - aws_inspector_finding; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Inspector diff --git a/queries/aws_inspector_finding_6.yaml.bak b/queries/aws_inspector_finding_6.yaml.bak deleted file mode 100755 index b2c790323..000000000 --- a/queries/aws_inspector_finding_6.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_inspector_finding_6 -Title: "Find AWS Inspector Findings with Detailed Information" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - title, - asset_attributes ->> 'AgentId' as agent_id, - asset_attributes ->> 'AmiId' as ami_id, - asset_attributes ->> 'Hostname' as hostname, - asset_attributes ->> 'Tags' as tags - from - aws_inspector_finding; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Inspector diff --git a/queries/aws_inspector_finding_7.yaml.bak b/queries/aws_inspector_finding_7.yaml.bak deleted file mode 100755 index bfdd7b590..000000000 --- a/queries/aws_inspector_finding_7.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_inspector_finding_7 -Title: "List all High Severity AWS Inspector Findings" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct i.instance_id, - i.instance_state, - i.instance_type, - f.title, - f.service, - f.severity, - f.confidence - from - aws_ec2_instance as i, - aws_inspector_finding as f - where - severity = 'High' - and - i.instance_id = f.agent_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Inspector diff --git a/queries/aws_inspector_finding_8.yaml.bak b/queries/aws_inspector_finding_8.yaml.bak deleted file mode 100755 index ff74254ff..000000000 --- a/queries/aws_inspector_finding_8.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_inspector_finding_8 -Title: "Find all Detailed Information on AWS Inspector Findings" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - title, - service_attributes ->> 'AssessmentRunArn' as assessment_run_arn, - service_attributes ->> 'RulesPackageArn' as rules_package_arn, - service_attributes ->> 'SchemaVersion' as schema_version, - from - aws_inspector_finding; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Inspector diff --git a/queries/aws_inspector_finding_9.yaml.bak b/queries/aws_inspector_finding_9.yaml.bak deleted file mode 100755 index ee41deff2..000000000 --- a/queries/aws_inspector_finding_9.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_inspector_finding_9 -Title: "Find AWS Inspector Findings with Detailed Information" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.id, - r.title, - f.service_attributes ->> 'AssessmentRunArn' as assessment_run_arn, - r.assessment_template_arn, - r.finding_counts - from - aws_inspector_finding as f, - aws_inspector_assessment_run as r - where - f.service_attributes ->> 'AssessmentRunArn' = r.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Inspector diff --git a/queries/aws_iot_fleet_metric_1.yaml.bak b/queries/aws_iot_fleet_metric_1.yaml.bak deleted file mode 100755 index 0de0c456f..000000000 --- a/queries/aws_iot_fleet_metric_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iot_fleet_metric_1 -Title: "List all AWS IoT Fleet Metrics with details" -Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - arn, - index_name, - creation_date, - last_modified_date - from - aws_iot_fleet_metric; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IoT Fleet Metrics diff --git a/queries/aws_iot_fleet_metric_1.yaml.bak.bak b/queries/aws_iot_fleet_metric_1.yaml.bak.bak deleted file mode 100755 index 0de0c456f..000000000 --- a/queries/aws_iot_fleet_metric_1.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iot_fleet_metric_1 -Title: "List all AWS IoT Fleet Metrics with details" -Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - arn, - index_name, - creation_date, - last_modified_date - from - aws_iot_fleet_metric; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IoT Fleet Metrics diff --git a/queries/aws_iot_fleet_metric_2.yaml.bak b/queries/aws_iot_fleet_metric_2.yaml.bak deleted file mode 100755 index e1b3c5e84..000000000 --- a/queries/aws_iot_fleet_metric_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iot_fleet_metric_2 -Title: "List all AWS IoT Fleet Metrics Configuration and Aggregation" -Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - aggregation_field, - creation_date, - aggregation_type_name, - query_string - from - aws_iot_fleet_metric - group by - aggregation_type_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - IoT Fleet Metrics diff --git a/queries/aws_iot_fleet_metric_3.yaml.bak b/queries/aws_iot_fleet_metric_3.yaml.bak deleted file mode 100755 index f453002a7..000000000 --- a/queries/aws_iot_fleet_metric_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_iot_fleet_metric_3 -Title: "List all AWS IoT Fleet Metrics with Details from Last 30 Days" -Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - index_name, - creation_date, - last_modified_date, - query_version, - version - from - aws_iot_fleet_metric - where - last_modified_date >= now() - interval '30 days'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS IoT Fleet Metrics diff --git a/queries/aws_iot_thing_1.yaml.bak b/queries/aws_iot_thing_1.yaml.bak deleted file mode 100755 index b23b8d37d..000000000 --- a/queries/aws_iot_thing_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_iot_thing_1 -Title: "List all IoT Things with Details from AWS Account" -Description: "Allows users to query AWS Internet of Things to retrieve detailed information about the the virtual model of a physical device with in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_name, - thing_id, - arn, - thing_type_name, - version - from - aws_iot_thing; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Internet of Things diff --git a/queries/aws_iot_thing_2.yaml.bak b/queries/aws_iot_thing_2.yaml.bak deleted file mode 100755 index 6d4d7f98d..000000000 --- a/queries/aws_iot_thing_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iot_thing_2 -Title: "Find AWS IoT details for virtual device models" -Description: "Allows users to query AWS Internet of Things to retrieve detailed information about the the virtual model of a physical device with in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_name, - thing_id, - arn, - thing_type_name, - version - from - aws_iot_thing - where - attribute_name = 'foo'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS IoT diff --git a/queries/aws_iot_thing_3.yaml.bak b/queries/aws_iot_thing_3.yaml.bak deleted file mode 100755 index 3a7bed942..000000000 --- a/queries/aws_iot_thing_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iot_thing_3 -Title: "List all AWS IoT things and attribute value details" -Description: "Allows users to query AWS Internet of Things to retrieve detailed information about the the virtual model of a physical device with in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_name, - arn, - thing_id, - thing_type_name, - attribute_value - from - aws_iot_thing - where - thing_type_name = 'foo'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Internet of Things diff --git a/queries/aws_iot_thing_group_1.yaml.bak b/queries/aws_iot_thing_group_1.yaml.bak deleted file mode 100755 index 8901cb7a8..000000000 --- a/queries/aws_iot_thing_group_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_iot_thing_group_1 -Title: "List insights into AWS IoT Thing Group configuration" -Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - group_name, - thing_group_id, - thing_group_description, - arn, - creation_date, - parent_group_name - from - aws_iot_thing_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IoT diff --git a/queries/aws_iot_thing_group_2.yaml.bak b/queries/aws_iot_thing_group_2.yaml.bak deleted file mode 100755 index 8c40f7199..000000000 --- a/queries/aws_iot_thing_group_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_iot_thing_group_2 -Title: "List all AWS IoT Thing Group Configurations" -Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - group_name, - thing_group_id, - creation_date, - parent_group_name, - version - from - aws_iot_thing_group - where - parent_group_name = 'foo'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS IoT diff --git a/queries/aws_iot_thing_group_3.yaml.bak b/queries/aws_iot_thing_group_3.yaml.bak deleted file mode 100755 index e213499c7..000000000 --- a/queries/aws_iot_thing_group_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iot_thing_group_3 -Title: "List all AWS IoT Thing Group Configurations" -Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - group_name, - thing_group_id, - parent_group_name, - creation_date, - status - from - aws_iot_thing_group - where - creation_date >= now() - interval '30 days'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IoT diff --git a/queries/aws_iot_thing_group_3.yaml.bak.bak b/queries/aws_iot_thing_group_3.yaml.bak.bak deleted file mode 100755 index e213499c7..000000000 --- a/queries/aws_iot_thing_group_3.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iot_thing_group_3 -Title: "List all AWS IoT Thing Group Configurations" -Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - group_name, - thing_group_id, - parent_group_name, - creation_date, - status - from - aws_iot_thing_group - where - creation_date >= now() - interval '30 days'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IoT diff --git a/queries/aws_iot_thing_group_4.yaml.bak b/queries/aws_iot_thing_group_4.yaml.bak deleted file mode 100755 index a2aa1f83b..000000000 --- a/queries/aws_iot_thing_group_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iot_thing_group_4 -Title: "Find AWS IoT Thing Group Configurations and Details" -Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - group_name, - thing_group_id, - query_string, - query_version, - status - from - aws_iot_thing_group - where - status = 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS IoT Thing Group diff --git a/queries/aws_iot_thing_type_1.yaml.bak b/queries/aws_iot_thing_type_1.yaml.bak deleted file mode 100755 index a5c5d904e..000000000 --- a/queries/aws_iot_thing_type_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_iot_thing_type_1 -Title: "Find all AWS IoT Thing Types and Configurations" -Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_type_name, - arn, - thing_type_id, - thing_type_description, - creation_date - from - aws_iot_thing_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - IoT diff --git a/queries/aws_iot_thing_type_2.yaml.bak b/queries/aws_iot_thing_type_2.yaml.bak deleted file mode 100755 index ea41a2132..000000000 --- a/queries/aws_iot_thing_type_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_iot_thing_type_2 -Title: "List AWS IoT Thing Types and Their Configurations" -Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_type_name, - arn, - thing_type_id, - thing_type_description, - creation_date, - deprecated - from - aws_iot_thing_type - where - deprecated; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS IoT Thing Type diff --git a/queries/aws_iot_thing_type_3.yaml.bak b/queries/aws_iot_thing_type_3.yaml.bak deleted file mode 100755 index edcec46eb..000000000 --- a/queries/aws_iot_thing_type_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_iot_thing_type_3 -Title: "List all AWS IoT Thing Types with Configuration Details" -Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_type_name, - arn, - thing_type_id, - thing_type_description, - creation_date, - deprecated, - searchable_attributes - from - aws_iot_thing_type - where - creation_date >= now() - interval '30 days'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - IoT diff --git a/queries/aws_iot_thing_type_4.yaml.bak b/queries/aws_iot_thing_type_4.yaml.bak deleted file mode 100755 index 6a5134766..000000000 --- a/queries/aws_iot_thing_type_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_iot_thing_type_4 -Title: "Find All AWS IoT Thing Types with Configuration Insights" -Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_type_name, - arn, - thing_type_id, - creation_date, - tags, - deprecation_date - from - aws_iot_thing_type - where - deprecation_date <= now() - interval '30 days'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - IoT diff --git a/queries/aws_kinesis_consumer_1.yaml.bak b/queries/aws_kinesis_consumer_1.yaml.bak deleted file mode 100755 index e38702695..000000000 --- a/queries/aws_kinesis_consumer_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_kinesis_consumer_1 -Title: "List All AWS Kinesis Consumers and Their Details" -Description: "Allows users to query AWS Kinesis Consumers. This table provides information about Kinesis Consumers within AWS Kinesis Data Streams. It enables users to gather insights on consumers such as consumer ARN, creation timestamp, stream ARN and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - consumer_name, - consumer_arn, - consumer_status, - stream_arn - from - aws_kinesis_consumer; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Data Streams diff --git a/queries/aws_kinesis_consumer_2.yaml.bak b/queries/aws_kinesis_consumer_2.yaml.bak deleted file mode 100755 index 5019345c5..000000000 --- a/queries/aws_kinesis_consumer_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_kinesis_consumer_2 -Title: "List all AWS Kinesis Consumers and their Status" -Description: "Allows users to query AWS Kinesis Consumers. This table provides information about Kinesis Consumers within AWS Kinesis Data Streams. It enables users to gather insights on consumers such as consumer ARN, creation timestamp, stream ARN and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - consumer_name, - consumer_status, - consumer_arn - from - aws_kinesis_consumer - where - consumer_status != 'ACTIVE' - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Data Streams diff --git a/queries/aws_kinesis_firehose_delivery_stream_1.yaml.bak b/queries/aws_kinesis_firehose_delivery_stream_1.yaml.bak deleted file mode 100755 index c4e9afadf..000000000 --- a/queries/aws_kinesis_firehose_delivery_stream_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_kinesis_firehose_delivery_stream_1 -Title: "List all AWS Kinesis Firehose Delivery Stream Details" -Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - delivery_stream_name, - arn, - create_timestamp, - delivery_stream_type - from - aws_kinesis_firehose_delivery_stream; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Firehose diff --git a/queries/aws_kinesis_firehose_delivery_stream_2.yaml.bak b/queries/aws_kinesis_firehose_delivery_stream_2.yaml.bak deleted file mode 100755 index b480c4886..000000000 --- a/queries/aws_kinesis_firehose_delivery_stream_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_kinesis_firehose_delivery_stream_2 -Title: "List Delivery Streams for AWS Kinesis Firehose" -Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - delivery_stream_name, - arn, - delivery_stream_status, - create_timestamp, - delivery_stream_type - from - aws_kinesis_firehose_delivery_stream - where - delivery_stream_status != 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Firehose diff --git a/queries/aws_kinesis_firehose_delivery_stream_3.yaml.bak b/queries/aws_kinesis_firehose_delivery_stream_3.yaml.bak deleted file mode 100755 index 44e49be91..000000000 --- a/queries/aws_kinesis_firehose_delivery_stream_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_kinesis_firehose_delivery_stream_3 -Title: "List all AWS Kinesis Firehose Delivery Stream details" -Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - delivery_stream_name, - arn, - delivery_stream_status, - create_timestamp, - delivery_stream_type, - delivery_stream_encryption_configuration ->> 'Status' as encryption_status - from - aws_kinesis_firehose_delivery_stream - where - delivery_stream_encryption_configuration ->> 'Status' = 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Firehose diff --git a/queries/aws_kinesis_firehose_delivery_stream_4.yaml.bak b/queries/aws_kinesis_firehose_delivery_stream_4.yaml.bak deleted file mode 100755 index 168e59b6b..000000000 --- a/queries/aws_kinesis_firehose_delivery_stream_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_kinesis_firehose_delivery_stream_4 -Title: "List all AWS Kinesis Firehose Delivery Stream details" -Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - delivery_stream_name, - arn, - delivery_stream_status, - create_timestamp, - delivery_stream_type - from - aws_kinesis_firehose_delivery_stream - where - delivery_stream_type = 'DirectPut'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Firehose diff --git a/queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak b/queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak deleted file mode 100755 index 0e0024c33..000000000 --- a/queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_kinesis_firehose_delivery_stream_5 -Title: "List all AWS Kinesis Firehose Delivery Stream details" -Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - delivery_stream_name, - arn, - delivery_stream_status, - delivery_stream_type, - failure_description - from - aws_kinesis_firehose_delivery_stream - where - failure_description is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Firehose diff --git a/queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak.bak b/queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak.bak deleted file mode 100755 index 0e0024c33..000000000 --- a/queries/aws_kinesis_firehose_delivery_stream_5.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_kinesis_firehose_delivery_stream_5 -Title: "List all AWS Kinesis Firehose Delivery Stream details" -Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - delivery_stream_name, - arn, - delivery_stream_status, - delivery_stream_type, - failure_description - from - aws_kinesis_firehose_delivery_stream - where - failure_description is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Firehose diff --git a/queries/aws_kinesis_stream_1.yaml.bak b/queries/aws_kinesis_stream_1.yaml.bak deleted file mode 100755 index 08b9811b7..000000000 --- a/queries/aws_kinesis_stream_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_kinesis_stream_1 -Title: "List all AWS Kinesis Stream data and its details" -Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - stream_status, - consumer_count, - stream_creation_timestamp, - region - from - aws_kinesis_stream; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Stream diff --git a/queries/aws_kinesis_stream_2.yaml.bak b/queries/aws_kinesis_stream_2.yaml.bak deleted file mode 100755 index e610a7da4..000000000 --- a/queries/aws_kinesis_stream_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_kinesis_stream_2 -Title: "List Attributes of AWS Kinesis Streams Excluding Active Status" -Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - stream_status, - consumer_count, - stream_creation_timestamp, - region - from - aws_kinesis_stream - where - stream_status != 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Stream diff --git a/queries/aws_kinesis_stream_3.yaml.bak b/queries/aws_kinesis_stream_3.yaml.bak deleted file mode 100755 index f8995f16b..000000000 --- a/queries/aws_kinesis_stream_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_kinesis_stream_3 -Title: "List all AWS Kinesis Streams with Consumer Count Zero" -Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - stream_status, - consumer_count, - stream_creation_timestamp, - region - from - aws_kinesis_stream - where - consumer_count = 0; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Stream diff --git a/queries/aws_kinesis_stream_4.yaml.bak b/queries/aws_kinesis_stream_4.yaml.bak deleted file mode 100755 index bc9be67a8..000000000 --- a/queries/aws_kinesis_stream_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_kinesis_stream_4 -Title: "List AWS Kinesis Stream details including name, status, and tags" -Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - encryption_type, - key_id, - stream_creation_timestamp, - region - from - aws_kinesis_stream - where - encryption_type = 'NONE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Stream diff --git a/queries/aws_kinesis_stream_5.yaml.bak b/queries/aws_kinesis_stream_5.yaml.bak deleted file mode 100755 index c1443fa29..000000000 --- a/queries/aws_kinesis_stream_5.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_kinesis_stream_5 -Title: "List all AWS Kinesis Stream Data Including Creation Time" -Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - encryption_type, - key_id, - stream_creation_timestamp, - region - from - aws_kinesis_stream - where - encryption_type != 'NONE' - and key_id = 'alias/aws/kinesis'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Stream diff --git a/queries/aws_kinesis_video_stream_1.yaml.bak b/queries/aws_kinesis_video_stream_1.yaml.bak deleted file mode 100755 index 1d6e26b40..000000000 --- a/queries/aws_kinesis_video_stream_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_kinesis_video_stream_1 -Title: "List metadata for AWS Kinesis Video Streams" -Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - status, - creation_time, - region - from - aws_kinesis_video_stream; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Video Streams diff --git a/queries/aws_kinesis_video_stream_2.yaml.bak b/queries/aws_kinesis_video_stream_2.yaml.bak deleted file mode 100755 index 725f0b78a..000000000 --- a/queries/aws_kinesis_video_stream_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_kinesis_video_stream_2 -Title: "List All Metadata of AWS Kinesis Video Streams" -Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - status, - creation_time, - region - from - aws_kinesis_video_stream - where - status != 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Video Streams diff --git a/queries/aws_kinesis_video_stream_3.yaml.bak b/queries/aws_kinesis_video_stream_3.yaml.bak deleted file mode 100755 index dd9db66fb..000000000 --- a/queries/aws_kinesis_video_stream_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_kinesis_video_stream_3 -Title: "List all AWS Kinesis Video Streams with metadata" -Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - status, - kms_key_id, - creation_time, - region - from - aws_kinesis_video_stream - where - split_part(kms_key_id, ':', 6) = 'alias/aws/kinesisvideo'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Video Streams diff --git a/queries/aws_kinesis_video_stream_4.yaml.bak b/queries/aws_kinesis_video_stream_4.yaml.bak deleted file mode 100755 index 6c30fd88f..000000000 --- a/queries/aws_kinesis_video_stream_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_kinesis_video_stream_4 -Title: "List All Kinesis Video Streams Metadata from AWS" -Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - status, - creation_time, - data_retention_in_hours, - region - from - aws_kinesis_video_stream - where - data_retention_in_hours < 168; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Video Stream diff --git a/queries/aws_kinesisanalyticsv2_application_1.yaml.bak b/queries/aws_kinesisanalyticsv2_application_1.yaml.bak deleted file mode 100755 index 628f0106a..000000000 --- a/queries/aws_kinesisanalyticsv2_application_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_kinesisanalyticsv2_application_1 -Title: "List AWS Kinesis Analytics Applications with Details" -Description: "Allows users to query AWS Kinesis Analytics Applications to retrieve detailed information about each application, including the name, ARN, description, status, runtime environment, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_arn, - application_version_id, - application_status, - application_description, - service_execution_role, - runtime_environment - from - aws_kinesisanalyticsv2_application; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Analytics diff --git a/queries/aws_kinesisanalyticsv2_application_2.yaml.bak b/queries/aws_kinesisanalyticsv2_application_2.yaml.bak deleted file mode 100755 index 9278f795d..000000000 --- a/queries/aws_kinesisanalyticsv2_application_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_kinesisanalyticsv2_application_2 -Title: "Find AWS Kinesis Analytics Applications and Details" -Description: "Allows users to query AWS Kinesis Analytics Applications to retrieve detailed information about each application, including the name, ARN, description, status, runtime environment, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_id, - application_arn, - application_status - from - aws_kinesisanalyticsv2_application - where - application_version_id > 1; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Analytics diff --git a/queries/aws_kinesisanalyticsv2_application_3.yaml.bak b/queries/aws_kinesisanalyticsv2_application_3.yaml.bak deleted file mode 100755 index 34080cc26..000000000 --- a/queries/aws_kinesisanalyticsv2_application_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_kinesisanalyticsv2_application_3 -Title: "Find AWS Kinesis Analytics Applications and Details" -Description: "Allows users to query AWS Kinesis Analytics Applications to retrieve detailed information about each application, including the name, ARN, description, status, runtime environment, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - runtime_environment, - application_arn, - application_status - from - aws_kinesisanalyticsv2_application - where - runtime_environment = 'SQL-1_0'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Kinesis Analytics diff --git a/queries/aws_kms_alias_1.yaml.bak b/queries/aws_kms_alias_1.yaml.bak deleted file mode 100755 index 9fef92dc0..000000000 --- a/queries/aws_kms_alias_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_kms_alias_1 -Title: "Find all AWS KMS alias details including keys" -Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - alias_name, - title, - arn, - target_key_id, - creation_date - from - aws_kms_alias; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Key Management Service (KMS) diff --git a/queries/aws_kms_alias_2.yaml.bak b/queries/aws_kms_alias_2.yaml.bak deleted file mode 100755 index 2eaf92fe7..000000000 --- a/queries/aws_kms_alias_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_kms_alias_2 -Title: "Find AWS KMS Alias and Associated Keys with SQL" -Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - k.id as key_id, - k.key_rotation_enabled as key_rotation_enabled, - a.alias_name as alias_name, - a.arn as alias_arn - from - aws_kms_key as k, - aws_kms_alias as a - where - k.id = a.target_key_id and not key_rotation_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Key Management Service diff --git a/queries/aws_kms_alias_3.yaml.bak b/queries/aws_kms_alias_3.yaml.bak deleted file mode 100755 index 354534fec..000000000 --- a/queries/aws_kms_alias_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_kms_alias_3 -Title: "List all AWS KMS aliases with key state pending deletion" -Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.alias_name as alias_name, - k.id as key_id, - k.key_state as key_state, - k.deletion_date as key_deletion_date - from - aws_kms_key as k, - aws_kms_alias as a - where - k.id = a.target_key_id and key_state = 'PendingDeletion'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Key Management Service diff --git a/queries/aws_kms_alias_3.yaml.bak.bak b/queries/aws_kms_alias_3.yaml.bak.bak deleted file mode 100755 index 354534fec..000000000 --- a/queries/aws_kms_alias_3.yaml.bak.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_kms_alias_3 -Title: "List all AWS KMS aliases with key state pending deletion" -Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.alias_name as alias_name, - k.id as key_id, - k.key_state as key_state, - k.deletion_date as key_deletion_date - from - aws_kms_key as k, - aws_kms_alias as a - where - k.id = a.target_key_id and key_state = 'PendingDeletion'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Key Management Service diff --git a/queries/aws_kms_alias_4.yaml.bak b/queries/aws_kms_alias_4.yaml.bak deleted file mode 100755 index 8bb04b60c..000000000 --- a/queries/aws_kms_alias_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_kms_alias_4 -Title: "List all AWS KMS aliases and their associated keys" -Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - k.id as key_id, - count(a.alias_name) as count - from - aws_kms_key as k - left join aws_kms_alias as a - on k.id = a.target_key_id - group by - key_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - KMS diff --git a/queries/aws_kms_key_1.yaml.bak b/queries/aws_kms_key_1.yaml.bak deleted file mode 100755 index 914b03c64..000000000 --- a/queries/aws_kms_key_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_kms_key_1 -Title: "List all AWS KMS Keys and their metadata" -Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - title, - arn, - key_manager, - creation_date - from - aws_kms_key; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS KMS diff --git a/queries/aws_kms_key_2.yaml.bak b/queries/aws_kms_key_2.yaml.bak deleted file mode 100755 index 650c64216..000000000 --- a/queries/aws_kms_key_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_kms_key_2 -Title: "Find AWS KMS Key Data with Metadata & Key Usage" -Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - key_rotation_enabled - from - aws_kms_key - where - not key_rotation_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - KMS diff --git a/queries/aws_kms_key_3.yaml.bak b/queries/aws_kms_key_3.yaml.bak deleted file mode 100755 index 8c20cbff1..000000000 --- a/queries/aws_kms_key_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_kms_key_3 -Title: "List AWS KMS Key data including cryptographic details" -Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - key_state, - deletion_date - from - aws_kms_key - where - key_state = 'PendingDeletion'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - KMS Key diff --git a/queries/aws_kms_key_4.yaml.bak b/queries/aws_kms_key_4.yaml.bak deleted file mode 100755 index f414e99f5..000000000 --- a/queries/aws_kms_key_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_kms_key_4 -Title: "List all AWS KMS Key data including key state and usage" -Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - enabled as key_enabled - from - aws_kms_key - where - not enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - KMS diff --git a/queries/aws_kms_key_5.yaml.bak b/queries/aws_kms_key_5.yaml.bak deleted file mode 100755 index 7fc253fed..000000000 --- a/queries/aws_kms_key_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_kms_key_5 -Title: "List all AWS KMS Key data with cryptographic details" -Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key_manager, - count(key_manager) as count - from - aws_kms_key - group by - key_manager; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - KMS diff --git a/queries/aws_kms_key_rotation_1.yaml.bak b/queries/aws_kms_key_rotation_1.yaml.bak deleted file mode 100755 index 6edd4a2f2..000000000 --- a/queries/aws_kms_key_rotation_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_kms_key_rotation_1 -Title: "Find AWS KMS Key Rotation Schedule and Details" -Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key_id, - key_arn, - rotation_date, - rotation_type - from - aws_kms_key_rotation; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - KMS diff --git a/queries/aws_kms_key_rotation_2.yaml.bak b/queries/aws_kms_key_rotation_2.yaml.bak deleted file mode 100755 index ec5eb0c41..000000000 --- a/queries/aws_kms_key_rotation_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_kms_key_rotation_2 -Title: "List all AWS KMS Key Rotation Data" -Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key_id, - key_arn, - rotation_date - from - aws_kms_key_rotation - where - rotation_date >= current_date - interval '30 days'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS KMS diff --git a/queries/aws_kms_key_rotation_3.yaml.bak b/queries/aws_kms_key_rotation_3.yaml.bak deleted file mode 100755 index ffbc6f2ef..000000000 --- a/queries/aws_kms_key_rotation_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_kms_key_rotation_3 -Title: "List AWS KMS Key Rotation Details and Schedule" -Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - akr.key_id, - ak.title, - akr.rotation_date, - akr.rotation_type, - ak.key_manager - from - aws_kms_key_rotation akr - join - aws_kms_key ak - on - akr.key_id = ak.id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - KMS diff --git a/queries/aws_kms_key_rotation_3.yaml.bak.bak b/queries/aws_kms_key_rotation_3.yaml.bak.bak deleted file mode 100755 index ffbc6f2ef..000000000 --- a/queries/aws_kms_key_rotation_3.yaml.bak.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_kms_key_rotation_3 -Title: "List AWS KMS Key Rotation Details and Schedule" -Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - akr.key_id, - ak.title, - akr.rotation_date, - akr.rotation_type, - ak.key_manager - from - aws_kms_key_rotation akr - join - aws_kms_key ak - on - akr.key_id = ak.id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - KMS diff --git a/queries/aws_kms_key_rotation_4.yaml.bak b/queries/aws_kms_key_rotation_4.yaml.bak deleted file mode 100755 index f7b683092..000000000 --- a/queries/aws_kms_key_rotation_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_kms_key_rotation_4 -Title: "List AWS KMS Key Rotation Schedules and Types" -Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rotation_type, - count(key_id) as count - from - aws_kms_key_rotation - group by - rotation_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - KMS diff --git a/queries/aws_lambda_alias_1.yaml.bak b/queries/aws_lambda_alias_1.yaml.bak deleted file mode 100755 index c8d67e006..000000000 --- a/queries/aws_lambda_alias_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_lambda_alias_1 -Title: "List AWS Lambda Alias with detailed information" -Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - function_name, - function_version - from - aws_lambda_alias; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda diff --git a/queries/aws_lambda_alias_2.yaml.bak b/queries/aws_lambda_alias_2.yaml.bak deleted file mode 100755 index 861a30482..000000000 --- a/queries/aws_lambda_alias_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_lambda_alias_2 -Title: "List all AWS Lambda Aliases with Detailed Information" -Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - function_name, - count(function_name) count - from - aws_lambda_alias - group by - function_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda diff --git a/queries/aws_lambda_alias_3.yaml.bak b/queries/aws_lambda_alias_3.yaml.bak deleted file mode 100755 index 3faea0ecc..000000000 --- a/queries/aws_lambda_alias_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_lambda_alias_3 -Title: "List all AWS Lambda Alias with detailed information" -Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_lambda_alias; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_alias_4.yaml.bak b/queries/aws_lambda_alias_4.yaml.bak deleted file mode 100755 index 66e1e8fda..000000000 --- a/queries/aws_lambda_alias_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_lambda_alias_4 -Title: "List all AWS Lambda Aliases and Configuration" -Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - function_name, - jsonb_pretty(url_config) as url_config - from - aws_lambda_alias; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda diff --git a/queries/aws_lambda_alias_4.yaml.bak.bak b/queries/aws_lambda_alias_4.yaml.bak.bak deleted file mode 100755 index 66e1e8fda..000000000 --- a/queries/aws_lambda_alias_4.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_lambda_alias_4 -Title: "List all AWS Lambda Aliases and Configuration" -Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - function_name, - jsonb_pretty(url_config) as url_config - from - aws_lambda_alias; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda diff --git a/queries/aws_lambda_event_source_mapping_1.yaml.bak b/queries/aws_lambda_event_source_mapping_1.yaml.bak deleted file mode 100755 index 98e1bf9e6..000000000 --- a/queries/aws_lambda_event_source_mapping_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_lambda_event_source_mapping_1 -Title: "List AWS Lambda Event Source Mappings with Config Details" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - function_arn, - function_name, - last_processing_result, - parallelization_factor, - state, - destination_config - from - aws_lambda_event_source_mapping; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_event_source_mapping_2.yaml.bak b/queries/aws_lambda_event_source_mapping_2.yaml.bak deleted file mode 100755 index d9c1431bd..000000000 --- a/queries/aws_lambda_event_source_mapping_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_lambda_event_source_mapping_2 -Title: "Find AWS Lambda Event Source Mappings with SQL" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - function_name, - state, - last_modified, - state_transition_reason - from - aws_lambda_event_source_mapping - where - state = 'Disabled'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_event_source_mapping_3.yaml.bak b/queries/aws_lambda_event_source_mapping_3.yaml.bak deleted file mode 100755 index 571366ec6..000000000 --- a/queries/aws_lambda_event_source_mapping_3.yaml.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: aws_lambda_event_source_mapping_3 -Title: "Find AWS Lambda Event Source Mappings with SQL" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - function_name, - jsonb_array_elements_text(jsonb_extract_path(self_managed_event_source, 'Endpoints', 'KAFKA_BOOTSTRAP_SERVERS')) - from - aws_lambda_event_source_mapping; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_event_source_mapping_4.yaml.bak b/queries/aws_lambda_event_source_mapping_4.yaml.bak deleted file mode 100755 index 9459bf559..000000000 --- a/queries/aws_lambda_event_source_mapping_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_lambda_event_source_mapping_4 -Title: "Find AWS Lambda Event Source Mappings and Configurations" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - uuid, - arn, - a ->> 'Type' as source_access_type, - a ->> 'URL' as source_access_url - from - aws_lambda_event_source_mapping, - jsonb_array_elements(source_access_configurations) as a; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_event_source_mapping_5.yaml.bak b/queries/aws_lambda_event_source_mapping_5.yaml.bak deleted file mode 100755 index 5aaf9f422..000000000 --- a/queries/aws_lambda_event_source_mapping_5.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_lambda_event_source_mapping_5 -Title: "List all AWS Lambda Event Source Mappings with Details" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - uuid, - arn, - scaling_config ->> 'MaximumConcurrency' as maximum_concurrency - from - aws_lambda_event_source_mapping; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_event_source_mapping_6.yaml.bak b/queries/aws_lambda_event_source_mapping_6.yaml.bak deleted file mode 100755 index 553449ab6..000000000 --- a/queries/aws_lambda_event_source_mapping_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_lambda_event_source_mapping_6 -Title: "List all AWS Lambda Event Source Mappings and Configs" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - uuid, - function_name, - destination_config ->> 'OnFailure' as on_failure, - destination_config ->> 'OnSuccess' as on_success - from - aws_lambda_event_source_mapping; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_event_source_mapping_7.yaml.bak b/queries/aws_lambda_event_source_mapping_7.yaml.bak deleted file mode 100755 index f8b421348..000000000 --- a/queries/aws_lambda_event_source_mapping_7.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_lambda_event_source_mapping_7 -Title: "Find AWS Lambda Event Source Mappings Configurations" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - uuid, - arn, - function_arn, - state, - filter ->> 'Pattern' as filter_criteria_pattern - from - aws_lambda_event_source_mapping, - jsonb_array_elements(filter_criteria -> 'Filters') as filter - where - filter ->> 'Pattern' like '{ \"Metadata\" : [ 1, 2 ]}'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda diff --git a/queries/aws_lambda_event_source_mapping_8.yaml.bak b/queries/aws_lambda_event_source_mapping_8.yaml.bak deleted file mode 100755 index cf806404e..000000000 --- a/queries/aws_lambda_event_source_mapping_8.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_lambda_event_source_mapping_8 -Title: "Find AWS Lambda Event Source Mappings Configuration" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - m.arn, - m.function_arn, - f.runtime, - f.handler, - f.architectures - from - aws_lambda_event_source_mapping as m, - aws_lambda_function as f - where - f.name = m.function_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_function_1.yaml.bak b/queries/aws_lambda_function_1.yaml.bak deleted file mode 100755 index 04835a1db..000000000 --- a/queries/aws_lambda_function_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_lambda_function_1 -Title: "List AWS Lambda Function Configurations via SQL" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - handler, - kms_key_arn - from - aws_lambda_function; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_function_1.yaml.bak.bak b/queries/aws_lambda_function_1.yaml.bak.bak deleted file mode 100755 index 04835a1db..000000000 --- a/queries/aws_lambda_function_1.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_lambda_function_1 -Title: "List AWS Lambda Function Configurations via SQL" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - handler, - kms_key_arn - from - aws_lambda_function; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_function_10.yaml.bak b/queries/aws_lambda_function_10.yaml.bak deleted file mode 100755 index bf6d13135..000000000 --- a/queries/aws_lambda_function_10.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_lambda_function_10 -Title: "Find AWS Lambda Functions with Specific Tracing Config" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - jsonb_pretty(tracing_config) as tracing_config - from - aws_lambda_function - where - tracing_config ->> 'Mode' = 'PassThrough'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_function_2.yaml.bak b/queries/aws_lambda_function_2.yaml.bak deleted file mode 100755 index bd8ba9894..000000000 --- a/queries/aws_lambda_function_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_lambda_function_2 -Title: "Find AWS Lambda Functions Without KMS Key ARN" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - kms_key_arn - from - aws_lambda_function - where - kms_key_arn is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda Functions diff --git a/queries/aws_lambda_function_3.yaml.bak b/queries/aws_lambda_function_3.yaml.bak deleted file mode 100755 index ed22157d8..000000000 --- a/queries/aws_lambda_function_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_lambda_function_3 -Title: "List all AWS Lambda Functions with Runtime Details" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - runtime, - count(*) - from - aws_lambda_function - group by - runtime; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_function_4.yaml.bak b/queries/aws_lambda_function_4.yaml.bak deleted file mode 100755 index 34e75cf08..000000000 --- a/queries/aws_lambda_function_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_lambda_function_4 -Title: "List AWS Lambda Functions with Logs Retention Less Than 30 Days" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - fn.name, - lg.name, - lg.retention_in_days - from - aws_lambda_function as fn - inner join aws_cloudwatch_log_group as lg on ( - (lg.name = '/aws/lambda/') - or (lg.name = fn.name) - ) - where - lg.retention_in_days < 30; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda diff --git a/queries/aws_lambda_function_5.yaml.bak b/queries/aws_lambda_function_5.yaml.bak deleted file mode 100755 index 59cc2add2..000000000 --- a/queries/aws_lambda_function_5.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_lambda_function_5 -Title: "List all AWS Lambda Functions with Configuration Details" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - fn.name, - fn.region, - count (availability_zone) as zone_count - from - aws_lambda_function as fn - cross join jsonb_array_elements_text(vpc_subnet_ids) as vpc_subnet - join aws_vpc_subnet as sub on sub.subnet_id = vpc_subnet - group by - fn.name, - fn.region - order by - zone_count; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda Function diff --git a/queries/aws_lambda_function_6.yaml.bak b/queries/aws_lambda_function_6.yaml.bak deleted file mode 100755 index 6fbde2809..000000000 --- a/queries/aws_lambda_function_6.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: aws_lambda_function_6 -Title: "Find AWS Lambda Functions and IAM Actions" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.name, - f.role, - a.action, - a.access_level, - a.description - from - aws_lambda_function as f, - aws_iam_role as r, - jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, - aws_iam_policy as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob(action_glob) as action_regex - join aws_iam_action a ON a.action LIKE action_regex - where - f.role = r.arn - and pol_arn = p.arn - and stmt ->> 'Effect' = 'Allow' - and f.name = 'hellopython'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda Function diff --git a/queries/aws_lambda_function_7.yaml.bak b/queries/aws_lambda_function_7.yaml.bak deleted file mode 100755 index ba8486b28..000000000 --- a/queries/aws_lambda_function_7.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_lambda_function_7 -Title: "Find all AWS Lambda Functions with Missing DLQ" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - dead_letter_config_target_arn - from - aws_lambda_function - where - dead_letter_config_target_arn is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda diff --git a/queries/aws_lambda_function_8.yaml.bak b/queries/aws_lambda_function_8.yaml.bak deleted file mode 100755 index 9076a796e..000000000 --- a/queries/aws_lambda_function_8.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_lambda_function_8 -Title: "Find AWS Lambda Function Configuration and Details" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - runtime, - handler, - architectures - from - aws_lambda_function; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda diff --git a/queries/aws_lambda_function_9.yaml.bak b/queries/aws_lambda_function_9.yaml.bak deleted file mode 100755 index 6415a44f1..000000000 --- a/queries/aws_lambda_function_9.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_lambda_function_9 -Title: "List all AWS Lambda Function Configurations" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - jsonb_pretty(url_config) as url_config - from - aws_lambda_function; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda Function diff --git a/queries/aws_lambda_function_metric_duration_daily_1.yaml.bak b/queries/aws_lambda_function_metric_duration_daily_1.yaml.bak deleted file mode 100755 index 9f62adec2..000000000 --- a/queries/aws_lambda_function_metric_duration_daily_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_lambda_function_metric_duration_daily_1 -Title: "Find AWS Lambda Function Daily Duration Metrics" -Description: "Allows users to query AWS Lambda Function daily duration metrics." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_lambda_function_metric_duration_daily - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda diff --git a/queries/aws_lambda_function_metric_duration_daily_2.yaml.bak b/queries/aws_lambda_function_metric_duration_daily_2.yaml.bak deleted file mode 100755 index fc1b9da6f..000000000 --- a/queries/aws_lambda_function_metric_duration_daily_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_lambda_function_metric_duration_daily_2 -Title: "Find AWS Lambda Function Daily Duration Metrics" -Description: "Allows users to query AWS Lambda Function daily duration metrics." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - round(minimum::numeric,2) as min_duration, - round(maximum::numeric,2) as max_duration, - round(average::numeric,2) as avg_duration, - sample_count - from - aws_lambda_function_metric_duration_daily - where maximum > 100 - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda diff --git a/queries/aws_lambda_function_metric_duration_daily_3.yaml.bak b/queries/aws_lambda_function_metric_duration_daily_3.yaml.bak deleted file mode 100755 index e393a3c70..000000000 --- a/queries/aws_lambda_function_metric_duration_daily_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_lambda_function_metric_duration_daily_3 -Title: "Find AWS Lambda Function Daily Duration Metrics" -Description: "Allows users to query AWS Lambda Function daily duration metrics." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - round(minimum::numeric,2) as min_duration, - round(maximum::numeric,2) as max_duration, - round(average::numeric,2) as avg_duration, - sample_count - from - aws_lambda_function_metric_duration_daily - where average < 5 - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_function_metric_errors_daily_1.yaml.bak b/queries/aws_lambda_function_metric_errors_daily_1.yaml.bak deleted file mode 100755 index 1b364a897..000000000 --- a/queries/aws_lambda_function_metric_errors_daily_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_lambda_function_metric_errors_daily_1 -Title: "List AWS Lambda Function Daily Error Metrics" -Description: "Allows users to query AWS Lambda Function error metrics on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_lambda_function_metric_errors_daily - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_function_metric_errors_daily_2.yaml.bak b/queries/aws_lambda_function_metric_errors_daily_2.yaml.bak deleted file mode 100755 index d296fe67c..000000000 --- a/queries/aws_lambda_function_metric_errors_daily_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_lambda_function_metric_errors_daily_2 -Title: "List All AWS Lambda Function Errors Metrics Daily" -Description: "Allows users to query AWS Lambda Function error metrics on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - round(minimum::numeric,2) as min_error, - round(maximum::numeric,2) as max_error, - round(average::numeric,2) as avg_error, - sample_count - from - aws_lambda_function_metric_errors_daily - where average < 1 - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak b/queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak deleted file mode 100755 index cb4dba768..000000000 --- a/queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_lambda_function_metric_invocations_daily_1 -Title: "Find All Daily AWS Lambda Function Metrics Using SQL" -Description: "Allows users to query AWS Lambda Function Metrics on a daily basis." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - sum - from - aws_lambda_function_metric_invocations_daily - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda Function diff --git a/queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak.bak b/queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak.bak deleted file mode 100755 index cb4dba768..000000000 --- a/queries/aws_lambda_function_metric_invocations_daily_1.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_lambda_function_metric_invocations_daily_1 -Title: "Find All Daily AWS Lambda Function Metrics Using SQL" -Description: "Allows users to query AWS Lambda Function Metrics on a daily basis." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - sum - from - aws_lambda_function_metric_invocations_daily - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda Function diff --git a/queries/aws_lambda_function_metric_invocations_daily_2.yaml.bak b/queries/aws_lambda_function_metric_invocations_daily_2.yaml.bak deleted file mode 100755 index b2c08592b..000000000 --- a/queries/aws_lambda_function_metric_invocations_daily_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_lambda_function_metric_invocations_daily_2 -Title: "Find AWS Lambda Function Metrics on a Daily Basis" -Description: "Allows users to query AWS Lambda Function Metrics on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - round(sum::numeric,2) as sum_invocations, - sample_count - from - aws_lambda_function_metric_invocations_daily - where - date_part('day', now() - timestamp) <=3 - and sum > 10 - order by - name, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda Function Metrics diff --git a/queries/aws_lambda_layer_1.yaml.bak b/queries/aws_lambda_layer_1.yaml.bak deleted file mode 100755 index bf1207445..000000000 --- a/queries/aws_lambda_layer_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_lambda_layer_1 -Title: "Find all AWS Lambda Layer Details" -Description: "Allows users to query AWS Lambda Layers and retrieve information including layer ARNs, layer versions, compatible runtimes, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - layer_arn, - layer_name, - layer_version_arn, - created_date, - jsonb_pretty(compatible_runtimes) as compatible_runtimes, - jsonb_pretty(compatible_architectures) as compatible_architectures, - version - from - aws_lambda_layer; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda diff --git a/queries/aws_lambda_layer_1.yaml.bak.bak b/queries/aws_lambda_layer_1.yaml.bak.bak deleted file mode 100755 index c746ec1ff..000000000 --- a/queries/aws_lambda_layer_1.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_lambda_layer_1 -Title: "Find all AWS Lambda Layer Details" -Description: "Allows users to query AWS Lambda Layers and retrieve information including layer ARNs, layer versions, compatible runtimes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - layer_arn, - layer_name, - layer_version_arn, - created_date, - jsonb_pretty(compatible_runtimes) as compatible_runtimes, - jsonb_pretty(compatible_architectures) as compatible_architectures, - version - from - aws_lambda_layer; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lambda diff --git a/queries/aws_lambda_layer_version_1.yaml.bak b/queries/aws_lambda_layer_version_1.yaml.bak deleted file mode 100755 index 0853ef1d0..000000000 --- a/queries/aws_lambda_layer_version_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_lambda_layer_version_1 -Title: "Find AWS Lambda Layer Version Details" -Description: "Allows users to query AWS Lambda Layer Versions, providing detailed information about each layer version, including its ARN, description, license info, compatible runtimes, created date, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - layer_arn, - layer_name, - layer_version_arn, - created_date, - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std, - version - from - aws_lambda_layer_version; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_version_1.yaml.bak b/queries/aws_lambda_version_1.yaml.bak deleted file mode 100755 index dcafc9e1c..000000000 --- a/queries/aws_lambda_version_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_lambda_version_1 -Title: "Find AWS Lambda Versions and Details" -Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - function_name, - version, - runtime, - handler - from - aws_lambda_version; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_version_1.yaml.bak.bak b/queries/aws_lambda_version_1.yaml.bak.bak deleted file mode 100755 index dcafc9e1c..000000000 --- a/queries/aws_lambda_version_1.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_lambda_version_1 -Title: "Find AWS Lambda Versions and Details" -Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - function_name, - version, - runtime, - handler - from - aws_lambda_version; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_version_2.yaml.bak b/queries/aws_lambda_version_2.yaml.bak deleted file mode 100755 index bb315c7f0..000000000 --- a/queries/aws_lambda_version_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_lambda_version_2 -Title: "List AWS Lambda Versions to Fetch Detailed Information" -Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - function_name, - version, - timeout - from - aws_lambda_version - where - timeout :: int > 120; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_version_3.yaml.bak b/queries/aws_lambda_version_3.yaml.bak deleted file mode 100755 index ef21823dd..000000000 --- a/queries/aws_lambda_version_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_lambda_version_3 -Title: "Find all Versions of a Specific AWS Lambda Function" -Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - function_name, - version, - vpc_id, - vpc_security_group_ids, - vpc_subnet_ids - from - aws_lambda_version; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lambda_version_4.yaml.bak b/queries/aws_lambda_version_4.yaml.bak deleted file mode 100755 index 14ca15c1a..000000000 --- a/queries/aws_lambda_version_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_lambda_version_4 -Title: "Query AWS Lambda Versions for Detailed Information" -Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_lambda_version; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lambda diff --git a/queries/aws_lightsail_bucket_1.yaml.bak b/queries/aws_lightsail_bucket_1.yaml.bak deleted file mode 100755 index 7b04c954c..000000000 --- a/queries/aws_lightsail_bucket_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_lightsail_bucket_1 -Title: "Find AWS Lightsail Buckets and Retrieve Detailed Information" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - state_code, - created_at - from - aws_lightsail_bucket; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Lightsail Buckets diff --git a/queries/aws_lightsail_bucket_2.yaml.bak b/queries/aws_lightsail_bucket_2.yaml.bak deleted file mode 100755 index 9014e4c38..000000000 --- a/queries/aws_lightsail_bucket_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_lightsail_bucket_2 -Title: "List all AWS Lightsail Buckets and Configurations" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - region, - count(*) as bucket_count - from - aws_lightsail_bucket - group by - region; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Lightsail diff --git a/queries/aws_lightsail_bucket_2.yaml.bak.bak b/queries/aws_lightsail_bucket_2.yaml.bak.bak deleted file mode 100755 index 9014e4c38..000000000 --- a/queries/aws_lightsail_bucket_2.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_lightsail_bucket_2 -Title: "List all AWS Lightsail Buckets and Configurations" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - region, - count(*) as bucket_count - from - aws_lightsail_bucket - group by - region; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Lightsail diff --git a/queries/aws_lightsail_bucket_3.yaml.bak b/queries/aws_lightsail_bucket_3.yaml.bak deleted file mode 100755 index 9895c67d2..000000000 --- a/queries/aws_lightsail_bucket_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_lightsail_bucket_3 -Title: "List all AWS Lightsail Buckets with Public Access" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - region, - access_rules ->> 'GetObject' as public_access - from - aws_lightsail_bucket - where - access_rules ->> 'GetObject' = 'public'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Lightsail diff --git a/queries/aws_lightsail_bucket_4.yaml.bak b/queries/aws_lightsail_bucket_4.yaml.bak deleted file mode 100755 index 8abd828d7..000000000 --- a/queries/aws_lightsail_bucket_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_lightsail_bucket_4 -Title: "Find AWS Lightsail Buckets with Configuration Details" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_at - from - aws_lightsail_bucket - where - created_at >= (current_date - interval '30' day); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Lightsail diff --git a/queries/aws_lightsail_bucket_5.yaml.bak b/queries/aws_lightsail_bucket_5.yaml.bak deleted file mode 100755 index 42acbe8c7..000000000 --- a/queries/aws_lightsail_bucket_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_lightsail_bucket_5 -Title: "Find all AWS Lightsail Buckets without tags" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - tags - from - aws_lightsail_bucket - where - tags is null or tags = '[]'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Lightsail diff --git a/queries/aws_lightsail_bucket_6.yaml.bak b/queries/aws_lightsail_bucket_6.yaml.bak deleted file mode 100755 index 57b5b0fb4..000000000 --- a/queries/aws_lightsail_bucket_6.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_lightsail_bucket_6 -Title: "Find AWS Lightsail Buckets with Enabled Versioning" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - object_versioning - from - aws_lightsail_bucket - where - object_versioning = 'Enabled'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Lightsail diff --git a/queries/aws_lightsail_bucket_7.yaml.bak b/queries/aws_lightsail_bucket_7.yaml.bak deleted file mode 100755 index b4d854242..000000000 --- a/queries/aws_lightsail_bucket_7.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_lightsail_bucket_7 -Title: "Find AWS Lightsail Bucket Configuration and Access Rules" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_log_config ->> 'Enabled' as access_log_enabled, - access_log_config ->> 'Destination' as access_log_destination, - access_log_config ->> 'Prefix' as access_log_prefix - from - aws_lightsail_bucket; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Lightsail diff --git a/queries/aws_lightsail_instance_1.yaml.bak b/queries/aws_lightsail_instance_1.yaml.bak deleted file mode 100755 index ea07e571a..000000000 --- a/queries/aws_lightsail_instance_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_lightsail_instance_1 -Title: "List all AWS Lightsail instances with details" -Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - availability_zone as az, - bundle_id, - count(*) - from - aws_lightsail_instance - group by - availability_zone, - bundle_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lightsail diff --git a/queries/aws_lightsail_instance_2.yaml.bak b/queries/aws_lightsail_instance_2.yaml.bak deleted file mode 100755 index 5e4e60726..000000000 --- a/queries/aws_lightsail_instance_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_lightsail_instance_2 -Title: "List all AWS Lightsail Instances with Stopped State" -Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - state_name - from - aws_lightsail_instance - where - state_name = 'stopped' - and created_at <= (current_date - interval '30' day); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lightsail diff --git a/queries/aws_lightsail_instance_3.yaml.bak b/queries/aws_lightsail_instance_3.yaml.bak deleted file mode 100755 index 3959cd7e4..000000000 --- a/queries/aws_lightsail_instance_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_lightsail_instance_3 -Title: "List AWS Lightsail Instances with State and Details" -Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - state_name, - bundle_id, - region - from - aws_lightsail_instance - where - public_ip_address is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Lightsail diff --git a/queries/aws_lightsail_instance_4.yaml.bak b/queries/aws_lightsail_instance_4.yaml.bak deleted file mode 100755 index aa3b1d8f1..000000000 --- a/queries/aws_lightsail_instance_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_lightsail_instance_4 -Title: "List all AWS Lightsail Instances and Their Details" -Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - tags - from - aws_lightsail_instance - where - not tags :: JSONB ? 'application'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Lightsail diff --git a/queries/aws_lightsail_instance_5.yaml.bak b/queries/aws_lightsail_instance_5.yaml.bak deleted file mode 100755 index 68b895eb4..000000000 --- a/queries/aws_lightsail_instance_5.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_lightsail_instance_5 -Title: "Find AWS Lightsail Instances with Details" -Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - hardware ->> 'CpuCount' as "CPU Count", - hardware ->> 'RamSizeInGb' as "RAM Size (in GB)" - from - aws_lightsail_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Lightsail diff --git a/queries/aws_macie2_classification_job_1.yaml.bak b/queries/aws_macie2_classification_job_1.yaml.bak deleted file mode 100755 index ccdbea443..000000000 --- a/queries/aws_macie2_classification_job_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_macie2_classification_job_1 -Title: "List all AWS Macie2 Classification Jobs and Status" -Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - job_id, - arn, - name, - job_status, - region - from - aws_macie2_classification_job; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Macie2 diff --git a/queries/aws_macie2_classification_job_2.yaml.bak b/queries/aws_macie2_classification_job_2.yaml.bak deleted file mode 100755 index 64f062b2a..000000000 --- a/queries/aws_macie2_classification_job_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_macie2_classification_job_2 -Title: "List AWS Macie2 Classification Jobs and Details" -Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - job_id, - detail -> 'AccountId' as account_id, - detail -> 'Buckets' as buckets - from - aws_macie2_classification_job, - jsonb_array_elements(s3_job_definition -> 'BucketDefinitions') as detail; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Macie2 diff --git a/queries/aws_macie2_classification_job_3.yaml.bak b/queries/aws_macie2_classification_job_3.yaml.bak deleted file mode 100755 index ff0e81576..000000000 --- a/queries/aws_macie2_classification_job_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_macie2_classification_job_3 -Title: "Find AWS Macie2 Classification Jobs with Cancelled or Paused Status" -Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - job_id, - arn, - name, - job_status as status - from - aws_macie2_classification_job - where - job_status = 'CANCELLED' - or job_status = 'PAUSED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Macie2 diff --git a/queries/aws_macie2_classification_job_4.yaml.bak b/queries/aws_macie2_classification_job_4.yaml.bak deleted file mode 100755 index c0924007b..000000000 --- a/queries/aws_macie2_classification_job_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_macie2_classification_job_4 -Title: "List AWS Macie2 Classification Jobs and Details" -Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - job_id, - arn, - statistics ->> 'ApproximateNumberOfObjectsToProcess' as approximate_number_of_objects_to_process, - statistics ->> 'NumberOfRuns' as number_of_runs - from - aws_macie2_classification_job; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Macie2 diff --git a/queries/aws_media_store_container_1.yaml.bak b/queries/aws_media_store_container_1.yaml.bak deleted file mode 100755 index 203582f9f..000000000 --- a/queries/aws_media_store_container_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_media_store_container_1 -Title: "List AWS MediaStore Container Details" -Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - access_logging_enabled, - creation_time, - endpoint - from - aws_media_store_container; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - MediaStore diff --git a/queries/aws_media_store_container_2.yaml.bak b/queries/aws_media_store_container_2.yaml.bak deleted file mode 100755 index 8efc82600..000000000 --- a/queries/aws_media_store_container_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_media_store_container_2 -Title: "List all AWS MediaStore Containers with details" -Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - access_logging_enabled, - creation_time, - endpoint - from - aws_media_store_container - where - status = 'CREATING'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - MediaStore diff --git a/queries/aws_media_store_container_3.yaml.bak b/queries/aws_media_store_container_3.yaml.bak deleted file mode 100755 index 68f155271..000000000 --- a/queries/aws_media_store_container_3.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_media_store_container_3 -Title: "List AWS MediaStore Container Info with ARN and Status" -Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_media_store_container; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - MediaStore diff --git a/queries/aws_media_store_container_4.yaml.bak b/queries/aws_media_store_container_4.yaml.bak deleted file mode 100755 index d43608e1f..000000000 --- a/queries/aws_media_store_container_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_media_store_container_4 -Title: "Find AWS MediaStore Container Info with Access Logging" -Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - access_logging_enabled - from - aws_media_store_container - where - access_logging_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - MediaStore diff --git a/queries/aws_memorydb_cluster_1.yaml.bak b/queries/aws_memorydb_cluster_1.yaml.bak deleted file mode 100755 index 8376c7754..000000000 --- a/queries/aws_memorydb_cluster_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_memorydb_cluster_1 -Title: "List all AWS MemoryDB Clusters and Configurations" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - node_type, - engine_version, - region - from - aws_memorydb_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - MemoryDB diff --git a/queries/aws_memorydb_cluster_2.yaml.bak b/queries/aws_memorydb_cluster_2.yaml.bak deleted file mode 100755 index 2bc431574..000000000 --- a/queries/aws_memorydb_cluster_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_memorydb_cluster_2 -Title: "List all AWS MemoryDB Clusters with SQL" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - auto_minor_version_upgrade - from - aws_memorydb_cluster - where - auto_minor_version_upgrade = true; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - MemoryDB diff --git a/queries/aws_memorydb_cluster_2.yaml.bak.bak b/queries/aws_memorydb_cluster_2.yaml.bak.bak deleted file mode 100755 index 2bc431574..000000000 --- a/queries/aws_memorydb_cluster_2.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_memorydb_cluster_2 -Title: "List all AWS MemoryDB Clusters with SQL" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - auto_minor_version_upgrade - from - aws_memorydb_cluster - where - auto_minor_version_upgrade = true; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - MemoryDB diff --git a/queries/aws_memorydb_cluster_3.yaml.bak b/queries/aws_memorydb_cluster_3.yaml.bak deleted file mode 100755 index 9430637fc..000000000 --- a/queries/aws_memorydb_cluster_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_memorydb_cluster_3 -Title: "List all AWS MemoryDB clusters and their configurations" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - availability_mode - from - aws_memorydb_cluster - where - availability_mode = 'multiaz'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - MemoryDB diff --git a/queries/aws_memorydb_cluster_4.yaml.bak b/queries/aws_memorydb_cluster_4.yaml.bak deleted file mode 100755 index 68c16a583..000000000 --- a/queries/aws_memorydb_cluster_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_memorydb_cluster_4 -Title: "Find All AWS MemoryDB Clusters Without TLS Encryption" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - tls_enabled - from - aws_memorydb_cluster - where - tls_enabled = false; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - MemoryDB diff --git a/queries/aws_memorydb_cluster_5.yaml.bak b/queries/aws_memorydb_cluster_5.yaml.bak deleted file mode 100755 index 31ba17c19..000000000 --- a/queries/aws_memorydb_cluster_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_memorydb_cluster_5 -Title: "List All AWS MemoryDB Cluster Configurations and Statuses" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - maintenance_window - from - aws_memorydb_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - MemoryDB diff --git a/queries/aws_memorydb_cluster_6.yaml.bak b/queries/aws_memorydb_cluster_6.yaml.bak deleted file mode 100755 index 57b2e1499..000000000 --- a/queries/aws_memorydb_cluster_6.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_memorydb_cluster_6 -Title: "Find AWS MemoryDB Cluster Configurations and Statuses" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - node_type - from - aws_memorydb_cluster - where - node_type = 'db.r6gd.xlarge'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - MemoryDB diff --git a/queries/aws_memorydb_cluster_7.yaml.bak b/queries/aws_memorydb_cluster_7.yaml.bak deleted file mode 100755 index 542b9505d..000000000 --- a/queries/aws_memorydb_cluster_7.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_memorydb_cluster_7 -Title: "Find all AWS MemoryDB Cluster Configurations and Statuses" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - number_of_shards, - shards - from - aws_memorydb_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - MemoryDB diff --git a/queries/aws_memorydb_cluster_8.yaml.bak b/queries/aws_memorydb_cluster_8.yaml.bak deleted file mode 100755 index 69531e06d..000000000 --- a/queries/aws_memorydb_cluster_8.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_memorydb_cluster_8 -Title: "Find AWS MemoryDB Clusters with Pending Updates" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - pending_updates - from - aws_memorydb_cluster - where - jsonb_array_length(pending_updates) > 0; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - MemoryDB diff --git a/queries/aws_memorydb_cluster_9.yaml.bak b/queries/aws_memorydb_cluster_9.yaml.bak deleted file mode 100755 index a1d262fd0..000000000 --- a/queries/aws_memorydb_cluster_9.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_memorydb_cluster_9 -Title: "Find all AWS MemoryDB Clusters and their configurations" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - snapshot_retention_limit, - snapshot_window - from - aws_memorydb_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - MemoryDB diff --git a/queries/aws_mgn_application_1.yaml.bak b/queries/aws_mgn_application_1.yaml.bak deleted file mode 100755 index 3a3034a22..000000000 --- a/queries/aws_mgn_application_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_mgn_application_1 -Title: "List all AWS Migration Service Applications with Details" -Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - application_id, - creation_date_time, - is_archived, - wave_id, - tags - from - aws_mgn_application; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Migration Service diff --git a/queries/aws_mgn_application_1.yaml.bak.bak b/queries/aws_mgn_application_1.yaml.bak.bak deleted file mode 100755 index 3a3034a22..000000000 --- a/queries/aws_mgn_application_1.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_mgn_application_1 -Title: "List all AWS Migration Service Applications with Details" -Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - application_id, - creation_date_time, - is_archived, - wave_id, - tags - from - aws_mgn_application; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Migration Service diff --git a/queries/aws_mgn_application_2.yaml.bak b/queries/aws_mgn_application_2.yaml.bak deleted file mode 100755 index a2e872085..000000000 --- a/queries/aws_mgn_application_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_mgn_application_2 -Title: "List AWS Migration Service Applications with Details" -Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - application_id, - creation_date_time, - is_archived - from - aws_mgn_application - where - is_archived; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Migration Service diff --git a/queries/aws_mgn_application_3.yaml.bak b/queries/aws_mgn_application_3.yaml.bak deleted file mode 100755 index b4338f62a..000000000 --- a/queries/aws_mgn_application_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_mgn_application_3 -Title: "List All AWS Migration Service Applications Details" -Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - application_id, - application_aggregated_status ->> 'HealthStatus' as health_status, - application_aggregated_status ->> 'ProgressStatus' as progress_status, - application_aggregated_status ->> 'TotalSourceServers' as total_source_servers - from - aws_mgn_application; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Migration Service diff --git a/queries/aws_mgn_application_4.yaml.bak b/queries/aws_mgn_application_4.yaml.bak deleted file mode 100755 index ad8f54122..000000000 --- a/queries/aws_mgn_application_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_mgn_application_4 -Title: "List AWS Migration Service Applications with Details" -Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - application_id, - creation_date_time, - is_archived, - wave_id - from - aws_mgn_application - where - creation_date_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Migration Service diff --git a/queries/aws_mq_broker_1.yaml.bak b/queries/aws_mq_broker_1.yaml.bak deleted file mode 100755 index a2c50e170..000000000 --- a/queries/aws_mq_broker_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_mq_broker_1 -Title: "List all AWS MQ Brokers with Key Details" -Description: "Allows users to query AWS MQ Brokers." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - broker_name, - broker_state, - deployment_mode, - created, - host_instance_type, - engine_type, - engine_version - tags - from - aws_mq_broker; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - MQ diff --git a/queries/aws_mq_broker_2.yaml.bak b/queries/aws_mq_broker_2.yaml.bak deleted file mode 100755 index 371bbf7df..000000000 --- a/queries/aws_mq_broker_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_mq_broker_2 -Title: "Find AWS MQ Brokers with Reboot In Progress State" -Description: "Allows users to query AWS MQ Brokers." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - broker_name, - broker_state, - created - data_replication_mode, - authentication_strategy - from - aws_mq_broker - where - broker_state = 'REBOOT_IN_PROGRESS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - MQ Brokers diff --git a/queries/aws_mq_broker_3.yaml.bak b/queries/aws_mq_broker_3.yaml.bak deleted file mode 100755 index 703fe9a25..000000000 --- a/queries/aws_mq_broker_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_mq_broker_3 -Title: "List all AWS MQ Brokers with SQL Queries" -Description: "Allows users to query AWS MQ Brokers." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - broker_name, - broker_state, - created - from - aws_mq_broker - where - publicly_accessible; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - MQ Brokers diff --git a/queries/aws_mq_broker_4.yaml.bak b/queries/aws_mq_broker_4.yaml.bak deleted file mode 100755 index 3786c1f7f..000000000 --- a/queries/aws_mq_broker_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_mq_broker_4 -Title: "Find all AWS MQ Brokers using SQL" -Description: "Allows users to query AWS MQ Brokers." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - broker_name, - encryption_options ->> 'UseAwsOwnedKey' as use_aws_owned_key, - created - from - aws_mq_broker - where - encryption_options ->> 'UseAwsOwnedKey' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - MQ Broker diff --git a/queries/aws_mq_broker_5.yaml.bak b/queries/aws_mq_broker_5.yaml.bak deleted file mode 100755 index c7e9a41b6..000000000 --- a/queries/aws_mq_broker_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_mq_broker_5 -Title: "Find all AWS MQ Brokers with Maintenance Window Info" -Description: "Allows users to query AWS MQ Brokers." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - broker_name, - maintenance_window_start_time -> 'DayOfWeek' as day_of_week, - maintenance_window_start_time -> 'TimeOfDay' as time_of_day, - maintenance_window_start_time -> 'TimeZone' as time_zone - from - aws_mq_broker; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - MQ diff --git a/queries/aws_msk_cluster_1.yaml.bak b/queries/aws_msk_cluster_1.yaml.bak deleted file mode 100755 index a4901eab1..000000000 --- a/queries/aws_msk_cluster_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_msk_cluster_1 -Title: "Find AWS MSK Clusters using SQL with Steampipe Table" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - cluster_type, - creation_time, - current_version, - region, - tags - from - aws_msk_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Managed Streaming for Apache Kafka diff --git a/queries/aws_msk_cluster_2.yaml.bak b/queries/aws_msk_cluster_2.yaml.bak deleted file mode 100755 index fab4ea26f..000000000 --- a/queries/aws_msk_cluster_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_msk_cluster_2 -Title: "List all AWS MSK Clusters and Their States" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_cluster - where - state <> 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Managed Streaming for Apache Kafka diff --git a/queries/aws_msk_cluster_2.yaml.bak.bak b/queries/aws_msk_cluster_2.yaml.bak.bak deleted file mode 100755 index fab4ea26f..000000000 --- a/queries/aws_msk_cluster_2.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_msk_cluster_2 -Title: "List all AWS MSK Clusters and Their States" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_cluster - where - state <> 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Managed Streaming for Apache Kafka diff --git a/queries/aws_msk_cluster_3.yaml.bak b/queries/aws_msk_cluster_3.yaml.bak deleted file mode 100755 index 223d737b6..000000000 --- a/queries/aws_msk_cluster_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_msk_cluster_3 -Title: "Find AWS MSK Clusters and Their Details" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_cluster - where - provisioned -> 'BrokerNodeGroupInfo' -> 'ConnectivityInfo' -> 'PublicAccess' ->> 'Type' <> 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Managed Streaming for Apache Kafka (MSK) diff --git a/queries/aws_msk_cluster_4.yaml.bak b/queries/aws_msk_cluster_4.yaml.bak deleted file mode 100755 index 0de450604..000000000 --- a/queries/aws_msk_cluster_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_msk_cluster_4 -Title: "List all AWS MSK Clusters with Unencrypted Data" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_cluster - where - provisioned -> 'EncryptionInfo' -> 'EncryptionAtRest' is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Managed Streaming for Apache Kafka (MSK) diff --git a/queries/aws_msk_cluster_5.yaml.bak b/queries/aws_msk_cluster_5.yaml.bak deleted file mode 100755 index b6c4d8727..000000000 --- a/queries/aws_msk_cluster_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_msk_cluster_5 -Title: "List All AWS MSK Clusters with Specific Encryption State" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_cluster - where - provisioned -> 'EncryptionInfo' -> 'EncryptionInTransit' is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Managed Streaming for Apache Kafka diff --git a/queries/aws_msk_cluster_6.yaml.bak b/queries/aws_msk_cluster_6.yaml.bak deleted file mode 100755 index 0e204c8b5..000000000 --- a/queries/aws_msk_cluster_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_msk_cluster_6 -Title: "List all AWS MSK Clusters with Missing Logging Info" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_cluster - where - provisioned -> 'LoggingInfo' is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Managed Streaming for Apache Kafka diff --git a/queries/aws_msk_cluster_7.yaml.bak b/queries/aws_msk_cluster_7.yaml.bak deleted file mode 100755 index 59cdd8b61..000000000 --- a/queries/aws_msk_cluster_7.yaml.bak +++ /dev/null @@ -1,22 +0,0 @@ -ID: aws_msk_cluster_7 -Title: "Find Total Storage of AWS MSK Clusters" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - sum((provisioned -> 'BrokerNodeGroupInfo' -> 'StorageInfo' -> 'EbsStorageInfo' ->> 'VolumeSize')::int) as total_storage - from - aws_msk_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Managed Streaming for Apache Kafka diff --git a/queries/aws_msk_serverless_cluster_1.yaml.bak b/queries/aws_msk_serverless_cluster_1.yaml.bak deleted file mode 100755 index 803f253e4..000000000 --- a/queries/aws_msk_serverless_cluster_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_msk_serverless_cluster_1 -Title: "List AWS MSK Serverless Clusters with Detailed Info" -Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - cluster_type, - creation_time, - current_version, - region, - tags - from - aws_msk_serverless_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Managed Streaming for Kafka (MSK) diff --git a/queries/aws_msk_serverless_cluster_2.yaml.bak b/queries/aws_msk_serverless_cluster_2.yaml.bak deleted file mode 100755 index 96562fdc3..000000000 --- a/queries/aws_msk_serverless_cluster_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_msk_serverless_cluster_2 -Title: "List all AWS MSK Serverless Clusters Using SQL" -Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_serverless_cluster - where - state <> 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - MSK diff --git a/queries/aws_msk_serverless_cluster_3.yaml.bak b/queries/aws_msk_serverless_cluster_3.yaml.bak deleted file mode 100755 index bac855459..000000000 --- a/queries/aws_msk_serverless_cluster_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_msk_serverless_cluster_3 -Title: "List all AWS MSK Serverless Clusters with Details" -Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_serverless_cluster - where - creation_time >= (current_date - interval '90' day) - order by - creation_time; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon MSK diff --git a/queries/aws_msk_serverless_cluster_4.yaml.bak b/queries/aws_msk_serverless_cluster_4.yaml.bak deleted file mode 100755 index e533129ca..000000000 --- a/queries/aws_msk_serverless_cluster_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_msk_serverless_cluster_4 -Title: "Find all AWS MSK Serverless Cluster details" -Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - vpc ->> 'SubnetIds' as subnet_ids, - vpc ->> 'SecurityGroupIds' as security_group_ids - from - aws_msk_serverless_cluster, - jsonb_array_elements(serverless -> 'VpcConfigs') as vpc - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Managed Streaming for Kafka (MSK) Serverless diff --git a/queries/aws_msk_serverless_cluster_5.yaml.bak b/queries/aws_msk_serverless_cluster_5.yaml.bak deleted file mode 100755 index 20166aa7b..000000000 --- a/queries/aws_msk_serverless_cluster_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_msk_serverless_cluster_5 -Title: "Find AWS MSK Serverless Clusters with Specific Client Auth" -Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - serverless -> 'ClientAuthentication' as client_authentication - from - aws_msk_serverless_cluster - where - (serverless -> 'ClientAuthentication' -> 'Sasl' -> 'Iam' ->> 'Enabled')::boolean = false; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Managed Streaming for Kafka (MSK) diff --git a/queries/aws_neptune_db_cluster_1.yaml.bak b/queries/aws_neptune_db_cluster_1.yaml.bak deleted file mode 100755 index 60c913242..000000000 --- a/queries/aws_neptune_db_cluster_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_neptune_db_cluster_1 -Title: "List all configurations and status of Neptune DB Clusters" -Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - allocated_storage, - kms_key_id - from - aws_neptune_db_cluster - where - kms_key_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Neptune diff --git a/queries/aws_neptune_db_cluster_2.yaml.bak b/queries/aws_neptune_db_cluster_2.yaml.bak deleted file mode 100755 index a097e23fd..000000000 --- a/queries/aws_neptune_db_cluster_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_neptune_db_cluster_2 -Title: "List all Amazon Neptune DB clusters and their configurations" -Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - backup_retention_period - from - aws_neptune_db_cluster - where - backup_retention_period > 7; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Neptune diff --git a/queries/aws_neptune_db_cluster_3.yaml.bak b/queries/aws_neptune_db_cluster_3.yaml.bak deleted file mode 100755 index 61f1a7ae0..000000000 --- a/queries/aws_neptune_db_cluster_3.yaml.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: aws_neptune_db_cluster_3 -Title: "List all Amazon Neptune DB Clusters and Their Details" -Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - jsonb_array_length(availability_zones) availability_zones_count - from - aws_neptune_db_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Neptune diff --git a/queries/aws_neptune_db_cluster_3.yaml.bak.bak b/queries/aws_neptune_db_cluster_3.yaml.bak.bak deleted file mode 100755 index 61f1a7ae0..000000000 --- a/queries/aws_neptune_db_cluster_3.yaml.bak.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: aws_neptune_db_cluster_3 -Title: "List all Amazon Neptune DB Clusters and Their Details" -Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - jsonb_array_length(availability_zones) availability_zones_count - from - aws_neptune_db_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Neptune diff --git a/queries/aws_neptune_db_cluster_4.yaml.bak b/queries/aws_neptune_db_cluster_4.yaml.bak deleted file mode 100755 index 4ed5d4d5d..000000000 --- a/queries/aws_neptune_db_cluster_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_neptune_db_cluster_4 -Title: "Find Amazon Neptune DB Clusters including configuration & status" -Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - member ->> 'DBClusterParameterGroupStatus' as db_cluster_parameter_group_status, - member ->> 'DBInstanceIdentifier' as db_instance_identifier, - member ->> 'IsClusterWriter' as is_cluster_writer, - member ->> 'PromotionTier' as promotion_tier - from - aws_neptune_db_cluster - cross join jsonb_array_elements(db_cluster_members) as member; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Neptune DB diff --git a/queries/aws_neptune_db_cluster_snapshot_1.yaml.bak b/queries/aws_neptune_db_cluster_snapshot_1.yaml.bak deleted file mode 100755 index 6ebb7798c..000000000 --- a/queries/aws_neptune_db_cluster_snapshot_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_neptune_db_cluster_snapshot_1 -Title: "List all AWS Neptune DB Cluster Snapshots for metadata" -Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - snapshot_type, - storage_encrypted - from - aws_neptune_db_cluster_snapshot - where - not storage_encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Neptune diff --git a/queries/aws_neptune_db_cluster_snapshot_2.yaml.bak b/queries/aws_neptune_db_cluster_snapshot_2.yaml.bak deleted file mode 100755 index 34c2b74f7..000000000 --- a/queries/aws_neptune_db_cluster_snapshot_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_neptune_db_cluster_snapshot_2 -Title: "Find all AWS Neptune DB Cluster Snapshots with metadata" -Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - cluster_create_time, - engine, - engine_version, - license_model - from - aws_neptune_db_cluster_snapshot; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Neptune diff --git a/queries/aws_neptune_db_cluster_snapshot_3.yaml.bak b/queries/aws_neptune_db_cluster_snapshot_3.yaml.bak deleted file mode 100755 index 6d2d6a6ae..000000000 --- a/queries/aws_neptune_db_cluster_snapshot_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_neptune_db_cluster_snapshot_3 -Title: "List all AWS Neptune DB Cluster Snapshots and Counts" -Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - count(db_cluster_snapshot_identifier) snapshot_count - from - aws_neptune_db_cluster_snapshot - group by - db_cluster_identifier; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Neptune diff --git a/queries/aws_neptune_db_cluster_snapshot_4.yaml.bak b/queries/aws_neptune_db_cluster_snapshot_4.yaml.bak deleted file mode 100755 index a9895a129..000000000 --- a/queries/aws_neptune_db_cluster_snapshot_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_neptune_db_cluster_snapshot_4 -Title: "Find all AWS Neptune DB Cluster Snapshot details" -Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - engine, - snapshot_type - from - aws_neptune_db_cluster_snapshot, - jsonb_array_elements(db_cluster_snapshot_attributes) as cluster_snapshot - where - cluster_snapshot -> 'AttributeValues' = '["all"]'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Neptune DB diff --git a/queries/aws_networkfirewall_firewall_1.yaml.bak b/queries/aws_networkfirewall_firewall_1.yaml.bak deleted file mode 100755 index 3a9e4d897..000000000 --- a/queries/aws_networkfirewall_firewall_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_networkfirewall_firewall_1 -Title: "Find all AWS Network Firewall properties and settings" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - vpc_id, - policy_arn, - region, - tags - from - aws_networkfirewall_firewall; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_2.yaml.bak b/queries/aws_networkfirewall_firewall_2.yaml.bak deleted file mode 100755 index d5e3be85c..000000000 --- a/queries/aws_networkfirewall_firewall_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_networkfirewall_firewall_2 -Title: "Find AWS Network Firewall details including encryption" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - encryption_configuration - from - aws_networkfirewall_firewall - where - encryption_configuration ->> 'Type' = `AWS_OWNED_KMS_KEY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_3.yaml.bak b/queries/aws_networkfirewall_firewall_3.yaml.bak deleted file mode 100755 index d77669fe2..000000000 --- a/queries/aws_networkfirewall_firewall_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_networkfirewall_firewall_3 -Title: "Find AWS Network Firewalls for Properties and Settings" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - vpc_id - from - aws_networkfirewall_firewall - where - not delete_protection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Network Firewall diff --git a/queries/aws_networkfirewall_firewall_4.yaml.bak b/queries/aws_networkfirewall_firewall_4.yaml.bak deleted file mode 100755 index 77198bc57..000000000 --- a/queries/aws_networkfirewall_firewall_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_networkfirewall_firewall_4 -Title: "Find All AWS Network Firewalls with Details" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - vpc_id - from - aws_networkfirewall_firewall - where - not policy_change_protection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewalls diff --git a/queries/aws_networkfirewall_firewall_5.yaml.bak b/queries/aws_networkfirewall_firewall_5.yaml.bak deleted file mode 100755 index 2f44c36e8..000000000 --- a/queries/aws_networkfirewall_firewall_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_networkfirewall_firewall_5 -Title: "Find AWS Network Firewall Properties and Settings" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - vpc_id - from - aws_networkfirewall_firewall - where - not subnet_change_protection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_6.yaml.bak b/queries/aws_networkfirewall_firewall_6.yaml.bak deleted file mode 100755 index 7caaa0cfc..000000000 --- a/queries/aws_networkfirewall_firewall_6.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_networkfirewall_firewall_6 -Title: "List AWS Network Firewall properties and settings" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.arn, - f.name, - f.vpc_id, - s ->> 'SubnetId' as subnet_id, - cidr_block, - availability_zone, - default_for_az - from - aws_networkfirewall_firewall f, - jsonb_array_elements(subnet_mappings) s, - aws_vpc_subnet vs - where - vs.subnet_id = s ->> 'SubnetId'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_7.yaml.bak b/queries/aws_networkfirewall_firewall_7.yaml.bak deleted file mode 100755 index ede717d10..000000000 --- a/queries/aws_networkfirewall_firewall_7.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_networkfirewall_firewall_7 -Title: "Find details of AWS Network Firewalls properties and settings" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.arn, - f.name, - f.vpc_id, - k.arn as key_arn, - key_rotation_enabled - from - aws_networkfirewall_firewall f, - aws_kms_key k - where - k.id = encryption_configuration ->> 'KeyId' - and not f.encryption_configuration ->> 'Type' = `AWS_OWNED_KMS_KEY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_8.yaml.bak b/queries/aws_networkfirewall_firewall_8.yaml.bak deleted file mode 100755 index d6dcef783..000000000 --- a/queries/aws_networkfirewall_firewall_8.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_networkfirewall_firewall_8 -Title: "List all AWS Network Firewalls and Logging configurations" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - l -> 'LogDestination' as log_destination, - l ->> 'LogDestinationType' as log_destination_type, - l ->> 'LogType' as log_type - from - aws_networkfirewall_firewall, - jsonb_array_elements(logging_configuration) as l; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_policy_1.yaml.bak b/queries/aws_networkfirewall_firewall_policy_1.yaml.bak deleted file mode 100755 index 10b9f6831..000000000 --- a/queries/aws_networkfirewall_firewall_policy_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_networkfirewall_firewall_policy_1 -Title: "" -Description: "" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - firewall_policy_status, - region, - tags - from - aws_networkfirewall_firewall_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_policy_2.yaml.bak b/queries/aws_networkfirewall_firewall_policy_2.yaml.bak deleted file mode 100755 index 1669937e4..000000000 --- a/queries/aws_networkfirewall_firewall_policy_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_networkfirewall_firewall_policy_2 -Title: "" -Description: "" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - firewall_policy_status, - encryption_configuration - from - aws_networkfirewall_firewall_policy - where - encryption_configuration ->> 'Type' = `aws_OWNED_KMS_KEY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_policy_3.yaml.bak b/queries/aws_networkfirewall_firewall_policy_3.yaml.bak deleted file mode 100755 index 03be54f2b..000000000 --- a/queries/aws_networkfirewall_firewall_policy_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_networkfirewall_firewall_policy_3 -Title: "" -Description: "" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - firewall_policy_status, - region, - tags - from - aws_networkfirewall_firewall_policy - where - firewall_policy_status != 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_policy_4.yaml.bak b/queries/aws_networkfirewall_firewall_policy_4.yaml.bak deleted file mode 100755 index 8ffea0e03..000000000 --- a/queries/aws_networkfirewall_firewall_policy_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_networkfirewall_firewall_policy_4 -Title: "" -Description: "" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name as firewall_policy_name, - firewall_policy_status, - firewall_policy -> 'StatefulDefaultActions' as stateful_default_actions, - firewall_policy -> 'StatefulRuleGroupReferences' as stateful_rule_group_references - from - aws_networkfirewall_firewall_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_firewall_policy_5.yaml.bak b/queries/aws_networkfirewall_firewall_policy_5.yaml.bak deleted file mode 100755 index f770bb033..000000000 --- a/queries/aws_networkfirewall_firewall_policy_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_networkfirewall_firewall_policy_5 -Title: "" -Description: "" -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name as firewall_policy_name, - firewall_policy_status, - firewall_policy -> 'StatelessDefaultActions' as stateless_default_actions, - firewall_policy -> 'StatelessRuleGroupReferences' as stateless_rule_group_references - from - aws_networkfirewall_firewall_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - NetworkFirewall diff --git a/queries/aws_networkfirewall_firewall_policy_5.yaml.bak.bak b/queries/aws_networkfirewall_firewall_policy_5.yaml.bak.bak deleted file mode 100755 index f770bb033..000000000 --- a/queries/aws_networkfirewall_firewall_policy_5.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_networkfirewall_firewall_policy_5 -Title: "" -Description: "" -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name as firewall_policy_name, - firewall_policy_status, - firewall_policy -> 'StatelessDefaultActions' as stateless_default_actions, - firewall_policy -> 'StatelessRuleGroupReferences' as stateless_rule_group_references - from - aws_networkfirewall_firewall_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - NetworkFirewall diff --git a/queries/aws_networkfirewall_firewall_policy_6.yaml.bak b/queries/aws_networkfirewall_firewall_policy_6.yaml.bak deleted file mode 100755 index adf8e4838..000000000 --- a/queries/aws_networkfirewall_firewall_policy_6.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_networkfirewall_firewall_policy_6 -Title: "" -Description: "" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name as firewall_policy_name, - firewall_policy_status, - firewall_policy -> 'StatelessFragmentDefaultActions' as stateless_default_actions, - firewall_policy -> 'StatelessRuleGroupReferences' as stateless_rule_group_references - from - aws_networkfirewall_firewall_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws diff --git a/queries/aws_networkfirewall_firewall_policy_7.yaml.bak b/queries/aws_networkfirewall_firewall_policy_7.yaml.bak deleted file mode 100755 index 8b6fe5324..000000000 --- a/queries/aws_networkfirewall_firewall_policy_7.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_networkfirewall_firewall_policy_7 -Title: "" -Description: "" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name as firewall_policy_name, - firewall_policy_status, - firewall_policy -> 'StatelessRuleGroupReferences' ->> 'ActionName' as custom_action_name, - firewall_policy -> 'StatelessRuleGroupReferences' ->> 'ActionDefinition' as custom_action_definition - from - aws_networkfirewall_firewall_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_rule_group_1.yaml.bak b/queries/aws_networkfirewall_rule_group_1.yaml.bak deleted file mode 100755 index 460633658..000000000 --- a/queries/aws_networkfirewall_rule_group_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_networkfirewall_rule_group_1 -Title: "Find AWS Network Firewall Rule Group Details" -Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_group_name, - rule_group_status, - type, - jsonb_pretty(rules_source) as rules_source - from - aws_networkfirewall_rule_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_rule_group_2.yaml.bak b/queries/aws_networkfirewall_rule_group_2.yaml.bak deleted file mode 100755 index 8ba6665c8..000000000 --- a/queries/aws_networkfirewall_rule_group_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_networkfirewall_rule_group_2 -Title: "Find AWS Network Firewall Rule Group Details" -Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_group_name, - rule_group_status - from - aws_networkfirewall_rule_group - where - number_of_associations = 0; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_rule_group_3.yaml.bak b/queries/aws_networkfirewall_rule_group_3.yaml.bak deleted file mode 100755 index f51d1874c..000000000 --- a/queries/aws_networkfirewall_rule_group_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_networkfirewall_rule_group_3 -Title: "Find AWS Network Firewall Rule Group Details" -Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_group_name, - rule_group_status, - jsonb_pretty(rules_source -> 'StatefulRules') as stateful_rules, - jsonb_pretty(rule_variables) as rule_variables, - stateful_rule_options - from - aws_networkfirewall_rule_group - where - type = 'STATEFUL'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_rule_group_4.yaml.bak b/queries/aws_networkfirewall_rule_group_4.yaml.bak deleted file mode 100755 index 382ed0d36..000000000 --- a/queries/aws_networkfirewall_rule_group_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_networkfirewall_rule_group_4 -Title: "List all AWS Network Firewall Rule Group Details" -Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_group_name, - rule_group_status, - jsonb_pretty(rules_source -> 'StatelessRulesAndCustomActions' -> 'StatelessRules') as stateless_rules, - jsonb_pretty(rules_source -> 'StatelessRulesAndCustomActions' -> 'CustomActions') as custom_actions - from - aws_networkfirewall_rule_group - where - type = 'STATELESS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_networkfirewall_rule_group_5.yaml.bak b/queries/aws_networkfirewall_rule_group_5.yaml.bak deleted file mode 100755 index e5b46c626..000000000 --- a/queries/aws_networkfirewall_rule_group_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_networkfirewall_rule_group_5 -Title: "List AWS Network Firewall Rule Group Details" -Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_group_name, - rule_group_status, - number_of_associations - from - aws_networkfirewall_rule_group - where - type = 'STATELESS' and jsonb_array_length(rules_source -> 'StatelessRulesAndCustomActions' -> 'StatelessRules') = 0 - or type = 'STATEFUL' and jsonb_array_length(rules_source -> 'StatefulRules') = 0; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Network Firewall diff --git a/queries/aws_oam_link_1.yaml.bak b/queries/aws_oam_link_1.yaml.bak deleted file mode 100755 index a302083c3..000000000 --- a/queries/aws_oam_link_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_oam_link_1 -Title: "List all AWS OAM resource links" -Description: "Allows users to query AWS OAM Links to gather information about the link between an AWS resource and an AWS OAM resource." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - sink_arn, - label, - resource_types - from - aws_oam_link; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - OAM diff --git a/queries/aws_oam_link_2.yaml.bak b/queries/aws_oam_link_2.yaml.bak deleted file mode 100755 index 346e0301b..000000000 --- a/queries/aws_oam_link_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_oam_link_2 -Title: "List all AWS OAM Links and Their Associated Sinks" -Description: "Allows users to query AWS OAM Links to gather information about the link between an AWS resource and an AWS OAM resource." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - l.id, - l.arn, - s.name as sink_name, - l.sink_arn - from - aws_oam_link as l, - aws_oam_sink as s; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - OAM diff --git a/queries/aws_oam_link_3.yaml.bak b/queries/aws_oam_link_3.yaml.bak deleted file mode 100755 index 9e581289f..000000000 --- a/queries/aws_oam_link_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_oam_link_3 -Title: "Find AWS OAM Links Between Resources" -Description: "Allows users to query AWS OAM Links to gather information about the link between an AWS resource and an AWS OAM resource." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - l.id, - l.arn, - l.label, - l.label_template, - r as resource_type - from - aws_oam_link as l, - jsonb_array_elements_text(resource_types) as r - where - r = 'AWS::Logs::LogGroup'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - OAM diff --git a/queries/aws_oam_sink_1.yaml.bak b/queries/aws_oam_sink_1.yaml.bak deleted file mode 100755 index 53f904eb4..000000000 --- a/queries/aws_oam_sink_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_oam_sink_1 -Title: "Find AWS OAM Sink data for detailed information" -Description: "Allows users to query AWS OAM Sink data, providing detailed information about each AWS OAM Sink in your AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - tags, - title - from - aws_oam_sink; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - OAM Sink diff --git a/queries/aws_oam_sink_1.yaml.bak.bak b/queries/aws_oam_sink_1.yaml.bak.bak deleted file mode 100755 index 53f904eb4..000000000 --- a/queries/aws_oam_sink_1.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_oam_sink_1 -Title: "Find AWS OAM Sink data for detailed information" -Description: "Allows users to query AWS OAM Sink data, providing detailed information about each AWS OAM Sink in your AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - tags, - title - from - aws_oam_sink; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - OAM Sink diff --git a/queries/aws_oam_sink_2.yaml.bak b/queries/aws_oam_sink_2.yaml.bak deleted file mode 100755 index 35416d793..000000000 --- a/queries/aws_oam_sink_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_oam_sink_2 -Title: "Find AWS OAM Sink Data with Detailed Information" -Description: "Allows users to query AWS OAM Sink data, providing detailed information about each AWS OAM Sink in your AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn - from - aws_oam_sink - where - id = 'hfj44c81-7bdf-3847-r7i3-5dfc61b17483'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS OAM Sink diff --git a/queries/aws_opensearch_domain_1.yaml.bak b/queries/aws_opensearch_domain_1.yaml.bak deleted file mode 100755 index 0c2220565..000000000 --- a/queries/aws_opensearch_domain_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_opensearch_domain_1 -Title: "Find AWS OpenSearch Service Domains Configuration" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - arn, - engine_version, - created - from - aws_opensearch_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - OpenSearch Service diff --git a/queries/aws_opensearch_domain_2.yaml.bak b/queries/aws_opensearch_domain_2.yaml.bak deleted file mode 100755 index 0953f8bd1..000000000 --- a/queries/aws_opensearch_domain_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_opensearch_domain_2 -Title: "Find All AWS OpenSearch Service Domains and Their Details" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - encryption_at_rest_options ->> 'Enabled' as enabled, - encryption_at_rest_options ->> 'KmsKeyId' as kms_key_id - from - aws_opensearch_domain - where - encryption_at_rest_options ->> 'Enabled' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - OpenSearch Service diff --git a/queries/aws_opensearch_domain_3.yaml.bak b/queries/aws_opensearch_domain_3.yaml.bak deleted file mode 100755 index 1282bdb8b..000000000 --- a/queries/aws_opensearch_domain_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_opensearch_domain_3 -Title: "List all AWS OpenSearch Service Domains with SQL" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - ebs_options ->> 'VolumeSize' as volume_size, - ebs_options ->> 'VolumeType' as volume_type, - ebs_options ->> 'EBSEnabled' as ebs_enabled - from - aws_opensearch_domain - where - ebs_options ->> 'EBSEnabled' = 'true'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - OpenSearch Service diff --git a/queries/aws_opensearch_domain_4.yaml.bak b/queries/aws_opensearch_domain_4.yaml.bak deleted file mode 100755 index 281e0bbbd..000000000 --- a/queries/aws_opensearch_domain_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_opensearch_domain_4 -Title: "List AWS OpenSearch Service Domains and Configurations" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - vpc_options ->> 'AvailabilityZones' as availability_zones, - vpc_options ->> 'SecurityGroupIds' as security_group_ids, - vpc_options ->> 'SubnetIds' as subnet_ids, - vpc_options ->> 'VPCId' as vpc_id - from - aws_opensearch_domain - where - vpc_options ->> 'AvailabilityZones' is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - OpenSearch Service diff --git a/queries/aws_opensearch_domain_5.yaml.bak b/queries/aws_opensearch_domain_5.yaml.bak deleted file mode 100755 index fddd7a51b..000000000 --- a/queries/aws_opensearch_domain_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_opensearch_domain_5 -Title: "List all AWS OpenSearch Service Domains and Configurations" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - cluster_config ->> 'InstanceType' as instance_type, - cluster_config ->> 'InstanceCount' as instance_count - from - aws_opensearch_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - OpenSearch Service diff --git a/queries/aws_opensearch_domain_6.yaml.bak b/queries/aws_opensearch_domain_6.yaml.bak deleted file mode 100755 index 1cf72cde6..000000000 --- a/queries/aws_opensearch_domain_6.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_opensearch_domain_6 -Title: "Find all AWS OpenSearch Service Domains and their details" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - arn, - engine_version, - created - from - aws_opensearch_domain - where - vpc_options is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - OpenSearch Service diff --git a/queries/aws_opensearch_domain_6.yaml.bak.bak b/queries/aws_opensearch_domain_6.yaml.bak.bak deleted file mode 100755 index 1cf72cde6..000000000 --- a/queries/aws_opensearch_domain_6.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_opensearch_domain_6 -Title: "Find all AWS OpenSearch Service Domains and their details" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - arn, - engine_version, - created - from - aws_opensearch_domain - where - vpc_options is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - OpenSearch Service diff --git a/queries/aws_opensearch_domain_7.yaml.bak b/queries/aws_opensearch_domain_7.yaml.bak deleted file mode 100755 index 7f831c1ff..000000000 --- a/queries/aws_opensearch_domain_7.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_opensearch_domain_7 -Title: "Find AWS OpenSearch Service Domains Configuration" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - log_publishing_options - from - aws_opensearch_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - OpenSearch Service diff --git a/queries/aws_opensearch_domain_8.yaml.bak b/queries/aws_opensearch_domain_8.yaml.bak deleted file mode 100755 index 5b04d6f2c..000000000 --- a/queries/aws_opensearch_domain_8.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_opensearch_domain_8 -Title: "List all AWS OpenSearch Service Domain Configurations" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'Enabled' as enabled, - log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'CloudWatchLogsLogGroupArn' as cloud_watch_logs_log_group_arn - from - aws_opensearch_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - OpenSearch Service diff --git a/queries/aws_organizations_account_1.yaml.bak b/queries/aws_organizations_account_1.yaml.bak deleted file mode 100755 index 5de0b8451..000000000 --- a/queries/aws_organizations_account_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_organizations_account_1 -Title: "List all AWS Organizations Accounts with Details" -Description: "Allows users to query AWS Organizations Account and provides information about each AWS account that is a member of an organization in AWS Organizations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - email, - joined_method, - joined_timestamp, - name, - status, - tags - from - aws_organizations_account; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Organizations diff --git a/queries/aws_organizations_account_2.yaml.bak b/queries/aws_organizations_account_2.yaml.bak deleted file mode 100755 index ad61b3463..000000000 --- a/queries/aws_organizations_account_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_organizations_account_2 -Title: "List all AWS Organizations Account in Suspended Status" -Description: "Allows users to query AWS Organizations Account and provides information about each AWS account that is a member of an organization in AWS Organizations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - email, - joined_method, - joined_timestamp, - status - from - aws_organizations_account - where - status = 'SUSPENDED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Organizations diff --git a/queries/aws_organizations_organizational_unit_1.yaml.bak b/queries/aws_organizations_organizational_unit_1.yaml.bak deleted file mode 100755 index aefd30af2..000000000 --- a/queries/aws_organizations_organizational_unit_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_organizations_organizational_unit_1 -Title: "List all AWS Organization Units with Details" -Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - parent_id, - title, - akas - from - aws_organizations_organizational_unit; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_organizational_unit_2.yaml.bak b/queries/aws_organizations_organizational_unit_2.yaml.bak deleted file mode 100755 index 8bb672fea..000000000 --- a/queries/aws_organizations_organizational_unit_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_organizations_organizational_unit_2 -Title: "List AWS Organizations Organizational Units" -Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - parent_id, - path - from - aws_organizations_organizational_unit - where - path <@ 'r_wxnb.ou_wxnb_m8l8t123'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_organizational_unit_3.yaml.bak b/queries/aws_organizations_organizational_unit_3.yaml.bak deleted file mode 100755 index e0e0bf04c..000000000 --- a/queries/aws_organizations_organizational_unit_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_organizations_organizational_unit_3 -Title: "Find AWS Organizations Organizational Units using SQL" -Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - parent_id, - path - from - aws_organizations_organizational_unit - where - nlevel(path) = 3; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_organizational_unit_4.yaml.bak b/queries/aws_organizations_organizational_unit_4.yaml.bak deleted file mode 100755 index 313fa0373..000000000 --- a/queries/aws_organizations_organizational_unit_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_organizations_organizational_unit_4 -Title: "Find all AWS Organizations Organizational Units" -Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - parent_id, - path - from - aws_organizations_organizational_unit - where - 'r_wxnb.ou_wxnb_m8l123aq.ou_wxnb_5gri123b' @> path; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_organizational_unit_5.yaml.bak b/queries/aws_organizations_organizational_unit_5.yaml.bak deleted file mode 100755 index 84bdfb992..000000000 --- a/queries/aws_organizations_organizational_unit_5.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_organizations_organizational_unit_5 -Title: "Find all AWS Organizations Organizational Units" -Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - parent_id, - path - from - aws_organizations_organizational_unit - where - parent_id = - ( - select - parent_id - from - aws_organizations_organizational_unit - where - name = 'Punisher' - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_organizational_unit_5.yaml.bak.bak b/queries/aws_organizations_organizational_unit_5.yaml.bak.bak deleted file mode 100755 index 84bdfb992..000000000 --- a/queries/aws_organizations_organizational_unit_5.yaml.bak.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_organizations_organizational_unit_5 -Title: "Find all AWS Organizations Organizational Units" -Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - parent_id, - path - from - aws_organizations_organizational_unit - where - parent_id = - ( - select - parent_id - from - aws_organizations_organizational_unit - where - name = 'Punisher' - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_organizational_unit_6.yaml.bak b/queries/aws_organizations_organizational_unit_6.yaml.bak deleted file mode 100755 index ce9bd62be..000000000 --- a/queries/aws_organizations_organizational_unit_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_organizations_organizational_unit_6 -Title: "List AWS Organizations Organizational Units" -Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - parent_id, - path - from - aws_organizations_organizational_unit - where - path ~ 'r_wxnb.*.ou_wxnb_m81234aq.*'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_policy_1.yaml.bak b/queries/aws_organizations_policy_1.yaml.bak deleted file mode 100755 index 6c5946698..000000000 --- a/queries/aws_organizations_policy_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_organizations_policy_1 -Title: "Find AWS Organizations Policy Details with SQL" -Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - aws_managed - from - aws_organizations_policy - where - type = 'SERVICE_CONTROL_POLICY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations Policy diff --git a/queries/aws_organizations_policy_2.yaml.bak b/queries/aws_organizations_policy_2.yaml.bak deleted file mode 100755 index c8d63eee6..000000000 --- a/queries/aws_organizations_policy_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_organizations_policy_2 -Title: "List all Tag Policies in AWS Organizations" -Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - type, - aws_managed - from - aws_organizations_policy - where - not aws_managed - and type = 'TAG_POLICY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_policy_3.yaml.bak b/queries/aws_organizations_policy_3.yaml.bak deleted file mode 100755 index b4c78afec..000000000 --- a/queries/aws_organizations_policy_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_organizations_policy_3 -Title: "Find all AWS Organizations Backup Policies" -Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - type, - aws_managed - from - aws_organizations_policy - where - type = 'BACKUP_POLICY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_policy_4.yaml.bak b/queries/aws_organizations_policy_4.yaml.bak deleted file mode 100755 index cf42523de..000000000 --- a/queries/aws_organizations_policy_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_organizations_policy_4 -Title: "Find AWS Organizations Policy Details" -Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - content ->> 'Version' as policy_version, - content ->> 'Statement' as policy_statement - from - aws_organizations_policy - where - type = 'SERVICE_CONTROL_POLICY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_policy_target_1.yaml.bak b/queries/aws_organizations_policy_target_1.yaml.bak deleted file mode 100755 index b444f7d37..000000000 --- a/queries/aws_organizations_policy_target_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_organizations_policy_target_1 -Title: "List all AWS Organizations Policy Targets and Their Details" -Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - aws_managed - from - aws_organizations_policy_target - where - type = 'SERVICE_CONTROL_POLICY' - and target_id = '123456789098'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_policy_target_2.yaml.bak b/queries/aws_organizations_policy_target_2.yaml.bak deleted file mode 100755 index 3eeab6c69..000000000 --- a/queries/aws_organizations_policy_target_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_organizations_policy_target_2 -Title: "List AWS Organizations Policy Targets with SQL Query" -Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - type, - aws_managed - from - aws_organizations_policy_target - where - not aws_managed - and type = 'TAG_POLICY' - and target_id = 'ou-jsdhkek'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_policy_target_3.yaml.bak b/queries/aws_organizations_policy_target_3.yaml.bak deleted file mode 100755 index d56953ba2..000000000 --- a/queries/aws_organizations_policy_target_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_organizations_policy_target_3 -Title: "Find AWS Organizations Policy Targets with SQL" -Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - type, - aws_managed - from - aws_organizations_policy_target - where - type = 'BACKUP_POLICY' - and target_id = '123456789098'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Organizations diff --git a/queries/aws_organizations_policy_target_4.yaml.bak b/queries/aws_organizations_policy_target_4.yaml.bak deleted file mode 100755 index 46b2e2a5b..000000000 --- a/queries/aws_organizations_policy_target_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_organizations_policy_target_4 -Title: "Find AWS Organizations Policy Targets Information" -Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - content ->> 'Version' as policy_version, - content ->> 'Statement' as policy_statement - from - aws_organizations_policy_target - where - type = 'SERVICE_CONTROL_POLICY' - and target_id = 'r-9ijkl7'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_policy_target_4.yaml.bak.bak b/queries/aws_organizations_policy_target_4.yaml.bak.bak deleted file mode 100755 index 46b2e2a5b..000000000 --- a/queries/aws_organizations_policy_target_4.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_organizations_policy_target_4 -Title: "Find AWS Organizations Policy Targets Information" -Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - content ->> 'Version' as policy_version, - content ->> 'Statement' as policy_statement - from - aws_organizations_policy_target - where - type = 'SERVICE_CONTROL_POLICY' - and target_id = 'r-9ijkl7'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_root_1.yaml.bak b/queries/aws_organizations_root_1.yaml.bak deleted file mode 100755 index 4c76d1156..000000000 --- a/queries/aws_organizations_root_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_organizations_root_1 -Title: "Find AWS Organization Root Account Detailed Info" -Description: "Allows users to query AWS Organizations Root to retrieve detailed information on AWS Organizations Root account. This table can be utilized to gain insights on organizations root account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn - from - aws_organizations_root; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_organizations_root_2.yaml.bak b/queries/aws_organizations_root_2.yaml.bak deleted file mode 100755 index fa2ea4506..000000000 --- a/queries/aws_organizations_root_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_organizations_root_2 -Title: "Find AWS Organizations Root and Policy Details" -Description: "Allows users to query AWS Organizations Root to retrieve detailed information on AWS Organizations Root account. This table can be utilized to gain insights on organizations root account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - p ->> 'Status' as policy_status, - p ->> 'Type' as policy_type - from - aws_organizations_root, - jsonb_array_elements(policy_types) as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Organizations diff --git a/queries/aws_pinpoint_app_1.yaml.bak b/queries/aws_pinpoint_app_1.yaml.bak deleted file mode 100755 index eb9872ca5..000000000 --- a/queries/aws_pinpoint_app_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_pinpoint_app_1 -Title: "Find all details of AWS Pinpoint Applications" -Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - limits - from - aws_pinpoint_app; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Pinpoint diff --git a/queries/aws_pinpoint_app_2.yaml.bak b/queries/aws_pinpoint_app_2.yaml.bak deleted file mode 100755 index ce8e60465..000000000 --- a/queries/aws_pinpoint_app_2.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_pinpoint_app_2 -Title: "Find AWS Pinpoint Applications and Details" -Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - quiet_time -> 'Start' as start_time, - quiet_time -> 'End' as end_time - from - aws_pinpoint_app; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Pinpoint diff --git a/queries/aws_pinpoint_app_3.yaml.bak b/queries/aws_pinpoint_app_3.yaml.bak deleted file mode 100755 index dd25e7006..000000000 --- a/queries/aws_pinpoint_app_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_pinpoint_app_3 -Title: "Find all AWS Pinpoint App details and settings" -Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - campaign_hook -> 'LambdaFunctionName' as lambda_function_name, - campaign_hook -> 'Mode' as mode, - campaign_hook -> 'WebUrl' as web_url - from - aws_pinpoint_app; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Pinpoint diff --git a/queries/aws_pinpoint_app_4.yaml.bak b/queries/aws_pinpoint_app_4.yaml.bak deleted file mode 100755 index a6b8d7ae9..000000000 --- a/queries/aws_pinpoint_app_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_pinpoint_app_4 -Title: "List AWS Pinpoint Application Details and Limits" -Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - limits -> 'Daily' as daily, - limits -> 'Total' as total, - limits -> 'Session' as session, - limits -> 'MaximumDuration' as maximum_duration, - limits -> 'MessagesPerSecond' as messages_per_second - from - aws_pinpoint_app; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Pinpoint diff --git a/queries/aws_pipes_pipe_1.yaml.bak b/queries/aws_pipes_pipe_1.yaml.bak deleted file mode 100755 index b2c6df969..000000000 --- a/queries/aws_pipes_pipe_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_pipes_pipe_1 -Title: "Find AWS Pipe Details via SQL Query" -Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - current_state, - creation_time, - role_arn - from - aws_pipes_pipe; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Pipes diff --git a/queries/aws_pipes_pipe_2.yaml.bak b/queries/aws_pipes_pipe_2.yaml.bak deleted file mode 100755 index 1b8933b8c..000000000 --- a/queries/aws_pipes_pipe_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_pipes_pipe_2 -Title: "List all AWS Pipes with State Details" -Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - description, - creation_time, - current_state, - desired_state - from - aws_pipes_pipe - where - desired_state <> current_state; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Pipes diff --git a/queries/aws_pipes_pipe_3.yaml.bak b/queries/aws_pipes_pipe_3.yaml.bak deleted file mode 100755 index 1ead735df..000000000 --- a/queries/aws_pipes_pipe_3.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_pipes_pipe_3 -Title: "List all AWS Pipes with Detailed Parameters" -Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - target_parameters ->> 'BatchJobParameters' as batch_job_parameters, - target_parameters ->> 'CloudWatchLogsParameters' as cloudwatch_logs_parameters, - target_parameters ->> 'EcsTaskParameters' as ecs_task_parameters, - target_parameters ->> 'EventBridgeEventBusParameters' as eventbridge_event_bus_parameters, - target_parameters ->> 'HttpParameters' as http_parameters, - target_parameters ->> 'InputTemplate' as input_template, - target_parameters ->> 'KinesisStreamParameters' as kinesis_stream_parameters, - target_parameters ->> 'LambdaFunctionParameters' as lambda_function_parameters, - target_parameters ->> 'RedshiftDataParameters' as redshift_data_parameters, - target_parameters ->> 'SageMakerPipelineParameters' as sage_maker_pipeline_parameters, - target_parameters ->> 'SqsQueueParameters' as sqs_queue_parameters, - target_parameters ->> 'StepFunctionStateMachineParameters' as step_function_state_machine_parameters - from - aws_pipes_pipe; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Pipes diff --git a/queries/aws_pipes_pipe_4.yaml.bak b/queries/aws_pipes_pipe_4.yaml.bak deleted file mode 100755 index 71c989e0f..000000000 --- a/queries/aws_pipes_pipe_4.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_pipes_pipe_4 -Title: "List All AWS Pipes and Their Details" -Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - enrichment_parameters ->> 'HttpParameters' as http_parameters, - enrichment_parameters ->> 'InputTemplate' as input_template - from - aws_pipes_pipe; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Pipes diff --git a/queries/aws_pipes_pipe_5.yaml.bak b/queries/aws_pipes_pipe_5.yaml.bak deleted file mode 100755 index f48122746..000000000 --- a/queries/aws_pipes_pipe_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_pipes_pipe_5 -Title: "List AWS Pipes and Their Details Using SQL" -Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - creation_time, - current_state, - desired_state, - enrichment, - target - from - aws_pipes_pipe - where - creation_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Pipes diff --git a/queries/aws_pipes_pipe_6.yaml.bak b/queries/aws_pipes_pipe_6.yaml.bak deleted file mode 100755 index ca1f23345..000000000 --- a/queries/aws_pipes_pipe_6.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_pipes_pipe_6 -Title: "List AWS Pipes and Their Associated IAM Roles" -Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - p.name, - r.arn as role_arn, - r.role_id, - r.permissions_boundary_arn, - r.role_last_used_region, - r.inline_policies, - r.assume_role_policy - from - aws_pipes_pipe as p, - aws_iam_role as r - where - p.role_arn = r.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Pipes diff --git a/queries/aws_pipes_pipe_6.yaml.bak.bak b/queries/aws_pipes_pipe_6.yaml.bak.bak deleted file mode 100755 index f2d65cb66..000000000 --- a/queries/aws_pipes_pipe_6.yaml.bak.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_pipes_pipe_6 -Title: "List AWS Pipes and Their Associated IAM Roles" -Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - p.name, - r.arn as role_arn, - r.role_id, - r.permissions_boundary_arn, - r.role_last_used_region, - r.inline_policies, - r.assume_role_policy - from - aws_pipes_pipe as p, - aws_iam_role as r - where - p.role_arn = r.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Pipes diff --git a/queries/aws_pricing_product_1.yaml.bak b/queries/aws_pricing_product_1.yaml.bak deleted file mode 100755 index bc275772d..000000000 --- a/queries/aws_pricing_product_1.yaml.bak +++ /dev/null @@ -1,46 +0,0 @@ -ID: aws_pricing_product_1 -Title: "Find AWS Pricing Product Details with Attributes" -Description: "Allows users to query AWS Pricing Product details such as the product''s description, pricing details, and associated attributes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - term, - purchase_option, - lease_contract_length, - unit, - price_per_unit::numeric::money, - currency, - begin_range, - end_range, - effective_date, - description, - attributes ->> 'instanceType', - attributes ->> 'vcpu', - attributes ->> 'memory', - attributes ->> 'operatingSystem', - attributes ->> 'preInstalledSw' - from - aws_pricing_product - where - service_code = 'AmazonEC2' - and filters = '{ - "regionCode": "eu-west-3", - "locationType": "AWS Region", - "instanceType": "c5.2xlarge", - "operatingSystem": "Linux", - "tenancy": "Shared", - "preInstalledSw": "NA", - "capacityStatus": "Used" }'::jsonb; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Pricing diff --git a/queries/aws_pricing_product_2.yaml.bak b/queries/aws_pricing_product_2.yaml.bak deleted file mode 100755 index be403b541..000000000 --- a/queries/aws_pricing_product_2.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: aws_pricing_product_2 -Title: "List AWS Pricing Product Details by Service Code and Filters" -Description: "Allows users to query AWS Pricing Product details such as the product''s description, pricing details, and associated attributes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - term, - purchase_option, - lease_contract_length, - unit, - price_per_unit::numeric::money, - currency, - attributes ->> 'instanceType', - attributes ->> 'vcpu', - attributes ->> 'memory', - attributes ->> 'databaseEngine', - attributes ->> 'deploymentOption' - from - aws_pricing_product - where - service_code = 'AmazonRDS' - and filters = '{ - "regionCode": "eu-west-3", - "locationType": "AWS Region", - "instanceType": "db.m5.xlarge", - "databaseEngine": "MySQL", - "deploymentOption": "Single-AZ" }'::jsonb; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Pricing Product diff --git a/queries/aws_pricing_product_3.yaml.bak b/queries/aws_pricing_product_3.yaml.bak deleted file mode 100755 index 6ce99b9bc..000000000 --- a/queries/aws_pricing_product_3.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: aws_pricing_product_3 -Title: "Find AWS ElastiCache Pricing Product with Specific Attributes" -Description: "Allows users to query AWS Pricing Product details such as the product''s description, pricing details, and associated attributes." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - term, - purchase_option, - lease_contract_length, - unit, - price_per_unit::numeric::money, - currency, - attributes ->> 'instanceType', - attributes ->> 'vcpu', - attributes ->> 'memory', - attributes ->> 'cacheEngine' - from - aws_pricing_product - where - service_code = 'AmazonElastiCache' - and filters = '{ - "regionCode": "eu-west-3", - "locationType": "AWS Region", - "instanceType": "cache.m5.xlarge", - "cacheEngine": "Redis" }'::jsonb; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Pricing Product diff --git a/queries/aws_pricing_service_attribute_1.yaml.bak b/queries/aws_pricing_service_attribute_1.yaml.bak deleted file mode 100755 index 6a9b0be96..000000000 --- a/queries/aws_pricing_service_attribute_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_pricing_service_attribute_1 -Title: "List all AWS Pricing Service Attributes and Prices" -Description: "Allows users to query AWS Pricing Service Attributes to gain insights into product attributes and their respective prices." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_code, - attribute_name, - attribute_values - from - aws_pricing_service_attribute; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Pricing Service diff --git a/queries/aws_pricing_service_attribute_2.yaml.bak b/queries/aws_pricing_service_attribute_2.yaml.bak deleted file mode 100755 index 5aef29c1b..000000000 --- a/queries/aws_pricing_service_attribute_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_pricing_service_attribute_2 -Title: "List all AWS Pricing Service Attributes" -Description: "Allows users to query AWS Pricing Service Attributes to gain insights into product attributes and their respective prices." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_code, - attribute_name, - attribute_values - from - aws_pricing_service_attribute - where - service_code = 'AWSBackup'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Pricing Service diff --git a/queries/aws_pricing_service_attribute_3.yaml.bak b/queries/aws_pricing_service_attribute_3.yaml.bak deleted file mode 100755 index bf4629001..000000000 --- a/queries/aws_pricing_service_attribute_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_pricing_service_attribute_3 -Title: "Find AWS Pricing Service Attributes for AWSBackup and termType" -Description: "Allows users to query AWS Pricing Service Attributes to gain insights into product attributes and their respective prices." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_code, - attribute_name, - attribute_values - from - aws_pricing_service_attribute - where - service_code = 'AWSBackup' and attribute_name = 'termType'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Pricing Service diff --git a/queries/aws_ram_principal_association_1.yaml.bak b/queries/aws_ram_principal_association_1.yaml.bak deleted file mode 100755 index ad03bed62..000000000 --- a/queries/aws_ram_principal_association_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ram_principal_association_1 -Title: "List AWS RAM Principal Associations with SQL" -Description: "Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` table in Steampipe provides information about principal associations within AWS Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific details, including resource share ARN, principal ARN, creation time, and associated tags. Users can utilize this table to gather insights on principal associations, such as their status, external status, and more. The schema outlines the various attributes of the principal association, including the resource share ARN, principal ARN, creation time, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_share_name, - resource_share_arn, - associated_entity, - status - from - aws_ram_principal_association; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Resource Access Manager diff --git a/queries/aws_ram_principal_association_2.yaml.bak b/queries/aws_ram_principal_association_2.yaml.bak deleted file mode 100755 index e11531d55..000000000 --- a/queries/aws_ram_principal_association_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ram_principal_association_2 -Title: "List all AWS RAM Principal Associations by SQL Query" -Description: "Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` table in Steampipe provides information about principal associations within AWS Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific details, including resource share ARN, principal ARN, creation time, and associated tags. Users can utilize this table to gather insights on principal associations, such as their status, external status, and more. The schema outlines the various attributes of the principal association, including the resource share ARN, principal ARN, creation time, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_share_name, - resource_share_arn, - associated_entity, - p ->> 'Arn' as resource_share_permission_arn, - p ->> 'Status' as resource_share_permission_status - from - aws_ram_principal_association, - jsonb_array_elements(resource_share_permission) p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Resource Access Manager diff --git a/queries/aws_ram_principal_association_3.yaml.bak b/queries/aws_ram_principal_association_3.yaml.bak deleted file mode 100755 index e7bd93597..000000000 --- a/queries/aws_ram_principal_association_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ram_principal_association_3 -Title: "List all AWS RAM Principal Associations with Failed Status" -Description: "Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` table in Steampipe provides information about principal associations within AWS Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific details, including resource share ARN, principal ARN, creation time, and associated tags. Users can utilize this table to gather insights on principal associations, such as their status, external status, and more. The schema outlines the various attributes of the principal association, including the resource share ARN, principal ARN, creation time, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_share_name, - resource_share_arn, - associated_entity, - status - from - aws_ram_principal_association - where - status = 'FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Resource Access Manager diff --git a/queries/aws_ram_resource_association_1.yaml.bak b/queries/aws_ram_resource_association_1.yaml.bak deleted file mode 100755 index 0def52f40..000000000 --- a/queries/aws_ram_resource_association_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ram_resource_association_1 -Title: "List all AWS RAM Resource Associations with SQL" -Description: "Allows users to query AWS RAM Resource Associations to retrieve information about the associations between resources and resource shares." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_share_name, - resource_share_arn, - associated_entity, - status - from - aws_ram_resource_association; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS RAM diff --git a/queries/aws_ram_resource_association_2.yaml.bak b/queries/aws_ram_resource_association_2.yaml.bak deleted file mode 100755 index c7a943a7e..000000000 --- a/queries/aws_ram_resource_association_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ram_resource_association_2 -Title: "List AWS RAM Resource Associations and Permissions" -Description: "Allows users to query AWS RAM Resource Associations to retrieve information about the associations between resources and resource shares." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_share_name, - resource_share_arn, - associated_entity, - p ->> 'Arn' as resource_share_permission_arn, - p ->> 'Status' as resource_share_permission_status - from - aws_ram_resource_association, - jsonb_array_elements(resource_share_permission) p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS RAM Resource Association diff --git a/queries/aws_ram_resource_association_3.yaml.bak b/queries/aws_ram_resource_association_3.yaml.bak deleted file mode 100755 index 7332c59a6..000000000 --- a/queries/aws_ram_resource_association_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ram_resource_association_3 -Title: "Find AWS RAM Resource Associations with SQL Query" -Description: "Allows users to query AWS RAM Resource Associations to retrieve information about the associations between resources and resource shares." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_share_name, - resource_share_arn, - associated_entity, - status - from - aws_ram_resource_association - where - status = 'FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - RAM diff --git a/queries/aws_rds_db_cluster_1.yaml.bak b/queries/aws_rds_db_cluster_1.yaml.bak deleted file mode 100755 index 8b8cec140..000000000 --- a/queries/aws_rds_db_cluster_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_rds_db_cluster_1 -Title: "Find all AWS RDS DB Clusters: Status & Security Details" -Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - allocated_storage, - kms_key_id - from - aws_rds_db_cluster - where - kms_key_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS DB Cluster diff --git a/queries/aws_rds_db_cluster_2.yaml.bak b/queries/aws_rds_db_cluster_2.yaml.bak deleted file mode 100755 index ce20612ab..000000000 --- a/queries/aws_rds_db_cluster_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_cluster_2 -Title: "List AWS RDS DB Clusters Status and Configurations" -Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - backup_retention_period - from - aws_rds_db_cluster - where - backup_retention_period > 7; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_cluster_3.yaml.bak b/queries/aws_rds_db_cluster_3.yaml.bak deleted file mode 100755 index f4e2c3836..000000000 --- a/queries/aws_rds_db_cluster_3.yaml.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: aws_rds_db_cluster_3 -Title: "Query AWS RDS DB Clusters for Status and Config Details" -Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - jsonb_array_length(availability_zones) availability_zones_count - from - aws_rds_db_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS RDS diff --git a/queries/aws_rds_db_cluster_4.yaml.bak b/queries/aws_rds_db_cluster_4.yaml.bak deleted file mode 100755 index 8559009b7..000000000 --- a/queries/aws_rds_db_cluster_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_rds_db_cluster_4 -Title: "List all AWS RDS DB Clusters status and settings" -Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - member ->> 'DBClusterParameterGroupStatus' as db_cluster_parameter_group_status, - member ->> 'DBInstanceIdentifier' as db_instance_identifier, - member ->> 'IsClusterWriter' as is_cluster_writer, - member ->> 'PromotionTier' as promotion_tier - from - aws_rds_db_cluster - cross join jsonb_array_elements(members) as member; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_cluster_5.yaml.bak b/queries/aws_rds_db_cluster_5.yaml.bak deleted file mode 100755 index 2e824761b..000000000 --- a/queries/aws_rds_db_cluster_5.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_db_cluster_5 -Title: "Find AWS RDS DB Clusters Status and Configuration" -Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - actions ->> 'ResourceIdentifier' as db_cluster_identifier, - details ->> 'Action' as action, - details ->> 'OptInStatus' as opt_in_status, - details ->> 'ForcedApplyDate' as forced_apply_date, - details ->> 'CurrentApplyDate' as current_apply_date, - details ->> 'AutoAppliedAfterDate' as auto_applied_after_date - from - aws_rds_db_cluster, - jsonb_array_elements(pending_maintenance_actions) as actions, - jsonb_array_elements(actions -> 'PendingMaintenanceActionDetails') as details; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_cluster_5.yaml.bak.bak b/queries/aws_rds_db_cluster_5.yaml.bak.bak deleted file mode 100755 index 2e824761b..000000000 --- a/queries/aws_rds_db_cluster_5.yaml.bak.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_db_cluster_5 -Title: "Find AWS RDS DB Clusters Status and Configuration" -Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - actions ->> 'ResourceIdentifier' as db_cluster_identifier, - details ->> 'Action' as action, - details ->> 'OptInStatus' as opt_in_status, - details ->> 'ForcedApplyDate' as forced_apply_date, - details ->> 'CurrentApplyDate' as current_apply_date, - details ->> 'AutoAppliedAfterDate' as auto_applied_after_date - from - aws_rds_db_cluster, - jsonb_array_elements(pending_maintenance_actions) as actions, - jsonb_array_elements(actions -> 'PendingMaintenanceActionDetails') as details; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_cluster_parameter_group_1.yaml.bak b/queries/aws_rds_db_cluster_parameter_group_1.yaml.bak deleted file mode 100755 index 44afa78f9..000000000 --- a/queries/aws_rds_db_cluster_parameter_group_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_rds_db_cluster_parameter_group_1 -Title: "Find AWS RDS DB Cluster Parameter Groups Configuration" -Description: "Allows users to query AWS RDS DB Cluster Parameter Groups, providing detailed information about each parameter group''s configuration, including its name, family, description, and ARN. This table can be used to identify unused or misconfigured parameter groups and to ensure they comply with security and operational best practices." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - db_parameter_group_family - from - aws_rds_db_cluster_parameter_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_cluster_parameter_group_2.yaml.bak b/queries/aws_rds_db_cluster_parameter_group_2.yaml.bak deleted file mode 100755 index cb6a05680..000000000 --- a/queries/aws_rds_db_cluster_parameter_group_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_rds_db_cluster_parameter_group_2 -Title: "List all AWS RDS DB Cluster Parameter Groups with Details" -Description: "Allows users to query AWS RDS DB Cluster Parameter Groups, providing detailed information about each parameter group''s configuration, including its name, family, description, and ARN. This table can be used to identify unused or misconfigured parameter groups and to ensure they comply with security and operational best practices." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - db_parameter_group_family, - pg ->> 'ParameterName' as parameter_name, - pg ->> 'ParameterValue' as parameter_value, - pg ->> 'AllowedValues' as allowed_values, - pg ->> 'ApplyType' as apply_type, - pg ->> 'IsModifiable' as is_modifiable, - pg ->> 'DataType' as data_type, - pg ->> 'Description' as description, - pg ->> 'MinimumEngineVersion' as minimum_engine_version - from - aws_rds_db_cluster_parameter_group - cross join jsonb_array_elements(parameters) as pg; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_cluster_snapshot_1.yaml.bak b/queries/aws_rds_db_cluster_snapshot_1.yaml.bak deleted file mode 100755 index a1a3edf88..000000000 --- a/queries/aws_rds_db_cluster_snapshot_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_rds_db_cluster_snapshot_1 -Title: "Find AWS RDS DB Cluster Snapshot Details" -Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - type, - storage_encrypted, - split_part(kms_key_id, '/', 1) kms_key_id - from - aws_rds_db_cluster_snapshot - where - not storage_encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_cluster_snapshot_2.yaml.bak b/queries/aws_rds_db_cluster_snapshot_2.yaml.bak deleted file mode 100755 index 86053d2e0..000000000 --- a/queries/aws_rds_db_cluster_snapshot_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_rds_db_cluster_snapshot_2 -Title: "Find AWS RDS DB Cluster Snapshots Detailed Information" -Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - cluster_create_time, - engine, - engine_version, - license_model - from - aws_rds_db_cluster_snapshot; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_cluster_snapshot_3.yaml.bak b/queries/aws_rds_db_cluster_snapshot_3.yaml.bak deleted file mode 100755 index 11c438604..000000000 --- a/queries/aws_rds_db_cluster_snapshot_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_rds_db_cluster_snapshot_3 -Title: "List all AWS RDS DB Cluster Snapshots with Details" -Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - count(db_cluster_snapshot_identifier) snapshot_count - from - aws_rds_db_cluster_snapshot - group by - db_cluster_identifier; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_cluster_snapshot_4.yaml.bak b/queries/aws_rds_db_cluster_snapshot_4.yaml.bak deleted file mode 100755 index 4c5551081..000000000 --- a/queries/aws_rds_db_cluster_snapshot_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_rds_db_cluster_snapshot_4 -Title: "List all AWS RDS DB Cluster Snapshots with Details" -Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - engine, - type - from - aws_rds_db_cluster_snapshot - where - type = 'manual'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_engine_version_1.yaml.bak b/queries/aws_rds_db_engine_version_1.yaml.bak deleted file mode 100755 index 8f38c84b5..000000000 --- a/queries/aws_rds_db_engine_version_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_rds_db_engine_version_1 -Title: "Find all AWS RDS DB Engine Versions with SQL" -Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - engine, - engine_version, - db_engine_version_description, - status, - major_engine_version - from - aws_rds_db_engine_version; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_engine_version_2.yaml.bak b/queries/aws_rds_db_engine_version_2.yaml.bak deleted file mode 100755 index a7c44023e..000000000 --- a/queries/aws_rds_db_engine_version_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_rds_db_engine_version_2 -Title: "List all AWS RDS DB Engine Versions Supporting Read Replicas" -Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - engine, - engine_version, - supports_read_replica - from - aws_rds_db_engine_version - where - supports_read_replica; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_engine_version_3.yaml.bak b/queries/aws_rds_db_engine_version_3.yaml.bak deleted file mode 100755 index 90cda5d55..000000000 --- a/queries/aws_rds_db_engine_version_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_rds_db_engine_version_3 -Title: "List all AWS RDS DB Engine Versions with Deprecated Status" -Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - engine, - engine_version, - status - from - aws_rds_db_engine_version - where - status = 'deprecated'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_engine_version_4.yaml.bak b/queries/aws_rds_db_engine_version_4.yaml.bak deleted file mode 100755 index af2147113..000000000 --- a/queries/aws_rds_db_engine_version_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_rds_db_engine_version_4 -Title: "Find AWS RDS DB Engine Versions with Detailed Information" -Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - engine, - engine_version, - supported_feature_names - from - aws_rds_db_engine_version - where - engine_version = 'specific_engine_version'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_engine_version_5.yaml.bak b/queries/aws_rds_db_engine_version_5.yaml.bak deleted file mode 100755 index 38437aae1..000000000 --- a/queries/aws_rds_db_engine_version_5.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_db_engine_version_5 -Title: "List AWS RDS DB Engine Versions with Details" -Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - engine, - engine_version, - create_time, - status, - db_engine_media_type, - default_only - from - aws_rds_db_engine_version - where - default_only; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_event_subscription_1.yaml.bak b/queries/aws_rds_db_event_subscription_1.yaml.bak deleted file mode 100755 index a869b5866..000000000 --- a/queries/aws_rds_db_event_subscription_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_rds_db_event_subscription_1 -Title: "List all AWS RDS DB Event Subscriptions Information" -Description: "Allows users to query AWS RDS DB Event Subscriptions to retrieve information about all event subscriptions for RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cust_subscription_id, - customer_aws_id, - arn, - status, - enabled - from - aws_rds_db_event_subscription; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_event_subscription_2.yaml.bak b/queries/aws_rds_db_event_subscription_2.yaml.bak deleted file mode 100755 index 76f861f43..000000000 --- a/queries/aws_rds_db_event_subscription_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_event_subscription_2 -Title: "Find all AWS RDS DB Event Subscriptions" -Description: "Allows users to query AWS RDS DB Event Subscriptions to retrieve information about all event subscriptions for RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cust_subscription_id, - enabled - from - aws_rds_db_event_subscription - where - enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_1.yaml.bak b/queries/aws_rds_db_instance_1.yaml.bak deleted file mode 100755 index b6b795dc9..000000000 --- a/queries/aws_rds_db_instance_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_rds_db_instance_1 -Title: "Find all AWS RDS DB Instances Configuration Status" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - class, - engine, - engine_version, - publicly_accessible - from - aws_rds_db_instance - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_10.yaml.bak b/queries/aws_rds_db_instance_10.yaml.bak deleted file mode 100755 index f3e17d499..000000000 --- a/queries/aws_rds_db_instance_10.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_rds_db_instance_10 -Title: "Find AWS RDS DB Instances Configuration and Status" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - certificate ->> 'CertificateArn' as certificate_arn, - certificate ->> 'CertificateType' as certificate_type, - certificate ->> 'ValidFrom' as valid_from, - certificate ->> 'ValidTill' as valid_till - from - aws_rds_db_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_11.yaml.bak b/queries/aws_rds_db_instance_11.yaml.bak deleted file mode 100755 index d4d50601d..000000000 --- a/queries/aws_rds_db_instance_11.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_rds_db_instance_11 -Title: "Query AWS RDS DB Instances for Configuration and Status" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - certificate ->> 'CertificateArn' as certificate_arn, - certificate ->> 'CertificateType' as certificate_type, - certificate ->> 'ValidFrom' as valid_from, - certificate ->> 'ValidTill' as valid_till - from - aws_rds_db_instance - where - (certificate ->> 'ValidTill')::timestamp <= (current_date - interval '90' day); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_12.yaml.bak b/queries/aws_rds_db_instance_12.yaml.bak deleted file mode 100755 index 795a19d08..000000000 --- a/queries/aws_rds_db_instance_12.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_db_instance_12 -Title: "Find Detailed Info on AWS RDS DB Instances" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - class, - engine, - engine_version, - kms_key_id, - processor_features - from - aws_rds_db_instance - where - processor_features not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_2.yaml.bak b/queries/aws_rds_db_instance_2.yaml.bak deleted file mode 100755 index 4728153db..000000000 --- a/queries/aws_rds_db_instance_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_instance_2 -Title: "List all AWS RDS DB Instances with Detailed Information" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - publicly_accessible - from - aws_rds_db_instance - where - publicly_accessible; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_3.yaml.bak b/queries/aws_rds_db_instance_3.yaml.bak deleted file mode 100755 index b97515dc4..000000000 --- a/queries/aws_rds_db_instance_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_instance_3 -Title: "Find all AWS RDS DB Instances without IAM Auth" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - iam_database_authentication_enabled - from - aws_rds_db_instance - where - not iam_database_authentication_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_3.yaml.bak.bak b/queries/aws_rds_db_instance_3.yaml.bak.bak deleted file mode 100755 index b97515dc4..000000000 --- a/queries/aws_rds_db_instance_3.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_instance_3 -Title: "Find all AWS RDS DB Instances without IAM Auth" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - iam_database_authentication_enabled - from - aws_rds_db_instance - where - not iam_database_authentication_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_4.yaml.bak b/queries/aws_rds_db_instance_4.yaml.bak deleted file mode 100755 index 9c8ecb853..000000000 --- a/queries/aws_rds_db_instance_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_rds_db_instance_4 -Title: "List detailed configuration and status of AWS RDS DB Instances" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier as attached_vpc, - vsg ->> 'VpcSecurityGroupId' as vpc_security_group_id, - vsg ->> 'Status' as status, - sub -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, - sub ->> 'SubnetIdentifier' as subnet_identifier, - sub -> 'SubnetOutpost' ->> 'Arn' as subnet_outpost, - sub ->> 'SubnetStatus' as subnet_status - from - aws_rds_db_instance - cross join jsonb_array_elements(vpc_security_groups) as vsg - cross join jsonb_array_elements(subnets) as sub; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS RDS diff --git a/queries/aws_rds_db_instance_5.yaml.bak b/queries/aws_rds_db_instance_5.yaml.bak deleted file mode 100755 index e5b528a1a..000000000 --- a/queries/aws_rds_db_instance_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_rds_db_instance_5 -Title: "List all AWS RDS DB Instances and their metadata" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - class, - engine, - engine_version, - deletion_protection - from - aws_rds_db_instance - where - not deletion_protection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_6.yaml.bak b/queries/aws_rds_db_instance_6.yaml.bak deleted file mode 100755 index 5f3a3b298..000000000 --- a/queries/aws_rds_db_instance_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_instance_6 -Title: "List all AWS RDS DB Instances with Configuration Data" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - class, - allocated_storage, - deletion_protection - from - aws_rds_db_instance - where - not storage_encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_7.yaml.bak b/queries/aws_rds_db_instance_7.yaml.bak deleted file mode 100755 index 5c255efb9..000000000 --- a/queries/aws_rds_db_instance_7.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_instance_7 -Title: "Find Info on AWS RDS DB Instances' Configuration and Status" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - endpoint_address, - endpoint_hosted_zone_id, - endpoint_port - from - aws_rds_db_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_8.yaml.bak b/queries/aws_rds_db_instance_8.yaml.bak deleted file mode 100755 index 74c0cdce1..000000000 --- a/queries/aws_rds_db_instance_8.yaml.bak +++ /dev/null @@ -1,54 +0,0 @@ -ID: aws_rds_db_instance_8 -Title: "List All AWS RDS DB Instances with SSL Parameter Details" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with db_parameter_group as ( - select - name as db_parameter_group_name, - pg ->> 'ParameterName' as parameter_name, - pg ->> 'ParameterValue' as parameter_value - from - aws_rds_db_parameter_group, - jsonb_array_elements(parameters) as pg - where - -- The example is limited to SQL Server, this may change based on DB engine - pg ->> 'ParameterName' like 'rds.force_ssl' - and name not like 'default.%' - ), - rds_associated_parameter_group as ( - select - db_instance_identifier as db_instance_identifier, - arn, - pg ->> 'DBParameterGroupName' as DBParameterGroupName - from - aws_rds_db_instance, - jsonb_array_elements(db_parameter_groups) as pg - where - engine like 'sqlserve%' - ) - select - rds.db_instance_identifier as name, - rds.DBParameterGroupName, - parameter_name, - parameter_value - from - rds_associated_parameter_group as rds - left join db_parameter_group d on rds.DBParameterGroupName = d.db_parameter_group_name - where - parameter_value = '0' - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_9.yaml.bak b/queries/aws_rds_db_instance_9.yaml.bak deleted file mode 100755 index 61eae664d..000000000 --- a/queries/aws_rds_db_instance_9.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_rds_db_instance_9 -Title: "List all AWS RDS DB Instances with Detailed Information" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - actions ->> 'ResourceIdentifier' as db_instance_identifier, - details ->> 'Action' as action, - details ->> 'OptInStatus' as opt_in_status, - details ->> 'ForcedApplyDate' as forced_apply_date, - details ->> 'CurrentApplyDate' as current_apply_date, - details ->> 'AutoAppliedAfterDate' as auto_applied_after_date - from - aws_rds_db_instance, - jsonb_array_elements(pending_maintenance_actions) as actions, - jsonb_array_elements(actions -> 'PendingMaintenanceActionDetails') as details; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_automated_backup_1.yaml.bak b/queries/aws_rds_db_instance_automated_backup_1.yaml.bak deleted file mode 100755 index 560360122..000000000 --- a/queries/aws_rds_db_instance_automated_backup_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_rds_db_instance_automated_backup_1 -Title: "Find AWS RDS DB Instance Automated Backups" -Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - arn, - status, - allocated_storage, - encrypted, - engine - from - aws_rds_db_instance_automated_backup; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_automated_backup_2.yaml.bak b/queries/aws_rds_db_instance_automated_backup_2.yaml.bak deleted file mode 100755 index 06989932f..000000000 --- a/queries/aws_rds_db_instance_automated_backup_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_rds_db_instance_automated_backup_2 -Title: "Find AWS RDS DB Instance Automated Backups" -Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - arn, - status, - backup_target, - instance_create_time, - encrypted, - engine - from - aws_rds_db_instance_automated_backup - where - not encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_automated_backup_3.yaml.bak b/queries/aws_rds_db_instance_automated_backup_3.yaml.bak deleted file mode 100755 index b57609384..000000000 --- a/queries/aws_rds_db_instance_automated_backup_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_rds_db_instance_automated_backup_3 -Title: "Find Data on AWS RDS DB Instance Automated Backups" -Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - iam_database_authentication_enabled, - status, - availability_zone, - dbi_resource_id - from - aws_rds_db_instance_automated_backup - where - not iam_database_authentication_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_automated_backup_4.yaml.bak b/queries/aws_rds_db_instance_automated_backup_4.yaml.bak deleted file mode 100755 index 06c28e54a..000000000 --- a/queries/aws_rds_db_instance_automated_backup_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_db_instance_automated_backup_4 -Title: "List all Automated Backups for RDS DB Instances" -Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - b.arn, - b.vpc_id, - v.cidr_block, - v.is_default, - v.instance_tenancy - from - aws_rds_db_instance_automated_backup as b, - aws_vpc as v - where - v.vpc_id = b.vpc_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_automated_backup_5.yaml.bak b/queries/aws_rds_db_instance_automated_backup_5.yaml.bak deleted file mode 100755 index 00624f063..000000000 --- a/queries/aws_rds_db_instance_automated_backup_5.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_rds_db_instance_automated_backup_5 -Title: "List All AWS RDS DB Instance Automated Backups" -Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - arn, - engine, - engine_version, - availability_zone, - backup_retention_period, - status - from - aws_rds_db_instance_automated_backup - where - status = 'retained'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_automated_backup_6.yaml.bak b/queries/aws_rds_db_instance_automated_backup_6.yaml.bak deleted file mode 100755 index c82c61a58..000000000 --- a/queries/aws_rds_db_instance_automated_backup_6.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_automated_backup_6 -Title: "Find AWS RDS DB Instance Automated Backups via SQL" -Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - b.db_instance_identifier, - b.arn as automated_backup_arn, - b.engine, - b.kms_key_id, - k.creation_date as kms_key_creation_date, - k.key_state, - k.key_rotation_enabled - from - aws_rds_db_instance_automated_backup as b, - aws_kms_key as k - where - k.id = b.kms_key_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_connections_1.yaml.bak b/queries/aws_rds_db_instance_metric_connections_1.yaml.bak deleted file mode 100755 index 46b56d5ad..000000000 --- a/queries/aws_rds_db_instance_metric_connections_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_rds_db_instance_metric_connections_1 -Title: "Find AWS RDS DBInstance Metrics for Database Connections" -Description: "Allows users to query AWS RDS DBInstance Metrics for a comprehensive view of the number of database connections." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_connections - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_connections_2.yaml.bak b/queries/aws_rds_db_instance_metric_connections_2.yaml.bak deleted file mode 100755 index 6aa01e11f..000000000 --- a/queries/aws_rds_db_instance_metric_connections_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_rds_db_instance_metric_connections_2 -Title: "Find All AWS RDS DBInstance Connections Metrics" -Description: "Allows users to query AWS RDS DBInstance Metrics for a comprehensive view of the number of database connections." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_connections - where - average > 100 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_connections_daily_1.yaml.bak b/queries/aws_rds_db_instance_metric_connections_daily_1.yaml.bak deleted file mode 100755 index 005d1caf3..000000000 --- a/queries/aws_rds_db_instance_metric_connections_daily_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_rds_db_instance_metric_connections_daily_1 -Title: "List AWS RDS DB Instance Daily Connections Metrics" -Description: "Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving information about the number of database connections." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_connections_daily - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_connections_daily_2.yaml.bak b/queries/aws_rds_db_instance_metric_connections_daily_2.yaml.bak deleted file mode 100755 index 0c6b1a495..000000000 --- a/queries/aws_rds_db_instance_metric_connections_daily_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_rds_db_instance_metric_connections_daily_2 -Title: "List All AWS RDS DB Instance Metric Connections Daily" -Description: "Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving information about the number of database connections." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_connections_daily - where - average > 100 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS RDS diff --git a/queries/aws_rds_db_instance_metric_connections_daily_3.yaml.bak b/queries/aws_rds_db_instance_metric_connections_daily_3.yaml.bak deleted file mode 100755 index 4e4fca956..000000000 --- a/queries/aws_rds_db_instance_metric_connections_daily_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_rds_db_instance_metric_connections_daily_3 -Title: "List all AWS RDS DB Instances with Zero Connections Daily" -Description: "Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving information about the number of database connections." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - sum(maximum) as total_connections - from - aws_rds_db_instance_metric_connections - where - timestamp > (current_date - interval '7' day) - group by - db_instance_identifier - having - sum(maximum) = 0 - ; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml.bak b/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml.bak deleted file mode 100755 index 026d5ec56..000000000 --- a/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_rds_db_instance_metric_connections_hourly_1 -Title: "List all AWS RDS DB Instance Connection Metrics Hourly" -Description: "Allows users to query AWS RDS DB Instance Metrics on an hourly basis, specifically the connection metrics. It provides data about the number of database connections to each DB instance in your Amazon RDS environment." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_connections_hourly - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml.bak b/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml.bak deleted file mode 100755 index 59e5e1cda..000000000 --- a/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_rds_db_instance_metric_connections_hourly_2 -Title: "List all AWS RDS DB Instance Connection Metrics Hourly" -Description: "Allows users to query AWS RDS DB Instance Metrics on an hourly basis, specifically the connection metrics. It provides data about the number of database connections to each DB instance in your Amazon RDS environment." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_connections_hourly - where - average > 100 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml.bak deleted file mode 100755 index a3e7e5725..000000000 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_rds_db_instance_metric_cpu_utilization_1 -Title: "List all CPU utilization metrics for RDS DB instances" -Description: "Allows users to query Amazon RDS DBInstanceCPUUtilization to fetch data about CPU utilization metrics for RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml.bak deleted file mode 100755 index bd046e092..000000000 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_db_instance_metric_cpu_utilization_2 -Title: "List All Amazon RDS DB Instances with High CPU Utilization" -Description: "Allows users to query Amazon RDS DBInstanceCPUUtilization to fetch data about CPU utilization metrics for RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization - where average > 80 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml.bak deleted file mode 100755 index 5fd6c32bb..000000000 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_rds_db_instance_metric_cpu_utilization_daily_1 -Title: "List all AWS RDS DB Instances and daily CPU usage metrics" -Description: "Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization metrics." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization_daily - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml.bak deleted file mode 100755 index 4861f5f53..000000000 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_db_instance_metric_cpu_utilization_daily_2 -Title: "Find AWS RDS DB Instances with High CPU Utilization" -Description: "Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization metrics." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization_daily - where average > 80 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml.bak deleted file mode 100755 index 8a7d52793..000000000 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_db_instance_metric_cpu_utilization_daily_3 -Title: "Find AWS RDS DB Instances' Daily CPU Utilization Metrics" -Description: "Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization metrics." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization_daily - where average < 2 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml.bak deleted file mode 100755 index f2b2c1d89..000000000 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_rds_db_instance_metric_cpu_utilization_hourly_1 -Title: "Find AWS RDS DB Instance CPU Utilization Hourly Metrics" -Description: "Allows users to query AWS RDS DB Instance CPU Utilization Metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization_hourly - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml.bak deleted file mode 100755 index 18f67792f..000000000 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_db_instance_metric_cpu_utilization_hourly_2 -Title: "Find AWS RDS Instances with High CPU Utilization" -Description: "Allows users to query AWS RDS DB Instance CPU Utilization Metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization_hourly - where average > 80 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml.bak b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml.bak deleted file mode 100755 index b0230897b..000000000 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_db_instance_metric_cpu_utilization_hourly_3 -Title: "Find AWS RDS DB Instance CPU Utilization on Hourly Basis" -Description: "Allows users to query AWS RDS DB Instance CPU Utilization Metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization_hourly - where average < 2 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_1.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_1.yaml.bak deleted file mode 100755 index f03b1effd..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_1 -Title: "Find AWS RDS Read IOPS Metrics for DB Instances" -Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_2.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_2.yaml.bak deleted file mode 100755 index 8822735de..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_2.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_2 -Title: "Find Read IOPS Metrics for AWS RDS DB Instances" -Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops - where - average > 1000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_3.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_3.yaml.bak deleted file mode 100755 index 3fa1d9802..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_3.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_3 -Title: "Find AWS RDS DBInstance Read IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak deleted file mode 100755 index e770bd995..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_4 -Title: "Find AWS RDS DB Instance Read IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_rds_db_instance_metric_read_iops as r, - aws_rds_db_instance_metric_write_iops as w - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak.bak b/queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak.bak deleted file mode 100755 index 44b64460b..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_4.yaml.bak.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_4 -Title: "Find AWS RDS DB Instance Read IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_rds_db_instance_metric_read_iops as r, - aws_rds_db_instance_metric_write_iops as w - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml.bak deleted file mode 100755 index 8e9fba611..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_daily_1 -Title: "Find AWS RDS DBInstance daily read IOPS metrics" -Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops_daily - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml.bak deleted file mode 100755 index 1de48a424..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_daily_2 -Title: "Find AWS RDS DBInstance Metrics for Daily Read IOPS" -Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops_daily - where - average > 1000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml.bak deleted file mode 100755 index 8e08e6e4f..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_daily_3 -Title: "Find AWS RDS DBInstance Metrics for Daily Read IOPS" -Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops_daily - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml.bak deleted file mode 100755 index ac2749f43..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_daily_4 -Title: "List all AWS RDS DBInstance daily read IOPS metrics" -Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_rds_db_instance_metric_read_iops_daily as r, - aws_rds_db_instance_metric_write_iops_daily as w - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml.bak deleted file mode 100755 index be6dbcab6..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_hourly_1 -Title: "List all AWS RDS DB Instances with Read IOPS Metrics" -Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops_hourly - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml.bak deleted file mode 100755 index 3a9ccab9b..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_hourly_2 -Title: "Find AWS RDS DB Instances Hourly Read IOPS Over 1000" -Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops_hourly - where - average > 1000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak deleted file mode 100755 index 5d3afbd8e..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_hourly_3 -Title: "Find AWS RDS DB Instances Reading Over 8000 IOPS" -Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops_hourly - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak.bak b/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak.bak deleted file mode 100755 index 5d3afbd8e..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml.bak.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_hourly_3 -Title: "Find AWS RDS DB Instances Reading Over 8000 IOPS" -Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops_hourly - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml.bak deleted file mode 100755 index 8a8f801cd..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_hourly_4 -Title: "Find AWS RDS Instances Hourly Read IOPS Metrics" -Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - v.iops as provisioned_iops, - round(r.average) +round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg - from - aws_rds_db_instance_metric_read_iops_hourly as r, - aws_rds_db_instance_metric_write_iops_hourly as w, - aws_rds_db_instance as v - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - and v.db_instance_identifier = r.db_instance_identifier - and r.average + w.average > v.iops - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml.bak b/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml.bak deleted file mode 100755 index 151a6a473..000000000 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_rds_db_instance_metric_read_iops_hourly_5 -Title: "List all AWS RDS DB Instances with Hourly Read IOPS Metrics" -Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_rds_db_instance_metric_read_iops_hourly as r, - aws_rds_db_instance_metric_write_iops_hourly as w - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_1.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_1.yaml.bak deleted file mode 100755 index 33651c8c1..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_1 -Title: "List AWS RDS DBInstance Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS DBInstance diff --git a/queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak deleted file mode 100755 index d4a1f131e..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_2 -Title: "Find AWS RDS DBInstance Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops - where - average > 1000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak.bak b/queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak.bak deleted file mode 100755 index d4a1f131e..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_2.yaml.bak.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_2 -Title: "Find AWS RDS DBInstance Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops - where - average > 1000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_3.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_3.yaml.bak deleted file mode 100755 index ac07f157f..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_3 -Title: "List AWS RDS DBInstance Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_4.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_4.yaml.bak deleted file mode 100755 index 6c2aad7d8..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_4.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_4 -Title: "Find AWS RDS Write IOPS Metrics Using SQL" -Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_rds_db_instance_metric_read_iops as r, - aws_rds_db_instance_metric_write_iops as w - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml.bak deleted file mode 100755 index a613bcadb..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_daily_1 -Title: "List Daily Write IOPS for AWS RDS DBInstances" -Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops_daily - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml.bak deleted file mode 100755 index 8c029dc41..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_daily_2 -Title: "List all AWS RDS DBInstance Daily Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops_daily - where - average > 1000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak deleted file mode 100755 index 9b2c84503..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_daily_3 -Title: "List AWS RDS DBInstance Daily Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops_daily - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak.bak b/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak.bak deleted file mode 100755 index 9b2c84503..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml.bak.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_daily_3 -Title: "List AWS RDS DBInstance Daily Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops_daily - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml.bak deleted file mode 100755 index 3304144b0..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_daily_4 -Title: "List all AWS RDS DBInstance Daily Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_rds_db_instance_metric_read_iops_daily as r, - aws_rds_db_instance_metric_write_iops_daily as w - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml.bak deleted file mode 100755 index 8ba01f53d..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_hourly_1 -Title: "List All AWS RDS DBInstance Write IOPS Metrics Hourly" -Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops_hourly - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml.bak deleted file mode 100755 index 1d9c151d4..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_hourly_2 -Title: "Find AWS RDS DBInstance Write IOPS Metrics Hourly" -Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops_hourly - where - average > 1000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml.bak deleted file mode 100755 index c9b882ec1..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_hourly_3 -Title: "Find AWS RDS DBInstance Write IOPS Metrics Hourly" -Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops_hourly - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml.bak deleted file mode 100755 index 56daee944..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_hourly_4 -Title: "List AWS RDS DBInstance Hourly Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - v.iops as provisioned_iops, - round(r.average) +round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg - from - aws_rds_db_instance_metric_read_iops_hourly as r, - aws_rds_db_instance_metric_write_iops_hourly as w, - aws_rds_db_instance as v - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - and v.db_instance_identifier = r.db_instance_identifier - and r.average + w.average > v.iops - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml.bak b/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml.bak deleted file mode 100755 index 85b89404e..000000000 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_rds_db_instance_metric_write_iops_hourly_5 -Title: "Find AWS RDS DBInstance Write IOPS Metrics Hourly" -Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_rds_db_instance_metric_read_iops_hourly as r, - aws_rds_db_instance_metric_write_iops_hourly as w - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_option_group_1.yaml.bak b/queries/aws_rds_db_option_group_1.yaml.bak deleted file mode 100755 index ca5817875..000000000 --- a/queries/aws_rds_db_option_group_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_rds_db_option_group_1 -Title: "List all AWS RDS DB Option Groups with details" -Description: "Allows users to query AWS RDS DB Option Groups and provides information about the option groups within Amazon Relational Database Service (RDS)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - engine_name, - major_engine_version, - vpc_id - from - aws_rds_db_option_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Relational Database Service diff --git a/queries/aws_rds_db_option_group_2.yaml.bak b/queries/aws_rds_db_option_group_2.yaml.bak deleted file mode 100755 index da5a84070..000000000 --- a/queries/aws_rds_db_option_group_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_option_group_2 -Title: "List all AWS RDS DB Option Groups with SQL" -Description: "Allows users to query AWS RDS DB Option Groups and provides information about the option groups within Amazon Relational Database Service (RDS)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - engine_name, - allows_vpc_and_non_vpc_instance_memberships - from - aws_rds_db_option_group - where - allows_vpc_and_non_vpc_instance_memberships; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Relational Database Service diff --git a/queries/aws_rds_db_option_group_3.yaml.bak b/queries/aws_rds_db_option_group_3.yaml.bak deleted file mode 100755 index 51ce61dfd..000000000 --- a/queries/aws_rds_db_option_group_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_rds_db_option_group_3 -Title: "Find AWS RDS DB Option Groups within Amazon RDS" -Description: "Allows users to query AWS RDS DB Option Groups and provides information about the option groups within Amazon Relational Database Service (RDS)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - option ->> 'OptionName' as option_name, - option -> 'Permanent' as Permanent, - option -> 'Persistent' as Persistent, - option -> 'VpcSecurityGroupMemberships' as vpc_security_group_membership, - option -> 'Port' as Port - from - aws_rds_db_option_group - cross join jsonb_array_elements(options) as option; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_parameter_group_1.yaml.bak b/queries/aws_rds_db_parameter_group_1.yaml.bak deleted file mode 100755 index 0c28234e5..000000000 --- a/queries/aws_rds_db_parameter_group_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_rds_db_parameter_group_1 -Title: "Find AWS RDS DB Parameter Groups' Configurations" -Description: "Allows users to query AWS RDS DB Parameter Groups, providing information about the configurations that control the behavior of the databases that they are associated with." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - db_parameter_group_family - from - aws_rds_db_parameter_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS DB Parameter Groups diff --git a/queries/aws_rds_db_parameter_group_2.yaml.bak b/queries/aws_rds_db_parameter_group_2.yaml.bak deleted file mode 100755 index bba23b352..000000000 --- a/queries/aws_rds_db_parameter_group_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_rds_db_parameter_group_2 -Title: "List all AWS RDS DB Parameter Groups configurations" -Description: "Allows users to query AWS RDS DB Parameter Groups, providing information about the configurations that control the behavior of the databases that they are associated with." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - db_parameter_group_family, - pg ->> 'ParameterName' as parameter_name, - pg ->> 'ParameterValue' as parameter_value, - pg ->> 'AllowedValues' as allowed_values, - pg ->> 'ApplyType' as apply_type, - pg ->> 'IsModifiable' as is_modifiable, - pg ->> 'DataType' as data_type, - pg ->> 'Description' as description, - pg ->> 'MinimumEngineVersion' as minimum_engine_version - from - aws_rds_db_parameter_group - cross join jsonb_array_elements(parameters) as pg; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_proxy_1.yaml.bak b/queries/aws_rds_db_proxy_1.yaml.bak deleted file mode 100755 index ee10c99f0..000000000 --- a/queries/aws_rds_db_proxy_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_rds_db_proxy_1 -Title: "Find Amazon RDS DB Proxy Details via SQL Query" -Description: "Allows users to query DB Proxies in Amazon RDS to fetch detailed information about each proxy, including its ARN, name, engine family, role ARN, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_proxy_name, - status, - engine_family - from - aws_rds_db_proxy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_proxy_2.yaml.bak b/queries/aws_rds_db_proxy_2.yaml.bak deleted file mode 100755 index 3e72f96ed..000000000 --- a/queries/aws_rds_db_proxy_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_rds_db_proxy_2 -Title: "List all Detailed Information of Amazon RDS DB Proxies" -Description: "Allows users to query DB Proxies in Amazon RDS to fetch detailed information about each proxy, including its ARN, name, engine family, role ARN, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_proxy_name, - engine_family, - a ->> 'AuthScheme' as auth_scheme, - a ->> 'Description' as auth_description, - a ->> 'IAMAuth' as iam_auth, - a ->> 'SecretArn' as secret_arn, - a ->> 'UserName' as user_name - from - aws_rds_db_proxy, - jsonb_array_elements(auth) as a; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_recommendation_1.yaml.bak b/queries/aws_rds_db_recommendation_1.yaml.bak deleted file mode 100755 index e11ea6cbd..000000000 --- a/queries/aws_rds_db_recommendation_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_rds_db_recommendation_1 -Title: "Find AWS RDS DB Recommendations with High Severity" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - title, - severity, - description, - created_time - from - aws_rds_db_recommendation - where - severity = 'high'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_recommendation_2.yaml.bak b/queries/aws_rds_db_recommendation_2.yaml.bak deleted file mode 100755 index 217c9ccf8..000000000 --- a/queries/aws_rds_db_recommendation_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_rds_db_recommendation_2 -Title: "List all AWS RDS DB Recommendations and Details" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - title, - created_time, - description - from - aws_rds_db_recommendation - where - created_time >= now() - interval '30 days'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_recommendation_2.yaml.bak.bak b/queries/aws_rds_db_recommendation_2.yaml.bak.bak deleted file mode 100755 index 217c9ccf8..000000000 --- a/queries/aws_rds_db_recommendation_2.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_rds_db_recommendation_2 -Title: "List all AWS RDS DB Recommendations and Details" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - title, - created_time, - description - from - aws_rds_db_recommendation - where - created_time >= now() - interval '30 days'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_recommendation_3.yaml.bak b/queries/aws_rds_db_recommendation_3.yaml.bak deleted file mode 100755 index b0f8448fb..000000000 --- a/queries/aws_rds_db_recommendation_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_rds_db_recommendation_3 -Title: "Find All Recommendations and Actions for AWS RDS DB" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - title, - recommendation, - recommended_actions - from - aws_rds_db_recommendation; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_recommendation_4.yaml.bak b/queries/aws_rds_db_recommendation_4.yaml.bak deleted file mode 100755 index 4071bb239..000000000 --- a/queries/aws_rds_db_recommendation_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_recommendation_4 -Title: "List all AWS RDS DB Recommendations and Suggested Actions" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - title, - impact, - description - from - aws_rds_db_recommendation - order by - impact desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_recommendation_5.yaml.bak b/queries/aws_rds_db_recommendation_5.yaml.bak deleted file mode 100755 index 3efae706f..000000000 --- a/queries/aws_rds_db_recommendation_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_recommendation_5 -Title: "Find AWS RDS DB Recommendations and Statuses" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - title, - status, - updated_time - from - aws_rds_db_recommendation - where - status != 'resolved'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_recommendation_6.yaml.bak b/queries/aws_rds_db_recommendation_6.yaml.bak deleted file mode 100755 index 1ae1bb53f..000000000 --- a/queries/aws_rds_db_recommendation_6.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_rds_db_recommendation_6 -Title: "Find AWS RDS DB Recommendations and Their Statuses" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - issue_details -> 'PerformanceIssueDetails' ->> 'Analysis' as analysis, - issue_details -> 'PerformanceIssueDetails' ->> 'EndTime' as end_time, - issue_details -> 'PerformanceIssueDetails' ->> 'StartTime' as start_time, - issue_details -> 'PerformanceIssueDetails' -> 'Metrics' as metrics - from - aws_rds_db_recommendation - where - issue_details is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS DB Recommendation diff --git a/queries/aws_rds_db_recommendation_7.yaml.bak b/queries/aws_rds_db_recommendation_7.yaml.bak deleted file mode 100755 index 44f710bc1..000000000 --- a/queries/aws_rds_db_recommendation_7.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_rds_db_recommendation_7 -Title: "Find all AWS RDS DB recommendation statuses and actions" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - action ->> 'Title' as title, - action ->> 'Status' as status, - action ->> 'ActionId' as action_id, - action ->> 'Operation' as operation, - action -> 'ApplyModes' as apply_modes, - action -> 'Parameters' as parameters, - action ->> 'Description' as description, - action ->> 'IssueDetails' as issue_details, - action -> 'ContextAttributes' as context_attributes - from - aws_rds_db_recommendation, - jsonb_array_elements(recommended_actions) as action; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_snapshot_1.yaml.bak b/queries/aws_rds_db_snapshot_1.yaml.bak deleted file mode 100755 index eb66bd852..000000000 --- a/queries/aws_rds_db_snapshot_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_snapshot_1 -Title: "Find Non-encrypted RDS DB Snapshots for AWS" -Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_snapshot_identifier, - encrypted - from - aws_rds_db_snapshot - where - not encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_snapshot_2.yaml.bak b/queries/aws_rds_db_snapshot_2.yaml.bak deleted file mode 100755 index 8eaae12e5..000000000 --- a/queries/aws_rds_db_snapshot_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_rds_db_snapshot_2 -Title: "List Amazon RDS DB manual snapshots" -Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_snapshot_identifier, - type - from - aws_rds_db_snapshot - where - type = 'manual'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_snapshot_3.yaml.bak b/queries/aws_rds_db_snapshot_3.yaml.bak deleted file mode 100755 index ce975c9cb..000000000 --- a/queries/aws_rds_db_snapshot_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_snapshot_3 -Title: "Find Information on Amazon RDS DB Snapshots" -Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_snapshot_identifier, - encrypted - from - aws_rds_db_snapshot - where - not encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_rds_db_snapshot_4.yaml.bak b/queries/aws_rds_db_snapshot_4.yaml.bak deleted file mode 100755 index d766b5b24..000000000 --- a/queries/aws_rds_db_snapshot_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_snapshot_4 -Title: "List Amazon RDS DB Snapshots Information" -Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_snapshot_identifier, - db_instance_identifier, - engine, - engine_version, - allocated_storage, - storage_type - from - aws_rds_db_snapshot; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_subnet_group_1.yaml.bak b/queries/aws_rds_db_subnet_group_1.yaml.bak deleted file mode 100755 index 15c978408..000000000 --- a/queries/aws_rds_db_subnet_group_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_rds_db_subnet_group_1 -Title: "Query AWS RDS DB Subnet Groups Information" -Description: "Allows users to query AWS RDS DB Subnet Groups to retrieve information about each DB subnet group configured in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - status, - vpc_id - from - aws_rds_db_subnet_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_subnet_group_2.yaml.bak b/queries/aws_rds_db_subnet_group_2.yaml.bak deleted file mode 100755 index 89ab5755e..000000000 --- a/queries/aws_rds_db_subnet_group_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_rds_db_subnet_group_2 -Title: "List all AWS RDS DB Subnet Groups Information" -Description: "Allows users to query AWS RDS DB Subnet Groups to retrieve information about each DB subnet group configured in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - subnet -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, - subnet ->> 'SubnetIdentifier' as subnet_identifier, - subnet -> 'SubnetOutpost' ->> 'Arn' as subnet_outpost, - subnet ->> 'SubnetStatus' as subnet_status - from - aws_rds_db_subnet_group - cross join jsonb_array_elements(subnets) as subnet; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_db_subnet_group_3.yaml.bak b/queries/aws_rds_db_subnet_group_3.yaml.bak deleted file mode 100755 index b7ac2eae5..000000000 --- a/queries/aws_rds_db_subnet_group_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_rds_db_subnet_group_3 -Title: "List all AWS RDS DB Subnet Groups" -Description: "Allows users to query AWS RDS DB Subnet Groups to retrieve information about each DB subnet group configured in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - tags - from - aws_rds_db_subnet_group - where - not tags :: JSONB ? 'application'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_reserved_db_instance_1.yaml.bak b/queries/aws_rds_reserved_db_instance_1.yaml.bak deleted file mode 100755 index 929acc7ad..000000000 --- a/queries/aws_rds_reserved_db_instance_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_rds_reserved_db_instance_1 -Title: "List AWS RDS Reserved DB Instances and Details" -Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_db_instance_id, - arn, - reserved_db_instances_offering_id, - state, - class - from - aws_rds_reserved_db_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_reserved_db_instance_1.yaml.bak.bak b/queries/aws_rds_reserved_db_instance_1.yaml.bak.bak deleted file mode 100755 index 929acc7ad..000000000 --- a/queries/aws_rds_reserved_db_instance_1.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_rds_reserved_db_instance_1 -Title: "List AWS RDS Reserved DB Instances and Details" -Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_db_instance_id, - arn, - reserved_db_instances_offering_id, - state, - class - from - aws_rds_reserved_db_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_reserved_db_instance_2.yaml.bak b/queries/aws_rds_reserved_db_instance_2.yaml.bak deleted file mode 100755 index 283a2868f..000000000 --- a/queries/aws_rds_reserved_db_instance_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_rds_reserved_db_instance_2 -Title: "List all AWS RDS Reserved DB Instances" -Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_db_instance_id, - arn, - reserved_db_instances_offering_id, - state, - class - from - aws_rds_reserved_db_instance - where - not multi_az; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_reserved_db_instance_3.yaml.bak b/queries/aws_rds_reserved_db_instance_3.yaml.bak deleted file mode 100755 index 35f58189e..000000000 --- a/queries/aws_rds_reserved_db_instance_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_rds_reserved_db_instance_3 -Title: "Find all RDS Reserved DB Instances with Costs and Status" -Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_db_instance_id, - arn, - reserved_db_instances_offering_id, - state, - class - from - aws_rds_reserved_db_instance - where - offering_type = 'All Upfront'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_reserved_db_instance_4.yaml.bak b/queries/aws_rds_reserved_db_instance_4.yaml.bak deleted file mode 100755 index 8a623857f..000000000 --- a/queries/aws_rds_reserved_db_instance_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_rds_reserved_db_instance_4 -Title: "List all Reserved DB Instances in AWS RDS" -Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_db_instance_id, - arn, - reserved_db_instances_offering_id, - state, - class - from - aws_rds_reserved_db_instance - order by - duration desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_reserved_db_instance_5.yaml.bak b/queries/aws_rds_reserved_db_instance_5.yaml.bak deleted file mode 100755 index 2ce3e5daf..000000000 --- a/queries/aws_rds_reserved_db_instance_5.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_reserved_db_instance_5 -Title: "List all AWS RDS Reserved DB Instances and Details" -Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_db_instance_id, - arn, - reserved_db_instances_offering_id, - state, - class, - usage_price - from - aws_rds_reserved_db_instance - order by - usage_price desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_provider: - - aws - cloud_service: - - RDS diff --git a/queries/aws_rds_reserved_db_instance_6.yaml.bak b/queries/aws_rds_reserved_db_instance_6.yaml.bak deleted file mode 100755 index 3f331d518..000000000 --- a/queries/aws_rds_reserved_db_instance_6.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_rds_reserved_db_instance_6 -Title: "List all AWS RDS Reserved DB Instances with details and costs" -Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_db_instance_id, - arn, - reserved_db_instances_offering_id, - state, - class, - usage_price - from - aws_rds_reserved_db_instance - where - state <> 'active'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon RDS diff --git a/queries/aws_redshift_cluster_1.yaml.bak b/queries/aws_redshift_cluster_1.yaml.bak deleted file mode 100755 index aae539ed4..000000000 --- a/queries/aws_redshift_cluster_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_redshift_cluster_1 -Title: "List all AWS Redshift Clusters including Configurations" -Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - arn, - node_type, - region - from - aws_redshift_cluster; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Redshift diff --git a/queries/aws_redshift_cluster_2.yaml.bak b/queries/aws_redshift_cluster_2.yaml.bak deleted file mode 100755 index 9c256f205..000000000 --- a/queries/aws_redshift_cluster_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_redshift_cluster_2 -Title: "Find all AWS Redshift Clusters with Configuration Details" -Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - node_type, - number_of_nodes, - publicly_accessible - from - aws_redshift_cluster - where - publicly_accessible; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_cluster_2.yaml.bak.bak b/queries/aws_redshift_cluster_2.yaml.bak.bak deleted file mode 100755 index 9c256f205..000000000 --- a/queries/aws_redshift_cluster_2.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_redshift_cluster_2 -Title: "Find all AWS Redshift Clusters with Configuration Details" -Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - node_type, - number_of_nodes, - publicly_accessible - from - aws_redshift_cluster - where - publicly_accessible; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_cluster_3.yaml.bak b/queries/aws_redshift_cluster_3.yaml.bak deleted file mode 100755 index ae1056107..000000000 --- a/queries/aws_redshift_cluster_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_redshift_cluster_3 -Title: "Find AWS Redshift Cluster Configurations and Details" -Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - node_type, - number_of_nodes, - vpc_id - from - aws_redshift_cluster - where - vpc_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_cluster_4.yaml.bak b/queries/aws_redshift_cluster_4.yaml.bak deleted file mode 100755 index 3b7048207..000000000 --- a/queries/aws_redshift_cluster_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_redshift_cluster_4 -Title: "List all AWS Redshift Clusters and list configurations" -Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - node_type, - number_of_nodes, - encrypted - from - aws_redshift_cluster - where - not encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_cluster_5.yaml.bak b/queries/aws_redshift_cluster_5.yaml.bak deleted file mode 100755 index f88b1df71..000000000 --- a/queries/aws_redshift_cluster_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_redshift_cluster_5 -Title: "List all AWS Redshift Clusters and Their Status" -Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - logging_status -> 'LoggingEnabled' as LoggingEnabled - from - aws_redshift_cluster - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml.bak b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml.bak deleted file mode 100755 index 02733a73a..000000000 --- a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_redshift_cluster_metric_cpu_utilization_daily_1 -Title: "List AWS Redshift CPU Utilization Metrics by day" -Description: "Allows users to query AWS Redshift Cluster CPU Utilization Metrics on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_redshift_cluster_metric_cpu_utilization_daily - order by - cluster_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml.bak b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml.bak deleted file mode 100755 index 08bce09fa..000000000 --- a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_redshift_cluster_metric_cpu_utilization_daily_2 -Title: "Find Daily AWS Redshift Cluster High CPU Utilization" -Description: "Allows users to query AWS Redshift Cluster CPU Utilization Metrics on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_redshift_cluster_metric_cpu_utilization_daily - where average > 80 - order by - cluster_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml.bak b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml.bak deleted file mode 100755 index d65527346..000000000 --- a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_redshift_cluster_metric_cpu_utilization_daily_3 -Title: "List AWS Redshift Cluster CPU Utilization Metrics Daily" -Description: "Allows users to query AWS Redshift Cluster CPU Utilization Metrics on a daily basis." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_redshift_cluster_metric_cpu_utilization_daily - where average < 2 - order by - cluster_identifier, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_event_subscription_1.yaml.bak b/queries/aws_redshift_event_subscription_1.yaml.bak deleted file mode 100755 index b4868b54b..000000000 --- a/queries/aws_redshift_event_subscription_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_redshift_event_subscription_1 -Title: "List All AWS Redshift Event Subscription Configurations" -Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cust_subscription_id, - customer_aws_id, - status, - sns_topic_arn, - subscription_creation_time - from - aws_redshift_event_subscription; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_event_subscription_2.yaml.bak b/queries/aws_redshift_event_subscription_2.yaml.bak deleted file mode 100755 index af0f36489..000000000 --- a/queries/aws_redshift_event_subscription_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_redshift_event_subscription_2 -Title: "Find all AWS Redshift Event Subscriptions" -Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cust_subscription_id, - customer_aws_id, - status, - enabled, - sns_topic_arn, - subscription_creation_time - from - aws_redshift_event_subscription - where - enabled is false; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_event_subscription_2.yaml.bak.bak b/queries/aws_redshift_event_subscription_2.yaml.bak.bak deleted file mode 100755 index af0f36489..000000000 --- a/queries/aws_redshift_event_subscription_2.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_redshift_event_subscription_2 -Title: "Find all AWS Redshift Event Subscriptions" -Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cust_subscription_id, - customer_aws_id, - status, - enabled, - sns_topic_arn, - subscription_creation_time - from - aws_redshift_event_subscription - where - enabled is false; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_event_subscription_3.yaml.bak b/queries/aws_redshift_event_subscription_3.yaml.bak deleted file mode 100755 index a49d68b2d..000000000 --- a/queries/aws_redshift_event_subscription_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_redshift_event_subscription_3 -Title: "List all AWS Redshift Event Subscriptions and Their Configurations" -Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cust_subscription_id, - severity, - source_type, - event_categories_list, - source_ids_list - from - aws_redshift_event_subscription; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_event_subscription_4.yaml.bak b/queries/aws_redshift_event_subscription_4.yaml.bak deleted file mode 100755 index d1628a3fa..000000000 --- a/queries/aws_redshift_event_subscription_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_redshift_event_subscription_4 -Title: "Find AWS Redshift Event Subscriptions with Configuration and Status" -Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.cust_subscription_id, - e.status, - s.kms_master_key_id, - s.topic_arn as arn - from - aws_redshift_event_subscription as e - join aws_sns_topic as s on s.topic_arn = e.sns_topic_arn - where - s.kms_master_key_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Redshift diff --git a/queries/aws_redshift_parameter_group_1.yaml.bak b/queries/aws_redshift_parameter_group_1.yaml.bak deleted file mode 100755 index 85a522312..000000000 --- a/queries/aws_redshift_parameter_group_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_redshift_parameter_group_1 -Title: "List all Amazon Redshift Parameter Groups configuration settings" -Description: "Allows users to query Amazon Redshift Parameter Groups to obtain detailed information about the configuration parameters and settings for Redshift clusters. This can be useful for managing and optimizing the performance of Redshift databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - family - from - aws_redshift_parameter_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Redshift diff --git a/queries/aws_redshift_parameter_group_2.yaml.bak b/queries/aws_redshift_parameter_group_2.yaml.bak deleted file mode 100755 index 923afbdee..000000000 --- a/queries/aws_redshift_parameter_group_2.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_redshift_parameter_group_2 -Title: "Find Amazon Redshift Parameter Groups Configuration" -Description: "Allows users to query Amazon Redshift Parameter Groups to obtain detailed information about the configuration parameters and settings for Redshift clusters. This can be useful for managing and optimizing the performance of Redshift databases." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p ->> 'ParameterName' as parameter_name, - p ->> 'ParameterValue' as parameter_value, - p ->> 'Description' as description, - p ->> 'Source' as source, - p ->> 'DataType' as data_type, - p ->> 'ApplyType' as apply_type, - p ->> 'IsModifiable' as is_modifiable, - p ->> 'AllowedValues' as allowed_values, - p ->> 'MinimumEngineVersion' as minimum_engine_version - from - aws_redshift_parameter_group, - jsonb_array_elements(parameters) as p - where - p ->> 'ParameterName' = 'require_ssl' - and p ->> 'ParameterValue' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Redshift diff --git a/queries/aws_redshift_snapshot_1.yaml.bak b/queries/aws_redshift_snapshot_1.yaml.bak deleted file mode 100755 index 0d90a7460..000000000 --- a/queries/aws_redshift_snapshot_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_redshift_snapshot_1 -Title: "List AWS Redshift Snapshots with Their Configuration" -Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_identifier, - cluster_identifier, - node_type, - encrypted - from - aws_redshift_snapshot; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_snapshot_2.yaml.bak b/queries/aws_redshift_snapshot_2.yaml.bak deleted file mode 100755 index e8fe2fed6..000000000 --- a/queries/aws_redshift_snapshot_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_redshift_snapshot_2 -Title: "List all AWS Redshift Snapshots with Configuration Details" -Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_identifier, - snapshot_type - from - aws_redshift_snapshot - where - snapshot_type = 'manual'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_snapshot_3.yaml.bak b/queries/aws_redshift_snapshot_3.yaml.bak deleted file mode 100755 index 2e43d5f3e..000000000 --- a/queries/aws_redshift_snapshot_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_redshift_snapshot_3 -Title: "List All AWS Redshift Snapshots Configuration and Status" -Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_identifier, - cluster_identifier, - node_type, - number_of_nodes, - encrypted - from - aws_redshift_snapshot - where - not encrypted; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_snapshot_4.yaml.bak b/queries/aws_redshift_snapshot_4.yaml.bak deleted file mode 100755 index 4f2847784..000000000 --- a/queries/aws_redshift_snapshot_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_redshift_snapshot_4 -Title: "List all AWS Redshift Snapshots with Details" -Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_identifier, - cluster_identifier, - number_of_nodes, - cluster_version, - engine_full_version, - restorable_node_types - from - aws_redshift_snapshot; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_snapshot_5.yaml.bak b/queries/aws_redshift_snapshot_5.yaml.bak deleted file mode 100755 index b48c1a43d..000000000 --- a/queries/aws_redshift_snapshot_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_redshift_snapshot_5 -Title: "Find AWS Redshift Snapshots and Restore Access Details" -Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_identifier, - accounts_with_restore_access - from - aws_redshift_snapshot - where - accounts_with_restore_access is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_snapshot_6.yaml.bak b/queries/aws_redshift_snapshot_6.yaml.bak deleted file mode 100755 index 90271484f..000000000 --- a/queries/aws_redshift_snapshot_6.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_redshift_snapshot_6 -Title: "List all AWS Redshift Snapshots with details" -Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_identifier, - p ->> 'AccountId' as account_id, - p ->> 'AccountAlias' as account_alias - from - aws_redshift_snapshot, - jsonb_array_elements(accounts_with_restore_access) as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_subnet_group_1.yaml.bak b/queries/aws_redshift_subnet_group_1.yaml.bak deleted file mode 100755 index 5e73e63ba..000000000 --- a/queries/aws_redshift_subnet_group_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_redshift_subnet_group_1 -Title: "List all AWS Redshift Subnet Groups and their details" -Description: "Allows users to query AWS Redshift Subnet Groups and get detailed information about each subnet group, including its name, description, VPC ID, subnet IDs, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_subnet_group_name, - description, - subnet_group_status, - vpc_id - from - aws_redshift_subnet_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_subnet_group_2.yaml.bak b/queries/aws_redshift_subnet_group_2.yaml.bak deleted file mode 100755 index 32a7ad9e7..000000000 --- a/queries/aws_redshift_subnet_group_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_redshift_subnet_group_2 -Title: "Find AWS Redshift Subnet Group Details and Status" -Description: "Allows users to query AWS Redshift Subnet Groups and get detailed information about each subnet group, including its name, description, VPC ID, subnet IDs, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_subnet_group_name, - subnet -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, - subnet -> 'SubnetAvailabilityZone' ->> 'SupportedPlatforms' as supported_platforms, - subnet ->> 'SubnetIdentifier' as subnet_identifier, - subnet ->> 'SubnetStatus' as subnet_status - from - aws_redshift_subnet_group, - jsonb_array_elements(subnets) as subnet; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshift_subnet_group_3.yaml.bak b/queries/aws_redshift_subnet_group_3.yaml.bak deleted file mode 100755 index 78b56ac17..000000000 --- a/queries/aws_redshift_subnet_group_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_redshift_subnet_group_3 -Title: "Find AWS Redshift Subnet Groups and Their Details" -Description: "Allows users to query AWS Redshift Subnet Groups and get detailed information about each subnet group, including its name, description, VPC ID, subnet IDs, and status." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_subnet_group_name, - tags - from - aws_redshift_subnet_group - where - not tags :: JSONB ? 'application'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift diff --git a/queries/aws_redshiftserverless_namespace_1.yaml.bak b/queries/aws_redshiftserverless_namespace_1.yaml.bak deleted file mode 100755 index 1f136eaa1..000000000 --- a/queries/aws_redshiftserverless_namespace_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_redshiftserverless_namespace_1 -Title: "List AWS Redshift Serverless Namespace Details" -Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - namespace_name, - namespace_arn, - namespace_id, - creation_date, - db_name, - region, - status - from - aws_redshiftserverless_namespace; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift Serverless diff --git a/queries/aws_redshiftserverless_namespace_2.yaml.bak b/queries/aws_redshiftserverless_namespace_2.yaml.bak deleted file mode 100755 index b52692206..000000000 --- a/queries/aws_redshiftserverless_namespace_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_redshiftserverless_namespace_2 -Title: "List AWS Redshift Serverless Namespace Details" -Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - namespace_name, - namespace_arn, - namespace_id, - creation_date, - db_name, - region, - status - from - aws_redshiftserverless_namespace - where - status <> 'AVAILABLE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift Serverless diff --git a/queries/aws_redshiftserverless_namespace_3.yaml.bak b/queries/aws_redshiftserverless_namespace_3.yaml.bak deleted file mode 100755 index 4474d6e81..000000000 --- a/queries/aws_redshiftserverless_namespace_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_redshiftserverless_namespace_3 -Title: "List all AWS Redshift Serverless Namespace Data" -Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - namespace_name, - namespace_arn, - namespace_id, - creation_date, - db_name, - region, - status - from - aws_redshiftserverless_namespace - where - kms_key_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift Serverless diff --git a/queries/aws_redshiftserverless_namespace_4.yaml.bak b/queries/aws_redshiftserverless_namespace_4.yaml.bak deleted file mode 100755 index 5bb0dc82d..000000000 --- a/queries/aws_redshiftserverless_namespace_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_redshiftserverless_namespace_4 -Title: "List AWS Redshift Serverless Namespace Details" -Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - namespace_name, - namespace_arn, - namespace_id, - creation_date, - default_iam_role_arn - from - aws_redshiftserverless_namespace; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift Serverless diff --git a/queries/aws_redshiftserverless_workgroup_1.yaml.bak b/queries/aws_redshiftserverless_workgroup_1.yaml.bak deleted file mode 100755 index 865d0a8f4..000000000 --- a/queries/aws_redshiftserverless_workgroup_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_redshiftserverless_workgroup_1 -Title: "List AWS Redshift Serverless Workgroup Details" -Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workgroup_name, - workgroup_arn, - workgroup_id, - base_capacity, - creation_date, - region, - status - from - aws_redshiftserverless_workgroup; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift Serverless diff --git a/queries/aws_redshiftserverless_workgroup_2.yaml.bak b/queries/aws_redshiftserverless_workgroup_2.yaml.bak deleted file mode 100755 index 6972a4d9f..000000000 --- a/queries/aws_redshiftserverless_workgroup_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_redshiftserverless_workgroup_2 -Title: "List all AWS Redshift Serverless Workgroup details" -Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workgroup_name, - workgroup_arn, - workgroup_id, - base_capacity, - creation_date, - region, - status - from - aws_redshiftserverless_workgroup - where - status <> 'AVAILABLE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift Serverless diff --git a/queries/aws_redshiftserverless_workgroup_3.yaml.bak b/queries/aws_redshiftserverless_workgroup_3.yaml.bak deleted file mode 100755 index 9d9c7a125..000000000 --- a/queries/aws_redshiftserverless_workgroup_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_redshiftserverless_workgroup_3 -Title: "List all AWS Redshift Serverless Workgroup Details" -Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workgroup_name, - workgroup_arn, - workgroup_id, - base_capacity, - creation_date, - region, - status - from - aws_redshiftserverless_workgroup - where - publicly_accessible; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift Serverless diff --git a/queries/aws_redshiftserverless_workgroup_4.yaml.bak b/queries/aws_redshiftserverless_workgroup_4.yaml.bak deleted file mode 100755 index 5caf2d205..000000000 --- a/queries/aws_redshiftserverless_workgroup_4.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_redshiftserverless_workgroup_4 -Title: "List all AWS Redshift Serverless Workgroup details" -Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - sum(base_capacity) total_base_capacity - from - aws_redshiftserverless_workgroup - where - status = 'AVAILABLE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift Serverless diff --git a/queries/aws_redshiftserverless_workgroup_5.yaml.bak b/queries/aws_redshiftserverless_workgroup_5.yaml.bak deleted file mode 100755 index 4f81fb5dc..000000000 --- a/queries/aws_redshiftserverless_workgroup_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_redshiftserverless_workgroup_5 -Title: "List all AWS Redshift Serverless Workgroup details" -Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workgroup_arn, - endpoint ->> 'Address' as endpoint_address, - endpoint ->> 'Port' as endpoint_port, - endpoint -> 'VpcEndpoints' as endpoint_vpc_details - from - aws_redshiftserverless_workgroup; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift Serverless diff --git a/queries/aws_redshiftserverless_workgroup_6.yaml.bak b/queries/aws_redshiftserverless_workgroup_6.yaml.bak deleted file mode 100755 index 64cb02827..000000000 --- a/queries/aws_redshiftserverless_workgroup_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_redshiftserverless_workgroup_6 -Title: "List All Details of AWS Redshift Serverless Workgroup" -Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workgroup_arn, - p ->> 'ParameterKey' as parameter_key, - p ->> 'ParameterValue' as parameter_value - from - aws_redshiftserverless_workgroup, - jsonb_array_elements(config_parameters) p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Redshift Serverless diff --git a/queries/aws_region_1.yaml.bak b/queries/aws_region_1.yaml.bak deleted file mode 100755 index 23e792afe..000000000 --- a/queries/aws_region_1.yaml.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: aws_region_1 -Title: "List all AWS Region Details Including Names and Statuses" -Description: "Allows users to query AWS Region to retrieve details about AWS regions including their names, descriptions, and statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - opt_in_status - from - aws_region; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Regions diff --git a/queries/aws_region_2.yaml.bak b/queries/aws_region_2.yaml.bak deleted file mode 100755 index aa2349696..000000000 --- a/queries/aws_region_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_region_2 -Title: "Find AWS Region Details and Statuses" -Description: "Allows users to query AWS Region to retrieve details about AWS regions including their names, descriptions, and statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - opt_in_status - from - aws_region - where - opt_in_status = 'not-opted-in'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Region diff --git a/queries/aws_resource_explorer_index_1.yaml.bak b/queries/aws_resource_explorer_index_1.yaml.bak deleted file mode 100755 index b7bf1697a..000000000 --- a/queries/aws_resource_explorer_index_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_resource_explorer_index_1 -Title: "List all resources across AWS services" -Description: "Allows users to query AWS Resource Explorer Index, providing a comprehensive view of all resources across different AWS services in a single table." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - type - from - aws_resource_explorer_index; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Resource Explorer diff --git a/queries/aws_resource_explorer_index_2.yaml.bak b/queries/aws_resource_explorer_index_2.yaml.bak deleted file mode 100755 index 5596aba32..000000000 --- a/queries/aws_resource_explorer_index_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_resource_explorer_index_2 -Title: "List all AWS resources from Resource Explorer Index" -Description: "Allows users to query AWS Resource Explorer Index, providing a comprehensive view of all resources across different AWS services in a single table." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - type - from - aws_resource_explorer_index - where - type = 'AGGREGATOR'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Resource Explorer diff --git a/queries/aws_resource_explorer_search_1.yaml.bak b/queries/aws_resource_explorer_search_1.yaml.bak deleted file mode 100755 index 9ebf0005a..000000000 --- a/queries/aws_resource_explorer_search_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_resource_explorer_search_1 -Title: "Find all AWS resources with details across services" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Resource Explorer diff --git a/queries/aws_resource_explorer_search_2.yaml.bak b/queries/aws_resource_explorer_search_2.yaml.bak deleted file mode 100755 index 631793c17..000000000 --- a/queries/aws_resource_explorer_search_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_resource_explorer_search_2 -Title: "Find AWS Resource Details with AWS Resource Explorer" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - query = '-service:iam'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_search_3.yaml.bak b/queries/aws_resource_explorer_search_3.yaml.bak deleted file mode 100755 index 4714225c4..000000000 --- a/queries/aws_resource_explorer_search_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_resource_explorer_search_3 -Title: "List all AWS resources with detailed information" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - query = '-service:iam region:us-*'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Resource Explorer diff --git a/queries/aws_resource_explorer_search_4.yaml.bak b/queries/aws_resource_explorer_search_4.yaml.bak deleted file mode 100755 index faec018cf..000000000 --- a/queries/aws_resource_explorer_search_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_resource_explorer_search_4 -Title: "List All AWS Resources in Resource Explorer" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - query = 'resourcetype:iam:user'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Resource Explorer diff --git a/queries/aws_resource_explorer_search_5.yaml.bak b/queries/aws_resource_explorer_search_5.yaml.bak deleted file mode 100755 index a19929ac1..000000000 --- a/queries/aws_resource_explorer_search_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_resource_explorer_search_5 -Title: "List all Resources Across AWS Services" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - query = '-tag:none'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_search_6.yaml.bak b/queries/aws_resource_explorer_search_6.yaml.bak deleted file mode 100755 index 3c5135d42..000000000 --- a/queries/aws_resource_explorer_search_6.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_resource_explorer_search_6 -Title: "List all resources across AWS services" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - query = 'tag.key:environment'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_search_6.yaml.bak.bak b/queries/aws_resource_explorer_search_6.yaml.bak.bak deleted file mode 100755 index 3c5135d42..000000000 --- a/queries/aws_resource_explorer_search_6.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_resource_explorer_search_6 -Title: "List all resources across AWS services" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - query = 'tag.key:environment'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_search_7.yaml.bak b/queries/aws_resource_explorer_search_7.yaml.bak deleted file mode 100755 index de26a188b..000000000 --- a/queries/aws_resource_explorer_search_7.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_resource_explorer_search_7 -Title: "List all resources across AWS services" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - query = 'region:global'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_search_8.yaml.bak b/queries/aws_resource_explorer_search_8.yaml.bak deleted file mode 100755 index 4a76d17b7..000000000 --- a/queries/aws_resource_explorer_search_8.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_resource_explorer_search_8 -Title: "List all AWS resources with details using Resource Explorer" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - view_arn = 'arn:aws:resource-explorer-2:ap-south-1:111122223333:view/view1/7c9e9845-4736-409f-9c0f-673fe7ce3e46'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_supported_resource_type_1.yaml.bak b/queries/aws_resource_explorer_supported_resource_type_1.yaml.bak deleted file mode 100755 index d09ed9cb6..000000000 --- a/queries/aws_resource_explorer_supported_resource_type_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_resource_explorer_supported_resource_type_1 -Title: "Find AWS Resource Explorer Supported Resource Types" -Description: "Allows users to query AWS Resource Explorer Supported Resource Types to obtain details about supported resource types for AWS Resource Groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - resource_type - from - aws_resource_explorer_supported_resource_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Resource Explorer diff --git a/queries/aws_resource_explorer_supported_resource_type_2.yaml.bak b/queries/aws_resource_explorer_supported_resource_type_2.yaml.bak deleted file mode 100755 index 50f180360..000000000 --- a/queries/aws_resource_explorer_supported_resource_type_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_resource_explorer_supported_resource_type_2 -Title: "Find supported AWS Resource Explorer types for Resource Groups" -Description: "Allows users to query AWS Resource Explorer Supported Resource Types to obtain details about supported resource types for AWS Resource Groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - resource_type - from - aws_resource_explorer_supported_resource_type - where - service = 'iam'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Resource Explorer diff --git a/queries/aws_route53_domain_1.yaml.bak b/queries/aws_route53_domain_1.yaml.bak deleted file mode 100755 index d901ac7a1..000000000 --- a/queries/aws_route53_domain_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_route53_domain_1 -Title: "Find all AWS Route 53 Domains Information" -Description: "Allows users to query AWS Route 53 Domains for detailed information about domain names, including their status, expiration date, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - auto_renew, - expiration_date - from - aws_route53_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_domain_2.yaml.bak b/queries/aws_route53_domain_2.yaml.bak deleted file mode 100755 index 21baa5bad..000000000 --- a/queries/aws_route53_domain_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_route53_domain_2 -Title: "List all AWS Route 53 Domains with Details" -Description: "Allows users to query AWS Route 53 Domains for detailed information about domain names, including their status, expiration date, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - auto_renew, - expiration_date - from - aws_route53_domain - where - auto_renew; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_domain_3.yaml.bak b/queries/aws_route53_domain_3.yaml.bak deleted file mode 100755 index fbf24296b..000000000 --- a/queries/aws_route53_domain_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_route53_domain_3 -Title: "Find AWS Route 53 Domains with Transfer Lock Status" -Description: "Allows users to query AWS Route 53 Domains for detailed information about domain names, including their status, expiration date, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - expiration_date, - transfer_lock - from - aws_route53_domain - where - transfer_lock; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_health_check_1.yaml.bak b/queries/aws_route53_health_check_1.yaml.bak deleted file mode 100755 index 09f4a6be7..000000000 --- a/queries/aws_route53_health_check_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_route53_health_check_1 -Title: "List all Health Check Details in AWS Route 53" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - akas, - id, - health_check_version, - health_check_config - from - aws_route53_health_check; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_health_check_2.yaml.bak b/queries/aws_route53_health_check_2.yaml.bak deleted file mode 100755 index 0661af02d..000000000 --- a/queries/aws_route53_health_check_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_route53_health_check_2 -Title: "List all AWS Route 53 Health Check Data and Configuration" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - health_check_version, - cloud_watch_alarm_configuration ->> 'ComparisonOperator' as cloud_watch_comparison_operator, - cloud_watch_alarm_configuration ->> 'Dimensions' as cloud_watch_dimensions, - cloud_watch_alarm_configuration ->> 'EvaluationPeriods' as cloud_watch_evaluation_periods, - cloud_watch_alarm_configuration ->> 'MetricName' as cloud_watch_metric_name, - cloud_watch_alarm_configuration ->> 'Period' as cloud_watch_period, - cloud_watch_alarm_configuration ->> 'Statistic' as cloud_watch_statistic, - cloud_watch_alarm_configuration ->> 'Threshold' as cloud_watch_threshold - from - aws_route53_health_check - where - cloud_watch_alarm_configuration is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_health_check_3.yaml.bak b/queries/aws_route53_health_check_3.yaml.bak deleted file mode 100755 index a0e7a0e53..000000000 --- a/queries/aws_route53_health_check_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_route53_health_check_3 -Title: "Find AWS Route 53 Health Check Configuration and Status" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - health_check_version, - linked_service_description, - linked_service_principal - from - aws_route53_health_check - where - linked_service_description is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_health_check_4.yaml.bak b/queries/aws_route53_health_check_4.yaml.bak deleted file mode 100755 index 75e9594c2..000000000 --- a/queries/aws_route53_health_check_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_route53_health_check_4 -Title: "List all AWS Route 53 Health Check using SQL" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - health_check_version, - health_check_config ->> 'Disabled' as disabled - from - aws_route53_health_check - where - cast(health_check_config ->> 'Disabled' as boolean); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Route 53 diff --git a/queries/aws_route53_health_check_5.yaml.bak b/queries/aws_route53_health_check_5.yaml.bak deleted file mode 100755 index 08fa77a6c..000000000 --- a/queries/aws_route53_health_check_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_route53_health_check_5 -Title: "Find AWS Route 53 Health Check Configuration Details" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - health_check_version, - health_check_config ->> 'FullyQualifiedDomainName' as fully_qualified_domain_name, - health_check_config ->> 'IPAddress' as ip_address, - health_check_config ->> 'Port' as port, - health_check_config ->> 'Type' as type, - health_check_config ->> 'RequestInterval' as request_interval - from - aws_route53_health_check; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_health_check_5.yaml.bak.bak b/queries/aws_route53_health_check_5.yaml.bak.bak deleted file mode 100755 index 08fa77a6c..000000000 --- a/queries/aws_route53_health_check_5.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_route53_health_check_5 -Title: "Find AWS Route 53 Health Check Configuration Details" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - health_check_version, - health_check_config ->> 'FullyQualifiedDomainName' as fully_qualified_domain_name, - health_check_config ->> 'IPAddress' as ip_address, - health_check_config ->> 'Port' as port, - health_check_config ->> 'Type' as type, - health_check_config ->> 'RequestInterval' as request_interval - from - aws_route53_health_check; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_health_check_6.yaml.bak b/queries/aws_route53_health_check_6.yaml.bak deleted file mode 100755 index b8f113bb6..000000000 --- a/queries/aws_route53_health_check_6.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_route53_health_check_6 -Title: "Find AWS Route 53 Health Check Details and Status" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - health_check_version, - health_check_config ->> 'FullyQualifiedDomainName' as fully_qualified_domain_name, - health_check_config ->> 'IPAddress' as ip_address, - health_check_config ->> 'Port' as port, - health_check_config ->> 'Type' as type, - health_check_config ->> 'RequestInterval' as request_interval, - health_check_config ->> 'AlarmIdentifier' as alarm_identifier - from - aws_route53_health_check - where - health_check_config ->> 'AlarmIdentifier' is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_health_check_7.yaml.bak b/queries/aws_route53_health_check_7.yaml.bak deleted file mode 100755 index 55698a76a..000000000 --- a/queries/aws_route53_health_check_7.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_route53_health_check_7 -Title: "Find AWS Route 53 Health Check Details" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.id, - r.health_check_version, - hc ->> 'IPAddress' as ip_address, - hc ->> 'Region' as region, - hc-> 'StatusReport' as status_report - from - aws_route53_health_check as r, - jsonb_array_elements(health_check_status) hc - where - hc-> 'StatusReport' ->> 'Status' not like '%Success%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_query_log_1.yaml.bak b/queries/aws_route53_query_log_1.yaml.bak deleted file mode 100755 index f76e7b883..000000000 --- a/queries/aws_route53_query_log_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_route53_query_log_1 -Title: "List all AWS Route 53 Query Log DNS queries" -Description: "Allows users to query AWS Route 53 Query Log data, providing insights into DNS queries made to Route 53 hosted zones." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - hosted_zone_id, - cloud_watch_logs_log_group_arn, - title, - akas - from - aws_route53_query_log; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_query_log_2.yaml.bak b/queries/aws_route53_query_log_2.yaml.bak deleted file mode 100755 index 4c4ea47b0..000000000 --- a/queries/aws_route53_query_log_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_route53_query_log_2 -Title: "Find AWS Route 53 Query Log Data with SQL" -Description: "Allows users to query AWS Route 53 Query Log data, providing insights into DNS queries made to Route 53 hosted zones." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - l.id, - l.hosted_zone_id, - z.private_zone, - z.resource_record_set_count - from - aws_route53_query_log as l, - aws_route53_zone as z - where - z.id = l.hosted_zone_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_query_log_3.yaml.bak b/queries/aws_route53_query_log_3.yaml.bak deleted file mode 100755 index 9b328c579..000000000 --- a/queries/aws_route53_query_log_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_route53_query_log_3 -Title: "List all DNS Queries from AWS Route 53 Query Log" -Description: "Allows users to query AWS Route 53 Query Log data, providing insights into DNS queries made to Route 53 hosted zones." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - hosted_zone_id, - count(id) - from - aws_route53_query_log - group by - hosted_zone_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_record_1.yaml.bak b/queries/aws_route53_record_1.yaml.bak deleted file mode 100755 index 9ce06d097..000000000 --- a/queries/aws_route53_record_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_route53_record_1 -Title: "Find AWS Route 53 Record Details Using SQL" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - type, - records, - alias_target - from - aws_route53_record; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_record_2.yaml.bak b/queries/aws_route53_record_2.yaml.bak deleted file mode 100755 index ee101fbe3..000000000 --- a/queries/aws_route53_record_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_route53_record_2 -Title: "Find AWS Route 53 DNS Records with Steampipe SQL" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name, - r.type, - record - from - aws_route53_record as r, - jsonb_array_elements_text(records) as record - where - name = 'test.com.'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 DNS diff --git a/queries/aws_route53_record_3.yaml.bak b/queries/aws_route53_record_3.yaml.bak deleted file mode 100755 index 11be5f4b4..000000000 --- a/queries/aws_route53_record_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_route53_record_3 -Title: "Find DNS Records with AWS Route 53 Using Steampipe" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name, - r.type, - record - from - aws_route53_record as r, - jsonb_array_elements_text(records) as record - where - r.type = 'NS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_record_4.yaml.bak b/queries/aws_route53_record_4.yaml.bak deleted file mode 100755 index 8e486b51f..000000000 --- a/queries/aws_route53_record_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_route53_record_4 -Title: "List AWS Route 53 DNS Record Details" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name, - r.type, - record - from - aws_route53_record as r, - jsonb_array_elements_text(records) as record - where - r.name = 'test.com.' - and r.type = 'NS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_record_5.yaml.bak b/queries/aws_route53_record_5.yaml.bak deleted file mode 100755 index 4cf9c1e6c..000000000 --- a/queries/aws_route53_record_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_route53_record_5 -Title: "Find DNS Record Details in AWS Route 53" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - type, - count(*) - from - aws_route53_record - group by - type - order by - count desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_record_6.yaml.bak b/queries/aws_route53_record_6.yaml.bak deleted file mode 100755 index bd5af688d..000000000 --- a/queries/aws_route53_record_6.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_route53_record_6 -Title: "List all DNS records in AWS Route 53 using SQL" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - type, - records, - alias_target, - geo_location ->> 'ContinentCode' as continent, - geo_location ->> 'CountryCode' as country, - geo_location ->> 'SubdivisionCode' as subdivision - from - aws_route53_record - where - geo_location is not null - order by - name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - DNS diff --git a/queries/aws_route53_record_7.yaml.bak b/queries/aws_route53_record_7.yaml.bak deleted file mode 100755 index 3e014cae9..000000000 --- a/queries/aws_route53_record_7.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_route53_record_7 -Title: "Find all DNS Records in AWS Route 53" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - type, - count(*) - from - aws_route53_record - left join jsonb_array_elements_text(records) as record on true - group by - name, - type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_resolver_endpoint_1.yaml.bak b/queries/aws_route53_resolver_endpoint_1.yaml.bak deleted file mode 100755 index 246d08224..000000000 --- a/queries/aws_route53_resolver_endpoint_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_route53_resolver_endpoint_1 -Title: "List all AWS Route 53 Resolver Endpoints with Details" -Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - direction, - ip_address_count - status - from - aws_route53_resolver_endpoint; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 Resolver diff --git a/queries/aws_route53_resolver_endpoint_2.yaml.bak b/queries/aws_route53_resolver_endpoint_2.yaml.bak deleted file mode 100755 index eb235d2d1..000000000 --- a/queries/aws_route53_resolver_endpoint_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_route53_resolver_endpoint_2 -Title: "List AWS Route 53 Resolver Endpoints with Details" -Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - direction, - ip_address_count - status - from - aws_route53_resolver_endpoint - where - id = 'rslvr-out-ebb7db0b7498463eb'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_resolver_endpoint_3.yaml.bak b/queries/aws_route53_resolver_endpoint_3.yaml.bak deleted file mode 100755 index 6e8b19570..000000000 --- a/queries/aws_route53_resolver_endpoint_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_route53_resolver_endpoint_3 -Title: "List all AWS Route 53 Resolver Endpoints Needing Action" -Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - direction, - status, - status_message - from - aws_route53_resolver_endpoint - where - status = 'ACTION_NEEDED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 Resolver diff --git a/queries/aws_route53_resolver_endpoint_4.yaml.bak b/queries/aws_route53_resolver_endpoint_4.yaml.bak deleted file mode 100755 index d507321c7..000000000 --- a/queries/aws_route53_resolver_endpoint_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_route53_resolver_endpoint_4 -Title: "List All AWS Route 53 Resolver Endpoints and Details" -Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p ->> 'Ip' as ip, - p ->> 'Status' as status, - p ->> 'SubnetId' as subnet_id - from - aws_route53_resolver_endpoint, - jsonb_array_elements(ip_addresses) as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_resolver_query_log_config_1.yaml.bak b/queries/aws_route53_resolver_query_log_config_1.yaml.bak deleted file mode 100755 index 6c7d4c374..000000000 --- a/queries/aws_route53_resolver_query_log_config_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_route53_resolver_query_log_config_1 -Title: "Find Route 53 Resolver Query Log Configurations" -Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - creation_time, - share_status, - status - from - aws_route53_resolver_query_log_config; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_resolver_query_log_config_2.yaml.bak b/queries/aws_route53_resolver_query_log_config_2.yaml.bak deleted file mode 100755 index 49895d478..000000000 --- a/queries/aws_route53_resolver_query_log_config_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_route53_resolver_query_log_config_2 -Title: "List all AWS Route 53 Resolver Query Log Configurations" -Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - creation_time, - share_status, - status, - destination_arn - from - aws_route53_resolver_query_log_config - where - owner_id <> account_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 - cloud_traffic_analytics: - - "true" diff --git a/queries/aws_route53_resolver_query_log_config_3.yaml.bak b/queries/aws_route53_resolver_query_log_config_3.yaml.bak deleted file mode 100755 index 8e1fdcd56..000000000 --- a/queries/aws_route53_resolver_query_log_config_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_route53_resolver_query_log_config_3 -Title: "Find AWS Route 53 Resolver Query Log Configurations" -Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - creator_request_id, - destination_arn - from - aws_route53_resolver_query_log_config - where - status = 'FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_resolver_query_log_config_4.yaml.bak b/queries/aws_route53_resolver_query_log_config_4.yaml.bak deleted file mode 100755 index 5491d3f05..000000000 --- a/queries/aws_route53_resolver_query_log_config_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_route53_resolver_query_log_config_4 -Title: "Find AWS Route 53 Resolver Query Log Configurations" -Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - share_status, - association_count - from - aws_route53_resolver_query_log_config - where - share_status = 'SHARED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_resolver_query_log_config_5.yaml.bak b/queries/aws_route53_resolver_query_log_config_5.yaml.bak deleted file mode 100755 index a154ed87a..000000000 --- a/queries/aws_route53_resolver_query_log_config_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_route53_resolver_query_log_config_5 -Title: "Find AWS Route 53 Resolver Query Log Configurations" -Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - creation_time, - destination_arn, - status - from - aws_route53_resolver_query_log_config - where - creation_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_resolver_query_log_config_5.yaml.bak.bak b/queries/aws_route53_resolver_query_log_config_5.yaml.bak.bak deleted file mode 100755 index ae9bb55fe..000000000 --- a/queries/aws_route53_resolver_query_log_config_5.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_route53_resolver_query_log_config_5 -Title: "Find AWS Route 53 Resolver Query Log Configurations" -Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - creation_time, - destination_arn, - status - from - aws_route53_resolver_query_log_config - where - creation_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_resolver_rule_1.yaml.bak b/queries/aws_route53_resolver_rule_1.yaml.bak deleted file mode 100755 index 641d2d13c..000000000 --- a/queries/aws_route53_resolver_rule_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_route53_resolver_rule_1 -Title: "List all AWS Route 53 Resolver Rules" -Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - domain_name owner_id, - resolver_endpoint_id, - rule_type, - share_status, - status - from - aws_route53_resolver_rule; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_resolver_rule_2.yaml.bak b/queries/aws_route53_resolver_rule_2.yaml.bak deleted file mode 100755 index 2b9b3c967..000000000 --- a/queries/aws_route53_resolver_rule_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_route53_resolver_rule_2 -Title: "Find Route 53 Resolver Rules Configured in AWS Account" -Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - resolver_rule_associations - from - aws_route53_resolver_rule - Where - resolver_rule_associations = '[]'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_resolver_rule_3.yaml.bak b/queries/aws_route53_resolver_rule_3.yaml.bak deleted file mode 100755 index 94f8f3545..000000000 --- a/queries/aws_route53_resolver_rule_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_route53_resolver_rule_3 -Title: "Find AWS Route 53 Resolver Rule Data in AWS Account" -Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p ->> 'Ip' as ip, - p ->> 'Port' as port - from - aws_route53_resolver_rule, - jsonb_array_elements(target_ips) as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_resolver_rule_4.yaml.bak b/queries/aws_route53_resolver_rule_4.yaml.bak deleted file mode 100755 index b60aad9c1..000000000 --- a/queries/aws_route53_resolver_rule_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_route53_resolver_rule_4 -Title: "Find all AWS Route 53 Resolver Rules Configuration" -Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - share_status, - rule_type - from - aws_route53_resolver_rule - where - share_status = 'SHARED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_traffic_policy_1.yaml.bak b/queries/aws_route53_traffic_policy_1.yaml.bak deleted file mode 100755 index b4a076ac9..000000000 --- a/queries/aws_route53_traffic_policy_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_route53_traffic_policy_1 -Title: "List all AWS Route 53 Traffic Policies and Metadata" -Description: "Allows users to query AWS Route 53 Traffic Policies to retrieve information about each policy''s versions, including the policy identifier, name, type, and document. This table also provides data related to the policy''s associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - version, - document, - region - from - aws_route53_traffic_policy; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_traffic_policy_2.yaml.bak b/queries/aws_route53_traffic_policy_2.yaml.bak deleted file mode 100755 index a196198f7..000000000 --- a/queries/aws_route53_traffic_policy_2.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_route53_traffic_policy_2 -Title: "Find All AWS Route 53 Traffic Policy Versions and Metadata" -Description: "Allows users to query AWS Route 53 Traffic Policies to retrieve information about each policy''s versions, including the policy identifier, name, type, and document. This table also provides data related to the policy''s associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - policy.id, - policy.version, - comment - from - aws_route53_traffic_policy policy, - (select - id, - max(version) as version - from - aws_route53_traffic_policy - group by - id) as latest - where - latest.id = policy.id - and latest.version = policy.version; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_traffic_policy_3.yaml.bak b/queries/aws_route53_traffic_policy_3.yaml.bak deleted file mode 100755 index 958e4a22b..000000000 --- a/queries/aws_route53_traffic_policy_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_route53_traffic_policy_3 -Title: "List all AWS Route 53 Traffic Policies with Versions" -Description: "Allows users to query AWS Route 53 Traffic Policies to retrieve information about each policy''s versions, including the policy identifier, name, type, and document. This table also provides data related to the policy''s associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - document ->> 'RecordType' as dns_type, - count(id) as "policies" - from - aws_route53_traffic_policy - group by - dns_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_traffic_policy_instance_1.yaml.bak b/queries/aws_route53_traffic_policy_instance_1.yaml.bak deleted file mode 100755 index 5da36ad81..000000000 --- a/queries/aws_route53_traffic_policy_instance_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_route53_traffic_policy_instance_1 -Title: "List all AWS Route 53 Traffic Policy Instances" -Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - hosted_zone_id, - ttl, - region - from - aws_route53_traffic_policy_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_traffic_policy_instance_2.yaml.bak b/queries/aws_route53_traffic_policy_instance_2.yaml.bak deleted file mode 100755 index 74ec38571..000000000 --- a/queries/aws_route53_traffic_policy_instance_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_route53_traffic_policy_instance_2 -Title: "List all AWS Route 53 Traffic Policy Instances" -Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.name, - i.id, - h.id as hosted_zone_id, - h.name as hosted_zone_name, - h.caller_reference, - h.private_zone - from - aws_route53_traffic_policy_instance i - join aws_route53_zone h on i.hosted_zone_id = h.id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_traffic_policy_instance_3.yaml.bak b/queries/aws_route53_traffic_policy_instance_3.yaml.bak deleted file mode 100755 index 0a9eb30f1..000000000 --- a/queries/aws_route53_traffic_policy_instance_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_route53_traffic_policy_instance_3 -Title: "List all AWS Route 53 Traffic Policy Instances" -Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.name, - i.id, - traffic_policy_id, - p.name as traffic_policy_name, - traffic_policy_type, - traffic_policy_version, - p.document - from - aws_route53_traffic_policy_instance i - join aws_route53_traffic_policy p on i.traffic_policy_id = p.id - and i.traffic_policy_version = p.version; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_traffic_policy_instance_4.yaml.bak b/queries/aws_route53_traffic_policy_instance_4.yaml.bak deleted file mode 100755 index ade70b0ab..000000000 --- a/queries/aws_route53_traffic_policy_instance_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_route53_traffic_policy_instance_4 -Title: "List All AWS Route 53 Traffic Policy Instances" -Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - state, - hosted_zone_id, - message as failed_reason - from - aws_route53_traffic_policy_instance - where - state = 'Failed'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_vpc_association_authorization_1.yaml.bak b/queries/aws_route53_vpc_association_authorization_1.yaml.bak deleted file mode 100755 index 3016eaf9d..000000000 --- a/queries/aws_route53_vpc_association_authorization_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_route53_vpc_association_authorization_1 -Title: "List all VPCs created by other accounts for a hosted zone" -Description: "Gets a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone because you''ve submitted one or more `CreateVPCAssociationAuthorization` requests." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - hosted_zone_id, - vpc_id, - vpc_region - from - aws_route53_vpc_association_authorization - where - hosted_zone_id = 'Z3M3LMPEXAMPLE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route53 diff --git a/queries/aws_route53_vpc_association_authorization_2.yaml.bak b/queries/aws_route53_vpc_association_authorization_2.yaml.bak deleted file mode 100755 index 867175509..000000000 --- a/queries/aws_route53_vpc_association_authorization_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_route53_vpc_association_authorization_2 -Title: "List all VPCs from other accounts for Route53 association" -Description: "Gets a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone because you''ve submitted one or more `CreateVPCAssociationAuthorization` requests." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - hosted_zone_id, - vpc_id, - vpc_region - from - aws_route53_vpc_association_authorization - where - hosted_zone_id = 'Z3M3LMPEXAMPLE' - order by - vpc_region desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route53 diff --git a/queries/aws_route53_vpc_association_authorization_3.yaml.bak b/queries/aws_route53_vpc_association_authorization_3.yaml.bak deleted file mode 100755 index cb7d12999..000000000 --- a/queries/aws_route53_vpc_association_authorization_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_route53_vpc_association_authorization_3 -Title: "List all VPCs for AWS Route53 VPC Association Authorization" -Description: "Gets a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone because you''ve submitted one or more `CreateVPCAssociationAuthorization` requests." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - auth.hosted_zone_id, - z.name, - auth.vpc_id, - auth.vpc_region - from - aws_route53_vpc_association_authorization auth - inner join - aws_route53_zone z on auth.hosted_zone_id = z.id - where z.name = 'mycooldomain.xyz'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route53 diff --git a/queries/aws_route53_zone_1.yaml.bak b/queries/aws_route53_zone_1.yaml.bak deleted file mode 100755 index 4806cb725..000000000 --- a/queries/aws_route53_zone_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_route53_zone_1 -Title: "List AWS Route 53 Zone Details Including Hosted Zone ID" -Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - private_zone, - resource_record_set_count - from - aws_route53_zone; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_zone_2.yaml.bak b/queries/aws_route53_zone_2.yaml.bak deleted file mode 100755 index cba2faa11..000000000 --- a/queries/aws_route53_zone_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_route53_zone_2 -Title: "List all AWS Route 53 Zone Details Including Tags and Counts" -Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - comment, - private_zone, - resource_record_set_count - from - aws_route53_zone - where - private_zone; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_zone_3.yaml.bak b/queries/aws_route53_zone_3.yaml.bak deleted file mode 100755 index 4e49ca242..000000000 --- a/queries/aws_route53_zone_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_route53_zone_3 -Title: "List AWS Route 53 Zone Details Including Hosted Zone ID" -Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - comment, - private_zone, - resource_record_set_count - from - aws_route53_zone - where - not private_zone; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_zone_3.yaml.bak.bak b/queries/aws_route53_zone_3.yaml.bak.bak deleted file mode 100755 index 4e49ca242..000000000 --- a/queries/aws_route53_zone_3.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_route53_zone_3 -Title: "List AWS Route 53 Zone Details Including Hosted Zone ID" -Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - comment, - private_zone, - resource_record_set_count - from - aws_route53_zone - where - not private_zone; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_zone_4.yaml.bak b/queries/aws_route53_zone_4.yaml.bak deleted file mode 100755 index 4a171b3cf..000000000 --- a/queries/aws_route53_zone_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_route53_zone_4 -Title: "List all AWS Route 53 Zone details including record count" -Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - private_zone, - resource_record_set_count - from - aws_route53_zone - where - name like '%.turbot.com. - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_zone_5.yaml.bak b/queries/aws_route53_zone_5.yaml.bak deleted file mode 100755 index eb4fcb402..000000000 --- a/queries/aws_route53_zone_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_route53_zone_5 -Title: "List AWS Route 53 Zone Details with Associated Tags" -Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - v ->> 'VPCId' as vpc_id, - v ->> 'VPCRegion' as vpc_region - from - aws_route53_zone, - jsonb_array_elements(vpcs) as v; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_route53_zone_6.yaml.bak b/queries/aws_route53_zone_6.yaml.bak deleted file mode 100755 index 7e4636bf0..000000000 --- a/queries/aws_route53_zone_6.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_route53_zone_6 -Title: "List AWS Route 53 Zone Details including Hosted Zone ID" -Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - v.vpc_id as vpc_id, - v.cidr_block as cidr_block, - v.is_default as is_default, - v.dhcp_options_id as dhcp_options_id - from - aws_route53_zone, - jsonb_array_elements(vpcs) as p, - aws_vpc as v - where - p ->> 'VPCId' = v.vpc_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Route 53 diff --git a/queries/aws_s3_access_point_1.yaml.bak b/queries/aws_s3_access_point_1.yaml.bak deleted file mode 100755 index 0d2bd6bd3..000000000 --- a/queries/aws_s3_access_point_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_s3_access_point_1 -Title: "List all AWS S3 Access Point details using SQL" -Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_point_arn, - bucket_name - from - aws_s3_access_point; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_access_point_1.yaml.bak.bak b/queries/aws_s3_access_point_1.yaml.bak.bak deleted file mode 100755 index 0d2bd6bd3..000000000 --- a/queries/aws_s3_access_point_1.yaml.bak.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_s3_access_point_1 -Title: "List all AWS S3 Access Point details using SQL" -Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_point_arn, - bucket_name - from - aws_s3_access_point; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_access_point_2.yaml.bak b/queries/aws_s3_access_point_2.yaml.bak deleted file mode 100755 index 37b75f7ce..000000000 --- a/queries/aws_s3_access_point_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_s3_access_point_2 -Title: "List all AWS S3 Access Point details" -Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_point_arn, - vpc_id - from - aws_s3_access_point - where - vpc_id is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_access_point_3.yaml.bak b/queries/aws_s3_access_point_3.yaml.bak deleted file mode 100755 index c35e43a00..000000000 --- a/queries/aws_s3_access_point_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_s3_access_point_3 -Title: "Find AWS S3 Access Point details with public policies" -Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - block_public_acls, - block_public_policy, - ignore_public_acls, - restrict_public_buckets - from - aws_s3_access_point - where - not block_public_acls - or not block_public_policy - or not ignore_public_acls - or not restrict_public_buckets; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_access_point_4.yaml.bak b/queries/aws_s3_access_point_4.yaml.bak deleted file mode 100755 index 2af971fdd..000000000 --- a/queries/aws_s3_access_point_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_s3_access_point_4 -Title: "List all AWS S3 Access Point details including name and policy" -Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_point_policy_is_public - from - aws_s3_access_point - where - access_point_policy_is_public; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_access_point_5.yaml.bak b/queries/aws_s3_access_point_5.yaml.bak deleted file mode 100755 index a3a032a48..000000000 --- a/queries/aws_s3_access_point_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_s3_access_point_5 -Title: "List AWS S3 Access Point Details Including Name, Bucket" -Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - bucket_name, - count(name) access_point_count - from - aws_s3_access_point - group by - bucket_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 Access Point diff --git a/queries/aws_s3_bucket_1.yaml.bak b/queries/aws_s3_bucket_1.yaml.bak deleted file mode 100755 index bfcb18bf1..000000000 --- a/queries/aws_s3_bucket_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_s3_bucket_1 -Title: "List all AWS S3 Buckets with Configuration and Policies" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - region, - account_id, - bucket_policy_is_public - from - aws_s3_bucket; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_10.yaml.bak b/queries/aws_s3_bucket_10.yaml.bak deleted file mode 100755 index b6b8611d7..000000000 --- a/queries/aws_s3_bucket_10.yaml.bak +++ /dev/null @@ -1,38 +0,0 @@ -ID: aws_s3_bucket_10 -Title: "Find AWS S3 Bucket Policies and Permissions" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_s3_bucket, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - string_to_array(p, ':') as pa, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and ( - pa[5] != account_id - or p = '*' - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_11.yaml.bak b/queries/aws_s3_bucket_11.yaml.bak deleted file mode 100755 index 7dd93d1d5..000000000 --- a/queries/aws_s3_bucket_11.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_s3_bucket_11 -Title: "Find AWS S3 Buckets with Object Lock Enabled" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - object_lock_configuration ->> 'ObjectLockEnabled' as object_lock_enabled - from - aws_s3_bucket - where - object_lock_configuration ->> 'ObjectLockEnabled' = 'Enabled'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_12.yaml.bak b/queries/aws_s3_bucket_12.yaml.bak deleted file mode 100755 index 6c83c5e06..000000000 --- a/queries/aws_s3_bucket_12.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_s3_bucket_12 -Title: "Find all detailed AWS S3 Bucket Information via SQL" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - website_configuration -> 'IndexDocument' ->> 'Suffix' as suffix - from - aws_s3_bucket - where - website_configuration -> 'IndexDocument' ->> 'Suffix' is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_13.yaml.bak b/queries/aws_s3_bucket_13.yaml.bak deleted file mode 100755 index 5482d5094..000000000 --- a/queries/aws_s3_bucket_13.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_s3_bucket_13 -Title: "Find all AWS S3 Buckets Configuration and Permissions" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - b.name, - r ->> 'ObjectOwnership' as object_ownership - from - aws_s3_bucket as b, - jsonb_array_elements(object_ownership_controls -> 'Rules') as r; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_2.yaml.bak b/queries/aws_s3_bucket_2.yaml.bak deleted file mode 100755 index 269f56240..000000000 --- a/queries/aws_s3_bucket_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_s3_bucket_2 -Title: "Find AWS S3 Buckets Missing Versioning Using SQL" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - region, - account_id, - versioning_enabled - from - aws_s3_bucket - where - not versioning_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_3.yaml.bak b/queries/aws_s3_bucket_3.yaml.bak deleted file mode 100755 index d84b34611..000000000 --- a/queries/aws_s3_bucket_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_s3_bucket_3 -Title: "Find AWS S3 buckets with no server-side encryption" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - server_side_encryption_configuration - from - aws_s3_bucket - where - server_side_encryption_configuration is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_4.yaml.bak b/queries/aws_s3_bucket_4.yaml.bak deleted file mode 100755 index ad12a8c49..000000000 --- a/queries/aws_s3_bucket_4.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_s3_bucket_4 -Title: "Find AWS S3 Buckets with Public Access Details" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - block_public_acls, - block_public_policy, - ignore_public_acls, - restrict_public_buckets - from - aws_s3_bucket - where - not block_public_acls - or not block_public_policy - or not ignore_public_acls - or not restrict_public_buckets; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_5.yaml.bak b/queries/aws_s3_bucket_5.yaml.bak deleted file mode 100755 index 44768beb3..000000000 --- a/queries/aws_s3_bucket_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_s3_bucket_5 -Title: "Find All AWS S3 Bucket Policies and Configurations" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - bucket_policy_is_public - from - aws_s3_bucket - where - bucket_policy_is_public; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_6.yaml.bak b/queries/aws_s3_bucket_6.yaml.bak deleted file mode 100755 index 9caacfeaa..000000000 --- a/queries/aws_s3_bucket_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_s3_bucket_6 -Title: "Find AWS S3 Buckets with Specific Logging Target" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - logging ->> 'TargetBucket' as target_bucket - from - aws_s3_bucket - where - logging ->> 'TargetBucket' = name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_6.yaml.bak.bak b/queries/aws_s3_bucket_6.yaml.bak.bak deleted file mode 100755 index 432006d00..000000000 --- a/queries/aws_s3_bucket_6.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_s3_bucket_6 -Title: "Find AWS S3 Buckets with Specific Logging Target" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - logging ->> 'TargetBucket' as target_bucket - from - aws_s3_bucket - where - logging ->> 'TargetBucket' = name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_7.yaml.bak b/queries/aws_s3_bucket_7.yaml.bak deleted file mode 100755 index 69f50e875..000000000 --- a/queries/aws_s3_bucket_7.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_s3_bucket_7 -Title: "Find all AWS S3 Buckets Information with SQL" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - tags ->> 'fizz' as fizz - from - aws_s3_bucket - where - tags ->> 'application' is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_8.yaml.bak b/queries/aws_s3_bucket_8.yaml.bak deleted file mode 100755 index b168c25bb..000000000 --- a/queries/aws_s3_bucket_8.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_s3_bucket_8 -Title: "Find all AWS S3 buckets with insecure policies" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p as principal, - a as action, - s ->> 'Effect' as effect, - s ->> 'Condition' as conditions, - ssl - from - aws_s3_bucket, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a, - jsonb_array_elements_text( - s -> 'Condition' -> 'Bool' -> 'aws:securetransport' - ) as ssl - where - p = '*' - and s ->> 'Effect' = 'Deny' - and ssl :: bool = false; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_9.yaml.bak b/queries/aws_s3_bucket_9.yaml.bak deleted file mode 100755 index c4c103349..000000000 --- a/queries/aws_s3_bucket_9.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_s3_bucket_9 -Title: "Find AWS S3 Buckets with Specific Policies and Permissions" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name - from - aws_s3_bucket - where - name not in ( - select - name - from - aws_s3_bucket, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a, - jsonb_array_elements_text( - s -> 'Condition' -> 'Bool' -> 'aws:securetransport' - ) as ssl - where - p = '*' - and s ->> 'Effect' = 'Deny' - and ssl :: bool = false - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml.bak b/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml.bak deleted file mode 100755 index a1efe79b3..000000000 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_s3_bucket_intelligent_tiering_configuration_1 -Title: "List all Intelligent Tiering Configurations in AWS S3" -Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - bucket_name, - id, - status, - tierings - from - aws_s3_bucket_intelligent_tiering_configuration; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 Bucket diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml.bak b/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml.bak deleted file mode 100755 index a5a3be1b2..000000000 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml.bak +++ /dev/null @@ -1,45 +0,0 @@ -ID: aws_s3_bucket_intelligent_tiering_configuration_2 -Title: "List all AWS S3 Buckets with Intelligent Tiering Configuration" -Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with intelligent_tiering_configuration as MATERIALIZED ( - select - bucket_name, id, status - from - aws_s3_bucket_intelligent_tiering_configuration ), - bucket as MATERIALIZED ( - select - name, region - from - aws_s3_bucket ) - select distinct - b.name, - b.region, - case - when - i.id is null - then - 'Bucket does not have intelligent tiering configured' - else - 'Bucket has intelligent tiering configured' - end - as intelligent_tiering_configuration_status - from - bucket as b - left join - intelligent_tiering_configuration as i - on b.name = i.bucket_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml.bak b/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml.bak deleted file mode 100755 index 0f0ed610c..000000000 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_s3_bucket_intelligent_tiering_configuration_3 -Title: "List all Intelligent Tiering configurations for S3 buckets" -Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - bucket_name, - id, - status, - tierings - from - aws_s3_bucket_intelligent_tiering_configuration - where - status = 'Enabled'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml.bak b/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml.bak deleted file mode 100755 index 6551b9b49..000000000 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_s3_bucket_intelligent_tiering_configuration_4 -Title: "Find all Intelligent Tiering Configurations in AWS S3 Buckets" -Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.bucket_name, - s.id, - s.status, - t ->> 'AccessTier' as access_tier, - t ->> 'Days' as days - from - aws_s3_bucket_intelligent_tiering_configuration as s, - jsonb_array_elements(tierings) as t; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml.bak b/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml.bak deleted file mode 100755 index cc9d4b4a3..000000000 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_s3_bucket_intelligent_tiering_configuration_5 -Title: "Find all Intelligent Tiering Configurations in AWS S3 Buckets" -Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - bucket_name, - id, - filter -> 'And' as filter_and, - filter -> 'Prefix' as filter_prefix, - filter -> 'Tag' as filter_tag - from - aws_s3_bucket_intelligent_tiering_configuration; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_multi_region_access_point_1.yaml.bak b/queries/aws_s3_multi_region_access_point_1.yaml.bak deleted file mode 100755 index 8356ab92c..000000000 --- a/queries/aws_s3_multi_region_access_point_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_s3_multi_region_access_point_1 -Title: "List all AWS S3 Multi-Region Access Points configuration and status" -Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - alias, - status, - created_at - from - aws_s3_multi_region_access_point; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 Multi-Region Access Point diff --git a/queries/aws_s3_multi_region_access_point_2.yaml.bak b/queries/aws_s3_multi_region_access_point_2.yaml.bak deleted file mode 100755 index 821f4ffb5..000000000 --- a/queries/aws_s3_multi_region_access_point_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_s3_multi_region_access_point_2 -Title: "Find AWS S3 Multi-Region Access Points configuration and status" -Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - public_access_block ->> 'BlockPublicAcls' as block_public_acls, - public_access_block ->> 'BlockPublicPolicy' as block_public_policy, - public_access_block ->> 'IgnorePublicAcls' as ignore_public_acls, - public_access_block ->> 'RestrictPublicBuckets' as restrict_public_buckets - from - aws_s3_multi_region_access_point - where - public_access_block ->> 'BlockPublicAcls'::text = 'true' - and public_access_block ->> 'BlockPublicPolicy'::text = 'true' - and public_access_block ->> 'IgnorePublicAcls'::text = 'true' - and public_access_block ->> 'RestrictPublicBuckets'::text = 'true'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_multi_region_access_point_3.yaml.bak b/queries/aws_s3_multi_region_access_point_3.yaml.bak deleted file mode 100755 index de57a62f3..000000000 --- a/queries/aws_s3_multi_region_access_point_3.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_s3_multi_region_access_point_3 -Title: "Find AWS S3 Multi-Region Access Point Configuration and Policies" -Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - policy -> 'Established' -> 'Policy' as established_policy, - policy -> 'Proposed' -> 'Policy' as proposed_policy - from - aws_s3_multi_region_access_point; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_multi_region_access_point_4.yaml.bak b/queries/aws_s3_multi_region_access_point_4.yaml.bak deleted file mode 100755 index c4a4a2c47..000000000 --- a/queries/aws_s3_multi_region_access_point_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_s3_multi_region_access_point_4 -Title: "List all AWS S3 Multi-Region Access Points and Configuration" -Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r ->> 'Bucket' as bucket_name, - count(name) access_point_count - from - aws_s3_multi_region_access_point, - jsonb_array_elements(regions) as r - group by - bucket_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS S3 diff --git a/queries/aws_s3_multi_region_access_point_4.yaml.bak.bak b/queries/aws_s3_multi_region_access_point_4.yaml.bak.bak deleted file mode 100755 index c4a4a2c47..000000000 --- a/queries/aws_s3_multi_region_access_point_4.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_s3_multi_region_access_point_4 -Title: "List all AWS S3 Multi-Region Access Points and Configuration" -Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r ->> 'Bucket' as bucket_name, - count(name) access_point_count - from - aws_s3_multi_region_access_point, - jsonb_array_elements(regions) as r - group by - bucket_name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS S3 diff --git a/queries/aws_s3_multi_region_access_point_5.yaml.bak b/queries/aws_s3_multi_region_access_point_5.yaml.bak deleted file mode 100755 index 206ee1998..000000000 --- a/queries/aws_s3_multi_region_access_point_5.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_s3_multi_region_access_point_5 -Title: "Query AWS S3 Multi-Region Access Points Configuration" -Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.name, - r ->> 'Bucket' as bucket_name, - b.creation_date as bucket_creation_date, - b.bucket_policy_is_public, - b.versioning_enabled - from - aws_s3_multi_region_access_point as a, - jsonb_array_elements(a.regions) as r, - aws_s3_bucket as b - where - b.name = r ->> 'Bucket'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_1.yaml.bak b/queries/aws_s3_object_1.yaml.bak deleted file mode 100755 index 34c9c7819..000000000 --- a/queries/aws_s3_object_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_s3_object_1 -Title: "Find AWS S3 Objects and Retrieve Metadata Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - arn, - bucket_name, - last_modified, - storage_class, - version_id - from - aws_s3_object - where - bucket_name = 'steampipe-test'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_10.yaml.bak b/queries/aws_s3_object_10.yaml.bak deleted file mode 100755 index f8c73f420..000000000 --- a/queries/aws_s3_object_10.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_s3_object_10 -Title: "Find AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - bucket_name, - jsonb_pretty(tags) as tags - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and tags ->> 'application' is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_10.yaml.bak.bak b/queries/aws_s3_object_10.yaml.bak.bak deleted file mode 100755 index f8c73f420..000000000 --- a/queries/aws_s3_object_10.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_s3_object_10 -Title: "Find AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - bucket_name, - jsonb_pretty(tags) as tags - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and tags ->> 'application' is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_11.yaml.bak b/queries/aws_s3_object_11.yaml.bak deleted file mode 100755 index bd2d0d4eb..000000000 --- a/queries/aws_s3_object_11.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_s3_object_11 -Title: "Find all AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - o.arn as object_arn, - bucket_name, - last_modified, - bucket_key_enabled - from - aws_s3_object as o, - aws_s3_bucket as b - where - o.bucket_name = b.name - and not bucket_key_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_12.yaml.bak b/queries/aws_s3_object_12.yaml.bak deleted file mode 100755 index 8cd04aa46..000000000 --- a/queries/aws_s3_object_12.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_s3_object_12 -Title: "Find all AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - arn, - bucket_name, - last_modified, - storage_class - from - aws_s3_object - where - bucket_name in - ( - select - name - from - aws_s3_bucket - where - not block_public_acls - or not block_public_policy - or not ignore_public_acls - or not restrict_public_buckets - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_13.yaml.bak b/queries/aws_s3_object_13.yaml.bak deleted file mode 100755 index 5bd5f58c2..000000000 --- a/queries/aws_s3_object_13.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_s3_object_13 -Title: "List all AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.key, - b ->> 'awsAccountId' as account_id, - b ->> 'digestEndTime' as digest_end_time, - b ->> 'digestPublicKeyFingerprint' as digest_public_key_fingerprint, - b ->> 'digestS3Bucket' as digest_s3_bucket, - b ->> 'digestStartTime' as digest_start_time - from - aws_s3_object as s, - jsonb_array_elements(body::jsonb) as b - where - bucket_name = 'steampipe-test' - and prefix = 'test1/log_text.txt'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_2.yaml.bak b/queries/aws_s3_object_2.yaml.bak deleted file mode 100755 index 2d0445ed5..000000000 --- a/queries/aws_s3_object_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_s3_object_2 -Title: "List all AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - arn, - bucket_name, - last_modified, - storage_class, - version_id - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and prefix = 'test/logs/2021/03/01/12'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 Object diff --git a/queries/aws_s3_object_3.yaml.bak b/queries/aws_s3_object_3.yaml.bak deleted file mode 100755 index 23a9f8903..000000000 --- a/queries/aws_s3_object_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_s3_object_3 -Title: "Find AWS S3 Object Metadata and Details with SQL" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - arn, - bucket_name, - last_modified, - storage_class, - version_id - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and prefix = 'test/logs/2021/03/01/12/abc.txt'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_4.yaml.bak b/queries/aws_s3_object_4.yaml.bak deleted file mode 100755 index aa67f0910..000000000 --- a/queries/aws_s3_object_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_s3_object_4 -Title: "List all AWS S3 Objects with Encryptions Using SQL" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - arn, - bucket_name, - last_modified, - storage_class, - version_id - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and sse_kms_key_id is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_4.yaml.bak.bak b/queries/aws_s3_object_4.yaml.bak.bak deleted file mode 100755 index aa67f0910..000000000 --- a/queries/aws_s3_object_4.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_s3_object_4 -Title: "List all AWS S3 Objects with Encryptions Using SQL" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - arn, - bucket_name, - last_modified, - storage_class, - version_id - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and sse_kms_key_id is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_5.yaml.bak b/queries/aws_s3_object_5.yaml.bak deleted file mode 100755 index 129251541..000000000 --- a/queries/aws_s3_object_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_s3_object_5 -Title: "List all AWS S3 Objects and Metadata" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - arn, - bucket_name, - last_modified, - storage_class, - version_id - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and last_modified < current_date - interval '3 months'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_6.yaml.bak b/queries/aws_s3_object_6.yaml.bak deleted file mode 100755 index e7a374e12..000000000 --- a/queries/aws_s3_object_6.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_s3_object_6 -Title: "List AWS S3 Objects and Retrieve Metadata Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.key, - s.bucket_name, - s.owner, - acl_grant -> 'Grantee' as grantee, - acl_grant ->> 'Permission' as permission - from - aws_s3_object as s, - jsonb_array_elements(aws_s3_object.acl -> 'Grants') as acl_grant - where - bucket_name = 'steampipe-test' - and acl_grant ->> 'Permission' = 'FULL_CONTROL' - and acl_grant -> 'Grantee' ->> 'ID' != aws_s3_object.owner ->> 'ID'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_7.yaml.bak b/queries/aws_s3_object_7.yaml.bak deleted file mode 100755 index 8615a36ac..000000000 --- a/queries/aws_s3_object_7.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_s3_object_7 -Title: "Find all AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - bucket_name, - object_lock_legal_hold_status - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and object_lock_legal_hold_status = 'ON'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_8.yaml.bak b/queries/aws_s3_object_8.yaml.bak deleted file mode 100755 index 34cb8d945..000000000 --- a/queries/aws_s3_object_8.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_s3_object_8 -Title: "List all AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - bucket_name, - object_lock_retain_until_date, - object_lock_mode, - object_lock_legal_hold_status - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and object_lock_mode = 'GOVERNANCE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_8.yaml.bak.bak b/queries/aws_s3_object_8.yaml.bak.bak deleted file mode 100755 index 34cb8d945..000000000 --- a/queries/aws_s3_object_8.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_s3_object_8 -Title: "List all AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - bucket_name, - object_lock_retain_until_date, - object_lock_mode, - object_lock_legal_hold_status - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and object_lock_mode = 'GOVERNANCE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_9.yaml.bak b/queries/aws_s3_object_9.yaml.bak deleted file mode 100755 index 61841b32a..000000000 --- a/queries/aws_s3_object_9.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_s3_object_9 -Title: "Find metadata and details of AWS S3 Objects" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.key, - s.bucket_name, - s.object_lock_retain_until_date, - s.object_lock_mode, - s.object_lock_legal_hold_status - from - aws_s3_object as s - where - bucket_name = 'steampipe-test' - and object_lock_retain_until_date > current_date + interval '1 year'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_version_1.yaml.bak b/queries/aws_s3_object_version_1.yaml.bak deleted file mode 100755 index 848de53ca..000000000 --- a/queries/aws_s3_object_version_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_s3_object_version_1 -Title: "List all AWS S3 Object Versions in Bucket" -Description: "Allows querying information about versions of objects stored in Amazon S3 buckets. This table provides details such as bucket name, delimiter, encoding type, version ID marker, prefix, whether the results are truncated, common prefixes, delete markers, and version information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - bucket_name, - key, - storage_class, - version_id, - is_latest, - size - from - aws_s3_object_version - where - bucket_name = 'testbucket'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon S3 diff --git a/queries/aws_s3_object_version_2.yaml.bak b/queries/aws_s3_object_version_2.yaml.bak deleted file mode 100755 index a821ca182..000000000 --- a/queries/aws_s3_object_version_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_s3_object_version_2 -Title: "Find all AWS S3 Object Versions in Buckets" -Description: "Allows querying information about versions of objects stored in Amazon S3 buckets. This table provides details such as bucket name, delimiter, encoding type, version ID marker, prefix, whether the results are truncated, common prefixes, delete markers, and version information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - bucket_name, - key, - storage_class, - version_id, - is_latest, - size, - etag, - owner_id - from - aws_s3_object_version - where - bucket_name = 'testbucket' - and - key = 'test/template.txt'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_s3_object_version_3.yaml.bak b/queries/aws_s3_object_version_3.yaml.bak deleted file mode 100755 index dd47ffd6c..000000000 --- a/queries/aws_s3_object_version_3.yaml.bak +++ /dev/null @@ -1,19 +0,0 @@ -ID: aws_s3_object_version_3 -Title: "Find AWS S3 Object Versions and Details" -Description: "Allows querying information about versions of objects stored in Amazon S3 buckets. This table provides details such as bucket name, delimiter, encoding type, version ID marker, prefix, whether the results are truncated, common prefixes, delete markers, and version information." -Connector: [] -Query: - Engine: "" - QueryToExecute: "" - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - S3 diff --git a/queries/aws_sagemaker_app_1.yaml.bak b/queries/aws_sagemaker_app_1.yaml.bak deleted file mode 100755 index fa6cdcb53..000000000 --- a/queries/aws_sagemaker_app_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_sagemaker_app_1 -Title: "List all AWS SageMaker App configurations" -Description: "Allows users to query AWS SageMaker App data, providing detailed insights into application configurations, user settings, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - status - from - aws_sagemaker_app; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker diff --git a/queries/aws_sagemaker_app_2.yaml.bak b/queries/aws_sagemaker_app_2.yaml.bak deleted file mode 100755 index 2fcfaa4a2..000000000 --- a/queries/aws_sagemaker_app_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_sagemaker_app_2 -Title: "Find AWS SageMaker App Configurations and Metadata" -Description: "Allows users to query AWS SageMaker App data, providing detailed insights into application configurations, user settings, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - status, - failure_reason - from - aws_sagemaker_app - where - status = 'Failed'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker App diff --git a/queries/aws_sagemaker_domain_1.yaml.bak b/queries/aws_sagemaker_domain_1.yaml.bak deleted file mode 100755 index 32b0d2eaa..000000000 --- a/queries/aws_sagemaker_domain_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_sagemaker_domain_1 -Title: "Find AWS SageMaker Domains and Metadata Details" -Description: "Allows users to query AWS SageMaker Domains to retrieve data about AWS SageMaker Studio domains, including domain details, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - status - from - aws_sagemaker_domain; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker Studio diff --git a/queries/aws_sagemaker_domain_2.yaml.bak b/queries/aws_sagemaker_domain_2.yaml.bak deleted file mode 100755 index 9ed9cab59..000000000 --- a/queries/aws_sagemaker_domain_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_sagemaker_domain_2 -Title: "List all AWS SageMaker Studio Domain Details and Status" -Description: "Allows users to query AWS SageMaker Domains to retrieve data about AWS SageMaker Studio domains, including domain details, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - creation_time, - home_efs_file_system_id, - kms_key_id - from - aws_sagemaker_domain - where - kms_key_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker diff --git a/queries/aws_sagemaker_domain_3.yaml.bak b/queries/aws_sagemaker_domain_3.yaml.bak deleted file mode 100755 index d4cb0cfca..000000000 --- a/queries/aws_sagemaker_domain_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_sagemaker_domain_3 -Title: "Find AWS SageMaker Domains and Their Details" -Description: "Allows users to query AWS SageMaker Domains to retrieve data about AWS SageMaker Studio domains, including domain details, status, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - app_network_access_type - from - aws_sagemaker_domain - where - app_network_access_type = 'PublicInternetOnly'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker Studio diff --git a/queries/aws_sagemaker_endpoint_configuration_1.yaml.bak b/queries/aws_sagemaker_endpoint_configuration_1.yaml.bak deleted file mode 100755 index 075d02c31..000000000 --- a/queries/aws_sagemaker_endpoint_configuration_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_sagemaker_endpoint_configuration_1 -Title: "List all AWS SageMaker Endpoint Configurations with Details" -Description: "Allows users to query AWS SageMaker Endpoint Configurations to retrieve detailed information about each endpoint configuration in the AWS SageMaker service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - kms_key_id, - creation_time, - production_variants, - tags - from - aws_sagemaker_endpoint_configuration; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker diff --git a/queries/aws_sagemaker_endpoint_configuration_2.yaml.bak b/queries/aws_sagemaker_endpoint_configuration_2.yaml.bak deleted file mode 100755 index d83bcb80c..000000000 --- a/queries/aws_sagemaker_endpoint_configuration_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_sagemaker_endpoint_configuration_2 -Title: "Find AWS SageMaker Endpoint Configuration details" -Description: "Allows users to query AWS SageMaker Endpoint Configurations to retrieve detailed information about each endpoint configuration in the AWS SageMaker service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - kms_key_id - from - aws_sagemaker_endpoint_configuration - where - kms_key_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker diff --git a/queries/aws_sagemaker_model_1.yaml.bak b/queries/aws_sagemaker_model_1.yaml.bak deleted file mode 100755 index 725dd55e4..000000000 --- a/queries/aws_sagemaker_model_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_sagemaker_model_1 -Title: "Find all AWS SageMaker Models Using SQL" -Description: "Allows users to query AWS SageMaker Models for detailed information about each model, including its name, ARN, creation time, execution role, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - enable_network_isolation - from - aws_sagemaker_model; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker diff --git a/queries/aws_sagemaker_model_2.yaml.bak b/queries/aws_sagemaker_model_2.yaml.bak deleted file mode 100755 index 3be4922e6..000000000 --- a/queries/aws_sagemaker_model_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_sagemaker_model_2 -Title: "List AWS SageMaker Models with Detailed Information" -Description: "Allows users to query AWS SageMaker Models for detailed information about each model, including its name, ARN, creation time, execution role, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - enable_network_isolation - from - aws_sagemaker_model - where - enable_network_isolation; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker diff --git a/queries/aws_sagemaker_notebook_instance_1.yaml.bak b/queries/aws_sagemaker_notebook_instance_1.yaml.bak deleted file mode 100755 index cfe705620..000000000 --- a/queries/aws_sagemaker_notebook_instance_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_sagemaker_notebook_instance_1 -Title: "Find all AWS SageMaker Notebook Instances Configuration" -Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - instance_type, - notebook_instance_status - from - aws_sagemaker_notebook_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker diff --git a/queries/aws_sagemaker_notebook_instance_2.yaml.bak b/queries/aws_sagemaker_notebook_instance_2.yaml.bak deleted file mode 100755 index 38a8dae74..000000000 --- a/queries/aws_sagemaker_notebook_instance_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_sagemaker_notebook_instance_2 -Title: "List all AWS SageMaker Notebook Instance details" -Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - kms_key_id - from - aws_sagemaker_notebook_instance - where - kms_key_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS SageMaker diff --git a/queries/aws_sagemaker_notebook_instance_3.yaml.bak b/queries/aws_sagemaker_notebook_instance_3.yaml.bak deleted file mode 100755 index a4a9e603f..000000000 --- a/queries/aws_sagemaker_notebook_instance_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_sagemaker_notebook_instance_3 -Title: "List all AWS SageMaker Notebook Instances Configuration" -Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - direct_internet_access - from - aws_sagemaker_notebook_instance - where - direct_internet_access = 'Disabled'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker diff --git a/queries/aws_sagemaker_notebook_instance_4.yaml.bak b/queries/aws_sagemaker_notebook_instance_4.yaml.bak deleted file mode 100755 index b60c1d8e1..000000000 --- a/queries/aws_sagemaker_notebook_instance_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_sagemaker_notebook_instance_4 -Title: "Find AWS SageMaker Notebook Instances by Configuration" -Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - root_access - from - aws_sagemaker_notebook_instance - where - root_access = 'Enabled'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker diff --git a/queries/aws_sagemaker_training_job_1.yaml.bak b/queries/aws_sagemaker_training_job_1.yaml.bak deleted file mode 100755 index 2234ad90e..000000000 --- a/queries/aws_sagemaker_training_job_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_sagemaker_training_job_1 -Title: "List all AWS SageMaker Training Jobs using SQL" -Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - training_job_status, - creation_time, - last_modified_time - from - aws_sagemaker_training_job; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker diff --git a/queries/aws_sagemaker_training_job_2.yaml.bak b/queries/aws_sagemaker_training_job_2.yaml.bak deleted file mode 100755 index 4cd8dd68a..000000000 --- a/queries/aws_sagemaker_training_job_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_sagemaker_training_job_2 -Title: "List AWS SageMaker Training Jobs via SQL" -Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - resource_config ->> 'InstanceType' as instance_type, - resource_config ->> 'InstanceCount' as instance_count, - resource_config ->> 'VolumeKmsKeyId' as volume_kms_id, - resource_config ->> 'VolumeSizeInGB' as volume_size - from - aws_sagemaker_training_job; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker diff --git a/queries/aws_sagemaker_training_job_3.yaml.bak b/queries/aws_sagemaker_training_job_3.yaml.bak deleted file mode 100755 index 3f71ce365..000000000 --- a/queries/aws_sagemaker_training_job_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_sagemaker_training_job_3 -Title: "Find AWS SageMaker Training Jobs with Status Failed" -Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - training_job_status, - failure_reason - from - aws_sagemaker_training_job - where - training_job_status = 'Failed'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker diff --git a/queries/aws_sagemaker_training_job_3.yaml.bak.bak b/queries/aws_sagemaker_training_job_3.yaml.bak.bak deleted file mode 100755 index 6dba51163..000000000 --- a/queries/aws_sagemaker_training_job_3.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_sagemaker_training_job_3 -Title: "Find AWS SageMaker Training Jobs with Status Failed" -Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - training_job_status, - failure_reason - from - aws_sagemaker_training_job - where - training_job_status = 'Failed'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SageMaker diff --git a/queries/aws_secretsmanager_secret_1.yaml.bak b/queries/aws_secretsmanager_secret_1.yaml.bak deleted file mode 100755 index abd48d10c..000000000 --- a/queries/aws_secretsmanager_secret_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_secretsmanager_secret_1 -Title: "List AWS Secrets Manager Secret Data and Metadata" -Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_date, - description, - last_accessed_date - from - aws_secretsmanager_secret; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Secrets Manager diff --git a/queries/aws_secretsmanager_secret_2.yaml.bak b/queries/aws_secretsmanager_secret_2.yaml.bak deleted file mode 100755 index 304786736..000000000 --- a/queries/aws_secretsmanager_secret_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_secretsmanager_secret_2 -Title: "List AWS Secrets Manager Secret Data Including Metadata" -Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_date, - description, - rotation_enabled - from - aws_secretsmanager_secret - where - not rotation_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Secrets Manager diff --git a/queries/aws_secretsmanager_secret_3.yaml.bak b/queries/aws_secretsmanager_secret_3.yaml.bak deleted file mode 100755 index 561c35543..000000000 --- a/queries/aws_secretsmanager_secret_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_secretsmanager_secret_3 -Title: "Find AWS Secrets Manager Secret Data and Metadata" -Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_date, - description, - rotation_enabled, - rotation_rules - from - aws_secretsmanager_secret - where - rotation_rules -> 'AutomaticallyAfterDays' > '7'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Secrets Manager diff --git a/queries/aws_secretsmanager_secret_4.yaml.bak b/queries/aws_secretsmanager_secret_4.yaml.bak deleted file mode 100755 index 9b60a6717..000000000 --- a/queries/aws_secretsmanager_secret_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_secretsmanager_secret_4 -Title: "Find AWS Secrets Manager Secret Data" -Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_date, - description, - replication_status - from - aws_secretsmanager_secret - where - replication_status is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Secrets Manager diff --git a/queries/aws_secretsmanager_secret_5.yaml.bak b/queries/aws_secretsmanager_secret_5.yaml.bak deleted file mode 100755 index 5fed72f30..000000000 --- a/queries/aws_secretsmanager_secret_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_secretsmanager_secret_5 -Title: "List AWS Secrets Manager Secret Data and Configuration" -Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_secretsmanager_secret; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Secrets Manager diff --git a/queries/aws_securityhub_action_target_1.yaml.bak b/queries/aws_securityhub_action_target_1.yaml.bak deleted file mode 100755 index d5d4f0344..000000000 --- a/queries/aws_securityhub_action_target_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_securityhub_action_target_1 -Title: "List AWS Security Hub Action Targets" -Description: "Allows users to query AWS Security Hub Action Targets, providing detailed information about each action target within AWS Security Hub, including its ARN, name, and description." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - region - from - aws_securityhub_action_target; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_action_target_2.yaml.bak b/queries/aws_securityhub_action_target_2.yaml.bak deleted file mode 100755 index 3de580b33..000000000 --- a/queries/aws_securityhub_action_target_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_securityhub_action_target_2 -Title: "List AWS Security Hub Action Targets with Details" -Description: "Allows users to query AWS Security Hub Action Targets, providing detailed information about each action target within AWS Security Hub, including its ARN, name, and description." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - region - from - aws_securityhub_action_target - where - arn = 'arn:aws:securityhub:ap-south-1:*****:action/custom/test'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_enabled_product_subscription_1.yaml.bak b/queries/aws_securityhub_enabled_product_subscription_1.yaml.bak deleted file mode 100755 index 6ea9a8ff2..000000000 --- a/queries/aws_securityhub_enabled_product_subscription_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_securityhub_enabled_product_subscription_1 -Title: "Find AWS Security Hub Enabled Product Subscriptions" -Description: "Allows users to query details of enabled product subscriptions in AWS Security Hub, providing insights into their activation, integration types, and company information." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - title, - akas - from - aws_securityhub_enabled_product_subscription; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_enabled_product_subscription_1.yaml.bak.bak b/queries/aws_securityhub_enabled_product_subscription_1.yaml.bak.bak deleted file mode 100755 index 6ea9a8ff2..000000000 --- a/queries/aws_securityhub_enabled_product_subscription_1.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_securityhub_enabled_product_subscription_1 -Title: "Find AWS Security Hub Enabled Product Subscriptions" -Description: "Allows users to query details of enabled product subscriptions in AWS Security Hub, providing insights into their activation, integration types, and company information." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - title, - akas - from - aws_securityhub_enabled_product_subscription; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_enabled_product_subscription_2.yaml.bak b/queries/aws_securityhub_enabled_product_subscription_2.yaml.bak deleted file mode 100755 index afdf09e20..000000000 --- a/queries/aws_securityhub_enabled_product_subscription_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_securityhub_enabled_product_subscription_2 -Title: "Query AWS Security Hub Enabled Product Subscriptions" -Description: "Allows users to query details of enabled product subscriptions in AWS Security Hub, providing insights into their activation, integration types, and company information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.arn as subscription_arn, - p.product_arn, - p.name as product_name, - p.company_name as product_company_name, - p.marketplace_url, - p.integration_types - from - aws_securityhub_enabled_product_subscription as s, - aws_securityhub_product as p, - jsonb_array_elements(p.product_subscription_resource_policy -> 'Statement') as m - where - (m ->> 'Resource') = s.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_1.yaml.bak b/queries/aws_securityhub_finding_1.yaml.bak deleted file mode 100755 index 76d50f3c0..000000000 --- a/queries/aws_securityhub_finding_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_securityhub_finding_1 -Title: "Find AWS Security Hub Findings: Details and Remediation" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - company_name, - created_at, - criticality, - confidence - from - aws_securityhub_finding; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Hub diff --git a/queries/aws_securityhub_finding_10.yaml.bak b/queries/aws_securityhub_finding_10.yaml.bak deleted file mode 100755 index 8b1b3a82a..000000000 --- a/queries/aws_securityhub_finding_10.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_securityhub_finding_10 -Title: "Find all AWS Security Hub Findings with Status Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - product_arn, - product_name, - workflow_status - from - aws_securityhub_finding - where - workflow_status = 'NOTIFIED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Hub diff --git a/queries/aws_securityhub_finding_10.yaml.bak.bak b/queries/aws_securityhub_finding_10.yaml.bak.bak deleted file mode 100755 index 8b1b3a82a..000000000 --- a/queries/aws_securityhub_finding_10.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_securityhub_finding_10 -Title: "Find all AWS Security Hub Findings with Status Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - product_arn, - product_name, - workflow_status - from - aws_securityhub_finding - where - workflow_status = 'NOTIFIED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Hub diff --git a/queries/aws_securityhub_finding_11.yaml.bak b/queries/aws_securityhub_finding_11.yaml.bak deleted file mode 100755 index 6b45e9a14..000000000 --- a/queries/aws_securityhub_finding_11.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_securityhub_finding_11 -Title: "Find AWS EC2 Security Issues with Severity and Status" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - network ->> 'DestinationDomain' as network_destination_domain, - network ->> 'DestinationIpV4' as network_destination_ip_v4, - network ->> 'DestinationIpV6' as network_destination_ip_v6, - network ->> 'DestinationPort' as network_destination_port, - network ->> 'Protocol' as network_protocol, - network ->> 'SourceIpV4' as network_source_ip_v4, - network ->> 'SourceIpV6' as network_source_ip_v6, - network ->> 'SourcePort' as network_source_port - from - aws_securityhub_finding - where - title = 'EC2 instance involved in SSH brute force attacks.'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_12.yaml.bak b/queries/aws_securityhub_finding_12.yaml.bak deleted file mode 100755 index 3c8c46943..000000000 --- a/queries/aws_securityhub_finding_12.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: aws_securityhub_finding_12 -Title: "List AWS Security Hub Findings with Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - patch_summary ->> 'Id' as patch_id, - patch_summary ->> 'FailedCount' as failed_count, - patch_summary ->> 'InstalledCount' as installed_count, - patch_summary ->> 'InstalledOtherCount' as installed_other_count, - patch_summary ->> 'InstalledPendingReboot' as installed_pending_reboot, - patch_summary ->> 'InstalledRejectedCount' as installed_rejected_count, - patch_summary ->> 'MissingCount' as missing_count, - patch_summary ->> 'Operation' as operation, - patch_summary ->> 'OperationEndTime' as operation_end_time, - patch_summary ->> 'OperationStartTime' as operation_start_time, - patch_summary ->> 'RebootOption' as reboot_option - from - aws_securityhub_finding - where - title = 'EC2 instance involved in SSH brute force attacks.'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_13.yaml.bak b/queries/aws_securityhub_finding_13.yaml.bak deleted file mode 100755 index 3596cf97a..000000000 --- a/queries/aws_securityhub_finding_13.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_securityhub_finding_13 -Title: "Find AWS Security Hub Findings and their Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - v ->> 'Id' as vulnerabilitie_id, - v -> 'Vendor' ->> 'Name' as vendor_name, - v -> 'Vendor' ->> 'Url' as vendor_url, - v -> 'Vendor' ->> 'VendorCreatedAt' as vendor_created_at, - v -> 'Vendor' ->> 'VendorSeverity' as vendor_severity, - v -> 'Vendor' ->> 'VendorUpdatedAt' as vendor_updated_at, - v ->> 'Cvss' as cvss, - v ->> 'ReferenceUrls' as reference_urls, - v ->> 'RelatedVulnerabilities' as related_vulnerabilities, - v ->> 'VulnerablePackages' as vulnerable_packages - from - aws_securityhub_finding, - jsonb_array_elements(vulnerabilities) as v - where - title = 'EC2 instance involved in SSH brute force attacks.'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_14.yaml.bak b/queries/aws_securityhub_finding_14.yaml.bak deleted file mode 100755 index fe7b3bc06..000000000 --- a/queries/aws_securityhub_finding_14.yaml.bak +++ /dev/null @@ -1,43 +0,0 @@ -ID: aws_securityhub_finding_14 -Title: "Find all AWS Security Hub Findings and Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct i.instance_id, - i.instance_state, - i.instance_type, - f.title, - f.compliance_status, - f.severity ->> 'Original' as severity_original - from - aws_ec2_instance as i, - aws_securityhub_finding as f, - jsonb_array_elements(resources) as r - where - compliance_status = 'FAILED' - and - r ->> 'Type' = 'AwsEc2Instance' - and - i.arn = r ->> 'Id'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_15.yaml.bak b/queries/aws_securityhub_finding_15.yaml.bak deleted file mode 100755 index 8c10c6781..000000000 --- a/queries/aws_securityhub_finding_15.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_securityhub_finding_15 -Title: "List AWS Security Hub Findings by Resource Type" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r ->> 'Type' as resource_type, - count(r ->> 'Type') - from - aws_securityhub_finding, - jsonb_array_elements(resources) as r - group by - r ->> 'Type' - order by - count desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_16.yaml.bak b/queries/aws_securityhub_finding_16.yaml.bak deleted file mode 100755 index 1fabdbfc8..000000000 --- a/queries/aws_securityhub_finding_16.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_securityhub_finding_16 -Title: "Find AWS Security Hub Findings Details Including Severity" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - company_name, - created_at, - criticality, - confidence - from - aws_securityhub_finding - where - standards_control_arn like '%cis-aws-foundations-benchmark%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_17.yaml.bak b/queries/aws_securityhub_finding_17.yaml.bak deleted file mode 100755 index 379b6474d..000000000 --- a/queries/aws_securityhub_finding_17.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_securityhub_finding_17 -Title: "Find AWS Security Hub Findings and Severity Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.title, - f.id, - f.company_name, - f.created_at, - f.criticality, - f.confidence - from - aws_securityhub_finding as f, - aws_securityhub_standards_control as c - where - c.arn = f.standards_control_arn - and - c.control_id = 'Config.1'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_18.yaml.bak b/queries/aws_securityhub_finding_18.yaml.bak deleted file mode 100755 index 73d906f92..000000000 --- a/queries/aws_securityhub_finding_18.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_securityhub_finding_18 -Title: "List all AWS Security Hub Findings for Compliance Failures" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct r ->> 'Id' as resource_arn, - r ->> 'Type' as resource_type, - f.title, - f.compliance_status, - f.severity ->> 'Original' as severity_original - from - aws_securityhub_finding as f, - jsonb_array_elements(resources) as r - where - f.compliance_status = 'FAILED' - and - standards_control_arn like '%cis-aws-foundations-benchmark%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_19.yaml.bak b/queries/aws_securityhub_finding_19.yaml.bak deleted file mode 100755 index 33db1cdd6..000000000 --- a/queries/aws_securityhub_finding_19.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_securityhub_finding_19 -Title: "Find AWS Security Hub Findings in Production Environment" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct r ->> 'Id' as resource_arn, - r ->> 'Type' as resource_type, - f.title, - f.compliance_status, - f.severity ->> 'Original' as severity_original - from - aws_securityhub_finding as f, - jsonb_array_elements(resources) as r - where - r -> 'Tags' ->> 'Environment' = 'PROD'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_2.yaml.bak b/queries/aws_securityhub_finding_2.yaml.bak deleted file mode 100755 index 2e730f14c..000000000 --- a/queries/aws_securityhub_finding_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_securityhub_finding_2 -Title: "List AWS Security Hub Findings by Severity" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - product_arn, - product_name, - severity ->> 'Original' as severity_original - from - aws_securityhub_finding - where - severity ->> 'Original' = 'HIGH'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Hub diff --git a/queries/aws_securityhub_finding_20.yaml.bak b/queries/aws_securityhub_finding_20.yaml.bak deleted file mode 100755 index 16b93eec9..000000000 --- a/queries/aws_securityhub_finding_20.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_securityhub_finding_20 -Title: "List all Security Hub findings with environment tags" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r -> 'Tags' ->> 'Environment' as environment, - count(r ->> 'Tags') - from - aws_securityhub_finding as f, - jsonb_array_elements(resources) as r - group by - r -> 'Tags' ->> 'Environment' - order by - count desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Hub diff --git a/queries/aws_securityhub_finding_21.yaml.bak b/queries/aws_securityhub_finding_21.yaml.bak deleted file mode 100755 index c6a0ec7eb..000000000 --- a/queries/aws_securityhub_finding_21.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_securityhub_finding_21 -Title: "Find AWS Security Hub Findings with Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - f.severity ->> 'Original' as severity, - r ->> 'Type' as resource_type, - source_account_id - from - aws_securityhub_finding as f, - jsonb_array_elements(resources) r - where - source_account_id = '0123456789012'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Hub diff --git a/queries/aws_securityhub_finding_22.yaml.bak b/queries/aws_securityhub_finding_22.yaml.bak deleted file mode 100755 index d126f6fa2..000000000 --- a/queries/aws_securityhub_finding_22.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securityhub_finding_22 -Title: "Find all Security Hub Findings and Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - count(*) as finding_count - from - aws_securityhub_finding - group by - source_account_id - order by - source_account_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_3.yaml.bak b/queries/aws_securityhub_finding_3.yaml.bak deleted file mode 100755 index 886d090b1..000000000 --- a/queries/aws_securityhub_finding_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securityhub_finding_3 -Title: "List all AWS Security Hub Findings and Severity" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - severity ->> 'Original' as severity_original, - count(severity ->> 'Original') - from - aws_securityhub_finding - group by - severity ->> 'Original' - order by - severity ->> 'Original'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_4.yaml.bak b/queries/aws_securityhub_finding_4.yaml.bak deleted file mode 100755 index 77f32a37e..000000000 --- a/queries/aws_securityhub_finding_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_securityhub_finding_4 -Title: "Find AWS Security Hub Findings with Failed Status" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - product_arn, - product_name, - compliance ->> 'Status' as compliance_status, - compliance ->> 'StatusReasons' as compliance_status_reasons - from - aws_securityhub_finding - where - compliance ->> 'Status' = 'FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_5.yaml.bak b/queries/aws_securityhub_finding_5.yaml.bak deleted file mode 100755 index 8ab9e93f0..000000000 --- a/queries/aws_securityhub_finding_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securityhub_finding_5 -Title: "Find all AWS Security Hub Findings with SQL" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - product_arn, - product_name, - malware - from - aws_securityhub_finding - where - malware is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Hub diff --git a/queries/aws_securityhub_finding_6.yaml.bak b/queries/aws_securityhub_finding_6.yaml.bak deleted file mode 100755 index 763bdf663..000000000 --- a/queries/aws_securityhub_finding_6.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_securityhub_finding_6 -Title: "List AWS Security Hub Findings for Critical Issues" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - product_arn, - product_name, - severity ->> 'Original' as severity_original - from - aws_securityhub_finding - where - severity ->> 'Original' = 'CRITICAL' - and - created_at >= now() - interval '10' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_7.yaml.bak b/queries/aws_securityhub_finding_7.yaml.bak deleted file mode 100755 index d6ecee3ed..000000000 --- a/queries/aws_securityhub_finding_7.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securityhub_finding_7 -Title: "Find all AWS Security Hub Findings with SQL" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - product_arn, - product_name, - criticality - from - aws_securityhub_finding - order by - criticality desc nulls last; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Hub diff --git a/queries/aws_securityhub_finding_8.yaml.bak b/queries/aws_securityhub_finding_8.yaml.bak deleted file mode 100755 index 0606f4342..000000000 --- a/queries/aws_securityhub_finding_8.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_securityhub_finding_8 -Title: "Find all AWS Security Hub Findings with Issues" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - product_arn, - product_name, - company_name - from - aws_securityhub_finding - where - company_name = 'Turbot'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_9.yaml.bak b/queries/aws_securityhub_finding_9.yaml.bak deleted file mode 100755 index 07243b6c4..000000000 --- a/queries/aws_securityhub_finding_9.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securityhub_finding_9 -Title: "Find all Security Hub Findings within AWS Resources" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - product_arn, - product_name, - updated_at - from - aws_securityhub_finding - where - updated_at >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_finding_aggregator_1.yaml.bak b/queries/aws_securityhub_finding_aggregator_1.yaml.bak deleted file mode 100755 index 9c69ef0da..000000000 --- a/queries/aws_securityhub_finding_aggregator_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_securityhub_finding_aggregator_1 -Title: "List all findings in AWS Security Hub Aggregator" -Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - finding_aggregation_region, - region_linking_mode - from - aws_securityhub_finding_aggregator; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Hub diff --git a/queries/aws_securityhub_finding_aggregator_2.yaml.bak b/queries/aws_securityhub_finding_aggregator_2.yaml.bak deleted file mode 100755 index c9fce1060..000000000 --- a/queries/aws_securityhub_finding_aggregator_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_securityhub_finding_aggregator_2 -Title: "Find information in AWS Security Hub Finding Aggregator" -Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - finding_aggregation_region, - region_linking_mode - from - aws_securityhub_finding_aggregator - where - region_linking_mode = 'ALL_REGIONS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub Finding Aggregator diff --git a/queries/aws_securityhub_finding_aggregator_3.yaml.bak b/queries/aws_securityhub_finding_aggregator_3.yaml.bak deleted file mode 100755 index d38ea238c..000000000 --- a/queries/aws_securityhub_finding_aggregator_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securityhub_finding_aggregator_3 -Title: "Find Info About AWS Security Hub Finding Aggregator" -Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region_linking_mode, - r as linked_region - from - aws_securityhub_finding_aggregator, - jsonb_array_elements_text(regions) as r - where - region_linking_mode = 'SPECIFIED_REGIONS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Hub diff --git a/queries/aws_securityhub_finding_aggregator_4.yaml.bak b/queries/aws_securityhub_finding_aggregator_4.yaml.bak deleted file mode 100755 index 60240ca14..000000000 --- a/queries/aws_securityhub_finding_aggregator_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_securityhub_finding_aggregator_4 -Title: "Find Security Hub Findings Aggregator Details in AWS" -Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - a.name as linked_region - from - aws_securityhub_finding_aggregator as f, - aws_region as a, - jsonb_array_elements_text(f.regions) as r - where - region_linking_mode = 'ALL_REGIONS_EXCEPT_SPECIFIED' - and - a.name <> r; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_hub_1.yaml.bak b/queries/aws_securityhub_hub_1.yaml.bak deleted file mode 100755 index 17deb09fd..000000000 --- a/queries/aws_securityhub_hub_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_securityhub_hub_1 -Title: "Find AWS Security Hub Resources Information" -Description: "Allows users to query Security Hub to retrieve information about the Hub resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - hub_arn, - auto_enable_controls, - subscribed_at, - region - from - aws_securityhub_hub; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_hub_2.yaml.bak b/queries/aws_securityhub_hub_2.yaml.bak deleted file mode 100755 index 79ce9f876..000000000 --- a/queries/aws_securityhub_hub_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_securityhub_hub_2 -Title: "List all Hub resources from AWS Security Hub" -Description: "Allows users to query Security Hub to retrieve information about the Hub resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - hub_arn, - auto_enable_controls - from - aws_securityhub_hub - where - not auto_enable_controls; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_hub_3.yaml.bak b/queries/aws_securityhub_hub_3.yaml.bak deleted file mode 100755 index db15fd0d4..000000000 --- a/queries/aws_securityhub_hub_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securityhub_hub_3 -Title: "Find Administrator Account Info in AWS Security Hub" -Description: "Allows users to query Security Hub to retrieve information about the Hub resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - hub_arn, - auto_enable_controls, - administrator_account ->> 'AccountId' as administrator_account_id, - administrator_account ->> 'InvitationId' as administrator_invitation_id, - administrator_account ->> 'InvitedAt' as administrator_invitation_time, - administrator_account ->> 'MemberStatus' as administrator_status - from - aws_securityhub_hub - where - administrator_account is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_hub_3.yaml.bak.bak b/queries/aws_securityhub_hub_3.yaml.bak.bak deleted file mode 100755 index db15fd0d4..000000000 --- a/queries/aws_securityhub_hub_3.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securityhub_hub_3 -Title: "Find Administrator Account Info in AWS Security Hub" -Description: "Allows users to query Security Hub to retrieve information about the Hub resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - hub_arn, - auto_enable_controls, - administrator_account ->> 'AccountId' as administrator_account_id, - administrator_account ->> 'InvitationId' as administrator_invitation_id, - administrator_account ->> 'InvitedAt' as administrator_invitation_time, - administrator_account ->> 'MemberStatus' as administrator_status - from - aws_securityhub_hub - where - administrator_account is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_insight_1.yaml.bak b/queries/aws_securityhub_insight_1.yaml.bak deleted file mode 100755 index a33182783..000000000 --- a/queries/aws_securityhub_insight_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_securityhub_insight_1 -Title: "Find Insights in AWS Security Hub with SQL" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - group_by_attribute, - region - from - aws_securityhub_insight; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_insight_10.yaml.bak b/queries/aws_securityhub_insight_10.yaml.bak deleted file mode 100755 index da52ee9ba..000000000 --- a/queries/aws_securityhub_insight_10.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_securityhub_insight_10 -Title: "Find AWS Security Hub Insights Details Using SQL" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'RecordState' as record_state - from - aws_securityhub_insight - where - name = 'sp'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_insight_2.yaml.bak b/queries/aws_securityhub_insight_2.yaml.bak deleted file mode 100755 index ad0a5f6fd..000000000 --- a/queries/aws_securityhub_insight_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securityhub_insight_2 -Title: "List all AWS Security Hub Insights with Details" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - group_by_attribute, - region - from - aws_securityhub_insight - where - group_by_attribute = 'ResourceId'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_insight_3.yaml.bak b/queries/aws_securityhub_insight_3.yaml.bak deleted file mode 100755 index 9ec6344c5..000000000 --- a/queries/aws_securityhub_insight_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_securityhub_insight_3 -Title: "Find AWS Security Hub Insights Details using SQL" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'WorkflowStatus' as workflow_status - from - aws_securityhub_insight; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_insight_4.yaml.bak b/queries/aws_securityhub_insight_4.yaml.bak deleted file mode 100755 index 4878b0f8e..000000000 --- a/queries/aws_securityhub_insight_4.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_securityhub_insight_4 -Title: "Find AWS Security Hub Insights with Severity Filters" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'SeverityLabel' as severity_label - from - aws_securityhub_insight; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_insight_5.yaml.bak b/queries/aws_securityhub_insight_5.yaml.bak deleted file mode 100755 index 243d74602..000000000 --- a/queries/aws_securityhub_insight_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_securityhub_insight_5 -Title: "Find AWS Security Hub Insights with Critical Severity" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'SeverityLabel' as severity - from - aws_securityhub_insight - where - filters ->> 'SeverityLabel' = '{"Comparison": "EQUALS", "Value": "CRITICAL"}' - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_insight_6.yaml.bak b/queries/aws_securityhub_insight_6.yaml.bak deleted file mode 100755 index 798bf13f6..000000000 --- a/queries/aws_securityhub_insight_6.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_securityhub_insight_6 -Title: "List all AWS Security Hub Insights with Filters and Grouping" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'ThreatIntelIndicatorType' as threat_intelligence_details - from - aws_securityhub_insight - where - filters ->> 'ThreatIntelIndicatorType' = '{"Comparison": "EQUALS", "Value": "IPV4_ADDRESS"}' - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Hub diff --git a/queries/aws_securityhub_insight_7.yaml.bak b/queries/aws_securityhub_insight_7.yaml.bak deleted file mode 100755 index 2f02e404f..000000000 --- a/queries/aws_securityhub_insight_7.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_securityhub_insight_7 -Title: "Find All AWS Security Hub Insights with SQL Query" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'ComplianceStatus' as compliance_status - from - aws_securityhub_insight - where - filters ->> 'ComplianceStatus' = '{"Comparison": "EQUALS", "Value": "FAILED"}' - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_insight_8.yaml.bak b/queries/aws_securityhub_insight_8.yaml.bak deleted file mode 100755 index ae6a8a443..000000000 --- a/queries/aws_securityhub_insight_8.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_securityhub_insight_8 -Title: "List all AWS Security Hub Insights with Details" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'MalwareName' as malware_name, - filters ->> 'MalwarePath' as malware_path, - filters ->> 'MalwareType' as malware_type - from - aws_securityhub_insight; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_insight_9.yaml.bak b/queries/aws_securityhub_insight_9.yaml.bak deleted file mode 100755 index 1a9277117..000000000 --- a/queries/aws_securityhub_insight_9.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_securityhub_insight_9 -Title: "Find AWS Security Hub Insights and Network Attributes" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'NetworkSourceDomain' as network_source_domain, - filters ->> 'NetworkDestinationDomain' as network_destination_domain, - filters ->> 'NetworkSourceIpV4' as network_source_ip_v4, - filters ->> 'NetworkDestinationIpV4' as network_destination_ip_v4, - filters ->> 'NetworkSourceIpV6' as network_source_ip_v6, - filters ->> 'NetworkDestinationIpV6' as network_destination_ip_v6, - filters ->> 'NetworkSourcePort' as network_source_port, - filters ->> 'NetworkDestinationPort' as network_destination_port - from - aws_securityhub_insight; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_member_1.yaml.bak b/queries/aws_securityhub_member_1.yaml.bak deleted file mode 100755 index 9b2d37cf3..000000000 --- a/queries/aws_securityhub_member_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_securityhub_member_1 -Title: "Find AWS Security Hub Members for Detailed Information" -Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - email, - administrator_id, - member_status, - updated_at - from - aws_securityhub_member; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_member_2.yaml.bak b/queries/aws_securityhub_member_2.yaml.bak deleted file mode 100755 index 72111d1cf..000000000 --- a/queries/aws_securityhub_member_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_securityhub_member_2 -Title: "Find AWS Security Hub Members with Detailed Info" -Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - email, - administrator_id, - member_status, - updated_at, - invited_at - from - aws_securityhub_member - where - member_status = 'Enabled'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_member_3.yaml.bak b/queries/aws_securityhub_member_3.yaml.bak deleted file mode 100755 index 9b40f6160..000000000 --- a/queries/aws_securityhub_member_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_securityhub_member_3 -Title: "List all AWS Security Hub Members with Detailed Information" -Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - email, - administrator_id, - member_status, - updated_at - from - aws_securityhub_member - where - member_status = 'Created'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_member_4.yaml.bak b/queries/aws_securityhub_member_4.yaml.bak deleted file mode 100755 index 92ad84656..000000000 --- a/queries/aws_securityhub_member_4.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_securityhub_member_4 -Title: "List all AWS Security Hub Members with details" -Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - email, - administrator_id, - member_status, - updated_at, - invited_at - from - aws_securityhub_member - where - member_status = 'Enabled' - and - invited_at <= (now() - interval '10' day); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_product_1.yaml.bak b/queries/aws_securityhub_product_1.yaml.bak deleted file mode 100755 index 64d4c557b..000000000 --- a/queries/aws_securityhub_product_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_securityhub_product_1 -Title: "Find AWS Security Hub Product Details for Security Insights" -Description: "Allows users to query AWS Security Hub Product details for comprehensive security and compliance insights." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - product_arn, - company_name, - description - from - aws_securityhub_product; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_product_2.yaml.bak b/queries/aws_securityhub_product_2.yaml.bak deleted file mode 100755 index 78652e9e4..000000000 --- a/queries/aws_securityhub_product_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_securityhub_product_2 -Title: "Find AWS Security Hub Product Details" -Description: "Allows users to query AWS Security Hub Product details for comprehensive security and compliance insights." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - company_name, - description - from - aws_securityhub_product - where - company_name = 'AWS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_product_3.yaml.bak b/queries/aws_securityhub_product_3.yaml.bak deleted file mode 100755 index cefb7b540..000000000 --- a/queries/aws_securityhub_product_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securityhub_product_3 -Title: "Find AWS Security Hub Products for Security Insights" -Description: "Allows users to query AWS Security Hub Product details for comprehensive security and compliance insights." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - product_arn, - company_name - from - aws_securityhub_product, - jsonb_array_elements_text(integration_types) as i - where - i = 'SEND_FINDINGS_TO_SECURITY_HUB'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_standards_control_1.yaml.bak b/queries/aws_securityhub_standards_control_1.yaml.bak deleted file mode 100755 index b78b44cd9..000000000 --- a/queries/aws_securityhub_standards_control_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_securityhub_standards_control_1 -Title: "Find AWS Security Hub Standards Control Data" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - control_id, - control_status, - severity_rating - from - aws_securityhub_standards_control; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_standards_control_2.yaml.bak b/queries/aws_securityhub_standards_control_2.yaml.bak deleted file mode 100755 index 305a23432..000000000 --- a/queries/aws_securityhub_standards_control_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_securityhub_standards_control_2 -Title: "List details of AWS Security Hub Standards Controls" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - control_id, - control_status, - severity_rating - from - aws_securityhub_standards_control - where - control_status = 'DISABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub Standards Control diff --git a/queries/aws_securityhub_standards_control_3.yaml.bak b/queries/aws_securityhub_standards_control_3.yaml.bak deleted file mode 100755 index 73a6925a5..000000000 --- a/queries/aws_securityhub_standards_control_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_securityhub_standards_control_3 -Title: "List AWS Security Hub Standards Control Data Details" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - severity_rating, - count(severity_rating) - from - aws_securityhub_standards_control - group by - severity_rating - order by - severity_rating; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_standards_control_4.yaml.bak b/queries/aws_securityhub_standards_control_4.yaml.bak deleted file mode 100755 index 04aa953b8..000000000 --- a/queries/aws_securityhub_standards_control_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_securityhub_standards_control_4 -Title: "Find AWS Security Hub Standards Control with High Severity" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - control_id, - control_status, - severity_rating - from - aws_securityhub_standards_control - where - severity_rating = 'HIGH'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_standards_control_5.yaml.bak b/queries/aws_securityhub_standards_control_5.yaml.bak deleted file mode 100755 index d7de56f4d..000000000 --- a/queries/aws_securityhub_standards_control_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_securityhub_standards_control_5 -Title: "Find details of AWS Security Hub Standards Control" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - control_id, - control_status, - severity_rating - from - aws_securityhub_standards_control - where - control_status_updated_at >= (now() - interval '30' day); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_standards_control_6.yaml.bak b/queries/aws_securityhub_standards_control_6.yaml.bak deleted file mode 100755 index 4f00d2c6f..000000000 --- a/queries/aws_securityhub_standards_control_6.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securityhub_standards_control_6 -Title: "List AWS Security Hub Standards Control Data" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - control_id, - control_status, - severity_rating - from - aws_securityhub_standards_control - where - severity_rating = 'CRITICAL' - and arn like '%cis-aws-foundations-benchmark%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Hub diff --git a/queries/aws_securityhub_standards_control_7.yaml.bak b/queries/aws_securityhub_standards_control_7.yaml.bak deleted file mode 100755 index 406c11036..000000000 --- a/queries/aws_securityhub_standards_control_7.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_securityhub_standards_control_7 -Title: "Find AWS Security Hub Standards Control Details" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - control_id, - r as related_requirements - from - aws_securityhub_standards_control, - jsonb_array_elements_text(related_requirements) as r - where - control_id like '%S3%' - group by - control_id, r - order by - control_id, r; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_standards_control_8.yaml.bak b/queries/aws_securityhub_standards_control_8.yaml.bak deleted file mode 100755 index 5a996a411..000000000 --- a/queries/aws_securityhub_standards_control_8.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_securityhub_standards_control_8 -Title: "Find AWS Security Hub Standards Control Data" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r as related_requirements, - control_id - from - aws_securityhub_standards_control, - jsonb_array_elements_text(related_requirements) as r - where - r like '%PCI%' - group by - r, control_id - order by - r, control_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_standards_subscription_1.yaml.bak b/queries/aws_securityhub_standards_subscription_1.yaml.bak deleted file mode 100755 index 5fe676c04..000000000 --- a/queries/aws_securityhub_standards_subscription_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_securityhub_standards_subscription_1 -Title: "Find AWS Security Hub Standards Subscription Details" -Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - standards_arn, - description, - region - from - aws_securityhub_standards_subscription; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub Standards diff --git a/queries/aws_securityhub_standards_subscription_2.yaml.bak b/queries/aws_securityhub_standards_subscription_2.yaml.bak deleted file mode 100755 index 81c7b1afe..000000000 --- a/queries/aws_securityhub_standards_subscription_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_securityhub_standards_subscription_2 -Title: "List all AWS Security Hub Standards Subscriptions" -Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - standards_arn, - enabled_by_default - from - aws_securityhub_standards_subscription - where - enabled_by_default; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_standards_subscription_3.yaml.bak b/queries/aws_securityhub_standards_subscription_3.yaml.bak deleted file mode 100755 index c48ba225b..000000000 --- a/queries/aws_securityhub_standards_subscription_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_securityhub_standards_subscription_3 -Title: "Find AWS Security Hub Standard Subscriptions Details" -Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - standards_arn, - standards_subscription_arn, - standards_status, - standards_status_reason_code - from - aws_securityhub_standards_subscription - where - standards_status <> 'READY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Hub diff --git a/queries/aws_securityhub_standards_subscription_4.yaml.bak b/queries/aws_securityhub_standards_subscription_4.yaml.bak deleted file mode 100755 index a663b0cb1..000000000 --- a/queries/aws_securityhub_standards_subscription_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_securityhub_standards_subscription_4 -Title: "Find all AWS Security Hub Standards Subscriptions" -Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - standards_arn, - standards_managed_by ->> 'Company' as standards_managed_by_company - from - aws_securityhub_standards_subscription - where - standards_managed_by ->> 'Company' <> 'AWS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Hub diff --git a/queries/aws_securitylake_data_lake_1.yaml.bak b/queries/aws_securitylake_data_lake_1.yaml.bak deleted file mode 100755 index 0538eb103..000000000 --- a/queries/aws_securitylake_data_lake_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_securitylake_data_lake_1 -Title: "List all AWS Lake Formation Data Lakes Information" -Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - encryption_key, - replication_role_arn, - s3_bucket_arn, - status - from - aws_securitylake_data_lake; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Lake Formation diff --git a/queries/aws_securitylake_data_lake_2.yaml.bak b/queries/aws_securitylake_data_lake_2.yaml.bak deleted file mode 100755 index 3661dd949..000000000 --- a/queries/aws_securitylake_data_lake_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_securitylake_data_lake_2 -Title: "Find all AWS Lake Formation Data Lakes with Details" -Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct b.name as bucket_name, - l.s3_bucket_arn, - b.creation_date, - b.bucket_policy_is_public, - b.versioning_enabled, - b.block_public_acls - from - aws_securitylake_data_lake as l, - aws_s3_bucket as b - where - l.s3_bucket_arn = b.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Lake Formation diff --git a/queries/aws_securitylake_data_lake_3.yaml.bak b/queries/aws_securitylake_data_lake_3.yaml.bak deleted file mode 100755 index dddf0f568..000000000 --- a/queries/aws_securitylake_data_lake_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_securitylake_data_lake_3 -Title: "List AWS Lake Formation Data Lakes with Key Details" -Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - l.encryption_key, - l.replication_role_arn, - l.s3_bucket_arn, - l.status, - r ->> 'RetentionPeriod' as retention_period, - r ->> 'StorageClass' as storage_class - from - aws_securitylake_data_lake as l, - jsonb_array_elements(retention_settings) as r; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Lake Formation diff --git a/queries/aws_securitylake_data_lake_4.yaml.bak b/queries/aws_securitylake_data_lake_4.yaml.bak deleted file mode 100755 index 4156d3912..000000000 --- a/queries/aws_securitylake_data_lake_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securitylake_data_lake_4 -Title: "List all AWS Lake Formation Data Lakes and Details" -Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - encryption_key, - replication_role_arn, - s3_bucket_arn, - status - from - aws_securitylake_data_lake - where - status = 'PENDING'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Lake Formation diff --git a/queries/aws_securitylake_data_lake_4.yaml.bak.bak b/queries/aws_securitylake_data_lake_4.yaml.bak.bak deleted file mode 100755 index 4156d3912..000000000 --- a/queries/aws_securitylake_data_lake_4.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securitylake_data_lake_4 -Title: "List all AWS Lake Formation Data Lakes and Details" -Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - encryption_key, - replication_role_arn, - s3_bucket_arn, - status - from - aws_securitylake_data_lake - where - status = 'PENDING'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Lake Formation diff --git a/queries/aws_securitylake_subscriber_1.yaml.bak b/queries/aws_securitylake_subscriber_1.yaml.bak deleted file mode 100755 index 38589ca87..000000000 --- a/queries/aws_securitylake_subscriber_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_securitylake_subscriber_1 -Title: "List AWS Security Lake Subscriber Details" -Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subscriber_name, - subscription_id, - created_at, - role_arn, - s3_bucket_arn, - subscription_endpoint - from - aws_securitylake_subscriber; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Lake diff --git a/queries/aws_securitylake_subscriber_2.yaml.bak b/queries/aws_securitylake_subscriber_2.yaml.bak deleted file mode 100755 index f0d773703..000000000 --- a/queries/aws_securitylake_subscriber_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_securitylake_subscriber_2 -Title: "List all AWS Security Lake Subscriber details" -Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subscriber_name, - subscription_id, - created_at, - role_arn, - s3_bucket_arn, - subscription_endpoint - from - aws_securitylake_subscriber - where - created_at <= created_at - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Lake diff --git a/queries/aws_securitylake_subscriber_3.yaml.bak b/queries/aws_securitylake_subscriber_3.yaml.bak deleted file mode 100755 index c412eedf0..000000000 --- a/queries/aws_securitylake_subscriber_3.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_securitylake_subscriber_3 -Title: "List AWS Security Lake Subscriber Details and Roles" -Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.subscriber_name, - s.subscription_id, - r.arn, - r.inline_policies, - r.attached_policy_arns, - r.assume_role_policy - from - aws_securitylake_subscriber as s, - aws_iam_role as r - where - s.role_arn = r.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Lake diff --git a/queries/aws_securitylake_subscriber_4.yaml.bak b/queries/aws_securitylake_subscriber_4.yaml.bak deleted file mode 100755 index 575759d96..000000000 --- a/queries/aws_securitylake_subscriber_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_securitylake_subscriber_4 -Title: "Find all subscribers in AWS Security Lake with details" -Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.subscriber_name, - s.subscription_id, - b.arn, - b.event_notification_configuration, - b.server_side_encryption_configuration, - b.acl - from - aws_securitylake_subscriber as s, - aws_s3_bucket as b - where - s.s3_bucket_arn = b.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Lake diff --git a/queries/aws_securitylake_subscriber_4.yaml.bak.bak b/queries/aws_securitylake_subscriber_4.yaml.bak.bak deleted file mode 100755 index 575759d96..000000000 --- a/queries/aws_securitylake_subscriber_4.yaml.bak.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_securitylake_subscriber_4 -Title: "Find all subscribers in AWS Security Lake with details" -Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.subscriber_name, - s.subscription_id, - b.arn, - b.event_notification_configuration, - b.server_side_encryption_configuration, - b.acl - from - aws_securitylake_subscriber as s, - aws_s3_bucket as b - where - s.s3_bucket_arn = b.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Lake diff --git a/queries/aws_securitylake_subscriber_5.yaml.bak b/queries/aws_securitylake_subscriber_5.yaml.bak deleted file mode 100755 index b668cd344..000000000 --- a/queries/aws_securitylake_subscriber_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_securitylake_subscriber_5 -Title: "List all AWS Security Lake Subscriber Details" -Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subscriber_name, - created_at, - subscription_status, - s3_bucket_arn, - sns_arn - from - aws_securitylake_subscriber - where - subscription_status <> 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Lake diff --git a/queries/aws_serverlessapplicationrepository_application_1.yaml.bak b/queries/aws_serverlessapplicationrepository_application_1.yaml.bak deleted file mode 100755 index 636895aa9..000000000 --- a/queries/aws_serverlessapplicationrepository_application_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_serverlessapplicationrepository_application_1 -Title: "List AWS Serverless Application Repository Applications" -Description: "Allows users to query AWS Serverless Application Repository Applications to fetch details like application name, status, author, description, labels, license URL, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - author, - creation_time, - description - from - aws_serverlessapplicationrepository_application; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Serverless Application Repository diff --git a/queries/aws_serverlessapplicationrepository_application_2.yaml.bak b/queries/aws_serverlessapplicationrepository_application_2.yaml.bak deleted file mode 100755 index 44b8955bb..000000000 --- a/queries/aws_serverlessapplicationrepository_application_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_serverlessapplicationrepository_application_2 -Title: "List AWS Serverless App Repo Applications by Verified Author" -Description: "Allows users to query AWS Serverless Application Repository Applications to fetch details like application name, status, author, description, labels, license URL, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - author, - is_verified_author - from - aws_serverlessapplicationrepository_application - where - is_verified_author; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Serverless Application Repository diff --git a/queries/aws_serverlessapplicationrepository_application_3.yaml.bak b/queries/aws_serverlessapplicationrepository_application_3.yaml.bak deleted file mode 100755 index 2ed98d82e..000000000 --- a/queries/aws_serverlessapplicationrepository_application_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_serverlessapplicationrepository_application_3 -Title: "List all AWS Serverless Application Repository Applications" -Description: "Allows users to query AWS Serverless Application Repository Applications to fetch details like application name, status, author, description, labels, license URL, creation time, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_pretty(statement -> 'Actions') as actions, - jsonb_pretty(statement -> 'PrincipalOrgIDs') as principal_org_ids, - jsonb_pretty(statement -> 'Principals') as principals, - statement ->> 'StatementId' as statement_id - from - aws_serverlessapplicationrepository_application, - jsonb_array_elements(statements) as statement; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Serverless Application Repository diff --git a/queries/aws_service_discovery_instance_1.yaml.bak b/queries/aws_service_discovery_instance_1.yaml.bak deleted file mode 100755 index a0d9bf5e6..000000000 --- a/queries/aws_service_discovery_instance_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_service_discovery_instance_1 -Title: "Find AWS Cloud Map Service Instances and Health Information" -Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - service_id, - ec2_instance_id, - attributes - from - aws_service_discovery_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Map diff --git a/queries/aws_service_discovery_instance_2.yaml.bak b/queries/aws_service_discovery_instance_2.yaml.bak deleted file mode 100755 index d75822f62..000000000 --- a/queries/aws_service_discovery_instance_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_service_discovery_instance_2 -Title: "Find Unhealthy AWS Cloud Map Service Instances" -Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - service_id, - init_health_status - from - aws_service_discovery_instance - where - init_health_status = 'UNHEALTHY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Map Service diff --git a/queries/aws_service_discovery_instance_3.yaml.bak b/queries/aws_service_discovery_instance_3.yaml.bak deleted file mode 100755 index 21533b48c..000000000 --- a/queries/aws_service_discovery_instance_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_service_discovery_instance_3 -Title: "List all AWS Cloud Map Service Instances with Details" -Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_id, - count(id) - from - aws_service_discovery_instance - group by - service_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cloud Map diff --git a/queries/aws_service_discovery_instance_4.yaml.bak b/queries/aws_service_discovery_instance_4.yaml.bak deleted file mode 100755 index 325091a61..000000000 --- a/queries/aws_service_discovery_instance_4.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_service_discovery_instance_4 -Title: "List all AWS Cloud Map Service Instances with Details" -Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.id, - i.service_id, - s.name as service_name, - s.create_date as service_create_date, - s.namespace_id, - s.type - from - aws_service_discovery_instance as i, - aws_service_discovery_service as s - where - s.id = i.service_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Cloud Map diff --git a/queries/aws_service_discovery_instance_5.yaml.bak b/queries/aws_service_discovery_instance_5.yaml.bak deleted file mode 100755 index 0fc727332..000000000 --- a/queries/aws_service_discovery_instance_5.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_service_discovery_instance_5 -Title: "List AWS Cloud Map Service Instances and Health Status" -Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.id, - i.service_id, - i.ec2_instance_id, - ei.instance_type, - ei.instance_state, - ei.launch_time - from - aws_service_discovery_instance as i, - aws_ec2_instance as ei - where - i.ec2_instance_id is not null - and - ei.instance_id = i.ec2_instance_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Map diff --git a/queries/aws_service_discovery_instance_5.yaml.bak.bak b/queries/aws_service_discovery_instance_5.yaml.bak.bak deleted file mode 100755 index 0fc727332..000000000 --- a/queries/aws_service_discovery_instance_5.yaml.bak.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_service_discovery_instance_5 -Title: "List AWS Cloud Map Service Instances and Health Status" -Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.id, - i.service_id, - i.ec2_instance_id, - ei.instance_type, - ei.instance_state, - ei.launch_time - from - aws_service_discovery_instance as i, - aws_ec2_instance as ei - where - i.ec2_instance_id is not null - and - ei.instance_id = i.ec2_instance_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Map diff --git a/queries/aws_service_discovery_instance_6.yaml.bak b/queries/aws_service_discovery_instance_6.yaml.bak deleted file mode 100755 index 22830ffa1..000000000 --- a/queries/aws_service_discovery_instance_6.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_service_discovery_instance_6 -Title: "Find AWS Cloud Map Service Instances and Their Details" -Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - service_id, - ec2_instance_id, - instance_ipv4, - instance_ipv6, - instance_port - from - aws_service_discovery_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Map diff --git a/queries/aws_service_discovery_namespace_1.yaml.bak b/queries/aws_service_discovery_namespace_1.yaml.bak deleted file mode 100755 index fab85a51b..000000000 --- a/queries/aws_service_discovery_namespace_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_service_discovery_namespace_1 -Title: "Find AWS Cloud Map Service Discovery Namespaces" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - region - from - aws_service_discovery_namespace; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Map diff --git a/queries/aws_service_discovery_namespace_2.yaml.bak b/queries/aws_service_discovery_namespace_2.yaml.bak deleted file mode 100755 index b0be2a40d..000000000 --- a/queries/aws_service_discovery_namespace_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_service_discovery_namespace_2 -Title: "Find AWS Cloud Map Service Discovery Namespace Details" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - service_count - from - aws_service_discovery_namespace - where - type ilike '%private%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Map diff --git a/queries/aws_service_discovery_namespace_3.yaml.bak b/queries/aws_service_discovery_namespace_3.yaml.bak deleted file mode 100755 index 1d59f4b96..000000000 --- a/queries/aws_service_discovery_namespace_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_service_discovery_namespace_3 -Title: "List all AWS Cloud Map Service Discovery Namespaces" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - service_count - from - aws_service_discovery_namespace - where - type = 'HTTP'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Map diff --git a/queries/aws_service_discovery_namespace_4.yaml.bak b/queries/aws_service_discovery_namespace_4.yaml.bak deleted file mode 100755 index db1f0f5b3..000000000 --- a/queries/aws_service_discovery_namespace_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_service_discovery_namespace_4 -Title: "List all AWS Cloud Map Service Discovery Namespaces" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - description, - create_date - from - aws_service_discovery_namespace - where - create_date >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Map Service Discovery diff --git a/queries/aws_service_discovery_namespace_5.yaml.bak b/queries/aws_service_discovery_namespace_5.yaml.bak deleted file mode 100755 index db99cf83c..000000000 --- a/queries/aws_service_discovery_namespace_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_service_discovery_namespace_5 -Title: "List AWS Cloud Map Service Discovery Namespace Details" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - http_properties ->> 'HttpName' as http_name - from - aws_service_discovery_namespace - where - type = 'HTTP'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Map diff --git a/queries/aws_service_discovery_namespace_6.yaml.bak b/queries/aws_service_discovery_namespace_6.yaml.bak deleted file mode 100755 index cefa0d160..000000000 --- a/queries/aws_service_discovery_namespace_6.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_service_discovery_namespace_6 -Title: "List AWS Cloud Map Service Discovery Namespaces" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - dns_properties ->> 'HostedZoneId' as HostedZoneId, - dns_properties -> 'SOA' ->> 'TTL' as ttl - from - aws_service_discovery_namespace - where - type = 'DNS_PRIVATE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Map diff --git a/queries/aws_service_discovery_namespace_7.yaml.bak b/queries/aws_service_discovery_namespace_7.yaml.bak deleted file mode 100755 index ab5f61765..000000000 --- a/queries/aws_service_discovery_namespace_7.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_service_discovery_namespace_7 -Title: "List all AWS Cloud Map Service Discovery Namespaces" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - type, - count(type) - from - aws_service_discovery_namespace - group by - type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Map Service Discovery diff --git a/queries/aws_service_discovery_namespace_7.yaml.bak.bak b/queries/aws_service_discovery_namespace_7.yaml.bak.bak deleted file mode 100755 index ab5f61765..000000000 --- a/queries/aws_service_discovery_namespace_7.yaml.bak.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_service_discovery_namespace_7 -Title: "List all AWS Cloud Map Service Discovery Namespaces" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - type, - count(type) - from - aws_service_discovery_namespace - group by - type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Cloud Map Service Discovery diff --git a/queries/aws_service_discovery_service_1.yaml.bak b/queries/aws_service_discovery_service_1.yaml.bak deleted file mode 100755 index d54f6dc18..000000000 --- a/queries/aws_service_discovery_service_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_service_discovery_service_1 -Title: "Find AWS Service Discovery Services and Details" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - region - from - aws_service_discovery_service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Service Discovery Service diff --git a/queries/aws_service_discovery_service_2.yaml.bak b/queries/aws_service_discovery_service_2.yaml.bak deleted file mode 100755 index 362117efb..000000000 --- a/queries/aws_service_discovery_service_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_service_discovery_service_2 -Title: "Find AWS Service Discovery Services registered with Cloud Map" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - create_date - from - aws_service_discovery_service - where - type ilike '%dns%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Service Discovery diff --git a/queries/aws_service_discovery_service_3.yaml.bak b/queries/aws_service_discovery_service_3.yaml.bak deleted file mode 100755 index 970393925..000000000 --- a/queries/aws_service_discovery_service_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_service_discovery_service_3 -Title: "Find all AWS Cloud Map resources by type" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - description - from - aws_service_discovery_service - where - type = 'HTTP'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Discovery diff --git a/queries/aws_service_discovery_service_4.yaml.bak b/queries/aws_service_discovery_service_4.yaml.bak deleted file mode 100755 index c59d1dce3..000000000 --- a/queries/aws_service_discovery_service_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_service_discovery_service_4 -Title: "List all AWS Service Discovery Resources in Last 30 Days" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - description, - create_date - from - aws_service_discovery_service - where - create_date >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Discovery diff --git a/queries/aws_service_discovery_service_5.yaml.bak b/queries/aws_service_discovery_service_5.yaml.bak deleted file mode 100755 index 8293b7a84..000000000 --- a/queries/aws_service_discovery_service_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_service_discovery_service_5 -Title: "Find Details of Registered AWS resources Using SQL" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - type, - count(type) - from - aws_service_discovery_service - group by - type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Discovery diff --git a/queries/aws_service_discovery_service_6.yaml.bak b/queries/aws_service_discovery_service_6.yaml.bak deleted file mode 100755 index a12be8df3..000000000 --- a/queries/aws_service_discovery_service_6.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_service_discovery_service_6 -Title: "Find all AWS resources registered with Cloud Map" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - health_check_config ->> 'Type' as health_check_type, - health_check_config ->> 'FailureThreshold' as failure_threshold, - health_check_config ->> 'ResourcePath' as resource_path - from - aws_service_discovery_service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Discovery diff --git a/queries/aws_service_discovery_service_7.yaml.bak b/queries/aws_service_discovery_service_7.yaml.bak deleted file mode 100755 index 42954aa55..000000000 --- a/queries/aws_service_discovery_service_7.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_service_discovery_service_7 -Title: "Find AWS Service Discovery Service Resource Details" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - health_check_custom_config ->> 'FailureThreshold' as failure_threshold - from - aws_service_discovery_service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Discovery diff --git a/queries/aws_service_discovery_service_8.yaml.bak b/queries/aws_service_discovery_service_8.yaml.bak deleted file mode 100755 index 3fca40233..000000000 --- a/queries/aws_service_discovery_service_8.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_service_discovery_service_8 -Title: "List all AWS Service Discovery resources using SQL" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.name, - s.id, - s.namespace_id, - n.service_count, - n.type as namespace_type, - n.dns_properties - from - aws_service_discovery_service as s, - aws_service_discovery_namespace as n; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Service Discovery diff --git a/queries/aws_servicecatalog_portfolio_1.yaml.bak b/queries/aws_servicecatalog_portfolio_1.yaml.bak deleted file mode 100755 index 9a0b66a36..000000000 --- a/queries/aws_servicecatalog_portfolio_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_servicecatalog_portfolio_1 -Title: "List Service Catalog Portfolios in AWS" -Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - display_name, - id, - arn, - region, - akas - from - aws_servicecatalog_portfolio; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Service Catalog diff --git a/queries/aws_servicecatalog_portfolio_2.yaml.bak b/queries/aws_servicecatalog_portfolio_2.yaml.bak deleted file mode 100755 index 05625bf28..000000000 --- a/queries/aws_servicecatalog_portfolio_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_servicecatalog_portfolio_2 -Title: "Find AWS Service Catalog Portfolio Details" -Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - display_name, - id, - description, - provider_name - from - aws_servicecatalog_portfolio - where - provider_name = 'my-portfolio'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicecatalog_portfolio_3.yaml.bak b/queries/aws_servicecatalog_portfolio_3.yaml.bak deleted file mode 100755 index a52bb7794..000000000 --- a/queries/aws_servicecatalog_portfolio_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_servicecatalog_portfolio_3 -Title: "Find AWS Service Catalog Portfolio Details in Last 30 Days" -Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - display_name, - id, - description, - created_time - from - aws_servicecatalog_portfolio - where - created_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicecatalog_portfolio_4.yaml.bak b/queries/aws_servicecatalog_portfolio_4.yaml.bak deleted file mode 100755 index 4c2cb9a23..000000000 --- a/queries/aws_servicecatalog_portfolio_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_servicecatalog_portfolio_4 -Title: "Find AWS Service Catalog Portfolio Details Using SQL" -Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - sp.display_name, - sp.id, - b ->> 'BudgetName' as budget_name - from - aws_servicecatalog_portfolio as sp, - jsonb_array_elements(budgets) as b; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicecatalog_product_1.yaml.bak b/queries/aws_servicecatalog_product_1.yaml.bak deleted file mode 100755 index 53afd3f0e..000000000 --- a/queries/aws_servicecatalog_product_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_servicecatalog_product_1 -Title: "List all AWS Service Catalog Product Details and Metadata" -Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - product_id, - type, - akas, - support_url, - support_email - from - aws_servicecatalog_product; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicecatalog_product_2.yaml.bak b/queries/aws_servicecatalog_product_2.yaml.bak deleted file mode 100755 index 899d8d71f..000000000 --- a/queries/aws_servicecatalog_product_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_servicecatalog_product_2 -Title: "Find all AWS Service Catalog Product Details" -Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - product_id, - type, - distributor, - owner, - has_default_path - from - aws_servicecatalog_product - where - has_default_path; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicecatalog_product_3.yaml.bak b/queries/aws_servicecatalog_product_3.yaml.bak deleted file mode 100755 index 455994e3a..000000000 --- a/queries/aws_servicecatalog_product_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_servicecatalog_product_3 -Title: "Find all AWS Service Catalog Product Details with Metadata" -Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - product_id, - type, - support_url, - support_description - from - aws_servicecatalog_product - where - type = 'MARKETPLACE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicecatalog_product_4.yaml.bak b/queries/aws_servicecatalog_product_4.yaml.bak deleted file mode 100755 index 43b883839..000000000 --- a/queries/aws_servicecatalog_product_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_servicecatalog_product_4 -Title: "List all AWS Service Catalog Product details" -Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - sp.name, - sp.id, - sp.owner, - sp.product_id, - sp.short_description, - b ->> 'BudgetName' as budget_name - from - aws_servicecatalog_product as sp, - jsonb_array_elements(budgets) as b; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicecatalog_product_5.yaml.bak b/queries/aws_servicecatalog_product_5.yaml.bak deleted file mode 100755 index a4c64d093..000000000 --- a/queries/aws_servicecatalog_product_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_servicecatalog_product_5 -Title: "List all AWS Service Catalog Product Details" -Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - owner, - short_description, - l ->> 'Id' as launch_path_id, - l ->> 'Name' as launch_path_name - from - aws_servicecatalog_product, - jsonb_array_elements(launch_paths) as l; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicecatalog_product_6.yaml.bak b/queries/aws_servicecatalog_product_6.yaml.bak deleted file mode 100755 index 24cb69d7b..000000000 --- a/queries/aws_servicecatalog_product_6.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_servicecatalog_product_6 -Title: "List AWS Service Catalog Product Data Including Details and Metadata" -Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - p ->> 'Id' as provisioning_artifact_id, - p ->> 'Name' as provisioning_artifact_name, - p ->> 'CreatedTime' as provisioning_artifact_created_time, - p ->> 'Description' as provisioning_artifact_description, - p ->> 'Guidance' as provisioning_artifact_guidance - from - aws_servicecatalog_product, - jsonb_array_elements(provisioning_artifacts) as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicecatalog_provisioned_product_1.yaml.bak b/queries/aws_servicecatalog_provisioned_product_1.yaml.bak deleted file mode 100755 index 8907c4a1e..000000000 --- a/queries/aws_servicecatalog_provisioned_product_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_servicecatalog_provisioned_product_1 -Title: "Find AWS Service Catalog Provisioned Product Details" -Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - product_id, - status, - created_time, - last_provisioning_record_id - from - aws_servicecatalog_provisioned_product; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicecatalog_provisioned_product_2.yaml.bak b/queries/aws_servicecatalog_provisioned_product_2.yaml.bak deleted file mode 100755 index 1d14dd344..000000000 --- a/queries/aws_servicecatalog_provisioned_product_2.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_servicecatalog_provisioned_product_2 -Title: "Find all AWS Service Catalog Provisioned Product details" -Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - product_id, - status, - created_time, - last_provisioning_record_id - from - aws_servicecatalog_provisioned_product - where - created_time >= (current_date - interval '7' day) - order by - created_time; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicecatalog_provisioned_product_3.yaml.bak b/queries/aws_servicecatalog_provisioned_product_3.yaml.bak deleted file mode 100755 index 52ba7b0dc..000000000 --- a/queries/aws_servicecatalog_provisioned_product_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_servicecatalog_provisioned_product_3 -Title: "List AWS Service Catalog Provisioned Products with Details" -Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - product_id, - status, - created_time, - last_provisioning_record_id - from - aws_servicecatalog_provisioned_product - where - last_successful_provisioning_record_id is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicecatalog_provisioned_product_4.yaml.bak b/queries/aws_servicecatalog_provisioned_product_4.yaml.bak deleted file mode 100755 index 4c2aef01d..000000000 --- a/queries/aws_servicecatalog_provisioned_product_4.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_servicecatalog_provisioned_product_4 -Title: "List all AWS Service Catalog Provisioned Product details" -Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - pr.id as provisioning_id, - p.name as product_name, - p.id as product_view_id, - p.product_id, - p.type as product_type, - p.support_url as product_support_url, - p.support_email as product_support_email - from - aws_servicecatalog_provisioned_product as pr, - aws_servicecatalog_product as p - where - pr.product_id = p.product_id - and last_successful_provisioning_record_id is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicecatalog_provisioned_product_5.yaml.bak b/queries/aws_servicecatalog_provisioned_product_5.yaml.bak deleted file mode 100755 index 03b1d4c1a..000000000 --- a/queries/aws_servicecatalog_provisioned_product_5.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_servicecatalog_provisioned_product_5 -Title: "List AWS Service Catalog Provisioned Product Details" -Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - product_id, - status, - created_time, - last_provisioning_record_id - from - aws_servicecatalog_provisioned_product - where - type = 'CFN_STACK' - and last_successful_provisioning_record_id is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Catalog diff --git a/queries/aws_servicequotas_default_service_quota_1.yaml.bak b/queries/aws_servicequotas_default_service_quota_1.yaml.bak deleted file mode 100755 index 613bfd43d..000000000 --- a/queries/aws_servicequotas_default_service_quota_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_servicequotas_default_service_quota_1 -Title: "List all AWS Service Quotas Default Values" -Description: "Allows users to query AWS Service Quotas Default Service Quota to retrieve information about the default values of service quotas for AWS services." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - quota_name, - quota_code, - quota_arn, - service_name, - service_code, - value - from - aws_servicequotas_default_service_quota; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Quotas diff --git a/queries/aws_servicequotas_default_service_quota_2.yaml.bak b/queries/aws_servicequotas_default_service_quota_2.yaml.bak deleted file mode 100755 index fb8e2c33f..000000000 --- a/queries/aws_servicequotas_default_service_quota_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_servicequotas_default_service_quota_2 -Title: "List all Default AWS Service Quotas using SQL" -Description: "Allows users to query AWS Service Quotas Default Service Quota to retrieve information about the default values of service quotas for AWS services." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - quota_name, - quota_code, - quota_arn, - service_name, - service_code, - value - from - aws_servicequotas_default_service_quota - where - global_quota; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Quotas diff --git a/queries/aws_servicequotas_default_service_quota_3.yaml.bak b/queries/aws_servicequotas_default_service_quota_3.yaml.bak deleted file mode 100755 index 8ce6a85d6..000000000 --- a/queries/aws_servicequotas_default_service_quota_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_servicequotas_default_service_quota_3 -Title: "Find AWS Default Service Quotas for Services" -Description: "Allows users to query AWS Service Quotas Default Service Quota to retrieve information about the default values of service quotas for AWS services." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - quota_name, - quota_code, - quota_arn, - service_name, - service_code, - value - from - aws_servicequotas_default_service_quota - where - service_code = 'athena'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Quotas diff --git a/queries/aws_servicequotas_service_1.yaml.bak b/queries/aws_servicequotas_service_1.yaml.bak deleted file mode 100755 index 10e60c5a3..000000000 --- a/queries/aws_servicequotas_service_1.yaml.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: aws_servicequotas_service_1 -Title: "List all AWS Service Quotas with detailed service info" -Description: "Allows users to query AWS Service Quotas services, providing detailed information about each service''s code and name." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select distinct - service_code, - service_name - from - aws_servicequotas_service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Quotas diff --git a/queries/aws_servicequotas_service_2.yaml.bak b/queries/aws_servicequotas_service_2.yaml.bak deleted file mode 100755 index 377d97c83..000000000 --- a/queries/aws_servicequotas_service_2.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_servicequotas_service_2 -Title: "Find AWS Service Quota Service Codes for CloudTrail" -Description: "Allows users to query AWS Service Quotas services, providing detailed information about each service''s code and name." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select distinct - service_code - from - aws_servicequotas_service - where - service_name = 'AWS CloudTrail'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Quotas diff --git a/queries/aws_servicequotas_service_quota_1.yaml.bak b/queries/aws_servicequotas_service_quota_1.yaml.bak deleted file mode 100755 index 67d600199..000000000 --- a/queries/aws_servicequotas_service_quota_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_servicequotas_service_quota_1 -Title: "List all AWS Service Quotas with Values and Details" -Description: "Allows users to query AWS Service Quotas, providing detailed information about each quota''s value, default value, and whether it''s adjustable." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - quota_name, - quota_code, - quota_arn, - service_name, - service_code, - value - from - aws_servicequotas_service_quota; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Quotas diff --git a/queries/aws_servicequotas_service_quota_2.yaml.bak b/queries/aws_servicequotas_service_quota_2.yaml.bak deleted file mode 100755 index 5860dfa6b..000000000 --- a/queries/aws_servicequotas_service_quota_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_servicequotas_service_quota_2 -Title: "Find AWS Service Quotas with Details on Values" -Description: "Allows users to query AWS Service Quotas, providing detailed information about each quota''s value, default value, and whether it''s adjustable." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - quota_name, - quota_code, - quota_arn, - service_name, - service_code, - value - from - aws_servicequotas_service_quota - where - global_quota; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Quotas diff --git a/queries/aws_servicequotas_service_quota_3.yaml.bak b/queries/aws_servicequotas_service_quota_3.yaml.bak deleted file mode 100755 index 74db90541..000000000 --- a/queries/aws_servicequotas_service_quota_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_servicequotas_service_quota_3 -Title: "Find AWS Service Quotas for Specific Services" -Description: "Allows users to query AWS Service Quotas, providing detailed information about each quota''s value, default value, and whether it''s adjustable." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - quota_name, - quota_code, - quota_arn, - service_name, - service_code, - value - from - aws_servicequotas_service_quota - where - service_code = 'athena'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Quotas diff --git a/queries/aws_servicequotas_service_quota_change_request_1.yaml.bak b/queries/aws_servicequotas_service_quota_change_request_1.yaml.bak deleted file mode 100755 index fae1d5268..000000000 --- a/queries/aws_servicequotas_service_quota_change_request_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_servicequotas_service_quota_change_request_1 -Title: "Find All AWS Service Quotas Change Requests" -Description: "Allows users to query AWS Service Quotas change requests." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - case_id, - status, - quota_name, - quota_code, - desired_value - from - aws_servicequotas_service_quota_change_request; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Quotas diff --git a/queries/aws_servicequotas_service_quota_change_request_2.yaml.bak b/queries/aws_servicequotas_service_quota_change_request_2.yaml.bak deleted file mode 100755 index 5495d1f6e..000000000 --- a/queries/aws_servicequotas_service_quota_change_request_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_servicequotas_service_quota_change_request_2 -Title: "Find AWS Service Quota Change Requests Statuses" -Description: "Allows users to query AWS Service Quotas change requests." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - case_id, - status, - quota_name, - quota_code, - desired_value - from - aws_servicequotas_service_quota_change_request - where - status = 'DENIED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Quotas diff --git a/queries/aws_servicequotas_service_quota_change_request_3.yaml.bak b/queries/aws_servicequotas_service_quota_change_request_3.yaml.bak deleted file mode 100755 index 32b9ed0a9..000000000 --- a/queries/aws_servicequotas_service_quota_change_request_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_servicequotas_service_quota_change_request_3 -Title: "Find all AWS Service Quotas change requests" -Description: "Allows users to query AWS Service Quotas change requests." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - case_id, - status, - quota_name, - quota_code, - desired_value - from - aws_servicequotas_service_quota_change_request - where - service_code = 'athena'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Service Quotas diff --git a/queries/aws_ses_domain_identity_1.yaml.bak b/queries/aws_ses_domain_identity_1.yaml.bak deleted file mode 100755 index 4983158fb..000000000 --- a/queries/aws_ses_domain_identity_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ses_domain_identity_1 -Title: "List all Amazon SES Domain Identities and Their Details" -Description: "Allows users to query Amazon Simple Email Service Domain Identities. The aws_ses_domain_identity table in Steampipe provides information about domain identities within Amazon Simple Email Service (SES). This table allows DevOps engineers to query domain-specific details, including verification status, DKIM attributes, and associated metadata. Users can utilize this table to gather insights on domain identities, such as verification status, DKIM tokens, and more. The schema outlines the various attributes of the SES domain identity, including the identity name, verification status, DKIM enabled status, and DKIM tokens." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity, - arn, - region, - akas - from - aws_ses_domain_identity; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Simple Email Service diff --git a/queries/aws_ses_domain_identity_2.yaml.bak b/queries/aws_ses_domain_identity_2.yaml.bak deleted file mode 100755 index 2914b7449..000000000 --- a/queries/aws_ses_domain_identity_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ses_domain_identity_2 -Title: "Find AWS SES Domain Identities with Verification Status Failed" -Description: "Allows users to query Amazon Simple Email Service Domain Identities. The aws_ses_domain_identity table in Steampipe provides information about domain identities within Amazon Simple Email Service (SES). This table allows DevOps engineers to query domain-specific details, including verification status, DKIM attributes, and associated metadata. Users can utilize this table to gather insights on domain identities, such as verification status, DKIM tokens, and more. The schema outlines the various attributes of the SES domain identity, including the identity name, verification status, DKIM enabled status, and DKIM tokens." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity, - region, - verification_status - from - aws_ses_domain_identity - where - verification_status = 'Failed'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Simple Email Service diff --git a/queries/aws_ses_email_identity_1.yaml.bak b/queries/aws_ses_email_identity_1.yaml.bak deleted file mode 100755 index 1998a39c6..000000000 --- a/queries/aws_ses_email_identity_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ses_email_identity_1 -Title: "List All AWS SES Email Identities and Details" -Description: "Allows users to query AWS SES Email Identity to retrieve information about the email identities (domains and email addresses) that you have verified with Amazon SES." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity, - arn, - region, - akas - from - aws_ses_email_identity; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - SES diff --git a/queries/aws_ses_email_identity_2.yaml.bak b/queries/aws_ses_email_identity_2.yaml.bak deleted file mode 100755 index 031a47017..000000000 --- a/queries/aws_ses_email_identity_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ses_email_identity_2 -Title: "List AWS SES Email Identities and Their Verification Status" -Description: "Allows users to query AWS SES Email Identity to retrieve information about the email identities (domains and email addresses) that you have verified with Amazon SES." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity, - region, - verification_status - from - aws_ses_email_identity - where - verification_status = 'Failed'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - SES diff --git a/queries/aws_sfn_state_machine_1.yaml.bak b/queries/aws_sfn_state_machine_1.yaml.bak deleted file mode 100755 index 202ebc3b4..000000000 --- a/queries/aws_sfn_state_machine_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_sfn_state_machine_1 -Title: "Find all AWS Step Functions State Machines in SQL" -Description: "Allows users to query AWS Step Functions State Machines to retrieve detailed information about each state machine." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - type, - role_arn - from - aws_sfn_state_machine; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Step Functions diff --git a/queries/aws_sfn_state_machine_2.yaml.bak b/queries/aws_sfn_state_machine_2.yaml.bak deleted file mode 100755 index 8b8fb4ad8..000000000 --- a/queries/aws_sfn_state_machine_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_sfn_state_machine_2 -Title: "Find AWS Step Functions State Machines Details" -Description: "Allows users to query AWS Step Functions State Machines to retrieve detailed information about each state machine." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status - from - aws_sfn_state_machine - where - status = 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Step Functions diff --git a/queries/aws_sfn_state_machine_execution_1.yaml.bak b/queries/aws_sfn_state_machine_execution_1.yaml.bak deleted file mode 100755 index e3c75b9d4..000000000 --- a/queries/aws_sfn_state_machine_execution_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_sfn_state_machine_execution_1 -Title: "List all AWS Step Functions Execution details" -Description: "Allows users to query AWS Step Functions State Machine Execution data, including execution status, start and end times, and associated state machine details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - execution_arn, - status, - state_machine_arn - from - aws_sfn_state_machine_execution; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Step Functions diff --git a/queries/aws_sfn_state_machine_execution_2.yaml.bak b/queries/aws_sfn_state_machine_execution_2.yaml.bak deleted file mode 100755 index c34e91e5a..000000000 --- a/queries/aws_sfn_state_machine_execution_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_sfn_state_machine_execution_2 -Title: "Find AWS Step Functions Execution Status and Details" -Description: "Allows users to query AWS Step Functions State Machine Execution data, including execution status, start and end times, and associated state machine details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - execution_arn, - status, - state_machine_arn - from - aws_sfn_state_machine_execution - where - status = 'FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Step Functions diff --git a/queries/aws_sfn_state_machine_execution_history_1.yaml.bak b/queries/aws_sfn_state_machine_execution_history_1.yaml.bak deleted file mode 100755 index 048bc7362..000000000 --- a/queries/aws_sfn_state_machine_execution_history_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_sfn_state_machine_execution_history_1 -Title: "Find AWS Step Functions State Machine Execution History" -Description: "Allows users to query AWS Step Functions State Machine Execution History to fetch information about the execution history of a state machine." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - execution_arn, - previous_event_id, - timestamp, - type - from - aws_sfn_state_machine_execution_history; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Step Functions diff --git a/queries/aws_sfn_state_machine_execution_history_2.yaml.bak b/queries/aws_sfn_state_machine_execution_history_2.yaml.bak deleted file mode 100755 index 0cb353abc..000000000 --- a/queries/aws_sfn_state_machine_execution_history_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_sfn_state_machine_execution_history_2 -Title: "Find AWS Step Functions State Machine Execution Details" -Description: "Allows users to query AWS Step Functions State Machine Execution History to fetch information about the execution history of a state machine." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - execution_arn, - execution_started_event_details -> 'Input' as event_input, - execution_started_event_details -> 'InputDetails' as event_input_details, - execution_started_event_details ->> 'RoleArn' as event_role_arn - from - aws_sfn_state_machine_execution_history - where - type = 'ExecutionStarted'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Step Functions diff --git a/queries/aws_simspaceweaver_simulation_1.yaml.bak b/queries/aws_simspaceweaver_simulation_1.yaml.bak deleted file mode 100755 index f153c5075..000000000 --- a/queries/aws_simspaceweaver_simulation_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_simspaceweaver_simulation_1 -Title: "List all AWS SimSpace Simulation with details" -Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - status, - execution_id, - schema_error - from - aws_simspaceweaver_simulation; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SimSpaceWeaver Simulation diff --git a/queries/aws_simspaceweaver_simulation_2.yaml.bak b/queries/aws_simspaceweaver_simulation_2.yaml.bak deleted file mode 100755 index 40ae78b94..000000000 --- a/queries/aws_simspaceweaver_simulation_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_simspaceweaver_simulation_2 -Title: "List all AWS SimSpace Simulations from the past 30 days" -Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - status - from - aws_simspaceweaver_simulation - where - creation_time >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SimSpace diff --git a/queries/aws_simspaceweaver_simulation_3.yaml.bak b/queries/aws_simspaceweaver_simulation_3.yaml.bak deleted file mode 100755 index 37113f91b..000000000 --- a/queries/aws_simspaceweaver_simulation_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_simspaceweaver_simulation_3 -Title: "List all AWS SimSpace Simulation details with SQL" -Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - status - from - aws_simspaceweaver_simulation - where - status = 'FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SimSpace Simulation diff --git a/queries/aws_simspaceweaver_simulation_4.yaml.bak b/queries/aws_simspaceweaver_simulation_4.yaml.bak deleted file mode 100755 index a27be2082..000000000 --- a/queries/aws_simspaceweaver_simulation_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_simspaceweaver_simulation_4 -Title: "List AWS SimSpace Simulations and Details" -Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - jsonb_pretty(d) - from - aws_simspaceweaver_simulation, - jsonb_array_elements(logging_configuration -> 'Destinations') as d; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SimSpace Simulation diff --git a/queries/aws_simspaceweaver_simulation_5.yaml.bak b/queries/aws_simspaceweaver_simulation_5.yaml.bak deleted file mode 100755 index fcf356681..000000000 --- a/queries/aws_simspaceweaver_simulation_5.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_simspaceweaver_simulation_5 -Title: "Find AWS SimSpace Simulation Specific Details" -Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.name, - s.arn, - s.schema_s3_location ->> 'BucketName' as bucket_name, - s.schema_s3_location ->> 'ObjectKey' as object_key, - b.versioning_enabled, - b.block_public_acls, - b.acl - from - aws_simspaceweaver_simulation as s, - aws_s3_bucket as b - where - s.schema_s3_location ->> 'BucketName' = b.name; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SimSpace Weaver diff --git a/queries/aws_sns_subscription_1.yaml.bak b/queries/aws_sns_subscription_1.yaml.bak deleted file mode 100755 index 0666a84d4..000000000 --- a/queries/aws_sns_subscription_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_sns_subscription_1 -Title: "List all AWS SNS Topic Subscriptions Details" -Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - redrive_policy - from - aws_sns_subscription - where - redrive_policy is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Notification Service diff --git a/queries/aws_sns_subscription_2.yaml.bak b/queries/aws_sns_subscription_2.yaml.bak deleted file mode 100755 index 4670418fe..000000000 --- a/queries/aws_sns_subscription_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_sns_subscription_2 -Title: "List all AWS SNS Topic Subscriptions Details" -Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - filter_policy - from - aws_sns_subscription - where - filter_policy is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Notification Service diff --git a/queries/aws_sns_subscription_3.yaml.bak b/queries/aws_sns_subscription_3.yaml.bak deleted file mode 100755 index 42c6bfb82..000000000 --- a/queries/aws_sns_subscription_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_sns_subscription_3 -Title: "List AWS SNS Topic Subscription Details with SQL" -Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - count(subscription_arn) as subscription_count - from - aws_sns_subscription - group by - title; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Notification Service diff --git a/queries/aws_sns_topic_1.yaml.bak b/queries/aws_sns_topic_1.yaml.bak deleted file mode 100755 index 3f6626879..000000000 --- a/queries/aws_sns_topic_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_sns_topic_1 -Title: "Find AWS SNS Topics and Their Information" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - kms_master_key_id - from - aws_sns_topic - where - kms_master_key_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - SNS diff --git a/queries/aws_sns_topic_2.yaml.bak b/queries/aws_sns_topic_2.yaml.bak deleted file mode 100755 index e24413985..000000000 --- a/queries/aws_sns_topic_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_sns_topic_2 -Title: "Find AWS SNS Topics with KMS Key Information" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - kms_master_key_id - from - aws_sns_topic - where - kms_master_key_id = 'alias/aws/sns'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SNS diff --git a/queries/aws_sns_topic_3.yaml.bak b/queries/aws_sns_topic_3.yaml.bak deleted file mode 100755 index 0092402f1..000000000 --- a/queries/aws_sns_topic_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_sns_topic_3 -Title: "List all AWS SNS Topics and their details" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - tags - from - aws_sns_topic - where - not tags :: JSONB ? 'owner'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SNS diff --git a/queries/aws_sns_topic_4.yaml.bak b/queries/aws_sns_topic_4.yaml.bak deleted file mode 100755 index 08d52ba56..000000000 --- a/queries/aws_sns_topic_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_sns_topic_4 -Title: "Find AWS SNS Topics and Details" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_sns_topic, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - p = '*' - and s ->> 'Effect' = 'Allow'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SNS Topics diff --git a/queries/aws_sns_topic_5.yaml.bak b/queries/aws_sns_topic_5.yaml.bak deleted file mode 100755 index fcd2a2e4e..000000000 --- a/queries/aws_sns_topic_5.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_sns_topic_5 -Title: "List all AWS SNS Topics and their relevant details" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_sns_topic, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and a in ('*', 'sns:*'); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - SNS diff --git a/queries/aws_sns_topic_6.yaml.bak b/queries/aws_sns_topic_6.yaml.bak deleted file mode 100755 index 1da6f7d93..000000000 --- a/queries/aws_sns_topic_6.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_sns_topic_6 -Title: "List all details for AWS SNS Topics" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title - from - aws_sns_topic - where - title not in ( - select - title - from - aws_sns_topic, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a, - jsonb_array_elements_text( - s -> 'Condition' -> 'Bool' -> 'aws:securetransport' - ) as ssl - where - p = '*' - and s ->> 'Effect' = 'Deny' - and ssl :: bool = false - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SNS diff --git a/queries/aws_sns_topic_7.yaml.bak b/queries/aws_sns_topic_7.yaml.bak deleted file mode 100755 index bdc13e362..000000000 --- a/queries/aws_sns_topic_7.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_sns_topic_7 -Title: "Find AWS SNS Topics Without Failure Feedback Roles" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - topic_arn, - region - from - aws_sns_topic - where - application_failure_feedback_role_arn is null and - firehose_failure_feedback_role_arn is null and - http_failure_feedback_role_arn is null and - lambda_failure_feedback_role_arn is null and - sqs_failure_feedback_role_arn is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SNS diff --git a/queries/aws_sns_topic_subscription_1.yaml.bak b/queries/aws_sns_topic_subscription_1.yaml.bak deleted file mode 100755 index f9c4b74f3..000000000 --- a/queries/aws_sns_topic_subscription_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_sns_topic_subscription_1 -Title: "Find AWS SNS Topic Subscriptions with No Redrive Policy" -Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - redrive_policy - from - aws_sns_topic_subscription - where - redrive_policy is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SNS diff --git a/queries/aws_sns_topic_subscription_2.yaml.bak b/queries/aws_sns_topic_subscription_2.yaml.bak deleted file mode 100755 index e165f6e33..000000000 --- a/queries/aws_sns_topic_subscription_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_sns_topic_subscription_2 -Title: "List all AWS SNS Topic Subscriptions and Details" -Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - filter_policy - from - aws_sns_topic_subscription - where - filter_policy is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Notification Service diff --git a/queries/aws_sns_topic_subscription_3.yaml.bak b/queries/aws_sns_topic_subscription_3.yaml.bak deleted file mode 100755 index e870585fc..000000000 --- a/queries/aws_sns_topic_subscription_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_sns_topic_subscription_3 -Title: "Find AWS SNS Topic Subscriptions Detailed Information" -Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - count(subscription_arn) as subscription_count - from - aws_sns_topic_subscription - group by - title; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Notification Service diff --git a/queries/aws_sqs_queue_1.yaml.bak b/queries/aws_sqs_queue_1.yaml.bak deleted file mode 100755 index f4fdd0128..000000000 --- a/queries/aws_sqs_queue_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_sqs_queue_1 -Title: "List All AWS SQS Queues with Detailed Information" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - delay_seconds, - max_message_size, - receive_wait_time_seconds, - message_retention_seconds, - visibility_timeout_seconds - from - aws_sqs_queue; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Queue Service diff --git a/queries/aws_sqs_queue_10.yaml.bak b/queries/aws_sqs_queue_10.yaml.bak deleted file mode 100755 index e33391994..000000000 --- a/queries/aws_sqs_queue_10.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_sqs_queue_10 -Title: "List AWS SQS Queues with Detailed Information" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_sqs_queue, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and a in ('*', 'sqs:*'); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Queue Service (SQS) diff --git a/queries/aws_sqs_queue_2.yaml.bak b/queries/aws_sqs_queue_2.yaml.bak deleted file mode 100755 index 515603051..000000000 --- a/queries/aws_sqs_queue_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_sqs_queue_2 -Title: "Find AWS SQS Queue Details with SQL" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - kms_master_key_id, - sqs_managed_sse_enabled - from - aws_sqs_queue - where - kms_master_key_id is null - and not sqs_managed_sse_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Queue Service diff --git a/queries/aws_sqs_queue_3.yaml.bak b/queries/aws_sqs_queue_3.yaml.bak deleted file mode 100755 index 6b9542fc9..000000000 --- a/queries/aws_sqs_queue_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_sqs_queue_3 -Title: "Find AWS SQS Queues with KMS Key Details" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - kms_master_key_id, - sqs_managed_sse_enabled - from - aws_sqs_queue - where - kms_master_key_id is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Queue Service diff --git a/queries/aws_sqs_queue_4.yaml.bak b/queries/aws_sqs_queue_4.yaml.bak deleted file mode 100755 index 80c53267d..000000000 --- a/queries/aws_sqs_queue_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_sqs_queue_4 -Title: "Find SQS queues with server-side encryption enabled" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - kms_master_key_id, - sqs_managed_sse_enabled - from - aws_sqs_queue - where - sqs_managed_sse_enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Queue Service diff --git a/queries/aws_sqs_queue_5.yaml.bak b/queries/aws_sqs_queue_5.yaml.bak deleted file mode 100755 index 87ca362ea..000000000 --- a/queries/aws_sqs_queue_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_sqs_queue_5 -Title: "List all SQS queues with retention < 7 days in AWS" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - message_retention_seconds - from - aws_sqs_queue - where - message_retention_seconds < '604800'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Queue Service diff --git a/queries/aws_sqs_queue_6.yaml.bak b/queries/aws_sqs_queue_6.yaml.bak deleted file mode 100755 index f0da1f2ff..000000000 --- a/queries/aws_sqs_queue_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_sqs_queue_6 -Title: "List all AWS SQS queues without a redrive policy" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - redrive_policy - from - aws_sqs_queue - where - redrive_policy is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Queue Service diff --git a/queries/aws_sqs_queue_7.yaml.bak b/queries/aws_sqs_queue_7.yaml.bak deleted file mode 100755 index d6b7a17d8..000000000 --- a/queries/aws_sqs_queue_7.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_sqs_queue_7 -Title: "List all AWS SQS queues with details" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - fifo_queue - from - aws_sqs_queue - where - fifo_queue; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Queue Service (SQS) diff --git a/queries/aws_sqs_queue_8.yaml.bak b/queries/aws_sqs_queue_8.yaml.bak deleted file mode 100755 index 266d492fd..000000000 --- a/queries/aws_sqs_queue_8.yaml.bak +++ /dev/null @@ -1,38 +0,0 @@ -ID: aws_sqs_queue_8 -Title: "Query AWS SQS for Detailed Queue Information" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_sqs_queue, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - string_to_array(p, ':') as pa, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and ( - pa[5] != account_id - or p = '*' - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Queue Service diff --git a/queries/aws_sqs_queue_9.yaml.bak b/queries/aws_sqs_queue_9.yaml.bak deleted file mode 100755 index 2a504f761..000000000 --- a/queries/aws_sqs_queue_9.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_sqs_queue_9 -Title: "Find all AWS SQS Queues and Their Policies" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_sqs_queue, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - p = '*' - and s ->> 'Effect' = 'Allow'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Simple Queue Service diff --git a/queries/aws_ssm_association_1.yaml.bak b/queries/aws_ssm_association_1.yaml.bak deleted file mode 100755 index df7f7e58b..000000000 --- a/queries/aws_ssm_association_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ssm_association_1 -Title: "Find AWS SSM Association Details including Parameters" -Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - association_id, - association_name, - arn, - association_version, - last_execution_date, - document_name, - compliance_severity, - region - from - aws_ssm_association; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Systems Manager diff --git a/queries/aws_ssm_association_2.yaml.bak b/queries/aws_ssm_association_2.yaml.bak deleted file mode 100755 index e2b81f4e7..000000000 --- a/queries/aws_ssm_association_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ssm_association_2 -Title: "List all AWS SSM Associations with Failed Status" -Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - association_id, - overview ->> 'AssociationStatusAggregatedCount' as association_status_aggregated_count, - overview ->> 'DetailedStatus' as detailed_status, - overview ->> 'Status' as status - from - aws_ssm_association - where - overview ->> 'Status' = 'Failed'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Systems Manager diff --git a/queries/aws_ssm_association_3.yaml.bak b/queries/aws_ssm_association_3.yaml.bak deleted file mode 100755 index fb2158fb3..000000000 --- a/queries/aws_ssm_association_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ssm_association_3 -Title: "List AWS SSM Associations with Status and Targets" -Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - association.association_id as association_id, - target ->> 'Key' as target_key, - target ->> 'Values' as target_value, - instances - from - aws_ssm_association as association, - jsonb_array_elements(targets) as target, - jsonb_array_elements_text(target -> 'Values') as instances - where - target ->> 'Key' = 'InstanceIds'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Systems Manager diff --git a/queries/aws_ssm_association_4.yaml.bak b/queries/aws_ssm_association_4.yaml.bak deleted file mode 100755 index e57d7fcbe..000000000 --- a/queries/aws_ssm_association_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ssm_association_4 -Title: "Find AWS SSM Associations and Their Details" -Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - association_id, - association_name, - targets, - document_name - from - aws_ssm_association - where - compliance_severity = 'CRITICAL'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Systems Manager diff --git a/queries/aws_ssm_document_1.yaml.bak b/queries/aws_ssm_document_1.yaml.bak deleted file mode 100755 index aa8c777be..000000000 --- a/queries/aws_ssm_document_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ssm_document_1 -Title: "List all AWS SSM Documents with detailed information" -Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - document_version, - status, - owner, - document_format, - document_type, - platform_types, - region - from - aws_ssm_document; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Documents diff --git a/queries/aws_ssm_document_2.yaml.bak b/queries/aws_ssm_document_2.yaml.bak deleted file mode 100755 index 11c424f4f..000000000 --- a/queries/aws_ssm_document_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ssm_document_2 -Title: "List AWS SSM Documents with Details using SQL" -Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - owner, - document_version, - status, - document_format, - document_type - from - aws_ssm_document - where - owner_type = 'Self'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM diff --git a/queries/aws_ssm_document_2.yaml.bak.bak b/queries/aws_ssm_document_2.yaml.bak.bak deleted file mode 100755 index 11c424f4f..000000000 --- a/queries/aws_ssm_document_2.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ssm_document_2 -Title: "List AWS SSM Documents with Details using SQL" -Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - owner, - document_version, - status, - document_format, - document_type - from - aws_ssm_document - where - owner_type = 'Self'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM diff --git a/queries/aws_ssm_document_3.yaml.bak b/queries/aws_ssm_document_3.yaml.bak deleted file mode 100755 index 149bd43c0..000000000 --- a/queries/aws_ssm_document_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ssm_document_3 -Title: "Find AWS SSM Documents with Various Attributes" -Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - owner, - document_version, - status, - document_format, - document_type - from - aws_ssm_document - where - owner_type != 'Amazon'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM diff --git a/queries/aws_ssm_document_4.yaml.bak b/queries/aws_ssm_document_4.yaml.bak deleted file mode 100755 index ddd04d881..000000000 --- a/queries/aws_ssm_document_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ssm_document_4 -Title: "Find AWS SSM Documents and Retrieve Detailed Information" -Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - owner, - account_ids - from - aws_ssm_document - where - owner_type = 'Self' - and account_ids :: jsonb ? 'all'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Document diff --git a/queries/aws_ssm_document_5.yaml.bak b/queries/aws_ssm_document_5.yaml.bak deleted file mode 100755 index c81a12f9f..000000000 --- a/queries/aws_ssm_document_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ssm_document_5 -Title: "Find all AWS SSM Document Details with SQL" -Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - approved_version, - created_date, - document_type - from - aws_ssm_document - where - arn = 'arn:aws:ssm:ap-south-1:112233445566:document/AWS-ASGEnterStandby'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM diff --git a/queries/aws_ssm_document_permission_1.yaml.bak b/queries/aws_ssm_document_permission_1.yaml.bak deleted file mode 100755 index 49572d9e9..000000000 --- a/queries/aws_ssm_document_permission_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ssm_document_permission_1 -Title: "Find AWS SSM Document Permissions with Details" -Description: "Allows users to query AWS SSM Document Permissions, providing detailed information about the permissions associated with Systems Manager (SSM) documents." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - document_name, - shared_account_id, - shared_document_version, - account_ids, - title - from - aws_ssm_document_permission - where - document_name = 'ConfigureS3BucketLogging'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_document_permission_2.yaml.bak b/queries/aws_ssm_document_permission_2.yaml.bak deleted file mode 100755 index 9c884361c..000000000 --- a/queries/aws_ssm_document_permission_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ssm_document_permission_2 -Title: "Find AWS SSM Document Permissions Information" -Description: "Allows users to query AWS SSM Document Permissions, providing detailed information about the permissions associated with Systems Manager (SSM) documents." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - p.document_name, - p.shared_account_id, - p.shared_document_version, - d.approved_version, - d.attachments_information, - d.created_date, - d.default_version - from - aws_ssm_document_permission as p, - aws_ssm_document as d - where - p.document_name = 'ConfigureS3BucketLogging'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_inventory_1.yaml.bak b/queries/aws_ssm_inventory_1.yaml.bak deleted file mode 100755 index defa8b064..000000000 --- a/queries/aws_ssm_inventory_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ssm_inventory_1 -Title: "List all Managed Instances in AWS Systems Manager Inventory" -Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - type_name, - capture_time, - schema_version, - content, - region - from - aws_ssm_inventory; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Systems Manager diff --git a/queries/aws_ssm_inventory_1.yaml.bak.bak b/queries/aws_ssm_inventory_1.yaml.bak.bak deleted file mode 100755 index defa8b064..000000000 --- a/queries/aws_ssm_inventory_1.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ssm_inventory_1 -Title: "List all Managed Instances in AWS Systems Manager Inventory" -Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - type_name, - capture_time, - schema_version, - content, - region - from - aws_ssm_inventory; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Systems Manager diff --git a/queries/aws_ssm_inventory_2.yaml.bak b/queries/aws_ssm_inventory_2.yaml.bak deleted file mode 100755 index fb04029e2..000000000 --- a/queries/aws_ssm_inventory_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_ssm_inventory_2 -Title: "List all AWS Systems Manager Inventory details" -Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - si.id, - c ->> 'AgentType' as agent_type, - c ->> 'IpAddress' as ip_address, - c ->> 'AgentVersion' as agent_version, - c ->> 'ComputerName' as computer_name, - c ->> 'PlatformName' as platform_name, - c ->> 'PlatformType' as platform_type, - c ->> 'ResourceType' as resource_type, - c ->> 'InstanceStatus' as instance_status, - c ->> 'PlatformVersion' as platform_version - from - aws_ssm_inventory as si, - jsonb_array_elements(content) as c - where - id = 'i-0665a65b1a1c2b47g'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_inventory_3.yaml.bak b/queries/aws_ssm_inventory_3.yaml.bak deleted file mode 100755 index 4d6dcb4d8..000000000 --- a/queries/aws_ssm_inventory_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ssm_inventory_3 -Title: "List all AWS Systems Manager Inventory Details" -Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - s ->> 'Version' as schema_version, - s ->> 'TypeName' as type_name, - s ->> 'DisplayName' as display_name, - jsonb_pretty(s -> 'Attributes') as attributes - from - aws_ssm_inventory, - jsonb_array_elements(schema) as s - order by - id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_inventory_4.yaml.bak b/queries/aws_ssm_inventory_4.yaml.bak deleted file mode 100755 index e602cc589..000000000 --- a/queries/aws_ssm_inventory_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ssm_inventory_4 -Title: "Find all AWS Systems Manager managed instances inventory" -Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - type_name, - capture_time, - schema_version, - content - from - aws_ssm_inventory - where - capture_time >= now() - interval '10' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Systems Manager diff --git a/queries/aws_ssm_inventory_5.yaml.bak b/queries/aws_ssm_inventory_5.yaml.bak deleted file mode 100755 index 97d6c0615..000000000 --- a/queries/aws_ssm_inventory_5.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_ssm_inventory_5 -Title: "List AWS Systems Manager Inventory Managed Instances" -Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - v.id, - i.instance_state, - i.instance_type, - c ->> 'AgentType' as agent_type, - c ->> 'IpAddress' as ip_address, - c ->> 'AgentVersion' as agent_version, - c ->> 'ComputerName' as computer_name, - c ->> 'PlatformName' as platform_name, - c ->> 'PlatformType' as platform_type, - c ->> 'ResourceType' as resource_type, - c ->> 'InstanceStatus' as instance_status, - c ->> 'PlatformVersion' as platform_version - from - aws_ssm_inventory as v, - aws_ec2_instance as i, - jsonb_array_elements(content) as c - where - v.id = i.instance_id - and - i.instance_state = 'running'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_inventory_entry_1.yaml.bak b/queries/aws_ssm_inventory_entry_1.yaml.bak deleted file mode 100755 index 4d77fcbea..000000000 --- a/queries/aws_ssm_inventory_entry_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ssm_inventory_entry_1 -Title: "List all AWS Systems Manager Inventory Entries" -Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - type_name, - capture_time, - schema_version, - entries - from - aws_ssm_inventory_entry; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_inventory_entry_2.yaml.bak b/queries/aws_ssm_inventory_entry_2.yaml.bak deleted file mode 100755 index 94fbfc9fa..000000000 --- a/queries/aws_ssm_inventory_entry_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ssm_inventory_entry_2 -Title: "List all AWS Systems Manager Inventory Entries" -Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - type_name, - capture_time, - schema_version, - entries - from - aws_ssm_inventory_entry - where - capture_time >= time() - interval '30 day'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_inventory_entry_3.yaml.bak b/queries/aws_ssm_inventory_entry_3.yaml.bak deleted file mode 100755 index 69b17e8d0..000000000 --- a/queries/aws_ssm_inventory_entry_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ssm_inventory_entry_3 -Title: "List AWS SSM Inventory Entry Details by Instance" -Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.instance_id, - e.type_name, - i.schema_version, - i.schema - from - aws_ssm_inventory_entry as e, - aws_ssm_inventory as i - where - i.id = e.instance_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_inventory_entry_4.yaml.bak b/queries/aws_ssm_inventory_entry_4.yaml.bak deleted file mode 100755 index 2cbb08155..000000000 --- a/queries/aws_ssm_inventory_entry_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ssm_inventory_entry_4 -Title: "Find AWS Systems Manager Inventory Entries" -Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.instance_id, - e.type_name, - i.resource_type, - i.association_status, - i.computer_name, - i.ip_address, - i.is_latest_version - from - aws_ssm_inventory_entry as e, - aws_ssm_managed_instance as i - where - i.instance_id = e.instance_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Systems Manager diff --git a/queries/aws_ssm_inventory_entry_5.yaml.bak b/queries/aws_ssm_inventory_entry_5.yaml.bak deleted file mode 100755 index 2ff962941..000000000 --- a/queries/aws_ssm_inventory_entry_5.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ssm_inventory_entry_5 -Title: "List all AWS Systems Manager Inventory Entries" -Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - type_name, - capture_time, - schema_version, - entries - from - aws_ssm_inventory_entry - where - instance_id = 'i-1234567890abcwd4f' - and - type_name like 'Custom%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_maintenance_window_1.yaml.bak b/queries/aws_ssm_maintenance_window_1.yaml.bak deleted file mode 100755 index ef2cb3682..000000000 --- a/queries/aws_ssm_maintenance_window_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ssm_maintenance_window_1 -Title: "List AWS Systems Manager Maintenance Windows Details" -Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - window_id, - enabled, - schedule, - tags_src, - region - from - aws_ssm_maintenance_window; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_maintenance_window_2.yaml.bak b/queries/aws_ssm_maintenance_window_2.yaml.bak deleted file mode 100755 index 76aedc486..000000000 --- a/queries/aws_ssm_maintenance_window_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ssm_maintenance_window_2 -Title: "Find AWS Systems Manager Maintenance Windows Details" -Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p ->> 'WindowTargetId' as window_target_id, - p ->> 'ResourceType' as resource_type, - p ->> 'Name' as target_name - from - aws_ssm_maintenance_window, - jsonb_array_elements(targets) as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_maintenance_window_3.yaml.bak b/queries/aws_ssm_maintenance_window_3.yaml.bak deleted file mode 100755 index b80b4a855..000000000 --- a/queries/aws_ssm_maintenance_window_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ssm_maintenance_window_3 -Title: "List All Maintenance Windows in AWS Systems Manager" -Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p ->> 'WindowTaskId' as window_task_id, - p ->> 'ServiceRoleArn' as service_role_arn, - p ->> 'Name' as task_name - from - aws_ssm_maintenance_window, - jsonb_array_elements(tasks) as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_maintenance_window_4.yaml.bak b/queries/aws_ssm_maintenance_window_4.yaml.bak deleted file mode 100755 index 1f8575a0b..000000000 --- a/queries/aws_ssm_maintenance_window_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ssm_maintenance_window_4 -Title: "List all AWS Systems Manager Maintenance Windows" -Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - window_id, - enabled - from - aws_ssm_maintenance_window - where - enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Systems Manager diff --git a/queries/aws_ssm_maintenance_window_4.yaml.bak.bak b/queries/aws_ssm_maintenance_window_4.yaml.bak.bak deleted file mode 100755 index 1f8575a0b..000000000 --- a/queries/aws_ssm_maintenance_window_4.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ssm_maintenance_window_4 -Title: "List all AWS Systems Manager Maintenance Windows" -Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - window_id, - enabled - from - aws_ssm_maintenance_window - where - enabled; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Systems Manager diff --git a/queries/aws_ssm_managed_instance_1.yaml.bak b/queries/aws_ssm_managed_instance_1.yaml.bak deleted file mode 100755 index 18ef6f441..000000000 --- a/queries/aws_ssm_managed_instance_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ssm_managed_instance_1 -Title: "List all AWS SSM Managed Instances Configuration and Status" -Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - arn, - resource_type, - association_status, - agent_version, - platform_type - from - aws_ssm_managed_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Managed Instances diff --git a/queries/aws_ssm_managed_instance_2.yaml.bak b/queries/aws_ssm_managed_instance_2.yaml.bak deleted file mode 100755 index e4a38333a..000000000 --- a/queries/aws_ssm_managed_instance_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ssm_managed_instance_2 -Title: "Find AWS SSM Managed Instances with Config and Status" -Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - arn, - resource_type, - association_status - from - aws_ssm_managed_instance - where - association_status is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Managed Instances diff --git a/queries/aws_ssm_managed_instance_2.yaml.bak.bak b/queries/aws_ssm_managed_instance_2.yaml.bak.bak deleted file mode 100755 index e4a38333a..000000000 --- a/queries/aws_ssm_managed_instance_2.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ssm_managed_instance_2 -Title: "Find AWS SSM Managed Instances with Config and Status" -Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - arn, - resource_type, - association_status - from - aws_ssm_managed_instance - where - association_status is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Managed Instances diff --git a/queries/aws_ssm_managed_instance_3.yaml.bak b/queries/aws_ssm_managed_instance_3.yaml.bak deleted file mode 100755 index d00f4e19b..000000000 --- a/queries/aws_ssm_managed_instance_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ssm_managed_instance_3 -Title: "List all AWS SSM Managed Instances with Configurations" -Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.instance_id, - i.arn, - m.instance_id is not null as ssm_managed - from - aws_ec2_instance i - left join aws_ssm_managed_instance m on m.instance_id = i.instance_id - where - m.instance_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Managed Instance diff --git a/queries/aws_ssm_managed_instance_compliance_1.yaml.bak b/queries/aws_ssm_managed_instance_compliance_1.yaml.bak deleted file mode 100755 index c26c17a47..000000000 --- a/queries/aws_ssm_managed_instance_compliance_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_ssm_managed_instance_compliance_1 -Title: "List AWS SSM Managed Instance Compliance Details" -Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - resource_id, - status, - compliance_type, - severity - from - aws_ssm_managed_instance_compliance - where - resource_id = 'i-2a3dc8b11ed9d37a'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Managed Instance Compliance diff --git a/queries/aws_ssm_managed_instance_compliance_2.yaml.bak b/queries/aws_ssm_managed_instance_compliance_2.yaml.bak deleted file mode 100755 index 1925bbc96..000000000 --- a/queries/aws_ssm_managed_instance_compliance_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ssm_managed_instance_compliance_2 -Title: "Find AWS SSM Managed Instance Compliance Details" -Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - resource_id as instance_id, - status, - compliance_type, - severity - from - aws_ssm_managed_instance_compliance - where - resource_id = 'i-2a3dc8b11ed9d37a' - and compliance_type = 'Association' - and status <> 'COMPLIANT'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM diff --git a/queries/aws_ssm_managed_instance_compliance_3.yaml.bak b/queries/aws_ssm_managed_instance_compliance_3.yaml.bak deleted file mode 100755 index 3cb697951..000000000 --- a/queries/aws_ssm_managed_instance_compliance_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_ssm_managed_instance_compliance_3 -Title: "Find AWS SSM Managed Instance Compliance Data" -Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - resource_id as instance_id, - status, - compliance_type, - severity - from - aws_ssm_managed_instance_compliance - where - resource_id = 'i-2a3dc8b11ed9d37a' - and compliance_type = 'Patch' - and status <> 'COMPLIANT'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS SSM diff --git a/queries/aws_ssm_managed_instance_compliance_4.yaml.bak b/queries/aws_ssm_managed_instance_compliance_4.yaml.bak deleted file mode 100755 index 2bb7342b0..000000000 --- a/queries/aws_ssm_managed_instance_compliance_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_ssm_managed_instance_compliance_4 -Title: "List all AWS SSM Managed Instance Compliance Details" -Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.resource_id as instance_id, - id, - status - from - aws_ssm_managed_instance i, - aws_ssm_managed_instance_compliance c - where - i.instance_id = c.resource_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM diff --git a/queries/aws_ssm_managed_instance_patch_state_1.yaml.bak b/queries/aws_ssm_managed_instance_patch_state_1.yaml.bak deleted file mode 100755 index 93755c331..000000000 --- a/queries/aws_ssm_managed_instance_patch_state_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ssm_managed_instance_patch_state_1 -Title: "Find AWS Managed Instance Patch States in SSM" -Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - baseline_id, - operation, - patch_group, - failed_count, - installed_count, - installed_other_count - from - aws_ssm_managed_instance_patch_state; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager Managed Instance diff --git a/queries/aws_ssm_managed_instance_patch_state_2.yaml.bak b/queries/aws_ssm_managed_instance_patch_state_2.yaml.bak deleted file mode 100755 index 4e7a9d7b4..000000000 --- a/queries/aws_ssm_managed_instance_patch_state_2.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_ssm_managed_instance_patch_state_2 -Title: "Find AWS Systems Manager Managed Instance Patch State Details" -Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - baseline_id, - installed_count - from - aws_ssm_managed_instance_patch_state; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Systems Manager diff --git a/queries/aws_ssm_managed_instance_patch_state_3.yaml.bak b/queries/aws_ssm_managed_instance_patch_state_3.yaml.bak deleted file mode 100755 index 1bd1f36fb..000000000 --- a/queries/aws_ssm_managed_instance_patch_state_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ssm_managed_instance_patch_state_3 -Title: "List all AWS SSM Managed Instance Patch State" -Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - baseline_id, - installed_other_count - from - aws_ssm_managed_instance_patch_state; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_managed_instance_patch_state_4.yaml.bak b/queries/aws_ssm_managed_instance_patch_state_4.yaml.bak deleted file mode 100755 index 52f75f126..000000000 --- a/queries/aws_ssm_managed_instance_patch_state_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ssm_managed_instance_patch_state_4 -Title: "Find AWS Systems Manager Managed Instance Patch State" -Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - baseline_id, - security_non_compliant_count - from - aws_ssm_managed_instance_patch_state; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_managed_instance_patch_state_5.yaml.bak b/queries/aws_ssm_managed_instance_patch_state_5.yaml.bak deleted file mode 100755 index 04a4ba10a..000000000 --- a/queries/aws_ssm_managed_instance_patch_state_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ssm_managed_instance_patch_state_5 -Title: "List AWS SSM Managed Instance Patch States" -Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - baseline_id, - operation, - operation_end_time, - operation_start_time - from - aws_ssm_managed_instance_patch_state - where - operation_end_time >= now() - interval '10' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Systems Manager diff --git a/queries/aws_ssm_managed_instance_patch_state_6.yaml.bak b/queries/aws_ssm_managed_instance_patch_state_6.yaml.bak deleted file mode 100755 index 2c4349283..000000000 --- a/queries/aws_ssm_managed_instance_patch_state_6.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ssm_managed_instance_patch_state_6 -Title: "Find AWS Systems Manager Managed Instance Patch State" -Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - baseline_id, - operation - from - aws_ssm_managed_instance_patch_state - where - operation = 'Scan'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager diff --git a/queries/aws_ssm_parameter_1.yaml.bak b/queries/aws_ssm_parameter_1.yaml.bak deleted file mode 100755 index f8dae9f94..000000000 --- a/queries/aws_ssm_parameter_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_ssm_parameter_1 -Title: "Find AWS Systems Manager Parameters and Metadata" -Description: "Allows users to query AWS Systems Manager Parameter Store to retrieve information about parameters, their types, values, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - type, - data_type, - tier, - region - from - aws_ssm_parameter; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager Parameter Store diff --git a/queries/aws_ssm_parameter_2.yaml.bak b/queries/aws_ssm_parameter_2.yaml.bak deleted file mode 100755 index 8f48623c4..000000000 --- a/queries/aws_ssm_parameter_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ssm_parameter_2 -Title: "List AWS SSM Parameters with Details" -Description: "Allows users to query AWS Systems Manager Parameter Store to retrieve information about parameters, their types, values, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - tier, - p ->> 'PolicyType' as policy_type, - p ->> 'PolicyStatus' as Policy_status, - p ->> 'PolicyText' as policy_text - from - aws_ssm_parameter, - jsonb_array_elements(policies) as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Systems Manager Parameter Store diff --git a/queries/aws_ssm_parameter_3.yaml.bak b/queries/aws_ssm_parameter_3.yaml.bak deleted file mode 100755 index de84a5d8a..000000000 --- a/queries/aws_ssm_parameter_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ssm_parameter_3 -Title: "List all AWS SSM Parameters missing owner or app_id" -Description: "Allows users to query AWS Systems Manager Parameter Store to retrieve information about parameters, their types, values, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name - from - aws_ssm_parameter - where - tags -> 'owner' is null - or tags -> 'app_id' is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Systems Manager Parameter Store diff --git a/queries/aws_ssm_patch_baseline_1.yaml.bak b/queries/aws_ssm_patch_baseline_1.yaml.bak deleted file mode 100755 index 0d0891041..000000000 --- a/queries/aws_ssm_patch_baseline_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ssm_patch_baseline_1 -Title: "List all AWS SSM Patch Baselines with Details" -Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - baseline_id, - name, - description, - operating_system, - created_date, - region - from - aws_ssm_patch_baseline; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Patch diff --git a/queries/aws_ssm_patch_baseline_2.yaml.bak b/queries/aws_ssm_patch_baseline_2.yaml.bak deleted file mode 100755 index 97d5953e0..000000000 --- a/queries/aws_ssm_patch_baseline_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ssm_patch_baseline_2 -Title: "Find AWS SSM Patch Baseline details including creation dates" -Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - baseline_id, - name, - description, - created_date, - region - from - aws_ssm_patch_baseline - where - operating_system = 'UBUNTU'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Patch Baseline diff --git a/queries/aws_ssm_patch_baseline_3.yaml.bak b/queries/aws_ssm_patch_baseline_3.yaml.bak deleted file mode 100755 index 3f21463fc..000000000 --- a/queries/aws_ssm_patch_baseline_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ssm_patch_baseline_3 -Title: "List all AWS SSM Patch Baseline Details" -Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - baseline_id, - name, - description, - operating_system, - created_date, - rejected_patches, - region - from - aws_ssm_patch_baseline - where - rejected_patches != '[]'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Patch Baseline diff --git a/queries/aws_ssm_patch_baseline_4.yaml.bak b/queries/aws_ssm_patch_baseline_4.yaml.bak deleted file mode 100755 index 091c40157..000000000 --- a/queries/aws_ssm_patch_baseline_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ssm_patch_baseline_4 -Title: "Find all AWS SSM Patch Baselines and Approval Rules" -Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - baseline_id, - p ->> 'ApproveAfterDays' as approve_after_days, - p ->> 'ApproveUntilDate' as approve_until_date, - p ->> 'ComplianceLevel' as compliance_level, - p -> 'PatchFilterGroup' ->> 'PatchFilters' as patch_filters - from - aws_ssm_patch_baseline, - jsonb_array_elements(approval_rules -> 'PatchRules') as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Patch Baseline diff --git a/queries/aws_ssmincidents_response_plan_1.yaml.bak b/queries/aws_ssmincidents_response_plan_1.yaml.bak deleted file mode 100755 index 3d034819b..000000000 --- a/queries/aws_ssmincidents_response_plan_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ssmincidents_response_plan_1 -Title: "List AWS SSM Incidents Response Plan Data" -Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - display_name, - chat_channel, - incident_template, - integrations, - title - from - aws_ssmincidents_response_plan; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Incidents diff --git a/queries/aws_ssmincidents_response_plan_2.yaml.bak b/queries/aws_ssmincidents_response_plan_2.yaml.bak deleted file mode 100755 index 2272e7baf..000000000 --- a/queries/aws_ssmincidents_response_plan_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_ssmincidents_response_plan_2 -Title: "List all AWS SSM Incident Response Plan Data" -Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - display_name, - chat_channel, - incident_template, - integrations, - title - from - aws_ssmincidents_response_plan - where - chat_channel is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Incidents diff --git a/queries/aws_ssmincidents_response_plan_3.yaml.bak b/queries/aws_ssmincidents_response_plan_3.yaml.bak deleted file mode 100755 index 30fbb463d..000000000 --- a/queries/aws_ssmincidents_response_plan_3.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_ssmincidents_response_plan_3 -Title: "Find all Information on AWS SSM Incidents Response Plans" -Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - display_name, - incident_template -> 'Impact' as incident_template_impact, - incident_template -> 'Title' as incident_template_title, - incident_template -> 'DedupeString', - incident_template -> 'IncidentTags' as incident_template_tags, - incident_template -> 'NotificationTargets' as incident_notification_targets, - incident_template -> 'Summary' as incident_template_summary, - title - from - aws_ssmincidents_response_plan - where - incident_template is not null - and arn = 'arn:aws:ssm-incidents::111111111111:response-plan/response-plan-test'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Incidents diff --git a/queries/aws_ssmincidents_response_plan_4.yaml.bak b/queries/aws_ssmincidents_response_plan_4.yaml.bak deleted file mode 100755 index 196693f74..000000000 --- a/queries/aws_ssmincidents_response_plan_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_ssmincidents_response_plan_4 -Title: "Find AWS SSM Incident Response Plans with Integrations" -Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - display_name, - jsonb_pretty(integrations), - title - from - aws_ssmincidents_response_plan - where - integrations is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Incidents diff --git a/queries/aws_ssmincidents_response_plan_5.yaml.bak b/queries/aws_ssmincidents_response_plan_5.yaml.bak deleted file mode 100755 index 6de9377a3..000000000 --- a/queries/aws_ssmincidents_response_plan_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ssmincidents_response_plan_5 -Title: "Find AWS SSM Incidents Response Plan Information" -Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - display_name, - jsonb_pretty(engagements), - title - from - aws_ssmincidents_response_plan - where - engagements is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - SSM Incidents diff --git a/queries/aws_ssoadmin_account_assignment_1.yaml.bak b/queries/aws_ssoadmin_account_assignment_1.yaml.bak deleted file mode 100755 index a4f5fd37e..000000000 --- a/queries/aws_ssoadmin_account_assignment_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ssoadmin_account_assignment_1 -Title: "Find AWS SSO Admin Account Assignments" -Description: "Allows users to query AWS SSO Admin Account Assignments. This table provides information about each AWS SSO admin account assignment within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - permission_set_arn, - target_account_id, - principal_type, - principal_id - from - aws_ssoadmin_account_assignment - where - permission_set_arn = 'arn:aws:sso:::permissionSet/ssoins-0123456789abcdef/ps-0123456789abcdef' - and target_account_id = '012347678910'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS SSO Admin diff --git a/queries/aws_ssoadmin_account_assignment_2.yaml.bak b/queries/aws_ssoadmin_account_assignment_2.yaml.bak deleted file mode 100755 index 67ea5dac1..000000000 --- a/queries/aws_ssoadmin_account_assignment_2.yaml.bak +++ /dev/null @@ -1,55 +0,0 @@ -ID: aws_ssoadmin_account_assignment_2 -Title: "Find All AWS SSO Admin Account Assignments with SQL" -Description: "Allows users to query AWS SSO Admin Account Assignments. This table provides information about each AWS SSO admin account assignment within an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with aws_ssoadmin_principal as - ( - select - i.arn as instance_arn, - 'GROUP' as "type", - g.id, - g.title - from - aws_ssoadmin_instance i - left join - aws_identitystore_group g - on i.identity_store_id = g.identity_store_id - union - select - i.arn as instance_arn, - 'USER' as "type", - u.id, - u.title - from - aws_ssoadmin_instance i - left join - aws_identitystore_user u - on i.identity_store_id = u.identity_store_id - ) - select - a.target_account_id, - a.principal_type, - p.title as principal_title - from - aws_ssoadmin_account_assignment a - left join - aws_ssoadmin_principal p - on a.principal_type = p.type - and a.principal_id = p.id - and a.instance_arn = p.instance_arn - where - a.target_account_id = '012345678901' and a.permission_set_arn = 'arn:aws:sso:::permissionSet/ssoins-0123456789abcdef/ps-0123456789abcdef'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - SSO Admin diff --git a/queries/aws_ssoadmin_instance_1.yaml.bak b/queries/aws_ssoadmin_instance_1.yaml.bak deleted file mode 100755 index 108f25b92..000000000 --- a/queries/aws_ssoadmin_instance_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_ssoadmin_instance_1 -Title: "Find All AWS SSO Admin Instances and Identity Stores" -Description: "Allows users to query AWS SSO Admin Instance, providing information about each AWS SSO instance in your AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - identity_store_id - from - aws_ssoadmin_instance - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS SSO Admin diff --git a/queries/aws_ssoadmin_managed_policy_attachment_1.yaml.bak b/queries/aws_ssoadmin_managed_policy_attachment_1.yaml.bak deleted file mode 100755 index 04f1f984f..000000000 --- a/queries/aws_ssoadmin_managed_policy_attachment_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_ssoadmin_managed_policy_attachment_1 -Title: "List All AWS SSO Managed Policy Attachments" -Description: "Allows users to query AWS SSO Managed Policy Attachments, providing information about the managed policy attachments of AWS SSO permission sets." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - mpa.managed_policy_arn, - mpa.name - from - aws_ssoadmin_managed_policy_attachment as mpa - join - aws_ssoadmin_permission_set as ps on mpa.permission_set_arn = ps.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS SSO diff --git a/queries/aws_ssoadmin_permission_set_1.yaml.bak b/queries/aws_ssoadmin_permission_set_1.yaml.bak deleted file mode 100755 index 74508889d..000000000 --- a/queries/aws_ssoadmin_permission_set_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_ssoadmin_permission_set_1 -Title: "List all AWS SSO Permission Sets and their Details" -Description: "Allows users to query AWS SSO Admin Permission Set to retrieve data related to the permissions sets of AWS Single Sign-On (SSO) service." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - created_date, - description, - relay_state, - session_duration, - tags - from - aws_ssoadmin_permission_set; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - SSO Admin diff --git a/queries/aws_sts_caller_identity_1.yaml.bak b/queries/aws_sts_caller_identity_1.yaml.bak deleted file mode 100755 index 94903673c..000000000 --- a/queries/aws_sts_caller_identity_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_sts_caller_identity_1 -Title: "Find IAM User or Role Details in AWS STS Caller Identity" -Description: "Allows users to query AWS Security Token Service Caller Identity to retrieve details about the IAM user or role whose credentials are used to call the operation." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - user_id, - title, - account_id, - akas - from - aws_sts_caller_identity; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Token Service diff --git a/queries/aws_sts_caller_identity_2.yaml.bak b/queries/aws_sts_caller_identity_2.yaml.bak deleted file mode 100755 index 4fb53a1d3..000000000 --- a/queries/aws_sts_caller_identity_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_sts_caller_identity_2 -Title: "Find AWS STS Caller Identity Details Using SQL" -Description: "Allows users to query AWS Security Token Service Caller Identity to retrieve details about the IAM user or role whose credentials are used to call the operation." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - caller_identity.arn, - caller_identity.user_id, - caller_identity.title, - caller_identity.account_id, - u.name, - u.create_date, - u.password_last_used - from - aws_sts_caller_identity as caller_identity, - aws_iam_user as u - where - caller_identity.user_id = u.user_id - and caller_identity.arn like '%assumed%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Security Token Service diff --git a/queries/aws_sts_caller_identity_3.yaml.bak b/queries/aws_sts_caller_identity_3.yaml.bak deleted file mode 100755 index df9ed2d0d..000000000 --- a/queries/aws_sts_caller_identity_3.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_sts_caller_identity_3 -Title: "Find AWS Security Token Service Caller Identity Details" -Description: "Allows users to query AWS Security Token Service Caller Identity to retrieve details about the IAM user or role whose credentials are used to call the operation." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - caller_identity.arn, - caller_identity.user_id, - caller_identity.title, - caller_identity.account_id, - u.name, - u.create_date, - u.password_last_used - from - aws_sts_caller_identity as caller_identity, - aws_iam_user as u - where - caller_identity.user_id = u.user_id - and caller_identity.arn like '%federated%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Security Token Service diff --git a/queries/aws_tagging_resource_1.yaml.bak b/queries/aws_tagging_resource_1.yaml.bak deleted file mode 100755 index 033713381..000000000 --- a/queries/aws_tagging_resource_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_tagging_resource_1 -Title: "List AWS Resource Tagging API Details with SQL" -Description: "Allows users to query AWS Resource Tagging API to get details about resources and their associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - compliance_status, - tags, - region - from - aws_tagging_resource; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Resource Tagging API diff --git a/queries/aws_tagging_resource_1.yaml.bak.bak b/queries/aws_tagging_resource_1.yaml.bak.bak deleted file mode 100755 index 033713381..000000000 --- a/queries/aws_tagging_resource_1.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_tagging_resource_1 -Title: "List AWS Resource Tagging API Details with SQL" -Description: "Allows users to query AWS Resource Tagging API to get details about resources and their associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - compliance_status, - tags, - region - from - aws_tagging_resource; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Resource Tagging API diff --git a/queries/aws_tagging_resource_2.yaml.bak b/queries/aws_tagging_resource_2.yaml.bak deleted file mode 100755 index 76f340e85..000000000 --- a/queries/aws_tagging_resource_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_tagging_resource_2 -Title: "List all AWS Resource Tagging API details with SQL" -Description: "Allows users to query AWS Resource Tagging API to get details about resources and their associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - tags, - compliance_status - from - aws_tagging_resource - where - compliance_status; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Resource Tagging API diff --git a/queries/aws_timestreamwrite_database_1.yaml.bak b/queries/aws_timestreamwrite_database_1.yaml.bak deleted file mode 100755 index e5de61183..000000000 --- a/queries/aws_timestreamwrite_database_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_timestreamwrite_database_1 -Title: "List all AWS Timestream database configurations and statuses" -Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database_name, - arn, - creation_time, - region, - kms_key_id - from - aws_timestreamwrite_database; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Timestream diff --git a/queries/aws_timestreamwrite_database_2.yaml.bak b/queries/aws_timestreamwrite_database_2.yaml.bak deleted file mode 100755 index f5e338ae7..000000000 --- a/queries/aws_timestreamwrite_database_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_timestreamwrite_database_2 -Title: "Find all AWS Timestream Databases with Configurations" -Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database_name, - arn, - kms_key_id - from - aws_timestreamwrite_database - where - kms_key_id = 'your-kms-key-id'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Timestream diff --git a/queries/aws_timestreamwrite_database_3.yaml.bak b/queries/aws_timestreamwrite_database_3.yaml.bak deleted file mode 100755 index 33610cece..000000000 --- a/queries/aws_timestreamwrite_database_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_timestreamwrite_database_3 -Title: "List all AWS Timestream Database Configurations, Statuses" -Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database_name, - arn, - creation_time - from - aws_timestreamwrite_database - order by - creation_time desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Timestream diff --git a/queries/aws_timestreamwrite_database_3.yaml.bak.bak b/queries/aws_timestreamwrite_database_3.yaml.bak.bak deleted file mode 100755 index 33610cece..000000000 --- a/queries/aws_timestreamwrite_database_3.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_timestreamwrite_database_3 -Title: "List all AWS Timestream Database Configurations, Statuses" -Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database_name, - arn, - creation_time - from - aws_timestreamwrite_database - order by - creation_time desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Timestream diff --git a/queries/aws_timestreamwrite_database_4.yaml.bak b/queries/aws_timestreamwrite_database_4.yaml.bak deleted file mode 100755 index 1988f4eb9..000000000 --- a/queries/aws_timestreamwrite_database_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_timestreamwrite_database_4 -Title: "List all AWS Timestream Databases and Table Counts" -Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database_name, - arn, - table_count - from - aws_timestreamwrite_database - order by - table_count desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Timestream diff --git a/queries/aws_timestreamwrite_database_5.yaml.bak b/queries/aws_timestreamwrite_database_5.yaml.bak deleted file mode 100755 index 1e47921f3..000000000 --- a/queries/aws_timestreamwrite_database_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_timestreamwrite_database_5 -Title: "List all AWS Timestream Databases with Details" -Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database_name, - arn, - last_updated_time, - region - from - aws_timestreamwrite_database; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Timestream diff --git a/queries/aws_timestreamwrite_table_1.yaml.bak b/queries/aws_timestreamwrite_table_1.yaml.bak deleted file mode 100755 index de2a48cb5..000000000 --- a/queries/aws_timestreamwrite_table_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_timestreamwrite_table_1 -Title: "List all AWS Timestream Tables with Configurations and Statuses" -Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - table_name, - arn, - table_status, - creation_time, - last_updated_time, - region - from - aws_timestreamwrite_table; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Timestream diff --git a/queries/aws_timestreamwrite_table_2.yaml.bak b/queries/aws_timestreamwrite_table_2.yaml.bak deleted file mode 100755 index ca096ea17..000000000 --- a/queries/aws_timestreamwrite_table_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_timestreamwrite_table_2 -Title: "List AWS Timestream Table Configurations and Statuses" -Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - table_name, - arn, - table_status - from - aws_timestreamwrite_table - where - table_status = 'ACTIVE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Timestream diff --git a/queries/aws_timestreamwrite_table_3.yaml.bak b/queries/aws_timestreamwrite_table_3.yaml.bak deleted file mode 100755 index fe6577032..000000000 --- a/queries/aws_timestreamwrite_table_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_timestreamwrite_table_3 -Title: "Find AWS Timestream Table Configurations and Statuses" -Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - table_name, - arn, - retention_properties - from - aws_timestreamwrite_table - where - retention_properties ->> 'MemoryStoreRetentionPeriodInHours' = '24' - and retention_properties ->> 'MagneticStoreRetentionPeriodInDays' = '7'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Timestream diff --git a/queries/aws_timestreamwrite_table_4.yaml.bak b/queries/aws_timestreamwrite_table_4.yaml.bak deleted file mode 100755 index 53f694b0e..000000000 --- a/queries/aws_timestreamwrite_table_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_timestreamwrite_table_4 -Title: "List AWS Timestream Tables with Specific Write Properties" -Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - table_name, - arn, - magnetic_store_write_properties - from - aws_timestreamwrite_table - where - magnetic_store_write_properties ->> 'EnableMagneticStoreWrites' = 'true'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Timestream diff --git a/queries/aws_timestreamwrite_table_5.yaml.bak b/queries/aws_timestreamwrite_table_5.yaml.bak deleted file mode 100755 index f1f5245a0..000000000 --- a/queries/aws_timestreamwrite_table_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_timestreamwrite_table_5 -Title: "List all AWS Timestream Tables and Configurations" -Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - table_name, - arn, - creation_time - from - aws_timestreamwrite_table - order by - creation_time desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Timestream diff --git a/queries/aws_timestreamwrite_table_5.yaml.bak.bak b/queries/aws_timestreamwrite_table_5.yaml.bak.bak deleted file mode 100755 index f1f5245a0..000000000 --- a/queries/aws_timestreamwrite_table_5.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_timestreamwrite_table_5 -Title: "List all AWS Timestream Tables and Configurations" -Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - table_name, - arn, - creation_time - from - aws_timestreamwrite_table - order by - creation_time desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Timestream diff --git a/queries/aws_timestreamwrite_table_6.yaml.bak b/queries/aws_timestreamwrite_table_6.yaml.bak deleted file mode 100755 index d1a50640e..000000000 --- a/queries/aws_timestreamwrite_table_6.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_timestreamwrite_table_6 -Title: "List All AWS Timestream Table Configurations and Statuses" -Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - table_name, - arn, - schema - from - aws_timestreamwrite_table; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Timestream diff --git a/queries/aws_transfer_server_1.yaml.bak b/queries/aws_transfer_server_1.yaml.bak deleted file mode 100755 index 236cd9b8a..000000000 --- a/queries/aws_transfer_server_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_transfer_server_1 -Title: "Find all AWS SFTP Servers and their Details" -Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - server_id, - domain, - identity_provider_type, - endpoint_type - from - aws_transfer_server; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Transfer diff --git a/queries/aws_transfer_server_2.yaml.bak b/queries/aws_transfer_server_2.yaml.bak deleted file mode 100755 index e825520d2..000000000 --- a/queries/aws_transfer_server_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_transfer_server_2 -Title: "List all Offline SFTP Servers in AWS Transfer" -Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - server_id, - domain, - identity_provider_type, - endpoint_type, - state - from - aws_transfer_server - where - state = 'OFFLINE'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Transfer diff --git a/queries/aws_transfer_server_3.yaml.bak b/queries/aws_transfer_server_3.yaml.bak deleted file mode 100755 index 751eab3a3..000000000 --- a/queries/aws_transfer_server_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_transfer_server_3 -Title: "Find all SFTP Servers and User Count in AWS Transfer" -Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - server_id, - user_count - from - aws_transfer_server - order by - user_count desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Transfer diff --git a/queries/aws_transfer_server_4.yaml.bak b/queries/aws_transfer_server_4.yaml.bak deleted file mode 100755 index 1812b5183..000000000 --- a/queries/aws_transfer_server_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_transfer_server_4 -Title: "List all AWS SFTP Servers and Details" -Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - server_id, - domain, - identity_provider_type, - endpoint_type, - workflow_details ->> 'OnUpload' as on_upload_workflow - from - aws_transfer_server; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Transfer diff --git a/queries/aws_transfer_server_4.yaml.bak.bak b/queries/aws_transfer_server_4.yaml.bak.bak deleted file mode 100755 index 1812b5183..000000000 --- a/queries/aws_transfer_server_4.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_transfer_server_4 -Title: "List all AWS SFTP Servers and Details" -Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - server_id, - domain, - identity_provider_type, - endpoint_type, - workflow_details ->> 'OnUpload' as on_upload_workflow - from - aws_transfer_server; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Transfer diff --git a/queries/aws_transfer_server_5.yaml.bak b/queries/aws_transfer_server_5.yaml.bak deleted file mode 100755 index 0609aa863..000000000 --- a/queries/aws_transfer_server_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_transfer_server_5 -Title: "Find all AWS Transfer SFTP Servers and Details" -Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - server_id, - domain, - identity_provider_type, - endpoint_type, - structured_log_destinations - from - aws_transfer_server; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Transfer for SFTP diff --git a/queries/aws_transfer_server_6.yaml.bak b/queries/aws_transfer_server_6.yaml.bak deleted file mode 100755 index bf961a6dd..000000000 --- a/queries/aws_transfer_server_6.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_transfer_server_6 -Title: "Find all SFTP Servers in AWS Transfer" -Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.server_id, - c.certificate_arn, - c.status as certificate_status, - c.key_algorithm - from - aws_transfer_server as s, - aws_acm_certificate as c - where - s.certificate = c.certificate_arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Transfer for SFTP diff --git a/queries/aws_transfer_user_1.yaml.bak b/queries/aws_transfer_user_1.yaml.bak deleted file mode 100755 index e5a42f258..000000000 --- a/queries/aws_transfer_user_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_transfer_user_1 -Title: "List all Users in AWS Transfer Server" -Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - server_id, - user_name - from - aws_transfer_user; - where - server_id = "s-xxxxxxxxxxxxxxxxx"; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Transfer diff --git a/queries/aws_transfer_user_2.yaml.bak b/queries/aws_transfer_user_2.yaml.bak deleted file mode 100755 index 61225016f..000000000 --- a/queries/aws_transfer_user_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_transfer_user_2 -Title: "List all AWS Transfer users in a server" -Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - server_id, - user_name, - ssh_public_key_count - from - aws_transfer_user; - where - server_id = "s-xxxxxxxxxxxxxxxxx" - order by - ssh_public_key_count desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Transfer diff --git a/queries/aws_transfer_user_3.yaml.bak b/queries/aws_transfer_user_3.yaml.bak deleted file mode 100755 index 8943aa790..000000000 --- a/queries/aws_transfer_user_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_transfer_user_3 -Title: "Find all AWS Transfer users within a server using SQL" -Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - server_id, - user_name, - arn - from - aws_transfer_user - where - server_id in (select server_id from aws_transfer_server) - and - user_name = 'my_user_to_search'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Transfer diff --git a/queries/aws_transfer_user_4.yaml.bak b/queries/aws_transfer_user_4.yaml.bak deleted file mode 100755 index b84c8dec6..000000000 --- a/queries/aws_transfer_user_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_transfer_user_4 -Title: "List all AWS Transfer users in a server" -Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - count(*) as total_users, - server_id - from - aws_transfer_user - group by - server_id - order by - total_users desc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Transfer diff --git a/queries/aws_trusted_advisor_check_summary_1.yaml.bak b/queries/aws_trusted_advisor_check_summary_1.yaml.bak deleted file mode 100755 index f7b4ca454..000000000 --- a/queries/aws_trusted_advisor_check_summary_1.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_trusted_advisor_check_summary_1 -Title: "List Trusted Advisor Check Summaries in AWS" -Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - check_id, - category, - description, - status, - timestamp, - resources_flagged - from - aws_trusted_advisor_check_summary - where - language = 'en'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_data_security: - - "true" - cloud_finops: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Trusted Advisor diff --git a/queries/aws_trusted_advisor_check_summary_2.yaml.bak b/queries/aws_trusted_advisor_check_summary_2.yaml.bak deleted file mode 100755 index 9768886d8..000000000 --- a/queries/aws_trusted_advisor_check_summary_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_trusted_advisor_check_summary_2 -Title: "List Trusted Advisor Check Summaries with Errors in AWS" -Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - check_id, - category, - status - from - aws_trusted_advisor_check_summary - where - language = 'en' - and - status = 'error'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Trusted Advisor diff --git a/queries/aws_trusted_advisor_check_summary_3.yaml.bak b/queries/aws_trusted_advisor_check_summary_3.yaml.bak deleted file mode 100755 index d1213543a..000000000 --- a/queries/aws_trusted_advisor_check_summary_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_trusted_advisor_check_summary_3 -Title: "List Trusted Advisor Check Summaries for AWS" -Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - check_id, - description, - status, - timestamp - from - aws_trusted_advisor_check_summary - where - language = 'en' - and - timestamp >= now() - interval '5 day'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Trusted Advisor diff --git a/queries/aws_trusted_advisor_check_summary_4.yaml.bak b/queries/aws_trusted_advisor_check_summary_4.yaml.bak deleted file mode 100755 index 3ac9de4c5..000000000 --- a/queries/aws_trusted_advisor_check_summary_4.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_trusted_advisor_check_summary_4 -Title: "List all AWS Trusted Advisor Check Summaries" -Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - check_id, - resources_flagged, - resources_ignored, - resources_processed, - resources_suppressed - from - aws_trusted_advisor_check_summary - where - language = 'en'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_finops: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Trusted Advisor diff --git a/queries/aws_vpc_1.yaml.bak b/queries/aws_vpc_1.yaml.bak deleted file mode 100755 index 8495368bf..000000000 --- a/queries/aws_vpc_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_1 -Title: "List all AWS VPCs and their configurations" -Description: "Allows users to query VPCs within AWS. It provides information about each VPC''s configuration, including its ID, state, CIDR block, and whether it is the default VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - is_default, - cidr_block, - state, - account_id, - region - from - aws_vpc - where - is_default; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_2.yaml.bak b/queries/aws_vpc_2.yaml.bak deleted file mode 100755 index de39e64fc..000000000 --- a/queries/aws_vpc_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_vpc_2 -Title: "List all AWS VPCs and their configurations" -Description: "Allows users to query VPCs within AWS. It provides information about each VPC''s configuration, including its ID, state, CIDR block, and whether it is the default VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - cidr_block, - host(cidr_block), - broadcast(cidr_block), - netmask(cidr_block), - network(cidr_block) - from - aws_vpc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_3.yaml.bak b/queries/aws_vpc_3.yaml.bak deleted file mode 100755 index 0711262b5..000000000 --- a/queries/aws_vpc_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_vpc_3 -Title: "Find all AWS VPCs and Their Configurations" -Description: "Allows users to query VPCs within AWS. It provides information about each VPC''s configuration, including its ID, state, CIDR block, and whether it is the default VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - cidr_block, - state, - region - from - aws_vpc - where - not cidr_block <<= '10.0.0.0/8' - and not cidr_block <<= '192.168.0.0/16' - and not cidr_block <<= '172.16.0.0/12'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_customer_gateway_1.yaml.bak b/queries/aws_vpc_customer_gateway_1.yaml.bak deleted file mode 100755 index d7f602c94..000000000 --- a/queries/aws_vpc_customer_gateway_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_vpc_customer_gateway_1 -Title: "Find all Customer Gateways in AWS VPC" -Description: "Allows users to query AWS VPC Customer Gateway, providing detailed information about each Customer Gateway in a Virtual Private Cloud (VPC)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - customer_gateway_id, - type, - state, - bgp_asn, - certificate_arn, - device_name, - ip_address - from - aws_vpc_customer_gateway; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_customer_gateway_2.yaml.bak b/queries/aws_vpc_customer_gateway_2.yaml.bak deleted file mode 100755 index 2a3a5243f..000000000 --- a/queries/aws_vpc_customer_gateway_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_vpc_customer_gateway_2 -Title: "List all AWS VPC Customer Gateway details in VPC" -Description: "Allows users to query AWS VPC Customer Gateway, providing detailed information about each Customer Gateway in a Virtual Private Cloud (VPC)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - type, - count(customer_gateway_id) as customer_gateway_id_count - from - aws_vpc_customer_gateway - group by - type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Virtual Private Cloud diff --git a/queries/aws_vpc_dhcp_options_1.yaml.bak b/queries/aws_vpc_dhcp_options_1.yaml.bak deleted file mode 100755 index 057d66595..000000000 --- a/queries/aws_vpc_dhcp_options_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_dhcp_options_1 -Title: "List all DHCP Options associated with AWS VPC" -Description: "Allows users to query DHCP Options associated with Virtual Private Cloud (VPC) in AWS." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - dhcp_options_id, - domain_name, - domain_name_servers, - netbios_name_servers, - netbios_node_type, - ntp_servers - from - aws_vpc_dhcp_options; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Virtual Private Cloud diff --git a/queries/aws_vpc_dhcp_options_2.yaml.bak b/queries/aws_vpc_dhcp_options_2.yaml.bak deleted file mode 100755 index e26b71e86..000000000 --- a/queries/aws_vpc_dhcp_options_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_vpc_dhcp_options_2 -Title: "List AWS VPC DHCP Options with Domain Name Servers" -Description: "Allows users to query DHCP Options associated with Virtual Private Cloud (VPC) in AWS." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - dhcp_options_id, - domain_name, - domain_name_servers - from - aws_vpc_dhcp_options - where - domain_name_servers ? 'AmazonProvidedDNS'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_dhcp_options_3.yaml.bak b/queries/aws_vpc_dhcp_options_3.yaml.bak deleted file mode 100755 index 746c02990..000000000 --- a/queries/aws_vpc_dhcp_options_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_vpc_dhcp_options_3 -Title: "Find AWS VPC DHCP Options with Specific NetBIOS Types" -Description: "Allows users to query DHCP Options associated with Virtual Private Cloud (VPC) in AWS." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - dhcp_options_id, - netbios_node_type - from - aws_vpc_dhcp_options - cross join jsonb_array_elements_text(netbios_node_type) as i - where - not i.value :: int in (2); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC DHCP Options diff --git a/queries/aws_vpc_egress_only_internet_gateway_1.yaml.bak b/queries/aws_vpc_egress_only_internet_gateway_1.yaml.bak deleted file mode 100755 index f7220fb7a..000000000 --- a/queries/aws_vpc_egress_only_internet_gateway_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_egress_only_internet_gateway_1 -Title: "Find all AWS VPC Egress Only Internet Gateways" -Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - att ->> 'State' as state, - att ->> 'VpcId' as vpc_id, - tags, - region - from - aws_vpc_egress_only_internet_gateway - cross join jsonb_array_elements(attachments) as att; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak b/queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak deleted file mode 100755 index 0936b3fc2..000000000 --- a/queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_egress_only_internet_gateway_2 -Title: "Find AWS VPC Egress Only Internet Gateways" -Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - attachments - from - aws_vpc_egress_only_internet_gateway - where - attachments is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak.bak b/queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak.bak deleted file mode 100755 index 0936b3fc2..000000000 --- a/queries/aws_vpc_egress_only_internet_gateway_2.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_egress_only_internet_gateway_2 -Title: "Find AWS VPC Egress Only Internet Gateways" -Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - attachments - from - aws_vpc_egress_only_internet_gateway - where - attachments is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_egress_only_internet_gateway_3.yaml.bak b/queries/aws_vpc_egress_only_internet_gateway_3.yaml.bak deleted file mode 100755 index 53a40f662..000000000 --- a/queries/aws_vpc_egress_only_internet_gateway_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_egress_only_internet_gateway_3 -Title: "Find AWS VPC Egress Only Internet Gateways" -Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vig.id, - vpc.is_default - from - aws_vpc_egress_only_internet_gateway as vig - cross join jsonb_array_elements(attachments) as i - join aws_vpc vpc on i ->> 'VpcId' = vpc.vpc_id - where - vpc.is_default = true; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_eip_1.yaml.bak b/queries/aws_vpc_eip_1.yaml.bak deleted file mode 100755 index de42ac6a8..000000000 --- a/queries/aws_vpc_eip_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_eip_1 -Title: "Find all AWS VPC Elastic IP Addresses" -Description: "Allows users to query AWS VPC Elastic IP Addresses" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - public_ip, - domain association_id - from - aws_vpc_eip - where - association_id is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon VPC diff --git a/queries/aws_vpc_eip_2.yaml.bak b/queries/aws_vpc_eip_2.yaml.bak deleted file mode 100755 index 6536bae67..000000000 --- a/queries/aws_vpc_eip_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_eip_2 -Title: "Find AWS VPC Elastic IP Addresses" -Description: "Allows users to query AWS VPC Elastic IP Addresses" -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - public_ipv4_pool, - count(public_ip) as elastic_ips - from - aws_vpc_eip - group by - public_ipv4_pool; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_eip_address_transfer_1.yaml.bak b/queries/aws_vpc_eip_address_transfer_1.yaml.bak deleted file mode 100755 index d495f3b95..000000000 --- a/queries/aws_vpc_eip_address_transfer_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_vpc_eip_address_transfer_1 -Title: "List all AWS VPC Elastic IP Address Transfers" -Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - allocation_id, - address_transfer_status, - public_ip, - transfer_account_id, - transfer_offer_accepted_timestamp - from - aws_vpc_eip_address_transfer; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_eip_address_transfer_2.yaml.bak b/queries/aws_vpc_eip_address_transfer_2.yaml.bak deleted file mode 100755 index 51e9c028d..000000000 --- a/queries/aws_vpc_eip_address_transfer_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_vpc_eip_address_transfer_2 -Title: "List all Elastic IP Address Transfers in AWS VPC" -Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - allocation_id, - address_transfer_status, - public_ip, - transfer_account_id, - transfer_offer_accepted_timestamp - from - aws_vpc_eip_address_transfer - where - transfer_offer_accepted_timestamp >= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_eip_address_transfer_3.yaml.bak b/queries/aws_vpc_eip_address_transfer_3.yaml.bak deleted file mode 100755 index 382ae1599..000000000 --- a/queries/aws_vpc_eip_address_transfer_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_vpc_eip_address_transfer_3 -Title: "Find AWS Elastic IP Address Transfers in VPC using SQL" -Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - allocation_id, - address_transfer_status, - public_ip, - transfer_account_id, - transfer_offer_expiration_timestamp - from - aws_vpc_eip_address_transfer - where - transfer_offer_expiration_timestamp >= now() - interval '10' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_eip_address_transfer_4.yaml.bak b/queries/aws_vpc_eip_address_transfer_4.yaml.bak deleted file mode 100755 index c745cbc80..000000000 --- a/queries/aws_vpc_eip_address_transfer_4.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: aws_vpc_eip_address_transfer_4 -Title: "Find AWS VPC Elastic IP Address Transfers" -Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - t.allocation_id, - t.address_transfer_status, - t.transfer_account_id, - i.vpc_id, - v.cidr_block, - v.state, - v.is_default - from - aws_vpc_eip eip, - aws_ec2_instance i, - aws_vpc_eip_address_transfer t, - aws_vpc v - where - eip.instance_id = i.instance_id - and t.allocation_id = eip.allocation_id - and v.vpc_id = i.vpc_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_endpoint_1.yaml.bak b/queries/aws_vpc_endpoint_1.yaml.bak deleted file mode 100755 index 45e102aa1..000000000 --- a/queries/aws_vpc_endpoint_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_vpc_endpoint_1 -Title: "List AWS VPC Endpoints with Configuration and Status" -Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_endpoint_id, - vpc_id, - service_name - from - aws_vpc_endpoint; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Endpoint diff --git a/queries/aws_vpc_endpoint_2.yaml.bak b/queries/aws_vpc_endpoint_2.yaml.bak deleted file mode 100755 index 2dfd3ed71..000000000 --- a/queries/aws_vpc_endpoint_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_vpc_endpoint_2 -Title: "List all AWS VPC Endpoints and retrieve configuration details" -Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_endpoint_id, - jsonb_array_length(subnet_ids) as subnet_id_count - from - aws_vpc_endpoint; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Endpoint diff --git a/queries/aws_vpc_endpoint_3.yaml.bak b/queries/aws_vpc_endpoint_3.yaml.bak deleted file mode 100755 index 2afc5789b..000000000 --- a/queries/aws_vpc_endpoint_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_vpc_endpoint_3 -Title: "List all AWS VPC Endpoints and Related Information" -Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_endpoint_id, - vpc_id, - jsonb_array_elements(subnet_ids) as subnet_ids, - jsonb_array_elements(network_interface_ids) as network_interface_ids, - jsonb_array_elements(route_table_ids) as route_table_ids, - sg ->> 'GroupName' as sg_name - from - aws_vpc_endpoint - cross join jsonb_array_elements(groups) as sg; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_endpoint_4.yaml.bak b/queries/aws_vpc_endpoint_4.yaml.bak deleted file mode 100755 index e2af977b0..000000000 --- a/queries/aws_vpc_endpoint_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_vpc_endpoint_4 -Title: "Find AWS VPC Endpoints with Configurations and Status" -Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_endpoint_id, - private_dns_enabled, - dns ->> 'DnsName' as dns_name, - dns ->> 'HostedZoneId' as hosted_zone_id - from - aws_vpc_endpoint - cross join jsonb_array_elements(dns_entries) as dns; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Endpoint diff --git a/queries/aws_vpc_endpoint_4.yaml.bak.bak b/queries/aws_vpc_endpoint_4.yaml.bak.bak deleted file mode 100755 index e2af977b0..000000000 --- a/queries/aws_vpc_endpoint_4.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_vpc_endpoint_4 -Title: "Find AWS VPC Endpoints with Configurations and Status" -Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_endpoint_id, - private_dns_enabled, - dns ->> 'DnsName' as dns_name, - dns ->> 'HostedZoneId' as hosted_zone_id - from - aws_vpc_endpoint - cross join jsonb_array_elements(dns_entries) as dns; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Endpoint diff --git a/queries/aws_vpc_endpoint_5.yaml.bak b/queries/aws_vpc_endpoint_5.yaml.bak deleted file mode 100755 index 63cecf492..000000000 --- a/queries/aws_vpc_endpoint_5.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_vpc_endpoint_5 -Title: "List all AWS VPC Endpoints and their configurations" -Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - count(vpc_endpoint_id) as vpc_endpoint_count - from - aws_vpc_endpoint - group by - vpc_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_endpoint_service_1.yaml.bak b/queries/aws_vpc_endpoint_service_1.yaml.bak deleted file mode 100755 index 92272574a..000000000 --- a/queries/aws_vpc_endpoint_service_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_endpoint_service_1 -Title: "List All AWS VPC Endpoint Services and Details" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_id, - base_endpoint_dns_names, - private_dns_name - from - aws_vpc_endpoint_service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Endpoint Services diff --git a/queries/aws_vpc_endpoint_service_2.yaml.bak b/queries/aws_vpc_endpoint_service_2.yaml.bak deleted file mode 100755 index 96b4d50ca..000000000 --- a/queries/aws_vpc_endpoint_service_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_vpc_endpoint_service_2 -Title: "List all AWS VPC Endpoint Services with Details" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - jsonb_array_length(availability_zones) as availability_zone_count - from - aws_vpc_endpoint_service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Endpoint Service diff --git a/queries/aws_vpc_endpoint_service_3.yaml.bak b/queries/aws_vpc_endpoint_service_3.yaml.bak deleted file mode 100755 index 58e79aa8a..000000000 --- a/queries/aws_vpc_endpoint_service_3.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_vpc_endpoint_service_3 -Title: "Find AWS VPC Endpoint Service Details" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_id, - base_endpoint_dns_names, - private_dns_name - from - aws_vpc_endpoint_service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Endpoint Service diff --git a/queries/aws_vpc_endpoint_service_4.yaml.bak b/queries/aws_vpc_endpoint_service_4.yaml.bak deleted file mode 100755 index 970b9933e..000000000 --- a/queries/aws_vpc_endpoint_service_4.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_vpc_endpoint_service_4 -Title: "List AWS VPC Endpoint Services with Details" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_id, - type ->> 'ServiceType' as service_type - from - aws_vpc_endpoint_service - cross join jsonb_array_elements(service_type) as type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS VPC Endpoint Services diff --git a/queries/aws_vpc_endpoint_service_5.yaml.bak b/queries/aws_vpc_endpoint_service_5.yaml.bak deleted file mode 100755 index 266836a80..000000000 --- a/queries/aws_vpc_endpoint_service_5.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_vpc_endpoint_service_5 -Title: "List all Non-Policy Supported AWS VPC Endpoint Services" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_id, - vpc_endpoint_policy_supported - from - aws_vpc_endpoint_service - where - not vpc_endpoint_policy_supported; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Endpoint Service diff --git a/queries/aws_vpc_endpoint_service_6.yaml.bak b/queries/aws_vpc_endpoint_service_6.yaml.bak deleted file mode 100755 index 8f956172d..000000000 --- a/queries/aws_vpc_endpoint_service_6.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_vpc_endpoint_service_6 -Title: "List all AWS VPC Endpoint Services" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_id, - jsonb_pretty(vpc_endpoint_service_permissions) as allowed_principals - from - aws_vpc_endpoint_service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Endpoint Services diff --git a/queries/aws_vpc_endpoint_service_6.yaml.bak.bak b/queries/aws_vpc_endpoint_service_6.yaml.bak.bak deleted file mode 100755 index 8f956172d..000000000 --- a/queries/aws_vpc_endpoint_service_6.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_vpc_endpoint_service_6 -Title: "List all AWS VPC Endpoint Services" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_id, - jsonb_pretty(vpc_endpoint_service_permissions) as allowed_principals - from - aws_vpc_endpoint_service; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Endpoint Services diff --git a/queries/aws_vpc_endpoint_service_7.yaml.bak b/queries/aws_vpc_endpoint_service_7.yaml.bak deleted file mode 100755 index def44933b..000000000 --- a/queries/aws_vpc_endpoint_service_7.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_vpc_endpoint_service_7 -Title: "List all AWS VPC Endpoint Services Information" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_id, - c ->> 'VpcEndpointId' as vpc_endpoint_id, - c ->> 'VpcEndpointOwner' as vpc_endpoint_owner, - c ->> 'VpcEndpointState' as vpc_endpoint_state, - jsonb_array_elements_text(c -> 'NetworkLoadBalancerArns') as network_loadBalancer_arns - from - aws_vpc_endpoint_service, - jsonb_array_elements(vpc_endpoint_connections) as c - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Endpoint Service diff --git a/queries/aws_vpc_flow_log_1.yaml.bak b/queries/aws_vpc_flow_log_1.yaml.bak deleted file mode 100755 index 0e4fe3811..000000000 --- a/queries/aws_vpc_flow_log_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_vpc_flow_log_1 -Title: "Find AWS VPC Flow Logs Information with SQL Query" -Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - flow_log_id, - resource_id - from - aws_vpc_flow_log; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_2.yaml.bak b/queries/aws_vpc_flow_log_2.yaml.bak deleted file mode 100755 index 88f60746a..000000000 --- a/queries/aws_vpc_flow_log_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_flow_log_2 -Title: "Find Failed Logs in AWS VPC Flow" -Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - flow_log_id, - resource_id, - deliver_logs_error_message, - deliver_logs_status - from - aws_vpc_flow_log - where - deliver_logs_status = 'FAILED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_3.yaml.bak b/queries/aws_vpc_flow_log_3.yaml.bak deleted file mode 100755 index 6c78cf744..000000000 --- a/queries/aws_vpc_flow_log_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_vpc_flow_log_3 -Title: "Find AWS VPC Flow Logs and IP Traffic Details" -Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - flow_log_id, - log_destination_type, - log_destination, - log_group_name, - bucket_name - from - aws_vpc_flow_log; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Flow Log diff --git a/queries/aws_vpc_flow_log_4.yaml.bak b/queries/aws_vpc_flow_log_4.yaml.bak deleted file mode 100755 index 81d032ab6..000000000 --- a/queries/aws_vpc_flow_log_4.yaml.bak +++ /dev/null @@ -1,23 +0,0 @@ -ID: aws_vpc_flow_log_4 -Title: "Find AWS VPC Flow Log Details with SQL Queries" -Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - flow_log_id, - traffic_type - from - aws_vpc_flow_log; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_1.yaml.bak b/queries/aws_vpc_flow_log_event_1.yaml.bak deleted file mode 100755 index 3dec0aa76..000000000 --- a/queries/aws_vpc_flow_log_event_1.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_vpc_flow_log_event_1 -Title: "Find AWS VPC Flow Log Event Details in Last 5 Minutes" -Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - log_status, - action, - ingestion_time, - timestamp, - interface_id, - interface_account_id, - src_addr, - region - from - aws_vpc_flow_log_event - where - log_group_name = 'vpc-log-group-name' - and timestamp >= now() - interval '5 minutes'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_2.yaml.bak b/queries/aws_vpc_flow_log_event_2.yaml.bak deleted file mode 100755 index ff8d8a1f6..000000000 --- a/queries/aws_vpc_flow_log_event_2.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: aws_vpc_flow_log_event_2 -Title: "List all AWS VPC Flow Log Events and IP Traffic Details" -Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - log_status, - action, - ingestion_time, - timestamp, - interface_id, - interface_account_id, - src_addr, - region - from - aws_vpc_flow_log_event - where - log_group_name = 'vpc-log-group-name' - and timestamp between (now() - interval '10 minutes') and (now() - interval '5 minutes') - order by - timestamp asc; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_3.yaml.bak b/queries/aws_vpc_flow_log_event_3.yaml.bak deleted file mode 100755 index 23ae398c2..000000000 --- a/queries/aws_vpc_flow_log_event_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_flow_log_event_3 -Title: "List all IP traffic from AWS VPC Flow Logs" -Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct(interface_id) - from - aws_vpc_flow_log_event - where - log_group_name = 'vpc-log-group-name' - and timestamp >= now() - interval '1 hour'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_4.yaml.bak b/queries/aws_vpc_flow_log_event_4.yaml.bak deleted file mode 100755 index 0fa54668c..000000000 --- a/queries/aws_vpc_flow_log_event_4.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_vpc_flow_log_event_4 -Title: "Find all AWS VPC Flow Log Events Using SQL" -Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_stream_name, - timestamp, - interface_id, - interface_account_id, - src_addr, - src_port, - dst_addr, - dst_port - from - aws_vpc_flow_log_event - where - log_group_name = 'vpc-log-group-name' - and action = 'REJECT' - and timestamp >= now() - interval '1 hour'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_4.yaml.bak.bak b/queries/aws_vpc_flow_log_event_4.yaml.bak.bak deleted file mode 100755 index 0fa54668c..000000000 --- a/queries/aws_vpc_flow_log_event_4.yaml.bak.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_vpc_flow_log_event_4 -Title: "Find all AWS VPC Flow Log Events Using SQL" -Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_stream_name, - timestamp, - interface_id, - interface_account_id, - src_addr, - src_port, - dst_addr, - dst_port - from - aws_vpc_flow_log_event - where - log_group_name = 'vpc-log-group-name' - and action = 'REJECT' - and timestamp >= now() - interval '1 hour'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_5.yaml.bak b/queries/aws_vpc_flow_log_event_5.yaml.bak deleted file mode 100755 index 87f636273..000000000 --- a/queries/aws_vpc_flow_log_event_5.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: aws_vpc_flow_log_event_5 -Title: "Find AWS VPC Flow Log Events and IP Traffic Details" -Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - log_status, - action, - ingestion_time, - timestamp, - interface_id, - interface_account_id, - src_addr, - region - from - aws_vpc_flow_log_event - where - log_group_name = 'vpc-log-group-name' - and log_stream_name = 'eni-1d47d21d-all' - and (src_addr = '10.85.14.210' or dst_addr = '10.85.14.213') - and timestamp >= now() - interval '1 hour' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_6.yaml.bak b/queries/aws_vpc_flow_log_event_6.yaml.bak deleted file mode 100755 index 220daa402..000000000 --- a/queries/aws_vpc_flow_log_event_6.yaml.bak +++ /dev/null @@ -1,38 +0,0 @@ -ID: aws_vpc_flow_log_event_6 -Title: "Find all AWS VPC Flow Logs and IP Traffic Information" -Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - log_status, - action, - ingestion_time, - timestamp, - interface_id, - interface_account_id, - src_addr, - region - from - aws_vpc_flow_log_event - where - log_group_name = 'vpc-log-group-name' - and log_stream_name = 'eni-1d47d21d-all' - and src_addr << '10.0.0.0/8'::inet - and timestamp >= now() - interval '1 hour' - order by - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Flow Logs diff --git a/queries/aws_vpc_internet_gateway_1.yaml.bak b/queries/aws_vpc_internet_gateway_1.yaml.bak deleted file mode 100755 index febd02487..000000000 --- a/queries/aws_vpc_internet_gateway_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_vpc_internet_gateway_1 -Title: "List all AWS VPC Internet Gateway data insights" -Description: "Allows users to query AWS VPC Internet Gateway data. This table can be used to gain insights into the Internet Gateways attached to your VPCs, including their state, attached VPCs, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - internet_gateway_id, - attachments - from - aws_vpc_internet_gateway - where - attachments is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Internet Gateway diff --git a/queries/aws_vpc_internet_gateway_2.yaml.bak b/queries/aws_vpc_internet_gateway_2.yaml.bak deleted file mode 100755 index cd9c05401..000000000 --- a/queries/aws_vpc_internet_gateway_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_vpc_internet_gateway_2 -Title: "Find AWS VPC Internet Gateway Details and States" -Description: "Allows users to query AWS VPC Internet Gateway data. This table can be used to gain insights into the Internet Gateways attached to your VPCs, including their state, attached VPCs, and associated tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - internet_gateway_id, - att ->> 'VpcId' as vpc_id - from - aws_vpc_internet_gateway - cross join jsonb_array_elements(attachments) as att; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Internet Gateway diff --git a/queries/aws_vpc_internet_gateway_2.yaml.bak.bak b/queries/aws_vpc_internet_gateway_2.yaml.bak.bak deleted file mode 100755 index 24b6d2bb6..000000000 --- a/queries/aws_vpc_internet_gateway_2.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_vpc_internet_gateway_2 -Title: "Find AWS VPC Internet Gateway Details and States" -Description: "Allows users to query AWS VPC Internet Gateway data. This table can be used to gain insights into the Internet Gateways attached to your VPCs, including their state, attached VPCs, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - internet_gateway_id, - att ->> 'VpcId' as vpc_id - from - aws_vpc_internet_gateway - cross join jsonb_array_elements(attachments) as att; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Internet Gateway diff --git a/queries/aws_vpc_nat_gateway_1.yaml.bak b/queries/aws_vpc_nat_gateway_1.yaml.bak deleted file mode 100755 index 31a921ad6..000000000 --- a/queries/aws_vpc_nat_gateway_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_nat_gateway_1 -Title: "List all details of AWS VPC NAT Gateways with SQL" -Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nat_gateway_id, - address ->> 'PrivateIp' as private_ip, - address ->> 'PublicIp' as public_ip, - address ->> 'NetworkInterfaceId' as nic_id, - address ->> 'AllocationId' as allocation_id - from - aws_vpc_nat_gateway - cross join jsonb_array_elements(nat_gateway_addresses) as address; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Virtual Private Cloud diff --git a/queries/aws_vpc_nat_gateway_2.yaml.bak b/queries/aws_vpc_nat_gateway_2.yaml.bak deleted file mode 100755 index 62e69553c..000000000 --- a/queries/aws_vpc_nat_gateway_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_vpc_nat_gateway_2 -Title: "Find AWS VPC NAT Gateways and Subnet Details" -Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nat_gateway_id, - vpc_id, - subnet_id - from - aws_vpc_nat_gateway; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_nat_gateway_3.yaml.bak b/queries/aws_vpc_nat_gateway_3.yaml.bak deleted file mode 100755 index f93117c61..000000000 --- a/queries/aws_vpc_nat_gateway_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_nat_gateway_3 -Title: "Find AWS VPC NAT Gateways and Their Details" -Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nat_gateway_id, - tags - from - aws_vpc_nat_gateway - where - not tags :: JSONB ? 'application'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_nat_gateway_4.yaml.bak b/queries/aws_vpc_nat_gateway_4.yaml.bak deleted file mode 100755 index 715192f46..000000000 --- a/queries/aws_vpc_nat_gateway_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_nat_gateway_4 -Title: "List All AWS VPC NAT Gateways and Their Subnet Associations" -Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - count(nat_gateway_id) as nat_gateway_id - from - aws_vpc_nat_gateway - group by - vpc_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon VPC diff --git a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml.bak b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml.bak deleted file mode 100755 index 8c64e1061..000000000 --- a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_vpc_nat_gateway_metric_bytes_out_to_destination_1 -Title: "List all AWS NAT Gateway Metrics for Bytes Sent Out" -Description: "Allows users to query AWS NAT Gateway metrics for bytes sent to the destination from the NAT gateway. The table provides information about the number of bytes sent out to the destination per NAT gateway in a VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nat_gateway_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_vpc_nat_gateway_metric_bytes_out_to_destination - order by - nat_gateway_id, - timestamp; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - NAT Gateway diff --git a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml.bak b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml.bak deleted file mode 100755 index 36e0e9c8c..000000000 --- a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_vpc_nat_gateway_metric_bytes_out_to_destination_2 -Title: "Find AWS NAT Gateway Metrics for Bytes Sent to Destination" -Description: "Allows users to query AWS NAT Gateway metrics for bytes sent to the destination from the NAT gateway. The table provides information about the number of bytes sent out to the destination per NAT gateway in a VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - g.nat_gateway_id, - vpc_id, - subnet_id - from - aws_vpc_nat_gateway as g - left join aws_vpc_nat_gateway_metric_bytes_out_to_destination as d - on g.nat_gateway_id = d.nat_gateway_id - group by - g.nat_gateway_id, - vpc_id, - subnet_id - having - sum(average) = 0; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - CloudWatch diff --git a/queries/aws_vpc_network_acl_1.yaml.bak b/queries/aws_vpc_network_acl_1.yaml.bak deleted file mode 100755 index 61d22ddb3..000000000 --- a/queries/aws_vpc_network_acl_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_vpc_network_acl_1 -Title: "Find AWS VPC Network ACLs Information" -Description: "Allows users to query AWS VPC Network ACLs to retrieve detailed information about network access control lists in a specific AWS VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - network_acl_id, - arn, - vpc_id - from - aws_vpc_network_acl; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Network ACL diff --git a/queries/aws_vpc_network_acl_2.yaml.bak b/queries/aws_vpc_network_acl_2.yaml.bak deleted file mode 100755 index 71c8bb2f0..000000000 --- a/queries/aws_vpc_network_acl_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_vpc_network_acl_2 -Title: "Find AWS VPC Network ACLs in a Specific VPC" -Description: "Allows users to query AWS VPC Network ACLs to retrieve detailed information about network access control lists in a specific AWS VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - network_acl_id, - vpc_id, - is_default - from - aws_vpc_network_acl - where - is_default = true; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Network ACL diff --git a/queries/aws_vpc_network_acl_3.yaml.bak b/queries/aws_vpc_network_acl_3.yaml.bak deleted file mode 100755 index a159c2d8a..000000000 --- a/queries/aws_vpc_network_acl_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_vpc_network_acl_3 -Title: "Find AWS VPC Network ACL Details" -Description: "Allows users to query AWS VPC Network ACLs to retrieve detailed information about network access control lists in a specific AWS VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - network_acl_id, - vpc_id, - association ->> 'SubnetId' as subnet_id, - association ->> 'NetworkAclAssociationId' as network_acl_association_id - from - aws_vpc_network_acl - cross join jsonb_array_elements(associations) as association; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Network ACL diff --git a/queries/aws_vpc_peering_connection_1.yaml.bak b/queries/aws_vpc_peering_connection_1.yaml.bak deleted file mode 100755 index 3135f61b9..000000000 --- a/queries/aws_vpc_peering_connection_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_peering_connection_1 -Title: "List AWS VPC Peering Connections using SQL" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - accepter_owner_id, - accepter_region, - accepter_vpc_id, - expiration_time, - requester_owner_id, - requester_region, - requester_vpc_id - from - aws_vpc_peering_connection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Virtual Private Cloud diff --git a/queries/aws_vpc_peering_connection_2.yaml.bak b/queries/aws_vpc_peering_connection_2.yaml.bak deleted file mode 100755 index cb0ccb2ff..000000000 --- a/queries/aws_vpc_peering_connection_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_vpc_peering_connection_2 -Title: "Find Pending AWS VPC Peering Connections" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - accepter_vpc_id, - requester_vpc_id, - status_code, - status_message - from - aws_vpc_peering_connection - where - status_code = 'pending-acceptance'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon VPC diff --git a/queries/aws_vpc_peering_connection_3.yaml.bak b/queries/aws_vpc_peering_connection_3.yaml.bak deleted file mode 100755 index acd99d15e..000000000 --- a/queries/aws_vpc_peering_connection_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_vpc_peering_connection_3 -Title: "Query All AWS VPC Peering Connections" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - requester_cidr_block, - requester_owner_id, - requester_region, - requester_vpc_id, - jsonb_pretty(requester_cidr_block_set) as requester_cidr_block_set, - jsonb_pretty(requester_ipv6_cidr_block_set) as requester_ipv6_cidr_block_set, - jsonb_pretty(requester_peering_options) as requester_peering_options - from - aws_vpc_peering_connection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon VPC diff --git a/queries/aws_vpc_peering_connection_4.yaml.bak b/queries/aws_vpc_peering_connection_4.yaml.bak deleted file mode 100755 index 302f40308..000000000 --- a/queries/aws_vpc_peering_connection_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_peering_connection_4 -Title: "List all AWS VPC Peering Connections" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - accepter_cidr_block, - accepter_owner_id, - accepter_region, - accepter_vpc_id, - jsonb_pretty(accepter_cidr_block_set) as accepter_cidr_block_set, - jsonb_pretty(accepter_ipv6_cidr_block_set) as accepter_ipv6_cidr_block_set, - jsonb_pretty(accepter_peering_options) as accepter_peering_options - from - aws_vpc_peering_connection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_peering_connection_4.yaml.bak.bak b/queries/aws_vpc_peering_connection_4.yaml.bak.bak deleted file mode 100755 index 302f40308..000000000 --- a/queries/aws_vpc_peering_connection_4.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_peering_connection_4 -Title: "List all AWS VPC Peering Connections" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - accepter_cidr_block, - accepter_owner_id, - accepter_region, - accepter_vpc_id, - jsonb_pretty(accepter_cidr_block_set) as accepter_cidr_block_set, - jsonb_pretty(accepter_ipv6_cidr_block_set) as accepter_ipv6_cidr_block_set, - jsonb_pretty(accepter_peering_options) as accepter_peering_options - from - aws_vpc_peering_connection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_peering_connection_5.yaml.bak b/queries/aws_vpc_peering_connection_5.yaml.bak deleted file mode 100755 index 1d0f7b923..000000000 --- a/queries/aws_vpc_peering_connection_5.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_vpc_peering_connection_5 -Title: "List all VPC Peering Connections in AWS" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - accepter_owner_id, - accepter_region, - accepter_vpc_id, - expiration_time, - requester_owner_id, - requester_region, - requester_vpc_id - from - aws_vpc_peering_connection - where - id in ('pcx-0a0403619dd2f3b24', 'pcx-048825e2c43ffd99e'); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon VPC diff --git a/queries/aws_vpc_peering_connection_6.yaml.bak b/queries/aws_vpc_peering_connection_6.yaml.bak deleted file mode 100755 index f19b7abd9..000000000 --- a/queries/aws_vpc_peering_connection_6.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_vpc_peering_connection_6 -Title: "Find all VPC Peering Connections in AWS VPC" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - jsonb_pretty(tags) as tags, - jsonb_pretty(tags_src) as tags_src - from - aws_vpc_peering_connection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Virtual Private Cloud diff --git a/queries/aws_vpc_peering_connection_7.yaml.bak b/queries/aws_vpc_peering_connection_7.yaml.bak deleted file mode 100755 index c2649773a..000000000 --- a/queries/aws_vpc_peering_connection_7.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_vpc_peering_connection_7 -Title: "Find AWS VPC Peering Connections in Amazon VPC" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - tags ->> 'Name' as name - from - aws_vpc_peering_connection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_peering_connection_8.yaml.bak b/queries/aws_vpc_peering_connection_8.yaml.bak deleted file mode 100755 index 6844cd0dd..000000000 --- a/queries/aws_vpc_peering_connection_8.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_vpc_peering_connection_8 -Title: "List all VPC Peering Connections in AWS VPC" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - v.id, - jsonb_pretty(tags) as tags - from - aws_vpc_peering_connection as v, - jsonb_each(tags) - where - key = 'turbot:TurbotCreatedPeeringConnection'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_peering_connection_8.yaml.bak.bak b/queries/aws_vpc_peering_connection_8.yaml.bak.bak deleted file mode 100755 index 6844cd0dd..000000000 --- a/queries/aws_vpc_peering_connection_8.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_vpc_peering_connection_8 -Title: "List all VPC Peering Connections in AWS VPC" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - v.id, - jsonb_pretty(tags) as tags - from - aws_vpc_peering_connection as v, - jsonb_each(tags) - where - key = 'turbot:TurbotCreatedPeeringConnection'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_peering_connection_9.yaml.bak b/queries/aws_vpc_peering_connection_9.yaml.bak deleted file mode 100755 index 496160759..000000000 --- a/queries/aws_vpc_peering_connection_9.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_peering_connection_9 -Title: "Find AWS VPC Peering Connections in Amazon VPC" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - jsonb_pretty(tags) as tags - from - aws_vpc_peering_connection - where - tags @> '{"Name": "vpc-0639e12347e5b6bfb <=> vpc-8e1234f5"}'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Virtual Private Cloud diff --git a/queries/aws_vpc_route_1.yaml.bak b/queries/aws_vpc_route_1.yaml.bak deleted file mode 100755 index 53995d1b3..000000000 --- a/queries/aws_vpc_route_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_vpc_route_1 -Title: "List all AWS VPC Routes Information using SQL" -Description: "Allows users to query AWS VPC Routes to retrieve detailed information about each route in a route table within a VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_table_id, - gateway_id - from - aws_vpc_route - where - gateway_id ilike 'igw%' - and destination_cidr_block = '0.0.0.0/0'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_route_2.yaml.bak b/queries/aws_vpc_route_2.yaml.bak deleted file mode 100755 index da8dd22a8..000000000 --- a/queries/aws_vpc_route_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_route_2 -Title: "Find AWS VPC Routes for Specific Route Table States" -Description: "Allows users to query AWS VPC Routes to retrieve detailed information about each route in a route table within a VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_table_id, - state - from - aws_vpc_route - where - state = 'blackhole'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_route_3.yaml.bak b/queries/aws_vpc_route_3.yaml.bak deleted file mode 100755 index f86fdab9e..000000000 --- a/queries/aws_vpc_route_3.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_vpc_route_3 -Title: "Find AWS VPC Routes and Retrieve Route Information" -Description: "Allows users to query AWS VPC Routes to retrieve detailed information about each route in a route table within a VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_table_id, - state, - destination_cidr_block, - destination_ipv6_cidr_block, - carrier_gateway_id, - destination_prefix_list_id, - egress_only_internet_gateway_id, - gateway_id, - instance_id, - nat_gateway_id, - network_interface_id, - transit_gateway_id, - vpc_peering_connection_id - from - aws_vpc_route; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_route_table_1.yaml.bak b/queries/aws_vpc_route_table_1.yaml.bak deleted file mode 100755 index c6483a39d..000000000 --- a/queries/aws_vpc_route_table_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_vpc_route_table_1 -Title: "Find all AWS VPC Route Tables and their Details" -Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - count(route_table_id) as route_table_count - from - aws_vpc_route_table - group by - vpc_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Route Tables diff --git a/queries/aws_vpc_route_table_2.yaml.bak b/queries/aws_vpc_route_table_2.yaml.bak deleted file mode 100755 index d1dec4fe7..000000000 --- a/queries/aws_vpc_route_table_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_vpc_route_table_2 -Title: "List all AWS VPC Route Tables and Their Associations" -Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_table_id, - associations_detail -> 'AssociationState' ->> 'State' as state, - associations_detail -> 'GatewayId' as gateway_id, - associations_detail -> 'SubnetId' as subnet_id, - associations_detail -> 'RouteTableAssociationId' as route_table_association_id, - associations_detail -> 'Main' as main_route_table - from - aws_vpc_route_table - cross join jsonb_array_elements(associations) as associations_detail; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_route_table_2.yaml.bak.bak b/queries/aws_vpc_route_table_2.yaml.bak.bak deleted file mode 100755 index d1dec4fe7..000000000 --- a/queries/aws_vpc_route_table_2.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_vpc_route_table_2 -Title: "List all AWS VPC Route Tables and Their Associations" -Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_table_id, - associations_detail -> 'AssociationState' ->> 'State' as state, - associations_detail -> 'GatewayId' as gateway_id, - associations_detail -> 'SubnetId' as subnet_id, - associations_detail -> 'RouteTableAssociationId' as route_table_association_id, - associations_detail -> 'Main' as main_route_table - from - aws_vpc_route_table - cross join jsonb_array_elements(associations) as associations_detail; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_route_table_3.yaml.bak b/queries/aws_vpc_route_table_3.yaml.bak deleted file mode 100755 index 17df76fc0..000000000 --- a/queries/aws_vpc_route_table_3.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: aws_vpc_route_table_3 -Title: "List all AWS VPC Route Tables with Detailed Info" -Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_table_id, - route_detail -> 'CarrierGatewayId' ->> 'State' as carrier_gateway_id, - route_detail -> 'DestinationCidrBlock' as destination_CIDR_block, - route_detail -> 'DestinationIpv6CidrBlock' as destination_ipv6_CIDR_block, - route_detail -> 'EgressOnlyInternetGatewayId' as egress_only_internet_gateway, - route_detail -> 'GatewayId' as gateway_id, - route_detail -> 'InstanceId' as instance_id, - route_detail -> 'InstanceOwnerId' as instance_owner_id, - route_detail -> 'LocalGatewayId' as local_gateway_id, - route_detail -> 'NatGatewayId' as nat_gateway_id, - route_detail -> 'NetworkInterfaceId' as network_interface_id, - route_detail -> 'TransitGatewayId' as transit_gateway_id, - route_detail -> 'VpcPeeringConnectionId' as vpc_peering_connection_id - from - aws_vpc_route_table - cross join jsonb_array_elements(routes) as route_detail; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_security_group_1.yaml.bak b/queries/aws_vpc_security_group_1.yaml.bak deleted file mode 100755 index f4d9cfe53..000000000 --- a/queries/aws_vpc_security_group_1.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_vpc_security_group_1 -Title: "List all AWS VPC Security Groups with SQL Queries" -Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - group_name, - vpc_id, - perm ->> 'FromPort' as from_port, - perm ->> 'ToPort' as to_port, - perm ->> 'IpProtocol' as ip_protocol, - perm ->> 'IpRanges' as ip_ranges, - perm ->> 'Ipv6Ranges' as ipv6_ranges, - perm ->> 'UserIdGroupPairs' as user_id_group_pairs, - perm ->> 'PrefixListIds' as prefix_list_ids - from - aws_vpc_security_group as sg - cross join jsonb_array_elements(ip_permissions) as perm; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_security_group_2.yaml.bak b/queries/aws_vpc_security_group_2.yaml.bak deleted file mode 100755 index 103039fc3..000000000 --- a/queries/aws_vpc_security_group_2.yaml.bak +++ /dev/null @@ -1,48 +0,0 @@ -ID: aws_vpc_security_group_2 -Title: "Find AWS VPC Security Groups and Their Configurations" -Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - sg.group_name, - sg.group_id, - sgr.type, - sgr.ip_protocol, - sgr.from_port, - sgr.to_port, - cidr_ip - from - aws_vpc_security_group as sg - join aws_vpc_security_group_rule as sgr on sg.group_name = sgr.group_name - where - sgr.type = 'ingress' - and sgr.cidr_ip = '0.0.0.0/0' - and ( - ( - sgr.ip_protocol = '-1' -- all traffic - and sgr.from_port is null - ) - or ( - sgr.from_port <= 22 - and sgr.to_port >= 22 - ) - or ( - sgr.from_port <= 3389 - and sgr.to_port >= 3389 - ) - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_security_group_2.yaml.bak.bak b/queries/aws_vpc_security_group_2.yaml.bak.bak deleted file mode 100755 index 103039fc3..000000000 --- a/queries/aws_vpc_security_group_2.yaml.bak.bak +++ /dev/null @@ -1,48 +0,0 @@ -ID: aws_vpc_security_group_2 -Title: "Find AWS VPC Security Groups and Their Configurations" -Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - sg.group_name, - sg.group_id, - sgr.type, - sgr.ip_protocol, - sgr.from_port, - sgr.to_port, - cidr_ip - from - aws_vpc_security_group as sg - join aws_vpc_security_group_rule as sgr on sg.group_name = sgr.group_name - where - sgr.type = 'ingress' - and sgr.cidr_ip = '0.0.0.0/0' - and ( - ( - sgr.ip_protocol = '-1' -- all traffic - and sgr.from_port is null - ) - or ( - sgr.from_port <= 22 - and sgr.to_port >= 22 - ) - or ( - sgr.from_port <= 3389 - and sgr.to_port >= 3389 - ) - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_security_group_3.yaml.bak b/queries/aws_vpc_security_group_3.yaml.bak deleted file mode 100755 index 50e010d49..000000000 --- a/queries/aws_vpc_security_group_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_security_group_3 -Title: "List all AWS VPC Security Groups with Configurations" -Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - count(vpc_id) as count - from - aws_vpc_security_group - group by - vpc_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Security Group diff --git a/queries/aws_vpc_security_group_4.yaml.bak b/queries/aws_vpc_security_group_4.yaml.bak deleted file mode 100755 index a10669c02..000000000 --- a/queries/aws_vpc_security_group_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_security_group_4 -Title: "List all AWS VPC Security Groups and Metadata" -Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - group_name, - group_id - from - aws_vpc_security_group - where - group_name like '%launch-wizard%'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_security_group_rule_1.yaml.bak b/queries/aws_vpc_security_group_rule_1.yaml.bak deleted file mode 100755 index c82b27f40..000000000 --- a/queries/aws_vpc_security_group_rule_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_vpc_security_group_rule_1 -Title: "List AWS VPC Security Group Rules using SQL" -Description: "Allows users to query AWS VPC Security Group Rule, providing detailed information about security group rules within Amazon Virtual Private Cloud (VPC)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - security_group_rule_id, - group_id, - ip_protocol, - from_port, - to_port - from - aws_vpc_security_group_rule - where - cidr_ipv4 = '0.0.0.0/0' - and not is_egress; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon VPC diff --git a/queries/aws_vpc_security_group_rule_2.yaml.bak b/queries/aws_vpc_security_group_rule_2.yaml.bak deleted file mode 100755 index b859af26e..000000000 --- a/queries/aws_vpc_security_group_rule_2.yaml.bak +++ /dev/null @@ -1,46 +0,0 @@ -ID: aws_vpc_security_group_rule_2 -Title: "Find AWS VPC Security Group Rule - Query with Details" -Description: "Allows users to query AWS VPC Security Group Rule, providing detailed information about security group rules within Amazon Virtual Private Cloud (VPC)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - security_group_rule_id, - group_id, - ip_protocol, - from_port, - to_port, - cidr_ipv4 - from - aws_vpc_security_group_rule - where - not is_egress - and cidr_ipv4 = '0.0.0.0/0' - and ( - ( - ip_protocol = '-1' -- all traffic - and from_port is null - ) - or ( - from_port <= 22 - and to_port >= 22 - ) - or ( - from_port <= 3389 - and to_port >= 3389 - ) - ); - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Virtual Private Cloud (VPC) diff --git a/queries/aws_vpc_security_group_rule_3.yaml.bak b/queries/aws_vpc_security_group_rule_3.yaml.bak deleted file mode 100755 index 57d77f126..000000000 --- a/queries/aws_vpc_security_group_rule_3.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_vpc_security_group_rule_3 -Title: "List all AWS VPC Security Group Rules" -Description: "Allows users to query AWS VPC Security Group Rule, providing detailed information about security group rules within Amazon Virtual Private Cloud (VPC)." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.security_group_rule_id, - r.ip_protocol, - r.from_port, - r.to_port, - r.cidr_ipv4, - r.group_id, - sg.group_name, - sg.vpc_id - from - aws_vpc_security_group_rule as r, - aws_vpc_security_group as sg - where - r.group_id = sg.group_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon Virtual Private Cloud diff --git a/queries/aws_vpc_subnet_1.yaml.bak b/queries/aws_vpc_subnet_1.yaml.bak deleted file mode 100755 index 8061a033e..000000000 --- a/queries/aws_vpc_subnet_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_vpc_subnet_1 -Title: "List all AWS VPC Subnets with Detailed Information" -Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - subnet_id, - cidr_block, - assign_ipv6_address_on_creation, - map_customer_owned_ip_on_launch, - map_public_ip_on_launch, - ipv6_cidr_block_association_set - from - aws_vpc_subnet; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_subnet_2.yaml.bak b/queries/aws_vpc_subnet_2.yaml.bak deleted file mode 100755 index c8557ace1..000000000 --- a/queries/aws_vpc_subnet_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_vpc_subnet_2 -Title: "List all AWS VPC Subnets with Details" -Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - subnet_id, - availability_zone, - availability_zone_id - from - aws_vpc_subnet - order by - vpc_id, - availability_zone; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_subnet_3.yaml.bak b/queries/aws_vpc_subnet_3.yaml.bak deleted file mode 100755 index aaaeb7707..000000000 --- a/queries/aws_vpc_subnet_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_subnet_3 -Title: "Find AWS VPC Subnets Information including CIDR Blocks" -Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subnet_id, - cidr_block, - available_ip_address_count, - power(2, 32 - masklen(cidr_block :: cidr)) -1 as raw_size - from - aws_vpc_subnet; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_subnet_4.yaml.bak b/queries/aws_vpc_subnet_4.yaml.bak deleted file mode 100755 index 13acb2979..000000000 --- a/queries/aws_vpc_subnet_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_subnet_4 -Title: "Find AWS VPC Subnets with Configuration Details" -Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - associations_detail ->> 'SubnetId' as subnet_id, - route_table_id - from - aws_vpc_route_table as rt - cross join jsonb_array_elements(associations) as associations_detail - join aws_vpc_subnet as sub on sub.subnet_id = associations_detail ->> 'SubnetId'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_subnet_5.yaml.bak b/queries/aws_vpc_subnet_5.yaml.bak deleted file mode 100755 index 09fb0622c..000000000 --- a/queries/aws_vpc_subnet_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_subnet_5 -Title: "List all AWS VPC Subnets and Obtain Detailed Information" -Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - count(subnet_id) as subnet_count - from - aws_vpc_subnet - group by - vpc_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_verified_access_endpoint_1.yaml.bak b/queries/aws_vpc_verified_access_endpoint_1.yaml.bak deleted file mode 100755 index f7ca68f0c..000000000 --- a/queries/aws_vpc_verified_access_endpoint_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_vpc_verified_access_endpoint_1 -Title: "List all AWS VPC Verified Access Endpoint Details" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_endpoint_id, - verified_access_instance_id, - verified_access_group_id, - creation_time, - verified_access_instance_id, - domain_certificate_arn, - device_validation_domain, - status_code - from - aws_vpc_verified_access_endpoint; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Verified Access Endpoint diff --git a/queries/aws_vpc_verified_access_endpoint_2.yaml.bak b/queries/aws_vpc_verified_access_endpoint_2.yaml.bak deleted file mode 100755 index 43e0a91e1..000000000 --- a/queries/aws_vpc_verified_access_endpoint_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_vpc_verified_access_endpoint_2 -Title: "List All AWS VPC Verified Access Endpoint Data" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_endpoint_id, - creation_time, - description, - status_code - from - aws_vpc_verified_access_endpoint - where - creation_time <= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Verified Access Endpoint diff --git a/queries/aws_vpc_verified_access_endpoint_3.yaml.bak b/queries/aws_vpc_verified_access_endpoint_3.yaml.bak deleted file mode 100755 index d972579b4..000000000 --- a/queries/aws_vpc_verified_access_endpoint_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_vpc_verified_access_endpoint_3 -Title: "List all AWS VPC Verified Access Endpoint data with SQL" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_endpoint_id, - status_code, - creation_time, - deletion_time, - description, - device_validation_domain - from - aws_vpc_verified_access_endpoint - where - status_code <> 'active'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_verified_access_endpoint_4.yaml.bak b/queries/aws_vpc_verified_access_endpoint_4.yaml.bak deleted file mode 100755 index ff0797205..000000000 --- a/queries/aws_vpc_verified_access_endpoint_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_vpc_verified_access_endpoint_4 -Title: "List all AWS VPC Verified Access Endpoint Configs" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.verified_access_endpoint_id, - e.creation_time, - g.verified_access_group_id, - g.creation_time as group_create_time - from - aws_vpc_verified_access_endpoint as e, - aws_vpc_verified_access_group as g - where - e.verified_access_group_id = g.verified_access_group_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS VPC diff --git a/queries/aws_vpc_verified_access_endpoint_5.yaml.bak b/queries/aws_vpc_verified_access_endpoint_5.yaml.bak deleted file mode 100755 index cde17a987..000000000 --- a/queries/aws_vpc_verified_access_endpoint_5.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_vpc_verified_access_endpoint_5 -Title: "List Verified Access Endpoints in AWS VPC" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.verified_access_group_id, - e.creation_time, - i.creation_time as instance_create_time, - i.verified_access_instance_id, - jsonb_pretty(i.verified_access_trust_providers) as verified_access_trust_providers - from - aws_vpc_verified_access_endpoint as e, - aws_vpc_verified_access_instance as i - where - e.verified_access_instance_id = i.verified_access_instance_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Verified Access Endpoint diff --git a/queries/aws_vpc_verified_access_endpoint_6.yaml.bak b/queries/aws_vpc_verified_access_endpoint_6.yaml.bak deleted file mode 100755 index 632ac950a..000000000 --- a/queries/aws_vpc_verified_access_endpoint_6.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_verified_access_endpoint_6 -Title: "List all AWS VPC Verified Access Endpoints configuration" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_instance_id, - count(verified_access_endpoint_id) as instance_count - from - aws_vpc_verified_access_endpoint - group by - verified_access_instance_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Verified Access Endpoint diff --git a/queries/aws_vpc_verified_access_endpoint_6.yaml.bak.bak b/queries/aws_vpc_verified_access_endpoint_6.yaml.bak.bak deleted file mode 100755 index 632ac950a..000000000 --- a/queries/aws_vpc_verified_access_endpoint_6.yaml.bak.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_verified_access_endpoint_6 -Title: "List all AWS VPC Verified Access Endpoints configuration" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_instance_id, - count(verified_access_endpoint_id) as instance_count - from - aws_vpc_verified_access_endpoint - group by - verified_access_instance_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Verified Access Endpoint diff --git a/queries/aws_vpc_verified_access_endpoint_7.yaml.bak b/queries/aws_vpc_verified_access_endpoint_7.yaml.bak deleted file mode 100755 index ad9b8af84..000000000 --- a/queries/aws_vpc_verified_access_endpoint_7.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_vpc_verified_access_endpoint_7 -Title: "List AWS VPC Verified Access Endpoints and Network Interface" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.verified_access_endpoint_id, - i.network_interface_id, - i.interface_type, - i.private_ip_address, - i.association_public_ip, - jsonb_pretty(i.groups) as security_groups - from - aws_vpc_verified_access_endpoint as e, - aws_ec2_network_interface as i - where - e.network_interface_options ->> 'NetworkInterfaceId' = i.network_interface_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS VPC diff --git a/queries/aws_vpc_verified_access_group_1.yaml.bak b/queries/aws_vpc_verified_access_group_1.yaml.bak deleted file mode 100755 index d65eaf0be..000000000 --- a/queries/aws_vpc_verified_access_group_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_verified_access_group_1 -Title: "List all AWS VPC Verified Access Groups with Details" -Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_group_id, - arn, - verified_access_instance_id, - creation_time, - description, - last_updated_time - from - aws_vpc_verified_access_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Virtual Private Cloud diff --git a/queries/aws_vpc_verified_access_group_2.yaml.bak b/queries/aws_vpc_verified_access_group_2.yaml.bak deleted file mode 100755 index 53e53a419..000000000 --- a/queries/aws_vpc_verified_access_group_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_verified_access_group_2 -Title: "List all VPC Verified Access Groups in AWS" -Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_group_id, - creation_time, - description, - last_updated_time - from - aws_vpc_verified_access_group - where - creation_time <= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_verified_access_group_3.yaml.bak b/queries/aws_vpc_verified_access_group_3.yaml.bak deleted file mode 100755 index 52fd85eb2..000000000 --- a/queries/aws_vpc_verified_access_group_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_vpc_verified_access_group_3 -Title: "List all AWS VPC Verified Access Groups Information" -Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_group_id, - creation_time, - deletion_time, - description, - last_updated_time - from - aws_vpc_verified_access_group - where - deletion_time is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Virtual Private Cloud diff --git a/queries/aws_vpc_verified_access_group_4.yaml.bak b/queries/aws_vpc_verified_access_group_4.yaml.bak deleted file mode 100755 index d4431fa47..000000000 --- a/queries/aws_vpc_verified_access_group_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_vpc_verified_access_group_4 -Title: "List AWS VPC Verified Access Groups within AWS VPC" -Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - g.verified_access_group_id, - g.creation_time, - i.creation_time as instance_create_time, - i.verified_access_instance_id, - jsonb_pretty(i.verified_access_trust_providers) as verified_access_trust_providers - from - aws_vpc_verified_access_group as g, - aws_vpc_verified_access_instance as i - where - g.verified_access_instance_id = i.verified_access_instance_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Virtual Private Cloud diff --git a/queries/aws_vpc_verified_access_group_4.yaml.bak.bak b/queries/aws_vpc_verified_access_group_4.yaml.bak.bak deleted file mode 100755 index d4431fa47..000000000 --- a/queries/aws_vpc_verified_access_group_4.yaml.bak.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_vpc_verified_access_group_4 -Title: "List AWS VPC Verified Access Groups within AWS VPC" -Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - g.verified_access_group_id, - g.creation_time, - i.creation_time as instance_create_time, - i.verified_access_instance_id, - jsonb_pretty(i.verified_access_trust_providers) as verified_access_trust_providers - from - aws_vpc_verified_access_group as g, - aws_vpc_verified_access_instance as i - where - g.verified_access_instance_id = i.verified_access_instance_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Virtual Private Cloud diff --git a/queries/aws_vpc_verified_access_instance_1.yaml.bak b/queries/aws_vpc_verified_access_instance_1.yaml.bak deleted file mode 100755 index 03cd1ce13..000000000 --- a/queries/aws_vpc_verified_access_instance_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_vpc_verified_access_instance_1 -Title: "List AWS VPC Verified Access Instance Information" -Description: "Allows users to query AWS VPC Verified Access Instances and provides information about the Amazon VPC verified access instances. This table can be used to gather details such as the instance ID, instance state, instance type, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_instance_id, - creation_time, - description, - last_updated_time, - verified_access_trust_providers - from - aws_vpc_verified_access_instance; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon VPC diff --git a/queries/aws_vpc_verified_access_instance_2.yaml.bak b/queries/aws_vpc_verified_access_instance_2.yaml.bak deleted file mode 100755 index 2ea80989d..000000000 --- a/queries/aws_vpc_verified_access_instance_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_verified_access_instance_2 -Title: "Find AWS VPC Verified Access Instances with Details" -Description: "Allows users to query AWS VPC Verified Access Instances and provides information about the Amazon VPC verified access instances. This table can be used to gather details such as the instance ID, instance state, instance type, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_instance_id, - creation_time, - description, - last_updated_time - from - aws_vpc_verified_access_instance - where - creation_time <= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Verified Access diff --git a/queries/aws_vpc_verified_access_instance_3.yaml.bak b/queries/aws_vpc_verified_access_instance_3.yaml.bak deleted file mode 100755 index d444744ac..000000000 --- a/queries/aws_vpc_verified_access_instance_3.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_vpc_verified_access_instance_3 -Title: "List all AWS VPC Verified Access Instances and Details" -Description: "Allows users to query AWS VPC Verified Access Instances and provides information about the Amazon VPC verified access instances. This table can be used to gather details such as the instance ID, instance state, instance type, and associated tags." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.verified_access_instance_id, - i.creation_time, - p ->> 'Description' as trust_provider_description, - p ->> 'TrustProviderType' as trust_provider_type, - p ->> 'UserTrustProviderType' as user_trust_provider_type, - p ->> 'DeviceTrustProviderType' as device_trust_provider_type, - p ->> 'VerifiedAccessTrustProviderId' as verified_access_trust_provider_id, - t.policy_reference_name as trust_access_policy_reference_name - from - aws_vpc_verified_access_instance as i, - aws_vpc_verified_access_trust_provider as t, - jsonb_array_elements(verified_access_trust_providers) as p - where - p ->> 'VerifiedAccessTrustProviderId' = t.verified_access_trust_provider_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_verified_access_trust_provider_1.yaml.bak b/queries/aws_vpc_verified_access_trust_provider_1.yaml.bak deleted file mode 100755 index b5889ebf3..000000000 --- a/queries/aws_vpc_verified_access_trust_provider_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_vpc_verified_access_trust_provider_1 -Title: "List AWS VPC Verified Access Trust Providers" -Description: "Allows users to query AWS VPC Verified Access Trust Providers, providing information about the trust providers for VPC endpoints in AWS. This table can be used to gain insights into the trust relationships between VPC endpoints and the services they access." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_trust_provider_id, - creation_time, - device_trust_provider_type, - last_updated_time, - policy_reference_name, - trust_provider_type - from - aws_vpc_verified_access_trust_provider; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Verified Access diff --git a/queries/aws_vpc_verified_access_trust_provider_2.yaml.bak b/queries/aws_vpc_verified_access_trust_provider_2.yaml.bak deleted file mode 100755 index 8fd47253e..000000000 --- a/queries/aws_vpc_verified_access_trust_provider_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_vpc_verified_access_trust_provider_2 -Title: "List AWS VPC Verified Access Trust Providers' Details" -Description: "Allows users to query AWS VPC Verified Access Trust Providers, providing information about the trust providers for VPC endpoints in AWS. This table can be used to gain insights into the trust relationships between VPC endpoints and the services they access." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_trust_provider_id, - creation_time, - device_trust_provider_type, - last_updated_time, - policy_reference_name, - trust_provider_type - from - aws_vpc_verified_access_trust_provider - where - trust_provider_type = 'user'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC Verified Access diff --git a/queries/aws_vpc_verified_access_trust_provider_3.yaml.bak b/queries/aws_vpc_verified_access_trust_provider_3.yaml.bak deleted file mode 100755 index ec04dbc81..000000000 --- a/queries/aws_vpc_verified_access_trust_provider_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_vpc_verified_access_trust_provider_3 -Title: "List VPC Verified Access Trust Providers in AWS" -Description: "Allows users to query AWS VPC Verified Access Trust Providers, providing information about the trust providers for VPC endpoints in AWS. This table can be used to gain insights into the trust relationships between VPC endpoints and the services they access." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_trust_provider_id, - creation_time, - last_updated_time, - policy_reference_name, - trust_provider_type - from - aws_vpc_verified_access_trust_provider - where - creation_time >= now() - interval '90' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_vpn_connection_1.yaml.bak b/queries/aws_vpc_vpn_connection_1.yaml.bak deleted file mode 100755 index 2619597b4..000000000 --- a/queries/aws_vpc_vpn_connection_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_vpn_connection_1 -Title: "List all VPN Connections in an AWS VPC" -Description: "Allows users to query VPN connections in an AWS VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpn_connection_id, - state, - type, - vpn_gateway_id, - customer_gateway_id, - region - from - aws_vpc_vpn_connection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC VPN diff --git a/queries/aws_vpc_vpn_connection_2.yaml.bak b/queries/aws_vpc_vpn_connection_2.yaml.bak deleted file mode 100755 index 1b1e4e17d..000000000 --- a/queries/aws_vpc_vpn_connection_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_vpc_vpn_connection_2 -Title: "Find VPN Connections in AWS VPC" -Description: "Allows users to query VPN connections in an AWS VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpn_connection_id, - options -> 'EnableAcceleration' as enable_acceleration, - options ->> 'LocalIpv4NetworkCidr' as local_ipv4_network_cidr, - options ->> 'LocalIpv6NetworkCidr' as local_ipv6_network_cidr, - options ->> 'RemoteIpv4NetworkCidr' as remote_ipv4_network_cidr, - options ->> 'RemoteIpv6NetworkCidr' as remote_ipv6_network_cidr, - options -> 'StaticRoutesOnly' as static_routes_only, - options ->> 'TunnelInsideIpVersion' as tunnel_inside_ip_version, - options ->> 'TunnelOptions' as tunnel_options - from - aws_vpc_vpn_connection; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC VPN diff --git a/queries/aws_vpc_vpn_connection_3.yaml.bak b/queries/aws_vpc_vpn_connection_3.yaml.bak deleted file mode 100755 index e8e09bc64..000000000 --- a/queries/aws_vpc_vpn_connection_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_vpc_vpn_connection_3 -Title: "Find AWS VPC VPN Connection Using SQL" -Description: "Allows users to query VPN connections in an AWS VPC." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpn_connection_id, - arn, - t ->> 'Status' as status - from - aws_vpc_vpn_connection, - jsonb_array_elements(vgw_telemetry) as t - where t ->> 'Status' = 'UP'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC diff --git a/queries/aws_vpc_vpn_gateway_1.yaml.bak b/queries/aws_vpc_vpn_gateway_1.yaml.bak deleted file mode 100755 index c4bd150d3..000000000 --- a/queries/aws_vpc_vpn_gateway_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_vpc_vpn_gateway_1 -Title: "Find AWS VPC VPN Gateway Details with SQL" -Description: "Allows users to query AWS VPC VPN Gateway data, providing details about Virtual Private Cloud (VPC) VPN gateways in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpn_gateway_id, - state, - type, - amazon_side_asn, - availability_zone, - vpc_attachments - from - aws_vpc_vpn_gateway; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC VPN Gateway diff --git a/queries/aws_vpc_vpn_gateway_2.yaml.bak b/queries/aws_vpc_vpn_gateway_2.yaml.bak deleted file mode 100755 index 7eb4f399c..000000000 --- a/queries/aws_vpc_vpn_gateway_2.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_vpc_vpn_gateway_2 -Title: "List all AWS VPC VPN Gateways without VPC Attachments" -Description: "Allows users to query AWS VPC VPN Gateway data, providing details about Virtual Private Cloud (VPC) VPN gateways in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpn_gateway_id - from - aws_vpc_vpn_gateway - where - vpc_attachments is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Virtual Private Cloud (VPC) VPN Gateway diff --git a/queries/aws_vpc_vpn_gateway_3.yaml.bak b/queries/aws_vpc_vpn_gateway_3.yaml.bak deleted file mode 100755 index 2020c0721..000000000 --- a/queries/aws_vpc_vpn_gateway_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_vpc_vpn_gateway_3 -Title: "List all AWS VPC VPN Gateway Details for Default VPCs" -Description: "Allows users to query AWS VPC VPN Gateway data, providing details about Virtual Private Cloud (VPC) VPN gateways in an AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpn_gateway_id, - vpc.is_default - from - aws_vpc_vpn_gateway - cross join jsonb_array_elements(vpc_attachments) as i - join aws_vpc vpc on i ->> 'VpcId' = vpc.vpc_id - where - vpc.is_default = true; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - VPC VPN Gateway diff --git a/queries/aws_waf_rate_based_rule_1.yaml.bak b/queries/aws_waf_rate_based_rule_1.yaml.bak deleted file mode 100755 index 0b017f8a3..000000000 --- a/queries/aws_waf_rate_based_rule_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_waf_rate_based_rule_1 -Title: "Find AWS WAF RateBasedRule info using SQL query" -Description: "Allows users to query AWS WAF RateBasedRule to retrieve information about rate-based security rules that AWS Web Application Firewall (WAF) uses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - metric_name - from - aws_waf_rate_based_rule; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Web Application Firewall diff --git a/queries/aws_waf_rate_based_rule_2.yaml.bak b/queries/aws_waf_rate_based_rule_2.yaml.bak deleted file mode 100755 index 09530e046..000000000 --- a/queries/aws_waf_rate_based_rule_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_waf_rate_based_rule_2 -Title: "Find rate-based security rules in AWS WAF" -Description: "Allows users to query AWS WAF RateBasedRule to retrieve information about rate-based security rules that AWS Web Application Firewall (WAF) uses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - p ->> 'DataId' as data_id, - p ->> 'Negated' as negated, - p ->> 'Type' as type - from - aws_waf_rate_based_rule, - jsonb_array_elements(predicates) as p - where - p ->> 'Negated' = 'True'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Web Application Firewall (WAF) diff --git a/queries/aws_waf_rule_1.yaml.bak b/queries/aws_waf_rule_1.yaml.bak deleted file mode 100755 index 7e1d80c77..000000000 --- a/queries/aws_waf_rule_1.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_waf_rule_1 -Title: "List AWS WAF Rules" -Description: "Allows users to query AWS Web Application Firewall (WAF) rules." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - metric_name - from - aws_waf_rule; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Web Application Firewall diff --git a/queries/aws_waf_rule_2.yaml.bak b/queries/aws_waf_rule_2.yaml.bak deleted file mode 100755 index 4d7137e28..000000000 --- a/queries/aws_waf_rule_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_waf_rule_2 -Title: "Find all AWS WAF rules with specific details" -Description: "Allows users to query AWS Web Application Firewall (WAF) rules." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - p ->> 'DataId' as data_id, - p ->> 'Negated' as negated, - p ->> 'Type' as type - from - aws_waf_rule, - jsonb_array_elements(predicates) as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Web Application Firewall diff --git a/queries/aws_waf_rule_group_1.yaml.bak b/queries/aws_waf_rule_group_1.yaml.bak deleted file mode 100755 index 8184ba784..000000000 --- a/queries/aws_waf_rule_group_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_waf_rule_group_1 -Title: "Find AWS WAF Rule Group Details with Rules and Metadata" -Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - rule_group_id, - metric_name, - activated_rules - from - aws_waf_rule_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WAF diff --git a/queries/aws_waf_rule_group_1.yaml.bak.bak b/queries/aws_waf_rule_group_1.yaml.bak.bak deleted file mode 100755 index 8184ba784..000000000 --- a/queries/aws_waf_rule_group_1.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_waf_rule_group_1 -Title: "Find AWS WAF Rule Group Details with Rules and Metadata" -Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - rule_group_id, - metric_name, - activated_rules - from - aws_waf_rule_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WAF diff --git a/queries/aws_waf_rule_group_2.yaml.bak b/queries/aws_waf_rule_group_2.yaml.bak deleted file mode 100755 index b38036fed..000000000 --- a/queries/aws_waf_rule_group_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_waf_rule_group_2 -Title: "Find AWS WAF Rule Groups with No Activated Rules" -Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - rule_group_id, - metric_name, - activated_rules - from - aws_waf_rule_group - where - activated_rules is null or jsonb_array_length(activated_rules) = 0; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF diff --git a/queries/aws_waf_rule_group_3.yaml.bak b/queries/aws_waf_rule_group_3.yaml.bak deleted file mode 100755 index 922af1b3a..000000000 --- a/queries/aws_waf_rule_group_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_waf_rule_group_3 -Title: "Query AWS WAF Rule Groups for Security Details" -Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as rule_group_name, - rule_group_id, - a ->> 'RuleId' as rule_id, - a -> 'Action' ->> 'Type' as rule_action_type, - a ->> 'Type' as rule_type - from - aws_waf_rule_group, - jsonb_array_elements(activated_rules) as a; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF diff --git a/queries/aws_waf_web_acl_1.yaml.bak b/queries/aws_waf_web_acl_1.yaml.bak deleted file mode 100755 index a157af0ec..000000000 --- a/queries/aws_waf_web_acl_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_waf_web_acl_1 -Title: "List all AWS WAF WebACLs and their configurations" -Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region, - default_action, - tags - from - aws_waf_web_acl; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF diff --git a/queries/aws_waf_web_acl_2.yaml.bak b/queries/aws_waf_web_acl_2.yaml.bak deleted file mode 100755 index 51a6b4ff1..000000000 --- a/queries/aws_waf_web_acl_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_waf_web_acl_2 -Title: "List all AWS WAF WebACLs configuration and rules" -Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - r ->> 'RuleId' as rule_id, - r ->> 'Type' as rule_type, - r ->> 'ExcludedRules' as excluded_rules, - r ->> 'OverrideAction' as override_action, - r -> 'Action' ->> 'Type' as action_type - from - aws_waf_web_acl, - jsonb_array_elements(rules) as r; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF diff --git a/queries/aws_waf_web_acl_3.yaml.bak b/queries/aws_waf_web_acl_3.yaml.bak deleted file mode 100755 index ca838dceb..000000000 --- a/queries/aws_waf_web_acl_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_waf_web_acl_3 -Title: "List all AWS WAF WebACLs and their configurations" -Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region, - default_action, - tags - from - aws_waf_web_acl - where - rules is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WAF diff --git a/queries/aws_waf_web_acl_4.yaml.bak b/queries/aws_waf_web_acl_4.yaml.bak deleted file mode 100755 index a910b51e5..000000000 --- a/queries/aws_waf_web_acl_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_waf_web_acl_4 -Title: "Find AWS WAF WebACLs and Retrieve Configurations" -Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region, - default_action - from - aws_waf_web_acl - where - default_action = 'ALLOW'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WAF diff --git a/queries/aws_waf_web_acl_5.yaml.bak b/queries/aws_waf_web_acl_5.yaml.bak deleted file mode 100755 index b6e1a5b23..000000000 --- a/queries/aws_waf_web_acl_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_waf_web_acl_5 -Title: "Find AWS WAF WebACL Configuration and Metadata" -Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region - from - aws_waf_web_acl - where - logging_configuration is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WAF diff --git a/queries/aws_wafregional_rule_1.yaml.bak b/queries/aws_wafregional_rule_1.yaml.bak deleted file mode 100755 index 725e7ebd5..000000000 --- a/queries/aws_wafregional_rule_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_wafregional_rule_1 -Title: "List AWS WAF Regional Rules and Details" -Description: "Allows users to query AWS WAF Regional Rules for detailed information about each rule, including its ID, metric name, name, and the predicates associated with it." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - metric_name - from - aws_wafregional_rule; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF diff --git a/queries/aws_wafregional_rule_1.yaml.bak.bak b/queries/aws_wafregional_rule_1.yaml.bak.bak deleted file mode 100755 index b8d01539e..000000000 --- a/queries/aws_wafregional_rule_1.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_wafregional_rule_1 -Title: "List AWS WAF Regional Rules and Details" -Description: "Allows users to query AWS WAF Regional Rules for detailed information about each rule, including its ID, metric name, name, and the predicates associated with it." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - metric_name - from - aws_wafregional_rule; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF diff --git a/queries/aws_wafregional_rule_2.yaml.bak b/queries/aws_wafregional_rule_2.yaml.bak deleted file mode 100755 index 9bd812141..000000000 --- a/queries/aws_wafregional_rule_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_wafregional_rule_2 -Title: "List all AWS WAF Regional Rules with Details" -Description: "Allows users to query AWS WAF Regional Rules for detailed information about each rule, including its ID, metric name, name, and the predicates associated with it." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - p ->> 'DataId' as data_id, - p ->> 'Negated' as negated, - p ->> 'Type' as type - from - aws_wafregional_rule, - jsonb_array_elements(predicates) as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF diff --git a/queries/aws_wafregional_rule_group_1.yaml.bak b/queries/aws_wafregional_rule_group_1.yaml.bak deleted file mode 100755 index d46dfb3df..000000000 --- a/queries/aws_wafregional_rule_group_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_wafregional_rule_group_1 -Title: "Find AWS WAF Regional Rule Groups Metadata and Details" -Description: "Allows users to query AWS WAF Regional Rule Groups to gather information about each rule group''s metadata, associated rules, and other relevant details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - rule_group_id, - metric_name, - activated_rules, - region - from - aws_wafregional_rule_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF Regional diff --git a/queries/aws_wafregional_rule_group_2.yaml.bak b/queries/aws_wafregional_rule_group_2.yaml.bak deleted file mode 100755 index 9f7f5db23..000000000 --- a/queries/aws_wafregional_rule_group_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_wafregional_rule_group_2 -Title: "List all AWS WAF Regional Rule Groups" -Description: "Allows users to query AWS WAF Regional Rule Groups to gather information about each rule group''s metadata, associated rules, and other relevant details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - rule_group_id, - metric_name, - activated_rules - from - aws_wafregional_rule_group - where - activated_rules is null or jsonb_array_length(activated_rules) = 0; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF Regional diff --git a/queries/aws_wafregional_rule_group_3.yaml.bak b/queries/aws_wafregional_rule_group_3.yaml.bak deleted file mode 100755 index 2c75223ec..000000000 --- a/queries/aws_wafregional_rule_group_3.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_wafregional_rule_group_3 -Title: "List all AWS WAF Regional Rule Groups and Details" -Description: "Allows users to query AWS WAF Regional Rule Groups to gather information about each rule group''s metadata, associated rules, and other relevant details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as rule_group_name, - rule_group_id, - a ->> 'RuleId' as rule_id, - a -> 'Action' ->> 'Type' as rule_action_type, - a ->> 'Type' as rule_type - from - aws_wafregional_rule_group, - jsonb_array_elements(activated_rules) as a; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF Regional diff --git a/queries/aws_wafregional_web_acl_1.yaml.bak b/queries/aws_wafregional_web_acl_1.yaml.bak deleted file mode 100755 index 42074a5a9..000000000 --- a/queries/aws_wafregional_web_acl_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_wafregional_web_acl_1 -Title: "List all AWS WAF Regional WebACL Information" -Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region, - default_action, - tags - from - aws_wafregional_web_acl; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF Regional diff --git a/queries/aws_wafregional_web_acl_2.yaml.bak b/queries/aws_wafregional_web_acl_2.yaml.bak deleted file mode 100755 index 1b5c5c7ad..000000000 --- a/queries/aws_wafregional_web_acl_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_wafregional_web_acl_2 -Title: "List all AWS WAF Regional WebACLs information" -Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - r ->> 'RuleId' as rule_id, - r ->> 'Type' as rule_type, - r ->> 'ExcludedRules' as excluded_rules, - r ->> 'OverrideAction' as override_action, - r -> 'Action' ->> 'Type' as action_type - from - aws_wafregional_web_acl, - jsonb_array_elements(rules) as r; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF Regional diff --git a/queries/aws_wafregional_web_acl_3.yaml.bak b/queries/aws_wafregional_web_acl_3.yaml.bak deleted file mode 100755 index 299c952bb..000000000 --- a/queries/aws_wafregional_web_acl_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_wafregional_web_acl_3 -Title: "Find AWS WAF Regional WebACL Information" -Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region, - default_action, - tags - from - aws_wafregional_web_acl - where - rules is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF Regional WebACL diff --git a/queries/aws_wafregional_web_acl_4.yaml.bak b/queries/aws_wafregional_web_acl_4.yaml.bak deleted file mode 100755 index df6f34799..000000000 --- a/queries/aws_wafregional_web_acl_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wafregional_web_acl_4 -Title: "Find AWS WAF Regional WebACL Details" -Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region, - default_action - from - aws_wafregional_web_acl - where - default_action = 'ALLOW'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WAF Regional diff --git a/queries/aws_wafregional_web_acl_5.yaml.bak b/queries/aws_wafregional_web_acl_5.yaml.bak deleted file mode 100755 index d314a8774..000000000 --- a/queries/aws_wafregional_web_acl_5.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_wafregional_web_acl_5 -Title: "Find all AWS WAF Regional WebACL Details" -Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region - from - aws_wafregional_web_acl - where - logging_configuration is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - WAF Regional diff --git a/queries/aws_wafv2_ip_set_1.yaml.bak b/queries/aws_wafv2_ip_set_1.yaml.bak deleted file mode 100755 index 6933d1335..000000000 --- a/queries/aws_wafv2_ip_set_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_wafv2_ip_set_1 -Title: "List all AWS WAFv2 IPSets with Detailed Information" -Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - addresses, - ip_address_version, - region - from - aws_wafv2_ip_set; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WAFv2 diff --git a/queries/aws_wafv2_ip_set_2.yaml.bak b/queries/aws_wafv2_ip_set_2.yaml.bak deleted file mode 100755 index 9845f05ca..000000000 --- a/queries/aws_wafv2_ip_set_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_wafv2_ip_set_2 -Title: "List all AWS WAFv2 IPSet Information with Metadata" -Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - addresses, - ip_address_version, - region - from - aws_wafv2_ip_set - where - scope = 'CLOUDFRONT'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - WAFv2 diff --git a/queries/aws_wafv2_ip_set_3.yaml.bak b/queries/aws_wafv2_ip_set_3.yaml.bak deleted file mode 100755 index 01f203af8..000000000 --- a/queries/aws_wafv2_ip_set_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_wafv2_ip_set_3 -Title: "Find AWS WAFv2 IPSet Information including IP Addresses" -Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - addresses, - ip_address_version, - region - from - aws_wafv2_ip_set - where - ip_address_version = 'IPV4'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - WAFv2 diff --git a/queries/aws_wafv2_ip_set_3.yaml.bak.bak b/queries/aws_wafv2_ip_set_3.yaml.bak.bak deleted file mode 100755 index 01f203af8..000000000 --- a/queries/aws_wafv2_ip_set_3.yaml.bak.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_wafv2_ip_set_3 -Title: "Find AWS WAFv2 IPSet Information including IP Addresses" -Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - addresses, - ip_address_version, - region - from - aws_wafv2_ip_set - where - ip_address_version = 'IPV4'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - WAFv2 diff --git a/queries/aws_wafv2_ip_set_4.yaml.bak b/queries/aws_wafv2_ip_set_4.yaml.bak deleted file mode 100755 index 55719a903..000000000 --- a/queries/aws_wafv2_ip_set_4.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_wafv2_ip_set_4 -Title: "Find AWS WAFv2 IPSet Information including IP Addresses" -Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - ip_address_version, - region, - address - from - aws_wafv2_ip_set, - jsonb_array_elements_text(addresses) as address - where - address = '1.2.3.4/32'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - WAFv2 diff --git a/queries/aws_wafv2_regex_pattern_set_1.yaml.bak b/queries/aws_wafv2_regex_pattern_set_1.yaml.bak deleted file mode 100755 index 86061270d..000000000 --- a/queries/aws_wafv2_regex_pattern_set_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wafv2_regex_pattern_set_1 -Title: "List all AWS WAFv2 Regex Pattern Sets in Steampipe" -Description: "Allows users to query AWS WAFv2 Regex Pattern Set data, providing details about the regex pattern sets used in AWS WAFv2 to filter web requests." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - regular_expressions, - region - from - aws_wafv2_regex_pattern_set; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - WAFv2 diff --git a/queries/aws_wafv2_regex_pattern_set_2.yaml.bak b/queries/aws_wafv2_regex_pattern_set_2.yaml.bak deleted file mode 100755 index 2c888abfa..000000000 --- a/queries/aws_wafv2_regex_pattern_set_2.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_wafv2_regex_pattern_set_2 -Title: "Find AWS WAFv2 Regex Pattern Sets in CloudFront" -Description: "Allows users to query AWS WAFv2 Regex Pattern Set data, providing details about the regex pattern sets used in AWS WAFv2 to filter web requests." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - regular_expressions, - region - from - aws_wafv2_regex_pattern_set - where - scope = 'CLOUDFRONT'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WAFv2 diff --git a/queries/aws_wafv2_regex_pattern_set_3.yaml.bak b/queries/aws_wafv2_regex_pattern_set_3.yaml.bak deleted file mode 100755 index 570ff312a..000000000 --- a/queries/aws_wafv2_regex_pattern_set_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_wafv2_regex_pattern_set_3 -Title: "Find all AWS WAFv2 Regex Pattern Set data details" -Description: "Allows users to query AWS WAFv2 Regex Pattern Set data, providing details about the regex pattern sets used in AWS WAFv2 to filter web requests." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - wrps.id, - scope, - regular_expressions, - region - from - aws_wafv2_regex_pattern_set as wrps, - jsonb_array_elements_text(regular_expressions) as regex - where - regex = '^steampipe'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WAFv2 diff --git a/queries/aws_wafv2_rule_group_1.yaml.bak b/queries/aws_wafv2_rule_group_1.yaml.bak deleted file mode 100755 index 2f83ae95f..000000000 --- a/queries/aws_wafv2_rule_group_1.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_wafv2_rule_group_1 -Title: "List all AWS WAFv2 Rule Groups and their details" -Description: "Allows users to query AWS WAFv2 Rule Groups and gather information such as the group''s ARN, capacity, description, rules, visibility configuration, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - capacity, - rules, - region - from - aws_wafv2_rule_group; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WAFv2 diff --git a/queries/aws_wafv2_rule_group_2.yaml.bak b/queries/aws_wafv2_rule_group_2.yaml.bak deleted file mode 100755 index a026a9c55..000000000 --- a/queries/aws_wafv2_rule_group_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_wafv2_rule_group_2 -Title: "List all AWS WAFv2 Rule Groups with Capacity and Details" -Description: "Allows users to query AWS WAFv2 Rule Groups and gather information such as the group''s ARN, capacity, description, rules, visibility configuration, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - capacity, - region - from - aws_wafv2_rule_group - where - scope = 'CLOUDFRONT'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WAFv2 diff --git a/queries/aws_wafv2_rule_group_3.yaml.bak b/queries/aws_wafv2_rule_group_3.yaml.bak deleted file mode 100755 index ccfb07a56..000000000 --- a/queries/aws_wafv2_rule_group_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_wafv2_rule_group_3 -Title: "List AWS WAFv2 Rule Groups with Capacity Info" -Description: "Allows users to query AWS WAFv2 Rule Groups and gather information such as the group''s ARN, capacity, description, rules, visibility configuration, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - capacity, - region - from - aws_wafv2_rule_group - where - capacity < 5; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WAFv2 diff --git a/queries/aws_wafv2_web_acl_1.yaml.bak b/queries/aws_wafv2_web_acl_1.yaml.bak deleted file mode 100755 index 0a15bfcb0..000000000 --- a/queries/aws_wafv2_web_acl_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_wafv2_web_acl_1 -Title: "Find AWS WAFv2 WebACL Resources Information" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - scope, - description, - capacity, - managed_by_firewall_manager - from - aws_wafv2_web_acl; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WAFv2 diff --git a/queries/aws_wafv2_web_acl_2.yaml.bak b/queries/aws_wafv2_web_acl_2.yaml.bak deleted file mode 100755 index b1016970d..000000000 --- a/queries/aws_wafv2_web_acl_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_wafv2_web_acl_2 -Title: "List all AWS WAFv2 WebACLs and their Metric Names" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - visibility_config ->> 'CloudWatchMetricsEnabled' as cloud_watch_metrics_enabled, - visibility_config ->> 'MetricName' as metric_name - from - aws_wafv2_web_acl; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WAFv2 diff --git a/queries/aws_wafv2_web_acl_3.yaml.bak b/queries/aws_wafv2_web_acl_3.yaml.bak deleted file mode 100755 index 59bb79e66..000000000 --- a/queries/aws_wafv2_web_acl_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wafv2_web_acl_3 -Title: "Find all AWS WAFv2 WebACLs with Disabled Sampled Requests" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - visibility_config ->> 'SampledRequestsEnabled' as sampled_requests_enabled - from - aws_wafv2_web_acl - where - visibility_config ->> 'SampledRequestsEnabled' = 'false'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WAFv2 diff --git a/queries/aws_wafv2_web_acl_4.yaml.bak b/queries/aws_wafv2_web_acl_4.yaml.bak deleted file mode 100755 index d889323ec..000000000 --- a/queries/aws_wafv2_web_acl_4.yaml.bak +++ /dev/null @@ -1,41 +0,0 @@ -ID: aws_wafv2_web_acl_4 -Title: "List AWS WAFv2 WebACLs and Manage Information" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - r ->> 'Name' as name, - r -> 'Statement' ->> 'AndStatement' as and_statement, - r -> 'Statement' ->> 'ByteMatchStatement' as byte_match_statement, - r -> 'Statement' ->> 'GeoMatchStatement' as geo_match_statement, - r -> 'Statement' ->> 'IPSetReferenceStatement' as ip_set_reference_statement, - r -> 'Statement' ->> 'NotStatement' as not_statement, - r -> 'Statement' ->> 'OrStatement' as or_statement, - r -> 'Statement' ->> 'RateBasedStatement' as rate_based_statement, - r -> 'Statement' ->> 'RegexPatternSetReferenceStatement' as regex_pattern_set_reference_statement, - r -> 'Statement' ->> 'RuleGroupReferenceStatement' as rule_group_reference_statement, - r -> 'Statement' ->> 'SizeConstraintStatement' as size_constraint_statement, - r -> 'Statement' ->> 'SqliMatchStatement' as sql_match_statement, - r -> 'Statement' ->> 'XssMatchStatement' as xss_match_statement - from - aws_wafv2_web_acl, - jsonb_array_elements(rules) as r; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WAFv2 diff --git a/queries/aws_wafv2_web_acl_5.yaml.bak b/queries/aws_wafv2_web_acl_5.yaml.bak deleted file mode 100755 index 3a2771030..000000000 --- a/queries/aws_wafv2_web_acl_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_wafv2_web_acl_5 -Title: "Find AWS WAFv2 WebACLs and Manage WebACL Resources" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - scope, - region - from - aws_wafv2_web_acl - where - scope = 'REGIONAL'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_provider: - - aws - cloud_service: - - WAFv2 diff --git a/queries/aws_wafv2_web_acl_6.yaml.bak b/queries/aws_wafv2_web_acl_6.yaml.bak deleted file mode 100755 index acda79491..000000000 --- a/queries/aws_wafv2_web_acl_6.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_wafv2_web_acl_6 -Title: "Find WebACL Resources in AWS WAFv2 Without Logging" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - scope, - region - from - aws_wafv2_web_acl - where - logging_configuration is null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_network_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WAFv2 diff --git a/queries/aws_wafv2_web_acl_7.yaml.bak b/queries/aws_wafv2_web_acl_7.yaml.bak deleted file mode 100755 index ce1631fdc..000000000 --- a/queries/aws_wafv2_web_acl_7.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_wafv2_web_acl_7 -Title: "Find AWS WAFv2 WebACLs and Associated Load Balancers" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lb.name as application_load_balancer_name, - w.name as web_acl_name, - w.id as web_acl_id, - w.scope as web_acl_scope, - lb.type as application_load_balancer_type - from - aws_ec2_application_load_balancer as lb, - aws_wafv2_web_acl as w, - jsonb_array_elements_text(associated_resources) as arns - where - lb.arn = arns; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WAFv2 diff --git a/queries/aws_wellarchitected_answer_1.yaml.bak b/queries/aws_wellarchitected_answer_1.yaml.bak deleted file mode 100755 index 201474fcb..000000000 --- a/queries/aws_wellarchitected_answer_1.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_wellarchitected_answer_1 -Title: "List All AWS Well-Architected Tool Answer Data" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.question_id, - a.lens_alias, - a.workload_id, - a.is_applicable, - a.pillar_id, - a.question_title, - a.risk, - a.reason, - a.region - from - aws_wellarchitected_answer a; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_answer_2.yaml.bak b/queries/aws_wellarchitected_answer_2.yaml.bak deleted file mode 100755 index 7417617ec..000000000 --- a/queries/aws_wellarchitected_answer_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_wellarchitected_answer_2 -Title: "List all AWS Well-Architected Tool Answers by Workload and Pillar" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.workload_id, - a.pillar_id, - count(a.question_id) as total_questions - from - aws_wellarchitected_answer a - group by - a.workload_id, - a.pillar_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_answer_3.yaml.bak b/queries/aws_wellarchitected_answer_3.yaml.bak deleted file mode 100755 index 4a5b60a7c..000000000 --- a/queries/aws_wellarchitected_answer_3.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_wellarchitected_answer_3 -Title: "Find AWS Well-Architected Tool Answer Data" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.question_id, - a.lens_alias, - a.workload_id, - a.question_title, - a.question_description, - c ->> 'Title' as choice_title, - c ->> 'ChoiceId' as choice_id, - c ->> 'Description' as choice_description, - c ->> 'HelpfulResource' as choice_helpful_resource, - c ->> 'ImprovementPlan' as choice_improvement_plan - from - aws_wellarchitected_answer a, - jsonb_array_elements(choices) c; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_answer_4.yaml.bak b/queries/aws_wellarchitected_answer_4.yaml.bak deleted file mode 100755 index f25ac0cef..000000000 --- a/queries/aws_wellarchitected_answer_4.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_wellarchitected_answer_4 -Title: "List AWS Well-Architected Tool Answer Data" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.question_id, - a.lens_alias, - a.workload_id, - a.question_title, - a.question_description, - c ->> 'Notes' as choice_notes, - c ->> 'Reason' as choice_reason, - c ->> 'Status' as choice_status, - c ->> 'ChoiceId' as choice_id - from - aws_wellarchitected_answer a, - jsonb_array_elements(choice_answers) c; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_answer_5.yaml.bak b/queries/aws_wellarchitected_answer_5.yaml.bak deleted file mode 100755 index ab0cbb9e8..000000000 --- a/queries/aws_wellarchitected_answer_5.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_wellarchitected_answer_5 -Title: "List all AWS Well-Architected Tools Answers and Details" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.question_id, - a.lens_alias, - a.workload_id, - a.question_title, - a.question_description, - reason - from - aws_wellarchitected_answer a - where - not is_applicable; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_answer_6.yaml.bak b/queries/aws_wellarchitected_answer_6.yaml.bak deleted file mode 100755 index 1425975f6..000000000 --- a/queries/aws_wellarchitected_answer_6.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_wellarchitected_answer_6 -Title: "List All AWS Well-Architected Tool Answer Data" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.question_id, - a.lens_alias, - a.workload_id, - a.question_title, - a.risk, - c ->> 'ChoiceId' as choice_id, - c ->> 'Status' as choice_status, - c ->> 'Reason' as choice_reason, - c ->> 'Notes' as choice_notes - from - aws_wellarchitected_answer a, - jsonb_array_elements(choice_answers) c - where - risk = 'HIGH' - or risk = 'MEDIUM'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_answer_7.yaml.bak b/queries/aws_wellarchitected_answer_7.yaml.bak deleted file mode 100755 index fdbde3236..000000000 --- a/queries/aws_wellarchitected_answer_7.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_wellarchitected_answer_7 -Title: "List all AWS Well-Architected Tool Answers by Risk" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - risk, - count(question_id) as total_questions - from - aws_wellarchitected_answer - where - risk = 'HIGH' - or risk = 'MEDIUM' - group by - workload_id, - risk; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_1.yaml.bak b/queries/aws_wellarchitected_check_detail_1.yaml.bak deleted file mode 100755 index f1fc40d2c..000000000 --- a/queries/aws_wellarchitected_check_detail_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_wellarchitected_check_detail_1 -Title: "Find Details on AWS Well-Architected Tool Checks" -Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - lens_arn, - pillar_id, - question_id, - choice_id, - id, - name, - description, - status - from - aws_wellarchitected_check_detail; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_2.yaml.bak b/queries/aws_wellarchitected_check_detail_2.yaml.bak deleted file mode 100755 index 13aaefcaa..000000000 --- a/queries/aws_wellarchitected_check_detail_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_wellarchitected_check_detail_2 -Title: "List AWS Well-Architected Tool Check Details" -Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - status, - count(id) as checks - from - aws_wellarchitected_check_detail - group by - workload_id, - status; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_3.yaml.bak b/queries/aws_wellarchitected_check_detail_3.yaml.bak deleted file mode 100755 index 657cea399..000000000 --- a/queries/aws_wellarchitected_check_detail_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_wellarchitected_check_detail_3 -Title: "Find AWS Well-Architected Tool Check Details for Security" -Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - lens_arn, - pillar_id, - question_id, - choice_id, - id, - name, - description, - status - from - aws_wellarchitected_check_detail - where - pillar_id = 'security'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_4.yaml.bak b/queries/aws_wellarchitected_check_detail_4.yaml.bak deleted file mode 100755 index 24421745d..000000000 --- a/queries/aws_wellarchitected_check_detail_4.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_wellarchitected_check_detail_4 -Title: "Find AWS Well-Architected Tool Check Details Status" -Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - choice_id, - name, - pillar_id, - question_id, - flagged_resources, - updated_at - from - aws_wellarchitected_check_detail - where - status = 'ERROR'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_5.yaml.bak b/queries/aws_wellarchitected_check_detail_5.yaml.bak deleted file mode 100755 index 7f48fd819..000000000 --- a/queries/aws_wellarchitected_check_detail_5.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_wellarchitected_check_detail_5 -Title: "List all AWS Well-Architected Tool Check Details" -Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - w.workload_name, - w.workload_id, - w.environment, - w.industry, - w.owner, - d.name as check_name, - d.flagged_resources, - d.pillar_id - from - aws_wellarchitected_check_detail d, - aws_wellarchitected_workload w - where - d.workload_id = w.workload_id - and d.status = 'ERROR'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_6.yaml.bak b/queries/aws_wellarchitected_check_detail_6.yaml.bak deleted file mode 100755 index 0e9b22af8..000000000 --- a/queries/aws_wellarchitected_check_detail_6.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_wellarchitected_check_detail_6 -Title: "Find AWS Well-Architected Tool Check Detail Information" -Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - choice_id, - name, - pillar_id, - question_id, - flagged_resources, - status, - updated_at - from - aws_wellarchitected_check_detail - where - lens_arn = 'arn:aws:wellarchitected::aws:lens/wellarchitected' - and workload_id = 'abcdc851ac1d8d9d5b9938615da016ce'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_detail_6.yaml.bak.bak b/queries/aws_wellarchitected_check_detail_6.yaml.bak.bak deleted file mode 100755 index 0e9b22af8..000000000 --- a/queries/aws_wellarchitected_check_detail_6.yaml.bak.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_wellarchitected_check_detail_6 -Title: "Find AWS Well-Architected Tool Check Detail Information" -Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - choice_id, - name, - pillar_id, - question_id, - flagged_resources, - status, - updated_at - from - aws_wellarchitected_check_detail - where - lens_arn = 'arn:aws:wellarchitected::aws:lens/wellarchitected' - and workload_id = 'abcdc851ac1d8d9d5b9938615da016ce'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_summary_1.yaml.bak b/queries/aws_wellarchitected_check_summary_1.yaml.bak deleted file mode 100755 index 4fedc9b45..000000000 --- a/queries/aws_wellarchitected_check_summary_1.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_wellarchitected_check_summary_1 -Title: "List all AWS Well-Architected Tool Check Summary Details" -Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - description, - jsonb_pretty(account_summary) as account_summary, - choice_id, - lens_arn, - pillar_id, - question_id, - status, - region, - workload_id - from - aws_wellarchitected_check_summary; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_summary_2.yaml.bak b/queries/aws_wellarchitected_check_summary_2.yaml.bak deleted file mode 100755 index 7358c46cc..000000000 --- a/queries/aws_wellarchitected_check_summary_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_wellarchitected_check_summary_2 -Title: "Find AWS Well-Architected Tool Check Summary Details" -Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - id, - name, - jsonb_pretty(account_summary) as account_summary, - status, - choice_id, - pillar_id, - question_id - from - aws_wellarchitected_check_summary - where - workload_id = 'abcdc851ac1d8d9d5b9938615da016ce'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_summary_3.yaml.bak b/queries/aws_wellarchitected_check_summary_3.yaml.bak deleted file mode 100755 index 5398b2ae4..000000000 --- a/queries/aws_wellarchitected_check_summary_3.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_wellarchitected_check_summary_3 -Title: "Find AWS Well-Architected Tool Check Summaries" -Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - id, - name, - jsonb_pretty(account_summary) as account_summary, - pillar_id, - question_id - from - aws_wellarchitected_check_summary - where - status = 'ERROR'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_summary_4.yaml.bak b/queries/aws_wellarchitected_check_summary_4.yaml.bak deleted file mode 100755 index 74c30e80b..000000000 --- a/queries/aws_wellarchitected_check_summary_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_wellarchitected_check_summary_4 -Title: "Query AWS Well-Architected Tool Check Summaries" -Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - id, - name, - account_summary ->> 'ERROR' as errors, - account_summary ->> 'FETCH_FAILED' as fetch_failed, - account_summary ->> 'NOT_AVAILABLE' as not_available, - account_summary ->> 'OKAY' as okay, - account_summary ->> 'WARNING' as warnings, - pillar_id, - question_id - from - aws_wellarchitected_check_summary; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_check_summary_5.yaml.bak b/queries/aws_wellarchitected_check_summary_5.yaml.bak deleted file mode 100755 index 3af3eb100..000000000 --- a/queries/aws_wellarchitected_check_summary_5.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_wellarchitected_check_summary_5 -Title: "Find AWS Well-Architected Tool Check Summary Insights" -Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - id, - name, - account_summary ->> 'ERROR' as errors, - account_summary ->> 'FETCH_FAILED' as fetch_failed, - account_summary ->> 'NOT_AVAILABLE' as not_available, - account_summary ->> 'OKAY' as okay, - account_summary ->> 'WARNING' as warnings, - pillar_id, - question_id - from - aws_wellarchitected_check_summary - where - lens_arn = 'arn:aws:wellarchitected::aws:lens/wellarchitected' - and workload_id = 'abcdc851ac1d8d9d5b9938615da016ce'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_consolidated_report_1.yaml.bak b/queries/aws_wellarchitected_consolidated_report_1.yaml.bak deleted file mode 100755 index 9d671bcb9..000000000 --- a/queries/aws_wellarchitected_consolidated_report_1.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_wellarchitected_consolidated_report_1 -Title: "List all AWS Well-Architected Tool Consolidated Reports" -Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_arn, - workload_id, - lenses_applied_count, - metric_type, - updated_at - from - aws_wellarchitected_consolidated_report; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_consolidated_report_2.yaml.bak b/queries/aws_wellarchitected_consolidated_report_2.yaml.bak deleted file mode 100755 index 08a42f304..000000000 --- a/queries/aws_wellarchitected_consolidated_report_2.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_wellarchitected_consolidated_report_2 -Title: "Find All AWS Well-Architected Consolidated Reports" -Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.workload_name, - r.workload_arn, - r.workload_id, - r.lenses_applied_count, - w.environment as workload_environment, - w.improvement_status as workload_improvement_status, - w.review_restriction_date as workload_review_restriction_date - from - aws_wellarchitected_consolidated_report as r, - aws_wellarchitected_workload as w - where - w.workload_id = r.workload_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_consolidated_report_2.yaml.bak.bak b/queries/aws_wellarchitected_consolidated_report_2.yaml.bak.bak deleted file mode 100755 index 08a42f304..000000000 --- a/queries/aws_wellarchitected_consolidated_report_2.yaml.bak.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_wellarchitected_consolidated_report_2 -Title: "Find All AWS Well-Architected Consolidated Reports" -Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.workload_name, - r.workload_arn, - r.workload_id, - r.lenses_applied_count, - w.environment as workload_environment, - w.improvement_status as workload_improvement_status, - w.review_restriction_date as workload_review_restriction_date - from - aws_wellarchitected_consolidated_report as r, - aws_wellarchitected_workload as w - where - w.workload_id = r.workload_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_consolidated_report_3.yaml.bak b/queries/aws_wellarchitected_consolidated_report_3.yaml.bak deleted file mode 100755 index 63ce399ef..000000000 --- a/queries/aws_wellarchitected_consolidated_report_3.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_wellarchitected_consolidated_report_3 -Title: "List all AWS Well-Architected Tool Consolidated Reports" -Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_id, - risk_counts -> 'HIGH' as high_risk_counts - from - aws_wellarchitected_consolidated_report; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_consolidated_report_4.yaml.bak b/queries/aws_wellarchitected_consolidated_report_4.yaml.bak deleted file mode 100755 index 4953b4c77..000000000 --- a/queries/aws_wellarchitected_consolidated_report_4.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_wellarchitected_consolidated_report_4 -Title: "List all AWS Well-Architected Tool Consolidated Reports" -Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_id, - l ->> 'LensArn' as lens_arn, - l -> 'Pillars' as pillars, - l -> 'RiskCounts' as risk_counts - from - aws_wellarchitected_consolidated_report, - jsonb_array_elements(lenses) as l; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_1.yaml.bak b/queries/aws_wellarchitected_lens_1.yaml.bak deleted file mode 100755 index 28a7810e8..000000000 --- a/queries/aws_wellarchitected_lens_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_wellarchitected_lens_1 -Title: "List all AWS Well-Architected Lenses with details" -Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_alias, - arn, - lens_status, - lens_type, - owner - from - aws_wellarchitected_lens; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected diff --git a/queries/aws_wellarchitected_lens_2.yaml.bak b/queries/aws_wellarchitected_lens_2.yaml.bak deleted file mode 100755 index 3c999f268..000000000 --- a/queries/aws_wellarchitected_lens_2.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_wellarchitected_lens_2 -Title: "List AWS Well-Architected Lens Details" -Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select distinct - on(arn) arn, - lens_name, - lens_status, - lens_type - from - aws_wellarchitected_lens; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Lens diff --git a/queries/aws_wellarchitected_lens_3.yaml.bak b/queries/aws_wellarchitected_lens_3.yaml.bak deleted file mode 100755 index 261c9a595..000000000 --- a/queries/aws_wellarchitected_lens_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_wellarchitected_lens_3 -Title: "Find AWS Well-Architected Lens details" -Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - arn, - lens_status, - lens_type, - owner, - share_invitation_id - from - aws_wellarchitected_lens - where - lens_type = 'CUSTOM_SHARED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Lens diff --git a/queries/aws_wellarchitected_lens_4.yaml.bak b/queries/aws_wellarchitected_lens_4.yaml.bak deleted file mode 100755 index 5af1e231b..000000000 --- a/queries/aws_wellarchitected_lens_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wellarchitected_lens_4 -Title: "List all AWS Well-Architected Lens with Details" -Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_status, - lens_type, - lens_version, - owner - from - aws_wellarchitected_lens - where - lens_status = 'DEPRECATED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Well-Architected Lens diff --git a/queries/aws_wellarchitected_lens_5.yaml.bak b/queries/aws_wellarchitected_lens_5.yaml.bak deleted file mode 100755 index 05fd213e1..000000000 --- a/queries/aws_wellarchitected_lens_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wellarchitected_lens_5 -Title: "List all AWS Well-Architected Lens with Details" -Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_status, - lens_type, - created_at, - lens_version - from - aws_wellarchitected_lens - where - created_at <= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Lens diff --git a/queries/aws_wellarchitected_lens_5.yaml.bak.bak b/queries/aws_wellarchitected_lens_5.yaml.bak.bak deleted file mode 100755 index 05fd213e1..000000000 --- a/queries/aws_wellarchitected_lens_5.yaml.bak.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wellarchitected_lens_5 -Title: "List all AWS Well-Architected Lens with Details" -Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_status, - lens_type, - created_at, - lens_version - from - aws_wellarchitected_lens - where - created_at <= now() - interval '30' day; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Lens diff --git a/queries/aws_wellarchitected_lens_6.yaml.bak b/queries/aws_wellarchitected_lens_6.yaml.bak deleted file mode 100755 index 8c8e51f05..000000000 --- a/queries/aws_wellarchitected_lens_6.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_wellarchitected_lens_6 -Title: "List All AWS Well-Architected Lens Details" -Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_status, - lens_type, - lens_version, - owner, - account_id - from - aws_wellarchitected_lens - where - owner = account_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Lens diff --git a/queries/aws_wellarchitected_lens_review_1.yaml.bak b/queries/aws_wellarchitected_lens_review_1.yaml.bak deleted file mode 100755 index f47c53479..000000000 --- a/queries/aws_wellarchitected_lens_review_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_wellarchitected_lens_review_1 -Title: "List all AWS Well-Architected Tool Lens Reviews" -Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - workload_id, - lens_arn, - lens_alias, - lens_version, - updated_at - from - aws_wellarchitected_lens_review; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_2.yaml.bak b/queries/aws_wellarchitected_lens_review_2.yaml.bak deleted file mode 100755 index bc066f9a6..000000000 --- a/queries/aws_wellarchitected_lens_review_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_wellarchitected_lens_review_2 -Title: "List all AWS Well-Architected Lens Reviews with Status" -Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - workload_id, - lens_alias, - lens_status - from - aws_wellarchitected_lens_review - where - lens_status = 'DEPRECATED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_3.yaml.bak b/queries/aws_wellarchitected_lens_review_3.yaml.bak deleted file mode 100755 index 104d6c952..000000000 --- a/queries/aws_wellarchitected_lens_review_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_wellarchitected_lens_review_3 -Title: "List all AWS Well-Architected Tool Lens Review Information" -Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - workload_id, - risk_counts -> 'HIGH' as high_risk_counts - from - aws_wellarchitected_lens_review; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_4.yaml.bak b/queries/aws_wellarchitected_lens_review_4.yaml.bak deleted file mode 100755 index d017283f8..000000000 --- a/queries/aws_wellarchitected_lens_review_4.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_wellarchitected_lens_review_4 -Title: "Query AWS Well-Architected Lens Reviews using SQL" -Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.lens_name, - r.workload_id, - r.lens_status, - r.lens_version, - w.architectural_design, - w.environment, - w.review_restriction_date - from - aws_wellarchitected_lens_review as r, - aws_wellarchitected_workload as w - where - r.workload_id = w.workload_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_5.yaml.bak b/queries/aws_wellarchitected_lens_review_5.yaml.bak deleted file mode 100755 index f5f621769..000000000 --- a/queries/aws_wellarchitected_lens_review_5.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_wellarchitected_lens_review_5 -Title: "List AWS Well-Architected Tool Lens Reviews with SQL" -Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_arn, - s ->> 'Notes' as pillar_review_summary_note, - s ->> 'PillarId' as pillar_id, - s ->> 'PillarName' as pillar_name, - s ->> 'RiskCounts' as RiskCounts - from - aws_wellarchitected_lens_review, - jsonb_array_elements(pillar_review_summaries) as s; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_5.yaml.bak.bak b/queries/aws_wellarchitected_lens_review_5.yaml.bak.bak deleted file mode 100755 index f5f621769..000000000 --- a/queries/aws_wellarchitected_lens_review_5.yaml.bak.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_wellarchitected_lens_review_5 -Title: "List AWS Well-Architected Tool Lens Reviews with SQL" -Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_arn, - s ->> 'Notes' as pillar_review_summary_note, - s ->> 'PillarId' as pillar_id, - s ->> 'PillarName' as pillar_name, - s ->> 'RiskCounts' as RiskCounts - from - aws_wellarchitected_lens_review, - jsonb_array_elements(pillar_review_summaries) as s; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_6.yaml.bak b/queries/aws_wellarchitected_lens_review_6.yaml.bak deleted file mode 100755 index 2e3e3eaa2..000000000 --- a/queries/aws_wellarchitected_lens_review_6.yaml.bak +++ /dev/null @@ -1,24 +0,0 @@ -ID: aws_wellarchitected_lens_review_6 -Title: "Find Lens Reviews with Workload and Milestone Info" -Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_arn, - jsonb_pretty(risk_counts) as risk_counts - from - aws_wellarchitected_lens_review; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_improvement_1.yaml.bak b/queries/aws_wellarchitected_lens_review_improvement_1.yaml.bak deleted file mode 100755 index 3e091359b..000000000 --- a/queries/aws_wellarchitected_lens_review_improvement_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_wellarchitected_lens_review_improvement_1 -Title: "List AWS Well-Architected Framework Lens Review Improvements" -Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_alias, - lens_arn, - workload_id, - improvement_plan_url, - pillar_id, - question_id, - question_title - from - aws_wellarchitected_lens_review_improvement; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Framework diff --git a/queries/aws_wellarchitected_lens_review_improvement_2.yaml.bak b/queries/aws_wellarchitected_lens_review_improvement_2.yaml.bak deleted file mode 100755 index 22fe9b6c4..000000000 --- a/queries/aws_wellarchitected_lens_review_improvement_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_wellarchitected_lens_review_improvement_2 -Title: "List All AWS Lens Review Improvements with High Risk" -Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_alias, - lens_arn, - workload_id, - improvement_plan_url, - question_id, - question_title, - risk - from - aws_wellarchitected_lens_review_improvement - where - workload_id = '4fca39b680a31bb118be6bc0d177849d' - and risk = 'HIGH'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Framework diff --git a/queries/aws_wellarchitected_lens_review_improvement_3.yaml.bak b/queries/aws_wellarchitected_lens_review_improvement_3.yaml.bak deleted file mode 100755 index 9d2558af6..000000000 --- a/queries/aws_wellarchitected_lens_review_improvement_3.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_wellarchitected_lens_review_improvement_3 -Title: "List All Lens Review Improvements in AWS Well-Architected" -Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_arn, - workload_id, - risk, - count(risk) - from - aws_wellarchitected_lens_review_improvement - where - lens_alias = 'wellarchitected' - and workload_id = '4fca39b680a31bb118be6bc0d177849d' - group by - risk, - lens_arn, - workload_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Framework diff --git a/queries/aws_wellarchitected_lens_review_improvement_4.yaml.bak b/queries/aws_wellarchitected_lens_review_improvement_4.yaml.bak deleted file mode 100755 index 1c941c06e..000000000 --- a/queries/aws_wellarchitected_lens_review_improvement_4.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_wellarchitected_lens_review_improvement_4 -Title: "List AWS Well-Architected Framework Lens Review Improvements" -Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_alias, - workload_id, - p ->> 'ChoiceId' as choice_id, - p ->> 'DisplayText' as display_text, - p ->> 'ImprovementPlanUrl' as improvement_plan_url - from - aws_wellarchitected_lens_review_improvement, - jsonb_array_elements(improvement_plans) as p; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Framework diff --git a/queries/aws_wellarchitected_lens_review_report_1.yaml.bak b/queries/aws_wellarchitected_lens_review_report_1.yaml.bak deleted file mode 100755 index 0459317d3..000000000 --- a/queries/aws_wellarchitected_lens_review_report_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wellarchitected_lens_review_report_1 -Title: "Find AWS Well-Architected Tool Lens Review Reports" -Description: "Allows users to query Lens Review Reports in the AWS Well-Architected Tool." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_alias, - lens_arn, - workload_id, - milestone_number, - base64_string - from - aws_wellarchitected_lens_review_report; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_report_2.yaml.bak b/queries/aws_wellarchitected_lens_review_report_2.yaml.bak deleted file mode 100755 index 9e7cda16a..000000000 --- a/queries/aws_wellarchitected_lens_review_report_2.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_wellarchitected_lens_review_report_2 -Title: "List all AWS Well-Architected Tool Lens Review Reports" -Description: "Allows users to query Lens Review Reports in the AWS Well-Architected Tool." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - w.workload_name, - r.workload_id, - r.base64_string, - w.environment, - w.is_review_owner_update_acknowledged - from - aws_wellarchitected_lens_review_report as r, - aws_wellarchitected_workload as w - where - r.workload_id = w.workload_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_review_report_3.yaml.bak b/queries/aws_wellarchitected_lens_review_report_3.yaml.bak deleted file mode 100755 index f6bb77fb4..000000000 --- a/queries/aws_wellarchitected_lens_review_report_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_wellarchitected_lens_review_report_3 -Title: "List all AWS Well-Architected Tool Lens Review Reports" -Description: "Allows users to query Lens Review Reports in the AWS Well-Architected Tool." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.lens_alias, - r.lens_arn, - r.base64_string, - l.lens_type - from - aws_wellarchitected_lens_review_report as r, - aws_wellarchitected_lens as l - where - l.lens_type <> `aws_OFFICIAL'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_share_1.yaml.bak b/queries/aws_wellarchitected_lens_share_1.yaml.bak deleted file mode 100755 index 76b73e7de..000000000 --- a/queries/aws_wellarchitected_lens_share_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_wellarchitected_lens_share_1 -Title: "Find AWS Well-Architected Tool Lens Shares Details" -Description: "Allows users to query Lens Shares in AWS Well-Architected Tool, providing details about shared lenses including the share ARN, share status, and the AWS account ID of the lens owner." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_alias, - lens_arn, - share_id, - shared_with - from - aws_wellarchitected_lens_share; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_share_2.yaml.bak b/queries/aws_wellarchitected_lens_share_2.yaml.bak deleted file mode 100755 index 337470341..000000000 --- a/queries/aws_wellarchitected_lens_share_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_wellarchitected_lens_share_2 -Title: "Find AWS Well-Architected Tool Lens Shares Details" -Description: "Allows users to query Lens Shares in AWS Well-Architected Tool, providing details about shared lenses including the share ARN, share status, and the AWS account ID of the lens owner." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.lens_name, - l.arn, - l.lens_status, - l.lens_type, - l.owner, - l.share_invitation_id - from - aws_wellarchitected_lens_share as s, - aws_wellarchitected_lens as l - where - s.lens_arn = l.arn; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_lens_share_3.yaml.bak b/queries/aws_wellarchitected_lens_share_3.yaml.bak deleted file mode 100755 index 6377eb4e2..000000000 --- a/queries/aws_wellarchitected_lens_share_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_wellarchitected_lens_share_3 -Title: "List all AWS Well-Architected Tool Lens Shares" -Description: "Allows users to query Lens Shares in AWS Well-Architected Tool, providing details about shared lenses including the share ARN, share status, and the AWS account ID of the lens owner." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_alias, - lens_arn, - share_id, - shared_with, - status - from - aws_wellarchitected_lens_share - where - status = 'PENDING'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_milestone_1.yaml.bak b/queries/aws_wellarchitected_milestone_1.yaml.bak deleted file mode 100755 index 6e44180e7..000000000 --- a/queries/aws_wellarchitected_milestone_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_wellarchitected_milestone_1 -Title: "List all AWS Well-Architected Tool Milestones" -Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - milestone_name, - milestone_number, - recorded_at, - region - from - aws_wellarchitected_milestone; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_milestone_2.yaml.bak b/queries/aws_wellarchitected_milestone_2.yaml.bak deleted file mode 100755 index 31c1369ee..000000000 --- a/queries/aws_wellarchitected_milestone_2.yaml.bak +++ /dev/null @@ -1,42 +0,0 @@ -ID: aws_wellarchitected_milestone_2 -Title: "List AWS Well-Architected Tool milestone details" -Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with latest_milestones as - ( - select - max(milestone_number) as milestone_number, - workload_id - from - aws_wellarchitected_milestone - group by - workload_id - ) - select - m.workload_id, - m.milestone_name, - m.milestone_number as latest_milestone_number, - m.recorded_at, - m.region - from - aws_wellarchitected_milestone m, - latest_milestones l - where - m.milestone_number = l.milestone_number - and m.workload_id = l.workload_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_milestone_3.yaml.bak b/queries/aws_wellarchitected_milestone_3.yaml.bak deleted file mode 100755 index d2b53d6c9..000000000 --- a/queries/aws_wellarchitected_milestone_3.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_wellarchitected_milestone_3 -Title: "Query AWS Well-Architected Tool Milestones in Detail" -Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - m.milestone_name, - m.milestone_number, - w.workload_name, - w.workload_id, - w.environment, - w.industry, - w.owner - from - aws_wellarchitected_workload w, - aws_wellarchitected_milestone m - where - w.workload_id = m.workload_id; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_milestone_4.yaml.bak b/queries/aws_wellarchitected_milestone_4.yaml.bak deleted file mode 100755 index b65177851..000000000 --- a/queries/aws_wellarchitected_milestone_4.yaml.bak +++ /dev/null @@ -1,35 +0,0 @@ -ID: aws_wellarchitected_milestone_4 -Title: "Find All AWS Well-Architected Tool Milestones" -Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - m.milestone_name, - m.milestone_number, - w.workload_name, - w.workload_id, - w.environment, - w.industry, - w.owner - from - aws_wellarchitected_workload w, - aws_wellarchitected_milestone m - where - w.workload_id = m.workload_id - and milestone_number = 1 - and w.workload_id = 'abcdec851ac1d8d9d5b9938615da016ce'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_notification_1.yaml.bak b/queries/aws_wellarchitected_notification_1.yaml.bak deleted file mode 100755 index 9a93bdb92..000000000 --- a/queries/aws_wellarchitected_notification_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wellarchitected_notification_1 -Title: "List AWS Well-Architected Tool Notifications" -Description: "Allows users to query AWS Well-Architected Tool Notifications for detailed information about each notification." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - lens_alias, - lens_arn, - current_lens_version, - latest_lens_version - from - aws_wellarchitected_notification - where - type = 'LENS_VERSION_UPGRADED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_notification_2.yaml.bak b/queries/aws_wellarchitected_notification_2.yaml.bak deleted file mode 100755 index d692646b8..000000000 --- a/queries/aws_wellarchitected_notification_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wellarchitected_notification_2 -Title: "List AWS Well-Architected Tool Notification Details" -Description: "Allows users to query AWS Well-Architected Tool Notifications for detailed information about each notification." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - lens_alias, - lens_arn, - current_lens_version, - latest_lens_version - from - aws_wellarchitected_notification - where - type = 'LENS_VERSION_DEPRECATED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_notification_3.yaml.bak b/queries/aws_wellarchitected_notification_3.yaml.bak deleted file mode 100755 index 27eb57261..000000000 --- a/queries/aws_wellarchitected_notification_3.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wellarchitected_notification_3 -Title: "Find AWS Well-Architected Tool Notification Details" -Description: "Allows users to query AWS Well-Architected Tool Notifications for detailed information about each notification." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - lens_alias, - lens_arn, - current_lens_version, - latest_lens_version - from - aws_wellarchitected_notification - where - workload_id = '123451c59cebcd4612f1f858bf75566'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_1.yaml.bak b/queries/aws_wellarchitected_share_invitation_1.yaml.bak deleted file mode 100755 index 2cb49f6aa..000000000 --- a/queries/aws_wellarchitected_share_invitation_1.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_wellarchitected_share_invitation_1 -Title: "List AWS Well-Architected Tool Share Invitations" -Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - share_invitation_id, - permission_type, - shared_by, - shared_with, - share_resource_type - from - aws_wellarchitected_share_invitation; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_2.yaml.bak b/queries/aws_wellarchitected_share_invitation_2.yaml.bak deleted file mode 100755 index c270398c0..000000000 --- a/queries/aws_wellarchitected_share_invitation_2.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_wellarchitected_share_invitation_2 -Title: "Find AWS Well-Architected Tool Share Invitations" -Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_arn, - lens_name, - share_invitation_id, - permission_type, - shared_by, - shared_with - from - aws_wellarchitected_share_invitation - where - share_resource_type = 'LENS' - or lens_arn is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_3.yaml.bak b/queries/aws_wellarchitected_share_invitation_3.yaml.bak deleted file mode 100755 index 5c37045f9..000000000 --- a/queries/aws_wellarchitected_share_invitation_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_wellarchitected_share_invitation_3 -Title: "Find Share Invitations in AWS Well-Architected Tool" -Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - workload_name, - share_invitation_id, - permission_type, - shared_by, - shared_with - from - aws_wellarchitected_share_invitation - where - share_resource_type = 'WORKLOAD' - or workload_id is not null; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_4.yaml.bak b/queries/aws_wellarchitected_share_invitation_4.yaml.bak deleted file mode 100755 index e09e6a7cc..000000000 --- a/queries/aws_wellarchitected_share_invitation_4.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wellarchitected_share_invitation_4 -Title: "Find All AWS Well-Architected Tool Share Invitations" -Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - share_invitation_id, - permission_type, - shared_by, - shared_with, - share_resource_type - from - aws_wellarchitected_share_invitation - where - permission_type = 'CONTRIBUTOR'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_5.yaml.bak b/queries/aws_wellarchitected_share_invitation_5.yaml.bak deleted file mode 100755 index 0073bb327..000000000 --- a/queries/aws_wellarchitected_share_invitation_5.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wellarchitected_share_invitation_5 -Title: "List all AWS Well-Architected Tool Share Invitations" -Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - share_invitation_id, - permission_type, - shared_by, - shared_with, - share_resource_type - from - aws_wellarchitected_share_invitation - where - permission_type = 'READONLY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_6.yaml.bak b/queries/aws_wellarchitected_share_invitation_6.yaml.bak deleted file mode 100755 index 1843f6e0e..000000000 --- a/queries/aws_wellarchitected_share_invitation_6.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_wellarchitected_share_invitation_6 -Title: "List All Share Invitations in AWS Well-Architected Tool" -Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - count(*) as total, - share_resource_type - from - aws_wellarchitected_share_invitation - group by - share_resource_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_6.yaml.bak.bak b/queries/aws_wellarchitected_share_invitation_6.yaml.bak.bak deleted file mode 100755 index 1843f6e0e..000000000 --- a/queries/aws_wellarchitected_share_invitation_6.yaml.bak.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_wellarchitected_share_invitation_6 -Title: "List All Share Invitations in AWS Well-Architected Tool" -Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - count(*) as total, - share_resource_type - from - aws_wellarchitected_share_invitation - group by - share_resource_type; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_1.yaml.bak b/queries/aws_wellarchitected_workload_1.yaml.bak deleted file mode 100755 index 39e56bf97..000000000 --- a/queries/aws_wellarchitected_workload_1.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wellarchitected_workload_1 -Title: "List all AWS Well-Architected Tool Workloads including names, ARNs, and statuses" -Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_id, - environment, - industry, - owner - from - aws_wellarchitected_workload; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_2.yaml.bak b/queries/aws_wellarchitected_workload_2.yaml.bak deleted file mode 100755 index 189967346..000000000 --- a/queries/aws_wellarchitected_workload_2.yaml.bak +++ /dev/null @@ -1,28 +0,0 @@ -ID: aws_wellarchitected_workload_2 -Title: "List all AWS Well-Architected Tool Workloads Data" -Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_id, - environment - from - aws_wellarchitected_workload - where - environment = 'PRODUCTION'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS Well-Architected Tool Workloads diff --git a/queries/aws_wellarchitected_workload_3.yaml.bak b/queries/aws_wellarchitected_workload_3.yaml.bak deleted file mode 100755 index 5e383fe2d..000000000 --- a/queries/aws_wellarchitected_workload_3.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_wellarchitected_workload_3 -Title: "Find AWS Well-Architected Workloads Risk and IDs" -Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_id, - risk_counts -> 'HIGH' as high_risk_counts - from - aws_wellarchitected_workload; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_4.yaml.bak b/queries/aws_wellarchitected_workload_4.yaml.bak deleted file mode 100755 index 8ec420aa4..000000000 --- a/queries/aws_wellarchitected_workload_4.yaml.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_wellarchitected_workload_4 -Title: "Find all AWS Well-Architected Tool Workloads" -Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_id, - is_review_owner_update_acknowledged - from - aws_wellarchitected_workload - where - not is_review_owner_update_acknowledged; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_4.yaml.bak.bak b/queries/aws_wellarchitected_workload_4.yaml.bak.bak deleted file mode 100755 index 8ec420aa4..000000000 --- a/queries/aws_wellarchitected_workload_4.yaml.bak.bak +++ /dev/null @@ -1,26 +0,0 @@ -ID: aws_wellarchitected_workload_4 -Title: "Find all AWS Well-Architected Tool Workloads" -Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_id, - is_review_owner_update_acknowledged - from - aws_wellarchitected_workload - where - not is_review_owner_update_acknowledged; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_share_1.yaml.bak b/queries/aws_wellarchitected_workload_share_1.yaml.bak deleted file mode 100755 index 6aa65765b..000000000 --- a/queries/aws_wellarchitected_workload_share_1.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_wellarchitected_workload_share_1 -Title: "Find Shared Workloads in AWS Well-Architected Tool" -Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - share_id, - shared_with - permission_type, - status, - region - from - aws_wellarchitected_workload_share; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_share_2.yaml.bak b/queries/aws_wellarchitected_workload_share_2.yaml.bak deleted file mode 100755 index 2170db113..000000000 --- a/queries/aws_wellarchitected_workload_share_2.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_wellarchitected_workload_share_2 -Title: "List all AWS Well-Architected Workload Shares" -Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - share_id, - shared_with - permission_type, - status, - region - from - aws_wellarchitected_workload_share - where - status = 'PENDING'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_share_3.yaml.bak b/queries/aws_wellarchitected_workload_share_3.yaml.bak deleted file mode 100755 index 995a46d68..000000000 --- a/queries/aws_wellarchitected_workload_share_3.yaml.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_wellarchitected_workload_share_3 -Title: "List all AWS Well-Architected Tool Workload Shares" -Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - share_id, - shared_with - permission_type, - status, - region - from - aws_wellarchitected_workload_share - where - permission_type = 'CONTRIBUTOR'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_share_3.yaml.bak.bak b/queries/aws_wellarchitected_workload_share_3.yaml.bak.bak deleted file mode 100755 index 995a46d68..000000000 --- a/queries/aws_wellarchitected_workload_share_3.yaml.bak.bak +++ /dev/null @@ -1,29 +0,0 @@ -ID: aws_wellarchitected_workload_share_3 -Title: "List all AWS Well-Architected Tool Workload Shares" -Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - share_id, - shared_with - permission_type, - status, - region - from - aws_wellarchitected_workload_share - where - permission_type = 'CONTRIBUTOR'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_share_4.yaml.bak b/queries/aws_wellarchitected_workload_share_4.yaml.bak deleted file mode 100755 index f3d930197..000000000 --- a/queries/aws_wellarchitected_workload_share_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_wellarchitected_workload_share_4 -Title: "Find AWS Well-Architected Workload Share With Read-Only Permission" -Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - share_id, - shared_with - permission_type, - status, - region - from - aws_wellarchitected_workload_share - where - permission_type = 'READONLY'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - Well-Architected Tool diff --git a/queries/aws_workspaces_directory_1.yaml.bak b/queries/aws_workspaces_directory_1.yaml.bak deleted file mode 100755 index 33cbd8bcd..000000000 --- a/queries/aws_workspaces_directory_1.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_workspaces_directory_1 -Title: "Find AWS WorkSpaces Directory Information Details" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - alias, - customer_user_name, - directory_type, - state - from - aws_workspaces_directory; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WorkSpaces diff --git a/queries/aws_workspaces_directory_2.yaml.bak b/queries/aws_workspaces_directory_2.yaml.bak deleted file mode 100755 index 25a40d858..000000000 --- a/queries/aws_workspaces_directory_2.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: aws_workspaces_directory_2 -Title: "Find all AWS WorkSpaces Directory Details via SQL" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - alias, - customer_user_name, - directory_type, - state - from - aws_workspaces_directory - where - certificate_based_auth_properties ->> 'Status' = 'ENABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WorkSpaces diff --git a/queries/aws_workspaces_directory_3.yaml.bak b/queries/aws_workspaces_directory_3.yaml.bak deleted file mode 100755 index aeb560195..000000000 --- a/queries/aws_workspaces_directory_3.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_workspaces_directory_3 -Title: "Find AWS WorkSpaces Directory Information" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - alias, - customer_user_name, - directory_type, - state - from - aws_workspaces_directory - where - directory_type = 'SIMPLE_AD'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - WorkSpaces diff --git a/queries/aws_workspaces_directory_4.yaml.bak b/queries/aws_workspaces_directory_4.yaml.bak deleted file mode 100755 index d67e732b1..000000000 --- a/queries/aws_workspaces_directory_4.yaml.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_workspaces_directory_4 -Title: "Find all AWS WorkSpaces Directory Information" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - saml_properties ->> 'RelayStateParameterName' as saml_relay_state_parameter_name, - saml_properties ->> 'Status' as saml_status, - saml_properties ->> 'UserAccessUrl' as saml_user_access_url - from - aws_workspaces_directory - where - directory_id = 'd-96676995ea'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WorkSpaces diff --git a/queries/aws_workspaces_directory_4.yaml.bak.bak b/queries/aws_workspaces_directory_4.yaml.bak.bak deleted file mode 100755 index d67e732b1..000000000 --- a/queries/aws_workspaces_directory_4.yaml.bak.bak +++ /dev/null @@ -1,31 +0,0 @@ -ID: aws_workspaces_directory_4 -Title: "Find all AWS WorkSpaces Directory Information" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - saml_properties ->> 'RelayStateParameterName' as saml_relay_state_parameter_name, - saml_properties ->> 'Status' as saml_status, - saml_properties ->> 'UserAccessUrl' as saml_user_access_url - from - aws_workspaces_directory - where - directory_id = 'd-96676995ea'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_identity_security: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WorkSpaces diff --git a/queries/aws_workspaces_directory_5.yaml.bak b/queries/aws_workspaces_directory_5.yaml.bak deleted file mode 100755 index 5c97242d4..000000000 --- a/queries/aws_workspaces_directory_5.yaml.bak +++ /dev/null @@ -1,33 +0,0 @@ -ID: aws_workspaces_directory_5 -Title: "List AWS WorkSpaces Directory Information" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - alias, - customer_user_name, - directory_type, - state, - selfservice_permissions ->> 'SwitchRunningMode' as switch_running_mode - from - aws_workspaces_directory - where - selfservice_permissions ->> 'SwitchRunningMode' = 'ENABLED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_ops: - - "true" - cloud_provider: - - aws - cloud_service: - - WorkSpaces diff --git a/queries/aws_workspaces_directory_6.yaml.bak b/queries/aws_workspaces_directory_6.yaml.bak deleted file mode 100755 index be486b51f..000000000 --- a/queries/aws_workspaces_directory_6.yaml.bak +++ /dev/null @@ -1,32 +0,0 @@ -ID: aws_workspaces_directory_6 -Title: "Find AWS WorkSpaces Directory Details Including IDs and Properties" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - workspace_creation_properties ->> 'CustomSecurityGroupId' as custom_security_group_id, - workspace_creation_properties ->> 'DefaultOu' as default_ou, - workspace_creation_properties ->> 'EnableInternetAccess' as enable_internet_access, - workspace_creation_properties ->> 'EnableMaintenanceMode' as enable_maintenance_mode, - workspace_creation_properties ->> 'EnableWorkDocs' as enable_work_docs, - workspace_creation_properties ->> 'UserEnabledAsLocalAdministrator' as user_enabled_as_local_administrator - from - aws_workspaces_directory - where - directory_id = 'd-96676995ea'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WorkSpaces diff --git a/queries/aws_workspaces_directory_7.yaml.bak b/queries/aws_workspaces_directory_7.yaml.bak deleted file mode 100755 index b0258fed5..000000000 --- a/queries/aws_workspaces_directory_7.yaml.bak +++ /dev/null @@ -1,30 +0,0 @@ -ID: aws_workspaces_directory_7 -Title: "List all AWS WorkSpaces Directory Information" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - alias, - customer_user_name, - directory_type, - state - from - aws_workspaces_directory - where - state = 'REGISTERED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - WorkSpaces diff --git a/queries/aws_workspaces_directory_8.yaml.bak b/queries/aws_workspaces_directory_8.yaml.bak deleted file mode 100755 index 7917be109..000000000 --- a/queries/aws_workspaces_directory_8.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_workspaces_directory_8 -Title: "List AWS WorkSpaces Directory Details Using SQL" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - workspace_access_properties ->> 'DeviceTypeAndroid' as device_type_android, - workspace_access_properties ->> 'DeviceTypeChromeOs' as device_type_chrome_os, - workspace_access_properties ->> 'DeviceTypeIos' as device_type_ios, - workspace_access_properties ->> 'DeviceTypeLinux' as device_type_linux, - workspace_access_properties ->> 'DeviceTypeOsx' as device_type_osx, - workspace_access_properties ->> 'DeviceTypeWeb' as device_type_web, - workspace_access_properties ->> 'DeviceTypeWindows' as device_type_windows, - workspace_access_properties ->> 'DeviceTypeZeroClient' as device_type_zero_client - from - aws_workspaces_directory - where - directory_id = 'd-96676995ea'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WorkSpaces diff --git a/queries/aws_workspaces_directory_8.yaml.bak.bak b/queries/aws_workspaces_directory_8.yaml.bak.bak deleted file mode 100755 index 7917be109..000000000 --- a/queries/aws_workspaces_directory_8.yaml.bak.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: aws_workspaces_directory_8 -Title: "List AWS WorkSpaces Directory Details Using SQL" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." -IntegrationTypeName: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - workspace_access_properties ->> 'DeviceTypeAndroid' as device_type_android, - workspace_access_properties ->> 'DeviceTypeChromeOs' as device_type_chrome_os, - workspace_access_properties ->> 'DeviceTypeIos' as device_type_ios, - workspace_access_properties ->> 'DeviceTypeLinux' as device_type_linux, - workspace_access_properties ->> 'DeviceTypeOsx' as device_type_osx, - workspace_access_properties ->> 'DeviceTypeWeb' as device_type_web, - workspace_access_properties ->> 'DeviceTypeWindows' as device_type_windows, - workspace_access_properties ->> 'DeviceTypeZeroClient' as device_type_zero_client - from - aws_workspaces_directory - where - directory_id = 'd-96676995ea'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_identity_security: - - "true" - cloud_provider: - - aws - cloud_service: - - AWS WorkSpaces diff --git a/queries/aws_workspaces_workspace_1.yaml.bak b/queries/aws_workspaces_workspace_1.yaml.bak deleted file mode 100755 index 300b4f380..000000000 --- a/queries/aws_workspaces_workspace_1.yaml.bak +++ /dev/null @@ -1,25 +0,0 @@ -ID: aws_workspaces_workspace_1 -Title: "List all Amazon WorkSpaces Workspace details" -Description: "Allows users to query Amazon WorkSpaces Workspace to retrieve details about each workspace in the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - workspace_id, - arn, - state - from - aws_workspaces_workspace; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon WorkSpaces diff --git a/queries/aws_workspaces_workspace_2.yaml.bak b/queries/aws_workspaces_workspace_2.yaml.bak deleted file mode 100755 index f636358c5..000000000 --- a/queries/aws_workspaces_workspace_2.yaml.bak +++ /dev/null @@ -1,27 +0,0 @@ -ID: aws_workspaces_workspace_2 -Title: "Find Amazon WorkSpaces Workspace details in AWS" -Description: "Allows users to query Amazon WorkSpaces Workspace to retrieve details about each workspace in the AWS account." -Connector: -- aws -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - workspace_id, - arn, - state - from - aws_workspaces_workspace - where - state = 'TERMINATED'; - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Amazon WorkSpaces diff --git a/queries/bulk_update_yaml.sh.bak b/queries/bulk_update_yaml.sh.bak deleted file mode 100755 index 390884ee7..000000000 --- a/queries/bulk_update_yaml.sh.bak +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash - -# Description: -# This script replaces "Connector:" with "IntegrationTypeName:" in specified files or -# recursively in all files within subdirectories if no files are specified. -# It creates a backup of each original file with a .bak extension before making changes. - -# Usage: -# ./replace_connector.sh [file1 file2 ... fileN] -# If no files are specified, the script processes all regular files in subdirectories. - -# Function to perform the replacement on a single file -replace_in_file() { - local file="$1" - # Use sed to perform the replacement - # -i.bak creates a backup file with .bak extension - sed -i.bak 's/Connector:/IntegrationTypeName:/g' "$file" - - # Check if sed was successful - if [ $? -eq 0 ]; then - echo "Successfully processed: $file (backup: $file.bak)" - else - echo "Error processing: $file" - fi -} - -# Check if at least one filename is provided -if [ "$#" -ge 1 ]; then - # Loop through all provided files - for file in "$@"; do - if [ -f "$file" ]; then - replace_in_file "$file" - else - echo "Skipping: $file (not a regular file)" - fi - done -else - # No arguments provided; process all regular files in subdirectories - echo "No files specified. Processing all regular files in subdirectories..." - - # Find all regular files and loop through them - find . -type f | while read -r file; do - replace_in_file "$file" - done - - echo "Replacement complete for all files in subdirectories. Backup files have a .bak extension." -fi diff --git a/queries/cloud_managed_software.yaml.bak b/queries/cloud_managed_software.yaml.bak deleted file mode 100755 index 086ca44a8..000000000 --- a/queries/cloud_managed_software.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: cloud_managed_software -Title: "Cloud Managed Software" -Description: "" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::kafka::cluster', 'aws::mwaa::environment', 'aws::amp::workspace', 'microsoft.dashboard/grafana') - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - cloud_service: - - Managed Software diff --git a/queries/cloud_networks.yaml.bak b/queries/cloud_networks.yaml.bak deleted file mode 100755 index ca4ac8bfd..000000000 --- a/queries/cloud_networks.yaml.bak +++ /dev/null @@ -1,37 +0,0 @@ -ID: cloud_networks -Title: "Cloud Networks" -Description: "" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::ec2::vpc', 'microsoft.network/virtualnetworks') - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - - azure - cloud_service: - - Network diff --git a/queries/container_workload.yaml.bak b/queries/container_workload.yaml.bak deleted file mode 100755 index ae1a83900..000000000 --- a/queries/container_workload.yaml.bak +++ /dev/null @@ -1,36 +0,0 @@ -ID: container_workload -Title: "Container Workload" -Description: "" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::eks::cluster', 'aws::ecs::cluster', 'microsoft.containerregistry/registries', 'microsoft.containerservice/managedclusters', 'microsoft.app/containerapps') - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws and azure - cloud_service: - - Container Workload diff --git a/queries/database_workload.yaml.bak b/queries/database_workload.yaml.bak deleted file mode 100755 index 1cade3dc7..000000000 --- a/queries/database_workload.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: database_workload -Title: "List Database Workloads and Cloud Provider Information" -Description: "" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::memorydb::cluster', 'aws::neptune::database', 'aws::dynamodb::table', 'aws::rds::dbinstance', - 'aws::elasticache::cluster', 'aws::redshift::cluster', 'aws::dms::replicationinstance', 'aws::redshiftserverless::namespace', - 'aws::opensearchserverless::collection', 'microsoft.dbforpostgresql/servers', 'microsoft.documentdb/sqldatabases', 'microsoft.sql/servers', - 'microsoft.dbformysql/servers','microsoft.sql/managedinstances') - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - - azure - cloud_service: - - Database diff --git a/queries/devops.yaml.bak b/queries/devops.yaml.bak deleted file mode 100755 index 29bd7ef7c..000000000 --- a/queries/devops.yaml.bak +++ /dev/null @@ -1,38 +0,0 @@ -ID: devops -Title: "DevOps" -Description: "" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::codecommit::repository', 'aws::codedeploy::deploymentgroup') - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - - azure - cloud_service: - - Codecommit - - Codedeploy diff --git a/queries/error_files.log.bak b/queries/error_files.log.bak deleted file mode 100644 index ac6c153c2..000000000 --- a/queries/error_files.log.bak +++ /dev/null @@ -1,26 +0,0 @@ -Error processing ./aws_workspaces_directory_8.yaml -Error processing ./aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml -Error processing ./aws_route53_health_check_5.yaml -Error processing ./aws_wafv2_ip_set_3.yaml -Error processing ./aws_iam_service_specific_credential_2.yaml -Error processing ./aws_securityhub_hub_3.yaml -Error processing ./aws_ecr_repository_2.yaml -Error processing ./aws_glacier_vault_2.yaml -Error processing ./aws_athena_query_execution_3.yaml -Error processing ./aws_wellarchitected_workload_4.yaml -Error processing ./aws_ebs_volume_metric_write_ops_daily_2.yaml -Error processing ./aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml -Error processing ./aws_securitylake_subscriber_4.yaml -Error processing ./17-azure_insight_compute_disk_unattached.yaml -Error processing ./aws_cloudwatch_log_event_5.yaml -Error processing ./aws_ebs_volume_metric_read_ops_1.yaml -Error processing ./aws_eks_addon_3.yaml -Error processing ./aws_vpc_flow_log_event_4.yaml -Error processing ./aws_iot_thing_group_3.yaml -Error processing ./aws_ec2_instance_type_2.yaml -Error processing ./aws_msk_cluster_2.yaml -Error processing ./aws_cloudtrail_import_5.yaml -Error processing ./aws_vpc_peering_connection_8.yaml -Error processing ./aws_resource_explorer_search_6.yaml -Error processing ./aws_availability_zone_2.yaml -Error processing ./aws_guardduty_publishing_destination_1.yaml diff --git a/queries/error_messages.log.bak b/queries/error_messages.log.bak deleted file mode 100644 index 9e850e76d..000000000 --- a/queries/error_messages.log.bak +++ /dev/null @@ -1,25 +0,0 @@ -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." diff --git a/queries/keys_and_secrets.yaml.bak b/queries/keys_and_secrets.yaml.bak deleted file mode 100755 index e80acb1d8..000000000 --- a/queries/keys_and_secrets.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: keys_and_secrets -Title: "Keys and Secrets" -Description: "" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::secretsmanager::secret', 'microsoft.keyvault/vaults', 'microsoft.compute/sshpublickeys', 'aws::ec2::keypair') - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - - azure - cloud_service: - - Secrets Manager - - Key Vault - - EC2 diff --git a/queries/kubernetes_clusters.yaml.bak b/queries/kubernetes_clusters.yaml.bak deleted file mode 100755 index 48198f079..000000000 --- a/queries/kubernetes_clusters.yaml.bak +++ /dev/null @@ -1,54 +0,0 @@ -ID: kubernetes_clusters -Title: "List All Kubernetes Clusters with Details" -Description: "" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select c.name as cloud_account_name, c.id as _discovered_provider_id, t.* from ( - (select - 'AWS' as provider, - r.name as name, - r.region as location, - jsonb_path_query(r.description, '$.Cluster.Tags') as _tags, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - jsonb_path_query(r.description, '$.Cluster.PlatformVersion') as kubernetes_version, - r.created_at as _last_discovered - from - og_resources r - where - resource_type = 'aws::eks::cluster') - - union - - (select - 'Azure' as provider, - r.name as vm_name, - r.region as location, - jsonb_path_query(r.description, '$.ManagedCluster.Tags') as _tags, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - jsonb_path_query(r.description, '$.ManagedCluster.Properties.KubernetesVersion') as kubernetes_version, - r.created_at as _last_discovered - from - og_resources r - where - resource_type = 'microsoft.containerservice/managedclusters') - - ) as t inner join og_connections c on t._og_connection_id = c.og_id - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - - azure - cloud_service: - - Kubernetes diff --git a/queries/load_balancers.yaml.bak b/queries/load_balancers.yaml.bak deleted file mode 100755 index 65571ffdd..000000000 --- a/queries/load_balancers.yaml.bak +++ /dev/null @@ -1,40 +0,0 @@ -ID: load_balancers -Title: "Load Balancers" -Description: "Load Balancers" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered, - r.description -> 'LoadBalancer' -> 'Scheme' as scheme - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::elasticloadbalancing::loadbalancer', 'microsoft.network/loadbalancers', 'microsoft.network/applicationgateways') - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - - azure - cloud_service: - - Elastic Load Balancing - - Azure Load Balancer - - Azure Application Gateway diff --git a/queries/network_&_file_stores.yaml.bak b/queries/network_&_file_stores.yaml.bak deleted file mode 100755 index fb71a4f9d..000000000 --- a/queries/network_&_file_stores.yaml.bak +++ /dev/null @@ -1,34 +0,0 @@ -ID: network_&_file_stores -Title: "Network & File Stores" -Description: "" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::fsx::filesystem', 'aws::efs::filesystem') - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws diff --git a/queries/object_stores.yaml.bak b/queries/object_stores.yaml.bak deleted file mode 100755 index f999a5050..000000000 --- a/queries/object_stores.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: object_stores -Title: "Object Stores" -Description: "Object Stores" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::s3::bucket', 'aws::glacier::vault', 'microsoft.storage/storageaccounts') - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - - azure - cloud_service: - - S3 - - Glacier - - Storage Accounts diff --git a/queries/processed_files.log.bak b/queries/processed_files.log.bak deleted file mode 100644 index e69de29bb..000000000 diff --git a/queries/server_workload.yaml.bak b/queries/server_workload.yaml.bak deleted file mode 100755 index fe65825b4..000000000 --- a/queries/server_workload.yaml.bak +++ /dev/null @@ -1,61 +0,0 @@ -ID: server_workload -Title: "List Cloud VM Workloads for AWS and Azure" -Description: "List Cloud VM Workloads for AWS and Azure" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select c.name as cloud_account_name, c.id as _discovered_provider_id, t.* from ( - (select - 'AWS' as provider, - r.name as vm_name, - r.region as location, - jsonb_path_query(r.description, '$.Instance.InstanceType') as instance_size, - jsonb_path_query(r.description, '$.Instance.NetworkInterfaces[*].PrivateIpAddress') as private_ip, - jsonb_path_query(r.description, '$.Instance.PlatformDetails') as platform, - jsonb_path_query(r.description, '$.InstanceStatus.InstanceState.Name') as state, - jsonb_path_query(r.description, '$.Instance.Tags') as _tags, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r - where - resource_type = 'aws::ec2::instance') - - union - - (select - 'Azure' as provider, - r.name as vm_name, - r.region as location, - jsonb_path_query(r.description, '$.VirtualMachine.Properties.HardwareProfile.VMSize') as instance_size, - jsonb_path_query(r.description, '$.InterfaceIPConfigurations[*].Properties.PrivateIPAddress') as private_ip, - jsonb_path_query(r.description, '$.VirtualMachineInstanceView.OSName') as platform, - jsonb_path_query(r.description, '$.VirtualMachineInstanceView.Statuses') as state, - jsonb_path_query(r.description, '$.VirtualMachine.Tags') as _tags, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r - where - resource_type = 'microsoft.compute/virtualmachines') - - ) as t inner join og_connections c on t._og_connection_id = c.og_id - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - - azure - cloud_service: - - EC2 - - Virtual Machines diff --git a/queries/snapshots_&_backup_media.yaml.bak b/queries/snapshots_&_backup_media.yaml.bak deleted file mode 100755 index 06039fc0b..000000000 --- a/queries/snapshots_&_backup_media.yaml.bak +++ /dev/null @@ -1,39 +0,0 @@ -ID: snapshots_&_backup_media -Title: "Snapshots and Backup Resources by Cloud Account" -Description: "Snapshots and Backup Resources by Cloud Account" -Connector: -- aws -- azure -Query: - Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::ec2::image', 'aws::elasticache::cluster', 'aws::rds::dbsnapshot') - PrimaryTable: null - ListOfTables: [] - Parameters: [] -Tags: - cloud_asset_management: - - "true" - cloud_provider: - - aws - - azure - cloud_service: - - EC2 - - Elasticache - - RDS From e137e26e510a83a879bd834ad5dfb9363c0e39bd Mon Sep 17 00:00:00 2001 From: Anil Chandra <120965339+acx1729@users.noreply.github.com> Date: Sun, 10 Nov 2024 14:09:30 -0500 Subject: [PATCH 3/4] updating to integrations --- ...ght_lambda_function_not_cmk_encrypted.yaml | 18 +- ...ificate_transparency_logging_disabled.yaml | 16 +- ...1-aws_insight_acm_certificate_expired.yaml | 15 +- ..._insight_ebs_snapshot_older_than_year.yaml | 11 +- ...aws_insight_ec2_classic_load_balancer.yaml | 11 +- ...ht_elb_classic_lb_use_ssl_certificate.yaml | 52 +- ...nsight_elb_application_lb_waf_enabled.yaml | 31 +- .../16-aws_insight_vpc_with_public_cidr.yaml | 24 +- ...azure_insight_compute_disk_unattached.yaml | 18 +- ...mpute_disk_unavailable_in_multiple_az.yaml | 21 +- ..._disk_not_encrypted_with_customer_key.yaml | 18 +- ...on_retention_period_less_than_30_days.yaml | 26 +- ...ount_with_disabled_automatic_failover.yaml | 21 +- ...raffic_from_all_networks_and_internet.yaml | 21 +- ...t_key_vault_with_disabled_soft_delete.yaml | 21 +- ...kubernetes_cluster_with_rbac_disabled.yaml | 24 +- ...rnetes_cluster_with_undesired_version.yaml | 22 +- queries/25-azure_insight_lb_failed.yaml | 21 +- ...et_without_managed_disk_configuration.yaml | 18 +- ...with_minimum_ssl_older_than_1_point_2.yaml | 21 +- ...ight_virtual_network_with_public_cidr.yaml | 25 +- ...orage_account_with_public_blob_access.yaml | 18 +- ...mbda_function_with_unsupported_engine.yaml | 17 +- ...t_with_disabled_encryption_in_transit.yaml | 18 +- ...vm_remote_access_restricted_all_ports.yaml | 59 +- ...sight_loadbalancer_classic_no_logging.yaml | 19 +- ...t_loadbalancer_application_no_logging.yaml | 23 +- ...sight_loadbalancer_network_no_logging.yaml | 23 +- ..._functionapp_with_unsupported_runtime.yaml | 76 +- queries/36-aws_insight_deprecated_eks.yaml | 12 +- ...re_insight_legacy_application_gateway.yaml | 12 +- ...-azure_insight_legacy_virtual_machine.yaml | 39 +- .../39-aws_insight_legacy_rds_instances.yaml | 11 +- .../4-aws_insight_ebs_volume_unencrypted.yaml | 15 +- ...s_insight_accounts_without_cloudtrail.yaml | 12 +- ...1-aws_insight_root_login_last_90_days.yaml | 12 +- ..._insight_account_with_root_access_key.yaml | 12 +- ...-aws_insight_account_without_root_mfa.yaml | 12 +- ...ight_account_with_many_saml_providers.yaml | 20 +- .../45-aws_insight_account_without_mfa.yaml | 11 +- ...insight_account_with_key_and_password.yaml | 12 +- ...7-aws_insight_account_with_unused_key.yaml | 15 +- ...48-aws_insight_iam_user_with_old_keys.yaml | 15 +- ...ws_insight_iam_user_with_old_password.yaml | 13 +- .../5-aws_insight_ebs_volume_unattached.yaml | 16 +- ...nsight_ec2_instance_of_undesired_type.yaml | 12 +- ...ws_insight_iam_user_with_admin_access.yaml | 19 +- ...ws_insight_iam_user_with_mfa_disabled.yaml | 19 +- ...insight_iam_user_with_inline_policies.yaml | 18 +- queries/ai_workload.yaml | 41 +- queries/autoscaling_workload.yaml | 40 +- queries/aws_accessanalyzer_analyzer_1.yaml | 24 +- queries/aws_accessanalyzer_analyzer_2.yaml | 26 +- queries/aws_accessanalyzer_analyzer_3.yaml | 27 +- queries/aws_accessanalyzer_finding_1.yaml | 23 +- queries/aws_accessanalyzer_finding_2.yaml | 24 +- queries/aws_accessanalyzer_finding_3.yaml | 23 +- queries/aws_accessanalyzer_finding_4.yaml | 23 +- queries/aws_account_1.yaml | 24 +- queries/aws_account_2.yaml | 24 +- queries/aws_account_alternate_contact_1.yaml | 25 +- queries/aws_account_alternate_contact_2.yaml | 28 +- queries/aws_account_alternate_contact_3.yaml | 28 +- queries/aws_account_alternate_contact_4.yaml | 29 +- queries/aws_account_contact_1.yaml | 26 +- queries/aws_account_contact_2.yaml | 27 +- queries/aws_acm_certificate_1.yaml | 27 +- queries/aws_acm_certificate_2.yaml | 24 +- queries/aws_acm_certificate_3.yaml | 26 +- queries/aws_acm_certificate_4.yaml | 25 +- .../aws_acmpca_certificate_authority_1.yaml | 27 +- .../aws_acmpca_certificate_authority_2.yaml | 34 +- .../aws_acmpca_certificate_authority_3.yaml | 24 +- .../aws_acmpca_certificate_authority_4.yaml | 26 +- queries/aws_amplify_app_1.yaml | 25 +- queries/aws_amplify_app_2.yaml | 27 +- queries/aws_amplify_app_3.yaml | 25 +- queries/aws_amplify_app_4.yaml | 24 +- queries/aws_amplify_app_5.yaml | 30 +- queries/aws_amplify_app_6.yaml | 30 +- queries/aws_amplify_app_7.yaml | 26 +- queries/aws_api_gateway_api_key_1.yaml | 31 +- queries/aws_api_gateway_api_key_2.yaml | 29 +- queries/aws_api_gateway_authorizer_1.yaml | 27 +- queries/aws_api_gateway_authorizer_2.yaml | 26 +- queries/aws_api_gateway_domain_name_1.yaml | 24 +- queries/aws_api_gateway_domain_name_2.yaml | 27 +- queries/aws_api_gateway_domain_name_3.yaml | 31 +- queries/aws_api_gateway_domain_name_4.yaml | 21 +- queries/aws_api_gateway_domain_name_5.yaml | 25 +- queries/aws_api_gateway_method_1.yaml | 31 +- queries/aws_api_gateway_method_2.yaml | 30 +- queries/aws_api_gateway_method_3.yaml | 35 +- queries/aws_api_gateway_method_4.yaml | 54 +- queries/aws_api_gateway_rest_api_1.yaml | 24 +- queries/aws_api_gateway_rest_api_2.yaml | 25 +- queries/aws_api_gateway_rest_api_3.yaml | 27 +- queries/aws_api_gateway_rest_api_4.yaml | 36 +- queries/aws_api_gateway_rest_api_5.yaml | 33 +- queries/aws_api_gateway_stage_1.yaml | 21 +- queries/aws_api_gateway_stage_2.yaml | 25 +- queries/aws_api_gateway_stage_3.yaml | 21 +- queries/aws_api_gateway_stage_4.yaml | 26 +- queries/aws_api_gateway_usage_plan_1.yaml | 22 +- queries/aws_api_gateway_usage_plan_2.yaml | 22 +- queries/aws_api_gateway_usage_plan_3.yaml | 24 +- queries/aws_api_gatewayv2_api_1.yaml | 25 +- queries/aws_api_gatewayv2_api_2.yaml | 22 +- queries/aws_api_gatewayv2_api_3.yaml | 22 +- queries/aws_api_gatewayv2_domain_name_1.yaml | 26 +- queries/aws_api_gatewayv2_domain_name_2.yaml | 27 +- queries/aws_api_gatewayv2_domain_name_3.yaml | 42 +- queries/aws_api_gatewayv2_domain_name_4.yaml | 27 +- queries/aws_api_gatewayv2_domain_name_5.yaml | 33 +- queries/aws_api_gatewayv2_integration_1.yaml | 24 +- queries/aws_api_gatewayv2_integration_2.yaml | 21 +- queries/aws_api_gatewayv2_route_1.yaml | 23 +- queries/aws_api_gatewayv2_route_2.yaml | 23 +- queries/aws_api_gatewayv2_route_3.yaml | 26 +- queries/aws_api_gatewayv2_stage_1.yaml | 24 +- queries/aws_api_gatewayv2_stage_2.yaml | 24 +- queries/aws_api_gatewayv2_stage_3.yaml | 23 +- queries/aws_api_gatewayv2_stage_4.yaml | 23 +- queries/aws_app_runner_service_1.yaml | 26 +- queries/aws_app_runner_service_2.yaml | 25 +- queries/aws_app_runner_service_3.yaml | 25 +- queries/aws_app_runner_service_4.yaml | 27 +- queries/aws_app_runner_service_5.yaml | 22 +- queries/aws_app_runner_service_6.yaml | 19 +- queries/aws_appautoscaling_policy_1.yaml | 25 +- queries/aws_appautoscaling_policy_2.yaml | 22 +- queries/aws_appautoscaling_policy_3.yaml | 25 +- queries/aws_appautoscaling_policy_4.yaml | 25 +- queries/aws_appautoscaling_policy_5.yaml | 26 +- queries/aws_appautoscaling_target_1.yaml | 25 +- queries/aws_appautoscaling_target_2.yaml | 27 +- queries/aws_appconfig_application_1.yaml | 23 +- queries/aws_appstream_fleet_1.yaml | 29 +- queries/aws_appstream_fleet_10.yaml | 26 +- queries/aws_appstream_fleet_2.yaml | 29 +- queries/aws_appstream_fleet_3.yaml | 29 +- queries/aws_appstream_fleet_4.yaml | 28 +- queries/aws_appstream_fleet_5.yaml | 33 +- queries/aws_appstream_fleet_6.yaml | 27 +- queries/aws_appstream_fleet_7.yaml | 23 +- queries/aws_appstream_fleet_8.yaml | 23 +- queries/aws_appstream_fleet_9.yaml | 23 +- queries/aws_appstream_image_1.yaml | 27 +- queries/aws_appstream_image_2.yaml | 24 +- queries/aws_appstream_image_3.yaml | 28 +- queries/aws_appstream_image_4.yaml | 28 +- queries/aws_appstream_image_5.yaml | 26 +- queries/aws_appstream_image_6.yaml | 43 +- queries/aws_appstream_image_7.yaml | 24 +- queries/aws_appstream_image_8.yaml | 26 +- queries/aws_appsync_graphql_api_1.yaml | 27 +- queries/aws_appsync_graphql_api_2.yaml | 24 +- queries/aws_appsync_graphql_api_3.yaml | 25 +- queries/aws_athena_query_execution_1.yaml | 23 +- queries/aws_athena_query_execution_2.yaml | 21 +- queries/aws_athena_query_execution_3.yaml | 26 +- queries/aws_athena_query_execution_4.yaml | 23 +- queries/aws_athena_workgroup_1.yaml | 25 +- queries/aws_athena_workgroup_2.yaml | 21 +- queries/aws_athena_workgroup_3.yaml | 21 +- queries/aws_athena_workgroup_4.yaml | 22 +- queries/aws_auditmanager_assessment_1.yaml | 21 +- queries/aws_auditmanager_assessment_2.yaml | 29 +- queries/aws_auditmanager_assessment_3.yaml | 24 +- queries/aws_auditmanager_control_1.yaml | 22 +- queries/aws_auditmanager_control_2.yaml | 26 +- queries/aws_auditmanager_evidence_1.yaml | 23 +- queries/aws_auditmanager_evidence_2.yaml | 25 +- .../aws_auditmanager_evidence_folder_1.yaml | 24 +- .../aws_auditmanager_evidence_folder_2.yaml | 21 +- queries/aws_auditmanager_framework_1.yaml | 19 +- queries/aws_auditmanager_framework_2.yaml | 22 +- queries/aws_availability_zone_1.yaml | 22 +- queries/aws_availability_zone_2.yaml | 23 +- queries/aws_availability_zone_3.yaml | 23 +- queries/aws_backup_framework_1.yaml | 31 +- queries/aws_backup_framework_2.yaml | 27 +- queries/aws_backup_framework_3.yaml | 22 +- queries/aws_backup_framework_4.yaml | 28 +- queries/aws_backup_framework_5.yaml | 60 +- queries/aws_backup_framework_6.yaml | 60 +- queries/aws_backup_job_1.yaml | 21 +- queries/aws_backup_job_2.yaml | 28 +- queries/aws_backup_job_3.yaml | 21 +- queries/aws_backup_legal_hold_1.yaml | 23 +- queries/aws_backup_legal_hold_2.yaml | 31 +- queries/aws_backup_legal_hold_3.yaml | 26 +- queries/aws_backup_plan_1.yaml | 28 +- queries/aws_backup_plan_2.yaml | 31 +- queries/aws_backup_plan_3.yaml | 29 +- queries/aws_backup_protected_resource_1.yaml | 20 +- queries/aws_backup_protected_resource_2.yaml | 24 +- queries/aws_backup_recovery_point_1.yaml | 21 +- queries/aws_backup_recovery_point_2.yaml | 26 +- queries/aws_backup_recovery_point_3.yaml | 45 +- queries/aws_backup_report_plan_1.yaml | 24 +- queries/aws_backup_report_plan_2.yaml | 29 +- queries/aws_backup_report_plan_3.yaml | 27 +- queries/aws_backup_report_plan_4.yaml | 34 +- queries/aws_backup_report_plan_5.yaml | 25 +- queries/aws_backup_report_plan_6.yaml | 29 +- queries/aws_backup_selection_1.yaml | 22 +- queries/aws_backup_selection_2.yaml | 33 +- queries/aws_backup_vault_1.yaml | 19 +- queries/aws_backup_vault_2.yaml | 26 +- queries/aws_backup_vault_3.yaml | 26 +- queries/aws_backup_vault_4.yaml | 22 +- queries/aws_cloudcontrol_resource_1.yaml | 27 +- queries/aws_cloudcontrol_resource_2.yaml | 32 +- queries/aws_cloudcontrol_resource_3.yaml | 28 +- queries/aws_cloudcontrol_resource_4.yaml | 26 +- queries/aws_cloudformation_stack_1.yaml | 21 +- queries/aws_cloudformation_stack_2.yaml | 21 +- queries/aws_cloudformation_stack_3.yaml | 21 +- queries/aws_cloudformation_stack_4.yaml | 23 +- queries/aws_cloudformation_stack_5.yaml | 21 +- .../aws_cloudformation_stack_resource_1.yaml | 25 +- .../aws_cloudformation_stack_resource_2.yaml | 27 +- .../aws_cloudformation_stack_resource_3.yaml | 31 +- .../aws_cloudformation_stack_resource_4.yaml | 26 +- .../aws_cloudformation_stack_resource_5.yaml | 25 +- queries/aws_cloudformation_stack_set_1.yaml | 22 +- queries/aws_cloudformation_stack_set_2.yaml | 26 +- queries/aws_cloudformation_stack_set_3.yaml | 28 +- queries/aws_cloudformation_stack_set_4.yaml | 35 +- queries/aws_cloudfront_cache_policy_1.yaml | 25 +- queries/aws_cloudfront_cache_policy_2.yaml | 26 +- queries/aws_cloudfront_cache_policy_3.yaml | 24 +- queries/aws_cloudfront_distribution_1.yaml | 27 +- queries/aws_cloudfront_distribution_2.yaml | 26 +- queries/aws_cloudfront_distribution_3.yaml | 23 +- queries/aws_cloudfront_distribution_4.yaml | 29 +- queries/aws_cloudfront_distribution_5.yaml | 32 +- queries/aws_cloudfront_distribution_6.yaml | 29 +- queries/aws_cloudfront_function_1.yaml | 22 +- queries/aws_cloudfront_function_2.yaml | 25 +- queries/aws_cloudfront_function_3.yaml | 27 +- queries/aws_cloudfront_function_4.yaml | 29 +- ...s_cloudfront_origin_access_identity_1.yaml | 25 +- ...s_cloudfront_origin_access_identity_2.yaml | 24 +- ...ws_cloudfront_origin_request_policy_1.yaml | 23 +- ...ws_cloudfront_origin_request_policy_2.yaml | 22 +- ..._cloudfront_response_headers_policy_1.yaml | 23 +- ..._cloudfront_response_headers_policy_2.yaml | 26 +- ..._cloudfront_response_headers_policy_3.yaml | 26 +- queries/aws_cloudsearch_domain_1.yaml | 23 +- queries/aws_cloudsearch_domain_2.yaml | 24 +- queries/aws_cloudsearch_domain_3.yaml | 24 +- queries/aws_cloudtrail_channel_1.yaml | 23 +- queries/aws_cloudtrail_channel_2.yaml | 26 +- queries/aws_cloudtrail_channel_3.yaml | 22 +- .../aws_cloudtrail_event_data_store_1.yaml | 27 +- .../aws_cloudtrail_event_data_store_2.yaml | 32 +- .../aws_cloudtrail_event_data_store_3.yaml | 32 +- queries/aws_cloudtrail_import_1.yaml | 21 +- queries/aws_cloudtrail_import_2.yaml | 22 +- queries/aws_cloudtrail_import_3.yaml | 25 +- queries/aws_cloudtrail_import_4.yaml | 23 +- queries/aws_cloudtrail_import_5.yaml | 27 +- queries/aws_cloudtrail_lookup_event_1.yaml | 31 +- queries/aws_cloudtrail_lookup_event_2.yaml | 33 +- queries/aws_cloudtrail_lookup_event_3.yaml | 28 +- queries/aws_cloudtrail_query_1.yaml | 28 +- queries/aws_cloudtrail_query_2.yaml | 27 +- queries/aws_cloudtrail_query_3.yaml | 36 +- queries/aws_cloudtrail_query_4.yaml | 29 +- queries/aws_cloudtrail_trail_1.yaml | 23 +- queries/aws_cloudtrail_trail_2.yaml | 24 +- queries/aws_cloudtrail_trail_3.yaml | 28 +- queries/aws_cloudtrail_trail_4.yaml | 25 +- queries/aws_cloudtrail_trail_5.yaml | 24 +- queries/aws_cloudtrail_trail_6.yaml | 23 +- queries/aws_cloudtrail_trail_7.yaml | 25 +- queries/aws_cloudtrail_trail_event_1.yaml | 34 +- queries/aws_cloudtrail_trail_event_2.yaml | 35 +- queries/aws_cloudtrail_trail_event_3.yaml | 38 +- queries/aws_cloudtrail_trail_event_4.yaml | 37 +- queries/aws_cloudtrail_trail_event_5.yaml | 35 +- queries/aws_cloudtrail_trail_event_6.yaml | 37 +- queries/aws_cloudtrail_trail_event_7.yaml | 37 +- queries/aws_cloudtrail_trail_event_8.yaml | 40 +- queries/aws_cloudtrail_trail_event_9.yaml | 40 +- queries/aws_cloudwatch_alarm_1.yaml | 26 +- queries/aws_cloudwatch_alarm_2.yaml | 23 +- queries/aws_cloudwatch_alarm_3.yaml | 22 +- queries/aws_cloudwatch_alarm_4.yaml | 25 +- queries/aws_cloudwatch_alarm_5.yaml | 31 +- queries/aws_cloudwatch_log_event_1.yaml | 31 +- queries/aws_cloudwatch_log_event_2.yaml | 31 +- queries/aws_cloudwatch_log_event_3.yaml | 32 +- queries/aws_cloudwatch_log_event_4.yaml | 35 +- queries/aws_cloudwatch_log_event_5.yaml | 36 +- queries/aws_cloudwatch_log_event_6.yaml | 32 +- queries/aws_cloudwatch_log_group_1.yaml | 25 +- queries/aws_cloudwatch_log_group_2.yaml | 23 +- queries/aws_cloudwatch_log_group_3.yaml | 25 +- queries/aws_cloudwatch_log_group_4.yaml | 34 +- queries/aws_cloudwatch_log_group_5.yaml | 24 +- .../aws_cloudwatch_log_metric_filter_1.yaml | 28 +- .../aws_cloudwatch_log_metric_filter_2.yaml | 23 +- .../aws_cloudwatch_log_metric_filter_3.yaml | 24 +- .../aws_cloudwatch_log_resource_policy_1.yaml | 21 +- queries/aws_cloudwatch_log_stream_1.yaml | 21 +- queries/aws_cloudwatch_log_stream_2.yaml | 21 +- ..._cloudwatch_log_subscription_filter_1.yaml | 22 +- ..._cloudwatch_log_subscription_filter_2.yaml | 22 +- ..._cloudwatch_log_subscription_filter_3.yaml | 23 +- queries/aws_cloudwatch_metric_1.yaml | 21 +- queries/aws_cloudwatch_metric_2.yaml | 22 +- queries/aws_cloudwatch_metric_3.yaml | 23 +- queries/aws_cloudwatch_metric_4.yaml | 25 +- queries/aws_cloudwatch_metric_5.yaml | 26 +- .../aws_cloudwatch_metric_data_point_1.yaml | 32 +- .../aws_cloudwatch_metric_data_point_2.yaml | 29 +- .../aws_cloudwatch_metric_data_point_3.yaml | 50 +- .../aws_cloudwatch_metric_data_point_4.yaml | 47 +- .../aws_cloudwatch_metric_data_point_5.yaml | 44 +- .../aws_cloudwatch_metric_data_point_6.yaml | 51 +- ...udwatch_metric_statistic_data_point_1.yaml | 34 +- ...udwatch_metric_statistic_data_point_2.yaml | 34 +- ...udwatch_metric_statistic_data_point_3.yaml | 37 +- ...udwatch_metric_statistic_data_point_4.yaml | 34 +- ...udwatch_metric_statistic_data_point_5.yaml | 36 +- ...udwatch_metric_statistic_data_point_6.yaml | 34 +- ...udwatch_metric_statistic_data_point_7.yaml | 35 +- queries/aws_codeartifact_domain_1.yaml | 25 +- queries/aws_codeartifact_domain_2.yaml | 30 +- queries/aws_codeartifact_domain_3.yaml | 26 +- queries/aws_codeartifact_domain_4.yaml | 37 +- queries/aws_codeartifact_domain_5.yaml | 27 +- queries/aws_codeartifact_domain_6.yaml | 25 +- queries/aws_codeartifact_domain_7.yaml | 27 +- queries/aws_codeartifact_repository_1.yaml | 24 +- queries/aws_codeartifact_repository_2.yaml | 24 +- queries/aws_codeartifact_repository_3.yaml | 37 +- queries/aws_codeartifact_repository_4.yaml | 25 +- queries/aws_codebuild_build_1.yaml | 29 +- queries/aws_codebuild_build_10.yaml | 35 +- queries/aws_codebuild_build_11.yaml | 29 +- queries/aws_codebuild_build_2.yaml | 22 +- queries/aws_codebuild_build_3.yaml | 25 +- queries/aws_codebuild_build_4.yaml | 23 +- queries/aws_codebuild_build_5.yaml | 27 +- queries/aws_codebuild_build_6.yaml | 33 +- queries/aws_codebuild_build_7.yaml | 39 +- queries/aws_codebuild_build_8.yaml | 21 +- queries/aws_codebuild_build_9.yaml | 28 +- queries/aws_codebuild_project_1.yaml | 29 +- queries/aws_codebuild_project_2.yaml | 34 +- queries/aws_codebuild_project_3.yaml | 24 +- queries/aws_codebuild_project_4.yaml | 28 +- queries/aws_codebuild_project_5.yaml | 24 +- .../aws_codebuild_source_credential_1.yaml | 20 +- .../aws_codebuild_source_credential_2.yaml | 29 +- queries/aws_codecommit_repository_1.yaml | 25 +- queries/aws_codedeploy_app_1.yaml | 24 +- queries/aws_codedeploy_app_2.yaml | 22 +- queries/aws_codedeploy_app_3.yaml | 25 +- .../aws_codedeploy_deployment_config_1.yaml | 25 +- .../aws_codedeploy_deployment_config_2.yaml | 23 +- .../aws_codedeploy_deployment_config_3.yaml | 26 +- .../aws_codedeploy_deployment_config_4.yaml | 28 +- .../aws_codedeploy_deployment_config_5.yaml | 27 +- .../aws_codedeploy_deployment_config_6.yaml | 29 +- .../aws_codedeploy_deployment_group_1.yaml | 25 +- .../aws_codedeploy_deployment_group_2.yaml | 21 +- .../aws_codedeploy_deployment_group_3.yaml | 22 +- .../aws_codedeploy_deployment_group_4.yaml | 23 +- .../aws_codedeploy_deployment_group_5.yaml | 27 +- .../aws_codedeploy_deployment_group_6.yaml | 29 +- .../aws_codedeploy_deployment_group_7.yaml | 24 +- queries/aws_codepipeline_pipeline_1.yaml | 22 +- queries/aws_codepipeline_pipeline_2.yaml | 24 +- queries/aws_codestar_notification_rule_1.yaml | 21 +- queries/aws_codestar_notification_rule_2.yaml | 23 +- queries/aws_codestar_notification_rule_3.yaml | 22 +- queries/aws_codestar_notification_rule_4.yaml | 27 +- queries/aws_codestar_notification_rule_5.yaml | 40 +- queries/aws_cognito_identity_pool_1.yaml | 25 +- queries/aws_cognito_identity_pool_2.yaml | 25 +- queries/aws_cognito_identity_pool_3.yaml | 25 +- queries/aws_cognito_identity_pool_4.yaml | 31 +- queries/aws_cognito_identity_provider_1.yaml | 25 +- queries/aws_cognito_identity_provider_2.yaml | 24 +- queries/aws_cognito_user_pool_1.yaml | 26 +- queries/aws_cognito_user_pool_2.yaml | 25 +- .../aws_config_aggregate_authorization_1.yaml | 24 +- .../aws_config_configuration_recorder_1.yaml | 23 +- .../aws_config_configuration_recorder_2.yaml | 24 +- .../aws_config_configuration_recorder_3.yaml | 26 +- queries/aws_config_conformance_pack_1.yaml | 23 +- queries/aws_config_conformance_pack_2.yaml | 23 +- queries/aws_config_conformance_pack_3.yaml | 26 +- .../aws_config_retention_configuration_1.yaml | 21 +- .../aws_config_retention_configuration_2.yaml | 22 +- .../aws_config_retention_configuration_3.yaml | 23 +- .../aws_config_retention_configuration_4.yaml | 27 +- queries/aws_config_rule_1.yaml | 26 +- queries/aws_config_rule_2.yaml | 26 +- queries/aws_config_rule_3.yaml | 25 +- queries/aws_config_rule_4.yaml | 23 +- queries/aws_config_rule_5.yaml | 24 +- queries/aws_config_rule_6.yaml | 24 +- queries/aws_cost_by_account_daily_1.yaml | 31 +- queries/aws_cost_by_account_daily_2.yaml | 29 +- queries/aws_cost_by_account_daily_3.yaml | 26 +- queries/aws_cost_by_account_monthly_1.yaml | 29 +- queries/aws_cost_by_account_monthly_2.yaml | 29 +- queries/aws_cost_by_account_monthly_3.yaml | 24 +- queries/aws_cost_by_account_monthly_4.yaml | 41 +- queries/aws_cost_by_record_type_daily_1.yaml | 33 +- queries/aws_cost_by_record_type_daily_2.yaml | 31 +- queries/aws_cost_by_record_type_daily_3.yaml | 28 +- .../aws_cost_by_record_type_monthly_1.yaml | 33 +- .../aws_cost_by_record_type_monthly_2.yaml | 31 +- .../aws_cost_by_record_type_monthly_3.yaml | 23 +- queries/aws_cost_by_service_daily_1.yaml | 33 +- queries/aws_cost_by_service_daily_2.yaml | 29 +- queries/aws_cost_by_service_daily_3.yaml | 30 +- queries/aws_cost_by_service_daily_4.yaml | 28 +- queries/aws_cost_by_service_daily_5.yaml | 28 +- queries/aws_cost_by_service_monthly_1.yaml | 32 +- queries/aws_cost_by_service_monthly_2.yaml | 28 +- queries/aws_cost_by_service_monthly_3.yaml | 29 +- queries/aws_cost_by_service_monthly_4.yaml | 27 +- queries/aws_cost_by_service_monthly_5.yaml | 31 +- queries/aws_cost_by_service_monthly_6.yaml | 45 +- ...ws_cost_by_service_usage_type_daily_1.yaml | 32 +- ...ws_cost_by_service_usage_type_daily_2.yaml | 32 +- ...ws_cost_by_service_usage_type_daily_3.yaml | 26 +- ...ws_cost_by_service_usage_type_daily_4.yaml | 28 +- ..._cost_by_service_usage_type_monthly_1.yaml | 32 +- ..._cost_by_service_usage_type_monthly_2.yaml | 32 +- ..._cost_by_service_usage_type_monthly_3.yaml | 28 +- ..._cost_by_service_usage_type_monthly_4.yaml | 30 +- queries/aws_cost_by_tag_1.yaml | 29 +- queries/aws_cost_by_tag_2.yaml | 30 +- queries/aws_cost_by_tag_3.yaml | 41 +- queries/aws_cost_forecast_daily_1.yaml | 22 +- queries/aws_cost_forecast_monthly_1.yaml | 24 +- queries/aws_cost_forecast_monthly_2.yaml | 42 +- queries/aws_cost_usage_1.yaml | 32 +- queries/aws_cost_usage_2.yaml | 43 +- queries/aws_cost_usage_3.yaml | 32 +- queries/aws_cost_usage_4.yaml | 34 +- queries/aws_dax_cluster_1.yaml | 23 +- queries/aws_dax_cluster_2.yaml | 25 +- queries/aws_dax_cluster_3.yaml | 27 +- queries/aws_dax_cluster_4.yaml | 28 +- queries/aws_dax_parameter_1.yaml | 22 +- queries/aws_dax_parameter_2.yaml | 26 +- queries/aws_dax_parameter_3.yaml | 28 +- queries/aws_dax_parameter_group_1.yaml | 21 +- queries/aws_dax_parameter_group_2.yaml | 26 +- queries/aws_dax_subnet_group_1.yaml | 22 +- queries/aws_dax_subnet_group_2.yaml | 30 +- queries/aws_dax_subnet_group_3.yaml | 30 +- .../aws_directory_service_certificate_1.yaml | 23 +- .../aws_directory_service_certificate_2.yaml | 30 +- .../aws_directory_service_certificate_3.yaml | 23 +- .../aws_directory_service_certificate_4.yaml | 26 +- .../aws_directory_service_certificate_5.yaml | 23 +- .../aws_directory_service_certificate_6.yaml | 21 +- .../aws_directory_service_certificate_7.yaml | 27 +- .../aws_directory_service_certificate_8.yaml | 25 +- .../aws_directory_service_directory_1.yaml | 21 +- .../aws_directory_service_directory_2.yaml | 25 +- .../aws_directory_service_directory_3.yaml | 28 +- .../aws_directory_service_directory_4.yaml | 26 +- .../aws_directory_service_directory_5.yaml | 28 +- ...s_directory_servicelog_subscription_1.yaml | 23 +- ...s_directory_servicelog_subscription_2.yaml | 27 +- queries/aws_dlm_lifecycle_policy_1.yaml | 21 +- queries/aws_dlm_lifecycle_policy_2.yaml | 26 +- queries/aws_dlm_lifecycle_policy_3.yaml | 27 +- queries/aws_dlm_lifecycle_policy_4.yaml | 29 +- queries/aws_dms_certificate_1.yaml | 27 +- queries/aws_dms_certificate_2.yaml | 31 +- queries/aws_dms_certificate_3.yaml | 29 +- queries/aws_dms_certificate_4.yaml | 27 +- queries/aws_dms_certificate_5.yaml | 26 +- queries/aws_dms_endpoint_1.yaml | 24 +- queries/aws_dms_endpoint_2.yaml | 25 +- queries/aws_dms_endpoint_3.yaml | 26 +- queries/aws_dms_endpoint_4.yaml | 29 +- queries/aws_dms_endpoint_5.yaml | 48 +- queries/aws_dms_replication_instance_1.yaml | 26 +- queries/aws_dms_replication_instance_2.yaml | 27 +- queries/aws_dms_replication_instance_3.yaml | 27 +- queries/aws_dms_replication_instance_4.yaml | 24 +- queries/aws_dms_replication_instance_5.yaml | 25 +- queries/aws_dms_replication_task_1.yaml | 26 +- queries/aws_dms_replication_task_2.yaml | 24 +- queries/aws_dms_replication_task_3.yaml | 24 +- queries/aws_dms_replication_task_4.yaml | 38 +- queries/aws_dms_replication_task_5.yaml | 28 +- queries/aws_dms_replication_task_6.yaml | 24 +- queries/aws_dms_replication_task_7.yaml | 25 +- queries/aws_docdb_cluster_1.yaml | 23 +- queries/aws_docdb_cluster_2.yaml | 26 +- queries/aws_docdb_cluster_3.yaml | 23 +- queries/aws_docdb_cluster_4.yaml | 21 +- queries/aws_docdb_cluster_5.yaml | 25 +- queries/aws_docdb_cluster_6.yaml | 28 +- queries/aws_docdb_cluster_7.yaml | 25 +- queries/aws_docdb_cluster_instance_1.yaml | 25 +- queries/aws_docdb_cluster_instance_2.yaml | 27 +- queries/aws_docdb_cluster_instance_3.yaml | 24 +- queries/aws_docdb_cluster_instance_4.yaml | 31 +- queries/aws_docdb_cluster_instance_5.yaml | 23 +- queries/aws_docdb_cluster_instance_6.yaml | 24 +- queries/aws_docdb_cluster_instance_7.yaml | 22 +- queries/aws_docdb_cluster_snapshot_1.yaml | 24 +- queries/aws_docdb_cluster_snapshot_2.yaml | 21 +- queries/aws_docdb_cluster_snapshot_3.yaml | 21 +- queries/aws_docdb_cluster_snapshot_4.yaml | 22 +- queries/aws_drs_job_1.yaml | 22 +- queries/aws_drs_job_2.yaml | 24 +- queries/aws_drs_job_3.yaml | 29 +- queries/aws_drs_recovery_instance_1.yaml | 23 +- queries/aws_drs_recovery_instance_2.yaml | 35 +- queries/aws_drs_recovery_instance_3.yaml | 41 +- queries/aws_drs_recovery_instance_4.yaml | 30 +- queries/aws_drs_recovery_instance_5.yaml | 28 +- queries/aws_drs_recovery_snapshot_1.yaml | 26 +- queries/aws_drs_recovery_snapshot_2.yaml | 30 +- queries/aws_drs_recovery_snapshot_3.yaml | 25 +- queries/aws_drs_recovery_snapshot_4.yaml | 28 +- queries/aws_drs_recovery_snapshot_5.yaml | 39 +- queries/aws_drs_source_server_1.yaml | 23 +- queries/aws_drs_source_server_2.yaml | 26 +- queries/aws_drs_source_server_3.yaml | 32 +- queries/aws_drs_source_server_4.yaml | 31 +- queries/aws_drs_source_server_5.yaml | 33 +- queries/aws_drs_source_server_6.yaml | 23 +- queries/aws_drs_source_server_7.yaml | 32 +- queries/aws_dynamodb_backup_1.yaml | 19 +- queries/aws_dynamodb_backup_2.yaml | 24 +- queries/aws_dynamodb_global_table_1.yaml | 22 +- queries/aws_dynamodb_global_table_2.yaml | 32 +- ...ount_provisioned_read_capacity_util_1.yaml | 27 +- ...ount_provisioned_read_capacity_util_2.yaml | 29 +- ...unt_provisioned_write_capacity_util_1.yaml | 27 +- ...unt_provisioned_write_capacity_util_2.yaml | 29 +- queries/aws_dynamodb_table_1.yaml | 23 +- queries/aws_dynamodb_table_2.yaml | 21 +- queries/aws_dynamodb_table_3.yaml | 23 +- queries/aws_dynamodb_table_4.yaml | 22 +- queries/aws_dynamodb_table_export_1.yaml | 23 +- queries/aws_dynamodb_table_export_2.yaml | 27 +- queries/aws_dynamodb_table_export_3.yaml | 29 +- queries/aws_ebs_snapshot_1.yaml | 24 +- queries/aws_ebs_snapshot_2.yaml | 27 +- queries/aws_ebs_snapshot_3.yaml | 24 +- queries/aws_ebs_snapshot_4.yaml | 21 +- queries/aws_ebs_snapshot_5.yaml | 23 +- queries/aws_ebs_snapshot_6.yaml | 25 +- queries/aws_ebs_snapshot_7.yaml | 25 +- queries/aws_ebs_volume_1.yaml | 23 +- queries/aws_ebs_volume_2.yaml | 23 +- queries/aws_ebs_volume_3.yaml | 23 +- queries/aws_ebs_volume_4.yaml | 23 +- queries/aws_ebs_volume_5.yaml | 23 +- queries/aws_ebs_volume_6.yaml | 28 +- queries/aws_ebs_volume_7.yaml | 23 +- queries/aws_ebs_volume_metric_read_ops_1.yaml | 29 +- queries/aws_ebs_volume_metric_read_ops_2.yaml | 29 +- queries/aws_ebs_volume_metric_read_ops_3.yaml | 31 +- queries/aws_ebs_volume_metric_read_ops_4.yaml | 40 +- ...ws_ebs_volume_metric_read_ops_daily_1.yaml | 27 +- ...ws_ebs_volume_metric_read_ops_daily_2.yaml | 29 +- ...ws_ebs_volume_metric_read_ops_daily_3.yaml | 29 +- ...ws_ebs_volume_metric_read_ops_daily_4.yaml | 42 +- ...s_ebs_volume_metric_read_ops_hourly_1.yaml | 30 +- ...s_ebs_volume_metric_read_ops_hourly_2.yaml | 32 +- ...s_ebs_volume_metric_read_ops_hourly_3.yaml | 32 +- ...s_ebs_volume_metric_read_ops_hourly_4.yaml | 38 +- ...s_ebs_volume_metric_read_ops_hourly_5.yaml | 41 +- .../aws_ebs_volume_metric_write_ops_1.yaml | 30 +- .../aws_ebs_volume_metric_write_ops_2.yaml | 30 +- .../aws_ebs_volume_metric_write_ops_3.yaml | 32 +- .../aws_ebs_volume_metric_write_ops_4.yaml | 43 +- ...s_ebs_volume_metric_write_ops_daily_1.yaml | 29 +- ...s_ebs_volume_metric_write_ops_daily_2.yaml | 31 +- ...s_ebs_volume_metric_write_ops_daily_3.yaml | 31 +- ...s_ebs_volume_metric_write_ops_daily_4.yaml | 40 +- ..._ebs_volume_metric_write_ops_hourly_1.yaml | 27 +- ..._ebs_volume_metric_write_ops_hourly_2.yaml | 29 +- ..._ebs_volume_metric_write_ops_hourly_3.yaml | 29 +- ..._ebs_volume_metric_write_ops_hourly_4.yaml | 39 +- ..._ebs_volume_metric_write_ops_hourly_5.yaml | 42 +- queries/aws_ec2_ami_1.yaml | 26 +- queries/aws_ec2_ami_2.yaml | 22 +- queries/aws_ec2_ami_3.yaml | 25 +- queries/aws_ec2_ami_4.yaml | 31 +- queries/aws_ec2_ami_shared_1.yaml | 28 +- queries/aws_ec2_ami_shared_2.yaml | 29 +- queries/aws_ec2_ami_shared_3.yaml | 27 +- .../aws_ec2_application_load_balancer_1.yaml | 22 +- .../aws_ec2_application_load_balancer_2.yaml | 30 +- .../aws_ec2_application_load_balancer_3.yaml | 24 +- .../aws_ec2_application_load_balancer_4.yaml | 27 +- .../aws_ec2_application_load_balancer_5.yaml | 31 +- ..._load_balancer_metric_request_count_1.yaml | 29 +- ..._load_balancer_metric_request_count_2.yaml | 33 +- ...balancer_metric_request_count_daily_1.yaml | 31 +- ...balancer_metric_request_count_daily_2.yaml | 31 +- queries/aws_ec2_autoscaling_group_1.yaml | 28 +- queries/aws_ec2_autoscaling_group_2.yaml | 22 +- queries/aws_ec2_autoscaling_group_3.yaml | 35 +- queries/aws_ec2_autoscaling_group_4.yaml | 20 +- queries/aws_ec2_capacity_reservation_1.yaml | 21 +- queries/aws_ec2_capacity_reservation_2.yaml | 26 +- queries/aws_ec2_capacity_reservation_3.yaml | 26 +- queries/aws_ec2_classic_load_balancer_1.yaml | 19 +- queries/aws_ec2_classic_load_balancer_2.yaml | 20 +- queries/aws_ec2_classic_load_balancer_3.yaml | 20 +- queries/aws_ec2_classic_load_balancer_4.yaml | 30 +- queries/aws_ec2_classic_load_balancer_5.yaml | 23 +- queries/aws_ec2_client_vpn_endpoint_1.yaml | 27 +- queries/aws_ec2_client_vpn_endpoint_2.yaml | 27 +- queries/aws_ec2_client_vpn_endpoint_3.yaml | 28 +- queries/aws_ec2_client_vpn_endpoint_4.yaml | 33 +- queries/aws_ec2_client_vpn_endpoint_5.yaml | 30 +- queries/aws_ec2_client_vpn_endpoint_6.yaml | 30 +- queries/aws_ec2_client_vpn_endpoint_7.yaml | 31 +- queries/aws_ec2_gateway_load_balancer_1.yaml | 23 +- queries/aws_ec2_gateway_load_balancer_2.yaml | 27 +- queries/aws_ec2_gateway_load_balancer_3.yaml | 27 +- queries/aws_ec2_gateway_load_balancer_4.yaml | 28 +- queries/aws_ec2_gateway_load_balancer_5.yaml | 26 +- queries/aws_ec2_gateway_load_balancer_6.yaml | 21 +- queries/aws_ec2_gateway_load_balancer_7.yaml | 23 +- queries/aws_ec2_instance_1.yaml | 24 +- queries/aws_ec2_instance_10.yaml | 23 +- queries/aws_ec2_instance_11.yaml | 24 +- queries/aws_ec2_instance_12.yaml | 28 +- queries/aws_ec2_instance_13.yaml | 25 +- queries/aws_ec2_instance_14.yaml | 32 +- queries/aws_ec2_instance_15.yaml | 27 +- queries/aws_ec2_instance_2.yaml | 23 +- queries/aws_ec2_instance_3.yaml | 21 +- queries/aws_ec2_instance_4.yaml | 27 +- queries/aws_ec2_instance_5.yaml | 23 +- queries/aws_ec2_instance_6.yaml | 23 +- queries/aws_ec2_instance_7.yaml | 23 +- queries/aws_ec2_instance_8.yaml | 29 +- queries/aws_ec2_instance_9.yaml | 25 +- queries/aws_ec2_instance_availability_1.yaml | 23 +- queries/aws_ec2_instance_availability_2.yaml | 24 +- ...ec2_instance_metric_cpu_utilization_1.yaml | 26 +- ...ec2_instance_metric_cpu_utilization_2.yaml | 28 +- ...stance_metric_cpu_utilization_daily_1.yaml | 26 +- ...stance_metric_cpu_utilization_daily_2.yaml | 32 +- ...stance_metric_cpu_utilization_daily_3.yaml | 28 +- ...tance_metric_cpu_utilization_hourly_1.yaml | 29 +- ...tance_metric_cpu_utilization_hourly_2.yaml | 29 +- ...tance_metric_cpu_utilization_hourly_3.yaml | 31 +- queries/aws_ec2_instance_type_1.yaml | 23 +- queries/aws_ec2_instance_type_2.yaml | 23 +- queries/aws_ec2_instance_type_3.yaml | 32 +- queries/aws_ec2_instance_type_4.yaml | 24 +- queries/aws_ec2_instance_type_5.yaml | 21 +- queries/aws_ec2_key_pair_1.yaml | 21 +- queries/aws_ec2_key_pair_2.yaml | 21 +- queries/aws_ec2_launch_configuration_1.yaml | 26 +- queries/aws_ec2_launch_configuration_2.yaml | 18 +- queries/aws_ec2_launch_configuration_3.yaml | 23 +- queries/aws_ec2_launch_configuration_4.yaml | 19 +- queries/aws_ec2_launch_configuration_5.yaml | 25 +- queries/aws_ec2_launch_template_1.yaml | 24 +- queries/aws_ec2_launch_template_2.yaml | 24 +- queries/aws_ec2_launch_template_3.yaml | 24 +- .../aws_ec2_launch_template_version_1.yaml | 25 +- .../aws_ec2_launch_template_version_2.yaml | 26 +- .../aws_ec2_launch_template_version_3.yaml | 27 +- .../aws_ec2_launch_template_version_4.yaml | 27 +- .../aws_ec2_launch_template_version_5.yaml | 21 +- .../aws_ec2_launch_template_version_6.yaml | 69 +- .../aws_ec2_launch_template_version_7.yaml | 25 +- .../aws_ec2_launch_template_version_8.yaml | 25 +- .../aws_ec2_launch_template_version_9.yaml | 23 +- queries/aws_ec2_load_balancer_listener_1.yaml | 20 +- queries/aws_ec2_load_balancer_listener_2.yaml | 30 +- queries/aws_ec2_load_balancer_listener_3.yaml | 25 +- ...aws_ec2_load_balancer_listener_rule_1.yaml | 26 +- ...aws_ec2_load_balancer_listener_rule_2.yaml | 26 +- ...aws_ec2_load_balancer_listener_rule_3.yaml | 35 +- ...aws_ec2_load_balancer_listener_rule_4.yaml | 24 +- ...aws_ec2_load_balancer_listener_rule_5.yaml | 31 +- ...aws_ec2_load_balancer_listener_rule_6.yaml | 35 +- queries/aws_ec2_managed_prefix_list_1.yaml | 23 +- queries/aws_ec2_managed_prefix_list_2.yaml | 26 +- queries/aws_ec2_managed_prefix_list_3.yaml | 24 +- queries/aws_ec2_managed_prefix_list_4.yaml | 24 +- queries/aws_ec2_managed_prefix_list_5.yaml | 26 +- queries/aws_ec2_managed_prefix_list_6.yaml | 24 +- .../aws_ec2_managed_prefix_list_entry_1.yaml | 20 +- .../aws_ec2_managed_prefix_list_entry_2.yaml | 28 +- .../aws_ec2_managed_prefix_list_entry_3.yaml | 24 +- queries/aws_ec2_network_interface_1.yaml | 26 +- queries/aws_ec2_network_interface_2.yaml | 29 +- queries/aws_ec2_network_interface_3.yaml | 26 +- queries/aws_ec2_network_interface_4.yaml | 28 +- queries/aws_ec2_network_interface_5.yaml | 31 +- queries/aws_ec2_network_load_balancer_1.yaml | 25 +- queries/aws_ec2_network_load_balancer_2.yaml | 28 +- queries/aws_ec2_network_load_balancer_3.yaml | 28 +- queries/aws_ec2_network_load_balancer_4.yaml | 26 +- ...load_balancer_metric_net_flow_count_1.yaml | 31 +- ...load_balancer_metric_net_flow_count_2.yaml | 34 +- ...alancer_metric_net_flow_count_daily_1.yaml | 33 +- ...alancer_metric_net_flow_count_daily_2.yaml | 34 +- queries/aws_ec2_regional_settings_1.yaml | 23 +- queries/aws_ec2_regional_settings_2.yaml | 23 +- queries/aws_ec2_regional_settings_3.yaml | 22 +- queries/aws_ec2_reserved_instance_1.yaml | 29 +- queries/aws_ec2_reserved_instance_2.yaml | 24 +- queries/aws_ec2_reserved_instance_3.yaml | 24 +- queries/aws_ec2_reserved_instance_4.yaml | 25 +- queries/aws_ec2_reserved_instance_5.yaml | 25 +- queries/aws_ec2_spot_price_1.yaml | 39 +- queries/aws_ec2_ssl_policy_1.yaml | 20 +- queries/aws_ec2_ssl_policy_2.yaml | 29 +- queries/aws_ec2_target_group_1.yaml | 21 +- queries/aws_ec2_target_group_2.yaml | 30 +- queries/aws_ec2_target_group_3.yaml | 27 +- queries/aws_ec2_target_group_4.yaml | 27 +- queries/aws_ec2_transit_gateway_1.yaml | 23 +- queries/aws_ec2_transit_gateway_2.yaml | 21 +- queries/aws_ec2_transit_gateway_3.yaml | 23 +- queries/aws_ec2_transit_gateway_4.yaml | 21 +- queries/aws_ec2_transit_gateway_route_1.yaml | 25 +- queries/aws_ec2_transit_gateway_route_2.yaml | 26 +- ...aws_ec2_transit_gateway_route_table_1.yaml | 23 +- ...aws_ec2_transit_gateway_route_table_2.yaml | 25 +- ..._ec2_transit_gateway_vpc_attachment_1.yaml | 26 +- ..._ec2_transit_gateway_vpc_attachment_2.yaml | 23 +- queries/aws_ecr_image_1.yaml | 26 +- queries/aws_ecr_image_2.yaml | 24 +- queries/aws_ecr_image_3.yaml | 22 +- queries/aws_ecr_image_4.yaml | 29 +- queries/aws_ecr_image_5.yaml | 31 +- queries/aws_ecr_image_6.yaml | 34 +- queries/aws_ecr_image_7.yaml | 29 +- queries/aws_ecr_image_scan_finding_1.yaml | 37 +- queries/aws_ecr_image_scan_finding_2.yaml | 40 +- ...ecr_registry_scanning_configuration_1.yaml | 22 +- ...ecr_registry_scanning_configuration_2.yaml | 25 +- ...ecr_registry_scanning_configuration_3.yaml | 21 +- queries/aws_ecr_repository_1.yaml | 26 +- queries/aws_ecr_repository_10.yaml | 24 +- queries/aws_ecr_repository_11.yaml | 26 +- queries/aws_ecr_repository_2.yaml | 26 +- queries/aws_ecr_repository_3.yaml | 24 +- queries/aws_ecr_repository_4.yaml | 32 +- queries/aws_ecr_repository_5.yaml | 28 +- queries/aws_ecr_repository_6.yaml | 21 +- queries/aws_ecr_repository_7.yaml | 33 +- queries/aws_ecr_repository_8.yaml | 31 +- queries/aws_ecr_repository_9.yaml | 25 +- queries/aws_ecrpublic_repository_1.yaml | 26 +- queries/aws_ecrpublic_repository_2.yaml | 33 +- queries/aws_ecs_cluster_1.yaml | 23 +- queries/aws_ecs_cluster_2.yaml | 23 +- queries/aws_ecs_cluster_3.yaml | 23 +- queries/aws_ecs_cluster_4.yaml | 26 +- ..._ecs_cluster_metric_cpu_utilization_1.yaml | 27 +- ..._ecs_cluster_metric_cpu_utilization_2.yaml | 32 +- ...luster_metric_cpu_utilization_daily_1.yaml | 29 +- ...luster_metric_cpu_utilization_daily_2.yaml | 30 +- ...luster_metric_cpu_utilization_daily_3.yaml | 30 +- ...uster_metric_cpu_utilization_hourly_1.yaml | 27 +- ...uster_metric_cpu_utilization_hourly_2.yaml | 30 +- ...uster_metric_cpu_utilization_hourly_3.yaml | 30 +- queries/aws_ecs_container_instance_1.yaml | 27 +- queries/aws_ecs_container_instance_2.yaml | 24 +- queries/aws_ecs_container_instance_3.yaml | 25 +- queries/aws_ecs_container_instance_4.yaml | 28 +- queries/aws_ecs_service_1.yaml | 24 +- queries/aws_ecs_service_2.yaml | 25 +- queries/aws_ecs_service_3.yaml | 24 +- queries/aws_ecs_task_1.yaml | 23 +- queries/aws_ecs_task_2.yaml | 28 +- queries/aws_ecs_task_3.yaml | 22 +- queries/aws_ecs_task_definition_1.yaml | 26 +- queries/aws_ecs_task_definition_2.yaml | 22 +- queries/aws_ecs_task_definition_3.yaml | 25 +- queries/aws_ecs_task_definition_4.yaml | 28 +- queries/aws_efs_access_point_1.yaml | 27 +- queries/aws_efs_access_point_2.yaml | 25 +- queries/aws_efs_access_point_3.yaml | 27 +- queries/aws_efs_file_system_1.yaml | 29 +- queries/aws_efs_file_system_2.yaml | 26 +- queries/aws_efs_file_system_3.yaml | 25 +- queries/aws_efs_file_system_4.yaml | 33 +- queries/aws_efs_file_system_5.yaml | 41 +- queries/aws_efs_file_system_6.yaml | 24 +- queries/aws_efs_mount_target_1.yaml | 24 +- queries/aws_efs_mount_target_2.yaml | 21 +- queries/aws_eks_addon_1.yaml | 25 +- queries/aws_eks_addon_2.yaml | 25 +- queries/aws_eks_addon_3.yaml | 23 +- queries/aws_eks_addon_version_1.yaml | 18 +- queries/aws_eks_addon_version_2.yaml | 22 +- queries/aws_eks_addon_version_3.yaml | 26 +- queries/aws_eks_cluster_1.yaml | 22 +- queries/aws_eks_cluster_2.yaml | 32 +- queries/aws_eks_cluster_3.yaml | 26 +- queries/aws_eks_cluster_4.yaml | 24 +- queries/aws_eks_fargate_profile_1.yaml | 25 +- queries/aws_eks_fargate_profile_2.yaml | 27 +- queries/aws_eks_fargate_profile_3.yaml | 31 +- queries/aws_eks_fargate_profile_4.yaml | 34 +- .../aws_eks_identity_provider_config_1.yaml | 22 +- .../aws_eks_identity_provider_config_2.yaml | 23 +- queries/aws_eks_node_group_1.yaml | 24 +- queries/aws_eks_node_group_2.yaml | 26 +- queries/aws_eks_node_group_3.yaml | 22 +- queries/aws_eks_node_group_4.yaml | 22 +- .../aws_elastic_beanstalk_application_1.yaml | 25 +- .../aws_elastic_beanstalk_application_2.yaml | 23 +- ...astic_beanstalk_application_version_1.yaml | 26 +- ...astic_beanstalk_application_version_2.yaml | 26 +- ...astic_beanstalk_application_version_3.yaml | 24 +- ...astic_beanstalk_application_version_4.yaml | 27 +- ...astic_beanstalk_application_version_5.yaml | 24 +- ...astic_beanstalk_application_version_6.yaml | 23 +- .../aws_elastic_beanstalk_environment_1.yaml | 22 +- .../aws_elastic_beanstalk_environment_2.yaml | 22 +- .../aws_elastic_beanstalk_environment_3.yaml | 25 +- .../aws_elastic_beanstalk_environment_4.yaml | 21 +- .../aws_elastic_beanstalk_environment_5.yaml | 27 +- .../aws_elastic_beanstalk_environment_6.yaml | 40 +- queries/aws_elasticache_cluster_1.yaml | 24 +- queries/aws_elasticache_cluster_2.yaml | 21 +- queries/aws_elasticache_cluster_3.yaml | 24 +- queries/aws_elasticache_cluster_4.yaml | 24 +- queries/aws_elasticache_cluster_5.yaml | 25 +- queries/aws_elasticache_cluster_6.yaml | 24 +- queries/aws_elasticache_cluster_7.yaml | 26 +- .../aws_elasticache_parameter_group_1.yaml | 22 +- .../aws_elasticache_parameter_group_2.yaml | 24 +- ...ache_redis_metric_cache_hits_hourly_1.yaml | 28 +- ...ache_redis_metric_cache_hits_hourly_2.yaml | 30 +- ...ache_redis_metric_cache_hits_hourly_3.yaml | 29 +- ...edis_metric_curr_connections_hourly_1.yaml | 28 +- ...edis_metric_curr_connections_hourly_2.yaml | 32 +- ...metric_engine_cpu_utilization_daily_1.yaml | 29 +- ...metric_engine_cpu_utilization_daily_2.yaml | 29 +- ...metric_engine_cpu_utilization_daily_3.yaml | 29 +- ...etric_engine_cpu_utilization_hourly_1.yaml | 27 +- ...etric_engine_cpu_utilization_hourly_2.yaml | 31 +- ...etric_engine_cpu_utilization_hourly_3.yaml | 31 +- ...e_redis_metric_get_type_cmds_hourly_1.yaml | 28 +- ...e_redis_metric_get_type_cmds_hourly_2.yaml | 30 +- ...redis_metric_list_based_cmds_hourly_1.yaml | 28 +- ...redis_metric_list_based_cmds_hourly_2.yaml | 32 +- ...redis_metric_new_connections_hourly_1.yaml | 26 +- ...redis_metric_new_connections_hourly_2.yaml | 30 +- .../aws_elasticache_replication_group_1.yaml | 23 +- .../aws_elasticache_replication_group_2.yaml | 26 +- .../aws_elasticache_replication_group_3.yaml | 24 +- .../aws_elasticache_replication_group_4.yaml | 26 +- .../aws_elasticache_replication_group_5.yaml | 23 +- .../aws_elasticache_replication_group_6.yaml | 19 +- ...aws_elasticache_reserved_cache_node_1.yaml | 22 +- ...aws_elasticache_reserved_cache_node_2.yaml | 27 +- ...aws_elasticache_reserved_cache_node_3.yaml | 25 +- ...aws_elasticache_reserved_cache_node_4.yaml | 25 +- ...aws_elasticache_reserved_cache_node_5.yaml | 25 +- queries/aws_elasticache_subnet_group_1.yaml | 22 +- queries/aws_elasticache_subnet_group_2.yaml | 27 +- queries/aws_elasticache_subnet_group_3.yaml | 25 +- queries/aws_elasticsearch_domain_1.yaml | 25 +- queries/aws_elasticsearch_domain_2.yaml | 30 +- queries/aws_elasticsearch_domain_3.yaml | 29 +- queries/aws_elasticsearch_domain_4.yaml | 30 +- queries/aws_elasticsearch_domain_5.yaml | 25 +- queries/aws_elasticsearch_domain_6.yaml | 33 +- queries/aws_elasticsearch_domain_7.yaml | 25 +- queries/aws_elasticsearch_domain_8.yaml | 26 +- ...r_block_public_access_configuration_1.yaml | 29 +- ...r_block_public_access_configuration_2.yaml | 23 +- ...r_block_public_access_configuration_3.yaml | 26 +- ...r_block_public_access_configuration_4.yaml | 21 +- queries/aws_emr_cluster_1.yaml | 22 +- queries/aws_emr_cluster_2.yaml | 21 +- queries/aws_emr_cluster_3.yaml | 25 +- queries/aws_emr_cluster_4.yaml | 22 +- queries/aws_emr_cluster_5.yaml | 21 +- queries/aws_emr_cluster_6.yaml | 25 +- queries/aws_emr_cluster_metric_is_idle_1.yaml | 26 +- queries/aws_emr_instance_1.yaml | 25 +- queries/aws_emr_instance_2.yaml | 24 +- queries/aws_emr_instance_3.yaml | 24 +- queries/aws_emr_instance_4.yaml | 28 +- queries/aws_emr_instance_fleet_1.yaml | 25 +- queries/aws_emr_instance_fleet_2.yaml | 27 +- queries/aws_emr_instance_fleet_3.yaml | 23 +- queries/aws_emr_instance_group_1.yaml | 22 +- queries/aws_emr_instance_group_2.yaml | 29 +- queries/aws_emr_instance_group_3.yaml | 24 +- queries/aws_emr_security_configuration_1.yaml | 30 +- queries/aws_emr_security_configuration_2.yaml | 28 +- queries/aws_emr_security_configuration_3.yaml | 40 +- queries/aws_eventbridge_bus_1.yaml | 23 +- queries/aws_eventbridge_rule_1.yaml | 24 +- queries/aws_eventbridge_rule_2.yaml | 23 +- queries/aws_eventbridge_rule_3.yaml | 25 +- queries/aws_fms_app_list_1.yaml | 22 +- queries/aws_fms_app_list_2.yaml | 26 +- queries/aws_fms_app_list_3.yaml | 27 +- queries/aws_fms_policy_1.yaml | 26 +- queries/aws_fms_policy_2.yaml | 29 +- queries/aws_fms_policy_3.yaml | 25 +- queries/aws_fms_policy_4.yaml | 26 +- queries/aws_fsx_file_system_1.yaml | 27 +- queries/aws_fsx_file_system_2.yaml | 27 +- queries/aws_glacier_vault_1.yaml | 23 +- queries/aws_glacier_vault_2.yaml | 32 +- queries/aws_glacier_vault_3.yaml | 32 +- queries/aws_glacier_vault_4.yaml | 28 +- queries/aws_glacier_vault_5.yaml | 22 +- queries/aws_glacier_vault_6.yaml | 24 +- .../aws_globalaccelerator_accelerator_1.yaml | 23 +- .../aws_globalaccelerator_accelerator_2.yaml | 28 +- .../aws_globalaccelerator_accelerator_3.yaml | 20 +- ...ws_globalaccelerator_endpoint_group_1.yaml | 31 +- ...ws_globalaccelerator_endpoint_group_2.yaml | 33 +- ...ws_globalaccelerator_endpoint_group_3.yaml | 43 +- queries/aws_globalaccelerator_listener_1.yaml | 22 +- queries/aws_globalaccelerator_listener_2.yaml | 24 +- queries/aws_globalaccelerator_listener_3.yaml | 30 +- queries/aws_globalaccelerator_listener_4.yaml | 34 +- queries/aws_glue_catalog_database_1.yaml | 23 +- queries/aws_glue_catalog_database_2.yaml | 23 +- queries/aws_glue_catalog_table_1.yaml | 21 +- queries/aws_glue_catalog_table_2.yaml | 24 +- queries/aws_glue_catalog_table_3.yaml | 25 +- queries/aws_glue_connection_1.yaml | 22 +- queries/aws_glue_connection_2.yaml | 26 +- queries/aws_glue_connection_3.yaml | 27 +- queries/aws_glue_connection_4.yaml | 31 +- queries/aws_glue_crawler_1.yaml | 25 +- queries/aws_glue_crawler_2.yaml | 28 +- ...ue_data_catalog_encryption_settings_1.yaml | 22 +- ...ue_data_catalog_encryption_settings_2.yaml | 23 +- ...ue_data_catalog_encryption_settings_3.yaml | 26 +- ...ue_data_catalog_encryption_settings_4.yaml | 27 +- ...ue_data_catalog_encryption_settings_5.yaml | 28 +- queries/aws_glue_data_quality_ruleset_1.yaml | 26 +- queries/aws_glue_data_quality_ruleset_2.yaml | 29 +- queries/aws_glue_data_quality_ruleset_3.yaml | 23 +- queries/aws_glue_data_quality_ruleset_4.yaml | 31 +- queries/aws_glue_data_quality_ruleset_5.yaml | 20 +- queries/aws_glue_dev_endpoint_1.yaml | 28 +- queries/aws_glue_dev_endpoint_2.yaml | 29 +- queries/aws_glue_dev_endpoint_3.yaml | 27 +- queries/aws_glue_dev_endpoint_4.yaml | 27 +- queries/aws_glue_dev_endpoint_5.yaml | 35 +- queries/aws_glue_dev_endpoint_6.yaml | 33 +- queries/aws_glue_job_1.yaml | 26 +- queries/aws_glue_job_10.yaml | 26 +- queries/aws_glue_job_2.yaml | 25 +- queries/aws_glue_job_3.yaml | 28 +- queries/aws_glue_job_4.yaml | 30 +- queries/aws_glue_job_5.yaml | 32 +- queries/aws_glue_job_6.yaml | 31 +- queries/aws_glue_job_7.yaml | 25 +- queries/aws_glue_job_8.yaml | 26 +- queries/aws_glue_job_9.yaml | 26 +- .../aws_glue_security_configuration_1.yaml | 26 +- .../aws_glue_security_configuration_2.yaml | 26 +- .../aws_glue_security_configuration_3.yaml | 26 +- .../aws_glue_security_configuration_4.yaml | 27 +- queries/aws_guardduty_detector_1.yaml | 22 +- queries/aws_guardduty_detector_2.yaml | 22 +- queries/aws_guardduty_detector_3.yaml | 26 +- queries/aws_guardduty_detector_4.yaml | 24 +- queries/aws_guardduty_filter_1.yaml | 22 +- queries/aws_guardduty_filter_2.yaml | 25 +- queries/aws_guardduty_filter_3.yaml | 26 +- queries/aws_guardduty_filter_4.yaml | 21 +- queries/aws_guardduty_filter_5.yaml | 25 +- queries/aws_guardduty_finding_1.yaml | 23 +- queries/aws_guardduty_finding_2.yaml | 26 +- queries/aws_guardduty_ipset_1.yaml | 24 +- queries/aws_guardduty_ipset_2.yaml | 24 +- queries/aws_guardduty_member_1.yaml | 23 +- queries/aws_guardduty_member_2.yaml | 24 +- queries/aws_guardduty_member_3.yaml | 25 +- queries/aws_guardduty_member_4.yaml | 28 +- ...ws_guardduty_publishing_destination_1.yaml | 24 +- ...ws_guardduty_publishing_destination_2.yaml | 24 +- ...ws_guardduty_publishing_destination_3.yaml | 27 +- ...ws_guardduty_publishing_destination_4.yaml | 23 +- ...ws_guardduty_publishing_destination_5.yaml | 33 +- ...ws_guardduty_publishing_destination_6.yaml | 34 +- queries/aws_guardduty_threat_intel_set_1.yaml | 26 +- queries/aws_guardduty_threat_intel_set_2.yaml | 23 +- queries/aws_health_affected_entity_1.yaml | 27 +- queries/aws_health_affected_entity_2.yaml | 30 +- queries/aws_health_affected_entity_3.yaml | 29 +- queries/aws_health_event_1.yaml | 29 +- queries/aws_health_event_2.yaml | 26 +- queries/aws_health_event_3.yaml | 28 +- queries/aws_health_event_4.yaml | 29 +- queries/aws_iam_access_advisor_1.yaml | 30 +- queries/aws_iam_access_advisor_2.yaml | 25 +- queries/aws_iam_access_advisor_3.yaml | 32 +- queries/aws_iam_access_advisor_4.yaml | 44 +- queries/aws_iam_access_advisor_5.yaml | 38 +- queries/aws_iam_access_advisor_6.yaml | 26 +- queries/aws_iam_access_key_1.yaml | 23 +- queries/aws_iam_access_key_2.yaml | 27 +- queries/aws_iam_access_key_3.yaml | 24 +- .../aws_iam_account_password_policy_1.yaml | 32 +- .../aws_iam_account_password_policy_2.yaml | 18 +- .../aws_iam_account_password_policy_3.yaml | 18 +- .../aws_iam_account_password_policy_4.yaml | 20 +- .../aws_iam_account_password_policy_5.yaml | 20 +- .../aws_iam_account_password_policy_6.yaml | 20 +- .../aws_iam_account_password_policy_7.yaml | 18 +- .../aws_iam_account_password_policy_8.yaml | 21 +- queries/aws_iam_account_summary_1.yaml | 19 +- queries/aws_iam_account_summary_2.yaml | 17 +- queries/aws_iam_account_summary_3.yaml | 20 +- queries/aws_iam_action_1.yaml | 25 +- queries/aws_iam_action_2.yaml | 20 +- queries/aws_iam_action_3.yaml | 22 +- queries/aws_iam_action_4.yaml | 31 +- queries/aws_iam_action_5.yaml | 41 +- queries/aws_iam_credential_report_1.yaml | 23 +- queries/aws_iam_credential_report_2.yaml | 31 +- queries/aws_iam_credential_report_3.yaml | 21 +- queries/aws_iam_credential_report_4.yaml | 31 +- queries/aws_iam_credential_report_5.yaml | 26 +- queries/aws_iam_credential_report_6.yaml | 24 +- queries/aws_iam_group_1.yaml | 30 +- queries/aws_iam_group_2.yaml | 27 +- queries/aws_iam_group_3.yaml | 22 +- queries/aws_iam_group_4.yaml | 22 +- .../aws_iam_open_id_connect_provider_1.yaml | 25 +- .../aws_iam_open_id_connect_provider_2.yaml | 30 +- .../aws_iam_open_id_connect_provider_3.yaml | 29 +- .../aws_iam_open_id_connect_provider_4.yaml | 30 +- queries/aws_iam_policy_1.yaml | 22 +- queries/aws_iam_policy_2.yaml | 24 +- queries/aws_iam_policy_3.yaml | 24 +- queries/aws_iam_policy_4.yaml | 27 +- queries/aws_iam_policy_5.yaml | 30 +- queries/aws_iam_policy_6.yaml | 33 +- queries/aws_iam_policy_7.yaml | 35 +- queries/aws_iam_policy_attachment_1.yaml | 25 +- queries/aws_iam_policy_attachment_2.yaml | 23 +- queries/aws_iam_policy_attachment_3.yaml | 27 +- queries/aws_iam_policy_simulator_1.yaml | 24 +- queries/aws_iam_policy_simulator_2.yaml | 25 +- queries/aws_iam_policy_simulator_3.yaml | 26 +- queries/aws_iam_role_1.yaml | 23 +- queries/aws_iam_role_10.yaml | 45 +- queries/aws_iam_role_2.yaml | 24 +- queries/aws_iam_role_3.yaml | 23 +- queries/aws_iam_role_4.yaml | 33 +- queries/aws_iam_role_5.yaml | 36 +- queries/aws_iam_role_6.yaml | 42 +- queries/aws_iam_role_7.yaml | 93 +- queries/aws_iam_role_8.yaml | 47 +- queries/aws_iam_role_9.yaml | 27 +- queries/aws_iam_saml_provider_1.yaml | 24 +- queries/aws_iam_saml_provider_2.yaml | 29 +- queries/aws_iam_saml_provider_3.yaml | 27 +- queries/aws_iam_server_certificate_1.yaml | 21 +- queries/aws_iam_server_certificate_2.yaml | 21 +- ...aws_iam_service_specific_credential_1.yaml | 24 +- ...aws_iam_service_specific_credential_2.yaml | 32 +- ...aws_iam_service_specific_credential_3.yaml | 27 +- queries/aws_iam_user_1.yaml | 27 +- queries/aws_iam_user_2.yaml | 28 +- queries/aws_iam_user_3.yaml | 28 +- queries/aws_iam_user_4.yaml | 25 +- queries/aws_iam_user_5.yaml | 26 +- queries/aws_iam_user_6.yaml | 24 +- queries/aws_iam_virtual_mfa_device_1.yaml | 22 +- queries/aws_iam_virtual_mfa_device_2.yaml | 27 +- queries/aws_identitystore_group_1.yaml | 22 +- queries/aws_identitystore_group_2.yaml | 20 +- .../aws_identitystore_group_membership_1.yaml | 24 +- .../aws_identitystore_group_membership_2.yaml | 28 +- .../aws_identitystore_group_membership_3.yaml | 28 +- queries/aws_identitystore_user_1.yaml | 23 +- queries/aws_identitystore_user_2.yaml | 25 +- queries/aws_inspector2_coverage_1.yaml | 24 +- queries/aws_inspector2_coverage_2.yaml | 27 +- queries/aws_inspector2_coverage_3.yaml | 29 +- queries/aws_inspector2_coverage_4.yaml | 31 +- queries/aws_inspector2_coverage_5.yaml | 29 +- queries/aws_inspector2_coverage_6.yaml | 24 +- queries/aws_inspector2_coverage_7.yaml | 33 +- queries/aws_inspector2_coverage_8.yaml | 34 +- queries/aws_inspector2_coverage_9.yaml | 34 +- .../aws_inspector2_coverage_statistics_1.yaml | 18 +- .../aws_inspector2_coverage_statistics_2.yaml | 21 +- queries/aws_inspector2_finding_1.yaml | 27 +- queries/aws_inspector2_finding_10.yaml | 31 +- queries/aws_inspector2_finding_11.yaml | 31 +- queries/aws_inspector2_finding_12.yaml | 36 +- queries/aws_inspector2_finding_13.yaml | 29 +- queries/aws_inspector2_finding_14.yaml | 31 +- queries/aws_inspector2_finding_15.yaml | 33 +- queries/aws_inspector2_finding_2.yaml | 30 +- queries/aws_inspector2_finding_3.yaml | 27 +- queries/aws_inspector2_finding_4.yaml | 28 +- queries/aws_inspector2_finding_5.yaml | 28 +- queries/aws_inspector2_finding_6.yaml | 30 +- queries/aws_inspector2_finding_7.yaml | 30 +- queries/aws_inspector2_finding_8.yaml | 42 +- queries/aws_inspector2_finding_9.yaml | 31 +- queries/aws_inspector2_member_1.yaml | 21 +- queries/aws_inspector2_member_2.yaml | 26 +- queries/aws_inspector2_member_3.yaml | 25 +- queries/aws_inspector_assessment_run_1.yaml | 23 +- queries/aws_inspector_assessment_run_2.yaml | 26 +- queries/aws_inspector_assessment_run_3.yaml | 29 +- queries/aws_inspector_assessment_run_4.yaml | 27 +- queries/aws_inspector_assessment_run_5.yaml | 21 +- queries/aws_inspector_assessment_run_6.yaml | 28 +- .../aws_inspector_assessment_target_1.yaml | 30 +- .../aws_inspector_assessment_target_2.yaml | 33 +- .../aws_inspector_assessment_target_3.yaml | 33 +- .../aws_inspector_assessment_template_1.yaml | 26 +- .../aws_inspector_assessment_template_2.yaml | 30 +- .../aws_inspector_assessment_template_3.yaml | 28 +- .../aws_inspector_assessment_template_4.yaml | 28 +- .../aws_inspector_assessment_template_5.yaml | 28 +- .../aws_inspector_assessment_template_6.yaml | 30 +- queries/aws_inspector_exclusion_1.yaml | 24 +- queries/aws_inspector_exclusion_2.yaml | 26 +- queries/aws_inspector_exclusion_3.yaml | 20 +- queries/aws_inspector_exclusion_4.yaml | 27 +- queries/aws_inspector_exclusion_5.yaml | 29 +- queries/aws_inspector_finding_1.yaml | 26 +- queries/aws_inspector_finding_10.yaml | 28 +- queries/aws_inspector_finding_2.yaml | 29 +- queries/aws_inspector_finding_3.yaml | 24 +- queries/aws_inspector_finding_4.yaml | 24 +- queries/aws_inspector_finding_5.yaml | 23 +- queries/aws_inspector_finding_6.yaml | 27 +- queries/aws_inspector_finding_7.yaml | 36 +- queries/aws_inspector_finding_8.yaml | 24 +- queries/aws_inspector_finding_9.yaml | 30 +- queries/aws_iot_fleet_metric_1.yaml | 24 +- queries/aws_iot_fleet_metric_2.yaml | 25 +- queries/aws_iot_fleet_metric_3.yaml | 28 +- queries/aws_iot_thing_1.yaml | 22 +- queries/aws_iot_thing_2.yaml | 24 +- queries/aws_iot_thing_3.yaml | 24 +- queries/aws_iot_thing_group_1.yaml | 26 +- queries/aws_iot_thing_group_2.yaml | 25 +- queries/aws_iot_thing_group_3.yaml | 28 +- queries/aws_iot_thing_group_4.yaml | 27 +- queries/aws_iot_thing_type_1.yaml | 22 +- queries/aws_iot_thing_type_2.yaml | 27 +- queries/aws_iot_thing_type_3.yaml | 27 +- queries/aws_iot_thing_type_4.yaml | 28 +- queries/aws_kinesis_consumer_1.yaml | 22 +- queries/aws_kinesis_consumer_2.yaml | 25 +- ...ws_kinesis_firehose_delivery_stream_1.yaml | 21 +- ...ws_kinesis_firehose_delivery_stream_2.yaml | 27 +- ...ws_kinesis_firehose_delivery_stream_3.yaml | 29 +- ...ws_kinesis_firehose_delivery_stream_4.yaml | 27 +- ...ws_kinesis_firehose_delivery_stream_5.yaml | 27 +- queries/aws_kinesis_stream_1.yaml | 25 +- queries/aws_kinesis_stream_2.yaml | 28 +- queries/aws_kinesis_stream_3.yaml | 26 +- queries/aws_kinesis_stream_4.yaml | 26 +- queries/aws_kinesis_stream_5.yaml | 29 +- queries/aws_kinesis_video_stream_1.yaml | 24 +- queries/aws_kinesis_video_stream_2.yaml | 24 +- queries/aws_kinesis_video_stream_3.yaml | 28 +- queries/aws_kinesis_video_stream_4.yaml | 28 +- .../aws_kinesisanalyticsv2_application_1.yaml | 28 +- .../aws_kinesisanalyticsv2_application_2.yaml | 27 +- .../aws_kinesisanalyticsv2_application_3.yaml | 27 +- queries/aws_kms_alias_1.yaml | 24 +- queries/aws_kms_alias_2.yaml | 27 +- queries/aws_kms_alias_3.yaml | 29 +- queries/aws_kms_alias_4.yaml | 26 +- queries/aws_kms_key_1.yaml | 24 +- queries/aws_kms_key_2.yaml | 23 +- queries/aws_kms_key_3.yaml | 24 +- queries/aws_kms_key_4.yaml | 23 +- queries/aws_kms_key_5.yaml | 23 +- queries/aws_kms_key_rotation_1.yaml | 23 +- queries/aws_kms_key_rotation_2.yaml | 24 +- queries/aws_kms_key_rotation_3.yaml | 29 +- queries/aws_kms_key_rotation_4.yaml | 25 +- queries/aws_lambda_alias_1.yaml | 20 +- queries/aws_lambda_alias_2.yaml | 21 +- queries/aws_lambda_alias_3.yaml | 21 +- queries/aws_lambda_alias_4.yaml | 22 +- .../aws_lambda_event_source_mapping_1.yaml | 24 +- .../aws_lambda_event_source_mapping_2.yaml | 23 +- .../aws_lambda_event_source_mapping_3.yaml | 19 +- .../aws_lambda_event_source_mapping_4.yaml | 23 +- .../aws_lambda_event_source_mapping_5.yaml | 20 +- .../aws_lambda_event_source_mapping_6.yaml | 24 +- .../aws_lambda_event_source_mapping_7.yaml | 27 +- .../aws_lambda_event_source_mapping_8.yaml | 26 +- queries/aws_lambda_function_1.yaml | 23 +- queries/aws_lambda_function_10.yaml | 23 +- queries/aws_lambda_function_2.yaml | 22 +- queries/aws_lambda_function_3.yaml | 24 +- queries/aws_lambda_function_4.yaml | 31 +- queries/aws_lambda_function_5.yaml | 32 +- queries/aws_lambda_function_6.yaml | 42 +- queries/aws_lambda_function_7.yaml | 22 +- queries/aws_lambda_function_8.yaml | 22 +- queries/aws_lambda_function_9.yaml | 23 +- ...mbda_function_metric_duration_daily_1.yaml | 26 +- ...mbda_function_metric_duration_daily_2.yaml | 28 +- ...mbda_function_metric_duration_daily_3.yaml | 28 +- ...lambda_function_metric_errors_daily_1.yaml | 26 +- ...lambda_function_metric_errors_daily_2.yaml | 28 +- ...a_function_metric_invocations_daily_1.yaml | 22 +- ...a_function_metric_invocations_daily_2.yaml | 28 +- queries/aws_lambda_layer_1.yaml | 27 +- queries/aws_lambda_layer_version_1.yaml | 26 +- queries/aws_lambda_version_1.yaml | 23 +- queries/aws_lambda_version_2.yaml | 22 +- queries/aws_lambda_version_3.yaml | 22 +- queries/aws_lambda_version_4.yaml | 21 +- queries/aws_lightsail_bucket_1.yaml | 20 +- queries/aws_lightsail_bucket_2.yaml | 23 +- queries/aws_lightsail_bucket_3.yaml | 22 +- queries/aws_lightsail_bucket_4.yaml | 21 +- queries/aws_lightsail_bucket_5.yaml | 21 +- queries/aws_lightsail_bucket_6.yaml | 21 +- queries/aws_lightsail_bucket_7.yaml | 24 +- queries/aws_lightsail_instance_1.yaml | 25 +- queries/aws_lightsail_instance_2.yaml | 25 +- queries/aws_lightsail_instance_3.yaml | 25 +- queries/aws_lightsail_instance_4.yaml | 21 +- queries/aws_lightsail_instance_5.yaml | 20 +- queries/aws_macie2_classification_job_1.yaml | 22 +- queries/aws_macie2_classification_job_2.yaml | 24 +- queries/aws_macie2_classification_job_3.yaml | 25 +- queries/aws_macie2_classification_job_4.yaml | 22 +- queries/aws_media_store_container_1.yaml | 25 +- queries/aws_media_store_container_2.yaml | 26 +- queries/aws_media_store_container_3.yaml | 20 +- queries/aws_media_store_container_4.yaml | 24 +- queries/aws_memorydb_cluster_1.yaml | 25 +- queries/aws_memorydb_cluster_2.yaml | 24 +- queries/aws_memorydb_cluster_3.yaml | 22 +- queries/aws_memorydb_cluster_4.yaml | 22 +- queries/aws_memorydb_cluster_5.yaml | 21 +- queries/aws_memorydb_cluster_6.yaml | 24 +- queries/aws_memorydb_cluster_7.yaml | 21 +- queries/aws_memorydb_cluster_8.yaml | 24 +- queries/aws_memorydb_cluster_9.yaml | 23 +- queries/aws_mgn_application_1.yaml | 24 +- queries/aws_mgn_application_2.yaml | 26 +- queries/aws_mgn_application_3.yaml | 26 +- queries/aws_mgn_application_4.yaml | 27 +- queries/aws_mq_broker_1.yaml | 28 +- queries/aws_mq_broker_2.yaml | 26 +- queries/aws_mq_broker_3.yaml | 22 +- queries/aws_mq_broker_4.yaml | 23 +- queries/aws_mq_broker_5.yaml | 23 +- queries/aws_msk_cluster_1.yaml | 24 +- queries/aws_msk_cluster_2.yaml | 22 +- queries/aws_msk_cluster_3.yaml | 25 +- queries/aws_msk_cluster_4.yaml | 25 +- queries/aws_msk_cluster_5.yaml | 23 +- queries/aws_msk_cluster_6.yaml | 22 +- queries/aws_msk_cluster_7.yaml | 17 +- queries/aws_msk_serverless_cluster_1.yaml | 27 +- queries/aws_msk_serverless_cluster_2.yaml | 23 +- queries/aws_msk_serverless_cluster_3.yaml | 28 +- queries/aws_msk_serverless_cluster_4.yaml | 27 +- queries/aws_msk_serverless_cluster_5.yaml | 26 +- queries/aws_neptune_db_cluster_1.yaml | 24 +- queries/aws_neptune_db_cluster_2.yaml | 21 +- queries/aws_neptune_db_cluster_3.yaml | 19 +- queries/aws_neptune_db_cluster_4.yaml | 26 +- .../aws_neptune_db_cluster_snapshot_1.yaml | 22 +- .../aws_neptune_db_cluster_snapshot_2.yaml | 22 +- .../aws_neptune_db_cluster_snapshot_3.yaml | 23 +- .../aws_neptune_db_cluster_snapshot_4.yaml | 25 +- queries/aws_networkfirewall_firewall_1.yaml | 28 +- queries/aws_networkfirewall_firewall_2.yaml | 26 +- queries/aws_networkfirewall_firewall_3.yaml | 25 +- queries/aws_networkfirewall_firewall_4.yaml | 25 +- queries/aws_networkfirewall_firewall_5.yaml | 25 +- queries/aws_networkfirewall_firewall_6.yaml | 34 +- queries/aws_networkfirewall_firewall_7.yaml | 30 +- queries/aws_networkfirewall_firewall_8.yaml | 27 +- ...aws_networkfirewall_firewall_policy_1.yaml | 24 +- ...aws_networkfirewall_firewall_policy_2.yaml | 24 +- ...aws_networkfirewall_firewall_policy_3.yaml | 25 +- ...aws_networkfirewall_firewall_policy_4.yaml | 25 +- ...aws_networkfirewall_firewall_policy_5.yaml | 25 +- ...aws_networkfirewall_firewall_policy_6.yaml | 25 +- ...aws_networkfirewall_firewall_policy_7.yaml | 23 +- queries/aws_networkfirewall_rule_group_1.yaml | 23 +- queries/aws_networkfirewall_rule_group_2.yaml | 23 +- queries/aws_networkfirewall_rule_group_3.yaml | 28 +- queries/aws_networkfirewall_rule_group_4.yaml | 27 +- queries/aws_networkfirewall_rule_group_5.yaml | 25 +- queries/aws_oam_link_1.yaml | 24 +- queries/aws_oam_link_2.yaml | 22 +- queries/aws_oam_link_3.yaml | 26 +- queries/aws_oam_sink_1.yaml | 23 +- queries/aws_oam_sink_2.yaml | 24 +- queries/aws_opensearch_domain_1.yaml | 22 +- queries/aws_opensearch_domain_2.yaml | 27 +- queries/aws_opensearch_domain_3.yaml | 28 +- queries/aws_opensearch_domain_4.yaml | 31 +- queries/aws_opensearch_domain_5.yaml | 24 +- queries/aws_opensearch_domain_6.yaml | 26 +- queries/aws_opensearch_domain_7.yaml | 22 +- queries/aws_opensearch_domain_8.yaml | 23 +- queries/aws_organizations_account_1.yaml | 25 +- queries/aws_organizations_account_2.yaml | 28 +- ...s_organizations_organizational_unit_1.yaml | 23 +- ...s_organizations_organizational_unit_2.yaml | 23 +- ...s_organizations_organizational_unit_3.yaml | 23 +- ...s_organizations_organizational_unit_4.yaml | 23 +- ...s_organizations_organizational_unit_5.yaml | 32 +- ...s_organizations_organizational_unit_6.yaml | 23 +- queries/aws_organizations_policy_1.yaml | 27 +- queries/aws_organizations_policy_2.yaml | 28 +- queries/aws_organizations_policy_3.yaml | 27 +- queries/aws_organizations_policy_4.yaml | 27 +- .../aws_organizations_policy_target_1.yaml | 29 +- .../aws_organizations_policy_target_2.yaml | 30 +- .../aws_organizations_policy_target_3.yaml | 29 +- .../aws_organizations_policy_target_4.yaml | 26 +- queries/aws_organizations_root_1.yaml | 20 +- queries/aws_organizations_root_2.yaml | 26 +- queries/aws_pinpoint_app_1.yaml | 23 +- queries/aws_pinpoint_app_2.yaml | 21 +- queries/aws_pinpoint_app_3.yaml | 23 +- queries/aws_pinpoint_app_4.yaml | 26 +- queries/aws_pipes_pipe_1.yaml | 22 +- queries/aws_pipes_pipe_2.yaml | 27 +- queries/aws_pipes_pipe_3.yaml | 41 +- queries/aws_pipes_pipe_4.yaml | 21 +- queries/aws_pipes_pipe_5.yaml | 26 +- queries/aws_pipes_pipe_6.yaml | 30 +- queries/aws_pricing_product_1.yaml | 49 +- queries/aws_pricing_product_2.yaml | 41 +- queries/aws_pricing_product_3.yaml | 40 +- queries/aws_pricing_service_attribute_1.yaml | 20 +- queries/aws_pricing_service_attribute_2.yaml | 24 +- queries/aws_pricing_service_attribute_3.yaml | 23 +- queries/aws_ram_principal_association_1.yaml | 29 +- queries/aws_ram_principal_association_2.yaml | 33 +- queries/aws_ram_principal_association_3.yaml | 29 +- queries/aws_ram_resource_association_1.yaml | 21 +- queries/aws_ram_resource_association_2.yaml | 27 +- queries/aws_ram_resource_association_3.yaml | 23 +- queries/aws_rds_db_cluster_1.yaml | 26 +- queries/aws_rds_db_cluster_2.yaml | 23 +- queries/aws_rds_db_cluster_3.yaml | 19 +- queries/aws_rds_db_cluster_4.yaml | 28 +- queries/aws_rds_db_cluster_5.yaml | 32 +- .../aws_rds_db_cluster_parameter_group_1.yaml | 25 +- .../aws_rds_db_cluster_parameter_group_2.yaml | 38 +- queries/aws_rds_db_cluster_snapshot_1.yaml | 26 +- queries/aws_rds_db_cluster_snapshot_2.yaml | 22 +- queries/aws_rds_db_cluster_snapshot_3.yaml | 21 +- queries/aws_rds_db_cluster_snapshot_4.yaml | 24 +- queries/aws_rds_db_engine_version_1.yaml | 22 +- queries/aws_rds_db_engine_version_2.yaml | 22 +- queries/aws_rds_db_engine_version_3.yaml | 24 +- queries/aws_rds_db_engine_version_4.yaml | 22 +- queries/aws_rds_db_engine_version_5.yaml | 28 +- queries/aws_rds_db_event_subscription_1.yaml | 24 +- queries/aws_rds_db_event_subscription_2.yaml | 23 +- queries/aws_rds_db_instance_1.yaml | 22 +- queries/aws_rds_db_instance_10.yaml | 25 +- queries/aws_rds_db_instance_11.yaml | 29 +- queries/aws_rds_db_instance_12.yaml | 28 +- queries/aws_rds_db_instance_2.yaml | 23 +- queries/aws_rds_db_instance_3.yaml | 23 +- queries/aws_rds_db_instance_4.yaml | 32 +- queries/aws_rds_db_instance_5.yaml | 24 +- queries/aws_rds_db_instance_6.yaml | 23 +- queries/aws_rds_db_instance_7.yaml | 23 +- queries/aws_rds_db_instance_8.yaml | 61 +- queries/aws_rds_db_instance_9.yaml | 30 +- ...ws_rds_db_instance_automated_backup_1.yaml | 25 +- ...ws_rds_db_instance_automated_backup_2.yaml | 29 +- ...ws_rds_db_instance_automated_backup_3.yaml | 29 +- ...ws_rds_db_instance_automated_backup_4.yaml | 28 +- ...ws_rds_db_instance_automated_backup_5.yaml | 29 +- ...ws_rds_db_instance_automated_backup_6.yaml | 31 +- ..._rds_db_instance_metric_connections_1.yaml | 29 +- ..._rds_db_instance_metric_connections_2.yaml | 31 +- ...b_instance_metric_connections_daily_1.yaml | 27 +- ...b_instance_metric_connections_daily_2.yaml | 29 +- ...b_instance_metric_connections_daily_3.yaml | 30 +- ..._instance_metric_connections_hourly_1.yaml | 30 +- ..._instance_metric_connections_hourly_2.yaml | 30 +- ..._db_instance_metric_cpu_utilization_1.yaml | 27 +- ..._db_instance_metric_cpu_utilization_2.yaml | 29 +- ...stance_metric_cpu_utilization_daily_1.yaml | 27 +- ...stance_metric_cpu_utilization_daily_2.yaml | 29 +- ...stance_metric_cpu_utilization_daily_3.yaml | 29 +- ...tance_metric_cpu_utilization_hourly_1.yaml | 29 +- ...tance_metric_cpu_utilization_hourly_2.yaml | 29 +- ...tance_metric_cpu_utilization_hourly_3.yaml | 29 +- ...ws_rds_db_instance_metric_read_iops_1.yaml | 29 +- ...ws_rds_db_instance_metric_read_iops_2.yaml | 33 +- ...ws_rds_db_instance_metric_read_iops_3.yaml | 33 +- ...ws_rds_db_instance_metric_read_iops_4.yaml | 42 +- ..._db_instance_metric_read_iops_daily_1.yaml | 30 +- ..._db_instance_metric_read_iops_daily_2.yaml | 30 +- ..._db_instance_metric_read_iops_daily_3.yaml | 32 +- ..._db_instance_metric_read_iops_daily_4.yaml | 42 +- ...db_instance_metric_read_iops_hourly_1.yaml | 30 +- ...db_instance_metric_read_iops_hourly_2.yaml | 32 +- ...db_instance_metric_read_iops_hourly_3.yaml | 30 +- ...db_instance_metric_read_iops_hourly_4.yaml | 41 +- ...db_instance_metric_read_iops_hourly_5.yaml | 44 +- ...s_rds_db_instance_metric_write_iops_1.yaml | 30 +- ...s_rds_db_instance_metric_write_iops_2.yaml | 30 +- ...s_rds_db_instance_metric_write_iops_3.yaml | 30 +- ...s_rds_db_instance_metric_write_iops_4.yaml | 41 +- ...db_instance_metric_write_iops_daily_1.yaml | 27 +- ...db_instance_metric_write_iops_daily_2.yaml | 31 +- ...db_instance_metric_write_iops_daily_3.yaml | 29 +- ...db_instance_metric_write_iops_daily_4.yaml | 41 +- ...b_instance_metric_write_iops_hourly_1.yaml | 28 +- ...b_instance_metric_write_iops_hourly_2.yaml | 30 +- ...b_instance_metric_write_iops_hourly_3.yaml | 30 +- ...b_instance_metric_write_iops_hourly_4.yaml | 41 +- ...b_instance_metric_write_iops_hourly_5.yaml | 44 +- queries/aws_rds_db_option_group_1.yaml | 22 +- queries/aws_rds_db_option_group_2.yaml | 23 +- queries/aws_rds_db_option_group_3.yaml | 29 +- queries/aws_rds_db_parameter_group_1.yaml | 23 +- queries/aws_rds_db_parameter_group_2.yaml | 36 +- queries/aws_rds_db_proxy_1.yaml | 20 +- queries/aws_rds_db_proxy_2.yaml | 28 +- queries/aws_rds_db_recommendation_1.yaml | 24 +- queries/aws_rds_db_recommendation_2.yaml | 26 +- queries/aws_rds_db_recommendation_3.yaml | 21 +- queries/aws_rds_db_recommendation_4.yaml | 23 +- queries/aws_rds_db_recommendation_5.yaml | 23 +- queries/aws_rds_db_recommendation_6.yaml | 27 +- queries/aws_rds_db_recommendation_7.yaml | 35 +- queries/aws_rds_db_snapshot_1.yaml | 23 +- queries/aws_rds_db_snapshot_2.yaml | 21 +- queries/aws_rds_db_snapshot_3.yaml | 23 +- queries/aws_rds_db_snapshot_4.yaml | 23 +- queries/aws_rds_db_subnet_group_1.yaml | 21 +- queries/aws_rds_db_subnet_group_2.yaml | 26 +- queries/aws_rds_db_subnet_group_3.yaml | 21 +- queries/aws_rds_reserved_db_instance_1.yaml | 24 +- queries/aws_rds_reserved_db_instance_2.yaml | 26 +- queries/aws_rds_reserved_db_instance_3.yaml | 27 +- queries/aws_rds_reserved_db_instance_4.yaml | 27 +- queries/aws_rds_reserved_db_instance_5.yaml | 28 +- queries/aws_rds_reserved_db_instance_6.yaml | 28 +- queries/aws_redshift_cluster_1.yaml | 24 +- queries/aws_redshift_cluster_2.yaml | 26 +- queries/aws_redshift_cluster_3.yaml | 26 +- queries/aws_redshift_cluster_4.yaml | 26 +- queries/aws_redshift_cluster_5.yaml | 22 +- ...luster_metric_cpu_utilization_daily_1.yaml | 27 +- ...luster_metric_cpu_utilization_daily_2.yaml | 29 +- ...luster_metric_cpu_utilization_daily_3.yaml | 29 +- .../aws_redshift_event_subscription_1.yaml | 24 +- .../aws_redshift_event_subscription_2.yaml | 26 +- .../aws_redshift_event_subscription_3.yaml | 22 +- .../aws_redshift_event_subscription_4.yaml | 25 +- queries/aws_redshift_parameter_group_1.yaml | 22 +- queries/aws_redshift_parameter_group_2.yaml | 38 +- queries/aws_redshift_snapshot_1.yaml | 21 +- queries/aws_redshift_snapshot_2.yaml | 21 +- queries/aws_redshift_snapshot_3.yaml | 25 +- queries/aws_redshift_snapshot_4.yaml | 24 +- queries/aws_redshift_snapshot_5.yaml | 21 +- queries/aws_redshift_snapshot_6.yaml | 22 +- queries/aws_redshift_subnet_group_1.yaml | 22 +- queries/aws_redshift_subnet_group_2.yaml | 29 +- queries/aws_redshift_subnet_group_3.yaml | 22 +- .../aws_redshiftserverless_namespace_1.yaml | 28 +- .../aws_redshiftserverless_namespace_2.yaml | 31 +- .../aws_redshiftserverless_namespace_3.yaml | 31 +- .../aws_redshiftserverless_namespace_4.yaml | 26 +- .../aws_redshiftserverless_workgroup_1.yaml | 26 +- .../aws_redshiftserverless_workgroup_2.yaml | 29 +- .../aws_redshiftserverless_workgroup_3.yaml | 27 +- .../aws_redshiftserverless_workgroup_4.yaml | 20 +- .../aws_redshiftserverless_workgroup_5.yaml | 24 +- .../aws_redshiftserverless_workgroup_6.yaml | 24 +- queries/aws_region_1.yaml | 18 +- queries/aws_region_2.yaml | 23 +- queries/aws_resource_explorer_index_1.yaml | 19 +- queries/aws_resource_explorer_index_2.yaml | 24 +- queries/aws_resource_explorer_search_1.yaml | 26 +- queries/aws_resource_explorer_search_2.yaml | 28 +- queries/aws_resource_explorer_search_3.yaml | 26 +- queries/aws_resource_explorer_search_4.yaml | 28 +- queries/aws_resource_explorer_search_5.yaml | 28 +- queries/aws_resource_explorer_search_6.yaml | 26 +- queries/aws_resource_explorer_search_7.yaml | 28 +- queries/aws_resource_explorer_search_8.yaml | 26 +- ...ce_explorer_supported_resource_type_1.yaml | 20 +- ...ce_explorer_supported_resource_type_2.yaml | 23 +- queries/aws_route53_domain_1.yaml | 20 +- queries/aws_route53_domain_2.yaml | 24 +- queries/aws_route53_domain_3.yaml | 22 +- queries/aws_route53_health_check_1.yaml | 22 +- queries/aws_route53_health_check_2.yaml | 36 +- queries/aws_route53_health_check_3.yaml | 27 +- queries/aws_route53_health_check_4.yaml | 24 +- queries/aws_route53_health_check_5.yaml | 28 +- queries/aws_route53_health_check_6.yaml | 33 +- queries/aws_route53_health_check_7.yaml | 32 +- queries/aws_route53_query_log_1.yaml | 24 +- queries/aws_route53_query_log_2.yaml | 27 +- queries/aws_route53_query_log_3.yaml | 23 +- queries/aws_route53_record_1.yaml | 26 +- queries/aws_route53_record_2.yaml | 29 +- queries/aws_route53_record_3.yaml | 27 +- queries/aws_route53_record_4.yaml | 31 +- queries/aws_route53_record_5.yaml | 27 +- queries/aws_route53_record_6.yaml | 34 +- queries/aws_route53_record_7.yaml | 31 +- queries/aws_route53_resolver_endpoint_1.yaml | 23 +- queries/aws_route53_resolver_endpoint_2.yaml | 25 +- queries/aws_route53_resolver_endpoint_3.yaml | 25 +- queries/aws_route53_resolver_endpoint_4.yaml | 24 +- ...s_route53_resolver_query_log_config_1.yaml | 22 +- ...s_route53_resolver_query_log_config_2.yaml | 30 +- ...s_route53_resolver_query_log_config_3.yaml | 22 +- ...s_route53_resolver_query_log_config_4.yaml | 22 +- ...s_route53_resolver_query_log_config_5.yaml | 24 +- queries/aws_route53_resolver_rule_1.yaml | 23 +- queries/aws_route53_resolver_rule_2.yaml | 25 +- queries/aws_route53_resolver_rule_3.yaml | 21 +- queries/aws_route53_resolver_rule_4.yaml | 25 +- queries/aws_route53_traffic_policy_1.yaml | 23 +- queries/aws_route53_traffic_policy_2.yaml | 34 +- queries/aws_route53_traffic_policy_3.yaml | 22 +- ...aws_route53_traffic_policy_instance_1.yaml | 24 +- ...aws_route53_traffic_policy_instance_2.yaml | 27 +- ...aws_route53_traffic_policy_instance_3.yaml | 30 +- ...aws_route53_traffic_policy_instance_4.yaml | 29 +- ...ute53_vpc_association_authorization_1.yaml | 23 +- ...ute53_vpc_association_authorization_2.yaml | 25 +- ...ute53_vpc_association_authorization_3.yaml | 28 +- queries/aws_route53_zone_1.yaml | 21 +- queries/aws_route53_zone_2.yaml | 24 +- queries/aws_route53_zone_3.yaml | 26 +- queries/aws_route53_zone_4.yaml | 23 +- queries/aws_route53_zone_5.yaml | 22 +- queries/aws_route53_zone_6.yaml | 29 +- queries/aws_s3_access_point_1.yaml | 19 +- queries/aws_s3_access_point_2.yaml | 24 +- queries/aws_s3_access_point_3.yaml | 31 +- queries/aws_s3_access_point_4.yaml | 23 +- queries/aws_s3_access_point_5.yaml | 21 +- queries/aws_s3_bucket_1.yaml | 23 +- queries/aws_s3_bucket_10.yaml | 38 +- queries/aws_s3_bucket_11.yaml | 24 +- queries/aws_s3_bucket_12.yaml | 24 +- queries/aws_s3_bucket_13.yaml | 23 +- queries/aws_s3_bucket_2.yaml | 25 +- queries/aws_s3_bucket_3.yaml | 25 +- queries/aws_s3_bucket_4.yaml | 31 +- queries/aws_s3_bucket_5.yaml | 23 +- queries/aws_s3_bucket_6.yaml | 23 +- queries/aws_s3_bucket_7.yaml | 23 +- queries/aws_s3_bucket_8.yaml | 40 +- queries/aws_s3_bucket_9.yaml | 42 +- ...t_intelligent_tiering_configuration_1.yaml | 23 +- ...t_intelligent_tiering_configuration_2.yaml | 49 +- ...t_intelligent_tiering_configuration_3.yaml | 26 +- ...t_intelligent_tiering_configuration_4.yaml | 27 +- ...t_intelligent_tiering_configuration_5.yaml | 24 +- .../aws_s3_multi_region_access_point_1.yaml | 21 +- .../aws_s3_multi_region_access_point_2.yaml | 33 +- .../aws_s3_multi_region_access_point_3.yaml | 20 +- .../aws_s3_multi_region_access_point_4.yaml | 23 +- .../aws_s3_multi_region_access_point_5.yaml | 30 +- queries/aws_s3_object_1.yaml | 27 +- queries/aws_s3_object_10.yaml | 24 +- queries/aws_s3_object_11.yaml | 29 +- queries/aws_s3_object_12.yaml | 40 +- queries/aws_s3_object_13.yaml | 31 +- queries/aws_s3_object_2.yaml | 27 +- queries/aws_s3_object_3.yaml | 27 +- queries/aws_s3_object_4.yaml | 27 +- queries/aws_s3_object_5.yaml | 27 +- queries/aws_s3_object_6.yaml | 30 +- queries/aws_s3_object_7.yaml | 26 +- queries/aws_s3_object_8.yaml | 26 +- queries/aws_s3_object_9.yaml | 31 +- queries/aws_s3_object_version_1.yaml | 27 +- queries/aws_s3_object_version_2.yaml | 32 +- queries/aws_sagemaker_app_1.yaml | 20 +- queries/aws_sagemaker_app_2.yaml | 26 +- queries/aws_sagemaker_domain_1.yaml | 20 +- queries/aws_sagemaker_domain_2.yaml | 25 +- queries/aws_sagemaker_domain_3.yaml | 25 +- ...ws_sagemaker_endpoint_configuration_1.yaml | 23 +- ...ws_sagemaker_endpoint_configuration_2.yaml | 24 +- queries/aws_sagemaker_model_1.yaml | 21 +- queries/aws_sagemaker_model_2.yaml | 23 +- .../aws_sagemaker_notebook_instance_1.yaml | 24 +- .../aws_sagemaker_notebook_instance_2.yaml | 23 +- .../aws_sagemaker_notebook_instance_3.yaml | 23 +- .../aws_sagemaker_notebook_instance_4.yaml | 23 +- queries/aws_sagemaker_training_job_1.yaml | 22 +- queries/aws_sagemaker_training_job_2.yaml | 27 +- queries/aws_sagemaker_training_job_3.yaml | 25 +- queries/aws_secretsmanager_secret_1.yaml | 21 +- queries/aws_secretsmanager_secret_2.yaml | 27 +- queries/aws_secretsmanager_secret_3.yaml | 25 +- queries/aws_secretsmanager_secret_4.yaml | 27 +- queries/aws_secretsmanager_secret_5.yaml | 22 +- queries/aws_securityhub_action_target_1.yaml | 20 +- queries/aws_securityhub_action_target_2.yaml | 25 +- ...ityhub_enabled_product_subscription_1.yaml | 22 +- ...ityhub_enabled_product_subscription_2.yaml | 31 +- queries/aws_securityhub_finding_1.yaml | 29 +- queries/aws_securityhub_finding_10.yaml | 28 +- queries/aws_securityhub_finding_11.yaml | 37 +- queries/aws_securityhub_finding_12.yaml | 46 +- queries/aws_securityhub_finding_13.yaml | 43 +- queries/aws_securityhub_finding_14.yaml | 44 +- queries/aws_securityhub_finding_15.yaml | 29 +- queries/aws_securityhub_finding_16.yaml | 32 +- queries/aws_securityhub_finding_17.yaml | 33 +- queries/aws_securityhub_finding_18.yaml | 36 +- queries/aws_securityhub_finding_19.yaml | 31 +- queries/aws_securityhub_finding_2.yaml | 26 +- queries/aws_securityhub_finding_20.yaml | 29 +- queries/aws_securityhub_finding_21.yaml | 29 +- queries/aws_securityhub_finding_22.yaml | 27 +- queries/aws_securityhub_finding_3.yaml | 28 +- queries/aws_securityhub_finding_4.yaml | 31 +- queries/aws_securityhub_finding_5.yaml | 27 +- queries/aws_securityhub_finding_6.yaml | 32 +- queries/aws_securityhub_finding_7.yaml | 27 +- queries/aws_securityhub_finding_8.yaml | 28 +- queries/aws_securityhub_finding_9.yaml | 28 +- .../aws_securityhub_finding_aggregator_1.yaml | 23 +- .../aws_securityhub_finding_aggregator_2.yaml | 25 +- .../aws_securityhub_finding_aggregator_3.yaml | 27 +- .../aws_securityhub_finding_aggregator_4.yaml | 29 +- queries/aws_securityhub_hub_1.yaml | 23 +- queries/aws_securityhub_hub_2.yaml | 23 +- queries/aws_securityhub_hub_3.yaml | 29 +- queries/aws_securityhub_insight_1.yaml | 22 +- queries/aws_securityhub_insight_10.yaml | 25 +- queries/aws_securityhub_insight_2.yaml | 26 +- queries/aws_securityhub_insight_3.yaml | 23 +- queries/aws_securityhub_insight_4.yaml | 21 +- queries/aws_securityhub_insight_5.yaml | 26 +- queries/aws_securityhub_insight_6.yaml | 27 +- queries/aws_securityhub_insight_7.yaml | 26 +- queries/aws_securityhub_insight_8.yaml | 24 +- queries/aws_securityhub_insight_9.yaml | 37 +- queries/aws_securityhub_member_1.yaml | 24 +- queries/aws_securityhub_member_2.yaml | 28 +- queries/aws_securityhub_member_3.yaml | 27 +- queries/aws_securityhub_member_4.yaml | 31 +- queries/aws_securityhub_product_1.yaml | 21 +- queries/aws_securityhub_product_2.yaml | 22 +- queries/aws_securityhub_product_3.yaml | 25 +- .../aws_securityhub_standards_control_1.yaml | 22 +- .../aws_securityhub_standards_control_2.yaml | 22 +- .../aws_securityhub_standards_control_3.yaml | 27 +- .../aws_securityhub_standards_control_4.yaml | 24 +- .../aws_securityhub_standards_control_5.yaml | 23 +- .../aws_securityhub_standards_control_6.yaml | 26 +- .../aws_securityhub_standards_control_7.yaml | 29 +- .../aws_securityhub_standards_control_8.yaml | 27 +- ..._securityhub_standards_subscription_1.yaml | 23 +- ..._securityhub_standards_subscription_2.yaml | 24 +- ..._securityhub_standards_subscription_3.yaml | 27 +- ..._securityhub_standards_subscription_4.yaml | 23 +- queries/aws_securitylake_data_lake_1.yaml | 23 +- queries/aws_securitylake_data_lake_2.yaml | 30 +- queries/aws_securitylake_data_lake_3.yaml | 28 +- queries/aws_securitylake_data_lake_4.yaml | 25 +- queries/aws_securitylake_subscriber_1.yaml | 24 +- queries/aws_securitylake_subscriber_2.yaml | 27 +- queries/aws_securitylake_subscriber_3.yaml | 33 +- queries/aws_securitylake_subscriber_4.yaml | 31 +- queries/aws_securitylake_subscriber_5.yaml | 28 +- ...ssapplicationrepository_application_1.yaml | 23 +- ...ssapplicationrepository_application_2.yaml | 26 +- ...ssapplicationrepository_application_3.yaml | 27 +- queries/aws_service_discovery_instance_1.yaml | 24 +- queries/aws_service_discovery_instance_2.yaml | 25 +- queries/aws_service_discovery_instance_3.yaml | 24 +- queries/aws_service_discovery_instance_4.yaml | 33 +- queries/aws_service_discovery_instance_5.yaml | 33 +- queries/aws_service_discovery_instance_6.yaml | 26 +- .../aws_service_discovery_namespace_1.yaml | 21 +- .../aws_service_discovery_namespace_2.yaml | 24 +- .../aws_service_discovery_namespace_3.yaml | 24 +- .../aws_service_discovery_namespace_4.yaml | 24 +- .../aws_service_discovery_namespace_5.yaml | 22 +- .../aws_service_discovery_namespace_6.yaml | 26 +- .../aws_service_discovery_namespace_7.yaml | 21 +- queries/aws_service_discovery_service_1.yaml | 21 +- queries/aws_service_discovery_service_2.yaml | 24 +- queries/aws_service_discovery_service_3.yaml | 24 +- queries/aws_service_discovery_service_4.yaml | 24 +- queries/aws_service_discovery_service_5.yaml | 21 +- queries/aws_service_discovery_service_6.yaml | 25 +- queries/aws_service_discovery_service_7.yaml | 20 +- queries/aws_service_discovery_service_8.yaml | 27 +- queries/aws_servicecatalog_portfolio_1.yaml | 29 +- queries/aws_servicecatalog_portfolio_2.yaml | 30 +- queries/aws_servicecatalog_portfolio_3.yaml | 31 +- queries/aws_servicecatalog_portfolio_4.yaml | 29 +- queries/aws_servicecatalog_product_1.yaml | 24 +- queries/aws_servicecatalog_product_2.yaml | 26 +- queries/aws_servicecatalog_product_3.yaml | 25 +- queries/aws_servicecatalog_product_4.yaml | 25 +- queries/aws_servicecatalog_product_5.yaml | 25 +- queries/aws_servicecatalog_product_6.yaml | 28 +- ..._servicecatalog_provisioned_product_1.yaml | 27 +- ..._servicecatalog_provisioned_product_2.yaml | 32 +- ..._servicecatalog_provisioned_product_3.yaml | 30 +- ..._servicecatalog_provisioned_product_4.yaml | 34 +- ..._servicecatalog_provisioned_product_5.yaml | 32 +- ...servicequotas_default_service_quota_1.yaml | 23 +- ...servicequotas_default_service_quota_2.yaml | 26 +- ...servicequotas_default_service_quota_3.yaml | 26 +- queries/aws_servicequotas_service_1.yaml | 18 +- queries/aws_servicequotas_service_2.yaml | 20 +- .../aws_servicequotas_service_quota_1.yaml | 25 +- .../aws_servicequotas_service_quota_2.yaml | 25 +- .../aws_servicequotas_service_quota_3.yaml | 28 +- ...quotas_service_quota_change_request_1.yaml | 22 +- ...quotas_service_quota_change_request_2.yaml | 25 +- ...quotas_service_quota_change_request_3.yaml | 25 +- queries/aws_ses_domain_identity_1.yaml | 26 +- queries/aws_ses_domain_identity_2.yaml | 30 +- queries/aws_ses_email_identity_1.yaml | 23 +- queries/aws_ses_email_identity_2.yaml | 25 +- queries/aws_sfn_state_machine_1.yaml | 24 +- queries/aws_sfn_state_machine_2.yaml | 24 +- .../aws_sfn_state_machine_execution_1.yaml | 23 +- .../aws_sfn_state_machine_execution_2.yaml | 25 +- ...sfn_state_machine_execution_history_1.yaml | 24 +- ...sfn_state_machine_execution_history_2.yaml | 29 +- queries/aws_simspaceweaver_simulation_1.yaml | 27 +- queries/aws_simspaceweaver_simulation_2.yaml | 27 +- queries/aws_simspaceweaver_simulation_3.yaml | 25 +- queries/aws_simspaceweaver_simulation_4.yaml | 23 +- queries/aws_simspaceweaver_simulation_5.yaml | 33 +- queries/aws_sns_subscription_1.yaml | 22 +- queries/aws_sns_subscription_2.yaml | 24 +- queries/aws_sns_subscription_3.yaml | 22 +- queries/aws_sns_topic_1.yaml | 21 +- queries/aws_sns_topic_2.yaml | 23 +- queries/aws_sns_topic_3.yaml | 21 +- queries/aws_sns_topic_4.yaml | 31 +- queries/aws_sns_topic_5.yaml | 33 +- queries/aws_sns_topic_6.yaml | 40 +- queries/aws_sns_topic_7.yaml | 28 +- queries/aws_sns_topic_subscription_1.yaml | 22 +- queries/aws_sns_topic_subscription_2.yaml | 22 +- queries/aws_sns_topic_subscription_3.yaml | 24 +- queries/aws_sqs_queue_1.yaml | 23 +- queries/aws_sqs_queue_10.yaml | 31 +- queries/aws_sqs_queue_2.yaml | 25 +- queries/aws_sqs_queue_3.yaml | 24 +- queries/aws_sqs_queue_4.yaml | 24 +- queries/aws_sqs_queue_5.yaml | 21 +- queries/aws_sqs_queue_6.yaml | 23 +- queries/aws_sqs_queue_7.yaml | 23 +- queries/aws_sqs_queue_8.yaml | 38 +- queries/aws_sqs_queue_9.yaml | 33 +- queries/aws_ssm_association_1.yaml | 28 +- queries/aws_ssm_association_2.yaml | 25 +- queries/aws_ssm_association_3.yaml | 28 +- queries/aws_ssm_association_4.yaml | 25 +- queries/aws_ssm_document_1.yaml | 26 +- queries/aws_ssm_document_2.yaml | 26 +- queries/aws_ssm_document_3.yaml | 28 +- queries/aws_ssm_document_4.yaml | 24 +- queries/aws_ssm_document_5.yaml | 27 +- queries/aws_ssm_document_permission_1.yaml | 27 +- queries/aws_ssm_document_permission_2.yaml | 29 +- queries/aws_ssm_inventory_1.yaml | 23 +- queries/aws_ssm_inventory_2.yaml | 35 +- queries/aws_ssm_inventory_3.yaml | 27 +- queries/aws_ssm_inventory_4.yaml | 27 +- queries/aws_ssm_inventory_5.yaml | 41 +- queries/aws_ssm_inventory_entry_1.yaml | 25 +- queries/aws_ssm_inventory_entry_2.yaml | 28 +- queries/aws_ssm_inventory_entry_3.yaml | 28 +- queries/aws_ssm_inventory_entry_4.yaml | 30 +- queries/aws_ssm_inventory_entry_5.yaml | 30 +- queries/aws_ssm_maintenance_window_1.yaml | 25 +- queries/aws_ssm_maintenance_window_2.yaml | 25 +- queries/aws_ssm_maintenance_window_3.yaml | 25 +- queries/aws_ssm_maintenance_window_4.yaml | 22 +- queries/aws_ssm_managed_instance_1.yaml | 25 +- queries/aws_ssm_managed_instance_2.yaml | 23 +- queries/aws_ssm_managed_instance_3.yaml | 26 +- ...aws_ssm_managed_instance_compliance_1.yaml | 28 +- ...aws_ssm_managed_instance_compliance_2.yaml | 31 +- ...aws_ssm_managed_instance_compliance_3.yaml | 31 +- ...aws_ssm_managed_instance_compliance_4.yaml | 26 +- ...ws_ssm_managed_instance_patch_state_1.yaml | 27 +- ...ws_ssm_managed_instance_patch_state_2.yaml | 21 +- ...ws_ssm_managed_instance_patch_state_3.yaml | 23 +- ...ws_ssm_managed_instance_patch_state_4.yaml | 23 +- ...ws_ssm_managed_instance_patch_state_5.yaml | 28 +- ...ws_ssm_managed_instance_patch_state_6.yaml | 25 +- queries/aws_ssm_parameter_1.yaml | 22 +- queries/aws_ssm_parameter_2.yaml | 24 +- queries/aws_ssm_parameter_3.yaml | 21 +- queries/aws_ssm_patch_baseline_1.yaml | 23 +- queries/aws_ssm_patch_baseline_2.yaml | 26 +- queries/aws_ssm_patch_baseline_3.yaml | 29 +- queries/aws_ssm_patch_baseline_4.yaml | 26 +- queries/aws_ssmincidents_response_plan_1.yaml | 24 +- queries/aws_ssmincidents_response_plan_2.yaml | 29 +- queries/aws_ssmincidents_response_plan_3.yaml | 35 +- queries/aws_ssmincidents_response_plan_4.yaml | 25 +- queries/aws_ssmincidents_response_plan_5.yaml | 27 +- .../aws_ssoadmin_account_assignment_1.yaml | 28 +- .../aws_ssoadmin_account_assignment_2.yaml | 60 +- queries/aws_ssoadmin_instance_1.yaml | 20 +- ..._ssoadmin_managed_policy_attachment_1.yaml | 24 +- queries/aws_ssoadmin_permission_set_1.yaml | 26 +- queries/aws_sts_caller_identity_1.yaml | 24 +- queries/aws_sts_caller_identity_2.yaml | 32 +- queries/aws_sts_caller_identity_3.yaml | 32 +- queries/aws_tagging_resource_1.yaml | 24 +- queries/aws_tagging_resource_2.yaml | 23 +- queries/aws_timestreamwrite_database_1.yaml | 22 +- queries/aws_timestreamwrite_database_2.yaml | 22 +- queries/aws_timestreamwrite_database_3.yaml | 24 +- queries/aws_timestreamwrite_database_4.yaml | 24 +- queries/aws_timestreamwrite_database_5.yaml | 21 +- queries/aws_timestreamwrite_table_1.yaml | 23 +- queries/aws_timestreamwrite_table_2.yaml | 22 +- queries/aws_timestreamwrite_table_3.yaml | 27 +- queries/aws_timestreamwrite_table_4.yaml | 23 +- queries/aws_timestreamwrite_table_5.yaml | 24 +- queries/aws_timestreamwrite_table_6.yaml | 19 +- queries/aws_transfer_server_1.yaml | 21 +- queries/aws_transfer_server_2.yaml | 26 +- queries/aws_transfer_server_3.yaml | 21 +- queries/aws_transfer_server_4.yaml | 22 +- queries/aws_transfer_server_5.yaml | 22 +- queries/aws_transfer_server_6.yaml | 27 +- queries/aws_transfer_user_1.yaml | 24 +- queries/aws_transfer_user_2.yaml | 26 +- queries/aws_transfer_user_3.yaml | 27 +- queries/aws_transfer_user_4.yaml | 25 +- .../aws_trusted_advisor_check_summary_1.yaml | 35 +- .../aws_trusted_advisor_check_summary_2.yaml | 31 +- .../aws_trusted_advisor_check_summary_3.yaml | 29 +- .../aws_trusted_advisor_check_summary_4.yaml | 32 +- queries/aws_vpc_1.yaml | 26 +- queries/aws_vpc_2.yaml | 28 +- queries/aws_vpc_3.yaml | 29 +- queries/aws_vpc_customer_gateway_1.yaml | 26 +- queries/aws_vpc_customer_gateway_2.yaml | 21 +- queries/aws_vpc_dhcp_options_1.yaml | 25 +- queries/aws_vpc_dhcp_options_2.yaml | 22 +- queries/aws_vpc_dhcp_options_3.yaml | 23 +- ...ws_vpc_egress_only_internet_gateway_1.yaml | 26 +- ...ws_vpc_egress_only_internet_gateway_2.yaml | 23 +- ...ws_vpc_egress_only_internet_gateway_3.yaml | 26 +- queries/aws_vpc_eip_1.yaml | 22 +- queries/aws_vpc_eip_2.yaml | 22 +- queries/aws_vpc_eip_address_transfer_1.yaml | 23 +- queries/aws_vpc_eip_address_transfer_2.yaml | 24 +- queries/aws_vpc_eip_address_transfer_3.yaml | 26 +- queries/aws_vpc_eip_address_transfer_4.yaml | 37 +- queries/aws_vpc_endpoint_1.yaml | 23 +- queries/aws_vpc_endpoint_2.yaml | 22 +- queries/aws_vpc_endpoint_3.yaml | 30 +- queries/aws_vpc_endpoint_4.yaml | 26 +- queries/aws_vpc_endpoint_5.yaml | 22 +- queries/aws_vpc_endpoint_service_1.yaml | 24 +- queries/aws_vpc_endpoint_service_2.yaml | 22 +- queries/aws_vpc_endpoint_service_3.yaml | 22 +- queries/aws_vpc_endpoint_service_4.yaml | 23 +- queries/aws_vpc_endpoint_service_5.yaml | 23 +- queries/aws_vpc_endpoint_service_6.yaml | 23 +- queries/aws_vpc_endpoint_service_7.yaml | 30 +- queries/aws_vpc_flow_log_1.yaml | 20 +- queries/aws_vpc_flow_log_2.yaml | 26 +- queries/aws_vpc_flow_log_3.yaml | 24 +- queries/aws_vpc_flow_log_4.yaml | 18 +- queries/aws_vpc_flow_log_event_1.yaml | 34 +- queries/aws_vpc_flow_log_event_2.yaml | 39 +- queries/aws_vpc_flow_log_event_3.yaml | 24 +- queries/aws_vpc_flow_log_event_4.yaml | 33 +- queries/aws_vpc_flow_log_event_5.yaml | 40 +- queries/aws_vpc_flow_log_event_6.yaml | 38 +- queries/aws_vpc_internet_gateway_1.yaml | 22 +- queries/aws_vpc_internet_gateway_2.yaml | 24 +- queries/aws_vpc_nat_gateway_1.yaml | 29 +- queries/aws_vpc_nat_gateway_2.yaml | 23 +- queries/aws_vpc_nat_gateway_3.yaml | 25 +- queries/aws_vpc_nat_gateway_4.yaml | 25 +- ...way_metric_bytes_out_to_destination_1.yaml | 30 +- ...way_metric_bytes_out_to_destination_2.yaml | 33 +- queries/aws_vpc_network_acl_1.yaml | 21 +- queries/aws_vpc_network_acl_2.yaml | 24 +- queries/aws_vpc_network_acl_3.yaml | 26 +- queries/aws_vpc_peering_connection_1.yaml | 26 +- queries/aws_vpc_peering_connection_2.yaml | 27 +- queries/aws_vpc_peering_connection_3.yaml | 30 +- queries/aws_vpc_peering_connection_4.yaml | 28 +- queries/aws_vpc_peering_connection_5.yaml | 30 +- queries/aws_vpc_peering_connection_6.yaml | 20 +- queries/aws_vpc_peering_connection_7.yaml | 20 +- queries/aws_vpc_peering_connection_8.yaml | 24 +- queries/aws_vpc_peering_connection_9.yaml | 23 +- queries/aws_vpc_route_1.yaml | 26 +- queries/aws_vpc_route_2.yaml | 23 +- queries/aws_vpc_route_3.yaml | 35 +- queries/aws_vpc_route_table_1.yaml | 21 +- queries/aws_vpc_route_table_2.yaml | 30 +- queries/aws_vpc_route_table_3.yaml | 42 +- queries/aws_vpc_security_group_1.yaml | 35 +- queries/aws_vpc_security_group_2.yaml | 52 +- queries/aws_vpc_security_group_3.yaml | 25 +- queries/aws_vpc_security_group_4.yaml | 25 +- queries/aws_vpc_security_group_rule_1.yaml | 28 +- queries/aws_vpc_security_group_rule_2.yaml | 46 +- queries/aws_vpc_security_group_rule_3.yaml | 32 +- queries/aws_vpc_subnet_1.yaml | 28 +- queries/aws_vpc_subnet_2.yaml | 27 +- queries/aws_vpc_subnet_3.yaml | 24 +- queries/aws_vpc_subnet_4.yaml | 26 +- queries/aws_vpc_subnet_5.yaml | 24 +- .../aws_vpc_verified_access_endpoint_1.yaml | 31 +- .../aws_vpc_verified_access_endpoint_2.yaml | 30 +- .../aws_vpc_verified_access_endpoint_3.yaml | 30 +- .../aws_vpc_verified_access_endpoint_4.yaml | 32 +- .../aws_vpc_verified_access_endpoint_5.yaml | 32 +- .../aws_vpc_verified_access_endpoint_6.yaml | 25 +- .../aws_vpc_verified_access_endpoint_7.yaml | 32 +- queries/aws_vpc_verified_access_group_1.yaml | 27 +- queries/aws_vpc_verified_access_group_2.yaml | 28 +- queries/aws_vpc_verified_access_group_3.yaml | 29 +- queries/aws_vpc_verified_access_group_4.yaml | 32 +- .../aws_vpc_verified_access_instance_1.yaml | 26 +- .../aws_vpc_verified_access_instance_2.yaml | 28 +- .../aws_vpc_verified_access_instance_3.yaml | 39 +- ..._vpc_verified_access_trust_provider_1.yaml | 26 +- ..._vpc_verified_access_trust_provider_2.yaml | 31 +- ..._vpc_verified_access_trust_provider_3.yaml | 30 +- queries/aws_vpc_vpn_connection_1.yaml | 24 +- queries/aws_vpc_vpn_connection_2.yaml | 32 +- queries/aws_vpc_vpn_connection_3.yaml | 24 +- queries/aws_vpc_vpn_gateway_1.yaml | 27 +- queries/aws_vpc_vpn_gateway_2.yaml | 22 +- queries/aws_vpc_vpn_gateway_3.yaml | 26 +- queries/aws_waf_rate_based_rule_1.yaml | 21 +- queries/aws_waf_rate_based_rule_2.yaml | 28 +- queries/aws_waf_rule_1.yaml | 18 +- queries/aws_waf_rule_2.yaml | 23 +- queries/aws_waf_rule_group_1.yaml | 26 +- queries/aws_waf_rule_group_2.yaml | 29 +- queries/aws_waf_rule_group_3.yaml | 29 +- queries/aws_waf_web_acl_1.yaml | 25 +- queries/aws_waf_web_acl_2.yaml | 31 +- queries/aws_waf_web_acl_3.yaml | 27 +- queries/aws_waf_web_acl_4.yaml | 26 +- queries/aws_waf_web_acl_5.yaml | 23 +- queries/aws_wafregional_rule_1.yaml | 22 +- queries/aws_wafregional_rule_2.yaml | 25 +- queries/aws_wafregional_rule_group_1.yaml | 23 +- queries/aws_wafregional_rule_group_2.yaml | 27 +- queries/aws_wafregional_rule_group_3.yaml | 25 +- queries/aws_wafregional_web_acl_1.yaml | 23 +- queries/aws_wafregional_web_acl_2.yaml | 29 +- queries/aws_wafregional_web_acl_3.yaml | 25 +- queries/aws_wafregional_web_acl_4.yaml | 24 +- queries/aws_wafregional_web_acl_5.yaml | 23 +- queries/aws_wafv2_ip_set_1.yaml | 27 +- queries/aws_wafv2_ip_set_2.yaml | 27 +- queries/aws_wafv2_ip_set_3.yaml | 30 +- queries/aws_wafv2_ip_set_4.yaml | 27 +- queries/aws_wafv2_regex_pattern_set_1.yaml | 24 +- queries/aws_wafv2_regex_pattern_set_2.yaml | 28 +- queries/aws_wafv2_regex_pattern_set_3.yaml | 30 +- queries/aws_wafv2_rule_group_1.yaml | 28 +- queries/aws_wafv2_rule_group_2.yaml | 31 +- queries/aws_wafv2_rule_group_3.yaml | 29 +- queries/aws_wafv2_web_acl_1.yaml | 25 +- queries/aws_wafv2_web_acl_2.yaml | 22 +- queries/aws_wafv2_web_acl_3.yaml | 25 +- queries/aws_wafv2_web_acl_4.yaml | 47 +- queries/aws_wafv2_web_acl_5.yaml | 25 +- queries/aws_wafv2_web_acl_6.yaml | 27 +- queries/aws_wafv2_web_acl_7.yaml | 31 +- queries/aws_wellarchitected_answer_1.yaml | 29 +- queries/aws_wellarchitected_answer_2.yaml | 26 +- queries/aws_wellarchitected_answer_3.yaml | 34 +- queries/aws_wellarchitected_answer_4.yaml | 32 +- queries/aws_wellarchitected_answer_5.yaml | 26 +- queries/aws_wellarchitected_answer_6.yaml | 35 +- queries/aws_wellarchitected_answer_7.yaml | 29 +- .../aws_wellarchitected_check_detail_1.yaml | 27 +- .../aws_wellarchitected_check_detail_2.yaml | 24 +- .../aws_wellarchitected_check_detail_3.yaml | 30 +- .../aws_wellarchitected_check_detail_4.yaml | 30 +- .../aws_wellarchitected_check_detail_5.yaml | 34 +- .../aws_wellarchitected_check_detail_6.yaml | 33 +- .../aws_wellarchitected_check_summary_1.yaml | 32 +- .../aws_wellarchitected_check_summary_2.yaml | 31 +- .../aws_wellarchitected_check_summary_3.yaml | 29 +- .../aws_wellarchitected_check_summary_4.yaml | 31 +- .../aws_wellarchitected_check_summary_5.yaml | 37 +- ...wellarchitected_consolidated_report_1.yaml | 26 +- ...wellarchitected_consolidated_report_2.yaml | 33 +- ...wellarchitected_consolidated_report_3.yaml | 21 +- ...wellarchitected_consolidated_report_4.yaml | 28 +- queries/aws_wellarchitected_lens_1.yaml | 24 +- queries/aws_wellarchitected_lens_2.yaml | 22 +- queries/aws_wellarchitected_lens_3.yaml | 27 +- queries/aws_wellarchitected_lens_4.yaml | 25 +- queries/aws_wellarchitected_lens_5.yaml | 26 +- queries/aws_wellarchitected_lens_6.yaml | 28 +- .../aws_wellarchitected_lens_review_1.yaml | 24 +- .../aws_wellarchitected_lens_review_2.yaml | 24 +- .../aws_wellarchitected_lens_review_3.yaml | 23 +- .../aws_wellarchitected_lens_review_4.yaml | 32 +- .../aws_wellarchitected_lens_review_5.yaml | 29 +- .../aws_wellarchitected_lens_review_6.yaml | 21 +- ...architected_lens_review_improvement_1.yaml | 26 +- ...architected_lens_review_improvement_2.yaml | 28 +- ...architected_lens_review_improvement_3.yaml | 30 +- ...architected_lens_review_improvement_4.yaml | 25 +- ..._wellarchitected_lens_review_report_1.yaml | 24 +- ..._wellarchitected_lens_review_report_2.yaml | 26 +- ..._wellarchitected_lens_review_report_3.yaml | 27 +- queries/aws_wellarchitected_lens_share_1.yaml | 23 +- queries/aws_wellarchitected_lens_share_2.yaml | 28 +- queries/aws_wellarchitected_lens_share_3.yaml | 27 +- queries/aws_wellarchitected_milestone_1.yaml | 22 +- queries/aws_wellarchitected_milestone_2.yaml | 42 +- queries/aws_wellarchitected_milestone_3.yaml | 30 +- queries/aws_wellarchitected_milestone_4.yaml | 33 +- .../aws_wellarchitected_notification_1.yaml | 25 +- .../aws_wellarchitected_notification_2.yaml | 25 +- .../aws_wellarchitected_notification_3.yaml | 25 +- ...ws_wellarchitected_share_invitation_1.yaml | 21 +- ...ws_wellarchitected_share_invitation_2.yaml | 26 +- ...ws_wellarchitected_share_invitation_3.yaml | 26 +- ...ws_wellarchitected_share_invitation_4.yaml | 24 +- ...ws_wellarchitected_share_invitation_5.yaml | 24 +- ...ws_wellarchitected_share_invitation_6.yaml | 20 +- queries/aws_wellarchitected_workload_1.yaml | 25 +- queries/aws_wellarchitected_workload_2.yaml | 25 +- queries/aws_wellarchitected_workload_3.yaml | 23 +- queries/aws_wellarchitected_workload_4.yaml | 23 +- .../aws_wellarchitected_workload_share_1.yaml | 23 +- .../aws_wellarchitected_workload_share_2.yaml | 28 +- .../aws_wellarchitected_workload_share_3.yaml | 26 +- .../aws_wellarchitected_workload_share_4.yaml | 28 +- queries/aws_workspaces_directory_1.yaml | 27 +- queries/aws_workspaces_directory_2.yaml | 32 +- queries/aws_workspaces_directory_3.yaml | 28 +- queries/aws_workspaces_directory_4.yaml | 30 +- queries/aws_workspaces_directory_5.yaml | 32 +- queries/aws_workspaces_directory_6.yaml | 35 +- queries/aws_workspaces_directory_7.yaml | 28 +- queries/aws_workspaces_directory_8.yaml | 40 +- queries/aws_workspaces_workspace_1.yaml | 20 +- queries/aws_workspaces_workspace_2.yaml | 23 +- queries/bulk_update_yaml.sh | 144 +- queries/cloud_managed_software.yaml | 38 +- queries/cloud_networks.yaml | 37 +- queries/container_workload.yaml | 38 +- queries/database_workload.yaml | 44 +- queries/devops.yaml | 37 +- queries/error_files.log | 26 - queries/error_messages.log | 25 - queries/keys_and_secrets.yaml | 38 +- queries/kubernetes_clusters.yaml | 60 +- queries/load_balancers.yaml | 39 +- queries/network_&_file_stores.yaml | 37 +- queries/object_stores.yaml | 37 +- queries/replace_integration_types.py | 84 + queries/server_workload.yaml | 73 +- queries/snapshots_&_backup_media.yaml | 37 +- queries/venv/bin/Activate.ps1 | 241 + queries/venv/bin/activate | 66 + queries/venv/bin/activate.csh | 25 + queries/venv/bin/activate.fish | 64 + queries/venv/bin/pip | 8 + queries/venv/bin/pip3 | 8 + queries/venv/bin/pip3.9 | 8 + queries/venv/bin/python | 1 + queries/venv/bin/python3 | 1 + queries/venv/bin/python3.9 | 1 + .../PyYAML-6.0.2.dist-info/INSTALLER | 1 + .../PyYAML-6.0.2.dist-info/LICENSE | 20 + .../PyYAML-6.0.2.dist-info/METADATA | 46 + .../PyYAML-6.0.2.dist-info/RECORD | 44 + .../PyYAML-6.0.2.dist-info/REQUESTED} | 0 .../PyYAML-6.0.2.dist-info/WHEEL | 5 + .../PyYAML-6.0.2.dist-info/top_level.txt | 2 + .../site-packages/_distutils_hack/__init__.py | 128 + .../site-packages/_distutils_hack/override.py | 1 + .../python3.9/site-packages/_yaml/__init__.py | 33 + .../site-packages/distutils-precedence.pth | 1 + .../pip-21.2.4.dist-info/INSTALLER | 1 + .../pip-21.2.4.dist-info/LICENSE.txt | 20 + .../pip-21.2.4.dist-info/METADATA | 92 + .../site-packages/pip-21.2.4.dist-info/RECORD | 795 ++ .../pip-21.2.4.dist-info/REQUESTED | 0 .../site-packages/pip-21.2.4.dist-info/WHEEL | 5 + .../pip-21.2.4.dist-info/entry_points.txt | 5 + .../pip-21.2.4.dist-info/top_level.txt | 1 + .../python3.9/site-packages/pip/__init__.py | 13 + .../python3.9/site-packages/pip/__main__.py | 31 + .../site-packages/pip/_internal/__init__.py | 19 + .../site-packages/pip/_internal/build_env.py | 294 + .../site-packages/pip/_internal/cache.py | 287 + .../pip/_internal/cli/__init__.py | 4 + .../pip/_internal/cli/autocompletion.py | 163 + .../pip/_internal/cli/base_command.py | 214 + .../pip/_internal/cli/cmdoptions.py | 1009 ++ .../pip/_internal/cli/command_context.py | 27 + .../site-packages/pip/_internal/cli/main.py | 70 + .../pip/_internal/cli/main_parser.py | 87 + .../site-packages/pip/_internal/cli/parser.py | 292 + .../pip/_internal/cli/progress_bars.py | 250 + .../pip/_internal/cli/req_command.py | 453 + .../pip/_internal/cli/spinners.py | 157 + .../pip/_internal/cli/status_codes.py | 6 + .../pip/_internal/commands/__init__.py | 112 + .../pip/_internal/commands/cache.py | 216 + .../pip/_internal/commands/check.py | 47 + .../pip/_internal/commands/completion.py | 91 + .../pip/_internal/commands/configuration.py | 266 + .../pip/_internal/commands/debug.py | 204 + .../pip/_internal/commands/download.py | 139 + .../pip/_internal/commands/freeze.py | 84 + .../pip/_internal/commands/hash.py | 55 + .../pip/_internal/commands/help.py | 41 + .../pip/_internal/commands/index.py | 139 + .../pip/_internal/commands/install.py | 750 ++ .../pip/_internal/commands/list.py | 337 + .../pip/_internal/commands/search.py | 164 + .../pip/_internal/commands/show.py | 234 + .../pip/_internal/commands/uninstall.py | 100 + .../pip/_internal/commands/wheel.py | 176 + .../pip/_internal/configuration.py | 403 + .../pip/_internal/distributions/__init__.py | 21 + .../pip/_internal/distributions/base.py | 38 + .../pip/_internal/distributions/installed.py | 22 + .../pip/_internal/distributions/sdist.py | 95 + .../pip/_internal/distributions/wheel.py | 34 + .../site-packages/pip/_internal/exceptions.py | 397 + .../pip/_internal/index/__init__.py | 2 + .../pip/_internal/index/collector.py | 534 ++ .../pip/_internal/index/package_finder.py | 982 ++ .../pip/_internal/index/sources.py | 224 + .../pip/_internal/locations/__init__.py | 408 + .../pip/_internal/locations/_distutils.py | 169 + .../pip/_internal/locations/_sysconfig.py | 219 + .../pip/_internal/locations/base.py | 52 + .../site-packages/pip/_internal/main.py | 13 + .../pip/_internal/metadata/__init__.py | 48 + .../pip/_internal/metadata/base.py | 242 + .../pip/_internal/metadata/pkg_resources.py | 153 + .../pip/_internal/models/__init__.py | 2 + .../pip/_internal/models/candidate.py | 31 + .../pip/_internal/models/direct_url.py | 220 + .../pip/_internal/models/format_control.py | 84 + .../pip/_internal/models/index.py | 32 + .../pip/_internal/models/link.py | 288 + .../pip/_internal/models/scheme.py | 31 + .../pip/_internal/models/search_scope.py | 126 + .../pip/_internal/models/selection_prefs.py | 46 + .../pip/_internal/models/target_python.py | 111 + .../pip/_internal/models/wheel.py | 92 + .../pip/_internal/network/__init__.py | 2 + .../pip/_internal/network/auth.py | 316 + .../pip/_internal/network/cache.py | 69 + .../pip/_internal/network/download.py | 184 + .../pip/_internal/network/lazy_wheel.py | 210 + .../pip/_internal/network/session.py | 454 + .../pip/_internal/network/utils.py | 96 + .../pip/_internal/network/xmlrpc.py | 60 + .../pip/_internal/operations/__init__.py | 0 .../_internal/operations/build/__init__.py | 0 .../_internal/operations/build/metadata.py | 35 + .../operations/build/metadata_legacy.py | 74 + .../pip/_internal/operations/build/wheel.py | 38 + .../operations/build/wheel_legacy.py | 110 + .../pip/_internal/operations/check.py | 153 + .../pip/_internal/operations/freeze.py | 277 + .../_internal/operations/install/__init__.py | 2 + .../operations/install/editable_legacy.py | 47 + .../_internal/operations/install/legacy.py | 132 + .../pip/_internal/operations/install/wheel.py | 803 ++ .../pip/_internal/operations/prepare.py | 655 ++ .../site-packages/pip/_internal/pyproject.py | 183 + .../pip/_internal/req/__init__.py | 94 + .../pip/_internal/req/constructors.py | 474 + .../pip/_internal/req/req_file.py | 528 ++ .../pip/_internal/req/req_install.py | 846 ++ .../pip/_internal/req/req_set.py | 190 + .../pip/_internal/req/req_tracker.py | 130 + .../pip/_internal/req/req_uninstall.py | 629 ++ .../pip/_internal/resolution/__init__.py | 0 .../pip/_internal/resolution/base.py | 18 + .../_internal/resolution/legacy/__init__.py | 0 .../_internal/resolution/legacy/resolver.py | 453 + .../resolution/resolvelib/__init__.py | 0 .../_internal/resolution/resolvelib/base.py | 144 + .../resolution/resolvelib/candidates.py | 555 ++ .../resolution/resolvelib/factory.py | 700 ++ .../resolution/resolvelib/found_candidates.py | 142 + .../resolution/resolvelib/provider.py | 197 + .../resolution/resolvelib/reporter.py | 69 + .../resolution/resolvelib/requirements.py | 166 + .../resolution/resolvelib/resolver.py | 272 + .../pip/_internal/self_outdated_check.py | 187 + .../pip/_internal/utils/__init__.py | 0 .../site-packages/pip/_internal/utils/_log.py | 38 + .../pip/_internal/utils/appdirs.py | 35 + .../pip/_internal/utils/compat.py | 63 + .../pip/_internal/utils/compatibility_tags.py | 168 + .../pip/_internal/utils/datetime.py | 11 + .../pip/_internal/utils/deprecation.py | 104 + .../pip/_internal/utils/direct_url_helpers.py | 79 + .../pip/_internal/utils/distutils_args.py | 42 + .../pip/_internal/utils/encoding.py | 36 + .../pip/_internal/utils/entrypoints.py | 27 + .../pip/_internal/utils/filesystem.py | 182 + .../pip/_internal/utils/filetypes.py | 28 + .../pip/_internal/utils/glibc.py | 92 + .../pip/_internal/utils/hashes.py | 165 + .../_internal/utils/inject_securetransport.py | 36 + .../pip/_internal/utils/logging.py | 391 + .../site-packages/pip/_internal/utils/misc.py | 828 ++ .../pip/_internal/utils/models.py | 47 + .../pip/_internal/utils/packaging.py | 89 + .../pip/_internal/utils/parallel.py | 101 + .../pip/_internal/utils/pkg_resources.py | 40 + .../pip/_internal/utils/setuptools_build.py | 173 + .../pip/_internal/utils/subprocess.py | 281 + .../pip/_internal/utils/temp_dir.py | 260 + .../pip/_internal/utils/unpacking.py | 267 + .../site-packages/pip/_internal/utils/urls.py | 65 + .../pip/_internal/utils/virtualenv.py | 111 + .../pip/_internal/utils/wheel.py | 189 + .../pip/_internal/vcs/__init__.py | 15 + .../site-packages/pip/_internal/vcs/bazaar.py | 96 + .../site-packages/pip/_internal/vcs/git.py | 506 + .../pip/_internal/vcs/mercurial.py | 158 + .../pip/_internal/vcs/subversion.py | 329 + .../pip/_internal/vcs/versioncontrol.py | 722 ++ .../pip/_internal/wheel_builder.py | 360 + .../site-packages/pip/_vendor/__init__.py | 111 + .../site-packages/pip/_vendor/appdirs.py | 633 ++ .../pip/_vendor/cachecontrol/__init__.py | 11 + .../pip/_vendor/cachecontrol/_cmd.py | 57 + .../pip/_vendor/cachecontrol/adapter.py | 133 + .../pip/_vendor/cachecontrol/cache.py | 39 + .../_vendor/cachecontrol/caches/__init__.py | 2 + .../_vendor/cachecontrol/caches/file_cache.py | 146 + .../cachecontrol/caches/redis_cache.py | 33 + .../pip/_vendor/cachecontrol/compat.py | 29 + .../pip/_vendor/cachecontrol/controller.py | 376 + .../pip/_vendor/cachecontrol/filewrapper.py | 80 + .../pip/_vendor/cachecontrol/heuristics.py | 135 + .../pip/_vendor/cachecontrol/serialize.py | 188 + .../pip/_vendor/cachecontrol/wrapper.py | 29 + .../pip/_vendor/certifi/__init__.py | 3 + .../pip/_vendor/certifi/__main__.py | 12 + .../pip/_vendor/certifi/cacert.pem | 4257 +++++++++ .../site-packages/pip/_vendor/certifi/core.py | 76 + .../pip/_vendor/chardet/__init__.py | 83 + .../pip/_vendor/chardet/big5freq.py | 386 + .../pip/_vendor/chardet/big5prober.py | 47 + .../pip/_vendor/chardet/chardistribution.py | 233 + .../pip/_vendor/chardet/charsetgroupprober.py | 107 + .../pip/_vendor/chardet/charsetprober.py | 145 + .../pip/_vendor/chardet/cli/__init__.py | 1 + .../pip/_vendor/chardet/cli/chardetect.py | 84 + .../pip/_vendor/chardet/codingstatemachine.py | 88 + .../pip/_vendor/chardet/compat.py | 36 + .../pip/_vendor/chardet/cp949prober.py | 49 + .../pip/_vendor/chardet/enums.py | 76 + .../pip/_vendor/chardet/escprober.py | 101 + .../pip/_vendor/chardet/escsm.py | 246 + .../pip/_vendor/chardet/eucjpprober.py | 92 + .../pip/_vendor/chardet/euckrfreq.py | 195 + .../pip/_vendor/chardet/euckrprober.py | 47 + .../pip/_vendor/chardet/euctwfreq.py | 387 + .../pip/_vendor/chardet/euctwprober.py | 46 + .../pip/_vendor/chardet/gb2312freq.py | 283 + .../pip/_vendor/chardet/gb2312prober.py | 46 + .../pip/_vendor/chardet/hebrewprober.py | 292 + .../pip/_vendor/chardet/jisfreq.py | 325 + .../pip/_vendor/chardet/jpcntx.py | 233 + .../pip/_vendor/chardet/langbulgarianmodel.py | 4650 +++++++++ .../pip/_vendor/chardet/langgreekmodel.py | 4398 +++++++++ .../pip/_vendor/chardet/langhebrewmodel.py | 4383 +++++++++ .../pip/_vendor/chardet/langhungarianmodel.py | 4650 +++++++++ .../pip/_vendor/chardet/langrussianmodel.py | 5718 +++++++++++ .../pip/_vendor/chardet/langthaimodel.py | 4383 +++++++++ .../pip/_vendor/chardet/langturkishmodel.py | 4383 +++++++++ .../pip/_vendor/chardet/latin1prober.py | 145 + .../pip/_vendor/chardet/mbcharsetprober.py | 91 + .../pip/_vendor/chardet/mbcsgroupprober.py | 54 + .../pip/_vendor/chardet/mbcssm.py | 572 ++ .../pip/_vendor/chardet/metadata/__init__.py | 0 .../pip/_vendor/chardet/metadata/languages.py | 310 + .../pip/_vendor/chardet/sbcharsetprober.py | 145 + .../pip/_vendor/chardet/sbcsgroupprober.py | 83 + .../pip/_vendor/chardet/sjisprober.py | 92 + .../pip/_vendor/chardet/universaldetector.py | 286 + .../pip/_vendor/chardet/utf8prober.py | 82 + .../pip/_vendor/chardet/version.py | 9 + .../pip/_vendor/colorama/__init__.py | 6 + .../pip/_vendor/colorama/ansi.py | 102 + .../pip/_vendor/colorama/ansitowin32.py | 258 + .../pip/_vendor/colorama/initialise.py | 80 + .../pip/_vendor/colorama/win32.py | 152 + .../pip/_vendor/colorama/winterm.py | 169 + .../pip/_vendor/distlib/__init__.py | 23 + .../pip/_vendor/distlib/_backport/__init__.py | 6 + .../pip/_vendor/distlib/_backport/misc.py | 41 + .../pip/_vendor/distlib/_backport/shutil.py | 764 ++ .../_vendor/distlib/_backport/sysconfig.cfg | 84 + .../_vendor/distlib/_backport/sysconfig.py | 786 ++ .../pip/_vendor/distlib/_backport/tarfile.py | 2607 +++++ .../pip/_vendor/distlib/compat.py | 1120 +++ .../pip/_vendor/distlib/database.py | 1339 +++ .../pip/_vendor/distlib/index.py | 509 + .../pip/_vendor/distlib/locators.py | 1300 +++ .../pip/_vendor/distlib/manifest.py | 393 + .../pip/_vendor/distlib/markers.py | 130 + .../pip/_vendor/distlib/metadata.py | 1058 +++ .../pip/_vendor/distlib/resources.py | 358 + .../pip/_vendor/distlib/scripts.py | 423 + .../site-packages/pip/_vendor/distlib/t32.exe | Bin 0 -> 96768 bytes .../site-packages/pip/_vendor/distlib/t64.exe | Bin 0 -> 105984 bytes .../site-packages/pip/_vendor/distlib/util.py | 1965 ++++ .../pip/_vendor/distlib/version.py | 739 ++ .../site-packages/pip/_vendor/distlib/w32.exe | Bin 0 -> 90112 bytes .../site-packages/pip/_vendor/distlib/w64.exe | Bin 0 -> 99840 bytes .../pip/_vendor/distlib/wheel.py | 1056 +++ .../site-packages/pip/_vendor/distro.py | 1230 +++ .../pip/_vendor/html5lib/__init__.py | 35 + .../pip/_vendor/html5lib/_ihatexml.py | 289 + .../pip/_vendor/html5lib/_inputstream.py | 918 ++ .../pip/_vendor/html5lib/_tokenizer.py | 1735 ++++ .../pip/_vendor/html5lib/_trie/__init__.py | 5 + .../pip/_vendor/html5lib/_trie/_base.py | 40 + .../pip/_vendor/html5lib/_trie/py.py | 67 + .../pip/_vendor/html5lib/_utils.py | 159 + .../pip/_vendor/html5lib/constants.py | 2946 ++++++ .../pip/_vendor/html5lib/filters/__init__.py | 0 .../filters/alphabeticalattributes.py | 29 + .../pip/_vendor/html5lib/filters/base.py | 12 + .../html5lib/filters/inject_meta_charset.py | 73 + .../pip/_vendor/html5lib/filters/lint.py | 93 + .../_vendor/html5lib/filters/optionaltags.py | 207 + .../pip/_vendor/html5lib/filters/sanitizer.py | 916 ++ .../_vendor/html5lib/filters/whitespace.py | 38 + .../pip/_vendor/html5lib/html5parser.py | 2795 ++++++ .../pip/_vendor/html5lib/serializer.py | 409 + .../_vendor/html5lib/treeadapters/__init__.py | 30 + .../_vendor/html5lib/treeadapters/genshi.py | 54 + .../pip/_vendor/html5lib/treeadapters/sax.py | 50 + .../_vendor/html5lib/treebuilders/__init__.py | 88 + .../pip/_vendor/html5lib/treebuilders/base.py | 417 + .../pip/_vendor/html5lib/treebuilders/dom.py | 239 + .../_vendor/html5lib/treebuilders/etree.py | 343 + .../html5lib/treebuilders/etree_lxml.py | 392 + .../_vendor/html5lib/treewalkers/__init__.py | 154 + .../pip/_vendor/html5lib/treewalkers/base.py | 252 + .../pip/_vendor/html5lib/treewalkers/dom.py | 43 + .../pip/_vendor/html5lib/treewalkers/etree.py | 131 + .../html5lib/treewalkers/etree_lxml.py | 215 + .../_vendor/html5lib/treewalkers/genshi.py | 69 + .../pip/_vendor/idna/__init__.py | 44 + .../site-packages/pip/_vendor/idna/codec.py | 117 + .../site-packages/pip/_vendor/idna/compat.py | 16 + .../site-packages/pip/_vendor/idna/core.py | 409 + .../pip/_vendor/idna/idnadata.py | 2050 ++++ .../pip/_vendor/idna/intranges.py | 58 + .../pip/_vendor/idna/package_data.py | 2 + .../pip/_vendor/idna/uts46data.py | 8438 +++++++++++++++++ .../pip/_vendor/msgpack/__init__.py | 54 + .../pip/_vendor/msgpack/_version.py | 1 + .../pip/_vendor/msgpack/exceptions.py | 48 + .../site-packages/pip/_vendor/msgpack/ext.py | 193 + .../pip/_vendor/msgpack/fallback.py | 1087 +++ .../pip/_vendor/packaging/__about__.py | 26 + .../pip/_vendor/packaging/__init__.py | 25 + .../pip/_vendor/packaging/_manylinux.py | 301 + .../pip/_vendor/packaging/_musllinux.py | 136 + .../pip/_vendor/packaging/_structures.py | 67 + .../pip/_vendor/packaging/markers.py | 304 + .../pip/_vendor/packaging/requirements.py | 146 + .../pip/_vendor/packaging/specifiers.py | 828 ++ .../pip/_vendor/packaging/tags.py | 484 + .../pip/_vendor/packaging/utils.py | 136 + .../pip/_vendor/packaging/version.py | 504 + .../pip/_vendor/pep517/__init__.py | 6 + .../site-packages/pip/_vendor/pep517/build.py | 127 + .../site-packages/pip/_vendor/pep517/check.py | 207 + .../pip/_vendor/pep517/colorlog.py | 115 + .../pip/_vendor/pep517/compat.py | 42 + .../pip/_vendor/pep517/dirtools.py | 44 + .../pip/_vendor/pep517/envbuild.py | 171 + .../pip/_vendor/pep517/in_process/__init__.py | 17 + .../_vendor/pep517/in_process/_in_process.py | 349 + .../site-packages/pip/_vendor/pep517/meta.py | 92 + .../pip/_vendor/pep517/wrappers.py | 371 + .../pip/_vendor/pkg_resources/__init__.py | 3296 +++++++ .../pip/_vendor/pkg_resources/py31compat.py | 23 + .../pip/_vendor/progress/__init__.py | 177 + .../site-packages/pip/_vendor/progress/bar.py | 91 + .../pip/_vendor/progress/counter.py | 41 + .../pip/_vendor/progress/spinner.py | 43 + .../site-packages/pip/_vendor/pyparsing.py | 7107 ++++++++++++++ .../pip/_vendor/requests/__init__.py | 154 + .../pip/_vendor/requests/__version__.py | 14 + .../pip/_vendor/requests/_internal_utils.py | 42 + .../pip/_vendor/requests/adapters.py | 533 ++ .../site-packages/pip/_vendor/requests/api.py | 159 + .../pip/_vendor/requests/auth.py | 305 + .../pip/_vendor/requests/certs.py | 18 + .../pip/_vendor/requests/compat.py | 76 + .../pip/_vendor/requests/cookies.py | 549 ++ .../pip/_vendor/requests/exceptions.py | 127 + .../pip/_vendor/requests/help.py | 132 + .../pip/_vendor/requests/hooks.py | 34 + .../pip/_vendor/requests/models.py | 966 ++ .../pip/_vendor/requests/packages.py | 16 + .../pip/_vendor/requests/sessions.py | 781 ++ .../pip/_vendor/requests/status_codes.py | 123 + .../pip/_vendor/requests/structures.py | 105 + .../pip/_vendor/requests/utils.py | 1013 ++ .../pip/_vendor/resolvelib/__init__.py | 26 + .../pip/_vendor/resolvelib/compat/__init__.py | 0 .../resolvelib/compat/collections_abc.py | 6 + .../pip/_vendor/resolvelib/providers.py | 124 + .../pip/_vendor/resolvelib/reporters.py | 37 + .../pip/_vendor/resolvelib/resolvers.py | 473 + .../pip/_vendor/resolvelib/structs.py | 165 + .../site-packages/pip/_vendor/six.py | 998 ++ .../pip/_vendor/tenacity/__init__.py | 517 + .../pip/_vendor/tenacity/_asyncio.py | 92 + .../pip/_vendor/tenacity/_utils.py | 68 + .../pip/_vendor/tenacity/after.py | 46 + .../pip/_vendor/tenacity/before.py | 41 + .../pip/_vendor/tenacity/before_sleep.py | 58 + .../site-packages/pip/_vendor/tenacity/nap.py | 43 + .../pip/_vendor/tenacity/retry.py | 213 + .../pip/_vendor/tenacity/stop.py | 96 + .../pip/_vendor/tenacity/tornadoweb.py | 59 + .../pip/_vendor/tenacity/wait.py | 191 + .../pip/_vendor/tomli/__init__.py | 6 + .../pip/_vendor/tomli/_parser.py | 703 ++ .../site-packages/pip/_vendor/tomli/_re.py | 83 + .../pip/_vendor/urllib3/__init__.py | 85 + .../pip/_vendor/urllib3/_collections.py | 337 + .../pip/_vendor/urllib3/_version.py | 2 + .../pip/_vendor/urllib3/connection.py | 539 ++ .../pip/_vendor/urllib3/connectionpool.py | 1067 +++ .../pip/_vendor/urllib3/contrib/__init__.py | 0 .../urllib3/contrib/_appengine_environ.py | 36 + .../contrib/_securetransport/__init__.py | 0 .../contrib/_securetransport/bindings.py | 519 + .../contrib/_securetransport/low_level.py | 396 + .../pip/_vendor/urllib3/contrib/appengine.py | 314 + .../pip/_vendor/urllib3/contrib/ntlmpool.py | 130 + .../pip/_vendor/urllib3/contrib/pyopenssl.py | 511 + .../urllib3/contrib/securetransport.py | 922 ++ .../pip/_vendor/urllib3/contrib/socks.py | 216 + .../pip/_vendor/urllib3/exceptions.py | 323 + .../pip/_vendor/urllib3/fields.py | 274 + .../pip/_vendor/urllib3/filepost.py | 98 + .../pip/_vendor/urllib3/packages/__init__.py | 5 + .../urllib3/packages/backports/__init__.py | 0 .../urllib3/packages/backports/makefile.py | 51 + .../pip/_vendor/urllib3/packages/six.py | 1077 +++ .../packages/ssl_match_hostname/__init__.py | 24 + .../ssl_match_hostname/_implementation.py | 160 + .../pip/_vendor/urllib3/poolmanager.py | 536 ++ .../pip/_vendor/urllib3/request.py | 170 + .../pip/_vendor/urllib3/response.py | 821 ++ .../pip/_vendor/urllib3/util/__init__.py | 49 + .../pip/_vendor/urllib3/util/connection.py | 150 + .../pip/_vendor/urllib3/util/proxy.py | 56 + .../pip/_vendor/urllib3/util/queue.py | 22 + .../pip/_vendor/urllib3/util/request.py | 143 + .../pip/_vendor/urllib3/util/response.py | 107 + .../pip/_vendor/urllib3/util/retry.py | 602 ++ .../pip/_vendor/urllib3/util/ssl_.py | 495 + .../pip/_vendor/urllib3/util/ssltransport.py | 221 + .../pip/_vendor/urllib3/util/timeout.py | 268 + .../pip/_vendor/urllib3/util/url.py | 432 + .../pip/_vendor/urllib3/util/wait.py | 153 + .../site-packages/pip/_vendor/vendor.txt | 22 + .../pip/_vendor/webencodings/__init__.py | 342 + .../pip/_vendor/webencodings/labels.py | 231 + .../pip/_vendor/webencodings/mklabels.py | 59 + .../pip/_vendor/webencodings/tests.py | 153 + .../_vendor/webencodings/x_user_defined.py | 325 + .../lib/python3.9/site-packages/pip/py.typed | 4 + .../site-packages/pkg_resources/__init__.py | 3288 +++++++ .../pkg_resources/_vendor/__init__.py | 0 .../pkg_resources/_vendor/appdirs.py | 608 ++ .../_vendor/packaging/__about__.py | 27 + .../_vendor/packaging/__init__.py | 26 + .../_vendor/packaging/_compat.py | 38 + .../_vendor/packaging/_structures.py | 86 + .../_vendor/packaging/_typing.py | 48 + .../_vendor/packaging/markers.py | 328 + .../_vendor/packaging/requirements.py | 145 + .../_vendor/packaging/specifiers.py | 863 ++ .../pkg_resources/_vendor/packaging/tags.py | 751 ++ .../pkg_resources/_vendor/packaging/utils.py | 65 + .../_vendor/packaging/version.py | 535 ++ .../pkg_resources/_vendor/pyparsing.py | 5742 +++++++++++ .../pkg_resources/extern/__init__.py | 73 + .../data/my-test-package-source/setup.py | 6 + .../setuptools-58.0.4.dist-info/INSTALLER | 1 + .../setuptools-58.0.4.dist-info/LICENSE | 19 + .../setuptools-58.0.4.dist-info/METADATA | 119 + .../setuptools-58.0.4.dist-info/RECORD | 296 + .../setuptools-58.0.4.dist-info/REQUESTED | 0 .../setuptools-58.0.4.dist-info/WHEEL | 5 + .../entry_points.txt | 56 + .../setuptools-58.0.4.dist-info/top_level.txt | 3 + .../site-packages/setuptools/__init__.py | 242 + .../setuptools/_deprecation_warning.py | 7 + .../setuptools/_distutils/__init__.py | 15 + .../setuptools/_distutils/_msvccompiler.py | 561 ++ .../setuptools/_distutils/archive_util.py | 256 + .../setuptools/_distutils/bcppcompiler.py | 393 + .../setuptools/_distutils/ccompiler.py | 1123 +++ .../setuptools/_distutils/cmd.py | 403 + .../setuptools/_distutils/command/__init__.py | 31 + .../setuptools/_distutils/command/bdist.py | 143 + .../_distutils/command/bdist_dumb.py | 123 + .../_distutils/command/bdist_msi.py | 749 ++ .../_distutils/command/bdist_rpm.py | 579 ++ .../_distutils/command/bdist_wininst.py | 377 + .../setuptools/_distutils/command/build.py | 157 + .../_distutils/command/build_clib.py | 209 + .../_distutils/command/build_ext.py | 757 ++ .../setuptools/_distutils/command/build_py.py | 392 + .../_distutils/command/build_scripts.py | 152 + .../setuptools/_distutils/command/check.py | 148 + .../setuptools/_distutils/command/clean.py | 76 + .../setuptools/_distutils/command/config.py | 344 + .../setuptools/_distutils/command/install.py | 677 ++ .../_distutils/command/install_data.py | 79 + .../_distutils/command/install_egg_info.py | 77 + .../_distutils/command/install_headers.py | 47 + .../_distutils/command/install_lib.py | 217 + .../_distutils/command/install_scripts.py | 60 + .../_distutils/command/py37compat.py | 30 + .../setuptools/_distutils/command/register.py | 304 + .../setuptools/_distutils/command/sdist.py | 494 + .../setuptools/_distutils/command/upload.py | 214 + .../setuptools/_distutils/config.py | 130 + .../setuptools/_distutils/core.py | 234 + .../setuptools/_distutils/cygwinccompiler.py | 414 + .../setuptools/_distutils/debug.py | 5 + .../setuptools/_distutils/dep_util.py | 92 + .../setuptools/_distutils/dir_util.py | 210 + .../setuptools/_distutils/dist.py | 1257 +++ .../setuptools/_distutils/errors.py | 97 + .../setuptools/_distutils/extension.py | 240 + .../setuptools/_distutils/fancy_getopt.py | 457 + .../setuptools/_distutils/file_util.py | 238 + .../setuptools/_distutils/filelist.py | 355 + .../setuptools/_distutils/log.py | 77 + .../setuptools/_distutils/msvc9compiler.py | 788 ++ .../setuptools/_distutils/msvccompiler.py | 643 ++ .../setuptools/_distutils/py35compat.py | 19 + .../setuptools/_distutils/py38compat.py | 7 + .../setuptools/_distutils/spawn.py | 106 + .../setuptools/_distutils/sysconfig.py | 573 ++ .../setuptools/_distutils/text_file.py | 286 + .../setuptools/_distutils/unixccompiler.py | 332 + .../setuptools/_distutils/util.py | 535 ++ .../setuptools/_distutils/version.py | 347 + .../setuptools/_distutils/versionpredicate.py | 166 + .../site-packages/setuptools/_imp.py | 82 + .../setuptools/_vendor/__init__.py | 0 .../_vendor/more_itertools/__init__.py | 4 + .../setuptools/_vendor/more_itertools/more.py | 3825 ++++++++ .../_vendor/more_itertools/recipes.py | 620 ++ .../setuptools/_vendor/ordered_set.py | 488 + .../setuptools/_vendor/packaging/__about__.py | 27 + .../setuptools/_vendor/packaging/__init__.py | 26 + .../setuptools/_vendor/packaging/_compat.py | 38 + .../_vendor/packaging/_structures.py | 86 + .../setuptools/_vendor/packaging/_typing.py | 48 + .../setuptools/_vendor/packaging/markers.py | 328 + .../_vendor/packaging/requirements.py | 145 + .../_vendor/packaging/specifiers.py | 863 ++ .../setuptools/_vendor/packaging/tags.py | 751 ++ .../setuptools/_vendor/packaging/utils.py | 65 + .../setuptools/_vendor/packaging/version.py | 535 ++ .../setuptools/_vendor/pyparsing.py | 5742 +++++++++++ .../site-packages/setuptools/archive_util.py | 205 + .../site-packages/setuptools/build_meta.py | 281 + .../site-packages/setuptools/cli-32.exe | Bin 0 -> 65536 bytes .../site-packages/setuptools/cli-64.exe | Bin 0 -> 74752 bytes .../site-packages/setuptools/cli.exe | Bin 0 -> 65536 bytes .../setuptools/command/__init__.py | 8 + .../site-packages/setuptools/command/alias.py | 78 + .../setuptools/command/bdist_egg.py | 456 + .../setuptools/command/bdist_rpm.py | 31 + .../setuptools/command/build_clib.py | 101 + .../setuptools/command/build_ext.py | 328 + .../setuptools/command/build_py.py | 232 + .../setuptools/command/develop.py | 193 + .../setuptools/command/dist_info.py | 36 + .../setuptools/command/easy_install.py | 2290 +++++ .../setuptools/command/egg_info.py | 734 ++ .../setuptools/command/install.py | 125 + .../setuptools/command/install_egg_info.py | 62 + .../setuptools/command/install_lib.py | 122 + .../setuptools/command/install_scripts.py | 69 + .../setuptools/command/launcher manifest.xml | 15 + .../setuptools/command/py36compat.py | 134 + .../setuptools/command/register.py | 18 + .../setuptools/command/rotate.py | 64 + .../setuptools/command/saveopts.py | 22 + .../site-packages/setuptools/command/sdist.py | 189 + .../setuptools/command/setopt.py | 149 + .../site-packages/setuptools/command/test.py | 252 + .../setuptools/command/upload.py | 17 + .../setuptools/command/upload_docs.py | 202 + .../site-packages/setuptools/config.py | 749 ++ .../site-packages/setuptools/dep_util.py | 25 + .../site-packages/setuptools/depends.py | 175 + .../site-packages/setuptools/dist.py | 1150 +++ .../site-packages/setuptools/errors.py | 16 + .../site-packages/setuptools/extension.py | 55 + .../setuptools/extern/__init__.py | 73 + .../site-packages/setuptools/glob.py | 167 + .../site-packages/setuptools/gui-32.exe | Bin 0 -> 65536 bytes .../site-packages/setuptools/gui-64.exe | Bin 0 -> 75264 bytes .../site-packages/setuptools/gui.exe | Bin 0 -> 65536 bytes .../site-packages/setuptools/installer.py | 97 + .../site-packages/setuptools/launch.py | 36 + .../site-packages/setuptools/monkey.py | 177 + .../site-packages/setuptools/msvc.py | 1805 ++++ .../site-packages/setuptools/namespaces.py | 107 + .../site-packages/setuptools/package_index.py | 1119 +++ .../site-packages/setuptools/py34compat.py | 13 + .../site-packages/setuptools/sandbox.py | 530 ++ .../setuptools/script (dev).tmpl | 6 + .../site-packages/setuptools/script.tmpl | 3 + .../site-packages/setuptools/unicode_utils.py | 42 + .../site-packages/setuptools/version.py | 6 + .../site-packages/setuptools/wheel.py | 213 + .../setuptools/windows_support.py | 29 + .../python3.9/site-packages/yaml/__init__.py | 390 + .../yaml/_yaml.cpython-39-darwin.so | Bin 0 -> 359176 bytes .../python3.9/site-packages/yaml/composer.py | 139 + .../site-packages/yaml/constructor.py | 748 ++ .../lib/python3.9/site-packages/yaml/cyaml.py | 101 + .../python3.9/site-packages/yaml/dumper.py | 62 + .../python3.9/site-packages/yaml/emitter.py | 1137 +++ .../lib/python3.9/site-packages/yaml/error.py | 75 + .../python3.9/site-packages/yaml/events.py | 86 + .../python3.9/site-packages/yaml/loader.py | 63 + .../lib/python3.9/site-packages/yaml/nodes.py | 49 + .../python3.9/site-packages/yaml/parser.py | 589 ++ .../python3.9/site-packages/yaml/reader.py | 185 + .../site-packages/yaml/representer.py | 389 + .../python3.9/site-packages/yaml/resolver.py | 227 + .../python3.9/site-packages/yaml/scanner.py | 1435 +++ .../site-packages/yaml/serializer.py | 111 + .../python3.9/site-packages/yaml/tokens.py | 104 + queries/venv/pyvenv.cfg | 3 + 2705 files changed, 237015 insertions(+), 35047 deletions(-) delete mode 100644 queries/error_files.log delete mode 100644 queries/error_messages.log create mode 100644 queries/replace_integration_types.py create mode 100644 queries/venv/bin/Activate.ps1 create mode 100644 queries/venv/bin/activate create mode 100644 queries/venv/bin/activate.csh create mode 100644 queries/venv/bin/activate.fish create mode 100755 queries/venv/bin/pip create mode 100755 queries/venv/bin/pip3 create mode 100755 queries/venv/bin/pip3.9 create mode 120000 queries/venv/bin/python create mode 120000 queries/venv/bin/python3 create mode 120000 queries/venv/bin/python3.9 create mode 100644 queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/INSTALLER create mode 100644 queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/LICENSE create mode 100644 queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/METADATA create mode 100644 queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/RECORD rename queries/{processed_files.log => venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/REQUESTED} (100%) create mode 100644 queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/WHEEL create mode 100644 queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/top_level.txt create mode 100644 queries/venv/lib/python3.9/site-packages/_distutils_hack/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/_distutils_hack/override.py create mode 100644 queries/venv/lib/python3.9/site-packages/_yaml/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/distutils-precedence.pth create mode 100644 queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/INSTALLER create mode 100644 queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/LICENSE.txt create mode 100644 queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/METADATA create mode 100644 queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/RECORD create mode 100644 queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/REQUESTED create mode 100644 queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/WHEEL create mode 100644 queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/entry_points.txt create mode 100644 queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/top_level.txt create mode 100644 queries/venv/lib/python3.9/site-packages/pip/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/__main__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/build_env.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/cache.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/cli/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/cli/autocompletion.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/cli/base_command.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/cli/cmdoptions.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/cli/command_context.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/cli/main.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/cli/main_parser.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/cli/parser.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/cli/progress_bars.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/cli/req_command.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/cli/spinners.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/cli/status_codes.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/cache.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/check.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/completion.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/configuration.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/debug.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/download.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/freeze.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/hash.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/help.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/index.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/install.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/list.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/search.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/show.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/uninstall.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/commands/wheel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/configuration.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/base.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/installed.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/sdist.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/wheel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/exceptions.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/index/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/index/collector.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/index/package_finder.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/index/sources.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/locations/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/locations/_distutils.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/locations/_sysconfig.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/locations/base.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/main.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/base.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/pkg_resources.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/models/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/models/candidate.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/models/direct_url.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/models/format_control.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/models/index.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/models/link.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/models/scheme.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/models/search_scope.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/models/selection_prefs.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/models/target_python.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/models/wheel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/network/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/network/auth.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/network/cache.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/network/download.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/network/lazy_wheel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/network/session.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/network/utils.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/network/xmlrpc.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/operations/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/metadata.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/metadata_legacy.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/wheel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/wheel_legacy.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/operations/check.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/operations/freeze.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/editable_legacy.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/legacy.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/wheel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/operations/prepare.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/pyproject.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/req/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/req/constructors.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_file.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_install.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_set.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_tracker.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_uninstall.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/base.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/legacy/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/legacy/resolver.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/base.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/candidates.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/factory.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/found_candidates.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/provider.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/reporter.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/requirements.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/resolver.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/self_outdated_check.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/_log.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/appdirs.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/compatibility_tags.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/datetime.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/deprecation.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/direct_url_helpers.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/distutils_args.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/encoding.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/entrypoints.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/filesystem.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/filetypes.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/glibc.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/hashes.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/inject_securetransport.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/logging.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/misc.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/models.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/packaging.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/parallel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/pkg_resources.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/setuptools_build.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/subprocess.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/temp_dir.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/unpacking.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/urls.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/virtualenv.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/utils/wheel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/bazaar.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/git.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/mercurial.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/subversion.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/versioncontrol.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_internal/wheel_builder.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/appdirs.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/_cmd.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/adapter.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/cache.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/file_cache.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/redis_cache.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/controller.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/filewrapper.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/heuristics.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/serialize.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/wrapper.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/__main__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/cacert.pem create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/core.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/big5freq.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/big5prober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/chardistribution.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/charsetgroupprober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/charsetprober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cli/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cli/chardetect.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/codingstatemachine.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cp949prober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/enums.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/escprober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/escsm.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/eucjpprober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euckrfreq.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euckrprober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euctwfreq.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euctwprober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/gb2312freq.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/gb2312prober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/hebrewprober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/jisfreq.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/jpcntx.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langbulgarianmodel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langgreekmodel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langhebrewmodel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langhungarianmodel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langrussianmodel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langthaimodel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langturkishmodel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/latin1prober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcharsetprober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcsgroupprober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcssm.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/metadata/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/metadata/languages.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sbcharsetprober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sbcsgroupprober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sjisprober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/universaldetector.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/utf8prober.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/version.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/ansi.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/ansitowin32.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/initialise.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/win32.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/winterm.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/misc.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/shutil.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/sysconfig.cfg create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/sysconfig.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/tarfile.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/database.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/index.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/locators.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/manifest.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/markers.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/metadata.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/resources.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/scripts.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/t32.exe create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/t64.exe create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/util.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/version.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/w32.exe create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/w64.exe create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/wheel.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/distro.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_ihatexml.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_inputstream.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_tokenizer.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/_base.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/py.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_utils.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/constants.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/alphabeticalattributes.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/base.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/inject_meta_charset.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/lint.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/optionaltags.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/sanitizer.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/whitespace.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/html5parser.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/serializer.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treeadapters/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treeadapters/genshi.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treeadapters/sax.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treebuilders/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treebuilders/base.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treebuilders/dom.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treebuilders/etree.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treebuilders/etree_lxml.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treewalkers/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treewalkers/base.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treewalkers/dom.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treewalkers/etree.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treewalkers/etree_lxml.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treewalkers/genshi.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/codec.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/core.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/idnadata.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/intranges.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/package_data.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/uts46data.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/msgpack/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/msgpack/_version.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/msgpack/exceptions.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/msgpack/ext.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/msgpack/fallback.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/__about__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/_manylinux.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/_musllinux.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/_structures.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/markers.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/requirements.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/specifiers.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/tags.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/utils.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/version.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/build.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/check.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/colorlog.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/dirtools.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/envbuild.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/in_process/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/in_process/_in_process.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/meta.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/wrappers.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pkg_resources/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pkg_resources/py31compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/progress/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/progress/bar.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/progress/counter.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/progress/spinner.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/pyparsing.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/__version__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/_internal_utils.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/adapters.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/api.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/auth.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/certs.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/cookies.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/exceptions.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/help.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/hooks.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/models.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/packages.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/sessions.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/status_codes.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/structures.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/utils.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/compat/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/compat/collections_abc.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/providers.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/reporters.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/resolvers.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/structs.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/six.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/_asyncio.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/_utils.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/after.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/before.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/before_sleep.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/nap.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/retry.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/stop.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/tornadoweb.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/wait.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tomli/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tomli/_parser.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/tomli/_re.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/_collections.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/_version.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/connection.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/connectionpool.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/_appengine_environ.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/_securetransport/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/_securetransport/bindings.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/_securetransport/low_level.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/appengine.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/ntlmpool.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/pyopenssl.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/securetransport.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/socks.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/exceptions.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/fields.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/filepost.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/packages/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/packages/backports/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/packages/backports/makefile.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/packages/six.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/packages/ssl_match_hostname/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/packages/ssl_match_hostname/_implementation.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/poolmanager.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/request.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/response.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/connection.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/proxy.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/queue.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/request.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/response.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/retry.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/ssl_.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/ssltransport.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/timeout.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/url.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/wait.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/vendor.txt create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/webencodings/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/webencodings/labels.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/webencodings/mklabels.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/webencodings/tests.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/_vendor/webencodings/x_user_defined.py create mode 100644 queries/venv/lib/python3.9/site-packages/pip/py.typed create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/appdirs.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/__about__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/_compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/_structures.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/_typing.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/markers.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/requirements.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/specifiers.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/tags.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/utils.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/version.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/_vendor/pyparsing.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/extern/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/pkg_resources/tests/data/my-test-package-source/setup.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools-58.0.4.dist-info/INSTALLER create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools-58.0.4.dist-info/LICENSE create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools-58.0.4.dist-info/METADATA create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools-58.0.4.dist-info/RECORD create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools-58.0.4.dist-info/REQUESTED create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools-58.0.4.dist-info/WHEEL create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools-58.0.4.dist-info/entry_points.txt create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools-58.0.4.dist-info/top_level.txt create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_deprecation_warning.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/_msvccompiler.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/archive_util.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/bcppcompiler.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/ccompiler.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/cmd.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/bdist.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/bdist_dumb.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/bdist_msi.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/bdist_rpm.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/bdist_wininst.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/build.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/build_clib.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/build_ext.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/build_py.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/build_scripts.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/check.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/clean.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/config.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/install.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/install_data.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/install_egg_info.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/install_headers.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/install_lib.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/install_scripts.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/py37compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/register.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/sdist.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/command/upload.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/config.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/core.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/cygwinccompiler.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/debug.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/dep_util.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/dir_util.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/dist.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/errors.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/extension.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/fancy_getopt.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/file_util.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/filelist.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/log.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/msvc9compiler.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/msvccompiler.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/py35compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/py38compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/spawn.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/sysconfig.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/text_file.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/unixccompiler.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/util.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/version.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_distutils/versionpredicate.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_imp.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/more_itertools/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/more_itertools/more.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/more_itertools/recipes.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/ordered_set.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/packaging/__about__.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/packaging/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/packaging/_compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/packaging/_structures.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/packaging/_typing.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/packaging/markers.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/packaging/requirements.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/packaging/specifiers.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/packaging/tags.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/packaging/utils.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/packaging/version.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/_vendor/pyparsing.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/archive_util.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/build_meta.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/cli-32.exe create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/cli-64.exe create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/cli.exe create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/alias.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/bdist_egg.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/bdist_rpm.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/build_clib.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/build_ext.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/build_py.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/develop.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/dist_info.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/easy_install.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/egg_info.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/install.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/install_egg_info.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/install_lib.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/install_scripts.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/launcher manifest.xml create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/py36compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/register.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/rotate.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/saveopts.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/sdist.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/setopt.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/test.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/upload.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/command/upload_docs.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/config.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/dep_util.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/depends.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/dist.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/errors.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/extension.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/extern/__init__.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/glob.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/gui-32.exe create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/gui-64.exe create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/gui.exe create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/installer.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/launch.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/monkey.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/msvc.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/namespaces.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/package_index.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/py34compat.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/sandbox.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/script (dev).tmpl create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/script.tmpl create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/unicode_utils.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/version.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/wheel.py create mode 100644 queries/venv/lib/python3.9/site-packages/setuptools/windows_support.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/__init__.py create mode 100755 queries/venv/lib/python3.9/site-packages/yaml/_yaml.cpython-39-darwin.so create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/composer.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/constructor.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/cyaml.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/dumper.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/emitter.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/error.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/events.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/loader.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/nodes.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/parser.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/reader.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/representer.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/resolver.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/scanner.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/serializer.py create mode 100644 queries/venv/lib/python3.9/site-packages/yaml/tokens.py create mode 100644 queries/venv/pyvenv.cfg diff --git a/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml b/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml index 328d4b6ec..dec46d90c 100755 --- a/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml +++ b/queries/1-aws_insight_lambda_function_not_cmk_encrypted.yaml @@ -1,22 +1,16 @@ +Description: List of lambda functions which are not encrypted with CMK ID: aws_insight_lambda_function_not_cmk_encrypted -Title: "Unencrypted Lambda" -Description: "List of lambda functions which are not encrypted with CMK" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - kms_key_arn, account_id, og_account_id, og_resource_id - from - aws_lambda_function - where - kms_key_arn is null; - PrimaryTable: aws_lambda_function ListOfTables: - aws_lambda_function Parameters: [] + PrimaryTable: aws_lambda_function + QueryToExecute: "select\n name,\n kms_key_arn, account_id, og_account_id, og_resource_id\n\ + from\n aws_lambda_function\nwhere\n kms_key_arn is null;" Tags: category: - Security +Title: Unencrypted Lambda diff --git a/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml b/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml index a4574191b..c0d7086cd 100755 --- a/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml +++ b/queries/10-aws_insight_acm_certificate_transparency_logging_disabled.yaml @@ -1,21 +1,19 @@ +Description: List certificates for which transparency logging is disabled ID: aws_insight_acm_certificate_transparency_logging_disabled -Title: "Certificates with no Logging" -Description: "List certificates for which transparency logging is disabled" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select certificate_arn, domain_name, status, account_id, og_account_id, og_resource_id from - aws_acm_certificate - where - certificate_transparency_logging_preference <> 'ENABLED'; - PrimaryTable: aws_acm_certificate ListOfTables: - aws_acm_certificate Parameters: [] + PrimaryTable: aws_acm_certificate + QueryToExecute: "select certificate_arn, domain_name, status, account_id, og_account_id,\ + \ og_resource_id from\n aws_acm_certificate\nwhere\n certificate_transparency_logging_preference\ + \ <> 'ENABLED';" Tags: category: - Security - Technical Debt - Resiliency +Title: Certificates with no Logging diff --git a/queries/11-aws_insight_acm_certificate_expired.yaml b/queries/11-aws_insight_acm_certificate_expired.yaml index a437ca212..976195c25 100755 --- a/queries/11-aws_insight_acm_certificate_expired.yaml +++ b/queries/11-aws_insight_acm_certificate_expired.yaml @@ -1,22 +1,19 @@ +Description: List of expired certificates ID: aws_insight_acm_certificate_expired -Title: "Expired Certificates" -Description: "List of expired certificates" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select certificate_arn, domain_name, status, account_id, og_account_id, og_resource_id from - aws_acm_certificate - where - status = 'EXPIRED'; - PrimaryTable: aws_acm_certificate ListOfTables: - aws_acm_certificate Parameters: [] + PrimaryTable: aws_acm_certificate + QueryToExecute: "select certificate_arn, domain_name, status, account_id, og_account_id,\ + \ og_resource_id from\n aws_acm_certificate\nwhere\n status = 'EXPIRED';" Tags: category: - Security - Technical Debt - Resiliency - Cost Management +Title: Expired Certificates diff --git a/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml b/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml index 8328bdb7b..ad6b72153 100755 --- a/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml +++ b/queries/12-aws_insight_ebs_snapshot_older_than_year.yaml @@ -1,17 +1,18 @@ +Description: List Snapshots older than 365 days ID: aws_insight_ebs_snapshot_older_than_year -Title: "Snapshots older than a year" -Description: "List Snapshots older than 365 days" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: SELECT snapshot_id, arn, start_time, account_id, og_account_id, og_resource_id FROM aws_ebs_snapshot WHERE start_time < now() - interval '1 year'; - PrimaryTable: aws_ebs_snapshot ListOfTables: - aws_ebs_snapshot Parameters: [] + PrimaryTable: aws_ebs_snapshot + QueryToExecute: SELECT snapshot_id, arn, start_time, account_id, og_account_id, + og_resource_id FROM aws_ebs_snapshot WHERE start_time < now() - interval '1 year'; Tags: category: - Security - Technical Debt - Cost Management +Title: Snapshots older than a year diff --git a/queries/13-aws_insight_ec2_classic_load_balancer.yaml b/queries/13-aws_insight_ec2_classic_load_balancer.yaml index 8afff1f2d..9654d0261 100755 --- a/queries/13-aws_insight_ec2_classic_load_balancer.yaml +++ b/queries/13-aws_insight_ec2_classic_load_balancer.yaml @@ -1,15 +1,15 @@ +Description: List all Classic Load Balancer. Link here. ID: aws_insight_ec2_classic_load_balancer -Title: "Classic Load Balancers" -Description: "List all Classic Load Balancer. Link here." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: SELECT name, arn, account_id, og_account_id, og_resource_id FROM aws_ec2_classic_load_balancer - PrimaryTable: aws_ec2_classic_load_balancer ListOfTables: - aws_ec2_classic_load_balancer Parameters: [] + PrimaryTable: aws_ec2_classic_load_balancer + QueryToExecute: SELECT name, arn, account_id, og_account_id, og_resource_id FROM + aws_ec2_classic_load_balancer Tags: category: - Security @@ -19,3 +19,4 @@ Tags: - Executive - Product - FinOps +Title: Classic Load Balancers diff --git a/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml b/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml index 2178c1670..b4b093b69 100755 --- a/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml +++ b/queries/14-aws_insight_elb_classic_lb_use_ssl_certificate.yaml @@ -1,45 +1,29 @@ +Description: List all Load Balancers with out SSL ID: aws_insight_elb_classic_lb_use_ssl_certificate -Title: "Load Balancers with no SSL" -Description: "List all Load Balancers with out SSL" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with detailed_classic_listeners as ( - select - name - from - aws_ec2_classic_load_balancer, - jsonb_array_elements(listener_descriptions) as listener_description - where - listener_description -> 'Listener' ->> 'Protocol' in ('HTTPS', 'SSL', 'TLS') - and listener_description -> 'Listener' ->> 'SSLCertificateId' like 'arn:aws:acm%' - ) - select - -- Required Columns - 'arn:' || a.partition || ':elasticloadbalancing:' || a.region || ':' || a.account_id || ':loadbalancer/' || a.name as resource, - case - when a.listener_descriptions is null then 'skip' - when b.name is not null then 'alarm' - else 'ok' - end as status, - case - when a.listener_descriptions is null then a.title || ' has no listener.' - when b.name is not null then a.title || ' does not use certificates provided by ACM.' - else a.title || ' uses certificates provided by ACM.' - end as reason, - -- Additional Dimensions - region, - account_id, og_account_id, og_resource_id - from - aws_ec2_classic_load_balancer as a - left join detailed_classic_listeners as b on a.name = b.name; - PrimaryTable: aws_ec2_classic_load_balancer ListOfTables: - aws_ec2_classic_load_balancer Parameters: [] + PrimaryTable: aws_ec2_classic_load_balancer + QueryToExecute: "with detailed_classic_listeners as (\n select\n name\n from\n\ + \ aws_ec2_classic_load_balancer,\n jsonb_array_elements(listener_descriptions)\ + \ as listener_description\n where\n listener_description -> 'Listener' ->>\ + \ 'Protocol' in ('HTTPS', 'SSL', 'TLS')\n and listener_description -> 'Listener'\ + \ ->> 'SSLCertificateId' like 'arn:aws:acm%'\n)\nselect\n -- Required Columns\n\ + \ 'arn:' || a.partition || ':elasticloadbalancing:' || a.region || ':' || a.account_id\ + \ || ':loadbalancer/' || a.name as resource,\n case\n when a.listener_descriptions\ + \ is null then 'skip'\n when b.name is not null then 'alarm'\n else 'ok'\n\ + \ end as status,\n case\n when a.listener_descriptions is null then a.title\ + \ || ' has no listener.'\n when b.name is not null then a.title || ' does not\ + \ use certificates provided by ACM.'\n else a.title || ' uses certificates\ + \ provided by ACM.'\n end as reason,\n -- Additional Dimensions\n region,\n\ + \ account_id, og_account_id, og_resource_id\nfrom\n aws_ec2_classic_load_balancer\ + \ as a\n left join detailed_classic_listeners as b on a.name = b.name;" Tags: category: - Security - Technical Debt +Title: Load Balancers with no SSL diff --git a/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml b/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml index 05eef7584..1aeef2476 100755 --- a/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml +++ b/queries/15-aws_insight_elb_application_lb_waf_enabled.yaml @@ -1,31 +1,22 @@ +Description: List all ELB with no WAF. ID: aws_insight_elb_application_lb_waf_enabled -Title: "Load Balancers with no WAF" -Description: "List all ELB with no WAF." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - -- Required Columns - arn as resource, account_id, og_account_id, og_resource_id, - case - when load_balancer_attributes @> '[{"Key":"waf.fail_open.enabled","Value":"true"}]' then 'ok' - else 'alarm' - end as status, - case - when load_balancer_attributes @> '[{"Key":"waf.fail_open.enabled","Value":"true"}]' then title || ' WAF enabled.' - else title || ' WAF disabled.' - end as reason, - -- Additional Dimensions - region - from - aws_ec2_application_load_balancer; - PrimaryTable: aws_ec2_application_load_balancer ListOfTables: - aws_ec2_application_load_balancer Parameters: [] + PrimaryTable: aws_ec2_application_load_balancer + QueryToExecute: "select\n -- Required Columns\n arn as resource, account_id, og_account_id,\ + \ og_resource_id,\n case\n when load_balancer_attributes @> '[{\"Key\":\"\ + waf.fail_open.enabled\",\"Value\":\"true\"}]' then 'ok'\n else 'alarm'\n end\ + \ as status,\n case\n when load_balancer_attributes @> '[{\"Key\":\"waf.fail_open.enabled\"\ + ,\"Value\":\"true\"}]' then title || ' WAF enabled.'\n else title || ' WAF\ + \ disabled.'\n end as reason,\n -- Additional Dimensions\n region \nfrom\n\ + \ aws_ec2_application_load_balancer;" Tags: category: - Security - Technical Debt +Title: Load Balancers with no WAF diff --git a/queries/16-aws_insight_vpc_with_public_cidr.yaml b/queries/16-aws_insight_vpc_with_public_cidr.yaml index 27500af13..877345468 100755 --- a/queries/16-aws_insight_vpc_with_public_cidr.yaml +++ b/queries/16-aws_insight_vpc_with_public_cidr.yaml @@ -1,29 +1,21 @@ +Description: List VPCs with public CIDR blocks ID: aws_insight_vpc_with_public_cidr -Title: "VPCs with Public IP Range" -Description: "List VPCs with public CIDR blocks" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - cidr_block, - state, - region, account_id, og_account_id, og_resource_id - from - aws_vpc - where - (not cidr_block <<= '10.0.0.0/8' - and not cidr_block <<= '192.168.0.0/16' - and not cidr_block <<= '172.16.0.0/12'); - PrimaryTable: aws_vpc ListOfTables: - aws_vpc Parameters: [] + PrimaryTable: aws_vpc + QueryToExecute: "select\n vpc_id,\n cidr_block,\n state,\n region, account_id,\ + \ og_account_id, og_resource_id\nfrom\n aws_vpc\nwhere\n (not cidr_block <<=\ + \ '10.0.0.0/8'\n and not cidr_block <<= '192.168.0.0/16'\n and not cidr_block\ + \ <<= '172.16.0.0/12');" Tags: category: - Security - Technical Debt - Resiliency - Cost Management +Title: VPCs with Public IP Range diff --git a/queries/17-azure_insight_compute_disk_unattached.yaml b/queries/17-azure_insight_compute_disk_unattached.yaml index b12f62f39..b962f9b50 100755 --- a/queries/17-azure_insight_compute_disk_unattached.yaml +++ b/queries/17-azure_insight_compute_disk_unattached.yaml @@ -1,23 +1,17 @@ +Description: List of unattached Disks ID: azure_insight_compute_disk_unattached -Title: "Unused Azure Disks" -Description: "List of unattached Disks" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - disk_state, subscription_id, og_account_id, og_resource_id - from - azure_compute_disk - where - disk_state = 'Unattached'; - PrimaryTable: azure_compute_disk ListOfTables: - azure_compute_disk Parameters: [] + PrimaryTable: azure_compute_disk + QueryToExecute: "select\n name,\n disk_state, subscription_id, og_account_id,\ + \ og_resource_id\nfrom\n azure_compute_disk\nwhere\n disk_state = 'Unattached';" Tags: category: - Technical Debt - Cost Management +Title: Unused Azure Disks diff --git a/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml b/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml index 796fea620..08ca2d631 100755 --- a/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml +++ b/queries/18-azure_insight_compute_disk_unavailable_in_multiple_az.yaml @@ -1,26 +1,19 @@ +Description: List of compute disks which are not available in multiple az ID: azure_insight_compute_disk_unavailable_in_multiple_az -Title: "Non-Resiliency Azure Disks" -Description: "List of compute disks which are not available in multiple az" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - az, - region, subscription_id, og_account_id, og_resource_id - from - azure_compute_disk - cross join jsonb_array_elements(zones) az - where - zones is not null; - PrimaryTable: azure_compute_disk ListOfTables: - azure_compute_disk Parameters: [] + PrimaryTable: azure_compute_disk + QueryToExecute: "select\n name,\n az,\n region, subscription_id, og_account_id,\ + \ og_resource_id\nfrom\n azure_compute_disk\n cross join jsonb_array_elements(zones)\ + \ az\nwhere\n zones is not null;" Tags: category: - Security - Technical Debt - Resiliency +Title: Non-Resiliency Azure Disks diff --git a/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml b/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml index a4c598830..f57a39163 100755 --- a/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml +++ b/queries/19-azure_insight_compute_disk_not_encrypted_with_customer_key.yaml @@ -1,22 +1,15 @@ +Description: List of compute disks which are not encrypted with customer key ID: azure_insight_compute_disk_not_encrypted_with_customer_key -Title: "Unecrypted Disks" -Description: "List of compute disks which are not encrypted with customer key" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - encryption_type, subscription_id, og_account_id, og_resource_id - from - azure_compute_disk - where - encryption_type <> 'EncryptionAtRestWithCustomerKey'; - PrimaryTable: azure_compute_disk ListOfTables: - azure_compute_disk Parameters: [] + PrimaryTable: azure_compute_disk + QueryToExecute: "select\n name,\n encryption_type, subscription_id, og_account_id,\ + \ og_resource_id\nfrom\n azure_compute_disk\nwhere\n encryption_type <> 'EncryptionAtRestWithCustomerKey';" Tags: category: - Security @@ -25,3 +18,4 @@ Tags: - Security - DevOps - Product +Title: Unecrypted Disks diff --git a/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml b/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml index c09efacd7..865f45fd5 100755 --- a/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml +++ b/queries/2-aws_insight_lambda_function_retention_period_less_than_30_days.yaml @@ -1,29 +1,21 @@ +Description: List of lambda function whose retention period is less than 30 days ID: aws_insight_lambda_function_retention_period_less_than_30_days -Title: "" -Description: "List of lambda function whose retention period is less than 30 days" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - fn.name, - lg.name, - lg.retention_in_days, fn.account_id, fn.og_account_id, fn.og_resource_id - from - aws_lambda_function as fn - inner join aws_cloudwatch_log_group as lg on ( - lg.og_account_id = fn.og_account_id AND ((lg.name = '/aws/lambda/') - or (lg.name = fn.name)) - ) - where - lg.retention_in_days < 30 - PrimaryTable: null ListOfTables: - aws_lambda_function - aws_cloudwatch_log_group Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n fn.name,\n lg.name,\n lg.retention_in_days, fn.account_id,\ + \ fn.og_account_id, fn.og_resource_id\nfrom\n aws_lambda_function as fn\n inner\ + \ join aws_cloudwatch_log_group as lg on (\n lg.og_account_id = fn.og_account_id\ + \ AND ((lg.name = '/aws/lambda/')\n or (lg.name = fn.name))\n )\nwhere\n \ + \ lg.retention_in_days < 30" Tags: category: - Technical Debt - Resiliency +Title: '' diff --git a/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml b/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml index e5e44b712..4b1bf58d9 100755 --- a/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml +++ b/queries/20-azure_insight_cosmosdb_account_with_disabled_automatic_failover.yaml @@ -1,24 +1,17 @@ +Description: List of database accounts where automatic failover is not enabled ID: azure_insight_cosmosdb_account_with_disabled_automatic_failover -Title: "Database with no Auto Failover" -Description: "List of database accounts where automatic failover is not enabled" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - region, - enable_automatic_failover, - resource_group, subscription_id, og_account_id, og_resource_id - from - azure_cosmosdb_account - where - not enable_automatic_failover; - PrimaryTable: azure_cosmosdb_account ListOfTables: - azure_cosmosdb_account Parameters: [] + PrimaryTable: azure_cosmosdb_account + QueryToExecute: "select\n name,\n region,\n enable_automatic_failover,\n resource_group,\ + \ subscription_id, og_account_id, og_resource_id\nfrom\n azure_cosmosdb_account\n\ + where\n not enable_automatic_failover;" Tags: category: - Resiliency +Title: Database with no Auto Failover diff --git a/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml b/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml index 970c7368f..371142aa4 100755 --- a/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml +++ b/queries/21-azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet.yaml @@ -1,24 +1,19 @@ +Description: List of database accounts which allows traffic from all networks, including + the public Internet. ID: azure_insight_cosmosdb_account_which_allows_traffic_from_all_networks_and_internet -Title: "Database Accounts with Public access" -Description: "List of database accounts which allows traffic from all networks, including the public Internet." IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - region, - virtual_network_rules, subscription_id, og_account_id, og_resource_id - from - azure_cosmosdb_account - where - virtual_network_rules = '[]'; - PrimaryTable: azure_cosmosdb_account ListOfTables: - azure_cosmosdb_account Parameters: [] + PrimaryTable: azure_cosmosdb_account + QueryToExecute: "select\n name,\n region,\n virtual_network_rules, subscription_id,\ + \ og_account_id, og_resource_id\nfrom\n azure_cosmosdb_account\nwhere\n virtual_network_rules\ + \ = '[]';" Tags: category: - Security - Technical Debt +Title: Database Accounts with Public access diff --git a/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml b/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml index d1f241f62..be504f015 100755 --- a/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml +++ b/queries/22-azure_insight_key_vault_with_disabled_soft_delete.yaml @@ -1,26 +1,19 @@ +Description: List of key vaults where soft deletion is not enabled ID: azure_insight_key_vault_with_disabled_soft_delete -Title: "Key Vaults with no Deletion Protection" -Description: "List of key vaults where soft deletion is not enabled" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - soft_delete_enabled, - soft_delete_retention_in_days, subscription_id, og_account_id, og_resource_id - from - azure_key_vault - where - not soft_delete_enabled; - PrimaryTable: azure_key_vault ListOfTables: - azure_key_vault Parameters: [] + PrimaryTable: azure_key_vault + QueryToExecute: "select\n name,\n id,\n soft_delete_enabled,\n soft_delete_retention_in_days,\ + \ subscription_id, og_account_id, og_resource_id\nfrom\n azure_key_vault\nwhere\n\ + \ not soft_delete_enabled;" Tags: category: - Security - Technical Debt - Resiliency +Title: Key Vaults with no Deletion Protection diff --git a/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml b/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml index 3e9ffe4a4..8874a18c5 100755 --- a/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml +++ b/queries/23-azure_insight_kubernetes_cluster_with_rbac_disabled.yaml @@ -1,27 +1,17 @@ +Description: List clusters that have role-based access control (RBAC) disabled ID: azure_insight_kubernetes_cluster_with_rbac_disabled -Title: "Clusters with no RBAC" -Description: "List clusters that have role-based access control (RBAC) disabled" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - location, - type, - identity, - enable_rbac, - sku, subscription_id, og_account_id, og_resource_id - from - azure_kubernetes_cluster - where - not enable_rbac; - PrimaryTable: azure_kubernetes_cluster ListOfTables: - azure_kubernetes_cluster Parameters: [] + PrimaryTable: azure_kubernetes_cluster + QueryToExecute: "select\n name,\n id,\n location,\n type,\n identity,\n enable_rbac,\n\ + \ sku, subscription_id, og_account_id, og_resource_id\nfrom\n azure_kubernetes_cluster\n\ + where\n not enable_rbac;" Tags: category: - Security +Title: Clusters with no RBAC diff --git a/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml b/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml index d2bddaf8d..7aecfc5a1 100755 --- a/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml +++ b/queries/24-azure_insight_kubernetes_cluster_with_undesired_version.yaml @@ -1,25 +1,16 @@ +Description: List clusters with an undesirable version (older than 1.20.5) ID: azure_insight_kubernetes_cluster_with_undesired_version -Title: "Legacy Kubernetes Clusters" -Description: "List clusters with an undesirable version (older than 1.20.5)" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - location, - type, - kubernetes_version, subscription_id, og_account_id, og_resource_id - from - azure_kubernetes_cluster - where - kubernetes_version < '1.24'; - PrimaryTable: azure_kubernetes_cluster ListOfTables: - azure_kubernetes_cluster Parameters: [] + PrimaryTable: azure_kubernetes_cluster + QueryToExecute: "select\n name,\n id,\n location,\n type,\n kubernetes_version,\ + \ subscription_id, og_account_id, og_resource_id\nfrom\n azure_kubernetes_cluster\n\ + where\n kubernetes_version < '1.24';" Tags: category: - Security @@ -29,3 +20,4 @@ Tags: - Executive - Product - FinOps +Title: Legacy Kubernetes Clusters diff --git a/queries/25-azure_insight_lb_failed.yaml b/queries/25-azure_insight_lb_failed.yaml index 73fbe04de..3745d12bf 100755 --- a/queries/25-azure_insight_lb_failed.yaml +++ b/queries/25-azure_insight_lb_failed.yaml @@ -1,27 +1,20 @@ +Description: List failed load balancers ID: azure_insight_lb_failed -Title: "Unhealthy Load Balancers" -Description: "List failed load balancers" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - type, - provisioning_state, subscription_id, og_account_id, og_resource_id - from - azure_lb - where - provisioning_state = 'Failed'; - PrimaryTable: azure_lb ListOfTables: - azure_lb Parameters: [] + PrimaryTable: azure_lb + QueryToExecute: "select\n id,\n name,\n type,\n provisioning_state, subscription_id,\ + \ og_account_id, og_resource_id\nfrom\n azure_lb\nwhere\n provisioning_state\ + \ = 'Failed';" Tags: category: - Security - Technical Debt - Resiliency - Cost Management +Title: Unhealthy Load Balancers diff --git a/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml b/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml index ed1204ab6..6848a08df 100755 --- a/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml +++ b/queries/26-azure_insight_compute_availability_set_without_managed_disk_configuration.yaml @@ -1,25 +1,19 @@ +Description: List of availability sets which does not use managed disks configuration ID: azure_insight_compute_availability_set_without_managed_disk_configuration -Title: "AV Sets with Legacy Disks" -Description: "List of availability sets which does not use managed disks configuration" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - sku_name, subscription_id, og_account_id, og_resource_id - from - azure_compute_availability_set - where - sku_name = 'Classic'; - PrimaryTable: azure_compute_availability_set ListOfTables: - azure_compute_availability_set Parameters: [] + PrimaryTable: azure_compute_availability_set + QueryToExecute: "select\n name,\n sku_name, subscription_id, og_account_id, og_resource_id\n\ + from\n azure_compute_availability_set\nwhere\n sku_name = 'Classic';" Tags: category: - Security - Technical Debt - Resiliency - Cost Management +Title: AV Sets with Legacy Disks diff --git a/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml b/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml index 415260a1b..ae8559dc9 100755 --- a/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml +++ b/queries/27-azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2.yaml @@ -1,26 +1,19 @@ +Description: List servers with minimum TLS version lower than 1.2 ID: azure_insight_mysql_server_with_minimum_ssl_older_than_1_point_2 -Title: "Servers with Vulnerable TLSA" -Description: "List servers with minimum TLS version lower than 1.2" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - minimal_tls_version, subscription_id, og_account_id, og_resource_id - from - azure_mysql_server - where - (minimal_tls_version = 'TLS1_0' - or minimal_tls_version = 'TLS1_1'); - PrimaryTable: azure_mysql_server ListOfTables: - azure_mysql_server Parameters: [] + PrimaryTable: azure_mysql_server + QueryToExecute: "select\n name,\n id,\n minimal_tls_version, subscription_id,\ + \ og_account_id, og_resource_id\nfrom\n azure_mysql_server\nwhere\n (minimal_tls_version\ + \ = 'TLS1_0'\n or minimal_tls_version = 'TLS1_1');" Tags: category: - Security - Technical Debt - Cost Management +Title: Servers with Vulnerable TLSA diff --git a/queries/28-azure_insight_virtual_network_with_public_cidr.yaml b/queries/28-azure_insight_virtual_network_with_public_cidr.yaml index e109d16b9..09df291cf 100755 --- a/queries/28-azure_insight_virtual_network_with_public_cidr.yaml +++ b/queries/28-azure_insight_virtual_network_with_public_cidr.yaml @@ -1,30 +1,21 @@ +Description: List Virtual Networks with public CIDR blocks ID: azure_insight_virtual_network_with_public_cidr -Title: "vNets with Public IP Range" -Description: "List Virtual Networks with public CIDR blocks" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cidr_block, - region, - resource_group, subscription_id, og_account_id, og_resource_id - from - azure_virtual_network - cross join jsonb_array_elements_text(address_prefixes) as cidr_block - where - (not cidr_block :: cidr <<= '10.0.0.0/16' - and not cidr_block :: cidr <<= '192.168.0.0/16' - and not cidr_block :: cidr <<= '172.16.0.0/12'); - PrimaryTable: azure_virtual_network ListOfTables: - azure_virtual_network Parameters: [] + PrimaryTable: azure_virtual_network + QueryToExecute: "select\n name,\n cidr_block,\n region,\n resource_group, subscription_id,\ + \ og_account_id, og_resource_id\nfrom\n azure_virtual_network\n cross join jsonb_array_elements_text(address_prefixes)\ + \ as cidr_block\nwhere\n (not cidr_block :: cidr <<= '10.0.0.0/16'\n and not\ + \ cidr_block :: cidr <<= '192.168.0.0/16'\n and not cidr_block :: cidr <<= '172.16.0.0/12');" Tags: category: - Security - Technical Debt - Resiliency - Resiliency +Title: vNets with Public IP Range diff --git a/queries/29-azure_insight_storage_account_with_public_blob_access.yaml b/queries/29-azure_insight_storage_account_with_public_blob_access.yaml index cf6cf370f..f802ce460 100755 --- a/queries/29-azure_insight_storage_account_with_public_blob_access.yaml +++ b/queries/29-azure_insight_storage_account_with_public_blob_access.yaml @@ -1,24 +1,18 @@ +Description: List storage accounts that allow blob public access ID: azure_insight_storage_account_with_public_blob_access -Title: "Storage Accounts with Public Internet" -Description: "List storage accounts that allow blob public access" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - allow_blob_public_access, subscription_id, og_account_id, og_resource_id - from - azure_storage_account - where - allow_blob_public_access; - PrimaryTable: azure_storage_account ListOfTables: - azure_storage_account Parameters: [] + PrimaryTable: azure_storage_account + QueryToExecute: "select\n name,\n allow_blob_public_access, subscription_id, og_account_id,\ + \ og_resource_id\nfrom\n azure_storage_account\nwhere\n allow_blob_public_access;" Tags: category: - Security - Technical Debt - Resiliency +Title: Storage Accounts with Public Internet diff --git a/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml b/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml index 7ffbf78ea..6cc4ea362 100755 --- a/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml +++ b/queries/3-aws_insight_lambda_function_with_unsupported_engine.yaml @@ -1,15 +1,21 @@ +Description: List Lambda Functions which are using unsupported engines ID: aws_insight_lambda_function_with_unsupported_engine -Title: "List Lambda Functions with unsupported engines" -Description: "List Lambda Functions which are using unsupported engines" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: select name, runtime, handler, arn, account_id, og_account_id, og_resource_id from aws_lambda_function WHERE (runtime != 'nodejs18.x' AND runtime != 'nodejs16.x' AND runtime != 'nodejs14.x' AND runtime != 'python3.11' AND runtime != 'python3.10' AND runtime != 'python3.9' AND runtime != 'python3.8' AND runtime != 'python3.7' AND runtime != 'java17' AND runtime != 'java11' AND runtime != 'java8.al2' AND runtime != 'java8' AND runtime != 'dotnet7' AND runtime != 'dotnet6' AND runtime != 'go1.x' AND runtime != 'ruby3.2' AND runtime != 'ruby2.7' AND runtime != 'provided.al2' AND runtime != 'provided'); - PrimaryTable: aws_lambda_function ListOfTables: - aws_lambda_function Parameters: [] + PrimaryTable: aws_lambda_function + QueryToExecute: select name, runtime, handler, arn, account_id, og_account_id, og_resource_id + from aws_lambda_function WHERE (runtime != 'nodejs18.x' AND runtime != 'nodejs16.x' + AND runtime != 'nodejs14.x' AND runtime != 'python3.11' AND runtime != 'python3.10' + AND runtime != 'python3.9' AND runtime != 'python3.8' AND runtime != 'python3.7' + AND runtime != 'java17' AND runtime != 'java11' AND runtime != 'java8.al2' AND + runtime != 'java8' AND runtime != 'dotnet7' AND runtime != 'dotnet6' AND runtime + != 'go1.x' AND runtime != 'ruby3.2' AND runtime != 'ruby2.7' AND runtime != 'provided.al2' + AND runtime != 'provided'); Tags: category: - Technical Debt @@ -18,3 +24,4 @@ Tags: - Executive - Product - FinOps +Title: List Lambda Functions with unsupported engines diff --git a/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml b/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml index 186c3254f..333d120f6 100755 --- a/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml +++ b/queries/30-azure_insight_storage_account_with_disabled_encryption_in_transit.yaml @@ -1,24 +1,18 @@ +Description: List storage accounts with encryption in transit disabled ID: azure_insight_storage_account_with_disabled_encryption_in_transit -Title: "Storage Accounts No Unecrypted Transit" -Description: "List storage accounts with encryption in transit disabled" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - enable_https_traffic_only, subscription_id, og_account_id, og_resource_id - from - azure_storage_account - where - not enable_https_traffic_only; - PrimaryTable: azure_storage_account ListOfTables: - azure_storage_account Parameters: [] + PrimaryTable: azure_storage_account + QueryToExecute: "select\n name,\n enable_https_traffic_only, subscription_id,\ + \ og_account_id, og_resource_id\nfrom\n azure_storage_account\nwhere\n not enable_https_traffic_only;" Tags: category: - Security - Technical Debt - Resiliency +Title: Storage Accounts No Unecrypted Transit diff --git a/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml b/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml index b1ad3baa6..641a096a7 100755 --- a/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml +++ b/queries/31-azure_compute_vm_remote_access_restricted_all_ports.yaml @@ -1,48 +1,31 @@ +Description: VMs with restricts remote access from internet ID: azure_insight_compute_vm_remote_access_restricted_all_ports -Title: "VMs with restricts remote access from internet" -Description: "VMs with restricts remote access from internet" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with network_sg as ( - select - distinct name as sg_name, - network_interfaces - from - azure_network_security_group as nsg, - jsonb_array_elements(security_rules) as sg, - jsonb_array_elements_text(sg -> 'properties' -> 'destinationPortRanges' || (sg -> 'properties' -> 'destinationPortRange') :: jsonb) as dport, - jsonb_array_elements_text(sg -> 'properties' -> 'sourceAddressPrefixes' || (sg -> 'properties' -> 'sourceAddressPrefix') :: jsonb) as sip - where - sg -> 'properties' ->> 'access' = 'Allow' - and sg -> 'properties' ->> 'direction' = 'Inbound' - and sg -> 'properties' ->> 'protocol' in ('TCP','*') - and sip in ('*', '0.0.0.0', '0.0.0.0/0', 'Internet', '/0', '/0') - ) - select - vm.vm_id as resource, - vm.subscription_id, vm.og_account_id, vm.og_resource_id, - case - when sg.sg_name is null then 'ok' - else 'alarm' - end as status, - case - when sg.sg_name is null then vm.title || ' restricts remote access from internet.' - else vm.title || ' allows remote access from internet.' - end as reason - - , vm.resource_group as resource_group - , sub.display_name as subscription - from - azure_compute_virtual_machine as vm - left join network_sg as sg on sg.network_interfaces @> vm.network_interfaces - join azure_subscription as sub on sub.subscription_id = vm.subscription_id; - PrimaryTable: azure_compute_disk ListOfTables: - azure_compute_disk Parameters: [] + PrimaryTable: azure_compute_disk + QueryToExecute: "with network_sg as (\n select\n distinct name as sg_name,\n\ + \ network_interfaces\n from\n azure_network_security_group as nsg,\n \ + \ jsonb_array_elements(security_rules) as sg,\n jsonb_array_elements_text(sg\ + \ -> 'properties' -> 'destinationPortRanges' || (sg -> 'properties' -> 'destinationPortRange')\ + \ :: jsonb) as dport,\n jsonb_array_elements_text(sg -> 'properties' -> 'sourceAddressPrefixes'\ + \ || (sg -> 'properties' -> 'sourceAddressPrefix') :: jsonb) as sip\n where\n\ + \ sg -> 'properties' ->> 'access' = 'Allow'\n and sg -> 'properties' ->>\ + \ 'direction' = 'Inbound'\n and sg -> 'properties' ->> 'protocol' in ('TCP','*')\n\ + \ and sip in ('*', '0.0.0.0', '0.0.0.0/0', 'Internet', '/0', '/0')\n)\n\ + select\n vm.vm_id as resource,\n vm.subscription_id, vm.og_account_id, vm.og_resource_id,\n\ + \ case\n when sg.sg_name is null then 'ok'\n else 'alarm'\n end as status,\n\ + \ case\n when sg.sg_name is null then vm.title || ' restricts remote access\ + \ from internet.'\n else vm.title || ' allows remote access from internet.'\n\ + \ end as reason\n \n , vm.resource_group as resource_group\n , sub.display_name\ + \ as subscription\nfrom\n azure_compute_virtual_machine as vm\n left join network_sg\ + \ as sg on sg.network_interfaces @> vm.network_interfaces\n join azure_subscription\ + \ as sub on sub.subscription_id = vm.subscription_id;" Tags: category: - Security +Title: VMs with restricts remote access from internet diff --git a/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml b/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml index 1878a0598..1bea8aad8 100755 --- a/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml +++ b/queries/32-aws_insight_loadbalancer_classic_no_logging.yaml @@ -1,25 +1,20 @@ +Description: List classic Load Balancers without logging ID: aws_insight_loadbalancer_classic_no_logging -Title: "Classic Load Balancers without logging" -Description: "List classic Load Balancers without logging" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_log_enabled, account_id, og_account_id, og_resource_id - from - aws_ec2_classic_load_balancer - where - access_log_enabled = 'false'; - PrimaryTable: aws_ec2_classic_load_balancer ListOfTables: - aws_ec2_classic_load_balancer Parameters: [] + PrimaryTable: aws_ec2_classic_load_balancer + QueryToExecute: "select\n name,\n access_log_enabled, account_id, og_account_id,\ + \ og_resource_id\nfrom\n aws_ec2_classic_load_balancer\nwhere\n access_log_enabled\ + \ = 'false';" Tags: category: - Technical Debt persona: - Security - DevOps +Title: Classic Load Balancers without logging diff --git a/queries/33-aws_insight_loadbalancer_application_no_logging.yaml b/queries/33-aws_insight_loadbalancer_application_no_logging.yaml index 1ef2c4e03..ec54ec6c0 100755 --- a/queries/33-aws_insight_loadbalancer_application_no_logging.yaml +++ b/queries/33-aws_insight_loadbalancer_application_no_logging.yaml @@ -1,28 +1,21 @@ +Description: List application Load Balancers without logging ID: aws_insight_loadbalancer_application_no_logging -Title: "Application Load Balancers without logging" -Description: "List application Load Balancers without logging" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as logging_key, - lb ->> 'Value' as logging_value, account_id, og_account_id, og_resource_id - from - aws_ec2_application_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'access_logs.s3.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: aws_ec2_application_load_balancer ListOfTables: - aws_ec2_application_load_balancer Parameters: [] + PrimaryTable: aws_ec2_application_load_balancer + QueryToExecute: "select\n name,\n lb ->> 'Key' as logging_key,\n lb ->> 'Value'\ + \ as logging_value, account_id, og_account_id, og_resource_id \nfrom\n aws_ec2_application_load_balancer\n\ + \ cross join jsonb_array_elements(load_balancer_attributes) as lb\nwhere\n lb\ + \ ->> 'Key' = 'access_logs.s3.enabled'\n and lb ->> 'Value' = 'false';" Tags: category: - Technical Debt persona: - Security - DevOps +Title: Application Load Balancers without logging diff --git a/queries/34-aws_insight_loadbalancer_network_no_logging.yaml b/queries/34-aws_insight_loadbalancer_network_no_logging.yaml index 860994730..6aeadd53f 100755 --- a/queries/34-aws_insight_loadbalancer_network_no_logging.yaml +++ b/queries/34-aws_insight_loadbalancer_network_no_logging.yaml @@ -1,28 +1,21 @@ +Description: List network Load Balancers without logging ID: aws_insight_loadbalancer_network_no_logging -Title: "Network Load Balancers without logging" -Description: "List network Load Balancers without logging" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as logging_key, - lb ->> 'Value' as logging_value, account_id, og_account_id, og_resource_id - from - aws_ec2_network_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'access_logs.s3.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: aws_ec2_network_load_balancer ListOfTables: - aws_ec2_network_load_balancer Parameters: [] + PrimaryTable: aws_ec2_network_load_balancer + QueryToExecute: "select\n name,\n lb ->> 'Key' as logging_key,\n lb ->> 'Value'\ + \ as logging_value, account_id, og_account_id, og_resource_id\nfrom\n aws_ec2_network_load_balancer\n\ + \ cross join jsonb_array_elements(load_balancer_attributes) as lb\nwhere\n lb\ + \ ->> 'Key' = 'access_logs.s3.enabled'\n and lb ->> 'Value' = 'false';" Tags: category: - Technical Debt persona: - Security - DevOps +Title: Network Load Balancers without logging diff --git a/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml b/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml index 2a88d4d96..9f721a60f 100755 --- a/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml +++ b/queries/35-azure_insight_functionapp_with_unsupported_runtime.yaml @@ -1,63 +1,33 @@ +Description: List Function Apps with unsupported runtime ID: azure_insight_functionapp_with_unsupported_runtime -Title: "Function Apps with unsupported runtime" -Description: "List Function Apps with unsupported runtime" IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - SELECT - id, language_runtime_type, language_runtime_version, subscription_id, og_account_id, og_resource_id - FROM azure_app_service_function_app - WHERE ( - ( - language_runtime_type = 'dotnet' AND ( - language_runtime_version != '6' AND - language_runtime_version != '7' - ) - ) OR ( - language_runtime_type = 'dotnetcore' AND ( - language_runtime_version != 'v4.0' AND - language_runtime_version != 'v6.0' AND - language_runtime_version != 'v7.0' AND - language_runtime_version != '6' AND - language_runtime_version != '7' AND - language_runtime_version != '4' AND - language_runtime_version != '4.8' - ) - ) OR ( - language_runtime_type = 'python' AND ( - language_runtime_version != '3.7' AND - language_runtime_version != '3.8' AND - language_runtime_version != '3.9' AND - language_runtime_version != '3.10' AND - language_runtime_version != '3.11' - ) - ) OR ( - language_runtime_type = 'java' AND ( - language_runtime_version != '8' AND - language_runtime_version != '11' AND - language_runtime_version != '17' - ) - ) OR ( - language_runtime_type = 'powershell' AND ( - language_runtime_version != '7.2' - ) - ) OR ( - language_runtime_type = 'node' AND ( - language_runtime_version != '14' AND - language_runtime_version != '16' AND - language_runtime_version != '18' AND - language_runtime_version != '~14' AND - language_runtime_version != '~16' AND - language_runtime_version != '~18' - ) - ) - ); - PrimaryTable: azure_app_service_function_app ListOfTables: - azure_app_service_function_app Parameters: [] + PrimaryTable: azure_app_service_function_app + QueryToExecute: "SELECT \n id, language_runtime_type, language_runtime_version,\ + \ subscription_id, og_account_id, og_resource_id\nFROM azure_app_service_function_app\n\ + WHERE ( \n (\n language_runtime_type = 'dotnet' AND (\n language_runtime_version\ + \ != '6' AND\n language_runtime_version != '7'\n )\n ) OR (\n language_runtime_type\ + \ = 'dotnetcore' AND (\n language_runtime_version != 'v4.0' AND\n language_runtime_version\ + \ != 'v6.0' AND\n language_runtime_version != 'v7.0' AND\n language_runtime_version\ + \ != '6' AND\n language_runtime_version != '7' AND\n language_runtime_version\ + \ != '4' AND\n language_runtime_version != '4.8'\n )\n ) OR (\n language_runtime_type\ + \ = 'python' AND (\n language_runtime_version != '3.7' AND\n language_runtime_version\ + \ != '3.8' AND\n language_runtime_version != '3.9' AND\n language_runtime_version\ + \ != '3.10' AND\n language_runtime_version != '3.11'\n )\n ) OR (\n \ + \ language_runtime_type = 'java' AND (\n language_runtime_version != '8'\ + \ AND\n language_runtime_version != '11' AND\n language_runtime_version\ + \ != '17'\n )\n ) OR (\n language_runtime_type = 'powershell' AND (\n \ + \ language_runtime_version != '7.2'\n )\n ) OR (\n language_runtime_type\ + \ = 'node' AND (\n language_runtime_version != '14' AND\n language_runtime_version\ + \ != '16' AND\n language_runtime_version != '18' AND\n language_runtime_version\ + \ != '~14' AND\n language_runtime_version != '~16' AND\n language_runtime_version\ + \ != '~18'\n )\n )\n);" Tags: category: - Technical Debt +Title: Function Apps with unsupported runtime diff --git a/queries/36-aws_insight_deprecated_eks.yaml b/queries/36-aws_insight_deprecated_eks.yaml index c803f497a..15eaf51b3 100755 --- a/queries/36-aws_insight_deprecated_eks.yaml +++ b/queries/36-aws_insight_deprecated_eks.yaml @@ -1,15 +1,16 @@ +Description: EKS clusters running anything other than 1.27, 1.26, 1.25, 1.24, 1.23 ID: aws_insight_deprecated_eks -Title: "Deprecated EKS clusters" -Description: "EKS clusters running anything other than 1.27, 1.26, 1.25, 1.24, 1.23" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: SELECT name, arn, version, account_id, og_account_id, og_resource_id FROM aws_eks_cluster WHERE version != '1.27' AND version != '1.26' AND version != '1.25' AND version != '1.24' AND version != '1.23' - PrimaryTable: aws_eks_cluster ListOfTables: - aws_eks_cluster Parameters: [] + PrimaryTable: aws_eks_cluster + QueryToExecute: SELECT name, arn, version, account_id, og_account_id, og_resource_id + FROM aws_eks_cluster WHERE version != '1.27' AND version != '1.26' AND version + != '1.25' AND version != '1.24' AND version != '1.23' Tags: category: - Technical Debt @@ -17,3 +18,4 @@ Tags: - Executive - Product - FinOps +Title: Deprecated EKS clusters diff --git a/queries/37-azure_insight_legacy_application_gateway.yaml b/queries/37-azure_insight_legacy_application_gateway.yaml index 1b009fff4..2e3707248 100755 --- a/queries/37-azure_insight_legacy_application_gateway.yaml +++ b/queries/37-azure_insight_legacy_application_gateway.yaml @@ -1,15 +1,16 @@ +Description: This insight returns all legacy application gateways. ID: azure_insight_legacy_application_gateway -Title: "Legacy Application Gateways" -Description: "This insight returns all legacy application gateways." IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: SELECT name, id, sku->'tier' AS tier, subscription_id, og_account_id, og_resource_id FROM azure_application_gateway WHERE NOT sku IS NULL AND sku->>'tier' = 'Standard_v2'; - PrimaryTable: azure_application_gateway ListOfTables: - azure_application_gateway Parameters: [] + PrimaryTable: azure_application_gateway + QueryToExecute: SELECT name, id, sku->'tier' AS tier, subscription_id, og_account_id, + og_resource_id FROM azure_application_gateway WHERE NOT sku IS NULL AND sku->>'tier' + = 'Standard_v2'; Tags: category: - Technical Debt @@ -17,3 +18,4 @@ Tags: - Executive - Product - FinOps +Title: Legacy Application Gateways diff --git a/queries/38-azure_insight_legacy_virtual_machine.yaml b/queries/38-azure_insight_legacy_virtual_machine.yaml index d521bf1b2..a2e9fc231 100755 --- a/queries/38-azure_insight_legacy_virtual_machine.yaml +++ b/queries/38-azure_insight_legacy_virtual_machine.yaml @@ -1,17 +1,41 @@ +Description: This insight identifies virtual machines that are running on legacy hardware. ID: azure_insight_legacy_virtual_machine -Title: "Legacy Virtual Machine" -Description: "This insight identifies virtual machines that are running on legacy hardware." IntegrationTypeName: -- azure +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - SELECT name, power_state, id, subscription_id, og_account_id, og_resource_id FROM azure_compute_virtual_machine WHERE (size = 'Standard_F1' OR size = 'Standard_F2' OR size = 'Standard_F4' OR size = 'Standard_F8' OR size = 'Standard_F16' OR size = 'Standard_F1s' OR size = 'Standard_F2s' OR size = 'Standard_F4s' OR size = 'Standard_F8s' OR size = 'Standard_F16s' OR size = 'Standard_NV6s_v2' OR size = 'Standard_NV12s_v2' OR size = 'Standard_NV24s_v2' OR size = 'A0\Basic_A0' OR size = 'A1\Basic_A1' OR size = 'A2\Basic_A2' OR size = 'A3\Basic_A3' OR size = 'A4\Basic_A4' OR size = 'Standard_A0' OR size = 'Standard_A1' OR size = 'Standard_A2' OR size = 'Standard_A3' OR size = 'Standard_A4' OR size = 'Standard_A5' OR size = 'Standard_A6' OR size = 'Standard_A7' OR size = 'Standard_A8' OR size = 'Standard_A9' OR size = 'Standard_A10' OR size = 'Standard_A11' OR size = 'Standard_D1' OR size = 'Standard_D2' OR size = 'Standard_D3' OR size = 'Standard_D4' OR size = 'Standard_D11' OR size = 'Standard_D12' OR size = 'Standard_D13' OR size = 'Standard_D14' OR size = 'Standard_DC2s' OR size = 'Standard_DC4s' OR size = 'Standard_DS1' OR size = 'Standard_DS2' OR size = 'Standard_DS3' OR size = 'Standard_DS4' OR size = 'Standard_DS11' OR size = 'Standard_DS12' OR size = 'Standard_DS13' OR size = 'Standard_DS14' OR size = 'Standard_L4s' OR size = 'Standard_L8s' OR size = 'Standard_L16s' OR size = 'Standard_L32s' OR size = 'Standard_GS1' OR size = 'Standard_GS2' OR size = 'Standard_GS3' OR size = 'Standard_GS4' OR size = 'Standard_GS5' OR size = 'Standard_G1' OR size = 'Standard_G2' OR size = 'Standard_G3' OR size = 'Standard_G4' OR size = 'Standard_G5' OR size = 'Standard_NC6' OR size = 'Standard_NC12' OR size = 'Standard_NC24' OR size = 'Standard_NC24r' OR size = 'Standard_NC6s_v2' OR size = 'Standard_NC12s_v2' OR size = 'Standard_NC24s_v2' OR size = 'Standard_NC24rs_v2' OR size = 'Standard_ND6s' OR size = 'Standard_ND12s' OR size = 'Standard_ND24s' OR size = 'Standard_ND24rs') - ; - PrimaryTable: azure_application_gateway ListOfTables: - azure_application_gateway Parameters: [] + PrimaryTable: azure_application_gateway + QueryToExecute: 'SELECT name, power_state, id, subscription_id, og_account_id, og_resource_id + FROM azure_compute_virtual_machine WHERE (size = ''Standard_F1'' OR size = ''Standard_F2'' + OR size = ''Standard_F4'' OR size = ''Standard_F8'' OR size = ''Standard_F16'' + OR size = ''Standard_F1s'' OR size = ''Standard_F2s'' OR size = ''Standard_F4s'' + OR size = ''Standard_F8s'' OR size = ''Standard_F16s'' OR size = ''Standard_NV6s_v2'' + OR size = ''Standard_NV12s_v2'' OR size = ''Standard_NV24s_v2'' OR size = ''A0\Basic_A0'' + OR size = ''A1\Basic_A1'' OR size = ''A2\Basic_A2'' OR size = ''A3\Basic_A3'' + OR size = ''A4\Basic_A4'' OR size = ''Standard_A0'' OR size = ''Standard_A1'' + OR size = ''Standard_A2'' OR size = ''Standard_A3'' OR size = ''Standard_A4'' + OR size = ''Standard_A5'' OR size = ''Standard_A6'' OR size = ''Standard_A7'' + OR size = ''Standard_A8'' OR size = ''Standard_A9'' OR size = ''Standard_A10'' + OR size = ''Standard_A11'' OR size = ''Standard_D1'' OR size = ''Standard_D2'' + OR size = ''Standard_D3'' OR size = ''Standard_D4'' OR size = ''Standard_D11'' + OR size = ''Standard_D12'' OR size = ''Standard_D13'' OR size = ''Standard_D14'' + OR size = ''Standard_DC2s'' OR size = ''Standard_DC4s'' OR size = ''Standard_DS1'' + OR size = ''Standard_DS2'' OR size = ''Standard_DS3'' OR size = ''Standard_DS4'' + OR size = ''Standard_DS11'' OR size = ''Standard_DS12'' OR size = ''Standard_DS13'' + OR size = ''Standard_DS14'' OR size = ''Standard_L4s'' OR size = ''Standard_L8s'' + OR size = ''Standard_L16s'' OR size = ''Standard_L32s'' OR size = ''Standard_GS1'' + OR size = ''Standard_GS2'' OR size = ''Standard_GS3'' OR size = ''Standard_GS4'' + OR size = ''Standard_GS5'' OR size = ''Standard_G1'' OR size = ''Standard_G2'' + OR size = ''Standard_G3'' OR size = ''Standard_G4'' OR size = ''Standard_G5'' + OR size = ''Standard_NC6'' OR size = ''Standard_NC12'' OR size = ''Standard_NC24'' + OR size = ''Standard_NC24r'' OR size = ''Standard_NC6s_v2'' OR size = ''Standard_NC12s_v2'' + OR size = ''Standard_NC24s_v2'' OR size = ''Standard_NC24rs_v2'' OR size = ''Standard_ND6s'' + OR size = ''Standard_ND12s'' OR size = ''Standard_ND24s'' OR size = ''Standard_ND24rs'') + + ;' Tags: category: - Technical Debt @@ -19,3 +43,4 @@ Tags: - Executive - Product - FinOps +Title: Legacy Virtual Machine diff --git a/queries/39-aws_insight_legacy_rds_instances.yaml b/queries/39-aws_insight_legacy_rds_instances.yaml index 46d916137..c691d9fc0 100755 --- a/queries/39-aws_insight_legacy_rds_instances.yaml +++ b/queries/39-aws_insight_legacy_rds_instances.yaml @@ -1,15 +1,15 @@ +Description: RDS instances that are not using the supported instance types ID: aws_insight_legacy_rds_instances -Title: "Legacy RDS Instances" -Description: "RDS instances that are not using the supported instance types" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: SELECT db_instance_identifier, arn, status, class, account_id, og_account_id, og_resource_id FROM aws_rds_db_instance WHERE (class LIKE ANY(ARRAY['db.m1.%','db.m2.%','db.r3.%'])) - PrimaryTable: aws_rds_db_instance ListOfTables: - aws_rds_db_instance Parameters: [] + PrimaryTable: aws_rds_db_instance + QueryToExecute: SELECT db_instance_identifier, arn, status, class, account_id, og_account_id, + og_resource_id FROM aws_rds_db_instance WHERE (class LIKE ANY(ARRAY['db.m1.%','db.m2.%','db.r3.%'])) Tags: category: - Technical Debt @@ -17,3 +17,4 @@ Tags: - Executive - Product - FinOps +Title: Legacy RDS Instances diff --git a/queries/4-aws_insight_ebs_volume_unencrypted.yaml b/queries/4-aws_insight_ebs_volume_unencrypted.yaml index c0d034849..1548d5a18 100755 --- a/queries/4-aws_insight_ebs_volume_unencrypted.yaml +++ b/queries/4-aws_insight_ebs_volume_unencrypted.yaml @@ -1,19 +1,15 @@ +Description: List of unencrypted EBS volumes ID: aws_insight_ebs_volume_unencrypted -Title: "Unencrypted EBS Disks" -Description: "List of unencrypted EBS volumes" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select volume_id, encrypted, account_id, og_account_id, og_resource_id from - aws_ebs_volume - where - not encrypted; - PrimaryTable: aws_ebs_volume ListOfTables: - aws_ebs_volume Parameters: [] + PrimaryTable: aws_ebs_volume + QueryToExecute: "select volume_id, encrypted, account_id, og_account_id, og_resource_id\ + \ from\n aws_ebs_volume\nwhere\n not encrypted;" Tags: category: - Security @@ -22,3 +18,4 @@ Tags: - Security - DevOps - Product +Title: Unencrypted EBS Disks diff --git a/queries/40-aws_insight_accounts_without_cloudtrail.yaml b/queries/40-aws_insight_accounts_without_cloudtrail.yaml index 18a4a0c95..fd209b279 100755 --- a/queries/40-aws_insight_accounts_without_cloudtrail.yaml +++ b/queries/40-aws_insight_accounts_without_cloudtrail.yaml @@ -1,16 +1,17 @@ +Description: AWS Accounts with CloudTrail disabled ID: aws_insight_accounts_without_cloudtrail -Title: "AWS Accounts without CloudTrail" -Description: "AWS Accounts with CloudTrail disabled" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: select id AS account_id, og_id AS og_account_id from og_connections where (connector = 'AWS' AND lifecycle_state = 'onboard' AND id NOT IN (select distinct account_id from aws_cloudtrail_trail)) - PrimaryTable: null ListOfTables: - og_connections - aws_cloudtrail_trail Parameters: [] + PrimaryTable: null + QueryToExecute: select id AS account_id, og_id AS og_account_id from og_connections + where (connector = 'AWS' AND lifecycle_state = 'onboard' AND id NOT IN (select + distinct account_id from aws_cloudtrail_trail)) Tags: category: - Security @@ -19,3 +20,4 @@ Tags: - Security - Executive - Product +Title: AWS Accounts without CloudTrail diff --git a/queries/41-aws_insight_root_login_last_90_days.yaml b/queries/41-aws_insight_root_login_last_90_days.yaml index 76acc3d54..e9fb49814 100755 --- a/queries/41-aws_insight_root_login_last_90_days.yaml +++ b/queries/41-aws_insight_root_login_last_90_days.yaml @@ -1,15 +1,16 @@ +Description: AWS accounts whose root user has logged in within the last 90 days ID: aws_insight_root_login_last_90_days -Title: "AWS accounts with root login in the last 90 days" -Description: "AWS accounts whose root user has logged in within the last 90 days" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: select user_arn, password_last_used, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (user_name = '' AND (current_date - DATE(password_last_used)) > 90) - PrimaryTable: aws_iam_credential_report ListOfTables: - aws_iam_credential_report Parameters: [] + PrimaryTable: aws_iam_credential_report + QueryToExecute: select user_arn, password_last_used, account_id, og_account_id, + og_resource_id from aws_iam_credential_report where (user_name = '' + AND (current_date - DATE(password_last_used)) > 90) Tags: category: - Security @@ -18,3 +19,4 @@ Tags: - Security - Executive - Product +Title: AWS accounts with root login in the last 90 days diff --git a/queries/42-aws_insight_account_with_root_access_key.yaml b/queries/42-aws_insight_account_with_root_access_key.yaml index fac1fbc5c..4249620db 100755 --- a/queries/42-aws_insight_account_with_root_access_key.yaml +++ b/queries/42-aws_insight_account_with_root_access_key.yaml @@ -1,15 +1,16 @@ +Description: AWS Account whose root user has an access key enabled. ID: aws_insight_account_with_root_access_key -Title: "AWS Account with Root Access Key Enabled" -Description: "AWS Account whose root user has an access key enabled." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: select user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (user_name = '' AND (access_key_1_active = true OR access_key_2_active = true)) - PrimaryTable: aws_iam_credential_report ListOfTables: - aws_iam_credential_report Parameters: [] + PrimaryTable: aws_iam_credential_report + QueryToExecute: select user_arn, account_id, og_account_id, og_resource_id from + aws_iam_credential_report where (user_name = '' AND (access_key_1_active + = true OR access_key_2_active = true)) Tags: category: - Security @@ -18,3 +19,4 @@ Tags: - Security - Executive - Product +Title: AWS Account with Root Access Key Enabled diff --git a/queries/43-aws_insight_account_without_root_mfa.yaml b/queries/43-aws_insight_account_without_root_mfa.yaml index 65195d398..ee7f92d61 100755 --- a/queries/43-aws_insight_account_without_root_mfa.yaml +++ b/queries/43-aws_insight_account_without_root_mfa.yaml @@ -1,15 +1,16 @@ +Description: AWS account whose root user does not have MFA enabled. ID: aws_insight_account_without_root_mfa -Title: "AWS Account without Root MFA" -Description: "AWS account whose root user does not have MFA enabled." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: select user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (user_name = '' AND mfa_active = false) - PrimaryTable: aws_iam_credential_report ListOfTables: - aws_iam_credential_report Parameters: [] + PrimaryTable: aws_iam_credential_report + QueryToExecute: select user_arn, account_id, og_account_id, og_resource_id from + aws_iam_credential_report where (user_name = '' AND mfa_active = + false) Tags: category: - Security @@ -18,3 +19,4 @@ Tags: - Security - Executive - Product +Title: AWS Account without Root MFA diff --git a/queries/44-aws_insight_account_with_many_saml_providers.yaml b/queries/44-aws_insight_account_with_many_saml_providers.yaml index 28cd66119..67f2e1fa4 100755 --- a/queries/44-aws_insight_account_with_many_saml_providers.yaml +++ b/queries/44-aws_insight_account_with_many_saml_providers.yaml @@ -1,20 +1,19 @@ +Description: AWS Account with more than 1 SAML provider ID: aws_insight_account_with_many_saml_providers -Title: "AWS Account with many SAML providers" -Description: "AWS Account with more than 1 SAML provider" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - SELECT account_id, og_account_id, CAST(SUM(saml_provider_count) AS INTEGER) AS saml_provider_count FROM ( - SELECT account_id, og_account_id, COUNT(*) as saml_provider_count FROM aws_iam_saml_provider GROUP BY account_id, og_account_id - UNION - SELECT account_id, og_account_id, COUNT(*) as saml_provider_count FROM aws_iam_open_id_connect_provider GROUP BY account_id, og_account_id - ) AS final WHERE saml_provider_count > 1 GROUP BY account_id, og_account_id - PrimaryTable: aws_iam_credential_report ListOfTables: - aws_iam_credential_report Parameters: [] + PrimaryTable: aws_iam_credential_report + QueryToExecute: "SELECT account_id, og_account_id, CAST(SUM(saml_provider_count)\ + \ AS INTEGER) AS saml_provider_count FROM (\n SELECT account_id, og_account_id,\ + \ COUNT(*) as saml_provider_count FROM aws_iam_saml_provider GROUP BY account_id,\ + \ og_account_id\n UNION\n SELECT account_id, og_account_id, COUNT(*) as saml_provider_count\ + \ FROM aws_iam_open_id_connect_provider GROUP BY account_id, og_account_id\n)\ + \ AS final WHERE saml_provider_count > 1 GROUP BY account_id, og_account_id" Tags: category: - Security @@ -23,3 +22,4 @@ Tags: - Security - Executive - Product +Title: AWS Account with many SAML providers diff --git a/queries/45-aws_insight_account_without_mfa.yaml b/queries/45-aws_insight_account_without_mfa.yaml index 0feaac6be..239cd60d9 100755 --- a/queries/45-aws_insight_account_without_mfa.yaml +++ b/queries/45-aws_insight_account_without_mfa.yaml @@ -1,15 +1,15 @@ +Description: AWS accounts without MFA enabled ID: aws_insight_account_without_mfa -Title: "AWS Account without MFA" -Description: "AWS accounts without MFA enabled" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: select account_id, og_account_id from aws_iam_account_summary where account_mfa_enabled = false - PrimaryTable: aws_iam_credential_report ListOfTables: - aws_iam_credential_report Parameters: [] + PrimaryTable: aws_iam_credential_report + QueryToExecute: select account_id, og_account_id from aws_iam_account_summary where + account_mfa_enabled = false Tags: category: - Security @@ -17,3 +17,4 @@ Tags: - DevOps - Security - Executive +Title: AWS Account without MFA diff --git a/queries/46-aws_insight_account_with_key_and_password.yaml b/queries/46-aws_insight_account_with_key_and_password.yaml index 80316bc9d..46eabeaeb 100755 --- a/queries/46-aws_insight_account_with_key_and_password.yaml +++ b/queries/46-aws_insight_account_with_key_and_password.yaml @@ -1,15 +1,16 @@ +Description: AWS accounts with access key and console password both enabled ID: aws_insight_account_with_key_and_password -Title: "AWS Account with Access Key and Console Password" -Description: "AWS accounts with access key and console password both enabled" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: select user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (password_enabled = true AND (access_key_1_active = true OR access_key_2_active = true)) - PrimaryTable: aws_iam_credential_report ListOfTables: - aws_iam_credential_report Parameters: [] + PrimaryTable: aws_iam_credential_report + QueryToExecute: select user_arn, account_id, og_account_id, og_resource_id from + aws_iam_credential_report where (password_enabled = true AND (access_key_1_active + = true OR access_key_2_active = true)) Tags: category: - Security @@ -17,3 +18,4 @@ Tags: - DevOps - Security - Executive +Title: AWS Account with Access Key and Console Password diff --git a/queries/47-aws_insight_account_with_unused_key.yaml b/queries/47-aws_insight_account_with_unused_key.yaml index 744d5ed76..47907a126 100755 --- a/queries/47-aws_insight_account_with_unused_key.yaml +++ b/queries/47-aws_insight_account_with_unused_key.yaml @@ -1,15 +1,19 @@ +Description: This insight returns a list of AWS accounts with unused access keys. ID: aws_insight_account_with_unused_key -Title: "AWS Accounts with Unused Access Keys" -Description: "This insight returns a list of AWS accounts with unused access keys." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: select access_key_1_active, access_key_1_last_used_date, access_key_2_active, access_key_2_last_used_date, user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where ((access_key_1_active = true AND (access_key_1_last_used_date IS NULL OR (current_date - DATE(access_key_1_last_used_date)) > 90)) OR (access_key_2_active = true AND (access_key_2_last_used_date IS NULL OR (current_date - DATE(access_key_2_last_used_date)) > 90))) - PrimaryTable: aws_iam_credential_report ListOfTables: - aws_iam_credential_report Parameters: [] + PrimaryTable: aws_iam_credential_report + QueryToExecute: select access_key_1_active, access_key_1_last_used_date, access_key_2_active, + access_key_2_last_used_date, user_arn, account_id, og_account_id, og_resource_id + from aws_iam_credential_report where ((access_key_1_active = true AND (access_key_1_last_used_date + IS NULL OR (current_date - DATE(access_key_1_last_used_date)) > 90)) OR (access_key_2_active + = true AND (access_key_2_last_used_date IS NULL OR (current_date - DATE(access_key_2_last_used_date)) + > 90))) Tags: category: - Security @@ -17,3 +21,4 @@ Tags: - DevOps - Security - Executive +Title: AWS Accounts with Unused Access Keys diff --git a/queries/48-aws_insight_iam_user_with_old_keys.yaml b/queries/48-aws_insight_iam_user_with_old_keys.yaml index c4fc07690..14cc00acb 100755 --- a/queries/48-aws_insight_iam_user_with_old_keys.yaml +++ b/queries/48-aws_insight_iam_user_with_old_keys.yaml @@ -1,15 +1,19 @@ +Description: IAM users with access keys older than 90 days ID: aws_insight_iam_user_with_old_keys -Title: "IAM Users with old access keys" -Description: "IAM users with access keys older than 90 days" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: select access_key_1_active, access_key_1_last_rotated, access_key_2_active, access_key_2_last_rotated, user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where ((access_key_1_active = true AND (access_key_1_last_rotated IS NULL OR (current_date - DATE(access_key_1_last_rotated)) > 90)) OR (access_key_2_active = true AND (access_key_2_last_rotated IS NULL OR (current_date - DATE(access_key_2_last_rotated)) > 90))) - PrimaryTable: aws_iam_credential_report ListOfTables: - aws_iam_credential_report Parameters: [] + PrimaryTable: aws_iam_credential_report + QueryToExecute: select access_key_1_active, access_key_1_last_rotated, access_key_2_active, + access_key_2_last_rotated, user_arn, account_id, og_account_id, og_resource_id + from aws_iam_credential_report where ((access_key_1_active = true AND (access_key_1_last_rotated + IS NULL OR (current_date - DATE(access_key_1_last_rotated)) > 90)) OR (access_key_2_active + = true AND (access_key_2_last_rotated IS NULL OR (current_date - DATE(access_key_2_last_rotated)) + > 90))) Tags: category: - Security @@ -17,3 +21,4 @@ Tags: - DevOps - Security - Executive +Title: IAM Users with old access keys diff --git a/queries/49-aws_insight_iam_user_with_old_password.yaml b/queries/49-aws_insight_iam_user_with_old_password.yaml index fd22505b1..e5d7e7dad 100755 --- a/queries/49-aws_insight_iam_user_with_old_password.yaml +++ b/queries/49-aws_insight_iam_user_with_old_password.yaml @@ -1,15 +1,17 @@ +Description: IAM users with password older than 90 days ID: aws_insight_iam_user_with_old_password -Title: "IAM Users with old access password" -Description: "IAM users with password older than 90 days" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: select password_enabled, password_last_changed, user_arn, account_id, og_account_id, og_resource_id from aws_iam_credential_report where (password_enabled = true AND (password_last_changed IS NULL OR (current_date - DATE(password_last_changed)) > 90)) - PrimaryTable: aws_iam_credential_report ListOfTables: - aws_iam_credential_report Parameters: [] + PrimaryTable: aws_iam_credential_report + QueryToExecute: select password_enabled, password_last_changed, user_arn, account_id, + og_account_id, og_resource_id from aws_iam_credential_report where (password_enabled + = true AND (password_last_changed IS NULL OR (current_date - DATE(password_last_changed)) + > 90)) Tags: category: - Security @@ -17,3 +19,4 @@ Tags: - DevOps - Security - Executive +Title: IAM Users with old access password diff --git a/queries/5-aws_insight_ebs_volume_unattached.yaml b/queries/5-aws_insight_ebs_volume_unattached.yaml index 054a1959e..6022aebc4 100755 --- a/queries/5-aws_insight_ebs_volume_unattached.yaml +++ b/queries/5-aws_insight_ebs_volume_unattached.yaml @@ -1,21 +1,17 @@ +Description: List of unattached EBS Volumes ID: aws_insight_ebs_volume_unattached -Title: "Unused EBS Disks" -Description: "List of unattached EBS Volumes" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select volume_id, volume_type, account_id, og_account_id, og_resource_id - from - aws_ebs_volume - where - jsonb_array_length(attachments) = 0; - PrimaryTable: aws_ebs_volume ListOfTables: - aws_ebs_volume Parameters: [] + PrimaryTable: aws_ebs_volume + QueryToExecute: "select volume_id, volume_type, account_id, og_account_id, og_resource_id\n\ + from\n aws_ebs_volume\nwhere\n jsonb_array_length(attachments) = 0;" Tags: category: - Technical Debt - Cost Management +Title: Unused EBS Disks diff --git a/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml b/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml index 0ccd737e7..45e61e473 100755 --- a/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml +++ b/queries/6-aws_insight_ec2_instance_of_undesired_type.yaml @@ -1,15 +1,16 @@ +Description: List of Instances which are not of the desired type. ID: aws_insight_ec2_instance_of_undesired_type -Title: "Legacy Instance Types" -Description: "List of Instances which are not of the desired type." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: SELECT instance_id, arn, instance_type, instance_state, account_id, og_account_id, og_resource_id FROM aws_ec2_instance WHERE instance_type LIKE ANY(array['m1.%', 'm2.%', 'm3.%', 'c1.%', 'c3.%', 'g2.%', 'cr1.%', 'r3.%', 'i2.%', 'hs1.%', 't1.%']); - PrimaryTable: aws_ec2_instance ListOfTables: - aws_ec2_instance Parameters: [] + PrimaryTable: aws_ec2_instance + QueryToExecute: SELECT instance_id, arn, instance_type, instance_state, account_id, + og_account_id, og_resource_id FROM aws_ec2_instance WHERE instance_type LIKE ANY(array['m1.%', + 'm2.%', 'm3.%', 'c1.%', 'c3.%', 'g2.%', 'cr1.%', 'r3.%', 'i2.%', 'hs1.%', 't1.%']); Tags: category: - Technical Debt @@ -17,3 +18,4 @@ Tags: - Executive - Product - FinOps +Title: Legacy Instance Types diff --git a/queries/7-aws_insight_iam_user_with_admin_access.yaml b/queries/7-aws_insight_iam_user_with_admin_access.yaml index cb4f2998b..c05b33aa4 100755 --- a/queries/7-aws_insight_iam_user_with_admin_access.yaml +++ b/queries/7-aws_insight_iam_user_with_admin_access.yaml @@ -1,21 +1,18 @@ +Description: List all the users having Administrator access ID: aws_insight_iam_user_with_admin_access -Title: "Admin Users" -Description: "List all the users having Administrator access" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select name as user_name, split_part(attachments, '/', 2) as attached_policies, aws_iam_user.account_id, aws_iam_user.og_account_id, aws_iam_user.og_resource_id - from - aws_iam_user - cross join jsonb_array_elements_text(attached_policy_arns) as attachments - where - split_part(attachments, '/', 2) = 'AdministratorAccess'; - PrimaryTable: aws_iam_user ListOfTables: - aws_iam_user Parameters: [] + PrimaryTable: aws_iam_user + QueryToExecute: "select name as user_name, split_part(attachments, '/', 2) as attached_policies,\ + \ aws_iam_user.account_id, aws_iam_user.og_account_id, aws_iam_user.og_resource_id\n\ + from\n aws_iam_user\n cross join jsonb_array_elements_text(attached_policy_arns)\ + \ as attachments\nwhere\n split_part(attachments, '/', 2) = 'AdministratorAccess';" Tags: category: - Security +Title: Admin Users diff --git a/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml b/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml index 1a8e959a9..2490468f5 100755 --- a/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml +++ b/queries/8-aws_insight_iam_user_with_mfa_disabled.yaml @@ -1,24 +1,17 @@ +Description: List all the users for whom MFA is not enabled ID: aws_insight_iam_user_with_mfa_disabled -Title: "Users with no MFA" -Description: "List all the users for whom MFA is not enabled" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - user_id, - mfa_enabled, account_id, og_account_id, og_resource_id - from - aws_iam_user - where - not mfa_enabled; - PrimaryTable: aws_iam_user ListOfTables: - aws_iam_user Parameters: [] + PrimaryTable: aws_iam_user + QueryToExecute: "select\n name,\n user_id,\n mfa_enabled, account_id, og_account_id,\ + \ og_resource_id\nfrom\n aws_iam_user\nwhere\n not mfa_enabled;" Tags: category: - Security - Technical Debt +Title: Users with no MFA diff --git a/queries/9-aws_insight_iam_user_with_inline_policies.yaml b/queries/9-aws_insight_iam_user_with_inline_policies.yaml index 03664be78..3a01356f1 100755 --- a/queries/9-aws_insight_iam_user_with_inline_policies.yaml +++ b/queries/9-aws_insight_iam_user_with_inline_policies.yaml @@ -1,23 +1,17 @@ +Description: List users that have inline policies ID: aws_insight_iam_user_with_inline_policies -Title: "Users with Inline Policies" -Description: "List users that have inline policies" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as user_name, - inline_policies, account_id, og_account_id, og_resource_id - from - aws_iam_user - where - inline_policies is not null; - PrimaryTable: aws_iam_user ListOfTables: - aws_iam_user Parameters: [] + PrimaryTable: aws_iam_user + QueryToExecute: "select\n name as user_name,\n inline_policies, account_id, og_account_id,\ + \ og_resource_id\nfrom\n aws_iam_user\nwhere\n inline_policies is not null;" Tags: category: - Security - Technical Debt +Title: Users with Inline Policies diff --git a/queries/ai_workload.yaml b/queries/ai_workload.yaml index 54de37b4c..bfd3fc85a 100755 --- a/queries/ai_workload.yaml +++ b/queries/ai_workload.yaml @@ -1,41 +1,30 @@ +Description: AI Workload ID: ai_workload -Title: "AI Workload" -Description: "AI Workload" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('microsoft.cognitiveservices/accounts') - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n case\n when resource_type like 'aws::%' then 'AWS'\n\ + \ else 'Azure'\n end as provider, \n c.name as cloud_account_name, \n c.id\ + \ as _discovered_provider_id,\n r.name as name, \n r.region as location, \n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered\nfrom\ + \ \n og_resources r inner join og_connections c on r.connection_id = c.og_id\n\ + where \n resource_type IN ('microsoft.cognitiveservices/accounts')" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws - azure cloud_service: - Cognitive Services platform_queries_bookmark: - - "true" + - 'true' +Title: AI Workload diff --git a/queries/autoscaling_workload.yaml b/queries/autoscaling_workload.yaml index 3ffefbd6f..59c1a1200 100755 --- a/queries/autoscaling_workload.yaml +++ b/queries/autoscaling_workload.yaml @@ -1,39 +1,29 @@ +Description: List All Autoscaling Groups and VM Scale Sets ID: autoscaling_workload -Title: "List All Autoscaling Groups and VM Scale Sets" -Description: "List All Autoscaling Groups and VM Scale Sets" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::autoscaling::autoscalinggroup', 'microsoft.compute/virtualmachinescalesets') - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n case\n when resource_type like 'aws::%' then 'AWS'\n\ + \ else 'Azure'\n end as provider, \n c.name as cloud_account_name, \n c.id\ + \ as _discovered_provider_id,\n r.name as name, \n r.region as location, \n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered\nfrom\ + \ \n og_resources r inner join og_connections c on r.connection_id = c.og_id\n\ + where \n resource_type IN ('aws::autoscaling::autoscalinggroup', 'microsoft.compute/virtualmachinescalesets')\ + \ " Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws - azure cloud_service: - Auto Scaling and VM Scale Set +Title: List All Autoscaling Groups and VM Scale Sets diff --git a/queries/aws_accessanalyzer_analyzer_1.yaml b/queries/aws_accessanalyzer_analyzer_1.yaml index 572e1114b..c8ded3b38 100755 --- a/queries/aws_accessanalyzer_analyzer_1.yaml +++ b/queries/aws_accessanalyzer_analyzer_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve + information about analyzers. ID: aws_accessanalyzer_analyzer_1 -Title: "List all AWS Access Analyzer Information" -Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - last_resource_analyzed, - last_resource_analyzed_at, - status, - type - from - aws_accessanalyzer_analyzer; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n last_resource_analyzed,\n last_resource_analyzed_at,\n\ + \ status,\n type\nfrom\n aws_accessanalyzer_analyzer;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Access Analyzer +Title: List all AWS Access Analyzer Information diff --git a/queries/aws_accessanalyzer_analyzer_2.yaml b/queries/aws_accessanalyzer_analyzer_2.yaml index 8471ade2e..106858aa8 100755 --- a/queries/aws_accessanalyzer_analyzer_2.yaml +++ b/queries/aws_accessanalyzer_analyzer_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve + information about analyzers. ID: aws_accessanalyzer_analyzer_2 -Title: "Find AWS IAM Access Analyzer Analyzers Information" -Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - status - last_resource_analyzed, - last_resource_analyzed_at, - tags - from - aws_accessanalyzer_analyzer - where - status = 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n status\n last_resource_analyzed,\n last_resource_analyzed_at,\n\ + \ tags\nfrom\n aws_accessanalyzer_analyzer\nwhere\n status = 'ACTIVE';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Access Analyzer +Title: Find AWS IAM Access Analyzer Analyzers Information diff --git a/queries/aws_accessanalyzer_analyzer_3.yaml b/queries/aws_accessanalyzer_analyzer_3.yaml index 73de95e2f..41a021fa5 100755 --- a/queries/aws_accessanalyzer_analyzer_3.yaml +++ b/queries/aws_accessanalyzer_analyzer_3.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve + information about analyzers. ID: aws_accessanalyzer_analyzer_3 -Title: "Find AWS IAM Access Analyzer Details" -Description: "Allows users to query Access Analyzer Analyzer in AWS IAM to retrieve information about analyzers." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - status, - type, - last_resource_analyzed - from - aws_accessanalyzer_analyzer - where - status = 'ACTIVE' - and findings is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n status,\n type,\n last_resource_analyzed\n\ + from\n aws_accessanalyzer_analyzer\nwhere\n status = 'ACTIVE'\n and findings\ + \ is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Access Analyzer +Title: Find AWS IAM Access Analyzer Details diff --git a/queries/aws_accessanalyzer_finding_1.yaml b/queries/aws_accessanalyzer_finding_1.yaml index 97b03183a..b7d086c89 100755 --- a/queries/aws_accessanalyzer_finding_1.yaml +++ b/queries/aws_accessanalyzer_finding_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query Access Analyzer findings in AWS IAM to retrieve + detailed information about potential security risks. ID: aws_accessanalyzer_finding_1 -Title: "Find AWS IAM Access Analyzer Findings for Security Risks" -Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - access_analyzer_arn, - analyzed_at, - resource_type, - status, - is_public - from - aws_accessanalyzer_finding; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n access_analyzer_arn,\n analyzed_at,\n resource_type,\n\ + \ status,\n is_public\nfrom\n aws_accessanalyzer_finding;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Access Analyzer +Title: Find AWS IAM Access Analyzer Findings for Security Risks diff --git a/queries/aws_accessanalyzer_finding_2.yaml b/queries/aws_accessanalyzer_finding_2.yaml index fef267c8b..be611ceee 100755 --- a/queries/aws_accessanalyzer_finding_2.yaml +++ b/queries/aws_accessanalyzer_finding_2.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query Access Analyzer findings in AWS IAM to retrieve + detailed information about potential security risks. ID: aws_accessanalyzer_finding_2 -Title: "Find all AWS IAM Access Analyzer public findings" -Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - resource_type, - access_analyzer_arn, - status, - is_public - from - aws_accessanalyzer_finding - where - is_public = true; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n resource_type,\n access_analyzer_arn,\n status,\n\ + \ is_public\nfrom\n aws_accessanalyzer_finding\nwhere\n is_public = true;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Access Analyzer +Title: Find all AWS IAM Access Analyzer public findings diff --git a/queries/aws_accessanalyzer_finding_3.yaml b/queries/aws_accessanalyzer_finding_3.yaml index d6b4de292..b2277f463 100755 --- a/queries/aws_accessanalyzer_finding_3.yaml +++ b/queries/aws_accessanalyzer_finding_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query Access Analyzer findings in AWS IAM to retrieve + detailed information about potential security risks. ID: aws_accessanalyzer_finding_3 -Title: "List AWS Access Analyzer Findings Security Risks" -Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_type, - count(*) as findings_count - from - aws_accessanalyzer_finding - group by - resource_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_type,\n count(*) as findings_count\nfrom\n\ + \ aws_accessanalyzer_finding\ngroup by\n resource_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Access Analyzer +Title: List AWS Access Analyzer Findings Security Risks diff --git a/queries/aws_accessanalyzer_finding_4.yaml b/queries/aws_accessanalyzer_finding_4.yaml index 896623b5e..76612fed9 100755 --- a/queries/aws_accessanalyzer_finding_4.yaml +++ b/queries/aws_accessanalyzer_finding_4.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query Access Analyzer findings in AWS IAM to retrieve + detailed information about potential security risks. ID: aws_accessanalyzer_finding_4 -Title: "Find AWS Access Analyzer Findings in Last 30 Days" -Description: "Allows users to query Access Analyzer findings in AWS IAM to retrieve detailed information about potential security risks." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - resource, - status, - analyzed_at - from - aws_accessanalyzer_finding - where - analyzed_at > current_date - interval '30 days'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n resource,\n status,\n analyzed_at\nfrom\n aws_accessanalyzer_finding\n\ + where\n analyzed_at > current_date - interval '30 days';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Access Analyzer +Title: Find AWS Access Analyzer Findings in Last 30 Days diff --git a/queries/aws_account_1.yaml b/queries/aws_account_1.yaml index 8fa3d7011..932e7bc74 100755 --- a/queries/aws_account_1.yaml +++ b/queries/aws_account_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Account information, including details about + the account''s status, owner, and associated resources. ID: aws_account_1 -Title: "List all AWS Account Details with Status and Owner" -Description: "Allows users to query AWS Account information, including details about the account''s status, owner, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - alias, - arn, - organization_id, - organization_master_account_email, - organization_master_account_id - from - aws_account - cross join jsonb_array_elements(account_aliases) as alias; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n alias,\n arn,\n organization_id,\n organization_master_account_email,\n\ + \ organization_master_account_id\nfrom\n aws_account\n cross join jsonb_array_elements(account_aliases)\ + \ as alias;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Account +Title: List all AWS Account Details with Status and Owner diff --git a/queries/aws_account_2.yaml b/queries/aws_account_2.yaml index 89e6cb185..6a6b71625 100755 --- a/queries/aws_account_2.yaml +++ b/queries/aws_account_2.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Account information, including details about + the account''s status, owner, and associated resources. ID: aws_account_2 -Title: "Find AWS Account Information and Associated Resources" -Description: "Allows users to query AWS Account information, including details about the account''s status, owner, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - organization_id, - policy ->> 'Type' as policy_type, - policy ->> 'Status' as policy_status - from - aws_account - cross join jsonb_array_elements(organization_available_policy_types) as policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n organization_id,\n policy ->> 'Type' as policy_type,\n\ + \ policy ->> 'Status' as policy_status\nfrom\n aws_account\n cross join jsonb_array_elements(organization_available_policy_types)\ + \ as policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Account +Title: Find AWS Account Information and Associated Resources diff --git a/queries/aws_account_alternate_contact_1.yaml b/queries/aws_account_alternate_contact_1.yaml index 991d4d87a..8fee40b66 100755 --- a/queries/aws_account_alternate_contact_1.yaml +++ b/queries/aws_account_alternate_contact_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Account Alternate Contact to fetch details + about the alternate contacts associated with an AWS account. ID: aws_account_alternate_contact_1 -Title: "Find AWS Account Alternate Contact Details" -Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - linked_account_id, - contact_type, - email_address, - phone_number, - contact_title - from - aws_account_alternate_contact; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n linked_account_id,\n contact_type,\n email_address,\n\ + \ phone_number,\n contact_title\nfrom\n aws_account_alternate_contact;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Account +Title: Find AWS Account Alternate Contact Details diff --git a/queries/aws_account_alternate_contact_2.yaml b/queries/aws_account_alternate_contact_2.yaml index 23938c17e..8560c6a2a 100755 --- a/queries/aws_account_alternate_contact_2.yaml +++ b/queries/aws_account_alternate_contact_2.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Account Alternate Contact to fetch details + about the alternate contacts associated with an AWS account. ID: aws_account_alternate_contact_2 -Title: "Find AWS Account Alternate Contact Details" -Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - linked_account_id, - contact_type, - email_address, - phone_number, - contact_title - from - aws_account_alternate_contact - where - contact_type = 'BILLING'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n linked_account_id,\n contact_type,\n email_address,\n\ + \ phone_number,\n contact_title\nfrom\n aws_account_alternate_contact\nwhere\n\ + \ contact_type = 'BILLING';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Account +Title: Find AWS Account Alternate Contact Details diff --git a/queries/aws_account_alternate_contact_3.yaml b/queries/aws_account_alternate_contact_3.yaml index e591b4aea..da75fec51 100755 --- a/queries/aws_account_alternate_contact_3.yaml +++ b/queries/aws_account_alternate_contact_3.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Account Alternate Contact to fetch details + about the alternate contacts associated with an AWS account. ID: aws_account_alternate_contact_3 -Title: "Find AWS Account Alternate Contact Details" -Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - linked_account_id, - contact_type, - email_address, - phone_number, - contact_title - from - aws_account_alternate_contact - where - linked_account_id = '123456789012'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n linked_account_id,\n contact_type,\n email_address,\n\ + \ phone_number,\n contact_title\nfrom\n aws_account_alternate_contact\nwhere\n\ + \ linked_account_id = '123456789012';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Account Management +Title: Find AWS Account Alternate Contact Details diff --git a/queries/aws_account_alternate_contact_4.yaml b/queries/aws_account_alternate_contact_4.yaml index 5216759f1..ba9c59893 100755 --- a/queries/aws_account_alternate_contact_4.yaml +++ b/queries/aws_account_alternate_contact_4.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Account Alternate Contact to fetch details + about the alternate contacts associated with an AWS account. ID: aws_account_alternate_contact_4 -Title: "Find all AWS Account Alternate Contacts using SQL" -Description: "Allows users to query AWS Account Alternate Contact to fetch details about the alternate contacts associated with an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - linked_account_id, - contact_type, - email_address, - phone_number, - contact_title - from - aws_account_alternate_contact - where - linked_account_id = '123456789012' - and contact_type = 'SECURITY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n linked_account_id,\n contact_type,\n email_address,\n\ + \ phone_number,\n contact_title\nfrom\n aws_account_alternate_contact\nwhere\n\ + \ linked_account_id = '123456789012'\n and contact_type = 'SECURITY';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Account Management +Title: Find all AWS Account Alternate Contacts using SQL diff --git a/queries/aws_account_contact_1.yaml b/queries/aws_account_contact_1.yaml index 3b8d4b5f1..90459d6c6 100755 --- a/queries/aws_account_contact_1.yaml +++ b/queries/aws_account_contact_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Account Contact details, including email, mobile, + and address information associated with an AWS account. ID: aws_account_contact_1 -Title: "List AWS Account Contact Details using SQL" -Description: "Allows users to query AWS Account Contact details, including email, mobile, and address information associated with an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - full_name, - company_name, - city, - phone_number, - postal_code, - state_or_region, - website_url - from - aws_account_contact; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n full_name,\n company_name,\n city,\n phone_number,\n\ + \ postal_code,\n state_or_region,\n website_url\nfrom\n aws_account_contact;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Account Contact +Title: List AWS Account Contact Details using SQL diff --git a/queries/aws_account_contact_2.yaml b/queries/aws_account_contact_2.yaml index f9786b3f1..b8c121abe 100755 --- a/queries/aws_account_contact_2.yaml +++ b/queries/aws_account_contact_2.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS Account Contact details, including email, mobile, + and address information associated with an AWS account. ID: aws_account_contact_2 -Title: "Find AWS Account Contact details using SQL" -Description: "Allows users to query AWS Account Contact details, including email, mobile, and address information associated with an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - full_name, - company_name, - city, - phone_number, - postal_code, - state_or_region, - website_url - from - aws_account_contact - where - linked_account_id = '123456789012'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n full_name,\n company_name,\n city,\n phone_number,\n\ + \ postal_code,\n state_or_region,\n website_url\nfrom\n aws_account_contact\n\ + where\n linked_account_id = '123456789012';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Account Contact +Title: Find AWS Account Contact details using SQL diff --git a/queries/aws_acm_certificate_1.yaml b/queries/aws_acm_certificate_1.yaml index 2b27ebef2..5a8890546 100755 --- a/queries/aws_acm_certificate_1.yaml +++ b/queries/aws_acm_certificate_1.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Certificate Manager certificates. This table + provides information about each certificate, including the domain name, status, + issuer, and more. It can be used to monitor certificate details, validity, and expiration + data. ID: aws_acm_certificate_1 -Title: "Find AWS ACM Certificates and Their Details" -Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_arn, - domain_name, - failure_reason, - in_use_by, - status, - key_algorithm - from - aws_acm_certificate; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n certificate_arn,\n domain_name,\n failure_reason,\n\ + \ in_use_by,\n status,\n key_algorithm\nfrom\n aws_acm_certificate;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Certificate Manager +Title: Find AWS ACM Certificates and Their Details diff --git a/queries/aws_acm_certificate_2.yaml b/queries/aws_acm_certificate_2.yaml index 190ee9a5e..1ce593144 100755 --- a/queries/aws_acm_certificate_2.yaml +++ b/queries/aws_acm_certificate_2.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS Certificate Manager certificates. This table + provides information about each certificate, including the domain name, status, + issuer, and more. It can be used to monitor certificate details, validity, and expiration + data. ID: aws_acm_certificate_2 -Title: "List all AWS Certificate Manager certificates status" -Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_arn, - domain_name, - status - from - aws_acm_certificate - where - status = 'EXPIRED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n certificate_arn,\n domain_name,\n status\nfrom\n aws_acm_certificate\n\ + where\n status = 'EXPIRED';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Certificate Manager +Title: List all AWS Certificate Manager certificates status diff --git a/queries/aws_acm_certificate_3.yaml b/queries/aws_acm_certificate_3.yaml index c6070c6e6..a7ffc36d9 100755 --- a/queries/aws_acm_certificate_3.yaml +++ b/queries/aws_acm_certificate_3.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Certificate Manager certificates. This table + provides information about each certificate, including the domain name, status, + issuer, and more. It can be used to monitor certificate details, validity, and expiration + data. ID: aws_acm_certificate_3 -Title: "Find all AWS Certificate Manager certificates details" -Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_arn, - domain_name, - status - from - aws_acm_certificate - where - certificate_transparency_logging_preference <> 'ENABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n certificate_arn,\n domain_name,\n status\nfrom\n aws_acm_certificate\n\ + where\n certificate_transparency_logging_preference <> 'ENABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Certificate Manager +Title: Find all AWS Certificate Manager certificates details diff --git a/queries/aws_acm_certificate_4.yaml b/queries/aws_acm_certificate_4.yaml index ecf631c18..4377336c4 100755 --- a/queries/aws_acm_certificate_4.yaml +++ b/queries/aws_acm_certificate_4.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query AWS Certificate Manager certificates. This table + provides information about each certificate, including the domain name, status, + issuer, and more. It can be used to monitor certificate details, validity, and expiration + data. ID: aws_acm_certificate_4 -Title: "List all AWS Certificate Manager certificates with SQL" -Description: "Allows users to query AWS Certificate Manager certificates. This table provides information about each certificate, including the domain name, status, issuer, and more. It can be used to monitor certificate details, validity, and expiration data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_arn, - tags - from - aws_acm_certificate - where - not tags :: JSONB ? 'application'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n certificate_arn,\n tags\nfrom\n aws_acm_certificate\n\ + where\n not tags :: JSONB ? 'application';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Certificate Manager +Title: List all AWS Certificate Manager certificates with SQL diff --git a/queries/aws_acmpca_certificate_authority_1.yaml b/queries/aws_acmpca_certificate_authority_1.yaml index 52fb137a2..07785d995 100755 --- a/queries/aws_acmpca_certificate_authority_1.yaml +++ b/queries/aws_acmpca_certificate_authority_1.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS ACM PCA Certificate Authorities. It can be + used to monitor certificate authorities details, validity, usage mode and expiration + data. ID: aws_acmpca_certificate_authority_1 -Title: "List all AWS ACM PCA Certificate Authorities details" -Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - status, - created_at, - not_before, - not_after, - key_storage_security_standard, - failure_reason - from - aws_acmpca_certificate_authority; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n status,\n created_at,\n not_before,\n not_after,\n\ + \ key_storage_security_standard,\n failure_reason\nfrom\n aws_acmpca_certificate_authority;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ACM PCA +Title: List all AWS ACM PCA Certificate Authorities details diff --git a/queries/aws_acmpca_certificate_authority_2.yaml b/queries/aws_acmpca_certificate_authority_2.yaml index f5b9fb9f9..1b7d6c767 100755 --- a/queries/aws_acmpca_certificate_authority_2.yaml +++ b/queries/aws_acmpca_certificate_authority_2.yaml @@ -1,36 +1,32 @@ +Description: Allows users to query AWS ACM PCA Certificate Authorities. It can be + used to monitor certificate authorities details, validity, usage mode and expiration + data. ID: aws_acmpca_certificate_authority_2 -Title: "List all AWS ACM PCA Certificate Authority Details" -Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - status, - key_storage_security_standard - from - aws_acmpca_certificate_authority - where - key_storage_security_standard = 'FIPS_140_2_LEVEL_3_OR_HIGHER'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n status,\n key_storage_security_standard\nfrom\n\ + \ aws_acmpca_certificate_authority\nwhere\n key_storage_security_standard =\ + \ 'FIPS_140_2_LEVEL_3_OR_HIGHER';" Tags: cloud_asset_management: - - "false" + - 'false' cloud_data_security: - - "false" + - 'false' cloud_finops: - - "false" + - 'false' cloud_identity_security: - - "true" + - 'true' cloud_network_security: - - "false" + - 'false' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ACM PCA +Title: List all AWS ACM PCA Certificate Authority Details diff --git a/queries/aws_acmpca_certificate_authority_3.yaml b/queries/aws_acmpca_certificate_authority_3.yaml index 482330d3a..1901f150c 100755 --- a/queries/aws_acmpca_certificate_authority_3.yaml +++ b/queries/aws_acmpca_certificate_authority_3.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS ACM PCA Certificate Authorities. It can be + used to monitor certificate authorities details, validity, usage mode and expiration + data. ID: aws_acmpca_certificate_authority_3 -Title: "List all AWS ACM PCA Certificate Authorities details and status" -Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - status, - created_at, - last_state_change_at - from - aws_acmpca_certificate_authority - where - status = 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n status,\n created_at,\n last_state_change_at\n\ + from\n aws_acmpca_certificate_authority\nwhere\n status = 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ACM PCA +Title: List all AWS ACM PCA Certificate Authorities details and status diff --git a/queries/aws_acmpca_certificate_authority_4.yaml b/queries/aws_acmpca_certificate_authority_4.yaml index 517b39741..11d3f9c46 100755 --- a/queries/aws_acmpca_certificate_authority_4.yaml +++ b/queries/aws_acmpca_certificate_authority_4.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query AWS ACM PCA Certificate Authorities. It can be + used to monitor certificate authorities details, validity, usage mode and expiration + data. ID: aws_acmpca_certificate_authority_4 -Title: "List all AWS ACM PCA Certificate Authorities details" -Description: "Allows users to query AWS ACM PCA Certificate Authorities. It can be used to monitor certificate authorities details, validity, usage mode and expiration data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - tags - from - aws_acmpca_certificate_authority - where - (tags ->> 'Project') = 'MyProject'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n tags\nfrom\n aws_acmpca_certificate_authority\n\ + where\n (tags ->> 'Project') = 'MyProject';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ACM PCA +Title: List all AWS ACM PCA Certificate Authorities details diff --git a/queries/aws_amplify_app_1.yaml b/queries/aws_amplify_app_1.yaml index 84ea802ef..5c16ef6ac 100755 --- a/queries/aws_amplify_app_1.yaml +++ b/queries/aws_amplify_app_1.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Amplify Apps to retrieve detailed information + about each application, including its name, ARN, creation date, default domain, + and more. ID: aws_amplify_app_1 -Title: "Find all detailed information about AWS Amplify Apps" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - app_id, - name, - description, - arn, - platform, - create_time, - build_spec - from - aws_amplify_app; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n app_id,\n name,\n description,\n arn,\n platform,\n\ + \ create_time,\n build_spec\nfrom\n aws_amplify_app;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Amplify +Title: Find all detailed information about AWS Amplify Apps diff --git a/queries/aws_amplify_app_2.yaml b/queries/aws_amplify_app_2.yaml index 0acad92c1..274bb65de 100755 --- a/queries/aws_amplify_app_2.yaml +++ b/queries/aws_amplify_app_2.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Amplify Apps to retrieve detailed information + about each application, including its name, ARN, creation date, default domain, + and more. ID: aws_amplify_app_2 -Title: "List AWS Amplify Apps with Details Including Creation Date" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - app_id, - create_time - from - aws_amplify_app - where - create_time >= (now() - interval '90' day) - order by - create_time; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n app_id,\n create_time\nfrom\n aws_amplify_app\n\ + where\n create_time >= (now() - interval '90' day)\norder by\n create_time;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Amplify +Title: List AWS Amplify Apps with Details Including Creation Date diff --git a/queries/aws_amplify_app_3.yaml b/queries/aws_amplify_app_3.yaml index 779a9e5a8..bc65cd00c 100755 --- a/queries/aws_amplify_app_3.yaml +++ b/queries/aws_amplify_app_3.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Amplify Apps to retrieve detailed information + about each application, including its name, ARN, creation date, default domain, + and more. ID: aws_amplify_app_3 -Title: "List all AWS Amplify Apps with Recent Update Time" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - app_id, - update_time - from - aws_amplify_app - where - update_time >= (now() - interval '1' hour) - order by - update_time; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n app_id,\n update_time\nfrom\n aws_amplify_app\n\ + where\n update_time >= (now() - interval '1' hour)\norder by\n update_time;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amplify +Title: List all AWS Amplify Apps with Recent Update Time diff --git a/queries/aws_amplify_app_4.yaml b/queries/aws_amplify_app_4.yaml index f5bafa84a..5b29d506d 100755 --- a/queries/aws_amplify_app_4.yaml +++ b/queries/aws_amplify_app_4.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS Amplify Apps to retrieve detailed information + about each application, including its name, ARN, creation date, default domain, + and more. ID: aws_amplify_app_4 -Title: "Find AWS Amplify Apps with Branch Details" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - production_branch ->> 'BranchName' as branch_name, - production_branch ->> 'LastDeployTime' as last_deploy_time, - production_branch ->> 'Status' as status - from - aws_amplify_app - where - name = 'amplify_app_name'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n production_branch ->> 'BranchName' as branch_name,\n\ + \ production_branch ->> 'LastDeployTime' as last_deploy_time,\n production_branch\ + \ ->> 'Status' as status\nfrom\n aws_amplify_app\nwhere\n name = 'amplify_app_name';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amplify +Title: Find AWS Amplify Apps with Branch Details diff --git a/queries/aws_amplify_app_5.yaml b/queries/aws_amplify_app_5.yaml index 0526079b5..d8833c212 100755 --- a/queries/aws_amplify_app_5.yaml +++ b/queries/aws_amplify_app_5.yaml @@ -1,31 +1,25 @@ +Description: Allows users to query AWS Amplify Apps to retrieve detailed information + about each application, including its name, ARN, creation date, default domain, + and more. ID: aws_amplify_app_5 -Title: "List all AWS Amplify Apps with Detailed Information" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - app_id, - build_spec ->> 'backend' as build_backend_spec, - build_spec ->> 'frontend' as build_frontend_spec, - build_spec ->> 'test' as build_test_spec, - build_spec ->> 'env' as build_env_settings - from - aws_amplify_app - where - name = 'amplify_app_name'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n app_id,\n build_spec ->> 'backend' as build_backend_spec,\n\ + \ build_spec ->> 'frontend' as build_frontend_spec,\n build_spec ->> 'test'\ + \ as build_test_spec,\n build_spec ->> 'env' as build_env_settings\nfrom\n aws_amplify_app\n\ + where\n name = 'amplify_app_name';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amplify +Title: List all AWS Amplify Apps with Detailed Information diff --git a/queries/aws_amplify_app_6.yaml b/queries/aws_amplify_app_6.yaml index 6ac185c5e..a8da230b4 100755 --- a/queries/aws_amplify_app_6.yaml +++ b/queries/aws_amplify_app_6.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Amplify Apps to retrieve detailed information + about each application, including its name, ARN, creation date, default domain, + and more. ID: aws_amplify_app_6 -Title: "Find AWS Amplify Apps with Detailed Information" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - redirects_array ->> 'Condition' as country_code, - redirects_array ->> 'Source' as source_address, - redirects_array ->> 'Status' as redirect_type, - redirects_array ->> 'Target' as destination_address - from - aws_amplify_app, - jsonb_array_elements(custom_rules) as redirects_array - where - redirects_array ->> 'Status' = '200' - and name = 'amplify_app_name'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n redirects_array ->> 'Condition' as country_code,\n\ + \ redirects_array ->> 'Source' as source_address,\n redirects_array ->> 'Status'\ + \ as redirect_type,\n redirects_array ->> 'Target' as destination_address\nfrom\n\ + \ aws_amplify_app,\n jsonb_array_elements(custom_rules) as redirects_array\n\ + where\n redirects_array ->> 'Status' = '200'\n and name = 'amplify_app_name';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amplify +Title: Find AWS Amplify Apps with Detailed Information diff --git a/queries/aws_amplify_app_7.yaml b/queries/aws_amplify_app_7.yaml index 765e3f22a..262ebdbbb 100755 --- a/queries/aws_amplify_app_7.yaml +++ b/queries/aws_amplify_app_7.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Amplify Apps to retrieve detailed information + about each application, including its name, ARN, creation date, default domain, + and more. ID: aws_amplify_app_7 -Title: "List all AWS Amplify Apps with Auto Build enabled" -Description: "Allows users to query AWS Amplify Apps to retrieve detailed information about each application, including its name, ARN, creation date, default domain, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - app_id, - name, - description, - arn - from - aws_amplify_app - where - enable_branch_auto_build = true; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n app_id,\n name,\n description,\n arn\nfrom\n aws_amplify_app\n\ + where\n enable_branch_auto_build = true;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amplify +Title: List all AWS Amplify Apps with Auto Build enabled diff --git a/queries/aws_api_gateway_api_key_1.yaml b/queries/aws_api_gateway_api_key_1.yaml index 386771f2c..95eb43699 100755 --- a/queries/aws_api_gateway_api_key_1.yaml +++ b/queries/aws_api_gateway_api_key_1.yaml @@ -1,30 +1,27 @@ +Description: Allows users to query API Keys in AWS API Gateway. The `aws_api_gateway_api_key` + table in Steampipe provides information about API Keys within AWS API Gateway. This + table allows DevOps engineers to query API Key-specific details, including its ID, + value, enabled status, and associated metadata. Users can utilize this table to + gather insights on API Keys, such as keys that are enabled, keys associated with + specific stages, and more. The schema outlines the various attributes of the API + Key, including the key ID, creation date, enabled status, and associated tags. ID: aws_api_gateway_api_key_1 -Title: "List All API Keys Details in AWS API Gateway" -Description: "Allows users to query API Keys in AWS API Gateway. The `aws_api_gateway_api_key` table in Steampipe provides information about API Keys within AWS API Gateway. This table allows DevOps engineers to query API Key-specific details, including its ID, value, enabled status, and associated metadata. Users can utilize this table to gather insights on API Keys, such as keys that are enabled, keys associated with specific stages, and more. The schema outlines the various attributes of the API Key, including the key ID, creation date, enabled status, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - enabled, - created_date, - last_updated_date, - customer_id, - stage_keys - from - aws_api_gateway_api_key; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n enabled,\n created_date,\n last_updated_date,\n\ + \ customer_id,\n stage_keys\nfrom\n aws_api_gateway_api_key;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List All API Keys Details in AWS API Gateway diff --git a/queries/aws_api_gateway_api_key_2.yaml b/queries/aws_api_gateway_api_key_2.yaml index 3c4662b77..0fbc1b30f 100755 --- a/queries/aws_api_gateway_api_key_2.yaml +++ b/queries/aws_api_gateway_api_key_2.yaml @@ -1,28 +1,27 @@ +Description: Allows users to query API Keys in AWS API Gateway. The `aws_api_gateway_api_key` + table in Steampipe provides information about API Keys within AWS API Gateway. This + table allows DevOps engineers to query API Key-specific details, including its ID, + value, enabled status, and associated metadata. Users can utilize this table to + gather insights on API Keys, such as keys that are enabled, keys associated with + specific stages, and more. The schema outlines the various attributes of the API + Key, including the key ID, creation date, enabled status, and associated tags. ID: aws_api_gateway_api_key_2 -Title: "Find AWS API Gateway API Keys That Are Disabled" -Description: "Allows users to query API Keys in AWS API Gateway. The `aws_api_gateway_api_key` table in Steampipe provides information about API Keys within AWS API Gateway. This table allows DevOps engineers to query API Key-specific details, including its ID, value, enabled status, and associated metadata. Users can utilize this table to gather insights on API Keys, such as keys that are enabled, keys associated with specific stages, and more. The schema outlines the various attributes of the API Key, including the key ID, creation date, enabled status, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - customer_id - from - aws_api_gateway_api_key - where - not enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n customer_id\nfrom\n aws_api_gateway_api_key\n\ + where\n not enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway API Keys That Are Disabled diff --git a/queries/aws_api_gateway_authorizer_1.yaml b/queries/aws_api_gateway_authorizer_1.yaml index 8603e756f..6df487be4 100755 --- a/queries/aws_api_gateway_authorizer_1.yaml +++ b/queries/aws_api_gateway_authorizer_1.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS API Gateway Authorizer and access data about + API Gateway Authorizers in an AWS account. This data includes the authorizer''s + ID, name, type, provider ARNs, and other configuration details. ID: aws_api_gateway_authorizer_1 -Title: "Find AWS API Gateway Authorizer Configuration Details" -Description: "Allows users to query AWS API Gateway Authorizer and access data about API Gateway Authorizers in an AWS account. This data includes the authorizer''s ID, name, type, provider ARNs, and other configuration details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - rest_api_id, - auth_type, - authorizer_credentials, - identity_validation_expression, - identity_source - from - aws_api_gateway_authorizer; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n rest_api_id,\n auth_type,\n authorizer_credentials,\n\ + \ identity_validation_expression,\n identity_source\nfrom\n aws_api_gateway_authorizer;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Authorizer Configuration Details diff --git a/queries/aws_api_gateway_authorizer_2.yaml b/queries/aws_api_gateway_authorizer_2.yaml index b0b4bad6f..4a88adca9 100755 --- a/queries/aws_api_gateway_authorizer_2.yaml +++ b/queries/aws_api_gateway_authorizer_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS API Gateway Authorizer and access data about + API Gateway Authorizers in an AWS account. This data includes the authorizer''s + ID, name, type, provider ARNs, and other configuration details. ID: aws_api_gateway_authorizer_2 -Title: "List all AWS API Gateway Authorizers with Cognito User Pools" -Description: "Allows users to query AWS API Gateway Authorizer and access data about API Gateway Authorizers in an AWS account. This data includes the authorizer''s ID, name, type, provider ARNs, and other configuration details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - rest_api_id, - auth_type - from - aws_api_gateway_authorizer - where - auth_type = 'cognito_user_pools'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n rest_api_id,\n auth_type\nfrom\n aws_api_gateway_authorizer\n\ + where\n auth_type = 'cognito_user_pools';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all AWS API Gateway Authorizers with Cognito User Pools diff --git a/queries/aws_api_gateway_domain_name_1.yaml b/queries/aws_api_gateway_domain_name_1.yaml index 172a93697..b744641d2 100755 --- a/queries/aws_api_gateway_domain_name_1.yaml +++ b/queries/aws_api_gateway_domain_name_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS API Gateway Domain Names and retrieve details + about each domain''s configuration, certificate, and associated API. ID: aws_api_gateway_domain_name_1 -Title: "List all AWS API Gateway Domain Names with Configuration" -Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - certificate_arn, - distribution_domain_name, - distribution_hosted_zone_id, - domain_name_status, - ownership_verification_certificate_arn - from - aws_api_gateway_domain_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n certificate_arn,\n distribution_domain_name,\n\ + \ distribution_hosted_zone_id,\n domain_name_status,\n ownership_verification_certificate_arn\n\ + from\n aws_api_gateway_domain_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all AWS API Gateway Domain Names with Configuration diff --git a/queries/aws_api_gateway_domain_name_2.yaml b/queries/aws_api_gateway_domain_name_2.yaml index 14c3d6199..2ff133f37 100755 --- a/queries/aws_api_gateway_domain_name_2.yaml +++ b/queries/aws_api_gateway_domain_name_2.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS API Gateway Domain Names and retrieve details + about each domain''s configuration, certificate, and associated API. ID: aws_api_gateway_domain_name_2 -Title: "Find AWS API Gateway Domain Names and Configurations" -Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - certificate_arn, - certificate_upload_date, - regional_certificate_arn, - domain_name_status - from - aws_api_gateway_domain_name - where - domain_name_status = 'AVAILABLE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n certificate_arn,\n certificate_upload_date,\n\ + \ regional_certificate_arn,\n domain_name_status\nfrom\n aws_api_gateway_domain_name\n\ + where\n domain_name_status = 'AVAILABLE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Domain Names and Configurations diff --git a/queries/aws_api_gateway_domain_name_3.yaml b/queries/aws_api_gateway_domain_name_3.yaml index 17cb288f9..6b8b65118 100755 --- a/queries/aws_api_gateway_domain_name_3.yaml +++ b/queries/aws_api_gateway_domain_name_3.yaml @@ -1,33 +1,22 @@ +Description: Allows users to query AWS API Gateway Domain Names and retrieve details + about each domain''s configuration, certificate, and associated API. ID: aws_api_gateway_domain_name_3 -Title: "Find AWS API Gateway Domain Names and Certificates" -Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.domain_name, - d.regional_certificate_arn, - c.certificate, - c.certificate_transparency_logging_preference, - c.created_at, - c.imported_at, - c.issuer, - c.issued_at, - c.key_algorithm - from - aws_api_gateway_domain_name as d, - aws_acm_certificate as c - where - c.certificate_arn = d.regional_certificate_arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n d.domain_name,\n d.regional_certificate_arn,\n c.certificate,\n\ + \ c.certificate_transparency_logging_preference,\n c.created_at,\n c.imported_at,\n\ + \ c.issuer,\n c.issued_at,\n c.key_algorithm\nfrom\n aws_api_gateway_domain_name\ + \ as d,\n aws_acm_certificate as c\nwhere\n c.certificate_arn = d.regional_certificate_arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Domain Names and Certificates diff --git a/queries/aws_api_gateway_domain_name_4.yaml b/queries/aws_api_gateway_domain_name_4.yaml index da241d1cf..634d0edc6 100755 --- a/queries/aws_api_gateway_domain_name_4.yaml +++ b/queries/aws_api_gateway_domain_name_4.yaml @@ -1,24 +1,21 @@ +Description: Allows users to query AWS API Gateway Domain Names and retrieve details + about each domain''s configuration, certificate, and associated API. ID: aws_api_gateway_domain_name_4 -Title: "Find AWS API Gateway Domain Names Configuration Certificates" -Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - endpoint_configuration -> 'Types' as endpoint_types, - endpoint_configuration -> 'VpcEndpointIds' as vpc_endpoint_ids - from - aws_api_gateway_domain_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n endpoint_configuration -> 'Types' as\ + \ endpoint_types,\n endpoint_configuration -> 'VpcEndpointIds' as vpc_endpoint_ids\n\ + from\n aws_api_gateway_domain_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Domain Names Configuration Certificates diff --git a/queries/aws_api_gateway_domain_name_5.yaml b/queries/aws_api_gateway_domain_name_5.yaml index 340579362..85ae5a46c 100755 --- a/queries/aws_api_gateway_domain_name_5.yaml +++ b/queries/aws_api_gateway_domain_name_5.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query AWS API Gateway Domain Names and retrieve details + about each domain''s configuration, certificate, and associated API. ID: aws_api_gateway_domain_name_5 -Title: "Find AWS API Gateway Domain Configuration and Certificates" -Description: "Allows users to query AWS API Gateway Domain Names and retrieve details about each domain''s configuration, certificate, and associated API." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - mutual_tls_authentication ->> 'TruststoreUri' as truststore_uri, - mutual_tls_authentication ->> 'TruststoreVersion' as truststore_version, - mutual_tls_authentication ->> 'TruststoreWarnings' as truststore_warnings - from - aws_api_gateway_domain_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n mutual_tls_authentication ->> 'TruststoreUri'\ + \ as truststore_uri,\n mutual_tls_authentication ->> 'TruststoreVersion' as truststore_version,\n\ + \ mutual_tls_authentication ->> 'TruststoreWarnings' as truststore_warnings\n\ + from\n aws_api_gateway_domain_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Domain Configuration and Certificates diff --git a/queries/aws_api_gateway_method_1.yaml b/queries/aws_api_gateway_method_1.yaml index f1462f855..aa60e72e9 100755 --- a/queries/aws_api_gateway_method_1.yaml +++ b/queries/aws_api_gateway_method_1.yaml @@ -1,28 +1,29 @@ +Description: Represents a client-facing interface by which the client calls the API + to access back-end resources. A Method resource is integrated with an Integration + resource. Both consist of a request and one or more responses. The method request + takes the client input that is passed to the back end through the integration request. + A method response returns the output from the back end to the client through an + integration response. A method request is embodied in a Method resource, whereas + an integration request is embodied in an Integration resource. On the other hand, + a method response is represented by a MethodResponse resource, whereas an integration + response is represented by an IntegrationResponse resource. ID: aws_api_gateway_method_1 -Title: "List all AWS API Gateway Methods" -Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rest_api_id, - resource_id, - http_method, - path, - api_key_required - from - aws_api_gateway_method; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n rest_api_id,\n resource_id,\n http_method,\n path,\n\ + \ api_key_required\nfrom\n aws_api_gateway_method;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all AWS API Gateway Methods diff --git a/queries/aws_api_gateway_method_2.yaml b/queries/aws_api_gateway_method_2.yaml index 84b6531d3..96c5e80a6 100755 --- a/queries/aws_api_gateway_method_2.yaml +++ b/queries/aws_api_gateway_method_2.yaml @@ -1,27 +1,27 @@ +Description: Represents a client-facing interface by which the client calls the API + to access back-end resources. A Method resource is integrated with an Integration + resource. Both consist of a request and one or more responses. The method request + takes the client input that is passed to the back end through the integration request. + A method response returns the output from the back end to the client through an + integration response. A method request is embodied in a Method resource, whereas + an integration request is embodied in an Integration resource. On the other hand, + a method response is represented by a MethodResponse resource, whereas an integration + response is represented by an IntegrationResponse resource. ID: aws_api_gateway_method_2 -Title: "Find AWS API Gateway Methods with SQL Queries" -Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rest_api_id, - resource_id, - http_method, - operation_name - from - aws_api_gateway_method - where - http_method = 'GET'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n rest_api_id,\n resource_id,\n http_method,\n operation_name\n\ + from\n aws_api_gateway_method\nwhere\n http_method = 'GET';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Methods with SQL Queries diff --git a/queries/aws_api_gateway_method_3.yaml b/queries/aws_api_gateway_method_3.yaml index bb3084821..bbc97bca8 100755 --- a/queries/aws_api_gateway_method_3.yaml +++ b/queries/aws_api_gateway_method_3.yaml @@ -1,31 +1,30 @@ +Description: Represents a client-facing interface by which the client calls the API + to access back-end resources. A Method resource is integrated with an Integration + resource. Both consist of a request and one or more responses. The method request + takes the client input that is passed to the back end through the integration request. + A method response returns the output from the back end to the client through an + integration response. A method request is embodied in a Method resource, whereas + an integration request is embodied in an Integration resource. On the other hand, + a method response is represented by a MethodResponse resource, whereas an integration + response is represented by an IntegrationResponse resource. ID: aws_api_gateway_method_3 -Title: "List AWS API Gateway Methods Using SQL" -Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rest_api_id, - resource_id, - http_method, - path, - authorization_type, - authorizer_id - from - aws_api_gateway_method - where - authorization_type = 'none'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n rest_api_id,\n resource_id,\n http_method,\n path,\n\ + \ authorization_type,\n authorizer_id\nfrom\n aws_api_gateway_method\nwhere\n\ + \ authorization_type = 'none';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List AWS API Gateway Methods Using SQL diff --git a/queries/aws_api_gateway_method_4.yaml b/queries/aws_api_gateway_method_4.yaml index 25e4da530..a54bd73fc 100755 --- a/queries/aws_api_gateway_method_4.yaml +++ b/queries/aws_api_gateway_method_4.yaml @@ -1,41 +1,39 @@ +Description: Represents a client-facing interface by which the client calls the API + to access back-end resources. A Method resource is integrated with an Integration + resource. Both consist of a request and one or more responses. The method request + takes the client input that is passed to the back end through the integration request. + A method response returns the output from the back end to the client through an + integration response. A method request is embodied in a Method resource, whereas + an integration request is embodied in an Integration resource. On the other hand, + a method response is represented by a MethodResponse resource, whereas an integration + response is represented by an IntegrationResponse resource. ID: aws_api_gateway_method_4 -Title: "List all AWS API Gateway Methods using SQL" -Description: "Represents a client-facing interface by which the client calls the API to access back-end resources. A Method resource is integrated with an Integration resource. Both consist of a request and one or more responses. The method request takes the client input that is passed to the back end through the integration request. A method response returns the output from the back end to the client through an integration response. A method request is embodied in a Method resource, whereas an integration request is embodied in an Integration resource. On the other hand, a method response is represented by a MethodResponse resource, whereas an integration response is represented by an IntegrationResponse resource." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rest_api_id, - resource_id, - http_method, - method_integration -> 'CacheKeyParameters' as cache_key_parameters, - method_integration ->> 'CacheNamespace' as cache_namespace, - method_integration ->> 'ConnectionId' as connection_id, - method_integration ->> 'ConnectionType' as connection_type, - method_integration ->> 'ContentHandling' as content_handling, - method_integration ->> 'Credentials' as credentials, - method_integration ->> 'HttpMethod' as http_method, - method_integration ->> 'PassthroughBehavior' as passthrough_behavior, - method_integration ->> 'RequestParameters' as request_parameters, - method_integration -> 'RequestTemplates' as request_templates, - method_integration ->> 'TimeoutInMillis' as timeout_in_millis, - method_integration ->> 'tls_config' as tls_config, - method_integration ->> 'Type' as type, - method_integration ->> 'Uri' as uri, - method_integration -> 'IntegrationResponses' as integration_responses - from - aws_api_gateway_method; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n rest_api_id,\n resource_id,\n http_method,\n method_integration\ + \ -> 'CacheKeyParameters' as cache_key_parameters,\n method_integration ->> 'CacheNamespace'\ + \ as cache_namespace,\n method_integration ->> 'ConnectionId' as connection_id,\n\ + \ method_integration ->> 'ConnectionType' as connection_type,\n method_integration\ + \ ->> 'ContentHandling' as content_handling,\n method_integration ->> 'Credentials'\ + \ as credentials,\n method_integration ->> 'HttpMethod' as http_method,\n method_integration\ + \ ->> 'PassthroughBehavior' as passthrough_behavior,\n method_integration ->>\ + \ 'RequestParameters' as request_parameters,\n method_integration -> 'RequestTemplates'\ + \ as request_templates,\n method_integration ->> 'TimeoutInMillis' as timeout_in_millis,\n\ + \ method_integration ->> 'tls_config' as tls_config,\n method_integration ->>\ + \ 'Type' as type,\n method_integration ->> 'Uri' as uri,\n method_integration\ + \ -> 'IntegrationResponses' as integration_responses\nfrom\n aws_api_gateway_method;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all AWS API Gateway Methods using SQL diff --git a/queries/aws_api_gateway_rest_api_1.yaml b/queries/aws_api_gateway_rest_api_1.yaml index 65d8f43f4..8c65ece7a 100755 --- a/queries/aws_api_gateway_rest_api_1.yaml +++ b/queries/aws_api_gateway_rest_api_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS API Gateway Rest APIs to retrieve information + about API Gateway REST APIs in an AWS account. ID: aws_api_gateway_rest_api_1 -Title: "List all AWS API Gateway REST APIs with details" -Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - api_key_source, - minimum_compression_size, - binary_media_types - from - aws_api_gateway_rest_api; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n api_id,\n api_key_source,\n minimum_compression_size,\n\ + \ binary_media_types\nfrom\n aws_api_gateway_rest_api;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all AWS API Gateway REST APIs with details diff --git a/queries/aws_api_gateway_rest_api_2.yaml b/queries/aws_api_gateway_rest_api_2.yaml index 599dc37ca..5d9b35c64 100755 --- a/queries/aws_api_gateway_rest_api_2.yaml +++ b/queries/aws_api_gateway_rest_api_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS API Gateway Rest APIs to retrieve information + about API Gateway REST APIs in an AWS account. ID: aws_api_gateway_rest_api_2 -Title: "List all AWS API Gateway REST APIs with SQL" -Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - api_key_source, - minimum_compression_size - from - aws_api_gateway_rest_api - where - minimum_compression_size is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n api_id,\n api_key_source,\n minimum_compression_size\n\ + from\n aws_api_gateway_rest_api\nwhere\n minimum_compression_size is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all AWS API Gateway REST APIs with SQL diff --git a/queries/aws_api_gateway_rest_api_3.yaml b/queries/aws_api_gateway_rest_api_3.yaml index 24f2ce696..5252140d6 100755 --- a/queries/aws_api_gateway_rest_api_3.yaml +++ b/queries/aws_api_gateway_rest_api_3.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS API Gateway Rest APIs to retrieve information + about API Gateway REST APIs in an AWS account. ID: aws_api_gateway_rest_api_3 -Title: "List AWS API Gateway REST APIs Information" -Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - api_key_source, - endpoint_configuration_types, - endpoint_configuration_vpc_endpoint_ids - from - aws_api_gateway_rest_api - where - not endpoint_configuration_types ? 'PRIVATE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n api_id,\n api_key_source,\n endpoint_configuration_types,\n\ + \ endpoint_configuration_vpc_endpoint_ids\nfrom\n aws_api_gateway_rest_api\n\ + where\n not endpoint_configuration_types ? 'PRIVATE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List AWS API Gateway REST APIs Information diff --git a/queries/aws_api_gateway_rest_api_4.yaml b/queries/aws_api_gateway_rest_api_4.yaml index f6bc3ca9a..5a332a562 100755 --- a/queries/aws_api_gateway_rest_api_4.yaml +++ b/queries/aws_api_gateway_rest_api_4.yaml @@ -1,36 +1,24 @@ +Description: Allows users to query AWS API Gateway Rest APIs to retrieve information + about API Gateway REST APIs in an AWS account. ID: aws_api_gateway_rest_api_4 -Title: "Find AWS API Gateway REST APIs Information" -Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_api_gateway_rest_api, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - string_to_array(p, ':') as pa, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and ( - pa [5] != account_id - or p = '*' - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s -> 'Condition' as conditions\nfrom\n aws_api_gateway_rest_api,\n\ + \ jsonb_array_elements(policy_std -> 'Statement') as s,\n jsonb_array_elements_text(s\ + \ -> 'Principal' -> 'AWS') as p,\n string_to_array(p, ':') as pa,\n jsonb_array_elements_text(s\ + \ -> 'Action') as a\nwhere\n s ->> 'Effect' = 'Allow'\n and (\n pa [5] !=\ + \ account_id\n or p = '*'\n );" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway REST APIs Information diff --git a/queries/aws_api_gateway_rest_api_5.yaml b/queries/aws_api_gateway_rest_api_5.yaml index 125f8eefb..8b40ed5ff 100755 --- a/queries/aws_api_gateway_rest_api_5.yaml +++ b/queries/aws_api_gateway_rest_api_5.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS API Gateway Rest APIs to retrieve information + about API Gateway REST APIs in an AWS account. ID: aws_api_gateway_rest_api_5 -Title: "List all AWS API Gateway REST APIs and Their Policies" -Description: "Allows users to query AWS API Gateway Rest APIs to retrieve information about API Gateway REST APIs in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_api_gateway_rest_api, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - p = '*' - and s ->> 'Effect' = 'Allow'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s -> 'Condition' as conditions\nfrom\n aws_api_gateway_rest_api,\n\ + \ jsonb_array_elements(policy_std -> 'Statement') as s,\n jsonb_array_elements_text(s\ + \ -> 'Principal' -> 'AWS') as p,\n jsonb_array_elements_text(s -> 'Action') as\ + \ a\nwhere\n p = '*'\n and s ->> 'Effect' = 'Allow';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all AWS API Gateway REST APIs and Their Policies diff --git a/queries/aws_api_gateway_stage_1.yaml b/queries/aws_api_gateway_stage_1.yaml index 92cd28001..8acfaa3da 100755 --- a/queries/aws_api_gateway_stage_1.yaml +++ b/queries/aws_api_gateway_stage_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS API Gateway Stages for information related + to deployment, API, and stage details. ID: aws_api_gateway_stage_1 -Title: "Find AWS API Gateway Stages and Deployment Details" -Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rest_api_id, - count(name) stage_count - from - aws_api_gateway_stage - group by - rest_api_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n rest_api_id,\n count(name) stage_count\nfrom\n aws_api_gateway_stage\n\ + group by\n rest_api_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Stages and Deployment Details diff --git a/queries/aws_api_gateway_stage_2.yaml b/queries/aws_api_gateway_stage_2.yaml index 174dfeb5e..aaabde16f 100755 --- a/queries/aws_api_gateway_stage_2.yaml +++ b/queries/aws_api_gateway_stage_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS API Gateway Stages for information related + to deployment, API, and stage details. ID: aws_api_gateway_stage_2 -Title: "List all AWS API Gateway stages with cache enabled" -Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rest_api_id, - cache_cluster_enabled, - cache_cluster_size - from - aws_api_gateway_stage - where - cache_cluster_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n rest_api_id,\n cache_cluster_enabled,\n cache_cluster_size\n\ + from\n aws_api_gateway_stage\nwhere\n cache_cluster_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all AWS API Gateway stages with cache enabled diff --git a/queries/aws_api_gateway_stage_3.yaml b/queries/aws_api_gateway_stage_3.yaml index 14fae114b..1a7cbb6d0 100755 --- a/queries/aws_api_gateway_stage_3.yaml +++ b/queries/aws_api_gateway_stage_3.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query AWS API Gateway Stages for information related + to deployment, API, and stage details. ID: aws_api_gateway_stage_3 -Title: "Find AWS API Gateway Stages for deployments and APIs" -Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - split_part(web_acl_arn, '/', 3) as web_acl_name - from - aws_api_gateway_stage; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n split_part(web_acl_arn, '/', 3) as web_acl_name\n\ + from\n aws_api_gateway_stage;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Stages for deployments and APIs diff --git a/queries/aws_api_gateway_stage_4.yaml b/queries/aws_api_gateway_stage_4.yaml index e647842cc..66fd268d8 100755 --- a/queries/aws_api_gateway_stage_4.yaml +++ b/queries/aws_api_gateway_stage_4.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS API Gateway Stages for information related + to deployment, API, and stage details. ID: aws_api_gateway_stage_4 -Title: "Find AWS API Gateway Stages for Deployment and API Details" -Description: "Allows users to query AWS API Gateway Stages for information related to deployment, API, and stage details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - deployment_id, - name, - tracing_enabled, - method_settings -> '*/*' ->> 'LoggingLevel' as cloudwatch_log_level - from - aws_api_gateway_stage - where - method_settings -> '*/*' ->> 'LoggingLevel' = 'OFF'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n deployment_id,\n name,\n tracing_enabled,\n method_settings\ + \ -> '*/*' ->> 'LoggingLevel' as cloudwatch_log_level\nfrom\n aws_api_gateway_stage\n\ + where\n method_settings -> '*/*' ->> 'LoggingLevel' = 'OFF';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Stages for Deployment and API Details diff --git a/queries/aws_api_gateway_usage_plan_1.yaml b/queries/aws_api_gateway_usage_plan_1.yaml index c12fca973..11f32115b 100755 --- a/queries/aws_api_gateway_usage_plan_1.yaml +++ b/queries/aws_api_gateway_usage_plan_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS API Gateway Usage Plans in order to retrieve + information about the usage plans configured in the AWS API Gateway service. ID: aws_api_gateway_usage_plan_1 -Title: "Find AWS API Gateway Usage Plans Information" -Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - product_code, - description, - api_stages - from - aws_api_gateway_usage_plan; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n product_code,\n description,\n api_stages\n\ + from\n aws_api_gateway_usage_plan;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Usage Plans Information diff --git a/queries/aws_api_gateway_usage_plan_2.yaml b/queries/aws_api_gateway_usage_plan_2.yaml index a97f0cb74..fc1b4c48b 100755 --- a/queries/aws_api_gateway_usage_plan_2.yaml +++ b/queries/aws_api_gateway_usage_plan_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS API Gateway Usage Plans in order to retrieve + information about the usage plans configured in the AWS API Gateway service. ID: aws_api_gateway_usage_plan_2 -Title: "List all AWS API Gateway Usage Plans Information" -Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - quota - from - aws_api_gateway_usage_plan - where - quota is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n quota\nfrom\n aws_api_gateway_usage_plan\n\ + where\n quota is null;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all AWS API Gateway Usage Plans Information diff --git a/queries/aws_api_gateway_usage_plan_3.yaml b/queries/aws_api_gateway_usage_plan_3.yaml index ae2053413..61577e354 100755 --- a/queries/aws_api_gateway_usage_plan_3.yaml +++ b/queries/aws_api_gateway_usage_plan_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS API Gateway Usage Plans in order to retrieve + information about the usage plans configured in the AWS API Gateway service. ID: aws_api_gateway_usage_plan_3 -Title: "Find AWS API Gateway Usage Plans Details via SQL" -Description: "Allows users to query AWS API Gateway Usage Plans in order to retrieve information about the usage plans configured in the AWS API Gateway service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - throttle - from - aws_api_gateway_usage_plan - where - throttle is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n throttle\nfrom\n aws_api_gateway_usage_plan\n\ + where\n throttle is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Usage Plans Details via SQL diff --git a/queries/aws_api_gatewayv2_api_1.yaml b/queries/aws_api_gatewayv2_api_1.yaml index ce14e7253..1b928f21f 100755 --- a/queries/aws_api_gatewayv2_api_1.yaml +++ b/queries/aws_api_gatewayv2_api_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query API Gateway APIs and retrieve detailed information + about each API, including its ID, name, protocol type, and more. ID: aws_api_gatewayv2_api_1 -Title: "List all Details of AWS API Gateway APIs" -Description: "Allows users to query API Gateway APIs and retrieve detailed information about each API, including its ID, name, protocol type, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - api_endpoint, - protocol_type, - api_key_selection_expression, - route_selection_expression - from - aws_api_gatewayv2_api; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n api_id,\n api_endpoint,\n protocol_type,\n\ + \ api_key_selection_expression,\n route_selection_expression\nfrom\n aws_api_gatewayv2_api;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all Details of AWS API Gateway APIs diff --git a/queries/aws_api_gatewayv2_api_2.yaml b/queries/aws_api_gatewayv2_api_2.yaml index 4ea093aa8..a35a3ad1e 100755 --- a/queries/aws_api_gatewayv2_api_2.yaml +++ b/queries/aws_api_gatewayv2_api_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query API Gateway APIs and retrieve detailed information + about each API, including its ID, name, protocol type, and more. ID: aws_api_gatewayv2_api_2 -Title: "List all API Gateway APIs with name, ID, and protocol" -Description: "Allows users to query API Gateway APIs and retrieve detailed information about each API, including its ID, name, protocol type, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - protocol_type - from - aws_api_gatewayv2_api - where - protocol_type = 'WEBSOCKET'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n api_id,\n protocol_type\nfrom\n aws_api_gatewayv2_api\n\ + where\n protocol_type = 'WEBSOCKET';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all API Gateway APIs with name, ID, and protocol diff --git a/queries/aws_api_gatewayv2_api_3.yaml b/queries/aws_api_gatewayv2_api_3.yaml index 869aef25d..07bdc04c0 100755 --- a/queries/aws_api_gatewayv2_api_3.yaml +++ b/queries/aws_api_gatewayv2_api_3.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query API Gateway APIs and retrieve detailed information + about each API, including its ID, name, protocol type, and more. ID: aws_api_gatewayv2_api_3 -Title: "List All AWS API Gateway APIs and Retrieve Details" -Description: "Allows users to query API Gateway APIs and retrieve detailed information about each API, including its ID, name, protocol type, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - api_endpoint - from - aws_api_gatewayv2_api - where - not disable_execute_api_endpoint; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n api_id,\n api_endpoint\nfrom\n aws_api_gatewayv2_api\n\ + where\n not disable_execute_api_endpoint;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List All AWS API Gateway APIs and Retrieve Details diff --git a/queries/aws_api_gatewayv2_domain_name_1.yaml b/queries/aws_api_gatewayv2_domain_name_1.yaml index 4fbd6172a..e81a55c87 100755 --- a/queries/aws_api_gatewayv2_domain_name_1.yaml +++ b/queries/aws_api_gatewayv2_domain_name_1.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS API Gateway Domain Names and provides information + about each domain name within the AWS API Gateway Service. This table can be used + to query domain name details, including associated API mappings, security policy, + and associated tags. ID: aws_api_gatewayv2_domain_name_1 -Title: "Find all AWS API Gateway Domain Names Details using SQL" -Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - mutual_tls_authentication, - tags, - title, - akas - from - aws_api_gatewayv2_domain_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n mutual_tls_authentication,\n tags,\n\ + \ title,\n akas\nfrom\n aws_api_gatewayv2_domain_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find all AWS API Gateway Domain Names Details using SQL diff --git a/queries/aws_api_gatewayv2_domain_name_2.yaml b/queries/aws_api_gatewayv2_domain_name_2.yaml index 51a86749f..de4784e07 100755 --- a/queries/aws_api_gatewayv2_domain_name_2.yaml +++ b/queries/aws_api_gatewayv2_domain_name_2.yaml @@ -1,28 +1,25 @@ +Description: Allows users to query AWS API Gateway Domain Names and provides information + about each domain name within the AWS API Gateway Service. This table can be used + to query domain name details, including associated API mappings, security policy, + and associated tags. ID: aws_api_gatewayv2_domain_name_2 -Title: "List all AWS API Gateway Domain Names with Details" -Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - config ->> 'EndpointType' as endpoint_type - from - aws_api_gatewayv2_domain_name - cross join jsonb_array_elements(domain_name_configurations) as config - where - config ->> 'EndpointType' = 'EDGE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n config ->> 'EndpointType' as endpoint_type\n\ + from\n aws_api_gatewayv2_domain_name\n cross join jsonb_array_elements(domain_name_configurations)\ + \ as config\nwhere\n config ->> 'EndpointType' = 'EDGE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all AWS API Gateway Domain Names with Details diff --git a/queries/aws_api_gatewayv2_domain_name_3.yaml b/queries/aws_api_gatewayv2_domain_name_3.yaml index 380505a5e..5d1ab7bf0 100755 --- a/queries/aws_api_gatewayv2_domain_name_3.yaml +++ b/queries/aws_api_gatewayv2_domain_name_3.yaml @@ -1,37 +1,33 @@ +Description: Allows users to query AWS API Gateway Domain Names and provides information + about each domain name within the AWS API Gateway Service. This table can be used + to query domain name details, including associated API mappings, security policy, + and associated tags. ID: aws_api_gatewayv2_domain_name_3 -Title: "List all AWS API Gateway Domain Names and Details" -Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - config ->> 'EndpointType' as endpoint_type, - config ->> 'CertificateName' as certificate_name, - config ->> 'CertificateArn' as certificate_arn, - config ->> 'CertificateUploadDate' as certificate_upload_date, - config ->> 'DomainNameStatus' as domain_name_status, - config ->> 'DomainNameStatusMessage' as domain_name_status_message, - config ->> 'ApiGatewayDomainName' as api_gateway_domain_name, - config ->> 'HostedZoneId' as hosted_zone_id, - config ->> 'OwnershipVerificationCertificateArn' as ownership_verification_certificate_arn, - config -> 'SecurityPolicy' as security_policy - from - aws_api_gatewayv2_domain_name - cross join jsonb_array_elements(domain_name_configurations) as config; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n config ->> 'EndpointType' as endpoint_type,\n\ + \ config ->> 'CertificateName' as certificate_name,\n config ->> 'CertificateArn'\ + \ as certificate_arn,\n config ->> 'CertificateUploadDate' as certificate_upload_date,\n\ + \ config ->> 'DomainNameStatus' as domain_name_status,\n config ->> 'DomainNameStatusMessage'\ + \ as domain_name_status_message,\n config ->> 'ApiGatewayDomainName' as api_gateway_domain_name,\n\ + \ config ->> 'HostedZoneId' as hosted_zone_id,\n config ->> 'OwnershipVerificationCertificateArn'\ + \ as ownership_verification_certificate_arn,\n config -> 'SecurityPolicy' as\ + \ security_policy\nfrom\n aws_api_gatewayv2_domain_name\n cross join jsonb_array_elements(domain_name_configurations)\ + \ as config;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all AWS API Gateway Domain Names and Details diff --git a/queries/aws_api_gatewayv2_domain_name_4.yaml b/queries/aws_api_gatewayv2_domain_name_4.yaml index f398633db..07b73ce75 100755 --- a/queries/aws_api_gatewayv2_domain_name_4.yaml +++ b/queries/aws_api_gatewayv2_domain_name_4.yaml @@ -1,27 +1,26 @@ +Description: Allows users to query AWS API Gateway Domain Names and provides information + about each domain name within the AWS API Gateway Service. This table can be used + to query domain name details, including associated API mappings, security policy, + and associated tags. ID: aws_api_gatewayv2_domain_name_4 -Title: "Find all AWS API Gateway Domain Names and Their Details" -Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - mutual_tls_authentication ->> 'TruststoreUri' as truststore_uri, - mutual_tls_authentication ->> 'TruststoreVersion' as truststore_version, - mutual_tls_authentication ->> 'TruststoreWarnings' as truststore_warnings - from - aws_api_gatewayv2_domain_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n mutual_tls_authentication ->> 'TruststoreUri'\ + \ as truststore_uri,\n mutual_tls_authentication ->> 'TruststoreVersion' as truststore_version,\n\ + \ mutual_tls_authentication ->> 'TruststoreWarnings' as truststore_warnings\n\ + from\n aws_api_gatewayv2_domain_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find all AWS API Gateway Domain Names and Their Details diff --git a/queries/aws_api_gatewayv2_domain_name_5.yaml b/queries/aws_api_gatewayv2_domain_name_5.yaml index 80b1ebbc7..5755e7fc6 100755 --- a/queries/aws_api_gatewayv2_domain_name_5.yaml +++ b/queries/aws_api_gatewayv2_domain_name_5.yaml @@ -1,32 +1,25 @@ +Description: Allows users to query AWS API Gateway Domain Names and provides information + about each domain name within the AWS API Gateway Service. This table can be used + to query domain name details, including associated API mappings, security policy, + and associated tags. ID: aws_api_gatewayv2_domain_name_5 -Title: "List AWS API Gateway Domain Name Details with Certificate Info" -Description: "Allows users to query AWS API Gateway Domain Names and provides information about each domain name within the AWS API Gateway Service. This table can be used to query domain name details, including associated API mappings, security policy, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.domain_name, - config ->> 'CertificateArn' as certificate_arn, - c.certificate, - c.certificate_transparency_logging_preference, - c.created_at, - c.imported_at, - c.issuer, - c.issued_at, - c.key_algorithm - from - aws_api_gatewayv2_domain_name AS d - cross join jsonb_array_elements(d.domain_name_configurations) AS config - left join aws_acm_certificate AS c ON c.certificate_arn = config ->> 'CertificateArn'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n d.domain_name,\n config ->> 'CertificateArn' as certificate_arn,\n\ + \ c.certificate,\n c.certificate_transparency_logging_preference,\n c.created_at,\n\ + \ c.imported_at,\n c.issuer,\n c.issued_at,\n c.key_algorithm\nfrom\n aws_api_gatewayv2_domain_name\ + \ AS d\n cross join jsonb_array_elements(d.domain_name_configurations) AS config\n\ + \ left join aws_acm_certificate AS c ON c.certificate_arn = config ->> 'CertificateArn';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List AWS API Gateway Domain Name Details with Certificate Info diff --git a/queries/aws_api_gatewayv2_integration_1.yaml b/queries/aws_api_gatewayv2_integration_1.yaml index 1d232e88c..7ffd1514b 100755 --- a/queries/aws_api_gatewayv2_integration_1.yaml +++ b/queries/aws_api_gatewayv2_integration_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS API Gateway Integrations to retrieve detailed + information about each integration within the API Gateway. ID: aws_api_gatewayv2_integration_1 -Title: "Find AWS API Gateway Integrations with SQL" -Description: "Allows users to query AWS API Gateway Integrations to retrieve detailed information about each integration within the API Gateway." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - integration_id, - api_id, - integration_type, - integration_uri, - description - from - aws_api_gatewayv2_integration; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n integration_id,\n api_id,\n integration_type,\n integration_uri,\n\ + \ description\nfrom\n aws_api_gatewayv2_integration;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Integrations with SQL diff --git a/queries/aws_api_gatewayv2_integration_2.yaml b/queries/aws_api_gatewayv2_integration_2.yaml index 594b7f332..b2737ee77 100755 --- a/queries/aws_api_gatewayv2_integration_2.yaml +++ b/queries/aws_api_gatewayv2_integration_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS API Gateway Integrations to retrieve detailed + information about each integration within the API Gateway. ID: aws_api_gatewayv2_integration_2 -Title: "Find all AWS API Gateway Integrations Details" -Description: "Allows users to query AWS API Gateway Integrations to retrieve detailed information about each integration within the API Gateway." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - api_id, - count(integration_id) as integration_count - from - aws_api_gatewayv2_integration - group by - api_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n api_id,\n count(integration_id) as integration_count\n\ + from \n aws_api_gatewayv2_integration\ngroup by\n api_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find all AWS API Gateway Integrations Details diff --git a/queries/aws_api_gatewayv2_route_1.yaml b/queries/aws_api_gatewayv2_route_1.yaml index 19042f7c9..550cc4ed6 100755 --- a/queries/aws_api_gatewayv2_route_1.yaml +++ b/queries/aws_api_gatewayv2_route_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS API Gateway V2 Routes and obtain detailed information + about each route, including the route key, route response selection expression, + and target. ID: aws_api_gatewayv2_route_1 -Title: "Find AWS API Gateway V2 Route Details" -Description: "Allows users to query AWS API Gateway V2 Routes and obtain detailed information about each route, including the route key, route response selection expression, and target." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_key, - api_id, - route_id, - api_gateway_managed, - api_key_required - from - aws_api_gatewayv2_route; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n route_key,\n api_id,\n route_id,\n api_gateway_managed,\n\ + \ api_key_required\nfrom\n aws_api_gatewayv2_route;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway V2 +Title: Find AWS API Gateway V2 Route Details diff --git a/queries/aws_api_gatewayv2_route_2.yaml b/queries/aws_api_gatewayv2_route_2.yaml index b3ddbfc17..60f52f28b 100755 --- a/queries/aws_api_gatewayv2_route_2.yaml +++ b/queries/aws_api_gatewayv2_route_2.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS API Gateway V2 Routes and obtain detailed information + about each route, including the route key, route response selection expression, + and target. ID: aws_api_gatewayv2_route_2 -Title: "List all AWS API Gateway V2 Routes including details" -Description: "Allows users to query AWS API Gateway V2 Routes and obtain detailed information about each route, including the route key, route response selection expression, and target." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_key, - api_id, - route_id - from - aws_api_gatewayv2_route - where - api_id = 'w5n71b2m85'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n route_key,\n api_id,\n route_id\nfrom\n aws_api_gatewayv2_route\n\ + where\n api_id = 'w5n71b2m85';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway V2 +Title: List all AWS API Gateway V2 Routes including details diff --git a/queries/aws_api_gatewayv2_route_3.yaml b/queries/aws_api_gatewayv2_route_3.yaml index 954401644..f208f4907 100755 --- a/queries/aws_api_gatewayv2_route_3.yaml +++ b/queries/aws_api_gatewayv2_route_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS API Gateway V2 Routes and obtain detailed information + about each route, including the route key, route response selection expression, + and target. ID: aws_api_gatewayv2_route_3 -Title: "Find all AWS API Gateway V2 Routes with Details" -Description: "Allows users to query AWS API Gateway V2 Routes and obtain detailed information about each route, including the route key, route response selection expression, and target." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.route_id, - a.name, - a.api_id, - a.api_endpoint - from - aws_api_gatewayv2_route as r, - aws_api_gatewayv2_api as a - where - not a.disable_execute_api_endpoint; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.route_id,\n a.name,\n a.api_id,\n a.api_endpoint\n\ + from\n aws_api_gatewayv2_route as r,\n aws_api_gatewayv2_api as a\nwhere\n \ + \ not a.disable_execute_api_endpoint;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway V2 +Title: Find all AWS API Gateway V2 Routes with Details diff --git a/queries/aws_api_gatewayv2_stage_1.yaml b/queries/aws_api_gatewayv2_stage_1.yaml index bca0c6031..2ef52b97f 100755 --- a/queries/aws_api_gatewayv2_stage_1.yaml +++ b/queries/aws_api_gatewayv2_stage_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS API Gateway Stages, providing detailed information + about each stage of the API Gateway. ID: aws_api_gatewayv2_stage_1 -Title: "List all AWS API Gateway Stages with Trace Data Disabled" -Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stage_name, - api_id, - default_route_data_trace_enabled - from - aws_api_gatewayv2_stage - where - not default_route_data_trace_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stage_name,\n api_id,\n default_route_data_trace_enabled\n\ + from\n aws_api_gatewayv2_stage\nwhere\n not default_route_data_trace_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all AWS API Gateway Stages with Trace Data Disabled diff --git a/queries/aws_api_gatewayv2_stage_2.yaml b/queries/aws_api_gatewayv2_stage_2.yaml index 1b06a16bc..03447826b 100755 --- a/queries/aws_api_gatewayv2_stage_2.yaml +++ b/queries/aws_api_gatewayv2_stage_2.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS API Gateway Stages, providing detailed information + about each stage of the API Gateway. ID: aws_api_gatewayv2_stage_2 -Title: "Find AWS API Gateway Stages and Details" -Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stage_name, - api_id, - default_route_data_trace_enabled, - default_route_detailed_metrics_enabled, - default_route_throttling_burst_limit, - default_route_throttling_rate_limit - from - aws_api_gatewayv2_stage; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stage_name,\n api_id,\n default_route_data_trace_enabled,\n\ + \ default_route_detailed_metrics_enabled,\n default_route_throttling_burst_limit,\n\ + \ default_route_throttling_rate_limit\nfrom\n aws_api_gatewayv2_stage;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Stages and Details diff --git a/queries/aws_api_gatewayv2_stage_3.yaml b/queries/aws_api_gatewayv2_stage_3.yaml index 4cb0fedab..141fab2ce 100755 --- a/queries/aws_api_gatewayv2_stage_3.yaml +++ b/queries/aws_api_gatewayv2_stage_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS API Gateway Stages, providing detailed information + about each stage of the API Gateway. ID: aws_api_gatewayv2_stage_3 -Title: "List all AWS API Gateway Stages and Details" -Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - api_id, - count(stage_name) stage_count - from - aws_api_gatewayv2_stage - group by - api_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n api_id,\n count(stage_name) stage_count\nfrom\n aws_api_gatewayv2_stage\n\ + group by\n api_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: List all AWS API Gateway Stages and Details diff --git a/queries/aws_api_gatewayv2_stage_4.yaml b/queries/aws_api_gatewayv2_stage_4.yaml index ec858a5c0..1fa552129 100755 --- a/queries/aws_api_gatewayv2_stage_4.yaml +++ b/queries/aws_api_gatewayv2_stage_4.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS API Gateway Stages, providing detailed information + about each stage of the API Gateway. ID: aws_api_gatewayv2_stage_4 -Title: "Find AWS API Gateway Stages and Details using SQL" -Description: "Allows users to query AWS API Gateway Stages, providing detailed information about each stage of the API Gateway." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stage_name, - api_id, - default_route_data_trace_enabled, - jsonb_pretty(access_log_settings) as access_log_settings - from - aws_api_gatewayv2_stage; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stage_name,\n api_id,\n default_route_data_trace_enabled,\n\ + \ jsonb_pretty(access_log_settings) as access_log_settings\nfrom\n aws_api_gatewayv2_stage;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - API Gateway +Title: Find AWS API Gateway Stages and Details using SQL diff --git a/queries/aws_app_runner_service_1.yaml b/queries/aws_app_runner_service_1.yaml index 02f4c7096..9c6e02147 100755 --- a/queries/aws_app_runner_service_1.yaml +++ b/queries/aws_app_runner_service_1.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS App Runner services, providing detailed information + on service configurations, scaling, and network settings. ID: aws_app_runner_service_1 -Title: "Find all AWS App Runner Services with configurations" -Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - region, - created_at, - updated_at - from - aws_app_runner_service; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n arn,\n region,\n created_at,\n updated_at\n\ + from\n aws_app_runner_service;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - App Runner +Title: Find all AWS App Runner Services with configurations diff --git a/queries/aws_app_runner_service_2.yaml b/queries/aws_app_runner_service_2.yaml index 55655693f..88ca45218 100755 --- a/queries/aws_app_runner_service_2.yaml +++ b/queries/aws_app_runner_service_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS App Runner services, providing detailed information + on service configurations, scaling, and network settings. ID: aws_app_runner_service_2 -Title: "List all AWS App Runner Services with Network Configurations" -Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - network_configuration - from - aws_app_runner_service - where - (network_configuration -> 'EgressConfiguration' ->> 'VpcConnectorArn') is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n arn,\n network_configuration\nfrom\n\ + \ aws_app_runner_service\nwhere\n (network_configuration -> 'EgressConfiguration'\ + \ ->> 'VpcConnectorArn') is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - App Runner +Title: List all AWS App Runner Services with Network Configurations diff --git a/queries/aws_app_runner_service_3.yaml b/queries/aws_app_runner_service_3.yaml index 0e1d7bc0b..d50473717 100755 --- a/queries/aws_app_runner_service_3.yaml +++ b/queries/aws_app_runner_service_3.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS App Runner services, providing detailed information + on service configurations, scaling, and network settings. ID: aws_app_runner_service_3 -Title: "List all AWS App Runner Services with Auto Scaling Info" -Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - auto_scaling_configuration_summary - from - aws_app_runner_service - where - jsonb_path_exists(auto_scaling_configuration_summary, '$.AutoScalingConfigurationArn'); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n arn,\n auto_scaling_configuration_summary\n\ + from\n aws_app_runner_service\nwhere\n jsonb_path_exists(auto_scaling_configuration_summary,\ + \ '$.AutoScalingConfigurationArn');" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - App Runner +Title: List all AWS App Runner Services with Auto Scaling Info diff --git a/queries/aws_app_runner_service_4.yaml b/queries/aws_app_runner_service_4.yaml index 8b9ae2d7e..9c40a8014 100755 --- a/queries/aws_app_runner_service_4.yaml +++ b/queries/aws_app_runner_service_4.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS App Runner services, providing detailed information + on service configurations, scaling, and network settings. ID: aws_app_runner_service_4 -Title: "Find all AWS App Runner services and configurations" -Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - observability_configuration - from - aws_app_runner_service - where - (observability_configuration ->> 'ObservabilityConfigurationArn') is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n arn,\n observability_configuration\n\ + from\n aws_app_runner_service\nwhere\n (observability_configuration ->> 'ObservabilityConfigurationArn')\ + \ is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - App Runner +Title: Find all AWS App Runner services and configurations diff --git a/queries/aws_app_runner_service_5.yaml b/queries/aws_app_runner_service_5.yaml index 9ca5ad62c..d5a36128d 100755 --- a/queries/aws_app_runner_service_5.yaml +++ b/queries/aws_app_runner_service_5.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS App Runner services, providing detailed information + on service configurations, scaling, and network settings. ID: aws_app_runner_service_5 -Title: "List All AWS App Runner Services with Configs and Networking" -Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - created_at - from - aws_app_runner_service - where - created_at >= '2023-01-01T00:00:00Z' and created_at <= '2023-12-31T23:59:59Z'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n arn,\n created_at\nfrom\n aws_app_runner_service\n\ + where\n created_at >= '2023-01-01T00:00:00Z' and created_at <= '2023-12-31T23:59:59Z';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - App Runner +Title: List All AWS App Runner Services with Configs and Networking diff --git a/queries/aws_app_runner_service_6.yaml b/queries/aws_app_runner_service_6.yaml index 89dc73444..59703b53d 100755 --- a/queries/aws_app_runner_service_6.yaml +++ b/queries/aws_app_runner_service_6.yaml @@ -1,24 +1,19 @@ +Description: Allows users to query AWS App Runner services, providing detailed information + on service configurations, scaling, and network settings. ID: aws_app_runner_service_6 -Title: "Find AWS App Runner Service Details and Configurations" -Description: "Allows users to query AWS App Runner services, providing detailed information on service configurations, scaling, and network settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - service_url - from - aws_app_runner_service; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n arn,\n service_url\nfrom\n aws_app_runner_service;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - App Runner +Title: Find AWS App Runner Service Details and Configurations diff --git a/queries/aws_appautoscaling_policy_1.yaml b/queries/aws_appautoscaling_policy_1.yaml index 6409ea28a..fcb3fafd5 100755 --- a/queries/aws_appautoscaling_policy_1.yaml +++ b/queries/aws_appautoscaling_policy_1.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Application Auto Scaling Policies to obtain + information about their configuration, attached resources, and other metadata. ID: aws_appautoscaling_policy_1 -Title: "List AWS Application Auto Scaling Policies Configuration" -Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_namespace, - scalable_dimension, - policy_type, - resource_id, - creation_time - from - aws_appautoscaling_policy - where - service_namespace = 'ecs'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_namespace,\n scalable_dimension,\n policy_type,\n\ + \ resource_id,\n creation_time\nfrom\n aws_appautoscaling_policy\nwhere\n \ + \ service_namespace = 'ecs';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Application Auto Scaling +Title: List AWS Application Auto Scaling Policies Configuration diff --git a/queries/aws_appautoscaling_policy_2.yaml b/queries/aws_appautoscaling_policy_2.yaml index b92d62968..dfa3a74e0 100755 --- a/queries/aws_appautoscaling_policy_2.yaml +++ b/queries/aws_appautoscaling_policy_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Application Auto Scaling Policies to obtain + information about their configuration, attached resources, and other metadata. ID: aws_appautoscaling_policy_2 -Title: "Find AWS Application Auto Scaling Policies Configuration" -Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_id, - policy_type - from - aws_appautoscaling_policy - where - service_namespace = 'ecs' - and policy_type = 'StepScaling'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_id,\n policy_type\nfrom\n aws_appautoscaling_policy\n\ + where\n service_namespace = 'ecs'\n and policy_type = 'StepScaling';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Application Auto Scaling +Title: Find AWS Application Auto Scaling Policies Configuration diff --git a/queries/aws_appautoscaling_policy_3.yaml b/queries/aws_appautoscaling_policy_3.yaml index 481e7bd3d..aa0b46d34 100755 --- a/queries/aws_appautoscaling_policy_3.yaml +++ b/queries/aws_appautoscaling_policy_3.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Application Auto Scaling Policies to obtain + information about their configuration, attached resources, and other metadata. ID: aws_appautoscaling_policy_3 -Title: "Find AWS Auto Scaling Policies for ECS Resources" -Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_id, - policy_type - from - aws_appautoscaling_policy - where - service_namespace = 'ecs' - and creation_time > now() - interval '30 days'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_id,\n policy_type\nfrom\n aws_appautoscaling_policy\n\ + where\n service_namespace = 'ecs'\n and creation_time > now() - interval '30\ + \ days';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Application Auto Scaling +Title: Find AWS Auto Scaling Policies for ECS Resources diff --git a/queries/aws_appautoscaling_policy_4.yaml b/queries/aws_appautoscaling_policy_4.yaml index 896763b14..191460be2 100755 --- a/queries/aws_appautoscaling_policy_4.yaml +++ b/queries/aws_appautoscaling_policy_4.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Application Auto Scaling Policies to obtain + information about their configuration, attached resources, and other metadata. ID: aws_appautoscaling_policy_4 -Title: "Find all AWS Auto Scaling Policies and Configurations" -Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_id, - policy_type, - jsonb_array_elements(alarms) -> 'AlarmName' as alarm_name - from - aws_appautoscaling_policy - where - service_namespace = 'ecs'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_id,\n policy_type,\n jsonb_array_elements(alarms)\ + \ -> 'AlarmName' as alarm_name\nfrom\n aws_appautoscaling_policy\nwhere\n service_namespace\ + \ = 'ecs';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Application Auto Scaling +Title: Find all AWS Auto Scaling Policies and Configurations diff --git a/queries/aws_appautoscaling_policy_5.yaml b/queries/aws_appautoscaling_policy_5.yaml index 354277aaf..d8165b25b 100755 --- a/queries/aws_appautoscaling_policy_5.yaml +++ b/queries/aws_appautoscaling_policy_5.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Application Auto Scaling Policies to obtain + information about their configuration, attached resources, and other metadata. ID: aws_appautoscaling_policy_5 -Title: "List AWS App Auto Scaling Policies and Configurations" -Description: "Allows users to query AWS Application Auto Scaling Policies to obtain information about their configuration, attached resources, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_id, - policy_type, - step_scaling_policy_configuration - from - aws_appautoscaling_policy - where - service_namespace = 'ecs' - and policy_type = 'StepScaling'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_id,\n policy_type,\n step_scaling_policy_configuration\n\ + from\n aws_appautoscaling_policy\nwhere\n service_namespace = 'ecs'\n and policy_type\ + \ = 'StepScaling';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Application Auto Scaling +Title: List AWS App Auto Scaling Policies and Configurations diff --git a/queries/aws_appautoscaling_target_1.yaml b/queries/aws_appautoscaling_target_1.yaml index 946c83773..d266ae9cf 100755 --- a/queries/aws_appautoscaling_target_1.yaml +++ b/queries/aws_appautoscaling_target_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Application Auto Scaling Targets. This table + provides information about each target, including the service namespace, scalable + dimension, resource ID, and the associated scaling policies. ID: aws_appautoscaling_target_1 -Title: "Find AWS Application Auto Scaling Targets using SQL" -Description: "Allows users to query AWS Application Auto Scaling Targets. This table provides information about each target, including the service namespace, scalable dimension, resource ID, and the associated scaling policies." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_namespace, - scalable_dimension, - resource_id, - creation_time - from - aws_appautoscaling_target - where - service_namespace = 'dynamodb'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_namespace,\n scalable_dimension,\n resource_id,\n\ + \ creation_time\nfrom\n aws_appautoscaling_target\nwhere\n service_namespace\ + \ = 'dynamodb';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Application Auto Scaling +Title: Find AWS Application Auto Scaling Targets using SQL diff --git a/queries/aws_appautoscaling_target_2.yaml b/queries/aws_appautoscaling_target_2.yaml index acf807d7d..cd99a4f8f 100755 --- a/queries/aws_appautoscaling_target_2.yaml +++ b/queries/aws_appautoscaling_target_2.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Application Auto Scaling Targets. This table + provides information about each target, including the service namespace, scalable + dimension, resource ID, and the associated scaling policies. ID: aws_appautoscaling_target_2 -Title: "Find AWS Application Auto Scaling Targets Details" -Description: "Allows users to query AWS Application Auto Scaling Targets. This table provides information about each target, including the service namespace, scalable dimension, resource ID, and the associated scaling policies." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_id, - scalable_dimension - from - aws_appautoscaling_target - where - service_namespace = 'dynamodb' - and scalable_dimension = 'dynamodb:table:ReadCapacityUnits' - or scalable_dimension = 'dynamodb:table:WriteCapacityUnits'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_id,\n scalable_dimension\nfrom\n aws_appautoscaling_target\n\ + where\n service_namespace = 'dynamodb'\n and scalable_dimension = 'dynamodb:table:ReadCapacityUnits'\n\ + \ or scalable_dimension = 'dynamodb:table:WriteCapacityUnits';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Application Auto Scaling +Title: Find AWS Application Auto Scaling Targets Details diff --git a/queries/aws_appconfig_application_1.yaml b/queries/aws_appconfig_application_1.yaml index c74bdeeb5..db4bfdb75 100755 --- a/queries/aws_appconfig_application_1.yaml +++ b/queries/aws_appconfig_application_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS AppConfig Applications to gather detailed information + about each application, including its name, description, associated environments, + and more. ID: aws_appconfig_application_1 -Title: "Find AWS AppConfig Application Details" -Description: "Allows users to query AWS AppConfig Applications to gather detailed information about each application, including its name, description, associated environments, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - id, - name, - description, - tags - from - aws_appconfig_application; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n id,\n name,\n description,\n tags\nfrom\n\ + \ aws_appconfig_application;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppConfig +Title: Find AWS AppConfig Application Details diff --git a/queries/aws_appstream_fleet_1.yaml b/queries/aws_appstream_fleet_1.yaml index eed447288..dd42dc89d 100755 --- a/queries/aws_appstream_fleet_1.yaml +++ b/queries/aws_appstream_fleet_1.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS AppStream Fleets for detailed information about + each fleet, including its state, instance type, and associated stack details. ID: aws_appstream_fleet_1 -Title: "List all AWS AppStream Fleets with detailed information" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - instance_type, - description, - created_time, - display_name, - state, - directory_name, - enable_default_internet_access - from - aws_appstream_fleet; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n instance_type,\n description,\n created_time,\n\ + \ display_name,\n state,\n directory_name,\n enable_default_internet_access\n\ + from\n aws_appstream_fleet;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: List all AWS AppStream Fleets with detailed information diff --git a/queries/aws_appstream_fleet_10.yaml b/queries/aws_appstream_fleet_10.yaml index 62ec562d0..d22d96ef7 100755 --- a/queries/aws_appstream_fleet_10.yaml +++ b/queries/aws_appstream_fleet_10.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS AppStream Fleets for detailed information about + each fleet, including its state, instance type, and associated stack details. ID: aws_appstream_fleet_10 -Title: "List all AWS AppStream Fleets with State and Details" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - state, - created_time, - description - from - aws_appstream_fleet - where - state = 'RUNNING'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n state,\n created_time,\n description\n\ + from\n aws_appstream_fleet\nwhere\n state = 'RUNNING';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: List all AWS AppStream Fleets with State and Details diff --git a/queries/aws_appstream_fleet_2.yaml b/queries/aws_appstream_fleet_2.yaml index 0eeccacb2..f0bb11f73 100755 --- a/queries/aws_appstream_fleet_2.yaml +++ b/queries/aws_appstream_fleet_2.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS AppStream Fleets for detailed information about + each fleet, including its state, instance type, and associated stack details. ID: aws_appstream_fleet_2 -Title: "List all AWS AppStream Fleets with Detailed Information" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - instance_type, - description, - created_time, - display_name, - state, - enable_default_internet_access - from - aws_appstream_fleet - where enable_default_internet_access; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n instance_type,\n description,\n created_time,\n\ + \ display_name,\n state,\n enable_default_internet_access\nfrom\n aws_appstream_fleet\n\ + where enable_default_internet_access;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: List all AWS AppStream Fleets with Detailed Information diff --git a/queries/aws_appstream_fleet_3.yaml b/queries/aws_appstream_fleet_3.yaml index 567514951..7815e8633 100755 --- a/queries/aws_appstream_fleet_3.yaml +++ b/queries/aws_appstream_fleet_3.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS AppStream Fleets for detailed information about + each fleet, including its state, instance type, and associated stack details. ID: aws_appstream_fleet_3 -Title: "List all AWS AppStream Fleets with Details" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - fleet_type, - instance_type, - display_name, - image_arn, - image_name - from - aws_appstream_fleet - where - fleet_type = 'ON_DEMAND'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_time,\n fleet_type,\n instance_type,\n\ + \ display_name,\n image_arn,\n image_name\nfrom\n aws_appstream_fleet\nwhere\n\ + \ fleet_type = 'ON_DEMAND';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: List all AWS AppStream Fleets with Details diff --git a/queries/aws_appstream_fleet_4.yaml b/queries/aws_appstream_fleet_4.yaml index 731b0b536..757ed7103 100755 --- a/queries/aws_appstream_fleet_4.yaml +++ b/queries/aws_appstream_fleet_4.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS AppStream Fleets for detailed information about + each fleet, including its state, instance type, and associated stack details. ID: aws_appstream_fleet_4 -Title: "List all AWS AppStream Fleets and their details" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - display_name, - enable_default_internet_access, - max_concurrent_sessions, - max_user_duration_in_seconds - from - aws_appstream_fleet - where - created_time >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_time,\n display_name,\n enable_default_internet_access,\n\ + \ max_concurrent_sessions,\n max_user_duration_in_seconds\nfrom\n aws_appstream_fleet\n\ + where\n created_time >= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: List all AWS AppStream Fleets and their details diff --git a/queries/aws_appstream_fleet_5.yaml b/queries/aws_appstream_fleet_5.yaml index 5bb3f73a4..0f97cfad5 100755 --- a/queries/aws_appstream_fleet_5.yaml +++ b/queries/aws_appstream_fleet_5.yaml @@ -1,35 +1,24 @@ +Description: Allows users to query AWS AppStream Fleets for detailed information about + each fleet, including its state, instance type, and associated stack details. ID: aws_appstream_fleet_5 -Title: "Find AWS AppStream Fleets and Detailed Stack Info" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.name, - f.created_time, - f.display_name, - f.image_arn, - i.base_image_arn, - i.image_builder_name, - i.visibility - from - aws_appstream_fleet as f, - aws_appstream_image as i - where - i.arn = f.image_arn - and - i.visibility = 'PRIVATE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n f.name,\n f.created_time,\n f.display_name,\n f.image_arn,\n\ + \ i.base_image_arn,\n i.image_builder_name,\n i.visibility\nfrom\n aws_appstream_fleet\ + \ as f,\n aws_appstream_image as i\nwhere\n i.arn = f.image_arn\nand\n i.visibility\ + \ = 'PRIVATE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: Find AWS AppStream Fleets and Detailed Stack Info diff --git a/queries/aws_appstream_fleet_6.yaml b/queries/aws_appstream_fleet_6.yaml index dc168edf3..c6adb2922 100755 --- a/queries/aws_appstream_fleet_6.yaml +++ b/queries/aws_appstream_fleet_6.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS AppStream Fleets for detailed information about + each fleet, including its state, instance type, and associated stack details. ID: aws_appstream_fleet_6 -Title: "List AWS AppStream Fleet details including state and type" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - compute_capacity_status ->> 'Available' as available, - compute_capacity_status ->> 'Desired' as desired, - compute_capacity_status ->> 'InUse' as in_use, - compute_capacity_status ->> 'Running' as running - from - aws_appstream_fleet; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n compute_capacity_status ->> 'Available'\ + \ as available,\n compute_capacity_status ->> 'Desired' as desired,\n compute_capacity_status\ + \ ->> 'InUse' as in_use,\n compute_capacity_status ->> 'Running' as running\n\ + from\n aws_appstream_fleet;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS AppStream +Title: List AWS AppStream Fleet details including state and type diff --git a/queries/aws_appstream_fleet_7.yaml b/queries/aws_appstream_fleet_7.yaml index 74815084a..2dd32c768 100755 --- a/queries/aws_appstream_fleet_7.yaml +++ b/queries/aws_appstream_fleet_7.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS AppStream Fleets for detailed information about + each fleet, including its state, instance type, and associated stack details. ID: aws_appstream_fleet_7 -Title: "Find AWS AppStream Fleet Details Including State and Instance Type" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - e ->> 'ErrorCode' as error_code, - e ->> 'ErrorMessage' as error_message - from - aws_appstream_fleet, - jsonb_array_elements(fleet_errors) as e; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n e ->> 'ErrorCode' as error_code,\n \ + \ e ->> 'ErrorMessage' as error_message\nfrom\n aws_appstream_fleet,\n jsonb_array_elements(fleet_errors)\ + \ as e;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: Find AWS AppStream Fleet Details Including State and Instance Type diff --git a/queries/aws_appstream_fleet_8.yaml b/queries/aws_appstream_fleet_8.yaml index 5f5fcb90f..5b90f62b5 100755 --- a/queries/aws_appstream_fleet_8.yaml +++ b/queries/aws_appstream_fleet_8.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS AppStream Fleets for detailed information about + each fleet, including its state, instance type, and associated stack details. ID: aws_appstream_fleet_8 -Title: "Find All AWS AppStream Fleet Details and States" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - vpc_config -> 'SecurityGroupIds' as security_group_ids, - vpc_config -> 'SubnetIds' as subnet_ids - from - aws_appstream_fleet; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n vpc_config -> 'SecurityGroupIds' as\ + \ security_group_ids,\n vpc_config -> 'SubnetIds' as subnet_ids\nfrom\n aws_appstream_fleet;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS AppStream Fleet +Title: Find All AWS AppStream Fleet Details and States diff --git a/queries/aws_appstream_fleet_9.yaml b/queries/aws_appstream_fleet_9.yaml index 631647f56..34e2e1792 100755 --- a/queries/aws_appstream_fleet_9.yaml +++ b/queries/aws_appstream_fleet_9.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS AppStream Fleets for detailed information about + each fleet, including its state, instance type, and associated stack details. ID: aws_appstream_fleet_9 -Title: "List AWS AppStream Fleet Details by Instance Type" -Description: "Allows users to query AWS AppStream Fleets for detailed information about each fleet, including its state, instance type, and associated stack details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - instance_type, - Count(instance_type) as number_of_fleets - from - aws_appstream_fleet - group by - instance_type, - name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n instance_type,\n Count(instance_type) as number_of_fleets\n\ + from\n aws_appstream_fleet\ngroup by\n instance_type,\n name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: List AWS AppStream Fleet Details by Instance Type diff --git a/queries/aws_appstream_image_1.yaml b/queries/aws_appstream_image_1.yaml index fa4d6966b..564bb76d9 100755 --- a/queries/aws_appstream_image_1.yaml +++ b/queries/aws_appstream_image_1.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS AppStream Images to gain insights into their + properties, states, and associated metadata. ID: aws_appstream_image_1 -Title: "List AWS AppStream Images and Metadata" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - base_image_arn, - description, - created_time, - display_name, - image_builder_name, - tags - from - aws_appstream_image; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n base_image_arn,\n description,\n created_time,\n\ + \ display_name,\n image_builder_name,\n tags\nfrom\n aws_appstream_image;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: List AWS AppStream Images and Metadata diff --git a/queries/aws_appstream_image_2.yaml b/queries/aws_appstream_image_2.yaml index adf755318..f2da96eee 100755 --- a/queries/aws_appstream_image_2.yaml +++ b/queries/aws_appstream_image_2.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS AppStream Images to gain insights into their + properties, states, and associated metadata. ID: aws_appstream_image_2 -Title: "Find AWS AppStream Images and Their Properties" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - display_name, - platform, - state - from - aws_appstream_image - where - state = 'AVAILABLE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n display_name,\n platform,\n state\n\ + from\n aws_appstream_image\nwhere\n state = 'AVAILABLE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: Find AWS AppStream Images and Their Properties diff --git a/queries/aws_appstream_image_3.yaml b/queries/aws_appstream_image_3.yaml index b58505cf9..b23ff5c34 100755 --- a/queries/aws_appstream_image_3.yaml +++ b/queries/aws_appstream_image_3.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS AppStream Images to gain insights into their + properties, states, and associated metadata. ID: aws_appstream_image_3 -Title: "Find all AWS AppStream Image Details and Metadata" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - base_image_arn, - display_name, - image_builder_supported, - image_builder_name - from - aws_appstream_image - where - platform = 'WINDOWS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_time,\n base_image_arn,\n display_name,\n\ + \ image_builder_supported,\n image_builder_name\nfrom\n aws_appstream_image\n\ + where\n platform = 'WINDOWS';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: Find all AWS AppStream Image Details and Metadata diff --git a/queries/aws_appstream_image_4.yaml b/queries/aws_appstream_image_4.yaml index 97dc44d5b..a45e655d2 100755 --- a/queries/aws_appstream_image_4.yaml +++ b/queries/aws_appstream_image_4.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS AppStream Images to gain insights into their + properties, states, and associated metadata. ID: aws_appstream_image_4 -Title: "List all AWS AppStream Image properties and states" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - base_image_arn, - display_name, - image_builder_supported, - image_builder_name - from - aws_appstream_image - where - image_builder_supported; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_time,\n base_image_arn,\n display_name,\n\ + \ image_builder_supported,\n image_builder_name\nfrom\n aws_appstream_image\n\ + where\n image_builder_supported;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: List all AWS AppStream Image properties and states diff --git a/queries/aws_appstream_image_5.yaml b/queries/aws_appstream_image_5.yaml index 5c6ef7faa..3652b2e81 100755 --- a/queries/aws_appstream_image_5.yaml +++ b/queries/aws_appstream_image_5.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS AppStream Images to gain insights into their + properties, states, and associated metadata. ID: aws_appstream_image_5 -Title: "Find AWS AppStream Images and Their States" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - base_image_arn, - display_name, - image_builder_name, - visibility - from - aws_appstream_image - where - visibility = 'PRIVATE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_time,\n base_image_arn,\n display_name,\n\ + \ image_builder_name,\n visibility\nfrom\n aws_appstream_image\nwhere\n visibility\ + \ = 'PRIVATE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: Find AWS AppStream Images and Their States diff --git a/queries/aws_appstream_image_6.yaml b/queries/aws_appstream_image_6.yaml index c54557e43..8cdc778d4 100755 --- a/queries/aws_appstream_image_6.yaml +++ b/queries/aws_appstream_image_6.yaml @@ -1,40 +1,29 @@ +Description: Allows users to query AWS AppStream Images to gain insights into their + properties, states, and associated metadata. ID: aws_appstream_image_6 -Title: "List AWS AppStream Images and Metadata" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - a ->> 'AppBlockArn' as app_block_arn, - a ->> 'Arn' as app_arn, - a ->> 'CreatedTime' as app_created_time, - a ->> 'Description' as app_description, - a ->> 'DisplayName' as app_display_name, - a ->> 'Enabled' as app_enabled, - a ->> 'IconS3Location' as app_icon_s3_location, - a ->> 'IconURL' as app_icon_url, - a ->> 'InstanceFamilies' as app_instance_families, - a ->> 'LaunchParameters' as app_launch_parameters, - a ->> 'LaunchPath' as app_launch_path, - a ->> 'Name' as app_name, - a ->> 'Platforms' as app_platforms, - a ->> 'WorkingDirectory' as app_WorkingDirectory - from - aws_appstream_image, - jsonb_array_elements(applications) as a; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n a ->> 'AppBlockArn' as app_block_arn,\n\ + \ a ->> 'Arn' as app_arn,\n a ->> 'CreatedTime' as app_created_time,\n a ->>\ + \ 'Description' as app_description,\n a ->> 'DisplayName' as app_display_name,\n\ + \ a ->> 'Enabled' as app_enabled,\n a ->> 'IconS3Location' as app_icon_s3_location,\n\ + \ a ->> 'IconURL' as app_icon_url,\n a ->> 'InstanceFamilies' as app_instance_families,\n\ + \ a ->> 'LaunchParameters' as app_launch_parameters,\n a ->> 'LaunchPath' as\ + \ app_launch_path,\n a ->> 'Name' as app_name,\n a ->> 'Platforms' as app_platforms,\n\ + \ a ->> 'WorkingDirectory' as app_WorkingDirectory\nfrom\n aws_appstream_image,\n\ + \ jsonb_array_elements(applications) as a;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: List AWS AppStream Images and Metadata diff --git a/queries/aws_appstream_image_7.yaml b/queries/aws_appstream_image_7.yaml index e5dab4cfa..6beb4ce8c 100755 --- a/queries/aws_appstream_image_7.yaml +++ b/queries/aws_appstream_image_7.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS AppStream Images to gain insights into their + properties, states, and associated metadata. ID: aws_appstream_image_7 -Title: "Find AWS AppStream Images Properties and States" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - image_permissions ->> 'AllowFleet' as allow_fleet, - image_permissions ->> 'AllowImageBuilder' as allow_image_builder - from - aws_appstream_image; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n image_permissions ->> 'AllowFleet' as\ + \ allow_fleet,\n image_permissions ->> 'AllowImageBuilder' as allow_image_builder\n\ + from\n aws_appstream_image;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: Find AWS AppStream Images Properties and States diff --git a/queries/aws_appstream_image_8.yaml b/queries/aws_appstream_image_8.yaml index 8014d84e1..24489c8b7 100755 --- a/queries/aws_appstream_image_8.yaml +++ b/queries/aws_appstream_image_8.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS AppStream Images to gain insights into their + properties, states, and associated metadata. ID: aws_appstream_image_8 -Title: "List AWS AppStream Images and Their Error Details" -Description: "Allows users to query AWS AppStream Images to gain insights into their properties, states, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - e ->> 'ErrorCode' as error_code, - e ->> 'ErrorMessage' as error_message, - e ->> 'ErrorTimestamp' as error_timestamp - from - aws_appstream_image, - jsonb_array_elements(image_errors) as e; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n e ->> 'ErrorCode' as error_code,\n \ + \ e ->> 'ErrorMessage' as error_message,\n e ->> 'ErrorTimestamp' as error_timestamp\n\ + from\n aws_appstream_image,\n jsonb_array_elements(image_errors) as e;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppStream +Title: List AWS AppStream Images and Their Error Details diff --git a/queries/aws_appsync_graphql_api_1.yaml b/queries/aws_appsync_graphql_api_1.yaml index e9721322d..2bd01e9aa 100755 --- a/queries/aws_appsync_graphql_api_1.yaml +++ b/queries/aws_appsync_graphql_api_1.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AppSync GraphQL APIs to retrieve detailed information + about each individual GraphQL API. ID: aws_appsync_graphql_api_1 -Title: "Find details of AWS AppSync GraphQL APIs using SQL" -Description: "Allows users to query AppSync GraphQL APIs to retrieve detailed information about each individual GraphQL API." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - arn, - api_type, - authentication_type, - owner, - owner_contact - from - aws_appsync_graphql_api - where - api_type = 'MERGED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n api_id,\n arn,\n api_type,\n authentication_type,\n\ + \ owner,\n owner_contact\nfrom\n aws_appsync_graphql_api\nwhere\n api_type\ + \ = 'MERGED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppSync +Title: Find details of AWS AppSync GraphQL APIs using SQL diff --git a/queries/aws_appsync_graphql_api_2.yaml b/queries/aws_appsync_graphql_api_2.yaml index 19082866f..53bb1a657 100755 --- a/queries/aws_appsync_graphql_api_2.yaml +++ b/queries/aws_appsync_graphql_api_2.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AppSync GraphQL APIs to retrieve detailed information + about each individual GraphQL API. ID: aws_appsync_graphql_api_2 -Title: "List all AWS AppSync GraphQL API details" -Description: "Allows users to query AppSync GraphQL APIs to retrieve detailed information about each individual GraphQL API." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - api_type, - visibility - from - aws_appsync_graphql_api - where - visibility = 'GLOBAL' - and owner = account_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n api_id,\n api_type,\n visibility\nfrom\n \ + \ aws_appsync_graphql_api\nwhere\n visibility = 'GLOBAL'\n and owner = account_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppSync +Title: List all AWS AppSync GraphQL API details diff --git a/queries/aws_appsync_graphql_api_3.yaml b/queries/aws_appsync_graphql_api_3.yaml index d8ed89205..be79c4011 100755 --- a/queries/aws_appsync_graphql_api_3.yaml +++ b/queries/aws_appsync_graphql_api_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AppSync GraphQL APIs to retrieve detailed information + about each individual GraphQL API. ID: aws_appsync_graphql_api_3 -Title: "Find AWS AppSync GraphQL API Details" -Description: "Allows users to query AppSync GraphQL APIs to retrieve detailed information about each individual GraphQL API." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - api_id, - owner, - log_config ->> 'CloudWatchLogsRoleArn' as cloud_watch_logs_role_arn, - log_config ->> 'FieldLogLevel' as field_log_level, - log_config ->> 'ExcludeVerboseContent' as exclude_verbose_content - from - aws_appsync_graphql_api; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n api_id,\n owner,\n log_config ->> 'CloudWatchLogsRoleArn'\ + \ as cloud_watch_logs_role_arn,\n log_config ->> 'FieldLogLevel' as field_log_level,\n\ + \ log_config ->> 'ExcludeVerboseContent' as exclude_verbose_content\nfrom\n \ + \ aws_appsync_graphql_api;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AppSync +Title: Find AWS AppSync GraphQL API Details diff --git a/queries/aws_athena_query_execution_1.yaml b/queries/aws_athena_query_execution_1.yaml index 52d4ea136..e5328abf6 100755 --- a/queries/aws_athena_query_execution_1.yaml +++ b/queries/aws_athena_query_execution_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Athena Query Executions to retrieve detailed + information about each individual query execution. ID: aws_athena_query_execution_1 -Title: "List AWS Athena Queries with Errors" -Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - query, - error_message, - error_type - from - aws_athena_query_execution - where - error_message is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n query,\n error_message,\n error_type\nfrom\n\ + \ aws_athena_query_execution\nwhere\n error_message is not null;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Athena +Title: List AWS Athena Queries with Errors diff --git a/queries/aws_athena_query_execution_2.yaml b/queries/aws_athena_query_execution_2.yaml index 79a3141d6..255c32cac 100755 --- a/queries/aws_athena_query_execution_2.yaml +++ b/queries/aws_athena_query_execution_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Athena Query Executions to retrieve detailed + information about each individual query execution. ID: aws_athena_query_execution_2 -Title: "Find AWS Athena Query Executions Detailed Information" -Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workgroup, - sum(data_scanned_in_bytes) - from - aws_athena_query_execution - group by - workgroup; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n workgroup, \n sum(data_scanned_in_bytes) \nfrom \n\ + \ aws_athena_query_execution\ngroup by \n workgroup;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Athena +Title: Find AWS Athena Query Executions Detailed Information diff --git a/queries/aws_athena_query_execution_3.yaml b/queries/aws_athena_query_execution_3.yaml index 432c5dc7f..ee592db87 100755 --- a/queries/aws_athena_query_execution_3.yaml +++ b/queries/aws_athena_query_execution_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Athena Query Executions to retrieve detailed + information about each individual query execution. ID: aws_athena_query_execution_3 -Title: "Find AWS Athena Query Executions with Execution Time" -Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - query, - workgroup, - engine_execution_time_in_millis - from - aws_athena_query_execution - order by - engine_execution_time_in_millis limit 5; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n query,\n workgroup,\n engine_execution_time_in_millis\ + \ \nfrom\n aws_athena_query_execution \norder by\n engine_execution_time_in_millis\ + \ limit 5;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Athena +Title: Find AWS Athena Query Executions with Execution Time diff --git a/queries/aws_athena_query_execution_4.yaml b/queries/aws_athena_query_execution_4.yaml index edf28751f..f8e36147d 100755 --- a/queries/aws_athena_query_execution_4.yaml +++ b/queries/aws_athena_query_execution_4.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Athena Query Executions to retrieve detailed + information about each individual query execution. ID: aws_athena_query_execution_4 -Title: "Find top AWS Athena query executions" -Description: "Allows users to query AWS Athena Query Executions to retrieve detailed information about each individual query execution." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database, - count(id) as nb_query - from - aws_athena_query_execution - group by - database - order by - nb_query limit 5; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n database,\n count(id) as nb_query \nfrom\n aws_athena_query_execution\ + \ \ngroup by\n database \norder by\n nb_query limit 5;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Athena +Title: Find top AWS Athena query executions diff --git a/queries/aws_athena_workgroup_1.yaml b/queries/aws_athena_workgroup_1.yaml index c83432e68..5859edb7b 100755 --- a/queries/aws_athena_workgroup_1.yaml +++ b/queries/aws_athena_workgroup_1.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Athena Workgroup details such as workgroup + name, state, description, creation time, and more. ID: aws_athena_workgroup_1 -Title: "List all AWS Athena Workgroup details and creation time" -Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - effective_engine_version, - output_location, - creation_time - from - aws_athena_workgroup - order by - creation_time; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n name, \n description, \n effective_engine_version,\ + \ \n output_location, \n creation_time \nfrom \n aws_athena_workgroup \norder\ + \ by \n creation_time;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Athena +Title: List all AWS Athena Workgroup details and creation time diff --git a/queries/aws_athena_workgroup_2.yaml b/queries/aws_athena_workgroup_2.yaml index d4a764ba0..0048e0ea8 100755 --- a/queries/aws_athena_workgroup_2.yaml +++ b/queries/aws_athena_workgroup_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Athena Workgroup details such as workgroup + name, state, description, creation time, and more. ID: aws_athena_workgroup_2 -Title: "Find AWS Athena Workgroup Details Including Name and State" -Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description - from - aws_athena_workgroup - where - effective_engine_version = 'Athena engine version 3'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n name, \n description \nfrom \n aws_athena_workgroup\ + \ \nwhere \n effective_engine_version = 'Athena engine version 3';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Athena Workgroup +Title: Find AWS Athena Workgroup Details Including Name and State diff --git a/queries/aws_athena_workgroup_3.yaml b/queries/aws_athena_workgroup_3.yaml index 57a106a90..5a00e4835 100755 --- a/queries/aws_athena_workgroup_3.yaml +++ b/queries/aws_athena_workgroup_3.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Athena Workgroup details such as workgroup + name, state, description, creation time, and more. ID: aws_athena_workgroup_3 -Title: "List AWS Athena Workgroup details including state" -Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - region, - count(*) - from - aws_athena_workgroup - group by - region; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n region, \n count(*) \nfrom \n aws_athena_workgroup\ + \ \ngroup by \n region;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Athena +Title: List AWS Athena Workgroup details including state diff --git a/queries/aws_athena_workgroup_4.yaml b/queries/aws_athena_workgroup_4.yaml index 36b67f1e6..9da376dab 100755 --- a/queries/aws_athena_workgroup_4.yaml +++ b/queries/aws_athena_workgroup_4.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Athena Workgroup details such as workgroup + name, state, description, creation time, and more. ID: aws_athena_workgroup_4 -Title: "List all AWS Athena Workgroup details using SQL" -Description: "Allows users to query AWS Athena Workgroup details such as workgroup name, state, description, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - creation_time - from - aws_athena_workgroup - where - state = 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n name, \n description, \n creation_time\nfrom \n aws_athena_workgroup\ + \ \nwhere\n state = 'DISABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Athena +Title: List all AWS Athena Workgroup details using SQL diff --git a/queries/aws_auditmanager_assessment_1.yaml b/queries/aws_auditmanager_assessment_1.yaml index daa0b6623..1082267d1 100755 --- a/queries/aws_auditmanager_assessment_1.yaml +++ b/queries/aws_auditmanager_assessment_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Audit Manager Assessments to retrieve detailed + information about each assessment. ID: aws_auditmanager_assessment_1 -Title: "List all AWS Audit Manager Assessments" -Description: "Allows users to query AWS Audit Manager Assessments to retrieve detailed information about each assessment." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - compliance_type - from - aws_auditmanager_assessment; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n status,\n compliance_type\nfrom\n \ + \ aws_auditmanager_assessment;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Audit Manager +Title: List all AWS Audit Manager Assessments diff --git a/queries/aws_auditmanager_assessment_2.yaml b/queries/aws_auditmanager_assessment_2.yaml index 3ee1442d0..02bd7f492 100755 --- a/queries/aws_auditmanager_assessment_2.yaml +++ b/queries/aws_auditmanager_assessment_2.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS Audit Manager Assessments to retrieve detailed + information about each assessment. ID: aws_auditmanager_assessment_2 -Title: "Find all AWS Audit Manager Assessment details" -Description: "Allows users to query AWS Audit Manager Assessments to retrieve detailed information about each assessment." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.name, - a.arn, - a.assessment_report_destination, - a.assessment_report_destination_type, - b.bucket_policy_is_public as is_public_bucket - from - aws_auditmanager_assessment as a - join aws_s3_bucket as b on a.assessment_report_destination = 's3://' || b.Name and b.bucket_policy_is_public; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.name,\n a.arn,\n a.assessment_report_destination,\n\ + \ a.assessment_report_destination_type,\n b.bucket_policy_is_public as is_public_bucket\n\ + from\n aws_auditmanager_assessment as a\njoin aws_s3_bucket as b on a.assessment_report_destination\ + \ = 's3://' || b.Name and b.bucket_policy_is_public;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Audit Manager +Title: Find all AWS Audit Manager Assessment details diff --git a/queries/aws_auditmanager_assessment_3.yaml b/queries/aws_auditmanager_assessment_3.yaml index 7829f72c3..615b0d679 100755 --- a/queries/aws_auditmanager_assessment_3.yaml +++ b/queries/aws_auditmanager_assessment_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Audit Manager Assessments to retrieve detailed + information about each assessment. ID: aws_auditmanager_assessment_3 -Title: "List all AWS Audit Manager assessments information" -Description: "Allows users to query AWS Audit Manager Assessments to retrieve detailed information about each assessment." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status - from - aws_auditmanager_assessment - where - status <> 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n status\nfrom\n aws_auditmanager_assessment\n\ + where\n status <> 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Audit Manager +Title: List all AWS Audit Manager assessments information diff --git a/queries/aws_auditmanager_control_1.yaml b/queries/aws_auditmanager_control_1.yaml index 82d0e2e9b..bf2d8a37c 100755 --- a/queries/aws_auditmanager_control_1.yaml +++ b/queries/aws_auditmanager_control_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Audit Manager Control data, providing information + about controls within AWS Audit Manager. This table enables users to access detailed + information about controls, such as control source, control type, description, and + associated metadata. ID: aws_auditmanager_control_1 -Title: "List all AWS Audit Manager Controls with Details" -Description: "Allows users to query AWS Audit Manager Control data, providing information about controls within AWS Audit Manager. This table enables users to access detailed information about controls, such as control source, control type, description, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - description, - type - from - aws_auditmanager_control; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n description,\n type\nfrom\n aws_auditmanager_control;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Audit Manager +Title: List all AWS Audit Manager Controls with Details diff --git a/queries/aws_auditmanager_control_2.yaml b/queries/aws_auditmanager_control_2.yaml index 39509b5a5..d91e6fd4d 100755 --- a/queries/aws_auditmanager_control_2.yaml +++ b/queries/aws_auditmanager_control_2.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Audit Manager Control data, providing information + about controls within AWS Audit Manager. This table enables users to access detailed + information about controls, such as control source, control type, description, and + associated metadata. ID: aws_auditmanager_control_2 -Title: "List AWS Audit Manager Control Data" -Description: "Allows users to query AWS Audit Manager Control data, providing information about controls within AWS Audit Manager. This table enables users to access detailed information about controls, such as control source, control type, description, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - type - from - aws_auditmanager_control - where - type = 'Custom'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n type\nfrom\n aws_auditmanager_control\n\ + where\n type = 'Custom';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Audit Manager +Title: List AWS Audit Manager Control Data diff --git a/queries/aws_auditmanager_evidence_1.yaml b/queries/aws_auditmanager_evidence_1.yaml index e55721a3c..65d1adafc 100755 --- a/queries/aws_auditmanager_evidence_1.yaml +++ b/queries/aws_auditmanager_evidence_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Audit Manager Evidence, providing detailed + information about evidence resources associated with assessments in AWS Audit Manager. ID: aws_auditmanager_evidence_1 -Title: "Find AWS Audit Manager Evidence with Detailed Info" -Description: "Allows users to query AWS Audit Manager Evidence, providing detailed information about evidence resources associated with assessments in AWS Audit Manager." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - evidence_folder_id, - evidence_by_type, - iam_id, - control_set_id - from - aws_auditmanager_evidence; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n evidence_folder_id,\n evidence_by_type,\n\ + \ iam_id,\n control_set_id\nfrom\n aws_auditmanager_evidence;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Audit Manager +Title: Find AWS Audit Manager Evidence with Detailed Info diff --git a/queries/aws_auditmanager_evidence_2.yaml b/queries/aws_auditmanager_evidence_2.yaml index 746d9721f..bd48c135f 100755 --- a/queries/aws_auditmanager_evidence_2.yaml +++ b/queries/aws_auditmanager_evidence_2.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Audit Manager Evidence, providing detailed + information about evidence resources associated with assessments in AWS Audit Manager. ID: aws_auditmanager_evidence_2 -Title: "List all evidence resources in AWS Audit Manager" -Description: "Allows users to query AWS Audit Manager Evidence, providing detailed information about evidence resources associated with assessments in AWS Audit Manager." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - evidence_folder_id, - count(id) as evidence_count - from - aws_auditmanager_evidence - group by - evidence_folder_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n evidence_folder_id,\n count(id) as evidence_count\n\ + from\n aws_auditmanager_evidence\ngroup by\n evidence_folder_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Audit Manager +Title: List all evidence resources in AWS Audit Manager diff --git a/queries/aws_auditmanager_evidence_folder_1.yaml b/queries/aws_auditmanager_evidence_folder_1.yaml index ee7065ce7..115d9e915 100755 --- a/queries/aws_auditmanager_evidence_folder_1.yaml +++ b/queries/aws_auditmanager_evidence_folder_1.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS Audit Manager Evidence Folders to get comprehensive + details about the evidence folders in the AWS Audit Manager service. ID: aws_auditmanager_evidence_folder_1 -Title: "List all AWS Audit Manager Evidence Folders" -Description: "Allows users to query AWS Audit Manager Evidence Folders to get comprehensive details about the evidence folders in the AWS Audit Manager service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - assessment_id, - control_set_id, - control_id, - total_evidence - from - aws_auditmanager_evidence_folder; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n assessment_id,\n control_set_id,\n\ + \ control_id,\n total_evidence\nfrom\n aws_auditmanager_evidence_folder;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Audit Manager +Title: List all AWS Audit Manager Evidence Folders diff --git a/queries/aws_auditmanager_evidence_folder_2.yaml b/queries/aws_auditmanager_evidence_folder_2.yaml index 56ba1c299..68f446c00 100755 --- a/queries/aws_auditmanager_evidence_folder_2.yaml +++ b/queries/aws_auditmanager_evidence_folder_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Audit Manager Evidence Folders to get comprehensive + details about the evidence folders in the AWS Audit Manager service. ID: aws_auditmanager_evidence_folder_2 -Title: "List all Evidence Folders in AWS Audit Manager" -Description: "Allows users to query AWS Audit Manager Evidence Folders to get comprehensive details about the evidence folders in the AWS Audit Manager service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - assessment_id, - count(id) as evidence_folder_count - from - aws_auditmanager_evidence_folder - group by - assessment_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n assessment_id,\n count(id) as evidence_folder_count\n\ + from\n aws_auditmanager_evidence_folder\ngroup by\n assessment_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Audit Manager +Title: List all Evidence Folders in AWS Audit Manager diff --git a/queries/aws_auditmanager_framework_1.yaml b/queries/aws_auditmanager_framework_1.yaml index ea2e2b74e..1ef90c9d5 100755 --- a/queries/aws_auditmanager_framework_1.yaml +++ b/queries/aws_auditmanager_framework_1.yaml @@ -1,25 +1,18 @@ +Description: Allows users to query AWS Audit Manager Frameworks ID: aws_auditmanager_framework_1 -Title: "Find all AWS Audit Manager Frameworks" -Description: "Allows users to query AWS Audit Manager Frameworks" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - id, - type - from - aws_auditmanager_framework; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n id,\n type\nfrom\n aws_auditmanager_framework;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Audit Manager +Title: Find all AWS Audit Manager Frameworks diff --git a/queries/aws_auditmanager_framework_2.yaml b/queries/aws_auditmanager_framework_2.yaml index 85a51e3a5..730ac02fe 100755 --- a/queries/aws_auditmanager_framework_2.yaml +++ b/queries/aws_auditmanager_framework_2.yaml @@ -1,27 +1,19 @@ +Description: Allows users to query AWS Audit Manager Frameworks ID: aws_auditmanager_framework_2 -Title: "Find AWS Audit Manager Frameworks with SQL" -Description: "Allows users to query AWS Audit Manager Frameworks" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - id, - type - from - aws_auditmanager_framework - where - type = 'Custom'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n id,\n type\nfrom\n aws_auditmanager_framework\n\ + where\n type = 'Custom';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Audit Manager +Title: Find AWS Audit Manager Frameworks with SQL diff --git a/queries/aws_availability_zone_1.yaml b/queries/aws_availability_zone_1.yaml index 04f3ce31c..f903e5ac9 100755 --- a/queries/aws_availability_zone_1.yaml +++ b/queries/aws_availability_zone_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query EC2 Availability Zones in AWS, providing details + such as zone ID, name, region, and state. ID: aws_availability_zone_1 -Title: "List all EC2 Availability Zones with Details" -Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - zone_id, - zone_type, - group_name, - region_name - from - aws_availability_zone; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n zone_id,\n zone_type,\n group_name,\n region_name\n\ + from\n aws_availability_zone;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all EC2 Availability Zones with Details diff --git a/queries/aws_availability_zone_2.yaml b/queries/aws_availability_zone_2.yaml index 3ded35598..838b4a923 100755 --- a/queries/aws_availability_zone_2.yaml +++ b/queries/aws_availability_zone_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query EC2 Availability Zones in AWS, providing details + such as zone ID, name, region, and state. ID: aws_availability_zone_2 -Title: "List all EC2 Availability Zones details in AWS" -Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - region_name, - count(name) as zone_count - from - aws_availability_zone - group by - region_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n region_name,\n count(name) as zone_count\nfrom\n aws_availability_zone\n\ + group by\n region_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all EC2 Availability Zones details in AWS diff --git a/queries/aws_availability_zone_3.yaml b/queries/aws_availability_zone_3.yaml index 2c9a5b103..0e1c41cb6 100755 --- a/queries/aws_availability_zone_3.yaml +++ b/queries/aws_availability_zone_3.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query EC2 Availability Zones in AWS, providing details + such as zone ID, name, region, and state. ID: aws_availability_zone_3 -Title: "List all EC2 Availability Zones with details in AWS" -Description: "Allows users to query EC2 Availability Zones in AWS, providing details such as zone ID, name, region, and state." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - zone_id, - region_name, - opt_in_status - from - aws_availability_zone - where - opt_in_status = 'not-opted-in'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n zone_id,\n region_name,\n opt_in_status\n\ + from\n aws_availability_zone\nwhere\n opt_in_status = 'not-opted-in';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all EC2 Availability Zones with details in AWS diff --git a/queries/aws_backup_framework_1.yaml b/queries/aws_backup_framework_1.yaml index 6ee8c6682..ea2c56374 100755 --- a/queries/aws_backup_framework_1.yaml +++ b/queries/aws_backup_framework_1.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS Backup Frameworks and retrieve comprehensive + data about each backup plan, including its unique ARN, version, creation and deletion + dates, and more. ID: aws_backup_framework_1 -Title: "List AWS Backup Frameworks with Comprehensive Details" -Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_id, - arn, - creation_time, - deployment_status, - framework_controls, - framework_description,framework_name, - framework_status, - number_of_controls, - region, - tags - from - aws_backup_framework; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n account_id,\n arn,\n creation_time,\n deployment_status,\n\ + \ framework_controls,\n framework_description,framework_name,\n framework_status,\n\ + \ number_of_controls,\n region,\n tags\nfrom\n aws_backup_framework;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: List AWS Backup Frameworks with Comprehensive Details diff --git a/queries/aws_backup_framework_2.yaml b/queries/aws_backup_framework_2.yaml index 40760192e..0477b4679 100755 --- a/queries/aws_backup_framework_2.yaml +++ b/queries/aws_backup_framework_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Backup Frameworks and retrieve comprehensive + data about each backup plan, including its unique ARN, version, creation and deletion + dates, and more. ID: aws_backup_framework_2 -Title: "List all AWS Backup Frameworks and Detailed Information" -Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - framework_name, - arn, - creation_time, - number_of_controls - from - aws_backup_framework - where - creation_time >= (current_date - interval '90' day) - order by - creation_time; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n framework_name,\n arn,\n creation_time,\n number_of_controls\n\ + from\n aws_backup_framework\nwhere\n creation_time >= (current_date - interval\ + \ '90' day)\norder by\n creation_time;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: List all AWS Backup Frameworks and Detailed Information diff --git a/queries/aws_backup_framework_3.yaml b/queries/aws_backup_framework_3.yaml index 6e3763dce..93054bae3 100755 --- a/queries/aws_backup_framework_3.yaml +++ b/queries/aws_backup_framework_3.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Backup Frameworks and retrieve comprehensive + data about each backup plan, including its unique ARN, version, creation and deletion + dates, and more. ID: aws_backup_framework_3 -Title: "List AWS Backup Frameworks and Detailed Plans" -Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - framework_name - from - aws_backup_framework, - jsonb_array_elements(framework_controls) as controls - where - controls ->> 'ControlName' = 'BACKUP_RESOURCES_PROTECTED_BY_BACKUP_VAULT_LOCK'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n framework_name\nfrom\n aws_backup_framework,\n jsonb_array_elements(framework_controls)\ + \ as controls\nwhere\n controls ->> 'ControlName' = 'BACKUP_RESOURCES_PROTECTED_BY_BACKUP_VAULT_LOCK';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: List AWS Backup Frameworks and Detailed Plans diff --git a/queries/aws_backup_framework_4.yaml b/queries/aws_backup_framework_4.yaml index 7ed9501aa..1d844f9eb 100755 --- a/queries/aws_backup_framework_4.yaml +++ b/queries/aws_backup_framework_4.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Backup Frameworks and retrieve comprehensive + data about each backup plan, including its unique ARN, version, creation and deletion + dates, and more. ID: aws_backup_framework_4 -Title: "Find AWS Backup Frameworks and Retrieve Comprehensive Data" -Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - framework_name, - controls ->> 'ControlName' as control_name, - control_scope - from - aws_backup_framework, - jsonb_array_elements(framework_controls) as controls, - json_array_elements_text(coalesce(controls -> 'ControlScope' ->> 'ComplianceResourceTypes', '[""]')::json) as control_scope - where - framework_name = 'framework_name'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n framework_name,\n controls ->> 'ControlName' as control_name,\n\ + \ control_scope\nfrom\n aws_backup_framework,\n jsonb_array_elements(framework_controls)\ + \ as controls,\n json_array_elements_text(coalesce(controls -> 'ControlScope'\ + \ ->> 'ComplianceResourceTypes', '[\"\"]')::json) as control_scope\nwhere\n framework_name\ + \ = 'framework_name';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: Find AWS Backup Frameworks and Retrieve Comprehensive Data diff --git a/queries/aws_backup_framework_5.yaml b/queries/aws_backup_framework_5.yaml index 68b683793..19fc54777 100755 --- a/queries/aws_backup_framework_5.yaml +++ b/queries/aws_backup_framework_5.yaml @@ -1,49 +1,35 @@ +Description: Allows users to query AWS Backup Frameworks and retrieve comprehensive + data about each backup plan, including its unique ARN, version, creation and deletion + dates, and more. ID: aws_backup_framework_5 -Title: "Find AWS Backup Frameworks and Compliance Types" -Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_name, - compliance_result -> 'Compliance' ->> 'ComplianceType' as compliance_type, - compliance_result -> 'Compliance' -> 'ComplianceContributorCount' ->> 'CappedCount' as count_of_noncompliant_resources - from - aws_config_rule - inner join - ( - -- The sub-query will create the AWS Config rule name from information stored in the AWS Backup framework table. - select - case when framework_information.control_scope = '' then concat(framework_information.control_name, '-', framework_information.framework_uuid) - else concat(upper(framework_information.control_scope), '-', framework_information.control_name, '-', framework_information.framework_uuid) - end as rule_name - from - ( - select - framework_name, - controls ->> 'ControlName' as control_name, - control_scope, - right(arn, 36) as framework_uuid - from - aws_backup_framework, - jsonb_array_elements(framework_controls) as controls, - json_array_elements_text(coalesce(controls -> 'ControlScope' ->> 'ComplianceResourceTypes', '[""]')::json) as control_scope - ) as framework_information - ) as backup_framework - on - aws_config_rule.name = backup_framework.rule_name, - jsonb_array_elements(compliance_by_config_rule) as compliance_result - where - compliance_result -> 'Compliance' ->> 'ComplianceType' = 'NON_COMPLIANT'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n rule_name,\n compliance_result -> 'Compliance' ->> 'ComplianceType'\ + \ as compliance_type,\n compliance_result -> 'Compliance' -> 'ComplianceContributorCount'\ + \ ->> 'CappedCount' as count_of_noncompliant_resources\nfrom\n aws_config_rule\n\ + inner join\n(\n -- The sub-query will create the AWS Config rule name from information\ + \ stored in the AWS Backup framework table.\n select\n case when framework_information.control_scope\ + \ = '' then concat(framework_information.control_name, '-', framework_information.framework_uuid)\n\ + \ else concat(upper(framework_information.control_scope), '-', framework_information.control_name,\ + \ '-', framework_information.framework_uuid)\n end as rule_name\n from\n \ + \ (\n select\n framework_name,\n controls ->> 'ControlName' as control_name,\n\ + \ control_scope,\n right(arn, 36) as framework_uuid\n from\n \ + \ aws_backup_framework,\n jsonb_array_elements(framework_controls) as controls,\n\ + \ json_array_elements_text(coalesce(controls -> 'ControlScope' ->> 'ComplianceResourceTypes',\ + \ '[\"\"]')::json) as control_scope\n ) as framework_information\n) as backup_framework\n\ + on\n aws_config_rule.name = backup_framework.rule_name,\n jsonb_array_elements(compliance_by_config_rule)\ + \ as compliance_result\nwhere\n compliance_result -> 'Compliance' ->> 'ComplianceType'\ + \ = 'NON_COMPLIANT';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: Find AWS Backup Frameworks and Compliance Types diff --git a/queries/aws_backup_framework_6.yaml b/queries/aws_backup_framework_6.yaml index a80570cdc..39aef9427 100755 --- a/queries/aws_backup_framework_6.yaml +++ b/queries/aws_backup_framework_6.yaml @@ -1,50 +1,36 @@ +Description: Allows users to query AWS Backup Frameworks and retrieve comprehensive + data about each backup plan, including its unique ARN, version, creation and deletion + dates, and more. ID: aws_backup_framework_6 -Title: "Find AWS Backup Frameworks with Compliance Status" -Description: "Allows users to query AWS Backup Frameworks and retrieve comprehensive data about each backup plan, including its unique ARN, version, creation and deletion dates, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_name, - compliance_result -> 'Compliance' ->> 'ComplianceType' as compliance_type - from - aws_config_rule - inner join - ( - -- The sub-query will create the AWS Config rule name from information stored in the AWS Backup framework table. - select - case when framework_information.control_scope = '' then concat(framework_information.control_name, '-', framework_information.framework_uuid) - else concat(upper(framework_information.control_scope), '-', framework_information.control_name, '-', framework_information.framework_uuid) - end as rule_name - from - ( - select - framework_name, - controls ->> 'ControlName' as control_name, - control_scope, - right(arn, 36) as framework_uuid - from - aws_backup_framework, - jsonb_array_elements(framework_controls) as controls, - json_array_elements_text(coalesce(controls -> 'ControlScope' ->> 'ComplianceResourceTypes', '[""]')::json) as control_scope - ) as framework_information - ) as backup_framework - on - aws_config_rule.name = backup_framework.rule_name, - jsonb_array_elements(compliance_by_config_rule) as compliance_result - where - compliance_result -> 'Compliance' ->> 'ComplianceType' = 'COMPLIANT'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n rule_name,\n compliance_result -> 'Compliance' ->> 'ComplianceType'\ + \ as compliance_type\nfrom\n aws_config_rule\ninner join\n(\n -- The sub-query\ + \ will create the AWS Config rule name from information stored in the AWS Backup\ + \ framework table.\n select\n case when framework_information.control_scope\ + \ = '' then concat(framework_information.control_name, '-', framework_information.framework_uuid)\n\ + \ else concat(upper(framework_information.control_scope), '-', framework_information.control_name,\ + \ '-', framework_information.framework_uuid)\n end as rule_name\n from\n \ + \ (\n select\n framework_name,\n controls ->> 'ControlName' as control_name,\n\ + \ control_scope,\n right(arn, 36) as framework_uuid\n from\n \ + \ aws_backup_framework,\n jsonb_array_elements(framework_controls) as controls,\n\ + \ json_array_elements_text(coalesce(controls -> 'ControlScope' ->> 'ComplianceResourceTypes',\ + \ '[\"\"]')::json) as control_scope\n ) as framework_information\n) as backup_framework\n\ + on\n aws_config_rule.name = backup_framework.rule_name,\n jsonb_array_elements(compliance_by_config_rule)\ + \ as compliance_result\nwhere\n compliance_result -> 'Compliance' ->> 'ComplianceType'\ + \ = 'COMPLIANT';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: Find AWS Backup Frameworks with Compliance Status diff --git a/queries/aws_backup_job_1.yaml b/queries/aws_backup_job_1.yaml index e64694c90..8d97e143f 100755 --- a/queries/aws_backup_job_1.yaml +++ b/queries/aws_backup_job_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Backup Jobs, providing detailed information + about the status of backups jobs. ID: aws_backup_job_1 -Title: "Find all AWS Backup Job details including status" -Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - job_id, - recovery_point_arn, - backup_vault_arn, - status - from - aws_backup_job - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n job_id,\n recovery_point_arn,\n backup_vault_arn,\n\ + \ status\nfrom\n aws_backup_job" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Backup +Title: Find all AWS Backup Job details including status diff --git a/queries/aws_backup_job_2.yaml b/queries/aws_backup_job_2.yaml index 5d202634a..edb5f1aa0 100755 --- a/queries/aws_backup_job_2.yaml +++ b/queries/aws_backup_job_2.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Backup Jobs, providing detailed information + about the status of backups jobs. ID: aws_backup_job_2 -Title: "List All Incomplete AWS Backup Jobs" -Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - job_id, - recovery_point_arn, - backup_vault_arn, - status, - current_date - from - aws_backup_job - where - status != 'COMPLETED' - and creation_date > current_date - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n job_id,\n recovery_point_arn,\n backup_vault_arn,\n\ + \ status,\n current_date\nfrom\n aws_backup_job\nwhere\n status != 'COMPLETED'\n\ + \ and creation_date > current_date" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Backup +Title: List All Incomplete AWS Backup Jobs diff --git a/queries/aws_backup_job_3.yaml b/queries/aws_backup_job_3.yaml index ecad74deb..23c020e44 100755 --- a/queries/aws_backup_job_3.yaml +++ b/queries/aws_backup_job_3.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Backup Jobs, providing detailed information + about the status of backups jobs. ID: aws_backup_job_3 -Title: "List all AWS Backup Jobs with Status Details" -Description: "Allows users to query AWS Backup Jobs, providing detailed information about the status of backups jobs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_type, - count(*) - from - aws_backup_job - group by - resource_type - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_type,\n count(*)\nfrom\n aws_backup_job\n\ + group by\n resource_type" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Backup +Title: List all AWS Backup Jobs with Status Details diff --git a/queries/aws_backup_legal_hold_1.yaml b/queries/aws_backup_legal_hold_1.yaml index 85e94f55f..207b63541 100755 --- a/queries/aws_backup_legal_hold_1.yaml +++ b/queries/aws_backup_legal_hold_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Backup Legal Hold to obtain information about + the legal hold settings of AWS backup resources. ID: aws_backup_legal_hold_1 -Title: "List AWS Backup Legal Hold Settings" -Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - legal_hold_id, - arn, - creation_date, - cancellation_date - from - aws_backup_legal_hold; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n legal_hold_id,\n arn,\n creation_date,\n cancellation_date\n\ + from\n aws_backup_legal_hold;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: List AWS Backup Legal Hold Settings diff --git a/queries/aws_backup_legal_hold_2.yaml b/queries/aws_backup_legal_hold_2.yaml index cc16a096d..c10077ef3 100755 --- a/queries/aws_backup_legal_hold_2.yaml +++ b/queries/aws_backup_legal_hold_2.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS Backup Legal Hold to obtain information about + the legal hold settings of AWS backup resources. ID: aws_backup_legal_hold_2 -Title: "Find AWS Backup Legal Hold Settings" -Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - legal_hold_id, - arn, - creation_date, - creation_date, - retain_record_until - from - aws_backup_legal_hold - where - creation_date <= current_date - interval '10' day - order by - creation_date; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n legal_hold_id,\n arn,\n creation_date,\n creation_date,\n\ + \ retain_record_until\nfrom\n aws_backup_legal_hold\nwhere\n creation_date\ + \ <= current_date - interval '10' day\norder by\n creation_date;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: Find AWS Backup Legal Hold Settings diff --git a/queries/aws_backup_legal_hold_3.yaml b/queries/aws_backup_legal_hold_3.yaml index e6a6ed0ee..79ff32591 100755 --- a/queries/aws_backup_legal_hold_3.yaml +++ b/queries/aws_backup_legal_hold_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Backup Legal Hold to obtain information about + the legal hold settings of AWS backup resources. ID: aws_backup_legal_hold_3 -Title: "List all AWS Backup Legal Hold settings" -Description: "Allows users to query AWS Backup Legal Hold to obtain information about the legal hold settings of AWS backup resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - legal_hold_id, - recovery_point_selection -> 'DateRange' ->> 'ToDate' as to_date, - recovery_point_selection -> 'DateRange' ->> 'FromDate' as from_date, - recovery_point_selection -> 'VaultNames' as vault_names, - recovery_point_selection ->> 'ResourceIdentifiers' as resource_identifiers - from - aws_backup_legal_hold; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n legal_hold_id,\n recovery_point_selection\ + \ -> 'DateRange' ->> 'ToDate' as to_date,\n recovery_point_selection -> 'DateRange'\ + \ ->> 'FromDate' as from_date,\n recovery_point_selection -> 'VaultNames' as\ + \ vault_names,\n recovery_point_selection ->> 'ResourceIdentifiers' as resource_identifiers\n\ + from\n aws_backup_legal_hold;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: List all AWS Backup Legal Hold settings diff --git a/queries/aws_backup_plan_1.yaml b/queries/aws_backup_plan_1.yaml index b9074b140..dc2616ced 100755 --- a/queries/aws_backup_plan_1.yaml +++ b/queries/aws_backup_plan_1.yaml @@ -1,30 +1,26 @@ +Description: Allows users to query AWS Backup Plan data, providing detailed information + about each backup plan created within an AWS account. Useful for DevOps engineers + to monitor and manage backup strategies and ensure data recovery processes are in + place. ID: aws_backup_plan_1 -Title: "Find AWS Backup Plans Information for Data Recovery" -Description: "Allows users to query AWS Backup Plan data, providing detailed information about each backup plan created within an AWS account. Useful for DevOps engineers to monitor and manage backup strategies and ensure data recovery processes are in place." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - backup_plan_id, - arn, - creation_date, - last_execution_date - from - aws_backup_plan; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n backup_plan_id,\n arn,\n creation_date,\n\ + \ last_execution_date\nfrom\n aws_backup_plan;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: Find AWS Backup Plans Information for Data Recovery diff --git a/queries/aws_backup_plan_2.yaml b/queries/aws_backup_plan_2.yaml index 007cbb06e..e7452e11f 100755 --- a/queries/aws_backup_plan_2.yaml +++ b/queries/aws_backup_plan_2.yaml @@ -1,32 +1,25 @@ +Description: Allows users to query AWS Backup Plan data, providing detailed information + about each backup plan created within an AWS account. Useful for DevOps engineers + to monitor and manage backup strategies and ensure data recovery processes are in + place. ID: aws_backup_plan_2 -Title: "List all AWS Backup Plans and details within 90 days" -Description: "Allows users to query AWS Backup Plan data, providing detailed information about each backup plan created within an AWS account. Useful for DevOps engineers to monitor and manage backup strategies and ensure data recovery processes are in place." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - backup_plan_id, - arn, - creation_date, - last_execution_date - from - aws_backup_plan - where - creation_date <= (current_date - interval '90' day) - order by - creation_date; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n backup_plan_id,\n arn,\n creation_date,\n\ + \ last_execution_date\nfrom\n aws_backup_plan\nwhere\n creation_date <= (current_date\ + \ - interval '90' day)\norder by\n creation_date;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup Plan +Title: List all AWS Backup Plans and details within 90 days diff --git a/queries/aws_backup_plan_3.yaml b/queries/aws_backup_plan_3.yaml index f06bda149..e2d740e05 100755 --- a/queries/aws_backup_plan_3.yaml +++ b/queries/aws_backup_plan_3.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Backup Plan data, providing detailed information + about each backup plan created within an AWS account. Useful for DevOps engineers + to monitor and manage backup strategies and ensure data recovery processes are in + place. ID: aws_backup_plan_3 -Title: "List all AWS Backup Plans with Details" -Description: "Allows users to query AWS Backup Plan data, providing detailed information about each backup plan created within an AWS account. Useful for DevOps engineers to monitor and manage backup strategies and ensure data recovery processes are in place." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_date, - deletion_date - from - aws_backup_plan - where - deletion_date > current_date - 7 - order by - deletion_date; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n creation_date,\n deletion_date\nfrom\n\ + \ aws_backup_plan\nwhere\n deletion_date > current_date - 7\norder by\n deletion_date;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Backup +Title: List all AWS Backup Plans with Details diff --git a/queries/aws_backup_protected_resource_1.yaml b/queries/aws_backup_protected_resource_1.yaml index 3e4f0cf9f..098927b80 100755 --- a/queries/aws_backup_protected_resource_1.yaml +++ b/queries/aws_backup_protected_resource_1.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS Backup Protected Resources to retrieve detailed + information about the resources that are backed up by AWS Backup service. ID: aws_backup_protected_resource_1 -Title: "List all AWS Backup Protected Resource details" -Description: "Allows users to query AWS Backup Protected Resources to retrieve detailed information about the resources that are backed up by AWS Backup service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_arn, - resource_type, - last_backup_time - from - aws_backup_protected_resource; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_arn,\n resource_type,\n last_backup_time\n\ + from\n aws_backup_protected_resource;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: List all AWS Backup Protected Resource details diff --git a/queries/aws_backup_protected_resource_2.yaml b/queries/aws_backup_protected_resource_2.yaml index 1884bf785..bed45eaa2 100755 --- a/queries/aws_backup_protected_resource_2.yaml +++ b/queries/aws_backup_protected_resource_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Backup Protected Resources to retrieve detailed + information about the resources that are backed up by AWS Backup service. ID: aws_backup_protected_resource_2 -Title: "Find AWS Backup Protected Resources Information" -Description: "Allows users to query AWS Backup Protected Resources to retrieve detailed information about the resources that are backed up by AWS Backup service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_arn, - resource_type, - last_backup_time - from - aws_backup_protected_resource - where - resource_type = 'EBS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_arn,\n resource_type,\n last_backup_time\n\ + from\n aws_backup_protected_resource\nwhere\n resource_type = 'EBS';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: Find AWS Backup Protected Resources Information diff --git a/queries/aws_backup_recovery_point_1.yaml b/queries/aws_backup_recovery_point_1.yaml index b25c163b9..f0474e76f 100755 --- a/queries/aws_backup_recovery_point_1.yaml +++ b/queries/aws_backup_recovery_point_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Backup Recovery Points to gather comprehensive + information about each recovery point within an AWS Backup vault. ID: aws_backup_recovery_point_1 -Title: "List all AWS Backup Recovery Points in a Backup Vault" -Description: "Allows users to query AWS Backup Recovery Points to gather comprehensive information about each recovery point within an AWS Backup vault." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - backup_vault_name, - recovery_point_arn, - resource_type, - status - from - aws_backup_recovery_point; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n backup_vault_name,\n recovery_point_arn,\n resource_type,\n\ + \ status\nfrom\n aws_backup_recovery_point;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: List all AWS Backup Recovery Points in a Backup Vault diff --git a/queries/aws_backup_recovery_point_2.yaml b/queries/aws_backup_recovery_point_2.yaml index 30b8cdfd7..49f714371 100755 --- a/queries/aws_backup_recovery_point_2.yaml +++ b/queries/aws_backup_recovery_point_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Backup Recovery Points to gather comprehensive + information about each recovery point within an AWS Backup vault. ID: aws_backup_recovery_point_2 -Title: "List all AWS Backup Recovery Points in Vault" -Description: "Allows users to query AWS Backup Recovery Points to gather comprehensive information about each recovery point within an AWS Backup vault." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - backup_vault_name, - recovery_point_arn, - resource_type, - status, - is_encrypted - from - aws_backup_recovery_point - where - is_encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n backup_vault_name,\n recovery_point_arn,\n resource_type,\n\ + \ status,\n is_encrypted\nfrom\n aws_backup_recovery_point\nwhere\n is_encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: List all AWS Backup Recovery Points in Vault diff --git a/queries/aws_backup_recovery_point_3.yaml b/queries/aws_backup_recovery_point_3.yaml index 6188e3983..63230e7e9 100755 --- a/queries/aws_backup_recovery_point_3.yaml +++ b/queries/aws_backup_recovery_point_3.yaml @@ -1,41 +1,28 @@ +Description: Allows users to query AWS Backup Recovery Points to gather comprehensive + information about each recovery point within an AWS Backup vault. ID: aws_backup_recovery_point_3 -Title: "List all AWS Backup Recovery Points in a Vault" -Description: "Allows users to query AWS Backup Recovery Points to gather comprehensive information about each recovery point within an AWS Backup vault." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.backup_vault_name as backup_vault_name, - r.recovery_point_arn as recovery_point_arn, - r.resource_type as resource_type, - case - when r.resource_type = 'EBS' then ( - select tags from aws_ebs_snapshot where arn = concat( - (string_to_array(r.recovery_point_arn, '::'))[1], - ':', - r.account_id, - ':', - (string_to_array(r.recovery_point_arn, '::'))[2] - ) - ) - when r.resource_type = 'EC2' then ( - select tags from aws_ec2_ami where image_id = (string_to_array(r.recovery_point_arn, '::image/'))[2] - ) - when r.resource_type in ('S3', 'EFS') then r.tags - end as tags, - r.region, - r.account_id - from - aws_backup_recovery_point as r; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.backup_vault_name as backup_vault_name,\n r.recovery_point_arn\ + \ as recovery_point_arn,\n r.resource_type as resource_type,\ncase\n when\ + \ r.resource_type = 'EBS' then (\n select tags from aws_ebs_snapshot where\ + \ arn = concat(\n (string_to_array(r.recovery_point_arn, '::'))[1],\n \ + \ ':',\n r.account_id,\n ':',\n (string_to_array(r.recovery_point_arn,\ + \ '::'))[2]\n )\n )\n when r.resource_type = 'EC2' then (\n select\ + \ tags from aws_ec2_ami where image_id = (string_to_array(r.recovery_point_arn,\ + \ '::image/'))[2]\n )\n when r.resource_type in ('S3', 'EFS') then r.tags\n\ + end as tags,\n r.region,\n r.account_id\nfrom\n aws_backup_recovery_point as\ + \ r;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: List all AWS Backup Recovery Points in a Vault diff --git a/queries/aws_backup_report_plan_1.yaml b/queries/aws_backup_report_plan_1.yaml index 8c88e46ee..f0a16b912 100755 --- a/queries/aws_backup_report_plan_1.yaml +++ b/queries/aws_backup_report_plan_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Backup Report Plan data, including details + about backup jobs, recovery points, and backup vaults. ID: aws_backup_report_plan_1 -Title: "List all AWS Backup Report Plan details" -Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - creation_time, - last_attempted_execution_time, - deployment_status - from - aws_backup_report_plan; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n description,\n creation_time,\n last_attempted_execution_time,\n\ + \ deployment_status\nfrom\n aws_backup_report_plan;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: List all AWS Backup Report Plan details diff --git a/queries/aws_backup_report_plan_2.yaml b/queries/aws_backup_report_plan_2.yaml index 197affcc1..44f3a7e57 100755 --- a/queries/aws_backup_report_plan_2.yaml +++ b/queries/aws_backup_report_plan_2.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Backup Report Plan data, including details + about backup jobs, recovery points, and backup vaults. ID: aws_backup_report_plan_2 -Title: "List all AWS Backup Report Plan data details" -Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - creation_time, - last_attempted_execution_time, - deployment_status - from - aws_backup_report_plan - where - creation_time <= (current_date - interval '90' day) - order by - creation_time; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n description,\n creation_time,\n last_attempted_execution_time,\n\ + \ deployment_status\nfrom\n aws_backup_report_plan\nwhere\n creation_time <=\ + \ (current_date - interval '90' day)\norder by\n creation_time;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: List all AWS Backup Report Plan data details diff --git a/queries/aws_backup_report_plan_3.yaml b/queries/aws_backup_report_plan_3.yaml index df6b40069..96bce92e1 100755 --- a/queries/aws_backup_report_plan_3.yaml +++ b/queries/aws_backup_report_plan_3.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS Backup Report Plan data, including details + about backup jobs, recovery points, and backup vaults. ID: aws_backup_report_plan_3 -Title: "List AWS Backup Report Plan Data with Details" -Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - creation_time, - last_attempted_execution_time, - deployment_status - from - aws_backup_report_plan - where - last_successful_execution_time > current_date - 7 - order by - last_successful_execution_time; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n description,\n creation_time,\n last_attempted_execution_time,\n\ + \ deployment_status\nfrom\n aws_backup_report_plan\nwhere\n last_successful_execution_time\ + \ > current_date - 7\norder by\n last_successful_execution_time;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: List AWS Backup Report Plan Data with Details diff --git a/queries/aws_backup_report_plan_4.yaml b/queries/aws_backup_report_plan_4.yaml index 20c40a9e1..729b2f135 100755 --- a/queries/aws_backup_report_plan_4.yaml +++ b/queries/aws_backup_report_plan_4.yaml @@ -1,34 +1,26 @@ +Description: Allows users to query AWS Backup Report Plan data, including details + about backup jobs, recovery points, and backup vaults. ID: aws_backup_report_plan_4 -Title: "List AWS Backup Report Plan Data Details" -Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - creation_time, - report_setting ->> 'ReportTemplate' as report_template, - report_setting ->> 'Accounts' as accounts, - report_setting ->> 'FrameworkArns' as framework_arns, - report_setting ->> 'NumberOfFrameworks' as number_of_frameworks, - report_setting ->> 'OrganizationUnits' as organization_units, - report_setting ->> 'Regions' as regions - from - aws_backup_report_plan - where - title = 'backup_jobs_report_12_07_2023'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n description,\n creation_time,\n report_setting\ + \ ->> 'ReportTemplate' as report_template,\n report_setting ->> 'Accounts' as\ + \ accounts,\n report_setting ->> 'FrameworkArns' as framework_arns,\n report_setting\ + \ ->> 'NumberOfFrameworks' as number_of_frameworks,\n report_setting ->> 'OrganizationUnits'\ + \ as organization_units,\n report_setting ->> 'Regions' as regions\nfrom\n aws_backup_report_plan\n\ + where\n title = 'backup_jobs_report_12_07_2023';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Backup +Title: List AWS Backup Report Plan Data Details diff --git a/queries/aws_backup_report_plan_5.yaml b/queries/aws_backup_report_plan_5.yaml index d7ae1cc19..35724745a 100755 --- a/queries/aws_backup_report_plan_5.yaml +++ b/queries/aws_backup_report_plan_5.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Backup Report Plan data, including details + about backup jobs, recovery points, and backup vaults. ID: aws_backup_report_plan_5 -Title: "Query AWS Backup Report Plan Details" -Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - creation_time, - last_attempted_execution_time, - deployment_status - from - aws_backup_report_plan - where - deployment_status = 'COMPLETED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n description,\n creation_time,\n last_attempted_execution_time,\n\ + \ deployment_status\nfrom\n aws_backup_report_plan\nwhere\n deployment_status\ + \ = 'COMPLETED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Backup Report Plan +Title: Query AWS Backup Report Plan Details diff --git a/queries/aws_backup_report_plan_6.yaml b/queries/aws_backup_report_plan_6.yaml index 9bfa7b6ee..a9c0bc445 100755 --- a/queries/aws_backup_report_plan_6.yaml +++ b/queries/aws_backup_report_plan_6.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Backup Report Plan data, including details + about backup jobs, recovery points, and backup vaults. ID: aws_backup_report_plan_6 -Title: "Query AWS Backup Report Plan data with details" -Description: "Allows users to query AWS Backup Report Plan data, including details about backup jobs, recovery points, and backup vaults." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - creation_time, - report_delivery_channel ->> 'Formats' as formats, - report_delivery_channel ->> 'S3BucketName' as s3_bucket_name, - report_delivery_channel ->> 'S3KeyPrefix' as s3_key_prefix - from - aws_backup_report_plan - where - title = 'backup_jobs_report_12_07_2023'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n description,\n creation_time,\n report_delivery_channel\ + \ ->> 'Formats' as formats,\n report_delivery_channel ->> 'S3BucketName' as s3_bucket_name,\n\ + \ report_delivery_channel ->> 'S3KeyPrefix' as s3_key_prefix\nfrom\n aws_backup_report_plan\n\ + where\n title = 'backup_jobs_report_12_07_2023';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup Report Plan +Title: Query AWS Backup Report Plan data with details diff --git a/queries/aws_backup_selection_1.yaml b/queries/aws_backup_selection_1.yaml index 5ce6627d7..c5380f5f4 100755 --- a/queries/aws_backup_selection_1.yaml +++ b/queries/aws_backup_selection_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Backup Selections to obtain detailed information + about the backup selection resources within AWS Backup service. ID: aws_backup_selection_1 -Title: "Find AWS Backup Selections Information" -Description: "Allows users to query AWS Backup Selections to obtain detailed information about the backup selection resources within AWS Backup service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - selection_name, - backup_plan_id, - iam_role_arn, - region, - account_id - from - aws_backup_selection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n selection_name,\n backup_plan_id,\n iam_role_arn,\n\ + \ region,\n account_id\nfrom\n aws_backup_selection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: Find AWS Backup Selections Information diff --git a/queries/aws_backup_selection_2.yaml b/queries/aws_backup_selection_2.yaml index 4007dca63..4f38420e9 100755 --- a/queries/aws_backup_selection_2.yaml +++ b/queries/aws_backup_selection_2.yaml @@ -1,34 +1,23 @@ +Description: Allows users to query AWS Backup Selections to obtain detailed information + about the backup selection resources within AWS Backup service. ID: aws_backup_selection_2 -Title: "List all AWS Backup Selection Details" -Description: "Allows users to query AWS Backup Selections to obtain detailed information about the backup selection resources within AWS Backup service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with filtered_data as ( - select - backup_plan_id, - jsonb_agg(r) as assigned_resource - from - aws_backup_selection, - jsonb_array_elements(resources) as r - group by backup_plan_id - ) - select - v.volume_id, - v.region, - v.account_id - from - aws_ebs_volume as v - join filtered_data t on t.assigned_resource ?| array[v.arn]; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with filtered_data as (\n select\n backup_plan_id,\n jsonb_agg(r)\ + \ as assigned_resource\n from\n aws_backup_selection,\n jsonb_array_elements(resources)\ + \ as r\n group by backup_plan_id\n)\nselect\n v.volume_id,\n v.region,\n v.account_id\n\ + from\n aws_ebs_volume as v\n join filtered_data t on t.assigned_resource ?|\ + \ array[v.arn];" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: List all AWS Backup Selection Details diff --git a/queries/aws_backup_vault_1.yaml b/queries/aws_backup_vault_1.yaml index dd4d02c46..f894f922f 100755 --- a/queries/aws_backup_vault_1.yaml +++ b/queries/aws_backup_vault_1.yaml @@ -1,24 +1,19 @@ +Description: Allows users to query AWS Backup Vaults, providing detailed information + about each backup vault, including its name, ARN, recovery points, and more. ID: aws_backup_vault_1 -Title: "Query AWS Backup Vaults for Detailed Information" -Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_date - from - aws_backup_vault; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n creation_date\nfrom\n aws_backup_vault;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Backup +Title: Query AWS Backup Vaults for Detailed Information diff --git a/queries/aws_backup_vault_2.yaml b/queries/aws_backup_vault_2.yaml index 38b6938c1..b635921ad 100755 --- a/queries/aws_backup_vault_2.yaml +++ b/queries/aws_backup_vault_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Backup Vaults, providing detailed information + about each backup vault, including its name, ARN, recovery points, and more. ID: aws_backup_vault_2 -Title: "List all AWS Backup Vaults with Detailed Information" -Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_date - from - aws_backup_vault - where - creation_date <= (current_date - interval '90' day) - order by - creation_date; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n creation_date\nfrom\n aws_backup_vault\n\ + where\n creation_date <= (current_date - interval '90' day)\norder by\n creation_date;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Backup +Title: List all AWS Backup Vaults with Detailed Information diff --git a/queries/aws_backup_vault_3.yaml b/queries/aws_backup_vault_3.yaml index b3694c9b9..02003e9dc 100755 --- a/queries/aws_backup_vault_3.yaml +++ b/queries/aws_backup_vault_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Backup Vaults, providing detailed information + about each backup vault, including its name, ARN, recovery points, and more. ID: aws_backup_vault_3 -Title: "Find AWS Backup Vaults with Specific Policy Details" -Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name - from - aws_backup_vault, - jsonb_array_elements(policy -> 'Statement') as s - where - s ->> 'Principal' = '*' - and s ->> 'Effect' != 'Deny' - and s ->> 'Action' like '%DeleteBackupVault%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name\nfrom\n aws_backup_vault,\n jsonb_array_elements(policy\ + \ -> 'Statement') as s\nwhere\n s ->> 'Principal' = '*'\n and s ->> 'Effect'\ + \ != 'Deny'\n and s ->> 'Action' like '%DeleteBackupVault%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Backup Vault +Title: Find AWS Backup Vaults with Specific Policy Details diff --git a/queries/aws_backup_vault_4.yaml b/queries/aws_backup_vault_4.yaml index 14f28844d..045e7add2 100755 --- a/queries/aws_backup_vault_4.yaml +++ b/queries/aws_backup_vault_4.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS Backup Vaults, providing detailed information + about each backup vault, including its name, ARN, recovery points, and more. ID: aws_backup_vault_4 -Title: "Find all AWS Backup Vaults with Details" -Description: "Allows users to query AWS Backup Vaults, providing detailed information about each backup vault, including its name, ARN, recovery points, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_backup_vault; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n jsonb_pretty(policy) as policy,\n jsonb_pretty(policy_std)\ + \ as policy_std\nfrom\n aws_backup_vault;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Backup +Title: Find all AWS Backup Vaults with Details diff --git a/queries/aws_cloudcontrol_resource_1.yaml b/queries/aws_cloudcontrol_resource_1.yaml index 2a858c613..53111e3c5 100755 --- a/queries/aws_cloudcontrol_resource_1.yaml +++ b/queries/aws_cloudcontrol_resource_1.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Cloud Control API Resource data, providing + detailed insights into resource properties, types, and statuses. ID: aws_cloudcontrol_resource_1 -Title: "Find AWS Cloud Control API Resource Data for AWS Lambda" -Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identifier, - properties ->> 'Arn' as arn, - properties ->> 'MemorySize' as memory_size, - properties ->> 'Runtime' as runtime, - region - from - aws_cloudcontrol_resource - where - type_name = 'AWS::Lambda::Function'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n identifier,\n properties ->> 'Arn' as arn,\n properties\ + \ ->> 'MemorySize' as memory_size,\n properties ->> 'Runtime' as runtime,\n \ + \ region\nfrom\n aws_cloudcontrol_resource\nwhere\n type_name = 'AWS::Lambda::Function';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cloud Control API +Title: Find AWS Cloud Control API Resource Data for AWS Lambda diff --git a/queries/aws_cloudcontrol_resource_2.yaml b/queries/aws_cloudcontrol_resource_2.yaml index c2531dce6..7e8e68098 100755 --- a/queries/aws_cloudcontrol_resource_2.yaml +++ b/queries/aws_cloudcontrol_resource_2.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Cloud Control API Resource data, providing + detailed insights into resource properties, types, and statuses. ID: aws_cloudcontrol_resource_2 -Title: "Find AWS Cloud Control API Resource Data" -Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identifier, - properties ->> 'AlpnPolicy' as alpn_policy, - properties ->> 'Certificates' as certificates, - properties ->> 'Port' as port, - properties ->> 'Protocol' as protocol, - region, - account_id - from - aws_cloudcontrol_resource - where - type_name = 'AWS::ElasticLoadBalancingV2::Listener' - and resource_model = '{"LoadBalancerArn": "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/app/test-lb/4e695b8755d7003c"}' - and region = 'us-east-1'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n identifier,\n properties ->> 'AlpnPolicy' as alpn_policy,\n\ + \ properties ->> 'Certificates' as certificates,\n properties ->> 'Port' as\ + \ port,\n properties ->> 'Protocol' as protocol,\n region,\n account_id\nfrom\n\ + \ aws_cloudcontrol_resource\nwhere\n type_name = 'AWS::ElasticLoadBalancingV2::Listener'\n\ + \ and resource_model = '{\"LoadBalancerArn\": \"arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/app/test-lb/4e695b8755d7003c\"\ + }'\n and region = 'us-east-1';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Control +Title: Find AWS Cloud Control API Resource Data diff --git a/queries/aws_cloudcontrol_resource_3.yaml b/queries/aws_cloudcontrol_resource_3.yaml index e047de6a2..bbe2e1703 100755 --- a/queries/aws_cloudcontrol_resource_3.yaml +++ b/queries/aws_cloudcontrol_resource_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Cloud Control API Resource data, providing + detailed insights into resource properties, types, and statuses. ID: aws_cloudcontrol_resource_3 -Title: "Find AWS Cloud Control API Resource using SQL" -Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identifier, - properties ->> 'IncludeGlobalServiceEvents' as include_global_service_events, - properties ->> 'IsLogging' as is_logging, - properties ->> 'IsMultiRegionTrail' as is_multi_region_trail, - region - from - aws_cloudcontrol_resource - where - type_name = 'AWS::CloudTrail::Trail' - and identifier = 'my-trail'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n identifier,\n properties ->> 'IncludeGlobalServiceEvents'\ + \ as include_global_service_events,\n properties ->> 'IsLogging' as is_logging,\n\ + \ properties ->> 'IsMultiRegionTrail' as is_multi_region_trail,\n region\nfrom\n\ + \ aws_cloudcontrol_resource\nwhere\n type_name = 'AWS::CloudTrail::Trail'\n\ + \ and identifier = 'my-trail';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Control API Resource +Title: Find AWS Cloud Control API Resource using SQL diff --git a/queries/aws_cloudcontrol_resource_4.yaml b/queries/aws_cloudcontrol_resource_4.yaml index fbeecbfd2..8a7813b35 100755 --- a/queries/aws_cloudcontrol_resource_4.yaml +++ b/queries/aws_cloudcontrol_resource_4.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Cloud Control API Resource data, providing + detailed insights into resource properties, types, and statuses. ID: aws_cloudcontrol_resource_4 -Title: "List all AWS IAM Roles in us-east-1 using SQL" -Description: "Allows users to query AWS Cloud Control API Resource data, providing detailed insights into resource properties, types, and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - properties ->> 'RoleName' as name - from - aws_cloudcontrol_resource - where - type_name = 'AWS::IAM::Role' - and region = 'us-east-1' - order by - name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n properties ->> 'RoleName' as name\nfrom\n aws_cloudcontrol_resource\n\ + where\n type_name = 'AWS::IAM::Role'\n and region = 'us-east-1'\norder by\n\ + \ name;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Control API +Title: List all AWS IAM Roles in us-east-1 using SQL diff --git a/queries/aws_cloudformation_stack_1.yaml b/queries/aws_cloudformation_stack_1.yaml index 3e8043ae5..e0a94b935 100755 --- a/queries/aws_cloudformation_stack_1.yaml +++ b/queries/aws_cloudformation_stack_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS CloudFormation Stack data, including stack + name, status, creation time, and associated tags. ID: aws_cloudformation_stack_1 -Title: "List all AWS CloudFormation Stacks with Details" -Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - status - from - aws_cloudformation_stack; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n status\nfrom\n aws_cloudformation_stack;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation Stack +Title: List all AWS CloudFormation Stacks with Details diff --git a/queries/aws_cloudformation_stack_2.yaml b/queries/aws_cloudformation_stack_2.yaml index ab291d71f..13be9f8ca 100755 --- a/queries/aws_cloudformation_stack_2.yaml +++ b/queries/aws_cloudformation_stack_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS CloudFormation Stack data, including stack + name, status, creation time, and associated tags. ID: aws_cloudformation_stack_2 -Title: "List AWS CloudFormation Stack data and status" -Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - disable_rollback - from - aws_cloudformation_stack - where - disable_rollback; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n disable_rollback\nfrom\n aws_cloudformation_stack\n\ + where\n disable_rollback;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation +Title: List AWS CloudFormation Stack data and status diff --git a/queries/aws_cloudformation_stack_3.yaml b/queries/aws_cloudformation_stack_3.yaml index 22e9e99e3..cc2669961 100755 --- a/queries/aws_cloudformation_stack_3.yaml +++ b/queries/aws_cloudformation_stack_3.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS CloudFormation Stack data, including stack + name, status, creation time, and associated tags. ID: aws_cloudformation_stack_3 -Title: "List AWS CloudFormation Stack Data with SQL" -Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - enable_termination_protection - from - aws_cloudformation_stack - where - not enable_termination_protection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n enable_termination_protection\nfrom\n aws_cloudformation_stack\n\ + where\n not enable_termination_protection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation +Title: List AWS CloudFormation Stack Data with SQL diff --git a/queries/aws_cloudformation_stack_4.yaml b/queries/aws_cloudformation_stack_4.yaml index 47fe43440..85cc0f1d9 100755 --- a/queries/aws_cloudformation_stack_4.yaml +++ b/queries/aws_cloudformation_stack_4.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS CloudFormation Stack data, including stack + name, status, creation time, and associated tags. ID: aws_cloudformation_stack_4 -Title: "Find AWS CloudFormation Stack Data, Status, and Tags" -Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rollback_configuration ->> 'MonitoringTimeInMinutes' as monitoring_time_in_min, - rollback_configuration ->> 'RollbackTriggers' as rollback_triggers - from - aws_cloudformation_stack; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n rollback_configuration ->> 'MonitoringTimeInMinutes'\ + \ as monitoring_time_in_min,\n rollback_configuration ->> 'RollbackTriggers'\ + \ as rollback_triggers\nfrom\n aws_cloudformation_stack;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation +Title: Find AWS CloudFormation Stack Data, Status, and Tags diff --git a/queries/aws_cloudformation_stack_5.yaml b/queries/aws_cloudformation_stack_5.yaml index bdf0b0e7f..4fcce2c4c 100755 --- a/queries/aws_cloudformation_stack_5.yaml +++ b/queries/aws_cloudformation_stack_5.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query AWS CloudFormation Stack data, including stack + name, status, creation time, and associated tags. ID: aws_cloudformation_stack_5 -Title: "List all AWS CloudFormation Stacks and Resource ARNs" -Description: "Allows users to query AWS CloudFormation Stack data, including stack name, status, creation time, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_array_elements_text(notification_arns) as resource_arns - from - aws_cloudformation_stack; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n jsonb_array_elements_text(notification_arns)\ + \ as resource_arns\nfrom\n aws_cloudformation_stack;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation +Title: List all AWS CloudFormation Stacks and Resource ARNs diff --git a/queries/aws_cloudformation_stack_resource_1.yaml b/queries/aws_cloudformation_stack_resource_1.yaml index e5c72d714..113fe75b5 100755 --- a/queries/aws_cloudformation_stack_resource_1.yaml +++ b/queries/aws_cloudformation_stack_resource_1.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS CloudFormation Stack Resources, providing details + about each resource within the stack, including its status, type, and associated + metadata. This table is useful for managing and analyzing AWS CloudFormation resources. ID: aws_cloudformation_stack_resource_1 -Title: "Find AWS CloudFormation Stack Resource Information" -Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_name, - stack_id, - logical_resource_id, - resource_type, - resource_status - from - aws_cloudformation_stack_resource; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stack_name,\n stack_id,\n logical_resource_id,\n resource_type,\n\ + \ resource_status\nfrom\n aws_cloudformation_stack_resource;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation +Title: Find AWS CloudFormation Stack Resource Information diff --git a/queries/aws_cloudformation_stack_resource_2.yaml b/queries/aws_cloudformation_stack_resource_2.yaml index ecef23fcc..f27939752 100755 --- a/queries/aws_cloudformation_stack_resource_2.yaml +++ b/queries/aws_cloudformation_stack_resource_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS CloudFormation Stack Resources, providing details + about each resource within the stack, including its status, type, and associated + metadata. This table is useful for managing and analyzing AWS CloudFormation resources. ID: aws_cloudformation_stack_resource_2 -Title: "Find AWS CloudFormation Stack Resource Details and Status" -Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.name, - s.disable_rollback, - r.logical_resource_id, - r.resource_status - from - aws_cloudformation_stack_resource as r, - aws_cloudformation_stack as s - where - r.stack_id = s.id - and s.disable_rollback; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.name,\n s.disable_rollback,\n r.logical_resource_id,\n\ + \ r.resource_status\nfrom\n aws_cloudformation_stack_resource as r,\n aws_cloudformation_stack\ + \ as s\nwhere\n r.stack_id = s.id\n and s.disable_rollback;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation +Title: Find AWS CloudFormation Stack Resource Details and Status diff --git a/queries/aws_cloudformation_stack_resource_3.yaml b/queries/aws_cloudformation_stack_resource_3.yaml index ad64693f0..2c8d87a5b 100755 --- a/queries/aws_cloudformation_stack_resource_3.yaml +++ b/queries/aws_cloudformation_stack_resource_3.yaml @@ -1,32 +1,25 @@ +Description: Allows users to query AWS CloudFormation Stack Resources, providing details + about each resource within the stack, including its status, type, and associated + metadata. This table is useful for managing and analyzing AWS CloudFormation resources. ID: aws_cloudformation_stack_resource_3 -Title: "List all AWS CloudFormation Stack Resources with Details" -Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.name, - s.enable_termination_protection, - s.disable_rollback, - r.logical_resource_id, - r.resource_status - from - aws_cloudformation_stack_resource as r, - aws_cloudformation_stack as s - where - r.stack_id = s.id - and not enable_termination_protection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.name,\n s.enable_termination_protection,\n s.disable_rollback,\n\ + \ r.logical_resource_id,\n r.resource_status\nfrom\n aws_cloudformation_stack_resource\ + \ as r,\n aws_cloudformation_stack as s\nwhere\n r.stack_id = s.id\n and not\ + \ enable_termination_protection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation +Title: List all AWS CloudFormation Stack Resources with Details diff --git a/queries/aws_cloudformation_stack_resource_4.yaml b/queries/aws_cloudformation_stack_resource_4.yaml index aff7862ae..4be18d9f8 100755 --- a/queries/aws_cloudformation_stack_resource_4.yaml +++ b/queries/aws_cloudformation_stack_resource_4.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS CloudFormation Stack Resources, providing details + about each resource within the stack, including its status, type, and associated + metadata. This table is useful for managing and analyzing AWS CloudFormation resources. ID: aws_cloudformation_stack_resource_4 -Title: "Find AWS CloudFormation Stack Resource Details" -Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_name, - stack_id, - logical_resource_id, - resource_status, - resource_type - from - aws_cloudformation_stack_resource - where - resource_type = 'AWS::EC2::VPC'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stack_name,\n stack_id,\n logical_resource_id,\n resource_status,\n\ + \ resource_type\nfrom\n aws_cloudformation_stack_resource\nwhere\n resource_type\ + \ = 'AWS::EC2::VPC';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation +Title: Find AWS CloudFormation Stack Resource Details diff --git a/queries/aws_cloudformation_stack_resource_5.yaml b/queries/aws_cloudformation_stack_resource_5.yaml index 64f88ef23..5a60be29e 100755 --- a/queries/aws_cloudformation_stack_resource_5.yaml +++ b/queries/aws_cloudformation_stack_resource_5.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS CloudFormation Stack Resources, providing details + about each resource within the stack, including its status, type, and associated + metadata. This table is useful for managing and analyzing AWS CloudFormation resources. ID: aws_cloudformation_stack_resource_5 -Title: "List all AWS CloudFormation Stack Resources’ Details" -Description: "Allows users to query AWS CloudFormation Stack Resources, providing details about each resource within the stack, including its status, type, and associated metadata. This table is useful for managing and analyzing AWS CloudFormation resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_name, - logical_resource_id, - resource_status, - resource_type - from - aws_cloudformation_stack_resource - where - resource_status = 'UPDATE_FAILED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stack_name,\n logical_resource_id,\n resource_status,\n\ + \ resource_type\nfrom\n aws_cloudformation_stack_resource\nwhere\n resource_status\ + \ = 'UPDATE_FAILED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation +Title: "List all AWS CloudFormation Stack Resources\u2019 Details" diff --git a/queries/aws_cloudformation_stack_set_1.yaml b/queries/aws_cloudformation_stack_set_1.yaml index 4c920f3a3..8159d21eb 100755 --- a/queries/aws_cloudformation_stack_set_1.yaml +++ b/queries/aws_cloudformation_stack_set_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS CloudFormation StackSets, providing detailed + information about each StackSet''s configuration, status, and associated AWS resources. ID: aws_cloudformation_stack_set_1 -Title: "List all AWS CloudFormation StackSets configurations" -Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_set_id, - stack_set_name, - status, - arn, - description - from - aws_cloudformation_stack_set; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stack_set_id,\n stack_set_name,\n status,\n arn,\n\ + \ description\nfrom\n aws_cloudformation_stack_set;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation +Title: List all AWS CloudFormation StackSets configurations diff --git a/queries/aws_cloudformation_stack_set_2.yaml b/queries/aws_cloudformation_stack_set_2.yaml index 97bfad0cc..b0fc4aa6d 100755 --- a/queries/aws_cloudformation_stack_set_2.yaml +++ b/queries/aws_cloudformation_stack_set_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS CloudFormation StackSets, providing detailed + information about each StackSet''s configuration, status, and associated AWS resources. ID: aws_cloudformation_stack_set_2 -Title: "List all AWS CloudFormation StackSets and Associated Resources" -Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_set_id, - stack_set_name, - status, - permission_model, - auto_deployment - from - aws_cloudformation_stack_set - where - status = 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stack_set_id,\n stack_set_name,\n status,\n permission_model,\n\ + \ auto_deployment\nfrom\n aws_cloudformation_stack_set\nwhere\n status = 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation +Title: List all AWS CloudFormation StackSets and Associated Resources diff --git a/queries/aws_cloudformation_stack_set_3.yaml b/queries/aws_cloudformation_stack_set_3.yaml index c01ad5a24..8d945b8e3 100755 --- a/queries/aws_cloudformation_stack_set_3.yaml +++ b/queries/aws_cloudformation_stack_set_3.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS CloudFormation StackSets, providing detailed + information about each StackSet''s configuration, status, and associated AWS resources. ID: aws_cloudformation_stack_set_3 -Title: "List all AWS CloudFormation StackSets with Parameters" -Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_set_name, - stack_set_id, - p ->> 'ParameterKey' as parameter_key, - p ->> 'ParameterValue' as parameter_value, - p ->> 'ResolvedValue' as resolved_value, - p ->> 'UsePreviousValue' as use_previous_value - from - aws_cloudformation_stack_set, - jsonb_array_elements(parameters) as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stack_set_name,\n stack_set_id,\n p ->> 'ParameterKey'\ + \ as parameter_key,\n p ->> 'ParameterValue' as parameter_value,\n p ->> 'ResolvedValue'\ + \ as resolved_value,\n p ->> 'UsePreviousValue' as use_previous_value\nfrom\n\ + \ aws_cloudformation_stack_set,\n jsonb_array_elements(parameters) as p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation +Title: List all AWS CloudFormation StackSets with Parameters diff --git a/queries/aws_cloudformation_stack_set_4.yaml b/queries/aws_cloudformation_stack_set_4.yaml index 9b90f5065..a23d42a00 100755 --- a/queries/aws_cloudformation_stack_set_4.yaml +++ b/queries/aws_cloudformation_stack_set_4.yaml @@ -1,31 +1,28 @@ +Description: Allows users to query AWS CloudFormation StackSets, providing detailed + information about each StackSet''s configuration, status, and associated AWS resources. ID: aws_cloudformation_stack_set_4 -Title: "List all detailed AWS CloudFormation StackSets status" -Description: "Allows users to query AWS CloudFormation StackSets, providing detailed information about each StackSet''s configuration, status, and associated AWS resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stack_set_name, - stack_set_id, - stack_set_drift_detection_details ->> 'DriftDetectionStatus' as drift_detection_status, - stack_set_drift_detection_details ->> 'DriftStatus' as drift_status, - stack_set_drift_detection_details ->> 'DriftedStackInstancesCount' as drifted_stack_instances_count, - stack_set_drift_detection_details ->> 'FailedStackInstancesCount' as failed_stack_instances_count, - stack_set_drift_detection_details ->> 'InProgressStackInstancesCount' as in_progress_stack_instances_count, - stack_set_drift_detection_details ->> 'InSyncStackInstancesCount' as in_sync_stack_instances_count, - stack_set_drift_detection_details ->> 'LastDriftCheckTimestamp' as last_drift_check_timestamp, - stack_set_drift_detection_details ->> 'TotalStackInstancesCount' as total_stack_instances_count - from - aws_cloudformation_stack_set; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stack_set_name,\n stack_set_id,\n stack_set_drift_detection_details\ + \ ->> 'DriftDetectionStatus' as drift_detection_status,\n stack_set_drift_detection_details\ + \ ->> 'DriftStatus' as drift_status,\n stack_set_drift_detection_details ->>\ + \ 'DriftedStackInstancesCount' as drifted_stack_instances_count,\n stack_set_drift_detection_details\ + \ ->> 'FailedStackInstancesCount' as failed_stack_instances_count,\n stack_set_drift_detection_details\ + \ ->> 'InProgressStackInstancesCount' as in_progress_stack_instances_count,\n\ + \ stack_set_drift_detection_details ->> 'InSyncStackInstancesCount' as in_sync_stack_instances_count,\n\ + \ stack_set_drift_detection_details ->> 'LastDriftCheckTimestamp' as last_drift_check_timestamp,\n\ + \ stack_set_drift_detection_details ->> 'TotalStackInstancesCount' as total_stack_instances_count\n\ + from\n aws_cloudformation_stack_set;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFormation +Title: List all detailed AWS CloudFormation StackSets status diff --git a/queries/aws_cloudfront_cache_policy_1.yaml b/queries/aws_cloudfront_cache_policy_1.yaml index 7a52a6b30..dae000895 100755 --- a/queries/aws_cloudfront_cache_policy_1.yaml +++ b/queries/aws_cloudfront_cache_policy_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS CloudFront Cache Policies for details about + their configuration, status, and associated metadata. ID: aws_cloudfront_cache_policy_1 -Title: "List AWS CloudFront Cache Policies Details" -Description: "Allows users to query AWS CloudFront Cache Policies for details about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - comment, - min_ttl, - etag, - last_modified_time - from - aws_cloudfront_cache_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n comment,\n min_ttl,\n etag,\n last_modified_time\n\ + from\n aws_cloudfront_cache_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: List AWS CloudFront Cache Policies Details diff --git a/queries/aws_cloudfront_cache_policy_2.yaml b/queries/aws_cloudfront_cache_policy_2.yaml index 079d63285..392a92714 100755 --- a/queries/aws_cloudfront_cache_policy_2.yaml +++ b/queries/aws_cloudfront_cache_policy_2.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS CloudFront Cache Policies for details about + their configuration, status, and associated metadata. ID: aws_cloudfront_cache_policy_2 -Title: "Find AWS CloudFront Cache Policies and Details" -Description: "Allows users to query AWS CloudFront Cache Policies for details about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingGzip' as enable_gzip - from - aws_cloudfront_cache_policy - where - parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingGzip' <> 'true'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n parameters_in_cache_key_and_forwarded_to_origin\ + \ ->> 'EnableAcceptEncodingGzip' as enable_gzip\nfrom\n aws_cloudfront_cache_policy\n\ + where\n parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingGzip'\ + \ <> 'true';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: Find AWS CloudFront Cache Policies and Details diff --git a/queries/aws_cloudfront_cache_policy_3.yaml b/queries/aws_cloudfront_cache_policy_3.yaml index 916733a18..5a782749c 100755 --- a/queries/aws_cloudfront_cache_policy_3.yaml +++ b/queries/aws_cloudfront_cache_policy_3.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS CloudFront Cache Policies for details about + their configuration, status, and associated metadata. ID: aws_cloudfront_cache_policy_3 -Title: "List AWS CloudFront Cache Policies and Their States" -Description: "Allows users to query AWS CloudFront Cache Policies for details about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingBrotli' as enable_brotli - from - aws_cloudfront_cache_policy - where - parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingBrotli' <> 'true'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n parameters_in_cache_key_and_forwarded_to_origin\ + \ ->> 'EnableAcceptEncodingBrotli' as enable_brotli\nfrom\n aws_cloudfront_cache_policy\n\ + where\n parameters_in_cache_key_and_forwarded_to_origin ->> 'EnableAcceptEncodingBrotli'\ + \ <> 'true';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: List AWS CloudFront Cache Policies and Their States diff --git a/queries/aws_cloudfront_distribution_1.yaml b/queries/aws_cloudfront_distribution_1.yaml index e63fa43c6..908e6c921 100755 --- a/queries/aws_cloudfront_distribution_1.yaml +++ b/queries/aws_cloudfront_distribution_1.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS CloudFront Distributions to gain insights into + their configuration, status, and associated metadata. ID: aws_cloudfront_distribution_1 -Title: "List all AWS CloudFront Distributions and Metadata" -Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - status, - domain_name, - enabled, - e_tag, - http_version, - is_ipv6_enabled - from - aws_cloudfront_distribution; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n status,\n domain_name,\n enabled,\n\ + \ e_tag,\n http_version,\n is_ipv6_enabled\nfrom\n aws_cloudfront_distribution;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: List all AWS CloudFront Distributions and Metadata diff --git a/queries/aws_cloudfront_distribution_2.yaml b/queries/aws_cloudfront_distribution_2.yaml index 58b054d0b..1392a2ada 100755 --- a/queries/aws_cloudfront_distribution_2.yaml +++ b/queries/aws_cloudfront_distribution_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS CloudFront Distributions to gain insights into + their configuration, status, and associated metadata. ID: aws_cloudfront_distribution_2 -Title: "Find Disabled AWS CloudFront Distribution Logging" -Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - logging ->> 'Bucket' as bucket, - logging ->> 'Enabled' as logging_enabled, - logging ->> 'IncludeCookies' as include_cookies - from - aws_cloudfront_distribution - where - logging ->> 'Enabled' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n logging ->> 'Bucket' as bucket,\n logging ->>\ + \ 'Enabled' as logging_enabled,\n logging ->> 'IncludeCookies' as include_cookies\n\ + from\n aws_cloudfront_distribution\nwhere\n logging ->> 'Enabled' = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: Find Disabled AWS CloudFront Distribution Logging diff --git a/queries/aws_cloudfront_distribution_3.yaml b/queries/aws_cloudfront_distribution_3.yaml index 9a3c7607e..1544652df 100755 --- a/queries/aws_cloudfront_distribution_3.yaml +++ b/queries/aws_cloudfront_distribution_3.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS CloudFront Distributions to gain insights into + their configuration, status, and associated metadata. ID: aws_cloudfront_distribution_3 -Title: "List all AWS CloudFront Distributions and Their Configurations" -Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - status, - is_ipv6_enabled - from - aws_cloudfront_distribution - where - is_ipv6_enabled = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n status,\n is_ipv6_enabled\nfrom\n aws_cloudfront_distribution\n\ + where\n is_ipv6_enabled = 'false';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: List all AWS CloudFront Distributions and Their Configurations diff --git a/queries/aws_cloudfront_distribution_4.yaml b/queries/aws_cloudfront_distribution_4.yaml index ec0cccc85..4ea302176 100755 --- a/queries/aws_cloudfront_distribution_4.yaml +++ b/queries/aws_cloudfront_distribution_4.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS CloudFront Distributions to gain insights into + their configuration, status, and associated metadata. ID: aws_cloudfront_distribution_4 -Title: "Find details of AWS CloudFront Distributions with SQL" -Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - default_cache_behavior ->> 'FieldLevelEncryptionId' as field_level_encryption_id, - default_cache_behavior ->> 'DefaultTTL' as default_ttl - from - aws_cloudfront_distribution - where - default_cache_behavior ->> 'FieldLevelEncryptionId' <> ''; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n default_cache_behavior ->> 'FieldLevelEncryptionId'\ + \ as field_level_encryption_id,\n default_cache_behavior ->> 'DefaultTTL' as\ + \ default_ttl\nfrom\n aws_cloudfront_distribution\nwhere\n default_cache_behavior\ + \ ->> 'FieldLevelEncryptionId' <> '';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: Find details of AWS CloudFront Distributions with SQL diff --git a/queries/aws_cloudfront_distribution_5.yaml b/queries/aws_cloudfront_distribution_5.yaml index 6960fa94e..316ead2b0 100755 --- a/queries/aws_cloudfront_distribution_5.yaml +++ b/queries/aws_cloudfront_distribution_5.yaml @@ -1,32 +1,26 @@ +Description: Allows users to query AWS CloudFront Distributions to gain insights into + their configuration, status, and associated metadata. ID: aws_cloudfront_distribution_5 -Title: "Query AWS CloudFront Distributions and Insights" -Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - p -> 'CustomOriginConfig' -> 'HTTPPort' as http_port, - p -> 'CustomOriginConfig' -> 'HTTPSPort' as https_port, - p -> 'CustomOriginConfig' -> 'OriginKeepaliveTimeout' as origin_keepalive_timeout, - p -> 'CustomOriginConfig' -> 'OriginProtocolPolicy' as origin_protocol_policy - from - aws_cloudfront_distribution, - jsonb_array_elements(origins) as p - where - p -> 'CustomOriginConfig' ->> 'OriginProtocolPolicy' = 'https-only'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n p -> 'CustomOriginConfig' -> 'HTTPPort'\ + \ as http_port,\n p -> 'CustomOriginConfig' -> 'HTTPSPort' as https_port,\n \ + \ p -> 'CustomOriginConfig' -> 'OriginKeepaliveTimeout' as origin_keepalive_timeout,\n\ + \ p -> 'CustomOriginConfig' -> 'OriginProtocolPolicy' as origin_protocol_policy\n\ + from\n aws_cloudfront_distribution,\n jsonb_array_elements(origins) as p\nwhere\n\ + \ p -> 'CustomOriginConfig' ->> 'OriginProtocolPolicy' = 'https-only';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: Query AWS CloudFront Distributions and Insights diff --git a/queries/aws_cloudfront_distribution_6.yaml b/queries/aws_cloudfront_distribution_6.yaml index b04f88c57..44f0ad276 100755 --- a/queries/aws_cloudfront_distribution_6.yaml +++ b/queries/aws_cloudfront_distribution_6.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS CloudFront Distributions to gain insights into + their configuration, status, and associated metadata. ID: aws_cloudfront_distribution_6 -Title: "Find AWS CloudFront Distributions Configuration & Status" -Description: "Allows users to query AWS CloudFront Distributions to gain insights into their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - p -> 'CustomOriginConfig' -> 'OriginSslProtocols' -> 'Items' as items, - p -> 'CustomOriginConfig' -> 'OriginSslProtocols' -> 'Quantity' as quantity - from - aws_cloudfront_distribution, - jsonb_array_elements(origins) as p - where - p -> 'CustomOriginConfig' -> 'OriginSslProtocols' -> 'Items' ?& array['SSLv3']; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n p -> 'CustomOriginConfig' -> 'OriginSslProtocols'\ + \ -> 'Items' as items,\n p -> 'CustomOriginConfig' -> 'OriginSslProtocols' ->\ + \ 'Quantity' as quantity\nfrom\n aws_cloudfront_distribution,\n jsonb_array_elements(origins)\ + \ as p\nwhere\n p -> 'CustomOriginConfig' -> 'OriginSslProtocols' -> 'Items'\ + \ ?& array['SSLv3'];" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: Find AWS CloudFront Distributions Configuration & Status diff --git a/queries/aws_cloudfront_function_1.yaml b/queries/aws_cloudfront_function_1.yaml index f0275d969..39436be1f 100755 --- a/queries/aws_cloudfront_function_1.yaml +++ b/queries/aws_cloudfront_function_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS CloudFront Functions to retrieve detailed information + about each function, including its ARN, stage, status, and more. ID: aws_cloudfront_function_1 -Title: "List all AWS CloudFront Functions with details" -Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - status, - arn, - e_tag, - function_config - from - aws_cloudfront_function; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n status,\n arn,\n e_tag,\n function_config\n\ + from\n aws_cloudfront_function;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: List all AWS CloudFront Functions with details diff --git a/queries/aws_cloudfront_function_2.yaml b/queries/aws_cloudfront_function_2.yaml index cf3a72b07..c2b0efd6a 100755 --- a/queries/aws_cloudfront_function_2.yaml +++ b/queries/aws_cloudfront_function_2.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS CloudFront Functions to retrieve detailed information + about each function, including its ARN, stage, status, and more. ID: aws_cloudfront_function_2 -Title: "List All AWS CloudFront Functions with Detailed Info" -Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - function_config ->> 'Comment' as comment, - arn, - status, - e_tag - from - aws_cloudfront_function - where - function_metadata ->> 'Stage' = 'LIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n function_config ->> 'Comment' as comment,\n\ + \ arn,\n status,\n e_tag\nfrom\n aws_cloudfront_function\nwhere\n function_metadata\ + \ ->> 'Stage' = 'LIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: List All AWS CloudFront Functions with Detailed Info diff --git a/queries/aws_cloudfront_function_3.yaml b/queries/aws_cloudfront_function_3.yaml index ea27d2c24..e7d5dc287 100755 --- a/queries/aws_cloudfront_function_3.yaml +++ b/queries/aws_cloudfront_function_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS CloudFront Functions to retrieve detailed information + about each function, including its ARN, stage, status, and more. ID: aws_cloudfront_function_3 -Title: "List AWS CloudFront Functions by ARN, Stage, and Status" -Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - function_metadata ->> 'Stage' as stage, - status, - function_metadata ->> 'CreatedTime' as created_time, - function_metadata ->> 'LastModifiedTime' as last_modified_time - from - aws_cloudfront_function - order by - function_metadata ->> 'CreatedTime' DESC; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n function_metadata ->> 'Stage' as stage,\n\ + \ status,\n function_metadata ->> 'CreatedTime' as created_time,\n function_metadata\ + \ ->> 'LastModifiedTime' as last_modified_time\n from\n aws_cloudfront_function\n\ + order by\n function_metadata ->> 'CreatedTime' DESC;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: List AWS CloudFront Functions by ARN, Stage, and Status diff --git a/queries/aws_cloudfront_function_4.yaml b/queries/aws_cloudfront_function_4.yaml index c1ea3b8dc..5cd231360 100755 --- a/queries/aws_cloudfront_function_4.yaml +++ b/queries/aws_cloudfront_function_4.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS CloudFront Functions to retrieve detailed information + about each function, including its ARN, stage, status, and more. ID: aws_cloudfront_function_4 -Title: "List of AWS CloudFront Functions with Detailed Information" -Description: "Allows users to query AWS CloudFront Functions to retrieve detailed information about each function, including its ARN, stage, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - function_metadata ->> 'Stage' as stage, - status, - function_metadata ->> 'LastModifiedTime' as last_modified_time - from - aws_cloudfront_function - where - (function_metadata ->> 'LastModifiedTime')::timestamp >= (now() - interval '1' hour) - order by - function_metadata ->> 'LastModifiedTime' DESC; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n function_metadata ->> 'Stage' as stage,\n\ + \ status,\n function_metadata ->> 'LastModifiedTime' as last_modified_time\n\ + from\n aws_cloudfront_function\nwhere\n (function_metadata ->> 'LastModifiedTime')::timestamp\ + \ >= (now() - interval '1' hour)\norder by\n function_metadata ->> 'LastModifiedTime'\ + \ DESC;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: List of AWS CloudFront Functions with Detailed Information diff --git a/queries/aws_cloudfront_origin_access_identity_1.yaml b/queries/aws_cloudfront_origin_access_identity_1.yaml index 8747be97f..79a004948 100755 --- a/queries/aws_cloudfront_origin_access_identity_1.yaml +++ b/queries/aws_cloudfront_origin_access_identity_1.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS CloudFront Origin Access Identity to fetch + detailed information about each identity, including its ID, S3 canonical user ID, + caller reference, and associated comment. ID: aws_cloudfront_origin_access_identity_1 -Title: "Find AWS CloudFront Origin Access Identities and Details" -Description: "Allows users to query AWS CloudFront Origin Access Identity to fetch detailed information about each identity, including its ID, S3 canonical user ID, caller reference, and associated comment." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - comment, - s3_canonical_user_id, - etag - from - aws_cloudfront_origin_access_identity; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n comment,\n s3_canonical_user_id,\n etag\n\ + from\n aws_cloudfront_origin_access_identity;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: Find AWS CloudFront Origin Access Identities and Details diff --git a/queries/aws_cloudfront_origin_access_identity_2.yaml b/queries/aws_cloudfront_origin_access_identity_2.yaml index fecd78b8a..821c42d9b 100755 --- a/queries/aws_cloudfront_origin_access_identity_2.yaml +++ b/queries/aws_cloudfront_origin_access_identity_2.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS CloudFront Origin Access Identity to fetch + detailed information about each identity, including its ID, S3 canonical user ID, + caller reference, and associated comment. ID: aws_cloudfront_origin_access_identity_2 -Title: "Find all AWS CloudFront Origin Access Identity details" -Description: "Allows users to query AWS CloudFront Origin Access Identity to fetch detailed information about each identity, including its ID, S3 canonical user ID, caller reference, and associated comment." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - comment, - caller_reference - from - aws_cloudfront_origin_access_identity - where - comment <> ''; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n comment,\n caller_reference\nfrom\n \ + \ aws_cloudfront_origin_access_identity\nwhere\n comment <> '';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: Find all AWS CloudFront Origin Access Identity details diff --git a/queries/aws_cloudfront_origin_request_policy_1.yaml b/queries/aws_cloudfront_origin_request_policy_1.yaml index 624d2ce0f..055929eb0 100755 --- a/queries/aws_cloudfront_origin_request_policy_1.yaml +++ b/queries/aws_cloudfront_origin_request_policy_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS CloudFront Origin Request Policies, providing + details about each policy such as ID, name, comment, cookies configuration, headers + configuration, query strings configuration, and more. ID: aws_cloudfront_origin_request_policy_1 -Title: "List all AWS CloudFront Origin Request Policies" -Description: "Allows users to query AWS CloudFront Origin Request Policies, providing details about each policy such as ID, name, comment, cookies configuration, headers configuration, query strings configuration, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - comment, - etag, - last_modified_time - from - aws_cloudfront_origin_request_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n comment,\n etag,\n last_modified_time\n\ + from\n aws_cloudfront_origin_request_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: List all AWS CloudFront Origin Request Policies diff --git a/queries/aws_cloudfront_origin_request_policy_2.yaml b/queries/aws_cloudfront_origin_request_policy_2.yaml index 74ec784ca..05c1c2ca0 100755 --- a/queries/aws_cloudfront_origin_request_policy_2.yaml +++ b/queries/aws_cloudfront_origin_request_policy_2.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS CloudFront Origin Request Policies, providing + details about each policy such as ID, name, comment, cookies configuration, headers + configuration, query strings configuration, and more. ID: aws_cloudfront_origin_request_policy_2 -Title: "List all AWS CloudFront Origin Request Policies" -Description: "Allows users to query AWS CloudFront Origin Request Policies, providing details about each policy such as ID, name, comment, cookies configuration, headers configuration, query strings configuration, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - headers_config ->> 'HeaderBehavior' as header_behavior, - headers_config ->> 'Headers' as headers - from - aws_cloudfront_origin_request_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n headers_config ->> 'HeaderBehavior' as\ + \ header_behavior,\n headers_config ->> 'Headers' as headers\nfrom\n aws_cloudfront_origin_request_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: List all AWS CloudFront Origin Request Policies diff --git a/queries/aws_cloudfront_response_headers_policy_1.yaml b/queries/aws_cloudfront_response_headers_policy_1.yaml index d199d01d8..087f7b2c6 100755 --- a/queries/aws_cloudfront_response_headers_policy_1.yaml +++ b/queries/aws_cloudfront_response_headers_policy_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS CloudFront Response Headers Policies, providing + information about the policy configurations that determine the headers CloudFront + includes in HTTP responses. ID: aws_cloudfront_response_headers_policy_1 -Title: "List all AWS CloudFront Response Headers Policies" -Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - response_headers_policy_config ->> 'Comment' as description, - type, - last_modified_time - from - aws_cloudfront_response_headers_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n response_headers_policy_config ->> 'Comment'\ + \ as description,\n type,\n last_modified_time\nfrom\n aws_cloudfront_response_headers_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: List all AWS CloudFront Response Headers Policies diff --git a/queries/aws_cloudfront_response_headers_policy_2.yaml b/queries/aws_cloudfront_response_headers_policy_2.yaml index e74e285cc..45f5649d9 100755 --- a/queries/aws_cloudfront_response_headers_policy_2.yaml +++ b/queries/aws_cloudfront_response_headers_policy_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS CloudFront Response Headers Policies, providing + information about the policy configurations that determine the headers CloudFront + includes in HTTP responses. ID: aws_cloudfront_response_headers_policy_2 -Title: "Find AWS CloudFront Response Headers Policies" -Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - response_headers_policy_config ->> 'Comment' as description, - type, - last_modified_time - from - aws_cloudfront_response_headers_policy - where - type = 'custom'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n response_headers_policy_config ->> 'Comment'\ + \ as description,\n type,\n last_modified_time\nfrom\n aws_cloudfront_response_headers_policy\n\ + where\n type = 'custom';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: Find AWS CloudFront Response Headers Policies diff --git a/queries/aws_cloudfront_response_headers_policy_3.yaml b/queries/aws_cloudfront_response_headers_policy_3.yaml index 10d2c227d..a59fb69c8 100755 --- a/queries/aws_cloudfront_response_headers_policy_3.yaml +++ b/queries/aws_cloudfront_response_headers_policy_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS CloudFront Response Headers Policies, providing + information about the policy configurations that determine the headers CloudFront + includes in HTTP responses. ID: aws_cloudfront_response_headers_policy_3 -Title: "Find AWS CloudFront Response Headers Policies Info" -Description: "Allows users to query AWS CloudFront Response Headers Policies, providing information about the policy configurations that determine the headers CloudFront includes in HTTP responses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - last_modified_time - from - aws_cloudfront_response_headers_policy - where - last_modified_time >= (now() - interval '1' hour) - order by - last_modified_time DESC; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n last_modified_time\nfrom\n aws_cloudfront_response_headers_policy\n\ + where\n last_modified_time >= (now() - interval '1' hour)\norder by\n last_modified_time\ + \ DESC;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudFront +Title: Find AWS CloudFront Response Headers Policies Info diff --git a/queries/aws_cloudsearch_domain_1.yaml b/queries/aws_cloudsearch_domain_1.yaml index a356c34f2..b0d6cec03 100755 --- a/queries/aws_cloudsearch_domain_1.yaml +++ b/queries/aws_cloudsearch_domain_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS CloudSearch Domain to retrieve detailed information + about each search domain configured within an AWS account. ID: aws_cloudsearch_domain_1 -Title: "List all AWS CloudSearch Domain Details" -Description: "Allows users to query AWS CloudSearch Domain to retrieve detailed information about each search domain configured within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - arn, - created, - search_instance_type, - search_instance_count - from - aws_cloudsearch_domain; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n arn,\n created,\n search_instance_type,\n\ + \ search_instance_count\nfrom\n aws_cloudsearch_domain;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudSearch +Title: List all AWS CloudSearch Domain Details diff --git a/queries/aws_cloudsearch_domain_2.yaml b/queries/aws_cloudsearch_domain_2.yaml index ebd575dae..574f3d274 100755 --- a/queries/aws_cloudsearch_domain_2.yaml +++ b/queries/aws_cloudsearch_domain_2.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS CloudSearch Domain to retrieve detailed information + about each search domain configured within an AWS account. ID: aws_cloudsearch_domain_2 -Title: "List AWS CloudSearch Domains and Their Details" -Description: "Allows users to query AWS CloudSearch Domain to retrieve detailed information about each search domain configured within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - arn, - created, - search_instance_type - from - aws_cloudsearch_domain - where - search_instance_type = 'search.small'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n arn,\n created,\n search_instance_type\n\ + from\n aws_cloudsearch_domain\nwhere\n search_instance_type = 'search.small';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudSearch +Title: List AWS CloudSearch Domains and Their Details diff --git a/queries/aws_cloudsearch_domain_3.yaml b/queries/aws_cloudsearch_domain_3.yaml index 5bb3d0fdf..29781676d 100755 --- a/queries/aws_cloudsearch_domain_3.yaml +++ b/queries/aws_cloudsearch_domain_3.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS CloudSearch Domain to retrieve detailed information + about each search domain configured within an AWS account. ID: aws_cloudsearch_domain_3 -Title: "List All AWS CloudSearch Domains with Detailed Info" -Description: "Allows users to query AWS CloudSearch Domain to retrieve detailed information about each search domain configured within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - search_service ->> 'Endpoint' as search_service_endpoint, - limits ->> 'MaximumPartitionCount' as maximum_partition_count, - limits ->> 'MaximumReplicationCount' as maximum_replication_count - from - aws_cloudsearch_domain; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n search_service ->> 'Endpoint'\ + \ as search_service_endpoint,\n limits ->> 'MaximumPartitionCount' as maximum_partition_count,\n\ + \ limits ->> 'MaximumReplicationCount' as maximum_replication_count\nfrom\n \ + \ aws_cloudsearch_domain;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudSearch +Title: List All AWS CloudSearch Domains with Detailed Info diff --git a/queries/aws_cloudtrail_channel_1.yaml b/queries/aws_cloudtrail_channel_1.yaml index 883d851eb..5602ff64a 100755 --- a/queries/aws_cloudtrail_channel_1.yaml +++ b/queries/aws_cloudtrail_channel_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS CloudTrail Channel data, including trail configurations, + status, and associated metadata. ID: aws_cloudtrail_channel_1 -Title: "Find AWS CloudTrail Channel Configurations with SQL" -Description: "Allows users to query AWS CloudTrail Channel data, including trail configurations, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - source, - apply_to_all_regions - from - aws_cloudtrail_channel; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n source,\n apply_to_all_regions\nfrom\n\ + \ aws_cloudtrail_channel;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find AWS CloudTrail Channel Configurations with SQL diff --git a/queries/aws_cloudtrail_channel_2.yaml b/queries/aws_cloudtrail_channel_2.yaml index 5ae063788..742d988b7 100755 --- a/queries/aws_cloudtrail_channel_2.yaml +++ b/queries/aws_cloudtrail_channel_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS CloudTrail Channel data, including trail configurations, + status, and associated metadata. ID: aws_cloudtrail_channel_2 -Title: "List all AWS CloudTrail Channel data and configurations" -Description: "Allows users to query AWS CloudTrail Channel data, including trail configurations, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - source, - apply_to_all_regions, - advanced_event_selectors - from - aws_cloudtrail_channel - where - not apply_to_all_regions; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n source,\n apply_to_all_regions,\n \ + \ advanced_event_selectors\nfrom\n aws_cloudtrail_channel\nwhere\n not apply_to_all_regions;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List all AWS CloudTrail Channel data and configurations diff --git a/queries/aws_cloudtrail_channel_3.yaml b/queries/aws_cloudtrail_channel_3.yaml index f3005ba2c..19c87e5d3 100755 --- a/queries/aws_cloudtrail_channel_3.yaml +++ b/queries/aws_cloudtrail_channel_3.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS CloudTrail Channel data, including trail configurations, + status, and associated metadata. ID: aws_cloudtrail_channel_3 -Title: "List all AWS CloudTrail Channel Data and Metadata" -Description: "Allows users to query AWS CloudTrail Channel data, including trail configurations, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - a ->> 'Name' as advanced_event_selector_name, - a ->> 'FieldSelectors' as field_selectors - from - aws_cloudtrail_channel, - jsonb_array_elements(advanced_event_selectors) as a; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n a ->> 'Name' as advanced_event_selector_name,\n\ + \ a ->> 'FieldSelectors' as field_selectors\nfrom\n aws_cloudtrail_channel,\n\ + \ jsonb_array_elements(advanced_event_selectors) as a;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List all AWS CloudTrail Channel Data and Metadata diff --git a/queries/aws_cloudtrail_event_data_store_1.yaml b/queries/aws_cloudtrail_event_data_store_1.yaml index f87e6ea50..04a817684 100755 --- a/queries/aws_cloudtrail_event_data_store_1.yaml +++ b/queries/aws_cloudtrail_event_data_store_1.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS CloudTrail Event Data, providing information + about API activity in AWS accounts. This includes details about API calls, logins, + and other events captured by AWS CloudTrail. ID: aws_cloudtrail_event_data_store_1 -Title: "List all AWS CloudTrail Event Data" -Description: "Allows users to query AWS CloudTrail Event Data, providing information about API activity in AWS accounts. This includes details about API calls, logins, and other events captured by AWS CloudTrail." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - created_timestamp, - multi_region_enabled, - organization_enabled, - termination_protection_enabled - from - aws_cloudtrail_event_data_store; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n status,\n created_timestamp,\n multi_region_enabled,\n\ + \ organization_enabled,\n termination_protection_enabled\nfrom\n aws_cloudtrail_event_data_store;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List all AWS CloudTrail Event Data diff --git a/queries/aws_cloudtrail_event_data_store_2.yaml b/queries/aws_cloudtrail_event_data_store_2.yaml index 35170bb7a..4f29e1ea8 100755 --- a/queries/aws_cloudtrail_event_data_store_2.yaml +++ b/queries/aws_cloudtrail_event_data_store_2.yaml @@ -1,34 +1,26 @@ +Description: Allows users to query AWS CloudTrail Event Data, providing information + about API activity in AWS accounts. This includes details about API calls, logins, + and other events captured by AWS CloudTrail. ID: aws_cloudtrail_event_data_store_2 -Title: "List API Activity in AWS Accounts with CloudTrail Data" -Description: "Allows users to query AWS CloudTrail Event Data, providing information about API activity in AWS accounts. This includes details about API calls, logins, and other events captured by AWS CloudTrail." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - created_timestamp, - multi_region_enabled, - organization_enabled, - termination_protection_enabled - from - aws_cloudtrail_event_data_store - where - status <> 'ENABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n status,\n created_timestamp,\n multi_region_enabled,\n\ + \ organization_enabled,\n termination_protection_enabled\nfrom\n aws_cloudtrail_event_data_store\n\ + where\n status <> 'ENABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List API Activity in AWS Accounts with CloudTrail Data diff --git a/queries/aws_cloudtrail_event_data_store_3.yaml b/queries/aws_cloudtrail_event_data_store_3.yaml index ac1d096ec..9add7b0c7 100755 --- a/queries/aws_cloudtrail_event_data_store_3.yaml +++ b/queries/aws_cloudtrail_event_data_store_3.yaml @@ -1,34 +1,26 @@ +Description: Allows users to query AWS CloudTrail Event Data, providing information + about API activity in AWS accounts. This includes details about API calls, logins, + and other events captured by AWS CloudTrail. ID: aws_cloudtrail_event_data_store_3 -Title: "List all AWS CloudTrail Event Data and API Activity" -Description: "Allows users to query AWS CloudTrail Event Data, providing information about API activity in AWS accounts. This includes details about API calls, logins, and other events captured by AWS CloudTrail." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - created_timestamp, - multi_region_enabled, - organization_enabled, - termination_protection_enabled - from - aws_cloudtrail_event_data_store - where - not termination_protection_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n status,\n created_timestamp,\n multi_region_enabled,\n\ + \ organization_enabled,\n termination_protection_enabled\nfrom\n aws_cloudtrail_event_data_store\n\ + where\n not termination_protection_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List all AWS CloudTrail Event Data and API Activity diff --git a/queries/aws_cloudtrail_import_1.yaml b/queries/aws_cloudtrail_import_1.yaml index a7e03dfc3..4c4e4d624 100755 --- a/queries/aws_cloudtrail_import_1.yaml +++ b/queries/aws_cloudtrail_import_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS CloudTrail imports to extract data about imported + trail files such as the file name, import time, hash value, and more. ID: aws_cloudtrail_import_1 -Title: "Find all imported trail files from AWS CloudTrail" -Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - import_id, - created_timestamp, - import_status, - destinations - from - aws_cloudtrail_import; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n import_id,\n created_timestamp,\n import_status,\n\ + \ destinations\nfrom\n aws_cloudtrail_import;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find all imported trail files from AWS CloudTrail diff --git a/queries/aws_cloudtrail_import_2.yaml b/queries/aws_cloudtrail_import_2.yaml index dc49431ed..44ccb9420 100755 --- a/queries/aws_cloudtrail_import_2.yaml +++ b/queries/aws_cloudtrail_import_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS CloudTrail imports to extract data about imported + trail files such as the file name, import time, hash value, and more. ID: aws_cloudtrail_import_2 -Title: "List AWS CloudTrail Imports and Their Details" -Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - import_id, - created_timestamp, - import_source - from - aws_cloudtrail_import - where - import_status <> 'COMPLETED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n import_id,\n created_timestamp,\n import_source\nfrom\n\ + \ aws_cloudtrail_import\nwhere\n import_status <> 'COMPLETED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List AWS CloudTrail Imports and Their Details diff --git a/queries/aws_cloudtrail_import_3.yaml b/queries/aws_cloudtrail_import_3.yaml index 9d04e2f75..a2483ce62 100755 --- a/queries/aws_cloudtrail_import_3.yaml +++ b/queries/aws_cloudtrail_import_3.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS CloudTrail imports to extract data about imported + trail files such as the file name, import time, hash value, and more. ID: aws_cloudtrail_import_3 -Title: "List all AWS CloudTrail Import Details" -Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - import_id, - created_timestamp, - import_status, - start_event_time, - end_event_time - from - aws_cloudtrail_import - where - created_timestamp >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n import_id,\n created_timestamp,\n import_status,\n\ + \ start_event_time,\n end_event_time\nfrom\n aws_cloudtrail_import\nwhere\n\ + \ created_timestamp >= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List all AWS CloudTrail Import Details diff --git a/queries/aws_cloudtrail_import_4.yaml b/queries/aws_cloudtrail_import_4.yaml index 499b330ab..a09fb475a 100755 --- a/queries/aws_cloudtrail_import_4.yaml +++ b/queries/aws_cloudtrail_import_4.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS CloudTrail imports to extract data about imported + trail files such as the file name, import time, hash value, and more. ID: aws_cloudtrail_import_4 -Title: "Find all AWS CloudTrail import details using SQL" -Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - import_id, - import_status, - import_source ->> 'S3BucketAccessRoleArn' as s3_bucket_access_role_arn, - import_source ->> 'S3BucketRegion' as s3_bucket_region, - import_source ->> 'S3LocationUri' as s3_location_uri - from - aws_cloudtrail_import; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n import_id,\n import_status,\n import_source ->> 'S3BucketAccessRoleArn'\ + \ as s3_bucket_access_role_arn,\n import_source ->> 'S3BucketRegion' as s3_bucket_region,\n\ + \ import_source ->> 'S3LocationUri' as s3_location_uri\nfrom\n aws_cloudtrail_import;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find all AWS CloudTrail import details using SQL diff --git a/queries/aws_cloudtrail_import_5.yaml b/queries/aws_cloudtrail_import_5.yaml index 3bc7cf4bb..8f92ce6ef 100755 --- a/queries/aws_cloudtrail_import_5.yaml +++ b/queries/aws_cloudtrail_import_5.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS CloudTrail imports to extract data about imported + trail files such as the file name, import time, hash value, and more. ID: aws_cloudtrail_import_5 -Title: "List all AWS CloudTrail import details" -Description: "Allows users to query AWS CloudTrail imports to extract data about imported trail files such as the file name, import time, hash value, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - import_id, - import_status, - import_statistics -> 'EventsCompleted' as events_completed, - import_statistics -> 'FailedEntries' as failed_entries, - import_statistics -> 'FilesCompleted' as files_completed, - import_statistics -> 'FilesCompleted' as prefixes_completed, - import_statistics -> 'PrefixesFound' as PrefixesFound - from - aws_cloudtrail_import; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n import_id,\n import_status,\n import_statistics ->\ + \ 'EventsCompleted' as events_completed,\n import_statistics -> 'FailedEntries'\ + \ as failed_entries,\n import_statistics -> 'FilesCompleted' as files_completed,\n\ + \ import_statistics -> 'FilesCompleted' as prefixes_completed,\n import_statistics\ + \ -> 'PrefixesFound' as PrefixesFound\nfrom\n aws_cloudtrail_import;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List all AWS CloudTrail import details diff --git a/queries/aws_cloudtrail_lookup_event_1.yaml b/queries/aws_cloudtrail_lookup_event_1.yaml index 816b8c7d8..57032ccf2 100755 --- a/queries/aws_cloudtrail_lookup_event_1.yaml +++ b/queries/aws_cloudtrail_lookup_event_1.yaml @@ -1,33 +1,26 @@ +Description: Allows users to query AWS CloudTrail Lookup Events, providing information + about each trail event within AWS CloudTrail. The table can be used to retrieve + details such as the event time, event name, resources involved, and much more. ID: aws_cloudtrail_lookup_event_1 -Title: "Find AWS CloudTrail Lookup Events with SQL" -Description: "Allows users to query AWS CloudTrail Lookup Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - username, - jsonb_pretty(cloud_trail_event) as cloud_trail_event - from - aws_cloudtrail_lookup_event - where - start_time = now() - interval '5 minutes' - and end_time = now(); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n event_name,\n event_source,\n event_time,\n username,\n\ + \ jsonb_pretty(cloud_trail_event) as cloud_trail_event\nfrom\n aws_cloudtrail_lookup_event\n\ + where\n start_time = now() - interval '5 minutes'\n and end_time = now();" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find AWS CloudTrail Lookup Events with SQL diff --git a/queries/aws_cloudtrail_lookup_event_2.yaml b/queries/aws_cloudtrail_lookup_event_2.yaml index d4afce7d7..aec936300 100755 --- a/queries/aws_cloudtrail_lookup_event_2.yaml +++ b/queries/aws_cloudtrail_lookup_event_2.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS CloudTrail Lookup Events, providing information + about each trail event within AWS CloudTrail. The table can be used to retrieve + details such as the event time, event name, resources involved, and much more. ID: aws_cloudtrail_lookup_event_2 -Title: "Find AWS CloudTrail Lookup Events for Specific Trail Events" -Description: "Allows users to query AWS CloudTrail Lookup Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - username, - jsonb_pretty(cloud_trail_event) as cloud_trail_event - from - aws_cloudtrail_lookup_event - where - start_time = now() - and end_time = now() - interval '1 hour' - and read_only = 'true' - order by - event_time asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n event_name,\n event_source,\n event_time,\n username,\n\ + \ jsonb_pretty(cloud_trail_event) as cloud_trail_event\nfrom\n aws_cloudtrail_lookup_event\n\ + where\n start_time = now()\n and end_time = now() - interval '1 hour'\n and\ + \ read_only = 'true'\norder by\n event_time asc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find AWS CloudTrail Lookup Events for Specific Trail Events diff --git a/queries/aws_cloudtrail_lookup_event_3.yaml b/queries/aws_cloudtrail_lookup_event_3.yaml index 0c1de03d9..8e22e288a 100755 --- a/queries/aws_cloudtrail_lookup_event_3.yaml +++ b/queries/aws_cloudtrail_lookup_event_3.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS CloudTrail Lookup Events, providing information + about each trail event within AWS CloudTrail. The table can be used to retrieve + details such as the event time, event name, resources involved, and much more. ID: aws_cloudtrail_lookup_event_3 -Title: "Find AWS CloudTrail Events with IAM Source" -Description: "Allows users to query AWS CloudTrail Lookup Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - jsonb_pretty(cloud_trail_event) as cloud_trail_event - from - aws_cloudtrail_lookup_event - where - and event_source = 'iam.amazonaws.com' - and event_time >= now() - interval '1 hour'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n event_name,\n event_source,\n event_time,\n jsonb_pretty(cloud_trail_event)\ + \ as cloud_trail_event\nfrom\n aws_cloudtrail_lookup_event\nwhere\n and event_source\ + \ = 'iam.amazonaws.com'\n and event_time >= now() - interval '1 hour';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find AWS CloudTrail Events with IAM Source diff --git a/queries/aws_cloudtrail_query_1.yaml b/queries/aws_cloudtrail_query_1.yaml index 43a7bfa56..d9213c373 100755 --- a/queries/aws_cloudtrail_query_1.yaml +++ b/queries/aws_cloudtrail_query_1.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS CloudTrail events for a detailed view of account + activity, including actions taken through the AWS Management Console, AWS SDKs, + command line tools, and other AWS services. ID: aws_cloudtrail_query_1 -Title: "Find AWS CloudTrail events for account activity" -Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - query_id, - event_data_store_arn, - query_status, - query_status, - creation_time, - events_matched, - events_scanned - from - aws_cloudtrail_query; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n query_id,\n event_data_store_arn,\n query_status,\n\ + \ query_status,\n creation_time,\n events_matched,\n events_scanned\nfrom\n\ + \ aws_cloudtrail_query;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find AWS CloudTrail events for account activity diff --git a/queries/aws_cloudtrail_query_2.yaml b/queries/aws_cloudtrail_query_2.yaml index 5d03dd436..9735ead80 100755 --- a/queries/aws_cloudtrail_query_2.yaml +++ b/queries/aws_cloudtrail_query_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS CloudTrail events for a detailed view of account + activity, including actions taken through the AWS Management Console, AWS SDKs, + command line tools, and other AWS services. ID: aws_cloudtrail_query_2 -Title: "Find failed AWS CloudTrail queries using SQL" -Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - query_id, - event_data_store_arn, - query_status, - creation_time, - query_string, - execution_time_in_millis - from - aws_cloudtrail_query - where - query_status = 'FAILED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n query_id,\n event_data_store_arn,\n query_status,\n\ + \ creation_time,\n query_string,\n execution_time_in_millis\nfrom\n aws_cloudtrail_query\n\ + where\n query_status = 'FAILED';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find failed AWS CloudTrail queries using SQL diff --git a/queries/aws_cloudtrail_query_3.yaml b/queries/aws_cloudtrail_query_3.yaml index b7d9d4c4f..e1ad93668 100755 --- a/queries/aws_cloudtrail_query_3.yaml +++ b/queries/aws_cloudtrail_query_3.yaml @@ -1,35 +1,29 @@ +Description: Allows users to query AWS CloudTrail events for a detailed view of account + activity, including actions taken through the AWS Management Console, AWS SDKs, + command line tools, and other AWS services. ID: aws_cloudtrail_query_3 -Title: "Find all AWS CloudTrail events account activity" -Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - q.query_id as query_id, - q.event_data_store_arn as event_data_store_arn, - s.name as event_data_store_name, - s.status as event_data_store_status, - s.multi_region_enabled as multi_region_enabled, - s.termination_protection_enabled as termination_protection_enabled, - s.updated_timestamp as event_data_store_updated_timestamp - from - aws_cloudtrail_query as q, - aws_cloudtrail_event_data_store as s - where - s.arn = q.event_data_store_arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n q.query_id as query_id,\n q.event_data_store_arn as\ + \ event_data_store_arn,\n s.name as event_data_store_name,\n s.status as event_data_store_status,\n\ + \ s.multi_region_enabled as multi_region_enabled,\n s.termination_protection_enabled\ + \ as termination_protection_enabled,\n s.updated_timestamp as event_data_store_updated_timestamp\n\ + from\n aws_cloudtrail_query as q,\n aws_cloudtrail_event_data_store as s\nwhere\n\ + \ s.arn = q.event_data_store_arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find all AWS CloudTrail events account activity diff --git a/queries/aws_cloudtrail_query_4.yaml b/queries/aws_cloudtrail_query_4.yaml index 8de0184ff..ea7a731a7 100755 --- a/queries/aws_cloudtrail_query_4.yaml +++ b/queries/aws_cloudtrail_query_4.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS CloudTrail events for a detailed view of account + activity, including actions taken through the AWS Management Console, AWS SDKs, + command line tools, and other AWS services. ID: aws_cloudtrail_query_4 -Title: "Find all AWS CloudTrail events for account activities" -Description: "Allows users to query AWS CloudTrail events for a detailed view of account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - query_id, - event_data_store_arn, - query_status, - creation_time, - query_string, - execution_time_in_millis - from - aws_cloudtrail_query - where - creation_time <= now() - interval '3' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n query_id,\n event_data_store_arn,\n query_status,\n\ + \ creation_time,\n query_string,\n execution_time_in_millis\nfrom\n aws_cloudtrail_query\n\ + where\n creation_time <= now() - interval '3' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find all AWS CloudTrail events for account activities diff --git a/queries/aws_cloudtrail_trail_1.yaml b/queries/aws_cloudtrail_trail_1.yaml index 3c6f97a20..e660498f9 100755 --- a/queries/aws_cloudtrail_trail_1.yaml +++ b/queries/aws_cloudtrail_trail_1.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS CloudTrail Trails for information about the + AWS CloudTrail service''s trail records. This includes trail configuration details, + status, and associated metadata. ID: aws_cloudtrail_trail_1 -Title: "List all AWS CloudTrail Trail Records" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - home_region, - is_multi_region_trail - from - aws_cloudtrail_trail - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n home_region,\n is_multi_region_trail\nfrom\n\ + \ aws_cloudtrail_trail" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List all AWS CloudTrail Trail Records diff --git a/queries/aws_cloudtrail_trail_2.yaml b/queries/aws_cloudtrail_trail_2.yaml index 4dcca66b0..73a451859 100755 --- a/queries/aws_cloudtrail_trail_2.yaml +++ b/queries/aws_cloudtrail_trail_2.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS CloudTrail Trails for information about the + AWS CloudTrail service''s trail records. This includes trail configuration details, + status, and associated metadata. ID: aws_cloudtrail_trail_2 -Title: "List all AWS CloudTrail Trails with Trail Records" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - kms_key_id - from - aws_cloudtrail_trail - where - kms_key_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n kms_key_id\nfrom\n aws_cloudtrail_trail\nwhere\n\ + \ kms_key_id is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List all AWS CloudTrail Trails with Trail Records diff --git a/queries/aws_cloudtrail_trail_3.yaml b/queries/aws_cloudtrail_trail_3.yaml index 7ae79c0ad..35966ed27 100755 --- a/queries/aws_cloudtrail_trail_3.yaml +++ b/queries/aws_cloudtrail_trail_3.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query AWS CloudTrail Trails for information about the + AWS CloudTrail service''s trail records. This includes trail configuration details, + status, and associated metadata. ID: aws_cloudtrail_trail_3 -Title: "Find AWS CloudTrail Trail and Public S3 Bucket Info" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - trail.name as trail_name, - bucket.name as bucket_name, - bucket.bucket_policy_is_public as is_publicly_accessible - from - aws_cloudtrail_trail as trail - join aws_s3_bucket as bucket on trail.s3_bucket_name = bucket.name - where - bucket.bucket_policy_is_public; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n trail.name as trail_name,\n bucket.name as bucket_name,\n\ + \ bucket.bucket_policy_is_public as is_publicly_accessible\nfrom\n aws_cloudtrail_trail\ + \ as trail\n join aws_s3_bucket as bucket on trail.s3_bucket_name = bucket.name\n\ + where\n bucket.bucket_policy_is_public;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find AWS CloudTrail Trail and Public S3 Bucket Info diff --git a/queries/aws_cloudtrail_trail_4.yaml b/queries/aws_cloudtrail_trail_4.yaml index 8b43ee668..dec72ee3d 100755 --- a/queries/aws_cloudtrail_trail_4.yaml +++ b/queries/aws_cloudtrail_trail_4.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS CloudTrail Trails for information about the + AWS CloudTrail service''s trail records. This includes trail configuration details, + status, and associated metadata. ID: aws_cloudtrail_trail_4 -Title: "List all AWS CloudTrail Trails with Bucket Details" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - trail.name as trail_name, - bucket.name as bucket_name, - logging - from - aws_cloudtrail_trail as trail - join aws_s3_bucket as bucket on trail.s3_bucket_name = bucket.name - where - not versioning_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n trail.name as trail_name,\n bucket.name as bucket_name,\n\ + \ logging\nfrom\n aws_cloudtrail_trail as trail\n join aws_s3_bucket as bucket\ + \ on trail.s3_bucket_name = bucket.name\nwhere\n not versioning_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS CloudTrail +Title: List all AWS CloudTrail Trails with Bucket Details diff --git a/queries/aws_cloudtrail_trail_5.yaml b/queries/aws_cloudtrail_trail_5.yaml index 2fd3b8fa8..c176118f5 100755 --- a/queries/aws_cloudtrail_trail_5.yaml +++ b/queries/aws_cloudtrail_trail_5.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS CloudTrail Trails for information about the + AWS CloudTrail service''s trail records. This includes trail configuration details, + status, and associated metadata. ID: aws_cloudtrail_trail_5 -Title: "List all AWS CloudTrail Trails configuration and metadata" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - is_logging - from - aws_cloudtrail_trail - where - not is_logging; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n is_logging\nfrom\n aws_cloudtrail_trail\nwhere\n\ + \ not is_logging;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List all AWS CloudTrail Trails configuration and metadata diff --git a/queries/aws_cloudtrail_trail_6.yaml b/queries/aws_cloudtrail_trail_6.yaml index 7c425a600..4da1b8a45 100755 --- a/queries/aws_cloudtrail_trail_6.yaml +++ b/queries/aws_cloudtrail_trail_6.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS CloudTrail Trails for information about the + AWS CloudTrail service''s trail records. This includes trail configuration details, + status, and associated metadata. ID: aws_cloudtrail_trail_6 -Title: "List all AWS CloudTrail Trails and their Status" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - log_file_validation_enabled - from - aws_cloudtrail_trail - where - not log_file_validation_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n log_file_validation_enabled\nfrom\n\ + \ aws_cloudtrail_trail\nwhere\n not log_file_validation_enabled;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List all AWS CloudTrail Trails and their Status diff --git a/queries/aws_cloudtrail_trail_7.yaml b/queries/aws_cloudtrail_trail_7.yaml index d5891364f..4e78d7792 100755 --- a/queries/aws_cloudtrail_trail_7.yaml +++ b/queries/aws_cloudtrail_trail_7.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS CloudTrail Trails for information about the + AWS CloudTrail service''s trail records. This includes trail configuration details, + status, and associated metadata. ID: aws_cloudtrail_trail_7 -Title: "List AWS CloudTrail Trails with Multi-Region Configuration" -Description: "Allows users to query AWS CloudTrail Trails for information about the AWS CloudTrail service''s trail records. This includes trail configuration details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - region, - home_region - from - aws_cloudtrail_trail - where - is_multi_region_trail - and home_region <> region; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n region,\n home_region\nfrom\n aws_cloudtrail_trail\n\ + where\n is_multi_region_trail\n and home_region <> region;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List AWS CloudTrail Trails with Multi-Region Configuration diff --git a/queries/aws_cloudtrail_trail_event_1.yaml b/queries/aws_cloudtrail_trail_event_1.yaml index be7c460bf..37f6480d8 100755 --- a/queries/aws_cloudtrail_trail_event_1.yaml +++ b/queries/aws_cloudtrail_trail_event_1.yaml @@ -1,35 +1,27 @@ +Description: Allows users to query AWS CloudTrail Events, providing information about + each trail event within AWS CloudTrail. The table can be used to retrieve details + such as the event time, event name, resources involved, and much more. ID: aws_cloudtrail_trail_event_1 -Title: "Find AWS CloudTrail Events with Details in Table Format" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - username, - user_identifier, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and timestamp >= now() - interval '5 minutes'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n event_name,\n event_source,\n event_time,\n user_type,\n\ + \ username,\n user_identifier,\n jsonb_pretty(response_elements) as response_elements\n\ + from\n aws_cloudtrail_trail_event\nwhere\n log_group_name = 'aws-cloudtrail-log-group-name'\n\ + \ and timestamp >= now() - interval '5 minutes';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find AWS CloudTrail Events with Details in Table Format diff --git a/queries/aws_cloudtrail_trail_event_2.yaml b/queries/aws_cloudtrail_trail_event_2.yaml index 1ab82cac0..f9939fd66 100755 --- a/queries/aws_cloudtrail_trail_event_2.yaml +++ b/queries/aws_cloudtrail_trail_event_2.yaml @@ -1,35 +1,26 @@ +Description: Allows users to query AWS CloudTrail Events, providing information about + each trail event within AWS CloudTrail. The table can be used to retrieve details + such as the event time, event name, resources involved, and much more. ID: aws_cloudtrail_trail_event_2 -Title: "Find CloudTrail Events in AWS with Event Details" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - username, - user_identifier, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and timestamp between (now() - interval '10 minutes') and (now() - interval '5 minutes') - order by - event_time asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n event_name,\n event_source,\n event_time,\n user_type,\n\ + \ username,\n user_identifier,\n jsonb_pretty(response_elements) as response_elements\n\ + from\n aws_cloudtrail_trail_event\nwhere\n log_group_name = 'aws-cloudtrail-log-group-name'\n\ + \ and timestamp between (now() - interval '10 minutes') and (now() - interval\ + \ '5 minutes')\norder by\n event_time asc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find CloudTrail Events in AWS with Event Details diff --git a/queries/aws_cloudtrail_trail_event_3.yaml b/queries/aws_cloudtrail_trail_event_3.yaml index 410f1374d..c1c4b4461 100755 --- a/queries/aws_cloudtrail_trail_event_3.yaml +++ b/queries/aws_cloudtrail_trail_event_3.yaml @@ -1,38 +1,28 @@ +Description: Allows users to query AWS CloudTrail Events, providing information about + each trail event within AWS CloudTrail. The table can be used to retrieve details + such as the event time, event name, resources involved, and much more. ID: aws_cloudtrail_trail_event_3 -Title: "Query AWS CloudTrail Events within AWS CloudTrail" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - username, - user_identifier, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and not read_only - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n event_name,\n event_source,\n event_time,\n user_type,\n\ + \ username,\n user_identifier,\n jsonb_pretty(response_elements) as response_elements\n\ + from\n aws_cloudtrail_trail_event\nwhere\n log_group_name = 'aws-cloudtrail-log-group-name'\n\ + \ and not read_only\n and timestamp >= now() - interval '1 hour'\norder by\n\ + \ event_time asc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Query AWS CloudTrail Events within AWS CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_4.yaml b/queries/aws_cloudtrail_trail_event_4.yaml index b3c06c13f..1df5cd6b8 100755 --- a/queries/aws_cloudtrail_trail_event_4.yaml +++ b/queries/aws_cloudtrail_trail_event_4.yaml @@ -1,36 +1,27 @@ +Description: Allows users to query AWS CloudTrail Events, providing information about + each trail event within AWS CloudTrail. The table can be used to retrieve details + such as the event time, event name, resources involved, and much more. ID: aws_cloudtrail_trail_event_4 -Title: "Find AWS CloudTrail Events with Detailed Information" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - user_identifier, - jsonb_pretty(request_parameters) as request_parameters, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and event_source = 'iam.amazonaws.com' - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n event_name,\n event_source,\n event_time,\n user_type,\n\ + \ user_identifier,\n jsonb_pretty(request_parameters) as request_parameters,\n\ + \ jsonb_pretty(response_elements) as response_elements\nfrom\n aws_cloudtrail_trail_event\n\ + where\n log_group_name = 'aws-cloudtrail-log-group-name'\n and event_source\ + \ = 'iam.amazonaws.com'\n and timestamp >= now() - interval '1 hour'\norder by\n\ + \ event_time asc;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find AWS CloudTrail Events with Detailed Information diff --git a/queries/aws_cloudtrail_trail_event_5.yaml b/queries/aws_cloudtrail_trail_event_5.yaml index 2c571de30..d3822fa55 100755 --- a/queries/aws_cloudtrail_trail_event_5.yaml +++ b/queries/aws_cloudtrail_trail_event_5.yaml @@ -1,35 +1,24 @@ +Description: Allows users to query AWS CloudTrail Events, providing information about + each trail event within AWS CloudTrail. The table can be used to retrieve details + such as the event time, event name, resources involved, and much more. ID: aws_cloudtrail_trail_event_5 -Title: "Find AWS CloudTrail Events with Detailed Information" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - username, - user_identifier, - jsonb_pretty(request_parameters) as request_parameters, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and username = 'steampipe' - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n event_name,\n event_source,\n event_time,\n user_type,\n\ + \ username,\n user_identifier,\n jsonb_pretty(request_parameters) as request_parameters,\n\ + \ jsonb_pretty(response_elements) as response_elements\nfrom\n aws_cloudtrail_trail_event\n\ + where\n log_group_name = 'aws-cloudtrail-log-group-name'\n and username = 'steampipe'\n\ + \ and timestamp >= now() - interval '1 hour'\norder by\n event_time asc;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find AWS CloudTrail Events with Detailed Information diff --git a/queries/aws_cloudtrail_trail_event_6.yaml b/queries/aws_cloudtrail_trail_event_6.yaml index 5af0db971..60cfd14fd 100755 --- a/queries/aws_cloudtrail_trail_event_6.yaml +++ b/queries/aws_cloudtrail_trail_event_6.yaml @@ -1,37 +1,26 @@ +Description: Allows users to query AWS CloudTrail Events, providing information about + each trail event within AWS CloudTrail. The table can be used to retrieve details + such as the event time, event name, resources involved, and much more. ID: aws_cloudtrail_trail_event_6 -Title: "Find AWS CloudTrail Events within AWS CloudTrail" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - username, - user_identifier, - jsonb_pretty(request_parameters) as request_parameters, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and user_type = 'IAMUser' - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n event_name,\n event_source,\n event_time,\n user_type,\n\ + \ username,\n user_identifier,\n jsonb_pretty(request_parameters) as request_parameters,\n\ + \ jsonb_pretty(response_elements) as response_elements\nfrom\n aws_cloudtrail_trail_event\n\ + where\n log_group_name = 'aws-cloudtrail-log-group-name'\n and user_type = 'IAMUser'\n\ + \ and timestamp >= now() - interval '1 hour'\norder by\n event_time asc;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find AWS CloudTrail Events within AWS CloudTrail diff --git a/queries/aws_cloudtrail_trail_event_7.yaml b/queries/aws_cloudtrail_trail_event_7.yaml index 0424a2257..321079891 100755 --- a/queries/aws_cloudtrail_trail_event_7.yaml +++ b/queries/aws_cloudtrail_trail_event_7.yaml @@ -1,37 +1,26 @@ +Description: Allows users to query AWS CloudTrail Events, providing information about + each trail event within AWS CloudTrail. The table can be used to retrieve details + such as the event time, event name, resources involved, and much more. ID: aws_cloudtrail_trail_event_7 -Title: "List all AWS CloudTrail Events using SQL Queries" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - user_type, - username, - user_identifier, - jsonb_pretty(request_parameters) as request_parameters, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and user_type = 'AssumedRole' - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n event_name,\n event_source,\n event_time,\n user_type,\n\ + \ username,\n user_identifier,\n jsonb_pretty(request_parameters) as request_parameters,\n\ + \ jsonb_pretty(response_elements) as response_elements\nfrom\n aws_cloudtrail_trail_event\n\ + where\n log_group_name = 'aws-cloudtrail-log-group-name'\n and user_type = 'AssumedRole'\n\ + \ and timestamp >= now() - interval '1 hour'\norder by\n event_time asc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: List all AWS CloudTrail Events using SQL Queries diff --git a/queries/aws_cloudtrail_trail_event_8.yaml b/queries/aws_cloudtrail_trail_event_8.yaml index cdfe0bd01..4498179f3 100755 --- a/queries/aws_cloudtrail_trail_event_8.yaml +++ b/queries/aws_cloudtrail_trail_event_8.yaml @@ -1,39 +1,27 @@ +Description: Allows users to query AWS CloudTrail Events, providing information about + each trail event within AWS CloudTrail. The table can be used to retrieve details + such as the event time, event name, resources involved, and much more. ID: aws_cloudtrail_trail_event_8 -Title: "Find AWS CloudTrail Events With Errors From Last Hour" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - error_code, - error_message, - user_type, - username, - user_identifier, - jsonb_pretty(request_parameters) as request_parameters, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and error_code is not null - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n event_name,\n event_source,\n event_time,\n error_code,\n\ + \ error_message,\n user_type,\n username,\n user_identifier,\n jsonb_pretty(request_parameters)\ + \ as request_parameters,\n jsonb_pretty(response_elements) as response_elements\n\ + from\n aws_cloudtrail_trail_event\nwhere\n log_group_name = 'aws-cloudtrail-log-group-name'\n\ + \ and error_code is not null\n and timestamp >= now() - interval '1 hour'\n\ + order by\n event_time asc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find AWS CloudTrail Events With Errors From Last Hour diff --git a/queries/aws_cloudtrail_trail_event_9.yaml b/queries/aws_cloudtrail_trail_event_9.yaml index 7bf4c9ab1..51ca071ba 100755 --- a/queries/aws_cloudtrail_trail_event_9.yaml +++ b/queries/aws_cloudtrail_trail_event_9.yaml @@ -1,39 +1,27 @@ +Description: Allows users to query AWS CloudTrail Events, providing information about + each trail event within AWS CloudTrail. The table can be used to retrieve details + such as the event time, event name, resources involved, and much more. ID: aws_cloudtrail_trail_event_9 -Title: "Find All AWS CloudTrail Events with Detailed Information" -Description: "Allows users to query AWS CloudTrail Events, providing information about each trail event within AWS CloudTrail. The table can be used to retrieve details such as the event time, event name, resources involved, and much more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - event_name, - event_source, - event_time, - error_code, - error_message, - user_type, - username, - user_identifier, - jsonb_pretty(request_parameters) as request_parameters, - jsonb_pretty(response_elements) as response_elements - from - aws_cloudtrail_trail_event - where - log_group_name = 'aws-cloudtrail-log-group-name' - and filter = '{ $.sourceIPAddress = 203.189.* }' - and timestamp >= now() - interval '1 hour' - order by - event_time asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n event_name,\n event_source,\n event_time,\n error_code,\n\ + \ error_message,\n user_type,\n username,\n user_identifier,\n jsonb_pretty(request_parameters)\ + \ as request_parameters,\n jsonb_pretty(response_elements) as response_elements\n\ + from\n aws_cloudtrail_trail_event\nwhere\n log_group_name = 'aws-cloudtrail-log-group-name'\n\ + \ and filter = '{ $.sourceIPAddress = 203.189.* }'\n and timestamp >= now()\ + \ - interval '1 hour'\norder by\n event_time asc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudTrail +Title: Find All AWS CloudTrail Events with Detailed Information diff --git a/queries/aws_cloudwatch_alarm_1.yaml b/queries/aws_cloudwatch_alarm_1.yaml index 95a9ab6e8..fdde04964 100755 --- a/queries/aws_cloudwatch_alarm_1.yaml +++ b/queries/aws_cloudwatch_alarm_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS CloudWatch Alarms, providing detailed information + about each alarm, including its configuration, state, and associated actions. ID: aws_cloudwatch_alarm_1 -Title: "List all AWS CloudWatch Alarms with Detailed Configuration" -Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - state_value, - metric_name, - actions_enabled, - comparison_operator, - namespace, - statistic - from - aws_cloudwatch_alarm; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n state_value,\n metric_name,\n actions_enabled,\n\ + \ comparison_operator,\n namespace,\n statistic\nfrom\n aws_cloudwatch_alarm;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List all AWS CloudWatch Alarms with Detailed Configuration diff --git a/queries/aws_cloudwatch_alarm_2.yaml b/queries/aws_cloudwatch_alarm_2.yaml index aea6d9413..fe8bf9ae2 100755 --- a/queries/aws_cloudwatch_alarm_2.yaml +++ b/queries/aws_cloudwatch_alarm_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS CloudWatch Alarms, providing detailed information + about each alarm, including its configuration, state, and associated actions. ID: aws_cloudwatch_alarm_2 -Title: "List AWS CloudWatch Alarms with Detailed Information" -Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - state_value, - state_reason - from - aws_cloudwatch_alarm - where - state_value = 'ALARM'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n state_value,\n state_reason\nfrom\n\ + \ aws_cloudwatch_alarm\nwhere\n state_value = 'ALARM';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List AWS CloudWatch Alarms with Detailed Information diff --git a/queries/aws_cloudwatch_alarm_3.yaml b/queries/aws_cloudwatch_alarm_3.yaml index 35e1edade..f8e182d5d 100755 --- a/queries/aws_cloudwatch_alarm_3.yaml +++ b/queries/aws_cloudwatch_alarm_3.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS CloudWatch Alarms, providing detailed information + about each alarm, including its configuration, state, and associated actions. ID: aws_cloudwatch_alarm_3 -Title: "List all AWS CloudWatch Alarms with Details" -Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - actions_enabled, - alarm_actions - from - aws_cloudwatch_alarm - where - actions_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n actions_enabled,\n alarm_actions\nfrom\n aws_cloudwatch_alarm\n\ + where\n actions_enabled;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List all AWS CloudWatch Alarms with Details diff --git a/queries/aws_cloudwatch_alarm_4.yaml b/queries/aws_cloudwatch_alarm_4.yaml index 7bbbca03b..01f64a225 100755 --- a/queries/aws_cloudwatch_alarm_4.yaml +++ b/queries/aws_cloudwatch_alarm_4.yaml @@ -1,29 +1,20 @@ +Description: Allows users to query AWS CloudWatch Alarms, providing detailed information + about each alarm, including its configuration, state, and associated actions. ID: aws_cloudwatch_alarm_4 -Title: "List AWS CloudWatch Alarms with Metric Names" -Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - period, - statistic, - dimensions - from - aws_cloudwatch_alarm - where - metric_name is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n metric_name,\n namespace,\n period,\n statistic,\n\ + \ dimensions\nfrom\n aws_cloudwatch_alarm\nwhere\n metric_name is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List AWS CloudWatch Alarms with Metric Names diff --git a/queries/aws_cloudwatch_alarm_5.yaml b/queries/aws_cloudwatch_alarm_5.yaml index a099264a0..24988ac45 100755 --- a/queries/aws_cloudwatch_alarm_5.yaml +++ b/queries/aws_cloudwatch_alarm_5.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS CloudWatch Alarms, providing detailed information + about each alarm, including its configuration, state, and associated actions. ID: aws_cloudwatch_alarm_5 -Title: "Query AWS CloudWatch Alarms for Detailed Information" -Description: "Allows users to query AWS CloudWatch Alarms, providing detailed information about each alarm, including its configuration, state, and associated actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric ->> 'Id' as metric_id, - metric ->> 'Expression' as metric_expression, - metric -> 'MetricStat' -> 'Metric' ->> 'MetricName' as metric_name, - metric -> 'MetricStat' -> 'Metric' ->> 'Namespace' as metric_namespace, - metric -> 'MetricStat' -> 'Metric' ->> 'Dimensions' as metric_dimensions, - metric ->> 'ReturnData' as metric_return_data - from - aws_cloudwatch_alarm, - jsonb_array_elements(metrics) as metric; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n metric ->> 'Id' as metric_id,\n metric ->>\ + \ 'Expression' as metric_expression,\n metric -> 'MetricStat' -> 'Metric' ->>\ + \ 'MetricName' as metric_name,\n metric -> 'MetricStat' -> 'Metric' ->> 'Namespace'\ + \ as metric_namespace,\n metric -> 'MetricStat' -> 'Metric' ->> 'Dimensions'\ + \ as metric_dimensions,\n metric ->> 'ReturnData' as metric_return_data\nfrom\n\ + \ aws_cloudwatch_alarm,\n jsonb_array_elements(metrics) as metric;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Query AWS CloudWatch Alarms for Detailed Information diff --git a/queries/aws_cloudwatch_log_event_1.yaml b/queries/aws_cloudwatch_log_event_1.yaml index b96682e5a..3ce659d41 100755 --- a/queries/aws_cloudwatch_log_event_1.yaml +++ b/queries/aws_cloudwatch_log_event_1.yaml @@ -1,32 +1,25 @@ +Description: Allows users to query AWS CloudWatch Log Events to retrieve information + about log events from a specified log group. Users can utilize this table to monitor + and troubleshoot systems and applications using their existing log data. ID: aws_cloudwatch_log_event_1 -Title: "List AWS CloudWatch Log Events for Monitoring" -Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - event_id, - timestamp, - ingestion_time, - message - from - aws_cloudwatch_log_event - where - log_group_name = 'cloudwatch-log-event-group-name' - and timestamp >= now() - interval '5 minutes'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n log_stream_name,\n event_id,\n timestamp,\n\ + \ ingestion_time,\n message\nfrom\n aws_cloudwatch_log_event\nwhere\n log_group_name\ + \ = 'cloudwatch-log-event-group-name'\n and timestamp >= now() - interval '5\ + \ minutes';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List AWS CloudWatch Log Events for Monitoring diff --git a/queries/aws_cloudwatch_log_event_2.yaml b/queries/aws_cloudwatch_log_event_2.yaml index 1fa849d31..888496b76 100755 --- a/queries/aws_cloudwatch_log_event_2.yaml +++ b/queries/aws_cloudwatch_log_event_2.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS CloudWatch Log Events to retrieve information + about log events from a specified log group. Users can utilize this table to monitor + and troubleshoot systems and applications using their existing log data. ID: aws_cloudwatch_log_event_2 -Title: "List all AWS CloudWatch Log Events for Monitoring" -Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - event_id, - timestamp, - ingestion_time, - message - from - aws_cloudwatch_log_event - where - log_group_name = 'cloudwatch-log-event-group-name' - and timestamp between (now() - interval '10 minutes') and (now() - interval '5 minutes') - order by - timestamp asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n log_stream_name,\n event_id,\n timestamp,\n\ + \ ingestion_time,\n message\nfrom\n aws_cloudwatch_log_event\nwhere\n log_group_name\ + \ = 'cloudwatch-log-event-group-name'\n and timestamp between (now() - interval\ + \ '10 minutes') and (now() - interval '5 minutes')\norder by\n timestamp asc;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List all AWS CloudWatch Log Events for Monitoring diff --git a/queries/aws_cloudwatch_log_event_3.yaml b/queries/aws_cloudwatch_log_event_3.yaml index 62da5b9ef..109ff0c5b 100755 --- a/queries/aws_cloudwatch_log_event_3.yaml +++ b/queries/aws_cloudwatch_log_event_3.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query AWS CloudWatch Log Events to retrieve information + about log events from a specified log group. Users can utilize this table to monitor + and troubleshoot systems and applications using their existing log data. ID: aws_cloudwatch_log_event_3 -Title: "Find AWS CloudWatch Log Events to Monitor Systems" -Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - event_id, - timestamp, - ingestion_time, - message - from - aws_cloudwatch_log_event - where - log_group_name = 'cloudwatch-log-event-group-name' - and filter = '{$.eventName="DescribeVpcs"}' - and timestamp >= now() - interval '1 hour'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n log_stream_name,\n event_id,\n timestamp,\n\ + \ ingestion_time,\n message\nfrom\n aws_cloudwatch_log_event\nwhere\n log_group_name\ + \ = 'cloudwatch-log-event-group-name'\n and filter = '{$.eventName=\"DescribeVpcs\"\ + }'\n and timestamp >= now() - interval '1 hour';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find AWS CloudWatch Log Events to Monitor Systems diff --git a/queries/aws_cloudwatch_log_event_4.yaml b/queries/aws_cloudwatch_log_event_4.yaml index bc9740f36..de013c2d9 100755 --- a/queries/aws_cloudwatch_log_event_4.yaml +++ b/queries/aws_cloudwatch_log_event_4.yaml @@ -1,35 +1,28 @@ +Description: Allows users to query AWS CloudWatch Log Events to retrieve information + about log events from a specified log group. Users can utilize this table to monitor + and troubleshoot systems and applications using their existing log data. ID: aws_cloudwatch_log_event_4 -Title: "Query AWS CloudWatch Log Events for Unauthorized Access" -Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - event_id, - timestamp, - ingestion_time, - message - from - aws_cloudwatch_log_event - where - log_group_name = 'cloudwatch-log-event-group-name' - and filter = '{ ($.errorCode = "*UnauthorizedOperation") || ($.errorCode = "AccessDenied*") }' - and timestamp >= now() - interval '1 hour'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n log_stream_name,\n event_id,\n timestamp,\n\ + \ ingestion_time,\n message\nfrom\n aws_cloudwatch_log_event\nwhere\n log_group_name\ + \ = 'cloudwatch-log-event-group-name'\n and filter = '{ ($.errorCode = \"*UnauthorizedOperation\"\ + ) || ($.errorCode = \"AccessDenied*\") }'\n and timestamp >= now() - interval\ + \ '1 hour';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Query AWS CloudWatch Log Events for Unauthorized Access diff --git a/queries/aws_cloudwatch_log_event_5.yaml b/queries/aws_cloudwatch_log_event_5.yaml index 9d2c9dd24..77852b366 100755 --- a/queries/aws_cloudwatch_log_event_5.yaml +++ b/queries/aws_cloudwatch_log_event_5.yaml @@ -1,34 +1,28 @@ +Description: Allows users to query AWS CloudWatch Log Events to retrieve information + about log events from a specified log group. Users can utilize this table to monitor + and troubleshoot systems and applications using their existing log data. ID: aws_cloudwatch_log_event_5 -Title: "Find All AWS CloudWatch Log Events for Security Groups" -Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - event_id, - timestamp, - ingestion_time, - message - from - aws_cloudwatch_log_event - where - log_group_name = 'cloudwatch-log-event-group-name' - and filter = '{($.eventName = AuthorizeSecurityGroupIngress) || ($.eventName = AuthorizeSecurityGroupEgress) || ($.eventName = RevokeSecurityGroupIngress) || ($.eventName = RevokeSecurityGroupEgress) || ($.eventName = CreateSecurityGroup) || ($.eventName = DeleteSecurityGroup)}' - and region = 'us-east-1' - and timestamp >= now() - interval '1 hour'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n log_stream_name,\n event_id,\n timestamp,\n\ + \ ingestion_time,\n message\nfrom\n aws_cloudwatch_log_event\nwhere\n log_group_name\ + \ = 'cloudwatch-log-event-group-name'\n and filter = '{($.eventName = AuthorizeSecurityGroupIngress)\ + \ || ($.eventName = AuthorizeSecurityGroupEgress) || ($.eventName = RevokeSecurityGroupIngress)\ + \ || ($.eventName = RevokeSecurityGroupEgress) || ($.eventName = CreateSecurityGroup)\ + \ || ($.eventName = DeleteSecurityGroup)}'\n and region = 'us-east-1'\n and\ + \ timestamp >= now() - interval '1 hour';" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find All AWS CloudWatch Log Events for Security Groups diff --git a/queries/aws_cloudwatch_log_event_6.yaml b/queries/aws_cloudwatch_log_event_6.yaml index c18b94f72..b3d094b13 100755 --- a/queries/aws_cloudwatch_log_event_6.yaml +++ b/queries/aws_cloudwatch_log_event_6.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query AWS CloudWatch Log Events to retrieve information + about log events from a specified log group. Users can utilize this table to monitor + and troubleshoot systems and applications using their existing log data. ID: aws_cloudwatch_log_event_6 -Title: "List all AWS CloudWatch Log Events within 1 Day" -Description: "Allows users to query AWS CloudWatch Log Events to retrieve information about log events from a specified log group. Users can utilize this table to monitor and troubleshoot systems and applications using their existing log data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - event_id, - timestamp, - ingestion_time, - message - from - aws_cloudwatch_log_event - where - log_group_name = 'cloudwatch-log-event-group-name' - and filter = '{$.userIdentity.sessionContext.sessionIssuer.userName="turbot_superuser"}' - and timestamp >= now() - interval '1 day'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n log_stream_name,\n event_id,\n timestamp,\n\ + \ ingestion_time,\n message\nfrom\n aws_cloudwatch_log_event\nwhere\n log_group_name\ + \ = 'cloudwatch-log-event-group-name'\n and filter = '{$.userIdentity.sessionContext.sessionIssuer.userName=\"\ + turbot_superuser\"}'\n and timestamp >= now() - interval '1 day';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List all AWS CloudWatch Log Events within 1 Day diff --git a/queries/aws_cloudwatch_log_group_1.yaml b/queries/aws_cloudwatch_log_group_1.yaml index 9d7cea97d..97a0d7646 100755 --- a/queries/aws_cloudwatch_log_group_1.yaml +++ b/queries/aws_cloudwatch_log_group_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS CloudWatch Log Groups and retrieve their attributes + such as ARN, creation time, stored bytes, metric filter count, and more. ID: aws_cloudwatch_log_group_1 -Title: "List AWS CloudWatch Log Groups Details Including Metrics" -Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - kms_key_id, - metric_filter_count, - retention_in_days - from - aws_cloudwatch_log_group - where - kms_key_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n kms_key_id,\n metric_filter_count,\n retention_in_days\n\ + from\n aws_cloudwatch_log_group\nwhere\n kms_key_id is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List AWS CloudWatch Log Groups Details Including Metrics diff --git a/queries/aws_cloudwatch_log_group_2.yaml b/queries/aws_cloudwatch_log_group_2.yaml index e7ed12a36..c38078c99 100755 --- a/queries/aws_cloudwatch_log_group_2.yaml +++ b/queries/aws_cloudwatch_log_group_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS CloudWatch Log Groups and retrieve their attributes + such as ARN, creation time, stored bytes, metric filter count, and more. ID: aws_cloudwatch_log_group_2 -Title: "Find AWS CloudWatch Log Groups with Retention Time < 7 Days" -Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - retention_in_days - from - aws_cloudwatch_log_group - where - retention_in_days < 7; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n retention_in_days\nfrom\n aws_cloudwatch_log_group\n\ + where\n retention_in_days < 7;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find AWS CloudWatch Log Groups with Retention Time < 7 Days diff --git a/queries/aws_cloudwatch_log_group_3.yaml b/queries/aws_cloudwatch_log_group_3.yaml index d2470d8fc..7cac42066 100755 --- a/queries/aws_cloudwatch_log_group_3.yaml +++ b/queries/aws_cloudwatch_log_group_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS CloudWatch Log Groups and retrieve their attributes + such as ARN, creation time, stored bytes, metric filter count, and more. ID: aws_cloudwatch_log_group_3 -Title: "Find AWS CloudWatch Log Groups and Their Attributes" -Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - groups.name as log_group_name, - metric.name as metric_filter_name, - metric.filter_pattern, - metric.metric_transformation_name, - metric.metric_transformation_value - from - aws_cloudwatch_log_group groups - join aws_cloudwatch_log_metric_filter metric on groups.name = metric.log_group_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n groups.name as log_group_name,\n metric.name as metric_filter_name,\n\ + \ metric.filter_pattern,\n metric.metric_transformation_name,\n metric.metric_transformation_value\n\ + from\n aws_cloudwatch_log_group groups\n join aws_cloudwatch_log_metric_filter\ + \ metric on groups.name = metric.log_group_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find AWS CloudWatch Log Groups and Their Attributes diff --git a/queries/aws_cloudwatch_log_group_4.yaml b/queries/aws_cloudwatch_log_group_4.yaml index 8f9ae2240..39b3f6c77 100755 --- a/queries/aws_cloudwatch_log_group_4.yaml +++ b/queries/aws_cloudwatch_log_group_4.yaml @@ -1,32 +1,28 @@ +Description: Allows users to query AWS CloudWatch Log Groups and retrieve their attributes + such as ARN, creation time, stored bytes, metric filter count, and more. ID: aws_cloudwatch_log_group_4 -Title: "Find AWS CloudWatch Log Groups and Retrieve Attributes" -Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i as data_identifier, - s -> 'Operation' -> 'Audit' -> 'FindingsDestination' -> 'S3' -> 'Bucket' as destination_bucket, - s -> 'Operation' -> 'Audit' -> 'FindingsDestination' -> 'CloudWatchLogs' -> 'LogGroup'as destination_log_group, - s -> 'Operation' -> 'Audit' -> 'FindingsDestination' -> 'Firehose' -> 'DeliveryStream'as destination_delivery_stream - from - aws_cloudwatch_log_group, - jsonb_array_elements(data_protection_policy -> 'Statement') as s, - jsonb_array_elements_text(s -> 'DataIdentifier') as i - where - s ->> 'Sid' = 'audit-policy' - and name = 'log-group-name'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n i as data_identifier,\n s -> 'Operation' -> 'Audit'\ + \ -> 'FindingsDestination' -> 'S3' -> 'Bucket' as destination_bucket,\n s ->\ + \ 'Operation' -> 'Audit' -> 'FindingsDestination' -> 'CloudWatchLogs' -> 'LogGroup'as\ + \ destination_log_group,\n s -> 'Operation' -> 'Audit' -> 'FindingsDestination'\ + \ -> 'Firehose' -> 'DeliveryStream'as destination_delivery_stream\nfrom\n aws_cloudwatch_log_group,\n\ + \ jsonb_array_elements(data_protection_policy -> 'Statement') as s,\n jsonb_array_elements_text(s\ + \ -> 'DataIdentifier') as i\nwhere\n s ->> 'Sid' = 'audit-policy'\n and name\ + \ = 'log-group-name';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch Log Groups +Title: Find AWS CloudWatch Log Groups and Retrieve Attributes diff --git a/queries/aws_cloudwatch_log_group_5.yaml b/queries/aws_cloudwatch_log_group_5.yaml index a03ff90e2..b93e40757 100755 --- a/queries/aws_cloudwatch_log_group_5.yaml +++ b/queries/aws_cloudwatch_log_group_5.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS CloudWatch Log Groups and retrieve their attributes + such as ARN, creation time, stored bytes, metric filter count, and more. ID: aws_cloudwatch_log_group_5 -Title: "Find AWS CloudWatch Log Groups and Retrieve Attributes" -Description: "Allows users to query AWS CloudWatch Log Groups and retrieve their attributes such as ARN, creation time, stored bytes, metric filter count, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - creation_time - from - aws_cloudwatch_log_group - where - data_protection_policy is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n name,\n creation_time\nfrom\n aws_cloudwatch_log_group\n\ + where\n data_protection_policy is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find AWS CloudWatch Log Groups and Retrieve Attributes diff --git a/queries/aws_cloudwatch_log_metric_filter_1.yaml b/queries/aws_cloudwatch_log_metric_filter_1.yaml index 66981f2c0..d3fe258ac 100755 --- a/queries/aws_cloudwatch_log_metric_filter_1.yaml +++ b/queries/aws_cloudwatch_log_metric_filter_1.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS CloudWatch log metric filters to obtain detailed + information about each filter, including its name, creation date, associated log + group, filter pattern, metric transformations and more. ID: aws_cloudwatch_log_metric_filter_1 -Title: "Find all AWS CloudWatch log metric filters" -Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - log_group_name, - creation_time, - filter_pattern, - metric_transformation_name, - metric_transformation_namespace, - metric_transformation_value - from - aws_cloudwatch_log_metric_filter; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n log_group_name,\n creation_time,\n filter_pattern,\n\ + \ metric_transformation_name,\n metric_transformation_namespace,\n metric_transformation_value\n\ + from\n aws_cloudwatch_log_metric_filter;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find all AWS CloudWatch log metric filters diff --git a/queries/aws_cloudwatch_log_metric_filter_2.yaml b/queries/aws_cloudwatch_log_metric_filter_2.yaml index 08b06ecef..6fc0e49d0 100755 --- a/queries/aws_cloudwatch_log_metric_filter_2.yaml +++ b/queries/aws_cloudwatch_log_metric_filter_2.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS CloudWatch log metric filters to obtain detailed + information about each filter, including its name, creation date, associated log + group, filter pattern, metric transformations and more. ID: aws_cloudwatch_log_metric_filter_2 -Title: "List all AWS CloudWatch log metric filters and details" -Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - log_group_name, - filter_pattern - from - aws_cloudwatch_log_metric_filter - where - filter_pattern ilike '%error%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n log_group_name,\n filter_pattern\nfrom\n aws_cloudwatch_log_metric_filter\n\ + where\n filter_pattern ilike '%error%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List all AWS CloudWatch log metric filters and details diff --git a/queries/aws_cloudwatch_log_metric_filter_3.yaml b/queries/aws_cloudwatch_log_metric_filter_3.yaml index 5c66582aa..b8abe00de 100755 --- a/queries/aws_cloudwatch_log_metric_filter_3.yaml +++ b/queries/aws_cloudwatch_log_metric_filter_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS CloudWatch log metric filters to obtain detailed + information about each filter, including its name, creation date, associated log + group, filter pattern, metric transformations and more. ID: aws_cloudwatch_log_metric_filter_3 -Title: "Find AWS CloudWatch log metric filters with details" -Description: "Allows users to query AWS CloudWatch log metric filters to obtain detailed information about each filter, including its name, creation date, associated log group, filter pattern, metric transformations and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - count(name) as metric_filter_count - from - aws_cloudwatch_log_metric_filter - group by - log_group_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n count(name) as metric_filter_count\n\ + from\n aws_cloudwatch_log_metric_filter\ngroup by\n log_group_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find AWS CloudWatch log metric filters with details diff --git a/queries/aws_cloudwatch_log_resource_policy_1.yaml b/queries/aws_cloudwatch_log_resource_policy_1.yaml index fba4f459c..1505134bc 100755 --- a/queries/aws_cloudwatch_log_resource_policy_1.yaml +++ b/queries/aws_cloudwatch_log_resource_policy_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS CloudWatch Log Resource Policies, providing + details such as the policy name, policy document, and last updated timestamp. ID: aws_cloudwatch_log_resource_policy_1 -Title: "Find all AWS CloudWatch Log Resource Policies" -Description: "Allows users to query AWS CloudWatch Log Resource Policies, providing details such as the policy name, policy document, and last updated timestamp." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_name, - last_updated_time, - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_cloudwatch_log_resource_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n policy_name,\n last_updated_time,\n jsonb_pretty(policy)\ + \ as policy,\n jsonb_pretty(policy_std) as policy_std\nfrom\n aws_cloudwatch_log_resource_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find all AWS CloudWatch Log Resource Policies diff --git a/queries/aws_cloudwatch_log_stream_1.yaml b/queries/aws_cloudwatch_log_stream_1.yaml index c60beea0f..d9ff0fc6d 100755 --- a/queries/aws_cloudwatch_log_stream_1.yaml +++ b/queries/aws_cloudwatch_log_stream_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS CloudWatch Log Stream to retrieve detailed + information about each log stream within a log group. ID: aws_cloudwatch_log_stream_1 -Title: "Find AWS CloudWatch Log Streams Using SQL" -Description: "Allows users to query AWS CloudWatch Log Stream to retrieve detailed information about each log stream within a log group." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - log_group_name, - region - from - aws_cloudwatch_log_stream; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n log_group_name,\n region\nfrom\n aws_cloudwatch_log_stream;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch Log Stream +Title: Find AWS CloudWatch Log Streams Using SQL diff --git a/queries/aws_cloudwatch_log_stream_2.yaml b/queries/aws_cloudwatch_log_stream_2.yaml index b50a1d03b..ad226975b 100755 --- a/queries/aws_cloudwatch_log_stream_2.yaml +++ b/queries/aws_cloudwatch_log_stream_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS CloudWatch Log Stream to retrieve detailed + information about each log stream within a log group. ID: aws_cloudwatch_log_stream_2 -Title: "List all AWS CloudWatch Log Stream information" -Description: "Allows users to query AWS CloudWatch Log Stream to retrieve detailed information about each log stream within a log group." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - count(*) as log_stream_count - from - aws_cloudwatch_log_stream - group by - log_group_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n count(*) as log_stream_count\nfrom\n\ + \ aws_cloudwatch_log_stream\ngroup by\n log_group_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch Log Stream +Title: List all AWS CloudWatch Log Stream information diff --git a/queries/aws_cloudwatch_log_subscription_filter_1.yaml b/queries/aws_cloudwatch_log_subscription_filter_1.yaml index 5764d6b02..1f3c51ed4 100755 --- a/queries/aws_cloudwatch_log_subscription_filter_1.yaml +++ b/queries/aws_cloudwatch_log_subscription_filter_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS CloudWatch Log Subscription Filters, providing + information about each subscription filter associated with the specified log group. ID: aws_cloudwatch_log_subscription_filter_1 -Title: "List AWS CloudWatch Log Subscription Filters" -Description: "Allows users to query AWS CloudWatch Log Subscription Filters, providing information about each subscription filter associated with the specified log group." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - log_group_name, - creation_time, - filter_pattern, - destination_arn - from - aws_cloudwatch_log_subscription_filter; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n log_group_name,\n creation_time,\n filter_pattern,\n\ + \ destination_arn\nfrom\n aws_cloudwatch_log_subscription_filter;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List AWS CloudWatch Log Subscription Filters diff --git a/queries/aws_cloudwatch_log_subscription_filter_2.yaml b/queries/aws_cloudwatch_log_subscription_filter_2.yaml index db81a85d0..9c5f578f8 100755 --- a/queries/aws_cloudwatch_log_subscription_filter_2.yaml +++ b/queries/aws_cloudwatch_log_subscription_filter_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS CloudWatch Log Subscription Filters, providing + information about each subscription filter associated with the specified log group. ID: aws_cloudwatch_log_subscription_filter_2 -Title: "List all AWS CloudWatch Log Subscription Filters" -Description: "Allows users to query AWS CloudWatch Log Subscription Filters, providing information about each subscription filter associated with the specified log group." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - log_group_name, - filter_pattern - from - aws_cloudwatch_log_subscription_filter - where - filter_pattern ilike '%error%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n log_group_name,\n filter_pattern\nfrom\n aws_cloudwatch_log_subscription_filter\n\ + where\n filter_pattern ilike '%error%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List all AWS CloudWatch Log Subscription Filters diff --git a/queries/aws_cloudwatch_log_subscription_filter_3.yaml b/queries/aws_cloudwatch_log_subscription_filter_3.yaml index a1a642fef..8bd1cd661 100755 --- a/queries/aws_cloudwatch_log_subscription_filter_3.yaml +++ b/queries/aws_cloudwatch_log_subscription_filter_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS CloudWatch Log Subscription Filters, providing + information about each subscription filter associated with the specified log group. ID: aws_cloudwatch_log_subscription_filter_3 -Title: "List all AWS CloudWatch Log Subscription Filters" -Description: "Allows users to query AWS CloudWatch Log Subscription Filters, providing information about each subscription filter associated with the specified log group." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - count(name) as subscription_filter_count - from - aws_cloudwatch_log_subscription_filter - group by - log_group_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n count(name) as subscription_filter_count\n\ + from\n aws_cloudwatch_log_subscription_filter\ngroup by\n log_group_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List all AWS CloudWatch Log Subscription Filters diff --git a/queries/aws_cloudwatch_metric_1.yaml b/queries/aws_cloudwatch_metric_1.yaml index 0d9977b6a..61f2d1020 100755 --- a/queries/aws_cloudwatch_metric_1.yaml +++ b/queries/aws_cloudwatch_metric_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS CloudWatch Metrics to gather information about + the performance of their AWS resources and applications. ID: aws_cloudwatch_metric_1 -Title: "List AWS CloudWatch Metrics with SQL Queries" -Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - namespace, - dimensions - from - aws_cloudwatch_metric; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n metric_name,\n namespace,\n dimensions\nfrom\n aws_cloudwatch_metric;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List AWS CloudWatch Metrics with SQL Queries diff --git a/queries/aws_cloudwatch_metric_2.yaml b/queries/aws_cloudwatch_metric_2.yaml index 9e9315da2..093df6e2e 100755 --- a/queries/aws_cloudwatch_metric_2.yaml +++ b/queries/aws_cloudwatch_metric_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS CloudWatch Metrics to gather information about + the performance of their AWS resources and applications. ID: aws_cloudwatch_metric_2 -Title: "Find AWS Resources Performance via CloudWatch Metrics" -Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - namespace, - dimensions - from - aws_cloudwatch_metric - where - namespace = 'AWS/EBS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n metric_name,\n namespace,\n dimensions\nfrom\n aws_cloudwatch_metric\n\ + where\n namespace = 'AWS/EBS';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find AWS Resources Performance via CloudWatch Metrics diff --git a/queries/aws_cloudwatch_metric_3.yaml b/queries/aws_cloudwatch_metric_3.yaml index a2d2f58d7..054ccf0da 100755 --- a/queries/aws_cloudwatch_metric_3.yaml +++ b/queries/aws_cloudwatch_metric_3.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS CloudWatch Metrics to gather information about + the performance of their AWS resources and applications. ID: aws_cloudwatch_metric_3 -Title: "List all AWS CloudWatch metrics for EBS VolumeReadOps" -Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - namespace, - dimensions - from - aws_cloudwatch_metric - where - namespace = 'AWS/EBS' - and metric_name = 'VolumeReadOps'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n metric_name,\n namespace,\n dimensions\nfrom\n aws_cloudwatch_metric\n\ + where\n namespace = 'AWS/EBS'\n and metric_name = 'VolumeReadOps';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List all AWS CloudWatch metrics for EBS VolumeReadOps diff --git a/queries/aws_cloudwatch_metric_4.yaml b/queries/aws_cloudwatch_metric_4.yaml index 7a4a5fc20..4d8d3c833 100755 --- a/queries/aws_cloudwatch_metric_4.yaml +++ b/queries/aws_cloudwatch_metric_4.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS CloudWatch Metrics to gather information about + the performance of their AWS resources and applications. ID: aws_cloudwatch_metric_4 -Title: "Find AWS CloudWatch Metrics for Resource Performance" -Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - namespace, - dimensions - from - aws_cloudwatch_metric - where - dimensions_filter = '[ - {"Name": "ClusterIdentifier", "Value": "my-cluster-1"} - ]'::jsonb; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n metric_name,\n namespace,\n dimensions\nfrom\n aws_cloudwatch_metric\n\ + where\n dimensions_filter = '[\n {\"Name\": \"ClusterIdentifier\", \"Value\"\ + : \"my-cluster-1\"}\n ]'::jsonb;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch Metrics +Title: Find AWS CloudWatch Metrics for Resource Performance diff --git a/queries/aws_cloudwatch_metric_5.yaml b/queries/aws_cloudwatch_metric_5.yaml index cc9778372..e888e83b4 100755 --- a/queries/aws_cloudwatch_metric_5.yaml +++ b/queries/aws_cloudwatch_metric_5.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS CloudWatch Metrics to gather information about + the performance of their AWS resources and applications. ID: aws_cloudwatch_metric_5 -Title: "Find AWS CloudWatch Metrics for Performance Information" -Description: "Allows users to query AWS CloudWatch Metrics to gather information about the performance of their AWS resources and applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - namespace, - dimensions - from - aws_cloudwatch_metric - where - dimensions_filter = '[ - {"Name": "Type", "Value": "API"}, - {"Name": "Service", "Value": "EC2"} - ]'::jsonb; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n metric_name,\n namespace,\n dimensions\nfrom\n aws_cloudwatch_metric\n\ + where\n dimensions_filter = '[\n {\"Name\": \"Type\", \"Value\": \"API\"},\n\ + \ {\"Name\": \"Service\", \"Value\": \"EC2\"}\n ]'::jsonb;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find AWS CloudWatch Metrics for Performance Information diff --git a/queries/aws_cloudwatch_metric_data_point_1.yaml b/queries/aws_cloudwatch_metric_data_point_1.yaml index 29a45e2cc..fb3339511 100755 --- a/queries/aws_cloudwatch_metric_data_point_1.yaml +++ b/queries/aws_cloudwatch_metric_data_point_1.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed + information about the data points for a defined metric. ID: aws_cloudwatch_metric_data_point_1 -Title: "List All AWS CloudWatch Metric Data Points" -Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - label, - timestamp, - period, - value, - expression - from - aws_cloudwatch_metric_data_point - where - id = 'm1' - and expression = 'select max(CPUUtilization) from schema("AWS/EC2", InstanceId)' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n label,\n timestamp,\n period,\n value,\n expression\n\ + from\n aws_cloudwatch_metric_data_point\nwhere\n id = 'm1'\n and expression\ + \ = 'select max(CPUUtilization) from schema(\"AWS/EC2\", InstanceId)'\norder by\n\ + \ timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List All AWS CloudWatch Metric Data Points diff --git a/queries/aws_cloudwatch_metric_data_point_2.yaml b/queries/aws_cloudwatch_metric_data_point_2.yaml index f38898395..857612a3e 100755 --- a/queries/aws_cloudwatch_metric_data_point_2.yaml +++ b/queries/aws_cloudwatch_metric_data_point_2.yaml @@ -1,32 +1,21 @@ +Description: Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed + information about the data points for a defined metric. ID: aws_cloudwatch_metric_data_point_2 -Title: "Find AWS CloudWatch MetricDataPoints details" -Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - label, - timestamp, - period, - value, - expression - from - aws_cloudwatch_metric_data_point - where - id = 'e1' - and expression = 'SUM(METRICS(''error''))' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n label,\n timestamp,\n period,\n value,\n expression\n\ + from\n aws_cloudwatch_metric_data_point\nwhere\n id = 'e1'\n and expression\ + \ = 'SUM(METRICS(''error''))'\norder by\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find AWS CloudWatch MetricDataPoints details diff --git a/queries/aws_cloudwatch_metric_data_point_3.yaml b/queries/aws_cloudwatch_metric_data_point_3.yaml index bae2b6dbf..65dab015b 100755 --- a/queries/aws_cloudwatch_metric_data_point_3.yaml +++ b/queries/aws_cloudwatch_metric_data_point_3.yaml @@ -1,48 +1,26 @@ +Description: Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed + information about the data points for a defined metric. ID: aws_cloudwatch_metric_data_point_3 -Title: "List All AWS CloudWatch MetricDataPoints" -Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - label, - timestamp, - period, - round(value::numeric, 2) as avg_cpu, - metric_stat - from - aws_cloudwatch_metric_data_point - where - id = 'm1' - and value > 80 - and timestamp >= now() - interval '5 day' - and metric_stat = '{ - "Metric": { - "Namespace": "AWS/EC2", - "MetricName": "CPUUtilization", - "Dimensions": [ - { - "Name": "InstanceId", - "Value": "i-0353536c53f7c8235" - }, - { - "Name": "InstanceId", - "Value": "i-0dd7043e0f6f0f36d" - } - ]}, - "Stat": "Average"}' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n label,\n timestamp,\n period,\n round(value::numeric,\ + \ 2) as avg_cpu,\n metric_stat\nfrom\n aws_cloudwatch_metric_data_point\nwhere\n\ + \ id = 'm1'\n and value > 80\n and timestamp >= now() - interval '5 day'\n\ + \ and metric_stat = '{\n \"Metric\": {\n \"Namespace\": \"AWS/EC2\",\n\ + \ \"MetricName\": \"CPUUtilization\",\n \"Dimensions\": [\n {\n \ + \ \"Name\": \"InstanceId\",\n \"Value\": \"i-0353536c53f7c8235\"\n\ + \ },\n {\n \"Name\": \"InstanceId\",\n \"Value\": \"i-0dd7043e0f6f0f36d\"\ + \n }\n ]},\n \"Stat\": \"Average\"}'\norder by\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List All AWS CloudWatch MetricDataPoints diff --git a/queries/aws_cloudwatch_metric_data_point_4.yaml b/queries/aws_cloudwatch_metric_data_point_4.yaml index e3b97c7b0..d1d84fb29 100755 --- a/queries/aws_cloudwatch_metric_data_point_4.yaml +++ b/queries/aws_cloudwatch_metric_data_point_4.yaml @@ -1,45 +1,28 @@ +Description: Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed + information about the data points for a defined metric. ID: aws_cloudwatch_metric_data_point_4 -Title: "Find AWS CloudWatch MetricDataPoints for defined metric" -Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - label, - timestamp, - value, - metric_stat - from - aws_cloudwatch_metric_data_point - where - id = 'm1' - and value > 1000 - and period = 86400 - and scan_by = 'TimestampDescending' - and timestamp between '2023-03-10T00:00:00Z' and '2023-03-16T00:00:00Z' - and metric_stat = '{ - "Metric": { - "Namespace": "AWS/EBS", - "MetricName": "VolumeReadOps", - "Dimensions": [ - { - "Name": "VolumeId", - "Value": "vol-00607053b218c6d74" - } - ]}, - "Stat": "Average"}'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n label,\n timestamp,\n value,\n metric_stat\n\ + from\n aws_cloudwatch_metric_data_point\nwhere\n id = 'm1'\n and value > 1000\n\ + \ and period = 86400\n and scan_by = 'TimestampDescending'\n and timestamp\ + \ between '2023-03-10T00:00:00Z' and '2023-03-16T00:00:00Z'\n and metric_stat\ + \ = '{\n \"Metric\": {\n \"Namespace\": \"AWS/EBS\",\n \"MetricName\"\ + : \"VolumeReadOps\",\n \"Dimensions\": [\n {\n \"Name\": \"VolumeId\"\ + ,\n \"Value\": \"vol-00607053b218c6d74\"\n }\n ]},\n \"Stat\"\ + : \"Average\"}';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find AWS CloudWatch MetricDataPoints for defined metric diff --git a/queries/aws_cloudwatch_metric_data_point_5.yaml b/queries/aws_cloudwatch_metric_data_point_5.yaml index d8da995ce..ba0c09248 100755 --- a/queries/aws_cloudwatch_metric_data_point_5.yaml +++ b/queries/aws_cloudwatch_metric_data_point_5.yaml @@ -1,43 +1,25 @@ +Description: Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed + information about the data points for a defined metric. ID: aws_cloudwatch_metric_data_point_5 -Title: "List all AWS CloudWatch Metric Data Points" -Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - label, - timestamp, - value, - metric_stat - from - aws_cloudwatch_metric_data_point - where - id = 'e1' - and value < 10 - and timestamp >= now() - interval '7 day' - and metric_stat = '{ - "Metric": { - "Namespace": "AWS/ElastiCache", - "MetricName": "CacheHits", - "Dimensions": [ - { - "Name": "CacheClusterId", - "Value": "cluster-delete-001" - } - ]}, - "Stat": "Sum"}' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n label,\n timestamp,\n value,\n metric_stat\n\ + from\n aws_cloudwatch_metric_data_point\nwhere\n id = 'e1'\n and value < 10\n\ + \ and timestamp >= now() - interval '7 day'\n and metric_stat = '{\n \"Metric\"\ + : {\n \"Namespace\": \"AWS/ElastiCache\",\n \"MetricName\": \"CacheHits\"\ + ,\n \"Dimensions\": [\n {\n \"Name\": \"CacheClusterId\",\n \ + \ \"Value\": \"cluster-delete-001\"\n }\n ]},\n \"Stat\": \"Sum\"\ + }'\norder by\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List all AWS CloudWatch Metric Data Points diff --git a/queries/aws_cloudwatch_metric_data_point_6.yaml b/queries/aws_cloudwatch_metric_data_point_6.yaml index a8a1fc7ae..86e29a46b 100755 --- a/queries/aws_cloudwatch_metric_data_point_6.yaml +++ b/queries/aws_cloudwatch_metric_data_point_6.yaml @@ -1,49 +1,28 @@ +Description: Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed + information about the data points for a defined metric. ID: aws_cloudwatch_metric_data_point_6 -Title: "Query AWS CloudWatch Metric Data Points for Detailed Info" -Description: "Allows users to query AWS CloudWatch MetricDataPoints to fetch detailed information about the data points for a defined metric." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - label, - timestamp, - value, - metric_stat - from - aws_cloudwatch_metric_data_point - where - id = 'e1' - and source_account_id = '533743456432100' - and timestamp between '2023-03-10T00:00:00Z' and '2023-03-16T00:00:00Z' - and metric_stat = '{ - "Metric": { - "Namespace": "AWS/S3", - "MetricName": "BucketSizeBytes", - "Dimensions": [ - { - "Name": "BucketName", - "Value": "steampipe-test" - }, - { - "Name": "StorageType", - "Value": "StandardStorage" - } - ]}, - "Stat": "Maximum"}' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n label,\n timestamp,\n value,\n metric_stat\n\ + from\n aws_cloudwatch_metric_data_point\nwhere\n id = 'e1'\n and source_account_id\ + \ = '533743456432100'\n and timestamp between '2023-03-10T00:00:00Z' and '2023-03-16T00:00:00Z'\n\ + \ and metric_stat = '{\n \"Metric\": {\n \"Namespace\": \"AWS/S3\",\n \ + \ \"MetricName\": \"BucketSizeBytes\",\n \"Dimensions\": [\n {\n \ + \ \"Name\": \"BucketName\",\n \"Value\": \"steampipe-test\"\n \ + \ },\n {\n \"Name\": \"StorageType\",\n \"Value\": \"StandardStorage\"\ + \n }\n ]},\n \"Stat\": \"Maximum\"}'\norder by\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Query AWS CloudWatch Metric Data Points for Detailed Info diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml index 0ffd2c6bb..0c8015589 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_1.yaml @@ -1,35 +1,25 @@ +Description: Allows users to query AWS CloudWatch Metric Statistics Data Point to + obtain detailed metrics data. ID: aws_cloudwatch_metric_statistic_data_point_1 -Title: "Query AWS CloudWatch Metric Statistics Data Points" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - timestamp, - round(minimum::numeric, 2) as min_cpu, - round(maximum::numeric, 2) as max_cpu, - round(average::numeric, 2) as avg_cpu, - sum, - sample_count - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/EC2' - and metric_name = 'CPUUtilization' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n metric_name,\n timestamp,\n round(minimum::numeric,\ + \ 2) as min_cpu,\n round(maximum::numeric, 2) as max_cpu,\n round(average::numeric,\ + \ 2) as avg_cpu,\n sum,\n sample_count\nfrom\n aws_cloudwatch_metric_statistic_data_point\n\ + where\n namespace = 'AWS/EC2'\n and metric_name = 'CPUUtilization'\norder by\n\ + \ timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Query AWS CloudWatch Metric Statistics Data Points diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml index 6adac5544..d1b6c0aaa 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_2.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS CloudWatch Metric Statistics Data Point to + obtain detailed metrics data. ID: aws_cloudwatch_metric_statistic_data_point_2 -Title: "List AWS CloudWatch Metric Statistics Data Points" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(dimensions) as dimensions, - timestamp, - round(average::numeric, 2) as avg_cpu - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/EC2' - and metric_name = 'CPUUtilization' - and average > 80 - and timestamp >= now() - interval '5 day' - and dimensions = '[ - {"Name": "InstanceId", "Value": "i-0dd7043e0f6f0f36d"} - ]' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n jsonb_pretty(dimensions) as dimensions,\n timestamp,\n\ + \ round(average::numeric, 2) as avg_cpu\nfrom\n aws_cloudwatch_metric_statistic_data_point\n\ + where\n namespace = 'AWS/EC2'\n and metric_name = 'CPUUtilization'\n and average\ + \ > 80\n and timestamp >= now() - interval '5 day'\n and dimensions = '[\n \ + \ {\"Name\": \"InstanceId\", \"Value\": \"i-0dd7043e0f6f0f36d\"}\n ]'\norder\ + \ by\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List AWS CloudWatch Metric Statistics Data Points diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml index e852bdaf8..f242bf823 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_3.yaml @@ -1,37 +1,26 @@ +Description: Allows users to query AWS CloudWatch Metric Statistics Data Point to + obtain detailed metrics data. ID: aws_cloudwatch_metric_statistic_data_point_3 -Title: "Find AWS CloudWatch Metric Statistic Data Points" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(dimensions) as dimensions, - timestamp, - average - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/EBS' - and metric_name = 'VolumeReadOps' - and average > 1000 - and timestamp between '2023-03-10T00:00:00Z' and '2023-03-16T00:00:00Z' - and period = 300 - and dimensions = '[ - {"Name": "VolumeId", "Value": "vol-00607053b218c6d74"} - ]' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n jsonb_pretty(dimensions) as dimensions,\n timestamp,\n\ + \ average\nfrom\n aws_cloudwatch_metric_statistic_data_point\nwhere\n namespace\ + \ = 'AWS/EBS'\n and metric_name = 'VolumeReadOps'\n and average > 1000\n and\ + \ timestamp between '2023-03-10T00:00:00Z' and '2023-03-16T00:00:00Z'\n and period\ + \ = 300\n and dimensions = '[\n {\"Name\": \"VolumeId\", \"Value\": \"vol-00607053b218c6d74\"\ + }\n ]'\norder by\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find AWS CloudWatch Metric Statistic Data Points diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml index 22601653a..25bbd3bce 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_4.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS CloudWatch Metric Statistics Data Point to + obtain detailed metrics data. ID: aws_cloudwatch_metric_statistic_data_point_4 -Title: "Find AWS CloudWatch Metric Statistics Data Points" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(dimensions) as dimensions, - timestamp, - sum - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/ElastiCache' - and metric_name = 'CacheHits' - and sum < 10 - and timestamp >= now() - interval '7 day' - and dimensions = '[ - {"Name": "CacheClusterId", "Value": "cluster-delete-001"} - ]' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n jsonb_pretty(dimensions) as dimensions,\n timestamp,\n\ + \ sum\nfrom\n aws_cloudwatch_metric_statistic_data_point\nwhere\n namespace\ + \ = 'AWS/ElastiCache'\n and metric_name = 'CacheHits'\n and sum < 10\n and\ + \ timestamp >= now() - interval '7 day'\n and dimensions = '[\n {\"Name\"\ + : \"CacheClusterId\", \"Value\": \"cluster-delete-001\"}\n ]'\norder by\n \ + \ timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch Metric Statistics +Title: Find AWS CloudWatch Metric Statistics Data Points diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml index 23a8e5912..41bc00cdc 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_5.yaml @@ -1,36 +1,24 @@ +Description: Allows users to query AWS CloudWatch Metric Statistics Data Point to + obtain detailed metrics data. ID: aws_cloudwatch_metric_statistic_data_point_5 -Title: "List All AWS CloudWatch Metric Statistics Data Points" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(dimensions) as dimensions, - timestamp, - maximum - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/Lambda' - and metric_name = 'Duration' - and maximum > 100 - and timestamp >= '2023-02-15T00:00:00Z' - and timestamp <= '2023-03-15T00:00:00Z' - and period = 86400 - and dimensions = '[ - {"Name": "FunctionName", "Value": "test"} - ]' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n jsonb_pretty(dimensions) as dimensions,\n timestamp,\n\ + \ maximum\nfrom\n aws_cloudwatch_metric_statistic_data_point\nwhere\n namespace\ + \ = 'AWS/Lambda'\n and metric_name = 'Duration'\n and maximum > 100\n and timestamp\ + \ >= '2023-02-15T00:00:00Z'\n and timestamp <= '2023-03-15T00:00:00Z'\n and\ + \ period = 86400\n and dimensions = '[\n {\"Name\": \"FunctionName\", \"Value\"\ + : \"test\"}\n ]'\norder by\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List All AWS CloudWatch Metric Statistics Data Points diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml index de3599b12..7b9f467d0 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_6.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS CloudWatch Metric Statistics Data Point to + obtain detailed metrics data. ID: aws_cloudwatch_metric_statistic_data_point_6 -Title: "Find AWS CloudWatch Metric Statistics Data for RDS CPU Utilization" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(dimensions) as dimensions, - timestamp, - round(average::numeric, 2) as avg_cpu - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/RDS' - and metric_name = 'CPUUtilization' - and average > 80 - and timestamp >= now() - interval '30 day' - and dimensions = '[ - {"Name": "DBInstanceIdentifier", "Value": "database-1"} - ]' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n jsonb_pretty(dimensions) as dimensions,\n timestamp,\n\ + \ round(average::numeric, 2) as avg_cpu\nfrom\n aws_cloudwatch_metric_statistic_data_point\n\ + where\n namespace = 'AWS/RDS'\n and metric_name = 'CPUUtilization'\n and average\ + \ > 80\n and timestamp >= now() - interval '30 day'\n and dimensions = '[\n\ + \ {\"Name\": \"DBInstanceIdentifier\", \"Value\": \"database-1\"}\n ]'\n\ + order by\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find AWS CloudWatch Metric Statistics Data for RDS CPU Utilization diff --git a/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml b/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml index c1c499cc9..bb1cd2a63 100755 --- a/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml +++ b/queries/aws_cloudwatch_metric_statistic_data_point_7.yaml @@ -1,35 +1,24 @@ +Description: Allows users to query AWS CloudWatch Metric Statistics Data Point to + obtain detailed metrics data. ID: aws_cloudwatch_metric_statistic_data_point_7 -Title: "List AWS CloudWatch Metric Statistics for S3 Buckets" -Description: "Allows users to query AWS CloudWatch Metric Statistics Data Point to obtain detailed metrics data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(dimensions) as dimensions, - timestamp, - minimum - from - aws_cloudwatch_metric_statistic_data_point - where - namespace = 'AWS/S3' - and metric_name = 'BucketSizeBytes' - and timestamp between '2023-03-6T00:00:00Z' and '2023-03-15T00:00:00Z' - and period = 86400 - and dimensions = '[ - {"Name": "BucketName", "Value": "steampipe-test"}, - {"Name": "StorageType", "Value": "StandardStorage"} - ]' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n jsonb_pretty(dimensions) as dimensions,\n timestamp,\n\ + \ minimum\nfrom\n aws_cloudwatch_metric_statistic_data_point\nwhere\n namespace\ + \ = 'AWS/S3'\n and metric_name = 'BucketSizeBytes'\n and timestamp between '2023-03-6T00:00:00Z'\ + \ and '2023-03-15T00:00:00Z'\n and period = 86400\n and dimensions = '[\n \ + \ {\"Name\": \"BucketName\", \"Value\": \"steampipe-test\"},\n {\"Name\":\ + \ \"StorageType\", \"Value\": \"StandardStorage\"}\n ]'\norder by\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: List AWS CloudWatch Metric Statistics for S3 Buckets diff --git a/queries/aws_codeartifact_domain_1.yaml b/queries/aws_codeartifact_domain_1.yaml index 2916b5df2..f072ebfcf 100755 --- a/queries/aws_codeartifact_domain_1.yaml +++ b/queries/aws_codeartifact_domain_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS CodeArtifact Domains for details such as domain + ownership, encryption key, and policy information. ID: aws_codeartifact_domain_1 -Title: "Find AWS CodeArtifact Domains and Details" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - created_time, - encryption_key, - status, - owner, - tags - from - aws_codeartifact_domain; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n created_time,\n encryption_key,\n status,\n\ + \ owner,\n tags\nfrom\n aws_codeartifact_domain;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeArtifact +Title: Find AWS CodeArtifact Domains and Details diff --git a/queries/aws_codeartifact_domain_2.yaml b/queries/aws_codeartifact_domain_2.yaml index e2e525a5e..0634b8515 100755 --- a/queries/aws_codeartifact_domain_2.yaml +++ b/queries/aws_codeartifact_domain_2.yaml @@ -1,34 +1,26 @@ +Description: Allows users to query AWS CodeArtifact Domains for details such as domain + ownership, encryption key, and policy information. ID: aws_codeartifact_domain_2 -Title: "Find AWS CodeArtifact Domains and Their Details" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - created_time, - status, - s3_bucket_arn, - tags - from - aws_codeartifact_domain - where - encryption_key is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n created_time,\n status,\n s3_bucket_arn,\n\ + \ tags\nfrom\n aws_codeartifact_domain\nwhere\n encryption_key is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeArtifact +Title: Find AWS CodeArtifact Domains and Their Details diff --git a/queries/aws_codeartifact_domain_3.yaml b/queries/aws_codeartifact_domain_3.yaml index 937635c2e..8c668a160 100755 --- a/queries/aws_codeartifact_domain_3.yaml +++ b/queries/aws_codeartifact_domain_3.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS CodeArtifact Domains for details such as domain + ownership, encryption key, and policy information. ID: aws_codeartifact_domain_3 -Title: "Find AWS CodeArtifact Domains Ownership, Encryption, Policy Info" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - created_time, - status, - s3_bucket_arn, - tags - from - aws_codeartifact_domain - where - status != 'Active'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n created_time,\n status,\n s3_bucket_arn,\n\ + \ tags\nfrom\n aws_codeartifact_domain\nwhere\n status != 'Active';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeArtifact +Title: Find AWS CodeArtifact Domains Ownership, Encryption, Policy Info diff --git a/queries/aws_codeartifact_domain_4.yaml b/queries/aws_codeartifact_domain_4.yaml index 7af1e797d..cccca9508 100755 --- a/queries/aws_codeartifact_domain_4.yaml +++ b/queries/aws_codeartifact_domain_4.yaml @@ -1,37 +1,26 @@ +Description: Allows users to query AWS CodeArtifact Domains for details such as domain + ownership, encryption key, and policy information. ID: aws_codeartifact_domain_4 -Title: "Find AWS CodeArtifact Domains for Ownership, Key, Policy" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - p as principal, - a as action, - s ->> 'Effect' as effect - from - aws_codeartifact_domain, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - string_to_array(p, ':') as pa, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and ( - pa [5] != account_id - or p = '*' - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect\nfrom\n aws_codeartifact_domain,\n jsonb_array_elements(policy_std\ + \ -> 'Statement') as s,\n jsonb_array_elements_text(s -> 'Principal' -> 'AWS')\ + \ as p,\n string_to_array(p, ':') as pa,\n jsonb_array_elements_text(s -> 'Action')\ + \ as a\nwhere\n s ->> 'Effect' = 'Allow'\n and (\n pa [5] != account_id\n\ + \ or p = '*'\n );" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeArtifact +Title: Find AWS CodeArtifact Domains for Ownership, Key, Policy diff --git a/queries/aws_codeartifact_domain_5.yaml b/queries/aws_codeartifact_domain_5.yaml index ead30e17b..fa49af3fe 100755 --- a/queries/aws_codeartifact_domain_5.yaml +++ b/queries/aws_codeartifact_domain_5.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS CodeArtifact Domains for details such as domain + ownership, encryption key, and policy information. ID: aws_codeartifact_domain_5 -Title: "Find AWS CodeArtifact Domain Ownership & Encryption Key" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.arn as domain_arn, - b.arn as bucket_arn, - d.encryption_key domain_encryption_key, - bucket_policy_is_public - from - aws_codeartifact_domain d - join aws_s3_bucket b on d.s3_bucket_arn = b.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n d.arn as domain_arn,\n b.arn as bucket_arn,\n d.encryption_key\ + \ domain_encryption_key,\n bucket_policy_is_public\nfrom\n aws_codeartifact_domain\ + \ d\n join aws_s3_bucket b on d.s3_bucket_arn = b.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeArtifact +Title: Find AWS CodeArtifact Domain Ownership & Encryption Key diff --git a/queries/aws_codeartifact_domain_6.yaml b/queries/aws_codeartifact_domain_6.yaml index 2d319f015..0c440ec2c 100755 --- a/queries/aws_codeartifact_domain_6.yaml +++ b/queries/aws_codeartifact_domain_6.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS CodeArtifact Domains for details such as domain + ownership, encryption key, and policy information. ID: aws_codeartifact_domain_6 -Title: "Find AWS CodeArtifact Domains with Metadata" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.arn as domain_arn, - d.encryption_key domain_encryption_key, - key_manager, - key_state - from - aws_codeartifact_domain d - join aws_kms_key k on d.encryption_key = k.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n d.arn as domain_arn,\n d.encryption_key domain_encryption_key,\n\ + \ key_manager,\n key_state\nfrom\n aws_codeartifact_domain d\n join aws_kms_key\ + \ k on d.encryption_key = k.arn;" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeArtifact +Title: Find AWS CodeArtifact Domains with Metadata diff --git a/queries/aws_codeartifact_domain_7.yaml b/queries/aws_codeartifact_domain_7.yaml index 1a36447ba..4220ba6cd 100755 --- a/queries/aws_codeartifact_domain_7.yaml +++ b/queries/aws_codeartifact_domain_7.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS CodeArtifact Domains for details such as domain + ownership, encryption key, and policy information. ID: aws_codeartifact_domain_7 -Title: "Find all AWS CodeArtifact Domains and Encryption Details" -Description: "Allows users to query AWS CodeArtifact Domains for details such as domain ownership, encryption key, and policy information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.arn as domain_arn, - d.encryption_key domain_encryption_key, - key_manager, - key_state - from - aws_codeartifact_domain d - join aws_kms_key k on d.encryption_key = k.arn - where - key_manager = 'CUSTOMER'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n d.arn as domain_arn,\n d.encryption_key domain_encryption_key,\n\ + \ key_manager,\n key_state\nfrom\n aws_codeartifact_domain d\n join aws_kms_key\ + \ k on d.encryption_key = k.arn\nwhere \n key_manager = 'CUSTOMER';" Tags: cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeArtifact +Title: Find all AWS CodeArtifact Domains and Encryption Details diff --git a/queries/aws_codeartifact_repository_1.yaml b/queries/aws_codeartifact_repository_1.yaml index b1340c94e..676ec36b0 100755 --- a/queries/aws_codeartifact_repository_1.yaml +++ b/queries/aws_codeartifact_repository_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS CodeArtifact Repository data, including details + about the repository, its domain ownership, and associated metadata. ID: aws_codeartifact_repository_1 -Title: "List all AWS CodeArtifact Repository with Domain Details" -Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - domain_name, - domain_owner, - upstreams, - tags - from - aws_codeartifact_repository; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n domain_name,\n domain_owner,\n upstreams,\n\ + \ tags\nfrom\n aws_codeartifact_repository;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS CodeArtifact +Title: List all AWS CodeArtifact Repository with Domain Details diff --git a/queries/aws_codeartifact_repository_2.yaml b/queries/aws_codeartifact_repository_2.yaml index 2257f3508..8596ac5d3 100755 --- a/queries/aws_codeartifact_repository_2.yaml +++ b/queries/aws_codeartifact_repository_2.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS CodeArtifact Repository data, including details + about the repository, its domain ownership, and associated metadata. ID: aws_codeartifact_repository_2 -Title: "List all details about AWS CodeArtifact Repositories" -Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - domain_name, - domain_owner, - tags, - repository_endpoint - from - aws_codeartifact_repository - where - repository_endpoint is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n domain_name,\n domain_owner,\n tags,\n repository_endpoint\n\ + from\n aws_codeartifact_repository\nwhere\n repository_endpoint is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeArtifact +Title: List all details about AWS CodeArtifact Repositories diff --git a/queries/aws_codeartifact_repository_3.yaml b/queries/aws_codeartifact_repository_3.yaml index bca7a76a0..5a0b3561b 100755 --- a/queries/aws_codeartifact_repository_3.yaml +++ b/queries/aws_codeartifact_repository_3.yaml @@ -1,37 +1,26 @@ +Description: Allows users to query AWS CodeArtifact Repository data, including details + about the repository, its domain ownership, and associated metadata. ID: aws_codeartifact_repository_3 -Title: "List all AWS CodeArtifact Repositories with SQL Queries" -Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - p as principal, - a as action, - s ->> 'Effect' as effect - from - aws_codeartifact_repository, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - string_to_array(p, ':') as pa, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and ( - pa [5] != account_id - or p = '*' - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect\nfrom\n aws_codeartifact_repository,\n jsonb_array_elements(policy_std\ + \ -> 'Statement') as s,\n jsonb_array_elements_text(s -> 'Principal' -> 'AWS')\ + \ as p,\n string_to_array(p, ':') as pa,\n jsonb_array_elements_text(s -> 'Action')\ + \ as a\nwhere\n s ->> 'Effect' = 'Allow'\n and (\n pa [5] != account_id\n\ + \ or p = '*'\n );" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS CodeArtifact +Title: List all AWS CodeArtifact Repositories with SQL Queries diff --git a/queries/aws_codeartifact_repository_4.yaml b/queries/aws_codeartifact_repository_4.yaml index 596e4b1c0..37c785355 100755 --- a/queries/aws_codeartifact_repository_4.yaml +++ b/queries/aws_codeartifact_repository_4.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS CodeArtifact Repository data, including details + about the repository, its domain ownership, and associated metadata. ID: aws_codeartifact_repository_4 -Title: "Find AWS CodeArtifact Repository Details with SQL" -Description: "Allows users to query AWS CodeArtifact Repository data, including details about the repository, its domain ownership, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - domain_name, - domain_owner, - u ->> 'RepositoryName' as upstream_repo_name - from - aws_codeartifact_repository, - jsonb_array_elements(upstreams) u; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n domain_name,\n domain_owner,\n u ->> 'RepositoryName'\ + \ as upstream_repo_name\nfrom\n aws_codeartifact_repository,\n jsonb_array_elements(upstreams)\ + \ u;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeArtifact +Title: Find AWS CodeArtifact Repository Details with SQL diff --git a/queries/aws_codebuild_build_1.yaml b/queries/aws_codebuild_build_1.yaml index 3baede312..c0cca47d9 100755 --- a/queries/aws_codebuild_build_1.yaml +++ b/queries/aws_codebuild_build_1.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS CodeBuild Build to retrieve information about + AWS CodeBuild projects'' builds. ID: aws_codebuild_build_1 -Title: "List all AWS CodeBuild Build Information" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - id, - build_complete, - timeout_in_minutes, - project_name, - build_status, - encryption_key, - end_time, - region - from - aws_codebuild_build; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n id,\n build_complete,\n timeout_in_minutes,\n\ + \ project_name,\n build_status,\n encryption_key,\n end_time,\n region\n\ + from\n aws_codebuild_build;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: List all AWS CodeBuild Build Information diff --git a/queries/aws_codebuild_build_10.yaml b/queries/aws_codebuild_build_10.yaml index 4c45eb5ab..467817877 100755 --- a/queries/aws_codebuild_build_10.yaml +++ b/queries/aws_codebuild_build_10.yaml @@ -1,33 +1,26 @@ +Description: Allows users to query AWS CodeBuild Build to retrieve information about + AWS CodeBuild projects'' builds. ID: aws_codebuild_build_10 -Title: "Find AWS CodeBuild Build Projects Details" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - source ->> 'Auth' as source_auth, - source ->> 'BuildStatusConfig' as source_BuildStatusConfig, - source ->> 'Buildspec' as source_buildspec, - source ->> 'GitCloneDepth' as source_git_clone_depth, - source ->> 'GitSubmodulesConfig' as source_git_submodules_config, - source ->> 'GitCloneDepth' as source_git_clone_depth, - source ->> 'InsecureSsl' as source_insecure_ssl, - source ->> 'Location' as source_location, - source ->> 'ReportBuildStatus' as source_report_build_status, - source ->> 'SourceIdentifier' as source_identifier, - source ->> 'Type' as source_type - from - aws_codebuild_build; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n source ->> 'Auth' as source_auth,\n source ->>\ + \ 'BuildStatusConfig' as source_BuildStatusConfig,\n source ->> 'Buildspec' as\ + \ source_buildspec,\n source ->> 'GitCloneDepth' as source_git_clone_depth,\n\ + \ source ->> 'GitSubmodulesConfig' as source_git_submodules_config,\n source\ + \ ->> 'GitCloneDepth' as source_git_clone_depth,\n source ->> 'InsecureSsl' as\ + \ source_insecure_ssl,\n source ->> 'Location' as source_location,\n source\ + \ ->> 'ReportBuildStatus' as source_report_build_status,\n source ->> 'SourceIdentifier'\ + \ as source_identifier,\n source ->> 'Type' as source_type\nfrom\n aws_codebuild_build;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS CodeBuild +Title: Find AWS CodeBuild Build Projects Details diff --git a/queries/aws_codebuild_build_11.yaml b/queries/aws_codebuild_build_11.yaml index 899aecba4..ae6a3cba8 100755 --- a/queries/aws_codebuild_build_11.yaml +++ b/queries/aws_codebuild_build_11.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS CodeBuild Build to retrieve information about + AWS CodeBuild projects'' builds. ID: aws_codebuild_build_11 -Title: "Find all AWS CodeBuild project builds information" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - f ->> 'Identifier' as file_system_identifier, - f ->> 'Location' as file_system_location, - f ->> 'MountOptions' as file_system_mount_options, - f ->> 'MountPoint' as file_system_mount_point, - f ->> 'Type' as file_system_type - from - aws_codebuild_build, - jsonb_array_elements(file_system_locations) as f; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n f ->> 'Identifier' as file_system_identifier,\n\ + \ f ->> 'Location' as file_system_location,\n f ->> 'MountOptions' as file_system_mount_options,\n\ + \ f ->> 'MountPoint' as file_system_mount_point,\n f ->> 'Type' as file_system_type\n\ + from\n aws_codebuild_build,\n jsonb_array_elements(file_system_locations) as\ + \ f;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS CodeBuild +Title: Find all AWS CodeBuild project builds information diff --git a/queries/aws_codebuild_build_2.yaml b/queries/aws_codebuild_build_2.yaml index b981965ad..f3dd6fe14 100755 --- a/queries/aws_codebuild_build_2.yaml +++ b/queries/aws_codebuild_build_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS CodeBuild Build to retrieve information about + AWS CodeBuild projects'' builds. ID: aws_codebuild_build_2 -Title: "List AWS CodeBuild Build details with encryption key" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - id, - encryption_key - from - aws_codebuild_build - where - encryption_key is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n id,\n encryption_key\nfrom\n aws_codebuild_build\n\ + where\n encryption_key is not null;" Tags: cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: List AWS CodeBuild Build details with encryption key diff --git a/queries/aws_codebuild_build_3.yaml b/queries/aws_codebuild_build_3.yaml index 5cd648105..f703a11d0 100755 --- a/queries/aws_codebuild_build_3.yaml +++ b/queries/aws_codebuild_build_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS CodeBuild Build to retrieve information about + AWS CodeBuild projects'' builds. ID: aws_codebuild_build_3 -Title: "Find completed builds of AWS CodeBuild projects" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - artifacts, - build_complete - from - aws_codebuild_build - where - build_complete; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n artifacts,\n build_complete\nfrom\n \ + \ aws_codebuild_build\nwhere\n build_complete;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: Find completed builds of AWS CodeBuild projects diff --git a/queries/aws_codebuild_build_4.yaml b/queries/aws_codebuild_build_4.yaml index b041e7d97..b8e54befc 100755 --- a/queries/aws_codebuild_build_4.yaml +++ b/queries/aws_codebuild_build_4.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS CodeBuild Build to retrieve information about + AWS CodeBuild projects'' builds. ID: aws_codebuild_build_4 -Title: "List all AWS CodeBuild projects' builds information" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - vpc_config ->> 'SecurityGroupIds' as security_group_id, - vpc_config ->> 'Subnets' as subnets, - vpc_config ->> 'VpcId' as vpc_id - from - aws_codebuild_build; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n vpc_config ->> 'SecurityGroupIds' as security_group_id,\n\ + \ vpc_config ->> 'Subnets' as subnets,\n vpc_config ->> 'VpcId' as vpc_id\n\ + from\n aws_codebuild_build;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: List all AWS CodeBuild projects' builds information diff --git a/queries/aws_codebuild_build_5.yaml b/queries/aws_codebuild_build_5.yaml index 306fe5c97..7c3f6e620 100755 --- a/queries/aws_codebuild_build_5.yaml +++ b/queries/aws_codebuild_build_5.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS CodeBuild Build to retrieve information about + AWS CodeBuild projects'' builds. ID: aws_codebuild_build_5 -Title: "Find all AWS CodeBuild Build Project Details" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - artifacts ->> 'ArtifactIdentifier' as artifact_id, - artifacts ->> 'BucketOwnerAccess' as bucket_owner_access, - artifacts ->> 'EncryptionDisabled' as encryption_disabled, - artifacts ->> 'OverrideArtifactName' as override_artifact_name - from - aws_codebuild_build; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n artifacts ->> 'ArtifactIdentifier' as\ + \ artifact_id,\n artifacts ->> 'BucketOwnerAccess' as bucket_owner_access,\n\ + \ artifacts ->> 'EncryptionDisabled' as encryption_disabled,\n artifacts ->>\ + \ 'OverrideArtifactName' as override_artifact_name\nfrom\n aws_codebuild_build;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: Find all AWS CodeBuild Build Project Details diff --git a/queries/aws_codebuild_build_6.yaml b/queries/aws_codebuild_build_6.yaml index b5bd47b92..d9677e19c 100755 --- a/queries/aws_codebuild_build_6.yaml +++ b/queries/aws_codebuild_build_6.yaml @@ -1,32 +1,27 @@ +Description: Allows users to query AWS CodeBuild Build to retrieve information about + AWS CodeBuild projects'' builds. ID: aws_codebuild_build_6 -Title: "Find AWS CodeBuild Build Information with SQL" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - environment ->> 'Certificate' as environment_certificate, - environment ->> 'ComputeType' as environment_compute_type, - environment ->> 'EnvironmentVariables' as environment_variables, - environment ->> 'Image' as environment_image, - environment ->> 'ImagePullCredentialsType' as environment_image_pull_credentials_type, - environment ->> 'PrivilegedMode' as environment_privileged_mode, - environment ->> 'RegistryCredential' as environment_registry_credential, - environment ->> 'Type' as environment_type - from - aws_codebuild_build; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n environment ->> 'Certificate' as environment_certificate,\n\ + \ environment ->> 'ComputeType' as environment_compute_type,\n environment ->>\ + \ 'EnvironmentVariables' as environment_variables,\n environment ->> 'Image'\ + \ as environment_image,\n environment ->> 'ImagePullCredentialsType' as environment_image_pull_credentials_type,\n\ + \ environment ->> 'PrivilegedMode' as environment_privileged_mode,\n environment\ + \ ->> 'RegistryCredential' as environment_registry_credential,\n environment\ + \ ->> 'Type' as environment_type\nfrom\n aws_codebuild_build;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS CodeBuild +Title: Find AWS CodeBuild Build Information with SQL diff --git a/queries/aws_codebuild_build_7.yaml b/queries/aws_codebuild_build_7.yaml index c5d1f4d72..bd3b7d7bd 100755 --- a/queries/aws_codebuild_build_7.yaml +++ b/queries/aws_codebuild_build_7.yaml @@ -1,35 +1,28 @@ +Description: Allows users to query AWS CodeBuild Build to retrieve information about + AWS CodeBuild projects'' builds. ID: aws_codebuild_build_7 -Title: "Find AWS CodeBuild project builds using SQL" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - logs -> 'S3Logs' ->> 'Status' as s3_log_status, - logs -> 'S3Logs' ->> 'Location' as s3_log_location, - logs -> 'S3Logs' ->> 'BucketOwnerAccess' as s3_log_bucket_owner_access, - logs -> 'S3Logs' ->> 'EncryptionDisabled' as s3_log_encryption_disabled, - logs ->> 'DeepLink' as deep_link, - logs ->> 'GroupName' as group_name, - logs ->> 'S3LogsArn' as s3_logs_arn, - logs ->> 'S3DeepLink' as s3_deep_link, - logs ->> 'StreamName' as stream_name, - logs ->> 'CloudWatchLogsArn' as cloud_watch_logs_arn, - logs -> 'CloudWatchLogs' ->> 'Status' as cloud_watch_logs_status, - logs -> 'CloudWatchLogs' ->> 'GroupName' as cloud_watch_logs_group_name, - logs -> 'CloudWatchLogs' ->> 'StreamName' as cloud_watch_logs_stream_name - from - aws_codebuild_build; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n logs -> 'S3Logs' ->> 'Status' as s3_log_status,\n\ + \ logs -> 'S3Logs' ->> 'Location' as s3_log_location,\n logs -> 'S3Logs' ->>\ + \ 'BucketOwnerAccess' as s3_log_bucket_owner_access,\n logs -> 'S3Logs' ->> 'EncryptionDisabled'\ + \ as s3_log_encryption_disabled,\n logs ->> 'DeepLink' as deep_link,\n logs\ + \ ->> 'GroupName' as group_name,\n logs ->> 'S3LogsArn' as s3_logs_arn,\n logs\ + \ ->> 'S3DeepLink' as s3_deep_link,\n logs ->> 'StreamName' as stream_name,\n\ + \ logs ->> 'CloudWatchLogsArn' as cloud_watch_logs_arn,\n logs -> 'CloudWatchLogs'\ + \ ->> 'Status' as cloud_watch_logs_status,\n logs -> 'CloudWatchLogs' ->> 'GroupName'\ + \ as cloud_watch_logs_group_name,\n logs -> 'CloudWatchLogs' ->> 'StreamName'\ + \ as cloud_watch_logs_stream_name\nfrom\n aws_codebuild_build;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: Find AWS CodeBuild project builds using SQL diff --git a/queries/aws_codebuild_build_8.yaml b/queries/aws_codebuild_build_8.yaml index 897408ca0..e2fba8748 100755 --- a/queries/aws_codebuild_build_8.yaml +++ b/queries/aws_codebuild_build_8.yaml @@ -1,24 +1,21 @@ +Description: Allows users to query AWS CodeBuild Build to retrieve information about + AWS CodeBuild projects'' builds. ID: aws_codebuild_build_8 -Title: "Find all AWS CodeBuild Build Information" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - network_interface ->> 'NetworkInterfaceId' as network_interface_id, - network_interface ->> 'SubnetId' as subnet_id, - from - aws_codebuild_build; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n network_interface ->> 'NetworkInterfaceId' as\ + \ network_interface_id,\n network_interface ->> 'SubnetId' as subnet_id,\nfrom\n\ + \ aws_codebuild_build;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: Find all AWS CodeBuild Build Information diff --git a/queries/aws_codebuild_build_9.yaml b/queries/aws_codebuild_build_9.yaml index 0275581ad..80e303a51 100755 --- a/queries/aws_codebuild_build_9.yaml +++ b/queries/aws_codebuild_build_9.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS CodeBuild Build to retrieve information about + AWS CodeBuild projects'' builds. ID: aws_codebuild_build_9 -Title: "List AWS CodeBuild Build Phases and Durations" -Description: "Allows users to query AWS CodeBuild Build to retrieve information about AWS CodeBuild projects'' builds." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - p ->> 'EndTime' as end_time, - p ->> 'Contexts' as contexts, - p ->> 'PhaseType' as phase_type, - p ->> 'StartTime' as start_time, - p ->> 'DurationInSeconds' as duration_in_seconds, - p ->> 'PhaseStatus' as phase_status - from - aws_codebuild_build, - jsonb_array_elements(phases) as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n p ->> 'EndTime' as end_time,\n p ->> 'Contexts'\ + \ as contexts,\n p ->> 'PhaseType' as phase_type,\n p ->> 'StartTime' as start_time,\n\ + \ p ->> 'DurationInSeconds' as duration_in_seconds,\n p ->> 'PhaseStatus' as\ + \ phase_status\nfrom\n aws_codebuild_build,\n jsonb_array_elements(phases) as\ + \ p;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: List AWS CodeBuild Build Phases and Durations diff --git a/queries/aws_codebuild_project_1.yaml b/queries/aws_codebuild_project_1.yaml index 8e4cdca0f..29e58519d 100755 --- a/queries/aws_codebuild_project_1.yaml +++ b/queries/aws_codebuild_project_1.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS CodeBuild Projects and retrieve comprehensive + information about each project. ID: aws_codebuild_project_1 -Title: "Find AWS CodeBuild Projects with Comprehensive Details" -Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - encryption_key, - concurrent_build_limit, - source_version, - service_role, - created, - last_modified, - region - from - aws_codebuild_project; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n encryption_key,\n concurrent_build_limit,\n\ + \ source_version,\n service_role,\n created,\n last_modified,\n region\n\ + from\n aws_codebuild_project;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: Find AWS CodeBuild Projects with Comprehensive Details diff --git a/queries/aws_codebuild_project_2.yaml b/queries/aws_codebuild_project_2.yaml index 0848e01bd..6fa9367e6 100755 --- a/queries/aws_codebuild_project_2.yaml +++ b/queries/aws_codebuild_project_2.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query AWS CodeBuild Projects and retrieve comprehensive + information about each project. ID: aws_codebuild_project_2 -Title: "List all AWS CodeBuild Projects and Details" -Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - source_version, - source ->> 'Auth' as auth, - source ->> 'BuildStatusConfig' as build_status_config, - source ->> 'Buildspec' as build_spec, - source ->> 'GitCloneDepth' as git_clone_depth, - source ->> 'GitSubmodulesConfig' as git_submodules_config, - source ->> 'InsecureSsl' as insecure_ssl, - source ->> 'Location' as location, - source ->> 'ReportBuildStatus' as report_build_status, - source ->> 'SourceIdentifier' as source_identifier, - source ->> 'Type' as type - from - aws_codebuild_project; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n source_version,\n source ->> 'Auth' as auth,\n\ + \ source ->> 'BuildStatusConfig' as build_status_config,\n source ->> 'Buildspec'\ + \ as build_spec,\n source ->> 'GitCloneDepth' as git_clone_depth,\n source ->>\ + \ 'GitSubmodulesConfig' as git_submodules_config,\n source ->> 'InsecureSsl'\ + \ as insecure_ssl,\n source ->> 'Location' as location,\n source ->> 'ReportBuildStatus'\ + \ as report_build_status,\n source ->> 'SourceIdentifier' as source_identifier,\n\ + \ source ->> 'Type' as type\nfrom\n aws_codebuild_project;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: List all AWS CodeBuild Projects and Details diff --git a/queries/aws_codebuild_project_3.yaml b/queries/aws_codebuild_project_3.yaml index d3be8ae5a..34378fd49 100755 --- a/queries/aws_codebuild_project_3.yaml +++ b/queries/aws_codebuild_project_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS CodeBuild Projects and retrieve comprehensive + information about each project. ID: aws_codebuild_project_3 -Title: "List all AWS CodeBuild Projects and their details" -Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - vpc_config - from - aws_codebuild_project - where - vpc_config is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n vpc_config\nfrom\n aws_codebuild_project\n\ + where\n vpc_config is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: List all AWS CodeBuild Projects and their details diff --git a/queries/aws_codebuild_project_4.yaml b/queries/aws_codebuild_project_4.yaml index 13138fd33..220fcc953 100755 --- a/queries/aws_codebuild_project_4.yaml +++ b/queries/aws_codebuild_project_4.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS CodeBuild Projects and retrieve comprehensive + information about each project. ID: aws_codebuild_project_4 -Title: "List all AWS CodeBuild Projects" -Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - logs_config -> 'CloudWatchLogs' ->> 'Status' as cloud_watch_logs_status, - logs_config -> 'S3Logs' ->> 'Status' as s3_logs_status - from - aws_codebuild_project - where - logs_config -> 'CloudWatchLogs' ->> 'Status' = 'DISABLED' - and logs_config -> 'S3Logs' ->> 'Status' = 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n logs_config -> 'CloudWatchLogs'\ + \ ->> 'Status' as cloud_watch_logs_status,\n logs_config -> 'S3Logs' ->> 'Status'\ + \ as s3_logs_status\nfrom\n aws_codebuild_project\nwhere\n logs_config -> 'CloudWatchLogs'\ + \ ->> 'Status' = 'DISABLED'\n and logs_config -> 'S3Logs' ->> 'Status' = 'DISABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: List all AWS CodeBuild Projects diff --git a/queries/aws_codebuild_project_5.yaml b/queries/aws_codebuild_project_5.yaml index d3aaad0b6..3ba94f568 100755 --- a/queries/aws_codebuild_project_5.yaml +++ b/queries/aws_codebuild_project_5.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS CodeBuild Projects and retrieve comprehensive + information about each project. ID: aws_codebuild_project_5 -Title: "List all AWS CodeBuild Projects with Private Visibility" -Description: "Allows users to query AWS CodeBuild Projects and retrieve comprehensive information about each project." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - project_visibility - from - aws_codebuild_project - where - project_visibility = 'PRIVATE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n project_visibility\nfrom\n aws_codebuild_project\n\ + where\n project_visibility = 'PRIVATE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: List all AWS CodeBuild Projects with Private Visibility diff --git a/queries/aws_codebuild_source_credential_1.yaml b/queries/aws_codebuild_source_credential_1.yaml index 39d7e4ac1..d06539344 100755 --- a/queries/aws_codebuild_source_credential_1.yaml +++ b/queries/aws_codebuild_source_credential_1.yaml @@ -1,25 +1,19 @@ +Description: Allows users to query AWS CodeBuild Source Credentials ID: aws_codebuild_source_credential_1 -Title: "Find all AWS CodeBuild Source Credentials" -Description: "Allows users to query AWS CodeBuild Source Credentials" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - server_type, - auth_type, - region - from - aws_codebuild_source_credential; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n server_type,\n auth_type,\n region\nfrom\n\ + \ aws_codebuild_source_credential;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: Find all AWS CodeBuild Source Credentials diff --git a/queries/aws_codebuild_source_credential_2.yaml b/queries/aws_codebuild_source_credential_2.yaml index 48200f426..a2992d2c3 100755 --- a/queries/aws_codebuild_source_credential_2.yaml +++ b/queries/aws_codebuild_source_credential_2.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS CodeBuild Source Credentials ID: aws_codebuild_source_credential_2 -Title: "Find all AWS CodeBuild Source Credentials" -Description: "Allows users to query AWS CodeBuild Source Credentials" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - p.arn as project_arn, - p.source ->> 'Location' as source_repository, - p.source ->> 'Type' as source_repository_type, - c.auth_type as authorization_type - from - aws_codebuild_project as p - join aws_codebuild_source_credential as c on (p.region = c.region and p.source ->> 'Type' = c.server_type) - where - p.source ->> 'Type' = 'GITHUB' - and c.auth_type = 'OAUTH'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n p.arn as project_arn,\n p.source ->> 'Location' as source_repository,\ + \ \n p.source ->> 'Type' as source_repository_type,\n c.auth_type as authorization_type\n\ + from\n aws_codebuild_project as p\n join aws_codebuild_source_credential as\ + \ c on (p.region = c.region and p.source ->> 'Type' = c.server_type)\nwhere\n\ + \ p.source ->> 'Type' = 'GITHUB'\n and c.auth_type = 'OAUTH';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeBuild +Title: Find all AWS CodeBuild Source Credentials diff --git a/queries/aws_codecommit_repository_1.yaml b/queries/aws_codecommit_repository_1.yaml index 57771788c..f0a3d2bfc 100755 --- a/queries/aws_codecommit_repository_1.yaml +++ b/queries/aws_codecommit_repository_1.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS CodeCommit repositories and retrieve data such + as repository name, ARN, description, clone URL, last modified date, and other related + details. ID: aws_codecommit_repository_1 -Title: "List AWS CodeCommit Repositories with Details" -Description: "Allows users to query AWS CodeCommit repositories and retrieve data such as repository name, ARN, description, clone URL, last modified date, and other related details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - repository_id, - arn, - creation_date, - region - from - aws_codecommit_repository; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n repository_id,\n arn,\n creation_date,\n\ + \ region\nfrom\n aws_codecommit_repository;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeCommit +Title: List AWS CodeCommit Repositories with Details diff --git a/queries/aws_codedeploy_app_1.yaml b/queries/aws_codedeploy_app_1.yaml index d08b60abb..ab52f7ac6 100755 --- a/queries/aws_codedeploy_app_1.yaml +++ b/queries/aws_codedeploy_app_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS CodeDeploy Applications to return detailed + information about each application, including application name, ID, and associated + deployment groups. ID: aws_codedeploy_app_1 -Title: "List AWS CodeDeploy Apps with Details" -Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - application_id, - application_name - compute_platform, - create_time, - region - from - aws_codedeploy_app; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n application_id,\n application_name\n compute_platform,\n\ + \ create_time,\n region\nfrom\n aws_codedeploy_app;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: List AWS CodeDeploy Apps with Details diff --git a/queries/aws_codedeploy_app_2.yaml b/queries/aws_codedeploy_app_2.yaml index c4a9db7a4..8656d7196 100755 --- a/queries/aws_codedeploy_app_2.yaml +++ b/queries/aws_codedeploy_app_2.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS CodeDeploy Applications to return detailed + information about each application, including application name, ID, and associated + deployment groups. ID: aws_codedeploy_app_2 -Title: "List all AWS CodeDeploy Applications and Deployment Groups" -Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - count(arn) as application_count, - compute_platform - from - aws_codedeploy_app - group by - compute_platform; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n count(arn) as application_count,\n compute_platform\n\ + from\n aws_codedeploy_app\ngroup by\n compute_platform;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: List all AWS CodeDeploy Applications and Deployment Groups diff --git a/queries/aws_codedeploy_app_3.yaml b/queries/aws_codedeploy_app_3.yaml index e94b31883..ad1e35480 100755 --- a/queries/aws_codedeploy_app_3.yaml +++ b/queries/aws_codedeploy_app_3.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS CodeDeploy Applications to return detailed + information about each application, including application name, ID, and associated + deployment groups. ID: aws_codedeploy_app_3 -Title: "List all AWS CodeDeploy Apps Linked to GitHub" -Description: "Allows users to query AWS CodeDeploy Applications to return detailed information about each application, including application name, ID, and associated deployment groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - application_id, - compute_platform, - create_time, - github_account_name - from - aws_codedeploy_app - where - linked_to_github; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n application_id,\n compute_platform,\n create_time,\n\ + \ github_account_name\nfrom\n aws_codedeploy_app\nwhere\n linked_to_github;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: List all AWS CodeDeploy Apps Linked to GitHub diff --git a/queries/aws_codedeploy_deployment_config_1.yaml b/queries/aws_codedeploy_deployment_config_1.yaml index 1be37f7ee..9974364fd 100755 --- a/queries/aws_codedeploy_deployment_config_1.yaml +++ b/queries/aws_codedeploy_deployment_config_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS CodeDeploy Deployment Configurations to retrieve + information about the deployment configurations within AWS CodeDeploy service. ID: aws_codedeploy_deployment_config_1 -Title: "List AWS CodeDeploy Deployment Configs and Details" -Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_config_id, - deployment_config_name, - compute_platform, - create_time, - region - from - aws_codedeploy_deployment_config; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n deployment_config_id,\n deployment_config_name,\n\ + \ compute_platform,\n create_time,\n region\nfrom\n aws_codedeploy_deployment_config;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: List AWS CodeDeploy Deployment Configs and Details diff --git a/queries/aws_codedeploy_deployment_config_2.yaml b/queries/aws_codedeploy_deployment_config_2.yaml index 36844a969..c16c747f8 100755 --- a/queries/aws_codedeploy_deployment_config_2.yaml +++ b/queries/aws_codedeploy_deployment_config_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS CodeDeploy Deployment Configurations to retrieve + information about the deployment configurations within AWS CodeDeploy service. ID: aws_codedeploy_deployment_config_2 -Title: "List all AWS CodeDeploy Deployment Configurations" -Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - count(arn) as configuration_count, - compute_platform - from - aws_codedeploy_deployment_config - group by - compute_platform; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n count(arn) as configuration_count,\n compute_platform\n\ + from\n aws_codedeploy_deployment_config\ngroup by\n compute_platform;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: List all AWS CodeDeploy Deployment Configurations diff --git a/queries/aws_codedeploy_deployment_config_3.yaml b/queries/aws_codedeploy_deployment_config_3.yaml index 5b293f333..f4869cf81 100755 --- a/queries/aws_codedeploy_deployment_config_3.yaml +++ b/queries/aws_codedeploy_deployment_config_3.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS CodeDeploy Deployment Configurations to retrieve + information about the deployment configurations within AWS CodeDeploy service. ID: aws_codedeploy_deployment_config_3 -Title: "List AWS CodeDeploy Deployment Configurations" -Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_config_id, - deployment_config_name - compute_platform, - create_time, - region - from - aws_codedeploy_deployment_config - where - create_time is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n deployment_config_id,\n deployment_config_name\n\ + \ compute_platform,\n create_time,\n region\nfrom\n aws_codedeploy_deployment_config\n\ + where\n create_time is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: List AWS CodeDeploy Deployment Configurations diff --git a/queries/aws_codedeploy_deployment_config_4.yaml b/queries/aws_codedeploy_deployment_config_4.yaml index 6e9394179..4a6f20234 100755 --- a/queries/aws_codedeploy_deployment_config_4.yaml +++ b/queries/aws_codedeploy_deployment_config_4.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS CodeDeploy Deployment Configurations to retrieve + information about the deployment configurations within AWS CodeDeploy service. ID: aws_codedeploy_deployment_config_4 -Title: "List all AWS CodeDeploy Deployment Configurations" -Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_config_id, - deployment_config_name - compute_platform, - minimum_healthy_hosts ->> 'Type' as host_type, - minimum_healthy_hosts ->> 'Value' as host_value, - region - from - aws_codedeploy_deployment_config - where - create_time is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n deployment_config_id,\n deployment_config_name\n\ + \ compute_platform,\n minimum_healthy_hosts ->> 'Type' as host_type,\n minimum_healthy_hosts\ + \ ->> 'Value' as host_value,\n region\nfrom\n aws_codedeploy_deployment_config\n\ + where\n create_time is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: List all AWS CodeDeploy Deployment Configurations diff --git a/queries/aws_codedeploy_deployment_config_5.yaml b/queries/aws_codedeploy_deployment_config_5.yaml index 2e11e7136..3a110eae2 100755 --- a/queries/aws_codedeploy_deployment_config_5.yaml +++ b/queries/aws_codedeploy_deployment_config_5.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS CodeDeploy Deployment Configurations to retrieve + information about the deployment configurations within AWS CodeDeploy service. ID: aws_codedeploy_deployment_config_5 -Title: "Find AWS CodeDeploy Deployment Configurations" -Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_config_id, - deployment_config_name, - traffic_routing_config -> 'TimeBasedCanary' ->> 'CanaryInterval' as canary_interval, - traffic_routing_config -> 'TimeBasedCanary' ->> 'CanaryPercentage' as canary_percentage - from - aws_codedeploy_deployment_config - where - traffic_routing_config ->> 'Type' = 'TimeBasedCanary'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n deployment_config_id,\n deployment_config_name,\n\ + \ traffic_routing_config -> 'TimeBasedCanary' ->> 'CanaryInterval' as canary_interval,\n\ + \ traffic_routing_config -> 'TimeBasedCanary' ->> 'CanaryPercentage' as canary_percentage\n\ + from\n aws_codedeploy_deployment_config\nwhere\n traffic_routing_config ->>\ + \ 'Type' = 'TimeBasedCanary';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: Find AWS CodeDeploy Deployment Configurations diff --git a/queries/aws_codedeploy_deployment_config_6.yaml b/queries/aws_codedeploy_deployment_config_6.yaml index 2b17726e6..5a04fae1f 100755 --- a/queries/aws_codedeploy_deployment_config_6.yaml +++ b/queries/aws_codedeploy_deployment_config_6.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS CodeDeploy Deployment Configurations to retrieve + information about the deployment configurations within AWS CodeDeploy service. ID: aws_codedeploy_deployment_config_6 -Title: "Find AWS CodeDeploy deployment configurations" -Description: "Allows users to query AWS CodeDeploy Deployment Configurations to retrieve information about the deployment configurations within AWS CodeDeploy service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_config_id, - deployment_config_name, - traffic_routing_config -> 'TimeBasedLinear' ->> 'LinearInterval' as linear_interval, - traffic_routing_config -> 'TimeBasedLinear' ->> 'LinearPercentage' as linear_percentage - from - aws_codedeploy_deployment_config - where - traffic_routing_config ->> 'Type' = 'TimeBasedLinear'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n deployment_config_id,\n deployment_config_name,\n\ + \ traffic_routing_config -> 'TimeBasedLinear' ->> 'LinearInterval' as linear_interval,\n\ + \ traffic_routing_config -> 'TimeBasedLinear' ->> 'LinearPercentage' as linear_percentage\n\ + from\n aws_codedeploy_deployment_config\nwhere\n traffic_routing_config ->>\ + \ 'Type' = 'TimeBasedLinear';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: Find AWS CodeDeploy deployment configurations diff --git a/queries/aws_codedeploy_deployment_group_1.yaml b/queries/aws_codedeploy_deployment_group_1.yaml index a1996f701..5c14f5768 100755 --- a/queries/aws_codedeploy_deployment_group_1.yaml +++ b/queries/aws_codedeploy_deployment_group_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS CodeDeploy Deployment Group details including + deployment configurations, target revisions, and associated alarm configurations. ID: aws_codedeploy_deployment_group_1 -Title: "Find AWS CodeDeploy Deployment Group Details" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_group_id, - deployment_group_name, - application_name, - deployment_style, - region - from - aws_codedeploy_deployment_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n deployment_group_id,\n deployment_group_name,\n\ + \ application_name,\n deployment_style,\n region\nfrom\n aws_codedeploy_deployment_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS CodeDeploy +Title: Find AWS CodeDeploy Deployment Group Details diff --git a/queries/aws_codedeploy_deployment_group_2.yaml b/queries/aws_codedeploy_deployment_group_2.yaml index e975476e4..36ba4a58a 100755 --- a/queries/aws_codedeploy_deployment_group_2.yaml +++ b/queries/aws_codedeploy_deployment_group_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS CodeDeploy Deployment Group details including + deployment configurations, target revisions, and associated alarm configurations. ID: aws_codedeploy_deployment_group_2 -Title: "List AWS CodeDeploy Deployment Group Details and Configurations" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - count(arn) as group_count, - compute_platform - from - aws_codedeploy_deployment_group - group by - compute_platform; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n count(arn) as group_count,\n compute_platform\nfrom\n\ + \ aws_codedeploy_deployment_group\ngroup by\n compute_platform;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: List AWS CodeDeploy Deployment Group Details and Configurations diff --git a/queries/aws_codedeploy_deployment_group_3.yaml b/queries/aws_codedeploy_deployment_group_3.yaml index df495d522..c33d6c813 100755 --- a/queries/aws_codedeploy_deployment_group_3.yaml +++ b/queries/aws_codedeploy_deployment_group_3.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS CodeDeploy Deployment Group details including + deployment configurations, target revisions, and associated alarm configurations. ID: aws_codedeploy_deployment_group_3 -Title: "Find AWS CodeDeploy Deployment Group Details" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_group_id, - last_successful_deployment - from - aws_codedeploy_deployment_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n deployment_group_id,\n last_successful_deployment\n\ + from\n aws_codedeploy_deployment_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: Find AWS CodeDeploy Deployment Group Details diff --git a/queries/aws_codedeploy_deployment_group_4.yaml b/queries/aws_codedeploy_deployment_group_4.yaml index 004618d1e..7b7d2296b 100755 --- a/queries/aws_codedeploy_deployment_group_4.yaml +++ b/queries/aws_codedeploy_deployment_group_4.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS CodeDeploy Deployment Group details including + deployment configurations, target revisions, and associated alarm configurations. ID: aws_codedeploy_deployment_group_4 -Title: "List all AWS CodeDeploy Deployment Group Details" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - count(arn) as group_count, - deployment_style - from - aws_codedeploy_deployment_group - group by - deployment_style; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n count(arn) as group_count,\n deployment_style\nfrom\n\ + \ aws_codedeploy_deployment_group\ngroup by\n deployment_style;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: List all AWS CodeDeploy Deployment Group Details diff --git a/queries/aws_codedeploy_deployment_group_5.yaml b/queries/aws_codedeploy_deployment_group_5.yaml index c32047a30..c99edfd73 100755 --- a/queries/aws_codedeploy_deployment_group_5.yaml +++ b/queries/aws_codedeploy_deployment_group_5.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS CodeDeploy Deployment Group details including + deployment configurations, target revisions, and associated alarm configurations. ID: aws_codedeploy_deployment_group_5 -Title: "Find AWS CodeDeploy Deployment Group Details including Alarms" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_group_id, - deployment_group_name, - auto_rollback_configuration ->> 'Enabled' as auto_rollback_configuration_enabled - from - aws_codedeploy_deployment_group - where - auto_rollback_configuration ->> 'Enabled' = 'true'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n deployment_group_id,\n deployment_group_name,\n\ + \ auto_rollback_configuration ->> 'Enabled' as auto_rollback_configuration_enabled\n\ + from\n aws_codedeploy_deployment_group\nwhere\n auto_rollback_configuration\ + \ ->> 'Enabled' = 'true';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: Find AWS CodeDeploy Deployment Group Details including Alarms diff --git a/queries/aws_codedeploy_deployment_group_6.yaml b/queries/aws_codedeploy_deployment_group_6.yaml index 272f3275b..5d1298cb7 100755 --- a/queries/aws_codedeploy_deployment_group_6.yaml +++ b/queries/aws_codedeploy_deployment_group_6.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS CodeDeploy Deployment Group details including + deployment configurations, target revisions, and associated alarm configurations. ID: aws_codedeploy_deployment_group_6 -Title: "Find AWS CodeDeploy Deployment Group Details" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn as group_arn, - deployment_group_id, - deployment_group_name, - auto_scaling_groups ->> 'Hook' as auto_scaling_group_hook, - auto_scaling_groups ->> 'Name' as auto_scaling_group_name - from - aws_codedeploy_deployment_group - where - application_name = 'abc' - and deployment_group_name = 'def'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn as group_arn,\n deployment_group_id,\n deployment_group_name,\n\ + \ auto_scaling_groups ->> 'Hook' as auto_scaling_group_hook,\n auto_scaling_groups\ + \ ->> 'Name' as auto_scaling_group_name\nfrom\n aws_codedeploy_deployment_group\n\ + where\n application_name = 'abc'\n and deployment_group_name = 'def';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: Find AWS CodeDeploy Deployment Group Details diff --git a/queries/aws_codedeploy_deployment_group_7.yaml b/queries/aws_codedeploy_deployment_group_7.yaml index d8794c774..4707ae55b 100755 --- a/queries/aws_codedeploy_deployment_group_7.yaml +++ b/queries/aws_codedeploy_deployment_group_7.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS CodeDeploy Deployment Group details including + deployment configurations, target revisions, and associated alarm configurations. ID: aws_codedeploy_deployment_group_7 -Title: "Find AWS CodeDeploy Deployment Groups with Alarm Configs" -Description: "Allows users to query AWS CodeDeploy Deployment Group details including deployment configurations, target revisions, and associated alarm configurations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - deployment_group_id, - deployment_group_name, - alarm_configuration ->> 'Enabled' as alarm_configuration_enabled - from - aws_codedeploy_deployment_group - where - alarm_configuration ->> 'Enabled' = 'true'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n deployment_group_id,\n deployment_group_name,\n\ + \ alarm_configuration ->> 'Enabled' as alarm_configuration_enabled\nfrom\n aws_codedeploy_deployment_group\n\ + where\n alarm_configuration ->> 'Enabled' = 'true';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeDeploy +Title: Find AWS CodeDeploy Deployment Groups with Alarm Configs diff --git a/queries/aws_codepipeline_pipeline_1.yaml b/queries/aws_codepipeline_pipeline_1.yaml index 55750b843..83354f904 100755 --- a/queries/aws_codepipeline_pipeline_1.yaml +++ b/queries/aws_codepipeline_pipeline_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS CodePipeline Pipeline data, including pipeline + names, statuses, stages, and associated metadata. ID: aws_codepipeline_pipeline_1 -Title: "List all AWS CodePipeline Pipeline Data" -Description: "Allows users to query AWS CodePipeline Pipeline data, including pipeline names, statuses, stages, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - tags_src, - region, - account_id - from - aws_codepipeline_pipeline; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n tags_src,\n region,\n account_id\n\ + from\n aws_codepipeline_pipeline;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodePipeline +Title: List all AWS CodePipeline Pipeline Data diff --git a/queries/aws_codepipeline_pipeline_2.yaml b/queries/aws_codepipeline_pipeline_2.yaml index 6c98b9a05..149efb663 100755 --- a/queries/aws_codepipeline_pipeline_2.yaml +++ b/queries/aws_codepipeline_pipeline_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS CodePipeline Pipeline data, including pipeline + names, statuses, stages, and associated metadata. ID: aws_codepipeline_pipeline_2 -Title: "List all AWS CodePipeline Pipelines and Metadata" -Description: "Allows users to query AWS CodePipeline Pipeline data, including pipeline names, statuses, stages, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - encryption_key - from - aws_codepipeline_pipeline - where - encryption_key is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n encryption_key\nfrom\n aws_codepipeline_pipeline\n\ + where\n encryption_key is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS CodePipeline +Title: List all AWS CodePipeline Pipelines and Metadata diff --git a/queries/aws_codestar_notification_rule_1.yaml b/queries/aws_codestar_notification_rule_1.yaml index e55b2b1aa..66afd1180 100755 --- a/queries/aws_codestar_notification_rule_1.yaml +++ b/queries/aws_codestar_notification_rule_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query CodeStar notification rules in the AWS Developer + Tools to retrieve information about notification rules. ID: aws_codestar_notification_rule_1 -Title: "Find all CodeStar notification rules in AWS using SQL" -Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - resource, - detail_type, - status - from - aws_codestar_notification_rule; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n resource,\n detail_type,\n status\nfrom\n\ + \ aws_codestar_notification_rule;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeStar +Title: Find all CodeStar notification rules in AWS using SQL diff --git a/queries/aws_codestar_notification_rule_2.yaml b/queries/aws_codestar_notification_rule_2.yaml index 4f8cda172..40545d784 100755 --- a/queries/aws_codestar_notification_rule_2.yaml +++ b/queries/aws_codestar_notification_rule_2.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query CodeStar notification rules in the AWS Developer + Tools to retrieve information about notification rules. ID: aws_codestar_notification_rule_2 -Title: "Find AWS CodeStar notification rules using SQL" -Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - pipeline.name as pipeline, - notification_rule.name notification_rule, - notification_rule.status - from - aws_codepipeline_pipeline as pipeline - left join aws_codestar_notification_rule as notification_rule on pipeline.arn = notification_rule.resource; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n pipeline.name as pipeline,\n notification_rule.name\ + \ notification_rule,\n notification_rule.status\nfrom\n aws_codepipeline_pipeline\ + \ as pipeline\n left join aws_codestar_notification_rule as notification_rule\ + \ on pipeline.arn = notification_rule.resource;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeStar +Title: Find AWS CodeStar notification rules using SQL diff --git a/queries/aws_codestar_notification_rule_3.yaml b/queries/aws_codestar_notification_rule_3.yaml index 976b677e3..9f2883808 100755 --- a/queries/aws_codestar_notification_rule_3.yaml +++ b/queries/aws_codestar_notification_rule_3.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query CodeStar notification rules in the AWS Developer + Tools to retrieve information about notification rules. ID: aws_codestar_notification_rule_3 -Title: "List all AWS CodeStar notification rules with no targets" -Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name - from - aws_codestar_notification_rule - where - jsonb_array_length(targets) = 0; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name\nfrom\n aws_codestar_notification_rule\nwhere\n\ + \ jsonb_array_length(targets) = 0;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeStar +Title: List all AWS CodeStar notification rules with no targets diff --git a/queries/aws_codestar_notification_rule_4.yaml b/queries/aws_codestar_notification_rule_4.yaml index 00981df8c..b8859fdcc 100755 --- a/queries/aws_codestar_notification_rule_4.yaml +++ b/queries/aws_codestar_notification_rule_4.yaml @@ -1,28 +1,25 @@ +Description: Allows users to query CodeStar notification rules in the AWS Developer + Tools to retrieve information about notification rules. ID: aws_codestar_notification_rule_4 -Title: "List all AWS CodeStar Notification Rules with Target Details" -Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - notification_rule.name as notification_rule, - target ->> 'TargetType' as target_type, - topic.title as target_topic - from - aws_codestar_notification_rule as notification_rule cross - join jsonb_array_elements(notification_rule.targets) as target - left join aws_sns_topic as topic on target ->> 'TargetAddress' = topic.topic_arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n notification_rule.name as notification_rule,\n target\ + \ ->> 'TargetType' as target_type,\n topic.title as target_topic\nfrom\n aws_codestar_notification_rule\ + \ as notification_rule cross\n join jsonb_array_elements(notification_rule.targets)\ + \ as target\n left join aws_sns_topic as topic on target ->> 'TargetAddress'\ + \ = topic.topic_arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeStar +Title: List all AWS CodeStar Notification Rules with Target Details diff --git a/queries/aws_codestar_notification_rule_5.yaml b/queries/aws_codestar_notification_rule_5.yaml index 1eb394822..491ba5905 100755 --- a/queries/aws_codestar_notification_rule_5.yaml +++ b/queries/aws_codestar_notification_rule_5.yaml @@ -1,38 +1,28 @@ +Description: Allows users to query CodeStar notification rules in the AWS Developer + Tools to retrieve information about notification rules. ID: aws_codestar_notification_rule_5 -Title: "List AWS CodeStar Notification Rules with Targets" -Description: "Allows users to query CodeStar notification rules in the AWS Developer Tools to retrieve information about notification rules." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with rule_target as ( - select - arn, - target ->> 'TargetAddress' as target_address, - target ->> 'TargetStatus' as target_status, - target ->> 'TargetType' as target_type - from - aws_codestar_notification_rule cross - join jsonb_array_elements(targets) as target - ) - select - notification_rule.name as notification_rule, - rule_target.target_type, - topic.title as target_topic - from - aws_codestar_notification_rule as notification_rule - left join rule_target on rule_target.arn = notification_rule.arn - left join aws_sns_topic as topic on rule_target.target_address = topic.topic_arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with rule_target as (\n select\n arn,\n target ->> 'TargetAddress'\ + \ as target_address,\n target ->> 'TargetStatus' as target_status,\n target\ + \ ->> 'TargetType' as target_type\n from\n aws_codestar_notification_rule\ + \ cross\n join jsonb_array_elements(targets) as target\n)\nselect\n notification_rule.name\ + \ as notification_rule,\n rule_target.target_type,\n topic.title as target_topic\n\ + from\n aws_codestar_notification_rule as notification_rule\n left join rule_target\ + \ on rule_target.arn = notification_rule.arn\n left join aws_sns_topic as topic\ + \ on rule_target.target_address = topic.topic_arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CodeStar +Title: List AWS CodeStar Notification Rules with Targets diff --git a/queries/aws_cognito_identity_pool_1.yaml b/queries/aws_cognito_identity_pool_1.yaml index 97a0c3a6d..fbb82cd64 100755 --- a/queries/aws_cognito_identity_pool_1.yaml +++ b/queries/aws_cognito_identity_pool_1.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Cognito Identity Pools and retrieve detailed + information about each identity pool, including its configuration and associated + roles. ID: aws_cognito_identity_pool_1 -Title: "List AWS Cognito Identity Pools with Config and Roles" -Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity_pool_id, - identity_pool_name, - tags, - region, - account_id - from - aws_cognito_identity_pool; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n identity_pool_id,\n identity_pool_name,\n tags,\n \ + \ region,\n account_id\nfrom\n aws_cognito_identity_pool;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cognito +Title: List AWS Cognito Identity Pools with Config and Roles diff --git a/queries/aws_cognito_identity_pool_2.yaml b/queries/aws_cognito_identity_pool_2.yaml index f3f237af1..dd9dd4faa 100755 --- a/queries/aws_cognito_identity_pool_2.yaml +++ b/queries/aws_cognito_identity_pool_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Cognito Identity Pools and retrieve detailed + information about each identity pool, including its configuration and associated + roles. ID: aws_cognito_identity_pool_2 -Title: "List AWS Cognito Identity Pools and Their Configurations" -Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity_pool_id, - identity_pool_name, - allow_classic_flow - from - aws_cognito_identity_pool - where - allow_classic_flow; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n identity_pool_id,\n identity_pool_name,\n allow_classic_flow\n\ + from\n aws_cognito_identity_pool\nwhere\n allow_classic_flow;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cognito +Title: List AWS Cognito Identity Pools and Their Configurations diff --git a/queries/aws_cognito_identity_pool_3.yaml b/queries/aws_cognito_identity_pool_3.yaml index fbead8229..edd878729 100755 --- a/queries/aws_cognito_identity_pool_3.yaml +++ b/queries/aws_cognito_identity_pool_3.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Cognito Identity Pools and retrieve detailed + information about each identity pool, including its configuration and associated + roles. ID: aws_cognito_identity_pool_3 -Title: "List AWS Cognito Identity Pools and Configurations" -Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity_pool_id, - identity_pool_name, - allow_classic_flow - from - aws_cognito_identity_pool - where - allow_unauthenticated_identities; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n identity_pool_id,\n identity_pool_name,\n allow_classic_flow\n\ + from\n aws_cognito_identity_pool\nwhere\n allow_unauthenticated_identities;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cognito Identity Pools +Title: List AWS Cognito Identity Pools and Configurations diff --git a/queries/aws_cognito_identity_pool_4.yaml b/queries/aws_cognito_identity_pool_4.yaml index a9c0385d1..cb171ac97 100755 --- a/queries/aws_cognito_identity_pool_4.yaml +++ b/queries/aws_cognito_identity_pool_4.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS Cognito Identity Pools and retrieve detailed + information about each identity pool, including its configuration and associated + roles. ID: aws_cognito_identity_pool_4 -Title: "List all AWS Cognito Identity Pools with Detailed Info" -Description: "Allows users to query AWS Cognito Identity Pools and retrieve detailed information about each identity pool, including its configuration and associated roles." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity_pool_id, - identity_pool_name, - allow_classic_flow, - cognito_identity_providers ->> 'ClientId' as identity_provider_client_id, - cognito_identity_providers ->> 'ProviderName' as identity_provider_name, - cognito_identity_providers ->> 'ServerSideTokenCheck' as server_side_token_enabled - from - aws_cognito_identity_pool - where - identity_pool_id = 'eu-west-3:e96205bf-1ef2-4fe6-a748-65e948673960'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n identity_pool_id,\n identity_pool_name,\n allow_classic_flow,\n\ + \ cognito_identity_providers ->> 'ClientId' as identity_provider_client_id,\n\ + \ cognito_identity_providers ->> 'ProviderName' as identity_provider_name,\n\ + \ cognito_identity_providers ->> 'ServerSideTokenCheck' as server_side_token_enabled\n\ + from\n aws_cognito_identity_pool\nwhere\n identity_pool_id = 'eu-west-3:e96205bf-1ef2-4fe6-a748-65e948673960';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cognito Identity Pools +Title: List all AWS Cognito Identity Pools with Detailed Info diff --git a/queries/aws_cognito_identity_provider_1.yaml b/queries/aws_cognito_identity_provider_1.yaml index 0863d3b33..3498e1a11 100755 --- a/queries/aws_cognito_identity_provider_1.yaml +++ b/queries/aws_cognito_identity_provider_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Cognito Identity Providers, providing essential + details about the identity provider configurations within AWS Cognito User Pools. ID: aws_cognito_identity_provider_1 -Title: "Find AWS Cognito Identity Provider Configurations" -Description: "Allows users to query AWS Cognito Identity Providers, providing essential details about the identity provider configurations within AWS Cognito User Pools." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - provider_name, - user_pool_id, - region, - account_id - from - aws_cognito_identity_provider - where - user_pool_id = 'us-east-1_012345678'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n provider_name,\n user_pool_id,\n region,\n account_id\n\ + from\n aws_cognito_identity_provider\nwhere\n user_pool_id = 'us-east-1_012345678';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cognito +Title: Find AWS Cognito Identity Provider Configurations diff --git a/queries/aws_cognito_identity_provider_2.yaml b/queries/aws_cognito_identity_provider_2.yaml index 7d571601b..c8d9f348a 100755 --- a/queries/aws_cognito_identity_provider_2.yaml +++ b/queries/aws_cognito_identity_provider_2.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Cognito Identity Providers, providing essential + details about the identity provider configurations within AWS Cognito User Pools. ID: aws_cognito_identity_provider_2 -Title: "Find AWS Cognito Identity Providers Using SQL" -Description: "Allows users to query AWS Cognito Identity Providers, providing essential details about the identity provider configurations within AWS Cognito User Pools." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - provider_name, - user_pool_id, - provider_details - from - aws_cognito_identity_provider - where - provider_type = 'Google' - and user_pool_id = 'us-east-1_012345678'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n provider_name,\n user_pool_id,\n provider_details\n\ + from\n aws_cognito_identity_provider\nwhere\n provider_type = 'Google'\n and\ + \ user_pool_id = 'us-east-1_012345678';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cognito +Title: Find AWS Cognito Identity Providers Using SQL diff --git a/queries/aws_cognito_user_pool_1.yaml b/queries/aws_cognito_user_pool_1.yaml index 756587eee..e54d22ffa 100755 --- a/queries/aws_cognito_user_pool_1.yaml +++ b/queries/aws_cognito_user_pool_1.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Cognito User Pools to fetch detailed information + about each user pool, including the pool''s configuration, status, and associated + metadata. ID: aws_cognito_user_pool_1 -Title: "Find AWS Cognito User Pools and their configuration" -Description: "Allows users to query AWS Cognito User Pools to fetch detailed information about each user pool, including the pool''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - tags, - region, - account_id - from - aws_cognito_user_pool; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n arn,\n tags,\n region,\n account_id\n\ + from\n aws_cognito_user_pool;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cognito User Pools +Title: Find AWS Cognito User Pools and their configuration diff --git a/queries/aws_cognito_user_pool_2.yaml b/queries/aws_cognito_user_pool_2.yaml index 6b7b063c1..7da1f6457 100755 --- a/queries/aws_cognito_user_pool_2.yaml +++ b/queries/aws_cognito_user_pool_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Cognito User Pools to fetch detailed information + about each user pool, including the pool''s configuration, status, and associated + metadata. ID: aws_cognito_user_pool_2 -Title: "List All AWS Cognito User Pools with MFA Configuration" -Description: "Allows users to query AWS Cognito User Pools to fetch detailed information about each user pool, including the pool''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - mfa_configuration - from - aws_cognito_user_pool - where - mfa_configuration != 'OFF'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n mfa_configuration\nfrom\n aws_cognito_user_pool\n\ + where\n mfa_configuration != 'OFF';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cognito +Title: List All AWS Cognito User Pools with MFA Configuration diff --git a/queries/aws_config_aggregate_authorization_1.yaml b/queries/aws_config_aggregate_authorization_1.yaml index eb3728116..8fc6c49a5 100755 --- a/queries/aws_config_aggregate_authorization_1.yaml +++ b/queries/aws_config_aggregate_authorization_1.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Config Aggregate Authorizations, providing + vital information about AWS Config rules and their respective authorizations in + an aggregated form. ID: aws_config_aggregate_authorization_1 -Title: "Find AWS Config Aggregate Authorizations Info" -Description: "Allows users to query AWS Config Aggregate Authorizations, providing vital information about AWS Config rules and their respective authorizations in an aggregated form." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - authorized_account_id, - authorized_aws_region, - creation_time - from - aws_config_aggregate_authorization; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n authorized_account_id,\n authorized_aws_region,\n\ + \ creation_time\nfrom\n aws_config_aggregate_authorization;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Config +Title: Find AWS Config Aggregate Authorizations Info diff --git a/queries/aws_config_configuration_recorder_1.yaml b/queries/aws_config_configuration_recorder_1.yaml index cb9e85153..ace696e3e 100755 --- a/queries/aws_config_configuration_recorder_1.yaml +++ b/queries/aws_config_configuration_recorder_1.yaml @@ -1,28 +1,19 @@ +Description: Allows users to query AWS Config Configuration Recorder ID: aws_config_configuration_recorder_1 -Title: "Find AWS Config Configuration Recorder using SQL" -Description: "Allows users to query AWS Config Configuration Recorder" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - role_arn, - status, - recording_group, - status_recording, - akas, - title - from - aws_config_configuration_recorder; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n role_arn,\n status,\n recording_group,\n \ + \ status_recording,\n akas,\n title\nfrom\n aws_config_configuration_recorder;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Config Configuration Recorder +Title: Find AWS Config Configuration Recorder using SQL diff --git a/queries/aws_config_configuration_recorder_2.yaml b/queries/aws_config_configuration_recorder_2.yaml index e84b0f39b..e1a1fa85e 100755 --- a/queries/aws_config_configuration_recorder_2.yaml +++ b/queries/aws_config_configuration_recorder_2.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS Config Configuration Recorder ID: aws_config_configuration_recorder_2 -Title: "Find AWS Config Configuration Recorder Status" -Description: "Allows users to query AWS Config Configuration Recorder" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - role_arn, - status_recording, - title - from - aws_config_configuration_recorder - where - not status_recording; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n role_arn,\n status_recording,\n title\nfrom\n\ + \ aws_config_configuration_recorder\nwhere\n not status_recording;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Config +Title: Find AWS Config Configuration Recorder Status diff --git a/queries/aws_config_configuration_recorder_3.yaml b/queries/aws_config_configuration_recorder_3.yaml index c0b48ff97..e98d6e838 100755 --- a/queries/aws_config_configuration_recorder_3.yaml +++ b/queries/aws_config_configuration_recorder_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Config Configuration Recorder ID: aws_config_configuration_recorder_3 -Title: "Find all AWS Config Configuration Recorder using SQL" -Description: "Allows users to query AWS Config Configuration Recorder" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - status ->> 'LastStatus' as last_status, - status ->> 'LastStatusChangeTime' as last_status_change_time, - status ->> 'LastErrorCode' as last_error_code, - status ->> 'LastErrorMessage' as last_error_message - from - aws_config_configuration_recorder - where - status ->> 'LastStatus' = 'FAILURE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n status ->> 'LastStatus' as last_status,\n status\ + \ ->> 'LastStatusChangeTime' as last_status_change_time,\n status ->> 'LastErrorCode'\ + \ as last_error_code,\n status ->> 'LastErrorMessage' as last_error_message\n\ + from\n aws_config_configuration_recorder\nwhere\n status ->> 'LastStatus' =\ + \ 'FAILURE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Config +Title: Find all AWS Config Configuration Recorder using SQL diff --git a/queries/aws_config_conformance_pack_1.yaml b/queries/aws_config_conformance_pack_1.yaml index 2da34e187..e0214885c 100755 --- a/queries/aws_config_conformance_pack_1.yaml +++ b/queries/aws_config_conformance_pack_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Config Conformance Packs to fetch information + about the AWS Config conformance packs deployed on an AWS account. ID: aws_config_conformance_pack_1 -Title: "List all AWS Config Conformance Packs" -Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - conformance_pack_id, - created_by, - last_update_requested_time, - title, - akas - from - aws_config_conformance_pack; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n conformance_pack_id,\n created_by,\n last_update_requested_time,\n\ + \ title,\n akas\nfrom\n aws_config_conformance_pack;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Config +Title: List all AWS Config Conformance Packs diff --git a/queries/aws_config_conformance_pack_2.yaml b/queries/aws_config_conformance_pack_2.yaml index d5cb12971..8eacda2e2 100755 --- a/queries/aws_config_conformance_pack_2.yaml +++ b/queries/aws_config_conformance_pack_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Config Conformance Packs to fetch information + about the AWS Config conformance packs deployed on an AWS account. ID: aws_config_conformance_pack_2 -Title: "List all AWS Config Conformance Packs Info" -Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - conformance_pack_id, - delivery_s3_bucket, - delivery_s3_key_prefix - from - aws_config_conformance_pack; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n conformance_pack_id,\n delivery_s3_bucket,\n\ + \ delivery_s3_key_prefix\nfrom\n aws_config_conformance_pack;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Config +Title: List all AWS Config Conformance Packs Info diff --git a/queries/aws_config_conformance_pack_3.yaml b/queries/aws_config_conformance_pack_3.yaml index 4aa0280f0..86f59f453 100755 --- a/queries/aws_config_conformance_pack_3.yaml +++ b/queries/aws_config_conformance_pack_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Config Conformance Packs to fetch information + about the AWS Config conformance packs deployed on an AWS account. ID: aws_config_conformance_pack_3 -Title: "Find all AWS Config Conformance Packs and Parameters" -Description: "Allows users to query AWS Config Conformance Packs to fetch information about the AWS Config conformance packs deployed on an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - inp ->> 'ParameterName' as parameter_name, - inp ->> 'ParameterValue' as parameter_value, - title, - akas - from - aws_config_conformance_pack, - jsonb_array_elements(input_parameters) as inp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n inp ->> 'ParameterName' as parameter_name,\n\ + \ inp ->> 'ParameterValue' as parameter_value,\n title,\n akas\nfrom\n aws_config_conformance_pack,\n\ + \ jsonb_array_elements(input_parameters) as inp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Config +Title: Find all AWS Config Conformance Packs and Parameters diff --git a/queries/aws_config_retention_configuration_1.yaml b/queries/aws_config_retention_configuration_1.yaml index 69352c5a6..88bfc4886 100755 --- a/queries/aws_config_retention_configuration_1.yaml +++ b/queries/aws_config_retention_configuration_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Config Retention Configuration for information + about the retention period that AWS Config uses to retain your configuration items. ID: aws_config_retention_configuration_1 -Title: "List AWS Config Retention Configuration Details" -Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - retention_period_in_days, - title, - region - from - aws_config_retention_configuration; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n retention_period_in_days,\n title,\n region\n\ + from\n aws_config_retention_configuration;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Config +Title: List AWS Config Retention Configuration Details diff --git a/queries/aws_config_retention_configuration_2.yaml b/queries/aws_config_retention_configuration_2.yaml index ea4030929..161b67bd8 100755 --- a/queries/aws_config_retention_configuration_2.yaml +++ b/queries/aws_config_retention_configuration_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Config Retention Configuration for information + about the retention period that AWS Config uses to retain your configuration items. ID: aws_config_retention_configuration_2 -Title: "Find AWS Config Retention Configuration Details" -Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - retention_period_in_days, - title - from - aws_config_retention_configuration - where - retention_period_in_days < 356; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n retention_period_in_days,\n title\nfrom\n \ + \ aws_config_retention_configuration\nwhere\n retention_period_in_days < 356;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Config +Title: Find AWS Config Retention Configuration Details diff --git a/queries/aws_config_retention_configuration_3.yaml b/queries/aws_config_retention_configuration_3.yaml index 66ebccd89..ee7f6a6e1 100755 --- a/queries/aws_config_retention_configuration_3.yaml +++ b/queries/aws_config_retention_configuration_3.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Config Retention Configuration for information + about the retention period that AWS Config uses to retain your configuration items. ID: aws_config_retention_configuration_3 -Title: "Find AWS Config Retention Configuration Retention Period" -Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - retention_period_in_days, - title, - region - from - aws_config_retention_configuration - where - region = 'us-east-1'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n retention_period_in_days,\n title,\n region\n\ + from\n aws_config_retention_configuration\nwhere\n region = 'us-east-1';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Config +Title: Find AWS Config Retention Configuration Retention Period diff --git a/queries/aws_config_retention_configuration_4.yaml b/queries/aws_config_retention_configuration_4.yaml index ee057f341..a8527073c 100755 --- a/queries/aws_config_retention_configuration_4.yaml +++ b/queries/aws_config_retention_configuration_4.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Config Retention Configuration for information + about the retention period that AWS Config uses to retain your configuration items. ID: aws_config_retention_configuration_4 -Title: "Find AWS Config Retention Configuration Using SQL" -Description: "Allows users to query AWS Config Retention Configuration for information about the retention period that AWS Config uses to retain your configuration items." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.title as configuration_recorder, - r.name as retention_configuration_name, - r.retention_period_in_days, - r.region - from - aws_config_retention_configuration as r - left join aws_config_configuration_recorder as c - on - r.region = c.region; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n c.title as configuration_recorder,\n r.name as retention_configuration_name,\n\ + \ r.retention_period_in_days,\n r.region\nfrom\n aws_config_retention_configuration\ + \ as r\n left join aws_config_configuration_recorder as c\non\n r.region = c.region;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Config +Title: Find AWS Config Retention Configuration Using SQL diff --git a/queries/aws_config_rule_1.yaml b/queries/aws_config_rule_1.yaml index 54592b1ba..1c8d0a601 100755 --- a/queries/aws_config_rule_1.yaml +++ b/queries/aws_config_rule_1.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query Config Rules in AWS Config service. It provides + information about each Config Rule, including its name, ARN, description, scope, + and compliance status. ID: aws_config_rule_1 -Title: "List all AWS Config Rules with Details" -Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - arn, - rule_state, - created_by, - scope - from - aws_config_rule; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n rule_id,\n arn,\n rule_state,\n created_by,\n\ + \ scope\nfrom\n aws_config_rule;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Config +Title: List all AWS Config Rules with Details diff --git a/queries/aws_config_rule_2.yaml b/queries/aws_config_rule_2.yaml index c63d8dd81..e77aa0bb7 100755 --- a/queries/aws_config_rule_2.yaml +++ b/queries/aws_config_rule_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query Config Rules in AWS Config service. It provides + information about each Config Rule, including its name, ARN, description, scope, + and compliance status. ID: aws_config_rule_2 -Title: "Find AWS Config Rules with Inactive Rule State" -Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - arn, - rule_state - from - aws_config_rule - where - rule_state <> 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n rule_id,\n arn,\n rule_state\nfrom\n aws_config_rule\n\ + where\n rule_state <> 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Config +Title: Find AWS Config Rules with Inactive Rule State diff --git a/queries/aws_config_rule_3.yaml b/queries/aws_config_rule_3.yaml index 784c34441..de863222d 100755 --- a/queries/aws_config_rule_3.yaml +++ b/queries/aws_config_rule_3.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query Config Rules in AWS Config service. It provides + information about each Config Rule, including its name, ARN, description, scope, + and compliance status. ID: aws_config_rule_3 -Title: "Find AWS Config Rules for S3 Buckets by Name" -Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - tags - from - aws_config_rule - where - name Like '%s3-bucket%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n rule_id,\n tags\nfrom\n aws_config_rule\n\ + where\n name Like '%s3-bucket%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Config +Title: Find AWS Config Rules for S3 Buckets by Name diff --git a/queries/aws_config_rule_4.yaml b/queries/aws_config_rule_4.yaml index bcad9006d..116bb4b90 100755 --- a/queries/aws_config_rule_4.yaml +++ b/queries/aws_config_rule_4.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query Config Rules in AWS Config service. It provides + information about each Config Rule, including its name, ARN, description, scope, + and compliance status. ID: aws_config_rule_4 -Title: "Find AWS Config Rule Info Including Compliance Status" -Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(compliance_by_config_rule) as compliance_info - from - aws_config_rule - where - name = 'approved-amis-by-id'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n jsonb_pretty(compliance_by_config_rule) as compliance_info\n\ + from\n aws_config_rule\nwhere\n name = 'approved-amis-by-id';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Config +Title: Find AWS Config Rule Info Including Compliance Status diff --git a/queries/aws_config_rule_5.yaml b/queries/aws_config_rule_5.yaml index 7ad6603ea..56db163ac 100755 --- a/queries/aws_config_rule_5.yaml +++ b/queries/aws_config_rule_5.yaml @@ -1,26 +1,24 @@ +Description: Allows users to query Config Rules in AWS Config service. It provides + information about each Config Rule, including its name, ARN, description, scope, + and compliance status. ID: aws_config_rule_5 -Title: "Find Config Rules in AWS with Compliance Status" -Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as config_rule_name, - compliance_status -> 'Compliance' -> 'ComplianceType' as compliance_type - from - aws_config_rule, - jsonb_array_elements(compliance_by_config_rule) as compliance_status; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as config_rule_name,\n compliance_status -> 'Compliance'\ + \ -> 'ComplianceType' as compliance_type\nfrom\n aws_config_rule,\n jsonb_array_elements(compliance_by_config_rule)\ + \ as compliance_status;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Config +Title: Find Config Rules in AWS with Compliance Status diff --git a/queries/aws_config_rule_6.yaml b/queries/aws_config_rule_6.yaml index 75466eb58..7702019c3 100755 --- a/queries/aws_config_rule_6.yaml +++ b/queries/aws_config_rule_6.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query Config Rules in AWS Config service. It provides + information about each Config Rule, including its name, ARN, description, scope, + and compliance status. ID: aws_config_rule_6 -Title: "List all AWS Config Rules with Proactive Evaluation Mode" -Description: "Allows users to query Config Rules in AWS Config service. It provides information about each Config Rule, including its name, ARN, description, scope, and compliance status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as config_rule_name, - c ->> 'Mode' as evaluation_mode - from - aws_config_rule, - jsonb_array_elements(evaluation_modes) as c - where - c ->> 'Mode' = 'PROACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as config_rule_name,\n c ->> 'Mode' as evaluation_mode\n\ + from\n aws_config_rule,\n jsonb_array_elements(evaluation_modes) as c\nwhere\n\ + \ c ->> 'Mode' = 'PROACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Config Rules +Title: List all AWS Config Rules with Proactive Evaluation Mode diff --git a/queries/aws_cost_by_account_daily_1.yaml b/queries/aws_cost_by_account_daily_1.yaml index 727235bcb..3d8b36d4c 100755 --- a/queries/aws_cost_by_account_daily_1.yaml +++ b/queries/aws_cost_by_account_daily_1.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query daily AWS costs by account. This table provides + an overview of AWS usage and cost data for each AWS account on a daily basis. ID: aws_cost_by_account_daily_1 -Title: "Find AWS Cost and Usage By Account Daily" -Description: "Allows users to query daily AWS costs by account. This table provides an overview of AWS usage and cost data for each AWS account on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_account_daily - order by - linked_account_id, - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n linked_account_id,\n period_start,\n blended_cost_amount::numeric::money,\n\ + \ unblended_cost_amount::numeric::money,\n amortized_cost_amount::numeric::money,\n\ + \ net_unblended_cost_amount::numeric::money,\n net_amortized_cost_amount::numeric::money\n\ + from \n aws_cost_by_account_daily\norder by\n linked_account_id,\n period_start;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: Find AWS Cost and Usage By Account Daily diff --git a/queries/aws_cost_by_account_daily_2.yaml b/queries/aws_cost_by_account_daily_2.yaml index feb10789e..ed1912865 100755 --- a/queries/aws_cost_by_account_daily_2.yaml +++ b/queries/aws_cost_by_account_daily_2.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query daily AWS costs by account. This table provides + an overview of AWS usage and cost data for each AWS account on a daily basis. ID: aws_cost_by_account_daily_2 -Title: "List AWS Daily Costs by Account Overview with SQL" -Description: "Allows users to query daily AWS costs by account. This table provides an overview of AWS usage and cost data for each AWS account on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_account_daily - group by - linked_account_id - order by - linked_account_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n linked_account_id,\n min(unblended_cost_amount)::numeric::money\ + \ as min,\n max(unblended_cost_amount)::numeric::money as max,\n avg(unblended_cost_amount)::numeric::money\ + \ as average\nfrom \n aws_cost_by_account_daily\ngroup by\n linked_account_id\n\ + order by\n linked_account_id;" Tags: cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cost Explorer +Title: List AWS Daily Costs by Account Overview with SQL diff --git a/queries/aws_cost_by_account_daily_3.yaml b/queries/aws_cost_by_account_daily_3.yaml index 1629e2de9..3003ad7e4 100755 --- a/queries/aws_cost_by_account_daily_3.yaml +++ b/queries/aws_cost_by_account_daily_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query daily AWS costs by account. This table provides + an overview of AWS usage and cost data for each AWS account on a daily basis. ID: aws_cost_by_account_daily_3 -Title: "Find Daily AWS Costs by Account" -Description: "Allows users to query daily AWS costs by account. This table provides an overview of AWS usage and cost data for each AWS account on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with ranked_costs as ( - select - linked_account_id, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by linked_account_id order by unblended_cost_amount desc) - from - aws_cost_by_account_daily - ) - select * from ranked_costs where rank <= 10; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with ranked_costs as (\n select\n linked_account_id,\n period_start,\n\ + \ unblended_cost_amount::numeric::money,\n rank() over(partition by linked_account_id\ + \ order by unblended_cost_amount desc)\n from \n aws_cost_by_account_daily\n\ + )\nselect * from ranked_costs where rank <= 10;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: Find Daily AWS Costs by Account diff --git a/queries/aws_cost_by_account_monthly_1.yaml b/queries/aws_cost_by_account_monthly_1.yaml index 7f8c2d29b..00137ba32 100755 --- a/queries/aws_cost_by_account_monthly_1.yaml +++ b/queries/aws_cost_by_account_monthly_1.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query monthly AWS costs per account. It provides cost + details for each AWS account, allowing users to monitor and manage their AWS spending. ID: aws_cost_by_account_monthly_1 -Title: "List AWS Monthly Costs Per Account Using AWS Cost Explorer" -Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_account_monthly - order by - linked_account_id, - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n linked_account_id,\n period_start,\n blended_cost_amount::numeric::money,\n\ + \ unblended_cost_amount::numeric::money,\n amortized_cost_amount::numeric::money,\n\ + \ net_unblended_cost_amount::numeric::money,\n net_amortized_cost_amount::numeric::money\n\ + from \n aws_cost_by_account_monthly\norder by\n linked_account_id,\n period_start;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cost Explorer +Title: List AWS Monthly Costs Per Account Using AWS Cost Explorer diff --git a/queries/aws_cost_by_account_monthly_2.yaml b/queries/aws_cost_by_account_monthly_2.yaml index edafff324..21fcdae71 100755 --- a/queries/aws_cost_by_account_monthly_2.yaml +++ b/queries/aws_cost_by_account_monthly_2.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query monthly AWS costs per account. It provides cost + details for each AWS account, allowing users to monitor and manage their AWS spending. ID: aws_cost_by_account_monthly_2 -Title: "Find Monthly AWS Costs Per Account" -Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_account_monthly - group by - linked_account_id - order by - linked_account_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n linked_account_id,\n min(unblended_cost_amount)::numeric::money\ + \ as min,\n max(unblended_cost_amount)::numeric::money as max,\n avg(unblended_cost_amount)::numeric::money\ + \ as average\nfrom \n aws_cost_by_account_monthly\ngroup by\n linked_account_id\n\ + order by\n linked_account_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: Find Monthly AWS Costs Per Account diff --git a/queries/aws_cost_by_account_monthly_3.yaml b/queries/aws_cost_by_account_monthly_3.yaml index 78a04f1bc..a7354ae5f 100755 --- a/queries/aws_cost_by_account_monthly_3.yaml +++ b/queries/aws_cost_by_account_monthly_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query monthly AWS costs per account. It provides cost + details for each AWS account, allowing users to monitor and manage their AWS spending. ID: aws_cost_by_account_monthly_3 -Title: "List all Monthly AWS Costs Per Account" -Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by linked_account_id order by unblended_cost_amount desc) - from - aws_cost_by_account_monthly; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n linked_account_id,\n period_start,\n unblended_cost_amount::numeric::money,\n\ + \ rank() over(partition by linked_account_id order by unblended_cost_amount desc)\n\ + from \n aws_cost_by_account_monthly;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer Service +Title: List all Monthly AWS Costs Per Account diff --git a/queries/aws_cost_by_account_monthly_4.yaml b/queries/aws_cost_by_account_monthly_4.yaml index 99cae2cb2..d4d00bd12 100755 --- a/queries/aws_cost_by_account_monthly_4.yaml +++ b/queries/aws_cost_by_account_monthly_4.yaml @@ -1,40 +1,27 @@ +Description: Allows users to query monthly AWS costs per account. It provides cost + details for each AWS account, allowing users to monitor and manage their AWS spending. ID: aws_cost_by_account_monthly_4 -Title: "Find AWS Monthly Cost Per Account for Management" -Description: "Allows users to query monthly AWS costs per account. It provides cost details for each AWS account, allowing users to monitor and manage their AWS spending." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with cost_data as ( - select - linked_account_id, - period_start, - unblended_cost_amount as this_month, - lag(unblended_cost_amount,-1) over(partition by linked_account_id order by period_start desc) as previous_month - from - aws_cost_by_account_monthly - ) - select - linked_account_id, - period_start, - this_month::numeric::money, - previous_month::numeric::money, - round((100 * ( (this_month - previous_month) / previous_month))::numeric, 2) as percent_change - from - cost_data - order by - linked_account_id, - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with cost_data as (\n select\n linked_account_id,\n period_start,\n\ + \ unblended_cost_amount as this_month,\n lag(unblended_cost_amount,-1) over(partition\ + \ by linked_account_id order by period_start desc) as previous_month\n from \n\ + \ aws_cost_by_account_monthly\n)\nselect\n linked_account_id,\n period_start,\n\ + \ this_month::numeric::money,\n previous_month::numeric::money,\n round((100\ + \ * ( (this_month - previous_month) / previous_month))::numeric, 2) as percent_change\n\ + from\n cost_data\norder by\n linked_account_id,\n period_start;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: Find AWS Monthly Cost Per Account for Management diff --git a/queries/aws_cost_by_record_type_daily_1.yaml b/queries/aws_cost_by_record_type_daily_1.yaml index 0b805d12d..b8c411359 100755 --- a/queries/aws_cost_by_record_type_daily_1.yaml +++ b/queries/aws_cost_by_record_type_daily_1.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query daily AWS cost data by record type. This table + provides information about AWS costs incurred per record type on a daily basis. ID: aws_cost_by_record_type_daily_1 -Title: "List Daily AWS Cost Data by Record Type" -Description: "Allows users to query daily AWS cost data by record type. This table provides information about AWS costs incurred per record type on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - record_type, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_record_type_daily - order by - linked_account_id, - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n linked_account_id,\n record_type,\n period_start,\n\ + \ blended_cost_amount::numeric::money,\n unblended_cost_amount::numeric::money,\n\ + \ amortized_cost_amount::numeric::money,\n net_unblended_cost_amount::numeric::money,\n\ + \ net_amortized_cost_amount::numeric::money\nfrom \n aws_cost_by_record_type_daily\n\ + order by\n linked_account_id,\n period_start;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cost and Usage Report +Title: List Daily AWS Cost Data by Record Type diff --git a/queries/aws_cost_by_record_type_daily_2.yaml b/queries/aws_cost_by_record_type_daily_2.yaml index f0dfa419e..86a5257f2 100755 --- a/queries/aws_cost_by_record_type_daily_2.yaml +++ b/queries/aws_cost_by_record_type_daily_2.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query daily AWS cost data by record type. This table + provides information about AWS costs incurred per record type on a daily basis. ID: aws_cost_by_record_type_daily_2 -Title: "List all AWS costs by record type on a daily basis" -Description: "Allows users to query daily AWS cost data by record type. This table provides information about AWS costs incurred per record type on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - record_type, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_record_type_daily - group by - linked_account_id, - record_type - order by - linked_account_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n linked_account_id,\n record_type,\n min(unblended_cost_amount)::numeric::money\ + \ as min,\n max(unblended_cost_amount)::numeric::money as max,\n avg(unblended_cost_amount)::numeric::money\ + \ as average\nfrom \n aws_cost_by_record_type_daily\ngroup by\n linked_account_id,\n\ + \ record_type\norder by\n linked_account_id;" Tags: cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost and Usage Report +Title: List all AWS costs by record type on a daily basis diff --git a/queries/aws_cost_by_record_type_daily_3.yaml b/queries/aws_cost_by_record_type_daily_3.yaml index 36cb321d4..11831f95d 100755 --- a/queries/aws_cost_by_record_type_daily_3.yaml +++ b/queries/aws_cost_by_record_type_daily_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query daily AWS cost data by record type. This table + provides information about AWS costs incurred per record type on a daily basis. ID: aws_cost_by_record_type_daily_3 -Title: "List All Daily AWS Costs by Record Type" -Description: "Allows users to query daily AWS cost data by record type. This table provides information about AWS costs incurred per record type on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with ranked_costs as ( - select - linked_account_id, - record_type, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by linked_account_id, record_type order by unblended_cost_amount desc) - from - aws_cost_by_record_type_daily - ) - select * from ranked_costs where rank <= 10; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with ranked_costs as (\n select\n linked_account_id,\n record_type,\n\ + \ period_start,\n unblended_cost_amount::numeric::money,\n rank() over(partition\ + \ by linked_account_id, record_type order by unblended_cost_amount desc)\n from\ + \ \n aws_cost_by_record_type_daily\n)\nselect * from ranked_costs where rank\ + \ <= 10;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost and Usage Report +Title: List All Daily AWS Costs by Record Type diff --git a/queries/aws_cost_by_record_type_monthly_1.yaml b/queries/aws_cost_by_record_type_monthly_1.yaml index 5ef3071dc..cd3f4ea87 100755 --- a/queries/aws_cost_by_record_type_monthly_1.yaml +++ b/queries/aws_cost_by_record_type_monthly_1.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS Cost and Usage Report Records on a monthly + basis. ID: aws_cost_by_record_type_monthly_1 -Title: "Find AWS Cost and Usage Report Records Monthly" -Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - record_type, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_record_type_monthly - order by - linked_account_id, - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n linked_account_id,\n record_type,\n period_start,\n\ + \ blended_cost_amount::numeric::money,\n unblended_cost_amount::numeric::money,\n\ + \ amortized_cost_amount::numeric::money,\n net_unblended_cost_amount::numeric::money,\n\ + \ net_amortized_cost_amount::numeric::money\nfrom \n aws_cost_by_record_type_monthly\n\ + order by\n linked_account_id,\n period_start;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost and Usage Report +Title: Find AWS Cost and Usage Report Records Monthly diff --git a/queries/aws_cost_by_record_type_monthly_2.yaml b/queries/aws_cost_by_record_type_monthly_2.yaml index 563ea6226..6094e23cc 100755 --- a/queries/aws_cost_by_record_type_monthly_2.yaml +++ b/queries/aws_cost_by_record_type_monthly_2.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS Cost and Usage Report Records on a monthly + basis. ID: aws_cost_by_record_type_monthly_2 -Title: "Find AWS Monthly Cost and Usage Report Records" -Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - record_type, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_record_type_monthly - group by - linked_account_id, - record_type - order by - linked_account_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n linked_account_id,\n record_type,\n min(unblended_cost_amount)::numeric::money\ + \ as min,\n max(unblended_cost_amount)::numeric::money as max,\n avg(unblended_cost_amount)::numeric::money\ + \ as average\nfrom \n aws_cost_by_record_type_monthly\ngroup by\n linked_account_id,\n\ + \ record_type\norder by\n linked_account_id;" Tags: cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost and Usage Report +Title: Find AWS Monthly Cost and Usage Report Records diff --git a/queries/aws_cost_by_record_type_monthly_3.yaml b/queries/aws_cost_by_record_type_monthly_3.yaml index 15af52a83..b2d6d9ce2 100755 --- a/queries/aws_cost_by_record_type_monthly_3.yaml +++ b/queries/aws_cost_by_record_type_monthly_3.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Cost and Usage Report Records on a monthly + basis. ID: aws_cost_by_record_type_monthly_3 -Title: "List AWS Cost and Usage Report Records Monthly" -Description: "Allows users to query AWS Cost and Usage Report Records on a monthly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - linked_account_id, - record_type, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by linked_account_id, record_type order by unblended_cost_amount desc) - from - aws_cost_by_record_type_monthly; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n linked_account_id,\n record_type,\n period_start,\n\ + \ unblended_cost_amount::numeric::money,\n rank() over(partition by linked_account_id,\ + \ record_type order by unblended_cost_amount desc)\nfrom \n aws_cost_by_record_type_monthly;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost and Usage Report +Title: List AWS Cost and Usage Report Records Monthly diff --git a/queries/aws_cost_by_service_daily_1.yaml b/queries/aws_cost_by_service_daily_1.yaml index 89b61dce7..1b3f480e4 100755 --- a/queries/aws_cost_by_service_daily_1.yaml +++ b/queries/aws_cost_by_service_daily_1.yaml @@ -1,35 +1,26 @@ +Description: Allows users to query AWS Cost Explorer to retrieve daily cost breakdown + by AWS service. ID: aws_cost_by_service_daily_1 -Title: "List all Daily AWS Costs by Service" -Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_service_daily - order by - service, - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n period_start,\n blended_cost_amount::numeric::money,\n\ + \ unblended_cost_amount::numeric::money,\n amortized_cost_amount::numeric::money,\n\ + \ net_unblended_cost_amount::numeric::money,\n net_amortized_cost_amount::numeric::money\n\ + from \n aws_cost_by_service_daily\norder by\n service,\n period_start;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: List all Daily AWS Costs by Service diff --git a/queries/aws_cost_by_service_daily_2.yaml b/queries/aws_cost_by_service_daily_2.yaml index 16801aaab..67e3a8746 100755 --- a/queries/aws_cost_by_service_daily_2.yaml +++ b/queries/aws_cost_by_service_daily_2.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Cost Explorer to retrieve daily cost breakdown + by AWS service. ID: aws_cost_by_service_daily_2 -Title: "List AWS Cost Explorer Daily Service Cost Breakdown" -Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_daily - group by - service - order by - service; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n min(unblended_cost_amount)::numeric::money\ + \ as min,\n max(unblended_cost_amount)::numeric::money as max,\n avg(unblended_cost_amount)::numeric::money\ + \ as average\nfrom \n aws_cost_by_service_daily\ngroup by\n service\norder by\n\ + \ service;" Tags: cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cost Explorer +Title: List AWS Cost Explorer Daily Service Cost Breakdown diff --git a/queries/aws_cost_by_service_daily_3.yaml b/queries/aws_cost_by_service_daily_3.yaml index 7ed0cd757..c5a05b163 100755 --- a/queries/aws_cost_by_service_daily_3.yaml +++ b/queries/aws_cost_by_service_daily_3.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query AWS Cost Explorer to retrieve daily cost breakdown + by AWS service. ID: aws_cost_by_service_daily_3 -Title: "Find daily cost breakdown by AWS service" -Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_daily - group by - service - order by - average desc - limit 10; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n sum(unblended_cost_amount)::numeric::money\ + \ as sum,\n avg(unblended_cost_amount)::numeric::money as average\nfrom \n aws_cost_by_service_daily\n\ + group by\n service\norder by\n average desc\nlimit 10;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cost Explorer +Title: Find daily cost breakdown by AWS service diff --git a/queries/aws_cost_by_service_daily_4.yaml b/queries/aws_cost_by_service_daily_4.yaml index de8908a04..e8883bac0 100755 --- a/queries/aws_cost_by_service_daily_4.yaml +++ b/queries/aws_cost_by_service_daily_4.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Cost Explorer to retrieve daily cost breakdown + by AWS service. ID: aws_cost_by_service_daily_4 -Title: "List all AWS Cost Breakdown by Service" -Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_daily - group by - service - order by - sum desc - limit 10; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n sum(unblended_cost_amount)::numeric::money\ + \ as sum,\n avg(unblended_cost_amount)::numeric::money as average\nfrom \n aws_cost_by_service_daily\n\ + group by\n service\norder by\n sum desc\nlimit 10;" Tags: cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: List all AWS Cost Breakdown by Service diff --git a/queries/aws_cost_by_service_daily_5.yaml b/queries/aws_cost_by_service_daily_5.yaml index 8a6d1377e..0e95516c4 100755 --- a/queries/aws_cost_by_service_daily_5.yaml +++ b/queries/aws_cost_by_service_daily_5.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Cost Explorer to retrieve daily cost breakdown + by AWS service. ID: aws_cost_by_service_daily_5 -Title: "Find Top 10 AWS Daily Costs by Service" -Description: "Allows users to query AWS Cost Explorer to retrieve daily cost breakdown by AWS service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with ranked_costs as ( - select - service, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by service order by unblended_cost_amount desc) - from - aws_cost_by_service_daily - ) - select * from ranked_costs where rank <= 10; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with ranked_costs as (\n select\n service,\n period_start,\n\ + \ unblended_cost_amount::numeric::money,\n rank() over(partition by service\ + \ order by unblended_cost_amount desc)\n from \n aws_cost_by_service_daily\n\ + )\nselect * from ranked_costs where rank <= 10;" Tags: cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: Find Top 10 AWS Daily Costs by Service diff --git a/queries/aws_cost_by_service_monthly_1.yaml b/queries/aws_cost_by_service_monthly_1.yaml index ce6bbfd04..547fd4a52 100755 --- a/queries/aws_cost_by_service_monthly_1.yaml +++ b/queries/aws_cost_by_service_monthly_1.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query AWS Cost Explorer Service for monthly cost breakdown + by service. This table provides details such as the service name, the cost associated + with it, and the currency code. ID: aws_cost_by_service_monthly_1 -Title: "List AWS monthly cost breakdown by service" -Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_service_monthly - order by - service, - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n period_start,\n blended_cost_amount::numeric::money,\n\ + \ unblended_cost_amount::numeric::money,\n amortized_cost_amount::numeric::money,\n\ + \ net_unblended_cost_amount::numeric::money,\n net_amortized_cost_amount::numeric::money\n\ + from \n aws_cost_by_service_monthly\norder by\n service,\n period_start;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cost Explorer Service +Title: List AWS monthly cost breakdown by service diff --git a/queries/aws_cost_by_service_monthly_2.yaml b/queries/aws_cost_by_service_monthly_2.yaml index 2a06ec47c..816e6154f 100755 --- a/queries/aws_cost_by_service_monthly_2.yaml +++ b/queries/aws_cost_by_service_monthly_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Cost Explorer Service for monthly cost breakdown + by service. This table provides details such as the service name, the cost associated + with it, and the currency code. ID: aws_cost_by_service_monthly_2 -Title: "List AWS Monthly Cost Breakdown by Service" -Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_monthly - group by - service - order by - service; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n min(unblended_cost_amount)::numeric::money\ + \ as min,\n max(unblended_cost_amount)::numeric::money as max,\n avg(unblended_cost_amount)::numeric::money\ + \ as average\nfrom \n aws_cost_by_service_monthly\ngroup by\n service\norder\ + \ by\n service;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cost Explorer +Title: List AWS Monthly Cost Breakdown by Service diff --git a/queries/aws_cost_by_service_monthly_3.yaml b/queries/aws_cost_by_service_monthly_3.yaml index 907771a14..a57572581 100755 --- a/queries/aws_cost_by_service_monthly_3.yaml +++ b/queries/aws_cost_by_service_monthly_3.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Cost Explorer Service for monthly cost breakdown + by service. This table provides details such as the service name, the cost associated + with it, and the currency code. ID: aws_cost_by_service_monthly_3 -Title: "Find AWS Monthly Cost Breakdown by Service" -Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_monthly - group by - service - order by - average desc - limit 10; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n sum(unblended_cost_amount)::numeric::money\ + \ as sum,\n avg(unblended_cost_amount)::numeric::money as average\nfrom \n aws_cost_by_service_monthly\n\ + group by\n service\norder by\n average desc\nlimit 10;" Tags: cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cost Explorer Service +Title: Find AWS Monthly Cost Breakdown by Service diff --git a/queries/aws_cost_by_service_monthly_4.yaml b/queries/aws_cost_by_service_monthly_4.yaml index 47888b211..dd457721a 100755 --- a/queries/aws_cost_by_service_monthly_4.yaml +++ b/queries/aws_cost_by_service_monthly_4.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Cost Explorer Service for monthly cost breakdown + by service. This table provides details such as the service name, the cost associated + with it, and the currency code. ID: aws_cost_by_service_monthly_4 -Title: "List all AWS monthly cost breakdown by service" -Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_monthly - group by - service - order by - sum desc - limit 10; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n sum(unblended_cost_amount)::numeric::money\ + \ as sum,\n avg(unblended_cost_amount)::numeric::money as average\nfrom \n aws_cost_by_service_monthly\n\ + group by\n service\norder by\n sum desc\nlimit 10;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: List all AWS monthly cost breakdown by service diff --git a/queries/aws_cost_by_service_monthly_5.yaml b/queries/aws_cost_by_service_monthly_5.yaml index 2f487204f..09fcaebb0 100755 --- a/queries/aws_cost_by_service_monthly_5.yaml +++ b/queries/aws_cost_by_service_monthly_5.yaml @@ -1,32 +1,27 @@ +Description: Allows users to query AWS Cost Explorer Service for monthly cost breakdown + by service. This table provides details such as the service name, the cost associated + with it, and the currency code. ID: aws_cost_by_service_monthly_5 -Title: "List all AWS monthly cost breakdowns by service" -Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with ranked_costs as ( - select - service, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by service order by unblended_cost_amount desc) - from - aws_cost_by_service_monthly - ) - select * from ranked_costs where rank = 1; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with ranked_costs as (\n select\n service,\n period_start,\n\ + \ unblended_cost_amount::numeric::money,\n rank() over(partition by service\ + \ order by unblended_cost_amount desc)\n from \n aws_cost_by_service_monthly\n\ + )\nselect * from ranked_costs where rank = 1;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: List all AWS monthly cost breakdowns by service diff --git a/queries/aws_cost_by_service_monthly_6.yaml b/queries/aws_cost_by_service_monthly_6.yaml index cfe8fce76..f7695d8ef 100755 --- a/queries/aws_cost_by_service_monthly_6.yaml +++ b/queries/aws_cost_by_service_monthly_6.yaml @@ -1,42 +1,27 @@ +Description: Allows users to query AWS Cost Explorer Service for monthly cost breakdown + by service. This table provides details such as the service name, the cost associated + with it, and the currency code. ID: aws_cost_by_service_monthly_6 -Title: "List AWS Monthly Cost Breakdown by Service" -Description: "Allows users to query AWS Cost Explorer Service for monthly cost breakdown by service. This table provides details such as the service name, the cost associated with it, and the currency code." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with cost_data as ( - select - service, - period_start, - unblended_cost_amount as this_month, - lag(unblended_cost_amount,-1) over(partition by service order by period_start desc) as previous_month - from - aws_cost_by_service_monthly - ) - select - service, - period_start, - this_month::numeric::money, - previous_month::numeric::money, - case - when previous_month = 0 and this_month = 0 then 0 - when previous_month = 0 then 999 - else round((100 * ( (this_month - previous_month) / previous_month))::numeric, 2) - end as percent_change - from - cost_data - order by - service, - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with cost_data as (\n select\n service,\n period_start,\n\ + \ unblended_cost_amount as this_month,\n lag(unblended_cost_amount,-1) over(partition\ + \ by service order by period_start desc) as previous_month\n from \n aws_cost_by_service_monthly\n\ + )\nselect\n service,\n period_start,\n this_month::numeric::money,\n\ + \ previous_month::numeric::money,\n case \n when previous_month = 0\ + \ and this_month = 0 then 0\n when previous_month = 0 then 999\n else\ + \ round((100 * ( (this_month - previous_month) / previous_month))::numeric, 2)\ + \ \n end as percent_change\nfrom\n cost_data\norder by\n service,\n period_start;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cost Explorer +Title: List AWS Monthly Cost Breakdown by Service diff --git a/queries/aws_cost_by_service_usage_type_daily_1.yaml b/queries/aws_cost_by_service_usage_type_daily_1.yaml index 89826ccce..f715acc1b 100755 --- a/queries/aws_cost_by_service_usage_type_daily_1.yaml +++ b/queries/aws_cost_by_service_usage_type_daily_1.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS Cost Explorer Service daily usage type to fetch + detailed data about AWS service usage and costs. ID: aws_cost_by_service_usage_type_daily_1 -Title: "Find daily AWS Cost Explorer Service usage and costs" -Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_service_usage_type_daily - order by - service, - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n usage_type,\n period_start,\n blended_cost_amount::numeric::money,\n\ + \ unblended_cost_amount::numeric::money,\n amortized_cost_amount::numeric::money,\n\ + \ net_unblended_cost_amount::numeric::money,\n net_amortized_cost_amount::numeric::money\n\ + from \n aws_cost_by_service_usage_type_daily\norder by\n service,\n period_start;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: Find daily AWS Cost Explorer Service usage and costs diff --git a/queries/aws_cost_by_service_usage_type_daily_2.yaml b/queries/aws_cost_by_service_usage_type_daily_2.yaml index 1737333ca..427fd3a51 100755 --- a/queries/aws_cost_by_service_usage_type_daily_2.yaml +++ b/queries/aws_cost_by_service_usage_type_daily_2.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS Cost Explorer Service daily usage type to fetch + detailed data about AWS service usage and costs. ID: aws_cost_by_service_usage_type_daily_2 -Title: "List all AWS service usage and costs by usage type" -Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_usage_type_daily - group by - service, - usage_type - order by - service, - usage_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n usage_type,\n min(unblended_cost_amount)::numeric::money\ + \ as min,\n max(unblended_cost_amount)::numeric::money as max,\n avg(unblended_cost_amount)::numeric::money\ + \ as average\nfrom \n aws_cost_by_service_usage_type_daily\ngroup by\n service,\n\ + \ usage_type\norder by\n service,\n usage_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer Service +Title: List all AWS service usage and costs by usage type diff --git a/queries/aws_cost_by_service_usage_type_daily_3.yaml b/queries/aws_cost_by_service_usage_type_daily_3.yaml index ba58deccc..cb5fa7491 100755 --- a/queries/aws_cost_by_service_usage_type_daily_3.yaml +++ b/queries/aws_cost_by_service_usage_type_daily_3.yaml @@ -1,25 +1,15 @@ +Description: Allows users to query AWS Cost Explorer Service daily usage type to fetch + detailed data about AWS service usage and costs. ID: aws_cost_by_service_usage_type_daily_3 -Title: "" -Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_usage_type_daily - group by - service, - usage_type - order by - average desc - limit 10; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n usage_type,\n sum(unblended_cost_amount)::numeric::money\ + \ as sum,\n avg(unblended_cost_amount)::numeric::money as average\nfrom \n aws_cost_by_service_usage_type_daily\n\ + group by\n service,\n usage_type\norder by\n average desc\nlimit 10;" Tags: {} +Title: '' diff --git a/queries/aws_cost_by_service_usage_type_daily_4.yaml b/queries/aws_cost_by_service_usage_type_daily_4.yaml index 15cf40c64..38a7653d6 100755 --- a/queries/aws_cost_by_service_usage_type_daily_4.yaml +++ b/queries/aws_cost_by_service_usage_type_daily_4.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query AWS Cost Explorer Service daily usage type to fetch + detailed data about AWS service usage and costs. ID: aws_cost_by_service_usage_type_daily_4 -Title: "List AWS Daily Service Usage and Costs" -Description: "Allows users to query AWS Cost Explorer Service daily usage type to fetch detailed data about AWS service usage and costs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_usage_type_daily - group by - service, - usage_type - order by - sum desc - limit 10; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n usage_type,\n sum(unblended_cost_amount)::numeric::money\ + \ as sum,\n avg(unblended_cost_amount)::numeric::money as average\nfrom \n aws_cost_by_service_usage_type_daily\n\ + group by\n service,\n usage_type\norder by\n sum desc\nlimit 10;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: List AWS Daily Service Usage and Costs diff --git a/queries/aws_cost_by_service_usage_type_monthly_1.yaml b/queries/aws_cost_by_service_usage_type_monthly_1.yaml index 90212e231..fbd85a168 100755 --- a/queries/aws_cost_by_service_usage_type_monthly_1.yaml +++ b/queries/aws_cost_by_service_usage_type_monthly_1.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS Cost Explorer Service to get detailed cost + data per service and usage type on a monthly basis. ID: aws_cost_by_service_usage_type_monthly_1 -Title: "Find AWS Monthly Cost by Service and Usage Type" -Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_service_usage_type_monthly - order by - service, - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n usage_type,\n period_start,\n blended_cost_amount::numeric::money,\n\ + \ unblended_cost_amount::numeric::money,\n amortized_cost_amount::numeric::money,\n\ + \ net_unblended_cost_amount::numeric::money,\n net_amortized_cost_amount::numeric::money\n\ + from \n aws_cost_by_service_usage_type_monthly\norder by\n service,\n period_start;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: Find AWS Monthly Cost by Service and Usage Type diff --git a/queries/aws_cost_by_service_usage_type_monthly_2.yaml b/queries/aws_cost_by_service_usage_type_monthly_2.yaml index db83f3d94..6d17a120a 100755 --- a/queries/aws_cost_by_service_usage_type_monthly_2.yaml +++ b/queries/aws_cost_by_service_usage_type_monthly_2.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS Cost Explorer Service to get detailed cost + data per service and usage type on a monthly basis. ID: aws_cost_by_service_usage_type_monthly_2 -Title: "Query AWS Cost Explorer for Service & Usage Monthly" -Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_usage_type_monthly - group by - service, - usage_type - order by - service, - usage_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n usage_type,\n min(unblended_cost_amount)::numeric::money\ + \ as min,\n max(unblended_cost_amount)::numeric::money as max,\n avg(unblended_cost_amount)::numeric::money\ + \ as average\nfrom \n aws_cost_by_service_usage_type_monthly\ngroup by\n service,\n\ + \ usage_type\norder by\n service,\n usage_type;" Tags: cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cost Explorer +Title: Query AWS Cost Explorer for Service & Usage Monthly diff --git a/queries/aws_cost_by_service_usage_type_monthly_3.yaml b/queries/aws_cost_by_service_usage_type_monthly_3.yaml index 3a693c136..63fc34d94 100755 --- a/queries/aws_cost_by_service_usage_type_monthly_3.yaml +++ b/queries/aws_cost_by_service_usage_type_monthly_3.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query AWS Cost Explorer Service to get detailed cost + data per service and usage type on a monthly basis. ID: aws_cost_by_service_usage_type_monthly_3 -Title: "Find AWS Cost by Service and Usage Type Monthly" -Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_usage_type_monthly - group by - service, - usage_type - order by - average desc - limit 10; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n usage_type,\n sum(unblended_cost_amount)::numeric::money\ + \ as sum,\n avg(unblended_cost_amount)::numeric::money as average\nfrom \n aws_cost_by_service_usage_type_monthly\n\ + group by\n service,\n usage_type\norder by\n average desc\nlimit 10;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: Find AWS Cost by Service and Usage Type Monthly diff --git a/queries/aws_cost_by_service_usage_type_monthly_4.yaml b/queries/aws_cost_by_service_usage_type_monthly_4.yaml index 0d2cce471..fc283bdeb 100755 --- a/queries/aws_cost_by_service_usage_type_monthly_4.yaml +++ b/queries/aws_cost_by_service_usage_type_monthly_4.yaml @@ -1,33 +1,23 @@ +Description: Allows users to query AWS Cost Explorer Service to get detailed cost + data per service and usage type on a monthly basis. ID: aws_cost_by_service_usage_type_monthly_4 -Title: "List all AWS Cost per Service and Usage Type Monthly" -Description: "Allows users to query AWS Cost Explorer Service to get detailed cost data per service and usage type on a monthly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - usage_type, - sum(unblended_cost_amount)::numeric::money as sum, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_service_usage_type_monthly - group by - service, - usage_type - order by - sum desc - limit 10; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n usage_type,\n sum(unblended_cost_amount)::numeric::money\ + \ as sum,\n avg(unblended_cost_amount)::numeric::money as average\nfrom \n aws_cost_by_service_usage_type_monthly\n\ + group by\n service,\n usage_type\norder by\n sum desc\nlimit 10;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: List all AWS Cost per Service and Usage Type Monthly diff --git a/queries/aws_cost_by_tag_1.yaml b/queries/aws_cost_by_tag_1.yaml index 2b0c7b800..e6fce34b7 100755 --- a/queries/aws_cost_by_tag_1.yaml +++ b/queries/aws_cost_by_tag_1.yaml @@ -1,27 +1,16 @@ +Description: Allows users to query AWS Cost Explorer to obtain cost allocation tags + and associated costs. ID: aws_cost_by_tag_1 -Title: "Find all AWS Cost Allocation Tags and Associated Costs" -Description: "Allows users to query AWS Cost Explorer to obtain cost allocation tags and associated costs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - tag_key_1, - tag_value_1, - period_start, - blended_cost_amount::numeric::money, - unblended_cost_amount::numeric::money, - amortized_cost_amount::numeric::money, - net_unblended_cost_amount::numeric::money, - net_amortized_cost_amount::numeric::money - from - aws_cost_by_tag - where - granularity = 'DAILY' - and - tag_key_1 = 'Name'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n tag_key_1,\n tag_value_1,\n period_start,\n blended_cost_amount::numeric::money,\n\ + \ unblended_cost_amount::numeric::money,\n amortized_cost_amount::numeric::money,\n\ + \ net_unblended_cost_amount::numeric::money,\n net_amortized_cost_amount::numeric::money\n\ + from\n aws_cost_by_tag\nwhere\n granularity = 'DAILY'\nand\n tag_key_1 = 'Name';" Tags: {} +Title: Find all AWS Cost Allocation Tags and Associated Costs diff --git a/queries/aws_cost_by_tag_2.yaml b/queries/aws_cost_by_tag_2.yaml index df111b1e8..3abece3d1 100755 --- a/queries/aws_cost_by_tag_2.yaml +++ b/queries/aws_cost_by_tag_2.yaml @@ -1,30 +1,20 @@ +Description: Allows users to query AWS Cost Explorer to obtain cost allocation tags + and associated costs. ID: aws_cost_by_tag_2 -Title: "Find AWS Cost Explorer Tag Allocations and Costs" -Description: "Allows users to query AWS Cost Explorer to obtain cost allocation tags and associated costs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - tag_key_1, - tag_value_1, - min(unblended_cost_amount)::numeric::money as min, - max(unblended_cost_amount)::numeric::money as max, - avg(unblended_cost_amount)::numeric::money as average - from - aws_cost_by_tag - where - granularity = 'DAILY' - and - tag_key_1 = 'Name' - group by - tag_key_1, tag_value_1; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n tag_key_1,\n tag_value_1,\n min(unblended_cost_amount)::numeric::money\ + \ as min,\n max(unblended_cost_amount)::numeric::money as max,\n avg(unblended_cost_amount)::numeric::money\ + \ as average\nfrom\n aws_cost_by_tag\nwhere\n granularity = 'DAILY'\nand\n \ + \ tag_key_1 = 'Name'\ngroup by\n tag_key_1, tag_value_1;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws +Title: Find AWS Cost Explorer Tag Allocations and Costs diff --git a/queries/aws_cost_by_tag_3.yaml b/queries/aws_cost_by_tag_3.yaml index a786db215..ea73c89a8 100755 --- a/queries/aws_cost_by_tag_3.yaml +++ b/queries/aws_cost_by_tag_3.yaml @@ -1,42 +1,25 @@ +Description: Allows users to query AWS Cost Explorer to obtain cost allocation tags + and associated costs. ID: aws_cost_by_tag_3 -Title: "List Top 10 AWS Costs by Tag Using SQL" -Description: "Allows users to query AWS Cost Explorer to obtain cost allocation tags and associated costs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with ranked_costs as - ( - select - tag_key_1, - tag_value_1, - period_start, - unblended_cost_amount::numeric::money, - rank() over(partition by tag_key_1 - order by - unblended_cost_amount desc) - from - aws_cost_by_tag - where - granularity = 'DAILY' - and tag_key_1 = 'Name' - ) - select - * - from - ranked_costs - where - rank <= 10; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with ranked_costs as\n(\n select\n tag_key_1,\n tag_value_1,\n\ + \ period_start,\n unblended_cost_amount::numeric::money,\n rank() over(partition\ + \ by tag_key_1\n order by\n unblended_cost_amount desc)\n from\n aws_cost_by_tag\n\ + \ where\n granularity = 'DAILY'\n and tag_key_1 = 'Name'\n)\nselect\n \ + \ *\nfrom\n ranked_costs\nwhere\n rank <= 10;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: List Top 10 AWS Costs by Tag Using SQL diff --git a/queries/aws_cost_forecast_daily_1.yaml b/queries/aws_cost_forecast_daily_1.yaml index 8ef665623..1e0d8e3e4 100755 --- a/queries/aws_cost_forecast_daily_1.yaml +++ b/queries/aws_cost_forecast_daily_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Cost Explorer''s daily cost forecast data, + providing insights into projected daily costs based on historical data. ID: aws_cost_forecast_daily_1 -Title: "Find Daily Cost Forecast Insights with AWS Cost Explorer" -Description: "Allows users to query AWS Cost Explorer''s daily cost forecast data, providing insights into projected daily costs based on historical data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - period_start, - period_end, - mean_value::numeric::money - from - aws_cost_forecast_daily - order by - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n period_start,\n period_end,\n mean_value::numeric::money\ + \ \nfrom \n aws_cost_forecast_daily\norder by\n period_start;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cost Explorer +Title: Find Daily Cost Forecast Insights with AWS Cost Explorer diff --git a/queries/aws_cost_forecast_monthly_1.yaml b/queries/aws_cost_forecast_monthly_1.yaml index 7f763b890..0fd115533 100755 --- a/queries/aws_cost_forecast_monthly_1.yaml +++ b/queries/aws_cost_forecast_monthly_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query Cost Forecasts in AWS Cost Explorer for monthly + cost predictions. ID: aws_cost_forecast_monthly_1 -Title: "Find Cost Forecasts in AWS Cost Explorer for Monthly Costs" -Description: "Allows users to query Cost Forecasts in AWS Cost Explorer for monthly cost predictions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - period_start, - period_end, - mean_value::numeric::money - from - aws_cost_forecast_monthly - order by - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n period_start,\n period_end,\n mean_value::numeric::money\ + \ \nfrom \n aws_cost_forecast_monthly\norder by\n period_start;" Tags: cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: Find Cost Forecasts in AWS Cost Explorer for Monthly Costs diff --git a/queries/aws_cost_forecast_monthly_2.yaml b/queries/aws_cost_forecast_monthly_2.yaml index 01d6e5375..724534b4a 100755 --- a/queries/aws_cost_forecast_monthly_2.yaml +++ b/queries/aws_cost_forecast_monthly_2.yaml @@ -1,41 +1,27 @@ +Description: Allows users to query Cost Forecasts in AWS Cost Explorer for monthly + cost predictions. ID: aws_cost_forecast_monthly_2 -Title: "List AWS Monthly Cost Forecasts using SQL" -Description: "Allows users to query Cost Forecasts in AWS Cost Explorer for monthly cost predictions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with cost_data as ( - select - period_start, - mean_value as this_month, - lag(mean_value,-1) over(order by period_start desc) as previous_month - from - aws_cost_forecast_monthly - ) - select - period_start, - this_month::numeric::money, - previous_month::numeric::money, - case - when previous_month = 0 and this_month = 0 then 0 - when previous_month = 0 then 999 - else round((100 * ( (this_month - previous_month) / previous_month))::numeric, 2) - end as percent_change - from - cost_data - order by - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with cost_data as (\n select\n period_start,\n mean_value\ + \ as this_month,\n lag(mean_value,-1) over(order by period_start desc) as previous_month\n\ + \ from \n aws_cost_forecast_monthly\n)\nselect\n period_start,\n this_month::numeric::money,\n\ + \ previous_month::numeric::money,\n case \n when previous_month = 0\ + \ and this_month = 0 then 0\n when previous_month = 0 then 999\n else\ + \ round((100 * ( (this_month - previous_month) / previous_month))::numeric, 2)\ + \ \n end as percent_change\nfrom\n cost_data\norder by\n period_start;" Tags: cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: List AWS Monthly Cost Forecasts using SQL diff --git a/queries/aws_cost_usage_1.yaml b/queries/aws_cost_usage_1.yaml index 77359c9e7..68a65aaf4 100755 --- a/queries/aws_cost_usage_1.yaml +++ b/queries/aws_cost_usage_1.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query Cost and Usage data from AWS Cost Explorer Service + to monitor, track, and manage AWS costs and usage over time. ID: aws_cost_usage_1 -Title: "Find AWS Cost Explorer Service Cost and Usage Data" -Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - period_start, - dimension_1 as account_id, - dimension_2 as service_name, - net_unblended_cost_amount::numeric::money - from - aws_cost_usage - where - granularity = 'MONTHLY' - and dimension_type_1 = 'LINKED_ACCOUNT' - and dimension_type_2 = 'SERVICE' - order by - dimension_1, - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n period_start,\n dimension_1 as account_id,\n dimension_2\ + \ as service_name,\n net_unblended_cost_amount::numeric::money\nfrom\n aws_cost_usage\n\ + where\n granularity = 'MONTHLY'\n and dimension_type_1 = 'LINKED_ACCOUNT'\n\ + \ and dimension_type_2 = 'SERVICE'\norder by\n dimension_1,\n period_start;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer Service +Title: Find AWS Cost Explorer Service Cost and Usage Data diff --git a/queries/aws_cost_usage_2.yaml b/queries/aws_cost_usage_2.yaml index a2f7f8e9a..fdf565030 100755 --- a/queries/aws_cost_usage_2.yaml +++ b/queries/aws_cost_usage_2.yaml @@ -1,42 +1,29 @@ +Description: Allows users to query Cost and Usage data from AWS Cost Explorer Service + to monitor, track, and manage AWS costs and usage over time. ID: aws_cost_usage_2 -Title: "List Top 5 AWS Cost and Usage Data" -Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with ranked_costs as ( - select - dimension_1 as account_id, - dimension_2 as service_name, - sum(net_unblended_cost_amount)::numeric::money as net_unblended_cost, - rank() over(partition by dimension_1 order by sum(net_unblended_cost_amount) desc) - from - aws_cost_usage - where - granularity = 'MONTHLY' - and dimension_type_1 = 'LINKED_ACCOUNT' - and dimension_type_2 = 'SERVICE' - group by - dimension_1, - dimension_2 - order by - dimension_1, - net_unblended_cost desc - ) - select * from ranked_costs where rank <=5 - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with ranked_costs as (\n select\n dimension_1 as account_id,\n\ + \ dimension_2 as service_name,\n sum(net_unblended_cost_amount)::numeric::money\ + \ as net_unblended_cost,\n rank() over(partition by dimension_1 order by sum(net_unblended_cost_amount)\ + \ desc)\n from\n aws_cost_usage\n where\n granularity = 'MONTHLY'\n \ + \ and dimension_type_1 = 'LINKED_ACCOUNT'\n and dimension_type_2 = 'SERVICE'\n\ + \ group by\n dimension_1,\n dimension_2\n order by\n dimension_1,\n\ + \ net_unblended_cost desc\n)\nselect * from ranked_costs where rank <=5" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer +Title: List Top 5 AWS Cost and Usage Data diff --git a/queries/aws_cost_usage_3.yaml b/queries/aws_cost_usage_3.yaml index 7e37f99d3..5313ad725 100755 --- a/queries/aws_cost_usage_3.yaml +++ b/queries/aws_cost_usage_3.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query Cost and Usage data from AWS Cost Explorer Service + to monitor, track, and manage AWS costs and usage over time. ID: aws_cost_usage_3 -Title: "Find All AWS Monthly Cost and Usage Data" -Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - period_start, - dimension_1 as account_id, - dimension_2 as record_type, - net_unblended_cost_amount::numeric::money - from - aws_cost_usage - where - granularity = 'MONTHLY' - and dimension_type_1 = 'LINKED_ACCOUNT' - and dimension_type_2 = 'RECORD_TYPE' - order by - dimension_1, - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n period_start,\n dimension_1 as account_id,\n dimension_2\ + \ as record_type,\n net_unblended_cost_amount::numeric::money\nfrom\n aws_cost_usage\n\ + where\n granularity = 'MONTHLY'\n and dimension_type_1 = 'LINKED_ACCOUNT'\n\ + \ and dimension_type_2 = 'RECORD_TYPE'\norder by\n dimension_1,\n period_start;" Tags: cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cost Explorer +Title: Find All AWS Monthly Cost and Usage Data diff --git a/queries/aws_cost_usage_4.yaml b/queries/aws_cost_usage_4.yaml index 4c802c235..e57dd1178 100755 --- a/queries/aws_cost_usage_4.yaml +++ b/queries/aws_cost_usage_4.yaml @@ -1,35 +1,25 @@ +Description: Allows users to query Cost and Usage data from AWS Cost Explorer Service + to monitor, track, and manage AWS costs and usage over time. ID: aws_cost_usage_4 -Title: "List all AWS Cost and Usage Data from Cost Explorer Service" -Description: "Allows users to query Cost and Usage data from AWS Cost Explorer Service to monitor, track, and manage AWS costs and usage over time." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - period_start, - dimension_1 as account_id, - dimension_2 as record_type, - net_unblended_cost_amount::numeric::money - from - aws_cost_usage - where - granularity = 'MONTHLY' - and dimension_type_1 = 'LINKED_ACCOUNT' - and dimension_type_2 = 'RECORD_TYPE' - and dimension_2 in ('DiscountedUsage', 'Credit') - order by - dimension_1, - period_start; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n period_start,\n dimension_1 as account_id,\n dimension_2\ + \ as record_type,\n net_unblended_cost_amount::numeric::money\nfrom\n aws_cost_usage\n\ + where\n granularity = 'MONTHLY'\n and dimension_type_1 = 'LINKED_ACCOUNT'\n\ + \ and dimension_type_2 = 'RECORD_TYPE'\n and dimension_2 in ('DiscountedUsage',\ + \ 'Credit')\norder by\n dimension_1,\n period_start;" Tags: cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cost Explorer Service +Title: List all AWS Cost and Usage Data from Cost Explorer Service diff --git a/queries/aws_dax_cluster_1.yaml b/queries/aws_dax_cluster_1.yaml index 307b2ae55..659ba4058 100755 --- a/queries/aws_dax_cluster_1.yaml +++ b/queries/aws_dax_cluster_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS DAX Clusters to fetch details about their configurations, + status, nodes, and other associated metadata. ID: aws_dax_cluster_1 -Title: "List all AWS DAX Clusters with Configuration Details" -Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - description, - active_nodes, - iam_role_arn, - status, - region - from - aws_dax_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n description,\n active_nodes,\n iam_role_arn,\n\ + \ status,\n region\nfrom\n aws_dax_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DAX +Title: List all AWS DAX Clusters with Configuration Details diff --git a/queries/aws_dax_cluster_2.yaml b/queries/aws_dax_cluster_2.yaml index 7df48e644..f24a1561d 100755 --- a/queries/aws_dax_cluster_2.yaml +++ b/queries/aws_dax_cluster_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS DAX Clusters to fetch details about their configurations, + status, nodes, and other associated metadata. ID: aws_dax_cluster_2 -Title: "List all AWS DAX Clusters and Their Configurations" -Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - description, - sse_description ->> 'Status' as sse_status - from - aws_dax_cluster - where - sse_description ->> 'Status' = 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n description,\n sse_description ->>\ + \ 'Status' as sse_status\nfrom\n aws_dax_cluster\nwhere\n sse_description ->>\ + \ 'Status' = 'DISABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DAX +Title: List all AWS DAX Clusters and Their Configurations diff --git a/queries/aws_dax_cluster_3.yaml b/queries/aws_dax_cluster_3.yaml index 2a26eef59..ec3cfbae3 100755 --- a/queries/aws_dax_cluster_3.yaml +++ b/queries/aws_dax_cluster_3.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS DAX Clusters to fetch details about their configurations, + status, nodes, and other associated metadata. ID: aws_dax_cluster_3 -Title: "List all AWS DAX Clusters with Configuration and Status" -Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - node_type, - count(*) as count - from - aws_dax_cluster - where - node_type not in ('cache.m5.large', 'cache.m4.4xlarge') - group by - cluster_name, node_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n node_type,\n count(*) as count\nfrom\n\ + \ aws_dax_cluster\nwhere\n node_type not in ('cache.m5.large', 'cache.m4.4xlarge')\n\ + group by\n cluster_name, node_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DAX +Title: List all AWS DAX Clusters with Configuration and Status diff --git a/queries/aws_dax_cluster_4.yaml b/queries/aws_dax_cluster_4.yaml index 8ff4b873e..06b5db9be 100755 --- a/queries/aws_dax_cluster_4.yaml +++ b/queries/aws_dax_cluster_4.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS DAX Clusters to fetch details about their configurations, + status, nodes, and other associated metadata. ID: aws_dax_cluster_4 -Title: "Find AWS DAX Cluster Configurations and Status" -Description: "Allows users to query AWS DAX Clusters to fetch details about their configurations, status, nodes, and other associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - subnet_group, - sg ->> 'SecurityGroupIdentifier' as sg_id, - n ->> 'AvailabilityZone' as az_name, - cluster_discovery_endpoint ->> 'Address' as cluster_discovery_endpoint_address, - cluster_discovery_endpoint ->> 'Port' as cluster_discovery_endpoint_port - from - aws_dax_cluster, - jsonb_array_elements(security_groups) as sg, - jsonb_array_elements(nodes) as n; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n subnet_group,\n sg ->> 'SecurityGroupIdentifier'\ + \ as sg_id,\n n ->> 'AvailabilityZone' as az_name,\n cluster_discovery_endpoint\ + \ ->> 'Address' as cluster_discovery_endpoint_address,\n cluster_discovery_endpoint\ + \ ->> 'Port' as cluster_discovery_endpoint_port\nfrom\n aws_dax_cluster,\n jsonb_array_elements(security_groups)\ + \ as sg,\n jsonb_array_elements(nodes) as n;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DAX +Title: Find AWS DAX Cluster Configurations and Status diff --git a/queries/aws_dax_parameter_1.yaml b/queries/aws_dax_parameter_1.yaml index 854674211..9758b553b 100755 --- a/queries/aws_dax_parameter_1.yaml +++ b/queries/aws_dax_parameter_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS DAX Parameter Groups to retrieve information + about their configuration settings. ID: aws_dax_parameter_1 -Title: "Find AWS DAX Parameter Groups Configuration Settings" -Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - parameter_name, - parameter_group_name, - parameter_value, - data_type, - parameter_type - from - aws_dax_parameter; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n parameter_name,\n parameter_group_name,\n parameter_value,\n\ + \ data_type,\n parameter_type\nfrom\n aws_dax_parameter;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DAX +Title: Find AWS DAX Parameter Groups Configuration Settings diff --git a/queries/aws_dax_parameter_2.yaml b/queries/aws_dax_parameter_2.yaml index fa28cdd2e..5eb0ac140 100755 --- a/queries/aws_dax_parameter_2.yaml +++ b/queries/aws_dax_parameter_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS DAX Parameter Groups to retrieve information + about their configuration settings. ID: aws_dax_parameter_2 -Title: "List AWS DAX Parameter Groups and Their Settings" -Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - parameter_group_name, - region, - count(parameter_name) as number_of_parameters - from - aws_dax_parameter - group by - parameter_group_name, - region; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n parameter_group_name,\n region,\n count(parameter_name)\ + \ as number_of_parameters\nfrom\n aws_dax_parameter\ngroup by\n parameter_group_name,\ + \ \n region;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DAX +Title: List AWS DAX Parameter Groups and Their Settings diff --git a/queries/aws_dax_parameter_3.yaml b/queries/aws_dax_parameter_3.yaml index c7038cc89..df3b0a250 100755 --- a/queries/aws_dax_parameter_3.yaml +++ b/queries/aws_dax_parameter_3.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS DAX Parameter Groups to retrieve information + about their configuration settings. ID: aws_dax_parameter_3 -Title: "List All DAX Parameter Groups and Configurations in AWS" -Description: "Allows users to query AWS DAX Parameter Groups to retrieve information about their configuration settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - parameter_name, - parameter_group_name, - parameter_value, - data_type, - parameter_type, - is_modifiable - from - aws_dax_parameter - where - is_modifiable = 'TRUE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n parameter_name,\n parameter_group_name,\n parameter_value,\n\ + \ data_type,\n parameter_type,\n is_modifiable\nfrom\n aws_dax_parameter\n\ + where\n is_modifiable = 'TRUE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DAX +Title: List All DAX Parameter Groups and Configurations in AWS diff --git a/queries/aws_dax_parameter_group_1.yaml b/queries/aws_dax_parameter_group_1.yaml index ffc83136c..be78c6d77 100755 --- a/queries/aws_dax_parameter_group_1.yaml +++ b/queries/aws_dax_parameter_group_1.yaml @@ -1,24 +1,21 @@ +Description: Allows users to query AWS DynamoDB Accelerator (DAX) Parameter Groups, + providing details such as parameter group name, ARN, description, and parameter + settings. ID: aws_dax_parameter_group_1 -Title: "List AWS DAX Parameter Groups and Details" -Description: "Allows users to query AWS DynamoDB Accelerator (DAX) Parameter Groups, providing details such as parameter group name, ARN, description, and parameter settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - parameter_group_name, - description, - region - from - aws_dax_parameter_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n parameter_group_name,\n description,\n region\nfrom\n\ + \ aws_dax_parameter_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB Accelerator (DAX) +Title: List AWS DAX Parameter Groups and Details diff --git a/queries/aws_dax_parameter_group_2.yaml b/queries/aws_dax_parameter_group_2.yaml index 1e12c1a18..1af26a2f7 100755 --- a/queries/aws_dax_parameter_group_2.yaml +++ b/queries/aws_dax_parameter_group_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS DynamoDB Accelerator (DAX) Parameter Groups, + providing details such as parameter group name, ARN, description, and parameter + settings. ID: aws_dax_parameter_group_2 -Title: "Find all AWS DAX Parameter Groups and their Settings" -Description: "Allows users to query AWS DynamoDB Accelerator (DAX) Parameter Groups, providing details such as parameter group name, ARN, description, and parameter settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - p.parameter_group_name, - c.cluster_name, - c.node_type, - c.status - from - aws_dax_parameter_group as p, - aws_dax_cluster as c - where - c.parameter_group ->> 'ParameterGroupName' = p.parameter_group_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n p.parameter_group_name,\n c.cluster_name,\n c.node_type,\n\ + \ c.status\nfrom\n aws_dax_parameter_group as p,\n aws_dax_cluster as c\nwhere\n\ + \ c.parameter_group ->> 'ParameterGroupName' = p.parameter_group_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB Accelerator +Title: Find all AWS DAX Parameter Groups and their Settings diff --git a/queries/aws_dax_subnet_group_1.yaml b/queries/aws_dax_subnet_group_1.yaml index 9c055af7f..c33d7dbf6 100755 --- a/queries/aws_dax_subnet_group_1.yaml +++ b/queries/aws_dax_subnet_group_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS DAX Subnet Group details, such as the subnet + group name, description, VPC ID, and the subnets in the group. ID: aws_dax_subnet_group_1 -Title: "List AWS DAX Subnet Group Details" -Description: "Allows users to query AWS DAX Subnet Group details, such as the subnet group name, description, VPC ID, and the subnets in the group." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subnet_group_name, - description, - vpc_id, - subnets, - region - from - aws_dax_subnet_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n subnet_group_name,\n description,\n vpc_id,\n subnets,\n\ + \ region\nfrom\n aws_dax_subnet_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS DAX +Title: List AWS DAX Subnet Group Details diff --git a/queries/aws_dax_subnet_group_2.yaml b/queries/aws_dax_subnet_group_2.yaml index 4b911bc42..d7a0b0e23 100755 --- a/queries/aws_dax_subnet_group_2.yaml +++ b/queries/aws_dax_subnet_group_2.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS DAX Subnet Group details, such as the subnet + group name, description, VPC ID, and the subnets in the group. ID: aws_dax_subnet_group_2 -Title: "Find AWS DAX Subnet Group details including VPC info" -Description: "Allows users to query AWS DAX Subnet Group details, such as the subnet group name, description, VPC ID, and the subnets in the group." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subnet_group_name, - v.vpc_id, - v.arn as vpc_arn, - v.cidr_block as vpc_cidr_block, - v.state as vpc_state, - v.is_default as is_default_vpc, - v.region - from - aws_dax_subnet_group g - join aws_vpc v - on v.vpc_id = g.vpc_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n subnet_group_name,\n v.vpc_id,\n v.arn as vpc_arn,\n\ + \ v.cidr_block as vpc_cidr_block,\n v.state as vpc_state,\n v.is_default as\ + \ is_default_vpc,\n v.region\nfrom\n aws_dax_subnet_group g\njoin aws_vpc v\n\ + \ on v.vpc_id = g.vpc_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DAX +Title: Find AWS DAX Subnet Group details including VPC info diff --git a/queries/aws_dax_subnet_group_3.yaml b/queries/aws_dax_subnet_group_3.yaml index 9718e9dfb..a9a235285 100755 --- a/queries/aws_dax_subnet_group_3.yaml +++ b/queries/aws_dax_subnet_group_3.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS DAX Subnet Group details, such as the subnet + group name, description, VPC ID, and the subnets in the group. ID: aws_dax_subnet_group_3 -Title: "List all AWS DAX Subnet Group details" -Description: "Allows users to query AWS DAX Subnet Group details, such as the subnet group name, description, VPC ID, and the subnets in the group." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subnet_group_name, - g.vpc_id, - vs.subnet_arn, - vs.cidr_block as subnet_cidr_block, - vs.state as subnet_state, - vs.availability_zone as subnet_availability_zone, - vs.region - from - aws_dax_subnet_group g, - jsonb_array_elements(subnets) s - join aws_vpc_subnet vs - on vs.subnet_id = s ->> 'SubnetIdentifier'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n subnet_group_name,\n g.vpc_id,\n vs.subnet_arn,\n \ + \ vs.cidr_block as subnet_cidr_block,\n vs.state as subnet_state,\n vs.availability_zone\ + \ as subnet_availability_zone,\n vs.region\nfrom\n aws_dax_subnet_group g,\n\ + \ jsonb_array_elements(subnets) s\njoin aws_vpc_subnet vs\n on vs.subnet_id\ + \ = s ->> 'SubnetIdentifier';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DAX Subnet Group +Title: List all AWS DAX Subnet Group details diff --git a/queries/aws_directory_service_certificate_1.yaml b/queries/aws_directory_service_certificate_1.yaml index a45ec4595..83e096ba8 100755 --- a/queries/aws_directory_service_certificate_1.yaml +++ b/queries/aws_directory_service_certificate_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Directory Service Certificates to gather information + about the certificates associated with AWS Managed Microsoft AD and Simple AD directories. ID: aws_directory_service_certificate_1 -Title: "Find AWS Directory Service Certificates and Details" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - directory_id, - certificate_id, - common_name, - type, - state, - expiry_date_time - from - aws_directory_service_certificate; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n directory_id,\n certificate_id,\n common_name,\n type,\n\ + \ state,\n expiry_date_time\nfrom\n aws_directory_service_certificate;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Directory Service +Title: Find AWS Directory Service Certificates and Details diff --git a/queries/aws_directory_service_certificate_2.yaml b/queries/aws_directory_service_certificate_2.yaml index 6a1a2afae..95d8800a1 100755 --- a/queries/aws_directory_service_certificate_2.yaml +++ b/queries/aws_directory_service_certificate_2.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Directory Service Certificates to gather information + about the certificates associated with AWS Managed Microsoft AD and Simple AD directories. ID: aws_directory_service_certificate_2 -Title: "List all AWS Directory Service Certificates" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.certificate_id, - c.common_name, - c.directory_id, - c.type as certificate_type, - d.name as directory_name, - d.type as directory_type - from - aws_directory_service_certificate c, - aws_directory_service_directory d - where - d.type = 'MicrosoftAD'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n c.certificate_id,\n c.common_name,\n c.directory_id,\n\ + \ c.type as certificate_type,\n d.name as directory_name,\n d.type as directory_type\n\ + from\n aws_directory_service_certificate c,\n aws_directory_service_directory\ + \ d\nwhere\n d.type = 'MicrosoftAD';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Directory Service +Title: List all AWS Directory Service Certificates diff --git a/queries/aws_directory_service_certificate_3.yaml b/queries/aws_directory_service_certificate_3.yaml index 4530ce2d8..e874f78ac 100755 --- a/queries/aws_directory_service_certificate_3.yaml +++ b/queries/aws_directory_service_certificate_3.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Directory Service Certificates to gather information + about the certificates associated with AWS Managed Microsoft AD and Simple AD directories. ID: aws_directory_service_certificate_3 -Title: "Find AWS Directory Service Certificates with Specific States" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - common_name, - directory_id, - type, - state - from - aws_directory_service_certificate - where - state = 'Deregistered'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n common_name,\n directory_id,\n type,\n state\nfrom\n\ + \ aws_directory_service_certificate\nwhere\n state = 'Deregistered';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Directory Service +Title: Find AWS Directory Service Certificates with Specific States diff --git a/queries/aws_directory_service_certificate_4.yaml b/queries/aws_directory_service_certificate_4.yaml index f423c0ab3..352247fd1 100755 --- a/queries/aws_directory_service_certificate_4.yaml +++ b/queries/aws_directory_service_certificate_4.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS Directory Service Certificates to gather information + about the certificates associated with AWS Managed Microsoft AD and Simple AD directories. ID: aws_directory_service_certificate_4 -Title: "Find AWS Directory Service Certificates with SQL Query" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - directory_id, - certificate_id, - common_name, - type, - state, - expiry_date_time - from - aws_directory_service_certificate - where - expiry_date_time >= now() + interval '7' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n directory_id,\n certificate_id,\n common_name,\n type,\n\ + \ state,\n expiry_date_time\nfrom\n aws_directory_service_certificate\nwhere\n\ + \ expiry_date_time >= now() + interval '7' day;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Directory Service +Title: Find AWS Directory Service Certificates with SQL Query diff --git a/queries/aws_directory_service_certificate_5.yaml b/queries/aws_directory_service_certificate_5.yaml index 52096d4a1..34c8d72a4 100755 --- a/queries/aws_directory_service_certificate_5.yaml +++ b/queries/aws_directory_service_certificate_5.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Directory Service Certificates to gather information + about the certificates associated with AWS Managed Microsoft AD and Simple AD directories. ID: aws_directory_service_certificate_5 -Title: "List all AWS Directory Service Certificates' Information" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - directory_id, - certificate_id, - common_name, - client_cert_auth_settings -> 'OCSPUrl' as ocsp_url - from - aws_directory_service_certificate; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n directory_id,\n certificate_id,\n common_name,\n client_cert_auth_settings\ + \ -> 'OCSPUrl' as ocsp_url\nfrom\n aws_directory_service_certificate;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Directory Service +Title: List all AWS Directory Service Certificates' Information diff --git a/queries/aws_directory_service_certificate_6.yaml b/queries/aws_directory_service_certificate_6.yaml index 4d36b1b28..7a81dd9a3 100755 --- a/queries/aws_directory_service_certificate_6.yaml +++ b/queries/aws_directory_service_certificate_6.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Directory Service Certificates to gather information + about the certificates associated with AWS Managed Microsoft AD and Simple AD directories. ID: aws_directory_service_certificate_6 -Title: "List all Directory Service Certificates in AWS" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - directory_id, - count(*) as certificate_count - from - aws_directory_service_certificate - group by - directory_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n directory_id,\n count(*) as certificate_count\nfrom\n\ + \ aws_directory_service_certificate\ngroup by\n directory_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Directory Service +Title: List all Directory Service Certificates in AWS diff --git a/queries/aws_directory_service_certificate_7.yaml b/queries/aws_directory_service_certificate_7.yaml index 63f5ee522..00fa27959 100755 --- a/queries/aws_directory_service_certificate_7.yaml +++ b/queries/aws_directory_service_certificate_7.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Directory Service Certificates to gather information + about the certificates associated with AWS Managed Microsoft AD and Simple AD directories. ID: aws_directory_service_certificate_7 -Title: "Find AWS Directory Service Certificates older than 1 year" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - common_name, - directory_id, - type, - state - from - aws_directory_service_certificate - where - registered_date_time <= now() - interval '1 year' - and state not like 'Deregister%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n common_name,\n directory_id,\n type,\n state\nfrom\n\ + \ aws_directory_service_certificate\nwhere\n registered_date_time <= now() -\ + \ interval '1 year'\n and state not like 'Deregister%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Directory Service +Title: Find AWS Directory Service Certificates older than 1 year diff --git a/queries/aws_directory_service_certificate_8.yaml b/queries/aws_directory_service_certificate_8.yaml index 77470b59d..bb59a3343 100755 --- a/queries/aws_directory_service_certificate_8.yaml +++ b/queries/aws_directory_service_certificate_8.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Directory Service Certificates to gather information + about the certificates associated with AWS Managed Microsoft AD and Simple AD directories. ID: aws_directory_service_certificate_8 -Title: "Find AWS Directory Service Certificates Details" -Description: "Allows users to query AWS Directory Service Certificates to gather information about the certificates associated with AWS Managed Microsoft AD and Simple AD directories." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct partition, - registered_date_time - from - aws_directory_service_certificate - order by - partition, - registered_date_time desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n distinct partition,\n registered_date_time\nfrom\n \ + \ aws_directory_service_certificate\norder by\n partition,\n registered_date_time\ + \ desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Directory Service +Title: Find AWS Directory Service Certificates Details diff --git a/queries/aws_directory_service_directory_1.yaml b/queries/aws_directory_service_directory_1.yaml index def2c000a..410dfad51 100755 --- a/queries/aws_directory_service_directory_1.yaml +++ b/queries/aws_directory_service_directory_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Directory Service Directories for information + about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories. ID: aws_directory_service_directory_1 -Title: "Query AWS Directory Service Directories for Information" -Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - directory_id - from - aws_directory_service_directory; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n directory_id\nfrom\n aws_directory_service_directory;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Directory Service +Title: Query AWS Directory Service Directories for Information diff --git a/queries/aws_directory_service_directory_2.yaml b/queries/aws_directory_service_directory_2.yaml index b278c71ea..13b9dff4d 100755 --- a/queries/aws_directory_service_directory_2.yaml +++ b/queries/aws_directory_service_directory_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Directory Service Directories for information + about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories. ID: aws_directory_service_directory_2 -Title: "Find AWS Managed and Simple AD Directory Details" -Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - directory_id, - type - from - aws_directory_service_directory - where - type = 'MicrosoftAD'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n directory_id,\n type\nfrom\n aws_directory_service_directory\n\ + where\n type = 'MicrosoftAD';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Directory Service +Title: Find AWS Managed and Simple AD Directory Details diff --git a/queries/aws_directory_service_directory_3.yaml b/queries/aws_directory_service_directory_3.yaml index b8be6824b..6cc617455 100755 --- a/queries/aws_directory_service_directory_3.yaml +++ b/queries/aws_directory_service_directory_3.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Directory Service Directories for information + about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories. ID: aws_directory_service_directory_3 -Title: "List all AWS Managed and Simple AD Directory Info" -Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - sd ->> 'ShareMethod' share_method, - sd ->> 'ShareStatus' share_status, - sd ->> 'SharedAccountId' shared_account_id, - sd ->> 'SharedDirectoryId' shared_directory_id - from - aws_directory_service_directory, - jsonb_array_elements(shared_directories) sd; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n directory_id,\n sd ->> 'ShareMethod' share_method,\n\ + \ sd ->> 'ShareStatus' share_status,\n sd ->> 'SharedAccountId' shared_account_id,\n\ + \ sd ->> 'SharedDirectoryId' shared_directory_id\nfrom\n aws_directory_service_directory,\n\ + \ jsonb_array_elements(shared_directories) sd;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Directory Service +Title: List all AWS Managed and Simple AD Directory Info diff --git a/queries/aws_directory_service_directory_4.yaml b/queries/aws_directory_service_directory_4.yaml index d19602732..f607272cd 100755 --- a/queries/aws_directory_service_directory_4.yaml +++ b/queries/aws_directory_service_directory_4.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Directory Service Directories for information + about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories. ID: aws_directory_service_directory_4 -Title: "List all AWS Directory Service Directories" -Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - snapshot_limit ->> 'ManualSnapshotsCurrentCount' as manual_snapshots_current_count, - snapshot_limit ->> 'ManualSnapshotsLimit' as manual_snapshots_limit, - snapshot_limit ->> 'ManualSnapshotsLimitReached' as manual_snapshots_limit_reached - from - aws_directory_service_directory; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n directory_id,\n snapshot_limit ->> 'ManualSnapshotsCurrentCount'\ + \ as manual_snapshots_current_count,\n snapshot_limit ->> 'ManualSnapshotsLimit'\ + \ as manual_snapshots_limit,\n snapshot_limit ->> 'ManualSnapshotsLimitReached'\ + \ as manual_snapshots_limit_reached\nfrom\n aws_directory_service_directory;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Directory Service +Title: List all AWS Directory Service Directories diff --git a/queries/aws_directory_service_directory_5.yaml b/queries/aws_directory_service_directory_5.yaml index c81352b1a..7e83360ff 100755 --- a/queries/aws_directory_service_directory_5.yaml +++ b/queries/aws_directory_service_directory_5.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Directory Service Directories for information + about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories. ID: aws_directory_service_directory_5 -Title: "List All AWS Directory Service Directory Information" -Description: "Allows users to query AWS Directory Service Directories for information about AWS Managed Microsoft AD, AWS Managed AD, and Simple AD directories." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - e ->> 'CreatedDateTime' as topic_created_date_time, - e ->> 'Status' as topic_status, - e ->> 'TopicArn' as topic_arn, - e ->> 'TopicName' as topic_name - from - aws_directory_service_directory, - jsonb_array_elements(event_topics) as e; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n directory_id,\n e ->> 'CreatedDateTime' as\ + \ topic_created_date_time,\n e ->> 'Status' as topic_status,\n e ->> 'TopicArn'\ + \ as topic_arn,\n e ->> 'TopicName' as topic_name\nfrom\n aws_directory_service_directory,\n\ + \ jsonb_array_elements(event_topics) as e;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Directory Service +Title: List All AWS Directory Service Directory Information diff --git a/queries/aws_directory_servicelog_subscription_1.yaml b/queries/aws_directory_servicelog_subscription_1.yaml index 779ddf28e..e89f7bbe8 100755 --- a/queries/aws_directory_servicelog_subscription_1.yaml +++ b/queries/aws_directory_servicelog_subscription_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Directory Service Log Subscription to obtain + detailed information about each log subscription associated with the AWS Directory + Service. ID: aws_directory_servicelog_subscription_1 -Title: "List all AWS Directory Service Log Subscriptions" -Description: "Allows users to query AWS Directory Service Log Subscription to obtain detailed information about each log subscription associated with the AWS Directory Service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - partition, - subscription_created_date_time, - directory_id, - title - from - aws_directory_service_log_subscription; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n partition,\n subscription_created_date_time,\n\ + \ directory_id,\n title\nfrom\n aws_directory_service_log_subscription;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Directory Service +Title: List all AWS Directory Service Log Subscriptions diff --git a/queries/aws_directory_servicelog_subscription_2.yaml b/queries/aws_directory_servicelog_subscription_2.yaml index a99c14a7d..98edef8f2 100755 --- a/queries/aws_directory_servicelog_subscription_2.yaml +++ b/queries/aws_directory_servicelog_subscription_2.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Directory Service Log Subscription to obtain + detailed information about each log subscription associated with the AWS Directory + Service. ID: aws_directory_servicelog_subscription_2 -Title: "List AWS Directory Service Log Subscriptions with Details" -Description: "Allows users to query AWS Directory Service Log Subscription to obtain detailed information about each log subscription associated with the AWS Directory Service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.log_group_name, - d.name as directory_name, - d.arn as directory_arn, - d.directory_id, - d.type as directory_type - from - aws_directory_service_log_subscription as s - left join aws_directory_service_directory as d on s.directory_id = d.directory_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.log_group_name,\n d.name as directory_name,\n d.arn\ + \ as directory_arn,\n d.directory_id,\n d.type as directory_type\nfrom\n aws_directory_service_log_subscription\ + \ as s\n left join aws_directory_service_directory as d on s.directory_id = d.directory_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Directory Service +Title: List AWS Directory Service Log Subscriptions with Details diff --git a/queries/aws_dlm_lifecycle_policy_1.yaml b/queries/aws_dlm_lifecycle_policy_1.yaml index 70c6ccf35..a4a67e217 100755 --- a/queries/aws_dlm_lifecycle_policy_1.yaml +++ b/queries/aws_dlm_lifecycle_policy_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS DLM Lifecycle Policies to retrieve detailed + information about each policy, including its configuration, status, and tags. ID: aws_dlm_lifecycle_policy_1 -Title: "List AWS DLM Lifecycle Policies and Details" -Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_id, - arn, - date_created - from - aws_dlm_lifecycle_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n policy_id,\n arn,\n date_created\nfrom\n aws_dlm_lifecycle_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS DLM +Title: List AWS DLM Lifecycle Policies and Details diff --git a/queries/aws_dlm_lifecycle_policy_2.yaml b/queries/aws_dlm_lifecycle_policy_2.yaml index 880b1568e..4e80f9e29 100755 --- a/queries/aws_dlm_lifecycle_policy_2.yaml +++ b/queries/aws_dlm_lifecycle_policy_2.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS DLM Lifecycle Policies to retrieve detailed + information about each policy, including its configuration, status, and tags. ID: aws_dlm_lifecycle_policy_2 -Title: "List All AWS DLM Lifecycle Policies and Details" -Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_id, - arn, - date_created, - policy_type, - s ->> 'ShareRules' as share_rules - from - aws_dlm_lifecycle_policy, - jsonb_array_elements(policy_details -> 'Schedules') s - where - s ->> 'ShareRules' is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n policy_id,\n arn,\n date_created,\n policy_type,\n\ + \ s ->> 'ShareRules' as share_rules\nfrom\n aws_dlm_lifecycle_policy,\n jsonb_array_elements(policy_details\ + \ -> 'Schedules') s\nwhere \n s ->> 'ShareRules' is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DLM Lifecycle Policy +Title: List All AWS DLM Lifecycle Policies and Details diff --git a/queries/aws_dlm_lifecycle_policy_3.yaml b/queries/aws_dlm_lifecycle_policy_3.yaml index deae16ad0..447bf1f21 100755 --- a/queries/aws_dlm_lifecycle_policy_3.yaml +++ b/queries/aws_dlm_lifecycle_policy_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS DLM Lifecycle Policies to retrieve detailed + information about each policy, including its configuration, status, and tags. ID: aws_dlm_lifecycle_policy_3 -Title: "List all AWS DLM Lifecycle Policies with Configuration" -Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_id, - arn, - date_created, - policy_type, - s ->> 'CrossRegionCopyRules' as cross_region_copy_rules - from - aws_dlm_lifecycle_policy, - jsonb_array_elements(policy_details -> 'Schedules') s - where - s ->> 'CrossRegionCopyRules' is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n policy_id,\n arn,\n date_created,\n policy_type,\n\ + \ s ->> 'CrossRegionCopyRules' as cross_region_copy_rules\nfrom\n aws_dlm_lifecycle_policy,\n\ + \ jsonb_array_elements(policy_details -> 'Schedules') s\nwhere \n s ->> 'CrossRegionCopyRules'\ + \ is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DLM +Title: List all AWS DLM Lifecycle Policies with Configuration diff --git a/queries/aws_dlm_lifecycle_policy_4.yaml b/queries/aws_dlm_lifecycle_policy_4.yaml index 2e4f01bb4..ec810ad5c 100755 --- a/queries/aws_dlm_lifecycle_policy_4.yaml +++ b/queries/aws_dlm_lifecycle_policy_4.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS DLM Lifecycle Policies to retrieve detailed + information about each policy, including its configuration, status, and tags. ID: aws_dlm_lifecycle_policy_4 -Title: "List AWS DLM Lifecycle Policies with Configuration and Status" -Description: "Allows users to query AWS DLM Lifecycle Policies to retrieve detailed information about each policy, including its configuration, status, and tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_id, - arn, - date_created, - policy_type, - s -> 'RetainRule' ->> 'Count' as retain_count - from - aws_dlm_lifecycle_policy, - jsonb_array_elements(policy_details -> 'Schedules') s - where - s -> 'RetainRule' is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n policy_id,\n arn,\n date_created,\n policy_type,\n\ + \ s -> 'RetainRule' ->> 'Count' as retain_count\nfrom\n aws_dlm_lifecycle_policy,\n\ + \ jsonb_array_elements(policy_details -> 'Schedules') s\nwhere \n s -> 'RetainRule'\ + \ is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS DLM +Title: List AWS DLM Lifecycle Policies with Configuration and Status diff --git a/queries/aws_dms_certificate_1.yaml b/queries/aws_dms_certificate_1.yaml index 5b8badc4d..5d03aef4f 100755 --- a/queries/aws_dms_certificate_1.yaml +++ b/queries/aws_dms_certificate_1.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS DMS (Database Migration Service) Certificates. + This table provides information about SSL/TLS certificates used in AWS DMS for encrypting + data during database migration tasks. Certificates play a crucial role in ensuring + the security and integrity of data transferred between source and target databases. ID: aws_dms_certificate_1 -Title: "Find all AWS DMS Certificates and Their Details" -Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_identifier, - arn, - certificate_creation_date, - signing_algorithm, - valid_to_date, - region - from - aws_dms_certificate; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n certificate_identifier,\n arn,\n certificate_creation_date,\n\ + \ signing_algorithm,\n valid_to_date,\n region\nfrom\n aws_dms_certificate;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: Find all AWS DMS Certificates and Their Details diff --git a/queries/aws_dms_certificate_2.yaml b/queries/aws_dms_certificate_2.yaml index 2ca789faa..e9df38897 100755 --- a/queries/aws_dms_certificate_2.yaml +++ b/queries/aws_dms_certificate_2.yaml @@ -1,32 +1,27 @@ +Description: Allows users to query AWS DMS (Database Migration Service) Certificates. + This table provides information about SSL/TLS certificates used in AWS DMS for encrypting + data during database migration tasks. Certificates play a crucial role in ensuring + the security and integrity of data transferred between source and target databases. ID: aws_dms_certificate_2 -Title: "Find all AWS DMS Certificates Expiring in 10 Days" -Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_identifier, - arn, - key_length, - signing_algorithm, - valid_to_date - from - aws_dms_certificate - where - valid_to_date <= current_date + interval '10' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n certificate_identifier,\n arn,\n key_length,\n signing_algorithm,\n\ + \ valid_to_date\nfrom\n aws_dms_certificate\nwhere\n valid_to_date <= current_date\ + \ + interval '10' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: Find all AWS DMS Certificates Expiring in 10 Days diff --git a/queries/aws_dms_certificate_3.yaml b/queries/aws_dms_certificate_3.yaml index 31881be22..399e0446a 100755 --- a/queries/aws_dms_certificate_3.yaml +++ b/queries/aws_dms_certificate_3.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS DMS (Database Migration Service) Certificates. + This table provides information about SSL/TLS certificates used in AWS DMS for encrypting + data during database migration tasks. Certificates play a crucial role in ensuring + the security and integrity of data transferred between source and target databases. ID: aws_dms_certificate_3 -Title: "List all AWS DMS Certificates and Details" -Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_identifier, - arn, - signing_algorithm, - key_length, - certificate_owner - from - aws_dms_certificate - where - signing_algorithm = 'SHA256withRSA'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n certificate_identifier,\n arn,\n signing_algorithm,\n\ + \ key_length,\n certificate_owner\nfrom\n aws_dms_certificate\nwhere\n signing_algorithm\ + \ = 'SHA256withRSA';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DMS +Title: List all AWS DMS Certificates and Details diff --git a/queries/aws_dms_certificate_4.yaml b/queries/aws_dms_certificate_4.yaml index 999d15da8..7ab24e0eb 100755 --- a/queries/aws_dms_certificate_4.yaml +++ b/queries/aws_dms_certificate_4.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS DMS (Database Migration Service) Certificates. + This table provides information about SSL/TLS certificates used in AWS DMS for encrypting + data during database migration tasks. Certificates play a crucial role in ensuring + the security and integrity of data transferred between source and target databases. ID: aws_dms_certificate_4 -Title: "Find AWS DMS Certificates for Data Migration Security" -Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_identifier, - arn, - certificate_owner, - account_id - from - aws_dms_certificate - where - certificate_owner <> account_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n certificate_identifier,\n arn,\n certificate_owner,\n\ + \ account_id\nfrom\n aws_dms_certificate\nwhere\n certificate_owner <> account_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: Find AWS DMS Certificates for Data Migration Security diff --git a/queries/aws_dms_certificate_5.yaml b/queries/aws_dms_certificate_5.yaml index 2bd68dfbd..c82b27aee 100755 --- a/queries/aws_dms_certificate_5.yaml +++ b/queries/aws_dms_certificate_5.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS DMS (Database Migration Service) Certificates. + This table provides information about SSL/TLS certificates used in AWS DMS for encrypting + data during database migration tasks. Certificates play a crucial role in ensuring + the security and integrity of data transferred between source and target databases. ID: aws_dms_certificate_5 -Title: "Find all AWS DMS Certificates with Details" -Description: "Allows users to query AWS DMS (Database Migration Service) Certificates. This table provides information about SSL/TLS certificates used in AWS DMS for encrypting data during database migration tasks. Certificates play a crucial role in ensuring the security and integrity of data transferred between source and target databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - certificate_identifier, - arn, - certificate_owner, - (valid_to_date - current_date) as days_left, - region - from - aws_dms_certificate; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n certificate_identifier,\n arn,\n certificate_owner,\n\ + \ (valid_to_date - current_date) as days_left,\n region\nfrom\n aws_dms_certificate;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: Find all AWS DMS Certificates with Details diff --git a/queries/aws_dms_endpoint_1.yaml b/queries/aws_dms_endpoint_1.yaml index 786689621..995a10729 100755 --- a/queries/aws_dms_endpoint_1.yaml +++ b/queries/aws_dms_endpoint_1.yaml @@ -1,28 +1,20 @@ +Description: Query AWS DMS Endpoints to retrieve connection information for source + or target databases in database migration activities. ID: aws_dms_endpoint_1 -Title: "Find AWS DMS Endpoints Connection Info for Databases" -Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_identifier, - arn, - certificate_arn, - database_name, - endpoint_type, - engine_display_name, - engine_name - from - aws_dms_endpoint; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n endpoint_identifier,\n arn,\n certificate_arn,\n database_name,\n\ + \ endpoint_type,\n engine_display_name,\n engine_name\nfrom\n aws_dms_endpoint;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: Find AWS DMS Endpoints Connection Info for Databases diff --git a/queries/aws_dms_endpoint_2.yaml b/queries/aws_dms_endpoint_2.yaml index 13fb71589..c4ecdad2b 100755 --- a/queries/aws_dms_endpoint_2.yaml +++ b/queries/aws_dms_endpoint_2.yaml @@ -1,28 +1,21 @@ +Description: Query AWS DMS Endpoints to retrieve connection information for source + or target databases in database migration activities. ID: aws_dms_endpoint_2 -Title: "Find AWS DMS Endpoints Connection Info for Migration" -Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_identifier, - arn, - engine_display_name, - endpoint_type, - engine_name - from - aws_dms_endpoint - where - endpoint_type = 'SOURCE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n endpoint_identifier,\n arn,\n engine_display_name,\n\ + \ endpoint_type,\n engine_name\nfrom\n aws_dms_endpoint\nwhere\n endpoint_type\ + \ = 'SOURCE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DMS +Title: Find AWS DMS Endpoints Connection Info for Migration diff --git a/queries/aws_dms_endpoint_3.yaml b/queries/aws_dms_endpoint_3.yaml index bec7792da..920db50eb 100755 --- a/queries/aws_dms_endpoint_3.yaml +++ b/queries/aws_dms_endpoint_3.yaml @@ -1,30 +1,22 @@ +Description: Query AWS DMS Endpoints to retrieve connection information for source + or target databases in database migration activities. ID: aws_dms_endpoint_3 -Title: "List all AWS DMS Endpoints for connection details" -Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_identifier, - arn, - engine_name, - instance_create_time, - my_sql_settings - from - aws_dms_endpoint - where - engine_name = 'mysql'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n endpoint_identifier,\n arn,\n engine_name,\n instance_create_time,\n\ + \ my_sql_settings\nfrom\n aws_dms_endpoint\nwhere\n engine_name = 'mysql';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DMS +Title: List all AWS DMS Endpoints for connection details diff --git a/queries/aws_dms_endpoint_4.yaml b/queries/aws_dms_endpoint_4.yaml index cfe90a2e7..59c5303cd 100755 --- a/queries/aws_dms_endpoint_4.yaml +++ b/queries/aws_dms_endpoint_4.yaml @@ -1,32 +1,25 @@ +Description: Query AWS DMS Endpoints to retrieve connection information for source + or target databases in database migration activities. ID: aws_dms_endpoint_4 -Title: "List All AWS DMS Endpoints for Database Migrations" -Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_identifier, - kms_key_id, - server_name, - service_access_role_arn, - ssl_mode - from - aws_dms_endpoint - where - ssl_mode <> 'none'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n endpoint_identifier,\n kms_key_id,\n server_name,\n\ + \ service_access_role_arn,\n ssl_mode\nfrom\n aws_dms_endpoint\nwhere\n ssl_mode\ + \ <> 'none';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: List All AWS DMS Endpoints for Database Migrations diff --git a/queries/aws_dms_endpoint_5.yaml b/queries/aws_dms_endpoint_5.yaml index 98639ad79..25422d61c 100755 --- a/queries/aws_dms_endpoint_5.yaml +++ b/queries/aws_dms_endpoint_5.yaml @@ -1,40 +1,32 @@ +Description: Query AWS DMS Endpoints to retrieve connection information for source + or target databases in database migration activities. ID: aws_dms_endpoint_5 -Title: "Find AWS DMS Endpoints and Retrieve Connection Information" -Description: "Query AWS DMS Endpoints to retrieve connection information for source or target databases in database migration activities." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_identifier, - arn, - my_sql_settings ->> 'AfterConnectScript' as after_connect_script, - (my_sql_settings ->> 'CleanSourceMetadataOnMismatch')::boolean as clean_source_metadata_on_mismatch, - my_sql_settings ->> 'DatabaseName' as database_name, - (my_sql_settings ->> 'EventsPollInterval')::integer as events_poll_interval, - (my_sql_settings ->> 'ExecuteTimeout')::integer as execute_timeout, - (my_sql_settings ->> 'MaxFileSize')::integer as max_file_size, - (my_sql_settings ->> 'ParallelLoadThreads')::integer as parallel_load_threads, - my_sql_settings ->> 'Password' as password, - (my_sql_settings ->> 'Port')::integer as port, - my_sql_settings ->> 'SecretsManagerAccessRoleArn' as secrets_manager_access_role_arn, - my_sql_settings ->> 'SecretsManagerSecretId' as secrets_manager_secret_id, - my_sql_settings ->> 'ServerName' as server_name, - my_sql_settings ->> 'ServerTimezone' as server_timezone, - my_sql_settings ->> 'TargetDbType' as target_db_type, - my_sql_settings ->> 'Username' as username - from - aws_dms_endpoint - where - engine_name = 'mysql'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n endpoint_identifier,\n arn,\n my_sql_settings ->> 'AfterConnectScript'\ + \ as after_connect_script,\n (my_sql_settings ->> 'CleanSourceMetadataOnMismatch')::boolean\ + \ as clean_source_metadata_on_mismatch,\n my_sql_settings ->> 'DatabaseName'\ + \ as database_name,\n (my_sql_settings ->> 'EventsPollInterval')::integer as\ + \ events_poll_interval,\n (my_sql_settings ->> 'ExecuteTimeout')::integer as\ + \ execute_timeout,\n (my_sql_settings ->> 'MaxFileSize')::integer as max_file_size,\n\ + \ (my_sql_settings ->> 'ParallelLoadThreads')::integer as parallel_load_threads,\n\ + \ my_sql_settings ->> 'Password' as password,\n (my_sql_settings ->> 'Port')::integer\ + \ as port,\n my_sql_settings ->> 'SecretsManagerAccessRoleArn' as secrets_manager_access_role_arn,\n\ + \ my_sql_settings ->> 'SecretsManagerSecretId' as secrets_manager_secret_id,\n\ + \ my_sql_settings ->> 'ServerName' as server_name,\n my_sql_settings ->> 'ServerTimezone'\ + \ as server_timezone,\n my_sql_settings ->> 'TargetDbType' as target_db_type,\n\ + \ my_sql_settings ->> 'Username' as username\nfrom\n aws_dms_endpoint\nwhere\n\ + \ engine_name = 'mysql';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS DMS Endpoints +Title: Find AWS DMS Endpoints and Retrieve Connection Information diff --git a/queries/aws_dms_replication_instance_1.yaml b/queries/aws_dms_replication_instance_1.yaml index 961f7438a..0cd63aed2 100755 --- a/queries/aws_dms_replication_instance_1.yaml +++ b/queries/aws_dms_replication_instance_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Database Migration Service Replication Instances + and provides information about each replication instance in an AWS DMS (Database + Migration Service). ID: aws_dms_replication_instance_1 -Title: "List all AWS DMS Replication Instances" -Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_instance_identifier, - arn, - engine_version, - instance_create_time, - kms_key_id, - publicly_accessible, - region - from - aws_dms_replication_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_instance_identifier,\n arn,\n engine_version,\n\ + \ instance_create_time,\n kms_key_id,\n publicly_accessible,\n region\nfrom\n\ + \ aws_dms_replication_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: List all AWS DMS Replication Instances diff --git a/queries/aws_dms_replication_instance_2.yaml b/queries/aws_dms_replication_instance_2.yaml index 93b3b0bd1..d98e24169 100755 --- a/queries/aws_dms_replication_instance_2.yaml +++ b/queries/aws_dms_replication_instance_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Database Migration Service Replication Instances + and provides information about each replication instance in an AWS DMS (Database + Migration Service). ID: aws_dms_replication_instance_2 -Title: "List all AWS DMS Replication Instances for Asset Management" -Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_instance_identifier, - arn, - engine_version, - instance_create_time, - auto_minor_version_upgrade, - region - from - aws_dms_replication_instance - where - not auto_minor_version_upgrade; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_instance_identifier,\n arn,\n engine_version,\n\ + \ instance_create_time,\n auto_minor_version_upgrade,\n region\nfrom\n aws_dms_replication_instance\n\ + where\n not auto_minor_version_upgrade;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: List all AWS DMS Replication Instances for Asset Management diff --git a/queries/aws_dms_replication_instance_3.yaml b/queries/aws_dms_replication_instance_3.yaml index 36c7f1b44..f22e83883 100755 --- a/queries/aws_dms_replication_instance_3.yaml +++ b/queries/aws_dms_replication_instance_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Database Migration Service Replication Instances + and provides information about each replication instance in an AWS DMS (Database + Migration Service). ID: aws_dms_replication_instance_3 -Title: "Find AWS Database Migration Service Replication Instances" -Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_instance_identifier, - arn, - engine_version, - instance_create_time, - replication_instance_class, - region - from - aws_dms_replication_instance - where - replication_instance_class not in ('dms.r5.16xlarge', 'dms.r5.24xlarge'); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_instance_identifier,\n arn,\n engine_version,\n\ + \ instance_create_time,\n replication_instance_class,\n region\nfrom\n aws_dms_replication_instance\n\ + where\n replication_instance_class not in ('dms.r5.16xlarge', 'dms.r5.24xlarge');" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: Find AWS Database Migration Service Replication Instances diff --git a/queries/aws_dms_replication_instance_4.yaml b/queries/aws_dms_replication_instance_4.yaml index abaafdaaa..98a81de6d 100755 --- a/queries/aws_dms_replication_instance_4.yaml +++ b/queries/aws_dms_replication_instance_4.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Database Migration Service Replication Instances + and provides information about each replication instance in an AWS DMS (Database + Migration Service). ID: aws_dms_replication_instance_4 -Title: "List all AWS Database Migration Service Replication Instances" -Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_instance_identifier, - arn, - publicly_accessible, - region - from - aws_dms_replication_instance - where - publicly_accessible; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_instance_identifier,\n arn,\n publicly_accessible,\n\ + \ region\nfrom\n aws_dms_replication_instance\nwhere\n publicly_accessible;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: List all AWS Database Migration Service Replication Instances diff --git a/queries/aws_dms_replication_instance_5.yaml b/queries/aws_dms_replication_instance_5.yaml index f800e2a93..9e5ce29e1 100755 --- a/queries/aws_dms_replication_instance_5.yaml +++ b/queries/aws_dms_replication_instance_5.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Database Migration Service Replication Instances + and provides information about each replication instance in an AWS DMS (Database + Migration Service). ID: aws_dms_replication_instance_5 -Title: "Find AWS Database Migration Service Replication Instances" -Description: "Allows users to query AWS Database Migration Service Replication Instances and provides information about each replication instance in an AWS DMS (Database Migration Service)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_instance_identifier, - arn, - publicly_accessible, - multi_az, - region - from - aws_dms_replication_instance - where - not multi_az; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_instance_identifier,\n arn,\n publicly_accessible,\n\ + \ multi_az,\n region\nfrom\n aws_dms_replication_instance\nwhere\n not multi_az;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: Find AWS Database Migration Service Replication Instances diff --git a/queries/aws_dms_replication_task_1.yaml b/queries/aws_dms_replication_task_1.yaml index 4364b5f45..a83176fae 100755 --- a/queries/aws_dms_replication_task_1.yaml +++ b/queries/aws_dms_replication_task_1.yaml @@ -1,30 +1,24 @@ +Description: Enables users to query AWS DMS Replication Tasks to retrieve detailed + information on data migration activities between source and target databases. ID: aws_dms_replication_task_1 -Title: "List AWS DMS Replication Task Information" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_task_identifier, - arn, - migration_type, - status, - replication_task_creation_date - from - aws_dms_replication_task; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_task_identifier,\n arn,\n migration_type,\n\ + \ status,\n replication_task_creation_date\nfrom\n aws_dms_replication_task;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS DMS Replication Tasks +Title: List AWS DMS Replication Task Information diff --git a/queries/aws_dms_replication_task_2.yaml b/queries/aws_dms_replication_task_2.yaml index c44ea9bea..b6dfa8586 100755 --- a/queries/aws_dms_replication_task_2.yaml +++ b/queries/aws_dms_replication_task_2.yaml @@ -1,28 +1,22 @@ +Description: Enables users to query AWS DMS Replication Tasks to retrieve detailed + information on data migration activities between source and target databases. ID: aws_dms_replication_task_2 -Title: "List AWS DMS Replication Tasks for Data Migration" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_task_identifier, - migration_type, - status - from - aws_dms_replication_task - where - migration_type = 'full-load'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_task_identifier,\n migration_type,\n status\n\ + from\n aws_dms_replication_task\nwhere\n migration_type = 'full-load';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DMS +Title: List AWS DMS Replication Tasks for Data Migration diff --git a/queries/aws_dms_replication_task_3.yaml b/queries/aws_dms_replication_task_3.yaml index 234f88c3d..61c44f4cd 100755 --- a/queries/aws_dms_replication_task_3.yaml +++ b/queries/aws_dms_replication_task_3.yaml @@ -1,28 +1,22 @@ +Description: Enables users to query AWS DMS Replication Tasks to retrieve detailed + information on data migration activities between source and target databases. ID: aws_dms_replication_task_3 -Title: "Find AWS DMS Tasks with Failed Status Using SQL" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_task_identifier, - status, - last_failure_message - from - aws_dms_replication_task - where - status = 'failed'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_task_identifier,\n status,\n last_failure_message\n\ + from\n aws_dms_replication_task\nwhere\n status = 'failed';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DMS +Title: Find AWS DMS Tasks with Failed Status Using SQL diff --git a/queries/aws_dms_replication_task_4.yaml b/queries/aws_dms_replication_task_4.yaml index 6be240aa7..6ad3266d1 100755 --- a/queries/aws_dms_replication_task_4.yaml +++ b/queries/aws_dms_replication_task_4.yaml @@ -1,34 +1,28 @@ +Description: Enables users to query AWS DMS Replication Tasks to retrieve detailed + information on data migration activities between source and target databases. ID: aws_dms_replication_task_4 -Title: "Find AWS DMS Replication Task Details for Data Migration" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_task_identifier, - status, - replication_task_stats -> 'ElapsedTimeMillis' as elapsed_time_millis, - replication_task_stats -> 'FreshStartDate' as fresh_start_date, - replication_task_stats -> 'FullLoadFinishDate' as full_load_finish_date, - replication_task_stats -> 'FullLoadProgressPercent' as full_load_progress_percent, - replication_task_stats -> 'FullLoadStartDate' as full_load_start_date, - replication_task_stats -> 'StartDate' as start_date, - replication_task_stats -> 'StopDate' as stop_date, - replication_task_stats -> 'TablesErrored' as tables_errored, - replication_task_stats -> 'TablesLoaded' as tables_loaded, - replication_task_stats -> 'TablesLoading' as tables_loading, - replication_task_stats -> 'TablesQueued' as tables_queued - from - aws_dms_replication_task; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_task_identifier,\n status,\n replication_task_stats\ + \ -> 'ElapsedTimeMillis' as elapsed_time_millis,\n replication_task_stats ->\ + \ 'FreshStartDate' as fresh_start_date,\n replication_task_stats -> 'FullLoadFinishDate'\ + \ as full_load_finish_date,\n replication_task_stats -> 'FullLoadProgressPercent'\ + \ as full_load_progress_percent,\n replication_task_stats -> 'FullLoadStartDate'\ + \ as full_load_start_date,\n replication_task_stats -> 'StartDate' as start_date,\n\ + \ replication_task_stats -> 'StopDate' as stop_date,\n replication_task_stats\ + \ -> 'TablesErrored' as tables_errored,\n replication_task_stats -> 'TablesLoaded'\ + \ as tables_loaded,\n replication_task_stats -> 'TablesLoading' as tables_loading,\n\ + \ replication_task_stats -> 'TablesQueued' as tables_queued\nfrom\n aws_dms_replication_task;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DMS +Title: Find AWS DMS Replication Task Details for Data Migration diff --git a/queries/aws_dms_replication_task_5.yaml b/queries/aws_dms_replication_task_5.yaml index 2bb52965a..8c786d02f 100755 --- a/queries/aws_dms_replication_task_5.yaml +++ b/queries/aws_dms_replication_task_5.yaml @@ -1,30 +1,24 @@ +Description: Enables users to query AWS DMS Replication Tasks to retrieve detailed + information on data migration activities between source and target databases. ID: aws_dms_replication_task_5 -Title: "List all AWS DMS Replication Tasks with Details" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - t.replication_task_identifier, - t.arn as task_arn, - i.replication_instance_class, - i.engine_version, - i.publicly_accessible, - i.dns_name_servers - from - aws_dms_replication_task t - join aws_dms_replication_instance i on t.replication_instance_arn = i.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n t.replication_task_identifier,\n t.arn as task_arn,\n\ + \ i.replication_instance_class,\n i.engine_version,\n i.publicly_accessible,\n\ + \ i.dns_name_servers\nfrom\n aws_dms_replication_task t\njoin aws_dms_replication_instance\ + \ i on t.replication_instance_arn = i.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS DMS +Title: List all AWS DMS Replication Tasks with Details diff --git a/queries/aws_dms_replication_task_6.yaml b/queries/aws_dms_replication_task_6.yaml index 42c31f5dc..af1be20e6 100755 --- a/queries/aws_dms_replication_task_6.yaml +++ b/queries/aws_dms_replication_task_6.yaml @@ -1,28 +1,22 @@ +Description: Enables users to query AWS DMS Replication Tasks to retrieve detailed + information on data migration activities between source and target databases. ID: aws_dms_replication_task_6 -Title: "Find AWS DMS Replication Tasks for Data Migration" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_task_identifier, - source_endpoint_arn, - status - from - aws_dms_replication_task - where - endpoint_type = 'source'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_task_identifier,\n source_endpoint_arn,\n\ + \ status\nfrom\n aws_dms_replication_task\nwhere\n endpoint_type = 'source';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DMS +Title: Find AWS DMS Replication Tasks for Data Migration diff --git a/queries/aws_dms_replication_task_7.yaml b/queries/aws_dms_replication_task_7.yaml index e113d04c6..1db3fdab3 100755 --- a/queries/aws_dms_replication_task_7.yaml +++ b/queries/aws_dms_replication_task_7.yaml @@ -1,29 +1,24 @@ +Description: Enables users to query AWS DMS Replication Tasks to retrieve detailed + information on data migration activities between source and target databases. ID: aws_dms_replication_task_7 -Title: "List all AWS DMS Replication Task Details" -Description: "Enables users to query AWS DMS Replication Tasks to retrieve detailed information on data migration activities between source and target databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_type, - count(*) as task_count - from - aws_dms_replication_task - group by - endpoint_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n endpoint_type,\n count(*) as task_count\nfrom\n aws_dms_replication_task\n\ + group by\n endpoint_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DMS +Title: List all AWS DMS Replication Task Details diff --git a/queries/aws_docdb_cluster_1.yaml b/queries/aws_docdb_cluster_1.yaml index 68139de8d..48c49dc53 100755 --- a/queries/aws_docdb_cluster_1.yaml +++ b/queries/aws_docdb_cluster_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query Amazon DocumentDB Clusters for detailed information + about their configuration, status, and associated metadata. ID: aws_docdb_cluster_1 -Title: "Find Amazon DocumentDB Cluster Configuration and Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - db_cluster_identifier, - deletion_protection, - engine, - status, - region - from - aws_docdb_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n db_cluster_identifier,\n deletion_protection,\n\ + \ engine,\n status,\n region\nfrom\n aws_docdb_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon DocumentDB +Title: Find Amazon DocumentDB Cluster Configuration and Status diff --git a/queries/aws_docdb_cluster_2.yaml b/queries/aws_docdb_cluster_2.yaml index 3a159351f..05346701d 100755 --- a/queries/aws_docdb_cluster_2.yaml +++ b/queries/aws_docdb_cluster_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query Amazon DocumentDB Clusters for detailed information + about their configuration, status, and associated metadata. ID: aws_docdb_cluster_2 -Title: "Find Amazon DocumentDB Cluster Configuration and Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - status, - cluster_create_time, - kms_key_id, - storage_encrypted - from - aws_docdb_cluster - where - not storage_encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n status,\n cluster_create_time,\n\ + \ kms_key_id,\n storage_encrypted\nfrom\n aws_docdb_cluster\nwhere\n not storage_encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon DocumentDB +Title: Find Amazon DocumentDB Cluster Configuration and Status diff --git a/queries/aws_docdb_cluster_3.yaml b/queries/aws_docdb_cluster_3.yaml index 042a6dae1..d13c09fbf 100755 --- a/queries/aws_docdb_cluster_3.yaml +++ b/queries/aws_docdb_cluster_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query Amazon DocumentDB Clusters for detailed information + about their configuration, status, and associated metadata. ID: aws_docdb_cluster_3 -Title: "Find Amazon DocumentDB Cluster Config and Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - backup_retention_period - from - aws_docdb_cluster - where - backup_retention_period > 7; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n backup_retention_period\nfrom\n\ + \ aws_docdb_cluster\nwhere\n backup_retention_period > 7;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DocumentDB +Title: Find Amazon DocumentDB Cluster Config and Status diff --git a/queries/aws_docdb_cluster_4.yaml b/queries/aws_docdb_cluster_4.yaml index a077ee767..edb02dad6 100755 --- a/queries/aws_docdb_cluster_4.yaml +++ b/queries/aws_docdb_cluster_4.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query Amazon DocumentDB Clusters for detailed information + about their configuration, status, and associated metadata. ID: aws_docdb_cluster_4 -Title: "List all Amazon DocumentDB Cluster Configuration and Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - jsonb_array_length(availability_zones) as availability_zones_count - from - aws_docdb_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n jsonb_array_length(availability_zones)\ + \ as availability_zones_count\nfrom\n aws_docdb_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon DocumentDB +Title: List all Amazon DocumentDB Cluster Configuration and Status diff --git a/queries/aws_docdb_cluster_5.yaml b/queries/aws_docdb_cluster_5.yaml index 20d3cf9cd..7365d9e2f 100755 --- a/queries/aws_docdb_cluster_5.yaml +++ b/queries/aws_docdb_cluster_5.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query Amazon DocumentDB Clusters for detailed information + about their configuration, status, and associated metadata. ID: aws_docdb_cluster_5 -Title: "List Amazon DocumentDB Clusters and Their Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - status, - cluster_create_time, - deletion_protection - from - aws_docdb_cluster - where - not deletion_protection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n status,\n cluster_create_time,\n\ + \ deletion_protection\nfrom\n aws_docdb_cluster\nwhere\n not deletion_protection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DocumentDB +Title: List Amazon DocumentDB Clusters and Their Status diff --git a/queries/aws_docdb_cluster_6.yaml b/queries/aws_docdb_cluster_6.yaml index 043b27d38..642278827 100755 --- a/queries/aws_docdb_cluster_6.yaml +++ b/queries/aws_docdb_cluster_6.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query Amazon DocumentDB Clusters for detailed information + about their configuration, status, and associated metadata. ID: aws_docdb_cluster_6 -Title: "List all Amazon DocumentDB Clusters for Configuration and Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - member ->> 'DBClusterParameterGroupStatus' as db_cluster_parameter_group_status, - member ->> 'DBInstanceIdentifier' as db_instance_identifier, - member ->> 'IsClusterWriter' as is_cluster_writer, - member ->> 'PromotionTier' as promotion_tier - from - aws_docdb_cluster - cross join jsonb_array_elements(members) as member; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n member ->> 'DBClusterParameterGroupStatus'\ + \ as db_cluster_parameter_group_status,\n member ->> 'DBInstanceIdentifier' as\ + \ db_instance_identifier,\n member ->> 'IsClusterWriter' as is_cluster_writer,\n\ + \ member ->> 'PromotionTier' as promotion_tier\nfrom\n aws_docdb_cluster\n \ + \ cross join jsonb_array_elements(members) as member;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DocumentDB +Title: List all Amazon DocumentDB Clusters for Configuration and Status diff --git a/queries/aws_docdb_cluster_7.yaml b/queries/aws_docdb_cluster_7.yaml index cae4ef906..6752976f4 100755 --- a/queries/aws_docdb_cluster_7.yaml +++ b/queries/aws_docdb_cluster_7.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query Amazon DocumentDB Clusters for detailed information + about their configuration, status, and associated metadata. ID: aws_docdb_cluster_7 -Title: "Find Amazon DocumentDB Clusters and Configuration Status" -Description: "Allows users to query Amazon DocumentDB Clusters for detailed information about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - status, - cluster_create_time, - deletion_protection - from - aws_docdb_cluster - where - not deletion_protection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n status,\n cluster_create_time,\n\ + \ deletion_protection\nfrom\n aws_docdb_cluster\nwhere\n not deletion_protection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon DocumentDB +Title: Find Amazon DocumentDB Clusters and Configuration Status diff --git a/queries/aws_docdb_cluster_instance_1.yaml b/queries/aws_docdb_cluster_instance_1.yaml index 06bf3dc82..1be37eb0d 100755 --- a/queries/aws_docdb_cluster_instance_1.yaml +++ b/queries/aws_docdb_cluster_instance_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query Amazon DocumentDB Cluster Instances to gather detailed + information such as instance identifier, cluster identifier, instance class, availability + zone, engine version, and more. ID: aws_docdb_cluster_instance_1 -Title: "List Amazon DocumentDB Cluster Instances" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - db_cluster_identifier, - engine, - engine_version, - db_instance_class, - availability_zone - from - aws_docdb_cluster_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n db_cluster_identifier,\n \ + \ engine,\n engine_version,\n db_instance_class,\n availability_zone\nfrom\n\ + \ aws_docdb_cluster_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon DocumentDB +Title: List Amazon DocumentDB Cluster Instances diff --git a/queries/aws_docdb_cluster_instance_2.yaml b/queries/aws_docdb_cluster_instance_2.yaml index 9c4b2a0fa..1f2286b05 100755 --- a/queries/aws_docdb_cluster_instance_2.yaml +++ b/queries/aws_docdb_cluster_instance_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query Amazon DocumentDB Cluster Instances to gather detailed + information such as instance identifier, cluster identifier, instance class, availability + zone, engine version, and more. ID: aws_docdb_cluster_instance_2 -Title: "List all Amazon DocumentDB Cluster Instances" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - db_cluster_identifier, - engine, - engine_version, - db_instance_class, - availability_zone - from - aws_docdb_cluster_instance - where - publicly_accessible; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n db_cluster_identifier,\n \ + \ engine,\n engine_version,\n db_instance_class,\n availability_zone\nfrom\n\ + \ aws_docdb_cluster_instance\nwhere\n publicly_accessible;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DocumentDB +Title: List all Amazon DocumentDB Cluster Instances diff --git a/queries/aws_docdb_cluster_instance_3.yaml b/queries/aws_docdb_cluster_instance_3.yaml index a65a668ac..93b959b40 100755 --- a/queries/aws_docdb_cluster_instance_3.yaml +++ b/queries/aws_docdb_cluster_instance_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query Amazon DocumentDB Cluster Instances to gather detailed + information such as instance identifier, cluster identifier, instance class, availability + zone, engine version, and more. ID: aws_docdb_cluster_instance_3 -Title: "Find all Amazon DocumentDB Cluster Instances with Details" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_subnet_group_arn, - db_subnet_group_name, - db_subnet_group_description, - db_subnet_group_status - from - aws_docdb_cluster_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_subnet_group_arn,\n db_subnet_group_name,\n db_subnet_group_description,\n\ + \ db_subnet_group_status\nfrom\n aws_docdb_cluster_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon DocumentDB +Title: Find all Amazon DocumentDB Cluster Instances with Details diff --git a/queries/aws_docdb_cluster_instance_4.yaml b/queries/aws_docdb_cluster_instance_4.yaml index 825e94139..9dbe8110e 100755 --- a/queries/aws_docdb_cluster_instance_4.yaml +++ b/queries/aws_docdb_cluster_instance_4.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query Amazon DocumentDB Cluster Instances to gather detailed + information such as instance identifier, cluster identifier, instance class, availability + zone, engine version, and more. ID: aws_docdb_cluster_instance_4 -Title: "List all Information of Amazon DocumentDB Clusters" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier as attached_vpc, - vsg ->> 'VpcSecurityGroupId' as vpc_security_group_id, - vsg ->> 'Status' as status, - sub -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, - sub ->> 'SubnetIdentifier' as subnet_identifier, - sub -> 'SubnetOutpost' ->> 'Arn' as subnet_outpost, - sub ->> 'SubnetStatus' as subnet_status - from - aws_docdb_cluster_instance - cross join jsonb_array_elements(vpc_security_groups) as vsg - cross join jsonb_array_elements(subnets) as sub; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier as attached_vpc,\n vsg ->> 'VpcSecurityGroupId'\ + \ as vpc_security_group_id,\n vsg ->> 'Status' as status,\n sub -> 'SubnetAvailabilityZone'\ + \ ->> 'Name' as subnet_availability_zone,\n sub ->> 'SubnetIdentifier' as subnet_identifier,\n\ + \ sub -> 'SubnetOutpost' ->> 'Arn' as subnet_outpost,\n sub ->> 'SubnetStatus'\ + \ as subnet_status\nfrom\n aws_docdb_cluster_instance\n cross join jsonb_array_elements(vpc_security_groups)\ + \ as vsg\n cross join jsonb_array_elements(subnets) as sub;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon DocumentDB +Title: List all Information of Amazon DocumentDB Clusters diff --git a/queries/aws_docdb_cluster_instance_5.yaml b/queries/aws_docdb_cluster_instance_5.yaml index aa00eab74..a2d484c99 100755 --- a/queries/aws_docdb_cluster_instance_5.yaml +++ b/queries/aws_docdb_cluster_instance_5.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query Amazon DocumentDB Cluster Instances to gather detailed + information such as instance identifier, cluster identifier, instance class, availability + zone, engine version, and more. ID: aws_docdb_cluster_instance_5 -Title: "Find all Amazon DocumentDB Cluster Instances using SQL" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - db_cluster_identifier, - db_instance_class - from - aws_docdb_cluster_instance - where - not storage_encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n db_cluster_identifier,\n \ + \ db_instance_class\nfrom\n aws_docdb_cluster_instance\nwhere\n not storage_encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon DocumentDB +Title: Find all Amazon DocumentDB Cluster Instances using SQL diff --git a/queries/aws_docdb_cluster_instance_6.yaml b/queries/aws_docdb_cluster_instance_6.yaml index dc90e73de..1673d7c40 100755 --- a/queries/aws_docdb_cluster_instance_6.yaml +++ b/queries/aws_docdb_cluster_instance_6.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query Amazon DocumentDB Cluster Instances to gather detailed + information such as instance identifier, cluster identifier, instance class, availability + zone, engine version, and more. ID: aws_docdb_cluster_instance_6 -Title: "List Amazon DocumentDB Cluster Instances with SQL" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - db_cluster_identifier, - db_instance_class - from - aws_docdb_cluster_instance - where - enabled_cloudwatch_logs_exports is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n db_cluster_identifier,\n \ + \ db_instance_class\nfrom\n aws_docdb_cluster_instance\nwhere\n enabled_cloudwatch_logs_exports\ + \ is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon DocumentDB +Title: List Amazon DocumentDB Cluster Instances with SQL diff --git a/queries/aws_docdb_cluster_instance_7.yaml b/queries/aws_docdb_cluster_instance_7.yaml index 4e3591a6b..e18031ce0 100755 --- a/queries/aws_docdb_cluster_instance_7.yaml +++ b/queries/aws_docdb_cluster_instance_7.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query Amazon DocumentDB Cluster Instances to gather detailed + information such as instance identifier, cluster identifier, instance class, availability + zone, engine version, and more. ID: aws_docdb_cluster_instance_7 -Title: "List all Amazon DocumentDB Cluster Instances and Details" -Description: "Allows users to query Amazon DocumentDB Cluster Instances to gather detailed information such as instance identifier, cluster identifier, instance class, availability zone, engine version, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - endpoint_address, - endpoint_hosted_zone_id, - endpoint_port - from - aws_docdb_cluster_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n endpoint_address,\n endpoint_hosted_zone_id,\n\ + \ endpoint_port\nfrom\n aws_docdb_cluster_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon DocumentDB +Title: List all Amazon DocumentDB Cluster Instances and Details diff --git a/queries/aws_docdb_cluster_snapshot_1.yaml b/queries/aws_docdb_cluster_snapshot_1.yaml index 927dcd6e2..483d58bc1 100755 --- a/queries/aws_docdb_cluster_snapshot_1.yaml +++ b/queries/aws_docdb_cluster_snapshot_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query Amazon DocumentDB Cluster Snapshots for detailed + information about their configuration, status, and associated metadata. ID: aws_docdb_cluster_snapshot_1 -Title: "Find Amazon DocumentDB Cluster Snapshots Configuration and Status" -Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - snapshot_type, - not storage_encrypted as storage_not_encrypted, - split_part(kms_key_id, '/', 1) as kms_key_id - from - aws_docdb_cluster_snapshot - where - not storage_encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_snapshot_identifier,\n snapshot_type,\n \ + \ not storage_encrypted as storage_not_encrypted,\n split_part(kms_key_id, '/',\ + \ 1) as kms_key_id\nfrom\n aws_docdb_cluster_snapshot\nwhere\n not storage_encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon DocumentDB +Title: Find Amazon DocumentDB Cluster Snapshots Configuration and Status diff --git a/queries/aws_docdb_cluster_snapshot_2.yaml b/queries/aws_docdb_cluster_snapshot_2.yaml index 53d2b4dc1..bab944b5b 100755 --- a/queries/aws_docdb_cluster_snapshot_2.yaml +++ b/queries/aws_docdb_cluster_snapshot_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query Amazon DocumentDB Cluster Snapshots for detailed + information about their configuration, status, and associated metadata. ID: aws_docdb_cluster_snapshot_2 -Title: "Find Amazon DocumentDB Cluster Snapshot Details" -Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - cluster_create_time, - engine, - engine_version - from - aws_docdb_cluster_snapshot; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_snapshot_identifier,\n cluster_create_time,\n\ + \ engine,\n engine_version\nfrom\n aws_docdb_cluster_snapshot;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DocumentDB +Title: Find Amazon DocumentDB Cluster Snapshot Details diff --git a/queries/aws_docdb_cluster_snapshot_3.yaml b/queries/aws_docdb_cluster_snapshot_3.yaml index bafec67c3..dc62427a5 100755 --- a/queries/aws_docdb_cluster_snapshot_3.yaml +++ b/queries/aws_docdb_cluster_snapshot_3.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query Amazon DocumentDB Cluster Snapshots for detailed + information about their configuration, status, and associated metadata. ID: aws_docdb_cluster_snapshot_3 -Title: "List Amazon DocumentDB Cluster Snapshots and their Details" -Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - count(db_cluster_snapshot_identifier) as snapshot_count - from - aws_docdb_cluster_snapshot - group by - db_cluster_identifier; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n count(db_cluster_snapshot_identifier)\ + \ as snapshot_count\nfrom\n aws_docdb_cluster_snapshot\ngroup by\n db_cluster_identifier;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon DocumentDB +Title: List Amazon DocumentDB Cluster Snapshots and their Details diff --git a/queries/aws_docdb_cluster_snapshot_4.yaml b/queries/aws_docdb_cluster_snapshot_4.yaml index 86b54aeac..f8fd73d37 100755 --- a/queries/aws_docdb_cluster_snapshot_4.yaml +++ b/queries/aws_docdb_cluster_snapshot_4.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query Amazon DocumentDB Cluster Snapshots for detailed + information about their configuration, status, and associated metadata. ID: aws_docdb_cluster_snapshot_4 -Title: "Find Amazon DocumentDB Cluster Snapshot details" -Description: "Allows users to query Amazon DocumentDB Cluster Snapshots for detailed information about their configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - engine, - snapshot_type - from - aws_docdb_cluster_snapshot - where - snapshot_type = 'manual'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_snapshot_identifier,\n engine,\n snapshot_type\n\ + from\n aws_docdb_cluster_snapshot\nwhere\n snapshot_type = 'manual';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon DocumentDB +Title: Find Amazon DocumentDB Cluster Snapshot details diff --git a/queries/aws_drs_job_1.yaml b/queries/aws_drs_job_1.yaml index ad7eb09e3..7e2178621 100755 --- a/queries/aws_drs_job_1.yaml +++ b/queries/aws_drs_job_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Data Replication Service Jobs and retrieve + key job details such as job ID, job status, creation time, and more. ID: aws_drs_job_1 -Title: "List all AWS Data Replication Service Jobs Details" -Description: "Allows users to query AWS Data Replication Service Jobs and retrieve key job details such as job ID, job status, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - status, - initiated_by - from - aws_drs_job; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n status,\n initiated_by\nfrom\n aws_drs_job;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Data Replication Service +Title: List all AWS Data Replication Service Jobs Details diff --git a/queries/aws_drs_job_2.yaml b/queries/aws_drs_job_2.yaml index 2f4eb9134..d39c858ee 100755 --- a/queries/aws_drs_job_2.yaml +++ b/queries/aws_drs_job_2.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS Data Replication Service Jobs and retrieve + key job details such as job ID, job status, creation time, and more. ID: aws_drs_job_2 -Title: "Find AWS Data Replication Service Job Details" -Description: "Allows users to query AWS Data Replication Service Jobs and retrieve key job details such as job ID, job status, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - status, - initiated_by, - creation_date_time - from - aws_drs_job - where - status = 'PENDING'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n status,\n initiated_by,\n creation_date_time\n\ + from\n aws_drs_job\nwhere\n status = 'PENDING';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Data Replication Service +Title: Find AWS Data Replication Service Job Details diff --git a/queries/aws_drs_job_3.yaml b/queries/aws_drs_job_3.yaml index 8fedafb45..58ec44a29 100755 --- a/queries/aws_drs_job_3.yaml +++ b/queries/aws_drs_job_3.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Data Replication Service Jobs and retrieve + key job details such as job ID, job status, creation time, and more. ID: aws_drs_job_3 -Title: "List AWS Data Replication Service Job Details" -Description: "Allows users to query AWS Data Replication Service Jobs and retrieve key job details such as job ID, job status, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - status, - initiated_by, - type, - creation_date_time, - end_date_time - from - aws_drs_job - where - creation_date_time >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n status,\n initiated_by,\n type,\n\ + \ creation_date_time,\n end_date_time\nfrom\n aws_drs_job\nwhere\n creation_date_time\ + \ >= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Data Replication Service +Title: List AWS Data Replication Service Job Details diff --git a/queries/aws_drs_recovery_instance_1.yaml b/queries/aws_drs_recovery_instance_1.yaml index d83d93970..6da4ba849 100755 --- a/queries/aws_drs_recovery_instance_1.yaml +++ b/queries/aws_drs_recovery_instance_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Disaster Recovery Service Recovery Instances + to retrieve information about recovery instances, including instance type, recovery + instance ARN, and associated tags. ID: aws_drs_recovery_instance_1 -Title: "List AWS Disaster Recovery Service Recovery Instances" -Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recovery_instance_id, - arn, - source_server_id, - ec2_instance_id, - ec2_instance_state - from - aws_drs_recovery_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n recovery_instance_id,\n arn,\n source_server_id,\n\ + \ ec2_instance_id,\n ec2_instance_state\nfrom\n aws_drs_recovery_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Disaster Recovery Service +Title: List AWS Disaster Recovery Service Recovery Instances diff --git a/queries/aws_drs_recovery_instance_2.yaml b/queries/aws_drs_recovery_instance_2.yaml index a1a194f71..2c6160bce 100755 --- a/queries/aws_drs_recovery_instance_2.yaml +++ b/queries/aws_drs_recovery_instance_2.yaml @@ -1,32 +1,29 @@ +Description: Allows users to query AWS Disaster Recovery Service Recovery Instances + to retrieve information about recovery instances, including instance type, recovery + instance ARN, and associated tags. ID: aws_drs_recovery_instance_2 -Title: "Query AWS DRS Recovery Instances for Detailed Information" -Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recovery_instance_id - arn, - recovery_instance_properties ->> 'Cpus' as recovery_instance_cpus, - recovery_instance_properties ->> 'Disks' as recovery_instance_disks, - recovery_instance_properties ->> 'IdentificationHints' as recovery_instance_identification_hints, - recovery_instance_properties ->> 'LastUpdatedDateTime' as recovery_instance_last_updated_date_time, - recovery_instance_properties ->> 'NetworkInterfaces' as recovery_instance_network_interfaces, - recovery_instance_properties ->> 'Os' as recovery_instance_os, - recovery_instance_properties ->> 'RamBytes' as recovery_instance_ram_bytes - from - aws_drs_recovery_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n recovery_instance_id\n arn,\n recovery_instance_properties\ + \ ->> 'Cpus' as recovery_instance_cpus,\n recovery_instance_properties ->> 'Disks'\ + \ as recovery_instance_disks,\n recovery_instance_properties ->> 'IdentificationHints'\ + \ as recovery_instance_identification_hints,\n recovery_instance_properties ->>\ + \ 'LastUpdatedDateTime' as recovery_instance_last_updated_date_time,\n recovery_instance_properties\ + \ ->> 'NetworkInterfaces' as recovery_instance_network_interfaces,\n recovery_instance_properties\ + \ ->> 'Os' as recovery_instance_os,\n recovery_instance_properties ->> 'RamBytes'\ + \ as recovery_instance_ram_bytes\nfrom\n aws_drs_recovery_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Disaster Recovery Service +Title: Query AWS DRS Recovery Instances for Detailed Information diff --git a/queries/aws_drs_recovery_instance_3.yaml b/queries/aws_drs_recovery_instance_3.yaml index 77e493621..3c420f717 100755 --- a/queries/aws_drs_recovery_instance_3.yaml +++ b/queries/aws_drs_recovery_instance_3.yaml @@ -1,37 +1,30 @@ +Description: Allows users to query AWS Disaster Recovery Service Recovery Instances + to retrieve information about recovery instances, including instance type, recovery + instance ARN, and associated tags. ID: aws_drs_recovery_instance_3 -Title: "List all AWS Disaster Recovery Recovery Instances" -Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recovery_instance_id, - arn, - source_server_id, - ec2_instance_id, - failback ->> 'AgentLastSeenByServiceDateTime' as agent_last_seen_by_service_date_time, - failback ->> 'ElapsedReplicationDuration' as elapsed_replication_duration, - failback ->> 'FailbackClientID' as failback_client_id, - failback ->> 'FailbackClientLastSeenByServiceDateTime' as failback_client_last_seen_by_service_date_time, - failback ->> 'FailbackInitiationTime' as failback_initiation_time, - failback -> 'FailbackJobID' as failback_job_id, - failback -> 'FailbackLaunchType' as failback_launch_type, - failback -> 'FailbackToOriginalServer' as failback_to_original_server, - failback -> 'FirstByteDateTime' as failback_first_byte_date_time, - failback -> 'State' as failback_state - from - aws_drs_recovery_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n recovery_instance_id,\n arn,\n source_server_id,\n\ + \ ec2_instance_id,\n failback ->> 'AgentLastSeenByServiceDateTime' as agent_last_seen_by_service_date_time,\n\ + \ failback ->> 'ElapsedReplicationDuration' as elapsed_replication_duration,\n\ + \ failback ->> 'FailbackClientID' as failback_client_id,\n failback ->> 'FailbackClientLastSeenByServiceDateTime'\ + \ as failback_client_last_seen_by_service_date_time,\n failback ->> 'FailbackInitiationTime'\ + \ as failback_initiation_time,\n failback -> 'FailbackJobID' as failback_job_id,\n\ + \ failback -> 'FailbackLaunchType' as failback_launch_type,\n failback -> 'FailbackToOriginalServer'\ + \ as failback_to_original_server,\n failback -> 'FirstByteDateTime' as failback_first_byte_date_time,\n\ + \ failback -> 'State' as failback_state\nfrom\n aws_drs_recovery_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Disaster Recovery Service +Title: List all AWS Disaster Recovery Recovery Instances diff --git a/queries/aws_drs_recovery_instance_4.yaml b/queries/aws_drs_recovery_instance_4.yaml index 6216309e2..2f098b25f 100755 --- a/queries/aws_drs_recovery_instance_4.yaml +++ b/queries/aws_drs_recovery_instance_4.yaml @@ -1,28 +1,26 @@ +Description: Allows users to query AWS Disaster Recovery Service Recovery Instances + to retrieve information about recovery instances, including instance type, recovery + instance ARN, and associated tags. ID: aws_drs_recovery_instance_4 -Title: "List All AWS Disaster Recovery Service Recovery Instances" -Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recovery_instance_id, - arn, - data_replication_info -> 'DataReplicationInitiation' ->> 'StartDateTime' as data_replication_start_date_time, - data_replication_info -> 'DataReplicationInitiation' ->> 'NextAttemptDateTime' as data_replication_next_attempt_date_time, - data_replication_info ->> 'DataReplicationError' as data_replication_error, - data_replication_info ->> 'DataReplicationState' as data_replication_state, - data_replication_info ->> 'ReplicatedDisks' as data_replication_replicated_disks - from - aws_drs_recovery_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n recovery_instance_id,\n arn,\n data_replication_info\ + \ -> 'DataReplicationInitiation' ->> 'StartDateTime' as data_replication_start_date_time,\n\ + \ data_replication_info -> 'DataReplicationInitiation' ->> 'NextAttemptDateTime'\ + \ as data_replication_next_attempt_date_time,\n data_replication_info ->> 'DataReplicationError'\ + \ as data_replication_error,\n data_replication_info ->> 'DataReplicationState'\ + \ as data_replication_state,\n data_replication_info ->> 'ReplicatedDisks' as\ + \ data_replication_replicated_disks\nfrom\n aws_drs_recovery_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Disaster Recovery Service +Title: List All AWS Disaster Recovery Service Recovery Instances diff --git a/queries/aws_drs_recovery_instance_5.yaml b/queries/aws_drs_recovery_instance_5.yaml index 12dec8892..b7a877fc6 100755 --- a/queries/aws_drs_recovery_instance_5.yaml +++ b/queries/aws_drs_recovery_instance_5.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Disaster Recovery Service Recovery Instances + to retrieve information about recovery instances, including instance type, recovery + instance ARN, and associated tags. ID: aws_drs_recovery_instance_5 -Title: "List all AWS Disaster Recovery Service Recovery Instances" -Description: "Allows users to query AWS Disaster Recovery Service Recovery Instances to retrieve information about recovery instances, including instance type, recovery instance ARN, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recovery_instance_id, - arn, - source_server_id, - ec2_instance_id, - ec2_instance_state, - is_drill, - job_id - from - aws_drs_recovery_instance - where - not is_drill; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n recovery_instance_id,\n arn,\n source_server_id,\n\ + \ ec2_instance_id,\n ec2_instance_state,\n is_drill,\n job_id\nfrom\n aws_drs_recovery_instance\n\ + where\n not is_drill;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Disaster Recovery Service +Title: List all AWS Disaster Recovery Service Recovery Instances diff --git a/queries/aws_drs_recovery_snapshot_1.yaml b/queries/aws_drs_recovery_snapshot_1.yaml index 24afdfa85..267154b6b 100755 --- a/queries/aws_drs_recovery_snapshot_1.yaml +++ b/queries/aws_drs_recovery_snapshot_1.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query DRS Recovery Snapshot data in AWS. It provides + information about recovery snapshots within AWS Disaster Recovery Service (DRS). + This table can be used to gather insights on recovery snapshots, including their + details, associated metadata, and more. ID: aws_drs_recovery_snapshot_1 -Title: "List AWS DRS Recovery Snapshot Data with Details" -Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - source_server_id, - expected_timestamp, - timestamp, - title - from - aws_drs_recovery_snapshot; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_id,\n source_server_id,\n expected_timestamp,\n\ + \ timestamp,\n title\nfrom\n aws_drs_recovery_snapshot;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Disaster Recovery Service +Title: List AWS DRS Recovery Snapshot Data with Details diff --git a/queries/aws_drs_recovery_snapshot_2.yaml b/queries/aws_drs_recovery_snapshot_2.yaml index b37d26e9f..889f92cf2 100755 --- a/queries/aws_drs_recovery_snapshot_2.yaml +++ b/queries/aws_drs_recovery_snapshot_2.yaml @@ -1,31 +1,25 @@ +Description: Allows users to query DRS Recovery Snapshot data in AWS. It provides + information about recovery snapshots within AWS Disaster Recovery Service (DRS). + This table can be used to gather insights on recovery snapshots, including their + details, associated metadata, and more. ID: aws_drs_recovery_snapshot_2 -Title: "List AWS DRS Recovery Snapshot Details and Metadata" -Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.snapshot_id, - r.source_server_id, - s.arn as source_server_arn, - s.recovery_instance_id, - s.replication_direction - from - aws_drs_recovery_snapshot r, - aws_drs_source_server as s - where - r.source_server_id = s.source_server_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.snapshot_id,\n r.source_server_id,\n s.arn as source_server_arn,\n\ + \ s.recovery_instance_id,\n s.replication_direction\nfrom\n aws_drs_recovery_snapshot\ + \ r,\n aws_drs_source_server as s\nwhere\n r.source_server_id = s.source_server_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Disaster Recovery Service +Title: List AWS DRS Recovery Snapshot Details and Metadata diff --git a/queries/aws_drs_recovery_snapshot_3.yaml b/queries/aws_drs_recovery_snapshot_3.yaml index 417916c42..477cb465e 100755 --- a/queries/aws_drs_recovery_snapshot_3.yaml +++ b/queries/aws_drs_recovery_snapshot_3.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query DRS Recovery Snapshot data in AWS. It provides + information about recovery snapshots within AWS Disaster Recovery Service (DRS). + This table can be used to gather insights on recovery snapshots, including their + details, associated metadata, and more. ID: aws_drs_recovery_snapshot_3 -Title: "List all Recovery Snapshot Data in AWS DRS" -Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_server_id, - count(snapshot_id) as recovery_snapshot_count - from - aws_drs_recovery_snapshot - group by - source_server_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n source_server_id,\n count(snapshot_id) as recovery_snapshot_count\n\ + from\n aws_drs_recovery_snapshot\ngroup by\n source_server_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Disaster Recovery Service +Title: List all Recovery Snapshot Data in AWS DRS diff --git a/queries/aws_drs_recovery_snapshot_4.yaml b/queries/aws_drs_recovery_snapshot_4.yaml index 84018cbb0..e90fc3514 100755 --- a/queries/aws_drs_recovery_snapshot_4.yaml +++ b/queries/aws_drs_recovery_snapshot_4.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query DRS Recovery Snapshot data in AWS. It provides + information about recovery snapshots within AWS Disaster Recovery Service (DRS). + This table can be used to gather insights on recovery snapshots, including their + details, associated metadata, and more. ID: aws_drs_recovery_snapshot_4 -Title: "List AWS DRS Recovery Snapshots with Metadata Details" -Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - source_server_id, - expected_timestamp, - timestamp - from - aws_drs_recovery_snapshot - where - timestamp <= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_id,\n source_server_id,\n expected_timestamp,\n\ + \ timestamp\nfrom\n aws_drs_recovery_snapshot\nwhere\n timestamp <= now() -\ + \ interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Disaster Recovery Service +Title: List AWS DRS Recovery Snapshots with Metadata Details diff --git a/queries/aws_drs_recovery_snapshot_5.yaml b/queries/aws_drs_recovery_snapshot_5.yaml index bceab67f4..d94327aa8 100755 --- a/queries/aws_drs_recovery_snapshot_5.yaml +++ b/queries/aws_drs_recovery_snapshot_5.yaml @@ -1,38 +1,27 @@ +Description: Allows users to query DRS Recovery Snapshot data in AWS. It provides + information about recovery snapshots within AWS Disaster Recovery Service (DRS). + This table can be used to gather insights on recovery snapshots, including their + details, associated metadata, and more. ID: aws_drs_recovery_snapshot_5 -Title: "List all AWS DRS Recovery Snapshot Data" -Description: "Allows users to query DRS Recovery Snapshot data in AWS. It provides information about recovery snapshots within AWS Disaster Recovery Service (DRS). This table can be used to gather insights on recovery snapshots, including their details, associated metadata, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.snapshot_id, - r.source_server_id, - s as ebs_snapshot_id, - e.state as snapshot_state, - e.volume_size, - e.volume_id, - e.encrypted, - e.kms_key_id, - e.data_encryption_key_id - from - aws_drs_recovery_snapshot as r, - jsonb_array_elements_text(ebs_snapshots) as s, - aws_ebs_snapshot as e - where - r.snapshot_id = 'pit-3367d3f930778a9c3' - and - s = e.snapshot_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.snapshot_id,\n r.source_server_id,\n s as ebs_snapshot_id,\n\ + \ e.state as snapshot_state,\n e.volume_size,\n e.volume_id,\n e.encrypted,\n\ + \ e.kms_key_id,\n e.data_encryption_key_id\nfrom\n aws_drs_recovery_snapshot\ + \ as r,\n jsonb_array_elements_text(ebs_snapshots) as s,\n aws_ebs_snapshot\ + \ as e\nwhere\n r.snapshot_id = 'pit-3367d3f930778a9c3'\nand\n s = e.snapshot_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Disaster Recovery Service +Title: List all AWS DRS Recovery Snapshot Data diff --git a/queries/aws_drs_source_server_1.yaml b/queries/aws_drs_source_server_1.yaml index 57bb3def8..c3b521e5f 100755 --- a/queries/aws_drs_source_server_1.yaml +++ b/queries/aws_drs_source_server_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Database Migration Service Source Servers for + detailed information about the replication servers used in database migrations. ID: aws_drs_source_server_1 -Title: "List all AWS Database Migration Service Source Servers" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - last_launch_result, - source_server_id, - title - from - aws_drs_source_server; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n last_launch_result,\n source_server_id,\n title\n\ + from\n aws_drs_source_server;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: List all AWS Database Migration Service Source Servers diff --git a/queries/aws_drs_source_server_2.yaml b/queries/aws_drs_source_server_2.yaml index a60002f6c..56b7bb00e 100755 --- a/queries/aws_drs_source_server_2.yaml +++ b/queries/aws_drs_source_server_2.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Database Migration Service Source Servers for + detailed information about the replication servers used in database migrations. ID: aws_drs_source_server_2 -Title: "List all AWS DMS Source Servers for Detailed Info" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - title, - source_cloud_properties ->> 'OriginAccountID' as source_cloud_origin_account_id, - source_cloud_properties ->> 'OriginAvailabilityZone' as source_cloud_origin_availability_zone, - source_cloud_properties ->> 'OriginRegion' as source_cloud_origin_region - from - aws_drs_source_server; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n title,\n source_cloud_properties ->> 'OriginAccountID'\ + \ as source_cloud_origin_account_id,\n source_cloud_properties ->> 'OriginAvailabilityZone'\ + \ as source_cloud_origin_availability_zone,\n source_cloud_properties ->> 'OriginRegion'\ + \ as source_cloud_origin_region\nfrom\n aws_drs_source_server;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: List all AWS DMS Source Servers for Detailed Info diff --git a/queries/aws_drs_source_server_3.yaml b/queries/aws_drs_source_server_3.yaml index 80a5f0cbe..c625c65f2 100755 --- a/queries/aws_drs_source_server_3.yaml +++ b/queries/aws_drs_source_server_3.yaml @@ -1,31 +1,25 @@ +Description: Allows users to query AWS Database Migration Service Source Servers for + detailed information about the replication servers used in database migrations. ID: aws_drs_source_server_3 -Title: "Query AWS DMS Source Servers for Replication Details" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - title, - source_properties ->> 'Cpus' as source_cpus, - source_properties ->> 'Disks' as source_disks, - source_properties -> 'IdentificationHints' ->> 'Hostname' as source_hostname, - source_properties ->> 'NetworkInterfaces' as source_network_interfaces, - source_properties -> 'Os' ->> 'FullString' as source_os, - source_properties -> 'RamBytes' as source_ram_bytes, - source_properties -> 'RecommendedInstanceType' as source_recommended_instance_type, - source_properties -> 'LastUpdatedDateTime' as source_last_updated_date_time - from - aws_drs_source_server; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n title,\n source_properties ->> 'Cpus' as source_cpus,\n\ + \ source_properties ->> 'Disks' as source_disks,\n source_properties -> 'IdentificationHints'\ + \ ->> 'Hostname' as source_hostname,\n source_properties ->> 'NetworkInterfaces'\ + \ as source_network_interfaces,\n source_properties -> 'Os' ->> 'FullString'\ + \ as source_os,\n source_properties -> 'RamBytes' as source_ram_bytes,\n source_properties\ + \ -> 'RecommendedInstanceType' as source_recommended_instance_type,\n source_properties\ + \ -> 'LastUpdatedDateTime' as source_last_updated_date_time\nfrom\n aws_drs_source_server;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: Query AWS DMS Source Servers for Replication Details diff --git a/queries/aws_drs_source_server_4.yaml b/queries/aws_drs_source_server_4.yaml index 26d9226b7..a3790a944 100755 --- a/queries/aws_drs_source_server_4.yaml +++ b/queries/aws_drs_source_server_4.yaml @@ -1,30 +1,27 @@ +Description: Allows users to query AWS Database Migration Service Source Servers for + detailed information about the replication servers used in database migrations. ID: aws_drs_source_server_4 -Title: "List all AWS DMS Source Servers with Replication Info" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - title, - data_replication_info -> 'DataReplicationInitiation' ->> 'StartDateTime' as data_replication_start_date_time, - data_replication_info -> 'DataReplicationInitiation' ->> 'NextAttemptDateTime' as data_replication_next_attempt_date_time, - data_replication_info ->> 'DataReplicationError' as data_replication_error, - data_replication_info ->> 'DataReplicationState' as data_replication_state, - data_replication_info ->> 'ReplicatedDisks' as data_replication_replicated_disks - from - aws_drs_source_server; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n title,\n data_replication_info -> 'DataReplicationInitiation'\ + \ ->> 'StartDateTime' as data_replication_start_date_time,\n data_replication_info\ + \ -> 'DataReplicationInitiation' ->> 'NextAttemptDateTime' as data_replication_next_attempt_date_time,\n\ + \ data_replication_info ->> 'DataReplicationError' as data_replication_error,\n\ + \ data_replication_info ->> 'DataReplicationState' as data_replication_state,\n\ + \ data_replication_info ->> 'ReplicatedDisks' as data_replication_replicated_disks\n\ + from\n aws_drs_source_server;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: List all AWS DMS Source Servers with Replication Info diff --git a/queries/aws_drs_source_server_5.yaml b/queries/aws_drs_source_server_5.yaml index 38b219762..ed3c2cbcc 100755 --- a/queries/aws_drs_source_server_5.yaml +++ b/queries/aws_drs_source_server_5.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS Database Migration Service Source Servers for + detailed information about the replication servers used in database migrations. ID: aws_drs_source_server_5 -Title: "List AWS DMS Source Servers with Detailed Information" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - title, - launch_configuration ->> 'Name' as launch_configuration_name, - launch_configuration ->> 'CopyPrivateIp' as launch_configuration_copy_private_ip, - launch_configuration ->> 'CopyTags' as launch_configuration_copy_tags, - launch_configuration ->> 'Ec2LaunchTemplateID' as launch_configuration_ec2_launch_template_id, - launch_configuration ->> 'LaunchDisposition' as launch_configuration_disposition, - launch_configuration ->> 'TargetInstanceTypeRightSizingMethod' as launch_configuration_target_instance_type_right_sizing_method, - launch_configuration -> 'Licensing' as launch_configuration_licensing, - launch_configuration -> 'ResultMetadata' as launch_configuration_result_metadata - from - aws_drs_source_server; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n title,\n launch_configuration ->> 'Name' as\ + \ launch_configuration_name,\n launch_configuration ->> 'CopyPrivateIp' as launch_configuration_copy_private_ip,\n\ + \ launch_configuration ->> 'CopyTags' as launch_configuration_copy_tags,\n launch_configuration\ + \ ->> 'Ec2LaunchTemplateID' as launch_configuration_ec2_launch_template_id,\n\ + \ launch_configuration ->> 'LaunchDisposition' as launch_configuration_disposition,\n\ + \ launch_configuration ->> 'TargetInstanceTypeRightSizingMethod' as launch_configuration_target_instance_type_right_sizing_method,\n\ + \ launch_configuration -> 'Licensing' as launch_configuration_licensing,\n launch_configuration\ + \ -> 'ResultMetadata' as launch_configuration_result_metadata\nfrom\n aws_drs_source_server;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: List AWS DMS Source Servers with Detailed Information diff --git a/queries/aws_drs_source_server_6.yaml b/queries/aws_drs_source_server_6.yaml index 72fd284fc..3c6a09a9d 100755 --- a/queries/aws_drs_source_server_6.yaml +++ b/queries/aws_drs_source_server_6.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Database Migration Service Source Servers for + detailed information about the replication servers used in database migrations. ID: aws_drs_source_server_6 -Title: "Find Failed AWS Database Migration Source Servers" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - last_launch_result, - source_server_id - from - aws_drs_source_server - where - last_launch_result = 'FAILED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n last_launch_result,\n source_server_id\n\ + from\n aws_drs_source_server\nwhere\n last_launch_result = 'FAILED';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: Find Failed AWS Database Migration Source Servers diff --git a/queries/aws_drs_source_server_7.yaml b/queries/aws_drs_source_server_7.yaml index 587dc36a5..7e359ac67 100755 --- a/queries/aws_drs_source_server_7.yaml +++ b/queries/aws_drs_source_server_7.yaml @@ -1,31 +1,27 @@ +Description: Allows users to query AWS Database Migration Service Source Servers for + detailed information about the replication servers used in database migrations. ID: aws_drs_source_server_7 -Title: "Find AWS DMS Source Server Data Replication Details" -Description: "Allows users to query AWS Database Migration Service Source Servers for detailed information about the replication servers used in database migrations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - data_replication_info ->> 'DataReplicationState' as data_replication_state, - data_replication_info ->> 'DataReplicationError' as data_replication_error, - data_replication_info -> 'DataReplicationInitiation' ->> 'StartDateTime' as data_replication_start_date_time, - data_replication_info -> 'DataReplicationInitiation' ->> 'NextAttemptDateTime' as data_replication_next_attempt_date_time - from - aws_drs_source_server - where - data_replication_info ->> 'DataReplicationState' = 'DISCONNECTED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n data_replication_info ->> 'DataReplicationState'\ + \ as data_replication_state,\n data_replication_info ->> 'DataReplicationError'\ + \ as data_replication_error,\n data_replication_info -> 'DataReplicationInitiation'\ + \ ->> 'StartDateTime' as data_replication_start_date_time,\n data_replication_info\ + \ -> 'DataReplicationInitiation' ->> 'NextAttemptDateTime' as data_replication_next_attempt_date_time\n\ + from\n aws_drs_source_server\nwhere\n data_replication_info ->> 'DataReplicationState'\ + \ = 'DISCONNECTED';" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Database Migration Service +Title: Find AWS DMS Source Server Data Replication Details diff --git a/queries/aws_dynamodb_backup_1.yaml b/queries/aws_dynamodb_backup_1.yaml index cb04a7baa..16e610e19 100755 --- a/queries/aws_dynamodb_backup_1.yaml +++ b/queries/aws_dynamodb_backup_1.yaml @@ -1,24 +1,19 @@ +Description: Allows users to query DynamoDB Backup details such as backup ARN, backup + creation date, backup size, backup status, and more. ID: aws_dynamodb_backup_1 -Title: "List all DynamoDB Backup details with SQL query" -Description: "Allows users to query DynamoDB Backup details such as backup ARN, backup creation date, backup size, backup status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - table_name, - table_id - from - aws_dynamodb_backup; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n table_name,\n table_id\nfrom\n aws_dynamodb_backup;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: List all DynamoDB Backup details with SQL query diff --git a/queries/aws_dynamodb_backup_2.yaml b/queries/aws_dynamodb_backup_2.yaml index b918158d9..66d72ef3c 100755 --- a/queries/aws_dynamodb_backup_2.yaml +++ b/queries/aws_dynamodb_backup_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query DynamoDB Backup details such as backup ARN, backup + creation date, backup size, backup status, and more. ID: aws_dynamodb_backup_2 -Title: "List all AWS DynamoDB Backup Details" -Description: "Allows users to query DynamoDB Backup details such as backup ARN, backup creation date, backup size, backup status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - backup_status, - backup_type, - backup_expiry_datetime, - backup_size_bytes - from - aws_dynamodb_backup; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n backup_status,\n backup_type,\n backup_expiry_datetime,\n\ + \ backup_size_bytes\nfrom\n aws_dynamodb_backup;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: List all AWS DynamoDB Backup Details diff --git a/queries/aws_dynamodb_global_table_1.yaml b/queries/aws_dynamodb_global_table_1.yaml index 8ebbc2385..9785b4406 100755 --- a/queries/aws_dynamodb_global_table_1.yaml +++ b/queries/aws_dynamodb_global_table_1.yaml @@ -1,24 +1,22 @@ +Description: Allows users to query AWS DynamoDB Global Tables to gather information + about the global tables, including the table name, creation time, status, and other + related details. ID: aws_dynamodb_global_table_1 -Title: "List all AWS DynamoDB Global Tables and their Regions" -Description: "Allows users to query AWS DynamoDB Global Tables to gather information about the global tables, including the table name, creation time, status, and other related details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - global_table_name, - rg -> 'RegionName' as region_name - from - aws_dynamodb_global_table - cross join jsonb_array_elements(replication_group) as rg; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n global_table_name,\n rg -> 'RegionName' as region_name\n\ + from\n aws_dynamodb_global_table\n cross join jsonb_array_elements(replication_group)\ + \ as rg;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB Global Table +Title: List all AWS DynamoDB Global Tables and their Regions diff --git a/queries/aws_dynamodb_global_table_2.yaml b/queries/aws_dynamodb_global_table_2.yaml index fd478c18f..8dce2dcb7 100755 --- a/queries/aws_dynamodb_global_table_2.yaml +++ b/queries/aws_dynamodb_global_table_2.yaml @@ -1,30 +1,26 @@ +Description: Allows users to query AWS DynamoDB Global Tables to gather information + about the global tables, including the table name, creation time, status, and other + related details. ID: aws_dynamodb_global_table_2 -Title: "List all AWS DynamoDB Global Tables with Details" -Description: "Allows users to query AWS DynamoDB Global Tables to gather information about the global tables, including the table name, creation time, status, and other related details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - global_table_name, - global_table_status, - rg -> 'GlobalSecondaryIndexes' as global_secondary_indexes, - rg -> 'RegionName' as region_name, - rg -> 'ReplicaInaccessibleDateTime' as replica_inaccessible_date_time, - rg -> 'ReplicaStatus' as replica_status, - rg -> 'ReplicaStatusDescription' as replica_status_description, - rg -> 'ReplicaStatusPercentProgress' as replica_status_percent_progress - from - aws_dynamodb_global_table - cross join jsonb_array_elements(replication_group) as rg; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n global_table_name,\n global_table_status,\n rg -> 'GlobalSecondaryIndexes'\ + \ as global_secondary_indexes,\n rg -> 'RegionName' as region_name,\n rg ->\ + \ 'ReplicaInaccessibleDateTime' as replica_inaccessible_date_time,\n rg -> 'ReplicaStatus'\ + \ as replica_status,\n rg -> 'ReplicaStatusDescription' as replica_status_description,\n\ + \ rg -> 'ReplicaStatusPercentProgress' as replica_status_percent_progress\nfrom\n\ + \ aws_dynamodb_global_table\n cross join jsonb_array_elements(replication_group)\ + \ as rg;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: List all AWS DynamoDB Global Tables with Details diff --git a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml index fbb7bf723..19dcc7759 100755 --- a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml +++ b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query DynamoDB Metrics on account provisioned read capacity + utilization. ID: aws_dynamodb_metric_account_provisioned_read_capacity_util_1 -Title: "List AWS DynamoDB Metrics on Read Capacity Utilization" -Description: "Allows users to query DynamoDB Metrics on account provisioned read capacity utilization." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_dynamodb_metric_account_provisioned_read_capacity_util - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n account_id,\n timestamp,\n minimum,\n maximum,\n \ + \ average,\n sum,\n sample_count\nfrom\n aws_dynamodb_metric_account_provisioned_read_capacity_util\n\ + order by\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: List AWS DynamoDB Metrics on Read Capacity Utilization diff --git a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml index 96a8a8059..71a1eb1e8 100755 --- a/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml +++ b/queries/aws_dynamodb_metric_account_provisioned_read_capacity_util_2.yaml @@ -1,32 +1,21 @@ +Description: Allows users to query DynamoDB Metrics on account provisioned read capacity + utilization. ID: aws_dynamodb_metric_account_provisioned_read_capacity_util_2 -Title: "List all AWS DynamoDB Metrics on Read Capacity Utilization" -Description: "Allows users to query DynamoDB Metrics on account provisioned read capacity utilization." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_dynamodb_metric_account_provisioned_read_capacity_util - where - maximum > 80 - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n account_id,\n timestamp,\n minimum,\n maximum,\n \ + \ average,\n sum,\n sample_count\nfrom\n aws_dynamodb_metric_account_provisioned_read_capacity_util\n\ + where\n maximum > 80\norder by\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: List all AWS DynamoDB Metrics on Read Capacity Utilization diff --git a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml index 92801c904..d9d0f91fa 100755 --- a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml +++ b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_1.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS DynamoDB Metrics for account provisioned write + capacity utilization. ID: aws_dynamodb_metric_account_provisioned_write_capacity_util_1 -Title: "List AWS DynamoDB Metrics for Write Capacity Utilization" -Description: "Allows users to query AWS DynamoDB Metrics for account provisioned write capacity utilization." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_dynamodb_metric_account_provisioned_write_capacity_util - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n account_id,\n timestamp,\n minimum,\n maximum,\n \ + \ average,\n sum,\n sample_count\nfrom\n aws_dynamodb_metric_account_provisioned_write_capacity_util\n\ + order by\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: List AWS DynamoDB Metrics for Write Capacity Utilization diff --git a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml index db39682e1..11563ee84 100755 --- a/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml +++ b/queries/aws_dynamodb_metric_account_provisioned_write_capacity_util_2.yaml @@ -1,32 +1,21 @@ +Description: Allows users to query AWS DynamoDB Metrics for account provisioned write + capacity utilization. ID: aws_dynamodb_metric_account_provisioned_write_capacity_util_2 -Title: "List AWS DynamoDB Account Write Capacity Utilization Metrics" -Description: "Allows users to query AWS DynamoDB Metrics for account provisioned write capacity utilization." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_dynamodb_metric_account_provisioned_write_capacity_util - where - maximum > 80 - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n account_id,\n timestamp,\n minimum,\n maximum,\n \ + \ average,\n sum,\n sample_count\nfrom\n aws_dynamodb_metric_account_provisioned_write_capacity_util\n\ + where\n maximum > 80\norder by\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: List AWS DynamoDB Account Write Capacity Utilization Metrics diff --git a/queries/aws_dynamodb_table_1.yaml b/queries/aws_dynamodb_table_1.yaml index 857a21384..9d93bd294 100755 --- a/queries/aws_dynamodb_table_1.yaml +++ b/queries/aws_dynamodb_table_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS DynamoDB Tables and retrieve detailed information + about their configuration, status, and associated attributes. ID: aws_dynamodb_table_1 -Title: "Find AWS DynamoDB Tables with Missing SSE Description" -Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - sse_description - from - aws_dynamodb_table - where - sse_description is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n sse_description\nfrom\n aws_dynamodb_table\n\ + where\n sse_description is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: Find AWS DynamoDB Tables with Missing SSE Description diff --git a/queries/aws_dynamodb_table_2.yaml b/queries/aws_dynamodb_table_2.yaml index 334c0111a..264235bac 100755 --- a/queries/aws_dynamodb_table_2.yaml +++ b/queries/aws_dynamodb_table_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS DynamoDB Tables and retrieve detailed information + about their configuration, status, and associated attributes. ID: aws_dynamodb_table_2 -Title: "List all AWS DynamoDB Tables with Disabled Backups" -Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - continuous_backups_status - from - aws_dynamodb_table - where - continuous_backups_status = 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n continuous_backups_status\nfrom\n aws_dynamodb_table\n\ + where\n continuous_backups_status = 'DISABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: List all AWS DynamoDB Tables with Disabled Backups diff --git a/queries/aws_dynamodb_table_3.yaml b/queries/aws_dynamodb_table_3.yaml index 948a75b51..9f7e00b42 100755 --- a/queries/aws_dynamodb_table_3.yaml +++ b/queries/aws_dynamodb_table_3.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query AWS DynamoDB Tables and retrieve detailed information + about their configuration, status, and associated attributes. ID: aws_dynamodb_table_3 -Title: "List all AWS DynamoDB Tables and retrieve their status" -Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - point_in_time_recovery_description ->> 'EarliestRestorableDateTime' as earliest_restorable_date_time, - point_in_time_recovery_description ->> 'LatestRestorableDateTime' as latest_restorable_date_time, - point_in_time_recovery_description ->> 'PointInTimeRecoveryStatus' as point_in_time_recovery_status - from - aws_dynamodb_table; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n point_in_time_recovery_description ->> 'EarliestRestorableDateTime'\ + \ as earliest_restorable_date_time,\n point_in_time_recovery_description ->>\ + \ 'LatestRestorableDateTime' as latest_restorable_date_time,\n point_in_time_recovery_description\ + \ ->> 'PointInTimeRecoveryStatus' as point_in_time_recovery_status\nfrom\n aws_dynamodb_table;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: List all AWS DynamoDB Tables and retrieve their status diff --git a/queries/aws_dynamodb_table_4.yaml b/queries/aws_dynamodb_table_4.yaml index d57707252..49889bca9 100755 --- a/queries/aws_dynamodb_table_4.yaml +++ b/queries/aws_dynamodb_table_4.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS DynamoDB Tables and retrieve detailed information + about their configuration, status, and associated attributes. ID: aws_dynamodb_table_4 -Title: "List all AWS DynamoDB table configurations and status" -Description: "Allows users to query AWS DynamoDB Tables and retrieve detailed information about their configuration, status, and associated attributes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - d ->> 'StreamArn' as kinesis_stream_arn, - d ->> 'DestinationStatus' as stream_status - from - aws_dynamodb_table, - jsonb_array_elements(streaming_destination -> 'KinesisDataStreamDestinations') as d - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n d ->> 'StreamArn' as kinesis_stream_arn,\n \ + \ d ->> 'DestinationStatus' as stream_status\nfrom\n aws_dynamodb_table,\n jsonb_array_elements(streaming_destination\ + \ -> 'KinesisDataStreamDestinations') as d" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: List all AWS DynamoDB table configurations and status diff --git a/queries/aws_dynamodb_table_export_1.yaml b/queries/aws_dynamodb_table_export_1.yaml index a38ceb63c..81b2cfb94 100755 --- a/queries/aws_dynamodb_table_export_1.yaml +++ b/queries/aws_dynamodb_table_export_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS DynamoDB Table Exports, providing detailed + information on the exports of DynamoDB tables including the export time, status, + and the exported data format. ID: aws_dynamodb_table_export_1 -Title: "List all details of AWS DynamoDB Table Exports" -Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - end_time, - export_format, - export_status, - s3_bucket - from - aws_dynamodb_table_export; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n end_time,\n export_format,\n export_status,\n\ + \ s3_bucket\nfrom\n aws_dynamodb_table_export;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: List all details of AWS DynamoDB Table Exports diff --git a/queries/aws_dynamodb_table_export_2.yaml b/queries/aws_dynamodb_table_export_2.yaml index 3c47d03d5..705072df6 100755 --- a/queries/aws_dynamodb_table_export_2.yaml +++ b/queries/aws_dynamodb_table_export_2.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS DynamoDB Table Exports, providing detailed + information on the exports of DynamoDB tables including the export time, status, + and the exported data format. ID: aws_dynamodb_table_export_2 -Title: "List all AWS DynamoDB Table Exports with Details" -Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - end_time, - export_format, - export_status, - s3_bucket - from - aws_dynamodb_table_export - where - export_status <> 'COMPLETED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n end_time,\n export_format,\n export_status,\n\ + \ s3_bucket\nfrom\n aws_dynamodb_table_export\nwhere\n export_status <> 'COMPLETED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: List all AWS DynamoDB Table Exports with Details diff --git a/queries/aws_dynamodb_table_export_3.yaml b/queries/aws_dynamodb_table_export_3.yaml index d1570fea2..762bf3715 100755 --- a/queries/aws_dynamodb_table_export_3.yaml +++ b/queries/aws_dynamodb_table_export_3.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS DynamoDB Table Exports, providing detailed + information on the exports of DynamoDB tables including the export time, status, + and the exported data format. ID: aws_dynamodb_table_export_3 -Title: "Find AWS DynamoDB Table Exports with Detailed Info" -Description: "Allows users to query AWS DynamoDB Table Exports, providing detailed information on the exports of DynamoDB tables including the export time, status, and the exported data format." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - end_time, - export_format, - export_status, - export_time, - s3_bucket - from - aws_dynamodb_table_export - where - export_time >= now() - interval '10' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n end_time,\n export_format,\n export_status,\n\ + \ export_time,\n s3_bucket\nfrom\n aws_dynamodb_table_export\nwhere\n export_time\ + \ >= now() - interval '10' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DynamoDB +Title: Find AWS DynamoDB Table Exports with Detailed Info diff --git a/queries/aws_ebs_snapshot_1.yaml b/queries/aws_ebs_snapshot_1.yaml index 2b838c2ac..5ac75699c 100755 --- a/queries/aws_ebs_snapshot_1.yaml +++ b/queries/aws_ebs_snapshot_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS EBS snapshots, providing detailed information + about each snapshot''s configuration, status, and associated metadata. ID: aws_ebs_snapshot_1 -Title: "Find Detailed Information About AWS EBS Snapshots" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - arn, - encrypted - from - aws_ebs_snapshot - where - not encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_id,\n arn,\n encrypted\nfrom\n aws_ebs_snapshot\n\ + where\n not encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store (EBS) +Title: Find Detailed Information About AWS EBS Snapshots diff --git a/queries/aws_ebs_snapshot_2.yaml b/queries/aws_ebs_snapshot_2.yaml index 037fa7113..5a24ea1d0 100755 --- a/queries/aws_ebs_snapshot_2.yaml +++ b/queries/aws_ebs_snapshot_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS EBS snapshots, providing detailed information + about each snapshot''s configuration, status, and associated metadata. ID: aws_ebs_snapshot_2 -Title: "Find AWS EBS Snapshots with User and Group Details" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - arn, - volume_id, - perm ->> 'UserId' as userid, - perm ->> 'Group' as group - from - aws_ebs_snapshot - cross join jsonb_array_elements(create_volume_permissions) as perm - where - perm ->> 'Group' = 'all'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_id,\n arn,\n volume_id,\n perm ->> 'UserId'\ + \ as userid,\n perm ->> 'Group' as group\nfrom\n aws_ebs_snapshot\n cross join\ + \ jsonb_array_elements(create_volume_permissions) as perm\nwhere\n perm ->> 'Group'\ + \ = 'all';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store +Title: Find AWS EBS Snapshots with User and Group Details diff --git a/queries/aws_ebs_snapshot_3.yaml b/queries/aws_ebs_snapshot_3.yaml index 095619b9e..20e88d8e9 100755 --- a/queries/aws_ebs_snapshot_3.yaml +++ b/queries/aws_ebs_snapshot_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS EBS snapshots, providing detailed information + about each snapshot''s configuration, status, and associated metadata. ID: aws_ebs_snapshot_3 -Title: "List all AWS EBS snapshots with details" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - volume_id, - perm ->> 'UserId' as account_ids - from - aws_ebs_snapshot - cross join jsonb_array_elements(create_volume_permissions) as perm; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_id,\n volume_id,\n perm ->> 'UserId' as account_ids\n\ + from\n aws_ebs_snapshot\n cross join jsonb_array_elements(create_volume_permissions)\ + \ as perm;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store +Title: List all AWS EBS snapshots with details diff --git a/queries/aws_ebs_snapshot_4.yaml b/queries/aws_ebs_snapshot_4.yaml index 3c5c73505..6355f2974 100755 --- a/queries/aws_ebs_snapshot_4.yaml +++ b/queries/aws_ebs_snapshot_4.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS EBS snapshots, providing detailed information + about each snapshot''s configuration, status, and associated metadata. ID: aws_ebs_snapshot_4 -Title: "List all AWS EBS snapshots with configuration details" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - count(snapshot_id) as snapshot_id - from - aws_ebs_snapshot - group by - volume_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n count(snapshot_id) as snapshot_id\nfrom\n\ + \ aws_ebs_snapshot\ngroup by\n volume_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store (EBS) +Title: List all AWS EBS snapshots with configuration details diff --git a/queries/aws_ebs_snapshot_5.yaml b/queries/aws_ebs_snapshot_5.yaml index fd555c342..4dbfb3de4 100755 --- a/queries/aws_ebs_snapshot_5.yaml +++ b/queries/aws_ebs_snapshot_5.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS EBS snapshots, providing detailed information + about each snapshot''s configuration, status, and associated metadata. ID: aws_ebs_snapshot_5 -Title: "Find details of AWS EBS snapshot configurations" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - arn, - encrypted, - owner_id - from - aws_ebs_snapshot - where - owner_id = '859788737657'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_id,\n arn,\n encrypted,\n owner_id\nfrom\n\ + \ aws_ebs_snapshot\nwhere\n owner_id = '859788737657';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store +Title: Find details of AWS EBS snapshot configurations diff --git a/queries/aws_ebs_snapshot_6.yaml b/queries/aws_ebs_snapshot_6.yaml index 10a7600ce..5bbbc8cf7 100755 --- a/queries/aws_ebs_snapshot_6.yaml +++ b/queries/aws_ebs_snapshot_6.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS EBS snapshots, providing detailed information + about each snapshot''s configuration, status, and associated metadata. ID: aws_ebs_snapshot_6 -Title: "Find EBS Snapshots Configuration and Metadata in AWS" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - arn, - encrypted, - owner_id - from - aws_ebs_snapshot - where - snapshot_id = 'snap-07bf4f91353ad71ae'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_id,\n arn,\n encrypted,\n owner_id\nfrom\n\ + \ aws_ebs_snapshot\nwhere\n snapshot_id = 'snap-07bf4f91353ad71ae';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store +Title: Find EBS Snapshots Configuration and Metadata in AWS diff --git a/queries/aws_ebs_snapshot_7.yaml b/queries/aws_ebs_snapshot_7.yaml index 6c1f7540e..00c155b8b 100755 --- a/queries/aws_ebs_snapshot_7.yaml +++ b/queries/aws_ebs_snapshot_7.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS EBS snapshots, providing detailed information + about each snapshot''s configuration, status, and associated metadata. ID: aws_ebs_snapshot_7 -Title: "List all AWS EBS Snapshot Configurations and Status" -Description: "Allows users to query AWS EBS snapshots, providing detailed information about each snapshot''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_id, - arn, - encrypted, - owner_id - from - aws_ebs_snapshot - where - owner_alias = 'amazon' - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_id,\n arn,\n encrypted,\n owner_id\nfrom\n\ + \ aws_ebs_snapshot\nwhere\n owner_alias = 'amazon'" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store +Title: List all AWS EBS Snapshot Configurations and Status diff --git a/queries/aws_ebs_volume_1.yaml b/queries/aws_ebs_volume_1.yaml index ee8e7fb54..546d8bc5a 100755 --- a/queries/aws_ebs_volume_1.yaml +++ b/queries/aws_ebs_volume_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Elastic Block Store (EBS) volumes for detailed + information about their configuration, status, and associated tags. ID: aws_ebs_volume_1 -Title: "Find All Unencrypted EBS Volumes in AWS" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - encrypted - from - aws_ebs_volume - where - not encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n encrypted\nfrom\n aws_ebs_volume\nwhere\n\ + \ not encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store +Title: Find All Unencrypted EBS Volumes in AWS diff --git a/queries/aws_ebs_volume_2.yaml b/queries/aws_ebs_volume_2.yaml index fef88e899..9b05e6dea 100755 --- a/queries/aws_ebs_volume_2.yaml +++ b/queries/aws_ebs_volume_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Elastic Block Store (EBS) volumes for detailed + information about their configuration, status, and associated tags. ID: aws_ebs_volume_2 -Title: "List all AWS EBS volumes with no attachments" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - volume_type - from - aws_ebs_volume - where - jsonb_array_length(attachments) = 0; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n volume_type\nfrom\n aws_ebs_volume\nwhere\n\ + \ jsonb_array_length(attachments) = 0;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store (EBS) +Title: List all AWS EBS volumes with no attachments diff --git a/queries/aws_ebs_volume_3.yaml b/queries/aws_ebs_volume_3.yaml index d9b42c04a..7896f9897 100755 --- a/queries/aws_ebs_volume_3.yaml +++ b/queries/aws_ebs_volume_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Elastic Block Store (EBS) volumes for detailed + information about their configuration, status, and associated tags. ID: aws_ebs_volume_3 -Title: "List all AWS EBS Volumes and Their Details" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - volume_type - from - aws_ebs_volume - where - volume_type = 'io1'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n volume_type\nfrom\n aws_ebs_volume\nwhere\n\ + \ volume_type = 'io1';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store (EBS) +Title: List all AWS EBS Volumes and Their Details diff --git a/queries/aws_ebs_volume_4.yaml b/queries/aws_ebs_volume_4.yaml index a8bddaa22..353c0361b 100755 --- a/queries/aws_ebs_volume_4.yaml +++ b/queries/aws_ebs_volume_4.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Elastic Block Store (EBS) volumes for detailed + information about their configuration, status, and associated tags. ID: aws_ebs_volume_4 -Title: "List all AWS EBS volumes with configuration and status details" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - size - from - aws_ebs_volume - where - size > '100'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n size\nfrom\n aws_ebs_volume\nwhere\n \ + \ size > '100';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store +Title: List all AWS EBS volumes with configuration and status details diff --git a/queries/aws_ebs_volume_5.yaml b/queries/aws_ebs_volume_5.yaml index 036dceb1d..caa606657 100755 --- a/queries/aws_ebs_volume_5.yaml +++ b/queries/aws_ebs_volume_5.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Elastic Block Store (EBS) volumes for detailed + information about their configuration, status, and associated tags. ID: aws_ebs_volume_5 -Title: "List all AWS EBS Volumes and Configuration Details" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_type, - count(volume_type) as count - from - aws_ebs_volume - group by - volume_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_type,\n count(volume_type) as count\nfrom\n \ + \ aws_ebs_volume\ngroup by\n volume_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store +Title: List all AWS EBS Volumes and Configuration Details diff --git a/queries/aws_ebs_volume_6.yaml b/queries/aws_ebs_volume_6.yaml index d4a609f81..c64f1fc42 100755 --- a/queries/aws_ebs_volume_6.yaml +++ b/queries/aws_ebs_volume_6.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Elastic Block Store (EBS) volumes for detailed + information about their configuration, status, and associated tags. ID: aws_ebs_volume_6 -Title: "List all AWS EBS volumes and their stopped instances" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - size, - att ->> 'InstanceId' as instance_id - from - aws_ebs_volume - cross join jsonb_array_elements(attachments) as att - join aws_ec2_instance as i on i.instance_id = att ->> 'InstanceId' - where - instance_state = 'stopped'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n size,\n att ->> 'InstanceId' as instance_id\n\ + from\n aws_ebs_volume\n cross join jsonb_array_elements(attachments) as att\n\ + \ join aws_ec2_instance as i on i.instance_id = att ->> 'InstanceId'\nwhere\n\ + \ instance_state = 'stopped';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store (EBS) +Title: List all AWS EBS volumes and their stopped instances diff --git a/queries/aws_ebs_volume_7.yaml b/queries/aws_ebs_volume_7.yaml index cfb428464..b0992941e 100755 --- a/queries/aws_ebs_volume_7.yaml +++ b/queries/aws_ebs_volume_7.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Elastic Block Store (EBS) volumes for detailed + information about their configuration, status, and associated tags. ID: aws_ebs_volume_7 -Title: "List AWS EBS Volumes for Configuration and Status" -Description: "Allows users to query AWS Elastic Block Store (EBS) volumes for detailed information about their configuration, status, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - volume_type - from - aws_ebs_volume - where - volume_type = 'io1'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n volume_type\nfrom\n aws_ebs_volume\nwhere\n\ + \ volume_type = 'io1';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store +Title: List AWS EBS Volumes for Configuration and Status diff --git a/queries/aws_ebs_volume_metric_read_ops_1.yaml b/queries/aws_ebs_volume_metric_read_ops_1.yaml index 71edb46e1..441b20c5f 100755 --- a/queries/aws_ebs_volume_metric_read_ops_1.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_1.yaml @@ -1,33 +1,22 @@ +Description: Allows users to query AWS EBS Volume read operations metrics. ID: aws_ebs_volume_metric_read_ops_1 -Title: "List all AWS EBS Volume read operations metrics" -Description: "Allows users to query AWS EBS Volume read operations metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_read_ops\norder by\n volume_id,\n\ + \ timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS Volume +Title: List all AWS EBS Volume read operations metrics diff --git a/queries/aws_ebs_volume_metric_read_ops_2.yaml b/queries/aws_ebs_volume_metric_read_ops_2.yaml index a3c43d708..0fc12c38f 100755 --- a/queries/aws_ebs_volume_metric_read_ops_2.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_2.yaml @@ -1,33 +1,20 @@ +Description: Allows users to query AWS EBS Volume read operations metrics. ID: aws_ebs_volume_metric_read_ops_2 -Title: "Find Read Ops Metrics of AWS EBS Volumes with SQL" -Description: "Allows users to query AWS EBS Volume read operations metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops - where - average > 1000 - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_read_ops\nwhere\n average\ + \ > 1000\norder by\n volume_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: Find Read Ops Metrics of AWS EBS Volumes with SQL diff --git a/queries/aws_ebs_volume_metric_read_ops_3.yaml b/queries/aws_ebs_volume_metric_read_ops_3.yaml index 122e4aaff..e3c3e398f 100755 --- a/queries/aws_ebs_volume_metric_read_ops_3.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_3.yaml @@ -1,35 +1,22 @@ +Description: Allows users to query AWS EBS Volume read operations metrics. ID: aws_ebs_volume_metric_read_ops_3 -Title: "List all AWS EBS Volume read operations metrics" -Description: "Allows users to query AWS EBS Volume read operations metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops - where - maximum > 8000 - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_read_ops\nwhere\n maximum\ + \ > 8000\norder by\n volume_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: List all AWS EBS Volume read operations metrics diff --git a/queries/aws_ebs_volume_metric_read_ops_4.yaml b/queries/aws_ebs_volume_metric_read_ops_4.yaml index 7086bea6d..94cc7135f 100755 --- a/queries/aws_ebs_volume_metric_read_ops_4.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_4.yaml @@ -1,39 +1,25 @@ +Description: Allows users to query AWS EBS Volume read operations metrics. ID: aws_ebs_volume_metric_read_ops_4 -Title: "List All AWS EBS Volume Read Operations Metrics" -Description: "Allows users to query AWS EBS Volume read operations metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_ebs_volume_metric_read_ops as r, - aws_ebs_volume_metric_write_ops as w - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - order by - r.volume_id, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.volume_id,\n r.timestamp,\n round(r.average) + round(w.average)\ + \ as iops_avg,\n round(r.average) as read_ops_avg,\n round(w.average) as write_ops_avg,\n\ + \ round(r.maximum) + round(w.maximum) as iops_max,\n round(r.maximum) as read_ops_max,\n\ + \ round(w.maximum) as write_ops_max,\n round(r.minimum) + round(w.minimum) as\ + \ iops_min,\n round(r.minimum) as read_ops_min,\n round(w.minimum) as write_ops_min\n\ + from \n aws_ebs_volume_metric_read_ops as r,\n aws_ebs_volume_metric_write_ops\ + \ as w\nwhere \n r.volume_id = w.volume_id\n and r.timestamp = w.timestamp\n\ + order by\n r.volume_id,\n r.timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: List All AWS EBS Volume Read Operations Metrics diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml b/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml index 82c034b72..9b22ca2f7 100755 --- a/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_daily_1.yaml @@ -1,31 +1,20 @@ +Description: Allows users to query AWS EBS Volume metrics for daily read operations. ID: aws_ebs_volume_metric_read_ops_daily_1 -Title: "List AWS EBS Volume Metrics for Daily Read Ops" -Description: "Allows users to query AWS EBS Volume metrics for daily read operations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops_daily - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_read_ops_daily\norder by\n\ + \ volume_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: List AWS EBS Volume Metrics for Daily Read Ops diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml b/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml index 933ba9df7..4ea84814d 100755 --- a/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_daily_2.yaml @@ -1,33 +1,20 @@ +Description: Allows users to query AWS EBS Volume metrics for daily read operations. ID: aws_ebs_volume_metric_read_ops_daily_2 -Title: "Find Daily AWS EBS Volume Read Ops Metrics using SQL" -Description: "Allows users to query AWS EBS Volume metrics for daily read operations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops_daily - where - average > 1000 - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_read_ops_daily\nwhere\n\ + \ average > 1000\norder by\n volume_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: Find Daily AWS EBS Volume Read Ops Metrics using SQL diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml b/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml index 64433299a..2bfd38351 100755 --- a/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_daily_3.yaml @@ -1,33 +1,20 @@ +Description: Allows users to query AWS EBS Volume metrics for daily read operations. ID: aws_ebs_volume_metric_read_ops_daily_3 -Title: "Find all AWS EBS Volume daily read operations metrics" -Description: "Allows users to query AWS EBS Volume metrics for daily read operations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops_daily - where - maximum > 8000 - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_read_ops_daily\nwhere\n\ + \ maximum > 8000\norder by\n volume_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: Find all AWS EBS Volume daily read operations metrics diff --git a/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml b/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml index 2ace06e4d..0d5a3bc1f 100755 --- a/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_daily_4.yaml @@ -1,41 +1,27 @@ +Description: Allows users to query AWS EBS Volume metrics for daily read operations. ID: aws_ebs_volume_metric_read_ops_daily_4 -Title: "Find AWS EBS Volume Metrics for Daily Read Operations" -Description: "Allows users to query AWS EBS Volume metrics for daily read operations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_ebs_volume_metric_read_ops_daily as r, - aws_ebs_volume_metric_write_ops_daily as w - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - order by - r.volume_id, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.volume_id,\n r.timestamp,\n round(r.average) + round(w.average)\ + \ as iops_avg,\n round(r.average) as read_ops_avg,\n round(w.average) as write_ops_avg,\n\ + \ round(r.maximum) + round(w.maximum) as iops_max,\n round(r.maximum) as read_ops_max,\n\ + \ round(w.maximum) as write_ops_max,\n round(r.minimum) + round(w.minimum) as\ + \ iops_min,\n round(r.minimum) as read_ops_min,\n round(w.minimum) as write_ops_min\n\ + from \n aws_ebs_volume_metric_read_ops_daily as r,\n aws_ebs_volume_metric_write_ops_daily\ + \ as w\nwhere \n r.volume_id = w.volume_id\n and r.timestamp = w.timestamp\n\ + order by\n r.volume_id,\n r.timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: Find AWS EBS Volume Metrics for Daily Read Operations diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml b/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml index fac833ca6..c59c35f9d 100755 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_1.yaml @@ -1,33 +1,23 @@ +Description: Allows users to query Amazon EC2 EBS Volume Read Operations metrics on + an hourly basis. ID: aws_ebs_volume_metric_read_ops_hourly_1 -Title: "Find Amazon EC2 EBS Volume Read Operations Metrics Hourly" -Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops_hourly - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_read_ops_hourly\norder\ + \ by\n volume_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EC2 EBS +Title: Find Amazon EC2 EBS Volume Read Operations Metrics Hourly diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml b/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml index dc610aac8..9a47464b0 100755 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_2.yaml @@ -1,35 +1,23 @@ +Description: Allows users to query Amazon EC2 EBS Volume Read Operations metrics on + an hourly basis. ID: aws_ebs_volume_metric_read_ops_hourly_2 -Title: "List all Amazon EC2 EBS Volume Read Ops metrics hourly" -Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops_hourly - where - average > 1000 - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_read_ops_hourly\nwhere\n\ + \ average > 1000\norder by\n volume_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EC2 +Title: List all Amazon EC2 EBS Volume Read Ops metrics hourly diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml b/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml index 7dbdef4e1..a40690f68 100755 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_3.yaml @@ -1,35 +1,23 @@ +Description: Allows users to query Amazon EC2 EBS Volume Read Operations metrics on + an hourly basis. ID: aws_ebs_volume_metric_read_ops_hourly_3 -Title: "Find Amazon EC2 EBS Volume Read Ops Metrics Hourly" -Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_read_ops_hourly - where - maximum > 8000 - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_read_ops_hourly\nwhere\n\ + \ maximum > 8000\norder by\n volume_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EC2 +Title: Find Amazon EC2 EBS Volume Read Ops Metrics Hourly diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml b/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml index 928f6296d..619fb10c9 100755 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_4.yaml @@ -1,37 +1,25 @@ +Description: Allows users to query Amazon EC2 EBS Volume Read Operations metrics on + an hourly basis. ID: aws_ebs_volume_metric_read_ops_hourly_4 -Title: "List all Amazon EC2 EBS Volume Read Ops Metrics Hourly" -Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - v.iops as provisioned_iops, - round(r.average) +round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg - from - aws_ebs_volume_metric_read_ops_hourly as r, - aws_ebs_volume_metric_write_ops_hourly as w, - aws_ebs_volume as v - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - and v.volume_id = r.volume_id - and r.average + w.average > v.iops - order by - r.volume_id, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.volume_id,\n r.timestamp,\n v.iops as provisioned_iops,\n\ + \ round(r.average) +round(w.average) as iops_avg,\n round(r.average) as read_ops_avg,\n\ + \ round(w.average) as write_ops_avg\nfrom \n aws_ebs_volume_metric_read_ops_hourly\ + \ as r,\n aws_ebs_volume_metric_write_ops_hourly as w,\n aws_ebs_volume as v\n\ + where \n r.volume_id = w.volume_id\n and r.timestamp = w.timestamp\n and v.volume_id\ + \ = r.volume_id \n and r.average + w.average > v.iops\norder by\n r.volume_id,\n\ + \ r.timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EC2 +Title: List all Amazon EC2 EBS Volume Read Ops Metrics Hourly diff --git a/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml b/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml index 0acd697ad..3121ceed8 100755 --- a/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml +++ b/queries/aws_ebs_volume_metric_read_ops_hourly_5.yaml @@ -1,39 +1,26 @@ +Description: Allows users to query Amazon EC2 EBS Volume Read Operations metrics on + an hourly basis. ID: aws_ebs_volume_metric_read_ops_hourly_5 -Title: "Find AWS EC2 EBS Volume Read Ops Metrics Hourly" -Description: "Allows users to query Amazon EC2 EBS Volume Read Operations metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_ebs_volume_metric_read_ops_hourly as r, - aws_ebs_volume_metric_write_ops_hourly as w - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - order by - r.volume_id, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.volume_id,\n r.timestamp,\n round(r.average) + round(w.average)\ + \ as iops_avg,\n round(r.average) as read_ops_avg,\n round(w.average) as write_ops_avg,\n\ + \ round(r.maximum) + round(w.maximum) as iops_max,\n round(r.maximum) as read_ops_max,\n\ + \ round(w.maximum) as write_ops_max,\n round(r.minimum) + round(w.minimum) as\ + \ iops_min,\n round(r.minimum) as read_ops_min,\n round(w.minimum) as write_ops_min\n\ + from \n aws_ebs_volume_metric_read_ops_hourly as r,\n aws_ebs_volume_metric_write_ops_hourly\ + \ as w\nwhere \n r.volume_id = w.volume_id\n and r.timestamp = w.timestamp\n\ + order by\n r.volume_id,\n r.timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EC2 EBS +Title: Find AWS EC2 EBS Volume Read Ops Metrics Hourly diff --git a/queries/aws_ebs_volume_metric_write_ops_1.yaml b/queries/aws_ebs_volume_metric_write_ops_1.yaml index 4d68d5a0d..74e2a9fdc 100755 --- a/queries/aws_ebs_volume_metric_write_ops_1.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_1.yaml @@ -1,33 +1,23 @@ +Description: Allows users to query AWS Elastic Block Store (EBS) volume write operations + metrics. ID: aws_ebs_volume_metric_write_ops_1 -Title: "Find AWS EBS Volume Write Operations Metrics" -Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_write_ops\norder by\n \ + \ volume_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store +Title: Find AWS EBS Volume Write Operations Metrics diff --git a/queries/aws_ebs_volume_metric_write_ops_2.yaml b/queries/aws_ebs_volume_metric_write_ops_2.yaml index c83912cfc..a44a7ca89 100755 --- a/queries/aws_ebs_volume_metric_write_ops_2.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_2.yaml @@ -1,33 +1,21 @@ +Description: Allows users to query AWS Elastic Block Store (EBS) volume write operations + metrics. ID: aws_ebs_volume_metric_write_ops_2 -Title: "List AWS EBS Volume Write Ops Metrics via SQL" -Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops - where - average > 1000 - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_write_ops\nwhere\n average\ + \ > 1000\norder by\n volume_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store +Title: List AWS EBS Volume Write Ops Metrics via SQL diff --git a/queries/aws_ebs_volume_metric_write_ops_3.yaml b/queries/aws_ebs_volume_metric_write_ops_3.yaml index cc2d5e4a4..6b3575cb0 100755 --- a/queries/aws_ebs_volume_metric_write_ops_3.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_3.yaml @@ -1,35 +1,23 @@ +Description: Allows users to query AWS Elastic Block Store (EBS) volume write operations + metrics. ID: aws_ebs_volume_metric_write_ops_3 -Title: "Find AWS EBS volume write ops metrics" -Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops - where - maximum > 8000 - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_write_ops\nwhere\n maximum\ + \ > 8000\norder by\n volume_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store +Title: Find AWS EBS volume write ops metrics diff --git a/queries/aws_ebs_volume_metric_write_ops_4.yaml b/queries/aws_ebs_volume_metric_write_ops_4.yaml index 7c288715b..ed43c3fd6 100755 --- a/queries/aws_ebs_volume_metric_write_ops_4.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_4.yaml @@ -1,41 +1,28 @@ +Description: Allows users to query AWS Elastic Block Store (EBS) volume write operations + metrics. ID: aws_ebs_volume_metric_write_ops_4 -Title: "List EBS Volume Write Ops Metrics using SQL" -Description: "Allows users to query AWS Elastic Block Store (EBS) volume write operations metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_ebs_volume_metric_read_ops as r, - aws_ebs_volume_metric_write_ops as w - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - order by - r.volume_id, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.volume_id,\n r.timestamp,\n round(r.average) + round(w.average)\ + \ as iops_avg,\n round(r.average) as read_ops_avg,\n round(w.average) as write_ops_avg,\n\ + \ round(r.maximum) + round(w.maximum) as iops_max,\n round(r.maximum) as read_ops_max,\n\ + \ round(w.maximum) as write_ops_max,\n round(r.minimum) + round(w.minimum) as\ + \ iops_min,\n round(r.minimum) as read_ops_min,\n round(w.minimum) as write_ops_min\n\ + from \n aws_ebs_volume_metric_read_ops as r,\n aws_ebs_volume_metric_write_ops\ + \ as w\nwhere \n r.volume_id = w.volume_id\n and r.timestamp = w.timestamp\n\ + order by\n r.volume_id,\n r.timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Block Store +Title: List EBS Volume Write Ops Metrics using SQL diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml b/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml index a01047fc8..30847d391 100755 --- a/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_daily_1.yaml @@ -1,33 +1,22 @@ +Description: Allows users to query AWS EBS Volume Metrics for daily write operations. ID: aws_ebs_volume_metric_write_ops_daily_1 -Title: "List all AWS EBS Volume Metrics for daily write operations" -Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops_daily - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_write_ops_daily\norder\ + \ by\n volume_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: List all AWS EBS Volume Metrics for daily write operations diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml b/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml index ffa5ec597..d3f81e524 100755 --- a/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_daily_2.yaml @@ -1,35 +1,22 @@ +Description: Allows users to query AWS EBS Volume Metrics for daily write operations. ID: aws_ebs_volume_metric_write_ops_daily_2 -Title: "Find daily AWS EBS Volume Metrics for write operations" -Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops_daily - where - average > 1000 - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_write_ops_daily\nwhere\n\ + \ average > 1000\norder by\n volume_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EBS +Title: Find daily AWS EBS Volume Metrics for write operations diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml b/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml index de70feda5..c174b3788 100755 --- a/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_daily_3.yaml @@ -1,35 +1,22 @@ +Description: Allows users to query AWS EBS Volume Metrics for daily write operations. ID: aws_ebs_volume_metric_write_ops_daily_3 -Title: "Find AWS EBS Volume Write Ops Metrics Daily" -Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops_daily - where - maximum > 8000 - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_write_ops_daily\nwhere\n\ + \ maximum > 8000\norder by\n volume_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: Find AWS EBS Volume Write Ops Metrics Daily diff --git a/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml b/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml index 724cf8bd8..fb59b09b4 100755 --- a/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_daily_4.yaml @@ -1,39 +1,25 @@ +Description: Allows users to query AWS EBS Volume Metrics for daily write operations. ID: aws_ebs_volume_metric_write_ops_daily_4 -Title: "Query Daily AWS EBS Volume Write Ops Metrics" -Description: "Allows users to query AWS EBS Volume Metrics for daily write operations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_ebs_volume_metric_read_ops_daily as r, - aws_ebs_volume_metric_write_ops_daily as w - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - order by - r.volume_id, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.volume_id,\n r.timestamp,\n round(r.average) + round(w.average)\ + \ as iops_avg,\n round(r.average) as read_ops_avg,\n round(w.average) as write_ops_avg,\n\ + \ round(r.maximum) + round(w.maximum) as iops_max,\n round(r.maximum) as read_ops_max,\n\ + \ round(w.maximum) as write_ops_max,\n round(r.minimum) + round(w.minimum) as\ + \ iops_min,\n round(r.minimum) as read_ops_min,\n round(w.minimum) as write_ops_min\n\ + from \n aws_ebs_volume_metric_read_ops_daily as r,\n aws_ebs_volume_metric_write_ops_daily\ + \ as w\nwhere \n r.volume_id = w.volume_id\n and r.timestamp = w.timestamp\n\ + order by\n r.volume_id,\n r.timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: Query Daily AWS EBS Volume Write Ops Metrics diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml b/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml index d7a99e569..c14c3dd5e 100755 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_1.yaml @@ -1,31 +1,20 @@ +Description: Allows users to query AWS EBS Volume Metrics on hourly write operations. ID: aws_ebs_volume_metric_write_ops_hourly_1 -Title: "Find AWS EBS Volume Metrics on Hourly Write Operations" -Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops_hourly - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_write_ops_hourly\norder\ + \ by\n volume_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: Find AWS EBS Volume Metrics on Hourly Write Operations diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml b/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml index d73b5418c..858a37747 100755 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_2.yaml @@ -1,33 +1,20 @@ +Description: Allows users to query AWS EBS Volume Metrics on hourly write operations. ID: aws_ebs_volume_metric_write_ops_hourly_2 -Title: "Query AWS EBS Volume Hourly Write Operations Metrics" -Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops_hourly - where - average > 1000 - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_write_ops_hourly\nwhere\n\ + \ average > 1000\norder by\n volume_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: Query AWS EBS Volume Hourly Write Operations Metrics diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml b/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml index d880d61f0..20b22ad70 100755 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_3.yaml @@ -1,33 +1,20 @@ +Description: Allows users to query AWS EBS Volume Metrics on hourly write operations. ID: aws_ebs_volume_metric_write_ops_hourly_3 -Title: "List all AWS EBS Volume Metrics on Hourly Write Ops" -Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - volume_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_ebs_volume_metric_write_ops_hourly - where - maximum > 8000 - order by - volume_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n volume_id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sum,\n sample_count\nfrom\n aws_ebs_volume_metric_write_ops_hourly\nwhere\n\ + \ maximum > 8000\norder by\n volume_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS EBS +Title: List all AWS EBS Volume Metrics on Hourly Write Ops diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml b/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml index f42e29343..1098e8a39 100755 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_4.yaml @@ -1,39 +1,26 @@ +Description: Allows users to query AWS EBS Volume Metrics on hourly write operations. ID: aws_ebs_volume_metric_write_ops_hourly_4 -Title: "Find AWS EBS Volume Hourly Write Operation Metrics" -Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - v.iops as provisioned_iops, - round(r.average) +round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg - from - aws_ebs_volume_metric_read_ops_hourly as r, - aws_ebs_volume_metric_write_ops_hourly as w, - aws_ebs_volume as v - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - and v.volume_id = r.volume_id - and r.average + w.average > v.iops - order by - r.volume_id, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.volume_id,\n r.timestamp,\n v.iops as provisioned_iops,\n\ + \ round(r.average) +round(w.average) as iops_avg,\n round(r.average) as read_ops_avg,\n\ + \ round(w.average) as write_ops_avg\nfrom \n aws_ebs_volume_metric_read_ops_hourly\ + \ as r,\n aws_ebs_volume_metric_write_ops_hourly as w,\n aws_ebs_volume as v\n\ + where \n r.volume_id = w.volume_id\n and r.timestamp = w.timestamp\n and v.volume_id\ + \ = r.volume_id \n and r.average + w.average > v.iops\norder by\n r.volume_id,\n\ + \ r.timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: Find AWS EBS Volume Hourly Write Operation Metrics diff --git a/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml b/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml index 929fd0773..3842bcfd3 100755 --- a/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml +++ b/queries/aws_ebs_volume_metric_write_ops_hourly_5.yaml @@ -1,41 +1,27 @@ +Description: Allows users to query AWS EBS Volume Metrics on hourly write operations. ID: aws_ebs_volume_metric_write_ops_hourly_5 -Title: "Find AWS EBS Volume Metrics on Hourly Write Ops" -Description: "Allows users to query AWS EBS Volume Metrics on hourly write operations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.volume_id, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_ebs_volume_metric_read_ops_hourly as r, - aws_ebs_volume_metric_write_ops_hourly as w - where - r.volume_id = w.volume_id - and r.timestamp = w.timestamp - order by - r.volume_id, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.volume_id,\n r.timestamp,\n round(r.average) + round(w.average)\ + \ as iops_avg,\n round(r.average) as read_ops_avg,\n round(w.average) as write_ops_avg,\n\ + \ round(r.maximum) + round(w.maximum) as iops_max,\n round(r.maximum) as read_ops_max,\n\ + \ round(w.maximum) as write_ops_max,\n round(r.minimum) + round(w.minimum) as\ + \ iops_min,\n round(r.minimum) as read_ops_min,\n round(w.minimum) as write_ops_min\n\ + from \n aws_ebs_volume_metric_read_ops_hourly as r,\n aws_ebs_volume_metric_write_ops_hourly\ + \ as w\nwhere \n r.volume_id = w.volume_id\n and r.timestamp = w.timestamp\n\ + order by\n r.volume_id,\n r.timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EBS +Title: Find AWS EBS Volume Metrics on Hourly Write Ops diff --git a/queries/aws_ec2_ami_1.yaml b/queries/aws_ec2_ami_1.yaml index 3fedbae31..ab4709e0b 100755 --- a/queries/aws_ec2_ami_1.yaml +++ b/queries/aws_ec2_ami_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve + detailed information about each AMI available in the AWS account. ID: aws_ec2_ami_1 -Title: "List all AWS EC2 AMIs with Details via SQL" -Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - state, - image_location, - creation_date, - public, - root_device_name - from - aws_ec2_ami; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n image_id,\n state,\n image_location,\n creation_date,\n\ + \ public,\n root_device_name\nfrom\n aws_ec2_ami;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 AMIs with Details via SQL diff --git a/queries/aws_ec2_ami_2.yaml b/queries/aws_ec2_ami_2.yaml index c66d4e734..573a8cb5f 100755 --- a/queries/aws_ec2_ami_2.yaml +++ b/queries/aws_ec2_ami_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve + detailed information about each AMI available in the AWS account. ID: aws_ec2_ami_2 -Title: "List all AWS EC2 AMIs to Retrieve Detailed Information" -Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - public - from - aws_ec2_ami - where - public; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n image_id,\n public\nfrom\n aws_ec2_ami\nwhere\n\ + \ public;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 AMIs to Retrieve Detailed Information diff --git a/queries/aws_ec2_ami_3.yaml b/queries/aws_ec2_ami_3.yaml index bcc210f50..23661331f 100755 --- a/queries/aws_ec2_ami_3.yaml +++ b/queries/aws_ec2_ami_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve + detailed information about each AMI available in the AWS account. ID: aws_ec2_ami_3 -Title: "List all AWS EC2 AMI Details with Failed State" -Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - public, - state - from - aws_ec2_ami - where - state = 'failed'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n image_id,\n public,\n state\nfrom\n aws_ec2_ami\n\ + where\n state = 'failed';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 AMI Details with Failed State diff --git a/queries/aws_ec2_ami_4.yaml b/queries/aws_ec2_ami_4.yaml index a8058f1c4..cc1020b03 100755 --- a/queries/aws_ec2_ami_4.yaml +++ b/queries/aws_ec2_ami_4.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve + detailed information about each AMI available in the AWS account. ID: aws_ec2_ami_4 -Title: "List all AWS EC2 AMIs with Detailed Information" -Description: "Allows users to query AWS EC2 AMIs (Amazon Machine Images) to retrieve detailed information about each AMI available in the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - mapping -> 'Ebs' ->> 'VolumeSize' as volume_size, - mapping -> 'Ebs' ->> 'VolumeType' as volume_type, - mapping -> 'Ebs' ->> 'Encrypted' as encryption_status, - mapping -> 'Ebs' ->> 'KmsKeyId' as kms_key, - mapping -> 'Ebs' ->> 'DeleteOnTermination' as delete_on_termination - from - aws_ec2_ami - cross join jsonb_array_elements(block_device_mappings) as mapping; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n image_id,\n mapping -> 'Ebs' ->> 'VolumeSize'\ + \ as volume_size,\n mapping -> 'Ebs' ->> 'VolumeType' as volume_type,\n mapping\ + \ -> 'Ebs' ->> 'Encrypted' as encryption_status,\n mapping -> 'Ebs' ->> 'KmsKeyId'\ + \ as kms_key,\n mapping -> 'Ebs' ->> 'DeleteOnTermination' as delete_on_termination\n\ + from\n aws_ec2_ami\n cross join jsonb_array_elements(block_device_mappings)\ + \ as mapping;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 AMI +Title: List all AWS EC2 AMIs with Detailed Information diff --git a/queries/aws_ec2_ami_shared_1.yaml b/queries/aws_ec2_ami_shared_1.yaml index e302ecd6a..83032a2dd 100755 --- a/queries/aws_ec2_ami_shared_1.yaml +++ b/queries/aws_ec2_ami_shared_1.yaml @@ -1,32 +1,22 @@ +Description: Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2 ID: aws_ec2_ami_shared_1 -Title: "Find shared Amazon Machine Images (AMIs) in AWS EC2" -Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - state, - image_location, - creation_date, - public, - root_device_name - from - aws_ec2_ami_shared - where - owner_id = '137112412989'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n image_id,\n state,\n image_location,\n creation_date,\n\ + \ public,\n root_device_name\nfrom\n aws_ec2_ami_shared\nwhere\n owner_id\ + \ = '137112412989';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find shared Amazon Machine Images (AMIs) in AWS EC2 diff --git a/queries/aws_ec2_ami_shared_2.yaml b/queries/aws_ec2_ami_shared_2.yaml index 64bc6b341..7b9395e31 100755 --- a/queries/aws_ec2_ami_shared_2.yaml +++ b/queries/aws_ec2_ami_shared_2.yaml @@ -1,33 +1,22 @@ +Description: Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2 ID: aws_ec2_ami_shared_2 -Title: "Find Shared Amazon Machine Images (AMIs) in AWS EC2" -Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - image_id, - state, - image_location, - creation_date, - public, - root_device_name - from - aws_ec2_ami_shared - where - owner_id = '137112412989' - and architecture = 'arm64'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n image_id,\n state,\n image_location,\n creation_date,\n\ + \ public,\n root_device_name\nfrom\n aws_ec2_ami_shared\nwhere\n owner_id\ + \ = '137112412989'\n and architecture = 'arm64';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find Shared Amazon Machine Images (AMIs) in AWS EC2 diff --git a/queries/aws_ec2_ami_shared_3.yaml b/queries/aws_ec2_ami_shared_3.yaml index 1c95687a5..38d6cc6a3 100755 --- a/queries/aws_ec2_ami_shared_3.yaml +++ b/queries/aws_ec2_ami_shared_3.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2 ID: aws_ec2_ami_shared_3 -Title: "List all shared Amazon Machine Images (AMIs) in AWS EC2" -Description: "Allows users to query shared Amazon Machine Images (AMIs) in AWS EC2" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.title, - i.instance_id, - i.image_id, - ami.name, - ami.description, - ami.platform_details - from - aws_ec2_instance as i - join aws_ec2_ami_shared as ami on i.image_id = ami.image_id - where - ami.owner_id = '137112412989'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n i.title,\n i.instance_id,\n i.image_id,\n ami.name,\n\ + \ ami.description,\n ami.platform_details\nfrom\n aws_ec2_instance as i\n join\ + \ aws_ec2_ami_shared as ami on i.image_id = ami.image_id\nwhere\n ami.owner_id\ + \ = '137112412989';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all shared Amazon Machine Images (AMIs) in AWS EC2 diff --git a/queries/aws_ec2_application_load_balancer_1.yaml b/queries/aws_ec2_application_load_balancer_1.yaml index 52ad51dcb..cba1dfbd0 100755 --- a/queries/aws_ec2_application_load_balancer_1.yaml +++ b/queries/aws_ec2_application_load_balancer_1.yaml @@ -1,25 +1,23 @@ +Description: Allows users to query AWS EC2 Application Load Balancer, providing detailed + information about each load balancer within an AWS account. This includes its current + state, availability zones, security groups, and other important attributes. ID: aws_ec2_application_load_balancer_1 -Title: "Find AWS EC2 Load Balancers with Security Groups" -Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_array_elements_text(security_groups) as attached_security_group - from - aws_ec2_application_load_balancer; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n jsonb_array_elements_text(security_groups) as\ + \ attached_security_group\nfrom\n aws_ec2_application_load_balancer;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Application Load Balancer +Title: Find AWS EC2 Load Balancers with Security Groups diff --git a/queries/aws_ec2_application_load_balancer_2.yaml b/queries/aws_ec2_application_load_balancer_2.yaml index 1c85426a5..0c9267856 100755 --- a/queries/aws_ec2_application_load_balancer_2.yaml +++ b/queries/aws_ec2_application_load_balancer_2.yaml @@ -1,31 +1,27 @@ +Description: Allows users to query AWS EC2 Application Load Balancer, providing detailed + information about each load balancer within an AWS account. This includes its current + state, availability zones, security groups, and other important attributes. ID: aws_ec2_application_load_balancer_2 -Title: "List All AWS EC2 Application Load Balancers with Details" -Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - az ->> 'LoadBalancerAddresses' as load_balancer_addresses, - az ->> 'OutpostId' as outpost_id, - az ->> 'SubnetId' as subnet_id, - az ->> 'ZoneName' as zone_name - from - aws_ec2_application_load_balancer - cross join jsonb_array_elements(availability_zones) as az; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n az ->> 'LoadBalancerAddresses' as load_balancer_addresses,\n\ + \ az ->> 'OutpostId' as outpost_id,\n az ->> 'SubnetId' as subnet_id,\n az\ + \ ->> 'ZoneName' as zone_name\nfrom\n aws_ec2_application_load_balancer\n cross\ + \ join jsonb_array_elements(availability_zones) as az;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Application Load Balancer +Title: List All AWS EC2 Application Load Balancers with Details diff --git a/queries/aws_ec2_application_load_balancer_3.yaml b/queries/aws_ec2_application_load_balancer_3.yaml index ef32f6ef0..6d084a4bd 100755 --- a/queries/aws_ec2_application_load_balancer_3.yaml +++ b/queries/aws_ec2_application_load_balancer_3.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS EC2 Application Load Balancer, providing detailed + information about each load balancer within an AWS account. This includes its current + state, availability zones, security groups, and other important attributes. ID: aws_ec2_application_load_balancer_3 -Title: "List All AWS EC2 ALBs with Detailed Information" -Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - count(az ->> 'ZoneName') < 2 as zone_count_1 - from - aws_ec2_application_load_balancer - cross join jsonb_array_elements(availability_zones) as az - group by - name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n count(az ->> 'ZoneName') < 2 as zone_count_1\n\ + from\n aws_ec2_application_load_balancer\n cross join jsonb_array_elements(availability_zones)\ + \ as az\ngroup by\n name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Application Load Balancer +Title: List All AWS EC2 ALBs with Detailed Information diff --git a/queries/aws_ec2_application_load_balancer_4.yaml b/queries/aws_ec2_application_load_balancer_4.yaml index fa3fb6ec7..92fe9e1be 100755 --- a/queries/aws_ec2_application_load_balancer_4.yaml +++ b/queries/aws_ec2_application_load_balancer_4.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS EC2 Application Load Balancer, providing detailed + information about each load balancer within an AWS account. This includes its current + state, availability zones, security groups, and other important attributes. ID: aws_ec2_application_load_balancer_4 -Title: "List all AWS EC2 Application Load Balancers and Attributes" -Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as logging_key, - lb ->> 'Value' as logging_value - from - aws_ec2_application_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'access_logs.s3.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n lb ->> 'Key' as logging_key,\n lb ->> 'Value'\ + \ as logging_value\nfrom\n aws_ec2_application_load_balancer\n cross join jsonb_array_elements(load_balancer_attributes)\ + \ as lb\nwhere\n lb ->> 'Key' = 'access_logs.s3.enabled'\n and lb ->> 'Value'\ + \ = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Application Load Balancer +Title: List all AWS EC2 Application Load Balancers and Attributes diff --git a/queries/aws_ec2_application_load_balancer_5.yaml b/queries/aws_ec2_application_load_balancer_5.yaml index 912b0b798..27eca0309 100755 --- a/queries/aws_ec2_application_load_balancer_5.yaml +++ b/queries/aws_ec2_application_load_balancer_5.yaml @@ -1,32 +1,27 @@ +Description: Allows users to query AWS EC2 Application Load Balancer, providing detailed + information about each load balancer within an AWS account. This includes its current + state, availability zones, security groups, and other important attributes. ID: aws_ec2_application_load_balancer_5 -Title: "List all AWS EC2 Application Load Balancer Details" -Description: "Allows users to query AWS EC2 Application Load Balancer, providing detailed information about each load balancer within an AWS account. This includes its current state, availability zones, security groups, and other important attributes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as deletion_protection_key, - lb ->> 'Value' as deletion_protection_value - from - aws_ec2_application_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'deletion_protection.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n lb ->> 'Key' as deletion_protection_key,\n \ + \ lb ->> 'Value' as deletion_protection_value\nfrom\n aws_ec2_application_load_balancer\n\ + \ cross join jsonb_array_elements(load_balancer_attributes) as lb\nwhere\n lb\ + \ ->> 'Key' = 'deletion_protection.enabled'\n and lb ->> 'Value' = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Application Load Balancer +Title: List all AWS EC2 Application Load Balancer Details diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml b/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml index 55dfccad0..0c63fb583 100755 --- a/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml +++ b/queries/aws_ec2_application_load_balancer_metric_request_count_1.yaml @@ -1,32 +1,21 @@ +Description: Allows users to query AWS EC2 Application Load Balancer Metrics, specifically + the request count. ID: aws_ec2_application_load_balancer_metric_request_count_1 -Title: "Query AWS EC2 Application Load Balancer Request Count" -Description: "Allows users to query AWS EC2 Application Load Balancer Metrics, specifically the request count." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - average, - maximum, - minimum, - sample_count, - timestamp - from - aws_ec2_application_load_balancer_metric_request_count - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n metric_name,\n namespace,\n average,\n maximum,\n\ + \ minimum,\n sample_count,\n timestamp\nfrom\n aws_ec2_application_load_balancer_metric_request_count\n\ + order by\n name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Application Load Balancer +Title: Query AWS EC2 Application Load Balancer Request Count diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml b/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml index 00fe0a803..383433e79 100755 --- a/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml +++ b/queries/aws_ec2_application_load_balancer_metric_request_count_2.yaml @@ -1,36 +1,23 @@ +Description: Allows users to query AWS EC2 Application Load Balancer Metrics, specifically + the request count. ID: aws_ec2_application_load_balancer_metric_request_count_2 -Title: "List AWS EC2 Application Load Balancer Request Counts" -Description: "Allows users to query AWS EC2 Application Load Balancer Metrics, specifically the request count." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - maximum, - minimum, - average - sample_count, - timestamp - from - aws_ec2_application_load_balancer_metric_request_count - where - average < 100 - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n metric_name,\n namespace,\n maximum,\n minimum,\n\ + \ average\n sample_count,\n timestamp\nfrom\n aws_ec2_application_load_balancer_metric_request_count\n\ + where\n average < 100\norder by\n name,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Application Load Balancer +Title: List AWS EC2 Application Load Balancer Request Counts diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml index 1c4cd1934..cd28ea1f3 100755 --- a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml +++ b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_1.yaml @@ -1,34 +1,23 @@ +Description: Allows users to query daily request count metrics of the AWS EC2 Application + Load Balancer. ID: aws_ec2_application_load_balancer_metric_request_count_daily_1 -Title: "Find daily request count metrics of AWS EC2 ALB" -Description: "Allows users to query daily request count metrics of the AWS EC2 Application Load Balancer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - average, - maximum, - minimum, - sample_count, - timestamp - from - aws_ec2_application_load_balancer_metric_request_count_daily - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n metric_name,\n namespace,\n average,\n maximum,\n\ + \ minimum,\n sample_count,\n timestamp\nfrom\n aws_ec2_application_load_balancer_metric_request_count_daily\n\ + order by\n name,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Application Load Balancer +Title: Find daily request count metrics of AWS EC2 ALB diff --git a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml index 82d1c9de2..ac63c32a4 100755 --- a/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml +++ b/queries/aws_ec2_application_load_balancer_metric_request_count_daily_2.yaml @@ -1,34 +1,21 @@ +Description: Allows users to query daily request count metrics of the AWS EC2 Application + Load Balancer. ID: aws_ec2_application_load_balancer_metric_request_count_daily_2 -Title: "List all daily request count metrics for AWS EC2 Application Load Balancer" -Description: "Allows users to query daily request count metrics of the AWS EC2 Application Load Balancer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - maximum, - minimum, - average - sample_count, - timestamp - from - aws_ec2_application_load_balancer_metric_request_count_daily - where - average < 100 - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n metric_name,\n namespace,\n maximum,\n minimum,\n\ + \ average\n sample_count,\n timestamp\nfrom\n aws_ec2_application_load_balancer_metric_request_count_daily\n\ + where\n average < 100\norder by\n name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Application Load Balancer +Title: List all daily request count metrics for AWS EC2 Application Load Balancer diff --git a/queries/aws_ec2_autoscaling_group_1.yaml b/queries/aws_ec2_autoscaling_group_1.yaml index 253b0d4d0..7cd5f3296 100755 --- a/queries/aws_ec2_autoscaling_group_1.yaml +++ b/queries/aws_ec2_autoscaling_group_1.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS EC2 Auto Scaling Groups and access detailed + information about each group''s configuration, instances, policies, and more. ID: aws_ec2_autoscaling_group_1 -Title: "List all AWS EC2 Auto Scaling Groups with Details" -Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - load_balancer_names, - availability_zones, - service_linked_role_arn, - default_cooldown, - max_size, - min_size, - new_instances_protected_from_scale_in - from - aws_ec2_autoscaling_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n load_balancer_names,\n availability_zones,\n\ + \ service_linked_role_arn,\n default_cooldown,\n max_size,\n min_size,\n \ + \ new_instances_protected_from_scale_in\nfrom\n aws_ec2_autoscaling_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Auto Scaling +Title: List all AWS EC2 Auto Scaling Groups with Details diff --git a/queries/aws_ec2_autoscaling_group_2.yaml b/queries/aws_ec2_autoscaling_group_2.yaml index a5694c411..e32b7a7d9 100755 --- a/queries/aws_ec2_autoscaling_group_2.yaml +++ b/queries/aws_ec2_autoscaling_group_2.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS EC2 Auto Scaling Groups and access detailed + information about each group''s configuration, instances, policies, and more. ID: aws_ec2_autoscaling_group_2 -Title: "Find AWS EC2 Auto Scaling Groups with Less than 2 AZs" -Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_array_length(availability_zones) as az_count - from - aws_ec2_autoscaling_group - where - jsonb_array_length(availability_zones) < 2; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n jsonb_array_length(availability_zones) as az_count\n\ + from\n aws_ec2_autoscaling_group\nwhere\n jsonb_array_length(availability_zones)\ + \ < 2;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Auto Scaling +Title: Find AWS EC2 Auto Scaling Groups with Less than 2 AZs diff --git a/queries/aws_ec2_autoscaling_group_3.yaml b/queries/aws_ec2_autoscaling_group_3.yaml index 8e0cd92fa..5d0b7b514 100755 --- a/queries/aws_ec2_autoscaling_group_3.yaml +++ b/queries/aws_ec2_autoscaling_group_3.yaml @@ -1,33 +1,28 @@ +Description: Allows users to query AWS EC2 Auto Scaling Groups and access detailed + information about each group''s configuration, instances, policies, and more. ID: aws_ec2_autoscaling_group_3 -Title: "List all AWS EC2 Auto Scaling Groups and Details" -Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as autoscaling_group_name, - ins_detail ->> 'InstanceId' as instance_id, - ins_detail ->> 'InstanceType' as instance_type, - ins_detail ->> 'AvailabilityZone' as az, - ins_detail ->> 'HealthStatus' as health_status, - ins_detail ->> 'LaunchConfigurationName' as launch_configuration_name, - ins_detail -> 'LaunchTemplate' ->> 'LaunchTemplateName' as launch_template_name, - ins_detail -> 'LaunchTemplate' ->> 'Version' as launch_template_version, - ins_detail ->> 'ProtectedFromScaleIn' as protected_from_scale_in - from - aws_ec2_autoscaling_group, - jsonb_array_elements(instances) as ins_detail; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as autoscaling_group_name,\n ins_detail ->> 'InstanceId'\ + \ as instance_id,\n ins_detail ->> 'InstanceType' as instance_type,\n ins_detail\ + \ ->> 'AvailabilityZone' as az,\n ins_detail ->> 'HealthStatus' as health_status,\n\ + \ ins_detail ->> 'LaunchConfigurationName' as launch_configuration_name,\n ins_detail\ + \ -> 'LaunchTemplate' ->> 'LaunchTemplateName' as launch_template_name,\n ins_detail\ + \ -> 'LaunchTemplate' ->> 'Version' as launch_template_version,\n ins_detail\ + \ ->> 'ProtectedFromScaleIn' as protected_from_scale_in\nfrom\n aws_ec2_autoscaling_group,\n\ + \ jsonb_array_elements(instances) as ins_detail;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Auto Scaling +Title: List all AWS EC2 Auto Scaling Groups and Details diff --git a/queries/aws_ec2_autoscaling_group_4.yaml b/queries/aws_ec2_autoscaling_group_4.yaml index 575566580..00d9ea4ea 100755 --- a/queries/aws_ec2_autoscaling_group_4.yaml +++ b/queries/aws_ec2_autoscaling_group_4.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS EC2 Auto Scaling Groups and access detailed + information about each group''s configuration, instances, policies, and more. ID: aws_ec2_autoscaling_group_4 -Title: "List AWS EC2 Auto Scaling Groups and Their Configurations" -Description: "Allows users to query AWS EC2 Auto Scaling Groups and access detailed information about each group''s configuration, instances, policies, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - health_check_type, - health_check_grace_period - from - aws_ec2_autoscaling_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n health_check_type,\n health_check_grace_period\n\ + from\n aws_ec2_autoscaling_group;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Auto Scaling +Title: List AWS EC2 Auto Scaling Groups and Their Configurations diff --git a/queries/aws_ec2_capacity_reservation_1.yaml b/queries/aws_ec2_capacity_reservation_1.yaml index fe24676c4..1e0ccfb30 100755 --- a/queries/aws_ec2_capacity_reservation_1.yaml +++ b/queries/aws_ec2_capacity_reservation_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS EC2 Capacity Reservations to provide information + about the reservations within AWS Elastic Compute Cloud (EC2). ID: aws_ec2_capacity_reservation_1 -Title: "Find All AWS EC2 Capacity Reservations via SQL" -Description: "Allows users to query AWS EC2 Capacity Reservations to provide information about the reservations within AWS Elastic Compute Cloud (EC2)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - capacity_reservation_id, - capacity_reservation_arn, - instance_type, - state - from - aws_ec2_capacity_reservation; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n capacity_reservation_id,\n capacity_reservation_arn,\n\ + \ instance_type,\n state\nfrom\n aws_ec2_capacity_reservation;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Compute Cloud (EC2) +Title: Find All AWS EC2 Capacity Reservations via SQL diff --git a/queries/aws_ec2_capacity_reservation_2.yaml b/queries/aws_ec2_capacity_reservation_2.yaml index 6dda06318..8ee00b107 100755 --- a/queries/aws_ec2_capacity_reservation_2.yaml +++ b/queries/aws_ec2_capacity_reservation_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS EC2 Capacity Reservations to provide information + about the reservations within AWS Elastic Compute Cloud (EC2). ID: aws_ec2_capacity_reservation_2 -Title: "Find AWS EC2 Capacity Reservations with SQL Query" -Description: "Allows users to query AWS EC2 Capacity Reservations to provide information about the reservations within AWS Elastic Compute Cloud (EC2)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - capacity_reservation_id, - capacity_reservation_arn, - instance_type, - state - from - aws_ec2_capacity_reservation - where - state = 'expired'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n capacity_reservation_id,\n capacity_reservation_arn,\n\ + \ instance_type,\n state\nfrom\n aws_ec2_capacity_reservation\nwhere\n state\ + \ = 'expired';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Capacity Reservations with SQL Query diff --git a/queries/aws_ec2_capacity_reservation_3.yaml b/queries/aws_ec2_capacity_reservation_3.yaml index 21ec211bc..41b4e7438 100755 --- a/queries/aws_ec2_capacity_reservation_3.yaml +++ b/queries/aws_ec2_capacity_reservation_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS EC2 Capacity Reservations to provide information + about the reservations within AWS Elastic Compute Cloud (EC2). ID: aws_ec2_capacity_reservation_3 -Title: "List AWS EC2 Capacity Reservations Details" -Description: "Allows users to query AWS EC2 Capacity Reservations to provide information about the reservations within AWS Elastic Compute Cloud (EC2)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - capacity_reservation_id, - capacity_reservation_arn, - instance_type, - state - from - aws_ec2_capacity_reservation - where - capacity_reservation_id = 'cr-0b30935e9fc2da81e'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n capacity_reservation_id,\n capacity_reservation_arn,\n\ + \ instance_type,\n state\nfrom\n aws_ec2_capacity_reservation\nwhere\n capacity_reservation_id\ + \ = 'cr-0b30935e9fc2da81e';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Compute Cloud (EC2) +Title: List AWS EC2 Capacity Reservations Details diff --git a/queries/aws_ec2_classic_load_balancer_1.yaml b/queries/aws_ec2_classic_load_balancer_1.yaml index a3a7a0a51..61eefdd62 100755 --- a/queries/aws_ec2_classic_load_balancer_1.yaml +++ b/queries/aws_ec2_classic_load_balancer_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query Classic Load Balancers within Amazon EC2. ID: aws_ec2_classic_load_balancer_1 -Title: "List all AWS EC2 Classic Load Balancers with Instances" -Description: "Allows users to query Classic Load Balancers within Amazon EC2." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - instances - from - aws_ec2_classic_load_balancer; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n instances\nfrom\n aws_ec2_classic_load_balancer;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EC2 +Title: List all AWS EC2 Classic Load Balancers with Instances diff --git a/queries/aws_ec2_classic_load_balancer_2.yaml b/queries/aws_ec2_classic_load_balancer_2.yaml index a182e279c..a184801f6 100755 --- a/queries/aws_ec2_classic_load_balancer_2.yaml +++ b/queries/aws_ec2_classic_load_balancer_2.yaml @@ -1,25 +1,19 @@ +Description: Allows users to query Classic Load Balancers within Amazon EC2. ID: aws_ec2_classic_load_balancer_2 -Title: "List all disabled access logs on EC2 Classic Load Balancers" -Description: "Allows users to query Classic Load Balancers within Amazon EC2." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_log_enabled - from - aws_ec2_classic_load_balancer - where - access_log_enabled = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n access_log_enabled\nfrom\n aws_ec2_classic_load_balancer\n\ + where\n access_log_enabled = 'false';" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Classic Load Balancer +Title: List all disabled access logs on EC2 Classic Load Balancers diff --git a/queries/aws_ec2_classic_load_balancer_3.yaml b/queries/aws_ec2_classic_load_balancer_3.yaml index 18ffda2e7..6d5a91890 100755 --- a/queries/aws_ec2_classic_load_balancer_3.yaml +++ b/queries/aws_ec2_classic_load_balancer_3.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query Classic Load Balancers within Amazon EC2. ID: aws_ec2_classic_load_balancer_3 -Title: "List all Classic Load Balancers within Amazon EC2" -Description: "Allows users to query Classic Load Balancers within Amazon EC2." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_array_elements_text(security_groups) as sg - from - aws_ec2_classic_load_balancer; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n jsonb_array_elements_text(security_groups) as\ + \ sg\nfrom\n aws_ec2_classic_load_balancer;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all Classic Load Balancers within Amazon EC2 diff --git a/queries/aws_ec2_classic_load_balancer_4.yaml b/queries/aws_ec2_classic_load_balancer_4.yaml index 09705176a..2cd92d369 100755 --- a/queries/aws_ec2_classic_load_balancer_4.yaml +++ b/queries/aws_ec2_classic_load_balancer_4.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query Classic Load Balancers within Amazon EC2. ID: aws_ec2_classic_load_balancer_4 -Title: "Find all Load Balancers in AWS EC2 Classic" -Description: "Allows users to query Classic Load Balancers within Amazon EC2." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - listener_description -> 'Listener' ->> 'InstancePort' as instance_port, - listener_description -> 'Listener' ->> 'InstanceProtocol' as instance_protocol, - listener_description -> 'Listener' ->> 'LoadBalancerPort' as load_balancer_port, - listener_description -> 'Listener' ->> 'Protocol' as load_balancer_protocol, - listener_description -> 'SSLCertificateId' ->> 'SSLCertificateId' as ssl_certificate, - listener_description -> 'Listener' ->> 'PolicyNames' as policy_names - from - aws_ec2_classic_load_balancer - cross join jsonb_array_elements(listener_descriptions) as listener_description; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n listener_description -> 'Listener' ->> 'InstancePort'\ + \ as instance_port,\n listener_description -> 'Listener' ->> 'InstanceProtocol'\ + \ as instance_protocol,\n listener_description -> 'Listener' ->> 'LoadBalancerPort'\ + \ as load_balancer_port,\n listener_description -> 'Listener' ->> 'Protocol'\ + \ as load_balancer_protocol,\n listener_description -> 'SSLCertificateId' ->>\ + \ 'SSLCertificateId' as ssl_certificate,\n listener_description -> 'Listener'\ + \ ->> 'PolicyNames' as policy_names\nfrom\n aws_ec2_classic_load_balancer\n \ + \ cross join jsonb_array_elements(listener_descriptions) as listener_description;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find all Load Balancers in AWS EC2 Classic diff --git a/queries/aws_ec2_classic_load_balancer_5.yaml b/queries/aws_ec2_classic_load_balancer_5.yaml index 899ba09fe..4b56b8564 100755 --- a/queries/aws_ec2_classic_load_balancer_5.yaml +++ b/queries/aws_ec2_classic_load_balancer_5.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query Classic Load Balancers within Amazon EC2. ID: aws_ec2_classic_load_balancer_5 -Title: "List all EC2 Classic Load Balancers and Health Configs" -Description: "Allows users to query Classic Load Balancers within Amazon EC2." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - healthy_threshold, - health_check_interval, - health_check_target, - health_check_timeout, - unhealthy_threshold - from - aws_ec2_classic_load_balancer; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n healthy_threshold,\n health_check_interval,\n\ + \ health_check_target,\n health_check_timeout,\n unhealthy_threshold\nfrom\n\ + \ aws_ec2_classic_load_balancer;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all EC2 Classic Load Balancers and Health Configs diff --git a/queries/aws_ec2_client_vpn_endpoint_1.yaml b/queries/aws_ec2_client_vpn_endpoint_1.yaml index 8a262b6a0..5b5b45c1a 100755 --- a/queries/aws_ec2_client_vpn_endpoint_1.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_1.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed + information about the configuration, status, and associated network details of each + endpoint. ID: aws_ec2_client_vpn_endpoint_1 -Title: "Find AWS EC2 Client VPN Endpoints Configuration and Status" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - description, - status, - client_vpn_endpoint_id, - transport_protocol, - creation_time, - tags - from - aws_ec2_client_vpn_endpoint; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n description,\n status,\n client_vpn_endpoint_id,\n\ + \ transport_protocol,\n creation_time,\n tags\nfrom\n aws_ec2_client_vpn_endpoint;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Client VPN +Title: Find AWS EC2 Client VPN Endpoints Configuration and Status diff --git a/queries/aws_ec2_client_vpn_endpoint_2.yaml b/queries/aws_ec2_client_vpn_endpoint_2.yaml index 46633ef4a..da9a2f689 100755 --- a/queries/aws_ec2_client_vpn_endpoint_2.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_2.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed + information about the configuration, status, and associated network details of each + endpoint. ID: aws_ec2_client_vpn_endpoint_2 -Title: "Find AWS EC2 Client VPN Endpoint Network Details" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - status, - client_vpn_endpoint_id, - transport_protocol, - tags - from - aws_ec2_client_vpn_endpoint - where - status ->> 'Code' <> 'available'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n status,\n client_vpn_endpoint_id,\n transport_protocol,\n\ + \ tags\nfrom\n aws_ec2_client_vpn_endpoint\nwhere\n status ->> 'Code' <> 'available';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Client VPN +Title: Find AWS EC2 Client VPN Endpoint Network Details diff --git a/queries/aws_ec2_client_vpn_endpoint_3.yaml b/queries/aws_ec2_client_vpn_endpoint_3.yaml index 38395c0f9..79c425a98 100755 --- a/queries/aws_ec2_client_vpn_endpoint_3.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_3.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed + information about the configuration, status, and associated network details of each + endpoint. ID: aws_ec2_client_vpn_endpoint_3 -Title: "List all AWS EC2 Client VPN Endpoint Details" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - status ->> 'Code' as status, - client_vpn_endpoint_id, - transport_protocol, - tags - from - aws_ec2_client_vpn_endpoint - where - creation_time >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n status ->> 'Code' as status,\n client_vpn_endpoint_id,\n\ + \ transport_protocol,\n tags\nfrom\n aws_ec2_client_vpn_endpoint\nwhere\n \ + \ creation_time >= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Client VPN +Title: List all AWS EC2 Client VPN Endpoint Details diff --git a/queries/aws_ec2_client_vpn_endpoint_4.yaml b/queries/aws_ec2_client_vpn_endpoint_4.yaml index 757d43f00..137fa4207 100755 --- a/queries/aws_ec2_client_vpn_endpoint_4.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_4.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed + information about the configuration, status, and associated network details of each + endpoint. ID: aws_ec2_client_vpn_endpoint_4 -Title: "Find Configuration and Status of AWS EC2 Client VPN Endpoints" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - status ->> 'Code' as status, - client_vpn_endpoint_id, - security_group_ids, - vpc_id, - vpn_port, - vpn_protocol, - transport_protocol, - tags - from - aws_ec2_client_vpn_endpoint - where - creation_time >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n status ->> 'Code' as status,\n client_vpn_endpoint_id,\n\ + \ security_group_ids,\n vpc_id,\n vpn_port,\n vpn_protocol,\n transport_protocol,\n\ + \ tags\nfrom\n aws_ec2_client_vpn_endpoint\nwhere\n creation_time >= now()\ + \ - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Client VPN +Title: Find Configuration and Status of AWS EC2 Client VPN Endpoints diff --git a/queries/aws_ec2_client_vpn_endpoint_5.yaml b/queries/aws_ec2_client_vpn_endpoint_5.yaml index 3be0da713..9d4a25ce8 100755 --- a/queries/aws_ec2_client_vpn_endpoint_5.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_5.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed + information about the configuration, status, and associated network details of each + endpoint. ID: aws_ec2_client_vpn_endpoint_5 -Title: "Find AWS EC2 Client VPN Endpoints Configuration Details" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - status ->> 'Code' as status, - client_vpn_endpoint_id, - security_group_ids, - vpc_id, - vpn_port, - vpn_protocol, - transport_protocol, - tags - from - aws_ec2_client_vpn_endpoint; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n status ->> 'Code' as status,\n client_vpn_endpoint_id,\n\ + \ security_group_ids,\n vpc_id,\n vpn_port,\n vpn_protocol,\n transport_protocol,\n\ + \ tags\nfrom\n aws_ec2_client_vpn_endpoint;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Client VPN Endpoints Configuration Details diff --git a/queries/aws_ec2_client_vpn_endpoint_6.yaml b/queries/aws_ec2_client_vpn_endpoint_6.yaml index 8e6795b33..ea3781c55 100755 --- a/queries/aws_ec2_client_vpn_endpoint_6.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_6.yaml @@ -1,30 +1,26 @@ +Description: Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed + information about the configuration, status, and associated network details of each + endpoint. ID: aws_ec2_client_vpn_endpoint_6 -Title: "List all AWS EC2 Client VPN Endpoints with Details" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - status ->> 'Code' as status, - client_vpn_endpoint_id, - connection_log_options ->> 'Enabled' as connection_log_options_enabled, - connection_log_options ->> 'CloudwatchLogGroup' as connection_log_options_cloudwatch_log_group, - connection_log_options ->> 'CloudwatchLogStream' as connection_log_options_cloudwatch_log_stream, - tags - from - aws_ec2_client_vpn_endpoint; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n status ->> 'Code' as status,\n client_vpn_endpoint_id,\n\ + \ connection_log_options ->> 'Enabled' as connection_log_options_enabled,\n \ + \ connection_log_options ->> 'CloudwatchLogGroup' as connection_log_options_cloudwatch_log_group,\n\ + \ connection_log_options ->> 'CloudwatchLogStream' as connection_log_options_cloudwatch_log_stream,\n\ + \ tags\nfrom\n aws_ec2_client_vpn_endpoint;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Client VPN +Title: List all AWS EC2 Client VPN Endpoints with Details diff --git a/queries/aws_ec2_client_vpn_endpoint_7.yaml b/queries/aws_ec2_client_vpn_endpoint_7.yaml index cad9e0ebc..c7d62064d 100755 --- a/queries/aws_ec2_client_vpn_endpoint_7.yaml +++ b/queries/aws_ec2_client_vpn_endpoint_7.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed + information about the configuration, status, and associated network details of each + endpoint. ID: aws_ec2_client_vpn_endpoint_7 -Title: "List all Configuration and Status of EC2 Client VPN Endpoints" -Description: "Allows users to query AWS EC2 Client VPN Endpoints to retrieve detailed information about the configuration, status, and associated network details of each endpoint." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - status ->> 'Code' as status, - client_vpn_endpoint_id, - autentication ->> 'Type' as authentication_options_type, - autentication -> 'MutualAuthentication' ->> 'ClientRootCertificateChain' as authentication_client_root_certificate_chain, - authentication_options, - tags - from - aws_ec2_client_vpn_endpoint, - jsonb_array_elements(authentication_options) as autentication; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n status ->> 'Code' as status,\n client_vpn_endpoint_id,\n\ + \ autentication ->> 'Type' as authentication_options_type,\n autentication ->\ + \ 'MutualAuthentication' ->> 'ClientRootCertificateChain' as authentication_client_root_certificate_chain,\n\ + \ authentication_options,\n tags\nfrom\n aws_ec2_client_vpn_endpoint,\n jsonb_array_elements(authentication_options)\ + \ as autentication;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all Configuration and Status of EC2 Client VPN Endpoints diff --git a/queries/aws_ec2_gateway_load_balancer_1.yaml b/queries/aws_ec2_gateway_load_balancer_1.yaml index 41223ffcc..93a316037 100755 --- a/queries/aws_ec2_gateway_load_balancer_1.yaml +++ b/queries/aws_ec2_gateway_load_balancer_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS EC2 Gateway Load Balancer details, including + its configuration, state, type, and associated tags. ID: aws_ec2_gateway_load_balancer_1 -Title: "Find AWS EC2 Gateway Load Balancer details, config & state" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - type, - state_code, - vpc_id, - availability_zones - from - aws_ec2_gateway_load_balancer; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n type,\n state_code,\n vpc_id,\n availability_zones\n\ + from\n aws_ec2_gateway_load_balancer;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Gateway Load Balancer +Title: Find AWS EC2 Gateway Load Balancer details, config & state diff --git a/queries/aws_ec2_gateway_load_balancer_2.yaml b/queries/aws_ec2_gateway_load_balancer_2.yaml index 5d458162f..a1556bec3 100755 --- a/queries/aws_ec2_gateway_load_balancer_2.yaml +++ b/queries/aws_ec2_gateway_load_balancer_2.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS EC2 Gateway Load Balancer details, including + its configuration, state, type, and associated tags. ID: aws_ec2_gateway_load_balancer_2 -Title: "List all AWS EC2 Gateway Load Balancer Details" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - az ->> 'LoadBalancerAddresses' as load_balancer_addresses, - az ->> 'OutpostId' as outpost_id, - az ->> 'SubnetId' as subnet_id, - az ->> 'ZoneName' as zone_name - from - aws_ec2_gateway_load_balancer, - jsonb_array_elements(availability_zones) as az; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n az ->> 'LoadBalancerAddresses' as load_balancer_addresses,\n\ + \ az ->> 'OutpostId' as outpost_id,\n az ->> 'SubnetId' as subnet_id,\n az\ + \ ->> 'ZoneName' as zone_name\nfrom\n aws_ec2_gateway_load_balancer,\n jsonb_array_elements(availability_zones)\ + \ as az;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Gateway Load Balancer +Title: List all AWS EC2 Gateway Load Balancer Details diff --git a/queries/aws_ec2_gateway_load_balancer_3.yaml b/queries/aws_ec2_gateway_load_balancer_3.yaml index 41c7f0057..5d872546e 100755 --- a/queries/aws_ec2_gateway_load_balancer_3.yaml +++ b/queries/aws_ec2_gateway_load_balancer_3.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS EC2 Gateway Load Balancer details, including + its configuration, state, type, and associated tags. ID: aws_ec2_gateway_load_balancer_3 -Title: "Find AWS EC2 Gateway Load Balancer Details and Configuration" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - count(az ->> 'ZoneName') as zone_count - from - aws_ec2_gateway_load_balancer, - jsonb_array_elements(availability_zones) as az - group by - name - having - count(az ->> 'ZoneName') < 2; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n count(az ->> 'ZoneName') as zone_count\nfrom\n\ + \ aws_ec2_gateway_load_balancer,\n jsonb_array_elements(availability_zones)\ + \ as az\ngroup by\n name\nhaving\n count(az ->> 'ZoneName') < 2;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Gateway Load Balancer +Title: Find AWS EC2 Gateway Load Balancer Details and Configuration diff --git a/queries/aws_ec2_gateway_load_balancer_4.yaml b/queries/aws_ec2_gateway_load_balancer_4.yaml index ab144b885..294740618 100755 --- a/queries/aws_ec2_gateway_load_balancer_4.yaml +++ b/queries/aws_ec2_gateway_load_balancer_4.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS EC2 Gateway Load Balancer details, including + its configuration, state, type, and associated tags. ID: aws_ec2_gateway_load_balancer_4 -Title: "Find AWS EC2 Gateway Load Balancer with deletion protection" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as deletion_protection_key, - lb ->> 'Value' as deletion_protection_value - from - aws_ec2_gateway_load_balancer, - jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'deletion_protection.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n lb ->> 'Key' as deletion_protection_key,\n \ + \ lb ->> 'Value' as deletion_protection_value\nfrom\n aws_ec2_gateway_load_balancer,\n\ + \ jsonb_array_elements(load_balancer_attributes) as lb\nwhere\n lb ->> 'Key'\ + \ = 'deletion_protection.enabled'\n and lb ->> 'Value' = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Gateway Load Balancer +Title: Find AWS EC2 Gateway Load Balancer with deletion protection diff --git a/queries/aws_ec2_gateway_load_balancer_5.yaml b/queries/aws_ec2_gateway_load_balancer_5.yaml index 07f7073f1..58a0cb9eb 100755 --- a/queries/aws_ec2_gateway_load_balancer_5.yaml +++ b/queries/aws_ec2_gateway_load_balancer_5.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS EC2 Gateway Load Balancer details, including + its configuration, state, type, and associated tags. ID: aws_ec2_gateway_load_balancer_5 -Title: "Find AWS EC2 Gateway Load Balancer Configuration Details" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as load_balancing_cross_zone_key, - lb ->> 'Value' as load_balancing_cross_zone_value - from - aws_ec2_gateway_load_balancer, - jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'load_balancing.cross_zone.enabled' - and lb ->> 'Value' = 'true'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n lb ->> 'Key' as load_balancing_cross_zone_key,\n\ + \ lb ->> 'Value' as load_balancing_cross_zone_value\nfrom\n aws_ec2_gateway_load_balancer,\n\ + \ jsonb_array_elements(load_balancer_attributes) as lb\nwhere\n lb ->> 'Key'\ + \ = 'load_balancing.cross_zone.enabled'\n and lb ->> 'Value' = 'true';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Gateway Load Balancer +Title: Find AWS EC2 Gateway Load Balancer Configuration Details diff --git a/queries/aws_ec2_gateway_load_balancer_6.yaml b/queries/aws_ec2_gateway_load_balancer_6.yaml index fb0c164ab..ac52f6e46 100755 --- a/queries/aws_ec2_gateway_load_balancer_6.yaml +++ b/queries/aws_ec2_gateway_load_balancer_6.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query AWS EC2 Gateway Load Balancer details, including + its configuration, state, type, and associated tags. ID: aws_ec2_gateway_load_balancer_6 -Title: "Find AWS EC2 Gateway Load Balancer Details" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_array_elements_text(security_groups) as attached_security_group - from - aws_ec2_gateway_load_balancer; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n jsonb_array_elements_text(security_groups) as\ + \ attached_security_group\nfrom\n aws_ec2_gateway_load_balancer;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Gateway Load Balancer +Title: Find AWS EC2 Gateway Load Balancer Details diff --git a/queries/aws_ec2_gateway_load_balancer_7.yaml b/queries/aws_ec2_gateway_load_balancer_7.yaml index fc918a1ac..7b4db7f4e 100755 --- a/queries/aws_ec2_gateway_load_balancer_7.yaml +++ b/queries/aws_ec2_gateway_load_balancer_7.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EC2 Gateway Load Balancer details, including + its configuration, state, type, and associated tags. ID: aws_ec2_gateway_load_balancer_7 -Title: "Find AWS EC2 Gateway Load Balancer details, state, type" -Description: "Allows users to query AWS EC2 Gateway Load Balancer details, including its configuration, state, type, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - state_code - from - aws_ec2_gateway_load_balancer - where - state_code <> 'active'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n state_code\nfrom\n aws_ec2_gateway_load_balancer\n\ + where\n state_code <> 'active';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Gateway Load Balancer +Title: Find AWS EC2 Gateway Load Balancer details, state, type diff --git a/queries/aws_ec2_instance_1.yaml b/queries/aws_ec2_instance_1.yaml index 677cd3a47..d56c0fdf2 100755 --- a/queries/aws_ec2_instance_1.yaml +++ b/queries/aws_ec2_instance_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_1 -Title: "List all AWS EC2 Instances with Type and State Info" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - placement_availability_zone as az, - instance_type, - count(*) - from - aws_ec2_instance - group by - placement_availability_zone, - instance_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n placement_availability_zone as az,\n instance_type,\n\ + \ count(*)\nfrom\n aws_ec2_instance\ngroup by\n placement_availability_zone,\n\ + \ instance_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Instances with Type and State Info diff --git a/queries/aws_ec2_instance_10.yaml b/queries/aws_ec2_instance_10.yaml index a9d6fd17a..60f9dc9b2 100755 --- a/queries/aws_ec2_instance_10.yaml +++ b/queries/aws_ec2_instance_10.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_10 -Title: "Find all AWS EC2 Instances with API Termination Enabled" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - disable_api_termination - from - aws_ec2_instance - where - not disable_api_termination; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n disable_api_termination\nfrom\n aws_ec2_instance\n\ + where\n not disable_api_termination;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find all AWS EC2 Instances with API Termination Enabled diff --git a/queries/aws_ec2_instance_11.yaml b/queries/aws_ec2_instance_11.yaml index 1b87381f5..394f26077 100755 --- a/queries/aws_ec2_instance_11.yaml +++ b/queries/aws_ec2_instance_11.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_11 -Title: "List all AWS EC2 Instances with Group Details" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - sg ->> 'GroupId' as group_id, - sg ->> 'GroupName' as group_name - from - aws_ec2_instance - cross join jsonb_array_elements(security_groups) as sg - where - sg ->> 'GroupName' = 'default'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n sg ->> 'GroupId' as group_id,\n sg ->>\ + \ 'GroupName' as group_name\nfrom\n aws_ec2_instance\n cross join jsonb_array_elements(security_groups)\ + \ as sg\nwhere\n sg ->> 'GroupName' = 'default';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Instances with Group Details diff --git a/queries/aws_ec2_instance_12.yaml b/queries/aws_ec2_instance_12.yaml index d6e487b31..fc67bd842 100755 --- a/queries/aws_ec2_instance_12.yaml +++ b/queries/aws_ec2_instance_12.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_12 -Title: "List all AWS EC2 Instances and Volume Encryption Status" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.instance_id, - vols -> 'Ebs' ->> 'VolumeId' as vol_id, - vol.encrypted - from - aws_ec2_instance as i - cross join jsonb_array_elements(block_device_mappings) as vols - join aws_ebs_volume as vol on vol.volume_id = vols -> 'Ebs' ->> 'VolumeId' - where - not vol.encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n i.instance_id,\n vols -> 'Ebs' ->> 'VolumeId' as vol_id,\n\ + \ vol.encrypted\nfrom\n aws_ec2_instance as i\n cross join jsonb_array_elements(block_device_mappings)\ + \ as vols\n join aws_ebs_volume as vol on vol.volume_id = vols -> 'Ebs' ->> 'VolumeId'\n\ + where\n not vol.encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Instances and Volume Encryption Status diff --git a/queries/aws_ec2_instance_13.yaml b/queries/aws_ec2_instance_13.yaml index 7d836792d..1d7f9001b 100755 --- a/queries/aws_ec2_instance_13.yaml +++ b/queries/aws_ec2_instance_13.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_13 -Title: "Find EC2 Instances with Sensitive Data in User Data" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - user_data - from - aws_ec2_instance - where - user_data like any (array ['%pass%', '%secret%','%token%','%key%']) - or user_data ~ '(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n user_data\nfrom\n aws_ec2_instance\n\ + where\n user_data like any (array ['%pass%', '%secret%','%token%','%key%'])\n\ + \ or user_data ~ '(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[@$!%*?&])[A-Za-z\\d@$!%*?&]';" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find EC2 Instances with Sensitive Data in User Data diff --git a/queries/aws_ec2_instance_14.yaml b/queries/aws_ec2_instance_14.yaml index 05d7ddaea..2575ab6d1 100755 --- a/queries/aws_ec2_instance_14.yaml +++ b/queries/aws_ec2_instance_14.yaml @@ -1,31 +1,27 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_14 -Title: "List All AWS EC2 Instances with Detailed Information" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - launch_template_data -> 'ImageId' as image_id, - launch_template_data -> 'Placement' as placement, - launch_template_data -> 'DisableApiStop' as disable_api_stop, - launch_template_data -> 'MetadataOptions' as metadata_options, - launch_template_data -> 'NetworkInterfaces' as network_interfaces, - launch_template_data -> 'BlockDeviceMappings' as block_device_mappings, - launch_template_data -> 'CapacityReservationSpecification' as capacity_reservation_specification - from - aws_ec2_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n launch_template_data -> 'ImageId' as\ + \ image_id,\n launch_template_data -> 'Placement' as placement,\n launch_template_data\ + \ -> 'DisableApiStop' as disable_api_stop,\n launch_template_data -> 'MetadataOptions'\ + \ as metadata_options,\n launch_template_data -> 'NetworkInterfaces' as network_interfaces,\n\ + \ launch_template_data -> 'BlockDeviceMappings' as block_device_mappings,\n \ + \ launch_template_data -> 'CapacityReservationSpecification' as capacity_reservation_specification\n\ + from\n aws_ec2_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List All AWS EC2 Instances with Detailed Information diff --git a/queries/aws_ec2_instance_15.yaml b/queries/aws_ec2_instance_15.yaml index e5c213541..ac8c143e7 100755 --- a/queries/aws_ec2_instance_15.yaml +++ b/queries/aws_ec2_instance_15.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_15 -Title: "List all AWS EC2 Instances with Comprehensive Data" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.instance_id, - i.vpc_id, - i.subnet_id, - s.tags ->> 'Name' as subnet_name - from - aws_ec2_instance as i, - aws_vpc_subnet as s - where - i.subnet_id = s.subnet_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n i.instance_id, \n i.vpc_id, \n i.subnet_id, \n s.tags\ + \ ->> 'Name' as subnet_name\nfrom \n aws_ec2_instance as i, \n aws_vpc_subnet\ + \ as s \nwhere \n i.subnet_id = s.subnet_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Instances with Comprehensive Data diff --git a/queries/aws_ec2_instance_2.yaml b/queries/aws_ec2_instance_2.yaml index 19376fdaf..95c2e8613 100755 --- a/queries/aws_ec2_instance_2.yaml +++ b/queries/aws_ec2_instance_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_2 -Title: "List all AWS EC2 Instances and Their States" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - monitoring_state - from - aws_ec2_instance - where - monitoring_state = 'disabled'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n monitoring_state\nfrom\n aws_ec2_instance\n\ + where\n monitoring_state = 'disabled';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Instances and Their States diff --git a/queries/aws_ec2_instance_3.yaml b/queries/aws_ec2_instance_3.yaml index f35407ed1..eae63842f 100755 --- a/queries/aws_ec2_instance_3.yaml +++ b/queries/aws_ec2_instance_3.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_3 -Title: "List all AWS EC2 Instances with Types and Counts" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - count(instance_type) as count - from - aws_ec2_instance - group by - instance_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_type,\n count(instance_type) as count\nfrom\n\ + \ aws_ec2_instance\ngroup by\n instance_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Instances with Types and Counts diff --git a/queries/aws_ec2_instance_4.yaml b/queries/aws_ec2_instance_4.yaml index b43a8537c..75d707131 100755 --- a/queries/aws_ec2_instance_4.yaml +++ b/queries/aws_ec2_instance_4.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_4 -Title: "Find AWS EC2 Instances Stopped Over 30 days Ago" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - instance_state, - launch_time, - state_transition_time - from - aws_ec2_instance - where - instance_state = 'stopped' - and state_transition_time <= (current_date - interval '30' day); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n instance_state,\n launch_time,\n state_transition_time\n\ + from\n aws_ec2_instance\nwhere\n instance_state = 'stopped'\n and state_transition_time\ + \ <= (current_date - interval '30' day);" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Instances Stopped Over 30 days Ago diff --git a/queries/aws_ec2_instance_5.yaml b/queries/aws_ec2_instance_5.yaml index b694f90b7..fcf82bc05 100755 --- a/queries/aws_ec2_instance_5.yaml +++ b/queries/aws_ec2_instance_5.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_5 -Title: "List all AWS EC2 Instances with Comprehensive Data" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - tags - from - aws_ec2_instance - where - not tags :: JSONB ? 'application'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n tags\nfrom\n aws_ec2_instance\nwhere\n\ + \ not tags :: JSONB ? 'application';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Instances with Comprehensive Data diff --git a/queries/aws_ec2_instance_6.yaml b/queries/aws_ec2_instance_6.yaml index 0315b813a..ce85f7253 100755 --- a/queries/aws_ec2_instance_6.yaml +++ b/queries/aws_ec2_instance_6.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_6 -Title: "Find all EC2 Instances with Detailed Information" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - instance_state, - launch_time, - maintenance_options ->> 'AutoRecovery' as auto_recovery - from - aws_ec2_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n instance_state,\n launch_time,\n maintenance_options\ + \ ->> 'AutoRecovery' as auto_recovery\nfrom\n aws_ec2_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find all EC2 Instances with Detailed Information diff --git a/queries/aws_ec2_instance_7.yaml b/queries/aws_ec2_instance_7.yaml index 133cbb212..196bf3a46 100755 --- a/queries/aws_ec2_instance_7.yaml +++ b/queries/aws_ec2_instance_7.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_7 -Title: "List all AWS EC2 instances including detailed data" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - instance_type, - instance_state, - l ->> 'LicenseConfigurationArn' as license_configuration_arn - from - aws_ec2_instance, - jsonb_array_elements(licenses) as l; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n instance_type,\n instance_state,\n \ + \ l ->> 'LicenseConfigurationArn' as license_configuration_arn\nfrom\n aws_ec2_instance,\n\ + \ jsonb_array_elements(licenses) as l;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 instances including detailed data diff --git a/queries/aws_ec2_instance_8.yaml b/queries/aws_ec2_instance_8.yaml index ea81b0ed3..85e2206e7 100755 --- a/queries/aws_ec2_instance_8.yaml +++ b/queries/aws_ec2_instance_8.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_8 -Title: "List all AWS EC2 Instances with Detailed Attributes" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - instance_state, - placement_affinity, - placement_group_id, - placement_group_name, - placement_availability_zone, - placement_host_id, - placement_host_resource_group_arn, - placement_partition_number, - placement_tenancy - from - aws_ec2_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n instance_state,\n placement_affinity,\n\ + \ placement_group_id,\n placement_group_name,\n placement_availability_zone,\n\ + \ placement_host_id,\n placement_host_resource_group_arn,\n placement_partition_number,\n\ + \ placement_tenancy\nfrom\n aws_ec2_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Instances with Detailed Attributes diff --git a/queries/aws_ec2_instance_9.yaml b/queries/aws_ec2_instance_9.yaml index f3fd57f36..85b7d8d2b 100755 --- a/queries/aws_ec2_instance_9.yaml +++ b/queries/aws_ec2_instance_9.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS EC2 Instances for comprehensive data on each + instance, including instance type, state, tags, and more. ID: aws_ec2_instance_9 -Title: "List all AWS EC2 Instances with Instance Type Count" -Description: "Allows users to query AWS EC2 Instances for comprehensive data on each instance, including instance type, state, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - count(*) as count - from - aws_ec2_instance - where - instance_type not in ('t2.large', 'm3.medium') - group by - instance_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_type,\n count(*) as count\nfrom\n aws_ec2_instance\n\ + where\n instance_type not in ('t2.large', 'm3.medium')\ngroup by\n instance_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Instances with Instance Type Count diff --git a/queries/aws_ec2_instance_availability_1.yaml b/queries/aws_ec2_instance_availability_1.yaml index acdcc25e3..8bd13f268 100755 --- a/queries/aws_ec2_instance_availability_1.yaml +++ b/queries/aws_ec2_instance_availability_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EC2 Instance Availability and retrieve detailed + information about the availability of EC2 instances in each AWS region. ID: aws_ec2_instance_availability_1 -Title: "List all AWS EC2 Instance Availability by Region" -Description: "Allows users to query AWS EC2 Instance Availability and retrieve detailed information about the availability of EC2 instances in each AWS region." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - location - from - aws_ec2_instance_availability - where - location = 'us-east-1'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_type,\n location\nfrom\n aws_ec2_instance_availability\n\ + where\n location = 'us-east-1';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Instance Availability by Region diff --git a/queries/aws_ec2_instance_availability_2.yaml b/queries/aws_ec2_instance_availability_2.yaml index 730fe2a04..5943fa46b 100755 --- a/queries/aws_ec2_instance_availability_2.yaml +++ b/queries/aws_ec2_instance_availability_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS EC2 Instance Availability and retrieve detailed + information about the availability of EC2 instances in each AWS region. ID: aws_ec2_instance_availability_2 -Title: "List all AWS EC2 Instance Availability by Region" -Description: "Allows users to query AWS EC2 Instance Availability and retrieve detailed information about the availability of EC2 instances in each AWS region." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - location - from - aws_ec2_instance_availability - where - location = 'af-south' - and instance_type = 'r5.12xlarge'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_type,\n location\nfrom\n aws_ec2_instance_availability\n\ + where\n location = 'af-south'\n and instance_type = 'r5.12xlarge';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS EC2 +Title: List all AWS EC2 Instance Availability by Region diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml index 3428b6ff8..03c569fd1 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_1.yaml @@ -1,30 +1,20 @@ +Description: Allows users to query EC2 Instance CPU Utilization metrics from AWS CloudWatch. ID: aws_ec2_instance_metric_cpu_utilization_1 -Title: "Find AWS EC2 Instance CPU Utilization Metrics" -Description: "Allows users to query EC2 Instance CPU Utilization metrics from AWS CloudWatch." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_ec2_instance_metric_cpu_utilization - order by - instance_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sample_count\nfrom\n aws_ec2_instance_metric_cpu_utilization\n\ + order by\n instance_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Instance CPU Utilization Metrics diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml index 2915805f3..3976a7a97 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_2.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query EC2 Instance CPU Utilization metrics from AWS CloudWatch. ID: aws_ec2_instance_metric_cpu_utilization_2 -Title: "Find AWS EC2 Instances with High CPU Utilization" -Description: "Allows users to query EC2 Instance CPU Utilization metrics from AWS CloudWatch." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ec2_instance_metric_cpu_utilization - where average > 80 - order by - instance_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_ec2_instance_metric_cpu_utilization\n\ + where average > 80\norder by\n instance_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Instances with High CPU Utilization diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml index f2842c13b..6e038c130 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_daily_1.yaml @@ -1,30 +1,20 @@ +Description: Allows users to query daily CPU utilization metrics of AWS EC2 instances. ID: aws_ec2_instance_metric_cpu_utilization_daily_1 -Title: "List AWS EC2 Instances Daily CPU Utilization Metrics" -Description: "Allows users to query daily CPU utilization metrics of AWS EC2 instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_ec2_instance_metric_cpu_utilization_daily - order by - instance_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sample_count\nfrom\n aws_ec2_instance_metric_cpu_utilization_daily\n\ + order by\n instance_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List AWS EC2 Instances Daily CPU Utilization Metrics diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml index a24990d1e..7a1d37e8b 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_daily_2.yaml @@ -1,35 +1,25 @@ +Description: Allows users to query daily CPU utilization metrics of AWS EC2 instances. ID: aws_ec2_instance_metric_cpu_utilization_daily_2 -Title: "Find AWS EC2 Instances with High Daily CPU Utilization" -Description: "Allows users to query daily CPU utilization metrics of AWS EC2 instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ec2_instance_metric_cpu_utilization_daily - where average > 80 - order by - instance_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_ec2_instance_metric_cpu_utilization_daily\n\ + where average > 80\norder by\n instance_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Instances with High Daily CPU Utilization diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml index 63640c82c..c0db9a6c7 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_daily_3.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query daily CPU utilization metrics of AWS EC2 instances. ID: aws_ec2_instance_metric_cpu_utilization_daily_3 -Title: "Find Daily CPU Utilization Metrics of AWS EC2 Instances" -Description: "Allows users to query daily CPU utilization metrics of AWS EC2 instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ec2_instance_metric_cpu_utilization_daily - where average < 1 - order by - instance_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_ec2_instance_metric_cpu_utilization_daily\n\ + where average < 1\norder by\n instance_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find Daily CPU Utilization Metrics of AWS EC2 Instances diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml index 62f46697f..e11b6f971 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_1.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS EC2 Instance CPU Utilization metrics on an + hourly basis. ID: aws_ec2_instance_metric_cpu_utilization_hourly_1 -Title: "Query AWS EC2 Instance CPU Utilization Metrics Hourly" -Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_ec2_instance_metric_cpu_utilization_hourly - order by - instance_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sample_count\nfrom\n aws_ec2_instance_metric_cpu_utilization_hourly\n\ + order by\n instance_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Instance +Title: Query AWS EC2 Instance CPU Utilization Metrics Hourly diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml index 001eada0b..3b98e4d2c 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_2.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS EC2 Instance CPU Utilization metrics on an + hourly basis. ID: aws_ec2_instance_metric_cpu_utilization_hourly_2 -Title: "Find all AWS EC2 Instance CPU Utilization hourly metrics" -Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ec2_instance_metric_cpu_utilization_hourly - where average > 80 - order by - instance_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_ec2_instance_metric_cpu_utilization_hourly\n\ + where average > 80\norder by\n instance_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find all AWS EC2 Instance CPU Utilization hourly metrics diff --git a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml index 6c20399e4..c199bdaa9 100755 --- a/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml +++ b/queries/aws_ec2_instance_metric_cpu_utilization_hourly_3.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS EC2 Instance CPU Utilization metrics on an + hourly basis. ID: aws_ec2_instance_metric_cpu_utilization_hourly_3 -Title: "Find EC2 Instance Hourly CPU Utilization Metrics in AWS" -Description: "Allows users to query AWS EC2 Instance CPU Utilization metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ec2_instance_metric_cpu_utilization_hourly - where average < 1 - order by - instance_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_ec2_instance_metric_cpu_utilization_hourly\n\ + where average < 1\norder by\n instance_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find EC2 Instance Hourly CPU Utilization Metrics in AWS diff --git a/queries/aws_ec2_instance_type_1.yaml b/queries/aws_ec2_instance_type_1.yaml index fb7fabd1b..59d2c5932 100755 --- a/queries/aws_ec2_instance_type_1.yaml +++ b/queries/aws_ec2_instance_type_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EC2 Instance Type data, including details about + instance type name, current generation, vCPU, memory, storage, and network performance. ID: aws_ec2_instance_type_1 -Title: "List all AWS EC2 Instance Type Data and Details" -Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - dedicated_hosts_supported - from - aws_ec2_instance_type - where - dedicated_hosts_supported; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_type,\n dedicated_hosts_supported\nfrom\n \ + \ aws_ec2_instance_type\nwhere\n dedicated_hosts_supported;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Instance Type +Title: List all AWS EC2 Instance Type Data and Details diff --git a/queries/aws_ec2_instance_type_2.yaml b/queries/aws_ec2_instance_type_2.yaml index 442db0b4c..357fc59d8 100755 --- a/queries/aws_ec2_instance_type_2.yaml +++ b/queries/aws_ec2_instance_type_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EC2 Instance Type data, including details about + instance type name, current generation, vCPU, memory, storage, and network performance. ID: aws_ec2_instance_type_2 -Title: "Find All AWS EC2 Instance Types and Recovery Support" -Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - auto_recovery_supported - from - aws_ec2_instance_type - where - not auto_recovery_supported; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_type,\n auto_recovery_supported\nfrom\n aws_ec2_instance_type\n\ + where\n not auto_recovery_supported;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Instance Type +Title: Find All AWS EC2 Instance Types and Recovery Support diff --git a/queries/aws_ec2_instance_type_3.yaml b/queries/aws_ec2_instance_type_3.yaml index 16e629a78..f1ef69129 100755 --- a/queries/aws_ec2_instance_type_3.yaml +++ b/queries/aws_ec2_instance_type_3.yaml @@ -1,32 +1,26 @@ +Description: Allows users to query AWS EC2 Instance Type data, including details about + instance type name, current generation, vCPU, memory, storage, and network performance. ID: aws_ec2_instance_type_3 -Title: "Find AWS EC2 Instance Types with Detailed Specs" -Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - dedicated_hosts_supported, - v_cpu_info -> 'DefaultCores' as default_cores, - v_cpu_info -> 'DefaultThreadsPerCore' as default_threads_per_core, - v_cpu_info -> 'DefaultVCpus' as default_vcpus, - v_cpu_info -> 'ValidCores' as valid_cores, - v_cpu_info -> 'ValidThreadsPerCore' as valid_threads_per_core - from - aws_ec2_instance_type - where - v_cpu_info ->> 'DefaultCores' > '24'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_type,\n dedicated_hosts_supported,\n v_cpu_info\ + \ -> 'DefaultCores' as default_cores,\n v_cpu_info -> 'DefaultThreadsPerCore'\ + \ as default_threads_per_core,\n v_cpu_info -> 'DefaultVCpus' as default_vcpus,\n\ + \ v_cpu_info -> 'ValidCores' as valid_cores,\n v_cpu_info -> 'ValidThreadsPerCore'\ + \ as valid_threads_per_core\nfrom\n aws_ec2_instance_type\nwhere\n v_cpu_info\ + \ ->> 'DefaultCores' > '24';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Instance Types with Detailed Specs diff --git a/queries/aws_ec2_instance_type_4.yaml b/queries/aws_ec2_instance_type_4.yaml index a074ca021..f6da717c4 100755 --- a/queries/aws_ec2_instance_type_4.yaml +++ b/queries/aws_ec2_instance_type_4.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS EC2 Instance Type data, including details about + instance type name, current generation, vCPU, memory, storage, and network performance. ID: aws_ec2_instance_type_4 -Title: "Find all AWS EC2 Instance Types with Unsupported Encryption" -Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - ebs_info ->> 'EncryptionSupport' as encryption_support - from - aws_ec2_instance_type - where - ebs_info ->> 'EncryptionSupport' = 'unsupported'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_type,\n ebs_info ->> 'EncryptionSupport' as\ + \ encryption_support\nfrom\n aws_ec2_instance_type\nwhere\n ebs_info ->> 'EncryptionSupport'\ + \ = 'unsupported';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find all AWS EC2 Instance Types with Unsupported Encryption diff --git a/queries/aws_ec2_instance_type_5.yaml b/queries/aws_ec2_instance_type_5.yaml index 9692c07e3..98154a11e 100755 --- a/queries/aws_ec2_instance_type_5.yaml +++ b/queries/aws_ec2_instance_type_5.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS EC2 Instance Type data, including details about + instance type name, current generation, vCPU, memory, storage, and network performance. ID: aws_ec2_instance_type_5 -Title: "List all AWS EC2 Instance Types with Free Tier Eligibility" -Description: "Allows users to query AWS EC2 Instance Type data, including details about instance type name, current generation, vCPU, memory, storage, and network performance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - free_tier_eligible - from - aws_ec2_instance_type - where - free_tier_eligible; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_type,\n free_tier_eligible\nfrom\n aws_ec2_instance_type\n\ + where\n free_tier_eligible;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Instance Types with Free Tier Eligibility diff --git a/queries/aws_ec2_key_pair_1.yaml b/queries/aws_ec2_key_pair_1.yaml index f6a28b660..b6491716d 100755 --- a/queries/aws_ec2_key_pair_1.yaml +++ b/queries/aws_ec2_key_pair_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS EC2 Key Pairs, providing information about + key pairs which are used to securely log into EC2 instances. ID: aws_ec2_key_pair_1 -Title: "List all AWS EC2 Key Pairs with Name and ID" -Description: "Allows users to query AWS EC2 Key Pairs, providing information about key pairs which are used to securely log into EC2 instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key_name, - key_pair_id, - region - from - aws_ec2_key_pair; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key_name,\n key_pair_id,\n region\nfrom\n aws_ec2_key_pair;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Key Pairs with Name and ID diff --git a/queries/aws_ec2_key_pair_2.yaml b/queries/aws_ec2_key_pair_2.yaml index 1a2245847..b9c671a75 100755 --- a/queries/aws_ec2_key_pair_2.yaml +++ b/queries/aws_ec2_key_pair_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS EC2 Key Pairs, providing information about + key pairs which are used to securely log into EC2 instances. ID: aws_ec2_key_pair_2 -Title: "List all AWS EC2 Key Pairs to Securely Log Into EC2 Instances" -Description: "Allows users to query AWS EC2 Key Pairs, providing information about key pairs which are used to securely log into EC2 instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key_name, - tags - from - aws_ec2_key_pair - where - not tags :: JSONB ? 'owner'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key_name,\n tags\nfrom\n aws_ec2_key_pair\nwhere\n\ + \ not tags :: JSONB ? 'owner';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Key Pairs +Title: List all AWS EC2 Key Pairs to Securely Log Into EC2 Instances diff --git a/queries/aws_ec2_launch_configuration_1.yaml b/queries/aws_ec2_launch_configuration_1.yaml index 95a85ca68..3f5717897 100755 --- a/queries/aws_ec2_launch_configuration_1.yaml +++ b/queries/aws_ec2_launch_configuration_1.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS EC2 Launch Configurations to gain insights + into their configurations, metadata, and associated instances. ID: aws_ec2_launch_configuration_1 -Title: "List all AWS EC2 Launch Configurations and Metadata" -Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - associate_public_ip_address, - ebs_optimized, - image_id, - instance_monitoring_enabled, - instance_type, - key_name - from - aws_ec2_launch_configuration; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_time,\n associate_public_ip_address,\n\ + \ ebs_optimized,\n image_id,\n instance_monitoring_enabled,\n instance_type,\n\ + \ key_name\nfrom\n aws_ec2_launch_configuration;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Launch Configurations and Metadata diff --git a/queries/aws_ec2_launch_configuration_2.yaml b/queries/aws_ec2_launch_configuration_2.yaml index 0c1112614..5ff06ca72 100755 --- a/queries/aws_ec2_launch_configuration_2.yaml +++ b/queries/aws_ec2_launch_configuration_2.yaml @@ -1,23 +1,19 @@ +Description: Allows users to query AWS EC2 Launch Configurations to gain insights + into their configurations, metadata, and associated instances. ID: aws_ec2_launch_configuration_2 -Title: "List all AWS EC2 Launch Configurations and Metadata" -Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - iam_instance_profile - from - aws_ec2_launch_configuration; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n iam_instance_profile\nfrom\n aws_ec2_launch_configuration;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Launch Configurations and Metadata diff --git a/queries/aws_ec2_launch_configuration_3.yaml b/queries/aws_ec2_launch_configuration_3.yaml index e84ab47b1..19984b77e 100755 --- a/queries/aws_ec2_launch_configuration_3.yaml +++ b/queries/aws_ec2_launch_configuration_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EC2 Launch Configurations to gain insights + into their configurations, metadata, and associated instances. ID: aws_ec2_launch_configuration_3 -Title: "Find AWS EC2 Launch Configurations and Metadata" -Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - associate_public_ip_address - from - aws_ec2_launch_configuration - where - associate_public_ip_address; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n associate_public_ip_address\nfrom\n aws_ec2_launch_configuration\n\ + where\n associate_public_ip_address;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Launch Configurations and Metadata diff --git a/queries/aws_ec2_launch_configuration_4.yaml b/queries/aws_ec2_launch_configuration_4.yaml index 2c18d0c39..943c81ad7 100755 --- a/queries/aws_ec2_launch_configuration_4.yaml +++ b/queries/aws_ec2_launch_configuration_4.yaml @@ -1,23 +1,20 @@ +Description: Allows users to query AWS EC2 Launch Configurations to gain insights + into their configurations, metadata, and associated instances. ID: aws_ec2_launch_configuration_4 -Title: "Find AWS EC2 Launch Configurations and Security Groups" -Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_array_elements_text(security_groups) as security_groups - from - aws_ec2_launch_configuration; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n jsonb_array_elements_text(security_groups) as\ + \ security_groups\nfrom\n aws_ec2_launch_configuration;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Launch Configurations and Security Groups diff --git a/queries/aws_ec2_launch_configuration_5.yaml b/queries/aws_ec2_launch_configuration_5.yaml index bdbec730b..d184d1974 100755 --- a/queries/aws_ec2_launch_configuration_5.yaml +++ b/queries/aws_ec2_launch_configuration_5.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS EC2 Launch Configurations to gain insights + into their configurations, metadata, and associated instances. ID: aws_ec2_launch_configuration_5 -Title: "Find AWS EC2 Launch Configurations With Sensitive Data" -Description: "Allows users to query AWS EC2 Launch Configurations to gain insights into their configurations, metadata, and associated instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - user_data - from - aws_ec2_launch_configuration - where - user_data like any (array ['%pass%', '%secret%','%token%','%key%']) - or user_data ~ '(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n user_data\nfrom\n aws_ec2_launch_configuration\n\ + where\n user_data like any (array ['%pass%', '%secret%','%token%','%key%'])\n\ + \ or user_data ~ '(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[@$!%*?&])[A-Za-z\\d@$!%*?&]';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Launch Configurations With Sensitive Data diff --git a/queries/aws_ec2_launch_template_1.yaml b/queries/aws_ec2_launch_template_1.yaml index c9eb90c70..893d364af 100755 --- a/queries/aws_ec2_launch_template_1.yaml +++ b/queries/aws_ec2_launch_template_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS EC2 Launch Templates to retrieve detailed information, + including the associated AMI, instance type, key pair, security groups, and user + data. ID: aws_ec2_launch_template_1 -Title: "List all AWS EC2 Launch Templates and Details" -Description: "Allows users to query AWS EC2 Launch Templates to retrieve detailed information, including the associated AMI, instance type, key pair, security groups, and user data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - created_time, - created_by, - default_version_number, - latest_version_number - from - aws_ec2_launch_template; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n launch_template_name,\n launch_template_id,\n created_time,\n\ + \ created_by,\n default_version_number,\n latest_version_number\nfrom\n aws_ec2_launch_template;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Launch Templates and Details diff --git a/queries/aws_ec2_launch_template_2.yaml b/queries/aws_ec2_launch_template_2.yaml index daaaca50e..672832e04 100755 --- a/queries/aws_ec2_launch_template_2.yaml +++ b/queries/aws_ec2_launch_template_2.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS EC2 Launch Templates to retrieve detailed information, + including the associated AMI, instance type, key pair, security groups, and user + data. ID: aws_ec2_launch_template_2 -Title: "Find AWS EC2 Launch Templates with detailed information" -Description: "Allows users to query AWS EC2 Launch Templates to retrieve detailed information, including the associated AMI, instance type, key pair, security groups, and user data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - create_time, - created_by - from - aws_ec2_launch_template - where - created_by like '%turbot'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n launch_template_name,\n launch_template_id,\n create_time,\n\ + \ created_by\nfrom\n aws_ec2_launch_template\nwhere\n created_by like '%turbot';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Launch Templates +Title: Find AWS EC2 Launch Templates with detailed information diff --git a/queries/aws_ec2_launch_template_3.yaml b/queries/aws_ec2_launch_template_3.yaml index 38a0b409f..c0ec7e607 100755 --- a/queries/aws_ec2_launch_template_3.yaml +++ b/queries/aws_ec2_launch_template_3.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS EC2 Launch Templates to retrieve detailed information, + including the associated AMI, instance type, key pair, security groups, and user + data. ID: aws_ec2_launch_template_3 -Title: "List all AWS EC2 Launch Templates with Details" -Description: "Allows users to query AWS EC2 Launch Templates to retrieve detailed information, including the associated AMI, instance type, key pair, security groups, and user data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - create_time - from - aws_ec2_launch_template - where - create_time >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n launch_template_name,\n launch_template_id,\n create_time\n\ + from\n aws_ec2_launch_template\nwhere\n create_time >= now() - interval '30'\ + \ day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Launch Templates with Details diff --git a/queries/aws_ec2_launch_template_version_1.yaml b/queries/aws_ec2_launch_template_version_1.yaml index ede3e7f84..474536bbc 100755 --- a/queries/aws_ec2_launch_template_version_1.yaml +++ b/queries/aws_ec2_launch_template_version_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS EC2 Launch Template Versions, providing details + about each version of an Amazon EC2 launch template. ID: aws_ec2_launch_template_version_1 -Title: "List all AWS EC2 Launch Template Versions and their Details" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - created_by, - default_version, - version_description, - version_number - from - aws_ec2_launch_template_version; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n launch_template_name,\n launch_template_id,\n created_by,\n\ + \ default_version,\n version_description,\n version_number\nfrom\n aws_ec2_launch_template_version;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Launch Template Versions and their Details diff --git a/queries/aws_ec2_launch_template_version_2.yaml b/queries/aws_ec2_launch_template_version_2.yaml index 1a13f69c9..0bf4c83d0 100755 --- a/queries/aws_ec2_launch_template_version_2.yaml +++ b/queries/aws_ec2_launch_template_version_2.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS EC2 Launch Template Versions, providing details + about each version of an Amazon EC2 launch template. ID: aws_ec2_launch_template_version_2 -Title: "List AWS EC2 Launch Template Version Details" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - create_time, - created_by, - version_description, - version_number - from - aws_ec2_launch_template_version - where - created_by like '%turbot'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n launch_template_name,\n launch_template_id,\n create_time,\n\ + \ created_by,\n version_description,\n version_number\nfrom\n aws_ec2_launch_template_version\n\ + where\n created_by like '%turbot';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List AWS EC2 Launch Template Version Details diff --git a/queries/aws_ec2_launch_template_version_3.yaml b/queries/aws_ec2_launch_template_version_3.yaml index 62273cd23..106a2b22d 100755 --- a/queries/aws_ec2_launch_template_version_3.yaml +++ b/queries/aws_ec2_launch_template_version_3.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS EC2 Launch Template Versions, providing details + about each version of an Amazon EC2 launch template. ID: aws_ec2_launch_template_version_3 -Title: "Find AWS EC2 Launch Template Versions Details" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - create_time, - default_version, - version_number - from - aws_ec2_launch_template_version - where - create_time >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n launch_template_name,\n launch_template_id,\n create_time,\n\ + \ default_version,\n version_number\nfrom\n aws_ec2_launch_template_version\n\ + where\n create_time >= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Launch Template Versions Details diff --git a/queries/aws_ec2_launch_template_version_4.yaml b/queries/aws_ec2_launch_template_version_4.yaml index c76a94bb0..585bf81fa 100755 --- a/queries/aws_ec2_launch_template_version_4.yaml +++ b/queries/aws_ec2_launch_template_version_4.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS EC2 Launch Template Versions, providing details + about each version of an Amazon EC2 launch template. ID: aws_ec2_launch_template_version_4 -Title: "List all AWS EC2 Launch Template Versions" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - create_time, - default_version, - version_number - from - aws_ec2_launch_template_version - where - default_version; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n launch_template_name,\n launch_template_id,\n create_time,\n\ + \ default_version,\n version_number\nfrom\n aws_ec2_launch_template_version\n\ + where\n default_version;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EC2 +Title: List all AWS EC2 Launch Template Versions diff --git a/queries/aws_ec2_launch_template_version_5.yaml b/queries/aws_ec2_launch_template_version_5.yaml index 96c1eaf8d..df087661a 100755 --- a/queries/aws_ec2_launch_template_version_5.yaml +++ b/queries/aws_ec2_launch_template_version_5.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS EC2 Launch Template Versions, providing details + about each version of an Amazon EC2 launch template. ID: aws_ec2_launch_template_version_5 -Title: "List all AWS EC2 Launch Template Versions" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_id, - count(version_number) as number_of_versions - from - aws_ec2_launch_template_version - group by - launch_template_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n launch_template_id,\n count(version_number) as number_of_versions\n\ + from\n aws_ec2_launch_template_version\ngroup by\n launch_template_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Launch Template Versions diff --git a/queries/aws_ec2_launch_template_version_6.yaml b/queries/aws_ec2_launch_template_version_6.yaml index c0f602014..3c5381e92 100755 --- a/queries/aws_ec2_launch_template_version_6.yaml +++ b/queries/aws_ec2_launch_template_version_6.yaml @@ -1,51 +1,42 @@ +Description: Allows users to query AWS EC2 Launch Template Versions, providing details + about each version of an Amazon EC2 launch template. ID: aws_ec2_launch_template_version_6 -Title: "List AWS EC2 Launch Template Versions with Details" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - version_number, - launch_template_data -> 'BlockDeviceMappings' as block_device_mappings, - launch_template_data -> 'CapacityReservationSpecification' as capacity_reservation_specification, - launch_template_data -> 'CpuOptions' as cpu_options, - launch_template_data -> 'CreditSpecification' as credit_specification, - launch_template_data -> 'DisableApiStop' as disable_api_stop, - launch_template_data -> 'DisableApiTermination' as disable_api_termination, - launch_template_data -> 'EbsOptimized' as ebs_optimized, - launch_template_data -> 'ElasticGpuSpecifications' as elastic_gpu_specifications, - launch_template_data -> 'ElasticInferenceAccelerators' as elastic_inference_accelerators, - launch_template_data -> 'EnclaveOptions' as enclave_options, - launch_template_data -> 'IamInstanceProfile' as iam_instance_profile, - launch_template_data -> 'ImageId' as image_id, - launch_template_data -> 'InstanceInitiatedShutdownBehavior' as instance_initiated_shutdown_behavior, - launch_template_data -> 'InstanceRequirements' as instance_requirements, - launch_template_data -> 'InstanceType' as instance_type, - launch_template_data -> 'KernelId' as kernel_id, - launch_template_data -> 'LicenseSpecifications' as license_specifications, - launch_template_data -> 'MaintenanceOptions' as maintenance_options, - launch_template_data -> 'MetadataOptions' as metadata_options, - launch_template_data -> 'Monitoring' as monitoring, - launch_template_data -> 'NetworkInterfaces' as network_interfaces, - launch_template_data -> 'PrivateDnsNameOptions' as private_dns_name_options, - launch_template_data -> 'RamDiskId' as ram_disk_id, - launch_template_data -> 'SecurityGroupIds' as security_group_ids, - launch_template_data -> 'SecurityGroups' as security_groups, - launch_template_data -> 'TagSpecifications' as tag_specifications, - launch_template_data -> 'UserData' as user_data - from - aws_ec2_launch_template_version; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n launch_template_name,\n launch_template_id,\n version_number,\n\ + \ launch_template_data -> 'BlockDeviceMappings' as block_device_mappings,\n \ + \ launch_template_data -> 'CapacityReservationSpecification' as capacity_reservation_specification,\n\ + \ launch_template_data -> 'CpuOptions' as cpu_options,\n launch_template_data\ + \ -> 'CreditSpecification' as credit_specification,\n launch_template_data ->\ + \ 'DisableApiStop' as disable_api_stop,\n launch_template_data -> 'DisableApiTermination'\ + \ as disable_api_termination,\n launch_template_data -> 'EbsOptimized' as ebs_optimized,\n\ + \ launch_template_data -> 'ElasticGpuSpecifications' as elastic_gpu_specifications,\n\ + \ launch_template_data -> 'ElasticInferenceAccelerators' as elastic_inference_accelerators,\n\ + \ launch_template_data -> 'EnclaveOptions' as enclave_options,\n launch_template_data\ + \ -> 'IamInstanceProfile' as iam_instance_profile,\n launch_template_data ->\ + \ 'ImageId' as image_id,\n launch_template_data -> 'InstanceInitiatedShutdownBehavior'\ + \ as instance_initiated_shutdown_behavior,\n launch_template_data -> 'InstanceRequirements'\ + \ as instance_requirements,\n launch_template_data -> 'InstanceType' as instance_type,\n\ + \ launch_template_data -> 'KernelId' as kernel_id,\n launch_template_data ->\ + \ 'LicenseSpecifications' as license_specifications,\n launch_template_data ->\ + \ 'MaintenanceOptions' as maintenance_options,\n launch_template_data -> 'MetadataOptions'\ + \ as metadata_options,\n launch_template_data -> 'Monitoring' as monitoring,\n\ + \ launch_template_data -> 'NetworkInterfaces' as network_interfaces,\n launch_template_data\ + \ -> 'PrivateDnsNameOptions' as private_dns_name_options,\n launch_template_data\ + \ -> 'RamDiskId' as ram_disk_id,\n launch_template_data -> 'SecurityGroupIds'\ + \ as security_group_ids,\n launch_template_data -> 'SecurityGroups' as security_groups,\n\ + \ launch_template_data -> 'TagSpecifications' as tag_specifications,\n launch_template_data\ + \ -> 'UserData' as user_data\nfrom\n aws_ec2_launch_template_version;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List AWS EC2 Launch Template Versions with Details diff --git a/queries/aws_ec2_launch_template_version_7.yaml b/queries/aws_ec2_launch_template_version_7.yaml index 80a7e247d..3847a1dc0 100755 --- a/queries/aws_ec2_launch_template_version_7.yaml +++ b/queries/aws_ec2_launch_template_version_7.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS EC2 Launch Template Versions, providing details + about each version of an Amazon EC2 launch template. ID: aws_ec2_launch_template_version_7 -Title: "List all AWS EC2 Launch Template Versions and Details" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - version_number, - version_description, - ebs_optimized - from - aws_ec2_launch_template_version - where - ebs_optimized; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n launch_template_name,\n launch_template_id,\n version_number,\n\ + \ version_description,\n ebs_optimized\nfrom\n aws_ec2_launch_template_version\n\ + where\n ebs_optimized;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Launch Template Versions and Details diff --git a/queries/aws_ec2_launch_template_version_8.yaml b/queries/aws_ec2_launch_template_version_8.yaml index cc43813a9..896055869 100755 --- a/queries/aws_ec2_launch_template_version_8.yaml +++ b/queries/aws_ec2_launch_template_version_8.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS EC2 Launch Template Versions, providing details + about each version of an Amazon EC2 launch template. ID: aws_ec2_launch_template_version_8 -Title: "List all AWS EC2 Launch Template Versions" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - version_number, - version_description, - disable_api_termination - from - aws_ec2_launch_template_version - where - disable_api_termination; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n launch_template_name,\n launch_template_id,\n version_number,\n\ + \ version_description,\n disable_api_termination\nfrom\n aws_ec2_launch_template_version\n\ + where\n disable_api_termination;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Launch Template Versions diff --git a/queries/aws_ec2_launch_template_version_9.yaml b/queries/aws_ec2_launch_template_version_9.yaml index f84e36c4b..72675d247 100755 --- a/queries/aws_ec2_launch_template_version_9.yaml +++ b/queries/aws_ec2_launch_template_version_9.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS EC2 Launch Template Versions, providing details + about each version of an Amazon EC2 launch template. ID: aws_ec2_launch_template_version_9 -Title: "Find AWS EC2 Launch Template Versions and Details" -Description: "Allows users to query AWS EC2 Launch Template Versions, providing details about each version of an Amazon EC2 launch template." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - launch_template_name, - launch_template_id, - version_number, - disable_api_stop - from - aws_ec2_launch_template_version - where - disable_api_stop; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n launch_template_name,\n launch_template_id,\n version_number,\n\ + \ disable_api_stop\nfrom\n aws_ec2_launch_template_version\nwhere\n disable_api_stop;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Launch Template Versions and Details diff --git a/queries/aws_ec2_load_balancer_listener_1.yaml b/queries/aws_ec2_load_balancer_listener_1.yaml index afe2ccf6d..066132751 100755 --- a/queries/aws_ec2_load_balancer_listener_1.yaml +++ b/queries/aws_ec2_load_balancer_listener_1.yaml @@ -1,25 +1,19 @@ +Description: Allows users to query AWS EC2 Load Balancer Listener data, which provides + information about listeners for an Application Load Balancer or Network Load Balancer. ID: aws_ec2_load_balancer_listener_1 -Title: "Find AWS EC2 Load Balancer Listeners" -Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - port, - protocol - from - aws_ec2_load_balancer_listener; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n port,\n protocol\nfrom\n aws_ec2_load_balancer_listener;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Load Balancer +Title: Find AWS EC2 Load Balancer Listeners diff --git a/queries/aws_ec2_load_balancer_listener_2.yaml b/queries/aws_ec2_load_balancer_listener_2.yaml index 521725e5a..02184dc6f 100755 --- a/queries/aws_ec2_load_balancer_listener_2.yaml +++ b/queries/aws_ec2_load_balancer_listener_2.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query AWS EC2 Load Balancer Listener data, which provides + information about listeners for an Application Load Balancer or Network Load Balancer. ID: aws_ec2_load_balancer_listener_2 -Title: "List all AWS EC2 Load Balancer Listeners" -Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - action ->> 'AuthenticateCognitoConfig' as authenticate_cognito_config, - action ->> 'AuthenticateOidcConfig' as authenticate_Oidc_config, - action ->> 'FixedResponseConfig' as fixed_response_config, - action -> 'ForwardConfig' -> 'TargetGroupStickinessConfig' ->> 'DurationSeconds' as duration_seconds, - action -> 'ForwardConfig' -> 'TargetGroupStickinessConfig' ->> 'Enabled' as target_group_stickiness_config_enabled - from - aws_ec2_load_balancer_listener - cross join jsonb_array_elements(default_actions) as action; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n action ->> 'AuthenticateCognitoConfig'\ + \ as authenticate_cognito_config,\n action ->> 'AuthenticateOidcConfig' as authenticate_Oidc_config,\n\ + \ action ->> 'FixedResponseConfig' as fixed_response_config,\n action -> 'ForwardConfig'\ + \ -> 'TargetGroupStickinessConfig' ->> 'DurationSeconds' as duration_seconds,\n\ + \ action -> 'ForwardConfig' -> 'TargetGroupStickinessConfig' ->> 'Enabled' as\ + \ target_group_stickiness_config_enabled\nfrom\n aws_ec2_load_balancer_listener\n\ + \ cross join jsonb_array_elements(default_actions) as action;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Load Balancer Listeners diff --git a/queries/aws_ec2_load_balancer_listener_3.yaml b/queries/aws_ec2_load_balancer_listener_3.yaml index bc5adf202..70f970c87 100755 --- a/queries/aws_ec2_load_balancer_listener_3.yaml +++ b/queries/aws_ec2_load_balancer_listener_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS EC2 Load Balancer Listener data, which provides + information about listeners for an Application Load Balancer or Network Load Balancer. ID: aws_ec2_load_balancer_listener_3 -Title: "Find AWS EC2 Load Balancer Listeners by Protocol" -Description: "Allows users to query AWS EC2 Load Balancer Listener data, which provides information about listeners for an Application Load Balancer or Network Load Balancer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - port, - protocol - from - aws_ec2_load_balancer_listener - where - protocol = 'HTTP'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n port,\n protocol\nfrom\n aws_ec2_load_balancer_listener\n\ + where\n protocol = 'HTTP';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Load Balancer +Title: Find AWS EC2 Load Balancer Listeners by Protocol diff --git a/queries/aws_ec2_load_balancer_listener_rule_1.yaml b/queries/aws_ec2_load_balancer_listener_rule_1.yaml index fba5ab5b7..5b8da2864 100755 --- a/queries/aws_ec2_load_balancer_listener_rule_1.yaml +++ b/queries/aws_ec2_load_balancer_listener_rule_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS EC2 Load Balancer Listener Rules, providing + detailed information on rule actions, conditions, and priority. ID: aws_ec2_load_balancer_listener_rule_1 -Title: "Find AWS EC2 Load Balancer Listener Rules Details" -Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - listener_arn, - priority, - is_default, - region - from - aws_ec2_load_balancer_listener_rule - where - arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789098:listener-rule/app/test53333/f7cc8cdc44ff910b/c9418b57592205f0/a8fe6d8842838dfa'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n listener_arn,\n priority,\n is_default,\n \ + \ region\nfrom\n aws_ec2_load_balancer_listener_rule\nwhere\n arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789098:listener-rule/app/test53333/f7cc8cdc44ff910b/c9418b57592205f0/a8fe6d8842838dfa';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Load Balancer +Title: Find AWS EC2 Load Balancer Listener Rules Details diff --git a/queries/aws_ec2_load_balancer_listener_rule_2.yaml b/queries/aws_ec2_load_balancer_listener_rule_2.yaml index 27248719b..bdd11830f 100755 --- a/queries/aws_ec2_load_balancer_listener_rule_2.yaml +++ b/queries/aws_ec2_load_balancer_listener_rule_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS EC2 Load Balancer Listener Rules, providing + detailed information on rule actions, conditions, and priority. ID: aws_ec2_load_balancer_listener_rule_2 -Title: "Find AWS EC2 Load Balancer Listener Rules: Actions & Conditions" -Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - priority, - is_default, - actions, - conditions - from - aws_ec2_load_balancer_listener_rule - where - listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n priority,\n is_default,\n actions,\n conditions\n\ + from\n aws_ec2_load_balancer_listener_rule\nwhere\n listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272';" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Load Balancer +Title: 'Find AWS EC2 Load Balancer Listener Rules: Actions & Conditions' diff --git a/queries/aws_ec2_load_balancer_listener_rule_3.yaml b/queries/aws_ec2_load_balancer_listener_rule_3.yaml index efe2d7975..308395455 100755 --- a/queries/aws_ec2_load_balancer_listener_rule_3.yaml +++ b/queries/aws_ec2_load_balancer_listener_rule_3.yaml @@ -1,35 +1,26 @@ +Description: Allows users to query AWS EC2 Load Balancer Listener Rules, providing + detailed information on rule actions, conditions, and priority. ID: aws_ec2_load_balancer_listener_rule_3 -Title: "Find All AWS EC2 Load Balancer Listener Rules Details" -Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - a ->> 'Type' as action_type, - a ->> 'Order' as action_order, - a ->> 'TargetGroupArn' as target_group_arn, - a -> 'RedirectConfig' as redirect_config, - a -> 'ForwardConfig' as forward_config, - a -> 'FixedResponseConfig' as fixed_response_config, - a -> 'AuthenticateOidcConfig' as authenticate_oidc_config, - a -> 'AuthenticateCognitoConfig' as authenticate_cognito_config - from - aws_ec2_load_balancer_listener_rule, - jsonb_array_elements(actions) as a - where - listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n a ->> 'Type' as action_type,\n a ->> 'Order'\ + \ as action_order,\n a ->> 'TargetGroupArn' as target_group_arn,\n a -> 'RedirectConfig'\ + \ as redirect_config,\n a -> 'ForwardConfig' as forward_config,\n a -> 'FixedResponseConfig'\ + \ as fixed_response_config,\n a -> 'AuthenticateOidcConfig' as authenticate_oidc_config,\n\ + \ a -> 'AuthenticateCognitoConfig' as authenticate_cognito_config\nfrom\n aws_ec2_load_balancer_listener_rule,\n\ + \ jsonb_array_elements(actions) as a\nwhere\n listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Load Balancer +Title: Find All AWS EC2 Load Balancer Listener Rules Details diff --git a/queries/aws_ec2_load_balancer_listener_rule_4.yaml b/queries/aws_ec2_load_balancer_listener_rule_4.yaml index c0df506ca..8b758b293 100755 --- a/queries/aws_ec2_load_balancer_listener_rule_4.yaml +++ b/queries/aws_ec2_load_balancer_listener_rule_4.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS EC2 Load Balancer Listener Rules, providing + detailed information on rule actions, conditions, and priority. ID: aws_ec2_load_balancer_listener_rule_4 -Title: "List all AWS EC2 Load Balancer Listener Rules" -Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - listener_arn, - priority - from - aws_ec2_load_balancer_listener_rule - where - listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272' - and is_default = true; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n listener_arn,\n priority\nfrom\n aws_ec2_load_balancer_listener_rule\n\ + where\n listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272'\n\ + \ and is_default = true;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Load Balancer +Title: List all AWS EC2 Load Balancer Listener Rules diff --git a/queries/aws_ec2_load_balancer_listener_rule_5.yaml b/queries/aws_ec2_load_balancer_listener_rule_5.yaml index d4239f1f8..64966a226 100755 --- a/queries/aws_ec2_load_balancer_listener_rule_5.yaml +++ b/queries/aws_ec2_load_balancer_listener_rule_5.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS EC2 Load Balancer Listener Rules, providing + detailed information on rule actions, conditions, and priority. ID: aws_ec2_load_balancer_listener_rule_5 -Title: "List all AWS EC2 Load Balancer Listener Rules" -Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.arn, - r.listener_arn, - l.load_balancer_arn, - l.protocol as listener_protocol, - l.ssl_policy, - r.priority, - r.is_default, - r.actions, - r.conditions - from - aws_ec2_load_balancer_listener_rule as r - join aws_ec2_load_balancer_listener as l on r.listener_arn = l.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.arn,\n r.listener_arn,\n l.load_balancer_arn,\n \ + \ l.protocol as listener_protocol,\n l.ssl_policy,\n r.priority,\n r.is_default,\n\ + \ r.actions,\n r.conditions\nfrom\n aws_ec2_load_balancer_listener_rule as\ + \ r\n join aws_ec2_load_balancer_listener as l on r.listener_arn = l.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Load Balancer Listener Rules diff --git a/queries/aws_ec2_load_balancer_listener_rule_6.yaml b/queries/aws_ec2_load_balancer_listener_rule_6.yaml index 0da282a28..24f9e9675 100755 --- a/queries/aws_ec2_load_balancer_listener_rule_6.yaml +++ b/queries/aws_ec2_load_balancer_listener_rule_6.yaml @@ -1,35 +1,24 @@ +Description: Allows users to query AWS EC2 Load Balancer Listener Rules, providing + detailed information on rule actions, conditions, and priority. ID: aws_ec2_load_balancer_listener_rule_6 -Title: "List AWS EC2 Load Balancer Listener Rules with Conditions & Actions" -Description: "Allows users to query AWS EC2 Load Balancer Listener Rules, providing detailed information on rule actions, conditions, and priority." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.arn, - r.listener_arn, - l.load_balancer_arn, - l.protocol as listener_protocol, - l.ssl_policy, - a.canonical_hosted_zone_id, - a.dns_name, - a.ip_address_type, - r.priority, - r.is_default, - r.actions, - r.conditions - from - aws_ec2_load_balancer_listener_rule as r - join aws_ec2_load_balancer_listener as l on r.listener_arn = l.arn - join aws_ec2_application_load_balancer as a on l.load_balancer_arn = a.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.arn,\n r.listener_arn,\n l.load_balancer_arn,\n \ + \ l.protocol as listener_protocol,\n l.ssl_policy,\n a.canonical_hosted_zone_id,\n\ + \ a.dns_name,\n a.ip_address_type,\n r.priority,\n r.is_default,\n r.actions,\n\ + \ r.conditions\nfrom\n aws_ec2_load_balancer_listener_rule as r\n join aws_ec2_load_balancer_listener\ + \ as l on r.listener_arn = l.arn\n join aws_ec2_application_load_balancer as\ + \ a on l.load_balancer_arn = a.arn;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List AWS EC2 Load Balancer Listener Rules with Conditions & Actions diff --git a/queries/aws_ec2_managed_prefix_list_1.yaml b/queries/aws_ec2_managed_prefix_list_1.yaml index 20db78cfa..7566e885e 100755 --- a/queries/aws_ec2_managed_prefix_list_1.yaml +++ b/queries/aws_ec2_managed_prefix_list_1.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS EC2 Managed Prefix Lists, providing information + about IP address ranges (CIDRs), permissions, and associated metadata. ID: aws_ec2_managed_prefix_list_1 -Title: "List AWS EC2 Managed Prefix Lists and Metadata" -Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - state, - owner_id - from - aws_ec2_managed_prefix_list; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n state,\n owner_id\nfrom\n aws_ec2_managed_prefix_list;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List AWS EC2 Managed Prefix Lists and Metadata diff --git a/queries/aws_ec2_managed_prefix_list_2.yaml b/queries/aws_ec2_managed_prefix_list_2.yaml index 9ab9bb813..ed71a4f04 100755 --- a/queries/aws_ec2_managed_prefix_list_2.yaml +++ b/queries/aws_ec2_managed_prefix_list_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS EC2 Managed Prefix Lists, providing information + about IP address ranges (CIDRs), permissions, and associated metadata. ID: aws_ec2_managed_prefix_list_2 -Title: "List all AWS EC2 Managed Prefix Lists with SQL" -Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - state, - owner_id - from - aws_ec2_managed_prefix_list - where - owner_id <> 'AWS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n state,\n owner_id\nfrom\n aws_ec2_managed_prefix_list\n\ + where\n owner_id <> 'AWS';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Managed Prefix Lists with SQL diff --git a/queries/aws_ec2_managed_prefix_list_3.yaml b/queries/aws_ec2_managed_prefix_list_3.yaml index 8a46d3de9..1e0904626 100755 --- a/queries/aws_ec2_managed_prefix_list_3.yaml +++ b/queries/aws_ec2_managed_prefix_list_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS EC2 Managed Prefix Lists, providing information + about IP address ranges (CIDRs), permissions, and associated metadata. ID: aws_ec2_managed_prefix_list_3 -Title: "Find AWS EC2 Managed Prefix Lists by IP Address Family" -Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - address_family - from - aws_ec2_managed_prefix_list - where - address_family = 'IPv6'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n address_family\nfrom\n aws_ec2_managed_prefix_list\n\ + where\n address_family = 'IPv6';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Managed Prefix Lists by IP Address Family diff --git a/queries/aws_ec2_managed_prefix_list_4.yaml b/queries/aws_ec2_managed_prefix_list_4.yaml index 39bdff493..7975fbc07 100755 --- a/queries/aws_ec2_managed_prefix_list_4.yaml +++ b/queries/aws_ec2_managed_prefix_list_4.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS EC2 Managed Prefix Lists, providing information + about IP address ranges (CIDRs), permissions, and associated metadata. ID: aws_ec2_managed_prefix_list_4 -Title: "List AWS EC2 Managed Prefix List Details" -Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - state, - owner_id - from - aws_ec2_managed_prefix_list - where - id in ('pl-03a3e735e3467c0c4', 'pl-4ca54025'); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n state,\n owner_id\nfrom\n aws_ec2_managed_prefix_list\n\ + where\n id in ('pl-03a3e735e3467c0c4', 'pl-4ca54025');" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List AWS EC2 Managed Prefix List Details diff --git a/queries/aws_ec2_managed_prefix_list_5.yaml b/queries/aws_ec2_managed_prefix_list_5.yaml index bbc3382a4..3c23fa558 100755 --- a/queries/aws_ec2_managed_prefix_list_5.yaml +++ b/queries/aws_ec2_managed_prefix_list_5.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS EC2 Managed Prefix Lists, providing information + about IP address ranges (CIDRs), permissions, and associated metadata. ID: aws_ec2_managed_prefix_list_5 -Title: "List all AWS EC2 Managed Prefix Lists with details" -Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - state, - owner_id - from - aws_ec2_managed_prefix_list - where - name in ('testPrefix', 'com.amazonaws.us-east-2.dynamodb'); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n state,\n owner_id\nfrom\n aws_ec2_managed_prefix_list\n\ + where\n name in ('testPrefix', 'com.amazonaws.us-east-2.dynamodb');" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Managed Prefix Lists with details diff --git a/queries/aws_ec2_managed_prefix_list_6.yaml b/queries/aws_ec2_managed_prefix_list_6.yaml index bed245fe0..fec10ffce 100755 --- a/queries/aws_ec2_managed_prefix_list_6.yaml +++ b/queries/aws_ec2_managed_prefix_list_6.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS EC2 Managed Prefix Lists, providing information + about IP address ranges (CIDRs), permissions, and associated metadata. ID: aws_ec2_managed_prefix_list_6 -Title: "Find AWS EC2 Managed Prefix Lists with permissions" -Description: "Allows users to query AWS EC2 Managed Prefix Lists, providing information about IP address ranges (CIDRs), permissions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - state, - owner_id - from - aws_ec2_managed_prefix_list - where - owner_id = '632901234528'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n state,\n owner_id\nfrom\n aws_ec2_managed_prefix_list\n\ + where\n owner_id = '632901234528';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Managed Prefix Lists with permissions diff --git a/queries/aws_ec2_managed_prefix_list_entry_1.yaml b/queries/aws_ec2_managed_prefix_list_entry_1.yaml index 44460b45e..9f5d1229c 100755 --- a/queries/aws_ec2_managed_prefix_list_entry_1.yaml +++ b/queries/aws_ec2_managed_prefix_list_entry_1.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS EC2 Managed Prefix List Entries, providing + details such as the CIDR block, description, and the prefix list ID. This table + is useful for understanding the IP address ranges included in a managed prefix list. ID: aws_ec2_managed_prefix_list_entry_1 -Title: "List AWS EC2 Managed Prefix List Entry Details" -Description: "Allows users to query AWS EC2 Managed Prefix List Entries, providing details such as the CIDR block, description, and the prefix list ID. This table is useful for understanding the IP address ranges included in a managed prefix list." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - prefix_list_id, - cidr, - description - from - aws_ec2_managed_prefix_list_entry; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n prefix_list_id,\n cidr,\n description\nfrom\n aws_ec2_managed_prefix_list_entry;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List AWS EC2 Managed Prefix List Entry Details diff --git a/queries/aws_ec2_managed_prefix_list_entry_2.yaml b/queries/aws_ec2_managed_prefix_list_entry_2.yaml index a2ab53d37..1bd05d9df 100755 --- a/queries/aws_ec2_managed_prefix_list_entry_2.yaml +++ b/queries/aws_ec2_managed_prefix_list_entry_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS EC2 Managed Prefix List Entries, providing + details such as the CIDR block, description, and the prefix list ID. This table + is useful for understanding the IP address ranges included in a managed prefix list. ID: aws_ec2_managed_prefix_list_entry_2 -Title: "Find AWS EC2 Managed Prefix List Entries with Details" -Description: "Allows users to query AWS EC2 Managed Prefix List Entries, providing details such as the CIDR block, description, and the prefix list ID. This table is useful for understanding the IP address ranges included in a managed prefix list." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - l.name, - l.id, - e.cidr, - e.description, - l.state, - l.owner_id - from - aws_ec2_managed_prefix_list_entry as e, - aws_ec2_managed_prefix_list as l - where - l.owner_id <> 'AWS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n l.name,\n l.id,\n e.cidr,\n e.description,\n l.state,\n\ + \ l.owner_id\nfrom\n aws_ec2_managed_prefix_list_entry as e,\n aws_ec2_managed_prefix_list\ + \ as l\nwhere\n l.owner_id <> 'AWS';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Managed Prefix List Entries with Details diff --git a/queries/aws_ec2_managed_prefix_list_entry_3.yaml b/queries/aws_ec2_managed_prefix_list_entry_3.yaml index d9f52d38f..cf0d46710 100755 --- a/queries/aws_ec2_managed_prefix_list_entry_3.yaml +++ b/queries/aws_ec2_managed_prefix_list_entry_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS EC2 Managed Prefix List Entries, providing + details such as the CIDR block, description, and the prefix list ID. This table + is useful for understanding the IP address ranges included in a managed prefix list. ID: aws_ec2_managed_prefix_list_entry_3 -Title: "List AWS EC2 Managed Prefix List Entries with Details" -Description: "Allows users to query AWS EC2 Managed Prefix List Entries, providing details such as the CIDR block, description, and the prefix list ID. This table is useful for understanding the IP address ranges included in a managed prefix list." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - prefix_list_id, - count(cidr) as numbers_of_entries - from - aws_ec2_managed_prefix_list_entry - group by - prefix_list_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n prefix_list_id,\n count(cidr) as numbers_of_entries\n\ + from\n aws_ec2_managed_prefix_list_entry\ngroup by\n prefix_list_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List AWS EC2 Managed Prefix List Entries with Details diff --git a/queries/aws_ec2_network_interface_1.yaml b/queries/aws_ec2_network_interface_1.yaml index 03693d888..e7a6b4e8c 100755 --- a/queries/aws_ec2_network_interface_1.yaml +++ b/queries/aws_ec2_network_interface_1.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS EC2 Network Interfaces and provides comprehensive + details about each interface, including its associated instances, security groups, + and subnet information. ID: aws_ec2_network_interface_1 -Title: "Find all AWS EC2 Network Interfaces & Associated Details" -Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - network_interface_id, - interface_type, - description, - private_ip_address, - association_public_ip, - mac_address - from - aws_ec2_network_interface; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n network_interface_id,\n interface_type,\n description,\n\ + \ private_ip_address,\n association_public_ip,\n mac_address\nfrom\n aws_ec2_network_interface;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find all AWS EC2 Network Interfaces & Associated Details diff --git a/queries/aws_ec2_network_interface_2.yaml b/queries/aws_ec2_network_interface_2.yaml index ebeff50e7..f43c22dd3 100755 --- a/queries/aws_ec2_network_interface_2.yaml +++ b/queries/aws_ec2_network_interface_2.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS EC2 Network Interfaces and provides comprehensive + details about each interface, including its associated instances, security groups, + and subnet information. ID: aws_ec2_network_interface_2 -Title: "Find AWS EC2 Network Interfaces and Details" -Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - network_interface_id, - interface_type, - description, - private_ip_address, - association_public_ip, - mac_address - from - aws_ec2_network_interface - where - private_ip_address :: cidr <<= '10.66.0.0/16'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n network_interface_id,\n interface_type,\n description,\n\ + \ private_ip_address,\n association_public_ip,\n mac_address\nfrom\n aws_ec2_network_interface\n\ + where\n private_ip_address :: cidr <<= '10.66.0.0/16';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Network Interfaces and Details diff --git a/queries/aws_ec2_network_interface_3.yaml b/queries/aws_ec2_network_interface_3.yaml index 8b6292299..c538df615 100755 --- a/queries/aws_ec2_network_interface_3.yaml +++ b/queries/aws_ec2_network_interface_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS EC2 Network Interfaces and provides comprehensive + details about each interface, including its associated instances, security groups, + and subnet information. ID: aws_ec2_network_interface_3 -Title: "Find Details of AWS EC2 Network Interfaces" -Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - interface_type, - count(interface_type) as count - from - aws_ec2_network_interface - group by - interface_type - order by - count desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n interface_type,\n count(interface_type) as count\nfrom\n\ + \ aws_ec2_network_interface\ngroup by\n interface_type\norder by\n count desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find Details of AWS EC2 Network Interfaces diff --git a/queries/aws_ec2_network_interface_4.yaml b/queries/aws_ec2_network_interface_4.yaml index 36454d063..c5a401d08 100755 --- a/queries/aws_ec2_network_interface_4.yaml +++ b/queries/aws_ec2_network_interface_4.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query AWS EC2 Network Interfaces and provides comprehensive + details about each interface, including its associated instances, security groups, + and subnet information. ID: aws_ec2_network_interface_4 -Title: "List all AWS EC2 Network Interfaces and Associated Details" -Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - network_interface_id as eni, - sg ->> 'GroupId' as "security group id", - sg ->> 'GroupName' as "security group name" - from - aws_ec2_network_interface - cross join jsonb_array_elements(groups) as sg - order by - eni; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n network_interface_id as eni,\n sg ->> 'GroupId' as \"\ + security group id\",\n sg ->> 'GroupName' as \"security group name\"\nfrom\n\ + \ aws_ec2_network_interface\n cross join jsonb_array_elements(groups) as sg\n\ + order by\n eni;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Network Interfaces and Associated Details diff --git a/queries/aws_ec2_network_interface_5.yaml b/queries/aws_ec2_network_interface_5.yaml index b55e5fdd2..fd6776717 100755 --- a/queries/aws_ec2_network_interface_5.yaml +++ b/queries/aws_ec2_network_interface_5.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS EC2 Network Interfaces and provides comprehensive + details about each interface, including its associated instances, security groups, + and subnet information. ID: aws_ec2_network_interface_5 -Title: "Find AWS EC2 Network Interfaces and Details" -Description: "Allows users to query AWS EC2 Network Interfaces and provides comprehensive details about each interface, including its associated instances, security groups, and subnet information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.network_interface_id, - v.vpc_id, - v.is_default, - v.cidr_block, - v.state, - v.account_id, - v.region - from - aws_ec2_network_interface e, - aws_vpc v - where - e.vpc_id = v.vpc_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n e.network_interface_id,\n v.vpc_id,\n v.is_default,\n\ + \ v.cidr_block,\n v.state,\n v.account_id,\n v.region\nfrom\n aws_ec2_network_interface\ + \ e,\n aws_vpc v\nwhere \n e.vpc_id = v.vpc_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Network Interfaces and Details diff --git a/queries/aws_ec2_network_load_balancer_1.yaml b/queries/aws_ec2_network_load_balancer_1.yaml index fac4bed5d..0e74e5b11 100755 --- a/queries/aws_ec2_network_load_balancer_1.yaml +++ b/queries/aws_ec2_network_load_balancer_1.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS EC2 Network Load Balancer data including configuration, + status, and other related information. ID: aws_ec2_network_load_balancer_1 -Title: "List all AWS EC2 Network Load Balancer Configurations" -Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - count(az ->> 'ZoneName') as zone_count - from - aws_ec2_network_load_balancer - cross join jsonb_array_elements(availability_zones) as az - group by - name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n count(az ->> 'ZoneName') as zone_count\nfrom\n\ + \ aws_ec2_network_load_balancer\n cross join jsonb_array_elements(availability_zones)\ + \ as az\ngroup by\n name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Network Load Balancer +Title: List all AWS EC2 Network Load Balancer Configurations diff --git a/queries/aws_ec2_network_load_balancer_2.yaml b/queries/aws_ec2_network_load_balancer_2.yaml index e71b4108f..2b04d0b2a 100755 --- a/queries/aws_ec2_network_load_balancer_2.yaml +++ b/queries/aws_ec2_network_load_balancer_2.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS EC2 Network Load Balancer data including configuration, + status, and other related information. ID: aws_ec2_network_load_balancer_2 -Title: "Find AWS EC2 Network Load Balancer Configuration and Status" -Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as cross_zone, - lb ->> 'Value' as cross_zone_value - from - aws_ec2_network_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'load_balancing.cross_zone.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n lb ->> 'Key' as cross_zone,\n lb ->> 'Value'\ + \ as cross_zone_value\nfrom\n aws_ec2_network_load_balancer\n cross join jsonb_array_elements(load_balancer_attributes)\ + \ as lb\nwhere\n lb ->> 'Key' = 'load_balancing.cross_zone.enabled'\n and lb\ + \ ->> 'Value' = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Network Load Balancer +Title: Find AWS EC2 Network Load Balancer Configuration and Status diff --git a/queries/aws_ec2_network_load_balancer_3.yaml b/queries/aws_ec2_network_load_balancer_3.yaml index 8b29db7bd..97f9dbe6a 100755 --- a/queries/aws_ec2_network_load_balancer_3.yaml +++ b/queries/aws_ec2_network_load_balancer_3.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS EC2 Network Load Balancer data including configuration, + status, and other related information. ID: aws_ec2_network_load_balancer_3 -Title: "Find AWS EC2 NLB with Access Logs Disabled" -Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as logging_key, - lb ->> 'Value' as logging_value - from - aws_ec2_network_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'access_logs.s3.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n lb ->> 'Key' as logging_key,\n lb ->> 'Value'\ + \ as logging_value\nfrom\n aws_ec2_network_load_balancer\n cross join jsonb_array_elements(load_balancer_attributes)\ + \ as lb\nwhere\n lb ->> 'Key' = 'access_logs.s3.enabled'\n and lb ->> 'Value'\ + \ = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Network Load Balancer +Title: Find AWS EC2 NLB with Access Logs Disabled diff --git a/queries/aws_ec2_network_load_balancer_4.yaml b/queries/aws_ec2_network_load_balancer_4.yaml index 0e4c02bdf..709b21a2d 100755 --- a/queries/aws_ec2_network_load_balancer_4.yaml +++ b/queries/aws_ec2_network_load_balancer_4.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS EC2 Network Load Balancer data including configuration, + status, and other related information. ID: aws_ec2_network_load_balancer_4 -Title: "List all AWS EC2 Network Load Balancer Deletion Protection" -Description: "Allows users to query AWS EC2 Network Load Balancer data including configuration, status, and other related information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - lb ->> 'Key' as deletion_protection_key, - lb ->> 'Value' as deletion_protection_value - from - aws_ec2_network_load_balancer - cross join jsonb_array_elements(load_balancer_attributes) as lb - where - lb ->> 'Key' = 'deletion_protection.enabled' - and lb ->> 'Value' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n lb ->> 'Key' as deletion_protection_key,\n \ + \ lb ->> 'Value' as deletion_protection_value\nfrom\n aws_ec2_network_load_balancer\n\ + \ cross join jsonb_array_elements(load_balancer_attributes) as lb\nwhere\n lb\ + \ ->> 'Key' = 'deletion_protection.enabled'\n and lb ->> 'Value' = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Network Load Balancer +Title: List all AWS EC2 Network Load Balancer Deletion Protection diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml index 28229db51..4e94d4a0e 100755 --- a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml +++ b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_1.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS EC2 Network Load Balancer Metrics for net flow + count data. This includes information such as the number of new or terminated flows + per minute from a network load balancer. ID: aws_ec2_network_load_balancer_metric_net_flow_count_1 -Title: "Query AWS EC2 Network Load Balancer Net Flow Counts" -Description: "Allows users to query AWS EC2 Network Load Balancer Metrics for net flow count data. This includes information such as the number of new or terminated flows per minute from a network load balancer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - maximum, - minimum, - sample_count, - timestamp - from - aws_ec2_network_load_balancer_metric_net_flow_count - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n metric_name,\n namespace,\n maximum,\n minimum,\n\ + \ sample_count,\n timestamp\nfrom\n aws_ec2_network_load_balancer_metric_net_flow_count\n\ + order by\n name,\n timestamp;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Network Load Balancer +Title: Query AWS EC2 Network Load Balancer Net Flow Counts diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml index 3672a284b..87c3a1c3b 100755 --- a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml +++ b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_2.yaml @@ -1,36 +1,24 @@ +Description: Allows users to query AWS EC2 Network Load Balancer Metrics for net flow + count data. This includes information such as the number of new or terminated flows + per minute from a network load balancer. ID: aws_ec2_network_load_balancer_metric_net_flow_count_2 -Title: "Find AWS EC2 Network Load Balancer Net Flow Counts" -Description: "Allows users to query AWS EC2 Network Load Balancer Metrics for net flow count data. This includes information such as the number of new or terminated flows per minute from a network load balancer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - maximum, - minimum, - average, - sample_count, - timestamp - from - aws_ec2_network_load_balancer_metric_net_flow_count - where - average < 100 - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n metric_name,\n namespace,\n maximum,\n minimum,\n\ + \ average,\n sample_count,\n timestamp\nfrom\n aws_ec2_network_load_balancer_metric_net_flow_count\n\ + where\n average < 100\norder by\n name,\n timestamp;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Network Load Balancer +Title: Find AWS EC2 Network Load Balancer Net Flow Counts diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml index a8cbb61ad..ac7ed276a 100755 --- a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml +++ b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_1.yaml @@ -1,35 +1,26 @@ +Description: Allows users to query Network Load Balancer Metrics in EC2, specifically + the daily net flow count, providing insights into network traffic patterns and potential + anomalies. ID: aws_ec2_network_load_balancer_metric_net_flow_count_daily_1 -Title: "Find Network Load Balancer Metrics and Traffic Patterns" -Description: "Allows users to query Network Load Balancer Metrics in EC2, specifically the daily net flow count, providing insights into network traffic patterns and potential anomalies." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - maximum, - minimum, - sample_count, - timestamp - from - aws_ec2_network_load_balancer_metric_net_flow_count_daily - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n metric_name,\n namespace,\n maximum,\n minimum,\n\ + \ sample_count,\n timestamp\nfrom\n aws_ec2_network_load_balancer_metric_net_flow_count_daily\n\ + order by\n name,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Network Load Balancer +Title: Find Network Load Balancer Metrics and Traffic Patterns diff --git a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml index c82e4ce4e..c4f1647ed 100755 --- a/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml +++ b/queries/aws_ec2_network_load_balancer_metric_net_flow_count_daily_2.yaml @@ -1,36 +1,24 @@ +Description: Allows users to query Network Load Balancer Metrics in EC2, specifically + the daily net flow count, providing insights into network traffic patterns and potential + anomalies. ID: aws_ec2_network_load_balancer_metric_net_flow_count_daily_2 -Title: "List Network Load Balancer Metrics in EC2 Daily" -Description: "Allows users to query Network Load Balancer Metrics in EC2, specifically the daily net flow count, providing insights into network traffic patterns and potential anomalies." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - metric_name, - namespace, - maximum, - minimum, - average, - sample_count, - timestamp - from - aws_ec2_network_load_balancer_metric_net_flow_count_daily - where - average < 100 - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n metric_name,\n namespace,\n maximum,\n minimum,\n\ + \ average,\n sample_count,\n timestamp\nfrom\n aws_ec2_network_load_balancer_metric_net_flow_count_daily\n\ + where\n average < 100\norder by\n name,\n timestamp;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Network Load Balancer +Title: List Network Load Balancer Metrics in EC2 Daily diff --git a/queries/aws_ec2_regional_settings_1.yaml b/queries/aws_ec2_regional_settings_1.yaml index e5da74131..9a1fa0614 100755 --- a/queries/aws_ec2_regional_settings_1.yaml +++ b/queries/aws_ec2_regional_settings_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EC2 regional settings, including default EBS + encryption and default EBS encryption KMS key. ID: aws_ec2_regional_settings_1 -Title: "List AWS EC2 Regional Settings including EBS Encryption" -Description: "Allows users to query AWS EC2 regional settings, including default EBS encryption and default EBS encryption KMS key." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - default_ebs_encryption_enabled, - default_ebs_encryption_key, - title, - region - from - aws_ec2_regional_settings; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n default_ebs_encryption_enabled,\n default_ebs_encryption_key,\n\ + \ title,\n region\nfrom\n aws_ec2_regional_settings;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List AWS EC2 Regional Settings including EBS Encryption diff --git a/queries/aws_ec2_regional_settings_2.yaml b/queries/aws_ec2_regional_settings_2.yaml index 95511d259..27437b1a7 100755 --- a/queries/aws_ec2_regional_settings_2.yaml +++ b/queries/aws_ec2_regional_settings_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS EC2 regional settings, including default EBS + encryption and default EBS encryption KMS key. ID: aws_ec2_regional_settings_2 -Title: "List all AWS EC2 Regional Settings including EBS encryption" -Description: "Allows users to query AWS EC2 regional settings, including default EBS encryption and default EBS encryption KMS key." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - default_ebs_encryption_enabled, - default_ebs_encryption_key, - title, - region - from - aws_ec2_regional_settings - where - region = 'ap-south-1'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n default_ebs_encryption_enabled,\n default_ebs_encryption_key,\n\ + \ title,\n region\nfrom\n aws_ec2_regional_settings\nwhere\n region = 'ap-south-1';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Regional Settings including EBS encryption diff --git a/queries/aws_ec2_regional_settings_3.yaml b/queries/aws_ec2_regional_settings_3.yaml index f7983148f..6503af220 100755 --- a/queries/aws_ec2_regional_settings_3.yaml +++ b/queries/aws_ec2_regional_settings_3.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS EC2 regional settings, including default EBS + encryption and default EBS encryption KMS key. ID: aws_ec2_regional_settings_3 -Title: "List All AWS EC2 Regions With Encryption Settings" -Description: "Allows users to query AWS EC2 regional settings, including default EBS encryption and default EBS encryption KMS key." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - region, - default_ebs_encryption_enabled, - default_ebs_encryption_key - from - aws_ec2_regional_settings - where - default_ebs_encryption_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n region,\n default_ebs_encryption_enabled,\n default_ebs_encryption_key\n\ + from\n aws_ec2_regional_settings\nwhere\n default_ebs_encryption_enabled;" Tags: cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List All AWS EC2 Regions With Encryption Settings diff --git a/queries/aws_ec2_reserved_instance_1.yaml b/queries/aws_ec2_reserved_instance_1.yaml index 74213ef9f..6068af389 100755 --- a/queries/aws_ec2_reserved_instance_1.yaml +++ b/queries/aws_ec2_reserved_instance_1.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS EC2 Reserved Instances to gather comprehensive + insights on the reserved instances, such as their configurations, state, and associated + tags. ID: aws_ec2_reserved_instance_1 -Title: "Find AWS EC2 Reserved Instances: Configurations and State" -Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_instance_id, - arn, - instance_type, - instance_state, - currency_code, - CAST(fixed_price AS varchar), - offering_class, scope, - CAST(usage_price AS varchar) - from - aws_ec2_reserved_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_instance_id,\n arn,\n instance_type,\n instance_state,\n\ + \ currency_code,\n CAST(fixed_price AS varchar),\n offering_class, scope,\n\ + \ CAST(usage_price AS varchar)\nfrom\n aws_ec2_reserved_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: 'Find AWS EC2 Reserved Instances: Configurations and State' diff --git a/queries/aws_ec2_reserved_instance_2.yaml b/queries/aws_ec2_reserved_instance_2.yaml index 395c821bf..8ae4de43f 100755 --- a/queries/aws_ec2_reserved_instance_2.yaml +++ b/queries/aws_ec2_reserved_instance_2.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS EC2 Reserved Instances to gather comprehensive + insights on the reserved instances, such as their configurations, state, and associated + tags. ID: aws_ec2_reserved_instance_2 -Title: "Find AWS EC2 Reserved Instances by Type" -Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - count(instance_count) as count - from - aws_ec2_reserved_instance - group by - instance_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_type,\n count(instance_count) as count\nfrom\n\ + \ aws_ec2_reserved_instance\ngroup by\n instance_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Reserved Instances by Type diff --git a/queries/aws_ec2_reserved_instance_3.yaml b/queries/aws_ec2_reserved_instance_3.yaml index 516397c4d..82597cdd7 100755 --- a/queries/aws_ec2_reserved_instance_3.yaml +++ b/queries/aws_ec2_reserved_instance_3.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS EC2 Reserved Instances to gather comprehensive + insights on the reserved instances, such as their configurations, state, and associated + tags. ID: aws_ec2_reserved_instance_3 -Title: "List all AWS EC2 Reserved Instances and their configurations" -Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_type, - count(*) as count - from - aws_ec2_reserved_instance - where - instance_type not in ('t2.large', 'm3.medium') - group by - instance_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_type,\n count(*) as count\nfrom\n aws_ec2_reserved_instance\n\ + where\n instance_type not in ('t2.large', 'm3.medium')\ngroup by\n instance_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Reserved Instances +Title: List all AWS EC2 Reserved Instances and their configurations diff --git a/queries/aws_ec2_reserved_instance_4.yaml b/queries/aws_ec2_reserved_instance_4.yaml index a32d6dadf..676660d59 100755 --- a/queries/aws_ec2_reserved_instance_4.yaml +++ b/queries/aws_ec2_reserved_instance_4.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS EC2 Reserved Instances to gather comprehensive + insights on the reserved instances, such as their configurations, state, and associated + tags. ID: aws_ec2_reserved_instance_4 -Title: "List all AWS EC2 Reserved Instances and configurations" -Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_instance_id, - instance_type, - offering_class - from - aws_ec2_reserved_instance - where - offering_class = 'standard'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_instance_id,\n instance_type,\n offering_class\n\ + from\n aws_ec2_reserved_instance\nwhere\n offering_class = 'standard';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Reserved Instances and configurations diff --git a/queries/aws_ec2_reserved_instance_5.yaml b/queries/aws_ec2_reserved_instance_5.yaml index c9c9b7aab..6ffc6f447 100755 --- a/queries/aws_ec2_reserved_instance_5.yaml +++ b/queries/aws_ec2_reserved_instance_5.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS EC2 Reserved Instances to gather comprehensive + insights on the reserved instances, such as their configurations, state, and associated + tags. ID: aws_ec2_reserved_instance_5 -Title: "Find AWS EC2 Reserved Instances and Their Configurations" -Description: "Allows users to query AWS EC2 Reserved Instances to gather comprehensive insights on the reserved instances, such as their configurations, state, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_instance_id, - instance_type, - instance_state - from - aws_ec2_reserved_instance - where - instance_state = 'active'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_instance_id,\n instance_type,\n instance_state\n\ + from\n aws_ec2_reserved_instance\nwhere\n instance_state = 'active';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Reserved Instances and Their Configurations diff --git a/queries/aws_ec2_spot_price_1.yaml b/queries/aws_ec2_spot_price_1.yaml index a70cace20..9ec7be605 100755 --- a/queries/aws_ec2_spot_price_1.yaml +++ b/queries/aws_ec2_spot_price_1.yaml @@ -1,37 +1,26 @@ +Description: Allows users to query AWS EC2 Spot Price data, including information + about the instance type, product description, spot price, and the date and time + the price was set. ID: aws_ec2_spot_price_1 -Title: "Find AWS EC2 Spot Price Data for Specific Instances" -Description: "Allows users to query AWS EC2 Spot Price data, including information about the instance type, product description, spot price, and the date and time the price was set." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - availability_zone, - instance_type, - product_description, - spot_price::numeric as spot_price, - create_timestamp as start_time, - lead(create_timestamp, 1, now()) over (partition by instance_type, availability_zone, product_description order by create_timestamp) as stop_time - from - aws_ec2_spot_price - where - instance_type = 'm5.4xlarge' - and product_description = 'Linux/UNIX' - and availability_zone in - ( - 'eu-west-3a', - 'eu-west-3b' - ) - and start_time = now() - interval '1' month - and end_time = now() - interval '1' minute; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n availability_zone,\n instance_type,\n product_description,\n\ + \ spot_price::numeric as spot_price,\n create_timestamp as start_time,\n lead(create_timestamp,\ + \ 1, now()) over (partition by instance_type, availability_zone, product_description\ + \ order by create_timestamp) as stop_time\nfrom\n aws_ec2_spot_price\nwhere\n\ + \ instance_type = 'm5.4xlarge'\n and product_description = 'Linux/UNIX'\n and\ + \ availability_zone in\n (\n 'eu-west-3a',\n 'eu-west-3b'\n )\n and start_time\ + \ = now() - interval '1' month\n and end_time = now() - interval '1' minute;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Spot Price Data for Specific Instances diff --git a/queries/aws_ec2_ssl_policy_1.yaml b/queries/aws_ec2_ssl_policy_1.yaml index 84aee7ed8..cb359f6d9 100755 --- a/queries/aws_ec2_ssl_policy_1.yaml +++ b/queries/aws_ec2_ssl_policy_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS EC2 SSL Policies to retrieve detailed information + about SSL policies used in AWS EC2 Load Balancers. ID: aws_ec2_ssl_policy_1 -Title: "Find AWS EC2 SSL Policies Used in Load Balancers" -Description: "Allows users to query AWS EC2 SSL Policies to retrieve detailed information about SSL policies used in AWS EC2 Load Balancers." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - ssl_protocols - from - aws_ec2_ssl_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n ssl_protocols\nfrom\n aws_ec2_ssl_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 SSL Policies Used in Load Balancers diff --git a/queries/aws_ec2_ssl_policy_2.yaml b/queries/aws_ec2_ssl_policy_2.yaml index 88b1b6ef2..2e3bd8954 100755 --- a/queries/aws_ec2_ssl_policy_2.yaml +++ b/queries/aws_ec2_ssl_policy_2.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS EC2 SSL Policies to retrieve detailed information + about SSL policies used in AWS EC2 Load Balancers. ID: aws_ec2_ssl_policy_2 -Title: "Find AWS EC2 SSL Policies Used in Load Balancers" -Description: "Allows users to query AWS EC2 SSL Policies to retrieve detailed information about SSL policies used in AWS EC2 Load Balancers." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - ssl_policy - from - aws_ec2_load_balancer_listener listener - join - aws_ec2_ssl_policy ssl_policy - on - listener.ssl_policy = ssl_policy.Name - where - ssl_policy.ciphers @> '[{"Name":"DES-CBC3-SHA"}]'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n ssl_policy\nfrom\n aws_ec2_load_balancer_listener\ + \ listener\njoin \n aws_ec2_ssl_policy ssl_policy\non\n listener.ssl_policy\ + \ = ssl_policy.Name\nwhere\n ssl_policy.ciphers @> '[{\"Name\":\"DES-CBC3-SHA\"\ + }]';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 SSL Policies Used in Load Balancers diff --git a/queries/aws_ec2_target_group_1.yaml b/queries/aws_ec2_target_group_1.yaml index 5b483245c..e97b7f1ac 100755 --- a/queries/aws_ec2_target_group_1.yaml +++ b/queries/aws_ec2_target_group_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS EC2 Target Groups and provides information + about each Target Group within an AWS account. ID: aws_ec2_target_group_1 -Title: "Find EC2 Target Groups in AWS Account" -Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - target_group_name, - target_type, - load_balancer_arns, - vpc_id - from - aws_ec2_target_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n target_group_name,\n target_type,\n load_balancer_arns,\n\ + \ vpc_id\nfrom\n aws_ec2_target_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find EC2 Target Groups in AWS Account diff --git a/queries/aws_ec2_target_group_2.yaml b/queries/aws_ec2_target_group_2.yaml index d614283f0..65644b2c5 100755 --- a/queries/aws_ec2_target_group_2.yaml +++ b/queries/aws_ec2_target_group_2.yaml @@ -1,32 +1,22 @@ +Description: Allows users to query AWS EC2 Target Groups and provides information + about each Target Group within an AWS account. ID: aws_ec2_target_group_2 -Title: "Find AWS EC2 Target Groups with Health Check Info" -Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - health_check_enabled, - protocol, - matcher_http_code, - healthy_threshold_count, - unhealthy_threshold_count, - health_check_enabled, - health_check_interval_seconds, - health_check_path, - health_check_port, - health_check_protocol, - health_check_timeout_seconds - from - aws_ec2_target_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n health_check_enabled,\n protocol,\n matcher_http_code,\n\ + \ healthy_threshold_count,\n unhealthy_threshold_count,\n health_check_enabled,\n\ + \ health_check_interval_seconds,\n health_check_path,\n health_check_port,\n\ + \ health_check_protocol,\n health_check_timeout_seconds\nfrom\n aws_ec2_target_group;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find AWS EC2 Target Groups with Health Check Info diff --git a/queries/aws_ec2_target_group_3.yaml b/queries/aws_ec2_target_group_3.yaml index 4d5b651ff..6ca05bba0 100755 --- a/queries/aws_ec2_target_group_3.yaml +++ b/queries/aws_ec2_target_group_3.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS EC2 Target Groups and provides information + about each Target Group within an AWS account. ID: aws_ec2_target_group_3 -Title: "List all AWS EC2 Target Groups and Relevant Details" -Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - target_group_name, - target_type, - target -> 'Target' ->> 'AvailabilityZone' as availability_zone, - target -> 'Target' ->> 'Id' as id, - target -> 'Target' ->> 'Port' as port - from - aws_ec2_target_group - cross join jsonb_array_elements(target_health_descriptions) as target; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n target_group_name,\n target_type,\n target -> 'Target'\ + \ ->> 'AvailabilityZone' as availability_zone,\n target -> 'Target' ->> 'Id'\ + \ as id,\n target -> 'Target' ->> 'Port' as port\nfrom\n aws_ec2_target_group\n\ + \ cross join jsonb_array_elements(target_health_descriptions) as target;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS EC2 +Title: List all AWS EC2 Target Groups and Relevant Details diff --git a/queries/aws_ec2_target_group_4.yaml b/queries/aws_ec2_target_group_4.yaml index 679a718bb..319671f23 100755 --- a/queries/aws_ec2_target_group_4.yaml +++ b/queries/aws_ec2_target_group_4.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS EC2 Target Groups and provides information + about each Target Group within an AWS account. ID: aws_ec2_target_group_4 -Title: "Find all AWS EC2 Target Groups and their states" -Description: "Allows users to query AWS EC2 Target Groups and provides information about each Target Group within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - target_group_name, - target_type, - target -> 'TargetHealth' ->> 'Description' as description, - target -> 'TargetHealth' ->> 'Reason' reason, - target -> 'TargetHealth' ->> 'State' as state - from - aws_ec2_target_group - cross join jsonb_array_elements(target_health_descriptions) as target; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n target_group_name,\n target_type,\n target -> 'TargetHealth'\ + \ ->> 'Description' as description,\n target -> 'TargetHealth' ->> 'Reason' reason,\n\ + \ target -> 'TargetHealth' ->> 'State' as state\nfrom\n aws_ec2_target_group\n\ + \ cross join jsonb_array_elements(target_health_descriptions) as target;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: Find all AWS EC2 Target Groups and their states diff --git a/queries/aws_ec2_transit_gateway_1.yaml b/queries/aws_ec2_transit_gateway_1.yaml index 453a51d93..fe0b68458 100755 --- a/queries/aws_ec2_transit_gateway_1.yaml +++ b/queries/aws_ec2_transit_gateway_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EC2 Transit Gateway resources for detailed + information on configuration, status, and associations. ID: aws_ec2_transit_gateway_1 -Title: "List all AWS EC2 Transit Gateway configurations and statuses" -Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_id, - state, - owner_id, - creation_time - from - aws_ec2_transit_gateway; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n transit_gateway_id,\n state,\n owner_id,\n creation_time\n\ + from\n aws_ec2_transit_gateway;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Transit Gateway +Title: List all AWS EC2 Transit Gateway configurations and statuses diff --git a/queries/aws_ec2_transit_gateway_2.yaml b/queries/aws_ec2_transit_gateway_2.yaml index 79d72655d..b3a8e202c 100755 --- a/queries/aws_ec2_transit_gateway_2.yaml +++ b/queries/aws_ec2_transit_gateway_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS EC2 Transit Gateway resources for detailed + information on configuration, status, and associations. ID: aws_ec2_transit_gateway_2 -Title: "Find AWS EC2 Transit Gateway Configuration Details" -Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_id, - auto_accept_shared_attachments - from - aws_ec2_transit_gateway - where - auto_accept_shared_attachments = 'enable'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n transit_gateway_id,\n auto_accept_shared_attachments\n\ + from\n aws_ec2_transit_gateway\nwhere\n auto_accept_shared_attachments = 'enable';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Transit Gateway +Title: Find AWS EC2 Transit Gateway Configuration Details diff --git a/queries/aws_ec2_transit_gateway_3.yaml b/queries/aws_ec2_transit_gateway_3.yaml index d41fc9d0e..8166736a6 100755 --- a/queries/aws_ec2_transit_gateway_3.yaml +++ b/queries/aws_ec2_transit_gateway_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EC2 Transit Gateway resources for detailed + information on configuration, status, and associations. ID: aws_ec2_transit_gateway_3 -Title: "Find AWS EC2 Transit Gateway Configuration and Status" -Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - association_default_route_table_id, - count(transit_gateway_id) as transit_gateway - from - aws_ec2_transit_gateway - group by - association_default_route_table_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n association_default_route_table_id,\n count(transit_gateway_id)\ + \ as transit_gateway\nfrom\n aws_ec2_transit_gateway\ngroup by\n association_default_route_table_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Transit Gateway +Title: Find AWS EC2 Transit Gateway Configuration and Status diff --git a/queries/aws_ec2_transit_gateway_4.yaml b/queries/aws_ec2_transit_gateway_4.yaml index 5ac5b8264..978e63700 100755 --- a/queries/aws_ec2_transit_gateway_4.yaml +++ b/queries/aws_ec2_transit_gateway_4.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS EC2 Transit Gateway resources for detailed + information on configuration, status, and associations. ID: aws_ec2_transit_gateway_4 -Title: "Find AWS EC2 Transit Gateway Details" -Description: "Allows users to query AWS EC2 Transit Gateway resources for detailed information on configuration, status, and associations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_id, - tags - from - aws_ec2_transit_gateway - where - not tags :: JSONB ? 'application'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n transit_gateway_id,\n tags\nfrom\n aws_ec2_transit_gateway\n\ + where\n not tags :: JSONB ? 'application';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Transit Gateway +Title: Find AWS EC2 Transit Gateway Details diff --git a/queries/aws_ec2_transit_gateway_route_1.yaml b/queries/aws_ec2_transit_gateway_route_1.yaml index 9f14e9fb4..b1dd3e590 100755 --- a/queries/aws_ec2_transit_gateway_route_1.yaml +++ b/queries/aws_ec2_transit_gateway_route_1.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS EC2 Transit Gateway Routes for detailed information + about each route, including the destination CIDR block, the route''s current state, + and the transit gateway attachments. ID: aws_ec2_transit_gateway_route_1 -Title: "Find AWS EC2 Transit Gateway Routes Information" -Description: "Allows users to query AWS EC2 Transit Gateway Routes for detailed information about each route, including the destination CIDR block, the route''s current state, and the transit gateway attachments." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_route_table_id, - destination_cidr_block, - prefix_list_id, - state, - type - from - aws_ec2_transit_gateway_route; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n transit_gateway_route_table_id,\n destination_cidr_block,\n\ + \ prefix_list_id,\n state,\n type\nfrom\n aws_ec2_transit_gateway_route;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Transit Gateway +Title: Find AWS EC2 Transit Gateway Routes Information diff --git a/queries/aws_ec2_transit_gateway_route_2.yaml b/queries/aws_ec2_transit_gateway_route_2.yaml index 57e576886..85a23b094 100755 --- a/queries/aws_ec2_transit_gateway_route_2.yaml +++ b/queries/aws_ec2_transit_gateway_route_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS EC2 Transit Gateway Routes for detailed information + about each route, including the destination CIDR block, the route''s current state, + and the transit gateway attachments. ID: aws_ec2_transit_gateway_route_2 -Title: "Find All AWS EC2 Transit Gateway Routes by State" -Description: "Allows users to query AWS EC2 Transit Gateway Routes for detailed information about each route, including the destination CIDR block, the route''s current state, and the transit gateway attachments." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_route_table_id, - destination_cidr_block, - state, - type - from - aws_ec2_transit_gateway_route - where - state = 'active'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n transit_gateway_route_table_id,\n destination_cidr_block,\n\ + \ state,\n type\nfrom\n aws_ec2_transit_gateway_route\nwhere\n state = 'active';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Transit Gateway +Title: Find All AWS EC2 Transit Gateway Routes by State diff --git a/queries/aws_ec2_transit_gateway_route_table_1.yaml b/queries/aws_ec2_transit_gateway_route_table_1.yaml index a9a58e665..cd5839c82 100755 --- a/queries/aws_ec2_transit_gateway_route_table_1.yaml +++ b/queries/aws_ec2_transit_gateway_route_table_1.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query AWS EC2 Transit Gateway Route Tables and retrieve + detailed information about each route table, including its ID, state, transit gateway + ID, and other associated metadata. ID: aws_ec2_transit_gateway_route_table_1 -Title: "List all AWS EC2 Transit Gateway Route Tables with Details" -Description: "Allows users to query AWS EC2 Transit Gateway Route Tables and retrieve detailed information about each route table, including its ID, state, transit gateway ID, and other associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_route_table_id, - transit_gateway_id, - default_association_route_table, - default_propagation_route_table - from - aws_ec2_transit_gateway_route_table; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n transit_gateway_route_table_id,\n transit_gateway_id,\n\ + \ default_association_route_table,\n default_propagation_route_table\nfrom\n\ + \ aws_ec2_transit_gateway_route_table;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Transit Gateway +Title: List all AWS EC2 Transit Gateway Route Tables with Details diff --git a/queries/aws_ec2_transit_gateway_route_table_2.yaml b/queries/aws_ec2_transit_gateway_route_table_2.yaml index 0a18ba826..ea880d8fd 100755 --- a/queries/aws_ec2_transit_gateway_route_table_2.yaml +++ b/queries/aws_ec2_transit_gateway_route_table_2.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query AWS EC2 Transit Gateway Route Tables and retrieve + detailed information about each route table, including its ID, state, transit gateway + ID, and other associated metadata. ID: aws_ec2_transit_gateway_route_table_2 -Title: "List all AWS EC2 Transit Gateway Route Tables by ID and State" -Description: "Allows users to query AWS EC2 Transit Gateway Route Tables and retrieve detailed information about each route table, including its ID, state, transit gateway ID, and other associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_id, - count(transit_gateway_route_table_id) as transit_gateway_route_table_count - from - aws_ec2_transit_gateway_route_table - group by - transit_gateway_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n transit_gateway_id,\n count(transit_gateway_route_table_id)\ + \ as transit_gateway_route_table_count\nfrom\n aws_ec2_transit_gateway_route_table\n\ + group by\n transit_gateway_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Transit Gateway +Title: List all AWS EC2 Transit Gateway Route Tables by ID and State diff --git a/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml b/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml index 769d0d36c..25a7a1055 100755 --- a/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml +++ b/queries/aws_ec2_transit_gateway_vpc_attachment_1.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS EC2 Transit Gateway VPC Attachments for details + such as the attachment state, creation time, and more. ID: aws_ec2_transit_gateway_vpc_attachment_1 -Title: "List all AWS EC2 Transit Gateway VPC Attachments" -Description: "Allows users to query AWS EC2 Transit Gateway VPC Attachments for details such as the attachment state, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - transit_gateway_attachment_id, - transit_gateway_id, - state, - transit_gateway_owner_id, - creation_time, - association_state - from - aws_ec2_transit_gateway_vpc_attachment; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n transit_gateway_attachment_id,\n transit_gateway_id,\n\ + \ state,\n transit_gateway_owner_id,\n creation_time,\n association_state\n\ + from\n aws_ec2_transit_gateway_vpc_attachment;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 +Title: List all AWS EC2 Transit Gateway VPC Attachments diff --git a/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml b/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml index c4f7f89c0..5dc609d75 100755 --- a/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml +++ b/queries/aws_ec2_transit_gateway_vpc_attachment_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EC2 Transit Gateway VPC Attachments for details + such as the attachment state, creation time, and more. ID: aws_ec2_transit_gateway_vpc_attachment_2 -Title: "List all AWS EC2 Transit Gateway VPC Attachments by Resource Type" -Description: "Allows users to query AWS EC2 Transit Gateway VPC Attachments for details such as the attachment state, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_type, - count(transit_gateway_attachment_id) as count - from - aws_ec2_transit_gateway_vpc_attachment - group by - resource_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_type,\n count(transit_gateway_attachment_id)\ + \ as count\nfrom\n aws_ec2_transit_gateway_vpc_attachment\ngroup by\n resource_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EC2 Transit Gateway +Title: List all AWS EC2 Transit Gateway VPC Attachments by Resource Type diff --git a/queries/aws_ecr_image_1.yaml b/queries/aws_ecr_image_1.yaml index 5b37f4cf5..b2875d14f 100755 --- a/queries/aws_ecr_image_1.yaml +++ b/queries/aws_ecr_image_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query Amazon Elastic Container Registry (ECR) Images + and retrieve detailed information about each image, including image tags, push timestamps, + image sizes, and more. ID: aws_ecr_image_1 -Title: "List all Amazon ECR Images with Detailed Information" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - image_digest, - image_pushed_at, - image_size_in_bytes, - registry_id, - image_scan_status, - image_tags - from - aws_ecr_image; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n image_digest,\n image_pushed_at,\n\ + \ image_size_in_bytes,\n registry_id,\n image_scan_status,\n image_tags\n\ + from\n aws_ecr_image;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon ECR +Title: List all Amazon ECR Images with Detailed Information diff --git a/queries/aws_ecr_image_2.yaml b/queries/aws_ecr_image_2.yaml index 7fab94a2d..c5e300ad9 100755 --- a/queries/aws_ecr_image_2.yaml +++ b/queries/aws_ecr_image_2.yaml @@ -1,25 +1,23 @@ +Description: Allows users to query Amazon Elastic Container Registry (ECR) Images + and retrieve detailed information about each image, including image tags, push timestamps, + image sizes, and more. ID: aws_ecr_image_2 -Title: "List all Amazon ECR Images with Detailed Information" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - image_scan_findings_summary ->> 'FindingSeverityCounts' as finding_severity_counts, - image_scan_findings_summary ->> 'ImageScanCompletedAt' as image_scan_completed_at, - image_scan_findings_summary ->> 'VulnerabilitySourceUpdatedAt' as vulnerability_source_updated_at - from - aws_ecr_image; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n image_scan_findings_summary ->> 'FindingSeverityCounts'\ + \ as finding_severity_counts,\n image_scan_findings_summary ->> 'ImageScanCompletedAt'\ + \ as image_scan_completed_at,\n image_scan_findings_summary ->> 'VulnerabilitySourceUpdatedAt'\ + \ as vulnerability_source_updated_at\nfrom\n aws_ecr_image;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry +Title: List all Amazon ECR Images with Detailed Information diff --git a/queries/aws_ecr_image_3.yaml b/queries/aws_ecr_image_3.yaml index b782a6a56..81dc4a76b 100755 --- a/queries/aws_ecr_image_3.yaml +++ b/queries/aws_ecr_image_3.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query Amazon Elastic Container Registry (ECR) Images + and retrieve detailed information about each image, including image tags, push timestamps, + image sizes, and more. ID: aws_ecr_image_3 -Title: "List all Amazon ECR Images and Retrieve Detailed Info" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - registry_id, - image_digest, - image_tags - from - aws_ecr_image; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n registry_id,\n image_digest,\n \ + \ image_tags\nfrom\n aws_ecr_image;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Elastic Container Registry +Title: List all Amazon ECR Images and Retrieve Detailed Info diff --git a/queries/aws_ecr_image_4.yaml b/queries/aws_ecr_image_4.yaml index ee543282b..b859aeef2 100755 --- a/queries/aws_ecr_image_4.yaml +++ b/queries/aws_ecr_image_4.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query Amazon Elastic Container Registry (ECR) Images + and retrieve detailed information about each image, including image tags, push timestamps, + image sizes, and more. ID: aws_ecr_image_4 -Title: "List All Amazon ECR Images and Their Details" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - image_digest, - image_pushed_at, - image_size_in_bytes - from - aws_ecr_image - where - image_pushed_at >= now() - interval '10' day - and - repository_name = 'test1'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n image_digest,\n image_pushed_at,\n\ + \ image_size_in_bytes\nfrom\n aws_ecr_image\nwhere\n image_pushed_at >= now()\ + \ - interval '10' day\nand\n repository_name = 'test1';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Elastic Container Registry +Title: List All Amazon ECR Images and Their Details diff --git a/queries/aws_ecr_image_5.yaml b/queries/aws_ecr_image_5.yaml index dc5631bb8..a8b2198be 100755 --- a/queries/aws_ecr_image_5.yaml +++ b/queries/aws_ecr_image_5.yaml @@ -1,32 +1,25 @@ +Description: Allows users to query Amazon Elastic Container Registry (ECR) Images + and retrieve detailed information about each image, including image tags, push timestamps, + image sizes, and more. ID: aws_ecr_image_5 -Title: "Find all Amazon ECR Images and Retrieve Detailed Info" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.repository_name as repository_name, - r.repository_uri as repository_uri, - i.image_digest as image_digest, - i.image_tags as image_tags - from - aws_ecr_image as i, - aws_ecr_repository as r - where - i.repository_name = r.repository_name - and - r.created_at >= now() - interval '20' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n i.repository_name as repository_name,\n r.repository_uri\ + \ as repository_uri,\n i.image_digest as image_digest,\n i.image_tags as image_tags\n\ + from\n aws_ecr_image as i,\n aws_ecr_repository as r\nwhere\n i.repository_name\ + \ = r.repository_name\nand\n r.created_at >= now() - interval '20' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Elastic Container Registry +Title: Find all Amazon ECR Images and Retrieve Detailed Info diff --git a/queries/aws_ecr_image_6.yaml b/queries/aws_ecr_image_6.yaml index be398a1cd..5c13fe9c4 100755 --- a/queries/aws_ecr_image_6.yaml +++ b/queries/aws_ecr_image_6.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query Amazon Elastic Container Registry (ECR) Images + and retrieve detailed information about each image, including image tags, push timestamps, + image sizes, and more. ID: aws_ecr_image_6 -Title: "Find Amazon ECR Images and Retrieve Detailed Information" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.repository_name as repository_name, - r.repository_uri as repository_uri, - i.image_digest as image_digest, - i.image_tags as image_tags, - s ->> 'Effect' as effect, - s ->> 'Action' as action, - s ->> 'Condition' as condition, - s ->> 'Principal' as principal - from - aws_ecr_image as i, - aws_ecr_repository as r, - jsonb_array_elements(r.policy -> 'Statement') as s - where - i.repository_name = r.repository_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n i.repository_name as repository_name,\n r.repository_uri\ + \ as repository_uri,\n i.image_digest as image_digest,\n i.image_tags as image_tags,\n\ + \ s ->> 'Effect' as effect,\n s ->> 'Action' as action,\n s ->> 'Condition'\ + \ as condition,\n s ->> 'Principal' as principal\nfrom\n aws_ecr_image as i,\n\ + \ aws_ecr_repository as r,\n jsonb_array_elements(r.policy -> 'Statement') as\ + \ s\nwhere\n i.repository_name = r.repository_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Elastic Container Registry +Title: Find Amazon ECR Images and Retrieve Detailed Information diff --git a/queries/aws_ecr_image_7.yaml b/queries/aws_ecr_image_7.yaml index a49c600a4..7dee9fa0b 100755 --- a/queries/aws_ecr_image_7.yaml +++ b/queries/aws_ecr_image_7.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query Amazon Elastic Container Registry (ECR) Images + and retrieve detailed information about each image, including image tags, push timestamps, + image sizes, and more. ID: aws_ecr_image_7 -Title: "List all Amazon ECR Images with Details" -Description: "Allows users to query Amazon Elastic Container Registry (ECR) Images and retrieve detailed information about each image, including image tags, push timestamps, image sizes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - artifact_name, - artifact_type, - metadata, - results - from - trivy_scan_artifact as a, - aws_ecr_image as i - where - artifact_name = image_uri - and repository_name = 'hello'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n artifact_name,\n artifact_type,\n metadata,\n results\n\ + from\n trivy_scan_artifact as a,\n aws_ecr_image as i\nwhere\n artifact_name\ + \ = image_uri\n and repository_name = 'hello';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Elastic Container Registry +Title: List all Amazon ECR Images with Details diff --git a/queries/aws_ecr_image_scan_finding_1.yaml b/queries/aws_ecr_image_scan_finding_1.yaml index d645f4fa0..a11301dc7 100755 --- a/queries/aws_ecr_image_scan_finding_1.yaml +++ b/queries/aws_ecr_image_scan_finding_1.yaml @@ -1,38 +1,27 @@ +Description: Allows users to query Amazon ECR Image Scan Findings to retrieve detailed + information about image scan findings, including attributes such as the severity + of the finding, description, and package name where the vulnerability was found. ID: aws_ecr_image_scan_finding_1 -Title: "Find all AWS ECR Image Scan Findings Details" -Description: "Allows users to query Amazon ECR Image Scan Findings to retrieve detailed information about image scan findings, including attributes such as the severity of the finding, description, and package name where the vulnerability was found." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - image_tag, - name, - severity, - description, - attributes, - uri, - image_scan_status, - image_scan_completed_at, - vulnerability_source_updated_at - from - aws_ecr_image_scan_finding - where - repository_name = 'my-repo' - and image_tag = 'my-image-tag'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n image_tag,\n name,\n severity,\n\ + \ description,\n attributes,\n uri,\n image_scan_status,\n image_scan_completed_at,\n\ + \ vulnerability_source_updated_at\nfrom\n aws_ecr_image_scan_finding\nwhere\n\ + \ repository_name = 'my-repo'\n and image_tag = 'my-image-tag';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry +Title: Find all AWS ECR Image Scan Findings Details diff --git a/queries/aws_ecr_image_scan_finding_2.yaml b/queries/aws_ecr_image_scan_finding_2.yaml index 4f755817f..2fd09cbdf 100755 --- a/queries/aws_ecr_image_scan_finding_2.yaml +++ b/queries/aws_ecr_image_scan_finding_2.yaml @@ -1,39 +1,25 @@ +Description: Allows users to query Amazon ECR Image Scan Findings to retrieve detailed + information about image scan findings, including attributes such as the severity + of the finding, description, and package name where the vulnerability was found. ID: aws_ecr_image_scan_finding_2 -Title: "Find Amazon ECR Image Scan Findings for Recent Images" -Description: "Allows users to query Amazon ECR Image Scan Findings to retrieve detailed information about image scan findings, including attributes such as the severity of the finding, description, and package name where the vulnerability was found." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.repository_name, - f.image_tag, - f.name, - f.severity, - jsonb_pretty(f.attributes) as attributes - from - ( - select - repository_name, - jsonb_array_elements_text(image_tags) as image_tag - from - aws_ecr_image as i - where - i.image_pushed_at > now() - interval '24' hour - ) - images - left outer join - aws_ecr_image_scan_finding as f - on images.repository_name = f.repository_name - and images.image_tag = f.image_tag; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n f.repository_name,\n f.image_tag,\n f.name,\n f.severity,\n\ + \ jsonb_pretty(f.attributes) as attributes\nfrom\n (\n select\n repository_name,\n\ + \ jsonb_array_elements_text(image_tags) as image_tag\n from\n aws_ecr_image\ + \ as i\n where\n i.image_pushed_at > now() - interval '24' hour\n )\n\ + \ images\n left outer join\n aws_ecr_image_scan_finding as f\n on images.repository_name\ + \ = f.repository_name\n and images.image_tag = f.image_tag;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon ECR +Title: Find Amazon ECR Image Scan Findings for Recent Images diff --git a/queries/aws_ecr_registry_scanning_configuration_1.yaml b/queries/aws_ecr_registry_scanning_configuration_1.yaml index 0d4d3b910..d2ee10e96 100755 --- a/queries/aws_ecr_registry_scanning_configuration_1.yaml +++ b/queries/aws_ecr_registry_scanning_configuration_1.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS ECR Registry Scanning Configuration at the + private registry level on a per-region basis. ID: aws_ecr_registry_scanning_configuration_1 -Title: "List AWS ECR Registry Scanning Configurations by Region" -Description: "Allows users to query AWS ECR Registry Scanning Configuration at the private registry level on a per-region basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - registry_id, - jsonb_pretty(scanning_configuration), - region - from - aws_ecr_registry_scanning_configuration; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n registry_id,\n jsonb_pretty(scanning_configuration),\n\ + \ region\nfrom\n aws_ecr_registry_scanning_configuration;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECR +Title: List AWS ECR Registry Scanning Configurations by Region diff --git a/queries/aws_ecr_registry_scanning_configuration_2.yaml b/queries/aws_ecr_registry_scanning_configuration_2.yaml index 207ddf6b4..4e639c3e5 100755 --- a/queries/aws_ecr_registry_scanning_configuration_2.yaml +++ b/queries/aws_ecr_registry_scanning_configuration_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS ECR Registry Scanning Configuration at the + private registry level on a per-region basis. ID: aws_ecr_registry_scanning_configuration_2 -Title: "Find AWS ECR Registry Scanning Configuration per Region" -Description: "Allows users to query AWS ECR Registry Scanning Configuration at the private registry level on a per-region basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - registry_id, - jsonb_pretty(scanning_configuration), - region - from - aws_ecr_registry_scanning_configuration - where - region = 'ap-south-1'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n registry_id,\n jsonb_pretty(scanning_configuration),\n\ + \ region\nfrom\n aws_ecr_registry_scanning_configuration\nwhere\n region =\ + \ 'ap-south-1';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECR +Title: Find AWS ECR Registry Scanning Configuration per Region diff --git a/queries/aws_ecr_registry_scanning_configuration_3.yaml b/queries/aws_ecr_registry_scanning_configuration_3.yaml index 6268df25d..61e22086e 100755 --- a/queries/aws_ecr_registry_scanning_configuration_3.yaml +++ b/queries/aws_ecr_registry_scanning_configuration_3.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS ECR Registry Scanning Configuration at the + private registry level on a per-region basis. ID: aws_ecr_registry_scanning_configuration_3 -Title: "Query AWS ECR Registry Scanning Configuration by Region" -Description: "Allows users to query AWS ECR Registry Scanning Configuration at the private registry level on a per-region basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - registry_id, - region - from - aws_ecr_registry_scanning_configuration - where - scanning_configuration ->> 'ScanType' = 'ENHANCED' - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n registry_id,\n region\nfrom\n aws_ecr_registry_scanning_configuration\n\ + where\n scanning_configuration ->> 'ScanType' = 'ENHANCED'" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECR Registry +Title: Query AWS ECR Registry Scanning Configuration by Region diff --git a/queries/aws_ecr_repository_1.yaml b/queries/aws_ecr_repository_1.yaml index b4585cc6c..9eb69459a 100755 --- a/queries/aws_ecr_repository_1.yaml +++ b/queries/aws_ecr_repository_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Elastic Container Registry (ECR) Repositories + and retrieve detailed information about each repository. ID: aws_ecr_repository_1 -Title: "List all AWS ECR Repositories and Retrieve Details" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - registry_id, - arn, - repository_uri, - created_at, - region, - account_id - from - aws_ecr_repository; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n registry_id,\n arn,\n repository_uri,\n\ + \ created_at,\n region,\n account_id\nfrom\n aws_ecr_repository;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry +Title: List all AWS ECR Repositories and Retrieve Details diff --git a/queries/aws_ecr_repository_10.yaml b/queries/aws_ecr_repository_10.yaml index 304f4fa86..ed19b6471 100755 --- a/queries/aws_ecr_repository_10.yaml +++ b/queries/aws_ecr_repository_10.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Elastic Container Registry (ECR) Repositories + and retrieve detailed information about each repository. ID: aws_ecr_repository_10 -Title: "List all AWS ECR Repositories with Detailed Information" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - r ->> 'RepositoryArn' as repository_arn, - r ->> 'ScanFrequency' as scan_frequency - from - aws_ecr_repository, - jsonb_array_elements(repository_scanning_configuration -> 'ScanningConfigurations') as r - where - r ->> 'ScanFrequency' = 'MANUAL'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n r ->> 'RepositoryArn' as repository_arn,\n\ + \ r ->> 'ScanFrequency' as scan_frequency\nfrom\n aws_ecr_repository,\n jsonb_array_elements(repository_scanning_configuration\ + \ -> 'ScanningConfigurations') as r\nwhere\n r ->> 'ScanFrequency' = 'MANUAL';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry (ECR) +Title: List all AWS ECR Repositories with Detailed Information diff --git a/queries/aws_ecr_repository_11.yaml b/queries/aws_ecr_repository_11.yaml index f575bc98e..bd5d1f4b8 100755 --- a/queries/aws_ecr_repository_11.yaml +++ b/queries/aws_ecr_repository_11.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Elastic Container Registry (ECR) Repositories + and retrieve detailed information about each repository. ID: aws_ecr_repository_11 -Title: "List AWS ECR Repositories and their Scan Status" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - r ->> 'RepositoryArn' as repository_arn, - r ->> 'ScanOnPush' as scan_on_push - from - aws_ecr_repository, - jsonb_array_elements(repository_scanning_configuration -> 'ScanningConfigurations') as r - where - r ->> 'ScanOnPush' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n r ->> 'RepositoryArn' as repository_arn,\n\ + \ r ->> 'ScanOnPush' as scan_on_push\nfrom\n aws_ecr_repository,\n jsonb_array_elements(repository_scanning_configuration\ + \ -> 'ScanningConfigurations') as r\nwhere\n r ->> 'ScanOnPush' = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry +Title: List AWS ECR Repositories and their Scan Status diff --git a/queries/aws_ecr_repository_2.yaml b/queries/aws_ecr_repository_2.yaml index 22336bdf3..a75797b18 100755 --- a/queries/aws_ecr_repository_2.yaml +++ b/queries/aws_ecr_repository_2.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Elastic Container Registry (ECR) Repositories + and retrieve detailed information about each repository. ID: aws_ecr_repository_2 -Title: "Find AWS ECR Repositories with AES256 Encryption" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - encryption_configuration ->> 'EncryptionType' as encryption_type, - encryption_configuration ->> 'KmsKey' as kms_key - from - aws_ecr_repository - where - encryption_configuration ->> 'EncryptionType' = 'AES256'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n encryption_configuration ->> 'EncryptionType'\ + \ as encryption_type,\n encryption_configuration ->> 'KmsKey' as kms_key\nfrom\n\ + \ aws_ecr_repository\nwhere\n encryption_configuration ->> 'EncryptionType'\ + \ = 'AES256';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry +Title: Find AWS ECR Repositories with AES256 Encryption diff --git a/queries/aws_ecr_repository_3.yaml b/queries/aws_ecr_repository_3.yaml index 2409ed519..a0070ea85 100755 --- a/queries/aws_ecr_repository_3.yaml +++ b/queries/aws_ecr_repository_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Elastic Container Registry (ECR) Repositories + and retrieve detailed information about each repository. ID: aws_ecr_repository_3 -Title: "Find AWS ECR Repositories Not Scanning on Push" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - image_scanning_configuration ->> 'ScanOnPush' as scan_on_push - from - aws_ecr_repository - where - image_scanning_configuration ->> 'ScanOnPush' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n image_scanning_configuration ->>\ + \ 'ScanOnPush' as scan_on_push\nfrom\n aws_ecr_repository\nwhere\n image_scanning_configuration\ + \ ->> 'ScanOnPush' = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry +Title: Find AWS ECR Repositories Not Scanning on Push diff --git a/queries/aws_ecr_repository_4.yaml b/queries/aws_ecr_repository_4.yaml index e1a8f97c6..38fc0d17e 100755 --- a/queries/aws_ecr_repository_4.yaml +++ b/queries/aws_ecr_repository_4.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Elastic Container Registry (ECR) Repositories + and retrieve detailed information about each repository. ID: aws_ecr_repository_4 -Title: "List All AWS ECR Repositories and Retrieve Details" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.repository_name as repository_name, - i.image_digest as image_digest, - i.image_tags as image_tags, - i.image_pushed_at as image_pushed_at, - i.image_size_in_bytes as image_size_in_bytes, - i.last_recorded_pull_time as last_recorded_pull_time, - i.registry_id as registry_id, - i.image_scan_status as image_scan_status - from - aws_ecr_repository as r, - aws_ecr_image as i - where - r.repository_name = i.repository_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.repository_name as repository_name,\n i.image_digest\ + \ as image_digest,\n i.image_tags as image_tags,\n i.image_pushed_at as image_pushed_at,\n\ + \ i.image_size_in_bytes as image_size_in_bytes,\n i.last_recorded_pull_time\ + \ as last_recorded_pull_time,\n i.registry_id as registry_id,\n i.image_scan_status\ + \ as image_scan_status\nfrom\n aws_ecr_repository as r,\n aws_ecr_image as i\n\ + where\n r.repository_name = i.repository_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry +Title: List All AWS ECR Repositories and Retrieve Details diff --git a/queries/aws_ecr_repository_5.yaml b/queries/aws_ecr_repository_5.yaml index 9c7751e21..458b333bf 100755 --- a/queries/aws_ecr_repository_5.yaml +++ b/queries/aws_ecr_repository_5.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Elastic Container Registry (ECR) Repositories + and retrieve detailed information about each repository. ID: aws_ecr_repository_5 -Title: "Find AWS ECR Repositories with Failed Image Scans" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.repository_name as repository_name, - i.image_digest as image_digest, - i.image_scan_status as image_scan_status - from - aws_ecr_repository as r, - aws_ecr_image as i - where - r.repository_name = i.repository_name - and i.image_scan_status ->> 'Status' = 'FAILED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.repository_name as repository_name,\n i.image_digest\ + \ as image_digest,\n i.image_scan_status as image_scan_status\nfrom\n aws_ecr_repository\ + \ as r,\n aws_ecr_image as i\nwhere\n r.repository_name = i.repository_name\n\ + \ and i.image_scan_status ->> 'Status' = 'FAILED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry +Title: Find AWS ECR Repositories with Failed Image Scans diff --git a/queries/aws_ecr_repository_6.yaml b/queries/aws_ecr_repository_6.yaml index 3f40e5aa0..c9530abe9 100755 --- a/queries/aws_ecr_repository_6.yaml +++ b/queries/aws_ecr_repository_6.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Elastic Container Registry (ECR) Repositories + and retrieve detailed information about each repository. ID: aws_ecr_repository_6 -Title: "List all AWS ECR Repositories with Immutable Tags" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - image_tag_mutability - from - aws_ecr_repository - where - image_tag_mutability = 'IMMUTABLE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n image_tag_mutability\nfrom\n aws_ecr_repository\n\ + where\n image_tag_mutability = 'IMMUTABLE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry +Title: List all AWS ECR Repositories with Immutable Tags diff --git a/queries/aws_ecr_repository_7.yaml b/queries/aws_ecr_repository_7.yaml index 9669d172d..be2e566aa 100755 --- a/queries/aws_ecr_repository_7.yaml +++ b/queries/aws_ecr_repository_7.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS Elastic Container Registry (ECR) Repositories + and retrieve detailed information about each repository. ID: aws_ecr_repository_7 -Title: "List all AWS ECR Repositories and Retrieve Detailed Information" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - r -> 'selection' ->> 'tagStatus' as tag_status, - r -> 'selection' ->> 'countType' as count_type - from - aws_ecr_repository, - jsonb_array_elements(lifecycle_policy -> 'rules') as r - where - ( - (r -> 'selection' ->> 'tagStatus' <> 'untagged') - and ( - r -> 'selection' ->> 'countType' <> 'sinceImagePushed' - ) - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n r -> 'selection' ->> 'tagStatus'\ + \ as tag_status,\n r -> 'selection' ->> 'countType' as count_type\nfrom\n aws_ecr_repository,\n\ + \ jsonb_array_elements(lifecycle_policy -> 'rules') as r\nwhere\n (\n (r\ + \ -> 'selection' ->> 'tagStatus' <> 'untagged')\n and (\n r -> 'selection'\ + \ ->> 'countType' <> 'sinceImagePushed'\n )\n );" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry +Title: List all AWS ECR Repositories and Retrieve Detailed Information diff --git a/queries/aws_ecr_repository_8.yaml b/queries/aws_ecr_repository_8.yaml index 43143a3a6..341991ed6 100755 --- a/queries/aws_ecr_repository_8.yaml +++ b/queries/aws_ecr_repository_8.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Elastic Container Registry (ECR) Repositories + and retrieve detailed information about each repository. ID: aws_ecr_repository_8 -Title: "Find AWS ECR Repositories Details with SQL Query" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_ecr_repository, - jsonb_array_elements(policy -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and a in ('*', 'ecr:*'); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s -> 'Condition' as conditions\nfrom\n aws_ecr_repository,\n\ + \ jsonb_array_elements(policy -> 'Statement') as s,\n jsonb_array_elements_text(s\ + \ -> 'Principal' -> 'AWS') as p,\n jsonb_array_elements_text(s -> 'Action') as\ + \ a\nwhere\n s ->> 'Effect' = 'Allow'\n and a in ('*', 'ecr:*');" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry +Title: Find AWS ECR Repositories Details with SQL Query diff --git a/queries/aws_ecr_repository_9.yaml b/queries/aws_ecr_repository_9.yaml index a1d2b5044..4ea29621f 100755 --- a/queries/aws_ecr_repository_9.yaml +++ b/queries/aws_ecr_repository_9.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Elastic Container Registry (ECR) Repositories + and retrieve detailed information about each repository. ID: aws_ecr_repository_9 -Title: "Find All Repositories in AWS ECR with Details" -Description: "Allows users to query AWS Elastic Container Registry (ECR) Repositories and retrieve detailed information about each repository." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - r ->> 'AppliedScanFilters' as applied_scan_filters, - r ->> 'RepositoryArn' as repository_arn, - r ->> 'ScanFrequency' as scan_frequency, - r ->> 'ScanOnPush' as scan_on_push - from - aws_ecr_repository, - jsonb_array_elements(repository_scanning_configuration -> 'ScanningConfigurations') as r; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n r ->> 'AppliedScanFilters' as applied_scan_filters,\n\ + \ r ->> 'RepositoryArn' as repository_arn,\n r ->> 'ScanFrequency' as scan_frequency,\n\ + \ r ->> 'ScanOnPush' as scan_on_push\nfrom\n aws_ecr_repository,\n jsonb_array_elements(repository_scanning_configuration\ + \ -> 'ScanningConfigurations') as r;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry +Title: Find All Repositories in AWS ECR with Details diff --git a/queries/aws_ecrpublic_repository_1.yaml b/queries/aws_ecrpublic_repository_1.yaml index b7a390e37..45a1dbf41 100755 --- a/queries/aws_ecrpublic_repository_1.yaml +++ b/queries/aws_ecrpublic_repository_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Elastic Container Registry Public Repository + to get detailed information about each ECR public repository within an AWS account. ID: aws_ecrpublic_repository_1 -Title: "Find all AWS Elastic Container Registry Public Repositories" -Description: "Allows users to query AWS Elastic Container Registry Public Repository to get detailed information about each ECR public repository within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - repository_name, - registry_id, - arn, - repository_uri, - created_at, - region, - account_id - from - aws_ecrpublic_repository; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n repository_name,\n registry_id,\n arn,\n repository_uri,\n\ + \ created_at,\n region,\n account_id\nfrom\n aws_ecrpublic_repository;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry Public +Title: Find all AWS Elastic Container Registry Public Repositories diff --git a/queries/aws_ecrpublic_repository_2.yaml b/queries/aws_ecrpublic_repository_2.yaml index 814ea8929..b03398e55 100755 --- a/queries/aws_ecrpublic_repository_2.yaml +++ b/queries/aws_ecrpublic_repository_2.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS Elastic Container Registry Public Repository + to get detailed information about each ECR public repository within an AWS account. ID: aws_ecrpublic_repository_2 -Title: "Query Detailed Info for AWS ECR Public Repositories" -Description: "Allows users to query AWS Elastic Container Registry Public Repository to get detailed information about each ECR public repository within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_ecrpublic_repository, - jsonb_array_elements(policy -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and a in ('*', 'ecr-public:*'); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s -> 'Condition' as conditions\nfrom\n aws_ecrpublic_repository,\n\ + \ jsonb_array_elements(policy -> 'Statement') as s,\n jsonb_array_elements_text(s\ + \ -> 'Principal' -> 'AWS') as p,\n jsonb_array_elements_text(s -> 'Action') as\ + \ a\nwhere\n s ->> 'Effect' = 'Allow'\n and a in ('*', 'ecr-public:*');" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Registry Public +Title: Query Detailed Info for AWS ECR Public Repositories diff --git a/queries/aws_ecs_cluster_1.yaml b/queries/aws_ecs_cluster_1.yaml index c2f54ca5b..9571bfee1 100755 --- a/queries/aws_ecs_cluster_1.yaml +++ b/queries/aws_ecs_cluster_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS ECS Clusters to retrieve detailed information + about each cluster''s configuration, status, and associated resources. ID: aws_ecs_cluster_1 -Title: "List AWS ECS Clusters and Their Configuration Status" -Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_arn, - cluster_name, - active_services_count, - attachments, - attachments_status, - status - from - aws_ecs_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_arn,\n cluster_name,\n active_services_count,\n\ + \ attachments,\n attachments_status,\n status\nfrom\n aws_ecs_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: List AWS ECS Clusters and Their Configuration Status diff --git a/queries/aws_ecs_cluster_2.yaml b/queries/aws_ecs_cluster_2.yaml index 3fe4edd1e..04914c547 100755 --- a/queries/aws_ecs_cluster_2.yaml +++ b/queries/aws_ecs_cluster_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS ECS Clusters to retrieve detailed information + about each cluster''s configuration, status, and associated resources. ID: aws_ecs_cluster_2 -Title: "Find AWS ECS Clusters with Detailed Information" -Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_arn, - status - from - aws_ecs_cluster - where - status = 'FAILED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_arn,\n status\nfrom\n aws_ecs_cluster\nwhere\n\ + \ status = 'FAILED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: Find AWS ECS Clusters with Detailed Information diff --git a/queries/aws_ecs_cluster_3.yaml b/queries/aws_ecs_cluster_3.yaml index f3d74eef4..f72a6c75c 100755 --- a/queries/aws_ecs_cluster_3.yaml +++ b/queries/aws_ecs_cluster_3.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS ECS Clusters to retrieve detailed information + about each cluster''s configuration, status, and associated resources. ID: aws_ecs_cluster_3 -Title: "List all AWS ECS Clusters with detailed configuration and status" -Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_arn, - attachment ->> 'id' as attachment_id, - attachment ->> 'status' as attachment_status, - attachment ->> 'type' as attachment_type - from - aws_ecs_cluster, - jsonb_array_elements(attachments) as attachment; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_arn,\n attachment ->> 'id' as attachment_id,\n\ + \ attachment ->> 'status' as attachment_status,\n attachment ->> 'type' as attachment_type\n\ + from\n aws_ecs_cluster,\n jsonb_array_elements(attachments) as attachment;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: List all AWS ECS Clusters with detailed configuration and status diff --git a/queries/aws_ecs_cluster_4.yaml b/queries/aws_ecs_cluster_4.yaml index 703c23fc6..1d6b7b682 100755 --- a/queries/aws_ecs_cluster_4.yaml +++ b/queries/aws_ecs_cluster_4.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS ECS Clusters to retrieve detailed information + about each cluster''s configuration, status, and associated resources. ID: aws_ecs_cluster_4 -Title: "Find AWS ECS Clusters Configuration and Status" -Description: "Allows users to query AWS ECS Clusters to retrieve detailed information about each cluster''s configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_arn, - setting ->> 'Name' as name, - setting ->> 'Value' as value - from - aws_ecs_cluster, - jsonb_array_elements(settings) as setting - where - setting ->> 'Value' = 'disabled'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_arn,\n setting ->> 'Name' as name,\n setting\ + \ ->> 'Value' as value\nfrom\n aws_ecs_cluster,\n jsonb_array_elements(settings)\ + \ as setting\nwhere\n setting ->> 'Value' = 'disabled';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: Find AWS ECS Clusters Configuration and Status diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml index 6e82417b0..69d773a76 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_1.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query ECS Cluster CPU Utilization Metrics for a specified + period. ID: aws_ecs_cluster_metric_cpu_utilization_1 -Title: "Find AWS ECS Cluster CPU Utilization Metrics for a Period" -Description: "Allows users to query ECS Cluster CPU Utilization Metrics for a specified period." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization - order by - cluster_name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sample_count\nfrom\n aws_ecs_cluster_metric_cpu_utilization\n\ + order by\n cluster_name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: Find AWS ECS Cluster CPU Utilization Metrics for a Period diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml index cd57fa20d..a642ada0c 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_2.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query ECS Cluster CPU Utilization Metrics for a specified + period. ID: aws_ecs_cluster_metric_cpu_utilization_2 -Title: "Find ECS Cluster CPU Utilization Metrics Over Period" -Description: "Allows users to query ECS Cluster CPU Utilization Metrics for a specified period." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization - where - average > 80 - order by - cluster_name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_ecs_cluster_metric_cpu_utilization\n\ + where\n average > 80\norder by\n cluster_name,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: Find ECS Cluster CPU Utilization Metrics Over Period diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml index 79fae3d06..829f0cd9c 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_1.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, + specifically CPU utilization on a daily basis. ID: aws_ecs_cluster_metric_cpu_utilization_daily_1 -Title: "List all AWS ECS Cluster Metrics for Daily CPU Utilization" -Description: "Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, specifically CPU utilization on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization_daily - order by - cluster_name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sample_count\nfrom\n aws_ecs_cluster_metric_cpu_utilization_daily\n\ + order by\n cluster_name,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Service +Title: List all AWS ECS Cluster Metrics for Daily CPU Utilization diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml index ce34e3986..930f5f4bf 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_2.yaml @@ -1,32 +1,22 @@ +Description: Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, + specifically CPU utilization on a daily basis. ID: aws_ecs_cluster_metric_cpu_utilization_daily_2 -Title: "List all AWS ECS Cluster Metrics for Daily CPU Utilization" -Description: "Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, specifically CPU utilization on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization_daily - where - average > 80 - order by - cluster_name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_ecs_cluster_metric_cpu_utilization_daily\n\ + where\n average > 80\norder by\n cluster_name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Service +Title: List all AWS ECS Cluster Metrics for Daily CPU Utilization diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml index cfce4fcda..85305acf9 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_daily_3.yaml @@ -1,32 +1,22 @@ +Description: Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, + specifically CPU utilization on a daily basis. ID: aws_ecs_cluster_metric_cpu_utilization_daily_3 -Title: "Find AWS ECS Cluster Daily CPU Utilization Metrics" -Description: "Allows users to query AWS Elastic Container Service (ECS) Cluster Metrics, specifically CPU utilization on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization_daily - where - average < 1 - order by - cluster_name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_ecs_cluster_metric_cpu_utilization_daily\n\ + where\n average < 1\norder by\n cluster_name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Service +Title: Find AWS ECS Cluster Daily CPU Utilization Metrics diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml index 6aa316bb3..7d8de07ff 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_1.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly + basis. ID: aws_ecs_cluster_metric_cpu_utilization_hourly_1 -Title: "List AWS ECS Cluster Hourly CPU Utilization Metrics" -Description: "Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization_hourly - order by - cluster_name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sample_count\nfrom\n aws_ecs_cluster_metric_cpu_utilization_hourly\n\ + order by\n cluster_name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon ECS +Title: List AWS ECS Cluster Hourly CPU Utilization Metrics diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml index 5a934a8a9..004f0ee1e 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_2.yaml @@ -1,32 +1,22 @@ +Description: Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly + basis. ID: aws_ecs_cluster_metric_cpu_utilization_hourly_2 -Title: "List AWS ECS Cluster CPU Utilization Metrics Hourly" -Description: "Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization_hourly - where - average > 80 - order by - cluster_name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_ecs_cluster_metric_cpu_utilization_hourly\n\ + where\n average > 80\norder by\n cluster_name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: List AWS ECS Cluster CPU Utilization Metrics Hourly diff --git a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml index 0a9b783db..5dda4e614 100755 --- a/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml +++ b/queries/aws_ecs_cluster_metric_cpu_utilization_hourly_3.yaml @@ -1,32 +1,22 @@ +Description: Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly + basis. ID: aws_ecs_cluster_metric_cpu_utilization_hourly_3 -Title: "Find AWS ECS Cluster CPU Utilization Metrics Hourly" -Description: "Allows users to query AWS ECS Cluster CPU Utilization Metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_ecs_cluster_metric_cpu_utilization_hourly - where - average < 1 - order by - cluster_name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_ecs_cluster_metric_cpu_utilization_hourly\n\ + where\n average < 1\norder by\n cluster_name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: Find AWS ECS Cluster CPU Utilization Metrics Hourly diff --git a/queries/aws_ecs_container_instance_1.yaml b/queries/aws_ecs_container_instance_1.yaml index 511b908a1..233b6c1a7 100755 --- a/queries/aws_ecs_container_instance_1.yaml +++ b/queries/aws_ecs_container_instance_1.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS ECS Container Instance to retrieve data about + the Amazon Elastic Container Service (ECS) container instances. This includes information + about the container instance ARN, status, running tasks count, pending tasks count, + agent connected status, and more. ID: aws_ecs_container_instance_1 -Title: "Find All Running and Pending Tasks for AWS ECS Instances" -Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - ec2_instance_id, - status, - status_reason, - running_tasks_count, - pending_tasks_count - from - aws_ecs_container_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n ec2_instance_id,\n status,\n status_reason,\n\ + \ running_tasks_count,\n pending_tasks_count\nfrom\n aws_ecs_container_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Elastic Container Service (ECS) +Title: Find All Running and Pending Tasks for AWS ECS Instances diff --git a/queries/aws_ecs_container_instance_2.yaml b/queries/aws_ecs_container_instance_2.yaml index 9fc9200ae..779679270 100755 --- a/queries/aws_ecs_container_instance_2.yaml +++ b/queries/aws_ecs_container_instance_2.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS ECS Container Instance to retrieve data about + the Amazon Elastic Container Service (ECS) container instances. This includes information + about the container instance ARN, status, running tasks count, pending tasks count, + agent connected status, and more. ID: aws_ecs_container_instance_2 -Title: "Find All AWS ECS Container Instances with Registration Failed" -Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - status, - status_reason - from - aws_ecs_container_instance - where - status = 'REGISTRATION_FAILED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n status,\n status_reason\nfrom\n aws_ecs_container_instance\n\ + where\n status = 'REGISTRATION_FAILED';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Service +Title: Find All AWS ECS Container Instances with Registration Failed diff --git a/queries/aws_ecs_container_instance_3.yaml b/queries/aws_ecs_container_instance_3.yaml index 454975a96..bde5d5260 100755 --- a/queries/aws_ecs_container_instance_3.yaml +++ b/queries/aws_ecs_container_instance_3.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS ECS Container Instance to retrieve data about + the Amazon Elastic Container Service (ECS) container instances. This includes information + about the container instance ARN, status, running tasks count, pending tasks count, + agent connected status, and more. ID: aws_ecs_container_instance_3 -Title: "List all AWS ECS Container Instances with SQL" -Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - attachment ->> 'id' as attachment_id, - attachment ->> 'status' as attachment_status, - attachment ->> 'type' as attachment_type - from - aws_ecs_container_instance, - jsonb_array_elements(attachments) as attachment; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n attachment ->> 'id' as attachment_id,\n attachment\ + \ ->> 'status' as attachment_status,\n attachment ->> 'type' as attachment_type\n\ + from\n aws_ecs_container_instance,\n jsonb_array_elements(attachments) as attachment;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Elastic Container Service +Title: List all AWS ECS Container Instances with SQL diff --git a/queries/aws_ecs_container_instance_4.yaml b/queries/aws_ecs_container_instance_4.yaml index 73274e94a..b63135506 100755 --- a/queries/aws_ecs_container_instance_4.yaml +++ b/queries/aws_ecs_container_instance_4.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS ECS Container Instance to retrieve data about + the Amazon Elastic Container Service (ECS) container instances. This includes information + about the container instance ARN, status, running tasks count, pending tasks count, + agent connected status, and more. ID: aws_ecs_container_instance_4 -Title: "Find AWS ECS Container Instances with Specific AMI IDs" -Description: "Allows users to query AWS ECS Container Instance to retrieve data about the Amazon Elastic Container Service (ECS) container instances. This includes information about the container instance ARN, status, running tasks count, pending tasks count, agent connected status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - setting ->> 'Name' as name, - setting ->> 'Value' as value - from - aws_ecs_container_instance, - jsonb_array_elements(attributes) as setting - where - setting ->> 'Name' = 'ecs.ami-id' and - setting ->> 'Value' = 'ami-0babb0c4a4e5769b8'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n setting ->> 'Name' as name,\n setting ->> 'Value'\ + \ as value\nfrom\n aws_ecs_container_instance,\n jsonb_array_elements(attributes)\ + \ as setting\nwhere\n setting ->> 'Name' = 'ecs.ami-id' and\n setting ->> 'Value'\ + \ = 'ami-0babb0c4a4e5769b8';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Elastic Container Service +Title: Find AWS ECS Container Instances with Specific AMI IDs diff --git a/queries/aws_ecs_service_1.yaml b/queries/aws_ecs_service_1.yaml index 1b81903c4..1eb7f3af9 100755 --- a/queries/aws_ecs_service_1.yaml +++ b/queries/aws_ecs_service_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Elastic Container Service (ECS) to retrieve + information about the services within the ECS clusters. ID: aws_ecs_service_1 -Title: "List all services within AWS Elastic Container Service" -Description: "Allows users to query AWS Elastic Container Service (ECS) to retrieve information about the services within the ECS clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - cluster_arn, - task_definition, - status - from - aws_ecs_service; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n arn,\n cluster_arn,\n task_definition,\n\ + \ status\nfrom\n aws_ecs_service;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Service +Title: List all services within AWS Elastic Container Service diff --git a/queries/aws_ecs_service_2.yaml b/queries/aws_ecs_service_2.yaml index e0ba415cf..3a48e0fc2 100755 --- a/queries/aws_ecs_service_2.yaml +++ b/queries/aws_ecs_service_2.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Elastic Container Service (ECS) to retrieve + information about the services within the ECS clusters. ID: aws_ecs_service_2 -Title: "List all AWS ECS services in clusters" -Description: "Allows users to query AWS Elastic Container Service (ECS) to retrieve information about the services within the ECS clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - launch_type, - platform_version - from - aws_ecs_service - where - launch_type = 'FARGATE' - and platform_version is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n arn,\n launch_type,\n platform_version\n\ + from\n aws_ecs_service\nwhere\n launch_type = 'FARGATE'\n and platform_version\ + \ is not null;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Service +Title: List all AWS ECS services in clusters diff --git a/queries/aws_ecs_service_3.yaml b/queries/aws_ecs_service_3.yaml index c11ee5c02..242e21e84 100755 --- a/queries/aws_ecs_service_3.yaml +++ b/queries/aws_ecs_service_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Elastic Container Service (ECS) to retrieve + information about the services within the ECS clusters. ID: aws_ecs_service_3 -Title: "List all inactive services in AWS ECS clusters" -Description: "Allows users to query AWS Elastic Container Service (ECS) to retrieve information about the services within the ECS clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - arn, - status - from - aws_ecs_service - where - status = 'INACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n arn,\n status\nfrom\n aws_ecs_service\n\ + where\n status = 'INACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Container Service +Title: List all inactive services in AWS ECS clusters diff --git a/queries/aws_ecs_task_1.yaml b/queries/aws_ecs_task_1.yaml index e99947377..d5fc0229a 100755 --- a/queries/aws_ecs_task_1.yaml +++ b/queries/aws_ecs_task_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS ECS Tasks to obtain detailed information about + each task, including its status, task definition, cluster, and other related metadata. ID: aws_ecs_task_1 -Title: "List all AWS ECS Tasks with their Status and Metadata" -Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - desired_status, - launch_type, - task_arn - from - aws_ecs_task; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n desired_status,\n launch_type,\n task_arn\n\ + from\n aws_ecs_task;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: List all AWS ECS Tasks with their Status and Metadata diff --git a/queries/aws_ecs_task_2.yaml b/queries/aws_ecs_task_2.yaml index 4c0465b04..997821518 100755 --- a/queries/aws_ecs_task_2.yaml +++ b/queries/aws_ecs_task_2.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS ECS Tasks to obtain detailed information about + each task, including its status, task definition, cluster, and other related metadata. ID: aws_ecs_task_2 -Title: "List all AWS ECS Tasks with Status, Definition, and Metadata" -Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - task_arn, - a ->> 'Id' as attachment_id, - a ->> 'Status' as attachment_status, - a ->> 'Type' as attachment_type, - jsonb_pretty(a -> 'Details') as attachment_details - from - aws_ecs_task, - jsonb_array_elements(attachments) as a; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n task_arn,\n a ->> 'Id' as attachment_id,\n\ + \ a ->> 'Status' as attachment_status,\n a ->> 'Type' as attachment_type,\n\ + \ jsonb_pretty(a -> 'Details') as attachment_details\nfrom\n aws_ecs_task,\n\ + \ jsonb_array_elements(attachments) as a;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: List all AWS ECS Tasks with Status, Definition, and Metadata diff --git a/queries/aws_ecs_task_3.yaml b/queries/aws_ecs_task_3.yaml index 9d80f2580..040f9bcd3 100755 --- a/queries/aws_ecs_task_3.yaml +++ b/queries/aws_ecs_task_3.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS ECS Tasks to obtain detailed information about + each task, including its status, task definition, cluster, and other related metadata. ID: aws_ecs_task_3 -Title: "List all AWS ECS Tasks with Detailed Metadata" -Description: "Allows users to query AWS ECS Tasks to obtain detailed information about each task, including its status, task definition, cluster, and other related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - task_arn, - protection ->> 'ProtectionEnabled' as protection_enabled, - protection ->> 'ExpirationDate' as protection_expiration_date - from - aws_ecs_task; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n task_arn,\n protection ->> 'ProtectionEnabled'\ + \ as protection_enabled,\n protection ->> 'ExpirationDate' as protection_expiration_date\n\ + from\n aws_ecs_task;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: List all AWS ECS Tasks with Detailed Metadata diff --git a/queries/aws_ecs_task_definition_1.yaml b/queries/aws_ecs_task_definition_1.yaml index 1be02e1ea..3a3c6676e 100755 --- a/queries/aws_ecs_task_definition_1.yaml +++ b/queries/aws_ecs_task_definition_1.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS ECS Task Definitions to gain insights into + the configuration of running tasks in an ECS service. The table provides details + such as task definition ARN, family, network mode, revision, status, and more. ID: aws_ecs_task_definition_1 -Title: "List AWS ECS Task Definitions to Gain Service Insights" -Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - task_definition_arn, - cpu, - network_mode, - title, - status, - tags - from - aws_ecs_task_definition; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n task_definition_arn,\n cpu,\n network_mode,\n title,\n\ + \ status,\n tags\nfrom\n aws_ecs_task_definition;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: List AWS ECS Task Definitions to Gain Service Insights diff --git a/queries/aws_ecs_task_definition_2.yaml b/queries/aws_ecs_task_definition_2.yaml index 4252a94e1..6816a13b5 100755 --- a/queries/aws_ecs_task_definition_2.yaml +++ b/queries/aws_ecs_task_definition_2.yaml @@ -1,25 +1,23 @@ +Description: Allows users to query AWS ECS Task Definitions to gain insights into + the configuration of running tasks in an ECS service. The table provides details + such as task definition ARN, family, network mode, revision, status, and more. ID: aws_ecs_task_definition_2 -Title: "Find AWS ECS Task Definitions Configuration Details" -Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - task_definition_arn, - jsonb_array_length(container_definitions) as num_of_conatiners - from - aws_ecs_task_definition; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n task_definition_arn,\n jsonb_array_length(container_definitions)\ + \ as num_of_conatiners\nfrom\n aws_ecs_task_definition;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: Find AWS ECS Task Definitions Configuration Details diff --git a/queries/aws_ecs_task_definition_3.yaml b/queries/aws_ecs_task_definition_3.yaml index 5bb62a778..698700145 100755 --- a/queries/aws_ecs_task_definition_3.yaml +++ b/queries/aws_ecs_task_definition_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS ECS Task Definitions to gain insights into + the configuration of running tasks in an ECS service. The table provides details + such as task definition ARN, family, network mode, revision, status, and more. ID: aws_ecs_task_definition_3 -Title: "List all AWS ECS Task Definitions with Privileged Containers" -Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - task_definition_arn, - cd ->> 'Privileged' as privileged, - cd ->> 'Name' as container_name - from - aws_ecs_task_definition, - jsonb_array_elements(container_definitions) as cd - where - cd ->> 'Privileged' = 'true'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n task_definition_arn,\n cd ->> 'Privileged' as privileged,\n\ + \ cd ->> 'Name' as container_name\nfrom\n aws_ecs_task_definition,\n jsonb_array_elements(container_definitions)\ + \ as cd\nwhere\n cd ->> 'Privileged' = 'true';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: List all AWS ECS Task Definitions with Privileged Containers diff --git a/queries/aws_ecs_task_definition_4.yaml b/queries/aws_ecs_task_definition_4.yaml index b20d4bc3d..c849bd806 100755 --- a/queries/aws_ecs_task_definition_4.yaml +++ b/queries/aws_ecs_task_definition_4.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query AWS ECS Task Definitions to gain insights into + the configuration of running tasks in an ECS service. The table provides details + such as task definition ARN, family, network mode, revision, status, and more. ID: aws_ecs_task_definition_4 -Title: "Find AWS ECS Task Definitions Without Log Config" -Description: "Allows users to query AWS ECS Task Definitions to gain insights into the configuration of running tasks in an ECS service. The table provides details such as task definition ARN, family, network mode, revision, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - task_definition_arn, - cd ->> 'Name' as container_name, - cd ->> 'LogConfiguration' as log_configuration - from - aws_ecs_task_definition, - jsonb_array_elements(container_definitions) as cd - where - cd ->> 'LogConfiguration' is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n task_definition_arn,\n cd ->> 'Name' as container_name,\n\ + \ cd ->> 'LogConfiguration' as log_configuration\nfrom\n aws_ecs_task_definition,\n\ + \ jsonb_array_elements(container_definitions) as cd\nwhere\n cd ->> 'LogConfiguration'\ + \ is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ECS +Title: Find AWS ECS Task Definitions Without Log Config diff --git a/queries/aws_efs_access_point_1.yaml b/queries/aws_efs_access_point_1.yaml index 28a93f6a3..ecb301e7b 100755 --- a/queries/aws_efs_access_point_1.yaml +++ b/queries/aws_efs_access_point_1.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query Amazon EFS Access Points, providing detailed information + about each access point''s configuration, including the file system it is associated + with, its access point ID, and other related metadata. ID: aws_efs_access_point_1 -Title: "List all Amazon EFS Access Points Configurations" -Description: "Allows users to query Amazon EFS Access Points, providing detailed information about each access point''s configuration, including the file system it is associated with, its access point ID, and other related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_point_id, - access_point_arn, - file_system_id, - life_cycle_state, - owner_id, - root_directory - from - aws_efs_access_point; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n access_point_id,\n access_point_arn,\n file_system_id,\n\ + \ life_cycle_state,\n owner_id,\n root_directory\nfrom\n aws_efs_access_point;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EFS +Title: List all Amazon EFS Access Points Configurations diff --git a/queries/aws_efs_access_point_2.yaml b/queries/aws_efs_access_point_2.yaml index eb93205d2..1396c77e4 100755 --- a/queries/aws_efs_access_point_2.yaml +++ b/queries/aws_efs_access_point_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query Amazon EFS Access Points, providing detailed information + about each access point''s configuration, including the file system it is associated + with, its access point ID, and other related metadata. ID: aws_efs_access_point_2 -Title: "Find all Detailed Info About AWS EFS Access Points" -Description: "Allows users to query Amazon EFS Access Points, providing detailed information about each access point''s configuration, including the file system it is associated with, its access point ID, and other related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_point_id, - file_system_id, - owner_id, - root_directory - from - aws_efs_access_point - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n access_point_id,\n file_system_id,\n owner_id,\n\ + \ root_directory\nfrom\n aws_efs_access_point" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EFS +Title: Find all Detailed Info About AWS EFS Access Points diff --git a/queries/aws_efs_access_point_3.yaml b/queries/aws_efs_access_point_3.yaml index e09945f24..7c50315ae 100755 --- a/queries/aws_efs_access_point_3.yaml +++ b/queries/aws_efs_access_point_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query Amazon EFS Access Points, providing detailed information + about each access point''s configuration, including the file system it is associated + with, its access point ID, and other related metadata. ID: aws_efs_access_point_3 -Title: "List all Amazon EFS Access Points with State 'Error'" -Description: "Allows users to query Amazon EFS Access Points, providing detailed information about each access point''s configuration, including the file system it is associated with, its access point ID, and other related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_point_id, - life_cycle_state, - file_system_id, - owner_id, - root_directory - from - aws_efs_access_point - where - life_cycle_state = 'error'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n access_point_id,\n life_cycle_state,\n file_system_id,\n\ + \ owner_id,\n root_directory\nfrom\n aws_efs_access_point\nwhere\n life_cycle_state\ + \ = 'error';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EFS +Title: List all Amazon EFS Access Points with State 'Error' diff --git a/queries/aws_efs_file_system_1.yaml b/queries/aws_efs_file_system_1.yaml index cb1b91bb5..f31bc5215 100755 --- a/queries/aws_efs_file_system_1.yaml +++ b/queries/aws_efs_file_system_1.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS Elastic File System (EFS) file systems, providing + detailed information about each file system such as its ID, ARN, creation token, + performance mode, and lifecycle state. ID: aws_efs_file_system_1 -Title: "Find EFS File Systems with Details from AWS" -Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - file_system_id, - owner_id, - automatic_backups, - creation_token, - creation_time, - life_cycle_state, - number_of_mount_targets, - performance_mode, - throughput_mode - from - aws_efs_file_system; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n file_system_id,\n owner_id,\n automatic_backups,\n\ + \ creation_token,\n creation_time,\n life_cycle_state,\n number_of_mount_targets,\n\ + \ performance_mode,\n throughput_mode\nfrom\n aws_efs_file_system;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic File System +Title: Find EFS File Systems with Details from AWS diff --git a/queries/aws_efs_file_system_2.yaml b/queries/aws_efs_file_system_2.yaml index 9b1046251..731ba2ca6 100755 --- a/queries/aws_efs_file_system_2.yaml +++ b/queries/aws_efs_file_system_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Elastic File System (EFS) file systems, providing + detailed information about each file system such as its ID, ARN, creation token, + performance mode, and lifecycle state. ID: aws_efs_file_system_2 -Title: "Find AWS EFS file systems with detailed information" -Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - file_system_id, - encrypted, - kms_key_id, - region - from - aws_efs_file_system - where - not encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n file_system_id,\n encrypted,\n kms_key_id,\n region\n\ + from\n aws_efs_file_system\nwhere\n not encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic File System +Title: Find AWS EFS file systems with detailed information diff --git a/queries/aws_efs_file_system_3.yaml b/queries/aws_efs_file_system_3.yaml index 67f012cce..36ea10389 100755 --- a/queries/aws_efs_file_system_3.yaml +++ b/queries/aws_efs_file_system_3.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS Elastic File System (EFS) file systems, providing + detailed information about each file system such as its ID, ARN, creation token, + performance mode, and lifecycle state. ID: aws_efs_file_system_3 -Title: "Find detailed info about AWS EFS file systems" -Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - file_system_id, - size_in_bytes ->> 'Value' as data_size, - size_in_bytes ->> 'Timestamp' as data_size_timestamp, - size_in_bytes ->> 'ValueInIA' as data_size_infrequent_access_storage, - size_in_bytes ->> 'ValueInStandard' as data_size_standard_storage - from - aws_efs_file_system; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n file_system_id,\n size_in_bytes ->> 'Value' as data_size,\n\ + \ size_in_bytes ->> 'Timestamp' as data_size_timestamp,\n size_in_bytes ->>\ + \ 'ValueInIA' as data_size_infrequent_access_storage,\n size_in_bytes ->> 'ValueInStandard'\ + \ as data_size_standard_storage\nfrom\n aws_efs_file_system;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic File System +Title: Find detailed info about AWS EFS file systems diff --git a/queries/aws_efs_file_system_4.yaml b/queries/aws_efs_file_system_4.yaml index fab3a9d13..e3acc9e70 100755 --- a/queries/aws_efs_file_system_4.yaml +++ b/queries/aws_efs_file_system_4.yaml @@ -1,33 +1,26 @@ +Description: Allows users to query AWS Elastic File System (EFS) file systems, providing + detailed information about each file system such as its ID, ARN, creation token, + performance mode, and lifecycle state. ID: aws_efs_file_system_4 -Title: "Find AWS EFS File System with Specific Client Root Access" -Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_efs_file_system, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - a in ('elasticfilesystem:clientrootaccess'); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s -> 'Condition' as conditions\nfrom\n aws_efs_file_system,\n\ + \ jsonb_array_elements(policy_std -> 'Statement') as s,\n jsonb_array_elements_text(s\ + \ -> 'Principal' -> 'AWS') as p,\n jsonb_array_elements_text(s -> 'Action') as\ + \ a\nwhere\n a in ('elasticfilesystem:clientrootaccess');" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic File System +Title: Find AWS EFS File System with Specific Client Root Access diff --git a/queries/aws_efs_file_system_5.yaml b/queries/aws_efs_file_system_5.yaml index e408a2a9e..5bb704408 100755 --- a/queries/aws_efs_file_system_5.yaml +++ b/queries/aws_efs_file_system_5.yaml @@ -1,39 +1,26 @@ +Description: Allows users to query AWS Elastic File System (EFS) file systems, providing + detailed information about each file system such as its ID, ARN, creation token, + performance mode, and lifecycle state. ID: aws_efs_file_system_5 -Title: "List all AWS EFS File Systems with Detailed Information" -Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title - from - aws_efs_file_system - where - title not in ( - select - title - from - aws_efs_file_system, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a, - jsonb_array_elements_text( - s -> 'Condition' -> 'Bool' -> 'aws:securetransport' - ) as ssl - where - p = '*' - and s ->> 'Effect' = 'Deny' - and ssl :: bool = false - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title\nfrom\n aws_efs_file_system\nwhere\n title not\ + \ in (\n select\n title\n from\n aws_efs_file_system,\n jsonb_array_elements(policy_std\ + \ -> 'Statement') as s,\n jsonb_array_elements_text(s -> 'Principal' -> 'AWS')\ + \ as p,\n jsonb_array_elements_text(s -> 'Action') as a,\n jsonb_array_elements_text(\n\ + \ s -> 'Condition' -> 'Bool' -> 'aws:securetransport'\n ) as ssl\n\ + \ where\n p = '*'\n and s ->> 'Effect' = 'Deny'\n and ssl ::\ + \ bool = false\n );" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic File System +Title: List all AWS EFS File Systems with Detailed Information diff --git a/queries/aws_efs_file_system_6.yaml b/queries/aws_efs_file_system_6.yaml index 0379fa729..00a1cce82 100755 --- a/queries/aws_efs_file_system_6.yaml +++ b/queries/aws_efs_file_system_6.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Elastic File System (EFS) file systems, providing + detailed information about each file system such as its ID, ARN, creation token, + performance mode, and lifecycle state. ID: aws_efs_file_system_6 -Title: "List AWS EFS file systems with automatic backups enabled" -Description: "Allows users to query AWS Elastic File System (EFS) file systems, providing detailed information about each file system such as its ID, ARN, creation token, performance mode, and lifecycle state." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - automatic_backups, - arn, - file_system_id - from - aws_efs_file_system - where - automatic_backups = 'enabled'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n automatic_backups,\n arn,\n file_system_id\n\ + from\n aws_efs_file_system\nwhere\n automatic_backups = 'enabled';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic File System (EFS) +Title: List AWS EFS file systems with automatic backups enabled diff --git a/queries/aws_efs_mount_target_1.yaml b/queries/aws_efs_mount_target_1.yaml index 83d7052dd..a50557992 100755 --- a/queries/aws_efs_mount_target_1.yaml +++ b/queries/aws_efs_mount_target_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS EFS Mount Targets for detailed information + about each mount target''s configuration, status, and associated resources. ID: aws_efs_mount_target_1 -Title: "Find AWS EFS Mount Targets Configuration and Status" -Description: "Allows users to query AWS EFS Mount Targets for detailed information about each mount target''s configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - mount_target_id, - file_system_id, - life_cycle_state, - availability_zone_id, - availability_zone_name - from - aws_efs_mount_target; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n mount_target_id,\n file_system_id,\n life_cycle_state,\n\ + \ availability_zone_id,\n availability_zone_name\nfrom\n aws_efs_mount_target;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EFS +Title: Find AWS EFS Mount Targets Configuration and Status diff --git a/queries/aws_efs_mount_target_2.yaml b/queries/aws_efs_mount_target_2.yaml index 9d91b69d4..1fd398d86 100755 --- a/queries/aws_efs_mount_target_2.yaml +++ b/queries/aws_efs_mount_target_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS EFS Mount Targets for detailed information + about each mount target''s configuration, status, and associated resources. ID: aws_efs_mount_target_2 -Title: "Find AWS EFS Mount Targets Configuration and Status" -Description: "Allows users to query AWS EFS Mount Targets for detailed information about each mount target''s configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - mount_target_id, - network_interface_id, - subnet_id, - vpc_id - from - aws_efs_mount_target; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n mount_target_id,\n network_interface_id,\n subnet_id,\n\ + \ vpc_id\nfrom\n aws_efs_mount_target;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EFS Mount Targets +Title: Find AWS EFS Mount Targets Configuration and Status diff --git a/queries/aws_eks_addon_1.yaml b/queries/aws_eks_addon_1.yaml index bf414f77f..0fa282860 100755 --- a/queries/aws_eks_addon_1.yaml +++ b/queries/aws_eks_addon_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS EKS Add-Ons to retrieve information about add-ons + associated with each Amazon EKS cluster. ID: aws_eks_addon_1 -Title: "Find AWS EKS Add-Ons Information" -Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - addon_name, - arn, - addon_version, - cluster_name, - status, - service_account_role_arn - from - aws_eks_addon; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n addon_name,\n arn,\n addon_version,\n cluster_name,\n\ + \ status,\n service_account_role_arn\nfrom\n aws_eks_addon;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EKS +Title: Find AWS EKS Add-Ons Information diff --git a/queries/aws_eks_addon_2.yaml b/queries/aws_eks_addon_2.yaml index a9c35df1c..22c6e6720 100755 --- a/queries/aws_eks_addon_2.yaml +++ b/queries/aws_eks_addon_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS EKS Add-Ons to retrieve information about add-ons + associated with each Amazon EKS cluster. ID: aws_eks_addon_2 -Title: "Find all AWS EKS add-ons associated with EKS clusters" -Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - addon_name, - arn, - cluster_name, - status - from - aws_eks_addon - where - status <> 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n addon_name,\n arn,\n cluster_name,\n status\nfrom\n\ + \ aws_eks_addon\nwhere\n status <> 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EKS +Title: Find all AWS EKS add-ons associated with EKS clusters diff --git a/queries/aws_eks_addon_3.yaml b/queries/aws_eks_addon_3.yaml index 543457338..1a5e7693a 100755 --- a/queries/aws_eks_addon_3.yaml +++ b/queries/aws_eks_addon_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EKS Add-Ons to retrieve information about add-ons + associated with each Amazon EKS cluster. ID: aws_eks_addon_3 -Title: "List all Add-Ons Associated with Each Amazon EKS Cluster" -Description: "Allows users to query AWS EKS Add-Ons to retrieve information about add-ons associated with each Amazon EKS cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_name, - count(addon_name) as addon_count - from - aws_eks_addon - group by - cluster_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_name,\n count(addon_name) as addon_count\nfrom\n\ + \ aws_eks_addon\ngroup by\n cluster_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EKS +Title: List all Add-Ons Associated with Each Amazon EKS Cluster diff --git a/queries/aws_eks_addon_version_1.yaml b/queries/aws_eks_addon_version_1.yaml index ec4a2a2c0..ee1375ba0 100755 --- a/queries/aws_eks_addon_version_1.yaml +++ b/queries/aws_eks_addon_version_1.yaml @@ -1,24 +1,18 @@ +Description: Allows users to query AWS EKS Add-On Versions. ID: aws_eks_addon_version_1 -Title: "List AWS EKS Add-On Versions" -Description: "Allows users to query AWS EKS Add-On Versions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - addon_name, - addon_version, - type - from - aws_eks_addon_version; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n addon_name,\n addon_version,\n type\nfrom\n aws_eks_addon_version;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EKS +Title: List AWS EKS Add-On Versions diff --git a/queries/aws_eks_addon_version_2.yaml b/queries/aws_eks_addon_version_2.yaml index 7e4734601..173f760a6 100755 --- a/queries/aws_eks_addon_version_2.yaml +++ b/queries/aws_eks_addon_version_2.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS EKS Add-On Versions. ID: aws_eks_addon_version_2 -Title: "List All AWS EKS Add-On Versions and Their Counts" -Description: "Allows users to query AWS EKS Add-On Versions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - addon_name, - count(addon_version) as addon_version_count - from - aws_eks_addon_version - group by - addon_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n addon_name,\n count(addon_version) as addon_version_count\n\ + from\n aws_eks_addon_version\ngroup by\n addon_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EKS +Title: List All AWS EKS Add-On Versions and Their Counts diff --git a/queries/aws_eks_addon_version_3.yaml b/queries/aws_eks_addon_version_3.yaml index 231a128bc..eaa0553e1 100755 --- a/queries/aws_eks_addon_version_3.yaml +++ b/queries/aws_eks_addon_version_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS EKS Add-On Versions. ID: aws_eks_addon_version_3 -Title: "Find AWS EKS Add-On Versions" -Description: "Allows users to query AWS EKS Add-On Versions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - addon_name, - addon_version, - addon_configuration -> '$defs' -> 'extraVolumeTags' ->> 'description' as addon_configuration_def_description, - addon_configuration -> '$defs' -> 'extraVolumeTags' -> 'propertyNames' as addon_configuration_def_property_names, - addon_configuration -> '$defs' -> 'extraVolumeTags' -> 'patternProperties' as addon_configuration_def_pattern_properties, - addon_configuration -> 'properties' as addon_configuration_properties - from - aws_eks_addon_version limit 10; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n addon_name,\n addon_version,\n addon_configuration\ + \ -> '$defs' -> 'extraVolumeTags' ->> 'description' as addon_configuration_def_description,\n\ + \ addon_configuration -> '$defs' -> 'extraVolumeTags' -> 'propertyNames' as addon_configuration_def_property_names,\n\ + \ addon_configuration -> '$defs' -> 'extraVolumeTags' -> 'patternProperties'\ + \ as addon_configuration_def_pattern_properties,\n addon_configuration -> 'properties'\ + \ as addon_configuration_properties\nfrom\n aws_eks_addon_version limit 10;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EKS +Title: Find AWS EKS Add-On Versions diff --git a/queries/aws_eks_cluster_1.yaml b/queries/aws_eks_cluster_1.yaml index 993863a26..b48205b2f 100755 --- a/queries/aws_eks_cluster_1.yaml +++ b/queries/aws_eks_cluster_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Elastic Kubernetes Service Cluster data, including + cluster configurations, statuses, and associated metadata. ID: aws_eks_cluster_1 -Title: "Query AWS EKS Cluster Configuration and Statuses" -Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - endpoint, - identity, - status - from - aws_eks_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n endpoint,\n identity,\n status\nfrom\n\ + \ aws_eks_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Kubernetes Service +Title: Query AWS EKS Cluster Configuration and Statuses diff --git a/queries/aws_eks_cluster_2.yaml b/queries/aws_eks_cluster_2.yaml index 996f9cfc3..9312a266b 100755 --- a/queries/aws_eks_cluster_2.yaml +++ b/queries/aws_eks_cluster_2.yaml @@ -1,31 +1,27 @@ +Description: Allows users to query AWS Elastic Kubernetes Service Cluster data, including + cluster configurations, statuses, and associated metadata. ID: aws_eks_cluster_2 -Title: "Find AWS EKS Cluster Configurations and Metadata" -Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - resources_vpc_config ->> 'ClusterSecurityGroupId' as cluster_security_group_id, - resources_vpc_config ->> 'EndpointPrivateAccess' as endpoint_private_access, - resources_vpc_config ->> 'EndpointPublicAccess' as endpoint_public_access, - resources_vpc_config ->> 'PublicAccessCidrs' as public_access_cidrs, - resources_vpc_config ->> 'SecurityGroupIds' as security_group_ids, - resources_vpc_config -> 'SubnetIds' as subnet_ids, - resources_vpc_config ->> 'VpcId' as vpc_id - from - aws_eks_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n resources_vpc_config ->> 'ClusterSecurityGroupId'\ + \ as cluster_security_group_id,\n resources_vpc_config ->> 'EndpointPrivateAccess'\ + \ as endpoint_private_access,\n resources_vpc_config ->> 'EndpointPublicAccess'\ + \ as endpoint_public_access,\n resources_vpc_config ->> 'PublicAccessCidrs' as\ + \ public_access_cidrs,\n resources_vpc_config ->> 'SecurityGroupIds' as security_group_ids,\n\ + \ resources_vpc_config -> 'SubnetIds' as subnet_ids,\n resources_vpc_config\ + \ ->> 'VpcId' as vpc_id\nfrom\n aws_eks_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Kubernetes Service +Title: Find AWS EKS Cluster Configurations and Metadata diff --git a/queries/aws_eks_cluster_3.yaml b/queries/aws_eks_cluster_3.yaml index 44adf833f..a40a02467 100755 --- a/queries/aws_eks_cluster_3.yaml +++ b/queries/aws_eks_cluster_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Elastic Kubernetes Service Cluster data, including + cluster configurations, statuses, and associated metadata. ID: aws_eks_cluster_3 -Title: "Find AWS EKS Cluster Configurations and Statuses" -Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - i ->> 'Enabled' as enabled, - i ->> 'Types' as types - from - aws_eks_cluster, - jsonb_array_elements(logging -> 'ClusterLogging') as i - where - i ->> 'Enabled' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n i ->> 'Enabled' as enabled,\n i ->> 'Types'\ + \ as types\nfrom\n aws_eks_cluster,\n jsonb_array_elements(logging -> 'ClusterLogging')\ + \ as i\nwhere\n i ->> 'Enabled' = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Kubernetes Service +Title: Find AWS EKS Cluster Configurations and Statuses diff --git a/queries/aws_eks_cluster_4.yaml b/queries/aws_eks_cluster_4.yaml index 93b20a088..5d314b97c 100755 --- a/queries/aws_eks_cluster_4.yaml +++ b/queries/aws_eks_cluster_4.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Elastic Kubernetes Service Cluster data, including + cluster configurations, statuses, and associated metadata. ID: aws_eks_cluster_4 -Title: "Find AWS EKS Cluster Configurations and Statuses" -Description: "Allows users to query AWS Elastic Kubernetes Service Cluster data, including cluster configurations, statuses, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - version - from - aws_eks_cluster - where - version <> '1.19'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n version\nfrom\n aws_eks_cluster\nwhere\n\ + \ version <> '1.19';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Kubernetes Service +Title: Find AWS EKS Cluster Configurations and Statuses diff --git a/queries/aws_eks_fargate_profile_1.yaml b/queries/aws_eks_fargate_profile_1.yaml index 59767ba08..20b3acc6d 100755 --- a/queries/aws_eks_fargate_profile_1.yaml +++ b/queries/aws_eks_fargate_profile_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS EKS Fargate Profiles and retrieve data such + as the Fargate profile name, ARN, status, and more. ID: aws_eks_fargate_profile_1 -Title: "List all AWS EKS Fargate Profiles and their Details" -Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - fargate_profile_name, - fargate_profile_arn, - cluster_name, - created_at, - status, - tags - from - aws_eks_fargate_profile; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n fargate_profile_name,\n fargate_profile_arn,\n cluster_name,\n\ + \ created_at,\n status,\n tags\nfrom\n aws_eks_fargate_profile;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EKS +Title: List all AWS EKS Fargate Profiles and their Details diff --git a/queries/aws_eks_fargate_profile_2.yaml b/queries/aws_eks_fargate_profile_2.yaml index 63f76f25b..ff6838cca 100755 --- a/queries/aws_eks_fargate_profile_2.yaml +++ b/queries/aws_eks_fargate_profile_2.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS EKS Fargate Profiles and retrieve data such + as the Fargate profile name, ARN, status, and more. ID: aws_eks_fargate_profile_2 -Title: "List all AWS EKS Fargate Profiles by name, ARN, and status" -Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - fargate_profile_name, - fargate_profile_arn, - cluster_name, - created_at, - status - from - aws_eks_fargate_profile - where - status <> 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n fargate_profile_name,\n fargate_profile_arn,\n cluster_name,\n\ + \ created_at,\n status\nfrom\n aws_eks_fargate_profile\nwhere\n status <>\ + \ 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EKS +Title: List all AWS EKS Fargate Profiles by name, ARN, and status diff --git a/queries/aws_eks_fargate_profile_3.yaml b/queries/aws_eks_fargate_profile_3.yaml index 68889a7cb..56fef9beb 100755 --- a/queries/aws_eks_fargate_profile_3.yaml +++ b/queries/aws_eks_fargate_profile_3.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS EKS Fargate Profiles and retrieve data such + as the Fargate profile name, ARN, status, and more. ID: aws_eks_fargate_profile_3 -Title: "Find AWS EKS Fargate Profile Details with SQL" -Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.fargate_profile_name, - f.cluster_name, - f.status as fargate_profile_status, - s.availability_zone, - s.available_ip_address_count, - s.cidr_block, - s.vpc_id - from - aws_eks_fargate_profile as f, - aws_vpc_subnet as s, - jsonb_array_elements(f.subnets) as subnet_id - where - s.subnet_id = subnet_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n f.fargate_profile_name,\n f.cluster_name,\n f.status\ + \ as fargate_profile_status,\n s.availability_zone,\n s.available_ip_address_count,\n\ + \ s.cidr_block,\n s.vpc_id\nfrom\n aws_eks_fargate_profile as f,\n aws_vpc_subnet\ + \ as s,\n jsonb_array_elements(f.subnets) as subnet_id\nwhere\n s.subnet_id\ + \ = subnet_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EKS +Title: Find AWS EKS Fargate Profile Details with SQL diff --git a/queries/aws_eks_fargate_profile_4.yaml b/queries/aws_eks_fargate_profile_4.yaml index b5717b202..470d622ec 100755 --- a/queries/aws_eks_fargate_profile_4.yaml +++ b/queries/aws_eks_fargate_profile_4.yaml @@ -1,34 +1,26 @@ +Description: Allows users to query AWS EKS Fargate Profiles and retrieve data such + as the Fargate profile name, ARN, status, and more. ID: aws_eks_fargate_profile_4 -Title: "List AWS EKS Fargate Profiles with Details" -Description: "Allows users to query AWS EKS Fargate Profiles and retrieve data such as the Fargate profile name, ARN, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.name as cluster_name, - c.arn as cluster_arn, - c.version as cluster_version, - f.fargate_profile_name as fargate_profile_name, - f.fargate_profile_arn as fargate_profile_arn, - f.created_at as created_at, - f.pod_execution_role_arn as pod_execution_role_arn, - f.status as fargate_profile_status - from - aws_eks_fargate_profile as f, - aws_eks_cluster as c - where - c.version::float > 1.19 and f.cluster_name = c.name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n c.name as cluster_name,\n c.arn as cluster_arn,\n c.version\ + \ as cluster_version,\n f.fargate_profile_name as fargate_profile_name,\n f.fargate_profile_arn\ + \ as fargate_profile_arn,\n f.created_at as created_at,\n f.pod_execution_role_arn\ + \ as pod_execution_role_arn,\n f.status as fargate_profile_status\nfrom\n aws_eks_fargate_profile\ + \ as f,\n aws_eks_cluster as c\nwhere\n c.version::float > 1.19 and f.cluster_name\ + \ = c.name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EKS +Title: List AWS EKS Fargate Profiles with Details diff --git a/queries/aws_eks_identity_provider_config_1.yaml b/queries/aws_eks_identity_provider_config_1.yaml index 86474f864..22d669b6d 100755 --- a/queries/aws_eks_identity_provider_config_1.yaml +++ b/queries/aws_eks_identity_provider_config_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query Amazon EKS Identity Provider Configurations for + detailed information about the identity provider configurations for Amazon EKS clusters. ID: aws_eks_identity_provider_config_1 -Title: "Find Amazon EKS Identity Providers' Configurations" -Description: "Allows users to query Amazon EKS Identity Provider Configurations for detailed information about the identity provider configurations for Amazon EKS clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - cluster_name, - tags, - status - from - aws_eks_identity_provider_config; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n cluster_name,\n tags,\n status\nfrom\n\ + \ aws_eks_identity_provider_config;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EKS +Title: Find Amazon EKS Identity Providers' Configurations diff --git a/queries/aws_eks_identity_provider_config_2.yaml b/queries/aws_eks_identity_provider_config_2.yaml index dc6fb0005..f29e80ba8 100755 --- a/queries/aws_eks_identity_provider_config_2.yaml +++ b/queries/aws_eks_identity_provider_config_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query Amazon EKS Identity Provider Configurations for + detailed information about the identity provider configurations for Amazon EKS clusters. ID: aws_eks_identity_provider_config_2 -Title: "Find all Amazon EKS Identity Provider Configurations" -Description: "Allows users to query Amazon EKS Identity Provider Configurations for detailed information about the identity provider configurations for Amazon EKS clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - cluster_name, - type - from - aws_eks_identity_provider_config - where - type = 'oidc'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n cluster_name,\n type\nfrom\n aws_eks_identity_provider_config\n\ + where \n type = 'oidc';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon EKS +Title: Find all Amazon EKS Identity Provider Configurations diff --git a/queries/aws_eks_node_group_1.yaml b/queries/aws_eks_node_group_1.yaml index 6902e52fb..a30f36b55 100755 --- a/queries/aws_eks_node_group_1.yaml +++ b/queries/aws_eks_node_group_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS EKS Node Group data, providing information + about each node group within an AWS Elastic Kubernetes Service (EKS) cluster. ID: aws_eks_node_group_1 -Title: "List all node groups in AWS EKS clusters using SQL" -Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nodegroup_name, - arn, - created_at, - cluster_name, - status - from - aws_eks_node_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n nodegroup_name,\n arn,\n created_at,\n cluster_name,\n\ + \ status\nfrom\n aws_eks_node_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EKS +Title: List all node groups in AWS EKS clusters using SQL diff --git a/queries/aws_eks_node_group_2.yaml b/queries/aws_eks_node_group_2.yaml index a296a3bf1..794c029a7 100755 --- a/queries/aws_eks_node_group_2.yaml +++ b/queries/aws_eks_node_group_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS EKS Node Group data, providing information + about each node group within an AWS Elastic Kubernetes Service (EKS) cluster. ID: aws_eks_node_group_2 -Title: "List all AWS EKS Node Group data within a cluster" -Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nodegroup_name, - arn, - created_at, - cluster_name, - status - from - aws_eks_node_group - where - status <> 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n nodegroup_name,\n arn,\n created_at,\n cluster_name,\n\ + \ status\nfrom\n aws_eks_node_group\nwhere\n status <> 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Kubernetes Service (EKS) +Title: List all AWS EKS Node Group data within a cluster diff --git a/queries/aws_eks_node_group_3.yaml b/queries/aws_eks_node_group_3.yaml index 3a720e508..e4a604c4e 100755 --- a/queries/aws_eks_node_group_3.yaml +++ b/queries/aws_eks_node_group_3.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS EKS Node Group data, providing information + about each node group within an AWS Elastic Kubernetes Service (EKS) cluster. ID: aws_eks_node_group_3 -Title: "List all AWS EKS Node Groups with Health Information" -Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nodegroup_name, - cluster_name, - jsonb_pretty(health) as health - from - aws_eks_node_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n nodegroup_name,\n cluster_name,\n jsonb_pretty(health)\ + \ as health\nfrom\n aws_eks_node_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Kubernetes Service +Title: List all AWS EKS Node Groups with Health Information diff --git a/queries/aws_eks_node_group_4.yaml b/queries/aws_eks_node_group_4.yaml index 290689e87..ef0f8e5da 100755 --- a/queries/aws_eks_node_group_4.yaml +++ b/queries/aws_eks_node_group_4.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS EKS Node Group data, providing information + about each node group within an AWS Elastic Kubernetes Service (EKS) cluster. ID: aws_eks_node_group_4 -Title: "List all AWS EKS Node Groups with Template Info" -Description: "Allows users to query AWS EKS Node Group data, providing information about each node group within an AWS Elastic Kubernetes Service (EKS) cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nodegroup_name, - cluster_name, - jsonb_pretty(launch_template) as launch_template - from - aws_eks_node_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n nodegroup_name,\n cluster_name,\n jsonb_pretty(launch_template)\ + \ as launch_template\nfrom\n aws_eks_node_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EKS +Title: List all AWS EKS Node Groups with Template Info diff --git a/queries/aws_elastic_beanstalk_application_1.yaml b/queries/aws_elastic_beanstalk_application_1.yaml index 4cdc01fe3..84f5c1b64 100755 --- a/queries/aws_elastic_beanstalk_application_1.yaml +++ b/queries/aws_elastic_beanstalk_application_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Elastic Beanstalk Applications to obtain details + about their configurations, versions, environment, and other metadata. ID: aws_elastic_beanstalk_application_1 -Title: "Find AWS Elastic Beanstalk Application Details" -Description: "Allows users to query AWS Elastic Beanstalk Applications to obtain details about their configurations, versions, environment, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - description, - date_created, - date_updated, - versions - from - aws_elastic_beanstalk_application; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n description,\n date_created,\n date_updated,\n\ + \ versions\nfrom\n aws_elastic_beanstalk_application;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Beanstalk +Title: Find AWS Elastic Beanstalk Application Details diff --git a/queries/aws_elastic_beanstalk_application_2.yaml b/queries/aws_elastic_beanstalk_application_2.yaml index fda4b1815..6db2fff4b 100755 --- a/queries/aws_elastic_beanstalk_application_2.yaml +++ b/queries/aws_elastic_beanstalk_application_2.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query AWS Elastic Beanstalk Applications to obtain details + about their configurations, versions, environment, and other metadata. ID: aws_elastic_beanstalk_application_2 -Title: "List all AWS Elastic Beanstalk Application Configurations" -Description: "Allows users to query AWS Elastic Beanstalk Applications to obtain details about their configurations, versions, environment, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - resource_lifecycle_config ->> 'ServiceRole' as role, - resource_lifecycle_config -> 'VersionLifecycleConfig' ->> 'MaxAgeRule' as max_age_rule, - resource_lifecycle_config -> 'VersionLifecycleConfig' ->> 'MaxCountRule' as max_count_rule - from - aws_elastic_beanstalk_application; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n resource_lifecycle_config ->> 'ServiceRole'\ + \ as role,\n resource_lifecycle_config -> 'VersionLifecycleConfig' ->> 'MaxAgeRule'\ + \ as max_age_rule,\n resource_lifecycle_config -> 'VersionLifecycleConfig' ->>\ + \ 'MaxCountRule' as max_count_rule\nfrom\n aws_elastic_beanstalk_application;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Beanstalk +Title: List all AWS Elastic Beanstalk Application Configurations diff --git a/queries/aws_elastic_beanstalk_application_version_1.yaml b/queries/aws_elastic_beanstalk_application_version_1.yaml index c6755aa40..3e9ffc9c4 100755 --- a/queries/aws_elastic_beanstalk_application_version_1.yaml +++ b/queries/aws_elastic_beanstalk_application_version_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Elastic Beanstalk Application Versions to obtain + details about their configurations, environments, and other metadata. ID: aws_elastic_beanstalk_application_version_1 -Title: "Find Elastic Beanstalk Application Versions Details" -Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_arn, - version_label, - description, - date_created, - date_updated, - source_bundle - from - aws_elastic_beanstalk_application_version; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n application_name,\n application_version_arn,\n version_label,\n\ + \ description,\n date_created,\n date_updated,\n source_bundle\nfrom\n aws_elastic_beanstalk_application_version;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Beanstalk +Title: Find Elastic Beanstalk Application Versions Details diff --git a/queries/aws_elastic_beanstalk_application_version_2.yaml b/queries/aws_elastic_beanstalk_application_version_2.yaml index 273186ebf..99b1a39a3 100755 --- a/queries/aws_elastic_beanstalk_application_version_2.yaml +++ b/queries/aws_elastic_beanstalk_application_version_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Elastic Beanstalk Application Versions to obtain + details about their configurations, environments, and other metadata. ID: aws_elastic_beanstalk_application_version_2 -Title: "List all details of AWS Elastic Beanstalk Versions" -Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_arn, - version_label, - date_updated - from - aws_elastic_beanstalk_application_version - order by - date_updated desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n application_name,\n application_version_arn,\n version_label,\n\ + \ date_updated\nfrom\n aws_elastic_beanstalk_application_version\norder by\n\ + \ date_updated desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Beanstalk +Title: List all details of AWS Elastic Beanstalk Versions diff --git a/queries/aws_elastic_beanstalk_application_version_3.yaml b/queries/aws_elastic_beanstalk_application_version_3.yaml index bd5f5d981..9839f0513 100755 --- a/queries/aws_elastic_beanstalk_application_version_3.yaml +++ b/queries/aws_elastic_beanstalk_application_version_3.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Elastic Beanstalk Application Versions to obtain + details about their configurations, environments, and other metadata. ID: aws_elastic_beanstalk_application_version_3 -Title: "List AWS Elastic Beanstalk Application Versions Details" -Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_arn, - version_label, - status - from - aws_elastic_beanstalk_application_version - where - status = 'Processed'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n application_name,\n application_version_arn,\n version_label,\n\ + \ status\nfrom\n aws_elastic_beanstalk_application_version\nwhere\n status\ + \ = 'Processed';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Elastic Beanstalk +Title: List AWS Elastic Beanstalk Application Versions Details diff --git a/queries/aws_elastic_beanstalk_application_version_4.yaml b/queries/aws_elastic_beanstalk_application_version_4.yaml index 867da1946..d8a8578d2 100755 --- a/queries/aws_elastic_beanstalk_application_version_4.yaml +++ b/queries/aws_elastic_beanstalk_application_version_4.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS Elastic Beanstalk Application Versions to obtain + details about their configurations, environments, and other metadata. ID: aws_elastic_beanstalk_application_version_4 -Title: "List all AWS Elastic Beanstalk App Version Details" -Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_arn, - version_label, - description, - date_created, - date_updated, - source_bundle - from - aws_elastic_beanstalk_application_version - where - application_name = 'my-application'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n application_name,\n application_version_arn,\n version_label,\n\ + \ description,\n date_created,\n date_updated,\n source_bundle\nfrom\n aws_elastic_beanstalk_application_version\n\ + where\n application_name = 'my-application';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Beanstalk +Title: List all AWS Elastic Beanstalk App Version Details diff --git a/queries/aws_elastic_beanstalk_application_version_5.yaml b/queries/aws_elastic_beanstalk_application_version_5.yaml index 425e041c0..b66e955f4 100755 --- a/queries/aws_elastic_beanstalk_application_version_5.yaml +++ b/queries/aws_elastic_beanstalk_application_version_5.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Elastic Beanstalk Application Versions to obtain + details about their configurations, environments, and other metadata. ID: aws_elastic_beanstalk_application_version_5 -Title: "Find Elastic Beanstalk App Version Details and Metadata" -Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_arn, - version_label, - tags - from - aws_elastic_beanstalk_application_version - where - tags ->> 'Environment' = 'Production'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n application_name,\n application_version_arn,\n version_label,\n\ + \ tags\nfrom\n aws_elastic_beanstalk_application_version\nwhere\n tags ->>\ + \ 'Environment' = 'Production';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Elastic Beanstalk +Title: Find Elastic Beanstalk App Version Details and Metadata diff --git a/queries/aws_elastic_beanstalk_application_version_6.yaml b/queries/aws_elastic_beanstalk_application_version_6.yaml index 8e114bdb1..80b03fefc 100755 --- a/queries/aws_elastic_beanstalk_application_version_6.yaml +++ b/queries/aws_elastic_beanstalk_application_version_6.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Elastic Beanstalk Application Versions to obtain + details about their configurations, environments, and other metadata. ID: aws_elastic_beanstalk_application_version_6 -Title: "List all AWS Elastic Beanstalk Application Versions Details" -Description: "Allows users to query AWS Elastic Beanstalk Application Versions to obtain details about their configurations, environments, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_arn, - version_label - from - aws_elastic_beanstalk_application_version - where - source_build_information ->> 'SourceRepository' = 'CodeCommit'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n application_name,\n application_version_arn,\n version_label\n\ + from\n aws_elastic_beanstalk_application_version\nwhere\n source_build_information\ + \ ->> 'SourceRepository' = 'CodeCommit';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Beanstalk +Title: List all AWS Elastic Beanstalk Application Versions Details diff --git a/queries/aws_elastic_beanstalk_environment_1.yaml b/queries/aws_elastic_beanstalk_environment_1.yaml index 9372a6b36..7e91f4e92 100755 --- a/queries/aws_elastic_beanstalk_environment_1.yaml +++ b/queries/aws_elastic_beanstalk_environment_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Elastic Beanstalk Environments to gain insights + into their configuration, status, health, related applications, and other metadata. ID: aws_elastic_beanstalk_environment_1 -Title: "List all AWS Elastic Beanstalk Environment Details" -Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - environment_id, - environment_name, - application_name, - arn, - tier - from - aws_elastic_beanstalk_environment; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n environment_id,\n environment_name,\n application_name,\n\ + \ arn,\n tier\nfrom\n aws_elastic_beanstalk_environment;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Beanstalk +Title: List all AWS Elastic Beanstalk Environment Details diff --git a/queries/aws_elastic_beanstalk_environment_2.yaml b/queries/aws_elastic_beanstalk_environment_2.yaml index 1626eb648..c26ea7f46 100755 --- a/queries/aws_elastic_beanstalk_environment_2.yaml +++ b/queries/aws_elastic_beanstalk_environment_2.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Elastic Beanstalk Environments to gain insights + into their configuration, status, health, related applications, and other metadata. ID: aws_elastic_beanstalk_environment_2 -Title: "Find AWS Elastic Beanstalk Environments and Operations" -Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - environment_name, - abortable_operation_in_progress - from - aws_elastic_beanstalk_environment - where - abortable_operation_in_progress = 'true'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n environment_name,\n abortable_operation_in_progress\n\ + from\n aws_elastic_beanstalk_environment\nwhere\n abortable_operation_in_progress\ + \ = 'true';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Beanstalk +Title: Find AWS Elastic Beanstalk Environments and Operations diff --git a/queries/aws_elastic_beanstalk_environment_3.yaml b/queries/aws_elastic_beanstalk_environment_3.yaml index c8c1fe364..ded1b54d4 100755 --- a/queries/aws_elastic_beanstalk_environment_3.yaml +++ b/queries/aws_elastic_beanstalk_environment_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Elastic Beanstalk Environments to gain insights + into their configuration, status, health, related applications, and other metadata. ID: aws_elastic_beanstalk_environment_3 -Title: "Find AWS Elastic Beanstalk Environments with Health Status Red" -Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - environment_name, - application_name, - environment_id, - health - from - aws_elastic_beanstalk_environment - where - health = 'Red'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n environment_name,\n application_name,\n environment_id,\n\ + \ health\nfrom\n aws_elastic_beanstalk_environment\nwhere\n health = 'Red';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Beanstalk +Title: Find AWS Elastic Beanstalk Environments with Health Status Red diff --git a/queries/aws_elastic_beanstalk_environment_4.yaml b/queries/aws_elastic_beanstalk_environment_4.yaml index d195bc8b1..7bb21c193 100755 --- a/queries/aws_elastic_beanstalk_environment_4.yaml +++ b/queries/aws_elastic_beanstalk_environment_4.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Elastic Beanstalk Environments to gain insights + into their configuration, status, health, related applications, and other metadata. ID: aws_elastic_beanstalk_environment_4 -Title: "Find all AWS Elastic Beanstalk Environments' Health Status" -Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - environment_name, - health_status - from - aws_elastic_beanstalk_environment - where - health_status = 'Suspended'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n environment_name,\n health_status\nfrom\n aws_elastic_beanstalk_environment\n\ + where\n health_status = 'Suspended';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Beanstalk +Title: Find all AWS Elastic Beanstalk Environments' Health Status diff --git a/queries/aws_elastic_beanstalk_environment_5.yaml b/queries/aws_elastic_beanstalk_environment_5.yaml index fd7fe433e..683c579f2 100755 --- a/queries/aws_elastic_beanstalk_environment_5.yaml +++ b/queries/aws_elastic_beanstalk_environment_5.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Elastic Beanstalk Environments to gain insights + into their configuration, status, health, related applications, and other metadata. ID: aws_elastic_beanstalk_environment_5 -Title: "List All AWS Elastic Beanstalk Environment Configurations and Status" -Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - environment_name, - a ->> 'ActionDescription' as action_description, - a ->> 'ActionId' as action_id, - a ->> 'ActionType' as action_type, - a ->> 'Status' as action_status, - a ->> 'WindowStartTime' as action_window_start_time - from - aws_elastic_beanstalk_environment, - jsonb_array_elements(managed_actions) as a; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n environment_name,\n a ->> 'ActionDescription' as action_description,\n\ + \ a ->> 'ActionId' as action_id,\n a ->> 'ActionType' as action_type,\n a ->>\ + \ 'Status' as action_status,\n a ->> 'WindowStartTime' as action_window_start_time\n\ + from\n aws_elastic_beanstalk_environment,\n jsonb_array_elements(managed_actions)\ + \ as a;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Beanstalk +Title: List All AWS Elastic Beanstalk Environment Configurations and Status diff --git a/queries/aws_elastic_beanstalk_environment_6.yaml b/queries/aws_elastic_beanstalk_environment_6.yaml index e6e307ea6..0a4133dd0 100755 --- a/queries/aws_elastic_beanstalk_environment_6.yaml +++ b/queries/aws_elastic_beanstalk_environment_6.yaml @@ -1,37 +1,29 @@ +Description: Allows users to query AWS Elastic Beanstalk Environments to gain insights + into their configuration, status, health, related applications, and other metadata. ID: aws_elastic_beanstalk_environment_6 -Title: "List all AWS Elastic Beanstalk Environments with Metadata" -Description: "Allows users to query AWS Elastic Beanstalk Environments to gain insights into their configuration, status, health, related applications, and other metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - environment_name, - application_name, - c ->> 'DateCreated' as date_created, - c ->> 'DateUpdated' as date_updated, - c ->> 'DeploymentStatus' as deployment_status, - c ->> 'Description' as description, - c -> 'OptionSettings' ->> 'Namespace' as option_settings_namespace, - c -> 'OptionSettings' ->> 'OptionName' as option_name, - c -> 'OptionSettings' ->> 'ResourceName' as option_resource_name, - c -> 'OptionSettings' ->> 'Value' as option_value, - c ->> 'PlatformArn' as platform_arn, - c ->> 'SolutionStackName' as solution_stack_name, - c ->> 'TemplateName' as template_name - from - aws_elastic_beanstalk_environment, - jsonb_array_elements(configuration_settings) as c; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n environment_name,\n application_name,\n c ->> 'DateCreated'\ + \ as date_created,\n c ->> 'DateUpdated' as date_updated,\n c ->> 'DeploymentStatus'\ + \ as deployment_status,\n c ->> 'Description' as description,\n c -> 'OptionSettings'\ + \ ->> 'Namespace' as option_settings_namespace,\n c -> 'OptionSettings' ->> 'OptionName'\ + \ as option_name,\n c -> 'OptionSettings' ->> 'ResourceName' as option_resource_name,\n\ + \ c -> 'OptionSettings' ->> 'Value' as option_value,\n c ->> 'PlatformArn' as\ + \ platform_arn,\n c ->> 'SolutionStackName' as solution_stack_name,\n c ->>\ + \ 'TemplateName' as template_name\nfrom\n aws_elastic_beanstalk_environment,\n\ + \ jsonb_array_elements(configuration_settings) as c;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic Beanstalk +Title: List all AWS Elastic Beanstalk Environments with Metadata diff --git a/queries/aws_elasticache_cluster_1.yaml b/queries/aws_elasticache_cluster_1.yaml index 169922aa2..5f39ea15a 100755 --- a/queries/aws_elasticache_cluster_1.yaml +++ b/queries/aws_elasticache_cluster_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query Amazon ElastiCache Cluster data, providing information + about each ElastiCache Cluster within the AWS account. ID: aws_elasticache_cluster_1 -Title: "List all AWS ElastiCache Clusters with Encryption Disabled" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - cache_node_type, - at_rest_encryption_enabled - from - aws_elasticache_cluster - where - not at_rest_encryption_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n cache_node_type,\n at_rest_encryption_enabled\n\ + from\n aws_elasticache_cluster\nwhere\n not at_rest_encryption_enabled;" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List all AWS ElastiCache Clusters with Encryption Disabled diff --git a/queries/aws_elasticache_cluster_2.yaml b/queries/aws_elasticache_cluster_2.yaml index 24321495c..4377075e8 100755 --- a/queries/aws_elasticache_cluster_2.yaml +++ b/queries/aws_elasticache_cluster_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query Amazon ElastiCache Cluster data, providing information + about each ElastiCache Cluster within the AWS account. ID: aws_elasticache_cluster_2 -Title: "Find Amazon ElastiCache Cluster Information within AWS" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - preferred_availability_zone - from - aws_elasticache_cluster - where - preferred_availability_zone <> 'Multiple'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n preferred_availability_zone\nfrom\n\ + \ aws_elasticache_cluster\nwhere\n preferred_availability_zone <> 'Multiple';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon ElastiCache +Title: Find Amazon ElastiCache Cluster Information within AWS diff --git a/queries/aws_elasticache_cluster_3.yaml b/queries/aws_elasticache_cluster_3.yaml index 0868121cf..d9b989897 100755 --- a/queries/aws_elasticache_cluster_3.yaml +++ b/queries/aws_elasticache_cluster_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query Amazon ElastiCache Cluster data, providing information + about each ElastiCache Cluster within the AWS account. ID: aws_elasticache_cluster_3 -Title: "Query Amazon ElastiCache Cluster Data with SQL" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - cache_node_type, - transit_encryption_enabled - from - aws_elasticache_cluster - where - not transit_encryption_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n cache_node_type,\n transit_encryption_enabled\n\ + from\n aws_elasticache_cluster\nwhere\n not transit_encryption_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon ElastiCache +Title: Query Amazon ElastiCache Cluster Data with SQL diff --git a/queries/aws_elasticache_cluster_4.yaml b/queries/aws_elasticache_cluster_4.yaml index 3dcd60f16..32f112e9f 100755 --- a/queries/aws_elasticache_cluster_4.yaml +++ b/queries/aws_elasticache_cluster_4.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query Amazon ElastiCache Cluster data, providing information + about each ElastiCache Cluster within the AWS account. ID: aws_elasticache_cluster_4 -Title: "List all Amazon ElastiCache Cluster data in AWS account" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_node_type, - count(*) as count - from - aws_elasticache_cluster - where - cache_node_type not in ('cache.m5.large', 'cache.m4.4xlarge') - group by - cache_node_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_node_type,\n count(*) as count\nfrom\n aws_elasticache_cluster\n\ + where\n cache_node_type not in ('cache.m5.large', 'cache.m4.4xlarge')\ngroup\ + \ by\n cache_node_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon ElastiCache +Title: List all Amazon ElastiCache Cluster data in AWS account diff --git a/queries/aws_elasticache_cluster_5.yaml b/queries/aws_elasticache_cluster_5.yaml index e3f42ed5a..49eed4488 100755 --- a/queries/aws_elasticache_cluster_5.yaml +++ b/queries/aws_elasticache_cluster_5.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query Amazon ElastiCache Cluster data, providing information + about each ElastiCache Cluster within the AWS account. ID: aws_elasticache_cluster_5 -Title: "Find Inactive Amazon ElastiCache Clusters" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - cache_cluster_status, - notification_configuration ->> 'TopicArn' as topic_arn, - notification_configuration ->> 'TopicStatus' as topic_status - from - aws_elasticache_cluster - where - notification_configuration ->> 'TopicStatus' = 'inactive'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n cache_cluster_status,\n notification_configuration\ + \ ->> 'TopicArn' as topic_arn,\n notification_configuration ->> 'TopicStatus'\ + \ as topic_status\nfrom\n aws_elasticache_cluster\nwhere\n notification_configuration\ + \ ->> 'TopicStatus' = 'inactive';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon ElastiCache +Title: Find Inactive Amazon ElastiCache Clusters diff --git a/queries/aws_elasticache_cluster_6.yaml b/queries/aws_elasticache_cluster_6.yaml index d799088f0..631430076 100755 --- a/queries/aws_elasticache_cluster_6.yaml +++ b/queries/aws_elasticache_cluster_6.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query Amazon ElastiCache Cluster data, providing information + about each ElastiCache Cluster within the AWS account. ID: aws_elasticache_cluster_6 -Title: "List All Amazon ElastiCache Clusters with Security Details" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - sg ->> 'SecurityGroupId' as security_group_id, - sg ->> 'Status' as status - from - aws_elasticache_cluster, - jsonb_array_elements(security_groups) as sg; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n sg ->> 'SecurityGroupId' as security_group_id,\n\ + \ sg ->> 'Status' as status\nfrom\n aws_elasticache_cluster,\n jsonb_array_elements(security_groups)\ + \ as sg;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List All Amazon ElastiCache Clusters with Security Details diff --git a/queries/aws_elasticache_cluster_7.yaml b/queries/aws_elasticache_cluster_7.yaml index 89c766db3..8c7da1e46 100755 --- a/queries/aws_elasticache_cluster_7.yaml +++ b/queries/aws_elasticache_cluster_7.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query Amazon ElastiCache Cluster data, providing information + about each ElastiCache Cluster within the AWS account. ID: aws_elasticache_cluster_7 -Title: "List all information about each ElastiCache Cluster" -Description: "Allows users to query Amazon ElastiCache Cluster data, providing information about each ElastiCache Cluster within the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - cache_node_type, - cache_cluster_status, - snapshot_retention_limit - from - aws_elasticache_cluster - where - snapshot_retention_limit is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n cache_node_type,\n cache_cluster_status,\n\ + \ snapshot_retention_limit\nfrom\n aws_elasticache_cluster\nwhere\n snapshot_retention_limit\ + \ is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List all information about each ElastiCache Cluster diff --git a/queries/aws_elasticache_parameter_group_1.yaml b/queries/aws_elasticache_parameter_group_1.yaml index 88abd4966..dc1b70402 100755 --- a/queries/aws_elasticache_parameter_group_1.yaml +++ b/queries/aws_elasticache_parameter_group_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Elasticache Parameter Groups, providing detailed + information about each group''s configurations, parameters, and associated metadata. ID: aws_elasticache_parameter_group_1 -Title: "Find AWS Elasticache Parameter Groups configurations" -Description: "Allows users to query AWS Elasticache Parameter Groups, providing detailed information about each group''s configurations, parameters, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_parameter_group_name, - description, - cache_parameter_group_family, - description, - is_global - from - aws_elasticache_parameter_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_parameter_group_name,\n description,\n cache_parameter_group_family,\n\ + \ description,\n is_global\nfrom\n aws_elasticache_parameter_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elasticache +Title: Find AWS Elasticache Parameter Groups configurations diff --git a/queries/aws_elasticache_parameter_group_2.yaml b/queries/aws_elasticache_parameter_group_2.yaml index 6b16a5fe7..a47aa41ca 100755 --- a/queries/aws_elasticache_parameter_group_2.yaml +++ b/queries/aws_elasticache_parameter_group_2.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Elasticache Parameter Groups, providing detailed + information about each group''s configurations, parameters, and associated metadata. ID: aws_elasticache_parameter_group_2 -Title: "Find AWS Elasticache Parameter Groups and Configurations" -Description: "Allows users to query AWS Elasticache Parameter Groups, providing detailed information about each group''s configurations, parameters, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_parameter_group_family, - count(*) as count - from - aws_elasticache_parameter_group - where - cache_parameter_group_family not in ('redis5.0', 'memcached1.5') - group by - cache_parameter_group_family; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_parameter_group_family,\n count(*) as count\n\ + from\n aws_elasticache_parameter_group\nwhere\n cache_parameter_group_family\ + \ not in ('redis5.0', 'memcached1.5')\ngroup by\n cache_parameter_group_family;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elasticache +Title: Find AWS Elasticache Parameter Groups and Configurations diff --git a/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml b/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml index 18470e9e9..7a2adaeae 100755 --- a/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml +++ b/queries/aws_elasticache_redis_metric_cache_hits_hourly_1.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly + basis. ID: aws_elasticache_redis_metric_cache_hits_hourly_1 -Title: "List All AWS ElastiCache Redis Cache Hits Hourly" -Description: "Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_elasticache_redis_metric_cache_hits_hourly - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sum,\n sample_count\nfrom\n aws_elasticache_redis_metric_cache_hits_hourly\n\ + order by\n cache_cluster_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List All AWS ElastiCache Redis Cache Hits Hourly diff --git a/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml b/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml index 334546f3a..3fc6b16d8 100755 --- a/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml +++ b/queries/aws_elasticache_redis_metric_cache_hits_hourly_2.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly + basis. ID: aws_elasticache_redis_metric_cache_hits_hourly_2 -Title: "List All Amazon ElastiCache Redis Hourly Cache Hits" -Description: "Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(sum::numeric,2) as sum_cachehits, - round(average::numeric,2) as average_cachehits, - sample_count - from - aws_elasticache_redis_metric_cache_hits_hourly - where sum < 10 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n round(sum::numeric,2)\ + \ as sum_cachehits,\n round(average::numeric,2) as average_cachehits,\n sample_count\n\ + from\n aws_elasticache_redis_metric_cache_hits_hourly\nwhere sum < 10\norder\ + \ by\n cache_cluster_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon ElastiCache +Title: List All Amazon ElastiCache Redis Hourly Cache Hits diff --git a/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml b/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml index 76997403a..eae1ae7b4 100755 --- a/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml +++ b/queries/aws_elasticache_redis_metric_cache_hits_hourly_3.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly + basis. ID: aws_elasticache_redis_metric_cache_hits_hourly_3 -Title: "Find hourly Amazon ElastiCache Redis Cache Hits" -Description: "Allows users to query Amazon ElastiCache Redis Cache Hits on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_cachehits, - round(maximum::numeric,2) as max_cachehits, - round(average::numeric,2) as avg_cachehits, - sample_count - from - aws_elasticache_redis_metric_cache_hits_hourly - where average < 100 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cachehits,\n round(maximum::numeric,2) as max_cachehits,\n round(average::numeric,2)\ + \ as avg_cachehits,\n sample_count\nfrom\n aws_elasticache_redis_metric_cache_hits_hourly\n\ + where average < 100\norder by\n cache_cluster_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache Redis +Title: Find hourly Amazon ElastiCache Redis Cache Hits diff --git a/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml b/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml index 7dae977c0..b3a6a490e 100755 --- a/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml +++ b/queries/aws_elasticache_redis_metric_curr_connections_hourly_1.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query ElastiCache Redis current connections metrics on + an hourly basis. ID: aws_elasticache_redis_metric_curr_connections_hourly_1 -Title: "List all Redis current connections metrics hourly" -Description: "Allows users to query ElastiCache Redis current connections metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_elasticache_redis_metric_curr_connections_hourly - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sum,\n sample_count\nfrom\n aws_elasticache_redis_metric_curr_connections_hourly\n\ + order by\n cache_cluster_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List all Redis current connections metrics hourly diff --git a/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml b/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml index 766f833cd..1dca6dc82 100755 --- a/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml +++ b/queries/aws_elasticache_redis_metric_curr_connections_hourly_2.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query ElastiCache Redis current connections metrics on + an hourly basis. ID: aws_elasticache_redis_metric_curr_connections_hourly_2 -Title: "Find ElastiCache Redis Current Hourly Connections" -Description: "Allows users to query ElastiCache Redis current connections metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_currconnections, - round(maximum::numeric,2) as max_currconnections, - round(average::numeric,2) as avg_currconnections, - sample_count - from - aws_elasticache_redis_metric_curr_connections_hourly - where average > 100 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_currconnections,\n round(maximum::numeric,2) as max_currconnections,\n\ + \ round(average::numeric,2) as avg_currconnections,\n sample_count\nfrom\n \ + \ aws_elasticache_redis_metric_curr_connections_hourly\nwhere average > 100\n\ + order by\n cache_cluster_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: Find ElastiCache Redis Current Hourly Connections diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml index 843c9ad0b..f1e761c85 100755 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_1.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query ElastiCache Redis Metrics and provides daily statistics + for Engine CPU Utilization. ID: aws_elasticache_redis_metric_engine_cpu_utilization_daily_1 -Title: "List all AWS ElastiCache Redis Engine CPU Utilization Metrics" -Description: "Allows users to query ElastiCache Redis Metrics and provides daily statistics for Engine CPU Utilization." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_elasticache_redis_metric_engine_cpu_utilization_daily - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sample_count\nfrom\n aws_elasticache_redis_metric_engine_cpu_utilization_daily\n\ + order by\n cache_cluster_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache Redis +Title: List all AWS ElastiCache Redis Engine CPU Utilization Metrics diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml index 60e2b1482..790d82230 100755 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_2.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query ElastiCache Redis Metrics and provides daily statistics + for Engine CPU Utilization. ID: aws_elasticache_redis_metric_engine_cpu_utilization_daily_2 -Title: "Find ElastiCache Redis CPU Utilization Metrics Daily" -Description: "Allows users to query ElastiCache Redis Metrics and provides daily statistics for Engine CPU Utilization." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_elasticache_redis_metric_engine_cpu_utilization_daily - where average > 80 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_elasticache_redis_metric_engine_cpu_utilization_daily\n\ + where average > 80\norder by\n cache_cluster_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: Find ElastiCache Redis CPU Utilization Metrics Daily diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml index 9095ec823..836131eba 100755 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_daily_3.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query ElastiCache Redis Metrics and provides daily statistics + for Engine CPU Utilization. ID: aws_elasticache_redis_metric_engine_cpu_utilization_daily_3 -Title: "List All AWS ElastiCache Redis Engine CPU Utilization Daily" -Description: "Allows users to query ElastiCache Redis Metrics and provides daily statistics for Engine CPU Utilization." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_elasticache_redis_metric_engine_cpu_utilization_daily - where average < 2 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_elasticache_redis_metric_engine_cpu_utilization_daily\n\ + where average < 2\norder by\n cache_cluster_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List All AWS ElastiCache Redis Engine CPU Utilization Daily diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml index 6c792738a..eaf71bea9 100755 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query hourly CPU utilization metrics for AWS ElastiCache + Redis. ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_1 -Title: "List hourly CPU utilization metrics for ElastiCache Redis" -Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_elasticache_redis_metric_engine_cpu_utilization_hourly - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sample_count\nfrom\n aws_elasticache_redis_metric_engine_cpu_utilization_hourly\n\ + order by\n cache_cluster_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache Redis +Title: List hourly CPU utilization metrics for ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml index f434919b2..a84d56e31 100755 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query hourly CPU utilization metrics for AWS ElastiCache + Redis. ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2 -Title: "List All Hourly CPU Utilization Metrics for AWS ElastiCache Redis" -Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_elasticache_redis_metric_engine_cpu_utilization_hourly - where average > 80 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_elasticache_redis_metric_engine_cpu_utilization_hourly\n\ + where average > 80\norder by\n cache_cluster_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache Redis +Title: List All Hourly CPU Utilization Metrics for AWS ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml index fcb0e50c3..c09e113c8 100755 --- a/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml +++ b/queries/aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query hourly CPU utilization metrics for AWS ElastiCache + Redis. ID: aws_elasticache_redis_metric_engine_cpu_utilization_hourly_3 -Title: "List all hourly CPU utilization metrics for ElastiCache Redis" -Description: "Allows users to query hourly CPU utilization metrics for AWS ElastiCache Redis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_elasticache_redis_metric_engine_cpu_utilization_hourly - where average < 2 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_elasticache_redis_metric_engine_cpu_utilization_hourly\n\ + where average < 2\norder by\n cache_cluster_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List all hourly CPU utilization metrics for ElastiCache Redis diff --git a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml index 75b311f63..f25634972 100755 --- a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml +++ b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query ElastiCache Redis Metrics on an hourly basis. This + includes information on GET type commands executed in the selected ElastiCache Redis + cluster during the last hour. ID: aws_elasticache_redis_metric_get_type_cmds_hourly_1 -Title: "List all ElastiCache Redis Metrics on GET Commands Hourly" -Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis. This includes information on GET type commands executed in the selected ElastiCache Redis cluster during the last hour." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_elasticache_redis_metric_get_type_cmds_hourly - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sample_count\nfrom\n aws_elasticache_redis_metric_get_type_cmds_hourly\n\ + order by\n cache_cluster_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List all ElastiCache Redis Metrics on GET Commands Hourly diff --git a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml index 219a64524..e5a281908 100755 --- a/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml +++ b/queries/aws_elasticache_redis_metric_get_type_cmds_hourly_2.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query ElastiCache Redis Metrics on an hourly basis. This + includes information on GET type commands executed in the selected ElastiCache Redis + cluster during the last hour. ID: aws_elasticache_redis_metric_get_type_cmds_hourly_2 -Title: "List ElastiCache Redis GET Commands Executed Hourly" -Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis. This includes information on GET type commands executed in the selected ElastiCache Redis cluster during the last hour." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_gettypecmds, - round(maximum::numeric,2) as max_gettypecmds, - round(average::numeric,2) as avg_gettypecmds, - round(sum::numeric,2) as sum_gettypecmds - from - aws_elasticache_redis_metric_get_type_cmds_hourly - where sum > 100 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_gettypecmds,\n round(maximum::numeric,2) as max_gettypecmds,\n round(average::numeric,2)\ + \ as avg_gettypecmds,\n round(sum::numeric,2) as sum_gettypecmds\nfrom\n aws_elasticache_redis_metric_get_type_cmds_hourly\n\ + where sum > 100\norder by\n cache_cluster_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List ElastiCache Redis GET Commands Executed Hourly diff --git a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml index d43c346ab..4bb58224a 100755 --- a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml +++ b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_1.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query ElastiCache Redis Metrics on an hourly basis, providing + data on list-based commands executed in the ElastiCache Redis environment. ID: aws_elasticache_redis_metric_list_based_cmds_hourly_1 -Title: "List All ElastiCache Redis List-Based Command Metrics" -Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis, providing data on list-based commands executed in the ElastiCache Redis environment." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average, - sample_count, - sum - from - aws_elasticache_redis_metric_list_based_cmds_hourly - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sample_count,\n sum\nfrom\n aws_elasticache_redis_metric_list_based_cmds_hourly\n\ + order by\n cache_cluster_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache Redis +Title: List All ElastiCache Redis List-Based Command Metrics diff --git a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml index 1cdccb8e6..f53271145 100755 --- a/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml +++ b/queries/aws_elasticache_redis_metric_list_based_cmds_hourly_2.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query ElastiCache Redis Metrics on an hourly basis, providing + data on list-based commands executed in the ElastiCache Redis environment. ID: aws_elasticache_redis_metric_list_based_cmds_hourly_2 -Title: "List All Hourly AWS ElastiCache Redis List-based Metrics" -Description: "Allows users to query ElastiCache Redis Metrics on an hourly basis, providing data on list-based commands executed in the ElastiCache Redis environment." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_listbasedcmds, - round(maximum::numeric,2) as max_listbasedcmds, - round(average::numeric,2) as avg_listbasedcmds, - round(sum::numeric,2) as sum_listbasedcmds - from - aws_elasticache_redis_metric_list_based_cmds_hourly - where sum > 100 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_listbasedcmds,\n round(maximum::numeric,2) as max_listbasedcmds,\n \ + \ round(average::numeric,2) as avg_listbasedcmds,\n round(sum::numeric,2) as\ + \ sum_listbasedcmds\nfrom\n aws_elasticache_redis_metric_list_based_cmds_hourly\n\ + where sum > 100\norder by\n cache_cluster_id,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache Redis +Title: List All Hourly AWS ElastiCache Redis List-based Metrics diff --git a/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml b/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml index 8fea25073..a00fee5d8 100755 --- a/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml +++ b/queries/aws_elasticache_redis_metric_new_connections_hourly_1.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS ElastiCache Redis Metrics to get hourly data + on new connections. ID: aws_elasticache_redis_metric_new_connections_hourly_1 -Title: "List hourly AWS ElastiCache Redis new connection metrics" -Description: "Allows users to query AWS ElastiCache Redis Metrics to get hourly data on new connections." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - minimum, - maximum, - average - from - aws_elasticache_redis_metric_new_connections_hourly - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n minimum,\n maximum,\n\ + \ average\nfrom\n aws_elasticache_redis_metric_new_connections_hourly\norder\ + \ by\n cache_cluster_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS ElastiCache +Title: List hourly AWS ElastiCache Redis new connection metrics diff --git a/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml b/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml index 9cb62a77e..bac2dd1f9 100755 --- a/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml +++ b/queries/aws_elasticache_redis_metric_new_connections_hourly_2.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS ElastiCache Redis Metrics to get hourly data + on new connections. ID: aws_elasticache_redis_metric_new_connections_hourly_2 -Title: "List hourly AWS ElastiCache Redis new connections" -Description: "Allows users to query AWS ElastiCache Redis Metrics to get hourly data on new connections." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_cluster_id, - timestamp, - round(minimum::numeric,2) as min_newconnections, - round(maximum::numeric,2) as max_newconnections, - round(average::numeric,2) as avg_newconnections, - round(sum::numeric,2) as sum_newconnections - from - aws_elasticache_redis_metric_new_connections_hourly - where sum > 10 - order by - cache_cluster_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_cluster_id,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_newconnections,\n round(maximum::numeric,2) as max_newconnections,\n\ + \ round(average::numeric,2) as avg_newconnections,\n round(sum::numeric,2) as\ + \ sum_newconnections\nfrom\n aws_elasticache_redis_metric_new_connections_hourly\n\ + where sum > 10\norder by\n cache_cluster_id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List hourly AWS ElastiCache Redis new connections diff --git a/queries/aws_elasticache_replication_group_1.yaml b/queries/aws_elasticache_replication_group_1.yaml index 53a34c044..b85a84c60 100755 --- a/queries/aws_elasticache_replication_group_1.yaml +++ b/queries/aws_elasticache_replication_group_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS ElastiCache Replication Groups to retrieve + information related to their configuration, status, and associated resources. ID: aws_elasticache_replication_group_1 -Title: "List all AWS ElastiCache Replication Groups with SQL" -Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_group_id, - description, - cache_node_type, - cluster_enabled, - auth_token_enabled, - automatic_failover - from - aws_elasticache_replication_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_group_id,\n description,\n cache_node_type,\n\ + \ cluster_enabled,\n auth_token_enabled,\n automatic_failover\nfrom\n aws_elasticache_replication_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List all AWS ElastiCache Replication Groups with SQL diff --git a/queries/aws_elasticache_replication_group_2.yaml b/queries/aws_elasticache_replication_group_2.yaml index 8e23cbb0c..fe78ff80b 100755 --- a/queries/aws_elasticache_replication_group_2.yaml +++ b/queries/aws_elasticache_replication_group_2.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS ElastiCache Replication Groups to retrieve + information related to their configuration, status, and associated resources. ID: aws_elasticache_replication_group_2 -Title: "List AWS ElastiCache Replication Groups Configuration" -Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_group_id, - cache_node_type, - at_rest_encryption_enabled - from - aws_elasticache_replication_group - where - not at_rest_encryption_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_group_id,\n cache_node_type,\n at_rest_encryption_enabled\n\ + from\n aws_elasticache_replication_group\nwhere\n not at_rest_encryption_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List AWS ElastiCache Replication Groups Configuration diff --git a/queries/aws_elasticache_replication_group_3.yaml b/queries/aws_elasticache_replication_group_3.yaml index e2215e8c9..a9c0364a3 100755 --- a/queries/aws_elasticache_replication_group_3.yaml +++ b/queries/aws_elasticache_replication_group_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS ElastiCache Replication Groups to retrieve + information related to their configuration, status, and associated resources. ID: aws_elasticache_replication_group_3 -Title: "Find AWS ElastiCache Replication Groups Configuration" -Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_group_id, - cache_node_type, - multi_az - from - aws_elasticache_replication_group - where - multi_az = 'disabled'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_group_id,\n cache_node_type,\n multi_az\n\ + from\n aws_elasticache_replication_group\nwhere\n multi_az = 'disabled';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: Find AWS ElastiCache Replication Groups Configuration diff --git a/queries/aws_elasticache_replication_group_4.yaml b/queries/aws_elasticache_replication_group_4.yaml index d1834eb1c..ad1c5a9b1 100755 --- a/queries/aws_elasticache_replication_group_4.yaml +++ b/queries/aws_elasticache_replication_group_4.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS ElastiCache Replication Groups to retrieve + information related to their configuration, status, and associated resources. ID: aws_elasticache_replication_group_4 -Title: "List all AWS ElastiCache Replication Groups with Config and Status" -Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_group_id, - snapshot_retention_limit, - snapshot_window, - snapshotting_cluster_id - from - aws_elasticache_replication_group - where - snapshot_retention_limit < 30; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_group_id,\n snapshot_retention_limit,\n\ + \ snapshot_window,\n snapshotting_cluster_id\nfrom\n aws_elasticache_replication_group\n\ + where\n snapshot_retention_limit < 30;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List all AWS ElastiCache Replication Groups with Config and Status diff --git a/queries/aws_elasticache_replication_group_5.yaml b/queries/aws_elasticache_replication_group_5.yaml index f9043ef0a..779f31cb2 100755 --- a/queries/aws_elasticache_replication_group_5.yaml +++ b/queries/aws_elasticache_replication_group_5.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS ElastiCache Replication Groups to retrieve + information related to their configuration, status, and associated resources. ID: aws_elasticache_replication_group_5 -Title: "List all AWS ElastiCache Replication Groups Configurations" -Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_node_type, - count (*) - from - aws_elasticache_replication_group - group by - cache_node_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_node_type,\n count (*)\nfrom\n aws_elasticache_replication_group\n\ + group by\n cache_node_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List all AWS ElastiCache Replication Groups Configurations diff --git a/queries/aws_elasticache_replication_group_6.yaml b/queries/aws_elasticache_replication_group_6.yaml index c703c145e..d72aa649f 100755 --- a/queries/aws_elasticache_replication_group_6.yaml +++ b/queries/aws_elasticache_replication_group_6.yaml @@ -1,23 +1,20 @@ +Description: Allows users to query AWS ElastiCache Replication Groups to retrieve + information related to their configuration, status, and associated resources. ID: aws_elasticache_replication_group_6 -Title: "Find AWS ElastiCache Replication Groups and Status" -Description: "Allows users to query AWS ElastiCache Replication Groups to retrieve information related to their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - replication_group_id, - jsonb_array_elements_text(member_clusters) as member_clusters - from - aws_elasticache_replication_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n replication_group_id,\n jsonb_array_elements_text(member_clusters)\ + \ as member_clusters\nfrom\n aws_elasticache_replication_group;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: Find AWS ElastiCache Replication Groups and Status diff --git a/queries/aws_elasticache_reserved_cache_node_1.yaml b/queries/aws_elasticache_reserved_cache_node_1.yaml index 7bb548c3b..aef3c371e 100755 --- a/queries/aws_elasticache_reserved_cache_node_1.yaml +++ b/queries/aws_elasticache_reserved_cache_node_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS ElastiCache Reserved Cache Nodes to gather + details such as the reservation status, start time, duration, and associated metadata. ID: aws_elasticache_reserved_cache_node_1 -Title: "List all AWS ElastiCache Reserved Cache Nodes details" -Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_cache_node_id, - arn, - reserved_cache_nodes_offering_id, - state, - cache_node_type - from - aws_elasticache_reserved_cache_node; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_cache_node_id,\n arn,\n reserved_cache_nodes_offering_id,\n\ + \ state,\n cache_node_type\nfrom\n aws_elasticache_reserved_cache_node;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List all AWS ElastiCache Reserved Cache Nodes details diff --git a/queries/aws_elasticache_reserved_cache_node_2.yaml b/queries/aws_elasticache_reserved_cache_node_2.yaml index 2d4c03778..6da92fa01 100755 --- a/queries/aws_elasticache_reserved_cache_node_2.yaml +++ b/queries/aws_elasticache_reserved_cache_node_2.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS ElastiCache Reserved Cache Nodes to gather + details such as the reservation status, start time, duration, and associated metadata. ID: aws_elasticache_reserved_cache_node_2 -Title: "Find AWS ElastiCache Reserved Cache Node Details" -Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_cache_node_id, - arn, - reserved_cache_nodes_offering_id, - state, - cache_node_type - from - aws_elasticache_reserved_cache_node - where - offering_type = 'All Upfront'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_cache_node_id,\n arn,\n reserved_cache_nodes_offering_id,\n\ + \ state,\n cache_node_type\nfrom\n aws_elasticache_reserved_cache_node\nwhere\n\ + \ offering_type = 'All Upfront';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: Find AWS ElastiCache Reserved Cache Node Details diff --git a/queries/aws_elasticache_reserved_cache_node_3.yaml b/queries/aws_elasticache_reserved_cache_node_3.yaml index 85f3539a5..674f8103d 100755 --- a/queries/aws_elasticache_reserved_cache_node_3.yaml +++ b/queries/aws_elasticache_reserved_cache_node_3.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS ElastiCache Reserved Cache Nodes to gather + details such as the reservation status, start time, duration, and associated metadata. ID: aws_elasticache_reserved_cache_node_3 -Title: "List AWS ElastiCache Reserved Cache Nodes with Details" -Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_cache_node_id, - arn, - reserved_cache_nodes_offering_id, - state, - cache_node_type - from - aws_elasticache_reserved_cache_node - order by - duration desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_cache_node_id,\n arn,\n reserved_cache_nodes_offering_id,\n\ + \ state,\n cache_node_type\nfrom\n aws_elasticache_reserved_cache_node\norder\ + \ by\n duration desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List AWS ElastiCache Reserved Cache Nodes with Details diff --git a/queries/aws_elasticache_reserved_cache_node_4.yaml b/queries/aws_elasticache_reserved_cache_node_4.yaml index 82f05afe5..211931d07 100755 --- a/queries/aws_elasticache_reserved_cache_node_4.yaml +++ b/queries/aws_elasticache_reserved_cache_node_4.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS ElastiCache Reserved Cache Nodes to gather + details such as the reservation status, start time, duration, and associated metadata. ID: aws_elasticache_reserved_cache_node_4 -Title: "List all AWS ElastiCache Reserved Cache Nodes" -Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_cache_node_id, - arn, - reserved_cache_nodes_offering_id, - state, - cache_node_type - from - aws_elasticache_reserved_cache_node - order by - usage_price desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_cache_node_id,\n arn,\n reserved_cache_nodes_offering_id,\n\ + \ state,\n cache_node_type\nfrom\n aws_elasticache_reserved_cache_node\norder\ + \ by\n usage_price desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List all AWS ElastiCache Reserved Cache Nodes diff --git a/queries/aws_elasticache_reserved_cache_node_5.yaml b/queries/aws_elasticache_reserved_cache_node_5.yaml index 939bdd70c..af0ad969d 100755 --- a/queries/aws_elasticache_reserved_cache_node_5.yaml +++ b/queries/aws_elasticache_reserved_cache_node_5.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS ElastiCache Reserved Cache Nodes to gather + details such as the reservation status, start time, duration, and associated metadata. ID: aws_elasticache_reserved_cache_node_5 -Title: "Find AWS ElastiCache Reserved Cache Nodes Details" -Description: "Allows users to query AWS ElastiCache Reserved Cache Nodes to gather details such as the reservation status, start time, duration, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_cache_node_id, - arn, - reserved_cache_nodes_offering_id, - state, - cache_node_type - from - aws_elasticache_reserved_cache_node - where - state <> 'active'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_cache_node_id,\n arn,\n reserved_cache_nodes_offering_id,\n\ + \ state,\n cache_node_type\nfrom\n aws_elasticache_reserved_cache_node\nwhere\n\ + \ state <> 'active';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: Find AWS ElastiCache Reserved Cache Nodes Details diff --git a/queries/aws_elasticache_subnet_group_1.yaml b/queries/aws_elasticache_subnet_group_1.yaml index f389b6744..563e9be86 100755 --- a/queries/aws_elasticache_subnet_group_1.yaml +++ b/queries/aws_elasticache_subnet_group_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS ElastiCache Subnet Groups, providing details + about each subnet group within their ElastiCache service, including the associated + VPC, subnets, and status. ID: aws_elasticache_subnet_group_1 -Title: "List all AWS ElastiCache Subnet Groups and Details" -Description: "Allows users to query AWS ElastiCache Subnet Groups, providing details about each subnet group within their ElastiCache service, including the associated VPC, subnets, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cache_subnet_group_name, - cache_subnet_group_description, - region, - account_id - from - aws_elasticache_subnet_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cache_subnet_group_name,\n cache_subnet_group_description,\n\ + \ region,\n account_id\nfrom\n aws_elasticache_subnet_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List all AWS ElastiCache Subnet Groups and Details diff --git a/queries/aws_elasticache_subnet_group_2.yaml b/queries/aws_elasticache_subnet_group_2.yaml index 19bded756..409be9cbc 100755 --- a/queries/aws_elasticache_subnet_group_2.yaml +++ b/queries/aws_elasticache_subnet_group_2.yaml @@ -1,28 +1,25 @@ +Description: Allows users to query AWS ElastiCache Subnet Groups, providing details + about each subnet group within their ElastiCache service, including the associated + VPC, subnets, and status. ID: aws_elasticache_subnet_group_2 -Title: "List all AWS ElastiCache Subnet Groups and Details" -Description: "Allows users to query AWS ElastiCache Subnet Groups, providing details about each subnet group within their ElastiCache service, including the associated VPC, subnets, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - sub -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, - sub ->> 'SubnetIdentifier' as subnet_identifier, - sub ->> 'SubnetOutpost' as subnet_outpost - from - aws_elasticache_subnet_group, - jsonb_array_elements(subnets) as sub; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_id,\n sub -> 'SubnetAvailabilityZone' ->> 'Name'\ + \ as subnet_availability_zone,\n sub ->> 'SubnetIdentifier' as subnet_identifier,\n\ + \ sub ->> 'SubnetOutpost' as subnet_outpost\nfrom\n aws_elasticache_subnet_group,\n\ + \ jsonb_array_elements(subnets) as sub;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: List all AWS ElastiCache Subnet Groups and Details diff --git a/queries/aws_elasticache_subnet_group_3.yaml b/queries/aws_elasticache_subnet_group_3.yaml index 6d0e88c10..fd7a4ed40 100755 --- a/queries/aws_elasticache_subnet_group_3.yaml +++ b/queries/aws_elasticache_subnet_group_3.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query AWS ElastiCache Subnet Groups, providing details + about each subnet group within their ElastiCache service, including the associated + VPC, subnets, and status. ID: aws_elasticache_subnet_group_3 -Title: "Find AWS ElastiCache Subnet Groups and VPC Details" -Description: "Allows users to query AWS ElastiCache Subnet Groups, providing details about each subnet group within their ElastiCache service, including the associated VPC, subnets, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.cache_cluster_id, - sg.cache_subnet_group_name, - sg.vpc_id - from - aws_elasticache_subnet_group as sg - join aws_elasticache_cluster as c on sg.cache_subnet_group_name = c.cache_subnet_group_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n c.cache_cluster_id,\n sg.cache_subnet_group_name,\n\ + \ sg.vpc_id\nfrom\n aws_elasticache_subnet_group as sg\n join aws_elasticache_cluster\ + \ as c on sg.cache_subnet_group_name = c.cache_subnet_group_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - ElastiCache +Title: Find AWS ElastiCache Subnet Groups and VPC Details diff --git a/queries/aws_elasticsearch_domain_1.yaml b/queries/aws_elasticsearch_domain_1.yaml index aec0ca28e..e3a6d0f1a 100755 --- a/queries/aws_elasticsearch_domain_1.yaml +++ b/queries/aws_elasticsearch_domain_1.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Elasticsearch Service Domains for detailed + information related to the configuration, status, and access policies of the Elasticsearch + domains. ID: aws_elasticsearch_domain_1 -Title: "Find all AWS Elasticsearch Service Domain details using SQL" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - arn, - elasticsearch_version, - created - from - aws_elasticsearch_domain; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n arn,\n elasticsearch_version,\n\ + \ created\nfrom\n aws_elasticsearch_domain;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elasticsearch Service +Title: Find all AWS Elasticsearch Service Domain details using SQL diff --git a/queries/aws_elasticsearch_domain_2.yaml b/queries/aws_elasticsearch_domain_2.yaml index f0a26dd7e..c262e9d57 100755 --- a/queries/aws_elasticsearch_domain_2.yaml +++ b/queries/aws_elasticsearch_domain_2.yaml @@ -1,31 +1,27 @@ +Description: Allows users to query AWS Elasticsearch Service Domains for detailed + information related to the configuration, status, and access policies of the Elasticsearch + domains. ID: aws_elasticsearch_domain_2 -Title: "List all AWS Elasticsearch Service Domains with Disabled Encryption" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - encryption_at_rest_options ->> 'Enabled' as enabled, - encryption_at_rest_options ->> 'KmsKeyId' as kms_key_id - from - aws_elasticsearch_domain - where - encryption_at_rest_options ->> 'Enabled' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n encryption_at_rest_options\ + \ ->> 'Enabled' as enabled,\n encryption_at_rest_options ->> 'KmsKeyId' as kms_key_id\n\ + from\n aws_elasticsearch_domain\nwhere\n encryption_at_rest_options ->> 'Enabled'\ + \ = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elasticsearch Service +Title: List all AWS Elasticsearch Service Domains with Disabled Encryption diff --git a/queries/aws_elasticsearch_domain_3.yaml b/queries/aws_elasticsearch_domain_3.yaml index c5f941374..452aaba08 100755 --- a/queries/aws_elasticsearch_domain_3.yaml +++ b/queries/aws_elasticsearch_domain_3.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS Elasticsearch Service Domains for detailed + information related to the configuration, status, and access policies of the Elasticsearch + domains. ID: aws_elasticsearch_domain_3 -Title: "List all AWS Elasticsearch Service Domains with Configuration" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - ebs_options ->> 'VolumeSize' as volume_size, - ebs_options ->> 'VolumeType' as volume_type, - ebs_options ->> 'EBSEnabled' as ebs_enabled - from - aws_elasticsearch_domain - where - ebs_options ->> 'EBSEnabled' = 'true'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n ebs_options ->> 'VolumeSize'\ + \ as volume_size,\n ebs_options ->> 'VolumeType' as volume_type,\n ebs_options\ + \ ->> 'EBSEnabled' as ebs_enabled\nfrom\n aws_elasticsearch_domain\nwhere\n \ + \ ebs_options ->> 'EBSEnabled' = 'true';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elasticsearch Service +Title: List all AWS Elasticsearch Service Domains with Configuration diff --git a/queries/aws_elasticsearch_domain_4.yaml b/queries/aws_elasticsearch_domain_4.yaml index a77338e23..7c981fe71 100755 --- a/queries/aws_elasticsearch_domain_4.yaml +++ b/queries/aws_elasticsearch_domain_4.yaml @@ -1,30 +1,26 @@ +Description: Allows users to query AWS Elasticsearch Service Domains for detailed + information related to the configuration, status, and access policies of the Elasticsearch + domains. ID: aws_elasticsearch_domain_4 -Title: "List all AWS Elasticsearch Service Domains configuration" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - vpc_options ->> 'AvailabilityZones' as availability_zones, - vpc_options ->> 'SecurityGroupIds' as security_group_ids, - vpc_options ->> 'SubnetIds' as subnet_ids, - vpc_options ->> 'VPCId' as vpc_id - from - aws_elasticsearch_domain - where - vpc_options ->> 'AvailabilityZones' is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n vpc_options ->> 'AvailabilityZones' as\ + \ availability_zones,\n vpc_options ->> 'SecurityGroupIds' as security_group_ids,\n\ + \ vpc_options ->> 'SubnetIds' as subnet_ids,\n vpc_options ->> 'VPCId' as vpc_id\n\ + from\n aws_elasticsearch_domain\nwhere\n vpc_options ->> 'AvailabilityZones'\ + \ is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elasticsearch Service +Title: List all AWS Elasticsearch Service Domains configuration diff --git a/queries/aws_elasticsearch_domain_5.yaml b/queries/aws_elasticsearch_domain_5.yaml index bdb92002d..27cb4e8d8 100755 --- a/queries/aws_elasticsearch_domain_5.yaml +++ b/queries/aws_elasticsearch_domain_5.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query AWS Elasticsearch Service Domains for detailed + information related to the configuration, status, and access policies of the Elasticsearch + domains. ID: aws_elasticsearch_domain_5 -Title: "Find AWS Elasticsearch Domain Configuration and Status" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - elasticsearch_cluster_config ->> 'InstanceType' as instance_type, - elasticsearch_cluster_config ->> 'InstanceCount' as instance_count - from - aws_elasticsearch_domain; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n elasticsearch_cluster_config\ + \ ->> 'InstanceType' as instance_type,\n elasticsearch_cluster_config ->> 'InstanceCount'\ + \ as instance_count\nfrom\n aws_elasticsearch_domain;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elasticsearch Service +Title: Find AWS Elasticsearch Domain Configuration and Status diff --git a/queries/aws_elasticsearch_domain_6.yaml b/queries/aws_elasticsearch_domain_6.yaml index db6e493e4..7a38abeb8 100755 --- a/queries/aws_elasticsearch_domain_6.yaml +++ b/queries/aws_elasticsearch_domain_6.yaml @@ -1,33 +1,26 @@ +Description: Allows users to query AWS Elasticsearch Service Domains for detailed + information related to the configuration, status, and access policies of the Elasticsearch + domains. ID: aws_elasticsearch_domain_6 -Title: "Find AWS Elasticsearch Service Domain Config and Status" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - p as principal, - a as action, - s ->> 'Effect' as effect - from - aws_elasticsearch_domain, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - p = '*' - and s ->> 'Effect' = 'Allow'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n p as principal,\n a as action,\n s\ + \ ->> 'Effect' as effect\nfrom\n aws_elasticsearch_domain,\n jsonb_array_elements(policy_std\ + \ -> 'Statement') as s,\n jsonb_array_elements_text(s -> 'Principal' -> 'AWS')\ + \ as p,\n jsonb_array_elements_text(s -> 'Action') as a\nwhere\n p = '*'\n \ + \ and s ->> 'Effect' = 'Allow';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elasticsearch Service +Title: Find AWS Elasticsearch Service Domain Config and Status diff --git a/queries/aws_elasticsearch_domain_7.yaml b/queries/aws_elasticsearch_domain_7.yaml index 7f3d27c0c..c672e9192 100755 --- a/queries/aws_elasticsearch_domain_7.yaml +++ b/queries/aws_elasticsearch_domain_7.yaml @@ -1,28 +1,25 @@ +Description: Allows users to query AWS Elasticsearch Service Domains for detailed + information related to the configuration, status, and access policies of the Elasticsearch + domains. ID: aws_elasticsearch_domain_7 -Title: "Find AWS Elasticsearch Service Domain Details" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - log_publishing_options - from - aws_elasticsearch_domain; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n log_publishing_options\n\ + from\n aws_elasticsearch_domain;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elasticsearch Service +Title: Find AWS Elasticsearch Service Domain Details diff --git a/queries/aws_elasticsearch_domain_8.yaml b/queries/aws_elasticsearch_domain_8.yaml index 1611490e5..411a52138 100755 --- a/queries/aws_elasticsearch_domain_8.yaml +++ b/queries/aws_elasticsearch_domain_8.yaml @@ -1,27 +1,25 @@ +Description: Allows users to query AWS Elasticsearch Service Domains for detailed + information related to the configuration, status, and access policies of the Elasticsearch + domains. ID: aws_elasticsearch_domain_8 -Title: "Find AWS Elasticsearch Service Domain Configuration" -Description: "Allows users to query AWS Elasticsearch Service Domains for detailed information related to the configuration, status, and access policies of the Elasticsearch domains." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'Enabled' as enabled, - log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'CloudWatchLogsLogGroupArn' as cloud_watch_logs_log_group_arn - from - aws_elasticsearch_domain; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n log_publishing_options\ + \ -> 'SEARCH_SLOW_LOGS' -> 'Enabled' as enabled,\n log_publishing_options ->\ + \ 'SEARCH_SLOW_LOGS' -> 'CloudWatchLogsLogGroupArn' as cloud_watch_logs_log_group_arn\n\ + from\n aws_elasticsearch_domain;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elasticsearch Service +Title: Find AWS Elasticsearch Service Domain Configuration diff --git a/queries/aws_emr_block_public_access_configuration_1.yaml b/queries/aws_emr_block_public_access_configuration_1.yaml index b2b76ae3d..613adefd5 100755 --- a/queries/aws_emr_block_public_access_configuration_1.yaml +++ b/queries/aws_emr_block_public_access_configuration_1.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS EMR Block Public Access Configuration to retrieve + details about the block public access configurations for EMR clusters. ID: aws_emr_block_public_access_configuration_1 -Title: "Find AWS EMR Block Public Access Configuration Details" -Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - created_by_arn, - block_public_security_group_rules, - creation_date, - classification, - permitted_public_security_group_rule_ranges - from - aws_emr_block_public_access_configuration - order by - created_by_arn, - creation_date; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n created_by_arn,\n block_public_security_group_rules,\n\ + \ creation_date,\n classification,\n permitted_public_security_group_rule_ranges\n\ + from\n aws_emr_block_public_access_configuration\norder by\n created_by_arn,\n\ + \ creation_date;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: Find AWS EMR Block Public Access Configuration Details diff --git a/queries/aws_emr_block_public_access_configuration_2.yaml b/queries/aws_emr_block_public_access_configuration_2.yaml index 72d8b09c3..c10b24eca 100755 --- a/queries/aws_emr_block_public_access_configuration_2.yaml +++ b/queries/aws_emr_block_public_access_configuration_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EMR Block Public Access Configuration to retrieve + details about the block public access configurations for EMR clusters. ID: aws_emr_block_public_access_configuration_2 -Title: "List AWS EMR Block Public Access Configuration Details" -Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - created_by_arn, - creation_date - from - aws_emr_block_public_access_configuration - where - block_public_security_group_rules; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n created_by_arn,\n creation_date\nfrom\n aws_emr_block_public_access_configuration\n\ + where\n block_public_security_group_rules;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS EMR +Title: List AWS EMR Block Public Access Configuration Details diff --git a/queries/aws_emr_block_public_access_configuration_3.yaml b/queries/aws_emr_block_public_access_configuration_3.yaml index b9516c9c9..359f60bc2 100755 --- a/queries/aws_emr_block_public_access_configuration_3.yaml +++ b/queries/aws_emr_block_public_access_configuration_3.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS EMR Block Public Access Configuration to retrieve + details about the block public access configurations for EMR clusters. ID: aws_emr_block_public_access_configuration_3 -Title: "Find AWS EMR Block Public Access Configurations" -Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - created_by_arn, - creation_date, - rules ->> 'MaxRange' as max_range, - rules ->> 'MinRange' as min_range - from - aws_emr_block_public_access_configuration - cross join jsonb_array_elements(permitted_public_security_group_rule_ranges) as rules; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n created_by_arn,\n creation_date,\n rules ->> 'MaxRange'\ + \ as max_range,\n rules ->> 'MinRange' as min_range\nfrom\n aws_emr_block_public_access_configuration\n\ + \ cross join jsonb_array_elements(permitted_public_security_group_rule_ranges)\ + \ as rules;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR Block Public Access Configuration +Title: Find AWS EMR Block Public Access Configurations diff --git a/queries/aws_emr_block_public_access_configuration_4.yaml b/queries/aws_emr_block_public_access_configuration_4.yaml index fe6ca2259..71aa57bbb 100755 --- a/queries/aws_emr_block_public_access_configuration_4.yaml +++ b/queries/aws_emr_block_public_access_configuration_4.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS EMR Block Public Access Configuration to retrieve + details about the block public access configurations for EMR clusters. ID: aws_emr_block_public_access_configuration_4 -Title: "Find AWS EMR Block Public Access Configuration Details" -Description: "Allows users to query AWS EMR Block Public Access Configuration to retrieve details about the block public access configurations for EMR clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - created_by_arn, - creation_date - from - aws_emr_block_public_access_configuration - where - date_part('day', now() - creation_date) < 90; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n created_by_arn,\n creation_date\nfrom\n aws_emr_block_public_access_configuration\n\ + where\n date_part('day', now() - creation_date) < 90;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: Find AWS EMR Block Public Access Configuration Details diff --git a/queries/aws_emr_cluster_1.yaml b/queries/aws_emr_cluster_1.yaml index f3a456112..7b43ab876 100755 --- a/queries/aws_emr_cluster_1.yaml +++ b/queries/aws_emr_cluster_1.yaml @@ -1,27 +1,19 @@ +Description: Allows users to query AWS Elastic MapReduce Cluster data. ID: aws_emr_cluster_1 -Title: "List all AWS Elastic MapReduce Cluster data" -Description: "Allows users to query AWS Elastic MapReduce Cluster data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - cluster_arn, - name, - auto_terminate, - status ->> 'State' as state, - tags - from - aws_emr_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n cluster_arn,\n name,\n auto_terminate,\n status\ + \ ->> 'State' as state,\n tags\nfrom\n aws_emr_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic MapReduce +Title: List all AWS Elastic MapReduce Cluster data diff --git a/queries/aws_emr_cluster_2.yaml b/queries/aws_emr_cluster_2.yaml index 58b012c4c..0badacfe5 100755 --- a/queries/aws_emr_cluster_2.yaml +++ b/queries/aws_emr_cluster_2.yaml @@ -1,26 +1,19 @@ +Description: Allows users to query AWS Elastic MapReduce Cluster data. ID: aws_emr_cluster_2 -Title: "Find AWS EMR Clusters That Do Not Auto-Terminate" -Description: "Allows users to query AWS Elastic MapReduce Cluster data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cluster_arn, - auto_terminate - from - aws_emr_cluster - where - not auto_terminate; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n cluster_arn,\n auto_terminate\nfrom\n aws_emr_cluster\n\ + where\n not auto_terminate;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic MapReduce +Title: Find AWS EMR Clusters That Do Not Auto-Terminate diff --git a/queries/aws_emr_cluster_3.yaml b/queries/aws_emr_cluster_3.yaml index fafd5ef6a..194715bca 100755 --- a/queries/aws_emr_cluster_3.yaml +++ b/queries/aws_emr_cluster_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Elastic MapReduce Cluster data. ID: aws_emr_cluster_3 -Title: "Find AWS Elastic MapReduce Clusters with Errors" -Description: "Allows users to query AWS Elastic MapReduce Cluster data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - status ->> 'State' as state, - status -> 'StateChangeReason' ->> 'Message' as state_change_reason - from - aws_emr_cluster - where - status ->> 'State' = 'TERMINATED_WITH_ERRORS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n status ->> 'State' as state,\n status\ + \ -> 'StateChangeReason' ->> 'Message' as state_change_reason\nfrom\n aws_emr_cluster\n\ + where\n status ->> 'State' = 'TERMINATED_WITH_ERRORS';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic MapReduce +Title: Find AWS Elastic MapReduce Clusters with Errors diff --git a/queries/aws_emr_cluster_4.yaml b/queries/aws_emr_cluster_4.yaml index 37d68d1e0..2e224e205 100755 --- a/queries/aws_emr_cluster_4.yaml +++ b/queries/aws_emr_cluster_4.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Elastic MapReduce Cluster data. ID: aws_emr_cluster_4 -Title: "Find AWS Elastic MapReduce Cluster Data" -Description: "Allows users to query AWS Elastic MapReduce Cluster data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cluster_arn, - a ->> 'Name' as application_name, - a ->> 'Version' as application_version - from - aws_emr_cluster, - jsonb_array_elements(applications) as a; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n cluster_arn,\n a ->> 'Name' as application_name,\n\ + \ a ->> 'Version' as application_version\nfrom\n aws_emr_cluster,\n jsonb_array_elements(applications)\ + \ as a;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic MapReduce +Title: Find AWS Elastic MapReduce Cluster Data diff --git a/queries/aws_emr_cluster_5.yaml b/queries/aws_emr_cluster_5.yaml index 0d06eb86e..84e56f243 100755 --- a/queries/aws_emr_cluster_5.yaml +++ b/queries/aws_emr_cluster_5.yaml @@ -1,26 +1,19 @@ +Description: Allows users to query AWS Elastic MapReduce Cluster data. ID: aws_emr_cluster_5 -Title: "Find AWS Elastic MapReduce Cluster Data" -Description: "Allows users to query AWS Elastic MapReduce Cluster data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cluster_arn, - log_uri - from - aws_emr_cluster - where - log_uri is null - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n cluster_arn,\n log_uri\nfrom\n aws_emr_cluster\n\ + where\n log_uri is null" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic MapReduce +Title: Find AWS Elastic MapReduce Cluster Data diff --git a/queries/aws_emr_cluster_6.yaml b/queries/aws_emr_cluster_6.yaml index 6a5c1ddf5..4c0c018ec 100755 --- a/queries/aws_emr_cluster_6.yaml +++ b/queries/aws_emr_cluster_6.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Elastic MapReduce Cluster data. ID: aws_emr_cluster_6 -Title: "Find AWS EMR Cluster Data with Specific Log URIs" -Description: "Allows users to query AWS Elastic MapReduce Cluster data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cluster_arn, - log_uri, - log_encryption_kms_key_id - from - aws_emr_cluster - where - log_uri is not null and log_encryption_kms_key_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n cluster_arn,\n log_uri,\n log_encryption_kms_key_id\n\ + from\n aws_emr_cluster\nwhere\n log_uri is not null and log_encryption_kms_key_id\ + \ is null;" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Elastic MapReduce +Title: Find AWS EMR Cluster Data with Specific Log URIs diff --git a/queries/aws_emr_cluster_metric_is_idle_1.yaml b/queries/aws_emr_cluster_metric_is_idle_1.yaml index e9b81a60e..af1d39c00 100755 --- a/queries/aws_emr_cluster_metric_is_idle_1.yaml +++ b/queries/aws_emr_cluster_metric_is_idle_1.yaml @@ -1,30 +1,20 @@ +Description: Allows users to query AWS EMR Cluster Metrics to determine if a cluster + is idle. ID: aws_emr_cluster_metric_is_idle_1 -Title: "Find Idle Status of AWS EMR Cluster Metrics" -Description: "Allows users to query AWS EMR Cluster Metrics to determine if a cluster is idle." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_emr_cluster_metric_is_idle - order by - id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sample_count\nfrom\n aws_emr_cluster_metric_is_idle\norder by\n id,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: Find Idle Status of AWS EMR Cluster Metrics diff --git a/queries/aws_emr_instance_1.yaml b/queries/aws_emr_instance_1.yaml index 7295747e3..d7a1eac67 100755 --- a/queries/aws_emr_instance_1.yaml +++ b/queries/aws_emr_instance_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS EMR Instances for detailed information about + the status, configuration, and other metadata of each instance. ID: aws_emr_instance_1 -Title: "Find all AWS EMR Instances for status and configuration" -Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - cluster_id, - ec2_instance_id, - instance_type, - private_dns_name, - private_ip_address - from - aws_emr_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n cluster_id,\n ec2_instance_id,\n instance_type,\n\ + \ private_dns_name,\n private_ip_address\nfrom\n aws_emr_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: Find all AWS EMR Instances for status and configuration diff --git a/queries/aws_emr_instance_2.yaml b/queries/aws_emr_instance_2.yaml index 6916146a5..723df57ff 100755 --- a/queries/aws_emr_instance_2.yaml +++ b/queries/aws_emr_instance_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS EMR Instances for detailed information about + the status, configuration, and other metadata of each instance. ID: aws_emr_instance_2 -Title: "Find detailed AWS EMR Instances status and configuration" -Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - ec2_instance_id, - instance_type - from - aws_emr_instance - where - instance_type = 'm2.4xlarge'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n ec2_instance_id,\n instance_type\nfrom\n aws_emr_instance\n\ + where\n instance_type = 'm2.4xlarge';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: Find detailed AWS EMR Instances status and configuration diff --git a/queries/aws_emr_instance_3.yaml b/queries/aws_emr_instance_3.yaml index 9607decc3..44a147fe0 100755 --- a/queries/aws_emr_instance_3.yaml +++ b/queries/aws_emr_instance_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS EMR Instances for detailed information about + the status, configuration, and other metadata of each instance. ID: aws_emr_instance_3 -Title: "Find all AWS EMR Instances with Detailed Information" -Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - ec2_instance_id, - instance_type - from - aws_emr_instance - where - cluster_id = 'j-21HIX5R2NZMXJ'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n ec2_instance_id,\n instance_type\nfrom\n aws_emr_instance\n\ + where\n cluster_id = 'j-21HIX5R2NZMXJ';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: Find all AWS EMR Instances with Detailed Information diff --git a/queries/aws_emr_instance_4.yaml b/queries/aws_emr_instance_4.yaml index 3efe8778f..defa925e8 100755 --- a/queries/aws_emr_instance_4.yaml +++ b/queries/aws_emr_instance_4.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS EMR Instances for detailed information about + the status, configuration, and other metadata of each instance. ID: aws_emr_instance_4 -Title: "Query AWS EMR Instances and Detailed Metadata" -Description: "Allows users to query AWS EMR Instances for detailed information about the status, configuration, and other metadata of each instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - ec2_instance_id, - instance_type, - v -> 'Device' as device, - v -> 'VolumeId' as volume_id - from - aws_emr_instance, - jsonb_array_elements(ebs_volumes) as v - where - ei.id = 'ci-ULCFS2ZN0FK7'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n ec2_instance_id,\n instance_type,\n v -> 'Device'\ + \ as device,\n v -> 'VolumeId' as volume_id\nfrom\n aws_emr_instance,\n jsonb_array_elements(ebs_volumes)\ + \ as v\nwhere\n ei.id = 'ci-ULCFS2ZN0FK7';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: Query AWS EMR Instances and Detailed Metadata diff --git a/queries/aws_emr_instance_fleet_1.yaml b/queries/aws_emr_instance_fleet_1.yaml index b3b3d4c9a..6096120e7 100755 --- a/queries/aws_emr_instance_fleet_1.yaml +++ b/queries/aws_emr_instance_fleet_1.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS EMR Instance Fleets to obtain detailed information + about each instance fleet, including its configuration, instance type specifications, + target capacities, and associated metadata. ID: aws_emr_instance_fleet_1 -Title: "List all AWS EMR Instance Fleets with Configuration Details" -Description: "Allows users to query AWS EMR Instance Fleets to obtain detailed information about each instance fleet, including its configuration, instance type specifications, target capacities, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - cluster_id, - instance_fleet_type, - state - from - aws_emr_instance_fleet; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n cluster_id,\n instance_fleet_type,\n\ + \ state\nfrom\n aws_emr_instance_fleet;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: List all AWS EMR Instance Fleets with Configuration Details diff --git a/queries/aws_emr_instance_fleet_2.yaml b/queries/aws_emr_instance_fleet_2.yaml index c0cd87a9b..34ad4fd22 100755 --- a/queries/aws_emr_instance_fleet_2.yaml +++ b/queries/aws_emr_instance_fleet_2.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS EMR Instance Fleets to obtain detailed information + about each instance fleet, including its configuration, instance type specifications, + target capacities, and associated metadata. ID: aws_emr_instance_fleet_2 -Title: "List all AWS EMR Instance Fleets with Configuration Details" -Description: "Allows users to query AWS EMR Instance Fleets to obtain detailed information about each instance fleet, including its configuration, instance type specifications, target capacities, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_id, - c.name as cluster_name, - c.state as cluster_state - from - aws_emr_instance_fleet as f, - aws_emr_cluster as c - where - f.cluster_id = c.id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_id,\n c.name as cluster_name,\n c.state as\ + \ cluster_state\nfrom\n aws_emr_instance_fleet as f,\n aws_emr_cluster as c\n\ + where\n f.cluster_id = c.id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: List all AWS EMR Instance Fleets with Configuration Details diff --git a/queries/aws_emr_instance_fleet_3.yaml b/queries/aws_emr_instance_fleet_3.yaml index c827a1db1..9268d2f31 100755 --- a/queries/aws_emr_instance_fleet_3.yaml +++ b/queries/aws_emr_instance_fleet_3.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS EMR Instance Fleets to obtain detailed information + about each instance fleet, including its configuration, instance type specifications, + target capacities, and associated metadata. ID: aws_emr_instance_fleet_3 -Title: "List all AWS EMR Instance Fleets and Their Capabilities" -Description: "Allows users to query AWS EMR Instance Fleets to obtain detailed information about each instance fleet, including its configuration, instance type specifications, target capacities, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_id, - provisioned_on_demand_capacity, - target_on_demand_capacity - from - aws_emr_instance_fleet; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_id,\n provisioned_on_demand_capacity,\n target_on_demand_capacity\n\ + from\n aws_emr_instance_fleet;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR Instance Fleet +Title: List all AWS EMR Instance Fleets and Their Capabilities diff --git a/queries/aws_emr_instance_group_1.yaml b/queries/aws_emr_instance_group_1.yaml index b3afd69cb..2e9525041 100755 --- a/queries/aws_emr_instance_group_1.yaml +++ b/queries/aws_emr_instance_group_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS EMR Instance Groups to fetch details about + each instance group within an EMR cluster. ID: aws_emr_instance_group_1 -Title: "Find AWS EMR Instance Groups within a Cluster" -Description: "Allows users to query AWS EMR Instance Groups to fetch details about each instance group within an EMR cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - cluster_id, - instance_group_type, - state - from - aws_emr_instance_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n cluster_id,\n instance_group_type,\n\ + \ state\nfrom\n aws_emr_instance_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: Find AWS EMR Instance Groups within a Cluster diff --git a/queries/aws_emr_instance_group_2.yaml b/queries/aws_emr_instance_group_2.yaml index 096b438c1..a2d2b339e 100755 --- a/queries/aws_emr_instance_group_2.yaml +++ b/queries/aws_emr_instance_group_2.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS EMR Instance Groups to fetch details about + each instance group within an EMR cluster. ID: aws_emr_instance_group_2 -Title: "List AWS EMR instance groups within clusters" -Description: "Allows users to query AWS EMR Instance Groups to fetch details about each instance group within an EMR cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - ig.id as instance_group_id, - ig.cluster_id, - c.name as cluster_name, - ig.instance_type - from - aws_emr_instance_group as ig, - aws_emr_cluster as c - where - ig.cluster_id = c.id - and ig.instance_group_type = 'MASTER'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n ig.id as instance_group_id,\n ig.cluster_id,\n c.name\ + \ as cluster_name,\n ig.instance_type\nfrom\n aws_emr_instance_group as ig,\n\ + \ aws_emr_cluster as c\nwhere\n ig.cluster_id = c.id\n and ig.instance_group_type\ + \ = 'MASTER';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: List AWS EMR instance groups within clusters diff --git a/queries/aws_emr_instance_group_3.yaml b/queries/aws_emr_instance_group_3.yaml index 8e7e6bc75..7e9cdec34 100755 --- a/queries/aws_emr_instance_group_3.yaml +++ b/queries/aws_emr_instance_group_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS EMR Instance Groups to fetch details about + each instance group within an EMR cluster. ID: aws_emr_instance_group_3 -Title: "List All AWS EMR Instance Groups and Running Instances" -Description: "Allows users to query AWS EMR Instance Groups to fetch details about each instance group within an EMR cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_id, - sum(running_instance_count) as running_instance_count - from - aws_emr_instance_group - where - state = 'RUNNING' - group by cluster_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_id,\n sum(running_instance_count) as running_instance_count\n\ + from\n aws_emr_instance_group\nwhere\n state = 'RUNNING'\ngroup by cluster_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS EMR +Title: List All AWS EMR Instance Groups and Running Instances diff --git a/queries/aws_emr_security_configuration_1.yaml b/queries/aws_emr_security_configuration_1.yaml index 6c07a2ba1..1ffe3f32d 100755 --- a/queries/aws_emr_security_configuration_1.yaml +++ b/queries/aws_emr_security_configuration_1.yaml @@ -1,30 +1,28 @@ +Description: Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. + This table provides information about security settings and configurations that + can be applied to EMR clusters, managing encryption, authentication, and authorization. + These configurations are crucial for ensuring the secure handling of data, protecting + sensitive information, and complying with various data security standards and regulations. ID: aws_emr_security_configuration_1 -Title: "Find AWS EMR Security Configurations Details" -Description: "Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. This table provides information about security settings and configurations that can be applied to EMR clusters, managing encryption, authentication, and authorization. These configurations are crucial for ensuring the secure handling of data, protecting sensitive information, and complying with various data security standards and regulations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - creation_date_time, - encryption_configuration, - instance_metadata_service_configuration, - security_configuration - from - aws_emr_security_configuration; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n creation_date_time,\n encryption_configuration,\n\ + \ instance_metadata_service_configuration,\n security_configuration\nfrom\n\ + \ aws_emr_security_configuration;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: Find AWS EMR Security Configurations Details diff --git a/queries/aws_emr_security_configuration_2.yaml b/queries/aws_emr_security_configuration_2.yaml index 1ee377969..eb5ffb224 100755 --- a/queries/aws_emr_security_configuration_2.yaml +++ b/queries/aws_emr_security_configuration_2.yaml @@ -1,28 +1,26 @@ +Description: Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. + This table provides information about security settings and configurations that + can be applied to EMR clusters, managing encryption, authentication, and authorization. + These configurations are crucial for ensuring the secure handling of data, protecting + sensitive information, and complying with various data security standards and regulations. ID: aws_emr_security_configuration_2 -Title: "List EMR Security Configs from Last 30 Days" -Description: "Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. This table provides information about security settings and configurations that can be applied to EMR clusters, managing encryption, authentication, and authorization. These configurations are crucial for ensuring the secure handling of data, protecting sensitive information, and complying with various data security standards and regulations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - creation_date_time, - security_configuration - from - aws_emr_security_configuration - where - creation_date_time >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n creation_date_time,\n security_configuration\n\ + from\n aws_emr_security_configuration\nwhere\n creation_date_time >= now() -\ + \ interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: List EMR Security Configs from Last 30 Days diff --git a/queries/aws_emr_security_configuration_3.yaml b/queries/aws_emr_security_configuration_3.yaml index 4ef08f3cc..dedc865de 100755 --- a/queries/aws_emr_security_configuration_3.yaml +++ b/queries/aws_emr_security_configuration_3.yaml @@ -1,32 +1,34 @@ +Description: Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. + This table provides information about security settings and configurations that + can be applied to EMR clusters, managing encryption, authentication, and authorization. + These configurations are crucial for ensuring the secure handling of data, protecting + sensitive information, and complying with various data security standards and regulations. ID: aws_emr_security_configuration_3 -Title: "List all AWS EMR Security Configurations using SQL" -Description: "Allows users to query AWS EMR (Amazon Elastic MapReduce) Security Configurations. This table provides information about security settings and configurations that can be applied to EMR clusters, managing encryption, authentication, and authorization. These configurations are crucial for ensuring the secure handling of data, protecting sensitive information, and complying with various data security standards and regulations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - creation_date_time, - encryption_configuration -> 'AtRestEncryptionConfiguration' -> 'LocalDiskEncryptionConfiguration' ->> 'AwsKmsKey' as aws_kms_key, - encryption_configuration -> 'AtRestEncryptionConfiguration' -> 'LocalDiskEncryptionConfiguration' ->> 'EnableEbsEncryption' as enable_ebs_encryption, - encryption_configuration -> 'AtRestEncryptionConfiguration' -> 'LocalDiskEncryptionConfiguration' ->> 'EncryptionKeyProviderType' as encryption_key_provider_type, - encryption_configuration -> 'S3EncryptionConfiguration' as s3_encryption_configuration, - encryption_configuration ->> 'EnableAtRestEncryption' as enable_at_rest_encryption, - encryption_configuration ->> 'EnableInTransitEncryption' as enable_in_transit_encryption, - encryption_configuration -> 'InTransitEncryptionConfiguration' as in_transit_encryption_configuration - from - aws_emr_security_configuration; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n creation_date_time,\n encryption_configuration\ + \ -> 'AtRestEncryptionConfiguration' -> 'LocalDiskEncryptionConfiguration' ->>\ + \ 'AwsKmsKey' as aws_kms_key,\n encryption_configuration -> 'AtRestEncryptionConfiguration'\ + \ -> 'LocalDiskEncryptionConfiguration' ->> 'EnableEbsEncryption' as enable_ebs_encryption,\n\ + \ encryption_configuration -> 'AtRestEncryptionConfiguration' -> 'LocalDiskEncryptionConfiguration'\ + \ ->> 'EncryptionKeyProviderType' as encryption_key_provider_type,\n encryption_configuration\ + \ -> 'S3EncryptionConfiguration' as s3_encryption_configuration,\n encryption_configuration\ + \ ->> 'EnableAtRestEncryption' as enable_at_rest_encryption,\n encryption_configuration\ + \ ->> 'EnableInTransitEncryption' as enable_in_transit_encryption,\n encryption_configuration\ + \ -> 'InTransitEncryptionConfiguration' as in_transit_encryption_configuration\n\ + from\n aws_emr_security_configuration;" Tags: cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EMR +Title: List all AWS EMR Security Configurations using SQL diff --git a/queries/aws_eventbridge_bus_1.yaml b/queries/aws_eventbridge_bus_1.yaml index 6a41d4aeb..1db076f90 100755 --- a/queries/aws_eventbridge_bus_1.yaml +++ b/queries/aws_eventbridge_bus_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS EventBridge Buses for detailed information + about each bus, including its name, ARN, policy, and more. ID: aws_eventbridge_bus_1 -Title: "Find all AWS EventBridge Buses and their Details" -Description: "Allows users to query AWS EventBridge Buses for detailed information about each bus, including its name, ARN, policy, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_eventbridge_bus; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n jsonb_pretty(policy) as policy,\n jsonb_pretty(policy_std)\ + \ as policy_std\nfrom\n aws_eventbridge_bus;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EventBridge +Title: Find all AWS EventBridge Buses and their Details diff --git a/queries/aws_eventbridge_rule_1.yaml b/queries/aws_eventbridge_rule_1.yaml index 4b544bfcb..374b9a7e1 100755 --- a/queries/aws_eventbridge_rule_1.yaml +++ b/queries/aws_eventbridge_rule_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS EventBridge Rule to access information regarding + the EventBridge rules defined within an AWS account. ID: aws_eventbridge_rule_1 -Title: "Find EventBridge Rule Information in AWS Account" -Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - state, - created_by, - event_bus_name - from - aws_eventbridge_rule; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n state,\n created_by,\n event_bus_name\n\ + from\n aws_eventbridge_rule;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EventBridge +Title: Find EventBridge Rule Information in AWS Account diff --git a/queries/aws_eventbridge_rule_2.yaml b/queries/aws_eventbridge_rule_2.yaml index 52194dd0b..c003e442c 100755 --- a/queries/aws_eventbridge_rule_2.yaml +++ b/queries/aws_eventbridge_rule_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS EventBridge Rule to access information regarding + the EventBridge rules defined within an AWS account. ID: aws_eventbridge_rule_2 -Title: "Find all AWS EventBridge Rules not enabled" -Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - state, - created_by - from - aws_eventbridge_rule - where - state != 'ENABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n state,\n created_by\nfrom\n aws_eventbridge_rule\n\ + where\n state != 'ENABLED';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EventBridge +Title: Find all AWS EventBridge Rules not enabled diff --git a/queries/aws_eventbridge_rule_3.yaml b/queries/aws_eventbridge_rule_3.yaml index ff416b3ab..64e610315 100755 --- a/queries/aws_eventbridge_rule_3.yaml +++ b/queries/aws_eventbridge_rule_3.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS EventBridge Rule to access information regarding + the EventBridge rules defined within an AWS account. ID: aws_eventbridge_rule_3 -Title: "Find AWS EventBridge Rules using SQL" -Description: "Allows users to query AWS EventBridge Rule to access information regarding the EventBridge rules defined within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cd ->> 'Id' as target_id, - cd ->> 'Arn' as target_arn, - cd ->> 'RoleArn' as role_arn - from - aws_eventbridge_rule, - jsonb_array_elements(targets) as cd; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n cd ->> 'Id' as target_id,\n cd ->> 'Arn' as\ + \ target_arn,\n cd ->> 'RoleArn' as role_arn\nfrom\n aws_eventbridge_rule,\n\ + \ jsonb_array_elements(targets) as cd;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - EventBridge +Title: Find AWS EventBridge Rules using SQL diff --git a/queries/aws_fms_app_list_1.yaml b/queries/aws_fms_app_list_1.yaml index fa7344c53..fcb6f1466 100755 --- a/queries/aws_fms_app_list_1.yaml +++ b/queries/aws_fms_app_list_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Firewall Manager Applications to obtain comprehensive + details about each application, including application ID, protocol, source and destination + IP ranges, and source and destination ports. ID: aws_fms_app_list_1 -Title: "Find AWS Firewall Manager Application Details" -Description: "Allows users to query AWS Firewall Manager Applications to obtain comprehensive details about each application, including application ID, protocol, source and destination IP ranges, and source and destination ports." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - list_name, - list_id, - arn, - create_time - from - aws_fms_app_list; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n list_name,\n list_id,\n arn,\n create_time\nfrom\n\ + \ aws_fms_app_list;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Firewall Manager +Title: Find AWS Firewall Manager Application Details diff --git a/queries/aws_fms_app_list_2.yaml b/queries/aws_fms_app_list_2.yaml index 7a7f4ccf1..a2623baf8 100755 --- a/queries/aws_fms_app_list_2.yaml +++ b/queries/aws_fms_app_list_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Firewall Manager Applications to obtain comprehensive + details about each application, including application ID, protocol, source and destination + IP ranges, and source and destination ports. ID: aws_fms_app_list_2 -Title: "Find AWS Firewall Manager Application Details in Last 30 Days" -Description: "Allows users to query AWS Firewall Manager Applications to obtain comprehensive details about each application, including application ID, protocol, source and destination IP ranges, and source and destination ports." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - list_name, - list_id, - arn, - create_time - from - aws_fms_app_list - where - create_time >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n list_name,\n list_id,\n arn,\n create_time\nfrom\n\ + \ aws_fms_app_list\nwhere\n create_time >= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Firewall Manager +Title: Find AWS Firewall Manager Application Details in Last 30 Days diff --git a/queries/aws_fms_app_list_3.yaml b/queries/aws_fms_app_list_3.yaml index 3329c0658..4ef3da5eb 100755 --- a/queries/aws_fms_app_list_3.yaml +++ b/queries/aws_fms_app_list_3.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Firewall Manager Applications to obtain comprehensive + details about each application, including application ID, protocol, source and destination + IP ranges, and source and destination ports. ID: aws_fms_app_list_3 -Title: "Query AWS Firewall Manager Applications with Details" -Description: "Allows users to query AWS Firewall Manager Applications to obtain comprehensive details about each application, including application ID, protocol, source and destination IP ranges, and source and destination ports." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - list_name, - list_id, - a ->> 'AppName' as app_name, - a ->> 'Port' as port, - a ->> 'Protocol' as protocol - from - aws_fms_app_list, - jsonb_array_elements(apps_list -> 'AppsList') as a; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n list_name,\n list_id,\n a ->> 'AppName' as app_name,\n\ + \ a ->> 'Port' as port,\n a ->> 'Protocol' as protocol\nfrom\n aws_fms_app_list,\n\ + \ jsonb_array_elements(apps_list -> 'AppsList') as a;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Firewall Manager +Title: Query AWS Firewall Manager Applications with Details diff --git a/queries/aws_fms_policy_1.yaml b/queries/aws_fms_policy_1.yaml index 869b1fcff..0446dbdc0 100755 --- a/queries/aws_fms_policy_1.yaml +++ b/queries/aws_fms_policy_1.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Firewall Manager Policies using SQL. This table + provides information about each AWS Firewall Manager (FMS) policy in an AWS account. + It can be used to gain insights into policy details such as the policy name, ID, + resource type, security service type, and more. ID: aws_fms_policy_1 -Title: "List All AWS Firewall Manager Policy Details" -Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_name, - policy_id, - arn, - policy_description, - resource_type - from - aws_fms_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n policy_name,\n policy_id,\n arn,\n policy_description,\n\ + \ resource_type\nfrom\n aws_fms_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Firewall Manager +Title: List All AWS Firewall Manager Policy Details diff --git a/queries/aws_fms_policy_2.yaml b/queries/aws_fms_policy_2.yaml index 8e76a7521..d28ab1b51 100755 --- a/queries/aws_fms_policy_2.yaml +++ b/queries/aws_fms_policy_2.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Firewall Manager Policies using SQL. This table + provides information about each AWS Firewall Manager (FMS) policy in an AWS account. + It can be used to gain insights into policy details such as the policy name, ID, + resource type, security service type, and more. ID: aws_fms_policy_2 -Title: "Find AWS Firewall Manager Policies with SQL" -Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_name, - policy_id, - arn, - policy_description, - resource_type, - remediation_enabled - from - aws_fms_policy - where - remediation_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n policy_name,\n policy_id,\n arn,\n policy_description,\n\ + \ resource_type,\n remediation_enabled\nfrom\n aws_fms_policy\nwhere\n remediation_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Firewall Manager +Title: Find AWS Firewall Manager Policies with SQL diff --git a/queries/aws_fms_policy_3.yaml b/queries/aws_fms_policy_3.yaml index c4e956f91..634985705 100755 --- a/queries/aws_fms_policy_3.yaml +++ b/queries/aws_fms_policy_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Firewall Manager Policies using SQL. This table + provides information about each AWS Firewall Manager (FMS) policy in an AWS account. + It can be used to gain insights into policy details such as the policy name, ID, + resource type, security service type, and more. ID: aws_fms_policy_3 -Title: "List all AWS Firewall Manager Policies and Details" -Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_name, - resource_type, - count(policy_id) as policy_applied - from - aws_fms_policy - group by - policy_name, - resource_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n policy_name,\n resource_type,\n count(policy_id) as\ + \ policy_applied\nfrom\n aws_fms_policy\ngroup by\n policy_name,\n resource_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Firewall Manager +Title: List all AWS Firewall Manager Policies and Details diff --git a/queries/aws_fms_policy_4.yaml b/queries/aws_fms_policy_4.yaml index 78228e532..10afa836d 100755 --- a/queries/aws_fms_policy_4.yaml +++ b/queries/aws_fms_policy_4.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Firewall Manager Policies using SQL. This table + provides information about each AWS Firewall Manager (FMS) policy in an AWS account. + It can be used to gain insights into policy details such as the policy name, ID, + resource type, security service type, and more. ID: aws_fms_policy_4 -Title: "List AWS Firewall Manager (FMS) Policies Details" -Description: "Allows users to query AWS Firewall Manager Policies using SQL. This table provides information about each AWS Firewall Manager (FMS) policy in an AWS account. It can be used to gain insights into policy details such as the policy name, ID, resource type, security service type, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_name, - policy_id, - policy_status - from - aws_fms_policy - where - policy_status <> 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n policy_name,\n policy_id,\n policy_status\nfrom\n \ + \ aws_fms_policy\nwhere\n policy_status <> 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Firewall Manager +Title: List AWS Firewall Manager (FMS) Policies Details diff --git a/queries/aws_fsx_file_system_1.yaml b/queries/aws_fsx_file_system_1.yaml index 8c5c79cf1..992386c84 100755 --- a/queries/aws_fsx_file_system_1.yaml +++ b/queries/aws_fsx_file_system_1.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS FSx File Systems to gather information about + the file system''s details, including its lifecycle, type, storage capacity, and + associated tags. ID: aws_fsx_file_system_1 -Title: "List AWS FSx File Systems details including lifecycle" -Description: "Allows users to query AWS FSx File Systems to gather information about the file system''s details, including its lifecycle, type, storage capacity, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - file_system_id, - arn, - dns_name, - owner_id, - creation_time, - lifecycle, - storage_capacity - from - aws_fsx_file_system; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n file_system_id,\n arn,\n dns_name,\n owner_id,\n \ + \ creation_time,\n lifecycle,\n storage_capacity\nfrom\n aws_fsx_file_system;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - FSx +Title: List AWS FSx File Systems details including lifecycle diff --git a/queries/aws_fsx_file_system_2.yaml b/queries/aws_fsx_file_system_2.yaml index ecc292b76..20bf5bb23 100755 --- a/queries/aws_fsx_file_system_2.yaml +++ b/queries/aws_fsx_file_system_2.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS FSx File Systems to gather information about + the file system''s details, including its lifecycle, type, storage capacity, and + associated tags. ID: aws_fsx_file_system_2 -Title: "List AWS FSx File Systems and Details" -Description: "Allows users to query AWS FSx File Systems to gather information about the file system''s details, including its lifecycle, type, storage capacity, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - file_system_id, - kms_key_id, - region - from - aws_fsx_file_system - where - kms_key_id is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n file_system_id,\n kms_key_id,\n region\nfrom\n aws_fsx_file_system\n\ + where\n kms_key_id is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - FSx +Title: List AWS FSx File Systems and Details diff --git a/queries/aws_glacier_vault_1.yaml b/queries/aws_glacier_vault_1.yaml index ed9d642f7..1928167f5 100755 --- a/queries/aws_glacier_vault_1.yaml +++ b/queries/aws_glacier_vault_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Glacier Vaults for detailed information on + each vault, including the vault''s name, ARN, creation date, number of archives, + size of archives, and more. ID: aws_glacier_vault_1 -Title: "List all AWS Glacier Vault details with SQL Query" -Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vault_name, - creation_date, - last_inventory_date, - number_of_archives, - size_in_bytes - from - aws_glacier_vault; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vault_name,\n creation_date,\n last_inventory_date,\n\ + \ number_of_archives,\n size_in_bytes\nfrom\n aws_glacier_vault;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glacier +Title: List all AWS Glacier Vault details with SQL Query diff --git a/queries/aws_glacier_vault_2.yaml b/queries/aws_glacier_vault_2.yaml index cc555bacd..fa81e07a2 100755 --- a/queries/aws_glacier_vault_2.yaml +++ b/queries/aws_glacier_vault_2.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Glacier Vaults for detailed information on + each vault, including the vault''s name, ARN, creation date, number of archives, + size of archives, and more. ID: aws_glacier_vault_2 -Title: "Find all AWS Glacier Vaults and Detailed Information" -Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_glacier_vault, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and a in ('*', 'glacier:*'); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s -> 'Condition' as conditions\nfrom\n aws_glacier_vault,\n \ + \ jsonb_array_elements(policy_std -> 'Statement') as s,\n jsonb_array_elements_text(s\ + \ -> 'Principal' -> 'AWS') as p,\n jsonb_array_elements_text(s -> 'Action') as\ + \ a\nwhere\n s ->> 'Effect' = 'Allow'\n and a in ('*', 'glacier:*');" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glacier +Title: Find all AWS Glacier Vaults and Detailed Information diff --git a/queries/aws_glacier_vault_3.yaml b/queries/aws_glacier_vault_3.yaml index ff41e123a..3fdc0df17 100755 --- a/queries/aws_glacier_vault_3.yaml +++ b/queries/aws_glacier_vault_3.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Glacier Vaults for detailed information on + each vault, including the vault''s name, ARN, creation date, number of archives, + size of archives, and more. ID: aws_glacier_vault_3 -Title: "List AWS Glacier Vaults with Detailed Information" -Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_glacier_vault, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - p = '*' - and s ->> 'Effect' = 'Allow'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s -> 'Condition' as conditions\nfrom\n aws_glacier_vault,\n \ + \ jsonb_array_elements(policy_std -> 'Statement') as s,\n jsonb_array_elements_text(s\ + \ -> 'Principal' -> 'AWS') as p,\n jsonb_array_elements_text(s -> 'Action') as\ + \ a\nwhere\n p = '*'\n and s ->> 'Effect' = 'Allow';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glacier +Title: List AWS Glacier Vaults with Detailed Information diff --git a/queries/aws_glacier_vault_4.yaml b/queries/aws_glacier_vault_4.yaml index 229318eda..a4596766a 100755 --- a/queries/aws_glacier_vault_4.yaml +++ b/queries/aws_glacier_vault_4.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query AWS Glacier Vaults for detailed information on + each vault, including the vault''s name, ARN, creation date, number of archives, + size of archives, and more. ID: aws_glacier_vault_4 -Title: "Find AWS Glacier Vault Details including Name, ARN, and Archives" -Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' -> 'NumericLessThan' ->> 'glacier:archiveageindays' as archive_age_in_days - from - aws_glacier_vault, - jsonb_array_elements(vault_lock_policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Action') as a; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n a as action,\n s ->> 'Effect' as effect,\n\ + \ s -> 'Condition' -> 'NumericLessThan' ->> 'glacier:archiveageindays' as archive_age_in_days\n\ + from\n aws_glacier_vault,\n jsonb_array_elements(vault_lock_policy_std -> 'Statement')\ + \ as s,\n jsonb_array_elements_text(s -> 'Action') as a;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glacier +Title: Find AWS Glacier Vault Details including Name, ARN, and Archives diff --git a/queries/aws_glacier_vault_5.yaml b/queries/aws_glacier_vault_5.yaml index 4fd2b6567..9f31e5ec7 100755 --- a/queries/aws_glacier_vault_5.yaml +++ b/queries/aws_glacier_vault_5.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Glacier Vaults for detailed information on + each vault, including the vault''s name, ARN, creation date, number of archives, + size of archives, and more. ID: aws_glacier_vault_5 -Title: "List all AWS Glacier Vaults for Detailed Information" -Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vault_name, - tags - from - aws_glacier_vault - where - not tags :: JSONB ? 'owner'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vault_name,\n tags\nfrom\n aws_glacier_vault\nwhere\n\ + \ not tags :: JSONB ? 'owner';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glacier +Title: List all AWS Glacier Vaults for Detailed Information diff --git a/queries/aws_glacier_vault_6.yaml b/queries/aws_glacier_vault_6.yaml index 5d8505574..c72751a84 100755 --- a/queries/aws_glacier_vault_6.yaml +++ b/queries/aws_glacier_vault_6.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS Glacier Vaults for detailed information on + each vault, including the vault''s name, ARN, creation date, number of archives, + size of archives, and more. ID: aws_glacier_vault_6 -Title: "Find all AWS Glacier Vaults and Notification Configs" -Description: "Allows users to query AWS Glacier Vaults for detailed information on each vault, including the vault''s name, ARN, creation date, number of archives, size of archives, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vault_name, - vault_notification_config ->> 'SNSTopic' as sns_topic, - vault_notification_config ->> 'Events' as notification_events - from - aws_glacier_vault - where - vault_notification_config is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vault_name,\n vault_notification_config ->> 'SNSTopic'\ + \ as sns_topic,\n vault_notification_config ->> 'Events' as notification_events\n\ + from\n aws_glacier_vault\nwhere\n vault_notification_config is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glacier +Title: Find all AWS Glacier Vaults and Notification Configs diff --git a/queries/aws_globalaccelerator_accelerator_1.yaml b/queries/aws_globalaccelerator_accelerator_1.yaml index 79ae479c5..3b03cc90e 100755 --- a/queries/aws_globalaccelerator_accelerator_1.yaml +++ b/queries/aws_globalaccelerator_accelerator_1.yaml @@ -1,28 +1,19 @@ +Description: Allows users to query AWS Global Accelerator''s accelerators. ID: aws_globalaccelerator_accelerator_1 -Title: "Find all AWS Global Accelerator Accelerators" -Description: "Allows users to query AWS Global Accelerator''s accelerators." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - dns_name, - enabled, - ip_address_type, - last_modified_time, - status - from - aws_globalaccelerator_accelerator; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_time,\n dns_name,\n enabled,\n ip_address_type,\n\ + \ last_modified_time,\n status\nfrom\n aws_globalaccelerator_accelerator;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Global Accelerator +Title: Find all AWS Global Accelerator Accelerators diff --git a/queries/aws_globalaccelerator_accelerator_2.yaml b/queries/aws_globalaccelerator_accelerator_2.yaml index 6d0916fbe..ba429b814 100755 --- a/queries/aws_globalaccelerator_accelerator_2.yaml +++ b/queries/aws_globalaccelerator_accelerator_2.yaml @@ -1,32 +1,22 @@ +Description: Allows users to query AWS Global Accelerator''s accelerators. ID: aws_globalaccelerator_accelerator_2 -Title: "Find all AWS Global Accelerator accelerators" -Description: "Allows users to query AWS Global Accelerator''s accelerators." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time, - dns_name, - enabled, - ip_address_type, - last_modified_time, - status, - anycast_ip - from - aws_globalaccelerator_accelerator, - jsonb_array_elements(ip_sets -> 0 -> 'IpAddresses') as anycast_ip; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_time,\n dns_name,\n enabled,\n ip_address_type,\n\ + \ last_modified_time,\n status,\n anycast_ip\nfrom\n aws_globalaccelerator_accelerator,\n\ + \ jsonb_array_elements(ip_sets -> 0 -> 'IpAddresses') as anycast_ip;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Global Accelerator +Title: Find all AWS Global Accelerator accelerators diff --git a/queries/aws_globalaccelerator_accelerator_3.yaml b/queries/aws_globalaccelerator_accelerator_3.yaml index 8b210c3a6..4cde68103 100755 --- a/queries/aws_globalaccelerator_accelerator_3.yaml +++ b/queries/aws_globalaccelerator_accelerator_3.yaml @@ -1,25 +1,19 @@ +Description: Allows users to query AWS Global Accelerator''s accelerators. ID: aws_globalaccelerator_accelerator_3 -Title: "Find AWS Global Accelerator's Accelerators" -Description: "Allows users to query AWS Global Accelerator''s accelerators." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - tags - from - aws_globalaccelerator_accelerator - where - not tags::JSONB ? 'owner'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n tags\nfrom\n aws_globalaccelerator_accelerator\n\ + where\n not tags::JSONB ? 'owner';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Global Accelerator +Title: Find AWS Global Accelerator's Accelerators diff --git a/queries/aws_globalaccelerator_endpoint_group_1.yaml b/queries/aws_globalaccelerator_endpoint_group_1.yaml index 32469669d..914cbda4d 100755 --- a/queries/aws_globalaccelerator_endpoint_group_1.yaml +++ b/queries/aws_globalaccelerator_endpoint_group_1.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS Global Accelerator Endpoint Groups and obtain + detailed information about each group''s configuration, state, and associated endpoints. ID: aws_globalaccelerator_endpoint_group_1 -Title: "List AWS Global Accelerator Endpoint Groups Configuration" -Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - endpoint_descriptions, - endpoint_group_region, - traffic_dial_percentage, - port_overrides, - health_check_interval_seconds, - health_check_path, - health_check_port, - health_check_protocol, - threshold_count - from - aws_globalaccelerator_endpoint_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n endpoint_descriptions,\n endpoint_group_region,\n\ + \ traffic_dial_percentage,\n port_overrides,\n health_check_interval_seconds,\n\ + \ health_check_path,\n health_check_port,\n health_check_protocol,\n threshold_count\n\ + from\n aws_globalaccelerator_endpoint_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Global Accelerator +Title: List AWS Global Accelerator Endpoint Groups Configuration diff --git a/queries/aws_globalaccelerator_endpoint_group_2.yaml b/queries/aws_globalaccelerator_endpoint_group_2.yaml index d236ecf04..930e7f6b1 100755 --- a/queries/aws_globalaccelerator_endpoint_group_2.yaml +++ b/queries/aws_globalaccelerator_endpoint_group_2.yaml @@ -1,35 +1,24 @@ +Description: Allows users to query AWS Global Accelerator Endpoint Groups and obtain + detailed information about each group''s configuration, state, and associated endpoints. ID: aws_globalaccelerator_endpoint_group_2 -Title: "List all AWS Global Accelerator Endpoint Groups" -Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - endpoint_descriptions, - endpoint_group_region, - traffic_dial_percentage, - port_overrides, - health_check_interval_seconds, - health_check_path, - health_check_port, - health_check_protocol, - threshold_count - from - aws_globalaccelerator_endpoint_group - where - listener_arn = 'arn:aws:globalaccelerator::012345678901:accelerator/1234abcd-abcd-1234-abcd-1234abcdefgh/listener/abcdef1234'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n endpoint_descriptions,\n endpoint_group_region,\n\ + \ traffic_dial_percentage,\n port_overrides,\n health_check_interval_seconds,\n\ + \ health_check_path,\n health_check_port,\n health_check_protocol,\n threshold_count\n\ + from\n aws_globalaccelerator_endpoint_group\nwhere\n listener_arn = 'arn:aws:globalaccelerator::012345678901:accelerator/1234abcd-abcd-1234-abcd-1234abcdefgh/listener/abcdef1234';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Global Accelerator +Title: List all AWS Global Accelerator Endpoint Groups diff --git a/queries/aws_globalaccelerator_endpoint_group_3.yaml b/queries/aws_globalaccelerator_endpoint_group_3.yaml index 13b4d5bd7..4e027dade 100755 --- a/queries/aws_globalaccelerator_endpoint_group_3.yaml +++ b/queries/aws_globalaccelerator_endpoint_group_3.yaml @@ -1,41 +1,28 @@ +Description: Allows users to query AWS Global Accelerator Endpoint Groups and obtain + detailed information about each group''s configuration, state, and associated endpoints. ID: aws_globalaccelerator_endpoint_group_3 -Title: "Find AWS Global Accelerator Endpoint Groups Configuration" -Description: "Allows users to query AWS Global Accelerator Endpoint Groups and obtain detailed information about each group''s configuration, state, and associated endpoints." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.name as accelerator_name, - l.client_affinity as listener_client_affinity, - l.port_ranges as listener_port_ranges, - l.protocol as listener_protocol, - eg.endpoint_descriptions, - eg.endpoint_group_region, - eg.traffic_dial_percentage, - eg.port_overrides, - eg.health_check_interval_seconds, - eg.health_check_path, - eg.health_check_port, - eg.health_check_protocol, - eg.threshold_count - from - aws_globalaccelerator_accelerator a, - aws_globalaccelerator_listener l, - aws_globalaccelerator_endpoint_group eg - where - eg.listener_arn = l.arn - and l.accelerator_arn = a.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.name as accelerator_name,\n l.client_affinity as listener_client_affinity,\n\ + \ l.port_ranges as listener_port_ranges,\n l.protocol as listener_protocol,\n\ + \ eg.endpoint_descriptions,\n eg.endpoint_group_region,\n eg.traffic_dial_percentage,\n\ + \ eg.port_overrides,\n eg.health_check_interval_seconds,\n eg.health_check_path,\n\ + \ eg.health_check_port,\n eg.health_check_protocol,\n eg.threshold_count\n\ + from\n aws_globalaccelerator_accelerator a,\n aws_globalaccelerator_listener\ + \ l,\n aws_globalaccelerator_endpoint_group eg\nwhere\n eg.listener_arn = l.arn\n\ + \ and l.accelerator_arn = a.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Global Accelerator +Title: Find AWS Global Accelerator Endpoint Groups Configuration diff --git a/queries/aws_globalaccelerator_listener_1.yaml b/queries/aws_globalaccelerator_listener_1.yaml index 0a8d7432e..145a112c6 100755 --- a/queries/aws_globalaccelerator_listener_1.yaml +++ b/queries/aws_globalaccelerator_listener_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Global Accelerator Listener data, including + details about each listener that processes inbound connections based on the port + or port ranges that you configure. ID: aws_globalaccelerator_listener_1 -Title: "List all AWS Global Accelerator Listener details" -Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - client_affinity, - port_ranges, - protocol - from - aws_globalaccelerator_listener; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n client_affinity,\n port_ranges,\n protocol\n\ + from\n aws_globalaccelerator_listener;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Global Accelerator +Title: List all AWS Global Accelerator Listener details diff --git a/queries/aws_globalaccelerator_listener_2.yaml b/queries/aws_globalaccelerator_listener_2.yaml index 065d54663..051dff69a 100755 --- a/queries/aws_globalaccelerator_listener_2.yaml +++ b/queries/aws_globalaccelerator_listener_2.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Global Accelerator Listener data, including + details about each listener that processes inbound connections based on the port + or port ranges that you configure. ID: aws_globalaccelerator_listener_2 -Title: "Find AWS Global Accelerator Listener Details" -Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - client_affinity, - port_ranges, - protocol - from - aws_globalaccelerator_listener - where - accelerator_arn = 'arn:aws:globalaccelerator::012345678901:accelerator/1234abcd'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n client_affinity,\n port_ranges,\n protocol\n\ + from\n aws_globalaccelerator_listener\nwhere\n accelerator_arn = 'arn:aws:globalaccelerator::012345678901:accelerator/1234abcd';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Global Accelerator +Title: Find AWS Global Accelerator Listener Details diff --git a/queries/aws_globalaccelerator_listener_3.yaml b/queries/aws_globalaccelerator_listener_3.yaml index bfc850103..0610fb0ea 100755 --- a/queries/aws_globalaccelerator_listener_3.yaml +++ b/queries/aws_globalaccelerator_listener_3.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Global Accelerator Listener data, including + details about each listener that processes inbound connections based on the port + or port ranges that you configure. ID: aws_globalaccelerator_listener_3 -Title: "Find AWS Global Accelerator Listener Details" -Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.name as accelerator_name, - a.status as accelerator_status, - l.title as listener_title, - l.client_affinity as listener_client_affinity, - l.port_ranges as listener_port_ranges, - l.protocol as listener_protocol - from - aws_globalaccelerator_accelerator a, - aws_globalaccelerator_listener l - where - l.accelerator_arn = a.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.name as accelerator_name,\n a.status as accelerator_status,\n\ + \ l.title as listener_title,\n l.client_affinity as listener_client_affinity,\n\ + \ l.port_ranges as listener_port_ranges,\n l.protocol as listener_protocol\n\ + from\n aws_globalaccelerator_accelerator a,\n aws_globalaccelerator_listener\ + \ l\nwhere\n l.accelerator_arn = a.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Global Accelerator +Title: Find AWS Global Accelerator Listener Details diff --git a/queries/aws_globalaccelerator_listener_4.yaml b/queries/aws_globalaccelerator_listener_4.yaml index 112a333f2..62b118f7c 100755 --- a/queries/aws_globalaccelerator_listener_4.yaml +++ b/queries/aws_globalaccelerator_listener_4.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query AWS Global Accelerator Listener data, including + details about each listener that processes inbound connections based on the port + or port ranges that you configure. ID: aws_globalaccelerator_listener_4 -Title: "List all AWS Global Accelerator Listener including details" -Description: "Allows users to query AWS Global Accelerator Listener data, including details about each listener that processes inbound connections based on the port or port ranges that you configure." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.name as accelerator_name, - a.status as accelerator_status, - l.protocol, - port_range -> 'FromPort' as from_port, - port_range -> 'ToPort' as to_port - from - aws_globalaccelerator_accelerator a, - aws_globalaccelerator_listener l, - jsonb_array_elements(l.port_ranges) as port_range - where - l.accelerator_arn = a.arn - and l.protocol = 'TCP' - and (port_range -> 'FromPort')::int <= 443 - and (port_range -> 'ToPort')::int >= 443; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.name as accelerator_name,\n a.status as accelerator_status,\n\ + \ l.protocol,\n port_range -> 'FromPort' as from_port,\n port_range -> 'ToPort'\ + \ as to_port\nfrom\n aws_globalaccelerator_accelerator a,\n aws_globalaccelerator_listener\ + \ l,\n jsonb_array_elements(l.port_ranges) as port_range\nwhere\n l.accelerator_arn\ + \ = a.arn\n and l.protocol = 'TCP'\n and (port_range -> 'FromPort')::int <=\ + \ 443\n and (port_range -> 'ToPort')::int >= 443;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Global Accelerator +Title: List all AWS Global Accelerator Listener including details diff --git a/queries/aws_glue_catalog_database_1.yaml b/queries/aws_glue_catalog_database_1.yaml index 9342fbad2..13976e08f 100755 --- a/queries/aws_glue_catalog_database_1.yaml +++ b/queries/aws_glue_catalog_database_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Glue Databases for detailed information about + their Glue Catalog Databases. ID: aws_glue_catalog_database_1 -Title: "List All AWS Glue Catalog Databases with Details" -Description: "Allows users to query AWS Glue Databases for detailed information about their Glue Catalog Databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - catalog_id, - create_time, - description, - location_uri, - create_table_default_permissions - from - aws_glue_catalog_database; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n catalog_id,\n create_time,\n description,\n\ + \ location_uri,\n create_table_default_permissions\nfrom\n aws_glue_catalog_database;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: List All AWS Glue Catalog Databases with Details diff --git a/queries/aws_glue_catalog_database_2.yaml b/queries/aws_glue_catalog_database_2.yaml index b21022f19..b7fa0d2d0 100755 --- a/queries/aws_glue_catalog_database_2.yaml +++ b/queries/aws_glue_catalog_database_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Glue Databases for detailed information about + their Glue Catalog Databases. ID: aws_glue_catalog_database_2 -Title: "Find all AWS Glue Databases with Catalog Info" -Description: "Allows users to query AWS Glue Databases for detailed information about their Glue Catalog Databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - catalog_id, - count(name) as database_count - from - aws_glue_catalog_database - group by - catalog_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n catalog_id,\n count(name) as database_count\nfrom\n\ + \ aws_glue_catalog_database\ngroup by\n catalog_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: Find all AWS Glue Databases with Catalog Info diff --git a/queries/aws_glue_catalog_table_1.yaml b/queries/aws_glue_catalog_table_1.yaml index 165240633..62910d861 100755 --- a/queries/aws_glue_catalog_table_1.yaml +++ b/queries/aws_glue_catalog_table_1.yaml @@ -1,20 +1,15 @@ +Description: Allows users to query AWS Glue Catalog Tables for a comprehensive overview + of table metadata, including table names, database names, owner information, and + more. ID: aws_glue_catalog_table_1 -Title: "Find AWS Glue Catalog Table Metadata" -Description: "Allows users to query AWS Glue Catalog Tables for a comprehensive overview of table metadata, including table names, database names, owner information, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - catalog_id, - create_time, - description, - database_name - from - aws_glue_catalog_table; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n catalog_id,\n create_time,\n description,\n\ + \ database_name\nfrom\n aws_glue_catalog_table;" Tags: {} +Title: Find AWS Glue Catalog Table Metadata diff --git a/queries/aws_glue_catalog_table_2.yaml b/queries/aws_glue_catalog_table_2.yaml index 3b80acae6..5a5d7f87a 100755 --- a/queries/aws_glue_catalog_table_2.yaml +++ b/queries/aws_glue_catalog_table_2.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Glue Catalog Tables for a comprehensive overview + of table metadata, including table names, database names, owner information, and + more. ID: aws_glue_catalog_table_2 -Title: "List all AWS Glue Catalog Tables and Metadata" -Description: "Allows users to query AWS Glue Catalog Tables for a comprehensive overview of table metadata, including table names, database names, owner information, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - catalog_id, - count(name) as table_count - from - aws_glue_catalog_table - group by - catalog_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n catalog_id,\n count(name) as table_count\nfrom\n aws_glue_catalog_table\n\ + group by\n catalog_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue Catalog +Title: List all AWS Glue Catalog Tables and Metadata diff --git a/queries/aws_glue_catalog_table_3.yaml b/queries/aws_glue_catalog_table_3.yaml index b1f0cd30b..68b544572 100755 --- a/queries/aws_glue_catalog_table_3.yaml +++ b/queries/aws_glue_catalog_table_3.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Glue Catalog Tables for a comprehensive overview + of table metadata, including table names, database names, owner information, and + more. ID: aws_glue_catalog_table_3 -Title: "List all AWS Glue Catalog Tables with metadata" -Description: "Allows users to query AWS Glue Catalog Tables for a comprehensive overview of table metadata, including table names, database names, owner information, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - catalog_id, - create_time, - description, - retention - from - aws_glue_catalog_table - where - retention < 30; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n catalog_id,\n create_time,\n description,\n\ + \ retention\nfrom\n aws_glue_catalog_table\nwhere\n retention < 30;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: List all AWS Glue Catalog Tables with metadata diff --git a/queries/aws_glue_connection_1.yaml b/queries/aws_glue_connection_1.yaml index 4a8de4c54..27e2bd336 100755 --- a/queries/aws_glue_connection_1.yaml +++ b/queries/aws_glue_connection_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Glue Connections to retrieve detailed information + about each connection. ID: aws_glue_connection_1 -Title: "List all AWS Glue Connections with Details" -Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - connection_type, - creation_time, - description, - region - from - aws_glue_connection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n connection_type,\n creation_time,\n description,\n\ + \ region\nfrom\n aws_glue_connection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: List all AWS Glue Connections with Details diff --git a/queries/aws_glue_connection_2.yaml b/queries/aws_glue_connection_2.yaml index 4a646b2e0..d30317a21 100755 --- a/queries/aws_glue_connection_2.yaml +++ b/queries/aws_glue_connection_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Glue Connections to retrieve detailed information + about each connection. ID: aws_glue_connection_2 -Title: "List all SQL Queryable AWS Glue Connections" -Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - connection_type, - connection_properties ->> 'JDBC_CONNECTION_URL' as connection_url, - connection_properties ->> 'JDBC_ENFORCE_SSL' as ssl_enabled, - creation_time - from - aws_glue_connection - where - connection_type = 'JDBC'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n connection_type,\n connection_properties ->>\ + \ 'JDBC_CONNECTION_URL' as connection_url,\n connection_properties ->> 'JDBC_ENFORCE_SSL'\ + \ as ssl_enabled,\n creation_time\nfrom\n aws_glue_connection\nwhere\n connection_type\ + \ = 'JDBC';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: List all SQL Queryable AWS Glue Connections diff --git a/queries/aws_glue_connection_3.yaml b/queries/aws_glue_connection_3.yaml index 6e6c3099a..7e306714a 100755 --- a/queries/aws_glue_connection_3.yaml +++ b/queries/aws_glue_connection_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Glue Connections to retrieve detailed information + about each connection. ID: aws_glue_connection_3 -Title: "List all AWS Glue Connections with JDBC not enforcing SSL" -Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - connection_type, - connection_properties ->> 'CONNECTION_URL' as connection_url, - connection_properties ->> 'JDBC_ENFORCE_SSL' as ssl_enabled, - creation_time - from - aws_glue_connection - where - connection_type = 'JDBC' - and connection_properties ->> 'JDBC_ENFORCE_SSL' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n connection_type,\n connection_properties ->>\ + \ 'CONNECTION_URL' as connection_url,\n connection_properties ->> 'JDBC_ENFORCE_SSL'\ + \ as ssl_enabled,\n creation_time\nfrom\n aws_glue_connection\nwhere\n connection_type\ + \ = 'JDBC'\n and connection_properties ->> 'JDBC_ENFORCE_SSL' = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: List all AWS Glue Connections with JDBC not enforcing SSL diff --git a/queries/aws_glue_connection_4.yaml b/queries/aws_glue_connection_4.yaml index ffb14a980..8f91e807b 100755 --- a/queries/aws_glue_connection_4.yaml +++ b/queries/aws_glue_connection_4.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS Glue Connections to retrieve detailed information + about each connection. ID: aws_glue_connection_4 -Title: "Find AWS Glue Connections Details" -Description: "Allows users to query AWS Glue Connections to retrieve detailed information about each connection." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.name as connection_name, - s.vpc_id as vpc_id, - s.title as subnet_name, - physical_connection_requirements ->> 'SubnetId' as subnet_id, - physical_connection_requirements ->> 'AvailabilityZone' as availability_zone, - cidr_block, - physical_connection_requirements ->> 'SecurityGroupIdList' as security_group_ids - from - aws_glue_connection c - join aws_vpc_subnet s on physical_connection_requirements ->> 'SubnetId' = s.subnet_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n c.name as connection_name,\n s.vpc_id as vpc_id,\n \ + \ s.title as subnet_name,\n physical_connection_requirements ->> 'SubnetId' as\ + \ subnet_id,\n physical_connection_requirements ->> 'AvailabilityZone' as availability_zone,\n\ + \ cidr_block,\n physical_connection_requirements ->> 'SecurityGroupIdList' as\ + \ security_group_ids\nfrom\n aws_glue_connection c\n join aws_vpc_subnet s on\ + \ physical_connection_requirements ->> 'SubnetId' = s.subnet_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: Find AWS Glue Connections Details diff --git a/queries/aws_glue_crawler_1.yaml b/queries/aws_glue_crawler_1.yaml index eb682a9e8..52c4f5a13 100755 --- a/queries/aws_glue_crawler_1.yaml +++ b/queries/aws_glue_crawler_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Glue Crawlers and retrieve essential information + about the crawler''s configuration, status, and associated metadata. ID: aws_glue_crawler_1 -Title: "List all AWS Glue Crawlers and Their Essential Information" -Description: "Allows users to query AWS Glue Crawlers and retrieve essential information about the crawler''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - state, - database_name, - creation_time, - description, - recrawl_behavior - from - aws_glue_crawler; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n state,\n database_name,\n creation_time,\n\ + \ description,\n recrawl_behavior\nfrom\n aws_glue_crawler;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: List all AWS Glue Crawlers and Their Essential Information diff --git a/queries/aws_glue_crawler_2.yaml b/queries/aws_glue_crawler_2.yaml index f1d733c20..d2d48e092 100755 --- a/queries/aws_glue_crawler_2.yaml +++ b/queries/aws_glue_crawler_2.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Glue Crawlers and retrieve essential information + about the crawler''s configuration, status, and associated metadata. ID: aws_glue_crawler_2 -Title: "List all AWS Glue Crawlers and Retrieve their Metadata" -Description: "Allows users to query AWS Glue Crawlers and retrieve essential information about the crawler''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - state, - database_name, - creation_time, - description, - recrawl_behavior - from - aws_glue_crawler - where - state = 'RUNNING'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n state,\n database_name,\n creation_time,\n\ + \ description,\n recrawl_behavior\nfrom\n aws_glue_crawler\nwhere\n state\ + \ = 'RUNNING'; " Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: List all AWS Glue Crawlers and Retrieve their Metadata diff --git a/queries/aws_glue_data_catalog_encryption_settings_1.yaml b/queries/aws_glue_data_catalog_encryption_settings_1.yaml index bac0b6d11..f559c43ed 100755 --- a/queries/aws_glue_data_catalog_encryption_settings_1.yaml +++ b/queries/aws_glue_data_catalog_encryption_settings_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Glue Data Catalog Encryption Settings. ID: aws_glue_data_catalog_encryption_settings_1 -Title: "Find AWS Glue Data Catalog Encryption Settings" -Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - encryption_at_rest, - connection_password_encryption, - region, - account_id - from - aws_glue_data_catalog_encryption_settings; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n encryption_at_rest,\n connection_password_encryption,\n\ + \ region,\n account_id\nfrom\n aws_glue_data_catalog_encryption_settings;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: Find AWS Glue Data Catalog Encryption Settings diff --git a/queries/aws_glue_data_catalog_encryption_settings_2.yaml b/queries/aws_glue_data_catalog_encryption_settings_2.yaml index cf6649f7e..342a16a23 100755 --- a/queries/aws_glue_data_catalog_encryption_settings_2.yaml +++ b/queries/aws_glue_data_catalog_encryption_settings_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Glue Data Catalog Encryption Settings. ID: aws_glue_data_catalog_encryption_settings_2 -Title: "Find AWS Glue Data Catalog Encryption Settings" -Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - encryption_at_rest, - connection_password_encryption, - region, - account_id - from - aws_glue_data_catalog_encryption_settings - where - encryption_at_rest ->> 'CatalogEncryptionMode' = 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n encryption_at_rest,\n connection_password_encryption,\n\ + \ region,\n account_id\nfrom\n aws_glue_data_catalog_encryption_settings\n\ + where\n encryption_at_rest ->> 'CatalogEncryptionMode' = 'DISABLED';" Tags: cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue Data Catalog +Title: Find AWS Glue Data Catalog Encryption Settings diff --git a/queries/aws_glue_data_catalog_encryption_settings_3.yaml b/queries/aws_glue_data_catalog_encryption_settings_3.yaml index 1300600fc..690eb3415 100755 --- a/queries/aws_glue_data_catalog_encryption_settings_3.yaml +++ b/queries/aws_glue_data_catalog_encryption_settings_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Glue Data Catalog Encryption Settings. ID: aws_glue_data_catalog_encryption_settings_3 -Title: "List all AWS Glue Data Catalog Encryption Settings" -Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - encryption_at_rest, - connection_password_encryption, - region, - account_id - from - aws_glue_data_catalog_encryption_settings - where - connection_password_encryption ->> 'ReturnConnectionPasswordEncrypted' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n encryption_at_rest,\n connection_password_encryption,\n\ + \ region,\n account_id\nfrom\n aws_glue_data_catalog_encryption_settings\n\ + where\n connection_password_encryption ->> 'ReturnConnectionPasswordEncrypted'\ + \ = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue Data Catalog +Title: List all AWS Glue Data Catalog Encryption Settings diff --git a/queries/aws_glue_data_catalog_encryption_settings_4.yaml b/queries/aws_glue_data_catalog_encryption_settings_4.yaml index c066346ad..387892833 100755 --- a/queries/aws_glue_data_catalog_encryption_settings_4.yaml +++ b/queries/aws_glue_data_catalog_encryption_settings_4.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Glue Data Catalog Encryption Settings. ID: aws_glue_data_catalog_encryption_settings_4 -Title: "Query AWS Glue Data Catalog Encryption Settings" -Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - encryption_at_rest ->> 'SseAwsKmsKeyId' as key_arn, - k.key_manager as key_manager, - k.creation_date as key_creation_date, - s.region, - s.account_id - from - aws_glue_data_catalog_encryption_settings s - join aws_kms_key k on s.encryption_at_rest ->> 'SseAwsKmsKeyId' = k.arn - and s.region = k.region; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n encryption_at_rest ->> 'SseAwsKmsKeyId' as key_arn,\n\ + \ k.key_manager as key_manager,\n k.creation_date as key_creation_date,\n s.region,\n\ + \ s.account_id\nfrom\n aws_glue_data_catalog_encryption_settings s\n join aws_kms_key\ + \ k on s.encryption_at_rest ->> 'SseAwsKmsKeyId' = k.arn\n and s.region = k.region;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue Data Catalog +Title: Query AWS Glue Data Catalog Encryption Settings diff --git a/queries/aws_glue_data_catalog_encryption_settings_5.yaml b/queries/aws_glue_data_catalog_encryption_settings_5.yaml index f270e14a5..32d046bb5 100755 --- a/queries/aws_glue_data_catalog_encryption_settings_5.yaml +++ b/queries/aws_glue_data_catalog_encryption_settings_5.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Glue Data Catalog Encryption Settings. ID: aws_glue_data_catalog_encryption_settings_5 -Title: "Find AWS Glue Data Catalog Encryption Settings" -Description: "Allows users to query AWS Glue Data Catalog Encryption Settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - connection_password_encryption ->> 'AwsKmsKeyId' as key_arn, - k.key_manager as key_manager, - k.creation_date as key_creation_date, - s.region, - s.account_id - from - aws_glue_data_catalog_encryption_settings s - join aws_kms_key k on s.connection_password_encryption ->> 'AwsKmsKeyId' = k.arn - and s.region = k.region; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n connection_password_encryption ->> 'AwsKmsKeyId' as key_arn,\n\ + \ k.key_manager as key_manager,\n k.creation_date as key_creation_date,\n s.region,\n\ + \ s.account_id\nfrom\n aws_glue_data_catalog_encryption_settings s\n join aws_kms_key\ + \ k on s.connection_password_encryption ->> 'AwsKmsKeyId' = k.arn\n and s.region\ + \ = k.region;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: Find AWS Glue Data Catalog Encryption Settings diff --git a/queries/aws_glue_data_quality_ruleset_1.yaml b/queries/aws_glue_data_quality_ruleset_1.yaml index 51d322dec..eb6519926 100755 --- a/queries/aws_glue_data_quality_ruleset_1.yaml +++ b/queries/aws_glue_data_quality_ruleset_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Glue Data Quality Ruleset to obtain information + about the rulesets used for data quality checks in AWS Glue. ID: aws_glue_data_quality_ruleset_1 -Title: "List all AWS Glue Data Quality Rulesets" -Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - database_name, - table_name, - created_on, - description, - rule_set, - recommendation_run_id - from - aws_glue_data_quality_ruleset; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n database_name,\n table_name,\n created_on,\n\ + \ description,\n rule_set,\n recommendation_run_id\nfrom\n aws_glue_data_quality_ruleset;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: List all AWS Glue Data Quality Rulesets diff --git a/queries/aws_glue_data_quality_ruleset_2.yaml b/queries/aws_glue_data_quality_ruleset_2.yaml index 35512b20b..1208f9f7f 100755 --- a/queries/aws_glue_data_quality_ruleset_2.yaml +++ b/queries/aws_glue_data_quality_ruleset_2.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Glue Data Quality Ruleset to obtain information + about the rulesets used for data quality checks in AWS Glue. ID: aws_glue_data_quality_ruleset_2 -Title: "Query AWS Glue Data Quality Rulesets" -Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - database_name, - table_name, - created_on, - description, - rule_set, - recommendation_run_id - from - aws_glue_data_quality_ruleset - where - created_on >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n database_name,\n table_name,\n created_on,\n\ + \ description,\n rule_set,\n recommendation_run_id\nfrom\n aws_glue_data_quality_ruleset\n\ + where\n created_on >= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: Query AWS Glue Data Quality Rulesets diff --git a/queries/aws_glue_data_quality_ruleset_3.yaml b/queries/aws_glue_data_quality_ruleset_3.yaml index a0934d6a5..b410fddb4 100755 --- a/queries/aws_glue_data_quality_ruleset_3.yaml +++ b/queries/aws_glue_data_quality_ruleset_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Glue Data Quality Ruleset to obtain information + about the rulesets used for data quality checks in AWS Glue. ID: aws_glue_data_quality_ruleset_3 -Title: "List All AWS Glue Data Quality Rulesets by Database" -Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database_name, - count("name") as rulset_count - from - aws_glue_data_quality_ruleset - group by - database_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n database_name,\n count(\"name\") as rulset_count\nfrom\n\ + \ aws_glue_data_quality_ruleset\ngroup by\n database_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: List All AWS Glue Data Quality Rulesets by Database diff --git a/queries/aws_glue_data_quality_ruleset_4.yaml b/queries/aws_glue_data_quality_ruleset_4.yaml index 22bc17d74..31c2889f5 100755 --- a/queries/aws_glue_data_quality_ruleset_4.yaml +++ b/queries/aws_glue_data_quality_ruleset_4.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS Glue Data Quality Ruleset to obtain information + about the rulesets used for data quality checks in AWS Glue. ID: aws_glue_data_quality_ruleset_4 -Title: "List all Glue Data Quality Rulesets in AWS" -Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name, - r.database_name, - d.catalog_id, - d.create_time as databse_create_time, - d.location_uri - from - aws_glue_data_quality_ruleset as r, - aws_glue_catalog_database as d - where - r.database_name = d.name - and - r.name = 'ruleset1'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.name,\n r.database_name,\n d.catalog_id,\n d.create_time\ + \ as databse_create_time,\n d.location_uri\nfrom\n aws_glue_data_quality_ruleset\ + \ as r,\n aws_glue_catalog_database as d\nwhere\n r.database_name = d.name\n\ + and\n r.name = 'ruleset1';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: List all Glue Data Quality Rulesets in AWS diff --git a/queries/aws_glue_data_quality_ruleset_5.yaml b/queries/aws_glue_data_quality_ruleset_5.yaml index 4444e1fc9..fdce3fa6b 100755 --- a/queries/aws_glue_data_quality_ruleset_5.yaml +++ b/queries/aws_glue_data_quality_ruleset_5.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Glue Data Quality Ruleset to obtain information + about the rulesets used for data quality checks in AWS Glue. ID: aws_glue_data_quality_ruleset_5 -Title: "Find AWS Glue Data Quality Rulesets with Rule Count" -Description: "Allows users to query AWS Glue Data Quality Ruleset to obtain information about the rulesets used for data quality checks in AWS Glue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_count - from - aws_glue_data_quality_ruleset; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n rule_count\nfrom\n aws_glue_data_quality_ruleset;" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: Find AWS Glue Data Quality Rulesets with Rule Count diff --git a/queries/aws_glue_dev_endpoint_1.yaml b/queries/aws_glue_dev_endpoint_1.yaml index bacba9e1c..100b8c7b7 100755 --- a/queries/aws_glue_dev_endpoint_1.yaml +++ b/queries/aws_glue_dev_endpoint_1.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Glue Development Endpoints to retrieve detailed + information about individual endpoints, their configurations, and related metadata. ID: aws_glue_dev_endpoint_1 -Title: "List all AWS Glue Development Endpoints and Metadata" -Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_name, - status, - availability_zone, - created_timestamp, - extra_jars_s3_path, - glue_version, - private_address, - public_address - from - aws_glue_dev_endpoint; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n endpoint_name,\n status,\n availability_zone,\n created_timestamp,\n\ + \ extra_jars_s3_path,\n glue_version,\n private_address,\n public_address\n\ + from\n aws_glue_dev_endpoint;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: List all AWS Glue Development Endpoints and Metadata diff --git a/queries/aws_glue_dev_endpoint_2.yaml b/queries/aws_glue_dev_endpoint_2.yaml index 7207ebfe7..579563ebe 100755 --- a/queries/aws_glue_dev_endpoint_2.yaml +++ b/queries/aws_glue_dev_endpoint_2.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Glue Development Endpoints to retrieve detailed + information about individual endpoints, their configurations, and related metadata. ID: aws_glue_dev_endpoint_2 -Title: "Find all AWS Glue Development Endpoints with Metadata" -Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_name, - status, - created_timestamp, - extra_jars_s3_path, - glue_version, - private_address, - public_address - from - aws_glue_dev_endpoint - where - status <> 'READY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n endpoint_name,\n status,\n created_timestamp,\n extra_jars_s3_path,\n\ + \ glue_version,\n private_address,\n public_address\nfrom\n aws_glue_dev_endpoint\n\ + where\n status <> 'READY'; " Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: Find all AWS Glue Development Endpoints with Metadata diff --git a/queries/aws_glue_dev_endpoint_3.yaml b/queries/aws_glue_dev_endpoint_3.yaml index 696542bd4..076f947ef 100755 --- a/queries/aws_glue_dev_endpoint_3.yaml +++ b/queries/aws_glue_dev_endpoint_3.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Glue Development Endpoints to retrieve detailed + information about individual endpoints, their configurations, and related metadata. ID: aws_glue_dev_endpoint_3 -Title: "List all AWS Glue Development Endpoints with Metadata" -Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - status, - glue_version, - last_modified_timestamp - from - aws_glue_dev_endpoint - where - last_modified_timestamp >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n status,\n glue_version,\n last_modified_timestamp\n\ + from\n aws_glue_dev_endpoint\nwhere\n last_modified_timestamp >= now() - interval\ + \ '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue Development Endpoint +Title: List all AWS Glue Development Endpoints with Metadata diff --git a/queries/aws_glue_dev_endpoint_4.yaml b/queries/aws_glue_dev_endpoint_4.yaml index 4b556a742..3de96d49c 100755 --- a/queries/aws_glue_dev_endpoint_4.yaml +++ b/queries/aws_glue_dev_endpoint_4.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Glue Development Endpoints to retrieve detailed + information about individual endpoints, their configurations, and related metadata. ID: aws_glue_dev_endpoint_4 -Title: "List AWS Glue Development Endpoints and Configurations" -Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - endpoint_name, - arn, - status, - glue_version, - created_timestamp - from - aws_glue_dev_endpoint - where - created_timestamp >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n endpoint_name,\n arn,\n status,\n glue_version,\n\ + \ created_timestamp\nfrom\n aws_glue_dev_endpoint\nwhere\n created_timestamp\ + \ >= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: List AWS Glue Development Endpoints and Configurations diff --git a/queries/aws_glue_dev_endpoint_5.yaml b/queries/aws_glue_dev_endpoint_5.yaml index 9d2224ddb..2463b675c 100755 --- a/queries/aws_glue_dev_endpoint_5.yaml +++ b/queries/aws_glue_dev_endpoint_5.yaml @@ -1,36 +1,25 @@ +Description: Allows users to query AWS Glue Development Endpoints to retrieve detailed + information about individual endpoints, their configurations, and related metadata. ID: aws_glue_dev_endpoint_5 -Title: "Find AWS Glue Development Endpoints and Subnet Details" -Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.endpoint_name, - s.availability_zone, - s.available_ip_address_count, - s.cidr_block, - s.default_for_az, - s.map_customer_owned_ip_on_launch, - s.map_public_ip_on_launch, - s.state - from - aws_glue_dev_endpoint as e, - aws_vpc_subnet as s - where - e.endpoint_name = 'test5' - and - e.subnet_id = s.subnet_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n e.endpoint_name,\n s.availability_zone,\n s.available_ip_address_count,\n\ + \ s.cidr_block,\n s.default_for_az,\n s.map_customer_owned_ip_on_launch,\n\ + \ s.map_public_ip_on_launch,\n s.state\nfrom\n aws_glue_dev_endpoint as e,\n\ + \ aws_vpc_subnet as s\nwhere\n e.endpoint_name = 'test5'\nand\n e.subnet_id\ + \ = s.subnet_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: Find AWS Glue Development Endpoints and Subnet Details diff --git a/queries/aws_glue_dev_endpoint_6.yaml b/queries/aws_glue_dev_endpoint_6.yaml index 39b2a22b8..9a6b2f174 100755 --- a/queries/aws_glue_dev_endpoint_6.yaml +++ b/queries/aws_glue_dev_endpoint_6.yaml @@ -1,34 +1,23 @@ +Description: Allows users to query AWS Glue Development Endpoints to retrieve detailed + information about individual endpoints, their configurations, and related metadata. ID: aws_glue_dev_endpoint_6 -Title: "Find AWS Glue Development Endpoints Configurations and Metadata" -Description: "Allows users to query AWS Glue Development Endpoints to retrieve detailed information about individual endpoints, their configurations, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.endpoint_name, - split_part(j, '/', '3') as extra_jars_s3_bucket, - b.versioning_enabled, - b.policy, - b.object_lock_configuration, - b.restrict_public_buckets, - b.policy - from - aws_glue_dev_endpoint as e, - aws_s3_bucket as b, - unnest (string_to_array(e.extra_jars_s3_path, ',')) as j - where - b.name = split_part(j, '/', '3') - and - e.endpoint_name = 'test34'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n e.endpoint_name,\n split_part(j, '/', '3') as extra_jars_s3_bucket,\n\ + \ b.versioning_enabled,\n b.policy,\n b.object_lock_configuration,\n b.restrict_public_buckets,\n\ + \ b.policy\nfrom\n aws_glue_dev_endpoint as e,\n aws_s3_bucket as b,\n unnest\ + \ (string_to_array(e.extra_jars_s3_path, ',')) as j\nwhere\n b.name = split_part(j,\ + \ '/', '3')\nand\n e.endpoint_name = 'test34';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: Find AWS Glue Development Endpoints Configurations and Metadata diff --git a/queries/aws_glue_job_1.yaml b/queries/aws_glue_job_1.yaml index 5481a3b1d..32a32d188 100755 --- a/queries/aws_glue_job_1.yaml +++ b/queries/aws_glue_job_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Glue Jobs to retrieve detailed information + related to job properties, execution, and status. ID: aws_glue_job_1 -Title: "List AWS Glue Jobs with Details on Execution and Status" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_on, - description, - max_capacity, - number_of_workers, - region, - timeout - from - aws_glue_job; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_on,\n description,\n max_capacity,\n\ + \ number_of_workers,\n region,\n timeout\nfrom\n aws_glue_job;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: List AWS Glue Jobs with Details on Execution and Status diff --git a/queries/aws_glue_job_10.yaml b/queries/aws_glue_job_10.yaml index a427bfb01..74e1d17b7 100755 --- a/queries/aws_glue_job_10.yaml +++ b/queries/aws_glue_job_10.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS Glue Jobs to retrieve detailed information + related to job properties, execution, and status. ID: aws_glue_job_10 -Title: "Find AWS Glue Jobs Missing Encryption Type" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - created_on - region, - account_id, - default_arguments ->> '--encryption-type' as encryption_type - from - aws_glue_job - where - default_arguments ->> '--encryption-type' is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n created_on\n region,\n account_id,\n\ + \ default_arguments ->> '--encryption-type' as encryption_type\nfrom\n aws_glue_job\n\ + where\n default_arguments ->> '--encryption-type' is null;" Tags: cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: Find AWS Glue Jobs Missing Encryption Type diff --git a/queries/aws_glue_job_2.yaml b/queries/aws_glue_job_2.yaml index 589c767bb..2d3afdbc6 100755 --- a/queries/aws_glue_job_2.yaml +++ b/queries/aws_glue_job_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Glue Jobs to retrieve detailed information + related to job properties, execution, and status. ID: aws_glue_job_2 -Title: "Find AWS Glue Jobs and Their Detailed Job Properties" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - created_on, - connections -> 'Connections' as connections - from - aws_glue_job - where - connections is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n created_on,\n connections -> 'Connections'\ + \ as connections\nfrom\n aws_glue_job\nwhere\n connections is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: Find AWS Glue Jobs and Their Detailed Job Properties diff --git a/queries/aws_glue_job_3.yaml b/queries/aws_glue_job_3.yaml index 810daaf59..ca780fac5 100755 --- a/queries/aws_glue_job_3.yaml +++ b/queries/aws_glue_job_3.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Glue Jobs to retrieve detailed information + related to job properties, execution, and status. ID: aws_glue_job_3 -Title: "List all AWS Glue Jobs with detailed properties" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - created_on, - job_bookmark ->> 'Attempt' as total_attempts, - job_bookmark ->> 'Run' as total_runs, - job_bookmark ->> 'RunId' as run_id - from - aws_glue_job - where - job_bookmark is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n created_on,\n job_bookmark ->> 'Attempt'\ + \ as total_attempts,\n job_bookmark ->> 'Run' as total_runs,\n job_bookmark\ + \ ->> 'RunId' as run_id\nfrom\n aws_glue_job\nwhere\n job_bookmark is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: List all AWS Glue Jobs with detailed properties diff --git a/queries/aws_glue_job_4.yaml b/queries/aws_glue_job_4.yaml index 6498fdb50..73c181de5 100755 --- a/queries/aws_glue_job_4.yaml +++ b/queries/aws_glue_job_4.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Glue Jobs to retrieve detailed information + related to job properties, execution, and status. ID: aws_glue_job_4 -Title: "Find all AWS Glue Jobs with Query Execution Detail" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - j.title, - j.arn, - j.created_on, - j.region, - j.account_id, - cloud_watch_encryption - from - aws_glue_job j - left join aws_glue_security_configuration s on j.security_configuration = s.name - where - cloud_watch_encryption is null or cloud_watch_encryption ->> 'CloudWatchEncryptionMode' = 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n j.title,\n j.arn,\n j.created_on,\n j.region,\n j.account_id,\n\ + \ cloud_watch_encryption\nfrom\n aws_glue_job j\n left join aws_glue_security_configuration\ + \ s on j.security_configuration = s.name\nwhere\n cloud_watch_encryption is null\ + \ or cloud_watch_encryption ->> 'CloudWatchEncryptionMode' = 'DISABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: Find all AWS Glue Jobs with Query Execution Detail diff --git a/queries/aws_glue_job_5.yaml b/queries/aws_glue_job_5.yaml index 3cc29f4b9..73f8917b7 100755 --- a/queries/aws_glue_job_5.yaml +++ b/queries/aws_glue_job_5.yaml @@ -1,34 +1,26 @@ +Description: Allows users to query AWS Glue Jobs to retrieve detailed information + related to job properties, execution, and status. ID: aws_glue_job_5 -Title: "List all AWS Glue Jobs Detailing Status and Properties" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - j.title, - j.arn, - j.created_on, - j.region, - j.account_id, - job_bookmarks_encryption - from - aws_glue_job j - left join aws_glue_security_configuration s on j.security_configuration = s.name - where - job_bookmarks_encryption is null or job_bookmarks_encryption ->> 'JobBookmarksEncryptionMode' = 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n j.title,\n j.arn,\n j.created_on,\n j.region,\n j.account_id,\n\ + \ job_bookmarks_encryption\nfrom\n aws_glue_job j\n left join aws_glue_security_configuration\ + \ s on j.security_configuration = s.name\nwhere\n job_bookmarks_encryption is\ + \ null or job_bookmarks_encryption ->> 'JobBookmarksEncryptionMode' = 'DISABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: List all AWS Glue Jobs Detailing Status and Properties diff --git a/queries/aws_glue_job_6.yaml b/queries/aws_glue_job_6.yaml index 6158580ec..8f116c7db 100755 --- a/queries/aws_glue_job_6.yaml +++ b/queries/aws_glue_job_6.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS Glue Jobs to retrieve detailed information + related to job properties, execution, and status. ID: aws_glue_job_6 -Title: "Find all AWS Glue Jobs with Detailed Information" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - j.title, - j.arn, - j.created_on, - j.region, - j.account_id, - e as s3_encryption - from - aws_glue_job j - left join aws_glue_security_configuration s on j.security_configuration = s.name, - jsonb_array_elements(s.s3_encryption) e - where - e is null or e ->> 'S3EncryptionMode' = 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n j.title,\n j.arn,\n j.created_on,\n j.region,\n j.account_id,\n\ + \ e as s3_encryption\nfrom\n aws_glue_job j\n left join aws_glue_security_configuration\ + \ s on j.security_configuration = s.name,\n jsonb_array_elements(s.s3_encryption)\ + \ e\nwhere\n e is null or e ->> 'S3EncryptionMode' = 'DISABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: Find all AWS Glue Jobs with Detailed Information diff --git a/queries/aws_glue_job_7.yaml b/queries/aws_glue_job_7.yaml index 709d00419..9f7f768a9 100755 --- a/queries/aws_glue_job_7.yaml +++ b/queries/aws_glue_job_7.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Glue Jobs to retrieve detailed information + related to job properties, execution, and status. ID: aws_glue_job_7 -Title: "List all AWS Glue Jobs with Continuous CloudWatch Logs Disabled" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - created_on - region, - account_id - from - aws_glue_job - where - default_arguments ->> '--enable-continuous-cloudwatch-log' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n created_on\n region,\n account_id\n\ + from\n aws_glue_job\nwhere\n default_arguments ->> '--enable-continuous-cloudwatch-log'\ + \ = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: List all AWS Glue Jobs with Continuous CloudWatch Logs Disabled diff --git a/queries/aws_glue_job_8.yaml b/queries/aws_glue_job_8.yaml index d6d0f88f7..4110fe98d 100755 --- a/queries/aws_glue_job_8.yaml +++ b/queries/aws_glue_job_8.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Glue Jobs to retrieve detailed information + related to job properties, execution, and status. ID: aws_glue_job_8 -Title: "List AWS Glue Jobs with Detailed Properties and Status" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - created_on - region, - account_id - from - aws_glue_job - where - default_arguments ->> '--enable-metrics' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n created_on\n region,\n account_id\n\ + from\n aws_glue_job\nwhere\n default_arguments ->> '--enable-metrics' = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Glue +Title: List AWS Glue Jobs with Detailed Properties and Status diff --git a/queries/aws_glue_job_9.yaml b/queries/aws_glue_job_9.yaml index ceb3a20e4..9f458da86 100755 --- a/queries/aws_glue_job_9.yaml +++ b/queries/aws_glue_job_9.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Glue Jobs to retrieve detailed information + related to job properties, execution, and status. ID: aws_glue_job_9 -Title: "List all AWS Glue Job Properties and Execution Details" -Description: "Allows users to query AWS Glue Jobs to retrieve detailed information related to job properties, execution, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - created_on, - command ->> 'Name' as script_name, - command ->> 'ScriptLocation' as script_location, - default_arguments ->> '--job-language' as job_language - from - aws_glue_job; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n created_on,\n command ->> 'Name' as\ + \ script_name,\n command ->> 'ScriptLocation' as script_location,\n default_arguments\ + \ ->> '--job-language' as job_language\nfrom\n aws_glue_job;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: List all AWS Glue Job Properties and Execution Details diff --git a/queries/aws_glue_security_configuration_1.yaml b/queries/aws_glue_security_configuration_1.yaml index 1ed2c95d4..2913b0905 100755 --- a/queries/aws_glue_security_configuration_1.yaml +++ b/queries/aws_glue_security_configuration_1.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Glue Security Configurations and gain insights + into the security configurations of Glue resources. ID: aws_glue_security_configuration_1 -Title: "Find AWS Glue Security Configurations and Insights" -Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_time_stamp, - cloud_watch_encryption, - job_bookmarks_encryption, - s3_encryption - from - aws_glue_security_configuration; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_time_stamp,\n cloud_watch_encryption,\n\ + \ job_bookmarks_encryption,\n s3_encryption\nfrom\n aws_glue_security_configuration;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: Find AWS Glue Security Configurations and Insights diff --git a/queries/aws_glue_security_configuration_2.yaml b/queries/aws_glue_security_configuration_2.yaml index 842bb36cd..56dc920ef 100755 --- a/queries/aws_glue_security_configuration_2.yaml +++ b/queries/aws_glue_security_configuration_2.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Glue Security Configurations and gain insights + into the security configurations of Glue resources. ID: aws_glue_security_configuration_2 -Title: "Find AWS Glue Security Configurations with Encryption" -Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - cloud_watch_encryption ->> 'CloudWatchEncryptionMode' as encyption_mode, - cloud_watch_encryption ->> 'KmsKeyArn' as kms_key_arn - from - aws_glue_security_configuration - where - cloud_watch_encryption ->> 'CloudWatchEncryptionMode' != 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n cloud_watch_encryption ->> 'CloudWatchEncryptionMode'\ + \ as encyption_mode,\n cloud_watch_encryption ->> 'KmsKeyArn' as kms_key_arn\n\ + from\n aws_glue_security_configuration\nwhere\n cloud_watch_encryption ->> 'CloudWatchEncryptionMode'\ + \ != 'DISABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue Security +Title: Find AWS Glue Security Configurations with Encryption diff --git a/queries/aws_glue_security_configuration_3.yaml b/queries/aws_glue_security_configuration_3.yaml index e83e5d5d6..995468210 100755 --- a/queries/aws_glue_security_configuration_3.yaml +++ b/queries/aws_glue_security_configuration_3.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Glue Security Configurations and gain insights + into the security configurations of Glue resources. ID: aws_glue_security_configuration_3 -Title: "List all AWS Glue Security Configurations and Encryption Modes" -Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - job_bookmarks_encryption ->> 'JobBookmarksEncryptionMode' as encyption_mode, - job_bookmarks_encryption ->> 'KmsKeyArn' as kms_key_arn - from - aws_glue_security_configuration - where - job_bookmarks_encryption ->> 'JobBookmarksEncryptionMode' != 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n job_bookmarks_encryption ->> 'JobBookmarksEncryptionMode'\ + \ as encyption_mode,\n job_bookmarks_encryption ->> 'KmsKeyArn' as kms_key_arn\n\ + from\n aws_glue_security_configuration\nwhere\n job_bookmarks_encryption ->>\ + \ 'JobBookmarksEncryptionMode' != 'DISABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: List all AWS Glue Security Configurations and Encryption Modes diff --git a/queries/aws_glue_security_configuration_4.yaml b/queries/aws_glue_security_configuration_4.yaml index 10942fe16..0a5d0eb47 100755 --- a/queries/aws_glue_security_configuration_4.yaml +++ b/queries/aws_glue_security_configuration_4.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Glue Security Configurations and gain insights + into the security configurations of Glue resources. ID: aws_glue_security_configuration_4 -Title: "Find AWS Glue Security Configurations" -Description: "Allows users to query AWS Glue Security Configurations and gain insights into the security configurations of Glue resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - e ->> 'S3EncryptionMode' as encyption_mode, - e ->> 'KmsKeyArn' as kms_key_arn - from - aws_glue_security_configuration, - jsonb_array_elements(s3_encryption) e - where - e ->> 'S3EncryptionMode' != 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n e ->> 'S3EncryptionMode' as encyption_mode,\n\ + \ e ->> 'KmsKeyArn' as kms_key_arn\nfrom\n aws_glue_security_configuration,\n\ + \ jsonb_array_elements(s3_encryption) e\nwhere\n e ->> 'S3EncryptionMode' !=\ + \ 'DISABLED';" Tags: cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Glue +Title: Find AWS Glue Security Configurations diff --git a/queries/aws_guardduty_detector_1.yaml b/queries/aws_guardduty_detector_1.yaml index 0657a60e7..757963a9c 100755 --- a/queries/aws_guardduty_detector_1.yaml +++ b/queries/aws_guardduty_detector_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS GuardDuty Detector data, including detector + details, status, and associated metadata. ID: aws_guardduty_detector_1 -Title: "Find AWS GuardDuty Detector Details and Status" -Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - arn, - created_at, - status, - service_role - from - aws_guardduty_detector; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n detector_id,\n arn,\n created_at,\n status,\n service_role\n\ + from\n aws_guardduty_detector;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty Detector Details and Status diff --git a/queries/aws_guardduty_detector_2.yaml b/queries/aws_guardduty_detector_2.yaml index 9e6edb5ff..3b751fda4 100755 --- a/queries/aws_guardduty_detector_2.yaml +++ b/queries/aws_guardduty_detector_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS GuardDuty Detector data, including detector + details, status, and associated metadata. ID: aws_guardduty_detector_2 -Title: "List all AWS GuardDuty Detectors and their Status" -Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - created_at, - status - from - aws_guardduty_detector - where - status = 'ENABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n detector_id,\n created_at,\n status\nfrom\n aws_guardduty_detector\n\ + where\n status = 'ENABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: List all AWS GuardDuty Detectors and their Status diff --git a/queries/aws_guardduty_detector_3.yaml b/queries/aws_guardduty_detector_3.yaml index 3ae94404f..07a666510 100755 --- a/queries/aws_guardduty_detector_3.yaml +++ b/queries/aws_guardduty_detector_3.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS GuardDuty Detector data, including detector + details, status, and associated metadata. ID: aws_guardduty_detector_3 -Title: "List all AWS GuardDuty Detector details and status" -Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - status as detector_status, - data_sources -> 'CloudTrail' ->> 'Status' as cloud_trail_status, - data_sources -> 'DNSLogs' ->> 'Status' as dns_logs_status, - data_sources -> 'FlowLogs' ->> 'Status' as flow_logs_status - from - aws_guardduty_detector; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n detector_id,\n status as detector_status,\n data_sources\ + \ -> 'CloudTrail' ->> 'Status' as cloud_trail_status,\n data_sources -> 'DNSLogs'\ + \ ->> 'Status' as dns_logs_status,\n data_sources -> 'FlowLogs' ->> 'Status'\ + \ as flow_logs_status\nfrom\n aws_guardduty_detector;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: List all AWS GuardDuty Detector details and status diff --git a/queries/aws_guardduty_detector_4.yaml b/queries/aws_guardduty_detector_4.yaml index b1778b000..dc36fc7b1 100755 --- a/queries/aws_guardduty_detector_4.yaml +++ b/queries/aws_guardduty_detector_4.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS GuardDuty Detector data, including detector + details, status, and associated metadata. ID: aws_guardduty_detector_4 -Title: "Find AWS GuardDuty Detector with SQL" -Description: "Allows users to query AWS GuardDuty Detector data, including detector details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - master_account ->> 'AccountId' as master_account_id, - master_account ->> 'InvitationId' as invitation_id, - master_account ->> 'RelationshipStatus' as relationship_status - from - aws_guardduty_detector - where master_account is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n detector_id,\n master_account ->> 'AccountId' as master_account_id,\n\ + \ master_account ->> 'InvitationId' as invitation_id, \n master_account ->>\ + \ 'RelationshipStatus' as relationship_status \nfrom \n aws_guardduty_detector\n\ + where master_account is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty Detector with SQL diff --git a/queries/aws_guardduty_filter_1.yaml b/queries/aws_guardduty_filter_1.yaml index 876c31694..fb62d9a6a 100755 --- a/queries/aws_guardduty_filter_1.yaml +++ b/queries/aws_guardduty_filter_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS GuardDuty Filters to retrieve information about + existing filters, their conditions, actions, and associated metadata. ID: aws_guardduty_filter_1 -Title: "Find AWS GuardDuty Filters and Associated Metadata" -Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - detector_id, - action, - rank - from - aws_guardduty_filter; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n detector_id,\n action,\n rank\nfrom\n aws_guardduty_filter;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty Filters and Associated Metadata diff --git a/queries/aws_guardduty_filter_2.yaml b/queries/aws_guardduty_filter_2.yaml index 900f5639d..077b4ac6f 100755 --- a/queries/aws_guardduty_filter_2.yaml +++ b/queries/aws_guardduty_filter_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS GuardDuty Filters to retrieve information about + existing filters, their conditions, actions, and associated metadata. ID: aws_guardduty_filter_2 -Title: "Find AWS GuardDuty Filter Information with SQL" -Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - detector_id, - action, - rank - from - aws_guardduty_filter - where - action = 'ARCHIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n detector_id,\n action,\n rank\nfrom\n aws_guardduty_filter\n\ + where\n action = 'ARCHIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty Filter Information with SQL diff --git a/queries/aws_guardduty_filter_3.yaml b/queries/aws_guardduty_filter_3.yaml index 70fce00dd..ed712c018 100755 --- a/queries/aws_guardduty_filter_3.yaml +++ b/queries/aws_guardduty_filter_3.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS GuardDuty Filters to retrieve information about + existing filters, their conditions, actions, and associated metadata. ID: aws_guardduty_filter_3 -Title: "Find AWS GuardDuty Filter Conditions, Actions, Metadata" -Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - region, - detector_id, - action, - rank - from - aws_guardduty_filter - where - rank = 1; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n region,\n detector_id,\n action,\n rank\n\ + from\n aws_guardduty_filter\nwhere\n rank = 1;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty Filter Conditions, Actions, Metadata diff --git a/queries/aws_guardduty_filter_4.yaml b/queries/aws_guardduty_filter_4.yaml index 6934295e8..de0f011ac 100755 --- a/queries/aws_guardduty_filter_4.yaml +++ b/queries/aws_guardduty_filter_4.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS GuardDuty Filters to retrieve information about + existing filters, their conditions, actions, and associated metadata. ID: aws_guardduty_filter_4 -Title: "Find AWS GuardDuty Filter Information using SQL" -Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_pretty(finding_criteria) as finding_criteria - from - aws_guardduty_filter - where - name = 'filter-1'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n jsonb_pretty(finding_criteria) as finding_criteria\n\ + from\n aws_guardduty_filter\nwhere\n name = 'filter-1';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty Filter Information using SQL diff --git a/queries/aws_guardduty_filter_5.yaml b/queries/aws_guardduty_filter_5.yaml index 1676232a5..d87076b2a 100755 --- a/queries/aws_guardduty_filter_5.yaml +++ b/queries/aws_guardduty_filter_5.yaml @@ -1,29 +1,20 @@ +Description: Allows users to query AWS GuardDuty Filters to retrieve information about + existing filters, their conditions, actions, and associated metadata. ID: aws_guardduty_filter_5 -Title: "List AWS GuardDuty Filters and Associated Metadata" -Description: "Allows users to query AWS GuardDuty Filters to retrieve information about existing filters, their conditions, actions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - region, - detector_id, - count(name) - from - aws_guardduty_filter - group by - region, - detector_id - order by - count desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n region,\n detector_id,\n count(name)\nfrom\n aws_guardduty_filter\n\ + group by\n region,\n detector_id\norder by\n count desc;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: List AWS GuardDuty Filters and Associated Metadata diff --git a/queries/aws_guardduty_finding_1.yaml b/queries/aws_guardduty_finding_1.yaml index 31ab7c553..bab39cffd 100755 --- a/queries/aws_guardduty_finding_1.yaml +++ b/queries/aws_guardduty_finding_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS GuardDuty Findings to access detailed information + about potential security threats or suspicious activities detected in their AWS + environment. ID: aws_guardduty_finding_1 -Title: "Find all AWS GuardDuty Findings for Security Threats" -Description: "Allows users to query AWS GuardDuty Findings to access detailed information about potential security threats or suspicious activities detected in their AWS environment." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - detector_id, - arn, - created_at - from - aws_guardduty_finding; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n detector_id,\n arn,\n created_at\nfrom\n aws_guardduty_finding;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find all AWS GuardDuty Findings for Security Threats diff --git a/queries/aws_guardduty_finding_2.yaml b/queries/aws_guardduty_finding_2.yaml index eebea2f09..89fdc91c1 100755 --- a/queries/aws_guardduty_finding_2.yaml +++ b/queries/aws_guardduty_finding_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS GuardDuty Findings to access detailed information + about potential security threats or suspicious activities detected in their AWS + environment. ID: aws_guardduty_finding_2 -Title: "Find AWS GuardDuty Findings on Security Threats" -Description: "Allows users to query AWS GuardDuty Findings to access detailed information about potential security threats or suspicious activities detected in their AWS environment." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - detector_id, - arn, - created_at - from - aws_guardduty_finding - where - service ->> 'Archived' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n detector_id,\n arn,\n created_at\nfrom\n aws_guardduty_finding\n\ + where\n service ->> 'Archived' = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty Findings on Security Threats diff --git a/queries/aws_guardduty_ipset_1.yaml b/queries/aws_guardduty_ipset_1.yaml index 316c4ffae..e15809116 100755 --- a/queries/aws_guardduty_ipset_1.yaml +++ b/queries/aws_guardduty_ipset_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS GuardDuty IPSet to retrieve information about + the IPSet, such as the detector ID, IPSet ID, name, format, location, and status. ID: aws_guardduty_ipset_1 -Title: "Find AWS GuardDuty IPSets with Details" -Description: "Allows users to query AWS GuardDuty IPSet to retrieve information about the IPSet, such as the detector ID, IPSet ID, name, format, location, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - ipset_id, - name, - format, - location - from - aws_guardduty_ipset; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n detector_id,\n ipset_id,\n name,\n format,\n location\n\ + from\n aws_guardduty_ipset;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty IPSets with Details diff --git a/queries/aws_guardduty_ipset_2.yaml b/queries/aws_guardduty_ipset_2.yaml index d89598055..634fef1da 100755 --- a/queries/aws_guardduty_ipset_2.yaml +++ b/queries/aws_guardduty_ipset_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS GuardDuty IPSet to retrieve information about + the IPSet, such as the detector ID, IPSet ID, name, format, location, and status. ID: aws_guardduty_ipset_2 -Title: "List All Inactive IP Sets in AWS GuardDuty" -Description: "Allows users to query AWS GuardDuty IPSet to retrieve information about the IPSet, such as the detector ID, IPSet ID, name, format, location, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - ipset_id, - name, - status - from - aws_guardduty_ipset - where - status = 'INACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n ipset_id,\n name,\n status\nfrom\n aws_guardduty_ipset\n\ + where\n status = 'INACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: List All Inactive IP Sets in AWS GuardDuty diff --git a/queries/aws_guardduty_member_1.yaml b/queries/aws_guardduty_member_1.yaml index 0e1785fdf..2e87242ce 100755 --- a/queries/aws_guardduty_member_1.yaml +++ b/queries/aws_guardduty_member_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS GuardDuty Member data, including member account + details, detector ID, invitation status, and relationship status. ID: aws_guardduty_member_1 -Title: "Find AWS GuardDuty Member Data, Details, and Status" -Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - detector_id, - invited_at, - relationship_status - from - aws_guardduty_member; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n member_account_id,\n detector_id,\n invited_at,\n \ + \ relationship_status\nfrom\n aws_guardduty_member;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty Member Data, Details, and Status diff --git a/queries/aws_guardduty_member_2.yaml b/queries/aws_guardduty_member_2.yaml index 3f90c6109..d79d9b928 100755 --- a/queries/aws_guardduty_member_2.yaml +++ b/queries/aws_guardduty_member_2.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS GuardDuty Member data, including member account + details, detector ID, invitation status, and relationship status. ID: aws_guardduty_member_2 -Title: "Find AWS GuardDuty Member Account Details and Status" -Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - detector_id, - invited_at, - relationship_status - from - aws_guardduty_member - where - relationship_status = 'EmailVerificationFailed'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n member_account_id,\n detector_id,\n invited_at,\n \ + \ relationship_status\nfrom\n aws_guardduty_member\nwhere\n relationship_status\ + \ = 'EmailVerificationFailed';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty Member Account Details and Status diff --git a/queries/aws_guardduty_member_3.yaml b/queries/aws_guardduty_member_3.yaml index 454d36dd6..ac35ea108 100755 --- a/queries/aws_guardduty_member_3.yaml +++ b/queries/aws_guardduty_member_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS GuardDuty Member data, including member account + details, detector ID, invitation status, and relationship status. ID: aws_guardduty_member_3 -Title: "Find AWS GuardDuty Member Details" -Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - detector_id, - invited_at, - relationship_status - from - aws_guardduty_member - where - invited_at is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n member_account_id,\n detector_id,\n invited_at,\n \ + \ relationship_status\nfrom\n aws_guardduty_member\nwhere\n invited_at is null;" Tags: cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty Member Details diff --git a/queries/aws_guardduty_member_4.yaml b/queries/aws_guardduty_member_4.yaml index da5967e95..2dba668d3 100755 --- a/queries/aws_guardduty_member_4.yaml +++ b/queries/aws_guardduty_member_4.yaml @@ -1,31 +1,25 @@ +Description: Allows users to query AWS GuardDuty Member data, including member account + details, detector ID, invitation status, and relationship status. ID: aws_guardduty_member_4 -Title: "Find all AWS GuardDuty Member with details" -Description: "Allows users to query AWS GuardDuty Member data, including member account details, detector ID, invitation status, and relationship status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - detector_id, - invited_at, - relationship_status - from - aws_guardduty_member - where - invited_at >= (now() - interval '10' day); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n member_account_id,\n detector_id,\n invited_at,\n \ + \ relationship_status\nfrom\n aws_guardduty_member\nwhere\n invited_at >= (now()\ + \ - interval '10' day);" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find all AWS GuardDuty Member with details diff --git a/queries/aws_guardduty_publishing_destination_1.yaml b/queries/aws_guardduty_publishing_destination_1.yaml index 219a76de8..4a4b2f932 100755 --- a/queries/aws_guardduty_publishing_destination_1.yaml +++ b/queries/aws_guardduty_publishing_destination_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS GuardDuty Publishing Destinations to retrieve + information about where GuardDuty findings are published. ID: aws_guardduty_publishing_destination_1 -Title: "List AWS GuardDuty Publishing Destinations Info" -Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - destination_id, - arn, - destination_arn, - status - from - aws_guardduty_publishing_destination; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n detector_id,\n destination_id,\n arn,\n destination_arn,\n\ + \ status\nfrom\n aws_guardduty_publishing_destination;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: List AWS GuardDuty Publishing Destinations Info diff --git a/queries/aws_guardduty_publishing_destination_2.yaml b/queries/aws_guardduty_publishing_destination_2.yaml index 72800c6fd..41d0817ec 100755 --- a/queries/aws_guardduty_publishing_destination_2.yaml +++ b/queries/aws_guardduty_publishing_destination_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS GuardDuty Publishing Destinations to retrieve + information about where GuardDuty findings are published. ID: aws_guardduty_publishing_destination_2 -Title: "Find AWS GuardDuty Publishing Destinations" -Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - destination_id, - arn, - status - from - aws_guardduty_publishing_destination - where - status = 'PENDING_VERIFICATION'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n destination_id,\n arn,\n status\nfrom\n aws_guardduty_publishing_destination\n\ + where\n status = 'PENDING_VERIFICATION';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty Publishing Destinations diff --git a/queries/aws_guardduty_publishing_destination_3.yaml b/queries/aws_guardduty_publishing_destination_3.yaml index 60628178c..792891ad8 100755 --- a/queries/aws_guardduty_publishing_destination_3.yaml +++ b/queries/aws_guardduty_publishing_destination_3.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS GuardDuty Publishing Destinations to retrieve + information about where GuardDuty findings are published. ID: aws_guardduty_publishing_destination_3 -Title: "List All AWS GuardDuty Publishing Destinations" -Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - destination_id, - kms_key_arn, - status, - destination_type - from - aws_guardduty_publishing_destination - where - kms_key_arn is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n destination_id,\n kms_key_arn,\n status,\n destination_type\n\ + from\n aws_guardduty_publishing_destination\nwhere\n kms_key_arn is null;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: List All AWS GuardDuty Publishing Destinations diff --git a/queries/aws_guardduty_publishing_destination_4.yaml b/queries/aws_guardduty_publishing_destination_4.yaml index c3be9192f..e74131041 100755 --- a/queries/aws_guardduty_publishing_destination_4.yaml +++ b/queries/aws_guardduty_publishing_destination_4.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS GuardDuty Publishing Destinations to retrieve + information about where GuardDuty findings are published. ID: aws_guardduty_publishing_destination_4 -Title: "List all AWS GuardDuty Publishing Destination Types" -Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - destination_type, - count(destination_id) - from - aws_guardduty_publishing_destination - group by - destination_type - order by - count desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n destination_type,\n count(destination_id)\nfrom\n aws_guardduty_publishing_destination\n\ + group by \n destination_type\norder by\n count desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: List all AWS GuardDuty Publishing Destination Types diff --git a/queries/aws_guardduty_publishing_destination_5.yaml b/queries/aws_guardduty_publishing_destination_5.yaml index f9162e94f..e9a2f1800 100755 --- a/queries/aws_guardduty_publishing_destination_5.yaml +++ b/queries/aws_guardduty_publishing_destination_5.yaml @@ -1,34 +1,23 @@ +Description: Allows users to query AWS GuardDuty Publishing Destinations to retrieve + information about where GuardDuty findings are published. ID: aws_guardduty_publishing_destination_5 -Title: "Find AWS GuardDuty Publishing Destinations" -Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.destination_id, - d.destination_arn, - d.destination_type, - p ->> 'Sid' as sid, - p ->> 'Action' as policy_action, - p ->> 'Effect' as effect, - p -> 'Principal' ->> 'Service' as principal_service - from - aws_guardduty_publishing_destination as d, - aws_s3_bucket as s, - jsonb_array_elements(s.policy -> 'Statement') as p - where - d.destination_type = 'S3' - and - s.arn = d.destination_arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n d.destination_id,\n d.destination_arn,\n d.destination_type,\n\ + \ p ->> 'Sid' as sid,\n p ->> 'Action' as policy_action,\n p ->> 'Effect' as\ + \ effect,\n p -> 'Principal' ->> 'Service' as principal_service\nfrom\n aws_guardduty_publishing_destination\ + \ as d,\n aws_s3_bucket as s,\n jsonb_array_elements(s.policy -> 'Statement')\ + \ as p\nwhere\n d.destination_type = 'S3'\nand\n s.arn = d.destination_arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty Publishing Destinations diff --git a/queries/aws_guardduty_publishing_destination_6.yaml b/queries/aws_guardduty_publishing_destination_6.yaml index ff4dfd823..842835618 100755 --- a/queries/aws_guardduty_publishing_destination_6.yaml +++ b/queries/aws_guardduty_publishing_destination_6.yaml @@ -1,35 +1,25 @@ +Description: Allows users to query AWS GuardDuty Publishing Destinations to retrieve + information about where GuardDuty findings are published. ID: aws_guardduty_publishing_destination_6 -Title: "Find all AWS GuardDuty Publishing Destinations" -Description: "Allows users to query AWS GuardDuty Publishing Destinations to retrieve information about where GuardDuty findings are published." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - d.destination_id, - p ->> 'Sid' as sid, - p ->> 'Action' as policy_action, - p ->> 'Effect' as effect, - p ->> 'Principal' as policy_principal, - p ->> 'Condition' as policy_condition - from - aws_guardduty_publishing_destination as d, - aws_kms_key as k, - jsonb_array_elements(k.policy -> 'Statement') as p - where - d.kms_key_arn is not null - and - k.arn = d.kms_key_arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n d.destination_id,\n p ->> 'Sid' as sid,\n p ->> 'Action'\ + \ as policy_action,\n p ->> 'Effect' as effect,\n p ->> 'Principal' as policy_principal,\n\ + \ p ->> 'Condition' as policy_condition\nfrom\n aws_guardduty_publishing_destination\ + \ as d,\n aws_kms_key as k,\n jsonb_array_elements(k.policy -> 'Statement')\ + \ as p\nwhere\n d.kms_key_arn is not null\nand\n k.arn = d.kms_key_arn;" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find all AWS GuardDuty Publishing Destinations diff --git a/queries/aws_guardduty_threat_intel_set_1.yaml b/queries/aws_guardduty_threat_intel_set_1.yaml index d8049a7c3..239bc45af 100755 --- a/queries/aws_guardduty_threat_intel_set_1.yaml +++ b/queries/aws_guardduty_threat_intel_set_1.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS GuardDuty ThreatIntelSet to fetch information + about threat intelligence sets that are associated with a GuardDuty detector. ID: aws_guardduty_threat_intel_set_1 -Title: "Find AWS GuardDuty ThreatIntelSet Information" -Description: "Allows users to query AWS GuardDuty ThreatIntelSet to fetch information about threat intelligence sets that are associated with a GuardDuty detector." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - detector_id, - threat_intel_set_id, - name, - format, - location - from - aws_guardduty_threat_intel_set; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n detector_id,\n threat_intel_set_id,\n name,\n format,\n\ + \ location\nfrom\n aws_guardduty_threat_intel_set;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find AWS GuardDuty ThreatIntelSet Information diff --git a/queries/aws_guardduty_threat_intel_set_2.yaml b/queries/aws_guardduty_threat_intel_set_2.yaml index 236e2cfe7..db7921437 100755 --- a/queries/aws_guardduty_threat_intel_set_2.yaml +++ b/queries/aws_guardduty_threat_intel_set_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS GuardDuty ThreatIntelSet to fetch information + about threat intelligence sets that are associated with a GuardDuty detector. ID: aws_guardduty_threat_intel_set_2 -Title: "Find all AWS GuardDuty ThreatIntelSet threat data" -Description: "Allows users to query AWS GuardDuty ThreatIntelSet to fetch information about threat intelligence sets that are associated with a GuardDuty detector." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - threat_intel_set_id, - status - from - aws_guardduty_threat_intel_set - where - status = 'INACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n threat_intel_set_id,\n status\nfrom\n aws_guardduty_threat_intel_set\n\ + where\n status = 'INACTIVE';" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - GuardDuty +Title: Find all AWS GuardDuty ThreatIntelSet threat data diff --git a/queries/aws_health_affected_entity_1.yaml b/queries/aws_health_affected_entity_1.yaml index fbf033941..99e209d0c 100755 --- a/queries/aws_health_affected_entity_1.yaml +++ b/queries/aws_health_affected_entity_1.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` + table provides comprehensive details about each entity affected by AWS Health events. + It can be utilized to gain insights into the health status of AWS resources, allowing + for proactive monitoring and maintenance. ID: aws_health_affected_entity_1 -Title: "Find Health Status of AWS Resources via SQL" -Description: "Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` table provides comprehensive details about each entity affected by AWS Health events. It can be utilized to gain insights into the health status of AWS resources, allowing for proactive monitoring and maintenance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - entity_url, - entity_value, - event_arn, - last_updated_time, - status_code - from - aws_health_affected_entity; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n entity_url,\n entity_value,\n event_arn,\n\ + \ last_updated_time,\n status_code\nfrom\n aws_health_affected_entity;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Health +Title: Find Health Status of AWS Resources via SQL diff --git a/queries/aws_health_affected_entity_2.yaml b/queries/aws_health_affected_entity_2.yaml index a9be864a1..a28f35a14 100755 --- a/queries/aws_health_affected_entity_2.yaml +++ b/queries/aws_health_affected_entity_2.yaml @@ -1,31 +1,25 @@ +Description: Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` + table provides comprehensive details about each entity affected by AWS Health events. + It can be utilized to gain insights into the health status of AWS resources, allowing + for proactive monitoring and maintenance. ID: aws_health_affected_entity_2 -Title: "List all AWS Health Affected Entities" -Description: "Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` table provides comprehensive details about each entity affected by AWS Health events. It can be utilized to gain insights into the health status of AWS resources, allowing for proactive monitoring and maintenance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - entity_url, - entity_value, - event_arn, - last_updated_time, - status_code - from - aws_health_affected_entity - where - status_code = 'UNIMPAIRED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n entity_url,\n entity_value,\n event_arn,\n\ + \ last_updated_time,\n status_code\nfrom\n aws_health_affected_entity\nwhere\n\ + \ status_code = 'UNIMPAIRED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Health +Title: List all AWS Health Affected Entities diff --git a/queries/aws_health_affected_entity_3.yaml b/queries/aws_health_affected_entity_3.yaml index e3de9af3c..7417f858a 100755 --- a/queries/aws_health_affected_entity_3.yaml +++ b/queries/aws_health_affected_entity_3.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` + table provides comprehensive details about each entity affected by AWS Health events. + It can be utilized to gain insights into the health status of AWS resources, allowing + for proactive monitoring and maintenance. ID: aws_health_affected_entity_3 -Title: "List AWS Health Affected Entities with Detailed Insights" -Description: "Allows users to query Affected Entities in AWS Health. The `aws_health_affected_entity` table provides comprehensive details about each entity affected by AWS Health events. It can be utilized to gain insights into the health status of AWS resources, allowing for proactive monitoring and maintenance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.arn, - e.entity_url, - e.event_arn, - v.event_type_category, - v.event_type_code, - v.service - from - aws_health_affected_entity as e, - aws_health_event as v; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n e.arn,\n e.entity_url,\n e.event_arn,\n v.event_type_category,\n\ + \ v.event_type_code,\n v.service\nfrom\n aws_health_affected_entity as e,\n\ + \ aws_health_event as v;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Health +Title: List AWS Health Affected Entities with Detailed Insights diff --git a/queries/aws_health_event_1.yaml b/queries/aws_health_event_1.yaml index e4c9f986f..3cd739661 100755 --- a/queries/aws_health_event_1.yaml +++ b/queries/aws_health_event_1.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Health Events to retrieve information about + events that affect your AWS services and accounts. ID: aws_health_event_1 -Title: "Query AWS Health Events Affecting Services and Accounts" -Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - availability_zone, - start_time, - end_time, - event_type_category, - event_type_code, - event_scope_code, - service, - region - from - aws_health_event; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n availability_zone,\n start_time,\n end_time,\n\ + \ event_type_category,\n event_type_code,\n event_scope_code,\n service,\n\ + \ region\nfrom\n aws_health_event;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Health +Title: Query AWS Health Events Affecting Services and Accounts diff --git a/queries/aws_health_event_2.yaml b/queries/aws_health_event_2.yaml index 518cb1aaa..1293c4ef5 100755 --- a/queries/aws_health_event_2.yaml +++ b/queries/aws_health_event_2.yaml @@ -1,25 +1,15 @@ +Description: Allows users to query AWS Health Events to retrieve information about + events that affect your AWS services and accounts. ID: aws_health_event_2 -Title: "" -Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - start_time, - end_time, - event_type_category, - event_type_code, - event_scope_code, - status_code, - service - from - aws_health_event - where - status_code = 'upcoming'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n start_time,\n end_time,\n event_type_category,\n\ + \ event_type_code,\n event_scope_code,\n status_code,\n service\nfrom\n aws_health_event\n\ + where\n status_code = 'upcoming';" Tags: {} +Title: '' diff --git a/queries/aws_health_event_3.yaml b/queries/aws_health_event_3.yaml index 2ea1b5731..74760863f 100755 --- a/queries/aws_health_event_3.yaml +++ b/queries/aws_health_event_3.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query AWS Health Events to retrieve information about + events that affect your AWS services and accounts. ID: aws_health_event_3 -Title: "Find AWS Health Events Affecting Services and Accounts" -Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - start_time, - end_time, - event_type_category, - event_type_code, - event_scope_code, - status_code, - service - from - aws_health_event - where - service = 'EC2'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n start_time,\n end_time,\n event_type_category,\n\ + \ event_type_code,\n event_scope_code,\n status_code,\n service\nfrom\n aws_health_event\n\ + where\n service = 'EC2';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Health Events +Title: Find AWS Health Events Affecting Services and Accounts diff --git a/queries/aws_health_event_4.yaml b/queries/aws_health_event_4.yaml index db872adc7..d6fdb340e 100755 --- a/queries/aws_health_event_4.yaml +++ b/queries/aws_health_event_4.yaml @@ -1,32 +1,21 @@ +Description: Allows users to query AWS Health Events to retrieve information about + events that affect your AWS services and accounts. ID: aws_health_event_4 -Title: "List all AWS Health Events affecting services and accounts" -Description: "Allows users to query AWS Health Events to retrieve information about events that affect your AWS services and accounts." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - availability_zone, - start_time, - end_time, - event_type_category, - event_type_code, - event_scope_code, - status_code, - service - from - aws_health_event - where - availability_zone = 'us-east-1a'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n availability_zone,\n start_time,\n end_time,\n\ + \ event_type_category,\n event_type_code,\n event_scope_code,\n status_code,\n\ + \ service\nfrom\n aws_health_event\nwhere\n availability_zone = 'us-east-1a';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Health +Title: List all AWS Health Events affecting services and accounts diff --git a/queries/aws_iam_access_advisor_1.yaml b/queries/aws_iam_access_advisor_1.yaml index de55f71e7..2416b824b 100755 --- a/queries/aws_iam_access_advisor_1.yaml +++ b/queries/aws_iam_access_advisor_1.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS IAM Access Advisor to retrieve information + about the service last accessed data for IAM entities (users, groups, and roles). ID: aws_iam_access_advisor_1 -Title: "Find AWS IAM Access Info via SQL Query" -Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - principal_arn, - service_name, - last_authenticated, - age(last_authenticated::date) - from - aws_iam_access_advisor - where - principal_arn = 'arn:aws:iam::123456789123:user/john' - and last_authenticated is not null - order by - age asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n principal_arn,\n service_name,\n last_authenticated,\n\ + \ age(last_authenticated::date) \nfrom \n aws_iam_access_advisor\nwhere\n principal_arn\ + \ = 'arn:aws:iam::123456789123:user/john'\n and last_authenticated is not null\n\ + order by \n age asc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Access Advisor +Title: Find AWS IAM Access Info via SQL Query diff --git a/queries/aws_iam_access_advisor_2.yaml b/queries/aws_iam_access_advisor_2.yaml index 8f733a5ed..2b54e34f3 100755 --- a/queries/aws_iam_access_advisor_2.yaml +++ b/queries/aws_iam_access_advisor_2.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS IAM Access Advisor to retrieve information + about the service last accessed data for IAM entities (users, groups, and roles). ID: aws_iam_access_advisor_2 -Title: "List all AWS IAM entities with no recent service access" -Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - principal_arn, - service_name - from - aws_iam_access_advisor - where - principal_arn = 'arn:aws:iam::123456789123:role/turbot/admin' - and last_authenticated is null - order by - service_name - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n principal_arn,\n service_name\nfrom \n aws_iam_access_advisor\n\ + where\n principal_arn = 'arn:aws:iam::123456789123:role/turbot/admin'\n and\ + \ last_authenticated is null\norder by \n service_name" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Access Advisor +Title: List all AWS IAM entities with no recent service access diff --git a/queries/aws_iam_access_advisor_3.yaml b/queries/aws_iam_access_advisor_3.yaml index 3d63a35ce..409da2cd0 100755 --- a/queries/aws_iam_access_advisor_3.yaml +++ b/queries/aws_iam_access_advisor_3.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS IAM Access Advisor to retrieve information + about the service last accessed data for IAM entities (users, groups, and roles). ID: aws_iam_access_advisor_3 -Title: "Find AWS IAM Access Advisor Info for Service Access Data" -Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - principal_arn, - service_name, - last_authenticated, - age(last_authenticated::date), - last_authenticated_entity, - last_authenticated_region - from - aws_iam_access_advisor - where - principal_arn = 'arn:aws:iam::aws:policy/AdministratorAccess' - and last_authenticated is not null - order by - age asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n principal_arn,\n service_name,\n last_authenticated,\n\ + \ age(last_authenticated::date),\n last_authenticated_entity,\n last_authenticated_region\n\ + from \n aws_iam_access_advisor\nwhere\n principal_arn = 'arn:aws:iam::aws:policy/AdministratorAccess'\n\ + \ and last_authenticated is not null\norder by \n age asc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Access Advisor +Title: Find AWS IAM Access Advisor Info for Service Access Data diff --git a/queries/aws_iam_access_advisor_4.yaml b/queries/aws_iam_access_advisor_4.yaml index ee351f7fc..3a07be73f 100755 --- a/queries/aws_iam_access_advisor_4.yaml +++ b/queries/aws_iam_access_advisor_4.yaml @@ -1,41 +1,29 @@ +Description: Allows users to query AWS IAM Access Advisor to retrieve information + about the service last accessed data for IAM entities (users, groups, and roles). ID: aws_iam_access_advisor_4 -Title: "Find AWS IAM Access Advisor Data for User Entities" -Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - adv.service_name, - action as action_granted, - attached as granted_in, - adv.service_namespace - from - aws_iam_access_advisor as adv, - aws_iam_role as r, - jsonb_array_elements_text(r.attached_policy_arns) as attached, - aws_iam_policy as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action - where - principal_arn = 'arn:aws:iam::123456789123:role/turbot/admin' - and r.arn = adv.principal_arn - and last_authenticated is null - and attached = p.arn - and stmt ->> 'Effect' = 'Allow' - and action like adv.service_namespace || ':%' - order by - adv.service_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n adv.service_name,\n action as action_granted,\n attached\ + \ as granted_in,\n adv.service_namespace\nfrom \n aws_iam_access_advisor as\ + \ adv,\n aws_iam_role as r,\n jsonb_array_elements_text(r.attached_policy_arns)\ + \ as attached,\n aws_iam_policy as p, \n jsonb_array_elements(p.policy_std\ + \ -> 'Statement') as stmt,\n jsonb_array_elements_text(stmt -> 'Action') as action\n\ + where\n principal_arn = 'arn:aws:iam::123456789123:role/turbot/admin'\n and\ + \ r.arn = adv.principal_arn\n and last_authenticated is null\n and attached\ + \ = p.arn\n and stmt ->> 'Effect' = 'Allow'\n and action like adv.service_namespace\ + \ || ':%'\norder by \n adv.service_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Access Advisor Data for User Entities diff --git a/queries/aws_iam_access_advisor_5.yaml b/queries/aws_iam_access_advisor_5.yaml index 49822ffcb..1f1fbc9c8 100755 --- a/queries/aws_iam_access_advisor_5.yaml +++ b/queries/aws_iam_access_advisor_5.yaml @@ -1,36 +1,26 @@ +Description: Allows users to query AWS IAM Access Advisor to retrieve information + about the service last accessed data for IAM entities (users, groups, and roles). ID: aws_iam_access_advisor_5 -Title: "Find All AWS IAM Access Advisor Last Access Data" -Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - principal_arn, - service_name, - last_authenticated, - age(last_authenticated::date), - a ->> 'ActionName' as action_name, - a ->> 'LastAccessedEntity' as action_last_accessed_entity, - a ->> 'LastAccessedRegion' as action_last_accessed_region, - a ->> 'LastAccessedTime' as action_last_accessed_time - from - aws_iam_access_advisor, - jsonb_array_elements(tracked_actions_last_accessed) as a - where - principal_arn = 'arn:aws:iam::123456789123:user/jane' - and last_authenticated is not null - and service_namespace = 's3' - order by - age asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n principal_arn,\n service_name,\n last_authenticated,\n\ + \ age(last_authenticated::date),\n a ->> 'ActionName' as action_name,\n a ->>\ + \ 'LastAccessedEntity' as action_last_accessed_entity,\n a ->> 'LastAccessedRegion'\ + \ as action_last_accessed_region,\n a ->> 'LastAccessedTime' as action_last_accessed_time\n\ + from \n aws_iam_access_advisor,\n jsonb_array_elements(tracked_actions_last_accessed)\ + \ as a\nwhere\n principal_arn = 'arn:aws:iam::123456789123:user/jane'\n and\ + \ last_authenticated is not null\n and service_namespace = 's3'\norder by \n\ + \ age asc;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Access Advisor +Title: Find All AWS IAM Access Advisor Last Access Data diff --git a/queries/aws_iam_access_advisor_6.yaml b/queries/aws_iam_access_advisor_6.yaml index dc257809a..4368564b2 100755 --- a/queries/aws_iam_access_advisor_6.yaml +++ b/queries/aws_iam_access_advisor_6.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS IAM Access Advisor to retrieve information + about the service last accessed data for IAM entities (users, groups, and roles). ID: aws_iam_access_advisor_6 -Title: "List IAM Access Advisor Data for AWS Entities" -Description: "Allows users to query AWS IAM Access Advisor to retrieve information about the service last accessed data for IAM entities (users, groups, and roles)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - principal_arn, - service_name - from - aws_iam_user as u, - aws_iam_access_advisor as adv - where - adv.principal_arn = u.arn - and last_authenticated is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n principal_arn,\n service_name\nfrom\n aws_iam_user\ + \ as u,\n aws_iam_access_advisor as adv\nwhere\n adv.principal_arn = u.arn\n\ + \ and last_authenticated is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Access Advisor +Title: List IAM Access Advisor Data for AWS Entities diff --git a/queries/aws_iam_access_key_1.yaml b/queries/aws_iam_access_key_1.yaml index dffdeb6d3..d613fac56 100755 --- a/queries/aws_iam_access_key_1.yaml +++ b/queries/aws_iam_access_key_1.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query IAM Access Keys in AWS to obtain details about + the access keys associated with an IAM user. This includes the access key ID, status, + creation date, and more. ID: aws_iam_access_key_1 -Title: "Find AWS IAM User Access Keys Details" -Description: "Allows users to query IAM Access Keys in AWS to obtain details about the access keys associated with an IAM user. This includes the access key ID, status, creation date, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - access_key_id, - user_name, - create_date - from - aws_iam_access_key; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n access_key_id,\n user_name,\n create_date\nfrom\n \ + \ aws_iam_access_key;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM User Access Keys Details diff --git a/queries/aws_iam_access_key_2.yaml b/queries/aws_iam_access_key_2.yaml index 732adb688..34e7c75d0 100755 --- a/queries/aws_iam_access_key_2.yaml +++ b/queries/aws_iam_access_key_2.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query IAM Access Keys in AWS to obtain details about + the access keys associated with an IAM user. This includes the access key ID, status, + creation date, and more. ID: aws_iam_access_key_2 -Title: "Find Inactive IAM Access Keys with AWS via SQL" -Description: "Allows users to query IAM Access Keys in AWS to obtain details about the access keys associated with an IAM user. This includes the access key ID, status, creation date, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - access_key_id, - user_name, - status - from - aws_iam_access_key - where - status = 'Inactive'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n access_key_id,\n user_name,\n status\nfrom\n aws_iam_access_key\n\ + where\n status = 'Inactive';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find Inactive IAM Access Keys with AWS via SQL diff --git a/queries/aws_iam_access_key_3.yaml b/queries/aws_iam_access_key_3.yaml index 45475ea12..6de039e08 100755 --- a/queries/aws_iam_access_key_3.yaml +++ b/queries/aws_iam_access_key_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query IAM Access Keys in AWS to obtain details about + the access keys associated with an IAM user. This includes the access key ID, status, + creation date, and more. ID: aws_iam_access_key_3 -Title: "List all AWS IAM Access Keys with User Details" -Description: "Allows users to query IAM Access Keys in AWS to obtain details about the access keys associated with an IAM user. This includes the access key ID, status, creation date, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name, - count (access_key_id) as access_key_count - from - aws_iam_access_key - group by - user_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n user_name,\n count (access_key_id) as access_key_count\n\ + from\n aws_iam_access_key\ngroup by\n user_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Access Keys +Title: List all AWS IAM Access Keys with User Details diff --git a/queries/aws_iam_account_password_policy_1.yaml b/queries/aws_iam_account_password_policy_1.yaml index a587fa293..a466933c7 100755 --- a/queries/aws_iam_account_password_policy_1.yaml +++ b/queries/aws_iam_account_password_policy_1.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query AWS IAM Account Password Policies to gain insights + about password policy details such as minimum password length, password expiration + period, and whether it requires at least one number or symbol. ID: aws_iam_account_password_policy_1 -Title: "Find AWS IAM Account Password Policy Details" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - allow_users_to_change_password, - expire_passwords, - hard_expiry, - max_password_age, - minimum_password_length, - password_reuse_prevention, - require_lowercase_characters, - require_numbers, - require_symbols, - require_uppercase_characters - from - aws_iam_account_password_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n allow_users_to_change_password,\n expire_passwords,\n\ + \ hard_expiry,\n max_password_age,\n minimum_password_length,\n password_reuse_prevention,\n\ + \ require_lowercase_characters,\n require_numbers,\n require_symbols,\n require_uppercase_characters\n\ + from\n aws_iam_account_password_policy;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Account Password Policy Details diff --git a/queries/aws_iam_account_password_policy_2.yaml b/queries/aws_iam_account_password_policy_2.yaml index e5f3f64d4..c61443d88 100755 --- a/queries/aws_iam_account_password_policy_2.yaml +++ b/queries/aws_iam_account_password_policy_2.yaml @@ -1,22 +1,20 @@ +Description: Allows users to query AWS IAM Account Password Policies to gain insights + about password policy details such as minimum password length, password expiration + period, and whether it requires at least one number or symbol. ID: aws_iam_account_password_policy_2 -Title: "Find AWS IAM Account Password Policy Requirements" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - require_uppercase_characters - from - aws_iam_account_password_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n require_uppercase_characters\nfrom\n aws_iam_account_password_policy;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Account Password Policy Requirements diff --git a/queries/aws_iam_account_password_policy_3.yaml b/queries/aws_iam_account_password_policy_3.yaml index 1020bfc6c..af514e678 100755 --- a/queries/aws_iam_account_password_policy_3.yaml +++ b/queries/aws_iam_account_password_policy_3.yaml @@ -1,22 +1,20 @@ +Description: Allows users to query AWS IAM Account Password Policies to gain insights + about password policy details such as minimum password length, password expiration + period, and whether it requires at least one number or symbol. ID: aws_iam_account_password_policy_3 -Title: "Find AWS IAM Account Password Policy Details" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - require_lowercase_characters - from - aws_iam_account_password_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n require_lowercase_characters\nfrom\n aws_iam_account_password_policy;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Account Password Policy Details diff --git a/queries/aws_iam_account_password_policy_4.yaml b/queries/aws_iam_account_password_policy_4.yaml index cdcb5cda0..3f6dfbaec 100755 --- a/queries/aws_iam_account_password_policy_4.yaml +++ b/queries/aws_iam_account_password_policy_4.yaml @@ -1,24 +1,22 @@ +Description: Allows users to query AWS IAM Account Password Policies to gain insights + about password policy details such as minimum password length, password expiration + period, and whether it requires at least one number or symbol. ID: aws_iam_account_password_policy_4 -Title: "Find AWS IAM Account Password Policy Requirements" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - require_symbols - from - aws_iam_account_password_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n require_symbols\nfrom\n aws_iam_account_password_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Account Password Policies +Title: Find AWS IAM Account Password Policy Requirements diff --git a/queries/aws_iam_account_password_policy_5.yaml b/queries/aws_iam_account_password_policy_5.yaml index 65166b256..0dc51c413 100755 --- a/queries/aws_iam_account_password_policy_5.yaml +++ b/queries/aws_iam_account_password_policy_5.yaml @@ -1,24 +1,22 @@ +Description: Allows users to query AWS IAM Account Password Policies to gain insights + about password policy details such as minimum password length, password expiration + period, and whether it requires at least one number or symbol. ID: aws_iam_account_password_policy_5 -Title: "List AWS IAM Account Password Policies with SQL" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - require_numbers - from - aws_iam_account_password_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n require_numbers\nfrom\n aws_iam_account_password_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: List AWS IAM Account Password Policies with SQL diff --git a/queries/aws_iam_account_password_policy_6.yaml b/queries/aws_iam_account_password_policy_6.yaml index 06e80de49..e97c6b7af 100755 --- a/queries/aws_iam_account_password_policy_6.yaml +++ b/queries/aws_iam_account_password_policy_6.yaml @@ -1,24 +1,22 @@ +Description: Allows users to query AWS IAM Account Password Policies to gain insights + about password policy details such as minimum password length, password expiration + period, and whether it requires at least one number or symbol. ID: aws_iam_account_password_policy_6 -Title: "Find AWS IAM Account Password Policies Details" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - minimum_password_length >= 14 - from - aws_iam_account_password_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n minimum_password_length >= 14\nfrom\n aws_iam_account_password_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Account Password Policies Details diff --git a/queries/aws_iam_account_password_policy_7.yaml b/queries/aws_iam_account_password_policy_7.yaml index f969b9c6e..9e998536f 100755 --- a/queries/aws_iam_account_password_policy_7.yaml +++ b/queries/aws_iam_account_password_policy_7.yaml @@ -1,22 +1,20 @@ +Description: Allows users to query AWS IAM Account Password Policies to gain insights + about password policy details such as minimum password length, password expiration + period, and whether it requires at least one number or symbol. ID: aws_iam_account_password_policy_7 -Title: "Find AWS IAM Account Password Policies with SQL" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - password_reuse_prevention - from - aws_iam_account_password_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n password_reuse_prevention\nfrom\n aws_iam_account_password_policy;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Account Password Policies with SQL diff --git a/queries/aws_iam_account_password_policy_8.yaml b/queries/aws_iam_account_password_policy_8.yaml index f1cf7d43c..faabca7fd 100755 --- a/queries/aws_iam_account_password_policy_8.yaml +++ b/queries/aws_iam_account_password_policy_8.yaml @@ -1,24 +1,23 @@ +Description: Allows users to query AWS IAM Account Password Policies to gain insights + about password policy details such as minimum password length, password expiration + period, and whether it requires at least one number or symbol. ID: aws_iam_account_password_policy_8 -Title: "Find AWS IAM Account Password Policies" -Description: "Allows users to query AWS IAM Account Password Policies to gain insights about password policy details such as minimum password length, password expiration period, and whether it requires at least one number or symbol." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - (expire_passwords and max_password_age <= 90) - from - aws_iam_account_password_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n (expire_passwords and max_password_age <= 90)\nfrom\n\ + \ aws_iam_account_password_policy;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Account Password Policies diff --git a/queries/aws_iam_account_summary_1.yaml b/queries/aws_iam_account_summary_1.yaml index d704c055f..3a4949c8f 100755 --- a/queries/aws_iam_account_summary_1.yaml +++ b/queries/aws_iam_account_summary_1.yaml @@ -1,24 +1,21 @@ +Description: Allows users to query AWS IAM Account Summary to get a detailed overview + of the account''s IAM usage and resource consumption. ID: aws_iam_account_summary_1 -Title: "List AWS IAM Account Summary Overview and Resource Usage" -Description: "Allows users to query AWS IAM Account Summary to get a detailed overview of the account''s IAM usage and resource consumption." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - * - from - aws_iam_account_summary; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n *\nfrom\n aws_iam_account_summary;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: List AWS IAM Account Summary Overview and Resource Usage diff --git a/queries/aws_iam_account_summary_2.yaml b/queries/aws_iam_account_summary_2.yaml index 1831b1bcc..9ced5f759 100755 --- a/queries/aws_iam_account_summary_2.yaml +++ b/queries/aws_iam_account_summary_2.yaml @@ -1,22 +1,19 @@ +Description: Allows users to query AWS IAM Account Summary to get a detailed overview + of the account''s IAM usage and resource consumption. ID: aws_iam_account_summary_2 -Title: "Find AWS IAM Account Summary with SQL Query" -Description: "Allows users to query AWS IAM Account Summary to get a detailed overview of the account''s IAM usage and resource consumption." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - account_mfa_enabled - from - aws_iam_account_summary; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n account_mfa_enabled\nfrom\n aws_iam_account_summary;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: Find AWS IAM Account Summary with SQL Query diff --git a/queries/aws_iam_account_summary_3.yaml b/queries/aws_iam_account_summary_3.yaml index 7fce3614f..b5cde8dc5 100755 --- a/queries/aws_iam_account_summary_3.yaml +++ b/queries/aws_iam_account_summary_3.yaml @@ -1,25 +1,19 @@ +Description: Allows users to query AWS IAM Account Summary to get a detailed overview + of the account''s IAM usage and resource consumption. ID: aws_iam_account_summary_3 -Title: "Find AWS IAM Account Summary Details" -Description: "Allows users to query AWS IAM Account Summary to get a detailed overview of the account''s IAM usage and resource consumption." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - users, - groups, - roles, - policies - from - aws_iam_account_summary; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n users,\n groups,\n roles,\n policies\nfrom\n aws_iam_account_summary;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Account Summary Details diff --git a/queries/aws_iam_action_1.yaml b/queries/aws_iam_action_1.yaml index 062f47772..5ceb6f923 100755 --- a/queries/aws_iam_action_1.yaml +++ b/queries/aws_iam_action_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query IAM Actions in AWS Identity and Access Management + (IAM). ID: aws_iam_action_1 -Title: "Find IAM Actions in AWS IAM with SQL" -Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - action, - description - from - aws_iam_action - where - prefix = 's3' - order by - action; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n action,\n description\nfrom\n aws_iam_action\nwhere\n\ + \ prefix = 's3'\norder by\n action;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: Find IAM Actions in AWS IAM with SQL diff --git a/queries/aws_iam_action_2.yaml b/queries/aws_iam_action_2.yaml index 14538aa57..a7db1d8b0 100755 --- a/queries/aws_iam_action_2.yaml +++ b/queries/aws_iam_action_2.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query IAM Actions in AWS Identity and Access Management + (IAM). ID: aws_iam_action_2 -Title: "Find all IAM Actions in AWS Identity and Access Management" -Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - description - from - aws_iam_action - where - action = 's3:deleteobject'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n description\nfrom\n aws_iam_action\nwhere\n action\ + \ = 's3:deleteobject';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: Find all IAM Actions in AWS Identity and Access Management diff --git a/queries/aws_iam_action_3.yaml b/queries/aws_iam_action_3.yaml index 04a3db4c7..35e14fb31 100755 --- a/queries/aws_iam_action_3.yaml +++ b/queries/aws_iam_action_3.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query IAM Actions in AWS Identity and Access Management + (IAM). ID: aws_iam_action_3 -Title: "Find IAM Actions in AWS Identity and Access Management" -Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.action, - a.description - from - aws_iam_action as a, - glob('s3:d*') as action_name - where - a.action like action_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.action,\n a.description\nfrom\n aws_iam_action as\ + \ a,\n glob('s3:d*') as action_name\nwhere\n a.action like action_name;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: Find IAM Actions in AWS Identity and Access Management diff --git a/queries/aws_iam_action_4.yaml b/queries/aws_iam_action_4.yaml index 359307b63..fd9f8e0a2 100755 --- a/queries/aws_iam_action_4.yaml +++ b/queries/aws_iam_action_4.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query IAM Actions in AWS Identity and Access Management + (IAM). ID: aws_iam_action_4 -Title: "Find IAM Actions in AWS Identity and Access Management" -Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.action, - a.access_level - from - aws_iam_policy p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob(action_glob) as action_regex - join aws_iam_action a ON a.action LIKE action_regex - where - p.name = 'AmazonEC2ReadOnlyAccess' - and stmt ->> 'Effect' = 'Allow' - order by - a.action; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.action,\n a.access_level\nfrom\n aws_iam_policy p,\n\ + \ jsonb_array_elements(p.policy_std -> 'Statement') as stmt,\n jsonb_array_elements_text(stmt\ + \ -> 'Action') as action_glob,\n glob(action_glob) as action_regex\n join aws_iam_action\ + \ a ON a.action LIKE action_regex\nwhere\n p.name = 'AmazonEC2ReadOnlyAccess'\n\ + \ and stmt ->> 'Effect' = 'Allow'\norder by\n a.action;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Identity and Access Management (IAM) +Title: Find IAM Actions in AWS Identity and Access Management diff --git a/queries/aws_iam_action_5.yaml b/queries/aws_iam_action_5.yaml index b032da1ad..6bbba4dc6 100755 --- a/queries/aws_iam_action_5.yaml +++ b/queries/aws_iam_action_5.yaml @@ -1,40 +1,27 @@ +Description: Allows users to query IAM Actions in AWS Identity and Access Management + (IAM). ID: aws_iam_action_5 -Title: "Find AWS IAM Actions in AWS Identity and Access Management" -Description: "Allows users to query IAM Actions in AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.name, - f.role, - a.action, - a.access_level, - a.description - from - aws_lambda_function as f, - aws_iam_role as r, - jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, - aws_iam_policy as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob(action_glob) as action_regex - join aws_iam_action a ON a.action LIKE action_regex - where - f.role = r.arn - and pol_arn = p.arn - and stmt ->> 'Effect' = 'Allow' - and f.name = 'hellopython'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n f.name,\n f.role,\n a.action,\n a.access_level,\n\ + \ a.description\nfrom \n aws_lambda_function as f,\n aws_iam_role as r,\n \ + \ jsonb_array_elements_text(r.attached_policy_arns) as pol_arn,\n aws_iam_policy\ + \ as p,\n jsonb_array_elements(p.policy_std -> 'Statement') as stmt,\n jsonb_array_elements_text(stmt\ + \ -> 'Action') as action_glob,\n glob(action_glob) as action_regex\n join aws_iam_action\ + \ a ON a.action LIKE action_regex\nwhere\n f.role = r.arn\n and pol_arn = p.arn\ + \ \n and stmt ->> 'Effect' = 'Allow'\n and f.name = 'hellopython';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: Find AWS IAM Actions in AWS Identity and Access Management diff --git a/queries/aws_iam_credential_report_1.yaml b/queries/aws_iam_credential_report_1.yaml index e869732a6..4cd66e975 100755 --- a/queries/aws_iam_credential_report_1.yaml +++ b/queries/aws_iam_credential_report_1.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query AWS IAM Credential Reports, providing a comprehensive + overview of the AWS Identity and Access Management (IAM) users, their status, and + credential usage. ID: aws_iam_credential_report_1 -Title: "Find AWS IAM Credential Reports for Users with Activity" -Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name - from - aws_iam_credential_report - where - password_enabled - and password_last_used > (current_date - interval '90' day); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n user_name\nfrom\n aws_iam_credential_report\nwhere\n\ + \ password_enabled\n and password_last_used > (current_date - interval '90'\ + \ day);" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Identity and Access Management +Title: Find AWS IAM Credential Reports for Users with Activity diff --git a/queries/aws_iam_credential_report_2.yaml b/queries/aws_iam_credential_report_2.yaml index ccdb6c958..f04db84e6 100755 --- a/queries/aws_iam_credential_report_2.yaml +++ b/queries/aws_iam_credential_report_2.yaml @@ -1,33 +1,26 @@ +Description: Allows users to query AWS IAM Credential Reports, providing a comprehensive + overview of the AWS Identity and Access Management (IAM) users, their status, and + credential usage. ID: aws_iam_credential_report_2 -Title: "Find AWS IAM Credential Reports and User Statuses" -Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name, - password_last_used, - age(password_last_used) - from - aws_iam_credential_report - where - password_enabled - and password_last_used <= (current_date - interval '90' day) - order by - password_last_used; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n user_name,\n password_last_used,\n age(password_last_used)\n\ + from\n aws_iam_credential_report\nwhere\n password_enabled\n and password_last_used\ + \ <= (current_date - interval '90' day)\norder by\n password_last_used;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Credential Reports and User Statuses diff --git a/queries/aws_iam_credential_report_3.yaml b/queries/aws_iam_credential_report_3.yaml index 7cee39cca..3d27b704b 100755 --- a/queries/aws_iam_credential_report_3.yaml +++ b/queries/aws_iam_credential_report_3.yaml @@ -1,24 +1,21 @@ +Description: Allows users to query AWS IAM Credential Reports, providing a comprehensive + overview of the AWS Identity and Access Management (IAM) users, their status, and + credential usage. ID: aws_iam_credential_report_3 -Title: "Find AWS IAM Users with Never Used Passwords" -Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name - from - aws_iam_credential_report - where - password_status = 'never_used'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n user_name\nfrom\n aws_iam_credential_report\nwhere\n\ + \ password_status = 'never_used';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Credential Reports +Title: Find AWS IAM Users with Never Used Passwords diff --git a/queries/aws_iam_credential_report_4.yaml b/queries/aws_iam_credential_report_4.yaml index 9eaa99720..02c766bb9 100755 --- a/queries/aws_iam_credential_report_4.yaml +++ b/queries/aws_iam_credential_report_4.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS IAM Credential Reports, providing a comprehensive + overview of the AWS Identity and Access Management (IAM) users, their status, and + credential usage. ID: aws_iam_credential_report_4 -Title: "Find all AWS IAM Credential Reports for Key Rotation" -Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name, - access_key_1_last_rotated, - age(access_key_1_last_rotated) as access_key_1_age, - access_key_2_last_rotated, - age(access_key_2_last_rotated) as access_key_2_age - from - aws_iam_credential_report - where - access_key_1_last_rotated <= (current_date - interval '90' day) - or access_key_2_last_rotated <= (current_date - interval '90' day) - order by - user_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n user_name,\n access_key_1_last_rotated,\n age(access_key_1_last_rotated)\ + \ as access_key_1_age,\n access_key_2_last_rotated,\n age(access_key_2_last_rotated)\ + \ as access_key_2_age\nfrom\n aws_iam_credential_report\nwhere\n access_key_1_last_rotated\ + \ <= (current_date - interval '90' day)\n or access_key_2_last_rotated <= (current_date\ + \ - interval '90' day)\norder by\n user_name;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management (IAM) +Title: Find all AWS IAM Credential Reports for Key Rotation diff --git a/queries/aws_iam_credential_report_5.yaml b/queries/aws_iam_credential_report_5.yaml index f93deb4c3..97ca907f8 100755 --- a/queries/aws_iam_credential_report_5.yaml +++ b/queries/aws_iam_credential_report_5.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS IAM Credential Reports, providing a comprehensive + overview of the AWS Identity and Access Management (IAM) users, their status, and + credential usage. ID: aws_iam_credential_report_5 -Title: "Find AWS IAM Users Without MFA and With Password Enabled" -Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name, - mfa_active, - password_enabled - from - aws_iam_credential_report - where - password_enabled - and not mfa_active; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n user_name,\n mfa_active,\n password_enabled\nfrom\n\ + \ aws_iam_credential_report\nwhere\n password_enabled\n and not mfa_active;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Credential Report +Title: Find AWS IAM Users Without MFA and With Password Enabled diff --git a/queries/aws_iam_credential_report_6.yaml b/queries/aws_iam_credential_report_6.yaml index 2e68ad6ef..17175014b 100755 --- a/queries/aws_iam_credential_report_6.yaml +++ b/queries/aws_iam_credential_report_6.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS IAM Credential Reports, providing a comprehensive + overview of the AWS Identity and Access Management (IAM) users, their status, and + credential usage. ID: aws_iam_credential_report_6 -Title: "List all AWS IAM users and their credential status" -Description: "Allows users to query AWS IAM Credential Reports, providing a comprehensive overview of the AWS Identity and Access Management (IAM) users, their status, and credential usage." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - user_name, - mfa_active - from - aws_iam_credential_report - where - user_name = ''; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n user_name,\n mfa_active\nfrom\n aws_iam_credential_report\n\ + where\n user_name = '';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Credential Report +Title: List all AWS IAM users and their credential status diff --git a/queries/aws_iam_group_1.yaml b/queries/aws_iam_group_1.yaml index 2f4fbea41..9d1d6abec 100755 --- a/queries/aws_iam_group_1.yaml +++ b/queries/aws_iam_group_1.yaml @@ -1,30 +1,26 @@ +Description: Allows users to query AWS IAM Group data such as group name, path, and + ARN. This table provides information about IAM groups within AWS Identity and Access + Management (IAM). ID: aws_iam_group_1 -Title: "Find AWS IAM Group Data using SQL Query" -Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as group_name, - iam_user ->> 'UserName' as user_name, - iam_user ->> 'UserId' as user_id, - iam_user ->> 'PermissionsBoundary' as permission_boundary, - iam_user ->> 'PasswordLastUsed' as password_last_used, - iam_user ->> 'CreateDate' as user_create_date - from - aws_iam_group - cross join jsonb_array_elements(users) as iam_user; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as group_name,\n iam_user ->> 'UserName' as user_name,\n\ + \ iam_user ->> 'UserId' as user_id,\n iam_user ->> 'PermissionsBoundary' as\ + \ permission_boundary,\n iam_user ->> 'PasswordLastUsed' as password_last_used,\n\ + \ iam_user ->> 'CreateDate' as user_create_date\nfrom\n aws_iam_group\n cross\ + \ join jsonb_array_elements(users) as iam_user;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: Find AWS IAM Group Data using SQL Query diff --git a/queries/aws_iam_group_2.yaml b/queries/aws_iam_group_2.yaml index 17ff0d5fc..f0ba6fc72 100755 --- a/queries/aws_iam_group_2.yaml +++ b/queries/aws_iam_group_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS IAM Group data such as group name, path, and + ARN. This table provides information about IAM groups within AWS Identity and Access + Management (IAM). ID: aws_iam_group_2 -Title: "Find AWS IAM Group Data: Name, Path, and ARN" -Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as group_name, - iam_user ->> 'UserName' as user_name, - split_part(attachments, '/', 2) as attached_policies - from - aws_iam_group - cross join jsonb_array_elements(users) as iam_user, - jsonb_array_elements_text(attached_policy_arns) as attachments - where - split_part(attachments, '/', 2) = 'AdministratorAccess'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as group_name,\n iam_user ->> 'UserName' as user_name,\n\ + \ split_part(attachments, '/', 2) as attached_policies\nfrom\n aws_iam_group\n\ + \ cross join jsonb_array_elements(users) as iam_user,\n jsonb_array_elements_text(attached_policy_arns)\ + \ as attachments\nwhere\n split_part(attachments, '/', 2) = 'AdministratorAccess';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: 'Find AWS IAM Group Data: Name, Path, and ARN' diff --git a/queries/aws_iam_group_3.yaml b/queries/aws_iam_group_3.yaml index bcf294752..f57969b97 100755 --- a/queries/aws_iam_group_3.yaml +++ b/queries/aws_iam_group_3.yaml @@ -1,24 +1,22 @@ +Description: Allows users to query AWS IAM Group data such as group name, path, and + ARN. This table provides information about IAM groups within AWS Identity and Access + Management (IAM). ID: aws_iam_group_3 -Title: "Find all AWS IAM Group details with their attached policies" -Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as group_name, - split_part(attachments, '/', 2) as attached_policies - from - aws_iam_group - cross join jsonb_array_elements_text(attached_policy_arns) as attachments; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as group_name,\n split_part(attachments, '/', 2)\ + \ as attached_policies\nfrom\n aws_iam_group\n cross join jsonb_array_elements_text(attached_policy_arns)\ + \ as attachments;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find all AWS IAM Group details with their attached policies diff --git a/queries/aws_iam_group_4.yaml b/queries/aws_iam_group_4.yaml index d5ca2c3f4..dd313518a 100755 --- a/queries/aws_iam_group_4.yaml +++ b/queries/aws_iam_group_4.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS IAM Group data such as group name, path, and + ARN. This table provides information about IAM groups within AWS Identity and Access + Management (IAM). ID: aws_iam_group_4 -Title: "Find all AWS IAM Group information like name and path" -Description: "Allows users to query AWS IAM Group data such as group name, path, and ARN. This table provides information about IAM groups within AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as group_name, - inline_policies - from - aws_iam_group - where - inline_policies is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as group_name,\n inline_policies\nfrom\n aws_iam_group\n\ + where \n inline_policies is not null;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find all AWS IAM Group information like name and path diff --git a/queries/aws_iam_open_id_connect_provider_1.yaml b/queries/aws_iam_open_id_connect_provider_1.yaml index bc9cfe27c..8a86e51f7 100755 --- a/queries/aws_iam_open_id_connect_provider_1.yaml +++ b/queries/aws_iam_open_id_connect_provider_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS IAM OpenID Connect Providers and retrieve details + about the OpenID Connect (OIDC) identity providers in their AWS account. ID: aws_iam_open_id_connect_provider_1 -Title: "Find AWS IAM OpenID Connect Providers and Details" -Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - client_id_list, - thumbprint_list, - url, - account_id - from - aws_iam_open_id_connect_provider; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n create_date,\n client_id_list,\n thumbprint_list,\n\ + \ url,\n account_id\nfrom\n aws_iam_open_id_connect_provider;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM OpenID Connect Providers and Details diff --git a/queries/aws_iam_open_id_connect_provider_2.yaml b/queries/aws_iam_open_id_connect_provider_2.yaml index 8cd79925e..f40656d3b 100755 --- a/queries/aws_iam_open_id_connect_provider_2.yaml +++ b/queries/aws_iam_open_id_connect_provider_2.yaml @@ -1,33 +1,23 @@ +Description: Allows users to query AWS IAM OpenID Connect Providers and retrieve details + about the OpenID Connect (OIDC) identity providers in their AWS account. ID: aws_iam_open_id_connect_provider_2 -Title: "List all AWS IAM OpenID Connect Providers in Account" -Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - client_id_list, - thumbprint_list, - url, - account_id - from - aws_iam_open_id_connect_provider - where - create_date <= (current_date - interval '90' day) - order by - create_date; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n create_date,\n client_id_list,\n thumbprint_list,\n\ + \ url,\n account_id\nfrom\n aws_iam_open_id_connect_provider\nwhere\n create_date\ + \ <= (current_date - interval '90' day)\norder by\n create_date;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: List all AWS IAM OpenID Connect Providers in Account diff --git a/queries/aws_iam_open_id_connect_provider_3.yaml b/queries/aws_iam_open_id_connect_provider_3.yaml index 05be9982c..3adeb348e 100755 --- a/queries/aws_iam_open_id_connect_provider_3.yaml +++ b/queries/aws_iam_open_id_connect_provider_3.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS IAM OpenID Connect Providers and retrieve details + about the OpenID Connect (OIDC) identity providers in their AWS account. ID: aws_iam_open_id_connect_provider_3 -Title: "Find AWS IAM OpenID Connect Providers and Retrieve Details" -Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - client_id_list, - thumbprint_list, - tags, - url, - account_id - from - aws_iam_open_id_connect_provider - where - tags ->> 'Environment' = 'Production'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n create_date,\n client_id_list,\n thumbprint_list,\n\ + \ tags,\n url,\n account_id\nfrom\n aws_iam_open_id_connect_provider\nwhere\n\ + \ tags ->> 'Environment' = 'Production';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM OpenID Connect Providers and Retrieve Details diff --git a/queries/aws_iam_open_id_connect_provider_4.yaml b/queries/aws_iam_open_id_connect_provider_4.yaml index b6bab9d83..53fc67ae9 100755 --- a/queries/aws_iam_open_id_connect_provider_4.yaml +++ b/queries/aws_iam_open_id_connect_provider_4.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS IAM OpenID Connect Providers and retrieve details + about the OpenID Connect (OIDC) identity providers in their AWS account. ID: aws_iam_open_id_connect_provider_4 -Title: "Find all AWS IAM OpenID Connect Providers with Details" -Description: "Allows users to query AWS IAM OpenID Connect Providers and retrieve details about the OpenID Connect (OIDC) identity providers in their AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - client_id_list, - thumbprint_list, - tags, - url, - account_id - from - aws_iam_open_id_connect_provider - where - client_id_list @> '["sts.amazonaws.com"]'::jsonb - and not thumbprint_list @> '["1c58a3a8518e8759bf075b76b750d4f2df264fcd", "6938fd4d98bab03faadb97b34396831e3780aea1"]'::jsonb - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n create_date,\n client_id_list,\n thumbprint_list,\n\ + \ tags,\n url,\n account_id\nfrom\n aws_iam_open_id_connect_provider\nwhere\n\ + \ client_id_list @> '[\"sts.amazonaws.com\"]'::jsonb\n and not thumbprint_list\ + \ @> '[\"1c58a3a8518e8759bf075b76b750d4f2df264fcd\", \"6938fd4d98bab03faadb97b34396831e3780aea1\"\ + ]'::jsonb" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws +Title: Find all AWS IAM OpenID Connect Providers with Details diff --git a/queries/aws_iam_policy_1.yaml b/queries/aws_iam_policy_1.yaml index 8e0ebbde1..07eaab57b 100755 --- a/queries/aws_iam_policy_1.yaml +++ b/queries/aws_iam_policy_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS IAM Policies, providing detailed information + about each policy, including permissions, attachment, and associated metadata. ID: aws_iam_policy_1 -Title: "Find all AWS IAM Policies with Detailed Information" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn - from - aws_iam_policy - where - not is_aws_managed; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn\nfrom\n aws_iam_policy\nwhere\n not is_aws_managed;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find all AWS IAM Policies with Detailed Information diff --git a/queries/aws_iam_policy_2.yaml b/queries/aws_iam_policy_2.yaml index 6bee0f900..36f74be19 100755 --- a/queries/aws_iam_policy_2.yaml +++ b/queries/aws_iam_policy_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS IAM Policies, providing detailed information + about each policy, including permissions, attachment, and associated metadata. ID: aws_iam_policy_2 -Title: "Find all AWS IAM Policies and associated metadata" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn - from - aws_iam_policy - where - not is_aws_managed - and path = '/turbot/'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn\nfrom\n aws_iam_policy\nwhere\n not is_aws_managed\n\ + \ and path = '/turbot/';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Policy +Title: Find all AWS IAM Policies and associated metadata diff --git a/queries/aws_iam_policy_3.yaml b/queries/aws_iam_policy_3.yaml index 567d76fa0..7d29245eb 100755 --- a/queries/aws_iam_policy_3.yaml +++ b/queries/aws_iam_policy_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS IAM Policies, providing detailed information + about each policy, including permissions, attachment, and associated metadata. ID: aws_iam_policy_3 -Title: "List all AWS IAM Policies and their Details" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - permissions_boundary_usage_count - from - aws_iam_policy - where - is_attached; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n permissions_boundary_usage_count\nfrom\n\ + \ aws_iam_policy\nwhere\n is_attached;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: List all AWS IAM Policies and their Details diff --git a/queries/aws_iam_policy_4.yaml b/queries/aws_iam_policy_4.yaml index 1a96e50ae..f6ce3b1ff 100755 --- a/queries/aws_iam_policy_4.yaml +++ b/queries/aws_iam_policy_4.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS IAM Policies, providing detailed information + about each policy, including permissions, attachment, and associated metadata. ID: aws_iam_policy_4 -Title: "List all AWS IAM Policies with Detailed Information" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - attachment_count, - permissions_boundary_usage_count - from - aws_iam_policy - where - not is_aws_managed - and not is_attached - and permissions_boundary_usage_count = 0; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n attachment_count,\n permissions_boundary_usage_count\n\ + from\n aws_iam_policy\nwhere\n not is_aws_managed\n and not is_attached\n \ + \ and permissions_boundary_usage_count = 0;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: List all AWS IAM Policies with Detailed Information diff --git a/queries/aws_iam_policy_5.yaml b/queries/aws_iam_policy_5.yaml index 976cf9764..b3cb518b9 100755 --- a/queries/aws_iam_policy_5.yaml +++ b/queries/aws_iam_policy_5.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS IAM Policies, providing detailed information + about each policy, including permissions, attachment, and associated metadata. ID: aws_iam_policy_5 -Title: "Find all AWS IAM Policies with permissions and metadata" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - action, - s ->> 'Effect' as effect - from - aws_iam_policy, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Action') as action - where - action in ('*', '*:*') - and s ->> 'Effect' = 'Allow'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n action,\n s ->> 'Effect' as effect\n\ + from\n aws_iam_policy,\n jsonb_array_elements(policy_std -> 'Statement') as\ + \ s,\n jsonb_array_elements_text(s -> 'Action') as action\nwhere\n action in\ + \ ('*', '*:*')\n and s ->> 'Effect' = 'Allow';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find all AWS IAM Policies with permissions and metadata diff --git a/queries/aws_iam_policy_6.yaml b/queries/aws_iam_policy_6.yaml index 230a38d46..db85bd25c 100755 --- a/queries/aws_iam_policy_6.yaml +++ b/queries/aws_iam_policy_6.yaml @@ -1,35 +1,24 @@ +Description: Allows users to query AWS IAM Policies, providing detailed information + about each policy, including permissions, attachment, and associated metadata. ID: aws_iam_policy_6 -Title: "Find all AWS IAM Policies with Permissions and Metadata" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - action, - s ->> 'Effect' as effect - from - aws_iam_policy, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Action') as action - where - s ->> 'Effect' = 'Allow' - and ( - action = '*' - or action like '%:*' - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n action,\n s ->> 'Effect' as effect\n\ + from\n aws_iam_policy,\n jsonb_array_elements(policy_std -> 'Statement') as\ + \ s,\n jsonb_array_elements_text(s -> 'Action') as action\nwhere\n s ->> 'Effect'\ + \ = 'Allow'\n and (\n action = '*'\n or action like '%:*'\n );" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find all AWS IAM Policies with Permissions and Metadata diff --git a/queries/aws_iam_policy_7.yaml b/queries/aws_iam_policy_7.yaml index 16e00f0af..a4d93dd26 100755 --- a/queries/aws_iam_policy_7.yaml +++ b/queries/aws_iam_policy_7.yaml @@ -1,35 +1,26 @@ +Description: Allows users to query AWS IAM Policies, providing detailed information + about each policy, including permissions, attachment, and associated metadata. ID: aws_iam_policy_7 -Title: "Find AWS IAM Policies with Detailed Information" -Description: "Allows users to query AWS IAM Policies, providing detailed information about each policy, including permissions, attachment, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.action, - a.access_level, - a.description - from - aws_iam_policy p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob(action_glob) as action_regex - join aws_iam_action a ON a.action LIKE action_regex - where - p.name = 'AmazonEC2ReadOnlyAccess' - and stmt ->> 'Effect' = 'Allow' - order by - a.action; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.action,\n a.access_level,\n a.description\nfrom\n\ + \ aws_iam_policy p,\n jsonb_array_elements(p.policy_std -> 'Statement') as stmt,\n\ + \ jsonb_array_elements_text(stmt -> 'Action') as action_glob,\n glob(action_glob)\ + \ as action_regex\n join aws_iam_action a ON a.action LIKE action_regex\nwhere\n\ + \ p.name = 'AmazonEC2ReadOnlyAccess'\n and stmt ->> 'Effect' = 'Allow'\norder\ + \ by\n a.action;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Policies with Detailed Information diff --git a/queries/aws_iam_policy_attachment_1.yaml b/queries/aws_iam_policy_attachment_1.yaml index 9afcb7f42..cddf54455 100755 --- a/queries/aws_iam_policy_attachment_1.yaml +++ b/queries/aws_iam_policy_attachment_1.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query IAM Policy Attachments in AWS to gather information + about the relationship between IAM policies and their associated entities (users, + groups, and roles). ID: aws_iam_policy_attachment_1 -Title: "Find all AWS IAM Policy Attachments and Associations" -Description: "Allows users to query IAM Policy Attachments in AWS to gather information about the relationship between IAM policies and their associated entities (users, groups, and roles)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_arn, - is_attached, - policy_groups - from - aws_iam_policy_attachment - where - is_attached; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n policy_arn,\n is_attached,\n policy_groups\nfrom\n\ + \ aws_iam_policy_attachment\nwhere\n is_attached;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find all AWS IAM Policy Attachments and Associations diff --git a/queries/aws_iam_policy_attachment_2.yaml b/queries/aws_iam_policy_attachment_2.yaml index 43dfe67a8..683ef9874 100755 --- a/queries/aws_iam_policy_attachment_2.yaml +++ b/queries/aws_iam_policy_attachment_2.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query IAM Policy Attachments in AWS to gather information + about the relationship between IAM policies and their associated entities (users, + groups, and roles). ID: aws_iam_policy_attachment_2 -Title: "Find IAM Policy Attachments in AWS" -Description: "Allows users to query IAM Policy Attachments in AWS to gather information about the relationship between IAM policies and their associated entities (users, groups, and roles)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - policy_arn, - is_attached, - policy_users - from - aws_iam_policy_attachment - where - is_attached; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n policy_arn,\n is_attached,\n policy_users\nfrom\n \ + \ aws_iam_policy_attachment\nwhere\n is_attached;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find IAM Policy Attachments in AWS diff --git a/queries/aws_iam_policy_attachment_3.yaml b/queries/aws_iam_policy_attachment_3.yaml index 837f7c733..aaf968fc6 100755 --- a/queries/aws_iam_policy_attachment_3.yaml +++ b/queries/aws_iam_policy_attachment_3.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query IAM Policy Attachments in AWS to gather information + about the relationship between IAM policies and their associated entities (users, + groups, and roles). ID: aws_iam_policy_attachment_3 -Title: "Find Relationships Between AWS IAM Policies and Entities" -Description: "Allows users to query IAM Policy Attachments in AWS to gather information about the relationship between IAM policies and their associated entities (users, groups, and roles)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as policy_name, - policy_arn, - jsonb_pretty(policy_users) as policy_users - from - aws_iam_policy p - left join aws_iam_policy_attachment a on p.arn = a.policy_arn - where - name = 'AdministratorAccess' and a.is_attached; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as policy_name, \n policy_arn, \n jsonb_pretty(policy_users)\ + \ as policy_users\nfrom\n aws_iam_policy p\n left join aws_iam_policy_attachment\ + \ a on p.arn = a.policy_arn \nwhere\n name = 'AdministratorAccess' and a.is_attached;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Policy +Title: Find Relationships Between AWS IAM Policies and Entities diff --git a/queries/aws_iam_policy_simulator_1.yaml b/queries/aws_iam_policy_simulator_1.yaml index 9cf2e62bc..8eb5b406d 100755 --- a/queries/aws_iam_policy_simulator_1.yaml +++ b/queries/aws_iam_policy_simulator_1.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query IAM Policy Simulator for evaluating the effects + of IAM access control policies. It provides information such as evaluation results, + matching resources, and involved actions. ID: aws_iam_policy_simulator_1 -Title: "Find IAM Policy Simulator Results for Access Control Evaluation" -Description: "Allows users to query IAM Policy Simulator for evaluating the effects of IAM access control policies. It provides information such as evaluation results, matching resources, and involved actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - decision - from - aws_iam_policy_simulator - where - action = 's3:DeleteBucket' - and resource_arn = '*' - and principal_arn = 'arn:aws:iam::012345678901:user/bob'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n decision\nfrom\n aws_iam_policy_simulator\nwhere\n \ + \ action = 's3:DeleteBucket'\n and resource_arn = '*'\n and principal_arn =\ + \ 'arn:aws:iam::012345678901:user/bob';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Policy Simulator +Title: Find IAM Policy Simulator Results for Access Control Evaluation diff --git a/queries/aws_iam_policy_simulator_2.yaml b/queries/aws_iam_policy_simulator_2.yaml index 0a1581b62..9a2a14093 100755 --- a/queries/aws_iam_policy_simulator_2.yaml +++ b/queries/aws_iam_policy_simulator_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query IAM Policy Simulator for evaluating the effects + of IAM access control policies. It provides information such as evaluation results, + matching resources, and involved actions. ID: aws_iam_policy_simulator_2 -Title: "Find AWS IAM Policy Simulator Evaluation Results for Control Policies" -Description: "Allows users to query IAM Policy Simulator for evaluating the effects of IAM access control policies. It provides information such as evaluation results, matching resources, and involved actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - decision, - jsonb_pretty(matched_statements) - from - aws_iam_policy_simulator - where - action = 'ec2:terminateinstances' - and resource_arn = '*' - and principal_arn = 'arn:aws:iam::012345678901:user/bob'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n decision,\n jsonb_pretty(matched_statements)\nfrom\n\ + \ aws_iam_policy_simulator\nwhere\n action = 'ec2:terminateinstances'\n and\ + \ resource_arn = '*'\n and principal_arn = 'arn:aws:iam::012345678901:user/bob';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Policy Simulator +Title: Find AWS IAM Policy Simulator Evaluation Results for Control Policies diff --git a/queries/aws_iam_policy_simulator_3.yaml b/queries/aws_iam_policy_simulator_3.yaml index 76cbacb71..ef7ce125d 100755 --- a/queries/aws_iam_policy_simulator_3.yaml +++ b/queries/aws_iam_policy_simulator_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query IAM Policy Simulator for evaluating the effects + of IAM access control policies. It provides information such as evaluation results, + matching resources, and involved actions. ID: aws_iam_policy_simulator_3 -Title: "List all AWS IAM Policy Simulator evaluation results" -Description: "Allows users to query IAM Policy Simulator for evaluating the effects of IAM access control policies. It provides information such as evaluation results, matching resources, and involved actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - u.name, - decision - from - aws_iam_policy_simulator p, - aws_iam_user u - where - action = 'sts:AssumeRole' - and resource_arn = '*' - and p.principal_arn = u.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n u.name,\n decision\nfrom\n aws_iam_policy_simulator\ + \ p,\n aws_iam_user u\nwhere\n action = 'sts:AssumeRole'\n and resource_arn\ + \ = '*'\n and p.principal_arn = u.arn;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Policy Simulator +Title: List all AWS IAM Policy Simulator evaluation results diff --git a/queries/aws_iam_role_1.yaml b/queries/aws_iam_role_1.yaml index ccf19953e..96d15858d 100755 --- a/queries/aws_iam_role_1.yaml +++ b/queries/aws_iam_role_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query IAM Roles to gain insights into their permissions, + trust policies, and associated metadata. ID: aws_iam_role_1 -Title: "Find IAM Roles with Inline Policies in AWS" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - create_date - from - aws_iam_role - where - inline_policies is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n create_date\nfrom\n aws_iam_role\nwhere\n \ + \ inline_policies is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find IAM Roles with Inline Policies in AWS diff --git a/queries/aws_iam_role_10.yaml b/queries/aws_iam_role_10.yaml index f9fcbe10b..d8789335e 100755 --- a/queries/aws_iam_role_10.yaml +++ b/queries/aws_iam_role_10.yaml @@ -1,40 +1,29 @@ +Description: Allows users to query IAM Roles to gain insights into their permissions, + trust policies, and associated metadata. ID: aws_iam_role_10 -Title: "Find all AWS Identity and Access Management (IAM) Roles" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - iam.arn as resource, - iam.description, - iam.assume_role_policy_std, - case - when pstatement -> 'Condition' -> 'StringLike' -> 'token.actions.githubusercontent.com:sub' is not null - or pstatement -> 'Condition' -> 'StringEquals' -> 'token.actions.githubusercontent.com:sub' is not null then 'ok' - else 'alarm' - end as status, - case - when pstatement -> 'Condition' -> 'StringLike' -> 'token.actions.githubusercontent.com:sub' is not null - or pstatement -> 'Condition' -> 'StringEquals' -> 'token.actions.githubusercontent.com:sub' is not null then iam.arn || ' Condition Check Exists' - else iam.arn || ' Missing Condition Check' - end as reason - from - aws_iam_role as iam, - jsonb_array_elements(iam.assume_role_policy_std -> 'Statement') as pstatement - where - pstatement -> 'Action' ?& array [ 'sts:assumerolewithwebidentity' ] - and (pstatement -> 'Principal' -> 'Federated') :: text like '%token.actions.githubusercontent.com%' - order by - status asc - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n iam.arn as resource,\n iam.description,\n iam.assume_role_policy_std,\n\ + \ case\n when pstatement -> 'Condition' -> 'StringLike' -> 'token.actions.githubusercontent.com:sub'\ + \ is not null\n or pstatement -> 'Condition' -> 'StringEquals' -> 'token.actions.githubusercontent.com:sub'\ + \ is not null then 'ok'\n else 'alarm'\n end as status,\n case\n when\ + \ pstatement -> 'Condition' -> 'StringLike' -> 'token.actions.githubusercontent.com:sub'\ + \ is not null\n or pstatement -> 'Condition' -> 'StringEquals' -> 'token.actions.githubusercontent.com:sub'\ + \ is not null then iam.arn || ' Condition Check Exists'\n else iam.arn || '\ + \ Missing Condition Check'\n end as reason\nfrom\n aws_iam_role as iam,\n jsonb_array_elements(iam.assume_role_policy_std\ + \ -> 'Statement') as pstatement\nwhere\n pstatement -> 'Action' ?& array [ 'sts:assumerolewithwebidentity'\ + \ ]\n and (pstatement -> 'Principal' -> 'Federated') :: text like '%token.actions.githubusercontent.com%'\n\ + order by\n status asc" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM Roles +Title: Find all AWS Identity and Access Management (IAM) Roles diff --git a/queries/aws_iam_role_2.yaml b/queries/aws_iam_role_2.yaml index af0aa676b..5598a6988 100755 --- a/queries/aws_iam_role_2.yaml +++ b/queries/aws_iam_role_2.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query IAM Roles to gain insights into their permissions, + trust policies, and associated metadata. ID: aws_iam_role_2 -Title: "Find AWS IAM Roles' Permissions, Policies & Metadata" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - split_part(policy, '/', 3) as attached_policy - from - aws_iam_role - cross join jsonb_array_elements_text(attached_policy_arns) as policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n split_part(policy, '/', 3) as\ + \ attached_policy\nfrom\n aws_iam_role\n cross join jsonb_array_elements_text(attached_policy_arns)\ + \ as policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: Find AWS IAM Roles' Permissions, Policies & Metadata diff --git a/queries/aws_iam_role_3.yaml b/queries/aws_iam_role_3.yaml index 6f2f46958..704cb1f31 100755 --- a/queries/aws_iam_role_3.yaml +++ b/queries/aws_iam_role_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query IAM Roles to gain insights into their permissions, + trust policies, and associated metadata. ID: aws_iam_role_3 -Title: "Find AWS IAM Roles and Their Associated Metadata" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - permissions_boundary_arn, - permissions_boundary_type - from - aws_iam_role; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n permissions_boundary_arn,\n\ + \ permissions_boundary_type\nfrom\n aws_iam_role;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Roles and Their Associated Metadata diff --git a/queries/aws_iam_role_4.yaml b/queries/aws_iam_role_4.yaml index 6b1d3215a..d07c1257b 100755 --- a/queries/aws_iam_role_4.yaml +++ b/queries/aws_iam_role_4.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query IAM Roles to gain insights into their permissions, + trust policies, and associated metadata. ID: aws_iam_role_4 -Title: "Find all AWS IAM Role Permissions and Trust Policies" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name as role_name, - p.name as policy_name - from - aws_iam_role as r, - jsonb_array_elements_text(r.attached_policy_arns) as policy_arn, - aws_iam_policy as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action - where - policy_arn = p.arn - and stmt ->> 'Effect' = 'Allow' - and action = '*' - order by - r.name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.name as role_name,\n p.name as policy_name\nfrom\n\ + \ aws_iam_role as r,\n jsonb_array_elements_text(r.attached_policy_arns) as\ + \ policy_arn,\n aws_iam_policy as p,\n jsonb_array_elements(p.policy_std ->\ + \ 'Statement') as stmt,\n jsonb_array_elements_text(stmt -> 'Action') as action\n\ + where\n policy_arn = p.arn\n and stmt ->> 'Effect' = 'Allow'\n and action =\ + \ '*'\norder by\n r.name;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find all AWS IAM Role Permissions and Trust Policies diff --git a/queries/aws_iam_role_5.yaml b/queries/aws_iam_role_5.yaml index d9316f738..abe4a8bb9 100755 --- a/queries/aws_iam_role_5.yaml +++ b/queries/aws_iam_role_5.yaml @@ -1,36 +1,24 @@ +Description: Allows users to query IAM Roles to gain insights into their permissions, + trust policies, and associated metadata. ID: aws_iam_role_5 -Title: "Find AWS IAM Roles and Policies Permissions Metadata" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name as role_name, - p.name as policy_name, - stmt ->> 'Sid' as statement, - action - from - aws_iam_role as r, - jsonb_array_elements_text(r.attached_policy_arns) as policy_arn, - aws_iam_policy as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action - where - r.name = 'owner' - and policy_arn = p.arn - and ( - action like '%*%' - or action like '%?%' - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.name as role_name,\n p.name as policy_name,\n stmt\ + \ ->> 'Sid' as statement,\n action\nfrom\n aws_iam_role as r,\n jsonb_array_elements_text(r.attached_policy_arns)\ + \ as policy_arn,\n aws_iam_policy as p,\n jsonb_array_elements(p.policy_std\ + \ -> 'Statement') as stmt,\n jsonb_array_elements_text(stmt -> 'Action') as action\n\ + where\n r.name = 'owner'\n and policy_arn = p.arn\n and (\n action like\ + \ '%*%'\n or action like '%?%'\n );" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: Find AWS IAM Roles and Policies Permissions Metadata diff --git a/queries/aws_iam_role_6.yaml b/queries/aws_iam_role_6.yaml index fb473422c..55dbeec4f 100755 --- a/queries/aws_iam_role_6.yaml +++ b/queries/aws_iam_role_6.yaml @@ -1,40 +1,28 @@ +Description: Allows users to query IAM Roles to gain insights into their permissions, + trust policies, and associated metadata. ID: aws_iam_role_6 -Title: "Find All AWS IAM Roles, Permissions, Trust Policies" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name, - a.action, - a.access_level, - a.description - from - aws_iam_role as r, - jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, - aws_iam_policy as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob(action_glob) as action_regex - join aws_iam_action as a on a.action like action_regex - where - pol_arn = p.arn - and stmt ->> 'Effect' = 'Allow' - and r.name = 'AWSServiceRoleForRDS' - and access_level not in ('List', 'Read') - order by - action; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.name,\n a.action,\n a.access_level,\n a.description\n\ + from\n aws_iam_role as r,\n jsonb_array_elements_text(r.attached_policy_arns)\ + \ as pol_arn,\n aws_iam_policy as p,\n jsonb_array_elements(p.policy_std ->\ + \ 'Statement') as stmt,\n jsonb_array_elements_text(stmt -> 'Action') as action_glob,\n\ + \ glob(action_glob) as action_regex\n join aws_iam_action as a on a.action like\ + \ action_regex\nwhere\n pol_arn = p.arn\n and stmt ->> 'Effect' = 'Allow'\n\ + \ and r.name = 'AWSServiceRoleForRDS'\n and access_level not in ('List', 'Read')\n\ + order by\n action;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find All AWS IAM Roles, Permissions, Trust Policies diff --git a/queries/aws_iam_role_7.yaml b/queries/aws_iam_role_7.yaml index 2fe370daf..52e5a932c 100755 --- a/queries/aws_iam_role_7.yaml +++ b/queries/aws_iam_role_7.yaml @@ -1,81 +1,36 @@ +Description: Allows users to query IAM Roles to gain insights into their permissions, + trust policies, and associated metadata. ID: aws_iam_role_7 -Title: "Find All AWS IAM Roles Permissions and Trust Policies" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with roles as ( - select - name, - attached_policy_arns - from - aws_iam_role - where - name in ('AWSServiceRoleForSSO', 'AWSServiceRoleForRDS') - ), - policies as ( - select - name, - arn, - policy_std - from - aws_iam_policy - ), - role1_permissions as ( - select - r.name, - a.action, - a.access_level, - a.description - from - roles as r, - jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, - policies as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob (action_glob) as action_regex - join aws_iam_action a on a.action like action_regex - where - pol_arn = p.arn - and stmt ->> 'Effect' = 'Allow' - and r.name = 'AWSServiceRoleForSSO' - ), - role2_permissions as ( - select - r.name, - a.action, - a.access_level, - a.description - from - roles as r, - jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, - policies as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob (action_glob) as action_regex - join aws_iam_action a on a.action like action_regex - where - pol_arn = p.arn - and stmt ->> 'Effect' = 'Allow' - and r.name = 'AWSServiceRoleForRDS' - ) - select - * - from - role2_permissions - where - action not in ( select action from role1_permissions) - order by - action; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with roles as (\n select\n name,\n attached_policy_arns\n\ + \ from\n aws_iam_role\n where\n name in ('AWSServiceRoleForSSO', 'AWSServiceRoleForRDS')\n\ + ),\npolicies as (\n select\n name,\n arn,\n policy_std\n from\n \ + \ aws_iam_policy\n),\nrole1_permissions as (\n select\n r.name,\n a.action,\n\ + \ a.access_level,\n a.description\n from\n roles as r,\n jsonb_array_elements_text(r.attached_policy_arns)\ + \ as pol_arn,\n policies as p,\n jsonb_array_elements(p.policy_std -> 'Statement')\ + \ as stmt,\n jsonb_array_elements_text(stmt -> 'Action') as action_glob,\n\ + \ glob (action_glob) as action_regex\n join aws_iam_action a on a.action\ + \ like action_regex\n where\n pol_arn = p.arn\n and stmt ->> 'Effect' =\ + \ 'Allow'\n and r.name = 'AWSServiceRoleForSSO'\n),\nrole2_permissions as (\n\ + \ select\n r.name,\n a.action,\n a.access_level,\n a.description\n\ + \ from\n roles as r,\n jsonb_array_elements_text(r.attached_policy_arns)\ + \ as pol_arn,\n policies as p,\n jsonb_array_elements(p.policy_std -> 'Statement')\ + \ as stmt,\n jsonb_array_elements_text(stmt -> 'Action') as action_glob,\n\ + \ glob (action_glob) as action_regex\n join aws_iam_action a on a.action\ + \ like action_regex\n where\n pol_arn = p.arn\n and stmt ->> 'Effect' =\ + \ 'Allow'\n and r.name = 'AWSServiceRoleForRDS'\n)\nselect\n *\nfrom\n role2_permissions\n\ + where\n action not in ( select action from role1_permissions)\norder by\n action;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find All AWS IAM Roles Permissions and Trust Policies diff --git a/queries/aws_iam_role_8.yaml b/queries/aws_iam_role_8.yaml index 6f1636dbd..9afdfba6c 100755 --- a/queries/aws_iam_role_8.yaml +++ b/queries/aws_iam_role_8.yaml @@ -1,41 +1,32 @@ +Description: Allows users to query IAM Roles to gain insights into their permissions, + trust policies, and associated metadata. ID: aws_iam_role_8 -Title: "Find IAM Roles, Insights into Permissions and Policies in AWS" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - maintenance.name, - admin.name, - jsonb_pretty(maintenance_stmt), - jsonb_pretty(admin_stmt) - from - -- use the account to get the organization_id - aws_account as a, - -- check any role as the "maintenance-role" - aws_iam_role as maintenance, - -- Combine via join with any role as the "admin-role" - aws_iam_role as admin, - jsonb_array_elements(maintenance.assume_role_policy_std -> 'Statement') as maintenance_stmt, - jsonb_array_elements(admin.assume_role_policy_std -> 'Statement') as admin_stmt - where - -- maintenance role can be assumed by any AWS principal - maintenance_stmt -> 'Principal' -> 'AWS' ? '*' - -- maintenance role principal must be in same account - and maintenance_stmt -> 'Condition' -> 'StringEquals' -> 'aws:principalorgid' ? a.organization_id - -- admin role specifically allow maintenance role - and admin_stmt -> 'Principal' -> 'AWS' ? maintenance.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n maintenance.name,\n admin.name,\n jsonb_pretty(maintenance_stmt),\n\ + \ jsonb_pretty(admin_stmt)\nfrom\n -- use the account to get the organization_id\n\ + \ aws_account as a,\n -- check any role as the \"maintenance-role\"\n aws_iam_role\ + \ as maintenance,\n -- Combine via join with any role as the \"admin-role\"\n\ + \ aws_iam_role as admin,\n jsonb_array_elements(maintenance.assume_role_policy_std\ + \ -> 'Statement') as maintenance_stmt,\n jsonb_array_elements(admin.assume_role_policy_std\ + \ -> 'Statement') as admin_stmt\nwhere\n -- maintenance role can be assumed by\ + \ any AWS principal\n maintenance_stmt -> 'Principal' -> 'AWS' ? '*'\n -- maintenance\ + \ role principal must be in same account\n and maintenance_stmt -> 'Condition'\ + \ -> 'StringEquals' -> 'aws:principalorgid' ? a.organization_id\n -- admin role\ + \ specifically allow maintenance role\n and admin_stmt -> 'Principal' -> 'AWS'\ + \ ? maintenance.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find IAM Roles, Insights into Permissions and Policies in AWS diff --git a/queries/aws_iam_role_9.yaml b/queries/aws_iam_role_9.yaml index 588ddf81f..aa58138fa 100755 --- a/queries/aws_iam_role_9.yaml +++ b/queries/aws_iam_role_9.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query IAM Roles to gain insights into their permissions, + trust policies, and associated metadata. ID: aws_iam_role_9 -Title: "Find all AWS IAM Roles with Permissions and Trust Policies" -Description: "Allows users to query IAM Roles to gain insights into their permissions, trust policies, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name, - stmt - from - aws_iam_role as r, - jsonb_array_elements(r.assume_role_policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Principal' -> 'AWS') as trust - where - trust = '*' - or trust like 'arn:aws:iam::%:role/%' - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.name,\n stmt\nfrom\n aws_iam_role as r,\n jsonb_array_elements(r.assume_role_policy_std\ + \ -> 'Statement') as stmt,\n jsonb_array_elements_text(stmt -> 'Principal' ->\ + \ 'AWS') as trust\nwhere\n trust = '*'\n or trust like 'arn:aws:iam::%:role/%'" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find all AWS IAM Roles with Permissions and Trust Policies diff --git a/queries/aws_iam_saml_provider_1.yaml b/queries/aws_iam_saml_provider_1.yaml index 00bf6b763..b4c8579a5 100755 --- a/queries/aws_iam_saml_provider_1.yaml +++ b/queries/aws_iam_saml_provider_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS IAM SAML Providers and retrieve detailed information + about each SAML provider within AWS Identity and Access Management (IAM). ID: aws_iam_saml_provider_1 -Title: "Find AWS IAM SAML Providers with Details" -Description: "Allows users to query AWS IAM SAML Providers and retrieve detailed information about each SAML provider within AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - valid_until, - region, - account_id - from - aws_iam_saml_provider; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n create_date,\n valid_until,\n region,\n account_id\n\ + from\n aws_iam_saml_provider;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management (IAM) +Title: Find AWS IAM SAML Providers with Details diff --git a/queries/aws_iam_saml_provider_2.yaml b/queries/aws_iam_saml_provider_2.yaml index 10e9fc012..0967d7ffa 100755 --- a/queries/aws_iam_saml_provider_2.yaml +++ b/queries/aws_iam_saml_provider_2.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS IAM SAML Providers and retrieve detailed information + about each SAML provider within AWS Identity and Access Management (IAM). ID: aws_iam_saml_provider_2 -Title: "Find all AWS IAM SAML Providers and Details" -Description: "Allows users to query AWS IAM SAML Providers and retrieve detailed information about each SAML provider within AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - valid_until, - region, - account_id - from - aws_iam_saml_provider - where - create_date <= (current_date - interval '90' day) - order by - create_date; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n create_date,\n valid_until,\n region,\n account_id\n\ + from\n aws_iam_saml_provider\nwhere\n create_date <= (current_date - interval\ + \ '90' day)\norder by\n create_date;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: Find all AWS IAM SAML Providers and Details diff --git a/queries/aws_iam_saml_provider_3.yaml b/queries/aws_iam_saml_provider_3.yaml index 02b588fc8..dcaa0f52f 100755 --- a/queries/aws_iam_saml_provider_3.yaml +++ b/queries/aws_iam_saml_provider_3.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS IAM SAML Providers and retrieve detailed information + about each SAML provider within AWS Identity and Access Management (IAM). ID: aws_iam_saml_provider_3 -Title: "Find AWS IAM SAML Providers expiring within 30 days" -Description: "Allows users to query AWS IAM SAML Providers and retrieve detailed information about each SAML provider within AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - create_date, - valid_until, - region, - account_id - from - aws_iam_saml_provider - where - valid_until <= (current_date - interval '30' day) - order by - valid_until; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n create_date,\n valid_until,\n region,\n account_id\n\ + from\n aws_iam_saml_provider\nwhere\n valid_until <= (current_date - interval\ + \ '30' day)\norder by\n valid_until;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: Find AWS IAM SAML Providers expiring within 30 days diff --git a/queries/aws_iam_server_certificate_1.yaml b/queries/aws_iam_server_certificate_1.yaml index 099f251ad..f5dbc5ff6 100755 --- a/queries/aws_iam_server_certificate_1.yaml +++ b/queries/aws_iam_server_certificate_1.yaml @@ -1,26 +1,19 @@ +Description: Allows users to query AWS IAM Server Certificates ID: aws_iam_server_certificate_1 -Title: "Find AWS IAM Server Certificates" -Description: "Allows users to query AWS IAM Server Certificates" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - server_certificate_id, - upload_date, - expiration - from - aws_iam_server_certificate; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n server_certificate_id,\n upload_date,\n\ + \ expiration\nfrom\n aws_iam_server_certificate;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Server Certificates diff --git a/queries/aws_iam_server_certificate_2.yaml b/queries/aws_iam_server_certificate_2.yaml index 54f8a01dd..4c226e996 100755 --- a/queries/aws_iam_server_certificate_2.yaml +++ b/queries/aws_iam_server_certificate_2.yaml @@ -1,26 +1,19 @@ +Description: Allows users to query AWS IAM Server Certificates ID: aws_iam_server_certificate_2 -Title: "Find AWS IAM Server Certificates with Expiry Info" -Description: "Allows users to query AWS IAM Server Certificates" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - expiration - from - aws_iam_server_certificate - where - expiration < now()::timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n expiration\nfrom\n aws_iam_server_certificate\n\ + where\n expiration < now()::timestamp;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Server Certificates with Expiry Info diff --git a/queries/aws_iam_service_specific_credential_1.yaml b/queries/aws_iam_service_specific_credential_1.yaml index 7bdd374f6..a146adc87 100755 --- a/queries/aws_iam_service_specific_credential_1.yaml +++ b/queries/aws_iam_service_specific_credential_1.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS IAM Service Specific Credentials, retrieving + detailed information about each credential, such as the username, status, creation + date, and service name. ID: aws_iam_service_specific_credential_1 -Title: "Find AWS IAM Service Specific Credentials Details" -Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_specific_credential_id, - create_date, - user_name - from - aws_iam_service_specific_credential; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n service_specific_credential_id,\n create_date,\n\ + \ user_name\nfrom\n aws_iam_service_specific_credential;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Service Specific Credentials Details diff --git a/queries/aws_iam_service_specific_credential_2.yaml b/queries/aws_iam_service_specific_credential_2.yaml index 055aa3f87..8fc6f2784 100755 --- a/queries/aws_iam_service_specific_credential_2.yaml +++ b/queries/aws_iam_service_specific_credential_2.yaml @@ -1,32 +1,26 @@ +Description: Allows users to query AWS IAM Service Specific Credentials, retrieving + detailed information about each credential, such as the username, status, creation + date, and service name. ID: aws_iam_service_specific_credential_2 -Title: "List AWS IAM Service Specific Credentials Details" -Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.service_name as service_name, - s.service_specific_credential_id as service_specific_credential_id, - u.name as user_name, - u.user_id as user_id, - u.password_last_used as password_last_used, - u.mfa_enabled as mfa_enabled - from - aws_iam_service_specific_credential as s, - aws_iam_user as u - where - s.user_name = u.name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.service_name as service_name,\n s.service_specific_credential_id\ + \ as service_specific_credential_id,\n u.name as user_name,\n u.user_id as user_id,\n\ + \ u.password_last_used as password_last_used,\n u.mfa_enabled as mfa_enabled\n\ + from\n aws_iam_service_specific_credential as s,\n aws_iam_user as u\nwhere\n\ + \ s.user_name = u.name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: List AWS IAM Service Specific Credentials Details diff --git a/queries/aws_iam_service_specific_credential_3.yaml b/queries/aws_iam_service_specific_credential_3.yaml index 73121036d..d96ce99de 100755 --- a/queries/aws_iam_service_specific_credential_3.yaml +++ b/queries/aws_iam_service_specific_credential_3.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS IAM Service Specific Credentials, retrieving + detailed information about each credential, such as the username, status, creation + date, and service name. ID: aws_iam_service_specific_credential_3 -Title: "Find AWS IAM Service Credentials and Detailed Info" -Description: "Allows users to query AWS IAM Service Specific Credentials, retrieving detailed information about each credential, such as the username, status, creation date, and service name." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_specific_credential_id, - create_date, - user_name - from - aws_iam_service_specific_credential - where - create_date <= current_date - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n service_specific_credential_id,\n create_date,\n\ + \ user_name\nfrom\n aws_iam_service_specific_credential\nwhere\n create_date\ + \ <= current_date - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Service Credentials and Detailed Info diff --git a/queries/aws_iam_user_1.yaml b/queries/aws_iam_user_1.yaml index 9f3f9c9ac..31256ef7b 100755 --- a/queries/aws_iam_user_1.yaml +++ b/queries/aws_iam_user_1.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS IAM User data, providing details such as user + ID, name, path, creation date, and more. This table is useful for security audits, + policy enforcement, and operational troubleshooting. ID: aws_iam_user_1 -Title: "List all AWS IAM User details with creation date" -Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - user_id, - path, - create_date, - password_last_used - from - aws_iam_user; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n user_id,\n path,\n create_date,\n password_last_used\n\ + from\n aws_iam_user;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: List all AWS IAM User details with creation date diff --git a/queries/aws_iam_user_2.yaml b/queries/aws_iam_user_2.yaml index 5e93f2fa3..8b55821d2 100755 --- a/queries/aws_iam_user_2.yaml +++ b/queries/aws_iam_user_2.yaml @@ -1,30 +1,26 @@ +Description: Allows users to query AWS IAM User data, providing details such as user + ID, name, path, creation date, and more. This table is useful for security audits, + policy enforcement, and operational troubleshooting. ID: aws_iam_user_2 -Title: "Find AWS IAM User Data for Security Audits & Enforcement" -Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as user_name, - iam_group ->> 'GroupName' as group_name, - iam_group ->> 'GroupId' as group_id, - iam_group ->> 'CreateDate' as create_date - from - aws_iam_user - cross join jsonb_array_elements(groups) as iam_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as user_name,\n iam_group ->> 'GroupName' as group_name,\n\ + \ iam_group ->> 'GroupId' as group_id,\n iam_group ->> 'CreateDate' as create_date\n\ + from\n aws_iam_user\n cross join jsonb_array_elements(groups) as iam_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM User Data for Security Audits & Enforcement diff --git a/queries/aws_iam_user_3.yaml b/queries/aws_iam_user_3.yaml index c211812f0..9fd12ed5f 100755 --- a/queries/aws_iam_user_3.yaml +++ b/queries/aws_iam_user_3.yaml @@ -1,30 +1,26 @@ +Description: Allows users to query AWS IAM User data, providing details such as user + ID, name, path, creation date, and more. This table is useful for security audits, + policy enforcement, and operational troubleshooting. ID: aws_iam_user_3 -Title: "Find all AWS IAM Users with Specific Policies" -Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as user_name, - split_part(attachments, '/', 2) as attached_policies - from - aws_iam_user - cross join jsonb_array_elements_text(attached_policy_arns) as attachments - where - split_part(attachments, '/', 2) = 'AdministratorAccess'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as user_name,\n split_part(attachments, '/', 2)\ + \ as attached_policies\nfrom\n aws_iam_user\n cross join jsonb_array_elements_text(attached_policy_arns)\ + \ as attachments\nwhere\n split_part(attachments, '/', 2) = 'AdministratorAccess';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find all AWS IAM Users with Specific Policies diff --git a/queries/aws_iam_user_4.yaml b/queries/aws_iam_user_4.yaml index 4a6fc378a..4cef9a6b1 100755 --- a/queries/aws_iam_user_4.yaml +++ b/queries/aws_iam_user_4.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS IAM User data, providing details such as user + ID, name, path, creation date, and more. This table is useful for security audits, + policy enforcement, and operational troubleshooting. ID: aws_iam_user_4 -Title: "Find all non-MFA enabled AWS IAM Users with SQL" -Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - user_id, - mfa_enabled - from - aws_iam_user - where - not mfa_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n user_id,\n mfa_enabled\nfrom\n aws_iam_user\n\ + where\n not mfa_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find all non-MFA enabled AWS IAM Users with SQL diff --git a/queries/aws_iam_user_5.yaml b/queries/aws_iam_user_5.yaml index 0206f20b0..6632caab4 100755 --- a/queries/aws_iam_user_5.yaml +++ b/queries/aws_iam_user_5.yaml @@ -1,28 +1,26 @@ +Description: Allows users to query AWS IAM User data, providing details such as user + ID, name, path, creation date, and more. This table is useful for security audits, + policy enforcement, and operational troubleshooting. ID: aws_iam_user_5 -Title: "Find all AWS IAM User Data for Audits and Troubleshooting" -Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as user_name, - split_part(attachments, '/', 2) as attached_policies - from - aws_iam_user - cross join jsonb_array_elements_text(attached_policy_arns) as attachments; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as user_name,\n split_part(attachments, '/', 2)\ + \ as attached_policies\nfrom\n aws_iam_user\n cross join jsonb_array_elements_text(attached_policy_arns)\ + \ as attachments;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find all AWS IAM User Data for Audits and Troubleshooting diff --git a/queries/aws_iam_user_6.yaml b/queries/aws_iam_user_6.yaml index f15307714..f37710744 100755 --- a/queries/aws_iam_user_6.yaml +++ b/queries/aws_iam_user_6.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS IAM User data, providing details such as user + ID, name, path, creation date, and more. This table is useful for security audits, + policy enforcement, and operational troubleshooting. ID: aws_iam_user_6 -Title: "Find AWS IAM Users with Inline Policies" -Description: "Allows users to query AWS IAM User data, providing details such as user ID, name, path, creation date, and more. This table is useful for security audits, policy enforcement, and operational troubleshooting." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as user_name, - inline_policies - from - aws_iam_user - where - inline_policies is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as user_name,\n inline_policies\nfrom\n aws_iam_user\n\ + where\n inline_policies is not null;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IAM +Title: Find AWS IAM Users with Inline Policies diff --git a/queries/aws_iam_virtual_mfa_device_1.yaml b/queries/aws_iam_virtual_mfa_device_1.yaml index 978c16201..73dc0802c 100755 --- a/queries/aws_iam_virtual_mfa_device_1.yaml +++ b/queries/aws_iam_virtual_mfa_device_1.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query Virtual MFA Devices in AWS Identity and Access + Management (IAM). ID: aws_iam_virtual_mfa_device_1 -Title: "Find all AWS IAM Virtual MFA Devices" -Description: "Allows users to query Virtual MFA Devices in AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - serial_number, - enable_date, - user_name - from - aws_iam_virtual_mfa_device; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n serial_number,\n enable_date,\n user_name\nfrom\n \ + \ aws_iam_virtual_mfa_device;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: Find all AWS IAM Virtual MFA Devices diff --git a/queries/aws_iam_virtual_mfa_device_2.yaml b/queries/aws_iam_virtual_mfa_device_2.yaml index fd5719705..37b270d03 100755 --- a/queries/aws_iam_virtual_mfa_device_2.yaml +++ b/queries/aws_iam_virtual_mfa_device_2.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query Virtual MFA Devices in AWS Identity and Access + Management (IAM). ID: aws_iam_virtual_mfa_device_2 -Title: "Find all AWS IAM Virtual MFA Devices" -Description: "Allows users to query Virtual MFA Devices in AWS Identity and Access Management (IAM)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - u.user_id, - mfa.serial_number, - path, - create_date, - password_last_used - from - aws_iam_user u - inner join aws_iam_virtual_mfa_device mfa on u.name = mfa.user_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n u.user_id,\n mfa.serial_number,\n path,\n\ + \ create_date,\n password_last_used\nfrom\n aws_iam_user u\n inner join aws_iam_virtual_mfa_device\ + \ mfa on u.name = mfa.user_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity and Access Management +Title: Find all AWS IAM Virtual MFA Devices diff --git a/queries/aws_identitystore_group_1.yaml b/queries/aws_identitystore_group_1.yaml index ac7dc45bb..e7b5ba8d7 100755 --- a/queries/aws_identitystore_group_1.yaml +++ b/queries/aws_identitystore_group_1.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS Identity Store Groups to obtain information + about the identity and attributes of groups in AWS. ID: aws_identitystore_group_1 -Title: "Find AWS Identity Store Groups Information" -Description: "Allows users to query AWS Identity Store Groups to obtain information about the identity and attributes of groups in AWS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name - from - aws_identitystore_group - where identity_store_id = 'd-1234567890' and id = '1234567890-12345678-abcd-abcd-abcd-1234567890ab'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name\nfrom\n aws_identitystore_group\nwhere identity_store_id\ + \ = 'd-1234567890' and id = '1234567890-12345678-abcd-abcd-abcd-1234567890ab';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity Store +Title: Find AWS Identity Store Groups Information diff --git a/queries/aws_identitystore_group_2.yaml b/queries/aws_identitystore_group_2.yaml index 087a3ced3..249c5e109 100755 --- a/queries/aws_identitystore_group_2.yaml +++ b/queries/aws_identitystore_group_2.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS Identity Store Groups to obtain information + about the identity and attributes of groups in AWS. ID: aws_identitystore_group_2 -Title: "Find AWS Identity Store Groups Information" -Description: "Allows users to query AWS Identity Store Groups to obtain information about the identity and attributes of groups in AWS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name - from - aws_identitystore_group - where identity_store_id = 'd-1234567890' and name = 'test'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name\nfrom\n aws_identitystore_group\nwhere identity_store_id\ + \ = 'd-1234567890' and name = 'test';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity Store +Title: Find AWS Identity Store Groups Information diff --git a/queries/aws_identitystore_group_membership_1.yaml b/queries/aws_identitystore_group_membership_1.yaml index 6e30025fe..d47400818 100755 --- a/queries/aws_identitystore_group_membership_1.yaml +++ b/queries/aws_identitystore_group_membership_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Identity Store Group Memberships, providing + information about AWS users'' membership status within various identity groups. ID: aws_identitystore_group_membership_1 -Title: "Find All AWS Identity Store Group Memberships" -Description: "Allows users to query AWS Identity Store Group Memberships, providing information about AWS users'' membership status within various identity groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity_store_id, - group_id, - membership_id, - member_id - from - aws_identitystore_group_membership - where - identity_store_id = 'd-1234567890'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n identity_store_id,\n group_id,\n membership_id,\n \ + \ member_id\nfrom\n aws_identitystore_group_membership\nwhere \n identity_store_id\ + \ = 'd-1234567890';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Identity Store +Title: Find All AWS Identity Store Group Memberships diff --git a/queries/aws_identitystore_group_membership_2.yaml b/queries/aws_identitystore_group_membership_2.yaml index cd0bfa975..447fac504 100755 --- a/queries/aws_identitystore_group_membership_2.yaml +++ b/queries/aws_identitystore_group_membership_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Identity Store Group Memberships, providing + information about AWS users'' membership status within various identity groups. ID: aws_identitystore_group_membership_2 -Title: "Find AWS Identity Store Group Memberships" -Description: "Allows users to query AWS Identity Store Group Memberships, providing information about AWS users'' membership status within various identity groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - m.membership_id, - m.group_id, - m.identity_store_id, - u.name as user_name - from - aws_identitystore_group_membership as m, - aws_identitystore_user as u - where - m.identity_store_id = 'd-1234567890' - and u.identity_store_id = m.identity_store_id - and u.id = m.member_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n m.membership_id,\n m.group_id,\n m.identity_store_id,\n\ + \ u.name as user_name \nfrom\n aws_identitystore_group_membership as m,\n aws_identitystore_user\ + \ as u \nwhere\n m.identity_store_id = 'd-1234567890' \n and u.identity_store_id\ + \ = m.identity_store_id \n and u.id = m.member_id;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity Store +Title: Find AWS Identity Store Group Memberships diff --git a/queries/aws_identitystore_group_membership_3.yaml b/queries/aws_identitystore_group_membership_3.yaml index 958c5f88d..6ed656220 100755 --- a/queries/aws_identitystore_group_membership_3.yaml +++ b/queries/aws_identitystore_group_membership_3.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Identity Store Group Memberships, providing + information about AWS users'' membership status within various identity groups. ID: aws_identitystore_group_membership_3 -Title: "Find AWS Identity Store Group Membership Details" -Description: "Allows users to query AWS Identity Store Group Memberships, providing information about AWS users'' membership status within various identity groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - m.membership_id, - m.group_id, - m.identity_store_id, - g.name as group_name - from - aws_identitystore_group_membership as m, - aws_identitystore_group as g - where - m.identity_store_id = 'd-1234567890' - and g.identity_store_id = m.identity_store_id - and g.id = m.group_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n m.membership_id,\n m.group_id,\n m.identity_store_id,\n\ + \ g.name as group_name\nfrom\n aws_identitystore_group_membership as m,\n aws_identitystore_group\ + \ as g\nwhere\n m.identity_store_id = 'd-1234567890'\n and g.identity_store_id\ + \ = m.identity_store_id\n and g.id = m.group_id;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity Store +Title: Find AWS Identity Store Group Membership Details diff --git a/queries/aws_identitystore_user_1.yaml b/queries/aws_identitystore_user_1.yaml index 116f480dc..5e420bde0 100755 --- a/queries/aws_identitystore_user_1.yaml +++ b/queries/aws_identitystore_user_1.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS Identity Store User data, providing details + such as user ID, username, and ARN. This table is essential for managing and auditing + user information within the AWS Identity Store. ID: aws_identitystore_user_1 -Title: "List AWS Identity Store User Details by ID and Identity Store ID" -Description: "Allows users to query AWS Identity Store User data, providing details such as user ID, username, and ARN. This table is essential for managing and auditing user information within the AWS Identity Store." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name - from - aws_identitystore_user - where identity_store_id = 'd-1234567890' and id = '1234567890-12345678-abcd-abcd-abcd-1234567890ab'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name\nfrom\n aws_identitystore_user\nwhere identity_store_id\ + \ = 'd-1234567890' and id = '1234567890-12345678-abcd-abcd-abcd-1234567890ab';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Identity Store +Title: List AWS Identity Store User Details by ID and Identity Store ID diff --git a/queries/aws_identitystore_user_2.yaml b/queries/aws_identitystore_user_2.yaml index 19ad65ec6..c2f4967ae 100755 --- a/queries/aws_identitystore_user_2.yaml +++ b/queries/aws_identitystore_user_2.yaml @@ -1,28 +1,25 @@ +Description: Allows users to query AWS Identity Store User data, providing details + such as user ID, username, and ARN. This table is essential for managing and auditing + user information within the AWS Identity Store. ID: aws_identitystore_user_2 -Title: "Query AWS Identity Store User Data in AWS Identity Store" -Description: "Allows users to query AWS Identity Store User data, providing details such as user ID, username, and ARN. This table is essential for managing and auditing user information within the AWS Identity Store." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name - from - aws_identitystore_user - where identity_store_id = 'd-1234567890' and name = 'test'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name\nfrom\n aws_identitystore_user\nwhere identity_store_id\ + \ = 'd-1234567890' and name = 'test';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Identity Store +Title: Query AWS Identity Store User Data in AWS Identity Store diff --git a/queries/aws_inspector2_coverage_1.yaml b/queries/aws_inspector2_coverage_1.yaml index e10118440..dc9225bc0 100755 --- a/queries/aws_inspector2_coverage_1.yaml +++ b/queries/aws_inspector2_coverage_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Inspector Coverage data that provides details + on the assessment targets and the assessment templates that are associated with + the AWS Inspector service. ID: aws_inspector2_coverage_1 -Title: "List AWS Inspector Coverage Assessment Targets & Templates" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - resource_id, - resource_type, - scan_type, - scan_status_reason, - scan_status_code - from - aws_inspector2_coverage; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n source_account_id,\n resource_id,\n resource_type,\n\ + \ scan_type,\n scan_status_reason,\n scan_status_code\nfrom\n aws_inspector2_coverage;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: List AWS Inspector Coverage Assessment Targets & Templates diff --git a/queries/aws_inspector2_coverage_2.yaml b/queries/aws_inspector2_coverage_2.yaml index 02129fbf4..5addfb027 100755 --- a/queries/aws_inspector2_coverage_2.yaml +++ b/queries/aws_inspector2_coverage_2.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Inspector Coverage data that provides details + on the assessment targets and the assessment templates that are associated with + the AWS Inspector service. ID: aws_inspector2_coverage_2 -Title: "Find all AWS Inspector Coverage Details" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - resource_id, - resource_type, - scan_status_code - from - aws_inspector2_coverage - where - scan_status_code = 'INACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n source_account_id,\n resource_id,\n resource_type,\n\ + \ scan_status_code\nfrom\n aws_inspector2_coverage\nwhere\n scan_status_code\ + \ = 'INACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find all AWS Inspector Coverage Details diff --git a/queries/aws_inspector2_coverage_3.yaml b/queries/aws_inspector2_coverage_3.yaml index 8e1bf47b8..90b24809b 100755 --- a/queries/aws_inspector2_coverage_3.yaml +++ b/queries/aws_inspector2_coverage_3.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Inspector Coverage data that provides details + on the assessment targets and the assessment templates that are associated with + the AWS Inspector service. ID: aws_inspector2_coverage_3 -Title: "Find AWS Inspector Coverage and Assessment Templates" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - scan_type, - resource_id as ec2_instance_id, - resource_type, - ec2_ami_id, - ec2_platform - from - aws_inspector2_coverage - where - resource_type = `aws_EC2_INSTANCE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n source_account_id,\n scan_type,\n resource_id as ec2_instance_id,\n\ + \ resource_type,\n ec2_ami_id,\n ec2_platform\nfrom\n aws_inspector2_coverage\n\ + where\n resource_type = `aws_EC2_INSTANCE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector Coverage and Assessment Templates diff --git a/queries/aws_inspector2_coverage_4.yaml b/queries/aws_inspector2_coverage_4.yaml index e460794cd..ddff3b01e 100755 --- a/queries/aws_inspector2_coverage_4.yaml +++ b/queries/aws_inspector2_coverage_4.yaml @@ -1,32 +1,25 @@ +Description: Allows users to query AWS Inspector Coverage data that provides details + on the assessment targets and the assessment templates that are associated with + the AWS Inspector service. ID: aws_inspector2_coverage_4 -Title: "List AWS Inspector Coverage Data on Assessment Targets" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - scan_type, - resource_id as ec2_instance_id, - resource_type, - ec2_ami_id, - ec2_platform, - ec2_instance_tags - from - aws_inspector2_coverage - where - ec2_instance_tags = '{"foo": "bar", "foo1": "bar1"}'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n source_account_id,\n scan_type,\n resource_id as ec2_instance_id,\n\ + \ resource_type,\n ec2_ami_id,\n ec2_platform,\n ec2_instance_tags\nfrom\n\ + \ aws_inspector2_coverage\nwhere\n ec2_instance_tags = '{\"foo\": \"bar\", \"\ + foo1\": \"bar1\"}';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: List AWS Inspector Coverage Data on Assessment Targets diff --git a/queries/aws_inspector2_coverage_5.yaml b/queries/aws_inspector2_coverage_5.yaml index 3ade1f5f7..2445d5c9d 100755 --- a/queries/aws_inspector2_coverage_5.yaml +++ b/queries/aws_inspector2_coverage_5.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Inspector Coverage data that provides details + on the assessment targets and the assessment templates that are associated with + the AWS Inspector service. ID: aws_inspector2_coverage_5 -Title: "List AWS Inspector Coverage Data on Assessment Targets" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - scan_type, - resource_id as ec2_instance_id, - resource_type, - lambda_function_name, - lambda_function_runtime, - lambda_function_tags - from - aws_inspector2_coverage - where - lambda_function_tags = '{"foo": "bar", "foo1": "bar1"}'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n source_account_id,\n scan_type,\n resource_id as ec2_instance_id,\n\ + \ resource_type,\n lambda_function_name,\n lambda_function_runtime,\n lambda_function_tags\n\ + from\n aws_inspector2_coverage\nwhere\n lambda_function_tags = '{\"foo\": \"\ + bar\", \"foo1\": \"bar1\"}';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: List AWS Inspector Coverage Data on Assessment Targets diff --git a/queries/aws_inspector2_coverage_6.yaml b/queries/aws_inspector2_coverage_6.yaml index 122643ab1..34b7734db 100755 --- a/queries/aws_inspector2_coverage_6.yaml +++ b/queries/aws_inspector2_coverage_6.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Inspector Coverage data that provides details + on the assessment targets and the assessment templates that are associated with + the AWS Inspector service. ID: aws_inspector2_coverage_6 -Title: "Find AWS Inspector Coverage Data for Assessment Targets" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - resource_id, - resource_type, - scan_type - from - aws_inspector2_coverage - where - scan_type = 'PACKAGE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n source_account_id,\n resource_id,\n resource_type,\n\ + \ scan_type\nfrom\n aws_inspector2_coverage\nwhere\n scan_type = 'PACKAGE';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector Coverage Data for Assessment Targets diff --git a/queries/aws_inspector2_coverage_7.yaml b/queries/aws_inspector2_coverage_7.yaml index c22ae9752..ad5b4dcc4 100755 --- a/queries/aws_inspector2_coverage_7.yaml +++ b/queries/aws_inspector2_coverage_7.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS Inspector Coverage data that provides details + on the assessment targets and the assessment templates that are associated with + the AWS Inspector service. ID: aws_inspector2_coverage_7 -Title: "List all AWS Inspector Coverage Data Details" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.resource_id, - c.resource_type, - c.ecr_repository_name, - r.registry_id, - r.repository_uri, - r.encryption_configuration - from - aws_inspector2_coverage as c, - aws_ecr_repository as r - where - r.repository_name = c.ecr_repository_name - and - c.resource_type = `AWS_ECR_REPOSITORY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n c.resource_id,\n c.resource_type,\n c.ecr_repository_name,\n\ + \ r.registry_id,\n r.repository_uri,\n r.encryption_configuration\nfrom\n \ + \ aws_inspector2_coverage as c,\n aws_ecr_repository as r\nwhere\n r.repository_name\ + \ = c.ecr_repository_name\nand\n c.resource_type = `AWS_ECR_REPOSITORY';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: List all AWS Inspector Coverage Data Details diff --git a/queries/aws_inspector2_coverage_8.yaml b/queries/aws_inspector2_coverage_8.yaml index 197800a15..248952f08 100755 --- a/queries/aws_inspector2_coverage_8.yaml +++ b/queries/aws_inspector2_coverage_8.yaml @@ -1,35 +1,25 @@ +Description: Allows users to query AWS Inspector Coverage data that provides details + on the assessment targets and the assessment templates that are associated with + the AWS Inspector service. ID: aws_inspector2_coverage_8 -Title: "Find AWS Inspector Coverage Data on Assessment Targets" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.resource_id, - c.resource_type, - c.lambda_function_name, - f.arn as lambda_function_arn, - c.lambda_function_runtime, - f.code_sha_256, - f.code_size, - f.kms_key_arn, - f.package_type - from - aws_inspector2_coverage as c, - aws_lambda_function as f - where - f.name = c.lambda_function_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n c.resource_id,\n c.resource_type,\n c.lambda_function_name,\n\ + \ f.arn as lambda_function_arn,\n c.lambda_function_runtime,\n f.code_sha_256,\n\ + \ f.code_size,\n f.kms_key_arn,\n f.package_type\nfrom\n aws_inspector2_coverage\ + \ as c,\n aws_lambda_function as f\nwhere\n f.name = c.lambda_function_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector Coverage Data on Assessment Targets diff --git a/queries/aws_inspector2_coverage_9.yaml b/queries/aws_inspector2_coverage_9.yaml index 5d1390ba1..32efc15ac 100755 --- a/queries/aws_inspector2_coverage_9.yaml +++ b/queries/aws_inspector2_coverage_9.yaml @@ -1,35 +1,25 @@ +Description: Allows users to query AWS Inspector Coverage data that provides details + on the assessment targets and the assessment templates that are associated with + the AWS Inspector service. ID: aws_inspector2_coverage_9 -Title: "Find AWS Inspector Coverage Data for EC2 Instances" -Description: "Allows users to query AWS Inspector Coverage data that provides details on the assessment targets and the assessment templates that are associated with the AWS Inspector service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.resource_id as ec2_instance_id, - c.resource_type, - c.ec2_ami_id, - i.instance_type, - i.instance_state, - i.disable_api_termination, - i.ebs_optimized - from - aws_inspector2_coverage as c, - aws_ec2_instance as i - where - i.instance_id = c.resource_id - and - c.resource_type = `AWS_EC2_INSTANCE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n c.resource_id as ec2_instance_id,\n c.resource_type,\n\ + \ c.ec2_ami_id,\n i.instance_type,\n i.instance_state,\n i.disable_api_termination,\n\ + \ i.ebs_optimized\nfrom\n aws_inspector2_coverage as c,\n aws_ec2_instance\ + \ as i\nwhere\n i.instance_id = c.resource_id\nand\n c.resource_type = `AWS_EC2_INSTANCE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Inspector +Title: Find AWS Inspector Coverage Data for EC2 Instances diff --git a/queries/aws_inspector2_coverage_statistics_1.yaml b/queries/aws_inspector2_coverage_statistics_1.yaml index ddf9ef5db..579c85a3a 100755 --- a/queries/aws_inspector2_coverage_statistics_1.yaml +++ b/queries/aws_inspector2_coverage_statistics_1.yaml @@ -1,23 +1,19 @@ +Description: Allows users to query AWS Inspector2 Coverage Statistics to obtain detailed + information about the assessment targets and the number of instances they cover. ID: aws_inspector2_coverage_statistics_1 -Title: "Find Detailed AWS Inspector2 Coverage Statistics" -Description: "Allows users to query AWS Inspector2 Coverage Statistics to obtain detailed information about the assessment targets and the number of instances they cover." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - total_counts, - counts_by_group - from - aws_inspector2_coverage_statistics; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n total_counts,\n counts_by_group\nfrom\n aws_inspector2_coverage_statistics;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector2 +Title: Find Detailed AWS Inspector2 Coverage Statistics diff --git a/queries/aws_inspector2_coverage_statistics_2.yaml b/queries/aws_inspector2_coverage_statistics_2.yaml index 5c4cccfa2..e1c4e454a 100755 --- a/queries/aws_inspector2_coverage_statistics_2.yaml +++ b/queries/aws_inspector2_coverage_statistics_2.yaml @@ -1,24 +1,21 @@ +Description: Allows users to query AWS Inspector2 Coverage Statistics to obtain detailed + information about the assessment targets and the number of instances they cover. ID: aws_inspector2_coverage_statistics_2 -Title: "Find AWS Inspector2 Coverage Statistics Details" -Description: "Allows users to query AWS Inspector2 Coverage Statistics to obtain detailed information about the assessment targets and the number of instances they cover." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - g ->> 'Count' as count, - g ->> 'GroupKey' as group_key - from - aws_inspector2_coverage_statistics, - jsonb_array_elements(counts_by_group) as g; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n g ->> 'Count' as count,\n g ->> 'GroupKey' as group_key\n\ + from\n aws_inspector2_coverage_statistics,\n jsonb_array_elements(counts_by_group)\ + \ as g;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector2 +Title: Find AWS Inspector2 Coverage Statistics Details diff --git a/queries/aws_inspector2_finding_1.yaml b/queries/aws_inspector2_finding_1.yaml index 25d95bae0..df31693be 100755 --- a/queries/aws_inspector2_finding_1.yaml +++ b/queries/aws_inspector2_finding_1.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_1 -Title: "Find AWS Inspector Findings and Insights Using SQL" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - description, - fix_available, - inspector_score, - severity, - finding_account_id - from - aws_inspector2_finding; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n description,\n fix_available,\n inspector_score,\n\ + \ severity,\n finding_account_id\nfrom\n aws_inspector2_finding;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector Findings and Insights Using SQL diff --git a/queries/aws_inspector2_finding_10.yaml b/queries/aws_inspector2_finding_10.yaml index 9d9752727..5ca1a7cb9 100755 --- a/queries/aws_inspector2_finding_10.yaml +++ b/queries/aws_inspector2_finding_10.yaml @@ -1,32 +1,27 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_10 -Title: "Find all AWS Inspector findings with fix available" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - finding_account_id, - first_observed_at, - fix_available, - exploit_available - from - aws_inspector2_finding - where - fix_available = 'YES'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n finding_account_id,\n first_observed_at,\n \ + \ fix_available,\n exploit_available\nfrom\n aws_inspector2_finding\nwhere\n\ + \ fix_available = 'YES';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find all AWS Inspector findings with fix available diff --git a/queries/aws_inspector2_finding_11.yaml b/queries/aws_inspector2_finding_11.yaml index acbc36afd..63a565877 100755 --- a/queries/aws_inspector2_finding_11.yaml +++ b/queries/aws_inspector2_finding_11.yaml @@ -1,32 +1,27 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_11 -Title: "Find AWS Inspector findings and security issues" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - inspector_score, - first_observed_at, - last_observed_at - inspector_score_details - from - aws_inspector2_finding - order by - inspector_score desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n inspector_score,\n first_observed_at,\n last_observed_at\n\ + \ inspector_score_details\nfrom\n aws_inspector2_finding\norder by\n inspector_score\ + \ desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector findings and security issues diff --git a/queries/aws_inspector2_finding_12.yaml b/queries/aws_inspector2_finding_12.yaml index e7ebe6817..8ebc40f89 100755 --- a/queries/aws_inspector2_finding_12.yaml +++ b/queries/aws_inspector2_finding_12.yaml @@ -1,32 +1,32 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_12 -Title: "Find AWS Inspector findings and security issues" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - inspector_score_details -> 'AdjustedCvss' ->> 'Score' as adjusted_cvss_score, - inspector_score_details -> 'AdjustedCvss' ->> 'ScScoreSourceore' as adjusted_cvss_source_score, - inspector_score_details -> 'AdjustedCvss' ->> 'ScoScoringVectorre' as adjusted_cvss_scoring_vector, - inspector_score_details -> 'AdjustedCvss' ->> 'Version' as adjusted_cvss_version, - inspector_score_details -> 'AdjustedCvss' -> 'Adjustments' as adjusted_cvss_adjustments, - inspector_score_details -> 'AdjustedCvss' ->> 'CvssSource' as adjusted_cvss_cvss_source - from - aws_inspector2_finding; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n inspector_score_details -> 'AdjustedCvss' ->>\ + \ 'Score' as adjusted_cvss_score,\n inspector_score_details -> 'AdjustedCvss'\ + \ ->> 'ScScoreSourceore' as adjusted_cvss_source_score,\n inspector_score_details\ + \ -> 'AdjustedCvss' ->> 'ScoScoringVectorre' as adjusted_cvss_scoring_vector,\n\ + \ inspector_score_details -> 'AdjustedCvss' ->> 'Version' as adjusted_cvss_version,\n\ + \ inspector_score_details -> 'AdjustedCvss' -> 'Adjustments' as adjusted_cvss_adjustments,\n\ + \ inspector_score_details -> 'AdjustedCvss' ->> 'CvssSource' as adjusted_cvss_cvss_source\n\ + from\n aws_inspector2_finding;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector findings and security issues diff --git a/queries/aws_inspector2_finding_13.yaml b/queries/aws_inspector2_finding_13.yaml index 4ce685854..26a5a0f0b 100755 --- a/queries/aws_inspector2_finding_13.yaml +++ b/queries/aws_inspector2_finding_13.yaml @@ -1,28 +1,27 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_13 -Title: "Find all AWS Inspector findings for security insights" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - network_reachability_details -> 'NetworkPath' -> 'Steps' as network_pathsteps, - network_reachability_details -> 'OpenPortRange' ->> 'Begin' as open_port_range_begin, - network_reachability_details -> 'OpenPortRange' ->> 'End' as open_port_range_end, - network_reachability_details -> 'Protocol' as protocol - from - aws_inspector2_finding; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n network_reachability_details -> 'NetworkPath'\ + \ -> 'Steps' as network_pathsteps,\n network_reachability_details -> 'OpenPortRange'\ + \ ->> 'Begin' as open_port_range_begin,\n network_reachability_details -> 'OpenPortRange'\ + \ ->> 'End' as open_port_range_end,\n network_reachability_details -> 'Protocol'\ + \ as protocol\nfrom\n aws_inspector2_finding;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find all AWS Inspector findings for security insights diff --git a/queries/aws_inspector2_finding_14.yaml b/queries/aws_inspector2_finding_14.yaml index 43671913d..903ecd839 100755 --- a/queries/aws_inspector2_finding_14.yaml +++ b/queries/aws_inspector2_finding_14.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_14 -Title: "List AWS Inspector Findings with Severity and Status" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - finding_account_id, - first_observed_at, - fix_available, - exploit_available, - resource_tags - from - aws_inspector2_finding - where - resource_tags = '[{"key": "Name", "value": "Dev"}, {"key": "Name", "value": "Prod"}]'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n finding_account_id,\n first_observed_at,\n \ + \ fix_available,\n exploit_available,\n resource_tags\nfrom\n aws_inspector2_finding\n\ + where\n resource_tags = '[{\"key\": \"Name\", \"value\": \"Dev\"}, {\"key\":\ + \ \"Name\", \"value\": \"Prod\"}]';" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: List AWS Inspector Findings with Severity and Status diff --git a/queries/aws_inspector2_finding_15.yaml b/queries/aws_inspector2_finding_15.yaml index ea3e773ce..b66b577aa 100755 --- a/queries/aws_inspector2_finding_15.yaml +++ b/queries/aws_inspector2_finding_15.yaml @@ -1,31 +1,28 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_15 -Title: "Find AWS Inspector Findings and Security Issues" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - finding_account_id, - first_observed_at, - fix_available, - exploit_available, - vulnerable_package - from - aws_inspector2_finding - where - vulnerable_package = '[{"architecture": "arc", "epoch": "231321", "name": "myVulere", "release": "v0.2.0", "sourceLambdaLayerArn": "arn:aws:lambda:us-west-2:123456789012:layer:my-layer:1", "sourceLayerHash": "dbasjkhda872", "version": "v0.1.0"}]'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n finding_account_id,\n first_observed_at,\n \ + \ fix_available,\n exploit_available,\n vulnerable_package\nfrom\n aws_inspector2_finding\n\ + where\n vulnerable_package = '[{\"architecture\": \"arc\", \"epoch\": \"231321\"\ + , \"name\": \"myVulere\", \"release\": \"v0.2.0\", \"sourceLambdaLayerArn\": \"\ + arn:aws:lambda:us-west-2:123456789012:layer:my-layer:1\", \"sourceLayerHash\"\ + : \"dbasjkhda872\", \"version\": \"v0.1.0\"}]';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector Findings and Security Issues diff --git a/queries/aws_inspector2_finding_2.yaml b/queries/aws_inspector2_finding_2.yaml index 9ffced156..fb58fb2f2 100755 --- a/queries/aws_inspector2_finding_2.yaml +++ b/queries/aws_inspector2_finding_2.yaml @@ -1,32 +1,26 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_2 -Title: "Find AWS Inspector Findings with High Severity" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - source, - vendor_severity, - status, - severity - from - aws_inspector2_finding - where - severity = 'HIGH'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n source,\n vendor_severity,\n status,\n severity\n\ + from\n aws_inspector2_finding\nwhere\n severity = 'HIGH';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector Findings with High Severity diff --git a/queries/aws_inspector2_finding_3.yaml b/queries/aws_inspector2_finding_3.yaml index 9934f9800..1afa86b26 100755 --- a/queries/aws_inspector2_finding_3.yaml +++ b/queries/aws_inspector2_finding_3.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_3 -Title: "Find Insights into AWS Inspector Security Issues" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - severity, - count(severity) - from - aws_inspector2_finding - group by - severity - order by - severity; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n severity,\n count(severity)\nfrom\n aws_inspector2_finding\n\ + group by\n severity\norder by\n severity;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find Insights into AWS Inspector Security Issues diff --git a/queries/aws_inspector2_finding_4.yaml b/queries/aws_inspector2_finding_4.yaml index 00fa4c0da..627ddf4ef 100755 --- a/queries/aws_inspector2_finding_4.yaml +++ b/queries/aws_inspector2_finding_4.yaml @@ -1,30 +1,26 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_4 -Title: "Find all AWS Inspector findings with details" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - arn, - severity - from - aws_inspector2_finding - where - last_observed_at >= now() - interval '10' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n arn,\n severity\nfrom\n aws_inspector2_finding\n\ + where\n last_observed_at >= now() - interval '10' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find all AWS Inspector findings with details diff --git a/queries/aws_inspector2_finding_5.yaml b/queries/aws_inspector2_finding_5.yaml index aff9589c8..961ad6e9a 100755 --- a/queries/aws_inspector2_finding_5.yaml +++ b/queries/aws_inspector2_finding_5.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_5 -Title: "Find AWS Inspector suppressed findings" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - status, - type, - resources, - vulnerable_packages - from - aws_inspector2_finding - where - status = 'SUPPRESSED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n status,\n type,\n resources,\n vulnerable_packages\n\ + from\n aws_inspector2_finding\nwhere\n status = 'SUPPRESSED';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector suppressed findings diff --git a/queries/aws_inspector2_finding_6.yaml b/queries/aws_inspector2_finding_6.yaml index a322ec6e7..60b757be3 100755 --- a/queries/aws_inspector2_finding_6.yaml +++ b/queries/aws_inspector2_finding_6.yaml @@ -1,32 +1,26 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_6 -Title: "Find AWS Inspector findings to identify vulnerabilities" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - status, - type, - resources, - vulnerable_packages - from - aws_inspector2_finding - where - type = 'PACKAGE_VULNERABILITY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n status,\n type,\n resources,\n vulnerable_packages\n\ + from\n aws_inspector2_finding\nwhere\n type = 'PACKAGE_VULNERABILITY';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector findings to identify vulnerabilities diff --git a/queries/aws_inspector2_finding_7.yaml b/queries/aws_inspector2_finding_7.yaml index 52270275f..f8fc76e87 100755 --- a/queries/aws_inspector2_finding_7.yaml +++ b/queries/aws_inspector2_finding_7.yaml @@ -1,30 +1,26 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_7 -Title: "Query AWS Inspector findings for security insights" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.arn as finding_arn, - r ->> 'Id' as resource_id, - r ->> 'Type' as resource_type, - r ->> 'Details' as resource_details, - r ->> 'Partition' as partition, - r ->> 'Tags' as resource_tags - from - aws_inspector2_finding as f, - jsonb_array_elements(resources) as r; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n f.arn as finding_arn,\n r ->> 'Id' as resource_id,\n\ + \ r ->> 'Type' as resource_type,\n r ->> 'Details' as resource_details,\n r\ + \ ->> 'Partition' as partition,\n r ->> 'Tags' as resource_tags\nfrom\n aws_inspector2_finding\ + \ as f,\n jsonb_array_elements(resources) as r;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Query AWS Inspector findings for security insights diff --git a/queries/aws_inspector2_finding_8.yaml b/queries/aws_inspector2_finding_8.yaml index b91bdc943..57d7310f1 100755 --- a/queries/aws_inspector2_finding_8.yaml +++ b/queries/aws_inspector2_finding_8.yaml @@ -1,37 +1,31 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_8 -Title: "Find AWS Inspector findings and vulnerabilities via SQL" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.arn, - f.vulnerability_id, - v ->> 'Name' as vulnerability_package_name, - v ->> 'Version' as vulnerability_package_version, - v ->> 'Arch' as vulnerability_package_arch, - v ->> 'Epoch' as vulnerability_package_epoch, - v ->> 'FilePath' as vulnerability_package_file_path, - v ->> 'FixedInVersion' as vulnerability_package_fixed_in_version, - v ->> 'PackageManager' as vulnerability_package_package_manager, - v ->> 'Release' as vulnerability_package_release, - v ->> 'Remediation' as vulnerability_package_remediation, - v ->> 'SourceLambdaLayerArn' as source_lambda_layer_arn, - v ->> 'Name' as source_layer_hash - from - aws_inspector2_finding as f, - jsonb_array_elements(vulnerable_packages) as v; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n f.arn,\n f.vulnerability_id,\n v ->> 'Name' as vulnerability_package_name,\n\ + \ v ->> 'Version' as vulnerability_package_version,\n v ->> 'Arch' as vulnerability_package_arch,\n\ + \ v ->> 'Epoch' as vulnerability_package_epoch,\n v ->> 'FilePath' as vulnerability_package_file_path,\n\ + \ v ->> 'FixedInVersion' as vulnerability_package_fixed_in_version,\n v ->>\ + \ 'PackageManager' as vulnerability_package_package_manager,\n v ->> 'Release'\ + \ as vulnerability_package_release,\n v ->> 'Remediation' as vulnerability_package_remediation,\n\ + \ v ->> 'SourceLambdaLayerArn' as source_lambda_layer_arn,\n v ->> 'Name' as\ + \ source_layer_hash\nfrom\n aws_inspector2_finding as f,\n jsonb_array_elements(vulnerable_packages)\ + \ as v;" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector findings and vulnerabilities via SQL diff --git a/queries/aws_inspector2_finding_9.yaml b/queries/aws_inspector2_finding_9.yaml index 26abb7a56..dbaed78cd 100755 --- a/queries/aws_inspector2_finding_9.yaml +++ b/queries/aws_inspector2_finding_9.yaml @@ -1,32 +1,27 @@ +Description: Allows users to query AWS Inspector findings to gain insights into potential + security issues and vulnerabilities within their AWS resources. The table provides + detailed information about each finding, including its severity, status, and associated + resources. ID: aws_inspector2_finding_9 -Title: "Find and Query Insights into AWS Inspector Findings" -Description: "Allows users to query AWS Inspector findings to gain insights into potential security issues and vulnerabilities within their AWS resources. The table provides detailed information about each finding, including its severity, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - finding_account_id, - first_observed_at, - fix_available, - exploit_available - from - aws_inspector2_finding - where - exploit_available = 'YES'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n finding_account_id,\n first_observed_at,\n \ + \ fix_available,\n exploit_available\nfrom\n aws_inspector2_finding\nwhere\n\ + \ exploit_available = 'YES';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find and Query Insights into AWS Inspector Findings diff --git a/queries/aws_inspector2_member_1.yaml b/queries/aws_inspector2_member_1.yaml index 48b84cdf3..2eb43409d 100755 --- a/queries/aws_inspector2_member_1.yaml +++ b/queries/aws_inspector2_member_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Inspector Members to retrieve detailed information + about the member accounts within an AWS Inspector assessment target. ID: aws_inspector2_member_1 -Title: "Find all AWS Inspector Members and Their Details" -Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - delegated_admin_account_id, - relationship_status, - updated_at - from - aws_inspector2_member; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n member_account_id,\n delegated_admin_account_id,\n \ + \ relationship_status,\n updated_at\nfrom\n aws_inspector2_member;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find all AWS Inspector Members and Their Details diff --git a/queries/aws_inspector2_member_2.yaml b/queries/aws_inspector2_member_2.yaml index 80d2e7b6d..3eaca0cad 100755 --- a/queries/aws_inspector2_member_2.yaml +++ b/queries/aws_inspector2_member_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Inspector Members to retrieve detailed information + about the member accounts within an AWS Inspector assessment target. ID: aws_inspector2_member_2 -Title: "Find AWS Inspector Members Information" -Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - delegated_admin_account_id, - relationship_status, - updated_at - from - aws_inspector2_member - where - updated_at >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n member_account_id,\n delegated_admin_account_id,\n \ + \ relationship_status,\n updated_at\nfrom\n aws_inspector2_member\nwhere\n \ + \ updated_at >= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector Members Information diff --git a/queries/aws_inspector2_member_3.yaml b/queries/aws_inspector2_member_3.yaml index 36e4e2abc..46b8e8150 100755 --- a/queries/aws_inspector2_member_3.yaml +++ b/queries/aws_inspector2_member_3.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Inspector Members to retrieve detailed information + about the member accounts within an AWS Inspector assessment target. ID: aws_inspector2_member_3 -Title: "Find all AWS Inspector Member Accounts Information" -Description: "Allows users to query AWS Inspector Members to retrieve detailed information about the member accounts within an AWS Inspector assessment target." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - delegated_admin_account_id, - relationship_status - from - aws_inspector2_member - where - relationship_status = 'INVITED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n member_account_id,\n delegated_admin_account_id,\n \ + \ relationship_status\nfrom\n aws_inspector2_member\nwhere\n relationship_status\ + \ = 'INVITED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Inspector +Title: Find all AWS Inspector Member Accounts Information diff --git a/queries/aws_inspector_assessment_run_1.yaml b/queries/aws_inspector_assessment_run_1.yaml index 7731f089c..f8d67eeb9 100755 --- a/queries/aws_inspector_assessment_run_1.yaml +++ b/queries/aws_inspector_assessment_run_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Inspector Assessment Runs to get detailed information + about each assessment run, including its state, duration, findings, and more. ID: aws_inspector_assessment_run_1 -Title: "List all AWS Inspector Assessment Runs and Details" -Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_template_arn, - created_at, - state, - region - from - aws_inspector_assessment_run; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n assessment_template_arn,\n created_at,\n\ + \ state,\n region\nfrom\n aws_inspector_assessment_run;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: List all AWS Inspector Assessment Runs and Details diff --git a/queries/aws_inspector_assessment_run_2.yaml b/queries/aws_inspector_assessment_run_2.yaml index 01dc83aca..bb19e84f9 100755 --- a/queries/aws_inspector_assessment_run_2.yaml +++ b/queries/aws_inspector_assessment_run_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Inspector Assessment Runs to get detailed information + about each assessment run, including its state, duration, findings, and more. ID: aws_inspector_assessment_run_2 -Title: "Find AWS Inspector Assessment Runs with Details" -Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - finding_counts ->> 'High' as high, - finding_counts ->> 'Low' as low, - finding_counts ->> 'Medium' as medium, - finding_counts ->> 'Informational' as informational, - state - from - aws_inspector_assessment_run; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n finding_counts ->> 'High' as high,\n finding_counts\ + \ ->> 'Low' as low,\n finding_counts ->> 'Medium' as medium,\n finding_counts\ + \ ->> 'Informational' as informational,\n state\nfrom\n aws_inspector_assessment_run;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector Assessment Runs with Details diff --git a/queries/aws_inspector_assessment_run_3.yaml b/queries/aws_inspector_assessment_run_3.yaml index 5cbeb0f66..c721f2434 100755 --- a/queries/aws_inspector_assessment_run_3.yaml +++ b/queries/aws_inspector_assessment_run_3.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Inspector Assessment Runs to get detailed information + about each assessment run, including its state, duration, findings, and more. ID: aws_inspector_assessment_run_3 -Title: "List all AWS Inspector Assessment Runs and Their Details" -Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - t.name as assessment_template_name, - r.name as assessment_run_name, - r.created_at as assessment_run_created_at, - r.state, - r.region - from - aws_inspector_assessment_run as r, - aws_inspector_assessment_template as t - where - r.assessment_template_arn = t.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n t.name as assessment_template_name,\n r.name as assessment_run_name,\n\ + \ r.created_at as assessment_run_created_at,\n r.state,\n r.region\nfrom\n\ + \ aws_inspector_assessment_run as r,\n aws_inspector_assessment_template as\ + \ t\nwhere\n r.assessment_template_arn = t.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Inspector +Title: List all AWS Inspector Assessment Runs and Their Details diff --git a/queries/aws_inspector_assessment_run_4.yaml b/queries/aws_inspector_assessment_run_4.yaml index a1ab742ff..d42cad3ce 100755 --- a/queries/aws_inspector_assessment_run_4.yaml +++ b/queries/aws_inspector_assessment_run_4.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS Inspector Assessment Runs to get detailed information + about each assessment run, including its state, duration, findings, and more. ID: aws_inspector_assessment_run_4 -Title: "List all AWS Inspector Assessment Runs and their details" -Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_template_arn, - created_at, - state, - region - from - aws_inspector_assessment_run - where - state <> 'COMPLETED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n assessment_template_arn,\n created_at,\n\ + \ state,\n region\nfrom\n aws_inspector_assessment_run\nwhere\n state <> 'COMPLETED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: List all AWS Inspector Assessment Runs and their details diff --git a/queries/aws_inspector_assessment_run_5.yaml b/queries/aws_inspector_assessment_run_5.yaml index 3d4c79c52..8c72577dd 100755 --- a/queries/aws_inspector_assessment_run_5.yaml +++ b/queries/aws_inspector_assessment_run_5.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Inspector Assessment Runs to get detailed information + about each assessment run, including its state, duration, findings, and more. ID: aws_inspector_assessment_run_5 -Title: "Query AWS Inspector Assessment Run Details" -Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - state, - jsonb_pretty(state_changes) as state_changes - from - aws_inspector_assessment_run; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n state,\n jsonb_pretty(state_changes)\ + \ as state_changes\nfrom\n aws_inspector_assessment_run;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Query AWS Inspector Assessment Run Details diff --git a/queries/aws_inspector_assessment_run_6.yaml b/queries/aws_inspector_assessment_run_6.yaml index 3b86c42cb..d8fc04ba1 100755 --- a/queries/aws_inspector_assessment_run_6.yaml +++ b/queries/aws_inspector_assessment_run_6.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Inspector Assessment Runs to get detailed information + about each assessment run, including its state, duration, findings, and more. ID: aws_inspector_assessment_run_6 -Title: "List all AWS Inspector Assessment Runs in Last Week" -Description: "Allows users to query AWS Inspector Assessment Runs to get detailed information about each assessment run, including its state, duration, findings, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_template_arn, - created_at, - state, - region - from - aws_inspector_assessment_run - where - created_at >= (now() - interval '7' day); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n assessment_template_arn,\n created_at,\n\ + \ state,\n region\nfrom\n aws_inspector_assessment_run\nwhere\n created_at\ + \ >= (now() - interval '7' day);" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: List all AWS Inspector Assessment Runs in Last Week diff --git a/queries/aws_inspector_assessment_target_1.yaml b/queries/aws_inspector_assessment_target_1.yaml index 705d97d2d..56e2fb867 100755 --- a/queries/aws_inspector_assessment_target_1.yaml +++ b/queries/aws_inspector_assessment_target_1.yaml @@ -1,29 +1,27 @@ +Description: Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` + table in Steampipe provides information about assessment targets within AWS Inspector. + This table allows DevOps engineers to query target-specific details, including ARN, + name, and associated resource group ARN. Users can utilize this table to gather + insights on assessment targets, such as their creation time, last updated time, + and more. The schema outlines the various attributes of the assessment target, including + the target ARN, creation date, and associated tags. ID: aws_inspector_assessment_target_1 -Title: "List AWS Inspector Assessment Targets with Details" -Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - resource_group_arn, - created_at, - updated_at, - region - from - aws_inspector_assessment_target; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n resource_group_arn,\n created_at,\n\ + \ updated_at,\n region\nfrom\n aws_inspector_assessment_target;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Inspector +Title: List AWS Inspector Assessment Targets with Details diff --git a/queries/aws_inspector_assessment_target_2.yaml b/queries/aws_inspector_assessment_target_2.yaml index b8a5e8549..abce2155c 100755 --- a/queries/aws_inspector_assessment_target_2.yaml +++ b/queries/aws_inspector_assessment_target_2.yaml @@ -1,31 +1,28 @@ +Description: Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` + table in Steampipe provides information about assessment targets within AWS Inspector. + This table allows DevOps engineers to query target-specific details, including ARN, + name, and associated resource group ARN. Users can utilize this table to gather + insights on assessment targets, such as their creation time, last updated time, + and more. The schema outlines the various attributes of the assessment target, including + the target ARN, creation date, and associated tags. ID: aws_inspector_assessment_target_2 -Title: "Find AWS Inspector Assessment Targets Created in Last 7 Days" -Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - resource_group_arn, - created_at, - updated_at, - region - from - aws_inspector_assessment_target - where - created_at > (current_date - interval '7' day); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n resource_group_arn,\n created_at,\n\ + \ updated_at,\n region\nfrom\n aws_inspector_assessment_target\nwhere\n created_at\ + \ > (current_date - interval '7' day);" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector Assessment Targets Created in Last 7 Days diff --git a/queries/aws_inspector_assessment_target_3.yaml b/queries/aws_inspector_assessment_target_3.yaml index fc4998b83..72f4f5a57 100755 --- a/queries/aws_inspector_assessment_target_3.yaml +++ b/queries/aws_inspector_assessment_target_3.yaml @@ -1,31 +1,28 @@ +Description: Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` + table in Steampipe provides information about assessment targets within AWS Inspector. + This table allows DevOps engineers to query target-specific details, including ARN, + name, and associated resource group ARN. Users can utilize this table to gather + insights on assessment targets, such as their creation time, last updated time, + and more. The schema outlines the various attributes of the assessment target, including + the target ARN, creation date, and associated tags. ID: aws_inspector_assessment_target_3 -Title: "List AWS Inspector Assessment Targets Details" -Description: "Allows users to query AWS Inspector Assessment Targets. The `aws_inspector_assessment_target` table in Steampipe provides information about assessment targets within AWS Inspector. This table allows DevOps engineers to query target-specific details, including ARN, name, and associated resource group ARN. Users can utilize this table to gather insights on assessment targets, such as their creation time, last updated time, and more. The schema outlines the various attributes of the assessment target, including the target ARN, creation date, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - resource_group_arn, - created_at, - updated_at, - region - from - aws_inspector_assessment_target - where - created_at != updated_at; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n resource_group_arn,\n created_at,\n\ + \ updated_at,\n region\nfrom\n aws_inspector_assessment_target\nwhere\n created_at\ + \ != updated_at;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: List AWS Inspector Assessment Targets Details diff --git a/queries/aws_inspector_assessment_template_1.yaml b/queries/aws_inspector_assessment_template_1.yaml index afc4b3aec..d64efd0b6 100755 --- a/queries/aws_inspector_assessment_template_1.yaml +++ b/queries/aws_inspector_assessment_template_1.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Inspector Assessment Templates to gain insights + into each template''s configuration, including ARN, duration, rules package ARNs, + and user attributes for findings. ID: aws_inspector_assessment_template_1 -Title: "Find AWS Inspector Assessment Templates" -Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_run_count, - created_at, - assessment_target_arn, - region - from - aws_inspector_assessment_template; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n assessment_run_count,\n created_at,\n\ + \ assessment_target_arn,\n region\nfrom\n aws_inspector_assessment_template;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector Assessment Templates diff --git a/queries/aws_inspector_assessment_template_2.yaml b/queries/aws_inspector_assessment_template_2.yaml index 43212d57b..7b2489d13 100755 --- a/queries/aws_inspector_assessment_template_2.yaml +++ b/queries/aws_inspector_assessment_template_2.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Inspector Assessment Templates to gain insights + into each template''s configuration, including ARN, duration, rules package ARNs, + and user attributes for findings. ID: aws_inspector_assessment_template_2 -Title: "List AWS Inspector Assessment Template Configurations" -Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_run_count, - created_at, - assessment_target_arn, - user_attributes_for_findings, - region - from - aws_inspector_assessment_template - where - user_attributes_for_findings = '[]'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n assessment_run_count,\n created_at,\n\ + \ assessment_target_arn,\n user_attributes_for_findings,\n region\nfrom\n \ + \ aws_inspector_assessment_template\nwhere\n user_attributes_for_findings = '[]';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Inspector +Title: List AWS Inspector Assessment Template Configurations diff --git a/queries/aws_inspector_assessment_template_3.yaml b/queries/aws_inspector_assessment_template_3.yaml index 5c71b02e1..06dc08f5e 100755 --- a/queries/aws_inspector_assessment_template_3.yaml +++ b/queries/aws_inspector_assessment_template_3.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Inspector Assessment Templates to gain insights + into each template''s configuration, including ARN, duration, rules package ARNs, + and user attributes for findings. ID: aws_inspector_assessment_template_3 -Title: "Find AWS Inspector Assessment Templates with 0 Runs" -Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_run_count, - created_at, - assessment_target_arn, - user_attributes_for_findings, - region - from - aws_inspector_assessment_template - where - assessment_run_count = 0; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n assessment_run_count,\n created_at,\n\ + \ assessment_target_arn,\n user_attributes_for_findings,\n region\nfrom\n \ + \ aws_inspector_assessment_template\nwhere\n assessment_run_count = 0;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector Assessment Templates with 0 Runs diff --git a/queries/aws_inspector_assessment_template_4.yaml b/queries/aws_inspector_assessment_template_4.yaml index 0af35d6e2..9b5327871 100755 --- a/queries/aws_inspector_assessment_template_4.yaml +++ b/queries/aws_inspector_assessment_template_4.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Inspector Assessment Templates to gain insights + into each template''s configuration, including ARN, duration, rules package ARNs, + and user attributes for findings. ID: aws_inspector_assessment_template_4 -Title: "List AWS Inspector Assessment Template Details" -Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_run_count, - created_at, - assessment_target_arn, - duration_in_seconds, - region - from - aws_inspector_assessment_template - where - duration_in_seconds < 3600; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n assessment_run_count,\n created_at,\n\ + \ assessment_target_arn,\n duration_in_seconds,\n region\nfrom\n aws_inspector_assessment_template\n\ + where\n duration_in_seconds < 3600;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: List AWS Inspector Assessment Template Details diff --git a/queries/aws_inspector_assessment_template_5.yaml b/queries/aws_inspector_assessment_template_5.yaml index f4f1ee7e8..486946d0a 100755 --- a/queries/aws_inspector_assessment_template_5.yaml +++ b/queries/aws_inspector_assessment_template_5.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Inspector Assessment Templates to gain insights + into each template''s configuration, including ARN, duration, rules package ARNs, + and user attributes for findings. ID: aws_inspector_assessment_template_5 -Title: "Find all AWS Inspector Assessment Templates with No Runs" -Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_run_count, - created_at, - assessment_target_arn, - user_attributes_for_findings, - region - from - aws_inspector_assessment_template - where - assessment_run_count = 0; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n assessment_run_count,\n created_at,\n\ + \ assessment_target_arn,\n user_attributes_for_findings,\n region\nfrom\n \ + \ aws_inspector_assessment_template\nwhere\n assessment_run_count = 0;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find all AWS Inspector Assessment Templates with No Runs diff --git a/queries/aws_inspector_assessment_template_6.yaml b/queries/aws_inspector_assessment_template_6.yaml index e870e1853..410dd8cf0 100755 --- a/queries/aws_inspector_assessment_template_6.yaml +++ b/queries/aws_inspector_assessment_template_6.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Inspector Assessment Templates to gain insights + into each template''s configuration, including ARN, duration, rules package ARNs, + and user attributes for findings. ID: aws_inspector_assessment_template_6 -Title: "Find AWS Inspector Assessment Templates by Duration" -Description: "Allows users to query AWS Inspector Assessment Templates to gain insights into each template''s configuration, including ARN, duration, rules package ARNs, and user attributes for findings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - assessment_run_count, - created_at, - assessment_target_arn, - duration_in_seconds, - region - from - aws_inspector_assessment_template - where - duration_in_seconds < 3600; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n assessment_run_count,\n created_at,\n\ + \ assessment_target_arn,\n duration_in_seconds,\n region\nfrom\n aws_inspector_assessment_template\n\ + where\n duration_in_seconds < 3600;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector Assessment Templates by Duration diff --git a/queries/aws_inspector_exclusion_1.yaml b/queries/aws_inspector_exclusion_1.yaml index b0f81830b..c99cbddc1 100755 --- a/queries/aws_inspector_exclusion_1.yaml +++ b/queries/aws_inspector_exclusion_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Inspector Exclusions and retrieve data about + AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations. ID: aws_inspector_exclusion_1 -Title: "List all AWS Inspector Exclusions with Descriptions" -Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - attributes, - description, - title, - region - from - aws_inspector_exclusion; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n attributes,\n description,\n title,\n region\n\ + from\n aws_inspector_exclusion;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: List all AWS Inspector Exclusions with Descriptions diff --git a/queries/aws_inspector_exclusion_2.yaml b/queries/aws_inspector_exclusion_2.yaml index 6d212da9d..c979562d2 100755 --- a/queries/aws_inspector_exclusion_2.yaml +++ b/queries/aws_inspector_exclusion_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Inspector Exclusions and retrieve data about + AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations. ID: aws_inspector_exclusion_2 -Title: "Find AWS Inspector Exclusions including ARNs and Descriptions" -Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - attributes, - description, - title, - region - from - aws_inspector_exclusion - where - assessment_run_arn = 'arn:aws:inspector:us-east-1:012345678912:target/0-ywdTAdRg/template/0-rY1J4B4f/run/0-LRRwpQFz'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n attributes,\n description,\n title,\n region\n\ + from\n aws_inspector_exclusion\nwhere\n assessment_run_arn = 'arn:aws:inspector:us-east-1:012345678912:target/0-ywdTAdRg/template/0-rY1J4B4f/run/0-LRRwpQFz';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find AWS Inspector Exclusions including ARNs and Descriptions diff --git a/queries/aws_inspector_exclusion_3.yaml b/queries/aws_inspector_exclusion_3.yaml index 3cfa3c300..7ff416593 100755 --- a/queries/aws_inspector_exclusion_3.yaml +++ b/queries/aws_inspector_exclusion_3.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS Inspector Exclusions and retrieve data about + AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations. ID: aws_inspector_exclusion_3 -Title: "List AWS Inspector Exclusions with Details" -Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - jsonb_pretty(attributes) as attributes, - jsonb_pretty(scopes) as scopes - from - aws_inspector_exclusion; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n jsonb_pretty(attributes) as attributes,\n jsonb_pretty(scopes)\ + \ as scopes\nfrom\n aws_inspector_exclusion;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Inspector +Title: List AWS Inspector Exclusions with Details diff --git a/queries/aws_inspector_exclusion_4.yaml b/queries/aws_inspector_exclusion_4.yaml index 24184a1c1..3e3f5959f 100755 --- a/queries/aws_inspector_exclusion_4.yaml +++ b/queries/aws_inspector_exclusion_4.yaml @@ -1,31 +1,20 @@ +Description: Allows users to query AWS Inspector Exclusions and retrieve data about + AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations. ID: aws_inspector_exclusion_4 -Title: "List all AWS Inspector Exclusions with Details" -Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - title, - count(arn) - from - aws_inspector_exclusion - group by - arn, - region, - title - order by - count desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n region,\n title,\n count(arn)\nfrom\n aws_inspector_exclusion\n\ + group by\n arn,\n region,\n title\norder by\n count desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Inspector +Title: List all AWS Inspector Exclusions with Details diff --git a/queries/aws_inspector_exclusion_5.yaml b/queries/aws_inspector_exclusion_5.yaml index 6da8d1666..3ec2a934a 100755 --- a/queries/aws_inspector_exclusion_5.yaml +++ b/queries/aws_inspector_exclusion_5.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS Inspector Exclusions and retrieve data about + AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations. ID: aws_inspector_exclusion_5 -Title: "List AWS Inspector Exclusions with ARNs and Recommendations" -Description: "Allows users to query AWS Inspector Exclusions and retrieve data about AWS Inspector Exclusions, including their ARNs, descriptions, and recommendations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.arn, - e.title, - jsonb_pretty(e.attributes) as attributes, - e.recommendation - from - aws_inspector_exclusion e, - aws_inspector_assessment_run r, - aws_inspector_assessment_template t - where - e.assessment_run_arn = r.arn - and - r.assessment_template_arn = t.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n e.arn, \n e.title, \n jsonb_pretty(e.attributes) as\ + \ attributes, \n e.recommendation \nfrom \n aws_inspector_exclusion e, \n aws_inspector_assessment_run\ + \ r, \n aws_inspector_assessment_template t \nwhere \n e.assessment_run_arn\ + \ = r.arn \nand \n r.assessment_template_arn = t.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: List AWS Inspector Exclusions with ARNs and Recommendations diff --git a/queries/aws_inspector_finding_1.yaml b/queries/aws_inspector_finding_1.yaml index afc128e7e..d70fc952e 100755 --- a/queries/aws_inspector_finding_1.yaml +++ b/queries/aws_inspector_finding_1.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Inspector Findings to obtain detailed information + about the Amazon Inspector findings that are generated during the assessment of + the target applications. ID: aws_inspector_finding_1 -Title: "Find all AWS Inspector Findings details" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - agent_id as instance_id, - asset_type, - confidence, - severity - from - aws_inspector_finding; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n agent_id as instance_id,\n asset_type,\n\ + \ confidence,\n severity\nfrom\n aws_inspector_finding;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Inspector +Title: Find all AWS Inspector Findings details diff --git a/queries/aws_inspector_finding_10.yaml b/queries/aws_inspector_finding_10.yaml index 96af7ee2b..12a6468cb 100755 --- a/queries/aws_inspector_finding_10.yaml +++ b/queries/aws_inspector_finding_10.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Inspector Findings to obtain detailed information + about the Amazon Inspector findings that are generated during the assessment of + the target applications. ID: aws_inspector_finding_10 -Title: "List all AWS Inspector Findings with Details" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - agent_id as instance_id, - asset_type, - confidence, - severity - from - aws_inspector_finding - order by - confidence; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n agent_id as instance_id,\n asset_type,\n\ + \ confidence,\n severity\nfrom\n aws_inspector_finding\norder by\n confidence;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Inspector +Title: List all AWS Inspector Findings with Details diff --git a/queries/aws_inspector_finding_2.yaml b/queries/aws_inspector_finding_2.yaml index 62bb52454..45208b0c3 100755 --- a/queries/aws_inspector_finding_2.yaml +++ b/queries/aws_inspector_finding_2.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Inspector Findings to obtain detailed information + about the Amazon Inspector findings that are generated during the assessment of + the target applications. ID: aws_inspector_finding_2 -Title: "List High Severity Findings from AWS Inspector" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - agent_id as instance_id, - asset_type, - confidence, - severity - from - aws_inspector_finding - where - severity = 'High'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n agent_id as instance_id,\n asset_type,\n\ + \ confidence,\n severity\nfrom\n aws_inspector_finding\nwhere\n severity =\ + \ 'High';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Inspector +Title: List High Severity Findings from AWS Inspector diff --git a/queries/aws_inspector_finding_3.yaml b/queries/aws_inspector_finding_3.yaml index 921244d7f..21a957ded 100755 --- a/queries/aws_inspector_finding_3.yaml +++ b/queries/aws_inspector_finding_3.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Inspector Findings to obtain detailed information + about the Amazon Inspector findings that are generated during the assessment of + the target applications. ID: aws_inspector_finding_3 -Title: "Find AWS Inspector Findings by Severity" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - severity, - count(severity) - from - aws_inspector_finding - group by - severity - order by - severity; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n severity,\n count(severity)\nfrom\n aws_inspector_finding\n\ + group by\n severity\norder by\n severity;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Inspector +Title: Find AWS Inspector Findings by Severity diff --git a/queries/aws_inspector_finding_4.yaml b/queries/aws_inspector_finding_4.yaml index 59e1e7665..e352bb67f 100755 --- a/queries/aws_inspector_finding_4.yaml +++ b/queries/aws_inspector_finding_4.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Inspector Findings to obtain detailed information + about the Amazon Inspector findings that are generated during the assessment of + the target applications. ID: aws_inspector_finding_4 -Title: "List AWS Inspector Findings from the Past 10 Days" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - confidence, - severity - from - aws_inspector_finding - where - created_at >= now() - interval '10' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n id,\n confidence,\n severity\nfrom\n aws_inspector_finding\n\ + where\n created_at >= now() - interval '10' day;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Inspector +Title: List AWS Inspector Findings from the Past 10 Days diff --git a/queries/aws_inspector_finding_5.yaml b/queries/aws_inspector_finding_5.yaml index 631ec9cc2..aac4ae574 100755 --- a/queries/aws_inspector_finding_5.yaml +++ b/queries/aws_inspector_finding_5.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS Inspector Findings to obtain detailed information + about the Amazon Inspector findings that are generated during the assessment of + the target applications. ID: aws_inspector_finding_5 -Title: "List all AWS Inspector Findings with Detailed Information" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - jsonb_pretty(attributes) as attributes - from - aws_inspector_finding; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n id, \n jsonb_pretty(attributes) as attributes\n\ + from\n aws_inspector_finding;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Inspector +Title: List all AWS Inspector Findings with Detailed Information diff --git a/queries/aws_inspector_finding_6.yaml b/queries/aws_inspector_finding_6.yaml index 90baa24ca..30aeae3fd 100755 --- a/queries/aws_inspector_finding_6.yaml +++ b/queries/aws_inspector_finding_6.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Inspector Findings to obtain detailed information + about the Amazon Inspector findings that are generated during the assessment of + the target applications. ID: aws_inspector_finding_6 -Title: "Find AWS Inspector Findings with Detailed Information" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - title, - asset_attributes ->> 'AgentId' as agent_id, - asset_attributes ->> 'AmiId' as ami_id, - asset_attributes ->> 'Hostname' as hostname, - asset_attributes ->> 'Tags' as tags - from - aws_inspector_finding; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n title,\n asset_attributes ->> 'AgentId' as agent_id,\n\ + \ asset_attributes ->> 'AmiId' as ami_id,\n asset_attributes ->> 'Hostname'\ + \ as hostname,\n asset_attributes ->> 'Tags' as tags\nfrom\n aws_inspector_finding;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Inspector +Title: Find AWS Inspector Findings with Detailed Information diff --git a/queries/aws_inspector_finding_7.yaml b/queries/aws_inspector_finding_7.yaml index bf7c68346..a19f6e807 100755 --- a/queries/aws_inspector_finding_7.yaml +++ b/queries/aws_inspector_finding_7.yaml @@ -1,37 +1,27 @@ +Description: Allows users to query AWS Inspector Findings to obtain detailed information + about the Amazon Inspector findings that are generated during the assessment of + the target applications. ID: aws_inspector_finding_7 -Title: "List all High Severity AWS Inspector Findings" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct i.instance_id, - i.instance_state, - i.instance_type, - f.title, - f.service, - f.severity, - f.confidence - from - aws_ec2_instance as i, - aws_inspector_finding as f - where - severity = 'High' - and - i.instance_id = f.agent_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n distinct i.instance_id,\n i.instance_state,\n i.instance_type,\n\ + \ f.title,\n f.service,\n f.severity,\n f.confidence\nfrom\n aws_ec2_instance\ + \ as i,\n aws_inspector_finding as f\nwhere\n severity = 'High'\nand\n i.instance_id\ + \ = f.agent_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Inspector +Title: List all High Severity AWS Inspector Findings diff --git a/queries/aws_inspector_finding_8.yaml b/queries/aws_inspector_finding_8.yaml index eef4adf4a..f0f76ee24 100755 --- a/queries/aws_inspector_finding_8.yaml +++ b/queries/aws_inspector_finding_8.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS Inspector Findings to obtain detailed information + about the Amazon Inspector findings that are generated during the assessment of + the target applications. ID: aws_inspector_finding_8 -Title: "Find all Detailed Information on AWS Inspector Findings" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - title, - service_attributes ->> 'AssessmentRunArn' as assessment_run_arn, - service_attributes ->> 'RulesPackageArn' as rules_package_arn, - service_attributes ->> 'SchemaVersion' as schema_version, - from - aws_inspector_finding; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n title,\n service_attributes ->> 'AssessmentRunArn'\ + \ as assessment_run_arn,\n service_attributes ->> 'RulesPackageArn' as rules_package_arn,\n\ + \ service_attributes ->> 'SchemaVersion' as schema_version,\nfrom\n aws_inspector_finding;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Inspector +Title: Find all Detailed Information on AWS Inspector Findings diff --git a/queries/aws_inspector_finding_9.yaml b/queries/aws_inspector_finding_9.yaml index c5c84b8ba..e7bd06146 100755 --- a/queries/aws_inspector_finding_9.yaml +++ b/queries/aws_inspector_finding_9.yaml @@ -1,31 +1,25 @@ +Description: Allows users to query AWS Inspector Findings to obtain detailed information + about the Amazon Inspector findings that are generated during the assessment of + the target applications. ID: aws_inspector_finding_9 -Title: "Find AWS Inspector Findings with Detailed Information" -Description: "Allows users to query AWS Inspector Findings to obtain detailed information about the Amazon Inspector findings that are generated during the assessment of the target applications." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.id, - r.title, - f.service_attributes ->> 'AssessmentRunArn' as assessment_run_arn, - r.assessment_template_arn, - r.finding_counts - from - aws_inspector_finding as f, - aws_inspector_assessment_run as r - where - f.service_attributes ->> 'AssessmentRunArn' = r.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n f.id,\n r.title,\n f.service_attributes ->> 'AssessmentRunArn'\ + \ as assessment_run_arn,\n r.assessment_template_arn,\n r.finding_counts\nfrom\n\ + \ aws_inspector_finding as f,\n aws_inspector_assessment_run as r\nwhere\n \ + \ f.service_attributes ->> 'AssessmentRunArn' = r.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Inspector +Title: Find AWS Inspector Findings with Detailed Information diff --git a/queries/aws_iot_fleet_metric_1.yaml b/queries/aws_iot_fleet_metric_1.yaml index 0de0c456f..6534de881 100755 --- a/queries/aws_iot_fleet_metric_1.yaml +++ b/queries/aws_iot_fleet_metric_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS IoT Fleet Metrics to gain insights into each + fleet metric''s configuration, including ARN, creation date, and aggregation information. ID: aws_iot_fleet_metric_1 -Title: "List all AWS IoT Fleet Metrics with details" -Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - arn, - index_name, - creation_date, - last_modified_date - from - aws_iot_fleet_metric; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n metric_name,\n arn,\n index_name,\n creation_date,\n\ + \ last_modified_date\nfrom\n aws_iot_fleet_metric;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IoT Fleet Metrics +Title: List all AWS IoT Fleet Metrics with details diff --git a/queries/aws_iot_fleet_metric_2.yaml b/queries/aws_iot_fleet_metric_2.yaml index a81abd763..1bb8004e2 100755 --- a/queries/aws_iot_fleet_metric_2.yaml +++ b/queries/aws_iot_fleet_metric_2.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS IoT Fleet Metrics to gain insights into each + fleet metric''s configuration, including ARN, creation date, and aggregation information. ID: aws_iot_fleet_metric_2 -Title: "List all AWS IoT Fleet Metrics Configuration and Aggregation" -Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - aggregation_field, - creation_date, - aggregation_type_name, - query_string - from - aws_iot_fleet_metric - group by - aggregation_type_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n metric_name,\n aggregation_field,\n creation_date,\n\ + \ aggregation_type_name,\n query_string\nfrom\n aws_iot_fleet_metric\ngroup\ + \ by\n aggregation_type_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IoT Fleet Metrics +Title: List all AWS IoT Fleet Metrics Configuration and Aggregation diff --git a/queries/aws_iot_fleet_metric_3.yaml b/queries/aws_iot_fleet_metric_3.yaml index f3a1b34fa..1c68dd12f 100755 --- a/queries/aws_iot_fleet_metric_3.yaml +++ b/queries/aws_iot_fleet_metric_3.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS IoT Fleet Metrics to gain insights into each + fleet metric''s configuration, including ARN, creation date, and aggregation information. ID: aws_iot_fleet_metric_3 -Title: "List all AWS IoT Fleet Metrics with Details from Last 30 Days" -Description: "Allows users to query AWS IoT Fleet Metrics to gain insights into each fleet metric''s configuration, including ARN, creation date, and aggregation information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - metric_name, - index_name, - creation_date, - last_modified_date, - query_version, - version - from - aws_iot_fleet_metric - where - last_modified_date >= now() - interval '30 days'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n metric_name,\n index_name,\n creation_date,\n last_modified_date,\n\ + \ query_version,\n version\nfrom\n aws_iot_fleet_metric\nwhere\n last_modified_date\ + \ >= now() - interval '30 days';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS IoT Fleet Metrics +Title: List all AWS IoT Fleet Metrics with Details from Last 30 Days diff --git a/queries/aws_iot_thing_1.yaml b/queries/aws_iot_thing_1.yaml index 2ab33822a..676f5e1e1 100755 --- a/queries/aws_iot_thing_1.yaml +++ b/queries/aws_iot_thing_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Internet of Things to retrieve detailed information + about the the virtual model of a physical device with in an AWS account. ID: aws_iot_thing_1 -Title: "List all IoT Things with Details from AWS Account" -Description: "Allows users to query AWS Internet of Things to retrieve detailed information about the the virtual model of a physical device with in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_name, - thing_id, - arn, - thing_type_name, - version - from - aws_iot_thing; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n thing_name,\n thing_id,\n arn,\n thing_type_name,\n\ + \ version\nfrom\n aws_iot_thing;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Internet of Things +Title: List all IoT Things with Details from AWS Account diff --git a/queries/aws_iot_thing_2.yaml b/queries/aws_iot_thing_2.yaml index 792c8cd08..10e2b5c05 100755 --- a/queries/aws_iot_thing_2.yaml +++ b/queries/aws_iot_thing_2.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS Internet of Things to retrieve detailed information + about the the virtual model of a physical device with in an AWS account. ID: aws_iot_thing_2 -Title: "Find AWS IoT details for virtual device models" -Description: "Allows users to query AWS Internet of Things to retrieve detailed information about the the virtual model of a physical device with in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_name, - thing_id, - arn, - thing_type_name, - version - from - aws_iot_thing - where - attribute_name = 'foo'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n thing_name,\n thing_id,\n arn,\n thing_type_name,\n\ + \ version\nfrom\n aws_iot_thing\nwhere\n attribute_name = 'foo';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS IoT +Title: Find AWS IoT details for virtual device models diff --git a/queries/aws_iot_thing_3.yaml b/queries/aws_iot_thing_3.yaml index 3c410a74a..b25e6e7ad 100755 --- a/queries/aws_iot_thing_3.yaml +++ b/queries/aws_iot_thing_3.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS Internet of Things to retrieve detailed information + about the the virtual model of a physical device with in an AWS account. ID: aws_iot_thing_3 -Title: "List all AWS IoT things and attribute value details" -Description: "Allows users to query AWS Internet of Things to retrieve detailed information about the the virtual model of a physical device with in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_name, - arn, - thing_id, - thing_type_name, - attribute_value - from - aws_iot_thing - where - thing_type_name = 'foo'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n thing_name,\n arn,\n thing_id,\n thing_type_name,\n\ + \ attribute_value\nfrom\n aws_iot_thing\nwhere\n thing_type_name = 'foo';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Internet of Things +Title: List all AWS IoT things and attribute value details diff --git a/queries/aws_iot_thing_group_1.yaml b/queries/aws_iot_thing_group_1.yaml index 6326d2f42..6e6404b2b 100755 --- a/queries/aws_iot_thing_group_1.yaml +++ b/queries/aws_iot_thing_group_1.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS IoT Thing Group to gain insights into each + group''s configuration, including ARN, creation date, version of the group, and + parent of the groups. ID: aws_iot_thing_group_1 -Title: "List insights into AWS IoT Thing Group configuration" -Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - group_name, - thing_group_id, - thing_group_description, - arn, - creation_date, - parent_group_name - from - aws_iot_thing_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n group_name,\n thing_group_id,\n thing_group_description,\n\ + \ arn,\n creation_date,\n parent_group_name\nfrom\n aws_iot_thing_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IoT +Title: List insights into AWS IoT Thing Group configuration diff --git a/queries/aws_iot_thing_group_2.yaml b/queries/aws_iot_thing_group_2.yaml index 5554ca1eb..a05d79c44 100755 --- a/queries/aws_iot_thing_group_2.yaml +++ b/queries/aws_iot_thing_group_2.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS IoT Thing Group to gain insights into each + group''s configuration, including ARN, creation date, version of the group, and + parent of the groups. ID: aws_iot_thing_group_2 -Title: "List all AWS IoT Thing Group Configurations" -Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - group_name, - thing_group_id, - creation_date, - parent_group_name, - version - from - aws_iot_thing_group - where - parent_group_name = 'foo'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n group_name,\n thing_group_id,\n creation_date,\n parent_group_name,\n\ + \ version\nfrom\n aws_iot_thing_group\nwhere\n parent_group_name = 'foo';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS IoT +Title: List all AWS IoT Thing Group Configurations diff --git a/queries/aws_iot_thing_group_3.yaml b/queries/aws_iot_thing_group_3.yaml index e213499c7..8e62c089c 100755 --- a/queries/aws_iot_thing_group_3.yaml +++ b/queries/aws_iot_thing_group_3.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS IoT Thing Group to gain insights into each + group''s configuration, including ARN, creation date, version of the group, and + parent of the groups. ID: aws_iot_thing_group_3 -Title: "List all AWS IoT Thing Group Configurations" -Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - group_name, - thing_group_id, - parent_group_name, - creation_date, - status - from - aws_iot_thing_group - where - creation_date >= now() - interval '30 days'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n group_name,\n thing_group_id,\n parent_group_name,\n\ + \ creation_date,\n status\nfrom\n aws_iot_thing_group\nwhere\n creation_date\ + \ >= now() - interval '30 days';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IoT +Title: List all AWS IoT Thing Group Configurations diff --git a/queries/aws_iot_thing_group_4.yaml b/queries/aws_iot_thing_group_4.yaml index 9219b861e..d2bfc9605 100755 --- a/queries/aws_iot_thing_group_4.yaml +++ b/queries/aws_iot_thing_group_4.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS IoT Thing Group to gain insights into each + group''s configuration, including ARN, creation date, version of the group, and + parent of the groups. ID: aws_iot_thing_group_4 -Title: "Find AWS IoT Thing Group Configurations and Details" -Description: "Allows users to query AWS IoT Thing Group to gain insights into each group''s configuration, including ARN, creation date, version of the group, and parent of the groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - group_name, - thing_group_id, - query_string, - query_version, - status - from - aws_iot_thing_group - where - status = 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n group_name,\n thing_group_id,\n query_string,\n query_version,\n\ + \ status\nfrom\n aws_iot_thing_group\nwhere\n status = 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS IoT Thing Group +Title: Find AWS IoT Thing Group Configurations and Details diff --git a/queries/aws_iot_thing_type_1.yaml b/queries/aws_iot_thing_type_1.yaml index 0c9e7d26d..043bdefbb 100755 --- a/queries/aws_iot_thing_type_1.yaml +++ b/queries/aws_iot_thing_type_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS IoT Thing Type to gain insights into each thing + type''s configuration, including ARN, name, creation date, and deprecation status. ID: aws_iot_thing_type_1 -Title: "Find all AWS IoT Thing Types and Configurations" -Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_type_name, - arn, - thing_type_id, - thing_type_description, - creation_date - from - aws_iot_thing_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n thing_type_name,\n arn,\n thing_type_id,\n thing_type_description,\n\ + \ creation_date\nfrom\n aws_iot_thing_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IoT +Title: Find all AWS IoT Thing Types and Configurations diff --git a/queries/aws_iot_thing_type_2.yaml b/queries/aws_iot_thing_type_2.yaml index 609b8650e..5b693e9f6 100755 --- a/queries/aws_iot_thing_type_2.yaml +++ b/queries/aws_iot_thing_type_2.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS IoT Thing Type to gain insights into each thing + type''s configuration, including ARN, name, creation date, and deprecation status. ID: aws_iot_thing_type_2 -Title: "List AWS IoT Thing Types and Their Configurations" -Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_type_name, - arn, - thing_type_id, - thing_type_description, - creation_date, - deprecated - from - aws_iot_thing_type - where - deprecated; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n thing_type_name,\n arn,\n thing_type_id,\n thing_type_description,\n\ + \ creation_date,\n deprecated\nfrom\n aws_iot_thing_type\nwhere\n deprecated;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS IoT Thing Type +Title: List AWS IoT Thing Types and Their Configurations diff --git a/queries/aws_iot_thing_type_3.yaml b/queries/aws_iot_thing_type_3.yaml index 1b06fe60d..0b9e9bd97 100755 --- a/queries/aws_iot_thing_type_3.yaml +++ b/queries/aws_iot_thing_type_3.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS IoT Thing Type to gain insights into each thing + type''s configuration, including ARN, name, creation date, and deprecation status. ID: aws_iot_thing_type_3 -Title: "List all AWS IoT Thing Types with Configuration Details" -Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_type_name, - arn, - thing_type_id, - thing_type_description, - creation_date, - deprecated, - searchable_attributes - from - aws_iot_thing_type - where - creation_date >= now() - interval '30 days'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n thing_type_name,\n arn,\n thing_type_id,\n thing_type_description,\n\ + \ creation_date,\n deprecated,\n searchable_attributes\nfrom\n aws_iot_thing_type\n\ + where\n creation_date >= now() - interval '30 days';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IoT +Title: List all AWS IoT Thing Types with Configuration Details diff --git a/queries/aws_iot_thing_type_4.yaml b/queries/aws_iot_thing_type_4.yaml index 5f468c27c..4261374e1 100755 --- a/queries/aws_iot_thing_type_4.yaml +++ b/queries/aws_iot_thing_type_4.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS IoT Thing Type to gain insights into each thing + type''s configuration, including ARN, name, creation date, and deprecation status. ID: aws_iot_thing_type_4 -Title: "Find All AWS IoT Thing Types with Configuration Insights" -Description: "Allows users to query AWS IoT Thing Type to gain insights into each thing type''s configuration, including ARN, name, creation date, and deprecation status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - thing_type_name, - arn, - thing_type_id, - creation_date, - tags, - deprecation_date - from - aws_iot_thing_type - where - deprecation_date <= now() - interval '30 days'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n thing_type_name,\n arn,\n thing_type_id,\n creation_date,\n\ + \ tags,\n deprecation_date\nfrom\n aws_iot_thing_type\nwhere\n deprecation_date\ + \ <= now() - interval '30 days';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - IoT +Title: Find All AWS IoT Thing Types with Configuration Insights diff --git a/queries/aws_kinesis_consumer_1.yaml b/queries/aws_kinesis_consumer_1.yaml index fc4d085f4..336263b24 100755 --- a/queries/aws_kinesis_consumer_1.yaml +++ b/queries/aws_kinesis_consumer_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Kinesis Consumers. This table provides information + about Kinesis Consumers within AWS Kinesis Data Streams. It enables users to gather + insights on consumers such as consumer ARN, creation timestamp, stream ARN and more. ID: aws_kinesis_consumer_1 -Title: "List All AWS Kinesis Consumers and Their Details" -Description: "Allows users to query AWS Kinesis Consumers. This table provides information about Kinesis Consumers within AWS Kinesis Data Streams. It enables users to gather insights on consumers such as consumer ARN, creation timestamp, stream ARN and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - consumer_name, - consumer_arn, - consumer_status, - stream_arn - from - aws_kinesis_consumer; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n consumer_name,\n consumer_arn,\n consumer_status,\n\ + \ stream_arn\nfrom\n aws_kinesis_consumer;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Data Streams +Title: List All AWS Kinesis Consumers and Their Details diff --git a/queries/aws_kinesis_consumer_2.yaml b/queries/aws_kinesis_consumer_2.yaml index 48a685356..53b50458c 100755 --- a/queries/aws_kinesis_consumer_2.yaml +++ b/queries/aws_kinesis_consumer_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Kinesis Consumers. This table provides information + about Kinesis Consumers within AWS Kinesis Data Streams. It enables users to gather + insights on consumers such as consumer ARN, creation timestamp, stream ARN and more. ID: aws_kinesis_consumer_2 -Title: "List all AWS Kinesis Consumers and their Status" -Description: "Allows users to query AWS Kinesis Consumers. This table provides information about Kinesis Consumers within AWS Kinesis Data Streams. It enables users to gather insights on consumers such as consumer ARN, creation timestamp, stream ARN and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - consumer_name, - consumer_status, - consumer_arn - from - aws_kinesis_consumer - where - consumer_status != 'ACTIVE' - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n consumer_name,\n consumer_status,\n consumer_arn\n\ + from\n aws_kinesis_consumer\nwhere\n consumer_status != 'ACTIVE'" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Data Streams +Title: List all AWS Kinesis Consumers and their Status diff --git a/queries/aws_kinesis_firehose_delivery_stream_1.yaml b/queries/aws_kinesis_firehose_delivery_stream_1.yaml index 8fd094526..cf08aaed7 100755 --- a/queries/aws_kinesis_firehose_delivery_stream_1.yaml +++ b/queries/aws_kinesis_firehose_delivery_stream_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Kinesis Firehose Delivery Stream data, providing + detailed information about each delivery stream in the AWS account. ID: aws_kinesis_firehose_delivery_stream_1 -Title: "List all AWS Kinesis Firehose Delivery Stream Details" -Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - delivery_stream_name, - arn, - create_timestamp, - delivery_stream_type - from - aws_kinesis_firehose_delivery_stream; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n delivery_stream_name,\n arn,\n create_timestamp,\n\ + \ delivery_stream_type\nfrom\n aws_kinesis_firehose_delivery_stream;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Firehose +Title: List all AWS Kinesis Firehose Delivery Stream Details diff --git a/queries/aws_kinesis_firehose_delivery_stream_2.yaml b/queries/aws_kinesis_firehose_delivery_stream_2.yaml index 500dfb9c2..6304a485f 100755 --- a/queries/aws_kinesis_firehose_delivery_stream_2.yaml +++ b/queries/aws_kinesis_firehose_delivery_stream_2.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Kinesis Firehose Delivery Stream data, providing + detailed information about each delivery stream in the AWS account. ID: aws_kinesis_firehose_delivery_stream_2 -Title: "List Delivery Streams for AWS Kinesis Firehose" -Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - delivery_stream_name, - arn, - delivery_stream_status, - create_timestamp, - delivery_stream_type - from - aws_kinesis_firehose_delivery_stream - where - delivery_stream_status != 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n delivery_stream_name,\n arn,\n delivery_stream_status,\n\ + \ create_timestamp,\n delivery_stream_type\nfrom\n aws_kinesis_firehose_delivery_stream\n\ + where\n delivery_stream_status != 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Firehose +Title: List Delivery Streams for AWS Kinesis Firehose diff --git a/queries/aws_kinesis_firehose_delivery_stream_3.yaml b/queries/aws_kinesis_firehose_delivery_stream_3.yaml index a8ce8cf46..13e90f9c7 100755 --- a/queries/aws_kinesis_firehose_delivery_stream_3.yaml +++ b/queries/aws_kinesis_firehose_delivery_stream_3.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Kinesis Firehose Delivery Stream data, providing + detailed information about each delivery stream in the AWS account. ID: aws_kinesis_firehose_delivery_stream_3 -Title: "List all AWS Kinesis Firehose Delivery Stream details" -Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - delivery_stream_name, - arn, - delivery_stream_status, - create_timestamp, - delivery_stream_type, - delivery_stream_encryption_configuration ->> 'Status' as encryption_status - from - aws_kinesis_firehose_delivery_stream - where - delivery_stream_encryption_configuration ->> 'Status' = 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n delivery_stream_name,\n arn,\n delivery_stream_status,\n\ + \ create_timestamp,\n delivery_stream_type,\n delivery_stream_encryption_configuration\ + \ ->> 'Status' as encryption_status\nfrom\n aws_kinesis_firehose_delivery_stream\n\ + where\n delivery_stream_encryption_configuration ->> 'Status' = 'DISABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Firehose +Title: List all AWS Kinesis Firehose Delivery Stream details diff --git a/queries/aws_kinesis_firehose_delivery_stream_4.yaml b/queries/aws_kinesis_firehose_delivery_stream_4.yaml index 9261396f5..bbb312c4b 100755 --- a/queries/aws_kinesis_firehose_delivery_stream_4.yaml +++ b/queries/aws_kinesis_firehose_delivery_stream_4.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Kinesis Firehose Delivery Stream data, providing + detailed information about each delivery stream in the AWS account. ID: aws_kinesis_firehose_delivery_stream_4 -Title: "List all AWS Kinesis Firehose Delivery Stream details" -Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - delivery_stream_name, - arn, - delivery_stream_status, - create_timestamp, - delivery_stream_type - from - aws_kinesis_firehose_delivery_stream - where - delivery_stream_type = 'DirectPut'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n delivery_stream_name,\n arn,\n delivery_stream_status,\n\ + \ create_timestamp,\n delivery_stream_type\nfrom\n aws_kinesis_firehose_delivery_stream\n\ + where\n delivery_stream_type = 'DirectPut';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Firehose +Title: List all AWS Kinesis Firehose Delivery Stream details diff --git a/queries/aws_kinesis_firehose_delivery_stream_5.yaml b/queries/aws_kinesis_firehose_delivery_stream_5.yaml index 0e0024c33..6252fa308 100755 --- a/queries/aws_kinesis_firehose_delivery_stream_5.yaml +++ b/queries/aws_kinesis_firehose_delivery_stream_5.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Kinesis Firehose Delivery Stream data, providing + detailed information about each delivery stream in the AWS account. ID: aws_kinesis_firehose_delivery_stream_5 -Title: "List all AWS Kinesis Firehose Delivery Stream details" -Description: "Allows users to query AWS Kinesis Firehose Delivery Stream data, providing detailed information about each delivery stream in the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - delivery_stream_name, - arn, - delivery_stream_status, - delivery_stream_type, - failure_description - from - aws_kinesis_firehose_delivery_stream - where - failure_description is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n delivery_stream_name,\n arn,\n delivery_stream_status,\n\ + \ delivery_stream_type,\n failure_description\nfrom\n aws_kinesis_firehose_delivery_stream\n\ + where\n failure_description is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Firehose +Title: List all AWS Kinesis Firehose Delivery Stream details diff --git a/queries/aws_kinesis_stream_1.yaml b/queries/aws_kinesis_stream_1.yaml index 593c3568b..de23f7f69 100755 --- a/queries/aws_kinesis_stream_1.yaml +++ b/queries/aws_kinesis_stream_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Kinesis Stream data, including stream name, + status, creation time, and associated tags. ID: aws_kinesis_stream_1 -Title: "List all AWS Kinesis Stream data and its details" -Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - stream_status, - consumer_count, - stream_creation_timestamp, - region - from - aws_kinesis_stream; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stream_name,\n stream_arn,\n stream_status,\n consumer_count,\n\ + \ stream_creation_timestamp,\n region\nfrom\n aws_kinesis_stream;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Stream +Title: List all AWS Kinesis Stream data and its details diff --git a/queries/aws_kinesis_stream_2.yaml b/queries/aws_kinesis_stream_2.yaml index 170912fbe..bdf8b97e3 100755 --- a/queries/aws_kinesis_stream_2.yaml +++ b/queries/aws_kinesis_stream_2.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Kinesis Stream data, including stream name, + status, creation time, and associated tags. ID: aws_kinesis_stream_2 -Title: "List Attributes of AWS Kinesis Streams Excluding Active Status" -Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - stream_status, - consumer_count, - stream_creation_timestamp, - region - from - aws_kinesis_stream - where - stream_status != 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stream_name,\n stream_arn,\n stream_status,\n consumer_count,\n\ + \ stream_creation_timestamp,\n region\nfrom\n aws_kinesis_stream\nwhere\n \ + \ stream_status != 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Stream +Title: List Attributes of AWS Kinesis Streams Excluding Active Status diff --git a/queries/aws_kinesis_stream_3.yaml b/queries/aws_kinesis_stream_3.yaml index 9d7d86afa..7fb3a928e 100755 --- a/queries/aws_kinesis_stream_3.yaml +++ b/queries/aws_kinesis_stream_3.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS Kinesis Stream data, including stream name, + status, creation time, and associated tags. ID: aws_kinesis_stream_3 -Title: "List all AWS Kinesis Streams with Consumer Count Zero" -Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - stream_status, - consumer_count, - stream_creation_timestamp, - region - from - aws_kinesis_stream - where - consumer_count = 0; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stream_name,\n stream_arn,\n stream_status,\n consumer_count,\n\ + \ stream_creation_timestamp,\n region\nfrom\n aws_kinesis_stream\nwhere\n \ + \ consumer_count = 0;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Stream +Title: List all AWS Kinesis Streams with Consumer Count Zero diff --git a/queries/aws_kinesis_stream_4.yaml b/queries/aws_kinesis_stream_4.yaml index 02c847b2d..9c65d1018 100755 --- a/queries/aws_kinesis_stream_4.yaml +++ b/queries/aws_kinesis_stream_4.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS Kinesis Stream data, including stream name, + status, creation time, and associated tags. ID: aws_kinesis_stream_4 -Title: "List AWS Kinesis Stream details including name, status, and tags" -Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - encryption_type, - key_id, - stream_creation_timestamp, - region - from - aws_kinesis_stream - where - encryption_type = 'NONE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stream_name,\n stream_arn,\n encryption_type,\n key_id,\n\ + \ stream_creation_timestamp,\n region\nfrom\n aws_kinesis_stream\nwhere\n \ + \ encryption_type = 'NONE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Stream +Title: List AWS Kinesis Stream details including name, status, and tags diff --git a/queries/aws_kinesis_stream_5.yaml b/queries/aws_kinesis_stream_5.yaml index 315984be3..4a6bf8b97 100755 --- a/queries/aws_kinesis_stream_5.yaml +++ b/queries/aws_kinesis_stream_5.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Kinesis Stream data, including stream name, + status, creation time, and associated tags. ID: aws_kinesis_stream_5 -Title: "List all AWS Kinesis Stream Data Including Creation Time" -Description: "Allows users to query AWS Kinesis Stream data, including stream name, status, creation time, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - encryption_type, - key_id, - stream_creation_timestamp, - region - from - aws_kinesis_stream - where - encryption_type != 'NONE' - and key_id = 'alias/aws/kinesis'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stream_name,\n stream_arn,\n encryption_type,\n key_id,\n\ + \ stream_creation_timestamp,\n region\nfrom\n aws_kinesis_stream\nwhere\n \ + \ encryption_type != 'NONE'\n and key_id = 'alias/aws/kinesis';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Stream +Title: List all AWS Kinesis Stream Data Including Creation Time diff --git a/queries/aws_kinesis_video_stream_1.yaml b/queries/aws_kinesis_video_stream_1.yaml index 864f034b4..35436a8f7 100755 --- a/queries/aws_kinesis_video_stream_1.yaml +++ b/queries/aws_kinesis_video_stream_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query Kinesis Video Streams to obtain metadata about + each stream, including the stream''s ARN, creation time, status, and other information. ID: aws_kinesis_video_stream_1 -Title: "List metadata for AWS Kinesis Video Streams" -Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - status, - creation_time, - region - from - aws_kinesis_video_stream; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stream_name,\n stream_arn,\n status,\n creation_time,\n\ + \ region\nfrom\n aws_kinesis_video_stream;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Video Streams +Title: List metadata for AWS Kinesis Video Streams diff --git a/queries/aws_kinesis_video_stream_2.yaml b/queries/aws_kinesis_video_stream_2.yaml index c9a1254e3..d3003759e 100755 --- a/queries/aws_kinesis_video_stream_2.yaml +++ b/queries/aws_kinesis_video_stream_2.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query Kinesis Video Streams to obtain metadata about + each stream, including the stream''s ARN, creation time, status, and other information. ID: aws_kinesis_video_stream_2 -Title: "List All Metadata of AWS Kinesis Video Streams" -Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - status, - creation_time, - region - from - aws_kinesis_video_stream - where - status != 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stream_name,\n stream_arn,\n status,\n creation_time,\n\ + \ region\nfrom\n aws_kinesis_video_stream\nwhere\n status != 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Video Streams +Title: List All Metadata of AWS Kinesis Video Streams diff --git a/queries/aws_kinesis_video_stream_3.yaml b/queries/aws_kinesis_video_stream_3.yaml index 6dd93fa35..603825836 100755 --- a/queries/aws_kinesis_video_stream_3.yaml +++ b/queries/aws_kinesis_video_stream_3.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query Kinesis Video Streams to obtain metadata about + each stream, including the stream''s ARN, creation time, status, and other information. ID: aws_kinesis_video_stream_3 -Title: "List all AWS Kinesis Video Streams with metadata" -Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - status, - kms_key_id, - creation_time, - region - from - aws_kinesis_video_stream - where - split_part(kms_key_id, ':', 6) = 'alias/aws/kinesisvideo'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stream_name,\n stream_arn,\n status,\n kms_key_id,\n\ + \ creation_time,\n region\nfrom\n aws_kinesis_video_stream\nwhere\n split_part(kms_key_id,\ + \ ':', 6) = 'alias/aws/kinesisvideo';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Video Streams +Title: List all AWS Kinesis Video Streams with metadata diff --git a/queries/aws_kinesis_video_stream_4.yaml b/queries/aws_kinesis_video_stream_4.yaml index 45321a50a..57810c913 100755 --- a/queries/aws_kinesis_video_stream_4.yaml +++ b/queries/aws_kinesis_video_stream_4.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query Kinesis Video Streams to obtain metadata about + each stream, including the stream''s ARN, creation time, status, and other information. ID: aws_kinesis_video_stream_4 -Title: "List All Kinesis Video Streams Metadata from AWS" -Description: "Allows users to query Kinesis Video Streams to obtain metadata about each stream, including the stream''s ARN, creation time, status, and other information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - stream_name, - stream_arn, - status, - creation_time, - data_retention_in_hours, - region - from - aws_kinesis_video_stream - where - data_retention_in_hours < 168; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n stream_name,\n stream_arn,\n status,\n creation_time,\n\ + \ data_retention_in_hours,\n region\nfrom\n aws_kinesis_video_stream\nwhere\n\ + \ data_retention_in_hours < 168;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Video Stream +Title: List All Kinesis Video Streams Metadata from AWS diff --git a/queries/aws_kinesisanalyticsv2_application_1.yaml b/queries/aws_kinesisanalyticsv2_application_1.yaml index 41a46b26f..63b31bb1f 100755 --- a/queries/aws_kinesisanalyticsv2_application_1.yaml +++ b/queries/aws_kinesisanalyticsv2_application_1.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Kinesis Analytics Applications to retrieve + detailed information about each application, including the name, ARN, description, + status, runtime environment, and more. ID: aws_kinesisanalyticsv2_application_1 -Title: "List AWS Kinesis Analytics Applications with Details" -Description: "Allows users to query AWS Kinesis Analytics Applications to retrieve detailed information about each application, including the name, ARN, description, status, runtime environment, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_arn, - application_version_id, - application_status, - application_description, - service_execution_role, - runtime_environment - from - aws_kinesisanalyticsv2_application; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n application_name,\n application_arn,\n application_version_id,\n\ + \ application_status,\n application_description,\n service_execution_role,\n\ + \ runtime_environment\nfrom\n aws_kinesisanalyticsv2_application;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Analytics +Title: List AWS Kinesis Analytics Applications with Details diff --git a/queries/aws_kinesisanalyticsv2_application_2.yaml b/queries/aws_kinesisanalyticsv2_application_2.yaml index eb95b6ecf..dfc009b2c 100755 --- a/queries/aws_kinesisanalyticsv2_application_2.yaml +++ b/queries/aws_kinesisanalyticsv2_application_2.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Kinesis Analytics Applications to retrieve + detailed information about each application, including the name, ARN, description, + status, runtime environment, and more. ID: aws_kinesisanalyticsv2_application_2 -Title: "Find AWS Kinesis Analytics Applications and Details" -Description: "Allows users to query AWS Kinesis Analytics Applications to retrieve detailed information about each application, including the name, ARN, description, status, runtime environment, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - application_version_id, - application_arn, - application_status - from - aws_kinesisanalyticsv2_application - where - application_version_id > 1; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n application_name,\n application_version_id,\n application_arn,\n\ + \ application_status\nfrom\n aws_kinesisanalyticsv2_application\nwhere\n application_version_id\ + \ > 1;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Analytics +Title: Find AWS Kinesis Analytics Applications and Details diff --git a/queries/aws_kinesisanalyticsv2_application_3.yaml b/queries/aws_kinesisanalyticsv2_application_3.yaml index 8c1daf641..864afe134 100755 --- a/queries/aws_kinesisanalyticsv2_application_3.yaml +++ b/queries/aws_kinesisanalyticsv2_application_3.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Kinesis Analytics Applications to retrieve + detailed information about each application, including the name, ARN, description, + status, runtime environment, and more. ID: aws_kinesisanalyticsv2_application_3 -Title: "Find AWS Kinesis Analytics Applications and Details" -Description: "Allows users to query AWS Kinesis Analytics Applications to retrieve detailed information about each application, including the name, ARN, description, status, runtime environment, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - application_name, - runtime_environment, - application_arn, - application_status - from - aws_kinesisanalyticsv2_application - where - runtime_environment = 'SQL-1_0'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n application_name,\n runtime_environment,\n application_arn,\n\ + \ application_status\nfrom\n aws_kinesisanalyticsv2_application\nwhere\n runtime_environment\ + \ = 'SQL-1_0';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Kinesis Analytics +Title: Find AWS Kinesis Analytics Applications and Details diff --git a/queries/aws_kms_alias_1.yaml b/queries/aws_kms_alias_1.yaml index 2140bc209..d64e03be1 100755 --- a/queries/aws_kms_alias_1.yaml +++ b/queries/aws_kms_alias_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS KMS aliases and retrieve information about + their associated keys, including the key ID, alias name, and alias ARN. ID: aws_kms_alias_1 -Title: "Find all AWS KMS alias details including keys" -Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - alias_name, - title, - arn, - target_key_id, - creation_date - from - aws_kms_alias; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n alias_name,\n title,\n arn,\n target_key_id,\n creation_date\n\ + from\n aws_kms_alias;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Key Management Service (KMS) +Title: Find all AWS KMS alias details including keys diff --git a/queries/aws_kms_alias_2.yaml b/queries/aws_kms_alias_2.yaml index 8e1a3d509..ba4a8b637 100755 --- a/queries/aws_kms_alias_2.yaml +++ b/queries/aws_kms_alias_2.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS KMS aliases and retrieve information about + their associated keys, including the key ID, alias name, and alias ARN. ID: aws_kms_alias_2 -Title: "Find AWS KMS Alias and Associated Keys with SQL" -Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - k.id as key_id, - k.key_rotation_enabled as key_rotation_enabled, - a.alias_name as alias_name, - a.arn as alias_arn - from - aws_kms_key as k, - aws_kms_alias as a - where - k.id = a.target_key_id and not key_rotation_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n k.id as key_id,\n k.key_rotation_enabled as key_rotation_enabled,\n\ + \ a.alias_name as alias_name,\n a.arn as alias_arn\nfrom\n aws_kms_key as k,\n\ + \ aws_kms_alias as a\nwhere\n k.id = a.target_key_id and not key_rotation_enabled;" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Key Management Service +Title: Find AWS KMS Alias and Associated Keys with SQL diff --git a/queries/aws_kms_alias_3.yaml b/queries/aws_kms_alias_3.yaml index 354534fec..9a1713e35 100755 --- a/queries/aws_kms_alias_3.yaml +++ b/queries/aws_kms_alias_3.yaml @@ -1,32 +1,25 @@ +Description: Allows users to query AWS KMS aliases and retrieve information about + their associated keys, including the key ID, alias name, and alias ARN. ID: aws_kms_alias_3 -Title: "List all AWS KMS aliases with key state pending deletion" -Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.alias_name as alias_name, - k.id as key_id, - k.key_state as key_state, - k.deletion_date as key_deletion_date - from - aws_kms_key as k, - aws_kms_alias as a - where - k.id = a.target_key_id and key_state = 'PendingDeletion'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.alias_name as alias_name,\n k.id as key_id,\n k.key_state\ + \ as key_state,\n k.deletion_date as key_deletion_date\nfrom\n aws_kms_key as\ + \ k,\n aws_kms_alias as a\nwhere\n k.id = a.target_key_id and key_state = 'PendingDeletion';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Key Management Service +Title: List all AWS KMS aliases with key state pending deletion diff --git a/queries/aws_kms_alias_4.yaml b/queries/aws_kms_alias_4.yaml index 16280e485..98314975e 100755 --- a/queries/aws_kms_alias_4.yaml +++ b/queries/aws_kms_alias_4.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS KMS aliases and retrieve information about + their associated keys, including the key ID, alias name, and alias ARN. ID: aws_kms_alias_4 -Title: "List all AWS KMS aliases and their associated keys" -Description: "Allows users to query AWS KMS aliases and retrieve information about their associated keys, including the key ID, alias name, and alias ARN." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - k.id as key_id, - count(a.alias_name) as count - from - aws_kms_key as k - left join aws_kms_alias as a - on k.id = a.target_key_id - group by - key_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n k.id as key_id,\n count(a.alias_name) as count\nfrom\n\ + \ aws_kms_key as k\n left join aws_kms_alias as a\n on k.id = a.target_key_id\n\ + group by\n key_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - KMS +Title: List all AWS KMS aliases and their associated keys diff --git a/queries/aws_kms_key_1.yaml b/queries/aws_kms_key_1.yaml index 787bc614d..4084856b5 100755 --- a/queries/aws_kms_key_1.yaml +++ b/queries/aws_kms_key_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS KMS Key data including cryptographic details, + key usage, key state, and associated metadata. ID: aws_kms_key_1 -Title: "List all AWS KMS Keys and their metadata" -Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - title, - arn, - key_manager, - creation_date - from - aws_kms_key; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n title,\n arn,\n key_manager,\n creation_date\n\ + from\n aws_kms_key;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS KMS +Title: List all AWS KMS Keys and their metadata diff --git a/queries/aws_kms_key_2.yaml b/queries/aws_kms_key_2.yaml index 51e14a82c..13da22258 100755 --- a/queries/aws_kms_key_2.yaml +++ b/queries/aws_kms_key_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS KMS Key data including cryptographic details, + key usage, key state, and associated metadata. ID: aws_kms_key_2 -Title: "Find AWS KMS Key Data with Metadata & Key Usage" -Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - key_rotation_enabled - from - aws_kms_key - where - not key_rotation_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n key_rotation_enabled\nfrom\n aws_kms_key\nwhere\n\ + \ not key_rotation_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - KMS +Title: Find AWS KMS Key Data with Metadata & Key Usage diff --git a/queries/aws_kms_key_3.yaml b/queries/aws_kms_key_3.yaml index 3b998d3c8..468c78f26 100755 --- a/queries/aws_kms_key_3.yaml +++ b/queries/aws_kms_key_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS KMS Key data including cryptographic details, + key usage, key state, and associated metadata. ID: aws_kms_key_3 -Title: "List AWS KMS Key data including cryptographic details" -Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - key_state, - deletion_date - from - aws_kms_key - where - key_state = 'PendingDeletion'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n key_state,\n deletion_date\nfrom\n aws_kms_key\n\ + where\n key_state = 'PendingDeletion';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - KMS Key +Title: List AWS KMS Key data including cryptographic details diff --git a/queries/aws_kms_key_4.yaml b/queries/aws_kms_key_4.yaml index c72bf2c84..08f8fa596 100755 --- a/queries/aws_kms_key_4.yaml +++ b/queries/aws_kms_key_4.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS KMS Key data including cryptographic details, + key usage, key state, and associated metadata. ID: aws_kms_key_4 -Title: "List all AWS KMS Key data including key state and usage" -Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - enabled as key_enabled - from - aws_kms_key - where - not enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n enabled as key_enabled\nfrom\n aws_kms_key\n\ + where\n not enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - KMS +Title: List all AWS KMS Key data including key state and usage diff --git a/queries/aws_kms_key_5.yaml b/queries/aws_kms_key_5.yaml index 4972cdd8b..72599d560 100755 --- a/queries/aws_kms_key_5.yaml +++ b/queries/aws_kms_key_5.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS KMS Key data including cryptographic details, + key usage, key state, and associated metadata. ID: aws_kms_key_5 -Title: "List all AWS KMS Key data with cryptographic details" -Description: "Allows users to query AWS KMS Key data including cryptographic details, key usage, key state, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key_manager, - count(key_manager) as count - from - aws_kms_key - group by - key_manager; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key_manager,\n count(key_manager) as count\nfrom\n \ + \ aws_kms_key\ngroup by\n key_manager;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - KMS +Title: List all AWS KMS Key data with cryptographic details diff --git a/queries/aws_kms_key_rotation_1.yaml b/queries/aws_kms_key_rotation_1.yaml index 966732a2e..4dc2520e5 100755 --- a/queries/aws_kms_key_rotation_1.yaml +++ b/queries/aws_kms_key_rotation_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS KMS Key Rotation data including the rotation + schedule, type, and associated key details. ID: aws_kms_key_rotation_1 -Title: "Find AWS KMS Key Rotation Schedule and Details" -Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key_id, - key_arn, - rotation_date, - rotation_type - from - aws_kms_key_rotation; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key_id,\n key_arn,\n rotation_date,\n rotation_type\n\ + from\n aws_kms_key_rotation;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - KMS +Title: Find AWS KMS Key Rotation Schedule and Details diff --git a/queries/aws_kms_key_rotation_2.yaml b/queries/aws_kms_key_rotation_2.yaml index 41e14c3fe..b71cc7065 100755 --- a/queries/aws_kms_key_rotation_2.yaml +++ b/queries/aws_kms_key_rotation_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS KMS Key Rotation data including the rotation + schedule, type, and associated key details. ID: aws_kms_key_rotation_2 -Title: "List all AWS KMS Key Rotation Data" -Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key_id, - key_arn, - rotation_date - from - aws_kms_key_rotation - where - rotation_date >= current_date - interval '30 days'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key_id,\n key_arn,\n rotation_date\nfrom\n aws_kms_key_rotation\n\ + where\n rotation_date >= current_date - interval '30 days';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS KMS +Title: List all AWS KMS Key Rotation Data diff --git a/queries/aws_kms_key_rotation_3.yaml b/queries/aws_kms_key_rotation_3.yaml index ffbc6f2ef..0e03bf6f1 100755 --- a/queries/aws_kms_key_rotation_3.yaml +++ b/queries/aws_kms_key_rotation_3.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS KMS Key Rotation data including the rotation + schedule, type, and associated key details. ID: aws_kms_key_rotation_3 -Title: "List AWS KMS Key Rotation Details and Schedule" -Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - akr.key_id, - ak.title, - akr.rotation_date, - akr.rotation_type, - ak.key_manager - from - aws_kms_key_rotation akr - join - aws_kms_key ak - on - akr.key_id = ak.id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n akr.key_id,\n ak.title,\n akr.rotation_date,\n akr.rotation_type,\n\ + \ ak.key_manager\nfrom\n aws_kms_key_rotation akr\njoin\n aws_kms_key ak\n\ + on\n akr.key_id = ak.id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - KMS +Title: List AWS KMS Key Rotation Details and Schedule diff --git a/queries/aws_kms_key_rotation_4.yaml b/queries/aws_kms_key_rotation_4.yaml index b29931975..a34d3eab1 100755 --- a/queries/aws_kms_key_rotation_4.yaml +++ b/queries/aws_kms_key_rotation_4.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS KMS Key Rotation data including the rotation + schedule, type, and associated key details. ID: aws_kms_key_rotation_4 -Title: "List AWS KMS Key Rotation Schedules and Types" -Description: "Allows users to query AWS KMS Key Rotation data including the rotation schedule, type, and associated key details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rotation_type, - count(key_id) as count - from - aws_kms_key_rotation - group by - rotation_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n rotation_type,\n count(key_id) as count\nfrom\n aws_kms_key_rotation\n\ + group by\n rotation_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - KMS +Title: List AWS KMS Key Rotation Schedules and Types diff --git a/queries/aws_lambda_alias_1.yaml b/queries/aws_lambda_alias_1.yaml index f753a6671..dbafdfa68 100755 --- a/queries/aws_lambda_alias_1.yaml +++ b/queries/aws_lambda_alias_1.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS Lambda Alias, providing detailed information + about each alias associated with AWS Lambda functions. ID: aws_lambda_alias_1 -Title: "List AWS Lambda Alias with detailed information" -Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - function_name, - function_version - from - aws_lambda_alias; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n function_name,\n function_version\nfrom\n \ + \ aws_lambda_alias;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Lambda +Title: List AWS Lambda Alias with detailed information diff --git a/queries/aws_lambda_alias_2.yaml b/queries/aws_lambda_alias_2.yaml index 4fdf64ea5..ee8114d8f 100755 --- a/queries/aws_lambda_alias_2.yaml +++ b/queries/aws_lambda_alias_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Lambda Alias, providing detailed information + about each alias associated with AWS Lambda functions. ID: aws_lambda_alias_2 -Title: "List all AWS Lambda Aliases with Detailed Information" -Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - function_name, - count(function_name) count - from - aws_lambda_alias - group by - function_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n function_name,\n count(function_name) count\nfrom\n\ + \ aws_lambda_alias\ngroup by\n function_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Lambda +Title: List all AWS Lambda Aliases with Detailed Information diff --git a/queries/aws_lambda_alias_3.yaml b/queries/aws_lambda_alias_3.yaml index 3d2f06270..621faced9 100755 --- a/queries/aws_lambda_alias_3.yaml +++ b/queries/aws_lambda_alias_3.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query AWS Lambda Alias, providing detailed information + about each alias associated with AWS Lambda functions. ID: aws_lambda_alias_3 -Title: "List all AWS Lambda Alias with detailed information" -Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_lambda_alias; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n jsonb_pretty(policy) as policy,\n jsonb_pretty(policy_std)\ + \ as policy_std\nfrom\n aws_lambda_alias;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: List all AWS Lambda Alias with detailed information diff --git a/queries/aws_lambda_alias_4.yaml b/queries/aws_lambda_alias_4.yaml index 66e1e8fda..eb0b0c7e3 100755 --- a/queries/aws_lambda_alias_4.yaml +++ b/queries/aws_lambda_alias_4.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS Lambda Alias, providing detailed information + about each alias associated with AWS Lambda functions. ID: aws_lambda_alias_4 -Title: "List all AWS Lambda Aliases and Configuration" -Description: "Allows users to query AWS Lambda Alias, providing detailed information about each alias associated with AWS Lambda functions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - function_name, - jsonb_pretty(url_config) as url_config - from - aws_lambda_alias; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n function_name,\n jsonb_pretty(url_config) as\ + \ url_config\nfrom\n aws_lambda_alias;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Lambda +Title: List all AWS Lambda Aliases and Configuration diff --git a/queries/aws_lambda_event_source_mapping_1.yaml b/queries/aws_lambda_event_source_mapping_1.yaml index e39d90a8e..27915d5f5 100755 --- a/queries/aws_lambda_event_source_mapping_1.yaml +++ b/queries/aws_lambda_event_source_mapping_1.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS Lambda Event Source Mappings, providing a detailed + view of each mapping configuration. ID: aws_lambda_event_source_mapping_1 -Title: "List AWS Lambda Event Source Mappings with Config Details" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - function_arn, - function_name, - last_processing_result, - parallelization_factor, - state, - destination_config - from - aws_lambda_event_source_mapping; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n function_arn,\n function_name,\n last_processing_result,\n\ + \ parallelization_factor,\n state,\n destination_config\nfrom\n aws_lambda_event_source_mapping;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: List AWS Lambda Event Source Mappings with Config Details diff --git a/queries/aws_lambda_event_source_mapping_2.yaml b/queries/aws_lambda_event_source_mapping_2.yaml index 632519dd3..821331c54 100755 --- a/queries/aws_lambda_event_source_mapping_2.yaml +++ b/queries/aws_lambda_event_source_mapping_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Lambda Event Source Mappings, providing a detailed + view of each mapping configuration. ID: aws_lambda_event_source_mapping_2 -Title: "Find AWS Lambda Event Source Mappings with SQL" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - function_name, - state, - last_modified, - state_transition_reason - from - aws_lambda_event_source_mapping - where - state = 'Disabled'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n function_name,\n state,\n last_modified,\n state_transition_reason\n\ + from\n aws_lambda_event_source_mapping\nwhere\n state = 'Disabled';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: Find AWS Lambda Event Source Mappings with SQL diff --git a/queries/aws_lambda_event_source_mapping_3.yaml b/queries/aws_lambda_event_source_mapping_3.yaml index ffb24f6c0..d28b56f00 100755 --- a/queries/aws_lambda_event_source_mapping_3.yaml +++ b/queries/aws_lambda_event_source_mapping_3.yaml @@ -1,23 +1,20 @@ +Description: Allows users to query AWS Lambda Event Source Mappings, providing a detailed + view of each mapping configuration. ID: aws_lambda_event_source_mapping_3 -Title: "Find AWS Lambda Event Source Mappings with SQL" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - function_name, - jsonb_array_elements_text(jsonb_extract_path(self_managed_event_source, 'Endpoints', 'KAFKA_BOOTSTRAP_SERVERS')) - from - aws_lambda_event_source_mapping; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n function_name,\n jsonb_array_elements_text(jsonb_extract_path(self_managed_event_source,\ + \ 'Endpoints', 'KAFKA_BOOTSTRAP_SERVERS'))\nfrom\n aws_lambda_event_source_mapping;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: Find AWS Lambda Event Source Mappings with SQL diff --git a/queries/aws_lambda_event_source_mapping_4.yaml b/queries/aws_lambda_event_source_mapping_4.yaml index 4799b1e05..3cc46afb0 100755 --- a/queries/aws_lambda_event_source_mapping_4.yaml +++ b/queries/aws_lambda_event_source_mapping_4.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Lambda Event Source Mappings, providing a detailed + view of each mapping configuration. ID: aws_lambda_event_source_mapping_4 -Title: "Find AWS Lambda Event Source Mappings and Configurations" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - uuid, - arn, - a ->> 'Type' as source_access_type, - a ->> 'URL' as source_access_url - from - aws_lambda_event_source_mapping, - jsonb_array_elements(source_access_configurations) as a; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n uuid,\n arn,\n a ->> 'Type' as source_access_type,\n\ + \ a ->> 'URL' as source_access_url\nfrom\n aws_lambda_event_source_mapping,\n\ + \ jsonb_array_elements(source_access_configurations) as a;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: Find AWS Lambda Event Source Mappings and Configurations diff --git a/queries/aws_lambda_event_source_mapping_5.yaml b/queries/aws_lambda_event_source_mapping_5.yaml index 1e6f6d4b8..7aa2b0c24 100755 --- a/queries/aws_lambda_event_source_mapping_5.yaml +++ b/queries/aws_lambda_event_source_mapping_5.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS Lambda Event Source Mappings, providing a detailed + view of each mapping configuration. ID: aws_lambda_event_source_mapping_5 -Title: "List all AWS Lambda Event Source Mappings with Details" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - uuid, - arn, - scaling_config ->> 'MaximumConcurrency' as maximum_concurrency - from - aws_lambda_event_source_mapping; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n uuid,\n arn,\n scaling_config ->> 'MaximumConcurrency'\ + \ as maximum_concurrency\nfrom\n aws_lambda_event_source_mapping;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: List all AWS Lambda Event Source Mappings with Details diff --git a/queries/aws_lambda_event_source_mapping_6.yaml b/queries/aws_lambda_event_source_mapping_6.yaml index 1130d0276..ab46bb159 100755 --- a/queries/aws_lambda_event_source_mapping_6.yaml +++ b/queries/aws_lambda_event_source_mapping_6.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Lambda Event Source Mappings, providing a detailed + view of each mapping configuration. ID: aws_lambda_event_source_mapping_6 -Title: "List all AWS Lambda Event Source Mappings and Configs" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - uuid, - function_name, - destination_config ->> 'OnFailure' as on_failure, - destination_config ->> 'OnSuccess' as on_success - from - aws_lambda_event_source_mapping; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n uuid,\n function_name,\n destination_config ->> 'OnFailure'\ + \ as on_failure,\n destination_config ->> 'OnSuccess' as on_success\nfrom\n \ + \ aws_lambda_event_source_mapping;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: List all AWS Lambda Event Source Mappings and Configs diff --git a/queries/aws_lambda_event_source_mapping_7.yaml b/queries/aws_lambda_event_source_mapping_7.yaml index 0ea614f37..c1420548b 100755 --- a/queries/aws_lambda_event_source_mapping_7.yaml +++ b/queries/aws_lambda_event_source_mapping_7.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Lambda Event Source Mappings, providing a detailed + view of each mapping configuration. ID: aws_lambda_event_source_mapping_7 -Title: "Find AWS Lambda Event Source Mappings Configurations" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - uuid, - arn, - function_arn, - state, - filter ->> 'Pattern' as filter_criteria_pattern - from - aws_lambda_event_source_mapping, - jsonb_array_elements(filter_criteria -> 'Filters') as filter - where - filter ->> 'Pattern' like '{ \"Metadata\" : [ 1, 2 ]}'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n uuid,\n arn,\n function_arn,\n state,\n filter ->>\ + \ 'Pattern' as filter_criteria_pattern\nfrom\n aws_lambda_event_source_mapping,\n\ + \ jsonb_array_elements(filter_criteria -> 'Filters') as filter\nwhere\n filter\ + \ ->> 'Pattern' like '{ \\\"Metadata\\\" : [ 1, 2 ]}';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Lambda +Title: Find AWS Lambda Event Source Mappings Configurations diff --git a/queries/aws_lambda_event_source_mapping_8.yaml b/queries/aws_lambda_event_source_mapping_8.yaml index d2db54ffe..472deb707 100755 --- a/queries/aws_lambda_event_source_mapping_8.yaml +++ b/queries/aws_lambda_event_source_mapping_8.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS Lambda Event Source Mappings, providing a detailed + view of each mapping configuration. ID: aws_lambda_event_source_mapping_8 -Title: "Find AWS Lambda Event Source Mappings Configuration" -Description: "Allows users to query AWS Lambda Event Source Mappings, providing a detailed view of each mapping configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - m.arn, - m.function_arn, - f.runtime, - f.handler, - f.architectures - from - aws_lambda_event_source_mapping as m, - aws_lambda_function as f - where - f.name = m.function_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n m.arn,\n m.function_arn,\n f.runtime,\n f.handler,\n\ + \ f.architectures\nfrom\n aws_lambda_event_source_mapping as m,\n aws_lambda_function\ + \ as f\nwhere\n f.name = m.function_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: Find AWS Lambda Event Source Mappings Configuration diff --git a/queries/aws_lambda_function_1.yaml b/queries/aws_lambda_function_1.yaml index 04835a1db..f92e14a55 100755 --- a/queries/aws_lambda_function_1.yaml +++ b/queries/aws_lambda_function_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Lambda Functions, providing information about + each function''s configuration, including runtime, code size, timeout, and associated + tags. ID: aws_lambda_function_1 -Title: "List AWS Lambda Function Configurations via SQL" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - handler, - kms_key_arn - from - aws_lambda_function; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n handler,\n kms_key_arn\nfrom\n aws_lambda_function;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: List AWS Lambda Function Configurations via SQL diff --git a/queries/aws_lambda_function_10.yaml b/queries/aws_lambda_function_10.yaml index 354cccc10..685880a9b 100755 --- a/queries/aws_lambda_function_10.yaml +++ b/queries/aws_lambda_function_10.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Lambda Functions, providing information about + each function''s configuration, including runtime, code size, timeout, and associated + tags. ID: aws_lambda_function_10 -Title: "Find AWS Lambda Functions with Specific Tracing Config" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - jsonb_pretty(tracing_config) as tracing_config - from - aws_lambda_function - where - tracing_config ->> 'Mode' = 'PassThrough'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n jsonb_pretty(tracing_config) as tracing_config\n\ + from\n aws_lambda_function\nwhere\n tracing_config ->> 'Mode' = 'PassThrough';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: Find AWS Lambda Functions with Specific Tracing Config diff --git a/queries/aws_lambda_function_2.yaml b/queries/aws_lambda_function_2.yaml index 14ea3a27a..9b7b8df0f 100755 --- a/queries/aws_lambda_function_2.yaml +++ b/queries/aws_lambda_function_2.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Lambda Functions, providing information about + each function''s configuration, including runtime, code size, timeout, and associated + tags. ID: aws_lambda_function_2 -Title: "Find AWS Lambda Functions Without KMS Key ARN" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - kms_key_arn - from - aws_lambda_function - where - kms_key_arn is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n kms_key_arn\nfrom\n aws_lambda_function\nwhere\n\ + \ kms_key_arn is null;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda Functions +Title: Find AWS Lambda Functions Without KMS Key ARN diff --git a/queries/aws_lambda_function_3.yaml b/queries/aws_lambda_function_3.yaml index 96bd90cfa..bdbdb3641 100755 --- a/queries/aws_lambda_function_3.yaml +++ b/queries/aws_lambda_function_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Lambda Functions, providing information about + each function''s configuration, including runtime, code size, timeout, and associated + tags. ID: aws_lambda_function_3 -Title: "List all AWS Lambda Functions with Runtime Details" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - runtime, - count(*) - from - aws_lambda_function - group by - runtime; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n runtime,\n count(*)\nfrom\n aws_lambda_function\ngroup\ + \ by\n runtime;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: List all AWS Lambda Functions with Runtime Details diff --git a/queries/aws_lambda_function_4.yaml b/queries/aws_lambda_function_4.yaml index 69f445c69..4a91d18bf 100755 --- a/queries/aws_lambda_function_4.yaml +++ b/queries/aws_lambda_function_4.yaml @@ -1,32 +1,25 @@ +Description: Allows users to query AWS Lambda Functions, providing information about + each function''s configuration, including runtime, code size, timeout, and associated + tags. ID: aws_lambda_function_4 -Title: "List AWS Lambda Functions with Logs Retention Less Than 30 Days" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - fn.name, - lg.name, - lg.retention_in_days - from - aws_lambda_function as fn - inner join aws_cloudwatch_log_group as lg on ( - (lg.name = '/aws/lambda/') - or (lg.name = fn.name) - ) - where - lg.retention_in_days < 30; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n fn.name,\n lg.name,\n lg.retention_in_days\nfrom\n\ + \ aws_lambda_function as fn\n inner join aws_cloudwatch_log_group as lg on (\n\ + \ (lg.name = '/aws/lambda/')\n or (lg.name = fn.name)\n )\nwhere\n lg.retention_in_days\ + \ < 30;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Lambda +Title: List AWS Lambda Functions with Logs Retention Less Than 30 Days diff --git a/queries/aws_lambda_function_5.yaml b/queries/aws_lambda_function_5.yaml index 2d875388c..b4f94c19f 100755 --- a/queries/aws_lambda_function_5.yaml +++ b/queries/aws_lambda_function_5.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query AWS Lambda Functions, providing information about + each function''s configuration, including runtime, code size, timeout, and associated + tags. ID: aws_lambda_function_5 -Title: "List all AWS Lambda Functions with Configuration Details" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - fn.name, - fn.region, - count (availability_zone) as zone_count - from - aws_lambda_function as fn - cross join jsonb_array_elements_text(vpc_subnet_ids) as vpc_subnet - join aws_vpc_subnet as sub on sub.subnet_id = vpc_subnet - group by - fn.name, - fn.region - order by - zone_count; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n fn.name,\n fn.region,\n count (availability_zone) as\ + \ zone_count\nfrom\n aws_lambda_function as fn\n cross join jsonb_array_elements_text(vpc_subnet_ids)\ + \ as vpc_subnet\n join aws_vpc_subnet as sub on sub.subnet_id = vpc_subnet\n\ + group by\n fn.name,\n fn.region\norder by\n zone_count;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda Function +Title: List all AWS Lambda Functions with Configuration Details diff --git a/queries/aws_lambda_function_6.yaml b/queries/aws_lambda_function_6.yaml index 465b1cc85..ec435f584 100755 --- a/queries/aws_lambda_function_6.yaml +++ b/queries/aws_lambda_function_6.yaml @@ -1,40 +1,28 @@ +Description: Allows users to query AWS Lambda Functions, providing information about + each function''s configuration, including runtime, code size, timeout, and associated + tags. ID: aws_lambda_function_6 -Title: "Find AWS Lambda Functions and IAM Actions" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.name, - f.role, - a.action, - a.access_level, - a.description - from - aws_lambda_function as f, - aws_iam_role as r, - jsonb_array_elements_text(r.attached_policy_arns) as pol_arn, - aws_iam_policy as p, - jsonb_array_elements(p.policy_std -> 'Statement') as stmt, - jsonb_array_elements_text(stmt -> 'Action') as action_glob, - glob(action_glob) as action_regex - join aws_iam_action a ON a.action LIKE action_regex - where - f.role = r.arn - and pol_arn = p.arn - and stmt ->> 'Effect' = 'Allow' - and f.name = 'hellopython'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n f.name,\n f.role,\n a.action,\n a.access_level,\n\ + \ a.description\nfrom\n aws_lambda_function as f,\n aws_iam_role as r,\n jsonb_array_elements_text(r.attached_policy_arns)\ + \ as pol_arn,\n aws_iam_policy as p,\n jsonb_array_elements(p.policy_std ->\ + \ 'Statement') as stmt,\n jsonb_array_elements_text(stmt -> 'Action') as action_glob,\n\ + \ glob(action_glob) as action_regex\n join aws_iam_action a ON a.action LIKE\ + \ action_regex\nwhere\n f.role = r.arn\n and pol_arn = p.arn\n and stmt ->>\ + \ 'Effect' = 'Allow'\n and f.name = 'hellopython';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda Function +Title: Find AWS Lambda Functions and IAM Actions diff --git a/queries/aws_lambda_function_7.yaml b/queries/aws_lambda_function_7.yaml index 105e4e07c..4cff911b4 100755 --- a/queries/aws_lambda_function_7.yaml +++ b/queries/aws_lambda_function_7.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Lambda Functions, providing information about + each function''s configuration, including runtime, code size, timeout, and associated + tags. ID: aws_lambda_function_7 -Title: "Find all AWS Lambda Functions with Missing DLQ" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - dead_letter_config_target_arn - from - aws_lambda_function - where - dead_letter_config_target_arn is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n dead_letter_config_target_arn\nfrom\n aws_lambda_function\n\ + where\n dead_letter_config_target_arn is null;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Lambda +Title: Find all AWS Lambda Functions with Missing DLQ diff --git a/queries/aws_lambda_function_8.yaml b/queries/aws_lambda_function_8.yaml index ab1c3d12b..58598e32b 100755 --- a/queries/aws_lambda_function_8.yaml +++ b/queries/aws_lambda_function_8.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Lambda Functions, providing information about + each function''s configuration, including runtime, code size, timeout, and associated + tags. ID: aws_lambda_function_8 -Title: "Find AWS Lambda Function Configuration and Details" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - runtime, - handler, - architectures - from - aws_lambda_function; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n runtime,\n handler,\n architectures\nfrom\n\ + \ aws_lambda_function;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Lambda +Title: Find AWS Lambda Function Configuration and Details diff --git a/queries/aws_lambda_function_9.yaml b/queries/aws_lambda_function_9.yaml index 6421197ff..38cb6bc05 100755 --- a/queries/aws_lambda_function_9.yaml +++ b/queries/aws_lambda_function_9.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS Lambda Functions, providing information about + each function''s configuration, including runtime, code size, timeout, and associated + tags. ID: aws_lambda_function_9 -Title: "List all AWS Lambda Function Configurations" -Description: "Allows users to query AWS Lambda Functions, providing information about each function''s configuration, including runtime, code size, timeout, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - jsonb_pretty(url_config) as url_config - from - aws_lambda_function; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n jsonb_pretty(url_config) as url_config\n\ + from\n aws_lambda_function;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda Function +Title: List all AWS Lambda Function Configurations diff --git a/queries/aws_lambda_function_metric_duration_daily_1.yaml b/queries/aws_lambda_function_metric_duration_daily_1.yaml index 5bf3dfe72..c730ff7f3 100755 --- a/queries/aws_lambda_function_metric_duration_daily_1.yaml +++ b/queries/aws_lambda_function_metric_duration_daily_1.yaml @@ -1,30 +1,20 @@ +Description: Allows users to query AWS Lambda Function daily duration metrics. ID: aws_lambda_function_metric_duration_daily_1 -Title: "Find AWS Lambda Function Daily Duration Metrics" -Description: "Allows users to query AWS Lambda Function daily duration metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_lambda_function_metric_duration_daily - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sample_count\nfrom\n aws_lambda_function_metric_duration_daily\norder by\n\ + \ name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Lambda +Title: Find AWS Lambda Function Daily Duration Metrics diff --git a/queries/aws_lambda_function_metric_duration_daily_2.yaml b/queries/aws_lambda_function_metric_duration_daily_2.yaml index 463134eac..2f3021561 100755 --- a/queries/aws_lambda_function_metric_duration_daily_2.yaml +++ b/queries/aws_lambda_function_metric_duration_daily_2.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query AWS Lambda Function daily duration metrics. ID: aws_lambda_function_metric_duration_daily_2 -Title: "Find AWS Lambda Function Daily Duration Metrics" -Description: "Allows users to query AWS Lambda Function daily duration metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - round(minimum::numeric,2) as min_duration, - round(maximum::numeric,2) as max_duration, - round(average::numeric,2) as avg_duration, - sample_count - from - aws_lambda_function_metric_duration_daily - where maximum > 100 - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n timestamp,\n round(minimum::numeric,2) as min_duration,\n\ + \ round(maximum::numeric,2) as max_duration,\n round(average::numeric,2) as\ + \ avg_duration,\n sample_count\nfrom\n aws_lambda_function_metric_duration_daily\n\ + where maximum > 100\norder by\n name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Lambda +Title: Find AWS Lambda Function Daily Duration Metrics diff --git a/queries/aws_lambda_function_metric_duration_daily_3.yaml b/queries/aws_lambda_function_metric_duration_daily_3.yaml index 0a79a2152..d32bd24f2 100755 --- a/queries/aws_lambda_function_metric_duration_daily_3.yaml +++ b/queries/aws_lambda_function_metric_duration_daily_3.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query AWS Lambda Function daily duration metrics. ID: aws_lambda_function_metric_duration_daily_3 -Title: "Find AWS Lambda Function Daily Duration Metrics" -Description: "Allows users to query AWS Lambda Function daily duration metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - round(minimum::numeric,2) as min_duration, - round(maximum::numeric,2) as max_duration, - round(average::numeric,2) as avg_duration, - sample_count - from - aws_lambda_function_metric_duration_daily - where average < 5 - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n timestamp,\n round(minimum::numeric,2) as min_duration,\n\ + \ round(maximum::numeric,2) as max_duration,\n round(average::numeric,2) as\ + \ avg_duration,\n sample_count\nfrom\n aws_lambda_function_metric_duration_daily\n\ + where average < 5\norder by\n name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: Find AWS Lambda Function Daily Duration Metrics diff --git a/queries/aws_lambda_function_metric_errors_daily_1.yaml b/queries/aws_lambda_function_metric_errors_daily_1.yaml index 0bf85f370..34f849b62 100755 --- a/queries/aws_lambda_function_metric_errors_daily_1.yaml +++ b/queries/aws_lambda_function_metric_errors_daily_1.yaml @@ -1,30 +1,20 @@ +Description: Allows users to query AWS Lambda Function error metrics on a daily basis. ID: aws_lambda_function_metric_errors_daily_1 -Title: "List AWS Lambda Function Daily Error Metrics" -Description: "Allows users to query AWS Lambda Function error metrics on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_lambda_function_metric_errors_daily - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n timestamp,\n minimum,\n maximum,\n average,\n\ + \ sample_count\nfrom\n aws_lambda_function_metric_errors_daily\norder by\n \ + \ name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: List AWS Lambda Function Daily Error Metrics diff --git a/queries/aws_lambda_function_metric_errors_daily_2.yaml b/queries/aws_lambda_function_metric_errors_daily_2.yaml index aa6b01139..5bd96d797 100755 --- a/queries/aws_lambda_function_metric_errors_daily_2.yaml +++ b/queries/aws_lambda_function_metric_errors_daily_2.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query AWS Lambda Function error metrics on a daily basis. ID: aws_lambda_function_metric_errors_daily_2 -Title: "List All AWS Lambda Function Errors Metrics Daily" -Description: "Allows users to query AWS Lambda Function error metrics on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - round(minimum::numeric,2) as min_error, - round(maximum::numeric,2) as max_error, - round(average::numeric,2) as avg_error, - sample_count - from - aws_lambda_function_metric_errors_daily - where average < 1 - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n timestamp,\n round(minimum::numeric,2) as min_error,\n\ + \ round(maximum::numeric,2) as max_error,\n round(average::numeric,2) as avg_error,\n\ + \ sample_count\nfrom\n aws_lambda_function_metric_errors_daily\nwhere average\ + \ < 1\norder by\n name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: List All AWS Lambda Function Errors Metrics Daily diff --git a/queries/aws_lambda_function_metric_invocations_daily_1.yaml b/queries/aws_lambda_function_metric_invocations_daily_1.yaml index cb4dba768..91cb1f5ff 100755 --- a/queries/aws_lambda_function_metric_invocations_daily_1.yaml +++ b/queries/aws_lambda_function_metric_invocations_daily_1.yaml @@ -1,27 +1,19 @@ +Description: Allows users to query AWS Lambda Function Metrics on a daily basis. ID: aws_lambda_function_metric_invocations_daily_1 -Title: "Find All Daily AWS Lambda Function Metrics Using SQL" -Description: "Allows users to query AWS Lambda Function Metrics on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - sum - from - aws_lambda_function_metric_invocations_daily - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n timestamp,\n sum\nfrom\n aws_lambda_function_metric_invocations_daily\n\ + order by\n name,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Lambda Function +Title: Find All Daily AWS Lambda Function Metrics Using SQL diff --git a/queries/aws_lambda_function_metric_invocations_daily_2.yaml b/queries/aws_lambda_function_metric_invocations_daily_2.yaml index 6cbce8711..0c2be8bd7 100755 --- a/queries/aws_lambda_function_metric_invocations_daily_2.yaml +++ b/queries/aws_lambda_function_metric_invocations_daily_2.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query AWS Lambda Function Metrics on a daily basis. ID: aws_lambda_function_metric_invocations_daily_2 -Title: "Find AWS Lambda Function Metrics on a Daily Basis" -Description: "Allows users to query AWS Lambda Function Metrics on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - timestamp, - round(sum::numeric,2) as sum_invocations, - sample_count - from - aws_lambda_function_metric_invocations_daily - where - date_part('day', now() - timestamp) <=3 - and sum > 10 - order by - name, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n timestamp,\n round(sum::numeric,2) as sum_invocations,\n\ + \ sample_count\nfrom\n aws_lambda_function_metric_invocations_daily\nwhere \n\ + \ date_part('day', now() - timestamp) <=3\nand sum > 10\norder by\n name,\n\ + \ timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda Function Metrics +Title: Find AWS Lambda Function Metrics on a Daily Basis diff --git a/queries/aws_lambda_layer_1.yaml b/queries/aws_lambda_layer_1.yaml index bf1207445..44c7d71d0 100755 --- a/queries/aws_lambda_layer_1.yaml +++ b/queries/aws_lambda_layer_1.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Lambda Layers and retrieve information including + layer ARNs, layer versions, compatible runtimes, and more. ID: aws_lambda_layer_1 -Title: "Find all AWS Lambda Layer Details" -Description: "Allows users to query AWS Lambda Layers and retrieve information including layer ARNs, layer versions, compatible runtimes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - layer_arn, - layer_name, - layer_version_arn, - created_date, - jsonb_pretty(compatible_runtimes) as compatible_runtimes, - jsonb_pretty(compatible_architectures) as compatible_architectures, - version - from - aws_lambda_layer; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n layer_arn,\n layer_name,\n layer_version_arn,\n created_date,\n\ + \ jsonb_pretty(compatible_runtimes) as compatible_runtimes,\n jsonb_pretty(compatible_architectures)\ + \ as compatible_architectures,\n version\nfrom\n aws_lambda_layer;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Lambda +Title: Find all AWS Lambda Layer Details diff --git a/queries/aws_lambda_layer_version_1.yaml b/queries/aws_lambda_layer_version_1.yaml index 7b7982d00..4ad0680a9 100755 --- a/queries/aws_lambda_layer_version_1.yaml +++ b/queries/aws_lambda_layer_version_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Lambda Layer Versions, providing detailed information + about each layer version, including its ARN, description, license info, compatible + runtimes, created date, and more. ID: aws_lambda_layer_version_1 -Title: "Find AWS Lambda Layer Version Details" -Description: "Allows users to query AWS Lambda Layer Versions, providing detailed information about each layer version, including its ARN, description, license info, compatible runtimes, created date, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - layer_arn, - layer_name, - layer_version_arn, - created_date, - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std, - version - from - aws_lambda_layer_version; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n layer_arn,\n layer_name,\n layer_version_arn,\n created_date,\n\ + \ jsonb_pretty(policy) as policy,\n jsonb_pretty(policy_std) as policy_std,\n\ + \ version\nfrom\n aws_lambda_layer_version;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: Find AWS Lambda Layer Version Details diff --git a/queries/aws_lambda_version_1.yaml b/queries/aws_lambda_version_1.yaml index dcafc9e1c..07bcccdbf 100755 --- a/queries/aws_lambda_version_1.yaml +++ b/queries/aws_lambda_version_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Lambda Versions to fetch detailed information + about each version of a specific AWS Lambda function. ID: aws_lambda_version_1 -Title: "Find AWS Lambda Versions and Details" -Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - function_name, - version, - runtime, - handler - from - aws_lambda_version; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n function_name,\n version,\n runtime,\n handler\nfrom\n\ + \ aws_lambda_version;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: Find AWS Lambda Versions and Details diff --git a/queries/aws_lambda_version_2.yaml b/queries/aws_lambda_version_2.yaml index 1353600c5..6f8122ade 100755 --- a/queries/aws_lambda_version_2.yaml +++ b/queries/aws_lambda_version_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Lambda Versions to fetch detailed information + about each version of a specific AWS Lambda function. ID: aws_lambda_version_2 -Title: "List AWS Lambda Versions to Fetch Detailed Information" -Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - function_name, - version, - timeout - from - aws_lambda_version - where - timeout :: int > 120; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n function_name,\n version,\n timeout\nfrom\n aws_lambda_version\n\ + where\n timeout :: int > 120;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: List AWS Lambda Versions to Fetch Detailed Information diff --git a/queries/aws_lambda_version_3.yaml b/queries/aws_lambda_version_3.yaml index 3ac4a2a09..81474228b 100755 --- a/queries/aws_lambda_version_3.yaml +++ b/queries/aws_lambda_version_3.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Lambda Versions to fetch detailed information + about each version of a specific AWS Lambda function. ID: aws_lambda_version_3 -Title: "Find all Versions of a Specific AWS Lambda Function" -Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - function_name, - version, - vpc_id, - vpc_security_group_ids, - vpc_subnet_ids - from - aws_lambda_version; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n function_name,\n version,\n vpc_id,\n vpc_security_group_ids,\n\ + \ vpc_subnet_ids\nfrom\n aws_lambda_version;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: Find all Versions of a Specific AWS Lambda Function diff --git a/queries/aws_lambda_version_4.yaml b/queries/aws_lambda_version_4.yaml index eebddae38..1b9fa1bb6 100755 --- a/queries/aws_lambda_version_4.yaml +++ b/queries/aws_lambda_version_4.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query AWS Lambda Versions to fetch detailed information + about each version of a specific AWS Lambda function. ID: aws_lambda_version_4 -Title: "Query AWS Lambda Versions for Detailed Information" -Description: "Allows users to query AWS Lambda Versions to fetch detailed information about each version of a specific AWS Lambda function." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_lambda_version; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n jsonb_pretty(policy) as policy,\n jsonb_pretty(policy_std)\ + \ as policy_std\nfrom\n aws_lambda_version;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lambda +Title: Query AWS Lambda Versions for Detailed Information diff --git a/queries/aws_lightsail_bucket_1.yaml b/queries/aws_lightsail_bucket_1.yaml index d4cc279c4..a131dbe5e 100755 --- a/queries/aws_lightsail_bucket_1.yaml +++ b/queries/aws_lightsail_bucket_1.yaml @@ -1,25 +1,19 @@ +Description: Allows users to query AWS Lightsail Buckets and retrieve detailed information + such as bucket configuration, access rules, tags, and more. ID: aws_lightsail_bucket_1 -Title: "Find AWS Lightsail Buckets and Retrieve Detailed Information" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - state_code, - created_at - from - aws_lightsail_bucket; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n state_code,\n created_at\nfrom\n aws_lightsail_bucket;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lightsail Buckets +Title: Find AWS Lightsail Buckets and Retrieve Detailed Information diff --git a/queries/aws_lightsail_bucket_2.yaml b/queries/aws_lightsail_bucket_2.yaml index 9014e4c38..484eeb6b0 100755 --- a/queries/aws_lightsail_bucket_2.yaml +++ b/queries/aws_lightsail_bucket_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Lightsail Buckets and retrieve detailed information + such as bucket configuration, access rules, tags, and more. ID: aws_lightsail_bucket_2 -Title: "List all AWS Lightsail Buckets and Configurations" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - region, - count(*) as bucket_count - from - aws_lightsail_bucket - group by - region; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n region,\n count(*) as bucket_count\nfrom\n aws_lightsail_bucket\n\ + group by\n region;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lightsail +Title: List all AWS Lightsail Buckets and Configurations diff --git a/queries/aws_lightsail_bucket_3.yaml b/queries/aws_lightsail_bucket_3.yaml index 741b0b597..bc094ac17 100755 --- a/queries/aws_lightsail_bucket_3.yaml +++ b/queries/aws_lightsail_bucket_3.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Lightsail Buckets and retrieve detailed information + such as bucket configuration, access rules, tags, and more. ID: aws_lightsail_bucket_3 -Title: "List all AWS Lightsail Buckets with Public Access" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - region, - access_rules ->> 'GetObject' as public_access - from - aws_lightsail_bucket - where - access_rules ->> 'GetObject' = 'public'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n region,\n access_rules ->> 'GetObject' as public_access\n\ + from\n aws_lightsail_bucket\nwhere\n access_rules ->> 'GetObject' = 'public';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lightsail +Title: List all AWS Lightsail Buckets with Public Access diff --git a/queries/aws_lightsail_bucket_4.yaml b/queries/aws_lightsail_bucket_4.yaml index da3a0ca0d..948898a5c 100755 --- a/queries/aws_lightsail_bucket_4.yaml +++ b/queries/aws_lightsail_bucket_4.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Lightsail Buckets and retrieve detailed information + such as bucket configuration, access rules, tags, and more. ID: aws_lightsail_bucket_4 -Title: "Find AWS Lightsail Buckets with Configuration Details" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_at - from - aws_lightsail_bucket - where - created_at >= (current_date - interval '30' day); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_at\nfrom\n aws_lightsail_bucket\nwhere\n\ + \ created_at >= (current_date - interval '30' day);" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lightsail +Title: Find AWS Lightsail Buckets with Configuration Details diff --git a/queries/aws_lightsail_bucket_5.yaml b/queries/aws_lightsail_bucket_5.yaml index 5c622e886..017619931 100755 --- a/queries/aws_lightsail_bucket_5.yaml +++ b/queries/aws_lightsail_bucket_5.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Lightsail Buckets and retrieve detailed information + such as bucket configuration, access rules, tags, and more. ID: aws_lightsail_bucket_5 -Title: "Find all AWS Lightsail Buckets without tags" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - tags - from - aws_lightsail_bucket - where - tags is null or tags = '[]'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n tags\nfrom\n aws_lightsail_bucket\nwhere\n\ + \ tags is null or tags = '[]';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lightsail +Title: Find all AWS Lightsail Buckets without tags diff --git a/queries/aws_lightsail_bucket_6.yaml b/queries/aws_lightsail_bucket_6.yaml index 334197bed..149532e21 100755 --- a/queries/aws_lightsail_bucket_6.yaml +++ b/queries/aws_lightsail_bucket_6.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Lightsail Buckets and retrieve detailed information + such as bucket configuration, access rules, tags, and more. ID: aws_lightsail_bucket_6 -Title: "Find AWS Lightsail Buckets with Enabled Versioning" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - object_versioning - from - aws_lightsail_bucket - where - object_versioning = 'Enabled'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n object_versioning\nfrom\n aws_lightsail_bucket\n\ + where\n object_versioning = 'Enabled';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lightsail +Title: Find AWS Lightsail Buckets with Enabled Versioning diff --git a/queries/aws_lightsail_bucket_7.yaml b/queries/aws_lightsail_bucket_7.yaml index 4b647f772..7bcee7f66 100755 --- a/queries/aws_lightsail_bucket_7.yaml +++ b/queries/aws_lightsail_bucket_7.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Lightsail Buckets and retrieve detailed information + such as bucket configuration, access rules, tags, and more. ID: aws_lightsail_bucket_7 -Title: "Find AWS Lightsail Bucket Configuration and Access Rules" -Description: "Allows users to query AWS Lightsail Buckets and retrieve detailed information such as bucket configuration, access rules, tags, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_log_config ->> 'Enabled' as access_log_enabled, - access_log_config ->> 'Destination' as access_log_destination, - access_log_config ->> 'Prefix' as access_log_prefix - from - aws_lightsail_bucket; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n access_log_config ->> 'Enabled' as access_log_enabled,\n\ + \ access_log_config ->> 'Destination' as access_log_destination,\n access_log_config\ + \ ->> 'Prefix' as access_log_prefix\nfrom\n aws_lightsail_bucket;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lightsail +Title: Find AWS Lightsail Bucket Configuration and Access Rules diff --git a/queries/aws_lightsail_instance_1.yaml b/queries/aws_lightsail_instance_1.yaml index ffe0bf0e2..189d52c6b 100755 --- a/queries/aws_lightsail_instance_1.yaml +++ b/queries/aws_lightsail_instance_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Lightsail Instances and retrieve detailed information + about each instance such as instance state, type, associated bundles, and more. ID: aws_lightsail_instance_1 -Title: "List all AWS Lightsail instances with details" -Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - availability_zone as az, - bundle_id, - count(*) - from - aws_lightsail_instance - group by - availability_zone, - bundle_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n availability_zone as az,\n bundle_id,\n count(*)\n\ + from\n aws_lightsail_instance\ngroup by\n availability_zone,\n bundle_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lightsail +Title: List all AWS Lightsail instances with details diff --git a/queries/aws_lightsail_instance_2.yaml b/queries/aws_lightsail_instance_2.yaml index 60feeca82..41a2c7b41 100755 --- a/queries/aws_lightsail_instance_2.yaml +++ b/queries/aws_lightsail_instance_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Lightsail Instances and retrieve detailed information + about each instance such as instance state, type, associated bundles, and more. ID: aws_lightsail_instance_2 -Title: "List all AWS Lightsail Instances with Stopped State" -Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - state_name - from - aws_lightsail_instance - where - state_name = 'stopped' - and created_at <= (current_date - interval '30' day); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n state_name\nfrom\n aws_lightsail_instance\n\ + where\n state_name = 'stopped'\n and created_at <= (current_date - interval\ + \ '30' day);" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lightsail +Title: List all AWS Lightsail Instances with Stopped State diff --git a/queries/aws_lightsail_instance_3.yaml b/queries/aws_lightsail_instance_3.yaml index 6bea4b782..8a30acaf3 100755 --- a/queries/aws_lightsail_instance_3.yaml +++ b/queries/aws_lightsail_instance_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Lightsail Instances and retrieve detailed information + about each instance such as instance state, type, associated bundles, and more. ID: aws_lightsail_instance_3 -Title: "List AWS Lightsail Instances with State and Details" -Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - state_name, - bundle_id, - region - from - aws_lightsail_instance - where - public_ip_address is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n state_name,\n bundle_id,\n region\nfrom\n\ + \ aws_lightsail_instance\nwhere\n public_ip_address is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lightsail +Title: List AWS Lightsail Instances with State and Details diff --git a/queries/aws_lightsail_instance_4.yaml b/queries/aws_lightsail_instance_4.yaml index 6109f4413..933cb6d2d 100755 --- a/queries/aws_lightsail_instance_4.yaml +++ b/queries/aws_lightsail_instance_4.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Lightsail Instances and retrieve detailed information + about each instance such as instance state, type, associated bundles, and more. ID: aws_lightsail_instance_4 -Title: "List all AWS Lightsail Instances and Their Details" -Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - tags - from - aws_lightsail_instance - where - not tags :: JSONB ? 'application'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n tags\nfrom\n aws_lightsail_instance\nwhere\n\ + \ not tags :: JSONB ? 'application';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Lightsail +Title: List all AWS Lightsail Instances and Their Details diff --git a/queries/aws_lightsail_instance_5.yaml b/queries/aws_lightsail_instance_5.yaml index 2a2c863f1..a5d8ec801 100755 --- a/queries/aws_lightsail_instance_5.yaml +++ b/queries/aws_lightsail_instance_5.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS Lightsail Instances and retrieve detailed information + about each instance such as instance state, type, associated bundles, and more. ID: aws_lightsail_instance_5 -Title: "Find AWS Lightsail Instances with Details" -Description: "Allows users to query AWS Lightsail Instances and retrieve detailed information about each instance such as instance state, type, associated bundles, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - hardware ->> 'CpuCount' as "CPU Count", - hardware ->> 'RamSizeInGb' as "RAM Size (in GB)" - from - aws_lightsail_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n hardware ->> 'CpuCount' as \"CPU Count\",\n\ + \ hardware ->> 'RamSizeInGb' as \"RAM Size (in GB)\"\nfrom\n aws_lightsail_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lightsail +Title: Find AWS Lightsail Instances with Details diff --git a/queries/aws_macie2_classification_job_1.yaml b/queries/aws_macie2_classification_job_1.yaml index d53445b31..d5b8ec4b8 100755 --- a/queries/aws_macie2_classification_job_1.yaml +++ b/queries/aws_macie2_classification_job_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Macie2 Classification Jobs and retrieve detailed + information about each job''s settings, status, and results. ID: aws_macie2_classification_job_1 -Title: "List all AWS Macie2 Classification Jobs and Status" -Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - job_id, - arn, - name, - job_status, - region - from - aws_macie2_classification_job; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n job_id,\n arn,\n name,\n job_status,\n region\nfrom\n\ + \ aws_macie2_classification_job;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Macie2 +Title: List all AWS Macie2 Classification Jobs and Status diff --git a/queries/aws_macie2_classification_job_2.yaml b/queries/aws_macie2_classification_job_2.yaml index c7e52131b..ea684c24f 100755 --- a/queries/aws_macie2_classification_job_2.yaml +++ b/queries/aws_macie2_classification_job_2.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Macie2 Classification Jobs and retrieve detailed + information about each job''s settings, status, and results. ID: aws_macie2_classification_job_2 -Title: "List AWS Macie2 Classification Jobs and Details" -Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - job_id, - detail -> 'AccountId' as account_id, - detail -> 'Buckets' as buckets - from - aws_macie2_classification_job, - jsonb_array_elements(s3_job_definition -> 'BucketDefinitions') as detail; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n job_id,\n detail -> 'AccountId' as account_id,\n detail\ + \ -> 'Buckets' as buckets\nfrom\n aws_macie2_classification_job,\n jsonb_array_elements(s3_job_definition\ + \ -> 'BucketDefinitions') as detail;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Macie2 +Title: List AWS Macie2 Classification Jobs and Details diff --git a/queries/aws_macie2_classification_job_3.yaml b/queries/aws_macie2_classification_job_3.yaml index 0515ba077..e2d5f737d 100755 --- a/queries/aws_macie2_classification_job_3.yaml +++ b/queries/aws_macie2_classification_job_3.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Macie2 Classification Jobs and retrieve detailed + information about each job''s settings, status, and results. ID: aws_macie2_classification_job_3 -Title: "Find AWS Macie2 Classification Jobs with Cancelled or Paused Status" -Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - job_id, - arn, - name, - job_status as status - from - aws_macie2_classification_job - where - job_status = 'CANCELLED' - or job_status = 'PAUSED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n job_id,\n arn,\n name,\n job_status as status\nfrom\n\ + \ aws_macie2_classification_job\nwhere\n job_status = 'CANCELLED'\n or job_status\ + \ = 'PAUSED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Macie2 +Title: Find AWS Macie2 Classification Jobs with Cancelled or Paused Status diff --git a/queries/aws_macie2_classification_job_4.yaml b/queries/aws_macie2_classification_job_4.yaml index 9d5a4990b..db4583808 100755 --- a/queries/aws_macie2_classification_job_4.yaml +++ b/queries/aws_macie2_classification_job_4.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Macie2 Classification Jobs and retrieve detailed + information about each job''s settings, status, and results. ID: aws_macie2_classification_job_4 -Title: "List AWS Macie2 Classification Jobs and Details" -Description: "Allows users to query AWS Macie2 Classification Jobs and retrieve detailed information about each job''s settings, status, and results." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - job_id, - arn, - statistics ->> 'ApproximateNumberOfObjectsToProcess' as approximate_number_of_objects_to_process, - statistics ->> 'NumberOfRuns' as number_of_runs - from - aws_macie2_classification_job; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n job_id,\n arn,\n statistics ->> 'ApproximateNumberOfObjectsToProcess'\ + \ as approximate_number_of_objects_to_process,\n statistics ->> 'NumberOfRuns'\ + \ as number_of_runs\nfrom\n aws_macie2_classification_job;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Macie2 +Title: List AWS Macie2 Classification Jobs and Details diff --git a/queries/aws_media_store_container_1.yaml b/queries/aws_media_store_container_1.yaml index 4485e84b9..238944976 100755 --- a/queries/aws_media_store_container_1.yaml +++ b/queries/aws_media_store_container_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS MediaStore Container information, including + ARN, creation time, status, and access logging details. ID: aws_media_store_container_1 -Title: "List AWS MediaStore Container Details" -Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - access_logging_enabled, - creation_time, - endpoint - from - aws_media_store_container; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n status,\n access_logging_enabled,\n\ + \ creation_time,\n endpoint\nfrom\n aws_media_store_container;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MediaStore +Title: List AWS MediaStore Container Details diff --git a/queries/aws_media_store_container_2.yaml b/queries/aws_media_store_container_2.yaml index 0366e92cc..eb146c0af 100755 --- a/queries/aws_media_store_container_2.yaml +++ b/queries/aws_media_store_container_2.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS MediaStore Container information, including + ARN, creation time, status, and access logging details. ID: aws_media_store_container_2 -Title: "List all AWS MediaStore Containers with details" -Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - access_logging_enabled, - creation_time, - endpoint - from - aws_media_store_container - where - status = 'CREATING'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n status,\n access_logging_enabled,\n\ + \ creation_time,\n endpoint\nfrom\n aws_media_store_container\nwhere\n status\ + \ = 'CREATING';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MediaStore +Title: List all AWS MediaStore Containers with details diff --git a/queries/aws_media_store_container_3.yaml b/queries/aws_media_store_container_3.yaml index f2fc82490..b2dd26355 100755 --- a/queries/aws_media_store_container_3.yaml +++ b/queries/aws_media_store_container_3.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS MediaStore Container information, including + ARN, creation time, status, and access logging details. ID: aws_media_store_container_3 -Title: "List AWS MediaStore Container Info with ARN and Status" -Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_media_store_container; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n jsonb_pretty(policy) as policy,\n jsonb_pretty(policy_std)\ + \ as policy_std\nfrom\n aws_media_store_container;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MediaStore +Title: List AWS MediaStore Container Info with ARN and Status diff --git a/queries/aws_media_store_container_4.yaml b/queries/aws_media_store_container_4.yaml index 870746f67..2ee40d716 100755 --- a/queries/aws_media_store_container_4.yaml +++ b/queries/aws_media_store_container_4.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS MediaStore Container information, including + ARN, creation time, status, and access logging details. ID: aws_media_store_container_4 -Title: "Find AWS MediaStore Container Info with Access Logging" -Description: "Allows users to query AWS MediaStore Container information, including ARN, creation time, status, and access logging details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - access_logging_enabled - from - aws_media_store_container - where - access_logging_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n access_logging_enabled\nfrom\n aws_media_store_container\n\ + where\n access_logging_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MediaStore +Title: Find AWS MediaStore Container Info with Access Logging diff --git a/queries/aws_memorydb_cluster_1.yaml b/queries/aws_memorydb_cluster_1.yaml index f40dac2a8..b3d0705d2 100755 --- a/queries/aws_memorydb_cluster_1.yaml +++ b/queries/aws_memorydb_cluster_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS MemoryDB clusters, providing detailed information + on cluster configurations and statuses. ID: aws_memorydb_cluster_1 -Title: "List all AWS MemoryDB Clusters and Configurations" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - node_type, - engine_version, - region - from - aws_memorydb_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n status,\n node_type,\n engine_version,\n\ + \ region\nfrom\n aws_memorydb_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MemoryDB +Title: List all AWS MemoryDB Clusters and Configurations diff --git a/queries/aws_memorydb_cluster_2.yaml b/queries/aws_memorydb_cluster_2.yaml index 2bc431574..c0bb3685f 100755 --- a/queries/aws_memorydb_cluster_2.yaml +++ b/queries/aws_memorydb_cluster_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS MemoryDB clusters, providing detailed information + on cluster configurations and statuses. ID: aws_memorydb_cluster_2 -Title: "List all AWS MemoryDB Clusters with SQL" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - auto_minor_version_upgrade - from - aws_memorydb_cluster - where - auto_minor_version_upgrade = true; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n auto_minor_version_upgrade\nfrom\n \ + \ aws_memorydb_cluster\nwhere\n auto_minor_version_upgrade = true;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MemoryDB +Title: List all AWS MemoryDB Clusters with SQL diff --git a/queries/aws_memorydb_cluster_3.yaml b/queries/aws_memorydb_cluster_3.yaml index 913499acf..15efc5bf6 100755 --- a/queries/aws_memorydb_cluster_3.yaml +++ b/queries/aws_memorydb_cluster_3.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS MemoryDB clusters, providing detailed information + on cluster configurations and statuses. ID: aws_memorydb_cluster_3 -Title: "List all AWS MemoryDB clusters and their configurations" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - availability_mode - from - aws_memorydb_cluster - where - availability_mode = 'multiaz'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n availability_mode\nfrom\n aws_memorydb_cluster\n\ + where\n availability_mode = 'multiaz';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MemoryDB +Title: List all AWS MemoryDB clusters and their configurations diff --git a/queries/aws_memorydb_cluster_4.yaml b/queries/aws_memorydb_cluster_4.yaml index b25482d5d..caff60804 100755 --- a/queries/aws_memorydb_cluster_4.yaml +++ b/queries/aws_memorydb_cluster_4.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS MemoryDB clusters, providing detailed information + on cluster configurations and statuses. ID: aws_memorydb_cluster_4 -Title: "Find All AWS MemoryDB Clusters Without TLS Encryption" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - tls_enabled - from - aws_memorydb_cluster - where - tls_enabled = false; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n tls_enabled\nfrom\n aws_memorydb_cluster\n\ + where\n tls_enabled = false;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MemoryDB +Title: Find All AWS MemoryDB Clusters Without TLS Encryption diff --git a/queries/aws_memorydb_cluster_5.yaml b/queries/aws_memorydb_cluster_5.yaml index cf6211ec4..2736688a4 100755 --- a/queries/aws_memorydb_cluster_5.yaml +++ b/queries/aws_memorydb_cluster_5.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS MemoryDB clusters, providing detailed information + on cluster configurations and statuses. ID: aws_memorydb_cluster_5 -Title: "List All AWS MemoryDB Cluster Configurations and Statuses" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - maintenance_window - from - aws_memorydb_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n maintenance_window\nfrom\n aws_memorydb_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MemoryDB +Title: List All AWS MemoryDB Cluster Configurations and Statuses diff --git a/queries/aws_memorydb_cluster_6.yaml b/queries/aws_memorydb_cluster_6.yaml index 091e90f1e..2b53ab5d6 100755 --- a/queries/aws_memorydb_cluster_6.yaml +++ b/queries/aws_memorydb_cluster_6.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS MemoryDB clusters, providing detailed information + on cluster configurations and statuses. ID: aws_memorydb_cluster_6 -Title: "Find AWS MemoryDB Cluster Configurations and Statuses" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - node_type - from - aws_memorydb_cluster - where - node_type = 'db.r6gd.xlarge'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n node_type\nfrom\n aws_memorydb_cluster\n\ + where\n node_type = 'db.r6gd.xlarge';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MemoryDB +Title: Find AWS MemoryDB Cluster Configurations and Statuses diff --git a/queries/aws_memorydb_cluster_7.yaml b/queries/aws_memorydb_cluster_7.yaml index 67598230a..31dc3f45a 100755 --- a/queries/aws_memorydb_cluster_7.yaml +++ b/queries/aws_memorydb_cluster_7.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS MemoryDB clusters, providing detailed information + on cluster configurations and statuses. ID: aws_memorydb_cluster_7 -Title: "Find all AWS MemoryDB Cluster Configurations and Statuses" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - number_of_shards, - shards - from - aws_memorydb_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n number_of_shards,\n shards\nfrom\n\ + \ aws_memorydb_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MemoryDB +Title: Find all AWS MemoryDB Cluster Configurations and Statuses diff --git a/queries/aws_memorydb_cluster_8.yaml b/queries/aws_memorydb_cluster_8.yaml index 9c650e338..5759c3773 100755 --- a/queries/aws_memorydb_cluster_8.yaml +++ b/queries/aws_memorydb_cluster_8.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS MemoryDB clusters, providing detailed information + on cluster configurations and statuses. ID: aws_memorydb_cluster_8 -Title: "Find AWS MemoryDB Clusters with Pending Updates" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - pending_updates - from - aws_memorydb_cluster - where - jsonb_array_length(pending_updates) > 0; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n pending_updates\nfrom\n aws_memorydb_cluster\n\ + where\n jsonb_array_length(pending_updates) > 0;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MemoryDB +Title: Find AWS MemoryDB Clusters with Pending Updates diff --git a/queries/aws_memorydb_cluster_9.yaml b/queries/aws_memorydb_cluster_9.yaml index cb9fabe8e..3522d4c94 100755 --- a/queries/aws_memorydb_cluster_9.yaml +++ b/queries/aws_memorydb_cluster_9.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS MemoryDB clusters, providing detailed information + on cluster configurations and statuses. ID: aws_memorydb_cluster_9 -Title: "Find all AWS MemoryDB Clusters and their configurations" -Description: "Allows users to query AWS MemoryDB clusters, providing detailed information on cluster configurations and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - snapshot_retention_limit, - snapshot_window - from - aws_memorydb_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n snapshot_retention_limit,\n snapshot_window\n\ + from\n aws_memorydb_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MemoryDB +Title: Find all AWS MemoryDB Clusters and their configurations diff --git a/queries/aws_mgn_application_1.yaml b/queries/aws_mgn_application_1.yaml index 3a3034a22..d29ce6899 100755 --- a/queries/aws_mgn_application_1.yaml +++ b/queries/aws_mgn_application_1.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS Migration Service Applications to retrieve + detailed information about each application. ID: aws_mgn_application_1 -Title: "List all AWS Migration Service Applications with Details" -Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - application_id, - creation_date_time, - is_archived, - wave_id, - tags - from - aws_mgn_application; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n application_id,\n creation_date_time,\n\ + \ is_archived,\n wave_id,\n tags\nfrom\n aws_mgn_application;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Migration Service +Title: List all AWS Migration Service Applications with Details diff --git a/queries/aws_mgn_application_2.yaml b/queries/aws_mgn_application_2.yaml index 482090ce1..0abe43b89 100755 --- a/queries/aws_mgn_application_2.yaml +++ b/queries/aws_mgn_application_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Migration Service Applications to retrieve + detailed information about each application. ID: aws_mgn_application_2 -Title: "List AWS Migration Service Applications with Details" -Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - application_id, - creation_date_time, - is_archived - from - aws_mgn_application - where - is_archived; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n application_id,\n creation_date_time,\n\ + \ is_archived\nfrom\n aws_mgn_application\nwhere\n is_archived;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Migration Service +Title: List AWS Migration Service Applications with Details diff --git a/queries/aws_mgn_application_3.yaml b/queries/aws_mgn_application_3.yaml index 2aabe2533..93eff9032 100755 --- a/queries/aws_mgn_application_3.yaml +++ b/queries/aws_mgn_application_3.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Migration Service Applications to retrieve + detailed information about each application. ID: aws_mgn_application_3 -Title: "List All AWS Migration Service Applications Details" -Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - application_id, - application_aggregated_status ->> 'HealthStatus' as health_status, - application_aggregated_status ->> 'ProgressStatus' as progress_status, - application_aggregated_status ->> 'TotalSourceServers' as total_source_servers - from - aws_mgn_application; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n application_id,\n application_aggregated_status\ + \ ->> 'HealthStatus' as health_status,\n application_aggregated_status ->> 'ProgressStatus'\ + \ as progress_status,\n application_aggregated_status ->> 'TotalSourceServers'\ + \ as total_source_servers\nfrom\n aws_mgn_application;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Migration Service +Title: List All AWS Migration Service Applications Details diff --git a/queries/aws_mgn_application_4.yaml b/queries/aws_mgn_application_4.yaml index a7fa50fe7..1a054f946 100755 --- a/queries/aws_mgn_application_4.yaml +++ b/queries/aws_mgn_application_4.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Migration Service Applications to retrieve + detailed information about each application. ID: aws_mgn_application_4 -Title: "List AWS Migration Service Applications with Details" -Description: "Allows users to query AWS Migration Service Applications to retrieve detailed information about each application." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - application_id, - creation_date_time, - is_archived, - wave_id - from - aws_mgn_application - where - creation_date_time >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n application_id,\n creation_date_time,\n is_archived,\n\ + \ wave_id\nfrom\n aws_mgn_application\nwhere\n creation_date_time >= now()\ + \ - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Migration Service +Title: List AWS Migration Service Applications with Details diff --git a/queries/aws_mq_broker_1.yaml b/queries/aws_mq_broker_1.yaml index ffc01fbe5..63777212f 100755 --- a/queries/aws_mq_broker_1.yaml +++ b/queries/aws_mq_broker_1.yaml @@ -1,32 +1,22 @@ +Description: Allows users to query AWS MQ Brokers. ID: aws_mq_broker_1 -Title: "List all AWS MQ Brokers with Key Details" -Description: "Allows users to query AWS MQ Brokers." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - broker_name, - broker_state, - deployment_mode, - created, - host_instance_type, - engine_type, - engine_version - tags - from - aws_mq_broker; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n broker_name,\n broker_state,\n deployment_mode,\n\ + \ created,\n host_instance_type,\n engine_type,\n engine_version\n tags\n\ + from\n aws_mq_broker;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MQ +Title: List all AWS MQ Brokers with Key Details diff --git a/queries/aws_mq_broker_2.yaml b/queries/aws_mq_broker_2.yaml index 52c216124..b5c585d72 100755 --- a/queries/aws_mq_broker_2.yaml +++ b/queries/aws_mq_broker_2.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query AWS MQ Brokers. ID: aws_mq_broker_2 -Title: "Find AWS MQ Brokers with Reboot In Progress State" -Description: "Allows users to query AWS MQ Brokers." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - broker_name, - broker_state, - created - data_replication_mode, - authentication_strategy - from - aws_mq_broker - where - broker_state = 'REBOOT_IN_PROGRESS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n broker_name,\n broker_state,\n created\n data_replication_mode,\n\ + \ authentication_strategy\nfrom\n aws_mq_broker\nwhere\n broker_state = 'REBOOT_IN_PROGRESS';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MQ Brokers +Title: Find AWS MQ Brokers with Reboot In Progress State diff --git a/queries/aws_mq_broker_3.yaml b/queries/aws_mq_broker_3.yaml index b4a22fff3..60e56a7b9 100755 --- a/queries/aws_mq_broker_3.yaml +++ b/queries/aws_mq_broker_3.yaml @@ -1,27 +1,19 @@ +Description: Allows users to query AWS MQ Brokers. ID: aws_mq_broker_3 -Title: "List all AWS MQ Brokers with SQL Queries" -Description: "Allows users to query AWS MQ Brokers." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - broker_name, - broker_state, - created - from - aws_mq_broker - where - publicly_accessible; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n broker_name,\n broker_state,\n created\nfrom\n\ + \ aws_mq_broker\nwhere\n publicly_accessible;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MQ Brokers +Title: List all AWS MQ Brokers with SQL Queries diff --git a/queries/aws_mq_broker_4.yaml b/queries/aws_mq_broker_4.yaml index 32fd0572c..90282931d 100755 --- a/queries/aws_mq_broker_4.yaml +++ b/queries/aws_mq_broker_4.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS MQ Brokers. ID: aws_mq_broker_4 -Title: "Find all AWS MQ Brokers using SQL" -Description: "Allows users to query AWS MQ Brokers." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - broker_name, - encryption_options ->> 'UseAwsOwnedKey' as use_aws_owned_key, - created - from - aws_mq_broker - where - encryption_options ->> 'UseAwsOwnedKey' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n broker_name,\n encryption_options ->> 'UseAwsOwnedKey'\ + \ as use_aws_owned_key,\n created\nfrom\n aws_mq_broker\nwhere\n encryption_options\ + \ ->> 'UseAwsOwnedKey' = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MQ Broker +Title: Find all AWS MQ Brokers using SQL diff --git a/queries/aws_mq_broker_5.yaml b/queries/aws_mq_broker_5.yaml index 68ab43633..b33987497 100755 --- a/queries/aws_mq_broker_5.yaml +++ b/queries/aws_mq_broker_5.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS MQ Brokers. ID: aws_mq_broker_5 -Title: "Find all AWS MQ Brokers with Maintenance Window Info" -Description: "Allows users to query AWS MQ Brokers." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - broker_name, - maintenance_window_start_time -> 'DayOfWeek' as day_of_week, - maintenance_window_start_time -> 'TimeOfDay' as time_of_day, - maintenance_window_start_time -> 'TimeZone' as time_zone - from - aws_mq_broker; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n broker_name,\n maintenance_window_start_time\ + \ -> 'DayOfWeek' as day_of_week,\n maintenance_window_start_time -> 'TimeOfDay'\ + \ as time_of_day,\n maintenance_window_start_time -> 'TimeZone' as time_zone\n\ + from\n aws_mq_broker;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MQ +Title: Find all AWS MQ Brokers with Maintenance Window Info diff --git a/queries/aws_msk_cluster_1.yaml b/queries/aws_msk_cluster_1.yaml index 31c42e9db..03a66b8cd 100755 --- a/queries/aws_msk_cluster_1.yaml +++ b/queries/aws_msk_cluster_1.yaml @@ -1,29 +1,19 @@ +Description: Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters. ID: aws_msk_cluster_1 -Title: "Find AWS MSK Clusters using SQL with Steampipe Table" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - cluster_type, - creation_time, - current_version, - region, - tags - from - aws_msk_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n cluster_name,\n state,\n cluster_type,\n creation_time,\n\ + \ current_version,\n region,\n tags\nfrom\n aws_msk_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Managed Streaming for Apache Kafka +Title: Find AWS MSK Clusters using SQL with Steampipe Table diff --git a/queries/aws_msk_cluster_2.yaml b/queries/aws_msk_cluster_2.yaml index fab4ea26f..07104d83a 100755 --- a/queries/aws_msk_cluster_2.yaml +++ b/queries/aws_msk_cluster_2.yaml @@ -1,27 +1,19 @@ +Description: Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters. ID: aws_msk_cluster_2 -Title: "List all AWS MSK Clusters and Their States" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_cluster - where - state <> 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n cluster_name,\n state,\n creation_time\nfrom\n\ + \ aws_msk_cluster\nwhere\n state <> 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Managed Streaming for Apache Kafka +Title: List all AWS MSK Clusters and Their States diff --git a/queries/aws_msk_cluster_3.yaml b/queries/aws_msk_cluster_3.yaml index 627cf1182..6d03802b9 100755 --- a/queries/aws_msk_cluster_3.yaml +++ b/queries/aws_msk_cluster_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters. ID: aws_msk_cluster_3 -Title: "Find AWS MSK Clusters and Their Details" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_cluster - where - provisioned -> 'BrokerNodeGroupInfo' -> 'ConnectivityInfo' -> 'PublicAccess' ->> 'Type' <> 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n cluster_name,\n state,\n creation_time\nfrom\n\ + \ aws_msk_cluster\nwhere\n provisioned -> 'BrokerNodeGroupInfo' -> 'ConnectivityInfo'\ + \ -> 'PublicAccess' ->> 'Type' <> 'DISABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Managed Streaming for Apache Kafka (MSK) +Title: Find AWS MSK Clusters and Their Details diff --git a/queries/aws_msk_cluster_4.yaml b/queries/aws_msk_cluster_4.yaml index 978da7e64..61a4af117 100755 --- a/queries/aws_msk_cluster_4.yaml +++ b/queries/aws_msk_cluster_4.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters. ID: aws_msk_cluster_4 -Title: "List all AWS MSK Clusters with Unencrypted Data" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_cluster - where - provisioned -> 'EncryptionInfo' -> 'EncryptionAtRest' is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n cluster_name,\n state,\n creation_time\nfrom\n\ + \ aws_msk_cluster\nwhere\n provisioned -> 'EncryptionInfo' -> 'EncryptionAtRest'\ + \ is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Managed Streaming for Apache Kafka (MSK) +Title: List all AWS MSK Clusters with Unencrypted Data diff --git a/queries/aws_msk_cluster_5.yaml b/queries/aws_msk_cluster_5.yaml index 6c7b83079..bf721be34 100755 --- a/queries/aws_msk_cluster_5.yaml +++ b/queries/aws_msk_cluster_5.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters. ID: aws_msk_cluster_5 -Title: "List All AWS MSK Clusters with Specific Encryption State" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_cluster - where - provisioned -> 'EncryptionInfo' -> 'EncryptionInTransit' is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n cluster_name,\n state,\n creation_time\nfrom\n\ + \ aws_msk_cluster\nwhere\n provisioned -> 'EncryptionInfo' -> 'EncryptionInTransit'\ + \ is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Managed Streaming for Apache Kafka +Title: List All AWS MSK Clusters with Specific Encryption State diff --git a/queries/aws_msk_cluster_6.yaml b/queries/aws_msk_cluster_6.yaml index 8b23bfac4..0ae297253 100755 --- a/queries/aws_msk_cluster_6.yaml +++ b/queries/aws_msk_cluster_6.yaml @@ -1,27 +1,19 @@ +Description: Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters. ID: aws_msk_cluster_6 -Title: "List all AWS MSK Clusters with Missing Logging Info" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_cluster - where - provisioned -> 'LoggingInfo' is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n cluster_name,\n state,\n creation_time\nfrom\n\ + \ aws_msk_cluster\nwhere\n provisioned -> 'LoggingInfo' is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Managed Streaming for Apache Kafka +Title: List all AWS MSK Clusters with Missing Logging Info diff --git a/queries/aws_msk_cluster_7.yaml b/queries/aws_msk_cluster_7.yaml index 2b3e1a536..b1196cf14 100755 --- a/queries/aws_msk_cluster_7.yaml +++ b/queries/aws_msk_cluster_7.yaml @@ -1,22 +1,19 @@ +Description: Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters. ID: aws_msk_cluster_7 -Title: "Find Total Storage of AWS MSK Clusters" -Description: "Allows users to query AWS Managed Streaming for Apache Kafka (MSK) clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - sum((provisioned -> 'BrokerNodeGroupInfo' -> 'StorageInfo' -> 'EbsStorageInfo' ->> 'VolumeSize')::int) as total_storage - from - aws_msk_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n sum((provisioned -> 'BrokerNodeGroupInfo' -> 'StorageInfo'\ + \ -> 'EbsStorageInfo' ->> 'VolumeSize')::int) as total_storage\nfrom\n aws_msk_cluster;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Managed Streaming for Apache Kafka +Title: Find Total Storage of AWS MSK Clusters diff --git a/queries/aws_msk_serverless_cluster_1.yaml b/queries/aws_msk_serverless_cluster_1.yaml index a4d4b4058..ca8a0b8f3 100755 --- a/queries/aws_msk_serverless_cluster_1.yaml +++ b/queries/aws_msk_serverless_cluster_1.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS MSK Serverless Clusters to retrieve detailed + information about each cluster. ID: aws_msk_serverless_cluster_1 -Title: "List AWS MSK Serverless Clusters with Detailed Info" -Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - cluster_type, - creation_time, - current_version, - region, - tags - from - aws_msk_serverless_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n cluster_name,\n state,\n cluster_type,\n creation_time,\n\ + \ current_version,\n region,\n tags\nfrom\n aws_msk_serverless_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Managed Streaming for Kafka (MSK) +Title: List AWS MSK Serverless Clusters with Detailed Info diff --git a/queries/aws_msk_serverless_cluster_2.yaml b/queries/aws_msk_serverless_cluster_2.yaml index bd673663d..3a9b81b19 100755 --- a/queries/aws_msk_serverless_cluster_2.yaml +++ b/queries/aws_msk_serverless_cluster_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS MSK Serverless Clusters to retrieve detailed + information about each cluster. ID: aws_msk_serverless_cluster_2 -Title: "List all AWS MSK Serverless Clusters Using SQL" -Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_serverless_cluster - where - state <> 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n cluster_name,\n state,\n creation_time\nfrom\n\ + \ aws_msk_serverless_cluster\nwhere\n state <> 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - MSK +Title: List all AWS MSK Serverless Clusters Using SQL diff --git a/queries/aws_msk_serverless_cluster_3.yaml b/queries/aws_msk_serverless_cluster_3.yaml index a7f2b769f..44d266e24 100755 --- a/queries/aws_msk_serverless_cluster_3.yaml +++ b/queries/aws_msk_serverless_cluster_3.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS MSK Serverless Clusters to retrieve detailed + information about each cluster. ID: aws_msk_serverless_cluster_3 -Title: "List all AWS MSK Serverless Clusters with Details" -Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - creation_time - from - aws_msk_serverless_cluster - where - creation_time >= (current_date - interval '90' day) - order by - creation_time; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n cluster_name,\n state,\n creation_time\nfrom\n\ + \ aws_msk_serverless_cluster\nwhere\n creation_time >= (current_date - interval\ + \ '90' day)\norder by\n creation_time;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon MSK +Title: List all AWS MSK Serverless Clusters with Details diff --git a/queries/aws_msk_serverless_cluster_4.yaml b/queries/aws_msk_serverless_cluster_4.yaml index 02db8adce..af4302ee7 100755 --- a/queries/aws_msk_serverless_cluster_4.yaml +++ b/queries/aws_msk_serverless_cluster_4.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS MSK Serverless Clusters to retrieve detailed + information about each cluster. ID: aws_msk_serverless_cluster_4 -Title: "Find all AWS MSK Serverless Cluster details" -Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - vpc ->> 'SubnetIds' as subnet_ids, - vpc ->> 'SecurityGroupIds' as security_group_ids - from - aws_msk_serverless_cluster, - jsonb_array_elements(serverless -> 'VpcConfigs') as vpc - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n cluster_name,\n state,\n vpc ->> 'SubnetIds'\ + \ as subnet_ids,\n vpc ->> 'SecurityGroupIds' as security_group_ids\nfrom\n \ + \ aws_msk_serverless_cluster,\n jsonb_array_elements(serverless -> 'VpcConfigs')\ + \ as vpc" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Managed Streaming for Kafka (MSK) Serverless +Title: Find all AWS MSK Serverless Cluster details diff --git a/queries/aws_msk_serverless_cluster_5.yaml b/queries/aws_msk_serverless_cluster_5.yaml index 281508a37..6dd6557ad 100755 --- a/queries/aws_msk_serverless_cluster_5.yaml +++ b/queries/aws_msk_serverless_cluster_5.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS MSK Serverless Clusters to retrieve detailed + information about each cluster. ID: aws_msk_serverless_cluster_5 -Title: "Find AWS MSK Serverless Clusters with Specific Client Auth" -Description: "Allows users to query AWS MSK Serverless Clusters to retrieve detailed information about each cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - cluster_name, - state, - serverless -> 'ClientAuthentication' as client_authentication - from - aws_msk_serverless_cluster - where - (serverless -> 'ClientAuthentication' -> 'Sasl' -> 'Iam' ->> 'Enabled')::boolean = false; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n cluster_name,\n state,\n serverless -> 'ClientAuthentication'\ + \ as client_authentication\nfrom\n aws_msk_serverless_cluster\nwhere\n (serverless\ + \ -> 'ClientAuthentication' -> 'Sasl' -> 'Iam' ->> 'Enabled')::boolean = false;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Managed Streaming for Kafka (MSK) +Title: Find AWS MSK Serverless Clusters with Specific Client Auth diff --git a/queries/aws_neptune_db_cluster_1.yaml b/queries/aws_neptune_db_cluster_1.yaml index 3639ef2d5..585b4cd00 100755 --- a/queries/aws_neptune_db_cluster_1.yaml +++ b/queries/aws_neptune_db_cluster_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query Amazon Neptune DB clusters for comprehensive information + about their configuration, status, and other relevant details. ID: aws_neptune_db_cluster_1 -Title: "List all configurations and status of Neptune DB Clusters" -Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - allocated_storage, - kms_key_id - from - aws_neptune_db_cluster - where - kms_key_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n allocated_storage,\n kms_key_id\n\ + from\n aws_neptune_db_cluster\nwhere\n kms_key_id is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Neptune +Title: List all configurations and status of Neptune DB Clusters diff --git a/queries/aws_neptune_db_cluster_2.yaml b/queries/aws_neptune_db_cluster_2.yaml index bf8d0c3cf..c3f76d063 100755 --- a/queries/aws_neptune_db_cluster_2.yaml +++ b/queries/aws_neptune_db_cluster_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query Amazon Neptune DB clusters for comprehensive information + about their configuration, status, and other relevant details. ID: aws_neptune_db_cluster_2 -Title: "List all Amazon Neptune DB clusters and their configurations" -Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - backup_retention_period - from - aws_neptune_db_cluster - where - backup_retention_period > 7; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n backup_retention_period\nfrom\n\ + \ aws_neptune_db_cluster\nwhere\n backup_retention_period > 7;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Neptune +Title: List all Amazon Neptune DB clusters and their configurations diff --git a/queries/aws_neptune_db_cluster_3.yaml b/queries/aws_neptune_db_cluster_3.yaml index 61f1a7ae0..302ef6f6f 100755 --- a/queries/aws_neptune_db_cluster_3.yaml +++ b/queries/aws_neptune_db_cluster_3.yaml @@ -1,23 +1,20 @@ +Description: Allows users to query Amazon Neptune DB clusters for comprehensive information + about their configuration, status, and other relevant details. ID: aws_neptune_db_cluster_3 -Title: "List all Amazon Neptune DB Clusters and Their Details" -Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - jsonb_array_length(availability_zones) availability_zones_count - from - aws_neptune_db_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n jsonb_array_length(availability_zones)\ + \ availability_zones_count\nfrom\n aws_neptune_db_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Neptune +Title: List all Amazon Neptune DB Clusters and Their Details diff --git a/queries/aws_neptune_db_cluster_4.yaml b/queries/aws_neptune_db_cluster_4.yaml index 031e84639..a4282e8b1 100755 --- a/queries/aws_neptune_db_cluster_4.yaml +++ b/queries/aws_neptune_db_cluster_4.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query Amazon Neptune DB clusters for comprehensive information + about their configuration, status, and other relevant details. ID: aws_neptune_db_cluster_4 -Title: "Find Amazon Neptune DB Clusters including configuration & status" -Description: "Allows users to query Amazon Neptune DB clusters for comprehensive information about their configuration, status, and other relevant details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - member ->> 'DBClusterParameterGroupStatus' as db_cluster_parameter_group_status, - member ->> 'DBInstanceIdentifier' as db_instance_identifier, - member ->> 'IsClusterWriter' as is_cluster_writer, - member ->> 'PromotionTier' as promotion_tier - from - aws_neptune_db_cluster - cross join jsonb_array_elements(db_cluster_members) as member; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n member ->> 'DBClusterParameterGroupStatus'\ + \ as db_cluster_parameter_group_status,\n member ->> 'DBInstanceIdentifier' as\ + \ db_instance_identifier,\n member ->> 'IsClusterWriter' as is_cluster_writer,\n\ + \ member ->> 'PromotionTier' as promotion_tier\nfrom\n aws_neptune_db_cluster\n\ + \ cross join jsonb_array_elements(db_cluster_members) as member;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Neptune DB +Title: Find Amazon Neptune DB Clusters including configuration & status diff --git a/queries/aws_neptune_db_cluster_snapshot_1.yaml b/queries/aws_neptune_db_cluster_snapshot_1.yaml index 6d4569b28..3d7ad25f6 100755 --- a/queries/aws_neptune_db_cluster_snapshot_1.yaml +++ b/queries/aws_neptune_db_cluster_snapshot_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive + details about their configurations, status, and associated metadata. ID: aws_neptune_db_cluster_snapshot_1 -Title: "List all AWS Neptune DB Cluster Snapshots for metadata" -Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - snapshot_type, - storage_encrypted - from - aws_neptune_db_cluster_snapshot - where - not storage_encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_snapshot_identifier,\n snapshot_type,\n \ + \ storage_encrypted\nfrom\n aws_neptune_db_cluster_snapshot\nwhere\n not storage_encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Neptune +Title: List all AWS Neptune DB Cluster Snapshots for metadata diff --git a/queries/aws_neptune_db_cluster_snapshot_2.yaml b/queries/aws_neptune_db_cluster_snapshot_2.yaml index c8a9c0947..100811dad 100755 --- a/queries/aws_neptune_db_cluster_snapshot_2.yaml +++ b/queries/aws_neptune_db_cluster_snapshot_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive + details about their configurations, status, and associated metadata. ID: aws_neptune_db_cluster_snapshot_2 -Title: "Find all AWS Neptune DB Cluster Snapshots with metadata" -Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - cluster_create_time, - engine, - engine_version, - license_model - from - aws_neptune_db_cluster_snapshot; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_snapshot_identifier,\n cluster_create_time,\n\ + \ engine,\n engine_version,\n license_model\nfrom\n aws_neptune_db_cluster_snapshot;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Neptune +Title: Find all AWS Neptune DB Cluster Snapshots with metadata diff --git a/queries/aws_neptune_db_cluster_snapshot_3.yaml b/queries/aws_neptune_db_cluster_snapshot_3.yaml index 0c8fe6f9f..77fdac979 100755 --- a/queries/aws_neptune_db_cluster_snapshot_3.yaml +++ b/queries/aws_neptune_db_cluster_snapshot_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive + details about their configurations, status, and associated metadata. ID: aws_neptune_db_cluster_snapshot_3 -Title: "List all AWS Neptune DB Cluster Snapshots and Counts" -Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - count(db_cluster_snapshot_identifier) snapshot_count - from - aws_neptune_db_cluster_snapshot - group by - db_cluster_identifier; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n count(db_cluster_snapshot_identifier)\ + \ snapshot_count\nfrom\n aws_neptune_db_cluster_snapshot\ngroup by\n db_cluster_identifier;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Neptune +Title: List all AWS Neptune DB Cluster Snapshots and Counts diff --git a/queries/aws_neptune_db_cluster_snapshot_4.yaml b/queries/aws_neptune_db_cluster_snapshot_4.yaml index 884b0d9ea..0d5f2b4c7 100755 --- a/queries/aws_neptune_db_cluster_snapshot_4.yaml +++ b/queries/aws_neptune_db_cluster_snapshot_4.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive + details about their configurations, status, and associated metadata. ID: aws_neptune_db_cluster_snapshot_4 -Title: "Find all AWS Neptune DB Cluster Snapshot details" -Description: "Allows users to query AWS Neptune DB Cluster Snapshots for comprehensive details about their configurations, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - engine, - snapshot_type - from - aws_neptune_db_cluster_snapshot, - jsonb_array_elements(db_cluster_snapshot_attributes) as cluster_snapshot - where - cluster_snapshot -> 'AttributeValues' = '["all"]'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_snapshot_identifier,\n engine,\n snapshot_type\n\ + from\n aws_neptune_db_cluster_snapshot,\n jsonb_array_elements(db_cluster_snapshot_attributes)\ + \ as cluster_snapshot\nwhere\n cluster_snapshot -> 'AttributeValues' = '[\"all\"\ + ]';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Neptune DB +Title: Find all AWS Neptune DB Cluster Snapshot details diff --git a/queries/aws_networkfirewall_firewall_1.yaml b/queries/aws_networkfirewall_firewall_1.yaml index c8d09a349..2094624b5 100755 --- a/queries/aws_networkfirewall_firewall_1.yaml +++ b/queries/aws_networkfirewall_firewall_1.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Network Firewalls for detailed information + about each firewall''s properties and settings. ID: aws_networkfirewall_firewall_1 -Title: "Find all AWS Network Firewall properties and settings" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - vpc_id, - policy_arn, - region, - tags - from - aws_networkfirewall_firewall; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n name,\n description,\n vpc_id,\n policy_arn,\n\ + \ region,\n tags\nfrom\n aws_networkfirewall_firewall;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: Find all AWS Network Firewall properties and settings diff --git a/queries/aws_networkfirewall_firewall_2.yaml b/queries/aws_networkfirewall_firewall_2.yaml index 4cee93166..57d49089e 100755 --- a/queries/aws_networkfirewall_firewall_2.yaml +++ b/queries/aws_networkfirewall_firewall_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Network Firewalls for detailed information + about each firewall''s properties and settings. ID: aws_networkfirewall_firewall_2 -Title: "Find AWS Network Firewall details including encryption" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - encryption_configuration - from - aws_networkfirewall_firewall - where - encryption_configuration ->> 'Type' = `AWS_OWNED_KMS_KEY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n name,\n description,\n encryption_configuration\n\ + from\n aws_networkfirewall_firewall\nwhere\n encryption_configuration ->> 'Type'\ + \ = `AWS_OWNED_KMS_KEY';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: Find AWS Network Firewall details including encryption diff --git a/queries/aws_networkfirewall_firewall_3.yaml b/queries/aws_networkfirewall_firewall_3.yaml index 471cf5a39..d9faddb5d 100755 --- a/queries/aws_networkfirewall_firewall_3.yaml +++ b/queries/aws_networkfirewall_firewall_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Network Firewalls for detailed information + about each firewall''s properties and settings. ID: aws_networkfirewall_firewall_3 -Title: "Find AWS Network Firewalls for Properties and Settings" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - vpc_id - from - aws_networkfirewall_firewall - where - not delete_protection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n name,\n description,\n vpc_id\nfrom\n aws_networkfirewall_firewall\n\ + where\n not delete_protection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Network Firewall +Title: Find AWS Network Firewalls for Properties and Settings diff --git a/queries/aws_networkfirewall_firewall_4.yaml b/queries/aws_networkfirewall_firewall_4.yaml index b8e738ace..db2289e7a 100755 --- a/queries/aws_networkfirewall_firewall_4.yaml +++ b/queries/aws_networkfirewall_firewall_4.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Network Firewalls for detailed information + about each firewall''s properties and settings. ID: aws_networkfirewall_firewall_4 -Title: "Find All AWS Network Firewalls with Details" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - vpc_id - from - aws_networkfirewall_firewall - where - not policy_change_protection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n name,\n description,\n vpc_id\nfrom\n aws_networkfirewall_firewall\n\ + where\n not policy_change_protection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewalls +Title: Find All AWS Network Firewalls with Details diff --git a/queries/aws_networkfirewall_firewall_5.yaml b/queries/aws_networkfirewall_firewall_5.yaml index 43643af19..003eff080 100755 --- a/queries/aws_networkfirewall_firewall_5.yaml +++ b/queries/aws_networkfirewall_firewall_5.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Network Firewalls for detailed information + about each firewall''s properties and settings. ID: aws_networkfirewall_firewall_5 -Title: "Find AWS Network Firewall Properties and Settings" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - vpc_id - from - aws_networkfirewall_firewall - where - not subnet_change_protection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n name,\n description,\n vpc_id\nfrom\n aws_networkfirewall_firewall\n\ + where\n not subnet_change_protection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: Find AWS Network Firewall Properties and Settings diff --git a/queries/aws_networkfirewall_firewall_6.yaml b/queries/aws_networkfirewall_firewall_6.yaml index 27e60e4ef..eedbf9291 100755 --- a/queries/aws_networkfirewall_firewall_6.yaml +++ b/queries/aws_networkfirewall_firewall_6.yaml @@ -1,36 +1,26 @@ +Description: Allows users to query AWS Network Firewalls for detailed information + about each firewall''s properties and settings. ID: aws_networkfirewall_firewall_6 -Title: "List AWS Network Firewall properties and settings" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.arn, - f.name, - f.vpc_id, - s ->> 'SubnetId' as subnet_id, - cidr_block, - availability_zone, - default_for_az - from - aws_networkfirewall_firewall f, - jsonb_array_elements(subnet_mappings) s, - aws_vpc_subnet vs - where - vs.subnet_id = s ->> 'SubnetId'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n f.arn,\n f.name,\n f.vpc_id,\n s ->> 'SubnetId' as\ + \ subnet_id,\n cidr_block,\n availability_zone,\n default_for_az\nfrom\n aws_networkfirewall_firewall\ + \ f,\n jsonb_array_elements(subnet_mappings) s,\n aws_vpc_subnet vs\nwhere\n\ + \ vs.subnet_id = s ->> 'SubnetId';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: List AWS Network Firewall properties and settings diff --git a/queries/aws_networkfirewall_firewall_7.yaml b/queries/aws_networkfirewall_firewall_7.yaml index 62099048e..414ca25ce 100755 --- a/queries/aws_networkfirewall_firewall_7.yaml +++ b/queries/aws_networkfirewall_firewall_7.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Network Firewalls for detailed information + about each firewall''s properties and settings. ID: aws_networkfirewall_firewall_7 -Title: "Find details of AWS Network Firewalls properties and settings" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.arn, - f.name, - f.vpc_id, - k.arn as key_arn, - key_rotation_enabled - from - aws_networkfirewall_firewall f, - aws_kms_key k - where - k.id = encryption_configuration ->> 'KeyId' - and not f.encryption_configuration ->> 'Type' = `AWS_OWNED_KMS_KEY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n f.arn,\n f.name,\n f.vpc_id,\n k.arn as key_arn,\n\ + \ key_rotation_enabled\nfrom\n aws_networkfirewall_firewall f,\n aws_kms_key\ + \ k\nwhere\n k.id = encryption_configuration ->> 'KeyId'\n and not f.encryption_configuration\ + \ ->> 'Type' = `AWS_OWNED_KMS_KEY';" Tags: cloud_data_security: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: Find details of AWS Network Firewalls properties and settings diff --git a/queries/aws_networkfirewall_firewall_8.yaml b/queries/aws_networkfirewall_firewall_8.yaml index e7d88f5d5..66e2e9b21 100755 --- a/queries/aws_networkfirewall_firewall_8.yaml +++ b/queries/aws_networkfirewall_firewall_8.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Network Firewalls for detailed information + about each firewall''s properties and settings. ID: aws_networkfirewall_firewall_8 -Title: "List all AWS Network Firewalls and Logging configurations" -Description: "Allows users to query AWS Network Firewalls for detailed information about each firewall''s properties and settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - l -> 'LogDestination' as log_destination, - l ->> 'LogDestinationType' as log_destination_type, - l ->> 'LogType' as log_type - from - aws_networkfirewall_firewall, - jsonb_array_elements(logging_configuration) as l; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n l -> 'LogDestination' as log_destination,\n\ + \ l ->> 'LogDestinationType' as log_destination_type,\n l ->> 'LogType' as log_type\n\ + from\n aws_networkfirewall_firewall,\n jsonb_array_elements(logging_configuration)\ + \ as l;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: List all AWS Network Firewalls and Logging configurations diff --git a/queries/aws_networkfirewall_firewall_policy_1.yaml b/queries/aws_networkfirewall_firewall_policy_1.yaml index b9f940997..adad320e7 100755 --- a/queries/aws_networkfirewall_firewall_policy_1.yaml +++ b/queries/aws_networkfirewall_firewall_policy_1.yaml @@ -1,29 +1,21 @@ +Description: '' ID: aws_networkfirewall_firewall_policy_1 -Title: "" -Description: "" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - firewall_policy_status, - region, - tags - from - aws_networkfirewall_firewall_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n name,\n description,\n firewall_policy_status,\n\ + \ region,\n tags\nfrom\n aws_networkfirewall_firewall_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: '' diff --git a/queries/aws_networkfirewall_firewall_policy_2.yaml b/queries/aws_networkfirewall_firewall_policy_2.yaml index c68407d96..95b7a3f44 100755 --- a/queries/aws_networkfirewall_firewall_policy_2.yaml +++ b/queries/aws_networkfirewall_firewall_policy_2.yaml @@ -1,28 +1,20 @@ +Description: '' ID: aws_networkfirewall_firewall_policy_2 -Title: "" -Description: "" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - firewall_policy_status, - encryption_configuration - from - aws_networkfirewall_firewall_policy - where - encryption_configuration ->> 'Type' = `aws_OWNED_KMS_KEY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n name,\n description,\n firewall_policy_status,\n\ + \ encryption_configuration\nfrom\n aws_networkfirewall_firewall_policy\nwhere\ + \ \n encryption_configuration ->> 'Type' = `aws_OWNED_KMS_KEY';" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: '' diff --git a/queries/aws_networkfirewall_firewall_policy_3.yaml b/queries/aws_networkfirewall_firewall_policy_3.yaml index 4a5049ca0..e62816743 100755 --- a/queries/aws_networkfirewall_firewall_policy_3.yaml +++ b/queries/aws_networkfirewall_firewall_policy_3.yaml @@ -1,29 +1,20 @@ +Description: '' ID: aws_networkfirewall_firewall_policy_3 -Title: "" -Description: "" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name, - description, - firewall_policy_status, - region, - tags - from - aws_networkfirewall_firewall_policy - where - firewall_policy_status != 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n name,\n description,\n firewall_policy_status,\n\ + \ region,\n tags\nfrom\n aws_networkfirewall_firewall_policy\nwhere\n firewall_policy_status\ + \ != 'ACTIVE';" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: '' diff --git a/queries/aws_networkfirewall_firewall_policy_4.yaml b/queries/aws_networkfirewall_firewall_policy_4.yaml index e63eb7845..57ee6c3fc 100755 --- a/queries/aws_networkfirewall_firewall_policy_4.yaml +++ b/queries/aws_networkfirewall_firewall_policy_4.yaml @@ -1,28 +1,23 @@ +Description: '' ID: aws_networkfirewall_firewall_policy_4 -Title: "" -Description: "" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name as firewall_policy_name, - firewall_policy_status, - firewall_policy -> 'StatefulDefaultActions' as stateful_default_actions, - firewall_policy -> 'StatefulRuleGroupReferences' as stateful_rule_group_references - from - aws_networkfirewall_firewall_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n name as firewall_policy_name,\n firewall_policy_status,\n\ + \ firewall_policy -> 'StatefulDefaultActions' as stateful_default_actions,\n\ + \ firewall_policy -> 'StatefulRuleGroupReferences' as stateful_rule_group_references\n\ + from\n aws_networkfirewall_firewall_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: '' diff --git a/queries/aws_networkfirewall_firewall_policy_5.yaml b/queries/aws_networkfirewall_firewall_policy_5.yaml index f770bb033..31f7c3145 100755 --- a/queries/aws_networkfirewall_firewall_policy_5.yaml +++ b/queries/aws_networkfirewall_firewall_policy_5.yaml @@ -1,28 +1,23 @@ +Description: '' ID: aws_networkfirewall_firewall_policy_5 -Title: "" -Description: "" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name as firewall_policy_name, - firewall_policy_status, - firewall_policy -> 'StatelessDefaultActions' as stateless_default_actions, - firewall_policy -> 'StatelessRuleGroupReferences' as stateless_rule_group_references - from - aws_networkfirewall_firewall_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n name as firewall_policy_name,\n firewall_policy_status,\n\ + \ firewall_policy -> 'StatelessDefaultActions' as stateless_default_actions,\n\ + \ firewall_policy -> 'StatelessRuleGroupReferences' as stateless_rule_group_references\n\ + from\n aws_networkfirewall_firewall_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - NetworkFirewall +Title: '' diff --git a/queries/aws_networkfirewall_firewall_policy_6.yaml b/queries/aws_networkfirewall_firewall_policy_6.yaml index c95a74dd2..ebc950bfc 100755 --- a/queries/aws_networkfirewall_firewall_policy_6.yaml +++ b/queries/aws_networkfirewall_firewall_policy_6.yaml @@ -1,26 +1,21 @@ +Description: '' ID: aws_networkfirewall_firewall_policy_6 -Title: "" -Description: "" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name as firewall_policy_name, - firewall_policy_status, - firewall_policy -> 'StatelessFragmentDefaultActions' as stateless_default_actions, - firewall_policy -> 'StatelessRuleGroupReferences' as stateless_rule_group_references - from - aws_networkfirewall_firewall_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n name as firewall_policy_name,\n firewall_policy_status,\n\ + \ firewall_policy -> 'StatelessFragmentDefaultActions' as stateless_default_actions,\n\ + \ firewall_policy -> 'StatelessRuleGroupReferences' as stateless_rule_group_references\n\ + from\n aws_networkfirewall_firewall_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws +Title: '' diff --git a/queries/aws_networkfirewall_firewall_policy_7.yaml b/queries/aws_networkfirewall_firewall_policy_7.yaml index 78ced473a..4d9ba2fe4 100755 --- a/queries/aws_networkfirewall_firewall_policy_7.yaml +++ b/queries/aws_networkfirewall_firewall_policy_7.yaml @@ -1,26 +1,21 @@ +Description: '' ID: aws_networkfirewall_firewall_policy_7 -Title: "" -Description: "" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - name as firewall_policy_name, - firewall_policy_status, - firewall_policy -> 'StatelessRuleGroupReferences' ->> 'ActionName' as custom_action_name, - firewall_policy -> 'StatelessRuleGroupReferences' ->> 'ActionDefinition' as custom_action_definition - from - aws_networkfirewall_firewall_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n name as firewall_policy_name,\n firewall_policy_status,\n\ + \ firewall_policy -> 'StatelessRuleGroupReferences' ->> 'ActionName' as custom_action_name,\n\ + \ firewall_policy -> 'StatelessRuleGroupReferences' ->> 'ActionDefinition' as\ + \ custom_action_definition\nfrom\n aws_networkfirewall_firewall_policy;" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: '' diff --git a/queries/aws_networkfirewall_rule_group_1.yaml b/queries/aws_networkfirewall_rule_group_1.yaml index 6d9d554d8..42f3e4819 100755 --- a/queries/aws_networkfirewall_rule_group_1.yaml +++ b/queries/aws_networkfirewall_rule_group_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Network Firewall Rule Group details, including + rule group ARN, capacity, rule group name, and associated tags. ID: aws_networkfirewall_rule_group_1 -Title: "Find AWS Network Firewall Rule Group Details" -Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_group_name, - rule_group_status, - type, - jsonb_pretty(rules_source) as rules_source - from - aws_networkfirewall_rule_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n rule_group_name,\n rule_group_status,\n type,\n jsonb_pretty(rules_source)\ + \ as rules_source\nfrom\n aws_networkfirewall_rule_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: Find AWS Network Firewall Rule Group Details diff --git a/queries/aws_networkfirewall_rule_group_2.yaml b/queries/aws_networkfirewall_rule_group_2.yaml index c66ca9850..1a7d94096 100755 --- a/queries/aws_networkfirewall_rule_group_2.yaml +++ b/queries/aws_networkfirewall_rule_group_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Network Firewall Rule Group details, including + rule group ARN, capacity, rule group name, and associated tags. ID: aws_networkfirewall_rule_group_2 -Title: "Find AWS Network Firewall Rule Group Details" -Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_group_name, - rule_group_status - from - aws_networkfirewall_rule_group - where - number_of_associations = 0; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n rule_group_name,\n rule_group_status\nfrom\n aws_networkfirewall_rule_group\n\ + where\n number_of_associations = 0;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: Find AWS Network Firewall Rule Group Details diff --git a/queries/aws_networkfirewall_rule_group_3.yaml b/queries/aws_networkfirewall_rule_group_3.yaml index 3dbf3fba0..04aa2afc7 100755 --- a/queries/aws_networkfirewall_rule_group_3.yaml +++ b/queries/aws_networkfirewall_rule_group_3.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Network Firewall Rule Group details, including + rule group ARN, capacity, rule group name, and associated tags. ID: aws_networkfirewall_rule_group_3 -Title: "Find AWS Network Firewall Rule Group Details" -Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_group_name, - rule_group_status, - jsonb_pretty(rules_source -> 'StatefulRules') as stateful_rules, - jsonb_pretty(rule_variables) as rule_variables, - stateful_rule_options - from - aws_networkfirewall_rule_group - where - type = 'STATEFUL'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n rule_group_name,\n rule_group_status,\n jsonb_pretty(rules_source\ + \ -> 'StatefulRules') as stateful_rules,\n jsonb_pretty(rule_variables) as rule_variables,\n\ + \ stateful_rule_options\nfrom\n aws_networkfirewall_rule_group\nwhere\n type\ + \ = 'STATEFUL';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: Find AWS Network Firewall Rule Group Details diff --git a/queries/aws_networkfirewall_rule_group_4.yaml b/queries/aws_networkfirewall_rule_group_4.yaml index bd4e087c8..4f11eefed 100755 --- a/queries/aws_networkfirewall_rule_group_4.yaml +++ b/queries/aws_networkfirewall_rule_group_4.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Network Firewall Rule Group details, including + rule group ARN, capacity, rule group name, and associated tags. ID: aws_networkfirewall_rule_group_4 -Title: "List all AWS Network Firewall Rule Group Details" -Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_group_name, - rule_group_status, - jsonb_pretty(rules_source -> 'StatelessRulesAndCustomActions' -> 'StatelessRules') as stateless_rules, - jsonb_pretty(rules_source -> 'StatelessRulesAndCustomActions' -> 'CustomActions') as custom_actions - from - aws_networkfirewall_rule_group - where - type = 'STATELESS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n rule_group_name,\n rule_group_status,\n jsonb_pretty(rules_source\ + \ -> 'StatelessRulesAndCustomActions' -> 'StatelessRules') as stateless_rules,\n\ + \ jsonb_pretty(rules_source -> 'StatelessRulesAndCustomActions' -> 'CustomActions')\ + \ as custom_actions\nfrom\n aws_networkfirewall_rule_group\nwhere\n type = 'STATELESS';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: List all AWS Network Firewall Rule Group Details diff --git a/queries/aws_networkfirewall_rule_group_5.yaml b/queries/aws_networkfirewall_rule_group_5.yaml index af1feb70d..763918b05 100755 --- a/queries/aws_networkfirewall_rule_group_5.yaml +++ b/queries/aws_networkfirewall_rule_group_5.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Network Firewall Rule Group details, including + rule group ARN, capacity, rule group name, and associated tags. ID: aws_networkfirewall_rule_group_5 -Title: "List AWS Network Firewall Rule Group Details" -Description: "Allows users to query AWS Network Firewall Rule Group details, including rule group ARN, capacity, rule group name, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - rule_group_name, - rule_group_status, - number_of_associations - from - aws_networkfirewall_rule_group - where - type = 'STATELESS' and jsonb_array_length(rules_source -> 'StatelessRulesAndCustomActions' -> 'StatelessRules') = 0 - or type = 'STATEFUL' and jsonb_array_length(rules_source -> 'StatefulRules') = 0; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n rule_group_name,\n rule_group_status,\n number_of_associations\n\ + from\n aws_networkfirewall_rule_group\nwhere\n type = 'STATELESS' and jsonb_array_length(rules_source\ + \ -> 'StatelessRulesAndCustomActions' -> 'StatelessRules') = 0\n or type = 'STATEFUL'\ + \ and jsonb_array_length(rules_source -> 'StatefulRules') = 0;" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Network Firewall +Title: List AWS Network Firewall Rule Group Details diff --git a/queries/aws_oam_link_1.yaml b/queries/aws_oam_link_1.yaml index 30528e9ac..3ae773d86 100755 --- a/queries/aws_oam_link_1.yaml +++ b/queries/aws_oam_link_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS OAM Links to gather information about the link + between an AWS resource and an AWS OAM resource. ID: aws_oam_link_1 -Title: "List all AWS OAM resource links" -Description: "Allows users to query AWS OAM Links to gather information about the link between an AWS resource and an AWS OAM resource." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - sink_arn, - label, - resource_types - from - aws_oam_link; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n sink_arn,\n label,\n resource_types\n\ + from\n aws_oam_link;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - OAM +Title: List all AWS OAM resource links diff --git a/queries/aws_oam_link_2.yaml b/queries/aws_oam_link_2.yaml index e2d885878..e29ddacce 100755 --- a/queries/aws_oam_link_2.yaml +++ b/queries/aws_oam_link_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS OAM Links to gather information about the link + between an AWS resource and an AWS OAM resource. ID: aws_oam_link_2 -Title: "List all AWS OAM Links and Their Associated Sinks" -Description: "Allows users to query AWS OAM Links to gather information about the link between an AWS resource and an AWS OAM resource." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - l.id, - l.arn, - s.name as sink_name, - l.sink_arn - from - aws_oam_link as l, - aws_oam_sink as s; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n l.id,\n l.arn,\n s.name as sink_name,\n l.sink_arn\n\ + from\n aws_oam_link as l,\n aws_oam_sink as s;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - OAM +Title: List all AWS OAM Links and Their Associated Sinks diff --git a/queries/aws_oam_link_3.yaml b/queries/aws_oam_link_3.yaml index 4c7f442f9..36ea4243c 100755 --- a/queries/aws_oam_link_3.yaml +++ b/queries/aws_oam_link_3.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS OAM Links to gather information about the link + between an AWS resource and an AWS OAM resource. ID: aws_oam_link_3 -Title: "Find AWS OAM Links Between Resources" -Description: "Allows users to query AWS OAM Links to gather information about the link between an AWS resource and an AWS OAM resource." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - l.id, - l.arn, - l.label, - l.label_template, - r as resource_type - from - aws_oam_link as l, - jsonb_array_elements_text(resource_types) as r - where - r = 'AWS::Logs::LogGroup'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n l.id,\n l.arn,\n l.label,\n l.label_template,\n r\ + \ as resource_type\nfrom\n aws_oam_link as l,\n jsonb_array_elements_text(resource_types)\ + \ as r\nwhere\n r = 'AWS::Logs::LogGroup';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - OAM +Title: Find AWS OAM Links Between Resources diff --git a/queries/aws_oam_sink_1.yaml b/queries/aws_oam_sink_1.yaml index 53f904eb4..2620d58df 100755 --- a/queries/aws_oam_sink_1.yaml +++ b/queries/aws_oam_sink_1.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS OAM Sink data, providing detailed information + about each AWS OAM Sink in your AWS account. ID: aws_oam_sink_1 -Title: "Find AWS OAM Sink data for detailed information" -Description: "Allows users to query AWS OAM Sink data, providing detailed information about each AWS OAM Sink in your AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - tags, - title - from - aws_oam_sink; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n tags,\n title\nfrom\n aws_oam_sink;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - OAM Sink +Title: Find AWS OAM Sink data for detailed information diff --git a/queries/aws_oam_sink_2.yaml b/queries/aws_oam_sink_2.yaml index 9def58146..324dc2771 100755 --- a/queries/aws_oam_sink_2.yaml +++ b/queries/aws_oam_sink_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS OAM Sink data, providing detailed information + about each AWS OAM Sink in your AWS account. ID: aws_oam_sink_2 -Title: "Find AWS OAM Sink Data with Detailed Information" -Description: "Allows users to query AWS OAM Sink data, providing detailed information about each AWS OAM Sink in your AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn - from - aws_oam_sink - where - id = 'hfj44c81-7bdf-3847-r7i3-5dfc61b17483'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn\nfrom\n aws_oam_sink\nwhere\n id\ + \ = 'hfj44c81-7bdf-3847-r7i3-5dfc61b17483';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS OAM Sink +Title: Find AWS OAM Sink Data with Detailed Information diff --git a/queries/aws_opensearch_domain_1.yaml b/queries/aws_opensearch_domain_1.yaml index 3a00c56bb..64428ef31 100755 --- a/queries/aws_opensearch_domain_1.yaml +++ b/queries/aws_opensearch_domain_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS OpenSearch Service Domains for detailed information + on their configuration, status, and associated resources. ID: aws_opensearch_domain_1 -Title: "Find AWS OpenSearch Service Domains Configuration" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - arn, - engine_version, - created - from - aws_opensearch_domain; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n arn,\n engine_version,\n\ + \ created\nfrom\n aws_opensearch_domain;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - OpenSearch Service +Title: Find AWS OpenSearch Service Domains Configuration diff --git a/queries/aws_opensearch_domain_2.yaml b/queries/aws_opensearch_domain_2.yaml index f09c028ce..3f6b67000 100755 --- a/queries/aws_opensearch_domain_2.yaml +++ b/queries/aws_opensearch_domain_2.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS OpenSearch Service Domains for detailed information + on their configuration, status, and associated resources. ID: aws_opensearch_domain_2 -Title: "Find All AWS OpenSearch Service Domains and Their Details" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - encryption_at_rest_options ->> 'Enabled' as enabled, - encryption_at_rest_options ->> 'KmsKeyId' as kms_key_id - from - aws_opensearch_domain - where - encryption_at_rest_options ->> 'Enabled' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n encryption_at_rest_options\ + \ ->> 'Enabled' as enabled,\n encryption_at_rest_options ->> 'KmsKeyId' as kms_key_id\n\ + from\n aws_opensearch_domain\nwhere\n encryption_at_rest_options ->> 'Enabled'\ + \ = 'false';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - OpenSearch Service +Title: Find All AWS OpenSearch Service Domains and Their Details diff --git a/queries/aws_opensearch_domain_3.yaml b/queries/aws_opensearch_domain_3.yaml index a30f16d13..21fc11e61 100755 --- a/queries/aws_opensearch_domain_3.yaml +++ b/queries/aws_opensearch_domain_3.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS OpenSearch Service Domains for detailed information + on their configuration, status, and associated resources. ID: aws_opensearch_domain_3 -Title: "List all AWS OpenSearch Service Domains with SQL" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - ebs_options ->> 'VolumeSize' as volume_size, - ebs_options ->> 'VolumeType' as volume_type, - ebs_options ->> 'EBSEnabled' as ebs_enabled - from - aws_opensearch_domain - where - ebs_options ->> 'EBSEnabled' = 'true'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n ebs_options ->> 'VolumeSize'\ + \ as volume_size,\n ebs_options ->> 'VolumeType' as volume_type,\n ebs_options\ + \ ->> 'EBSEnabled' as ebs_enabled\nfrom\n aws_opensearch_domain\nwhere\n ebs_options\ + \ ->> 'EBSEnabled' = 'true';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - OpenSearch Service +Title: List all AWS OpenSearch Service Domains with SQL diff --git a/queries/aws_opensearch_domain_4.yaml b/queries/aws_opensearch_domain_4.yaml index d6239174d..f03cf16d6 100755 --- a/queries/aws_opensearch_domain_4.yaml +++ b/queries/aws_opensearch_domain_4.yaml @@ -1,32 +1,27 @@ +Description: Allows users to query AWS OpenSearch Service Domains for detailed information + on their configuration, status, and associated resources. ID: aws_opensearch_domain_4 -Title: "List AWS OpenSearch Service Domains and Configurations" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - vpc_options ->> 'AvailabilityZones' as availability_zones, - vpc_options ->> 'SecurityGroupIds' as security_group_ids, - vpc_options ->> 'SubnetIds' as subnet_ids, - vpc_options ->> 'VPCId' as vpc_id - from - aws_opensearch_domain - where - vpc_options ->> 'AvailabilityZones' is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n vpc_options ->> 'AvailabilityZones' as\ + \ availability_zones,\n vpc_options ->> 'SecurityGroupIds' as security_group_ids,\n\ + \ vpc_options ->> 'SubnetIds' as subnet_ids,\n vpc_options ->> 'VPCId' as vpc_id\n\ + from\n aws_opensearch_domain\nwhere\n vpc_options ->> 'AvailabilityZones' is\ + \ not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - OpenSearch Service +Title: List AWS OpenSearch Service Domains and Configurations diff --git a/queries/aws_opensearch_domain_5.yaml b/queries/aws_opensearch_domain_5.yaml index fdd2edfad..d09235913 100755 --- a/queries/aws_opensearch_domain_5.yaml +++ b/queries/aws_opensearch_domain_5.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS OpenSearch Service Domains for detailed information + on their configuration, status, and associated resources. ID: aws_opensearch_domain_5 -Title: "List all AWS OpenSearch Service Domains and Configurations" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - cluster_config ->> 'InstanceType' as instance_type, - cluster_config ->> 'InstanceCount' as instance_count - from - aws_opensearch_domain; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n cluster_config ->> 'InstanceType'\ + \ as instance_type,\n cluster_config ->> 'InstanceCount' as instance_count\n\ + from\n aws_opensearch_domain;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - OpenSearch Service +Title: List all AWS OpenSearch Service Domains and Configurations diff --git a/queries/aws_opensearch_domain_6.yaml b/queries/aws_opensearch_domain_6.yaml index 1cf72cde6..cd14fafc0 100755 --- a/queries/aws_opensearch_domain_6.yaml +++ b/queries/aws_opensearch_domain_6.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS OpenSearch Service Domains for detailed information + on their configuration, status, and associated resources. ID: aws_opensearch_domain_6 -Title: "Find all AWS OpenSearch Service Domains and their details" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - arn, - engine_version, - created - from - aws_opensearch_domain - where - vpc_options is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n arn,\n engine_version,\n\ + \ created\nfrom\n aws_opensearch_domain\nwhere\n vpc_options is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - OpenSearch Service +Title: Find all AWS OpenSearch Service Domains and their details diff --git a/queries/aws_opensearch_domain_7.yaml b/queries/aws_opensearch_domain_7.yaml index e00f1a6f9..b4c8c196a 100755 --- a/queries/aws_opensearch_domain_7.yaml +++ b/queries/aws_opensearch_domain_7.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS OpenSearch Service Domains for detailed information + on their configuration, status, and associated resources. ID: aws_opensearch_domain_7 -Title: "Find AWS OpenSearch Service Domains Configuration" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - log_publishing_options - from - aws_opensearch_domain; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n log_publishing_options\n\ + from\n aws_opensearch_domain;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - OpenSearch Service +Title: Find AWS OpenSearch Service Domains Configuration diff --git a/queries/aws_opensearch_domain_8.yaml b/queries/aws_opensearch_domain_8.yaml index 7b7ec68be..28d097a3a 100755 --- a/queries/aws_opensearch_domain_8.yaml +++ b/queries/aws_opensearch_domain_8.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query AWS OpenSearch Service Domains for detailed information + on their configuration, status, and associated resources. ID: aws_opensearch_domain_8 -Title: "List all AWS OpenSearch Service Domain Configurations" -Description: "Allows users to query AWS OpenSearch Service Domains for detailed information on their configuration, status, and associated resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - domain_id, - log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'Enabled' as enabled, - log_publishing_options -> 'SEARCH_SLOW_LOGS' -> 'CloudWatchLogsLogGroupArn' as cloud_watch_logs_log_group_arn - from - aws_opensearch_domain; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n domain_id,\n log_publishing_options\ + \ -> 'SEARCH_SLOW_LOGS' -> 'Enabled' as enabled,\n log_publishing_options ->\ + \ 'SEARCH_SLOW_LOGS' -> 'CloudWatchLogsLogGroupArn' as cloud_watch_logs_log_group_arn\n\ + from\n aws_opensearch_domain;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - OpenSearch Service +Title: List all AWS OpenSearch Service Domain Configurations diff --git a/queries/aws_organizations_account_1.yaml b/queries/aws_organizations_account_1.yaml index d64f88cf7..ad6533efc 100755 --- a/queries/aws_organizations_account_1.yaml +++ b/queries/aws_organizations_account_1.yaml @@ -1,29 +1,20 @@ +Description: Allows users to query AWS Organizations Account and provides information + about each AWS account that is a member of an organization in AWS Organizations. ID: aws_organizations_account_1 -Title: "List all AWS Organizations Accounts with Details" -Description: "Allows users to query AWS Organizations Account and provides information about each AWS account that is a member of an organization in AWS Organizations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - arn, - email, - joined_method, - joined_timestamp, - name, - status, - tags - from - aws_organizations_account; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n arn,\n email,\n joined_method,\n joined_timestamp,\n\ + \ name,\n status,\n tags\nfrom\n aws_organizations_account;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Organizations +Title: List all AWS Organizations Accounts with Details diff --git a/queries/aws_organizations_account_2.yaml b/queries/aws_organizations_account_2.yaml index 456f79a85..add6cc9ae 100755 --- a/queries/aws_organizations_account_2.yaml +++ b/queries/aws_organizations_account_2.yaml @@ -1,32 +1,22 @@ +Description: Allows users to query AWS Organizations Account and provides information + about each AWS account that is a member of an organization in AWS Organizations. ID: aws_organizations_account_2 -Title: "List all AWS Organizations Account in Suspended Status" -Description: "Allows users to query AWS Organizations Account and provides information about each AWS account that is a member of an organization in AWS Organizations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - email, - joined_method, - joined_timestamp, - status - from - aws_organizations_account - where - status = 'SUSPENDED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n arn,\n email,\n joined_method,\n joined_timestamp,\n\ + \ status\nfrom\n aws_organizations_account\nwhere\n status = 'SUSPENDED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Organizations +Title: List all AWS Organizations Account in Suspended Status diff --git a/queries/aws_organizations_organizational_unit_1.yaml b/queries/aws_organizations_organizational_unit_1.yaml index 6cd89361e..8f237314d 100755 --- a/queries/aws_organizations_organizational_unit_1.yaml +++ b/queries/aws_organizations_organizational_unit_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Organizations Organizational Units and provides + information about each OU. ID: aws_organizations_organizational_unit_1 -Title: "List all AWS Organization Units with Details" -Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - parent_id, - title, - akas - from - aws_organizations_organizational_unit; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n parent_id,\n title,\n akas\n\ + from\n aws_organizations_organizational_unit;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: List all AWS Organization Units with Details diff --git a/queries/aws_organizations_organizational_unit_2.yaml b/queries/aws_organizations_organizational_unit_2.yaml index 3ee0041a6..cbf4faec7 100755 --- a/queries/aws_organizations_organizational_unit_2.yaml +++ b/queries/aws_organizations_organizational_unit_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Organizations Organizational Units and provides + information about each OU. ID: aws_organizations_organizational_unit_2 -Title: "List AWS Organizations Organizational Units" -Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - parent_id, - path - from - aws_organizations_organizational_unit - where - path <@ 'r_wxnb.ou_wxnb_m8l8t123'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n parent_id,\n path\nfrom\n aws_organizations_organizational_unit\n\ + where\n path <@ 'r_wxnb.ou_wxnb_m8l8t123';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: List AWS Organizations Organizational Units diff --git a/queries/aws_organizations_organizational_unit_3.yaml b/queries/aws_organizations_organizational_unit_3.yaml index d9f047406..0708b46f0 100755 --- a/queries/aws_organizations_organizational_unit_3.yaml +++ b/queries/aws_organizations_organizational_unit_3.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Organizations Organizational Units and provides + information about each OU. ID: aws_organizations_organizational_unit_3 -Title: "Find AWS Organizations Organizational Units using SQL" -Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - parent_id, - path - from - aws_organizations_organizational_unit - where - nlevel(path) = 3; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n parent_id,\n path\nfrom\n aws_organizations_organizational_unit\n\ + where\n nlevel(path) = 3;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: Find AWS Organizations Organizational Units using SQL diff --git a/queries/aws_organizations_organizational_unit_4.yaml b/queries/aws_organizations_organizational_unit_4.yaml index 4a5eddaec..b91b860db 100755 --- a/queries/aws_organizations_organizational_unit_4.yaml +++ b/queries/aws_organizations_organizational_unit_4.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Organizations Organizational Units and provides + information about each OU. ID: aws_organizations_organizational_unit_4 -Title: "Find all AWS Organizations Organizational Units" -Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - parent_id, - path - from - aws_organizations_organizational_unit - where - 'r_wxnb.ou_wxnb_m8l123aq.ou_wxnb_5gri123b' @> path; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n parent_id,\n path\nfrom\n aws_organizations_organizational_unit\n\ + where\n 'r_wxnb.ou_wxnb_m8l123aq.ou_wxnb_5gri123b' @> path;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: Find all AWS Organizations Organizational Units diff --git a/queries/aws_organizations_organizational_unit_5.yaml b/queries/aws_organizations_organizational_unit_5.yaml index 84bdfb992..ab877d9fc 100755 --- a/queries/aws_organizations_organizational_unit_5.yaml +++ b/queries/aws_organizations_organizational_unit_5.yaml @@ -1,35 +1,21 @@ +Description: Allows users to query AWS Organizations Organizational Units and provides + information about each OU. ID: aws_organizations_organizational_unit_5 -Title: "Find all AWS Organizations Organizational Units" -Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - parent_id, - path - from - aws_organizations_organizational_unit - where - parent_id = - ( - select - parent_id - from - aws_organizations_organizational_unit - where - name = 'Punisher' - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n parent_id,\n path\nfrom\n aws_organizations_organizational_unit\n\ + where\n parent_id =\n (\n select\n parent_id\n from\n aws_organizations_organizational_unit\n\ + \ where\n name = 'Punisher'\n );" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: Find all AWS Organizations Organizational Units diff --git a/queries/aws_organizations_organizational_unit_6.yaml b/queries/aws_organizations_organizational_unit_6.yaml index b6021c274..54645b127 100755 --- a/queries/aws_organizations_organizational_unit_6.yaml +++ b/queries/aws_organizations_organizational_unit_6.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Organizations Organizational Units and provides + information about each OU. ID: aws_organizations_organizational_unit_6 -Title: "List AWS Organizations Organizational Units" -Description: "Allows users to query AWS Organizations Organizational Units and provides information about each OU." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - parent_id, - path - from - aws_organizations_organizational_unit - where - path ~ 'r_wxnb.*.ou_wxnb_m81234aq.*'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n parent_id,\n path\nfrom\n aws_organizations_organizational_unit\n\ + where\n path ~ 'r_wxnb.*.ou_wxnb_m81234aq.*';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: List AWS Organizations Organizational Units diff --git a/queries/aws_organizations_policy_1.yaml b/queries/aws_organizations_policy_1.yaml index bd816c2ba..0a05fdac4 100755 --- a/queries/aws_organizations_policy_1.yaml +++ b/queries/aws_organizations_policy_1.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Organizations Policy to retrieve detailed information + on policies within AWS Organizations. This table can be utilized to gain insights + on policy-specific details, such as policy type, content, and associated metadata. ID: aws_organizations_policy_1 -Title: "Find AWS Organizations Policy Details with SQL" -Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - aws_managed - from - aws_organizations_policy - where - type = 'SERVICE_CONTROL_POLICY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n type,\n aws_managed\nfrom\n\ + \ aws_organizations_policy\nwhere\n type = 'SERVICE_CONTROL_POLICY';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations Policy +Title: Find AWS Organizations Policy Details with SQL diff --git a/queries/aws_organizations_policy_2.yaml b/queries/aws_organizations_policy_2.yaml index 227614f66..1664606e1 100755 --- a/queries/aws_organizations_policy_2.yaml +++ b/queries/aws_organizations_policy_2.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Organizations Policy to retrieve detailed information + on policies within AWS Organizations. This table can be utilized to gain insights + on policy-specific details, such as policy type, content, and associated metadata. ID: aws_organizations_policy_2 -Title: "List all Tag Policies in AWS Organizations" -Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - type, - aws_managed - from - aws_organizations_policy - where - not aws_managed - and type = 'TAG_POLICY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n arn,\n type,\n aws_managed\nfrom\n\ + \ aws_organizations_policy\nwhere\n not aws_managed\n and type = 'TAG_POLICY';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: List all Tag Policies in AWS Organizations diff --git a/queries/aws_organizations_policy_3.yaml b/queries/aws_organizations_policy_3.yaml index 601fe6240..e585bb799 100755 --- a/queries/aws_organizations_policy_3.yaml +++ b/queries/aws_organizations_policy_3.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Organizations Policy to retrieve detailed information + on policies within AWS Organizations. This table can be utilized to gain insights + on policy-specific details, such as policy type, content, and associated metadata. ID: aws_organizations_policy_3 -Title: "Find all AWS Organizations Backup Policies" -Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - type, - aws_managed - from - aws_organizations_policy - where - type = 'BACKUP_POLICY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n arn,\n type,\n aws_managed\nfrom\n\ + \ aws_organizations_policy\nwhere\n type = 'BACKUP_POLICY';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: Find all AWS Organizations Backup Policies diff --git a/queries/aws_organizations_policy_4.yaml b/queries/aws_organizations_policy_4.yaml index 30668148b..040ea9f8d 100755 --- a/queries/aws_organizations_policy_4.yaml +++ b/queries/aws_organizations_policy_4.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Organizations Policy to retrieve detailed information + on policies within AWS Organizations. This table can be utilized to gain insights + on policy-specific details, such as policy type, content, and associated metadata. ID: aws_organizations_policy_4 -Title: "Find AWS Organizations Policy Details" -Description: "Allows users to query AWS Organizations Policy to retrieve detailed information on policies within AWS Organizations. This table can be utilized to gain insights on policy-specific details, such as policy type, content, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - content ->> 'Version' as policy_version, - content ->> 'Statement' as policy_statement - from - aws_organizations_policy - where - type = 'SERVICE_CONTROL_POLICY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n content ->> 'Version' as policy_version,\n\ + \ content ->> 'Statement' as policy_statement\nfrom\n aws_organizations_policy\n\ + where\n type = 'SERVICE_CONTROL_POLICY';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: Find AWS Organizations Policy Details diff --git a/queries/aws_organizations_policy_target_1.yaml b/queries/aws_organizations_policy_target_1.yaml index bb61bb54c..509fcb03a 100755 --- a/queries/aws_organizations_policy_target_1.yaml +++ b/queries/aws_organizations_policy_target_1.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Organizations Policy Targets to retrieve detailed + information about the application of policies to roots, organizational units (OUs), + and accounts. ID: aws_organizations_policy_target_1 -Title: "List all AWS Organizations Policy Targets and Their Details" -Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - aws_managed - from - aws_organizations_policy_target - where - type = 'SERVICE_CONTROL_POLICY' - and target_id = '123456789098'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n type,\n aws_managed \nfrom\n\ + \ aws_organizations_policy_target \nwhere\n type = 'SERVICE_CONTROL_POLICY'\ + \ \n and target_id = '123456789098';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: List all AWS Organizations Policy Targets and Their Details diff --git a/queries/aws_organizations_policy_target_2.yaml b/queries/aws_organizations_policy_target_2.yaml index c1ca1f88b..657689f30 100755 --- a/queries/aws_organizations_policy_target_2.yaml +++ b/queries/aws_organizations_policy_target_2.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Organizations Policy Targets to retrieve detailed + information about the application of policies to roots, organizational units (OUs), + and accounts. ID: aws_organizations_policy_target_2 -Title: "List AWS Organizations Policy Targets with SQL Query" -Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - type, - aws_managed - from - aws_organizations_policy_target - where - not aws_managed - and type = 'TAG_POLICY' - and target_id = 'ou-jsdhkek'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n arn,\n type,\n aws_managed \nfrom\n\ + \ aws_organizations_policy_target \nwhere\n not aws_managed \n and type = 'TAG_POLICY'\ + \ \n and target_id = 'ou-jsdhkek';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: List AWS Organizations Policy Targets with SQL Query diff --git a/queries/aws_organizations_policy_target_3.yaml b/queries/aws_organizations_policy_target_3.yaml index a07898b06..61578a07d 100755 --- a/queries/aws_organizations_policy_target_3.yaml +++ b/queries/aws_organizations_policy_target_3.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Organizations Policy Targets to retrieve detailed + information about the application of policies to roots, organizational units (OUs), + and accounts. ID: aws_organizations_policy_target_3 -Title: "Find AWS Organizations Policy Targets with SQL" -Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - type, - aws_managed - from - aws_organizations_policy_target - where - type = 'BACKUP_POLICY' - and target_id = '123456789098'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n arn,\n type,\n aws_managed\nfrom\n\ + \ aws_organizations_policy_target\nwhere\n type = 'BACKUP_POLICY'\n and target_id\ + \ = '123456789098';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Organizations +Title: Find AWS Organizations Policy Targets with SQL diff --git a/queries/aws_organizations_policy_target_4.yaml b/queries/aws_organizations_policy_target_4.yaml index 46b2e2a5b..38b249020 100755 --- a/queries/aws_organizations_policy_target_4.yaml +++ b/queries/aws_organizations_policy_target_4.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Organizations Policy Targets to retrieve detailed + information about the application of policies to roots, organizational units (OUs), + and accounts. ID: aws_organizations_policy_target_4 -Title: "Find AWS Organizations Policy Targets Information" -Description: "Allows users to query AWS Organizations Policy Targets to retrieve detailed information about the application of policies to roots, organizational units (OUs), and accounts." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - content ->> 'Version' as policy_version, - content ->> 'Statement' as policy_statement - from - aws_organizations_policy_target - where - type = 'SERVICE_CONTROL_POLICY' - and target_id = 'r-9ijkl7'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n content ->> 'Version' as policy_version,\n\ + \ content ->> 'Statement' as policy_statement\nfrom\n aws_organizations_policy_target\n\ + where\n type = 'SERVICE_CONTROL_POLICY'\n and target_id = 'r-9ijkl7';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: Find AWS Organizations Policy Targets Information diff --git a/queries/aws_organizations_root_1.yaml b/queries/aws_organizations_root_1.yaml index c48840c09..0c0bb8a27 100755 --- a/queries/aws_organizations_root_1.yaml +++ b/queries/aws_organizations_root_1.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS Organizations Root to retrieve detailed information + on AWS Organizations Root account. This table can be utilized to gain insights on + organizations root account. ID: aws_organizations_root_1 -Title: "Find AWS Organization Root Account Detailed Info" -Description: "Allows users to query AWS Organizations Root to retrieve detailed information on AWS Organizations Root account. This table can be utilized to gain insights on organizations root account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn - from - aws_organizations_root; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn\nfrom\n aws_organizations_root;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: Find AWS Organization Root Account Detailed Info diff --git a/queries/aws_organizations_root_2.yaml b/queries/aws_organizations_root_2.yaml index c5803fb80..0d09bc763 100755 --- a/queries/aws_organizations_root_2.yaml +++ b/queries/aws_organizations_root_2.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Organizations Root to retrieve detailed information + on AWS Organizations Root account. This table can be utilized to gain insights on + organizations root account. ID: aws_organizations_root_2 -Title: "Find AWS Organizations Root and Policy Details" -Description: "Allows users to query AWS Organizations Root to retrieve detailed information on AWS Organizations Root account. This table can be utilized to gain insights on organizations root account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - p ->> 'Status' as policy_status, - p ->> 'Type' as policy_type - from - aws_organizations_root, - jsonb_array_elements(policy_types) as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n p ->> 'Status' as policy_status,\n p\ + \ ->> 'Type' as policy_type\nfrom\n aws_organizations_root,\n jsonb_array_elements(policy_types)\ + \ as p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Organizations +Title: Find AWS Organizations Root and Policy Details diff --git a/queries/aws_pinpoint_app_1.yaml b/queries/aws_pinpoint_app_1.yaml index 2d0ffdf49..70f7a7cbb 100755 --- a/queries/aws_pinpoint_app_1.yaml +++ b/queries/aws_pinpoint_app_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Pinpoint Applications to gather information + about the applications, such as application ID, name, and creation date. The table + also provides details about the application''s settings and limits. ID: aws_pinpoint_app_1 -Title: "Find all details of AWS Pinpoint Applications" -Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - arn, - limits - from - aws_pinpoint_app; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n arn,\n limits\nfrom\n aws_pinpoint_app;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Pinpoint +Title: Find all details of AWS Pinpoint Applications diff --git a/queries/aws_pinpoint_app_2.yaml b/queries/aws_pinpoint_app_2.yaml index 0e7c82db1..f90ce11f9 100755 --- a/queries/aws_pinpoint_app_2.yaml +++ b/queries/aws_pinpoint_app_2.yaml @@ -1,24 +1,21 @@ +Description: Allows users to query AWS Pinpoint Applications to gather information + about the applications, such as application ID, name, and creation date. The table + also provides details about the application''s settings and limits. ID: aws_pinpoint_app_2 -Title: "Find AWS Pinpoint Applications and Details" -Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - quiet_time -> 'Start' as start_time, - quiet_time -> 'End' as end_time - from - aws_pinpoint_app; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n quiet_time -> 'Start' as start_time,\n quiet_time\ + \ -> 'End' as end_time\nfrom\n aws_pinpoint_app;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Pinpoint +Title: Find AWS Pinpoint Applications and Details diff --git a/queries/aws_pinpoint_app_3.yaml b/queries/aws_pinpoint_app_3.yaml index c22670555..3e8351799 100755 --- a/queries/aws_pinpoint_app_3.yaml +++ b/queries/aws_pinpoint_app_3.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query AWS Pinpoint Applications to gather information + about the applications, such as application ID, name, and creation date. The table + also provides details about the application''s settings and limits. ID: aws_pinpoint_app_3 -Title: "Find all AWS Pinpoint App details and settings" -Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - campaign_hook -> 'LambdaFunctionName' as lambda_function_name, - campaign_hook -> 'Mode' as mode, - campaign_hook -> 'WebUrl' as web_url - from - aws_pinpoint_app; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n campaign_hook -> 'LambdaFunctionName' as lambda_function_name,\n\ + \ campaign_hook -> 'Mode' as mode,\n campaign_hook -> 'WebUrl' as web_url\n\ + from\n aws_pinpoint_app;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Pinpoint +Title: Find all AWS Pinpoint App details and settings diff --git a/queries/aws_pinpoint_app_4.yaml b/queries/aws_pinpoint_app_4.yaml index 356690285..7d385278a 100755 --- a/queries/aws_pinpoint_app_4.yaml +++ b/queries/aws_pinpoint_app_4.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Pinpoint Applications to gather information + about the applications, such as application ID, name, and creation date. The table + also provides details about the application''s settings and limits. ID: aws_pinpoint_app_4 -Title: "List AWS Pinpoint Application Details and Limits" -Description: "Allows users to query AWS Pinpoint Applications to gather information about the applications, such as application ID, name, and creation date. The table also provides details about the application''s settings and limits." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - limits -> 'Daily' as daily, - limits -> 'Total' as total, - limits -> 'Session' as session, - limits -> 'MaximumDuration' as maximum_duration, - limits -> 'MessagesPerSecond' as messages_per_second - from - aws_pinpoint_app; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n limits -> 'Daily' as daily,\n limits -> 'Total'\ + \ as total,\n limits -> 'Session' as session,\n limits -> 'MaximumDuration'\ + \ as maximum_duration,\n limits -> 'MessagesPerSecond' as messages_per_second\n\ + from\n aws_pinpoint_app;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Pinpoint +Title: List AWS Pinpoint Application Details and Limits diff --git a/queries/aws_pipes_pipe_1.yaml b/queries/aws_pipes_pipe_1.yaml index 97a77dcbc..9188430ff 100755 --- a/queries/aws_pipes_pipe_1.yaml +++ b/queries/aws_pipes_pipe_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Pipes to obtain detailed information about + individual pipes. ID: aws_pipes_pipe_1 -Title: "Find AWS Pipe Details via SQL Query" -Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - current_state, - creation_time, - role_arn - from - aws_pipes_pipe; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n current_state,\n creation_time,\n \ + \ role_arn\nfrom\n aws_pipes_pipe;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Pipes +Title: Find AWS Pipe Details via SQL Query diff --git a/queries/aws_pipes_pipe_2.yaml b/queries/aws_pipes_pipe_2.yaml index 811a24917..a5e771d21 100755 --- a/queries/aws_pipes_pipe_2.yaml +++ b/queries/aws_pipes_pipe_2.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS Pipes to obtain detailed information about + individual pipes. ID: aws_pipes_pipe_2 -Title: "List all AWS Pipes with State Details" -Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - description, - creation_time, - current_state, - desired_state - from - aws_pipes_pipe - where - desired_state <> current_state; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n description,\n creation_time,\n current_state,\n\ + \ desired_state\nfrom\n aws_pipes_pipe\nwhere\n desired_state <> current_state;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Pipes +Title: List all AWS Pipes with State Details diff --git a/queries/aws_pipes_pipe_3.yaml b/queries/aws_pipes_pipe_3.yaml index db2ea8820..dcdaacc98 100755 --- a/queries/aws_pipes_pipe_3.yaml +++ b/queries/aws_pipes_pipe_3.yaml @@ -1,34 +1,31 @@ +Description: Allows users to query AWS Pipes to obtain detailed information about + individual pipes. ID: aws_pipes_pipe_3 -Title: "List all AWS Pipes with Detailed Parameters" -Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - target_parameters ->> 'BatchJobParameters' as batch_job_parameters, - target_parameters ->> 'CloudWatchLogsParameters' as cloudwatch_logs_parameters, - target_parameters ->> 'EcsTaskParameters' as ecs_task_parameters, - target_parameters ->> 'EventBridgeEventBusParameters' as eventbridge_event_bus_parameters, - target_parameters ->> 'HttpParameters' as http_parameters, - target_parameters ->> 'InputTemplate' as input_template, - target_parameters ->> 'KinesisStreamParameters' as kinesis_stream_parameters, - target_parameters ->> 'LambdaFunctionParameters' as lambda_function_parameters, - target_parameters ->> 'RedshiftDataParameters' as redshift_data_parameters, - target_parameters ->> 'SageMakerPipelineParameters' as sage_maker_pipeline_parameters, - target_parameters ->> 'SqsQueueParameters' as sqs_queue_parameters, - target_parameters ->> 'StepFunctionStateMachineParameters' as step_function_state_machine_parameters - from - aws_pipes_pipe; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n target_parameters ->> 'BatchJobParameters' as\ + \ batch_job_parameters,\n target_parameters ->> 'CloudWatchLogsParameters' as\ + \ cloudwatch_logs_parameters,\n target_parameters ->> 'EcsTaskParameters' as\ + \ ecs_task_parameters,\n target_parameters ->> 'EventBridgeEventBusParameters'\ + \ as eventbridge_event_bus_parameters,\n target_parameters ->> 'HttpParameters'\ + \ as http_parameters,\n target_parameters ->> 'InputTemplate' as input_template,\n\ + \ target_parameters ->> 'KinesisStreamParameters' as kinesis_stream_parameters,\n\ + \ target_parameters ->> 'LambdaFunctionParameters' as lambda_function_parameters,\n\ + \ target_parameters ->> 'RedshiftDataParameters' as redshift_data_parameters,\n\ + \ target_parameters ->> 'SageMakerPipelineParameters' as sage_maker_pipeline_parameters,\n\ + \ target_parameters ->> 'SqsQueueParameters' as sqs_queue_parameters,\n target_parameters\ + \ ->> 'StepFunctionStateMachineParameters' as step_function_state_machine_parameters\n\ + from\n aws_pipes_pipe;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Pipes +Title: List all AWS Pipes with Detailed Parameters diff --git a/queries/aws_pipes_pipe_4.yaml b/queries/aws_pipes_pipe_4.yaml index 106e46aa6..8164b7a9d 100755 --- a/queries/aws_pipes_pipe_4.yaml +++ b/queries/aws_pipes_pipe_4.yaml @@ -1,24 +1,21 @@ +Description: Allows users to query AWS Pipes to obtain detailed information about + individual pipes. ID: aws_pipes_pipe_4 -Title: "List All AWS Pipes and Their Details" -Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - enrichment_parameters ->> 'HttpParameters' as http_parameters, - enrichment_parameters ->> 'InputTemplate' as input_template - from - aws_pipes_pipe; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n enrichment_parameters ->> 'HttpParameters' as\ + \ http_parameters,\n enrichment_parameters ->> 'InputTemplate' as input_template\n\ + from\n aws_pipes_pipe;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Pipes +Title: List All AWS Pipes and Their Details diff --git a/queries/aws_pipes_pipe_5.yaml b/queries/aws_pipes_pipe_5.yaml index 175fcb0c9..a884255c6 100755 --- a/queries/aws_pipes_pipe_5.yaml +++ b/queries/aws_pipes_pipe_5.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS Pipes to obtain detailed information about + individual pipes. ID: aws_pipes_pipe_5 -Title: "List AWS Pipes and Their Details Using SQL" -Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - creation_time, - current_state, - desired_state, - enrichment, - target - from - aws_pipes_pipe - where - creation_time >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n creation_time,\n current_state,\n desired_state,\n\ + \ enrichment,\n target\nfrom\n aws_pipes_pipe\nwhere\n creation_time >= now()\ + \ - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Pipes +Title: List AWS Pipes and Their Details Using SQL diff --git a/queries/aws_pipes_pipe_6.yaml b/queries/aws_pipes_pipe_6.yaml index ca1f23345..9d65a078c 100755 --- a/queries/aws_pipes_pipe_6.yaml +++ b/queries/aws_pipes_pipe_6.yaml @@ -1,33 +1,23 @@ +Description: Allows users to query AWS Pipes to obtain detailed information about + individual pipes. ID: aws_pipes_pipe_6 -Title: "List AWS Pipes and Their Associated IAM Roles" -Description: "Allows users to query AWS Pipes to obtain detailed information about individual pipes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - p.name, - r.arn as role_arn, - r.role_id, - r.permissions_boundary_arn, - r.role_last_used_region, - r.inline_policies, - r.assume_role_policy - from - aws_pipes_pipe as p, - aws_iam_role as r - where - p.role_arn = r.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n p.name,\n r.arn as role_arn,\n r.role_id,\n r.permissions_boundary_arn,\n\ + \ r.role_last_used_region,\n r.inline_policies,\n r.assume_role_policy\nfrom\n\ + \ aws_pipes_pipe as p,\n aws_iam_role as r\nwhere\n p.role_arn = r.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Pipes +Title: List AWS Pipes and Their Associated IAM Roles diff --git a/queries/aws_pricing_product_1.yaml b/queries/aws_pricing_product_1.yaml index eb3e58cba..60e490c3a 100755 --- a/queries/aws_pricing_product_1.yaml +++ b/queries/aws_pricing_product_1.yaml @@ -1,46 +1,27 @@ +Description: Allows users to query AWS Pricing Product details such as the product''s + description, pricing details, and associated attributes. ID: aws_pricing_product_1 -Title: "Find AWS Pricing Product Details with Attributes" -Description: "Allows users to query AWS Pricing Product details such as the product''s description, pricing details, and associated attributes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - term, - purchase_option, - lease_contract_length, - unit, - price_per_unit::numeric::money, - currency, - begin_range, - end_range, - effective_date, - description, - attributes ->> 'instanceType', - attributes ->> 'vcpu', - attributes ->> 'memory', - attributes ->> 'operatingSystem', - attributes ->> 'preInstalledSw' - from - aws_pricing_product - where - service_code = 'AmazonEC2' - and filters = '{ - "regionCode": "eu-west-3", - "locationType": "AWS Region", - "instanceType": "c5.2xlarge", - "operatingSystem": "Linux", - "tenancy": "Shared", - "preInstalledSw": "NA", - "capacityStatus": "Used" }'::jsonb; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n term,\n purchase_option,\n lease_contract_length,\n\ + \ unit,\n price_per_unit::numeric::money,\n currency,\n begin_range,\n end_range,\n\ + \ effective_date,\n description,\n attributes ->> 'instanceType',\n attributes\ + \ ->> 'vcpu',\n attributes ->> 'memory',\n attributes ->> 'operatingSystem',\n\ + \ attributes ->> 'preInstalledSw'\nfrom\n aws_pricing_product\nwhere\n service_code\ + \ = 'AmazonEC2'\n and filters = '{\n \"regionCode\": \"eu-west-3\",\n \"locationType\"\ + : \"AWS Region\",\n \"instanceType\": \"c5.2xlarge\",\n \"operatingSystem\"\ + : \"Linux\",\n \"tenancy\": \"Shared\",\n \"preInstalledSw\": \"NA\",\n \"\ + capacityStatus\": \"Used\" }'::jsonb;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Pricing +Title: Find AWS Pricing Product Details with Attributes diff --git a/queries/aws_pricing_product_2.yaml b/queries/aws_pricing_product_2.yaml index b39d569b2..a9ed96866 100755 --- a/queries/aws_pricing_product_2.yaml +++ b/queries/aws_pricing_product_2.yaml @@ -1,40 +1,25 @@ +Description: Allows users to query AWS Pricing Product details such as the product''s + description, pricing details, and associated attributes. ID: aws_pricing_product_2 -Title: "List AWS Pricing Product Details by Service Code and Filters" -Description: "Allows users to query AWS Pricing Product details such as the product''s description, pricing details, and associated attributes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - term, - purchase_option, - lease_contract_length, - unit, - price_per_unit::numeric::money, - currency, - attributes ->> 'instanceType', - attributes ->> 'vcpu', - attributes ->> 'memory', - attributes ->> 'databaseEngine', - attributes ->> 'deploymentOption' - from - aws_pricing_product - where - service_code = 'AmazonRDS' - and filters = '{ - "regionCode": "eu-west-3", - "locationType": "AWS Region", - "instanceType": "db.m5.xlarge", - "databaseEngine": "MySQL", - "deploymentOption": "Single-AZ" }'::jsonb; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n term,\n purchase_option,\n lease_contract_length,\n\ + \ unit,\n price_per_unit::numeric::money,\n currency,\n attributes ->> 'instanceType',\n\ + \ attributes ->> 'vcpu',\n attributes ->> 'memory',\n attributes ->> 'databaseEngine',\n\ + \ attributes ->> 'deploymentOption'\nfrom\n aws_pricing_product\nwhere\n service_code\ + \ = 'AmazonRDS'\n and filters = '{\n \"regionCode\": \"eu-west-3\",\n \"locationType\"\ + : \"AWS Region\",\n \"instanceType\": \"db.m5.xlarge\",\n \"databaseEngine\"\ + : \"MySQL\",\n \"deploymentOption\": \"Single-AZ\" }'::jsonb;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Pricing Product +Title: List AWS Pricing Product Details by Service Code and Filters diff --git a/queries/aws_pricing_product_3.yaml b/queries/aws_pricing_product_3.yaml index f5fb26aa0..57a8ae57a 100755 --- a/queries/aws_pricing_product_3.yaml +++ b/queries/aws_pricing_product_3.yaml @@ -1,40 +1,26 @@ +Description: Allows users to query AWS Pricing Product details such as the product''s + description, pricing details, and associated attributes. ID: aws_pricing_product_3 -Title: "Find AWS ElastiCache Pricing Product with Specific Attributes" -Description: "Allows users to query AWS Pricing Product details such as the product''s description, pricing details, and associated attributes." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - term, - purchase_option, - lease_contract_length, - unit, - price_per_unit::numeric::money, - currency, - attributes ->> 'instanceType', - attributes ->> 'vcpu', - attributes ->> 'memory', - attributes ->> 'cacheEngine' - from - aws_pricing_product - where - service_code = 'AmazonElastiCache' - and filters = '{ - "regionCode": "eu-west-3", - "locationType": "AWS Region", - "instanceType": "cache.m5.xlarge", - "cacheEngine": "Redis" }'::jsonb; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n term,\n purchase_option,\n lease_contract_length,\n\ + \ unit,\n price_per_unit::numeric::money,\n currency,\n attributes ->> 'instanceType',\n\ + \ attributes ->> 'vcpu',\n attributes ->> 'memory',\n attributes ->> 'cacheEngine'\n\ + from\n aws_pricing_product\nwhere\n service_code = 'AmazonElastiCache'\n and\ + \ filters = '{\n \"regionCode\": \"eu-west-3\",\n \"locationType\": \"AWS Region\"\ + ,\n \"instanceType\": \"cache.m5.xlarge\",\n \"cacheEngine\": \"Redis\" }'::jsonb;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Pricing Product +Title: Find AWS ElastiCache Pricing Product with Specific Attributes diff --git a/queries/aws_pricing_service_attribute_1.yaml b/queries/aws_pricing_service_attribute_1.yaml index 20eaa19e1..47116b69c 100755 --- a/queries/aws_pricing_service_attribute_1.yaml +++ b/queries/aws_pricing_service_attribute_1.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS Pricing Service Attributes to gain insights + into product attributes and their respective prices. ID: aws_pricing_service_attribute_1 -Title: "List all AWS Pricing Service Attributes and Prices" -Description: "Allows users to query AWS Pricing Service Attributes to gain insights into product attributes and their respective prices." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_code, - attribute_name, - attribute_values - from - aws_pricing_service_attribute; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_code,\n attribute_name,\n attribute_values\n\ + from\n aws_pricing_service_attribute;" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Pricing Service +Title: List all AWS Pricing Service Attributes and Prices diff --git a/queries/aws_pricing_service_attribute_2.yaml b/queries/aws_pricing_service_attribute_2.yaml index 528644707..e2c314b87 100755 --- a/queries/aws_pricing_service_attribute_2.yaml +++ b/queries/aws_pricing_service_attribute_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Pricing Service Attributes to gain insights + into product attributes and their respective prices. ID: aws_pricing_service_attribute_2 -Title: "List all AWS Pricing Service Attributes" -Description: "Allows users to query AWS Pricing Service Attributes to gain insights into product attributes and their respective prices." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_code, - attribute_name, - attribute_values - from - aws_pricing_service_attribute - where - service_code = 'AWSBackup'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_code,\n attribute_name,\n attribute_values\n\ + from\n aws_pricing_service_attribute\nwhere\n service_code = 'AWSBackup';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Pricing Service +Title: List all AWS Pricing Service Attributes diff --git a/queries/aws_pricing_service_attribute_3.yaml b/queries/aws_pricing_service_attribute_3.yaml index a99fd6af7..432dfd946 100755 --- a/queries/aws_pricing_service_attribute_3.yaml +++ b/queries/aws_pricing_service_attribute_3.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Pricing Service Attributes to gain insights + into product attributes and their respective prices. ID: aws_pricing_service_attribute_3 -Title: "Find AWS Pricing Service Attributes for AWSBackup and termType" -Description: "Allows users to query AWS Pricing Service Attributes to gain insights into product attributes and their respective prices." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_code, - attribute_name, - attribute_values - from - aws_pricing_service_attribute - where - service_code = 'AWSBackup' and attribute_name = 'termType'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_code,\n attribute_name,\n attribute_values\n\ + from\n aws_pricing_service_attribute\nwhere\n service_code = 'AWSBackup' and\ + \ attribute_name = 'termType';" Tags: cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Pricing Service +Title: Find AWS Pricing Service Attributes for AWSBackup and termType diff --git a/queries/aws_ram_principal_association_1.yaml b/queries/aws_ram_principal_association_1.yaml index 12f6f9a81..7cbbc0efc 100755 --- a/queries/aws_ram_principal_association_1.yaml +++ b/queries/aws_ram_principal_association_1.yaml @@ -1,27 +1,28 @@ +Description: Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` + table in Steampipe provides information about principal associations within AWS + Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific + details, including resource share ARN, principal ARN, creation time, and associated + tags. Users can utilize this table to gather insights on principal associations, + such as their status, external status, and more. The schema outlines the various + attributes of the principal association, including the resource share ARN, principal + ARN, creation time, and associated tags. ID: aws_ram_principal_association_1 -Title: "List AWS RAM Principal Associations with SQL" -Description: "Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` table in Steampipe provides information about principal associations within AWS Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific details, including resource share ARN, principal ARN, creation time, and associated tags. Users can utilize this table to gather insights on principal associations, such as their status, external status, and more. The schema outlines the various attributes of the principal association, including the resource share ARN, principal ARN, creation time, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_share_name, - resource_share_arn, - associated_entity, - status - from - aws_ram_principal_association; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_share_name,\n resource_share_arn,\n associated_entity,\n\ + \ status\nfrom\n aws_ram_principal_association;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Resource Access Manager +Title: List AWS RAM Principal Associations with SQL diff --git a/queries/aws_ram_principal_association_2.yaml b/queries/aws_ram_principal_association_2.yaml index e81492044..9d78b41a1 100755 --- a/queries/aws_ram_principal_association_2.yaml +++ b/queries/aws_ram_principal_association_2.yaml @@ -1,29 +1,30 @@ +Description: Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` + table in Steampipe provides information about principal associations within AWS + Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific + details, including resource share ARN, principal ARN, creation time, and associated + tags. Users can utilize this table to gather insights on principal associations, + such as their status, external status, and more. The schema outlines the various + attributes of the principal association, including the resource share ARN, principal + ARN, creation time, and associated tags. ID: aws_ram_principal_association_2 -Title: "List all AWS RAM Principal Associations by SQL Query" -Description: "Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` table in Steampipe provides information about principal associations within AWS Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific details, including resource share ARN, principal ARN, creation time, and associated tags. Users can utilize this table to gather insights on principal associations, such as their status, external status, and more. The schema outlines the various attributes of the principal association, including the resource share ARN, principal ARN, creation time, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_share_name, - resource_share_arn, - associated_entity, - p ->> 'Arn' as resource_share_permission_arn, - p ->> 'Status' as resource_share_permission_status - from - aws_ram_principal_association, - jsonb_array_elements(resource_share_permission) p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_share_name,\n resource_share_arn,\n associated_entity,\n\ + \ p ->> 'Arn' as resource_share_permission_arn,\n p ->> 'Status' as resource_share_permission_status\n\ + from\n aws_ram_principal_association,\n jsonb_array_elements(resource_share_permission)\ + \ p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Resource Access Manager +Title: List all AWS RAM Principal Associations by SQL Query diff --git a/queries/aws_ram_principal_association_3.yaml b/queries/aws_ram_principal_association_3.yaml index 65ef835b9..74362bbc3 100755 --- a/queries/aws_ram_principal_association_3.yaml +++ b/queries/aws_ram_principal_association_3.yaml @@ -1,27 +1,26 @@ +Description: Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` + table in Steampipe provides information about principal associations within AWS + Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific + details, including resource share ARN, principal ARN, creation time, and associated + tags. Users can utilize this table to gather insights on principal associations, + such as their status, external status, and more. The schema outlines the various + attributes of the principal association, including the resource share ARN, principal + ARN, creation time, and associated tags. ID: aws_ram_principal_association_3 -Title: "List all AWS RAM Principal Associations with Failed Status" -Description: "Allows users to query AWS RAM Principal Associations. The `aws_ram_principal_association` table in Steampipe provides information about principal associations within AWS Resource Access Manager (RAM). This table allows DevOps engineers to query principal-specific details, including resource share ARN, principal ARN, creation time, and associated tags. Users can utilize this table to gather insights on principal associations, such as their status, external status, and more. The schema outlines the various attributes of the principal association, including the resource share ARN, principal ARN, creation time, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_share_name, - resource_share_arn, - associated_entity, - status - from - aws_ram_principal_association - where - status = 'FAILED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_share_name,\n resource_share_arn,\n associated_entity,\n\ + \ status\nfrom\n aws_ram_principal_association\nwhere\n status = 'FAILED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Resource Access Manager +Title: List all AWS RAM Principal Associations with Failed Status diff --git a/queries/aws_ram_resource_association_1.yaml b/queries/aws_ram_resource_association_1.yaml index 425adb755..425743e5f 100755 --- a/queries/aws_ram_resource_association_1.yaml +++ b/queries/aws_ram_resource_association_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS RAM Resource Associations to retrieve information + about the associations between resources and resource shares. ID: aws_ram_resource_association_1 -Title: "List all AWS RAM Resource Associations with SQL" -Description: "Allows users to query AWS RAM Resource Associations to retrieve information about the associations between resources and resource shares." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_share_name, - resource_share_arn, - associated_entity, - status - from - aws_ram_resource_association; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_share_name,\n resource_share_arn,\n associated_entity,\n\ + \ status\nfrom\n aws_ram_resource_association;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS RAM +Title: List all AWS RAM Resource Associations with SQL diff --git a/queries/aws_ram_resource_association_2.yaml b/queries/aws_ram_resource_association_2.yaml index f8df7261e..05ccf344b 100755 --- a/queries/aws_ram_resource_association_2.yaml +++ b/queries/aws_ram_resource_association_2.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS RAM Resource Associations to retrieve information + about the associations between resources and resource shares. ID: aws_ram_resource_association_2 -Title: "List AWS RAM Resource Associations and Permissions" -Description: "Allows users to query AWS RAM Resource Associations to retrieve information about the associations between resources and resource shares." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_share_name, - resource_share_arn, - associated_entity, - p ->> 'Arn' as resource_share_permission_arn, - p ->> 'Status' as resource_share_permission_status - from - aws_ram_resource_association, - jsonb_array_elements(resource_share_permission) p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_share_name,\n resource_share_arn,\n associated_entity,\n\ + \ p ->> 'Arn' as resource_share_permission_arn,\n p ->> 'Status' as resource_share_permission_status\n\ + from\n aws_ram_resource_association,\n jsonb_array_elements(resource_share_permission)\ + \ p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS RAM Resource Association +Title: List AWS RAM Resource Associations and Permissions diff --git a/queries/aws_ram_resource_association_3.yaml b/queries/aws_ram_resource_association_3.yaml index 41425eedf..21c4d57e0 100755 --- a/queries/aws_ram_resource_association_3.yaml +++ b/queries/aws_ram_resource_association_3.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS RAM Resource Associations to retrieve information + about the associations between resources and resource shares. ID: aws_ram_resource_association_3 -Title: "Find AWS RAM Resource Associations with SQL Query" -Description: "Allows users to query AWS RAM Resource Associations to retrieve information about the associations between resources and resource shares." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - resource_share_name, - resource_share_arn, - associated_entity, - status - from - aws_ram_resource_association - where - status = 'FAILED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n resource_share_name,\n resource_share_arn,\n associated_entity,\n\ + \ status\nfrom\n aws_ram_resource_association\nwhere\n status = 'FAILED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RAM +Title: Find AWS RAM Resource Associations with SQL Query diff --git a/queries/aws_rds_db_cluster_1.yaml b/queries/aws_rds_db_cluster_1.yaml index 89770d4e5..9ed373878 100755 --- a/queries/aws_rds_db_cluster_1.yaml +++ b/queries/aws_rds_db_cluster_1.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS RDS DB Clusters and retrieve valuable information + about the status, configuration, and security settings of each DB cluster. ID: aws_rds_db_cluster_1 -Title: "Find all AWS RDS DB Clusters: Status & Security Details" -Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - allocated_storage, - kms_key_id - from - aws_rds_db_cluster - where - kms_key_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n allocated_storage,\n kms_key_id\n\ + from\n aws_rds_db_cluster\nwhere\n kms_key_id is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS DB Cluster +Title: 'Find all AWS RDS DB Clusters: Status & Security Details' diff --git a/queries/aws_rds_db_cluster_2.yaml b/queries/aws_rds_db_cluster_2.yaml index b9874e67a..e61b0a4b6 100755 --- a/queries/aws_rds_db_cluster_2.yaml +++ b/queries/aws_rds_db_cluster_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS RDS DB Clusters and retrieve valuable information + about the status, configuration, and security settings of each DB cluster. ID: aws_rds_db_cluster_2 -Title: "List AWS RDS DB Clusters Status and Configurations" -Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - backup_retention_period - from - aws_rds_db_cluster - where - backup_retention_period > 7; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n backup_retention_period\nfrom\n\ + \ aws_rds_db_cluster\nwhere\n backup_retention_period > 7;" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List AWS RDS DB Clusters Status and Configurations diff --git a/queries/aws_rds_db_cluster_3.yaml b/queries/aws_rds_db_cluster_3.yaml index 507847ccc..9b768421e 100755 --- a/queries/aws_rds_db_cluster_3.yaml +++ b/queries/aws_rds_db_cluster_3.yaml @@ -1,23 +1,20 @@ +Description: Allows users to query AWS RDS DB Clusters and retrieve valuable information + about the status, configuration, and security settings of each DB cluster. ID: aws_rds_db_cluster_3 -Title: "Query AWS RDS DB Clusters for Status and Config Details" -Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - jsonb_array_length(availability_zones) availability_zones_count - from - aws_rds_db_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n jsonb_array_length(availability_zones)\ + \ availability_zones_count\nfrom\n aws_rds_db_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS RDS +Title: Query AWS RDS DB Clusters for Status and Config Details diff --git a/queries/aws_rds_db_cluster_4.yaml b/queries/aws_rds_db_cluster_4.yaml index 97a8447bd..2157bf448 100755 --- a/queries/aws_rds_db_cluster_4.yaml +++ b/queries/aws_rds_db_cluster_4.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query AWS RDS DB Clusters and retrieve valuable information + about the status, configuration, and security settings of each DB cluster. ID: aws_rds_db_cluster_4 -Title: "List all AWS RDS DB Clusters status and settings" -Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - member ->> 'DBClusterParameterGroupStatus' as db_cluster_parameter_group_status, - member ->> 'DBInstanceIdentifier' as db_instance_identifier, - member ->> 'IsClusterWriter' as is_cluster_writer, - member ->> 'PromotionTier' as promotion_tier - from - aws_rds_db_cluster - cross join jsonb_array_elements(members) as member; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n member ->> 'DBClusterParameterGroupStatus'\ + \ as db_cluster_parameter_group_status,\n member ->> 'DBInstanceIdentifier' as\ + \ db_instance_identifier,\n member ->> 'IsClusterWriter' as is_cluster_writer,\n\ + \ member ->> 'PromotionTier' as promotion_tier\nfrom\n aws_rds_db_cluster\n\ + \ cross join jsonb_array_elements(members) as member;" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Clusters status and settings diff --git a/queries/aws_rds_db_cluster_5.yaml b/queries/aws_rds_db_cluster_5.yaml index 2e824761b..05240a6c0 100755 --- a/queries/aws_rds_db_cluster_5.yaml +++ b/queries/aws_rds_db_cluster_5.yaml @@ -1,31 +1,27 @@ +Description: Allows users to query AWS RDS DB Clusters and retrieve valuable information + about the status, configuration, and security settings of each DB cluster. ID: aws_rds_db_cluster_5 -Title: "Find AWS RDS DB Clusters Status and Configuration" -Description: "Allows users to query AWS RDS DB Clusters and retrieve valuable information about the status, configuration, and security settings of each DB cluster." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - actions ->> 'ResourceIdentifier' as db_cluster_identifier, - details ->> 'Action' as action, - details ->> 'OptInStatus' as opt_in_status, - details ->> 'ForcedApplyDate' as forced_apply_date, - details ->> 'CurrentApplyDate' as current_apply_date, - details ->> 'AutoAppliedAfterDate' as auto_applied_after_date - from - aws_rds_db_cluster, - jsonb_array_elements(pending_maintenance_actions) as actions, - jsonb_array_elements(actions -> 'PendingMaintenanceActionDetails') as details; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n actions ->> 'ResourceIdentifier' as db_cluster_identifier,\n\ + \ details ->> 'Action' as action,\n details ->> 'OptInStatus' as opt_in_status,\n\ + \ details ->> 'ForcedApplyDate' as forced_apply_date,\n details ->> 'CurrentApplyDate'\ + \ as current_apply_date,\n details ->> 'AutoAppliedAfterDate' as auto_applied_after_date\n\ + from\n aws_rds_db_cluster,\n jsonb_array_elements(pending_maintenance_actions)\ + \ as actions,\n jsonb_array_elements(actions -> 'PendingMaintenanceActionDetails')\ + \ as details;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Clusters Status and Configuration diff --git a/queries/aws_rds_db_cluster_parameter_group_1.yaml b/queries/aws_rds_db_cluster_parameter_group_1.yaml index c117764a7..bab76961b 100755 --- a/queries/aws_rds_db_cluster_parameter_group_1.yaml +++ b/queries/aws_rds_db_cluster_parameter_group_1.yaml @@ -1,26 +1,25 @@ +Description: Allows users to query AWS RDS DB Cluster Parameter Groups, providing + detailed information about each parameter group''s configuration, including its + name, family, description, and ARN. This table can be used to identify unused or + misconfigured parameter groups and to ensure they comply with security and operational + best practices. ID: aws_rds_db_cluster_parameter_group_1 -Title: "Find AWS RDS DB Cluster Parameter Groups Configuration" -Description: "Allows users to query AWS RDS DB Cluster Parameter Groups, providing detailed information about each parameter group''s configuration, including its name, family, description, and ARN. This table can be used to identify unused or misconfigured parameter groups and to ensure they comply with security and operational best practices." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - db_parameter_group_family - from - aws_rds_db_cluster_parameter_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n db_parameter_group_family\n\ + from\n aws_rds_db_cluster_parameter_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Cluster Parameter Groups Configuration diff --git a/queries/aws_rds_db_cluster_parameter_group_2.yaml b/queries/aws_rds_db_cluster_parameter_group_2.yaml index 79f9c791f..f37312f85 100755 --- a/queries/aws_rds_db_cluster_parameter_group_2.yaml +++ b/queries/aws_rds_db_cluster_parameter_group_2.yaml @@ -1,34 +1,30 @@ +Description: Allows users to query AWS RDS DB Cluster Parameter Groups, providing + detailed information about each parameter group''s configuration, including its + name, family, description, and ARN. This table can be used to identify unused or + misconfigured parameter groups and to ensure they comply with security and operational + best practices. ID: aws_rds_db_cluster_parameter_group_2 -Title: "List all AWS RDS DB Cluster Parameter Groups with Details" -Description: "Allows users to query AWS RDS DB Cluster Parameter Groups, providing detailed information about each parameter group''s configuration, including its name, family, description, and ARN. This table can be used to identify unused or misconfigured parameter groups and to ensure they comply with security and operational best practices." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - db_parameter_group_family, - pg ->> 'ParameterName' as parameter_name, - pg ->> 'ParameterValue' as parameter_value, - pg ->> 'AllowedValues' as allowed_values, - pg ->> 'ApplyType' as apply_type, - pg ->> 'IsModifiable' as is_modifiable, - pg ->> 'DataType' as data_type, - pg ->> 'Description' as description, - pg ->> 'MinimumEngineVersion' as minimum_engine_version - from - aws_rds_db_cluster_parameter_group - cross join jsonb_array_elements(parameters) as pg; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n db_parameter_group_family,\n pg ->> 'ParameterName'\ + \ as parameter_name,\n pg ->> 'ParameterValue' as parameter_value,\n pg ->>\ + \ 'AllowedValues' as allowed_values,\n pg ->> 'ApplyType' as apply_type,\n pg\ + \ ->> 'IsModifiable' as is_modifiable,\n pg ->> 'DataType' as data_type,\n pg\ + \ ->> 'Description' as description,\n pg ->> 'MinimumEngineVersion' as minimum_engine_version\n\ + from\n aws_rds_db_cluster_parameter_group\n cross join jsonb_array_elements(parameters)\ + \ as pg;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Cluster Parameter Groups with Details diff --git a/queries/aws_rds_db_cluster_snapshot_1.yaml b/queries/aws_rds_db_cluster_snapshot_1.yaml index 579313407..7a9dff398 100755 --- a/queries/aws_rds_db_cluster_snapshot_1.yaml +++ b/queries/aws_rds_db_cluster_snapshot_1.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS RDS DB Cluster Snapshots for detailed information + on each snapshot, such as the snapshot identifier, creation time, status, and more. ID: aws_rds_db_cluster_snapshot_1 -Title: "Find AWS RDS DB Cluster Snapshot Details" -Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - type, - storage_encrypted, - split_part(kms_key_id, '/', 1) kms_key_id - from - aws_rds_db_cluster_snapshot - where - not storage_encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_snapshot_identifier,\n type,\n storage_encrypted,\n\ + \ split_part(kms_key_id, '/', 1) kms_key_id\nfrom\n aws_rds_db_cluster_snapshot\n\ + where\n not storage_encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Cluster Snapshot Details diff --git a/queries/aws_rds_db_cluster_snapshot_2.yaml b/queries/aws_rds_db_cluster_snapshot_2.yaml index 9949d513a..398806181 100755 --- a/queries/aws_rds_db_cluster_snapshot_2.yaml +++ b/queries/aws_rds_db_cluster_snapshot_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS RDS DB Cluster Snapshots for detailed information + on each snapshot, such as the snapshot identifier, creation time, status, and more. ID: aws_rds_db_cluster_snapshot_2 -Title: "Find AWS RDS DB Cluster Snapshots Detailed Information" -Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - cluster_create_time, - engine, - engine_version, - license_model - from - aws_rds_db_cluster_snapshot; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_snapshot_identifier,\n cluster_create_time,\n\ + \ engine,\n engine_version,\n license_model\nfrom\n aws_rds_db_cluster_snapshot;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Cluster Snapshots Detailed Information diff --git a/queries/aws_rds_db_cluster_snapshot_3.yaml b/queries/aws_rds_db_cluster_snapshot_3.yaml index 264f91ede..eed262f8c 100755 --- a/queries/aws_rds_db_cluster_snapshot_3.yaml +++ b/queries/aws_rds_db_cluster_snapshot_3.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS RDS DB Cluster Snapshots for detailed information + on each snapshot, such as the snapshot identifier, creation time, status, and more. ID: aws_rds_db_cluster_snapshot_3 -Title: "List all AWS RDS DB Cluster Snapshots with Details" -Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_identifier, - count(db_cluster_snapshot_identifier) snapshot_count - from - aws_rds_db_cluster_snapshot - group by - db_cluster_identifier; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_identifier,\n count(db_cluster_snapshot_identifier)\ + \ snapshot_count\nfrom\n aws_rds_db_cluster_snapshot\ngroup by\n db_cluster_identifier;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Cluster Snapshots with Details diff --git a/queries/aws_rds_db_cluster_snapshot_4.yaml b/queries/aws_rds_db_cluster_snapshot_4.yaml index 17c962eca..c5e18041a 100755 --- a/queries/aws_rds_db_cluster_snapshot_4.yaml +++ b/queries/aws_rds_db_cluster_snapshot_4.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS RDS DB Cluster Snapshots for detailed information + on each snapshot, such as the snapshot identifier, creation time, status, and more. ID: aws_rds_db_cluster_snapshot_4 -Title: "List all AWS RDS DB Cluster Snapshots with Details" -Description: "Allows users to query AWS RDS DB Cluster Snapshots for detailed information on each snapshot, such as the snapshot identifier, creation time, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_cluster_snapshot_identifier, - engine, - type - from - aws_rds_db_cluster_snapshot - where - type = 'manual'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_cluster_snapshot_identifier,\n engine,\n type\n\ + from\n aws_rds_db_cluster_snapshot\nwhere\n type = 'manual';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Cluster Snapshots with Details diff --git a/queries/aws_rds_db_engine_version_1.yaml b/queries/aws_rds_db_engine_version_1.yaml index 731134780..16807a400 100755 --- a/queries/aws_rds_db_engine_version_1.yaml +++ b/queries/aws_rds_db_engine_version_1.yaml @@ -1,26 +1,20 @@ +Description: Enables users to query AWS RDS DB Engine Versions to retrieve detailed + information on various database engine versions supported by Amazon RDS. ID: aws_rds_db_engine_version_1 -Title: "Find all AWS RDS DB Engine Versions with SQL" -Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - engine, - engine_version, - db_engine_version_description, - status, - major_engine_version - from - aws_rds_db_engine_version; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n engine,\n engine_version,\n db_engine_version_description,\n\ + \ status,\n major_engine_version\nfrom\n aws_rds_db_engine_version;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: Find all AWS RDS DB Engine Versions with SQL diff --git a/queries/aws_rds_db_engine_version_2.yaml b/queries/aws_rds_db_engine_version_2.yaml index f37d0e54a..c6727d291 100755 --- a/queries/aws_rds_db_engine_version_2.yaml +++ b/queries/aws_rds_db_engine_version_2.yaml @@ -1,26 +1,20 @@ +Description: Enables users to query AWS RDS DB Engine Versions to retrieve detailed + information on various database engine versions supported by Amazon RDS. ID: aws_rds_db_engine_version_2 -Title: "List all AWS RDS DB Engine Versions Supporting Read Replicas" -Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - engine, - engine_version, - supports_read_replica - from - aws_rds_db_engine_version - where - supports_read_replica; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n engine,\n engine_version,\n supports_read_replica\n\ + from\n aws_rds_db_engine_version\nwhere\n supports_read_replica;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Engine Versions Supporting Read Replicas diff --git a/queries/aws_rds_db_engine_version_3.yaml b/queries/aws_rds_db_engine_version_3.yaml index a72958ba7..49070db33 100755 --- a/queries/aws_rds_db_engine_version_3.yaml +++ b/queries/aws_rds_db_engine_version_3.yaml @@ -1,28 +1,22 @@ +Description: Enables users to query AWS RDS DB Engine Versions to retrieve detailed + information on various database engine versions supported by Amazon RDS. ID: aws_rds_db_engine_version_3 -Title: "List all AWS RDS DB Engine Versions with Deprecated Status" -Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - engine, - engine_version, - status - from - aws_rds_db_engine_version - where - status = 'deprecated'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n engine,\n engine_version,\n status\nfrom\n aws_rds_db_engine_version\n\ + where\n status = 'deprecated';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Engine Versions with Deprecated Status diff --git a/queries/aws_rds_db_engine_version_4.yaml b/queries/aws_rds_db_engine_version_4.yaml index 5fb8b1590..acb4ff4c6 100755 --- a/queries/aws_rds_db_engine_version_4.yaml +++ b/queries/aws_rds_db_engine_version_4.yaml @@ -1,26 +1,20 @@ +Description: Enables users to query AWS RDS DB Engine Versions to retrieve detailed + information on various database engine versions supported by Amazon RDS. ID: aws_rds_db_engine_version_4 -Title: "Find AWS RDS DB Engine Versions with Detailed Information" -Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - engine, - engine_version, - supported_feature_names - from - aws_rds_db_engine_version - where - engine_version = 'specific_engine_version'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n engine,\n engine_version,\n supported_feature_names\n\ + from\n aws_rds_db_engine_version\nwhere\n engine_version = 'specific_engine_version';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: Find AWS RDS DB Engine Versions with Detailed Information diff --git a/queries/aws_rds_db_engine_version_5.yaml b/queries/aws_rds_db_engine_version_5.yaml index b05fdbdd6..b9b3ebabb 100755 --- a/queries/aws_rds_db_engine_version_5.yaml +++ b/queries/aws_rds_db_engine_version_5.yaml @@ -1,31 +1,23 @@ +Description: Enables users to query AWS RDS DB Engine Versions to retrieve detailed + information on various database engine versions supported by Amazon RDS. ID: aws_rds_db_engine_version_5 -Title: "List AWS RDS DB Engine Versions with Details" -Description: "Enables users to query AWS RDS DB Engine Versions to retrieve detailed information on various database engine versions supported by Amazon RDS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - engine, - engine_version, - create_time, - status, - db_engine_media_type, - default_only - from - aws_rds_db_engine_version - where - default_only; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n engine,\n engine_version,\n create_time,\n status,\n\ + \ db_engine_media_type,\n default_only\nfrom\n aws_rds_db_engine_version\n\ + where\n default_only;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: List AWS RDS DB Engine Versions with Details diff --git a/queries/aws_rds_db_event_subscription_1.yaml b/queries/aws_rds_db_event_subscription_1.yaml index 4cb38f1ab..1c141e1f5 100755 --- a/queries/aws_rds_db_event_subscription_1.yaml +++ b/queries/aws_rds_db_event_subscription_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS RDS DB Event Subscriptions to retrieve information + about all event subscriptions for RDS DB instances. ID: aws_rds_db_event_subscription_1 -Title: "List all AWS RDS DB Event Subscriptions Information" -Description: "Allows users to query AWS RDS DB Event Subscriptions to retrieve information about all event subscriptions for RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cust_subscription_id, - customer_aws_id, - arn, - status, - enabled - from - aws_rds_db_event_subscription; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cust_subscription_id,\n customer_aws_id,\n arn,\n \ + \ status,\n enabled\nfrom\n aws_rds_db_event_subscription;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Event Subscriptions Information diff --git a/queries/aws_rds_db_event_subscription_2.yaml b/queries/aws_rds_db_event_subscription_2.yaml index 17cdc8e87..a260f5794 100755 --- a/queries/aws_rds_db_event_subscription_2.yaml +++ b/queries/aws_rds_db_event_subscription_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS RDS DB Event Subscriptions to retrieve information + about all event subscriptions for RDS DB instances. ID: aws_rds_db_event_subscription_2 -Title: "Find all AWS RDS DB Event Subscriptions" -Description: "Allows users to query AWS RDS DB Event Subscriptions to retrieve information about all event subscriptions for RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cust_subscription_id, - enabled - from - aws_rds_db_event_subscription - where - enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cust_subscription_id,\n enabled\nfrom\n aws_rds_db_event_subscription\n\ + where\n enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find all AWS RDS DB Event Subscriptions diff --git a/queries/aws_rds_db_instance_1.yaml b/queries/aws_rds_db_instance_1.yaml index 4663609a5..9c7693868 100755 --- a/queries/aws_rds_db_instance_1.yaml +++ b/queries/aws_rds_db_instance_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS RDS DB Instances for detailed information about + the configuration, status, and other metadata associated with each database instance. ID: aws_rds_db_instance_1 -Title: "Find all AWS RDS DB Instances Configuration Status" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - class, - engine, - engine_version, - publicly_accessible - from - aws_rds_db_instance - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n class,\n engine,\n engine_version,\n\ + \ publicly_accessible\nfrom\n aws_rds_db_instance" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find all AWS RDS DB Instances Configuration Status diff --git a/queries/aws_rds_db_instance_10.yaml b/queries/aws_rds_db_instance_10.yaml index ae0b20121..712b14a46 100755 --- a/queries/aws_rds_db_instance_10.yaml +++ b/queries/aws_rds_db_instance_10.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS RDS DB Instances for detailed information about + the configuration, status, and other metadata associated with each database instance. ID: aws_rds_db_instance_10 -Title: "Find AWS RDS DB Instances Configuration and Status" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - certificate ->> 'CertificateArn' as certificate_arn, - certificate ->> 'CertificateType' as certificate_type, - certificate ->> 'ValidFrom' as valid_from, - certificate ->> 'ValidTill' as valid_till - from - aws_rds_db_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n certificate ->> 'CertificateArn' as certificate_arn,\n\ + \ certificate ->> 'CertificateType' as certificate_type,\n certificate ->> 'ValidFrom'\ + \ as valid_from,\n certificate ->> 'ValidTill' as valid_till\nfrom\n aws_rds_db_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Instances Configuration and Status diff --git a/queries/aws_rds_db_instance_11.yaml b/queries/aws_rds_db_instance_11.yaml index a4aaad1a8..136bc84f0 100755 --- a/queries/aws_rds_db_instance_11.yaml +++ b/queries/aws_rds_db_instance_11.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS RDS DB Instances for detailed information about + the configuration, status, and other metadata associated with each database instance. ID: aws_rds_db_instance_11 -Title: "Query AWS RDS DB Instances for Configuration and Status" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - certificate ->> 'CertificateArn' as certificate_arn, - certificate ->> 'CertificateType' as certificate_type, - certificate ->> 'ValidFrom' as valid_from, - certificate ->> 'ValidTill' as valid_till - from - aws_rds_db_instance - where - (certificate ->> 'ValidTill')::timestamp <= (current_date - interval '90' day); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n certificate ->> 'CertificateArn' as certificate_arn,\n\ + \ certificate ->> 'CertificateType' as certificate_type,\n certificate ->> 'ValidFrom'\ + \ as valid_from,\n certificate ->> 'ValidTill' as valid_till\nfrom\n aws_rds_db_instance\n\ + where\n (certificate ->> 'ValidTill')::timestamp <= (current_date - interval\ + \ '90' day);" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Query AWS RDS DB Instances for Configuration and Status diff --git a/queries/aws_rds_db_instance_12.yaml b/queries/aws_rds_db_instance_12.yaml index 60d875354..fff335bc4 100755 --- a/queries/aws_rds_db_instance_12.yaml +++ b/queries/aws_rds_db_instance_12.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS RDS DB Instances for detailed information about + the configuration, status, and other metadata associated with each database instance. ID: aws_rds_db_instance_12 -Title: "Find Detailed Info on AWS RDS DB Instances" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - class, - engine, - engine_version, - kms_key_id, - processor_features - from - aws_rds_db_instance - where - processor_features not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n class,\n engine,\n engine_version,\n\ + \ kms_key_id,\n processor_features\nfrom\n aws_rds_db_instance\nwhere\n processor_features\ + \ not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find Detailed Info on AWS RDS DB Instances diff --git a/queries/aws_rds_db_instance_2.yaml b/queries/aws_rds_db_instance_2.yaml index f9b3e41df..31587d904 100755 --- a/queries/aws_rds_db_instance_2.yaml +++ b/queries/aws_rds_db_instance_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS RDS DB Instances for detailed information about + the configuration, status, and other metadata associated with each database instance. ID: aws_rds_db_instance_2 -Title: "List all AWS RDS DB Instances with Detailed Information" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - publicly_accessible - from - aws_rds_db_instance - where - publicly_accessible; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n publicly_accessible\nfrom\n\ + \ aws_rds_db_instance\nwhere\n publicly_accessible;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Instances with Detailed Information diff --git a/queries/aws_rds_db_instance_3.yaml b/queries/aws_rds_db_instance_3.yaml index b97515dc4..7f4b4fb72 100755 --- a/queries/aws_rds_db_instance_3.yaml +++ b/queries/aws_rds_db_instance_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS RDS DB Instances for detailed information about + the configuration, status, and other metadata associated with each database instance. ID: aws_rds_db_instance_3 -Title: "Find all AWS RDS DB Instances without IAM Auth" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - iam_database_authentication_enabled - from - aws_rds_db_instance - where - not iam_database_authentication_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n iam_database_authentication_enabled\n\ + from\n aws_rds_db_instance\nwhere\n not iam_database_authentication_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find all AWS RDS DB Instances without IAM Auth diff --git a/queries/aws_rds_db_instance_4.yaml b/queries/aws_rds_db_instance_4.yaml index 9f789351f..c48b4dec5 100755 --- a/queries/aws_rds_db_instance_4.yaml +++ b/queries/aws_rds_db_instance_4.yaml @@ -1,32 +1,26 @@ +Description: Allows users to query AWS RDS DB Instances for detailed information about + the configuration, status, and other metadata associated with each database instance. ID: aws_rds_db_instance_4 -Title: "List detailed configuration and status of AWS RDS DB Instances" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier as attached_vpc, - vsg ->> 'VpcSecurityGroupId' as vpc_security_group_id, - vsg ->> 'Status' as status, - sub -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, - sub ->> 'SubnetIdentifier' as subnet_identifier, - sub -> 'SubnetOutpost' ->> 'Arn' as subnet_outpost, - sub ->> 'SubnetStatus' as subnet_status - from - aws_rds_db_instance - cross join jsonb_array_elements(vpc_security_groups) as vsg - cross join jsonb_array_elements(subnets) as sub; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier as attached_vpc,\n vsg ->> 'VpcSecurityGroupId'\ + \ as vpc_security_group_id,\n vsg ->> 'Status' as status,\n sub -> 'SubnetAvailabilityZone'\ + \ ->> 'Name' as subnet_availability_zone,\n sub ->> 'SubnetIdentifier' as subnet_identifier,\n\ + \ sub -> 'SubnetOutpost' ->> 'Arn' as subnet_outpost,\n sub ->> 'SubnetStatus'\ + \ as subnet_status\nfrom\n aws_rds_db_instance\n cross join jsonb_array_elements(vpc_security_groups)\ + \ as vsg\n cross join jsonb_array_elements(subnets) as sub;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS RDS +Title: List detailed configuration and status of AWS RDS DB Instances diff --git a/queries/aws_rds_db_instance_5.yaml b/queries/aws_rds_db_instance_5.yaml index 57690554e..38bd3bc94 100755 --- a/queries/aws_rds_db_instance_5.yaml +++ b/queries/aws_rds_db_instance_5.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS RDS DB Instances for detailed information about + the configuration, status, and other metadata associated with each database instance. ID: aws_rds_db_instance_5 -Title: "List all AWS RDS DB Instances and their metadata" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - class, - engine, - engine_version, - deletion_protection - from - aws_rds_db_instance - where - not deletion_protection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n class,\n engine,\n engine_version,\n\ + \ deletion_protection\nfrom\n aws_rds_db_instance\nwhere\n not deletion_protection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Instances and their metadata diff --git a/queries/aws_rds_db_instance_6.yaml b/queries/aws_rds_db_instance_6.yaml index 174322517..fb8c07910 100755 --- a/queries/aws_rds_db_instance_6.yaml +++ b/queries/aws_rds_db_instance_6.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS RDS DB Instances for detailed information about + the configuration, status, and other metadata associated with each database instance. ID: aws_rds_db_instance_6 -Title: "List all AWS RDS DB Instances with Configuration Data" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - class, - allocated_storage, - deletion_protection - from - aws_rds_db_instance - where - not storage_encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n class,\n allocated_storage,\n\ + \ deletion_protection\nfrom\n aws_rds_db_instance\nwhere\n not storage_encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Instances with Configuration Data diff --git a/queries/aws_rds_db_instance_7.yaml b/queries/aws_rds_db_instance_7.yaml index f6a24dcb7..830ee7027 100755 --- a/queries/aws_rds_db_instance_7.yaml +++ b/queries/aws_rds_db_instance_7.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS RDS DB Instances for detailed information about + the configuration, status, and other metadata associated with each database instance. ID: aws_rds_db_instance_7 -Title: "Find Info on AWS RDS DB Instances' Configuration and Status" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - endpoint_address, - endpoint_hosted_zone_id, - endpoint_port - from - aws_rds_db_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n endpoint_address,\n endpoint_hosted_zone_id,\n\ + \ endpoint_port\nfrom\n aws_rds_db_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find Info on AWS RDS DB Instances' Configuration and Status diff --git a/queries/aws_rds_db_instance_8.yaml b/queries/aws_rds_db_instance_8.yaml index 4f3fb24fa..ea00226c6 100755 --- a/queries/aws_rds_db_instance_8.yaml +++ b/queries/aws_rds_db_instance_8.yaml @@ -1,54 +1,33 @@ +Description: Allows users to query AWS RDS DB Instances for detailed information about + the configuration, status, and other metadata associated with each database instance. ID: aws_rds_db_instance_8 -Title: "List All AWS RDS DB Instances with SSL Parameter Details" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with db_parameter_group as ( - select - name as db_parameter_group_name, - pg ->> 'ParameterName' as parameter_name, - pg ->> 'ParameterValue' as parameter_value - from - aws_rds_db_parameter_group, - jsonb_array_elements(parameters) as pg - where - -- The example is limited to SQL Server, this may change based on DB engine - pg ->> 'ParameterName' like 'rds.force_ssl' - and name not like 'default.%' - ), - rds_associated_parameter_group as ( - select - db_instance_identifier as db_instance_identifier, - arn, - pg ->> 'DBParameterGroupName' as DBParameterGroupName - from - aws_rds_db_instance, - jsonb_array_elements(db_parameter_groups) as pg - where - engine like 'sqlserve%' - ) - select - rds.db_instance_identifier as name, - rds.DBParameterGroupName, - parameter_name, - parameter_value - from - rds_associated_parameter_group as rds - left join db_parameter_group d on rds.DBParameterGroupName = d.db_parameter_group_name - where - parameter_value = '0' - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with db_parameter_group as (\n select\n name as db_parameter_group_name,\n\ + \ pg ->> 'ParameterName' as parameter_name,\n pg ->> 'ParameterValue' as\ + \ parameter_value\n from\n aws_rds_db_parameter_group,\n jsonb_array_elements(parameters)\ + \ as pg\n where\n -- The example is limited to SQL Server, this may change\ + \ based on DB engine\n pg ->> 'ParameterName' like 'rds.force_ssl'\n and\ + \ name not like 'default.%'\n),\n rds_associated_parameter_group as (\n select\n\ + \ db_instance_identifier as db_instance_identifier,\n arn,\n pg ->> 'DBParameterGroupName'\ + \ as DBParameterGroupName\n from\n aws_rds_db_instance,\n jsonb_array_elements(db_parameter_groups)\ + \ as pg\n where\n engine like 'sqlserve%'\n)\nselect\n rds.db_instance_identifier\ + \ as name,\n rds.DBParameterGroupName,\n parameter_name,\n parameter_value\n\ + from\n rds_associated_parameter_group as rds\n left join db_parameter_group\ + \ d on rds.DBParameterGroupName = d.db_parameter_group_name\nwhere\n parameter_value\ + \ = '0'" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List All AWS RDS DB Instances with SSL Parameter Details diff --git a/queries/aws_rds_db_instance_9.yaml b/queries/aws_rds_db_instance_9.yaml index 32aee3df4..ffe5ed268 100755 --- a/queries/aws_rds_db_instance_9.yaml +++ b/queries/aws_rds_db_instance_9.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query AWS RDS DB Instances for detailed information about + the configuration, status, and other metadata associated with each database instance. ID: aws_rds_db_instance_9 -Title: "List all AWS RDS DB Instances with Detailed Information" -Description: "Allows users to query AWS RDS DB Instances for detailed information about the configuration, status, and other metadata associated with each database instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - actions ->> 'ResourceIdentifier' as db_instance_identifier, - details ->> 'Action' as action, - details ->> 'OptInStatus' as opt_in_status, - details ->> 'ForcedApplyDate' as forced_apply_date, - details ->> 'CurrentApplyDate' as current_apply_date, - details ->> 'AutoAppliedAfterDate' as auto_applied_after_date - from - aws_rds_db_instance, - jsonb_array_elements(pending_maintenance_actions) as actions, - jsonb_array_elements(actions -> 'PendingMaintenanceActionDetails') as details; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n actions ->> 'ResourceIdentifier' as db_instance_identifier,\n\ + \ details ->> 'Action' as action,\n details ->> 'OptInStatus' as opt_in_status,\n\ + \ details ->> 'ForcedApplyDate' as forced_apply_date,\n details ->> 'CurrentApplyDate'\ + \ as current_apply_date,\n details ->> 'AutoAppliedAfterDate' as auto_applied_after_date\n\ + from\n aws_rds_db_instance,\n jsonb_array_elements(pending_maintenance_actions)\ + \ as actions,\n jsonb_array_elements(actions -> 'PendingMaintenanceActionDetails')\ + \ as details;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Instances with Detailed Information diff --git a/queries/aws_rds_db_instance_automated_backup_1.yaml b/queries/aws_rds_db_instance_automated_backup_1.yaml index 14c241a8a..2e868a999 100755 --- a/queries/aws_rds_db_instance_automated_backup_1.yaml +++ b/queries/aws_rds_db_instance_automated_backup_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS RDS DB Instance Automated Backups and retrieve + data about automated backups for RDS DB instances. ID: aws_rds_db_instance_automated_backup_1 -Title: "Find AWS RDS DB Instance Automated Backups" -Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - arn, - status, - allocated_storage, - encrypted, - engine - from - aws_rds_db_instance_automated_backup; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n arn,\n status,\n allocated_storage,\n\ + \ encrypted,\n engine\nfrom\n aws_rds_db_instance_automated_backup;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Instance Automated Backups diff --git a/queries/aws_rds_db_instance_automated_backup_2.yaml b/queries/aws_rds_db_instance_automated_backup_2.yaml index 8d312f3bc..db55d8083 100755 --- a/queries/aws_rds_db_instance_automated_backup_2.yaml +++ b/queries/aws_rds_db_instance_automated_backup_2.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS RDS DB Instance Automated Backups and retrieve + data about automated backups for RDS DB instances. ID: aws_rds_db_instance_automated_backup_2 -Title: "Find AWS RDS DB Instance Automated Backups" -Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - arn, - status, - backup_target, - instance_create_time, - encrypted, - engine - from - aws_rds_db_instance_automated_backup - where - not encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n arn,\n status,\n backup_target,\n\ + \ instance_create_time,\n encrypted,\n engine\nfrom\n aws_rds_db_instance_automated_backup\n\ + where\n not encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Instance Automated Backups diff --git a/queries/aws_rds_db_instance_automated_backup_3.yaml b/queries/aws_rds_db_instance_automated_backup_3.yaml index 591452d4a..49ddec176 100755 --- a/queries/aws_rds_db_instance_automated_backup_3.yaml +++ b/queries/aws_rds_db_instance_automated_backup_3.yaml @@ -1,32 +1,25 @@ +Description: Allows users to query AWS RDS DB Instance Automated Backups and retrieve + data about automated backups for RDS DB instances. ID: aws_rds_db_instance_automated_backup_3 -Title: "Find Data on AWS RDS DB Instance Automated Backups" -Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - iam_database_authentication_enabled, - status, - availability_zone, - dbi_resource_id - from - aws_rds_db_instance_automated_backup - where - not iam_database_authentication_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n iam_database_authentication_enabled,\n\ + \ status,\n availability_zone,\n dbi_resource_id\nfrom\n aws_rds_db_instance_automated_backup\n\ + where\n not iam_database_authentication_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find Data on AWS RDS DB Instance Automated Backups diff --git a/queries/aws_rds_db_instance_automated_backup_4.yaml b/queries/aws_rds_db_instance_automated_backup_4.yaml index 9bc32f7e6..727299540 100755 --- a/queries/aws_rds_db_instance_automated_backup_4.yaml +++ b/queries/aws_rds_db_instance_automated_backup_4.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS RDS DB Instance Automated Backups and retrieve + data about automated backups for RDS DB instances. ID: aws_rds_db_instance_automated_backup_4 -Title: "List all Automated Backups for RDS DB Instances" -Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - b.arn, - b.vpc_id, - v.cidr_block, - v.is_default, - v.instance_tenancy - from - aws_rds_db_instance_automated_backup as b, - aws_vpc as v - where - v.vpc_id = b.vpc_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n b.arn,\n b.vpc_id,\n v.cidr_block,\n v.is_default,\n\ + \ v.instance_tenancy\nfrom\n aws_rds_db_instance_automated_backup as b,\n aws_vpc\ + \ as v\nwhere\n v.vpc_id = b.vpc_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all Automated Backups for RDS DB Instances diff --git a/queries/aws_rds_db_instance_automated_backup_5.yaml b/queries/aws_rds_db_instance_automated_backup_5.yaml index 676e58fc6..8bed48723 100755 --- a/queries/aws_rds_db_instance_automated_backup_5.yaml +++ b/queries/aws_rds_db_instance_automated_backup_5.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS RDS DB Instance Automated Backups and retrieve + data about automated backups for RDS DB instances. ID: aws_rds_db_instance_automated_backup_5 -Title: "List All AWS RDS DB Instance Automated Backups" -Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - arn, - engine, - engine_version, - availability_zone, - backup_retention_period, - status - from - aws_rds_db_instance_automated_backup - where - status = 'retained'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n arn,\n engine,\n engine_version,\n\ + \ availability_zone,\n backup_retention_period,\n status\nfrom\n aws_rds_db_instance_automated_backup\n\ + where\n status = 'retained';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List All AWS RDS DB Instance Automated Backups diff --git a/queries/aws_rds_db_instance_automated_backup_6.yaml b/queries/aws_rds_db_instance_automated_backup_6.yaml index 356b4ddc2..8e3404198 100755 --- a/queries/aws_rds_db_instance_automated_backup_6.yaml +++ b/queries/aws_rds_db_instance_automated_backup_6.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS RDS DB Instance Automated Backups and retrieve + data about automated backups for RDS DB instances. ID: aws_rds_db_instance_automated_backup_6 -Title: "Find AWS RDS DB Instance Automated Backups via SQL" -Description: "Allows users to query AWS RDS DB Instance Automated Backups and retrieve data about automated backups for RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - b.db_instance_identifier, - b.arn as automated_backup_arn, - b.engine, - b.kms_key_id, - k.creation_date as kms_key_creation_date, - k.key_state, - k.key_rotation_enabled - from - aws_rds_db_instance_automated_backup as b, - aws_kms_key as k - where - k.id = b.kms_key_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n b.db_instance_identifier,\n b.arn as automated_backup_arn,\n\ + \ b.engine,\n b.kms_key_id,\n k.creation_date as kms_key_creation_date,\n \ + \ k.key_state,\n k.key_rotation_enabled\nfrom\n aws_rds_db_instance_automated_backup\ + \ as b,\n aws_kms_key as k\nwhere\n k.id = b.kms_key_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Instance Automated Backups via SQL diff --git a/queries/aws_rds_db_instance_metric_connections_1.yaml b/queries/aws_rds_db_instance_metric_connections_1.yaml index 77627bb5e..c66a034b7 100755 --- a/queries/aws_rds_db_instance_metric_connections_1.yaml +++ b/queries/aws_rds_db_instance_metric_connections_1.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS RDS DBInstance Metrics for a comprehensive + view of the number of database connections. ID: aws_rds_db_instance_metric_connections_1 -Title: "Find AWS RDS DBInstance Metrics for Database Connections" -Description: "Allows users to query AWS RDS DBInstance Metrics for a comprehensive view of the number of database connections." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_connections - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sample_count\nfrom\n aws_rds_db_instance_metric_connections\n\ + order by\n db_instance_identifier,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DBInstance Metrics for Database Connections diff --git a/queries/aws_rds_db_instance_metric_connections_2.yaml b/queries/aws_rds_db_instance_metric_connections_2.yaml index cdc8d1210..9d4f5f665 100755 --- a/queries/aws_rds_db_instance_metric_connections_2.yaml +++ b/queries/aws_rds_db_instance_metric_connections_2.yaml @@ -1,34 +1,23 @@ +Description: Allows users to query AWS RDS DBInstance Metrics for a comprehensive + view of the number of database connections. ID: aws_rds_db_instance_metric_connections_2 -Title: "Find All AWS RDS DBInstance Connections Metrics" -Description: "Allows users to query AWS RDS DBInstance Metrics for a comprehensive view of the number of database connections." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_connections - where - average > 100 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sample_count\nfrom\n aws_rds_db_instance_metric_connections\n\ + where \n average > 100\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find All AWS RDS DBInstance Connections Metrics diff --git a/queries/aws_rds_db_instance_metric_connections_daily_1.yaml b/queries/aws_rds_db_instance_metric_connections_daily_1.yaml index 544852a09..c0eafb6cc 100755 --- a/queries/aws_rds_db_instance_metric_connections_daily_1.yaml +++ b/queries/aws_rds_db_instance_metric_connections_daily_1.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving + information about the number of database connections. ID: aws_rds_db_instance_metric_connections_daily_1 -Title: "List AWS RDS DB Instance Daily Connections Metrics" -Description: "Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving information about the number of database connections." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_connections_daily - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sample_count\nfrom\n aws_rds_db_instance_metric_connections_daily\n\ + order by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List AWS RDS DB Instance Daily Connections Metrics diff --git a/queries/aws_rds_db_instance_metric_connections_daily_2.yaml b/queries/aws_rds_db_instance_metric_connections_daily_2.yaml index f62688b8f..31feb1b36 100755 --- a/queries/aws_rds_db_instance_metric_connections_daily_2.yaml +++ b/queries/aws_rds_db_instance_metric_connections_daily_2.yaml @@ -1,32 +1,21 @@ +Description: Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving + information about the number of database connections. ID: aws_rds_db_instance_metric_connections_daily_2 -Title: "List All AWS RDS DB Instance Metric Connections Daily" -Description: "Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving information about the number of database connections." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_connections_daily - where - average > 100 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sample_count\nfrom\n aws_rds_db_instance_metric_connections_daily\n\ + where \n average > 100\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS RDS +Title: List All AWS RDS DB Instance Metric Connections Daily diff --git a/queries/aws_rds_db_instance_metric_connections_daily_3.yaml b/queries/aws_rds_db_instance_metric_connections_daily_3.yaml index b6bd62b75..20bfc1ff4 100755 --- a/queries/aws_rds_db_instance_metric_connections_daily_3.yaml +++ b/queries/aws_rds_db_instance_metric_connections_daily_3.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving + information about the number of database connections. ID: aws_rds_db_instance_metric_connections_daily_3 -Title: "List all AWS RDS DB Instances with Zero Connections Daily" -Description: "Allows users to query AWS RDS DB Instance Metrics on a daily basis, retrieving information about the number of database connections." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - sum(maximum) as total_connections - from - aws_rds_db_instance_metric_connections - where - timestamp > (current_date - interval '7' day) - group by - db_instance_identifier - having - sum(maximum) = 0 - ; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n sum(maximum) as total_connections\n\ + from\n aws_rds_db_instance_metric_connections\nwhere \n timestamp > (current_date\ + \ - interval '7' day)\ngroup by\n db_instance_identifier\nhaving\n sum(maximum)\ + \ = 0 \n;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Instances with Zero Connections Daily diff --git a/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml b/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml index 708000b76..4ce873b37 100755 --- a/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml +++ b/queries/aws_rds_db_instance_metric_connections_hourly_1.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS RDS DB Instance Metrics on an hourly basis, + specifically the connection metrics. It provides data about the number of database + connections to each DB instance in your Amazon RDS environment. ID: aws_rds_db_instance_metric_connections_hourly_1 -Title: "List all AWS RDS DB Instance Connection Metrics Hourly" -Description: "Allows users to query AWS RDS DB Instance Metrics on an hourly basis, specifically the connection metrics. It provides data about the number of database connections to each DB instance in your Amazon RDS environment." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_connections_hourly - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sample_count\nfrom\n aws_rds_db_instance_metric_connections_hourly\n\ + order by\n db_instance_identifier,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: List all AWS RDS DB Instance Connection Metrics Hourly diff --git a/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml b/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml index 32f6c86ce..140b2b20f 100755 --- a/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml +++ b/queries/aws_rds_db_instance_metric_connections_hourly_2.yaml @@ -1,32 +1,22 @@ +Description: Allows users to query AWS RDS DB Instance Metrics on an hourly basis, + specifically the connection metrics. It provides data about the number of database + connections to each DB instance in your Amazon RDS environment. ID: aws_rds_db_instance_metric_connections_hourly_2 -Title: "List all AWS RDS DB Instance Connection Metrics Hourly" -Description: "Allows users to query AWS RDS DB Instance Metrics on an hourly basis, specifically the connection metrics. It provides data about the number of database connections to each DB instance in your Amazon RDS environment." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_connections_hourly - where - average > 100 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sample_count\nfrom\n aws_rds_db_instance_metric_connections_hourly\n\ + where \n average > 100\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: List all AWS RDS DB Instance Connection Metrics Hourly diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml index f1dc9b32d..0d1a66ce1 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_1.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query Amazon RDS DBInstanceCPUUtilization to fetch data + about CPU utilization metrics for RDS DB instances. ID: aws_rds_db_instance_metric_cpu_utilization_1 -Title: "List all CPU utilization metrics for RDS DB instances" -Description: "Allows users to query Amazon RDS DBInstanceCPUUtilization to fetch data about CPU utilization metrics for RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sample_count\nfrom\n aws_rds_db_instance_metric_cpu_utilization\n\ + order by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: List all CPU utilization metrics for RDS DB instances diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml index 4c5ea06c4..6977acd92 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_2.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query Amazon RDS DBInstanceCPUUtilization to fetch data + about CPU utilization metrics for RDS DB instances. ID: aws_rds_db_instance_metric_cpu_utilization_2 -Title: "List All Amazon RDS DB Instances with High CPU Utilization" -Description: "Allows users to query Amazon RDS DBInstanceCPUUtilization to fetch data about CPU utilization metrics for RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization - where average > 80 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_rds_db_instance_metric_cpu_utilization\n\ + where average > 80\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: List All Amazon RDS DB Instances with High CPU Utilization diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml index d596c4dd6..9b2209804 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_1.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization + metrics. ID: aws_rds_db_instance_metric_cpu_utilization_daily_1 -Title: "List all AWS RDS DB Instances and daily CPU usage metrics" -Description: "Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization_daily - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sample_count\nfrom\n aws_rds_db_instance_metric_cpu_utilization_daily\n\ + order by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Instances and daily CPU usage metrics diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml index a1aab1b6f..9a1068249 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_2.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization + metrics. ID: aws_rds_db_instance_metric_cpu_utilization_daily_2 -Title: "Find AWS RDS DB Instances with High CPU Utilization" -Description: "Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization_daily - where average > 80 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_rds_db_instance_metric_cpu_utilization_daily\n\ + where average > 80\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Instances with High CPU Utilization diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml index 555ec529d..e208eae42 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_daily_3.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization + metrics. ID: aws_rds_db_instance_metric_cpu_utilization_daily_3 -Title: "Find AWS RDS DB Instances' Daily CPU Utilization Metrics" -Description: "Allows users to query AWS RDS DB Instances to retrieve daily CPU utilization metrics." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization_daily - where average < 2 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_rds_db_instance_metric_cpu_utilization_daily\n\ + where average < 2\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Instances' Daily CPU Utilization Metrics diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml index 7611992b7..f7c63b9d8 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_1.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS RDS DB Instance CPU Utilization Metrics on + an hourly basis. ID: aws_rds_db_instance_metric_cpu_utilization_hourly_1 -Title: "Find AWS RDS DB Instance CPU Utilization Hourly Metrics" -Description: "Allows users to query AWS RDS DB Instance CPU Utilization Metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization_hourly - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sample_count\nfrom\n aws_rds_db_instance_metric_cpu_utilization_hourly\n\ + order by\n db_instance_identifier,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Instance CPU Utilization Hourly Metrics diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml index 64f74f57c..f28cd2b01 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_2.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS RDS DB Instance CPU Utilization Metrics on + an hourly basis. ID: aws_rds_db_instance_metric_cpu_utilization_hourly_2 -Title: "Find AWS RDS Instances with High CPU Utilization" -Description: "Allows users to query AWS RDS DB Instance CPU Utilization Metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization_hourly - where average > 80 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_rds_db_instance_metric_cpu_utilization_hourly\n\ + where average > 80\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS Instances with High CPU Utilization diff --git a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml index dab410916..7def7fac1 100755 --- a/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml +++ b/queries/aws_rds_db_instance_metric_cpu_utilization_hourly_3.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS RDS DB Instance CPU Utilization Metrics on + an hourly basis. ID: aws_rds_db_instance_metric_cpu_utilization_hourly_3 -Title: "Find AWS RDS DB Instance CPU Utilization on Hourly Basis" -Description: "Allows users to query AWS RDS DB Instance CPU Utilization Metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_rds_db_instance_metric_cpu_utilization_hourly - where average < 2 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_rds_db_instance_metric_cpu_utilization_hourly\n\ + where average < 2\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Instance CPU Utilization on Hourly Basis diff --git a/queries/aws_rds_db_instance_metric_read_iops_1.yaml b/queries/aws_rds_db_instance_metric_read_iops_1.yaml index b05da8d2e..fe290e1d3 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_1.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_1.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and + monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS + DB instances. ID: aws_rds_db_instance_metric_read_iops_1 -Title: "Find AWS RDS Read IOPS Metrics for DB Instances" -Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_read_iops\n\ + order by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS Read IOPS Metrics for DB Instances diff --git a/queries/aws_rds_db_instance_metric_read_iops_2.yaml b/queries/aws_rds_db_instance_metric_read_iops_2.yaml index 84d116cb9..0876971ad 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_2.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_2.yaml @@ -1,35 +1,24 @@ +Description: Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and + monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS + DB instances. ID: aws_rds_db_instance_metric_read_iops_2 -Title: "Find Read IOPS Metrics for AWS RDS DB Instances" -Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops - where - average > 1000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_read_iops\n\ + where\n average > 1000\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find Read IOPS Metrics for AWS RDS DB Instances diff --git a/queries/aws_rds_db_instance_metric_read_iops_3.yaml b/queries/aws_rds_db_instance_metric_read_iops_3.yaml index 1762f4bbe..99e166b7d 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_3.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_3.yaml @@ -1,35 +1,24 @@ +Description: Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and + monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS + DB instances. ID: aws_rds_db_instance_metric_read_iops_3 -Title: "Find AWS RDS DBInstance Read IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_read_iops\n\ + where\n maximum > 8000\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: Find AWS RDS DBInstance Read IOPS Metrics diff --git a/queries/aws_rds_db_instance_metric_read_iops_4.yaml b/queries/aws_rds_db_instance_metric_read_iops_4.yaml index e770bd995..76297f6e8 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_4.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_4.yaml @@ -1,39 +1,27 @@ +Description: Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and + monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS + DB instances. ID: aws_rds_db_instance_metric_read_iops_4 -Title: "Find AWS RDS DB Instance Read IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstanceMetricReadIops to retrieve and monitor the read IOPS (Input/Output Operations Per Second) metrics for Amazon RDS DB instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_rds_db_instance_metric_read_iops as r, - aws_rds_db_instance_metric_write_iops as w - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.db_instance_identifier,\n r.timestamp,\n round(r.average)\ + \ + round(w.average) as iops_avg,\n round(r.average) as read_ops_avg,\n round(w.average)\ + \ as write_ops_avg,\n round(r.maximum) + round(w.maximum) as iops_max,\n round(r.maximum)\ + \ as read_ops_max,\n round(w.maximum) as write_ops_max,\n round(r.minimum) +\ + \ round(w.minimum) as iops_min,\n round(r.minimum) as read_ops_min,\n round(w.minimum)\ + \ as write_ops_min\nfrom \n aws_rds_db_instance_metric_read_iops as r,\n aws_rds_db_instance_metric_write_iops\ + \ as w\nwhere \n r.db_instance_identifier = w.db_instance_identifier\n and r.timestamp\ + \ = w.timestamp\norder by\n r.db_instance_identifier,\n r.timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: Find AWS RDS DB Instance Read IOPS Metrics diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml b/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml index ba030cba0..9a3fee340 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_daily_1.yaml @@ -1,33 +1,23 @@ +Description: Allows users to query AWS RDS DBInstance metrics for daily read IOPS + (Input/Output Operations Per Second). ID: aws_rds_db_instance_metric_read_iops_daily_1 -Title: "Find AWS RDS DBInstance daily read IOPS metrics" -Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops_daily - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_read_iops_daily\n\ + order by\n db_instance_identifier,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DBInstance daily read IOPS metrics diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml b/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml index 65554e22f..d03aaa48d 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_daily_2.yaml @@ -1,33 +1,21 @@ +Description: Allows users to query AWS RDS DBInstance metrics for daily read IOPS + (Input/Output Operations Per Second). ID: aws_rds_db_instance_metric_read_iops_daily_2 -Title: "Find AWS RDS DBInstance Metrics for Daily Read IOPS" -Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops_daily - where - average > 1000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_read_iops_daily\n\ + where\n average > 1000\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DBInstance Metrics for Daily Read IOPS diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml b/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml index e5e3365c0..d248e3513 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_daily_3.yaml @@ -1,35 +1,23 @@ +Description: Allows users to query AWS RDS DBInstance metrics for daily read IOPS + (Input/Output Operations Per Second). ID: aws_rds_db_instance_metric_read_iops_daily_3 -Title: "Find AWS RDS DBInstance Metrics for Daily Read IOPS" -Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops_daily - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_read_iops_daily\n\ + where\n maximum > 8000\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DBInstance Metrics for Daily Read IOPS diff --git a/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml b/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml index b627684e4..cbc795da8 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_daily_4.yaml @@ -1,39 +1,27 @@ +Description: Allows users to query AWS RDS DBInstance metrics for daily read IOPS + (Input/Output Operations Per Second). ID: aws_rds_db_instance_metric_read_iops_daily_4 -Title: "List all AWS RDS DBInstance daily read IOPS metrics" -Description: "Allows users to query AWS RDS DBInstance metrics for daily read IOPS (Input/Output Operations Per Second)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_rds_db_instance_metric_read_iops_daily as r, - aws_rds_db_instance_metric_write_iops_daily as w - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.db_instance_identifier,\n r.timestamp,\n round(r.average)\ + \ + round(w.average) as iops_avg,\n round(r.average) as read_ops_avg,\n round(w.average)\ + \ as write_ops_avg,\n round(r.maximum) + round(w.maximum) as iops_max,\n round(r.maximum)\ + \ as read_ops_max,\n round(w.maximum) as write_ops_max,\n round(r.minimum) +\ + \ round(w.minimum) as iops_min,\n round(r.minimum) as read_ops_min,\n round(w.minimum)\ + \ as write_ops_min\nfrom \n aws_rds_db_instance_metric_read_iops_daily as r,\n\ + \ aws_rds_db_instance_metric_write_iops_daily as w\nwhere \n r.db_instance_identifier\ + \ = w.db_instance_identifier\n and r.timestamp = w.timestamp\norder by\n r.db_instance_identifier,\n\ + \ r.timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DBInstance daily read IOPS metrics diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml b/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml index 3a95552b7..8c8073e2f 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_1.yaml @@ -1,33 +1,23 @@ +Description: Allows users to query AWS RDS DB Instances and retrieve hourly metrics + related to read IOPS (Input/Output Operations Per Second). ID: aws_rds_db_instance_metric_read_iops_hourly_1 -Title: "List all AWS RDS DB Instances with Read IOPS Metrics" -Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops_hourly - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_read_iops_hourly\n\ + order by\n db_instance_identifier,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Instances with Read IOPS Metrics diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml b/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml index c04f28851..eaa90ac8a 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_2.yaml @@ -1,35 +1,23 @@ +Description: Allows users to query AWS RDS DB Instances and retrieve hourly metrics + related to read IOPS (Input/Output Operations Per Second). ID: aws_rds_db_instance_metric_read_iops_hourly_2 -Title: "Find AWS RDS DB Instances Hourly Read IOPS Over 1000" -Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops_hourly - where - average > 1000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_read_iops_hourly\n\ + where\n average > 1000\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Instances Hourly Read IOPS Over 1000 diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml b/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml index 5d3afbd8e..fff23cbdf 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_3.yaml @@ -1,33 +1,21 @@ +Description: Allows users to query AWS RDS DB Instances and retrieve hourly metrics + related to read IOPS (Input/Output Operations Per Second). ID: aws_rds_db_instance_metric_read_iops_hourly_3 -Title: "Find AWS RDS DB Instances Reading Over 8000 IOPS" -Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_read_iops_hourly - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_read_iops_hourly\n\ + where\n maximum > 8000\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Instances Reading Over 8000 IOPS diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml b/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml index bbffcc81d..0964a23b4 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_4.yaml @@ -1,39 +1,28 @@ +Description: Allows users to query AWS RDS DB Instances and retrieve hourly metrics + related to read IOPS (Input/Output Operations Per Second). ID: aws_rds_db_instance_metric_read_iops_hourly_4 -Title: "Find AWS RDS Instances Hourly Read IOPS Metrics" -Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - v.iops as provisioned_iops, - round(r.average) +round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg - from - aws_rds_db_instance_metric_read_iops_hourly as r, - aws_rds_db_instance_metric_write_iops_hourly as w, - aws_rds_db_instance as v - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - and v.db_instance_identifier = r.db_instance_identifier - and r.average + w.average > v.iops - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.db_instance_identifier,\n r.timestamp,\n v.iops\ + \ as provisioned_iops,\n round(r.average) +round(w.average) as iops_avg,\n round(r.average)\ + \ as read_ops_avg,\n round(w.average) as write_ops_avg\nfrom \n aws_rds_db_instance_metric_read_iops_hourly\ + \ as r,\n aws_rds_db_instance_metric_write_iops_hourly as w,\n aws_rds_db_instance\ + \ as v\nwhere \n r.db_instance_identifier = w.db_instance_identifier\n and r.timestamp\ + \ = w.timestamp\n and v.db_instance_identifier = r.db_instance_identifier \n\ + \ and r.average + w.average > v.iops\norder by\n r.db_instance_identifier,\n\ + \ r.timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS Instances Hourly Read IOPS Metrics diff --git a/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml b/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml index a16467fb5..6e5b093c6 100755 --- a/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml +++ b/queries/aws_rds_db_instance_metric_read_iops_hourly_5.yaml @@ -1,41 +1,29 @@ +Description: Allows users to query AWS RDS DB Instances and retrieve hourly metrics + related to read IOPS (Input/Output Operations Per Second). ID: aws_rds_db_instance_metric_read_iops_hourly_5 -Title: "List all AWS RDS DB Instances with Hourly Read IOPS Metrics" -Description: "Allows users to query AWS RDS DB Instances and retrieve hourly metrics related to read IOPS (Input/Output Operations Per Second)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_rds_db_instance_metric_read_iops_hourly as r, - aws_rds_db_instance_metric_write_iops_hourly as w - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.db_instance_identifier,\n r.timestamp,\n round(r.average)\ + \ + round(w.average) as iops_avg,\n round(r.average) as read_ops_avg,\n round(w.average)\ + \ as write_ops_avg,\n round(r.maximum) + round(w.maximum) as iops_max,\n round(r.maximum)\ + \ as read_ops_max,\n round(w.maximum) as write_ops_max,\n round(r.minimum) +\ + \ round(w.minimum) as iops_min,\n round(r.minimum) as read_ops_min,\n round(w.minimum)\ + \ as write_ops_min\nfrom \n aws_rds_db_instance_metric_read_iops_hourly as r,\n\ + \ aws_rds_db_instance_metric_write_iops_hourly as w\nwhere \n r.db_instance_identifier\ + \ = w.db_instance_identifier\n and r.timestamp = w.timestamp\norder by\n r.db_instance_identifier,\n\ + \ r.timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Instances with Hourly Read IOPS Metrics diff --git a/queries/aws_rds_db_instance_metric_write_iops_1.yaml b/queries/aws_rds_db_instance_metric_write_iops_1.yaml index be8224a97..2a5534751 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_1.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_1.yaml @@ -1,33 +1,23 @@ +Description: Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics + on the write input/output operations per second. ID: aws_rds_db_instance_metric_write_iops_1 -Title: "List AWS RDS DBInstance Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_write_iops\n\ + order by\n db_instance_identifier,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS DBInstance +Title: List AWS RDS DBInstance Write IOPS Metrics diff --git a/queries/aws_rds_db_instance_metric_write_iops_2.yaml b/queries/aws_rds_db_instance_metric_write_iops_2.yaml index d4a1f131e..89470afc8 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_2.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_2.yaml @@ -1,33 +1,21 @@ +Description: Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics + on the write input/output operations per second. ID: aws_rds_db_instance_metric_write_iops_2 -Title: "Find AWS RDS DBInstance Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops - where - average > 1000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_write_iops\n\ + where\n average > 1000\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS RDS +Title: Find AWS RDS DBInstance Write IOPS Metrics diff --git a/queries/aws_rds_db_instance_metric_write_iops_3.yaml b/queries/aws_rds_db_instance_metric_write_iops_3.yaml index 36be59e09..ca3b83b7d 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_3.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_3.yaml @@ -1,33 +1,21 @@ +Description: Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics + on the write input/output operations per second. ID: aws_rds_db_instance_metric_write_iops_3 -Title: "List AWS RDS DBInstance Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_write_iops\n\ + where\n maximum > 8000\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List AWS RDS DBInstance Write IOPS Metrics diff --git a/queries/aws_rds_db_instance_metric_write_iops_4.yaml b/queries/aws_rds_db_instance_metric_write_iops_4.yaml index 5509b4c42..3da0d958e 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_4.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_4.yaml @@ -1,39 +1,26 @@ +Description: Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics + on the write input/output operations per second. ID: aws_rds_db_instance_metric_write_iops_4 -Title: "Find AWS RDS Write IOPS Metrics Using SQL" -Description: "Allows users to query AWS RDS DBInstance Write IOPS to retrieve metrics on the write input/output operations per second." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_rds_db_instance_metric_read_iops as r, - aws_rds_db_instance_metric_write_iops as w - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.db_instance_identifier,\n r.timestamp,\n round(r.average)\ + \ + round(w.average) as iops_avg,\n round(r.average) as read_ops_avg,\n round(w.average)\ + \ as write_ops_avg,\n round(r.maximum) + round(w.maximum) as iops_max,\n round(r.maximum)\ + \ as read_ops_max,\n round(w.maximum) as write_ops_max,\n round(r.minimum) +\ + \ round(w.minimum) as iops_min,\n round(r.minimum) as read_ops_min,\n round(w.minimum)\ + \ as write_ops_min\nfrom \n aws_rds_db_instance_metric_read_iops as r,\n aws_rds_db_instance_metric_write_iops\ + \ as w\nwhere \n r.db_instance_identifier = w.db_instance_identifier\n and r.timestamp\ + \ = w.timestamp\norder by\n r.db_instance_identifier,\n r.timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS Write IOPS Metrics Using SQL diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml b/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml index 6d399695b..841623156 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_daily_1.yaml @@ -1,31 +1,20 @@ +Description: Allows users to query AWS RDS DBInstance metrics for daily write IOPS. ID: aws_rds_db_instance_metric_write_iops_daily_1 -Title: "List Daily Write IOPS for AWS RDS DBInstances" -Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops_daily - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_write_iops_daily\n\ + order by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List Daily Write IOPS for AWS RDS DBInstances diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml b/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml index 4c0702f7d..5ba5f2c5a 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_daily_2.yaml @@ -1,35 +1,22 @@ +Description: Allows users to query AWS RDS DBInstance metrics for daily write IOPS. ID: aws_rds_db_instance_metric_write_iops_daily_2 -Title: "List all AWS RDS DBInstance Daily Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops_daily - where - average > 1000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_write_iops_daily\n\ + where\n average > 1000\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DBInstance Daily Write IOPS Metrics diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml b/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml index 9b2c84503..e90afc73e 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_daily_3.yaml @@ -1,33 +1,20 @@ +Description: Allows users to query AWS RDS DBInstance metrics for daily write IOPS. ID: aws_rds_db_instance_metric_write_iops_daily_3 -Title: "List AWS RDS DBInstance Daily Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops_daily - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_write_iops_daily\n\ + where\n maximum > 8000\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List AWS RDS DBInstance Daily Write IOPS Metrics diff --git a/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml b/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml index 8272b882e..052f11998 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_daily_4.yaml @@ -1,39 +1,26 @@ +Description: Allows users to query AWS RDS DBInstance metrics for daily write IOPS. ID: aws_rds_db_instance_metric_write_iops_daily_4 -Title: "List all AWS RDS DBInstance Daily Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance metrics for daily write IOPS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_rds_db_instance_metric_read_iops_daily as r, - aws_rds_db_instance_metric_write_iops_daily as w - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.db_instance_identifier,\n r.timestamp,\n round(r.average)\ + \ + round(w.average) as iops_avg,\n round(r.average) as read_ops_avg,\n round(w.average)\ + \ as write_ops_avg,\n round(r.maximum) + round(w.maximum) as iops_max,\n round(r.maximum)\ + \ as read_ops_max,\n round(w.maximum) as write_ops_max,\n round(r.minimum) +\ + \ round(w.minimum) as iops_min,\n round(r.minimum) as read_ops_min,\n round(w.minimum)\ + \ as write_ops_min\nfrom \n aws_rds_db_instance_metric_read_iops_daily as r,\n\ + \ aws_rds_db_instance_metric_write_iops_daily as w\nwhere \n r.db_instance_identifier\ + \ = w.db_instance_identifier\n and r.timestamp = w.timestamp\norder by\n r.db_instance_identifier,\n\ + \ r.timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DBInstance Daily Write IOPS Metrics diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml b/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml index 100d56d36..ae47904ab 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_1.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly + basis. ID: aws_rds_db_instance_metric_write_iops_hourly_1 -Title: "List All AWS RDS DBInstance Write IOPS Metrics Hourly" -Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops_hourly - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_write_iops_hourly\n\ + order by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List All AWS RDS DBInstance Write IOPS Metrics Hourly diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml b/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml index 05ecce3d2..fc76f9718 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_2.yaml @@ -1,33 +1,21 @@ +Description: Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly + basis. ID: aws_rds_db_instance_metric_write_iops_hourly_2 -Title: "Find AWS RDS DBInstance Write IOPS Metrics Hourly" -Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops_hourly - where - average > 1000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_write_iops_hourly\n\ + where\n average > 1000\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DBInstance Write IOPS Metrics Hourly diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml b/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml index 0c070c047..017ecb4fe 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_3.yaml @@ -1,33 +1,21 @@ +Description: Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly + basis. ID: aws_rds_db_instance_metric_write_iops_hourly_3 -Title: "Find AWS RDS DBInstance Write IOPS Metrics Hourly" -Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_instance_identifier, - timestamp, - minimum, - maximum, - average, - sum, - sample_count - from - aws_rds_db_instance_metric_write_iops_hourly - where - maximum > 8000 - order by - db_instance_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_instance_identifier,\n timestamp,\n minimum,\n \ + \ maximum,\n average,\n sum,\n sample_count\nfrom\n aws_rds_db_instance_metric_write_iops_hourly\n\ + where\n maximum > 8000\norder by\n db_instance_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DBInstance Write IOPS Metrics Hourly diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml b/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml index 5cbf91bb6..32c89cf10 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_4.yaml @@ -1,39 +1,28 @@ +Description: Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly + basis. ID: aws_rds_db_instance_metric_write_iops_hourly_4 -Title: "List AWS RDS DBInstance Hourly Write IOPS Metrics" -Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - v.iops as provisioned_iops, - round(r.average) +round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg - from - aws_rds_db_instance_metric_read_iops_hourly as r, - aws_rds_db_instance_metric_write_iops_hourly as w, - aws_rds_db_instance as v - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - and v.db_instance_identifier = r.db_instance_identifier - and r.average + w.average > v.iops - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.db_instance_identifier,\n r.timestamp,\n v.iops\ + \ as provisioned_iops,\n round(r.average) +round(w.average) as iops_avg,\n round(r.average)\ + \ as read_ops_avg,\n round(w.average) as write_ops_avg\nfrom \n aws_rds_db_instance_metric_read_iops_hourly\ + \ as r,\n aws_rds_db_instance_metric_write_iops_hourly as w,\n aws_rds_db_instance\ + \ as v\nwhere \n r.db_instance_identifier = w.db_instance_identifier\n and r.timestamp\ + \ = w.timestamp\n and v.db_instance_identifier = r.db_instance_identifier \n\ + \ and r.average + w.average > v.iops\norder by\n r.db_instance_identifier,\n\ + \ r.timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List AWS RDS DBInstance Hourly Write IOPS Metrics diff --git a/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml b/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml index 03c88cf2d..c55275372 100755 --- a/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml +++ b/queries/aws_rds_db_instance_metric_write_iops_hourly_5.yaml @@ -1,41 +1,29 @@ +Description: Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly + basis. ID: aws_rds_db_instance_metric_write_iops_hourly_5 -Title: "Find AWS RDS DBInstance Write IOPS Metrics Hourly" -Description: "Allows users to query AWS RDS DBInstance write IOPS metrics on an hourly basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.db_instance_identifier, - r.timestamp, - round(r.average) + round(w.average) as iops_avg, - round(r.average) as read_ops_avg, - round(w.average) as write_ops_avg, - round(r.maximum) + round(w.maximum) as iops_max, - round(r.maximum) as read_ops_max, - round(w.maximum) as write_ops_max, - round(r.minimum) + round(w.minimum) as iops_min, - round(r.minimum) as read_ops_min, - round(w.minimum) as write_ops_min - from - aws_rds_db_instance_metric_read_iops_hourly as r, - aws_rds_db_instance_metric_write_iops_hourly as w - where - r.db_instance_identifier = w.db_instance_identifier - and r.timestamp = w.timestamp - order by - r.db_instance_identifier, - r.timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n r.db_instance_identifier,\n r.timestamp,\n round(r.average)\ + \ + round(w.average) as iops_avg,\n round(r.average) as read_ops_avg,\n round(w.average)\ + \ as write_ops_avg,\n round(r.maximum) + round(w.maximum) as iops_max,\n round(r.maximum)\ + \ as read_ops_max,\n round(w.maximum) as write_ops_max,\n round(r.minimum) +\ + \ round(w.minimum) as iops_min,\n round(r.minimum) as read_ops_min,\n round(w.minimum)\ + \ as write_ops_min\nfrom \n aws_rds_db_instance_metric_read_iops_hourly as r,\n\ + \ aws_rds_db_instance_metric_write_iops_hourly as w\nwhere \n r.db_instance_identifier\ + \ = w.db_instance_identifier\n and r.timestamp = w.timestamp\norder by\n r.db_instance_identifier,\n\ + \ r.timestamp;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DBInstance Write IOPS Metrics Hourly diff --git a/queries/aws_rds_db_option_group_1.yaml b/queries/aws_rds_db_option_group_1.yaml index 4ac313e10..f1f7f6f80 100755 --- a/queries/aws_rds_db_option_group_1.yaml +++ b/queries/aws_rds_db_option_group_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS RDS DB Option Groups and provides information + about the option groups within Amazon Relational Database Service (RDS). ID: aws_rds_db_option_group_1 -Title: "List all AWS RDS DB Option Groups with details" -Description: "Allows users to query AWS RDS DB Option Groups and provides information about the option groups within Amazon Relational Database Service (RDS)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - engine_name, - major_engine_version, - vpc_id - from - aws_rds_db_option_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n engine_name,\n major_engine_version,\n\ + \ vpc_id\nfrom\n aws_rds_db_option_group;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Relational Database Service +Title: List all AWS RDS DB Option Groups with details diff --git a/queries/aws_rds_db_option_group_2.yaml b/queries/aws_rds_db_option_group_2.yaml index ab22a1923..cc4120c50 100755 --- a/queries/aws_rds_db_option_group_2.yaml +++ b/queries/aws_rds_db_option_group_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS RDS DB Option Groups and provides information + about the option groups within Amazon Relational Database Service (RDS). ID: aws_rds_db_option_group_2 -Title: "List all AWS RDS DB Option Groups with SQL" -Description: "Allows users to query AWS RDS DB Option Groups and provides information about the option groups within Amazon Relational Database Service (RDS)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - engine_name, - allows_vpc_and_non_vpc_instance_memberships - from - aws_rds_db_option_group - where - allows_vpc_and_non_vpc_instance_memberships; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n engine_name,\n allows_vpc_and_non_vpc_instance_memberships\n\ + from\n aws_rds_db_option_group\nwhere\n allows_vpc_and_non_vpc_instance_memberships;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Relational Database Service +Title: List all AWS RDS DB Option Groups with SQL diff --git a/queries/aws_rds_db_option_group_3.yaml b/queries/aws_rds_db_option_group_3.yaml index 78b27b662..70b8f8ff8 100755 --- a/queries/aws_rds_db_option_group_3.yaml +++ b/queries/aws_rds_db_option_group_3.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS RDS DB Option Groups and provides information + about the option groups within Amazon Relational Database Service (RDS). ID: aws_rds_db_option_group_3 -Title: "Find AWS RDS DB Option Groups within Amazon RDS" -Description: "Allows users to query AWS RDS DB Option Groups and provides information about the option groups within Amazon Relational Database Service (RDS)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - option ->> 'OptionName' as option_name, - option -> 'Permanent' as Permanent, - option -> 'Persistent' as Persistent, - option -> 'VpcSecurityGroupMemberships' as vpc_security_group_membership, - option -> 'Port' as Port - from - aws_rds_db_option_group - cross join jsonb_array_elements(options) as option; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n option ->> 'OptionName' as option_name,\n option\ + \ -> 'Permanent' as Permanent,\n option -> 'Persistent' as Persistent,\n option\ + \ -> 'VpcSecurityGroupMemberships' as vpc_security_group_membership,\n option\ + \ -> 'Port' as Port\nfrom\n aws_rds_db_option_group\n cross join jsonb_array_elements(options)\ + \ as option;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: Find AWS RDS DB Option Groups within Amazon RDS diff --git a/queries/aws_rds_db_parameter_group_1.yaml b/queries/aws_rds_db_parameter_group_1.yaml index 364153f93..57cf7798b 100755 --- a/queries/aws_rds_db_parameter_group_1.yaml +++ b/queries/aws_rds_db_parameter_group_1.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS RDS DB Parameter Groups, providing information + about the configurations that control the behavior of the databases that they are + associated with. ID: aws_rds_db_parameter_group_1 -Title: "Find AWS RDS DB Parameter Groups' Configurations" -Description: "Allows users to query AWS RDS DB Parameter Groups, providing information about the configurations that control the behavior of the databases that they are associated with." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - db_parameter_group_family - from - aws_rds_db_parameter_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n db_parameter_group_family\n\ + from\n aws_rds_db_parameter_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS DB Parameter Groups +Title: Find AWS RDS DB Parameter Groups' Configurations diff --git a/queries/aws_rds_db_parameter_group_2.yaml b/queries/aws_rds_db_parameter_group_2.yaml index 9fa49ec17..36645c3c1 100755 --- a/queries/aws_rds_db_parameter_group_2.yaml +++ b/queries/aws_rds_db_parameter_group_2.yaml @@ -1,34 +1,28 @@ +Description: Allows users to query AWS RDS DB Parameter Groups, providing information + about the configurations that control the behavior of the databases that they are + associated with. ID: aws_rds_db_parameter_group_2 -Title: "List all AWS RDS DB Parameter Groups configurations" -Description: "Allows users to query AWS RDS DB Parameter Groups, providing information about the configurations that control the behavior of the databases that they are associated with." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - db_parameter_group_family, - pg ->> 'ParameterName' as parameter_name, - pg ->> 'ParameterValue' as parameter_value, - pg ->> 'AllowedValues' as allowed_values, - pg ->> 'ApplyType' as apply_type, - pg ->> 'IsModifiable' as is_modifiable, - pg ->> 'DataType' as data_type, - pg ->> 'Description' as description, - pg ->> 'MinimumEngineVersion' as minimum_engine_version - from - aws_rds_db_parameter_group - cross join jsonb_array_elements(parameters) as pg; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n db_parameter_group_family,\n pg ->> 'ParameterName'\ + \ as parameter_name,\n pg ->> 'ParameterValue' as parameter_value,\n pg ->>\ + \ 'AllowedValues' as allowed_values,\n pg ->> 'ApplyType' as apply_type,\n pg\ + \ ->> 'IsModifiable' as is_modifiable,\n pg ->> 'DataType' as data_type,\n pg\ + \ ->> 'Description' as description,\n pg ->> 'MinimumEngineVersion' as minimum_engine_version\n\ + from\n aws_rds_db_parameter_group\n cross join jsonb_array_elements(parameters)\ + \ as pg;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Parameter Groups configurations diff --git a/queries/aws_rds_db_proxy_1.yaml b/queries/aws_rds_db_proxy_1.yaml index 0e2541ff1..2da69bb3d 100755 --- a/queries/aws_rds_db_proxy_1.yaml +++ b/queries/aws_rds_db_proxy_1.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query DB Proxies in Amazon RDS to fetch detailed information + about each proxy, including its ARN, name, engine family, role ARN, status, and + more. ID: aws_rds_db_proxy_1 -Title: "Find Amazon RDS DB Proxy Details via SQL Query" -Description: "Allows users to query DB Proxies in Amazon RDS to fetch detailed information about each proxy, including its ARN, name, engine family, role ARN, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_proxy_name, - status, - engine_family - from - aws_rds_db_proxy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_proxy_name,\n status,\n engine_family\nfrom\n aws_rds_db_proxy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: Find Amazon RDS DB Proxy Details via SQL Query diff --git a/queries/aws_rds_db_proxy_2.yaml b/queries/aws_rds_db_proxy_2.yaml index f70cf66a9..8d24a293a 100755 --- a/queries/aws_rds_db_proxy_2.yaml +++ b/queries/aws_rds_db_proxy_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query DB Proxies in Amazon RDS to fetch detailed information + about each proxy, including its ARN, name, engine family, role ARN, status, and + more. ID: aws_rds_db_proxy_2 -Title: "List all Detailed Information of Amazon RDS DB Proxies" -Description: "Allows users to query DB Proxies in Amazon RDS to fetch detailed information about each proxy, including its ARN, name, engine family, role ARN, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_proxy_name, - engine_family, - a ->> 'AuthScheme' as auth_scheme, - a ->> 'Description' as auth_description, - a ->> 'IAMAuth' as iam_auth, - a ->> 'SecretArn' as secret_arn, - a ->> 'UserName' as user_name - from - aws_rds_db_proxy, - jsonb_array_elements(auth) as a; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_proxy_name,\n engine_family,\n a ->> 'AuthScheme'\ + \ as auth_scheme,\n a ->> 'Description' as auth_description,\n a ->> 'IAMAuth'\ + \ as iam_auth,\n a ->> 'SecretArn' as secret_arn,\n a ->> 'UserName' as user_name\n\ + from\n aws_rds_db_proxy,\n jsonb_array_elements(auth) as a;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: List all Detailed Information of Amazon RDS DB Proxies diff --git a/queries/aws_rds_db_recommendation_1.yaml b/queries/aws_rds_db_recommendation_1.yaml index 84f8f83ac..d810893f4 100755 --- a/queries/aws_rds_db_recommendation_1.yaml +++ b/queries/aws_rds_db_recommendation_1.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS RDS DB Recommendations and retrieve valuable + information about each recommendation''s status, impact, and suggested actions. ID: aws_rds_db_recommendation_1 -Title: "Find AWS RDS DB Recommendations with High Severity" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - title, - severity, - description, - created_time - from - aws_rds_db_recommendation - where - severity = 'high'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n recommendation_id,\n title,\n severity,\n description,\n\ + \ created_time\nfrom\n aws_rds_db_recommendation\nwhere\n severity = 'high';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Recommendations with High Severity diff --git a/queries/aws_rds_db_recommendation_2.yaml b/queries/aws_rds_db_recommendation_2.yaml index 217c9ccf8..e8d20ca34 100755 --- a/queries/aws_rds_db_recommendation_2.yaml +++ b/queries/aws_rds_db_recommendation_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS RDS DB Recommendations and retrieve valuable + information about each recommendation''s status, impact, and suggested actions. ID: aws_rds_db_recommendation_2 -Title: "List all AWS RDS DB Recommendations and Details" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - title, - created_time, - description - from - aws_rds_db_recommendation - where - created_time >= now() - interval '30 days'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n recommendation_id,\n title,\n created_time,\n description\n\ + from\n aws_rds_db_recommendation\nwhere\n created_time >= now() - interval '30\ + \ days';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Recommendations and Details diff --git a/queries/aws_rds_db_recommendation_3.yaml b/queries/aws_rds_db_recommendation_3.yaml index f7f8f314f..96e6e9521 100755 --- a/queries/aws_rds_db_recommendation_3.yaml +++ b/queries/aws_rds_db_recommendation_3.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS RDS DB Recommendations and retrieve valuable + information about each recommendation''s status, impact, and suggested actions. ID: aws_rds_db_recommendation_3 -Title: "Find All Recommendations and Actions for AWS RDS DB" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - title, - recommendation, - recommended_actions - from - aws_rds_db_recommendation; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n recommendation_id,\n title,\n recommendation,\n recommended_actions\n\ + from\n aws_rds_db_recommendation;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find All Recommendations and Actions for AWS RDS DB diff --git a/queries/aws_rds_db_recommendation_4.yaml b/queries/aws_rds_db_recommendation_4.yaml index a19d7beec..16ec542ce 100755 --- a/queries/aws_rds_db_recommendation_4.yaml +++ b/queries/aws_rds_db_recommendation_4.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS RDS DB Recommendations and retrieve valuable + information about each recommendation''s status, impact, and suggested actions. ID: aws_rds_db_recommendation_4 -Title: "List all AWS RDS DB Recommendations and Suggested Actions" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - title, - impact, - description - from - aws_rds_db_recommendation - order by - impact desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n recommendation_id,\n title,\n impact,\n description\n\ + from\n aws_rds_db_recommendation\norder by\n impact desc;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: List all AWS RDS DB Recommendations and Suggested Actions diff --git a/queries/aws_rds_db_recommendation_5.yaml b/queries/aws_rds_db_recommendation_5.yaml index 0f98e87b5..867e96bba 100755 --- a/queries/aws_rds_db_recommendation_5.yaml +++ b/queries/aws_rds_db_recommendation_5.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS RDS DB Recommendations and retrieve valuable + information about each recommendation''s status, impact, and suggested actions. ID: aws_rds_db_recommendation_5 -Title: "Find AWS RDS DB Recommendations and Statuses" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - title, - status, - updated_time - from - aws_rds_db_recommendation - where - status != 'resolved'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n recommendation_id,\n title,\n status,\n updated_time\n\ + from\n aws_rds_db_recommendation\nwhere\n status != 'resolved';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find AWS RDS DB Recommendations and Statuses diff --git a/queries/aws_rds_db_recommendation_6.yaml b/queries/aws_rds_db_recommendation_6.yaml index 65581d69d..baf231a2f 100755 --- a/queries/aws_rds_db_recommendation_6.yaml +++ b/queries/aws_rds_db_recommendation_6.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS RDS DB Recommendations and retrieve valuable + information about each recommendation''s status, impact, and suggested actions. ID: aws_rds_db_recommendation_6 -Title: "Find AWS RDS DB Recommendations and Their Statuses" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - issue_details -> 'PerformanceIssueDetails' ->> 'Analysis' as analysis, - issue_details -> 'PerformanceIssueDetails' ->> 'EndTime' as end_time, - issue_details -> 'PerformanceIssueDetails' ->> 'StartTime' as start_time, - issue_details -> 'PerformanceIssueDetails' -> 'Metrics' as metrics - from - aws_rds_db_recommendation - where - issue_details is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n recommendation_id,\n issue_details -> 'PerformanceIssueDetails'\ + \ ->> 'Analysis' as analysis,\n issue_details -> 'PerformanceIssueDetails' ->>\ + \ 'EndTime' as end_time,\n issue_details -> 'PerformanceIssueDetails' ->> 'StartTime'\ + \ as start_time,\n issue_details -> 'PerformanceIssueDetails' -> 'Metrics' as\ + \ metrics\nfrom\n aws_rds_db_recommendation\nwhere\n issue_details is not null;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS DB Recommendation +Title: Find AWS RDS DB Recommendations and Their Statuses diff --git a/queries/aws_rds_db_recommendation_7.yaml b/queries/aws_rds_db_recommendation_7.yaml index 23a6af7e0..74058448f 100755 --- a/queries/aws_rds_db_recommendation_7.yaml +++ b/queries/aws_rds_db_recommendation_7.yaml @@ -1,34 +1,27 @@ +Description: Allows users to query AWS RDS DB Recommendations and retrieve valuable + information about each recommendation''s status, impact, and suggested actions. ID: aws_rds_db_recommendation_7 -Title: "Find all AWS RDS DB recommendation statuses and actions" -Description: "Allows users to query AWS RDS DB Recommendations and retrieve valuable information about each recommendation''s status, impact, and suggested actions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - recommendation_id, - action ->> 'Title' as title, - action ->> 'Status' as status, - action ->> 'ActionId' as action_id, - action ->> 'Operation' as operation, - action -> 'ApplyModes' as apply_modes, - action -> 'Parameters' as parameters, - action ->> 'Description' as description, - action ->> 'IssueDetails' as issue_details, - action -> 'ContextAttributes' as context_attributes - from - aws_rds_db_recommendation, - jsonb_array_elements(recommended_actions) as action; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n recommendation_id,\n action ->> 'Title' as title,\n\ + \ action ->> 'Status' as status,\n action ->> 'ActionId' as action_id,\n action\ + \ ->> 'Operation' as operation,\n action -> 'ApplyModes' as apply_modes,\n action\ + \ -> 'Parameters' as parameters,\n action ->> 'Description' as description,\n\ + \ action ->> 'IssueDetails' as issue_details,\n action -> 'ContextAttributes'\ + \ as context_attributes\nfrom\n aws_rds_db_recommendation,\n jsonb_array_elements(recommended_actions)\ + \ as action;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find all AWS RDS DB recommendation statuses and actions diff --git a/queries/aws_rds_db_snapshot_1.yaml b/queries/aws_rds_db_snapshot_1.yaml index eec48b865..b2a51305c 100755 --- a/queries/aws_rds_db_snapshot_1.yaml +++ b/queries/aws_rds_db_snapshot_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query Amazon RDS DB Snapshots for information regarding + manual and automatic snapshots of an Amazon RDS DB instance. ID: aws_rds_db_snapshot_1 -Title: "Find Non-encrypted RDS DB Snapshots for AWS" -Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_snapshot_identifier, - encrypted - from - aws_rds_db_snapshot - where - not encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_snapshot_identifier,\n encrypted\nfrom\n aws_rds_db_snapshot\n\ + where\n not encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: Find Non-encrypted RDS DB Snapshots for AWS diff --git a/queries/aws_rds_db_snapshot_2.yaml b/queries/aws_rds_db_snapshot_2.yaml index 9cc9daed3..b16b06428 100755 --- a/queries/aws_rds_db_snapshot_2.yaml +++ b/queries/aws_rds_db_snapshot_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query Amazon RDS DB Snapshots for information regarding + manual and automatic snapshots of an Amazon RDS DB instance. ID: aws_rds_db_snapshot_2 -Title: "List Amazon RDS DB manual snapshots" -Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_snapshot_identifier, - type - from - aws_rds_db_snapshot - where - type = 'manual'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_snapshot_identifier,\n type\nfrom\n aws_rds_db_snapshot\n\ + where\n type = 'manual';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: List Amazon RDS DB manual snapshots diff --git a/queries/aws_rds_db_snapshot_3.yaml b/queries/aws_rds_db_snapshot_3.yaml index 0951f3b37..ddd3d4d03 100755 --- a/queries/aws_rds_db_snapshot_3.yaml +++ b/queries/aws_rds_db_snapshot_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query Amazon RDS DB Snapshots for information regarding + manual and automatic snapshots of an Amazon RDS DB instance. ID: aws_rds_db_snapshot_3 -Title: "Find Information on Amazon RDS DB Snapshots" -Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_snapshot_identifier, - encrypted - from - aws_rds_db_snapshot - where - not encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_snapshot_identifier,\n encrypted\nfrom\n aws_rds_db_snapshot\n\ + where\n not encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: Find Information on Amazon RDS DB Snapshots diff --git a/queries/aws_rds_db_snapshot_4.yaml b/queries/aws_rds_db_snapshot_4.yaml index 99fafafe7..8d3195eb0 100755 --- a/queries/aws_rds_db_snapshot_4.yaml +++ b/queries/aws_rds_db_snapshot_4.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query Amazon RDS DB Snapshots for information regarding + manual and automatic snapshots of an Amazon RDS DB instance. ID: aws_rds_db_snapshot_4 -Title: "List Amazon RDS DB Snapshots Information" -Description: "Allows users to query Amazon RDS DB Snapshots for information regarding manual and automatic snapshots of an Amazon RDS DB instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - db_snapshot_identifier, - db_instance_identifier, - engine, - engine_version, - allocated_storage, - storage_type - from - aws_rds_db_snapshot; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n db_snapshot_identifier,\n db_instance_identifier,\n\ + \ engine,\n engine_version,\n allocated_storage,\n storage_type\nfrom\n aws_rds_db_snapshot;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List Amazon RDS DB Snapshots Information diff --git a/queries/aws_rds_db_subnet_group_1.yaml b/queries/aws_rds_db_subnet_group_1.yaml index f955469fb..c6856f412 100755 --- a/queries/aws_rds_db_subnet_group_1.yaml +++ b/queries/aws_rds_db_subnet_group_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS RDS DB Subnet Groups to retrieve information + about each DB subnet group configured in an AWS account. ID: aws_rds_db_subnet_group_1 -Title: "Query AWS RDS DB Subnet Groups Information" -Description: "Allows users to query AWS RDS DB Subnet Groups to retrieve information about each DB subnet group configured in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - status, - vpc_id - from - aws_rds_db_subnet_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n status,\n vpc_id\nfrom\n aws_rds_db_subnet_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Query AWS RDS DB Subnet Groups Information diff --git a/queries/aws_rds_db_subnet_group_2.yaml b/queries/aws_rds_db_subnet_group_2.yaml index a4dff9482..33f11ef38 100755 --- a/queries/aws_rds_db_subnet_group_2.yaml +++ b/queries/aws_rds_db_subnet_group_2.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS RDS DB Subnet Groups to retrieve information + about each DB subnet group configured in an AWS account. ID: aws_rds_db_subnet_group_2 -Title: "List all AWS RDS DB Subnet Groups Information" -Description: "Allows users to query AWS RDS DB Subnet Groups to retrieve information about each DB subnet group configured in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - subnet -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, - subnet ->> 'SubnetIdentifier' as subnet_identifier, - subnet -> 'SubnetOutpost' ->> 'Arn' as subnet_outpost, - subnet ->> 'SubnetStatus' as subnet_status - from - aws_rds_db_subnet_group - cross join jsonb_array_elements(subnets) as subnet; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n subnet -> 'SubnetAvailabilityZone' ->> 'Name'\ + \ as subnet_availability_zone,\n subnet ->> 'SubnetIdentifier' as subnet_identifier,\n\ + \ subnet -> 'SubnetOutpost' ->> 'Arn' as subnet_outpost,\n subnet ->> 'SubnetStatus'\ + \ as subnet_status\nfrom\n aws_rds_db_subnet_group\n cross join jsonb_array_elements(subnets)\ + \ as subnet;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Subnet Groups Information diff --git a/queries/aws_rds_db_subnet_group_3.yaml b/queries/aws_rds_db_subnet_group_3.yaml index c6aa02d0a..5b04b6cac 100755 --- a/queries/aws_rds_db_subnet_group_3.yaml +++ b/queries/aws_rds_db_subnet_group_3.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS RDS DB Subnet Groups to retrieve information + about each DB subnet group configured in an AWS account. ID: aws_rds_db_subnet_group_3 -Title: "List all AWS RDS DB Subnet Groups" -Description: "Allows users to query AWS RDS DB Subnet Groups to retrieve information about each DB subnet group configured in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - tags - from - aws_rds_db_subnet_group - where - not tags :: JSONB ? 'application'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n tags\nfrom\n aws_rds_db_subnet_group\nwhere\n\ + \ not tags :: JSONB ? 'application';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS DB Subnet Groups diff --git a/queries/aws_rds_reserved_db_instance_1.yaml b/queries/aws_rds_reserved_db_instance_1.yaml index 929acc7ad..cb418ad39 100755 --- a/queries/aws_rds_reserved_db_instance_1.yaml +++ b/queries/aws_rds_reserved_db_instance_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query RDS Reserved DB Instances in AWS, providing details + such as reservation status, instance type, duration, and associated costs. ID: aws_rds_reserved_db_instance_1 -Title: "List AWS RDS Reserved DB Instances and Details" -Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_db_instance_id, - arn, - reserved_db_instances_offering_id, - state, - class - from - aws_rds_reserved_db_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_db_instance_id,\n arn,\n reserved_db_instances_offering_id,\n\ + \ state,\n class\nfrom\n aws_rds_reserved_db_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List AWS RDS Reserved DB Instances and Details diff --git a/queries/aws_rds_reserved_db_instance_2.yaml b/queries/aws_rds_reserved_db_instance_2.yaml index 9863980ce..e36e17c15 100755 --- a/queries/aws_rds_reserved_db_instance_2.yaml +++ b/queries/aws_rds_reserved_db_instance_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query RDS Reserved DB Instances in AWS, providing details + such as reservation status, instance type, duration, and associated costs. ID: aws_rds_reserved_db_instance_2 -Title: "List all AWS RDS Reserved DB Instances" -Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_db_instance_id, - arn, - reserved_db_instances_offering_id, - state, - class - from - aws_rds_reserved_db_instance - where - not multi_az; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_db_instance_id,\n arn,\n reserved_db_instances_offering_id,\n\ + \ state,\n class\nfrom\n aws_rds_reserved_db_instance\nwhere\n not multi_az;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS Reserved DB Instances diff --git a/queries/aws_rds_reserved_db_instance_3.yaml b/queries/aws_rds_reserved_db_instance_3.yaml index e1084b760..298f5dec5 100755 --- a/queries/aws_rds_reserved_db_instance_3.yaml +++ b/queries/aws_rds_reserved_db_instance_3.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query RDS Reserved DB Instances in AWS, providing details + such as reservation status, instance type, duration, and associated costs. ID: aws_rds_reserved_db_instance_3 -Title: "Find all RDS Reserved DB Instances with Costs and Status" -Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_db_instance_id, - arn, - reserved_db_instances_offering_id, - state, - class - from - aws_rds_reserved_db_instance - where - offering_type = 'All Upfront'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_db_instance_id,\n arn,\n reserved_db_instances_offering_id,\n\ + \ state,\n class\nfrom\n aws_rds_reserved_db_instance\nwhere\n offering_type\ + \ = 'All Upfront';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: Find all RDS Reserved DB Instances with Costs and Status diff --git a/queries/aws_rds_reserved_db_instance_4.yaml b/queries/aws_rds_reserved_db_instance_4.yaml index fcc9deb54..965e6714d 100755 --- a/queries/aws_rds_reserved_db_instance_4.yaml +++ b/queries/aws_rds_reserved_db_instance_4.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query RDS Reserved DB Instances in AWS, providing details + such as reservation status, instance type, duration, and associated costs. ID: aws_rds_reserved_db_instance_4 -Title: "List all Reserved DB Instances in AWS RDS" -Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_db_instance_id, - arn, - reserved_db_instances_offering_id, - state, - class - from - aws_rds_reserved_db_instance - order by - duration desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_db_instance_id,\n arn,\n reserved_db_instances_offering_id,\n\ + \ state,\n class\nfrom\n aws_rds_reserved_db_instance\norder by\n duration\ + \ desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all Reserved DB Instances in AWS RDS diff --git a/queries/aws_rds_reserved_db_instance_5.yaml b/queries/aws_rds_reserved_db_instance_5.yaml index a96db31e0..cd1294a2f 100755 --- a/queries/aws_rds_reserved_db_instance_5.yaml +++ b/queries/aws_rds_reserved_db_instance_5.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query RDS Reserved DB Instances in AWS, providing details + such as reservation status, instance type, duration, and associated costs. ID: aws_rds_reserved_db_instance_5 -Title: "List all AWS RDS Reserved DB Instances and Details" -Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_db_instance_id, - arn, - reserved_db_instances_offering_id, - state, - class, - usage_price - from - aws_rds_reserved_db_instance - order by - usage_price desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_db_instance_id,\n arn,\n reserved_db_instances_offering_id,\n\ + \ state,\n class,\n usage_price\nfrom\n aws_rds_reserved_db_instance\norder\ + \ by\n usage_price desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - RDS +Title: List all AWS RDS Reserved DB Instances and Details diff --git a/queries/aws_rds_reserved_db_instance_6.yaml b/queries/aws_rds_reserved_db_instance_6.yaml index d9aea9ff9..1deb134a7 100755 --- a/queries/aws_rds_reserved_db_instance_6.yaml +++ b/queries/aws_rds_reserved_db_instance_6.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query RDS Reserved DB Instances in AWS, providing details + such as reservation status, instance type, duration, and associated costs. ID: aws_rds_reserved_db_instance_6 -Title: "List all AWS RDS Reserved DB Instances with details and costs" -Description: "Allows users to query RDS Reserved DB Instances in AWS, providing details such as reservation status, instance type, duration, and associated costs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - reserved_db_instance_id, - arn, - reserved_db_instances_offering_id, - state, - class, - usage_price - from - aws_rds_reserved_db_instance - where - state <> 'active'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n reserved_db_instance_id,\n arn,\n reserved_db_instances_offering_id,\n\ + \ state,\n class,\n usage_price\nfrom\n aws_rds_reserved_db_instance\nwhere\n\ + \ state <> 'active';" Tags: cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon RDS +Title: List all AWS RDS Reserved DB Instances with details and costs diff --git a/queries/aws_redshift_cluster_1.yaml b/queries/aws_redshift_cluster_1.yaml index f2ad96feb..5cb64d228 100755 --- a/queries/aws_redshift_cluster_1.yaml +++ b/queries/aws_redshift_cluster_1.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Redshift Clusters and retrieve comprehensive + information about each cluster, including its configuration, status, performance, + and security settings. ID: aws_redshift_cluster_1 -Title: "List all AWS Redshift Clusters including Configurations" -Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - arn, - node_type, - region - from - aws_redshift_cluster; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_identifier,\n arn,\n node_type,\n region\n\ + from\n aws_redshift_cluster;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Redshift +Title: List all AWS Redshift Clusters including Configurations diff --git a/queries/aws_redshift_cluster_2.yaml b/queries/aws_redshift_cluster_2.yaml index 9c256f205..6ac20f021 100755 --- a/queries/aws_redshift_cluster_2.yaml +++ b/queries/aws_redshift_cluster_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Redshift Clusters and retrieve comprehensive + information about each cluster, including its configuration, status, performance, + and security settings. ID: aws_redshift_cluster_2 -Title: "Find all AWS Redshift Clusters with Configuration Details" -Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - node_type, - number_of_nodes, - publicly_accessible - from - aws_redshift_cluster - where - publicly_accessible; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_identifier,\n node_type,\n number_of_nodes,\n\ + \ publicly_accessible\nfrom\n aws_redshift_cluster\nwhere\n publicly_accessible;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: Find all AWS Redshift Clusters with Configuration Details diff --git a/queries/aws_redshift_cluster_3.yaml b/queries/aws_redshift_cluster_3.yaml index 81448f467..557dcd406 100755 --- a/queries/aws_redshift_cluster_3.yaml +++ b/queries/aws_redshift_cluster_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Redshift Clusters and retrieve comprehensive + information about each cluster, including its configuration, status, performance, + and security settings. ID: aws_redshift_cluster_3 -Title: "Find AWS Redshift Cluster Configurations and Details" -Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - node_type, - number_of_nodes, - vpc_id - from - aws_redshift_cluster - where - vpc_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_identifier,\n node_type,\n number_of_nodes,\n\ + \ vpc_id\nfrom\n aws_redshift_cluster\nwhere\n vpc_id is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: Find AWS Redshift Cluster Configurations and Details diff --git a/queries/aws_redshift_cluster_4.yaml b/queries/aws_redshift_cluster_4.yaml index 4cdd40050..d8a3f762e 100755 --- a/queries/aws_redshift_cluster_4.yaml +++ b/queries/aws_redshift_cluster_4.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Redshift Clusters and retrieve comprehensive + information about each cluster, including its configuration, status, performance, + and security settings. ID: aws_redshift_cluster_4 -Title: "List all AWS Redshift Clusters and list configurations" -Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - node_type, - number_of_nodes, - encrypted - from - aws_redshift_cluster - where - not encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_identifier,\n node_type,\n number_of_nodes,\n\ + \ encrypted\nfrom\n aws_redshift_cluster\nwhere\n not encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: List all AWS Redshift Clusters and list configurations diff --git a/queries/aws_redshift_cluster_5.yaml b/queries/aws_redshift_cluster_5.yaml index b4995ffa9..d271fca2e 100755 --- a/queries/aws_redshift_cluster_5.yaml +++ b/queries/aws_redshift_cluster_5.yaml @@ -1,25 +1,23 @@ +Description: Allows users to query AWS Redshift Clusters and retrieve comprehensive + information about each cluster, including its configuration, status, performance, + and security settings. ID: aws_redshift_cluster_5 -Title: "List all AWS Redshift Clusters and Their Status" -Description: "Allows users to query AWS Redshift Clusters and retrieve comprehensive information about each cluster, including its configuration, status, performance, and security settings." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - logging_status -> 'LoggingEnabled' as LoggingEnabled - from - aws_redshift_cluster - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_identifier,\n logging_status -> 'LoggingEnabled'\ + \ as LoggingEnabled\nfrom\n aws_redshift_cluster" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: List all AWS Redshift Clusters and Their Status diff --git a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml index e522542e1..d4b415ae6 100755 --- a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml +++ b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_1.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS Redshift Cluster CPU Utilization Metrics on + a daily basis. ID: aws_redshift_cluster_metric_cpu_utilization_daily_1 -Title: "List AWS Redshift CPU Utilization Metrics by day" -Description: "Allows users to query AWS Redshift Cluster CPU Utilization Metrics on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_redshift_cluster_metric_cpu_utilization_daily - order by - cluster_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_identifier,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sample_count\nfrom\n aws_redshift_cluster_metric_cpu_utilization_daily\n\ + order by\n cluster_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: List AWS Redshift CPU Utilization Metrics by day diff --git a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml index 6a67d763e..af6ba5dac 100755 --- a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml +++ b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_2.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS Redshift Cluster CPU Utilization Metrics on + a daily basis. ID: aws_redshift_cluster_metric_cpu_utilization_daily_2 -Title: "Find Daily AWS Redshift Cluster High CPU Utilization" -Description: "Allows users to query AWS Redshift Cluster CPU Utilization Metrics on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_redshift_cluster_metric_cpu_utilization_daily - where average > 80 - order by - cluster_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_identifier,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_redshift_cluster_metric_cpu_utilization_daily\n\ + where average > 80\norder by\n cluster_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: Find Daily AWS Redshift Cluster High CPU Utilization diff --git a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml index 925e26395..65028170c 100755 --- a/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml +++ b/queries/aws_redshift_cluster_metric_cpu_utilization_daily_3.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS Redshift Cluster CPU Utilization Metrics on + a daily basis. ID: aws_redshift_cluster_metric_cpu_utilization_daily_3 -Title: "List AWS Redshift Cluster CPU Utilization Metrics Daily" -Description: "Allows users to query AWS Redshift Cluster CPU Utilization Metrics on a daily basis." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_identifier, - timestamp, - round(minimum::numeric,2) as min_cpu, - round(maximum::numeric,2) as max_cpu, - round(average::numeric,2) as avg_cpu, - sample_count - from - aws_redshift_cluster_metric_cpu_utilization_daily - where average < 2 - order by - cluster_identifier, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_identifier,\n timestamp,\n round(minimum::numeric,2)\ + \ as min_cpu,\n round(maximum::numeric,2) as max_cpu,\n round(average::numeric,2)\ + \ as avg_cpu,\n sample_count\nfrom\n aws_redshift_cluster_metric_cpu_utilization_daily\n\ + where average < 2\norder by\n cluster_identifier,\n timestamp;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: List AWS Redshift Cluster CPU Utilization Metrics Daily diff --git a/queries/aws_redshift_event_subscription_1.yaml b/queries/aws_redshift_event_subscription_1.yaml index a2cafadfe..7294e0fea 100755 --- a/queries/aws_redshift_event_subscription_1.yaml +++ b/queries/aws_redshift_event_subscription_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Redshift Event Subscriptions, providing insights + into the subscription''s configuration, status, and associated Redshift clusters. ID: aws_redshift_event_subscription_1 -Title: "List All AWS Redshift Event Subscription Configurations" -Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cust_subscription_id, - customer_aws_id, - status, - sns_topic_arn, - subscription_creation_time - from - aws_redshift_event_subscription; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cust_subscription_id,\n customer_aws_id,\n status,\n\ + \ sns_topic_arn,\n subscription_creation_time\nfrom\n aws_redshift_event_subscription;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: List All AWS Redshift Event Subscription Configurations diff --git a/queries/aws_redshift_event_subscription_2.yaml b/queries/aws_redshift_event_subscription_2.yaml index af0f36489..8f5dbb800 100755 --- a/queries/aws_redshift_event_subscription_2.yaml +++ b/queries/aws_redshift_event_subscription_2.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS Redshift Event Subscriptions, providing insights + into the subscription''s configuration, status, and associated Redshift clusters. ID: aws_redshift_event_subscription_2 -Title: "Find all AWS Redshift Event Subscriptions" -Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cust_subscription_id, - customer_aws_id, - status, - enabled, - sns_topic_arn, - subscription_creation_time - from - aws_redshift_event_subscription - where - enabled is false; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cust_subscription_id,\n customer_aws_id,\n status,\n\ + \ enabled,\n sns_topic_arn,\n subscription_creation_time\nfrom\n aws_redshift_event_subscription\n\ + where\n enabled is false;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: Find all AWS Redshift Event Subscriptions diff --git a/queries/aws_redshift_event_subscription_3.yaml b/queries/aws_redshift_event_subscription_3.yaml index 226be4671..40451847d 100755 --- a/queries/aws_redshift_event_subscription_3.yaml +++ b/queries/aws_redshift_event_subscription_3.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Redshift Event Subscriptions, providing insights + into the subscription''s configuration, status, and associated Redshift clusters. ID: aws_redshift_event_subscription_3 -Title: "List all AWS Redshift Event Subscriptions and Their Configurations" -Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cust_subscription_id, - severity, - source_type, - event_categories_list, - source_ids_list - from - aws_redshift_event_subscription; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cust_subscription_id,\n severity,\n source_type,\n\ + \ event_categories_list,\n source_ids_list\nfrom\n aws_redshift_event_subscription;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: List all AWS Redshift Event Subscriptions and Their Configurations diff --git a/queries/aws_redshift_event_subscription_4.yaml b/queries/aws_redshift_event_subscription_4.yaml index d274034cb..0eb16b529 100755 --- a/queries/aws_redshift_event_subscription_4.yaml +++ b/queries/aws_redshift_event_subscription_4.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Redshift Event Subscriptions, providing insights + into the subscription''s configuration, status, and associated Redshift clusters. ID: aws_redshift_event_subscription_4 -Title: "Find AWS Redshift Event Subscriptions with Configuration and Status" -Description: "Allows users to query AWS Redshift Event Subscriptions, providing insights into the subscription''s configuration, status, and associated Redshift clusters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.cust_subscription_id, - e.status, - s.kms_master_key_id, - s.topic_arn as arn - from - aws_redshift_event_subscription as e - join aws_sns_topic as s on s.topic_arn = e.sns_topic_arn - where - s.kms_master_key_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n e.cust_subscription_id,\n e.status,\n s.kms_master_key_id,\n\ + \ s.topic_arn as arn\nfrom\n aws_redshift_event_subscription as e\n join aws_sns_topic\ + \ as s on s.topic_arn = e.sns_topic_arn\nwhere\n s.kms_master_key_id is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Redshift +Title: Find AWS Redshift Event Subscriptions with Configuration and Status diff --git a/queries/aws_redshift_parameter_group_1.yaml b/queries/aws_redshift_parameter_group_1.yaml index 70c57cc59..22c615b9e 100755 --- a/queries/aws_redshift_parameter_group_1.yaml +++ b/queries/aws_redshift_parameter_group_1.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query Amazon Redshift Parameter Groups to obtain detailed + information about the configuration parameters and settings for Redshift clusters. + This can be useful for managing and optimizing the performance of Redshift databases. ID: aws_redshift_parameter_group_1 -Title: "List all Amazon Redshift Parameter Groups configuration settings" -Description: "Allows users to query Amazon Redshift Parameter Groups to obtain detailed information about the configuration parameters and settings for Redshift clusters. This can be useful for managing and optimizing the performance of Redshift databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - family - from - aws_redshift_parameter_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n family\nfrom\n aws_redshift_parameter_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Redshift +Title: List all Amazon Redshift Parameter Groups configuration settings diff --git a/queries/aws_redshift_parameter_group_2.yaml b/queries/aws_redshift_parameter_group_2.yaml index f7eb34dd9..10350f5ae 100755 --- a/queries/aws_redshift_parameter_group_2.yaml +++ b/queries/aws_redshift_parameter_group_2.yaml @@ -1,35 +1,27 @@ +Description: Allows users to query Amazon Redshift Parameter Groups to obtain detailed + information about the configuration parameters and settings for Redshift clusters. + This can be useful for managing and optimizing the performance of Redshift databases. ID: aws_redshift_parameter_group_2 -Title: "Find Amazon Redshift Parameter Groups Configuration" -Description: "Allows users to query Amazon Redshift Parameter Groups to obtain detailed information about the configuration parameters and settings for Redshift clusters. This can be useful for managing and optimizing the performance of Redshift databases." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p ->> 'ParameterName' as parameter_name, - p ->> 'ParameterValue' as parameter_value, - p ->> 'Description' as description, - p ->> 'Source' as source, - p ->> 'DataType' as data_type, - p ->> 'ApplyType' as apply_type, - p ->> 'IsModifiable' as is_modifiable, - p ->> 'AllowedValues' as allowed_values, - p ->> 'MinimumEngineVersion' as minimum_engine_version - from - aws_redshift_parameter_group, - jsonb_array_elements(parameters) as p - where - p ->> 'ParameterName' = 'require_ssl' - and p ->> 'ParameterValue' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n p ->> 'ParameterName' as parameter_name,\n \ + \ p ->> 'ParameterValue' as parameter_value,\n p ->> 'Description' as description,\n\ + \ p ->> 'Source' as source,\n p ->> 'DataType' as data_type,\n p ->> 'ApplyType'\ + \ as apply_type,\n p ->> 'IsModifiable' as is_modifiable,\n p ->> 'AllowedValues'\ + \ as allowed_values,\n p ->> 'MinimumEngineVersion' as minimum_engine_version\n\ + from\n aws_redshift_parameter_group,\n jsonb_array_elements(parameters) as p\n\ + where\n p ->> 'ParameterName' = 'require_ssl'\n and p ->> 'ParameterValue' =\ + \ 'false';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Redshift +Title: Find Amazon Redshift Parameter Groups Configuration diff --git a/queries/aws_redshift_snapshot_1.yaml b/queries/aws_redshift_snapshot_1.yaml index 75dc1f78c..9744f51ed 100755 --- a/queries/aws_redshift_snapshot_1.yaml +++ b/queries/aws_redshift_snapshot_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query Redshift Snapshots, providing details about each + snapshot''s configuration, status, and associated metadata. ID: aws_redshift_snapshot_1 -Title: "List AWS Redshift Snapshots with Their Configuration" -Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_identifier, - cluster_identifier, - node_type, - encrypted - from - aws_redshift_snapshot; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_identifier,\n cluster_identifier,\n node_type,\n\ + \ encrypted\nfrom\n aws_redshift_snapshot;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: List AWS Redshift Snapshots with Their Configuration diff --git a/queries/aws_redshift_snapshot_2.yaml b/queries/aws_redshift_snapshot_2.yaml index 7ecec3991..b9abc207f 100755 --- a/queries/aws_redshift_snapshot_2.yaml +++ b/queries/aws_redshift_snapshot_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query Redshift Snapshots, providing details about each + snapshot''s configuration, status, and associated metadata. ID: aws_redshift_snapshot_2 -Title: "List all AWS Redshift Snapshots with Configuration Details" -Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_identifier, - snapshot_type - from - aws_redshift_snapshot - where - snapshot_type = 'manual'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_identifier,\n snapshot_type\nfrom\n aws_redshift_snapshot\n\ + where\n snapshot_type = 'manual';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: List all AWS Redshift Snapshots with Configuration Details diff --git a/queries/aws_redshift_snapshot_3.yaml b/queries/aws_redshift_snapshot_3.yaml index 67694b84b..67b7b0ead 100755 --- a/queries/aws_redshift_snapshot_3.yaml +++ b/queries/aws_redshift_snapshot_3.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query Redshift Snapshots, providing details about each + snapshot''s configuration, status, and associated metadata. ID: aws_redshift_snapshot_3 -Title: "List All AWS Redshift Snapshots Configuration and Status" -Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_identifier, - cluster_identifier, - node_type, - number_of_nodes, - encrypted - from - aws_redshift_snapshot - where - not encrypted; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_identifier,\n cluster_identifier,\n node_type,\n\ + \ number_of_nodes,\n encrypted\nfrom\n aws_redshift_snapshot\nwhere\n not\ + \ encrypted;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: List All AWS Redshift Snapshots Configuration and Status diff --git a/queries/aws_redshift_snapshot_4.yaml b/queries/aws_redshift_snapshot_4.yaml index 13a44c355..94ae6c7f6 100755 --- a/queries/aws_redshift_snapshot_4.yaml +++ b/queries/aws_redshift_snapshot_4.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query Redshift Snapshots, providing details about each + snapshot''s configuration, status, and associated metadata. ID: aws_redshift_snapshot_4 -Title: "List all AWS Redshift Snapshots with Details" -Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_identifier, - cluster_identifier, - number_of_nodes, - cluster_version, - engine_full_version, - restorable_node_types - from - aws_redshift_snapshot; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_identifier,\n cluster_identifier,\n number_of_nodes,\n\ + \ cluster_version,\n engine_full_version,\n restorable_node_types\nfrom\n \ + \ aws_redshift_snapshot;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: List all AWS Redshift Snapshots with Details diff --git a/queries/aws_redshift_snapshot_5.yaml b/queries/aws_redshift_snapshot_5.yaml index aec643f2e..858e8f89a 100755 --- a/queries/aws_redshift_snapshot_5.yaml +++ b/queries/aws_redshift_snapshot_5.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query Redshift Snapshots, providing details about each + snapshot''s configuration, status, and associated metadata. ID: aws_redshift_snapshot_5 -Title: "Find AWS Redshift Snapshots and Restore Access Details" -Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_identifier, - accounts_with_restore_access - from - aws_redshift_snapshot - where - accounts_with_restore_access is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_identifier,\n accounts_with_restore_access\n\ + from\n aws_redshift_snapshot\nwhere\n accounts_with_restore_access is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: Find AWS Redshift Snapshots and Restore Access Details diff --git a/queries/aws_redshift_snapshot_6.yaml b/queries/aws_redshift_snapshot_6.yaml index 84313b5b2..27e4d106e 100755 --- a/queries/aws_redshift_snapshot_6.yaml +++ b/queries/aws_redshift_snapshot_6.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query Redshift Snapshots, providing details about each + snapshot''s configuration, status, and associated metadata. ID: aws_redshift_snapshot_6 -Title: "List all AWS Redshift Snapshots with details" -Description: "Allows users to query Redshift Snapshots, providing details about each snapshot''s configuration, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - snapshot_identifier, - p ->> 'AccountId' as account_id, - p ->> 'AccountAlias' as account_alias - from - aws_redshift_snapshot, - jsonb_array_elements(accounts_with_restore_access) as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n snapshot_identifier,\n p ->> 'AccountId' as account_id,\n\ + \ p ->> 'AccountAlias' as account_alias\nfrom\n aws_redshift_snapshot,\n jsonb_array_elements(accounts_with_restore_access)\ + \ as p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: List all AWS Redshift Snapshots with details diff --git a/queries/aws_redshift_subnet_group_1.yaml b/queries/aws_redshift_subnet_group_1.yaml index 73a2b2b16..30b86dd2c 100755 --- a/queries/aws_redshift_subnet_group_1.yaml +++ b/queries/aws_redshift_subnet_group_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Redshift Subnet Groups and get detailed information + about each subnet group, including its name, description, VPC ID, subnet IDs, and + status. ID: aws_redshift_subnet_group_1 -Title: "List all AWS Redshift Subnet Groups and their details" -Description: "Allows users to query AWS Redshift Subnet Groups and get detailed information about each subnet group, including its name, description, VPC ID, subnet IDs, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_subnet_group_name, - description, - subnet_group_status, - vpc_id - from - aws_redshift_subnet_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_subnet_group_name,\n description,\n subnet_group_status,\n\ + \ vpc_id\nfrom\n aws_redshift_subnet_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: List all AWS Redshift Subnet Groups and their details diff --git a/queries/aws_redshift_subnet_group_2.yaml b/queries/aws_redshift_subnet_group_2.yaml index 0d977ad56..4fca456f2 100755 --- a/queries/aws_redshift_subnet_group_2.yaml +++ b/queries/aws_redshift_subnet_group_2.yaml @@ -1,29 +1,26 @@ +Description: Allows users to query AWS Redshift Subnet Groups and get detailed information + about each subnet group, including its name, description, VPC ID, subnet IDs, and + status. ID: aws_redshift_subnet_group_2 -Title: "Find AWS Redshift Subnet Group Details and Status" -Description: "Allows users to query AWS Redshift Subnet Groups and get detailed information about each subnet group, including its name, description, VPC ID, subnet IDs, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_subnet_group_name, - subnet -> 'SubnetAvailabilityZone' ->> 'Name' as subnet_availability_zone, - subnet -> 'SubnetAvailabilityZone' ->> 'SupportedPlatforms' as supported_platforms, - subnet ->> 'SubnetIdentifier' as subnet_identifier, - subnet ->> 'SubnetStatus' as subnet_status - from - aws_redshift_subnet_group, - jsonb_array_elements(subnets) as subnet; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_subnet_group_name,\n subnet -> 'SubnetAvailabilityZone'\ + \ ->> 'Name' as subnet_availability_zone,\n subnet -> 'SubnetAvailabilityZone'\ + \ ->> 'SupportedPlatforms' as supported_platforms,\n subnet ->> 'SubnetIdentifier'\ + \ as subnet_identifier,\n subnet ->> 'SubnetStatus' as subnet_status\nfrom\n\ + \ aws_redshift_subnet_group,\n jsonb_array_elements(subnets) as subnet;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: Find AWS Redshift Subnet Group Details and Status diff --git a/queries/aws_redshift_subnet_group_3.yaml b/queries/aws_redshift_subnet_group_3.yaml index 64bf2fc1f..015951d70 100755 --- a/queries/aws_redshift_subnet_group_3.yaml +++ b/queries/aws_redshift_subnet_group_3.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Redshift Subnet Groups and get detailed information + about each subnet group, including its name, description, VPC ID, subnet IDs, and + status. ID: aws_redshift_subnet_group_3 -Title: "Find AWS Redshift Subnet Groups and Their Details" -Description: "Allows users to query AWS Redshift Subnet Groups and get detailed information about each subnet group, including its name, description, VPC ID, subnet IDs, and status." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - cluster_subnet_group_name, - tags - from - aws_redshift_subnet_group - where - not tags :: JSONB ? 'application'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n cluster_subnet_group_name,\n tags\nfrom\n aws_redshift_subnet_group\n\ + where\n not tags :: JSONB ? 'application';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift +Title: Find AWS Redshift Subnet Groups and Their Details diff --git a/queries/aws_redshiftserverless_namespace_1.yaml b/queries/aws_redshiftserverless_namespace_1.yaml index 3e28b71f2..67341fc00 100755 --- a/queries/aws_redshiftserverless_namespace_1.yaml +++ b/queries/aws_redshiftserverless_namespace_1.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Redshift Serverless Namespace data. This table + provides information about each namespace within an AWS Redshift Serverless cluster. + It allows DevOps engineers to query namespace-specific details, including the namespace + ARN, creation date, and associated metadata. ID: aws_redshiftserverless_namespace_1 -Title: "List AWS Redshift Serverless Namespace Details" -Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - namespace_name, - namespace_arn, - namespace_id, - creation_date, - db_name, - region, - status - from - aws_redshiftserverless_namespace; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n namespace_name,\n namespace_arn,\n namespace_id,\n\ + \ creation_date,\n db_name,\n region,\n status\nfrom\n aws_redshiftserverless_namespace;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift Serverless +Title: List AWS Redshift Serverless Namespace Details diff --git a/queries/aws_redshiftserverless_namespace_2.yaml b/queries/aws_redshiftserverless_namespace_2.yaml index 156233d91..ecb743e83 100755 --- a/queries/aws_redshiftserverless_namespace_2.yaml +++ b/queries/aws_redshiftserverless_namespace_2.yaml @@ -1,32 +1,25 @@ +Description: Allows users to query AWS Redshift Serverless Namespace data. This table + provides information about each namespace within an AWS Redshift Serverless cluster. + It allows DevOps engineers to query namespace-specific details, including the namespace + ARN, creation date, and associated metadata. ID: aws_redshiftserverless_namespace_2 -Title: "List AWS Redshift Serverless Namespace Details" -Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - namespace_name, - namespace_arn, - namespace_id, - creation_date, - db_name, - region, - status - from - aws_redshiftserverless_namespace - where - status <> 'AVAILABLE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n namespace_name,\n namespace_arn,\n namespace_id,\n\ + \ creation_date,\n db_name,\n region,\n status\nfrom\n aws_redshiftserverless_namespace\n\ + where\n status <> 'AVAILABLE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift Serverless +Title: List AWS Redshift Serverless Namespace Details diff --git a/queries/aws_redshiftserverless_namespace_3.yaml b/queries/aws_redshiftserverless_namespace_3.yaml index ece3ff6b2..c0a8a27e9 100755 --- a/queries/aws_redshiftserverless_namespace_3.yaml +++ b/queries/aws_redshiftserverless_namespace_3.yaml @@ -1,32 +1,25 @@ +Description: Allows users to query AWS Redshift Serverless Namespace data. This table + provides information about each namespace within an AWS Redshift Serverless cluster. + It allows DevOps engineers to query namespace-specific details, including the namespace + ARN, creation date, and associated metadata. ID: aws_redshiftserverless_namespace_3 -Title: "List all AWS Redshift Serverless Namespace Data" -Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - namespace_name, - namespace_arn, - namespace_id, - creation_date, - db_name, - region, - status - from - aws_redshiftserverless_namespace - where - kms_key_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n namespace_name,\n namespace_arn,\n namespace_id,\n\ + \ creation_date,\n db_name,\n region,\n status\nfrom\n aws_redshiftserverless_namespace\n\ + where\n kms_key_id is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift Serverless +Title: List all AWS Redshift Serverless Namespace Data diff --git a/queries/aws_redshiftserverless_namespace_4.yaml b/queries/aws_redshiftserverless_namespace_4.yaml index fc28ad4ad..c6dd87625 100755 --- a/queries/aws_redshiftserverless_namespace_4.yaml +++ b/queries/aws_redshiftserverless_namespace_4.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Redshift Serverless Namespace data. This table + provides information about each namespace within an AWS Redshift Serverless cluster. + It allows DevOps engineers to query namespace-specific details, including the namespace + ARN, creation date, and associated metadata. ID: aws_redshiftserverless_namespace_4 -Title: "List AWS Redshift Serverless Namespace Details" -Description: "Allows users to query AWS Redshift Serverless Namespace data. This table provides information about each namespace within an AWS Redshift Serverless cluster. It allows DevOps engineers to query namespace-specific details, including the namespace ARN, creation date, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - namespace_name, - namespace_arn, - namespace_id, - creation_date, - default_iam_role_arn - from - aws_redshiftserverless_namespace; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n namespace_name,\n namespace_arn,\n namespace_id,\n\ + \ creation_date,\n default_iam_role_arn\nfrom\n aws_redshiftserverless_namespace;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift Serverless +Title: List AWS Redshift Serverless Namespace Details diff --git a/queries/aws_redshiftserverless_workgroup_1.yaml b/queries/aws_redshiftserverless_workgroup_1.yaml index 19c113a64..776755327 100755 --- a/queries/aws_redshiftserverless_workgroup_1.yaml +++ b/queries/aws_redshiftserverless_workgroup_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Redshift Serverless Workgroup information, + including workgroup details, query execution settings, and enforce workgroup configuration. ID: aws_redshiftserverless_workgroup_1 -Title: "List AWS Redshift Serverless Workgroup Details" -Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workgroup_name, - workgroup_arn, - workgroup_id, - base_capacity, - creation_date, - region, - status - from - aws_redshiftserverless_workgroup; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workgroup_name,\n workgroup_arn,\n workgroup_id,\n\ + \ base_capacity,\n creation_date,\n region,\n status\nfrom\n aws_redshiftserverless_workgroup;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift Serverless +Title: List AWS Redshift Serverless Workgroup Details diff --git a/queries/aws_redshiftserverless_workgroup_2.yaml b/queries/aws_redshiftserverless_workgroup_2.yaml index 757399d9c..a1f40b620 100755 --- a/queries/aws_redshiftserverless_workgroup_2.yaml +++ b/queries/aws_redshiftserverless_workgroup_2.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Redshift Serverless Workgroup information, + including workgroup details, query execution settings, and enforce workgroup configuration. ID: aws_redshiftserverless_workgroup_2 -Title: "List all AWS Redshift Serverless Workgroup details" -Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workgroup_name, - workgroup_arn, - workgroup_id, - base_capacity, - creation_date, - region, - status - from - aws_redshiftserverless_workgroup - where - status <> 'AVAILABLE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workgroup_name,\n workgroup_arn,\n workgroup_id,\n\ + \ base_capacity,\n creation_date,\n region,\n status\nfrom\n aws_redshiftserverless_workgroup\n\ + where\n status <> 'AVAILABLE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift Serverless +Title: List all AWS Redshift Serverless Workgroup details diff --git a/queries/aws_redshiftserverless_workgroup_3.yaml b/queries/aws_redshiftserverless_workgroup_3.yaml index d8ee81d78..de741059c 100755 --- a/queries/aws_redshiftserverless_workgroup_3.yaml +++ b/queries/aws_redshiftserverless_workgroup_3.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS Redshift Serverless Workgroup information, + including workgroup details, query execution settings, and enforce workgroup configuration. ID: aws_redshiftserverless_workgroup_3 -Title: "List all AWS Redshift Serverless Workgroup Details" -Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workgroup_name, - workgroup_arn, - workgroup_id, - base_capacity, - creation_date, - region, - status - from - aws_redshiftserverless_workgroup - where - publicly_accessible; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workgroup_name,\n workgroup_arn,\n workgroup_id,\n\ + \ base_capacity,\n creation_date,\n region,\n status\nfrom\n aws_redshiftserverless_workgroup\n\ + where\n publicly_accessible;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift Serverless +Title: List all AWS Redshift Serverless Workgroup Details diff --git a/queries/aws_redshiftserverless_workgroup_4.yaml b/queries/aws_redshiftserverless_workgroup_4.yaml index 4bacc7961..d66aaad64 100755 --- a/queries/aws_redshiftserverless_workgroup_4.yaml +++ b/queries/aws_redshiftserverless_workgroup_4.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS Redshift Serverless Workgroup information, + including workgroup details, query execution settings, and enforce workgroup configuration. ID: aws_redshiftserverless_workgroup_4 -Title: "List all AWS Redshift Serverless Workgroup details" -Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - sum(base_capacity) total_base_capacity - from - aws_redshiftserverless_workgroup - where - status = 'AVAILABLE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n sum(base_capacity) total_base_capacity\nfrom\n aws_redshiftserverless_workgroup\n\ + where\n status = 'AVAILABLE';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift Serverless +Title: List all AWS Redshift Serverless Workgroup details diff --git a/queries/aws_redshiftserverless_workgroup_5.yaml b/queries/aws_redshiftserverless_workgroup_5.yaml index dfdd8ecc7..6475b6509 100755 --- a/queries/aws_redshiftserverless_workgroup_5.yaml +++ b/queries/aws_redshiftserverless_workgroup_5.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Redshift Serverless Workgroup information, + including workgroup details, query execution settings, and enforce workgroup configuration. ID: aws_redshiftserverless_workgroup_5 -Title: "List all AWS Redshift Serverless Workgroup details" -Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workgroup_arn, - endpoint ->> 'Address' as endpoint_address, - endpoint ->> 'Port' as endpoint_port, - endpoint -> 'VpcEndpoints' as endpoint_vpc_details - from - aws_redshiftserverless_workgroup; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workgroup_arn,\n endpoint ->> 'Address' as endpoint_address,\n\ + \ endpoint ->> 'Port' as endpoint_port,\n endpoint -> 'VpcEndpoints' as endpoint_vpc_details\n\ + from\n aws_redshiftserverless_workgroup;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift Serverless +Title: List all AWS Redshift Serverless Workgroup details diff --git a/queries/aws_redshiftserverless_workgroup_6.yaml b/queries/aws_redshiftserverless_workgroup_6.yaml index 0908a347c..1f3a13429 100755 --- a/queries/aws_redshiftserverless_workgroup_6.yaml +++ b/queries/aws_redshiftserverless_workgroup_6.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Redshift Serverless Workgroup information, + including workgroup details, query execution settings, and enforce workgroup configuration. ID: aws_redshiftserverless_workgroup_6 -Title: "List All Details of AWS Redshift Serverless Workgroup" -Description: "Allows users to query AWS Redshift Serverless Workgroup information, including workgroup details, query execution settings, and enforce workgroup configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workgroup_arn, - p ->> 'ParameterKey' as parameter_key, - p ->> 'ParameterValue' as parameter_value - from - aws_redshiftserverless_workgroup, - jsonb_array_elements(config_parameters) p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workgroup_arn,\n p ->> 'ParameterKey' as parameter_key,\n\ + \ p ->> 'ParameterValue' as parameter_value\nfrom\n aws_redshiftserverless_workgroup,\n\ + \ jsonb_array_elements(config_parameters) p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Redshift Serverless +Title: List All Details of AWS Redshift Serverless Workgroup diff --git a/queries/aws_region_1.yaml b/queries/aws_region_1.yaml index 87aa237ad..2a2cdda1c 100755 --- a/queries/aws_region_1.yaml +++ b/queries/aws_region_1.yaml @@ -1,23 +1,19 @@ +Description: Allows users to query AWS Region to retrieve details about AWS regions + including their names, descriptions, and statuses. ID: aws_region_1 -Title: "List all AWS Region Details Including Names and Statuses" -Description: "Allows users to query AWS Region to retrieve details about AWS regions including their names, descriptions, and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - opt_in_status - from - aws_region; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n opt_in_status\nfrom\n aws_region;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Regions +Title: List all AWS Region Details Including Names and Statuses diff --git a/queries/aws_region_2.yaml b/queries/aws_region_2.yaml index 4dfc751fd..872f7d2a2 100755 --- a/queries/aws_region_2.yaml +++ b/queries/aws_region_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Region to retrieve details about AWS regions + including their names, descriptions, and statuses. ID: aws_region_2 -Title: "Find AWS Region Details and Statuses" -Description: "Allows users to query AWS Region to retrieve details about AWS regions including their names, descriptions, and statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - opt_in_status - from - aws_region - where - opt_in_status = 'not-opted-in'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n opt_in_status\nfrom\n aws_region\nwhere\n \ + \ opt_in_status = 'not-opted-in';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Region +Title: Find AWS Region Details and Statuses diff --git a/queries/aws_resource_explorer_index_1.yaml b/queries/aws_resource_explorer_index_1.yaml index 363542657..6ee623c5a 100755 --- a/queries/aws_resource_explorer_index_1.yaml +++ b/queries/aws_resource_explorer_index_1.yaml @@ -1,24 +1,19 @@ +Description: Allows users to query AWS Resource Explorer Index, providing a comprehensive + view of all resources across different AWS services in a single table. ID: aws_resource_explorer_index_1 -Title: "List all resources across AWS services" -Description: "Allows users to query AWS Resource Explorer Index, providing a comprehensive view of all resources across different AWS services in a single table." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - type - from - aws_resource_explorer_index; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n region,\n type\nfrom\n aws_resource_explorer_index;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Resource Explorer +Title: List all resources across AWS services diff --git a/queries/aws_resource_explorer_index_2.yaml b/queries/aws_resource_explorer_index_2.yaml index 34ca42c52..4ee459cdb 100755 --- a/queries/aws_resource_explorer_index_2.yaml +++ b/queries/aws_resource_explorer_index_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Resource Explorer Index, providing a comprehensive + view of all resources across different AWS services in a single table. ID: aws_resource_explorer_index_2 -Title: "List all AWS resources from Resource Explorer Index" -Description: "Allows users to query AWS Resource Explorer Index, providing a comprehensive view of all resources across different AWS services in a single table." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - type - from - aws_resource_explorer_index - where - type = 'AGGREGATOR'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n region,\n type\nfrom\n aws_resource_explorer_index\n\ + where\n type = 'AGGREGATOR';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Resource Explorer +Title: List all AWS resources from Resource Explorer Index diff --git a/queries/aws_resource_explorer_search_1.yaml b/queries/aws_resource_explorer_search_1.yaml index 25b3f04cc..230b12076 100755 --- a/queries/aws_resource_explorer_search_1.yaml +++ b/queries/aws_resource_explorer_search_1.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Resource Explorer to obtain a structured view + of all resources across AWS services. It provides detailed information about each + resource, including the service name, resource type, resource ID, and associated + tags. ID: aws_resource_explorer_search_1 -Title: "Find all AWS resources with details across services" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n region,\n resource_type,\n service,\n owning_account_id\n\ + from\n aws_resource_explorer_search;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Resource Explorer +Title: Find all AWS resources with details across services diff --git a/queries/aws_resource_explorer_search_2.yaml b/queries/aws_resource_explorer_search_2.yaml index 02a189746..86060188c 100755 --- a/queries/aws_resource_explorer_search_2.yaml +++ b/queries/aws_resource_explorer_search_2.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Resource Explorer to obtain a structured view + of all resources across AWS services. It provides detailed information about each + resource, including the service name, resource type, resource ID, and associated + tags. ID: aws_resource_explorer_search_2 -Title: "Find AWS Resource Details with AWS Resource Explorer" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - query = '-service:iam'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n region,\n resource_type,\n service,\n owning_account_id\n\ + from\n aws_resource_explorer_search\nwhere\n query = '-service:iam';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Resource Explorer +Title: Find AWS Resource Details with AWS Resource Explorer diff --git a/queries/aws_resource_explorer_search_3.yaml b/queries/aws_resource_explorer_search_3.yaml index ba0e0d22c..e8f72f0bd 100755 --- a/queries/aws_resource_explorer_search_3.yaml +++ b/queries/aws_resource_explorer_search_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Resource Explorer to obtain a structured view + of all resources across AWS services. It provides detailed information about each + resource, including the service name, resource type, resource ID, and associated + tags. ID: aws_resource_explorer_search_3 -Title: "List all AWS resources with detailed information" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - query = '-service:iam region:us-*'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n region,\n resource_type,\n service,\n owning_account_id\n\ + from\n aws_resource_explorer_search\nwhere\n query = '-service:iam region:us-*';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Resource Explorer +Title: List all AWS resources with detailed information diff --git a/queries/aws_resource_explorer_search_4.yaml b/queries/aws_resource_explorer_search_4.yaml index 7d64d52a5..77647ae75 100755 --- a/queries/aws_resource_explorer_search_4.yaml +++ b/queries/aws_resource_explorer_search_4.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Resource Explorer to obtain a structured view + of all resources across AWS services. It provides detailed information about each + resource, including the service name, resource type, resource ID, and associated + tags. ID: aws_resource_explorer_search_4 -Title: "List All AWS Resources in Resource Explorer" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - query = 'resourcetype:iam:user'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n region,\n resource_type,\n service,\n owning_account_id\n\ + from\n aws_resource_explorer_search\nwhere\n query = 'resourcetype:iam:user';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Resource Explorer +Title: List All AWS Resources in Resource Explorer diff --git a/queries/aws_resource_explorer_search_5.yaml b/queries/aws_resource_explorer_search_5.yaml index 25fa8ac35..db7244ada 100755 --- a/queries/aws_resource_explorer_search_5.yaml +++ b/queries/aws_resource_explorer_search_5.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Resource Explorer to obtain a structured view + of all resources across AWS services. It provides detailed information about each + resource, including the service name, resource type, resource ID, and associated + tags. ID: aws_resource_explorer_search_5 -Title: "List all Resources Across AWS Services" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - query = '-tag:none'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n region,\n resource_type,\n service,\n owning_account_id\n\ + from\n aws_resource_explorer_search\nwhere\n query = '-tag:none';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Resource Explorer +Title: List all Resources Across AWS Services diff --git a/queries/aws_resource_explorer_search_6.yaml b/queries/aws_resource_explorer_search_6.yaml index 3c5135d42..a403c9b80 100755 --- a/queries/aws_resource_explorer_search_6.yaml +++ b/queries/aws_resource_explorer_search_6.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Resource Explorer to obtain a structured view + of all resources across AWS services. It provides detailed information about each + resource, including the service name, resource type, resource ID, and associated + tags. ID: aws_resource_explorer_search_6 -Title: "List all resources across AWS services" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - query = 'tag.key:environment'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n region,\n resource_type,\n service,\n owning_account_id\n\ + from\n aws_resource_explorer_search\nwhere\n query = 'tag.key:environment';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Resource Explorer +Title: List all resources across AWS services diff --git a/queries/aws_resource_explorer_search_7.yaml b/queries/aws_resource_explorer_search_7.yaml index 3475d94ed..d998b5dc2 100755 --- a/queries/aws_resource_explorer_search_7.yaml +++ b/queries/aws_resource_explorer_search_7.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Resource Explorer to obtain a structured view + of all resources across AWS services. It provides detailed information about each + resource, including the service name, resource type, resource ID, and associated + tags. ID: aws_resource_explorer_search_7 -Title: "List all resources across AWS services" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - query = 'region:global'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n region,\n resource_type,\n service,\n owning_account_id\n\ + from\n aws_resource_explorer_search\nwhere\n query = 'region:global';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Resource Explorer +Title: List all resources across AWS services diff --git a/queries/aws_resource_explorer_search_8.yaml b/queries/aws_resource_explorer_search_8.yaml index 5ba841fb2..f959557a5 100755 --- a/queries/aws_resource_explorer_search_8.yaml +++ b/queries/aws_resource_explorer_search_8.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Resource Explorer to obtain a structured view + of all resources across AWS services. It provides detailed information about each + resource, including the service name, resource type, resource ID, and associated + tags. ID: aws_resource_explorer_search_8 -Title: "List all AWS resources with details using Resource Explorer" -Description: "Allows users to query AWS Resource Explorer to obtain a structured view of all resources across AWS services. It provides detailed information about each resource, including the service name, resource type, resource ID, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region, - resource_type, - service, - owning_account_id - from - aws_resource_explorer_search - where - view_arn = 'arn:aws:resource-explorer-2:ap-south-1:111122223333:view/view1/7c9e9845-4736-409f-9c0f-673fe7ce3e46'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n region,\n resource_type,\n service,\n owning_account_id\n\ + from\n aws_resource_explorer_search\nwhere\n view_arn = 'arn:aws:resource-explorer-2:ap-south-1:111122223333:view/view1/7c9e9845-4736-409f-9c0f-673fe7ce3e46';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Resource Explorer +Title: List all AWS resources with details using Resource Explorer diff --git a/queries/aws_resource_explorer_supported_resource_type_1.yaml b/queries/aws_resource_explorer_supported_resource_type_1.yaml index 6e0daf275..07ee10f64 100755 --- a/queries/aws_resource_explorer_supported_resource_type_1.yaml +++ b/queries/aws_resource_explorer_supported_resource_type_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Resource Explorer Supported Resource Types + to obtain details about supported resource types for AWS Resource Groups. ID: aws_resource_explorer_supported_resource_type_1 -Title: "Find AWS Resource Explorer Supported Resource Types" -Description: "Allows users to query AWS Resource Explorer Supported Resource Types to obtain details about supported resource types for AWS Resource Groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - resource_type - from - aws_resource_explorer_supported_resource_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n resource_type\nfrom\n aws_resource_explorer_supported_resource_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Resource Explorer +Title: Find AWS Resource Explorer Supported Resource Types diff --git a/queries/aws_resource_explorer_supported_resource_type_2.yaml b/queries/aws_resource_explorer_supported_resource_type_2.yaml index 9145813f3..547524d79 100755 --- a/queries/aws_resource_explorer_supported_resource_type_2.yaml +++ b/queries/aws_resource_explorer_supported_resource_type_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Resource Explorer Supported Resource Types + to obtain details about supported resource types for AWS Resource Groups. ID: aws_resource_explorer_supported_resource_type_2 -Title: "Find supported AWS Resource Explorer types for Resource Groups" -Description: "Allows users to query AWS Resource Explorer Supported Resource Types to obtain details about supported resource types for AWS Resource Groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service, - resource_type - from - aws_resource_explorer_supported_resource_type - where - service = 'iam'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service,\n resource_type\nfrom\n aws_resource_explorer_supported_resource_type\n\ + where\n service = 'iam';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Resource Explorer +Title: Find supported AWS Resource Explorer types for Resource Groups diff --git a/queries/aws_route53_domain_1.yaml b/queries/aws_route53_domain_1.yaml index e4709d003..faa3de058 100755 --- a/queries/aws_route53_domain_1.yaml +++ b/queries/aws_route53_domain_1.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS Route 53 Domains for detailed information about + domain names, including their status, expiration date, and associated tags. ID: aws_route53_domain_1 -Title: "Find all AWS Route 53 Domains Information" -Description: "Allows users to query AWS Route 53 Domains for detailed information about domain names, including their status, expiration date, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - auto_renew, - expiration_date - from - aws_route53_domain; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n auto_renew,\n expiration_date\nfrom\n\ + \ aws_route53_domain;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find all AWS Route 53 Domains Information diff --git a/queries/aws_route53_domain_2.yaml b/queries/aws_route53_domain_2.yaml index 93cadbbbb..02a9ba7d2 100755 --- a/queries/aws_route53_domain_2.yaml +++ b/queries/aws_route53_domain_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Route 53 Domains for detailed information about + domain names, including their status, expiration date, and associated tags. ID: aws_route53_domain_2 -Title: "List all AWS Route 53 Domains with Details" -Description: "Allows users to query AWS Route 53 Domains for detailed information about domain names, including their status, expiration date, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - auto_renew, - expiration_date - from - aws_route53_domain - where - auto_renew; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n auto_renew,\n expiration_date\nfrom\n\ + \ aws_route53_domain\nwhere\n auto_renew;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List all AWS Route 53 Domains with Details diff --git a/queries/aws_route53_domain_3.yaml b/queries/aws_route53_domain_3.yaml index ac6afa86d..327ff1127 100755 --- a/queries/aws_route53_domain_3.yaml +++ b/queries/aws_route53_domain_3.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Route 53 Domains for detailed information about + domain names, including their status, expiration date, and associated tags. ID: aws_route53_domain_3 -Title: "Find AWS Route 53 Domains with Transfer Lock Status" -Description: "Allows users to query AWS Route 53 Domains for detailed information about domain names, including their status, expiration date, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - domain_name, - expiration_date, - transfer_lock - from - aws_route53_domain - where - transfer_lock; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n domain_name,\n expiration_date,\n transfer_lock\nfrom\n\ + \ aws_route53_domain\nwhere\n transfer_lock;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find AWS Route 53 Domains with Transfer Lock Status diff --git a/queries/aws_route53_health_check_1.yaml b/queries/aws_route53_health_check_1.yaml index bbde88ba1..315560a51 100755 --- a/queries/aws_route53_health_check_1.yaml +++ b/queries/aws_route53_health_check_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Route 53 Health Check data, providing information + about health checks within AWS Route 53. This includes details such as health check + configuration, health check status, and associated metadata. ID: aws_route53_health_check_1 -Title: "List all Health Check Details in AWS Route 53" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - akas, - id, - health_check_version, - health_check_config - from - aws_route53_health_check; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n akas,\n id,\n health_check_version,\n health_check_config\n\ + from \n aws_route53_health_check;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List all Health Check Details in AWS Route 53 diff --git a/queries/aws_route53_health_check_2.yaml b/queries/aws_route53_health_check_2.yaml index 6ffed78bd..7101b7ac2 100755 --- a/queries/aws_route53_health_check_2.yaml +++ b/queries/aws_route53_health_check_2.yaml @@ -1,32 +1,28 @@ +Description: Allows users to query AWS Route 53 Health Check data, providing information + about health checks within AWS Route 53. This includes details such as health check + configuration, health check status, and associated metadata. ID: aws_route53_health_check_2 -Title: "List all AWS Route 53 Health Check Data and Configuration" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - health_check_version, - cloud_watch_alarm_configuration ->> 'ComparisonOperator' as cloud_watch_comparison_operator, - cloud_watch_alarm_configuration ->> 'Dimensions' as cloud_watch_dimensions, - cloud_watch_alarm_configuration ->> 'EvaluationPeriods' as cloud_watch_evaluation_periods, - cloud_watch_alarm_configuration ->> 'MetricName' as cloud_watch_metric_name, - cloud_watch_alarm_configuration ->> 'Period' as cloud_watch_period, - cloud_watch_alarm_configuration ->> 'Statistic' as cloud_watch_statistic, - cloud_watch_alarm_configuration ->> 'Threshold' as cloud_watch_threshold - from - aws_route53_health_check - where - cloud_watch_alarm_configuration is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n health_check_version,\n cloud_watch_alarm_configuration\ + \ ->> 'ComparisonOperator' as cloud_watch_comparison_operator,\n cloud_watch_alarm_configuration\ + \ ->> 'Dimensions' as cloud_watch_dimensions,\n cloud_watch_alarm_configuration\ + \ ->> 'EvaluationPeriods' as cloud_watch_evaluation_periods,\n cloud_watch_alarm_configuration\ + \ ->> 'MetricName' as cloud_watch_metric_name,\n cloud_watch_alarm_configuration\ + \ ->> 'Period' as cloud_watch_period,\n cloud_watch_alarm_configuration ->> 'Statistic'\ + \ as cloud_watch_statistic,\n cloud_watch_alarm_configuration ->> 'Threshold'\ + \ as cloud_watch_threshold\nfrom \n aws_route53_health_check\nwhere\n cloud_watch_alarm_configuration\ + \ is not null;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List all AWS Route 53 Health Check Data and Configuration diff --git a/queries/aws_route53_health_check_3.yaml b/queries/aws_route53_health_check_3.yaml index 58258feda..ea6b437dc 100755 --- a/queries/aws_route53_health_check_3.yaml +++ b/queries/aws_route53_health_check_3.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Route 53 Health Check data, providing information + about health checks within AWS Route 53. This includes details such as health check + configuration, health check status, and associated metadata. ID: aws_route53_health_check_3 -Title: "Find AWS Route 53 Health Check Configuration and Status" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - health_check_version, - linked_service_description, - linked_service_principal - from - aws_route53_health_check - where - linked_service_description is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n health_check_version,\n linked_service_description,\n\ + \ linked_service_principal\nfrom \n aws_route53_health_check\nwhere\n linked_service_description\ + \ is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find AWS Route 53 Health Check Configuration and Status diff --git a/queries/aws_route53_health_check_4.yaml b/queries/aws_route53_health_check_4.yaml index 02c0ce22c..f708e1ffa 100755 --- a/queries/aws_route53_health_check_4.yaml +++ b/queries/aws_route53_health_check_4.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS Route 53 Health Check data, providing information + about health checks within AWS Route 53. This includes details such as health check + configuration, health check status, and associated metadata. ID: aws_route53_health_check_4 -Title: "List all AWS Route 53 Health Check using SQL" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - health_check_version, - health_check_config ->> 'Disabled' as disabled - from - aws_route53_health_check - where - cast(health_check_config ->> 'Disabled' as boolean); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n health_check_version,\n health_check_config ->>\ + \ 'Disabled' as disabled\nfrom \n aws_route53_health_check \nwhere\n cast(health_check_config\ + \ ->> 'Disabled' as boolean);" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Route 53 +Title: List all AWS Route 53 Health Check using SQL diff --git a/queries/aws_route53_health_check_5.yaml b/queries/aws_route53_health_check_5.yaml index 08fa77a6c..785def92c 100755 --- a/queries/aws_route53_health_check_5.yaml +++ b/queries/aws_route53_health_check_5.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Route 53 Health Check data, providing information + about health checks within AWS Route 53. This includes details such as health check + configuration, health check status, and associated metadata. ID: aws_route53_health_check_5 -Title: "Find AWS Route 53 Health Check Configuration Details" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - health_check_version, - health_check_config ->> 'FullyQualifiedDomainName' as fully_qualified_domain_name, - health_check_config ->> 'IPAddress' as ip_address, - health_check_config ->> 'Port' as port, - health_check_config ->> 'Type' as type, - health_check_config ->> 'RequestInterval' as request_interval - from - aws_route53_health_check; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n health_check_version,\n health_check_config ->>\ + \ 'FullyQualifiedDomainName' as fully_qualified_domain_name,\n health_check_config\ + \ ->> 'IPAddress' as ip_address,\n health_check_config ->> 'Port' as port,\n\ + \ health_check_config ->> 'Type' as type,\n health_check_config ->> 'RequestInterval'\ + \ as request_interval\nfrom \n aws_route53_health_check;" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find AWS Route 53 Health Check Configuration Details diff --git a/queries/aws_route53_health_check_6.yaml b/queries/aws_route53_health_check_6.yaml index d8dcb19b0..735ea0895 100755 --- a/queries/aws_route53_health_check_6.yaml +++ b/queries/aws_route53_health_check_6.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS Route 53 Health Check data, providing information + about health checks within AWS Route 53. This includes details such as health check + configuration, health check status, and associated metadata. ID: aws_route53_health_check_6 -Title: "Find AWS Route 53 Health Check Details and Status" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - health_check_version, - health_check_config ->> 'FullyQualifiedDomainName' as fully_qualified_domain_name, - health_check_config ->> 'IPAddress' as ip_address, - health_check_config ->> 'Port' as port, - health_check_config ->> 'Type' as type, - health_check_config ->> 'RequestInterval' as request_interval, - health_check_config ->> 'AlarmIdentifier' as alarm_identifier - from - aws_route53_health_check - where - health_check_config ->> 'AlarmIdentifier' is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n health_check_version,\n health_check_config ->>\ + \ 'FullyQualifiedDomainName' as fully_qualified_domain_name,\n health_check_config\ + \ ->> 'IPAddress' as ip_address,\n health_check_config ->> 'Port' as port,\n\ + \ health_check_config ->> 'Type' as type,\n health_check_config ->> 'RequestInterval'\ + \ as request_interval,\n health_check_config ->> 'AlarmIdentifier' as alarm_identifier\n\ + from \n aws_route53_health_check\nwhere\n health_check_config ->> 'AlarmIdentifier'\ + \ is not null;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find AWS Route 53 Health Check Details and Status diff --git a/queries/aws_route53_health_check_7.yaml b/queries/aws_route53_health_check_7.yaml index ad64c9b8f..58bc1cb62 100755 --- a/queries/aws_route53_health_check_7.yaml +++ b/queries/aws_route53_health_check_7.yaml @@ -1,33 +1,27 @@ +Description: Allows users to query AWS Route 53 Health Check data, providing information + about health checks within AWS Route 53. This includes details such as health check + configuration, health check status, and associated metadata. ID: aws_route53_health_check_7 -Title: "Find AWS Route 53 Health Check Details" -Description: "Allows users to query AWS Route 53 Health Check data, providing information about health checks within AWS Route 53. This includes details such as health check configuration, health check status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.id, - r.health_check_version, - hc ->> 'IPAddress' as ip_address, - hc ->> 'Region' as region, - hc-> 'StatusReport' as status_report - from - aws_route53_health_check as r, - jsonb_array_elements(health_check_status) hc - where - hc-> 'StatusReport' ->> 'Status' not like '%Success%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.id,\n r.health_check_version,\n hc ->> 'IPAddress'\ + \ as ip_address,\n hc ->> 'Region' as region,\n hc-> 'StatusReport' as status_report\n\ + from \n aws_route53_health_check as r,\n jsonb_array_elements(health_check_status)\ + \ hc \nwhere \n hc-> 'StatusReport' ->> 'Status' not like '%Success%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find AWS Route 53 Health Check Details diff --git a/queries/aws_route53_query_log_1.yaml b/queries/aws_route53_query_log_1.yaml index 3f7ad1178..9b0439bc8 100755 --- a/queries/aws_route53_query_log_1.yaml +++ b/queries/aws_route53_query_log_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Route 53 Query Log data, providing insights + into DNS queries made to Route 53 hosted zones. ID: aws_route53_query_log_1 -Title: "List all AWS Route 53 Query Log DNS queries" -Description: "Allows users to query AWS Route 53 Query Log data, providing insights into DNS queries made to Route 53 hosted zones." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - hosted_zone_id, - cloud_watch_logs_log_group_arn, - title, - akas - from - aws_route53_query_log; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n hosted_zone_id,\n cloud_watch_logs_log_group_arn,\n\ + \ title,\n akas\nfrom\n aws_route53_query_log;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List all AWS Route 53 Query Log DNS queries diff --git a/queries/aws_route53_query_log_2.yaml b/queries/aws_route53_query_log_2.yaml index d7091c294..2e30fcce9 100755 --- a/queries/aws_route53_query_log_2.yaml +++ b/queries/aws_route53_query_log_2.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Route 53 Query Log data, providing insights + into DNS queries made to Route 53 hosted zones. ID: aws_route53_query_log_2 -Title: "Find AWS Route 53 Query Log Data with SQL" -Description: "Allows users to query AWS Route 53 Query Log data, providing insights into DNS queries made to Route 53 hosted zones." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - l.id, - l.hosted_zone_id, - z.private_zone, - z.resource_record_set_count - from - aws_route53_query_log as l, - aws_route53_zone as z - where - z.id = l.hosted_zone_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n l.id,\n l.hosted_zone_id,\n z.private_zone,\n z.resource_record_set_count\n\ + from\n aws_route53_query_log as l,\n aws_route53_zone as z\nwhere\n z.id =\ + \ l.hosted_zone_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find AWS Route 53 Query Log Data with SQL diff --git a/queries/aws_route53_query_log_3.yaml b/queries/aws_route53_query_log_3.yaml index d996a3067..bda2565e0 100755 --- a/queries/aws_route53_query_log_3.yaml +++ b/queries/aws_route53_query_log_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Route 53 Query Log data, providing insights + into DNS queries made to Route 53 hosted zones. ID: aws_route53_query_log_3 -Title: "List all DNS Queries from AWS Route 53 Query Log" -Description: "Allows users to query AWS Route 53 Query Log data, providing insights into DNS queries made to Route 53 hosted zones." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - hosted_zone_id, - count(id) - from - aws_route53_query_log - group by - hosted_zone_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n hosted_zone_id,\n count(id)\nfrom\n aws_route53_query_log\n\ + group by\n hosted_zone_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List all DNS Queries from AWS Route 53 Query Log diff --git a/queries/aws_route53_record_1.yaml b/queries/aws_route53_record_1.yaml index 466f54bec..f3cd4dc5f 100755 --- a/queries/aws_route53_record_1.yaml +++ b/queries/aws_route53_record_1.yaml @@ -1,27 +1,25 @@ +Description: Allows users to query Route 53 DNS records within Amazon Web Services. + The `aws_route53_record` table in Steampipe provides information about DNS records + within AWS Route 53. This table allows DevOps engineers to query record-specific + details, including type, name, TTL, and associated metadata. Users can utilize this + table to gather insights on DNS records, such as record types, verification of TTL + values, and more. ID: aws_route53_record_1 -Title: "Find AWS Route 53 Record Details Using SQL" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - type, - records, - alias_target - from - aws_route53_record; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n type,\n records,\n alias_target\nfrom\n aws_route53_record;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find AWS Route 53 Record Details Using SQL diff --git a/queries/aws_route53_record_2.yaml b/queries/aws_route53_record_2.yaml index 460f40b58..e97fb13f9 100755 --- a/queries/aws_route53_record_2.yaml +++ b/queries/aws_route53_record_2.yaml @@ -1,29 +1,26 @@ +Description: Allows users to query Route 53 DNS records within Amazon Web Services. + The `aws_route53_record` table in Steampipe provides information about DNS records + within AWS Route 53. This table allows DevOps engineers to query record-specific + details, including type, name, TTL, and associated metadata. Users can utilize this + table to gather insights on DNS records, such as record types, verification of TTL + values, and more. ID: aws_route53_record_2 -Title: "Find AWS Route 53 DNS Records with Steampipe SQL" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name, - r.type, - record - from - aws_route53_record as r, - jsonb_array_elements_text(records) as record - where - name = 'test.com.'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.name,\n r.type,\n record\nfrom\n aws_route53_record\ + \ as r,\n jsonb_array_elements_text(records) as record\nwhere\n name = 'test.com.';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 DNS +Title: Find AWS Route 53 DNS Records with Steampipe SQL diff --git a/queries/aws_route53_record_3.yaml b/queries/aws_route53_record_3.yaml index a5e6f2d9e..615f07a94 100755 --- a/queries/aws_route53_record_3.yaml +++ b/queries/aws_route53_record_3.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query Route 53 DNS records within Amazon Web Services. + The `aws_route53_record` table in Steampipe provides information about DNS records + within AWS Route 53. This table allows DevOps engineers to query record-specific + details, including type, name, TTL, and associated metadata. Users can utilize this + table to gather insights on DNS records, such as record types, verification of TTL + values, and more. ID: aws_route53_record_3 -Title: "Find DNS Records with AWS Route 53 Using Steampipe" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name, - r.type, - record - from - aws_route53_record as r, - jsonb_array_elements_text(records) as record - where - r.type = 'NS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.name,\n r.type,\n record\nfrom\n aws_route53_record\ + \ as r,\n jsonb_array_elements_text(records) as record\nwhere\n r.type = 'NS';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find DNS Records with AWS Route 53 Using Steampipe diff --git a/queries/aws_route53_record_4.yaml b/queries/aws_route53_record_4.yaml index ae8caa315..6304e5633 100755 --- a/queries/aws_route53_record_4.yaml +++ b/queries/aws_route53_record_4.yaml @@ -1,30 +1,27 @@ +Description: Allows users to query Route 53 DNS records within Amazon Web Services. + The `aws_route53_record` table in Steampipe provides information about DNS records + within AWS Route 53. This table allows DevOps engineers to query record-specific + details, including type, name, TTL, and associated metadata. Users can utilize this + table to gather insights on DNS records, such as record types, verification of TTL + values, and more. ID: aws_route53_record_4 -Title: "List AWS Route 53 DNS Record Details" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.name, - r.type, - record - from - aws_route53_record as r, - jsonb_array_elements_text(records) as record - where - r.name = 'test.com.' - and r.type = 'NS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.name,\n r.type,\n record\nfrom\n aws_route53_record\ + \ as r,\n jsonb_array_elements_text(records) as record\nwhere\n r.name = 'test.com.'\n\ + \ and r.type = 'NS';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List AWS Route 53 DNS Record Details diff --git a/queries/aws_route53_record_5.yaml b/queries/aws_route53_record_5.yaml index e047d02e2..c16e4b0e3 100755 --- a/queries/aws_route53_record_5.yaml +++ b/queries/aws_route53_record_5.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query Route 53 DNS records within Amazon Web Services. + The `aws_route53_record` table in Steampipe provides information about DNS records + within AWS Route 53. This table allows DevOps engineers to query record-specific + details, including type, name, TTL, and associated metadata. Users can utilize this + table to gather insights on DNS records, such as record types, verification of TTL + values, and more. ID: aws_route53_record_5 -Title: "Find DNS Record Details in AWS Route 53" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - type, - count(*) - from - aws_route53_record - group by - type - order by - count desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n type,\n count(*)\nfrom\n aws_route53_record\ngroup\ + \ by\n type\norder by\n count desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find DNS Record Details in AWS Route 53 diff --git a/queries/aws_route53_record_6.yaml b/queries/aws_route53_record_6.yaml index 4fd8fab46..b8050f104 100755 --- a/queries/aws_route53_record_6.yaml +++ b/queries/aws_route53_record_6.yaml @@ -1,32 +1,26 @@ +Description: Allows users to query Route 53 DNS records within Amazon Web Services. + The `aws_route53_record` table in Steampipe provides information about DNS records + within AWS Route 53. This table allows DevOps engineers to query record-specific + details, including type, name, TTL, and associated metadata. Users can utilize this + table to gather insights on DNS records, such as record types, verification of TTL + values, and more. ID: aws_route53_record_6 -Title: "List all DNS records in AWS Route 53 using SQL" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - type, - records, - alias_target, - geo_location ->> 'ContinentCode' as continent, - geo_location ->> 'CountryCode' as country, - geo_location ->> 'SubdivisionCode' as subdivision - from - aws_route53_record - where - geo_location is not null - order by - name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n type,\n records,\n alias_target,\n geo_location\ + \ ->> 'ContinentCode' as continent,\n geo_location ->> 'CountryCode' as country,\n\ + \ geo_location ->> 'SubdivisionCode' as subdivision\nfrom\n aws_route53_record\n\ + where\n geo_location is not null\norder by\n name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - DNS +Title: List all DNS records in AWS Route 53 using SQL diff --git a/queries/aws_route53_record_7.yaml b/queries/aws_route53_record_7.yaml index 7ba125cd2..de04ca3ba 100755 --- a/queries/aws_route53_record_7.yaml +++ b/queries/aws_route53_record_7.yaml @@ -1,30 +1,27 @@ +Description: Allows users to query Route 53 DNS records within Amazon Web Services. + The `aws_route53_record` table in Steampipe provides information about DNS records + within AWS Route 53. This table allows DevOps engineers to query record-specific + details, including type, name, TTL, and associated metadata. Users can utilize this + table to gather insights on DNS records, such as record types, verification of TTL + values, and more. ID: aws_route53_record_7 -Title: "Find all DNS Records in AWS Route 53" -Description: "Allows users to query Route 53 DNS records within Amazon Web Services. The `aws_route53_record` table in Steampipe provides information about DNS records within AWS Route 53. This table allows DevOps engineers to query record-specific details, including type, name, TTL, and associated metadata. Users can utilize this table to gather insights on DNS records, such as record types, verification of TTL values, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - type, - count(*) - from - aws_route53_record - left join jsonb_array_elements_text(records) as record on true - group by - name, - type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n type,\n count(*)\nfrom\n aws_route53_record\n\ + \ left join jsonb_array_elements_text(records) as record on true\ngroup by\n\ + \ name,\n type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find all DNS Records in AWS Route 53 diff --git a/queries/aws_route53_resolver_endpoint_1.yaml b/queries/aws_route53_resolver_endpoint_1.yaml index 38cdb4bb0..8f711b071 100755 --- a/queries/aws_route53_resolver_endpoint_1.yaml +++ b/queries/aws_route53_resolver_endpoint_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Route 53 Resolver Endpoints, providing detailed + information about each endpoint, including its ID, direction, IP addresses, and + status, among other details. ID: aws_route53_resolver_endpoint_1 -Title: "List all AWS Route 53 Resolver Endpoints with Details" -Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - direction, - ip_address_count - status - from - aws_route53_resolver_endpoint; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n direction,\n ip_address_count\n status\n\ + from\n aws_route53_resolver_endpoint;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 Resolver +Title: List all AWS Route 53 Resolver Endpoints with Details diff --git a/queries/aws_route53_resolver_endpoint_2.yaml b/queries/aws_route53_resolver_endpoint_2.yaml index 0e231c71f..ec4efee5a 100755 --- a/queries/aws_route53_resolver_endpoint_2.yaml +++ b/queries/aws_route53_resolver_endpoint_2.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Route 53 Resolver Endpoints, providing detailed + information about each endpoint, including its ID, direction, IP addresses, and + status, among other details. ID: aws_route53_resolver_endpoint_2 -Title: "List AWS Route 53 Resolver Endpoints with Details" -Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - direction, - ip_address_count - status - from - aws_route53_resolver_endpoint - where - id = 'rslvr-out-ebb7db0b7498463eb'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n direction,\n ip_address_count\n status\n\ + from\n aws_route53_resolver_endpoint\nwhere\n id = 'rslvr-out-ebb7db0b7498463eb';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List AWS Route 53 Resolver Endpoints with Details diff --git a/queries/aws_route53_resolver_endpoint_3.yaml b/queries/aws_route53_resolver_endpoint_3.yaml index be7b972e2..41a721224 100755 --- a/queries/aws_route53_resolver_endpoint_3.yaml +++ b/queries/aws_route53_resolver_endpoint_3.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Route 53 Resolver Endpoints, providing detailed + information about each endpoint, including its ID, direction, IP addresses, and + status, among other details. ID: aws_route53_resolver_endpoint_3 -Title: "List all AWS Route 53 Resolver Endpoints Needing Action" -Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - direction, - status, - status_message - from - aws_route53_resolver_endpoint - where - status = 'ACTION_NEEDED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n direction,\n status,\n status_message\n\ + from\n aws_route53_resolver_endpoint\nwhere\n status = 'ACTION_NEEDED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 Resolver +Title: List all AWS Route 53 Resolver Endpoints Needing Action diff --git a/queries/aws_route53_resolver_endpoint_4.yaml b/queries/aws_route53_resolver_endpoint_4.yaml index 3b5dfbae7..767df6f4c 100755 --- a/queries/aws_route53_resolver_endpoint_4.yaml +++ b/queries/aws_route53_resolver_endpoint_4.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS Route 53 Resolver Endpoints, providing detailed + information about each endpoint, including its ID, direction, IP addresses, and + status, among other details. ID: aws_route53_resolver_endpoint_4 -Title: "List All AWS Route 53 Resolver Endpoints and Details" -Description: "Allows users to query AWS Route 53 Resolver Endpoints, providing detailed information about each endpoint, including its ID, direction, IP addresses, and status, among other details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p ->> 'Ip' as ip, - p ->> 'Status' as status, - p ->> 'SubnetId' as subnet_id - from - aws_route53_resolver_endpoint, - jsonb_array_elements(ip_addresses) as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n p ->> 'Ip' as ip,\n p ->> 'Status' as status,\n\ + \ p ->> 'SubnetId' as subnet_id\nfrom\n aws_route53_resolver_endpoint,\n jsonb_array_elements(ip_addresses)\ + \ as p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List All AWS Route 53 Resolver Endpoints and Details diff --git a/queries/aws_route53_resolver_query_log_config_1.yaml b/queries/aws_route53_resolver_query_log_config_1.yaml index 3334a7a84..cf4945b22 100755 --- a/queries/aws_route53_resolver_query_log_config_1.yaml +++ b/queries/aws_route53_resolver_query_log_config_1.yaml @@ -1,27 +1,19 @@ +Description: Allows users to query AWS Route 53 Resolver Query Log Configurations. ID: aws_route53_resolver_query_log_config_1 -Title: "Find Route 53 Resolver Query Log Configurations" -Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - creation_time, - share_status, - status - from - aws_route53_resolver_query_log_config; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n creation_time,\n share_status,\n\ + \ status\nfrom\n aws_route53_resolver_query_log_config;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find Route 53 Resolver Query Log Configurations diff --git a/queries/aws_route53_resolver_query_log_config_2.yaml b/queries/aws_route53_resolver_query_log_config_2.yaml index f163e2892..2128f5d35 100755 --- a/queries/aws_route53_resolver_query_log_config_2.yaml +++ b/queries/aws_route53_resolver_query_log_config_2.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS Route 53 Resolver Query Log Configurations. ID: aws_route53_resolver_query_log_config_2 -Title: "List all AWS Route 53 Resolver Query Log Configurations" -Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - creation_time, - share_status, - status, - destination_arn - from - aws_route53_resolver_query_log_config - where - owner_id <> account_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n creation_time,\n share_status,\n\ + \ status,\n destination_arn\nfrom\n aws_route53_resolver_query_log_config\n\ + where\n owner_id <> account_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 cloud_traffic_analytics: - - "true" + - 'true' +Title: List all AWS Route 53 Resolver Query Log Configurations diff --git a/queries/aws_route53_resolver_query_log_config_3.yaml b/queries/aws_route53_resolver_query_log_config_3.yaml index e87143364..c05e3b20e 100755 --- a/queries/aws_route53_resolver_query_log_config_3.yaml +++ b/queries/aws_route53_resolver_query_log_config_3.yaml @@ -1,27 +1,19 @@ +Description: Allows users to query AWS Route 53 Resolver Query Log Configurations. ID: aws_route53_resolver_query_log_config_3 -Title: "Find AWS Route 53 Resolver Query Log Configurations" -Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - creator_request_id, - destination_arn - from - aws_route53_resolver_query_log_config - where - status = 'FAILED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n creator_request_id,\n destination_arn\n\ + from\n aws_route53_resolver_query_log_config\nwhere\n status = 'FAILED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find AWS Route 53 Resolver Query Log Configurations diff --git a/queries/aws_route53_resolver_query_log_config_4.yaml b/queries/aws_route53_resolver_query_log_config_4.yaml index c06576960..c7935ce55 100755 --- a/queries/aws_route53_resolver_query_log_config_4.yaml +++ b/queries/aws_route53_resolver_query_log_config_4.yaml @@ -1,27 +1,19 @@ +Description: Allows users to query AWS Route 53 Resolver Query Log Configurations. ID: aws_route53_resolver_query_log_config_4 -Title: "Find AWS Route 53 Resolver Query Log Configurations" -Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - share_status, - association_count - from - aws_route53_resolver_query_log_config - where - share_status = 'SHARED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n share_status,\n association_count\n\ + from\n aws_route53_resolver_query_log_config\nwhere\n share_status = 'SHARED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find AWS Route 53 Resolver Query Log Configurations diff --git a/queries/aws_route53_resolver_query_log_config_5.yaml b/queries/aws_route53_resolver_query_log_config_5.yaml index a154ed87a..63a8fd125 100755 --- a/queries/aws_route53_resolver_query_log_config_5.yaml +++ b/queries/aws_route53_resolver_query_log_config_5.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS Route 53 Resolver Query Log Configurations. ID: aws_route53_resolver_query_log_config_5 -Title: "Find AWS Route 53 Resolver Query Log Configurations" -Description: "Allows users to query AWS Route 53 Resolver Query Log Configurations." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - creation_time, - destination_arn, - status - from - aws_route53_resolver_query_log_config - where - creation_time >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n creation_time,\n destination_arn,\n\ + \ status\nfrom\n aws_route53_resolver_query_log_config\nwhere\n creation_time\ + \ >= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find AWS Route 53 Resolver Query Log Configurations diff --git a/queries/aws_route53_resolver_rule_1.yaml b/queries/aws_route53_resolver_rule_1.yaml index 1fb924398..98e1a6934 100755 --- a/queries/aws_route53_resolver_rule_1.yaml +++ b/queries/aws_route53_resolver_rule_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS + resolver rules configured in an AWS account. ID: aws_route53_resolver_rule_1 -Title: "List all AWS Route 53 Resolver Rules" -Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - domain_name owner_id, - resolver_endpoint_id, - rule_type, - share_status, - status - from - aws_route53_resolver_rule; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n domain_name owner_id,\n resolver_endpoint_id,\n\ + \ rule_type,\n share_status,\n status\nfrom\n aws_route53_resolver_rule;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List all AWS Route 53 Resolver Rules diff --git a/queries/aws_route53_resolver_rule_2.yaml b/queries/aws_route53_resolver_rule_2.yaml index 597e8718a..e90fe0d68 100755 --- a/queries/aws_route53_resolver_rule_2.yaml +++ b/queries/aws_route53_resolver_rule_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS + resolver rules configured in an AWS account. ID: aws_route53_resolver_rule_2 -Title: "Find Route 53 Resolver Rules Configured in AWS Account" -Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - resolver_rule_associations - from - aws_route53_resolver_rule - Where - resolver_rule_associations = '[]'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n resolver_rule_associations\n\ + from\n aws_route53_resolver_rule\nWhere\n resolver_rule_associations = '[]';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find Route 53 Resolver Rules Configured in AWS Account diff --git a/queries/aws_route53_resolver_rule_3.yaml b/queries/aws_route53_resolver_rule_3.yaml index 0cd96c624..83a80a995 100755 --- a/queries/aws_route53_resolver_rule_3.yaml +++ b/queries/aws_route53_resolver_rule_3.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS + resolver rules configured in an AWS account. ID: aws_route53_resolver_rule_3 -Title: "Find AWS Route 53 Resolver Rule Data in AWS Account" -Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p ->> 'Ip' as ip, - p ->> 'Port' as port - from - aws_route53_resolver_rule, - jsonb_array_elements(target_ips) as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n p ->> 'Ip' as ip,\n p ->> 'Port' as port\n\ + from\n aws_route53_resolver_rule,\n jsonb_array_elements(target_ips) as p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find AWS Route 53 Resolver Rule Data in AWS Account diff --git a/queries/aws_route53_resolver_rule_4.yaml b/queries/aws_route53_resolver_rule_4.yaml index 7831dbc0a..196c7715c 100755 --- a/queries/aws_route53_resolver_rule_4.yaml +++ b/queries/aws_route53_resolver_rule_4.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS + resolver rules configured in an AWS account. ID: aws_route53_resolver_rule_4 -Title: "Find all AWS Route 53 Resolver Rules Configuration" -Description: "Allows users to query AWS Route 53 Resolver Rule to obtain data on DNS resolver rules configured in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - share_status, - rule_type - from - aws_route53_resolver_rule - where - share_status = 'SHARED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n share_status,\n rule_type\nfrom\n aws_route53_resolver_rule\n\ + where\n share_status = 'SHARED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find all AWS Route 53 Resolver Rules Configuration diff --git a/queries/aws_route53_traffic_policy_1.yaml b/queries/aws_route53_traffic_policy_1.yaml index e863415e7..2ab26e970 100755 --- a/queries/aws_route53_traffic_policy_1.yaml +++ b/queries/aws_route53_traffic_policy_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Route 53 Traffic Policies to retrieve information + about each policy''s versions, including the policy identifier, name, type, and + document. This table also provides data related to the policy''s associated metadata. ID: aws_route53_traffic_policy_1 -Title: "List all AWS Route 53 Traffic Policies and Metadata" -Description: "Allows users to query AWS Route 53 Traffic Policies to retrieve information about each policy''s versions, including the policy identifier, name, type, and document. This table also provides data related to the policy''s associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - version, - document, - region - from - aws_route53_traffic_policy; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n version,\n document,\n region\nfrom\ + \ \n aws_route53_traffic_policy;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List all AWS Route 53 Traffic Policies and Metadata diff --git a/queries/aws_route53_traffic_policy_2.yaml b/queries/aws_route53_traffic_policy_2.yaml index 4b0963cf2..9fd337761 100755 --- a/queries/aws_route53_traffic_policy_2.yaml +++ b/queries/aws_route53_traffic_policy_2.yaml @@ -1,35 +1,23 @@ +Description: Allows users to query AWS Route 53 Traffic Policies to retrieve information + about each policy''s versions, including the policy identifier, name, type, and + document. This table also provides data related to the policy''s associated metadata. ID: aws_route53_traffic_policy_2 -Title: "Find All AWS Route 53 Traffic Policy Versions and Metadata" -Description: "Allows users to query AWS Route 53 Traffic Policies to retrieve information about each policy''s versions, including the policy identifier, name, type, and document. This table also provides data related to the policy''s associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - policy.id, - policy.version, - comment - from - aws_route53_traffic_policy policy, - (select - id, - max(version) as version - from - aws_route53_traffic_policy - group by - id) as latest - where - latest.id = policy.id - and latest.version = policy.version; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n name,\n policy.id,\n policy.version, \n comment \n\ + from \n aws_route53_traffic_policy policy,\n (select\n id,\n max(version)\ + \ as version\n from \n aws_route53_traffic_policy \n group by \n id) as\ + \ latest\nwhere \n latest.id = policy.id \n and latest.version = policy.version;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: Find All AWS Route 53 Traffic Policy Versions and Metadata diff --git a/queries/aws_route53_traffic_policy_3.yaml b/queries/aws_route53_traffic_policy_3.yaml index d85f40de6..1e0a13176 100755 --- a/queries/aws_route53_traffic_policy_3.yaml +++ b/queries/aws_route53_traffic_policy_3.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Route 53 Traffic Policies to retrieve information + about each policy''s versions, including the policy identifier, name, type, and + document. This table also provides data related to the policy''s associated metadata. ID: aws_route53_traffic_policy_3 -Title: "List all AWS Route 53 Traffic Policies with Versions" -Description: "Allows users to query AWS Route 53 Traffic Policies to retrieve information about each policy''s versions, including the policy identifier, name, type, and document. This table also provides data related to the policy''s associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - document ->> 'RecordType' as dns_type, - count(id) as "policies" - from - aws_route53_traffic_policy - group by - dns_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n document ->> 'RecordType' as dns_type,\n count(id) as\ + \ \"policies\"\nfrom\n aws_route53_traffic_policy\ngroup by \n dns_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List all AWS Route 53 Traffic Policies with Versions diff --git a/queries/aws_route53_traffic_policy_instance_1.yaml b/queries/aws_route53_traffic_policy_instance_1.yaml index ec0c3175d..475f39823 100755 --- a/queries/aws_route53_traffic_policy_instance_1.yaml +++ b/queries/aws_route53_traffic_policy_instance_1.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS Route 53 Traffic Policy Instances, providing + detailed information about each instance such as the ID, version, DNS name, and + more. This table is useful for gaining insights into the configuration and status + of traffic policy instances. ID: aws_route53_traffic_policy_instance_1 -Title: "List all AWS Route 53 Traffic Policy Instances" -Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - hosted_zone_id, - ttl, - region - from - aws_route53_traffic_policy_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n hosted_zone_id,\n ttl,\n region\nfrom\ + \ \n aws_route53_traffic_policy_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List all AWS Route 53 Traffic Policy Instances diff --git a/queries/aws_route53_traffic_policy_instance_2.yaml b/queries/aws_route53_traffic_policy_instance_2.yaml index 7e0e1f5d6..fd5866b03 100755 --- a/queries/aws_route53_traffic_policy_instance_2.yaml +++ b/queries/aws_route53_traffic_policy_instance_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Route 53 Traffic Policy Instances, providing + detailed information about each instance such as the ID, version, DNS name, and + more. This table is useful for gaining insights into the configuration and status + of traffic policy instances. ID: aws_route53_traffic_policy_instance_2 -Title: "List all AWS Route 53 Traffic Policy Instances" -Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.name, - i.id, - h.id as hosted_zone_id, - h.name as hosted_zone_name, - h.caller_reference, - h.private_zone - from - aws_route53_traffic_policy_instance i - join aws_route53_zone h on i.hosted_zone_id = h.id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n i.name,\n i.id,\n h.id as hosted_zone_id,\n h.name\ + \ as hosted_zone_name,\n h.caller_reference,\n h.private_zone\nfrom \n aws_route53_traffic_policy_instance\ + \ i\n join aws_route53_zone h on i.hosted_zone_id = h.id;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List all AWS Route 53 Traffic Policy Instances diff --git a/queries/aws_route53_traffic_policy_instance_3.yaml b/queries/aws_route53_traffic_policy_instance_3.yaml index 824ceee0a..7e0138d12 100755 --- a/queries/aws_route53_traffic_policy_instance_3.yaml +++ b/queries/aws_route53_traffic_policy_instance_3.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Route 53 Traffic Policy Instances, providing + detailed information about each instance such as the ID, version, DNS name, and + more. This table is useful for gaining insights into the configuration and status + of traffic policy instances. ID: aws_route53_traffic_policy_instance_3 -Title: "List all AWS Route 53 Traffic Policy Instances" -Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.name, - i.id, - traffic_policy_id, - p.name as traffic_policy_name, - traffic_policy_type, - traffic_policy_version, - p.document - from - aws_route53_traffic_policy_instance i - join aws_route53_traffic_policy p on i.traffic_policy_id = p.id - and i.traffic_policy_version = p.version; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n i.name,\n i.id,\n traffic_policy_id,\n p.name as\ + \ traffic_policy_name,\n traffic_policy_type,\n traffic_policy_version,\n p.document\n\ + from \n aws_route53_traffic_policy_instance i\n join aws_route53_traffic_policy\ + \ p on i.traffic_policy_id = p.id \n and i.traffic_policy_version = p.version;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List all AWS Route 53 Traffic Policy Instances diff --git a/queries/aws_route53_traffic_policy_instance_4.yaml b/queries/aws_route53_traffic_policy_instance_4.yaml index 11be6709f..147dae202 100755 --- a/queries/aws_route53_traffic_policy_instance_4.yaml +++ b/queries/aws_route53_traffic_policy_instance_4.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS Route 53 Traffic Policy Instances, providing + detailed information about each instance such as the ID, version, DNS name, and + more. This table is useful for gaining insights into the configuration and status + of traffic policy instances. ID: aws_route53_traffic_policy_instance_4 -Title: "List All AWS Route 53 Traffic Policy Instances" -Description: "Allows users to query AWS Route 53 Traffic Policy Instances, providing detailed information about each instance such as the ID, version, DNS name, and more. This table is useful for gaining insights into the configuration and status of traffic policy instances." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - state, - hosted_zone_id, - message as failed_reason - from - aws_route53_traffic_policy_instance - where - state = 'Failed'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n state,\n hosted_zone_id,\n message\ + \ as failed_reason\nfrom \n aws_route53_traffic_policy_instance\nwhere\n state\ + \ = 'Failed';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List All AWS Route 53 Traffic Policy Instances diff --git a/queries/aws_route53_vpc_association_authorization_1.yaml b/queries/aws_route53_vpc_association_authorization_1.yaml index b1727c511..bfe98a59d 100755 --- a/queries/aws_route53_vpc_association_authorization_1.yaml +++ b/queries/aws_route53_vpc_association_authorization_1.yaml @@ -1,26 +1,21 @@ +Description: Gets a list of the VPCs that were created by other accounts and that + can be associated with a specified hosted zone because you''ve submitted one or + more `CreateVPCAssociationAuthorization` requests. ID: aws_route53_vpc_association_authorization_1 -Title: "List all VPCs created by other accounts for a hosted zone" -Description: "Gets a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone because you''ve submitted one or more `CreateVPCAssociationAuthorization` requests." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - hosted_zone_id, - vpc_id, - vpc_region - from - aws_route53_vpc_association_authorization - where - hosted_zone_id = 'Z3M3LMPEXAMPLE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n hosted_zone_id,\n vpc_id,\n vpc_region\nfrom\n aws_route53_vpc_association_authorization\n\ + where\n hosted_zone_id = 'Z3M3LMPEXAMPLE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route53 +Title: List all VPCs created by other accounts for a hosted zone diff --git a/queries/aws_route53_vpc_association_authorization_2.yaml b/queries/aws_route53_vpc_association_authorization_2.yaml index 2a266544e..9c4620df7 100755 --- a/queries/aws_route53_vpc_association_authorization_2.yaml +++ b/queries/aws_route53_vpc_association_authorization_2.yaml @@ -1,28 +1,21 @@ +Description: Gets a list of the VPCs that were created by other accounts and that + can be associated with a specified hosted zone because you''ve submitted one or + more `CreateVPCAssociationAuthorization` requests. ID: aws_route53_vpc_association_authorization_2 -Title: "List all VPCs from other accounts for Route53 association" -Description: "Gets a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone because you''ve submitted one or more `CreateVPCAssociationAuthorization` requests." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - hosted_zone_id, - vpc_id, - vpc_region - from - aws_route53_vpc_association_authorization - where - hosted_zone_id = 'Z3M3LMPEXAMPLE' - order by - vpc_region desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n hosted_zone_id,\n vpc_id,\n vpc_region\nfrom\n aws_route53_vpc_association_authorization\n\ + where\n hosted_zone_id = 'Z3M3LMPEXAMPLE'\norder by\n vpc_region desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route53 +Title: List all VPCs from other accounts for Route53 association diff --git a/queries/aws_route53_vpc_association_authorization_3.yaml b/queries/aws_route53_vpc_association_authorization_3.yaml index c54b994a2..959954878 100755 --- a/queries/aws_route53_vpc_association_authorization_3.yaml +++ b/queries/aws_route53_vpc_association_authorization_3.yaml @@ -1,30 +1,24 @@ +Description: Gets a list of the VPCs that were created by other accounts and that + can be associated with a specified hosted zone because you''ve submitted one or + more `CreateVPCAssociationAuthorization` requests. ID: aws_route53_vpc_association_authorization_3 -Title: "List all VPCs for AWS Route53 VPC Association Authorization" -Description: "Gets a list of the VPCs that were created by other accounts and that can be associated with a specified hosted zone because you''ve submitted one or more `CreateVPCAssociationAuthorization` requests." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - auth.hosted_zone_id, - z.name, - auth.vpc_id, - auth.vpc_region - from - aws_route53_vpc_association_authorization auth - inner join - aws_route53_zone z on auth.hosted_zone_id = z.id - where z.name = 'mycooldomain.xyz'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n auth.hosted_zone_id,\n z.name,\n auth.vpc_id,\n auth.vpc_region\n\ + from\n aws_route53_vpc_association_authorization auth\ninner join\n aws_route53_zone\ + \ z on auth.hosted_zone_id = z.id\nwhere z.name = 'mycooldomain.xyz';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route53 +Title: List all VPCs for AWS Route53 VPC Association Authorization diff --git a/queries/aws_route53_zone_1.yaml b/queries/aws_route53_zone_1.yaml index 6fa50ae2a..20604a8ab 100755 --- a/queries/aws_route53_zone_1.yaml +++ b/queries/aws_route53_zone_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Route 53 Zone details including hosted zone + ID, name, type, record set count, and associated tags. ID: aws_route53_zone_1 -Title: "List AWS Route 53 Zone Details Including Hosted Zone ID" -Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - private_zone, - resource_record_set_count - from - aws_route53_zone; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n private_zone,\n resource_record_set_count\n\ + from \n aws_route53_zone;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List AWS Route 53 Zone Details Including Hosted Zone ID diff --git a/queries/aws_route53_zone_2.yaml b/queries/aws_route53_zone_2.yaml index 63667ef71..ef958baa5 100755 --- a/queries/aws_route53_zone_2.yaml +++ b/queries/aws_route53_zone_2.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS Route 53 Zone details including hosted zone + ID, name, type, record set count, and associated tags. ID: aws_route53_zone_2 -Title: "List all AWS Route 53 Zone Details Including Tags and Counts" -Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - comment, - private_zone, - resource_record_set_count - from - aws_route53_zone - where - private_zone; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n comment,\n private_zone,\n resource_record_set_count\n\ + from \n aws_route53_zone\nwhere\n private_zone;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List all AWS Route 53 Zone Details Including Tags and Counts diff --git a/queries/aws_route53_zone_3.yaml b/queries/aws_route53_zone_3.yaml index 4e49ca242..2110436cd 100755 --- a/queries/aws_route53_zone_3.yaml +++ b/queries/aws_route53_zone_3.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Route 53 Zone details including hosted zone + ID, name, type, record set count, and associated tags. ID: aws_route53_zone_3 -Title: "List AWS Route 53 Zone Details Including Hosted Zone ID" -Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - comment, - private_zone, - resource_record_set_count - from - aws_route53_zone - where - not private_zone; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n comment,\n private_zone,\n resource_record_set_count\n\ + from \n aws_route53_zone\nwhere\n not private_zone;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List AWS Route 53 Zone Details Including Hosted Zone ID diff --git a/queries/aws_route53_zone_4.yaml b/queries/aws_route53_zone_4.yaml index 0e652c063..25e4b12c2 100755 --- a/queries/aws_route53_zone_4.yaml +++ b/queries/aws_route53_zone_4.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Route 53 Zone details including hosted zone + ID, name, type, record set count, and associated tags. ID: aws_route53_zone_4 -Title: "List all AWS Route 53 Zone details including record count" -Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - private_zone, - resource_record_set_count - from - aws_route53_zone - where - name like '%.turbot.com. - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n private_zone,\n resource_record_set_count\n\ + from \n aws_route53_zone\nwhere\n name like '%.turbot.com." Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List all AWS Route 53 Zone details including record count diff --git a/queries/aws_route53_zone_5.yaml b/queries/aws_route53_zone_5.yaml index 2cfe68f84..5ca0a2889 100755 --- a/queries/aws_route53_zone_5.yaml +++ b/queries/aws_route53_zone_5.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Route 53 Zone details including hosted zone + ID, name, type, record set count, and associated tags. ID: aws_route53_zone_5 -Title: "List AWS Route 53 Zone Details with Associated Tags" -Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - v ->> 'VPCId' as vpc_id, - v ->> 'VPCRegion' as vpc_region - from - aws_route53_zone, - jsonb_array_elements(vpcs) as v; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n name,\n id,\n v ->> 'VPCId' as vpc_id,\n v ->> 'VPCRegion'\ + \ as vpc_region\nfrom\n aws_route53_zone,\n jsonb_array_elements(vpcs) as v;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List AWS Route 53 Zone Details with Associated Tags diff --git a/queries/aws_route53_zone_6.yaml b/queries/aws_route53_zone_6.yaml index 558b6624e..2c2bb4103 100755 --- a/queries/aws_route53_zone_6.yaml +++ b/queries/aws_route53_zone_6.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS Route 53 Zone details including hosted zone + ID, name, type, record set count, and associated tags. ID: aws_route53_zone_6 -Title: "List AWS Route 53 Zone Details including Hosted Zone ID" -Description: "Allows users to query AWS Route 53 Zone details including hosted zone ID, name, type, record set count, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - v.vpc_id as vpc_id, - v.cidr_block as cidr_block, - v.is_default as is_default, - v.dhcp_options_id as dhcp_options_id - from - aws_route53_zone, - jsonb_array_elements(vpcs) as p, - aws_vpc as v - where - p ->> 'VPCId' = v.vpc_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n name,\n id,\n v.vpc_id as vpc_id,\n v.cidr_block\ + \ as cidr_block,\n v.is_default as is_default,\n v.dhcp_options_id as dhcp_options_id\n\ + from\n aws_route53_zone,\n jsonb_array_elements(vpcs) as p,\n aws_vpc as v\n\ + where\n p ->> 'VPCId' = v.vpc_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Route 53 +Title: List AWS Route 53 Zone Details including Hosted Zone ID diff --git a/queries/aws_s3_access_point_1.yaml b/queries/aws_s3_access_point_1.yaml index 0d2bd6bd3..19b16e382 100755 --- a/queries/aws_s3_access_point_1.yaml +++ b/queries/aws_s3_access_point_1.yaml @@ -1,24 +1,19 @@ +Description: Allows users to query AWS S3 Access Point details such as name, bucket, + network origin, policy status, creation time, and more. ID: aws_s3_access_point_1 -Title: "List all AWS S3 Access Point details using SQL" -Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_point_arn, - bucket_name - from - aws_s3_access_point; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n access_point_arn,\n bucket_name\nfrom\n aws_s3_access_point;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: List all AWS S3 Access Point details using SQL diff --git a/queries/aws_s3_access_point_2.yaml b/queries/aws_s3_access_point_2.yaml index 8d9ce75f9..85e69cf60 100755 --- a/queries/aws_s3_access_point_2.yaml +++ b/queries/aws_s3_access_point_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS S3 Access Point details such as name, bucket, + network origin, policy status, creation time, and more. ID: aws_s3_access_point_2 -Title: "List all AWS S3 Access Point details" -Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_point_arn, - vpc_id - from - aws_s3_access_point - where - vpc_id is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n access_point_arn,\n vpc_id\nfrom\n aws_s3_access_point\n\ + where\n vpc_id is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: List all AWS S3 Access Point details diff --git a/queries/aws_s3_access_point_3.yaml b/queries/aws_s3_access_point_3.yaml index a3aec7c1e..5a7eac00e 100755 --- a/queries/aws_s3_access_point_3.yaml +++ b/queries/aws_s3_access_point_3.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS S3 Access Point details such as name, bucket, + network origin, policy status, creation time, and more. ID: aws_s3_access_point_3 -Title: "Find AWS S3 Access Point details with public policies" -Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - block_public_acls, - block_public_policy, - ignore_public_acls, - restrict_public_buckets - from - aws_s3_access_point - where - not block_public_acls - or not block_public_policy - or not ignore_public_acls - or not restrict_public_buckets; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n block_public_acls,\n block_public_policy,\n\ + \ ignore_public_acls,\n restrict_public_buckets\nfrom\n aws_s3_access_point\n\ + where\n not block_public_acls\n or not block_public_policy\n or not ignore_public_acls\n\ + \ or not restrict_public_buckets;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find AWS S3 Access Point details with public policies diff --git a/queries/aws_s3_access_point_4.yaml b/queries/aws_s3_access_point_4.yaml index db567107f..bb5c4307d 100755 --- a/queries/aws_s3_access_point_4.yaml +++ b/queries/aws_s3_access_point_4.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS S3 Access Point details such as name, bucket, + network origin, policy status, creation time, and more. ID: aws_s3_access_point_4 -Title: "List all AWS S3 Access Point details including name and policy" -Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - access_point_policy_is_public - from - aws_s3_access_point - where - access_point_policy_is_public; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n access_point_policy_is_public\nfrom\n aws_s3_access_point\n\ + where\n access_point_policy_is_public;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: List all AWS S3 Access Point details including name and policy diff --git a/queries/aws_s3_access_point_5.yaml b/queries/aws_s3_access_point_5.yaml index d5dfd189f..715937671 100755 --- a/queries/aws_s3_access_point_5.yaml +++ b/queries/aws_s3_access_point_5.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS S3 Access Point details such as name, bucket, + network origin, policy status, creation time, and more. ID: aws_s3_access_point_5 -Title: "List AWS S3 Access Point Details Including Name, Bucket" -Description: "Allows users to query AWS S3 Access Point details such as name, bucket, network origin, policy status, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - bucket_name, - count(name) access_point_count - from - aws_s3_access_point - group by - bucket_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n bucket_name,\n count(name) access_point_count\nfrom\n\ + \ aws_s3_access_point\ngroup by\n bucket_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 Access Point +Title: List AWS S3 Access Point Details Including Name, Bucket diff --git a/queries/aws_s3_bucket_1.yaml b/queries/aws_s3_bucket_1.yaml index 0461a9adc..05bc3f3f1 100755 --- a/queries/aws_s3_bucket_1.yaml +++ b/queries/aws_s3_bucket_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS S3 buckets for detailed information about their + configuration, policies, and permissions. ID: aws_s3_bucket_1 -Title: "List all AWS S3 Buckets with Configuration and Policies" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - region, - account_id, - bucket_policy_is_public - from - aws_s3_bucket; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n region,\n account_id,\n bucket_policy_is_public\n\ + from\n aws_s3_bucket;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: List all AWS S3 Buckets with Configuration and Policies diff --git a/queries/aws_s3_bucket_10.yaml b/queries/aws_s3_bucket_10.yaml index ddb7a58b1..a92dd0d41 100755 --- a/queries/aws_s3_bucket_10.yaml +++ b/queries/aws_s3_bucket_10.yaml @@ -1,38 +1,26 @@ +Description: Allows users to query AWS S3 buckets for detailed information about their + configuration, policies, and permissions. ID: aws_s3_bucket_10 -Title: "Find AWS S3 Bucket Policies and Permissions" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_s3_bucket, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - string_to_array(p, ':') as pa, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and ( - pa[5] != account_id - or p = '*' - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s -> 'Condition' as conditions\nfrom\n aws_s3_bucket,\n jsonb_array_elements(policy_std\ + \ -> 'Statement') as s,\n jsonb_array_elements_text(s -> 'Principal' -> 'AWS')\ + \ as p,\n string_to_array(p, ':') as pa,\n jsonb_array_elements_text(s -> 'Action')\ + \ as a\nwhere\n s ->> 'Effect' = 'Allow'\n and (\n pa[5] != account_id\n\ + \ or p = '*'\n );" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find AWS S3 Bucket Policies and Permissions diff --git a/queries/aws_s3_bucket_11.yaml b/queries/aws_s3_bucket_11.yaml index 4256d8cca..3dbb895e5 100755 --- a/queries/aws_s3_bucket_11.yaml +++ b/queries/aws_s3_bucket_11.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS S3 buckets for detailed information about their + configuration, policies, and permissions. ID: aws_s3_bucket_11 -Title: "Find AWS S3 Buckets with Object Lock Enabled" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - object_lock_configuration ->> 'ObjectLockEnabled' as object_lock_enabled - from - aws_s3_bucket - where - object_lock_configuration ->> 'ObjectLockEnabled' = 'Enabled'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n object_lock_configuration ->> 'ObjectLockEnabled'\ + \ as object_lock_enabled\nfrom\n aws_s3_bucket\nwhere\n object_lock_configuration\ + \ ->> 'ObjectLockEnabled' = 'Enabled';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find AWS S3 Buckets with Object Lock Enabled diff --git a/queries/aws_s3_bucket_12.yaml b/queries/aws_s3_bucket_12.yaml index 69a3af587..00076afbb 100755 --- a/queries/aws_s3_bucket_12.yaml +++ b/queries/aws_s3_bucket_12.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS S3 buckets for detailed information about their + configuration, policies, and permissions. ID: aws_s3_bucket_12 -Title: "Find all detailed AWS S3 Bucket Information via SQL" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - website_configuration -> 'IndexDocument' ->> 'Suffix' as suffix - from - aws_s3_bucket - where - website_configuration -> 'IndexDocument' ->> 'Suffix' is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n website_configuration -> 'IndexDocument' ->>\ + \ 'Suffix' as suffix\nfrom\n aws_s3_bucket\nwhere\n website_configuration ->\ + \ 'IndexDocument' ->> 'Suffix' is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find all detailed AWS S3 Bucket Information via SQL diff --git a/queries/aws_s3_bucket_13.yaml b/queries/aws_s3_bucket_13.yaml index c542c23f9..523f2c164 100755 --- a/queries/aws_s3_bucket_13.yaml +++ b/queries/aws_s3_bucket_13.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS S3 buckets for detailed information about their + configuration, policies, and permissions. ID: aws_s3_bucket_13 -Title: "Find all AWS S3 Buckets Configuration and Permissions" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - b.name, - r ->> 'ObjectOwnership' as object_ownership - from - aws_s3_bucket as b, - jsonb_array_elements(object_ownership_controls -> 'Rules') as r; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n b.name,\n r ->> 'ObjectOwnership' as object_ownership\n\ + from\n aws_s3_bucket as b,\n jsonb_array_elements(object_ownership_controls\ + \ -> 'Rules') as r;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find all AWS S3 Buckets Configuration and Permissions diff --git a/queries/aws_s3_bucket_2.yaml b/queries/aws_s3_bucket_2.yaml index 4dcee1a5c..eece9993c 100755 --- a/queries/aws_s3_bucket_2.yaml +++ b/queries/aws_s3_bucket_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS S3 buckets for detailed information about their + configuration, policies, and permissions. ID: aws_s3_bucket_2 -Title: "Find AWS S3 Buckets Missing Versioning Using SQL" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - region, - account_id, - versioning_enabled - from - aws_s3_bucket - where - not versioning_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n region,\n account_id,\n versioning_enabled\n\ + from\n aws_s3_bucket\nwhere\n not versioning_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find AWS S3 Buckets Missing Versioning Using SQL diff --git a/queries/aws_s3_bucket_3.yaml b/queries/aws_s3_bucket_3.yaml index cff0f89d9..19eb8d259 100755 --- a/queries/aws_s3_bucket_3.yaml +++ b/queries/aws_s3_bucket_3.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS S3 buckets for detailed information about their + configuration, policies, and permissions. ID: aws_s3_bucket_3 -Title: "Find AWS S3 buckets with no server-side encryption" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - server_side_encryption_configuration - from - aws_s3_bucket - where - server_side_encryption_configuration is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n server_side_encryption_configuration\nfrom\n\ + \ aws_s3_bucket\nwhere\n server_side_encryption_configuration is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find AWS S3 buckets with no server-side encryption diff --git a/queries/aws_s3_bucket_4.yaml b/queries/aws_s3_bucket_4.yaml index e0e4d0d9a..fdf843685 100755 --- a/queries/aws_s3_bucket_4.yaml +++ b/queries/aws_s3_bucket_4.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS S3 buckets for detailed information about their + configuration, policies, and permissions. ID: aws_s3_bucket_4 -Title: "Find AWS S3 Buckets with Public Access Details" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - block_public_acls, - block_public_policy, - ignore_public_acls, - restrict_public_buckets - from - aws_s3_bucket - where - not block_public_acls - or not block_public_policy - or not ignore_public_acls - or not restrict_public_buckets; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n block_public_acls,\n block_public_policy,\n\ + \ ignore_public_acls,\n restrict_public_buckets\nfrom\n aws_s3_bucket\nwhere\n\ + \ not block_public_acls\n or not block_public_policy\n or not ignore_public_acls\n\ + \ or not restrict_public_buckets;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find AWS S3 Buckets with Public Access Details diff --git a/queries/aws_s3_bucket_5.yaml b/queries/aws_s3_bucket_5.yaml index 9d2209e99..5e37628f9 100755 --- a/queries/aws_s3_bucket_5.yaml +++ b/queries/aws_s3_bucket_5.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS S3 buckets for detailed information about their + configuration, policies, and permissions. ID: aws_s3_bucket_5 -Title: "Find All AWS S3 Bucket Policies and Configurations" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - bucket_policy_is_public - from - aws_s3_bucket - where - bucket_policy_is_public; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n bucket_policy_is_public\nfrom\n aws_s3_bucket\n\ + where\n bucket_policy_is_public;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find All AWS S3 Bucket Policies and Configurations diff --git a/queries/aws_s3_bucket_6.yaml b/queries/aws_s3_bucket_6.yaml index 9caacfeaa..59416264d 100755 --- a/queries/aws_s3_bucket_6.yaml +++ b/queries/aws_s3_bucket_6.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS S3 buckets for detailed information about their + configuration, policies, and permissions. ID: aws_s3_bucket_6 -Title: "Find AWS S3 Buckets with Specific Logging Target" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - logging ->> 'TargetBucket' as target_bucket - from - aws_s3_bucket - where - logging ->> 'TargetBucket' = name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n logging ->> 'TargetBucket' as target_bucket\n\ + from\n aws_s3_bucket\nwhere\n logging ->> 'TargetBucket' = name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find AWS S3 Buckets with Specific Logging Target diff --git a/queries/aws_s3_bucket_7.yaml b/queries/aws_s3_bucket_7.yaml index 7426c8aa0..ed5ec7ecd 100755 --- a/queries/aws_s3_bucket_7.yaml +++ b/queries/aws_s3_bucket_7.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS S3 buckets for detailed information about their + configuration, policies, and permissions. ID: aws_s3_bucket_7 -Title: "Find all AWS S3 Buckets Information with SQL" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - tags ->> 'fizz' as fizz - from - aws_s3_bucket - where - tags ->> 'application' is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n tags ->> 'fizz' as fizz\nfrom\n aws_s3_bucket\n\ + where\n tags ->> 'application' is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find all AWS S3 Buckets Information with SQL diff --git a/queries/aws_s3_bucket_8.yaml b/queries/aws_s3_bucket_8.yaml index 51903d5af..d3f288c42 100755 --- a/queries/aws_s3_bucket_8.yaml +++ b/queries/aws_s3_bucket_8.yaml @@ -1,39 +1,27 @@ +Description: Allows users to query AWS S3 buckets for detailed information about their + configuration, policies, and permissions. ID: aws_s3_bucket_8 -Title: "Find all AWS S3 buckets with insecure policies" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p as principal, - a as action, - s ->> 'Effect' as effect, - s ->> 'Condition' as conditions, - ssl - from - aws_s3_bucket, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a, - jsonb_array_elements_text( - s -> 'Condition' -> 'Bool' -> 'aws:securetransport' - ) as ssl - where - p = '*' - and s ->> 'Effect' = 'Deny' - and ssl :: bool = false; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s ->> 'Condition' as conditions,\n ssl\nfrom\n aws_s3_bucket,\n\ + \ jsonb_array_elements(policy_std -> 'Statement') as s,\n jsonb_array_elements_text(s\ + \ -> 'Principal' -> 'AWS') as p,\n jsonb_array_elements_text(s -> 'Action') as\ + \ a,\n jsonb_array_elements_text(\n s -> 'Condition' -> 'Bool' -> 'aws:securetransport'\n\ + \ ) as ssl\nwhere\n p = '*'\n and s ->> 'Effect' = 'Deny'\n and ssl :: bool\ + \ = false;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find all AWS S3 buckets with insecure policies diff --git a/queries/aws_s3_bucket_9.yaml b/queries/aws_s3_bucket_9.yaml index b476856e1..f8d2e5889 100755 --- a/queries/aws_s3_bucket_9.yaml +++ b/queries/aws_s3_bucket_9.yaml @@ -1,41 +1,27 @@ +Description: Allows users to query AWS S3 buckets for detailed information about their + configuration, policies, and permissions. ID: aws_s3_bucket_9 -Title: "Find AWS S3 Buckets with Specific Policies and Permissions" -Description: "Allows users to query AWS S3 buckets for detailed information about their configuration, policies, and permissions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name - from - aws_s3_bucket - where - name not in ( - select - name - from - aws_s3_bucket, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a, - jsonb_array_elements_text( - s -> 'Condition' -> 'Bool' -> 'aws:securetransport' - ) as ssl - where - p = '*' - and s ->> 'Effect' = 'Deny' - and ssl :: bool = false - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name\nfrom\n aws_s3_bucket\nwhere\n name not in (\n\ + \ select\n name\n from\n aws_s3_bucket,\n jsonb_array_elements(policy_std\ + \ -> 'Statement') as s,\n jsonb_array_elements_text(s -> 'Principal' -> 'AWS')\ + \ as p,\n jsonb_array_elements_text(s -> 'Action') as a,\n jsonb_array_elements_text(\n\ + \ s -> 'Condition' -> 'Bool' -> 'aws:securetransport'\n ) as ssl\n\ + \ where\n p = '*'\n and s ->> 'Effect' = 'Deny'\n and ssl ::\ + \ bool = false\n );" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find AWS S3 Buckets with Specific Policies and Permissions diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml b/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml index d985906bf..8c8e8dbb4 100755 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query Intelligent Tiering configurations for S3 buckets. + It provides information about each configuration, including the bucket name, the + ID of the configuration, and the status of the configuration. ID: aws_s3_bucket_intelligent_tiering_configuration_1 -Title: "List all Intelligent Tiering Configurations in AWS S3" -Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - bucket_name, - id, - status, - tierings - from - aws_s3_bucket_intelligent_tiering_configuration; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n bucket_name,\n id,\n status,\n tierings\nfrom\n aws_s3_bucket_intelligent_tiering_configuration;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 Bucket +Title: List all Intelligent Tiering Configurations in AWS S3 diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml b/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml index e604e8811..d53c65be7 100755 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_2.yaml @@ -1,45 +1,28 @@ +Description: Allows users to query Intelligent Tiering configurations for S3 buckets. + It provides information about each configuration, including the bucket name, the + ID of the configuration, and the status of the configuration. ID: aws_s3_bucket_intelligent_tiering_configuration_2 -Title: "List all AWS S3 Buckets with Intelligent Tiering Configuration" -Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with intelligent_tiering_configuration as MATERIALIZED ( - select - bucket_name, id, status - from - aws_s3_bucket_intelligent_tiering_configuration ), - bucket as MATERIALIZED ( - select - name, region - from - aws_s3_bucket ) - select distinct - b.name, - b.region, - case - when - i.id is null - then - 'Bucket does not have intelligent tiering configured' - else - 'Bucket has intelligent tiering configured' - end - as intelligent_tiering_configuration_status - from - bucket as b - left join - intelligent_tiering_configuration as i - on b.name = i.bucket_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with intelligent_tiering_configuration as MATERIALIZED (\nselect\n\ + \ bucket_name, id, status\nfrom\n aws_s3_bucket_intelligent_tiering_configuration\ + \ ),\n bucket as MATERIALIZED (\n select\n name, region\n from\n aws_s3_bucket\ + \ )\n select distinct\n b.name,\n b.region,\n case\n \ + \ when\n i.id is null\n then\n 'Bucket does not have\ + \ intelligent tiering configured'\n else\n 'Bucket has intelligent\ + \ tiering configured'\n end\n as intelligent_tiering_configuration_status\n\ + \ from\n bucket as b\n left join\n intelligent_tiering_configuration\ + \ as i\n on b.name = i.bucket_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: List all AWS S3 Buckets with Intelligent Tiering Configuration diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml b/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml index e227c237a..675d31852 100755 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query Intelligent Tiering configurations for S3 buckets. + It provides information about each configuration, including the bucket name, the + ID of the configuration, and the status of the configuration. ID: aws_s3_bucket_intelligent_tiering_configuration_3 -Title: "List all Intelligent Tiering configurations for S3 buckets" -Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - bucket_name, - id, - status, - tierings - from - aws_s3_bucket_intelligent_tiering_configuration - where - status = 'Enabled'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n bucket_name,\n id,\n status,\n tierings\nfrom\n aws_s3_bucket_intelligent_tiering_configuration\n\ + where\n status = 'Enabled';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: List all Intelligent Tiering configurations for S3 buckets diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml b/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml index 9d5cb265a..3d804a5a0 100755 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_4.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query Intelligent Tiering configurations for S3 buckets. + It provides information about each configuration, including the bucket name, the + ID of the configuration, and the status of the configuration. ID: aws_s3_bucket_intelligent_tiering_configuration_4 -Title: "Find all Intelligent Tiering Configurations in AWS S3 Buckets" -Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.bucket_name, - s.id, - s.status, - t ->> 'AccessTier' as access_tier, - t ->> 'Days' as days - from - aws_s3_bucket_intelligent_tiering_configuration as s, - jsonb_array_elements(tierings) as t; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.bucket_name,\n s.id,\n s.status,\n t ->> 'AccessTier'\ + \ as access_tier,\n t ->> 'Days' as days\nfrom\n aws_s3_bucket_intelligent_tiering_configuration\ + \ as s,\n jsonb_array_elements(tierings) as t;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find all Intelligent Tiering Configurations in AWS S3 Buckets diff --git a/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml b/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml index ef4fa7dbb..57372fed7 100755 --- a/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml +++ b/queries/aws_s3_bucket_intelligent_tiering_configuration_5.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query Intelligent Tiering configurations for S3 buckets. + It provides information about each configuration, including the bucket name, the + ID of the configuration, and the status of the configuration. ID: aws_s3_bucket_intelligent_tiering_configuration_5 -Title: "Find all Intelligent Tiering Configurations in AWS S3 Buckets" -Description: "Allows users to query Intelligent Tiering configurations for S3 buckets. It provides information about each configuration, including the bucket name, the ID of the configuration, and the status of the configuration." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - bucket_name, - id, - filter -> 'And' as filter_and, - filter -> 'Prefix' as filter_prefix, - filter -> 'Tag' as filter_tag - from - aws_s3_bucket_intelligent_tiering_configuration; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n bucket_name,\n id,\n filter -> 'And' as filter_and,\n\ + \ filter -> 'Prefix' as filter_prefix,\n filter -> 'Tag' as filter_tag\nfrom\n\ + \ aws_s3_bucket_intelligent_tiering_configuration;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find all Intelligent Tiering Configurations in AWS S3 Buckets diff --git a/queries/aws_s3_multi_region_access_point_1.yaml b/queries/aws_s3_multi_region_access_point_1.yaml index 83d793836..7288d20b7 100755 --- a/queries/aws_s3_multi_region_access_point_1.yaml +++ b/queries/aws_s3_multi_region_access_point_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS S3 Multi-Region Access Points to retrieve information + about their configuration, status, and associated policies. ID: aws_s3_multi_region_access_point_1 -Title: "List all AWS S3 Multi-Region Access Points configuration and status" -Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - alias, - status, - created_at - from - aws_s3_multi_region_access_point; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n alias,\n status,\n created_at\nfrom\n aws_s3_multi_region_access_point;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 Multi-Region Access Point +Title: List all AWS S3 Multi-Region Access Points configuration and status diff --git a/queries/aws_s3_multi_region_access_point_2.yaml b/queries/aws_s3_multi_region_access_point_2.yaml index e08806665..3643a6616 100755 --- a/queries/aws_s3_multi_region_access_point_2.yaml +++ b/queries/aws_s3_multi_region_access_point_2.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS S3 Multi-Region Access Points to retrieve information + about their configuration, status, and associated policies. ID: aws_s3_multi_region_access_point_2 -Title: "Find AWS S3 Multi-Region Access Points configuration and status" -Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - public_access_block ->> 'BlockPublicAcls' as block_public_acls, - public_access_block ->> 'BlockPublicPolicy' as block_public_policy, - public_access_block ->> 'IgnorePublicAcls' as ignore_public_acls, - public_access_block ->> 'RestrictPublicBuckets' as restrict_public_buckets - from - aws_s3_multi_region_access_point - where - public_access_block ->> 'BlockPublicAcls'::text = 'true' - and public_access_block ->> 'BlockPublicPolicy'::text = 'true' - and public_access_block ->> 'IgnorePublicAcls'::text = 'true' - and public_access_block ->> 'RestrictPublicBuckets'::text = 'true'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n public_access_block ->> 'BlockPublicAcls' as\ + \ block_public_acls,\n public_access_block ->> 'BlockPublicPolicy' as block_public_policy,\n\ + \ public_access_block ->> 'IgnorePublicAcls' as ignore_public_acls,\n public_access_block\ + \ ->> 'RestrictPublicBuckets' as restrict_public_buckets \nfrom\n aws_s3_multi_region_access_point\ + \ \nwhere\n public_access_block ->> 'BlockPublicAcls'::text = 'true' \n and\ + \ public_access_block ->> 'BlockPublicPolicy'::text = 'true' \n and public_access_block\ + \ ->> 'IgnorePublicAcls'::text = 'true' \n and public_access_block ->> 'RestrictPublicBuckets'::text\ + \ = 'true';" Tags: cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find AWS S3 Multi-Region Access Points configuration and status diff --git a/queries/aws_s3_multi_region_access_point_3.yaml b/queries/aws_s3_multi_region_access_point_3.yaml index cc1b16bb1..f0d94b590 100755 --- a/queries/aws_s3_multi_region_access_point_3.yaml +++ b/queries/aws_s3_multi_region_access_point_3.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS S3 Multi-Region Access Points to retrieve information + about their configuration, status, and associated policies. ID: aws_s3_multi_region_access_point_3 -Title: "Find AWS S3 Multi-Region Access Point Configuration and Policies" -Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - policy -> 'Established' -> 'Policy' as established_policy, - policy -> 'Proposed' -> 'Policy' as proposed_policy - from - aws_s3_multi_region_access_point; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n policy -> 'Established' -> 'Policy' as established_policy,\n\ + \ policy -> 'Proposed' -> 'Policy' as proposed_policy\nfrom\n aws_s3_multi_region_access_point;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find AWS S3 Multi-Region Access Point Configuration and Policies diff --git a/queries/aws_s3_multi_region_access_point_4.yaml b/queries/aws_s3_multi_region_access_point_4.yaml index c4a4a2c47..81e50fda9 100755 --- a/queries/aws_s3_multi_region_access_point_4.yaml +++ b/queries/aws_s3_multi_region_access_point_4.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS S3 Multi-Region Access Points to retrieve information + about their configuration, status, and associated policies. ID: aws_s3_multi_region_access_point_4 -Title: "List all AWS S3 Multi-Region Access Points and Configuration" -Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r ->> 'Bucket' as bucket_name, - count(name) access_point_count - from - aws_s3_multi_region_access_point, - jsonb_array_elements(regions) as r - group by - bucket_name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r ->> 'Bucket' as bucket_name,\n count(name) access_point_count\n\ + from\n aws_s3_multi_region_access_point,\n jsonb_array_elements(regions) as\ + \ r\ngroup by\n bucket_name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS S3 +Title: List all AWS S3 Multi-Region Access Points and Configuration diff --git a/queries/aws_s3_multi_region_access_point_5.yaml b/queries/aws_s3_multi_region_access_point_5.yaml index 2fa929ea1..ca56147b1 100755 --- a/queries/aws_s3_multi_region_access_point_5.yaml +++ b/queries/aws_s3_multi_region_access_point_5.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS S3 Multi-Region Access Points to retrieve information + about their configuration, status, and associated policies. ID: aws_s3_multi_region_access_point_5 -Title: "Query AWS S3 Multi-Region Access Points Configuration" -Description: "Allows users to query AWS S3 Multi-Region Access Points to retrieve information about their configuration, status, and associated policies." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.name, - r ->> 'Bucket' as bucket_name, - b.creation_date as bucket_creation_date, - b.bucket_policy_is_public, - b.versioning_enabled - from - aws_s3_multi_region_access_point as a, - jsonb_array_elements(a.regions) as r, - aws_s3_bucket as b - where - b.name = r ->> 'Bucket'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.name,\n r ->> 'Bucket' as bucket_name,\n b.creation_date\ + \ as bucket_creation_date,\n b.bucket_policy_is_public,\n b.versioning_enabled\n\ + from\n aws_s3_multi_region_access_point as a,\n jsonb_array_elements(a.regions)\ + \ as r,\n aws_s3_bucket as b\nwhere\n b.name = r ->> 'Bucket';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Query AWS S3 Multi-Region Access Points Configuration diff --git a/queries/aws_s3_object_1.yaml b/queries/aws_s3_object_1.yaml index d2507f783..9f363db15 100755 --- a/queries/aws_s3_object_1.yaml +++ b/queries/aws_s3_object_1.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS S3 Objects and retrieve metadata and details + about each object stored in S3 buckets. ID: aws_s3_object_1 -Title: "Find AWS S3 Objects and Retrieve Metadata Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - arn, - bucket_name, - last_modified, - storage_class, - version_id - from - aws_s3_object - where - bucket_name = 'steampipe-test'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key,\n arn,\n bucket_name,\n last_modified,\n storage_class,\n\ + \ version_id\nfrom\n aws_s3_object\nwhere\n bucket_name = 'steampipe-test';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find AWS S3 Objects and Retrieve Metadata Details diff --git a/queries/aws_s3_object_10.yaml b/queries/aws_s3_object_10.yaml index f8c73f420..fe7a97d3d 100755 --- a/queries/aws_s3_object_10.yaml +++ b/queries/aws_s3_object_10.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS S3 Objects and retrieve metadata and details + about each object stored in S3 buckets. ID: aws_s3_object_10 -Title: "Find AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - bucket_name, - jsonb_pretty(tags) as tags - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and tags ->> 'application' is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key,\n bucket_name,\n jsonb_pretty(tags) as tags\n\ + from\n aws_s3_object\nwhere\n bucket_name = 'steampipe-test'\n and tags ->>\ + \ 'application' is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find AWS S3 Object Metadata and Details diff --git a/queries/aws_s3_object_11.yaml b/queries/aws_s3_object_11.yaml index ba0b47d1c..e2c6f4ba6 100755 --- a/queries/aws_s3_object_11.yaml +++ b/queries/aws_s3_object_11.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS S3 Objects and retrieve metadata and details + about each object stored in S3 buckets. ID: aws_s3_object_11 -Title: "Find all AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - o.arn as object_arn, - bucket_name, - last_modified, - bucket_key_enabled - from - aws_s3_object as o, - aws_s3_bucket as b - where - o.bucket_name = b.name - and not bucket_key_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key,\n o.arn as object_arn,\n bucket_name,\n last_modified,\n\ + \ bucket_key_enabled\nfrom\n aws_s3_object as o,\n aws_s3_bucket as b\nwhere\n\ + \ o.bucket_name = b.name\n and not bucket_key_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find all AWS S3 Object Metadata and Details diff --git a/queries/aws_s3_object_12.yaml b/queries/aws_s3_object_12.yaml index 24f6cda58..0507ea28e 100755 --- a/queries/aws_s3_object_12.yaml +++ b/queries/aws_s3_object_12.yaml @@ -1,41 +1,25 @@ +Description: Allows users to query AWS S3 Objects and retrieve metadata and details + about each object stored in S3 buckets. ID: aws_s3_object_12 -Title: "Find all AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - arn, - bucket_name, - last_modified, - storage_class - from - aws_s3_object - where - bucket_name in - ( - select - name - from - aws_s3_bucket - where - not block_public_acls - or not block_public_policy - or not ignore_public_acls - or not restrict_public_buckets - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key,\n arn,\n bucket_name,\n last_modified,\n storage_class\n\ + from\n aws_s3_object\nwhere\n bucket_name in\n (\n select\n name\n\ + \ from\n aws_s3_bucket\n where\n not block_public_acls\n \ + \ or not block_public_policy\n or not ignore_public_acls\n or not restrict_public_buckets\n\ + \ );" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find all AWS S3 Object Metadata and Details diff --git a/queries/aws_s3_object_13.yaml b/queries/aws_s3_object_13.yaml index c7b749d75..1e1167fc6 100755 --- a/queries/aws_s3_object_13.yaml +++ b/queries/aws_s3_object_13.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS S3 Objects and retrieve metadata and details + about each object stored in S3 buckets. ID: aws_s3_object_13 -Title: "List all AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.key, - b ->> 'awsAccountId' as account_id, - b ->> 'digestEndTime' as digest_end_time, - b ->> 'digestPublicKeyFingerprint' as digest_public_key_fingerprint, - b ->> 'digestS3Bucket' as digest_s3_bucket, - b ->> 'digestStartTime' as digest_start_time - from - aws_s3_object as s, - jsonb_array_elements(body::jsonb) as b - where - bucket_name = 'steampipe-test' - and prefix = 'test1/log_text.txt'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.key,\n b ->> 'awsAccountId' as account_id,\n b ->>\ + \ 'digestEndTime' as digest_end_time,\n b ->> 'digestPublicKeyFingerprint' as\ + \ digest_public_key_fingerprint,\n b ->> 'digestS3Bucket' as digest_s3_bucket,\n\ + \ b ->> 'digestStartTime' as digest_start_time\nfrom\n aws_s3_object as s,\n\ + \ jsonb_array_elements(body::jsonb) as b\nwhere\n bucket_name = 'steampipe-test'\n\ + \ and prefix = 'test1/log_text.txt';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: List all AWS S3 Object Metadata and Details diff --git a/queries/aws_s3_object_2.yaml b/queries/aws_s3_object_2.yaml index efc45133e..548632671 100755 --- a/queries/aws_s3_object_2.yaml +++ b/queries/aws_s3_object_2.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS S3 Objects and retrieve metadata and details + about each object stored in S3 buckets. ID: aws_s3_object_2 -Title: "List all AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - arn, - bucket_name, - last_modified, - storage_class, - version_id - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and prefix = 'test/logs/2021/03/01/12'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key,\n arn,\n bucket_name,\n last_modified,\n storage_class,\n\ + \ version_id\nfrom\n aws_s3_object\nwhere\n bucket_name = 'steampipe-test'\n\ + \ and prefix = 'test/logs/2021/03/01/12';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 Object +Title: List all AWS S3 Object Metadata and Details diff --git a/queries/aws_s3_object_3.yaml b/queries/aws_s3_object_3.yaml index 6030e8707..2a8510aa0 100755 --- a/queries/aws_s3_object_3.yaml +++ b/queries/aws_s3_object_3.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS S3 Objects and retrieve metadata and details + about each object stored in S3 buckets. ID: aws_s3_object_3 -Title: "Find AWS S3 Object Metadata and Details with SQL" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - arn, - bucket_name, - last_modified, - storage_class, - version_id - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and prefix = 'test/logs/2021/03/01/12/abc.txt'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key,\n arn,\n bucket_name,\n last_modified,\n storage_class,\n\ + \ version_id\nfrom\n aws_s3_object\nwhere\n bucket_name = 'steampipe-test'\n\ + \ and prefix = 'test/logs/2021/03/01/12/abc.txt';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find AWS S3 Object Metadata and Details with SQL diff --git a/queries/aws_s3_object_4.yaml b/queries/aws_s3_object_4.yaml index aa67f0910..42811091a 100755 --- a/queries/aws_s3_object_4.yaml +++ b/queries/aws_s3_object_4.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS S3 Objects and retrieve metadata and details + about each object stored in S3 buckets. ID: aws_s3_object_4 -Title: "List all AWS S3 Objects with Encryptions Using SQL" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - arn, - bucket_name, - last_modified, - storage_class, - version_id - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and sse_kms_key_id is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key,\n arn,\n bucket_name,\n last_modified,\n storage_class,\n\ + \ version_id\nfrom\n aws_s3_object\nwhere\n bucket_name = 'steampipe-test'\n\ + \ and sse_kms_key_id is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: List all AWS S3 Objects with Encryptions Using SQL diff --git a/queries/aws_s3_object_5.yaml b/queries/aws_s3_object_5.yaml index 2f6db8da3..d1432e36f 100755 --- a/queries/aws_s3_object_5.yaml +++ b/queries/aws_s3_object_5.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS S3 Objects and retrieve metadata and details + about each object stored in S3 buckets. ID: aws_s3_object_5 -Title: "List all AWS S3 Objects and Metadata" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - arn, - bucket_name, - last_modified, - storage_class, - version_id - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and last_modified < current_date - interval '3 months'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key,\n arn,\n bucket_name,\n last_modified,\n storage_class,\n\ + \ version_id\nfrom\n aws_s3_object\nwhere\n bucket_name = 'steampipe-test'\n\ + \ and last_modified < current_date - interval '3 months';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: List all AWS S3 Objects and Metadata diff --git a/queries/aws_s3_object_6.yaml b/queries/aws_s3_object_6.yaml index 819b0edf4..bd21a65e2 100755 --- a/queries/aws_s3_object_6.yaml +++ b/queries/aws_s3_object_6.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS S3 Objects and retrieve metadata and details + about each object stored in S3 buckets. ID: aws_s3_object_6 -Title: "List AWS S3 Objects and Retrieve Metadata Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.key, - s.bucket_name, - s.owner, - acl_grant -> 'Grantee' as grantee, - acl_grant ->> 'Permission' as permission - from - aws_s3_object as s, - jsonb_array_elements(aws_s3_object.acl -> 'Grants') as acl_grant - where - bucket_name = 'steampipe-test' - and acl_grant ->> 'Permission' = 'FULL_CONTROL' - and acl_grant -> 'Grantee' ->> 'ID' != aws_s3_object.owner ->> 'ID'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.key,\n s.bucket_name,\n s.owner,\n acl_grant ->\ + \ 'Grantee' as grantee,\n acl_grant ->> 'Permission' as permission\nfrom\n aws_s3_object\ + \ as s,\n jsonb_array_elements(aws_s3_object.acl -> 'Grants') as acl_grant\n\ + where\n bucket_name = 'steampipe-test'\n and acl_grant ->> 'Permission' = 'FULL_CONTROL'\n\ + \ and acl_grant -> 'Grantee' ->> 'ID' != aws_s3_object.owner ->> 'ID';" Tags: cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: List AWS S3 Objects and Retrieve Metadata Details diff --git a/queries/aws_s3_object_7.yaml b/queries/aws_s3_object_7.yaml index af716d6da..0782ca162 100755 --- a/queries/aws_s3_object_7.yaml +++ b/queries/aws_s3_object_7.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS S3 Objects and retrieve metadata and details + about each object stored in S3 buckets. ID: aws_s3_object_7 -Title: "Find all AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - bucket_name, - object_lock_legal_hold_status - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and object_lock_legal_hold_status = 'ON'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key,\n bucket_name,\n object_lock_legal_hold_status\n\ + from\n aws_s3_object\nwhere\n bucket_name = 'steampipe-test'\n and object_lock_legal_hold_status\ + \ = 'ON';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find all AWS S3 Object Metadata and Details diff --git a/queries/aws_s3_object_8.yaml b/queries/aws_s3_object_8.yaml index 34cb8d945..460535bea 100755 --- a/queries/aws_s3_object_8.yaml +++ b/queries/aws_s3_object_8.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS S3 Objects and retrieve metadata and details + about each object stored in S3 buckets. ID: aws_s3_object_8 -Title: "List all AWS S3 Object Metadata and Details" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - key, - bucket_name, - object_lock_retain_until_date, - object_lock_mode, - object_lock_legal_hold_status - from - aws_s3_object - where - bucket_name = 'steampipe-test' - and object_lock_mode = 'GOVERNANCE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n key,\n bucket_name,\n object_lock_retain_until_date,\n\ + \ object_lock_mode,\n object_lock_legal_hold_status\nfrom\n aws_s3_object\n\ + where\n bucket_name = 'steampipe-test'\n and object_lock_mode = 'GOVERNANCE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: List all AWS S3 Object Metadata and Details diff --git a/queries/aws_s3_object_9.yaml b/queries/aws_s3_object_9.yaml index a19f5b7da..1bc5cdcea 100755 --- a/queries/aws_s3_object_9.yaml +++ b/queries/aws_s3_object_9.yaml @@ -1,33 +1,26 @@ +Description: Allows users to query AWS S3 Objects and retrieve metadata and details + about each object stored in S3 buckets. ID: aws_s3_object_9 -Title: "Find metadata and details of AWS S3 Objects" -Description: "Allows users to query AWS S3 Objects and retrieve metadata and details about each object stored in S3 buckets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.key, - s.bucket_name, - s.object_lock_retain_until_date, - s.object_lock_mode, - s.object_lock_legal_hold_status - from - aws_s3_object as s - where - bucket_name = 'steampipe-test' - and object_lock_retain_until_date > current_date + interval '1 year'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.key,\n s.bucket_name,\n s.object_lock_retain_until_date,\n\ + \ s.object_lock_mode,\n s.object_lock_legal_hold_status\nfrom\n aws_s3_object\ + \ as s\nwhere\n bucket_name = 'steampipe-test'\n and object_lock_retain_until_date\ + \ > current_date + interval '1 year';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find metadata and details of AWS S3 Objects diff --git a/queries/aws_s3_object_version_1.yaml b/queries/aws_s3_object_version_1.yaml index 4808d3d5c..1baa6c364 100755 --- a/queries/aws_s3_object_version_1.yaml +++ b/queries/aws_s3_object_version_1.yaml @@ -1,29 +1,22 @@ +Description: Allows querying information about versions of objects stored in Amazon + S3 buckets. This table provides details such as bucket name, delimiter, encoding + type, version ID marker, prefix, whether the results are truncated, common prefixes, + delete markers, and version information. ID: aws_s3_object_version_1 -Title: "List all AWS S3 Object Versions in Bucket" -Description: "Allows querying information about versions of objects stored in Amazon S3 buckets. This table provides details such as bucket name, delimiter, encoding type, version ID marker, prefix, whether the results are truncated, common prefixes, delete markers, and version information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - bucket_name, - key, - storage_class, - version_id, - is_latest, - size - from - aws_s3_object_version - where - bucket_name = 'testbucket'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n bucket_name,\n key,\n storage_class,\n version_id,\n\ + \ is_latest,\n size\nfrom\n aws_s3_object_version\nwhere\n bucket_name = 'testbucket';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon S3 +Title: List all AWS S3 Object Versions in Bucket diff --git a/queries/aws_s3_object_version_2.yaml b/queries/aws_s3_object_version_2.yaml index 0f75f9758..3e206ef18 100755 --- a/queries/aws_s3_object_version_2.yaml +++ b/queries/aws_s3_object_version_2.yaml @@ -1,33 +1,23 @@ +Description: Allows querying information about versions of objects stored in Amazon + S3 buckets. This table provides details such as bucket name, delimiter, encoding + type, version ID marker, prefix, whether the results are truncated, common prefixes, + delete markers, and version information. ID: aws_s3_object_version_2 -Title: "Find all AWS S3 Object Versions in Buckets" -Description: "Allows querying information about versions of objects stored in Amazon S3 buckets. This table provides details such as bucket name, delimiter, encoding type, version ID marker, prefix, whether the results are truncated, common prefixes, delete markers, and version information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - bucket_name, - key, - storage_class, - version_id, - is_latest, - size, - etag, - owner_id - from - aws_s3_object_version - where - bucket_name = 'testbucket' - and - key = 'test/template.txt'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n bucket_name,\n key,\n storage_class,\n version_id,\n\ + \ is_latest,\n size,\n etag,\n owner_id\nfrom\n aws_s3_object_version\nwhere\n\ + \ bucket_name = 'testbucket'\nand\n key = 'test/template.txt';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - S3 +Title: Find all AWS S3 Object Versions in Buckets diff --git a/queries/aws_sagemaker_app_1.yaml b/queries/aws_sagemaker_app_1.yaml index b81de384f..1dac07b3a 100755 --- a/queries/aws_sagemaker_app_1.yaml +++ b/queries/aws_sagemaker_app_1.yaml @@ -1,25 +1,19 @@ +Description: Allows users to query AWS SageMaker App data, providing detailed insights + into application configurations, user settings, and associated metadata. ID: aws_sagemaker_app_1 -Title: "List all AWS SageMaker App configurations" -Description: "Allows users to query AWS SageMaker App data, providing detailed insights into application configurations, user settings, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - status - from - aws_sagemaker_app; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n creation_time,\n status\nfrom\n aws_sagemaker_app;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker +Title: List all AWS SageMaker App configurations diff --git a/queries/aws_sagemaker_app_2.yaml b/queries/aws_sagemaker_app_2.yaml index 1536d064e..9ef369b30 100755 --- a/queries/aws_sagemaker_app_2.yaml +++ b/queries/aws_sagemaker_app_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS SageMaker App data, providing detailed insights + into application configurations, user settings, and associated metadata. ID: aws_sagemaker_app_2 -Title: "Find AWS SageMaker App Configurations and Metadata" -Description: "Allows users to query AWS SageMaker App data, providing detailed insights into application configurations, user settings, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - status, - failure_reason - from - aws_sagemaker_app - where - status = 'Failed'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n creation_time,\n status,\n failure_reason\n\ + from\n aws_sagemaker_app\nwhere \n status = 'Failed';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker App +Title: Find AWS SageMaker App Configurations and Metadata diff --git a/queries/aws_sagemaker_domain_1.yaml b/queries/aws_sagemaker_domain_1.yaml index 8c2c6de77..089960839 100755 --- a/queries/aws_sagemaker_domain_1.yaml +++ b/queries/aws_sagemaker_domain_1.yaml @@ -1,25 +1,19 @@ +Description: Allows users to query AWS SageMaker Domains to retrieve data about AWS + SageMaker Studio domains, including domain details, status, and associated metadata. ID: aws_sagemaker_domain_1 -Title: "Find AWS SageMaker Domains and Metadata Details" -Description: "Allows users to query AWS SageMaker Domains to retrieve data about AWS SageMaker Studio domains, including domain details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - status - from - aws_sagemaker_domain; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n creation_time,\n status\nfrom\n aws_sagemaker_domain;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker Studio +Title: Find AWS SageMaker Domains and Metadata Details diff --git a/queries/aws_sagemaker_domain_2.yaml b/queries/aws_sagemaker_domain_2.yaml index 8e9216c29..d85e9b118 100755 --- a/queries/aws_sagemaker_domain_2.yaml +++ b/queries/aws_sagemaker_domain_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS SageMaker Domains to retrieve data about AWS + SageMaker Studio domains, including domain details, status, and associated metadata. ID: aws_sagemaker_domain_2 -Title: "List all AWS SageMaker Studio Domain Details and Status" -Description: "Allows users to query AWS SageMaker Domains to retrieve data about AWS SageMaker Studio domains, including domain details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - creation_time, - home_efs_file_system_id, - kms_key_id - from - aws_sagemaker_domain - where - kms_key_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n creation_time,\n home_efs_file_system_id,\n\ + \ kms_key_id\nfrom\n aws_sagemaker_domain\nwhere \n kms_key_id is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker +Title: List all AWS SageMaker Studio Domain Details and Status diff --git a/queries/aws_sagemaker_domain_3.yaml b/queries/aws_sagemaker_domain_3.yaml index 14d427ed6..d8c670c02 100755 --- a/queries/aws_sagemaker_domain_3.yaml +++ b/queries/aws_sagemaker_domain_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS SageMaker Domains to retrieve data about AWS + SageMaker Studio domains, including domain details, status, and associated metadata. ID: aws_sagemaker_domain_3 -Title: "Find AWS SageMaker Domains and Their Details" -Description: "Allows users to query AWS SageMaker Domains to retrieve data about AWS SageMaker Studio domains, including domain details, status, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - app_network_access_type - from - aws_sagemaker_domain - where - app_network_access_type = 'PublicInternetOnly'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n creation_time,\n app_network_access_type\n\ + from\n aws_sagemaker_domain\nwhere \n app_network_access_type = 'PublicInternetOnly';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker Studio +Title: Find AWS SageMaker Domains and Their Details diff --git a/queries/aws_sagemaker_endpoint_configuration_1.yaml b/queries/aws_sagemaker_endpoint_configuration_1.yaml index 8ed920bcf..79b5ab039 100755 --- a/queries/aws_sagemaker_endpoint_configuration_1.yaml +++ b/queries/aws_sagemaker_endpoint_configuration_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS SageMaker Endpoint Configurations to retrieve + detailed information about each endpoint configuration in the AWS SageMaker service. ID: aws_sagemaker_endpoint_configuration_1 -Title: "List all AWS SageMaker Endpoint Configurations with Details" -Description: "Allows users to query AWS SageMaker Endpoint Configurations to retrieve detailed information about each endpoint configuration in the AWS SageMaker service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - kms_key_id, - creation_time, - production_variants, - tags - from - aws_sagemaker_endpoint_configuration; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n kms_key_id,\n creation_time,\n production_variants,\n\ + \ tags\nfrom\n aws_sagemaker_endpoint_configuration;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker +Title: List all AWS SageMaker Endpoint Configurations with Details diff --git a/queries/aws_sagemaker_endpoint_configuration_2.yaml b/queries/aws_sagemaker_endpoint_configuration_2.yaml index ef958133c..38fcc0068 100755 --- a/queries/aws_sagemaker_endpoint_configuration_2.yaml +++ b/queries/aws_sagemaker_endpoint_configuration_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS SageMaker Endpoint Configurations to retrieve + detailed information about each endpoint configuration in the AWS SageMaker service. ID: aws_sagemaker_endpoint_configuration_2 -Title: "Find AWS SageMaker Endpoint Configuration details" -Description: "Allows users to query AWS SageMaker Endpoint Configurations to retrieve detailed information about each endpoint configuration in the AWS SageMaker service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - kms_key_id - from - aws_sagemaker_endpoint_configuration - where - kms_key_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n kms_key_id\nfrom\n aws_sagemaker_endpoint_configuration\n\ + where\n kms_key_id is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker +Title: Find AWS SageMaker Endpoint Configuration details diff --git a/queries/aws_sagemaker_model_1.yaml b/queries/aws_sagemaker_model_1.yaml index 2994bbe01..113623b66 100755 --- a/queries/aws_sagemaker_model_1.yaml +++ b/queries/aws_sagemaker_model_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS SageMaker Models for detailed information about + each model, including its name, ARN, creation time, execution role, and more. ID: aws_sagemaker_model_1 -Title: "Find all AWS SageMaker Models Using SQL" -Description: "Allows users to query AWS SageMaker Models for detailed information about each model, including its name, ARN, creation time, execution role, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - enable_network_isolation - from - aws_sagemaker_model; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n creation_time,\n enable_network_isolation\n\ + from\n aws_sagemaker_model;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker +Title: Find all AWS SageMaker Models Using SQL diff --git a/queries/aws_sagemaker_model_2.yaml b/queries/aws_sagemaker_model_2.yaml index 6e8aeb430..f8c3bf631 100755 --- a/queries/aws_sagemaker_model_2.yaml +++ b/queries/aws_sagemaker_model_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS SageMaker Models for detailed information about + each model, including its name, ARN, creation time, execution role, and more. ID: aws_sagemaker_model_2 -Title: "List AWS SageMaker Models with Detailed Information" -Description: "Allows users to query AWS SageMaker Models for detailed information about each model, including its name, ARN, creation time, execution role, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - enable_network_isolation - from - aws_sagemaker_model - where - enable_network_isolation; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n creation_time,\n enable_network_isolation\n\ + from\n aws_sagemaker_model\nwhere\n enable_network_isolation;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker +Title: List AWS SageMaker Models with Detailed Information diff --git a/queries/aws_sagemaker_notebook_instance_1.yaml b/queries/aws_sagemaker_notebook_instance_1.yaml index 47bcc6644..e35a6da7c 100755 --- a/queries/aws_sagemaker_notebook_instance_1.yaml +++ b/queries/aws_sagemaker_notebook_instance_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS SageMaker Notebook Instances to gather information + about their configuration, status, and other related details. ID: aws_sagemaker_notebook_instance_1 -Title: "Find all AWS SageMaker Notebook Instances Configuration" -Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - instance_type, - notebook_instance_status - from - aws_sagemaker_notebook_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n creation_time,\n instance_type,\n \ + \ notebook_instance_status\nfrom\n aws_sagemaker_notebook_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker +Title: Find all AWS SageMaker Notebook Instances Configuration diff --git a/queries/aws_sagemaker_notebook_instance_2.yaml b/queries/aws_sagemaker_notebook_instance_2.yaml index 44c8f8f1a..9dbb9437a 100755 --- a/queries/aws_sagemaker_notebook_instance_2.yaml +++ b/queries/aws_sagemaker_notebook_instance_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS SageMaker Notebook Instances to gather information + about their configuration, status, and other related details. ID: aws_sagemaker_notebook_instance_2 -Title: "List all AWS SageMaker Notebook Instance details" -Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - kms_key_id - from - aws_sagemaker_notebook_instance - where - kms_key_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n kms_key_id\nfrom\n aws_sagemaker_notebook_instance\n\ + where\n kms_key_id is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS SageMaker +Title: List all AWS SageMaker Notebook Instance details diff --git a/queries/aws_sagemaker_notebook_instance_3.yaml b/queries/aws_sagemaker_notebook_instance_3.yaml index 0d240f3d6..4e6bb2781 100755 --- a/queries/aws_sagemaker_notebook_instance_3.yaml +++ b/queries/aws_sagemaker_notebook_instance_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS SageMaker Notebook Instances to gather information + about their configuration, status, and other related details. ID: aws_sagemaker_notebook_instance_3 -Title: "List all AWS SageMaker Notebook Instances Configuration" -Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - direct_internet_access - from - aws_sagemaker_notebook_instance - where - direct_internet_access = 'Disabled'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n direct_internet_access\nfrom\n aws_sagemaker_notebook_instance\n\ + where\n direct_internet_access = 'Disabled';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker +Title: List all AWS SageMaker Notebook Instances Configuration diff --git a/queries/aws_sagemaker_notebook_instance_4.yaml b/queries/aws_sagemaker_notebook_instance_4.yaml index 3d196f8b8..e975114c0 100755 --- a/queries/aws_sagemaker_notebook_instance_4.yaml +++ b/queries/aws_sagemaker_notebook_instance_4.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS SageMaker Notebook Instances to gather information + about their configuration, status, and other related details. ID: aws_sagemaker_notebook_instance_4 -Title: "Find AWS SageMaker Notebook Instances by Configuration" -Description: "Allows users to query AWS SageMaker Notebook Instances to gather information about their configuration, status, and other related details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - root_access - from - aws_sagemaker_notebook_instance - where - root_access = 'Enabled'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n root_access\nfrom\n aws_sagemaker_notebook_instance\n\ + where\n root_access = 'Enabled';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker +Title: Find AWS SageMaker Notebook Instances by Configuration diff --git a/queries/aws_sagemaker_training_job_1.yaml b/queries/aws_sagemaker_training_job_1.yaml index d74013900..18d204b3d 100755 --- a/queries/aws_sagemaker_training_job_1.yaml +++ b/queries/aws_sagemaker_training_job_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS SageMaker Training Jobs to retrieve information + about individual training jobs. ID: aws_sagemaker_training_job_1 -Title: "List all AWS SageMaker Training Jobs using SQL" -Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - training_job_status, - creation_time, - last_modified_time - from - aws_sagemaker_training_job; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n training_job_status,\n creation_time,\n\ + \ last_modified_time\nfrom\n aws_sagemaker_training_job;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker +Title: List all AWS SageMaker Training Jobs using SQL diff --git a/queries/aws_sagemaker_training_job_2.yaml b/queries/aws_sagemaker_training_job_2.yaml index 2a9ec9ca8..cb9c15525 100755 --- a/queries/aws_sagemaker_training_job_2.yaml +++ b/queries/aws_sagemaker_training_job_2.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS SageMaker Training Jobs to retrieve information + about individual training jobs. ID: aws_sagemaker_training_job_2 -Title: "List AWS SageMaker Training Jobs via SQL" -Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - resource_config ->> 'InstanceType' as instance_type, - resource_config ->> 'InstanceCount' as instance_count, - resource_config ->> 'VolumeKmsKeyId' as volume_kms_id, - resource_config ->> 'VolumeSizeInGB' as volume_size - from - aws_sagemaker_training_job; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n resource_config ->> 'InstanceType' as\ + \ instance_type,\n resource_config ->> 'InstanceCount' as instance_count,\n \ + \ resource_config ->> 'VolumeKmsKeyId' as volume_kms_id,\n resource_config ->>\ + \ 'VolumeSizeInGB' as volume_size\nfrom\n aws_sagemaker_training_job;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker +Title: List AWS SageMaker Training Jobs via SQL diff --git a/queries/aws_sagemaker_training_job_3.yaml b/queries/aws_sagemaker_training_job_3.yaml index 3f71ce365..3d4d5f03a 100755 --- a/queries/aws_sagemaker_training_job_3.yaml +++ b/queries/aws_sagemaker_training_job_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS SageMaker Training Jobs to retrieve information + about individual training jobs. ID: aws_sagemaker_training_job_3 -Title: "Find AWS SageMaker Training Jobs with Status Failed" -Description: "Allows users to query AWS SageMaker Training Jobs to retrieve information about individual training jobs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - training_job_status, - failure_reason - from - aws_sagemaker_training_job - where - training_job_status = 'Failed'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n training_job_status,\n failure_reason\n\ + from\n aws_sagemaker_training_job\nwhere\n training_job_status = 'Failed';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SageMaker +Title: Find AWS SageMaker Training Jobs with Status Failed diff --git a/queries/aws_secretsmanager_secret_1.yaml b/queries/aws_secretsmanager_secret_1.yaml index 59b72e869..c1d3a8243 100755 --- a/queries/aws_secretsmanager_secret_1.yaml +++ b/queries/aws_secretsmanager_secret_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Secrets Manager Secret data, including metadata, + versions, rotation configuration, and more. ID: aws_secretsmanager_secret_1 -Title: "List AWS Secrets Manager Secret Data and Metadata" -Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_date, - description, - last_accessed_date - from - aws_secretsmanager_secret; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_date,\n description,\n last_accessed_date\n\ + from\n aws_secretsmanager_secret;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Secrets Manager +Title: List AWS Secrets Manager Secret Data and Metadata diff --git a/queries/aws_secretsmanager_secret_2.yaml b/queries/aws_secretsmanager_secret_2.yaml index f1eb1fb09..44010aa15 100755 --- a/queries/aws_secretsmanager_secret_2.yaml +++ b/queries/aws_secretsmanager_secret_2.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Secrets Manager Secret data, including metadata, + versions, rotation configuration, and more. ID: aws_secretsmanager_secret_2 -Title: "List AWS Secrets Manager Secret Data Including Metadata" -Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_date, - description, - rotation_enabled - from - aws_secretsmanager_secret - where - not rotation_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_date,\n description,\n rotation_enabled\n\ + from\n aws_secretsmanager_secret\nwhere\n not rotation_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Secrets Manager +Title: List AWS Secrets Manager Secret Data Including Metadata diff --git a/queries/aws_secretsmanager_secret_3.yaml b/queries/aws_secretsmanager_secret_3.yaml index a9faf41eb..ca258dd53 100755 --- a/queries/aws_secretsmanager_secret_3.yaml +++ b/queries/aws_secretsmanager_secret_3.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Secrets Manager Secret data, including metadata, + versions, rotation configuration, and more. ID: aws_secretsmanager_secret_3 -Title: "Find AWS Secrets Manager Secret Data and Metadata" -Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_date, - description, - rotation_enabled, - rotation_rules - from - aws_secretsmanager_secret - where - rotation_rules -> 'AutomaticallyAfterDays' > '7'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_date,\n description,\n rotation_enabled,\n\ + \ rotation_rules\nfrom\n aws_secretsmanager_secret\nwhere\n rotation_rules\ + \ -> 'AutomaticallyAfterDays' > '7';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Secrets Manager +Title: Find AWS Secrets Manager Secret Data and Metadata diff --git a/queries/aws_secretsmanager_secret_4.yaml b/queries/aws_secretsmanager_secret_4.yaml index 4a7697a03..c9347ea53 100755 --- a/queries/aws_secretsmanager_secret_4.yaml +++ b/queries/aws_secretsmanager_secret_4.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Secrets Manager Secret data, including metadata, + versions, rotation configuration, and more. ID: aws_secretsmanager_secret_4 -Title: "Find AWS Secrets Manager Secret Data" -Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - created_date, - description, - replication_status - from - aws_secretsmanager_secret - where - replication_status is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n created_date,\n description,\n replication_status\n\ + from\n aws_secretsmanager_secret\nwhere\n replication_status is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Secrets Manager +Title: Find AWS Secrets Manager Secret Data diff --git a/queries/aws_secretsmanager_secret_5.yaml b/queries/aws_secretsmanager_secret_5.yaml index 41dd34633..870b8912b 100755 --- a/queries/aws_secretsmanager_secret_5.yaml +++ b/queries/aws_secretsmanager_secret_5.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS Secrets Manager Secret data, including metadata, + versions, rotation configuration, and more. ID: aws_secretsmanager_secret_5 -Title: "List AWS Secrets Manager Secret Data and Configuration" -Description: "Allows users to query AWS Secrets Manager Secret data, including metadata, versions, rotation configuration, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_pretty(policy) as policy, - jsonb_pretty(policy_std) as policy_std - from - aws_secretsmanager_secret; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n jsonb_pretty(policy) as policy,\n jsonb_pretty(policy_std)\ + \ as policy_std\nfrom\n aws_secretsmanager_secret;" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Secrets Manager +Title: List AWS Secrets Manager Secret Data and Configuration diff --git a/queries/aws_securityhub_action_target_1.yaml b/queries/aws_securityhub_action_target_1.yaml index 095429631..1c3b9a6ff 100755 --- a/queries/aws_securityhub_action_target_1.yaml +++ b/queries/aws_securityhub_action_target_1.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS Security Hub Action Targets, providing detailed + information about each action target within AWS Security Hub, including its ARN, + name, and description. ID: aws_securityhub_action_target_1 -Title: "List AWS Security Hub Action Targets" -Description: "Allows users to query AWS Security Hub Action Targets, providing detailed information about each action target within AWS Security Hub, including its ARN, name, and description." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - region - from - aws_securityhub_action_target; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n region\nfrom\n aws_securityhub_action_target;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List AWS Security Hub Action Targets diff --git a/queries/aws_securityhub_action_target_2.yaml b/queries/aws_securityhub_action_target_2.yaml index f58be3cd5..c06baeae4 100755 --- a/queries/aws_securityhub_action_target_2.yaml +++ b/queries/aws_securityhub_action_target_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Security Hub Action Targets, providing detailed + information about each action target within AWS Security Hub, including its ARN, + name, and description. ID: aws_securityhub_action_target_2 -Title: "List AWS Security Hub Action Targets with Details" -Description: "Allows users to query AWS Security Hub Action Targets, providing detailed information about each action target within AWS Security Hub, including its ARN, name, and description." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - region - from - aws_securityhub_action_target - where - arn = 'arn:aws:securityhub:ap-south-1:*****:action/custom/test'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n region\nfrom\n aws_securityhub_action_target\n\ + where\n arn = 'arn:aws:securityhub:ap-south-1:*****:action/custom/test';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List AWS Security Hub Action Targets with Details diff --git a/queries/aws_securityhub_enabled_product_subscription_1.yaml b/queries/aws_securityhub_enabled_product_subscription_1.yaml index 6ea9a8ff2..5375d992b 100755 --- a/queries/aws_securityhub_enabled_product_subscription_1.yaml +++ b/queries/aws_securityhub_enabled_product_subscription_1.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query details of enabled product subscriptions in AWS + Security Hub, providing insights into their activation, integration types, and company + information. ID: aws_securityhub_enabled_product_subscription_1 -Title: "Find AWS Security Hub Enabled Product Subscriptions" -Description: "Allows users to query details of enabled product subscriptions in AWS Security Hub, providing insights into their activation, integration types, and company information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - title, - akas - from - aws_securityhub_enabled_product_subscription; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n title,\n akas\nfrom\n aws_securityhub_enabled_product_subscription;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Enabled Product Subscriptions diff --git a/queries/aws_securityhub_enabled_product_subscription_2.yaml b/queries/aws_securityhub_enabled_product_subscription_2.yaml index 832fe1111..b5cadc1a6 100755 --- a/queries/aws_securityhub_enabled_product_subscription_2.yaml +++ b/queries/aws_securityhub_enabled_product_subscription_2.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query details of enabled product subscriptions in AWS + Security Hub, providing insights into their activation, integration types, and company + information. ID: aws_securityhub_enabled_product_subscription_2 -Title: "Query AWS Security Hub Enabled Product Subscriptions" -Description: "Allows users to query details of enabled product subscriptions in AWS Security Hub, providing insights into their activation, integration types, and company information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.arn as subscription_arn, - p.product_arn, - p.name as product_name, - p.company_name as product_company_name, - p.marketplace_url, - p.integration_types - from - aws_securityhub_enabled_product_subscription as s, - aws_securityhub_product as p, - jsonb_array_elements(p.product_subscription_resource_policy -> 'Statement') as m - where - (m ->> 'Resource') = s.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.arn as subscription_arn,\n p.product_arn,\n p.name\ + \ as product_name,\n p.company_name as product_company_name,\n p.marketplace_url,\n\ + \ p.integration_types\nfrom\n aws_securityhub_enabled_product_subscription as\ + \ s,\n aws_securityhub_product as p,\n jsonb_array_elements(p.product_subscription_resource_policy\ + \ -> 'Statement') as m\nwhere\n (m ->> 'Resource') = s.arn;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Query AWS Security Hub Enabled Product Subscriptions diff --git a/queries/aws_securityhub_finding_1.yaml b/queries/aws_securityhub_finding_1.yaml index 5e78184d1..81cc1e4b5 100755 --- a/queries/aws_securityhub_finding_1.yaml +++ b/queries/aws_securityhub_finding_1.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_1 -Title: "Find AWS Security Hub Findings: Details and Remediation" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - company_name, - created_at, - criticality, - confidence - from - aws_securityhub_finding; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n id,\n company_name,\n created_at,\n criticality,\n\ + \ confidence\nfrom\n aws_securityhub_finding;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Hub +Title: 'Find AWS Security Hub Findings: Details and Remediation' diff --git a/queries/aws_securityhub_finding_10.yaml b/queries/aws_securityhub_finding_10.yaml index 8b1b3a82a..a36e7760d 100755 --- a/queries/aws_securityhub_finding_10.yaml +++ b/queries/aws_securityhub_finding_10.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_10 -Title: "Find all AWS Security Hub Findings with Status Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - product_arn, - product_name, - workflow_status - from - aws_securityhub_finding - where - workflow_status = 'NOTIFIED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n id,\n product_arn,\n product_name,\n workflow_status\n\ + from\n aws_securityhub_finding\nwhere \n workflow_status = 'NOTIFIED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Hub +Title: Find all AWS Security Hub Findings with Status Details diff --git a/queries/aws_securityhub_finding_11.yaml b/queries/aws_securityhub_finding_11.yaml index 05001f16f..dd0006f3f 100755 --- a/queries/aws_securityhub_finding_11.yaml +++ b/queries/aws_securityhub_finding_11.yaml @@ -1,33 +1,28 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_11 -Title: "Find AWS EC2 Security Issues with Severity and Status" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - network ->> 'DestinationDomain' as network_destination_domain, - network ->> 'DestinationIpV4' as network_destination_ip_v4, - network ->> 'DestinationIpV6' as network_destination_ip_v6, - network ->> 'DestinationPort' as network_destination_port, - network ->> 'Protocol' as network_protocol, - network ->> 'SourceIpV4' as network_source_ip_v4, - network ->> 'SourceIpV6' as network_source_ip_v6, - network ->> 'SourcePort' as network_source_port - from - aws_securityhub_finding - where - title = 'EC2 instance involved in SSH brute force attacks.'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n id,\n network ->> 'DestinationDomain' as network_destination_domain,\n\ + \ network ->> 'DestinationIpV4' as network_destination_ip_v4,\n network ->>\ + \ 'DestinationIpV6' as network_destination_ip_v6,\n network ->> 'DestinationPort'\ + \ as network_destination_port,\n network ->> 'Protocol' as network_protocol,\n\ + \ network ->> 'SourceIpV4' as network_source_ip_v4,\n network ->> 'SourceIpV6'\ + \ as network_source_ip_v6,\n network ->> 'SourcePort' as network_source_port\n\ + from\n aws_securityhub_finding\nwhere \n title = 'EC2 instance involved in SSH\ + \ brute force attacks.';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS EC2 Security Issues with Severity and Status diff --git a/queries/aws_securityhub_finding_12.yaml b/queries/aws_securityhub_finding_12.yaml index c47990da3..d30262d43 100755 --- a/queries/aws_securityhub_finding_12.yaml +++ b/queries/aws_securityhub_finding_12.yaml @@ -1,40 +1,34 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_12 -Title: "List AWS Security Hub Findings with Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - patch_summary ->> 'Id' as patch_id, - patch_summary ->> 'FailedCount' as failed_count, - patch_summary ->> 'InstalledCount' as installed_count, - patch_summary ->> 'InstalledOtherCount' as installed_other_count, - patch_summary ->> 'InstalledPendingReboot' as installed_pending_reboot, - patch_summary ->> 'InstalledRejectedCount' as installed_rejected_count, - patch_summary ->> 'MissingCount' as missing_count, - patch_summary ->> 'Operation' as operation, - patch_summary ->> 'OperationEndTime' as operation_end_time, - patch_summary ->> 'OperationStartTime' as operation_start_time, - patch_summary ->> 'RebootOption' as reboot_option - from - aws_securityhub_finding - where - title = 'EC2 instance involved in SSH brute force attacks.'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n id,\n patch_summary ->> 'Id' as patch_id,\n\ + \ patch_summary ->> 'FailedCount' as failed_count,\n patch_summary ->> 'InstalledCount'\ + \ as installed_count,\n patch_summary ->> 'InstalledOtherCount' as installed_other_count,\n\ + \ patch_summary ->> 'InstalledPendingReboot' as installed_pending_reboot,\n \ + \ patch_summary ->> 'InstalledRejectedCount' as installed_rejected_count,\n patch_summary\ + \ ->> 'MissingCount' as missing_count,\n patch_summary ->> 'Operation' as operation,\n\ + \ patch_summary ->> 'OperationEndTime' as operation_end_time,\n patch_summary\ + \ ->> 'OperationStartTime' as operation_start_time,\n patch_summary ->> 'RebootOption'\ + \ as reboot_option\nfrom\n aws_securityhub_finding\nwhere \n title = 'EC2 instance\ + \ involved in SSH brute force attacks.';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List AWS Security Hub Findings with Details diff --git a/queries/aws_securityhub_finding_13.yaml b/queries/aws_securityhub_finding_13.yaml index aaa58a827..875905703 100755 --- a/queries/aws_securityhub_finding_13.yaml +++ b/queries/aws_securityhub_finding_13.yaml @@ -1,39 +1,32 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_13 -Title: "Find AWS Security Hub Findings and their Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - v ->> 'Id' as vulnerabilitie_id, - v -> 'Vendor' ->> 'Name' as vendor_name, - v -> 'Vendor' ->> 'Url' as vendor_url, - v -> 'Vendor' ->> 'VendorCreatedAt' as vendor_created_at, - v -> 'Vendor' ->> 'VendorSeverity' as vendor_severity, - v -> 'Vendor' ->> 'VendorUpdatedAt' as vendor_updated_at, - v ->> 'Cvss' as cvss, - v ->> 'ReferenceUrls' as reference_urls, - v ->> 'RelatedVulnerabilities' as related_vulnerabilities, - v ->> 'VulnerablePackages' as vulnerable_packages - from - aws_securityhub_finding, - jsonb_array_elements(vulnerabilities) as v - where - title = 'EC2 instance involved in SSH brute force attacks.'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n v ->> 'Id' as vulnerabilitie_id,\n v -> 'Vendor'\ + \ ->> 'Name' as vendor_name,\n v -> 'Vendor' ->> 'Url' as vendor_url,\n v ->\ + \ 'Vendor' ->> 'VendorCreatedAt' as vendor_created_at,\n v -> 'Vendor' ->> 'VendorSeverity'\ + \ as vendor_severity,\n v -> 'Vendor' ->> 'VendorUpdatedAt' as vendor_updated_at,\n\ + \ v ->> 'Cvss' as cvss,\n v ->> 'ReferenceUrls' as reference_urls,\n v ->>\ + \ 'RelatedVulnerabilities' as related_vulnerabilities,\n v ->> 'VulnerablePackages'\ + \ as vulnerable_packages\nfrom\n aws_securityhub_finding,\n jsonb_array_elements(vulnerabilities)\ + \ as v\nwhere \n title = 'EC2 instance involved in SSH brute force attacks.';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Findings and their Details diff --git a/queries/aws_securityhub_finding_14.yaml b/queries/aws_securityhub_finding_14.yaml index c7b82398c..2321d3fe6 100755 --- a/queries/aws_securityhub_finding_14.yaml +++ b/queries/aws_securityhub_finding_14.yaml @@ -1,43 +1,33 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_14 -Title: "Find all AWS Security Hub Findings and Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct i.instance_id, - i.instance_state, - i.instance_type, - f.title, - f.compliance_status, - f.severity ->> 'Original' as severity_original - from - aws_ec2_instance as i, - aws_securityhub_finding as f, - jsonb_array_elements(resources) as r - where - compliance_status = 'FAILED' - and - r ->> 'Type' = 'AwsEc2Instance' - and - i.arn = r ->> 'Id'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n distinct i.instance_id,\n i.instance_state,\n i.instance_type,\n\ + \ f.title,\n f.compliance_status,\n f.severity ->> 'Original' as severity_original\n\ + from\n aws_ec2_instance as i,\n aws_securityhub_finding as f,\n jsonb_array_elements(resources)\ + \ as r\nwhere\n compliance_status = 'FAILED'\nand\n r ->> 'Type' = 'AwsEc2Instance'\n\ + and\n i.arn = r ->> 'Id';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find all AWS Security Hub Findings and Details diff --git a/queries/aws_securityhub_finding_15.yaml b/queries/aws_securityhub_finding_15.yaml index c669cbff9..3927de4e1 100755 --- a/queries/aws_securityhub_finding_15.yaml +++ b/queries/aws_securityhub_finding_15.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_15 -Title: "List AWS Security Hub Findings by Resource Type" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r ->> 'Type' as resource_type, - count(r ->> 'Type') - from - aws_securityhub_finding, - jsonb_array_elements(resources) as r - group by - r ->> 'Type' - order by - count desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r ->> 'Type' as resource_type,\n count(r ->> 'Type')\n\ + from\n aws_securityhub_finding,\n jsonb_array_elements(resources) as r\ngroup\ + \ by\n r ->> 'Type'\norder by\n count desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List AWS Security Hub Findings by Resource Type diff --git a/queries/aws_securityhub_finding_16.yaml b/queries/aws_securityhub_finding_16.yaml index cab746a73..b6b90a0d6 100755 --- a/queries/aws_securityhub_finding_16.yaml +++ b/queries/aws_securityhub_finding_16.yaml @@ -1,33 +1,27 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_16 -Title: "Find AWS Security Hub Findings Details Including Severity" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - company_name, - created_at, - criticality, - confidence - from - aws_securityhub_finding - where - standards_control_arn like '%cis-aws-foundations-benchmark%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n id,\n company_name,\n created_at,\n criticality,\n\ + \ confidence\nfrom\n aws_securityhub_finding\nwhere\n standards_control_arn\ + \ like '%cis-aws-foundations-benchmark%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Findings Details Including Severity diff --git a/queries/aws_securityhub_finding_17.yaml b/queries/aws_securityhub_finding_17.yaml index eea7f9b5d..d4b6e7bc0 100755 --- a/queries/aws_securityhub_finding_17.yaml +++ b/queries/aws_securityhub_finding_17.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_17 -Title: "Find AWS Security Hub Findings and Severity Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - f.title, - f.id, - f.company_name, - f.created_at, - f.criticality, - f.confidence - from - aws_securityhub_finding as f, - aws_securityhub_standards_control as c - where - c.arn = f.standards_control_arn - and - c.control_id = 'Config.1'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n f.title,\n f.id,\n f.company_name,\n f.created_at,\n\ + \ f.criticality,\n f.confidence\nfrom \n aws_securityhub_finding as f,\n aws_securityhub_standards_control\ + \ as c\nwhere \n c.arn = f.standards_control_arn\nand\n c.control_id = 'Config.1';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Findings and Severity Details diff --git a/queries/aws_securityhub_finding_18.yaml b/queries/aws_securityhub_finding_18.yaml index cbd6853d9..ecc3d5aa4 100755 --- a/queries/aws_securityhub_finding_18.yaml +++ b/queries/aws_securityhub_finding_18.yaml @@ -1,35 +1,29 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_18 -Title: "List all AWS Security Hub Findings for Compliance Failures" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct r ->> 'Id' as resource_arn, - r ->> 'Type' as resource_type, - f.title, - f.compliance_status, - f.severity ->> 'Original' as severity_original - from - aws_securityhub_finding as f, - jsonb_array_elements(resources) as r - where - f.compliance_status = 'FAILED' - and - standards_control_arn like '%cis-aws-foundations-benchmark%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n distinct r ->> 'Id' as resource_arn,\n r ->> 'Type'\ + \ as resource_type,\n f.title,\n f.compliance_status,\n f.severity ->> 'Original'\ + \ as severity_original\nfrom\n aws_securityhub_finding as f,\n jsonb_array_elements(resources)\ + \ as r\nwhere\n f.compliance_status = 'FAILED'\nand\n standards_control_arn\ + \ like '%cis-aws-foundations-benchmark%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List all AWS Security Hub Findings for Compliance Failures diff --git a/queries/aws_securityhub_finding_19.yaml b/queries/aws_securityhub_finding_19.yaml index fe3770005..6cf7b7c4b 100755 --- a/queries/aws_securityhub_finding_19.yaml +++ b/queries/aws_securityhub_finding_19.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_19 -Title: "Find AWS Security Hub Findings in Production Environment" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct r ->> 'Id' as resource_arn, - r ->> 'Type' as resource_type, - f.title, - f.compliance_status, - f.severity ->> 'Original' as severity_original - from - aws_securityhub_finding as f, - jsonb_array_elements(resources) as r - where - r -> 'Tags' ->> 'Environment' = 'PROD'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n distinct r ->> 'Id' as resource_arn,\n r ->> 'Type'\ + \ as resource_type,\n f.title,\n f.compliance_status,\n f.severity ->> 'Original'\ + \ as severity_original\nfrom\n aws_securityhub_finding as f,\n jsonb_array_elements(resources)\ + \ as r\nwhere\n r -> 'Tags' ->> 'Environment' = 'PROD';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Findings in Production Environment diff --git a/queries/aws_securityhub_finding_2.yaml b/queries/aws_securityhub_finding_2.yaml index 7768172ff..fd8b07927 100755 --- a/queries/aws_securityhub_finding_2.yaml +++ b/queries/aws_securityhub_finding_2.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_2 -Title: "List AWS Security Hub Findings by Severity" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - product_arn, - product_name, - severity ->> 'Original' as severity_original - from - aws_securityhub_finding - where - severity ->> 'Original' = 'HIGH'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n product_arn,\n product_name,\n severity ->>\ + \ 'Original' as severity_original\nfrom\n aws_securityhub_finding\nwhere\n severity\ + \ ->> 'Original' = 'HIGH';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Hub +Title: List AWS Security Hub Findings by Severity diff --git a/queries/aws_securityhub_finding_20.yaml b/queries/aws_securityhub_finding_20.yaml index 5add019b6..a72eca988 100755 --- a/queries/aws_securityhub_finding_20.yaml +++ b/queries/aws_securityhub_finding_20.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_20 -Title: "List all Security Hub findings with environment tags" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r -> 'Tags' ->> 'Environment' as environment, - count(r ->> 'Tags') - from - aws_securityhub_finding as f, - jsonb_array_elements(resources) as r - group by - r -> 'Tags' ->> 'Environment' - order by - count desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r -> 'Tags' ->> 'Environment' as environment,\n count(r\ + \ ->> 'Tags')\nfrom\n aws_securityhub_finding as f,\n jsonb_array_elements(resources)\ + \ as r\ngroup by\n r -> 'Tags' ->> 'Environment'\norder by\n count desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Hub +Title: List all Security Hub findings with environment tags diff --git a/queries/aws_securityhub_finding_21.yaml b/queries/aws_securityhub_finding_21.yaml index 19d67dc74..c49ba2c70 100755 --- a/queries/aws_securityhub_finding_21.yaml +++ b/queries/aws_securityhub_finding_21.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_21 -Title: "Find AWS Security Hub Findings with Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - f.severity ->> 'Original' as severity, - r ->> 'Type' as resource_type, - source_account_id - from - aws_securityhub_finding as f, - jsonb_array_elements(resources) r - where - source_account_id = '0123456789012'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n f.severity ->> 'Original' as severity,\n r\ + \ ->> 'Type' as resource_type,\n source_account_id\nfrom\n aws_securityhub_finding\ + \ as f,\n jsonb_array_elements(resources) r\nwhere\n source_account_id = '0123456789012';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Hub +Title: Find AWS Security Hub Findings with Details diff --git a/queries/aws_securityhub_finding_22.yaml b/queries/aws_securityhub_finding_22.yaml index 5860c0965..a273899f6 100755 --- a/queries/aws_securityhub_finding_22.yaml +++ b/queries/aws_securityhub_finding_22.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_22 -Title: "Find all Security Hub Findings and Details" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - source_account_id, - count(*) as finding_count - from - aws_securityhub_finding - group by - source_account_id - order by - source_account_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n source_account_id,\n count(*) as finding_count\nfrom\n\ + \ aws_securityhub_finding\ngroup by\n source_account_id\norder by\n source_account_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find all Security Hub Findings and Details diff --git a/queries/aws_securityhub_finding_3.yaml b/queries/aws_securityhub_finding_3.yaml index 0f2eb3169..423bff7b2 100755 --- a/queries/aws_securityhub_finding_3.yaml +++ b/queries/aws_securityhub_finding_3.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_3 -Title: "List all AWS Security Hub Findings and Severity" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - severity ->> 'Original' as severity_original, - count(severity ->> 'Original') - from - aws_securityhub_finding - group by - severity ->> 'Original' - order by - severity ->> 'Original'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n severity ->> 'Original' as severity_original,\n count(severity\ + \ ->> 'Original')\nfrom\n aws_securityhub_finding\ngroup by\n severity ->> 'Original'\n\ + order by\n severity ->> 'Original';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List all AWS Security Hub Findings and Severity diff --git a/queries/aws_securityhub_finding_4.yaml b/queries/aws_securityhub_finding_4.yaml index 02ad25d73..5498acd4f 100755 --- a/queries/aws_securityhub_finding_4.yaml +++ b/queries/aws_securityhub_finding_4.yaml @@ -1,32 +1,27 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_4 -Title: "Find AWS Security Hub Findings with Failed Status" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - product_arn, - product_name, - compliance ->> 'Status' as compliance_status, - compliance ->> 'StatusReasons' as compliance_status_reasons - from - aws_securityhub_finding - where - compliance ->> 'Status' = 'FAILED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n product_arn,\n product_name,\n compliance\ + \ ->> 'Status' as compliance_status,\n compliance ->> 'StatusReasons' as compliance_status_reasons\n\ + from\n aws_securityhub_finding\nwhere\n compliance ->> 'Status' = 'FAILED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Findings with Failed Status diff --git a/queries/aws_securityhub_finding_5.yaml b/queries/aws_securityhub_finding_5.yaml index 4a36d1707..26294b61c 100755 --- a/queries/aws_securityhub_finding_5.yaml +++ b/queries/aws_securityhub_finding_5.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_5 -Title: "Find all AWS Security Hub Findings with SQL" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - product_arn, - product_name, - malware - from - aws_securityhub_finding - where - malware is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n product_arn,\n product_name,\n malware\n\ + from\n aws_securityhub_finding\nwhere\n malware is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Hub +Title: Find all AWS Security Hub Findings with SQL diff --git a/queries/aws_securityhub_finding_6.yaml b/queries/aws_securityhub_finding_6.yaml index ba86d0a4e..3a9e73f74 100755 --- a/queries/aws_securityhub_finding_6.yaml +++ b/queries/aws_securityhub_finding_6.yaml @@ -1,33 +1,27 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_6 -Title: "List AWS Security Hub Findings for Critical Issues" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - product_arn, - product_name, - severity ->> 'Original' as severity_original - from - aws_securityhub_finding - where - severity ->> 'Original' = 'CRITICAL' - and - created_at >= now() - interval '10' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n product_arn,\n product_name,\n severity ->>\ + \ 'Original' as severity_original\nfrom\n aws_securityhub_finding\nwhere\n severity\ + \ ->> 'Original' = 'CRITICAL'\nand \n created_at >= now() - interval '10' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List AWS Security Hub Findings for Critical Issues diff --git a/queries/aws_securityhub_finding_7.yaml b/queries/aws_securityhub_finding_7.yaml index afd98ac64..477b23cf5 100755 --- a/queries/aws_securityhub_finding_7.yaml +++ b/queries/aws_securityhub_finding_7.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_7 -Title: "Find all AWS Security Hub Findings with SQL" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - product_arn, - product_name, - criticality - from - aws_securityhub_finding - order by - criticality desc nulls last; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n product_arn,\n product_name,\n criticality\n\ + from\n aws_securityhub_finding\norder by \n criticality desc nulls last;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Hub +Title: Find all AWS Security Hub Findings with SQL diff --git a/queries/aws_securityhub_finding_8.yaml b/queries/aws_securityhub_finding_8.yaml index 10b90a6ef..e81aedda0 100755 --- a/queries/aws_securityhub_finding_8.yaml +++ b/queries/aws_securityhub_finding_8.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_8 -Title: "Find all AWS Security Hub Findings with Issues" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - id, - product_arn, - product_name, - company_name - from - aws_securityhub_finding - where - company_name = 'Turbot'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n id,\n product_arn,\n product_name,\n company_name\n\ + from\n aws_securityhub_finding\nwhere \n company_name = 'Turbot';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find all AWS Security Hub Findings with Issues diff --git a/queries/aws_securityhub_finding_9.yaml b/queries/aws_securityhub_finding_9.yaml index 500f960d9..98eb30c7e 100755 --- a/queries/aws_securityhub_finding_9.yaml +++ b/queries/aws_securityhub_finding_9.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query AWS Security Hub Findings to gather information + about security issues identified within AWS resources. This includes details such + as the severity, status, and description of the finding, the resources affected, + and any remediation steps recommended. ID: aws_securityhub_finding_9 -Title: "Find all Security Hub Findings within AWS Resources" -Description: "Allows users to query AWS Security Hub Findings to gather information about security issues identified within AWS resources. This includes details such as the severity, status, and description of the finding, the resources affected, and any remediation steps recommended." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - product_arn, - product_name, - updated_at - from - aws_securityhub_finding - where - updated_at >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n product_arn,\n product_name,\n updated_at\n\ + from\n aws_securityhub_finding\nwhere\n updated_at >= now() - interval '30'\ + \ day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find all Security Hub Findings within AWS Resources diff --git a/queries/aws_securityhub_finding_aggregator_1.yaml b/queries/aws_securityhub_finding_aggregator_1.yaml index b1cb1bd82..d04b5859e 100755 --- a/queries/aws_securityhub_finding_aggregator_1.yaml +++ b/queries/aws_securityhub_finding_aggregator_1.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS Security Hub Finding Aggregator to gather information + about the findings that are generated by the integrated third-party products and + AWS services. ID: aws_securityhub_finding_aggregator_1 -Title: "List all findings in AWS Security Hub Aggregator" -Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - finding_aggregation_region, - region_linking_mode - from - aws_securityhub_finding_aggregator; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n finding_aggregation_region,\n region_linking_mode\n\ + from\n aws_securityhub_finding_aggregator;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Hub +Title: List all findings in AWS Security Hub Aggregator diff --git a/queries/aws_securityhub_finding_aggregator_2.yaml b/queries/aws_securityhub_finding_aggregator_2.yaml index e14f71265..af56c23bf 100755 --- a/queries/aws_securityhub_finding_aggregator_2.yaml +++ b/queries/aws_securityhub_finding_aggregator_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Security Hub Finding Aggregator to gather information + about the findings that are generated by the integrated third-party products and + AWS services. ID: aws_securityhub_finding_aggregator_2 -Title: "Find information in AWS Security Hub Finding Aggregator" -Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - finding_aggregation_region, - region_linking_mode - from - aws_securityhub_finding_aggregator - where - region_linking_mode = 'ALL_REGIONS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n finding_aggregation_region,\n region_linking_mode\n\ + from\n aws_securityhub_finding_aggregator\nwhere\n region_linking_mode = 'ALL_REGIONS';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub Finding Aggregator +Title: Find information in AWS Security Hub Finding Aggregator diff --git a/queries/aws_securityhub_finding_aggregator_3.yaml b/queries/aws_securityhub_finding_aggregator_3.yaml index 9567a51b4..0ad1d82ae 100755 --- a/queries/aws_securityhub_finding_aggregator_3.yaml +++ b/queries/aws_securityhub_finding_aggregator_3.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Security Hub Finding Aggregator to gather information + about the findings that are generated by the integrated third-party products and + AWS services. ID: aws_securityhub_finding_aggregator_3 -Title: "Find Info About AWS Security Hub Finding Aggregator" -Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - region_linking_mode, - r as linked_region - from - aws_securityhub_finding_aggregator, - jsonb_array_elements_text(regions) as r - where - region_linking_mode = 'SPECIFIED_REGIONS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n region_linking_mode,\n r as linked_region\n\ + from\n aws_securityhub_finding_aggregator,\n jsonb_array_elements_text(regions)\ + \ as r\nwhere\n region_linking_mode = 'SPECIFIED_REGIONS';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Hub +Title: Find Info About AWS Security Hub Finding Aggregator diff --git a/queries/aws_securityhub_finding_aggregator_4.yaml b/queries/aws_securityhub_finding_aggregator_4.yaml index aea948087..77ecc7bd4 100755 --- a/queries/aws_securityhub_finding_aggregator_4.yaml +++ b/queries/aws_securityhub_finding_aggregator_4.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Security Hub Finding Aggregator to gather information + about the findings that are generated by the integrated third-party products and + AWS services. ID: aws_securityhub_finding_aggregator_4 -Title: "Find Security Hub Findings Aggregator Details in AWS" -Description: "Allows users to query AWS Security Hub Finding Aggregator to gather information about the findings that are generated by the integrated third-party products and AWS services." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - a.name as linked_region - from - aws_securityhub_finding_aggregator as f, - aws_region as a, - jsonb_array_elements_text(f.regions) as r - where - region_linking_mode = 'ALL_REGIONS_EXCEPT_SPECIFIED' - and - a.name <> r; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n a.name as linked_region\nfrom\n aws_securityhub_finding_aggregator\ + \ as f,\n aws_region as a,\n jsonb_array_elements_text(f.regions) as r\nwhere\n\ + \ region_linking_mode = 'ALL_REGIONS_EXCEPT_SPECIFIED'\nand\n a.name <> r;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find Security Hub Findings Aggregator Details in AWS diff --git a/queries/aws_securityhub_hub_1.yaml b/queries/aws_securityhub_hub_1.yaml index 0bb5b44ac..850cbe9cb 100755 --- a/queries/aws_securityhub_hub_1.yaml +++ b/queries/aws_securityhub_hub_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query Security Hub to retrieve information about the + Hub resources. ID: aws_securityhub_hub_1 -Title: "Find AWS Security Hub Resources Information" -Description: "Allows users to query Security Hub to retrieve information about the Hub resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - hub_arn, - auto_enable_controls, - subscribed_at, - region - from - aws_securityhub_hub; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n hub_arn,\n auto_enable_controls,\n subscribed_at,\n\ + \ region\nfrom\n aws_securityhub_hub;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Resources Information diff --git a/queries/aws_securityhub_hub_2.yaml b/queries/aws_securityhub_hub_2.yaml index 28a7b5fe1..39f43f71b 100755 --- a/queries/aws_securityhub_hub_2.yaml +++ b/queries/aws_securityhub_hub_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query Security Hub to retrieve information about the + Hub resources. ID: aws_securityhub_hub_2 -Title: "List all Hub resources from AWS Security Hub" -Description: "Allows users to query Security Hub to retrieve information about the Hub resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - hub_arn, - auto_enable_controls - from - aws_securityhub_hub - where - not auto_enable_controls; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n hub_arn,\n auto_enable_controls\nfrom\n aws_securityhub_hub\n\ + where\n not auto_enable_controls;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List all Hub resources from AWS Security Hub diff --git a/queries/aws_securityhub_hub_3.yaml b/queries/aws_securityhub_hub_3.yaml index db15fd0d4..8c75d05eb 100755 --- a/queries/aws_securityhub_hub_3.yaml +++ b/queries/aws_securityhub_hub_3.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query Security Hub to retrieve information about the + Hub resources. ID: aws_securityhub_hub_3 -Title: "Find Administrator Account Info in AWS Security Hub" -Description: "Allows users to query Security Hub to retrieve information about the Hub resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - hub_arn, - auto_enable_controls, - administrator_account ->> 'AccountId' as administrator_account_id, - administrator_account ->> 'InvitationId' as administrator_invitation_id, - administrator_account ->> 'InvitedAt' as administrator_invitation_time, - administrator_account ->> 'MemberStatus' as administrator_status - from - aws_securityhub_hub - where - administrator_account is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n hub_arn,\n auto_enable_controls,\n administrator_account\ + \ ->> 'AccountId' as administrator_account_id,\n administrator_account ->> 'InvitationId'\ + \ as administrator_invitation_id,\n administrator_account ->> 'InvitedAt' as\ + \ administrator_invitation_time,\n administrator_account ->> 'MemberStatus' as\ + \ administrator_status\nfrom\n aws_securityhub_hub\nwhere\n administrator_account\ + \ is not null;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find Administrator Account Info in AWS Security Hub diff --git a/queries/aws_securityhub_insight_1.yaml b/queries/aws_securityhub_insight_1.yaml index 4e0176aec..11f740b25 100755 --- a/queries/aws_securityhub_insight_1.yaml +++ b/queries/aws_securityhub_insight_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Security Hub Insights to retrieve information + about the insights in AWS Security Hub. This includes details such as insight ARN, + name, filters, group by attributes, and more. ID: aws_securityhub_insight_1 -Title: "Find Insights in AWS Security Hub with SQL" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - group_by_attribute, - region - from - aws_securityhub_insight; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n group_by_attribute,\n region\nfrom\n\ + \ aws_securityhub_insight;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find Insights in AWS Security Hub with SQL diff --git a/queries/aws_securityhub_insight_10.yaml b/queries/aws_securityhub_insight_10.yaml index 944322885..dde81d94a 100755 --- a/queries/aws_securityhub_insight_10.yaml +++ b/queries/aws_securityhub_insight_10.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Security Hub Insights to retrieve information + about the insights in AWS Security Hub. This includes details such as insight ARN, + name, filters, group by attributes, and more. ID: aws_securityhub_insight_10 -Title: "Find AWS Security Hub Insights Details Using SQL" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'RecordState' as record_state - from - aws_securityhub_insight - where - name = 'sp'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n filters ->> 'RecordState' as record_state\n\ + from\n aws_securityhub_insight\nwhere\n name = 'sp';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Insights Details Using SQL diff --git a/queries/aws_securityhub_insight_2.yaml b/queries/aws_securityhub_insight_2.yaml index c198f559a..19a2a9677 100755 --- a/queries/aws_securityhub_insight_2.yaml +++ b/queries/aws_securityhub_insight_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Security Hub Insights to retrieve information + about the insights in AWS Security Hub. This includes details such as insight ARN, + name, filters, group by attributes, and more. ID: aws_securityhub_insight_2 -Title: "List all AWS Security Hub Insights with Details" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - group_by_attribute, - region - from - aws_securityhub_insight - where - group_by_attribute = 'ResourceId'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n group_by_attribute,\n region\nfrom\n\ + \ aws_securityhub_insight\nwhere\n group_by_attribute = 'ResourceId';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List all AWS Security Hub Insights with Details diff --git a/queries/aws_securityhub_insight_3.yaml b/queries/aws_securityhub_insight_3.yaml index 32892c13f..85a93e48f 100755 --- a/queries/aws_securityhub_insight_3.yaml +++ b/queries/aws_securityhub_insight_3.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS Security Hub Insights to retrieve information + about the insights in AWS Security Hub. This includes details such as insight ARN, + name, filters, group by attributes, and more. ID: aws_securityhub_insight_3 -Title: "Find AWS Security Hub Insights Details using SQL" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'WorkflowStatus' as workflow_status - from - aws_securityhub_insight; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n filters ->> 'WorkflowStatus' as workflow_status\n\ + from\n aws_securityhub_insight;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Insights Details using SQL diff --git a/queries/aws_securityhub_insight_4.yaml b/queries/aws_securityhub_insight_4.yaml index 8bc0c635d..828d63a58 100755 --- a/queries/aws_securityhub_insight_4.yaml +++ b/queries/aws_securityhub_insight_4.yaml @@ -1,24 +1,21 @@ +Description: Allows users to query AWS Security Hub Insights to retrieve information + about the insights in AWS Security Hub. This includes details such as insight ARN, + name, filters, group by attributes, and more. ID: aws_securityhub_insight_4 -Title: "Find AWS Security Hub Insights with Severity Filters" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'SeverityLabel' as severity_label - from - aws_securityhub_insight; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n filters ->> 'SeverityLabel' as severity_label\n\ + from\n aws_securityhub_insight;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Insights with Severity Filters diff --git a/queries/aws_securityhub_insight_5.yaml b/queries/aws_securityhub_insight_5.yaml index f718d0329..921f3f8f7 100755 --- a/queries/aws_securityhub_insight_5.yaml +++ b/queries/aws_securityhub_insight_5.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Security Hub Insights to retrieve information + about the insights in AWS Security Hub. This includes details such as insight ARN, + name, filters, group by attributes, and more. ID: aws_securityhub_insight_5 -Title: "Find AWS Security Hub Insights with Critical Severity" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'SeverityLabel' as severity - from - aws_securityhub_insight - where - filters ->> 'SeverityLabel' = '{"Comparison": "EQUALS", "Value": "CRITICAL"}' - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n filters ->> 'SeverityLabel' as severity\n\ + from\n aws_securityhub_insight\nwhere\n filters ->> 'SeverityLabel' = '{\"Comparison\"\ + : \"EQUALS\", \"Value\": \"CRITICAL\"}'" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Insights with Critical Severity diff --git a/queries/aws_securityhub_insight_6.yaml b/queries/aws_securityhub_insight_6.yaml index 23eb1d11a..0b31a5185 100755 --- a/queries/aws_securityhub_insight_6.yaml +++ b/queries/aws_securityhub_insight_6.yaml @@ -1,28 +1,25 @@ +Description: Allows users to query AWS Security Hub Insights to retrieve information + about the insights in AWS Security Hub. This includes details such as insight ARN, + name, filters, group by attributes, and more. ID: aws_securityhub_insight_6 -Title: "List all AWS Security Hub Insights with Filters and Grouping" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'ThreatIntelIndicatorType' as threat_intelligence_details - from - aws_securityhub_insight - where - filters ->> 'ThreatIntelIndicatorType' = '{"Comparison": "EQUALS", "Value": "IPV4_ADDRESS"}' - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n filters ->> 'ThreatIntelIndicatorType'\ + \ as threat_intelligence_details\nfrom\n aws_securityhub_insight\nwhere\n filters\ + \ ->> 'ThreatIntelIndicatorType' = '{\"Comparison\": \"EQUALS\", \"Value\": \"\ + IPV4_ADDRESS\"}'" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Hub +Title: List all AWS Security Hub Insights with Filters and Grouping diff --git a/queries/aws_securityhub_insight_7.yaml b/queries/aws_securityhub_insight_7.yaml index 657ab0a0f..0120d4a39 100755 --- a/queries/aws_securityhub_insight_7.yaml +++ b/queries/aws_securityhub_insight_7.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS Security Hub Insights to retrieve information + about the insights in AWS Security Hub. This includes details such as insight ARN, + name, filters, group by attributes, and more. ID: aws_securityhub_insight_7 -Title: "Find All AWS Security Hub Insights with SQL Query" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'ComplianceStatus' as compliance_status - from - aws_securityhub_insight - where - filters ->> 'ComplianceStatus' = '{"Comparison": "EQUALS", "Value": "FAILED"}' - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n filters ->> 'ComplianceStatus' as compliance_status\n\ + from\n aws_securityhub_insight\nwhere\n filters ->> 'ComplianceStatus' = '{\"\ + Comparison\": \"EQUALS\", \"Value\": \"FAILED\"}'" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find All AWS Security Hub Insights with SQL Query diff --git a/queries/aws_securityhub_insight_8.yaml b/queries/aws_securityhub_insight_8.yaml index 9c6cdded9..cdea5ec10 100755 --- a/queries/aws_securityhub_insight_8.yaml +++ b/queries/aws_securityhub_insight_8.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS Security Hub Insights to retrieve information + about the insights in AWS Security Hub. This includes details such as insight ARN, + name, filters, group by attributes, and more. ID: aws_securityhub_insight_8 -Title: "List all AWS Security Hub Insights with Details" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'MalwareName' as malware_name, - filters ->> 'MalwarePath' as malware_path, - filters ->> 'MalwareType' as malware_type - from - aws_securityhub_insight; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n filters ->> 'MalwareName' as malware_name,\n\ + \ filters ->> 'MalwarePath' as malware_path,\n filters ->> 'MalwareType' as\ + \ malware_type\nfrom\n aws_securityhub_insight;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List all AWS Security Hub Insights with Details diff --git a/queries/aws_securityhub_insight_9.yaml b/queries/aws_securityhub_insight_9.yaml index 82e853c9b..baab6b458 100755 --- a/queries/aws_securityhub_insight_9.yaml +++ b/queries/aws_securityhub_insight_9.yaml @@ -1,35 +1,30 @@ +Description: Allows users to query AWS Security Hub Insights to retrieve information + about the insights in AWS Security Hub. This includes details such as insight ARN, + name, filters, group by attributes, and more. ID: aws_securityhub_insight_9 -Title: "Find AWS Security Hub Insights and Network Attributes" -Description: "Allows users to query AWS Security Hub Insights to retrieve information about the insights in AWS Security Hub. This includes details such as insight ARN, name, filters, group by attributes, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - filters ->> 'NetworkSourceDomain' as network_source_domain, - filters ->> 'NetworkDestinationDomain' as network_destination_domain, - filters ->> 'NetworkSourceIpV4' as network_source_ip_v4, - filters ->> 'NetworkDestinationIpV4' as network_destination_ip_v4, - filters ->> 'NetworkSourceIpV6' as network_source_ip_v6, - filters ->> 'NetworkDestinationIpV6' as network_destination_ip_v6, - filters ->> 'NetworkSourcePort' as network_source_port, - filters ->> 'NetworkDestinationPort' as network_destination_port - from - aws_securityhub_insight; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n filters ->> 'NetworkSourceDomain' as\ + \ network_source_domain,\n filters ->> 'NetworkDestinationDomain' as network_destination_domain,\n\ + \ filters ->> 'NetworkSourceIpV4' as network_source_ip_v4,\n filters ->> 'NetworkDestinationIpV4'\ + \ as network_destination_ip_v4,\n filters ->> 'NetworkSourceIpV6' as network_source_ip_v6,\n\ + \ filters ->> 'NetworkDestinationIpV6' as network_destination_ip_v6,\n filters\ + \ ->> 'NetworkSourcePort' as network_source_port,\n filters ->> 'NetworkDestinationPort'\ + \ as network_destination_port\nfrom\n aws_securityhub_insight;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Insights and Network Attributes diff --git a/queries/aws_securityhub_member_1.yaml b/queries/aws_securityhub_member_1.yaml index 96d4fd882..47c704c20 100755 --- a/queries/aws_securityhub_member_1.yaml +++ b/queries/aws_securityhub_member_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Security Hub Members for detailed information + about each member''s account, including its ID, email, status, and more. ID: aws_securityhub_member_1 -Title: "Find AWS Security Hub Members for Detailed Information" -Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - email, - administrator_id, - member_status, - updated_at - from - aws_securityhub_member; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n member_account_id,\n email,\n administrator_id,\n \ + \ member_status,\n updated_at\nfrom\n aws_securityhub_member;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Members for Detailed Information diff --git a/queries/aws_securityhub_member_2.yaml b/queries/aws_securityhub_member_2.yaml index 434633589..384e4b58c 100755 --- a/queries/aws_securityhub_member_2.yaml +++ b/queries/aws_securityhub_member_2.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Security Hub Members for detailed information + about each member''s account, including its ID, email, status, and more. ID: aws_securityhub_member_2 -Title: "Find AWS Security Hub Members with Detailed Info" -Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - email, - administrator_id, - member_status, - updated_at, - invited_at - from - aws_securityhub_member - where - member_status = 'Enabled'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n member_account_id,\n email,\n administrator_id,\n \ + \ member_status,\n updated_at,\n invited_at\nfrom\n aws_securityhub_member\n\ + where\n member_status = 'Enabled';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Members with Detailed Info diff --git a/queries/aws_securityhub_member_3.yaml b/queries/aws_securityhub_member_3.yaml index f9b9ae447..f5c0c65ac 100755 --- a/queries/aws_securityhub_member_3.yaml +++ b/queries/aws_securityhub_member_3.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Security Hub Members for detailed information + about each member''s account, including its ID, email, status, and more. ID: aws_securityhub_member_3 -Title: "List all AWS Security Hub Members with Detailed Information" -Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - email, - administrator_id, - member_status, - updated_at - from - aws_securityhub_member - where - member_status = 'Created'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n member_account_id,\n email,\n administrator_id,\n \ + \ member_status,\n updated_at\nfrom\n aws_securityhub_member\nwhere\n member_status\ + \ = 'Created';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List all AWS Security Hub Members with Detailed Information diff --git a/queries/aws_securityhub_member_4.yaml b/queries/aws_securityhub_member_4.yaml index 66e2d4621..fb9ed8fac 100755 --- a/queries/aws_securityhub_member_4.yaml +++ b/queries/aws_securityhub_member_4.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS Security Hub Members for detailed information + about each member''s account, including its ID, email, status, and more. ID: aws_securityhub_member_4 -Title: "List all AWS Security Hub Members with details" -Description: "Allows users to query AWS Security Hub Members for detailed information about each member''s account, including its ID, email, status, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - member_account_id, - email, - administrator_id, - member_status, - updated_at, - invited_at - from - aws_securityhub_member - where - member_status = 'Enabled' - and - invited_at <= (now() - interval '10' day); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n member_account_id,\n email,\n administrator_id,\n \ + \ member_status,\n updated_at,\n invited_at\nfrom\n aws_securityhub_member\n\ + where\n member_status = 'Enabled'\nand\n invited_at <= (now() - interval '10'\ + \ day);" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List all AWS Security Hub Members with details diff --git a/queries/aws_securityhub_product_1.yaml b/queries/aws_securityhub_product_1.yaml index 89a8613a5..0f5aff67a 100755 --- a/queries/aws_securityhub_product_1.yaml +++ b/queries/aws_securityhub_product_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Security Hub Product details for comprehensive + security and compliance insights. ID: aws_securityhub_product_1 -Title: "Find AWS Security Hub Product Details for Security Insights" -Description: "Allows users to query AWS Security Hub Product details for comprehensive security and compliance insights." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - product_arn, - company_name, - description - from - aws_securityhub_product; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n product_arn,\n company_name,\n description\n\ + from\n aws_securityhub_product;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Product Details for Security Insights diff --git a/queries/aws_securityhub_product_2.yaml b/queries/aws_securityhub_product_2.yaml index 2e1348f0e..284320212 100755 --- a/queries/aws_securityhub_product_2.yaml +++ b/queries/aws_securityhub_product_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Security Hub Product details for comprehensive + security and compliance insights. ID: aws_securityhub_product_2 -Title: "Find AWS Security Hub Product Details" -Description: "Allows users to query AWS Security Hub Product details for comprehensive security and compliance insights." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - company_name, - description - from - aws_securityhub_product - where - company_name = 'AWS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n company_name,\n description\nfrom\n aws_securityhub_product\n\ + where\n company_name = 'AWS';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Product Details diff --git a/queries/aws_securityhub_product_3.yaml b/queries/aws_securityhub_product_3.yaml index 2117ca594..2865ae3cd 100755 --- a/queries/aws_securityhub_product_3.yaml +++ b/queries/aws_securityhub_product_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Security Hub Product details for comprehensive + security and compliance insights. ID: aws_securityhub_product_3 -Title: "Find AWS Security Hub Products for Security Insights" -Description: "Allows users to query AWS Security Hub Product details for comprehensive security and compliance insights." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - product_arn, - company_name - from - aws_securityhub_product, - jsonb_array_elements_text(integration_types) as i - where - i = 'SEND_FINDINGS_TO_SECURITY_HUB'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n product_arn,\n company_name\nfrom\n aws_securityhub_product,\n\ + \ jsonb_array_elements_text(integration_types) as i\nwhere\n i = 'SEND_FINDINGS_TO_SECURITY_HUB';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Products for Security Insights diff --git a/queries/aws_securityhub_standards_control_1.yaml b/queries/aws_securityhub_standards_control_1.yaml index f31475964..7c4a0e1b6 100755 --- a/queries/aws_securityhub_standards_control_1.yaml +++ b/queries/aws_securityhub_standards_control_1.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS Security Hub Standards Control data including + details about each security standard control available in an AWS account. ID: aws_securityhub_standards_control_1 -Title: "Find AWS Security Hub Standards Control Data" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - control_id, - control_status, - severity_rating - from - aws_securityhub_standards_control; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n control_id,\n control_status,\n severity_rating\nfrom\n\ + \ aws_securityhub_standards_control;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Standards Control Data diff --git a/queries/aws_securityhub_standards_control_2.yaml b/queries/aws_securityhub_standards_control_2.yaml index a7d09db90..f39113c72 100755 --- a/queries/aws_securityhub_standards_control_2.yaml +++ b/queries/aws_securityhub_standards_control_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Security Hub Standards Control data including + details about each security standard control available in an AWS account. ID: aws_securityhub_standards_control_2 -Title: "List details of AWS Security Hub Standards Controls" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - control_id, - control_status, - severity_rating - from - aws_securityhub_standards_control - where - control_status = 'DISABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n control_id,\n control_status,\n severity_rating\nfrom\n\ + \ aws_securityhub_standards_control\nwhere\n control_status = 'DISABLED';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub Standards Control +Title: List details of AWS Security Hub Standards Controls diff --git a/queries/aws_securityhub_standards_control_3.yaml b/queries/aws_securityhub_standards_control_3.yaml index 873d890d2..783791148 100755 --- a/queries/aws_securityhub_standards_control_3.yaml +++ b/queries/aws_securityhub_standards_control_3.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Security Hub Standards Control data including + details about each security standard control available in an AWS account. ID: aws_securityhub_standards_control_3 -Title: "List AWS Security Hub Standards Control Data Details" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - severity_rating, - count(severity_rating) - from - aws_securityhub_standards_control - group by - severity_rating - order by - severity_rating; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n severity_rating,\n count(severity_rating)\nfrom\n aws_securityhub_standards_control\n\ + group by\n severity_rating\norder by\n severity_rating;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List AWS Security Hub Standards Control Data Details diff --git a/queries/aws_securityhub_standards_control_4.yaml b/queries/aws_securityhub_standards_control_4.yaml index 5c102f9b1..83b214c61 100755 --- a/queries/aws_securityhub_standards_control_4.yaml +++ b/queries/aws_securityhub_standards_control_4.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Security Hub Standards Control data including + details about each security standard control available in an AWS account. ID: aws_securityhub_standards_control_4 -Title: "Find AWS Security Hub Standards Control with High Severity" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - control_id, - control_status, - severity_rating - from - aws_securityhub_standards_control - where - severity_rating = 'HIGH'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n control_id,\n control_status,\n severity_rating\nfrom\n\ + \ aws_securityhub_standards_control\nwhere\n severity_rating = 'HIGH';" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Standards Control with High Severity diff --git a/queries/aws_securityhub_standards_control_5.yaml b/queries/aws_securityhub_standards_control_5.yaml index 662322a73..a6b5dd63d 100755 --- a/queries/aws_securityhub_standards_control_5.yaml +++ b/queries/aws_securityhub_standards_control_5.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Security Hub Standards Control data including + details about each security standard control available in an AWS account. ID: aws_securityhub_standards_control_5 -Title: "Find details of AWS Security Hub Standards Control" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - control_id, - control_status, - severity_rating - from - aws_securityhub_standards_control - where - control_status_updated_at >= (now() - interval '30' day); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n control_id,\n control_status,\n severity_rating\nfrom\n\ + \ aws_securityhub_standards_control\nwhere\n control_status_updated_at >= (now()\ + \ - interval '30' day);" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find details of AWS Security Hub Standards Control diff --git a/queries/aws_securityhub_standards_control_6.yaml b/queries/aws_securityhub_standards_control_6.yaml index 5c0ac7610..3fc8dde6c 100755 --- a/queries/aws_securityhub_standards_control_6.yaml +++ b/queries/aws_securityhub_standards_control_6.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Security Hub Standards Control data including + details about each security standard control available in an AWS account. ID: aws_securityhub_standards_control_6 -Title: "List AWS Security Hub Standards Control Data" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - control_id, - control_status, - severity_rating - from - aws_securityhub_standards_control - where - severity_rating = 'CRITICAL' - and arn like '%cis-aws-foundations-benchmark%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n control_id,\n control_status,\n severity_rating\nfrom\n\ + \ aws_securityhub_standards_control\nwhere\n severity_rating = 'CRITICAL'\n\ + \ and arn like '%cis-aws-foundations-benchmark%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Hub +Title: List AWS Security Hub Standards Control Data diff --git a/queries/aws_securityhub_standards_control_7.yaml b/queries/aws_securityhub_standards_control_7.yaml index 4517ed3a8..76c143238 100755 --- a/queries/aws_securityhub_standards_control_7.yaml +++ b/queries/aws_securityhub_standards_control_7.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Security Hub Standards Control data including + details about each security standard control available in an AWS account. ID: aws_securityhub_standards_control_7 -Title: "Find AWS Security Hub Standards Control Details" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - control_id, - r as related_requirements - from - aws_securityhub_standards_control, - jsonb_array_elements_text(related_requirements) as r - where - control_id like '%S3%' - group by - control_id, r - order by - control_id, r; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n control_id,\n r as related_requirements\nfrom\n aws_securityhub_standards_control,\n\ + \ jsonb_array_elements_text(related_requirements) as r\nwhere\n control_id like\ + \ '%S3%'\ngroup by\n control_id, r\norder by\n control_id, r;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Standards Control Details diff --git a/queries/aws_securityhub_standards_control_8.yaml b/queries/aws_securityhub_standards_control_8.yaml index 9b45fad3b..888719989 100755 --- a/queries/aws_securityhub_standards_control_8.yaml +++ b/queries/aws_securityhub_standards_control_8.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS Security Hub Standards Control data including + details about each security standard control available in an AWS account. ID: aws_securityhub_standards_control_8 -Title: "Find AWS Security Hub Standards Control Data" -Description: "Allows users to query AWS Security Hub Standards Control data including details about each security standard control available in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r as related_requirements, - control_id - from - aws_securityhub_standards_control, - jsonb_array_elements_text(related_requirements) as r - where - r like '%PCI%' - group by - r, control_id - order by - r, control_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r as related_requirements,\n control_id\nfrom\n aws_securityhub_standards_control,\n\ + \ jsonb_array_elements_text(related_requirements) as r\nwhere\n r like '%PCI%'\n\ + group by\n r, control_id\norder by\n r, control_id;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Standards Control Data diff --git a/queries/aws_securityhub_standards_subscription_1.yaml b/queries/aws_securityhub_standards_subscription_1.yaml index 7d106498a..3f123c905 100755 --- a/queries/aws_securityhub_standards_subscription_1.yaml +++ b/queries/aws_securityhub_standards_subscription_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Security Hub Standards Subscriptions, providing + detailed information about each standard subscription in AWS Security Hub. ID: aws_securityhub_standards_subscription_1 -Title: "Find AWS Security Hub Standards Subscription Details" -Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - standards_arn, - description, - region - from - aws_securityhub_standards_subscription; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n standards_arn,\n description,\n region\nfrom\n\ + \ aws_securityhub_standards_subscription;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub Standards +Title: Find AWS Security Hub Standards Subscription Details diff --git a/queries/aws_securityhub_standards_subscription_2.yaml b/queries/aws_securityhub_standards_subscription_2.yaml index 6e4940bad..0e77f2288 100755 --- a/queries/aws_securityhub_standards_subscription_2.yaml +++ b/queries/aws_securityhub_standards_subscription_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Security Hub Standards Subscriptions, providing + detailed information about each standard subscription in AWS Security Hub. ID: aws_securityhub_standards_subscription_2 -Title: "List all AWS Security Hub Standards Subscriptions" -Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - standards_arn, - enabled_by_default - from - aws_securityhub_standards_subscription - where - enabled_by_default; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n standards_arn,\n enabled_by_default\nfrom\n\ + \ aws_securityhub_standards_subscription\nwhere\n enabled_by_default;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: List all AWS Security Hub Standards Subscriptions diff --git a/queries/aws_securityhub_standards_subscription_3.yaml b/queries/aws_securityhub_standards_subscription_3.yaml index 82c9acd63..30097f000 100755 --- a/queries/aws_securityhub_standards_subscription_3.yaml +++ b/queries/aws_securityhub_standards_subscription_3.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Security Hub Standards Subscriptions, providing + detailed information about each standard subscription in AWS Security Hub. ID: aws_securityhub_standards_subscription_3 -Title: "Find AWS Security Hub Standard Subscriptions Details" -Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - standards_arn, - standards_subscription_arn, - standards_status, - standards_status_reason_code - from - aws_securityhub_standards_subscription - where - standards_status <> 'READY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n standards_arn,\n standards_subscription_arn,\n\ + \ standards_status,\n standards_status_reason_code\nfrom\n aws_securityhub_standards_subscription\n\ + where\n standards_status <> 'READY';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Hub +Title: Find AWS Security Hub Standard Subscriptions Details diff --git a/queries/aws_securityhub_standards_subscription_4.yaml b/queries/aws_securityhub_standards_subscription_4.yaml index 4b2bf2367..f8493f092 100755 --- a/queries/aws_securityhub_standards_subscription_4.yaml +++ b/queries/aws_securityhub_standards_subscription_4.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Security Hub Standards Subscriptions, providing + detailed information about each standard subscription in AWS Security Hub. ID: aws_securityhub_standards_subscription_4 -Title: "Find all AWS Security Hub Standards Subscriptions" -Description: "Allows users to query AWS Security Hub Standards Subscriptions, providing detailed information about each standard subscription in AWS Security Hub." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - standards_arn, - standards_managed_by ->> 'Company' as standards_managed_by_company - from - aws_securityhub_standards_subscription - where - standards_managed_by ->> 'Company' <> 'AWS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n standards_arn,\n standards_managed_by ->> 'Company'\ + \ as standards_managed_by_company\nfrom\n aws_securityhub_standards_subscription\n\ + where\n standards_managed_by ->> 'Company' <> 'AWS';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Hub +Title: Find all AWS Security Hub Standards Subscriptions diff --git a/queries/aws_securitylake_data_lake_1.yaml b/queries/aws_securitylake_data_lake_1.yaml index 55745d8b1..12c0f8a4b 100755 --- a/queries/aws_securitylake_data_lake_1.yaml +++ b/queries/aws_securitylake_data_lake_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Lake Formation Data Lakes for information such + as the Data Lake name, creation time, last modified time, and more. ID: aws_securitylake_data_lake_1 -Title: "List all AWS Lake Formation Data Lakes Information" -Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - encryption_key, - replication_role_arn, - s3_bucket_arn, - status - from - aws_securitylake_data_lake; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n encryption_key,\n replication_role_arn,\n s3_bucket_arn,\n\ + \ status\nfrom\n aws_securitylake_data_lake;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lake Formation +Title: List all AWS Lake Formation Data Lakes Information diff --git a/queries/aws_securitylake_data_lake_2.yaml b/queries/aws_securitylake_data_lake_2.yaml index 3c3139d39..0484c76f3 100755 --- a/queries/aws_securitylake_data_lake_2.yaml +++ b/queries/aws_securitylake_data_lake_2.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Lake Formation Data Lakes for information such + as the Data Lake name, creation time, last modified time, and more. ID: aws_securitylake_data_lake_2 -Title: "Find all AWS Lake Formation Data Lakes with Details" -Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct b.name as bucket_name, - l.s3_bucket_arn, - b.creation_date, - b.bucket_policy_is_public, - b.versioning_enabled, - b.block_public_acls - from - aws_securitylake_data_lake as l, - aws_s3_bucket as b - where - l.s3_bucket_arn = b.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n distinct b.name as bucket_name,\n l.s3_bucket_arn,\n\ + \ b.creation_date,\n b.bucket_policy_is_public,\n b.versioning_enabled,\n \ + \ b.block_public_acls\nfrom\n aws_securitylake_data_lake as l,\n aws_s3_bucket\ + \ as b\nwhere\n l.s3_bucket_arn = b.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lake Formation +Title: Find all AWS Lake Formation Data Lakes with Details diff --git a/queries/aws_securitylake_data_lake_3.yaml b/queries/aws_securitylake_data_lake_3.yaml index 2c11d87e8..12df9c3ea 100755 --- a/queries/aws_securitylake_data_lake_3.yaml +++ b/queries/aws_securitylake_data_lake_3.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Lake Formation Data Lakes for information such + as the Data Lake name, creation time, last modified time, and more. ID: aws_securitylake_data_lake_3 -Title: "List AWS Lake Formation Data Lakes with Key Details" -Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - l.encryption_key, - l.replication_role_arn, - l.s3_bucket_arn, - l.status, - r ->> 'RetentionPeriod' as retention_period, - r ->> 'StorageClass' as storage_class - from - aws_securitylake_data_lake as l, - jsonb_array_elements(retention_settings) as r; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n l.encryption_key,\n l.replication_role_arn,\n l.s3_bucket_arn,\n\ + \ l.status,\n r ->> 'RetentionPeriod' as retention_period,\n r ->> 'StorageClass'\ + \ as storage_class\nfrom\n aws_securitylake_data_lake as l,\n jsonb_array_elements(retention_settings)\ + \ as r;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lake Formation +Title: List AWS Lake Formation Data Lakes with Key Details diff --git a/queries/aws_securitylake_data_lake_4.yaml b/queries/aws_securitylake_data_lake_4.yaml index 4156d3912..7a450d9a3 100755 --- a/queries/aws_securitylake_data_lake_4.yaml +++ b/queries/aws_securitylake_data_lake_4.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Lake Formation Data Lakes for information such + as the Data Lake name, creation time, last modified time, and more. ID: aws_securitylake_data_lake_4 -Title: "List all AWS Lake Formation Data Lakes and Details" -Description: "Allows users to query AWS Lake Formation Data Lakes for information such as the Data Lake name, creation time, last modified time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - encryption_key, - replication_role_arn, - s3_bucket_arn, - status - from - aws_securitylake_data_lake - where - status = 'PENDING'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n encryption_key,\n replication_role_arn,\n s3_bucket_arn,\n\ + \ status\nfrom\n aws_securitylake_data_lake\nwhere\n status = 'PENDING';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Lake Formation +Title: List all AWS Lake Formation Data Lakes and Details diff --git a/queries/aws_securitylake_subscriber_1.yaml b/queries/aws_securitylake_subscriber_1.yaml index 7bf36d6ee..f11311a4e 100755 --- a/queries/aws_securitylake_subscriber_1.yaml +++ b/queries/aws_securitylake_subscriber_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Security Lake Subscriber data, providing information + about each subscriber''s details in the AWS Security Lake service. This includes + subscriber status, endpoint type, and subscription creation time. ID: aws_securitylake_subscriber_1 -Title: "List AWS Security Lake Subscriber Details" -Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subscriber_name, - subscription_id, - created_at, - role_arn, - s3_bucket_arn, - subscription_endpoint - from - aws_securitylake_subscriber; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n subscriber_name,\n subscription_id,\n created_at,\n\ + \ role_arn,\n s3_bucket_arn,\n subscription_endpoint\nfrom\n aws_securitylake_subscriber;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Lake +Title: List AWS Security Lake Subscriber Details diff --git a/queries/aws_securitylake_subscriber_2.yaml b/queries/aws_securitylake_subscriber_2.yaml index ffe220a0c..e0b7fcbf0 100755 --- a/queries/aws_securitylake_subscriber_2.yaml +++ b/queries/aws_securitylake_subscriber_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Security Lake Subscriber data, providing information + about each subscriber''s details in the AWS Security Lake service. This includes + subscriber status, endpoint type, and subscription creation time. ID: aws_securitylake_subscriber_2 -Title: "List all AWS Security Lake Subscriber details" -Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subscriber_name, - subscription_id, - created_at, - role_arn, - s3_bucket_arn, - subscription_endpoint - from - aws_securitylake_subscriber - where - created_at <= created_at - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n subscriber_name,\n subscription_id,\n created_at,\n\ + \ role_arn,\n s3_bucket_arn,\n subscription_endpoint\nfrom\n aws_securitylake_subscriber\n\ + where\n created_at <= created_at - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Lake +Title: List all AWS Security Lake Subscriber details diff --git a/queries/aws_securitylake_subscriber_3.yaml b/queries/aws_securitylake_subscriber_3.yaml index d9cfcbf5c..be7aa854b 100755 --- a/queries/aws_securitylake_subscriber_3.yaml +++ b/queries/aws_securitylake_subscriber_3.yaml @@ -1,34 +1,27 @@ +Description: Allows users to query AWS Security Lake Subscriber data, providing information + about each subscriber''s details in the AWS Security Lake service. This includes + subscriber status, endpoint type, and subscription creation time. ID: aws_securitylake_subscriber_3 -Title: "List AWS Security Lake Subscriber Details and Roles" -Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.subscriber_name, - s.subscription_id, - r.arn, - r.inline_policies, - r.attached_policy_arns, - r.assume_role_policy - from - aws_securitylake_subscriber as s, - aws_iam_role as r - where - s.role_arn = r.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.subscriber_name,\n s.subscription_id,\n r.arn,\n\ + \ r.inline_policies,\n r.attached_policy_arns,\n r.assume_role_policy\nfrom\n\ + \ aws_securitylake_subscriber as s,\n aws_iam_role as r\nwhere\n s.role_arn\ + \ = r.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Lake +Title: List AWS Security Lake Subscriber Details and Roles diff --git a/queries/aws_securitylake_subscriber_4.yaml b/queries/aws_securitylake_subscriber_4.yaml index 575759d96..40c6f0838 100755 --- a/queries/aws_securitylake_subscriber_4.yaml +++ b/queries/aws_securitylake_subscriber_4.yaml @@ -1,32 +1,25 @@ +Description: Allows users to query AWS Security Lake Subscriber data, providing information + about each subscriber''s details in the AWS Security Lake service. This includes + subscriber status, endpoint type, and subscription creation time. ID: aws_securitylake_subscriber_4 -Title: "Find all subscribers in AWS Security Lake with details" -Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.subscriber_name, - s.subscription_id, - b.arn, - b.event_notification_configuration, - b.server_side_encryption_configuration, - b.acl - from - aws_securitylake_subscriber as s, - aws_s3_bucket as b - where - s.s3_bucket_arn = b.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.subscriber_name,\n s.subscription_id,\n b.arn,\n\ + \ b.event_notification_configuration,\n b.server_side_encryption_configuration,\n\ + \ b.acl\nfrom\n aws_securitylake_subscriber as s,\n aws_s3_bucket as b\nwhere\n\ + \ s.s3_bucket_arn = b.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Lake +Title: Find all subscribers in AWS Security Lake with details diff --git a/queries/aws_securitylake_subscriber_5.yaml b/queries/aws_securitylake_subscriber_5.yaml index 046f6ad30..7b854861d 100755 --- a/queries/aws_securitylake_subscriber_5.yaml +++ b/queries/aws_securitylake_subscriber_5.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Security Lake Subscriber data, providing information + about each subscriber''s details in the AWS Security Lake service. This includes + subscriber status, endpoint type, and subscription creation time. ID: aws_securitylake_subscriber_5 -Title: "List all AWS Security Lake Subscriber Details" -Description: "Allows users to query AWS Security Lake Subscriber data, providing information about each subscriber''s details in the AWS Security Lake service. This includes subscriber status, endpoint type, and subscription creation time." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subscriber_name, - created_at, - subscription_status, - s3_bucket_arn, - sns_arn - from - aws_securitylake_subscriber - where - subscription_status <> 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n subscriber_name,\n created_at,\n subscription_status,\n\ + \ s3_bucket_arn,\n sns_arn\nfrom\n aws_securitylake_subscriber\nwhere\n subscription_status\ + \ <> 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Lake +Title: List all AWS Security Lake Subscriber Details diff --git a/queries/aws_serverlessapplicationrepository_application_1.yaml b/queries/aws_serverlessapplicationrepository_application_1.yaml index ccf6289b8..1c9cc521f 100755 --- a/queries/aws_serverlessapplicationrepository_application_1.yaml +++ b/queries/aws_serverlessapplicationrepository_application_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Serverless Application Repository Applications + to fetch details like application name, status, author, description, labels, license + URL, creation time, and more. ID: aws_serverlessapplicationrepository_application_1 -Title: "List AWS Serverless Application Repository Applications" -Description: "Allows users to query AWS Serverless Application Repository Applications to fetch details like application name, status, author, description, labels, license URL, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - author, - creation_time, - description - from - aws_serverlessapplicationrepository_application; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n author,\n creation_time,\n description\n\ + from\n aws_serverlessapplicationrepository_application;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Serverless Application Repository +Title: List AWS Serverless Application Repository Applications diff --git a/queries/aws_serverlessapplicationrepository_application_2.yaml b/queries/aws_serverlessapplicationrepository_application_2.yaml index 96221897f..55cd29573 100755 --- a/queries/aws_serverlessapplicationrepository_application_2.yaml +++ b/queries/aws_serverlessapplicationrepository_application_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Serverless Application Repository Applications + to fetch details like application name, status, author, description, labels, license + URL, creation time, and more. ID: aws_serverlessapplicationrepository_application_2 -Title: "List AWS Serverless App Repo Applications by Verified Author" -Description: "Allows users to query AWS Serverless Application Repository Applications to fetch details like application name, status, author, description, labels, license URL, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - author, - is_verified_author - from - aws_serverlessapplicationrepository_application - where - is_verified_author; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n author,\n is_verified_author\nfrom\n\ + \ aws_serverlessapplicationrepository_application\nwhere\n is_verified_author;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Serverless Application Repository +Title: List AWS Serverless App Repo Applications by Verified Author diff --git a/queries/aws_serverlessapplicationrepository_application_3.yaml b/queries/aws_serverlessapplicationrepository_application_3.yaml index 017ccd032..2ccbb09a3 100755 --- a/queries/aws_serverlessapplicationrepository_application_3.yaml +++ b/queries/aws_serverlessapplicationrepository_application_3.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query AWS Serverless Application Repository Applications + to fetch details like application name, status, author, description, labels, license + URL, creation time, and more. ID: aws_serverlessapplicationrepository_application_3 -Title: "List all AWS Serverless Application Repository Applications" -Description: "Allows users to query AWS Serverless Application Repository Applications to fetch details like application name, status, author, description, labels, license URL, creation time, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - jsonb_pretty(statement -> 'Actions') as actions, - jsonb_pretty(statement -> 'PrincipalOrgIDs') as principal_org_ids, - jsonb_pretty(statement -> 'Principals') as principals, - statement ->> 'StatementId' as statement_id - from - aws_serverlessapplicationrepository_application, - jsonb_array_elements(statements) as statement; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n jsonb_pretty(statement -> 'Actions') as actions,\n\ + \ jsonb_pretty(statement -> 'PrincipalOrgIDs') as principal_org_ids,\n jsonb_pretty(statement\ + \ -> 'Principals') as principals,\n statement ->> 'StatementId' as statement_id\n\ + from\n aws_serverlessapplicationrepository_application,\n jsonb_array_elements(statements)\ + \ as statement;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Serverless Application Repository +Title: List all AWS Serverless Application Repository Applications diff --git a/queries/aws_service_discovery_instance_1.yaml b/queries/aws_service_discovery_instance_1.yaml index 075e48006..a6846dd2b 100755 --- a/queries/aws_service_discovery_instance_1.yaml +++ b/queries/aws_service_discovery_instance_1.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Cloud Map Service Instances and retrieve detailed + information about each instance associated with a specified service. This information + includes the instance ID, instance attributes, and the health status of the instance. ID: aws_service_discovery_instance_1 -Title: "Find AWS Cloud Map Service Instances and Health Information" -Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - service_id, - ec2_instance_id, - attributes - from - aws_service_discovery_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n service_id,\n ec2_instance_id,\n attributes\n\ + from\n aws_service_discovery_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Map +Title: Find AWS Cloud Map Service Instances and Health Information diff --git a/queries/aws_service_discovery_instance_2.yaml b/queries/aws_service_discovery_instance_2.yaml index 6ec622fed..0eeb76596 100755 --- a/queries/aws_service_discovery_instance_2.yaml +++ b/queries/aws_service_discovery_instance_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Cloud Map Service Instances and retrieve detailed + information about each instance associated with a specified service. This information + includes the instance ID, instance attributes, and the health status of the instance. ID: aws_service_discovery_instance_2 -Title: "Find Unhealthy AWS Cloud Map Service Instances" -Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - service_id, - init_health_status - from - aws_service_discovery_instance - where - init_health_status = 'UNHEALTHY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n service_id,\n init_health_status\nfrom\n aws_service_discovery_instance\n\ + where\n init_health_status = 'UNHEALTHY';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Map Service +Title: Find Unhealthy AWS Cloud Map Service Instances diff --git a/queries/aws_service_discovery_instance_3.yaml b/queries/aws_service_discovery_instance_3.yaml index d02d4a6e0..5cc7e9dea 100755 --- a/queries/aws_service_discovery_instance_3.yaml +++ b/queries/aws_service_discovery_instance_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS Cloud Map Service Instances and retrieve detailed + information about each instance associated with a specified service. This information + includes the instance ID, instance attributes, and the health status of the instance. ID: aws_service_discovery_instance_3 -Title: "List all AWS Cloud Map Service Instances with Details" -Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_id, - count(id) - from - aws_service_discovery_instance - group by - service_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_id,\n count(id)\nfrom\n aws_service_discovery_instance\n\ + group by\n service_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cloud Map +Title: List all AWS Cloud Map Service Instances with Details diff --git a/queries/aws_service_discovery_instance_4.yaml b/queries/aws_service_discovery_instance_4.yaml index 70c645b68..34058c403 100755 --- a/queries/aws_service_discovery_instance_4.yaml +++ b/queries/aws_service_discovery_instance_4.yaml @@ -1,34 +1,27 @@ +Description: Allows users to query AWS Cloud Map Service Instances and retrieve detailed + information about each instance associated with a specified service. This information + includes the instance ID, instance attributes, and the health status of the instance. ID: aws_service_discovery_instance_4 -Title: "List all AWS Cloud Map Service Instances with Details" -Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.id, - i.service_id, - s.name as service_name, - s.create_date as service_create_date, - s.namespace_id, - s.type - from - aws_service_discovery_instance as i, - aws_service_discovery_service as s - where - s.id = i.service_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n i.id,\n i.service_id,\n s.name as service_name,\n \ + \ s.create_date as service_create_date,\n s.namespace_id,\n s.type\nfrom\n \ + \ aws_service_discovery_instance as i,\n aws_service_discovery_service as s\n\ + where\n s.id = i.service_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Cloud Map +Title: List all AWS Cloud Map Service Instances with Details diff --git a/queries/aws_service_discovery_instance_5.yaml b/queries/aws_service_discovery_instance_5.yaml index 0fc727332..b545674c0 100755 --- a/queries/aws_service_discovery_instance_5.yaml +++ b/queries/aws_service_discovery_instance_5.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS Cloud Map Service Instances and retrieve detailed + information about each instance associated with a specified service. This information + includes the instance ID, instance attributes, and the health status of the instance. ID: aws_service_discovery_instance_5 -Title: "List AWS Cloud Map Service Instances and Health Status" -Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.id, - i.service_id, - i.ec2_instance_id, - ei.instance_type, - ei.instance_state, - ei.launch_time - from - aws_service_discovery_instance as i, - aws_ec2_instance as ei - where - i.ec2_instance_id is not null - and - ei.instance_id = i.ec2_instance_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n i.id,\n i.service_id,\n i.ec2_instance_id,\n ei.instance_type,\n\ + \ ei.instance_state,\n ei.launch_time\nfrom\n aws_service_discovery_instance\ + \ as i,\n aws_ec2_instance as ei\nwhere\n i.ec2_instance_id is not null\nand\n\ + \ ei.instance_id = i.ec2_instance_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Map +Title: List AWS Cloud Map Service Instances and Health Status diff --git a/queries/aws_service_discovery_instance_6.yaml b/queries/aws_service_discovery_instance_6.yaml index 979347564..b31e242e2 100755 --- a/queries/aws_service_discovery_instance_6.yaml +++ b/queries/aws_service_discovery_instance_6.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Cloud Map Service Instances and retrieve detailed + information about each instance associated with a specified service. This information + includes the instance ID, instance attributes, and the health status of the instance. ID: aws_service_discovery_instance_6 -Title: "Find AWS Cloud Map Service Instances and Their Details" -Description: "Allows users to query AWS Cloud Map Service Instances and retrieve detailed information about each instance associated with a specified service. This information includes the instance ID, instance attributes, and the health status of the instance." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - service_id, - ec2_instance_id, - instance_ipv4, - instance_ipv6, - instance_port - from - aws_service_discovery_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n service_id,\n ec2_instance_id,\n instance_ipv4,\n\ + \ instance_ipv6,\n instance_port\nfrom\n aws_service_discovery_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Map +Title: Find AWS Cloud Map Service Instances and Their Details diff --git a/queries/aws_service_discovery_namespace_1.yaml b/queries/aws_service_discovery_namespace_1.yaml index f5c567c26..c27b53b79 100755 --- a/queries/aws_service_discovery_namespace_1.yaml +++ b/queries/aws_service_discovery_namespace_1.yaml @@ -1,26 +1,19 @@ +Description: Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve + details about the namespaces in AWS Cloud Map. ID: aws_service_discovery_namespace_1 -Title: "Find AWS Cloud Map Service Discovery Namespaces" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - region - from - aws_service_discovery_namespace; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n type,\n region\nfrom\n aws_service_discovery_namespace;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Map +Title: Find AWS Cloud Map Service Discovery Namespaces diff --git a/queries/aws_service_discovery_namespace_2.yaml b/queries/aws_service_discovery_namespace_2.yaml index 7fdddb8b9..575b9be3d 100755 --- a/queries/aws_service_discovery_namespace_2.yaml +++ b/queries/aws_service_discovery_namespace_2.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve + details about the namespaces in AWS Cloud Map. ID: aws_service_discovery_namespace_2 -Title: "Find AWS Cloud Map Service Discovery Namespace Details" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - service_count - from - aws_service_discovery_namespace - where - type ilike '%private%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n type,\n service_count\nfrom\n\ + \ aws_service_discovery_namespace\nwhere\n type ilike '%private%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Map +Title: Find AWS Cloud Map Service Discovery Namespace Details diff --git a/queries/aws_service_discovery_namespace_3.yaml b/queries/aws_service_discovery_namespace_3.yaml index f34df6425..f14d64fe1 100755 --- a/queries/aws_service_discovery_namespace_3.yaml +++ b/queries/aws_service_discovery_namespace_3.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve + details about the namespaces in AWS Cloud Map. ID: aws_service_discovery_namespace_3 -Title: "List all AWS Cloud Map Service Discovery Namespaces" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - service_count - from - aws_service_discovery_namespace - where - type = 'HTTP'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n type,\n service_count\nfrom\n\ + \ aws_service_discovery_namespace\nwhere\n type = 'HTTP';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Map +Title: List all AWS Cloud Map Service Discovery Namespaces diff --git a/queries/aws_service_discovery_namespace_4.yaml b/queries/aws_service_discovery_namespace_4.yaml index f0ba554f4..5b55d4959 100755 --- a/queries/aws_service_discovery_namespace_4.yaml +++ b/queries/aws_service_discovery_namespace_4.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve + details about the namespaces in AWS Cloud Map. ID: aws_service_discovery_namespace_4 -Title: "List all AWS Cloud Map Service Discovery Namespaces" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - description, - create_date - from - aws_service_discovery_namespace - where - create_date >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n description,\n create_date\nfrom\n \ + \ aws_service_discovery_namespace\nwhere\n create_date >= now() - interval '30'\ + \ day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Map Service Discovery +Title: List all AWS Cloud Map Service Discovery Namespaces diff --git a/queries/aws_service_discovery_namespace_5.yaml b/queries/aws_service_discovery_namespace_5.yaml index 22dd8309f..e201fc836 100755 --- a/queries/aws_service_discovery_namespace_5.yaml +++ b/queries/aws_service_discovery_namespace_5.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve + details about the namespaces in AWS Cloud Map. ID: aws_service_discovery_namespace_5 -Title: "List AWS Cloud Map Service Discovery Namespace Details" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - http_properties ->> 'HttpName' as http_name - from - aws_service_discovery_namespace - where - type = 'HTTP'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n http_properties ->> 'HttpName' as http_name\n\ + from\n aws_service_discovery_namespace\nwhere\n type = 'HTTP';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Map +Title: List AWS Cloud Map Service Discovery Namespace Details diff --git a/queries/aws_service_discovery_namespace_6.yaml b/queries/aws_service_discovery_namespace_6.yaml index 754787927..52d3362b4 100755 --- a/queries/aws_service_discovery_namespace_6.yaml +++ b/queries/aws_service_discovery_namespace_6.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve + details about the namespaces in AWS Cloud Map. ID: aws_service_discovery_namespace_6 -Title: "List AWS Cloud Map Service Discovery Namespaces" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - dns_properties ->> 'HostedZoneId' as HostedZoneId, - dns_properties -> 'SOA' ->> 'TTL' as ttl - from - aws_service_discovery_namespace - where - type = 'DNS_PRIVATE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n dns_properties ->> 'HostedZoneId' as\ + \ HostedZoneId,\n dns_properties -> 'SOA' ->> 'TTL' as ttl\nfrom\n aws_service_discovery_namespace\n\ + where\n type = 'DNS_PRIVATE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Map +Title: List AWS Cloud Map Service Discovery Namespaces diff --git a/queries/aws_service_discovery_namespace_7.yaml b/queries/aws_service_discovery_namespace_7.yaml index ab5f61765..6fee003ce 100755 --- a/queries/aws_service_discovery_namespace_7.yaml +++ b/queries/aws_service_discovery_namespace_7.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve + details about the namespaces in AWS Cloud Map. ID: aws_service_discovery_namespace_7 -Title: "List all AWS Cloud Map Service Discovery Namespaces" -Description: "Allows users to query AWS Cloud Map Service Discovery Namespace to retrieve details about the namespaces in AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - type, - count(type) - from - aws_service_discovery_namespace - group by - type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n type,\n count(type)\nfrom\n aws_service_discovery_namespace\n\ + group by\n type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Cloud Map Service Discovery +Title: List all AWS Cloud Map Service Discovery Namespaces diff --git a/queries/aws_service_discovery_service_1.yaml b/queries/aws_service_discovery_service_1.yaml index 351656d51..6f0b3cdd9 100755 --- a/queries/aws_service_discovery_service_1.yaml +++ b/queries/aws_service_discovery_service_1.yaml @@ -1,26 +1,19 @@ +Description: Allows users to query AWS Service Discovery Service to retrieve detailed + information about AWS resources that are registered with AWS Cloud Map. ID: aws_service_discovery_service_1 -Title: "Find AWS Service Discovery Services and Details" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - region - from - aws_service_discovery_service; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n type,\n region\nfrom\n aws_service_discovery_service;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Service Discovery Service +Title: Find AWS Service Discovery Services and Details diff --git a/queries/aws_service_discovery_service_2.yaml b/queries/aws_service_discovery_service_2.yaml index 647314527..c9ab0ae7a 100755 --- a/queries/aws_service_discovery_service_2.yaml +++ b/queries/aws_service_discovery_service_2.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS Service Discovery Service to retrieve detailed + information about AWS resources that are registered with AWS Cloud Map. ID: aws_service_discovery_service_2 -Title: "Find AWS Service Discovery Services registered with Cloud Map" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - create_date - from - aws_service_discovery_service - where - type ilike '%dns%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n type,\n create_date\nfrom\n\ + \ aws_service_discovery_service\nwhere\n type ilike '%dns%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Service Discovery +Title: Find AWS Service Discovery Services registered with Cloud Map diff --git a/queries/aws_service_discovery_service_3.yaml b/queries/aws_service_discovery_service_3.yaml index 3945c6b23..c8b7bc6f3 100755 --- a/queries/aws_service_discovery_service_3.yaml +++ b/queries/aws_service_discovery_service_3.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS Service Discovery Service to retrieve detailed + information about AWS resources that are registered with AWS Cloud Map. ID: aws_service_discovery_service_3 -Title: "Find all AWS Cloud Map resources by type" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - description - from - aws_service_discovery_service - where - type = 'HTTP'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n type,\n description\nfrom\n\ + \ aws_service_discovery_service\nwhere\n type = 'HTTP';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Discovery +Title: Find all AWS Cloud Map resources by type diff --git a/queries/aws_service_discovery_service_4.yaml b/queries/aws_service_discovery_service_4.yaml index d9e228c73..2d7f22840 100755 --- a/queries/aws_service_discovery_service_4.yaml +++ b/queries/aws_service_discovery_service_4.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Service Discovery Service to retrieve detailed + information about AWS resources that are registered with AWS Cloud Map. ID: aws_service_discovery_service_4 -Title: "List all AWS Service Discovery Resources in Last 30 Days" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - description, - create_date - from - aws_service_discovery_service - where - create_date >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n description,\n create_date\nfrom\n \ + \ aws_service_discovery_service\nwhere\n create_date >= now() - interval '30'\ + \ day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Discovery +Title: List all AWS Service Discovery Resources in Last 30 Days diff --git a/queries/aws_service_discovery_service_5.yaml b/queries/aws_service_discovery_service_5.yaml index c7f8a0d47..4b051ed1d 100755 --- a/queries/aws_service_discovery_service_5.yaml +++ b/queries/aws_service_discovery_service_5.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Service Discovery Service to retrieve detailed + information about AWS resources that are registered with AWS Cloud Map. ID: aws_service_discovery_service_5 -Title: "Find Details of Registered AWS resources Using SQL" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - type, - count(type) - from - aws_service_discovery_service - group by - type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n type,\n count(type)\nfrom\n aws_service_discovery_service\n\ + group by\n type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Discovery +Title: Find Details of Registered AWS resources Using SQL diff --git a/queries/aws_service_discovery_service_6.yaml b/queries/aws_service_discovery_service_6.yaml index 59d67441d..3482fcb27 100755 --- a/queries/aws_service_discovery_service_6.yaml +++ b/queries/aws_service_discovery_service_6.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Service Discovery Service to retrieve detailed + information about AWS resources that are registered with AWS Cloud Map. ID: aws_service_discovery_service_6 -Title: "Find all AWS resources registered with Cloud Map" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - health_check_config ->> 'Type' as health_check_type, - health_check_config ->> 'FailureThreshold' as failure_threshold, - health_check_config ->> 'ResourcePath' as resource_path - from - aws_service_discovery_service; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n health_check_config ->> 'Type' as health_check_type,\n\ + \ health_check_config ->> 'FailureThreshold' as failure_threshold,\n health_check_config\ + \ ->> 'ResourcePath' as resource_path\nfrom\n aws_service_discovery_service;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Discovery +Title: Find all AWS resources registered with Cloud Map diff --git a/queries/aws_service_discovery_service_7.yaml b/queries/aws_service_discovery_service_7.yaml index ab3159efb..031ab7cd4 100755 --- a/queries/aws_service_discovery_service_7.yaml +++ b/queries/aws_service_discovery_service_7.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS Service Discovery Service to retrieve detailed + information about AWS resources that are registered with AWS Cloud Map. ID: aws_service_discovery_service_7 -Title: "Find AWS Service Discovery Service Resource Details" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - health_check_custom_config ->> 'FailureThreshold' as failure_threshold - from - aws_service_discovery_service; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n health_check_custom_config ->> 'FailureThreshold'\ + \ as failure_threshold\nfrom\n aws_service_discovery_service;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Discovery +Title: Find AWS Service Discovery Service Resource Details diff --git a/queries/aws_service_discovery_service_8.yaml b/queries/aws_service_discovery_service_8.yaml index a658a3657..01a8f6826 100755 --- a/queries/aws_service_discovery_service_8.yaml +++ b/queries/aws_service_discovery_service_8.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Service Discovery Service to retrieve detailed + information about AWS resources that are registered with AWS Cloud Map. ID: aws_service_discovery_service_8 -Title: "List all AWS Service Discovery resources using SQL" -Description: "Allows users to query AWS Service Discovery Service to retrieve detailed information about AWS resources that are registered with AWS Cloud Map." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.name, - s.id, - s.namespace_id, - n.service_count, - n.type as namespace_type, - n.dns_properties - from - aws_service_discovery_service as s, - aws_service_discovery_namespace as n; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.name,\n s.id,\n s.namespace_id,\n n.service_count,\n\ + \ n.type as namespace_type,\n n.dns_properties\nfrom\n aws_service_discovery_service\ + \ as s,\n aws_service_discovery_namespace as n;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Service Discovery +Title: List all AWS Service Discovery resources using SQL diff --git a/queries/aws_servicecatalog_portfolio_1.yaml b/queries/aws_servicecatalog_portfolio_1.yaml index ee5b163bc..a4b81d3c1 100755 --- a/queries/aws_servicecatalog_portfolio_1.yaml +++ b/queries/aws_servicecatalog_portfolio_1.yaml @@ -1,28 +1,27 @@ +Description: Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio + table in Steampipe provides information about portfolios within AWS Service Catalog. + This table allows DevOps engineers to query portfolio-specific details, including + owner, description, created time, and associated metadata. Users can utilize this + table to gather insights on portfolios, such as portfolio details, associated products, + and more. The schema outlines the various attributes of the portfolio, including + the portfolio ARN, creation date, and associated tags. ID: aws_servicecatalog_portfolio_1 -Title: "List Service Catalog Portfolios in AWS" -Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - display_name, - id, - arn, - region, - akas - from - aws_servicecatalog_portfolio; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n display_name,\n id,\n arn,\n region,\n akas\nfrom\n\ + \ aws_servicecatalog_portfolio;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Service Catalog +Title: List Service Catalog Portfolios in AWS diff --git a/queries/aws_servicecatalog_portfolio_2.yaml b/queries/aws_servicecatalog_portfolio_2.yaml index a9cf14222..a217f0c9d 100755 --- a/queries/aws_servicecatalog_portfolio_2.yaml +++ b/queries/aws_servicecatalog_portfolio_2.yaml @@ -1,29 +1,27 @@ +Description: Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio + table in Steampipe provides information about portfolios within AWS Service Catalog. + This table allows DevOps engineers to query portfolio-specific details, including + owner, description, created time, and associated metadata. Users can utilize this + table to gather insights on portfolios, such as portfolio details, associated products, + and more. The schema outlines the various attributes of the portfolio, including + the portfolio ARN, creation date, and associated tags. ID: aws_servicecatalog_portfolio_2 -Title: "Find AWS Service Catalog Portfolio Details" -Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - display_name, - id, - description, - provider_name - from - aws_servicecatalog_portfolio - where - provider_name = 'my-portfolio'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n display_name,\n id,\n description,\n provider_name\n\ + from\n aws_servicecatalog_portfolio\nwhere\n provider_name = 'my-portfolio';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: Find AWS Service Catalog Portfolio Details diff --git a/queries/aws_servicecatalog_portfolio_3.yaml b/queries/aws_servicecatalog_portfolio_3.yaml index fac44fcd1..570257286 100755 --- a/queries/aws_servicecatalog_portfolio_3.yaml +++ b/queries/aws_servicecatalog_portfolio_3.yaml @@ -1,29 +1,28 @@ +Description: Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio + table in Steampipe provides information about portfolios within AWS Service Catalog. + This table allows DevOps engineers to query portfolio-specific details, including + owner, description, created time, and associated metadata. Users can utilize this + table to gather insights on portfolios, such as portfolio details, associated products, + and more. The schema outlines the various attributes of the portfolio, including + the portfolio ARN, creation date, and associated tags. ID: aws_servicecatalog_portfolio_3 -Title: "Find AWS Service Catalog Portfolio Details in Last 30 Days" -Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - display_name, - id, - description, - created_time - from - aws_servicecatalog_portfolio - where - created_time >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n display_name,\n id,\n description,\n created_time\n\ + from\n aws_servicecatalog_portfolio\nwhere\n created_time >= now() - interval\ + \ '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: Find AWS Service Catalog Portfolio Details in Last 30 Days diff --git a/queries/aws_servicecatalog_portfolio_4.yaml b/queries/aws_servicecatalog_portfolio_4.yaml index ddc647300..4d46ada7b 100755 --- a/queries/aws_servicecatalog_portfolio_4.yaml +++ b/queries/aws_servicecatalog_portfolio_4.yaml @@ -1,27 +1,28 @@ +Description: Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio + table in Steampipe provides information about portfolios within AWS Service Catalog. + This table allows DevOps engineers to query portfolio-specific details, including + owner, description, created time, and associated metadata. Users can utilize this + table to gather insights on portfolios, such as portfolio details, associated products, + and more. The schema outlines the various attributes of the portfolio, including + the portfolio ARN, creation date, and associated tags. ID: aws_servicecatalog_portfolio_4 -Title: "Find AWS Service Catalog Portfolio Details Using SQL" -Description: "Allows users to query AWS Service Catalog Portfolios. The aws_servicecatalog_portfolio table in Steampipe provides information about portfolios within AWS Service Catalog. This table allows DevOps engineers to query portfolio-specific details, including owner, description, created time, and associated metadata. Users can utilize this table to gather insights on portfolios, such as portfolio details, associated products, and more. The schema outlines the various attributes of the portfolio, including the portfolio ARN, creation date, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - sp.display_name, - sp.id, - b ->> 'BudgetName' as budget_name - from - aws_servicecatalog_portfolio as sp, - jsonb_array_elements(budgets) as b; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n sp.display_name,\n sp.id,\n b ->> 'BudgetName' as budget_name\n\ + from\n aws_servicecatalog_portfolio as sp,\n jsonb_array_elements(budgets) as\ + \ b;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: Find AWS Service Catalog Portfolio Details Using SQL diff --git a/queries/aws_servicecatalog_product_1.yaml b/queries/aws_servicecatalog_product_1.yaml index 56a931550..4b8b90d38 100755 --- a/queries/aws_servicecatalog_product_1.yaml +++ b/queries/aws_servicecatalog_product_1.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS Service Catalog Product data including product + details, owner, type, and associated metadata. ID: aws_servicecatalog_product_1 -Title: "List all AWS Service Catalog Product Details and Metadata" -Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - product_id, - type, - akas, - support_url, - support_email - from - aws_servicecatalog_product; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n product_id,\n type,\n akas,\n support_url,\n\ + \ support_email\nfrom\n aws_servicecatalog_product;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: List all AWS Service Catalog Product Details and Metadata diff --git a/queries/aws_servicecatalog_product_2.yaml b/queries/aws_servicecatalog_product_2.yaml index 33ee55d10..d07274293 100755 --- a/queries/aws_servicecatalog_product_2.yaml +++ b/queries/aws_servicecatalog_product_2.yaml @@ -1,30 +1,20 @@ +Description: Allows users to query AWS Service Catalog Product data including product + details, owner, type, and associated metadata. ID: aws_servicecatalog_product_2 -Title: "Find all AWS Service Catalog Product Details" -Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - product_id, - type, - distributor, - owner, - has_default_path - from - aws_servicecatalog_product - where - has_default_path; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n product_id,\n type,\n distributor,\n\ + \ owner,\n has_default_path\nfrom\n aws_servicecatalog_product\nwhere\n has_default_path;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: Find all AWS Service Catalog Product Details diff --git a/queries/aws_servicecatalog_product_3.yaml b/queries/aws_servicecatalog_product_3.yaml index 3bc2aa7cb..4c1deb899 100755 --- a/queries/aws_servicecatalog_product_3.yaml +++ b/queries/aws_servicecatalog_product_3.yaml @@ -1,29 +1,20 @@ +Description: Allows users to query AWS Service Catalog Product data including product + details, owner, type, and associated metadata. ID: aws_servicecatalog_product_3 -Title: "Find all AWS Service Catalog Product Details with Metadata" -Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - product_id, - type, - support_url, - support_description - from - aws_servicecatalog_product - where - type = 'MARKETPLACE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n product_id,\n type,\n support_url,\n\ + \ support_description\nfrom\n aws_servicecatalog_product\nwhere\n type = 'MARKETPLACE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: Find all AWS Service Catalog Product Details with Metadata diff --git a/queries/aws_servicecatalog_product_4.yaml b/queries/aws_servicecatalog_product_4.yaml index ce793df22..4604dae86 100755 --- a/queries/aws_servicecatalog_product_4.yaml +++ b/queries/aws_servicecatalog_product_4.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Service Catalog Product data including product + details, owner, type, and associated metadata. ID: aws_servicecatalog_product_4 -Title: "List all AWS Service Catalog Product details" -Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - sp.name, - sp.id, - sp.owner, - sp.product_id, - sp.short_description, - b ->> 'BudgetName' as budget_name - from - aws_servicecatalog_product as sp, - jsonb_array_elements(budgets) as b; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n sp.name,\n sp.id,\n sp.owner,\n sp.product_id,\n \ + \ sp.short_description,\n b ->> 'BudgetName' as budget_name\nfrom\n aws_servicecatalog_product\ + \ as sp,\n jsonb_array_elements(budgets) as b;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: List all AWS Service Catalog Product details diff --git a/queries/aws_servicecatalog_product_5.yaml b/queries/aws_servicecatalog_product_5.yaml index e5903f840..4c585076f 100755 --- a/queries/aws_servicecatalog_product_5.yaml +++ b/queries/aws_servicecatalog_product_5.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Service Catalog Product data including product + details, owner, type, and associated metadata. ID: aws_servicecatalog_product_5 -Title: "List all AWS Service Catalog Product Details" -Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - owner, - short_description, - l ->> 'Id' as launch_path_id, - l ->> 'Name' as launch_path_name - from - aws_servicecatalog_product, - jsonb_array_elements(launch_paths) as l; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n owner,\n short_description,\n l ->>\ + \ 'Id' as launch_path_id,\n l ->> 'Name' as launch_path_name\nfrom\n aws_servicecatalog_product,\n\ + \ jsonb_array_elements(launch_paths) as l;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: List all AWS Service Catalog Product Details diff --git a/queries/aws_servicecatalog_product_6.yaml b/queries/aws_servicecatalog_product_6.yaml index 6295837e5..1f5641ebb 100755 --- a/queries/aws_servicecatalog_product_6.yaml +++ b/queries/aws_servicecatalog_product_6.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Service Catalog Product data including product + details, owner, type, and associated metadata. ID: aws_servicecatalog_product_6 -Title: "List AWS Service Catalog Product Data Including Details and Metadata" -Description: "Allows users to query AWS Service Catalog Product data including product details, owner, type, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - p ->> 'Id' as provisioning_artifact_id, - p ->> 'Name' as provisioning_artifact_name, - p ->> 'CreatedTime' as provisioning_artifact_created_time, - p ->> 'Description' as provisioning_artifact_description, - p ->> 'Guidance' as provisioning_artifact_guidance - from - aws_servicecatalog_product, - jsonb_array_elements(provisioning_artifacts) as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n p ->> 'Id' as provisioning_artifact_id,\n\ + \ p ->> 'Name' as provisioning_artifact_name,\n p ->> 'CreatedTime' as provisioning_artifact_created_time,\n\ + \ p ->> 'Description' as provisioning_artifact_description,\n p ->> 'Guidance'\ + \ as provisioning_artifact_guidance\nfrom\n aws_servicecatalog_product,\n jsonb_array_elements(provisioning_artifacts)\ + \ as p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: List AWS Service Catalog Product Data Including Details and Metadata diff --git a/queries/aws_servicecatalog_provisioned_product_1.yaml b/queries/aws_servicecatalog_provisioned_product_1.yaml index f1a271a3e..2d24993a5 100755 --- a/queries/aws_servicecatalog_provisioned_product_1.yaml +++ b/queries/aws_servicecatalog_provisioned_product_1.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS Service Catalog Provisioned Product data including + product details, owner, type, and associated metadata. ID: aws_servicecatalog_provisioned_product_1 -Title: "Find AWS Service Catalog Provisioned Product Details" -Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - product_id, - status, - created_time, - last_provisioning_record_id - from - aws_servicecatalog_provisioned_product; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n type,\n product_id,\n status,\n\ + \ created_time,\n last_provisioning_record_id\nfrom\n aws_servicecatalog_provisioned_product;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: Find AWS Service Catalog Provisioned Product Details diff --git a/queries/aws_servicecatalog_provisioned_product_2.yaml b/queries/aws_servicecatalog_provisioned_product_2.yaml index 6e52504f2..a9ed266cf 100755 --- a/queries/aws_servicecatalog_provisioned_product_2.yaml +++ b/queries/aws_servicecatalog_provisioned_product_2.yaml @@ -1,35 +1,23 @@ +Description: Allows users to query AWS Service Catalog Provisioned Product data including + product details, owner, type, and associated metadata. ID: aws_servicecatalog_provisioned_product_2 -Title: "Find all AWS Service Catalog Provisioned Product details" -Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - product_id, - status, - created_time, - last_provisioning_record_id - from - aws_servicecatalog_provisioned_product - where - created_time >= (current_date - interval '7' day) - order by - created_time; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n type,\n product_id,\n status,\n\ + \ created_time,\n last_provisioning_record_id\nfrom\n aws_servicecatalog_provisioned_product\n\ + where\n created_time >= (current_date - interval '7' day)\norder by\n created_time;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: Find all AWS Service Catalog Provisioned Product details diff --git a/queries/aws_servicecatalog_provisioned_product_3.yaml b/queries/aws_servicecatalog_provisioned_product_3.yaml index 618a45ba6..fe4724aab 100755 --- a/queries/aws_servicecatalog_provisioned_product_3.yaml +++ b/queries/aws_servicecatalog_provisioned_product_3.yaml @@ -1,33 +1,23 @@ +Description: Allows users to query AWS Service Catalog Provisioned Product data including + product details, owner, type, and associated metadata. ID: aws_servicecatalog_provisioned_product_3 -Title: "List AWS Service Catalog Provisioned Products with Details" -Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - product_id, - status, - created_time, - last_provisioning_record_id - from - aws_servicecatalog_provisioned_product - where - last_successful_provisioning_record_id is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n type,\n product_id,\n status,\n\ + \ created_time,\n last_provisioning_record_id\nfrom\n aws_servicecatalog_provisioned_product\n\ + where\n last_successful_provisioning_record_id is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: List AWS Service Catalog Provisioned Products with Details diff --git a/queries/aws_servicecatalog_provisioned_product_4.yaml b/queries/aws_servicecatalog_provisioned_product_4.yaml index 8b70994dd..6dcfa44e1 100755 --- a/queries/aws_servicecatalog_provisioned_product_4.yaml +++ b/queries/aws_servicecatalog_provisioned_product_4.yaml @@ -1,34 +1,26 @@ +Description: Allows users to query AWS Service Catalog Provisioned Product data including + product details, owner, type, and associated metadata. ID: aws_servicecatalog_provisioned_product_4 -Title: "List all AWS Service Catalog Provisioned Product details" -Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - pr.id as provisioning_id, - p.name as product_name, - p.id as product_view_id, - p.product_id, - p.type as product_type, - p.support_url as product_support_url, - p.support_email as product_support_email - from - aws_servicecatalog_provisioned_product as pr, - aws_servicecatalog_product as p - where - pr.product_id = p.product_id - and last_successful_provisioning_record_id is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n pr.id as provisioning_id,\n p.name as product_name,\n\ + \ p.id as product_view_id,\n p.product_id,\n p.type as product_type,\n p.support_url\ + \ as product_support_url,\n p.support_email as product_support_email\nfrom\n\ + \ aws_servicecatalog_provisioned_product as pr,\n aws_servicecatalog_product\ + \ as p\nwhere\n pr.product_id = p.product_id\n and last_successful_provisioning_record_id\ + \ is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: List all AWS Service Catalog Provisioned Product details diff --git a/queries/aws_servicecatalog_provisioned_product_5.yaml b/queries/aws_servicecatalog_provisioned_product_5.yaml index e6751af6f..77f3e483d 100755 --- a/queries/aws_servicecatalog_provisioned_product_5.yaml +++ b/queries/aws_servicecatalog_provisioned_product_5.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS Service Catalog Provisioned Product data including + product details, owner, type, and associated metadata. ID: aws_servicecatalog_provisioned_product_5 -Title: "List AWS Service Catalog Provisioned Product Details" -Description: "Allows users to query AWS Service Catalog Provisioned Product data including product details, owner, type, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - arn, - type, - product_id, - status, - created_time, - last_provisioning_record_id - from - aws_servicecatalog_provisioned_product - where - type = 'CFN_STACK' - and last_successful_provisioning_record_id is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n arn,\n type,\n product_id,\n status,\n\ + \ created_time,\n last_provisioning_record_id\nfrom\n aws_servicecatalog_provisioned_product\n\ + where\n type = 'CFN_STACK'\n and last_successful_provisioning_record_id is not\ + \ null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Catalog +Title: List AWS Service Catalog Provisioned Product Details diff --git a/queries/aws_servicequotas_default_service_quota_1.yaml b/queries/aws_servicequotas_default_service_quota_1.yaml index 593bdc05b..3229952c4 100755 --- a/queries/aws_servicequotas_default_service_quota_1.yaml +++ b/queries/aws_servicequotas_default_service_quota_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Service Quotas Default Service Quota to retrieve + information about the default values of service quotas for AWS services. ID: aws_servicequotas_default_service_quota_1 -Title: "List all AWS Service Quotas Default Values" -Description: "Allows users to query AWS Service Quotas Default Service Quota to retrieve information about the default values of service quotas for AWS services." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - quota_name, - quota_code, - quota_arn, - service_name, - service_code, - value - from - aws_servicequotas_default_service_quota; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n quota_name,\n quota_code,\n quota_arn,\n service_name,\n\ + \ service_code,\n value\nfrom\n aws_servicequotas_default_service_quota;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Quotas +Title: List all AWS Service Quotas Default Values diff --git a/queries/aws_servicequotas_default_service_quota_2.yaml b/queries/aws_servicequotas_default_service_quota_2.yaml index a53506fbf..e94001042 100755 --- a/queries/aws_servicequotas_default_service_quota_2.yaml +++ b/queries/aws_servicequotas_default_service_quota_2.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS Service Quotas Default Service Quota to retrieve + information about the default values of service quotas for AWS services. ID: aws_servicequotas_default_service_quota_2 -Title: "List all Default AWS Service Quotas using SQL" -Description: "Allows users to query AWS Service Quotas Default Service Quota to retrieve information about the default values of service quotas for AWS services." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - quota_name, - quota_code, - quota_arn, - service_name, - service_code, - value - from - aws_servicequotas_default_service_quota - where - global_quota; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n quota_name,\n quota_code,\n quota_arn,\n service_name,\n\ + \ service_code,\n value\nfrom\n aws_servicequotas_default_service_quota\nwhere\n\ + \ global_quota;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Quotas +Title: List all Default AWS Service Quotas using SQL diff --git a/queries/aws_servicequotas_default_service_quota_3.yaml b/queries/aws_servicequotas_default_service_quota_3.yaml index 6f49d9926..f46e6c397 100755 --- a/queries/aws_servicequotas_default_service_quota_3.yaml +++ b/queries/aws_servicequotas_default_service_quota_3.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS Service Quotas Default Service Quota to retrieve + information about the default values of service quotas for AWS services. ID: aws_servicequotas_default_service_quota_3 -Title: "Find AWS Default Service Quotas for Services" -Description: "Allows users to query AWS Service Quotas Default Service Quota to retrieve information about the default values of service quotas for AWS services." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - quota_name, - quota_code, - quota_arn, - service_name, - service_code, - value - from - aws_servicequotas_default_service_quota - where - service_code = 'athena'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n quota_name,\n quota_code,\n quota_arn,\n service_name,\n\ + \ service_code,\n value\nfrom\n aws_servicequotas_default_service_quota\nwhere\n\ + \ service_code = 'athena';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Quotas +Title: Find AWS Default Service Quotas for Services diff --git a/queries/aws_servicequotas_service_1.yaml b/queries/aws_servicequotas_service_1.yaml index 0b9489b0b..192bc96de 100755 --- a/queries/aws_servicequotas_service_1.yaml +++ b/queries/aws_servicequotas_service_1.yaml @@ -1,23 +1,19 @@ +Description: Allows users to query AWS Service Quotas services, providing detailed + information about each service''s code and name. ID: aws_servicequotas_service_1 -Title: "List all AWS Service Quotas with detailed service info" -Description: "Allows users to query AWS Service Quotas services, providing detailed information about each service''s code and name." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select distinct - service_code, - service_name - from - aws_servicequotas_service; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select distinct\n service_code,\n service_name\nfrom\n aws_servicequotas_service;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Quotas +Title: List all AWS Service Quotas with detailed service info diff --git a/queries/aws_servicequotas_service_2.yaml b/queries/aws_servicequotas_service_2.yaml index cda54e720..79552e17b 100755 --- a/queries/aws_servicequotas_service_2.yaml +++ b/queries/aws_servicequotas_service_2.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query AWS Service Quotas services, providing detailed + information about each service''s code and name. ID: aws_servicequotas_service_2 -Title: "Find AWS Service Quota Service Codes for CloudTrail" -Description: "Allows users to query AWS Service Quotas services, providing detailed information about each service''s code and name." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select distinct - service_code - from - aws_servicequotas_service - where - service_name = 'AWS CloudTrail'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select distinct\n service_code\nfrom\n aws_servicequotas_service\n\ + where\n service_name = 'AWS CloudTrail';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Quotas +Title: Find AWS Service Quota Service Codes for CloudTrail diff --git a/queries/aws_servicequotas_service_quota_1.yaml b/queries/aws_servicequotas_service_quota_1.yaml index a7e8881ee..950597030 100755 --- a/queries/aws_servicequotas_service_quota_1.yaml +++ b/queries/aws_servicequotas_service_quota_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Service Quotas, providing detailed information + about each quota''s value, default value, and whether it''s adjustable. ID: aws_servicequotas_service_quota_1 -Title: "List all AWS Service Quotas with Values and Details" -Description: "Allows users to query AWS Service Quotas, providing detailed information about each quota''s value, default value, and whether it''s adjustable." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - quota_name, - quota_code, - quota_arn, - service_name, - service_code, - value - from - aws_servicequotas_service_quota; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n quota_name,\n quota_code,\n quota_arn,\n service_name,\n\ + \ service_code,\n value\nfrom\n aws_servicequotas_service_quota;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Quotas +Title: List all AWS Service Quotas with Values and Details diff --git a/queries/aws_servicequotas_service_quota_2.yaml b/queries/aws_servicequotas_service_quota_2.yaml index da4905614..b0f8ab47c 100755 --- a/queries/aws_servicequotas_service_quota_2.yaml +++ b/queries/aws_servicequotas_service_quota_2.yaml @@ -1,29 +1,20 @@ +Description: Allows users to query AWS Service Quotas, providing detailed information + about each quota''s value, default value, and whether it''s adjustable. ID: aws_servicequotas_service_quota_2 -Title: "Find AWS Service Quotas with Details on Values" -Description: "Allows users to query AWS Service Quotas, providing detailed information about each quota''s value, default value, and whether it''s adjustable." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - quota_name, - quota_code, - quota_arn, - service_name, - service_code, - value - from - aws_servicequotas_service_quota - where - global_quota; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n quota_name,\n quota_code,\n quota_arn,\n service_name,\n\ + \ service_code,\n value\nfrom\n aws_servicequotas_service_quota\nwhere\n global_quota;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Quotas +Title: Find AWS Service Quotas with Details on Values diff --git a/queries/aws_servicequotas_service_quota_3.yaml b/queries/aws_servicequotas_service_quota_3.yaml index 110f432bb..47d455448 100755 --- a/queries/aws_servicequotas_service_quota_3.yaml +++ b/queries/aws_servicequotas_service_quota_3.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Service Quotas, providing detailed information + about each quota''s value, default value, and whether it''s adjustable. ID: aws_servicequotas_service_quota_3 -Title: "Find AWS Service Quotas for Specific Services" -Description: "Allows users to query AWS Service Quotas, providing detailed information about each quota''s value, default value, and whether it''s adjustable." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - quota_name, - quota_code, - quota_arn, - service_name, - service_code, - value - from - aws_servicequotas_service_quota - where - service_code = 'athena'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n quota_name,\n quota_code,\n quota_arn,\n service_name,\n\ + \ service_code,\n value\nfrom\n aws_servicequotas_service_quota\nwhere\n service_code\ + \ = 'athena';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Quotas +Title: Find AWS Service Quotas for Specific Services diff --git a/queries/aws_servicequotas_service_quota_change_request_1.yaml b/queries/aws_servicequotas_service_quota_change_request_1.yaml index f76226fb8..c9b6a0f9f 100755 --- a/queries/aws_servicequotas_service_quota_change_request_1.yaml +++ b/queries/aws_servicequotas_service_quota_change_request_1.yaml @@ -1,27 +1,19 @@ +Description: Allows users to query AWS Service Quotas change requests. ID: aws_servicequotas_service_quota_change_request_1 -Title: "Find All AWS Service Quotas Change Requests" -Description: "Allows users to query AWS Service Quotas change requests." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - case_id, - status, - quota_name, - quota_code, - desired_value - from - aws_servicequotas_service_quota_change_request; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n case_id,\n status,\n quota_name,\n quota_code,\n\ + \ desired_value\nfrom\n aws_servicequotas_service_quota_change_request;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Quotas +Title: Find All AWS Service Quotas Change Requests diff --git a/queries/aws_servicequotas_service_quota_change_request_2.yaml b/queries/aws_servicequotas_service_quota_change_request_2.yaml index 3a4a2e6cd..f4c131963 100755 --- a/queries/aws_servicequotas_service_quota_change_request_2.yaml +++ b/queries/aws_servicequotas_service_quota_change_request_2.yaml @@ -1,29 +1,20 @@ +Description: Allows users to query AWS Service Quotas change requests. ID: aws_servicequotas_service_quota_change_request_2 -Title: "Find AWS Service Quota Change Requests Statuses" -Description: "Allows users to query AWS Service Quotas change requests." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - case_id, - status, - quota_name, - quota_code, - desired_value - from - aws_servicequotas_service_quota_change_request - where - status = 'DENIED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n case_id,\n status,\n quota_name,\n quota_code,\n\ + \ desired_value\nfrom\n aws_servicequotas_service_quota_change_request\nwhere\n\ + \ status = 'DENIED';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Quotas +Title: Find AWS Service Quota Change Requests Statuses diff --git a/queries/aws_servicequotas_service_quota_change_request_3.yaml b/queries/aws_servicequotas_service_quota_change_request_3.yaml index 86b027178..ab3bf3e5e 100755 --- a/queries/aws_servicequotas_service_quota_change_request_3.yaml +++ b/queries/aws_servicequotas_service_quota_change_request_3.yaml @@ -1,29 +1,20 @@ +Description: Allows users to query AWS Service Quotas change requests. ID: aws_servicequotas_service_quota_change_request_3 -Title: "Find all AWS Service Quotas change requests" -Description: "Allows users to query AWS Service Quotas change requests." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - case_id, - status, - quota_name, - quota_code, - desired_value - from - aws_servicequotas_service_quota_change_request - where - service_code = 'athena'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n case_id,\n status,\n quota_name,\n quota_code,\n\ + \ desired_value\nfrom\n aws_servicequotas_service_quota_change_request\nwhere\n\ + \ service_code = 'athena';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Service Quotas +Title: Find all AWS Service Quotas change requests diff --git a/queries/aws_ses_domain_identity_1.yaml b/queries/aws_ses_domain_identity_1.yaml index cd180ca79..2d57db61a 100755 --- a/queries/aws_ses_domain_identity_1.yaml +++ b/queries/aws_ses_domain_identity_1.yaml @@ -1,25 +1,25 @@ +Description: Allows users to query Amazon Simple Email Service Domain Identities. + The aws_ses_domain_identity table in Steampipe provides information about domain + identities within Amazon Simple Email Service (SES). This table allows DevOps engineers + to query domain-specific details, including verification status, DKIM attributes, + and associated metadata. Users can utilize this table to gather insights on domain + identities, such as verification status, DKIM tokens, and more. The schema outlines + the various attributes of the SES domain identity, including the identity name, + verification status, DKIM enabled status, and DKIM tokens. ID: aws_ses_domain_identity_1 -Title: "List all Amazon SES Domain Identities and Their Details" -Description: "Allows users to query Amazon Simple Email Service Domain Identities. The aws_ses_domain_identity table in Steampipe provides information about domain identities within Amazon Simple Email Service (SES). This table allows DevOps engineers to query domain-specific details, including verification status, DKIM attributes, and associated metadata. Users can utilize this table to gather insights on domain identities, such as verification status, DKIM tokens, and more. The schema outlines the various attributes of the SES domain identity, including the identity name, verification status, DKIM enabled status, and DKIM tokens." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity, - arn, - region, - akas - from - aws_ses_domain_identity; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n identity,\n arn,\n region,\n akas\nfrom\n aws_ses_domain_identity;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Simple Email Service +Title: List all Amazon SES Domain Identities and Their Details diff --git a/queries/aws_ses_domain_identity_2.yaml b/queries/aws_ses_domain_identity_2.yaml index d8dd345c1..4ee8a254a 100755 --- a/queries/aws_ses_domain_identity_2.yaml +++ b/queries/aws_ses_domain_identity_2.yaml @@ -1,28 +1,28 @@ +Description: Allows users to query Amazon Simple Email Service Domain Identities. + The aws_ses_domain_identity table in Steampipe provides information about domain + identities within Amazon Simple Email Service (SES). This table allows DevOps engineers + to query domain-specific details, including verification status, DKIM attributes, + and associated metadata. Users can utilize this table to gather insights on domain + identities, such as verification status, DKIM tokens, and more. The schema outlines + the various attributes of the SES domain identity, including the identity name, + verification status, DKIM enabled status, and DKIM tokens. ID: aws_ses_domain_identity_2 -Title: "Find AWS SES Domain Identities with Verification Status Failed" -Description: "Allows users to query Amazon Simple Email Service Domain Identities. The aws_ses_domain_identity table in Steampipe provides information about domain identities within Amazon Simple Email Service (SES). This table allows DevOps engineers to query domain-specific details, including verification status, DKIM attributes, and associated metadata. Users can utilize this table to gather insights on domain identities, such as verification status, DKIM tokens, and more. The schema outlines the various attributes of the SES domain identity, including the identity name, verification status, DKIM enabled status, and DKIM tokens." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity, - region, - verification_status - from - aws_ses_domain_identity - where - verification_status = 'Failed'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n identity,\n region,\n verification_status\nfrom\n \ + \ aws_ses_domain_identity\nwhere\n verification_status = 'Failed';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Simple Email Service +Title: Find AWS SES Domain Identities with Verification Status Failed diff --git a/queries/aws_ses_email_identity_1.yaml b/queries/aws_ses_email_identity_1.yaml index 2369fc522..33361126e 100755 --- a/queries/aws_ses_email_identity_1.yaml +++ b/queries/aws_ses_email_identity_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS SES Email Identity to retrieve information + about the email identities (domains and email addresses) that you have verified + with Amazon SES. ID: aws_ses_email_identity_1 -Title: "List All AWS SES Email Identities and Details" -Description: "Allows users to query AWS SES Email Identity to retrieve information about the email identities (domains and email addresses) that you have verified with Amazon SES." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity, - arn, - region, - akas - from - aws_ses_email_identity; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n identity,\n arn,\n region,\n akas\nfrom\n aws_ses_email_identity;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SES +Title: List All AWS SES Email Identities and Details diff --git a/queries/aws_ses_email_identity_2.yaml b/queries/aws_ses_email_identity_2.yaml index 908cf5cf3..82fa9f1f1 100755 --- a/queries/aws_ses_email_identity_2.yaml +++ b/queries/aws_ses_email_identity_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS SES Email Identity to retrieve information + about the email identities (domains and email addresses) that you have verified + with Amazon SES. ID: aws_ses_email_identity_2 -Title: "List AWS SES Email Identities and Their Verification Status" -Description: "Allows users to query AWS SES Email Identity to retrieve information about the email identities (domains and email addresses) that you have verified with Amazon SES." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - identity, - region, - verification_status - from - aws_ses_email_identity - where - verification_status = 'Failed'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n identity,\n region,\n verification_status\nfrom\n \ + \ aws_ses_email_identity\nwhere\n verification_status = 'Failed';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SES +Title: List AWS SES Email Identities and Their Verification Status diff --git a/queries/aws_sfn_state_machine_1.yaml b/queries/aws_sfn_state_machine_1.yaml index 9340453dd..2a19a342a 100755 --- a/queries/aws_sfn_state_machine_1.yaml +++ b/queries/aws_sfn_state_machine_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Step Functions State Machines to retrieve detailed + information about each state machine. ID: aws_sfn_state_machine_1 -Title: "Find all AWS Step Functions State Machines in SQL" -Description: "Allows users to query AWS Step Functions State Machines to retrieve detailed information about each state machine." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status, - type, - role_arn - from - aws_sfn_state_machine; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n status,\n type,\n role_arn\nfrom\n\ + \ aws_sfn_state_machine;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Step Functions +Title: Find all AWS Step Functions State Machines in SQL diff --git a/queries/aws_sfn_state_machine_2.yaml b/queries/aws_sfn_state_machine_2.yaml index 46490c9ac..fd8fc4104 100755 --- a/queries/aws_sfn_state_machine_2.yaml +++ b/queries/aws_sfn_state_machine_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Step Functions State Machines to retrieve detailed + information about each state machine. ID: aws_sfn_state_machine_2 -Title: "Find AWS Step Functions State Machines Details" -Description: "Allows users to query AWS Step Functions State Machines to retrieve detailed information about each state machine." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - status - from - aws_sfn_state_machine - where - status = 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n status\nfrom\n aws_sfn_state_machine\n\ + where\n status = 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Step Functions +Title: Find AWS Step Functions State Machines Details diff --git a/queries/aws_sfn_state_machine_execution_1.yaml b/queries/aws_sfn_state_machine_execution_1.yaml index b3a5048ef..c0db48263 100755 --- a/queries/aws_sfn_state_machine_execution_1.yaml +++ b/queries/aws_sfn_state_machine_execution_1.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Step Functions State Machine Execution data, + including execution status, start and end times, and associated state machine details. ID: aws_sfn_state_machine_execution_1 -Title: "List all AWS Step Functions Execution details" -Description: "Allows users to query AWS Step Functions State Machine Execution data, including execution status, start and end times, and associated state machine details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - execution_arn, - status, - state_machine_arn - from - aws_sfn_state_machine_execution; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n execution_arn,\n status,\n state_machine_arn\n\ + from\n aws_sfn_state_machine_execution;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Step Functions +Title: List all AWS Step Functions Execution details diff --git a/queries/aws_sfn_state_machine_execution_2.yaml b/queries/aws_sfn_state_machine_execution_2.yaml index bcf3a047c..a7ec96c46 100755 --- a/queries/aws_sfn_state_machine_execution_2.yaml +++ b/queries/aws_sfn_state_machine_execution_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Step Functions State Machine Execution data, + including execution status, start and end times, and associated state machine details. ID: aws_sfn_state_machine_execution_2 -Title: "Find AWS Step Functions Execution Status and Details" -Description: "Allows users to query AWS Step Functions State Machine Execution data, including execution status, start and end times, and associated state machine details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - execution_arn, - status, - state_machine_arn - from - aws_sfn_state_machine_execution - where - status = 'FAILED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n execution_arn,\n status,\n state_machine_arn\n\ + from\n aws_sfn_state_machine_execution\nwhere\n status = 'FAILED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Step Functions +Title: Find AWS Step Functions Execution Status and Details diff --git a/queries/aws_sfn_state_machine_execution_history_1.yaml b/queries/aws_sfn_state_machine_execution_history_1.yaml index ba798f830..da1c1b2bb 100755 --- a/queries/aws_sfn_state_machine_execution_history_1.yaml +++ b/queries/aws_sfn_state_machine_execution_history_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Step Functions State Machine Execution History + to fetch information about the execution history of a state machine. ID: aws_sfn_state_machine_execution_history_1 -Title: "Find AWS Step Functions State Machine Execution History" -Description: "Allows users to query AWS Step Functions State Machine Execution History to fetch information about the execution history of a state machine." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - execution_arn, - previous_event_id, - timestamp, - type - from - aws_sfn_state_machine_execution_history; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n execution_arn,\n previous_event_id,\n timestamp,\n\ + \ type\nfrom\n aws_sfn_state_machine_execution_history;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Step Functions +Title: Find AWS Step Functions State Machine Execution History diff --git a/queries/aws_sfn_state_machine_execution_history_2.yaml b/queries/aws_sfn_state_machine_execution_history_2.yaml index c4a0ac138..d438e1372 100755 --- a/queries/aws_sfn_state_machine_execution_history_2.yaml +++ b/queries/aws_sfn_state_machine_execution_history_2.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS Step Functions State Machine Execution History + to fetch information about the execution history of a state machine. ID: aws_sfn_state_machine_execution_history_2 -Title: "Find AWS Step Functions State Machine Execution Details" -Description: "Allows users to query AWS Step Functions State Machine Execution History to fetch information about the execution history of a state machine." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - execution_arn, - execution_started_event_details -> 'Input' as event_input, - execution_started_event_details -> 'InputDetails' as event_input_details, - execution_started_event_details ->> 'RoleArn' as event_role_arn - from - aws_sfn_state_machine_execution_history - where - type = 'ExecutionStarted'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n execution_arn,\n execution_started_event_details\ + \ -> 'Input' as event_input,\n execution_started_event_details -> 'InputDetails'\ + \ as event_input_details,\n execution_started_event_details ->> 'RoleArn' as\ + \ event_role_arn\nfrom\n aws_sfn_state_machine_execution_history\nwhere\n type\ + \ = 'ExecutionStarted';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Step Functions +Title: Find AWS Step Functions State Machine Execution Details diff --git a/queries/aws_simspaceweaver_simulation_1.yaml b/queries/aws_simspaceweaver_simulation_1.yaml index b4c03292b..6c015e56a 100755 --- a/queries/aws_simspaceweaver_simulation_1.yaml +++ b/queries/aws_simspaceweaver_simulation_1.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS SimSpace Simulation data. This table provides + information about simulations within AWS SimSpace. Engineers can use it to query + simulation-specific details, including simulation status, configuration, and associated + metadata. ID: aws_simspaceweaver_simulation_1 -Title: "List all AWS SimSpace Simulation with details" -Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - status, - execution_id, - schema_error - from - aws_simspaceweaver_simulation; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n creation_time,\n status,\n execution_id,\n\ + \ schema_error\nfrom\n aws_simspaceweaver_simulation;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SimSpaceWeaver Simulation +Title: List all AWS SimSpace Simulation with details diff --git a/queries/aws_simspaceweaver_simulation_2.yaml b/queries/aws_simspaceweaver_simulation_2.yaml index 4dcd68c45..c8f1553e9 100755 --- a/queries/aws_simspaceweaver_simulation_2.yaml +++ b/queries/aws_simspaceweaver_simulation_2.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS SimSpace Simulation data. This table provides + information about simulations within AWS SimSpace. Engineers can use it to query + simulation-specific details, including simulation status, configuration, and associated + metadata. ID: aws_simspaceweaver_simulation_2 -Title: "List all AWS SimSpace Simulations from the past 30 days" -Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - status - from - aws_simspaceweaver_simulation - where - creation_time >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n creation_time,\n status\nfrom\n aws_simspaceweaver_simulation\n\ + where\n creation_time >= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SimSpace +Title: List all AWS SimSpace Simulations from the past 30 days diff --git a/queries/aws_simspaceweaver_simulation_3.yaml b/queries/aws_simspaceweaver_simulation_3.yaml index 50ef19e6c..ce042cec5 100755 --- a/queries/aws_simspaceweaver_simulation_3.yaml +++ b/queries/aws_simspaceweaver_simulation_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS SimSpace Simulation data. This table provides + information about simulations within AWS SimSpace. Engineers can use it to query + simulation-specific details, including simulation status, configuration, and associated + metadata. ID: aws_simspaceweaver_simulation_3 -Title: "List all AWS SimSpace Simulation details with SQL" -Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - creation_time, - status - from - aws_simspaceweaver_simulation - where - status = 'FAILED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n creation_time,\n status\nfrom\n aws_simspaceweaver_simulation\n\ + where\n status = 'FAILED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SimSpace Simulation +Title: List all AWS SimSpace Simulation details with SQL diff --git a/queries/aws_simspaceweaver_simulation_4.yaml b/queries/aws_simspaceweaver_simulation_4.yaml index ca66fa8b5..75cfc83d7 100755 --- a/queries/aws_simspaceweaver_simulation_4.yaml +++ b/queries/aws_simspaceweaver_simulation_4.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query AWS SimSpace Simulation data. This table provides + information about simulations within AWS SimSpace. Engineers can use it to query + simulation-specific details, including simulation status, configuration, and associated + metadata. ID: aws_simspaceweaver_simulation_4 -Title: "List AWS SimSpace Simulations and Details" -Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - jsonb_pretty(d) - from - aws_simspaceweaver_simulation, - jsonb_array_elements(logging_configuration -> 'Destinations') as d; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n jsonb_pretty(d)\nfrom\n aws_simspaceweaver_simulation,\n\ + \ jsonb_array_elements(logging_configuration -> 'Destinations') as d;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SimSpace Simulation +Title: List AWS SimSpace Simulations and Details diff --git a/queries/aws_simspaceweaver_simulation_5.yaml b/queries/aws_simspaceweaver_simulation_5.yaml index 772c5041e..a64582476 100755 --- a/queries/aws_simspaceweaver_simulation_5.yaml +++ b/queries/aws_simspaceweaver_simulation_5.yaml @@ -1,33 +1,26 @@ +Description: Allows users to query AWS SimSpace Simulation data. This table provides + information about simulations within AWS SimSpace. Engineers can use it to query + simulation-specific details, including simulation status, configuration, and associated + metadata. ID: aws_simspaceweaver_simulation_5 -Title: "Find AWS SimSpace Simulation Specific Details" -Description: "Allows users to query AWS SimSpace Simulation data. This table provides information about simulations within AWS SimSpace. Engineers can use it to query simulation-specific details, including simulation status, configuration, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.name, - s.arn, - s.schema_s3_location ->> 'BucketName' as bucket_name, - s.schema_s3_location ->> 'ObjectKey' as object_key, - b.versioning_enabled, - b.block_public_acls, - b.acl - from - aws_simspaceweaver_simulation as s, - aws_s3_bucket as b - where - s.schema_s3_location ->> 'BucketName' = b.name; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.name,\n s.arn,\n s.schema_s3_location ->> 'BucketName'\ + \ as bucket_name,\n s.schema_s3_location ->> 'ObjectKey' as object_key,\n b.versioning_enabled,\n\ + \ b.block_public_acls,\n b.acl\nfrom\n aws_simspaceweaver_simulation as s,\n\ + \ aws_s3_bucket as b\nwhere\n s.schema_s3_location ->> 'BucketName' = b.name;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SimSpace Weaver +Title: Find AWS SimSpace Simulation Specific Details diff --git a/queries/aws_sns_subscription_1.yaml b/queries/aws_sns_subscription_1.yaml index cee70167e..b5adc6cbc 100755 --- a/queries/aws_sns_subscription_1.yaml +++ b/queries/aws_sns_subscription_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS SNS Topic Subscriptions to obtain detailed + information about each subscription, including subscription ARN, owner, protocol, + endpoint, and more. ID: aws_sns_subscription_1 -Title: "List all AWS SNS Topic Subscriptions Details" -Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - redrive_policy - from - aws_sns_subscription - where - redrive_policy is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n redrive_policy\nfrom\n aws_sns_subscription\n\ + where\n redrive_policy is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Notification Service +Title: List all AWS SNS Topic Subscriptions Details diff --git a/queries/aws_sns_subscription_2.yaml b/queries/aws_sns_subscription_2.yaml index 8753f6cb1..93a192690 100755 --- a/queries/aws_sns_subscription_2.yaml +++ b/queries/aws_sns_subscription_2.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS SNS Topic Subscriptions to obtain detailed + information about each subscription, including subscription ARN, owner, protocol, + endpoint, and more. ID: aws_sns_subscription_2 -Title: "List all AWS SNS Topic Subscriptions Details" -Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - filter_policy - from - aws_sns_subscription - where - filter_policy is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n filter_policy\nfrom\n aws_sns_subscription\n\ + where\n filter_policy is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Notification Service +Title: List all AWS SNS Topic Subscriptions Details diff --git a/queries/aws_sns_subscription_3.yaml b/queries/aws_sns_subscription_3.yaml index 3745a4d1b..777c20423 100755 --- a/queries/aws_sns_subscription_3.yaml +++ b/queries/aws_sns_subscription_3.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS SNS Topic Subscriptions to obtain detailed + information about each subscription, including subscription ARN, owner, protocol, + endpoint, and more. ID: aws_sns_subscription_3 -Title: "List AWS SNS Topic Subscription Details with SQL" -Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - count(subscription_arn) as subscription_count - from - aws_sns_subscription - group by - title; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n count(subscription_arn) as subscription_count\n\ + from\n aws_sns_subscription\ngroup by\n title;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Notification Service +Title: List AWS SNS Topic Subscription Details with SQL diff --git a/queries/aws_sns_topic_1.yaml b/queries/aws_sns_topic_1.yaml index 7bc46e0c7..89de70355 100755 --- a/queries/aws_sns_topic_1.yaml +++ b/queries/aws_sns_topic_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS SNS Topics to gather information about each + topic, including its name, owner, ARN, and other related data. ID: aws_sns_topic_1 -Title: "Find AWS SNS Topics and Their Information" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - kms_master_key_id - from - aws_sns_topic - where - kms_master_key_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n kms_master_key_id\nfrom\n aws_sns_topic\n\ + where\n kms_master_key_id is null;" Tags: cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SNS +Title: Find AWS SNS Topics and Their Information diff --git a/queries/aws_sns_topic_2.yaml b/queries/aws_sns_topic_2.yaml index 0bd49b416..6e3698370 100755 --- a/queries/aws_sns_topic_2.yaml +++ b/queries/aws_sns_topic_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS SNS Topics to gather information about each + topic, including its name, owner, ARN, and other related data. ID: aws_sns_topic_2 -Title: "Find AWS SNS Topics with KMS Key Information" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - kms_master_key_id - from - aws_sns_topic - where - kms_master_key_id = 'alias/aws/sns'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n kms_master_key_id\nfrom\n aws_sns_topic\n\ + where\n kms_master_key_id = 'alias/aws/sns';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SNS +Title: Find AWS SNS Topics with KMS Key Information diff --git a/queries/aws_sns_topic_3.yaml b/queries/aws_sns_topic_3.yaml index 796dbf28c..bdf8a4d34 100755 --- a/queries/aws_sns_topic_3.yaml +++ b/queries/aws_sns_topic_3.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS SNS Topics to gather information about each + topic, including its name, owner, ARN, and other related data. ID: aws_sns_topic_3 -Title: "List all AWS SNS Topics and their details" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - tags - from - aws_sns_topic - where - not tags :: JSONB ? 'owner'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n tags\nfrom\n aws_sns_topic\nwhere\n not tags\ + \ :: JSONB ? 'owner';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SNS +Title: List all AWS SNS Topics and their details diff --git a/queries/aws_sns_topic_4.yaml b/queries/aws_sns_topic_4.yaml index 0078da366..033c99482 100755 --- a/queries/aws_sns_topic_4.yaml +++ b/queries/aws_sns_topic_4.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS SNS Topics to gather information about each + topic, including its name, owner, ARN, and other related data. ID: aws_sns_topic_4 -Title: "Find AWS SNS Topics and Details" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_sns_topic, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - p = '*' - and s ->> 'Effect' = 'Allow'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s -> 'Condition' as conditions\nfrom\n aws_sns_topic,\n jsonb_array_elements(policy_std\ + \ -> 'Statement') as s,\n jsonb_array_elements_text(s -> 'Principal' -> 'AWS')\ + \ as p,\n jsonb_array_elements_text(s -> 'Action') as a\nwhere\n p = '*'\n \ + \ and s ->> 'Effect' = 'Allow';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SNS Topics +Title: Find AWS SNS Topics and Details diff --git a/queries/aws_sns_topic_5.yaml b/queries/aws_sns_topic_5.yaml index 983e1acb1..8f01a82c6 100755 --- a/queries/aws_sns_topic_5.yaml +++ b/queries/aws_sns_topic_5.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS SNS Topics to gather information about each + topic, including its name, owner, ARN, and other related data. ID: aws_sns_topic_5 -Title: "List all AWS SNS Topics and their relevant details" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_sns_topic, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and a in ('*', 'sns:*'); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s -> 'Condition' as conditions\nfrom\n aws_sns_topic,\n jsonb_array_elements(policy_std\ + \ -> 'Statement') as s,\n jsonb_array_elements_text(s -> 'Principal' -> 'AWS')\ + \ as p,\n jsonb_array_elements_text(s -> 'Action') as a\nwhere\n s ->> 'Effect'\ + \ = 'Allow'\n and a in ('*', 'sns:*');" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SNS +Title: List all AWS SNS Topics and their relevant details diff --git a/queries/aws_sns_topic_6.yaml b/queries/aws_sns_topic_6.yaml index 3f9b35395..510a7c8f6 100755 --- a/queries/aws_sns_topic_6.yaml +++ b/queries/aws_sns_topic_6.yaml @@ -1,39 +1,25 @@ +Description: Allows users to query AWS SNS Topics to gather information about each + topic, including its name, owner, ARN, and other related data. ID: aws_sns_topic_6 -Title: "List all details for AWS SNS Topics" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title - from - aws_sns_topic - where - title not in ( - select - title - from - aws_sns_topic, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a, - jsonb_array_elements_text( - s -> 'Condition' -> 'Bool' -> 'aws:securetransport' - ) as ssl - where - p = '*' - and s ->> 'Effect' = 'Deny' - and ssl :: bool = false - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title\nfrom\n aws_sns_topic\nwhere\n title not in (\n\ + \ select\n title\n from\n aws_sns_topic,\n jsonb_array_elements(policy_std\ + \ -> 'Statement') as s,\n jsonb_array_elements_text(s -> 'Principal' -> 'AWS')\ + \ as p,\n jsonb_array_elements_text(s -> 'Action') as a,\n jsonb_array_elements_text(\n\ + \ s -> 'Condition' -> 'Bool' -> 'aws:securetransport'\n ) as ssl\n\ + \ where\n p = '*'\n and s ->> 'Effect' = 'Deny'\n and ssl ::\ + \ bool = false\n );" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SNS +Title: List all details for AWS SNS Topics diff --git a/queries/aws_sns_topic_7.yaml b/queries/aws_sns_topic_7.yaml index 0c292a68b..47a840c94 100755 --- a/queries/aws_sns_topic_7.yaml +++ b/queries/aws_sns_topic_7.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS SNS Topics to gather information about each + topic, including its name, owner, ARN, and other related data. ID: aws_sns_topic_7 -Title: "Find AWS SNS Topics Without Failure Feedback Roles" -Description: "Allows users to query AWS SNS Topics to gather information about each topic, including its name, owner, ARN, and other related data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - topic_arn, - region - from - aws_sns_topic - where - application_failure_feedback_role_arn is null and - firehose_failure_feedback_role_arn is null and - http_failure_feedback_role_arn is null and - lambda_failure_feedback_role_arn is null and - sqs_failure_feedback_role_arn is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n topic_arn,\n region\nfrom \n aws_sns_topic\n\ + where\n application_failure_feedback_role_arn is null and\n firehose_failure_feedback_role_arn\ + \ is null and\n http_failure_feedback_role_arn is null and\n lambda_failure_feedback_role_arn\ + \ is null and\n sqs_failure_feedback_role_arn is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SNS +Title: Find AWS SNS Topics Without Failure Feedback Roles diff --git a/queries/aws_sns_topic_subscription_1.yaml b/queries/aws_sns_topic_subscription_1.yaml index f90caf88f..0833e8d62 100755 --- a/queries/aws_sns_topic_subscription_1.yaml +++ b/queries/aws_sns_topic_subscription_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS SNS Topic Subscriptions to obtain detailed + information about each subscription, including subscription ARN, owner, protocol, + endpoint, and more. ID: aws_sns_topic_subscription_1 -Title: "Find AWS SNS Topic Subscriptions with No Redrive Policy" -Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - redrive_policy - from - aws_sns_topic_subscription - where - redrive_policy is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n redrive_policy\nfrom\n aws_sns_topic_subscription\n\ + where\n redrive_policy is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SNS +Title: Find AWS SNS Topic Subscriptions with No Redrive Policy diff --git a/queries/aws_sns_topic_subscription_2.yaml b/queries/aws_sns_topic_subscription_2.yaml index 8c5c1b874..3a4b5aefe 100755 --- a/queries/aws_sns_topic_subscription_2.yaml +++ b/queries/aws_sns_topic_subscription_2.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS SNS Topic Subscriptions to obtain detailed + information about each subscription, including subscription ARN, owner, protocol, + endpoint, and more. ID: aws_sns_topic_subscription_2 -Title: "List all AWS SNS Topic Subscriptions and Details" -Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - filter_policy - from - aws_sns_topic_subscription - where - filter_policy is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n filter_policy\nfrom\n aws_sns_topic_subscription\n\ + where\n filter_policy is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Notification Service +Title: List all AWS SNS Topic Subscriptions and Details diff --git a/queries/aws_sns_topic_subscription_3.yaml b/queries/aws_sns_topic_subscription_3.yaml index e3f95a9da..c6a733e50 100755 --- a/queries/aws_sns_topic_subscription_3.yaml +++ b/queries/aws_sns_topic_subscription_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS SNS Topic Subscriptions to obtain detailed + information about each subscription, including subscription ARN, owner, protocol, + endpoint, and more. ID: aws_sns_topic_subscription_3 -Title: "Find AWS SNS Topic Subscriptions Detailed Information" -Description: "Allows users to query AWS SNS Topic Subscriptions to obtain detailed information about each subscription, including subscription ARN, owner, protocol, endpoint, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - count(subscription_arn) as subscription_count - from - aws_sns_topic_subscription - group by - title; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n count(subscription_arn) as subscription_count\n\ + from\n aws_sns_topic_subscription\ngroup by\n title;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Notification Service +Title: Find AWS SNS Topic Subscriptions Detailed Information diff --git a/queries/aws_sqs_queue_1.yaml b/queries/aws_sqs_queue_1.yaml index 833f79b5f..7a90fcd4f 100755 --- a/queries/aws_sqs_queue_1.yaml +++ b/queries/aws_sqs_queue_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed + information about each queue. ID: aws_sqs_queue_1 -Title: "List All AWS SQS Queues with Detailed Information" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - delay_seconds, - max_message_size, - receive_wait_time_seconds, - message_retention_seconds, - visibility_timeout_seconds - from - aws_sqs_queue; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n delay_seconds,\n max_message_size,\n receive_wait_time_seconds,\n\ + \ message_retention_seconds,\n visibility_timeout_seconds\nfrom\n aws_sqs_queue;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Queue Service +Title: List All AWS SQS Queues with Detailed Information diff --git a/queries/aws_sqs_queue_10.yaml b/queries/aws_sqs_queue_10.yaml index 53e0c2337..7ec8e31ce 100755 --- a/queries/aws_sqs_queue_10.yaml +++ b/queries/aws_sqs_queue_10.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed + information about each queue. ID: aws_sqs_queue_10 -Title: "List AWS SQS Queues with Detailed Information" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_sqs_queue, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and a in ('*', 'sqs:*'); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s -> 'Condition' as conditions\nfrom\n aws_sqs_queue,\n jsonb_array_elements(policy_std\ + \ -> 'Statement') as s,\n jsonb_array_elements_text(s -> 'Principal' -> 'AWS')\ + \ as p,\n jsonb_array_elements_text(s -> 'Action') as a\nwhere\n s ->> 'Effect'\ + \ = 'Allow'\n and a in ('*', 'sqs:*');" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Queue Service (SQS) +Title: List AWS SQS Queues with Detailed Information diff --git a/queries/aws_sqs_queue_2.yaml b/queries/aws_sqs_queue_2.yaml index 44adddde8..d3f50e409 100755 --- a/queries/aws_sqs_queue_2.yaml +++ b/queries/aws_sqs_queue_2.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed + information about each queue. ID: aws_sqs_queue_2 -Title: "Find AWS SQS Queue Details with SQL" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - kms_master_key_id, - sqs_managed_sse_enabled - from - aws_sqs_queue - where - kms_master_key_id is null - and not sqs_managed_sse_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n kms_master_key_id,\n sqs_managed_sse_enabled\n\ + from\n aws_sqs_queue\nwhere\n kms_master_key_id is null\n and not sqs_managed_sse_enabled;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Queue Service +Title: Find AWS SQS Queue Details with SQL diff --git a/queries/aws_sqs_queue_3.yaml b/queries/aws_sqs_queue_3.yaml index ec4d0cb45..987b87389 100755 --- a/queries/aws_sqs_queue_3.yaml +++ b/queries/aws_sqs_queue_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed + information about each queue. ID: aws_sqs_queue_3 -Title: "Find AWS SQS Queues with KMS Key Details" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - kms_master_key_id, - sqs_managed_sse_enabled - from - aws_sqs_queue - where - kms_master_key_id is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n kms_master_key_id,\n sqs_managed_sse_enabled\n\ + from\n aws_sqs_queue\nwhere\n kms_master_key_id is not null;" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Queue Service +Title: Find AWS SQS Queues with KMS Key Details diff --git a/queries/aws_sqs_queue_4.yaml b/queries/aws_sqs_queue_4.yaml index d83679957..d47233346 100755 --- a/queries/aws_sqs_queue_4.yaml +++ b/queries/aws_sqs_queue_4.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed + information about each queue. ID: aws_sqs_queue_4 -Title: "Find SQS queues with server-side encryption enabled" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - kms_master_key_id, - sqs_managed_sse_enabled - from - aws_sqs_queue - where - sqs_managed_sse_enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n kms_master_key_id,\n sqs_managed_sse_enabled\n\ + from\n aws_sqs_queue\nwhere\n sqs_managed_sse_enabled;" Tags: cloud_data_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Queue Service +Title: Find SQS queues with server-side encryption enabled diff --git a/queries/aws_sqs_queue_5.yaml b/queries/aws_sqs_queue_5.yaml index a71de5f00..031cd0fc0 100755 --- a/queries/aws_sqs_queue_5.yaml +++ b/queries/aws_sqs_queue_5.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed + information about each queue. ID: aws_sqs_queue_5 -Title: "List all SQS queues with retention < 7 days in AWS" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - message_retention_seconds - from - aws_sqs_queue - where - message_retention_seconds < '604800'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n message_retention_seconds\nfrom\n aws_sqs_queue\n\ + where\n message_retention_seconds < '604800';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Queue Service +Title: List all SQS queues with retention < 7 days in AWS diff --git a/queries/aws_sqs_queue_6.yaml b/queries/aws_sqs_queue_6.yaml index d76dba13a..a71134158 100755 --- a/queries/aws_sqs_queue_6.yaml +++ b/queries/aws_sqs_queue_6.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed + information about each queue. ID: aws_sqs_queue_6 -Title: "List all AWS SQS queues without a redrive policy" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - redrive_policy - from - aws_sqs_queue - where - redrive_policy is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n redrive_policy\nfrom\n aws_sqs_queue\nwhere\n\ + \ redrive_policy is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Queue Service +Title: List all AWS SQS queues without a redrive policy diff --git a/queries/aws_sqs_queue_7.yaml b/queries/aws_sqs_queue_7.yaml index d9ffb46f1..38cd79060 100755 --- a/queries/aws_sqs_queue_7.yaml +++ b/queries/aws_sqs_queue_7.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed + information about each queue. ID: aws_sqs_queue_7 -Title: "List all AWS SQS queues with details" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - fifo_queue - from - aws_sqs_queue - where - fifo_queue; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n fifo_queue\nfrom\n aws_sqs_queue\nwhere\n\ + \ fifo_queue;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Queue Service (SQS) +Title: List all AWS SQS queues with details diff --git a/queries/aws_sqs_queue_8.yaml b/queries/aws_sqs_queue_8.yaml index 0945d341d..f1ea8a67f 100755 --- a/queries/aws_sqs_queue_8.yaml +++ b/queries/aws_sqs_queue_8.yaml @@ -1,38 +1,26 @@ +Description: Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed + information about each queue. ID: aws_sqs_queue_8 -Title: "Query AWS SQS for Detailed Queue Information" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_sqs_queue, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - string_to_array(p, ':') as pa, - jsonb_array_elements_text(s -> 'Action') as a - where - s ->> 'Effect' = 'Allow' - and ( - pa[5] != account_id - or p = '*' - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s -> 'Condition' as conditions\nfrom\n aws_sqs_queue,\n jsonb_array_elements(policy_std\ + \ -> 'Statement') as s,\n jsonb_array_elements_text(s -> 'Principal' -> 'AWS')\ + \ as p,\n string_to_array(p, ':') as pa,\n jsonb_array_elements_text(s -> 'Action')\ + \ as a\nwhere\n s ->> 'Effect' = 'Allow'\n and (\n pa[5] != account_id\n\ + \ or p = '*'\n );" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Queue Service +Title: Query AWS SQS for Detailed Queue Information diff --git a/queries/aws_sqs_queue_9.yaml b/queries/aws_sqs_queue_9.yaml index c6576512e..c258a5cd7 100755 --- a/queries/aws_sqs_queue_9.yaml +++ b/queries/aws_sqs_queue_9.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed + information about each queue. ID: aws_sqs_queue_9 -Title: "Find all AWS SQS Queues and Their Policies" -Description: "Allows users to query AWS Simple Queue Service (SQS) to retrieve detailed information about each queue." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - title, - p as principal, - a as action, - s ->> 'Effect' as effect, - s -> 'Condition' as conditions - from - aws_sqs_queue, - jsonb_array_elements(policy_std -> 'Statement') as s, - jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p, - jsonb_array_elements_text(s -> 'Action') as a - where - p = '*' - and s ->> 'Effect' = 'Allow'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n title,\n p as principal,\n a as action,\n s ->> 'Effect'\ + \ as effect,\n s -> 'Condition' as conditions\nfrom\n aws_sqs_queue,\n jsonb_array_elements(policy_std\ + \ -> 'Statement') as s,\n jsonb_array_elements_text(s -> 'Principal' -> 'AWS')\ + \ as p,\n jsonb_array_elements_text(s -> 'Action') as a\nwhere\n p = '*'\n \ + \ and s ->> 'Effect' = 'Allow';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Simple Queue Service +Title: Find all AWS SQS Queues and Their Policies diff --git a/queries/aws_ssm_association_1.yaml b/queries/aws_ssm_association_1.yaml index 7f952fb85..1c3c35f63 100755 --- a/queries/aws_ssm_association_1.yaml +++ b/queries/aws_ssm_association_1.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS SSM Associations for detailed information about + the AWS Systems Manager associations, including their status, targets, and parameters. ID: aws_ssm_association_1 -Title: "Find AWS SSM Association Details including Parameters" -Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - association_id, - association_name, - arn, - association_version, - last_execution_date, - document_name, - compliance_severity, - region - from - aws_ssm_association; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n association_id,\n association_name,\n arn,\n association_version,\n\ + \ last_execution_date,\n document_name,\n compliance_severity,\n region\n\ + from\n aws_ssm_association;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Systems Manager +Title: Find AWS SSM Association Details including Parameters diff --git a/queries/aws_ssm_association_2.yaml b/queries/aws_ssm_association_2.yaml index 6bfd0452a..10577e779 100755 --- a/queries/aws_ssm_association_2.yaml +++ b/queries/aws_ssm_association_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS SSM Associations for detailed information about + the AWS Systems Manager associations, including their status, targets, and parameters. ID: aws_ssm_association_2 -Title: "List all AWS SSM Associations with Failed Status" -Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - association_id, - overview ->> 'AssociationStatusAggregatedCount' as association_status_aggregated_count, - overview ->> 'DetailedStatus' as detailed_status, - overview ->> 'Status' as status - from - aws_ssm_association - where - overview ->> 'Status' = 'Failed'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n association_id,\n overview ->> 'AssociationStatusAggregatedCount'\ + \ as association_status_aggregated_count,\n overview ->> 'DetailedStatus' as\ + \ detailed_status,\n overview ->> 'Status' as status\nfrom\n aws_ssm_association\n\ + where\n overview ->> 'Status' = 'Failed';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Systems Manager +Title: List all AWS SSM Associations with Failed Status diff --git a/queries/aws_ssm_association_3.yaml b/queries/aws_ssm_association_3.yaml index 21168fd5e..33a9605f1 100755 --- a/queries/aws_ssm_association_3.yaml +++ b/queries/aws_ssm_association_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS SSM Associations for detailed information about + the AWS Systems Manager associations, including their status, targets, and parameters. ID: aws_ssm_association_3 -Title: "List AWS SSM Associations with Status and Targets" -Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - association.association_id as association_id, - target ->> 'Key' as target_key, - target ->> 'Values' as target_value, - instances - from - aws_ssm_association as association, - jsonb_array_elements(targets) as target, - jsonb_array_elements_text(target -> 'Values') as instances - where - target ->> 'Key' = 'InstanceIds'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n association.association_id as association_id,\n target\ + \ ->> 'Key' as target_key,\n target ->> 'Values' as target_value,\n instances\n\ + from\n aws_ssm_association as association,\n jsonb_array_elements(targets) as\ + \ target,\n jsonb_array_elements_text(target -> 'Values') as instances\nwhere\n\ + \ target ->> 'Key' = 'InstanceIds';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Systems Manager +Title: List AWS SSM Associations with Status and Targets diff --git a/queries/aws_ssm_association_4.yaml b/queries/aws_ssm_association_4.yaml index c0eab0d39..54771020e 100755 --- a/queries/aws_ssm_association_4.yaml +++ b/queries/aws_ssm_association_4.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS SSM Associations for detailed information about + the AWS Systems Manager associations, including their status, targets, and parameters. ID: aws_ssm_association_4 -Title: "Find AWS SSM Associations and Their Details" -Description: "Allows users to query AWS SSM Associations for detailed information about the AWS Systems Manager associations, including their status, targets, and parameters." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - association_id, - association_name, - targets, - document_name - from - aws_ssm_association - where - compliance_severity = 'CRITICAL'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n association_id,\n association_name,\n targets,\n document_name\n\ + from\n aws_ssm_association\nwhere\n compliance_severity = 'CRITICAL';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Systems Manager +Title: Find AWS SSM Associations and Their Details diff --git a/queries/aws_ssm_document_1.yaml b/queries/aws_ssm_document_1.yaml index 5aec272f3..5b382d1f6 100755 --- a/queries/aws_ssm_document_1.yaml +++ b/queries/aws_ssm_document_1.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS SSM Documents and retrieve detailed information + about each document, including its name, version, owner, status, and permissions, + among others. ID: aws_ssm_document_1 -Title: "List all AWS SSM Documents with detailed information" -Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - document_version, - status, - owner, - document_format, - document_type, - platform_types, - region - from - aws_ssm_document; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n document_version,\n status,\n owner,\n document_format,\n\ + \ document_type,\n platform_types,\n region\nfrom\n aws_ssm_document;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Documents +Title: List all AWS SSM Documents with detailed information diff --git a/queries/aws_ssm_document_2.yaml b/queries/aws_ssm_document_2.yaml index 11c424f4f..c86ff9b58 100755 --- a/queries/aws_ssm_document_2.yaml +++ b/queries/aws_ssm_document_2.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS SSM Documents and retrieve detailed information + about each document, including its name, version, owner, status, and permissions, + among others. ID: aws_ssm_document_2 -Title: "List AWS SSM Documents with Details using SQL" -Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - owner, - document_version, - status, - document_format, - document_type - from - aws_ssm_document - where - owner_type = 'Self'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n owner,\n document_version,\n status,\n document_format,\n\ + \ document_type\nfrom\n aws_ssm_document\nwhere\n owner_type = 'Self';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM +Title: List AWS SSM Documents with Details using SQL diff --git a/queries/aws_ssm_document_3.yaml b/queries/aws_ssm_document_3.yaml index 992ec819b..3592c6066 100755 --- a/queries/aws_ssm_document_3.yaml +++ b/queries/aws_ssm_document_3.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS SSM Documents and retrieve detailed information + about each document, including its name, version, owner, status, and permissions, + among others. ID: aws_ssm_document_3 -Title: "Find AWS SSM Documents with Various Attributes" -Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - owner, - document_version, - status, - document_format, - document_type - from - aws_ssm_document - where - owner_type != 'Amazon'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n owner,\n document_version,\n status,\n document_format,\n\ + \ document_type\nfrom\n aws_ssm_document\nwhere\n owner_type != 'Amazon';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM +Title: Find AWS SSM Documents with Various Attributes diff --git a/queries/aws_ssm_document_4.yaml b/queries/aws_ssm_document_4.yaml index b2ecfe901..49785f58c 100755 --- a/queries/aws_ssm_document_4.yaml +++ b/queries/aws_ssm_document_4.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS SSM Documents and retrieve detailed information + about each document, including its name, version, owner, status, and permissions, + among others. ID: aws_ssm_document_4 -Title: "Find AWS SSM Documents and Retrieve Detailed Information" -Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - owner, - account_ids - from - aws_ssm_document - where - owner_type = 'Self' - and account_ids :: jsonb ? 'all'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n owner,\n account_ids\nfrom\n aws_ssm_document\n\ + where\n owner_type = 'Self'\n and account_ids :: jsonb ? 'all';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Document +Title: Find AWS SSM Documents and Retrieve Detailed Information diff --git a/queries/aws_ssm_document_5.yaml b/queries/aws_ssm_document_5.yaml index e0a7c7c82..f23393d1d 100755 --- a/queries/aws_ssm_document_5.yaml +++ b/queries/aws_ssm_document_5.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS SSM Documents and retrieve detailed information + about each document, including its name, version, owner, status, and permissions, + among others. ID: aws_ssm_document_5 -Title: "Find all AWS SSM Document Details with SQL" -Description: "Allows users to query AWS SSM Documents and retrieve detailed information about each document, including its name, version, owner, status, and permissions, among others." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - approved_version, - created_date, - document_type - from - aws_ssm_document - where - arn = 'arn:aws:ssm:ap-south-1:112233445566:document/AWS-ASGEnterStandby'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n approved_version,\n created_date,\n\ + \ document_type\nfrom\n aws_ssm_document\nwhere\n arn = 'arn:aws:ssm:ap-south-1:112233445566:document/AWS-ASGEnterStandby';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM +Title: Find all AWS SSM Document Details with SQL diff --git a/queries/aws_ssm_document_permission_1.yaml b/queries/aws_ssm_document_permission_1.yaml index ba04d8c0e..083b648f2 100755 --- a/queries/aws_ssm_document_permission_1.yaml +++ b/queries/aws_ssm_document_permission_1.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS SSM Document Permissions, providing detailed + information about the permissions associated with Systems Manager (SSM) documents. ID: aws_ssm_document_permission_1 -Title: "Find AWS SSM Document Permissions with Details" -Description: "Allows users to query AWS SSM Document Permissions, providing detailed information about the permissions associated with Systems Manager (SSM) documents." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - document_name, - shared_account_id, - shared_document_version, - account_ids, - title - from - aws_ssm_document_permission - where - document_name = 'ConfigureS3BucketLogging'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n document_name,\n shared_account_id,\n shared_document_version,\n\ + \ account_ids,\n title\nfrom\n aws_ssm_document_permission\nwhere\n document_name\ + \ = 'ConfigureS3BucketLogging';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: Find AWS SSM Document Permissions with Details diff --git a/queries/aws_ssm_document_permission_2.yaml b/queries/aws_ssm_document_permission_2.yaml index fcade6714..014c1e5f3 100755 --- a/queries/aws_ssm_document_permission_2.yaml +++ b/queries/aws_ssm_document_permission_2.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS SSM Document Permissions, providing detailed + information about the permissions associated with Systems Manager (SSM) documents. ID: aws_ssm_document_permission_2 -Title: "Find AWS SSM Document Permissions Information" -Description: "Allows users to query AWS SSM Document Permissions, providing detailed information about the permissions associated with Systems Manager (SSM) documents." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - p.document_name, - p.shared_account_id, - p.shared_document_version, - d.approved_version, - d.attachments_information, - d.created_date, - d.default_version - from - aws_ssm_document_permission as p, - aws_ssm_document as d - where - p.document_name = 'ConfigureS3BucketLogging'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n p.document_name,\n p.shared_account_id,\n p.shared_document_version,\n\ + \ d.approved_version,\n d.attachments_information,\n d.created_date,\n d.default_version\n\ + from\n aws_ssm_document_permission as p,\n aws_ssm_document as d\nwhere\n p.document_name\ + \ = 'ConfigureS3BucketLogging';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: Find AWS SSM Document Permissions Information diff --git a/queries/aws_ssm_inventory_1.yaml b/queries/aws_ssm_inventory_1.yaml index defa8b064..ee5f3ebef 100755 --- a/queries/aws_ssm_inventory_1.yaml +++ b/queries/aws_ssm_inventory_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Systems Manager Inventory, providing information + about managed instances in AWS Systems Manager. ID: aws_ssm_inventory_1 -Title: "List all Managed Instances in AWS Systems Manager Inventory" -Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - type_name, - capture_time, - schema_version, - content, - region - from - aws_ssm_inventory; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n type_name,\n capture_time,\n schema_version,\n\ + \ content,\n region\nfrom\n aws_ssm_inventory;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Systems Manager +Title: List all Managed Instances in AWS Systems Manager Inventory diff --git a/queries/aws_ssm_inventory_2.yaml b/queries/aws_ssm_inventory_2.yaml index f4e92f6ef..74e7ce7d3 100755 --- a/queries/aws_ssm_inventory_2.yaml +++ b/queries/aws_ssm_inventory_2.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS Systems Manager Inventory, providing information + about managed instances in AWS Systems Manager. ID: aws_ssm_inventory_2 -Title: "List all AWS Systems Manager Inventory details" -Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - si.id, - c ->> 'AgentType' as agent_type, - c ->> 'IpAddress' as ip_address, - c ->> 'AgentVersion' as agent_version, - c ->> 'ComputerName' as computer_name, - c ->> 'PlatformName' as platform_name, - c ->> 'PlatformType' as platform_type, - c ->> 'ResourceType' as resource_type, - c ->> 'InstanceStatus' as instance_status, - c ->> 'PlatformVersion' as platform_version - from - aws_ssm_inventory as si, - jsonb_array_elements(content) as c - where - id = 'i-0665a65b1a1c2b47g'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n si.id,\n c ->> 'AgentType' as agent_type,\n c ->> 'IpAddress'\ + \ as ip_address,\n c ->> 'AgentVersion' as agent_version,\n c ->> 'ComputerName'\ + \ as computer_name,\n c ->> 'PlatformName' as platform_name,\n c ->> 'PlatformType'\ + \ as platform_type,\n c ->> 'ResourceType' as resource_type,\n c ->> 'InstanceStatus'\ + \ as instance_status,\n c ->> 'PlatformVersion' as platform_version\nfrom\n \ + \ aws_ssm_inventory as si,\n jsonb_array_elements(content) as c\nwhere\n id\ + \ = 'i-0665a65b1a1c2b47g';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: List all AWS Systems Manager Inventory details diff --git a/queries/aws_ssm_inventory_3.yaml b/queries/aws_ssm_inventory_3.yaml index dacd7675b..3ea7b43ac 100755 --- a/queries/aws_ssm_inventory_3.yaml +++ b/queries/aws_ssm_inventory_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Systems Manager Inventory, providing information + about managed instances in AWS Systems Manager. ID: aws_ssm_inventory_3 -Title: "List all AWS Systems Manager Inventory Details" -Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - s ->> 'Version' as schema_version, - s ->> 'TypeName' as type_name, - s ->> 'DisplayName' as display_name, - jsonb_pretty(s -> 'Attributes') as attributes - from - aws_ssm_inventory, - jsonb_array_elements(schema) as s - order by - id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n s ->> 'Version' as schema_version,\n s ->> 'TypeName'\ + \ as type_name,\n s ->> 'DisplayName' as display_name,\n jsonb_pretty(s -> 'Attributes')\ + \ as attributes\nfrom\n aws_ssm_inventory,\n jsonb_array_elements(schema) as\ + \ s\norder by \n id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: List all AWS Systems Manager Inventory Details diff --git a/queries/aws_ssm_inventory_4.yaml b/queries/aws_ssm_inventory_4.yaml index c4c28033e..e24aea40c 100755 --- a/queries/aws_ssm_inventory_4.yaml +++ b/queries/aws_ssm_inventory_4.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Systems Manager Inventory, providing information + about managed instances in AWS Systems Manager. ID: aws_ssm_inventory_4 -Title: "Find all AWS Systems Manager managed instances inventory" -Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - type_name, - capture_time, - schema_version, - content - from - aws_ssm_inventory - where - capture_time >= now() - interval '10' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n type_name,\n capture_time,\n schema_version,\n\ + \ content\nfrom\n aws_ssm_inventory\nwhere\n capture_time >= now() - interval\ + \ '10' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Systems Manager +Title: Find all AWS Systems Manager managed instances inventory diff --git a/queries/aws_ssm_inventory_5.yaml b/queries/aws_ssm_inventory_5.yaml index 93e903b64..04abff3d5 100755 --- a/queries/aws_ssm_inventory_5.yaml +++ b/queries/aws_ssm_inventory_5.yaml @@ -1,39 +1,26 @@ +Description: Allows users to query AWS Systems Manager Inventory, providing information + about managed instances in AWS Systems Manager. ID: aws_ssm_inventory_5 -Title: "List AWS Systems Manager Inventory Managed Instances" -Description: "Allows users to query AWS Systems Manager Inventory, providing information about managed instances in AWS Systems Manager." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - v.id, - i.instance_state, - i.instance_type, - c ->> 'AgentType' as agent_type, - c ->> 'IpAddress' as ip_address, - c ->> 'AgentVersion' as agent_version, - c ->> 'ComputerName' as computer_name, - c ->> 'PlatformName' as platform_name, - c ->> 'PlatformType' as platform_type, - c ->> 'ResourceType' as resource_type, - c ->> 'InstanceStatus' as instance_status, - c ->> 'PlatformVersion' as platform_version - from - aws_ssm_inventory as v, - aws_ec2_instance as i, - jsonb_array_elements(content) as c - where - v.id = i.instance_id - and - i.instance_state = 'running'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n v.id,\n i.instance_state,\n i.instance_type,\n c ->>\ + \ 'AgentType' as agent_type,\n c ->> 'IpAddress' as ip_address,\n c ->> 'AgentVersion'\ + \ as agent_version,\n c ->> 'ComputerName' as computer_name,\n c ->> 'PlatformName'\ + \ as platform_name,\n c ->> 'PlatformType' as platform_type,\n c ->> 'ResourceType'\ + \ as resource_type,\n c ->> 'InstanceStatus' as instance_status,\n c ->> 'PlatformVersion'\ + \ as platform_version\nfrom\n aws_ssm_inventory as v,\n aws_ec2_instance as\ + \ i,\n jsonb_array_elements(content) as c\nwhere\n v.id = i.instance_id\nand\n\ + \ i.instance_state = 'running';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: List AWS Systems Manager Inventory Managed Instances diff --git a/queries/aws_ssm_inventory_entry_1.yaml b/queries/aws_ssm_inventory_entry_1.yaml index 85e1f175c..7e8efe857 100755 --- a/queries/aws_ssm_inventory_entry_1.yaml +++ b/queries/aws_ssm_inventory_entry_1.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Systems Manager Inventory Entry to fetch information + about the inventory entries of managed instances. The table provides details such + as instance ID, type name, schema version, capture time, and inventory data. ID: aws_ssm_inventory_entry_1 -Title: "List all AWS Systems Manager Inventory Entries" -Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - type_name, - capture_time, - schema_version, - entries - from - aws_ssm_inventory_entry; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n type_name,\n capture_time,\n schema_version,\n\ + \ entries\nfrom\n aws_ssm_inventory_entry;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: List all AWS Systems Manager Inventory Entries diff --git a/queries/aws_ssm_inventory_entry_2.yaml b/queries/aws_ssm_inventory_entry_2.yaml index 372015a53..1c23690af 100755 --- a/queries/aws_ssm_inventory_entry_2.yaml +++ b/queries/aws_ssm_inventory_entry_2.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Systems Manager Inventory Entry to fetch information + about the inventory entries of managed instances. The table provides details such + as instance ID, type name, schema version, capture time, and inventory data. ID: aws_ssm_inventory_entry_2 -Title: "List all AWS Systems Manager Inventory Entries" -Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - type_name, - capture_time, - schema_version, - entries - from - aws_ssm_inventory_entry - where - capture_time >= time() - interval '30 day'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n type_name,\n capture_time,\n schema_version,\n\ + \ entries\nfrom\n aws_ssm_inventory_entry\nwhere\n capture_time >= time() -\ + \ interval '30 day';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: List all AWS Systems Manager Inventory Entries diff --git a/queries/aws_ssm_inventory_entry_3.yaml b/queries/aws_ssm_inventory_entry_3.yaml index bab54b6bf..bf6df9148 100755 --- a/queries/aws_ssm_inventory_entry_3.yaml +++ b/queries/aws_ssm_inventory_entry_3.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Systems Manager Inventory Entry to fetch information + about the inventory entries of managed instances. The table provides details such + as instance ID, type name, schema version, capture time, and inventory data. ID: aws_ssm_inventory_entry_3 -Title: "List AWS SSM Inventory Entry Details by Instance" -Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.instance_id, - e.type_name, - i.schema_version, - i.schema - from - aws_ssm_inventory_entry as e, - aws_ssm_inventory as i - where - i.id = e.instance_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n e.instance_id,\n e.type_name,\n i.schema_version,\n\ + \ i.schema\nfrom\n aws_ssm_inventory_entry as e,\n aws_ssm_inventory as i\n\ + where\n i.id = e.instance_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: List AWS SSM Inventory Entry Details by Instance diff --git a/queries/aws_ssm_inventory_entry_4.yaml b/queries/aws_ssm_inventory_entry_4.yaml index ce5d38f00..c5cd1f1bd 100755 --- a/queries/aws_ssm_inventory_entry_4.yaml +++ b/queries/aws_ssm_inventory_entry_4.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Systems Manager Inventory Entry to fetch information + about the inventory entries of managed instances. The table provides details such + as instance ID, type name, schema version, capture time, and inventory data. ID: aws_ssm_inventory_entry_4 -Title: "Find AWS Systems Manager Inventory Entries" -Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.instance_id, - e.type_name, - i.resource_type, - i.association_status, - i.computer_name, - i.ip_address, - i.is_latest_version - from - aws_ssm_inventory_entry as e, - aws_ssm_managed_instance as i - where - i.instance_id = e.instance_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n e.instance_id,\n e.type_name,\n i.resource_type,\n\ + \ i.association_status,\n i.computer_name,\n i.ip_address,\n i.is_latest_version\n\ + from\n aws_ssm_inventory_entry as e,\n aws_ssm_managed_instance as i\nwhere\n\ + \ i.instance_id = e.instance_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Systems Manager +Title: Find AWS Systems Manager Inventory Entries diff --git a/queries/aws_ssm_inventory_entry_5.yaml b/queries/aws_ssm_inventory_entry_5.yaml index 10bfc3c6a..fa5e2aaeb 100755 --- a/queries/aws_ssm_inventory_entry_5.yaml +++ b/queries/aws_ssm_inventory_entry_5.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Systems Manager Inventory Entry to fetch information + about the inventory entries of managed instances. The table provides details such + as instance ID, type name, schema version, capture time, and inventory data. ID: aws_ssm_inventory_entry_5 -Title: "List all AWS Systems Manager Inventory Entries" -Description: "Allows users to query AWS Systems Manager Inventory Entry to fetch information about the inventory entries of managed instances. The table provides details such as instance ID, type name, schema version, capture time, and inventory data." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - type_name, - capture_time, - schema_version, - entries - from - aws_ssm_inventory_entry - where - instance_id = 'i-1234567890abcwd4f' - and - type_name like 'Custom%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n type_name,\n capture_time,\n schema_version,\n\ + \ entries\nfrom\n aws_ssm_inventory_entry\nwhere\n instance_id = 'i-1234567890abcwd4f'\n\ + and\n type_name like 'Custom%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: List all AWS Systems Manager Inventory Entries diff --git a/queries/aws_ssm_maintenance_window_1.yaml b/queries/aws_ssm_maintenance_window_1.yaml index db3db54c7..6fcf7e62e 100755 --- a/queries/aws_ssm_maintenance_window_1.yaml +++ b/queries/aws_ssm_maintenance_window_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Systems Manager Maintenance Windows to retrieve + details about scheduled maintenance tasks for AWS resources. ID: aws_ssm_maintenance_window_1 -Title: "List AWS Systems Manager Maintenance Windows Details" -Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - window_id, - enabled, - schedule, - tags_src, - region - from - aws_ssm_maintenance_window; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n window_id,\n enabled,\n schedule,\n tags_src,\n\ + \ region\nfrom\n aws_ssm_maintenance_window;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: List AWS Systems Manager Maintenance Windows Details diff --git a/queries/aws_ssm_maintenance_window_2.yaml b/queries/aws_ssm_maintenance_window_2.yaml index 1a3059bcd..8cef88300 100755 --- a/queries/aws_ssm_maintenance_window_2.yaml +++ b/queries/aws_ssm_maintenance_window_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Systems Manager Maintenance Windows to retrieve + details about scheduled maintenance tasks for AWS resources. ID: aws_ssm_maintenance_window_2 -Title: "Find AWS Systems Manager Maintenance Windows Details" -Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p ->> 'WindowTargetId' as window_target_id, - p ->> 'ResourceType' as resource_type, - p ->> 'Name' as target_name - from - aws_ssm_maintenance_window, - jsonb_array_elements(targets) as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n p ->> 'WindowTargetId' as window_target_id,\n\ + \ p ->> 'ResourceType' as resource_type,\n p ->> 'Name' as target_name\nfrom\n\ + \ aws_ssm_maintenance_window,\n jsonb_array_elements(targets) as p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: Find AWS Systems Manager Maintenance Windows Details diff --git a/queries/aws_ssm_maintenance_window_3.yaml b/queries/aws_ssm_maintenance_window_3.yaml index fb6f8bf45..b90e2060f 100755 --- a/queries/aws_ssm_maintenance_window_3.yaml +++ b/queries/aws_ssm_maintenance_window_3.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Systems Manager Maintenance Windows to retrieve + details about scheduled maintenance tasks for AWS resources. ID: aws_ssm_maintenance_window_3 -Title: "List All Maintenance Windows in AWS Systems Manager" -Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - p ->> 'WindowTaskId' as window_task_id, - p ->> 'ServiceRoleArn' as service_role_arn, - p ->> 'Name' as task_name - from - aws_ssm_maintenance_window, - jsonb_array_elements(tasks) as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n p ->> 'WindowTaskId' as window_task_id,\n p\ + \ ->> 'ServiceRoleArn' as service_role_arn,\n p ->> 'Name' as task_name\nfrom\n\ + \ aws_ssm_maintenance_window,\n jsonb_array_elements(tasks) as p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: List All Maintenance Windows in AWS Systems Manager diff --git a/queries/aws_ssm_maintenance_window_4.yaml b/queries/aws_ssm_maintenance_window_4.yaml index 1f8575a0b..f0b8cb2a4 100755 --- a/queries/aws_ssm_maintenance_window_4.yaml +++ b/queries/aws_ssm_maintenance_window_4.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Systems Manager Maintenance Windows to retrieve + details about scheduled maintenance tasks for AWS resources. ID: aws_ssm_maintenance_window_4 -Title: "List all AWS Systems Manager Maintenance Windows" -Description: "Allows users to query AWS Systems Manager Maintenance Windows to retrieve details about scheduled maintenance tasks for AWS resources." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - window_id, - enabled - from - aws_ssm_maintenance_window - where - enabled; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n window_id,\n enabled\nfrom\n aws_ssm_maintenance_window\n\ + where\n enabled;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Systems Manager +Title: List all AWS Systems Manager Maintenance Windows diff --git a/queries/aws_ssm_managed_instance_1.yaml b/queries/aws_ssm_managed_instance_1.yaml index 1c735dc25..32bb6f268 100755 --- a/queries/aws_ssm_managed_instance_1.yaml +++ b/queries/aws_ssm_managed_instance_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS SSM Managed Instances to retrieve their configuration + and status information. ID: aws_ssm_managed_instance_1 -Title: "List all AWS SSM Managed Instances Configuration and Status" -Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - arn, - resource_type, - association_status, - agent_version, - platform_type - from - aws_ssm_managed_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n arn,\n resource_type,\n association_status,\n\ + \ agent_version,\n platform_type\nfrom\n aws_ssm_managed_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Managed Instances +Title: List all AWS SSM Managed Instances Configuration and Status diff --git a/queries/aws_ssm_managed_instance_2.yaml b/queries/aws_ssm_managed_instance_2.yaml index e4a38333a..d35415814 100755 --- a/queries/aws_ssm_managed_instance_2.yaml +++ b/queries/aws_ssm_managed_instance_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS SSM Managed Instances to retrieve their configuration + and status information. ID: aws_ssm_managed_instance_2 -Title: "Find AWS SSM Managed Instances with Config and Status" -Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - arn, - resource_type, - association_status - from - aws_ssm_managed_instance - where - association_status is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n arn,\n resource_type,\n association_status\n\ + from\n aws_ssm_managed_instance\nwhere\n association_status is null;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Managed Instances +Title: Find AWS SSM Managed Instances with Config and Status diff --git a/queries/aws_ssm_managed_instance_3.yaml b/queries/aws_ssm_managed_instance_3.yaml index 88f961fc4..b233f1c38 100755 --- a/queries/aws_ssm_managed_instance_3.yaml +++ b/queries/aws_ssm_managed_instance_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS SSM Managed Instances to retrieve their configuration + and status information. ID: aws_ssm_managed_instance_3 -Title: "List all AWS SSM Managed Instances with Configurations" -Description: "Allows users to query AWS SSM Managed Instances to retrieve their configuration and status information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.instance_id, - i.arn, - m.instance_id is not null as ssm_managed - from - aws_ec2_instance i - left join aws_ssm_managed_instance m on m.instance_id = i.instance_id - where - m.instance_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n i.instance_id,\n i.arn,\n m.instance_id is not null\ + \ as ssm_managed\nfrom\n aws_ec2_instance i\nleft join aws_ssm_managed_instance\ + \ m on m.instance_id = i.instance_id\nwhere \n m.instance_id is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Managed Instance +Title: List all AWS SSM Managed Instances with Configurations diff --git a/queries/aws_ssm_managed_instance_compliance_1.yaml b/queries/aws_ssm_managed_instance_compliance_1.yaml index 525700e2a..524e78c33 100755 --- a/queries/aws_ssm_managed_instance_compliance_1.yaml +++ b/queries/aws_ssm_managed_instance_compliance_1.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS SSM Managed Instance Compliance data, providing + details on compliance status, compliance type, and related metadata. ID: aws_ssm_managed_instance_compliance_1 -Title: "List AWS SSM Managed Instance Compliance Details" -Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - resource_id, - status, - compliance_type, - severity - from - aws_ssm_managed_instance_compliance - where - resource_id = 'i-2a3dc8b11ed9d37a'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n resource_id,\n status,\n compliance_type,\n\ + \ severity\nfrom\n aws_ssm_managed_instance_compliance\nwhere\n resource_id\ + \ = 'i-2a3dc8b11ed9d37a';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Managed Instance Compliance +Title: List AWS SSM Managed Instance Compliance Details diff --git a/queries/aws_ssm_managed_instance_compliance_2.yaml b/queries/aws_ssm_managed_instance_compliance_2.yaml index 18fd9e46e..119cc4e8a 100755 --- a/queries/aws_ssm_managed_instance_compliance_2.yaml +++ b/queries/aws_ssm_managed_instance_compliance_2.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS SSM Managed Instance Compliance data, providing + details on compliance status, compliance type, and related metadata. ID: aws_ssm_managed_instance_compliance_2 -Title: "Find AWS SSM Managed Instance Compliance Details" -Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - resource_id as instance_id, - status, - compliance_type, - severity - from - aws_ssm_managed_instance_compliance - where - resource_id = 'i-2a3dc8b11ed9d37a' - and compliance_type = 'Association' - and status <> 'COMPLIANT'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n resource_id as instance_id,\n status,\n\ + \ compliance_type,\n severity\nfrom\n aws_ssm_managed_instance_compliance\n\ + where\n resource_id = 'i-2a3dc8b11ed9d37a'\n and compliance_type = 'Association'\n\ + \ and status <> 'COMPLIANT';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM +Title: Find AWS SSM Managed Instance Compliance Details diff --git a/queries/aws_ssm_managed_instance_compliance_3.yaml b/queries/aws_ssm_managed_instance_compliance_3.yaml index f68f8fa31..9d7a9b462 100755 --- a/queries/aws_ssm_managed_instance_compliance_3.yaml +++ b/queries/aws_ssm_managed_instance_compliance_3.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS SSM Managed Instance Compliance data, providing + details on compliance status, compliance type, and related metadata. ID: aws_ssm_managed_instance_compliance_3 -Title: "Find AWS SSM Managed Instance Compliance Data" -Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - resource_id as instance_id, - status, - compliance_type, - severity - from - aws_ssm_managed_instance_compliance - where - resource_id = 'i-2a3dc8b11ed9d37a' - and compliance_type = 'Patch' - and status <> 'COMPLIANT'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n resource_id as instance_id,\n status,\n\ + \ compliance_type,\n severity\nfrom\n aws_ssm_managed_instance_compliance\n\ + where\n resource_id = 'i-2a3dc8b11ed9d37a'\n and compliance_type = 'Patch'\n\ + \ and status <> 'COMPLIANT';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS SSM +Title: Find AWS SSM Managed Instance Compliance Data diff --git a/queries/aws_ssm_managed_instance_compliance_4.yaml b/queries/aws_ssm_managed_instance_compliance_4.yaml index 7582cbb21..2b0a0acb2 100755 --- a/queries/aws_ssm_managed_instance_compliance_4.yaml +++ b/queries/aws_ssm_managed_instance_compliance_4.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS SSM Managed Instance Compliance data, providing + details on compliance status, compliance type, and related metadata. ID: aws_ssm_managed_instance_compliance_4 -Title: "List all AWS SSM Managed Instance Compliance Details" -Description: "Allows users to query AWS SSM Managed Instance Compliance data, providing details on compliance status, compliance type, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - c.resource_id as instance_id, - id, - status - from - aws_ssm_managed_instance i, - aws_ssm_managed_instance_compliance c - where - i.instance_id = c.resource_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n c.resource_id as instance_id,\n id,\n status\nfrom\n\ + \ aws_ssm_managed_instance i,\n aws_ssm_managed_instance_compliance c\nwhere\n\ + \ i.instance_id = c.resource_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM +Title: List all AWS SSM Managed Instance Compliance Details diff --git a/queries/aws_ssm_managed_instance_patch_state_1.yaml b/queries/aws_ssm_managed_instance_patch_state_1.yaml index bd75c7318..65e382db4 100755 --- a/queries/aws_ssm_managed_instance_patch_state_1.yaml +++ b/queries/aws_ssm_managed_instance_patch_state_1.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Systems Manager Managed Instance Patch State + to gather information about the patch state of managed instances. This includes + the instance ID, patch group, owner information, installed patches, and more. ID: aws_ssm_managed_instance_patch_state_1 -Title: "Find AWS Managed Instance Patch States in SSM" -Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - baseline_id, - operation, - patch_group, - failed_count, - installed_count, - installed_other_count - from - aws_ssm_managed_instance_patch_state; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n baseline_id,\n operation,\n patch_group,\n\ + \ failed_count,\n installed_count,\n installed_other_count\nfrom\n aws_ssm_managed_instance_patch_state;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager Managed Instance +Title: Find AWS Managed Instance Patch States in SSM diff --git a/queries/aws_ssm_managed_instance_patch_state_2.yaml b/queries/aws_ssm_managed_instance_patch_state_2.yaml index 55edee1c1..063b1017d 100755 --- a/queries/aws_ssm_managed_instance_patch_state_2.yaml +++ b/queries/aws_ssm_managed_instance_patch_state_2.yaml @@ -1,24 +1,21 @@ +Description: Allows users to query AWS Systems Manager Managed Instance Patch State + to gather information about the patch state of managed instances. This includes + the instance ID, patch group, owner information, installed patches, and more. ID: aws_ssm_managed_instance_patch_state_2 -Title: "Find AWS Systems Manager Managed Instance Patch State Details" -Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - baseline_id, - installed_count - from - aws_ssm_managed_instance_patch_state; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n baseline_id,\n installed_count\nfrom\n\ + \ aws_ssm_managed_instance_patch_state;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Systems Manager +Title: Find AWS Systems Manager Managed Instance Patch State Details diff --git a/queries/aws_ssm_managed_instance_patch_state_3.yaml b/queries/aws_ssm_managed_instance_patch_state_3.yaml index d0386856a..823dc6bda 100755 --- a/queries/aws_ssm_managed_instance_patch_state_3.yaml +++ b/queries/aws_ssm_managed_instance_patch_state_3.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS Systems Manager Managed Instance Patch State + to gather information about the patch state of managed instances. This includes + the instance ID, patch group, owner information, installed patches, and more. ID: aws_ssm_managed_instance_patch_state_3 -Title: "List all AWS SSM Managed Instance Patch State" -Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - baseline_id, - installed_other_count - from - aws_ssm_managed_instance_patch_state; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n baseline_id,\n installed_other_count\n\ + from\n aws_ssm_managed_instance_patch_state;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: List all AWS SSM Managed Instance Patch State diff --git a/queries/aws_ssm_managed_instance_patch_state_4.yaml b/queries/aws_ssm_managed_instance_patch_state_4.yaml index 40205cceb..9c2697cc2 100755 --- a/queries/aws_ssm_managed_instance_patch_state_4.yaml +++ b/queries/aws_ssm_managed_instance_patch_state_4.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS Systems Manager Managed Instance Patch State + to gather information about the patch state of managed instances. This includes + the instance ID, patch group, owner information, installed patches, and more. ID: aws_ssm_managed_instance_patch_state_4 -Title: "Find AWS Systems Manager Managed Instance Patch State" -Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - baseline_id, - security_non_compliant_count - from - aws_ssm_managed_instance_patch_state; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n baseline_id,\n security_non_compliant_count\n\ + from\n aws_ssm_managed_instance_patch_state;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: Find AWS Systems Manager Managed Instance Patch State diff --git a/queries/aws_ssm_managed_instance_patch_state_5.yaml b/queries/aws_ssm_managed_instance_patch_state_5.yaml index 0fadf4051..6cd54c8ba 100755 --- a/queries/aws_ssm_managed_instance_patch_state_5.yaml +++ b/queries/aws_ssm_managed_instance_patch_state_5.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS Systems Manager Managed Instance Patch State + to gather information about the patch state of managed instances. This includes + the instance ID, patch group, owner information, installed patches, and more. ID: aws_ssm_managed_instance_patch_state_5 -Title: "List AWS SSM Managed Instance Patch States" -Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - baseline_id, - operation, - operation_end_time, - operation_start_time - from - aws_ssm_managed_instance_patch_state - where - operation_end_time >= now() - interval '10' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n baseline_id,\n operation,\n operation_end_time,\n\ + \ operation_start_time\nfrom\n aws_ssm_managed_instance_patch_state\nwhere\n\ + \ operation_end_time >= now() - interval '10' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Systems Manager +Title: List AWS SSM Managed Instance Patch States diff --git a/queries/aws_ssm_managed_instance_patch_state_6.yaml b/queries/aws_ssm_managed_instance_patch_state_6.yaml index 8ff54b166..4e8d21a2e 100755 --- a/queries/aws_ssm_managed_instance_patch_state_6.yaml +++ b/queries/aws_ssm_managed_instance_patch_state_6.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Systems Manager Managed Instance Patch State + to gather information about the patch state of managed instances. This includes + the instance ID, patch group, owner information, installed patches, and more. ID: aws_ssm_managed_instance_patch_state_6 -Title: "Find AWS Systems Manager Managed Instance Patch State" -Description: "Allows users to query AWS Systems Manager Managed Instance Patch State to gather information about the patch state of managed instances. This includes the instance ID, patch group, owner information, installed patches, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - instance_id, - baseline_id, - operation - from - aws_ssm_managed_instance_patch_state - where - operation = 'Scan'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n instance_id,\n baseline_id,\n operation\nfrom\n aws_ssm_managed_instance_patch_state\n\ + where\n operation = 'Scan';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager +Title: Find AWS Systems Manager Managed Instance Patch State diff --git a/queries/aws_ssm_parameter_1.yaml b/queries/aws_ssm_parameter_1.yaml index 7c7a359cf..7007f64be 100755 --- a/queries/aws_ssm_parameter_1.yaml +++ b/queries/aws_ssm_parameter_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Systems Manager Parameter Store to retrieve + information about parameters, their types, values, and associated metadata. ID: aws_ssm_parameter_1 -Title: "Find AWS Systems Manager Parameters and Metadata" -Description: "Allows users to query AWS Systems Manager Parameter Store to retrieve information about parameters, their types, values, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - type, - data_type, - tier, - region - from - aws_ssm_parameter; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n type,\n data_type,\n tier,\n region\nfrom\n\ + \ aws_ssm_parameter;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager Parameter Store +Title: Find AWS Systems Manager Parameters and Metadata diff --git a/queries/aws_ssm_parameter_2.yaml b/queries/aws_ssm_parameter_2.yaml index c4fe7a7c4..dffa0da67 100755 --- a/queries/aws_ssm_parameter_2.yaml +++ b/queries/aws_ssm_parameter_2.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Systems Manager Parameter Store to retrieve + information about parameters, their types, values, and associated metadata. ID: aws_ssm_parameter_2 -Title: "List AWS SSM Parameters with Details" -Description: "Allows users to query AWS Systems Manager Parameter Store to retrieve information about parameters, their types, values, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - tier, - p ->> 'PolicyType' as policy_type, - p ->> 'PolicyStatus' as Policy_status, - p ->> 'PolicyText' as policy_text - from - aws_ssm_parameter, - jsonb_array_elements(policies) as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n tier,\n p ->> 'PolicyType' as policy_type,\n\ + \ p ->> 'PolicyStatus' as Policy_status,\n p ->> 'PolicyText' as policy_text\n\ + from\n aws_ssm_parameter,\n jsonb_array_elements(policies) as p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Systems Manager Parameter Store +Title: List AWS SSM Parameters with Details diff --git a/queries/aws_ssm_parameter_3.yaml b/queries/aws_ssm_parameter_3.yaml index ba07d73e0..3b13aa80d 100755 --- a/queries/aws_ssm_parameter_3.yaml +++ b/queries/aws_ssm_parameter_3.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Systems Manager Parameter Store to retrieve + information about parameters, their types, values, and associated metadata. ID: aws_ssm_parameter_3 -Title: "List all AWS SSM Parameters missing owner or app_id" -Description: "Allows users to query AWS Systems Manager Parameter Store to retrieve information about parameters, their types, values, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name - from - aws_ssm_parameter - where - tags -> 'owner' is null - or tags -> 'app_id' is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name\nfrom\n aws_ssm_parameter\nwhere\n tags -> 'owner'\ + \ is null\n or tags -> 'app_id' is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Systems Manager Parameter Store +Title: List all AWS SSM Parameters missing owner or app_id diff --git a/queries/aws_ssm_patch_baseline_1.yaml b/queries/aws_ssm_patch_baseline_1.yaml index 8c890f734..b665a2aa8 100755 --- a/queries/aws_ssm_patch_baseline_1.yaml +++ b/queries/aws_ssm_patch_baseline_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS SSM Patch Baseline data to retrieve information + about each patch baseline in your AWS account. ID: aws_ssm_patch_baseline_1 -Title: "List all AWS SSM Patch Baselines with Details" -Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - baseline_id, - name, - description, - operating_system, - created_date, - region - from - aws_ssm_patch_baseline; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n baseline_id,\n name,\n description,\n operating_system,\n\ + \ created_date,\n region\nfrom\n aws_ssm_patch_baseline;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Patch +Title: List all AWS SSM Patch Baselines with Details diff --git a/queries/aws_ssm_patch_baseline_2.yaml b/queries/aws_ssm_patch_baseline_2.yaml index 73d033045..adad498ae 100755 --- a/queries/aws_ssm_patch_baseline_2.yaml +++ b/queries/aws_ssm_patch_baseline_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS SSM Patch Baseline data to retrieve information + about each patch baseline in your AWS account. ID: aws_ssm_patch_baseline_2 -Title: "Find AWS SSM Patch Baseline details including creation dates" -Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - baseline_id, - name, - description, - created_date, - region - from - aws_ssm_patch_baseline - where - operating_system = 'UBUNTU'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n baseline_id,\n name,\n description,\n created_date,\n\ + \ region\nfrom\n aws_ssm_patch_baseline\nwhere\n operating_system = 'UBUNTU';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Patch Baseline +Title: Find AWS SSM Patch Baseline details including creation dates diff --git a/queries/aws_ssm_patch_baseline_3.yaml b/queries/aws_ssm_patch_baseline_3.yaml index 802c43db0..1fb7558a6 100755 --- a/queries/aws_ssm_patch_baseline_3.yaml +++ b/queries/aws_ssm_patch_baseline_3.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS SSM Patch Baseline data to retrieve information + about each patch baseline in your AWS account. ID: aws_ssm_patch_baseline_3 -Title: "List all AWS SSM Patch Baseline Details" -Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - baseline_id, - name, - description, - operating_system, - created_date, - rejected_patches, - region - from - aws_ssm_patch_baseline - where - rejected_patches != '[]'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n baseline_id,\n name,\n description,\n operating_system,\n\ + \ created_date,\n rejected_patches,\n region\nfrom\n aws_ssm_patch_baseline\n\ + where\n rejected_patches != '[]';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Patch Baseline +Title: List all AWS SSM Patch Baseline Details diff --git a/queries/aws_ssm_patch_baseline_4.yaml b/queries/aws_ssm_patch_baseline_4.yaml index 67e1f586c..e30ea456b 100755 --- a/queries/aws_ssm_patch_baseline_4.yaml +++ b/queries/aws_ssm_patch_baseline_4.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS SSM Patch Baseline data to retrieve information + about each patch baseline in your AWS account. ID: aws_ssm_patch_baseline_4 -Title: "Find all AWS SSM Patch Baselines and Approval Rules" -Description: "Allows users to query AWS SSM Patch Baseline data to retrieve information about each patch baseline in your AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - baseline_id, - p ->> 'ApproveAfterDays' as approve_after_days, - p ->> 'ApproveUntilDate' as approve_until_date, - p ->> 'ComplianceLevel' as compliance_level, - p -> 'PatchFilterGroup' ->> 'PatchFilters' as patch_filters - from - aws_ssm_patch_baseline, - jsonb_array_elements(approval_rules -> 'PatchRules') as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n baseline_id,\n p ->> 'ApproveAfterDays' as approve_after_days,\n\ + \ p ->> 'ApproveUntilDate' as approve_until_date,\n p ->> 'ComplianceLevel'\ + \ as compliance_level,\n p -> 'PatchFilterGroup' ->> 'PatchFilters' as patch_filters\n\ + from\n aws_ssm_patch_baseline,\n jsonb_array_elements(approval_rules -> 'PatchRules')\ + \ as p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Patch Baseline +Title: Find all AWS SSM Patch Baselines and Approval Rules diff --git a/queries/aws_ssmincidents_response_plan_1.yaml b/queries/aws_ssmincidents_response_plan_1.yaml index fe0f66d46..351c5ae36 100755 --- a/queries/aws_ssmincidents_response_plan_1.yaml +++ b/queries/aws_ssmincidents_response_plan_1.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS SSM Incidents Response Plan data to retrieve + information about each resource plan in your AWS account. ID: aws_ssmincidents_response_plan_1 -Title: "List AWS SSM Incidents Response Plan Data" -Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - display_name, - chat_channel, - incident_template, - integrations, - title - from - aws_ssmincidents_response_plan; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n display_name,\n chat_channel,\n incident_template,\n\ + \ integrations,\n title\nfrom\n aws_ssmincidents_response_plan;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Incidents +Title: List AWS SSM Incidents Response Plan Data diff --git a/queries/aws_ssmincidents_response_plan_2.yaml b/queries/aws_ssmincidents_response_plan_2.yaml index d9fb7c7ef..38e9e164b 100755 --- a/queries/aws_ssmincidents_response_plan_2.yaml +++ b/queries/aws_ssmincidents_response_plan_2.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS SSM Incidents Response Plan data to retrieve + information about each resource plan in your AWS account. ID: aws_ssmincidents_response_plan_2 -Title: "List all AWS SSM Incident Response Plan Data" -Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - display_name, - chat_channel, - incident_template, - integrations, - title - from - aws_ssmincidents_response_plan - where - chat_channel is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n display_name,\n chat_channel,\n incident_template,\n\ + \ integrations,\n title\nfrom\n aws_ssmincidents_response_plan\nwhere\n chat_channel\ + \ is not null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Incidents +Title: List all AWS SSM Incident Response Plan Data diff --git a/queries/aws_ssmincidents_response_plan_3.yaml b/queries/aws_ssmincidents_response_plan_3.yaml index fd6d7076c..3a67c7d46 100755 --- a/queries/aws_ssmincidents_response_plan_3.yaml +++ b/queries/aws_ssmincidents_response_plan_3.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS SSM Incidents Response Plan data to retrieve + information about each resource plan in your AWS account. ID: aws_ssmincidents_response_plan_3 -Title: "Find all Information on AWS SSM Incidents Response Plans" -Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - display_name, - incident_template -> 'Impact' as incident_template_impact, - incident_template -> 'Title' as incident_template_title, - incident_template -> 'DedupeString', - incident_template -> 'IncidentTags' as incident_template_tags, - incident_template -> 'NotificationTargets' as incident_notification_targets, - incident_template -> 'Summary' as incident_template_summary, - title - from - aws_ssmincidents_response_plan - where - incident_template is not null - and arn = 'arn:aws:ssm-incidents::111111111111:response-plan/response-plan-test'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n display_name,\n incident_template ->\ + \ 'Impact' as incident_template_impact,\n incident_template -> 'Title' as incident_template_title,\n\ + \ incident_template -> 'DedupeString',\n incident_template -> 'IncidentTags'\ + \ as incident_template_tags,\n incident_template -> 'NotificationTargets' as\ + \ incident_notification_targets,\n incident_template -> 'Summary' as incident_template_summary,\n\ + \ title\nfrom\n aws_ssmincidents_response_plan\nwhere\n incident_template is\ + \ not null\n and arn = 'arn:aws:ssm-incidents::111111111111:response-plan/response-plan-test';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Incidents +Title: Find all Information on AWS SSM Incidents Response Plans diff --git a/queries/aws_ssmincidents_response_plan_4.yaml b/queries/aws_ssmincidents_response_plan_4.yaml index 75eb1ee67..8383afcc2 100755 --- a/queries/aws_ssmincidents_response_plan_4.yaml +++ b/queries/aws_ssmincidents_response_plan_4.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS SSM Incidents Response Plan data to retrieve + information about each resource plan in your AWS account. ID: aws_ssmincidents_response_plan_4 -Title: "Find AWS SSM Incident Response Plans with Integrations" -Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - display_name, - jsonb_pretty(integrations), - title - from - aws_ssmincidents_response_plan - where - integrations is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n display_name,\n jsonb_pretty(integrations),\n\ + \ title\nfrom\n aws_ssmincidents_response_plan\nwhere\n integrations is not\ + \ null;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Incidents +Title: Find AWS SSM Incident Response Plans with Integrations diff --git a/queries/aws_ssmincidents_response_plan_5.yaml b/queries/aws_ssmincidents_response_plan_5.yaml index be9d81022..c96aa3e56 100755 --- a/queries/aws_ssmincidents_response_plan_5.yaml +++ b/queries/aws_ssmincidents_response_plan_5.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS SSM Incidents Response Plan data to retrieve + information about each resource plan in your AWS account. ID: aws_ssmincidents_response_plan_5 -Title: "Find AWS SSM Incidents Response Plan Information" -Description: "Allows users to query AWS SSM Incidents Response Plan data to retrieve information about each resource plan in your AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - display_name, - jsonb_pretty(engagements), - title - from - aws_ssmincidents_response_plan - where - engagements is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n display_name,\n jsonb_pretty(engagements),\n\ + \ title\nfrom\n aws_ssmincidents_response_plan\nwhere\n engagements is not\ + \ null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSM Incidents +Title: Find AWS SSM Incidents Response Plan Information diff --git a/queries/aws_ssoadmin_account_assignment_1.yaml b/queries/aws_ssoadmin_account_assignment_1.yaml index 7325cd075..59c506721 100755 --- a/queries/aws_ssoadmin_account_assignment_1.yaml +++ b/queries/aws_ssoadmin_account_assignment_1.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS SSO Admin Account Assignments. This table provides + information about each AWS SSO admin account assignment within an AWS account. ID: aws_ssoadmin_account_assignment_1 -Title: "Find AWS SSO Admin Account Assignments" -Description: "Allows users to query AWS SSO Admin Account Assignments. This table provides information about each AWS SSO admin account assignment within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - permission_set_arn, - target_account_id, - principal_type, - principal_id - from - aws_ssoadmin_account_assignment - where - permission_set_arn = 'arn:aws:sso:::permissionSet/ssoins-0123456789abcdef/ps-0123456789abcdef' - and target_account_id = '012347678910'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n permission_set_arn,\n target_account_id,\n principal_type,\n\ + \ principal_id\nfrom\n aws_ssoadmin_account_assignment\nwhere\n permission_set_arn\ + \ = 'arn:aws:sso:::permissionSet/ssoins-0123456789abcdef/ps-0123456789abcdef'\n\ + \ and target_account_id = '012347678910';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS SSO Admin +Title: Find AWS SSO Admin Account Assignments diff --git a/queries/aws_ssoadmin_account_assignment_2.yaml b/queries/aws_ssoadmin_account_assignment_2.yaml index 5f8206e99..f93fea7be 100755 --- a/queries/aws_ssoadmin_account_assignment_2.yaml +++ b/queries/aws_ssoadmin_account_assignment_2.yaml @@ -1,55 +1,29 @@ +Description: Allows users to query AWS SSO Admin Account Assignments. This table provides + information about each AWS SSO admin account assignment within an AWS account. ID: aws_ssoadmin_account_assignment_2 -Title: "Find All AWS SSO Admin Account Assignments with SQL" -Description: "Allows users to query AWS SSO Admin Account Assignments. This table provides information about each AWS SSO admin account assignment within an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with aws_ssoadmin_principal as - ( - select - i.arn as instance_arn, - 'GROUP' as "type", - g.id, - g.title - from - aws_ssoadmin_instance i - left join - aws_identitystore_group g - on i.identity_store_id = g.identity_store_id - union - select - i.arn as instance_arn, - 'USER' as "type", - u.id, - u.title - from - aws_ssoadmin_instance i - left join - aws_identitystore_user u - on i.identity_store_id = u.identity_store_id - ) - select - a.target_account_id, - a.principal_type, - p.title as principal_title - from - aws_ssoadmin_account_assignment a - left join - aws_ssoadmin_principal p - on a.principal_type = p.type - and a.principal_id = p.id - and a.instance_arn = p.instance_arn - where - a.target_account_id = '012345678901' and a.permission_set_arn = 'arn:aws:sso:::permissionSet/ssoins-0123456789abcdef/ps-0123456789abcdef'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with aws_ssoadmin_principal as\n(\n select\n i.arn as instance_arn,\n\ + \ 'GROUP' as \"type\",\n g.id,\n g.title\n from\n aws_ssoadmin_instance\ + \ i\n left join\n aws_identitystore_group g\n on i.identity_store_id\ + \ = g.identity_store_id\n union\n select\n i.arn as instance_arn,\n\ + \ 'USER' as \"type\",\n u.id,\n u.title\n from\n aws_ssoadmin_instance\ + \ i\n left join\n aws_identitystore_user u\n on i.identity_store_id\ + \ = u.identity_store_id\n)\nselect\n a.target_account_id,\n a.principal_type,\n\ + \ p.title as principal_title\nfrom\n aws_ssoadmin_account_assignment a\n left\ + \ join\n aws_ssoadmin_principal p\n on a.principal_type = p.type\n and\ + \ a.principal_id = p.id\n and a.instance_arn = p.instance_arn\nwhere\n a.target_account_id\ + \ = '012345678901' and a.permission_set_arn = 'arn:aws:sso:::permissionSet/ssoins-0123456789abcdef/ps-0123456789abcdef';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSO Admin +Title: Find All AWS SSO Admin Account Assignments with SQL diff --git a/queries/aws_ssoadmin_instance_1.yaml b/queries/aws_ssoadmin_instance_1.yaml index 81af859b2..f45d8d0b6 100755 --- a/queries/aws_ssoadmin_instance_1.yaml +++ b/queries/aws_ssoadmin_instance_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS SSO Admin Instance, providing information about + each AWS SSO instance in your AWS account. ID: aws_ssoadmin_instance_1 -Title: "Find All AWS SSO Admin Instances and Identity Stores" -Description: "Allows users to query AWS SSO Admin Instance, providing information about each AWS SSO instance in your AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - identity_store_id - from - aws_ssoadmin_instance - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n identity_store_id\nfrom\n aws_ssoadmin_instance" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS SSO Admin +Title: Find All AWS SSO Admin Instances and Identity Stores diff --git a/queries/aws_ssoadmin_managed_policy_attachment_1.yaml b/queries/aws_ssoadmin_managed_policy_attachment_1.yaml index 5a1d676c0..0d8ba2b00 100755 --- a/queries/aws_ssoadmin_managed_policy_attachment_1.yaml +++ b/queries/aws_ssoadmin_managed_policy_attachment_1.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS SSO Managed Policy Attachments, providing information + about the managed policy attachments of AWS SSO permission sets. ID: aws_ssoadmin_managed_policy_attachment_1 -Title: "List All AWS SSO Managed Policy Attachments" -Description: "Allows users to query AWS SSO Managed Policy Attachments, providing information about the managed policy attachments of AWS SSO permission sets." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - mpa.managed_policy_arn, - mpa.name - from - aws_ssoadmin_managed_policy_attachment as mpa - join - aws_ssoadmin_permission_set as ps on mpa.permission_set_arn = ps.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n mpa.managed_policy_arn,\n mpa.name\nfrom\n aws_ssoadmin_managed_policy_attachment\ + \ as mpa\njoin\n aws_ssoadmin_permission_set as ps on mpa.permission_set_arn\ + \ = ps.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS SSO +Title: List All AWS SSO Managed Policy Attachments diff --git a/queries/aws_ssoadmin_permission_set_1.yaml b/queries/aws_ssoadmin_permission_set_1.yaml index d3e831afb..c04a49ab5 100755 --- a/queries/aws_ssoadmin_permission_set_1.yaml +++ b/queries/aws_ssoadmin_permission_set_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS SSO Admin Permission Set to retrieve data related + to the permissions sets of AWS Single Sign-On (SSO) service. ID: aws_ssoadmin_permission_set_1 -Title: "List all AWS SSO Permission Sets and their Details" -Description: "Allows users to query AWS SSO Admin Permission Set to retrieve data related to the permissions sets of AWS Single Sign-On (SSO) service." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - created_date, - description, - relay_state, - session_duration, - tags - from - aws_ssoadmin_permission_set; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n created_date,\n description,\n relay_state,\n\ + \ session_duration,\n tags\nfrom\n aws_ssoadmin_permission_set;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - SSO Admin +Title: List all AWS SSO Permission Sets and their Details diff --git a/queries/aws_sts_caller_identity_1.yaml b/queries/aws_sts_caller_identity_1.yaml index 63f5f34d1..f61aa016b 100755 --- a/queries/aws_sts_caller_identity_1.yaml +++ b/queries/aws_sts_caller_identity_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Security Token Service Caller Identity to retrieve + details about the IAM user or role whose credentials are used to call the operation. ID: aws_sts_caller_identity_1 -Title: "Find IAM User or Role Details in AWS STS Caller Identity" -Description: "Allows users to query AWS Security Token Service Caller Identity to retrieve details about the IAM user or role whose credentials are used to call the operation." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - user_id, - title, - account_id, - akas - from - aws_sts_caller_identity; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n user_id,\n title,\n account_id,\n akas\nfrom\n\ + \ aws_sts_caller_identity;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Token Service +Title: Find IAM User or Role Details in AWS STS Caller Identity diff --git a/queries/aws_sts_caller_identity_2.yaml b/queries/aws_sts_caller_identity_2.yaml index 2d29addb4..e968cff88 100755 --- a/queries/aws_sts_caller_identity_2.yaml +++ b/queries/aws_sts_caller_identity_2.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS Security Token Service Caller Identity to retrieve + details about the IAM user or role whose credentials are used to call the operation. ID: aws_sts_caller_identity_2 -Title: "Find AWS STS Caller Identity Details Using SQL" -Description: "Allows users to query AWS Security Token Service Caller Identity to retrieve details about the IAM user or role whose credentials are used to call the operation." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - caller_identity.arn, - caller_identity.user_id, - caller_identity.title, - caller_identity.account_id, - u.name, - u.create_date, - u.password_last_used - from - aws_sts_caller_identity as caller_identity, - aws_iam_user as u - where - caller_identity.user_id = u.user_id - and caller_identity.arn like '%assumed%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n caller_identity.arn,\n caller_identity.user_id,\n caller_identity.title,\n\ + \ caller_identity.account_id,\n u.name,\n u.create_date,\n u.password_last_used\n\ + from\n aws_sts_caller_identity as caller_identity,\n aws_iam_user as u\nwhere\n\ + \ caller_identity.user_id = u.user_id\n and caller_identity.arn like '%assumed%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Security Token Service +Title: Find AWS STS Caller Identity Details Using SQL diff --git a/queries/aws_sts_caller_identity_3.yaml b/queries/aws_sts_caller_identity_3.yaml index 3377edacc..b00999337 100755 --- a/queries/aws_sts_caller_identity_3.yaml +++ b/queries/aws_sts_caller_identity_3.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS Security Token Service Caller Identity to retrieve + details about the IAM user or role whose credentials are used to call the operation. ID: aws_sts_caller_identity_3 -Title: "Find AWS Security Token Service Caller Identity Details" -Description: "Allows users to query AWS Security Token Service Caller Identity to retrieve details about the IAM user or role whose credentials are used to call the operation." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - caller_identity.arn, - caller_identity.user_id, - caller_identity.title, - caller_identity.account_id, - u.name, - u.create_date, - u.password_last_used - from - aws_sts_caller_identity as caller_identity, - aws_iam_user as u - where - caller_identity.user_id = u.user_id - and caller_identity.arn like '%federated%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n caller_identity.arn,\n caller_identity.user_id,\n caller_identity.title,\n\ + \ caller_identity.account_id,\n u.name,\n u.create_date,\n u.password_last_used\n\ + from\n aws_sts_caller_identity as caller_identity,\n aws_iam_user as u\nwhere\n\ + \ caller_identity.user_id = u.user_id\n and caller_identity.arn like '%federated%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Security Token Service +Title: Find AWS Security Token Service Caller Identity Details diff --git a/queries/aws_tagging_resource_1.yaml b/queries/aws_tagging_resource_1.yaml index 033713381..25d9e5f7f 100755 --- a/queries/aws_tagging_resource_1.yaml +++ b/queries/aws_tagging_resource_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Resource Tagging API to get details about resources + and their associated tags. ID: aws_tagging_resource_1 -Title: "List AWS Resource Tagging API Details with SQL" -Description: "Allows users to query AWS Resource Tagging API to get details about resources and their associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - compliance_status, - tags, - region - from - aws_tagging_resource; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n compliance_status,\n tags,\n region\n\ + from\n aws_tagging_resource;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Resource Tagging API +Title: List AWS Resource Tagging API Details with SQL diff --git a/queries/aws_tagging_resource_2.yaml b/queries/aws_tagging_resource_2.yaml index 94d903c1c..cda1056db 100755 --- a/queries/aws_tagging_resource_2.yaml +++ b/queries/aws_tagging_resource_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Resource Tagging API to get details about resources + and their associated tags. ID: aws_tagging_resource_2 -Title: "List all AWS Resource Tagging API details with SQL" -Description: "Allows users to query AWS Resource Tagging API to get details about resources and their associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - tags, - compliance_status - from - aws_tagging_resource - where - compliance_status; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n tags,\n compliance_status\nfrom\n \ + \ aws_tagging_resource\nwhere\n compliance_status;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Resource Tagging API +Title: List all AWS Resource Tagging API details with SQL diff --git a/queries/aws_timestreamwrite_database_1.yaml b/queries/aws_timestreamwrite_database_1.yaml index f6219b71e..350cf2264 100755 --- a/queries/aws_timestreamwrite_database_1.yaml +++ b/queries/aws_timestreamwrite_database_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Timestream databases, providing detailed information + on database configurations, statuses, and associated tables. ID: aws_timestreamwrite_database_1 -Title: "List all AWS Timestream database configurations and statuses" -Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database_name, - arn, - creation_time, - region, - kms_key_id - from - aws_timestreamwrite_database; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n database_name,\n arn,\n creation_time,\n region,\n\ + \ kms_key_id\nfrom\n aws_timestreamwrite_database;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Timestream +Title: List all AWS Timestream database configurations and statuses diff --git a/queries/aws_timestreamwrite_database_2.yaml b/queries/aws_timestreamwrite_database_2.yaml index 253652761..21cac987f 100755 --- a/queries/aws_timestreamwrite_database_2.yaml +++ b/queries/aws_timestreamwrite_database_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Timestream databases, providing detailed information + on database configurations, statuses, and associated tables. ID: aws_timestreamwrite_database_2 -Title: "Find all AWS Timestream Databases with Configurations" -Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database_name, - arn, - kms_key_id - from - aws_timestreamwrite_database - where - kms_key_id = 'your-kms-key-id'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n database_name,\n arn,\n kms_key_id\nfrom\n aws_timestreamwrite_database\n\ + where\n kms_key_id = 'your-kms-key-id';" Tags: cloud_data_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Timestream +Title: Find all AWS Timestream Databases with Configurations diff --git a/queries/aws_timestreamwrite_database_3.yaml b/queries/aws_timestreamwrite_database_3.yaml index 33610cece..6af4776cd 100755 --- a/queries/aws_timestreamwrite_database_3.yaml +++ b/queries/aws_timestreamwrite_database_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Timestream databases, providing detailed information + on database configurations, statuses, and associated tables. ID: aws_timestreamwrite_database_3 -Title: "List all AWS Timestream Database Configurations, Statuses" -Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database_name, - arn, - creation_time - from - aws_timestreamwrite_database - order by - creation_time desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n database_name,\n arn,\n creation_time\nfrom\n aws_timestreamwrite_database\n\ + order by\n creation_time desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Timestream +Title: List all AWS Timestream Database Configurations, Statuses diff --git a/queries/aws_timestreamwrite_database_4.yaml b/queries/aws_timestreamwrite_database_4.yaml index 7000b80d7..fe8df9eb6 100755 --- a/queries/aws_timestreamwrite_database_4.yaml +++ b/queries/aws_timestreamwrite_database_4.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Timestream databases, providing detailed information + on database configurations, statuses, and associated tables. ID: aws_timestreamwrite_database_4 -Title: "List all AWS Timestream Databases and Table Counts" -Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database_name, - arn, - table_count - from - aws_timestreamwrite_database - order by - table_count desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n database_name,\n arn,\n table_count\nfrom\n aws_timestreamwrite_database\n\ + order by\n table_count desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Timestream +Title: List all AWS Timestream Databases and Table Counts diff --git a/queries/aws_timestreamwrite_database_5.yaml b/queries/aws_timestreamwrite_database_5.yaml index fe6fa4a54..17254b883 100755 --- a/queries/aws_timestreamwrite_database_5.yaml +++ b/queries/aws_timestreamwrite_database_5.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Timestream databases, providing detailed information + on database configurations, statuses, and associated tables. ID: aws_timestreamwrite_database_5 -Title: "List all AWS Timestream Databases with Details" -Description: "Allows users to query AWS Timestream databases, providing detailed information on database configurations, statuses, and associated tables." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - database_name, - arn, - last_updated_time, - region - from - aws_timestreamwrite_database; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n database_name,\n arn,\n last_updated_time,\n region\n\ + from\n aws_timestreamwrite_database;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Timestream +Title: List all AWS Timestream Databases with Details diff --git a/queries/aws_timestreamwrite_table_1.yaml b/queries/aws_timestreamwrite_table_1.yaml index 3ef8f243f..f79283e54 100755 --- a/queries/aws_timestreamwrite_table_1.yaml +++ b/queries/aws_timestreamwrite_table_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Timestream tables, providing detailed information + on table configurations, statuses, and retention properties. ID: aws_timestreamwrite_table_1 -Title: "List all AWS Timestream Tables with Configurations and Statuses" -Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - table_name, - arn, - table_status, - creation_time, - last_updated_time, - region - from - aws_timestreamwrite_table; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n table_name,\n arn,\n table_status,\n creation_time,\n\ + \ last_updated_time,\n region\nfrom\n aws_timestreamwrite_table;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Timestream +Title: List all AWS Timestream Tables with Configurations and Statuses diff --git a/queries/aws_timestreamwrite_table_2.yaml b/queries/aws_timestreamwrite_table_2.yaml index 5dabe3bec..dba109648 100755 --- a/queries/aws_timestreamwrite_table_2.yaml +++ b/queries/aws_timestreamwrite_table_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Timestream tables, providing detailed information + on table configurations, statuses, and retention properties. ID: aws_timestreamwrite_table_2 -Title: "List AWS Timestream Table Configurations and Statuses" -Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - table_name, - arn, - table_status - from - aws_timestreamwrite_table - where - table_status = 'ACTIVE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n table_name,\n arn,\n table_status\nfrom\n aws_timestreamwrite_table\n\ + where\n table_status = 'ACTIVE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Timestream +Title: List AWS Timestream Table Configurations and Statuses diff --git a/queries/aws_timestreamwrite_table_3.yaml b/queries/aws_timestreamwrite_table_3.yaml index 771f15157..e022ea129 100755 --- a/queries/aws_timestreamwrite_table_3.yaml +++ b/queries/aws_timestreamwrite_table_3.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query AWS Timestream tables, providing detailed information + on table configurations, statuses, and retention properties. ID: aws_timestreamwrite_table_3 -Title: "Find AWS Timestream Table Configurations and Statuses" -Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - table_name, - arn, - retention_properties - from - aws_timestreamwrite_table - where - retention_properties ->> 'MemoryStoreRetentionPeriodInHours' = '24' - and retention_properties ->> 'MagneticStoreRetentionPeriodInDays' = '7'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n table_name,\n arn,\n retention_properties\nfrom\n \ + \ aws_timestreamwrite_table\nwhere\n retention_properties ->> 'MemoryStoreRetentionPeriodInHours'\ + \ = '24'\n and retention_properties ->> 'MagneticStoreRetentionPeriodInDays'\ + \ = '7';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Timestream +Title: Find AWS Timestream Table Configurations and Statuses diff --git a/queries/aws_timestreamwrite_table_4.yaml b/queries/aws_timestreamwrite_table_4.yaml index e3455ee76..fd85f39f2 100755 --- a/queries/aws_timestreamwrite_table_4.yaml +++ b/queries/aws_timestreamwrite_table_4.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Timestream tables, providing detailed information + on table configurations, statuses, and retention properties. ID: aws_timestreamwrite_table_4 -Title: "List AWS Timestream Tables with Specific Write Properties" -Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - table_name, - arn, - magnetic_store_write_properties - from - aws_timestreamwrite_table - where - magnetic_store_write_properties ->> 'EnableMagneticStoreWrites' = 'true'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n table_name,\n arn,\n magnetic_store_write_properties\n\ + from\n aws_timestreamwrite_table\nwhere\n magnetic_store_write_properties ->>\ + \ 'EnableMagneticStoreWrites' = 'true';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Timestream +Title: List AWS Timestream Tables with Specific Write Properties diff --git a/queries/aws_timestreamwrite_table_5.yaml b/queries/aws_timestreamwrite_table_5.yaml index f1f5245a0..29179abeb 100755 --- a/queries/aws_timestreamwrite_table_5.yaml +++ b/queries/aws_timestreamwrite_table_5.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Timestream tables, providing detailed information + on table configurations, statuses, and retention properties. ID: aws_timestreamwrite_table_5 -Title: "List all AWS Timestream Tables and Configurations" -Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - table_name, - arn, - creation_time - from - aws_timestreamwrite_table - order by - creation_time desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n table_name,\n arn,\n creation_time\nfrom\n aws_timestreamwrite_table\n\ + order by\n creation_time desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Timestream +Title: List all AWS Timestream Tables and Configurations diff --git a/queries/aws_timestreamwrite_table_6.yaml b/queries/aws_timestreamwrite_table_6.yaml index afcb9acc0..c701ccdb4 100755 --- a/queries/aws_timestreamwrite_table_6.yaml +++ b/queries/aws_timestreamwrite_table_6.yaml @@ -1,24 +1,19 @@ +Description: Allows users to query AWS Timestream tables, providing detailed information + on table configurations, statuses, and retention properties. ID: aws_timestreamwrite_table_6 -Title: "List All AWS Timestream Table Configurations and Statuses" -Description: "Allows users to query AWS Timestream tables, providing detailed information on table configurations, statuses, and retention properties." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - table_name, - arn, - schema - from - aws_timestreamwrite_table; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n table_name,\n arn,\n schema\nfrom\n aws_timestreamwrite_table;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Timestream +Title: List All AWS Timestream Table Configurations and Statuses diff --git a/queries/aws_transfer_server_1.yaml b/queries/aws_transfer_server_1.yaml index 36e3f24e4..6c625015c 100755 --- a/queries/aws_transfer_server_1.yaml +++ b/queries/aws_transfer_server_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Transfer for SFTP Servers and retrieve detailed + information about SFTP servers in their AWS account. ID: aws_transfer_server_1 -Title: "Find all AWS SFTP Servers and their Details" -Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - server_id, - domain, - identity_provider_type, - endpoint_type - from - aws_transfer_server; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n server_id,\n domain,\n identity_provider_type,\n endpoint_type\n\ + from\n aws_transfer_server;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Transfer +Title: Find all AWS SFTP Servers and their Details diff --git a/queries/aws_transfer_server_2.yaml b/queries/aws_transfer_server_2.yaml index 1cb8e6f86..2d2645738 100755 --- a/queries/aws_transfer_server_2.yaml +++ b/queries/aws_transfer_server_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS Transfer for SFTP Servers and retrieve detailed + information about SFTP servers in their AWS account. ID: aws_transfer_server_2 -Title: "List all Offline SFTP Servers in AWS Transfer" -Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - server_id, - domain, - identity_provider_type, - endpoint_type, - state - from - aws_transfer_server - where - state = 'OFFLINE'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n server_id,\n domain,\n identity_provider_type,\n endpoint_type,\n\ + \ state\nfrom\n aws_transfer_server\nwhere\n state = 'OFFLINE';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Transfer +Title: List all Offline SFTP Servers in AWS Transfer diff --git a/queries/aws_transfer_server_3.yaml b/queries/aws_transfer_server_3.yaml index 4bb9edf62..d234244e2 100755 --- a/queries/aws_transfer_server_3.yaml +++ b/queries/aws_transfer_server_3.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS Transfer for SFTP Servers and retrieve detailed + information about SFTP servers in their AWS account. ID: aws_transfer_server_3 -Title: "Find all SFTP Servers and User Count in AWS Transfer" -Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - server_id, - user_count - from - aws_transfer_server - order by - user_count desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n server_id,\n user_count\nfrom\n aws_transfer_server\n\ + order by\n user_count desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Transfer +Title: Find all SFTP Servers and User Count in AWS Transfer diff --git a/queries/aws_transfer_server_4.yaml b/queries/aws_transfer_server_4.yaml index 1812b5183..609094258 100755 --- a/queries/aws_transfer_server_4.yaml +++ b/queries/aws_transfer_server_4.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Transfer for SFTP Servers and retrieve detailed + information about SFTP servers in their AWS account. ID: aws_transfer_server_4 -Title: "List all AWS SFTP Servers and Details" -Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - server_id, - domain, - identity_provider_type, - endpoint_type, - workflow_details ->> 'OnUpload' as on_upload_workflow - from - aws_transfer_server; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n server_id,\n domain,\n identity_provider_type,\n endpoint_type,\n\ + \ workflow_details ->> 'OnUpload' as on_upload_workflow\nfrom\n aws_transfer_server;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Transfer +Title: List all AWS SFTP Servers and Details diff --git a/queries/aws_transfer_server_5.yaml b/queries/aws_transfer_server_5.yaml index 94c0e48f8..39d239f83 100755 --- a/queries/aws_transfer_server_5.yaml +++ b/queries/aws_transfer_server_5.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Transfer for SFTP Servers and retrieve detailed + information about SFTP servers in their AWS account. ID: aws_transfer_server_5 -Title: "Find all AWS Transfer SFTP Servers and Details" -Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - server_id, - domain, - identity_provider_type, - endpoint_type, - structured_log_destinations - from - aws_transfer_server; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n server_id,\n domain,\n identity_provider_type,\n endpoint_type,\n\ + \ structured_log_destinations\nfrom\n aws_transfer_server;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Transfer for SFTP +Title: Find all AWS Transfer SFTP Servers and Details diff --git a/queries/aws_transfer_server_6.yaml b/queries/aws_transfer_server_6.yaml index e0c89f9ff..28648b6f4 100755 --- a/queries/aws_transfer_server_6.yaml +++ b/queries/aws_transfer_server_6.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Transfer for SFTP Servers and retrieve detailed + information about SFTP servers in their AWS account. ID: aws_transfer_server_6 -Title: "Find all SFTP Servers in AWS Transfer" -Description: "Allows users to query AWS Transfer for SFTP Servers and retrieve detailed information about SFTP servers in their AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.server_id, - c.certificate_arn, - c.status as certificate_status, - c.key_algorithm - from - aws_transfer_server as s, - aws_acm_certificate as c - where - s.certificate = c.certificate_arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.server_id,\n c.certificate_arn,\n c.status as certificate_status,\n\ + \ c.key_algorithm\nfrom\n aws_transfer_server as s,\n aws_acm_certificate as\ + \ c\nwhere\n s.certificate = c.certificate_arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Transfer for SFTP +Title: Find all SFTP Servers in AWS Transfer diff --git a/queries/aws_transfer_user_1.yaml b/queries/aws_transfer_user_1.yaml index aaab6ecdf..741fd19df 100755 --- a/queries/aws_transfer_user_1.yaml +++ b/queries/aws_transfer_user_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Transfer for users in a server, equivalent + to list/describe user functions. ID: aws_transfer_user_1 -Title: "List all Users in AWS Transfer Server" -Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - server_id, - user_name - from - aws_transfer_user; - where - server_id = "s-xxxxxxxxxxxxxxxxx"; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n server_id,\n user_name\nfrom\n aws_transfer_user;\n\ + where\n server_id = \"s-xxxxxxxxxxxxxxxxx\";" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Transfer +Title: List all Users in AWS Transfer Server diff --git a/queries/aws_transfer_user_2.yaml b/queries/aws_transfer_user_2.yaml index 456cc6196..211b296f7 100755 --- a/queries/aws_transfer_user_2.yaml +++ b/queries/aws_transfer_user_2.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS Transfer for users in a server, equivalent + to list/describe user functions. ID: aws_transfer_user_2 -Title: "List all AWS Transfer users in a server" -Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - arn, - server_id, - user_name, - ssh_public_key_count - from - aws_transfer_user; - where - server_id = "s-xxxxxxxxxxxxxxxxx" - order by - ssh_public_key_count desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n arn,\n server_id,\n user_name,\n ssh_public_key_count\n\ + from\n aws_transfer_user;\nwhere\n server_id = \"s-xxxxxxxxxxxxxxxxx\"\norder\ + \ by\n ssh_public_key_count desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Transfer +Title: List all AWS Transfer users in a server diff --git a/queries/aws_transfer_user_3.yaml b/queries/aws_transfer_user_3.yaml index 4e3a90645..1d4af049f 100755 --- a/queries/aws_transfer_user_3.yaml +++ b/queries/aws_transfer_user_3.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS Transfer for users in a server, equivalent + to list/describe user functions. ID: aws_transfer_user_3 -Title: "Find all AWS Transfer users within a server using SQL" -Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - server_id, - user_name, - arn - from - aws_transfer_user - where - server_id in (select server_id from aws_transfer_server) - and - user_name = 'my_user_to_search'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n server_id,\n user_name,\n arn\nfrom\n aws_transfer_user\n\ + where\n server_id in (select server_id from aws_transfer_server)\nand\n user_name\ + \ = 'my_user_to_search';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Transfer +Title: Find all AWS Transfer users within a server using SQL diff --git a/queries/aws_transfer_user_4.yaml b/queries/aws_transfer_user_4.yaml index c0ed3442a..670064a82 100755 --- a/queries/aws_transfer_user_4.yaml +++ b/queries/aws_transfer_user_4.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Transfer for users in a server, equivalent + to list/describe user functions. ID: aws_transfer_user_4 -Title: "List all AWS Transfer users in a server" -Description: "Allows users to query AWS Transfer for users in a server, equivalent to list/describe user functions." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - count(*) as total_users, - server_id - from - aws_transfer_user - group by - server_id - order by - total_users desc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n count(*) as total_users,\n server_id\nfrom\n aws_transfer_user\n\ + group by\n server_id\norder by\n total_users desc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Transfer +Title: List all AWS Transfer users in a server diff --git a/queries/aws_trusted_advisor_check_summary_1.yaml b/queries/aws_trusted_advisor_check_summary_1.yaml index c4ddf7fc0..a6a13fb70 100755 --- a/queries/aws_trusted_advisor_check_summary_1.yaml +++ b/queries/aws_trusted_advisor_check_summary_1.yaml @@ -1,36 +1,29 @@ +Description: A Trusted Advisor check is a specific evaluation or assessment performed + by Trusted Advisor in different categories. These checks cover various areas, including + cost optimization, security, performance, and fault tolerance. Each check examines + a specific aspect of your AWS resources and provides recommendations for improvement. ID: aws_trusted_advisor_check_summary_1 -Title: "List Trusted Advisor Check Summaries in AWS" -Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - check_id, - category, - description, - status, - timestamp, - resources_flagged - from - aws_trusted_advisor_check_summary - where - language = 'en'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n check_id,\n category,\n description,\n status,\n\ + \ timestamp,\n resources_flagged\nfrom\n aws_trusted_advisor_check_summary\n\ + where\n language = 'en';" Tags: cloud_data_security: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Trusted Advisor +Title: List Trusted Advisor Check Summaries in AWS diff --git a/queries/aws_trusted_advisor_check_summary_2.yaml b/queries/aws_trusted_advisor_check_summary_2.yaml index 5bbf20bc7..c81c36198 100755 --- a/queries/aws_trusted_advisor_check_summary_2.yaml +++ b/queries/aws_trusted_advisor_check_summary_2.yaml @@ -1,33 +1,26 @@ +Description: A Trusted Advisor check is a specific evaluation or assessment performed + by Trusted Advisor in different categories. These checks cover various areas, including + cost optimization, security, performance, and fault tolerance. Each check examines + a specific aspect of your AWS resources and provides recommendations for improvement. ID: aws_trusted_advisor_check_summary_2 -Title: "List Trusted Advisor Check Summaries with Errors in AWS" -Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - check_id, - category, - status - from - aws_trusted_advisor_check_summary - where - language = 'en' - and - status = 'error'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n check_id,\n category,\n status\nfrom\n aws_trusted_advisor_check_summary\n\ + where\n language = 'en'\nand\n status = 'error';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Trusted Advisor +Title: List Trusted Advisor Check Summaries with Errors in AWS diff --git a/queries/aws_trusted_advisor_check_summary_3.yaml b/queries/aws_trusted_advisor_check_summary_3.yaml index 9458cd334..ed3373941 100755 --- a/queries/aws_trusted_advisor_check_summary_3.yaml +++ b/queries/aws_trusted_advisor_check_summary_3.yaml @@ -1,30 +1,23 @@ +Description: A Trusted Advisor check is a specific evaluation or assessment performed + by Trusted Advisor in different categories. These checks cover various areas, including + cost optimization, security, performance, and fault tolerance. Each check examines + a specific aspect of your AWS resources and provides recommendations for improvement. ID: aws_trusted_advisor_check_summary_3 -Title: "List Trusted Advisor Check Summaries for AWS" -Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - check_id, - description, - status, - timestamp - from - aws_trusted_advisor_check_summary - where - language = 'en' - and - timestamp >= now() - interval '5 day'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n check_id,\n description,\n status,\n timestamp\n\ + from\n aws_trusted_advisor_check_summary\nwhere\n language = 'en'\nand\n timestamp\ + \ >= now() - interval '5 day';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Trusted Advisor +Title: List Trusted Advisor Check Summaries for AWS diff --git a/queries/aws_trusted_advisor_check_summary_4.yaml b/queries/aws_trusted_advisor_check_summary_4.yaml index f164fd072..3b88949e7 100755 --- a/queries/aws_trusted_advisor_check_summary_4.yaml +++ b/queries/aws_trusted_advisor_check_summary_4.yaml @@ -1,33 +1,27 @@ +Description: A Trusted Advisor check is a specific evaluation or assessment performed + by Trusted Advisor in different categories. These checks cover various areas, including + cost optimization, security, performance, and fault tolerance. Each check examines + a specific aspect of your AWS resources and provides recommendations for improvement. ID: aws_trusted_advisor_check_summary_4 -Title: "List all AWS Trusted Advisor Check Summaries" -Description: "A Trusted Advisor check is a specific evaluation or assessment performed by Trusted Advisor in different categories. These checks cover various areas, including cost optimization, security, performance, and fault tolerance. Each check examines a specific aspect of your AWS resources and provides recommendations for improvement." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - check_id, - resources_flagged, - resources_ignored, - resources_processed, - resources_suppressed - from - aws_trusted_advisor_check_summary - where - language = 'en'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n check_id,\n resources_flagged,\n resources_ignored,\n\ + \ resources_processed,\n resources_suppressed\nfrom\n aws_trusted_advisor_check_summary\n\ + where\n language = 'en';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_finops: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Trusted Advisor +Title: List all AWS Trusted Advisor Check Summaries diff --git a/queries/aws_vpc_1.yaml b/queries/aws_vpc_1.yaml index 319329dfe..daa958dd0 100755 --- a/queries/aws_vpc_1.yaml +++ b/queries/aws_vpc_1.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query VPCs within AWS. It provides information about + each VPC''s configuration, including its ID, state, CIDR block, and whether it is + the default VPC. ID: aws_vpc_1 -Title: "List all AWS VPCs and their configurations" -Description: "Allows users to query VPCs within AWS. It provides information about each VPC''s configuration, including its ID, state, CIDR block, and whether it is the default VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - is_default, - cidr_block, - state, - account_id, - region - from - aws_vpc - where - is_default; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_id,\n is_default,\n cidr_block,\n state,\n account_id,\n\ + \ region\nfrom\n aws_vpc\nwhere\n is_default;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPCs and their configurations diff --git a/queries/aws_vpc_2.yaml b/queries/aws_vpc_2.yaml index bc955e7cf..f2a0f57b8 100755 --- a/queries/aws_vpc_2.yaml +++ b/queries/aws_vpc_2.yaml @@ -1,31 +1,25 @@ +Description: Allows users to query VPCs within AWS. It provides information about + each VPC''s configuration, including its ID, state, CIDR block, and whether it is + the default VPC. ID: aws_vpc_2 -Title: "List all AWS VPCs and their configurations" -Description: "Allows users to query VPCs within AWS. It provides information about each VPC''s configuration, including its ID, state, CIDR block, and whether it is the default VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - cidr_block, - host(cidr_block), - broadcast(cidr_block), - netmask(cidr_block), - network(cidr_block) - from - aws_vpc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_id,\n cidr_block,\n host(cidr_block),\n broadcast(cidr_block),\n\ + \ netmask(cidr_block),\n network(cidr_block)\nfrom\n aws_vpc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPCs and their configurations diff --git a/queries/aws_vpc_3.yaml b/queries/aws_vpc_3.yaml index 33eb0e05d..f534f8afb 100755 --- a/queries/aws_vpc_3.yaml +++ b/queries/aws_vpc_3.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query VPCs within AWS. It provides information about + each VPC''s configuration, including its ID, state, CIDR block, and whether it is + the default VPC. ID: aws_vpc_3 -Title: "Find all AWS VPCs and Their Configurations" -Description: "Allows users to query VPCs within AWS. It provides information about each VPC''s configuration, including its ID, state, CIDR block, and whether it is the default VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - cidr_block, - state, - region - from - aws_vpc - where - not cidr_block <<= '10.0.0.0/8' - and not cidr_block <<= '192.168.0.0/16' - and not cidr_block <<= '172.16.0.0/12'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_id,\n cidr_block,\n state,\n region\nfrom\n aws_vpc\n\ + where\n not cidr_block <<= '10.0.0.0/8'\n and not cidr_block <<= '192.168.0.0/16'\n\ + \ and not cidr_block <<= '172.16.0.0/12';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find all AWS VPCs and Their Configurations diff --git a/queries/aws_vpc_customer_gateway_1.yaml b/queries/aws_vpc_customer_gateway_1.yaml index b4b54f862..e58e6affc 100755 --- a/queries/aws_vpc_customer_gateway_1.yaml +++ b/queries/aws_vpc_customer_gateway_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS VPC Customer Gateway, providing detailed information + about each Customer Gateway in a Virtual Private Cloud (VPC). ID: aws_vpc_customer_gateway_1 -Title: "Find all Customer Gateways in AWS VPC" -Description: "Allows users to query AWS VPC Customer Gateway, providing detailed information about each Customer Gateway in a Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - customer_gateway_id, - type, - state, - bgp_asn, - certificate_arn, - device_name, - ip_address - from - aws_vpc_customer_gateway; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n customer_gateway_id,\n type,\n state,\n bgp_asn,\n\ + \ certificate_arn,\n device_name,\n ip_address\nfrom\n aws_vpc_customer_gateway;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find all Customer Gateways in AWS VPC diff --git a/queries/aws_vpc_customer_gateway_2.yaml b/queries/aws_vpc_customer_gateway_2.yaml index 16a54cd1f..deb98d5ba 100755 --- a/queries/aws_vpc_customer_gateway_2.yaml +++ b/queries/aws_vpc_customer_gateway_2.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS VPC Customer Gateway, providing detailed information + about each Customer Gateway in a Virtual Private Cloud (VPC). ID: aws_vpc_customer_gateway_2 -Title: "List all AWS VPC Customer Gateway details in VPC" -Description: "Allows users to query AWS VPC Customer Gateway, providing detailed information about each Customer Gateway in a Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - type, - count(customer_gateway_id) as customer_gateway_id_count - from - aws_vpc_customer_gateway - group by - type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n type,\n count(customer_gateway_id) as customer_gateway_id_count\n\ + from\n aws_vpc_customer_gateway\ngroup by\n type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Virtual Private Cloud +Title: List all AWS VPC Customer Gateway details in VPC diff --git a/queries/aws_vpc_dhcp_options_1.yaml b/queries/aws_vpc_dhcp_options_1.yaml index 7743575a7..491fa43ca 100755 --- a/queries/aws_vpc_dhcp_options_1.yaml +++ b/queries/aws_vpc_dhcp_options_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query DHCP Options associated with Virtual Private Cloud + (VPC) in AWS. ID: aws_vpc_dhcp_options_1 -Title: "List all DHCP Options associated with AWS VPC" -Description: "Allows users to query DHCP Options associated with Virtual Private Cloud (VPC) in AWS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - dhcp_options_id, - domain_name, - domain_name_servers, - netbios_name_servers, - netbios_node_type, - ntp_servers - from - aws_vpc_dhcp_options; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n dhcp_options_id,\n domain_name,\n domain_name_servers,\n\ + \ netbios_name_servers,\n netbios_node_type,\n ntp_servers\nfrom\n aws_vpc_dhcp_options;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Virtual Private Cloud +Title: List all DHCP Options associated with AWS VPC diff --git a/queries/aws_vpc_dhcp_options_2.yaml b/queries/aws_vpc_dhcp_options_2.yaml index 8228497df..21caaefaa 100755 --- a/queries/aws_vpc_dhcp_options_2.yaml +++ b/queries/aws_vpc_dhcp_options_2.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query DHCP Options associated with Virtual Private Cloud + (VPC) in AWS. ID: aws_vpc_dhcp_options_2 -Title: "List AWS VPC DHCP Options with Domain Name Servers" -Description: "Allows users to query DHCP Options associated with Virtual Private Cloud (VPC) in AWS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - dhcp_options_id, - domain_name, - domain_name_servers - from - aws_vpc_dhcp_options - where - domain_name_servers ? 'AmazonProvidedDNS'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n dhcp_options_id,\n domain_name,\n domain_name_servers\n\ + from\n aws_vpc_dhcp_options\nwhere\n domain_name_servers ? 'AmazonProvidedDNS';" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List AWS VPC DHCP Options with Domain Name Servers diff --git a/queries/aws_vpc_dhcp_options_3.yaml b/queries/aws_vpc_dhcp_options_3.yaml index 73f5bd56d..97b244266 100755 --- a/queries/aws_vpc_dhcp_options_3.yaml +++ b/queries/aws_vpc_dhcp_options_3.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query DHCP Options associated with Virtual Private Cloud + (VPC) in AWS. ID: aws_vpc_dhcp_options_3 -Title: "Find AWS VPC DHCP Options with Specific NetBIOS Types" -Description: "Allows users to query DHCP Options associated with Virtual Private Cloud (VPC) in AWS." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - dhcp_options_id, - netbios_node_type - from - aws_vpc_dhcp_options - cross join jsonb_array_elements_text(netbios_node_type) as i - where - not i.value :: int in (2); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n dhcp_options_id,\n netbios_node_type\nfrom\n aws_vpc_dhcp_options\n\ + \ cross join jsonb_array_elements_text(netbios_node_type) as i\nwhere\n not\ + \ i.value :: int in (2);" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC DHCP Options +Title: Find AWS VPC DHCP Options with Specific NetBIOS Types diff --git a/queries/aws_vpc_egress_only_internet_gateway_1.yaml b/queries/aws_vpc_egress_only_internet_gateway_1.yaml index 2143687e3..fe0d47edb 100755 --- a/queries/aws_vpc_egress_only_internet_gateway_1.yaml +++ b/queries/aws_vpc_egress_only_internet_gateway_1.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS VPC Egress Only Internet Gateways, which provide + egress only access for IPv6 traffic from the VPC to the internet. ID: aws_vpc_egress_only_internet_gateway_1 -Title: "Find all AWS VPC Egress Only Internet Gateways" -Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - att ->> 'State' as state, - att ->> 'VpcId' as vpc_id, - tags, - region - from - aws_vpc_egress_only_internet_gateway - cross join jsonb_array_elements(attachments) as att; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n att ->> 'State' as state,\n att ->> 'VpcId' as\ + \ vpc_id,\n tags,\n region\nfrom\n aws_vpc_egress_only_internet_gateway\n \ + \ cross join jsonb_array_elements(attachments) as att;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find all AWS VPC Egress Only Internet Gateways diff --git a/queries/aws_vpc_egress_only_internet_gateway_2.yaml b/queries/aws_vpc_egress_only_internet_gateway_2.yaml index 0936b3fc2..23f00b6f7 100755 --- a/queries/aws_vpc_egress_only_internet_gateway_2.yaml +++ b/queries/aws_vpc_egress_only_internet_gateway_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS VPC Egress Only Internet Gateways, which provide + egress only access for IPv6 traffic from the VPC to the internet. ID: aws_vpc_egress_only_internet_gateway_2 -Title: "Find AWS VPC Egress Only Internet Gateways" -Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - attachments - from - aws_vpc_egress_only_internet_gateway - where - attachments is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n attachments\nfrom\n aws_vpc_egress_only_internet_gateway\n\ + where\n attachments is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find AWS VPC Egress Only Internet Gateways diff --git a/queries/aws_vpc_egress_only_internet_gateway_3.yaml b/queries/aws_vpc_egress_only_internet_gateway_3.yaml index 8ab250145..9aecb4092 100755 --- a/queries/aws_vpc_egress_only_internet_gateway_3.yaml +++ b/queries/aws_vpc_egress_only_internet_gateway_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS VPC Egress Only Internet Gateways, which provide + egress only access for IPv6 traffic from the VPC to the internet. ID: aws_vpc_egress_only_internet_gateway_3 -Title: "Find AWS VPC Egress Only Internet Gateways" -Description: "Allows users to query AWS VPC Egress Only Internet Gateways, which provide egress only access for IPv6 traffic from the VPC to the internet." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vig.id, - vpc.is_default - from - aws_vpc_egress_only_internet_gateway as vig - cross join jsonb_array_elements(attachments) as i - join aws_vpc vpc on i ->> 'VpcId' = vpc.vpc_id - where - vpc.is_default = true; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vig.id,\n vpc.is_default\nfrom\n aws_vpc_egress_only_internet_gateway\ + \ as vig\n cross join jsonb_array_elements(attachments) as i\n join aws_vpc\ + \ vpc on i ->> 'VpcId' = vpc.vpc_id\nwhere\n vpc.is_default = true;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find AWS VPC Egress Only Internet Gateways diff --git a/queries/aws_vpc_eip_1.yaml b/queries/aws_vpc_eip_1.yaml index 546c565ba..92820d173 100755 --- a/queries/aws_vpc_eip_1.yaml +++ b/queries/aws_vpc_eip_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS VPC Elastic IP Addresses ID: aws_vpc_eip_1 -Title: "Find all AWS VPC Elastic IP Addresses" -Description: "Allows users to query AWS VPC Elastic IP Addresses" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - public_ip, - domain association_id - from - aws_vpc_eip - where - association_id is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n public_ip,\n domain association_id\nfrom\n aws_vpc_eip\n\ + where\n association_id is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon VPC +Title: Find all AWS VPC Elastic IP Addresses diff --git a/queries/aws_vpc_eip_2.yaml b/queries/aws_vpc_eip_2.yaml index 15bdb9dc0..b51630231 100755 --- a/queries/aws_vpc_eip_2.yaml +++ b/queries/aws_vpc_eip_2.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS VPC Elastic IP Addresses ID: aws_vpc_eip_2 -Title: "Find AWS VPC Elastic IP Addresses" -Description: "Allows users to query AWS VPC Elastic IP Addresses" IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - public_ipv4_pool, - count(public_ip) as elastic_ips - from - aws_vpc_eip - group by - public_ipv4_pool; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n public_ipv4_pool,\n count(public_ip) as elastic_ips\n\ + from\n aws_vpc_eip\ngroup by\n public_ipv4_pool;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find AWS VPC Elastic IP Addresses diff --git a/queries/aws_vpc_eip_address_transfer_1.yaml b/queries/aws_vpc_eip_address_transfer_1.yaml index 1f618d3d1..d363d60ef 100755 --- a/queries/aws_vpc_eip_address_transfer_1.yaml +++ b/queries/aws_vpc_eip_address_transfer_1.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query Elastic IP Address Transfers in AWS VPC. ID: aws_vpc_eip_address_transfer_1 -Title: "List all AWS VPC Elastic IP Address Transfers" -Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - allocation_id, - address_transfer_status, - public_ip, - transfer_account_id, - transfer_offer_accepted_timestamp - from - aws_vpc_eip_address_transfer; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n allocation_id,\n address_transfer_status,\n public_ip,\n\ + \ transfer_account_id,\n transfer_offer_accepted_timestamp\nfrom\n aws_vpc_eip_address_transfer;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPC Elastic IP Address Transfers diff --git a/queries/aws_vpc_eip_address_transfer_2.yaml b/queries/aws_vpc_eip_address_transfer_2.yaml index 1ba0776ee..53138dff7 100755 --- a/queries/aws_vpc_eip_address_transfer_2.yaml +++ b/queries/aws_vpc_eip_address_transfer_2.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query Elastic IP Address Transfers in AWS VPC. ID: aws_vpc_eip_address_transfer_2 -Title: "List all Elastic IP Address Transfers in AWS VPC" -Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - allocation_id, - address_transfer_status, - public_ip, - transfer_account_id, - transfer_offer_accepted_timestamp - from - aws_vpc_eip_address_transfer - where - transfer_offer_accepted_timestamp >= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n allocation_id,\n address_transfer_status,\n public_ip,\n\ + \ transfer_account_id,\n transfer_offer_accepted_timestamp\nfrom\n aws_vpc_eip_address_transfer\n\ + where\n transfer_offer_accepted_timestamp >= now() - interval '30' day;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all Elastic IP Address Transfers in AWS VPC diff --git a/queries/aws_vpc_eip_address_transfer_3.yaml b/queries/aws_vpc_eip_address_transfer_3.yaml index 991c5f7fa..38c267f21 100755 --- a/queries/aws_vpc_eip_address_transfer_3.yaml +++ b/queries/aws_vpc_eip_address_transfer_3.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query Elastic IP Address Transfers in AWS VPC. ID: aws_vpc_eip_address_transfer_3 -Title: "Find AWS Elastic IP Address Transfers in VPC using SQL" -Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - allocation_id, - address_transfer_status, - public_ip, - transfer_account_id, - transfer_offer_expiration_timestamp - from - aws_vpc_eip_address_transfer - where - transfer_offer_expiration_timestamp >= now() - interval '10' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n allocation_id,\n address_transfer_status,\n public_ip,\n\ + \ transfer_account_id,\n transfer_offer_expiration_timestamp\nfrom\n aws_vpc_eip_address_transfer\n\ + where\n transfer_offer_expiration_timestamp >= now() - interval '10' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find AWS Elastic IP Address Transfers in VPC using SQL diff --git a/queries/aws_vpc_eip_address_transfer_4.yaml b/queries/aws_vpc_eip_address_transfer_4.yaml index e281e40fd..165966e12 100755 --- a/queries/aws_vpc_eip_address_transfer_4.yaml +++ b/queries/aws_vpc_eip_address_transfer_4.yaml @@ -1,39 +1,26 @@ +Description: Allows users to query Elastic IP Address Transfers in AWS VPC. ID: aws_vpc_eip_address_transfer_4 -Title: "Find AWS VPC Elastic IP Address Transfers" -Description: "Allows users to query Elastic IP Address Transfers in AWS VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - t.allocation_id, - t.address_transfer_status, - t.transfer_account_id, - i.vpc_id, - v.cidr_block, - v.state, - v.is_default - from - aws_vpc_eip eip, - aws_ec2_instance i, - aws_vpc_eip_address_transfer t, - aws_vpc v - where - eip.instance_id = i.instance_id - and t.allocation_id = eip.allocation_id - and v.vpc_id = i.vpc_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n t.allocation_id,\n t.address_transfer_status,\n t.transfer_account_id,\n\ + \ i.vpc_id,\n v.cidr_block,\n v.state,\n v.is_default\nfrom\n aws_vpc_eip\ + \ eip,\n aws_ec2_instance i,\n aws_vpc_eip_address_transfer t,\n aws_vpc v\n\ + where\n eip.instance_id = i.instance_id\n and t.allocation_id = eip.allocation_id\n\ + \ and v.vpc_id = i.vpc_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find AWS VPC Elastic IP Address Transfers diff --git a/queries/aws_vpc_endpoint_1.yaml b/queries/aws_vpc_endpoint_1.yaml index 5787b74ba..a06a75aaa 100755 --- a/queries/aws_vpc_endpoint_1.yaml +++ b/queries/aws_vpc_endpoint_1.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS VPC Endpoints and retrieve information about + each endpoint''s configuration, type, status, and related resources such as network + interfaces, DNS entries, and security groups. ID: aws_vpc_endpoint_1 -Title: "List AWS VPC Endpoints with Configuration and Status" -Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_endpoint_id, - vpc_id, - service_name - from - aws_vpc_endpoint; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_endpoint_id,\n vpc_id,\n service_name\nfrom\n \ + \ aws_vpc_endpoint;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Endpoint +Title: List AWS VPC Endpoints with Configuration and Status diff --git a/queries/aws_vpc_endpoint_2.yaml b/queries/aws_vpc_endpoint_2.yaml index 72f2edab2..6c9b17d28 100755 --- a/queries/aws_vpc_endpoint_2.yaml +++ b/queries/aws_vpc_endpoint_2.yaml @@ -1,25 +1,23 @@ +Description: Allows users to query AWS VPC Endpoints and retrieve information about + each endpoint''s configuration, type, status, and related resources such as network + interfaces, DNS entries, and security groups. ID: aws_vpc_endpoint_2 -Title: "List all AWS VPC Endpoints and retrieve configuration details" -Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_endpoint_id, - jsonb_array_length(subnet_ids) as subnet_id_count - from - aws_vpc_endpoint; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_endpoint_id,\n jsonb_array_length(subnet_ids) as\ + \ subnet_id_count\nfrom\n aws_vpc_endpoint;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Endpoint +Title: List all AWS VPC Endpoints and retrieve configuration details diff --git a/queries/aws_vpc_endpoint_3.yaml b/queries/aws_vpc_endpoint_3.yaml index 09d9fd13d..a6289a63e 100755 --- a/queries/aws_vpc_endpoint_3.yaml +++ b/queries/aws_vpc_endpoint_3.yaml @@ -1,30 +1,26 @@ +Description: Allows users to query AWS VPC Endpoints and retrieve information about + each endpoint''s configuration, type, status, and related resources such as network + interfaces, DNS entries, and security groups. ID: aws_vpc_endpoint_3 -Title: "List all AWS VPC Endpoints and Related Information" -Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_endpoint_id, - vpc_id, - jsonb_array_elements(subnet_ids) as subnet_ids, - jsonb_array_elements(network_interface_ids) as network_interface_ids, - jsonb_array_elements(route_table_ids) as route_table_ids, - sg ->> 'GroupName' as sg_name - from - aws_vpc_endpoint - cross join jsonb_array_elements(groups) as sg; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_endpoint_id,\n vpc_id,\n jsonb_array_elements(subnet_ids)\ + \ as subnet_ids,\n jsonb_array_elements(network_interface_ids) as network_interface_ids,\n\ + \ jsonb_array_elements(route_table_ids) as route_table_ids,\n sg ->> 'GroupName'\ + \ as sg_name\nfrom\n aws_vpc_endpoint\n cross join jsonb_array_elements(groups)\ + \ as sg;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPC Endpoints and Related Information diff --git a/queries/aws_vpc_endpoint_4.yaml b/queries/aws_vpc_endpoint_4.yaml index e2af977b0..109ebfb7b 100755 --- a/queries/aws_vpc_endpoint_4.yaml +++ b/queries/aws_vpc_endpoint_4.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS VPC Endpoints and retrieve information about + each endpoint''s configuration, type, status, and related resources such as network + interfaces, DNS entries, and security groups. ID: aws_vpc_endpoint_4 -Title: "Find AWS VPC Endpoints with Configurations and Status" -Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_endpoint_id, - private_dns_enabled, - dns ->> 'DnsName' as dns_name, - dns ->> 'HostedZoneId' as hosted_zone_id - from - aws_vpc_endpoint - cross join jsonb_array_elements(dns_entries) as dns; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_endpoint_id,\n private_dns_enabled,\n dns ->> 'DnsName'\ + \ as dns_name,\n dns ->> 'HostedZoneId' as hosted_zone_id\nfrom\n aws_vpc_endpoint\n\ + \ cross join jsonb_array_elements(dns_entries) as dns;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Endpoint +Title: Find AWS VPC Endpoints with Configurations and Status diff --git a/queries/aws_vpc_endpoint_5.yaml b/queries/aws_vpc_endpoint_5.yaml index cdaf3d885..18c712d2f 100755 --- a/queries/aws_vpc_endpoint_5.yaml +++ b/queries/aws_vpc_endpoint_5.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS VPC Endpoints and retrieve information about + each endpoint''s configuration, type, status, and related resources such as network + interfaces, DNS entries, and security groups. ID: aws_vpc_endpoint_5 -Title: "List all AWS VPC Endpoints and their configurations" -Description: "Allows users to query AWS VPC Endpoints and retrieve information about each endpoint''s configuration, type, status, and related resources such as network interfaces, DNS entries, and security groups." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - count(vpc_endpoint_id) as vpc_endpoint_count - from - aws_vpc_endpoint - group by - vpc_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_id,\n count(vpc_endpoint_id) as vpc_endpoint_count\n\ + from\n aws_vpc_endpoint\ngroup by\n vpc_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPC Endpoints and their configurations diff --git a/queries/aws_vpc_endpoint_service_1.yaml b/queries/aws_vpc_endpoint_service_1.yaml index 9cfa61a05..0e5345aa7 100755 --- a/queries/aws_vpc_endpoint_service_1.yaml +++ b/queries/aws_vpc_endpoint_service_1.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS VPC Endpoint Services to retrieve detailed + information about each service, including service name, service type, and whether + or not the service is private. ID: aws_vpc_endpoint_service_1 -Title: "List All AWS VPC Endpoint Services and Details" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_id, - base_endpoint_dns_names, - private_dns_name - from - aws_vpc_endpoint_service; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n service_id,\n base_endpoint_dns_names,\n\ + \ private_dns_name\nfrom\n aws_vpc_endpoint_service;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Endpoint Services +Title: List All AWS VPC Endpoint Services and Details diff --git a/queries/aws_vpc_endpoint_service_2.yaml b/queries/aws_vpc_endpoint_service_2.yaml index 2a702da50..98c45de3f 100755 --- a/queries/aws_vpc_endpoint_service_2.yaml +++ b/queries/aws_vpc_endpoint_service_2.yaml @@ -1,25 +1,23 @@ +Description: Allows users to query AWS VPC Endpoint Services to retrieve detailed + information about each service, including service name, service type, and whether + or not the service is private. ID: aws_vpc_endpoint_service_2 -Title: "List all AWS VPC Endpoint Services with Details" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - jsonb_array_length(availability_zones) as availability_zone_count - from - aws_vpc_endpoint_service; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n jsonb_array_length(availability_zones)\ + \ as availability_zone_count\nfrom\n aws_vpc_endpoint_service;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Endpoint Service +Title: List all AWS VPC Endpoint Services with Details diff --git a/queries/aws_vpc_endpoint_service_3.yaml b/queries/aws_vpc_endpoint_service_3.yaml index 3746d619e..b837c1d6c 100755 --- a/queries/aws_vpc_endpoint_service_3.yaml +++ b/queries/aws_vpc_endpoint_service_3.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS VPC Endpoint Services to retrieve detailed + information about each service, including service name, service type, and whether + or not the service is private. ID: aws_vpc_endpoint_service_3 -Title: "Find AWS VPC Endpoint Service Details" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_id, - base_endpoint_dns_names, - private_dns_name - from - aws_vpc_endpoint_service; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n service_id,\n base_endpoint_dns_names,\n\ + \ private_dns_name\nfrom\n aws_vpc_endpoint_service;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Endpoint Service +Title: Find AWS VPC Endpoint Service Details diff --git a/queries/aws_vpc_endpoint_service_4.yaml b/queries/aws_vpc_endpoint_service_4.yaml index 241bf38af..44c9be6bf 100755 --- a/queries/aws_vpc_endpoint_service_4.yaml +++ b/queries/aws_vpc_endpoint_service_4.yaml @@ -1,25 +1,22 @@ +Description: Allows users to query AWS VPC Endpoint Services to retrieve detailed + information about each service, including service name, service type, and whether + or not the service is private. ID: aws_vpc_endpoint_service_4 -Title: "List AWS VPC Endpoint Services with Details" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_id, - type ->> 'ServiceType' as service_type - from - aws_vpc_endpoint_service - cross join jsonb_array_elements(service_type) as type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n service_id,\n type ->> 'ServiceType'\ + \ as service_type\nfrom\n aws_vpc_endpoint_service\n cross join jsonb_array_elements(service_type)\ + \ as type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS VPC Endpoint Services +Title: List AWS VPC Endpoint Services with Details diff --git a/queries/aws_vpc_endpoint_service_5.yaml b/queries/aws_vpc_endpoint_service_5.yaml index f6062ddd4..a7e1c3fe9 100755 --- a/queries/aws_vpc_endpoint_service_5.yaml +++ b/queries/aws_vpc_endpoint_service_5.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS VPC Endpoint Services to retrieve detailed + information about each service, including service name, service type, and whether + or not the service is private. ID: aws_vpc_endpoint_service_5 -Title: "List all Non-Policy Supported AWS VPC Endpoint Services" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_id, - vpc_endpoint_policy_supported - from - aws_vpc_endpoint_service - where - not vpc_endpoint_policy_supported; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n service_id,\n vpc_endpoint_policy_supported\n\ + from\n aws_vpc_endpoint_service\nwhere\n not vpc_endpoint_policy_supported;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Endpoint Service +Title: List all Non-Policy Supported AWS VPC Endpoint Services diff --git a/queries/aws_vpc_endpoint_service_6.yaml b/queries/aws_vpc_endpoint_service_6.yaml index 8f956172d..c7550e5c3 100755 --- a/queries/aws_vpc_endpoint_service_6.yaml +++ b/queries/aws_vpc_endpoint_service_6.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS VPC Endpoint Services to retrieve detailed + information about each service, including service name, service type, and whether + or not the service is private. ID: aws_vpc_endpoint_service_6 -Title: "List all AWS VPC Endpoint Services" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_id, - jsonb_pretty(vpc_endpoint_service_permissions) as allowed_principals - from - aws_vpc_endpoint_service; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n service_id,\n jsonb_pretty(vpc_endpoint_service_permissions)\ + \ as allowed_principals\nfrom\n aws_vpc_endpoint_service;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Endpoint Services +Title: List all AWS VPC Endpoint Services diff --git a/queries/aws_vpc_endpoint_service_7.yaml b/queries/aws_vpc_endpoint_service_7.yaml index 774a132a2..d9c8e5871 100755 --- a/queries/aws_vpc_endpoint_service_7.yaml +++ b/queries/aws_vpc_endpoint_service_7.yaml @@ -1,30 +1,26 @@ +Description: Allows users to query AWS VPC Endpoint Services to retrieve detailed + information about each service, including service name, service type, and whether + or not the service is private. ID: aws_vpc_endpoint_service_7 -Title: "List all AWS VPC Endpoint Services Information" -Description: "Allows users to query AWS VPC Endpoint Services to retrieve detailed information about each service, including service name, service type, and whether or not the service is private." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - service_name, - service_id, - c ->> 'VpcEndpointId' as vpc_endpoint_id, - c ->> 'VpcEndpointOwner' as vpc_endpoint_owner, - c ->> 'VpcEndpointState' as vpc_endpoint_state, - jsonb_array_elements_text(c -> 'NetworkLoadBalancerArns') as network_loadBalancer_arns - from - aws_vpc_endpoint_service, - jsonb_array_elements(vpc_endpoint_connections) as c - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n service_name,\n service_id,\n c ->> 'VpcEndpointId'\ + \ as vpc_endpoint_id,\n c ->> 'VpcEndpointOwner' as vpc_endpoint_owner,\n c\ + \ ->> 'VpcEndpointState' as vpc_endpoint_state,\n jsonb_array_elements_text(c\ + \ -> 'NetworkLoadBalancerArns') as network_loadBalancer_arns\nfrom\n aws_vpc_endpoint_service,\n\ + \ jsonb_array_elements(vpc_endpoint_connections) as c" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Endpoint Service +Title: List all AWS VPC Endpoint Services Information diff --git a/queries/aws_vpc_flow_log_1.yaml b/queries/aws_vpc_flow_log_1.yaml index 52debf495..810a3f409 100755 --- a/queries/aws_vpc_flow_log_1.yaml +++ b/queries/aws_vpc_flow_log_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS VPC Flow Logs, providing detailed information + about IP traffic going to and from network interfaces in a VPC. ID: aws_vpc_flow_log_1 -Title: "Find AWS VPC Flow Logs Information with SQL Query" -Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - flow_log_id, - resource_id - from - aws_vpc_flow_log; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n flow_log_id,\n resource_id\nfrom\n aws_vpc_flow_log;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Flow Logs +Title: Find AWS VPC Flow Logs Information with SQL Query diff --git a/queries/aws_vpc_flow_log_2.yaml b/queries/aws_vpc_flow_log_2.yaml index f88800199..edcba17e5 100755 --- a/queries/aws_vpc_flow_log_2.yaml +++ b/queries/aws_vpc_flow_log_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS VPC Flow Logs, providing detailed information + about IP traffic going to and from network interfaces in a VPC. ID: aws_vpc_flow_log_2 -Title: "Find Failed Logs in AWS VPC Flow" -Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - flow_log_id, - resource_id, - deliver_logs_error_message, - deliver_logs_status - from - aws_vpc_flow_log - where - deliver_logs_status = 'FAILED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n flow_log_id,\n resource_id,\n deliver_logs_error_message,\n\ + \ deliver_logs_status\nfrom\n aws_vpc_flow_log\nwhere\n deliver_logs_status\ + \ = 'FAILED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Flow Logs +Title: Find Failed Logs in AWS VPC Flow diff --git a/queries/aws_vpc_flow_log_3.yaml b/queries/aws_vpc_flow_log_3.yaml index 0dbeac59e..c546ea0ac 100755 --- a/queries/aws_vpc_flow_log_3.yaml +++ b/queries/aws_vpc_flow_log_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS VPC Flow Logs, providing detailed information + about IP traffic going to and from network interfaces in a VPC. ID: aws_vpc_flow_log_3 -Title: "Find AWS VPC Flow Logs and IP Traffic Details" -Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - flow_log_id, - log_destination_type, - log_destination, - log_group_name, - bucket_name - from - aws_vpc_flow_log; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n flow_log_id,\n log_destination_type,\n log_destination,\n\ + \ log_group_name,\n bucket_name\nfrom\n aws_vpc_flow_log;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Flow Log +Title: Find AWS VPC Flow Logs and IP Traffic Details diff --git a/queries/aws_vpc_flow_log_4.yaml b/queries/aws_vpc_flow_log_4.yaml index b8de7f566..642607bee 100755 --- a/queries/aws_vpc_flow_log_4.yaml +++ b/queries/aws_vpc_flow_log_4.yaml @@ -1,23 +1,19 @@ +Description: Allows users to query AWS VPC Flow Logs, providing detailed information + about IP traffic going to and from network interfaces in a VPC. ID: aws_vpc_flow_log_4 -Title: "Find AWS VPC Flow Log Details with SQL Queries" -Description: "Allows users to query AWS VPC Flow Logs, providing detailed information about IP traffic going to and from network interfaces in a VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - flow_log_id, - traffic_type - from - aws_vpc_flow_log; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n flow_log_id,\n traffic_type\nfrom\n aws_vpc_flow_log;" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Flow Logs +Title: Find AWS VPC Flow Log Details with SQL Queries diff --git a/queries/aws_vpc_flow_log_event_1.yaml b/queries/aws_vpc_flow_log_event_1.yaml index b402cffa7..4aa2628c5 100755 --- a/queries/aws_vpc_flow_log_event_1.yaml +++ b/queries/aws_vpc_flow_log_event_1.yaml @@ -1,36 +1,24 @@ +Description: Allows users to query AWS VPC Flow Logs and retrieve information about + the IP traffic going to and from network interfaces in their VPC. ID: aws_vpc_flow_log_event_1 -Title: "Find AWS VPC Flow Log Event Details in Last 5 Minutes" -Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - log_status, - action, - ingestion_time, - timestamp, - interface_id, - interface_account_id, - src_addr, - region - from - aws_vpc_flow_log_event - where - log_group_name = 'vpc-log-group-name' - and timestamp >= now() - interval '5 minutes'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n log_stream_name,\n log_status,\n\ + \ action,\n ingestion_time,\n timestamp,\n interface_id,\n interface_account_id,\n\ + \ src_addr,\n region\nfrom\n aws_vpc_flow_log_event\nwhere\n log_group_name\ + \ = 'vpc-log-group-name'\n and timestamp >= now() - interval '5 minutes';" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Flow Logs +Title: Find AWS VPC Flow Log Event Details in Last 5 Minutes diff --git a/queries/aws_vpc_flow_log_event_2.yaml b/queries/aws_vpc_flow_log_event_2.yaml index 641d177be..09f2bfac9 100755 --- a/queries/aws_vpc_flow_log_event_2.yaml +++ b/queries/aws_vpc_flow_log_event_2.yaml @@ -1,40 +1,27 @@ +Description: Allows users to query AWS VPC Flow Logs and retrieve information about + the IP traffic going to and from network interfaces in their VPC. ID: aws_vpc_flow_log_event_2 -Title: "List all AWS VPC Flow Log Events and IP Traffic Details" -Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - log_status, - action, - ingestion_time, - timestamp, - interface_id, - interface_account_id, - src_addr, - region - from - aws_vpc_flow_log_event - where - log_group_name = 'vpc-log-group-name' - and timestamp between (now() - interval '10 minutes') and (now() - interval '5 minutes') - order by - timestamp asc; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n log_stream_name,\n log_status,\n\ + \ action,\n ingestion_time,\n timestamp,\n interface_id,\n interface_account_id,\n\ + \ src_addr,\n region\nfrom\n aws_vpc_flow_log_event\nwhere\n log_group_name\ + \ = 'vpc-log-group-name'\n and timestamp between (now() - interval '10 minutes')\ + \ and (now() - interval '5 minutes')\norder by\n timestamp asc;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Flow Logs +Title: List all AWS VPC Flow Log Events and IP Traffic Details diff --git a/queries/aws_vpc_flow_log_event_3.yaml b/queries/aws_vpc_flow_log_event_3.yaml index 3cf58170e..6a01d20a7 100755 --- a/queries/aws_vpc_flow_log_event_3.yaml +++ b/queries/aws_vpc_flow_log_event_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS VPC Flow Logs and retrieve information about + the IP traffic going to and from network interfaces in their VPC. ID: aws_vpc_flow_log_event_3 -Title: "List all IP traffic from AWS VPC Flow Logs" -Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - distinct(interface_id) - from - aws_vpc_flow_log_event - where - log_group_name = 'vpc-log-group-name' - and timestamp >= now() - interval '1 hour'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n distinct(interface_id)\nfrom\n aws_vpc_flow_log_event\n\ + where\n log_group_name = 'vpc-log-group-name'\n and timestamp >= now() - interval\ + \ '1 hour';" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Flow Logs +Title: List all IP traffic from AWS VPC Flow Logs diff --git a/queries/aws_vpc_flow_log_event_4.yaml b/queries/aws_vpc_flow_log_event_4.yaml index 0fa54668c..81c2dcdee 100755 --- a/queries/aws_vpc_flow_log_event_4.yaml +++ b/queries/aws_vpc_flow_log_event_4.yaml @@ -1,35 +1,24 @@ +Description: Allows users to query AWS VPC Flow Logs and retrieve information about + the IP traffic going to and from network interfaces in their VPC. ID: aws_vpc_flow_log_event_4 -Title: "Find all AWS VPC Flow Log Events Using SQL" -Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_stream_name, - timestamp, - interface_id, - interface_account_id, - src_addr, - src_port, - dst_addr, - dst_port - from - aws_vpc_flow_log_event - where - log_group_name = 'vpc-log-group-name' - and action = 'REJECT' - and timestamp >= now() - interval '1 hour'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_stream_name,\n timestamp,\n interface_id,\n interface_account_id,\n\ + \ src_addr,\n src_port,\n dst_addr,\n dst_port\nfrom\n aws_vpc_flow_log_event\n\ + where\n log_group_name = 'vpc-log-group-name'\n and action = 'REJECT'\n and\ + \ timestamp >= now() - interval '1 hour';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Flow Logs +Title: Find all AWS VPC Flow Log Events Using SQL diff --git a/queries/aws_vpc_flow_log_event_5.yaml b/queries/aws_vpc_flow_log_event_5.yaml index 6f03b18ad..013803ad3 100755 --- a/queries/aws_vpc_flow_log_event_5.yaml +++ b/queries/aws_vpc_flow_log_event_5.yaml @@ -1,40 +1,26 @@ +Description: Allows users to query AWS VPC Flow Logs and retrieve information about + the IP traffic going to and from network interfaces in their VPC. ID: aws_vpc_flow_log_event_5 -Title: "Find AWS VPC Flow Log Events and IP Traffic Details" -Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - log_status, - action, - ingestion_time, - timestamp, - interface_id, - interface_account_id, - src_addr, - region - from - aws_vpc_flow_log_event - where - log_group_name = 'vpc-log-group-name' - and log_stream_name = 'eni-1d47d21d-all' - and (src_addr = '10.85.14.210' or dst_addr = '10.85.14.213') - and timestamp >= now() - interval '1 hour' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n log_stream_name,\n log_status,\n\ + \ action,\n ingestion_time,\n timestamp,\n interface_id,\n interface_account_id,\n\ + \ src_addr,\n region\nfrom\n aws_vpc_flow_log_event\nwhere\n log_group_name\ + \ = 'vpc-log-group-name'\n and log_stream_name = 'eni-1d47d21d-all'\n and (src_addr\ + \ = '10.85.14.210' or dst_addr = '10.85.14.213')\n and timestamp >= now() - interval\ + \ '1 hour'\norder by\n timestamp;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Flow Logs +Title: Find AWS VPC Flow Log Events and IP Traffic Details diff --git a/queries/aws_vpc_flow_log_event_6.yaml b/queries/aws_vpc_flow_log_event_6.yaml index cbab30e06..bea74d957 100755 --- a/queries/aws_vpc_flow_log_event_6.yaml +++ b/queries/aws_vpc_flow_log_event_6.yaml @@ -1,38 +1,24 @@ +Description: Allows users to query AWS VPC Flow Logs and retrieve information about + the IP traffic going to and from network interfaces in their VPC. ID: aws_vpc_flow_log_event_6 -Title: "Find all AWS VPC Flow Logs and IP Traffic Information" -Description: "Allows users to query AWS VPC Flow Logs and retrieve information about the IP traffic going to and from network interfaces in their VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - log_group_name, - log_stream_name, - log_status, - action, - ingestion_time, - timestamp, - interface_id, - interface_account_id, - src_addr, - region - from - aws_vpc_flow_log_event - where - log_group_name = 'vpc-log-group-name' - and log_stream_name = 'eni-1d47d21d-all' - and src_addr << '10.0.0.0/8'::inet - and timestamp >= now() - interval '1 hour' - order by - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n log_group_name,\n log_stream_name,\n log_status,\n\ + \ action,\n ingestion_time,\n timestamp,\n interface_id,\n interface_account_id,\n\ + \ src_addr,\n region\nfrom\n aws_vpc_flow_log_event\nwhere\n log_group_name\ + \ = 'vpc-log-group-name'\n and log_stream_name = 'eni-1d47d21d-all'\n and src_addr\ + \ << '10.0.0.0/8'::inet\n and timestamp >= now() - interval '1 hour'\norder by\n\ + \ timestamp;" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Flow Logs +Title: Find all AWS VPC Flow Logs and IP Traffic Information diff --git a/queries/aws_vpc_internet_gateway_1.yaml b/queries/aws_vpc_internet_gateway_1.yaml index 6c8d03ed1..c187525b4 100755 --- a/queries/aws_vpc_internet_gateway_1.yaml +++ b/queries/aws_vpc_internet_gateway_1.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS VPC Internet Gateway data. This table can be + used to gain insights into the Internet Gateways attached to your VPCs, including + their state, attached VPCs, and associated tags. ID: aws_vpc_internet_gateway_1 -Title: "List all AWS VPC Internet Gateway data insights" -Description: "Allows users to query AWS VPC Internet Gateway data. This table can be used to gain insights into the Internet Gateways attached to your VPCs, including their state, attached VPCs, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - internet_gateway_id, - attachments - from - aws_vpc_internet_gateway - where - attachments is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n internet_gateway_id,\n attachments\nfrom\n aws_vpc_internet_gateway\n\ + where\n attachments is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Internet Gateway +Title: List all AWS VPC Internet Gateway data insights diff --git a/queries/aws_vpc_internet_gateway_2.yaml b/queries/aws_vpc_internet_gateway_2.yaml index cd9c05401..100fdafab 100755 --- a/queries/aws_vpc_internet_gateway_2.yaml +++ b/queries/aws_vpc_internet_gateway_2.yaml @@ -1,26 +1,24 @@ +Description: Allows users to query AWS VPC Internet Gateway data. This table can be + used to gain insights into the Internet Gateways attached to your VPCs, including + their state, attached VPCs, and associated tags. ID: aws_vpc_internet_gateway_2 -Title: "Find AWS VPC Internet Gateway Details and States" -Description: "Allows users to query AWS VPC Internet Gateway data. This table can be used to gain insights into the Internet Gateways attached to your VPCs, including their state, attached VPCs, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - internet_gateway_id, - att ->> 'VpcId' as vpc_id - from - aws_vpc_internet_gateway - cross join jsonb_array_elements(attachments) as att; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n internet_gateway_id,\n att ->> 'VpcId' as vpc_id\nfrom\n\ + \ aws_vpc_internet_gateway\n cross join jsonb_array_elements(attachments) as\ + \ att;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Internet Gateway +Title: Find AWS VPC Internet Gateway Details and States diff --git a/queries/aws_vpc_nat_gateway_1.yaml b/queries/aws_vpc_nat_gateway_1.yaml index e9866b481..c209eda38 100755 --- a/queries/aws_vpc_nat_gateway_1.yaml +++ b/queries/aws_vpc_nat_gateway_1.yaml @@ -1,29 +1,26 @@ +Description: Allows users to query NAT Gateways within Amazon Virtual Private Cloud + (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each + NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, + such as their state, subnet association, and associated Elastic IP addresses. ID: aws_vpc_nat_gateway_1 -Title: "List all details of AWS VPC NAT Gateways with SQL" -Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nat_gateway_id, - address ->> 'PrivateIp' as private_ip, - address ->> 'PublicIp' as public_ip, - address ->> 'NetworkInterfaceId' as nic_id, - address ->> 'AllocationId' as allocation_id - from - aws_vpc_nat_gateway - cross join jsonb_array_elements(nat_gateway_addresses) as address; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n nat_gateway_id,\n address ->> 'PrivateIp' as private_ip,\n\ + \ address ->> 'PublicIp' as public_ip,\n address ->> 'NetworkInterfaceId' as\ + \ nic_id,\n address ->> 'AllocationId' as allocation_id\nfrom\n aws_vpc_nat_gateway\n\ + \ cross join jsonb_array_elements(nat_gateway_addresses) as address;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Virtual Private Cloud +Title: List all details of AWS VPC NAT Gateways with SQL diff --git a/queries/aws_vpc_nat_gateway_2.yaml b/queries/aws_vpc_nat_gateway_2.yaml index 834d40d99..7fc056951 100755 --- a/queries/aws_vpc_nat_gateway_2.yaml +++ b/queries/aws_vpc_nat_gateway_2.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query NAT Gateways within Amazon Virtual Private Cloud + (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each + NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, + such as their state, subnet association, and associated Elastic IP addresses. ID: aws_vpc_nat_gateway_2 -Title: "Find AWS VPC NAT Gateways and Subnet Details" -Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nat_gateway_id, - vpc_id, - subnet_id - from - aws_vpc_nat_gateway; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n nat_gateway_id,\n vpc_id,\n subnet_id\nfrom\n aws_vpc_nat_gateway;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Virtual Private Cloud (VPC) +Title: Find AWS VPC NAT Gateways and Subnet Details diff --git a/queries/aws_vpc_nat_gateway_3.yaml b/queries/aws_vpc_nat_gateway_3.yaml index 65a37ff37..c303d8110 100755 --- a/queries/aws_vpc_nat_gateway_3.yaml +++ b/queries/aws_vpc_nat_gateway_3.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query NAT Gateways within Amazon Virtual Private Cloud + (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each + NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, + such as their state, subnet association, and associated Elastic IP addresses. ID: aws_vpc_nat_gateway_3 -Title: "Find AWS VPC NAT Gateways and Their Details" -Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nat_gateway_id, - tags - from - aws_vpc_nat_gateway - where - not tags :: JSONB ? 'application'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n nat_gateway_id,\n tags\nfrom\n aws_vpc_nat_gateway\n\ + where\n not tags :: JSONB ? 'application';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Virtual Private Cloud (VPC) +Title: Find AWS VPC NAT Gateways and Their Details diff --git a/queries/aws_vpc_nat_gateway_4.yaml b/queries/aws_vpc_nat_gateway_4.yaml index 48e733317..a33b17c0a 100755 --- a/queries/aws_vpc_nat_gateway_4.yaml +++ b/queries/aws_vpc_nat_gateway_4.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query NAT Gateways within Amazon Virtual Private Cloud + (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each + NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, + such as their state, subnet association, and associated Elastic IP addresses. ID: aws_vpc_nat_gateway_4 -Title: "List All AWS VPC NAT Gateways and Their Subnet Associations" -Description: "Allows users to query NAT Gateways within Amazon Virtual Private Cloud (VPC). The `aws_vpc_nat_gateway` table in Steampipe provides information about each NAT Gateway within a VPC. This table can be used to gather insights on NAT Gateways, such as their state, subnet association, and associated Elastic IP addresses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - count(nat_gateway_id) as nat_gateway_id - from - aws_vpc_nat_gateway - group by - vpc_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_id,\n count(nat_gateway_id) as nat_gateway_id\n\ + from\n aws_vpc_nat_gateway\ngroup by\n vpc_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon VPC +Title: List All AWS VPC NAT Gateways and Their Subnet Associations diff --git a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml index 2830a3328..7cdaec672 100755 --- a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml +++ b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_1.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS NAT Gateway metrics for bytes sent to the destination + from the NAT gateway. The table provides information about the number of bytes sent + out to the destination per NAT gateway in a VPC. ID: aws_vpc_nat_gateway_metric_bytes_out_to_destination_1 -Title: "List all AWS NAT Gateway Metrics for Bytes Sent Out" -Description: "Allows users to query AWS NAT Gateway metrics for bytes sent to the destination from the NAT gateway. The table provides information about the number of bytes sent out to the destination per NAT gateway in a VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - nat_gateway_id, - timestamp, - minimum, - maximum, - average, - sample_count - from - aws_vpc_nat_gateway_metric_bytes_out_to_destination - order by - nat_gateway_id, - timestamp; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n nat_gateway_id,\n timestamp,\n minimum,\n maximum,\n\ + \ average,\n sample_count\nfrom\n aws_vpc_nat_gateway_metric_bytes_out_to_destination\n\ + order by\n nat_gateway_id,\n timestamp;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - NAT Gateway +Title: List all AWS NAT Gateway Metrics for Bytes Sent Out diff --git a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml index 55ab02f88..e7e070804 100755 --- a/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml +++ b/queries/aws_vpc_nat_gateway_metric_bytes_out_to_destination_2.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS NAT Gateway metrics for bytes sent to the destination + from the NAT gateway. The table provides information about the number of bytes sent + out to the destination per NAT gateway in a VPC. ID: aws_vpc_nat_gateway_metric_bytes_out_to_destination_2 -Title: "Find AWS NAT Gateway Metrics for Bytes Sent to Destination" -Description: "Allows users to query AWS NAT Gateway metrics for bytes sent to the destination from the NAT gateway. The table provides information about the number of bytes sent out to the destination per NAT gateway in a VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - g.nat_gateway_id, - vpc_id, - subnet_id - from - aws_vpc_nat_gateway as g - left join aws_vpc_nat_gateway_metric_bytes_out_to_destination as d - on g.nat_gateway_id = d.nat_gateway_id - group by - g.nat_gateway_id, - vpc_id, - subnet_id - having - sum(average) = 0; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n g.nat_gateway_id,\n vpc_id,\n subnet_id\nfrom\n aws_vpc_nat_gateway\ + \ as g\n left join aws_vpc_nat_gateway_metric_bytes_out_to_destination as d\n\ + \ on g.nat_gateway_id = d.nat_gateway_id\ngroup by\n g.nat_gateway_id,\n vpc_id,\n\ + \ subnet_id\nhaving\n sum(average) = 0;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - CloudWatch +Title: Find AWS NAT Gateway Metrics for Bytes Sent to Destination diff --git a/queries/aws_vpc_network_acl_1.yaml b/queries/aws_vpc_network_acl_1.yaml index c4cc898ca..894ac6149 100755 --- a/queries/aws_vpc_network_acl_1.yaml +++ b/queries/aws_vpc_network_acl_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS VPC Network ACLs to retrieve detailed information + about network access control lists in a specific AWS VPC. ID: aws_vpc_network_acl_1 -Title: "Find AWS VPC Network ACLs Information" -Description: "Allows users to query AWS VPC Network ACLs to retrieve detailed information about network access control lists in a specific AWS VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - network_acl_id, - arn, - vpc_id - from - aws_vpc_network_acl; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n network_acl_id,\n arn,\n vpc_id\nfrom\n aws_vpc_network_acl;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Network ACL +Title: Find AWS VPC Network ACLs Information diff --git a/queries/aws_vpc_network_acl_2.yaml b/queries/aws_vpc_network_acl_2.yaml index 610f9e71a..8d7d19570 100755 --- a/queries/aws_vpc_network_acl_2.yaml +++ b/queries/aws_vpc_network_acl_2.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS VPC Network ACLs to retrieve detailed information + about network access control lists in a specific AWS VPC. ID: aws_vpc_network_acl_2 -Title: "Find AWS VPC Network ACLs in a Specific VPC" -Description: "Allows users to query AWS VPC Network ACLs to retrieve detailed information about network access control lists in a specific AWS VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - network_acl_id, - vpc_id, - is_default - from - aws_vpc_network_acl - where - is_default = true; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n network_acl_id,\n vpc_id,\n is_default\nfrom\n aws_vpc_network_acl\n\ + where\n is_default = true;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Network ACL +Title: Find AWS VPC Network ACLs in a Specific VPC diff --git a/queries/aws_vpc_network_acl_3.yaml b/queries/aws_vpc_network_acl_3.yaml index 5a30ccf80..f13544622 100755 --- a/queries/aws_vpc_network_acl_3.yaml +++ b/queries/aws_vpc_network_acl_3.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS VPC Network ACLs to retrieve detailed information + about network access control lists in a specific AWS VPC. ID: aws_vpc_network_acl_3 -Title: "Find AWS VPC Network ACL Details" -Description: "Allows users to query AWS VPC Network ACLs to retrieve detailed information about network access control lists in a specific AWS VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - network_acl_id, - vpc_id, - association ->> 'SubnetId' as subnet_id, - association ->> 'NetworkAclAssociationId' as network_acl_association_id - from - aws_vpc_network_acl - cross join jsonb_array_elements(associations) as association; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n network_acl_id,\n vpc_id,\n association ->> 'SubnetId'\ + \ as subnet_id,\n association ->> 'NetworkAclAssociationId' as network_acl_association_id\n\ + from\n aws_vpc_network_acl\n cross join jsonb_array_elements(associations) as\ + \ association;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Network ACL +Title: Find AWS VPC Network ACL Details diff --git a/queries/aws_vpc_peering_connection_1.yaml b/queries/aws_vpc_peering_connection_1.yaml index d490462e5..8b938fbf3 100755 --- a/queries/aws_vpc_peering_connection_1.yaml +++ b/queries/aws_vpc_peering_connection_1.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query VPC Peering Connections in Amazon Virtual Private + Cloud (VPC). ID: aws_vpc_peering_connection_1 -Title: "List AWS VPC Peering Connections using SQL" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - accepter_owner_id, - accepter_region, - accepter_vpc_id, - expiration_time, - requester_owner_id, - requester_region, - requester_vpc_id - from - aws_vpc_peering_connection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n accepter_owner_id,\n accepter_region,\n accepter_vpc_id,\n\ + \ expiration_time,\n requester_owner_id,\n requester_region,\n requester_vpc_id\n\ + from\n aws_vpc_peering_connection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Virtual Private Cloud +Title: List AWS VPC Peering Connections using SQL diff --git a/queries/aws_vpc_peering_connection_2.yaml b/queries/aws_vpc_peering_connection_2.yaml index 30e53e1e2..e8467e110 100755 --- a/queries/aws_vpc_peering_connection_2.yaml +++ b/queries/aws_vpc_peering_connection_2.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query VPC Peering Connections in Amazon Virtual Private + Cloud (VPC). ID: aws_vpc_peering_connection_2 -Title: "Find Pending AWS VPC Peering Connections" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - accepter_vpc_id, - requester_vpc_id, - status_code, - status_message - from - aws_vpc_peering_connection - where - status_code = 'pending-acceptance'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n accepter_vpc_id,\n requester_vpc_id,\n status_code,\n\ + \ status_message\nfrom\n aws_vpc_peering_connection\nwhere\n status_code =\ + \ 'pending-acceptance';" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon VPC +Title: Find Pending AWS VPC Peering Connections diff --git a/queries/aws_vpc_peering_connection_3.yaml b/queries/aws_vpc_peering_connection_3.yaml index 5d301cb20..6d952328b 100755 --- a/queries/aws_vpc_peering_connection_3.yaml +++ b/queries/aws_vpc_peering_connection_3.yaml @@ -1,31 +1,25 @@ +Description: Allows users to query VPC Peering Connections in Amazon Virtual Private + Cloud (VPC). ID: aws_vpc_peering_connection_3 -Title: "Query All AWS VPC Peering Connections" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - requester_cidr_block, - requester_owner_id, - requester_region, - requester_vpc_id, - jsonb_pretty(requester_cidr_block_set) as requester_cidr_block_set, - jsonb_pretty(requester_ipv6_cidr_block_set) as requester_ipv6_cidr_block_set, - jsonb_pretty(requester_peering_options) as requester_peering_options - from - aws_vpc_peering_connection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n requester_cidr_block,\n requester_owner_id,\n\ + \ requester_region,\n requester_vpc_id,\n jsonb_pretty(requester_cidr_block_set)\ + \ as requester_cidr_block_set,\n jsonb_pretty(requester_ipv6_cidr_block_set)\ + \ as requester_ipv6_cidr_block_set,\n jsonb_pretty(requester_peering_options)\ + \ as requester_peering_options\nfrom\n aws_vpc_peering_connection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon VPC +Title: Query All AWS VPC Peering Connections diff --git a/queries/aws_vpc_peering_connection_4.yaml b/queries/aws_vpc_peering_connection_4.yaml index 302f40308..54e483388 100755 --- a/queries/aws_vpc_peering_connection_4.yaml +++ b/queries/aws_vpc_peering_connection_4.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query VPC Peering Connections in Amazon Virtual Private + Cloud (VPC). ID: aws_vpc_peering_connection_4 -Title: "List all AWS VPC Peering Connections" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - accepter_cidr_block, - accepter_owner_id, - accepter_region, - accepter_vpc_id, - jsonb_pretty(accepter_cidr_block_set) as accepter_cidr_block_set, - jsonb_pretty(accepter_ipv6_cidr_block_set) as accepter_ipv6_cidr_block_set, - jsonb_pretty(accepter_peering_options) as accepter_peering_options - from - aws_vpc_peering_connection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n accepter_cidr_block,\n accepter_owner_id,\n \ + \ accepter_region,\n accepter_vpc_id,\n jsonb_pretty(accepter_cidr_block_set)\ + \ as accepter_cidr_block_set,\n jsonb_pretty(accepter_ipv6_cidr_block_set) as\ + \ accepter_ipv6_cidr_block_set,\n jsonb_pretty(accepter_peering_options) as accepter_peering_options\n\ + from\n aws_vpc_peering_connection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Virtual Private Cloud (VPC) +Title: List all AWS VPC Peering Connections diff --git a/queries/aws_vpc_peering_connection_5.yaml b/queries/aws_vpc_peering_connection_5.yaml index 2c49ebf0f..393a894b9 100755 --- a/queries/aws_vpc_peering_connection_5.yaml +++ b/queries/aws_vpc_peering_connection_5.yaml @@ -1,33 +1,23 @@ +Description: Allows users to query VPC Peering Connections in Amazon Virtual Private + Cloud (VPC). ID: aws_vpc_peering_connection_5 -Title: "List all VPC Peering Connections in AWS" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - accepter_owner_id, - accepter_region, - accepter_vpc_id, - expiration_time, - requester_owner_id, - requester_region, - requester_vpc_id - from - aws_vpc_peering_connection - where - id in ('pcx-0a0403619dd2f3b24', 'pcx-048825e2c43ffd99e'); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n accepter_owner_id,\n accepter_region,\n accepter_vpc_id,\n\ + \ expiration_time,\n requester_owner_id,\n requester_region,\n requester_vpc_id\n\ + from\n aws_vpc_peering_connection\nwhere\n id in ('pcx-0a0403619dd2f3b24', 'pcx-048825e2c43ffd99e');" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon VPC +Title: List all VPC Peering Connections in AWS diff --git a/queries/aws_vpc_peering_connection_6.yaml b/queries/aws_vpc_peering_connection_6.yaml index 6bcc8392c..49753964b 100755 --- a/queries/aws_vpc_peering_connection_6.yaml +++ b/queries/aws_vpc_peering_connection_6.yaml @@ -1,24 +1,20 @@ +Description: Allows users to query VPC Peering Connections in Amazon Virtual Private + Cloud (VPC). ID: aws_vpc_peering_connection_6 -Title: "Find all VPC Peering Connections in AWS VPC" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - jsonb_pretty(tags) as tags, - jsonb_pretty(tags_src) as tags_src - from - aws_vpc_peering_connection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n jsonb_pretty(tags) as tags,\n jsonb_pretty(tags_src)\ + \ as tags_src\nfrom\n aws_vpc_peering_connection;" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Virtual Private Cloud +Title: Find all VPC Peering Connections in AWS VPC diff --git a/queries/aws_vpc_peering_connection_7.yaml b/queries/aws_vpc_peering_connection_7.yaml index b0e75ef3a..6dc19fdba 100755 --- a/queries/aws_vpc_peering_connection_7.yaml +++ b/queries/aws_vpc_peering_connection_7.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query VPC Peering Connections in Amazon Virtual Private + Cloud (VPC). ID: aws_vpc_peering_connection_7 -Title: "Find AWS VPC Peering Connections in Amazon VPC" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - tags ->> 'Name' as name - from - aws_vpc_peering_connection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n tags ->> 'Name' as name\nfrom\n aws_vpc_peering_connection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Virtual Private Cloud (VPC) +Title: Find AWS VPC Peering Connections in Amazon VPC diff --git a/queries/aws_vpc_peering_connection_8.yaml b/queries/aws_vpc_peering_connection_8.yaml index 6844cd0dd..b27677ad1 100755 --- a/queries/aws_vpc_peering_connection_8.yaml +++ b/queries/aws_vpc_peering_connection_8.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query VPC Peering Connections in Amazon Virtual Private + Cloud (VPC). ID: aws_vpc_peering_connection_8 -Title: "List all VPC Peering Connections in AWS VPC" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - v.id, - jsonb_pretty(tags) as tags - from - aws_vpc_peering_connection as v, - jsonb_each(tags) - where - key = 'turbot:TurbotCreatedPeeringConnection'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n v.id,\n jsonb_pretty(tags) as tags\nfrom\n aws_vpc_peering_connection\ + \ as v,\n jsonb_each(tags)\nwhere\n key = 'turbot:TurbotCreatedPeeringConnection';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Virtual Private Cloud (VPC) +Title: List all VPC Peering Connections in AWS VPC diff --git a/queries/aws_vpc_peering_connection_9.yaml b/queries/aws_vpc_peering_connection_9.yaml index 72a5afef0..558afe1f1 100755 --- a/queries/aws_vpc_peering_connection_9.yaml +++ b/queries/aws_vpc_peering_connection_9.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query VPC Peering Connections in Amazon Virtual Private + Cloud (VPC). ID: aws_vpc_peering_connection_9 -Title: "Find AWS VPC Peering Connections in Amazon VPC" -Description: "Allows users to query VPC Peering Connections in Amazon Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - jsonb_pretty(tags) as tags - from - aws_vpc_peering_connection - where - tags @> '{"Name": "vpc-0639e12347e5b6bfb <=> vpc-8e1234f5"}'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n jsonb_pretty(tags) as tags\nfrom\n aws_vpc_peering_connection\n\ + where\n tags @> '{\"Name\": \"vpc-0639e12347e5b6bfb <=> vpc-8e1234f5\"}';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Virtual Private Cloud +Title: Find AWS VPC Peering Connections in Amazon VPC diff --git a/queries/aws_vpc_route_1.yaml b/queries/aws_vpc_route_1.yaml index 55053fe0f..c5de3b9ef 100755 --- a/queries/aws_vpc_route_1.yaml +++ b/queries/aws_vpc_route_1.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS VPC Routes to retrieve detailed information + about each route in a route table within a VPC. ID: aws_vpc_route_1 -Title: "List all AWS VPC Routes Information using SQL" -Description: "Allows users to query AWS VPC Routes to retrieve detailed information about each route in a route table within a VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_table_id, - gateway_id - from - aws_vpc_route - where - gateway_id ilike 'igw%' - and destination_cidr_block = '0.0.0.0/0'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n route_table_id,\n gateway_id\nfrom\n aws_vpc_route\n\ + where\n gateway_id ilike 'igw%'\n and destination_cidr_block = '0.0.0.0/0';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPC Routes Information using SQL diff --git a/queries/aws_vpc_route_2.yaml b/queries/aws_vpc_route_2.yaml index b5865c971..b60398317 100755 --- a/queries/aws_vpc_route_2.yaml +++ b/queries/aws_vpc_route_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS VPC Routes to retrieve detailed information + about each route in a route table within a VPC. ID: aws_vpc_route_2 -Title: "Find AWS VPC Routes for Specific Route Table States" -Description: "Allows users to query AWS VPC Routes to retrieve detailed information about each route in a route table within a VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_table_id, - state - from - aws_vpc_route - where - state = 'blackhole'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n route_table_id,\n state\nfrom\n aws_vpc_route\nwhere\n\ + \ state = 'blackhole';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find AWS VPC Routes for Specific Route Table States diff --git a/queries/aws_vpc_route_3.yaml b/queries/aws_vpc_route_3.yaml index 207e3a614..1aa3421f6 100755 --- a/queries/aws_vpc_route_3.yaml +++ b/queries/aws_vpc_route_3.yaml @@ -1,36 +1,25 @@ +Description: Allows users to query AWS VPC Routes to retrieve detailed information + about each route in a route table within a VPC. ID: aws_vpc_route_3 -Title: "Find AWS VPC Routes and Retrieve Route Information" -Description: "Allows users to query AWS VPC Routes to retrieve detailed information about each route in a route table within a VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_table_id, - state, - destination_cidr_block, - destination_ipv6_cidr_block, - carrier_gateway_id, - destination_prefix_list_id, - egress_only_internet_gateway_id, - gateway_id, - instance_id, - nat_gateway_id, - network_interface_id, - transit_gateway_id, - vpc_peering_connection_id - from - aws_vpc_route; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n route_table_id,\n state,\n destination_cidr_block,\n\ + \ destination_ipv6_cidr_block,\n carrier_gateway_id,\n destination_prefix_list_id,\n\ + \ egress_only_internet_gateway_id,\n gateway_id,\n instance_id,\n nat_gateway_id,\n\ + \ network_interface_id,\n transit_gateway_id,\n vpc_peering_connection_id\n\ + from\n aws_vpc_route;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find AWS VPC Routes and Retrieve Route Information diff --git a/queries/aws_vpc_route_table_1.yaml b/queries/aws_vpc_route_table_1.yaml index 3cdbcb480..22c1ce80a 100755 --- a/queries/aws_vpc_route_table_1.yaml +++ b/queries/aws_vpc_route_table_1.yaml @@ -1,25 +1,20 @@ +Description: Allows users to query AWS VPC Route Tables and obtain detailed information + about each route table, including its associations, routes, and tags. ID: aws_vpc_route_table_1 -Title: "Find all AWS VPC Route Tables and their Details" -Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - count(route_table_id) as route_table_count - from - aws_vpc_route_table - group by - vpc_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_id,\n count(route_table_id) as route_table_count\n\ + from\n aws_vpc_route_table\ngroup by\n vpc_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Route Tables +Title: Find all AWS VPC Route Tables and their Details diff --git a/queries/aws_vpc_route_table_2.yaml b/queries/aws_vpc_route_table_2.yaml index d1dec4fe7..76a785497 100755 --- a/queries/aws_vpc_route_table_2.yaml +++ b/queries/aws_vpc_route_table_2.yaml @@ -1,30 +1,26 @@ +Description: Allows users to query AWS VPC Route Tables and obtain detailed information + about each route table, including its associations, routes, and tags. ID: aws_vpc_route_table_2 -Title: "List all AWS VPC Route Tables and Their Associations" -Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_table_id, - associations_detail -> 'AssociationState' ->> 'State' as state, - associations_detail -> 'GatewayId' as gateway_id, - associations_detail -> 'SubnetId' as subnet_id, - associations_detail -> 'RouteTableAssociationId' as route_table_association_id, - associations_detail -> 'Main' as main_route_table - from - aws_vpc_route_table - cross join jsonb_array_elements(associations) as associations_detail; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n route_table_id,\n associations_detail -> 'AssociationState'\ + \ ->> 'State' as state,\n associations_detail -> 'GatewayId' as gateway_id,\n\ + \ associations_detail -> 'SubnetId' as subnet_id,\n associations_detail -> 'RouteTableAssociationId'\ + \ as route_table_association_id,\n associations_detail -> 'Main' as main_route_table\n\ + from\n aws_vpc_route_table\n cross join jsonb_array_elements(associations) as\ + \ associations_detail;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPC Route Tables and Their Associations diff --git a/queries/aws_vpc_route_table_3.yaml b/queries/aws_vpc_route_table_3.yaml index 04d82f394..490fbda66 100755 --- a/queries/aws_vpc_route_table_3.yaml +++ b/queries/aws_vpc_route_table_3.yaml @@ -1,37 +1,31 @@ +Description: Allows users to query AWS VPC Route Tables and obtain detailed information + about each route table, including its associations, routes, and tags. ID: aws_vpc_route_table_3 -Title: "List all AWS VPC Route Tables with Detailed Info" -Description: "Allows users to query AWS VPC Route Tables and obtain detailed information about each route table, including its associations, routes, and tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - route_table_id, - route_detail -> 'CarrierGatewayId' ->> 'State' as carrier_gateway_id, - route_detail -> 'DestinationCidrBlock' as destination_CIDR_block, - route_detail -> 'DestinationIpv6CidrBlock' as destination_ipv6_CIDR_block, - route_detail -> 'EgressOnlyInternetGatewayId' as egress_only_internet_gateway, - route_detail -> 'GatewayId' as gateway_id, - route_detail -> 'InstanceId' as instance_id, - route_detail -> 'InstanceOwnerId' as instance_owner_id, - route_detail -> 'LocalGatewayId' as local_gateway_id, - route_detail -> 'NatGatewayId' as nat_gateway_id, - route_detail -> 'NetworkInterfaceId' as network_interface_id, - route_detail -> 'TransitGatewayId' as transit_gateway_id, - route_detail -> 'VpcPeeringConnectionId' as vpc_peering_connection_id - from - aws_vpc_route_table - cross join jsonb_array_elements(routes) as route_detail; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n route_table_id,\n route_detail -> 'CarrierGatewayId'\ + \ ->> 'State' as carrier_gateway_id,\n route_detail -> 'DestinationCidrBlock'\ + \ as destination_CIDR_block,\n route_detail -> 'DestinationIpv6CidrBlock' as\ + \ destination_ipv6_CIDR_block,\n route_detail -> 'EgressOnlyInternetGatewayId'\ + \ as egress_only_internet_gateway,\n route_detail -> 'GatewayId' as gateway_id,\n\ + \ route_detail -> 'InstanceId' as instance_id,\n route_detail -> 'InstanceOwnerId'\ + \ as instance_owner_id,\n route_detail -> 'LocalGatewayId' as local_gateway_id,\n\ + \ route_detail -> 'NatGatewayId' as nat_gateway_id,\n route_detail -> 'NetworkInterfaceId'\ + \ as network_interface_id,\n route_detail -> 'TransitGatewayId' as transit_gateway_id,\n\ + \ route_detail -> 'VpcPeeringConnectionId' as vpc_peering_connection_id\nfrom\n\ + \ aws_vpc_route_table\n cross join jsonb_array_elements(routes) as route_detail;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPC Route Tables with Detailed Info diff --git a/queries/aws_vpc_security_group_1.yaml b/queries/aws_vpc_security_group_1.yaml index be76419e5..b25e02df6 100755 --- a/queries/aws_vpc_security_group_1.yaml +++ b/queries/aws_vpc_security_group_1.yaml @@ -1,33 +1,28 @@ +Description: Allows users to query AWS VPC Security Groups and retrieve data such + as group ID, name, description, owner ID, and associated VPC ID. This table can + be used to gain insights on security group configurations, policies, and related + metadata. ID: aws_vpc_security_group_1 -Title: "List all AWS VPC Security Groups with SQL Queries" -Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - group_name, - vpc_id, - perm ->> 'FromPort' as from_port, - perm ->> 'ToPort' as to_port, - perm ->> 'IpProtocol' as ip_protocol, - perm ->> 'IpRanges' as ip_ranges, - perm ->> 'Ipv6Ranges' as ipv6_ranges, - perm ->> 'UserIdGroupPairs' as user_id_group_pairs, - perm ->> 'PrefixListIds' as prefix_list_ids - from - aws_vpc_security_group as sg - cross join jsonb_array_elements(ip_permissions) as perm; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n group_name,\n vpc_id,\n perm ->> 'FromPort' as from_port,\n\ + \ perm ->> 'ToPort' as to_port,\n perm ->> 'IpProtocol' as ip_protocol,\n perm\ + \ ->> 'IpRanges' as ip_ranges,\n perm ->> 'Ipv6Ranges' as ipv6_ranges,\n perm\ + \ ->> 'UserIdGroupPairs' as user_id_group_pairs,\n perm ->> 'PrefixListIds' as\ + \ prefix_list_ids\nfrom\n aws_vpc_security_group as sg\n cross join jsonb_array_elements(ip_permissions)\ + \ as perm;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPC Security Groups with SQL Queries diff --git a/queries/aws_vpc_security_group_2.yaml b/queries/aws_vpc_security_group_2.yaml index 103039fc3..aa41bceb4 100755 --- a/queries/aws_vpc_security_group_2.yaml +++ b/queries/aws_vpc_security_group_2.yaml @@ -1,48 +1,30 @@ +Description: Allows users to query AWS VPC Security Groups and retrieve data such + as group ID, name, description, owner ID, and associated VPC ID. This table can + be used to gain insights on security group configurations, policies, and related + metadata. ID: aws_vpc_security_group_2 -Title: "Find AWS VPC Security Groups and Their Configurations" -Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - sg.group_name, - sg.group_id, - sgr.type, - sgr.ip_protocol, - sgr.from_port, - sgr.to_port, - cidr_ip - from - aws_vpc_security_group as sg - join aws_vpc_security_group_rule as sgr on sg.group_name = sgr.group_name - where - sgr.type = 'ingress' - and sgr.cidr_ip = '0.0.0.0/0' - and ( - ( - sgr.ip_protocol = '-1' -- all traffic - and sgr.from_port is null - ) - or ( - sgr.from_port <= 22 - and sgr.to_port >= 22 - ) - or ( - sgr.from_port <= 3389 - and sgr.to_port >= 3389 - ) - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n sg.group_name,\n sg.group_id,\n sgr.type,\n sgr.ip_protocol,\n\ + \ sgr.from_port,\n sgr.to_port,\n cidr_ip\nfrom\n aws_vpc_security_group as\ + \ sg\n join aws_vpc_security_group_rule as sgr on sg.group_name = sgr.group_name\n\ + where\n sgr.type = 'ingress'\n and sgr.cidr_ip = '0.0.0.0/0'\n and (\n (\n\ + \ sgr.ip_protocol = '-1' -- all traffic\n and sgr.from_port is null\n\ + \ )\n or (\n sgr.from_port <= 22\n and sgr.to_port >= 22\n \ + \ )\n or (\n sgr.from_port <= 3389\n and sgr.to_port >= 3389\n \ + \ )\n );" Tags: cloud_identity_security: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find AWS VPC Security Groups and Their Configurations diff --git a/queries/aws_vpc_security_group_3.yaml b/queries/aws_vpc_security_group_3.yaml index 9d4a76c83..5cf91e639 100755 --- a/queries/aws_vpc_security_group_3.yaml +++ b/queries/aws_vpc_security_group_3.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query AWS VPC Security Groups and retrieve data such + as group ID, name, description, owner ID, and associated VPC ID. This table can + be used to gain insights on security group configurations, policies, and related + metadata. ID: aws_vpc_security_group_3 -Title: "List all AWS VPC Security Groups with Configurations" -Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - count(vpc_id) as count - from - aws_vpc_security_group - group by - vpc_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_id,\n count(vpc_id) as count\nfrom\n aws_vpc_security_group\n\ + group by\n vpc_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Security Group +Title: List all AWS VPC Security Groups with Configurations diff --git a/queries/aws_vpc_security_group_4.yaml b/queries/aws_vpc_security_group_4.yaml index 03d0af5d2..12dabb476 100755 --- a/queries/aws_vpc_security_group_4.yaml +++ b/queries/aws_vpc_security_group_4.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query AWS VPC Security Groups and retrieve data such + as group ID, name, description, owner ID, and associated VPC ID. This table can + be used to gain insights on security group configurations, policies, and related + metadata. ID: aws_vpc_security_group_4 -Title: "List all AWS VPC Security Groups and Metadata" -Description: "Allows users to query AWS VPC Security Groups and retrieve data such as group ID, name, description, owner ID, and associated VPC ID. This table can be used to gain insights on security group configurations, policies, and related metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - group_name, - group_id - from - aws_vpc_security_group - where - group_name like '%launch-wizard%'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n group_name,\n group_id\nfrom\n aws_vpc_security_group\n\ + where\n group_name like '%launch-wizard%';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPC Security Groups and Metadata diff --git a/queries/aws_vpc_security_group_rule_1.yaml b/queries/aws_vpc_security_group_rule_1.yaml index 03d976a76..580848df2 100755 --- a/queries/aws_vpc_security_group_rule_1.yaml +++ b/queries/aws_vpc_security_group_rule_1.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS VPC Security Group Rule, providing detailed + information about security group rules within Amazon Virtual Private Cloud (VPC). ID: aws_vpc_security_group_rule_1 -Title: "List AWS VPC Security Group Rules using SQL" -Description: "Allows users to query AWS VPC Security Group Rule, providing detailed information about security group rules within Amazon Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - security_group_rule_id, - group_id, - ip_protocol, - from_port, - to_port - from - aws_vpc_security_group_rule - where - cidr_ipv4 = '0.0.0.0/0' - and not is_egress; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n security_group_rule_id,\n group_id,\n ip_protocol,\n\ + \ from_port,\n to_port\nfrom\n aws_vpc_security_group_rule\nwhere\n cidr_ipv4\ + \ = '0.0.0.0/0'\n and not is_egress;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon VPC +Title: List AWS VPC Security Group Rules using SQL diff --git a/queries/aws_vpc_security_group_rule_2.yaml b/queries/aws_vpc_security_group_rule_2.yaml index d31a46edb..ca2e4df30 100755 --- a/queries/aws_vpc_security_group_rule_2.yaml +++ b/queries/aws_vpc_security_group_rule_2.yaml @@ -1,46 +1,26 @@ +Description: Allows users to query AWS VPC Security Group Rule, providing detailed + information about security group rules within Amazon Virtual Private Cloud (VPC). ID: aws_vpc_security_group_rule_2 -Title: "Find AWS VPC Security Group Rule - Query with Details" -Description: "Allows users to query AWS VPC Security Group Rule, providing detailed information about security group rules within Amazon Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - security_group_rule_id, - group_id, - ip_protocol, - from_port, - to_port, - cidr_ipv4 - from - aws_vpc_security_group_rule - where - not is_egress - and cidr_ipv4 = '0.0.0.0/0' - and ( - ( - ip_protocol = '-1' -- all traffic - and from_port is null - ) - or ( - from_port <= 22 - and to_port >= 22 - ) - or ( - from_port <= 3389 - and to_port >= 3389 - ) - ); - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n security_group_rule_id,\n group_id,\n ip_protocol,\n\ + \ from_port,\n to_port,\n cidr_ipv4\nfrom\n aws_vpc_security_group_rule\n\ + where\n not is_egress\n and cidr_ipv4 = '0.0.0.0/0'\n and (\n (\n ip_protocol\ + \ = '-1' -- all traffic\n and from_port is null\n )\n or (\n from_port\ + \ <= 22\n and to_port >= 22\n )\n or (\n from_port <= 3389\n \ + \ and to_port >= 3389\n )\n );" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Virtual Private Cloud (VPC) +Title: Find AWS VPC Security Group Rule - Query with Details diff --git a/queries/aws_vpc_security_group_rule_3.yaml b/queries/aws_vpc_security_group_rule_3.yaml index d11fec0b3..e948cd1f4 100755 --- a/queries/aws_vpc_security_group_rule_3.yaml +++ b/queries/aws_vpc_security_group_rule_3.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS VPC Security Group Rule, providing detailed + information about security group rules within Amazon Virtual Private Cloud (VPC). ID: aws_vpc_security_group_rule_3 -Title: "List all AWS VPC Security Group Rules" -Description: "Allows users to query AWS VPC Security Group Rule, providing detailed information about security group rules within Amazon Virtual Private Cloud (VPC)." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.security_group_rule_id, - r.ip_protocol, - r.from_port, - r.to_port, - r.cidr_ipv4, - r.group_id, - sg.group_name, - sg.vpc_id - from - aws_vpc_security_group_rule as r, - aws_vpc_security_group as sg - where - r.group_id = sg.group_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.security_group_rule_id,\n r.ip_protocol,\n r.from_port,\n\ + \ r.to_port,\n r.cidr_ipv4,\n r.group_id,\n sg.group_name,\n sg.vpc_id \n\ + from\n aws_vpc_security_group_rule as r,\n aws_vpc_security_group as sg \nwhere\n\ + \ r.group_id = sg.group_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon Virtual Private Cloud +Title: List all AWS VPC Security Group Rules diff --git a/queries/aws_vpc_subnet_1.yaml b/queries/aws_vpc_subnet_1.yaml index 4421ea96d..e2257a8a5 100755 --- a/queries/aws_vpc_subnet_1.yaml +++ b/queries/aws_vpc_subnet_1.yaml @@ -1,30 +1,24 @@ +Description: Allows users to query AWS VPC Subnets and obtain detailed information + about each subnet, including its configuration, associated VPC, availability zone, + and CIDR block. ID: aws_vpc_subnet_1 -Title: "List all AWS VPC Subnets with Detailed Information" -Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - subnet_id, - cidr_block, - assign_ipv6_address_on_creation, - map_customer_owned_ip_on_launch, - map_public_ip_on_launch, - ipv6_cidr_block_association_set - from - aws_vpc_subnet; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_id,\n subnet_id,\n cidr_block,\n assign_ipv6_address_on_creation,\n\ + \ map_customer_owned_ip_on_launch,\n map_public_ip_on_launch,\n ipv6_cidr_block_association_set\n\ + from\n aws_vpc_subnet;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPC Subnets with Detailed Information diff --git a/queries/aws_vpc_subnet_2.yaml b/queries/aws_vpc_subnet_2.yaml index 4eaf42523..080c1fd86 100755 --- a/queries/aws_vpc_subnet_2.yaml +++ b/queries/aws_vpc_subnet_2.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS VPC Subnets and obtain detailed information + about each subnet, including its configuration, associated VPC, availability zone, + and CIDR block. ID: aws_vpc_subnet_2 -Title: "List all AWS VPC Subnets with Details" -Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - subnet_id, - availability_zone, - availability_zone_id - from - aws_vpc_subnet - order by - vpc_id, - availability_zone; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_id,\n subnet_id,\n availability_zone,\n availability_zone_id\n\ + from\n aws_vpc_subnet\norder by\n vpc_id,\n availability_zone;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPC Subnets with Details diff --git a/queries/aws_vpc_subnet_3.yaml b/queries/aws_vpc_subnet_3.yaml index 9bd0314d4..6f2d30609 100755 --- a/queries/aws_vpc_subnet_3.yaml +++ b/queries/aws_vpc_subnet_3.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS VPC Subnets and obtain detailed information + about each subnet, including its configuration, associated VPC, availability zone, + and CIDR block. ID: aws_vpc_subnet_3 -Title: "Find AWS VPC Subnets Information including CIDR Blocks" -Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - subnet_id, - cidr_block, - available_ip_address_count, - power(2, 32 - masklen(cidr_block :: cidr)) -1 as raw_size - from - aws_vpc_subnet; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n subnet_id,\n cidr_block,\n available_ip_address_count,\n\ + \ power(2, 32 - masklen(cidr_block :: cidr)) -1 as raw_size\nfrom\n aws_vpc_subnet;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find AWS VPC Subnets Information including CIDR Blocks diff --git a/queries/aws_vpc_subnet_4.yaml b/queries/aws_vpc_subnet_4.yaml index cd2d5f2b5..619375143 100755 --- a/queries/aws_vpc_subnet_4.yaml +++ b/queries/aws_vpc_subnet_4.yaml @@ -1,27 +1,25 @@ +Description: Allows users to query AWS VPC Subnets and obtain detailed information + about each subnet, including its configuration, associated VPC, availability zone, + and CIDR block. ID: aws_vpc_subnet_4 -Title: "Find AWS VPC Subnets with Configuration Details" -Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - associations_detail ->> 'SubnetId' as subnet_id, - route_table_id - from - aws_vpc_route_table as rt - cross join jsonb_array_elements(associations) as associations_detail - join aws_vpc_subnet as sub on sub.subnet_id = associations_detail ->> 'SubnetId'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n associations_detail ->> 'SubnetId' as subnet_id,\n route_table_id\n\ + from\n aws_vpc_route_table as rt\n cross join jsonb_array_elements(associations)\ + \ as associations_detail\n join aws_vpc_subnet as sub on sub.subnet_id = associations_detail\ + \ ->> 'SubnetId';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find AWS VPC Subnets with Configuration Details diff --git a/queries/aws_vpc_subnet_5.yaml b/queries/aws_vpc_subnet_5.yaml index 336fb6409..a0b0b39a4 100755 --- a/queries/aws_vpc_subnet_5.yaml +++ b/queries/aws_vpc_subnet_5.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS VPC Subnets and obtain detailed information + about each subnet, including its configuration, associated VPC, availability zone, + and CIDR block. ID: aws_vpc_subnet_5 -Title: "List all AWS VPC Subnets and Obtain Detailed Information" -Description: "Allows users to query AWS VPC Subnets and obtain detailed information about each subnet, including its configuration, associated VPC, availability zone, and CIDR block." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpc_id, - count(subnet_id) as subnet_count - from - aws_vpc_subnet - group by - vpc_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpc_id,\n count(subnet_id) as subnet_count\nfrom\n \ + \ aws_vpc_subnet\ngroup by\n vpc_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPC Subnets and Obtain Detailed Information diff --git a/queries/aws_vpc_verified_access_endpoint_1.yaml b/queries/aws_vpc_verified_access_endpoint_1.yaml index 394b68c7b..eecb16a3b 100755 --- a/queries/aws_vpc_verified_access_endpoint_1.yaml +++ b/queries/aws_vpc_verified_access_endpoint_1.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS VPC Verified Access Endpoint data, including + details about the endpoint configuration, service name, and VPC ID. This information + can be used to manage and secure network access to services within an AWS Virtual + Private Cloud. ID: aws_vpc_verified_access_endpoint_1 -Title: "List all AWS VPC Verified Access Endpoint Details" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_endpoint_id, - verified_access_instance_id, - verified_access_group_id, - creation_time, - verified_access_instance_id, - domain_certificate_arn, - device_validation_domain, - status_code - from - aws_vpc_verified_access_endpoint; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n verified_access_endpoint_id,\n verified_access_instance_id,\n\ + \ verified_access_group_id,\n creation_time,\n verified_access_instance_id,\n\ + \ domain_certificate_arn,\n device_validation_domain,\n status_code\nfrom\n\ + \ aws_vpc_verified_access_endpoint;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Verified Access Endpoint +Title: List all AWS VPC Verified Access Endpoint Details diff --git a/queries/aws_vpc_verified_access_endpoint_2.yaml b/queries/aws_vpc_verified_access_endpoint_2.yaml index da5018850..4c2affd9c 100755 --- a/queries/aws_vpc_verified_access_endpoint_2.yaml +++ b/queries/aws_vpc_verified_access_endpoint_2.yaml @@ -1,31 +1,27 @@ +Description: Allows users to query AWS VPC Verified Access Endpoint data, including + details about the endpoint configuration, service name, and VPC ID. This information + can be used to manage and secure network access to services within an AWS Virtual + Private Cloud. ID: aws_vpc_verified_access_endpoint_2 -Title: "List All AWS VPC Verified Access Endpoint Data" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_endpoint_id, - creation_time, - description, - status_code - from - aws_vpc_verified_access_endpoint - where - creation_time <= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n verified_access_endpoint_id,\n creation_time,\n description,\n\ + \ status_code\nfrom\n aws_vpc_verified_access_endpoint\nwhere\n creation_time\ + \ <= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Verified Access Endpoint +Title: List All AWS VPC Verified Access Endpoint Data diff --git a/queries/aws_vpc_verified_access_endpoint_3.yaml b/queries/aws_vpc_verified_access_endpoint_3.yaml index 30bd74a5c..61dde99d2 100755 --- a/queries/aws_vpc_verified_access_endpoint_3.yaml +++ b/queries/aws_vpc_verified_access_endpoint_3.yaml @@ -1,31 +1,25 @@ +Description: Allows users to query AWS VPC Verified Access Endpoint data, including + details about the endpoint configuration, service name, and VPC ID. This information + can be used to manage and secure network access to services within an AWS Virtual + Private Cloud. ID: aws_vpc_verified_access_endpoint_3 -Title: "List all AWS VPC Verified Access Endpoint data with SQL" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_endpoint_id, - status_code, - creation_time, - deletion_time, - description, - device_validation_domain - from - aws_vpc_verified_access_endpoint - where - status_code <> 'active'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n verified_access_endpoint_id,\n status_code,\n creation_time,\n\ + \ deletion_time,\n description,\n device_validation_domain\nfrom\n aws_vpc_verified_access_endpoint\n\ + where\n status_code <> 'active';" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPC Verified Access Endpoint data with SQL diff --git a/queries/aws_vpc_verified_access_endpoint_4.yaml b/queries/aws_vpc_verified_access_endpoint_4.yaml index c2a8dcdc4..30f17d363 100755 --- a/queries/aws_vpc_verified_access_endpoint_4.yaml +++ b/queries/aws_vpc_verified_access_endpoint_4.yaml @@ -1,32 +1,28 @@ +Description: Allows users to query AWS VPC Verified Access Endpoint data, including + details about the endpoint configuration, service name, and VPC ID. This information + can be used to manage and secure network access to services within an AWS Virtual + Private Cloud. ID: aws_vpc_verified_access_endpoint_4 -Title: "List all AWS VPC Verified Access Endpoint Configs" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.verified_access_endpoint_id, - e.creation_time, - g.verified_access_group_id, - g.creation_time as group_create_time - from - aws_vpc_verified_access_endpoint as e, - aws_vpc_verified_access_group as g - where - e.verified_access_group_id = g.verified_access_group_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n e.verified_access_endpoint_id,\n e.creation_time,\n\ + \ g.verified_access_group_id,\n g.creation_time as group_create_time\nfrom\n\ + \ aws_vpc_verified_access_endpoint as e,\n aws_vpc_verified_access_group as\ + \ g\nwhere\n e.verified_access_group_id = g.verified_access_group_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS VPC +Title: List all AWS VPC Verified Access Endpoint Configs diff --git a/queries/aws_vpc_verified_access_endpoint_5.yaml b/queries/aws_vpc_verified_access_endpoint_5.yaml index 9864351c1..265822505 100755 --- a/queries/aws_vpc_verified_access_endpoint_5.yaml +++ b/queries/aws_vpc_verified_access_endpoint_5.yaml @@ -1,31 +1,27 @@ +Description: Allows users to query AWS VPC Verified Access Endpoint data, including + details about the endpoint configuration, service name, and VPC ID. This information + can be used to manage and secure network access to services within an AWS Virtual + Private Cloud. ID: aws_vpc_verified_access_endpoint_5 -Title: "List Verified Access Endpoints in AWS VPC" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.verified_access_group_id, - e.creation_time, - i.creation_time as instance_create_time, - i.verified_access_instance_id, - jsonb_pretty(i.verified_access_trust_providers) as verified_access_trust_providers - from - aws_vpc_verified_access_endpoint as e, - aws_vpc_verified_access_instance as i - where - e.verified_access_instance_id = i.verified_access_instance_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n e.verified_access_group_id,\n e.creation_time,\n i.creation_time\ + \ as instance_create_time,\n i.verified_access_instance_id,\n jsonb_pretty(i.verified_access_trust_providers)\ + \ as verified_access_trust_providers\nfrom\n aws_vpc_verified_access_endpoint\ + \ as e,\n aws_vpc_verified_access_instance as i\nwhere\n e.verified_access_instance_id\ + \ = i.verified_access_instance_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Verified Access Endpoint +Title: List Verified Access Endpoints in AWS VPC diff --git a/queries/aws_vpc_verified_access_endpoint_6.yaml b/queries/aws_vpc_verified_access_endpoint_6.yaml index 632ac950a..618badee3 100755 --- a/queries/aws_vpc_verified_access_endpoint_6.yaml +++ b/queries/aws_vpc_verified_access_endpoint_6.yaml @@ -1,27 +1,24 @@ +Description: Allows users to query AWS VPC Verified Access Endpoint data, including + details about the endpoint configuration, service name, and VPC ID. This information + can be used to manage and secure network access to services within an AWS Virtual + Private Cloud. ID: aws_vpc_verified_access_endpoint_6 -Title: "List all AWS VPC Verified Access Endpoints configuration" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_instance_id, - count(verified_access_endpoint_id) as instance_count - from - aws_vpc_verified_access_endpoint - group by - verified_access_instance_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n verified_access_instance_id,\n count(verified_access_endpoint_id)\ + \ as instance_count\nfrom\n aws_vpc_verified_access_endpoint\ngroup by\n verified_access_instance_id;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Verified Access Endpoint +Title: List all AWS VPC Verified Access Endpoints configuration diff --git a/queries/aws_vpc_verified_access_endpoint_7.yaml b/queries/aws_vpc_verified_access_endpoint_7.yaml index 6642f0462..eac884021 100755 --- a/queries/aws_vpc_verified_access_endpoint_7.yaml +++ b/queries/aws_vpc_verified_access_endpoint_7.yaml @@ -1,32 +1,26 @@ +Description: Allows users to query AWS VPC Verified Access Endpoint data, including + details about the endpoint configuration, service name, and VPC ID. This information + can be used to manage and secure network access to services within an AWS Virtual + Private Cloud. ID: aws_vpc_verified_access_endpoint_7 -Title: "List AWS VPC Verified Access Endpoints and Network Interface" -Description: "Allows users to query AWS VPC Verified Access Endpoint data, including details about the endpoint configuration, service name, and VPC ID. This information can be used to manage and secure network access to services within an AWS Virtual Private Cloud." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - e.verified_access_endpoint_id, - i.network_interface_id, - i.interface_type, - i.private_ip_address, - i.association_public_ip, - jsonb_pretty(i.groups) as security_groups - from - aws_vpc_verified_access_endpoint as e, - aws_ec2_network_interface as i - where - e.network_interface_options ->> 'NetworkInterfaceId' = i.network_interface_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n e.verified_access_endpoint_id,\n i.network_interface_id,\n\ + \ i.interface_type,\n i.private_ip_address,\n i.association_public_ip,\n jsonb_pretty(i.groups)\ + \ as security_groups\nfrom\n aws_vpc_verified_access_endpoint as e,\n aws_ec2_network_interface\ + \ as i\nwhere\n e.network_interface_options ->> 'NetworkInterfaceId' = i.network_interface_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS VPC +Title: List AWS VPC Verified Access Endpoints and Network Interface diff --git a/queries/aws_vpc_verified_access_group_1.yaml b/queries/aws_vpc_verified_access_group_1.yaml index cf3399d8d..97b5db816 100755 --- a/queries/aws_vpc_verified_access_group_1.yaml +++ b/queries/aws_vpc_verified_access_group_1.yaml @@ -1,29 +1,24 @@ +Description: Allows users to query VPC Verified Access Groups within AWS Virtual Private + Cloud (VPC). This table provides information about each verified access group within + a VPC, including details such as group ID, group name, and the VPC ID it is associated + with. ID: aws_vpc_verified_access_group_1 -Title: "List all AWS VPC Verified Access Groups with Details" -Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_group_id, - arn, - verified_access_instance_id, - creation_time, - description, - last_updated_time - from - aws_vpc_verified_access_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n verified_access_group_id,\n arn,\n verified_access_instance_id,\n\ + \ creation_time,\n description,\n last_updated_time\nfrom\n aws_vpc_verified_access_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Virtual Private Cloud +Title: List all AWS VPC Verified Access Groups with Details diff --git a/queries/aws_vpc_verified_access_group_2.yaml b/queries/aws_vpc_verified_access_group_2.yaml index 6e9a73b2f..993c2ab89 100755 --- a/queries/aws_vpc_verified_access_group_2.yaml +++ b/queries/aws_vpc_verified_access_group_2.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query VPC Verified Access Groups within AWS Virtual Private + Cloud (VPC). This table provides information about each verified access group within + a VPC, including details such as group ID, group name, and the VPC ID it is associated + with. ID: aws_vpc_verified_access_group_2 -Title: "List all VPC Verified Access Groups in AWS" -Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_group_id, - creation_time, - description, - last_updated_time - from - aws_vpc_verified_access_group - where - creation_time <= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n verified_access_group_id,\n creation_time,\n description,\n\ + \ last_updated_time\nfrom\n aws_vpc_verified_access_group\nwhere\n creation_time\ + \ <= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all VPC Verified Access Groups in AWS diff --git a/queries/aws_vpc_verified_access_group_3.yaml b/queries/aws_vpc_verified_access_group_3.yaml index 214509658..671eb9326 100755 --- a/queries/aws_vpc_verified_access_group_3.yaml +++ b/queries/aws_vpc_verified_access_group_3.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query VPC Verified Access Groups within AWS Virtual Private + Cloud (VPC). This table provides information about each verified access group within + a VPC, including details such as group ID, group name, and the VPC ID it is associated + with. ID: aws_vpc_verified_access_group_3 -Title: "List all AWS VPC Verified Access Groups Information" -Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_group_id, - creation_time, - deletion_time, - description, - last_updated_time - from - aws_vpc_verified_access_group - where - deletion_time is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n verified_access_group_id,\n creation_time,\n deletion_time,\n\ + \ description,\n last_updated_time\nfrom\n aws_vpc_verified_access_group\n\ + where\n deletion_time is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Virtual Private Cloud +Title: List all AWS VPC Verified Access Groups Information diff --git a/queries/aws_vpc_verified_access_group_4.yaml b/queries/aws_vpc_verified_access_group_4.yaml index d4431fa47..04818d615 100755 --- a/queries/aws_vpc_verified_access_group_4.yaml +++ b/queries/aws_vpc_verified_access_group_4.yaml @@ -1,31 +1,27 @@ +Description: Allows users to query VPC Verified Access Groups within AWS Virtual Private + Cloud (VPC). This table provides information about each verified access group within + a VPC, including details such as group ID, group name, and the VPC ID it is associated + with. ID: aws_vpc_verified_access_group_4 -Title: "List AWS VPC Verified Access Groups within AWS VPC" -Description: "Allows users to query VPC Verified Access Groups within AWS Virtual Private Cloud (VPC). This table provides information about each verified access group within a VPC, including details such as group ID, group name, and the VPC ID it is associated with." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - g.verified_access_group_id, - g.creation_time, - i.creation_time as instance_create_time, - i.verified_access_instance_id, - jsonb_pretty(i.verified_access_trust_providers) as verified_access_trust_providers - from - aws_vpc_verified_access_group as g, - aws_vpc_verified_access_instance as i - where - g.verified_access_instance_id = i.verified_access_instance_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n g.verified_access_group_id,\n g.creation_time,\n i.creation_time\ + \ as instance_create_time,\n i.verified_access_instance_id,\n jsonb_pretty(i.verified_access_trust_providers)\ + \ as verified_access_trust_providers\nfrom\n aws_vpc_verified_access_group as\ + \ g,\n aws_vpc_verified_access_instance as i\nwhere\n g.verified_access_instance_id\ + \ = i.verified_access_instance_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Virtual Private Cloud +Title: List AWS VPC Verified Access Groups within AWS VPC diff --git a/queries/aws_vpc_verified_access_instance_1.yaml b/queries/aws_vpc_verified_access_instance_1.yaml index 31e91e848..fa0a24114 100755 --- a/queries/aws_vpc_verified_access_instance_1.yaml +++ b/queries/aws_vpc_verified_access_instance_1.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS VPC Verified Access Instances and provides + information about the Amazon VPC verified access instances. This table can be used + to gather details such as the instance ID, instance state, instance type, and associated + tags. ID: aws_vpc_verified_access_instance_1 -Title: "List AWS VPC Verified Access Instance Information" -Description: "Allows users to query AWS VPC Verified Access Instances and provides information about the Amazon VPC verified access instances. This table can be used to gather details such as the instance ID, instance state, instance type, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_instance_id, - creation_time, - description, - last_updated_time, - verified_access_trust_providers - from - aws_vpc_verified_access_instance; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n verified_access_instance_id,\n creation_time,\n description,\n\ + \ last_updated_time,\n verified_access_trust_providers\nfrom\n aws_vpc_verified_access_instance;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon VPC +Title: List AWS VPC Verified Access Instance Information diff --git a/queries/aws_vpc_verified_access_instance_2.yaml b/queries/aws_vpc_verified_access_instance_2.yaml index f1c9140c1..6ee2f78a6 100755 --- a/queries/aws_vpc_verified_access_instance_2.yaml +++ b/queries/aws_vpc_verified_access_instance_2.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query AWS VPC Verified Access Instances and provides + information about the Amazon VPC verified access instances. This table can be used + to gather details such as the instance ID, instance state, instance type, and associated + tags. ID: aws_vpc_verified_access_instance_2 -Title: "Find AWS VPC Verified Access Instances with Details" -Description: "Allows users to query AWS VPC Verified Access Instances and provides information about the Amazon VPC verified access instances. This table can be used to gather details such as the instance ID, instance state, instance type, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_instance_id, - creation_time, - description, - last_updated_time - from - aws_vpc_verified_access_instance - where - creation_time <= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n verified_access_instance_id,\n creation_time,\n description,\n\ + \ last_updated_time\nfrom\n aws_vpc_verified_access_instance\nwhere\n creation_time\ + \ <= now() - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Verified Access +Title: Find AWS VPC Verified Access Instances with Details diff --git a/queries/aws_vpc_verified_access_instance_3.yaml b/queries/aws_vpc_verified_access_instance_3.yaml index e9f5fe6d7..15e269699 100755 --- a/queries/aws_vpc_verified_access_instance_3.yaml +++ b/queries/aws_vpc_verified_access_instance_3.yaml @@ -1,35 +1,30 @@ +Description: Allows users to query AWS VPC Verified Access Instances and provides + information about the Amazon VPC verified access instances. This table can be used + to gather details such as the instance ID, instance state, instance type, and associated + tags. ID: aws_vpc_verified_access_instance_3 -Title: "List all AWS VPC Verified Access Instances and Details" -Description: "Allows users to query AWS VPC Verified Access Instances and provides information about the Amazon VPC verified access instances. This table can be used to gather details such as the instance ID, instance state, instance type, and associated tags." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - i.verified_access_instance_id, - i.creation_time, - p ->> 'Description' as trust_provider_description, - p ->> 'TrustProviderType' as trust_provider_type, - p ->> 'UserTrustProviderType' as user_trust_provider_type, - p ->> 'DeviceTrustProviderType' as device_trust_provider_type, - p ->> 'VerifiedAccessTrustProviderId' as verified_access_trust_provider_id, - t.policy_reference_name as trust_access_policy_reference_name - from - aws_vpc_verified_access_instance as i, - aws_vpc_verified_access_trust_provider as t, - jsonb_array_elements(verified_access_trust_providers) as p - where - p ->> 'VerifiedAccessTrustProviderId' = t.verified_access_trust_provider_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n i.verified_access_instance_id,\n i.creation_time,\n\ + \ p ->> 'Description' as trust_provider_description,\n p ->> 'TrustProviderType'\ + \ as trust_provider_type,\n p ->> 'UserTrustProviderType' as user_trust_provider_type,\n\ + \ p ->> 'DeviceTrustProviderType' as device_trust_provider_type,\n p ->> 'VerifiedAccessTrustProviderId'\ + \ as verified_access_trust_provider_id,\n t.policy_reference_name as trust_access_policy_reference_name\n\ + from\n aws_vpc_verified_access_instance as i,\n aws_vpc_verified_access_trust_provider\ + \ as t,\n jsonb_array_elements(verified_access_trust_providers) as p\nwhere\n\ + \ p ->> 'VerifiedAccessTrustProviderId' = t.verified_access_trust_provider_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List all AWS VPC Verified Access Instances and Details diff --git a/queries/aws_vpc_verified_access_trust_provider_1.yaml b/queries/aws_vpc_verified_access_trust_provider_1.yaml index 696852fc8..464ecbfd4 100755 --- a/queries/aws_vpc_verified_access_trust_provider_1.yaml +++ b/queries/aws_vpc_verified_access_trust_provider_1.yaml @@ -1,27 +1,23 @@ +Description: Allows users to query AWS VPC Verified Access Trust Providers, providing + information about the trust providers for VPC endpoints in AWS. This table can be + used to gain insights into the trust relationships between VPC endpoints and the + services they access. ID: aws_vpc_verified_access_trust_provider_1 -Title: "List AWS VPC Verified Access Trust Providers" -Description: "Allows users to query AWS VPC Verified Access Trust Providers, providing information about the trust providers for VPC endpoints in AWS. This table can be used to gain insights into the trust relationships between VPC endpoints and the services they access." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_trust_provider_id, - creation_time, - device_trust_provider_type, - last_updated_time, - policy_reference_name, - trust_provider_type - from - aws_vpc_verified_access_trust_provider; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n verified_access_trust_provider_id,\n creation_time,\n\ + \ device_trust_provider_type,\n last_updated_time,\n policy_reference_name,\n\ + \ trust_provider_type\nfrom\n aws_vpc_verified_access_trust_provider;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Verified Access +Title: List AWS VPC Verified Access Trust Providers diff --git a/queries/aws_vpc_verified_access_trust_provider_2.yaml b/queries/aws_vpc_verified_access_trust_provider_2.yaml index 638a6103e..e0696f593 100755 --- a/queries/aws_vpc_verified_access_trust_provider_2.yaml +++ b/queries/aws_vpc_verified_access_trust_provider_2.yaml @@ -1,31 +1,26 @@ +Description: Allows users to query AWS VPC Verified Access Trust Providers, providing + information about the trust providers for VPC endpoints in AWS. This table can be + used to gain insights into the trust relationships between VPC endpoints and the + services they access. ID: aws_vpc_verified_access_trust_provider_2 -Title: "List AWS VPC Verified Access Trust Providers' Details" -Description: "Allows users to query AWS VPC Verified Access Trust Providers, providing information about the trust providers for VPC endpoints in AWS. This table can be used to gain insights into the trust relationships between VPC endpoints and the services they access." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_trust_provider_id, - creation_time, - device_trust_provider_type, - last_updated_time, - policy_reference_name, - trust_provider_type - from - aws_vpc_verified_access_trust_provider - where - trust_provider_type = 'user'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n verified_access_trust_provider_id,\n creation_time,\n\ + \ device_trust_provider_type,\n last_updated_time,\n policy_reference_name,\n\ + \ trust_provider_type\nfrom\n aws_vpc_verified_access_trust_provider\nwhere\n\ + \ trust_provider_type = 'user';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC Verified Access +Title: List AWS VPC Verified Access Trust Providers' Details diff --git a/queries/aws_vpc_verified_access_trust_provider_3.yaml b/queries/aws_vpc_verified_access_trust_provider_3.yaml index ae175b92b..4f15ae666 100755 --- a/queries/aws_vpc_verified_access_trust_provider_3.yaml +++ b/queries/aws_vpc_verified_access_trust_provider_3.yaml @@ -1,30 +1,26 @@ +Description: Allows users to query AWS VPC Verified Access Trust Providers, providing + information about the trust providers for VPC endpoints in AWS. This table can be + used to gain insights into the trust relationships between VPC endpoints and the + services they access. ID: aws_vpc_verified_access_trust_provider_3 -Title: "List VPC Verified Access Trust Providers in AWS" -Description: "Allows users to query AWS VPC Verified Access Trust Providers, providing information about the trust providers for VPC endpoints in AWS. This table can be used to gain insights into the trust relationships between VPC endpoints and the services they access." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - verified_access_trust_provider_id, - creation_time, - last_updated_time, - policy_reference_name, - trust_provider_type - from - aws_vpc_verified_access_trust_provider - where - creation_time >= now() - interval '90' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n verified_access_trust_provider_id,\n creation_time,\n\ + \ last_updated_time,\n policy_reference_name,\n trust_provider_type\nfrom\n\ + \ aws_vpc_verified_access_trust_provider\nwhere\n creation_time >= now() - interval\ + \ '90' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: List VPC Verified Access Trust Providers in AWS diff --git a/queries/aws_vpc_vpn_connection_1.yaml b/queries/aws_vpc_vpn_connection_1.yaml index e22ff4f74..d0aac8d12 100755 --- a/queries/aws_vpc_vpn_connection_1.yaml +++ b/queries/aws_vpc_vpn_connection_1.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query VPN connections in an AWS VPC. ID: aws_vpc_vpn_connection_1 -Title: "List all VPN Connections in an AWS VPC" -Description: "Allows users to query VPN connections in an AWS VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpn_connection_id, - state, - type, - vpn_gateway_id, - customer_gateway_id, - region - from - aws_vpc_vpn_connection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpn_connection_id,\n state,\n type,\n vpn_gateway_id,\n\ + \ customer_gateway_id,\n region\nfrom\n aws_vpc_vpn_connection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC VPN +Title: List all VPN Connections in an AWS VPC diff --git a/queries/aws_vpc_vpn_connection_2.yaml b/queries/aws_vpc_vpn_connection_2.yaml index d6b85ec69..cc0342377 100755 --- a/queries/aws_vpc_vpn_connection_2.yaml +++ b/queries/aws_vpc_vpn_connection_2.yaml @@ -1,32 +1,26 @@ +Description: Allows users to query VPN connections in an AWS VPC. ID: aws_vpc_vpn_connection_2 -Title: "Find VPN Connections in AWS VPC" -Description: "Allows users to query VPN connections in an AWS VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpn_connection_id, - options -> 'EnableAcceleration' as enable_acceleration, - options ->> 'LocalIpv4NetworkCidr' as local_ipv4_network_cidr, - options ->> 'LocalIpv6NetworkCidr' as local_ipv6_network_cidr, - options ->> 'RemoteIpv4NetworkCidr' as remote_ipv4_network_cidr, - options ->> 'RemoteIpv6NetworkCidr' as remote_ipv6_network_cidr, - options -> 'StaticRoutesOnly' as static_routes_only, - options ->> 'TunnelInsideIpVersion' as tunnel_inside_ip_version, - options ->> 'TunnelOptions' as tunnel_options - from - aws_vpc_vpn_connection; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpn_connection_id,\n options -> 'EnableAcceleration'\ + \ as enable_acceleration,\n options ->> 'LocalIpv4NetworkCidr' as local_ipv4_network_cidr,\n\ + \ options ->> 'LocalIpv6NetworkCidr' as local_ipv6_network_cidr,\n options ->>\ + \ 'RemoteIpv4NetworkCidr' as remote_ipv4_network_cidr,\n options ->> 'RemoteIpv6NetworkCidr'\ + \ as remote_ipv6_network_cidr,\n options -> 'StaticRoutesOnly' as static_routes_only,\n\ + \ options ->> 'TunnelInsideIpVersion' as tunnel_inside_ip_version,\n options\ + \ ->> 'TunnelOptions' as tunnel_options\nfrom\n aws_vpc_vpn_connection;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC VPN +Title: Find VPN Connections in AWS VPC diff --git a/queries/aws_vpc_vpn_connection_3.yaml b/queries/aws_vpc_vpn_connection_3.yaml index e0d2b44a9..90a8f91e5 100755 --- a/queries/aws_vpc_vpn_connection_3.yaml +++ b/queries/aws_vpc_vpn_connection_3.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query VPN connections in an AWS VPC. ID: aws_vpc_vpn_connection_3 -Title: "Find AWS VPC VPN Connection Using SQL" -Description: "Allows users to query VPN connections in an AWS VPC." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpn_connection_id, - arn, - t ->> 'Status' as status - from - aws_vpc_vpn_connection, - jsonb_array_elements(vgw_telemetry) as t - where t ->> 'Status' = 'UP'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpn_connection_id,\n arn,\n t ->> 'Status' as status\n\ + from\n aws_vpc_vpn_connection,\n jsonb_array_elements(vgw_telemetry) as t\n\ + where t ->> 'Status' = 'UP';" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC +Title: Find AWS VPC VPN Connection Using SQL diff --git a/queries/aws_vpc_vpn_gateway_1.yaml b/queries/aws_vpc_vpn_gateway_1.yaml index e607430bb..66a5e1e14 100755 --- a/queries/aws_vpc_vpn_gateway_1.yaml +++ b/queries/aws_vpc_vpn_gateway_1.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS VPC VPN Gateway data, providing details about + Virtual Private Cloud (VPC) VPN gateways in an AWS account. ID: aws_vpc_vpn_gateway_1 -Title: "Find AWS VPC VPN Gateway Details with SQL" -Description: "Allows users to query AWS VPC VPN Gateway data, providing details about Virtual Private Cloud (VPC) VPN gateways in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpn_gateway_id, - state, - type, - amazon_side_asn, - availability_zone, - vpc_attachments - from - aws_vpc_vpn_gateway; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpn_gateway_id,\n state,\n type,\n amazon_side_asn,\n\ + \ availability_zone,\n vpc_attachments\nfrom\n aws_vpc_vpn_gateway;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC VPN Gateway +Title: Find AWS VPC VPN Gateway Details with SQL diff --git a/queries/aws_vpc_vpn_gateway_2.yaml b/queries/aws_vpc_vpn_gateway_2.yaml index ad6f8e6b0..9aa06f7ac 100755 --- a/queries/aws_vpc_vpn_gateway_2.yaml +++ b/queries/aws_vpc_vpn_gateway_2.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS VPC VPN Gateway data, providing details about + Virtual Private Cloud (VPC) VPN gateways in an AWS account. ID: aws_vpc_vpn_gateway_2 -Title: "List all AWS VPC VPN Gateways without VPC Attachments" -Description: "Allows users to query AWS VPC VPN Gateway data, providing details about Virtual Private Cloud (VPC) VPN gateways in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpn_gateway_id - from - aws_vpc_vpn_gateway - where - vpc_attachments is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpn_gateway_id\nfrom\n aws_vpc_vpn_gateway\nwhere\n\ + \ vpc_attachments is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Virtual Private Cloud (VPC) VPN Gateway +Title: List all AWS VPC VPN Gateways without VPC Attachments diff --git a/queries/aws_vpc_vpn_gateway_3.yaml b/queries/aws_vpc_vpn_gateway_3.yaml index 6f0ebec7e..261708387 100755 --- a/queries/aws_vpc_vpn_gateway_3.yaml +++ b/queries/aws_vpc_vpn_gateway_3.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS VPC VPN Gateway data, providing details about + Virtual Private Cloud (VPC) VPN gateways in an AWS account. ID: aws_vpc_vpn_gateway_3 -Title: "List all AWS VPC VPN Gateway Details for Default VPCs" -Description: "Allows users to query AWS VPC VPN Gateway data, providing details about Virtual Private Cloud (VPC) VPN gateways in an AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - vpn_gateway_id, - vpc.is_default - from - aws_vpc_vpn_gateway - cross join jsonb_array_elements(vpc_attachments) as i - join aws_vpc vpc on i ->> 'VpcId' = vpc.vpc_id - where - vpc.is_default = true; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n vpn_gateway_id,\n vpc.is_default\nfrom\n aws_vpc_vpn_gateway\n\ + \ cross join jsonb_array_elements(vpc_attachments) as i\n join aws_vpc vpc on\ + \ i ->> 'VpcId' = vpc.vpc_id\nwhere\n vpc.is_default = true;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - VPC VPN Gateway +Title: List all AWS VPC VPN Gateway Details for Default VPCs diff --git a/queries/aws_waf_rate_based_rule_1.yaml b/queries/aws_waf_rate_based_rule_1.yaml index 21817c8be..480f719d5 100755 --- a/queries/aws_waf_rate_based_rule_1.yaml +++ b/queries/aws_waf_rate_based_rule_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS WAF RateBasedRule to retrieve information about + rate-based security rules that AWS Web Application Firewall (WAF) uses. ID: aws_waf_rate_based_rule_1 -Title: "Find AWS WAF RateBasedRule info using SQL query" -Description: "Allows users to query AWS WAF RateBasedRule to retrieve information about rate-based security rules that AWS Web Application Firewall (WAF) uses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - metric_name - from - aws_waf_rate_based_rule; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n rule_id,\n metric_name\nfrom\n aws_waf_rate_based_rule;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Web Application Firewall +Title: Find AWS WAF RateBasedRule info using SQL query diff --git a/queries/aws_waf_rate_based_rule_2.yaml b/queries/aws_waf_rate_based_rule_2.yaml index b59d77938..22ab4fe44 100755 --- a/queries/aws_waf_rate_based_rule_2.yaml +++ b/queries/aws_waf_rate_based_rule_2.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS WAF RateBasedRule to retrieve information about + rate-based security rules that AWS Web Application Firewall (WAF) uses. ID: aws_waf_rate_based_rule_2 -Title: "Find rate-based security rules in AWS WAF" -Description: "Allows users to query AWS WAF RateBasedRule to retrieve information about rate-based security rules that AWS Web Application Firewall (WAF) uses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - p ->> 'DataId' as data_id, - p ->> 'Negated' as negated, - p ->> 'Type' as type - from - aws_waf_rate_based_rule, - jsonb_array_elements(predicates) as p - where - p ->> 'Negated' = 'True'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n rule_id,\n p ->> 'DataId' as data_id,\n p\ + \ ->> 'Negated' as negated,\n p ->> 'Type' as type\nfrom\n aws_waf_rate_based_rule,\n\ + \ jsonb_array_elements(predicates) as p\nwhere\n p ->> 'Negated' = 'True';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Web Application Firewall (WAF) +Title: Find rate-based security rules in AWS WAF diff --git a/queries/aws_waf_rule_1.yaml b/queries/aws_waf_rule_1.yaml index 75721b98a..28b98fe3d 100755 --- a/queries/aws_waf_rule_1.yaml +++ b/queries/aws_waf_rule_1.yaml @@ -1,24 +1,18 @@ +Description: Allows users to query AWS Web Application Firewall (WAF) rules. ID: aws_waf_rule_1 -Title: "List AWS WAF Rules" -Description: "Allows users to query AWS Web Application Firewall (WAF) rules." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - metric_name - from - aws_waf_rule; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n rule_id,\n metric_name\nfrom\n aws_waf_rule;" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Web Application Firewall +Title: List AWS WAF Rules diff --git a/queries/aws_waf_rule_2.yaml b/queries/aws_waf_rule_2.yaml index 6d533bbda..c9b2c2390 100755 --- a/queries/aws_waf_rule_2.yaml +++ b/queries/aws_waf_rule_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Web Application Firewall (WAF) rules. ID: aws_waf_rule_2 -Title: "Find all AWS WAF rules with specific details" -Description: "Allows users to query AWS Web Application Firewall (WAF) rules." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - p ->> 'DataId' as data_id, - p ->> 'Negated' as negated, - p ->> 'Type' as type - from - aws_waf_rule, - jsonb_array_elements(predicates) as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n rule_id,\n p ->> 'DataId' as data_id,\n p\ + \ ->> 'Negated' as negated,\n p ->> 'Type' as type\nfrom\n aws_waf_rule,\n \ + \ jsonb_array_elements(predicates) as p;" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Web Application Firewall +Title: Find all AWS WAF rules with specific details diff --git a/queries/aws_waf_rule_group_1.yaml b/queries/aws_waf_rule_group_1.yaml index 8184ba784..1454ccf13 100755 --- a/queries/aws_waf_rule_group_1.yaml +++ b/queries/aws_waf_rule_group_1.yaml @@ -1,28 +1,24 @@ +Description: Allows users to query AWS WAF Rule Groups to provide information about + Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security + and DevOps engineers to query rule group-specific details, including rules, actions, + and associated metadata. ID: aws_waf_rule_group_1 -Title: "Find AWS WAF Rule Group Details with Rules and Metadata" -Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - rule_group_id, - metric_name, - activated_rules - from - aws_waf_rule_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n rule_group_id,\n metric_name,\n activated_rules\n\ + from\n aws_waf_rule_group;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WAF +Title: Find AWS WAF Rule Group Details with Rules and Metadata diff --git a/queries/aws_waf_rule_group_2.yaml b/queries/aws_waf_rule_group_2.yaml index 459250266..3048b590f 100755 --- a/queries/aws_waf_rule_group_2.yaml +++ b/queries/aws_waf_rule_group_2.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS WAF Rule Groups to provide information about + Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security + and DevOps engineers to query rule group-specific details, including rules, actions, + and associated metadata. ID: aws_waf_rule_group_2 -Title: "Find AWS WAF Rule Groups with No Activated Rules" -Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - rule_group_id, - metric_name, - activated_rules - from - aws_waf_rule_group - where - activated_rules is null or jsonb_array_length(activated_rules) = 0; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n rule_group_id,\n metric_name,\n activated_rules\n\ + from\n aws_waf_rule_group\nwhere\n activated_rules is null or jsonb_array_length(activated_rules)\ + \ = 0;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAF +Title: Find AWS WAF Rule Groups with No Activated Rules diff --git a/queries/aws_waf_rule_group_3.yaml b/queries/aws_waf_rule_group_3.yaml index f7dd1429a..85740798a 100755 --- a/queries/aws_waf_rule_group_3.yaml +++ b/queries/aws_waf_rule_group_3.yaml @@ -1,29 +1,26 @@ +Description: Allows users to query AWS WAF Rule Groups to provide information about + Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security + and DevOps engineers to query rule group-specific details, including rules, actions, + and associated metadata. ID: aws_waf_rule_group_3 -Title: "Query AWS WAF Rule Groups for Security Details" -Description: "Allows users to query AWS WAF Rule Groups to provide information about Web Application Firewall (WAF) rule groups within AWS WAF. This table enables security and DevOps engineers to query rule group-specific details, including rules, actions, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as rule_group_name, - rule_group_id, - a ->> 'RuleId' as rule_id, - a -> 'Action' ->> 'Type' as rule_action_type, - a ->> 'Type' as rule_type - from - aws_waf_rule_group, - jsonb_array_elements(activated_rules) as a; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as rule_group_name,\n rule_group_id,\n a ->> 'RuleId'\ + \ as rule_id,\n a -> 'Action' ->> 'Type' as rule_action_type,\n a ->> 'Type'\ + \ as rule_type\nfrom\n aws_waf_rule_group,\n jsonb_array_elements(activated_rules)\ + \ as a;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAF +Title: Query AWS WAF Rule Groups for Security Details diff --git a/queries/aws_waf_web_acl_1.yaml b/queries/aws_waf_web_acl_1.yaml index 8f633ff3c..db88d40ad 100755 --- a/queries/aws_waf_web_acl_1.yaml +++ b/queries/aws_waf_web_acl_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS WAF WebACLs to retrieve information about their + configuration, rules, and associated metadata. ID: aws_waf_web_acl_1 -Title: "List all AWS WAF WebACLs and their configurations" -Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region, - default_action, - tags - from - aws_waf_web_acl; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n web_acl_id,\n arn,\n region,\n default_action,\n\ + \ tags\nfrom\n aws_waf_web_acl;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAF +Title: List all AWS WAF WebACLs and their configurations diff --git a/queries/aws_waf_web_acl_2.yaml b/queries/aws_waf_web_acl_2.yaml index c0750a4c6..b6525c895 100755 --- a/queries/aws_waf_web_acl_2.yaml +++ b/queries/aws_waf_web_acl_2.yaml @@ -1,33 +1,26 @@ +Description: Allows users to query AWS WAF WebACLs to retrieve information about their + configuration, rules, and associated metadata. ID: aws_waf_web_acl_2 -Title: "List all AWS WAF WebACLs configuration and rules" -Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - r ->> 'RuleId' as rule_id, - r ->> 'Type' as rule_type, - r ->> 'ExcludedRules' as excluded_rules, - r ->> 'OverrideAction' as override_action, - r -> 'Action' ->> 'Type' as action_type - from - aws_waf_web_acl, - jsonb_array_elements(rules) as r; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n web_acl_id,\n r ->> 'RuleId' as rule_id,\n\ + \ r ->> 'Type' as rule_type,\n r ->> 'ExcludedRules' as excluded_rules,\n r\ + \ ->> 'OverrideAction' as override_action,\n r -> 'Action' ->> 'Type' as action_type\n\ + from\n aws_waf_web_acl,\n jsonb_array_elements(rules) as r;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAF +Title: List all AWS WAF WebACLs configuration and rules diff --git a/queries/aws_waf_web_acl_3.yaml b/queries/aws_waf_web_acl_3.yaml index 6f6690955..b8bd42950 100755 --- a/queries/aws_waf_web_acl_3.yaml +++ b/queries/aws_waf_web_acl_3.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS WAF WebACLs to retrieve information about their + configuration, rules, and associated metadata. ID: aws_waf_web_acl_3 -Title: "List all AWS WAF WebACLs and their configurations" -Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region, - default_action, - tags - from - aws_waf_web_acl - where - rules is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n web_acl_id,\n arn,\n region,\n default_action,\n\ + \ tags\nfrom\n aws_waf_web_acl\nwhere\n rules is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WAF +Title: List all AWS WAF WebACLs and their configurations diff --git a/queries/aws_waf_web_acl_4.yaml b/queries/aws_waf_web_acl_4.yaml index 7bd474530..c8e2fae2e 100755 --- a/queries/aws_waf_web_acl_4.yaml +++ b/queries/aws_waf_web_acl_4.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS WAF WebACLs to retrieve information about their + configuration, rules, and associated metadata. ID: aws_waf_web_acl_4 -Title: "Find AWS WAF WebACLs and Retrieve Configurations" -Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region, - default_action - from - aws_waf_web_acl - where - default_action = 'ALLOW'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n web_acl_id,\n arn,\n region,\n default_action\n\ + from\n aws_waf_web_acl\nwhere\n default_action = 'ALLOW';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WAF +Title: Find AWS WAF WebACLs and Retrieve Configurations diff --git a/queries/aws_waf_web_acl_5.yaml b/queries/aws_waf_web_acl_5.yaml index 8140d41a4..d2a78aa20 100755 --- a/queries/aws_waf_web_acl_5.yaml +++ b/queries/aws_waf_web_acl_5.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS WAF WebACLs to retrieve information about their + configuration, rules, and associated metadata. ID: aws_waf_web_acl_5 -Title: "Find AWS WAF WebACL Configuration and Metadata" -Description: "Allows users to query AWS WAF WebACLs to retrieve information about their configuration, rules, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region - from - aws_waf_web_acl - where - logging_configuration is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n web_acl_id,\n arn,\n region\nfrom\n aws_waf_web_acl\n\ + where\n logging_configuration is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WAF +Title: Find AWS WAF WebACL Configuration and Metadata diff --git a/queries/aws_wafregional_rule_1.yaml b/queries/aws_wafregional_rule_1.yaml index 725e7ebd5..cb063e858 100755 --- a/queries/aws_wafregional_rule_1.yaml +++ b/queries/aws_wafregional_rule_1.yaml @@ -1,26 +1,22 @@ +Description: Allows users to query AWS WAF Regional Rules for detailed information + about each rule, including its ID, metric name, name, and the predicates associated + with it. ID: aws_wafregional_rule_1 -Title: "List AWS WAF Regional Rules and Details" -Description: "Allows users to query AWS WAF Regional Rules for detailed information about each rule, including its ID, metric name, name, and the predicates associated with it." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - metric_name - from - aws_wafregional_rule; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n rule_id,\n metric_name\nfrom\n aws_wafregional_rule;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAF +Title: List AWS WAF Regional Rules and Details diff --git a/queries/aws_wafregional_rule_2.yaml b/queries/aws_wafregional_rule_2.yaml index 642a0ea6c..11ebccd18 100755 --- a/queries/aws_wafregional_rule_2.yaml +++ b/queries/aws_wafregional_rule_2.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS WAF Regional Rules for detailed information + about each rule, including its ID, metric name, name, and the predicates associated + with it. ID: aws_wafregional_rule_2 -Title: "List all AWS WAF Regional Rules with Details" -Description: "Allows users to query AWS WAF Regional Rules for detailed information about each rule, including its ID, metric name, name, and the predicates associated with it." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - rule_id, - p ->> 'DataId' as data_id, - p ->> 'Negated' as negated, - p ->> 'Type' as type - from - aws_wafregional_rule, - jsonb_array_elements(predicates) as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n rule_id,\n p ->> 'DataId' as data_id,\n p\ + \ ->> 'Negated' as negated,\n p ->> 'Type' as type\nfrom\n aws_wafregional_rule,\n\ + \ jsonb_array_elements(predicates) as p;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAF +Title: List all AWS WAF Regional Rules with Details diff --git a/queries/aws_wafregional_rule_group_1.yaml b/queries/aws_wafregional_rule_group_1.yaml index 8652611e2..0e4c68d79 100755 --- a/queries/aws_wafregional_rule_group_1.yaml +++ b/queries/aws_wafregional_rule_group_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS WAF Regional Rule Groups to gather information + about each rule group''s metadata, associated rules, and other relevant details. ID: aws_wafregional_rule_group_1 -Title: "Find AWS WAF Regional Rule Groups Metadata and Details" -Description: "Allows users to query AWS WAF Regional Rule Groups to gather information about each rule group''s metadata, associated rules, and other relevant details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - rule_group_id, - metric_name, - activated_rules, - region - from - aws_wafregional_rule_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n rule_group_id,\n metric_name,\n activated_rules,\n\ + \ region\nfrom\n aws_wafregional_rule_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAF Regional +Title: Find AWS WAF Regional Rule Groups Metadata and Details diff --git a/queries/aws_wafregional_rule_group_2.yaml b/queries/aws_wafregional_rule_group_2.yaml index fdb38ebe2..64c4e6a92 100755 --- a/queries/aws_wafregional_rule_group_2.yaml +++ b/queries/aws_wafregional_rule_group_2.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS WAF Regional Rule Groups to gather information + about each rule group''s metadata, associated rules, and other relevant details. ID: aws_wafregional_rule_group_2 -Title: "List all AWS WAF Regional Rule Groups" -Description: "Allows users to query AWS WAF Regional Rule Groups to gather information about each rule group''s metadata, associated rules, and other relevant details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - arn, - rule_group_id, - metric_name, - activated_rules - from - aws_wafregional_rule_group - where - activated_rules is null or jsonb_array_length(activated_rules) = 0; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n arn,\n rule_group_id,\n metric_name,\n activated_rules\n\ + from\n aws_wafregional_rule_group\nwhere\n activated_rules is null or jsonb_array_length(activated_rules)\ + \ = 0;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAF Regional +Title: List all AWS WAF Regional Rule Groups diff --git a/queries/aws_wafregional_rule_group_3.yaml b/queries/aws_wafregional_rule_group_3.yaml index a6f2b9665..13629e4d5 100755 --- a/queries/aws_wafregional_rule_group_3.yaml +++ b/queries/aws_wafregional_rule_group_3.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query AWS WAF Regional Rule Groups to gather information + about each rule group''s metadata, associated rules, and other relevant details. ID: aws_wafregional_rule_group_3 -Title: "List all AWS WAF Regional Rule Groups and Details" -Description: "Allows users to query AWS WAF Regional Rule Groups to gather information about each rule group''s metadata, associated rules, and other relevant details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name as rule_group_name, - rule_group_id, - a ->> 'RuleId' as rule_id, - a -> 'Action' ->> 'Type' as rule_action_type, - a ->> 'Type' as rule_type - from - aws_wafregional_rule_group, - jsonb_array_elements(activated_rules) as a; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name as rule_group_name,\n rule_group_id,\n a ->> 'RuleId'\ + \ as rule_id,\n a -> 'Action' ->> 'Type' as rule_action_type,\n a ->> 'Type'\ + \ as rule_type\nfrom\n aws_wafregional_rule_group,\n jsonb_array_elements(activated_rules)\ + \ as a;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAF Regional +Title: List all AWS WAF Regional Rule Groups and Details diff --git a/queries/aws_wafregional_web_acl_1.yaml b/queries/aws_wafregional_web_acl_1.yaml index a0564e524..fd0563df5 100755 --- a/queries/aws_wafregional_web_acl_1.yaml +++ b/queries/aws_wafregional_web_acl_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS WAF Regional WebACL to get information about + AWS WAF Regional WebACLs. ID: aws_wafregional_web_acl_1 -Title: "List all AWS WAF Regional WebACL Information" -Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region, - default_action, - tags - from - aws_wafregional_web_acl; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n web_acl_id,\n arn,\n region,\n default_action,\n\ + \ tags\nfrom\n aws_wafregional_web_acl;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAF Regional +Title: List all AWS WAF Regional WebACL Information diff --git a/queries/aws_wafregional_web_acl_2.yaml b/queries/aws_wafregional_web_acl_2.yaml index 21bc582e6..d67d975d1 100755 --- a/queries/aws_wafregional_web_acl_2.yaml +++ b/queries/aws_wafregional_web_acl_2.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS WAF Regional WebACL to get information about + AWS WAF Regional WebACLs. ID: aws_wafregional_web_acl_2 -Title: "List all AWS WAF Regional WebACLs information" -Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - r ->> 'RuleId' as rule_id, - r ->> 'Type' as rule_type, - r ->> 'ExcludedRules' as excluded_rules, - r ->> 'OverrideAction' as override_action, - r -> 'Action' ->> 'Type' as action_type - from - aws_wafregional_web_acl, - jsonb_array_elements(rules) as r; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n web_acl_id,\n r ->> 'RuleId' as rule_id,\n\ + \ r ->> 'Type' as rule_type,\n r ->> 'ExcludedRules' as excluded_rules,\n r\ + \ ->> 'OverrideAction' as override_action,\n r -> 'Action' ->> 'Type' as action_type\n\ + from\n aws_wafregional_web_acl,\n jsonb_array_elements(rules) as r;" Tags: cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAF Regional +Title: List all AWS WAF Regional WebACLs information diff --git a/queries/aws_wafregional_web_acl_3.yaml b/queries/aws_wafregional_web_acl_3.yaml index 257e52bad..30abf38f7 100755 --- a/queries/aws_wafregional_web_acl_3.yaml +++ b/queries/aws_wafregional_web_acl_3.yaml @@ -1,29 +1,20 @@ +Description: Allows users to query AWS WAF Regional WebACL to get information about + AWS WAF Regional WebACLs. ID: aws_wafregional_web_acl_3 -Title: "Find AWS WAF Regional WebACL Information" -Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region, - default_action, - tags - from - aws_wafregional_web_acl - where - rules is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n web_acl_id,\n arn,\n region,\n default_action,\n\ + \ tags\nfrom\n aws_wafregional_web_acl\nwhere\n rules is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAF Regional WebACL +Title: Find AWS WAF Regional WebACL Information diff --git a/queries/aws_wafregional_web_acl_4.yaml b/queries/aws_wafregional_web_acl_4.yaml index 8b5014259..492e3eb09 100755 --- a/queries/aws_wafregional_web_acl_4.yaml +++ b/queries/aws_wafregional_web_acl_4.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS WAF Regional WebACL to get information about + AWS WAF Regional WebACLs. ID: aws_wafregional_web_acl_4 -Title: "Find AWS WAF Regional WebACL Details" -Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region, - default_action - from - aws_wafregional_web_acl - where - default_action = 'ALLOW'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n web_acl_id,\n arn,\n region,\n default_action\n\ + from\n aws_wafregional_web_acl\nwhere\n default_action = 'ALLOW';" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WAF Regional +Title: Find AWS WAF Regional WebACL Details diff --git a/queries/aws_wafregional_web_acl_5.yaml b/queries/aws_wafregional_web_acl_5.yaml index 19c3b9567..7fe6aff05 100755 --- a/queries/aws_wafregional_web_acl_5.yaml +++ b/queries/aws_wafregional_web_acl_5.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS WAF Regional WebACL to get information about + AWS WAF Regional WebACLs. ID: aws_wafregional_web_acl_5 -Title: "Find all AWS WAF Regional WebACL Details" -Description: "Allows users to query AWS WAF Regional WebACL to get information about AWS WAF Regional WebACLs." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - web_acl_id, - arn, - region - from - aws_wafregional_web_acl - where - logging_configuration is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n web_acl_id,\n arn,\n region\nfrom\n aws_wafregional_web_acl\n\ + where\n logging_configuration is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAF Regional +Title: Find all AWS WAF Regional WebACL Details diff --git a/queries/aws_wafv2_ip_set_1.yaml b/queries/aws_wafv2_ip_set_1.yaml index cda13529c..0ae53187b 100755 --- a/queries/aws_wafv2_ip_set_1.yaml +++ b/queries/aws_wafv2_ip_set_1.yaml @@ -1,31 +1,22 @@ +Description: Allows users to query AWS WAFv2 IPSet information, including IP addresses, + IP address version, and associated metadata. ID: aws_wafv2_ip_set_1 -Title: "List all AWS WAFv2 IPSets with Detailed Information" -Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - addresses, - ip_address_version, - region - from - aws_wafv2_ip_set; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n arn,\n id,\n scope,\n addresses,\n\ + \ ip_address_version,\n region\nfrom\n aws_wafv2_ip_set;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WAFv2 +Title: List all AWS WAFv2 IPSets with Detailed Information diff --git a/queries/aws_wafv2_ip_set_2.yaml b/queries/aws_wafv2_ip_set_2.yaml index 8254118c3..d24c6d34c 100755 --- a/queries/aws_wafv2_ip_set_2.yaml +++ b/queries/aws_wafv2_ip_set_2.yaml @@ -1,31 +1,20 @@ +Description: Allows users to query AWS WAFv2 IPSet information, including IP addresses, + IP address version, and associated metadata. ID: aws_wafv2_ip_set_2 -Title: "List all AWS WAFv2 IPSet Information with Metadata" -Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - addresses, - ip_address_version, - region - from - aws_wafv2_ip_set - where - scope = 'CLOUDFRONT'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n arn,\n id,\n scope,\n addresses,\n\ + \ ip_address_version,\n region\nfrom\n aws_wafv2_ip_set\nwhere\n scope = 'CLOUDFRONT';" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAFv2 +Title: List all AWS WAFv2 IPSet Information with Metadata diff --git a/queries/aws_wafv2_ip_set_3.yaml b/queries/aws_wafv2_ip_set_3.yaml index 01f203af8..84de6415f 100755 --- a/queries/aws_wafv2_ip_set_3.yaml +++ b/queries/aws_wafv2_ip_set_3.yaml @@ -1,33 +1,23 @@ +Description: Allows users to query AWS WAFv2 IPSet information, including IP addresses, + IP address version, and associated metadata. ID: aws_wafv2_ip_set_3 -Title: "Find AWS WAFv2 IPSet Information including IP Addresses" -Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - addresses, - ip_address_version, - region - from - aws_wafv2_ip_set - where - ip_address_version = 'IPV4'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n arn,\n id,\n scope,\n addresses,\n\ + \ ip_address_version,\n region\nfrom\n aws_wafv2_ip_set\nwhere\n ip_address_version\ + \ = 'IPV4';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAFv2 +Title: Find AWS WAFv2 IPSet Information including IP Addresses diff --git a/queries/aws_wafv2_ip_set_4.yaml b/queries/aws_wafv2_ip_set_4.yaml index 1b038a0a1..ef859b38e 100755 --- a/queries/aws_wafv2_ip_set_4.yaml +++ b/queries/aws_wafv2_ip_set_4.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS WAFv2 IPSet information, including IP addresses, + IP address version, and associated metadata. ID: aws_wafv2_ip_set_4 -Title: "Find AWS WAFv2 IPSet Information including IP Addresses" -Description: "Allows users to query AWS WAFv2 IPSet information, including IP addresses, IP address version, and associated metadata." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - ip_address_version, - region, - address - from - aws_wafv2_ip_set, - jsonb_array_elements_text(addresses) as address - where - address = '1.2.3.4/32'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n arn,\n ip_address_version,\n\ + \ region,\n address\nfrom\n aws_wafv2_ip_set,\n jsonb_array_elements_text(addresses)\ + \ as address\nwhere\n address = '1.2.3.4/32';" Tags: cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAFv2 +Title: Find AWS WAFv2 IPSet Information including IP Addresses diff --git a/queries/aws_wafv2_regex_pattern_set_1.yaml b/queries/aws_wafv2_regex_pattern_set_1.yaml index 96640f016..bf9d8ad9c 100755 --- a/queries/aws_wafv2_regex_pattern_set_1.yaml +++ b/queries/aws_wafv2_regex_pattern_set_1.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query AWS WAFv2 Regex Pattern Set data, providing details + about the regex pattern sets used in AWS WAFv2 to filter web requests. ID: aws_wafv2_regex_pattern_set_1 -Title: "List all AWS WAFv2 Regex Pattern Sets in Steampipe" -Description: "Allows users to query AWS WAFv2 Regex Pattern Set data, providing details about the regex pattern sets used in AWS WAFv2 to filter web requests." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - regular_expressions, - region - from - aws_wafv2_regex_pattern_set; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n arn,\n id,\n scope,\n regular_expressions,\n\ + \ region\nfrom\n aws_wafv2_regex_pattern_set;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAFv2 +Title: List all AWS WAFv2 Regex Pattern Sets in Steampipe diff --git a/queries/aws_wafv2_regex_pattern_set_2.yaml b/queries/aws_wafv2_regex_pattern_set_2.yaml index 86306479e..bd84d7f5e 100755 --- a/queries/aws_wafv2_regex_pattern_set_2.yaml +++ b/queries/aws_wafv2_regex_pattern_set_2.yaml @@ -1,32 +1,22 @@ +Description: Allows users to query AWS WAFv2 Regex Pattern Set data, providing details + about the regex pattern sets used in AWS WAFv2 to filter web requests. ID: aws_wafv2_regex_pattern_set_2 -Title: "Find AWS WAFv2 Regex Pattern Sets in CloudFront" -Description: "Allows users to query AWS WAFv2 Regex Pattern Set data, providing details about the regex pattern sets used in AWS WAFv2 to filter web requests." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - regular_expressions, - region - from - aws_wafv2_regex_pattern_set - where - scope = 'CLOUDFRONT'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n arn,\n id,\n scope,\n regular_expressions,\n\ + \ region\nfrom\n aws_wafv2_regex_pattern_set\nwhere\n scope = 'CLOUDFRONT';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WAFv2 +Title: Find AWS WAFv2 Regex Pattern Sets in CloudFront diff --git a/queries/aws_wafv2_regex_pattern_set_3.yaml b/queries/aws_wafv2_regex_pattern_set_3.yaml index 527b20f58..a36550899 100755 --- a/queries/aws_wafv2_regex_pattern_set_3.yaml +++ b/queries/aws_wafv2_regex_pattern_set_3.yaml @@ -1,33 +1,23 @@ +Description: Allows users to query AWS WAFv2 Regex Pattern Set data, providing details + about the regex pattern sets used in AWS WAFv2 to filter web requests. ID: aws_wafv2_regex_pattern_set_3 -Title: "Find all AWS WAFv2 Regex Pattern Set data details" -Description: "Allows users to query AWS WAFv2 Regex Pattern Set data, providing details about the regex pattern sets used in AWS WAFv2 to filter web requests." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - wrps.id, - scope, - regular_expressions, - region - from - aws_wafv2_regex_pattern_set as wrps, - jsonb_array_elements_text(regular_expressions) as regex - where - regex = '^steampipe'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n arn,\n wrps.id,\n scope,\n\ + \ regular_expressions,\n region\nfrom\n aws_wafv2_regex_pattern_set as wrps,\n\ + \ jsonb_array_elements_text(regular_expressions) as regex\nwhere\n regex = '^steampipe';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WAFv2 +Title: Find all AWS WAFv2 Regex Pattern Set data details diff --git a/queries/aws_wafv2_rule_group_1.yaml b/queries/aws_wafv2_rule_group_1.yaml index 4e85f66c9..c6bcbf319 100755 --- a/queries/aws_wafv2_rule_group_1.yaml +++ b/queries/aws_wafv2_rule_group_1.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS WAFv2 Rule Groups and gather information such + as the group''s ARN, capacity, description, rules, visibility configuration, and + more. ID: aws_wafv2_rule_group_1 -Title: "List all AWS WAFv2 Rule Groups and their details" -Description: "Allows users to query AWS WAFv2 Rule Groups and gather information such as the group''s ARN, capacity, description, rules, visibility configuration, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - capacity, - rules, - region - from - aws_wafv2_rule_group; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n arn,\n id,\n scope,\n capacity,\n\ + \ rules,\n region\nfrom\n aws_wafv2_rule_group;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WAFv2 +Title: List all AWS WAFv2 Rule Groups and their details diff --git a/queries/aws_wafv2_rule_group_2.yaml b/queries/aws_wafv2_rule_group_2.yaml index 041cc1fce..537a3c771 100755 --- a/queries/aws_wafv2_rule_group_2.yaml +++ b/queries/aws_wafv2_rule_group_2.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS WAFv2 Rule Groups and gather information such + as the group''s ARN, capacity, description, rules, visibility configuration, and + more. ID: aws_wafv2_rule_group_2 -Title: "List all AWS WAFv2 Rule Groups with Capacity and Details" -Description: "Allows users to query AWS WAFv2 Rule Groups and gather information such as the group''s ARN, capacity, description, rules, visibility configuration, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - capacity, - region - from - aws_wafv2_rule_group - where - scope = 'CLOUDFRONT'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n arn,\n id,\n scope,\n capacity,\n\ + \ region\nfrom\n aws_wafv2_rule_group\nwhere\n scope = 'CLOUDFRONT';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAFv2 +Title: List all AWS WAFv2 Rule Groups with Capacity and Details diff --git a/queries/aws_wafv2_rule_group_3.yaml b/queries/aws_wafv2_rule_group_3.yaml index e0f13a7fe..d0bd07421 100755 --- a/queries/aws_wafv2_rule_group_3.yaml +++ b/queries/aws_wafv2_rule_group_3.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS WAFv2 Rule Groups and gather information such + as the group''s ARN, capacity, description, rules, visibility configuration, and + more. ID: aws_wafv2_rule_group_3 -Title: "List AWS WAFv2 Rule Groups with Capacity Info" -Description: "Allows users to query AWS WAFv2 Rule Groups and gather information such as the group''s ARN, capacity, description, rules, visibility configuration, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - description, - arn, - id, - scope, - capacity, - region - from - aws_wafv2_rule_group - where - capacity < 5; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n description,\n arn,\n id,\n scope,\n capacity,\n\ + \ region\nfrom\n aws_wafv2_rule_group\nwhere\n capacity < 5;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAFv2 +Title: List AWS WAFv2 Rule Groups with Capacity Info diff --git a/queries/aws_wafv2_web_acl_1.yaml b/queries/aws_wafv2_web_acl_1.yaml index 7550241f2..bac75da24 100755 --- a/queries/aws_wafv2_web_acl_1.yaml +++ b/queries/aws_wafv2_web_acl_1.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS WAFv2 WebACLs to retrieve and manage information + about WebACL resources within AWS WAFv2. ID: aws_wafv2_web_acl_1 -Title: "Find AWS WAFv2 WebACL Resources Information" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - scope, - description, - capacity, - managed_by_firewall_manager - from - aws_wafv2_web_acl; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n scope,\n description,\n capacity,\n\ + \ managed_by_firewall_manager\nfrom\n aws_wafv2_web_acl;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAFv2 +Title: Find AWS WAFv2 WebACL Resources Information diff --git a/queries/aws_wafv2_web_acl_2.yaml b/queries/aws_wafv2_web_acl_2.yaml index 7e5e82e15..9c43b2e3c 100755 --- a/queries/aws_wafv2_web_acl_2.yaml +++ b/queries/aws_wafv2_web_acl_2.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS WAFv2 WebACLs to retrieve and manage information + about WebACL resources within AWS WAFv2. ID: aws_wafv2_web_acl_2 -Title: "List all AWS WAFv2 WebACLs and their Metric Names" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - visibility_config ->> 'CloudWatchMetricsEnabled' as cloud_watch_metrics_enabled, - visibility_config ->> 'MetricName' as metric_name - from - aws_wafv2_web_acl; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n visibility_config ->> 'CloudWatchMetricsEnabled'\ + \ as cloud_watch_metrics_enabled,\n visibility_config ->> 'MetricName' as metric_name\n\ + from\n aws_wafv2_web_acl;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WAFv2 +Title: List all AWS WAFv2 WebACLs and their Metric Names diff --git a/queries/aws_wafv2_web_acl_3.yaml b/queries/aws_wafv2_web_acl_3.yaml index 2aca1b458..31704c9ff 100755 --- a/queries/aws_wafv2_web_acl_3.yaml +++ b/queries/aws_wafv2_web_acl_3.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS WAFv2 WebACLs to retrieve and manage information + about WebACL resources within AWS WAFv2. ID: aws_wafv2_web_acl_3 -Title: "Find all AWS WAFv2 WebACLs with Disabled Sampled Requests" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - visibility_config ->> 'SampledRequestsEnabled' as sampled_requests_enabled - from - aws_wafv2_web_acl - where - visibility_config ->> 'SampledRequestsEnabled' = 'false'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n visibility_config ->> 'SampledRequestsEnabled'\ + \ as sampled_requests_enabled\nfrom\n aws_wafv2_web_acl\nwhere\n visibility_config\ + \ ->> 'SampledRequestsEnabled' = 'false';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAFv2 +Title: Find all AWS WAFv2 WebACLs with Disabled Sampled Requests diff --git a/queries/aws_wafv2_web_acl_4.yaml b/queries/aws_wafv2_web_acl_4.yaml index b1da11222..55cb3ccaf 100755 --- a/queries/aws_wafv2_web_acl_4.yaml +++ b/queries/aws_wafv2_web_acl_4.yaml @@ -1,41 +1,34 @@ +Description: Allows users to query AWS WAFv2 WebACLs to retrieve and manage information + about WebACL resources within AWS WAFv2. ID: aws_wafv2_web_acl_4 -Title: "List AWS WAFv2 WebACLs and Manage Information" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - r ->> 'Name' as name, - r -> 'Statement' ->> 'AndStatement' as and_statement, - r -> 'Statement' ->> 'ByteMatchStatement' as byte_match_statement, - r -> 'Statement' ->> 'GeoMatchStatement' as geo_match_statement, - r -> 'Statement' ->> 'IPSetReferenceStatement' as ip_set_reference_statement, - r -> 'Statement' ->> 'NotStatement' as not_statement, - r -> 'Statement' ->> 'OrStatement' as or_statement, - r -> 'Statement' ->> 'RateBasedStatement' as rate_based_statement, - r -> 'Statement' ->> 'RegexPatternSetReferenceStatement' as regex_pattern_set_reference_statement, - r -> 'Statement' ->> 'RuleGroupReferenceStatement' as rule_group_reference_statement, - r -> 'Statement' ->> 'SizeConstraintStatement' as size_constraint_statement, - r -> 'Statement' ->> 'SqliMatchStatement' as sql_match_statement, - r -> 'Statement' ->> 'XssMatchStatement' as xss_match_statement - from - aws_wafv2_web_acl, - jsonb_array_elements(rules) as r; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n r ->> 'Name' as name,\n r -> 'Statement'\ + \ ->> 'AndStatement' as and_statement,\n r -> 'Statement' ->> 'ByteMatchStatement'\ + \ as byte_match_statement,\n r -> 'Statement' ->> 'GeoMatchStatement' as geo_match_statement,\n\ + \ r -> 'Statement' ->> 'IPSetReferenceStatement' as ip_set_reference_statement,\n\ + \ r -> 'Statement' ->> 'NotStatement' as not_statement,\n r -> 'Statement' ->>\ + \ 'OrStatement' as or_statement,\n r -> 'Statement' ->> 'RateBasedStatement'\ + \ as rate_based_statement,\n r -> 'Statement' ->> 'RegexPatternSetReferenceStatement'\ + \ as regex_pattern_set_reference_statement,\n r -> 'Statement' ->> 'RuleGroupReferenceStatement'\ + \ as rule_group_reference_statement,\n r -> 'Statement' ->> 'SizeConstraintStatement'\ + \ as size_constraint_statement,\n r -> 'Statement' ->> 'SqliMatchStatement' as\ + \ sql_match_statement,\n r -> 'Statement' ->> 'XssMatchStatement' as xss_match_statement\n\ + from\n aws_wafv2_web_acl,\n jsonb_array_elements(rules) as r;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WAFv2 +Title: List AWS WAFv2 WebACLs and Manage Information diff --git a/queries/aws_wafv2_web_acl_5.yaml b/queries/aws_wafv2_web_acl_5.yaml index f989647cb..924aa85df 100755 --- a/queries/aws_wafv2_web_acl_5.yaml +++ b/queries/aws_wafv2_web_acl_5.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS WAFv2 WebACLs to retrieve and manage information + about WebACL resources within AWS WAFv2. ID: aws_wafv2_web_acl_5 -Title: "Find AWS WAFv2 WebACLs and Manage WebACL Resources" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - scope, - region - from - aws_wafv2_web_acl - where - scope = 'REGIONAL'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n scope,\n region\nfrom\n aws_wafv2_web_acl\n\ + where\n scope = 'REGIONAL';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAFv2 +Title: Find AWS WAFv2 WebACLs and Manage WebACL Resources diff --git a/queries/aws_wafv2_web_acl_6.yaml b/queries/aws_wafv2_web_acl_6.yaml index 5a27a67e5..2600f6123 100755 --- a/queries/aws_wafv2_web_acl_6.yaml +++ b/queries/aws_wafv2_web_acl_6.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS WAFv2 WebACLs to retrieve and manage information + about WebACL resources within AWS WAFv2. ID: aws_wafv2_web_acl_6 -Title: "Find WebACL Resources in AWS WAFv2 Without Logging" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - id, - scope, - region - from - aws_wafv2_web_acl - where - logging_configuration is null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n id,\n scope,\n region\nfrom\n aws_wafv2_web_acl\n\ + where\n logging_configuration is null;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_network_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WAFv2 +Title: Find WebACL Resources in AWS WAFv2 Without Logging diff --git a/queries/aws_wafv2_web_acl_7.yaml b/queries/aws_wafv2_web_acl_7.yaml index 77059c702..adc4494ff 100755 --- a/queries/aws_wafv2_web_acl_7.yaml +++ b/queries/aws_wafv2_web_acl_7.yaml @@ -1,32 +1,25 @@ +Description: Allows users to query AWS WAFv2 WebACLs to retrieve and manage information + about WebACL resources within AWS WAFv2. ID: aws_wafv2_web_acl_7 -Title: "Find AWS WAFv2 WebACLs and Associated Load Balancers" -Description: "Allows users to query AWS WAFv2 WebACLs to retrieve and manage information about WebACL resources within AWS WAFv2." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lb.name as application_load_balancer_name, - w.name as web_acl_name, - w.id as web_acl_id, - w.scope as web_acl_scope, - lb.type as application_load_balancer_type - from - aws_ec2_application_load_balancer as lb, - aws_wafv2_web_acl as w, - jsonb_array_elements_text(associated_resources) as arns - where - lb.arn = arns; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lb.name as application_load_balancer_name,\n w.name\ + \ as web_acl_name,\n w.id as web_acl_id,\n w.scope as web_acl_scope,\n lb.type\ + \ as application_load_balancer_type\nfrom\n aws_ec2_application_load_balancer\ + \ as lb,\n aws_wafv2_web_acl as w,\n jsonb_array_elements_text(associated_resources)\ + \ as arns\nwhere\n lb.arn = arns;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WAFv2 +Title: Find AWS WAFv2 WebACLs and Associated Load Balancers diff --git a/queries/aws_wellarchitected_answer_1.yaml b/queries/aws_wellarchitected_answer_1.yaml index 1bc3c3bf2..61d74923c 100755 --- a/queries/aws_wellarchitected_answer_1.yaml +++ b/queries/aws_wellarchitected_answer_1.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Well-Architected Tool Answer data, including + information about the workloads, lens, and questions associated with each answer. ID: aws_wellarchitected_answer_1 -Title: "List All AWS Well-Architected Tool Answer Data" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.question_id, - a.lens_alias, - a.workload_id, - a.is_applicable, - a.pillar_id, - a.question_title, - a.risk, - a.reason, - a.region - from - aws_wellarchitected_answer a; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.question_id,\n a.lens_alias,\n a.workload_id,\n \ + \ a.is_applicable,\n a.pillar_id,\n a.question_title,\n a.risk,\n a.reason,\n\ + \ a.region\nfrom\n aws_wellarchitected_answer a;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List All AWS Well-Architected Tool Answer Data diff --git a/queries/aws_wellarchitected_answer_2.yaml b/queries/aws_wellarchitected_answer_2.yaml index 771278747..4ed3e3548 100755 --- a/queries/aws_wellarchitected_answer_2.yaml +++ b/queries/aws_wellarchitected_answer_2.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query AWS Well-Architected Tool Answer data, including + information about the workloads, lens, and questions associated with each answer. ID: aws_wellarchitected_answer_2 -Title: "List all AWS Well-Architected Tool Answers by Workload and Pillar" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.workload_id, - a.pillar_id, - count(a.question_id) as total_questions - from - aws_wellarchitected_answer a - group by - a.workload_id, - a.pillar_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.workload_id,\n a.pillar_id,\n count(a.question_id)\ + \ as total_questions\nfrom\n aws_wellarchitected_answer a\ngroup by\n a.workload_id,\n\ + \ a.pillar_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Answers by Workload and Pillar diff --git a/queries/aws_wellarchitected_answer_3.yaml b/queries/aws_wellarchitected_answer_3.yaml index de7f19e4c..d16392c52 100755 --- a/queries/aws_wellarchitected_answer_3.yaml +++ b/queries/aws_wellarchitected_answer_3.yaml @@ -1,34 +1,26 @@ +Description: Allows users to query AWS Well-Architected Tool Answer data, including + information about the workloads, lens, and questions associated with each answer. ID: aws_wellarchitected_answer_3 -Title: "Find AWS Well-Architected Tool Answer Data" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.question_id, - a.lens_alias, - a.workload_id, - a.question_title, - a.question_description, - c ->> 'Title' as choice_title, - c ->> 'ChoiceId' as choice_id, - c ->> 'Description' as choice_description, - c ->> 'HelpfulResource' as choice_helpful_resource, - c ->> 'ImprovementPlan' as choice_improvement_plan - from - aws_wellarchitected_answer a, - jsonb_array_elements(choices) c; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.question_id,\n a.lens_alias,\n a.workload_id,\n \ + \ a.question_title,\n a.question_description,\n c ->> 'Title' as choice_title,\n\ + \ c ->> 'ChoiceId' as choice_id,\n c ->> 'Description' as choice_description,\n\ + \ c ->> 'HelpfulResource' as choice_helpful_resource,\n c ->> 'ImprovementPlan'\ + \ as choice_improvement_plan\nfrom\n aws_wellarchitected_answer a,\n jsonb_array_elements(choices)\ + \ c;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find AWS Well-Architected Tool Answer Data diff --git a/queries/aws_wellarchitected_answer_4.yaml b/queries/aws_wellarchitected_answer_4.yaml index c9752bf79..e20d88e9d 100755 --- a/queries/aws_wellarchitected_answer_4.yaml +++ b/queries/aws_wellarchitected_answer_4.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query AWS Well-Architected Tool Answer data, including + information about the workloads, lens, and questions associated with each answer. ID: aws_wellarchitected_answer_4 -Title: "List AWS Well-Architected Tool Answer Data" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.question_id, - a.lens_alias, - a.workload_id, - a.question_title, - a.question_description, - c ->> 'Notes' as choice_notes, - c ->> 'Reason' as choice_reason, - c ->> 'Status' as choice_status, - c ->> 'ChoiceId' as choice_id - from - aws_wellarchitected_answer a, - jsonb_array_elements(choice_answers) c; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.question_id,\n a.lens_alias,\n a.workload_id,\n \ + \ a.question_title,\n a.question_description,\n c ->> 'Notes' as choice_notes,\n\ + \ c ->> 'Reason' as choice_reason,\n c ->> 'Status' as choice_status,\n c ->>\ + \ 'ChoiceId' as choice_id\nfrom\n aws_wellarchitected_answer a,\n jsonb_array_elements(choice_answers)\ + \ c;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List AWS Well-Architected Tool Answer Data diff --git a/queries/aws_wellarchitected_answer_5.yaml b/queries/aws_wellarchitected_answer_5.yaml index 10e326677..30be3f08f 100755 --- a/queries/aws_wellarchitected_answer_5.yaml +++ b/queries/aws_wellarchitected_answer_5.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS Well-Architected Tool Answer data, including + information about the workloads, lens, and questions associated with each answer. ID: aws_wellarchitected_answer_5 -Title: "List all AWS Well-Architected Tools Answers and Details" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.question_id, - a.lens_alias, - a.workload_id, - a.question_title, - a.question_description, - reason - from - aws_wellarchitected_answer a - where - not is_applicable; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.question_id,\n a.lens_alias,\n a.workload_id,\n \ + \ a.question_title,\n a.question_description,\n reason\nfrom\n aws_wellarchitected_answer\ + \ a\nwhere\n not is_applicable;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tools Answers and Details diff --git a/queries/aws_wellarchitected_answer_6.yaml b/queries/aws_wellarchitected_answer_6.yaml index 0b45479d1..79d22832a 100755 --- a/queries/aws_wellarchitected_answer_6.yaml +++ b/queries/aws_wellarchitected_answer_6.yaml @@ -1,36 +1,25 @@ +Description: Allows users to query AWS Well-Architected Tool Answer data, including + information about the workloads, lens, and questions associated with each answer. ID: aws_wellarchitected_answer_6 -Title: "List All AWS Well-Architected Tool Answer Data" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - a.question_id, - a.lens_alias, - a.workload_id, - a.question_title, - a.risk, - c ->> 'ChoiceId' as choice_id, - c ->> 'Status' as choice_status, - c ->> 'Reason' as choice_reason, - c ->> 'Notes' as choice_notes - from - aws_wellarchitected_answer a, - jsonb_array_elements(choice_answers) c - where - risk = 'HIGH' - or risk = 'MEDIUM'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n a.question_id,\n a.lens_alias,\n a.workload_id,\n \ + \ a.question_title,\n a.risk,\n c ->> 'ChoiceId' as choice_id,\n c ->> 'Status'\ + \ as choice_status,\n c ->> 'Reason' as choice_reason,\n c ->> 'Notes' as choice_notes\n\ + from\n aws_wellarchitected_answer a,\n jsonb_array_elements(choice_answers)\ + \ c\nwhere\n risk = 'HIGH'\n or risk = 'MEDIUM';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List All AWS Well-Architected Tool Answer Data diff --git a/queries/aws_wellarchitected_answer_7.yaml b/queries/aws_wellarchitected_answer_7.yaml index 04ba0ef09..9a4f8cc3a 100755 --- a/queries/aws_wellarchitected_answer_7.yaml +++ b/queries/aws_wellarchitected_answer_7.yaml @@ -1,32 +1,23 @@ +Description: Allows users to query AWS Well-Architected Tool Answer data, including + information about the workloads, lens, and questions associated with each answer. ID: aws_wellarchitected_answer_7 -Title: "List all AWS Well-Architected Tool Answers by Risk" -Description: "Allows users to query AWS Well-Architected Tool Answer data, including information about the workloads, lens, and questions associated with each answer." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - risk, - count(question_id) as total_questions - from - aws_wellarchitected_answer - where - risk = 'HIGH' - or risk = 'MEDIUM' - group by - workload_id, - risk; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n risk,\n count(question_id) as total_questions\n\ + from\n aws_wellarchitected_answer\nwhere\n risk = 'HIGH'\n or risk = 'MEDIUM'\n\ + group by\n workload_id,\n risk;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Answers by Risk diff --git a/queries/aws_wellarchitected_check_detail_1.yaml b/queries/aws_wellarchitected_check_detail_1.yaml index 675656944..f0dfd861b 100755 --- a/queries/aws_wellarchitected_check_detail_1.yaml +++ b/queries/aws_wellarchitected_check_detail_1.yaml @@ -1,30 +1,21 @@ +Description: Allows users to query AWS Well-Architected Tool Check Details for information + on individual checks within a workload. The table provides data on the check status, + risk, reason for risk, improvement plan, and other related details. ID: aws_wellarchitected_check_detail_1 -Title: "Find Details on AWS Well-Architected Tool Checks" -Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - lens_arn, - pillar_id, - question_id, - choice_id, - id, - name, - description, - status - from - aws_wellarchitected_check_detail; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n lens_arn,\n pillar_id,\n question_id,\n\ + \ choice_id,\n id,\n name,\n description,\n status\nfrom\n aws_wellarchitected_check_detail;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find Details on AWS Well-Architected Tool Checks diff --git a/queries/aws_wellarchitected_check_detail_2.yaml b/queries/aws_wellarchitected_check_detail_2.yaml index a240f86ee..02500c763 100755 --- a/queries/aws_wellarchitected_check_detail_2.yaml +++ b/queries/aws_wellarchitected_check_detail_2.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Well-Architected Tool Check Details for information + on individual checks within a workload. The table provides data on the check status, + risk, reason for risk, improvement plan, and other related details. ID: aws_wellarchitected_check_detail_2 -Title: "List AWS Well-Architected Tool Check Details" -Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - status, - count(id) as checks - from - aws_wellarchitected_check_detail - group by - workload_id, - status; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n status,\n count(id) as checks\nfrom\n\ + \ aws_wellarchitected_check_detail\ngroup by\n workload_id,\n status;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List AWS Well-Architected Tool Check Details diff --git a/queries/aws_wellarchitected_check_detail_3.yaml b/queries/aws_wellarchitected_check_detail_3.yaml index 5334ed498..81e620853 100755 --- a/queries/aws_wellarchitected_check_detail_3.yaml +++ b/queries/aws_wellarchitected_check_detail_3.yaml @@ -1,32 +1,22 @@ +Description: Allows users to query AWS Well-Architected Tool Check Details for information + on individual checks within a workload. The table provides data on the check status, + risk, reason for risk, improvement plan, and other related details. ID: aws_wellarchitected_check_detail_3 -Title: "Find AWS Well-Architected Tool Check Details for Security" -Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - lens_arn, - pillar_id, - question_id, - choice_id, - id, - name, - description, - status - from - aws_wellarchitected_check_detail - where - pillar_id = 'security'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n lens_arn,\n pillar_id,\n question_id,\n\ + \ choice_id,\n id,\n name,\n description,\n status\nfrom\n aws_wellarchitected_check_detail\n\ + where \n pillar_id = 'security';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find AWS Well-Architected Tool Check Details for Security diff --git a/queries/aws_wellarchitected_check_detail_4.yaml b/queries/aws_wellarchitected_check_detail_4.yaml index 479abd22c..7ee1b40aa 100755 --- a/queries/aws_wellarchitected_check_detail_4.yaml +++ b/queries/aws_wellarchitected_check_detail_4.yaml @@ -1,32 +1,24 @@ +Description: Allows users to query AWS Well-Architected Tool Check Details for information + on individual checks within a workload. The table provides data on the check status, + risk, reason for risk, improvement plan, and other related details. ID: aws_wellarchitected_check_detail_4 -Title: "Find AWS Well-Architected Tool Check Details Status" -Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - choice_id, - name, - pillar_id, - question_id, - flagged_resources, - updated_at - from - aws_wellarchitected_check_detail - where - status = 'ERROR'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n choice_id,\n name,\n pillar_id,\n question_id,\n\ + \ flagged_resources,\n updated_at\nfrom\n aws_wellarchitected_check_detail\n\ + where \n status = 'ERROR';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find AWS Well-Architected Tool Check Details Status diff --git a/queries/aws_wellarchitected_check_detail_5.yaml b/queries/aws_wellarchitected_check_detail_5.yaml index 38dfbaaf3..c6f71c104 100755 --- a/queries/aws_wellarchitected_check_detail_5.yaml +++ b/queries/aws_wellarchitected_check_detail_5.yaml @@ -1,35 +1,25 @@ +Description: Allows users to query AWS Well-Architected Tool Check Details for information + on individual checks within a workload. The table provides data on the check status, + risk, reason for risk, improvement plan, and other related details. ID: aws_wellarchitected_check_detail_5 -Title: "List all AWS Well-Architected Tool Check Details" -Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - w.workload_name, - w.workload_id, - w.environment, - w.industry, - w.owner, - d.name as check_name, - d.flagged_resources, - d.pillar_id - from - aws_wellarchitected_check_detail d, - aws_wellarchitected_workload w - where - d.workload_id = w.workload_id - and d.status = 'ERROR'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n w.workload_name,\n w.workload_id,\n w.environment,\n\ + \ w.industry,\n w.owner,\n d.name as check_name,\n d.flagged_resources,\n\ + \ d.pillar_id\nfrom\n aws_wellarchitected_check_detail d,\n aws_wellarchitected_workload\ + \ w\nwhere\n d.workload_id = w.workload_id\n and d.status = 'ERROR';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Check Details diff --git a/queries/aws_wellarchitected_check_detail_6.yaml b/queries/aws_wellarchitected_check_detail_6.yaml index 0e9b22af8..e3249a405 100755 --- a/queries/aws_wellarchitected_check_detail_6.yaml +++ b/queries/aws_wellarchitected_check_detail_6.yaml @@ -1,34 +1,25 @@ +Description: Allows users to query AWS Well-Architected Tool Check Details for information + on individual checks within a workload. The table provides data on the check status, + risk, reason for risk, improvement plan, and other related details. ID: aws_wellarchitected_check_detail_6 -Title: "Find AWS Well-Architected Tool Check Detail Information" -Description: "Allows users to query AWS Well-Architected Tool Check Details for information on individual checks within a workload. The table provides data on the check status, risk, reason for risk, improvement plan, and other related details." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - choice_id, - name, - pillar_id, - question_id, - flagged_resources, - status, - updated_at - from - aws_wellarchitected_check_detail - where - lens_arn = 'arn:aws:wellarchitected::aws:lens/wellarchitected' - and workload_id = 'abcdc851ac1d8d9d5b9938615da016ce'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n choice_id,\n name,\n pillar_id,\n question_id,\n\ + \ flagged_resources,\n status,\n updated_at\nfrom\n aws_wellarchitected_check_detail\n\ + where\n lens_arn = 'arn:aws:wellarchitected::aws:lens/wellarchitected'\n and\ + \ workload_id = 'abcdc851ac1d8d9d5b9938615da016ce';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find AWS Well-Architected Tool Check Detail Information diff --git a/queries/aws_wellarchitected_check_summary_1.yaml b/queries/aws_wellarchitected_check_summary_1.yaml index 0b5b66d88..03e3b7019 100755 --- a/queries/aws_wellarchitected_check_summary_1.yaml +++ b/queries/aws_wellarchitected_check_summary_1.yaml @@ -1,34 +1,24 @@ +Description: Allows users to query AWS Well-Architected Tool Check Summary for detailed + information about the checks for all workloads. This table provides insights into + the state of your workloads, highlighting potential risks and areas for improvement. ID: aws_wellarchitected_check_summary_1 -Title: "List all AWS Well-Architected Tool Check Summary Details" -Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - id, - name, - description, - jsonb_pretty(account_summary) as account_summary, - choice_id, - lens_arn, - pillar_id, - question_id, - status, - region, - workload_id - from - aws_wellarchitected_check_summary; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n id,\n name,\n description,\n jsonb_pretty(account_summary)\ + \ as account_summary,\n choice_id,\n lens_arn,\n pillar_id,\n question_id,\n\ + \ status,\n region,\n workload_id\nfrom\n aws_wellarchitected_check_summary;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Check Summary Details diff --git a/queries/aws_wellarchitected_check_summary_2.yaml b/queries/aws_wellarchitected_check_summary_2.yaml index 5f857aef6..db7ecb832 100755 --- a/queries/aws_wellarchitected_check_summary_2.yaml +++ b/queries/aws_wellarchitected_check_summary_2.yaml @@ -1,33 +1,24 @@ +Description: Allows users to query AWS Well-Architected Tool Check Summary for detailed + information about the checks for all workloads. This table provides insights into + the state of your workloads, highlighting potential risks and areas for improvement. ID: aws_wellarchitected_check_summary_2 -Title: "Find AWS Well-Architected Tool Check Summary Details" -Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - id, - name, - jsonb_pretty(account_summary) as account_summary, - status, - choice_id, - pillar_id, - question_id - from - aws_wellarchitected_check_summary - where - workload_id = 'abcdc851ac1d8d9d5b9938615da016ce'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n id,\n name,\n jsonb_pretty(account_summary)\ + \ as account_summary,\n status,\n choice_id,\n pillar_id,\n question_id\n\ + from\n aws_wellarchitected_check_summary\nwhere\n workload_id = 'abcdc851ac1d8d9d5b9938615da016ce';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find AWS Well-Architected Tool Check Summary Details diff --git a/queries/aws_wellarchitected_check_summary_3.yaml b/queries/aws_wellarchitected_check_summary_3.yaml index 0c6504766..e732aca63 100755 --- a/queries/aws_wellarchitected_check_summary_3.yaml +++ b/queries/aws_wellarchitected_check_summary_3.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Well-Architected Tool Check Summary for detailed + information about the checks for all workloads. This table provides insights into + the state of your workloads, highlighting potential risks and areas for improvement. ID: aws_wellarchitected_check_summary_3 -Title: "Find AWS Well-Architected Tool Check Summaries" -Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - id, - name, - jsonb_pretty(account_summary) as account_summary, - pillar_id, - question_id - from - aws_wellarchitected_check_summary - where - status = 'ERROR'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n id,\n name,\n jsonb_pretty(account_summary)\ + \ as account_summary,\n pillar_id,\n question_id\nfrom\n aws_wellarchitected_check_summary\n\ + where\n status = 'ERROR';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Well-Architected Tool +Title: Find AWS Well-Architected Tool Check Summaries diff --git a/queries/aws_wellarchitected_check_summary_4.yaml b/queries/aws_wellarchitected_check_summary_4.yaml index 0008cd3ce..89b8ce647 100755 --- a/queries/aws_wellarchitected_check_summary_4.yaml +++ b/queries/aws_wellarchitected_check_summary_4.yaml @@ -1,31 +1,24 @@ +Description: Allows users to query AWS Well-Architected Tool Check Summary for detailed + information about the checks for all workloads. This table provides insights into + the state of your workloads, highlighting potential risks and areas for improvement. ID: aws_wellarchitected_check_summary_4 -Title: "Query AWS Well-Architected Tool Check Summaries" -Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - id, - name, - account_summary ->> 'ERROR' as errors, - account_summary ->> 'FETCH_FAILED' as fetch_failed, - account_summary ->> 'NOT_AVAILABLE' as not_available, - account_summary ->> 'OKAY' as okay, - account_summary ->> 'WARNING' as warnings, - pillar_id, - question_id - from - aws_wellarchitected_check_summary; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n id,\n name,\n account_summary ->> 'ERROR'\ + \ as errors,\n account_summary ->> 'FETCH_FAILED' as fetch_failed,\n account_summary\ + \ ->> 'NOT_AVAILABLE' as not_available,\n account_summary ->> 'OKAY' as okay,\n\ + \ account_summary ->> 'WARNING' as warnings,\n pillar_id,\n question_id\nfrom\n\ + \ aws_wellarchitected_check_summary;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Query AWS Well-Architected Tool Check Summaries diff --git a/queries/aws_wellarchitected_check_summary_5.yaml b/queries/aws_wellarchitected_check_summary_5.yaml index 93d89d1eb..e3144ffa5 100755 --- a/queries/aws_wellarchitected_check_summary_5.yaml +++ b/queries/aws_wellarchitected_check_summary_5.yaml @@ -1,36 +1,27 @@ +Description: Allows users to query AWS Well-Architected Tool Check Summary for detailed + information about the checks for all workloads. This table provides insights into + the state of your workloads, highlighting potential risks and areas for improvement. ID: aws_wellarchitected_check_summary_5 -Title: "Find AWS Well-Architected Tool Check Summary Insights" -Description: "Allows users to query AWS Well-Architected Tool Check Summary for detailed information about the checks for all workloads. This table provides insights into the state of your workloads, highlighting potential risks and areas for improvement." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - id, - name, - account_summary ->> 'ERROR' as errors, - account_summary ->> 'FETCH_FAILED' as fetch_failed, - account_summary ->> 'NOT_AVAILABLE' as not_available, - account_summary ->> 'OKAY' as okay, - account_summary ->> 'WARNING' as warnings, - pillar_id, - question_id - from - aws_wellarchitected_check_summary - where - lens_arn = 'arn:aws:wellarchitected::aws:lens/wellarchitected' - and workload_id = 'abcdc851ac1d8d9d5b9938615da016ce'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n id,\n name,\n account_summary ->> 'ERROR'\ + \ as errors,\n account_summary ->> 'FETCH_FAILED' as fetch_failed,\n account_summary\ + \ ->> 'NOT_AVAILABLE' as not_available,\n account_summary ->> 'OKAY' as okay,\n\ + \ account_summary ->> 'WARNING' as warnings,\n pillar_id,\n question_id\nfrom\n\ + \ aws_wellarchitected_check_summary\nwhere\n lens_arn = 'arn:aws:wellarchitected::aws:lens/wellarchitected'\n\ + \ and workload_id = 'abcdc851ac1d8d9d5b9938615da016ce';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find AWS Well-Architected Tool Check Summary Insights diff --git a/queries/aws_wellarchitected_consolidated_report_1.yaml b/queries/aws_wellarchitected_consolidated_report_1.yaml index e5a8bfe58..72a4ea25e 100755 --- a/queries/aws_wellarchitected_consolidated_report_1.yaml +++ b/queries/aws_wellarchitected_consolidated_report_1.yaml @@ -1,29 +1,23 @@ +Description: Allows users to query consolidated reports from the AWS Well-Architected + Tool, providing a comprehensive view of a workload''s alignment with AWS architectural + best practices. ID: aws_wellarchitected_consolidated_report_1 -Title: "List all AWS Well-Architected Tool Consolidated Reports" -Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_arn, - workload_id, - lenses_applied_count, - metric_type, - updated_at - from - aws_wellarchitected_consolidated_report; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_name,\n workload_arn,\n workload_id,\n lenses_applied_count,\n\ + \ metric_type,\n updated_at\nfrom\n aws_wellarchitected_consolidated_report;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Consolidated Reports diff --git a/queries/aws_wellarchitected_consolidated_report_2.yaml b/queries/aws_wellarchitected_consolidated_report_2.yaml index 08a42f304..268353248 100755 --- a/queries/aws_wellarchitected_consolidated_report_2.yaml +++ b/queries/aws_wellarchitected_consolidated_report_2.yaml @@ -1,33 +1,26 @@ +Description: Allows users to query consolidated reports from the AWS Well-Architected + Tool, providing a comprehensive view of a workload''s alignment with AWS architectural + best practices. ID: aws_wellarchitected_consolidated_report_2 -Title: "Find All AWS Well-Architected Consolidated Reports" -Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.workload_name, - r.workload_arn, - r.workload_id, - r.lenses_applied_count, - w.environment as workload_environment, - w.improvement_status as workload_improvement_status, - w.review_restriction_date as workload_review_restriction_date - from - aws_wellarchitected_consolidated_report as r, - aws_wellarchitected_workload as w - where - w.workload_id = r.workload_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.workload_name,\n r.workload_arn,\n r.workload_id,\n\ + \ r.lenses_applied_count,\n w.environment as workload_environment,\n w.improvement_status\ + \ as workload_improvement_status,\n w.review_restriction_date as workload_review_restriction_date\n\ + from\n aws_wellarchitected_consolidated_report as r,\n aws_wellarchitected_workload\ + \ as w\nwhere\n w.workload_id = r.workload_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find All AWS Well-Architected Consolidated Reports diff --git a/queries/aws_wellarchitected_consolidated_report_3.yaml b/queries/aws_wellarchitected_consolidated_report_3.yaml index f6f655091..0ab11d669 100755 --- a/queries/aws_wellarchitected_consolidated_report_3.yaml +++ b/queries/aws_wellarchitected_consolidated_report_3.yaml @@ -1,24 +1,21 @@ +Description: Allows users to query consolidated reports from the AWS Well-Architected + Tool, providing a comprehensive view of a workload''s alignment with AWS architectural + best practices. ID: aws_wellarchitected_consolidated_report_3 -Title: "List all AWS Well-Architected Tool Consolidated Reports" -Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_id, - risk_counts -> 'HIGH' as high_risk_counts - from - aws_wellarchitected_consolidated_report; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_name,\n workload_id,\n risk_counts -> 'HIGH'\ + \ as high_risk_counts\nfrom\n aws_wellarchitected_consolidated_report;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Consolidated Reports diff --git a/queries/aws_wellarchitected_consolidated_report_4.yaml b/queries/aws_wellarchitected_consolidated_report_4.yaml index 10c19f098..866c923f0 100755 --- a/queries/aws_wellarchitected_consolidated_report_4.yaml +++ b/queries/aws_wellarchitected_consolidated_report_4.yaml @@ -1,29 +1,25 @@ +Description: Allows users to query consolidated reports from the AWS Well-Architected + Tool, providing a comprehensive view of a workload''s alignment with AWS architectural + best practices. ID: aws_wellarchitected_consolidated_report_4 -Title: "List all AWS Well-Architected Tool Consolidated Reports" -Description: "Allows users to query consolidated reports from the AWS Well-Architected Tool, providing a comprehensive view of a workload''s alignment with AWS architectural best practices." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_id, - l ->> 'LensArn' as lens_arn, - l -> 'Pillars' as pillars, - l -> 'RiskCounts' as risk_counts - from - aws_wellarchitected_consolidated_report, - jsonb_array_elements(lenses) as l; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_name,\n workload_id,\n l ->> 'LensArn' as\ + \ lens_arn,\n l -> 'Pillars' as pillars,\n l -> 'RiskCounts' as risk_counts\n\ + from\n aws_wellarchitected_consolidated_report,\n jsonb_array_elements(lenses)\ + \ as l;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Consolidated Reports diff --git a/queries/aws_wellarchitected_lens_1.yaml b/queries/aws_wellarchitected_lens_1.yaml index 9cda0bb47..495314209 100755 --- a/queries/aws_wellarchitected_lens_1.yaml +++ b/queries/aws_wellarchitected_lens_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Well-Architected Lens, providing details about + each lens such as its name, description, and associated AWS Well-Architected Framework + pillars. ID: aws_wellarchitected_lens_1 -Title: "List all AWS Well-Architected Lenses with details" -Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_alias, - arn, - lens_status, - lens_type, - owner - from - aws_wellarchitected_lens; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_name,\n lens_alias,\n arn,\n lens_status,\n \ + \ lens_type,\n owner\nfrom\n aws_wellarchitected_lens;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected +Title: List all AWS Well-Architected Lenses with details diff --git a/queries/aws_wellarchitected_lens_2.yaml b/queries/aws_wellarchitected_lens_2.yaml index cf118996c..900e7ed46 100755 --- a/queries/aws_wellarchitected_lens_2.yaml +++ b/queries/aws_wellarchitected_lens_2.yaml @@ -1,25 +1,21 @@ +Description: Allows users to query AWS Well-Architected Lens, providing details about + each lens such as its name, description, and associated AWS Well-Architected Framework + pillars. ID: aws_wellarchitected_lens_2 -Title: "List AWS Well-Architected Lens Details" -Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select distinct - on(arn) arn, - lens_name, - lens_status, - lens_type - from - aws_wellarchitected_lens; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select distinct\n on(arn) arn,\n lens_name,\n lens_status,\n\ + \ lens_type\nfrom\n aws_wellarchitected_lens;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Lens +Title: List AWS Well-Architected Lens Details diff --git a/queries/aws_wellarchitected_lens_3.yaml b/queries/aws_wellarchitected_lens_3.yaml index 81ee048dc..2b451a8b7 100755 --- a/queries/aws_wellarchitected_lens_3.yaml +++ b/queries/aws_wellarchitected_lens_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query AWS Well-Architected Lens, providing details about + each lens such as its name, description, and associated AWS Well-Architected Framework + pillars. ID: aws_wellarchitected_lens_3 -Title: "Find AWS Well-Architected Lens details" -Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - arn, - lens_status, - lens_type, - owner, - share_invitation_id - from - aws_wellarchitected_lens - where - lens_type = 'CUSTOM_SHARED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_name,\n arn,\n lens_status,\n lens_type,\n owner,\n\ + \ share_invitation_id\nfrom\n aws_wellarchitected_lens\nwhere\n lens_type =\ + \ 'CUSTOM_SHARED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Lens +Title: Find AWS Well-Architected Lens details diff --git a/queries/aws_wellarchitected_lens_4.yaml b/queries/aws_wellarchitected_lens_4.yaml index 277d85048..a89818268 100755 --- a/queries/aws_wellarchitected_lens_4.yaml +++ b/queries/aws_wellarchitected_lens_4.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Well-Architected Lens, providing details about + each lens such as its name, description, and associated AWS Well-Architected Framework + pillars. ID: aws_wellarchitected_lens_4 -Title: "List all AWS Well-Architected Lens with Details" -Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_status, - lens_type, - lens_version, - owner - from - aws_wellarchitected_lens - where - lens_status = 'DEPRECATED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_name,\n lens_status,\n lens_type,\n lens_version,\n\ + \ owner\nfrom\n aws_wellarchitected_lens\nwhere\n lens_status = 'DEPRECATED';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Well-Architected Lens +Title: List all AWS Well-Architected Lens with Details diff --git a/queries/aws_wellarchitected_lens_5.yaml b/queries/aws_wellarchitected_lens_5.yaml index 05fd213e1..44c304374 100755 --- a/queries/aws_wellarchitected_lens_5.yaml +++ b/queries/aws_wellarchitected_lens_5.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query AWS Well-Architected Lens, providing details about + each lens such as its name, description, and associated AWS Well-Architected Framework + pillars. ID: aws_wellarchitected_lens_5 -Title: "List all AWS Well-Architected Lens with Details" -Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_status, - lens_type, - created_at, - lens_version - from - aws_wellarchitected_lens - where - created_at <= now() - interval '30' day; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_name,\n lens_status,\n lens_type,\n created_at,\n\ + \ lens_version\nfrom\n aws_wellarchitected_lens\nwhere\n created_at <= now()\ + \ - interval '30' day;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Lens +Title: List all AWS Well-Architected Lens with Details diff --git a/queries/aws_wellarchitected_lens_6.yaml b/queries/aws_wellarchitected_lens_6.yaml index cc80a6005..55109921a 100755 --- a/queries/aws_wellarchitected_lens_6.yaml +++ b/queries/aws_wellarchitected_lens_6.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Well-Architected Lens, providing details about + each lens such as its name, description, and associated AWS Well-Architected Framework + pillars. ID: aws_wellarchitected_lens_6 -Title: "List All AWS Well-Architected Lens Details" -Description: "Allows users to query AWS Well-Architected Lens, providing details about each lens such as its name, description, and associated AWS Well-Architected Framework pillars." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_status, - lens_type, - lens_version, - owner, - account_id - from - aws_wellarchitected_lens - where - owner = account_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_name,\n lens_status,\n lens_type,\n lens_version,\n\ + \ owner,\n account_id\nfrom\n aws_wellarchitected_lens\nwhere\n owner = account_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Lens +Title: List All AWS Well-Architected Lens Details diff --git a/queries/aws_wellarchitected_lens_review_1.yaml b/queries/aws_wellarchitected_lens_review_1.yaml index c3744682f..15d1e9c31 100755 --- a/queries/aws_wellarchitected_lens_review_1.yaml +++ b/queries/aws_wellarchitected_lens_review_1.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Well-Architected Tool Lens Reviews to obtain + detailed information about each review, including its associated workload, lens, + and milestone information. ID: aws_wellarchitected_lens_review_1 -Title: "List all AWS Well-Architected Tool Lens Reviews" -Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - workload_id, - lens_arn, - lens_alias, - lens_version, - updated_at - from - aws_wellarchitected_lens_review; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_name,\n workload_id,\n lens_arn,\n lens_alias,\n\ + \ lens_version,\n updated_at\nfrom\n aws_wellarchitected_lens_review;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Lens Reviews diff --git a/queries/aws_wellarchitected_lens_review_2.yaml b/queries/aws_wellarchitected_lens_review_2.yaml index 16bcd6aa6..eb65b8719 100755 --- a/queries/aws_wellarchitected_lens_review_2.yaml +++ b/queries/aws_wellarchitected_lens_review_2.yaml @@ -1,27 +1,21 @@ +Description: Allows users to query AWS Well-Architected Tool Lens Reviews to obtain + detailed information about each review, including its associated workload, lens, + and milestone information. ID: aws_wellarchitected_lens_review_2 -Title: "List all AWS Well-Architected Lens Reviews with Status" -Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - workload_id, - lens_alias, - lens_status - from - aws_wellarchitected_lens_review - where - lens_status = 'DEPRECATED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_name,\n workload_id,\n lens_alias,\n lens_status\n\ + from\n aws_wellarchitected_lens_review\nwhere\n lens_status = 'DEPRECATED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Lens Reviews with Status diff --git a/queries/aws_wellarchitected_lens_review_3.yaml b/queries/aws_wellarchitected_lens_review_3.yaml index 117f0bf11..3692dc818 100755 --- a/queries/aws_wellarchitected_lens_review_3.yaml +++ b/queries/aws_wellarchitected_lens_review_3.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS Well-Architected Tool Lens Reviews to obtain + detailed information about each review, including its associated workload, lens, + and milestone information. ID: aws_wellarchitected_lens_review_3 -Title: "List all AWS Well-Architected Tool Lens Review Information" -Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - workload_id, - risk_counts -> 'HIGH' as high_risk_counts - from - aws_wellarchitected_lens_review; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_name,\n workload_id,\n risk_counts -> 'HIGH' as\ + \ high_risk_counts\nfrom\n aws_wellarchitected_lens_review;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Lens Review Information diff --git a/queries/aws_wellarchitected_lens_review_4.yaml b/queries/aws_wellarchitected_lens_review_4.yaml index b4154f228..fed49db0e 100755 --- a/queries/aws_wellarchitected_lens_review_4.yaml +++ b/queries/aws_wellarchitected_lens_review_4.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query AWS Well-Architected Tool Lens Reviews to obtain + detailed information about each review, including its associated workload, lens, + and milestone information. ID: aws_wellarchitected_lens_review_4 -Title: "Query AWS Well-Architected Lens Reviews using SQL" -Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.lens_name, - r.workload_id, - r.lens_status, - r.lens_version, - w.architectural_design, - w.environment, - w.review_restriction_date - from - aws_wellarchitected_lens_review as r, - aws_wellarchitected_workload as w - where - r.workload_id = w.workload_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.lens_name,\n r.workload_id,\n r.lens_status,\n r.lens_version,\n\ + \ w.architectural_design,\n w.environment,\n w.review_restriction_date\nfrom\n\ + \ aws_wellarchitected_lens_review as r,\n aws_wellarchitected_workload as w\n\ + where\n r.workload_id = w.workload_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Query AWS Well-Architected Lens Reviews using SQL diff --git a/queries/aws_wellarchitected_lens_review_5.yaml b/queries/aws_wellarchitected_lens_review_5.yaml index f5f621769..3192071a6 100755 --- a/queries/aws_wellarchitected_lens_review_5.yaml +++ b/queries/aws_wellarchitected_lens_review_5.yaml @@ -1,30 +1,25 @@ +Description: Allows users to query AWS Well-Architected Tool Lens Reviews to obtain + detailed information about each review, including its associated workload, lens, + and milestone information. ID: aws_wellarchitected_lens_review_5 -Title: "List AWS Well-Architected Tool Lens Reviews with SQL" -Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_arn, - s ->> 'Notes' as pillar_review_summary_note, - s ->> 'PillarId' as pillar_id, - s ->> 'PillarName' as pillar_name, - s ->> 'RiskCounts' as RiskCounts - from - aws_wellarchitected_lens_review, - jsonb_array_elements(pillar_review_summaries) as s; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_name,\n lens_arn,\n s ->> 'Notes' as pillar_review_summary_note,\n\ + \ s ->> 'PillarId' as pillar_id,\n s ->> 'PillarName' as pillar_name,\n s ->>\ + \ 'RiskCounts' as RiskCounts\nfrom\n aws_wellarchitected_lens_review,\n jsonb_array_elements(pillar_review_summaries)\ + \ as s;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List AWS Well-Architected Tool Lens Reviews with SQL diff --git a/queries/aws_wellarchitected_lens_review_6.yaml b/queries/aws_wellarchitected_lens_review_6.yaml index 1f31e5ca1..e7b0e7011 100755 --- a/queries/aws_wellarchitected_lens_review_6.yaml +++ b/queries/aws_wellarchitected_lens_review_6.yaml @@ -1,24 +1,21 @@ +Description: Allows users to query AWS Well-Architected Tool Lens Reviews to obtain + detailed information about each review, including its associated workload, lens, + and milestone information. ID: aws_wellarchitected_lens_review_6 -Title: "Find Lens Reviews with Workload and Milestone Info" -Description: "Allows users to query AWS Well-Architected Tool Lens Reviews to obtain detailed information about each review, including its associated workload, lens, and milestone information." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_arn, - jsonb_pretty(risk_counts) as risk_counts - from - aws_wellarchitected_lens_review; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_name,\n lens_arn,\n jsonb_pretty(risk_counts)\ + \ as risk_counts\nfrom\n aws_wellarchitected_lens_review;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find Lens Reviews with Workload and Milestone Info diff --git a/queries/aws_wellarchitected_lens_review_improvement_1.yaml b/queries/aws_wellarchitected_lens_review_improvement_1.yaml index 59a0d46e6..4c84ca5c8 100755 --- a/queries/aws_wellarchitected_lens_review_improvement_1.yaml +++ b/queries/aws_wellarchitected_lens_review_improvement_1.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query Lens Review Improvements in the AWS Well-Architected + Framework. ID: aws_wellarchitected_lens_review_improvement_1 -Title: "List AWS Well-Architected Framework Lens Review Improvements" -Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_alias, - lens_arn, - workload_id, - improvement_plan_url, - pillar_id, - question_id, - question_title - from - aws_wellarchitected_lens_review_improvement; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_alias,\n lens_arn,\n workload_id,\n improvement_plan_url,\n\ + \ pillar_id,\n question_id,\n question_title\nfrom\n aws_wellarchitected_lens_review_improvement;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Framework +Title: List AWS Well-Architected Framework Lens Review Improvements diff --git a/queries/aws_wellarchitected_lens_review_improvement_2.yaml b/queries/aws_wellarchitected_lens_review_improvement_2.yaml index c27c53f47..7b5e2a497 100755 --- a/queries/aws_wellarchitected_lens_review_improvement_2.yaml +++ b/queries/aws_wellarchitected_lens_review_improvement_2.yaml @@ -1,31 +1,21 @@ +Description: Allows users to query Lens Review Improvements in the AWS Well-Architected + Framework. ID: aws_wellarchitected_lens_review_improvement_2 -Title: "List All AWS Lens Review Improvements with High Risk" -Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_alias, - lens_arn, - workload_id, - improvement_plan_url, - question_id, - question_title, - risk - from - aws_wellarchitected_lens_review_improvement - where - workload_id = '4fca39b680a31bb118be6bc0d177849d' - and risk = 'HIGH'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_alias,\n lens_arn,\n workload_id,\n improvement_plan_url,\n\ + \ question_id,\n question_title,\n risk\nfrom\n aws_wellarchitected_lens_review_improvement\n\ + where\n workload_id = '4fca39b680a31bb118be6bc0d177849d'\n and risk = 'HIGH';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Framework +Title: List All AWS Lens Review Improvements with High Risk diff --git a/queries/aws_wellarchitected_lens_review_improvement_3.yaml b/queries/aws_wellarchitected_lens_review_improvement_3.yaml index f42f6433a..81d51ea19 100755 --- a/queries/aws_wellarchitected_lens_review_improvement_3.yaml +++ b/queries/aws_wellarchitected_lens_review_improvement_3.yaml @@ -1,32 +1,22 @@ +Description: Allows users to query Lens Review Improvements in the AWS Well-Architected + Framework. ID: aws_wellarchitected_lens_review_improvement_3 -Title: "List All Lens Review Improvements in AWS Well-Architected" -Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_arn, - workload_id, - risk, - count(risk) - from - aws_wellarchitected_lens_review_improvement - where - lens_alias = 'wellarchitected' - and workload_id = '4fca39b680a31bb118be6bc0d177849d' - group by - risk, - lens_arn, - workload_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_arn,\n workload_id,\n risk,\n count(risk)\nfrom\n\ + \ aws_wellarchitected_lens_review_improvement\nwhere\n lens_alias = 'wellarchitected'\n\ + \ and workload_id = '4fca39b680a31bb118be6bc0d177849d'\ngroup by\n risk,\n \ + \ lens_arn,\n workload_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Framework +Title: List All Lens Review Improvements in AWS Well-Architected diff --git a/queries/aws_wellarchitected_lens_review_improvement_4.yaml b/queries/aws_wellarchitected_lens_review_improvement_4.yaml index 2c5932c0f..be84ebab9 100755 --- a/queries/aws_wellarchitected_lens_review_improvement_4.yaml +++ b/queries/aws_wellarchitected_lens_review_improvement_4.yaml @@ -1,27 +1,22 @@ +Description: Allows users to query Lens Review Improvements in the AWS Well-Architected + Framework. ID: aws_wellarchitected_lens_review_improvement_4 -Title: "List AWS Well-Architected Framework Lens Review Improvements" -Description: "Allows users to query Lens Review Improvements in the AWS Well-Architected Framework." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_alias, - workload_id, - p ->> 'ChoiceId' as choice_id, - p ->> 'DisplayText' as display_text, - p ->> 'ImprovementPlanUrl' as improvement_plan_url - from - aws_wellarchitected_lens_review_improvement, - jsonb_array_elements(improvement_plans) as p; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_alias,\n workload_id,\n p ->> 'ChoiceId' as choice_id,\n\ + \ p ->> 'DisplayText' as display_text,\n p ->> 'ImprovementPlanUrl' as improvement_plan_url\n\ + from\n aws_wellarchitected_lens_review_improvement,\n jsonb_array_elements(improvement_plans)\ + \ as p;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Framework +Title: List AWS Well-Architected Framework Lens Review Improvements diff --git a/queries/aws_wellarchitected_lens_review_report_1.yaml b/queries/aws_wellarchitected_lens_review_report_1.yaml index 34934929e..44f232f50 100755 --- a/queries/aws_wellarchitected_lens_review_report_1.yaml +++ b/queries/aws_wellarchitected_lens_review_report_1.yaml @@ -1,28 +1,22 @@ +Description: Allows users to query Lens Review Reports in the AWS Well-Architected + Tool. ID: aws_wellarchitected_lens_review_report_1 -Title: "Find AWS Well-Architected Tool Lens Review Reports" -Description: "Allows users to query Lens Review Reports in the AWS Well-Architected Tool." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_alias, - lens_arn, - workload_id, - milestone_number, - base64_string - from - aws_wellarchitected_lens_review_report; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_alias,\n lens_arn,\n workload_id,\n milestone_number,\n\ + \ base64_string\nfrom\n aws_wellarchitected_lens_review_report;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find AWS Well-Architected Tool Lens Review Reports diff --git a/queries/aws_wellarchitected_lens_review_report_2.yaml b/queries/aws_wellarchitected_lens_review_report_2.yaml index 09c0a1f10..0672fc34a 100755 --- a/queries/aws_wellarchitected_lens_review_report_2.yaml +++ b/queries/aws_wellarchitected_lens_review_report_2.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query Lens Review Reports in the AWS Well-Architected + Tool. ID: aws_wellarchitected_lens_review_report_2 -Title: "List all AWS Well-Architected Tool Lens Review Reports" -Description: "Allows users to query Lens Review Reports in the AWS Well-Architected Tool." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - w.workload_name, - r.workload_id, - r.base64_string, - w.environment, - w.is_review_owner_update_acknowledged - from - aws_wellarchitected_lens_review_report as r, - aws_wellarchitected_workload as w - where - r.workload_id = w.workload_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n w.workload_name,\n r.workload_id,\n r.base64_string,\n\ + \ w.environment,\n w.is_review_owner_update_acknowledged\nfrom\n aws_wellarchitected_lens_review_report\ + \ as r,\n aws_wellarchitected_workload as w\nwhere\n r.workload_id = w.workload_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Lens Review Reports diff --git a/queries/aws_wellarchitected_lens_review_report_3.yaml b/queries/aws_wellarchitected_lens_review_report_3.yaml index 4e62e7a83..34f326c8c 100755 --- a/queries/aws_wellarchitected_lens_review_report_3.yaml +++ b/queries/aws_wellarchitected_lens_review_report_3.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query Lens Review Reports in the AWS Well-Architected + Tool. ID: aws_wellarchitected_lens_review_report_3 -Title: "List all AWS Well-Architected Tool Lens Review Reports" -Description: "Allows users to query Lens Review Reports in the AWS Well-Architected Tool." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - r.lens_alias, - r.lens_arn, - r.base64_string, - l.lens_type - from - aws_wellarchitected_lens_review_report as r, - aws_wellarchitected_lens as l - where - l.lens_type <> `aws_OFFICIAL'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n r.lens_alias,\n r.lens_arn,\n r.base64_string,\n l.lens_type\n\ + from\n aws_wellarchitected_lens_review_report as r,\n aws_wellarchitected_lens\ + \ as l\nwhere\n l.lens_type <> `aws_OFFICIAL';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Lens Review Reports diff --git a/queries/aws_wellarchitected_lens_share_1.yaml b/queries/aws_wellarchitected_lens_share_1.yaml index c935c69cf..ad0324207 100755 --- a/queries/aws_wellarchitected_lens_share_1.yaml +++ b/queries/aws_wellarchitected_lens_share_1.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query Lens Shares in AWS Well-Architected Tool, providing + details about shared lenses including the share ARN, share status, and the AWS account + ID of the lens owner. ID: aws_wellarchitected_lens_share_1 -Title: "Find AWS Well-Architected Tool Lens Shares Details" -Description: "Allows users to query Lens Shares in AWS Well-Architected Tool, providing details about shared lenses including the share ARN, share status, and the AWS account ID of the lens owner." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_alias, - lens_arn, - share_id, - shared_with - from - aws_wellarchitected_lens_share; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_name,\n lens_alias,\n lens_arn,\n share_id,\n\ + \ shared_with\nfrom\n aws_wellarchitected_lens_share;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find AWS Well-Architected Tool Lens Shares Details diff --git a/queries/aws_wellarchitected_lens_share_2.yaml b/queries/aws_wellarchitected_lens_share_2.yaml index bb0632a20..4a1429d64 100755 --- a/queries/aws_wellarchitected_lens_share_2.yaml +++ b/queries/aws_wellarchitected_lens_share_2.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query Lens Shares in AWS Well-Architected Tool, providing + details about shared lenses including the share ARN, share status, and the AWS account + ID of the lens owner. ID: aws_wellarchitected_lens_share_2 -Title: "Find AWS Well-Architected Tool Lens Shares Details" -Description: "Allows users to query Lens Shares in AWS Well-Architected Tool, providing details about shared lenses including the share ARN, share status, and the AWS account ID of the lens owner." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - s.lens_name, - l.arn, - l.lens_status, - l.lens_type, - l.owner, - l.share_invitation_id - from - aws_wellarchitected_lens_share as s, - aws_wellarchitected_lens as l - where - s.lens_arn = l.arn; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n s.lens_name,\n l.arn,\n l.lens_status,\n l.lens_type,\n\ + \ l.owner,\n l.share_invitation_id\nfrom\n aws_wellarchitected_lens_share as\ + \ s,\n aws_wellarchitected_lens as l\nwhere\n s.lens_arn = l.arn;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find AWS Well-Architected Tool Lens Shares Details diff --git a/queries/aws_wellarchitected_lens_share_3.yaml b/queries/aws_wellarchitected_lens_share_3.yaml index 3c73ae72f..a2070c116 100755 --- a/queries/aws_wellarchitected_lens_share_3.yaml +++ b/queries/aws_wellarchitected_lens_share_3.yaml @@ -1,29 +1,22 @@ +Description: Allows users to query Lens Shares in AWS Well-Architected Tool, providing + details about shared lenses including the share ARN, share status, and the AWS account + ID of the lens owner. ID: aws_wellarchitected_lens_share_3 -Title: "List all AWS Well-Architected Tool Lens Shares" -Description: "Allows users to query Lens Shares in AWS Well-Architected Tool, providing details about shared lenses including the share ARN, share status, and the AWS account ID of the lens owner." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_name, - lens_alias, - lens_arn, - share_id, - shared_with, - status - from - aws_wellarchitected_lens_share - where - status = 'PENDING'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_name,\n lens_alias,\n lens_arn,\n share_id,\n\ + \ shared_with,\n status\nfrom\n aws_wellarchitected_lens_share\nwhere\n status\ + \ = 'PENDING';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Lens Shares diff --git a/queries/aws_wellarchitected_milestone_1.yaml b/queries/aws_wellarchitected_milestone_1.yaml index 504871f64..f1af768c5 100755 --- a/queries/aws_wellarchitected_milestone_1.yaml +++ b/queries/aws_wellarchitected_milestone_1.yaml @@ -1,26 +1,20 @@ +Description: Allows users to query AWS Well-Architected Tool Milestones for detailed + information about the milestones of a workload. ID: aws_wellarchitected_milestone_1 -Title: "List all AWS Well-Architected Tool Milestones" -Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - milestone_name, - milestone_number, - recorded_at, - region - from - aws_wellarchitected_milestone; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n milestone_name,\n milestone_number,\n\ + \ recorded_at,\n region\nfrom\n aws_wellarchitected_milestone;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Milestones diff --git a/queries/aws_wellarchitected_milestone_2.yaml b/queries/aws_wellarchitected_milestone_2.yaml index 2631d3b56..9aa24b385 100755 --- a/queries/aws_wellarchitected_milestone_2.yaml +++ b/queries/aws_wellarchitected_milestone_2.yaml @@ -1,42 +1,26 @@ +Description: Allows users to query AWS Well-Architected Tool Milestones for detailed + information about the milestones of a workload. ID: aws_wellarchitected_milestone_2 -Title: "List AWS Well-Architected Tool milestone details" -Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - with latest_milestones as - ( - select - max(milestone_number) as milestone_number, - workload_id - from - aws_wellarchitected_milestone - group by - workload_id - ) - select - m.workload_id, - m.milestone_name, - m.milestone_number as latest_milestone_number, - m.recorded_at, - m.region - from - aws_wellarchitected_milestone m, - latest_milestones l - where - m.milestone_number = l.milestone_number - and m.workload_id = l.workload_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "with latest_milestones as \n(\n select\n max(milestone_number)\ + \ as milestone_number,\n workload_id\n from\n aws_wellarchitected_milestone\n\ + \ group by\n workload_id\n) \nselect\n m.workload_id,\n m.milestone_name,\n\ + \ m.milestone_number as latest_milestone_number,\n m.recorded_at,\n m.region\n\ + from\n aws_wellarchitected_milestone m,\n latest_milestones l\nwhere\n m.milestone_number\ + \ = l.milestone_number\n and m.workload_id = l.workload_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List AWS Well-Architected Tool milestone details diff --git a/queries/aws_wellarchitected_milestone_3.yaml b/queries/aws_wellarchitected_milestone_3.yaml index 2dd08b4ce..11e6acf29 100755 --- a/queries/aws_wellarchitected_milestone_3.yaml +++ b/queries/aws_wellarchitected_milestone_3.yaml @@ -1,33 +1,23 @@ +Description: Allows users to query AWS Well-Architected Tool Milestones for detailed + information about the milestones of a workload. ID: aws_wellarchitected_milestone_3 -Title: "Query AWS Well-Architected Tool Milestones in Detail" -Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - m.milestone_name, - m.milestone_number, - w.workload_name, - w.workload_id, - w.environment, - w.industry, - w.owner - from - aws_wellarchitected_workload w, - aws_wellarchitected_milestone m - where - w.workload_id = m.workload_id; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n m.milestone_name,\n m.milestone_number,\n w.workload_name,\n\ + \ w.workload_id,\n w.environment,\n w.industry,\n w.owner\nfrom\n aws_wellarchitected_workload\ + \ w,\n aws_wellarchitected_milestone m\nwhere\n w.workload_id = m.workload_id;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Query AWS Well-Architected Tool Milestones in Detail diff --git a/queries/aws_wellarchitected_milestone_4.yaml b/queries/aws_wellarchitected_milestone_4.yaml index 38f1e994c..bc0cdfec7 100755 --- a/queries/aws_wellarchitected_milestone_4.yaml +++ b/queries/aws_wellarchitected_milestone_4.yaml @@ -1,35 +1,24 @@ +Description: Allows users to query AWS Well-Architected Tool Milestones for detailed + information about the milestones of a workload. ID: aws_wellarchitected_milestone_4 -Title: "Find All AWS Well-Architected Tool Milestones" -Description: "Allows users to query AWS Well-Architected Tool Milestones for detailed information about the milestones of a workload." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - m.milestone_name, - m.milestone_number, - w.workload_name, - w.workload_id, - w.environment, - w.industry, - w.owner - from - aws_wellarchitected_workload w, - aws_wellarchitected_milestone m - where - w.workload_id = m.workload_id - and milestone_number = 1 - and w.workload_id = 'abcdec851ac1d8d9d5b9938615da016ce'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n m.milestone_name,\n m.milestone_number,\n w.workload_name,\n\ + \ w.workload_id,\n w.environment,\n w.industry,\n w.owner\nfrom\n aws_wellarchitected_workload\ + \ w,\n aws_wellarchitected_milestone m\nwhere\n w.workload_id = m.workload_id\n\ + \ and milestone_number = 1\n and w.workload_id = 'abcdec851ac1d8d9d5b9938615da016ce';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find All AWS Well-Architected Tool Milestones diff --git a/queries/aws_wellarchitected_notification_1.yaml b/queries/aws_wellarchitected_notification_1.yaml index a2dbd3096..a782665e1 100755 --- a/queries/aws_wellarchitected_notification_1.yaml +++ b/queries/aws_wellarchitected_notification_1.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Well-Architected Tool Notifications for detailed + information about each notification. ID: aws_wellarchitected_notification_1 -Title: "List AWS Well-Architected Tool Notifications" -Description: "Allows users to query AWS Well-Architected Tool Notifications for detailed information about each notification." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - lens_alias, - lens_arn, - current_lens_version, - latest_lens_version - from - aws_wellarchitected_notification - where - type = 'LENS_VERSION_UPGRADED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_name,\n lens_alias,\n lens_arn,\n current_lens_version,\n\ + \ latest_lens_version\nfrom\n aws_wellarchitected_notification\nwhere\n type\ + \ = 'LENS_VERSION_UPGRADED';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List AWS Well-Architected Tool Notifications diff --git a/queries/aws_wellarchitected_notification_2.yaml b/queries/aws_wellarchitected_notification_2.yaml index 7e4caf20f..9bc13ac6f 100755 --- a/queries/aws_wellarchitected_notification_2.yaml +++ b/queries/aws_wellarchitected_notification_2.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Well-Architected Tool Notifications for detailed + information about each notification. ID: aws_wellarchitected_notification_2 -Title: "List AWS Well-Architected Tool Notification Details" -Description: "Allows users to query AWS Well-Architected Tool Notifications for detailed information about each notification." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - lens_alias, - lens_arn, - current_lens_version, - latest_lens_version - from - aws_wellarchitected_notification - where - type = 'LENS_VERSION_DEPRECATED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_name,\n lens_alias,\n lens_arn,\n current_lens_version,\n\ + \ latest_lens_version\nfrom\n aws_wellarchitected_notification\nwhere\n type\ + \ = 'LENS_VERSION_DEPRECATED';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List AWS Well-Architected Tool Notification Details diff --git a/queries/aws_wellarchitected_notification_3.yaml b/queries/aws_wellarchitected_notification_3.yaml index 729c5f753..db882ad83 100755 --- a/queries/aws_wellarchitected_notification_3.yaml +++ b/queries/aws_wellarchitected_notification_3.yaml @@ -1,28 +1,21 @@ +Description: Allows users to query AWS Well-Architected Tool Notifications for detailed + information about each notification. ID: aws_wellarchitected_notification_3 -Title: "Find AWS Well-Architected Tool Notification Details" -Description: "Allows users to query AWS Well-Architected Tool Notifications for detailed information about each notification." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - lens_alias, - lens_arn, - current_lens_version, - latest_lens_version - from - aws_wellarchitected_notification - where - workload_id = '123451c59cebcd4612f1f858bf75566'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_name,\n lens_alias,\n lens_arn,\n current_lens_version,\n\ + \ latest_lens_version\nfrom\n aws_wellarchitected_notification\nwhere\n workload_id\ + \ = '123451c59cebcd4612f1f858bf75566';" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find AWS Well-Architected Tool Notification Details diff --git a/queries/aws_wellarchitected_share_invitation_1.yaml b/queries/aws_wellarchitected_share_invitation_1.yaml index 87d373101..eab6648b1 100755 --- a/queries/aws_wellarchitected_share_invitation_1.yaml +++ b/queries/aws_wellarchitected_share_invitation_1.yaml @@ -1,26 +1,19 @@ +Description: Allows users to query Share Invitations in the AWS Well-Architected Tool. ID: aws_wellarchitected_share_invitation_1 -Title: "List AWS Well-Architected Tool Share Invitations" -Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - share_invitation_id, - permission_type, - shared_by, - shared_with, - share_resource_type - from - aws_wellarchitected_share_invitation; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n share_invitation_id,\n permission_type,\n shared_by,\n\ + \ shared_with,\n share_resource_type\nfrom\n aws_wellarchitected_share_invitation;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List AWS Well-Architected Tool Share Invitations diff --git a/queries/aws_wellarchitected_share_invitation_2.yaml b/queries/aws_wellarchitected_share_invitation_2.yaml index e4708890d..987a858bc 100755 --- a/queries/aws_wellarchitected_share_invitation_2.yaml +++ b/queries/aws_wellarchitected_share_invitation_2.yaml @@ -1,30 +1,20 @@ +Description: Allows users to query Share Invitations in the AWS Well-Architected Tool. ID: aws_wellarchitected_share_invitation_2 -Title: "Find AWS Well-Architected Tool Share Invitations" -Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - lens_arn, - lens_name, - share_invitation_id, - permission_type, - shared_by, - shared_with - from - aws_wellarchitected_share_invitation - where - share_resource_type = 'LENS' - or lens_arn is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n lens_arn,\n lens_name,\n share_invitation_id,\n permission_type,\n\ + \ shared_by,\n shared_with\nfrom\n aws_wellarchitected_share_invitation\nwhere\n\ + \ share_resource_type = 'LENS'\n or lens_arn is not null;" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Well-Architected Tool +Title: Find AWS Well-Architected Tool Share Invitations diff --git a/queries/aws_wellarchitected_share_invitation_3.yaml b/queries/aws_wellarchitected_share_invitation_3.yaml index f372bc7e8..16ce6194c 100755 --- a/queries/aws_wellarchitected_share_invitation_3.yaml +++ b/queries/aws_wellarchitected_share_invitation_3.yaml @@ -1,30 +1,20 @@ +Description: Allows users to query Share Invitations in the AWS Well-Architected Tool. ID: aws_wellarchitected_share_invitation_3 -Title: "Find Share Invitations in AWS Well-Architected Tool" -Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - workload_name, - share_invitation_id, - permission_type, - shared_by, - shared_with - from - aws_wellarchitected_share_invitation - where - share_resource_type = 'WORKLOAD' - or workload_id is not null; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n workload_name,\n share_invitation_id,\n\ + \ permission_type,\n shared_by,\n shared_with\nfrom\n aws_wellarchitected_share_invitation\n\ + where\n share_resource_type = 'WORKLOAD'\n or workload_id is not null;" Tags: cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find Share Invitations in AWS Well-Architected Tool diff --git a/queries/aws_wellarchitected_share_invitation_4.yaml b/queries/aws_wellarchitected_share_invitation_4.yaml index aa3e11f9e..d84d27458 100755 --- a/queries/aws_wellarchitected_share_invitation_4.yaml +++ b/queries/aws_wellarchitected_share_invitation_4.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query Share Invitations in the AWS Well-Architected Tool. ID: aws_wellarchitected_share_invitation_4 -Title: "Find All AWS Well-Architected Tool Share Invitations" -Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - share_invitation_id, - permission_type, - shared_by, - shared_with, - share_resource_type - from - aws_wellarchitected_share_invitation - where - permission_type = 'CONTRIBUTOR'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n share_invitation_id,\n permission_type,\n shared_by,\n\ + \ shared_with,\n share_resource_type\nfrom\n aws_wellarchitected_share_invitation\n\ + where\n permission_type = 'CONTRIBUTOR';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find All AWS Well-Architected Tool Share Invitations diff --git a/queries/aws_wellarchitected_share_invitation_5.yaml b/queries/aws_wellarchitected_share_invitation_5.yaml index be38a6e31..d03c0bac2 100755 --- a/queries/aws_wellarchitected_share_invitation_5.yaml +++ b/queries/aws_wellarchitected_share_invitation_5.yaml @@ -1,28 +1,20 @@ +Description: Allows users to query Share Invitations in the AWS Well-Architected Tool. ID: aws_wellarchitected_share_invitation_5 -Title: "List all AWS Well-Architected Tool Share Invitations" -Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - share_invitation_id, - permission_type, - shared_by, - shared_with, - share_resource_type - from - aws_wellarchitected_share_invitation - where - permission_type = 'READONLY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n share_invitation_id,\n permission_type,\n shared_by,\n\ + \ shared_with,\n share_resource_type\nfrom\n aws_wellarchitected_share_invitation\n\ + where\n permission_type = 'READONLY';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Share Invitations diff --git a/queries/aws_wellarchitected_share_invitation_6.yaml b/queries/aws_wellarchitected_share_invitation_6.yaml index 1843f6e0e..e307ff524 100755 --- a/queries/aws_wellarchitected_share_invitation_6.yaml +++ b/queries/aws_wellarchitected_share_invitation_6.yaml @@ -1,25 +1,19 @@ +Description: Allows users to query Share Invitations in the AWS Well-Architected Tool. ID: aws_wellarchitected_share_invitation_6 -Title: "List All Share Invitations in AWS Well-Architected Tool" -Description: "Allows users to query Share Invitations in the AWS Well-Architected Tool." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - count(*) as total, - share_resource_type - from - aws_wellarchitected_share_invitation - group by - share_resource_type; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n count(*) as total,\n share_resource_type\nfrom\n aws_wellarchitected_share_invitation\n\ + group by\n share_resource_type;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List All Share Invitations in AWS Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_1.yaml b/queries/aws_wellarchitected_workload_1.yaml index 947e0a035..694037fce 100755 --- a/queries/aws_wellarchitected_workload_1.yaml +++ b/queries/aws_wellarchitected_workload_1.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Well-Architected Tool Workloads to retrieve + and manage workload data, including workload names, ARNs, risk counts, and improvement + statuses. ID: aws_wellarchitected_workload_1 -Title: "List all AWS Well-Architected Tool Workloads including names, ARNs, and statuses" -Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_id, - environment, - industry, - owner - from - aws_wellarchitected_workload; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_name,\n workload_id,\n environment,\n industry,\n\ + \ owner\nfrom\n aws_wellarchitected_workload;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Workloads including names, ARNs, and statuses diff --git a/queries/aws_wellarchitected_workload_2.yaml b/queries/aws_wellarchitected_workload_2.yaml index f92d36b93..8a5cab268 100755 --- a/queries/aws_wellarchitected_workload_2.yaml +++ b/queries/aws_wellarchitected_workload_2.yaml @@ -1,28 +1,23 @@ +Description: Allows users to query AWS Well-Architected Tool Workloads to retrieve + and manage workload data, including workload names, ARNs, risk counts, and improvement + statuses. ID: aws_wellarchitected_workload_2 -Title: "List all AWS Well-Architected Tool Workloads Data" -Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_id, - environment - from - aws_wellarchitected_workload - where - environment = 'PRODUCTION'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_name,\n workload_id,\n environment\nfrom\n\ + \ aws_wellarchitected_workload\nwhere\n environment = 'PRODUCTION';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS Well-Architected Tool Workloads +Title: List all AWS Well-Architected Tool Workloads Data diff --git a/queries/aws_wellarchitected_workload_3.yaml b/queries/aws_wellarchitected_workload_3.yaml index 15a068d90..69c60c079 100755 --- a/queries/aws_wellarchitected_workload_3.yaml +++ b/queries/aws_wellarchitected_workload_3.yaml @@ -1,26 +1,23 @@ +Description: Allows users to query AWS Well-Architected Tool Workloads to retrieve + and manage workload data, including workload names, ARNs, risk counts, and improvement + statuses. ID: aws_wellarchitected_workload_3 -Title: "Find AWS Well-Architected Workloads Risk and IDs" -Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_id, - risk_counts -> 'HIGH' as high_risk_counts - from - aws_wellarchitected_workload; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_name,\n workload_id,\n risk_counts -> 'HIGH'\ + \ as high_risk_counts\nfrom\n aws_wellarchitected_workload;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find AWS Well-Architected Workloads Risk and IDs diff --git a/queries/aws_wellarchitected_workload_4.yaml b/queries/aws_wellarchitected_workload_4.yaml index 8ec420aa4..2bdb0f386 100755 --- a/queries/aws_wellarchitected_workload_4.yaml +++ b/queries/aws_wellarchitected_workload_4.yaml @@ -1,26 +1,21 @@ +Description: Allows users to query AWS Well-Architected Tool Workloads to retrieve + and manage workload data, including workload names, ARNs, risk counts, and improvement + statuses. ID: aws_wellarchitected_workload_4 -Title: "Find all AWS Well-Architected Tool Workloads" -Description: "Allows users to query AWS Well-Architected Tool Workloads to retrieve and manage workload data, including workload names, ARNs, risk counts, and improvement statuses." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_name, - workload_id, - is_review_owner_update_acknowledged - from - aws_wellarchitected_workload - where - not is_review_owner_update_acknowledged; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_name,\n workload_id,\n is_review_owner_update_acknowledged\n\ + from\n aws_wellarchitected_workload\nwhere\n not is_review_owner_update_acknowledged;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find all AWS Well-Architected Tool Workloads diff --git a/queries/aws_wellarchitected_workload_share_1.yaml b/queries/aws_wellarchitected_workload_share_1.yaml index 338203c87..47712865e 100755 --- a/queries/aws_wellarchitected_workload_share_1.yaml +++ b/queries/aws_wellarchitected_workload_share_1.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query AWS Well-Architected Workload Share, providing + information about shared workloads within AWS Well-Architected Tool. ID: aws_wellarchitected_workload_share_1 -Title: "Find Shared Workloads in AWS Well-Architected Tool" -Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - share_id, - shared_with - permission_type, - status, - region - from - aws_wellarchitected_workload_share; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n share_id,\n shared_with\n permission_type,\n\ + \ status,\n region\nfrom\n aws_wellarchitected_workload_share;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find Shared Workloads in AWS Well-Architected Tool diff --git a/queries/aws_wellarchitected_workload_share_2.yaml b/queries/aws_wellarchitected_workload_share_2.yaml index d6aba855e..db22e1695 100755 --- a/queries/aws_wellarchitected_workload_share_2.yaml +++ b/queries/aws_wellarchitected_workload_share_2.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Well-Architected Workload Share, providing + information about shared workloads within AWS Well-Architected Tool. ID: aws_wellarchitected_workload_share_2 -Title: "List all AWS Well-Architected Workload Shares" -Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - share_id, - shared_with - permission_type, - status, - region - from - aws_wellarchitected_workload_share - where - status = 'PENDING'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n share_id,\n shared_with\n permission_type,\n\ + \ status,\n region\nfrom\n aws_wellarchitected_workload_share\nwhere\n status\ + \ = 'PENDING';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Workload Shares diff --git a/queries/aws_wellarchitected_workload_share_3.yaml b/queries/aws_wellarchitected_workload_share_3.yaml index 995a46d68..75e668f21 100755 --- a/queries/aws_wellarchitected_workload_share_3.yaml +++ b/queries/aws_wellarchitected_workload_share_3.yaml @@ -1,29 +1,21 @@ +Description: Allows users to query AWS Well-Architected Workload Share, providing + information about shared workloads within AWS Well-Architected Tool. ID: aws_wellarchitected_workload_share_3 -Title: "List all AWS Well-Architected Tool Workload Shares" -Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - share_id, - shared_with - permission_type, - status, - region - from - aws_wellarchitected_workload_share - where - permission_type = 'CONTRIBUTOR'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n share_id,\n shared_with\n permission_type,\n\ + \ status,\n region\nfrom\n aws_wellarchitected_workload_share\nwhere\n permission_type\ + \ = 'CONTRIBUTOR';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: List all AWS Well-Architected Tool Workload Shares diff --git a/queries/aws_wellarchitected_workload_share_4.yaml b/queries/aws_wellarchitected_workload_share_4.yaml index 54cfa8d37..9086a7fca 100755 --- a/queries/aws_wellarchitected_workload_share_4.yaml +++ b/queries/aws_wellarchitected_workload_share_4.yaml @@ -1,31 +1,23 @@ +Description: Allows users to query AWS Well-Architected Workload Share, providing + information about shared workloads within AWS Well-Architected Tool. ID: aws_wellarchitected_workload_share_4 -Title: "Find AWS Well-Architected Workload Share With Read-Only Permission" -Description: "Allows users to query AWS Well-Architected Workload Share, providing information about shared workloads within AWS Well-Architected Tool." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - workload_id, - share_id, - shared_with - permission_type, - status, - region - from - aws_wellarchitected_workload_share - where - permission_type = 'READONLY'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n workload_id,\n share_id,\n shared_with\n permission_type,\n\ + \ status,\n region\nfrom\n aws_wellarchitected_workload_share\nwhere\n permission_type\ + \ = 'READONLY';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Well-Architected Tool +Title: Find AWS Well-Architected Workload Share With Read-Only Permission diff --git a/queries/aws_workspaces_directory_1.yaml b/queries/aws_workspaces_directory_1.yaml index 48df47651..201ed29a1 100755 --- a/queries/aws_workspaces_directory_1.yaml +++ b/queries/aws_workspaces_directory_1.yaml @@ -1,30 +1,23 @@ +Description: Allows users to query AWS WorkSpaces Directory information to retrieve + details such as directory ID, directory type, workspace creation properties, and + more. ID: aws_workspaces_directory_1 -Title: "Find AWS WorkSpaces Directory Information Details" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - alias, - customer_user_name, - directory_type, - state - from - aws_workspaces_directory; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n directory_id,\n arn,\n alias,\n customer_user_name,\n\ + \ directory_type,\n state\nfrom\n aws_workspaces_directory;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WorkSpaces +Title: Find AWS WorkSpaces Directory Information Details diff --git a/queries/aws_workspaces_directory_2.yaml b/queries/aws_workspaces_directory_2.yaml index 2a94c98c6..9403d4ccf 100755 --- a/queries/aws_workspaces_directory_2.yaml +++ b/queries/aws_workspaces_directory_2.yaml @@ -1,34 +1,26 @@ +Description: Allows users to query AWS WorkSpaces Directory information to retrieve + details such as directory ID, directory type, workspace creation properties, and + more. ID: aws_workspaces_directory_2 -Title: "Find all AWS WorkSpaces Directory Details via SQL" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - alias, - customer_user_name, - directory_type, - state - from - aws_workspaces_directory - where - certificate_based_auth_properties ->> 'Status' = 'ENABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n directory_id,\n arn,\n alias,\n customer_user_name,\n\ + \ directory_type,\n state\nfrom\n aws_workspaces_directory\nwhere\n certificate_based_auth_properties\ + \ ->> 'Status' = 'ENABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WorkSpaces +Title: Find all AWS WorkSpaces Directory Details via SQL diff --git a/queries/aws_workspaces_directory_3.yaml b/queries/aws_workspaces_directory_3.yaml index a682f1fe1..168b7e583 100755 --- a/queries/aws_workspaces_directory_3.yaml +++ b/queries/aws_workspaces_directory_3.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS WorkSpaces Directory information to retrieve + details such as directory ID, directory type, workspace creation properties, and + more. ID: aws_workspaces_directory_3 -Title: "Find AWS WorkSpaces Directory Information" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - alias, - customer_user_name, - directory_type, - state - from - aws_workspaces_directory - where - directory_type = 'SIMPLE_AD'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n directory_id,\n arn,\n alias,\n customer_user_name,\n\ + \ directory_type,\n state\nfrom\n aws_workspaces_directory\nwhere\n directory_type\ + \ = 'SIMPLE_AD';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WorkSpaces +Title: Find AWS WorkSpaces Directory Information diff --git a/queries/aws_workspaces_directory_4.yaml b/queries/aws_workspaces_directory_4.yaml index d67e732b1..27f26ac52 100755 --- a/queries/aws_workspaces_directory_4.yaml +++ b/queries/aws_workspaces_directory_4.yaml @@ -1,31 +1,25 @@ +Description: Allows users to query AWS WorkSpaces Directory information to retrieve + details such as directory ID, directory type, workspace creation properties, and + more. ID: aws_workspaces_directory_4 -Title: "Find all AWS WorkSpaces Directory Information" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - saml_properties ->> 'RelayStateParameterName' as saml_relay_state_parameter_name, - saml_properties ->> 'Status' as saml_status, - saml_properties ->> 'UserAccessUrl' as saml_user_access_url - from - aws_workspaces_directory - where - directory_id = 'd-96676995ea'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n directory_id,\n arn,\n saml_properties ->>\ + \ 'RelayStateParameterName' as saml_relay_state_parameter_name,\n saml_properties\ + \ ->> 'Status' as saml_status,\n saml_properties ->> 'UserAccessUrl' as saml_user_access_url\n\ + from\n aws_workspaces_directory\nwhere\n directory_id = 'd-96676995ea';" Tags: cloud_identity_security: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WorkSpaces +Title: Find all AWS WorkSpaces Directory Information diff --git a/queries/aws_workspaces_directory_5.yaml b/queries/aws_workspaces_directory_5.yaml index 824df0319..49bbe4a46 100755 --- a/queries/aws_workspaces_directory_5.yaml +++ b/queries/aws_workspaces_directory_5.yaml @@ -1,33 +1,25 @@ +Description: Allows users to query AWS WorkSpaces Directory information to retrieve + details such as directory ID, directory type, workspace creation properties, and + more. ID: aws_workspaces_directory_5 -Title: "List AWS WorkSpaces Directory Information" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - alias, - customer_user_name, - directory_type, - state, - selfservice_permissions ->> 'SwitchRunningMode' as switch_running_mode - from - aws_workspaces_directory - where - selfservice_permissions ->> 'SwitchRunningMode' = 'ENABLED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n directory_id,\n arn,\n alias,\n customer_user_name,\n\ + \ directory_type,\n state,\n selfservice_permissions ->> 'SwitchRunningMode'\ + \ as switch_running_mode\nfrom\n aws_workspaces_directory\nwhere\n selfservice_permissions\ + \ ->> 'SwitchRunningMode' = 'ENABLED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_ops: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WorkSpaces +Title: List AWS WorkSpaces Directory Information diff --git a/queries/aws_workspaces_directory_6.yaml b/queries/aws_workspaces_directory_6.yaml index 30da59408..a53d8e611 100755 --- a/queries/aws_workspaces_directory_6.yaml +++ b/queries/aws_workspaces_directory_6.yaml @@ -1,32 +1,27 @@ +Description: Allows users to query AWS WorkSpaces Directory information to retrieve + details such as directory ID, directory type, workspace creation properties, and + more. ID: aws_workspaces_directory_6 -Title: "Find AWS WorkSpaces Directory Details Including IDs and Properties" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - workspace_creation_properties ->> 'CustomSecurityGroupId' as custom_security_group_id, - workspace_creation_properties ->> 'DefaultOu' as default_ou, - workspace_creation_properties ->> 'EnableInternetAccess' as enable_internet_access, - workspace_creation_properties ->> 'EnableMaintenanceMode' as enable_maintenance_mode, - workspace_creation_properties ->> 'EnableWorkDocs' as enable_work_docs, - workspace_creation_properties ->> 'UserEnabledAsLocalAdministrator' as user_enabled_as_local_administrator - from - aws_workspaces_directory - where - directory_id = 'd-96676995ea'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n directory_id,\n arn,\n workspace_creation_properties\ + \ ->> 'CustomSecurityGroupId' as custom_security_group_id,\n workspace_creation_properties\ + \ ->> 'DefaultOu' as default_ou,\n workspace_creation_properties ->> 'EnableInternetAccess'\ + \ as enable_internet_access,\n workspace_creation_properties ->> 'EnableMaintenanceMode'\ + \ as enable_maintenance_mode,\n workspace_creation_properties ->> 'EnableWorkDocs'\ + \ as enable_work_docs,\n workspace_creation_properties ->> 'UserEnabledAsLocalAdministrator'\ + \ as user_enabled_as_local_administrator\nfrom\n aws_workspaces_directory\nwhere\n\ + \ directory_id = 'd-96676995ea';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WorkSpaces +Title: Find AWS WorkSpaces Directory Details Including IDs and Properties diff --git a/queries/aws_workspaces_directory_7.yaml b/queries/aws_workspaces_directory_7.yaml index 96fa15317..5902f6e4f 100755 --- a/queries/aws_workspaces_directory_7.yaml +++ b/queries/aws_workspaces_directory_7.yaml @@ -1,30 +1,22 @@ +Description: Allows users to query AWS WorkSpaces Directory information to retrieve + details such as directory ID, directory type, workspace creation properties, and + more. ID: aws_workspaces_directory_7 -Title: "List all AWS WorkSpaces Directory Information" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - alias, - customer_user_name, - directory_type, - state - from - aws_workspaces_directory - where - state = 'REGISTERED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n directory_id,\n arn,\n alias,\n customer_user_name,\n\ + \ directory_type,\n state\nfrom\n aws_workspaces_directory\nwhere\n state\ + \ = 'REGISTERED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - WorkSpaces +Title: List all AWS WorkSpaces Directory Information diff --git a/queries/aws_workspaces_directory_8.yaml b/queries/aws_workspaces_directory_8.yaml index 7917be109..43368bb4a 100755 --- a/queries/aws_workspaces_directory_8.yaml +++ b/queries/aws_workspaces_directory_8.yaml @@ -1,36 +1,30 @@ +Description: Allows users to query AWS WorkSpaces Directory information to retrieve + details such as directory ID, directory type, workspace creation properties, and + more. ID: aws_workspaces_directory_8 -Title: "List AWS WorkSpaces Directory Details Using SQL" -Description: "Allows users to query AWS WorkSpaces Directory information to retrieve details such as directory ID, directory type, workspace creation properties, and more." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - directory_id, - arn, - workspace_access_properties ->> 'DeviceTypeAndroid' as device_type_android, - workspace_access_properties ->> 'DeviceTypeChromeOs' as device_type_chrome_os, - workspace_access_properties ->> 'DeviceTypeIos' as device_type_ios, - workspace_access_properties ->> 'DeviceTypeLinux' as device_type_linux, - workspace_access_properties ->> 'DeviceTypeOsx' as device_type_osx, - workspace_access_properties ->> 'DeviceTypeWeb' as device_type_web, - workspace_access_properties ->> 'DeviceTypeWindows' as device_type_windows, - workspace_access_properties ->> 'DeviceTypeZeroClient' as device_type_zero_client - from - aws_workspaces_directory - where - directory_id = 'd-96676995ea'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n directory_id,\n arn,\n workspace_access_properties\ + \ ->> 'DeviceTypeAndroid' as device_type_android,\n workspace_access_properties\ + \ ->> 'DeviceTypeChromeOs' as device_type_chrome_os,\n workspace_access_properties\ + \ ->> 'DeviceTypeIos' as device_type_ios,\n workspace_access_properties ->> 'DeviceTypeLinux'\ + \ as device_type_linux,\n workspace_access_properties ->> 'DeviceTypeOsx' as\ + \ device_type_osx,\n workspace_access_properties ->> 'DeviceTypeWeb' as device_type_web,\n\ + \ workspace_access_properties ->> 'DeviceTypeWindows' as device_type_windows,\n\ + \ workspace_access_properties ->> 'DeviceTypeZeroClient' as device_type_zero_client\n\ + from\n aws_workspaces_directory\nwhere\n directory_id = 'd-96676995ea';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_identity_security: - - "true" + - 'true' cloud_provider: - aws cloud_service: - AWS WorkSpaces +Title: List AWS WorkSpaces Directory Details Using SQL diff --git a/queries/aws_workspaces_workspace_1.yaml b/queries/aws_workspaces_workspace_1.yaml index f835ab222..94308191a 100755 --- a/queries/aws_workspaces_workspace_1.yaml +++ b/queries/aws_workspaces_workspace_1.yaml @@ -1,25 +1,19 @@ +Description: Allows users to query Amazon WorkSpaces Workspace to retrieve details + about each workspace in the AWS account. ID: aws_workspaces_workspace_1 -Title: "List all Amazon WorkSpaces Workspace details" -Description: "Allows users to query Amazon WorkSpaces Workspace to retrieve details about each workspace in the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - workspace_id, - arn, - state - from - aws_workspaces_workspace; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n workspace_id,\n arn,\n state\nfrom\n aws_workspaces_workspace;" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon WorkSpaces +Title: List all Amazon WorkSpaces Workspace details diff --git a/queries/aws_workspaces_workspace_2.yaml b/queries/aws_workspaces_workspace_2.yaml index 8282cc2c5..b33150119 100755 --- a/queries/aws_workspaces_workspace_2.yaml +++ b/queries/aws_workspaces_workspace_2.yaml @@ -1,27 +1,20 @@ +Description: Allows users to query Amazon WorkSpaces Workspace to retrieve details + about each workspace in the AWS account. ID: aws_workspaces_workspace_2 -Title: "Find Amazon WorkSpaces Workspace details in AWS" -Description: "Allows users to query Amazon WorkSpaces Workspace to retrieve details about each workspace in the AWS account." IntegrationTypeName: -- aws +- aws_cloud Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - name, - workspace_id, - arn, - state - from - aws_workspaces_workspace - where - state = 'TERMINATED'; - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select\n name,\n workspace_id,\n arn,\n state\nfrom\n aws_workspaces_workspace\n\ + where\n state = 'TERMINATED';" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Amazon WorkSpaces +Title: Find Amazon WorkSpaces Workspace details in AWS diff --git a/queries/bulk_update_yaml.sh b/queries/bulk_update_yaml.sh index 006c17a9f..6f84c1da4 100755 --- a/queries/bulk_update_yaml.sh +++ b/queries/bulk_update_yaml.sh @@ -1,47 +1,113 @@ #!/bin/bash -# Description: -# This script replaces "IntegrationTypeName:" with "IntegrationTypeName:" in specified files or -# recursively in all files within subdirectories if no files are specified. -# It creates a backup of each original file with a .bak extension before making changes. - -# Usage: -# ./replace_connector.sh [file1 file2 ... fileN] -# If no files are specified, the script processes all regular files in subdirectories. - -# Function to perform the replacement on a single file -replace_in_file() { - local file="$1" - # Use sed to perform the replacement - # -i.bak creates a backup file with .bak extension - sed -i.bak 's/IntegrationTypeName:/IntegrationTypeName:/g' "$file" - - # Check if sed was successful - if [ $? -eq 0 ]; then - echo "Successfully processed: $file (backup: $file.bak)" - else - echo "Error processing: $file" - fi +# Script Name: replace_integration_types.sh +# Description: +# Replaces '- aws' with '- aws_cloud' and '- azure' with '- azure_subscription' +# within the IntegrationTypeName sections of YAML files. +# +# Usage: +# ./replace_integration_types.sh [-r] [directory] +# -r : Recursively search through subdirectories +# directory : Directory to start from (default: current directory) + +# Exit immediately if a command exits with a non-zero status +set -e + +# Function to display usage instructions +usage() { + echo "Usage: $0 [-r] [directory]" + echo " -r Recursively search through subdirectories" + echo " directory Directory to start from (default: current directory)" + exit 1 } -# Check if at least one filename is provided +# Initialize variables +RECURSIVE=false +START_DIR="." + +# Parse options +while getopts "r" opt; do + case "$opt" in + r) + RECURSIVE=true + ;; + \?) + echo "Invalid option: -$OPTARG" >&2 + usage + ;; + esac +done +shift $((OPTIND -1)) + +# If a directory is provided, use it if [ "$#" -ge 1 ]; then - # Loop through all provided files - for file in "$@"; do - if [ -f "$file" ]; then - replace_in_file "$file" - else - echo "Skipping: $file (not a regular file)" - fi - done -else - # No arguments provided; process all regular files in subdirectories - echo "No files specified. Processing all regular files in subdirectories..." + START_DIR="$1" +fi - # Find all regular files and loop through them - find . -type f | while read -r file; do - replace_in_file "$file" - done +# Check if the starting directory exists and is a directory +if [ ! -d "$START_DIR" ]; then + echo "Error: Directory '$START_DIR' does not exist." >&2 + exit 1 +fi - echo "Replacement complete for all files in subdirectories. Backup files have a .bak extension." +# Determine the find command based on the recursive flag +if [ "$RECURSIVE" = true ]; then + FIND_CMD=(find "$START_DIR" -type f) +else + FIND_CMD=(find "$START_DIR" -maxdepth 1 -type f) fi + +# Find and process each file +for FILE in "${FIND_CMD[@]}"; do + # Check if the file has a .yaml or .yml extension + if [[ "$FILE" =~ \.(yaml|yml)$ ]]; then + # Output processing message + echo "Processing: $FILE" + + # Check if the file contains 'IntegrationTypeName:' + if grep -q "^IntegrationTypeName:" "$FILE"; then + # Create a temporary file securely + TMP_FILE=$(mktemp) + + # Use awk to perform the replacements within the IntegrationTypeName block + awk ' + BEGIN { in_block = 0 } + /^IntegrationTypeName:/ { + print; + in_block = 1; + next + } + # Exit the block if a new top-level key starts (line starts with non-space and not a list item) + /^[^[:space:]]/ && !/^[[:space:]]*-/ { + in_block = 0 + } + # If within the IntegrationTypeName block and line matches '- aws', replace it + in_block == 1 && /^[[:space:]]*-[[:space:]]*aws[[:space:]]*$/ { + sub(/- aws[[:space:]]*$/, "- aws_cloud") + } + # If within the IntegrationTypeName block and line matches '- azure', replace it + in_block == 1 && /^[[:space:]]*-[[:space:]]*azure[[:space:]]*$/ { + sub(/- azure[[:space:]]*$/, "- azure_subscription") + } + { print } + ' "$FILE" > "$TMP_FILE" + + # Compare the original file with the modified file + if ! cmp -s "$FILE" "$TMP_FILE"; then + # Replace the original file with the modified file + mv "$TMP_FILE" "$FILE" + echo "Modified: $FILE" + else + # No changes made; remove the temporary file + rm "$TMP_FILE" + fi + else + echo "No IntegrationTypeName section found in: $FILE" + fi + else + # Non-YAML files are ignored, but still output processing message + echo "Processing: $FILE (skipped, not a YAML file)" + fi +done + +echo "Replacement process complete." diff --git a/queries/cloud_managed_software.yaml b/queries/cloud_managed_software.yaml index c000d10dc..fb437579e 100755 --- a/queries/cloud_managed_software.yaml +++ b/queries/cloud_managed_software.yaml @@ -1,36 +1,26 @@ +Description: '' ID: cloud_managed_software -Title: "Cloud Managed Software" -Description: "" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::kafka::cluster', 'aws::mwaa::environment', 'aws::amp::workspace', 'microsoft.dashboard/grafana') - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n case\n when resource_type like 'aws::%' then 'AWS'\n\ + \ else 'Azure'\n end as provider, \n c.name as cloud_account_name, \n c.id\ + \ as _discovered_provider_id,\n r.name as name, \n r.region as location, \n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered\nfrom\ + \ \n og_resources r inner join og_connections c on r.connection_id = c.og_id\n\ + where \n resource_type IN ('aws::kafka::cluster', 'aws::mwaa::environment', 'aws::amp::workspace',\ + \ 'microsoft.dashboard/grafana')" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws cloud_service: - Managed Software +Title: Cloud Managed Software diff --git a/queries/cloud_networks.yaml b/queries/cloud_networks.yaml index 895419ef1..66da66908 100755 --- a/queries/cloud_networks.yaml +++ b/queries/cloud_networks.yaml @@ -1,37 +1,26 @@ +Description: '' ID: cloud_networks -Title: "Cloud Networks" -Description: "" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::ec2::vpc', 'microsoft.network/virtualnetworks') - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n case\n when resource_type like 'aws::%' then 'AWS'\n\ + \ else 'Azure'\n end as provider, \n c.name as cloud_account_name, \n c.id\ + \ as _discovered_provider_id,\n r.name as name, \n r.region as location, \n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered\nfrom\ + \ \n og_resources r inner join og_connections c on r.connection_id = c.og_id\n\ + where \n resource_type IN ('aws::ec2::vpc', 'microsoft.network/virtualnetworks')" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws - azure cloud_service: - Network +Title: Cloud Networks diff --git a/queries/container_workload.yaml b/queries/container_workload.yaml index c18a82d98..0afc35108 100755 --- a/queries/container_workload.yaml +++ b/queries/container_workload.yaml @@ -1,36 +1,26 @@ +Description: '' ID: container_workload -Title: "Container Workload" -Description: "" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::eks::cluster', 'aws::ecs::cluster', 'microsoft.containerregistry/registries', 'microsoft.containerservice/managedclusters', 'microsoft.app/containerapps') - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n case\n when resource_type like 'aws::%' then 'AWS'\n\ + \ else 'Azure'\n end as provider, \n c.name as cloud_account_name, \n c.id\ + \ as _discovered_provider_id,\n r.name as name, \n r.region as location, \n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered\nfrom\ + \ \n og_resources r inner join og_connections c on r.connection_id = c.og_id\n\ + where \n resource_type IN ('aws::eks::cluster', 'aws::ecs::cluster', 'microsoft.containerregistry/registries',\ + \ 'microsoft.containerservice/managedclusters', 'microsoft.app/containerapps')" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws and azure cloud_service: - Container Workload +Title: Container Workload diff --git a/queries/database_workload.yaml b/queries/database_workload.yaml index 4a73f0058..faf7aad66 100755 --- a/queries/database_workload.yaml +++ b/queries/database_workload.yaml @@ -1,40 +1,30 @@ +Description: '' ID: database_workload -Title: "List Database Workloads and Cloud Provider Information" -Description: "" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::memorydb::cluster', 'aws::neptune::database', 'aws::dynamodb::table', 'aws::rds::dbinstance', - 'aws::elasticache::cluster', 'aws::redshift::cluster', 'aws::dms::replicationinstance', 'aws::redshiftserverless::namespace', - 'aws::opensearchserverless::collection', 'microsoft.dbforpostgresql/servers', 'microsoft.documentdb/sqldatabases', 'microsoft.sql/servers', - 'microsoft.dbformysql/servers','microsoft.sql/managedinstances') - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n case\n when resource_type like 'aws::%' then 'AWS'\n\ + \ else 'Azure'\n end as provider, \n c.name as cloud_account_name, \n c.id\ + \ as _discovered_provider_id,\n r.name as name, \n r.region as location, \n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered\nfrom\ + \ \n og_resources r inner join og_connections c on r.connection_id = c.og_id\n\ + where \n resource_type IN ('aws::memorydb::cluster', 'aws::neptune::database',\ + \ 'aws::dynamodb::table', 'aws::rds::dbinstance', \n 'aws::elasticache::cluster',\ + \ 'aws::redshift::cluster', 'aws::dms::replicationinstance', 'aws::redshiftserverless::namespace',\ + \ \n 'aws::opensearchserverless::collection', 'microsoft.dbforpostgresql/servers',\ + \ 'microsoft.documentdb/sqldatabases', 'microsoft.sql/servers', \n 'microsoft.dbformysql/servers','microsoft.sql/managedinstances')" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws - azure cloud_service: - Database +Title: List Database Workloads and Cloud Provider Information diff --git a/queries/devops.yaml b/queries/devops.yaml index 28b1ba195..ec11308ac 100755 --- a/queries/devops.yaml +++ b/queries/devops.yaml @@ -1,38 +1,27 @@ +Description: '' ID: devops -Title: "DevOps" -Description: "" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::codecommit::repository', 'aws::codedeploy::deploymentgroup') - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n case\n when resource_type like 'aws::%' then 'AWS'\n\ + \ else 'Azure'\n end as provider, \n c.name as cloud_account_name, \n c.id\ + \ as _discovered_provider_id,\n r.name as name, \n r.region as location, \n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered\nfrom\ + \ \n og_resources r inner join og_connections c on r.connection_id = c.og_id\n\ + where \n resource_type IN ('aws::codecommit::repository', 'aws::codedeploy::deploymentgroup')" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws - azure cloud_service: - Codecommit - Codedeploy +Title: DevOps diff --git a/queries/error_files.log b/queries/error_files.log deleted file mode 100644 index ac6c153c2..000000000 --- a/queries/error_files.log +++ /dev/null @@ -1,26 +0,0 @@ -Error processing ./aws_workspaces_directory_8.yaml -Error processing ./aws_dynamodb_metric_account_provisioned_read_capacity_util_1.yaml -Error processing ./aws_route53_health_check_5.yaml -Error processing ./aws_wafv2_ip_set_3.yaml -Error processing ./aws_iam_service_specific_credential_2.yaml -Error processing ./aws_securityhub_hub_3.yaml -Error processing ./aws_ecr_repository_2.yaml -Error processing ./aws_glacier_vault_2.yaml -Error processing ./aws_athena_query_execution_3.yaml -Error processing ./aws_wellarchitected_workload_4.yaml -Error processing ./aws_ebs_volume_metric_write_ops_daily_2.yaml -Error processing ./aws_elasticache_redis_metric_engine_cpu_utilization_hourly_2.yaml -Error processing ./aws_securitylake_subscriber_4.yaml -Error processing ./17-azure_insight_compute_disk_unattached.yaml -Error processing ./aws_cloudwatch_log_event_5.yaml -Error processing ./aws_ebs_volume_metric_read_ops_1.yaml -Error processing ./aws_eks_addon_3.yaml -Error processing ./aws_vpc_flow_log_event_4.yaml -Error processing ./aws_iot_thing_group_3.yaml -Error processing ./aws_ec2_instance_type_2.yaml -Error processing ./aws_msk_cluster_2.yaml -Error processing ./aws_cloudtrail_import_5.yaml -Error processing ./aws_vpc_peering_connection_8.yaml -Error processing ./aws_resource_explorer_search_6.yaml -Error processing ./aws_availability_zone_2.yaml -Error processing ./aws_guardduty_publishing_destination_1.yaml diff --git a/queries/error_messages.log b/queries/error_messages.log deleted file mode 100644 index 9e850e76d..000000000 --- a/queries/error_messages.log +++ /dev/null @@ -1,25 +0,0 @@ -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." -Error: 2:1: invalid input text "if has(\"Connecto..." diff --git a/queries/keys_and_secrets.yaml b/queries/keys_and_secrets.yaml index f3f229422..bcfb95c86 100755 --- a/queries/keys_and_secrets.yaml +++ b/queries/keys_and_secrets.yaml @@ -1,35 +1,24 @@ +Description: '' ID: keys_and_secrets -Title: "Keys and Secrets" -Description: "" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::secretsmanager::secret', 'microsoft.keyvault/vaults', 'microsoft.compute/sshpublickeys', 'aws::ec2::keypair') - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n case\n when resource_type like 'aws::%' then 'AWS'\n\ + \ else 'Azure'\n end as provider, \n c.name as cloud_account_name, \n c.id\ + \ as _discovered_provider_id,\n r.name as name, \n r.region as location, \n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered\nfrom\ + \ \n og_resources r inner join og_connections c on r.connection_id = c.og_id\n\ + where \n resource_type IN ('aws::secretsmanager::secret', 'microsoft.keyvault/vaults',\ + \ 'microsoft.compute/sshpublickeys', 'aws::ec2::keypair')" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws - azure @@ -37,3 +26,4 @@ Tags: - Secrets Manager - Key Vault - EC2 +Title: Keys and Secrets diff --git a/queries/kubernetes_clusters.yaml b/queries/kubernetes_clusters.yaml index 6d173e8f6..05b1040c9 100755 --- a/queries/kubernetes_clusters.yaml +++ b/queries/kubernetes_clusters.yaml @@ -1,54 +1,32 @@ +Description: '' ID: kubernetes_clusters -Title: "List All Kubernetes Clusters with Details" -Description: "" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select c.name as cloud_account_name, c.id as _discovered_provider_id, t.* from ( - (select - 'AWS' as provider, - r.name as name, - r.region as location, - jsonb_path_query(r.description, '$.Cluster.Tags') as _tags, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - jsonb_path_query(r.description, '$.Cluster.PlatformVersion') as kubernetes_version, - r.created_at as _last_discovered - from - og_resources r - where - resource_type = 'aws::eks::cluster') - - union - - (select - 'Azure' as provider, - r.name as vm_name, - r.region as location, - jsonb_path_query(r.description, '$.ManagedCluster.Tags') as _tags, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - jsonb_path_query(r.description, '$.ManagedCluster.Properties.KubernetesVersion') as kubernetes_version, - r.created_at as _last_discovered - from - og_resources r - where - resource_type = 'microsoft.containerservice/managedclusters') - - ) as t inner join og_connections c on t._og_connection_id = c.og_id - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select c.name as cloud_account_name, c.id as _discovered_provider_id,\ + \ t.* from (\n(select \n 'AWS' as provider, \n r.name as name, \n r.region\ + \ as location, \n jsonb_path_query(r.description, '$.Cluster.Tags') as _tags,\n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n jsonb_path_query(r.description, '$.Cluster.PlatformVersion')\ + \ as kubernetes_version,\n r.created_at as _last_discovered\nfrom \n og_resources\ + \ r\nwhere \n resource_type = 'aws::eks::cluster') \n\nunion \n\n(select \n \ + \ 'Azure' as provider, \n r.name as vm_name, \n r.region as location, \n jsonb_path_query(r.description,\ + \ '$.ManagedCluster.Tags') as _tags,\n r.connection_id as _og_connection_id,\n\ + \ r.resource_id as _resource_id,\n r.resource_type as _resource_type,\n jsonb_path_query(r.description,\ + \ '$.ManagedCluster.Properties.KubernetesVersion') as kubernetes_version,\n r.created_at\ + \ as _last_discovered\nfrom \n og_resources r \nwhere \n resource_type = 'microsoft.containerservice/managedclusters')\n\ + \n) as t inner join og_connections c on t._og_connection_id = c.og_id " Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws - azure cloud_service: - Kubernetes +Title: List All Kubernetes Clusters with Details diff --git a/queries/load_balancers.yaml b/queries/load_balancers.yaml index f72a90e3e..7a721cbf1 100755 --- a/queries/load_balancers.yaml +++ b/queries/load_balancers.yaml @@ -1,36 +1,24 @@ +Description: Load Balancers ID: load_balancers -Title: "Load Balancers" -Description: "Load Balancers" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered, - r.description -> 'LoadBalancer' -> 'Scheme' as scheme - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::elasticloadbalancing::loadbalancer', 'microsoft.network/loadbalancers', 'microsoft.network/applicationgateways') - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n case\n when resource_type like 'aws::%' then 'AWS'\n\ + \ else 'Azure'\n end as provider, \n c.name as cloud_account_name, \n c.id\ + \ as _discovered_provider_id,\n r.name as name, \n r.region as location, \n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered,\n r.description\ + \ -> 'LoadBalancer' -> 'Scheme' as scheme\nfrom \n og_resources r inner join\ + \ og_connections c on r.connection_id = c.og_id\nwhere \n resource_type IN ('aws::elasticloadbalancing::loadbalancer',\ + \ 'microsoft.network/loadbalancers', 'microsoft.network/applicationgateways')" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws - azure @@ -38,3 +26,4 @@ Tags: - Elastic Load Balancing - Azure Load Balancer - Azure Application Gateway +Title: Load Balancers diff --git a/queries/network_&_file_stores.yaml b/queries/network_&_file_stores.yaml index 9926765f3..6573698be 100755 --- a/queries/network_&_file_stores.yaml +++ b/queries/network_&_file_stores.yaml @@ -1,34 +1,23 @@ +Description: '' ID: network_&_file_stores -Title: "Network & File Stores" -Description: "" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::fsx::filesystem', 'aws::efs::filesystem') - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n case\n when resource_type like 'aws::%' then 'AWS'\n\ + \ else 'Azure'\n end as provider, \n c.name as cloud_account_name, \n c.id\ + \ as _discovered_provider_id,\n r.name as name, \n r.region as location, \n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered\nfrom\ + \ \n og_resources r inner join og_connections c on r.connection_id = c.og_id\n\ + where \n resource_type IN ('aws::fsx::filesystem', 'aws::efs::filesystem')" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws +Title: Network & File Stores diff --git a/queries/object_stores.yaml b/queries/object_stores.yaml index b7ba40986..ab40167fd 100755 --- a/queries/object_stores.yaml +++ b/queries/object_stores.yaml @@ -1,35 +1,23 @@ +Description: Object Stores ID: object_stores -Title: "Object Stores" -Description: "Object Stores" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::s3::bucket', 'aws::glacier::vault', 'microsoft.storage/storageaccounts') - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n case\n when resource_type like 'aws::%' then 'AWS'\n\ + \ else 'Azure'\n end as provider, \n c.name as cloud_account_name, \n c.id\ + \ as _discovered_provider_id,\n r.name as name, \n r.region as location, \n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered\nfrom\ + \ \n og_resources r inner join og_connections c on r.connection_id = c.og_id\n\ + where \n resource_type IN ('aws::s3::bucket', 'aws::glacier::vault', 'microsoft.storage/storageaccounts')" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws - azure @@ -37,3 +25,4 @@ Tags: - S3 - Glacier - Storage Accounts +Title: Object Stores diff --git a/queries/replace_integration_types.py b/queries/replace_integration_types.py new file mode 100644 index 000000000..a2b5efdd6 --- /dev/null +++ b/queries/replace_integration_types.py @@ -0,0 +1,84 @@ +#!/usr/bin/env python3 + +import os +import sys +import argparse +import yaml + +def process_file(filepath): + with open(filepath, 'r') as file: + try: + data = yaml.safe_load(file) + except yaml.YAMLError as exc: + print(f"Error parsing {filepath}: {exc}") + return False + + if data is None: + print(f"File is empty or contains invalid YAML: {filepath}") + return False + + original_data = yaml.dump(data) + modified = False + + def replace_integration_type(data): + nonlocal modified + if isinstance(data, dict): + for key, value in data.items(): + if key == 'IntegrationTypeName' and isinstance(value, list): + new_list = [] + for item in value: + if item == 'aws': + new_list.append('aws_cloud') + modified = True + elif item == 'azure': + new_list.append('azure_subscription') + modified = True + else: + new_list.append(item) + data[key] = new_list + else: + replace_integration_type(value) + elif isinstance(data, list): + for item in data: + replace_integration_type(item) + + replace_integration_type(data) + + if modified: + with open(filepath, 'w') as file: + yaml.dump(data, file, default_flow_style=False) + print(f"Modified: {filepath}") + else: + print(f"No changes in: {filepath}") + + return True + +def main(): + parser = argparse.ArgumentParser(description='Replace IntegrationTypeName values in YAML files.') + parser.add_argument('directory', nargs='?', default='.', help='Directory to start from (default: current directory)') + parser.add_argument('-r', '--recursive', action='store_true', help='Recursively search through subdirectories') + args = parser.parse_args() + + if not os.path.isdir(args.directory): + print(f"Error: Directory '{args.directory}' does not exist.") + sys.exit(1) + + yaml_files = [] + if args.recursive: + for root, dirs, files in os.walk(args.directory): + for file in files: + if file.endswith(('.yaml', '.yml')): + yaml_files.append(os.path.join(root, file)) + else: + for file in os.listdir(args.directory): + if file.endswith(('.yaml', '.yml')): + yaml_files.append(os.path.join(args.directory, file)) + + for filepath in yaml_files: + print(f"Processing: {filepath}") + process_file(filepath) + + print("Replacement process complete.") + +if __name__ == "__main__": + main() diff --git a/queries/server_workload.yaml b/queries/server_workload.yaml index 665c5dfba..7de3d8745 100755 --- a/queries/server_workload.yaml +++ b/queries/server_workload.yaml @@ -1,61 +1,40 @@ +Description: List Cloud VM Workloads for AWS and Azure ID: server_workload -Title: "List Cloud VM Workloads for AWS and Azure" -Description: "List Cloud VM Workloads for AWS and Azure" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select c.name as cloud_account_name, c.id as _discovered_provider_id, t.* from ( - (select - 'AWS' as provider, - r.name as vm_name, - r.region as location, - jsonb_path_query(r.description, '$.Instance.InstanceType') as instance_size, - jsonb_path_query(r.description, '$.Instance.NetworkInterfaces[*].PrivateIpAddress') as private_ip, - jsonb_path_query(r.description, '$.Instance.PlatformDetails') as platform, - jsonb_path_query(r.description, '$.InstanceStatus.InstanceState.Name') as state, - jsonb_path_query(r.description, '$.Instance.Tags') as _tags, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r - where - resource_type = 'aws::ec2::instance') - - union - - (select - 'Azure' as provider, - r.name as vm_name, - r.region as location, - jsonb_path_query(r.description, '$.VirtualMachine.Properties.HardwareProfile.VMSize') as instance_size, - jsonb_path_query(r.description, '$.InterfaceIPConfigurations[*].Properties.PrivateIPAddress') as private_ip, - jsonb_path_query(r.description, '$.VirtualMachineInstanceView.OSName') as platform, - jsonb_path_query(r.description, '$.VirtualMachineInstanceView.Statuses') as state, - jsonb_path_query(r.description, '$.VirtualMachine.Tags') as _tags, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r - where - resource_type = 'microsoft.compute/virtualmachines') - - ) as t inner join og_connections c on t._og_connection_id = c.og_id - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select c.name as cloud_account_name, c.id as _discovered_provider_id,\ + \ t.* from (\n(select \n 'AWS' as provider, \n r.name as vm_name, \n r.region\ + \ as location, \n jsonb_path_query(r.description, '$.Instance.InstanceType')\ + \ as instance_size,\n jsonb_path_query(r.description, '$.Instance.NetworkInterfaces[*].PrivateIpAddress')\ + \ as private_ip,\n jsonb_path_query(r.description, '$.Instance.PlatformDetails')\ + \ as platform,\n jsonb_path_query(r.description, '$.InstanceStatus.InstanceState.Name')\ + \ as state,\n jsonb_path_query(r.description, '$.Instance.Tags') as _tags,\n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered\nfrom\ + \ \n og_resources r\nwhere \n resource_type = 'aws::ec2::instance') \n\nunion\ + \ \n\n(select \n 'Azure' as provider, \n r.name as vm_name, \n r.region as\ + \ location, \n jsonb_path_query(r.description, '$.VirtualMachine.Properties.HardwareProfile.VMSize')\ + \ as instance_size,\n jsonb_path_query(r.description, '$.InterfaceIPConfigurations[*].Properties.PrivateIPAddress')\ + \ as private_ip,\n jsonb_path_query(r.description, '$.VirtualMachineInstanceView.OSName')\ + \ as platform,\n jsonb_path_query(r.description, '$.VirtualMachineInstanceView.Statuses')\ + \ as state,\n jsonb_path_query(r.description, '$.VirtualMachine.Tags') as _tags,\n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered\nfrom\ + \ \n og_resources r \nwhere \n resource_type = 'microsoft.compute/virtualmachines')\n\ + \n) as t inner join og_connections c on t._og_connection_id = c.og_id " Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws - azure cloud_service: - EC2 - Virtual Machines +Title: List Cloud VM Workloads for AWS and Azure diff --git a/queries/snapshots_&_backup_media.yaml b/queries/snapshots_&_backup_media.yaml index ee9af0144..5eb4430b4 100755 --- a/queries/snapshots_&_backup_media.yaml +++ b/queries/snapshots_&_backup_media.yaml @@ -1,35 +1,23 @@ +Description: Snapshots and Backup Resources by Cloud Account ID: snapshots_&_backup_media -Title: "Snapshots and Backup Resources by Cloud Account" -Description: "Snapshots and Backup Resources by Cloud Account" IntegrationTypeName: -- aws -- azure +- aws_cloud +- azure_subscription Query: Engine: CloudQL-v0.0.1 - QueryToExecute: |- - select - case - when resource_type like 'aws::%' then 'AWS' - else 'Azure' - end as provider, - c.name as cloud_account_name, - c.id as _discovered_provider_id, - r.name as name, - r.region as location, - r.connection_id as _og_connection_id, - r.resource_id as _resource_id, - r.resource_type as _resource_type, - r.created_at as _last_discovered - from - og_resources r inner join og_connections c on r.connection_id = c.og_id - where - resource_type IN ('aws::ec2::image', 'aws::elasticache::cluster', 'aws::rds::dbsnapshot') - PrimaryTable: null ListOfTables: [] Parameters: [] + PrimaryTable: null + QueryToExecute: "select \n case\n when resource_type like 'aws::%' then 'AWS'\n\ + \ else 'Azure'\n end as provider, \n c.name as cloud_account_name, \n c.id\ + \ as _discovered_provider_id,\n r.name as name, \n r.region as location, \n\ + \ r.connection_id as _og_connection_id,\n r.resource_id as _resource_id,\n \ + \ r.resource_type as _resource_type,\n r.created_at as _last_discovered\nfrom\ + \ \n og_resources r inner join og_connections c on r.connection_id = c.og_id\n\ + where \n resource_type IN ('aws::ec2::image', 'aws::elasticache::cluster', 'aws::rds::dbsnapshot')" Tags: cloud_asset_management: - - "true" + - 'true' cloud_provider: - aws - azure @@ -37,3 +25,4 @@ Tags: - EC2 - Elasticache - RDS +Title: Snapshots and Backup Resources by Cloud Account diff --git a/queries/venv/bin/Activate.ps1 b/queries/venv/bin/Activate.ps1 new file mode 100644 index 000000000..2fb3852c3 --- /dev/null +++ b/queries/venv/bin/Activate.ps1 @@ -0,0 +1,241 @@ +<# +.Synopsis +Activate a Python virtual environment for the current PowerShell session. + +.Description +Pushes the python executable for a virtual environment to the front of the +$Env:PATH environment variable and sets the prompt to signify that you are +in a Python virtual environment. Makes use of the command line switches as +well as the `pyvenv.cfg` file values present in the virtual environment. + +.Parameter VenvDir +Path to the directory that contains the virtual environment to activate. The +default value for this is the parent of the directory that the Activate.ps1 +script is located within. + +.Parameter Prompt +The prompt prefix to display when this virtual environment is activated. By +default, this prompt is the name of the virtual environment folder (VenvDir) +surrounded by parentheses and followed by a single space (ie. '(.venv) '). + +.Example +Activate.ps1 +Activates the Python virtual environment that contains the Activate.ps1 script. + +.Example +Activate.ps1 -Verbose +Activates the Python virtual environment that contains the Activate.ps1 script, +and shows extra information about the activation as it executes. + +.Example +Activate.ps1 -VenvDir C:\Users\MyUser\Common\.venv +Activates the Python virtual environment located in the specified location. + +.Example +Activate.ps1 -Prompt "MyPython" +Activates the Python virtual environment that contains the Activate.ps1 script, +and prefixes the current prompt with the specified string (surrounded in +parentheses) while the virtual environment is active. + +.Notes +On Windows, it may be required to enable this Activate.ps1 script by setting the +execution policy for the user. You can do this by issuing the following PowerShell +command: + +PS C:\> Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser + +For more information on Execution Policies: +https://go.microsoft.com/fwlink/?LinkID=135170 + +#> +Param( + [Parameter(Mandatory = $false)] + [String] + $VenvDir, + [Parameter(Mandatory = $false)] + [String] + $Prompt +) + +<# Function declarations --------------------------------------------------- #> + +<# +.Synopsis +Remove all shell session elements added by the Activate script, including the +addition of the virtual environment's Python executable from the beginning of +the PATH variable. + +.Parameter NonDestructive +If present, do not remove this function from the global namespace for the +session. + +#> +function global:deactivate ([switch]$NonDestructive) { + # Revert to original values + + # The prior prompt: + if (Test-Path -Path Function:_OLD_VIRTUAL_PROMPT) { + Copy-Item -Path Function:_OLD_VIRTUAL_PROMPT -Destination Function:prompt + Remove-Item -Path Function:_OLD_VIRTUAL_PROMPT + } + + # The prior PYTHONHOME: + if (Test-Path -Path Env:_OLD_VIRTUAL_PYTHONHOME) { + Copy-Item -Path Env:_OLD_VIRTUAL_PYTHONHOME -Destination Env:PYTHONHOME + Remove-Item -Path Env:_OLD_VIRTUAL_PYTHONHOME + } + + # The prior PATH: + if (Test-Path -Path Env:_OLD_VIRTUAL_PATH) { + Copy-Item -Path Env:_OLD_VIRTUAL_PATH -Destination Env:PATH + Remove-Item -Path Env:_OLD_VIRTUAL_PATH + } + + # Just remove the VIRTUAL_ENV altogether: + if (Test-Path -Path Env:VIRTUAL_ENV) { + Remove-Item -Path env:VIRTUAL_ENV + } + + # Just remove the _PYTHON_VENV_PROMPT_PREFIX altogether: + if (Get-Variable -Name "_PYTHON_VENV_PROMPT_PREFIX" -ErrorAction SilentlyContinue) { + Remove-Variable -Name _PYTHON_VENV_PROMPT_PREFIX -Scope Global -Force + } + + # Leave deactivate function in the global namespace if requested: + if (-not $NonDestructive) { + Remove-Item -Path function:deactivate + } +} + +<# +.Description +Get-PyVenvConfig parses the values from the pyvenv.cfg file located in the +given folder, and returns them in a map. + +For each line in the pyvenv.cfg file, if that line can be parsed into exactly +two strings separated by `=` (with any amount of whitespace surrounding the =) +then it is considered a `key = value` line. The left hand string is the key, +the right hand is the value. + +If the value starts with a `'` or a `"` then the first and last character is +stripped from the value before being captured. + +.Parameter ConfigDir +Path to the directory that contains the `pyvenv.cfg` file. +#> +function Get-PyVenvConfig( + [String] + $ConfigDir +) { + Write-Verbose "Given ConfigDir=$ConfigDir, obtain values in pyvenv.cfg" + + # Ensure the file exists, and issue a warning if it doesn't (but still allow the function to continue). + $pyvenvConfigPath = Join-Path -Resolve -Path $ConfigDir -ChildPath 'pyvenv.cfg' -ErrorAction Continue + + # An empty map will be returned if no config file is found. + $pyvenvConfig = @{ } + + if ($pyvenvConfigPath) { + + Write-Verbose "File exists, parse `key = value` lines" + $pyvenvConfigContent = Get-Content -Path $pyvenvConfigPath + + $pyvenvConfigContent | ForEach-Object { + $keyval = $PSItem -split "\s*=\s*", 2 + if ($keyval[0] -and $keyval[1]) { + $val = $keyval[1] + + # Remove extraneous quotations around a string value. + if ("'""".Contains($val.Substring(0, 1))) { + $val = $val.Substring(1, $val.Length - 2) + } + + $pyvenvConfig[$keyval[0]] = $val + Write-Verbose "Adding Key: '$($keyval[0])'='$val'" + } + } + } + return $pyvenvConfig +} + + +<# Begin Activate script --------------------------------------------------- #> + +# Determine the containing directory of this script +$VenvExecPath = Split-Path -Parent $MyInvocation.MyCommand.Definition +$VenvExecDir = Get-Item -Path $VenvExecPath + +Write-Verbose "Activation script is located in path: '$VenvExecPath'" +Write-Verbose "VenvExecDir Fullname: '$($VenvExecDir.FullName)" +Write-Verbose "VenvExecDir Name: '$($VenvExecDir.Name)" + +# Set values required in priority: CmdLine, ConfigFile, Default +# First, get the location of the virtual environment, it might not be +# VenvExecDir if specified on the command line. +if ($VenvDir) { + Write-Verbose "VenvDir given as parameter, using '$VenvDir' to determine values" +} +else { + Write-Verbose "VenvDir not given as a parameter, using parent directory name as VenvDir." + $VenvDir = $VenvExecDir.Parent.FullName.TrimEnd("\\/") + Write-Verbose "VenvDir=$VenvDir" +} + +# Next, read the `pyvenv.cfg` file to determine any required value such +# as `prompt`. +$pyvenvCfg = Get-PyVenvConfig -ConfigDir $VenvDir + +# Next, set the prompt from the command line, or the config file, or +# just use the name of the virtual environment folder. +if ($Prompt) { + Write-Verbose "Prompt specified as argument, using '$Prompt'" +} +else { + Write-Verbose "Prompt not specified as argument to script, checking pyvenv.cfg value" + if ($pyvenvCfg -and $pyvenvCfg['prompt']) { + Write-Verbose " Setting based on value in pyvenv.cfg='$($pyvenvCfg['prompt'])'" + $Prompt = $pyvenvCfg['prompt']; + } + else { + Write-Verbose " Setting prompt based on parent's directory's name. (Is the directory name passed to venv module when creating the virutal environment)" + Write-Verbose " Got leaf-name of $VenvDir='$(Split-Path -Path $venvDir -Leaf)'" + $Prompt = Split-Path -Path $venvDir -Leaf + } +} + +Write-Verbose "Prompt = '$Prompt'" +Write-Verbose "VenvDir='$VenvDir'" + +# Deactivate any currently active virtual environment, but leave the +# deactivate function in place. +deactivate -nondestructive + +# Now set the environment variable VIRTUAL_ENV, used by many tools to determine +# that there is an activated venv. +$env:VIRTUAL_ENV = $VenvDir + +if (-not $Env:VIRTUAL_ENV_DISABLE_PROMPT) { + + Write-Verbose "Setting prompt to '$Prompt'" + + # Set the prompt to include the env name + # Make sure _OLD_VIRTUAL_PROMPT is global + function global:_OLD_VIRTUAL_PROMPT { "" } + Copy-Item -Path function:prompt -Destination function:_OLD_VIRTUAL_PROMPT + New-Variable -Name _PYTHON_VENV_PROMPT_PREFIX -Description "Python virtual environment prompt prefix" -Scope Global -Option ReadOnly -Visibility Public -Value $Prompt + + function global:prompt { + Write-Host -NoNewline -ForegroundColor Green "($_PYTHON_VENV_PROMPT_PREFIX) " + _OLD_VIRTUAL_PROMPT + } +} + +# Clear PYTHONHOME +if (Test-Path -Path Env:PYTHONHOME) { + Copy-Item -Path Env:PYTHONHOME -Destination Env:_OLD_VIRTUAL_PYTHONHOME + Remove-Item -Path Env:PYTHONHOME +} + +# Add the venv to the PATH +Copy-Item -Path Env:PATH -Destination Env:_OLD_VIRTUAL_PATH +$Env:PATH = "$VenvExecDir$([System.IO.Path]::PathSeparator)$Env:PATH" diff --git a/queries/venv/bin/activate b/queries/venv/bin/activate new file mode 100644 index 000000000..3c98eec4d --- /dev/null +++ b/queries/venv/bin/activate @@ -0,0 +1,66 @@ +# This file must be used with "source bin/activate" *from bash* +# you cannot run it directly + +deactivate () { + # reset old environment variables + if [ -n "${_OLD_VIRTUAL_PATH:-}" ] ; then + PATH="${_OLD_VIRTUAL_PATH:-}" + export PATH + unset _OLD_VIRTUAL_PATH + fi + if [ -n "${_OLD_VIRTUAL_PYTHONHOME:-}" ] ; then + PYTHONHOME="${_OLD_VIRTUAL_PYTHONHOME:-}" + export PYTHONHOME + unset _OLD_VIRTUAL_PYTHONHOME + fi + + # This should detect bash and zsh, which have a hash command that must + # be called to get it to forget past commands. Without forgetting + # past commands the $PATH changes we made may not be respected + if [ -n "${BASH:-}" -o -n "${ZSH_VERSION:-}" ] ; then + hash -r 2> /dev/null + fi + + if [ -n "${_OLD_VIRTUAL_PS1:-}" ] ; then + PS1="${_OLD_VIRTUAL_PS1:-}" + export PS1 + unset _OLD_VIRTUAL_PS1 + fi + + unset VIRTUAL_ENV + if [ ! "${1:-}" = "nondestructive" ] ; then + # Self destruct! + unset -f deactivate + fi +} + +# unset irrelevant variables +deactivate nondestructive + +VIRTUAL_ENV="/Users/crito/workspace/opengovern/platform-configuration/queries/venv" +export VIRTUAL_ENV + +_OLD_VIRTUAL_PATH="$PATH" +PATH="$VIRTUAL_ENV/bin:$PATH" +export PATH + +# unset PYTHONHOME if set +# this will fail if PYTHONHOME is set to the empty string (which is bad anyway) +# could use `if (set -u; : $PYTHONHOME) ;` in bash +if [ -n "${PYTHONHOME:-}" ] ; then + _OLD_VIRTUAL_PYTHONHOME="${PYTHONHOME:-}" + unset PYTHONHOME +fi + +if [ -z "${VIRTUAL_ENV_DISABLE_PROMPT:-}" ] ; then + _OLD_VIRTUAL_PS1="${PS1:-}" + PS1="(venv) ${PS1:-}" + export PS1 +fi + +# This should detect bash and zsh, which have a hash command that must +# be called to get it to forget past commands. Without forgetting +# past commands the $PATH changes we made may not be respected +if [ -n "${BASH:-}" -o -n "${ZSH_VERSION:-}" ] ; then + hash -r 2> /dev/null +fi diff --git a/queries/venv/bin/activate.csh b/queries/venv/bin/activate.csh new file mode 100644 index 000000000..72965ce19 --- /dev/null +++ b/queries/venv/bin/activate.csh @@ -0,0 +1,25 @@ +# This file must be used with "source bin/activate.csh" *from csh*. +# You cannot run it directly. +# Created by Davide Di Blasi . +# Ported to Python 3.3 venv by Andrew Svetlov + +alias deactivate 'test $?_OLD_VIRTUAL_PATH != 0 && setenv PATH "$_OLD_VIRTUAL_PATH" && unset _OLD_VIRTUAL_PATH; rehash; test $?_OLD_VIRTUAL_PROMPT != 0 && set prompt="$_OLD_VIRTUAL_PROMPT" && unset _OLD_VIRTUAL_PROMPT; unsetenv VIRTUAL_ENV; test "\!:*" != "nondestructive" && unalias deactivate' + +# Unset irrelevant variables. +deactivate nondestructive + +setenv VIRTUAL_ENV "/Users/crito/workspace/opengovern/platform-configuration/queries/venv" + +set _OLD_VIRTUAL_PATH="$PATH" +setenv PATH "$VIRTUAL_ENV/bin:$PATH" + + +set _OLD_VIRTUAL_PROMPT="$prompt" + +if (! "$?VIRTUAL_ENV_DISABLE_PROMPT") then + set prompt = "(venv) $prompt" +endif + +alias pydoc python -m pydoc + +rehash diff --git a/queries/venv/bin/activate.fish b/queries/venv/bin/activate.fish new file mode 100644 index 000000000..30f0f6ca5 --- /dev/null +++ b/queries/venv/bin/activate.fish @@ -0,0 +1,64 @@ +# This file must be used with "source /bin/activate.fish" *from fish* +# (https://fishshell.com/); you cannot run it directly. + +function deactivate -d "Exit virtual environment and return to normal shell environment" + # reset old environment variables + if test -n "$_OLD_VIRTUAL_PATH" + set -gx PATH $_OLD_VIRTUAL_PATH + set -e _OLD_VIRTUAL_PATH + end + if test -n "$_OLD_VIRTUAL_PYTHONHOME" + set -gx PYTHONHOME $_OLD_VIRTUAL_PYTHONHOME + set -e _OLD_VIRTUAL_PYTHONHOME + end + + if test -n "$_OLD_FISH_PROMPT_OVERRIDE" + functions -e fish_prompt + set -e _OLD_FISH_PROMPT_OVERRIDE + functions -c _old_fish_prompt fish_prompt + functions -e _old_fish_prompt + end + + set -e VIRTUAL_ENV + if test "$argv[1]" != "nondestructive" + # Self-destruct! + functions -e deactivate + end +end + +# Unset irrelevant variables. +deactivate nondestructive + +set -gx VIRTUAL_ENV "/Users/crito/workspace/opengovern/platform-configuration/queries/venv" + +set -gx _OLD_VIRTUAL_PATH $PATH +set -gx PATH "$VIRTUAL_ENV/bin" $PATH + +# Unset PYTHONHOME if set. +if set -q PYTHONHOME + set -gx _OLD_VIRTUAL_PYTHONHOME $PYTHONHOME + set -e PYTHONHOME +end + +if test -z "$VIRTUAL_ENV_DISABLE_PROMPT" + # fish uses a function instead of an env var to generate the prompt. + + # Save the current fish_prompt function as the function _old_fish_prompt. + functions -c fish_prompt _old_fish_prompt + + # With the original prompt function renamed, we can override with our own. + function fish_prompt + # Save the return status of the last command. + set -l old_status $status + + # Output the venv prompt; color taken from the blue of the Python logo. + printf "%s%s%s" (set_color 4B8BBE) "(venv) " (set_color normal) + + # Restore the return status of the previous command. + echo "exit $old_status" | . + # Output the original/"old" prompt. + _old_fish_prompt + end + + set -gx _OLD_FISH_PROMPT_OVERRIDE "$VIRTUAL_ENV" +end diff --git a/queries/venv/bin/pip b/queries/venv/bin/pip new file mode 100755 index 000000000..3cd1e43b1 --- /dev/null +++ b/queries/venv/bin/pip @@ -0,0 +1,8 @@ +#!/Users/crito/workspace/opengovern/platform-configuration/queries/venv/bin/python3 +# -*- coding: utf-8 -*- +import re +import sys +from pip._internal.cli.main import main +if __name__ == '__main__': + sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0]) + sys.exit(main()) diff --git a/queries/venv/bin/pip3 b/queries/venv/bin/pip3 new file mode 100755 index 000000000..3cd1e43b1 --- /dev/null +++ b/queries/venv/bin/pip3 @@ -0,0 +1,8 @@ +#!/Users/crito/workspace/opengovern/platform-configuration/queries/venv/bin/python3 +# -*- coding: utf-8 -*- +import re +import sys +from pip._internal.cli.main import main +if __name__ == '__main__': + sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0]) + sys.exit(main()) diff --git a/queries/venv/bin/pip3.9 b/queries/venv/bin/pip3.9 new file mode 100755 index 000000000..3cd1e43b1 --- /dev/null +++ b/queries/venv/bin/pip3.9 @@ -0,0 +1,8 @@ +#!/Users/crito/workspace/opengovern/platform-configuration/queries/venv/bin/python3 +# -*- coding: utf-8 -*- +import re +import sys +from pip._internal.cli.main import main +if __name__ == '__main__': + sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0]) + sys.exit(main()) diff --git a/queries/venv/bin/python b/queries/venv/bin/python new file mode 120000 index 000000000..b8a0adbbb --- /dev/null +++ b/queries/venv/bin/python @@ -0,0 +1 @@ +python3 \ No newline at end of file diff --git a/queries/venv/bin/python3 b/queries/venv/bin/python3 new file mode 120000 index 000000000..975a95fae --- /dev/null +++ b/queries/venv/bin/python3 @@ -0,0 +1 @@ +/Applications/Xcode.app/Contents/Developer/usr/bin/python3 \ No newline at end of file diff --git a/queries/venv/bin/python3.9 b/queries/venv/bin/python3.9 new file mode 120000 index 000000000..b8a0adbbb --- /dev/null +++ b/queries/venv/bin/python3.9 @@ -0,0 +1 @@ +python3 \ No newline at end of file diff --git a/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/INSTALLER b/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/INSTALLER new file mode 100644 index 000000000..a1b589e38 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/INSTALLER @@ -0,0 +1 @@ +pip diff --git a/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/LICENSE b/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/LICENSE new file mode 100644 index 000000000..2f1b8e15e --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/LICENSE @@ -0,0 +1,20 @@ +Copyright (c) 2017-2021 Ingy döt Net +Copyright (c) 2006-2016 Kirill Simonov + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +of the Software, and to permit persons to whom the Software is furnished to do +so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/METADATA b/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/METADATA new file mode 100644 index 000000000..db029b770 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/METADATA @@ -0,0 +1,46 @@ +Metadata-Version: 2.1 +Name: PyYAML +Version: 6.0.2 +Summary: YAML parser and emitter for Python +Home-page: https://pyyaml.org/ +Download-URL: https://pypi.org/project/PyYAML/ +Author: Kirill Simonov +Author-email: xi@resolvent.net +License: MIT +Project-URL: Bug Tracker, https://github.com/yaml/pyyaml/issues +Project-URL: CI, https://github.com/yaml/pyyaml/actions +Project-URL: Documentation, https://pyyaml.org/wiki/PyYAMLDocumentation +Project-URL: Mailing lists, http://lists.sourceforge.net/lists/listinfo/yaml-core +Project-URL: Source Code, https://github.com/yaml/pyyaml +Platform: Any +Classifier: Development Status :: 5 - Production/Stable +Classifier: Intended Audience :: Developers +Classifier: License :: OSI Approved :: MIT License +Classifier: Operating System :: OS Independent +Classifier: Programming Language :: Cython +Classifier: Programming Language :: Python +Classifier: Programming Language :: Python :: 3 +Classifier: Programming Language :: Python :: 3.8 +Classifier: Programming Language :: Python :: 3.9 +Classifier: Programming Language :: Python :: 3.10 +Classifier: Programming Language :: Python :: 3.11 +Classifier: Programming Language :: Python :: 3.12 +Classifier: Programming Language :: Python :: 3.13 +Classifier: Programming Language :: Python :: Implementation :: CPython +Classifier: Programming Language :: Python :: Implementation :: PyPy +Classifier: Topic :: Software Development :: Libraries :: Python Modules +Classifier: Topic :: Text Processing :: Markup +Requires-Python: >=3.8 +License-File: LICENSE + +YAML is a data serialization format designed for human readability +and interaction with scripting languages. PyYAML is a YAML parser +and emitter for Python. + +PyYAML features a complete YAML 1.1 parser, Unicode support, pickle +support, capable extension API, and sensible error messages. PyYAML +supports standard YAML tags and provides Python-specific tags that +allow to represent an arbitrary Python object. + +PyYAML is applicable for a broad range of tasks from complex +configuration files to object serialization and persistence. diff --git a/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/RECORD b/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/RECORD new file mode 100644 index 000000000..5e8ae2456 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/RECORD @@ -0,0 +1,44 @@ +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/_yaml/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/composer.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/constructor.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/cyaml.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/dumper.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/emitter.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/error.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/events.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/loader.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/nodes.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/parser.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/reader.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/representer.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/resolver.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/scanner.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/serializer.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/yaml/tokens.cpython-39.pyc,, +PyYAML-6.0.2.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4 +PyYAML-6.0.2.dist-info/LICENSE,sha256=jTko-dxEkP1jVwfLiOsmvXZBAqcoKVQwfT5RZ6V36KQ,1101 +PyYAML-6.0.2.dist-info/METADATA,sha256=9-odFB5seu4pGPcEv7E8iyxNF51_uKnaNGjLAhz2lto,2060 +PyYAML-6.0.2.dist-info/RECORD,, +PyYAML-6.0.2.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +PyYAML-6.0.2.dist-info/WHEEL,sha256=_exXVVrX7A7i2-EOwk1kG5BcIkGQg9kfHel4XXV7Pbs,108 +PyYAML-6.0.2.dist-info/top_level.txt,sha256=rpj0IVMTisAjh_1vG3Ccf9v5jpCQwAz6cD1IVU5ZdhQ,11 +_yaml/__init__.py,sha256=04Ae_5osxahpJHa3XBZUAf4wi6XX32gR8D6X6p64GEA,1402 +yaml/__init__.py,sha256=N35S01HMesFTe0aRRMWkPj0Pa8IEbHpE9FK7cr5Bdtw,12311 +yaml/_yaml.cpython-39-darwin.so,sha256=M2KE3yTE4V45j6eldH3CtbdgyypSAYZDwK0vfU6qi80,359176 +yaml/composer.py,sha256=_Ko30Wr6eDWUeUpauUGT3Lcg9QPBnOPVlTnIMRGJ9FM,4883 +yaml/constructor.py,sha256=kNgkfaeLUkwQYY_Q6Ff1Tz2XVw_pG1xVE9Ak7z-viLA,28639 +yaml/cyaml.py,sha256=6ZrAG9fAYvdVe2FK_w0hmXoG7ZYsoYUwapG8CiC72H0,3851 +yaml/dumper.py,sha256=PLctZlYwZLp7XmeUdwRuv4nYOZ2UBnDIUy8-lKfLF-o,2837 +yaml/emitter.py,sha256=jghtaU7eFwg31bG0B7RZea_29Adi9CKmXq_QjgQpCkQ,43006 +yaml/error.py,sha256=Ah9z-toHJUbE9j-M8YpxgSRM5CgLCcwVzJgLLRF2Fxo,2533 +yaml/events.py,sha256=50_TksgQiE4up-lKo_V-nBy-tAIxkIPQxY5qDhKCeHw,2445 +yaml/loader.py,sha256=UVa-zIqmkFSCIYq_PgSGm4NSJttHY2Rf_zQ4_b1fHN0,2061 +yaml/nodes.py,sha256=gPKNj8pKCdh2d4gr3gIYINnPOaOxGhJAUiYhGRnPE84,1440 +yaml/parser.py,sha256=ilWp5vvgoHFGzvOZDItFoGjD6D42nhlZrZyjAwa0oJo,25495 +yaml/reader.py,sha256=0dmzirOiDG4Xo41RnuQS7K9rkY3xjHiVasfDMNTqCNw,6794 +yaml/representer.py,sha256=IuWP-cAW9sHKEnS0gCqSa894k1Bg4cgTxaDwIcbRQ-Y,14190 +yaml/resolver.py,sha256=9L-VYfm4mWHxUD1Vg4X7rjDRK_7VZd6b92wzq7Y2IKY,9004 +yaml/scanner.py,sha256=YEM3iLZSaQwXcQRg2l2R4MdT0zGP2F9eHkKGKnHyWQY,51279 +yaml/serializer.py,sha256=ChuFgmhU01hj4xgI8GaKv6vfM2Bujwa9i7d2FAHj7cA,4165 +yaml/tokens.py,sha256=lTQIzSVw8Mg9wv459-TjiOQe6wVziqaRlqX2_89rp54,2573 diff --git a/queries/processed_files.log b/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/REQUESTED similarity index 100% rename from queries/processed_files.log rename to queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/REQUESTED diff --git a/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/WHEEL b/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/WHEEL new file mode 100644 index 000000000..42b682a8d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/WHEEL @@ -0,0 +1,5 @@ +Wheel-Version: 1.0 +Generator: bdist_wheel (0.44.0) +Root-Is-Purelib: false +Tag: cp39-cp39-macosx_11_0_arm64 + diff --git a/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/top_level.txt b/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/top_level.txt new file mode 100644 index 000000000..e6475e911 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/PyYAML-6.0.2.dist-info/top_level.txt @@ -0,0 +1,2 @@ +_yaml +yaml diff --git a/queries/venv/lib/python3.9/site-packages/_distutils_hack/__init__.py b/queries/venv/lib/python3.9/site-packages/_distutils_hack/__init__.py new file mode 100644 index 000000000..5f40996a6 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/_distutils_hack/__init__.py @@ -0,0 +1,128 @@ +import sys +import os +import re +import importlib +import warnings + + +is_pypy = '__pypy__' in sys.builtin_module_names + + +warnings.filterwarnings('ignore', + r'.+ distutils\b.+ deprecated', + DeprecationWarning) + + +def warn_distutils_present(): + if 'distutils' not in sys.modules: + return + if is_pypy and sys.version_info < (3, 7): + # PyPy for 3.6 unconditionally imports distutils, so bypass the warning + # https://foss.heptapod.net/pypy/pypy/-/blob/be829135bc0d758997b3566062999ee8b23872b4/lib-python/3/site.py#L250 + return + warnings.warn( + "Distutils was imported before Setuptools, but importing Setuptools " + "also replaces the `distutils` module in `sys.modules`. This may lead " + "to undesirable behaviors or errors. To avoid these issues, avoid " + "using distutils directly, ensure that setuptools is installed in the " + "traditional way (e.g. not an editable install), and/or make sure " + "that setuptools is always imported before distutils.") + + +def clear_distutils(): + if 'distutils' not in sys.modules: + return + warnings.warn("Setuptools is replacing distutils.") + mods = [name for name in sys.modules if re.match(r'distutils\b', name)] + for name in mods: + del sys.modules[name] + + +def enabled(): + """ + Allow selection of distutils by environment variable. + """ + which = os.environ.get('SETUPTOOLS_USE_DISTUTILS', 'stdlib') + return which == 'local' + + +def ensure_local_distutils(): + clear_distutils() + distutils = importlib.import_module('setuptools._distutils') + distutils.__name__ = 'distutils' + sys.modules['distutils'] = distutils + + # sanity check that submodules load as expected + core = importlib.import_module('distutils.core') + assert '_distutils' in core.__file__, core.__file__ + + +def do_override(): + """ + Ensure that the local copy of distutils is preferred over stdlib. + + See https://github.com/pypa/setuptools/issues/417#issuecomment-392298401 + for more motivation. + """ + if enabled(): + warn_distutils_present() + ensure_local_distutils() + + +class DistutilsMetaFinder: + def find_spec(self, fullname, path, target=None): + if path is not None: + return + + method_name = 'spec_for_{fullname}'.format(**locals()) + method = getattr(self, method_name, lambda: None) + return method() + + def spec_for_distutils(self): + import importlib.abc + import importlib.util + + class DistutilsLoader(importlib.abc.Loader): + + def create_module(self, spec): + return importlib.import_module('setuptools._distutils') + + def exec_module(self, module): + pass + + return importlib.util.spec_from_loader('distutils', DistutilsLoader()) + + def spec_for_pip(self): + """ + Ensure stdlib distutils when running under pip. + See pypa/pip#8761 for rationale. + """ + if self.pip_imported_during_build(): + return + clear_distutils() + self.spec_for_distutils = lambda: None + + @staticmethod + def pip_imported_during_build(): + """ + Detect if pip is being imported in a build script. Ref #2355. + """ + import traceback + return any( + frame.f_globals['__file__'].endswith('setup.py') + for frame, line in traceback.walk_stack(None) + ) + + +DISTUTILS_FINDER = DistutilsMetaFinder() + + +def add_shim(): + sys.meta_path.insert(0, DISTUTILS_FINDER) + + +def remove_shim(): + try: + sys.meta_path.remove(DISTUTILS_FINDER) + except ValueError: + pass diff --git a/queries/venv/lib/python3.9/site-packages/_distutils_hack/override.py b/queries/venv/lib/python3.9/site-packages/_distutils_hack/override.py new file mode 100644 index 000000000..2cc433a4a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/_distutils_hack/override.py @@ -0,0 +1 @@ +__import__('_distutils_hack').do_override() diff --git a/queries/venv/lib/python3.9/site-packages/_yaml/__init__.py b/queries/venv/lib/python3.9/site-packages/_yaml/__init__.py new file mode 100644 index 000000000..7baa8c4b6 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/_yaml/__init__.py @@ -0,0 +1,33 @@ +# This is a stub package designed to roughly emulate the _yaml +# extension module, which previously existed as a standalone module +# and has been moved into the `yaml` package namespace. +# It does not perfectly mimic its old counterpart, but should get +# close enough for anyone who's relying on it even when they shouldn't. +import yaml + +# in some circumstances, the yaml module we imoprted may be from a different version, so we need +# to tread carefully when poking at it here (it may not have the attributes we expect) +if not getattr(yaml, '__with_libyaml__', False): + from sys import version_info + + exc = ModuleNotFoundError if version_info >= (3, 6) else ImportError + raise exc("No module named '_yaml'") +else: + from yaml._yaml import * + import warnings + warnings.warn( + 'The _yaml extension module is now located at yaml._yaml' + ' and its location is subject to change. To use the' + ' LibYAML-based parser and emitter, import from `yaml`:' + ' `from yaml import CLoader as Loader, CDumper as Dumper`.', + DeprecationWarning + ) + del warnings + # Don't `del yaml` here because yaml is actually an existing + # namespace member of _yaml. + +__name__ = '_yaml' +# If the module is top-level (i.e. not a part of any specific package) +# then the attribute should be set to ''. +# https://docs.python.org/3.8/library/types.html +__package__ = '' diff --git a/queries/venv/lib/python3.9/site-packages/distutils-precedence.pth b/queries/venv/lib/python3.9/site-packages/distutils-precedence.pth new file mode 100644 index 000000000..6de4198fc --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/distutils-precedence.pth @@ -0,0 +1 @@ +import os; var = 'SETUPTOOLS_USE_DISTUTILS'; enabled = os.environ.get(var, 'stdlib') == 'local'; enabled and __import__('_distutils_hack').add_shim(); diff --git a/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/INSTALLER b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/INSTALLER new file mode 100644 index 000000000..a1b589e38 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/INSTALLER @@ -0,0 +1 @@ +pip diff --git a/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/LICENSE.txt b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/LICENSE.txt new file mode 100644 index 000000000..00addc272 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/LICENSE.txt @@ -0,0 +1,20 @@ +Copyright (c) 2008-2021 The pip developers (see AUTHORS.txt file) + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/METADATA b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/METADATA new file mode 100644 index 000000000..fa1b07f9d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/METADATA @@ -0,0 +1,92 @@ +Metadata-Version: 2.1 +Name: pip +Version: 21.2.4 +Summary: The PyPA recommended tool for installing Python packages. +Home-page: https://pip.pypa.io/ +Author: The pip developers +Author-email: distutils-sig@python.org +License: MIT +Project-URL: Documentation, https://pip.pypa.io +Project-URL: Source, https://github.com/pypa/pip +Project-URL: Changelog, https://pip.pypa.io/en/stable/news/ +Platform: UNKNOWN +Classifier: Development Status :: 5 - Production/Stable +Classifier: Intended Audience :: Developers +Classifier: License :: OSI Approved :: MIT License +Classifier: Topic :: Software Development :: Build Tools +Classifier: Programming Language :: Python +Classifier: Programming Language :: Python :: 3 +Classifier: Programming Language :: Python :: 3 :: Only +Classifier: Programming Language :: Python :: 3.6 +Classifier: Programming Language :: Python :: 3.7 +Classifier: Programming Language :: Python :: 3.8 +Classifier: Programming Language :: Python :: 3.9 +Classifier: Programming Language :: Python :: Implementation :: CPython +Classifier: Programming Language :: Python :: Implementation :: PyPy +Requires-Python: >=3.6 +License-File: LICENSE.txt + +pip - The Python Package Installer +================================== + +.. image:: https://img.shields.io/pypi/v/pip.svg + :target: https://pypi.org/project/pip/ + +.. image:: https://readthedocs.org/projects/pip/badge/?version=latest + :target: https://pip.pypa.io/en/latest + +pip is the `package installer`_ for Python. You can use pip to install packages from the `Python Package Index`_ and other indexes. + +Please take a look at our documentation for how to install and use pip: + +* `Installation`_ +* `Usage`_ + +We release updates regularly, with a new version every 3 months. Find more details in our documentation: + +* `Release notes`_ +* `Release process`_ + +In pip 20.3, we've `made a big improvement to the heart of pip`_; `learn more`_. We want your input, so `sign up for our user experience research studies`_ to help us do it right. + +**Note**: pip 21.0, in January 2021, removed Python 2 support, per pip's `Python 2 support policy`_. Please migrate to Python 3. + +If you find bugs, need help, or want to talk to the developers, please use our mailing lists or chat rooms: + +* `Issue tracking`_ +* `Discourse channel`_ +* `User IRC`_ + +If you want to get involved head over to GitHub to get the source code, look at our development documentation and feel free to jump on the developer mailing lists and chat rooms: + +* `GitHub page`_ +* `Development documentation`_ +* `Development mailing list`_ +* `Development IRC`_ + +Code of Conduct +--------------- + +Everyone interacting in the pip project's codebases, issue trackers, chat +rooms, and mailing lists is expected to follow the `PSF Code of Conduct`_. + +.. _package installer: https://packaging.python.org/guides/tool-recommendations/ +.. _Python Package Index: https://pypi.org +.. _Installation: https://pip.pypa.io/en/stable/installation/ +.. _Usage: https://pip.pypa.io/en/stable/ +.. _Release notes: https://pip.pypa.io/en/stable/news.html +.. _Release process: https://pip.pypa.io/en/latest/development/release-process/ +.. _GitHub page: https://github.com/pypa/pip +.. _Development documentation: https://pip.pypa.io/en/latest/development +.. _made a big improvement to the heart of pip: https://pyfound.blogspot.com/2020/11/pip-20-3-new-resolver.html +.. _learn more: https://pip.pypa.io/en/latest/user_guide/#changes-to-the-pip-dependency-resolver-in-20-3-2020 +.. _sign up for our user experience research studies: https://pyfound.blogspot.com/2020/03/new-pip-resolver-to-roll-out-this-year.html +.. _Python 2 support policy: https://pip.pypa.io/en/latest/development/release-process/#python-2-support +.. _Issue tracking: https://github.com/pypa/pip/issues +.. _Discourse channel: https://discuss.python.org/c/packaging +.. _Development mailing list: https://mail.python.org/mailman3/lists/distutils-sig.python.org/ +.. _User IRC: https://kiwiirc.com/nextclient/#ircs://irc.libera.chat:+6697/pypa +.. _Development IRC: https://kiwiirc.com/nextclient/#ircs://irc.libera.chat:+6697/pypa-dev +.. _PSF Code of Conduct: https://github.com/pypa/.github/blob/main/CODE_OF_CONDUCT.md + + diff --git a/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/RECORD b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/RECORD new file mode 100644 index 000000000..bb81c5cc8 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/RECORD @@ -0,0 +1,795 @@ +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/__main__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/build_env.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/cache.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/autocompletion.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/base_command.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/cmdoptions.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/command_context.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/main.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/main_parser.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/parser.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/progress_bars.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/req_command.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/spinners.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/status_codes.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/cache.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/check.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/completion.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/configuration.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/debug.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/download.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/freeze.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/hash.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/help.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/index.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/install.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/list.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/search.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/show.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/uninstall.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/wheel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/configuration.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/base.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/installed.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/sdist.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/wheel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/exceptions.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/index/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/index/collector.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/index/package_finder.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/index/sources.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/_distutils.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/_sysconfig.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/base.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/main.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/base.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/pkg_resources.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/models/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/models/candidate.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/models/direct_url.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/models/format_control.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/models/index.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/models/link.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/models/scheme.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/models/search_scope.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/models/selection_prefs.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/models/target_python.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/models/wheel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/network/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/network/auth.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/network/cache.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/network/download.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/network/lazy_wheel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/network/session.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/network/utils.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/network/xmlrpc.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/metadata.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/metadata_legacy.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/wheel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/wheel_legacy.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/check.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/freeze.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/editable_legacy.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/legacy.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/wheel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/prepare.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/pyproject.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/req/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/req/constructors.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_file.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_install.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_set.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_tracker.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_uninstall.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/base.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/legacy/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/legacy/resolver.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/base.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/candidates.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/factory.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/found_candidates.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/provider.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/reporter.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/requirements.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/resolver.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/self_outdated_check.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/_log.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/appdirs.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/compat.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/compatibility_tags.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/datetime.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/deprecation.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/direct_url_helpers.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/distutils_args.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/encoding.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/entrypoints.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/filesystem.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/filetypes.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/glibc.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/hashes.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/inject_securetransport.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/logging.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/misc.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/models.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/packaging.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/parallel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/pkg_resources.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/setuptools_build.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/subprocess.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/temp_dir.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/unpacking.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/urls.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/virtualenv.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/wheel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/bazaar.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/git.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/mercurial.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/subversion.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/versioncontrol.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_internal/wheel_builder.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/appdirs.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/_cmd.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/adapter.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/cache.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/file_cache.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/redis_cache.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/compat.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/controller.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/filewrapper.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/heuristics.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/serialize.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/wrapper.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/__main__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/core.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/big5freq.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/big5prober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/chardistribution.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/charsetgroupprober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/charsetprober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cli/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cli/chardetect.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/codingstatemachine.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/compat.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cp949prober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/enums.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/escprober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/escsm.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/eucjpprober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euckrfreq.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euckrprober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euctwfreq.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euctwprober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/gb2312freq.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/gb2312prober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/hebrewprober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/jisfreq.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/jpcntx.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langbulgarianmodel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langgreekmodel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langhebrewmodel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langhungarianmodel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langrussianmodel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langthaimodel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langturkishmodel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/latin1prober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcharsetprober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcsgroupprober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcssm.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/metadata/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/metadata/languages.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sbcharsetprober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sbcsgroupprober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sjisprober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/universaldetector.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/utf8prober.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/version.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/ansi.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/ansitowin32.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/initialise.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/win32.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/winterm.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/misc.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/shutil.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/sysconfig.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/tarfile.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/compat.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/database.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/index.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/locators.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/manifest.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/markers.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/metadata.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/resources.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/scripts.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/util.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/version.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/wheel.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/distro.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_ihatexml.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_inputstream.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_tokenizer.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/_base.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/py.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_utils.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/constants.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/alphabeticalattributes.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/base.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/inject_meta_charset.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/lint.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/optionaltags.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/sanitizer.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/whitespace.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/html5parser.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/serializer.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treeadapters/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treeadapters/genshi.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treeadapters/sax.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treebuilders/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treebuilders/base.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treebuilders/dom.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treebuilders/etree.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treebuilders/etree_lxml.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treewalkers/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treewalkers/base.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treewalkers/dom.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treewalkers/etree.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treewalkers/etree_lxml.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/treewalkers/genshi.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/codec.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/compat.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/core.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/idnadata.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/intranges.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/package_data.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/idna/uts46data.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/msgpack/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/msgpack/_version.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/msgpack/exceptions.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/msgpack/ext.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/msgpack/fallback.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/__about__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/_manylinux.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/_musllinux.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/_structures.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/markers.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/requirements.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/specifiers.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/tags.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/utils.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/packaging/version.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/build.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/check.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/colorlog.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/compat.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/dirtools.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/envbuild.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/in_process/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/in_process/_in_process.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/meta.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pep517/wrappers.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pkg_resources/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pkg_resources/py31compat.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/progress/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/progress/bar.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/progress/counter.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/progress/spinner.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/pyparsing.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/__version__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/_internal_utils.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/adapters.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/api.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/auth.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/certs.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/compat.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/cookies.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/exceptions.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/help.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/hooks.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/models.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/packages.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/sessions.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/status_codes.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/structures.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/requests/utils.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/compat/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/compat/collections_abc.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/providers.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/reporters.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/resolvers.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/resolvelib/structs.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/six.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/_asyncio.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/_utils.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/after.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/before.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/before_sleep.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/nap.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/retry.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/stop.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/tornadoweb.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tenacity/wait.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tomli/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tomli/_parser.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/tomli/_re.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/_collections.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/_version.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/connection.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/connectionpool.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/_appengine_environ.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/_securetransport/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/_securetransport/bindings.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/_securetransport/low_level.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/appengine.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/ntlmpool.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/pyopenssl.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/securetransport.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/contrib/socks.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/exceptions.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/fields.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/filepost.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/packages/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/packages/backports/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/packages/backports/makefile.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/packages/six.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/packages/ssl_match_hostname/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/packages/ssl_match_hostname/_implementation.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/poolmanager.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/request.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/response.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/connection.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/proxy.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/queue.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/request.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/response.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/retry.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/ssl_.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/ssltransport.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/timeout.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/url.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/urllib3/util/wait.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/webencodings/__init__.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/webencodings/labels.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/webencodings/mklabels.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/webencodings/tests.cpython-39.pyc,, +../../../../../../../../Library/Caches/com.apple.python/Users/crito/workspace/opengovern/platform-configuration/queries/venv/lib/python3.9/site-packages/pip/_vendor/webencodings/x_user_defined.cpython-39.pyc,, +../../../bin/pip,sha256=OptD7weXa2hTmMhpCy2NcRWPeWYeQBxunOM4RFICeAE,286 +../../../bin/pip3,sha256=OptD7weXa2hTmMhpCy2NcRWPeWYeQBxunOM4RFICeAE,286 +../../../bin/pip3.9,sha256=OptD7weXa2hTmMhpCy2NcRWPeWYeQBxunOM4RFICeAE,286 +pip-21.2.4.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4 +pip-21.2.4.dist-info/LICENSE.txt,sha256=I6c2HCsVgQKLxiO52ivSSZeryqR4Gs5q1ESjeUT42uE,1090 +pip-21.2.4.dist-info/METADATA,sha256=PGCimuD-VsKv664Ne_9navMt6I9Ym_rm5p_u6Ykgfd4,4165 +pip-21.2.4.dist-info/RECORD,, +pip-21.2.4.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +pip-21.2.4.dist-info/WHEEL,sha256=OqRkF0eY5GHssMorFjlbTIq072vpHpF60fIQA6lS9xA,92 +pip-21.2.4.dist-info/entry_points.txt,sha256=5ExSa1s54zSPNA_1epJn5SX06786S8k5YHwskMvVYzw,125 +pip-21.2.4.dist-info/top_level.txt,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4 +pip/__init__.py,sha256=EkjFYKiNdO5r1TZT1K-GxPs3Bl2IdRXw75e7IVsKrmc,357 +pip/__main__.py,sha256=mXwWDftNLMKfwVqKFWGE_uuBZvGSIiUELhLkeysIuZc,1198 +pip/_internal/__init__.py,sha256=nnFCuxrPMgALrIDxSoy-H6Zj4W4UY60D-uL1aJyq0pc,573 +pip/_internal/build_env.py,sha256=uqtt1F0185ctzme5UX43I6bFHVeORY7q-dyhpkk5NDE,10121 +pip/_internal/cache.py,sha256=6VONtoReGZbBd7sqY1n6hwkdWC4iz3tmXwXwZjpjZKw,9958 +pip/_internal/cli/__init__.py,sha256=FkHBgpxxb-_gd6r1FjnNhfMOzAUYyXoXKJ6abijfcFU,132 +pip/_internal/cli/autocompletion.py,sha256=NK5yqe49SgExZOCFVEUT5Bf0QV2CuITGK27WSo2MWg8,6399 +pip/_internal/cli/base_command.py,sha256=Dq5oXBXYd24GaHs1vPt6CfYgCl22V_4tLEJqfQyBrdE,7596 +pip/_internal/cli/cmdoptions.py,sha256=xOqvgDNfpkMXVjy0mH3hI0HyczVD6wMuP8K44qsvbew,28283 +pip/_internal/cli/command_context.py,sha256=a1pBBvvGLDiZ1Kw64_4tT6HmRTwYDoYy8JFgG5Czn7s,760 +pip/_internal/cli/main.py,sha256=ioJ8IVlb2K1qLOxR-tXkee9lURhYV89CDM71MKag7YY,2472 +pip/_internal/cli/main_parser.py,sha256=Q9TnytfuC5Z2JSjBFWVGtEdYLFy7rukNIb04movHdAo,2614 +pip/_internal/cli/parser.py,sha256=CDXTuFr2UD8ozOlZYf1KDziQdo9-X_IaYOiUcyJQwrA,10788 +pip/_internal/cli/progress_bars.py,sha256=ha8wowclY8_PaoM0cz4G6qK37zjnzuxQ-ydOtzx4EMI,8300 +pip/_internal/cli/req_command.py,sha256=ZlxKFS9LtEbE1IRB6JyeUeYMe7lvKxVIzpdvag-BHok,16548 +pip/_internal/cli/spinners.py,sha256=TFhjxtOnLeNJ5YmRvQm4eKPgPbJNkZiqO8jOXuxRaYU,5076 +pip/_internal/cli/status_codes.py,sha256=sEFHUaUJbqv8iArL3HAtcztWZmGOFX01hTesSytDEh0,116 +pip/_internal/commands/__init__.py,sha256=3f1ZVidEDfgmzAH7aypZLKOZUvUy7qxv4X1CiIZEN30,3776 +pip/_internal/commands/cache.py,sha256=O1grQjTg6IRFs_8DxMH00583tmCR0ujqTMv_gZ0h0uU,7237 +pip/_internal/commands/check.py,sha256=gPC6GTp7S9aK73IeZAW7Z6yxlMnWdMyDTq9er9nXpIY,1570 +pip/_internal/commands/completion.py,sha256=4Uh_cg04qDmtmgLji-J4VJKZ8BaIBZy2_uTWLi8tiVk,2914 +pip/_internal/commands/configuration.py,sha256=TK9VTXNJ5haVH0Dc_ylhqo6A9Q_GcNoNsAOMJff4MYY,8962 +pip/_internal/commands/debug.py,sha256=f943fbrAUufQ7flAR2zHfI0oi_uqhJEEW7Fj_EiwB1Y,6647 +pip/_internal/commands/download.py,sha256=VGyQ6TDLiqJqJXfJwr_D6ZuHnYfhmzZPQk1mRSQp3tQ,4949 +pip/_internal/commands/freeze.py,sha256=x0-ia-MFrVvfYqe5p6yAWqzaK5AIi3SqqcXBJNvxXkg,2785 +pip/_internal/commands/hash.py,sha256=Y5FQ_WgbuEFnJxyLZdNYP928BGWNyNm9ljIUr90R6tI,1664 +pip/_internal/commands/help.py,sha256=F_IJkERv9gGfGC6YpBNYm_qs8xmBphUCfOuguNRSqLs,1132 +pip/_internal/commands/index.py,sha256=xA5LSVy1kv-IAvsjIX6Wnk5ZHA0Y_m6AP9T5ZoUGs9o,4781 +pip/_internal/commands/install.py,sha256=FV-qBbQ56TUEmLDtuWTMeNpD4aQtOpjBEi7ePqlEtSM,27493 +pip/_internal/commands/list.py,sha256=fpG6_KYqtAEBV8uSlt_lfF7o1GTuS4UdobsZjVqZspQ,11753 +pip/_internal/commands/search.py,sha256=P8GY077JmUwy7FiOgYJ1CPDsBPgmo7it-b14luquJN4,5543 +pip/_internal/commands/show.py,sha256=2TxWaJ2saCDSVUVBoRYueijLiueid2DNOhZuM-jhGf0,7974 +pip/_internal/commands/uninstall.py,sha256=0VQQMfPBTGSlWJn1RRgvYtJhSj7tQFYc3H1kOjrstRE,3480 +pip/_internal/commands/wheel.py,sha256=UiH15NXfrJ9piFNg3oHm4n2Jyk9Ojv5q0MvrWbHB3Ac,6189 +pip/_internal/configuration.py,sha256=QBLfhv-sbP-oR08NFxSYnv_mLB-SgtNOsWXAF9tDEcM,13725 +pip/_internal/distributions/__init__.py,sha256=Hq6kt6gXBgjNit5hTTWLAzeCNOKoB-N0pGYSqehrli8,858 +pip/_internal/distributions/base.py,sha256=GynlnVE3QLvNu4JvnxPO6D8IQSs_GAlFUabA6U-G-eU,1206 +pip/_internal/distributions/installed.py,sha256=gT20WSniecOvKGMA-nCyq-4DcJlrIjv8jT-JEWyEOnA,645 +pip/_internal/distributions/sdist.py,sha256=VBme1UNlCuH_wIoUHTZq9ngo2NpFWQXmJqnwUb3ZpTk,3862 +pip/_internal/distributions/wheel.py,sha256=J7DNQvKS50pXfwXtetKZtLNgYzkEc8SAbaKQ5v6JHtA,1183 +pip/_internal/exceptions.py,sha256=2JQJSS68oggR_ZIOA-h1U2DRADURbkQn9Nf4EZWZ834,13170 +pip/_internal/index/__init__.py,sha256=vpt-JeTZefh8a-FC22ZeBSXFVbuBcXSGiILhQZJaNpQ,30 +pip/_internal/index/collector.py,sha256=oH4XlYHvGMXePbjNhKZPpLI-NLBTXxpHRRZgQ85meNk,17645 +pip/_internal/index/package_finder.py,sha256=Zzto_P1YPeTlBjJTlPgU8wjocQDJnLYZxUSR8JxVf1E,36138 +pip/_internal/index/sources.py,sha256=SVyPitv08-Qalh2_Bk5diAJ9GAA_d-a93koouQodAG0,6557 +pip/_internal/locations/__init__.py,sha256=8HvAnPCRi2Ln5yimpHRq8NVtsImh1KEvqsPhi4H56y0,13292 +pip/_internal/locations/_distutils.py,sha256=Sk7tw8ZP1DWMYJ8MibABsa8IME2Ejv1PKeGlYQCBTZc,5871 +pip/_internal/locations/_sysconfig.py,sha256=LQNKTJKyjVqxXaPntlBwdUqTG1xwYf6GVCKMbyRJx5M,7918 +pip/_internal/locations/base.py,sha256=x5D1ONktmPJd8nnUTh-ELsAJ7fiXA-k-0a_vhfi2_Us,1579 +pip/_internal/main.py,sha256=BZ0vkdqgpoteTo1A1Q8ovFe8EzgKFJWOUjPmIUQfGCY,351 +pip/_internal/metadata/__init__.py,sha256=0XQDTWweYOV7kcMuzwoiCggu3wJearBNcK8JV9LXA6Y,1576 +pip/_internal/metadata/base.py,sha256=oRj58fKGutZKZCslfQlKfrzuXI_0M4w1xVOluT3-6TQ,7928 +pip/_internal/metadata/pkg_resources.py,sha256=xOYt6IluIDvVMgYX-QoZA3SFbToJlZDOVPRHVPJ2Uk4,5200 +pip/_internal/models/__init__.py,sha256=3DHUd_qxpPozfzouoqa9g9ts1Czr5qaHfFxbnxriepM,63 +pip/_internal/models/candidate.py,sha256=b2aiufhD5jZEI0zhEaMn_o1VRldVE2J-MPsqPpcY2Ds,946 +pip/_internal/models/direct_url.py,sha256=x2-kAnrP18XAdOftYBStDNt3Zfd8sipef5h0h_efGvY,6262 +pip/_internal/models/format_control.py,sha256=t5nmFD43huIFj0VchV6FuvlaRHfaMTotbBOTOPBsKeY,2557 +pip/_internal/models/index.py,sha256=_U2imEWggevvcI7rhQCFZK0djsE-It13BJmvW9Ejmig,1058 +pip/_internal/models/link.py,sha256=chRRuGqeE5w1XqidCrw6j-j8O-eeCmw-HUdYCR18HmQ,9809 +pip/_internal/models/scheme.py,sha256=i2QGt5J96gMKC_Wm7xO587kibhhChUQoULhAFgPRxkE,738 +pip/_internal/models/search_scope.py,sha256=mykEee0wDNCx9xZmQBtkgVaDiQVcDNqbjAZGqI1nm78,4474 +pip/_internal/models/selection_prefs.py,sha256=OEoiP83Wpm7cUwjH7fnbRo7TzHl5D4y23W0JnZLXk_4,1877 +pip/_internal/models/target_python.py,sha256=7iT4lbRtoNRkwsmLndysJ4Ic7Iwp_YyIII3doXeLD8c,3870 +pip/_internal/models/wheel.py,sha256=Ec8fvPoSYeBX9cvBvffLM7gNRx23CrVud1dN3zJmBjc,3541 +pip/_internal/network/__init__.py,sha256=jf6Tt5nV_7zkARBrKojIXItgejvoegVJVKUbhAa5Ioc,50 +pip/_internal/network/auth.py,sha256=zq-fu-eK_EwiqjT0SVmMxuzyvhBlCdBGJi_fnOmcar8,11645 +pip/_internal/network/cache.py,sha256=HoprMCecwd4IS2wDZowc9B_OpaBlFjJYJl4xOxvtuwU,2100 +pip/_internal/network/download.py,sha256=VmiR-KKIBugShZS4JlD7N8mq3hErx-0fK-D8aTYU3Og,6016 +pip/_internal/network/lazy_wheel.py,sha256=4szChUW2I9quggvjEoIhALezmiVVteescGh6TDUslaQ,7615 +pip/_internal/network/session.py,sha256=3tJHNQCooM7bjLK1WP-q6tiJ84jtqkyrIdrYY84WR1A,16582 +pip/_internal/network/utils.py,sha256=igLlTu_-q0LmL8FdJKq-Uj7AT_owrQ-T9FfyarkhK5U,4059 +pip/_internal/network/xmlrpc.py,sha256=AzQgG4GgS152_cqmGr_Oz2MIXsCal-xfsis7fA7nmU0,1791 +pip/_internal/operations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +pip/_internal/operations/build/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +pip/_internal/operations/build/metadata.py,sha256=jJp05Rrp0AMsQb7izDXbNGC1LtPNwOhHQj7cRM5324c,1165 +pip/_internal/operations/build/metadata_legacy.py,sha256=ECMBhLEPEQv6PUUCpPCXW-wN9QRXdY45PNXJv7BZKTU,1917 +pip/_internal/operations/build/wheel.py,sha256=WYLMxuxqN3ahJTQk2MI9hdmZKBpFyxHeNpUdO0PybxU,1106 +pip/_internal/operations/build/wheel_legacy.py,sha256=NOJhTYMYljdbizFo_WjkaKGWG1SEZ6aByrBdCrrsZB8,3227 +pip/_internal/operations/check.py,sha256=zEIdxyRL3vc7CQ1p8qkLFG-mjs-LjnaJDxOr1WI5Yp0,5295 +pip/_internal/operations/freeze.py,sha256=TyLvXT4ZqpIi8x8X_TTsgBJ76IG54CidJlxGIHBbmBM,10556 +pip/_internal/operations/install/__init__.py,sha256=mX7hyD2GNBO2mFGokDQ30r_GXv7Y_PLdtxcUv144e-s,51 +pip/_internal/operations/install/editable_legacy.py,sha256=bjBObfE6sz3UmGI7y4-GCgKa2WmTgnWlFFU7b-i0sQs,1396 +pip/_internal/operations/install/legacy.py,sha256=Wk_46sR7zDsh7vp4j63Hka4NTevQ617WdqJKt8_TuUQ,4405 +pip/_internal/operations/install/wheel.py,sha256=4Y6rtOpPnjlvGkzYXP8HXzqJu1KHEuA6ExgHBdZnD6s,29466 +pip/_internal/operations/prepare.py,sha256=jgnH7CIdoAhwnYOSpkESvhrJ1yr5TL2ZY5ojjSzRMZo,24848 +pip/_internal/pyproject.py,sha256=Sl1dOQYazG9AsrE0TXWK2zVcDR_FROshCTwjKBRQsPE,7063 +pip/_internal/req/__init__.py,sha256=lz4GFfzm5gsm0e8H98Wi6IPI14R2JdDMBc61-4F-0CY,2831 +pip/_internal/req/constructors.py,sha256=35LRb-iaL01AlKBOO_2vrbKil6KI5Tl450NJwUvUnhk,15826 +pip/_internal/req/req_file.py,sha256=TsBSr0LMVIYF7AqkwslyJxHPLstN0SMqKeVxciI2In4,17408 +pip/_internal/req/req_install.py,sha256=jPfSPt-s3RoRCj6tYqvvHaxxIW1yr8KbiPRGbAyF3pU,31671 +pip/_internal/req/req_set.py,sha256=NoPQztL1Z5HZEB3n2Wtst6KV51hMDAPe9AfdAUWmJLs,7572 +pip/_internal/req/req_tracker.py,sha256=dJ3ql2C3VyaKUQN9kwbFvOPMxAvbTdblB0hKQ2f6Lns,4182 +pip/_internal/req/req_uninstall.py,sha256=wBcGKaweIyi5RGPPpBqrrn62t8uP3frZmrUJ-qDeO0Y,23821 +pip/_internal/resolution/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +pip/_internal/resolution/base.py,sha256=yATwIW1VbJkwkFJIgG3JQafndFDSZ50smc-Ao9-SoxI,557 +pip/_internal/resolution/legacy/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +pip/_internal/resolution/legacy/resolver.py,sha256=TZnGUay9WM2Uk0W3D48OA70U9cLYYGHxles1h9ELqSg,17552 +pip/_internal/resolution/resolvelib/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +pip/_internal/resolution/resolvelib/base.py,sha256=Yvgb2jf0l6S4C2rXAbjbpURYF6yjUgCdwDSrnpiZA8U,5290 +pip/_internal/resolution/resolvelib/candidates.py,sha256=RgCvLf1meDecmw9lfhG_AU5tN9ufaC0EDrcVOR2hgiA,18842 +pip/_internal/resolution/resolvelib/factory.py,sha256=N9telNB1arFV-4TqdGdh9KML8zfAWdMbqUSNip6HeEc,26859 +pip/_internal/resolution/resolvelib/found_candidates.py,sha256=ES3PNACh3ONwGAghPip2Vbgyy_e4baKmeEEHVQiq47g,5285 +pip/_internal/resolution/resolvelib/provider.py,sha256=fy139RDxPrsPmNLn6YrrjqhBOmeLY0aHEEdzZqS35aU,8420 +pip/_internal/resolution/resolvelib/reporter.py,sha256=Z06Xa4d9dTWbHNvXIBtBxDn4DHeQmlyW9MJAojkC_iU,2600 +pip/_internal/resolution/resolvelib/requirements.py,sha256=pcsnwz7txyDNZUEOWJOZEfivy3COWHPf_DIU7fwZ-Kk,5455 +pip/_internal/resolution/resolvelib/resolver.py,sha256=Rry36d0uCKobfBnSPYMw8WStyNYtjAEFz3j6ZtBsbGQ,10523 +pip/_internal/self_outdated_check.py,sha256=ivoUYaGuq-Ra_DvlZvPtHhgbY97NKHYuPGzrgN2G1A8,6484 +pip/_internal/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +pip/_internal/utils/_log.py,sha256=-jHLOE_THaZz5BFcCnoSL9EYAtJ0nXem49s9of4jvKw,1015 +pip/_internal/utils/appdirs.py,sha256=CyH0arjhfR4kaeybXs5B1hxe66KeeCfssJhiRFxpFJk,1185 +pip/_internal/utils/compat.py,sha256=ACyBfLgj3_XG-iA5omEDrXqDM0cQKzi8h8HRBInzG6Q,1884 +pip/_internal/utils/compatibility_tags.py,sha256=h2P4U0ZCkWHwPYveBzFZA79it6agElRhm6yci7S8MCo,5454 +pip/_internal/utils/datetime.py,sha256=m21Y3wAtQc-ji6Veb6k_M5g6A0ZyFI4egchTdnwh-pQ,242 +pip/_internal/utils/deprecation.py,sha256=0bdiuvnAcAZMp1dDrwxK7uDgmJQDHVfb1790_ypO9U4,3200 +pip/_internal/utils/direct_url_helpers.py,sha256=5ffB9GHoqalUvSU6C53lEFdUgYcWAbXJGfyCwGyIlrY,2994 +pip/_internal/utils/distutils_args.py,sha256=mcAscyp80vTt3xAGTipnpgc83V-_wCvydNELVXLq7JI,1249 +pip/_internal/utils/encoding.py,sha256=bdZ3YgUpaOEBI5MP4-DEXiQarCW3V0rxw1kRz-TaU1Q,1169 +pip/_internal/utils/entrypoints.py,sha256=aPvCnQVi9Hdk35Kloww_D5ibjUpqxgqcJP8O9VuMZek,1055 +pip/_internal/utils/filesystem.py,sha256=rrl-rY1w8TYyKYndUyZlE9ffkQyA4-jI9x_59zXkn5s,5893 +pip/_internal/utils/filetypes.py,sha256=weviVbapHWVQ_8-K-PTQ_TnYL66kZi4SrVBTmRYZXLc,761 +pip/_internal/utils/glibc.py,sha256=GM1Y2hWkOf_tumySGFg-iNbc7oilBQQrjczb_705CF8,3170 +pip/_internal/utils/hashes.py,sha256=o1qQEkqe2AqsRm_JhLoM4hkxmVtewH0ZZpQ6EBObHuU,5167 +pip/_internal/utils/inject_securetransport.py,sha256=tGl9Bgyt2IHKtB3b0B-6r3W2yYF3Og-PBe0647S3lZs,810 +pip/_internal/utils/logging.py,sha256=E5VE1n-pqgdd5DajPQPKpmu7VpJVd7dAhhdjPZNsYjE,12344 +pip/_internal/utils/misc.py,sha256=WhWMKbtoBWvGrqVMaPekKML-orsLnD2e0N83arjpYQw,23644 +pip/_internal/utils/models.py,sha256=qCgYyUw2mIH1pombsJ3YQsMtONZgyJ4BGwO5MJnSC4c,1329 +pip/_internal/utils/packaging.py,sha256=I1938AB7FprcVJJd6C0vSiMuCVajmrxZF55vX5j0bMo,2900 +pip/_internal/utils/parallel.py,sha256=RZF4JddPEWVbkkPCknfvpqaLfm3Pmqd_ABoCHmV4lXs,3224 +pip/_internal/utils/pkg_resources.py,sha256=jwH5JViPe-JlXLvLC0-ASfTTCRYvm0u9CwQGcWjxStI,1106 +pip/_internal/utils/setuptools_build.py,sha256=xk9sRBjUyNTHs_TvEWebVWs1GfLPN208MzpSXr9Ok_A,5047 +pip/_internal/utils/subprocess.py,sha256=7QOQPJj6ezIVsypJJrcyyq4-mJM9qUsOdOLq0_wUiAA,10043 +pip/_internal/utils/temp_dir.py,sha256=9gs3N9GQeVXRVWjJIalSpH1uj8yQXPTzarb5n1_HMVo,7950 +pip/_internal/utils/unpacking.py,sha256=_qYZgmq8b0rRAN2swXsf9VfPogrjShlsTvhRI2heBYI,9050 +pip/_internal/utils/urls.py,sha256=O5f4VeKJ9cWt_CKqqKmiDTW48uOzo0UNb1QWPQ0n2TI,1798 +pip/_internal/utils/virtualenv.py,sha256=iRTK-sD6bWpHqXcZ0ECfdpFLWatMOHFUVCIRa0L6Gu0,3564 +pip/_internal/utils/wheel.py,sha256=DOIVZaXN7bMOAeMEqzIOZHGl4OFO-KGrEqBUB848DPo,6290 +pip/_internal/vcs/__init__.py,sha256=UAqvzpbi0VbZo3Ub6skEeZAw-ooIZR-zX_WpCbxyCoU,596 +pip/_internal/vcs/bazaar.py,sha256=Ay_vN-87vYSEzBqXT3RVwl40vlk56j3jy_AfQbMj4uo,2962 +pip/_internal/vcs/git.py,sha256=VDSzQlkh1390xw6PMh6fneJAZyc1s9qHZgum3wO3DOU,17347 +pip/_internal/vcs/mercurial.py,sha256=WwoTWZQdQN9FcUTINvIeb0Vt46UJ_lLdf2BAdea9Tic,5076 +pip/_internal/vcs/subversion.py,sha256=FRMYx7q-b6skWuv6IU7tJyC8Jm8PPblMnH7WN_ucXWU,11866 +pip/_internal/vcs/versioncontrol.py,sha256=jMKitwE4bQ45jOKKomBxgBypm2TcuDGWWdTUmPa-MUQ,23276 +pip/_internal/wheel_builder.py,sha256=hW63ZmABr65rOiSRBHXu1jBUdEZw5LZiw0LaQBbz0lI,11740 +pip/_vendor/__init__.py,sha256=eE_yoHELq6Kw--WqhAEcKkvHLKbmTR1-JX_Th1wcNZc,4703 +pip/_vendor/appdirs.py,sha256=M6IYRJtdZgmSPCXCSMBRB0VT3P8MdFbWCDbSLrB2Ebg,25907 +pip/_vendor/cachecontrol/__init__.py,sha256=pJtAaUxOsMPnytI1A3juAJkXYDr8krdSnsg4Yg3OBEg,302 +pip/_vendor/cachecontrol/_cmd.py,sha256=URGE0KrA87QekCG3SGPatlSPT571dZTDjNa-ZXX3pDc,1295 +pip/_vendor/cachecontrol/adapter.py,sha256=sSwaSYd93IIfCFU4tOMgSo6b2LCt_gBSaQUj8ktJFOA,4882 +pip/_vendor/cachecontrol/cache.py,sha256=1fc4wJP8HYt1ycnJXeEw5pCpeBL2Cqxx6g9Fb0AYDWQ,805 +pip/_vendor/cachecontrol/caches/__init__.py,sha256=-gHNKYvaeD0kOk5M74eOrsSgIKUtC6i6GfbmugGweEo,86 +pip/_vendor/cachecontrol/caches/file_cache.py,sha256=nYVKsJtXh6gJXvdn1iWyrhxvkwpQrK-eKoMRzuiwkKk,4153 +pip/_vendor/cachecontrol/caches/redis_cache.py,sha256=HxelMpNCo-dYr2fiJDwM3hhhRmxUYtB5tXm1GpAAT4Y,856 +pip/_vendor/cachecontrol/compat.py,sha256=kHNvMRdt6s_Xwqq_9qJmr9ou3wYMOMUMxPPcwNxT8Mc,695 +pip/_vendor/cachecontrol/controller.py,sha256=CWEX3pedIM9s60suf4zZPtm_JvVgnvogMGK_OiBG5F8,14149 +pip/_vendor/cachecontrol/filewrapper.py,sha256=vACKO8Llzu_ZWyjV1Fxn1MA4TGU60N5N3GSrAFdAY2Q,2533 +pip/_vendor/cachecontrol/heuristics.py,sha256=BFGHJ3yQcxvZizfo90LLZ04T_Z5XSCXvFotrp7Us0sc,4070 +pip/_vendor/cachecontrol/serialize.py,sha256=vIa4jvq4x_KSOLdEIedoknX2aXYHQujLDFV4-F21Dno,7091 +pip/_vendor/cachecontrol/wrapper.py,sha256=5LX0uJwkNQUtYSEw3aGmGu9WY8wGipd81mJ8lG0d0M4,690 +pip/_vendor/certifi/__init__.py,sha256=-b78tXibbl0qtgCzv9tc9v6ozwcNX915lT9Tf4a9lds,62 +pip/_vendor/certifi/__main__.py,sha256=1k3Cr95vCxxGRGDljrW3wMdpZdL3Nhf0u1n-k2qdsCY,255 +pip/_vendor/certifi/cacert.pem,sha256=3i-hfE2K5o3CBKG2tYt6ehJWk2fP64o6Th83fHPoPp4,259465 +pip/_vendor/certifi/core.py,sha256=gOFd0zHYlx4krrLEn982esOtmz3djiG0BFSDhgjlvcI,2840 +pip/_vendor/chardet/__init__.py,sha256=mWZaWmvZkhwfBEAT9O1Y6nRTfKzhT7FHhQTTAujbqUA,3271 +pip/_vendor/chardet/big5freq.py,sha256=D_zK5GyzoVsRes0HkLJziltFQX0bKCLOrFe9_xDvO_8,31254 +pip/_vendor/chardet/big5prober.py,sha256=kBxHbdetBpPe7xrlb-e990iot64g_eGSLd32lB7_h3M,1757 +pip/_vendor/chardet/chardistribution.py,sha256=3woWS62KrGooKyqz4zQSnjFbJpa6V7g02daAibTwcl8,9411 +pip/_vendor/chardet/charsetgroupprober.py,sha256=GZLReHP6FRRn43hvSOoGCxYamErKzyp6RgOQxVeC3kg,3839 +pip/_vendor/chardet/charsetprober.py,sha256=KSmwJErjypyj0bRZmC5F5eM7c8YQgLYIjZXintZNstg,5110 +pip/_vendor/chardet/cli/__init__.py,sha256=AbpHGcgLb-kRsJGnwFEktk7uzpZOCcBY74-YBdrKVGs,1 +pip/_vendor/chardet/cli/chardetect.py,sha256=XK5zqjUG2a4-y6eLHZ8ThYcp6WWUrdlmELxNypcc2SE,2747 +pip/_vendor/chardet/codingstatemachine.py,sha256=VYp_6cyyki5sHgXDSZnXW4q1oelHc3cu9AyQTX7uug8,3590 +pip/_vendor/chardet/compat.py,sha256=40zr6wICZwknxyuLGGcIOPyve8DTebBCbbvttvnmp5Q,1200 +pip/_vendor/chardet/cp949prober.py,sha256=TZ434QX8zzBsnUvL_8wm4AQVTZ2ZkqEEQL_lNw9f9ow,1855 +pip/_vendor/chardet/enums.py,sha256=Aimwdb9as1dJKZaFNUH2OhWIVBVd6ZkJJ_WK5sNY8cU,1661 +pip/_vendor/chardet/escprober.py,sha256=kkyqVg1Yw3DIOAMJ2bdlyQgUFQhuHAW8dUGskToNWSc,3950 +pip/_vendor/chardet/escsm.py,sha256=RuXlgNvTIDarndvllNCk5WZBIpdCxQ0kcd9EAuxUh84,10510 +pip/_vendor/chardet/eucjpprober.py,sha256=iD8Jdp0ISRjgjiVN7f0e8xGeQJ5GM2oeZ1dA8nbSeUw,3749 +pip/_vendor/chardet/euckrfreq.py,sha256=-7GdmvgWez4-eO4SuXpa7tBiDi5vRXQ8WvdFAzVaSfo,13546 +pip/_vendor/chardet/euckrprober.py,sha256=MqFMTQXxW4HbzIpZ9lKDHB3GN8SP4yiHenTmf8g_PxY,1748 +pip/_vendor/chardet/euctwfreq.py,sha256=No1WyduFOgB5VITUA7PLyC5oJRNzRyMbBxaKI1l16MA,31621 +pip/_vendor/chardet/euctwprober.py,sha256=13p6EP4yRaxqnP4iHtxHOJ6R2zxHq1_m8hTRjzVZ95c,1747 +pip/_vendor/chardet/gb2312freq.py,sha256=JX8lsweKLmnCwmk8UHEQsLgkr_rP_kEbvivC4qPOrlc,20715 +pip/_vendor/chardet/gb2312prober.py,sha256=gGvIWi9WhDjE-xQXHvNIyrnLvEbMAYgyUSZ65HUfylw,1754 +pip/_vendor/chardet/hebrewprober.py,sha256=c3SZ-K7hvyzGY6JRAZxJgwJ_sUS9k0WYkvMY00YBYFo,13838 +pip/_vendor/chardet/jisfreq.py,sha256=vpmJv2Bu0J8gnMVRPHMFefTRvo_ha1mryLig8CBwgOg,25777 +pip/_vendor/chardet/jpcntx.py,sha256=PYlNqRUQT8LM3cT5FmHGP0iiscFlTWED92MALvBungo,19643 +pip/_vendor/chardet/langbulgarianmodel.py,sha256=rk9CJpuxO0bObboJcv6gNgWuosYZmd8qEEds5y7DS_Y,105697 +pip/_vendor/chardet/langgreekmodel.py,sha256=S-uNQ1ihC75yhBvSux24gLFZv3QyctMwC6OxLJdX-bw,99571 +pip/_vendor/chardet/langhebrewmodel.py,sha256=DzPP6TPGG_-PV7tqspu_d8duueqm7uN-5eQ0aHUw1Gg,98776 +pip/_vendor/chardet/langhungarianmodel.py,sha256=RtJH7DZdsmaHqyK46Kkmnk5wQHiJwJPPJSqqIlpeZRc,102498 +pip/_vendor/chardet/langrussianmodel.py,sha256=THqJOhSxiTQcHboDNSc5yofc2koXXQFHFyjtyuntUfM,131180 +pip/_vendor/chardet/langthaimodel.py,sha256=R1wXHnUMtejpw0JnH_JO8XdYasME6wjVqp1zP7TKLgg,103312 +pip/_vendor/chardet/langturkishmodel.py,sha256=rfwanTptTwSycE4-P-QasPmzd-XVYgevytzjlEzBBu8,95946 +pip/_vendor/chardet/latin1prober.py,sha256=S2IoORhFk39FEFOlSFWtgVybRiP6h7BlLldHVclNkU8,5370 +pip/_vendor/chardet/mbcharsetprober.py,sha256=AR95eFH9vuqSfvLQZN-L5ijea25NOBCoXqw8s5O9xLQ,3413 +pip/_vendor/chardet/mbcsgroupprober.py,sha256=h6TRnnYq2OxG1WdD5JOyxcdVpn7dG0q-vB8nWr5mbh4,2012 +pip/_vendor/chardet/mbcssm.py,sha256=SY32wVIF3HzcjY3BaEspy9metbNSKxIIB0RKPn7tjpI,25481 +pip/_vendor/chardet/metadata/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +pip/_vendor/chardet/metadata/languages.py,sha256=41tLq3eLSrBEbEVVQpVGFq9K7o1ln9b1HpY1l0hCUQo,19474 +pip/_vendor/chardet/sbcharsetprober.py,sha256=nmyMyuxzG87DN6K3Rk2MUzJLMLR69MrWpdnHzOwVUwQ,6136 +pip/_vendor/chardet/sbcsgroupprober.py,sha256=hqefQuXmiFyDBArOjujH6hd6WFXlOD1kWCsxDhjx5Vc,4309 +pip/_vendor/chardet/sjisprober.py,sha256=IIt-lZj0WJqK4rmUZzKZP4GJlE8KUEtFYVuY96ek5MQ,3774 +pip/_vendor/chardet/universaldetector.py,sha256=DpZTXCX0nUHXxkQ9sr4GZxGB_hveZ6hWt3uM94cgWKs,12503 +pip/_vendor/chardet/utf8prober.py,sha256=IdD8v3zWOsB8OLiyPi-y_fqwipRFxV9Nc1eKBLSuIEw,2766 +pip/_vendor/chardet/version.py,sha256=A4CILFAd8MRVG1HoXPp45iK9RLlWyV73a1EtwE8Tvn8,242 +pip/_vendor/colorama/__init__.py,sha256=pCdErryzLSzDW5P-rRPBlPLqbBtIRNJB6cMgoeJns5k,239 +pip/_vendor/colorama/ansi.py,sha256=Top4EeEuaQdBWdteKMEcGOTeKeF19Q-Wo_6_Cj5kOzQ,2522 +pip/_vendor/colorama/ansitowin32.py,sha256=yV7CEmCb19MjnJKODZEEvMH_fnbJhwnpzo4sxZuGXmA,10517 +pip/_vendor/colorama/initialise.py,sha256=PprovDNxMTrvoNHFcL2NZjpH2XzDc8BLxLxiErfUl4k,1915 +pip/_vendor/colorama/win32.py,sha256=bJ8Il9jwaBN5BJ8bmN6FoYZ1QYuMKv2j8fGrXh7TJjw,5404 +pip/_vendor/colorama/winterm.py,sha256=2y_2b7Zsv34feAsP67mLOVc-Bgq51mdYGo571VprlrM,6438 +pip/_vendor/distlib/__init__.py,sha256=bHNWOvZsLE4ES9S4FEA8CyP-rDYzatVgp9GHbpTnb2I,581 +pip/_vendor/distlib/_backport/__init__.py,sha256=bqS_dTOH6uW9iGgd0uzfpPjo6vZ4xpPZ7kyfZJ2vNaw,274 +pip/_vendor/distlib/_backport/misc.py,sha256=KWecINdbFNOxSOP1fGF680CJnaC6S4fBRgEtaYTw0ig,971 +pip/_vendor/distlib/_backport/shutil.py,sha256=IX_G2NPqwecJibkIDje04bqu0xpHkfSQ2GaGdEVqM5Y,25707 +pip/_vendor/distlib/_backport/sysconfig.cfg,sha256=swZKxq9RY5e9r3PXCrlvQPMsvOdiWZBTHLEbqS8LJLU,2617 +pip/_vendor/distlib/_backport/sysconfig.py,sha256=BQHFlb6pubCl_dvT1NjtzIthylofjKisox239stDg0U,26854 +pip/_vendor/distlib/_backport/tarfile.py,sha256=Ihp7rXRcjbIKw8COm9wSePV9ARGXbSF9gGXAMn2Q-KU,92628 +pip/_vendor/distlib/compat.py,sha256=ADA56xiAxar3mU6qemlBhNbsrFPosXRhO44RzsbJPqk,41408 +pip/_vendor/distlib/database.py,sha256=Kl0YvPQKc4OcpVi7k5cFziydM1xOK8iqdxLGXgbZHV4,51059 +pip/_vendor/distlib/index.py,sha256=UfcimNW19AB7IKWam4VaJbXuCBvArKfSxhV16EwavzE,20739 +pip/_vendor/distlib/locators.py,sha256=AKlB3oZvfOTg4E0CtfwOzujFL19X5V4XUA4eHdKOu44,51965 +pip/_vendor/distlib/manifest.py,sha256=nQEhYmgoreaBZzyFzwYsXxJARu3fo4EkunU163U16iE,14811 +pip/_vendor/distlib/markers.py,sha256=OunMSH1SIbvLLt4z2VEERCll4WNlz2tDrg1mSXCNUj4,4344 +pip/_vendor/distlib/metadata.py,sha256=vatoxFdmBr6ie-sTVXVNPOPG3uwMDWJTnEECnm7xDCw,39109 +pip/_vendor/distlib/resources.py,sha256=LwbPksc0A1JMbi6XnuPdMBUn83X7BPuFNWqPGEKI698,10820 +pip/_vendor/distlib/scripts.py,sha256=YD5_kioPD-qybYwQ4Gxyu-FR4ffxczy2gdBuU4II9qA,17248 +pip/_vendor/distlib/t32.exe,sha256=NS3xBCVAld35JVFNmb-1QRyVtThukMrwZVeXn4LhaEQ,96768 +pip/_vendor/distlib/t64.exe,sha256=oAqHes78rUWVM0OtVqIhUvequl_PKhAhXYQWnUf7zR0,105984 +pip/_vendor/distlib/util.py,sha256=eIKKJ5Mp4unHMOVzixRIRxGq4ty5-h_PoFmZ_lpvkkM,67558 +pip/_vendor/distlib/version.py,sha256=_geOv-cHoV-G8dQzKI8g6z8F0XeFeUqdJ_1G1K6iyrQ,23508 +pip/_vendor/distlib/w32.exe,sha256=lJtnZdeUxTZWya_EW5DZos_K5rswRECGspIl8ZJCIXs,90112 +pip/_vendor/distlib/w64.exe,sha256=0aRzoN2BO9NWW4ENy4_4vHkHR4qZTFZNVSAJJYlODTI,99840 +pip/_vendor/distlib/wheel.py,sha256=W6aQQo2Si0CzWiCaqlS-Nu8CoHnDbmcGMqRxCHJmg_Q,43062 +pip/_vendor/distro.py,sha256=xxMIh2a3KmippeWEHzynTdHT3_jZM0o-pos0dAWJROM,43628 +pip/_vendor/html5lib/__init__.py,sha256=BYzcKCqeEii52xDrqBFruhnmtmkiuHXFyFh-cglQ8mk,1160 +pip/_vendor/html5lib/_ihatexml.py,sha256=ifOwF7pXqmyThIXc3boWc96s4MDezqRrRVp7FwDYUFs,16728 +pip/_vendor/html5lib/_inputstream.py,sha256=jErNASMlkgs7MpOM9Ve_VdLDJyFFweAjLuhVutZz33U,32353 +pip/_vendor/html5lib/_tokenizer.py,sha256=04mgA2sNTniutl2fxFv-ei5bns4iRaPxVXXHh_HrV_4,77040 +pip/_vendor/html5lib/_trie/__init__.py,sha256=nqfgO910329BEVJ5T4psVwQtjd2iJyEXQ2-X8c1YxwU,109 +pip/_vendor/html5lib/_trie/_base.py,sha256=CaybYyMro8uERQYjby2tTeSUatnWDfWroUN9N7ety5w,1013 +pip/_vendor/html5lib/_trie/py.py,sha256=wXmQLrZRf4MyWNyg0m3h81m9InhLR7GJ002mIIZh-8o,1775 +pip/_vendor/html5lib/_utils.py,sha256=Dx9AKntksRjFT1veBj7I362pf5OgIaT0zglwq43RnfU,4931 +pip/_vendor/html5lib/constants.py,sha256=Ll-yzLU_jcjyAI_h57zkqZ7aQWE5t5xA4y_jQgoUUhw,83464 +pip/_vendor/html5lib/filters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +pip/_vendor/html5lib/filters/alphabeticalattributes.py,sha256=lViZc2JMCclXi_5gduvmdzrRxtO5Xo9ONnbHBVCsykU,919 +pip/_vendor/html5lib/filters/base.py,sha256=z-IU9ZAYjpsVsqmVt7kuWC63jR11hDMr6CVrvuao8W0,286 +pip/_vendor/html5lib/filters/inject_meta_charset.py,sha256=egDXUEHXmAG9504xz0K6ALDgYkvUrC2q15YUVeNlVQg,2945 +pip/_vendor/html5lib/filters/lint.py,sha256=jk6q56xY0ojiYfvpdP-OZSm9eTqcAdRqhCoPItemPYA,3643 +pip/_vendor/html5lib/filters/optionaltags.py,sha256=8lWT75J0aBOHmPgfmqTHSfPpPMp01T84NKu0CRedxcE,10588 +pip/_vendor/html5lib/filters/sanitizer.py,sha256=m6oGmkBhkGAnn2nV6D4hE78SCZ6WEnK9rKdZB3uXBIc,26897 +pip/_vendor/html5lib/filters/whitespace.py,sha256=8eWqZxd4UC4zlFGW6iyY6f-2uuT8pOCSALc3IZt7_t4,1214 +pip/_vendor/html5lib/html5parser.py,sha256=anr-aXre_ImfrkQ35c_rftKXxC80vJCREKe06Tq15HA,117186 +pip/_vendor/html5lib/serializer.py,sha256=_PpvcZF07cwE7xr9uKkZqh5f4UEaI8ltCU2xPJzaTpk,15759 +pip/_vendor/html5lib/treeadapters/__init__.py,sha256=A0rY5gXIe4bJOiSGRO_j_tFhngRBO8QZPzPtPw5dFzo,679 +pip/_vendor/html5lib/treeadapters/genshi.py,sha256=CH27pAsDKmu4ZGkAUrwty7u0KauGLCZRLPMzaO3M5vo,1715 +pip/_vendor/html5lib/treeadapters/sax.py,sha256=BKS8woQTnKiqeffHsxChUqL4q2ZR_wb5fc9MJ3zQC8s,1776 +pip/_vendor/html5lib/treebuilders/__init__.py,sha256=AysSJyvPfikCMMsTVvaxwkgDieELD5dfR8FJIAuq7hY,3592 +pip/_vendor/html5lib/treebuilders/base.py,sha256=z-o51vt9r_l2IDG5IioTOKGzZne4Fy3_Fc-7ztrOh4I,14565 +pip/_vendor/html5lib/treebuilders/dom.py,sha256=22whb0C71zXIsai5mamg6qzBEiigcBIvaDy4Asw3at0,8925 +pip/_vendor/html5lib/treebuilders/etree.py,sha256=w5ZFpKk6bAxnrwD2_BrF5EVC7vzz0L3LMi9Sxrbc_8w,12836 +pip/_vendor/html5lib/treebuilders/etree_lxml.py,sha256=9gqDjs-IxsPhBYa5cpvv2FZ1KZlG83Giusy2lFmvIkE,14766 +pip/_vendor/html5lib/treewalkers/__init__.py,sha256=OBPtc1TU5mGyy18QDMxKEyYEz0wxFUUNj5v0-XgmYhY,5719 +pip/_vendor/html5lib/treewalkers/base.py,sha256=ouiOsuSzvI0KgzdWP8PlxIaSNs9falhbiinAEc_UIJY,7476 +pip/_vendor/html5lib/treewalkers/dom.py,sha256=EHyFR8D8lYNnyDU9lx_IKigVJRyecUGua0mOi7HBukc,1413 +pip/_vendor/html5lib/treewalkers/etree.py,sha256=xo1L5m9VtkfpFJK0pFmkLVajhqYYVisVZn3k9kYpPkI,4551 +pip/_vendor/html5lib/treewalkers/etree_lxml.py,sha256=_b0LAVWLcVu9WaU_-w3D8f0IRSpCbjf667V-3NRdhTw,6357 +pip/_vendor/html5lib/treewalkers/genshi.py,sha256=4D2PECZ5n3ZN3qu3jMl9yY7B81jnQApBQSVlfaIuYbA,2309 +pip/_vendor/idna/__init__.py,sha256=KJQN1eQBr8iIK5SKrJ47lXvxG0BJ7Lm38W4zT0v_8lk,849 +pip/_vendor/idna/codec.py,sha256=QsPFD3Je8gN17rfs14e7zTGRWlnL7bNf2ZqcHTRVYHs,3453 +pip/_vendor/idna/compat.py,sha256=5A9xR04puRHCsyjBNewZlVSiarth7K1bZqyEOeob1fA,360 +pip/_vendor/idna/core.py,sha256=icq2P13S6JMjoXgKhhd6ihhby7QsnZlNfniH6fLyf6U,12826 +pip/_vendor/idna/idnadata.py,sha256=cl4x9RLdw1ZMtEEbvKwAsX-Id3AdIjO5U3HaoKM6VGs,42350 +pip/_vendor/idna/intranges.py,sha256=EqgXwyATAn-CTACInqH9tYsYAitGB2VcQ50RZt_Cpjs,1933 +pip/_vendor/idna/package_data.py,sha256=_028B4fvadRIaXMwMYjhuQPP3AxTIt1IRE7X6RDR4Mk,21 +pip/_vendor/idna/uts46data.py,sha256=DGzwDQv8JijY17I_7ondo3stjFjNnjvVAbA-z0k1XOE,201849 +pip/_vendor/msgpack/__init__.py,sha256=2gJwcsTIaAtCM0GMi2rU-_Y6kILeeQuqRkrQ22jSANc,1118 +pip/_vendor/msgpack/_version.py,sha256=dFR03oACnj4lsKd1RnwD7BPMiVI_FMygdOL1TOBEw_U,20 +pip/_vendor/msgpack/exceptions.py,sha256=dCTWei8dpkrMsQDcjQk74ATl9HsIBH0ybt8zOPNqMYc,1081 +pip/_vendor/msgpack/ext.py,sha256=4l356Y4sVEcvCla2dh_cL57vh4GMhZfa3kuWHFHYz6A,6088 +pip/_vendor/msgpack/fallback.py,sha256=Rpv1Ldey8f8ueRnQznD4ARKBn9dxM2PywVNkXI8IEeE,38026 +pip/_vendor/packaging/__about__.py,sha256=p_OQloqH2saadcbUQmWEsWK857dI6_ff5E3aSiCqGFA,661 +pip/_vendor/packaging/__init__.py,sha256=b9Kk5MF7KxhhLgcDmiUWukN-LatWFxPdNug0joPhHSk,497 +pip/_vendor/packaging/_manylinux.py,sha256=XcbiXB-qcjv3bcohp6N98TMpOP4_j3m-iOA8ptK2GWY,11488 +pip/_vendor/packaging/_musllinux.py,sha256=z5yeG1ygOPx4uUyLdqj-p8Dk5UBb5H_b0NIjW9yo8oA,4378 +pip/_vendor/packaging/_structures.py,sha256=TMiAgFbdUOPmIfDIfiHc3KFhSJ8kMjof2QS5I-2NyQ8,1629 +pip/_vendor/packaging/markers.py,sha256=AJBOcY8Oq0kYc570KuuPTkvuqjAlhufaE2c9sCUbm64,8487 +pip/_vendor/packaging/requirements.py,sha256=NtDlPBtojpn1IUC85iMjPNsUmufjpSlwnNA-Xb4m5NA,4676 +pip/_vendor/packaging/specifiers.py,sha256=MZ-fYcNL3u7pNrt-6g2EQO7AbRXkjc-SPEYwXMQbLmc,30964 +pip/_vendor/packaging/tags.py,sha256=akIerYw8W0sz4OW9HHozgawWnbt2GGOPm3sviW0jowY,15714 +pip/_vendor/packaging/utils.py,sha256=dJjeat3BS-TYn1RrUFVwufUMasbtzLfYRoy_HXENeFQ,4200 +pip/_vendor/packaging/version.py,sha256=_fLRNrFrxYcHVfyo8vk9j8s6JM8N_xsSxVFr6RJyco8,14665 +pip/_vendor/pep517/__init__.py,sha256=qDgVbDWpBYpTvtxA2tilifXlxwzOzRqIodLZdbyahyQ,130 +pip/_vendor/pep517/build.py,sha256=MqN_W6o5a9oauTC0u6W5cILGFjf9x2BV9BdMLeY60hc,3469 +pip/_vendor/pep517/check.py,sha256=AYG2yvpzmtsL810c75Z5-nhaXa7SxgK8APyw-_x53Ok,6096 +pip/_vendor/pep517/colorlog.py,sha256=Tk9AuYm_cLF3BKTBoSTJt9bRryn0aFojIQOwbfVUTxQ,4098 +pip/_vendor/pep517/compat.py,sha256=fw2Py6lqLwJLfp6MKmXvt1m4sbbgoU1D-_gcScvz8OU,1071 +pip/_vendor/pep517/dirtools.py,sha256=2mkAkAL0mRz_elYFjRKuekTJVipH1zTn4tbf1EDev84,1129 +pip/_vendor/pep517/envbuild.py,sha256=LcST0MASmcQNLOFqDPxDoS1kjkglx8F6eEhoBJ-DWkg,6112 +pip/_vendor/pep517/in_process/__init__.py,sha256=MyWoAi8JHdcBv7yXuWpUSVADbx6LSB9rZh7kTIgdA8Y,563 +pip/_vendor/pep517/in_process/_in_process.py,sha256=YJJf-qaL7BBVdgCHuMhTpx-LtwG1EIGVfly4rtusdiI,10833 +pip/_vendor/pep517/meta.py,sha256=8mnM5lDnT4zXQpBTliJbRGfesH7iioHwozbDxALPS9Y,2463 +pip/_vendor/pep517/wrappers.py,sha256=qCWfEUnbE5387PyQl7cT8xv4dDca4uNgro_0bnAO4Rk,13258 +pip/_vendor/pkg_resources/__init__.py,sha256=XpGBfvS9fafA6bm5rx7vnxdxs7yqyoc_NnpzKApkJ64,108277 +pip/_vendor/pkg_resources/py31compat.py,sha256=CRk8fkiPRDLsbi5pZcKsHI__Pbmh_94L8mr9Qy9Ab2U,562 +pip/_vendor/progress/__init__.py,sha256=fcbQQXo5np2CoQyhSH5XprkicwLZNLePR3uIahznSO0,4857 +pip/_vendor/progress/bar.py,sha256=QuDuVNcmXgpxtNtxO0Fq72xKigxABaVmxYGBw4J3Z_E,2854 +pip/_vendor/progress/counter.py,sha256=MznyBrvPWrOlGe4MZAlGUb9q3aODe6_aNYeAE_VNoYA,1372 +pip/_vendor/progress/spinner.py,sha256=k8JbDW94T0-WXuXfxZIFhdoNPYp3jfnpXqBnfRv5fGs,1380 +pip/_vendor/pyparsing.py,sha256=J1b4z3S_KwyJW7hKGnoN-hXW9pgMIzIP6QThyY5yJq4,273394 +pip/_vendor/requests/__init__.py,sha256=g4Bh1QYh6JKjMS4YLobx0uOLq-41sINaXjvbhX2VI8g,5113 +pip/_vendor/requests/__version__.py,sha256=PZEyPTSIN_jRIAIB51wV7pw81m3qAw0InSR7OrKZUnE,441 +pip/_vendor/requests/_internal_utils.py,sha256=Zx3PnEUccyfsB-ie11nZVAW8qClJy0gx1qNME7rgT18,1096 +pip/_vendor/requests/adapters.py,sha256=e-bmKEApNVqFdylxuMJJfiaHdlmS_zhWhIMEzlHvGuc,21548 +pip/_vendor/requests/api.py,sha256=hjuoP79IAEmX6Dysrw8t032cLfwLHxbI_wM4gC5G9t0,6402 +pip/_vendor/requests/auth.py,sha256=OMoJIVKyRLy9THr91y8rxysZuclwPB-K1Xg1zBomUhQ,10207 +pip/_vendor/requests/certs.py,sha256=nXRVq9DtGmv_1AYbwjTu9UrgAcdJv05ZvkNeaoLOZxY,465 +pip/_vendor/requests/compat.py,sha256=LQWuCR4qXk6w7-qQopXyz0WNHUdAD40k0mKnaAEf1-g,2045 +pip/_vendor/requests/cookies.py,sha256=Y-bKX6TvW3FnYlE6Au0SXtVVWcaNdFvuAwQxw-G0iTI,18430 +pip/_vendor/requests/exceptions.py,sha256=dwIi512RCDqXJ2T81nLC88mqPNhUFnOI_CgKKDXhTO8,3250 +pip/_vendor/requests/help.py,sha256=dyhe3lcmHXnFCzDiZVjcGmVvvO_jtsfAm-AC542ndw8,3972 +pip/_vendor/requests/hooks.py,sha256=QReGyy0bRcr5rkwCuObNakbYsc7EkiKeBwG4qHekr2Q,757 +pip/_vendor/requests/models.py,sha256=9_LS_t1t6HbbaWFE3ZkxGmmHN2V8BgxziiOU84rrQ50,34924 +pip/_vendor/requests/packages.py,sha256=njJmVifY4aSctuW3PP5EFRCxjEwMRDO6J_feG2dKWsI,695 +pip/_vendor/requests/sessions.py,sha256=57O4ud9yRL6eLYh-dtFbqC1kO4d_EwZcCgYXEkujlfs,30168 +pip/_vendor/requests/status_codes.py,sha256=gT79Pbs_cQjBgp-fvrUgg1dn2DQO32bDj4TInjnMPSc,4188 +pip/_vendor/requests/structures.py,sha256=msAtr9mq1JxHd-JRyiILfdFlpbJwvvFuP3rfUQT_QxE,3005 +pip/_vendor/requests/utils.py,sha256=U_-i6WxLw-67KEij43xHbcvL0DdeQ5Jbd4hfifWJzQY,31394 +pip/_vendor/resolvelib/__init__.py,sha256=uoW0dgWCDwApX59mRffoPISkZGGk_UZ1It_PY4o_PaE,537 +pip/_vendor/resolvelib/compat/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +pip/_vendor/resolvelib/compat/collections_abc.py,sha256=uy8xUZ-NDEw916tugUXm8HgwCGiMO0f-RcdnpkfXfOs,156 +pip/_vendor/resolvelib/providers.py,sha256=bfzFDZd7UqkkAS7lUM_HeYbA-HzjKfDlle_pn_79vio,5638 +pip/_vendor/resolvelib/reporters.py,sha256=hQvvXuuEBOyEWO8KDfLsWKVjX55UFMAUwO0YZMNpzAw,1364 +pip/_vendor/resolvelib/resolvers.py,sha256=wT83PHiBWRCklL-nLJ1-8sk2B3yBI06Rse1H11crOsI,17225 +pip/_vendor/resolvelib/structs.py,sha256=IVIYof6sA_N4ZEiE1C1UhzTX495brCNnyCdgq6CYq28,4794 +pip/_vendor/six.py,sha256=TOOfQi7nFGfMrIvtdr6wX4wyHH8M7aknmuLfo2cBBrM,34549 +pip/_vendor/tenacity/__init__.py,sha256=GLLsTFD4Bd5VDgTR6mU_FxyOsrxc48qONorVaRebeD4,18257 +pip/_vendor/tenacity/_asyncio.py,sha256=HEb0BVJEeBJE9P-m9XBxh1KcaF96BwoeqkJCL5sbVcQ,3314 +pip/_vendor/tenacity/_utils.py,sha256=-y68scDcyoqvTJuJJ0GTfjdSCljEYlbCYvgk7nM4NdM,1944 +pip/_vendor/tenacity/after.py,sha256=dlmyxxFy2uqpLXDr838DiEd7jgv2AGthsWHGYcGYsaI,1496 +pip/_vendor/tenacity/before.py,sha256=7XtvRmO0dRWUp8SVn24OvIiGFj8-4OP5muQRUiWgLh0,1376 +pip/_vendor/tenacity/before_sleep.py,sha256=ThyDvqKU5yle_IvYQz_b6Tp6UjUS0PhVp6zgqYl9U6Y,1908 +pip/_vendor/tenacity/nap.py,sha256=fRWvnz1aIzbIq9Ap3gAkAZgDH6oo5zxMrU6ZOVByq0I,1383 +pip/_vendor/tenacity/retry.py,sha256=62R71W59bQjuNyFKsDM7hE2aEkEPtwNBRA0tnsEvgSk,6645 +pip/_vendor/tenacity/stop.py,sha256=sKHmHaoSaW6sKu3dTxUVKr1-stVkY7lw4Y9yjZU30zQ,2790 +pip/_vendor/tenacity/tornadoweb.py,sha256=E8lWO2nwe6dJgoB-N2HhQprYLDLB_UdSgFnv-EN6wKE,2145 +pip/_vendor/tenacity/wait.py,sha256=e_Saa6I2tsNLpCL1t9897wN2fGb0XQMQlE4bU2t9V2w,6691 +pip/_vendor/tomli/__init__.py,sha256=z1Elt0nLAqU5Y0DOn9p__8QnLWavlEOpRyQikdYgKro,230 +pip/_vendor/tomli/_parser.py,sha256=50BD4o9YbzFAGAYyZLqZC8F81DQ7iWWyJnrHNwBKa6A,22415 +pip/_vendor/tomli/_re.py,sha256=5GPfgXKteg7wRFCF-DzlkAPI2ilHbkMK2-JC49F-AJQ,2681 +pip/_vendor/urllib3/__init__.py,sha256=j3yzHIbmW7CS-IKQJ9-PPQf_YKO8EOAey_rMW0UR7us,2763 +pip/_vendor/urllib3/_collections.py,sha256=Rp1mVyBgc_UlAcp6M3at1skJBXR5J43NawRTvW2g_XY,10811 +pip/_vendor/urllib3/_version.py,sha256=6fJAIPnJkT0m9wzVjHrFcq5wYt65dStDpaRcjj5ugoo,63 +pip/_vendor/urllib3/connection.py,sha256=kAlubwsW33FUSUroPSVHMF_Zzv-uzX_BwUFMXX9Pt8c,18754 +pip/_vendor/urllib3/connectionpool.py,sha256=jXNmm4y3LJWYgteNeGcYJx8-0k7bzKRU__AVTXzaIak,37131 +pip/_vendor/urllib3/contrib/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +pip/_vendor/urllib3/contrib/_appengine_environ.py,sha256=bDbyOEhW2CKLJcQqAKAyrEHN-aklsyHFKq6vF8ZFsmk,957 +pip/_vendor/urllib3/contrib/_securetransport/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +pip/_vendor/urllib3/contrib/_securetransport/bindings.py,sha256=eRy1Mj-wpg7sR6-OSvnSV4jUbjMT464dLN_CWxbIRVw,17649 +pip/_vendor/urllib3/contrib/_securetransport/low_level.py,sha256=lgIdsSycqfB0Xm5BiJzXGeIKT7ybCQMFPJAgkcwPa1s,13908 +pip/_vendor/urllib3/contrib/appengine.py,sha256=lfzpHFmJiO82shClLEm3QB62SYgHWnjpZOH_2JhU5Tc,11034 +pip/_vendor/urllib3/contrib/ntlmpool.py,sha256=ej9gGvfAb2Gt00lafFp45SIoRz-QwrQ4WChm6gQmAlM,4538 +pip/_vendor/urllib3/contrib/pyopenssl.py,sha256=lYIxGFWTosqbfLnkZXOBg7igY71iRvM3NUOaD0stUQ8,16891 +pip/_vendor/urllib3/contrib/securetransport.py,sha256=TN5q9dKZ0Sd5_vW9baRzEAEItdJ-4VlHWmAUrlcJNfo,34434 +pip/_vendor/urllib3/contrib/socks.py,sha256=aRi9eWXo9ZEb95XUxef4Z21CFlnnjbEiAo9HOseoMt4,7097 +pip/_vendor/urllib3/exceptions.py,sha256=0Mnno3KHTNfXRfY7638NufOPkUb6mXOm-Lqj-4x2w8A,8217 +pip/_vendor/urllib3/fields.py,sha256=kvLDCg_JmH1lLjUUEY_FLS8UhY7hBvDPuVETbY8mdrM,8579 +pip/_vendor/urllib3/filepost.py,sha256=5b_qqgRHVlL7uLtdAYBzBh-GHmU5AfJVt_2N0XS3PeY,2440 +pip/_vendor/urllib3/packages/__init__.py,sha256=h4BLhD4tLaBx1adaDtKXfupsgqY0wWLXb_f1_yVlV6A,108 +pip/_vendor/urllib3/packages/backports/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +pip/_vendor/urllib3/packages/backports/makefile.py,sha256=nbzt3i0agPVP07jqqgjhaYjMmuAi_W5E0EywZivVO8E,1417 +pip/_vendor/urllib3/packages/six.py,sha256=1LVW7ljqRirFlfExjwl-v1B7vSAUNTmzGMs-qays2zg,34666 +pip/_vendor/urllib3/packages/ssl_match_hostname/__init__.py,sha256=ZVMwCkHx-py8ERsxxM3Il-MiREZktV-8iLBmCfRRHI4,927 +pip/_vendor/urllib3/packages/ssl_match_hostname/_implementation.py,sha256=6dZ-q074g7XhsJ27MFCgkct8iVNZB3sMZvKhf-KUVy0,5679 +pip/_vendor/urllib3/poolmanager.py,sha256=whzlX6UTEgODMOCy0ZDMUONRBCz5wyIM8Z9opXAY-Lk,19763 +pip/_vendor/urllib3/request.py,sha256=ZFSIqX0C6WizixecChZ3_okyu7BEv0lZu1VT0s6h4SM,5985 +pip/_vendor/urllib3/response.py,sha256=hGhGBh7TkEkh_IQg5C1W_xuPNrgIKv5BUXPyE-q0LuE,28203 +pip/_vendor/urllib3/util/__init__.py,sha256=JEmSmmqqLyaw8P51gUImZh8Gwg9i1zSe-DoqAitn2nc,1155 +pip/_vendor/urllib3/util/connection.py,sha256=KykjNIXzUZEzeKEOpl5xvKs6IsESXP9o9eTrjE0W_Ys,4920 +pip/_vendor/urllib3/util/proxy.py,sha256=FGipAEnvZteyldXNjce4DEB7YzwU-a5lep8y5S0qHQg,1604 +pip/_vendor/urllib3/util/queue.py,sha256=nRgX8_eX-_VkvxoX096QWoz8Ps0QHUAExILCY_7PncM,498 +pip/_vendor/urllib3/util/request.py,sha256=NnzaEKQ1Pauw5MFMV6HmgEMHITf0Aua9fQuzi2uZzGc,4123 +pip/_vendor/urllib3/util/response.py,sha256=GJpg3Egi9qaJXRwBh5wv-MNuRWan5BIu40oReoxWP28,3510 +pip/_vendor/urllib3/util/retry.py,sha256=tOWfZpLsuc7Vbk5nWpMwkHdMoXCp90IAvH4xtjSDRqQ,21391 +pip/_vendor/urllib3/util/ssl_.py,sha256=X4-AqW91aYPhPx6-xbf66yHFQKbqqfC_5Zt4WkLX1Hc,17177 +pip/_vendor/urllib3/util/ssltransport.py,sha256=F_UncOXGcc-MgeWFTA1H4QCt_RRNQXRbF6onje3SyHY,6931 +pip/_vendor/urllib3/util/timeout.py,sha256=QSbBUNOB9yh6AnDn61SrLQ0hg5oz0I9-uXEG91AJuIg,10003 +pip/_vendor/urllib3/util/url.py,sha256=QVEzcbHipbXyCWwH6R4K4TR-N8T4LM55WEMwNUTBmLE,14047 +pip/_vendor/urllib3/util/wait.py,sha256=3MUKRSAUJDB2tgco7qRUskW0zXGAWYvRRE4Q1_6xlLs,5404 +pip/_vendor/vendor.txt,sha256=GuFhR0DHZazrSYZyoY7j3X3T_mGJh-ky2opcZ-A7ezo,364 +pip/_vendor/webencodings/__init__.py,sha256=qOBJIuPy_4ByYH6W_bNgJF-qYQ2DoU-dKsDu5yRWCXg,10579 +pip/_vendor/webencodings/labels.py,sha256=4AO_KxTddqGtrL9ns7kAPjb0CcN6xsCIxbK37HY9r3E,8979 +pip/_vendor/webencodings/mklabels.py,sha256=GYIeywnpaLnP0GSic8LFWgd0UVvO_l1Nc6YoF-87R_4,1305 +pip/_vendor/webencodings/tests.py,sha256=OtGLyjhNY1fvkW1GvLJ_FV9ZoqC9Anyjr7q3kxTbzNs,6563 +pip/_vendor/webencodings/x_user_defined.py,sha256=yOqWSdmpytGfUgh_Z6JYgDNhoc-BAHyyeeT15Fr42tM,4307 +pip/py.typed,sha256=EBVvvPRTn_eIpz5e5QztSCdrMX7Qwd7VP93RSoIlZ2I,286 diff --git a/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/REQUESTED b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/REQUESTED new file mode 100644 index 000000000..e69de29bb diff --git a/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/WHEEL b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/WHEEL new file mode 100644 index 000000000..385faab05 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/WHEEL @@ -0,0 +1,5 @@ +Wheel-Version: 1.0 +Generator: bdist_wheel (0.36.2) +Root-Is-Purelib: true +Tag: py3-none-any + diff --git a/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/entry_points.txt b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/entry_points.txt new file mode 100644 index 000000000..9609f72c5 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/entry_points.txt @@ -0,0 +1,5 @@ +[console_scripts] +pip = pip._internal.cli.main:main +pip3 = pip._internal.cli.main:main +pip3.9 = pip._internal.cli.main:main + diff --git a/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/top_level.txt b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/top_level.txt new file mode 100644 index 000000000..a1b589e38 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip-21.2.4.dist-info/top_level.txt @@ -0,0 +1 @@ +pip diff --git a/queries/venv/lib/python3.9/site-packages/pip/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/__init__.py new file mode 100644 index 000000000..d6b05fefd --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/__init__.py @@ -0,0 +1,13 @@ +from typing import List, Optional + +__version__ = "21.2.4" + + +def main(args: Optional[List[str]] = None) -> int: + """This is an internal API only meant for use by pip's own console scripts. + + For additional details, see https://github.com/pypa/pip/issues/7498. + """ + from pip._internal.utils.entrypoints import _wrapper + + return _wrapper(args) diff --git a/queries/venv/lib/python3.9/site-packages/pip/__main__.py b/queries/venv/lib/python3.9/site-packages/pip/__main__.py new file mode 100644 index 000000000..fe34a7b77 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/__main__.py @@ -0,0 +1,31 @@ +import os +import sys +import warnings + +# Remove '' and current working directory from the first entry +# of sys.path, if present to avoid using current directory +# in pip commands check, freeze, install, list and show, +# when invoked as python -m pip +if sys.path[0] in ("", os.getcwd()): + sys.path.pop(0) + +# If we are running from a wheel, add the wheel to sys.path +# This allows the usage python pip-*.whl/pip install pip-*.whl +if __package__ == "": + # __file__ is pip-*.whl/pip/__main__.py + # first dirname call strips of '/__main__.py', second strips off '/pip' + # Resulting path is the name of the wheel itself + # Add that to sys.path so we can import pip + path = os.path.dirname(os.path.dirname(__file__)) + sys.path.insert(0, path) + +if __name__ == "__main__": + # Work around the error reported in #9540, pending a proper fix. + # Note: It is essential the warning filter is set *before* importing + # pip, as the deprecation happens at import time, not runtime. + warnings.filterwarnings( + "ignore", category=DeprecationWarning, module=".*packaging\\.version" + ) + from pip._internal.cli.main import main as _main + + sys.exit(_main()) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/__init__.py new file mode 100644 index 000000000..6afb5c627 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/__init__.py @@ -0,0 +1,19 @@ +from typing import List, Optional + +import pip._internal.utils.inject_securetransport # noqa +from pip._internal.utils import _log + +# init_logging() must be called before any call to logging.getLogger() +# which happens at import of most modules. +_log.init_logging() + + +def main(args: (Optional[List[str]]) = None) -> int: + """This is preserved for old console scripts that may still be referencing + it. + + For additional details, see https://github.com/pypa/pip/issues/7498. + """ + from pip._internal.utils.entrypoints import _wrapper + + return _wrapper(args) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/build_env.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/build_env.py new file mode 100644 index 000000000..de98163d7 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/build_env.py @@ -0,0 +1,294 @@ +"""Build Environment used for isolation during sdist building +""" + +import contextlib +import logging +import os +import pathlib +import sys +import textwrap +import zipfile +from collections import OrderedDict +from sysconfig import get_paths +from types import TracebackType +from typing import TYPE_CHECKING, Iterable, Iterator, List, Optional, Set, Tuple, Type + +from pip._vendor.certifi import where +from pip._vendor.packaging.requirements import Requirement +from pip._vendor.packaging.version import Version + +from pip import __file__ as pip_location +from pip._internal.cli.spinners import open_spinner +from pip._internal.locations import get_platlib, get_prefixed_libs, get_purelib +from pip._internal.metadata import get_environment +from pip._internal.utils.subprocess import call_subprocess +from pip._internal.utils.temp_dir import TempDirectory, tempdir_kinds + +if TYPE_CHECKING: + from pip._internal.index.package_finder import PackageFinder + +logger = logging.getLogger(__name__) + + +class _Prefix: + + def __init__(self, path): + # type: (str) -> None + self.path = path + self.setup = False + self.bin_dir = get_paths( + 'nt' if os.name == 'nt' else 'posix_prefix', + vars={'base': path, 'platbase': path} + )['scripts'] + self.lib_dirs = get_prefixed_libs(path) + + +@contextlib.contextmanager +def _create_standalone_pip() -> Iterator[str]: + """Create a "standalone pip" zip file. + + The zip file's content is identical to the currently-running pip. + It will be used to install requirements into the build environment. + """ + source = pathlib.Path(pip_location).resolve().parent + + # Return the current instance if `source` is not a directory. We can't build + # a zip from this, and it likely means the instance is already standalone. + if not source.is_dir(): + yield str(source) + return + + with TempDirectory(kind="standalone-pip") as tmp_dir: + pip_zip = os.path.join(tmp_dir.path, "__env_pip__.zip") + kwargs = {} + if sys.version_info >= (3, 8): + kwargs["strict_timestamps"] = False + with zipfile.ZipFile(pip_zip, "w", **kwargs) as zf: + for child in source.rglob("*"): + zf.write(child, child.relative_to(source.parent).as_posix()) + yield os.path.join(pip_zip, "pip") + + +class BuildEnvironment: + """Creates and manages an isolated environment to install build deps + """ + + def __init__(self): + # type: () -> None + temp_dir = TempDirectory( + kind=tempdir_kinds.BUILD_ENV, globally_managed=True + ) + + self._prefixes = OrderedDict( + (name, _Prefix(os.path.join(temp_dir.path, name))) + for name in ('normal', 'overlay') + ) + + self._bin_dirs = [] # type: List[str] + self._lib_dirs = [] # type: List[str] + for prefix in reversed(list(self._prefixes.values())): + self._bin_dirs.append(prefix.bin_dir) + self._lib_dirs.extend(prefix.lib_dirs) + + # Customize site to: + # - ensure .pth files are honored + # - prevent access to system site packages + system_sites = { + os.path.normcase(site) for site in (get_purelib(), get_platlib()) + } + self._site_dir = os.path.join(temp_dir.path, 'site') + if not os.path.exists(self._site_dir): + os.mkdir(self._site_dir) + with open(os.path.join(self._site_dir, 'sitecustomize.py'), 'w') as fp: + fp.write(textwrap.dedent( + ''' + import os, site, sys + + # First, drop system-sites related paths. + original_sys_path = sys.path[:] + known_paths = set() + for path in {system_sites!r}: + site.addsitedir(path, known_paths=known_paths) + system_paths = set( + os.path.normcase(path) + for path in sys.path[len(original_sys_path):] + ) + original_sys_path = [ + path for path in original_sys_path + if os.path.normcase(path) not in system_paths + ] + sys.path = original_sys_path + + # Second, add lib directories. + # ensuring .pth file are processed. + for path in {lib_dirs!r}: + assert not path in sys.path + site.addsitedir(path) + ''' + ).format(system_sites=system_sites, lib_dirs=self._lib_dirs)) + + def __enter__(self): + # type: () -> None + self._save_env = { + name: os.environ.get(name, None) + for name in ('PATH', 'PYTHONNOUSERSITE', 'PYTHONPATH') + } + + path = self._bin_dirs[:] + old_path = self._save_env['PATH'] + if old_path: + path.extend(old_path.split(os.pathsep)) + + pythonpath = [self._site_dir] + + os.environ.update({ + 'PATH': os.pathsep.join(path), + 'PYTHONNOUSERSITE': '1', + 'PYTHONPATH': os.pathsep.join(pythonpath), + }) + + def __exit__( + self, + exc_type, # type: Optional[Type[BaseException]] + exc_val, # type: Optional[BaseException] + exc_tb # type: Optional[TracebackType] + ): + # type: (...) -> None + for varname, old_value in self._save_env.items(): + if old_value is None: + os.environ.pop(varname, None) + else: + os.environ[varname] = old_value + + def check_requirements(self, reqs): + # type: (Iterable[str]) -> Tuple[Set[Tuple[str, str]], Set[str]] + """Return 2 sets: + - conflicting requirements: set of (installed, wanted) reqs tuples + - missing requirements: set of reqs + """ + missing = set() + conflicting = set() + if reqs: + env = get_environment(self._lib_dirs) + for req_str in reqs: + req = Requirement(req_str) + dist = env.get_distribution(req.name) + if not dist: + missing.add(req_str) + continue + if isinstance(dist.version, Version): + installed_req_str = f"{req.name}=={dist.version}" + else: + installed_req_str = f"{req.name}==={dist.version}" + if dist.version not in req.specifier: + conflicting.add((installed_req_str, req_str)) + # FIXME: Consider direct URL? + return conflicting, missing + + def install_requirements( + self, + finder, # type: PackageFinder + requirements, # type: Iterable[str] + prefix_as_string, # type: str + message # type: str + ): + # type: (...) -> None + prefix = self._prefixes[prefix_as_string] + assert not prefix.setup + prefix.setup = True + if not requirements: + return + with contextlib.ExitStack() as ctx: + # TODO: Remove this block when dropping 3.6 support. Python 3.6 + # lacks importlib.resources and pep517 has issues loading files in + # a zip, so we fallback to the "old" method by adding the current + # pip directory to the child process's sys.path. + if sys.version_info < (3, 7): + pip_runnable = os.path.dirname(pip_location) + else: + pip_runnable = ctx.enter_context(_create_standalone_pip()) + self._install_requirements( + pip_runnable, + finder, + requirements, + prefix, + message, + ) + + @staticmethod + def _install_requirements( + pip_runnable: str, + finder: "PackageFinder", + requirements: Iterable[str], + prefix: _Prefix, + message: str, + ) -> None: + args = [ + sys.executable, pip_runnable, 'install', + '--ignore-installed', '--no-user', '--prefix', prefix.path, + '--no-warn-script-location', + ] # type: List[str] + if logger.getEffectiveLevel() <= logging.DEBUG: + args.append('-v') + for format_control in ('no_binary', 'only_binary'): + formats = getattr(finder.format_control, format_control) + args.extend(('--' + format_control.replace('_', '-'), + ','.join(sorted(formats or {':none:'})))) + + index_urls = finder.index_urls + if index_urls: + args.extend(['-i', index_urls[0]]) + for extra_index in index_urls[1:]: + args.extend(['--extra-index-url', extra_index]) + else: + args.append('--no-index') + for link in finder.find_links: + args.extend(['--find-links', link]) + + for host in finder.trusted_hosts: + args.extend(['--trusted-host', host]) + if finder.allow_all_prereleases: + args.append('--pre') + if finder.prefer_binary: + args.append('--prefer-binary') + args.append('--') + args.extend(requirements) + extra_environ = {"_PIP_STANDALONE_CERT": where()} + with open_spinner(message) as spinner: + call_subprocess(args, spinner=spinner, extra_environ=extra_environ) + + +class NoOpBuildEnvironment(BuildEnvironment): + """A no-op drop-in replacement for BuildEnvironment + """ + + def __init__(self): + # type: () -> None + pass + + def __enter__(self): + # type: () -> None + pass + + def __exit__( + self, + exc_type, # type: Optional[Type[BaseException]] + exc_val, # type: Optional[BaseException] + exc_tb # type: Optional[TracebackType] + ): + # type: (...) -> None + pass + + def cleanup(self): + # type: () -> None + pass + + def install_requirements( + self, + finder, # type: PackageFinder + requirements, # type: Iterable[str] + prefix_as_string, # type: str + message # type: str + ): + # type: (...) -> None + raise NotImplementedError() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/cache.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/cache.py new file mode 100644 index 000000000..7ef51b92e --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/cache.py @@ -0,0 +1,287 @@ +"""Cache Management +""" + +import hashlib +import json +import logging +import os +from typing import Any, Dict, List, Optional, Set + +from pip._vendor.packaging.tags import Tag, interpreter_name, interpreter_version +from pip._vendor.packaging.utils import canonicalize_name + +from pip._internal.exceptions import InvalidWheelFilename +from pip._internal.models.format_control import FormatControl +from pip._internal.models.link import Link +from pip._internal.models.wheel import Wheel +from pip._internal.utils.temp_dir import TempDirectory, tempdir_kinds +from pip._internal.utils.urls import path_to_url + +logger = logging.getLogger(__name__) + + +def _hash_dict(d): + # type: (Dict[str, str]) -> str + """Return a stable sha224 of a dictionary.""" + s = json.dumps(d, sort_keys=True, separators=(",", ":"), ensure_ascii=True) + return hashlib.sha224(s.encode("ascii")).hexdigest() + + +class Cache: + """An abstract class - provides cache directories for data from links + + + :param cache_dir: The root of the cache. + :param format_control: An object of FormatControl class to limit + binaries being read from the cache. + :param allowed_formats: which formats of files the cache should store. + ('binary' and 'source' are the only allowed values) + """ + + def __init__(self, cache_dir, format_control, allowed_formats): + # type: (str, FormatControl, Set[str]) -> None + super().__init__() + assert not cache_dir or os.path.isabs(cache_dir) + self.cache_dir = cache_dir or None + self.format_control = format_control + self.allowed_formats = allowed_formats + + _valid_formats = {"source", "binary"} + assert self.allowed_formats.union(_valid_formats) == _valid_formats + + def _get_cache_path_parts(self, link): + # type: (Link) -> List[str] + """Get parts of part that must be os.path.joined with cache_dir + """ + + # We want to generate an url to use as our cache key, we don't want to + # just re-use the URL because it might have other items in the fragment + # and we don't care about those. + key_parts = {"url": link.url_without_fragment} + if link.hash_name is not None and link.hash is not None: + key_parts[link.hash_name] = link.hash + if link.subdirectory_fragment: + key_parts["subdirectory"] = link.subdirectory_fragment + + # Include interpreter name, major and minor version in cache key + # to cope with ill-behaved sdists that build a different wheel + # depending on the python version their setup.py is being run on, + # and don't encode the difference in compatibility tags. + # https://github.com/pypa/pip/issues/7296 + key_parts["interpreter_name"] = interpreter_name() + key_parts["interpreter_version"] = interpreter_version() + + # Encode our key url with sha224, we'll use this because it has similar + # security properties to sha256, but with a shorter total output (and + # thus less secure). However the differences don't make a lot of + # difference for our use case here. + hashed = _hash_dict(key_parts) + + # We want to nest the directories some to prevent having a ton of top + # level directories where we might run out of sub directories on some + # FS. + parts = [hashed[:2], hashed[2:4], hashed[4:6], hashed[6:]] + + return parts + + def _get_candidates(self, link, canonical_package_name): + # type: (Link, str) -> List[Any] + can_not_cache = ( + not self.cache_dir or + not canonical_package_name or + not link + ) + if can_not_cache: + return [] + + formats = self.format_control.get_allowed_formats( + canonical_package_name + ) + if not self.allowed_formats.intersection(formats): + return [] + + candidates = [] + path = self.get_path_for_link(link) + if os.path.isdir(path): + for candidate in os.listdir(path): + candidates.append((candidate, path)) + return candidates + + def get_path_for_link(self, link): + # type: (Link) -> str + """Return a directory to store cached items in for link. + """ + raise NotImplementedError() + + def get( + self, + link, # type: Link + package_name, # type: Optional[str] + supported_tags, # type: List[Tag] + ): + # type: (...) -> Link + """Returns a link to a cached item if it exists, otherwise returns the + passed link. + """ + raise NotImplementedError() + + +class SimpleWheelCache(Cache): + """A cache of wheels for future installs. + """ + + def __init__(self, cache_dir, format_control): + # type: (str, FormatControl) -> None + super().__init__(cache_dir, format_control, {"binary"}) + + def get_path_for_link(self, link): + # type: (Link) -> str + """Return a directory to store cached wheels for link + + Because there are M wheels for any one sdist, we provide a directory + to cache them in, and then consult that directory when looking up + cache hits. + + We only insert things into the cache if they have plausible version + numbers, so that we don't contaminate the cache with things that were + not unique. E.g. ./package might have dozens of installs done for it + and build a version of 0.0...and if we built and cached a wheel, we'd + end up using the same wheel even if the source has been edited. + + :param link: The link of the sdist for which this will cache wheels. + """ + parts = self._get_cache_path_parts(link) + assert self.cache_dir + # Store wheels within the root cache_dir + return os.path.join(self.cache_dir, "wheels", *parts) + + def get( + self, + link, # type: Link + package_name, # type: Optional[str] + supported_tags, # type: List[Tag] + ): + # type: (...) -> Link + candidates = [] + + if not package_name: + return link + + canonical_package_name = canonicalize_name(package_name) + for wheel_name, wheel_dir in self._get_candidates( + link, canonical_package_name + ): + try: + wheel = Wheel(wheel_name) + except InvalidWheelFilename: + continue + if canonicalize_name(wheel.name) != canonical_package_name: + logger.debug( + "Ignoring cached wheel %s for %s as it " + "does not match the expected distribution name %s.", + wheel_name, link, package_name, + ) + continue + if not wheel.supported(supported_tags): + # Built for a different python/arch/etc + continue + candidates.append( + ( + wheel.support_index_min(supported_tags), + wheel_name, + wheel_dir, + ) + ) + + if not candidates: + return link + + _, wheel_name, wheel_dir = min(candidates) + return Link(path_to_url(os.path.join(wheel_dir, wheel_name))) + + +class EphemWheelCache(SimpleWheelCache): + """A SimpleWheelCache that creates it's own temporary cache directory + """ + + def __init__(self, format_control): + # type: (FormatControl) -> None + self._temp_dir = TempDirectory( + kind=tempdir_kinds.EPHEM_WHEEL_CACHE, + globally_managed=True, + ) + + super().__init__(self._temp_dir.path, format_control) + + +class CacheEntry: + def __init__( + self, + link, # type: Link + persistent, # type: bool + ): + self.link = link + self.persistent = persistent + + +class WheelCache(Cache): + """Wraps EphemWheelCache and SimpleWheelCache into a single Cache + + This Cache allows for gracefully degradation, using the ephem wheel cache + when a certain link is not found in the simple wheel cache first. + """ + + def __init__(self, cache_dir, format_control): + # type: (str, FormatControl) -> None + super().__init__(cache_dir, format_control, {'binary'}) + self._wheel_cache = SimpleWheelCache(cache_dir, format_control) + self._ephem_cache = EphemWheelCache(format_control) + + def get_path_for_link(self, link): + # type: (Link) -> str + return self._wheel_cache.get_path_for_link(link) + + def get_ephem_path_for_link(self, link): + # type: (Link) -> str + return self._ephem_cache.get_path_for_link(link) + + def get( + self, + link, # type: Link + package_name, # type: Optional[str] + supported_tags, # type: List[Tag] + ): + # type: (...) -> Link + cache_entry = self.get_cache_entry(link, package_name, supported_tags) + if cache_entry is None: + return link + return cache_entry.link + + def get_cache_entry( + self, + link, # type: Link + package_name, # type: Optional[str] + supported_tags, # type: List[Tag] + ): + # type: (...) -> Optional[CacheEntry] + """Returns a CacheEntry with a link to a cached item if it exists or + None. The cache entry indicates if the item was found in the persistent + or ephemeral cache. + """ + retval = self._wheel_cache.get( + link=link, + package_name=package_name, + supported_tags=supported_tags, + ) + if retval is not link: + return CacheEntry(retval, persistent=True) + + retval = self._ephem_cache.get( + link=link, + package_name=package_name, + supported_tags=supported_tags, + ) + if retval is not link: + return CacheEntry(retval, persistent=False) + + return None diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/__init__.py new file mode 100644 index 000000000..e589bb917 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/__init__.py @@ -0,0 +1,4 @@ +"""Subpackage containing all of pip's command line interface related code +""" + +# This file intentionally does not import submodules diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/autocompletion.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/autocompletion.py new file mode 100644 index 000000000..3cad14860 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/autocompletion.py @@ -0,0 +1,163 @@ +"""Logic that powers autocompletion installed by ``pip completion``. +""" + +import optparse +import os +import sys +from itertools import chain +from typing import Any, Iterable, List, Optional + +from pip._internal.cli.main_parser import create_main_parser +from pip._internal.commands import commands_dict, create_command +from pip._internal.metadata import get_default_environment + + +def autocomplete() -> None: + """Entry Point for completion of main and subcommand options.""" + # Don't complete if user hasn't sourced bash_completion file. + if "PIP_AUTO_COMPLETE" not in os.environ: + return + cwords = os.environ["COMP_WORDS"].split()[1:] + cword = int(os.environ["COMP_CWORD"]) + try: + current = cwords[cword - 1] + except IndexError: + current = "" + + parser = create_main_parser() + subcommands = list(commands_dict) + options = [] + + # subcommand + subcommand_name: Optional[str] = None + for word in cwords: + if word in subcommands: + subcommand_name = word + break + # subcommand options + if subcommand_name is not None: + # special case: 'help' subcommand has no options + if subcommand_name == "help": + sys.exit(1) + # special case: list locally installed dists for show and uninstall + should_list_installed = not current.startswith("-") and subcommand_name in [ + "show", + "uninstall", + ] + if should_list_installed: + env = get_default_environment() + lc = current.lower() + installed = [ + dist.canonical_name + for dist in env.iter_installed_distributions(local_only=True) + if dist.canonical_name.startswith(lc) + and dist.canonical_name not in cwords[1:] + ] + # if there are no dists installed, fall back to option completion + if installed: + for dist in installed: + print(dist) + sys.exit(1) + + subcommand = create_command(subcommand_name) + + for opt in subcommand.parser.option_list_all: + if opt.help != optparse.SUPPRESS_HELP: + for opt_str in opt._long_opts + opt._short_opts: + options.append((opt_str, opt.nargs)) + + # filter out previously specified options from available options + prev_opts = [x.split("=")[0] for x in cwords[1 : cword - 1]] + options = [(x, v) for (x, v) in options if x not in prev_opts] + # filter options by current input + options = [(k, v) for k, v in options if k.startswith(current)] + # get completion type given cwords and available subcommand options + completion_type = get_path_completion_type( + cwords, + cword, + subcommand.parser.option_list_all, + ) + # get completion files and directories if ``completion_type`` is + # ````, ```` or ```` + if completion_type: + paths = auto_complete_paths(current, completion_type) + options = [(path, 0) for path in paths] + for option in options: + opt_label = option[0] + # append '=' to options which require args + if option[1] and option[0][:2] == "--": + opt_label += "=" + print(opt_label) + else: + # show main parser options only when necessary + + opts = [i.option_list for i in parser.option_groups] + opts.append(parser.option_list) + flattened_opts = chain.from_iterable(opts) + if current.startswith("-"): + for opt in flattened_opts: + if opt.help != optparse.SUPPRESS_HELP: + subcommands += opt._long_opts + opt._short_opts + else: + # get completion type given cwords and all available options + completion_type = get_path_completion_type(cwords, cword, flattened_opts) + if completion_type: + subcommands = list(auto_complete_paths(current, completion_type)) + + print(" ".join([x for x in subcommands if x.startswith(current)])) + sys.exit(1) + + +def get_path_completion_type( + cwords: List[str], cword: int, opts: Iterable[Any] +) -> Optional[str]: + """Get the type of path completion (``file``, ``dir``, ``path`` or None) + + :param cwords: same as the environmental variable ``COMP_WORDS`` + :param cword: same as the environmental variable ``COMP_CWORD`` + :param opts: The available options to check + :return: path completion type (``file``, ``dir``, ``path`` or None) + """ + if cword < 2 or not cwords[cword - 2].startswith("-"): + return None + for opt in opts: + if opt.help == optparse.SUPPRESS_HELP: + continue + for o in str(opt).split("/"): + if cwords[cword - 2].split("=")[0] == o: + if not opt.metavar or any( + x in ("path", "file", "dir") for x in opt.metavar.split("/") + ): + return opt.metavar + return None + + +def auto_complete_paths(current: str, completion_type: str) -> Iterable[str]: + """If ``completion_type`` is ``file`` or ``path``, list all regular files + and directories starting with ``current``; otherwise only list directories + starting with ``current``. + + :param current: The word to be completed + :param completion_type: path completion type(`file`, `path` or `dir`)i + :return: A generator of regular files and/or directories + """ + directory, filename = os.path.split(current) + current_path = os.path.abspath(directory) + # Don't complete paths if they can't be accessed + if not os.access(current_path, os.R_OK): + return + filename = os.path.normcase(filename) + # list all files that start with ``filename`` + file_list = ( + x for x in os.listdir(current_path) if os.path.normcase(x).startswith(filename) + ) + for f in file_list: + opt = os.path.join(current_path, f) + comp_file = os.path.normcase(os.path.join(directory, f)) + # complete regular files when there is not ```` after option + # complete directories when there is ````, ```` or + # ````after option + if completion_type != "dir" and os.path.isfile(opt): + yield comp_file + elif os.path.isdir(opt): + yield os.path.join(comp_file, "") diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/base_command.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/base_command.py new file mode 100644 index 000000000..eea38306a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/base_command.py @@ -0,0 +1,214 @@ +"""Base Command class, and related routines""" + +import logging +import logging.config +import optparse +import os +import sys +import traceback +from optparse import Values +from typing import Any, List, Optional, Tuple + +from pip._internal.cli import cmdoptions +from pip._internal.cli.command_context import CommandContextMixIn +from pip._internal.cli.parser import ConfigOptionParser, UpdatingDefaultsHelpFormatter +from pip._internal.cli.status_codes import ( + ERROR, + PREVIOUS_BUILD_DIR_ERROR, + UNKNOWN_ERROR, + VIRTUALENV_NOT_FOUND, +) +from pip._internal.exceptions import ( + BadCommand, + CommandError, + InstallationError, + NetworkConnectionError, + PreviousBuildDirError, + UninstallationError, +) +from pip._internal.utils.deprecation import deprecated +from pip._internal.utils.filesystem import check_path_owner +from pip._internal.utils.logging import BrokenStdoutLoggingError, setup_logging +from pip._internal.utils.misc import get_prog, normalize_path +from pip._internal.utils.temp_dir import TempDirectoryTypeRegistry as TempDirRegistry +from pip._internal.utils.temp_dir import global_tempdir_manager, tempdir_registry +from pip._internal.utils.virtualenv import running_under_virtualenv + +__all__ = ["Command"] + +logger = logging.getLogger(__name__) + + +class Command(CommandContextMixIn): + usage: str = "" + ignore_require_venv: bool = False + + def __init__(self, name: str, summary: str, isolated: bool = False) -> None: + super().__init__() + + self.name = name + self.summary = summary + self.parser = ConfigOptionParser( + usage=self.usage, + prog=f"{get_prog()} {name}", + formatter=UpdatingDefaultsHelpFormatter(), + add_help_option=False, + name=name, + description=self.__doc__, + isolated=isolated, + ) + + self.tempdir_registry: Optional[TempDirRegistry] = None + + # Commands should add options to this option group + optgroup_name = f"{self.name.capitalize()} Options" + self.cmd_opts = optparse.OptionGroup(self.parser, optgroup_name) + + # Add the general options + gen_opts = cmdoptions.make_option_group( + cmdoptions.general_group, + self.parser, + ) + self.parser.add_option_group(gen_opts) + + self.add_options() + + def add_options(self) -> None: + pass + + def handle_pip_version_check(self, options: Values) -> None: + """ + This is a no-op so that commands by default do not do the pip version + check. + """ + # Make sure we do the pip version check if the index_group options + # are present. + assert not hasattr(options, "no_index") + + def run(self, options: Values, args: List[Any]) -> int: + raise NotImplementedError + + def parse_args(self, args: List[str]) -> Tuple[Any, Any]: + # factored out for testability + return self.parser.parse_args(args) + + def main(self, args: List[str]) -> int: + try: + with self.main_context(): + return self._main(args) + finally: + logging.shutdown() + + def _main(self, args: List[str]) -> int: + # We must initialize this before the tempdir manager, otherwise the + # configuration would not be accessible by the time we clean up the + # tempdir manager. + self.tempdir_registry = self.enter_context(tempdir_registry()) + # Intentionally set as early as possible so globally-managed temporary + # directories are available to the rest of the code. + self.enter_context(global_tempdir_manager()) + + options, args = self.parse_args(args) + + # Set verbosity so that it can be used elsewhere. + self.verbosity = options.verbose - options.quiet + + level_number = setup_logging( + verbosity=self.verbosity, + no_color=options.no_color, + user_log_file=options.log, + ) + + # TODO: Try to get these passing down from the command? + # without resorting to os.environ to hold these. + # This also affects isolated builds and it should. + + if options.no_input: + os.environ["PIP_NO_INPUT"] = "1" + + if options.exists_action: + os.environ["PIP_EXISTS_ACTION"] = " ".join(options.exists_action) + + if options.require_venv and not self.ignore_require_venv: + # If a venv is required check if it can really be found + if not running_under_virtualenv(): + logger.critical("Could not find an activated virtualenv (required).") + sys.exit(VIRTUALENV_NOT_FOUND) + + if options.cache_dir: + options.cache_dir = normalize_path(options.cache_dir) + if not check_path_owner(options.cache_dir): + logger.warning( + "The directory '%s' or its parent directory is not owned " + "or is not writable by the current user. The cache " + "has been disabled. Check the permissions and owner of " + "that directory. If executing pip with sudo, you should " + "use sudo's -H flag.", + options.cache_dir, + ) + options.cache_dir = None + + if getattr(options, "build_dir", None): + deprecated( + reason=( + "The -b/--build/--build-dir/--build-directory " + "option is deprecated and has no effect anymore." + ), + replacement=( + "use the TMPDIR/TEMP/TMP environment variable, " + "possibly combined with --no-clean" + ), + gone_in="21.3", + issue=8333, + ) + + if "2020-resolver" in options.features_enabled: + logger.warning( + "--use-feature=2020-resolver no longer has any effect, " + "since it is now the default dependency resolver in pip. " + "This will become an error in pip 21.0." + ) + + try: + status = self.run(options, args) + assert isinstance(status, int) + return status + except PreviousBuildDirError as exc: + logger.critical(str(exc)) + logger.debug("Exception information:", exc_info=True) + + return PREVIOUS_BUILD_DIR_ERROR + except ( + InstallationError, + UninstallationError, + BadCommand, + NetworkConnectionError, + ) as exc: + logger.critical(str(exc)) + logger.debug("Exception information:", exc_info=True) + + return ERROR + except CommandError as exc: + logger.critical("%s", exc) + logger.debug("Exception information:", exc_info=True) + + return ERROR + except BrokenStdoutLoggingError: + # Bypass our logger and write any remaining messages to stderr + # because stdout no longer works. + print("ERROR: Pipe to stdout was broken", file=sys.stderr) + if level_number <= logging.DEBUG: + traceback.print_exc(file=sys.stderr) + + return ERROR + except KeyboardInterrupt: + logger.critical("Operation cancelled by user") + logger.debug("Exception information:", exc_info=True) + + return ERROR + except BaseException: + logger.critical("Exception:", exc_info=True) + + return UNKNOWN_ERROR + finally: + self.handle_pip_version_check(options) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/cmdoptions.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/cmdoptions.py new file mode 100644 index 000000000..b4f0f83c6 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/cmdoptions.py @@ -0,0 +1,1009 @@ +""" +shared options and groups + +The principle here is to define options once, but *not* instantiate them +globally. One reason being that options with action='append' can carry state +between parses. pip parses general options twice internally, and shouldn't +pass on state. To be consistent, all options will follow this design. +""" + +# The following comment should be removed at some point in the future. +# mypy: strict-optional=False + +import os +import textwrap +import warnings +from functools import partial +from optparse import SUPPRESS_HELP, Option, OptionGroup, OptionParser, Values +from textwrap import dedent +from typing import Any, Callable, Dict, Optional, Tuple + +from pip._vendor.packaging.utils import canonicalize_name + +from pip._internal.cli.parser import ConfigOptionParser +from pip._internal.cli.progress_bars import BAR_TYPES +from pip._internal.exceptions import CommandError +from pip._internal.locations import USER_CACHE_DIR, get_src_prefix +from pip._internal.models.format_control import FormatControl +from pip._internal.models.index import PyPI +from pip._internal.models.target_python import TargetPython +from pip._internal.utils.hashes import STRONG_HASHES +from pip._internal.utils.misc import strtobool + + +def raise_option_error(parser: OptionParser, option: Option, msg: str) -> None: + """ + Raise an option parsing error using parser.error(). + + Args: + parser: an OptionParser instance. + option: an Option instance. + msg: the error text. + """ + msg = f"{option} error: {msg}" + msg = textwrap.fill(" ".join(msg.split())) + parser.error(msg) + + +def make_option_group(group: Dict[str, Any], parser: ConfigOptionParser) -> OptionGroup: + """ + Return an OptionGroup object + group -- assumed to be dict with 'name' and 'options' keys + parser -- an optparse Parser + """ + option_group = OptionGroup(parser, group["name"]) + for option in group["options"]: + option_group.add_option(option()) + return option_group + + +def check_install_build_global( + options: Values, check_options: Optional[Values] = None +) -> None: + """Disable wheels if per-setup.py call options are set. + + :param options: The OptionParser options to update. + :param check_options: The options to check, if not supplied defaults to + options. + """ + if check_options is None: + check_options = options + + def getname(n: str) -> Optional[Any]: + return getattr(check_options, n, None) + + names = ["build_options", "global_options", "install_options"] + if any(map(getname, names)): + control = options.format_control + control.disallow_binaries() + warnings.warn( + "Disabling all use of wheels due to the use of --build-option " + "/ --global-option / --install-option.", + stacklevel=2, + ) + + +def check_dist_restriction(options: Values, check_target: bool = False) -> None: + """Function for determining if custom platform options are allowed. + + :param options: The OptionParser options. + :param check_target: Whether or not to check if --target is being used. + """ + dist_restriction_set = any( + [ + options.python_version, + options.platforms, + options.abis, + options.implementation, + ] + ) + + binary_only = FormatControl(set(), {":all:"}) + sdist_dependencies_allowed = ( + options.format_control != binary_only and not options.ignore_dependencies + ) + + # Installations or downloads using dist restrictions must not combine + # source distributions and dist-specific wheels, as they are not + # guaranteed to be locally compatible. + if dist_restriction_set and sdist_dependencies_allowed: + raise CommandError( + "When restricting platform and interpreter constraints using " + "--python-version, --platform, --abi, or --implementation, " + "either --no-deps must be set, or --only-binary=:all: must be " + "set and --no-binary must not be set (or must be set to " + ":none:)." + ) + + if check_target: + if dist_restriction_set and not options.target_dir: + raise CommandError( + "Can not use any platform or abi specific options unless " + "installing via '--target'" + ) + + +def _path_option_check(option: Option, opt: str, value: str) -> str: + return os.path.expanduser(value) + + +def _package_name_option_check(option: Option, opt: str, value: str) -> str: + return canonicalize_name(value) + + +class PipOption(Option): + TYPES = Option.TYPES + ("path", "package_name") + TYPE_CHECKER = Option.TYPE_CHECKER.copy() + TYPE_CHECKER["package_name"] = _package_name_option_check + TYPE_CHECKER["path"] = _path_option_check + + +########### +# options # +########### + +help_: Callable[..., Option] = partial( + Option, + "-h", + "--help", + dest="help", + action="help", + help="Show help.", +) + +isolated_mode: Callable[..., Option] = partial( + Option, + "--isolated", + dest="isolated_mode", + action="store_true", + default=False, + help=( + "Run pip in an isolated mode, ignoring environment variables and user " + "configuration." + ), +) + +require_virtualenv: Callable[..., Option] = partial( + Option, + # Run only if inside a virtualenv, bail if not. + "--require-virtualenv", + "--require-venv", + dest="require_venv", + action="store_true", + default=False, + help=SUPPRESS_HELP, +) + +verbose: Callable[..., Option] = partial( + Option, + "-v", + "--verbose", + dest="verbose", + action="count", + default=0, + help="Give more output. Option is additive, and can be used up to 3 times.", +) + +no_color: Callable[..., Option] = partial( + Option, + "--no-color", + dest="no_color", + action="store_true", + default=False, + help="Suppress colored output.", +) + +version: Callable[..., Option] = partial( + Option, + "-V", + "--version", + dest="version", + action="store_true", + help="Show version and exit.", +) + +quiet: Callable[..., Option] = partial( + Option, + "-q", + "--quiet", + dest="quiet", + action="count", + default=0, + help=( + "Give less output. Option is additive, and can be used up to 3" + " times (corresponding to WARNING, ERROR, and CRITICAL logging" + " levels)." + ), +) + +progress_bar: Callable[..., Option] = partial( + Option, + "--progress-bar", + dest="progress_bar", + type="choice", + choices=list(BAR_TYPES.keys()), + default="on", + help=( + "Specify type of progress to be displayed [" + + "|".join(BAR_TYPES.keys()) + + "] (default: %default)" + ), +) + +log: Callable[..., Option] = partial( + PipOption, + "--log", + "--log-file", + "--local-log", + dest="log", + metavar="path", + type="path", + help="Path to a verbose appending log.", +) + +no_input: Callable[..., Option] = partial( + Option, + # Don't ask for input + "--no-input", + dest="no_input", + action="store_true", + default=False, + help="Disable prompting for input.", +) + +proxy: Callable[..., Option] = partial( + Option, + "--proxy", + dest="proxy", + type="str", + default="", + help="Specify a proxy in the form [user:passwd@]proxy.server:port.", +) + +retries: Callable[..., Option] = partial( + Option, + "--retries", + dest="retries", + type="int", + default=5, + help="Maximum number of retries each connection should attempt " + "(default %default times).", +) + +timeout: Callable[..., Option] = partial( + Option, + "--timeout", + "--default-timeout", + metavar="sec", + dest="timeout", + type="float", + default=15, + help="Set the socket timeout (default %default seconds).", +) + + +def exists_action() -> Option: + return Option( + # Option when path already exist + "--exists-action", + dest="exists_action", + type="choice", + choices=["s", "i", "w", "b", "a"], + default=[], + action="append", + metavar="action", + help="Default action when a path already exists: " + "(s)witch, (i)gnore, (w)ipe, (b)ackup, (a)bort.", + ) + + +cert: Callable[..., Option] = partial( + PipOption, + "--cert", + dest="cert", + type="path", + metavar="path", + help=( + "Path to PEM-encoded CA certificate bundle. " + "If provided, overrides the default. " + "See 'SSL Certificate Verification' in pip documentation " + "for more information." + ), +) + +client_cert: Callable[..., Option] = partial( + PipOption, + "--client-cert", + dest="client_cert", + type="path", + default=None, + metavar="path", + help="Path to SSL client certificate, a single file containing the " + "private key and the certificate in PEM format.", +) + +index_url: Callable[..., Option] = partial( + Option, + "-i", + "--index-url", + "--pypi-url", + dest="index_url", + metavar="URL", + default=PyPI.simple_url, + help="Base URL of the Python Package Index (default %default). " + "This should point to a repository compliant with PEP 503 " + "(the simple repository API) or a local directory laid out " + "in the same format.", +) + + +def extra_index_url() -> Option: + return Option( + "--extra-index-url", + dest="extra_index_urls", + metavar="URL", + action="append", + default=[], + help="Extra URLs of package indexes to use in addition to " + "--index-url. Should follow the same rules as " + "--index-url.", + ) + + +no_index: Callable[..., Option] = partial( + Option, + "--no-index", + dest="no_index", + action="store_true", + default=False, + help="Ignore package index (only looking at --find-links URLs instead).", +) + + +def find_links() -> Option: + return Option( + "-f", + "--find-links", + dest="find_links", + action="append", + default=[], + metavar="url", + help="If a URL or path to an html file, then parse for links to " + "archives such as sdist (.tar.gz) or wheel (.whl) files. " + "If a local path or file:// URL that's a directory, " + "then look for archives in the directory listing. " + "Links to VCS project URLs are not supported.", + ) + + +def trusted_host() -> Option: + return Option( + "--trusted-host", + dest="trusted_hosts", + action="append", + metavar="HOSTNAME", + default=[], + help="Mark this host or host:port pair as trusted, even though it " + "does not have valid or any HTTPS.", + ) + + +def constraints() -> Option: + return Option( + "-c", + "--constraint", + dest="constraints", + action="append", + default=[], + metavar="file", + help="Constrain versions using the given constraints file. " + "This option can be used multiple times.", + ) + + +def requirements() -> Option: + return Option( + "-r", + "--requirement", + dest="requirements", + action="append", + default=[], + metavar="file", + help="Install from the given requirements file. " + "This option can be used multiple times.", + ) + + +def editable() -> Option: + return Option( + "-e", + "--editable", + dest="editables", + action="append", + default=[], + metavar="path/url", + help=( + "Install a project in editable mode (i.e. setuptools " + '"develop mode") from a local project path or a VCS url.' + ), + ) + + +def _handle_src(option: Option, opt_str: str, value: str, parser: OptionParser) -> None: + value = os.path.abspath(value) + setattr(parser.values, option.dest, value) + + +src: Callable[..., Option] = partial( + PipOption, + "--src", + "--source", + "--source-dir", + "--source-directory", + dest="src_dir", + type="path", + metavar="dir", + default=get_src_prefix(), + action="callback", + callback=_handle_src, + help="Directory to check out editable projects into. " + 'The default in a virtualenv is "/src". ' + 'The default for global installs is "/src".', +) + + +def _get_format_control(values: Values, option: Option) -> Any: + """Get a format_control object.""" + return getattr(values, option.dest) + + +def _handle_no_binary( + option: Option, opt_str: str, value: str, parser: OptionParser +) -> None: + existing = _get_format_control(parser.values, option) + FormatControl.handle_mutual_excludes( + value, + existing.no_binary, + existing.only_binary, + ) + + +def _handle_only_binary( + option: Option, opt_str: str, value: str, parser: OptionParser +) -> None: + existing = _get_format_control(parser.values, option) + FormatControl.handle_mutual_excludes( + value, + existing.only_binary, + existing.no_binary, + ) + + +def no_binary() -> Option: + format_control = FormatControl(set(), set()) + return Option( + "--no-binary", + dest="format_control", + action="callback", + callback=_handle_no_binary, + type="str", + default=format_control, + help="Do not use binary packages. Can be supplied multiple times, and " + 'each time adds to the existing value. Accepts either ":all:" to ' + 'disable all binary packages, ":none:" to empty the set (notice ' + "the colons), or one or more package names with commas between " + "them (no colons). Note that some packages are tricky to compile " + "and may fail to install when this option is used on them.", + ) + + +def only_binary() -> Option: + format_control = FormatControl(set(), set()) + return Option( + "--only-binary", + dest="format_control", + action="callback", + callback=_handle_only_binary, + type="str", + default=format_control, + help="Do not use source packages. Can be supplied multiple times, and " + 'each time adds to the existing value. Accepts either ":all:" to ' + 'disable all source packages, ":none:" to empty the set, or one ' + "or more package names with commas between them. Packages " + "without binary distributions will fail to install when this " + "option is used on them.", + ) + + +platforms: Callable[..., Option] = partial( + Option, + "--platform", + dest="platforms", + metavar="platform", + action="append", + default=None, + help=( + "Only use wheels compatible with . Defaults to the " + "platform of the running system. Use this option multiple times to " + "specify multiple platforms supported by the target interpreter." + ), +) + + +# This was made a separate function for unit-testing purposes. +def _convert_python_version(value: str) -> Tuple[Tuple[int, ...], Optional[str]]: + """ + Convert a version string like "3", "37", or "3.7.3" into a tuple of ints. + + :return: A 2-tuple (version_info, error_msg), where `error_msg` is + non-None if and only if there was a parsing error. + """ + if not value: + # The empty string is the same as not providing a value. + return (None, None) + + parts = value.split(".") + if len(parts) > 3: + return ((), "at most three version parts are allowed") + + if len(parts) == 1: + # Then we are in the case of "3" or "37". + value = parts[0] + if len(value) > 1: + parts = [value[0], value[1:]] + + try: + version_info = tuple(int(part) for part in parts) + except ValueError: + return ((), "each version part must be an integer") + + return (version_info, None) + + +def _handle_python_version( + option: Option, opt_str: str, value: str, parser: OptionParser +) -> None: + """ + Handle a provided --python-version value. + """ + version_info, error_msg = _convert_python_version(value) + if error_msg is not None: + msg = "invalid --python-version value: {!r}: {}".format( + value, + error_msg, + ) + raise_option_error(parser, option=option, msg=msg) + + parser.values.python_version = version_info + + +python_version: Callable[..., Option] = partial( + Option, + "--python-version", + dest="python_version", + metavar="python_version", + action="callback", + callback=_handle_python_version, + type="str", + default=None, + help=dedent( + """\ + The Python interpreter version to use for wheel and "Requires-Python" + compatibility checks. Defaults to a version derived from the running + interpreter. The version can be specified using up to three dot-separated + integers (e.g. "3" for 3.0.0, "3.7" for 3.7.0, or "3.7.3"). A major-minor + version can also be given as a string without dots (e.g. "37" for 3.7.0). + """ + ), +) + + +implementation: Callable[..., Option] = partial( + Option, + "--implementation", + dest="implementation", + metavar="implementation", + default=None, + help=( + "Only use wheels compatible with Python " + "implementation , e.g. 'pp', 'jy', 'cp', " + " or 'ip'. If not specified, then the current " + "interpreter implementation is used. Use 'py' to force " + "implementation-agnostic wheels." + ), +) + + +abis: Callable[..., Option] = partial( + Option, + "--abi", + dest="abis", + metavar="abi", + action="append", + default=None, + help=( + "Only use wheels compatible with Python abi , e.g. 'pypy_41'. " + "If not specified, then the current interpreter abi tag is used. " + "Use this option multiple times to specify multiple abis supported " + "by the target interpreter. Generally you will need to specify " + "--implementation, --platform, and --python-version when using this " + "option." + ), +) + + +def add_target_python_options(cmd_opts: OptionGroup) -> None: + cmd_opts.add_option(platforms()) + cmd_opts.add_option(python_version()) + cmd_opts.add_option(implementation()) + cmd_opts.add_option(abis()) + + +def make_target_python(options: Values) -> TargetPython: + target_python = TargetPython( + platforms=options.platforms, + py_version_info=options.python_version, + abis=options.abis, + implementation=options.implementation, + ) + + return target_python + + +def prefer_binary() -> Option: + return Option( + "--prefer-binary", + dest="prefer_binary", + action="store_true", + default=False, + help="Prefer older binary packages over newer source packages.", + ) + + +cache_dir: Callable[..., Option] = partial( + PipOption, + "--cache-dir", + dest="cache_dir", + default=USER_CACHE_DIR, + metavar="dir", + type="path", + help="Store the cache data in .", +) + + +def _handle_no_cache_dir( + option: Option, opt: str, value: str, parser: OptionParser +) -> None: + """ + Process a value provided for the --no-cache-dir option. + + This is an optparse.Option callback for the --no-cache-dir option. + """ + # The value argument will be None if --no-cache-dir is passed via the + # command-line, since the option doesn't accept arguments. However, + # the value can be non-None if the option is triggered e.g. by an + # environment variable, like PIP_NO_CACHE_DIR=true. + if value is not None: + # Then parse the string value to get argument error-checking. + try: + strtobool(value) + except ValueError as exc: + raise_option_error(parser, option=option, msg=str(exc)) + + # Originally, setting PIP_NO_CACHE_DIR to a value that strtobool() + # converted to 0 (like "false" or "no") caused cache_dir to be disabled + # rather than enabled (logic would say the latter). Thus, we disable + # the cache directory not just on values that parse to True, but (for + # backwards compatibility reasons) also on values that parse to False. + # In other words, always set it to False if the option is provided in + # some (valid) form. + parser.values.cache_dir = False + + +no_cache: Callable[..., Option] = partial( + Option, + "--no-cache-dir", + dest="cache_dir", + action="callback", + callback=_handle_no_cache_dir, + help="Disable the cache.", +) + +no_deps: Callable[..., Option] = partial( + Option, + "--no-deps", + "--no-dependencies", + dest="ignore_dependencies", + action="store_true", + default=False, + help="Don't install package dependencies.", +) + +build_dir: Callable[..., Option] = partial( + PipOption, + "-b", + "--build", + "--build-dir", + "--build-directory", + dest="build_dir", + type="path", + metavar="dir", + help=SUPPRESS_HELP, +) + +ignore_requires_python: Callable[..., Option] = partial( + Option, + "--ignore-requires-python", + dest="ignore_requires_python", + action="store_true", + help="Ignore the Requires-Python information.", +) + +no_build_isolation: Callable[..., Option] = partial( + Option, + "--no-build-isolation", + dest="build_isolation", + action="store_false", + default=True, + help="Disable isolation when building a modern source distribution. " + "Build dependencies specified by PEP 518 must be already installed " + "if this option is used.", +) + + +def _handle_no_use_pep517( + option: Option, opt: str, value: str, parser: OptionParser +) -> None: + """ + Process a value provided for the --no-use-pep517 option. + + This is an optparse.Option callback for the no_use_pep517 option. + """ + # Since --no-use-pep517 doesn't accept arguments, the value argument + # will be None if --no-use-pep517 is passed via the command-line. + # However, the value can be non-None if the option is triggered e.g. + # by an environment variable, for example "PIP_NO_USE_PEP517=true". + if value is not None: + msg = """A value was passed for --no-use-pep517, + probably using either the PIP_NO_USE_PEP517 environment variable + or the "no-use-pep517" config file option. Use an appropriate value + of the PIP_USE_PEP517 environment variable or the "use-pep517" + config file option instead. + """ + raise_option_error(parser, option=option, msg=msg) + + # Otherwise, --no-use-pep517 was passed via the command-line. + parser.values.use_pep517 = False + + +use_pep517: Any = partial( + Option, + "--use-pep517", + dest="use_pep517", + action="store_true", + default=None, + help="Use PEP 517 for building source distributions " + "(use --no-use-pep517 to force legacy behaviour).", +) + +no_use_pep517: Any = partial( + Option, + "--no-use-pep517", + dest="use_pep517", + action="callback", + callback=_handle_no_use_pep517, + default=None, + help=SUPPRESS_HELP, +) + +install_options: Callable[..., Option] = partial( + Option, + "--install-option", + dest="install_options", + action="append", + metavar="options", + help="Extra arguments to be supplied to the setup.py install " + 'command (use like --install-option="--install-scripts=/usr/local/' + 'bin"). Use multiple --install-option options to pass multiple ' + "options to setup.py install. If you are using an option with a " + "directory path, be sure to use absolute path.", +) + +build_options: Callable[..., Option] = partial( + Option, + "--build-option", + dest="build_options", + metavar="options", + action="append", + help="Extra arguments to be supplied to 'setup.py bdist_wheel'.", +) + +global_options: Callable[..., Option] = partial( + Option, + "--global-option", + dest="global_options", + action="append", + metavar="options", + help="Extra global options to be supplied to the setup.py " + "call before the install or bdist_wheel command.", +) + +no_clean: Callable[..., Option] = partial( + Option, + "--no-clean", + action="store_true", + default=False, + help="Don't clean up build directories.", +) + +pre: Callable[..., Option] = partial( + Option, + "--pre", + action="store_true", + default=False, + help="Include pre-release and development versions. By default, " + "pip only finds stable versions.", +) + +disable_pip_version_check: Callable[..., Option] = partial( + Option, + "--disable-pip-version-check", + dest="disable_pip_version_check", + action="store_true", + default=False, + help="Don't periodically check PyPI to determine whether a new version " + "of pip is available for download. Implied with --no-index.", +) + + +def _handle_merge_hash( + option: Option, opt_str: str, value: str, parser: OptionParser +) -> None: + """Given a value spelled "algo:digest", append the digest to a list + pointed to in a dict by the algo name.""" + if not parser.values.hashes: + parser.values.hashes = {} + try: + algo, digest = value.split(":", 1) + except ValueError: + parser.error( + "Arguments to {} must be a hash name " # noqa + "followed by a value, like --hash=sha256:" + "abcde...".format(opt_str) + ) + if algo not in STRONG_HASHES: + parser.error( + "Allowed hash algorithms for {} are {}.".format( # noqa + opt_str, ", ".join(STRONG_HASHES) + ) + ) + parser.values.hashes.setdefault(algo, []).append(digest) + + +hash: Callable[..., Option] = partial( + Option, + "--hash", + # Hash values eventually end up in InstallRequirement.hashes due to + # __dict__ copying in process_line(). + dest="hashes", + action="callback", + callback=_handle_merge_hash, + type="string", + help="Verify that the package's archive matches this " + "hash before installing. Example: --hash=sha256:abcdef...", +) + + +require_hashes: Callable[..., Option] = partial( + Option, + "--require-hashes", + dest="require_hashes", + action="store_true", + default=False, + help="Require a hash to check each requirement against, for " + "repeatable installs. This option is implied when any package in a " + "requirements file has a --hash option.", +) + + +list_path: Callable[..., Option] = partial( + PipOption, + "--path", + dest="path", + type="path", + action="append", + help="Restrict to the specified installation path for listing " + "packages (can be used multiple times).", +) + + +def check_list_path_option(options: Values) -> None: + if options.path and (options.user or options.local): + raise CommandError("Cannot combine '--path' with '--user' or '--local'") + + +list_exclude: Callable[..., Option] = partial( + PipOption, + "--exclude", + dest="excludes", + action="append", + metavar="package", + type="package_name", + help="Exclude specified package from the output", +) + + +no_python_version_warning: Callable[..., Option] = partial( + Option, + "--no-python-version-warning", + dest="no_python_version_warning", + action="store_true", + default=False, + help="Silence deprecation warnings for upcoming unsupported Pythons.", +) + + +use_new_feature: Callable[..., Option] = partial( + Option, + "--use-feature", + dest="features_enabled", + metavar="feature", + action="append", + default=[], + choices=["2020-resolver", "fast-deps", "in-tree-build"], + help="Enable new functionality, that may be backward incompatible.", +) + +use_deprecated_feature: Callable[..., Option] = partial( + Option, + "--use-deprecated", + dest="deprecated_features_enabled", + metavar="feature", + action="append", + default=[], + choices=["legacy-resolver"], + help=("Enable deprecated functionality, that will be removed in the future."), +) + + +########## +# groups # +########## + +general_group: Dict[str, Any] = { + "name": "General Options", + "options": [ + help_, + isolated_mode, + require_virtualenv, + verbose, + version, + quiet, + log, + no_input, + proxy, + retries, + timeout, + exists_action, + trusted_host, + cert, + client_cert, + cache_dir, + no_cache, + disable_pip_version_check, + no_color, + no_python_version_warning, + use_new_feature, + use_deprecated_feature, + ], +} + +index_group: Dict[str, Any] = { + "name": "Package Index Options", + "options": [ + index_url, + extra_index_url, + no_index, + find_links, + ], +} diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/command_context.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/command_context.py new file mode 100644 index 000000000..ed6832237 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/command_context.py @@ -0,0 +1,27 @@ +from contextlib import ExitStack, contextmanager +from typing import ContextManager, Iterator, TypeVar + +_T = TypeVar("_T", covariant=True) + + +class CommandContextMixIn: + def __init__(self) -> None: + super().__init__() + self._in_main_context = False + self._main_context = ExitStack() + + @contextmanager + def main_context(self) -> Iterator[None]: + assert not self._in_main_context + + self._in_main_context = True + try: + with self._main_context: + yield + finally: + self._in_main_context = False + + def enter_context(self, context_provider: ContextManager[_T]) -> _T: + assert self._in_main_context + + return self._main_context.enter_context(context_provider) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/main.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/main.py new file mode 100644 index 000000000..0e3122154 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/main.py @@ -0,0 +1,70 @@ +"""Primary application entrypoint. +""" +import locale +import logging +import os +import sys +from typing import List, Optional + +from pip._internal.cli.autocompletion import autocomplete +from pip._internal.cli.main_parser import parse_command +from pip._internal.commands import create_command +from pip._internal.exceptions import PipError +from pip._internal.utils import deprecation + +logger = logging.getLogger(__name__) + + +# Do not import and use main() directly! Using it directly is actively +# discouraged by pip's maintainers. The name, location and behavior of +# this function is subject to change, so calling it directly is not +# portable across different pip versions. + +# In addition, running pip in-process is unsupported and unsafe. This is +# elaborated in detail at +# https://pip.pypa.io/en/stable/user_guide/#using-pip-from-your-program. +# That document also provides suggestions that should work for nearly +# all users that are considering importing and using main() directly. + +# However, we know that certain users will still want to invoke pip +# in-process. If you understand and accept the implications of using pip +# in an unsupported manner, the best approach is to use runpy to avoid +# depending on the exact location of this entry point. + +# The following example shows how to use runpy to invoke pip in that +# case: +# +# sys.argv = ["pip", your, args, here] +# runpy.run_module("pip", run_name="__main__") +# +# Note that this will exit the process after running, unlike a direct +# call to main. As it is not safe to do any processing after calling +# main, this should not be an issue in practice. + + +def main(args: Optional[List[str]] = None) -> int: + if args is None: + args = sys.argv[1:] + + # Configure our deprecation warnings to be sent through loggers + deprecation.install_warning_logger() + + autocomplete() + + try: + cmd_name, cmd_args = parse_command(args) + except PipError as exc: + sys.stderr.write(f"ERROR: {exc}") + sys.stderr.write(os.linesep) + sys.exit(1) + + # Needed for locale.getpreferredencoding(False) to work + # in pip._internal.utils.encoding.auto_decode + try: + locale.setlocale(locale.LC_ALL, "") + except locale.Error as e: + # setlocale can apparently crash if locale are uninitialized + logger.debug("Ignoring error %s when setting locale", e) + command = create_command(cmd_name, isolated=("--isolated" in cmd_args)) + + return command.main(cmd_args) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/main_parser.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/main_parser.py new file mode 100644 index 000000000..3666ab04c --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/main_parser.py @@ -0,0 +1,87 @@ +"""A single place for constructing and exposing the main parser +""" + +import os +import sys +from typing import List, Tuple + +from pip._internal.cli import cmdoptions +from pip._internal.cli.parser import ConfigOptionParser, UpdatingDefaultsHelpFormatter +from pip._internal.commands import commands_dict, get_similar_commands +from pip._internal.exceptions import CommandError +from pip._internal.utils.misc import get_pip_version, get_prog + +__all__ = ["create_main_parser", "parse_command"] + + +def create_main_parser() -> ConfigOptionParser: + """Creates and returns the main parser for pip's CLI""" + + parser = ConfigOptionParser( + usage="\n%prog [options]", + add_help_option=False, + formatter=UpdatingDefaultsHelpFormatter(), + name="global", + prog=get_prog(), + ) + parser.disable_interspersed_args() + + parser.version = get_pip_version() + + # add the general options + gen_opts = cmdoptions.make_option_group(cmdoptions.general_group, parser) + parser.add_option_group(gen_opts) + + # so the help formatter knows + parser.main = True # type: ignore + + # create command listing for description + description = [""] + [ + f"{name:27} {command_info.summary}" + for name, command_info in commands_dict.items() + ] + parser.description = "\n".join(description) + + return parser + + +def parse_command(args: List[str]) -> Tuple[str, List[str]]: + parser = create_main_parser() + + # Note: parser calls disable_interspersed_args(), so the result of this + # call is to split the initial args into the general options before the + # subcommand and everything else. + # For example: + # args: ['--timeout=5', 'install', '--user', 'INITools'] + # general_options: ['--timeout==5'] + # args_else: ['install', '--user', 'INITools'] + general_options, args_else = parser.parse_args(args) + + # --version + if general_options.version: + sys.stdout.write(parser.version) + sys.stdout.write(os.linesep) + sys.exit() + + # pip || pip help -> print_help() + if not args_else or (args_else[0] == "help" and len(args_else) == 1): + parser.print_help() + sys.exit() + + # the subcommand name + cmd_name = args_else[0] + + if cmd_name not in commands_dict: + guess = get_similar_commands(cmd_name) + + msg = [f'unknown command "{cmd_name}"'] + if guess: + msg.append(f'maybe you meant "{guess}"') + + raise CommandError(" - ".join(msg)) + + # all the args without the subcommand + cmd_args = args[:] + cmd_args.remove(cmd_name) + + return cmd_name, cmd_args diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/parser.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/parser.py new file mode 100644 index 000000000..a1c99a8cb --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/parser.py @@ -0,0 +1,292 @@ +"""Base option parser setup""" + +import logging +import optparse +import shutil +import sys +import textwrap +from contextlib import suppress +from typing import Any, Dict, Iterator, List, Tuple + +from pip._internal.cli.status_codes import UNKNOWN_ERROR +from pip._internal.configuration import Configuration, ConfigurationError +from pip._internal.utils.misc import redact_auth_from_url, strtobool + +logger = logging.getLogger(__name__) + + +class PrettyHelpFormatter(optparse.IndentedHelpFormatter): + """A prettier/less verbose help formatter for optparse.""" + + def __init__(self, *args: Any, **kwargs: Any) -> None: + # help position must be aligned with __init__.parseopts.description + kwargs["max_help_position"] = 30 + kwargs["indent_increment"] = 1 + kwargs["width"] = shutil.get_terminal_size()[0] - 2 + super().__init__(*args, **kwargs) + + def format_option_strings(self, option: optparse.Option) -> str: + return self._format_option_strings(option) + + def _format_option_strings( + self, option: optparse.Option, mvarfmt: str = " <{}>", optsep: str = ", " + ) -> str: + """ + Return a comma-separated list of option strings and metavars. + + :param option: tuple of (short opt, long opt), e.g: ('-f', '--format') + :param mvarfmt: metavar format string + :param optsep: separator + """ + opts = [] + + if option._short_opts: + opts.append(option._short_opts[0]) + if option._long_opts: + opts.append(option._long_opts[0]) + if len(opts) > 1: + opts.insert(1, optsep) + + if option.takes_value(): + assert option.dest is not None + metavar = option.metavar or option.dest.lower() + opts.append(mvarfmt.format(metavar.lower())) + + return "".join(opts) + + def format_heading(self, heading: str) -> str: + if heading == "Options": + return "" + return heading + ":\n" + + def format_usage(self, usage: str) -> str: + """ + Ensure there is only one newline between usage and the first heading + if there is no description. + """ + msg = "\nUsage: {}\n".format(self.indent_lines(textwrap.dedent(usage), " ")) + return msg + + def format_description(self, description: str) -> str: + # leave full control over description to us + if description: + if hasattr(self.parser, "main"): + label = "Commands" + else: + label = "Description" + # some doc strings have initial newlines, some don't + description = description.lstrip("\n") + # some doc strings have final newlines and spaces, some don't + description = description.rstrip() + # dedent, then reindent + description = self.indent_lines(textwrap.dedent(description), " ") + description = f"{label}:\n{description}\n" + return description + else: + return "" + + def format_epilog(self, epilog: str) -> str: + # leave full control over epilog to us + if epilog: + return epilog + else: + return "" + + def indent_lines(self, text: str, indent: str) -> str: + new_lines = [indent + line for line in text.split("\n")] + return "\n".join(new_lines) + + +class UpdatingDefaultsHelpFormatter(PrettyHelpFormatter): + """Custom help formatter for use in ConfigOptionParser. + + This is updates the defaults before expanding them, allowing + them to show up correctly in the help listing. + + Also redact auth from url type options + """ + + def expand_default(self, option: optparse.Option) -> str: + default_values = None + if self.parser is not None: + assert isinstance(self.parser, ConfigOptionParser) + self.parser._update_defaults(self.parser.defaults) + assert option.dest is not None + default_values = self.parser.defaults.get(option.dest) + help_text = super().expand_default(option) + + if default_values and option.metavar == "URL": + if isinstance(default_values, str): + default_values = [default_values] + + # If its not a list, we should abort and just return the help text + if not isinstance(default_values, list): + default_values = [] + + for val in default_values: + help_text = help_text.replace(val, redact_auth_from_url(val)) + + return help_text + + +class CustomOptionParser(optparse.OptionParser): + def insert_option_group( + self, idx: int, *args: Any, **kwargs: Any + ) -> optparse.OptionGroup: + """Insert an OptionGroup at a given position.""" + group = self.add_option_group(*args, **kwargs) + + self.option_groups.pop() + self.option_groups.insert(idx, group) + + return group + + @property + def option_list_all(self) -> List[optparse.Option]: + """Get a list of all options, including those in option groups.""" + res = self.option_list[:] + for i in self.option_groups: + res.extend(i.option_list) + + return res + + +class ConfigOptionParser(CustomOptionParser): + """Custom option parser which updates its defaults by checking the + configuration files and environmental variables""" + + def __init__( + self, + *args: Any, + name: str, + isolated: bool = False, + **kwargs: Any, + ) -> None: + self.name = name + self.config = Configuration(isolated) + + assert self.name + super().__init__(*args, **kwargs) + + def check_default(self, option: optparse.Option, key: str, val: Any) -> Any: + try: + return option.check_value(key, val) + except optparse.OptionValueError as exc: + print(f"An error occurred during configuration: {exc}") + sys.exit(3) + + def _get_ordered_configuration_items(self) -> Iterator[Tuple[str, Any]]: + # Configuration gives keys in an unordered manner. Order them. + override_order = ["global", self.name, ":env:"] + + # Pool the options into different groups + section_items: Dict[str, List[Tuple[str, Any]]] = { + name: [] for name in override_order + } + for section_key, val in self.config.items(): + # ignore empty values + if not val: + logger.debug( + "Ignoring configuration key '%s' as it's value is empty.", + section_key, + ) + continue + + section, key = section_key.split(".", 1) + if section in override_order: + section_items[section].append((key, val)) + + # Yield each group in their override order + for section in override_order: + for key, val in section_items[section]: + yield key, val + + def _update_defaults(self, defaults: Dict[str, Any]) -> Dict[str, Any]: + """Updates the given defaults with values from the config files and + the environ. Does a little special handling for certain types of + options (lists).""" + + # Accumulate complex default state. + self.values = optparse.Values(self.defaults) + late_eval = set() + # Then set the options with those values + for key, val in self._get_ordered_configuration_items(): + # '--' because configuration supports only long names + option = self.get_option("--" + key) + + # Ignore options not present in this parser. E.g. non-globals put + # in [global] by users that want them to apply to all applicable + # commands. + if option is None: + continue + + assert option.dest is not None + + if option.action in ("store_true", "store_false"): + try: + val = strtobool(val) + except ValueError: + self.error( + "{} is not a valid value for {} option, " # noqa + "please specify a boolean value like yes/no, " + "true/false or 1/0 instead.".format(val, key) + ) + elif option.action == "count": + with suppress(ValueError): + val = strtobool(val) + with suppress(ValueError): + val = int(val) + if not isinstance(val, int) or val < 0: + self.error( + "{} is not a valid value for {} option, " # noqa + "please instead specify either a non-negative integer " + "or a boolean value like yes/no or false/true " + "which is equivalent to 1/0.".format(val, key) + ) + elif option.action == "append": + val = val.split() + val = [self.check_default(option, key, v) for v in val] + elif option.action == "callback": + assert option.callback is not None + late_eval.add(option.dest) + opt_str = option.get_opt_string() + val = option.convert_value(opt_str, val) + # From take_action + args = option.callback_args or () + kwargs = option.callback_kwargs or {} + option.callback(option, opt_str, val, self, *args, **kwargs) + else: + val = self.check_default(option, key, val) + + defaults[option.dest] = val + + for key in late_eval: + defaults[key] = getattr(self.values, key) + self.values = None + return defaults + + def get_default_values(self) -> optparse.Values: + """Overriding to make updating the defaults after instantiation of + the option parser possible, _update_defaults() does the dirty work.""" + if not self.process_default_values: + # Old, pre-Optik 1.5 behaviour. + return optparse.Values(self.defaults) + + # Load the configuration, or error out in case of an error + try: + self.config.load() + except ConfigurationError as err: + self.exit(UNKNOWN_ERROR, str(err)) + + defaults = self._update_defaults(self.defaults.copy()) # ours + for option in self._get_all_options(): + assert option.dest is not None + default = defaults.get(option.dest) + if isinstance(default, str): + opt_str = option.get_opt_string() + defaults[option.dest] = option.check_value(opt_str, default) + return optparse.Values(defaults) + + def error(self, msg: str) -> None: + self.print_usage(sys.stderr) + self.exit(UNKNOWN_ERROR, f"{msg}\n") diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/progress_bars.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/progress_bars.py new file mode 100644 index 000000000..f3db29519 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/progress_bars.py @@ -0,0 +1,250 @@ +import itertools +import sys +from signal import SIGINT, default_int_handler, signal +from typing import Any + +from pip._vendor.progress.bar import Bar, FillingCirclesBar, IncrementalBar +from pip._vendor.progress.spinner import Spinner + +from pip._internal.utils.compat import WINDOWS +from pip._internal.utils.logging import get_indentation +from pip._internal.utils.misc import format_size + +try: + from pip._vendor import colorama +# Lots of different errors can come from this, including SystemError and +# ImportError. +except Exception: + colorama = None + + +def _select_progress_class(preferred: Bar, fallback: Bar) -> Bar: + encoding = getattr(preferred.file, "encoding", None) + + # If we don't know what encoding this file is in, then we'll just assume + # that it doesn't support unicode and use the ASCII bar. + if not encoding: + return fallback + + # Collect all of the possible characters we want to use with the preferred + # bar. + characters = [ + getattr(preferred, "empty_fill", ""), + getattr(preferred, "fill", ""), + ] + characters += list(getattr(preferred, "phases", [])) + + # Try to decode the characters we're using for the bar using the encoding + # of the given file, if this works then we'll assume that we can use the + # fancier bar and if not we'll fall back to the plaintext bar. + try: + "".join(characters).encode(encoding) + except UnicodeEncodeError: + return fallback + else: + return preferred + + +_BaseBar: Any = _select_progress_class(IncrementalBar, Bar) + + +class InterruptibleMixin: + """ + Helper to ensure that self.finish() gets called on keyboard interrupt. + + This allows downloads to be interrupted without leaving temporary state + (like hidden cursors) behind. + + This class is similar to the progress library's existing SigIntMixin + helper, but as of version 1.2, that helper has the following problems: + + 1. It calls sys.exit(). + 2. It discards the existing SIGINT handler completely. + 3. It leaves its own handler in place even after an uninterrupted finish, + which will have unexpected delayed effects if the user triggers an + unrelated keyboard interrupt some time after a progress-displaying + download has already completed, for example. + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + """ + Save the original SIGINT handler for later. + """ + # https://github.com/python/mypy/issues/5887 + super().__init__(*args, **kwargs) # type: ignore + + self.original_handler = signal(SIGINT, self.handle_sigint) + + # If signal() returns None, the previous handler was not installed from + # Python, and we cannot restore it. This probably should not happen, + # but if it does, we must restore something sensible instead, at least. + # The least bad option should be Python's default SIGINT handler, which + # just raises KeyboardInterrupt. + if self.original_handler is None: + self.original_handler = default_int_handler + + def finish(self) -> None: + """ + Restore the original SIGINT handler after finishing. + + This should happen regardless of whether the progress display finishes + normally, or gets interrupted. + """ + super().finish() # type: ignore + signal(SIGINT, self.original_handler) + + def handle_sigint(self, signum, frame): # type: ignore + """ + Call self.finish() before delegating to the original SIGINT handler. + + This handler should only be in place while the progress display is + active. + """ + self.finish() + self.original_handler(signum, frame) + + +class SilentBar(Bar): + def update(self) -> None: + pass + + +class BlueEmojiBar(IncrementalBar): + + suffix = "%(percent)d%%" + bar_prefix = " " + bar_suffix = " " + phases = ("\U0001F539", "\U0001F537", "\U0001F535") + + +class DownloadProgressMixin: + def __init__(self, *args: Any, **kwargs: Any) -> None: + # https://github.com/python/mypy/issues/5887 + super().__init__(*args, **kwargs) # type: ignore + self.message: str = (" " * (get_indentation() + 2)) + self.message + + @property + def downloaded(self) -> str: + return format_size(self.index) # type: ignore + + @property + def download_speed(self) -> str: + # Avoid zero division errors... + if self.avg == 0.0: # type: ignore + return "..." + return format_size(1 / self.avg) + "/s" # type: ignore + + @property + def pretty_eta(self) -> str: + if self.eta: # type: ignore + return f"eta {self.eta_td}" # type: ignore + return "" + + def iter(self, it): # type: ignore + for x in it: + yield x + # B305 is incorrectly raised here + # https://github.com/PyCQA/flake8-bugbear/issues/59 + self.next(len(x)) # noqa: B305 + self.finish() + + +class WindowsMixin: + def __init__(self, *args: Any, **kwargs: Any) -> None: + # The Windows terminal does not support the hide/show cursor ANSI codes + # even with colorama. So we'll ensure that hide_cursor is False on + # Windows. + # This call needs to go before the super() call, so that hide_cursor + # is set in time. The base progress bar class writes the "hide cursor" + # code to the terminal in its init, so if we don't set this soon + # enough, we get a "hide" with no corresponding "show"... + if WINDOWS and self.hide_cursor: # type: ignore + self.hide_cursor = False + + # https://github.com/python/mypy/issues/5887 + super().__init__(*args, **kwargs) # type: ignore + + # Check if we are running on Windows and we have the colorama module, + # if we do then wrap our file with it. + if WINDOWS and colorama: + self.file = colorama.AnsiToWin32(self.file) # type: ignore + # The progress code expects to be able to call self.file.isatty() + # but the colorama.AnsiToWin32() object doesn't have that, so we'll + # add it. + self.file.isatty = lambda: self.file.wrapped.isatty() + # The progress code expects to be able to call self.file.flush() + # but the colorama.AnsiToWin32() object doesn't have that, so we'll + # add it. + self.file.flush = lambda: self.file.wrapped.flush() + + +class BaseDownloadProgressBar(WindowsMixin, InterruptibleMixin, DownloadProgressMixin): + + file = sys.stdout + message = "%(percent)d%%" + suffix = "%(downloaded)s %(download_speed)s %(pretty_eta)s" + + +class DefaultDownloadProgressBar(BaseDownloadProgressBar, _BaseBar): + pass + + +class DownloadSilentBar(BaseDownloadProgressBar, SilentBar): + pass + + +class DownloadBar(BaseDownloadProgressBar, Bar): + pass + + +class DownloadFillingCirclesBar(BaseDownloadProgressBar, FillingCirclesBar): + pass + + +class DownloadBlueEmojiProgressBar(BaseDownloadProgressBar, BlueEmojiBar): + pass + + +class DownloadProgressSpinner( + WindowsMixin, InterruptibleMixin, DownloadProgressMixin, Spinner +): + + file = sys.stdout + suffix = "%(downloaded)s %(download_speed)s" + + def next_phase(self) -> str: + if not hasattr(self, "_phaser"): + self._phaser = itertools.cycle(self.phases) + return next(self._phaser) + + def update(self) -> None: + message = self.message % self + phase = self.next_phase() + suffix = self.suffix % self + line = "".join( + [ + message, + " " if message else "", + phase, + " " if suffix else "", + suffix, + ] + ) + + self.writeln(line) + + +BAR_TYPES = { + "off": (DownloadSilentBar, DownloadSilentBar), + "on": (DefaultDownloadProgressBar, DownloadProgressSpinner), + "ascii": (DownloadBar, DownloadProgressSpinner), + "pretty": (DownloadFillingCirclesBar, DownloadProgressSpinner), + "emoji": (DownloadBlueEmojiProgressBar, DownloadProgressSpinner), +} + + +def DownloadProgressProvider(progress_bar, max=None): # type: ignore + if max is None or max == 0: + return BAR_TYPES[progress_bar][1]().iter + else: + return BAR_TYPES[progress_bar][0](max=max).iter diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/req_command.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/req_command.py new file mode 100644 index 000000000..4129bf7e1 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/req_command.py @@ -0,0 +1,453 @@ +"""Contains the Command base classes that depend on PipSession. + +The classes in this module are in a separate module so the commands not +needing download / PackageFinder capability don't unnecessarily import the +PackageFinder machinery and all its vendored dependencies, etc. +""" + +import logging +import os +import sys +from functools import partial +from optparse import Values +from typing import Any, List, Optional, Tuple + +from pip._internal.cache import WheelCache +from pip._internal.cli import cmdoptions +from pip._internal.cli.base_command import Command +from pip._internal.cli.command_context import CommandContextMixIn +from pip._internal.exceptions import CommandError, PreviousBuildDirError +from pip._internal.index.collector import LinkCollector +from pip._internal.index.package_finder import PackageFinder +from pip._internal.models.selection_prefs import SelectionPreferences +from pip._internal.models.target_python import TargetPython +from pip._internal.network.session import PipSession +from pip._internal.operations.prepare import RequirementPreparer +from pip._internal.req.constructors import ( + install_req_from_editable, + install_req_from_line, + install_req_from_parsed_requirement, + install_req_from_req_string, +) +from pip._internal.req.req_file import parse_requirements +from pip._internal.req.req_install import InstallRequirement +from pip._internal.req.req_tracker import RequirementTracker +from pip._internal.resolution.base import BaseResolver +from pip._internal.self_outdated_check import pip_self_version_check +from pip._internal.utils.temp_dir import ( + TempDirectory, + TempDirectoryTypeRegistry, + tempdir_kinds, +) +from pip._internal.utils.virtualenv import running_under_virtualenv + +logger = logging.getLogger(__name__) + + +class SessionCommandMixin(CommandContextMixIn): + + """ + A class mixin for command classes needing _build_session(). + """ + + def __init__(self) -> None: + super().__init__() + self._session: Optional[PipSession] = None + + @classmethod + def _get_index_urls(cls, options: Values) -> Optional[List[str]]: + """Return a list of index urls from user-provided options.""" + index_urls = [] + if not getattr(options, "no_index", False): + url = getattr(options, "index_url", None) + if url: + index_urls.append(url) + urls = getattr(options, "extra_index_urls", None) + if urls: + index_urls.extend(urls) + # Return None rather than an empty list + return index_urls or None + + def get_default_session(self, options: Values) -> PipSession: + """Get a default-managed session.""" + if self._session is None: + self._session = self.enter_context(self._build_session(options)) + # there's no type annotation on requests.Session, so it's + # automatically ContextManager[Any] and self._session becomes Any, + # then https://github.com/python/mypy/issues/7696 kicks in + assert self._session is not None + return self._session + + def _build_session( + self, + options: Values, + retries: Optional[int] = None, + timeout: Optional[int] = None, + ) -> PipSession: + assert not options.cache_dir or os.path.isabs(options.cache_dir) + session = PipSession( + cache=( + os.path.join(options.cache_dir, "http") if options.cache_dir else None + ), + retries=retries if retries is not None else options.retries, + trusted_hosts=options.trusted_hosts, + index_urls=self._get_index_urls(options), + ) + + # Handle custom ca-bundles from the user + if options.cert: + session.verify = options.cert + + # Handle SSL client certificate + if options.client_cert: + session.cert = options.client_cert + + # Handle timeouts + if options.timeout or timeout: + session.timeout = timeout if timeout is not None else options.timeout + + # Handle configured proxies + if options.proxy: + session.proxies = { + "http": options.proxy, + "https": options.proxy, + } + + # Determine if we can prompt the user for authentication or not + session.auth.prompting = not options.no_input + + return session + + +class IndexGroupCommand(Command, SessionCommandMixin): + + """ + Abstract base class for commands with the index_group options. + + This also corresponds to the commands that permit the pip version check. + """ + + def handle_pip_version_check(self, options: Values) -> None: + """ + Do the pip version check if not disabled. + + This overrides the default behavior of not doing the check. + """ + # Make sure the index_group options are present. + assert hasattr(options, "no_index") + + if options.disable_pip_version_check or options.no_index: + return + + # Otherwise, check if we're using the latest version of pip available. + session = self._build_session( + options, retries=0, timeout=min(5, options.timeout) + ) + with session: + pip_self_version_check(session, options) + + +KEEPABLE_TEMPDIR_TYPES = [ + tempdir_kinds.BUILD_ENV, + tempdir_kinds.EPHEM_WHEEL_CACHE, + tempdir_kinds.REQ_BUILD, +] + + +def warn_if_run_as_root() -> None: + """Output a warning for sudo users on Unix. + + In a virtual environment, sudo pip still writes to virtualenv. + On Windows, users may run pip as Administrator without issues. + This warning only applies to Unix root users outside of virtualenv. + """ + if running_under_virtualenv(): + return + if not hasattr(os, "getuid"): + return + # On Windows, there are no "system managed" Python packages. Installing as + # Administrator via pip is the correct way of updating system environments. + # + # We choose sys.platform over utils.compat.WINDOWS here to enable Mypy platform + # checks: https://mypy.readthedocs.io/en/stable/common_issues.html + if sys.platform == "win32" or sys.platform == "cygwin": + return + if sys.platform == "darwin" or sys.platform == "linux": + if os.getuid() != 0: + return + logger.warning( + "Running pip as the 'root' user can result in broken permissions and " + "conflicting behaviour with the system package manager. " + "It is recommended to use a virtual environment instead: " + "https://pip.pypa.io/warnings/venv" + ) + + +def with_cleanup(func: Any) -> Any: + """Decorator for common logic related to managing temporary + directories. + """ + + def configure_tempdir_registry(registry: TempDirectoryTypeRegistry) -> None: + for t in KEEPABLE_TEMPDIR_TYPES: + registry.set_delete(t, False) + + def wrapper( + self: RequirementCommand, options: Values, args: List[Any] + ) -> Optional[int]: + assert self.tempdir_registry is not None + if options.no_clean: + configure_tempdir_registry(self.tempdir_registry) + + try: + return func(self, options, args) + except PreviousBuildDirError: + # This kind of conflict can occur when the user passes an explicit + # build directory with a pre-existing folder. In that case we do + # not want to accidentally remove it. + configure_tempdir_registry(self.tempdir_registry) + raise + + return wrapper + + +class RequirementCommand(IndexGroupCommand): + def __init__(self, *args: Any, **kw: Any) -> None: + super().__init__(*args, **kw) + + self.cmd_opts.add_option(cmdoptions.no_clean()) + + @staticmethod + def determine_resolver_variant(options: Values) -> str: + """Determines which resolver should be used, based on the given options.""" + if "legacy-resolver" in options.deprecated_features_enabled: + return "legacy" + + return "2020-resolver" + + @classmethod + def make_requirement_preparer( + cls, + temp_build_dir: TempDirectory, + options: Values, + req_tracker: RequirementTracker, + session: PipSession, + finder: PackageFinder, + use_user_site: bool, + download_dir: Optional[str] = None, + ) -> RequirementPreparer: + """ + Create a RequirementPreparer instance for the given parameters. + """ + temp_build_dir_path = temp_build_dir.path + assert temp_build_dir_path is not None + + resolver_variant = cls.determine_resolver_variant(options) + if resolver_variant == "2020-resolver": + lazy_wheel = "fast-deps" in options.features_enabled + if lazy_wheel: + logger.warning( + "pip is using lazily downloaded wheels using HTTP " + "range requests to obtain dependency information. " + "This experimental feature is enabled through " + "--use-feature=fast-deps and it is not ready for " + "production." + ) + else: + lazy_wheel = False + if "fast-deps" in options.features_enabled: + logger.warning( + "fast-deps has no effect when used with the legacy resolver." + ) + + return RequirementPreparer( + build_dir=temp_build_dir_path, + src_dir=options.src_dir, + download_dir=download_dir, + build_isolation=options.build_isolation, + req_tracker=req_tracker, + session=session, + progress_bar=options.progress_bar, + finder=finder, + require_hashes=options.require_hashes, + use_user_site=use_user_site, + lazy_wheel=lazy_wheel, + in_tree_build="in-tree-build" in options.features_enabled, + ) + + @classmethod + def make_resolver( + cls, + preparer: RequirementPreparer, + finder: PackageFinder, + options: Values, + wheel_cache: Optional[WheelCache] = None, + use_user_site: bool = False, + ignore_installed: bool = True, + ignore_requires_python: bool = False, + force_reinstall: bool = False, + upgrade_strategy: str = "to-satisfy-only", + use_pep517: Optional[bool] = None, + py_version_info: Optional[Tuple[int, ...]] = None, + ) -> BaseResolver: + """ + Create a Resolver instance for the given parameters. + """ + make_install_req = partial( + install_req_from_req_string, + isolated=options.isolated_mode, + use_pep517=use_pep517, + ) + resolver_variant = cls.determine_resolver_variant(options) + # The long import name and duplicated invocation is needed to convince + # Mypy into correctly typechecking. Otherwise it would complain the + # "Resolver" class being redefined. + if resolver_variant == "2020-resolver": + import pip._internal.resolution.resolvelib.resolver + + return pip._internal.resolution.resolvelib.resolver.Resolver( + preparer=preparer, + finder=finder, + wheel_cache=wheel_cache, + make_install_req=make_install_req, + use_user_site=use_user_site, + ignore_dependencies=options.ignore_dependencies, + ignore_installed=ignore_installed, + ignore_requires_python=ignore_requires_python, + force_reinstall=force_reinstall, + upgrade_strategy=upgrade_strategy, + py_version_info=py_version_info, + ) + import pip._internal.resolution.legacy.resolver + + return pip._internal.resolution.legacy.resolver.Resolver( + preparer=preparer, + finder=finder, + wheel_cache=wheel_cache, + make_install_req=make_install_req, + use_user_site=use_user_site, + ignore_dependencies=options.ignore_dependencies, + ignore_installed=ignore_installed, + ignore_requires_python=ignore_requires_python, + force_reinstall=force_reinstall, + upgrade_strategy=upgrade_strategy, + py_version_info=py_version_info, + ) + + def get_requirements( + self, + args: List[str], + options: Values, + finder: PackageFinder, + session: PipSession, + ) -> List[InstallRequirement]: + """ + Parse command-line arguments into the corresponding requirements. + """ + requirements: List[InstallRequirement] = [] + for filename in options.constraints: + for parsed_req in parse_requirements( + filename, + constraint=True, + finder=finder, + options=options, + session=session, + ): + req_to_add = install_req_from_parsed_requirement( + parsed_req, + isolated=options.isolated_mode, + user_supplied=False, + ) + requirements.append(req_to_add) + + for req in args: + req_to_add = install_req_from_line( + req, + None, + isolated=options.isolated_mode, + use_pep517=options.use_pep517, + user_supplied=True, + ) + requirements.append(req_to_add) + + for req in options.editables: + req_to_add = install_req_from_editable( + req, + user_supplied=True, + isolated=options.isolated_mode, + use_pep517=options.use_pep517, + ) + requirements.append(req_to_add) + + # NOTE: options.require_hashes may be set if --require-hashes is True + for filename in options.requirements: + for parsed_req in parse_requirements( + filename, finder=finder, options=options, session=session + ): + req_to_add = install_req_from_parsed_requirement( + parsed_req, + isolated=options.isolated_mode, + use_pep517=options.use_pep517, + user_supplied=True, + ) + requirements.append(req_to_add) + + # If any requirement has hash options, enable hash checking. + if any(req.has_hash_options for req in requirements): + options.require_hashes = True + + if not (args or options.editables or options.requirements): + opts = {"name": self.name} + if options.find_links: + raise CommandError( + "You must give at least one requirement to {name} " + '(maybe you meant "pip {name} {links}"?)'.format( + **dict(opts, links=" ".join(options.find_links)) + ) + ) + else: + raise CommandError( + "You must give at least one requirement to {name} " + '(see "pip help {name}")'.format(**opts) + ) + + return requirements + + @staticmethod + def trace_basic_info(finder: PackageFinder) -> None: + """ + Trace basic information about the provided objects. + """ + # Display where finder is looking for packages + search_scope = finder.search_scope + locations = search_scope.get_formatted_locations() + if locations: + logger.info(locations) + + def _build_package_finder( + self, + options: Values, + session: PipSession, + target_python: Optional[TargetPython] = None, + ignore_requires_python: Optional[bool] = None, + ) -> PackageFinder: + """ + Create a package finder appropriate to this requirement command. + + :param ignore_requires_python: Whether to ignore incompatible + "Requires-Python" values in links. Defaults to False. + """ + link_collector = LinkCollector.create(session, options=options) + selection_prefs = SelectionPreferences( + allow_yanked=True, + format_control=options.format_control, + allow_all_prereleases=options.pre, + prefer_binary=options.prefer_binary, + ignore_requires_python=ignore_requires_python, + ) + + return PackageFinder.create( + link_collector=link_collector, + selection_prefs=selection_prefs, + target_python=target_python, + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/spinners.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/spinners.py new file mode 100644 index 000000000..1e313e109 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/spinners.py @@ -0,0 +1,157 @@ +import contextlib +import itertools +import logging +import sys +import time +from typing import IO, Iterator + +from pip._vendor.progress import HIDE_CURSOR, SHOW_CURSOR + +from pip._internal.utils.compat import WINDOWS +from pip._internal.utils.logging import get_indentation + +logger = logging.getLogger(__name__) + + +class SpinnerInterface: + def spin(self) -> None: + raise NotImplementedError() + + def finish(self, final_status: str) -> None: + raise NotImplementedError() + + +class InteractiveSpinner(SpinnerInterface): + def __init__( + self, + message: str, + file: IO[str] = None, + spin_chars: str = "-\\|/", + # Empirically, 8 updates/second looks nice + min_update_interval_seconds: float = 0.125, + ): + self._message = message + if file is None: + file = sys.stdout + self._file = file + self._rate_limiter = RateLimiter(min_update_interval_seconds) + self._finished = False + + self._spin_cycle = itertools.cycle(spin_chars) + + self._file.write(" " * get_indentation() + self._message + " ... ") + self._width = 0 + + def _write(self, status: str) -> None: + assert not self._finished + # Erase what we wrote before by backspacing to the beginning, writing + # spaces to overwrite the old text, and then backspacing again + backup = "\b" * self._width + self._file.write(backup + " " * self._width + backup) + # Now we have a blank slate to add our status + self._file.write(status) + self._width = len(status) + self._file.flush() + self._rate_limiter.reset() + + def spin(self) -> None: + if self._finished: + return + if not self._rate_limiter.ready(): + return + self._write(next(self._spin_cycle)) + + def finish(self, final_status: str) -> None: + if self._finished: + return + self._write(final_status) + self._file.write("\n") + self._file.flush() + self._finished = True + + +# Used for dumb terminals, non-interactive installs (no tty), etc. +# We still print updates occasionally (once every 60 seconds by default) to +# act as a keep-alive for systems like Travis-CI that take lack-of-output as +# an indication that a task has frozen. +class NonInteractiveSpinner(SpinnerInterface): + def __init__(self, message: str, min_update_interval_seconds: float = 60.0) -> None: + self._message = message + self._finished = False + self._rate_limiter = RateLimiter(min_update_interval_seconds) + self._update("started") + + def _update(self, status: str) -> None: + assert not self._finished + self._rate_limiter.reset() + logger.info("%s: %s", self._message, status) + + def spin(self) -> None: + if self._finished: + return + if not self._rate_limiter.ready(): + return + self._update("still running...") + + def finish(self, final_status: str) -> None: + if self._finished: + return + self._update(f"finished with status '{final_status}'") + self._finished = True + + +class RateLimiter: + def __init__(self, min_update_interval_seconds: float) -> None: + self._min_update_interval_seconds = min_update_interval_seconds + self._last_update: float = 0 + + def ready(self) -> bool: + now = time.time() + delta = now - self._last_update + return delta >= self._min_update_interval_seconds + + def reset(self) -> None: + self._last_update = time.time() + + +@contextlib.contextmanager +def open_spinner(message: str) -> Iterator[SpinnerInterface]: + # Interactive spinner goes directly to sys.stdout rather than being routed + # through the logging system, but it acts like it has level INFO, + # i.e. it's only displayed if we're at level INFO or better. + # Non-interactive spinner goes through the logging system, so it is always + # in sync with logging configuration. + if sys.stdout.isatty() and logger.getEffectiveLevel() <= logging.INFO: + spinner: SpinnerInterface = InteractiveSpinner(message) + else: + spinner = NonInteractiveSpinner(message) + try: + with hidden_cursor(sys.stdout): + yield spinner + except KeyboardInterrupt: + spinner.finish("canceled") + raise + except Exception: + spinner.finish("error") + raise + else: + spinner.finish("done") + + +@contextlib.contextmanager +def hidden_cursor(file: IO[str]) -> Iterator[None]: + # The Windows terminal does not support the hide/show cursor ANSI codes, + # even via colorama. So don't even try. + if WINDOWS: + yield + # We don't want to clutter the output with control characters if we're + # writing to a file, or if the user is running with --quiet. + # See https://github.com/pypa/pip/issues/3418 + elif not file.isatty() or logger.getEffectiveLevel() > logging.INFO: + yield + else: + file.write(HIDE_CURSOR) + try: + yield + finally: + file.write(SHOW_CURSOR) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/status_codes.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/status_codes.py new file mode 100644 index 000000000..5e29502cd --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/cli/status_codes.py @@ -0,0 +1,6 @@ +SUCCESS = 0 +ERROR = 1 +UNKNOWN_ERROR = 2 +VIRTUALENV_NOT_FOUND = 3 +PREVIOUS_BUILD_DIR_ERROR = 4 +NO_MATCHES_FOUND = 23 diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/__init__.py new file mode 100644 index 000000000..8e94b38f7 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/__init__.py @@ -0,0 +1,112 @@ +""" +Package containing all pip commands +""" + +import importlib +from collections import OrderedDict, namedtuple +from typing import Any, Dict, Optional + +from pip._internal.cli.base_command import Command + +CommandInfo = namedtuple('CommandInfo', 'module_path, class_name, summary') + +# The ordering matters for help display. +# Also, even though the module path starts with the same +# "pip._internal.commands" prefix in each case, we include the full path +# because it makes testing easier (specifically when modifying commands_dict +# in test setup / teardown by adding info for a FakeCommand class defined +# in a test-related module). +# Finally, we need to pass an iterable of pairs here rather than a dict +# so that the ordering won't be lost when using Python 2.7. +commands_dict: Dict[str, CommandInfo] = OrderedDict([ + ('install', CommandInfo( + 'pip._internal.commands.install', 'InstallCommand', + 'Install packages.', + )), + ('download', CommandInfo( + 'pip._internal.commands.download', 'DownloadCommand', + 'Download packages.', + )), + ('uninstall', CommandInfo( + 'pip._internal.commands.uninstall', 'UninstallCommand', + 'Uninstall packages.', + )), + ('freeze', CommandInfo( + 'pip._internal.commands.freeze', 'FreezeCommand', + 'Output installed packages in requirements format.', + )), + ('list', CommandInfo( + 'pip._internal.commands.list', 'ListCommand', + 'List installed packages.', + )), + ('show', CommandInfo( + 'pip._internal.commands.show', 'ShowCommand', + 'Show information about installed packages.', + )), + ('check', CommandInfo( + 'pip._internal.commands.check', 'CheckCommand', + 'Verify installed packages have compatible dependencies.', + )), + ('config', CommandInfo( + 'pip._internal.commands.configuration', 'ConfigurationCommand', + 'Manage local and global configuration.', + )), + ('search', CommandInfo( + 'pip._internal.commands.search', 'SearchCommand', + 'Search PyPI for packages.', + )), + ('cache', CommandInfo( + 'pip._internal.commands.cache', 'CacheCommand', + "Inspect and manage pip's wheel cache.", + )), + ('index', CommandInfo( + 'pip._internal.commands.index', 'IndexCommand', + "Inspect information available from package indexes.", + )), + ('wheel', CommandInfo( + 'pip._internal.commands.wheel', 'WheelCommand', + 'Build wheels from your requirements.', + )), + ('hash', CommandInfo( + 'pip._internal.commands.hash', 'HashCommand', + 'Compute hashes of package archives.', + )), + ('completion', CommandInfo( + 'pip._internal.commands.completion', 'CompletionCommand', + 'A helper command used for command completion.', + )), + ('debug', CommandInfo( + 'pip._internal.commands.debug', 'DebugCommand', + 'Show information useful for debugging.', + )), + ('help', CommandInfo( + 'pip._internal.commands.help', 'HelpCommand', + 'Show help for commands.', + )), +]) + + +def create_command(name: str, **kwargs: Any) -> Command: + """ + Create an instance of the Command class with the given name. + """ + module_path, class_name, summary = commands_dict[name] + module = importlib.import_module(module_path) + command_class = getattr(module, class_name) + command = command_class(name=name, summary=summary, **kwargs) + + return command + + +def get_similar_commands(name: str) -> Optional[str]: + """Command name auto-correct.""" + from difflib import get_close_matches + + name = name.lower() + + close_commands = get_close_matches(name, commands_dict.keys()) + + if close_commands: + return close_commands[0] + else: + return None diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/cache.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/cache.py new file mode 100644 index 000000000..3a5bb9c88 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/cache.py @@ -0,0 +1,216 @@ +import os +import textwrap +from optparse import Values +from typing import Any, List + +import pip._internal.utils.filesystem as filesystem +from pip._internal.cli.base_command import Command +from pip._internal.cli.status_codes import ERROR, SUCCESS +from pip._internal.exceptions import CommandError, PipError +from pip._internal.utils.logging import getLogger + +logger = getLogger(__name__) + + +class CacheCommand(Command): + """ + Inspect and manage pip's wheel cache. + + Subcommands: + + - dir: Show the cache directory. + - info: Show information about the cache. + - list: List filenames of packages stored in the cache. + - remove: Remove one or more package from the cache. + - purge: Remove all items from the cache. + + ```` can be a glob expression or a package name. + """ + + ignore_require_venv = True + usage = """ + %prog dir + %prog info + %prog list [] [--format=[human, abspath]] + %prog remove + %prog purge + """ + + def add_options(self) -> None: + + self.cmd_opts.add_option( + '--format', + action='store', + dest='list_format', + default="human", + choices=('human', 'abspath'), + help="Select the output format among: human (default) or abspath" + ) + + self.parser.insert_option_group(0, self.cmd_opts) + + def run(self, options: Values, args: List[Any]) -> int: + handlers = { + "dir": self.get_cache_dir, + "info": self.get_cache_info, + "list": self.list_cache_items, + "remove": self.remove_cache_items, + "purge": self.purge_cache, + } + + if not options.cache_dir: + logger.error("pip cache commands can not " + "function since cache is disabled.") + return ERROR + + # Determine action + if not args or args[0] not in handlers: + logger.error( + "Need an action (%s) to perform.", + ", ".join(sorted(handlers)), + ) + return ERROR + + action = args[0] + + # Error handling happens here, not in the action-handlers. + try: + handlers[action](options, args[1:]) + except PipError as e: + logger.error(e.args[0]) + return ERROR + + return SUCCESS + + def get_cache_dir(self, options: Values, args: List[Any]) -> None: + if args: + raise CommandError('Too many arguments') + + logger.info(options.cache_dir) + + def get_cache_info(self, options: Values, args: List[Any]) -> None: + if args: + raise CommandError('Too many arguments') + + num_http_files = len(self._find_http_files(options)) + num_packages = len(self._find_wheels(options, '*')) + + http_cache_location = self._cache_dir(options, 'http') + wheels_cache_location = self._cache_dir(options, 'wheels') + http_cache_size = filesystem.format_directory_size(http_cache_location) + wheels_cache_size = filesystem.format_directory_size( + wheels_cache_location + ) + + message = textwrap.dedent(""" + Package index page cache location: {http_cache_location} + Package index page cache size: {http_cache_size} + Number of HTTP files: {num_http_files} + Wheels location: {wheels_cache_location} + Wheels size: {wheels_cache_size} + Number of wheels: {package_count} + """).format( + http_cache_location=http_cache_location, + http_cache_size=http_cache_size, + num_http_files=num_http_files, + wheels_cache_location=wheels_cache_location, + package_count=num_packages, + wheels_cache_size=wheels_cache_size, + ).strip() + + logger.info(message) + + def list_cache_items(self, options: Values, args: List[Any]) -> None: + if len(args) > 1: + raise CommandError('Too many arguments') + + if args: + pattern = args[0] + else: + pattern = '*' + + files = self._find_wheels(options, pattern) + if options.list_format == 'human': + self.format_for_human(files) + else: + self.format_for_abspath(files) + + def format_for_human(self, files: List[str]) -> None: + if not files: + logger.info('Nothing cached.') + return + + results = [] + for filename in files: + wheel = os.path.basename(filename) + size = filesystem.format_file_size(filename) + results.append(f' - {wheel} ({size})') + logger.info('Cache contents:\n') + logger.info('\n'.join(sorted(results))) + + def format_for_abspath(self, files: List[str]) -> None: + if not files: + return + + results = [] + for filename in files: + results.append(filename) + + logger.info('\n'.join(sorted(results))) + + def remove_cache_items(self, options: Values, args: List[Any]) -> None: + if len(args) > 1: + raise CommandError('Too many arguments') + + if not args: + raise CommandError('Please provide a pattern') + + files = self._find_wheels(options, args[0]) + + # Only fetch http files if no specific pattern given + if args[0] == '*': + files += self._find_http_files(options) + + if not files: + raise CommandError('No matching packages') + + for filename in files: + os.unlink(filename) + logger.verbose("Removed %s", filename) + logger.info("Files removed: %s", len(files)) + + def purge_cache(self, options: Values, args: List[Any]) -> None: + if args: + raise CommandError('Too many arguments') + + return self.remove_cache_items(options, ['*']) + + def _cache_dir(self, options: Values, subdir: str) -> str: + return os.path.join(options.cache_dir, subdir) + + def _find_http_files(self, options: Values) -> List[str]: + http_dir = self._cache_dir(options, 'http') + return filesystem.find_files(http_dir, '*') + + def _find_wheels(self, options: Values, pattern: str) -> List[str]: + wheel_dir = self._cache_dir(options, 'wheels') + + # The wheel filename format, as specified in PEP 427, is: + # {distribution}-{version}(-{build})?-{python}-{abi}-{platform}.whl + # + # Additionally, non-alphanumeric values in the distribution are + # normalized to underscores (_), meaning hyphens can never occur + # before `-{version}`. + # + # Given that information: + # - If the pattern we're given contains a hyphen (-), the user is + # providing at least the version. Thus, we can just append `*.whl` + # to match the rest of it. + # - If the pattern we're given doesn't contain a hyphen (-), the + # user is only providing the name. Thus, we append `-*.whl` to + # match the hyphen before the version, followed by anything else. + # + # PEP 427: https://www.python.org/dev/peps/pep-0427/ + pattern = pattern + ("*.whl" if "-" in pattern else "-*.whl") + + return filesystem.find_files(wheel_dir, pattern) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/check.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/check.py new file mode 100644 index 000000000..f9412a7a9 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/check.py @@ -0,0 +1,47 @@ +import logging +from optparse import Values +from typing import Any, List + +from pip._internal.cli.base_command import Command +from pip._internal.cli.status_codes import ERROR, SUCCESS +from pip._internal.operations.check import ( + check_package_set, + create_package_set_from_installed, +) +from pip._internal.utils.misc import write_output + +logger = logging.getLogger(__name__) + + +class CheckCommand(Command): + """Verify installed packages have compatible dependencies.""" + + usage = """ + %prog [options]""" + + def run(self, options: Values, args: List[Any]) -> int: + + package_set, parsing_probs = create_package_set_from_installed() + missing, conflicting = check_package_set(package_set) + + for project_name in missing: + version = package_set[project_name].version + for dependency in missing[project_name]: + write_output( + "%s %s requires %s, which is not installed.", + project_name, version, dependency[0], + ) + + for project_name in conflicting: + version = package_set[project_name].version + for dep_name, dep_version, req in conflicting[project_name]: + write_output( + "%s %s has requirement %s, but you have %s %s.", + project_name, version, req, dep_name, dep_version, + ) + + if missing or conflicting or parsing_probs: + return ERROR + else: + write_output("No broken requirements found.") + return SUCCESS diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/completion.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/completion.py new file mode 100644 index 000000000..9ce7888ef --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/completion.py @@ -0,0 +1,91 @@ +import sys +import textwrap +from optparse import Values +from typing import List + +from pip._internal.cli.base_command import Command +from pip._internal.cli.status_codes import SUCCESS +from pip._internal.utils.misc import get_prog + +BASE_COMPLETION = """ +# pip {shell} completion start{script}# pip {shell} completion end +""" + +COMPLETION_SCRIPTS = { + 'bash': """ + _pip_completion() + {{ + COMPREPLY=( $( COMP_WORDS="${{COMP_WORDS[*]}}" \\ + COMP_CWORD=$COMP_CWORD \\ + PIP_AUTO_COMPLETE=1 $1 2>/dev/null ) ) + }} + complete -o default -F _pip_completion {prog} + """, + 'zsh': """ + function _pip_completion {{ + local words cword + read -Ac words + read -cn cword + reply=( $( COMP_WORDS="$words[*]" \\ + COMP_CWORD=$(( cword-1 )) \\ + PIP_AUTO_COMPLETE=1 $words[1] 2>/dev/null )) + }} + compctl -K _pip_completion {prog} + """, + 'fish': """ + function __fish_complete_pip + set -lx COMP_WORDS (commandline -o) "" + set -lx COMP_CWORD ( \\ + math (contains -i -- (commandline -t) $COMP_WORDS)-1 \\ + ) + set -lx PIP_AUTO_COMPLETE 1 + string split \\ -- (eval $COMP_WORDS[1]) + end + complete -fa "(__fish_complete_pip)" -c {prog} + """, +} + + +class CompletionCommand(Command): + """A helper command to be used for command completion.""" + + ignore_require_venv = True + + def add_options(self) -> None: + self.cmd_opts.add_option( + '--bash', '-b', + action='store_const', + const='bash', + dest='shell', + help='Emit completion code for bash') + self.cmd_opts.add_option( + '--zsh', '-z', + action='store_const', + const='zsh', + dest='shell', + help='Emit completion code for zsh') + self.cmd_opts.add_option( + '--fish', '-f', + action='store_const', + const='fish', + dest='shell', + help='Emit completion code for fish') + + self.parser.insert_option_group(0, self.cmd_opts) + + def run(self, options: Values, args: List[str]) -> int: + """Prints the completion code of the given shell""" + shells = COMPLETION_SCRIPTS.keys() + shell_options = ['--' + shell for shell in sorted(shells)] + if options.shell in shells: + script = textwrap.dedent( + COMPLETION_SCRIPTS.get(options.shell, '').format( + prog=get_prog()) + ) + print(BASE_COMPLETION.format(script=script, shell=options.shell)) + return SUCCESS + else: + sys.stderr.write( + 'ERROR: You must pass {}\n' .format(' or '.join(shell_options)) + ) + return SUCCESS diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/configuration.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/configuration.py new file mode 100644 index 000000000..6e47b8732 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/configuration.py @@ -0,0 +1,266 @@ +import logging +import os +import subprocess +from optparse import Values +from typing import Any, List, Optional + +from pip._internal.cli.base_command import Command +from pip._internal.cli.status_codes import ERROR, SUCCESS +from pip._internal.configuration import ( + Configuration, + Kind, + get_configuration_files, + kinds, +) +from pip._internal.exceptions import PipError +from pip._internal.utils.logging import indent_log +from pip._internal.utils.misc import get_prog, write_output + +logger = logging.getLogger(__name__) + + +class ConfigurationCommand(Command): + """ + Manage local and global configuration. + + Subcommands: + + - list: List the active configuration (or from the file specified) + - edit: Edit the configuration file in an editor + - get: Get the value associated with name + - set: Set the name=value + - unset: Unset the value associated with name + - debug: List the configuration files and values defined under them + + If none of --user, --global and --site are passed, a virtual + environment configuration file is used if one is active and the file + exists. Otherwise, all modifications happen on the to the user file by + default. + """ + + ignore_require_venv = True + usage = """ + %prog [] list + %prog [] [--editor ] edit + + %prog [] get name + %prog [] set name value + %prog [] unset name + %prog [] debug + """ + + def add_options(self) -> None: + self.cmd_opts.add_option( + '--editor', + dest='editor', + action='store', + default=None, + help=( + 'Editor to use to edit the file. Uses VISUAL or EDITOR ' + 'environment variables if not provided.' + ) + ) + + self.cmd_opts.add_option( + '--global', + dest='global_file', + action='store_true', + default=False, + help='Use the system-wide configuration file only' + ) + + self.cmd_opts.add_option( + '--user', + dest='user_file', + action='store_true', + default=False, + help='Use the user configuration file only' + ) + + self.cmd_opts.add_option( + '--site', + dest='site_file', + action='store_true', + default=False, + help='Use the current environment configuration file only' + ) + + self.parser.insert_option_group(0, self.cmd_opts) + + def run(self, options: Values, args: List[str]) -> int: + handlers = { + "list": self.list_values, + "edit": self.open_in_editor, + "get": self.get_name, + "set": self.set_name_value, + "unset": self.unset_name, + "debug": self.list_config_values, + } + + # Determine action + if not args or args[0] not in handlers: + logger.error( + "Need an action (%s) to perform.", + ", ".join(sorted(handlers)), + ) + return ERROR + + action = args[0] + + # Determine which configuration files are to be loaded + # Depends on whether the command is modifying. + try: + load_only = self._determine_file( + options, need_value=(action in ["get", "set", "unset", "edit"]) + ) + except PipError as e: + logger.error(e.args[0]) + return ERROR + + # Load a new configuration + self.configuration = Configuration( + isolated=options.isolated_mode, load_only=load_only + ) + self.configuration.load() + + # Error handling happens here, not in the action-handlers. + try: + handlers[action](options, args[1:]) + except PipError as e: + logger.error(e.args[0]) + return ERROR + + return SUCCESS + + def _determine_file(self, options: Values, need_value: bool) -> Optional[Kind]: + file_options = [key for key, value in ( + (kinds.USER, options.user_file), + (kinds.GLOBAL, options.global_file), + (kinds.SITE, options.site_file), + ) if value] + + if not file_options: + if not need_value: + return None + # Default to user, unless there's a site file. + elif any( + os.path.exists(site_config_file) + for site_config_file in get_configuration_files()[kinds.SITE] + ): + return kinds.SITE + else: + return kinds.USER + elif len(file_options) == 1: + return file_options[0] + + raise PipError( + "Need exactly one file to operate upon " + "(--user, --site, --global) to perform." + ) + + def list_values(self, options: Values, args: List[str]) -> None: + self._get_n_args(args, "list", n=0) + + for key, value in sorted(self.configuration.items()): + write_output("%s=%r", key, value) + + def get_name(self, options: Values, args: List[str]) -> None: + key = self._get_n_args(args, "get [name]", n=1) + value = self.configuration.get_value(key) + + write_output("%s", value) + + def set_name_value(self, options: Values, args: List[str]) -> None: + key, value = self._get_n_args(args, "set [name] [value]", n=2) + self.configuration.set_value(key, value) + + self._save_configuration() + + def unset_name(self, options: Values, args: List[str]) -> None: + key = self._get_n_args(args, "unset [name]", n=1) + self.configuration.unset_value(key) + + self._save_configuration() + + def list_config_values(self, options: Values, args: List[str]) -> None: + """List config key-value pairs across different config files""" + self._get_n_args(args, "debug", n=0) + + self.print_env_var_values() + # Iterate over config files and print if they exist, and the + # key-value pairs present in them if they do + for variant, files in sorted(self.configuration.iter_config_files()): + write_output("%s:", variant) + for fname in files: + with indent_log(): + file_exists = os.path.exists(fname) + write_output("%s, exists: %r", + fname, file_exists) + if file_exists: + self.print_config_file_values(variant) + + def print_config_file_values(self, variant: Kind) -> None: + """Get key-value pairs from the file of a variant""" + for name, value in self.configuration.\ + get_values_in_config(variant).items(): + with indent_log(): + write_output("%s: %s", name, value) + + def print_env_var_values(self) -> None: + """Get key-values pairs present as environment variables""" + write_output("%s:", 'env_var') + with indent_log(): + for key, value in sorted(self.configuration.get_environ_vars()): + env_var = f'PIP_{key.upper()}' + write_output("%s=%r", env_var, value) + + def open_in_editor(self, options: Values, args: List[str]) -> None: + editor = self._determine_editor(options) + + fname = self.configuration.get_file_to_edit() + if fname is None: + raise PipError("Could not determine appropriate file.") + + try: + subprocess.check_call([editor, fname]) + except subprocess.CalledProcessError as e: + raise PipError( + "Editor Subprocess exited with exit code {}" + .format(e.returncode) + ) + + def _get_n_args(self, args: List[str], example: str, n: int) -> Any: + """Helper to make sure the command got the right number of arguments + """ + if len(args) != n: + msg = ( + 'Got unexpected number of arguments, expected {}. ' + '(example: "{} config {}")' + ).format(n, get_prog(), example) + raise PipError(msg) + + if n == 1: + return args[0] + else: + return args + + def _save_configuration(self) -> None: + # We successfully ran a modifying command. Need to save the + # configuration. + try: + self.configuration.save() + except Exception: + logger.exception( + "Unable to save configuration. Please report this as a bug." + ) + raise PipError("Internal Error.") + + def _determine_editor(self, options: Values) -> str: + if options.editor is not None: + return options.editor + elif "VISUAL" in os.environ: + return os.environ["VISUAL"] + elif "EDITOR" in os.environ: + return os.environ["EDITOR"] + else: + raise PipError("Could not determine editor to use.") diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/debug.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/debug.py new file mode 100644 index 000000000..b316b67bd --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/debug.py @@ -0,0 +1,204 @@ +import locale +import logging +import os +import sys +from optparse import Values +from types import ModuleType +from typing import Any, Dict, List, Optional + +import pip._vendor +from pip._vendor.certifi import where +from pip._vendor.packaging.version import parse as parse_version + +from pip import __file__ as pip_location +from pip._internal.cli import cmdoptions +from pip._internal.cli.base_command import Command +from pip._internal.cli.cmdoptions import make_target_python +from pip._internal.cli.status_codes import SUCCESS +from pip._internal.configuration import Configuration +from pip._internal.metadata import get_environment +from pip._internal.utils.logging import indent_log +from pip._internal.utils.misc import get_pip_version + +logger = logging.getLogger(__name__) + + +def show_value(name: str, value: Any) -> None: + logger.info('%s: %s', name, value) + + +def show_sys_implementation() -> None: + logger.info('sys.implementation:') + implementation_name = sys.implementation.name + with indent_log(): + show_value('name', implementation_name) + + +def create_vendor_txt_map() -> Dict[str, str]: + vendor_txt_path = os.path.join( + os.path.dirname(pip_location), + '_vendor', + 'vendor.txt' + ) + + with open(vendor_txt_path) as f: + # Purge non version specifying lines. + # Also, remove any space prefix or suffixes (including comments). + lines = [line.strip().split(' ', 1)[0] + for line in f.readlines() if '==' in line] + + # Transform into "module" -> version dict. + return dict(line.split('==', 1) for line in lines) # type: ignore + + +def get_module_from_module_name(module_name: str) -> ModuleType: + # Module name can be uppercase in vendor.txt for some reason... + module_name = module_name.lower() + # PATCH: setuptools is actually only pkg_resources. + if module_name == 'setuptools': + module_name = 'pkg_resources' + + __import__( + f'pip._vendor.{module_name}', + globals(), + locals(), + level=0 + ) + return getattr(pip._vendor, module_name) + + +def get_vendor_version_from_module(module_name: str) -> Optional[str]: + module = get_module_from_module_name(module_name) + version = getattr(module, '__version__', None) + + if not version: + # Try to find version in debundled module info. + env = get_environment([os.path.dirname(module.__file__)]) + dist = env.get_distribution(module_name) + if dist: + version = str(dist.version) + + return version + + +def show_actual_vendor_versions(vendor_txt_versions: Dict[str, str]) -> None: + """Log the actual version and print extra info if there is + a conflict or if the actual version could not be imported. + """ + for module_name, expected_version in vendor_txt_versions.items(): + extra_message = '' + actual_version = get_vendor_version_from_module(module_name) + if not actual_version: + extra_message = ' (Unable to locate actual module version, using'\ + ' vendor.txt specified version)' + actual_version = expected_version + elif parse_version(actual_version) != parse_version(expected_version): + extra_message = ' (CONFLICT: vendor.txt suggests version should'\ + ' be {})'.format(expected_version) + logger.info('%s==%s%s', module_name, actual_version, extra_message) + + +def show_vendor_versions() -> None: + logger.info('vendored library versions:') + + vendor_txt_versions = create_vendor_txt_map() + with indent_log(): + show_actual_vendor_versions(vendor_txt_versions) + + +def show_tags(options: Values) -> None: + tag_limit = 10 + + target_python = make_target_python(options) + tags = target_python.get_tags() + + # Display the target options that were explicitly provided. + formatted_target = target_python.format_given() + suffix = '' + if formatted_target: + suffix = f' (target: {formatted_target})' + + msg = 'Compatible tags: {}{}'.format(len(tags), suffix) + logger.info(msg) + + if options.verbose < 1 and len(tags) > tag_limit: + tags_limited = True + tags = tags[:tag_limit] + else: + tags_limited = False + + with indent_log(): + for tag in tags: + logger.info(str(tag)) + + if tags_limited: + msg = ( + '...\n' + '[First {tag_limit} tags shown. Pass --verbose to show all.]' + ).format(tag_limit=tag_limit) + logger.info(msg) + + +def ca_bundle_info(config: Configuration) -> str: + levels = set() + for key, _ in config.items(): + levels.add(key.split('.')[0]) + + if not levels: + return "Not specified" + + levels_that_override_global = ['install', 'wheel', 'download'] + global_overriding_level = [ + level for level in levels if level in levels_that_override_global + ] + if not global_overriding_level: + return 'global' + + if 'global' in levels: + levels.remove('global') + return ", ".join(levels) + + +class DebugCommand(Command): + """ + Display debug information. + """ + + usage = """ + %prog """ + ignore_require_venv = True + + def add_options(self) -> None: + cmdoptions.add_target_python_options(self.cmd_opts) + self.parser.insert_option_group(0, self.cmd_opts) + self.parser.config.load() + + def run(self, options: Values, args: List[str]) -> int: + logger.warning( + "This command is only meant for debugging. " + "Do not use this with automation for parsing and getting these " + "details, since the output and options of this command may " + "change without notice." + ) + show_value('pip version', get_pip_version()) + show_value('sys.version', sys.version) + show_value('sys.executable', sys.executable) + show_value('sys.getdefaultencoding', sys.getdefaultencoding()) + show_value('sys.getfilesystemencoding', sys.getfilesystemencoding()) + show_value( + 'locale.getpreferredencoding', locale.getpreferredencoding(), + ) + show_value('sys.platform', sys.platform) + show_sys_implementation() + + show_value("'cert' config value", ca_bundle_info(self.parser.config)) + show_value("REQUESTS_CA_BUNDLE", os.environ.get('REQUESTS_CA_BUNDLE')) + show_value("CURL_CA_BUNDLE", os.environ.get('CURL_CA_BUNDLE')) + show_value("pip._vendor.certifi.where()", where()) + show_value("pip._vendor.DEBUNDLED", pip._vendor.DEBUNDLED) + + show_vendor_versions() + + show_tags(options) + + return SUCCESS diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/download.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/download.py new file mode 100644 index 000000000..230264591 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/download.py @@ -0,0 +1,139 @@ +import logging +import os +from optparse import Values +from typing import List + +from pip._internal.cli import cmdoptions +from pip._internal.cli.cmdoptions import make_target_python +from pip._internal.cli.req_command import RequirementCommand, with_cleanup +from pip._internal.cli.status_codes import SUCCESS +from pip._internal.req.req_tracker import get_requirement_tracker +from pip._internal.utils.misc import ensure_dir, normalize_path, write_output +from pip._internal.utils.temp_dir import TempDirectory + +logger = logging.getLogger(__name__) + + +class DownloadCommand(RequirementCommand): + """ + Download packages from: + + - PyPI (and other indexes) using requirement specifiers. + - VCS project urls. + - Local project directories. + - Local or remote source archives. + + pip also supports downloading from "requirements files", which provide + an easy way to specify a whole environment to be downloaded. + """ + + usage = """ + %prog [options] [package-index-options] ... + %prog [options] -r [package-index-options] ... + %prog [options] ... + %prog [options] ... + %prog [options] ...""" + + def add_options(self) -> None: + self.cmd_opts.add_option(cmdoptions.constraints()) + self.cmd_opts.add_option(cmdoptions.requirements()) + self.cmd_opts.add_option(cmdoptions.build_dir()) + self.cmd_opts.add_option(cmdoptions.no_deps()) + self.cmd_opts.add_option(cmdoptions.global_options()) + self.cmd_opts.add_option(cmdoptions.no_binary()) + self.cmd_opts.add_option(cmdoptions.only_binary()) + self.cmd_opts.add_option(cmdoptions.prefer_binary()) + self.cmd_opts.add_option(cmdoptions.src()) + self.cmd_opts.add_option(cmdoptions.pre()) + self.cmd_opts.add_option(cmdoptions.require_hashes()) + self.cmd_opts.add_option(cmdoptions.progress_bar()) + self.cmd_opts.add_option(cmdoptions.no_build_isolation()) + self.cmd_opts.add_option(cmdoptions.use_pep517()) + self.cmd_opts.add_option(cmdoptions.no_use_pep517()) + self.cmd_opts.add_option(cmdoptions.ignore_requires_python()) + + self.cmd_opts.add_option( + '-d', '--dest', '--destination-dir', '--destination-directory', + dest='download_dir', + metavar='dir', + default=os.curdir, + help=("Download packages into ."), + ) + + cmdoptions.add_target_python_options(self.cmd_opts) + + index_opts = cmdoptions.make_option_group( + cmdoptions.index_group, + self.parser, + ) + + self.parser.insert_option_group(0, index_opts) + self.parser.insert_option_group(0, self.cmd_opts) + + @with_cleanup + def run(self, options: Values, args: List[str]) -> int: + + options.ignore_installed = True + # editable doesn't really make sense for `pip download`, but the bowels + # of the RequirementSet code require that property. + options.editables = [] + + cmdoptions.check_dist_restriction(options) + + options.download_dir = normalize_path(options.download_dir) + ensure_dir(options.download_dir) + + session = self.get_default_session(options) + + target_python = make_target_python(options) + finder = self._build_package_finder( + options=options, + session=session, + target_python=target_python, + ignore_requires_python=options.ignore_requires_python, + ) + + req_tracker = self.enter_context(get_requirement_tracker()) + + directory = TempDirectory( + delete=not options.no_clean, + kind="download", + globally_managed=True, + ) + + reqs = self.get_requirements(args, options, finder, session) + + preparer = self.make_requirement_preparer( + temp_build_dir=directory, + options=options, + req_tracker=req_tracker, + session=session, + finder=finder, + download_dir=options.download_dir, + use_user_site=False, + ) + + resolver = self.make_resolver( + preparer=preparer, + finder=finder, + options=options, + ignore_requires_python=options.ignore_requires_python, + py_version_info=options.python_version, + ) + + self.trace_basic_info(finder) + + requirement_set = resolver.resolve( + reqs, check_supported_wheels=True + ) + + downloaded: List[str] = [] + for req in requirement_set.requirements.values(): + if req.satisfied_by is None: + assert req.name is not None + preparer.save_linked_requirement(req) + downloaded.append(req.name) + if downloaded: + write_output('Successfully downloaded %s', ' '.join(downloaded)) + + return SUCCESS diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/freeze.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/freeze.py new file mode 100644 index 000000000..1ccc87525 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/freeze.py @@ -0,0 +1,84 @@ +import sys +from optparse import Values +from typing import List + +from pip._internal.cli import cmdoptions +from pip._internal.cli.base_command import Command +from pip._internal.cli.status_codes import SUCCESS +from pip._internal.operations.freeze import freeze +from pip._internal.utils.compat import stdlib_pkgs + +DEV_PKGS = {'pip', 'setuptools', 'distribute', 'wheel'} + + +class FreezeCommand(Command): + """ + Output installed packages in requirements format. + + packages are listed in a case-insensitive sorted order. + """ + + usage = """ + %prog [options]""" + log_streams = ("ext://sys.stderr", "ext://sys.stderr") + + def add_options(self) -> None: + self.cmd_opts.add_option( + '-r', '--requirement', + dest='requirements', + action='append', + default=[], + metavar='file', + help="Use the order in the given requirements file and its " + "comments when generating output. This option can be " + "used multiple times.") + self.cmd_opts.add_option( + '-l', '--local', + dest='local', + action='store_true', + default=False, + help='If in a virtualenv that has global access, do not output ' + 'globally-installed packages.') + self.cmd_opts.add_option( + '--user', + dest='user', + action='store_true', + default=False, + help='Only output packages installed in user-site.') + self.cmd_opts.add_option(cmdoptions.list_path()) + self.cmd_opts.add_option( + '--all', + dest='freeze_all', + action='store_true', + help='Do not skip these packages in the output:' + ' {}'.format(', '.join(DEV_PKGS))) + self.cmd_opts.add_option( + '--exclude-editable', + dest='exclude_editable', + action='store_true', + help='Exclude editable package from output.') + self.cmd_opts.add_option(cmdoptions.list_exclude()) + + self.parser.insert_option_group(0, self.cmd_opts) + + def run(self, options: Values, args: List[str]) -> int: + skip = set(stdlib_pkgs) + if not options.freeze_all: + skip.update(DEV_PKGS) + + if options.excludes: + skip.update(options.excludes) + + cmdoptions.check_list_path_option(options) + + for line in freeze( + requirement=options.requirements, + local_only=options.local, + user_only=options.user, + paths=options.path, + isolated=options.isolated_mode, + skip=skip, + exclude_editable=options.exclude_editable, + ): + sys.stdout.write(line + '\n') + return SUCCESS diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/hash.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/hash.py new file mode 100644 index 000000000..3e4c32f35 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/hash.py @@ -0,0 +1,55 @@ +import hashlib +import logging +import sys +from optparse import Values +from typing import List + +from pip._internal.cli.base_command import Command +from pip._internal.cli.status_codes import ERROR, SUCCESS +from pip._internal.utils.hashes import FAVORITE_HASH, STRONG_HASHES +from pip._internal.utils.misc import read_chunks, write_output + +logger = logging.getLogger(__name__) + + +class HashCommand(Command): + """ + Compute a hash of a local package archive. + + These can be used with --hash in a requirements file to do repeatable + installs. + """ + + usage = '%prog [options] ...' + ignore_require_venv = True + + def add_options(self) -> None: + self.cmd_opts.add_option( + '-a', '--algorithm', + dest='algorithm', + choices=STRONG_HASHES, + action='store', + default=FAVORITE_HASH, + help='The hash algorithm to use: one of {}'.format( + ', '.join(STRONG_HASHES))) + self.parser.insert_option_group(0, self.cmd_opts) + + def run(self, options: Values, args: List[str]) -> int: + if not args: + self.parser.print_usage(sys.stderr) + return ERROR + + algorithm = options.algorithm + for path in args: + write_output('%s:\n--hash=%s:%s', + path, algorithm, _hash_of_file(path, algorithm)) + return SUCCESS + + +def _hash_of_file(path: str, algorithm: str) -> str: + """Return the hash digest of a file.""" + with open(path, 'rb') as archive: + hash = hashlib.new(algorithm) + for chunk in read_chunks(archive): + hash.update(chunk) + return hash.hexdigest() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/help.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/help.py new file mode 100644 index 000000000..811ce89d5 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/help.py @@ -0,0 +1,41 @@ +from optparse import Values +from typing import List + +from pip._internal.cli.base_command import Command +from pip._internal.cli.status_codes import SUCCESS +from pip._internal.exceptions import CommandError + + +class HelpCommand(Command): + """Show help for commands""" + + usage = """ + %prog """ + ignore_require_venv = True + + def run(self, options: Values, args: List[str]) -> int: + from pip._internal.commands import ( + commands_dict, + create_command, + get_similar_commands, + ) + + try: + # 'pip help' with no args is handled by pip.__init__.parseopt() + cmd_name = args[0] # the command we need help for + except IndexError: + return SUCCESS + + if cmd_name not in commands_dict: + guess = get_similar_commands(cmd_name) + + msg = [f'unknown command "{cmd_name}"'] + if guess: + msg.append(f'maybe you meant "{guess}"') + + raise CommandError(' - '.join(msg)) + + command = create_command(cmd_name) + command.parser.print_help() + + return SUCCESS diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/index.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/index.py new file mode 100644 index 000000000..c505464f6 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/index.py @@ -0,0 +1,139 @@ +import logging +from optparse import Values +from typing import Any, Iterable, List, Optional, Union + +from pip._vendor.packaging.version import LegacyVersion, Version + +from pip._internal.cli import cmdoptions +from pip._internal.cli.req_command import IndexGroupCommand +from pip._internal.cli.status_codes import ERROR, SUCCESS +from pip._internal.commands.search import print_dist_installation_info +from pip._internal.exceptions import CommandError, DistributionNotFound, PipError +from pip._internal.index.collector import LinkCollector +from pip._internal.index.package_finder import PackageFinder +from pip._internal.models.selection_prefs import SelectionPreferences +from pip._internal.models.target_python import TargetPython +from pip._internal.network.session import PipSession +from pip._internal.utils.misc import write_output + +logger = logging.getLogger(__name__) + + +class IndexCommand(IndexGroupCommand): + """ + Inspect information available from package indexes. + """ + + usage = """ + %prog versions + """ + + def add_options(self) -> None: + cmdoptions.add_target_python_options(self.cmd_opts) + + self.cmd_opts.add_option(cmdoptions.ignore_requires_python()) + self.cmd_opts.add_option(cmdoptions.pre()) + self.cmd_opts.add_option(cmdoptions.no_binary()) + self.cmd_opts.add_option(cmdoptions.only_binary()) + + index_opts = cmdoptions.make_option_group( + cmdoptions.index_group, + self.parser, + ) + + self.parser.insert_option_group(0, index_opts) + self.parser.insert_option_group(0, self.cmd_opts) + + def run(self, options: Values, args: List[Any]) -> int: + handlers = { + "versions": self.get_available_package_versions, + } + + logger.warning( + "pip index is currently an experimental command. " + "It may be removed/changed in a future release " + "without prior warning." + ) + + # Determine action + if not args or args[0] not in handlers: + logger.error( + "Need an action (%s) to perform.", + ", ".join(sorted(handlers)), + ) + return ERROR + + action = args[0] + + # Error handling happens here, not in the action-handlers. + try: + handlers[action](options, args[1:]) + except PipError as e: + logger.error(e.args[0]) + return ERROR + + return SUCCESS + + def _build_package_finder( + self, + options: Values, + session: PipSession, + target_python: Optional[TargetPython] = None, + ignore_requires_python: Optional[bool] = None, + ) -> PackageFinder: + """ + Create a package finder appropriate to the index command. + """ + link_collector = LinkCollector.create(session, options=options) + + # Pass allow_yanked=False to ignore yanked versions. + selection_prefs = SelectionPreferences( + allow_yanked=False, + allow_all_prereleases=options.pre, + ignore_requires_python=ignore_requires_python, + ) + + return PackageFinder.create( + link_collector=link_collector, + selection_prefs=selection_prefs, + target_python=target_python, + ) + + def get_available_package_versions(self, options: Values, args: List[Any]) -> None: + if len(args) != 1: + raise CommandError('You need to specify exactly one argument') + + target_python = cmdoptions.make_target_python(options) + query = args[0] + + with self._build_session(options) as session: + finder = self._build_package_finder( + options=options, + session=session, + target_python=target_python, + ignore_requires_python=options.ignore_requires_python, + ) + + versions: Iterable[Union[LegacyVersion, Version]] = ( + candidate.version + for candidate in finder.find_all_candidates(query) + ) + + if not options.pre: + # Remove prereleases + versions = (version for version in versions + if not version.is_prerelease) + versions = set(versions) + + if not versions: + raise DistributionNotFound( + 'No matching distribution found for {}'.format(query)) + + formatted_versions = [str(ver) for ver in sorted( + versions, reverse=True)] + latest = formatted_versions[0] + + write_output('{} ({})'.format(query, latest)) + write_output('Available versions: {}'.format( + ', '.join(formatted_versions))) + print_dist_installation_info(query, latest) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/install.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/install.py new file mode 100644 index 000000000..02da0777a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/install.py @@ -0,0 +1,750 @@ +import errno +import operator +import os +import shutil +import site +from optparse import SUPPRESS_HELP, Values +from typing import Iterable, List, Optional + +from pip._vendor.packaging.utils import canonicalize_name + +from pip._internal.cache import WheelCache +from pip._internal.cli import cmdoptions +from pip._internal.cli.cmdoptions import make_target_python +from pip._internal.cli.req_command import ( + RequirementCommand, + warn_if_run_as_root, + with_cleanup, +) +from pip._internal.cli.status_codes import ERROR, SUCCESS +from pip._internal.exceptions import CommandError, InstallationError +from pip._internal.locations import get_scheme +from pip._internal.metadata import get_environment +from pip._internal.models.format_control import FormatControl +from pip._internal.operations.check import ConflictDetails, check_install_conflicts +from pip._internal.req import install_given_reqs +from pip._internal.req.req_install import InstallRequirement +from pip._internal.req.req_tracker import get_requirement_tracker +from pip._internal.utils.compat import WINDOWS +from pip._internal.utils.distutils_args import parse_distutils_args +from pip._internal.utils.filesystem import test_writable_dir +from pip._internal.utils.logging import getLogger +from pip._internal.utils.misc import ( + ensure_dir, + get_pip_version, + protect_pip_from_modification_on_windows, + write_output, +) +from pip._internal.utils.temp_dir import TempDirectory +from pip._internal.utils.virtualenv import ( + running_under_virtualenv, + virtualenv_no_global, +) +from pip._internal.wheel_builder import ( + BinaryAllowedPredicate, + build, + should_build_for_install_command, +) + +logger = getLogger(__name__) + + +def get_check_binary_allowed(format_control: FormatControl) -> BinaryAllowedPredicate: + def check_binary_allowed(req: InstallRequirement) -> bool: + canonical_name = canonicalize_name(req.name or "") + allowed_formats = format_control.get_allowed_formats(canonical_name) + return "binary" in allowed_formats + + return check_binary_allowed + + +class InstallCommand(RequirementCommand): + """ + Install packages from: + + - PyPI (and other indexes) using requirement specifiers. + - VCS project urls. + - Local project directories. + - Local or remote source archives. + + pip also supports installing from "requirements files", which provide + an easy way to specify a whole environment to be installed. + """ + + usage = """ + %prog [options] [package-index-options] ... + %prog [options] -r [package-index-options] ... + %prog [options] [-e] ... + %prog [options] [-e] ... + %prog [options] ...""" + + def add_options(self) -> None: + self.cmd_opts.add_option(cmdoptions.requirements()) + self.cmd_opts.add_option(cmdoptions.constraints()) + self.cmd_opts.add_option(cmdoptions.no_deps()) + self.cmd_opts.add_option(cmdoptions.pre()) + + self.cmd_opts.add_option(cmdoptions.editable()) + self.cmd_opts.add_option( + '-t', '--target', + dest='target_dir', + metavar='dir', + default=None, + help='Install packages into . ' + 'By default this will not replace existing files/folders in ' + '. Use --upgrade to replace existing packages in ' + 'with new versions.' + ) + cmdoptions.add_target_python_options(self.cmd_opts) + + self.cmd_opts.add_option( + '--user', + dest='use_user_site', + action='store_true', + help="Install to the Python user install directory for your " + "platform. Typically ~/.local/, or %APPDATA%\\Python on " + "Windows. (See the Python documentation for site.USER_BASE " + "for full details.)") + self.cmd_opts.add_option( + '--no-user', + dest='use_user_site', + action='store_false', + help=SUPPRESS_HELP) + self.cmd_opts.add_option( + '--root', + dest='root_path', + metavar='dir', + default=None, + help="Install everything relative to this alternate root " + "directory.") + self.cmd_opts.add_option( + '--prefix', + dest='prefix_path', + metavar='dir', + default=None, + help="Installation prefix where lib, bin and other top-level " + "folders are placed") + + self.cmd_opts.add_option(cmdoptions.build_dir()) + + self.cmd_opts.add_option(cmdoptions.src()) + + self.cmd_opts.add_option( + '-U', '--upgrade', + dest='upgrade', + action='store_true', + help='Upgrade all specified packages to the newest available ' + 'version. The handling of dependencies depends on the ' + 'upgrade-strategy used.' + ) + + self.cmd_opts.add_option( + '--upgrade-strategy', + dest='upgrade_strategy', + default='only-if-needed', + choices=['only-if-needed', 'eager'], + help='Determines how dependency upgrading should be handled ' + '[default: %default]. ' + '"eager" - dependencies are upgraded regardless of ' + 'whether the currently installed version satisfies the ' + 'requirements of the upgraded package(s). ' + '"only-if-needed" - are upgraded only when they do not ' + 'satisfy the requirements of the upgraded package(s).' + ) + + self.cmd_opts.add_option( + '--force-reinstall', + dest='force_reinstall', + action='store_true', + help='Reinstall all packages even if they are already ' + 'up-to-date.') + + self.cmd_opts.add_option( + '-I', '--ignore-installed', + dest='ignore_installed', + action='store_true', + help='Ignore the installed packages, overwriting them. ' + 'This can break your system if the existing package ' + 'is of a different version or was installed ' + 'with a different package manager!' + ) + + self.cmd_opts.add_option(cmdoptions.ignore_requires_python()) + self.cmd_opts.add_option(cmdoptions.no_build_isolation()) + self.cmd_opts.add_option(cmdoptions.use_pep517()) + self.cmd_opts.add_option(cmdoptions.no_use_pep517()) + + self.cmd_opts.add_option(cmdoptions.install_options()) + self.cmd_opts.add_option(cmdoptions.global_options()) + + self.cmd_opts.add_option( + "--compile", + action="store_true", + dest="compile", + default=True, + help="Compile Python source files to bytecode", + ) + + self.cmd_opts.add_option( + "--no-compile", + action="store_false", + dest="compile", + help="Do not compile Python source files to bytecode", + ) + + self.cmd_opts.add_option( + "--no-warn-script-location", + action="store_false", + dest="warn_script_location", + default=True, + help="Do not warn when installing scripts outside PATH", + ) + self.cmd_opts.add_option( + "--no-warn-conflicts", + action="store_false", + dest="warn_about_conflicts", + default=True, + help="Do not warn about broken dependencies", + ) + + self.cmd_opts.add_option(cmdoptions.no_binary()) + self.cmd_opts.add_option(cmdoptions.only_binary()) + self.cmd_opts.add_option(cmdoptions.prefer_binary()) + self.cmd_opts.add_option(cmdoptions.require_hashes()) + self.cmd_opts.add_option(cmdoptions.progress_bar()) + + index_opts = cmdoptions.make_option_group( + cmdoptions.index_group, + self.parser, + ) + + self.parser.insert_option_group(0, index_opts) + self.parser.insert_option_group(0, self.cmd_opts) + + @with_cleanup + def run(self, options: Values, args: List[str]) -> int: + if options.use_user_site and options.target_dir is not None: + raise CommandError("Can not combine '--user' and '--target'") + + cmdoptions.check_install_build_global(options) + upgrade_strategy = "to-satisfy-only" + if options.upgrade: + upgrade_strategy = options.upgrade_strategy + + cmdoptions.check_dist_restriction(options, check_target=True) + + install_options = options.install_options or [] + + logger.verbose("Using %s", get_pip_version()) + options.use_user_site = decide_user_install( + options.use_user_site, + prefix_path=options.prefix_path, + target_dir=options.target_dir, + root_path=options.root_path, + isolated_mode=options.isolated_mode, + ) + + target_temp_dir: Optional[TempDirectory] = None + target_temp_dir_path: Optional[str] = None + if options.target_dir: + options.ignore_installed = True + options.target_dir = os.path.abspath(options.target_dir) + if (os.path.exists(options.target_dir) and not + os.path.isdir(options.target_dir)): + raise CommandError( + "Target path exists but is not a directory, will not " + "continue." + ) + + # Create a target directory for using with the target option + target_temp_dir = TempDirectory(kind="target") + target_temp_dir_path = target_temp_dir.path + self.enter_context(target_temp_dir) + + global_options = options.global_options or [] + + session = self.get_default_session(options) + + target_python = make_target_python(options) + finder = self._build_package_finder( + options=options, + session=session, + target_python=target_python, + ignore_requires_python=options.ignore_requires_python, + ) + wheel_cache = WheelCache(options.cache_dir, options.format_control) + + req_tracker = self.enter_context(get_requirement_tracker()) + + directory = TempDirectory( + delete=not options.no_clean, + kind="install", + globally_managed=True, + ) + + try: + reqs = self.get_requirements(args, options, finder, session) + + reject_location_related_install_options( + reqs, options.install_options + ) + + preparer = self.make_requirement_preparer( + temp_build_dir=directory, + options=options, + req_tracker=req_tracker, + session=session, + finder=finder, + use_user_site=options.use_user_site, + ) + resolver = self.make_resolver( + preparer=preparer, + finder=finder, + options=options, + wheel_cache=wheel_cache, + use_user_site=options.use_user_site, + ignore_installed=options.ignore_installed, + ignore_requires_python=options.ignore_requires_python, + force_reinstall=options.force_reinstall, + upgrade_strategy=upgrade_strategy, + use_pep517=options.use_pep517, + ) + + self.trace_basic_info(finder) + + requirement_set = resolver.resolve( + reqs, check_supported_wheels=not options.target_dir + ) + + try: + pip_req = requirement_set.get_requirement("pip") + except KeyError: + modifying_pip = False + else: + # If we're not replacing an already installed pip, + # we're not modifying it. + modifying_pip = pip_req.satisfied_by is None + protect_pip_from_modification_on_windows( + modifying_pip=modifying_pip + ) + + check_binary_allowed = get_check_binary_allowed( + finder.format_control + ) + + reqs_to_build = [ + r for r in requirement_set.requirements.values() + if should_build_for_install_command( + r, check_binary_allowed + ) + ] + + _, build_failures = build( + reqs_to_build, + wheel_cache=wheel_cache, + verify=True, + build_options=[], + global_options=[], + ) + + # If we're using PEP 517, we cannot do a direct install + # so we fail here. + pep517_build_failure_names: List[str] = [ + r.name # type: ignore + for r in build_failures if r.use_pep517 + ] + if pep517_build_failure_names: + raise InstallationError( + "Could not build wheels for {} which use" + " PEP 517 and cannot be installed directly".format( + ", ".join(pep517_build_failure_names) + ) + ) + + # For now, we just warn about failures building legacy + # requirements, as we'll fall through to a direct + # install for those. + for r in build_failures: + if not r.use_pep517: + r.legacy_install_reason = 8368 + + to_install = resolver.get_installation_order( + requirement_set + ) + + # Check for conflicts in the package set we're installing. + conflicts: Optional[ConflictDetails] = None + should_warn_about_conflicts = ( + not options.ignore_dependencies and + options.warn_about_conflicts + ) + if should_warn_about_conflicts: + conflicts = self._determine_conflicts(to_install) + + # Don't warn about script install locations if + # --target or --prefix has been specified + warn_script_location = options.warn_script_location + if options.target_dir or options.prefix_path: + warn_script_location = False + + installed = install_given_reqs( + to_install, + install_options, + global_options, + root=options.root_path, + home=target_temp_dir_path, + prefix=options.prefix_path, + warn_script_location=warn_script_location, + use_user_site=options.use_user_site, + pycompile=options.compile, + ) + + lib_locations = get_lib_location_guesses( + user=options.use_user_site, + home=target_temp_dir_path, + root=options.root_path, + prefix=options.prefix_path, + isolated=options.isolated_mode, + ) + env = get_environment(lib_locations) + + installed.sort(key=operator.attrgetter('name')) + items = [] + for result in installed: + item = result.name + try: + installed_dist = env.get_distribution(item) + if installed_dist is not None: + item = f"{item}-{installed_dist.version}" + except Exception: + pass + items.append(item) + + if conflicts is not None: + self._warn_about_conflicts( + conflicts, + resolver_variant=self.determine_resolver_variant(options), + ) + + installed_desc = ' '.join(items) + if installed_desc: + write_output( + 'Successfully installed %s', installed_desc, + ) + except OSError as error: + show_traceback = (self.verbosity >= 1) + + message = create_os_error_message( + error, show_traceback, options.use_user_site, + ) + logger.error(message, exc_info=show_traceback) # noqa + + return ERROR + + if options.target_dir: + assert target_temp_dir + self._handle_target_dir( + options.target_dir, target_temp_dir, options.upgrade + ) + + warn_if_run_as_root() + return SUCCESS + + def _handle_target_dir( + self, target_dir: str, target_temp_dir: TempDirectory, upgrade: bool + ) -> None: + ensure_dir(target_dir) + + # Checking both purelib and platlib directories for installed + # packages to be moved to target directory + lib_dir_list = [] + + # Checking both purelib and platlib directories for installed + # packages to be moved to target directory + scheme = get_scheme('', home=target_temp_dir.path) + purelib_dir = scheme.purelib + platlib_dir = scheme.platlib + data_dir = scheme.data + + if os.path.exists(purelib_dir): + lib_dir_list.append(purelib_dir) + if os.path.exists(platlib_dir) and platlib_dir != purelib_dir: + lib_dir_list.append(platlib_dir) + if os.path.exists(data_dir): + lib_dir_list.append(data_dir) + + for lib_dir in lib_dir_list: + for item in os.listdir(lib_dir): + if lib_dir == data_dir: + ddir = os.path.join(data_dir, item) + if any(s.startswith(ddir) for s in lib_dir_list[:-1]): + continue + target_item_dir = os.path.join(target_dir, item) + if os.path.exists(target_item_dir): + if not upgrade: + logger.warning( + 'Target directory %s already exists. Specify ' + '--upgrade to force replacement.', + target_item_dir + ) + continue + if os.path.islink(target_item_dir): + logger.warning( + 'Target directory %s already exists and is ' + 'a link. pip will not automatically replace ' + 'links, please remove if replacement is ' + 'desired.', + target_item_dir + ) + continue + if os.path.isdir(target_item_dir): + shutil.rmtree(target_item_dir) + else: + os.remove(target_item_dir) + + shutil.move( + os.path.join(lib_dir, item), + target_item_dir + ) + + def _determine_conflicts( + self, to_install: List[InstallRequirement] + ) -> Optional[ConflictDetails]: + try: + return check_install_conflicts(to_install) + except Exception: + logger.exception( + "Error while checking for conflicts. Please file an issue on " + "pip's issue tracker: https://github.com/pypa/pip/issues/new" + ) + return None + + def _warn_about_conflicts( + self, conflict_details: ConflictDetails, resolver_variant: str + ) -> None: + package_set, (missing, conflicting) = conflict_details + if not missing and not conflicting: + return + + parts: List[str] = [] + if resolver_variant == "legacy": + parts.append( + "pip's legacy dependency resolver does not consider dependency " + "conflicts when selecting packages. This behaviour is the " + "source of the following dependency conflicts." + ) + else: + assert resolver_variant == "2020-resolver" + parts.append( + "pip's dependency resolver does not currently take into account " + "all the packages that are installed. This behaviour is the " + "source of the following dependency conflicts." + ) + + # NOTE: There is some duplication here, with commands/check.py + for project_name in missing: + version = package_set[project_name][0] + for dependency in missing[project_name]: + message = ( + "{name} {version} requires {requirement}, " + "which is not installed." + ).format( + name=project_name, + version=version, + requirement=dependency[1], + ) + parts.append(message) + + for project_name in conflicting: + version = package_set[project_name][0] + for dep_name, dep_version, req in conflicting[project_name]: + message = ( + "{name} {version} requires {requirement}, but {you} have " + "{dep_name} {dep_version} which is incompatible." + ).format( + name=project_name, + version=version, + requirement=req, + dep_name=dep_name, + dep_version=dep_version, + you=("you" if resolver_variant == "2020-resolver" else "you'll") + ) + parts.append(message) + + logger.critical("\n".join(parts)) + + +def get_lib_location_guesses( + user: bool = False, + home: Optional[str] = None, + root: Optional[str] = None, + isolated: bool = False, + prefix: Optional[str] = None +) -> List[str]: + scheme = get_scheme( + '', + user=user, + home=home, + root=root, + isolated=isolated, + prefix=prefix, + ) + return [scheme.purelib, scheme.platlib] + + +def site_packages_writable(root: Optional[str], isolated: bool) -> bool: + return all( + test_writable_dir(d) for d in set( + get_lib_location_guesses(root=root, isolated=isolated)) + ) + + +def decide_user_install( + use_user_site: Optional[bool], + prefix_path: Optional[str] = None, + target_dir: Optional[str] = None, + root_path: Optional[str] = None, + isolated_mode: bool = False, +) -> bool: + """Determine whether to do a user install based on the input options. + + If use_user_site is False, no additional checks are done. + If use_user_site is True, it is checked for compatibility with other + options. + If use_user_site is None, the default behaviour depends on the environment, + which is provided by the other arguments. + """ + # In some cases (config from tox), use_user_site can be set to an integer + # rather than a bool, which 'use_user_site is False' wouldn't catch. + if (use_user_site is not None) and (not use_user_site): + logger.debug("Non-user install by explicit request") + return False + + if use_user_site: + if prefix_path: + raise CommandError( + "Can not combine '--user' and '--prefix' as they imply " + "different installation locations" + ) + if virtualenv_no_global(): + raise InstallationError( + "Can not perform a '--user' install. User site-packages " + "are not visible in this virtualenv." + ) + logger.debug("User install by explicit request") + return True + + # If we are here, user installs have not been explicitly requested/avoided + assert use_user_site is None + + # user install incompatible with --prefix/--target + if prefix_path or target_dir: + logger.debug("Non-user install due to --prefix or --target option") + return False + + # If user installs are not enabled, choose a non-user install + if not site.ENABLE_USER_SITE: + logger.debug("Non-user install because user site-packages disabled") + return False + + # If we have permission for a non-user install, do that, + # otherwise do a user install. + if site_packages_writable(root=root_path, isolated=isolated_mode): + logger.debug("Non-user install because site-packages writeable") + return False + + logger.info("Defaulting to user installation because normal site-packages " + "is not writeable") + return True + + +def reject_location_related_install_options( + requirements: List[InstallRequirement], options: Optional[List[str]] +) -> None: + """If any location-changing --install-option arguments were passed for + requirements or on the command-line, then show a deprecation warning. + """ + def format_options(option_names: Iterable[str]) -> List[str]: + return ["--{}".format(name.replace("_", "-")) for name in option_names] + + offenders = [] + + for requirement in requirements: + install_options = requirement.install_options + location_options = parse_distutils_args(install_options) + if location_options: + offenders.append( + "{!r} from {}".format( + format_options(location_options.keys()), requirement + ) + ) + + if options: + location_options = parse_distutils_args(options) + if location_options: + offenders.append( + "{!r} from command line".format( + format_options(location_options.keys()) + ) + ) + + if not offenders: + return + + raise CommandError( + "Location-changing options found in --install-option: {}." + " This is unsupported, use pip-level options like --user," + " --prefix, --root, and --target instead.".format( + "; ".join(offenders) + ) + ) + + +def create_os_error_message( + error: OSError, show_traceback: bool, using_user_site: bool +) -> str: + """Format an error message for an OSError + + It may occur anytime during the execution of the install command. + """ + parts = [] + + # Mention the error if we are not going to show a traceback + parts.append("Could not install packages due to an OSError") + if not show_traceback: + parts.append(": ") + parts.append(str(error)) + else: + parts.append(".") + + # Spilt the error indication from a helper message (if any) + parts[-1] += "\n" + + # Suggest useful actions to the user: + # (1) using user site-packages or (2) verifying the permissions + if error.errno == errno.EACCES: + user_option_part = "Consider using the `--user` option" + permissions_part = "Check the permissions" + + if not running_under_virtualenv() and not using_user_site: + parts.extend([ + user_option_part, " or ", + permissions_part.lower(), + ]) + else: + parts.append(permissions_part) + parts.append(".\n") + + # Suggest the user to enable Long Paths if path length is + # more than 260 + if (WINDOWS and error.errno == errno.ENOENT and error.filename and + len(error.filename) > 260): + parts.append( + "HINT: This error might have occurred since " + "this system does not have Windows Long Path " + "support enabled. You can find information on " + "how to enable this at " + "https://pip.pypa.io/warnings/enable-long-paths\n" + ) + + return "".join(parts).strip() + "\n" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/list.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/list.py new file mode 100644 index 000000000..828889f49 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/list.py @@ -0,0 +1,337 @@ +import json +import logging +from optparse import Values +from typing import TYPE_CHECKING, Iterator, List, Optional, Sequence, Tuple, cast + +from pip._vendor.packaging.utils import canonicalize_name + +from pip._internal.cli import cmdoptions +from pip._internal.cli.req_command import IndexGroupCommand +from pip._internal.cli.status_codes import SUCCESS +from pip._internal.exceptions import CommandError +from pip._internal.index.collector import LinkCollector +from pip._internal.index.package_finder import PackageFinder +from pip._internal.metadata import BaseDistribution, get_environment +from pip._internal.models.selection_prefs import SelectionPreferences +from pip._internal.network.session import PipSession +from pip._internal.utils.misc import stdlib_pkgs, tabulate, write_output +from pip._internal.utils.parallel import map_multithread + +if TYPE_CHECKING: + from pip._internal.metadata.base import DistributionVersion + + class _DistWithLatestInfo(BaseDistribution): + """Give the distribution object a couple of extra fields. + + These will be populated during ``get_outdated()``. This is dirty but + makes the rest of the code much cleaner. + """ + latest_version: DistributionVersion + latest_filetype: str + + _ProcessedDists = Sequence[_DistWithLatestInfo] + + +logger = logging.getLogger(__name__) + + +class ListCommand(IndexGroupCommand): + """ + List installed packages, including editables. + + Packages are listed in a case-insensitive sorted order. + """ + + ignore_require_venv = True + usage = """ + %prog [options]""" + + def add_options(self) -> None: + self.cmd_opts.add_option( + '-o', '--outdated', + action='store_true', + default=False, + help='List outdated packages') + self.cmd_opts.add_option( + '-u', '--uptodate', + action='store_true', + default=False, + help='List uptodate packages') + self.cmd_opts.add_option( + '-e', '--editable', + action='store_true', + default=False, + help='List editable projects.') + self.cmd_opts.add_option( + '-l', '--local', + action='store_true', + default=False, + help=('If in a virtualenv that has global access, do not list ' + 'globally-installed packages.'), + ) + self.cmd_opts.add_option( + '--user', + dest='user', + action='store_true', + default=False, + help='Only output packages installed in user-site.') + self.cmd_opts.add_option(cmdoptions.list_path()) + self.cmd_opts.add_option( + '--pre', + action='store_true', + default=False, + help=("Include pre-release and development versions. By default, " + "pip only finds stable versions."), + ) + + self.cmd_opts.add_option( + '--format', + action='store', + dest='list_format', + default="columns", + choices=('columns', 'freeze', 'json'), + help="Select the output format among: columns (default), freeze, " + "or json", + ) + + self.cmd_opts.add_option( + '--not-required', + action='store_true', + dest='not_required', + help="List packages that are not dependencies of " + "installed packages.", + ) + + self.cmd_opts.add_option( + '--exclude-editable', + action='store_false', + dest='include_editable', + help='Exclude editable package from output.', + ) + self.cmd_opts.add_option( + '--include-editable', + action='store_true', + dest='include_editable', + help='Include editable package from output.', + default=True, + ) + self.cmd_opts.add_option(cmdoptions.list_exclude()) + index_opts = cmdoptions.make_option_group( + cmdoptions.index_group, self.parser + ) + + self.parser.insert_option_group(0, index_opts) + self.parser.insert_option_group(0, self.cmd_opts) + + def _build_package_finder( + self, options: Values, session: PipSession + ) -> PackageFinder: + """ + Create a package finder appropriate to this list command. + """ + link_collector = LinkCollector.create(session, options=options) + + # Pass allow_yanked=False to ignore yanked versions. + selection_prefs = SelectionPreferences( + allow_yanked=False, + allow_all_prereleases=options.pre, + ) + + return PackageFinder.create( + link_collector=link_collector, + selection_prefs=selection_prefs, + ) + + def run(self, options: Values, args: List[str]) -> int: + if options.outdated and options.uptodate: + raise CommandError( + "Options --outdated and --uptodate cannot be combined.") + + cmdoptions.check_list_path_option(options) + + skip = set(stdlib_pkgs) + if options.excludes: + skip.update(canonicalize_name(n) for n in options.excludes) + + packages: "_ProcessedDists" = [ + cast("_DistWithLatestInfo", d) + for d in get_environment(options.path).iter_installed_distributions( + local_only=options.local, + user_only=options.user, + editables_only=options.editable, + include_editables=options.include_editable, + skip=skip, + ) + ] + + # get_not_required must be called firstly in order to find and + # filter out all dependencies correctly. Otherwise a package + # can't be identified as requirement because some parent packages + # could be filtered out before. + if options.not_required: + packages = self.get_not_required(packages, options) + + if options.outdated: + packages = self.get_outdated(packages, options) + elif options.uptodate: + packages = self.get_uptodate(packages, options) + + self.output_package_listing(packages, options) + return SUCCESS + + def get_outdated( + self, packages: "_ProcessedDists", options: Values + ) -> "_ProcessedDists": + return [ + dist for dist in self.iter_packages_latest_infos(packages, options) + if dist.latest_version > dist.version + ] + + def get_uptodate( + self, packages: "_ProcessedDists", options: Values + ) -> "_ProcessedDists": + return [ + dist for dist in self.iter_packages_latest_infos(packages, options) + if dist.latest_version == dist.version + ] + + def get_not_required( + self, packages: "_ProcessedDists", options: Values + ) -> "_ProcessedDists": + dep_keys = { + canonicalize_name(dep.name) + for dist in packages + for dep in (dist.iter_dependencies() or ()) + } + + # Create a set to remove duplicate packages, and cast it to a list + # to keep the return type consistent with get_outdated and + # get_uptodate + return list({pkg for pkg in packages if pkg.canonical_name not in dep_keys}) + + def iter_packages_latest_infos( + self, packages: "_ProcessedDists", options: Values + ) -> Iterator["_DistWithLatestInfo"]: + with self._build_session(options) as session: + finder = self._build_package_finder(options, session) + + def latest_info( + dist: "_DistWithLatestInfo" + ) -> Optional["_DistWithLatestInfo"]: + all_candidates = finder.find_all_candidates(dist.canonical_name) + if not options.pre: + # Remove prereleases + all_candidates = [candidate for candidate in all_candidates + if not candidate.version.is_prerelease] + + evaluator = finder.make_candidate_evaluator( + project_name=dist.canonical_name, + ) + best_candidate = evaluator.sort_best_candidate(all_candidates) + if best_candidate is None: + return None + + remote_version = best_candidate.version + if best_candidate.link.is_wheel: + typ = 'wheel' + else: + typ = 'sdist' + dist.latest_version = remote_version + dist.latest_filetype = typ + return dist + + for dist in map_multithread(latest_info, packages): + if dist is not None: + yield dist + + def output_package_listing( + self, packages: "_ProcessedDists", options: Values + ) -> None: + packages = sorted( + packages, + key=lambda dist: dist.canonical_name, + ) + if options.list_format == 'columns' and packages: + data, header = format_for_columns(packages, options) + self.output_package_listing_columns(data, header) + elif options.list_format == 'freeze': + for dist in packages: + if options.verbose >= 1: + write_output("%s==%s (%s)", dist.raw_name, + dist.version, dist.location) + else: + write_output("%s==%s", dist.raw_name, dist.version) + elif options.list_format == 'json': + write_output(format_for_json(packages, options)) + + def output_package_listing_columns( + self, data: List[List[str]], header: List[str] + ) -> None: + # insert the header first: we need to know the size of column names + if len(data) > 0: + data.insert(0, header) + + pkg_strings, sizes = tabulate(data) + + # Create and add a separator. + if len(data) > 0: + pkg_strings.insert(1, " ".join(map(lambda x: '-' * x, sizes))) + + for val in pkg_strings: + write_output(val) + + +def format_for_columns( + pkgs: "_ProcessedDists", options: Values +) -> Tuple[List[List[str]], List[str]]: + """ + Convert the package data into something usable + by output_package_listing_columns. + """ + running_outdated = options.outdated + # Adjust the header for the `pip list --outdated` case. + if running_outdated: + header = ["Package", "Version", "Latest", "Type"] + else: + header = ["Package", "Version"] + + data = [] + if options.verbose >= 1 or any(x.editable for x in pkgs): + header.append("Location") + if options.verbose >= 1: + header.append("Installer") + + for proj in pkgs: + # if we're working on the 'outdated' list, separate out the + # latest_version and type + row = [proj.raw_name, str(proj.version)] + + if running_outdated: + row.append(str(proj.latest_version)) + row.append(proj.latest_filetype) + + if options.verbose >= 1 or proj.editable: + row.append(proj.location or "") + if options.verbose >= 1: + row.append(proj.installer) + + data.append(row) + + return data, header + + +def format_for_json(packages: "_ProcessedDists", options: Values) -> str: + data = [] + for dist in packages: + info = { + 'name': dist.raw_name, + 'version': str(dist.version), + } + if options.verbose >= 1: + info['location'] = dist.location or "" + info['installer'] = dist.installer + if options.outdated: + info['latest_version'] = str(dist.latest_version) + info['latest_filetype'] = dist.latest_filetype + data.append(info) + return json.dumps(data) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/search.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/search.py new file mode 100644 index 000000000..7a20ba1e4 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/search.py @@ -0,0 +1,164 @@ +import logging +import shutil +import sys +import textwrap +import xmlrpc.client +from collections import OrderedDict +from optparse import Values +from typing import TYPE_CHECKING, Dict, List, Optional + +from pip._vendor.packaging.version import parse as parse_version + +from pip._internal.cli.base_command import Command +from pip._internal.cli.req_command import SessionCommandMixin +from pip._internal.cli.status_codes import NO_MATCHES_FOUND, SUCCESS +from pip._internal.exceptions import CommandError +from pip._internal.metadata import get_default_environment +from pip._internal.models.index import PyPI +from pip._internal.network.xmlrpc import PipXmlrpcTransport +from pip._internal.utils.logging import indent_log +from pip._internal.utils.misc import write_output + +if TYPE_CHECKING: + from typing import TypedDict + + class TransformedHit(TypedDict): + name: str + summary: str + versions: List[str] + +logger = logging.getLogger(__name__) + + +class SearchCommand(Command, SessionCommandMixin): + """Search for PyPI packages whose name or summary contains .""" + + usage = """ + %prog [options] """ + ignore_require_venv = True + + def add_options(self) -> None: + self.cmd_opts.add_option( + '-i', '--index', + dest='index', + metavar='URL', + default=PyPI.pypi_url, + help='Base URL of Python Package Index (default %default)') + + self.parser.insert_option_group(0, self.cmd_opts) + + def run(self, options: Values, args: List[str]) -> int: + if not args: + raise CommandError('Missing required argument (search query).') + query = args + pypi_hits = self.search(query, options) + hits = transform_hits(pypi_hits) + + terminal_width = None + if sys.stdout.isatty(): + terminal_width = shutil.get_terminal_size()[0] + + print_results(hits, terminal_width=terminal_width) + if pypi_hits: + return SUCCESS + return NO_MATCHES_FOUND + + def search(self, query: List[str], options: Values) -> List[Dict[str, str]]: + index_url = options.index + + session = self.get_default_session(options) + + transport = PipXmlrpcTransport(index_url, session) + pypi = xmlrpc.client.ServerProxy(index_url, transport) + try: + hits = pypi.search({'name': query, 'summary': query}, 'or') + except xmlrpc.client.Fault as fault: + message = "XMLRPC request failed [code: {code}]\n{string}".format( + code=fault.faultCode, + string=fault.faultString, + ) + raise CommandError(message) + assert isinstance(hits, list) + return hits + + +def transform_hits(hits: List[Dict[str, str]]) -> List["TransformedHit"]: + """ + The list from pypi is really a list of versions. We want a list of + packages with the list of versions stored inline. This converts the + list from pypi into one we can use. + """ + packages: Dict[str, "TransformedHit"] = OrderedDict() + for hit in hits: + name = hit['name'] + summary = hit['summary'] + version = hit['version'] + + if name not in packages.keys(): + packages[name] = { + 'name': name, + 'summary': summary, + 'versions': [version], + } + else: + packages[name]['versions'].append(version) + + # if this is the highest version, replace summary and score + if version == highest_version(packages[name]['versions']): + packages[name]['summary'] = summary + + return list(packages.values()) + + +def print_dist_installation_info(name: str, latest: str) -> None: + env = get_default_environment() + dist = env.get_distribution(name) + if dist is not None: + with indent_log(): + if dist.version == latest: + write_output('INSTALLED: %s (latest)', dist.version) + else: + write_output('INSTALLED: %s', dist.version) + if parse_version(latest).pre: + write_output('LATEST: %s (pre-release; install' + ' with "pip install --pre")', latest) + else: + write_output('LATEST: %s', latest) + + +def print_results( + hits: List["TransformedHit"], + name_column_width: Optional[int] = None, + terminal_width: Optional[int] = None, +) -> None: + if not hits: + return + if name_column_width is None: + name_column_width = max([ + len(hit['name']) + len(highest_version(hit.get('versions', ['-']))) + for hit in hits + ]) + 4 + + for hit in hits: + name = hit['name'] + summary = hit['summary'] or '' + latest = highest_version(hit.get('versions', ['-'])) + if terminal_width is not None: + target_width = terminal_width - name_column_width - 5 + if target_width > 10: + # wrap and indent summary to fit terminal + summary_lines = textwrap.wrap(summary, target_width) + summary = ('\n' + ' ' * (name_column_width + 3)).join( + summary_lines) + + name_latest = f'{name} ({latest})' + line = f'{name_latest:{name_column_width}} - {summary}' + try: + write_output(line) + print_dist_installation_info(name, latest) + except UnicodeEncodeError: + pass + + +def highest_version(versions: List[str]) -> str: + return max(versions, key=parse_version) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/show.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/show.py new file mode 100644 index 000000000..5b2de39e5 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/show.py @@ -0,0 +1,234 @@ +import csv +import logging +import pathlib +from optparse import Values +from typing import Iterator, List, NamedTuple, Optional, Tuple + +from pip._vendor.packaging.utils import canonicalize_name + +from pip._internal.cli.base_command import Command +from pip._internal.cli.status_codes import ERROR, SUCCESS +from pip._internal.metadata import BaseDistribution, get_default_environment +from pip._internal.utils.misc import write_output + +logger = logging.getLogger(__name__) + + +class ShowCommand(Command): + """ + Show information about one or more installed packages. + + The output is in RFC-compliant mail header format. + """ + + usage = """ + %prog [options] ...""" + ignore_require_venv = True + + def add_options(self) -> None: + self.cmd_opts.add_option( + '-f', '--files', + dest='files', + action='store_true', + default=False, + help='Show the full list of installed files for each package.') + + self.parser.insert_option_group(0, self.cmd_opts) + + def run(self, options: Values, args: List[str]) -> int: + if not args: + logger.warning('ERROR: Please provide a package name or names.') + return ERROR + query = args + + results = search_packages_info(query) + if not print_results( + results, list_files=options.files, verbose=options.verbose): + return ERROR + return SUCCESS + + +class _PackageInfo(NamedTuple): + name: str + version: str + location: str + requires: List[str] + required_by: List[str] + installer: str + metadata_version: str + classifiers: List[str] + summary: str + homepage: str + author: str + author_email: str + license: str + entry_points: List[str] + files: Optional[List[str]] + + +def _covert_legacy_entry(entry: Tuple[str, ...], info: Tuple[str, ...]) -> str: + """Convert a legacy installed-files.txt path into modern RECORD path. + + The legacy format stores paths relative to the info directory, while the + modern format stores paths relative to the package root, e.g. the + site-packages directory. + + :param entry: Path parts of the installed-files.txt entry. + :param info: Path parts of the egg-info directory relative to package root. + :returns: The converted entry. + + For best compatibility with symlinks, this does not use ``abspath()`` or + ``Path.resolve()``, but tries to work with path parts: + + 1. While ``entry`` starts with ``..``, remove the equal amounts of parts + from ``info``; if ``info`` is empty, start appending ``..`` instead. + 2. Join the two directly. + """ + while entry and entry[0] == "..": + if not info or info[-1] == "..": + info += ("..",) + else: + info = info[:-1] + entry = entry[1:] + return str(pathlib.Path(*info, *entry)) + + +def search_packages_info(query: List[str]) -> Iterator[_PackageInfo]: + """ + Gather details from installed distributions. Print distribution name, + version, location, and installed files. Installed files requires a + pip generated 'installed-files.txt' in the distributions '.egg-info' + directory. + """ + env = get_default_environment() + + installed = { + dist.canonical_name: dist + for dist in env.iter_distributions() + } + query_names = [canonicalize_name(name) for name in query] + missing = sorted( + [name for name, pkg in zip(query, query_names) if pkg not in installed] + ) + if missing: + logger.warning('Package(s) not found: %s', ', '.join(missing)) + + def _get_requiring_packages(current_dist: BaseDistribution) -> List[str]: + return [ + dist.metadata["Name"] or "UNKNOWN" + for dist in installed.values() + if current_dist.canonical_name in { + canonicalize_name(d.name) for d in dist.iter_dependencies() + } + ] + + def _files_from_record(dist: BaseDistribution) -> Optional[Iterator[str]]: + try: + text = dist.read_text('RECORD') + except FileNotFoundError: + return None + # This extra Path-str cast normalizes entries. + return (str(pathlib.Path(row[0])) for row in csv.reader(text.splitlines())) + + def _files_from_legacy(dist: BaseDistribution) -> Optional[Iterator[str]]: + try: + text = dist.read_text('installed-files.txt') + except FileNotFoundError: + return None + paths = (p for p in text.splitlines(keepends=False) if p) + root = dist.location + info = dist.info_directory + if root is None or info is None: + return paths + try: + info_rel = pathlib.Path(info).relative_to(root) + except ValueError: # info is not relative to root. + return paths + if not info_rel.parts: # info *is* root. + return paths + return ( + _covert_legacy_entry(pathlib.Path(p).parts, info_rel.parts) + for p in paths + ) + + for query_name in query_names: + try: + dist = installed[query_name] + except KeyError: + continue + + try: + entry_points_text = dist.read_text('entry_points.txt') + entry_points = entry_points_text.splitlines(keepends=False) + except FileNotFoundError: + entry_points = [] + + files_iter = _files_from_record(dist) or _files_from_legacy(dist) + if files_iter is None: + files: Optional[List[str]] = None + else: + files = sorted(files_iter) + + metadata = dist.metadata + + yield _PackageInfo( + name=dist.raw_name, + version=str(dist.version), + location=dist.location or "", + requires=[req.name for req in dist.iter_dependencies()], + required_by=_get_requiring_packages(dist), + installer=dist.installer, + metadata_version=dist.metadata_version or "", + classifiers=metadata.get_all("Classifier", []), + summary=metadata.get("Summary", ""), + homepage=metadata.get("Home-page", ""), + author=metadata.get("Author", ""), + author_email=metadata.get("Author-email", ""), + license=metadata.get("License", ""), + entry_points=entry_points, + files=files, + ) + + +def print_results( + distributions: Iterator[_PackageInfo], + list_files: bool, + verbose: bool, +) -> bool: + """ + Print the information from installed distributions found. + """ + results_printed = False + for i, dist in enumerate(distributions): + results_printed = True + if i > 0: + write_output("---") + + write_output("Name: %s", dist.name) + write_output("Version: %s", dist.version) + write_output("Summary: %s", dist.summary) + write_output("Home-page: %s", dist.homepage) + write_output("Author: %s", dist.author) + write_output("Author-email: %s", dist.author_email) + write_output("License: %s", dist.license) + write_output("Location: %s", dist.location) + write_output("Requires: %s", ', '.join(dist.requires)) + write_output("Required-by: %s", ', '.join(dist.required_by)) + + if verbose: + write_output("Metadata-Version: %s", dist.metadata_version) + write_output("Installer: %s", dist.installer) + write_output("Classifiers:") + for classifier in dist.classifiers: + write_output(" %s", classifier) + write_output("Entry-points:") + for entry in dist.entry_points: + write_output(" %s", entry.strip()) + if list_files: + write_output("Files:") + if dist.files is None: + write_output("Cannot locate RECORD or installed-files.txt") + else: + for line in dist.files: + write_output(" %s", line.strip()) + return results_printed diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/uninstall.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/uninstall.py new file mode 100644 index 000000000..c590627ea --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/uninstall.py @@ -0,0 +1,100 @@ +import logging +from optparse import Values +from typing import List + +from pip._vendor.packaging.utils import canonicalize_name + +from pip._internal.cli.base_command import Command +from pip._internal.cli.req_command import SessionCommandMixin, warn_if_run_as_root +from pip._internal.cli.status_codes import SUCCESS +from pip._internal.exceptions import InstallationError +from pip._internal.req import parse_requirements +from pip._internal.req.constructors import ( + install_req_from_line, + install_req_from_parsed_requirement, +) +from pip._internal.utils.misc import protect_pip_from_modification_on_windows + +logger = logging.getLogger(__name__) + + +class UninstallCommand(Command, SessionCommandMixin): + """ + Uninstall packages. + + pip is able to uninstall most installed packages. Known exceptions are: + + - Pure distutils packages installed with ``python setup.py install``, which + leave behind no metadata to determine what files were installed. + - Script wrappers installed by ``python setup.py develop``. + """ + + usage = """ + %prog [options] ... + %prog [options] -r ...""" + + def add_options(self) -> None: + self.cmd_opts.add_option( + '-r', '--requirement', + dest='requirements', + action='append', + default=[], + metavar='file', + help='Uninstall all the packages listed in the given requirements ' + 'file. This option can be used multiple times.', + ) + self.cmd_opts.add_option( + '-y', '--yes', + dest='yes', + action='store_true', + help="Don't ask for confirmation of uninstall deletions.") + + self.parser.insert_option_group(0, self.cmd_opts) + + def run(self, options: Values, args: List[str]) -> int: + session = self.get_default_session(options) + + reqs_to_uninstall = {} + for name in args: + req = install_req_from_line( + name, isolated=options.isolated_mode, + ) + if req.name: + reqs_to_uninstall[canonicalize_name(req.name)] = req + else: + logger.warning( + "Invalid requirement: %r ignored -" + " the uninstall command expects named" + " requirements.", + name, + ) + for filename in options.requirements: + for parsed_req in parse_requirements( + filename, + options=options, + session=session): + req = install_req_from_parsed_requirement( + parsed_req, + isolated=options.isolated_mode + ) + if req.name: + reqs_to_uninstall[canonicalize_name(req.name)] = req + if not reqs_to_uninstall: + raise InstallationError( + f'You must give at least one requirement to {self.name} (see ' + f'"pip help {self.name}")' + ) + + protect_pip_from_modification_on_windows( + modifying_pip="pip" in reqs_to_uninstall + ) + + for req in reqs_to_uninstall.values(): + uninstall_pathset = req.uninstall( + auto_confirm=options.yes, verbose=self.verbosity > 0, + ) + if uninstall_pathset: + uninstall_pathset.commit() + + warn_if_run_as_root() + return SUCCESS diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/wheel.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/wheel.py new file mode 100644 index 000000000..c8bf4e25d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/commands/wheel.py @@ -0,0 +1,176 @@ +import logging +import os +import shutil +from optparse import Values +from typing import List + +from pip._internal.cache import WheelCache +from pip._internal.cli import cmdoptions +from pip._internal.cli.req_command import RequirementCommand, with_cleanup +from pip._internal.cli.status_codes import SUCCESS +from pip._internal.exceptions import CommandError +from pip._internal.req.req_install import InstallRequirement +from pip._internal.req.req_tracker import get_requirement_tracker +from pip._internal.utils.misc import ensure_dir, normalize_path +from pip._internal.utils.temp_dir import TempDirectory +from pip._internal.wheel_builder import build, should_build_for_wheel_command + +logger = logging.getLogger(__name__) + + +class WheelCommand(RequirementCommand): + """ + Build Wheel archives for your requirements and dependencies. + + Wheel is a built-package format, and offers the advantage of not + recompiling your software during every install. For more details, see the + wheel docs: https://wheel.readthedocs.io/en/latest/ + + Requirements: setuptools>=0.8, and wheel. + + 'pip wheel' uses the bdist_wheel setuptools extension from the wheel + package to build individual wheels. + + """ + + usage = """ + %prog [options] ... + %prog [options] -r ... + %prog [options] [-e] ... + %prog [options] [-e] ... + %prog [options] ...""" + + def add_options(self) -> None: + + self.cmd_opts.add_option( + '-w', '--wheel-dir', + dest='wheel_dir', + metavar='dir', + default=os.curdir, + help=("Build wheels into , where the default is the " + "current working directory."), + ) + self.cmd_opts.add_option(cmdoptions.no_binary()) + self.cmd_opts.add_option(cmdoptions.only_binary()) + self.cmd_opts.add_option(cmdoptions.prefer_binary()) + self.cmd_opts.add_option(cmdoptions.no_build_isolation()) + self.cmd_opts.add_option(cmdoptions.use_pep517()) + self.cmd_opts.add_option(cmdoptions.no_use_pep517()) + self.cmd_opts.add_option(cmdoptions.constraints()) + self.cmd_opts.add_option(cmdoptions.editable()) + self.cmd_opts.add_option(cmdoptions.requirements()) + self.cmd_opts.add_option(cmdoptions.src()) + self.cmd_opts.add_option(cmdoptions.ignore_requires_python()) + self.cmd_opts.add_option(cmdoptions.no_deps()) + self.cmd_opts.add_option(cmdoptions.build_dir()) + self.cmd_opts.add_option(cmdoptions.progress_bar()) + + self.cmd_opts.add_option( + '--no-verify', + dest='no_verify', + action='store_true', + default=False, + help="Don't verify if built wheel is valid.", + ) + + self.cmd_opts.add_option(cmdoptions.build_options()) + self.cmd_opts.add_option(cmdoptions.global_options()) + + self.cmd_opts.add_option( + '--pre', + action='store_true', + default=False, + help=("Include pre-release and development versions. By default, " + "pip only finds stable versions."), + ) + + self.cmd_opts.add_option(cmdoptions.require_hashes()) + + index_opts = cmdoptions.make_option_group( + cmdoptions.index_group, + self.parser, + ) + + self.parser.insert_option_group(0, index_opts) + self.parser.insert_option_group(0, self.cmd_opts) + + @with_cleanup + def run(self, options: Values, args: List[str]) -> int: + cmdoptions.check_install_build_global(options) + + session = self.get_default_session(options) + + finder = self._build_package_finder(options, session) + wheel_cache = WheelCache(options.cache_dir, options.format_control) + + options.wheel_dir = normalize_path(options.wheel_dir) + ensure_dir(options.wheel_dir) + + req_tracker = self.enter_context(get_requirement_tracker()) + + directory = TempDirectory( + delete=not options.no_clean, + kind="wheel", + globally_managed=True, + ) + + reqs = self.get_requirements(args, options, finder, session) + + preparer = self.make_requirement_preparer( + temp_build_dir=directory, + options=options, + req_tracker=req_tracker, + session=session, + finder=finder, + download_dir=options.wheel_dir, + use_user_site=False, + ) + + resolver = self.make_resolver( + preparer=preparer, + finder=finder, + options=options, + wheel_cache=wheel_cache, + ignore_requires_python=options.ignore_requires_python, + use_pep517=options.use_pep517, + ) + + self.trace_basic_info(finder) + + requirement_set = resolver.resolve( + reqs, check_supported_wheels=True + ) + + reqs_to_build: List[InstallRequirement] = [] + for req in requirement_set.requirements.values(): + if req.is_wheel: + preparer.save_linked_requirement(req) + elif should_build_for_wheel_command(req): + reqs_to_build.append(req) + + # build wheels + build_successes, build_failures = build( + reqs_to_build, + wheel_cache=wheel_cache, + verify=(not options.no_verify), + build_options=options.build_options or [], + global_options=options.global_options or [], + ) + for req in build_successes: + assert req.link and req.link.is_wheel + assert req.local_file_path + # copy from cache to target directory + try: + shutil.copy(req.local_file_path, options.wheel_dir) + except OSError as e: + logger.warning( + "Building wheel for %s failed: %s", + req.name, e, + ) + build_failures.append(req) + if len(build_failures) != 0: + raise CommandError( + "Failed to build one or more wheels" + ) + + return SUCCESS diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/configuration.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/configuration.py new file mode 100644 index 000000000..a4698ec1d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/configuration.py @@ -0,0 +1,403 @@ +"""Configuration management setup + +Some terminology: +- name + As written in config files. +- value + Value associated with a name +- key + Name combined with it's section (section.name) +- variant + A single word describing where the configuration key-value pair came from +""" + +import configparser +import locale +import logging +import os +import sys +from typing import Any, Dict, Iterable, List, NewType, Optional, Tuple + +from pip._internal.exceptions import ( + ConfigurationError, + ConfigurationFileCouldNotBeLoaded, +) +from pip._internal.utils import appdirs +from pip._internal.utils.compat import WINDOWS +from pip._internal.utils.misc import ensure_dir, enum + +RawConfigParser = configparser.RawConfigParser # Shorthand +Kind = NewType("Kind", str) + +CONFIG_BASENAME = 'pip.ini' if WINDOWS else 'pip.conf' +ENV_NAMES_IGNORED = "version", "help" + +# The kinds of configurations there are. +kinds = enum( + USER="user", # User Specific + GLOBAL="global", # System Wide + SITE="site", # [Virtual] Environment Specific + ENV="env", # from PIP_CONFIG_FILE + ENV_VAR="env-var", # from Environment Variables +) +OVERRIDE_ORDER = kinds.GLOBAL, kinds.USER, kinds.SITE, kinds.ENV, kinds.ENV_VAR +VALID_LOAD_ONLY = kinds.USER, kinds.GLOBAL, kinds.SITE + +logger = logging.getLogger(__name__) + + +# NOTE: Maybe use the optionx attribute to normalize keynames. +def _normalize_name(name): + # type: (str) -> str + """Make a name consistent regardless of source (environment or file) + """ + name = name.lower().replace('_', '-') + if name.startswith('--'): + name = name[2:] # only prefer long opts + return name + + +def _disassemble_key(name): + # type: (str) -> List[str] + if "." not in name: + error_message = ( + "Key does not contain dot separated section and key. " + "Perhaps you wanted to use 'global.{}' instead?" + ).format(name) + raise ConfigurationError(error_message) + return name.split(".", 1) + + +def get_configuration_files(): + # type: () -> Dict[Kind, List[str]] + global_config_files = [ + os.path.join(path, CONFIG_BASENAME) + for path in appdirs.site_config_dirs('pip') + ] + + site_config_file = os.path.join(sys.prefix, CONFIG_BASENAME) + legacy_config_file = os.path.join( + os.path.expanduser('~'), + 'pip' if WINDOWS else '.pip', + CONFIG_BASENAME, + ) + new_config_file = os.path.join( + appdirs.user_config_dir("pip"), CONFIG_BASENAME + ) + return { + kinds.GLOBAL: global_config_files, + kinds.SITE: [site_config_file], + kinds.USER: [legacy_config_file, new_config_file], + } + + +class Configuration: + """Handles management of configuration. + + Provides an interface to accessing and managing configuration files. + + This class converts provides an API that takes "section.key-name" style + keys and stores the value associated with it as "key-name" under the + section "section". + + This allows for a clean interface wherein the both the section and the + key-name are preserved in an easy to manage form in the configuration files + and the data stored is also nice. + """ + + def __init__(self, isolated, load_only=None): + # type: (bool, Optional[Kind]) -> None + super().__init__() + + if load_only is not None and load_only not in VALID_LOAD_ONLY: + raise ConfigurationError( + "Got invalid value for load_only - should be one of {}".format( + ", ".join(map(repr, VALID_LOAD_ONLY)) + ) + ) + self.isolated = isolated + self.load_only = load_only + + # Because we keep track of where we got the data from + self._parsers = { + variant: [] for variant in OVERRIDE_ORDER + } # type: Dict[Kind, List[Tuple[str, RawConfigParser]]] + self._config = { + variant: {} for variant in OVERRIDE_ORDER + } # type: Dict[Kind, Dict[str, Any]] + self._modified_parsers = [] # type: List[Tuple[str, RawConfigParser]] + + def load(self): + # type: () -> None + """Loads configuration from configuration files and environment + """ + self._load_config_files() + if not self.isolated: + self._load_environment_vars() + + def get_file_to_edit(self): + # type: () -> Optional[str] + """Returns the file with highest priority in configuration + """ + assert self.load_only is not None, \ + "Need to be specified a file to be editing" + + try: + return self._get_parser_to_modify()[0] + except IndexError: + return None + + def items(self): + # type: () -> Iterable[Tuple[str, Any]] + """Returns key-value pairs like dict.items() representing the loaded + configuration + """ + return self._dictionary.items() + + def get_value(self, key): + # type: (str) -> Any + """Get a value from the configuration. + """ + try: + return self._dictionary[key] + except KeyError: + raise ConfigurationError(f"No such key - {key}") + + def set_value(self, key, value): + # type: (str, Any) -> None + """Modify a value in the configuration. + """ + self._ensure_have_load_only() + + assert self.load_only + fname, parser = self._get_parser_to_modify() + + if parser is not None: + section, name = _disassemble_key(key) + + # Modify the parser and the configuration + if not parser.has_section(section): + parser.add_section(section) + parser.set(section, name, value) + + self._config[self.load_only][key] = value + self._mark_as_modified(fname, parser) + + def unset_value(self, key): + # type: (str) -> None + """Unset a value in the configuration.""" + self._ensure_have_load_only() + + assert self.load_only + if key not in self._config[self.load_only]: + raise ConfigurationError(f"No such key - {key}") + + fname, parser = self._get_parser_to_modify() + + if parser is not None: + section, name = _disassemble_key(key) + if not (parser.has_section(section) + and parser.remove_option(section, name)): + # The option was not removed. + raise ConfigurationError( + "Fatal Internal error [id=1]. Please report as a bug." + ) + + # The section may be empty after the option was removed. + if not parser.items(section): + parser.remove_section(section) + self._mark_as_modified(fname, parser) + + del self._config[self.load_only][key] + + def save(self): + # type: () -> None + """Save the current in-memory state. + """ + self._ensure_have_load_only() + + for fname, parser in self._modified_parsers: + logger.info("Writing to %s", fname) + + # Ensure directory exists. + ensure_dir(os.path.dirname(fname)) + + with open(fname, "w") as f: + parser.write(f) + + # + # Private routines + # + + def _ensure_have_load_only(self): + # type: () -> None + if self.load_only is None: + raise ConfigurationError("Needed a specific file to be modifying.") + logger.debug("Will be working with %s variant only", self.load_only) + + @property + def _dictionary(self): + # type: () -> Dict[str, Any] + """A dictionary representing the loaded configuration. + """ + # NOTE: Dictionaries are not populated if not loaded. So, conditionals + # are not needed here. + retval = {} + + for variant in OVERRIDE_ORDER: + retval.update(self._config[variant]) + + return retval + + def _load_config_files(self): + # type: () -> None + """Loads configuration from configuration files + """ + config_files = dict(self.iter_config_files()) + if config_files[kinds.ENV][0:1] == [os.devnull]: + logger.debug( + "Skipping loading configuration files due to " + "environment's PIP_CONFIG_FILE being os.devnull" + ) + return + + for variant, files in config_files.items(): + for fname in files: + # If there's specific variant set in `load_only`, load only + # that variant, not the others. + if self.load_only is not None and variant != self.load_only: + logger.debug( + "Skipping file '%s' (variant: %s)", fname, variant + ) + continue + + parser = self._load_file(variant, fname) + + # Keeping track of the parsers used + self._parsers[variant].append((fname, parser)) + + def _load_file(self, variant, fname): + # type: (Kind, str) -> RawConfigParser + logger.debug("For variant '%s', will try loading '%s'", variant, fname) + parser = self._construct_parser(fname) + + for section in parser.sections(): + items = parser.items(section) + self._config[variant].update(self._normalized_keys(section, items)) + + return parser + + def _construct_parser(self, fname): + # type: (str) -> RawConfigParser + parser = configparser.RawConfigParser() + # If there is no such file, don't bother reading it but create the + # parser anyway, to hold the data. + # Doing this is useful when modifying and saving files, where we don't + # need to construct a parser. + if os.path.exists(fname): + try: + parser.read(fname) + except UnicodeDecodeError: + # See https://github.com/pypa/pip/issues/4963 + raise ConfigurationFileCouldNotBeLoaded( + reason="contains invalid {} characters".format( + locale.getpreferredencoding(False) + ), + fname=fname, + ) + except configparser.Error as error: + # See https://github.com/pypa/pip/issues/4893 + raise ConfigurationFileCouldNotBeLoaded(error=error) + return parser + + def _load_environment_vars(self): + # type: () -> None + """Loads configuration from environment variables + """ + self._config[kinds.ENV_VAR].update( + self._normalized_keys(":env:", self.get_environ_vars()) + ) + + def _normalized_keys(self, section, items): + # type: (str, Iterable[Tuple[str, Any]]) -> Dict[str, Any] + """Normalizes items to construct a dictionary with normalized keys. + + This routine is where the names become keys and are made the same + regardless of source - configuration files or environment. + """ + normalized = {} + for name, val in items: + key = section + "." + _normalize_name(name) + normalized[key] = val + return normalized + + def get_environ_vars(self): + # type: () -> Iterable[Tuple[str, str]] + """Returns a generator with all environmental vars with prefix PIP_""" + for key, val in os.environ.items(): + if key.startswith("PIP_"): + name = key[4:].lower() + if name not in ENV_NAMES_IGNORED: + yield name, val + + # XXX: This is patched in the tests. + def iter_config_files(self): + # type: () -> Iterable[Tuple[Kind, List[str]]] + """Yields variant and configuration files associated with it. + + This should be treated like items of a dictionary. + """ + # SMELL: Move the conditions out of this function + + # environment variables have the lowest priority + config_file = os.environ.get('PIP_CONFIG_FILE', None) + if config_file is not None: + yield kinds.ENV, [config_file] + else: + yield kinds.ENV, [] + + config_files = get_configuration_files() + + # at the base we have any global configuration + yield kinds.GLOBAL, config_files[kinds.GLOBAL] + + # per-user configuration next + should_load_user_config = not self.isolated and not ( + config_file and os.path.exists(config_file) + ) + if should_load_user_config: + # The legacy config file is overridden by the new config file + yield kinds.USER, config_files[kinds.USER] + + # finally virtualenv configuration first trumping others + yield kinds.SITE, config_files[kinds.SITE] + + def get_values_in_config(self, variant): + # type: (Kind) -> Dict[str, Any] + """Get values present in a config file""" + return self._config[variant] + + def _get_parser_to_modify(self): + # type: () -> Tuple[str, RawConfigParser] + # Determine which parser to modify + assert self.load_only + parsers = self._parsers[self.load_only] + if not parsers: + # This should not happen if everything works correctly. + raise ConfigurationError( + "Fatal Internal error [id=2]. Please report as a bug." + ) + + # Use the highest priority parser. + return parsers[-1] + + # XXX: This is patched in the tests. + def _mark_as_modified(self, fname, parser): + # type: (str, RawConfigParser) -> None + file_parser_tuple = (fname, parser) + if file_parser_tuple not in self._modified_parsers: + self._modified_parsers.append(file_parser_tuple) + + def __repr__(self): + # type: () -> str + return f"{self.__class__.__name__}({self._dictionary!r})" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/__init__.py new file mode 100644 index 000000000..9a89a838b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/__init__.py @@ -0,0 +1,21 @@ +from pip._internal.distributions.base import AbstractDistribution +from pip._internal.distributions.sdist import SourceDistribution +from pip._internal.distributions.wheel import WheelDistribution +from pip._internal.req.req_install import InstallRequirement + + +def make_distribution_for_install_requirement( + install_req: InstallRequirement, +) -> AbstractDistribution: + """Returns a Distribution for the given InstallRequirement""" + # Editable requirements will always be source distributions. They use the + # legacy logic until we create a modern standard for them. + if install_req.editable: + return SourceDistribution(install_req) + + # If it's a wheel, it's a WheelDistribution + if install_req.is_wheel: + return WheelDistribution(install_req) + + # Otherwise, a SourceDistribution + return SourceDistribution(install_req) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/base.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/base.py new file mode 100644 index 000000000..fbdd5e411 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/base.py @@ -0,0 +1,38 @@ +import abc +from typing import Optional + +from pip._vendor.pkg_resources import Distribution + +from pip._internal.index.package_finder import PackageFinder +from pip._internal.req import InstallRequirement + + +class AbstractDistribution(metaclass=abc.ABCMeta): + """A base class for handling installable artifacts. + + The requirements for anything installable are as follows: + + - we must be able to determine the requirement name + (or we can't correctly handle the non-upgrade case). + + - for packages with setup requirements, we must also be able + to determine their requirements without installing additional + packages (for the same reason as run-time dependencies) + + - we must be able to create a Distribution object exposing the + above metadata. + """ + + def __init__(self, req: InstallRequirement) -> None: + super().__init__() + self.req = req + + @abc.abstractmethod + def get_pkg_resources_distribution(self) -> Optional[Distribution]: + raise NotImplementedError() + + @abc.abstractmethod + def prepare_distribution_metadata( + self, finder: PackageFinder, build_isolation: bool + ) -> None: + raise NotImplementedError() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/installed.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/installed.py new file mode 100644 index 000000000..0d452e27f --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/installed.py @@ -0,0 +1,22 @@ +from typing import Optional + +from pip._vendor.pkg_resources import Distribution + +from pip._internal.distributions.base import AbstractDistribution +from pip._internal.index.package_finder import PackageFinder + + +class InstalledDistribution(AbstractDistribution): + """Represents an installed package. + + This does not need any preparation as the required information has already + been computed. + """ + + def get_pkg_resources_distribution(self) -> Optional[Distribution]: + return self.req.satisfied_by + + def prepare_distribution_metadata( + self, finder: PackageFinder, build_isolation: bool + ) -> None: + pass diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/sdist.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/sdist.py new file mode 100644 index 000000000..596b516a5 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/sdist.py @@ -0,0 +1,95 @@ +import logging +from typing import Set, Tuple + +from pip._vendor.pkg_resources import Distribution + +from pip._internal.build_env import BuildEnvironment +from pip._internal.distributions.base import AbstractDistribution +from pip._internal.exceptions import InstallationError +from pip._internal.index.package_finder import PackageFinder +from pip._internal.utils.subprocess import runner_with_spinner_message + +logger = logging.getLogger(__name__) + + +class SourceDistribution(AbstractDistribution): + """Represents a source distribution. + + The preparation step for these needs metadata for the packages to be + generated, either using PEP 517 or using the legacy `setup.py egg_info`. + """ + + def get_pkg_resources_distribution(self) -> Distribution: + return self.req.get_dist() + + def prepare_distribution_metadata( + self, finder: PackageFinder, build_isolation: bool + ) -> None: + # Load pyproject.toml, to determine whether PEP 517 is to be used + self.req.load_pyproject_toml() + + # Set up the build isolation, if this requirement should be isolated + should_isolate = self.req.use_pep517 and build_isolation + if should_isolate: + self._setup_isolation(finder) + + self.req.prepare_metadata() + + def _setup_isolation(self, finder: PackageFinder) -> None: + def _raise_conflicts( + conflicting_with: str, conflicting_reqs: Set[Tuple[str, str]] + ) -> None: + format_string = ( + "Some build dependencies for {requirement} " + "conflict with {conflicting_with}: {description}." + ) + error_message = format_string.format( + requirement=self.req, + conflicting_with=conflicting_with, + description=", ".join( + f"{installed} is incompatible with {wanted}" + for installed, wanted in sorted(conflicting) + ), + ) + raise InstallationError(error_message) + + # Isolate in a BuildEnvironment and install the build-time + # requirements. + pyproject_requires = self.req.pyproject_requires + assert pyproject_requires is not None + + self.req.build_env = BuildEnvironment() + self.req.build_env.install_requirements( + finder, pyproject_requires, "overlay", "Installing build dependencies" + ) + conflicting, missing = self.req.build_env.check_requirements( + self.req.requirements_to_check + ) + if conflicting: + _raise_conflicts("PEP 517/518 supported requirements", conflicting) + if missing: + logger.warning( + "Missing build requirements in pyproject.toml for %s.", + self.req, + ) + logger.warning( + "The project does not specify a build backend, and " + "pip cannot fall back to setuptools without %s.", + " and ".join(map(repr, sorted(missing))), + ) + # Install any extra build dependencies that the backend requests. + # This must be done in a second pass, as the pyproject.toml + # dependencies must be installed before we can call the backend. + with self.req.build_env: + runner = runner_with_spinner_message("Getting requirements to build wheel") + backend = self.req.pep517_backend + assert backend is not None + with backend.subprocess_runner(runner): + reqs = backend.get_requires_for_build_wheel() + + conflicting, missing = self.req.build_env.check_requirements(reqs) + if conflicting: + _raise_conflicts("the backend dependencies", conflicting) + self.req.build_env.install_requirements( + finder, missing, "normal", "Installing backend dependencies" + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/wheel.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/wheel.py new file mode 100644 index 000000000..00a70b02d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/distributions/wheel.py @@ -0,0 +1,34 @@ +from zipfile import ZipFile + +from pip._vendor.pkg_resources import Distribution + +from pip._internal.distributions.base import AbstractDistribution +from pip._internal.index.package_finder import PackageFinder +from pip._internal.utils.wheel import pkg_resources_distribution_for_wheel + + +class WheelDistribution(AbstractDistribution): + """Represents a wheel distribution. + + This does not need any preparation as wheels can be directly unpacked. + """ + + def get_pkg_resources_distribution(self) -> Distribution: + """Loads the metadata from the wheel file into memory and returns a + Distribution that uses it, not relying on the wheel file or + requirement. + """ + # Set as part of preparation during download. + assert self.req.local_file_path + # Wheels are never unnamed. + assert self.req.name + + with ZipFile(self.req.local_file_path, allowZip64=True) as z: + return pkg_resources_distribution_for_wheel( + z, self.req.name, self.req.local_file_path + ) + + def prepare_distribution_metadata( + self, finder: PackageFinder, build_isolation: bool + ) -> None: + pass diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/exceptions.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/exceptions.py new file mode 100644 index 000000000..8aacf8120 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/exceptions.py @@ -0,0 +1,397 @@ +"""Exceptions used throughout package""" + +import configparser +from itertools import chain, groupby, repeat +from typing import TYPE_CHECKING, Dict, List, Optional + +from pip._vendor.pkg_resources import Distribution +from pip._vendor.requests.models import Request, Response + +if TYPE_CHECKING: + from hashlib import _Hash + + from pip._internal.req.req_install import InstallRequirement + + +class PipError(Exception): + """Base pip exception""" + + +class ConfigurationError(PipError): + """General exception in configuration""" + + +class InstallationError(PipError): + """General exception during installation""" + + +class UninstallationError(PipError): + """General exception during uninstallation""" + + +class NoneMetadataError(PipError): + """ + Raised when accessing "METADATA" or "PKG-INFO" metadata for a + pip._vendor.pkg_resources.Distribution object and + `dist.has_metadata('METADATA')` returns True but + `dist.get_metadata('METADATA')` returns None (and similarly for + "PKG-INFO"). + """ + + def __init__(self, dist, metadata_name): + # type: (Distribution, str) -> None + """ + :param dist: A Distribution object. + :param metadata_name: The name of the metadata being accessed + (can be "METADATA" or "PKG-INFO"). + """ + self.dist = dist + self.metadata_name = metadata_name + + def __str__(self): + # type: () -> str + # Use `dist` in the error message because its stringification + # includes more information, like the version and location. + return ( + 'None {} metadata found for distribution: {}'.format( + self.metadata_name, self.dist, + ) + ) + + +class UserInstallationInvalid(InstallationError): + """A --user install is requested on an environment without user site.""" + + def __str__(self): + # type: () -> str + return "User base directory is not specified" + + +class InvalidSchemeCombination(InstallationError): + def __str__(self): + # type: () -> str + before = ", ".join(str(a) for a in self.args[:-1]) + return f"Cannot set {before} and {self.args[-1]} together" + + +class DistributionNotFound(InstallationError): + """Raised when a distribution cannot be found to satisfy a requirement""" + + +class RequirementsFileParseError(InstallationError): + """Raised when a general error occurs parsing a requirements file line.""" + + +class BestVersionAlreadyInstalled(PipError): + """Raised when the most up-to-date version of a package is already + installed.""" + + +class BadCommand(PipError): + """Raised when virtualenv or a command is not found""" + + +class CommandError(PipError): + """Raised when there is an error in command-line arguments""" + + +class PreviousBuildDirError(PipError): + """Raised when there's a previous conflicting build directory""" + + +class NetworkConnectionError(PipError): + """HTTP connection error""" + + def __init__(self, error_msg, response=None, request=None): + # type: (str, Response, Request) -> None + """ + Initialize NetworkConnectionError with `request` and `response` + objects. + """ + self.response = response + self.request = request + self.error_msg = error_msg + if (self.response is not None and not self.request and + hasattr(response, 'request')): + self.request = self.response.request + super().__init__(error_msg, response, request) + + def __str__(self): + # type: () -> str + return str(self.error_msg) + + +class InvalidWheelFilename(InstallationError): + """Invalid wheel filename.""" + + +class UnsupportedWheel(InstallationError): + """Unsupported wheel.""" + + +class MetadataInconsistent(InstallationError): + """Built metadata contains inconsistent information. + + This is raised when the metadata contains values (e.g. name and version) + that do not match the information previously obtained from sdist filename + or user-supplied ``#egg=`` value. + """ + def __init__(self, ireq, field, f_val, m_val): + # type: (InstallRequirement, str, str, str) -> None + self.ireq = ireq + self.field = field + self.f_val = f_val + self.m_val = m_val + + def __str__(self): + # type: () -> str + template = ( + "Requested {} has inconsistent {}: " + "filename has {!r}, but metadata has {!r}" + ) + return template.format(self.ireq, self.field, self.f_val, self.m_val) + + +class InstallationSubprocessError(InstallationError): + """A subprocess call failed during installation.""" + def __init__(self, returncode, description): + # type: (int, str) -> None + self.returncode = returncode + self.description = description + + def __str__(self): + # type: () -> str + return ( + "Command errored out with exit status {}: {} " + "Check the logs for full command output." + ).format(self.returncode, self.description) + + +class HashErrors(InstallationError): + """Multiple HashError instances rolled into one for reporting""" + + def __init__(self): + # type: () -> None + self.errors = [] # type: List[HashError] + + def append(self, error): + # type: (HashError) -> None + self.errors.append(error) + + def __str__(self): + # type: () -> str + lines = [] + self.errors.sort(key=lambda e: e.order) + for cls, errors_of_cls in groupby(self.errors, lambda e: e.__class__): + lines.append(cls.head) + lines.extend(e.body() for e in errors_of_cls) + if lines: + return '\n'.join(lines) + return '' + + def __nonzero__(self): + # type: () -> bool + return bool(self.errors) + + def __bool__(self): + # type: () -> bool + return self.__nonzero__() + + +class HashError(InstallationError): + """ + A failure to verify a package against known-good hashes + + :cvar order: An int sorting hash exception classes by difficulty of + recovery (lower being harder), so the user doesn't bother fretting + about unpinned packages when he has deeper issues, like VCS + dependencies, to deal with. Also keeps error reports in a + deterministic order. + :cvar head: A section heading for display above potentially many + exceptions of this kind + :ivar req: The InstallRequirement that triggered this error. This is + pasted on after the exception is instantiated, because it's not + typically available earlier. + + """ + req = None # type: Optional[InstallRequirement] + head = '' + order = -1 # type: int + + def body(self): + # type: () -> str + """Return a summary of me for display under the heading. + + This default implementation simply prints a description of the + triggering requirement. + + :param req: The InstallRequirement that provoked this error, with + its link already populated by the resolver's _populate_link(). + + """ + return f' {self._requirement_name()}' + + def __str__(self): + # type: () -> str + return f'{self.head}\n{self.body()}' + + def _requirement_name(self): + # type: () -> str + """Return a description of the requirement that triggered me. + + This default implementation returns long description of the req, with + line numbers + + """ + return str(self.req) if self.req else 'unknown package' + + +class VcsHashUnsupported(HashError): + """A hash was provided for a version-control-system-based requirement, but + we don't have a method for hashing those.""" + + order = 0 + head = ("Can't verify hashes for these requirements because we don't " + "have a way to hash version control repositories:") + + +class DirectoryUrlHashUnsupported(HashError): + """A hash was provided for a version-control-system-based requirement, but + we don't have a method for hashing those.""" + + order = 1 + head = ("Can't verify hashes for these file:// requirements because they " + "point to directories:") + + +class HashMissing(HashError): + """A hash was needed for a requirement but is absent.""" + + order = 2 + head = ('Hashes are required in --require-hashes mode, but they are ' + 'missing from some requirements. Here is a list of those ' + 'requirements along with the hashes their downloaded archives ' + 'actually had. Add lines like these to your requirements files to ' + 'prevent tampering. (If you did not enable --require-hashes ' + 'manually, note that it turns on automatically when any package ' + 'has a hash.)') + + def __init__(self, gotten_hash): + # type: (str) -> None + """ + :param gotten_hash: The hash of the (possibly malicious) archive we + just downloaded + """ + self.gotten_hash = gotten_hash + + def body(self): + # type: () -> str + # Dodge circular import. + from pip._internal.utils.hashes import FAVORITE_HASH + + package = None + if self.req: + # In the case of URL-based requirements, display the original URL + # seen in the requirements file rather than the package name, + # so the output can be directly copied into the requirements file. + package = (self.req.original_link if self.req.original_link + # In case someone feeds something downright stupid + # to InstallRequirement's constructor. + else getattr(self.req, 'req', None)) + return ' {} --hash={}:{}'.format(package or 'unknown package', + FAVORITE_HASH, + self.gotten_hash) + + +class HashUnpinned(HashError): + """A requirement had a hash specified but was not pinned to a specific + version.""" + + order = 3 + head = ('In --require-hashes mode, all requirements must have their ' + 'versions pinned with ==. These do not:') + + +class HashMismatch(HashError): + """ + Distribution file hash values don't match. + + :ivar package_name: The name of the package that triggered the hash + mismatch. Feel free to write to this after the exception is raise to + improve its error message. + + """ + order = 4 + head = ('THESE PACKAGES DO NOT MATCH THE HASHES FROM THE REQUIREMENTS ' + 'FILE. If you have updated the package versions, please update ' + 'the hashes. Otherwise, examine the package contents carefully; ' + 'someone may have tampered with them.') + + def __init__(self, allowed, gots): + # type: (Dict[str, List[str]], Dict[str, _Hash]) -> None + """ + :param allowed: A dict of algorithm names pointing to lists of allowed + hex digests + :param gots: A dict of algorithm names pointing to hashes we + actually got from the files under suspicion + """ + self.allowed = allowed + self.gots = gots + + def body(self): + # type: () -> str + return ' {}:\n{}'.format(self._requirement_name(), + self._hash_comparison()) + + def _hash_comparison(self): + # type: () -> str + """ + Return a comparison of actual and expected hash values. + + Example:: + + Expected sha256 abcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcde + or 123451234512345123451234512345123451234512345 + Got bcdefbcdefbcdefbcdefbcdefbcdefbcdefbcdefbcdef + + """ + def hash_then_or(hash_name): + # type: (str) -> chain[str] + # For now, all the decent hashes have 6-char names, so we can get + # away with hard-coding space literals. + return chain([hash_name], repeat(' or')) + + lines = [] # type: List[str] + for hash_name, expecteds in self.allowed.items(): + prefix = hash_then_or(hash_name) + lines.extend((' Expected {} {}'.format(next(prefix), e)) + for e in expecteds) + lines.append(' Got {}\n'.format( + self.gots[hash_name].hexdigest())) + return '\n'.join(lines) + + +class UnsupportedPythonVersion(InstallationError): + """Unsupported python version according to Requires-Python package + metadata.""" + + +class ConfigurationFileCouldNotBeLoaded(ConfigurationError): + """When there are errors while loading a configuration file + """ + + def __init__(self, reason="could not be loaded", fname=None, error=None): + # type: (str, Optional[str], Optional[configparser.Error]) -> None + super().__init__(error) + self.reason = reason + self.fname = fname + self.error = error + + def __str__(self): + # type: () -> str + if self.fname is not None: + message_part = f" in {self.fname}." + else: + assert self.error is not None + message_part = f".\n{self.error}\n" + return f"Configuration file {self.reason}{message_part}" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/index/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/index/__init__.py new file mode 100644 index 000000000..7a17b7b3b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/index/__init__.py @@ -0,0 +1,2 @@ +"""Index interaction code +""" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/index/collector.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/index/collector.py new file mode 100644 index 000000000..14d745eef --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/index/collector.py @@ -0,0 +1,534 @@ +""" +The main purpose of this module is to expose LinkCollector.collect_sources(). +""" + +import cgi +import collections +import functools +import html +import itertools +import logging +import os +import re +import urllib.parse +import urllib.request +import xml.etree.ElementTree +from optparse import Values +from typing import ( + Callable, + Iterable, + List, + MutableMapping, + NamedTuple, + Optional, + Sequence, + Union, +) + +from pip._vendor import html5lib, requests +from pip._vendor.requests import Response +from pip._vendor.requests.exceptions import RetryError, SSLError + +from pip._internal.exceptions import NetworkConnectionError +from pip._internal.models.link import Link +from pip._internal.models.search_scope import SearchScope +from pip._internal.network.session import PipSession +from pip._internal.network.utils import raise_for_status +from pip._internal.utils.filetypes import is_archive_file +from pip._internal.utils.misc import pairwise, redact_auth_from_url +from pip._internal.vcs import vcs + +from .sources import CandidatesFromPage, LinkSource, build_source + +logger = logging.getLogger(__name__) + +HTMLElement = xml.etree.ElementTree.Element +ResponseHeaders = MutableMapping[str, str] + + +def _match_vcs_scheme(url: str) -> Optional[str]: + """Look for VCS schemes in the URL. + + Returns the matched VCS scheme, or None if there's no match. + """ + for scheme in vcs.schemes: + if url.lower().startswith(scheme) and url[len(scheme)] in '+:': + return scheme + return None + + +class _NotHTML(Exception): + def __init__(self, content_type: str, request_desc: str) -> None: + super().__init__(content_type, request_desc) + self.content_type = content_type + self.request_desc = request_desc + + +def _ensure_html_header(response: Response) -> None: + """Check the Content-Type header to ensure the response contains HTML. + + Raises `_NotHTML` if the content type is not text/html. + """ + content_type = response.headers.get("Content-Type", "") + if not content_type.lower().startswith("text/html"): + raise _NotHTML(content_type, response.request.method) + + +class _NotHTTP(Exception): + pass + + +def _ensure_html_response(url: str, session: PipSession) -> None: + """Send a HEAD request to the URL, and ensure the response contains HTML. + + Raises `_NotHTTP` if the URL is not available for a HEAD request, or + `_NotHTML` if the content type is not text/html. + """ + scheme, netloc, path, query, fragment = urllib.parse.urlsplit(url) + if scheme not in {'http', 'https'}: + raise _NotHTTP() + + resp = session.head(url, allow_redirects=True) + raise_for_status(resp) + + _ensure_html_header(resp) + + +def _get_html_response(url: str, session: PipSession) -> Response: + """Access an HTML page with GET, and return the response. + + This consists of three parts: + + 1. If the URL looks suspiciously like an archive, send a HEAD first to + check the Content-Type is HTML, to avoid downloading a large file. + Raise `_NotHTTP` if the content type cannot be determined, or + `_NotHTML` if it is not HTML. + 2. Actually perform the request. Raise HTTP exceptions on network failures. + 3. Check the Content-Type header to make sure we got HTML, and raise + `_NotHTML` otherwise. + """ + if is_archive_file(Link(url).filename): + _ensure_html_response(url, session=session) + + logger.debug('Getting page %s', redact_auth_from_url(url)) + + resp = session.get( + url, + headers={ + "Accept": "text/html", + # We don't want to blindly returned cached data for + # /simple/, because authors generally expecting that + # twine upload && pip install will function, but if + # they've done a pip install in the last ~10 minutes + # it won't. Thus by setting this to zero we will not + # blindly use any cached data, however the benefit of + # using max-age=0 instead of no-cache, is that we will + # still support conditional requests, so we will still + # minimize traffic sent in cases where the page hasn't + # changed at all, we will just always incur the round + # trip for the conditional GET now instead of only + # once per 10 minutes. + # For more information, please see pypa/pip#5670. + "Cache-Control": "max-age=0", + }, + ) + raise_for_status(resp) + + # The check for archives above only works if the url ends with + # something that looks like an archive. However that is not a + # requirement of an url. Unless we issue a HEAD request on every + # url we cannot know ahead of time for sure if something is HTML + # or not. However we can check after we've downloaded it. + _ensure_html_header(resp) + + return resp + + +def _get_encoding_from_headers(headers: ResponseHeaders) -> Optional[str]: + """Determine if we have any encoding information in our headers. + """ + if headers and "Content-Type" in headers: + content_type, params = cgi.parse_header(headers["Content-Type"]) + if "charset" in params: + return params['charset'] + return None + + +def _determine_base_url(document: HTMLElement, page_url: str) -> str: + """Determine the HTML document's base URL. + + This looks for a ```` tag in the HTML document. If present, its href + attribute denotes the base URL of anchor tags in the document. If there is + no such tag (or if it does not have a valid href attribute), the HTML + file's URL is used as the base URL. + + :param document: An HTML document representation. The current + implementation expects the result of ``html5lib.parse()``. + :param page_url: The URL of the HTML document. + """ + for base in document.findall(".//base"): + href = base.get("href") + if href is not None: + return href + return page_url + + +def _clean_url_path_part(part: str) -> str: + """ + Clean a "part" of a URL path (i.e. after splitting on "@" characters). + """ + # We unquote prior to quoting to make sure nothing is double quoted. + return urllib.parse.quote(urllib.parse.unquote(part)) + + +def _clean_file_url_path(part: str) -> str: + """ + Clean the first part of a URL path that corresponds to a local + filesystem path (i.e. the first part after splitting on "@" characters). + """ + # We unquote prior to quoting to make sure nothing is double quoted. + # Also, on Windows the path part might contain a drive letter which + # should not be quoted. On Linux where drive letters do not + # exist, the colon should be quoted. We rely on urllib.request + # to do the right thing here. + return urllib.request.pathname2url(urllib.request.url2pathname(part)) + + +# percent-encoded: / +_reserved_chars_re = re.compile('(@|%2F)', re.IGNORECASE) + + +def _clean_url_path(path: str, is_local_path: bool) -> str: + """ + Clean the path portion of a URL. + """ + if is_local_path: + clean_func = _clean_file_url_path + else: + clean_func = _clean_url_path_part + + # Split on the reserved characters prior to cleaning so that + # revision strings in VCS URLs are properly preserved. + parts = _reserved_chars_re.split(path) + + cleaned_parts = [] + for to_clean, reserved in pairwise(itertools.chain(parts, [''])): + cleaned_parts.append(clean_func(to_clean)) + # Normalize %xx escapes (e.g. %2f -> %2F) + cleaned_parts.append(reserved.upper()) + + return ''.join(cleaned_parts) + + +def _clean_link(url: str) -> str: + """ + Make sure a link is fully quoted. + For example, if ' ' occurs in the URL, it will be replaced with "%20", + and without double-quoting other characters. + """ + # Split the URL into parts according to the general structure + # `scheme://netloc/path;parameters?query#fragment`. + result = urllib.parse.urlparse(url) + # If the netloc is empty, then the URL refers to a local filesystem path. + is_local_path = not result.netloc + path = _clean_url_path(result.path, is_local_path=is_local_path) + return urllib.parse.urlunparse(result._replace(path=path)) + + +def _create_link_from_element( + anchor: HTMLElement, + page_url: str, + base_url: str, +) -> Optional[Link]: + """ + Convert an anchor element in a simple repository page to a Link. + """ + href = anchor.get("href") + if not href: + return None + + url = _clean_link(urllib.parse.urljoin(base_url, href)) + pyrequire = anchor.get('data-requires-python') + pyrequire = html.unescape(pyrequire) if pyrequire else None + + yanked_reason = anchor.get('data-yanked') + if yanked_reason: + yanked_reason = html.unescape(yanked_reason) + + link = Link( + url, + comes_from=page_url, + requires_python=pyrequire, + yanked_reason=yanked_reason, + ) + + return link + + +class CacheablePageContent: + def __init__(self, page: "HTMLPage") -> None: + assert page.cache_link_parsing + self.page = page + + def __eq__(self, other: object) -> bool: + return (isinstance(other, type(self)) and + self.page.url == other.page.url) + + def __hash__(self) -> int: + return hash(self.page.url) + + +def with_cached_html_pages( + fn: Callable[["HTMLPage"], Iterable[Link]], +) -> Callable[["HTMLPage"], List[Link]]: + """ + Given a function that parses an Iterable[Link] from an HTMLPage, cache the + function's result (keyed by CacheablePageContent), unless the HTMLPage + `page` has `page.cache_link_parsing == False`. + """ + + @functools.lru_cache(maxsize=None) + def wrapper(cacheable_page: CacheablePageContent) -> List[Link]: + return list(fn(cacheable_page.page)) + + @functools.wraps(fn) + def wrapper_wrapper(page: "HTMLPage") -> List[Link]: + if page.cache_link_parsing: + return wrapper(CacheablePageContent(page)) + return list(fn(page)) + + return wrapper_wrapper + + +@with_cached_html_pages +def parse_links(page: "HTMLPage") -> Iterable[Link]: + """ + Parse an HTML document, and yield its anchor elements as Link objects. + """ + document = html5lib.parse( + page.content, + transport_encoding=page.encoding, + namespaceHTMLElements=False, + ) + + url = page.url + base_url = _determine_base_url(document, url) + for anchor in document.findall(".//a"): + link = _create_link_from_element( + anchor, + page_url=url, + base_url=base_url, + ) + if link is None: + continue + yield link + + +class HTMLPage: + """Represents one page, along with its URL""" + + def __init__( + self, + content: bytes, + encoding: Optional[str], + url: str, + cache_link_parsing: bool = True, + ) -> None: + """ + :param encoding: the encoding to decode the given content. + :param url: the URL from which the HTML was downloaded. + :param cache_link_parsing: whether links parsed from this page's url + should be cached. PyPI index urls should + have this set to False, for example. + """ + self.content = content + self.encoding = encoding + self.url = url + self.cache_link_parsing = cache_link_parsing + + def __str__(self) -> str: + return redact_auth_from_url(self.url) + + +def _handle_get_page_fail( + link: Link, + reason: Union[str, Exception], + meth: Optional[Callable[..., None]] = None +) -> None: + if meth is None: + meth = logger.debug + meth("Could not fetch URL %s: %s - skipping", link, reason) + + +def _make_html_page(response: Response, cache_link_parsing: bool = True) -> HTMLPage: + encoding = _get_encoding_from_headers(response.headers) + return HTMLPage( + response.content, + encoding=encoding, + url=response.url, + cache_link_parsing=cache_link_parsing) + + +def _get_html_page( + link: Link, session: Optional[PipSession] = None +) -> Optional["HTMLPage"]: + if session is None: + raise TypeError( + "_get_html_page() missing 1 required keyword argument: 'session'" + ) + + url = link.url.split('#', 1)[0] + + # Check for VCS schemes that do not support lookup as web pages. + vcs_scheme = _match_vcs_scheme(url) + if vcs_scheme: + logger.warning('Cannot look at %s URL %s because it does not support ' + 'lookup as web pages.', vcs_scheme, link) + return None + + # Tack index.html onto file:// URLs that point to directories + scheme, _, path, _, _, _ = urllib.parse.urlparse(url) + if (scheme == 'file' and os.path.isdir(urllib.request.url2pathname(path))): + # add trailing slash if not present so urljoin doesn't trim + # final segment + if not url.endswith('/'): + url += '/' + url = urllib.parse.urljoin(url, 'index.html') + logger.debug(' file: URL is directory, getting %s', url) + + try: + resp = _get_html_response(url, session=session) + except _NotHTTP: + logger.warning( + 'Skipping page %s because it looks like an archive, and cannot ' + 'be checked by a HTTP HEAD request.', link, + ) + except _NotHTML as exc: + logger.warning( + 'Skipping page %s because the %s request got Content-Type: %s.' + 'The only supported Content-Type is text/html', + link, exc.request_desc, exc.content_type, + ) + except NetworkConnectionError as exc: + _handle_get_page_fail(link, exc) + except RetryError as exc: + _handle_get_page_fail(link, exc) + except SSLError as exc: + reason = "There was a problem confirming the ssl certificate: " + reason += str(exc) + _handle_get_page_fail(link, reason, meth=logger.info) + except requests.ConnectionError as exc: + _handle_get_page_fail(link, f"connection error: {exc}") + except requests.Timeout: + _handle_get_page_fail(link, "timed out") + else: + return _make_html_page(resp, + cache_link_parsing=link.cache_link_parsing) + return None + + +class CollectedSources(NamedTuple): + find_links: Sequence[Optional[LinkSource]] + index_urls: Sequence[Optional[LinkSource]] + + +class LinkCollector: + + """ + Responsible for collecting Link objects from all configured locations, + making network requests as needed. + + The class's main method is its collect_sources() method. + """ + + def __init__( + self, + session: PipSession, + search_scope: SearchScope, + ) -> None: + self.search_scope = search_scope + self.session = session + + @classmethod + def create( + cls, session: PipSession, + options: Values, + suppress_no_index: bool = False + ) -> "LinkCollector": + """ + :param session: The Session to use to make requests. + :param suppress_no_index: Whether to ignore the --no-index option + when constructing the SearchScope object. + """ + index_urls = [options.index_url] + options.extra_index_urls + if options.no_index and not suppress_no_index: + logger.debug( + 'Ignoring indexes: %s', + ','.join(redact_auth_from_url(url) for url in index_urls), + ) + index_urls = [] + + # Make sure find_links is a list before passing to create(). + find_links = options.find_links or [] + + search_scope = SearchScope.create( + find_links=find_links, index_urls=index_urls, + ) + link_collector = LinkCollector( + session=session, search_scope=search_scope, + ) + return link_collector + + @property + def find_links(self) -> List[str]: + return self.search_scope.find_links + + def fetch_page(self, location: Link) -> Optional[HTMLPage]: + """ + Fetch an HTML page containing package links. + """ + return _get_html_page(location, session=self.session) + + def collect_sources( + self, + project_name: str, + candidates_from_page: CandidatesFromPage, + ) -> CollectedSources: + # The OrderedDict calls deduplicate sources by URL. + index_url_sources = collections.OrderedDict( + build_source( + loc, + candidates_from_page=candidates_from_page, + page_validator=self.session.is_secure_origin, + expand_dir=False, + cache_link_parsing=False, + ) + for loc in self.search_scope.get_index_urls_locations(project_name) + ).values() + find_links_sources = collections.OrderedDict( + build_source( + loc, + candidates_from_page=candidates_from_page, + page_validator=self.session.is_secure_origin, + expand_dir=True, + cache_link_parsing=True, + ) + for loc in self.find_links + ).values() + + if logger.isEnabledFor(logging.DEBUG): + lines = [ + f"* {s.link}" + for s in itertools.chain(find_links_sources, index_url_sources) + if s is not None and s.link is not None + ] + lines = [ + f"{len(lines)} location(s) to search " + f"for versions of {project_name}:" + ] + lines + logger.debug("\n".join(lines)) + + return CollectedSources( + find_links=list(find_links_sources), + index_urls=list(index_url_sources), + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/index/package_finder.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/index/package_finder.py new file mode 100644 index 000000000..2dadb5aef --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/index/package_finder.py @@ -0,0 +1,982 @@ +"""Routines related to PyPI, indexes""" + +# The following comment should be removed at some point in the future. +# mypy: strict-optional=False + +import functools +import itertools +import logging +import re +from typing import FrozenSet, Iterable, List, Optional, Set, Tuple, Union + +from pip._vendor.packaging import specifiers +from pip._vendor.packaging.tags import Tag +from pip._vendor.packaging.utils import canonicalize_name +from pip._vendor.packaging.version import _BaseVersion +from pip._vendor.packaging.version import parse as parse_version + +from pip._internal.exceptions import ( + BestVersionAlreadyInstalled, + DistributionNotFound, + InvalidWheelFilename, + UnsupportedWheel, +) +from pip._internal.index.collector import LinkCollector, parse_links +from pip._internal.models.candidate import InstallationCandidate +from pip._internal.models.format_control import FormatControl +from pip._internal.models.link import Link +from pip._internal.models.search_scope import SearchScope +from pip._internal.models.selection_prefs import SelectionPreferences +from pip._internal.models.target_python import TargetPython +from pip._internal.models.wheel import Wheel +from pip._internal.req import InstallRequirement +from pip._internal.utils._log import getLogger +from pip._internal.utils.filetypes import WHEEL_EXTENSION +from pip._internal.utils.hashes import Hashes +from pip._internal.utils.logging import indent_log +from pip._internal.utils.misc import build_netloc +from pip._internal.utils.packaging import check_requires_python +from pip._internal.utils.unpacking import SUPPORTED_EXTENSIONS +from pip._internal.utils.urls import url_to_path + +__all__ = ['FormatControl', 'BestCandidateResult', 'PackageFinder'] + + +logger = getLogger(__name__) + +BuildTag = Union[Tuple[()], Tuple[int, str]] +CandidateSortingKey = ( + Tuple[int, int, int, _BaseVersion, Optional[int], BuildTag] +) + + +def _check_link_requires_python( + link: Link, + version_info: Tuple[int, int, int], + ignore_requires_python: bool = False, +) -> bool: + """ + Return whether the given Python version is compatible with a link's + "Requires-Python" value. + + :param version_info: A 3-tuple of ints representing the Python + major-minor-micro version to check. + :param ignore_requires_python: Whether to ignore the "Requires-Python" + value if the given Python version isn't compatible. + """ + try: + is_compatible = check_requires_python( + link.requires_python, version_info=version_info, + ) + except specifiers.InvalidSpecifier: + logger.debug( + "Ignoring invalid Requires-Python (%r) for link: %s", + link.requires_python, link, + ) + else: + if not is_compatible: + version = '.'.join(map(str, version_info)) + if not ignore_requires_python: + logger.verbose( + 'Link requires a different Python (%s not in: %r): %s', + version, link.requires_python, link, + ) + return False + + logger.debug( + 'Ignoring failed Requires-Python check (%s not in: %r) ' + 'for link: %s', + version, link.requires_python, link, + ) + + return True + + +class LinkEvaluator: + + """ + Responsible for evaluating links for a particular project. + """ + + _py_version_re = re.compile(r'-py([123]\.?[0-9]?)$') + + # Don't include an allow_yanked default value to make sure each call + # site considers whether yanked releases are allowed. This also causes + # that decision to be made explicit in the calling code, which helps + # people when reading the code. + def __init__( + self, + project_name: str, + canonical_name: str, + formats: FrozenSet[str], + target_python: TargetPython, + allow_yanked: bool, + ignore_requires_python: Optional[bool] = None, + ) -> None: + """ + :param project_name: The user supplied package name. + :param canonical_name: The canonical package name. + :param formats: The formats allowed for this package. Should be a set + with 'binary' or 'source' or both in it. + :param target_python: The target Python interpreter to use when + evaluating link compatibility. This is used, for example, to + check wheel compatibility, as well as when checking the Python + version, e.g. the Python version embedded in a link filename + (or egg fragment) and against an HTML link's optional PEP 503 + "data-requires-python" attribute. + :param allow_yanked: Whether files marked as yanked (in the sense + of PEP 592) are permitted to be candidates for install. + :param ignore_requires_python: Whether to ignore incompatible + PEP 503 "data-requires-python" values in HTML links. Defaults + to False. + """ + if ignore_requires_python is None: + ignore_requires_python = False + + self._allow_yanked = allow_yanked + self._canonical_name = canonical_name + self._ignore_requires_python = ignore_requires_python + self._formats = formats + self._target_python = target_python + + self.project_name = project_name + + def evaluate_link(self, link: Link) -> Tuple[bool, Optional[str]]: + """ + Determine whether a link is a candidate for installation. + + :return: A tuple (is_candidate, result), where `result` is (1) a + version string if `is_candidate` is True, and (2) if + `is_candidate` is False, an optional string to log the reason + the link fails to qualify. + """ + version = None + if link.is_yanked and not self._allow_yanked: + reason = link.yanked_reason or '' + return (False, f'yanked for reason: {reason}') + + if link.egg_fragment: + egg_info = link.egg_fragment + ext = link.ext + else: + egg_info, ext = link.splitext() + if not ext: + return (False, 'not a file') + if ext not in SUPPORTED_EXTENSIONS: + return (False, f'unsupported archive format: {ext}') + if "binary" not in self._formats and ext == WHEEL_EXTENSION: + reason = 'No binaries permitted for {}'.format( + self.project_name) + return (False, reason) + if "macosx10" in link.path and ext == '.zip': + return (False, 'macosx10 one') + if ext == WHEEL_EXTENSION: + try: + wheel = Wheel(link.filename) + except InvalidWheelFilename: + return (False, 'invalid wheel filename') + if canonicalize_name(wheel.name) != self._canonical_name: + reason = 'wrong project name (not {})'.format( + self.project_name) + return (False, reason) + + supported_tags = self._target_python.get_tags() + if not wheel.supported(supported_tags): + # Include the wheel's tags in the reason string to + # simplify troubleshooting compatibility issues. + file_tags = wheel.get_formatted_file_tags() + reason = ( + "none of the wheel's tags ({}) are compatible " + "(run pip debug --verbose to show compatible tags)".format( + ', '.join(file_tags) + ) + ) + return (False, reason) + + version = wheel.version + + # This should be up by the self.ok_binary check, but see issue 2700. + if "source" not in self._formats and ext != WHEEL_EXTENSION: + reason = f'No sources permitted for {self.project_name}' + return (False, reason) + + if not version: + version = _extract_version_from_fragment( + egg_info, self._canonical_name, + ) + if not version: + reason = f'Missing project version for {self.project_name}' + return (False, reason) + + match = self._py_version_re.search(version) + if match: + version = version[:match.start()] + py_version = match.group(1) + if py_version != self._target_python.py_version: + return (False, 'Python version is incorrect') + + supports_python = _check_link_requires_python( + link, version_info=self._target_python.py_version_info, + ignore_requires_python=self._ignore_requires_python, + ) + if not supports_python: + # Return None for the reason text to suppress calling + # _log_skipped_link(). + return (False, None) + + logger.debug('Found link %s, version: %s', link, version) + + return (True, version) + + +def filter_unallowed_hashes( + candidates: List[InstallationCandidate], + hashes: Hashes, + project_name: str, +) -> List[InstallationCandidate]: + """ + Filter out candidates whose hashes aren't allowed, and return a new + list of candidates. + + If at least one candidate has an allowed hash, then all candidates with + either an allowed hash or no hash specified are returned. Otherwise, + the given candidates are returned. + + Including the candidates with no hash specified when there is a match + allows a warning to be logged if there is a more preferred candidate + with no hash specified. Returning all candidates in the case of no + matches lets pip report the hash of the candidate that would otherwise + have been installed (e.g. permitting the user to more easily update + their requirements file with the desired hash). + """ + if not hashes: + logger.debug( + 'Given no hashes to check %s links for project %r: ' + 'discarding no candidates', + len(candidates), + project_name, + ) + # Make sure we're not returning back the given value. + return list(candidates) + + matches_or_no_digest = [] + # Collect the non-matches for logging purposes. + non_matches = [] + match_count = 0 + for candidate in candidates: + link = candidate.link + if not link.has_hash: + pass + elif link.is_hash_allowed(hashes=hashes): + match_count += 1 + else: + non_matches.append(candidate) + continue + + matches_or_no_digest.append(candidate) + + if match_count: + filtered = matches_or_no_digest + else: + # Make sure we're not returning back the given value. + filtered = list(candidates) + + if len(filtered) == len(candidates): + discard_message = 'discarding no candidates' + else: + discard_message = 'discarding {} non-matches:\n {}'.format( + len(non_matches), + '\n '.join(str(candidate.link) for candidate in non_matches) + ) + + logger.debug( + 'Checked %s links for project %r against %s hashes ' + '(%s matches, %s no digest): %s', + len(candidates), + project_name, + hashes.digest_count, + match_count, + len(matches_or_no_digest) - match_count, + discard_message + ) + + return filtered + + +class CandidatePreferences: + + """ + Encapsulates some of the preferences for filtering and sorting + InstallationCandidate objects. + """ + + def __init__( + self, + prefer_binary: bool = False, + allow_all_prereleases: bool = False, + ) -> None: + """ + :param allow_all_prereleases: Whether to allow all pre-releases. + """ + self.allow_all_prereleases = allow_all_prereleases + self.prefer_binary = prefer_binary + + +class BestCandidateResult: + """A collection of candidates, returned by `PackageFinder.find_best_candidate`. + + This class is only intended to be instantiated by CandidateEvaluator's + `compute_best_candidate()` method. + """ + + def __init__( + self, + candidates: List[InstallationCandidate], + applicable_candidates: List[InstallationCandidate], + best_candidate: Optional[InstallationCandidate], + ) -> None: + """ + :param candidates: A sequence of all available candidates found. + :param applicable_candidates: The applicable candidates. + :param best_candidate: The most preferred candidate found, or None + if no applicable candidates were found. + """ + assert set(applicable_candidates) <= set(candidates) + + if best_candidate is None: + assert not applicable_candidates + else: + assert best_candidate in applicable_candidates + + self._applicable_candidates = applicable_candidates + self._candidates = candidates + + self.best_candidate = best_candidate + + def iter_all(self) -> Iterable[InstallationCandidate]: + """Iterate through all candidates. + """ + return iter(self._candidates) + + def iter_applicable(self) -> Iterable[InstallationCandidate]: + """Iterate through the applicable candidates. + """ + return iter(self._applicable_candidates) + + +class CandidateEvaluator: + + """ + Responsible for filtering and sorting candidates for installation based + on what tags are valid. + """ + + @classmethod + def create( + cls, + project_name: str, + target_python: Optional[TargetPython] = None, + prefer_binary: bool = False, + allow_all_prereleases: bool = False, + specifier: Optional[specifiers.BaseSpecifier] = None, + hashes: Optional[Hashes] = None, + ) -> "CandidateEvaluator": + """Create a CandidateEvaluator object. + + :param target_python: The target Python interpreter to use when + checking compatibility. If None (the default), a TargetPython + object will be constructed from the running Python. + :param specifier: An optional object implementing `filter` + (e.g. `packaging.specifiers.SpecifierSet`) to filter applicable + versions. + :param hashes: An optional collection of allowed hashes. + """ + if target_python is None: + target_python = TargetPython() + if specifier is None: + specifier = specifiers.SpecifierSet() + + supported_tags = target_python.get_tags() + + return cls( + project_name=project_name, + supported_tags=supported_tags, + specifier=specifier, + prefer_binary=prefer_binary, + allow_all_prereleases=allow_all_prereleases, + hashes=hashes, + ) + + def __init__( + self, + project_name: str, + supported_tags: List[Tag], + specifier: specifiers.BaseSpecifier, + prefer_binary: bool = False, + allow_all_prereleases: bool = False, + hashes: Optional[Hashes] = None, + ) -> None: + """ + :param supported_tags: The PEP 425 tags supported by the target + Python in order of preference (most preferred first). + """ + self._allow_all_prereleases = allow_all_prereleases + self._hashes = hashes + self._prefer_binary = prefer_binary + self._project_name = project_name + self._specifier = specifier + self._supported_tags = supported_tags + # Since the index of the tag in the _supported_tags list is used + # as a priority, precompute a map from tag to index/priority to be + # used in wheel.find_most_preferred_tag. + self._wheel_tag_preferences = { + tag: idx for idx, tag in enumerate(supported_tags) + } + + def get_applicable_candidates( + self, + candidates: List[InstallationCandidate], + ) -> List[InstallationCandidate]: + """ + Return the applicable candidates from a list of candidates. + """ + # Using None infers from the specifier instead. + allow_prereleases = self._allow_all_prereleases or None + specifier = self._specifier + versions = { + str(v) for v in specifier.filter( + # We turn the version object into a str here because otherwise + # when we're debundled but setuptools isn't, Python will see + # packaging.version.Version and + # pkg_resources._vendor.packaging.version.Version as different + # types. This way we'll use a str as a common data interchange + # format. If we stop using the pkg_resources provided specifier + # and start using our own, we can drop the cast to str(). + (str(c.version) for c in candidates), + prereleases=allow_prereleases, + ) + } + + # Again, converting version to str to deal with debundling. + applicable_candidates = [ + c for c in candidates if str(c.version) in versions + ] + + filtered_applicable_candidates = filter_unallowed_hashes( + candidates=applicable_candidates, + hashes=self._hashes, + project_name=self._project_name, + ) + + return sorted(filtered_applicable_candidates, key=self._sort_key) + + def _sort_key(self, candidate: InstallationCandidate) -> CandidateSortingKey: + """ + Function to pass as the `key` argument to a call to sorted() to sort + InstallationCandidates by preference. + + Returns a tuple such that tuples sorting as greater using Python's + default comparison operator are more preferred. + + The preference is as follows: + + First and foremost, candidates with allowed (matching) hashes are + always preferred over candidates without matching hashes. This is + because e.g. if the only candidate with an allowed hash is yanked, + we still want to use that candidate. + + Second, excepting hash considerations, candidates that have been + yanked (in the sense of PEP 592) are always less preferred than + candidates that haven't been yanked. Then: + + If not finding wheels, they are sorted by version only. + If finding wheels, then the sort order is by version, then: + 1. existing installs + 2. wheels ordered via Wheel.support_index_min(self._supported_tags) + 3. source archives + If prefer_binary was set, then all wheels are sorted above sources. + + Note: it was considered to embed this logic into the Link + comparison operators, but then different sdist links + with the same version, would have to be considered equal + """ + valid_tags = self._supported_tags + support_num = len(valid_tags) + build_tag: BuildTag = () + binary_preference = 0 + link = candidate.link + if link.is_wheel: + # can raise InvalidWheelFilename + wheel = Wheel(link.filename) + try: + pri = -(wheel.find_most_preferred_tag( + valid_tags, self._wheel_tag_preferences + )) + except ValueError: + raise UnsupportedWheel( + "{} is not a supported wheel for this platform. It " + "can't be sorted.".format(wheel.filename) + ) + if self._prefer_binary: + binary_preference = 1 + if wheel.build_tag is not None: + match = re.match(r'^(\d+)(.*)$', wheel.build_tag) + build_tag_groups = match.groups() + build_tag = (int(build_tag_groups[0]), build_tag_groups[1]) + else: # sdist + pri = -(support_num) + has_allowed_hash = int(link.is_hash_allowed(self._hashes)) + yank_value = -1 * int(link.is_yanked) # -1 for yanked. + return ( + has_allowed_hash, yank_value, binary_preference, candidate.version, + pri, build_tag, + ) + + def sort_best_candidate( + self, + candidates: List[InstallationCandidate], + ) -> Optional[InstallationCandidate]: + """ + Return the best candidate per the instance's sort order, or None if + no candidate is acceptable. + """ + if not candidates: + return None + best_candidate = max(candidates, key=self._sort_key) + return best_candidate + + def compute_best_candidate( + self, + candidates: List[InstallationCandidate], + ) -> BestCandidateResult: + """ + Compute and return a `BestCandidateResult` instance. + """ + applicable_candidates = self.get_applicable_candidates(candidates) + + best_candidate = self.sort_best_candidate(applicable_candidates) + + return BestCandidateResult( + candidates, + applicable_candidates=applicable_candidates, + best_candidate=best_candidate, + ) + + +class PackageFinder: + """This finds packages. + + This is meant to match easy_install's technique for looking for + packages, by reading pages and looking for appropriate links. + """ + + def __init__( + self, + link_collector: LinkCollector, + target_python: TargetPython, + allow_yanked: bool, + format_control: Optional[FormatControl] = None, + candidate_prefs: Optional[CandidatePreferences] = None, + ignore_requires_python: Optional[bool] = None, + ) -> None: + """ + This constructor is primarily meant to be used by the create() class + method and from tests. + + :param format_control: A FormatControl object, used to control + the selection of source packages / binary packages when consulting + the index and links. + :param candidate_prefs: Options to use when creating a + CandidateEvaluator object. + """ + if candidate_prefs is None: + candidate_prefs = CandidatePreferences() + + format_control = format_control or FormatControl(set(), set()) + + self._allow_yanked = allow_yanked + self._candidate_prefs = candidate_prefs + self._ignore_requires_python = ignore_requires_python + self._link_collector = link_collector + self._target_python = target_python + + self.format_control = format_control + + # These are boring links that have already been logged somehow. + self._logged_links: Set[Link] = set() + + # Don't include an allow_yanked default value to make sure each call + # site considers whether yanked releases are allowed. This also causes + # that decision to be made explicit in the calling code, which helps + # people when reading the code. + @classmethod + def create( + cls, + link_collector: LinkCollector, + selection_prefs: SelectionPreferences, + target_python: Optional[TargetPython] = None, + ) -> "PackageFinder": + """Create a PackageFinder. + + :param selection_prefs: The candidate selection preferences, as a + SelectionPreferences object. + :param target_python: The target Python interpreter to use when + checking compatibility. If None (the default), a TargetPython + object will be constructed from the running Python. + """ + if target_python is None: + target_python = TargetPython() + + candidate_prefs = CandidatePreferences( + prefer_binary=selection_prefs.prefer_binary, + allow_all_prereleases=selection_prefs.allow_all_prereleases, + ) + + return cls( + candidate_prefs=candidate_prefs, + link_collector=link_collector, + target_python=target_python, + allow_yanked=selection_prefs.allow_yanked, + format_control=selection_prefs.format_control, + ignore_requires_python=selection_prefs.ignore_requires_python, + ) + + @property + def target_python(self) -> TargetPython: + return self._target_python + + @property + def search_scope(self) -> SearchScope: + return self._link_collector.search_scope + + @search_scope.setter + def search_scope(self, search_scope: SearchScope) -> None: + self._link_collector.search_scope = search_scope + + @property + def find_links(self) -> List[str]: + return self._link_collector.find_links + + @property + def index_urls(self) -> List[str]: + return self.search_scope.index_urls + + @property + def trusted_hosts(self) -> Iterable[str]: + for host_port in self._link_collector.session.pip_trusted_origins: + yield build_netloc(*host_port) + + @property + def allow_all_prereleases(self) -> bool: + return self._candidate_prefs.allow_all_prereleases + + def set_allow_all_prereleases(self) -> None: + self._candidate_prefs.allow_all_prereleases = True + + @property + def prefer_binary(self) -> bool: + return self._candidate_prefs.prefer_binary + + def set_prefer_binary(self) -> None: + self._candidate_prefs.prefer_binary = True + + def make_link_evaluator(self, project_name: str) -> LinkEvaluator: + canonical_name = canonicalize_name(project_name) + formats = self.format_control.get_allowed_formats(canonical_name) + + return LinkEvaluator( + project_name=project_name, + canonical_name=canonical_name, + formats=formats, + target_python=self._target_python, + allow_yanked=self._allow_yanked, + ignore_requires_python=self._ignore_requires_python, + ) + + def _sort_links(self, links: Iterable[Link]) -> List[Link]: + """ + Returns elements of links in order, non-egg links first, egg links + second, while eliminating duplicates + """ + eggs, no_eggs = [], [] + seen: Set[Link] = set() + for link in links: + if link not in seen: + seen.add(link) + if link.egg_fragment: + eggs.append(link) + else: + no_eggs.append(link) + return no_eggs + eggs + + def _log_skipped_link(self, link: Link, reason: str) -> None: + if link not in self._logged_links: + # Put the link at the end so the reason is more visible and because + # the link string is usually very long. + logger.debug('Skipping link: %s: %s', reason, link) + self._logged_links.add(link) + + def get_install_candidate( + self, link_evaluator: LinkEvaluator, link: Link + ) -> Optional[InstallationCandidate]: + """ + If the link is a candidate for install, convert it to an + InstallationCandidate and return it. Otherwise, return None. + """ + is_candidate, result = link_evaluator.evaluate_link(link) + if not is_candidate: + if result: + self._log_skipped_link(link, reason=result) + return None + + return InstallationCandidate( + name=link_evaluator.project_name, + link=link, + version=result, + ) + + def evaluate_links( + self, link_evaluator: LinkEvaluator, links: Iterable[Link] + ) -> List[InstallationCandidate]: + """ + Convert links that are candidates to InstallationCandidate objects. + """ + candidates = [] + for link in self._sort_links(links): + candidate = self.get_install_candidate(link_evaluator, link) + if candidate is not None: + candidates.append(candidate) + + return candidates + + def process_project_url( + self, project_url: Link, link_evaluator: LinkEvaluator + ) -> List[InstallationCandidate]: + logger.debug( + 'Fetching project page and analyzing links: %s', project_url, + ) + html_page = self._link_collector.fetch_page(project_url) + if html_page is None: + return [] + + page_links = list(parse_links(html_page)) + + with indent_log(): + package_links = self.evaluate_links( + link_evaluator, + links=page_links, + ) + + return package_links + + @functools.lru_cache(maxsize=None) + def find_all_candidates(self, project_name: str) -> List[InstallationCandidate]: + """Find all available InstallationCandidate for project_name + + This checks index_urls and find_links. + All versions found are returned as an InstallationCandidate list. + + See LinkEvaluator.evaluate_link() for details on which files + are accepted. + """ + link_evaluator = self.make_link_evaluator(project_name) + + collected_sources = self._link_collector.collect_sources( + project_name=project_name, + candidates_from_page=functools.partial( + self.process_project_url, + link_evaluator=link_evaluator, + ), + ) + + page_candidates_it = itertools.chain.from_iterable( + source.page_candidates() + for sources in collected_sources + for source in sources + if source is not None + ) + page_candidates = list(page_candidates_it) + + file_links_it = itertools.chain.from_iterable( + source.file_links() + for sources in collected_sources + for source in sources + if source is not None + ) + file_candidates = self.evaluate_links( + link_evaluator, + sorted(file_links_it, reverse=True), + ) + + if logger.isEnabledFor(logging.DEBUG) and file_candidates: + paths = [url_to_path(c.link.url) for c in file_candidates] + logger.debug("Local files found: %s", ", ".join(paths)) + + # This is an intentional priority ordering + return file_candidates + page_candidates + + def make_candidate_evaluator( + self, + project_name: str, + specifier: Optional[specifiers.BaseSpecifier] = None, + hashes: Optional[Hashes] = None, + ) -> CandidateEvaluator: + """Create a CandidateEvaluator object to use. + """ + candidate_prefs = self._candidate_prefs + return CandidateEvaluator.create( + project_name=project_name, + target_python=self._target_python, + prefer_binary=candidate_prefs.prefer_binary, + allow_all_prereleases=candidate_prefs.allow_all_prereleases, + specifier=specifier, + hashes=hashes, + ) + + @functools.lru_cache(maxsize=None) + def find_best_candidate( + self, + project_name: str, + specifier: Optional[specifiers.BaseSpecifier] = None, + hashes: Optional[Hashes] = None, + ) -> BestCandidateResult: + """Find matches for the given project and specifier. + + :param specifier: An optional object implementing `filter` + (e.g. `packaging.specifiers.SpecifierSet`) to filter applicable + versions. + + :return: A `BestCandidateResult` instance. + """ + candidates = self.find_all_candidates(project_name) + candidate_evaluator = self.make_candidate_evaluator( + project_name=project_name, + specifier=specifier, + hashes=hashes, + ) + return candidate_evaluator.compute_best_candidate(candidates) + + def find_requirement( + self, req: InstallRequirement, upgrade: bool + ) -> Optional[InstallationCandidate]: + """Try to find a Link matching req + + Expects req, an InstallRequirement and upgrade, a boolean + Returns a InstallationCandidate if found, + Raises DistributionNotFound or BestVersionAlreadyInstalled otherwise + """ + hashes = req.hashes(trust_internet=False) + best_candidate_result = self.find_best_candidate( + req.name, specifier=req.specifier, hashes=hashes, + ) + best_candidate = best_candidate_result.best_candidate + + installed_version: Optional[_BaseVersion] = None + if req.satisfied_by is not None: + installed_version = parse_version(req.satisfied_by.version) + + def _format_versions(cand_iter: Iterable[InstallationCandidate]) -> str: + # This repeated parse_version and str() conversion is needed to + # handle different vendoring sources from pip and pkg_resources. + # If we stop using the pkg_resources provided specifier and start + # using our own, we can drop the cast to str(). + return ", ".join(sorted( + {str(c.version) for c in cand_iter}, + key=parse_version, + )) or "none" + + if installed_version is None and best_candidate is None: + logger.critical( + 'Could not find a version that satisfies the requirement %s ' + '(from versions: %s)', + req, + _format_versions(best_candidate_result.iter_all()), + ) + + raise DistributionNotFound( + 'No matching distribution found for {}'.format( + req) + ) + + best_installed = False + if installed_version and ( + best_candidate is None or + best_candidate.version <= installed_version): + best_installed = True + + if not upgrade and installed_version is not None: + if best_installed: + logger.debug( + 'Existing installed version (%s) is most up-to-date and ' + 'satisfies requirement', + installed_version, + ) + else: + logger.debug( + 'Existing installed version (%s) satisfies requirement ' + '(most up-to-date version is %s)', + installed_version, + best_candidate.version, + ) + return None + + if best_installed: + # We have an existing version, and its the best version + logger.debug( + 'Installed version (%s) is most up-to-date (past versions: ' + '%s)', + installed_version, + _format_versions(best_candidate_result.iter_applicable()), + ) + raise BestVersionAlreadyInstalled + + logger.debug( + 'Using version %s (newest of versions: %s)', + best_candidate.version, + _format_versions(best_candidate_result.iter_applicable()), + ) + return best_candidate + + +def _find_name_version_sep(fragment: str, canonical_name: str) -> int: + """Find the separator's index based on the package's canonical name. + + :param fragment: A + filename "fragment" (stem) or + egg fragment. + :param canonical_name: The package's canonical name. + + This function is needed since the canonicalized name does not necessarily + have the same length as the egg info's name part. An example:: + + >>> fragment = 'foo__bar-1.0' + >>> canonical_name = 'foo-bar' + >>> _find_name_version_sep(fragment, canonical_name) + 8 + """ + # Project name and version must be separated by one single dash. Find all + # occurrences of dashes; if the string in front of it matches the canonical + # name, this is the one separating the name and version parts. + for i, c in enumerate(fragment): + if c != "-": + continue + if canonicalize_name(fragment[:i]) == canonical_name: + return i + raise ValueError(f"{fragment} does not match {canonical_name}") + + +def _extract_version_from_fragment(fragment: str, canonical_name: str) -> Optional[str]: + """Parse the version string from a + filename + "fragment" (stem) or egg fragment. + + :param fragment: The string to parse. E.g. foo-2.1 + :param canonical_name: The canonicalized name of the package this + belongs to. + """ + try: + version_start = _find_name_version_sep(fragment, canonical_name) + 1 + except ValueError: + return None + version = fragment[version_start:] + if not version: + return None + return version diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/index/sources.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/index/sources.py new file mode 100644 index 000000000..eec3f12f7 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/index/sources.py @@ -0,0 +1,224 @@ +import logging +import mimetypes +import os +import pathlib +from typing import Callable, Iterable, Optional, Tuple + +from pip._internal.models.candidate import InstallationCandidate +from pip._internal.models.link import Link +from pip._internal.utils.urls import path_to_url, url_to_path +from pip._internal.vcs import is_url + +logger = logging.getLogger(__name__) + +FoundCandidates = Iterable[InstallationCandidate] +FoundLinks = Iterable[Link] +CandidatesFromPage = Callable[[Link], Iterable[InstallationCandidate]] +PageValidator = Callable[[Link], bool] + + +class LinkSource: + @property + def link(self) -> Optional[Link]: + """Returns the underlying link, if there's one.""" + raise NotImplementedError() + + def page_candidates(self) -> FoundCandidates: + """Candidates found by parsing an archive listing HTML file.""" + raise NotImplementedError() + + def file_links(self) -> FoundLinks: + """Links found by specifying archives directly.""" + raise NotImplementedError() + + +def _is_html_file(file_url: str) -> bool: + return mimetypes.guess_type(file_url, strict=False)[0] == "text/html" + + +class _FlatDirectorySource(LinkSource): + """Link source specified by ``--find-links=``. + + This looks the content of the directory, and returns: + + * ``page_candidates``: Links listed on each HTML file in the directory. + * ``file_candidates``: Archives in the directory. + """ + + def __init__( + self, + candidates_from_page: CandidatesFromPage, + path: str, + ) -> None: + self._candidates_from_page = candidates_from_page + self._path = pathlib.Path(os.path.realpath(path)) + + @property + def link(self) -> Optional[Link]: + return None + + def page_candidates(self) -> FoundCandidates: + for path in self._path.iterdir(): + url = path_to_url(str(path)) + if not _is_html_file(url): + continue + yield from self._candidates_from_page(Link(url)) + + def file_links(self) -> FoundLinks: + for path in self._path.iterdir(): + url = path_to_url(str(path)) + if _is_html_file(url): + continue + yield Link(url) + + +class _LocalFileSource(LinkSource): + """``--find-links=`` or ``--[extra-]index-url=``. + + If a URL is supplied, it must be a ``file:`` URL. If a path is supplied to + the option, it is converted to a URL first. This returns: + + * ``page_candidates``: Links listed on an HTML file. + * ``file_candidates``: The non-HTML file. + """ + + def __init__( + self, + candidates_from_page: CandidatesFromPage, + link: Link, + ) -> None: + self._candidates_from_page = candidates_from_page + self._link = link + + @property + def link(self) -> Optional[Link]: + return self._link + + def page_candidates(self) -> FoundCandidates: + if not _is_html_file(self._link.url): + return + yield from self._candidates_from_page(self._link) + + def file_links(self) -> FoundLinks: + if _is_html_file(self._link.url): + return + yield self._link + + +class _RemoteFileSource(LinkSource): + """``--find-links=`` or ``--[extra-]index-url=``. + + This returns: + + * ``page_candidates``: Links listed on an HTML file. + * ``file_candidates``: The non-HTML file. + """ + + def __init__( + self, + candidates_from_page: CandidatesFromPage, + page_validator: PageValidator, + link: Link, + ) -> None: + self._candidates_from_page = candidates_from_page + self._page_validator = page_validator + self._link = link + + @property + def link(self) -> Optional[Link]: + return self._link + + def page_candidates(self) -> FoundCandidates: + if not self._page_validator(self._link): + return + yield from self._candidates_from_page(self._link) + + def file_links(self) -> FoundLinks: + yield self._link + + +class _IndexDirectorySource(LinkSource): + """``--[extra-]index-url=``. + + This is treated like a remote URL; ``candidates_from_page`` contains logic + for this by appending ``index.html`` to the link. + """ + + def __init__( + self, + candidates_from_page: CandidatesFromPage, + link: Link, + ) -> None: + self._candidates_from_page = candidates_from_page + self._link = link + + @property + def link(self) -> Optional[Link]: + return self._link + + def page_candidates(self) -> FoundCandidates: + yield from self._candidates_from_page(self._link) + + def file_links(self) -> FoundLinks: + return () + + +def build_source( + location: str, + *, + candidates_from_page: CandidatesFromPage, + page_validator: PageValidator, + expand_dir: bool, + cache_link_parsing: bool, +) -> Tuple[Optional[str], Optional[LinkSource]]: + + path: Optional[str] = None + url: Optional[str] = None + if os.path.exists(location): # Is a local path. + url = path_to_url(location) + path = location + elif location.startswith("file:"): # A file: URL. + url = location + path = url_to_path(location) + elif is_url(location): + url = location + + if url is None: + msg = ( + "Location '%s' is ignored: " + "it is either a non-existing path or lacks a specific scheme." + ) + logger.warning(msg, location) + return (None, None) + + if path is None: + source: LinkSource = _RemoteFileSource( + candidates_from_page=candidates_from_page, + page_validator=page_validator, + link=Link(url, cache_link_parsing=cache_link_parsing), + ) + return (url, source) + + if os.path.isdir(path): + if expand_dir: + source = _FlatDirectorySource( + candidates_from_page=candidates_from_page, + path=path, + ) + else: + source = _IndexDirectorySource( + candidates_from_page=candidates_from_page, + link=Link(url, cache_link_parsing=cache_link_parsing), + ) + return (url, source) + elif os.path.isfile(path): + source = _LocalFileSource( + candidates_from_page=candidates_from_page, + link=Link(url, cache_link_parsing=cache_link_parsing), + ) + return (url, source) + logger.warning( + "Location '%s' is ignored: it is neither a file nor a directory.", + location, + ) + return (url, None) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/__init__.py new file mode 100644 index 000000000..2c2fd860a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/__init__.py @@ -0,0 +1,408 @@ +import functools +import logging +import os +import pathlib +import sys +import sysconfig +from typing import Any, Dict, Iterator, List, Optional, Tuple + +from pip._internal.models.scheme import SCHEME_KEYS, Scheme +from pip._internal.utils.compat import WINDOWS +from pip._internal.utils.deprecation import deprecated +from pip._internal.utils.virtualenv import running_under_virtualenv + +from . import _distutils, _sysconfig +from .base import ( + USER_CACHE_DIR, + get_major_minor_version, + get_src_prefix, + is_osx_framework, + site_packages, + user_site, +) + +__all__ = [ + "USER_CACHE_DIR", + "get_bin_prefix", + "get_bin_user", + "get_major_minor_version", + "get_platlib", + "get_prefixed_libs", + "get_purelib", + "get_scheme", + "get_src_prefix", + "site_packages", + "user_site", +] + + +logger = logging.getLogger(__name__) + +if os.environ.get("_PIP_LOCATIONS_NO_WARN_ON_MISMATCH"): + _MISMATCH_LEVEL = logging.DEBUG +else: + _MISMATCH_LEVEL = logging.WARNING + +_PLATLIBDIR: str = getattr(sys, "platlibdir", "lib") + + +def _looks_like_bpo_44860() -> bool: + """The resolution to bpo-44860 will change this incorrect platlib. + + See . + """ + from distutils.command.install import INSTALL_SCHEMES # type: ignore + + try: + unix_user_platlib = INSTALL_SCHEMES["unix_user"]["platlib"] + except KeyError: + return False + return unix_user_platlib == "$usersite" + + +def _looks_like_red_hat_patched_platlib_purelib(scheme: Dict[str, str]) -> bool: + platlib = scheme["platlib"] + if "/lib64/" not in platlib: + return False + unpatched = platlib.replace("/lib64/", "/lib/") + return unpatched.replace("$platbase/", "$base/") == scheme["purelib"] + + +@functools.lru_cache(maxsize=None) +def _looks_like_red_hat_lib() -> bool: + """Red Hat patches platlib in unix_prefix and unix_home, but not purelib. + + This is the only way I can see to tell a Red Hat-patched Python. + """ + from distutils.command.install import INSTALL_SCHEMES # type: ignore + + return all( + k in INSTALL_SCHEMES + and _looks_like_red_hat_patched_platlib_purelib(INSTALL_SCHEMES[k]) + for k in ("unix_prefix", "unix_home") + ) + + +@functools.lru_cache(maxsize=None) +def _looks_like_debian_scheme() -> bool: + """Debian adds two additional schemes.""" + from distutils.command.install import INSTALL_SCHEMES # type: ignore + + return "deb_system" in INSTALL_SCHEMES and "unix_local" in INSTALL_SCHEMES + + +@functools.lru_cache(maxsize=None) +def _looks_like_red_hat_scheme() -> bool: + """Red Hat patches ``sys.prefix`` and ``sys.exec_prefix``. + + Red Hat's ``00251-change-user-install-location.patch`` changes the install + command's ``prefix`` and ``exec_prefix`` to append ``"/local"``. This is + (fortunately?) done quite unconditionally, so we create a default command + object without any configuration to detect this. + """ + from distutils.command.install import install + from distutils.dist import Distribution + + cmd: Any = install(Distribution()) + cmd.finalize_options() + return ( + cmd.exec_prefix == f"{os.path.normpath(sys.exec_prefix)}/local" + and cmd.prefix == f"{os.path.normpath(sys.prefix)}/local" + ) + + +@functools.lru_cache(maxsize=None) +def _looks_like_msys2_mingw_scheme() -> bool: + """MSYS2 patches distutils and sysconfig to use a UNIX-like scheme. + + However, MSYS2 incorrectly patches sysconfig ``nt`` scheme. The fix is + likely going to be included in their 3.10 release, so we ignore the warning. + See msys2/MINGW-packages#9319. + + MSYS2 MINGW's patch uses lowercase ``"lib"`` instead of the usual uppercase, + and is missing the final ``"site-packages"``. + """ + paths = sysconfig.get_paths("nt", expand=False) + return all( + "Lib" not in p and "lib" in p and not p.endswith("site-packages") + for p in (paths[key] for key in ("platlib", "purelib")) + ) + + +def _fix_abiflags(parts: Tuple[str]) -> Iterator[str]: + ldversion = sysconfig.get_config_var("LDVERSION") + abiflags: str = getattr(sys, "abiflags", None) + + # LDVERSION does not end with sys.abiflags. Just return the path unchanged. + if not ldversion or not abiflags or not ldversion.endswith(abiflags): + yield from parts + return + + # Strip sys.abiflags from LDVERSION-based path components. + for part in parts: + if part.endswith(ldversion): + part = part[: (0 - len(abiflags))] + yield part + + +@functools.lru_cache(maxsize=None) +def _warn_mismatched(old: pathlib.Path, new: pathlib.Path, *, key: str) -> None: + issue_url = "https://github.com/pypa/pip/issues/10151" + message = ( + "Value for %s does not match. Please report this to <%s>" + "\ndistutils: %s" + "\nsysconfig: %s" + ) + logger.log(_MISMATCH_LEVEL, message, key, issue_url, old, new) + + +def _warn_if_mismatch(old: pathlib.Path, new: pathlib.Path, *, key: str) -> bool: + if old == new: + return False + _warn_mismatched(old, new, key=key) + return True + + +@functools.lru_cache(maxsize=None) +def _log_context( + *, + user: bool = False, + home: Optional[str] = None, + root: Optional[str] = None, + prefix: Optional[str] = None, +) -> None: + parts = [ + "Additional context:", + "user = %r", + "home = %r", + "root = %r", + "prefix = %r", + ] + + logger.log(_MISMATCH_LEVEL, "\n".join(parts), user, home, root, prefix) + + +def get_scheme( + dist_name: str, + user: bool = False, + home: Optional[str] = None, + root: Optional[str] = None, + isolated: bool = False, + prefix: Optional[str] = None, +) -> Scheme: + old = _distutils.get_scheme( + dist_name, + user=user, + home=home, + root=root, + isolated=isolated, + prefix=prefix, + ) + new = _sysconfig.get_scheme( + dist_name, + user=user, + home=home, + root=root, + isolated=isolated, + prefix=prefix, + ) + + warning_contexts = [] + for k in SCHEME_KEYS: + old_v = pathlib.Path(getattr(old, k)) + new_v = pathlib.Path(getattr(new, k)) + + if old_v == new_v: + continue + + # distutils incorrectly put PyPy packages under ``site-packages/python`` + # in the ``posix_home`` scheme, but PyPy devs said they expect the + # directory name to be ``pypy`` instead. So we treat this as a bug fix + # and not warn about it. See bpo-43307 and python/cpython#24628. + skip_pypy_special_case = ( + sys.implementation.name == "pypy" + and home is not None + and k in ("platlib", "purelib") + and old_v.parent == new_v.parent + and old_v.name.startswith("python") + and new_v.name.startswith("pypy") + ) + if skip_pypy_special_case: + continue + + # sysconfig's ``osx_framework_user`` does not include ``pythonX.Y`` in + # the ``include`` value, but distutils's ``headers`` does. We'll let + # CPython decide whether this is a bug or feature. See bpo-43948. + skip_osx_framework_user_special_case = ( + user + and is_osx_framework() + and k == "headers" + and old_v.parent.parent == new_v.parent + and old_v.parent.name.startswith("python") + ) + if skip_osx_framework_user_special_case: + continue + + # On Red Hat and derived Linux distributions, distutils is patched to + # use "lib64" instead of "lib" for platlib. + if k == "platlib" and _looks_like_red_hat_lib(): + continue + + # On Python 3.9+, sysconfig's posix_user scheme sets platlib against + # sys.platlibdir, but distutils's unix_user incorrectly coninutes + # using the same $usersite for both platlib and purelib. This creates a + # mismatch when sys.platlibdir is not "lib". + skip_bpo_44860 = ( + user + and k == "platlib" + and not WINDOWS + and sys.version_info >= (3, 9) + and _PLATLIBDIR != "lib" + and _looks_like_bpo_44860() + ) + if skip_bpo_44860: + continue + + # Both Debian and Red Hat patch Python to place the system site under + # /usr/local instead of /usr. Debian also places lib in dist-packages + # instead of site-packages, but the /usr/local check should cover it. + skip_linux_system_special_case = ( + not (user or home or prefix or running_under_virtualenv()) + and old_v.parts[1:3] == ("usr", "local") + and len(new_v.parts) > 1 + and new_v.parts[1] == "usr" + and (len(new_v.parts) < 3 or new_v.parts[2] != "local") + and (_looks_like_red_hat_scheme() or _looks_like_debian_scheme()) + ) + if skip_linux_system_special_case: + continue + + # On Python 3.7 and earlier, sysconfig does not include sys.abiflags in + # the "pythonX.Y" part of the path, but distutils does. + skip_sysconfig_abiflag_bug = ( + sys.version_info < (3, 8) + and not WINDOWS + and k in ("headers", "platlib", "purelib") + and tuple(_fix_abiflags(old_v.parts)) == new_v.parts + ) + if skip_sysconfig_abiflag_bug: + continue + + # MSYS2 MINGW's sysconfig patch does not include the "site-packages" + # part of the path. This is incorrect and will be fixed in MSYS. + skip_msys2_mingw_bug = ( + WINDOWS and k in ("platlib", "purelib") and _looks_like_msys2_mingw_scheme() + ) + if skip_msys2_mingw_bug: + continue + + warning_contexts.append((old_v, new_v, f"scheme.{k}")) + + if not warning_contexts: + return old + + # Check if this path mismatch is caused by distutils config files. Those + # files will no longer work once we switch to sysconfig, so this raises a + # deprecation message for them. + default_old = _distutils.distutils_scheme( + dist_name, + user, + home, + root, + isolated, + prefix, + ignore_config_files=True, + ) + if any(default_old[k] != getattr(old, k) for k in SCHEME_KEYS): + deprecated( + "Configuring installation scheme with distutils config files " + "is deprecated and will no longer work in the near future. If you " + "are using a Homebrew or Linuxbrew Python, please see discussion " + "at https://github.com/Homebrew/homebrew-core/issues/76621", + replacement=None, + gone_in=None, + ) + return old + + # Post warnings about this mismatch so user can report them back. + for old_v, new_v, key in warning_contexts: + _warn_mismatched(old_v, new_v, key=key) + _log_context(user=user, home=home, root=root, prefix=prefix) + + return old + + +def get_bin_prefix() -> str: + old = _distutils.get_bin_prefix() + new = _sysconfig.get_bin_prefix() + if _warn_if_mismatch(pathlib.Path(old), pathlib.Path(new), key="bin_prefix"): + _log_context() + return old + + +def get_bin_user() -> str: + return _sysconfig.get_scheme("", user=True).scripts + + +def _looks_like_deb_system_dist_packages(value: str) -> bool: + """Check if the value is Debian's APT-controlled dist-packages. + + Debian's ``distutils.sysconfig.get_python_lib()`` implementation returns the + default package path controlled by APT, but does not patch ``sysconfig`` to + do the same. This is similar to the bug worked around in ``get_scheme()``, + but here the default is ``deb_system`` instead of ``unix_local``. Ultimately + we can't do anything about this Debian bug, and this detection allows us to + skip the warning when needed. + """ + if not _looks_like_debian_scheme(): + return False + if value == "/usr/lib/python3/dist-packages": + return True + return False + + +def get_purelib() -> str: + """Return the default pure-Python lib location.""" + old = _distutils.get_purelib() + new = _sysconfig.get_purelib() + if _looks_like_deb_system_dist_packages(old): + return old + if _warn_if_mismatch(pathlib.Path(old), pathlib.Path(new), key="purelib"): + _log_context() + return old + + +def get_platlib() -> str: + """Return the default platform-shared lib location.""" + old = _distutils.get_platlib() + new = _sysconfig.get_platlib() + if _looks_like_deb_system_dist_packages(old): + return old + if _warn_if_mismatch(pathlib.Path(old), pathlib.Path(new), key="platlib"): + _log_context() + return old + + +def get_prefixed_libs(prefix: str) -> List[str]: + """Return the lib locations under ``prefix``.""" + old_pure, old_plat = _distutils.get_prefixed_libs(prefix) + new_pure, new_plat = _sysconfig.get_prefixed_libs(prefix) + + warned = [ + _warn_if_mismatch( + pathlib.Path(old_pure), + pathlib.Path(new_pure), + key="prefixed-purelib", + ), + _warn_if_mismatch( + pathlib.Path(old_plat), + pathlib.Path(new_plat), + key="prefixed-platlib", + ), + ] + if any(warned): + _log_context(prefix=prefix) + + if old_pure == old_plat: + return [old_pure] + return [old_pure, old_plat] diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/_distutils.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/_distutils.py new file mode 100644 index 000000000..2ec79e65b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/_distutils.py @@ -0,0 +1,169 @@ +"""Locations where we look for configs, install stuff, etc""" + +# The following comment should be removed at some point in the future. +# mypy: strict-optional=False + +import logging +import os +import sys +from distutils.cmd import Command as DistutilsCommand +from distutils.command.install import SCHEME_KEYS +from distutils.command.install import install as distutils_install_command +from distutils.sysconfig import get_python_lib +from typing import Dict, List, Optional, Tuple, Union, cast + +from pip._internal.models.scheme import Scheme +from pip._internal.utils.compat import WINDOWS +from pip._internal.utils.virtualenv import running_under_virtualenv + +from .base import get_major_minor_version + +logger = logging.getLogger(__name__) + + +def distutils_scheme( + dist_name: str, + user: bool = False, + home: str = None, + root: str = None, + isolated: bool = False, + prefix: str = None, + *, + ignore_config_files: bool = False, +) -> Dict[str, str]: + """ + Return a distutils install scheme + """ + from distutils.dist import Distribution + + dist_args: Dict[str, Union[str, List[str]]] = {"name": dist_name} + if isolated: + dist_args["script_args"] = ["--no-user-cfg"] + + d = Distribution(dist_args) + if not ignore_config_files: + try: + d.parse_config_files() + except UnicodeDecodeError: + # Typeshed does not include find_config_files() for some reason. + paths = d.find_config_files() # type: ignore + logger.warning( + "Ignore distutils configs in %s due to encoding errors.", + ", ".join(os.path.basename(p) for p in paths), + ) + obj: Optional[DistutilsCommand] = None + obj = d.get_command_obj("install", create=True) + assert obj is not None + i = cast(distutils_install_command, obj) + # NOTE: setting user or home has the side-effect of creating the home dir + # or user base for installations during finalize_options() + # ideally, we'd prefer a scheme class that has no side-effects. + assert not (user and prefix), f"user={user} prefix={prefix}" + assert not (home and prefix), f"home={home} prefix={prefix}" + i.user = user or i.user + if user or home: + i.prefix = "" + i.prefix = prefix or i.prefix + i.home = home or i.home + i.root = root or i.root + i.finalize_options() + + scheme = {} + for key in SCHEME_KEYS: + scheme[key] = getattr(i, "install_" + key) + + # install_lib specified in setup.cfg should install *everything* + # into there (i.e. it takes precedence over both purelib and + # platlib). Note, i.install_lib is *always* set after + # finalize_options(); we only want to override here if the user + # has explicitly requested it hence going back to the config + if "install_lib" in d.get_option_dict("install"): + scheme.update(dict(purelib=i.install_lib, platlib=i.install_lib)) + + if running_under_virtualenv(): + if home: + prefix = home + elif user: + prefix = i.install_userbase # type: ignore + else: + prefix = i.prefix + scheme["headers"] = os.path.join( + prefix, + "include", + "site", + f"python{get_major_minor_version()}", + dist_name, + ) + + if root is not None: + path_no_drive = os.path.splitdrive(os.path.abspath(scheme["headers"]))[1] + scheme["headers"] = os.path.join(root, path_no_drive[1:]) + + return scheme + + +def get_scheme( + dist_name: str, + user: bool = False, + home: Optional[str] = None, + root: Optional[str] = None, + isolated: bool = False, + prefix: Optional[str] = None, +) -> Scheme: + """ + Get the "scheme" corresponding to the input parameters. The distutils + documentation provides the context for the available schemes: + https://docs.python.org/3/install/index.html#alternate-installation + + :param dist_name: the name of the package to retrieve the scheme for, used + in the headers scheme path + :param user: indicates to use the "user" scheme + :param home: indicates to use the "home" scheme and provides the base + directory for the same + :param root: root under which other directories are re-based + :param isolated: equivalent to --no-user-cfg, i.e. do not consider + ~/.pydistutils.cfg (posix) or ~/pydistutils.cfg (non-posix) for + scheme paths + :param prefix: indicates to use the "prefix" scheme and provides the + base directory for the same + """ + scheme = distutils_scheme(dist_name, user, home, root, isolated, prefix) + return Scheme( + platlib=scheme["platlib"], + purelib=scheme["purelib"], + headers=scheme["headers"], + scripts=scheme["scripts"], + data=scheme["data"], + ) + + +def get_bin_prefix() -> str: + # XXX: In old virtualenv versions, sys.prefix can contain '..' components, + # so we need to call normpath to eliminate them. + prefix = os.path.normpath(sys.prefix) + if WINDOWS: + bin_py = os.path.join(prefix, "Scripts") + # buildout uses 'bin' on Windows too? + if not os.path.exists(bin_py): + bin_py = os.path.join(prefix, "bin") + return bin_py + # Forcing to use /usr/local/bin for standard macOS framework installs + # Also log to ~/Library/Logs/ for use with the Console.app log viewer + if sys.platform[:6] == "darwin" and prefix[:16] == "/System/Library/": + return "/usr/local/bin" + return os.path.join(prefix, "bin") + + +def get_purelib() -> str: + return get_python_lib(plat_specific=False) + + +def get_platlib() -> str: + return get_python_lib(plat_specific=True) + + +def get_prefixed_libs(prefix: str) -> Tuple[str, str]: + return ( + get_python_lib(plat_specific=False, prefix=prefix), + get_python_lib(plat_specific=True, prefix=prefix), + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/_sysconfig.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/_sysconfig.py new file mode 100644 index 000000000..5e141aa1b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/_sysconfig.py @@ -0,0 +1,219 @@ +import distutils.util # FIXME: For change_root. +import logging +import os +import sys +import sysconfig +import typing + +from pip._internal.exceptions import InvalidSchemeCombination, UserInstallationInvalid +from pip._internal.models.scheme import SCHEME_KEYS, Scheme +from pip._internal.utils.virtualenv import running_under_virtualenv + +from .base import get_major_minor_version, is_osx_framework + +logger = logging.getLogger(__name__) + + +# Notes on _infer_* functions. +# Unfortunately ``get_default_scheme()`` didn't exist before 3.10, so there's no +# way to ask things like "what is the '_prefix' scheme on this platform". These +# functions try to answer that with some heuristics while accounting for ad-hoc +# platforms not covered by CPython's default sysconfig implementation. If the +# ad-hoc implementation does not fully implement sysconfig, we'll fall back to +# a POSIX scheme. + +_AVAILABLE_SCHEMES = set(sysconfig.get_scheme_names()) + +_PREFERRED_SCHEME_API = getattr(sysconfig, "get_preferred_scheme", None) + + +def _should_use_osx_framework_prefix() -> bool: + """Check for Apple's ``osx_framework_library`` scheme. + + Python distributed by Apple's Command Line Tools has this special scheme + that's used when: + + * This is a framework build. + * We are installing into the system prefix. + + This does not account for ``pip install --prefix`` (also means we're not + installing to the system prefix), which should use ``posix_prefix``, but + logic here means ``_infer_prefix()`` outputs ``osx_framework_library``. But + since ``prefix`` is not available for ``sysconfig.get_default_scheme()``, + which is the stdlib replacement for ``_infer_prefix()``, presumably Apple + wouldn't be able to magically switch between ``osx_framework_library`` and + ``posix_prefix``. ``_infer_prefix()`` returning ``osx_framework_library`` + means its behavior is consistent whether we use the stdlib implementation + or our own, and we deal with this special case in ``get_scheme()`` instead. + """ + return ( + "osx_framework_library" in _AVAILABLE_SCHEMES + and not running_under_virtualenv() + and is_osx_framework() + ) + + +def _infer_prefix() -> str: + """Try to find a prefix scheme for the current platform. + + This tries: + + * A special ``osx_framework_library`` for Python distributed by Apple's + Command Line Tools, when not running in a virtual environment. + * Implementation + OS, used by PyPy on Windows (``pypy_nt``). + * Implementation without OS, used by PyPy on POSIX (``pypy``). + * OS + "prefix", used by CPython on POSIX (``posix_prefix``). + * Just the OS name, used by CPython on Windows (``nt``). + + If none of the above works, fall back to ``posix_prefix``. + """ + if _PREFERRED_SCHEME_API: + return _PREFERRED_SCHEME_API("prefix") + if _should_use_osx_framework_prefix(): + return "osx_framework_library" + implementation_suffixed = f"{sys.implementation.name}_{os.name}" + if implementation_suffixed in _AVAILABLE_SCHEMES: + return implementation_suffixed + if sys.implementation.name in _AVAILABLE_SCHEMES: + return sys.implementation.name + suffixed = f"{os.name}_prefix" + if suffixed in _AVAILABLE_SCHEMES: + return suffixed + if os.name in _AVAILABLE_SCHEMES: # On Windows, prefx is just called "nt". + return os.name + return "posix_prefix" + + +def _infer_user() -> str: + """Try to find a user scheme for the current platform.""" + if _PREFERRED_SCHEME_API: + return _PREFERRED_SCHEME_API("user") + if is_osx_framework() and not running_under_virtualenv(): + suffixed = "osx_framework_user" + else: + suffixed = f"{os.name}_user" + if suffixed in _AVAILABLE_SCHEMES: + return suffixed + if "posix_user" not in _AVAILABLE_SCHEMES: # User scheme unavailable. + raise UserInstallationInvalid() + return "posix_user" + + +def _infer_home() -> str: + """Try to find a home for the current platform.""" + if _PREFERRED_SCHEME_API: + return _PREFERRED_SCHEME_API("home") + suffixed = f"{os.name}_home" + if suffixed in _AVAILABLE_SCHEMES: + return suffixed + return "posix_home" + + +# Update these keys if the user sets a custom home. +_HOME_KEYS = [ + "installed_base", + "base", + "installed_platbase", + "platbase", + "prefix", + "exec_prefix", +] +if sysconfig.get_config_var("userbase") is not None: + _HOME_KEYS.append("userbase") + + +def get_scheme( + dist_name: str, + user: bool = False, + home: typing.Optional[str] = None, + root: typing.Optional[str] = None, + isolated: bool = False, + prefix: typing.Optional[str] = None, +) -> Scheme: + """ + Get the "scheme" corresponding to the input parameters. + + :param dist_name: the name of the package to retrieve the scheme for, used + in the headers scheme path + :param user: indicates to use the "user" scheme + :param home: indicates to use the "home" scheme + :param root: root under which other directories are re-based + :param isolated: ignored, but kept for distutils compatibility (where + this controls whether the user-site pydistutils.cfg is honored) + :param prefix: indicates to use the "prefix" scheme and provides the + base directory for the same + """ + if user and prefix: + raise InvalidSchemeCombination("--user", "--prefix") + if home and prefix: + raise InvalidSchemeCombination("--home", "--prefix") + + if home is not None: + scheme_name = _infer_home() + elif user: + scheme_name = _infer_user() + else: + scheme_name = _infer_prefix() + + # Special case: When installing into a custom prefix, use posix_prefix + # instead of osx_framework_library. See _should_use_osx_framework_prefix() + # docstring for details. + if prefix is not None and scheme_name == "osx_framework_library": + scheme_name = "posix_prefix" + + if home is not None: + variables = {k: home for k in _HOME_KEYS} + elif prefix is not None: + variables = {k: prefix for k in _HOME_KEYS} + else: + variables = {} + + paths = sysconfig.get_paths(scheme=scheme_name, vars=variables) + + # Logic here is very arbitrary, we're doing it for compatibility, don't ask. + # 1. Pip historically uses a special header path in virtual environments. + # 2. If the distribution name is not known, distutils uses 'UNKNOWN'. We + # only do the same when not running in a virtual environment because + # pip's historical header path logic (see point 1) did not do this. + if running_under_virtualenv(): + if user: + base = variables.get("userbase", sys.prefix) + else: + base = variables.get("base", sys.prefix) + python_xy = f"python{get_major_minor_version()}" + paths["include"] = os.path.join(base, "include", "site", python_xy) + elif not dist_name: + dist_name = "UNKNOWN" + + scheme = Scheme( + platlib=paths["platlib"], + purelib=paths["purelib"], + headers=os.path.join(paths["include"], dist_name), + scripts=paths["scripts"], + data=paths["data"], + ) + if root is not None: + for key in SCHEME_KEYS: + value = distutils.util.change_root(root, getattr(scheme, key)) + setattr(scheme, key, value) + return scheme + + +def get_bin_prefix() -> str: + # Forcing to use /usr/local/bin for standard macOS framework installs. + if sys.platform[:6] == "darwin" and sys.prefix[:16] == "/System/Library/": + return "/usr/local/bin" + return sysconfig.get_paths()["scripts"] + + +def get_purelib() -> str: + return sysconfig.get_paths()["purelib"] + + +def get_platlib() -> str: + return sysconfig.get_paths()["platlib"] + + +def get_prefixed_libs(prefix: str) -> typing.Tuple[str, str]: + paths = sysconfig.get_paths(vars={"base": prefix, "platbase": prefix}) + return (paths["purelib"], paths["platlib"]) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/base.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/base.py new file mode 100644 index 000000000..86dad4a3a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/locations/base.py @@ -0,0 +1,52 @@ +import functools +import os +import site +import sys +import sysconfig +import typing + +from pip._internal.utils import appdirs +from pip._internal.utils.virtualenv import running_under_virtualenv + +# Application Directories +USER_CACHE_DIR = appdirs.user_cache_dir("pip") + +# FIXME doesn't account for venv linked to global site-packages +site_packages: typing.Optional[str] = sysconfig.get_path("purelib") + + +def get_major_minor_version() -> str: + """ + Return the major-minor version of the current Python as a string, e.g. + "3.7" or "3.10". + """ + return "{}.{}".format(*sys.version_info) + + +def get_src_prefix() -> str: + if running_under_virtualenv(): + src_prefix = os.path.join(sys.prefix, "src") + else: + # FIXME: keep src in cwd for now (it is not a temporary folder) + try: + src_prefix = os.path.join(os.getcwd(), "src") + except OSError: + # In case the current working directory has been renamed or deleted + sys.exit("The folder you are executing pip from can no longer be found.") + + # under macOS + virtualenv sys.prefix is not properly resolved + # it is something like /path/to/python/bin/.. + return os.path.abspath(src_prefix) + + +try: + # Use getusersitepackages if this is present, as it ensures that the + # value is initialised properly. + user_site: typing.Optional[str] = site.getusersitepackages() +except AttributeError: + user_site = site.USER_SITE + + +@functools.lru_cache(maxsize=None) +def is_osx_framework() -> bool: + return bool(sysconfig.get_config_var("PYTHONFRAMEWORK")) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/main.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/main.py new file mode 100644 index 000000000..51eee1588 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/main.py @@ -0,0 +1,13 @@ +from typing import List, Optional + + +def main(args=None): + # type: (Optional[List[str]]) -> int + """This is preserved for old console scripts that may still be referencing + it. + + For additional details, see https://github.com/pypa/pip/issues/7498. + """ + from pip._internal.utils.entrypoints import _wrapper + + return _wrapper(args) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/__init__.py new file mode 100644 index 000000000..e3429d255 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/__init__.py @@ -0,0 +1,48 @@ +from typing import List, Optional + +from .base import BaseDistribution, BaseEnvironment + +__all__ = [ + "BaseDistribution", + "BaseEnvironment", + "get_default_environment", + "get_environment", + "get_wheel_distribution", +] + + +def get_default_environment() -> BaseEnvironment: + """Get the default representation for the current environment. + + This returns an Environment instance from the chosen backend. The default + Environment instance should be built from ``sys.path`` and may use caching + to share instance state accorss calls. + """ + from .pkg_resources import Environment + + return Environment.default() + + +def get_environment(paths: Optional[List[str]]) -> BaseEnvironment: + """Get a representation of the environment specified by ``paths``. + + This returns an Environment instance from the chosen backend based on the + given import paths. The backend must build a fresh instance representing + the state of installed distributions when this function is called. + """ + from .pkg_resources import Environment + + return Environment.from_paths(paths) + + +def get_wheel_distribution(wheel_path: str, canonical_name: str) -> BaseDistribution: + """Get the representation of the specified wheel's distribution metadata. + + This returns a Distribution instance from the chosen backend based on + the given wheel's ``.dist-info`` directory. + + :param canonical_name: Normalized project name of the given wheel. + """ + from .pkg_resources import Distribution + + return Distribution.from_wheel(wheel_path, canonical_name) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/base.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/base.py new file mode 100644 index 000000000..9fdc123ce --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/base.py @@ -0,0 +1,242 @@ +import email.message +import json +import logging +import re +from typing import ( + TYPE_CHECKING, + Collection, + Container, + Iterable, + Iterator, + List, + Optional, + Union, +) + +from pip._vendor.packaging.requirements import Requirement +from pip._vendor.packaging.version import LegacyVersion, Version + +from pip._internal.models.direct_url import ( + DIRECT_URL_METADATA_NAME, + DirectUrl, + DirectUrlValidationError, +) +from pip._internal.utils.misc import stdlib_pkgs # TODO: Move definition here. + +if TYPE_CHECKING: + from typing import Protocol + + from pip._vendor.packaging.utils import NormalizedName +else: + Protocol = object + +DistributionVersion = Union[LegacyVersion, Version] + +logger = logging.getLogger(__name__) + + +class BaseEntryPoint(Protocol): + @property + def name(self) -> str: + raise NotImplementedError() + + @property + def value(self) -> str: + raise NotImplementedError() + + @property + def group(self) -> str: + raise NotImplementedError() + + +class BaseDistribution(Protocol): + @property + def location(self) -> Optional[str]: + """Where the distribution is loaded from. + + A string value is not necessarily a filesystem path, since distributions + can be loaded from other sources, e.g. arbitrary zip archives. ``None`` + means the distribution is created in-memory. + + Do not canonicalize this value with e.g. ``pathlib.Path.resolve()``. If + this is a symbolic link, we want to preserve the relative path between + it and files in the distribution. + """ + raise NotImplementedError() + + @property + def info_directory(self) -> Optional[str]: + """Location of the .[egg|dist]-info directory. + + Similarly to ``location``, a string value is not necessarily a + filesystem path. ``None`` means the distribution is created in-memory. + + For a modern .dist-info installation on disk, this should be something + like ``{location}/{raw_name}-{version}.dist-info``. + + Do not canonicalize this value with e.g. ``pathlib.Path.resolve()``. If + this is a symbolic link, we want to preserve the relative path between + it and other files in the distribution. + """ + raise NotImplementedError() + + @property + def canonical_name(self) -> "NormalizedName": + raise NotImplementedError() + + @property + def version(self) -> DistributionVersion: + raise NotImplementedError() + + @property + def direct_url(self) -> Optional[DirectUrl]: + """Obtain a DirectUrl from this distribution. + + Returns None if the distribution has no `direct_url.json` metadata, + or if `direct_url.json` is invalid. + """ + try: + content = self.read_text(DIRECT_URL_METADATA_NAME) + except FileNotFoundError: + return None + try: + return DirectUrl.from_json(content) + except ( + UnicodeDecodeError, + json.JSONDecodeError, + DirectUrlValidationError, + ) as e: + logger.warning( + "Error parsing %s for %s: %s", + DIRECT_URL_METADATA_NAME, + self.canonical_name, + e, + ) + return None + + @property + def installer(self) -> str: + raise NotImplementedError() + + @property + def editable(self) -> bool: + raise NotImplementedError() + + @property + def local(self) -> bool: + raise NotImplementedError() + + @property + def in_usersite(self) -> bool: + raise NotImplementedError() + + @property + def in_site_packages(self) -> bool: + raise NotImplementedError() + + def read_text(self, name: str) -> str: + """Read a file in the .dist-info (or .egg-info) directory. + + Should raise ``FileNotFoundError`` if ``name`` does not exist in the + metadata directory. + """ + raise NotImplementedError() + + def iter_entry_points(self) -> Iterable[BaseEntryPoint]: + raise NotImplementedError() + + @property + def metadata(self) -> email.message.Message: + """Metadata of distribution parsed from e.g. METADATA or PKG-INFO.""" + raise NotImplementedError() + + @property + def metadata_version(self) -> Optional[str]: + """Value of "Metadata-Version:" in distribution metadata, if available.""" + return self.metadata.get("Metadata-Version") + + @property + def raw_name(self) -> str: + """Value of "Name:" in distribution metadata.""" + # The metadata should NEVER be missing the Name: key, but if it somehow + # does not, fall back to the known canonical name. + return self.metadata.get("Name", self.canonical_name) + + def iter_dependencies(self, extras: Collection[str] = ()) -> Iterable[Requirement]: + raise NotImplementedError() + + +class BaseEnvironment: + """An environment containing distributions to introspect.""" + + @classmethod + def default(cls) -> "BaseEnvironment": + raise NotImplementedError() + + @classmethod + def from_paths(cls, paths: Optional[List[str]]) -> "BaseEnvironment": + raise NotImplementedError() + + def get_distribution(self, name: str) -> Optional["BaseDistribution"]: + """Given a requirement name, return the installed distributions.""" + raise NotImplementedError() + + def _iter_distributions(self) -> Iterator["BaseDistribution"]: + """Iterate through installed distributions. + + This function should be implemented by subclass, but never called + directly. Use the public ``iter_distribution()`` instead, which + implements additional logic to make sure the distributions are valid. + """ + raise NotImplementedError() + + def iter_distributions(self) -> Iterator["BaseDistribution"]: + """Iterate through installed distributions.""" + for dist in self._iter_distributions(): + # Make sure the distribution actually comes from a valid Python + # packaging distribution. Pip's AdjacentTempDirectory leaves folders + # e.g. ``~atplotlib.dist-info`` if cleanup was interrupted. The + # valid project name pattern is taken from PEP 508. + project_name_valid = re.match( + r"^([A-Z0-9]|[A-Z0-9][A-Z0-9._-]*[A-Z0-9])$", + dist.canonical_name, + flags=re.IGNORECASE, + ) + if not project_name_valid: + logger.warning( + "Ignoring invalid distribution %s (%s)", + dist.canonical_name, + dist.location, + ) + continue + yield dist + + def iter_installed_distributions( + self, + local_only: bool = True, + skip: Container[str] = stdlib_pkgs, + include_editables: bool = True, + editables_only: bool = False, + user_only: bool = False, + ) -> Iterator[BaseDistribution]: + """Return a list of installed distributions. + + :param local_only: If True (default), only return installations + local to the current virtualenv, if in a virtualenv. + :param skip: An iterable of canonicalized project names to ignore; + defaults to ``stdlib_pkgs``. + :param include_editables: If False, don't report editables. + :param editables_only: If True, only report editables. + :param user_only: If True, only report installations in the user + site directory. + """ + it = self.iter_distributions() + if local_only: + it = (d for d in it if d.local) + if not include_editables: + it = (d for d in it if not d.editable) + if editables_only: + it = (d for d in it if d.editable) + if user_only: + it = (d for d in it if d.in_usersite) + return (d for d in it if d.canonical_name not in skip) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/pkg_resources.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/pkg_resources.py new file mode 100644 index 000000000..59460062e --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/metadata/pkg_resources.py @@ -0,0 +1,153 @@ +import email.message +import logging +import zipfile +from typing import ( + TYPE_CHECKING, + Collection, + Iterable, + Iterator, + List, + NamedTuple, + Optional, +) + +from pip._vendor import pkg_resources +from pip._vendor.packaging.requirements import Requirement +from pip._vendor.packaging.utils import canonicalize_name +from pip._vendor.packaging.version import parse as parse_version + +from pip._internal.utils import misc # TODO: Move definition here. +from pip._internal.utils.packaging import get_installer, get_metadata +from pip._internal.utils.wheel import pkg_resources_distribution_for_wheel + +from .base import BaseDistribution, BaseEntryPoint, BaseEnvironment, DistributionVersion + +if TYPE_CHECKING: + from pip._vendor.packaging.utils import NormalizedName + +logger = logging.getLogger(__name__) + + +class EntryPoint(NamedTuple): + name: str + value: str + group: str + + +class Distribution(BaseDistribution): + def __init__(self, dist: pkg_resources.Distribution) -> None: + self._dist = dist + + @classmethod + def from_wheel(cls, path: str, name: str) -> "Distribution": + with zipfile.ZipFile(path, allowZip64=True) as zf: + dist = pkg_resources_distribution_for_wheel(zf, name, path) + return cls(dist) + + @property + def location(self) -> Optional[str]: + return self._dist.location + + @property + def info_directory(self) -> Optional[str]: + return self._dist.egg_info + + @property + def canonical_name(self) -> "NormalizedName": + return canonicalize_name(self._dist.project_name) + + @property + def version(self) -> DistributionVersion: + return parse_version(self._dist.version) + + @property + def installer(self) -> str: + return get_installer(self._dist) + + @property + def editable(self) -> bool: + return misc.dist_is_editable(self._dist) + + @property + def local(self) -> bool: + return misc.dist_is_local(self._dist) + + @property + def in_usersite(self) -> bool: + return misc.dist_in_usersite(self._dist) + + @property + def in_site_packages(self) -> bool: + return misc.dist_in_site_packages(self._dist) + + def read_text(self, name: str) -> str: + if not self._dist.has_metadata(name): + raise FileNotFoundError(name) + return self._dist.get_metadata(name) + + def iter_entry_points(self) -> Iterable[BaseEntryPoint]: + for group, entries in self._dist.get_entry_map().items(): + for name, entry_point in entries.items(): + name, _, value = str(entry_point).partition("=") + yield EntryPoint(name=name.strip(), value=value.strip(), group=group) + + @property + def metadata(self) -> email.message.Message: + return get_metadata(self._dist) + + def iter_dependencies(self, extras: Collection[str] = ()) -> Iterable[Requirement]: + if extras: # pkg_resources raises on invalid extras, so we sanitize. + extras = frozenset(extras).intersection(self._dist.extras) + return self._dist.requires(extras) + + +class Environment(BaseEnvironment): + def __init__(self, ws: pkg_resources.WorkingSet) -> None: + self._ws = ws + + @classmethod + def default(cls) -> BaseEnvironment: + return cls(pkg_resources.working_set) + + @classmethod + def from_paths(cls, paths: Optional[List[str]]) -> BaseEnvironment: + return cls(pkg_resources.WorkingSet(paths)) + + def _search_distribution(self, name: str) -> Optional[BaseDistribution]: + """Find a distribution matching the ``name`` in the environment. + + This searches from *all* distributions available in the environment, to + match the behavior of ``pkg_resources.get_distribution()``. + """ + canonical_name = canonicalize_name(name) + for dist in self.iter_distributions(): + if dist.canonical_name == canonical_name: + return dist + return None + + def get_distribution(self, name: str) -> Optional[BaseDistribution]: + + # Search the distribution by looking through the working set. + dist = self._search_distribution(name) + if dist: + return dist + + # If distribution could not be found, call working_set.require to + # update the working set, and try to find the distribution again. + # This might happen for e.g. when you install a package twice, once + # using setup.py develop and again using setup.py install. Now when + # running pip uninstall twice, the package gets removed from the + # working set in the first uninstall, so we have to populate the + # working set again so that pip knows about it and the packages gets + # picked up and is successfully uninstalled the second time too. + try: + # We didn't pass in any version specifiers, so this can never + # raise pkg_resources.VersionConflict. + self._ws.require(name) + except pkg_resources.DistributionNotFound: + return None + return self._search_distribution(name) + + def _iter_distributions(self) -> Iterator[BaseDistribution]: + for dist in self._ws: + yield Distribution(dist) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/models/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/__init__.py new file mode 100644 index 000000000..7855226e4 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/__init__.py @@ -0,0 +1,2 @@ +"""A package that contains models that represent entities. +""" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/models/candidate.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/candidate.py new file mode 100644 index 000000000..c673d8d05 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/candidate.py @@ -0,0 +1,31 @@ +from pip._vendor.packaging.version import parse as parse_version + +from pip._internal.models.link import Link +from pip._internal.utils.models import KeyBasedCompareMixin + + +class InstallationCandidate(KeyBasedCompareMixin): + """Represents a potential "candidate" for installation. + """ + + __slots__ = ["name", "version", "link"] + + def __init__(self, name: str, version: str, link: Link) -> None: + self.name = name + self.version = parse_version(version) + self.link = link + + super().__init__( + key=(self.name, self.version, self.link), + defining_class=InstallationCandidate + ) + + def __repr__(self) -> str: + return "".format( + self.name, self.version, self.link, + ) + + def __str__(self) -> str: + return '{!r} candidate (version {} at {})'.format( + self.name, self.version, self.link, + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/models/direct_url.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/direct_url.py new file mode 100644 index 000000000..3f9b6993e --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/direct_url.py @@ -0,0 +1,220 @@ +""" PEP 610 """ +import json +import re +import urllib.parse +from typing import Any, Dict, Iterable, Optional, Type, TypeVar, Union + +__all__ = [ + "DirectUrl", + "DirectUrlValidationError", + "DirInfo", + "ArchiveInfo", + "VcsInfo", +] + +T = TypeVar("T") + +DIRECT_URL_METADATA_NAME = "direct_url.json" +ENV_VAR_RE = re.compile(r"^\$\{[A-Za-z0-9-_]+\}(:\$\{[A-Za-z0-9-_]+\})?$") + + +class DirectUrlValidationError(Exception): + pass + + +def _get( + d: Dict[str, Any], expected_type: Type[T], key: str, default: Optional[T] = None +) -> Optional[T]: + """Get value from dictionary and verify expected type.""" + if key not in d: + return default + value = d[key] + if not isinstance(value, expected_type): + raise DirectUrlValidationError( + "{!r} has unexpected type for {} (expected {})".format( + value, key, expected_type + ) + ) + return value + + +def _get_required( + d: Dict[str, Any], expected_type: Type[T], key: str, default: Optional[T] = None +) -> T: + value = _get(d, expected_type, key, default) + if value is None: + raise DirectUrlValidationError(f"{key} must have a value") + return value + + +def _exactly_one_of(infos: Iterable[Optional["InfoType"]]) -> "InfoType": + infos = [info for info in infos if info is not None] + if not infos: + raise DirectUrlValidationError( + "missing one of archive_info, dir_info, vcs_info" + ) + if len(infos) > 1: + raise DirectUrlValidationError( + "more than one of archive_info, dir_info, vcs_info" + ) + assert infos[0] is not None + return infos[0] + + +def _filter_none(**kwargs: Any) -> Dict[str, Any]: + """Make dict excluding None values.""" + return {k: v for k, v in kwargs.items() if v is not None} + + +class VcsInfo: + name = "vcs_info" + + def __init__( + self, + vcs: str, + commit_id: str, + requested_revision: Optional[str] = None, + resolved_revision: Optional[str] = None, + resolved_revision_type: Optional[str] = None, + ) -> None: + self.vcs = vcs + self.requested_revision = requested_revision + self.commit_id = commit_id + self.resolved_revision = resolved_revision + self.resolved_revision_type = resolved_revision_type + + @classmethod + def _from_dict(cls, d: Optional[Dict[str, Any]]) -> Optional["VcsInfo"]: + if d is None: + return None + return cls( + vcs=_get_required(d, str, "vcs"), + commit_id=_get_required(d, str, "commit_id"), + requested_revision=_get(d, str, "requested_revision"), + resolved_revision=_get(d, str, "resolved_revision"), + resolved_revision_type=_get(d, str, "resolved_revision_type"), + ) + + def _to_dict(self) -> Dict[str, Any]: + return _filter_none( + vcs=self.vcs, + requested_revision=self.requested_revision, + commit_id=self.commit_id, + resolved_revision=self.resolved_revision, + resolved_revision_type=self.resolved_revision_type, + ) + + +class ArchiveInfo: + name = "archive_info" + + def __init__( + self, + hash: Optional[str] = None, + ) -> None: + self.hash = hash + + @classmethod + def _from_dict(cls, d: Optional[Dict[str, Any]]) -> Optional["ArchiveInfo"]: + if d is None: + return None + return cls(hash=_get(d, str, "hash")) + + def _to_dict(self) -> Dict[str, Any]: + return _filter_none(hash=self.hash) + + +class DirInfo: + name = "dir_info" + + def __init__( + self, + editable: bool = False, + ) -> None: + self.editable = editable + + @classmethod + def _from_dict(cls, d: Optional[Dict[str, Any]]) -> Optional["DirInfo"]: + if d is None: + return None + return cls( + editable=_get_required(d, bool, "editable", default=False) + ) + + def _to_dict(self) -> Dict[str, Any]: + return _filter_none(editable=self.editable or None) + + +InfoType = Union[ArchiveInfo, DirInfo, VcsInfo] + + +class DirectUrl: + + def __init__( + self, + url: str, + info: InfoType, + subdirectory: Optional[str] = None, + ) -> None: + self.url = url + self.info = info + self.subdirectory = subdirectory + + def _remove_auth_from_netloc(self, netloc: str) -> str: + if "@" not in netloc: + return netloc + user_pass, netloc_no_user_pass = netloc.split("@", 1) + if ( + isinstance(self.info, VcsInfo) and + self.info.vcs == "git" and + user_pass == "git" + ): + return netloc + if ENV_VAR_RE.match(user_pass): + return netloc + return netloc_no_user_pass + + @property + def redacted_url(self) -> str: + """url with user:password part removed unless it is formed with + environment variables as specified in PEP 610, or it is ``git`` + in the case of a git URL. + """ + purl = urllib.parse.urlsplit(self.url) + netloc = self._remove_auth_from_netloc(purl.netloc) + surl = urllib.parse.urlunsplit( + (purl.scheme, netloc, purl.path, purl.query, purl.fragment) + ) + return surl + + def validate(self) -> None: + self.from_dict(self.to_dict()) + + @classmethod + def from_dict(cls, d: Dict[str, Any]) -> "DirectUrl": + return DirectUrl( + url=_get_required(d, str, "url"), + subdirectory=_get(d, str, "subdirectory"), + info=_exactly_one_of( + [ + ArchiveInfo._from_dict(_get(d, dict, "archive_info")), + DirInfo._from_dict(_get(d, dict, "dir_info")), + VcsInfo._from_dict(_get(d, dict, "vcs_info")), + ] + ), + ) + + def to_dict(self) -> Dict[str, Any]: + res = _filter_none( + url=self.redacted_url, + subdirectory=self.subdirectory, + ) + res[self.info.name] = self.info._to_dict() + return res + + @classmethod + def from_json(cls, s: str) -> "DirectUrl": + return cls.from_dict(json.loads(s)) + + def to_json(self) -> str: + return json.dumps(self.to_dict(), sort_keys=True) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/models/format_control.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/format_control.py new file mode 100644 index 000000000..010c3620d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/format_control.py @@ -0,0 +1,84 @@ +from typing import FrozenSet, Optional, Set + +from pip._vendor.packaging.utils import canonicalize_name + +from pip._internal.exceptions import CommandError + + +class FormatControl: + """Helper for managing formats from which a package can be installed. + """ + + __slots__ = ["no_binary", "only_binary"] + + def __init__( + self, + no_binary: Optional[Set[str]] = None, + only_binary: Optional[Set[str]] = None + ) -> None: + if no_binary is None: + no_binary = set() + if only_binary is None: + only_binary = set() + + self.no_binary = no_binary + self.only_binary = only_binary + + def __eq__(self, other: object) -> bool: + if not isinstance(other, self.__class__): + return NotImplemented + + if self.__slots__ != other.__slots__: + return False + + return all( + getattr(self, k) == getattr(other, k) + for k in self.__slots__ + ) + + def __repr__(self) -> str: + return "{}({}, {})".format( + self.__class__.__name__, + self.no_binary, + self.only_binary + ) + + @staticmethod + def handle_mutual_excludes(value: str, target: Set[str], other: Set[str]) -> None: + if value.startswith('-'): + raise CommandError( + "--no-binary / --only-binary option requires 1 argument." + ) + new = value.split(',') + while ':all:' in new: + other.clear() + target.clear() + target.add(':all:') + del new[:new.index(':all:') + 1] + # Without a none, we want to discard everything as :all: covers it + if ':none:' not in new: + return + for name in new: + if name == ':none:': + target.clear() + continue + name = canonicalize_name(name) + other.discard(name) + target.add(name) + + def get_allowed_formats(self, canonical_name: str) -> FrozenSet[str]: + result = {"binary", "source"} + if canonical_name in self.only_binary: + result.discard('source') + elif canonical_name in self.no_binary: + result.discard('binary') + elif ':all:' in self.only_binary: + result.discard('source') + elif ':all:' in self.no_binary: + result.discard('binary') + return frozenset(result) + + def disallow_binaries(self) -> None: + self.handle_mutual_excludes( + ':all:', self.no_binary, self.only_binary, + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/models/index.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/index.py new file mode 100644 index 000000000..1874a5b60 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/index.py @@ -0,0 +1,32 @@ +import urllib.parse + + +class PackageIndex: + """Represents a Package Index and provides easier access to endpoints + """ + + __slots__ = ['url', 'netloc', 'simple_url', 'pypi_url', + 'file_storage_domain'] + + def __init__(self, url: str, file_storage_domain: str) -> None: + super().__init__() + self.url = url + self.netloc = urllib.parse.urlsplit(url).netloc + self.simple_url = self._url_for_path('simple') + self.pypi_url = self._url_for_path('pypi') + + # This is part of a temporary hack used to block installs of PyPI + # packages which depend on external urls only necessary until PyPI can + # block such packages themselves + self.file_storage_domain = file_storage_domain + + def _url_for_path(self, path: str) -> str: + return urllib.parse.urljoin(self.url, path) + + +PyPI = PackageIndex( + 'https://pypi.org/', file_storage_domain='files.pythonhosted.org' +) +TestPyPI = PackageIndex( + 'https://test.pypi.org/', file_storage_domain='test-files.pythonhosted.org' +) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/models/link.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/link.py new file mode 100644 index 000000000..9ef1ca368 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/link.py @@ -0,0 +1,288 @@ +import functools +import logging +import os +import posixpath +import re +import urllib.parse +from typing import TYPE_CHECKING, Dict, List, NamedTuple, Optional, Tuple, Union + +from pip._internal.utils.filetypes import WHEEL_EXTENSION +from pip._internal.utils.hashes import Hashes +from pip._internal.utils.misc import ( + redact_auth_from_url, + split_auth_from_netloc, + splitext, +) +from pip._internal.utils.models import KeyBasedCompareMixin +from pip._internal.utils.urls import path_to_url, url_to_path + +if TYPE_CHECKING: + from pip._internal.index.collector import HTMLPage + +logger = logging.getLogger(__name__) + + +_SUPPORTED_HASHES = ("sha1", "sha224", "sha384", "sha256", "sha512", "md5") + + +class Link(KeyBasedCompareMixin): + """Represents a parsed link from a Package Index's simple URL + """ + + __slots__ = [ + "_parsed_url", + "_url", + "comes_from", + "requires_python", + "yanked_reason", + "cache_link_parsing", + ] + + def __init__( + self, + url: str, + comes_from: Optional[Union[str, "HTMLPage"]] = None, + requires_python: Optional[str] = None, + yanked_reason: Optional[str] = None, + cache_link_parsing: bool = True, + ) -> None: + """ + :param url: url of the resource pointed to (href of the link) + :param comes_from: instance of HTMLPage where the link was found, + or string. + :param requires_python: String containing the `Requires-Python` + metadata field, specified in PEP 345. This may be specified by + a data-requires-python attribute in the HTML link tag, as + described in PEP 503. + :param yanked_reason: the reason the file has been yanked, if the + file has been yanked, or None if the file hasn't been yanked. + This is the value of the "data-yanked" attribute, if present, in + a simple repository HTML link. If the file has been yanked but + no reason was provided, this should be the empty string. See + PEP 592 for more information and the specification. + :param cache_link_parsing: A flag that is used elsewhere to determine + whether resources retrieved from this link + should be cached. PyPI index urls should + generally have this set to False, for + example. + """ + + # url can be a UNC windows share + if url.startswith('\\\\'): + url = path_to_url(url) + + self._parsed_url = urllib.parse.urlsplit(url) + # Store the url as a private attribute to prevent accidentally + # trying to set a new value. + self._url = url + + self.comes_from = comes_from + self.requires_python = requires_python if requires_python else None + self.yanked_reason = yanked_reason + + super().__init__(key=url, defining_class=Link) + + self.cache_link_parsing = cache_link_parsing + + def __str__(self) -> str: + if self.requires_python: + rp = f' (requires-python:{self.requires_python})' + else: + rp = '' + if self.comes_from: + return '{} (from {}){}'.format( + redact_auth_from_url(self._url), self.comes_from, rp) + else: + return redact_auth_from_url(str(self._url)) + + def __repr__(self) -> str: + return f'' + + @property + def url(self) -> str: + return self._url + + @property + def filename(self) -> str: + path = self.path.rstrip('/') + name = posixpath.basename(path) + if not name: + # Make sure we don't leak auth information if the netloc + # includes a username and password. + netloc, user_pass = split_auth_from_netloc(self.netloc) + return netloc + + name = urllib.parse.unquote(name) + assert name, f'URL {self._url!r} produced no filename' + return name + + @property + def file_path(self) -> str: + return url_to_path(self.url) + + @property + def scheme(self) -> str: + return self._parsed_url.scheme + + @property + def netloc(self) -> str: + """ + This can contain auth information. + """ + return self._parsed_url.netloc + + @property + def path(self) -> str: + return urllib.parse.unquote(self._parsed_url.path) + + def splitext(self) -> Tuple[str, str]: + return splitext(posixpath.basename(self.path.rstrip('/'))) + + @property + def ext(self) -> str: + return self.splitext()[1] + + @property + def url_without_fragment(self) -> str: + scheme, netloc, path, query, fragment = self._parsed_url + return urllib.parse.urlunsplit((scheme, netloc, path, query, '')) + + _egg_fragment_re = re.compile(r'[#&]egg=([^&]*)') + + @property + def egg_fragment(self) -> Optional[str]: + match = self._egg_fragment_re.search(self._url) + if not match: + return None + return match.group(1) + + _subdirectory_fragment_re = re.compile(r'[#&]subdirectory=([^&]*)') + + @property + def subdirectory_fragment(self) -> Optional[str]: + match = self._subdirectory_fragment_re.search(self._url) + if not match: + return None + return match.group(1) + + _hash_re = re.compile( + r'({choices})=([a-f0-9]+)'.format(choices="|".join(_SUPPORTED_HASHES)) + ) + + @property + def hash(self) -> Optional[str]: + match = self._hash_re.search(self._url) + if match: + return match.group(2) + return None + + @property + def hash_name(self) -> Optional[str]: + match = self._hash_re.search(self._url) + if match: + return match.group(1) + return None + + @property + def show_url(self) -> str: + return posixpath.basename(self._url.split('#', 1)[0].split('?', 1)[0]) + + @property + def is_file(self) -> bool: + return self.scheme == 'file' + + def is_existing_dir(self) -> bool: + return self.is_file and os.path.isdir(self.file_path) + + @property + def is_wheel(self) -> bool: + return self.ext == WHEEL_EXTENSION + + @property + def is_vcs(self) -> bool: + from pip._internal.vcs import vcs + + return self.scheme in vcs.all_schemes + + @property + def is_yanked(self) -> bool: + return self.yanked_reason is not None + + @property + def has_hash(self) -> bool: + return self.hash_name is not None + + def is_hash_allowed(self, hashes: Optional[Hashes]) -> bool: + """ + Return True if the link has a hash and it is allowed. + """ + if hashes is None or not self.has_hash: + return False + # Assert non-None so mypy knows self.hash_name and self.hash are str. + assert self.hash_name is not None + assert self.hash is not None + + return hashes.is_hash_allowed(self.hash_name, hex_digest=self.hash) + + +class _CleanResult(NamedTuple): + """Convert link for equivalency check. + + This is used in the resolver to check whether two URL-specified requirements + likely point to the same distribution and can be considered equivalent. This + equivalency logic avoids comparing URLs literally, which can be too strict + (e.g. "a=1&b=2" vs "b=2&a=1") and produce conflicts unexpecting to users. + + Currently this does three things: + + 1. Drop the basic auth part. This is technically wrong since a server can + serve different content based on auth, but if it does that, it is even + impossible to guarantee two URLs without auth are equivalent, since + the user can input different auth information when prompted. So the + practical solution is to assume the auth doesn't affect the response. + 2. Parse the query to avoid the ordering issue. Note that ordering under the + same key in the query are NOT cleaned; i.e. "a=1&a=2" and "a=2&a=1" are + still considered different. + 3. Explicitly drop most of the fragment part, except ``subdirectory=`` and + hash values, since it should have no impact the downloaded content. Note + that this drops the "egg=" part historically used to denote the requested + project (and extras), which is wrong in the strictest sense, but too many + people are supplying it inconsistently to cause superfluous resolution + conflicts, so we choose to also ignore them. + """ + + parsed: urllib.parse.SplitResult + query: Dict[str, List[str]] + subdirectory: str + hashes: Dict[str, str] + + +def _clean_link(link: Link) -> _CleanResult: + parsed = link._parsed_url + netloc = parsed.netloc.rsplit("@", 1)[-1] + # According to RFC 8089, an empty host in file: means localhost. + if parsed.scheme == "file" and not netloc: + netloc = "localhost" + fragment = urllib.parse.parse_qs(parsed.fragment) + if "egg" in fragment: + logger.debug("Ignoring egg= fragment in %s", link) + try: + # If there are multiple subdirectory values, use the first one. + # This matches the behavior of Link.subdirectory_fragment. + subdirectory = fragment["subdirectory"][0] + except (IndexError, KeyError): + subdirectory = "" + # If there are multiple hash values under the same algorithm, use the + # first one. This matches the behavior of Link.hash_value. + hashes = {k: fragment[k][0] for k in _SUPPORTED_HASHES if k in fragment} + return _CleanResult( + parsed=parsed._replace(netloc=netloc, query="", fragment=""), + query=urllib.parse.parse_qs(parsed.query), + subdirectory=subdirectory, + hashes=hashes, + ) + + +@functools.lru_cache(maxsize=None) +def links_equivalent(link1: Link, link2: Link) -> bool: + return _clean_link(link1) == _clean_link(link2) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/models/scheme.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/scheme.py new file mode 100644 index 000000000..9a8dafba3 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/scheme.py @@ -0,0 +1,31 @@ +""" +For types associated with installation schemes. + +For a general overview of available schemes and their context, see +https://docs.python.org/3/install/index.html#alternate-installation. +""" + + +SCHEME_KEYS = ['platlib', 'purelib', 'headers', 'scripts', 'data'] + + +class Scheme: + """A Scheme holds paths which are used as the base directories for + artifacts associated with a Python package. + """ + + __slots__ = SCHEME_KEYS + + def __init__( + self, + platlib: str, + purelib: str, + headers: str, + scripts: str, + data: str, + ) -> None: + self.platlib = platlib + self.purelib = purelib + self.headers = headers + self.scripts = scripts + self.data = data diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/models/search_scope.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/search_scope.py new file mode 100644 index 000000000..24ec9834d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/search_scope.py @@ -0,0 +1,126 @@ +import itertools +import logging +import os +import posixpath +import urllib.parse +from typing import List + +from pip._vendor.packaging.utils import canonicalize_name + +from pip._internal.models.index import PyPI +from pip._internal.utils.compat import has_tls +from pip._internal.utils.misc import normalize_path, redact_auth_from_url + +logger = logging.getLogger(__name__) + + +class SearchScope: + + """ + Encapsulates the locations that pip is configured to search. + """ + + __slots__ = ["find_links", "index_urls"] + + @classmethod + def create( + cls, + find_links: List[str], + index_urls: List[str], + ) -> "SearchScope": + """ + Create a SearchScope object after normalizing the `find_links`. + """ + # Build find_links. If an argument starts with ~, it may be + # a local file relative to a home directory. So try normalizing + # it and if it exists, use the normalized version. + # This is deliberately conservative - it might be fine just to + # blindly normalize anything starting with a ~... + built_find_links: List[str] = [] + for link in find_links: + if link.startswith('~'): + new_link = normalize_path(link) + if os.path.exists(new_link): + link = new_link + built_find_links.append(link) + + # If we don't have TLS enabled, then WARN if anyplace we're looking + # relies on TLS. + if not has_tls(): + for link in itertools.chain(index_urls, built_find_links): + parsed = urllib.parse.urlparse(link) + if parsed.scheme == 'https': + logger.warning( + 'pip is configured with locations that require ' + 'TLS/SSL, however the ssl module in Python is not ' + 'available.' + ) + break + + return cls( + find_links=built_find_links, + index_urls=index_urls, + ) + + def __init__( + self, + find_links: List[str], + index_urls: List[str], + ) -> None: + self.find_links = find_links + self.index_urls = index_urls + + def get_formatted_locations(self) -> str: + lines = [] + redacted_index_urls = [] + if self.index_urls and self.index_urls != [PyPI.simple_url]: + for url in self.index_urls: + + redacted_index_url = redact_auth_from_url(url) + + # Parse the URL + purl = urllib.parse.urlsplit(redacted_index_url) + + # URL is generally invalid if scheme and netloc is missing + # there are issues with Python and URL parsing, so this test + # is a bit crude. See bpo-20271, bpo-23505. Python doesn't + # always parse invalid URLs correctly - it should raise + # exceptions for malformed URLs + if not purl.scheme and not purl.netloc: + logger.warning( + 'The index url "%s" seems invalid, ' + 'please provide a scheme.', redacted_index_url) + + redacted_index_urls.append(redacted_index_url) + + lines.append('Looking in indexes: {}'.format( + ', '.join(redacted_index_urls))) + + if self.find_links: + lines.append( + 'Looking in links: {}'.format(', '.join( + redact_auth_from_url(url) for url in self.find_links)) + ) + return '\n'.join(lines) + + def get_index_urls_locations(self, project_name: str) -> List[str]: + """Returns the locations found via self.index_urls + + Checks the url_name on the main (first in the list) index and + use this url_name to produce all locations + """ + + def mkurl_pypi_url(url: str) -> str: + loc = posixpath.join( + url, + urllib.parse.quote(canonicalize_name(project_name))) + # For maximum compatibility with easy_install, ensure the path + # ends in a trailing slash. Although this isn't in the spec + # (and PyPI can handle it without the slash) some other index + # implementations might break if they relied on easy_install's + # behavior. + if not loc.endswith('/'): + loc = loc + '/' + return loc + + return [mkurl_pypi_url(url) for url in self.index_urls] diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/models/selection_prefs.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/selection_prefs.py new file mode 100644 index 000000000..66a563629 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/selection_prefs.py @@ -0,0 +1,46 @@ +from typing import Optional + +from pip._internal.models.format_control import FormatControl + + +class SelectionPreferences: + """ + Encapsulates the candidate selection preferences for downloading + and installing files. + """ + + __slots__ = ['allow_yanked', 'allow_all_prereleases', 'format_control', + 'prefer_binary', 'ignore_requires_python'] + + # Don't include an allow_yanked default value to make sure each call + # site considers whether yanked releases are allowed. This also causes + # that decision to be made explicit in the calling code, which helps + # people when reading the code. + def __init__( + self, + allow_yanked: bool, + allow_all_prereleases: bool = False, + format_control: Optional[FormatControl] = None, + prefer_binary: bool = False, + ignore_requires_python: Optional[bool] = None, + ) -> None: + """Create a SelectionPreferences object. + + :param allow_yanked: Whether files marked as yanked (in the sense + of PEP 592) are permitted to be candidates for install. + :param format_control: A FormatControl object or None. Used to control + the selection of source packages / binary packages when consulting + the index and links. + :param prefer_binary: Whether to prefer an old, but valid, binary + dist over a new source dist. + :param ignore_requires_python: Whether to ignore incompatible + "Requires-Python" values in links. Defaults to False. + """ + if ignore_requires_python is None: + ignore_requires_python = False + + self.allow_yanked = allow_yanked + self.allow_all_prereleases = allow_all_prereleases + self.format_control = format_control + self.prefer_binary = prefer_binary + self.ignore_requires_python = ignore_requires_python diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/models/target_python.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/target_python.py new file mode 100644 index 000000000..11b259170 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/target_python.py @@ -0,0 +1,111 @@ +import sys +from typing import List, Optional, Tuple + +from pip._vendor.packaging.tags import Tag + +from pip._internal.utils.compatibility_tags import get_supported, version_info_to_nodot +from pip._internal.utils.misc import normalize_version_info + + +class TargetPython: + + """ + Encapsulates the properties of a Python interpreter one is targeting + for a package install, download, etc. + """ + + __slots__ = [ + "_given_py_version_info", + "abis", + "implementation", + "platforms", + "py_version", + "py_version_info", + "_valid_tags", + ] + + def __init__( + self, + platforms: Optional[List[str]] = None, + py_version_info: Optional[Tuple[int, ...]] = None, + abis: Optional[List[str]] = None, + implementation: Optional[str] = None, + ) -> None: + """ + :param platforms: A list of strings or None. If None, searches for + packages that are supported by the current system. Otherwise, will + find packages that can be built on the platforms passed in. These + packages will only be downloaded for distribution: they will + not be built locally. + :param py_version_info: An optional tuple of ints representing the + Python version information to use (e.g. `sys.version_info[:3]`). + This can have length 1, 2, or 3 when provided. + :param abis: A list of strings or None. This is passed to + compatibility_tags.py's get_supported() function as is. + :param implementation: A string or None. This is passed to + compatibility_tags.py's get_supported() function as is. + """ + # Store the given py_version_info for when we call get_supported(). + self._given_py_version_info = py_version_info + + if py_version_info is None: + py_version_info = sys.version_info[:3] + else: + py_version_info = normalize_version_info(py_version_info) + + py_version = '.'.join(map(str, py_version_info[:2])) + + self.abis = abis + self.implementation = implementation + self.platforms = platforms + self.py_version = py_version + self.py_version_info = py_version_info + + # This is used to cache the return value of get_tags(). + self._valid_tags: Optional[List[Tag]] = None + + def format_given(self) -> str: + """ + Format the given, non-None attributes for display. + """ + display_version = None + if self._given_py_version_info is not None: + display_version = '.'.join( + str(part) for part in self._given_py_version_info + ) + + key_values = [ + ('platforms', self.platforms), + ('version_info', display_version), + ('abis', self.abis), + ('implementation', self.implementation), + ] + return ' '.join( + f'{key}={value!r}' for key, value in key_values + if value is not None + ) + + def get_tags(self) -> List[Tag]: + """ + Return the supported PEP 425 tags to check wheel candidates against. + + The tags are returned in order of preference (most preferred first). + """ + if self._valid_tags is None: + # Pass versions=None if no py_version_info was given since + # versions=None uses special default logic. + py_version_info = self._given_py_version_info + if py_version_info is None: + version = None + else: + version = version_info_to_nodot(py_version_info) + + tags = get_supported( + version=version, + platforms=self.platforms, + abis=self.abis, + impl=self.implementation, + ) + self._valid_tags = tags + + return self._valid_tags diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/models/wheel.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/wheel.py new file mode 100644 index 000000000..a79a86106 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/models/wheel.py @@ -0,0 +1,92 @@ +"""Represents a wheel file and provides access to the various parts of the +name that have meaning. +""" +import re +from typing import Dict, Iterable, List + +from pip._vendor.packaging.tags import Tag + +from pip._internal.exceptions import InvalidWheelFilename + + +class Wheel: + """A wheel file""" + + wheel_file_re = re.compile( + r"""^(?P(?P.+?)-(?P.*?)) + ((-(?P\d[^-]*?))?-(?P.+?)-(?P.+?)-(?P.+?) + \.whl|\.dist-info)$""", + re.VERBOSE + ) + + def __init__(self, filename: str) -> None: + """ + :raises InvalidWheelFilename: when the filename is invalid for a wheel + """ + wheel_info = self.wheel_file_re.match(filename) + if not wheel_info: + raise InvalidWheelFilename( + f"{filename} is not a valid wheel filename." + ) + self.filename = filename + self.name = wheel_info.group('name').replace('_', '-') + # we'll assume "_" means "-" due to wheel naming scheme + # (https://github.com/pypa/pip/issues/1150) + self.version = wheel_info.group('ver').replace('_', '-') + self.build_tag = wheel_info.group('build') + self.pyversions = wheel_info.group('pyver').split('.') + self.abis = wheel_info.group('abi').split('.') + self.plats = wheel_info.group('plat').split('.') + + # All the tag combinations from this file + self.file_tags = { + Tag(x, y, z) for x in self.pyversions + for y in self.abis for z in self.plats + } + + def get_formatted_file_tags(self) -> List[str]: + """Return the wheel's tags as a sorted list of strings.""" + return sorted(str(tag) for tag in self.file_tags) + + def support_index_min(self, tags: List[Tag]) -> int: + """Return the lowest index that one of the wheel's file_tag combinations + achieves in the given list of supported tags. + + For example, if there are 8 supported tags and one of the file tags + is first in the list, then return 0. + + :param tags: the PEP 425 tags to check the wheel against, in order + with most preferred first. + + :raises ValueError: If none of the wheel's file tags match one of + the supported tags. + """ + return min(tags.index(tag) for tag in self.file_tags if tag in tags) + + def find_most_preferred_tag( + self, tags: List[Tag], tag_to_priority: Dict[Tag, int] + ) -> int: + """Return the priority of the most preferred tag that one of the wheel's file + tag combinations achieves in the given list of supported tags using the given + tag_to_priority mapping, where lower priorities are more-preferred. + + This is used in place of support_index_min in some cases in order to avoid + an expensive linear scan of a large list of tags. + + :param tags: the PEP 425 tags to check the wheel against. + :param tag_to_priority: a mapping from tag to priority of that tag, where + lower is more preferred. + + :raises ValueError: If none of the wheel's file tags match one of + the supported tags. + """ + return min( + tag_to_priority[tag] for tag in self.file_tags if tag in tag_to_priority + ) + + def supported(self, tags: Iterable[Tag]) -> bool: + """Return whether the wheel is compatible with one of the given tags. + + :param tags: the PEP 425 tags to check the wheel against. + """ + return not self.file_tags.isdisjoint(tags) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/network/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/__init__.py new file mode 100644 index 000000000..b51bde91b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/__init__.py @@ -0,0 +1,2 @@ +"""Contains purely network-related utilities. +""" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/network/auth.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/auth.py new file mode 100644 index 000000000..74d225472 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/auth.py @@ -0,0 +1,316 @@ +"""Network Authentication Helpers + +Contains interface (MultiDomainBasicAuth) and associated glue code for +providing credentials in the context of network requests. +""" + +import urllib.parse +from typing import Any, Dict, List, Optional, Tuple + +from pip._vendor.requests.auth import AuthBase, HTTPBasicAuth +from pip._vendor.requests.models import Request, Response +from pip._vendor.requests.utils import get_netrc_auth + +from pip._internal.utils.logging import getLogger +from pip._internal.utils.misc import ( + ask, + ask_input, + ask_password, + remove_auth_from_url, + split_auth_netloc_from_url, +) +from pip._internal.vcs.versioncontrol import AuthInfo + +logger = getLogger(__name__) + +Credentials = Tuple[str, str, str] + +try: + import keyring +except ImportError: + keyring = None +except Exception as exc: + logger.warning( + "Keyring is skipped due to an exception: %s", + str(exc), + ) + keyring = None + + +def get_keyring_auth(url: Optional[str], username: Optional[str]) -> Optional[AuthInfo]: + """Return the tuple auth for a given url from keyring.""" + global keyring + if not url or not keyring: + return None + + try: + try: + get_credential = keyring.get_credential + except AttributeError: + pass + else: + logger.debug("Getting credentials from keyring for %s", url) + cred = get_credential(url, username) + if cred is not None: + return cred.username, cred.password + return None + + if username: + logger.debug("Getting password from keyring for %s", url) + password = keyring.get_password(url, username) + if password: + return username, password + + except Exception as exc: + logger.warning( + "Keyring is skipped due to an exception: %s", + str(exc), + ) + keyring = None + return None + + +class MultiDomainBasicAuth(AuthBase): + def __init__( + self, prompting: bool = True, index_urls: Optional[List[str]] = None + ) -> None: + self.prompting = prompting + self.index_urls = index_urls + self.passwords: Dict[str, AuthInfo] = {} + # When the user is prompted to enter credentials and keyring is + # available, we will offer to save them. If the user accepts, + # this value is set to the credentials they entered. After the + # request authenticates, the caller should call + # ``save_credentials`` to save these. + self._credentials_to_save: Optional[Credentials] = None + + def _get_index_url(self, url: str) -> Optional[str]: + """Return the original index URL matching the requested URL. + + Cached or dynamically generated credentials may work against + the original index URL rather than just the netloc. + + The provided url should have had its username and password + removed already. If the original index url had credentials then + they will be included in the return value. + + Returns None if no matching index was found, or if --no-index + was specified by the user. + """ + if not url or not self.index_urls: + return None + + for u in self.index_urls: + prefix = remove_auth_from_url(u).rstrip("/") + "/" + if url.startswith(prefix): + return u + return None + + def _get_new_credentials( + self, + original_url: str, + allow_netrc: bool = True, + allow_keyring: bool = False, + ) -> AuthInfo: + """Find and return credentials for the specified URL.""" + # Split the credentials and netloc from the url. + url, netloc, url_user_password = split_auth_netloc_from_url( + original_url, + ) + + # Start with the credentials embedded in the url + username, password = url_user_password + if username is not None and password is not None: + logger.debug("Found credentials in url for %s", netloc) + return url_user_password + + # Find a matching index url for this request + index_url = self._get_index_url(url) + if index_url: + # Split the credentials from the url. + index_info = split_auth_netloc_from_url(index_url) + if index_info: + index_url, _, index_url_user_password = index_info + logger.debug("Found index url %s", index_url) + + # If an index URL was found, try its embedded credentials + if index_url and index_url_user_password[0] is not None: + username, password = index_url_user_password + if username is not None and password is not None: + logger.debug("Found credentials in index url for %s", netloc) + return index_url_user_password + + # Get creds from netrc if we still don't have them + if allow_netrc: + netrc_auth = get_netrc_auth(original_url) + if netrc_auth: + logger.debug("Found credentials in netrc for %s", netloc) + return netrc_auth + + # If we don't have a password and keyring is available, use it. + if allow_keyring: + # The index url is more specific than the netloc, so try it first + # fmt: off + kr_auth = ( + get_keyring_auth(index_url, username) or + get_keyring_auth(netloc, username) + ) + # fmt: on + if kr_auth: + logger.debug("Found credentials in keyring for %s", netloc) + return kr_auth + + return username, password + + def _get_url_and_credentials( + self, original_url: str + ) -> Tuple[str, Optional[str], Optional[str]]: + """Return the credentials to use for the provided URL. + + If allowed, netrc and keyring may be used to obtain the + correct credentials. + + Returns (url_without_credentials, username, password). Note + that even if the original URL contains credentials, this + function may return a different username and password. + """ + url, netloc, _ = split_auth_netloc_from_url(original_url) + + # Try to get credentials from original url + username, password = self._get_new_credentials(original_url) + + # If credentials not found, use any stored credentials for this netloc + if username is None and password is None: + username, password = self.passwords.get(netloc, (None, None)) + + if username is not None or password is not None: + # Convert the username and password if they're None, so that + # this netloc will show up as "cached" in the conditional above. + # Further, HTTPBasicAuth doesn't accept None, so it makes sense to + # cache the value that is going to be used. + username = username or "" + password = password or "" + + # Store any acquired credentials. + self.passwords[netloc] = (username, password) + + assert ( + # Credentials were found + (username is not None and password is not None) + # Credentials were not found + or (username is None and password is None) + ), f"Could not load credentials from url: {original_url}" + + return url, username, password + + def __call__(self, req: Request) -> Request: + # Get credentials for this request + url, username, password = self._get_url_and_credentials(req.url) + + # Set the url of the request to the url without any credentials + req.url = url + + if username is not None and password is not None: + # Send the basic auth with this request + req = HTTPBasicAuth(username, password)(req) + + # Attach a hook to handle 401 responses + req.register_hook("response", self.handle_401) + + return req + + # Factored out to allow for easy patching in tests + def _prompt_for_password( + self, netloc: str + ) -> Tuple[Optional[str], Optional[str], bool]: + username = ask_input(f"User for {netloc}: ") + if not username: + return None, None, False + auth = get_keyring_auth(netloc, username) + if auth and auth[0] is not None and auth[1] is not None: + return auth[0], auth[1], False + password = ask_password("Password: ") + return username, password, True + + # Factored out to allow for easy patching in tests + def _should_save_password_to_keyring(self) -> bool: + if not keyring: + return False + return ask("Save credentials to keyring [y/N]: ", ["y", "n"]) == "y" + + def handle_401(self, resp: Response, **kwargs: Any) -> Response: + # We only care about 401 responses, anything else we want to just + # pass through the actual response + if resp.status_code != 401: + return resp + + # We are not able to prompt the user so simply return the response + if not self.prompting: + return resp + + parsed = urllib.parse.urlparse(resp.url) + + # Query the keyring for credentials: + username, password = self._get_new_credentials( + resp.url, + allow_netrc=False, + allow_keyring=True, + ) + + # Prompt the user for a new username and password + save = False + if not username and not password: + username, password, save = self._prompt_for_password(parsed.netloc) + + # Store the new username and password to use for future requests + self._credentials_to_save = None + if username is not None and password is not None: + self.passwords[parsed.netloc] = (username, password) + + # Prompt to save the password to keyring + if save and self._should_save_password_to_keyring(): + self._credentials_to_save = (parsed.netloc, username, password) + + # Consume content and release the original connection to allow our new + # request to reuse the same one. + resp.content + resp.raw.release_conn() + + # Add our new username and password to the request + req = HTTPBasicAuth(username or "", password or "")(resp.request) + req.register_hook("response", self.warn_on_401) + + # On successful request, save the credentials that were used to + # keyring. (Note that if the user responded "no" above, this member + # is not set and nothing will be saved.) + if self._credentials_to_save: + req.register_hook("response", self.save_credentials) + + # Send our new request + new_resp = resp.connection.send(req, **kwargs) + new_resp.history.append(resp) + + return new_resp + + def warn_on_401(self, resp: Response, **kwargs: Any) -> None: + """Response callback to warn about incorrect credentials.""" + if resp.status_code == 401: + logger.warning( + "401 Error, Credentials not correct for %s", + resp.request.url, + ) + + def save_credentials(self, resp: Response, **kwargs: Any) -> None: + """Response callback to save credentials on success.""" + assert keyring is not None, "should never reach here without keyring" + if not keyring: + return + + creds = self._credentials_to_save + self._credentials_to_save = None + if creds and resp.status_code < 400: + try: + logger.info("Saving credentials to keyring") + keyring.set_password(*creds) + except Exception: + logger.exception("Failed to save credentials") diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/network/cache.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/cache.py new file mode 100644 index 000000000..2d915e6fc --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/cache.py @@ -0,0 +1,69 @@ +"""HTTP cache implementation. +""" + +import os +from contextlib import contextmanager +from typing import Iterator, Optional + +from pip._vendor.cachecontrol.cache import BaseCache +from pip._vendor.cachecontrol.caches import FileCache +from pip._vendor.requests.models import Response + +from pip._internal.utils.filesystem import adjacent_tmp_file, replace +from pip._internal.utils.misc import ensure_dir + + +def is_from_cache(response: Response) -> bool: + return getattr(response, "from_cache", False) + + +@contextmanager +def suppressed_cache_errors() -> Iterator[None]: + """If we can't access the cache then we can just skip caching and process + requests as if caching wasn't enabled. + """ + try: + yield + except OSError: + pass + + +class SafeFileCache(BaseCache): + """ + A file based cache which is safe to use even when the target directory may + not be accessible or writable. + """ + + def __init__(self, directory: str) -> None: + assert directory is not None, "Cache directory must not be None." + super().__init__() + self.directory = directory + + def _get_cache_path(self, name: str) -> str: + # From cachecontrol.caches.file_cache.FileCache._fn, brought into our + # class for backwards-compatibility and to avoid using a non-public + # method. + hashed = FileCache.encode(name) + parts = list(hashed[:5]) + [hashed] + return os.path.join(self.directory, *parts) + + def get(self, key: str) -> Optional[bytes]: + path = self._get_cache_path(key) + with suppressed_cache_errors(): + with open(path, "rb") as f: + return f.read() + + def set(self, key: str, value: bytes) -> None: + path = self._get_cache_path(key) + with suppressed_cache_errors(): + ensure_dir(os.path.dirname(path)) + + with adjacent_tmp_file(path) as f: + f.write(value) + + replace(f.name, path) + + def delete(self, key: str) -> None: + path = self._get_cache_path(key) + with suppressed_cache_errors(): + os.remove(path) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/network/download.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/download.py new file mode 100644 index 000000000..47af547d6 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/download.py @@ -0,0 +1,184 @@ +"""Download files with progress indicators. +""" +import cgi +import logging +import mimetypes +import os +from typing import Iterable, Optional, Tuple + +from pip._vendor.requests.models import CONTENT_CHUNK_SIZE, Response + +from pip._internal.cli.progress_bars import DownloadProgressProvider +from pip._internal.exceptions import NetworkConnectionError +from pip._internal.models.index import PyPI +from pip._internal.models.link import Link +from pip._internal.network.cache import is_from_cache +from pip._internal.network.session import PipSession +from pip._internal.network.utils import HEADERS, raise_for_status, response_chunks +from pip._internal.utils.misc import format_size, redact_auth_from_url, splitext + +logger = logging.getLogger(__name__) + + +def _get_http_response_size(resp: Response) -> Optional[int]: + try: + return int(resp.headers["content-length"]) + except (ValueError, KeyError, TypeError): + return None + + +def _prepare_download( + resp: Response, + link: Link, + progress_bar: str, +) -> Iterable[bytes]: + total_length = _get_http_response_size(resp) + + if link.netloc == PyPI.file_storage_domain: + url = link.show_url + else: + url = link.url_without_fragment + + logged_url = redact_auth_from_url(url) + + if total_length: + logged_url = "{} ({})".format(logged_url, format_size(total_length)) + + if is_from_cache(resp): + logger.info("Using cached %s", logged_url) + else: + logger.info("Downloading %s", logged_url) + + if logger.getEffectiveLevel() > logging.INFO: + show_progress = False + elif is_from_cache(resp): + show_progress = False + elif not total_length: + show_progress = True + elif total_length > (40 * 1000): + show_progress = True + else: + show_progress = False + + chunks = response_chunks(resp, CONTENT_CHUNK_SIZE) + + if not show_progress: + return chunks + + return DownloadProgressProvider(progress_bar, max=total_length)(chunks) + + +def sanitize_content_filename(filename: str) -> str: + """ + Sanitize the "filename" value from a Content-Disposition header. + """ + return os.path.basename(filename) + + +def parse_content_disposition(content_disposition: str, default_filename: str) -> str: + """ + Parse the "filename" value from a Content-Disposition header, and + return the default filename if the result is empty. + """ + _type, params = cgi.parse_header(content_disposition) + filename = params.get("filename") + if filename: + # We need to sanitize the filename to prevent directory traversal + # in case the filename contains ".." path parts. + filename = sanitize_content_filename(filename) + return filename or default_filename + + +def _get_http_response_filename(resp: Response, link: Link) -> str: + """Get an ideal filename from the given HTTP response, falling back to + the link filename if not provided. + """ + filename = link.filename # fallback + # Have a look at the Content-Disposition header for a better guess + content_disposition = resp.headers.get("content-disposition") + if content_disposition: + filename = parse_content_disposition(content_disposition, filename) + ext: Optional[str] = splitext(filename)[1] + if not ext: + ext = mimetypes.guess_extension(resp.headers.get("content-type", "")) + if ext: + filename += ext + if not ext and link.url != resp.url: + ext = os.path.splitext(resp.url)[1] + if ext: + filename += ext + return filename + + +def _http_get_download(session: PipSession, link: Link) -> Response: + target_url = link.url.split("#", 1)[0] + resp = session.get(target_url, headers=HEADERS, stream=True) + raise_for_status(resp) + return resp + + +class Downloader: + def __init__( + self, + session: PipSession, + progress_bar: str, + ) -> None: + self._session = session + self._progress_bar = progress_bar + + def __call__(self, link: Link, location: str) -> Tuple[str, str]: + """Download the file given by link into location.""" + try: + resp = _http_get_download(self._session, link) + except NetworkConnectionError as e: + assert e.response is not None + logger.critical( + "HTTP error %s while getting %s", e.response.status_code, link + ) + raise + + filename = _get_http_response_filename(resp, link) + filepath = os.path.join(location, filename) + + chunks = _prepare_download(resp, link, self._progress_bar) + with open(filepath, "wb") as content_file: + for chunk in chunks: + content_file.write(chunk) + content_type = resp.headers.get("Content-Type", "") + return filepath, content_type + + +class BatchDownloader: + def __init__( + self, + session: PipSession, + progress_bar: str, + ) -> None: + self._session = session + self._progress_bar = progress_bar + + def __call__( + self, links: Iterable[Link], location: str + ) -> Iterable[Tuple[Link, Tuple[str, str]]]: + """Download the files given by links into location.""" + for link in links: + try: + resp = _http_get_download(self._session, link) + except NetworkConnectionError as e: + assert e.response is not None + logger.critical( + "HTTP error %s while getting %s", + e.response.status_code, + link, + ) + raise + + filename = _get_http_response_filename(resp, link) + filepath = os.path.join(location, filename) + + chunks = _prepare_download(resp, link, self._progress_bar) + with open(filepath, "wb") as content_file: + for chunk in chunks: + content_file.write(chunk) + content_type = resp.headers.get("Content-Type", "") + yield link, (filepath, content_type) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/network/lazy_wheel.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/lazy_wheel.py new file mode 100644 index 000000000..249bd0587 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/lazy_wheel.py @@ -0,0 +1,210 @@ +"""Lazy ZIP over HTTP""" + +__all__ = ["HTTPRangeRequestUnsupported", "dist_from_wheel_url"] + +from bisect import bisect_left, bisect_right +from contextlib import contextmanager +from tempfile import NamedTemporaryFile +from typing import Any, Dict, Iterator, List, Optional, Tuple +from zipfile import BadZipfile, ZipFile + +from pip._vendor.pkg_resources import Distribution +from pip._vendor.requests.models import CONTENT_CHUNK_SIZE, Response + +from pip._internal.network.session import PipSession +from pip._internal.network.utils import HEADERS, raise_for_status, response_chunks +from pip._internal.utils.wheel import pkg_resources_distribution_for_wheel + + +class HTTPRangeRequestUnsupported(Exception): + pass + + +def dist_from_wheel_url(name: str, url: str, session: PipSession) -> Distribution: + """Return a pkg_resources.Distribution from the given wheel URL. + + This uses HTTP range requests to only fetch the potion of the wheel + containing metadata, just enough for the object to be constructed. + If such requests are not supported, HTTPRangeRequestUnsupported + is raised. + """ + with LazyZipOverHTTP(url, session) as wheel: + # For read-only ZIP files, ZipFile only needs methods read, + # seek, seekable and tell, not the whole IO protocol. + zip_file = ZipFile(wheel) # type: ignore + # After context manager exit, wheel.name + # is an invalid file by intention. + return pkg_resources_distribution_for_wheel(zip_file, name, wheel.name) + + +class LazyZipOverHTTP: + """File-like object mapped to a ZIP file over HTTP. + + This uses HTTP range requests to lazily fetch the file's content, + which is supposed to be fed to ZipFile. If such requests are not + supported by the server, raise HTTPRangeRequestUnsupported + during initialization. + """ + + def __init__( + self, url: str, session: PipSession, chunk_size: int = CONTENT_CHUNK_SIZE + ) -> None: + head = session.head(url, headers=HEADERS) + raise_for_status(head) + assert head.status_code == 200 + self._session, self._url, self._chunk_size = session, url, chunk_size + self._length = int(head.headers["Content-Length"]) + self._file = NamedTemporaryFile() + self.truncate(self._length) + self._left: List[int] = [] + self._right: List[int] = [] + if "bytes" not in head.headers.get("Accept-Ranges", "none"): + raise HTTPRangeRequestUnsupported("range request is not supported") + self._check_zip() + + @property + def mode(self) -> str: + """Opening mode, which is always rb.""" + return "rb" + + @property + def name(self) -> str: + """Path to the underlying file.""" + return self._file.name + + def seekable(self) -> bool: + """Return whether random access is supported, which is True.""" + return True + + def close(self) -> None: + """Close the file.""" + self._file.close() + + @property + def closed(self) -> bool: + """Whether the file is closed.""" + return self._file.closed + + def read(self, size: int = -1) -> bytes: + """Read up to size bytes from the object and return them. + + As a convenience, if size is unspecified or -1, + all bytes until EOF are returned. Fewer than + size bytes may be returned if EOF is reached. + """ + download_size = max(size, self._chunk_size) + start, length = self.tell(), self._length + stop = length if size < 0 else min(start + download_size, length) + start = max(0, stop - download_size) + self._download(start, stop - 1) + return self._file.read(size) + + def readable(self) -> bool: + """Return whether the file is readable, which is True.""" + return True + + def seek(self, offset: int, whence: int = 0) -> int: + """Change stream position and return the new absolute position. + + Seek to offset relative position indicated by whence: + * 0: Start of stream (the default). pos should be >= 0; + * 1: Current position - pos may be negative; + * 2: End of stream - pos usually negative. + """ + return self._file.seek(offset, whence) + + def tell(self) -> int: + """Return the current position.""" + return self._file.tell() + + def truncate(self, size: Optional[int] = None) -> int: + """Resize the stream to the given size in bytes. + + If size is unspecified resize to the current position. + The current stream position isn't changed. + + Return the new file size. + """ + return self._file.truncate(size) + + def writable(self) -> bool: + """Return False.""" + return False + + def __enter__(self) -> "LazyZipOverHTTP": + self._file.__enter__() + return self + + def __exit__(self, *exc: Any) -> Optional[bool]: + return self._file.__exit__(*exc) + + @contextmanager + def _stay(self) -> Iterator[None]: + """Return a context manager keeping the position. + + At the end of the block, seek back to original position. + """ + pos = self.tell() + try: + yield + finally: + self.seek(pos) + + def _check_zip(self) -> None: + """Check and download until the file is a valid ZIP.""" + end = self._length - 1 + for start in reversed(range(0, end, self._chunk_size)): + self._download(start, end) + with self._stay(): + try: + # For read-only ZIP files, ZipFile only needs + # methods read, seek, seekable and tell. + ZipFile(self) # type: ignore + except BadZipfile: + pass + else: + break + + def _stream_response( + self, start: int, end: int, base_headers: Dict[str, str] = HEADERS + ) -> Response: + """Return HTTP response to a range request from start to end.""" + headers = base_headers.copy() + headers["Range"] = f"bytes={start}-{end}" + # TODO: Get range requests to be correctly cached + headers["Cache-Control"] = "no-cache" + return self._session.get(self._url, headers=headers, stream=True) + + def _merge( + self, start: int, end: int, left: int, right: int + ) -> Iterator[Tuple[int, int]]: + """Return an iterator of intervals to be fetched. + + Args: + start (int): Start of needed interval + end (int): End of needed interval + left (int): Index of first overlapping downloaded data + right (int): Index after last overlapping downloaded data + """ + lslice, rslice = self._left[left:right], self._right[left:right] + i = start = min([start] + lslice[:1]) + end = max([end] + rslice[-1:]) + for j, k in zip(lslice, rslice): + if j > i: + yield i, j - 1 + i = k + 1 + if i <= end: + yield i, end + self._left[left:right], self._right[left:right] = [start], [end] + + def _download(self, start: int, end: int) -> None: + """Download bytes from start to end inclusively.""" + with self._stay(): + left = bisect_left(self._right, start) + right = bisect_right(self._left, end) + for start, end in self._merge(start, end, left, right): + response = self._stream_response(start, end) + response.raise_for_status() + self.seek(start) + for chunk in response_chunks(response, self._chunk_size): + self._file.write(chunk) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/network/session.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/session.py new file mode 100644 index 000000000..faaae4059 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/session.py @@ -0,0 +1,454 @@ +"""PipSession and supporting code, containing all pip-specific +network request configuration and behavior. +""" + +# When mypy runs on Windows the call to distro.linux_distribution() is skipped +# resulting in the failure: +# +# error: unused 'type: ignore' comment +# +# If the upstream module adds typing, this comment should be removed. See +# https://github.com/nir0s/distro/pull/269 +# +# mypy: warn-unused-ignores=False + +import email.utils +import ipaddress +import json +import logging +import mimetypes +import os +import platform +import shutil +import subprocess +import sys +import urllib.parse +import warnings +from typing import Any, Dict, Iterator, List, Mapping, Optional, Sequence, Tuple, Union + +from pip._vendor import requests, urllib3 +from pip._vendor.cachecontrol import CacheControlAdapter +from pip._vendor.requests.adapters import BaseAdapter, HTTPAdapter +from pip._vendor.requests.models import PreparedRequest, Response +from pip._vendor.requests.structures import CaseInsensitiveDict +from pip._vendor.urllib3.connectionpool import ConnectionPool +from pip._vendor.urllib3.exceptions import InsecureRequestWarning + +from pip import __version__ +from pip._internal.metadata import get_default_environment +from pip._internal.models.link import Link +from pip._internal.network.auth import MultiDomainBasicAuth +from pip._internal.network.cache import SafeFileCache + +# Import ssl from compat so the initial import occurs in only one place. +from pip._internal.utils.compat import has_tls +from pip._internal.utils.glibc import libc_ver +from pip._internal.utils.misc import build_url_from_netloc, parse_netloc +from pip._internal.utils.urls import url_to_path + +logger = logging.getLogger(__name__) + +SecureOrigin = Tuple[str, str, Optional[Union[int, str]]] + + +# Ignore warning raised when using --trusted-host. +warnings.filterwarnings("ignore", category=InsecureRequestWarning) + + +SECURE_ORIGINS: List[SecureOrigin] = [ + # protocol, hostname, port + # Taken from Chrome's list of secure origins (See: http://bit.ly/1qrySKC) + ("https", "*", "*"), + ("*", "localhost", "*"), + ("*", "127.0.0.0/8", "*"), + ("*", "::1/128", "*"), + ("file", "*", None), + # ssh is always secure. + ("ssh", "*", "*"), +] + + +# These are environment variables present when running under various +# CI systems. For each variable, some CI systems that use the variable +# are indicated. The collection was chosen so that for each of a number +# of popular systems, at least one of the environment variables is used. +# This list is used to provide some indication of and lower bound for +# CI traffic to PyPI. Thus, it is okay if the list is not comprehensive. +# For more background, see: https://github.com/pypa/pip/issues/5499 +CI_ENVIRONMENT_VARIABLES = ( + # Azure Pipelines + "BUILD_BUILDID", + # Jenkins + "BUILD_ID", + # AppVeyor, CircleCI, Codeship, Gitlab CI, Shippable, Travis CI + "CI", + # Explicit environment variable. + "PIP_IS_CI", +) + + +def looks_like_ci() -> bool: + """ + Return whether it looks like pip is running under CI. + """ + # We don't use the method of checking for a tty (e.g. using isatty()) + # because some CI systems mimic a tty (e.g. Travis CI). Thus that + # method doesn't provide definitive information in either direction. + return any(name in os.environ for name in CI_ENVIRONMENT_VARIABLES) + + +def user_agent() -> str: + """ + Return a string representing the user agent. + """ + data: Dict[str, Any] = { + "installer": {"name": "pip", "version": __version__}, + "python": platform.python_version(), + "implementation": { + "name": platform.python_implementation(), + }, + } + + if data["implementation"]["name"] == "CPython": + data["implementation"]["version"] = platform.python_version() + elif data["implementation"]["name"] == "PyPy": + pypy_version_info = sys.pypy_version_info # type: ignore + if pypy_version_info.releaselevel == "final": + pypy_version_info = pypy_version_info[:3] + data["implementation"]["version"] = ".".join( + [str(x) for x in pypy_version_info] + ) + elif data["implementation"]["name"] == "Jython": + # Complete Guess + data["implementation"]["version"] = platform.python_version() + elif data["implementation"]["name"] == "IronPython": + # Complete Guess + data["implementation"]["version"] = platform.python_version() + + if sys.platform.startswith("linux"): + from pip._vendor import distro + + # https://github.com/nir0s/distro/pull/269 + linux_distribution = distro.linux_distribution() # type: ignore + distro_infos = dict( + filter( + lambda x: x[1], + zip(["name", "version", "id"], linux_distribution), + ) + ) + libc = dict( + filter( + lambda x: x[1], + zip(["lib", "version"], libc_ver()), + ) + ) + if libc: + distro_infos["libc"] = libc + if distro_infos: + data["distro"] = distro_infos + + if sys.platform.startswith("darwin") and platform.mac_ver()[0]: + data["distro"] = {"name": "macOS", "version": platform.mac_ver()[0]} + + if platform.system(): + data.setdefault("system", {})["name"] = platform.system() + + if platform.release(): + data.setdefault("system", {})["release"] = platform.release() + + if platform.machine(): + data["cpu"] = platform.machine() + + if has_tls(): + import _ssl as ssl + + data["openssl_version"] = ssl.OPENSSL_VERSION + + setuptools_dist = get_default_environment().get_distribution("setuptools") + if setuptools_dist is not None: + data["setuptools_version"] = str(setuptools_dist.version) + + if shutil.which("rustc") is not None: + # If for any reason `rustc --version` fails, silently ignore it + try: + rustc_output = subprocess.check_output( + ["rustc", "--version"], stderr=subprocess.STDOUT, timeout=0.5 + ) + except Exception: + pass + else: + if rustc_output.startswith(b"rustc "): + # The format of `rustc --version` is: + # `b'rustc 1.52.1 (9bc8c42bb 2021-05-09)\n'` + # We extract just the middle (1.52.1) part + data["rustc_version"] = rustc_output.split(b" ")[1].decode() + + # Use None rather than False so as not to give the impression that + # pip knows it is not being run under CI. Rather, it is a null or + # inconclusive result. Also, we include some value rather than no + # value to make it easier to know that the check has been run. + data["ci"] = True if looks_like_ci() else None + + user_data = os.environ.get("PIP_USER_AGENT_USER_DATA") + if user_data is not None: + data["user_data"] = user_data + + return "{data[installer][name]}/{data[installer][version]} {json}".format( + data=data, + json=json.dumps(data, separators=(",", ":"), sort_keys=True), + ) + + +class LocalFSAdapter(BaseAdapter): + def send( + self, + request: PreparedRequest, + stream: bool = False, + timeout: Optional[Union[float, Tuple[float, float]]] = None, + verify: Union[bool, str] = True, + cert: Optional[Union[str, Tuple[str, str]]] = None, + proxies: Optional[Mapping[str, str]] = None, + ) -> Response: + pathname = url_to_path(request.url) + + resp = Response() + resp.status_code = 200 + resp.url = request.url + + try: + stats = os.stat(pathname) + except OSError as exc: + resp.status_code = 404 + resp.raw = exc + else: + modified = email.utils.formatdate(stats.st_mtime, usegmt=True) + content_type = mimetypes.guess_type(pathname)[0] or "text/plain" + resp.headers = CaseInsensitiveDict( + { + "Content-Type": content_type, + "Content-Length": stats.st_size, + "Last-Modified": modified, + } + ) + + resp.raw = open(pathname, "rb") + resp.close = resp.raw.close + + return resp + + def close(self) -> None: + pass + + +class InsecureHTTPAdapter(HTTPAdapter): + def cert_verify( + self, + conn: ConnectionPool, + url: str, + verify: Union[bool, str], + cert: Optional[Union[str, Tuple[str, str]]], + ) -> None: + super().cert_verify(conn=conn, url=url, verify=False, cert=cert) + + +class InsecureCacheControlAdapter(CacheControlAdapter): + def cert_verify( + self, + conn: ConnectionPool, + url: str, + verify: Union[bool, str], + cert: Optional[Union[str, Tuple[str, str]]], + ) -> None: + super().cert_verify(conn=conn, url=url, verify=False, cert=cert) + + +class PipSession(requests.Session): + + timeout: Optional[int] = None + + def __init__( + self, + *args: Any, + retries: int = 0, + cache: Optional[str] = None, + trusted_hosts: Sequence[str] = (), + index_urls: Optional[List[str]] = None, + **kwargs: Any, + ) -> None: + """ + :param trusted_hosts: Domains not to emit warnings for when not using + HTTPS. + """ + super().__init__(*args, **kwargs) + + # Namespace the attribute with "pip_" just in case to prevent + # possible conflicts with the base class. + self.pip_trusted_origins: List[Tuple[str, Optional[int]]] = [] + + # Attach our User Agent to the request + self.headers["User-Agent"] = user_agent() + + # Attach our Authentication handler to the session + self.auth = MultiDomainBasicAuth(index_urls=index_urls) + + # Create our urllib3.Retry instance which will allow us to customize + # how we handle retries. + retries = urllib3.Retry( + # Set the total number of retries that a particular request can + # have. + total=retries, + # A 503 error from PyPI typically means that the Fastly -> Origin + # connection got interrupted in some way. A 503 error in general + # is typically considered a transient error so we'll go ahead and + # retry it. + # A 500 may indicate transient error in Amazon S3 + # A 520 or 527 - may indicate transient error in CloudFlare + status_forcelist=[500, 503, 520, 527], + # Add a small amount of back off between failed requests in + # order to prevent hammering the service. + backoff_factor=0.25, + ) # type: ignore + + # Our Insecure HTTPAdapter disables HTTPS validation. It does not + # support caching so we'll use it for all http:// URLs. + # If caching is disabled, we will also use it for + # https:// hosts that we've marked as ignoring + # TLS errors for (trusted-hosts). + insecure_adapter = InsecureHTTPAdapter(max_retries=retries) + + # We want to _only_ cache responses on securely fetched origins or when + # the host is specified as trusted. We do this because + # we can't validate the response of an insecurely/untrusted fetched + # origin, and we don't want someone to be able to poison the cache and + # require manual eviction from the cache to fix it. + if cache: + secure_adapter = CacheControlAdapter( + cache=SafeFileCache(cache), + max_retries=retries, + ) + self._trusted_host_adapter = InsecureCacheControlAdapter( + cache=SafeFileCache(cache), + max_retries=retries, + ) + else: + secure_adapter = HTTPAdapter(max_retries=retries) + self._trusted_host_adapter = insecure_adapter + + self.mount("https://", secure_adapter) + self.mount("http://", insecure_adapter) + + # Enable file:// urls + self.mount("file://", LocalFSAdapter()) + + for host in trusted_hosts: + self.add_trusted_host(host, suppress_logging=True) + + def update_index_urls(self, new_index_urls: List[str]) -> None: + """ + :param new_index_urls: New index urls to update the authentication + handler with. + """ + self.auth.index_urls = new_index_urls + + def add_trusted_host( + self, host: str, source: Optional[str] = None, suppress_logging: bool = False + ) -> None: + """ + :param host: It is okay to provide a host that has previously been + added. + :param source: An optional source string, for logging where the host + string came from. + """ + if not suppress_logging: + msg = f"adding trusted host: {host!r}" + if source is not None: + msg += f" (from {source})" + logger.info(msg) + + host_port = parse_netloc(host) + if host_port not in self.pip_trusted_origins: + self.pip_trusted_origins.append(host_port) + + self.mount(build_url_from_netloc(host) + "/", self._trusted_host_adapter) + if not host_port[1]: + # Mount wildcard ports for the same host. + self.mount(build_url_from_netloc(host) + ":", self._trusted_host_adapter) + + def iter_secure_origins(self) -> Iterator[SecureOrigin]: + yield from SECURE_ORIGINS + for host, port in self.pip_trusted_origins: + yield ("*", host, "*" if port is None else port) + + def is_secure_origin(self, location: Link) -> bool: + # Determine if this url used a secure transport mechanism + parsed = urllib.parse.urlparse(str(location)) + origin_protocol, origin_host, origin_port = ( + parsed.scheme, + parsed.hostname, + parsed.port, + ) + + # The protocol to use to see if the protocol matches. + # Don't count the repository type as part of the protocol: in + # cases such as "git+ssh", only use "ssh". (I.e., Only verify against + # the last scheme.) + origin_protocol = origin_protocol.rsplit("+", 1)[-1] + + # Determine if our origin is a secure origin by looking through our + # hardcoded list of secure origins, as well as any additional ones + # configured on this PackageFinder instance. + for secure_origin in self.iter_secure_origins(): + secure_protocol, secure_host, secure_port = secure_origin + if origin_protocol != secure_protocol and secure_protocol != "*": + continue + + try: + addr = ipaddress.ip_address(origin_host) + network = ipaddress.ip_network(secure_host) + except ValueError: + # We don't have both a valid address or a valid network, so + # we'll check this origin against hostnames. + if ( + origin_host + and origin_host.lower() != secure_host.lower() + and secure_host != "*" + ): + continue + else: + # We have a valid address and network, so see if the address + # is contained within the network. + if addr not in network: + continue + + # Check to see if the port matches. + if ( + origin_port != secure_port + and secure_port != "*" + and secure_port is not None + ): + continue + + # If we've gotten here, then this origin matches the current + # secure origin and we should return True + return True + + # If we've gotten to this point, then the origin isn't secure and we + # will not accept it as a valid location to search. We will however + # log a warning that we are ignoring it. + logger.warning( + "The repository located at %s is not a trusted or secure host and " + "is being ignored. If this repository is available via HTTPS we " + "recommend you use HTTPS instead, otherwise you may silence " + "this warning and allow it anyway with '--trusted-host %s'.", + origin_host, + origin_host, + ) + + return False + + def request(self, method: str, url: str, *args: Any, **kwargs: Any) -> Response: + # Allow setting a default timeout on a session + kwargs.setdefault("timeout", self.timeout) + + # Dispatch the actual request + return super().request(method, url, *args, **kwargs) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/network/utils.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/utils.py new file mode 100644 index 000000000..094cf1b4a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/utils.py @@ -0,0 +1,96 @@ +from typing import Dict, Iterator + +from pip._vendor.requests.models import CONTENT_CHUNK_SIZE, Response + +from pip._internal.exceptions import NetworkConnectionError + +# The following comments and HTTP headers were originally added by +# Donald Stufft in git commit 22c562429a61bb77172039e480873fb239dd8c03. +# +# We use Accept-Encoding: identity here because requests defaults to +# accepting compressed responses. This breaks in a variety of ways +# depending on how the server is configured. +# - Some servers will notice that the file isn't a compressible file +# and will leave the file alone and with an empty Content-Encoding +# - Some servers will notice that the file is already compressed and +# will leave the file alone, adding a Content-Encoding: gzip header +# - Some servers won't notice anything at all and will take a file +# that's already been compressed and compress it again, and set +# the Content-Encoding: gzip header +# By setting this to request only the identity encoding we're hoping +# to eliminate the third case. Hopefully there does not exist a server +# which when given a file will notice it is already compressed and that +# you're not asking for a compressed file and will then decompress it +# before sending because if that's the case I don't think it'll ever be +# possible to make this work. +HEADERS: Dict[str, str] = {"Accept-Encoding": "identity"} + + +def raise_for_status(resp: Response) -> None: + http_error_msg = "" + if isinstance(resp.reason, bytes): + # We attempt to decode utf-8 first because some servers + # choose to localize their reason strings. If the string + # isn't utf-8, we fall back to iso-8859-1 for all other + # encodings. + try: + reason = resp.reason.decode("utf-8") + except UnicodeDecodeError: + reason = resp.reason.decode("iso-8859-1") + else: + reason = resp.reason + + if 400 <= resp.status_code < 500: + http_error_msg = ( + f"{resp.status_code} Client Error: {reason} for url: {resp.url}" + ) + + elif 500 <= resp.status_code < 600: + http_error_msg = ( + f"{resp.status_code} Server Error: {reason} for url: {resp.url}" + ) + + if http_error_msg: + raise NetworkConnectionError(http_error_msg, response=resp) + + +def response_chunks( + response: Response, chunk_size: int = CONTENT_CHUNK_SIZE +) -> Iterator[bytes]: + """Given a requests Response, provide the data chunks.""" + try: + # Special case for urllib3. + for chunk in response.raw.stream( + chunk_size, + # We use decode_content=False here because we don't + # want urllib3 to mess with the raw bytes we get + # from the server. If we decompress inside of + # urllib3 then we cannot verify the checksum + # because the checksum will be of the compressed + # file. This breakage will only occur if the + # server adds a Content-Encoding header, which + # depends on how the server was configured: + # - Some servers will notice that the file isn't a + # compressible file and will leave the file alone + # and with an empty Content-Encoding + # - Some servers will notice that the file is + # already compressed and will leave the file + # alone and will add a Content-Encoding: gzip + # header + # - Some servers won't notice anything at all and + # will take a file that's already been compressed + # and compress it again and set the + # Content-Encoding: gzip header + # + # By setting this not to decode automatically we + # hope to eliminate problems with the second case. + decode_content=False, + ): + yield chunk + except AttributeError: + # Standard file-like object. + while True: + chunk = response.raw.read(chunk_size) + if not chunk: + break + yield chunk diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/network/xmlrpc.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/xmlrpc.py new file mode 100644 index 000000000..4a7d55d0e --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/network/xmlrpc.py @@ -0,0 +1,60 @@ +"""xmlrpclib.Transport implementation +""" + +import logging +import urllib.parse +import xmlrpc.client +from typing import TYPE_CHECKING, Tuple + +from pip._internal.exceptions import NetworkConnectionError +from pip._internal.network.session import PipSession +from pip._internal.network.utils import raise_for_status + +if TYPE_CHECKING: + from xmlrpc.client import _HostType, _Marshallable + +logger = logging.getLogger(__name__) + + +class PipXmlrpcTransport(xmlrpc.client.Transport): + """Provide a `xmlrpclib.Transport` implementation via a `PipSession` + object. + """ + + def __init__( + self, index_url: str, session: PipSession, use_datetime: bool = False + ) -> None: + super().__init__(use_datetime) + index_parts = urllib.parse.urlparse(index_url) + self._scheme = index_parts.scheme + self._session = session + + def request( + self, + host: "_HostType", + handler: str, + request_body: bytes, + verbose: bool = False, + ) -> Tuple["_Marshallable", ...]: + assert isinstance(host, str) + parts = (self._scheme, host, handler, None, None, None) + url = urllib.parse.urlunparse(parts) + try: + headers = {"Content-Type": "text/xml"} + response = self._session.post( + url, + data=request_body, + headers=headers, + stream=True, + ) + raise_for_status(response) + self.verbose = verbose + return self.parse_response(response.raw) + except NetworkConnectionError as exc: + assert exc.response + logger.critical( + "HTTP error %s while getting %s", + exc.response.status_code, + url, + ) + raise diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/metadata.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/metadata.py new file mode 100644 index 000000000..1c826835b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/metadata.py @@ -0,0 +1,35 @@ +"""Metadata generation logic for source distributions. +""" + +import os + +from pip._vendor.pep517.wrappers import Pep517HookCaller + +from pip._internal.build_env import BuildEnvironment +from pip._internal.utils.subprocess import runner_with_spinner_message +from pip._internal.utils.temp_dir import TempDirectory + + +def generate_metadata(build_env, backend): + # type: (BuildEnvironment, Pep517HookCaller) -> str + """Generate metadata using mechanisms described in PEP 517. + + Returns the generated metadata directory. + """ + metadata_tmpdir = TempDirectory( + kind="modern-metadata", globally_managed=True + ) + + metadata_dir = metadata_tmpdir.path + + with build_env: + # Note that Pep517HookCaller implements a fallback for + # prepare_metadata_for_build_wheel, so we don't have to + # consider the possibility that this hook doesn't exist. + runner = runner_with_spinner_message("Preparing wheel metadata") + with backend.subprocess_runner(runner): + distinfo_dir = backend.prepare_metadata_for_build_wheel( + metadata_dir + ) + + return os.path.join(metadata_dir, distinfo_dir) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/metadata_legacy.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/metadata_legacy.py new file mode 100644 index 000000000..f46538a07 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/metadata_legacy.py @@ -0,0 +1,74 @@ +"""Metadata generation logic for legacy source distributions. +""" + +import logging +import os + +from pip._internal.build_env import BuildEnvironment +from pip._internal.exceptions import InstallationError +from pip._internal.utils.setuptools_build import make_setuptools_egg_info_args +from pip._internal.utils.subprocess import call_subprocess +from pip._internal.utils.temp_dir import TempDirectory + +logger = logging.getLogger(__name__) + + +def _find_egg_info(directory): + # type: (str) -> str + """Find an .egg-info subdirectory in `directory`. + """ + filenames = [ + f for f in os.listdir(directory) if f.endswith(".egg-info") + ] + + if not filenames: + raise InstallationError( + f"No .egg-info directory found in {directory}" + ) + + if len(filenames) > 1: + raise InstallationError( + "More than one .egg-info directory found in {}".format( + directory + ) + ) + + return os.path.join(directory, filenames[0]) + + +def generate_metadata( + build_env, # type: BuildEnvironment + setup_py_path, # type: str + source_dir, # type: str + isolated, # type: bool + details, # type: str +): + # type: (...) -> str + """Generate metadata using setup.py-based defacto mechanisms. + + Returns the generated metadata directory. + """ + logger.debug( + 'Running setup.py (path:%s) egg_info for package %s', + setup_py_path, details, + ) + + egg_info_dir = TempDirectory( + kind="pip-egg-info", globally_managed=True + ).path + + args = make_setuptools_egg_info_args( + setup_py_path, + egg_info_dir=egg_info_dir, + no_user_config=isolated, + ) + + with build_env: + call_subprocess( + args, + cwd=source_dir, + command_desc='python setup.py egg_info', + ) + + # Return the .egg-info directory. + return _find_egg_info(egg_info_dir) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/wheel.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/wheel.py new file mode 100644 index 000000000..903bd7a05 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/wheel.py @@ -0,0 +1,38 @@ +import logging +import os +from typing import Optional + +from pip._vendor.pep517.wrappers import Pep517HookCaller + +from pip._internal.utils.subprocess import runner_with_spinner_message + +logger = logging.getLogger(__name__) + + +def build_wheel_pep517( + name, # type: str + backend, # type: Pep517HookCaller + metadata_directory, # type: str + tempd, # type: str +): + # type: (...) -> Optional[str] + """Build one InstallRequirement using the PEP 517 build process. + + Returns path to wheel if successfully built. Otherwise, returns None. + """ + assert metadata_directory is not None + try: + logger.debug('Destination directory: %s', tempd) + + runner = runner_with_spinner_message( + f'Building wheel for {name} (PEP 517)' + ) + with backend.subprocess_runner(runner): + wheel_name = backend.build_wheel( + tempd, + metadata_directory=metadata_directory, + ) + except Exception: + logger.error('Failed building wheel for %s', name) + return None + return os.path.join(tempd, wheel_name) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/wheel_legacy.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/wheel_legacy.py new file mode 100644 index 000000000..755c3bc83 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/build/wheel_legacy.py @@ -0,0 +1,110 @@ +import logging +import os.path +from typing import List, Optional + +from pip._internal.cli.spinners import open_spinner +from pip._internal.utils.setuptools_build import make_setuptools_bdist_wheel_args +from pip._internal.utils.subprocess import ( + LOG_DIVIDER, + call_subprocess, + format_command_args, +) + +logger = logging.getLogger(__name__) + + +def format_command_result( + command_args, # type: List[str] + command_output, # type: str +): + # type: (...) -> str + """Format command information for logging.""" + command_desc = format_command_args(command_args) + text = f'Command arguments: {command_desc}\n' + + if not command_output: + text += 'Command output: None' + elif logger.getEffectiveLevel() > logging.DEBUG: + text += 'Command output: [use --verbose to show]' + else: + if not command_output.endswith('\n'): + command_output += '\n' + text += f'Command output:\n{command_output}{LOG_DIVIDER}' + + return text + + +def get_legacy_build_wheel_path( + names, # type: List[str] + temp_dir, # type: str + name, # type: str + command_args, # type: List[str] + command_output, # type: str +): + # type: (...) -> Optional[str] + """Return the path to the wheel in the temporary build directory.""" + # Sort for determinism. + names = sorted(names) + if not names: + msg = ( + 'Legacy build of wheel for {!r} created no files.\n' + ).format(name) + msg += format_command_result(command_args, command_output) + logger.warning(msg) + return None + + if len(names) > 1: + msg = ( + 'Legacy build of wheel for {!r} created more than one file.\n' + 'Filenames (choosing first): {}\n' + ).format(name, names) + msg += format_command_result(command_args, command_output) + logger.warning(msg) + + return os.path.join(temp_dir, names[0]) + + +def build_wheel_legacy( + name, # type: str + setup_py_path, # type: str + source_dir, # type: str + global_options, # type: List[str] + build_options, # type: List[str] + tempd, # type: str +): + # type: (...) -> Optional[str] + """Build one unpacked package using the "legacy" build process. + + Returns path to wheel if successfully built. Otherwise, returns None. + """ + wheel_args = make_setuptools_bdist_wheel_args( + setup_py_path, + global_options=global_options, + build_options=build_options, + destination_dir=tempd, + ) + + spin_message = f'Building wheel for {name} (setup.py)' + with open_spinner(spin_message) as spinner: + logger.debug('Destination directory: %s', tempd) + + try: + output = call_subprocess( + wheel_args, + cwd=source_dir, + spinner=spinner, + ) + except Exception: + spinner.finish("error") + logger.error('Failed building wheel for %s', name) + return None + + names = os.listdir(tempd) + wheel_path = get_legacy_build_wheel_path( + names=names, + temp_dir=tempd, + name=name, + command_args=wheel_args, + command_output=output, + ) + return wheel_path diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/check.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/check.py new file mode 100644 index 000000000..f3963fb33 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/check.py @@ -0,0 +1,153 @@ +"""Validation of dependencies of packages +""" + +import logging +from typing import TYPE_CHECKING, Callable, Dict, List, NamedTuple, Optional, Set, Tuple + +from pip._vendor.packaging.requirements import Requirement +from pip._vendor.packaging.utils import canonicalize_name + +from pip._internal.distributions import make_distribution_for_install_requirement +from pip._internal.metadata import get_default_environment +from pip._internal.metadata.base import DistributionVersion +from pip._internal.req.req_install import InstallRequirement + +if TYPE_CHECKING: + from pip._vendor.packaging.utils import NormalizedName + +logger = logging.getLogger(__name__) + + +class PackageDetails(NamedTuple): + version: DistributionVersion + dependencies: List[Requirement] + + +# Shorthands +PackageSet = Dict['NormalizedName', PackageDetails] +Missing = Tuple['NormalizedName', Requirement] +Conflicting = Tuple['NormalizedName', DistributionVersion, Requirement] + +MissingDict = Dict['NormalizedName', List[Missing]] +ConflictingDict = Dict['NormalizedName', List[Conflicting]] +CheckResult = Tuple[MissingDict, ConflictingDict] +ConflictDetails = Tuple[PackageSet, CheckResult] + + +def create_package_set_from_installed() -> Tuple[PackageSet, bool]: + """Converts a list of distributions into a PackageSet.""" + package_set = {} + problems = False + env = get_default_environment() + for dist in env.iter_installed_distributions(local_only=False, skip=()): + name = dist.canonical_name + try: + dependencies = list(dist.iter_dependencies()) + package_set[name] = PackageDetails(dist.version, dependencies) + except (OSError, ValueError) as e: + # Don't crash on unreadable or broken metadata. + logger.warning("Error parsing requirements for %s: %s", name, e) + problems = True + return package_set, problems + + +def check_package_set(package_set, should_ignore=None): + # type: (PackageSet, Optional[Callable[[str], bool]]) -> CheckResult + """Check if a package set is consistent + + If should_ignore is passed, it should be a callable that takes a + package name and returns a boolean. + """ + + missing = {} + conflicting = {} + + for package_name, package_detail in package_set.items(): + # Info about dependencies of package_name + missing_deps = set() # type: Set[Missing] + conflicting_deps = set() # type: Set[Conflicting] + + if should_ignore and should_ignore(package_name): + continue + + for req in package_detail.dependencies: + name = canonicalize_name(req.name) + + # Check if it's missing + if name not in package_set: + missed = True + if req.marker is not None: + missed = req.marker.evaluate() + if missed: + missing_deps.add((name, req)) + continue + + # Check if there's a conflict + version = package_set[name].version + if not req.specifier.contains(version, prereleases=True): + conflicting_deps.add((name, version, req)) + + if missing_deps: + missing[package_name] = sorted(missing_deps, key=str) + if conflicting_deps: + conflicting[package_name] = sorted(conflicting_deps, key=str) + + return missing, conflicting + + +def check_install_conflicts(to_install): + # type: (List[InstallRequirement]) -> ConflictDetails + """For checking if the dependency graph would be consistent after \ + installing given requirements + """ + # Start from the current state + package_set, _ = create_package_set_from_installed() + # Install packages + would_be_installed = _simulate_installation_of(to_install, package_set) + + # Only warn about directly-dependent packages; create a whitelist of them + whitelist = _create_whitelist(would_be_installed, package_set) + + return ( + package_set, + check_package_set( + package_set, should_ignore=lambda name: name not in whitelist + ) + ) + + +def _simulate_installation_of(to_install, package_set): + # type: (List[InstallRequirement], PackageSet) -> Set[NormalizedName] + """Computes the version of packages after installing to_install. + """ + # Keep track of packages that were installed + installed = set() + + # Modify it as installing requirement_set would (assuming no errors) + for inst_req in to_install: + abstract_dist = make_distribution_for_install_requirement(inst_req) + dist = abstract_dist.get_pkg_resources_distribution() + + assert dist is not None + name = canonicalize_name(dist.project_name) + package_set[name] = PackageDetails(dist.parsed_version, dist.requires()) + + installed.add(name) + + return installed + + +def _create_whitelist(would_be_installed, package_set): + # type: (Set[NormalizedName], PackageSet) -> Set[NormalizedName] + packages_affected = set(would_be_installed) + + for package_name in package_set: + if package_name in packages_affected: + continue + + for req in package_set[package_name].dependencies: + if canonicalize_name(req.name) in packages_affected: + packages_affected.add(package_name) + break + + return packages_affected diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/freeze.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/freeze.py new file mode 100644 index 000000000..defb20c7c --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/freeze.py @@ -0,0 +1,277 @@ +import collections +import logging +import os +from typing import ( + Container, + Dict, + Iterable, + Iterator, + List, + NamedTuple, + Optional, + Set, + Union, +) + +from pip._vendor.packaging.requirements import Requirement +from pip._vendor.packaging.utils import canonicalize_name +from pip._vendor.packaging.version import Version + +from pip._internal.exceptions import BadCommand, InstallationError +from pip._internal.metadata import BaseDistribution, get_environment +from pip._internal.req.constructors import ( + install_req_from_editable, + install_req_from_line, +) +from pip._internal.req.req_file import COMMENT_RE +from pip._internal.utils.direct_url_helpers import direct_url_as_pep440_direct_reference + +logger = logging.getLogger(__name__) + + +class _EditableInfo(NamedTuple): + requirement: Optional[str] + editable: bool + comments: List[str] + + +def freeze( + requirement=None, # type: Optional[List[str]] + local_only=False, # type: bool + user_only=False, # type: bool + paths=None, # type: Optional[List[str]] + isolated=False, # type: bool + exclude_editable=False, # type: bool + skip=() # type: Container[str] +): + # type: (...) -> Iterator[str] + installations = {} # type: Dict[str, FrozenRequirement] + + dists = get_environment(paths).iter_installed_distributions( + local_only=local_only, + skip=(), + user_only=user_only, + ) + for dist in dists: + req = FrozenRequirement.from_dist(dist) + if exclude_editable and req.editable: + continue + installations[req.canonical_name] = req + + if requirement: + # the options that don't get turned into an InstallRequirement + # should only be emitted once, even if the same option is in multiple + # requirements files, so we need to keep track of what has been emitted + # so that we don't emit it again if it's seen again + emitted_options = set() # type: Set[str] + # keep track of which files a requirement is in so that we can + # give an accurate warning if a requirement appears multiple times. + req_files = collections.defaultdict(list) # type: Dict[str, List[str]] + for req_file_path in requirement: + with open(req_file_path) as req_file: + for line in req_file: + if (not line.strip() or + line.strip().startswith('#') or + line.startswith(( + '-r', '--requirement', + '-f', '--find-links', + '-i', '--index-url', + '--pre', + '--trusted-host', + '--process-dependency-links', + '--extra-index-url', + '--use-feature'))): + line = line.rstrip() + if line not in emitted_options: + emitted_options.add(line) + yield line + continue + + if line.startswith('-e') or line.startswith('--editable'): + if line.startswith('-e'): + line = line[2:].strip() + else: + line = line[len('--editable'):].strip().lstrip('=') + line_req = install_req_from_editable( + line, + isolated=isolated, + ) + else: + line_req = install_req_from_line( + COMMENT_RE.sub('', line).strip(), + isolated=isolated, + ) + + if not line_req.name: + logger.info( + "Skipping line in requirement file [%s] because " + "it's not clear what it would install: %s", + req_file_path, line.strip(), + ) + logger.info( + " (add #egg=PackageName to the URL to avoid" + " this warning)" + ) + else: + line_req_canonical_name = canonicalize_name( + line_req.name) + if line_req_canonical_name not in installations: + # either it's not installed, or it is installed + # but has been processed already + if not req_files[line_req.name]: + logger.warning( + "Requirement file [%s] contains %s, but " + "package %r is not installed", + req_file_path, + COMMENT_RE.sub('', line).strip(), + line_req.name + ) + else: + req_files[line_req.name].append(req_file_path) + else: + yield str(installations[ + line_req_canonical_name]).rstrip() + del installations[line_req_canonical_name] + req_files[line_req.name].append(req_file_path) + + # Warn about requirements that were included multiple times (in a + # single requirements file or in different requirements files). + for name, files in req_files.items(): + if len(files) > 1: + logger.warning("Requirement %s included multiple times [%s]", + name, ', '.join(sorted(set(files)))) + + yield( + '## The following requirements were added by ' + 'pip freeze:' + ) + for installation in sorted( + installations.values(), key=lambda x: x.name.lower()): + if installation.canonical_name not in skip: + yield str(installation).rstrip() + + +def _format_as_name_version(dist: BaseDistribution) -> str: + if isinstance(dist.version, Version): + return f"{dist.raw_name}=={dist.version}" + return f"{dist.raw_name}==={dist.version}" + + +def _get_editable_info(dist: BaseDistribution) -> _EditableInfo: + """ + Compute and return values (req, editable, comments) for use in + FrozenRequirement.from_dist(). + """ + if not dist.editable: + return _EditableInfo(requirement=None, editable=False, comments=[]) + if dist.location is None: + display = _format_as_name_version(dist) + logger.warning("Editable requirement not found on disk: %s", display) + return _EditableInfo( + requirement=None, + editable=True, + comments=[f"# Editable install not found ({display})"], + ) + + location = os.path.normcase(os.path.abspath(dist.location)) + + from pip._internal.vcs import RemoteNotFoundError, RemoteNotValidError, vcs + + vcs_backend = vcs.get_backend_for_dir(location) + + if vcs_backend is None: + display = _format_as_name_version(dist) + logger.debug( + 'No VCS found for editable requirement "%s" in: %r', display, + location, + ) + return _EditableInfo( + requirement=location, + editable=True, + comments=[f'# Editable install with no version control ({display})'], + ) + + vcs_name = type(vcs_backend).__name__ + + try: + req = vcs_backend.get_src_requirement(location, dist.raw_name) + except RemoteNotFoundError: + display = _format_as_name_version(dist) + return _EditableInfo( + requirement=location, + editable=True, + comments=[f'# Editable {vcs_name} install with no remote ({display})'], + ) + except RemoteNotValidError as ex: + display = _format_as_name_version(dist) + return _EditableInfo( + requirement=location, + editable=True, + comments=[ + f"# Editable {vcs_name} install ({display}) with either a deleted " + f"local remote or invalid URI:", + f"# '{ex.url}'", + ], + ) + + except BadCommand: + logger.warning( + 'cannot determine version of editable source in %s ' + '(%s command not found in path)', + location, + vcs_backend.name, + ) + return _EditableInfo(requirement=None, editable=True, comments=[]) + + except InstallationError as exc: + logger.warning( + "Error when trying to get requirement for VCS system %s, " + "falling back to uneditable format", exc + ) + else: + return _EditableInfo(requirement=req, editable=True, comments=[]) + + logger.warning('Could not determine repository location of %s', location) + + return _EditableInfo( + requirement=None, + editable=False, + comments=['## !! Could not determine repository location'], + ) + + +class FrozenRequirement: + def __init__(self, name, req, editable, comments=()): + # type: (str, Union[str, Requirement], bool, Iterable[str]) -> None + self.name = name + self.canonical_name = canonicalize_name(name) + self.req = req + self.editable = editable + self.comments = comments + + @classmethod + def from_dist(cls, dist: BaseDistribution) -> "FrozenRequirement": + # TODO `get_requirement_info` is taking care of editable requirements. + # TODO This should be refactored when we will add detection of + # editable that provide .dist-info metadata. + req, editable, comments = _get_editable_info(dist) + if req is None and not editable: + # if PEP 610 metadata is present, attempt to use it + direct_url = dist.direct_url + if direct_url: + req = direct_url_as_pep440_direct_reference( + direct_url, dist.raw_name + ) + comments = [] + if req is None: + # name==version requirement + req = _format_as_name_version(dist) + + return cls(dist.raw_name, req, editable, comments=comments) + + def __str__(self): + # type: () -> str + req = self.req + if self.editable: + req = f'-e {req}' + return '\n'.join(list(self.comments) + [str(req)]) + '\n' diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/__init__.py new file mode 100644 index 000000000..24d6a5dd3 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/__init__.py @@ -0,0 +1,2 @@ +"""For modules related to installing packages. +""" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/editable_legacy.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/editable_legacy.py new file mode 100644 index 000000000..6882c475c --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/editable_legacy.py @@ -0,0 +1,47 @@ +"""Legacy editable installation process, i.e. `setup.py develop`. +""" +import logging +from typing import List, Optional, Sequence + +from pip._internal.build_env import BuildEnvironment +from pip._internal.utils.logging import indent_log +from pip._internal.utils.setuptools_build import make_setuptools_develop_args +from pip._internal.utils.subprocess import call_subprocess + +logger = logging.getLogger(__name__) + + +def install_editable( + install_options, # type: List[str] + global_options, # type: Sequence[str] + prefix, # type: Optional[str] + home, # type: Optional[str] + use_user_site, # type: bool + name, # type: str + setup_py_path, # type: str + isolated, # type: bool + build_env, # type: BuildEnvironment + unpacked_source_directory, # type: str +): + # type: (...) -> None + """Install a package in editable mode. Most arguments are pass-through + to setuptools. + """ + logger.info('Running setup.py develop for %s', name) + + args = make_setuptools_develop_args( + setup_py_path, + global_options=global_options, + install_options=install_options, + no_user_config=isolated, + prefix=prefix, + home=home, + use_user_site=use_user_site, + ) + + with indent_log(): + with build_env: + call_subprocess( + args, + cwd=unpacked_source_directory, + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/legacy.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/legacy.py new file mode 100644 index 000000000..4cb24fe1a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/legacy.py @@ -0,0 +1,132 @@ +"""Legacy installation process, i.e. `setup.py install`. +""" + +import logging +import os +import sys +from distutils.util import change_root +from typing import List, Optional, Sequence + +from pip._internal.build_env import BuildEnvironment +from pip._internal.exceptions import InstallationError +from pip._internal.models.scheme import Scheme +from pip._internal.utils.logging import indent_log +from pip._internal.utils.misc import ensure_dir +from pip._internal.utils.setuptools_build import make_setuptools_install_args +from pip._internal.utils.subprocess import runner_with_spinner_message +from pip._internal.utils.temp_dir import TempDirectory + +logger = logging.getLogger(__name__) + + +class LegacyInstallFailure(Exception): + def __init__(self): + # type: () -> None + self.parent = sys.exc_info() + + +def write_installed_files_from_setuptools_record( + record_lines: List[str], + root: Optional[str], + req_description: str, +) -> None: + def prepend_root(path): + # type: (str) -> str + if root is None or not os.path.isabs(path): + return path + else: + return change_root(root, path) + + for line in record_lines: + directory = os.path.dirname(line) + if directory.endswith('.egg-info'): + egg_info_dir = prepend_root(directory) + break + else: + message = ( + "{} did not indicate that it installed an " + ".egg-info directory. Only setup.py projects " + "generating .egg-info directories are supported." + ).format(req_description) + raise InstallationError(message) + + new_lines = [] + for line in record_lines: + filename = line.strip() + if os.path.isdir(filename): + filename += os.path.sep + new_lines.append( + os.path.relpath(prepend_root(filename), egg_info_dir) + ) + new_lines.sort() + ensure_dir(egg_info_dir) + inst_files_path = os.path.join(egg_info_dir, 'installed-files.txt') + with open(inst_files_path, 'w') as f: + f.write('\n'.join(new_lines) + '\n') + + +def install( + install_options, # type: List[str] + global_options, # type: Sequence[str] + root, # type: Optional[str] + home, # type: Optional[str] + prefix, # type: Optional[str] + use_user_site, # type: bool + pycompile, # type: bool + scheme, # type: Scheme + setup_py_path, # type: str + isolated, # type: bool + req_name, # type: str + build_env, # type: BuildEnvironment + unpacked_source_directory, # type: str + req_description, # type: str +): + # type: (...) -> bool + + header_dir = scheme.headers + + with TempDirectory(kind="record") as temp_dir: + try: + record_filename = os.path.join(temp_dir.path, 'install-record.txt') + install_args = make_setuptools_install_args( + setup_py_path, + global_options=global_options, + install_options=install_options, + record_filename=record_filename, + root=root, + prefix=prefix, + header_dir=header_dir, + home=home, + use_user_site=use_user_site, + no_user_config=isolated, + pycompile=pycompile, + ) + + runner = runner_with_spinner_message( + f"Running setup.py install for {req_name}" + ) + with indent_log(), build_env: + runner( + cmd=install_args, + cwd=unpacked_source_directory, + ) + + if not os.path.exists(record_filename): + logger.debug('Record file %s not found', record_filename) + # Signal to the caller that we didn't install the new package + return False + + except Exception: + # Signal to the caller that we didn't install the new package + raise LegacyInstallFailure + + # At this point, we have successfully installed the requirement. + + # We intentionally do not use any encoding to read the file because + # setuptools writes the file using distutils.file_util.write_file, + # which does not specify an encoding. + with open(record_filename) as f: + record_lines = f.read().splitlines() + + write_installed_files_from_setuptools_record(record_lines, root, req_description) + return True diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/wheel.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/wheel.py new file mode 100644 index 000000000..b5eafda98 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/install/wheel.py @@ -0,0 +1,803 @@ +"""Support for installing and building the "wheel" binary package format. +""" + +import collections +import compileall +import contextlib +import csv +import importlib +import logging +import os.path +import re +import shutil +import sys +import warnings +from base64 import urlsafe_b64encode +from email.message import Message +from itertools import chain, filterfalse, starmap +from typing import ( + IO, + TYPE_CHECKING, + Any, + BinaryIO, + Callable, + Dict, + Iterable, + Iterator, + List, + NewType, + Optional, + Sequence, + Set, + Tuple, + Union, + cast, +) +from zipfile import ZipFile, ZipInfo + +from pip._vendor.distlib.scripts import ScriptMaker +from pip._vendor.distlib.util import get_export_entry +from pip._vendor.packaging.utils import canonicalize_name +from pip._vendor.six import ensure_str, ensure_text, reraise + +from pip._internal.exceptions import InstallationError +from pip._internal.locations import get_major_minor_version +from pip._internal.metadata import BaseDistribution, get_wheel_distribution +from pip._internal.models.direct_url import DIRECT_URL_METADATA_NAME, DirectUrl +from pip._internal.models.scheme import SCHEME_KEYS, Scheme +from pip._internal.utils.filesystem import adjacent_tmp_file, replace +from pip._internal.utils.misc import captured_stdout, ensure_dir, hash_file, partition +from pip._internal.utils.unpacking import ( + current_umask, + is_within_directory, + set_extracted_file_to_default_mode_plus_executable, + zip_item_is_executable, +) +from pip._internal.utils.wheel import parse_wheel + +if TYPE_CHECKING: + from typing import Protocol + + class File(Protocol): + src_record_path = None # type: RecordPath + dest_path = None # type: str + changed = None # type: bool + + def save(self): + # type: () -> None + pass + + +logger = logging.getLogger(__name__) + +RecordPath = NewType('RecordPath', str) +InstalledCSVRow = Tuple[RecordPath, str, Union[int, str]] + + +def rehash(path, blocksize=1 << 20): + # type: (str, int) -> Tuple[str, str] + """Return (encoded_digest, length) for path using hashlib.sha256()""" + h, length = hash_file(path, blocksize) + digest = 'sha256=' + urlsafe_b64encode( + h.digest() + ).decode('latin1').rstrip('=') + return (digest, str(length)) + + +def csv_io_kwargs(mode): + # type: (str) -> Dict[str, Any] + """Return keyword arguments to properly open a CSV file + in the given mode. + """ + return {'mode': mode, 'newline': '', 'encoding': 'utf-8'} + + +def fix_script(path): + # type: (str) -> bool + """Replace #!python with #!/path/to/python + Return True if file was changed. + """ + # XXX RECORD hashes will need to be updated + assert os.path.isfile(path) + + with open(path, 'rb') as script: + firstline = script.readline() + if not firstline.startswith(b'#!python'): + return False + exename = sys.executable.encode(sys.getfilesystemencoding()) + firstline = b'#!' + exename + os.linesep.encode("ascii") + rest = script.read() + with open(path, 'wb') as script: + script.write(firstline) + script.write(rest) + return True + + +def wheel_root_is_purelib(metadata): + # type: (Message) -> bool + return metadata.get("Root-Is-Purelib", "").lower() == "true" + + +def get_entrypoints(dist: BaseDistribution) -> Tuple[Dict[str, str], Dict[str, str]]: + console_scripts = {} + gui_scripts = {} + for entry_point in dist.iter_entry_points(): + if entry_point.group == "console_scripts": + console_scripts[entry_point.name] = entry_point.value + elif entry_point.group == "gui_scripts": + gui_scripts[entry_point.name] = entry_point.value + return console_scripts, gui_scripts + + +def message_about_scripts_not_on_PATH(scripts): + # type: (Sequence[str]) -> Optional[str] + """Determine if any scripts are not on PATH and format a warning. + Returns a warning message if one or more scripts are not on PATH, + otherwise None. + """ + if not scripts: + return None + + # Group scripts by the path they were installed in + grouped_by_dir = collections.defaultdict(set) # type: Dict[str, Set[str]] + for destfile in scripts: + parent_dir = os.path.dirname(destfile) + script_name = os.path.basename(destfile) + grouped_by_dir[parent_dir].add(script_name) + + # We don't want to warn for directories that are on PATH. + not_warn_dirs = [ + os.path.normcase(i).rstrip(os.sep) for i in + os.environ.get("PATH", "").split(os.pathsep) + ] + # If an executable sits with sys.executable, we don't warn for it. + # This covers the case of venv invocations without activating the venv. + not_warn_dirs.append(os.path.normcase(os.path.dirname(sys.executable))) + warn_for = { + parent_dir: scripts for parent_dir, scripts in grouped_by_dir.items() + if os.path.normcase(parent_dir) not in not_warn_dirs + } # type: Dict[str, Set[str]] + if not warn_for: + return None + + # Format a message + msg_lines = [] + for parent_dir, dir_scripts in warn_for.items(): + sorted_scripts = sorted(dir_scripts) # type: List[str] + if len(sorted_scripts) == 1: + start_text = "script {} is".format(sorted_scripts[0]) + else: + start_text = "scripts {} are".format( + ", ".join(sorted_scripts[:-1]) + " and " + sorted_scripts[-1] + ) + + msg_lines.append( + "The {} installed in '{}' which is not on PATH." + .format(start_text, parent_dir) + ) + + last_line_fmt = ( + "Consider adding {} to PATH or, if you prefer " + "to suppress this warning, use --no-warn-script-location." + ) + if len(msg_lines) == 1: + msg_lines.append(last_line_fmt.format("this directory")) + else: + msg_lines.append(last_line_fmt.format("these directories")) + + # Add a note if any directory starts with ~ + warn_for_tilde = any( + i[0] == "~" for i in os.environ.get("PATH", "").split(os.pathsep) if i + ) + if warn_for_tilde: + tilde_warning_msg = ( + "NOTE: The current PATH contains path(s) starting with `~`, " + "which may not be expanded by all applications." + ) + msg_lines.append(tilde_warning_msg) + + # Returns the formatted multiline message + return "\n".join(msg_lines) + + +def _normalized_outrows(outrows): + # type: (Iterable[InstalledCSVRow]) -> List[Tuple[str, str, str]] + """Normalize the given rows of a RECORD file. + + Items in each row are converted into str. Rows are then sorted to make + the value more predictable for tests. + + Each row is a 3-tuple (path, hash, size) and corresponds to a record of + a RECORD file (see PEP 376 and PEP 427 for details). For the rows + passed to this function, the size can be an integer as an int or string, + or the empty string. + """ + # Normally, there should only be one row per path, in which case the + # second and third elements don't come into play when sorting. + # However, in cases in the wild where a path might happen to occur twice, + # we don't want the sort operation to trigger an error (but still want + # determinism). Since the third element can be an int or string, we + # coerce each element to a string to avoid a TypeError in this case. + # For additional background, see-- + # https://github.com/pypa/pip/issues/5868 + return sorted( + (ensure_str(record_path, encoding='utf-8'), hash_, str(size)) + for record_path, hash_, size in outrows + ) + + +def _record_to_fs_path(record_path): + # type: (RecordPath) -> str + return record_path + + +def _fs_to_record_path(path, relative_to=None): + # type: (str, Optional[str]) -> RecordPath + if relative_to is not None: + # On Windows, do not handle relative paths if they belong to different + # logical disks + if os.path.splitdrive(path)[0].lower() == \ + os.path.splitdrive(relative_to)[0].lower(): + path = os.path.relpath(path, relative_to) + path = path.replace(os.path.sep, '/') + return cast('RecordPath', path) + + +def _parse_record_path(record_column): + # type: (str) -> RecordPath + p = ensure_text(record_column, encoding='utf-8') + return cast('RecordPath', p) + + +def get_csv_rows_for_installed( + old_csv_rows, # type: List[List[str]] + installed, # type: Dict[RecordPath, RecordPath] + changed, # type: Set[RecordPath] + generated, # type: List[str] + lib_dir, # type: str +): + # type: (...) -> List[InstalledCSVRow] + """ + :param installed: A map from archive RECORD path to installation RECORD + path. + """ + installed_rows = [] # type: List[InstalledCSVRow] + for row in old_csv_rows: + if len(row) > 3: + logger.warning('RECORD line has more than three elements: %s', row) + old_record_path = _parse_record_path(row[0]) + new_record_path = installed.pop(old_record_path, old_record_path) + if new_record_path in changed: + digest, length = rehash(_record_to_fs_path(new_record_path)) + else: + digest = row[1] if len(row) > 1 else '' + length = row[2] if len(row) > 2 else '' + installed_rows.append((new_record_path, digest, length)) + for f in generated: + path = _fs_to_record_path(f, lib_dir) + digest, length = rehash(f) + installed_rows.append((path, digest, length)) + for installed_record_path in installed.values(): + installed_rows.append((installed_record_path, '', '')) + return installed_rows + + +def get_console_script_specs(console): + # type: (Dict[str, str]) -> List[str] + """ + Given the mapping from entrypoint name to callable, return the relevant + console script specs. + """ + # Don't mutate caller's version + console = console.copy() + + scripts_to_generate = [] + + # Special case pip and setuptools to generate versioned wrappers + # + # The issue is that some projects (specifically, pip and setuptools) use + # code in setup.py to create "versioned" entry points - pip2.7 on Python + # 2.7, pip3.3 on Python 3.3, etc. But these entry points are baked into + # the wheel metadata at build time, and so if the wheel is installed with + # a *different* version of Python the entry points will be wrong. The + # correct fix for this is to enhance the metadata to be able to describe + # such versioned entry points, but that won't happen till Metadata 2.0 is + # available. + # In the meantime, projects using versioned entry points will either have + # incorrect versioned entry points, or they will not be able to distribute + # "universal" wheels (i.e., they will need a wheel per Python version). + # + # Because setuptools and pip are bundled with _ensurepip and virtualenv, + # we need to use universal wheels. So, as a stopgap until Metadata 2.0, we + # override the versioned entry points in the wheel and generate the + # correct ones. This code is purely a short-term measure until Metadata 2.0 + # is available. + # + # To add the level of hack in this section of code, in order to support + # ensurepip this code will look for an ``ENSUREPIP_OPTIONS`` environment + # variable which will control which version scripts get installed. + # + # ENSUREPIP_OPTIONS=altinstall + # - Only pipX.Y and easy_install-X.Y will be generated and installed + # ENSUREPIP_OPTIONS=install + # - pipX.Y, pipX, easy_install-X.Y will be generated and installed. Note + # that this option is technically if ENSUREPIP_OPTIONS is set and is + # not altinstall + # DEFAULT + # - The default behavior is to install pip, pipX, pipX.Y, easy_install + # and easy_install-X.Y. + pip_script = console.pop('pip', None) + if pip_script: + if "ENSUREPIP_OPTIONS" not in os.environ: + scripts_to_generate.append('pip = ' + pip_script) + + if os.environ.get("ENSUREPIP_OPTIONS", "") != "altinstall": + scripts_to_generate.append( + 'pip{} = {}'.format(sys.version_info[0], pip_script) + ) + + scripts_to_generate.append( + f'pip{get_major_minor_version()} = {pip_script}' + ) + # Delete any other versioned pip entry points + pip_ep = [k for k in console if re.match(r'pip(\d(\.\d)?)?$', k)] + for k in pip_ep: + del console[k] + easy_install_script = console.pop('easy_install', None) + if easy_install_script: + if "ENSUREPIP_OPTIONS" not in os.environ: + scripts_to_generate.append( + 'easy_install = ' + easy_install_script + ) + + scripts_to_generate.append( + 'easy_install-{} = {}'.format( + get_major_minor_version(), easy_install_script + ) + ) + # Delete any other versioned easy_install entry points + easy_install_ep = [ + k for k in console if re.match(r'easy_install(-\d\.\d)?$', k) + ] + for k in easy_install_ep: + del console[k] + + # Generate the console entry points specified in the wheel + scripts_to_generate.extend(starmap('{} = {}'.format, console.items())) + + return scripts_to_generate + + +class ZipBackedFile: + def __init__(self, src_record_path, dest_path, zip_file): + # type: (RecordPath, str, ZipFile) -> None + self.src_record_path = src_record_path + self.dest_path = dest_path + self._zip_file = zip_file + self.changed = False + + def _getinfo(self): + # type: () -> ZipInfo + return self._zip_file.getinfo(self.src_record_path) + + def save(self): + # type: () -> None + # directory creation is lazy and after file filtering + # to ensure we don't install empty dirs; empty dirs can't be + # uninstalled. + parent_dir = os.path.dirname(self.dest_path) + ensure_dir(parent_dir) + + # When we open the output file below, any existing file is truncated + # before we start writing the new contents. This is fine in most + # cases, but can cause a segfault if pip has loaded a shared + # object (e.g. from pyopenssl through its vendored urllib3) + # Since the shared object is mmap'd an attempt to call a + # symbol in it will then cause a segfault. Unlinking the file + # allows writing of new contents while allowing the process to + # continue to use the old copy. + if os.path.exists(self.dest_path): + os.unlink(self.dest_path) + + zipinfo = self._getinfo() + + with self._zip_file.open(zipinfo) as f: + with open(self.dest_path, "wb") as dest: + shutil.copyfileobj(f, dest) + + if zip_item_is_executable(zipinfo): + set_extracted_file_to_default_mode_plus_executable(self.dest_path) + + +class ScriptFile: + def __init__(self, file): + # type: (File) -> None + self._file = file + self.src_record_path = self._file.src_record_path + self.dest_path = self._file.dest_path + self.changed = False + + def save(self): + # type: () -> None + self._file.save() + self.changed = fix_script(self.dest_path) + + +class MissingCallableSuffix(InstallationError): + def __init__(self, entry_point): + # type: (str) -> None + super().__init__( + "Invalid script entry point: {} - A callable " + "suffix is required. Cf https://packaging.python.org/" + "specifications/entry-points/#use-for-scripts for more " + "information.".format(entry_point) + ) + + +def _raise_for_invalid_entrypoint(specification): + # type: (str) -> None + entry = get_export_entry(specification) + if entry is not None and entry.suffix is None: + raise MissingCallableSuffix(str(entry)) + + +class PipScriptMaker(ScriptMaker): + def make(self, specification, options=None): + # type: (str, Dict[str, Any]) -> List[str] + _raise_for_invalid_entrypoint(specification) + return super().make(specification, options) + + +def _install_wheel( + name, # type: str + wheel_zip, # type: ZipFile + wheel_path, # type: str + scheme, # type: Scheme + pycompile=True, # type: bool + warn_script_location=True, # type: bool + direct_url=None, # type: Optional[DirectUrl] + requested=False, # type: bool +): + # type: (...) -> None + """Install a wheel. + + :param name: Name of the project to install + :param wheel_zip: open ZipFile for wheel being installed + :param scheme: Distutils scheme dictating the install directories + :param req_description: String used in place of the requirement, for + logging + :param pycompile: Whether to byte-compile installed Python files + :param warn_script_location: Whether to check that scripts are installed + into a directory on PATH + :raises UnsupportedWheel: + * when the directory holds an unpacked wheel with incompatible + Wheel-Version + * when the .dist-info dir does not match the wheel + """ + info_dir, metadata = parse_wheel(wheel_zip, name) + + if wheel_root_is_purelib(metadata): + lib_dir = scheme.purelib + else: + lib_dir = scheme.platlib + + # Record details of the files moved + # installed = files copied from the wheel to the destination + # changed = files changed while installing (scripts #! line typically) + # generated = files newly generated during the install (script wrappers) + installed = {} # type: Dict[RecordPath, RecordPath] + changed = set() # type: Set[RecordPath] + generated = [] # type: List[str] + + def record_installed(srcfile, destfile, modified=False): + # type: (RecordPath, str, bool) -> None + """Map archive RECORD paths to installation RECORD paths.""" + newpath = _fs_to_record_path(destfile, lib_dir) + installed[srcfile] = newpath + if modified: + changed.add(_fs_to_record_path(destfile)) + + def all_paths(): + # type: () -> Iterable[RecordPath] + names = wheel_zip.namelist() + # If a flag is set, names may be unicode in Python 2. We convert to + # text explicitly so these are valid for lookup in RECORD. + decoded_names = map(ensure_text, names) + for name in decoded_names: + yield cast("RecordPath", name) + + def is_dir_path(path): + # type: (RecordPath) -> bool + return path.endswith("/") + + def assert_no_path_traversal(dest_dir_path, target_path): + # type: (str, str) -> None + if not is_within_directory(dest_dir_path, target_path): + message = ( + "The wheel {!r} has a file {!r} trying to install" + " outside the target directory {!r}" + ) + raise InstallationError( + message.format(wheel_path, target_path, dest_dir_path) + ) + + def root_scheme_file_maker(zip_file, dest): + # type: (ZipFile, str) -> Callable[[RecordPath], File] + def make_root_scheme_file(record_path): + # type: (RecordPath) -> File + normed_path = os.path.normpath(record_path) + dest_path = os.path.join(dest, normed_path) + assert_no_path_traversal(dest, dest_path) + return ZipBackedFile(record_path, dest_path, zip_file) + + return make_root_scheme_file + + def data_scheme_file_maker(zip_file, scheme): + # type: (ZipFile, Scheme) -> Callable[[RecordPath], File] + scheme_paths = {} + for key in SCHEME_KEYS: + encoded_key = ensure_text(key) + scheme_paths[encoded_key] = ensure_text( + getattr(scheme, key), encoding=sys.getfilesystemencoding() + ) + + def make_data_scheme_file(record_path): + # type: (RecordPath) -> File + normed_path = os.path.normpath(record_path) + try: + _, scheme_key, dest_subpath = normed_path.split(os.path.sep, 2) + except ValueError: + message = ( + "Unexpected file in {}: {!r}. .data directory contents" + " should be named like: '/'." + ).format(wheel_path, record_path) + raise InstallationError(message) + + try: + scheme_path = scheme_paths[scheme_key] + except KeyError: + valid_scheme_keys = ", ".join(sorted(scheme_paths)) + message = ( + "Unknown scheme key used in {}: {} (for file {!r}). .data" + " directory contents should be in subdirectories named" + " with a valid scheme key ({})" + ).format( + wheel_path, scheme_key, record_path, valid_scheme_keys + ) + raise InstallationError(message) + + dest_path = os.path.join(scheme_path, dest_subpath) + assert_no_path_traversal(scheme_path, dest_path) + return ZipBackedFile(record_path, dest_path, zip_file) + + return make_data_scheme_file + + def is_data_scheme_path(path): + # type: (RecordPath) -> bool + return path.split("/", 1)[0].endswith(".data") + + paths = all_paths() + file_paths = filterfalse(is_dir_path, paths) + root_scheme_paths, data_scheme_paths = partition( + is_data_scheme_path, file_paths + ) + + make_root_scheme_file = root_scheme_file_maker( + wheel_zip, + ensure_text(lib_dir, encoding=sys.getfilesystemencoding()), + ) + files = map(make_root_scheme_file, root_scheme_paths) + + def is_script_scheme_path(path): + # type: (RecordPath) -> bool + parts = path.split("/", 2) + return ( + len(parts) > 2 and + parts[0].endswith(".data") and + parts[1] == "scripts" + ) + + other_scheme_paths, script_scheme_paths = partition( + is_script_scheme_path, data_scheme_paths + ) + + make_data_scheme_file = data_scheme_file_maker(wheel_zip, scheme) + other_scheme_files = map(make_data_scheme_file, other_scheme_paths) + files = chain(files, other_scheme_files) + + # Get the defined entry points + distribution = get_wheel_distribution(wheel_path, canonicalize_name(name)) + console, gui = get_entrypoints(distribution) + + def is_entrypoint_wrapper(file): + # type: (File) -> bool + # EP, EP.exe and EP-script.py are scripts generated for + # entry point EP by setuptools + path = file.dest_path + name = os.path.basename(path) + if name.lower().endswith('.exe'): + matchname = name[:-4] + elif name.lower().endswith('-script.py'): + matchname = name[:-10] + elif name.lower().endswith(".pya"): + matchname = name[:-4] + else: + matchname = name + # Ignore setuptools-generated scripts + return (matchname in console or matchname in gui) + + script_scheme_files = map(make_data_scheme_file, script_scheme_paths) + script_scheme_files = filterfalse( + is_entrypoint_wrapper, script_scheme_files + ) + script_scheme_files = map(ScriptFile, script_scheme_files) + files = chain(files, script_scheme_files) + + for file in files: + file.save() + record_installed(file.src_record_path, file.dest_path, file.changed) + + def pyc_source_file_paths(): + # type: () -> Iterator[str] + # We de-duplicate installation paths, since there can be overlap (e.g. + # file in .data maps to same location as file in wheel root). + # Sorting installation paths makes it easier to reproduce and debug + # issues related to permissions on existing files. + for installed_path in sorted(set(installed.values())): + full_installed_path = os.path.join(lib_dir, installed_path) + if not os.path.isfile(full_installed_path): + continue + if not full_installed_path.endswith('.py'): + continue + yield full_installed_path + + def pyc_output_path(path): + # type: (str) -> str + """Return the path the pyc file would have been written to. + """ + return importlib.util.cache_from_source(path) + + # Compile all of the pyc files for the installed files + if pycompile: + with captured_stdout() as stdout: + with warnings.catch_warnings(): + warnings.filterwarnings('ignore') + for path in pyc_source_file_paths(): + # Python 2's `compileall.compile_file` requires a str in + # error cases, so we must convert to the native type. + path_arg = ensure_str( + path, encoding=sys.getfilesystemencoding() + ) + success = compileall.compile_file( + path_arg, force=True, quiet=True + ) + if success: + pyc_path = pyc_output_path(path) + assert os.path.exists(pyc_path) + pyc_record_path = cast( + "RecordPath", pyc_path.replace(os.path.sep, "/") + ) + record_installed(pyc_record_path, pyc_path) + logger.debug(stdout.getvalue()) + + maker = PipScriptMaker(None, scheme.scripts) + + # Ensure old scripts are overwritten. + # See https://github.com/pypa/pip/issues/1800 + maker.clobber = True + + # Ensure we don't generate any variants for scripts because this is almost + # never what somebody wants. + # See https://bitbucket.org/pypa/distlib/issue/35/ + maker.variants = {''} + + # This is required because otherwise distlib creates scripts that are not + # executable. + # See https://bitbucket.org/pypa/distlib/issue/32/ + maker.set_mode = True + + # Generate the console and GUI entry points specified in the wheel + scripts_to_generate = get_console_script_specs(console) + + gui_scripts_to_generate = list(starmap('{} = {}'.format, gui.items())) + + generated_console_scripts = maker.make_multiple(scripts_to_generate) + generated.extend(generated_console_scripts) + + generated.extend( + maker.make_multiple(gui_scripts_to_generate, {'gui': True}) + ) + + if warn_script_location: + msg = message_about_scripts_not_on_PATH(generated_console_scripts) + if msg is not None: + logger.warning(msg) + + generated_file_mode = 0o666 & ~current_umask() + + @contextlib.contextmanager + def _generate_file(path, **kwargs): + # type: (str, **Any) -> Iterator[BinaryIO] + with adjacent_tmp_file(path, **kwargs) as f: + yield f + os.chmod(f.name, generated_file_mode) + replace(f.name, path) + + dest_info_dir = os.path.join(lib_dir, info_dir) + + # Record pip as the installer + installer_path = os.path.join(dest_info_dir, 'INSTALLER') + with _generate_file(installer_path) as installer_file: + installer_file.write(b'pip\n') + generated.append(installer_path) + + # Record the PEP 610 direct URL reference + if direct_url is not None: + direct_url_path = os.path.join(dest_info_dir, DIRECT_URL_METADATA_NAME) + with _generate_file(direct_url_path) as direct_url_file: + direct_url_file.write(direct_url.to_json().encode("utf-8")) + generated.append(direct_url_path) + + # Record the REQUESTED file + if requested: + requested_path = os.path.join(dest_info_dir, 'REQUESTED') + with open(requested_path, "wb"): + pass + generated.append(requested_path) + + record_text = distribution.read_text('RECORD') + record_rows = list(csv.reader(record_text.splitlines())) + + rows = get_csv_rows_for_installed( + record_rows, + installed=installed, + changed=changed, + generated=generated, + lib_dir=lib_dir) + + # Record details of all files installed + record_path = os.path.join(dest_info_dir, 'RECORD') + + with _generate_file(record_path, **csv_io_kwargs('w')) as record_file: + # The type mypy infers for record_file is different for Python 3 + # (typing.IO[Any]) and Python 2 (typing.BinaryIO). We explicitly + # cast to typing.IO[str] as a workaround. + writer = csv.writer(cast('IO[str]', record_file)) + writer.writerows(_normalized_outrows(rows)) + + +@contextlib.contextmanager +def req_error_context(req_description): + # type: (str) -> Iterator[None] + try: + yield + except InstallationError as e: + message = "For req: {}. {}".format(req_description, e.args[0]) + reraise( + InstallationError, InstallationError(message), sys.exc_info()[2] + ) + + +def install_wheel( + name, # type: str + wheel_path, # type: str + scheme, # type: Scheme + req_description, # type: str + pycompile=True, # type: bool + warn_script_location=True, # type: bool + direct_url=None, # type: Optional[DirectUrl] + requested=False, # type: bool +): + # type: (...) -> None + with ZipFile(wheel_path, allowZip64=True) as z: + with req_error_context(req_description): + _install_wheel( + name=name, + wheel_zip=z, + wheel_path=wheel_path, + scheme=scheme, + pycompile=pycompile, + warn_script_location=warn_script_location, + direct_url=direct_url, + requested=requested, + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/prepare.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/prepare.py new file mode 100644 index 000000000..247e63fc8 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/operations/prepare.py @@ -0,0 +1,655 @@ +"""Prepares a distribution for installation +""" + +# The following comment should be removed at some point in the future. +# mypy: strict-optional=False + +import logging +import mimetypes +import os +import shutil +from typing import Dict, Iterable, List, Optional, Tuple + +from pip._vendor.packaging.utils import canonicalize_name +from pip._vendor.pkg_resources import Distribution + +from pip._internal.distributions import make_distribution_for_install_requirement +from pip._internal.distributions.installed import InstalledDistribution +from pip._internal.exceptions import ( + DirectoryUrlHashUnsupported, + HashMismatch, + HashUnpinned, + InstallationError, + NetworkConnectionError, + PreviousBuildDirError, + VcsHashUnsupported, +) +from pip._internal.index.package_finder import PackageFinder +from pip._internal.models.link import Link +from pip._internal.models.wheel import Wheel +from pip._internal.network.download import BatchDownloader, Downloader +from pip._internal.network.lazy_wheel import ( + HTTPRangeRequestUnsupported, + dist_from_wheel_url, +) +from pip._internal.network.session import PipSession +from pip._internal.req.req_install import InstallRequirement +from pip._internal.req.req_tracker import RequirementTracker +from pip._internal.utils.deprecation import deprecated +from pip._internal.utils.filesystem import copy2_fixed +from pip._internal.utils.hashes import Hashes, MissingHashes +from pip._internal.utils.logging import indent_log +from pip._internal.utils.misc import display_path, hide_url, is_installable_dir, rmtree +from pip._internal.utils.temp_dir import TempDirectory +from pip._internal.utils.unpacking import unpack_file +from pip._internal.vcs import vcs + +logger = logging.getLogger(__name__) + + +def _get_prepared_distribution( + req, # type: InstallRequirement + req_tracker, # type: RequirementTracker + finder, # type: PackageFinder + build_isolation, # type: bool +): + # type: (...) -> Distribution + """Prepare a distribution for installation.""" + abstract_dist = make_distribution_for_install_requirement(req) + with req_tracker.track(req): + abstract_dist.prepare_distribution_metadata(finder, build_isolation) + return abstract_dist.get_pkg_resources_distribution() + + +def unpack_vcs_link(link, location): + # type: (Link, str) -> None + vcs_backend = vcs.get_backend_for_scheme(link.scheme) + assert vcs_backend is not None + vcs_backend.unpack(location, url=hide_url(link.url)) + + +class File: + + def __init__(self, path, content_type): + # type: (str, Optional[str]) -> None + self.path = path + if content_type is None: + self.content_type = mimetypes.guess_type(path)[0] + else: + self.content_type = content_type + + +def get_http_url( + link, # type: Link + download, # type: Downloader + download_dir=None, # type: Optional[str] + hashes=None, # type: Optional[Hashes] +): + # type: (...) -> File + temp_dir = TempDirectory(kind="unpack", globally_managed=True) + # If a download dir is specified, is the file already downloaded there? + already_downloaded_path = None + if download_dir: + already_downloaded_path = _check_download_dir( + link, download_dir, hashes + ) + + if already_downloaded_path: + from_path = already_downloaded_path + content_type = None + else: + # let's download to a tmp dir + from_path, content_type = download(link, temp_dir.path) + if hashes: + hashes.check_against_path(from_path) + + return File(from_path, content_type) + + +def _copy2_ignoring_special_files(src, dest): + # type: (str, str) -> None + """Copying special files is not supported, but as a convenience to users + we skip errors copying them. This supports tools that may create e.g. + socket files in the project source directory. + """ + try: + copy2_fixed(src, dest) + except shutil.SpecialFileError as e: + # SpecialFileError may be raised due to either the source or + # destination. If the destination was the cause then we would actually + # care, but since the destination directory is deleted prior to + # copy we ignore all of them assuming it is caused by the source. + logger.warning( + "Ignoring special file error '%s' encountered copying %s to %s.", + str(e), + src, + dest, + ) + + +def _copy_source_tree(source, target): + # type: (str, str) -> None + target_abspath = os.path.abspath(target) + target_basename = os.path.basename(target_abspath) + target_dirname = os.path.dirname(target_abspath) + + def ignore(d, names): + # type: (str, List[str]) -> List[str] + skipped = [] # type: List[str] + if d == source: + # Pulling in those directories can potentially be very slow, + # exclude the following directories if they appear in the top + # level dir (and only it). + # See discussion at https://github.com/pypa/pip/pull/6770 + skipped += ['.tox', '.nox'] + if os.path.abspath(d) == target_dirname: + # Prevent an infinite recursion if the target is in source. + # This can happen when TMPDIR is set to ${PWD}/... + # and we copy PWD to TMPDIR. + skipped += [target_basename] + return skipped + + shutil.copytree( + source, + target, + ignore=ignore, + symlinks=True, + copy_function=_copy2_ignoring_special_files, + ) + + +def get_file_url( + link, # type: Link + download_dir=None, # type: Optional[str] + hashes=None # type: Optional[Hashes] +): + # type: (...) -> File + """Get file and optionally check its hash. + """ + # If a download dir is specified, is the file already there and valid? + already_downloaded_path = None + if download_dir: + already_downloaded_path = _check_download_dir( + link, download_dir, hashes + ) + + if already_downloaded_path: + from_path = already_downloaded_path + else: + from_path = link.file_path + + # If --require-hashes is off, `hashes` is either empty, the + # link's embedded hash, or MissingHashes; it is required to + # match. If --require-hashes is on, we are satisfied by any + # hash in `hashes` matching: a URL-based or an option-based + # one; no internet-sourced hash will be in `hashes`. + if hashes: + hashes.check_against_path(from_path) + return File(from_path, None) + + +def unpack_url( + link, # type: Link + location, # type: str + download, # type: Downloader + download_dir=None, # type: Optional[str] + hashes=None, # type: Optional[Hashes] +): + # type: (...) -> Optional[File] + """Unpack link into location, downloading if required. + + :param hashes: A Hashes object, one of whose embedded hashes must match, + or HashMismatch will be raised. If the Hashes is empty, no matches are + required, and unhashable types of requirements (like VCS ones, which + would ordinarily raise HashUnsupported) are allowed. + """ + # non-editable vcs urls + if link.is_vcs: + unpack_vcs_link(link, location) + return None + + # Once out-of-tree-builds are no longer supported, could potentially + # replace the below condition with `assert not link.is_existing_dir` + # - unpack_url does not need to be called for in-tree-builds. + # + # As further cleanup, _copy_source_tree and accompanying tests can + # be removed. + if link.is_existing_dir(): + deprecated( + "A future pip version will change local packages to be built " + "in-place without first copying to a temporary directory. " + "We recommend you use --use-feature=in-tree-build to test " + "your packages with this new behavior before it becomes the " + "default.\n", + replacement=None, + gone_in="21.3", + issue=7555 + ) + if os.path.isdir(location): + rmtree(location) + _copy_source_tree(link.file_path, location) + return None + + # file urls + if link.is_file: + file = get_file_url(link, download_dir, hashes=hashes) + + # http urls + else: + file = get_http_url( + link, + download, + download_dir, + hashes=hashes, + ) + + # unpack the archive to the build dir location. even when only downloading + # archives, they have to be unpacked to parse dependencies, except wheels + if not link.is_wheel: + unpack_file(file.path, location, file.content_type) + + return file + + +def _check_download_dir(link, download_dir, hashes): + # type: (Link, str, Optional[Hashes]) -> Optional[str] + """ Check download_dir for previously downloaded file with correct hash + If a correct file is found return its path else None + """ + download_path = os.path.join(download_dir, link.filename) + + if not os.path.exists(download_path): + return None + + # If already downloaded, does its hash match? + logger.info('File was already downloaded %s', download_path) + if hashes: + try: + hashes.check_against_path(download_path) + except HashMismatch: + logger.warning( + 'Previously-downloaded file %s has bad hash. ' + 'Re-downloading.', + download_path + ) + os.unlink(download_path) + return None + return download_path + + +class RequirementPreparer: + """Prepares a Requirement + """ + + def __init__( + self, + build_dir, # type: str + download_dir, # type: Optional[str] + src_dir, # type: str + build_isolation, # type: bool + req_tracker, # type: RequirementTracker + session, # type: PipSession + progress_bar, # type: str + finder, # type: PackageFinder + require_hashes, # type: bool + use_user_site, # type: bool + lazy_wheel, # type: bool + in_tree_build, # type: bool + ): + # type: (...) -> None + super().__init__() + + self.src_dir = src_dir + self.build_dir = build_dir + self.req_tracker = req_tracker + self._session = session + self._download = Downloader(session, progress_bar) + self._batch_download = BatchDownloader(session, progress_bar) + self.finder = finder + + # Where still-packed archives should be written to. If None, they are + # not saved, and are deleted immediately after unpacking. + self.download_dir = download_dir + + # Is build isolation allowed? + self.build_isolation = build_isolation + + # Should hash-checking be required? + self.require_hashes = require_hashes + + # Should install in user site-packages? + self.use_user_site = use_user_site + + # Should wheels be downloaded lazily? + self.use_lazy_wheel = lazy_wheel + + # Should in-tree builds be used for local paths? + self.in_tree_build = in_tree_build + + # Memoized downloaded files, as mapping of url: (path, mime type) + self._downloaded = {} # type: Dict[str, Tuple[str, str]] + + # Previous "header" printed for a link-based InstallRequirement + self._previous_requirement_header = ("", "") + + def _log_preparing_link(self, req): + # type: (InstallRequirement) -> None + """Provide context for the requirement being prepared.""" + if req.link.is_file and not req.original_link_is_in_wheel_cache: + message = "Processing %s" + information = str(display_path(req.link.file_path)) + else: + message = "Collecting %s" + information = str(req.req or req) + + if (message, information) != self._previous_requirement_header: + self._previous_requirement_header = (message, information) + logger.info(message, information) + + if req.original_link_is_in_wheel_cache: + with indent_log(): + logger.info("Using cached %s", req.link.filename) + + def _ensure_link_req_src_dir(self, req, parallel_builds): + # type: (InstallRequirement, bool) -> None + """Ensure source_dir of a linked InstallRequirement.""" + # Since source_dir is only set for editable requirements. + if req.link.is_wheel: + # We don't need to unpack wheels, so no need for a source + # directory. + return + assert req.source_dir is None + if req.link.is_existing_dir() and self.in_tree_build: + # build local directories in-tree + req.source_dir = req.link.file_path + return + + # We always delete unpacked sdists after pip runs. + req.ensure_has_source_dir( + self.build_dir, + autodelete=True, + parallel_builds=parallel_builds, + ) + + # If a checkout exists, it's unwise to keep going. version + # inconsistencies are logged later, but do not fail the + # installation. + # FIXME: this won't upgrade when there's an existing + # package unpacked in `req.source_dir` + if is_installable_dir(req.source_dir): + raise PreviousBuildDirError( + "pip can't proceed with requirements '{}' due to a" + "pre-existing build directory ({}). This is likely " + "due to a previous installation that failed . pip is " + "being responsible and not assuming it can delete this. " + "Please delete it and try again.".format(req, req.source_dir) + ) + + def _get_linked_req_hashes(self, req): + # type: (InstallRequirement) -> Hashes + # By the time this is called, the requirement's link should have + # been checked so we can tell what kind of requirements req is + # and raise some more informative errors than otherwise. + # (For example, we can raise VcsHashUnsupported for a VCS URL + # rather than HashMissing.) + if not self.require_hashes: + return req.hashes(trust_internet=True) + + # We could check these first 2 conditions inside unpack_url + # and save repetition of conditions, but then we would + # report less-useful error messages for unhashable + # requirements, complaining that there's no hash provided. + if req.link.is_vcs: + raise VcsHashUnsupported() + if req.link.is_existing_dir(): + raise DirectoryUrlHashUnsupported() + + # Unpinned packages are asking for trouble when a new version + # is uploaded. This isn't a security check, but it saves users + # a surprising hash mismatch in the future. + # file:/// URLs aren't pinnable, so don't complain about them + # not being pinned. + if req.original_link is None and not req.is_pinned: + raise HashUnpinned() + + # If known-good hashes are missing for this requirement, + # shim it with a facade object that will provoke hash + # computation and then raise a HashMissing exception + # showing the user what the hash should be. + return req.hashes(trust_internet=False) or MissingHashes() + + def _fetch_metadata_using_lazy_wheel(self, link): + # type: (Link) -> Optional[Distribution] + """Fetch metadata using lazy wheel, if possible.""" + if not self.use_lazy_wheel: + return None + if self.require_hashes: + logger.debug('Lazy wheel is not used as hash checking is required') + return None + if link.is_file or not link.is_wheel: + logger.debug( + 'Lazy wheel is not used as ' + '%r does not points to a remote wheel', + link, + ) + return None + + wheel = Wheel(link.filename) + name = canonicalize_name(wheel.name) + logger.info( + 'Obtaining dependency information from %s %s', + name, wheel.version, + ) + url = link.url.split('#', 1)[0] + try: + return dist_from_wheel_url(name, url, self._session) + except HTTPRangeRequestUnsupported: + logger.debug('%s does not support range requests', url) + return None + + def _complete_partial_requirements( + self, + partially_downloaded_reqs, # type: Iterable[InstallRequirement] + parallel_builds=False, # type: bool + ): + # type: (...) -> None + """Download any requirements which were only fetched by metadata.""" + # Download to a temporary directory. These will be copied over as + # needed for downstream 'download', 'wheel', and 'install' commands. + temp_dir = TempDirectory(kind="unpack", globally_managed=True).path + + # Map each link to the requirement that owns it. This allows us to set + # `req.local_file_path` on the appropriate requirement after passing + # all the links at once into BatchDownloader. + links_to_fully_download = {} # type: Dict[Link, InstallRequirement] + for req in partially_downloaded_reqs: + assert req.link + links_to_fully_download[req.link] = req + + batch_download = self._batch_download( + links_to_fully_download.keys(), + temp_dir, + ) + for link, (filepath, _) in batch_download: + logger.debug("Downloading link %s to %s", link, filepath) + req = links_to_fully_download[link] + req.local_file_path = filepath + + # This step is necessary to ensure all lazy wheels are processed + # successfully by the 'download', 'wheel', and 'install' commands. + for req in partially_downloaded_reqs: + self._prepare_linked_requirement(req, parallel_builds) + + def prepare_linked_requirement(self, req, parallel_builds=False): + # type: (InstallRequirement, bool) -> Distribution + """Prepare a requirement to be obtained from req.link.""" + assert req.link + link = req.link + self._log_preparing_link(req) + with indent_log(): + # Check if the relevant file is already available + # in the download directory + file_path = None + if self.download_dir is not None and link.is_wheel: + hashes = self._get_linked_req_hashes(req) + file_path = _check_download_dir(req.link, self.download_dir, hashes) + + if file_path is not None: + # The file is already available, so mark it as downloaded + self._downloaded[req.link.url] = file_path, None + else: + # The file is not available, attempt to fetch only metadata + wheel_dist = self._fetch_metadata_using_lazy_wheel(link) + if wheel_dist is not None: + req.needs_more_preparation = True + return wheel_dist + + # None of the optimizations worked, fully prepare the requirement + return self._prepare_linked_requirement(req, parallel_builds) + + def prepare_linked_requirements_more(self, reqs, parallel_builds=False): + # type: (Iterable[InstallRequirement], bool) -> None + """Prepare linked requirements more, if needed.""" + reqs = [req for req in reqs if req.needs_more_preparation] + for req in reqs: + # Determine if any of these requirements were already downloaded. + if self.download_dir is not None and req.link.is_wheel: + hashes = self._get_linked_req_hashes(req) + file_path = _check_download_dir(req.link, self.download_dir, hashes) + if file_path is not None: + self._downloaded[req.link.url] = file_path, None + req.needs_more_preparation = False + + # Prepare requirements we found were already downloaded for some + # reason. The other downloads will be completed separately. + partially_downloaded_reqs = [] # type: List[InstallRequirement] + for req in reqs: + if req.needs_more_preparation: + partially_downloaded_reqs.append(req) + else: + self._prepare_linked_requirement(req, parallel_builds) + + # TODO: separate this part out from RequirementPreparer when the v1 + # resolver can be removed! + self._complete_partial_requirements( + partially_downloaded_reqs, parallel_builds=parallel_builds, + ) + + def _prepare_linked_requirement(self, req, parallel_builds): + # type: (InstallRequirement, bool) -> Distribution + assert req.link + link = req.link + + self._ensure_link_req_src_dir(req, parallel_builds) + hashes = self._get_linked_req_hashes(req) + + if link.is_existing_dir() and self.in_tree_build: + local_file = None + elif link.url not in self._downloaded: + try: + local_file = unpack_url( + link, req.source_dir, self._download, + self.download_dir, hashes + ) + except NetworkConnectionError as exc: + raise InstallationError( + 'Could not install requirement {} because of HTTP ' + 'error {} for URL {}'.format(req, exc, link) + ) + else: + file_path, content_type = self._downloaded[link.url] + if hashes: + hashes.check_against_path(file_path) + local_file = File(file_path, content_type) + + # For use in later processing, + # preserve the file path on the requirement. + if local_file: + req.local_file_path = local_file.path + + dist = _get_prepared_distribution( + req, self.req_tracker, self.finder, self.build_isolation, + ) + return dist + + def save_linked_requirement(self, req): + # type: (InstallRequirement) -> None + assert self.download_dir is not None + assert req.link is not None + link = req.link + if link.is_vcs or (link.is_existing_dir() and req.editable): + # Make a .zip of the source_dir we already created. + req.archive(self.download_dir) + return + + if link.is_existing_dir(): + logger.debug( + 'Not copying link to destination directory ' + 'since it is a directory: %s', link, + ) + return + if req.local_file_path is None: + # No distribution was downloaded for this requirement. + return + + download_location = os.path.join(self.download_dir, link.filename) + if not os.path.exists(download_location): + shutil.copy(req.local_file_path, download_location) + download_path = display_path(download_location) + logger.info('Saved %s', download_path) + + def prepare_editable_requirement( + self, + req, # type: InstallRequirement + ): + # type: (...) -> Distribution + """Prepare an editable requirement + """ + assert req.editable, "cannot prepare a non-editable req as editable" + + logger.info('Obtaining %s', req) + + with indent_log(): + if self.require_hashes: + raise InstallationError( + 'The editable requirement {} cannot be installed when ' + 'requiring hashes, because there is no single file to ' + 'hash.'.format(req) + ) + req.ensure_has_source_dir(self.src_dir) + req.update_editable() + + dist = _get_prepared_distribution( + req, self.req_tracker, self.finder, self.build_isolation, + ) + + req.check_if_exists(self.use_user_site) + + return dist + + def prepare_installed_requirement( + self, + req, # type: InstallRequirement + skip_reason # type: str + ): + # type: (...) -> Distribution + """Prepare an already-installed requirement + """ + assert req.satisfied_by, "req should have been satisfied but isn't" + assert skip_reason is not None, ( + "did not get skip reason skipped but req.satisfied_by " + "is set to {}".format(req.satisfied_by) + ) + logger.info( + 'Requirement %s: %s (%s)', + skip_reason, req, req.satisfied_by.version + ) + with indent_log(): + if self.require_hashes: + logger.debug( + 'Since it is already installed, we are trusting this ' + 'package without checking its hash. To ensure a ' + 'completely repeatable environment, install into an ' + 'empty virtualenv.' + ) + return InstalledDistribution(req).get_pkg_resources_distribution() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/pyproject.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/pyproject.py new file mode 100644 index 000000000..5aa6160b4 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/pyproject.py @@ -0,0 +1,183 @@ +import os +from collections import namedtuple +from typing import Any, List, Optional + +from pip._vendor import tomli +from pip._vendor.packaging.requirements import InvalidRequirement, Requirement + +from pip._internal.exceptions import InstallationError + + +def _is_list_of_str(obj): + # type: (Any) -> bool + return ( + isinstance(obj, list) and + all(isinstance(item, str) for item in obj) + ) + + +def make_pyproject_path(unpacked_source_directory): + # type: (str) -> str + return os.path.join(unpacked_source_directory, 'pyproject.toml') + + +BuildSystemDetails = namedtuple('BuildSystemDetails', [ + 'requires', 'backend', 'check', 'backend_path' +]) + + +def load_pyproject_toml( + use_pep517, # type: Optional[bool] + pyproject_toml, # type: str + setup_py, # type: str + req_name # type: str +): + # type: (...) -> Optional[BuildSystemDetails] + """Load the pyproject.toml file. + + Parameters: + use_pep517 - Has the user requested PEP 517 processing? None + means the user hasn't explicitly specified. + pyproject_toml - Location of the project's pyproject.toml file + setup_py - Location of the project's setup.py file + req_name - The name of the requirement we're processing (for + error reporting) + + Returns: + None if we should use the legacy code path, otherwise a tuple + ( + requirements from pyproject.toml, + name of PEP 517 backend, + requirements we should check are installed after setting + up the build environment + directory paths to import the backend from (backend-path), + relative to the project root. + ) + """ + has_pyproject = os.path.isfile(pyproject_toml) + has_setup = os.path.isfile(setup_py) + + if has_pyproject: + with open(pyproject_toml, encoding="utf-8") as f: + pp_toml = tomli.load(f) + build_system = pp_toml.get("build-system") + else: + build_system = None + + # The following cases must use PEP 517 + # We check for use_pep517 being non-None and falsey because that means + # the user explicitly requested --no-use-pep517. The value 0 as + # opposed to False can occur when the value is provided via an + # environment variable or config file option (due to the quirk of + # strtobool() returning an integer in pip's configuration code). + if has_pyproject and not has_setup: + if use_pep517 is not None and not use_pep517: + raise InstallationError( + "Disabling PEP 517 processing is invalid: " + "project does not have a setup.py" + ) + use_pep517 = True + elif build_system and "build-backend" in build_system: + if use_pep517 is not None and not use_pep517: + raise InstallationError( + "Disabling PEP 517 processing is invalid: " + "project specifies a build backend of {} " + "in pyproject.toml".format( + build_system["build-backend"] + ) + ) + use_pep517 = True + + # If we haven't worked out whether to use PEP 517 yet, + # and the user hasn't explicitly stated a preference, + # we do so if the project has a pyproject.toml file. + elif use_pep517 is None: + use_pep517 = has_pyproject + + # At this point, we know whether we're going to use PEP 517. + assert use_pep517 is not None + + # If we're using the legacy code path, there is nothing further + # for us to do here. + if not use_pep517: + return None + + if build_system is None: + # Either the user has a pyproject.toml with no build-system + # section, or the user has no pyproject.toml, but has opted in + # explicitly via --use-pep517. + # In the absence of any explicit backend specification, we + # assume the setuptools backend that most closely emulates the + # traditional direct setup.py execution, and require wheel and + # a version of setuptools that supports that backend. + + build_system = { + "requires": ["setuptools>=40.8.0", "wheel"], + "build-backend": "setuptools.build_meta:__legacy__", + } + + # If we're using PEP 517, we have build system information (either + # from pyproject.toml, or defaulted by the code above). + # Note that at this point, we do not know if the user has actually + # specified a backend, though. + assert build_system is not None + + # Ensure that the build-system section in pyproject.toml conforms + # to PEP 518. + error_template = ( + "{package} has a pyproject.toml file that does not comply " + "with PEP 518: {reason}" + ) + + # Specifying the build-system table but not the requires key is invalid + if "requires" not in build_system: + raise InstallationError( + error_template.format(package=req_name, reason=( + "it has a 'build-system' table but not " + "'build-system.requires' which is mandatory in the table" + )) + ) + + # Error out if requires is not a list of strings + requires = build_system["requires"] + if not _is_list_of_str(requires): + raise InstallationError(error_template.format( + package=req_name, + reason="'build-system.requires' is not a list of strings.", + )) + + # Each requirement must be valid as per PEP 508 + for requirement in requires: + try: + Requirement(requirement) + except InvalidRequirement: + raise InstallationError( + error_template.format( + package=req_name, + reason=( + "'build-system.requires' contains an invalid " + "requirement: {!r}".format(requirement) + ), + ) + ) + + backend = build_system.get("build-backend") + backend_path = build_system.get("backend-path", []) + check = [] # type: List[str] + if backend is None: + # If the user didn't specify a backend, we assume they want to use + # the setuptools backend. But we can't be sure they have included + # a version of setuptools which supplies the backend, or wheel + # (which is needed by the backend) in their requirements. So we + # make a note to check that those requirements are present once + # we have set up the environment. + # This is quite a lot of work to check for a very specific case. But + # the problem is, that case is potentially quite common - projects that + # adopted PEP 518 early for the ability to specify requirements to + # execute setup.py, but never considered needing to mention the build + # tools themselves. The original PEP 518 code had a similar check (but + # implemented in a different way). + backend = "setuptools.build_meta:__legacy__" + check = ["setuptools>=40.8.0", "wheel"] + + return BuildSystemDetails(requires, backend, check, backend_path) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/req/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/__init__.py new file mode 100644 index 000000000..aaea748dc --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/__init__.py @@ -0,0 +1,94 @@ +import collections +import logging +from typing import Iterator, List, Optional, Sequence, Tuple + +from pip._internal.utils.logging import indent_log + +from .req_file import parse_requirements +from .req_install import InstallRequirement +from .req_set import RequirementSet + +__all__ = [ + "RequirementSet", "InstallRequirement", + "parse_requirements", "install_given_reqs", +] + +logger = logging.getLogger(__name__) + + +class InstallationResult: + def __init__(self, name: str) -> None: + self.name = name + + def __repr__(self) -> str: + return f"InstallationResult(name={self.name!r})" + + +def _validate_requirements( + requirements: List[InstallRequirement], +) -> Iterator[Tuple[str, InstallRequirement]]: + for req in requirements: + assert req.name, f"invalid to-be-installed requirement: {req}" + yield req.name, req + + +def install_given_reqs( + requirements: List[InstallRequirement], + install_options: List[str], + global_options: Sequence[str], + root: Optional[str], + home: Optional[str], + prefix: Optional[str], + warn_script_location: bool, + use_user_site: bool, + pycompile: bool, +) -> List[InstallationResult]: + """ + Install everything in the given list. + + (to be called after having downloaded and unpacked the packages) + """ + to_install = collections.OrderedDict(_validate_requirements(requirements)) + + if to_install: + logger.info( + 'Installing collected packages: %s', + ', '.join(to_install.keys()), + ) + + installed = [] + + with indent_log(): + for req_name, requirement in to_install.items(): + if requirement.should_reinstall: + logger.info('Attempting uninstall: %s', req_name) + with indent_log(): + uninstalled_pathset = requirement.uninstall( + auto_confirm=True + ) + else: + uninstalled_pathset = None + + try: + requirement.install( + install_options, + global_options, + root=root, + home=home, + prefix=prefix, + warn_script_location=warn_script_location, + use_user_site=use_user_site, + pycompile=pycompile, + ) + except Exception: + # if install did not succeed, rollback previous uninstall + if uninstalled_pathset and not requirement.install_succeeded: + uninstalled_pathset.rollback() + raise + else: + if uninstalled_pathset and requirement.install_succeeded: + uninstalled_pathset.commit() + + installed.append(InstallationResult(req_name)) + + return installed diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/req/constructors.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/constructors.py new file mode 100644 index 000000000..d0f5b4248 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/constructors.py @@ -0,0 +1,474 @@ +"""Backing implementation for InstallRequirement's various constructors + +The idea here is that these formed a major chunk of InstallRequirement's size +so, moving them and support code dedicated to them outside of that class +helps creates for better understandability for the rest of the code. + +These are meant to be used elsewhere within pip to create instances of +InstallRequirement. +""" + +import logging +import os +import re +from typing import Any, Dict, Optional, Set, Tuple, Union + +from pip._vendor.packaging.markers import Marker +from pip._vendor.packaging.requirements import InvalidRequirement, Requirement +from pip._vendor.packaging.specifiers import Specifier +from pip._vendor.pkg_resources import RequirementParseError, parse_requirements + +from pip._internal.exceptions import InstallationError +from pip._internal.models.index import PyPI, TestPyPI +from pip._internal.models.link import Link +from pip._internal.models.wheel import Wheel +from pip._internal.pyproject import make_pyproject_path +from pip._internal.req.req_file import ParsedRequirement +from pip._internal.req.req_install import InstallRequirement +from pip._internal.utils.filetypes import is_archive_file +from pip._internal.utils.misc import is_installable_dir +from pip._internal.utils.urls import path_to_url +from pip._internal.vcs import is_url, vcs + +__all__ = [ + "install_req_from_editable", "install_req_from_line", + "parse_editable" +] + +logger = logging.getLogger(__name__) +operators = Specifier._operators.keys() + + +def _strip_extras(path: str) -> Tuple[str, Optional[str]]: + m = re.match(r'^(.+)(\[[^\]]+\])$', path) + extras = None + if m: + path_no_extras = m.group(1) + extras = m.group(2) + else: + path_no_extras = path + + return path_no_extras, extras + + +def convert_extras(extras: Optional[str]) -> Set[str]: + if not extras: + return set() + return Requirement("placeholder" + extras.lower()).extras + + +def parse_editable(editable_req: str) -> Tuple[Optional[str], str, Set[str]]: + """Parses an editable requirement into: + - a requirement name + - an URL + - extras + - editable options + Accepted requirements: + svn+http://blahblah@rev#egg=Foobar[baz]&subdirectory=version_subdir + .[some_extra] + """ + + url = editable_req + + # If a file path is specified with extras, strip off the extras. + url_no_extras, extras = _strip_extras(url) + + if os.path.isdir(url_no_extras): + setup_py = os.path.join(url_no_extras, 'setup.py') + setup_cfg = os.path.join(url_no_extras, 'setup.cfg') + if not os.path.exists(setup_py) and not os.path.exists(setup_cfg): + msg = ( + 'File "setup.py" or "setup.cfg" not found. Directory cannot be ' + 'installed in editable mode: {}' + .format(os.path.abspath(url_no_extras)) + ) + pyproject_path = make_pyproject_path(url_no_extras) + if os.path.isfile(pyproject_path): + msg += ( + '\n(A "pyproject.toml" file was found, but editable ' + 'mode currently requires a setuptools-based build.)' + ) + raise InstallationError(msg) + + # Treating it as code that has already been checked out + url_no_extras = path_to_url(url_no_extras) + + if url_no_extras.lower().startswith('file:'): + package_name = Link(url_no_extras).egg_fragment + if extras: + return ( + package_name, + url_no_extras, + Requirement("placeholder" + extras.lower()).extras, + ) + else: + return package_name, url_no_extras, set() + + for version_control in vcs: + if url.lower().startswith(f'{version_control}:'): + url = f'{version_control}+{url}' + break + + link = Link(url) + + if not link.is_vcs: + backends = ", ".join(vcs.all_schemes) + raise InstallationError( + f'{editable_req} is not a valid editable requirement. ' + f'It should either be a path to a local project or a VCS URL ' + f'(beginning with {backends}).' + ) + + package_name = link.egg_fragment + if not package_name: + raise InstallationError( + "Could not detect requirement name for '{}', please specify one " + "with #egg=your_package_name".format(editable_req) + ) + return package_name, url, set() + + +def deduce_helpful_msg(req: str) -> str: + """Returns helpful msg in case requirements file does not exist, + or cannot be parsed. + + :params req: Requirements file path + """ + msg = "" + if os.path.exists(req): + msg = " The path does exist. " + # Try to parse and check if it is a requirements file. + try: + with open(req) as fp: + # parse first line only + next(parse_requirements(fp.read())) + msg += ( + "The argument you provided " + "({}) appears to be a" + " requirements file. If that is the" + " case, use the '-r' flag to install" + " the packages specified within it." + ).format(req) + except RequirementParseError: + logger.debug( + "Cannot parse '%s' as requirements file", req, exc_info=True + ) + else: + msg += f" File '{req}' does not exist." + return msg + + +class RequirementParts: + def __init__( + self, + requirement: Optional[Requirement], + link: Optional[Link], + markers: Optional[Marker], + extras: Set[str], + ): + self.requirement = requirement + self.link = link + self.markers = markers + self.extras = extras + + +def parse_req_from_editable(editable_req: str) -> RequirementParts: + name, url, extras_override = parse_editable(editable_req) + + if name is not None: + try: + req: Optional[Requirement] = Requirement(name) + except InvalidRequirement: + raise InstallationError(f"Invalid requirement: '{name}'") + else: + req = None + + link = Link(url) + + return RequirementParts(req, link, None, extras_override) + + +# ---- The actual constructors follow ---- + + +def install_req_from_editable( + editable_req: str, + comes_from: Optional[Union[InstallRequirement, str]] = None, + use_pep517: Optional[bool] = None, + isolated: bool = False, + options: Optional[Dict[str, Any]] = None, + constraint: bool = False, + user_supplied: bool = False, +) -> InstallRequirement: + + parts = parse_req_from_editable(editable_req) + + return InstallRequirement( + parts.requirement, + comes_from=comes_from, + user_supplied=user_supplied, + editable=True, + link=parts.link, + constraint=constraint, + use_pep517=use_pep517, + isolated=isolated, + install_options=options.get("install_options", []) if options else [], + global_options=options.get("global_options", []) if options else [], + hash_options=options.get("hashes", {}) if options else {}, + extras=parts.extras, + ) + + +def _looks_like_path(name: str) -> bool: + """Checks whether the string "looks like" a path on the filesystem. + + This does not check whether the target actually exists, only judge from the + appearance. + + Returns true if any of the following conditions is true: + * a path separator is found (either os.path.sep or os.path.altsep); + * a dot is found (which represents the current directory). + """ + if os.path.sep in name: + return True + if os.path.altsep is not None and os.path.altsep in name: + return True + if name.startswith("."): + return True + return False + + +def _get_url_from_path(path: str, name: str) -> Optional[str]: + """ + First, it checks whether a provided path is an installable directory. If it + is, returns the path. + + If false, check if the path is an archive file (such as a .whl). + The function checks if the path is a file. If false, if the path has + an @, it will treat it as a PEP 440 URL requirement and return the path. + """ + if _looks_like_path(name) and os.path.isdir(path): + if is_installable_dir(path): + return path_to_url(path) + raise InstallationError( + f"Directory {name!r} is not installable. Neither 'setup.py' " + "nor 'pyproject.toml' found." + ) + if not is_archive_file(path): + return None + if os.path.isfile(path): + return path_to_url(path) + urlreq_parts = name.split('@', 1) + if len(urlreq_parts) >= 2 and not _looks_like_path(urlreq_parts[0]): + # If the path contains '@' and the part before it does not look + # like a path, try to treat it as a PEP 440 URL req instead. + return None + logger.warning( + 'Requirement %r looks like a filename, but the ' + 'file does not exist', + name + ) + return path_to_url(path) + + +def parse_req_from_line(name: str, line_source: Optional[str]) -> RequirementParts: + if is_url(name): + marker_sep = '; ' + else: + marker_sep = ';' + if marker_sep in name: + name, markers_as_string = name.split(marker_sep, 1) + markers_as_string = markers_as_string.strip() + if not markers_as_string: + markers = None + else: + markers = Marker(markers_as_string) + else: + markers = None + name = name.strip() + req_as_string = None + path = os.path.normpath(os.path.abspath(name)) + link = None + extras_as_string = None + + if is_url(name): + link = Link(name) + else: + p, extras_as_string = _strip_extras(path) + url = _get_url_from_path(p, name) + if url is not None: + link = Link(url) + + # it's a local file, dir, or url + if link: + # Handle relative file URLs + if link.scheme == 'file' and re.search(r'\.\./', link.url): + link = Link( + path_to_url(os.path.normpath(os.path.abspath(link.path)))) + # wheel file + if link.is_wheel: + wheel = Wheel(link.filename) # can raise InvalidWheelFilename + req_as_string = f"{wheel.name}=={wheel.version}" + else: + # set the req to the egg fragment. when it's not there, this + # will become an 'unnamed' requirement + req_as_string = link.egg_fragment + + # a requirement specifier + else: + req_as_string = name + + extras = convert_extras(extras_as_string) + + def with_source(text: str) -> str: + if not line_source: + return text + return f'{text} (from {line_source})' + + def _parse_req_string(req_as_string: str) -> Requirement: + try: + req = Requirement(req_as_string) + except InvalidRequirement: + if os.path.sep in req_as_string: + add_msg = "It looks like a path." + add_msg += deduce_helpful_msg(req_as_string) + elif ('=' in req_as_string and + not any(op in req_as_string for op in operators)): + add_msg = "= is not a valid operator. Did you mean == ?" + else: + add_msg = '' + msg = with_source( + f'Invalid requirement: {req_as_string!r}' + ) + if add_msg: + msg += f'\nHint: {add_msg}' + raise InstallationError(msg) + else: + # Deprecate extras after specifiers: "name>=1.0[extras]" + # This currently works by accident because _strip_extras() parses + # any extras in the end of the string and those are saved in + # RequirementParts + for spec in req.specifier: + spec_str = str(spec) + if spec_str.endswith(']'): + msg = f"Extras after version '{spec_str}'." + raise InstallationError(msg) + return req + + if req_as_string is not None: + req: Optional[Requirement] = _parse_req_string(req_as_string) + else: + req = None + + return RequirementParts(req, link, markers, extras) + + +def install_req_from_line( + name: str, + comes_from: Optional[Union[str, InstallRequirement]] = None, + use_pep517: Optional[bool] = None, + isolated: bool = False, + options: Optional[Dict[str, Any]] = None, + constraint: bool = False, + line_source: Optional[str] = None, + user_supplied: bool = False, +) -> InstallRequirement: + """Creates an InstallRequirement from a name, which might be a + requirement, directory containing 'setup.py', filename, or URL. + + :param line_source: An optional string describing where the line is from, + for logging purposes in case of an error. + """ + parts = parse_req_from_line(name, line_source) + + return InstallRequirement( + parts.requirement, comes_from, link=parts.link, markers=parts.markers, + use_pep517=use_pep517, isolated=isolated, + install_options=options.get("install_options", []) if options else [], + global_options=options.get("global_options", []) if options else [], + hash_options=options.get("hashes", {}) if options else {}, + constraint=constraint, + extras=parts.extras, + user_supplied=user_supplied, + ) + + +def install_req_from_req_string( + req_string: str, + comes_from: Optional[InstallRequirement] = None, + isolated: bool = False, + use_pep517: Optional[bool] = None, + user_supplied: bool = False, +) -> InstallRequirement: + try: + req = Requirement(req_string) + except InvalidRequirement: + raise InstallationError(f"Invalid requirement: '{req_string}'") + + domains_not_allowed = [ + PyPI.file_storage_domain, + TestPyPI.file_storage_domain, + ] + if (req.url and comes_from and comes_from.link and + comes_from.link.netloc in domains_not_allowed): + # Explicitly disallow pypi packages that depend on external urls + raise InstallationError( + "Packages installed from PyPI cannot depend on packages " + "which are not also hosted on PyPI.\n" + "{} depends on {} ".format(comes_from.name, req) + ) + + return InstallRequirement( + req, + comes_from, + isolated=isolated, + use_pep517=use_pep517, + user_supplied=user_supplied, + ) + + +def install_req_from_parsed_requirement( + parsed_req: ParsedRequirement, + isolated: bool = False, + use_pep517: Optional[bool] = None, + user_supplied: bool = False, +) -> InstallRequirement: + if parsed_req.is_editable: + req = install_req_from_editable( + parsed_req.requirement, + comes_from=parsed_req.comes_from, + use_pep517=use_pep517, + constraint=parsed_req.constraint, + isolated=isolated, + user_supplied=user_supplied, + ) + + else: + req = install_req_from_line( + parsed_req.requirement, + comes_from=parsed_req.comes_from, + use_pep517=use_pep517, + isolated=isolated, + options=parsed_req.options, + constraint=parsed_req.constraint, + line_source=parsed_req.line_source, + user_supplied=user_supplied, + ) + return req + + +def install_req_from_link_and_ireq( + link: Link, ireq: InstallRequirement +) -> InstallRequirement: + return InstallRequirement( + req=ireq.req, + comes_from=ireq.comes_from, + editable=ireq.editable, + link=link, + markers=ireq.markers, + use_pep517=ireq.use_pep517, + isolated=ireq.isolated, + install_options=ireq.install_options, + global_options=ireq.global_options, + hash_options=ireq.hash_options, + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_file.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_file.py new file mode 100644 index 000000000..01c6cf679 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_file.py @@ -0,0 +1,528 @@ +""" +Requirements file parsing +""" + +import optparse +import os +import re +import shlex +import urllib.parse +from optparse import Values +from typing import TYPE_CHECKING, Any, Callable, Dict, Iterator, List, Optional, Tuple + +from pip._internal.cli import cmdoptions +from pip._internal.exceptions import InstallationError, RequirementsFileParseError +from pip._internal.models.search_scope import SearchScope +from pip._internal.network.session import PipSession +from pip._internal.network.utils import raise_for_status +from pip._internal.utils.encoding import auto_decode +from pip._internal.utils.urls import get_url_scheme + +if TYPE_CHECKING: + # NoReturn introduced in 3.6.2; imported only for type checking to maintain + # pip compatibility with older patch versions of Python 3.6 + from typing import NoReturn + + from pip._internal.index.package_finder import PackageFinder + +__all__ = ['parse_requirements'] + +ReqFileLines = Iterator[Tuple[int, str]] + +LineParser = Callable[[str], Tuple[str, Values]] + +SCHEME_RE = re.compile(r'^(http|https|file):', re.I) +COMMENT_RE = re.compile(r'(^|\s+)#.*$') + +# Matches environment variable-style values in '${MY_VARIABLE_1}' with the +# variable name consisting of only uppercase letters, digits or the '_' +# (underscore). This follows the POSIX standard defined in IEEE Std 1003.1, +# 2013 Edition. +ENV_VAR_RE = re.compile(r'(?P\$\{(?P[A-Z0-9_]+)\})') + +SUPPORTED_OPTIONS: List[Callable[..., optparse.Option]] = [ + cmdoptions.index_url, + cmdoptions.extra_index_url, + cmdoptions.no_index, + cmdoptions.constraints, + cmdoptions.requirements, + cmdoptions.editable, + cmdoptions.find_links, + cmdoptions.no_binary, + cmdoptions.only_binary, + cmdoptions.prefer_binary, + cmdoptions.require_hashes, + cmdoptions.pre, + cmdoptions.trusted_host, + cmdoptions.use_new_feature, +] + +# options to be passed to requirements +SUPPORTED_OPTIONS_REQ: List[Callable[..., optparse.Option]] = [ + cmdoptions.install_options, + cmdoptions.global_options, + cmdoptions.hash, +] + +# the 'dest' string values +SUPPORTED_OPTIONS_REQ_DEST = [str(o().dest) for o in SUPPORTED_OPTIONS_REQ] + + +class ParsedRequirement: + def __init__( + self, + requirement: str, + is_editable: bool, + comes_from: str, + constraint: bool, + options: Optional[Dict[str, Any]] = None, + line_source: Optional[str] = None, + ) -> None: + self.requirement = requirement + self.is_editable = is_editable + self.comes_from = comes_from + self.options = options + self.constraint = constraint + self.line_source = line_source + + +class ParsedLine: + def __init__( + self, + filename: str, + lineno: int, + args: str, + opts: Values, + constraint: bool, + ) -> None: + self.filename = filename + self.lineno = lineno + self.opts = opts + self.constraint = constraint + + if args: + self.is_requirement = True + self.is_editable = False + self.requirement = args + elif opts.editables: + self.is_requirement = True + self.is_editable = True + # We don't support multiple -e on one line + self.requirement = opts.editables[0] + else: + self.is_requirement = False + + +def parse_requirements( + filename: str, + session: PipSession, + finder: Optional["PackageFinder"] = None, + options: Optional[optparse.Values] = None, + constraint: bool = False, +) -> Iterator[ParsedRequirement]: + """Parse a requirements file and yield ParsedRequirement instances. + + :param filename: Path or url of requirements file. + :param session: PipSession instance. + :param finder: Instance of pip.index.PackageFinder. + :param options: cli options. + :param constraint: If true, parsing a constraint file rather than + requirements file. + """ + line_parser = get_line_parser(finder) + parser = RequirementsFileParser(session, line_parser) + + for parsed_line in parser.parse(filename, constraint): + parsed_req = handle_line( + parsed_line, + options=options, + finder=finder, + session=session + ) + if parsed_req is not None: + yield parsed_req + + +def preprocess(content: str) -> ReqFileLines: + """Split, filter, and join lines, and return a line iterator + + :param content: the content of the requirements file + """ + lines_enum: ReqFileLines = enumerate(content.splitlines(), start=1) + lines_enum = join_lines(lines_enum) + lines_enum = ignore_comments(lines_enum) + lines_enum = expand_env_variables(lines_enum) + return lines_enum + + +def handle_requirement_line( + line: ParsedLine, + options: Optional[optparse.Values] = None, +) -> ParsedRequirement: + + # preserve for the nested code path + line_comes_from = '{} {} (line {})'.format( + '-c' if line.constraint else '-r', line.filename, line.lineno, + ) + + assert line.is_requirement + + if line.is_editable: + # For editable requirements, we don't support per-requirement + # options, so just return the parsed requirement. + return ParsedRequirement( + requirement=line.requirement, + is_editable=line.is_editable, + comes_from=line_comes_from, + constraint=line.constraint, + ) + else: + if options: + # Disable wheels if the user has specified build options + cmdoptions.check_install_build_global(options, line.opts) + + # get the options that apply to requirements + req_options = {} + for dest in SUPPORTED_OPTIONS_REQ_DEST: + if dest in line.opts.__dict__ and line.opts.__dict__[dest]: + req_options[dest] = line.opts.__dict__[dest] + + line_source = f'line {line.lineno} of {line.filename}' + return ParsedRequirement( + requirement=line.requirement, + is_editable=line.is_editable, + comes_from=line_comes_from, + constraint=line.constraint, + options=req_options, + line_source=line_source, + ) + + +def handle_option_line( + opts: Values, + filename: str, + lineno: int, + finder: Optional["PackageFinder"] = None, + options: Optional[optparse.Values] = None, + session: Optional[PipSession] = None, +) -> None: + + if options: + # percolate options upward + if opts.require_hashes: + options.require_hashes = opts.require_hashes + if opts.features_enabled: + options.features_enabled.extend( + f for f in opts.features_enabled + if f not in options.features_enabled + ) + + # set finder options + if finder: + find_links = finder.find_links + index_urls = finder.index_urls + if opts.index_url: + index_urls = [opts.index_url] + if opts.no_index is True: + index_urls = [] + if opts.extra_index_urls: + index_urls.extend(opts.extra_index_urls) + if opts.find_links: + # FIXME: it would be nice to keep track of the source + # of the find_links: support a find-links local path + # relative to a requirements file. + value = opts.find_links[0] + req_dir = os.path.dirname(os.path.abspath(filename)) + relative_to_reqs_file = os.path.join(req_dir, value) + if os.path.exists(relative_to_reqs_file): + value = relative_to_reqs_file + find_links.append(value) + + if session: + # We need to update the auth urls in session + session.update_index_urls(index_urls) + + search_scope = SearchScope( + find_links=find_links, + index_urls=index_urls, + ) + finder.search_scope = search_scope + + if opts.pre: + finder.set_allow_all_prereleases() + + if opts.prefer_binary: + finder.set_prefer_binary() + + if session: + for host in opts.trusted_hosts or []: + source = f'line {lineno} of {filename}' + session.add_trusted_host(host, source=source) + + +def handle_line( + line: ParsedLine, + options: Optional[optparse.Values] = None, + finder: Optional["PackageFinder"] = None, + session: Optional[PipSession] = None, +) -> Optional[ParsedRequirement]: + """Handle a single parsed requirements line; This can result in + creating/yielding requirements, or updating the finder. + + :param line: The parsed line to be processed. + :param options: CLI options. + :param finder: The finder - updated by non-requirement lines. + :param session: The session - updated by non-requirement lines. + + Returns a ParsedRequirement object if the line is a requirement line, + otherwise returns None. + + For lines that contain requirements, the only options that have an effect + are from SUPPORTED_OPTIONS_REQ, and they are scoped to the + requirement. Other options from SUPPORTED_OPTIONS may be present, but are + ignored. + + For lines that do not contain requirements, the only options that have an + effect are from SUPPORTED_OPTIONS. Options from SUPPORTED_OPTIONS_REQ may + be present, but are ignored. These lines may contain multiple options + (although our docs imply only one is supported), and all our parsed and + affect the finder. + """ + + if line.is_requirement: + parsed_req = handle_requirement_line(line, options) + return parsed_req + else: + handle_option_line( + line.opts, + line.filename, + line.lineno, + finder, + options, + session, + ) + return None + + +class RequirementsFileParser: + def __init__( + self, + session: PipSession, + line_parser: LineParser, + ) -> None: + self._session = session + self._line_parser = line_parser + + def parse(self, filename: str, constraint: bool) -> Iterator[ParsedLine]: + """Parse a given file, yielding parsed lines. + """ + yield from self._parse_and_recurse(filename, constraint) + + def _parse_and_recurse( + self, filename: str, constraint: bool + ) -> Iterator[ParsedLine]: + for line in self._parse_file(filename, constraint): + if ( + not line.is_requirement and + (line.opts.requirements or line.opts.constraints) + ): + # parse a nested requirements file + if line.opts.requirements: + req_path = line.opts.requirements[0] + nested_constraint = False + else: + req_path = line.opts.constraints[0] + nested_constraint = True + + # original file is over http + if SCHEME_RE.search(filename): + # do a url join so relative paths work + req_path = urllib.parse.urljoin(filename, req_path) + # original file and nested file are paths + elif not SCHEME_RE.search(req_path): + # do a join so relative paths work + req_path = os.path.join( + os.path.dirname(filename), req_path, + ) + + yield from self._parse_and_recurse(req_path, nested_constraint) + else: + yield line + + def _parse_file(self, filename: str, constraint: bool) -> Iterator[ParsedLine]: + _, content = get_file_content(filename, self._session) + + lines_enum = preprocess(content) + + for line_number, line in lines_enum: + try: + args_str, opts = self._line_parser(line) + except OptionParsingError as e: + # add offending line + msg = f'Invalid requirement: {line}\n{e.msg}' + raise RequirementsFileParseError(msg) + + yield ParsedLine( + filename, + line_number, + args_str, + opts, + constraint, + ) + + +def get_line_parser(finder: Optional["PackageFinder"]) -> LineParser: + def parse_line(line: str) -> Tuple[str, Values]: + # Build new parser for each line since it accumulates appendable + # options. + parser = build_parser() + defaults = parser.get_default_values() + defaults.index_url = None + if finder: + defaults.format_control = finder.format_control + + args_str, options_str = break_args_options(line) + + opts, _ = parser.parse_args(shlex.split(options_str), defaults) + + return args_str, opts + + return parse_line + + +def break_args_options(line: str) -> Tuple[str, str]: + """Break up the line into an args and options string. We only want to shlex + (and then optparse) the options, not the args. args can contain markers + which are corrupted by shlex. + """ + tokens = line.split(' ') + args = [] + options = tokens[:] + for token in tokens: + if token.startswith('-') or token.startswith('--'): + break + else: + args.append(token) + options.pop(0) + return ' '.join(args), ' '.join(options) + + +class OptionParsingError(Exception): + def __init__(self, msg: str) -> None: + self.msg = msg + + +def build_parser() -> optparse.OptionParser: + """ + Return a parser for parsing requirement lines + """ + parser = optparse.OptionParser(add_help_option=False) + + option_factories = SUPPORTED_OPTIONS + SUPPORTED_OPTIONS_REQ + for option_factory in option_factories: + option = option_factory() + parser.add_option(option) + + # By default optparse sys.exits on parsing errors. We want to wrap + # that in our own exception. + def parser_exit(self: Any, msg: str) -> "NoReturn": + raise OptionParsingError(msg) + # NOTE: mypy disallows assigning to a method + # https://github.com/python/mypy/issues/2427 + parser.exit = parser_exit # type: ignore + + return parser + + +def join_lines(lines_enum: ReqFileLines) -> ReqFileLines: + """Joins a line ending in '\' with the previous line (except when following + comments). The joined line takes on the index of the first line. + """ + primary_line_number = None + new_line: List[str] = [] + for line_number, line in lines_enum: + if not line.endswith('\\') or COMMENT_RE.match(line): + if COMMENT_RE.match(line): + # this ensures comments are always matched later + line = ' ' + line + if new_line: + new_line.append(line) + assert primary_line_number is not None + yield primary_line_number, ''.join(new_line) + new_line = [] + else: + yield line_number, line + else: + if not new_line: + primary_line_number = line_number + new_line.append(line.strip('\\')) + + # last line contains \ + if new_line: + assert primary_line_number is not None + yield primary_line_number, ''.join(new_line) + + # TODO: handle space after '\'. + + +def ignore_comments(lines_enum: ReqFileLines) -> ReqFileLines: + """ + Strips comments and filter empty lines. + """ + for line_number, line in lines_enum: + line = COMMENT_RE.sub('', line) + line = line.strip() + if line: + yield line_number, line + + +def expand_env_variables(lines_enum: ReqFileLines) -> ReqFileLines: + """Replace all environment variables that can be retrieved via `os.getenv`. + + The only allowed format for environment variables defined in the + requirement file is `${MY_VARIABLE_1}` to ensure two things: + + 1. Strings that contain a `$` aren't accidentally (partially) expanded. + 2. Ensure consistency across platforms for requirement files. + + These points are the result of a discussion on the `github pull + request #3514 `_. + + Valid characters in variable names follow the `POSIX standard + `_ and are limited + to uppercase letter, digits and the `_` (underscore). + """ + for line_number, line in lines_enum: + for env_var, var_name in ENV_VAR_RE.findall(line): + value = os.getenv(var_name) + if not value: + continue + + line = line.replace(env_var, value) + + yield line_number, line + + +def get_file_content(url: str, session: PipSession) -> Tuple[str, str]: + """Gets the content of a file; it may be a filename, file: URL, or + http: URL. Returns (location, content). Content is unicode. + Respects # -*- coding: declarations on the retrieved files. + + :param url: File path or url. + :param session: PipSession instance. + """ + scheme = get_url_scheme(url) + + # Pip has special support for file:// URLs (LocalFSAdapter). + if scheme in ['http', 'https', 'file']: + resp = session.get(url) + raise_for_status(resp) + return resp.url, resp.text + + # Assume this is a bare path. + try: + with open(url, 'rb') as f: + content = auto_decode(f.read()) + except OSError as exc: + raise InstallationError(f'Could not open requirements file: {exc}') + return url, content diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_install.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_install.py new file mode 100644 index 000000000..4c58cdbdb --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_install.py @@ -0,0 +1,846 @@ +# The following comment should be removed at some point in the future. +# mypy: strict-optional=False + +import logging +import os +import shutil +import sys +import uuid +import zipfile +from typing import Any, Dict, Iterable, List, Optional, Sequence, Union + +from pip._vendor import pkg_resources, six +from pip._vendor.packaging.markers import Marker +from pip._vendor.packaging.requirements import Requirement +from pip._vendor.packaging.specifiers import SpecifierSet +from pip._vendor.packaging.utils import canonicalize_name +from pip._vendor.packaging.version import Version +from pip._vendor.packaging.version import parse as parse_version +from pip._vendor.pep517.wrappers import Pep517HookCaller +from pip._vendor.pkg_resources import Distribution + +from pip._internal.build_env import BuildEnvironment, NoOpBuildEnvironment +from pip._internal.exceptions import InstallationError +from pip._internal.locations import get_scheme +from pip._internal.models.link import Link +from pip._internal.operations.build.metadata import generate_metadata +from pip._internal.operations.build.metadata_legacy import ( + generate_metadata as generate_metadata_legacy, +) +from pip._internal.operations.install.editable_legacy import ( + install_editable as install_editable_legacy, +) +from pip._internal.operations.install.legacy import LegacyInstallFailure +from pip._internal.operations.install.legacy import install as install_legacy +from pip._internal.operations.install.wheel import install_wheel +from pip._internal.pyproject import load_pyproject_toml, make_pyproject_path +from pip._internal.req.req_uninstall import UninstallPathSet +from pip._internal.utils.deprecation import deprecated +from pip._internal.utils.direct_url_helpers import direct_url_from_link +from pip._internal.utils.hashes import Hashes +from pip._internal.utils.logging import indent_log +from pip._internal.utils.misc import ( + ask_path_exists, + backup_dir, + display_path, + dist_in_site_packages, + dist_in_usersite, + get_distribution, + hide_url, + redact_auth_from_url, +) +from pip._internal.utils.packaging import get_metadata +from pip._internal.utils.temp_dir import TempDirectory, tempdir_kinds +from pip._internal.utils.virtualenv import running_under_virtualenv +from pip._internal.vcs import vcs + +logger = logging.getLogger(__name__) + + +def _get_dist(metadata_directory: str) -> Distribution: + """Return a pkg_resources.Distribution for the provided + metadata directory. + """ + dist_dir = metadata_directory.rstrip(os.sep) + + # Build a PathMetadata object, from path to metadata. :wink: + base_dir, dist_dir_name = os.path.split(dist_dir) + metadata = pkg_resources.PathMetadata(base_dir, dist_dir) + + # Determine the correct Distribution object type. + if dist_dir.endswith(".egg-info"): + dist_cls = pkg_resources.Distribution + dist_name = os.path.splitext(dist_dir_name)[0] + else: + assert dist_dir.endswith(".dist-info") + dist_cls = pkg_resources.DistInfoDistribution + dist_name = os.path.splitext(dist_dir_name)[0].split("-")[0] + + return dist_cls( + base_dir, + project_name=dist_name, + metadata=metadata, + ) + + +class InstallRequirement: + """ + Represents something that may be installed later on, may have information + about where to fetch the relevant requirement and also contains logic for + installing the said requirement. + """ + + def __init__( + self, + req: Optional[Requirement], + comes_from: Optional[Union[str, "InstallRequirement"]], + editable: bool = False, + link: Optional[Link] = None, + markers: Optional[Marker] = None, + use_pep517: Optional[bool] = None, + isolated: bool = False, + install_options: Optional[List[str]] = None, + global_options: Optional[List[str]] = None, + hash_options: Optional[Dict[str, List[str]]] = None, + constraint: bool = False, + extras: Iterable[str] = (), + user_supplied: bool = False, + ) -> None: + assert req is None or isinstance(req, Requirement), req + self.req = req + self.comes_from = comes_from + self.constraint = constraint + self.editable = editable + self.legacy_install_reason: Optional[int] = None + + # source_dir is the local directory where the linked requirement is + # located, or unpacked. In case unpacking is needed, creating and + # populating source_dir is done by the RequirementPreparer. Note this + # is not necessarily the directory where pyproject.toml or setup.py is + # located - that one is obtained via unpacked_source_directory. + self.source_dir: Optional[str] = None + if self.editable: + assert link + if link.is_file: + self.source_dir = os.path.normpath( + os.path.abspath(link.file_path) + ) + + if link is None and req and req.url: + # PEP 508 URL requirement + link = Link(req.url) + self.link = self.original_link = link + self.original_link_is_in_wheel_cache = False + + # Path to any downloaded or already-existing package. + self.local_file_path: Optional[str] = None + if self.link and self.link.is_file: + self.local_file_path = self.link.file_path + + if extras: + self.extras = extras + elif req: + self.extras = { + pkg_resources.safe_extra(extra) for extra in req.extras + } + else: + self.extras = set() + if markers is None and req: + markers = req.marker + self.markers = markers + + # This holds the pkg_resources.Distribution object if this requirement + # is already available: + self.satisfied_by: Optional[Distribution] = None + # Whether the installation process should try to uninstall an existing + # distribution before installing this requirement. + self.should_reinstall = False + # Temporary build location + self._temp_build_dir: Optional[TempDirectory] = None + # Set to True after successful installation + self.install_succeeded: Optional[bool] = None + # Supplied options + self.install_options = install_options if install_options else [] + self.global_options = global_options if global_options else [] + self.hash_options = hash_options if hash_options else {} + # Set to True after successful preparation of this requirement + self.prepared = False + # User supplied requirement are explicitly requested for installation + # by the user via CLI arguments or requirements files, as opposed to, + # e.g. dependencies, extras or constraints. + self.user_supplied = user_supplied + + self.isolated = isolated + self.build_env: BuildEnvironment = NoOpBuildEnvironment() + + # For PEP 517, the directory where we request the project metadata + # gets stored. We need this to pass to build_wheel, so the backend + # can ensure that the wheel matches the metadata (see the PEP for + # details). + self.metadata_directory: Optional[str] = None + + # The static build requirements (from pyproject.toml) + self.pyproject_requires: Optional[List[str]] = None + + # Build requirements that we will check are available + self.requirements_to_check: List[str] = [] + + # The PEP 517 backend we should use to build the project + self.pep517_backend: Optional[Pep517HookCaller] = None + + # Are we using PEP 517 for this requirement? + # After pyproject.toml has been loaded, the only valid values are True + # and False. Before loading, None is valid (meaning "use the default"). + # Setting an explicit value before loading pyproject.toml is supported, + # but after loading this flag should be treated as read only. + self.use_pep517 = use_pep517 + + # This requirement needs more preparation before it can be built + self.needs_more_preparation = False + + def __str__(self) -> str: + if self.req: + s = str(self.req) + if self.link: + s += ' from {}'.format(redact_auth_from_url(self.link.url)) + elif self.link: + s = redact_auth_from_url(self.link.url) + else: + s = '' + if self.satisfied_by is not None: + s += ' in {}'.format(display_path(self.satisfied_by.location)) + if self.comes_from: + if isinstance(self.comes_from, str): + comes_from: Optional[str] = self.comes_from + else: + comes_from = self.comes_from.from_path() + if comes_from: + s += f' (from {comes_from})' + return s + + def __repr__(self) -> str: + return '<{} object: {} editable={!r}>'.format( + self.__class__.__name__, str(self), self.editable) + + def format_debug(self) -> str: + """An un-tested helper for getting state, for debugging. + """ + attributes = vars(self) + names = sorted(attributes) + + state = ( + "{}={!r}".format(attr, attributes[attr]) for attr in sorted(names) + ) + return '<{name} object: {{{state}}}>'.format( + name=self.__class__.__name__, + state=", ".join(state), + ) + + # Things that are valid for all kinds of requirements? + @property + def name(self) -> Optional[str]: + if self.req is None: + return None + return pkg_resources.safe_name(self.req.name) + + @property + def specifier(self) -> SpecifierSet: + return self.req.specifier + + @property + def is_pinned(self) -> bool: + """Return whether I am pinned to an exact version. + + For example, some-package==1.2 is pinned; some-package>1.2 is not. + """ + specifiers = self.specifier + return (len(specifiers) == 1 and + next(iter(specifiers)).operator in {'==', '==='}) + + def match_markers(self, extras_requested: Optional[Iterable[str]] = None) -> bool: + if not extras_requested: + # Provide an extra to safely evaluate the markers + # without matching any extra + extras_requested = ('',) + if self.markers is not None: + return any( + self.markers.evaluate({'extra': extra}) + for extra in extras_requested) + else: + return True + + @property + def has_hash_options(self) -> bool: + """Return whether any known-good hashes are specified as options. + + These activate --require-hashes mode; hashes specified as part of a + URL do not. + + """ + return bool(self.hash_options) + + def hashes(self, trust_internet: bool = True) -> Hashes: + """Return a hash-comparer that considers my option- and URL-based + hashes to be known-good. + + Hashes in URLs--ones embedded in the requirements file, not ones + downloaded from an index server--are almost peers with ones from + flags. They satisfy --require-hashes (whether it was implicitly or + explicitly activated) but do not activate it. md5 and sha224 are not + allowed in flags, which should nudge people toward good algos. We + always OR all hashes together, even ones from URLs. + + :param trust_internet: Whether to trust URL-based (#md5=...) hashes + downloaded from the internet, as by populate_link() + + """ + good_hashes = self.hash_options.copy() + link = self.link if trust_internet else self.original_link + if link and link.hash: + good_hashes.setdefault(link.hash_name, []).append(link.hash) + return Hashes(good_hashes) + + def from_path(self) -> Optional[str]: + """Format a nice indicator to show where this "comes from" + """ + if self.req is None: + return None + s = str(self.req) + if self.comes_from: + if isinstance(self.comes_from, str): + comes_from = self.comes_from + else: + comes_from = self.comes_from.from_path() + if comes_from: + s += '->' + comes_from + return s + + def ensure_build_location( + self, build_dir: str, autodelete: bool, parallel_builds: bool + ) -> str: + assert build_dir is not None + if self._temp_build_dir is not None: + assert self._temp_build_dir.path + return self._temp_build_dir.path + if self.req is None: + # Some systems have /tmp as a symlink which confuses custom + # builds (such as numpy). Thus, we ensure that the real path + # is returned. + self._temp_build_dir = TempDirectory( + kind=tempdir_kinds.REQ_BUILD, globally_managed=True + ) + + return self._temp_build_dir.path + + # This is the only remaining place where we manually determine the path + # for the temporary directory. It is only needed for editables where + # it is the value of the --src option. + + # When parallel builds are enabled, add a UUID to the build directory + # name so multiple builds do not interfere with each other. + dir_name: str = canonicalize_name(self.name) + if parallel_builds: + dir_name = f"{dir_name}_{uuid.uuid4().hex}" + + # FIXME: Is there a better place to create the build_dir? (hg and bzr + # need this) + if not os.path.exists(build_dir): + logger.debug('Creating directory %s', build_dir) + os.makedirs(build_dir) + actual_build_dir = os.path.join(build_dir, dir_name) + # `None` indicates that we respect the globally-configured deletion + # settings, which is what we actually want when auto-deleting. + delete_arg = None if autodelete else False + return TempDirectory( + path=actual_build_dir, + delete=delete_arg, + kind=tempdir_kinds.REQ_BUILD, + globally_managed=True, + ).path + + def _set_requirement(self) -> None: + """Set requirement after generating metadata. + """ + assert self.req is None + assert self.metadata is not None + assert self.source_dir is not None + + # Construct a Requirement object from the generated metadata + if isinstance(parse_version(self.metadata["Version"]), Version): + op = "==" + else: + op = "===" + + self.req = Requirement( + "".join([ + self.metadata["Name"], + op, + self.metadata["Version"], + ]) + ) + + def warn_on_mismatching_name(self) -> None: + metadata_name = canonicalize_name(self.metadata["Name"]) + if canonicalize_name(self.req.name) == metadata_name: + # Everything is fine. + return + + # If we're here, there's a mismatch. Log a warning about it. + logger.warning( + 'Generating metadata for package %s ' + 'produced metadata for project name %s. Fix your ' + '#egg=%s fragments.', + self.name, metadata_name, self.name + ) + self.req = Requirement(metadata_name) + + def check_if_exists(self, use_user_site: bool) -> None: + """Find an installed distribution that satisfies or conflicts + with this requirement, and set self.satisfied_by or + self.should_reinstall appropriately. + """ + if self.req is None: + return + existing_dist = get_distribution(self.req.name) + if not existing_dist: + return + + # pkg_resouces may contain a different copy of packaging.version from + # pip in if the downstream distributor does a poor job debundling pip. + # We avoid existing_dist.parsed_version and let SpecifierSet.contains + # parses the version instead. + existing_version = existing_dist.version + version_compatible = ( + existing_version is not None and + self.req.specifier.contains(existing_version, prereleases=True) + ) + if not version_compatible: + self.satisfied_by = None + if use_user_site: + if dist_in_usersite(existing_dist): + self.should_reinstall = True + elif (running_under_virtualenv() and + dist_in_site_packages(existing_dist)): + raise InstallationError( + "Will not install to the user site because it will " + "lack sys.path precedence to {} in {}".format( + existing_dist.project_name, existing_dist.location) + ) + else: + self.should_reinstall = True + else: + if self.editable: + self.should_reinstall = True + # when installing editables, nothing pre-existing should ever + # satisfy + self.satisfied_by = None + else: + self.satisfied_by = existing_dist + + # Things valid for wheels + @property + def is_wheel(self) -> bool: + if not self.link: + return False + return self.link.is_wheel + + # Things valid for sdists + @property + def unpacked_source_directory(self) -> str: + return os.path.join( + self.source_dir, + self.link and self.link.subdirectory_fragment or '') + + @property + def setup_py_path(self) -> str: + assert self.source_dir, f"No source dir for {self}" + setup_py = os.path.join(self.unpacked_source_directory, 'setup.py') + + return setup_py + + @property + def pyproject_toml_path(self) -> str: + assert self.source_dir, f"No source dir for {self}" + return make_pyproject_path(self.unpacked_source_directory) + + def load_pyproject_toml(self) -> None: + """Load the pyproject.toml file. + + After calling this routine, all of the attributes related to PEP 517 + processing for this requirement have been set. In particular, the + use_pep517 attribute can be used to determine whether we should + follow the PEP 517 or legacy (setup.py) code path. + """ + pyproject_toml_data = load_pyproject_toml( + self.use_pep517, + self.pyproject_toml_path, + self.setup_py_path, + str(self) + ) + + if pyproject_toml_data is None: + self.use_pep517 = False + return + + self.use_pep517 = True + requires, backend, check, backend_path = pyproject_toml_data + self.requirements_to_check = check + self.pyproject_requires = requires + self.pep517_backend = Pep517HookCaller( + self.unpacked_source_directory, backend, backend_path=backend_path, + ) + + def _generate_metadata(self) -> str: + """Invokes metadata generator functions, with the required arguments. + """ + if not self.use_pep517: + assert self.unpacked_source_directory + + if not os.path.exists(self.setup_py_path): + raise InstallationError( + f'File "setup.py" not found for legacy project {self}.' + ) + + return generate_metadata_legacy( + build_env=self.build_env, + setup_py_path=self.setup_py_path, + source_dir=self.unpacked_source_directory, + isolated=self.isolated, + details=self.name or f"from {self.link}" + ) + + assert self.pep517_backend is not None + + return generate_metadata( + build_env=self.build_env, + backend=self.pep517_backend, + ) + + def prepare_metadata(self) -> None: + """Ensure that project metadata is available. + + Under PEP 517, call the backend hook to prepare the metadata. + Under legacy processing, call setup.py egg-info. + """ + assert self.source_dir + + with indent_log(): + self.metadata_directory = self._generate_metadata() + + # Act on the newly generated metadata, based on the name and version. + if not self.name: + self._set_requirement() + else: + self.warn_on_mismatching_name() + + self.assert_source_matches_version() + + @property + def metadata(self) -> Any: + if not hasattr(self, '_metadata'): + self._metadata = get_metadata(self.get_dist()) + + return self._metadata + + def get_dist(self) -> Distribution: + return _get_dist(self.metadata_directory) + + def assert_source_matches_version(self) -> None: + assert self.source_dir + version = self.metadata['version'] + if self.req.specifier and version not in self.req.specifier: + logger.warning( + 'Requested %s, but installing version %s', + self, + version, + ) + else: + logger.debug( + 'Source in %s has version %s, which satisfies requirement %s', + display_path(self.source_dir), + version, + self, + ) + + # For both source distributions and editables + def ensure_has_source_dir( + self, + parent_dir: str, + autodelete: bool = False, + parallel_builds: bool = False, + ) -> None: + """Ensure that a source_dir is set. + + This will create a temporary build dir if the name of the requirement + isn't known yet. + + :param parent_dir: The ideal pip parent_dir for the source_dir. + Generally src_dir for editables and build_dir for sdists. + :return: self.source_dir + """ + if self.source_dir is None: + self.source_dir = self.ensure_build_location( + parent_dir, + autodelete=autodelete, + parallel_builds=parallel_builds, + ) + + # For editable installations + def update_editable(self) -> None: + if not self.link: + logger.debug( + "Cannot update repository at %s; repository location is " + "unknown", + self.source_dir, + ) + return + assert self.editable + assert self.source_dir + if self.link.scheme == 'file': + # Static paths don't get updated + return + vcs_backend = vcs.get_backend_for_scheme(self.link.scheme) + # Editable requirements are validated in Requirement constructors. + # So here, if it's neither a path nor a valid VCS URL, it's a bug. + assert vcs_backend, f"Unsupported VCS URL {self.link.url}" + hidden_url = hide_url(self.link.url) + vcs_backend.obtain(self.source_dir, url=hidden_url) + + # Top-level Actions + def uninstall( + self, auto_confirm: bool = False, verbose: bool = False + ) -> Optional[UninstallPathSet]: + """ + Uninstall the distribution currently satisfying this requirement. + + Prompts before removing or modifying files unless + ``auto_confirm`` is True. + + Refuses to delete or modify files outside of ``sys.prefix`` - + thus uninstallation within a virtual environment can only + modify that virtual environment, even if the virtualenv is + linked to global site-packages. + + """ + assert self.req + dist = get_distribution(self.req.name) + if not dist: + logger.warning("Skipping %s as it is not installed.", self.name) + return None + logger.info('Found existing installation: %s', dist) + + uninstalled_pathset = UninstallPathSet.from_dist(dist) + uninstalled_pathset.remove(auto_confirm, verbose) + return uninstalled_pathset + + def _get_archive_name(self, path: str, parentdir: str, rootdir: str) -> str: + + def _clean_zip_name(name: str, prefix: str) -> str: + assert name.startswith(prefix + os.path.sep), ( + f"name {name!r} doesn't start with prefix {prefix!r}" + ) + name = name[len(prefix) + 1:] + name = name.replace(os.path.sep, '/') + return name + + path = os.path.join(parentdir, path) + name = _clean_zip_name(path, rootdir) + return self.name + '/' + name + + def archive(self, build_dir: Optional[str]) -> None: + """Saves archive to provided build_dir. + + Used for saving downloaded VCS requirements as part of `pip download`. + """ + assert self.source_dir + if build_dir is None: + return + + create_archive = True + archive_name = '{}-{}.zip'.format(self.name, self.metadata["version"]) + archive_path = os.path.join(build_dir, archive_name) + + if os.path.exists(archive_path): + response = ask_path_exists( + 'The file {} exists. (i)gnore, (w)ipe, ' + '(b)ackup, (a)bort '.format( + display_path(archive_path)), + ('i', 'w', 'b', 'a')) + if response == 'i': + create_archive = False + elif response == 'w': + logger.warning('Deleting %s', display_path(archive_path)) + os.remove(archive_path) + elif response == 'b': + dest_file = backup_dir(archive_path) + logger.warning( + 'Backing up %s to %s', + display_path(archive_path), + display_path(dest_file), + ) + shutil.move(archive_path, dest_file) + elif response == 'a': + sys.exit(-1) + + if not create_archive: + return + + zip_output = zipfile.ZipFile( + archive_path, 'w', zipfile.ZIP_DEFLATED, allowZip64=True, + ) + with zip_output: + dir = os.path.normcase( + os.path.abspath(self.unpacked_source_directory) + ) + for dirpath, dirnames, filenames in os.walk(dir): + for dirname in dirnames: + dir_arcname = self._get_archive_name( + dirname, parentdir=dirpath, rootdir=dir, + ) + zipdir = zipfile.ZipInfo(dir_arcname + '/') + zipdir.external_attr = 0x1ED << 16 # 0o755 + zip_output.writestr(zipdir, '') + for filename in filenames: + file_arcname = self._get_archive_name( + filename, parentdir=dirpath, rootdir=dir, + ) + filename = os.path.join(dirpath, filename) + zip_output.write(filename, file_arcname) + + logger.info('Saved %s', display_path(archive_path)) + + def install( + self, + install_options: List[str], + global_options: Optional[Sequence[str]] = None, + root: Optional[str] = None, + home: Optional[str] = None, + prefix: Optional[str] = None, + warn_script_location: bool = True, + use_user_site: bool = False, + pycompile: bool = True + ) -> None: + scheme = get_scheme( + self.name, + user=use_user_site, + home=home, + root=root, + isolated=self.isolated, + prefix=prefix, + ) + + global_options = global_options if global_options is not None else [] + if self.editable: + install_editable_legacy( + install_options, + global_options, + prefix=prefix, + home=home, + use_user_site=use_user_site, + name=self.name, + setup_py_path=self.setup_py_path, + isolated=self.isolated, + build_env=self.build_env, + unpacked_source_directory=self.unpacked_source_directory, + ) + self.install_succeeded = True + return + + if self.is_wheel: + assert self.local_file_path + direct_url = None + if self.original_link: + direct_url = direct_url_from_link( + self.original_link, + self.source_dir, + self.original_link_is_in_wheel_cache, + ) + install_wheel( + self.name, + self.local_file_path, + scheme=scheme, + req_description=str(self.req), + pycompile=pycompile, + warn_script_location=warn_script_location, + direct_url=direct_url, + requested=self.user_supplied, + ) + self.install_succeeded = True + return + + # TODO: Why don't we do this for editable installs? + + # Extend the list of global and install options passed on to + # the setup.py call with the ones from the requirements file. + # Options specified in requirements file override those + # specified on the command line, since the last option given + # to setup.py is the one that is used. + global_options = list(global_options) + self.global_options + install_options = list(install_options) + self.install_options + + try: + success = install_legacy( + install_options=install_options, + global_options=global_options, + root=root, + home=home, + prefix=prefix, + use_user_site=use_user_site, + pycompile=pycompile, + scheme=scheme, + setup_py_path=self.setup_py_path, + isolated=self.isolated, + req_name=self.name, + build_env=self.build_env, + unpacked_source_directory=self.unpacked_source_directory, + req_description=str(self.req), + ) + except LegacyInstallFailure as exc: + self.install_succeeded = False + six.reraise(*exc.parent) + except Exception: + self.install_succeeded = True + raise + + self.install_succeeded = success + + if success and self.legacy_install_reason == 8368: + deprecated( + reason=( + "{} was installed using the legacy 'setup.py install' " + "method, because a wheel could not be built for it.". + format(self.name) + ), + replacement="to fix the wheel build issue reported above", + gone_in=None, + issue=8368, + ) + + +def check_invalid_constraint_type(req: InstallRequirement) -> str: + + # Check for unsupported forms + problem = "" + if not req.name: + problem = "Unnamed requirements are not allowed as constraints" + elif req.editable: + problem = "Editable requirements are not allowed as constraints" + elif req.extras: + problem = "Constraints cannot have extras" + + if problem: + deprecated( + reason=( + "Constraints are only allowed to take the form of a package " + "name and a version specifier. Other forms were originally " + "permitted as an accident of the implementation, but were " + "undocumented. The new implementation of the resolver no " + "longer supports these forms." + ), + replacement="replacing the constraint with a requirement", + # No plan yet for when the new resolver becomes default + gone_in=None, + issue=8210, + ) + + return problem diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_set.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_set.py new file mode 100644 index 000000000..39a2b01cd --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_set.py @@ -0,0 +1,190 @@ +import logging +from collections import OrderedDict +from typing import Dict, Iterable, List, Optional, Tuple + +from pip._vendor.packaging.utils import canonicalize_name + +from pip._internal.exceptions import InstallationError +from pip._internal.models.wheel import Wheel +from pip._internal.req.req_install import InstallRequirement +from pip._internal.utils import compatibility_tags + +logger = logging.getLogger(__name__) + + +class RequirementSet: + + def __init__(self, check_supported_wheels: bool = True) -> None: + """Create a RequirementSet. + """ + + self.requirements: Dict[str, InstallRequirement] = OrderedDict() + self.check_supported_wheels = check_supported_wheels + + self.unnamed_requirements: List[InstallRequirement] = [] + + def __str__(self) -> str: + requirements = sorted( + (req for req in self.requirements.values() if not req.comes_from), + key=lambda req: canonicalize_name(req.name or ""), + ) + return ' '.join(str(req.req) for req in requirements) + + def __repr__(self) -> str: + requirements = sorted( + self.requirements.values(), + key=lambda req: canonicalize_name(req.name or ""), + ) + + format_string = '<{classname} object; {count} requirement(s): {reqs}>' + return format_string.format( + classname=self.__class__.__name__, + count=len(requirements), + reqs=', '.join(str(req.req) for req in requirements), + ) + + def add_unnamed_requirement(self, install_req: InstallRequirement) -> None: + assert not install_req.name + self.unnamed_requirements.append(install_req) + + def add_named_requirement(self, install_req: InstallRequirement) -> None: + assert install_req.name + + project_name = canonicalize_name(install_req.name) + self.requirements[project_name] = install_req + + def add_requirement( + self, + install_req: InstallRequirement, + parent_req_name: Optional[str] = None, + extras_requested: Optional[Iterable[str]] = None + ) -> Tuple[List[InstallRequirement], Optional[InstallRequirement]]: + """Add install_req as a requirement to install. + + :param parent_req_name: The name of the requirement that needed this + added. The name is used because when multiple unnamed requirements + resolve to the same name, we could otherwise end up with dependency + links that point outside the Requirements set. parent_req must + already be added. Note that None implies that this is a user + supplied requirement, vs an inferred one. + :param extras_requested: an iterable of extras used to evaluate the + environment markers. + :return: Additional requirements to scan. That is either [] if + the requirement is not applicable, or [install_req] if the + requirement is applicable and has just been added. + """ + # If the markers do not match, ignore this requirement. + if not install_req.match_markers(extras_requested): + logger.info( + "Ignoring %s: markers '%s' don't match your environment", + install_req.name, install_req.markers, + ) + return [], None + + # If the wheel is not supported, raise an error. + # Should check this after filtering out based on environment markers to + # allow specifying different wheels based on the environment/OS, in a + # single requirements file. + if install_req.link and install_req.link.is_wheel: + wheel = Wheel(install_req.link.filename) + tags = compatibility_tags.get_supported() + if (self.check_supported_wheels and not wheel.supported(tags)): + raise InstallationError( + "{} is not a supported wheel on this platform.".format( + wheel.filename) + ) + + # This next bit is really a sanity check. + assert not install_req.user_supplied or parent_req_name is None, ( + "a user supplied req shouldn't have a parent" + ) + + # Unnamed requirements are scanned again and the requirement won't be + # added as a dependency until after scanning. + if not install_req.name: + self.add_unnamed_requirement(install_req) + return [install_req], None + + try: + existing_req: Optional[InstallRequirement] = self.get_requirement( + install_req.name) + except KeyError: + existing_req = None + + has_conflicting_requirement = ( + parent_req_name is None and + existing_req and + not existing_req.constraint and + existing_req.extras == install_req.extras and + existing_req.req and + install_req.req and + existing_req.req.specifier != install_req.req.specifier + ) + if has_conflicting_requirement: + raise InstallationError( + "Double requirement given: {} (already in {}, name={!r})" + .format(install_req, existing_req, install_req.name) + ) + + # When no existing requirement exists, add the requirement as a + # dependency and it will be scanned again after. + if not existing_req: + self.add_named_requirement(install_req) + # We'd want to rescan this requirement later + return [install_req], install_req + + # Assume there's no need to scan, and that we've already + # encountered this for scanning. + if install_req.constraint or not existing_req.constraint: + return [], existing_req + + does_not_satisfy_constraint = ( + install_req.link and + not ( + existing_req.link and + install_req.link.path == existing_req.link.path + ) + ) + if does_not_satisfy_constraint: + raise InstallationError( + "Could not satisfy constraints for '{}': " + "installation from path or url cannot be " + "constrained to a version".format(install_req.name) + ) + # If we're now installing a constraint, mark the existing + # object for real installation. + existing_req.constraint = False + # If we're now installing a user supplied requirement, + # mark the existing object as such. + if install_req.user_supplied: + existing_req.user_supplied = True + existing_req.extras = tuple(sorted( + set(existing_req.extras) | set(install_req.extras) + )) + logger.debug( + "Setting %s extras to: %s", + existing_req, existing_req.extras, + ) + # Return the existing requirement for addition to the parent and + # scanning again. + return [existing_req], existing_req + + def has_requirement(self, name: str) -> bool: + project_name = canonicalize_name(name) + + return ( + project_name in self.requirements and + not self.requirements[project_name].constraint + ) + + def get_requirement(self, name: str) -> InstallRequirement: + project_name = canonicalize_name(name) + + if project_name in self.requirements: + return self.requirements[project_name] + + raise KeyError(f"No project with the name {name!r}") + + @property + def all_requirements(self) -> List[InstallRequirement]: + return self.unnamed_requirements + list(self.requirements.values()) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_tracker.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_tracker.py new file mode 100644 index 000000000..27c6baf43 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_tracker.py @@ -0,0 +1,130 @@ +import contextlib +import hashlib +import logging +import os +from types import TracebackType +from typing import Dict, Iterator, Optional, Set, Type, Union + +from pip._internal.models.link import Link +from pip._internal.req.req_install import InstallRequirement +from pip._internal.utils.temp_dir import TempDirectory + +logger = logging.getLogger(__name__) + + +@contextlib.contextmanager +def update_env_context_manager(**changes: str) -> Iterator[None]: + target = os.environ + + # Save values from the target and change them. + non_existent_marker = object() + saved_values: Dict[str, Union[object, str]] = {} + for name, new_value in changes.items(): + try: + saved_values[name] = target[name] + except KeyError: + saved_values[name] = non_existent_marker + target[name] = new_value + + try: + yield + finally: + # Restore original values in the target. + for name, original_value in saved_values.items(): + if original_value is non_existent_marker: + del target[name] + else: + assert isinstance(original_value, str) # for mypy + target[name] = original_value + + +@contextlib.contextmanager +def get_requirement_tracker() -> Iterator["RequirementTracker"]: + root = os.environ.get('PIP_REQ_TRACKER') + with contextlib.ExitStack() as ctx: + if root is None: + root = ctx.enter_context( + TempDirectory(kind='req-tracker') + ).path + ctx.enter_context(update_env_context_manager(PIP_REQ_TRACKER=root)) + logger.debug("Initialized build tracking at %s", root) + + with RequirementTracker(root) as tracker: + yield tracker + + +class RequirementTracker: + + def __init__(self, root: str) -> None: + self._root = root + self._entries: Set[InstallRequirement] = set() + logger.debug("Created build tracker: %s", self._root) + + def __enter__(self) -> "RequirementTracker": + logger.debug("Entered build tracker: %s", self._root) + return self + + def __exit__( + self, + exc_type: Optional[Type[BaseException]], + exc_val: Optional[BaseException], + exc_tb: Optional[TracebackType] + ) -> None: + self.cleanup() + + def _entry_path(self, link: Link) -> str: + hashed = hashlib.sha224(link.url_without_fragment.encode()).hexdigest() + return os.path.join(self._root, hashed) + + def add(self, req: InstallRequirement) -> None: + """Add an InstallRequirement to build tracking. + """ + + assert req.link + # Get the file to write information about this requirement. + entry_path = self._entry_path(req.link) + + # Try reading from the file. If it exists and can be read from, a build + # is already in progress, so a LookupError is raised. + try: + with open(entry_path) as fp: + contents = fp.read() + except FileNotFoundError: + pass + else: + message = '{} is already being built: {}'.format( + req.link, contents) + raise LookupError(message) + + # If we're here, req should really not be building already. + assert req not in self._entries + + # Start tracking this requirement. + with open(entry_path, 'w', encoding="utf-8") as fp: + fp.write(str(req)) + self._entries.add(req) + + logger.debug('Added %s to build tracker %r', req, self._root) + + def remove(self, req: InstallRequirement) -> None: + """Remove an InstallRequirement from build tracking. + """ + + assert req.link + # Delete the created file and the corresponding entries. + os.unlink(self._entry_path(req.link)) + self._entries.remove(req) + + logger.debug('Removed %s from build tracker %r', req, self._root) + + def cleanup(self) -> None: + for req in set(self._entries): + self.remove(req) + + logger.debug("Removed build tracker: %r", self._root) + + @contextlib.contextmanager + def track(self, req: InstallRequirement) -> Iterator[None]: + self.add(req) + yield + self.remove(req) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_uninstall.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_uninstall.py new file mode 100644 index 000000000..0c51c8467 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/req/req_uninstall.py @@ -0,0 +1,629 @@ +import csv +import functools +import os +import sys +import sysconfig +from importlib.util import cache_from_source +from typing import Any, Callable, Dict, Iterable, Iterator, List, Optional, Set, Tuple + +from pip._vendor import pkg_resources +from pip._vendor.pkg_resources import Distribution + +from pip._internal.exceptions import UninstallationError +from pip._internal.locations import get_bin_prefix, get_bin_user +from pip._internal.utils.compat import WINDOWS +from pip._internal.utils.logging import getLogger, indent_log +from pip._internal.utils.misc import ( + ask, + dist_in_usersite, + dist_is_local, + egg_link_path, + is_local, + normalize_path, + renames, + rmtree, +) +from pip._internal.utils.temp_dir import AdjacentTempDirectory, TempDirectory + +logger = getLogger(__name__) + + +def _script_names(dist: Distribution, script_name: str, is_gui: bool) -> List[str]: + """Create the fully qualified name of the files created by + {console,gui}_scripts for the given ``dist``. + Returns the list of file names + """ + if dist_in_usersite(dist): + bin_dir = get_bin_user() + else: + bin_dir = get_bin_prefix() + exe_name = os.path.join(bin_dir, script_name) + paths_to_remove = [exe_name] + if WINDOWS: + paths_to_remove.append(exe_name + '.exe') + paths_to_remove.append(exe_name + '.exe.manifest') + if is_gui: + paths_to_remove.append(exe_name + '-script.pyw') + else: + paths_to_remove.append(exe_name + '-script.py') + return paths_to_remove + + +def _unique(fn: Callable[..., Iterator[Any]]) -> Callable[..., Iterator[Any]]: + @functools.wraps(fn) + def unique(*args: Any, **kw: Any) -> Iterator[Any]: + seen: Set[Any] = set() + for item in fn(*args, **kw): + if item not in seen: + seen.add(item) + yield item + return unique + + +@_unique +def uninstallation_paths(dist: Distribution) -> Iterator[str]: + """ + Yield all the uninstallation paths for dist based on RECORD-without-.py[co] + + Yield paths to all the files in RECORD. For each .py file in RECORD, add + the .pyc and .pyo in the same directory. + + UninstallPathSet.add() takes care of the __pycache__ .py[co]. + + If RECORD is not found, raises UninstallationError, + with possible information from the INSTALLER file. + + https://packaging.python.org/specifications/recording-installed-packages/ + """ + try: + r = csv.reader(dist.get_metadata_lines('RECORD')) + except FileNotFoundError as missing_record_exception: + msg = 'Cannot uninstall {dist}, RECORD file not found.'.format(dist=dist) + try: + installer = next(dist.get_metadata_lines('INSTALLER')) + if not installer or installer == 'pip': + raise ValueError() + except (OSError, StopIteration, ValueError): + dep = '{}=={}'.format(dist.project_name, dist.version) + msg += (" You might be able to recover from this via: " + "'pip install --force-reinstall --no-deps {}'.".format(dep)) + else: + msg += ' Hint: The package was installed by {}.'.format(installer) + raise UninstallationError(msg) from missing_record_exception + for row in r: + path = os.path.join(dist.location, row[0]) + yield path + if path.endswith('.py'): + dn, fn = os.path.split(path) + base = fn[:-3] + path = os.path.join(dn, base + '.pyc') + yield path + path = os.path.join(dn, base + '.pyo') + yield path + + +def compact(paths: Iterable[str]) -> Set[str]: + """Compact a path set to contain the minimal number of paths + necessary to contain all paths in the set. If /a/path/ and + /a/path/to/a/file.txt are both in the set, leave only the + shorter path.""" + + sep = os.path.sep + short_paths: Set[str] = set() + for path in sorted(paths, key=len): + should_skip = any( + path.startswith(shortpath.rstrip("*")) and + path[len(shortpath.rstrip("*").rstrip(sep))] == sep + for shortpath in short_paths + ) + if not should_skip: + short_paths.add(path) + return short_paths + + +def compress_for_rename(paths: Iterable[str]) -> Set[str]: + """Returns a set containing the paths that need to be renamed. + + This set may include directories when the original sequence of paths + included every file on disk. + """ + case_map = {os.path.normcase(p): p for p in paths} + remaining = set(case_map) + unchecked = sorted({os.path.split(p)[0] for p in case_map.values()}, key=len) + wildcards: Set[str] = set() + + def norm_join(*a: str) -> str: + return os.path.normcase(os.path.join(*a)) + + for root in unchecked: + if any(os.path.normcase(root).startswith(w) + for w in wildcards): + # This directory has already been handled. + continue + + all_files: Set[str] = set() + all_subdirs: Set[str] = set() + for dirname, subdirs, files in os.walk(root): + all_subdirs.update(norm_join(root, dirname, d) + for d in subdirs) + all_files.update(norm_join(root, dirname, f) + for f in files) + # If all the files we found are in our remaining set of files to + # remove, then remove them from the latter set and add a wildcard + # for the directory. + if not (all_files - remaining): + remaining.difference_update(all_files) + wildcards.add(root + os.sep) + + return set(map(case_map.__getitem__, remaining)) | wildcards + + +def compress_for_output_listing(paths: Iterable[str]) -> Tuple[Set[str], Set[str]]: + """Returns a tuple of 2 sets of which paths to display to user + + The first set contains paths that would be deleted. Files of a package + are not added and the top-level directory of the package has a '*' added + at the end - to signify that all it's contents are removed. + + The second set contains files that would have been skipped in the above + folders. + """ + + will_remove = set(paths) + will_skip = set() + + # Determine folders and files + folders = set() + files = set() + for path in will_remove: + if path.endswith(".pyc"): + continue + if path.endswith("__init__.py") or ".dist-info" in path: + folders.add(os.path.dirname(path)) + files.add(path) + + # probably this one https://github.com/python/mypy/issues/390 + _normcased_files = set(map(os.path.normcase, files)) # type: ignore + + folders = compact(folders) + + # This walks the tree using os.walk to not miss extra folders + # that might get added. + for folder in folders: + for dirpath, _, dirfiles in os.walk(folder): + for fname in dirfiles: + if fname.endswith(".pyc"): + continue + + file_ = os.path.join(dirpath, fname) + if (os.path.isfile(file_) and + os.path.normcase(file_) not in _normcased_files): + # We are skipping this file. Add it to the set. + will_skip.add(file_) + + will_remove = files | { + os.path.join(folder, "*") for folder in folders + } + + return will_remove, will_skip + + +class StashedUninstallPathSet: + """A set of file rename operations to stash files while + tentatively uninstalling them.""" + def __init__(self) -> None: + # Mapping from source file root to [Adjacent]TempDirectory + # for files under that directory. + self._save_dirs: Dict[str, TempDirectory] = {} + # (old path, new path) tuples for each move that may need + # to be undone. + self._moves: List[Tuple[str, str]] = [] + + def _get_directory_stash(self, path: str) -> str: + """Stashes a directory. + + Directories are stashed adjacent to their original location if + possible, or else moved/copied into the user's temp dir.""" + + try: + save_dir: TempDirectory = AdjacentTempDirectory(path) + except OSError: + save_dir = TempDirectory(kind="uninstall") + self._save_dirs[os.path.normcase(path)] = save_dir + + return save_dir.path + + def _get_file_stash(self, path: str) -> str: + """Stashes a file. + + If no root has been provided, one will be created for the directory + in the user's temp directory.""" + path = os.path.normcase(path) + head, old_head = os.path.dirname(path), None + save_dir = None + + while head != old_head: + try: + save_dir = self._save_dirs[head] + break + except KeyError: + pass + head, old_head = os.path.dirname(head), head + else: + # Did not find any suitable root + head = os.path.dirname(path) + save_dir = TempDirectory(kind='uninstall') + self._save_dirs[head] = save_dir + + relpath = os.path.relpath(path, head) + if relpath and relpath != os.path.curdir: + return os.path.join(save_dir.path, relpath) + return save_dir.path + + def stash(self, path: str) -> str: + """Stashes the directory or file and returns its new location. + Handle symlinks as files to avoid modifying the symlink targets. + """ + path_is_dir = os.path.isdir(path) and not os.path.islink(path) + if path_is_dir: + new_path = self._get_directory_stash(path) + else: + new_path = self._get_file_stash(path) + + self._moves.append((path, new_path)) + if (path_is_dir and os.path.isdir(new_path)): + # If we're moving a directory, we need to + # remove the destination first or else it will be + # moved to inside the existing directory. + # We just created new_path ourselves, so it will + # be removable. + os.rmdir(new_path) + renames(path, new_path) + return new_path + + def commit(self) -> None: + """Commits the uninstall by removing stashed files.""" + for _, save_dir in self._save_dirs.items(): + save_dir.cleanup() + self._moves = [] + self._save_dirs = {} + + def rollback(self) -> None: + """Undoes the uninstall by moving stashed files back.""" + for p in self._moves: + logger.info("Moving to %s\n from %s", *p) + + for new_path, path in self._moves: + try: + logger.debug('Replacing %s from %s', new_path, path) + if os.path.isfile(new_path) or os.path.islink(new_path): + os.unlink(new_path) + elif os.path.isdir(new_path): + rmtree(new_path) + renames(path, new_path) + except OSError as ex: + logger.error("Failed to restore %s", new_path) + logger.debug("Exception: %s", ex) + + self.commit() + + @property + def can_rollback(self) -> bool: + return bool(self._moves) + + +class UninstallPathSet: + """A set of file paths to be removed in the uninstallation of a + requirement.""" + def __init__(self, dist: Distribution) -> None: + self.paths: Set[str] = set() + self._refuse: Set[str] = set() + self.pth: Dict[str, UninstallPthEntries] = {} + self.dist = dist + self._moved_paths = StashedUninstallPathSet() + + def _permitted(self, path: str) -> bool: + """ + Return True if the given path is one we are permitted to + remove/modify, False otherwise. + + """ + return is_local(path) + + def add(self, path: str) -> None: + head, tail = os.path.split(path) + + # we normalize the head to resolve parent directory symlinks, but not + # the tail, since we only want to uninstall symlinks, not their targets + path = os.path.join(normalize_path(head), os.path.normcase(tail)) + + if not os.path.exists(path): + return + if self._permitted(path): + self.paths.add(path) + else: + self._refuse.add(path) + + # __pycache__ files can show up after 'installed-files.txt' is created, + # due to imports + if os.path.splitext(path)[1] == '.py': + self.add(cache_from_source(path)) + + def add_pth(self, pth_file: str, entry: str) -> None: + pth_file = normalize_path(pth_file) + if self._permitted(pth_file): + if pth_file not in self.pth: + self.pth[pth_file] = UninstallPthEntries(pth_file) + self.pth[pth_file].add(entry) + else: + self._refuse.add(pth_file) + + def remove(self, auto_confirm: bool = False, verbose: bool = False) -> None: + """Remove paths in ``self.paths`` with confirmation (unless + ``auto_confirm`` is True).""" + + if not self.paths: + logger.info( + "Can't uninstall '%s'. No files were found to uninstall.", + self.dist.project_name, + ) + return + + dist_name_version = ( + self.dist.project_name + "-" + self.dist.version + ) + logger.info('Uninstalling %s:', dist_name_version) + + with indent_log(): + if auto_confirm or self._allowed_to_proceed(verbose): + moved = self._moved_paths + + for_rename = compress_for_rename(self.paths) + + for path in sorted(compact(for_rename)): + moved.stash(path) + logger.verbose('Removing file or directory %s', path) + + for pth in self.pth.values(): + pth.remove() + + logger.info('Successfully uninstalled %s', dist_name_version) + + def _allowed_to_proceed(self, verbose: bool) -> bool: + """Display which files would be deleted and prompt for confirmation + """ + + def _display(msg: str, paths: Iterable[str]) -> None: + if not paths: + return + + logger.info(msg) + with indent_log(): + for path in sorted(compact(paths)): + logger.info(path) + + if not verbose: + will_remove, will_skip = compress_for_output_listing(self.paths) + else: + # In verbose mode, display all the files that are going to be + # deleted. + will_remove = set(self.paths) + will_skip = set() + + _display('Would remove:', will_remove) + _display('Would not remove (might be manually added):', will_skip) + _display('Would not remove (outside of prefix):', self._refuse) + if verbose: + _display('Will actually move:', compress_for_rename(self.paths)) + + return ask('Proceed (Y/n)? ', ('y', 'n', '')) != 'n' + + def rollback(self) -> None: + """Rollback the changes previously made by remove().""" + if not self._moved_paths.can_rollback: + logger.error( + "Can't roll back %s; was not uninstalled", + self.dist.project_name, + ) + return + logger.info('Rolling back uninstall of %s', self.dist.project_name) + self._moved_paths.rollback() + for pth in self.pth.values(): + pth.rollback() + + def commit(self) -> None: + """Remove temporary save dir: rollback will no longer be possible.""" + self._moved_paths.commit() + + @classmethod + def from_dist(cls, dist: Distribution) -> "UninstallPathSet": + dist_path = normalize_path(dist.location) + if not dist_is_local(dist): + logger.info( + "Not uninstalling %s at %s, outside environment %s", + dist.key, + dist_path, + sys.prefix, + ) + return cls(dist) + + if dist_path in {p for p in {sysconfig.get_path("stdlib"), + sysconfig.get_path("platstdlib")} + if p}: + logger.info( + "Not uninstalling %s at %s, as it is in the standard library.", + dist.key, + dist_path, + ) + return cls(dist) + + paths_to_remove = cls(dist) + develop_egg_link = egg_link_path(dist) + develop_egg_link_egg_info = '{}.egg-info'.format( + pkg_resources.to_filename(dist.project_name)) + egg_info_exists = dist.egg_info and os.path.exists(dist.egg_info) + # Special case for distutils installed package + distutils_egg_info = getattr(dist._provider, 'path', None) + + # Uninstall cases order do matter as in the case of 2 installs of the + # same package, pip needs to uninstall the currently detected version + if (egg_info_exists and dist.egg_info.endswith('.egg-info') and + not dist.egg_info.endswith(develop_egg_link_egg_info)): + # if dist.egg_info.endswith(develop_egg_link_egg_info), we + # are in fact in the develop_egg_link case + paths_to_remove.add(dist.egg_info) + if dist.has_metadata('installed-files.txt'): + for installed_file in dist.get_metadata( + 'installed-files.txt').splitlines(): + path = os.path.normpath( + os.path.join(dist.egg_info, installed_file) + ) + paths_to_remove.add(path) + # FIXME: need a test for this elif block + # occurs with --single-version-externally-managed/--record outside + # of pip + elif dist.has_metadata('top_level.txt'): + if dist.has_metadata('namespace_packages.txt'): + namespaces = dist.get_metadata('namespace_packages.txt') + else: + namespaces = [] + for top_level_pkg in [ + p for p + in dist.get_metadata('top_level.txt').splitlines() + if p and p not in namespaces]: + path = os.path.join(dist.location, top_level_pkg) + paths_to_remove.add(path) + paths_to_remove.add(path + '.py') + paths_to_remove.add(path + '.pyc') + paths_to_remove.add(path + '.pyo') + + elif distutils_egg_info: + raise UninstallationError( + "Cannot uninstall {!r}. It is a distutils installed project " + "and thus we cannot accurately determine which files belong " + "to it which would lead to only a partial uninstall.".format( + dist.project_name, + ) + ) + + elif dist.location.endswith('.egg'): + # package installed by easy_install + # We cannot match on dist.egg_name because it can slightly vary + # i.e. setuptools-0.6c11-py2.6.egg vs setuptools-0.6rc11-py2.6.egg + paths_to_remove.add(dist.location) + easy_install_egg = os.path.split(dist.location)[1] + easy_install_pth = os.path.join(os.path.dirname(dist.location), + 'easy-install.pth') + paths_to_remove.add_pth(easy_install_pth, './' + easy_install_egg) + + elif egg_info_exists and dist.egg_info.endswith('.dist-info'): + for path in uninstallation_paths(dist): + paths_to_remove.add(path) + + elif develop_egg_link: + # develop egg + with open(develop_egg_link) as fh: + link_pointer = os.path.normcase(fh.readline().strip()) + assert (link_pointer == dist.location), ( + 'Egg-link {} does not match installed location of {} ' + '(at {})'.format( + link_pointer, dist.project_name, dist.location) + ) + paths_to_remove.add(develop_egg_link) + easy_install_pth = os.path.join(os.path.dirname(develop_egg_link), + 'easy-install.pth') + paths_to_remove.add_pth(easy_install_pth, dist.location) + + else: + logger.debug( + 'Not sure how to uninstall: %s - Check: %s', + dist, dist.location, + ) + + # find distutils scripts= scripts + if dist.has_metadata('scripts') and dist.metadata_isdir('scripts'): + for script in dist.metadata_listdir('scripts'): + if dist_in_usersite(dist): + bin_dir = get_bin_user() + else: + bin_dir = get_bin_prefix() + paths_to_remove.add(os.path.join(bin_dir, script)) + if WINDOWS: + paths_to_remove.add(os.path.join(bin_dir, script) + '.bat') + + # find console_scripts + _scripts_to_remove = [] + console_scripts = dist.get_entry_map(group='console_scripts') + for name in console_scripts.keys(): + _scripts_to_remove.extend(_script_names(dist, name, False)) + # find gui_scripts + gui_scripts = dist.get_entry_map(group='gui_scripts') + for name in gui_scripts.keys(): + _scripts_to_remove.extend(_script_names(dist, name, True)) + + for s in _scripts_to_remove: + paths_to_remove.add(s) + + return paths_to_remove + + +class UninstallPthEntries: + def __init__(self, pth_file: str) -> None: + self.file = pth_file + self.entries: Set[str] = set() + self._saved_lines: Optional[List[bytes]] = None + + def add(self, entry: str) -> None: + entry = os.path.normcase(entry) + # On Windows, os.path.normcase converts the entry to use + # backslashes. This is correct for entries that describe absolute + # paths outside of site-packages, but all the others use forward + # slashes. + # os.path.splitdrive is used instead of os.path.isabs because isabs + # treats non-absolute paths with drive letter markings like c:foo\bar + # as absolute paths. It also does not recognize UNC paths if they don't + # have more than "\\sever\share". Valid examples: "\\server\share\" or + # "\\server\share\folder". + if WINDOWS and not os.path.splitdrive(entry)[0]: + entry = entry.replace('\\', '/') + self.entries.add(entry) + + def remove(self) -> None: + logger.verbose('Removing pth entries from %s:', self.file) + + # If the file doesn't exist, log a warning and return + if not os.path.isfile(self.file): + logger.warning( + "Cannot remove entries from nonexistent file %s", self.file + ) + return + with open(self.file, 'rb') as fh: + # windows uses '\r\n' with py3k, but uses '\n' with py2.x + lines = fh.readlines() + self._saved_lines = lines + if any(b'\r\n' in line for line in lines): + endline = '\r\n' + else: + endline = '\n' + # handle missing trailing newline + if lines and not lines[-1].endswith(endline.encode("utf-8")): + lines[-1] = lines[-1] + endline.encode("utf-8") + for entry in self.entries: + try: + logger.verbose('Removing entry: %s', entry) + lines.remove((entry + endline).encode("utf-8")) + except ValueError: + pass + with open(self.file, 'wb') as fh: + fh.writelines(lines) + + def rollback(self) -> bool: + if self._saved_lines is None: + logger.error( + 'Cannot roll back changes to %s, none were made', self.file + ) + return False + logger.debug('Rolling %s back to previous state', self.file) + with open(self.file, 'wb') as fh: + fh.writelines(self._saved_lines) + return True diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/base.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/base.py new file mode 100644 index 000000000..3f83ef0f5 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/base.py @@ -0,0 +1,18 @@ +from typing import Callable, List + +from pip._internal.req.req_install import InstallRequirement +from pip._internal.req.req_set import RequirementSet + +InstallRequirementProvider = Callable[[str, InstallRequirement], InstallRequirement] + + +class BaseResolver: + def resolve( + self, root_reqs: List[InstallRequirement], check_supported_wheels: bool + ) -> RequirementSet: + raise NotImplementedError() + + def get_installation_order( + self, req_set: RequirementSet + ) -> List[InstallRequirement]: + raise NotImplementedError() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/legacy/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/legacy/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/legacy/resolver.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/legacy/resolver.py new file mode 100644 index 000000000..4df8f7ef1 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/legacy/resolver.py @@ -0,0 +1,453 @@ +"""Dependency Resolution + +The dependency resolution in pip is performed as follows: + +for top-level requirements: + a. only one spec allowed per project, regardless of conflicts or not. + otherwise a "double requirement" exception is raised + b. they override sub-dependency requirements. +for sub-dependencies + a. "first found, wins" (where the order is breadth first) +""" + +# The following comment should be removed at some point in the future. +# mypy: strict-optional=False + +import logging +import sys +from collections import defaultdict +from itertools import chain +from typing import DefaultDict, Iterable, List, Optional, Set, Tuple + +from pip._vendor.packaging import specifiers +from pip._vendor.pkg_resources import Distribution + +from pip._internal.cache import WheelCache +from pip._internal.exceptions import ( + BestVersionAlreadyInstalled, + DistributionNotFound, + HashError, + HashErrors, + UnsupportedPythonVersion, +) +from pip._internal.index.package_finder import PackageFinder +from pip._internal.models.link import Link +from pip._internal.operations.prepare import RequirementPreparer +from pip._internal.req.req_install import ( + InstallRequirement, + check_invalid_constraint_type, +) +from pip._internal.req.req_set import RequirementSet +from pip._internal.resolution.base import BaseResolver, InstallRequirementProvider +from pip._internal.utils.compatibility_tags import get_supported +from pip._internal.utils.logging import indent_log +from pip._internal.utils.misc import dist_in_usersite, normalize_version_info +from pip._internal.utils.packaging import check_requires_python, get_requires_python + +logger = logging.getLogger(__name__) + +DiscoveredDependencies = DefaultDict[str, List[InstallRequirement]] + + +def _check_dist_requires_python( + dist: Distribution, + version_info: Tuple[int, int, int], + ignore_requires_python: bool = False, +) -> None: + """ + Check whether the given Python version is compatible with a distribution's + "Requires-Python" value. + + :param version_info: A 3-tuple of ints representing the Python + major-minor-micro version to check. + :param ignore_requires_python: Whether to ignore the "Requires-Python" + value if the given Python version isn't compatible. + + :raises UnsupportedPythonVersion: When the given Python version isn't + compatible. + """ + requires_python = get_requires_python(dist) + try: + is_compatible = check_requires_python( + requires_python, version_info=version_info + ) + except specifiers.InvalidSpecifier as exc: + logger.warning( + "Package %r has an invalid Requires-Python: %s", dist.project_name, exc + ) + return + + if is_compatible: + return + + version = ".".join(map(str, version_info)) + if ignore_requires_python: + logger.debug( + "Ignoring failed Requires-Python check for package %r: %s not in %r", + dist.project_name, + version, + requires_python, + ) + return + + raise UnsupportedPythonVersion( + "Package {!r} requires a different Python: {} not in {!r}".format( + dist.project_name, version, requires_python + ) + ) + + +class Resolver(BaseResolver): + """Resolves which packages need to be installed/uninstalled to perform \ + the requested operation without breaking the requirements of any package. + """ + + _allowed_strategies = {"eager", "only-if-needed", "to-satisfy-only"} + + def __init__( + self, + preparer: RequirementPreparer, + finder: PackageFinder, + wheel_cache: Optional[WheelCache], + make_install_req: InstallRequirementProvider, + use_user_site: bool, + ignore_dependencies: bool, + ignore_installed: bool, + ignore_requires_python: bool, + force_reinstall: bool, + upgrade_strategy: str, + py_version_info: Optional[Tuple[int, ...]] = None, + ) -> None: + super().__init__() + assert upgrade_strategy in self._allowed_strategies + + if py_version_info is None: + py_version_info = sys.version_info[:3] + else: + py_version_info = normalize_version_info(py_version_info) + + self._py_version_info = py_version_info + + self.preparer = preparer + self.finder = finder + self.wheel_cache = wheel_cache + + self.upgrade_strategy = upgrade_strategy + self.force_reinstall = force_reinstall + self.ignore_dependencies = ignore_dependencies + self.ignore_installed = ignore_installed + self.ignore_requires_python = ignore_requires_python + self.use_user_site = use_user_site + self._make_install_req = make_install_req + + self._discovered_dependencies: DiscoveredDependencies = defaultdict(list) + + def resolve( + self, root_reqs: List[InstallRequirement], check_supported_wheels: bool + ) -> RequirementSet: + """Resolve what operations need to be done + + As a side-effect of this method, the packages (and their dependencies) + are downloaded, unpacked and prepared for installation. This + preparation is done by ``pip.operations.prepare``. + + Once PyPI has static dependency metadata available, it would be + possible to move the preparation to become a step separated from + dependency resolution. + """ + requirement_set = RequirementSet(check_supported_wheels=check_supported_wheels) + for req in root_reqs: + if req.constraint: + check_invalid_constraint_type(req) + requirement_set.add_requirement(req) + + # Actually prepare the files, and collect any exceptions. Most hash + # exceptions cannot be checked ahead of time, because + # _populate_link() needs to be called before we can make decisions + # based on link type. + discovered_reqs: List[InstallRequirement] = [] + hash_errors = HashErrors() + for req in chain(requirement_set.all_requirements, discovered_reqs): + try: + discovered_reqs.extend(self._resolve_one(requirement_set, req)) + except HashError as exc: + exc.req = req + hash_errors.append(exc) + + if hash_errors: + raise hash_errors + + return requirement_set + + def _is_upgrade_allowed(self, req: InstallRequirement) -> bool: + if self.upgrade_strategy == "to-satisfy-only": + return False + elif self.upgrade_strategy == "eager": + return True + else: + assert self.upgrade_strategy == "only-if-needed" + return req.user_supplied or req.constraint + + def _set_req_to_reinstall(self, req: InstallRequirement) -> None: + """ + Set a requirement to be installed. + """ + # Don't uninstall the conflict if doing a user install and the + # conflict is not a user install. + if not self.use_user_site or dist_in_usersite(req.satisfied_by): + req.should_reinstall = True + req.satisfied_by = None + + def _check_skip_installed( + self, req_to_install: InstallRequirement + ) -> Optional[str]: + """Check if req_to_install should be skipped. + + This will check if the req is installed, and whether we should upgrade + or reinstall it, taking into account all the relevant user options. + + After calling this req_to_install will only have satisfied_by set to + None if the req_to_install is to be upgraded/reinstalled etc. Any + other value will be a dist recording the current thing installed that + satisfies the requirement. + + Note that for vcs urls and the like we can't assess skipping in this + routine - we simply identify that we need to pull the thing down, + then later on it is pulled down and introspected to assess upgrade/ + reinstalls etc. + + :return: A text reason for why it was skipped, or None. + """ + if self.ignore_installed: + return None + + req_to_install.check_if_exists(self.use_user_site) + if not req_to_install.satisfied_by: + return None + + if self.force_reinstall: + self._set_req_to_reinstall(req_to_install) + return None + + if not self._is_upgrade_allowed(req_to_install): + if self.upgrade_strategy == "only-if-needed": + return "already satisfied, skipping upgrade" + return "already satisfied" + + # Check for the possibility of an upgrade. For link-based + # requirements we have to pull the tree down and inspect to assess + # the version #, so it's handled way down. + if not req_to_install.link: + try: + self.finder.find_requirement(req_to_install, upgrade=True) + except BestVersionAlreadyInstalled: + # Then the best version is installed. + return "already up-to-date" + except DistributionNotFound: + # No distribution found, so we squash the error. It will + # be raised later when we re-try later to do the install. + # Why don't we just raise here? + pass + + self._set_req_to_reinstall(req_to_install) + return None + + def _find_requirement_link(self, req: InstallRequirement) -> Optional[Link]: + upgrade = self._is_upgrade_allowed(req) + best_candidate = self.finder.find_requirement(req, upgrade) + if not best_candidate: + return None + + # Log a warning per PEP 592 if necessary before returning. + link = best_candidate.link + if link.is_yanked: + reason = link.yanked_reason or "" + msg = ( + # Mark this as a unicode string to prevent + # "UnicodeEncodeError: 'ascii' codec can't encode character" + # in Python 2 when the reason contains non-ascii characters. + "The candidate selected for download or install is a " + "yanked version: {candidate}\n" + "Reason for being yanked: {reason}" + ).format(candidate=best_candidate, reason=reason) + logger.warning(msg) + + return link + + def _populate_link(self, req: InstallRequirement) -> None: + """Ensure that if a link can be found for this, that it is found. + + Note that req.link may still be None - if the requirement is already + installed and not needed to be upgraded based on the return value of + _is_upgrade_allowed(). + + If preparer.require_hashes is True, don't use the wheel cache, because + cached wheels, always built locally, have different hashes than the + files downloaded from the index server and thus throw false hash + mismatches. Furthermore, cached wheels at present have undeterministic + contents due to file modification times. + """ + if req.link is None: + req.link = self._find_requirement_link(req) + + if self.wheel_cache is None or self.preparer.require_hashes: + return + cache_entry = self.wheel_cache.get_cache_entry( + link=req.link, + package_name=req.name, + supported_tags=get_supported(), + ) + if cache_entry is not None: + logger.debug("Using cached wheel link: %s", cache_entry.link) + if req.link is req.original_link and cache_entry.persistent: + req.original_link_is_in_wheel_cache = True + req.link = cache_entry.link + + def _get_dist_for(self, req: InstallRequirement) -> Distribution: + """Takes a InstallRequirement and returns a single AbstractDist \ + representing a prepared variant of the same. + """ + if req.editable: + return self.preparer.prepare_editable_requirement(req) + + # satisfied_by is only evaluated by calling _check_skip_installed, + # so it must be None here. + assert req.satisfied_by is None + skip_reason = self._check_skip_installed(req) + + if req.satisfied_by: + return self.preparer.prepare_installed_requirement(req, skip_reason) + + # We eagerly populate the link, since that's our "legacy" behavior. + self._populate_link(req) + dist = self.preparer.prepare_linked_requirement(req) + + # NOTE + # The following portion is for determining if a certain package is + # going to be re-installed/upgraded or not and reporting to the user. + # This should probably get cleaned up in a future refactor. + + # req.req is only avail after unpack for URL + # pkgs repeat check_if_exists to uninstall-on-upgrade + # (#14) + if not self.ignore_installed: + req.check_if_exists(self.use_user_site) + + if req.satisfied_by: + should_modify = ( + self.upgrade_strategy != "to-satisfy-only" + or self.force_reinstall + or self.ignore_installed + or req.link.scheme == "file" + ) + if should_modify: + self._set_req_to_reinstall(req) + else: + logger.info( + "Requirement already satisfied (use --upgrade to upgrade): %s", + req, + ) + return dist + + def _resolve_one( + self, + requirement_set: RequirementSet, + req_to_install: InstallRequirement, + ) -> List[InstallRequirement]: + """Prepare a single requirements file. + + :return: A list of additional InstallRequirements to also install. + """ + # Tell user what we are doing for this requirement: + # obtain (editable), skipping, processing (local url), collecting + # (remote url or package name) + if req_to_install.constraint or req_to_install.prepared: + return [] + + req_to_install.prepared = True + + # Parse and return dependencies + dist = self._get_dist_for(req_to_install) + # This will raise UnsupportedPythonVersion if the given Python + # version isn't compatible with the distribution's Requires-Python. + _check_dist_requires_python( + dist, + version_info=self._py_version_info, + ignore_requires_python=self.ignore_requires_python, + ) + + more_reqs: List[InstallRequirement] = [] + + def add_req(subreq: Distribution, extras_requested: Iterable[str]) -> None: + sub_install_req = self._make_install_req( + str(subreq), + req_to_install, + ) + parent_req_name = req_to_install.name + to_scan_again, add_to_parent = requirement_set.add_requirement( + sub_install_req, + parent_req_name=parent_req_name, + extras_requested=extras_requested, + ) + if parent_req_name and add_to_parent: + self._discovered_dependencies[parent_req_name].append(add_to_parent) + more_reqs.extend(to_scan_again) + + with indent_log(): + # We add req_to_install before its dependencies, so that we + # can refer to it when adding dependencies. + if not requirement_set.has_requirement(req_to_install.name): + # 'unnamed' requirements will get added here + # 'unnamed' requirements can only come from being directly + # provided by the user. + assert req_to_install.user_supplied + requirement_set.add_requirement(req_to_install, parent_req_name=None) + + if not self.ignore_dependencies: + if req_to_install.extras: + logger.debug( + "Installing extra requirements: %r", + ",".join(req_to_install.extras), + ) + missing_requested = sorted( + set(req_to_install.extras) - set(dist.extras) + ) + for missing in missing_requested: + logger.warning("%s does not provide the extra '%s'", dist, missing) + + available_requested = sorted( + set(dist.extras) & set(req_to_install.extras) + ) + for subreq in dist.requires(available_requested): + add_req(subreq, extras_requested=available_requested) + + return more_reqs + + def get_installation_order( + self, req_set: RequirementSet + ) -> List[InstallRequirement]: + """Create the installation order. + + The installation order is topological - requirements are installed + before the requiring thing. We break cycles at an arbitrary point, + and make no other guarantees. + """ + # The current implementation, which we may change at any point + # installs the user specified things in the order given, except when + # dependencies must come earlier to achieve topological order. + order = [] + ordered_reqs: Set[InstallRequirement] = set() + + def schedule(req: InstallRequirement) -> None: + if req.satisfied_by or req in ordered_reqs: + return + if req.constraint: + return + ordered_reqs.add(req) + for dep in self._discovered_dependencies[req.name]: + schedule(dep) + order.append(req) + + for install_req in req_set.requirements.values(): + schedule(install_req) + return order diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/base.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/base.py new file mode 100644 index 000000000..7f258c574 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/base.py @@ -0,0 +1,144 @@ +from typing import FrozenSet, Iterable, Optional, Tuple, Union + +from pip._vendor.packaging.specifiers import SpecifierSet +from pip._vendor.packaging.utils import NormalizedName, canonicalize_name +from pip._vendor.packaging.version import LegacyVersion, Version + +from pip._internal.models.link import Link, links_equivalent +from pip._internal.req.req_install import InstallRequirement +from pip._internal.utils.hashes import Hashes + +CandidateLookup = Tuple[Optional["Candidate"], Optional[InstallRequirement]] +CandidateVersion = Union[LegacyVersion, Version] + + +def format_name(project: str, extras: FrozenSet[str]) -> str: + if not extras: + return project + canonical_extras = sorted(canonicalize_name(e) for e in extras) + return "{}[{}]".format(project, ",".join(canonical_extras)) + + +class Constraint: + def __init__( + self, specifier: SpecifierSet, hashes: Hashes, links: FrozenSet[Link] + ) -> None: + self.specifier = specifier + self.hashes = hashes + self.links = links + + @classmethod + def empty(cls) -> "Constraint": + return Constraint(SpecifierSet(), Hashes(), frozenset()) + + @classmethod + def from_ireq(cls, ireq: InstallRequirement) -> "Constraint": + links = frozenset([ireq.link]) if ireq.link else frozenset() + return Constraint(ireq.specifier, ireq.hashes(trust_internet=False), links) + + def __nonzero__(self) -> bool: + return bool(self.specifier) or bool(self.hashes) or bool(self.links) + + def __bool__(self) -> bool: + return self.__nonzero__() + + def __and__(self, other: InstallRequirement) -> "Constraint": + if not isinstance(other, InstallRequirement): + return NotImplemented + specifier = self.specifier & other.specifier + hashes = self.hashes & other.hashes(trust_internet=False) + links = self.links + if other.link: + links = links.union([other.link]) + return Constraint(specifier, hashes, links) + + def is_satisfied_by(self, candidate: "Candidate") -> bool: + # Reject if there are any mismatched URL constraints on this package. + if self.links and not all(_match_link(link, candidate) for link in self.links): + return False + # We can safely always allow prereleases here since PackageFinder + # already implements the prerelease logic, and would have filtered out + # prerelease candidates if the user does not expect them. + return self.specifier.contains(candidate.version, prereleases=True) + + +class Requirement: + @property + def project_name(self) -> NormalizedName: + """The "project name" of a requirement. + + This is different from ``name`` if this requirement contains extras, + in which case ``name`` would contain the ``[...]`` part, while this + refers to the name of the project. + """ + raise NotImplementedError("Subclass should override") + + @property + def name(self) -> str: + """The name identifying this requirement in the resolver. + + This is different from ``project_name`` if this requirement contains + extras, where ``project_name`` would not contain the ``[...]`` part. + """ + raise NotImplementedError("Subclass should override") + + def is_satisfied_by(self, candidate: "Candidate") -> bool: + return False + + def get_candidate_lookup(self) -> CandidateLookup: + raise NotImplementedError("Subclass should override") + + def format_for_error(self) -> str: + raise NotImplementedError("Subclass should override") + + +def _match_link(link: Link, candidate: "Candidate") -> bool: + if candidate.source_link: + return links_equivalent(link, candidate.source_link) + return False + + +class Candidate: + @property + def project_name(self) -> NormalizedName: + """The "project name" of the candidate. + + This is different from ``name`` if this candidate contains extras, + in which case ``name`` would contain the ``[...]`` part, while this + refers to the name of the project. + """ + raise NotImplementedError("Override in subclass") + + @property + def name(self) -> str: + """The name identifying this candidate in the resolver. + + This is different from ``project_name`` if this candidate contains + extras, where ``project_name`` would not contain the ``[...]`` part. + """ + raise NotImplementedError("Override in subclass") + + @property + def version(self) -> CandidateVersion: + raise NotImplementedError("Override in subclass") + + @property + def is_installed(self) -> bool: + raise NotImplementedError("Override in subclass") + + @property + def is_editable(self) -> bool: + raise NotImplementedError("Override in subclass") + + @property + def source_link(self) -> Optional[Link]: + raise NotImplementedError("Override in subclass") + + def iter_dependencies(self, with_requires: bool) -> Iterable[Optional[Requirement]]: + raise NotImplementedError("Override in subclass") + + def get_install_requirement(self) -> Optional[InstallRequirement]: + raise NotImplementedError("Override in subclass") + + def format_for_error(self) -> str: + raise NotImplementedError("Subclass should override") diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/candidates.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/candidates.py new file mode 100644 index 000000000..5d510db86 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/candidates.py @@ -0,0 +1,555 @@ +import logging +import sys +from typing import TYPE_CHECKING, Any, FrozenSet, Iterable, Optional, Tuple, Union, cast + +from pip._vendor.packaging.specifiers import InvalidSpecifier, SpecifierSet +from pip._vendor.packaging.utils import NormalizedName, canonicalize_name +from pip._vendor.packaging.version import Version +from pip._vendor.packaging.version import parse as parse_version +from pip._vendor.pkg_resources import Distribution + +from pip._internal.exceptions import HashError, MetadataInconsistent +from pip._internal.models.link import Link, links_equivalent +from pip._internal.models.wheel import Wheel +from pip._internal.req.constructors import ( + install_req_from_editable, + install_req_from_line, +) +from pip._internal.req.req_install import InstallRequirement +from pip._internal.utils.misc import dist_is_editable, normalize_version_info +from pip._internal.utils.packaging import get_requires_python + +from .base import Candidate, CandidateVersion, Requirement, format_name + +if TYPE_CHECKING: + from .factory import Factory + +logger = logging.getLogger(__name__) + +BaseCandidate = Union[ + "AlreadyInstalledCandidate", + "EditableCandidate", + "LinkCandidate", +] + +# Avoid conflicting with the PyPI package "Python". +REQUIRES_PYTHON_IDENTIFIER = cast(NormalizedName, "") + + +def as_base_candidate(candidate: Candidate) -> Optional[BaseCandidate]: + """The runtime version of BaseCandidate.""" + base_candidate_classes = ( + AlreadyInstalledCandidate, + EditableCandidate, + LinkCandidate, + ) + if isinstance(candidate, base_candidate_classes): + return candidate + return None + + +def make_install_req_from_link( + link: Link, template: InstallRequirement +) -> InstallRequirement: + assert not template.editable, "template is editable" + if template.req: + line = str(template.req) + else: + line = link.url + ireq = install_req_from_line( + line, + user_supplied=template.user_supplied, + comes_from=template.comes_from, + use_pep517=template.use_pep517, + isolated=template.isolated, + constraint=template.constraint, + options=dict( + install_options=template.install_options, + global_options=template.global_options, + hashes=template.hash_options, + ), + ) + ireq.original_link = template.original_link + ireq.link = link + return ireq + + +def make_install_req_from_editable( + link: Link, template: InstallRequirement +) -> InstallRequirement: + assert template.editable, "template not editable" + return install_req_from_editable( + link.url, + user_supplied=template.user_supplied, + comes_from=template.comes_from, + use_pep517=template.use_pep517, + isolated=template.isolated, + constraint=template.constraint, + options=dict( + install_options=template.install_options, + global_options=template.global_options, + hashes=template.hash_options, + ), + ) + + +def make_install_req_from_dist( + dist: Distribution, template: InstallRequirement +) -> InstallRequirement: + project_name = canonicalize_name(dist.project_name) + if template.req: + line = str(template.req) + elif template.link: + line = f"{project_name} @ {template.link.url}" + else: + line = f"{project_name}=={dist.parsed_version}" + ireq = install_req_from_line( + line, + user_supplied=template.user_supplied, + comes_from=template.comes_from, + use_pep517=template.use_pep517, + isolated=template.isolated, + constraint=template.constraint, + options=dict( + install_options=template.install_options, + global_options=template.global_options, + hashes=template.hash_options, + ), + ) + ireq.satisfied_by = dist + return ireq + + +class _InstallRequirementBackedCandidate(Candidate): + """A candidate backed by an ``InstallRequirement``. + + This represents a package request with the target not being already + in the environment, and needs to be fetched and installed. The backing + ``InstallRequirement`` is responsible for most of the leg work; this + class exposes appropriate information to the resolver. + + :param link: The link passed to the ``InstallRequirement``. The backing + ``InstallRequirement`` will use this link to fetch the distribution. + :param source_link: The link this candidate "originates" from. This is + different from ``link`` when the link is found in the wheel cache. + ``link`` would point to the wheel cache, while this points to the + found remote link (e.g. from pypi.org). + """ + + is_installed = False + + def __init__( + self, + link: Link, + source_link: Link, + ireq: InstallRequirement, + factory: "Factory", + name: Optional[NormalizedName] = None, + version: Optional[CandidateVersion] = None, + ) -> None: + self._link = link + self._source_link = source_link + self._factory = factory + self._ireq = ireq + self._name = name + self._version = version + self.dist = self._prepare() + + def __str__(self) -> str: + return f"{self.name} {self.version}" + + def __repr__(self) -> str: + return "{class_name}({link!r})".format( + class_name=self.__class__.__name__, + link=str(self._link), + ) + + def __hash__(self) -> int: + return hash((self.__class__, self._link)) + + def __eq__(self, other: Any) -> bool: + if isinstance(other, self.__class__): + return links_equivalent(self._link, other._link) + return False + + @property + def source_link(self) -> Optional[Link]: + return self._source_link + + @property + def project_name(self) -> NormalizedName: + """The normalised name of the project the candidate refers to""" + if self._name is None: + self._name = canonicalize_name(self.dist.project_name) + return self._name + + @property + def name(self) -> str: + return self.project_name + + @property + def version(self) -> CandidateVersion: + if self._version is None: + self._version = parse_version(self.dist.version) + return self._version + + def format_for_error(self) -> str: + return "{} {} (from {})".format( + self.name, + self.version, + self._link.file_path if self._link.is_file else self._link, + ) + + def _prepare_distribution(self) -> Distribution: + raise NotImplementedError("Override in subclass") + + def _check_metadata_consistency(self, dist: Distribution) -> None: + """Check for consistency of project name and version of dist.""" + canonical_name = canonicalize_name(dist.project_name) + if self._name is not None and self._name != canonical_name: + raise MetadataInconsistent( + self._ireq, + "name", + self._name, + dist.project_name, + ) + parsed_version = parse_version(dist.version) + if self._version is not None and self._version != parsed_version: + raise MetadataInconsistent( + self._ireq, + "version", + str(self._version), + dist.version, + ) + + def _prepare(self) -> Distribution: + try: + dist = self._prepare_distribution() + except HashError as e: + # Provide HashError the underlying ireq that caused it. This + # provides context for the resulting error message to show the + # offending line to the user. + e.req = self._ireq + raise + self._check_metadata_consistency(dist) + return dist + + def _get_requires_python_dependency(self) -> Optional[Requirement]: + requires_python = get_requires_python(self.dist) + if requires_python is None: + return None + try: + spec = SpecifierSet(requires_python) + except InvalidSpecifier as e: + message = "Package %r has an invalid Requires-Python: %s" + logger.warning(message, self.name, e) + return None + return self._factory.make_requires_python_requirement(spec) + + def iter_dependencies(self, with_requires: bool) -> Iterable[Optional[Requirement]]: + requires = self.dist.requires() if with_requires else () + for r in requires: + yield self._factory.make_requirement_from_spec(str(r), self._ireq) + yield self._get_requires_python_dependency() + + def get_install_requirement(self) -> Optional[InstallRequirement]: + return self._ireq + + +class LinkCandidate(_InstallRequirementBackedCandidate): + is_editable = False + + def __init__( + self, + link: Link, + template: InstallRequirement, + factory: "Factory", + name: Optional[NormalizedName] = None, + version: Optional[CandidateVersion] = None, + ) -> None: + source_link = link + cache_entry = factory.get_wheel_cache_entry(link, name) + if cache_entry is not None: + logger.debug("Using cached wheel link: %s", cache_entry.link) + link = cache_entry.link + ireq = make_install_req_from_link(link, template) + assert ireq.link == link + if ireq.link.is_wheel and not ireq.link.is_file: + wheel = Wheel(ireq.link.filename) + wheel_name = canonicalize_name(wheel.name) + assert name == wheel_name, f"{name!r} != {wheel_name!r} for wheel" + # Version may not be present for PEP 508 direct URLs + if version is not None: + wheel_version = Version(wheel.version) + assert version == wheel_version, "{!r} != {!r} for wheel {}".format( + version, wheel_version, name + ) + + if ( + cache_entry is not None + and cache_entry.persistent + and template.link is template.original_link + ): + ireq.original_link_is_in_wheel_cache = True + + super().__init__( + link=link, + source_link=source_link, + ireq=ireq, + factory=factory, + name=name, + version=version, + ) + + def _prepare_distribution(self) -> Distribution: + return self._factory.preparer.prepare_linked_requirement( + self._ireq, parallel_builds=True + ) + + +class EditableCandidate(_InstallRequirementBackedCandidate): + is_editable = True + + def __init__( + self, + link: Link, + template: InstallRequirement, + factory: "Factory", + name: Optional[NormalizedName] = None, + version: Optional[CandidateVersion] = None, + ) -> None: + super().__init__( + link=link, + source_link=link, + ireq=make_install_req_from_editable(link, template), + factory=factory, + name=name, + version=version, + ) + + def _prepare_distribution(self) -> Distribution: + return self._factory.preparer.prepare_editable_requirement(self._ireq) + + +class AlreadyInstalledCandidate(Candidate): + is_installed = True + source_link = None + + def __init__( + self, + dist: Distribution, + template: InstallRequirement, + factory: "Factory", + ) -> None: + self.dist = dist + self._ireq = make_install_req_from_dist(dist, template) + self._factory = factory + + # This is just logging some messages, so we can do it eagerly. + # The returned dist would be exactly the same as self.dist because we + # set satisfied_by in make_install_req_from_dist. + # TODO: Supply reason based on force_reinstall and upgrade_strategy. + skip_reason = "already satisfied" + factory.preparer.prepare_installed_requirement(self._ireq, skip_reason) + + def __str__(self) -> str: + return str(self.dist) + + def __repr__(self) -> str: + return "{class_name}({distribution!r})".format( + class_name=self.__class__.__name__, + distribution=self.dist, + ) + + def __hash__(self) -> int: + return hash((self.__class__, self.name, self.version)) + + def __eq__(self, other: Any) -> bool: + if isinstance(other, self.__class__): + return self.name == other.name and self.version == other.version + return False + + @property + def project_name(self) -> NormalizedName: + return canonicalize_name(self.dist.project_name) + + @property + def name(self) -> str: + return self.project_name + + @property + def version(self) -> CandidateVersion: + return parse_version(self.dist.version) + + @property + def is_editable(self) -> bool: + return dist_is_editable(self.dist) + + def format_for_error(self) -> str: + return f"{self.name} {self.version} (Installed)" + + def iter_dependencies(self, with_requires: bool) -> Iterable[Optional[Requirement]]: + if not with_requires: + return + for r in self.dist.requires(): + yield self._factory.make_requirement_from_spec(str(r), self._ireq) + + def get_install_requirement(self) -> Optional[InstallRequirement]: + return None + + +class ExtrasCandidate(Candidate): + """A candidate that has 'extras', indicating additional dependencies. + + Requirements can be for a project with dependencies, something like + foo[extra]. The extras don't affect the project/version being installed + directly, but indicate that we need additional dependencies. We model that + by having an artificial ExtrasCandidate that wraps the "base" candidate. + + The ExtrasCandidate differs from the base in the following ways: + + 1. It has a unique name, of the form foo[extra]. This causes the resolver + to treat it as a separate node in the dependency graph. + 2. When we're getting the candidate's dependencies, + a) We specify that we want the extra dependencies as well. + b) We add a dependency on the base candidate. + See below for why this is needed. + 3. We return None for the underlying InstallRequirement, as the base + candidate will provide it, and we don't want to end up with duplicates. + + The dependency on the base candidate is needed so that the resolver can't + decide that it should recommend foo[extra1] version 1.0 and foo[extra2] + version 2.0. Having those candidates depend on foo=1.0 and foo=2.0 + respectively forces the resolver to recognise that this is a conflict. + """ + + def __init__( + self, + base: BaseCandidate, + extras: FrozenSet[str], + ) -> None: + self.base = base + self.extras = extras + + def __str__(self) -> str: + name, rest = str(self.base).split(" ", 1) + return "{}[{}] {}".format(name, ",".join(self.extras), rest) + + def __repr__(self) -> str: + return "{class_name}(base={base!r}, extras={extras!r})".format( + class_name=self.__class__.__name__, + base=self.base, + extras=self.extras, + ) + + def __hash__(self) -> int: + return hash((self.base, self.extras)) + + def __eq__(self, other: Any) -> bool: + if isinstance(other, self.__class__): + return self.base == other.base and self.extras == other.extras + return False + + @property + def project_name(self) -> NormalizedName: + return self.base.project_name + + @property + def name(self) -> str: + """The normalised name of the project the candidate refers to""" + return format_name(self.base.project_name, self.extras) + + @property + def version(self) -> CandidateVersion: + return self.base.version + + def format_for_error(self) -> str: + return "{} [{}]".format( + self.base.format_for_error(), ", ".join(sorted(self.extras)) + ) + + @property + def is_installed(self) -> bool: + return self.base.is_installed + + @property + def is_editable(self) -> bool: + return self.base.is_editable + + @property + def source_link(self) -> Optional[Link]: + return self.base.source_link + + def iter_dependencies(self, with_requires: bool) -> Iterable[Optional[Requirement]]: + factory = self.base._factory + + # Add a dependency on the exact base + # (See note 2b in the class docstring) + yield factory.make_requirement_from_candidate(self.base) + if not with_requires: + return + + # The user may have specified extras that the candidate doesn't + # support. We ignore any unsupported extras here. + valid_extras = self.extras.intersection(self.base.dist.extras) + invalid_extras = self.extras.difference(self.base.dist.extras) + for extra in sorted(invalid_extras): + logger.warning( + "%s %s does not provide the extra '%s'", + self.base.name, + self.version, + extra, + ) + + for r in self.base.dist.requires(valid_extras): + requirement = factory.make_requirement_from_spec( + str(r), self.base._ireq, valid_extras + ) + if requirement: + yield requirement + + def get_install_requirement(self) -> Optional[InstallRequirement]: + # We don't return anything here, because we always + # depend on the base candidate, and we'll get the + # install requirement from that. + return None + + +class RequiresPythonCandidate(Candidate): + is_installed = False + source_link = None + + def __init__(self, py_version_info: Optional[Tuple[int, ...]]) -> None: + if py_version_info is not None: + version_info = normalize_version_info(py_version_info) + else: + version_info = sys.version_info[:3] + self._version = Version(".".join(str(c) for c in version_info)) + + # We don't need to implement __eq__() and __ne__() since there is always + # only one RequiresPythonCandidate in a resolution, i.e. the host Python. + # The built-in object.__eq__() and object.__ne__() do exactly what we want. + + def __str__(self) -> str: + return f"Python {self._version}" + + @property + def project_name(self) -> NormalizedName: + return REQUIRES_PYTHON_IDENTIFIER + + @property + def name(self) -> str: + return REQUIRES_PYTHON_IDENTIFIER + + @property + def version(self) -> CandidateVersion: + return self._version + + def format_for_error(self) -> str: + return f"Python {self.version}" + + def iter_dependencies(self, with_requires: bool) -> Iterable[Optional[Requirement]]: + return () + + def get_install_requirement(self) -> Optional[InstallRequirement]: + return None diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/factory.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/factory.py new file mode 100644 index 000000000..e7fd344aa --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/factory.py @@ -0,0 +1,700 @@ +import contextlib +import functools +import logging +from typing import ( + TYPE_CHECKING, + Dict, + FrozenSet, + Iterable, + Iterator, + List, + Mapping, + NamedTuple, + Optional, + Sequence, + Set, + Tuple, + TypeVar, + cast, +) + +from pip._vendor.packaging.requirements import InvalidRequirement +from pip._vendor.packaging.requirements import Requirement as PackagingRequirement +from pip._vendor.packaging.specifiers import SpecifierSet +from pip._vendor.packaging.utils import NormalizedName, canonicalize_name +from pip._vendor.resolvelib import ResolutionImpossible + +from pip._internal.cache import CacheEntry, WheelCache +from pip._internal.exceptions import ( + DistributionNotFound, + InstallationError, + InstallationSubprocessError, + MetadataInconsistent, + UnsupportedPythonVersion, + UnsupportedWheel, +) +from pip._internal.index.package_finder import PackageFinder +from pip._internal.metadata import BaseDistribution, get_default_environment +from pip._internal.models.link import Link +from pip._internal.models.wheel import Wheel +from pip._internal.operations.prepare import RequirementPreparer +from pip._internal.req.constructors import install_req_from_link_and_ireq +from pip._internal.req.req_install import ( + InstallRequirement, + check_invalid_constraint_type, +) +from pip._internal.resolution.base import InstallRequirementProvider +from pip._internal.utils.compatibility_tags import get_supported +from pip._internal.utils.hashes import Hashes +from pip._internal.utils.virtualenv import running_under_virtualenv + +from .base import Candidate, CandidateVersion, Constraint, Requirement +from .candidates import ( + AlreadyInstalledCandidate, + BaseCandidate, + EditableCandidate, + ExtrasCandidate, + LinkCandidate, + RequiresPythonCandidate, + as_base_candidate, +) +from .found_candidates import FoundCandidates, IndexCandidateInfo +from .requirements import ( + ExplicitRequirement, + RequiresPythonRequirement, + SpecifierRequirement, + UnsatisfiableRequirement, +) + +if TYPE_CHECKING: + from typing import Protocol + + class ConflictCause(Protocol): + requirement: RequiresPythonRequirement + parent: Candidate + + +logger = logging.getLogger(__name__) + +C = TypeVar("C") +Cache = Dict[Link, C] + + +class CollectedRootRequirements(NamedTuple): + requirements: List[Requirement] + constraints: Dict[str, Constraint] + user_requested: Dict[str, int] + + +class Factory: + def __init__( + self, + finder: PackageFinder, + preparer: RequirementPreparer, + make_install_req: InstallRequirementProvider, + wheel_cache: Optional[WheelCache], + use_user_site: bool, + force_reinstall: bool, + ignore_installed: bool, + ignore_requires_python: bool, + py_version_info: Optional[Tuple[int, ...]] = None, + ) -> None: + self._finder = finder + self.preparer = preparer + self._wheel_cache = wheel_cache + self._python_candidate = RequiresPythonCandidate(py_version_info) + self._make_install_req_from_spec = make_install_req + self._use_user_site = use_user_site + self._force_reinstall = force_reinstall + self._ignore_requires_python = ignore_requires_python + + self._build_failures: Cache[InstallationError] = {} + self._link_candidate_cache: Cache[LinkCandidate] = {} + self._editable_candidate_cache: Cache[EditableCandidate] = {} + self._installed_candidate_cache: Dict[str, AlreadyInstalledCandidate] = {} + self._extras_candidate_cache: Dict[ + Tuple[int, FrozenSet[str]], ExtrasCandidate + ] = {} + + if not ignore_installed: + env = get_default_environment() + self._installed_dists = { + dist.canonical_name: dist + for dist in env.iter_installed_distributions(local_only=False) + } + else: + self._installed_dists = {} + + @property + def force_reinstall(self) -> bool: + return self._force_reinstall + + def _fail_if_link_is_unsupported_wheel(self, link: Link) -> None: + if not link.is_wheel: + return + wheel = Wheel(link.filename) + if wheel.supported(self._finder.target_python.get_tags()): + return + msg = f"{link.filename} is not a supported wheel on this platform." + raise UnsupportedWheel(msg) + + def _make_extras_candidate( + self, base: BaseCandidate, extras: FrozenSet[str] + ) -> ExtrasCandidate: + cache_key = (id(base), extras) + try: + candidate = self._extras_candidate_cache[cache_key] + except KeyError: + candidate = ExtrasCandidate(base, extras) + self._extras_candidate_cache[cache_key] = candidate + return candidate + + def _make_candidate_from_dist( + self, + dist: BaseDistribution, + extras: FrozenSet[str], + template: InstallRequirement, + ) -> Candidate: + try: + base = self._installed_candidate_cache[dist.canonical_name] + except KeyError: + from pip._internal.metadata.pkg_resources import Distribution as _Dist + + compat_dist = cast(_Dist, dist)._dist + base = AlreadyInstalledCandidate(compat_dist, template, factory=self) + self._installed_candidate_cache[dist.canonical_name] = base + if not extras: + return base + return self._make_extras_candidate(base, extras) + + def _make_candidate_from_link( + self, + link: Link, + extras: FrozenSet[str], + template: InstallRequirement, + name: Optional[NormalizedName], + version: Optional[CandidateVersion], + ) -> Optional[Candidate]: + # TODO: Check already installed candidate, and use it if the link and + # editable flag match. + + if link in self._build_failures: + # We already tried this candidate before, and it does not build. + # Don't bother trying again. + return None + + if template.editable: + if link not in self._editable_candidate_cache: + try: + self._editable_candidate_cache[link] = EditableCandidate( + link, + template, + factory=self, + name=name, + version=version, + ) + except (InstallationSubprocessError, MetadataInconsistent) as e: + logger.warning("Discarding %s. %s", link, e) + self._build_failures[link] = e + return None + base: BaseCandidate = self._editable_candidate_cache[link] + else: + if link not in self._link_candidate_cache: + try: + self._link_candidate_cache[link] = LinkCandidate( + link, + template, + factory=self, + name=name, + version=version, + ) + except (InstallationSubprocessError, MetadataInconsistent) as e: + logger.warning("Discarding %s. %s", link, e) + self._build_failures[link] = e + return None + base = self._link_candidate_cache[link] + + if not extras: + return base + return self._make_extras_candidate(base, extras) + + def _iter_found_candidates( + self, + ireqs: Sequence[InstallRequirement], + specifier: SpecifierSet, + hashes: Hashes, + prefers_installed: bool, + incompatible_ids: Set[int], + ) -> Iterable[Candidate]: + if not ireqs: + return () + + # The InstallRequirement implementation requires us to give it a + # "template". Here we just choose the first requirement to represent + # all of them. + # Hopefully the Project model can correct this mismatch in the future. + template = ireqs[0] + assert template.req, "Candidates found on index must be PEP 508" + name = canonicalize_name(template.req.name) + + extras: FrozenSet[str] = frozenset() + for ireq in ireqs: + assert ireq.req, "Candidates found on index must be PEP 508" + specifier &= ireq.req.specifier + hashes &= ireq.hashes(trust_internet=False) + extras |= frozenset(ireq.extras) + + def _get_installed_candidate() -> Optional[Candidate]: + """Get the candidate for the currently-installed version.""" + # If --force-reinstall is set, we want the version from the index + # instead, so we "pretend" there is nothing installed. + if self._force_reinstall: + return None + try: + installed_dist = self._installed_dists[name] + except KeyError: + return None + # Don't use the installed distribution if its version does not fit + # the current dependency graph. + if not specifier.contains(installed_dist.version, prereleases=True): + return None + candidate = self._make_candidate_from_dist( + dist=installed_dist, + extras=extras, + template=template, + ) + # The candidate is a known incompatiblity. Don't use it. + if id(candidate) in incompatible_ids: + return None + return candidate + + def iter_index_candidate_infos() -> Iterator[IndexCandidateInfo]: + result = self._finder.find_best_candidate( + project_name=name, + specifier=specifier, + hashes=hashes, + ) + icans = list(result.iter_applicable()) + + # PEP 592: Yanked releases must be ignored unless only yanked + # releases can satisfy the version range. So if this is false, + # all yanked icans need to be skipped. + all_yanked = all(ican.link.is_yanked for ican in icans) + + # PackageFinder returns earlier versions first, so we reverse. + for ican in reversed(icans): + if not all_yanked and ican.link.is_yanked: + continue + func = functools.partial( + self._make_candidate_from_link, + link=ican.link, + extras=extras, + template=template, + name=name, + version=ican.version, + ) + yield ican.version, func + + return FoundCandidates( + iter_index_candidate_infos, + _get_installed_candidate(), + prefers_installed, + incompatible_ids, + ) + + def _iter_explicit_candidates_from_base( + self, + base_requirements: Iterable[Requirement], + extras: FrozenSet[str], + ) -> Iterator[Candidate]: + """Produce explicit candidates from the base given an extra-ed package. + + :param base_requirements: Requirements known to the resolver. The + requirements are guaranteed to not have extras. + :param extras: The extras to inject into the explicit requirements' + candidates. + """ + for req in base_requirements: + lookup_cand, _ = req.get_candidate_lookup() + if lookup_cand is None: # Not explicit. + continue + # We've stripped extras from the identifier, and should always + # get a BaseCandidate here, unless there's a bug elsewhere. + base_cand = as_base_candidate(lookup_cand) + assert base_cand is not None, "no extras here" + yield self._make_extras_candidate(base_cand, extras) + + def _iter_candidates_from_constraints( + self, + identifier: str, + constraint: Constraint, + template: InstallRequirement, + ) -> Iterator[Candidate]: + """Produce explicit candidates from constraints. + + This creates "fake" InstallRequirement objects that are basically clones + of what "should" be the template, but with original_link set to link. + """ + for link in constraint.links: + self._fail_if_link_is_unsupported_wheel(link) + candidate = self._make_candidate_from_link( + link, + extras=frozenset(), + template=install_req_from_link_and_ireq(link, template), + name=canonicalize_name(identifier), + version=None, + ) + if candidate: + yield candidate + + def find_candidates( + self, + identifier: str, + requirements: Mapping[str, Iterator[Requirement]], + incompatibilities: Mapping[str, Iterator[Candidate]], + constraint: Constraint, + prefers_installed: bool, + ) -> Iterable[Candidate]: + # Collect basic lookup information from the requirements. + explicit_candidates: Set[Candidate] = set() + ireqs: List[InstallRequirement] = [] + for req in requirements[identifier]: + cand, ireq = req.get_candidate_lookup() + if cand is not None: + explicit_candidates.add(cand) + if ireq is not None: + ireqs.append(ireq) + + # If the current identifier contains extras, add explicit candidates + # from entries from extra-less identifier. + with contextlib.suppress(InvalidRequirement): + parsed_requirement = PackagingRequirement(identifier) + explicit_candidates.update( + self._iter_explicit_candidates_from_base( + requirements.get(parsed_requirement.name, ()), + frozenset(parsed_requirement.extras), + ), + ) + + # Add explicit candidates from constraints. We only do this if there are + # kown ireqs, which represent requirements not already explicit. If + # there are no ireqs, we're constraining already-explicit requirements, + # which is handled later when we return the explicit candidates. + if ireqs: + try: + explicit_candidates.update( + self._iter_candidates_from_constraints( + identifier, + constraint, + template=ireqs[0], + ), + ) + except UnsupportedWheel: + # If we're constrained to install a wheel incompatible with the + # target architecture, no candidates will ever be valid. + return () + + # Since we cache all the candidates, incompatibility identification + # can be made quicker by comparing only the id() values. + incompat_ids = {id(c) for c in incompatibilities.get(identifier, ())} + + # If none of the requirements want an explicit candidate, we can ask + # the finder for candidates. + if not explicit_candidates: + return self._iter_found_candidates( + ireqs, + constraint.specifier, + constraint.hashes, + prefers_installed, + incompat_ids, + ) + + return ( + c + for c in explicit_candidates + if id(c) not in incompat_ids + and constraint.is_satisfied_by(c) + and all(req.is_satisfied_by(c) for req in requirements[identifier]) + ) + + def _make_requirement_from_install_req( + self, ireq: InstallRequirement, requested_extras: Iterable[str] + ) -> Optional[Requirement]: + if not ireq.match_markers(requested_extras): + logger.info( + "Ignoring %s: markers '%s' don't match your environment", + ireq.name, + ireq.markers, + ) + return None + if not ireq.link: + return SpecifierRequirement(ireq) + self._fail_if_link_is_unsupported_wheel(ireq.link) + cand = self._make_candidate_from_link( + ireq.link, + extras=frozenset(ireq.extras), + template=ireq, + name=canonicalize_name(ireq.name) if ireq.name else None, + version=None, + ) + if cand is None: + # There's no way we can satisfy a URL requirement if the underlying + # candidate fails to build. An unnamed URL must be user-supplied, so + # we fail eagerly. If the URL is named, an unsatisfiable requirement + # can make the resolver do the right thing, either backtrack (and + # maybe find some other requirement that's buildable) or raise a + # ResolutionImpossible eventually. + if not ireq.name: + raise self._build_failures[ireq.link] + return UnsatisfiableRequirement(canonicalize_name(ireq.name)) + return self.make_requirement_from_candidate(cand) + + def collect_root_requirements( + self, root_ireqs: List[InstallRequirement] + ) -> CollectedRootRequirements: + collected = CollectedRootRequirements([], {}, {}) + for i, ireq in enumerate(root_ireqs): + if ireq.constraint: + # Ensure we only accept valid constraints + problem = check_invalid_constraint_type(ireq) + if problem: + raise InstallationError(problem) + if not ireq.match_markers(): + continue + assert ireq.name, "Constraint must be named" + name = canonicalize_name(ireq.name) + if name in collected.constraints: + collected.constraints[name] &= ireq + else: + collected.constraints[name] = Constraint.from_ireq(ireq) + else: + req = self._make_requirement_from_install_req( + ireq, + requested_extras=(), + ) + if req is None: + continue + if ireq.user_supplied and req.name not in collected.user_requested: + collected.user_requested[req.name] = i + collected.requirements.append(req) + return collected + + def make_requirement_from_candidate( + self, candidate: Candidate + ) -> ExplicitRequirement: + return ExplicitRequirement(candidate) + + def make_requirement_from_spec( + self, + specifier: str, + comes_from: InstallRequirement, + requested_extras: Iterable[str] = (), + ) -> Optional[Requirement]: + ireq = self._make_install_req_from_spec(specifier, comes_from) + return self._make_requirement_from_install_req(ireq, requested_extras) + + def make_requires_python_requirement( + self, specifier: Optional[SpecifierSet] + ) -> Optional[Requirement]: + if self._ignore_requires_python or specifier is None: + return None + return RequiresPythonRequirement(specifier, self._python_candidate) + + def get_wheel_cache_entry( + self, link: Link, name: Optional[str] + ) -> Optional[CacheEntry]: + """Look up the link in the wheel cache. + + If ``preparer.require_hashes`` is True, don't use the wheel cache, + because cached wheels, always built locally, have different hashes + than the files downloaded from the index server and thus throw false + hash mismatches. Furthermore, cached wheels at present have + nondeterministic contents due to file modification times. + """ + if self._wheel_cache is None or self.preparer.require_hashes: + return None + return self._wheel_cache.get_cache_entry( + link=link, + package_name=name, + supported_tags=get_supported(), + ) + + def get_dist_to_uninstall(self, candidate: Candidate) -> Optional[BaseDistribution]: + # TODO: Are there more cases this needs to return True? Editable? + dist = self._installed_dists.get(candidate.project_name) + if dist is None: # Not installed, no uninstallation required. + return None + + # We're installing into global site. The current installation must + # be uninstalled, no matter it's in global or user site, because the + # user site installation has precedence over global. + if not self._use_user_site: + return dist + + # We're installing into user site. Remove the user site installation. + if dist.in_usersite: + return dist + + # We're installing into user site, but the installed incompatible + # package is in global site. We can't uninstall that, and would let + # the new user installation to "shadow" it. But shadowing won't work + # in virtual environments, so we error out. + if running_under_virtualenv() and dist.in_site_packages: + message = ( + f"Will not install to the user site because it will lack " + f"sys.path precedence to {dist.raw_name} in {dist.location}" + ) + raise InstallationError(message) + return None + + def _report_requires_python_error( + self, causes: Sequence["ConflictCause"] + ) -> UnsupportedPythonVersion: + assert causes, "Requires-Python error reported with no cause" + + version = self._python_candidate.version + + if len(causes) == 1: + specifier = str(causes[0].requirement.specifier) + message = ( + f"Package {causes[0].parent.name!r} requires a different " + f"Python: {version} not in {specifier!r}" + ) + return UnsupportedPythonVersion(message) + + message = f"Packages require a different Python. {version} not in:" + for cause in causes: + package = cause.parent.format_for_error() + specifier = str(cause.requirement.specifier) + message += f"\n{specifier!r} (required by {package})" + return UnsupportedPythonVersion(message) + + def _report_single_requirement_conflict( + self, req: Requirement, parent: Optional[Candidate] + ) -> DistributionNotFound: + if parent is None: + req_disp = str(req) + else: + req_disp = f"{req} (from {parent.name})" + + cands = self._finder.find_all_candidates(req.project_name) + versions = [str(v) for v in sorted({c.version for c in cands})] + + logger.critical( + "Could not find a version that satisfies the requirement %s " + "(from versions: %s)", + req_disp, + ", ".join(versions) or "none", + ) + if str(req) == "requirements.txt": + logger.info( + "HINT: You are attempting to install a package literally " + 'named "requirements.txt" (which cannot exist). Consider ' + "using the '-r' flag to install the packages listed in " + "requirements.txt" + ) + + return DistributionNotFound(f"No matching distribution found for {req}") + + def get_installation_error( + self, + e: "ResolutionImpossible[Requirement, Candidate]", + constraints: Dict[str, Constraint], + ) -> InstallationError: + + assert e.causes, "Installation error reported with no cause" + + # If one of the things we can't solve is "we need Python X.Y", + # that is what we report. + requires_python_causes = [ + cause + for cause in e.causes + if isinstance(cause.requirement, RequiresPythonRequirement) + and not cause.requirement.is_satisfied_by(self._python_candidate) + ] + if requires_python_causes: + # The comprehension above makes sure all Requirement instances are + # RequiresPythonRequirement, so let's cast for convinience. + return self._report_requires_python_error( + cast("Sequence[ConflictCause]", requires_python_causes), + ) + + # Otherwise, we have a set of causes which can't all be satisfied + # at once. + + # The simplest case is when we have *one* cause that can't be + # satisfied. We just report that case. + if len(e.causes) == 1: + req, parent = e.causes[0] + if req.name not in constraints: + return self._report_single_requirement_conflict(req, parent) + + # OK, we now have a list of requirements that can't all be + # satisfied at once. + + # A couple of formatting helpers + def text_join(parts: List[str]) -> str: + if len(parts) == 1: + return parts[0] + + return ", ".join(parts[:-1]) + " and " + parts[-1] + + def describe_trigger(parent: Candidate) -> str: + ireq = parent.get_install_requirement() + if not ireq or not ireq.comes_from: + return f"{parent.name}=={parent.version}" + if isinstance(ireq.comes_from, InstallRequirement): + return str(ireq.comes_from.name) + return str(ireq.comes_from) + + triggers = set() + for req, parent in e.causes: + if parent is None: + # This is a root requirement, so we can report it directly + trigger = req.format_for_error() + else: + trigger = describe_trigger(parent) + triggers.add(trigger) + + if triggers: + info = text_join(sorted(triggers)) + else: + info = "the requested packages" + + msg = ( + "Cannot install {} because these package versions " + "have conflicting dependencies.".format(info) + ) + logger.critical(msg) + msg = "\nThe conflict is caused by:" + + relevant_constraints = set() + for req, parent in e.causes: + if req.name in constraints: + relevant_constraints.add(req.name) + msg = msg + "\n " + if parent: + msg = msg + f"{parent.name} {parent.version} depends on " + else: + msg = msg + "The user requested " + msg = msg + req.format_for_error() + for key in relevant_constraints: + spec = constraints[key].specifier + msg += f"\n The user requested (constraint) {key}{spec}" + + msg = ( + msg + + "\n\n" + + "To fix this you could try to:\n" + + "1. loosen the range of package versions you've specified\n" + + "2. remove package versions to allow pip attempt to solve " + + "the dependency conflict\n" + ) + + logger.info(msg) + + return DistributionNotFound( + "ResolutionImpossible: for help visit " + "https://pip.pypa.io/en/latest/user_guide/" + "#fixing-conflicting-dependencies" + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/found_candidates.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/found_candidates.py new file mode 100644 index 000000000..d2fa5ef55 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/found_candidates.py @@ -0,0 +1,142 @@ +"""Utilities to lazily create and visit candidates found. + +Creating and visiting a candidate is a *very* costly operation. It involves +fetching, extracting, potentially building modules from source, and verifying +distribution metadata. It is therefore crucial for performance to keep +everything here lazy all the way down, so we only touch candidates that we +absolutely need, and not "download the world" when we only need one version of +something. +""" + +import functools +from typing import Callable, Iterator, Optional, Set, Tuple + +from pip._vendor.packaging.version import _BaseVersion +from pip._vendor.six.moves import collections_abc # type: ignore + +from .base import Candidate + +IndexCandidateInfo = Tuple[_BaseVersion, Callable[[], Optional[Candidate]]] + + +def _iter_built(infos: Iterator[IndexCandidateInfo]) -> Iterator[Candidate]: + """Iterator for ``FoundCandidates``. + + This iterator is used when the package is not already installed. Candidates + from index come later in their normal ordering. + """ + versions_found: Set[_BaseVersion] = set() + for version, func in infos: + if version in versions_found: + continue + candidate = func() + if candidate is None: + continue + yield candidate + versions_found.add(version) + + +def _iter_built_with_prepended( + installed: Candidate, infos: Iterator[IndexCandidateInfo] +) -> Iterator[Candidate]: + """Iterator for ``FoundCandidates``. + + This iterator is used when the resolver prefers the already-installed + candidate and NOT to upgrade. The installed candidate is therefore + always yielded first, and candidates from index come later in their + normal ordering, except skipped when the version is already installed. + """ + yield installed + versions_found: Set[_BaseVersion] = {installed.version} + for version, func in infos: + if version in versions_found: + continue + candidate = func() + if candidate is None: + continue + yield candidate + versions_found.add(version) + + +def _iter_built_with_inserted( + installed: Candidate, infos: Iterator[IndexCandidateInfo] +) -> Iterator[Candidate]: + """Iterator for ``FoundCandidates``. + + This iterator is used when the resolver prefers to upgrade an + already-installed package. Candidates from index are returned in their + normal ordering, except replaced when the version is already installed. + + The implementation iterates through and yields other candidates, inserting + the installed candidate exactly once before we start yielding older or + equivalent candidates, or after all other candidates if they are all newer. + """ + versions_found: Set[_BaseVersion] = set() + for version, func in infos: + if version in versions_found: + continue + # If the installed candidate is better, yield it first. + if installed.version >= version: + yield installed + versions_found.add(installed.version) + candidate = func() + if candidate is None: + continue + yield candidate + versions_found.add(version) + + # If the installed candidate is older than all other candidates. + if installed.version not in versions_found: + yield installed + + +class FoundCandidates(collections_abc.Sequence): + """A lazy sequence to provide candidates to the resolver. + + The intended usage is to return this from `find_matches()` so the resolver + can iterate through the sequence multiple times, but only access the index + page when remote packages are actually needed. This improve performances + when suitable candidates are already installed on disk. + """ + + def __init__( + self, + get_infos: Callable[[], Iterator[IndexCandidateInfo]], + installed: Optional[Candidate], + prefers_installed: bool, + incompatible_ids: Set[int], + ): + self._get_infos = get_infos + self._installed = installed + self._prefers_installed = prefers_installed + self._incompatible_ids = incompatible_ids + + def __getitem__(self, index: int) -> Candidate: + # Implemented to satisfy the ABC check. This is not needed by the + # resolver, and should not be used by the provider either (for + # performance reasons). + raise NotImplementedError("don't do this") + + def __iter__(self) -> Iterator[Candidate]: + infos = self._get_infos() + if not self._installed: + iterator = _iter_built(infos) + elif self._prefers_installed: + iterator = _iter_built_with_prepended(self._installed, infos) + else: + iterator = _iter_built_with_inserted(self._installed, infos) + return (c for c in iterator if id(c) not in self._incompatible_ids) + + def __len__(self) -> int: + # Implemented to satisfy the ABC check. This is not needed by the + # resolver, and should not be used by the provider either (for + # performance reasons). + raise NotImplementedError("don't do this") + + @functools.lru_cache(maxsize=1) + def __bool__(self) -> bool: + if self._prefers_installed and self._installed: + return True + return any(self) + + __nonzero__ = __bool__ # XXX: Python 2. diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/provider.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/provider.py new file mode 100644 index 000000000..632854d3b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/provider.py @@ -0,0 +1,197 @@ +import collections +import math +from typing import TYPE_CHECKING, Dict, Iterable, Iterator, Mapping, Sequence, Union + +from pip._vendor.resolvelib.providers import AbstractProvider + +from .base import Candidate, Constraint, Requirement +from .candidates import REQUIRES_PYTHON_IDENTIFIER +from .factory import Factory + +if TYPE_CHECKING: + from pip._vendor.resolvelib.providers import Preference + from pip._vendor.resolvelib.resolvers import RequirementInformation + + PreferenceInformation = RequirementInformation[Requirement, Candidate] + + _ProviderBase = AbstractProvider[Requirement, Candidate, str] +else: + _ProviderBase = AbstractProvider + +# Notes on the relationship between the provider, the factory, and the +# candidate and requirement classes. +# +# The provider is a direct implementation of the resolvelib class. Its role +# is to deliver the API that resolvelib expects. +# +# Rather than work with completely abstract "requirement" and "candidate" +# concepts as resolvelib does, pip has concrete classes implementing these two +# ideas. The API of Requirement and Candidate objects are defined in the base +# classes, but essentially map fairly directly to the equivalent provider +# methods. In particular, `find_matches` and `is_satisfied_by` are +# requirement methods, and `get_dependencies` is a candidate method. +# +# The factory is the interface to pip's internal mechanisms. It is stateless, +# and is created by the resolver and held as a property of the provider. It is +# responsible for creating Requirement and Candidate objects, and provides +# services to those objects (access to pip's finder and preparer). + + +class PipProvider(_ProviderBase): + """Pip's provider implementation for resolvelib. + + :params constraints: A mapping of constraints specified by the user. Keys + are canonicalized project names. + :params ignore_dependencies: Whether the user specified ``--no-deps``. + :params upgrade_strategy: The user-specified upgrade strategy. + :params user_requested: A set of canonicalized package names that the user + supplied for pip to install/upgrade. + """ + + def __init__( + self, + factory: Factory, + constraints: Dict[str, Constraint], + ignore_dependencies: bool, + upgrade_strategy: str, + user_requested: Dict[str, int], + ) -> None: + self._factory = factory + self._constraints = constraints + self._ignore_dependencies = ignore_dependencies + self._upgrade_strategy = upgrade_strategy + self._user_requested = user_requested + self._known_depths: Dict[str, float] = collections.defaultdict(lambda: math.inf) + + def identify(self, requirement_or_candidate: Union[Requirement, Candidate]) -> str: + return requirement_or_candidate.name + + def get_preference( + self, + identifier: str, + resolutions: Mapping[str, Candidate], + candidates: Mapping[str, Iterator[Candidate]], + information: Mapping[str, Iterator["PreferenceInformation"]], + ) -> "Preference": + """Produce a sort key for given requirement based on preference. + + The lower the return value is, the more preferred this group of + arguments is. + + Currently pip considers the followings in order: + + * Prefer if any of the known requirements is "direct", e.g. points to an + explicit URL. + * If equal, prefer if any requirement is "pinned", i.e. contains + operator ``===`` or ``==``. + * If equal, calculate an approximate "depth" and resolve requirements + closer to the user-specified requirements first. + * Order user-specified requirements by the order they are specified. + * If equal, prefers "non-free" requirements, i.e. contains at least one + operator, such as ``>=`` or ``<``. + * If equal, order alphabetically for consistency (helps debuggability). + """ + lookups = (r.get_candidate_lookup() for r, _ in information[identifier]) + candidate, ireqs = zip(*lookups) + operators = [ + specifier.operator + for specifier_set in (ireq.specifier for ireq in ireqs if ireq) + for specifier in specifier_set + ] + + direct = candidate is not None + pinned = any(op[:2] == "==" for op in operators) + unfree = bool(operators) + + try: + requested_order: Union[int, float] = self._user_requested[identifier] + except KeyError: + requested_order = math.inf + parent_depths = ( + self._known_depths[parent.name] if parent is not None else 0.0 + for _, parent in information[identifier] + ) + inferred_depth = min(d for d in parent_depths) + 1.0 + self._known_depths[identifier] = inferred_depth + else: + inferred_depth = 1.0 + + requested_order = self._user_requested.get(identifier, math.inf) + + # Requires-Python has only one candidate and the check is basically + # free, so we always do it first to avoid needless work if it fails. + requires_python = identifier == REQUIRES_PYTHON_IDENTIFIER + + # HACK: Setuptools have a very long and solid backward compatibility + # track record, and extremely few projects would request a narrow, + # non-recent version range of it since that would break a lot things. + # (Most projects specify it only to request for an installer feature, + # which does not work, but that's another topic.) Intentionally + # delaying Setuptools helps reduce branches the resolver has to check. + # This serves as a temporary fix for issues like "apache-airlfow[all]" + # while we work on "proper" branch pruning techniques. + delay_this = identifier == "setuptools" + + return ( + not requires_python, + delay_this, + not direct, + not pinned, + inferred_depth, + requested_order, + not unfree, + identifier, + ) + + def _get_constraint(self, identifier: str) -> Constraint: + if identifier in self._constraints: + return self._constraints[identifier] + + # HACK: Theoratically we should check whether this identifier is a valid + # "NAME[EXTRAS]" format, and parse out the name part with packaging or + # some regular expression. But since pip's resolver only spits out + # three kinds of identifiers: normalized PEP 503 names, normalized names + # plus extras, and Requires-Python, we can cheat a bit here. + name, open_bracket, _ = identifier.partition("[") + if open_bracket and name in self._constraints: + return self._constraints[name] + + return Constraint.empty() + + def find_matches( + self, + identifier: str, + requirements: Mapping[str, Iterator[Requirement]], + incompatibilities: Mapping[str, Iterator[Candidate]], + ) -> Iterable[Candidate]: + def _eligible_for_upgrade(name: str) -> bool: + """Are upgrades allowed for this project? + + This checks the upgrade strategy, and whether the project was one + that the user specified in the command line, in order to decide + whether we should upgrade if there's a newer version available. + + (Note that we don't need access to the `--upgrade` flag, because + an upgrade strategy of "to-satisfy-only" means that `--upgrade` + was not specified). + """ + if self._upgrade_strategy == "eager": + return True + elif self._upgrade_strategy == "only-if-needed": + return name in self._user_requested + return False + + return self._factory.find_candidates( + identifier=identifier, + requirements=requirements, + constraint=self._get_constraint(identifier), + prefers_installed=(not _eligible_for_upgrade(identifier)), + incompatibilities=incompatibilities, + ) + + def is_satisfied_by(self, requirement: Requirement, candidate: Candidate) -> bool: + return requirement.is_satisfied_by(candidate) + + def get_dependencies(self, candidate: Candidate) -> Sequence[Requirement]: + with_requires = not self._ignore_dependencies + return [r for r in candidate.iter_dependencies(with_requires) if r is not None] diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/reporter.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/reporter.py new file mode 100644 index 000000000..7cf88ba11 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/reporter.py @@ -0,0 +1,69 @@ +from collections import defaultdict +from logging import getLogger +from typing import Any, DefaultDict + +from pip._vendor.resolvelib.reporters import BaseReporter + +from .base import Candidate, Requirement + +logger = getLogger(__name__) + + +class PipReporter(BaseReporter): + def __init__(self) -> None: + self.backtracks_by_package: DefaultDict[str, int] = defaultdict(int) + + self._messages_at_backtrack = { + 1: ( + "pip is looking at multiple versions of {package_name} to " + "determine which version is compatible with other " + "requirements. This could take a while." + ), + 8: ( + "pip is looking at multiple versions of {package_name} to " + "determine which version is compatible with other " + "requirements. This could take a while." + ), + 13: ( + "This is taking longer than usual. You might need to provide " + "the dependency resolver with stricter constraints to reduce " + "runtime. If you want to abort this run, you can press " + "Ctrl + C to do so. To improve how pip performs, tell us what " + "happened here: https://pip.pypa.io/surveys/backtracking" + ), + } + + def backtracking(self, candidate: Candidate) -> None: + self.backtracks_by_package[candidate.name] += 1 + + count = self.backtracks_by_package[candidate.name] + if count not in self._messages_at_backtrack: + return + + message = self._messages_at_backtrack[count] + logger.info("INFO: %s", message.format(package_name=candidate.name)) + + +class PipDebuggingReporter(BaseReporter): + """A reporter that does an info log for every event it sees.""" + + def starting(self) -> None: + logger.info("Reporter.starting()") + + def starting_round(self, index: int) -> None: + logger.info("Reporter.starting_round(%r)", index) + + def ending_round(self, index: int, state: Any) -> None: + logger.info("Reporter.ending_round(%r, state)", index) + + def ending(self, state: Any) -> None: + logger.info("Reporter.ending(%r)", state) + + def adding_requirement(self, requirement: Requirement, parent: Candidate) -> None: + logger.info("Reporter.adding_requirement(%r, %r)", requirement, parent) + + def backtracking(self, candidate: Candidate) -> None: + logger.info("Reporter.backtracking(%r)", candidate) + + def pinning(self, candidate: Candidate) -> None: + logger.info("Reporter.pinning(%r)", candidate) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/requirements.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/requirements.py new file mode 100644 index 000000000..c19f83c17 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/requirements.py @@ -0,0 +1,166 @@ +from pip._vendor.packaging.specifiers import SpecifierSet +from pip._vendor.packaging.utils import NormalizedName, canonicalize_name + +from pip._internal.req.req_install import InstallRequirement + +from .base import Candidate, CandidateLookup, Requirement, format_name + + +class ExplicitRequirement(Requirement): + def __init__(self, candidate: Candidate) -> None: + self.candidate = candidate + + def __str__(self) -> str: + return str(self.candidate) + + def __repr__(self) -> str: + return "{class_name}({candidate!r})".format( + class_name=self.__class__.__name__, + candidate=self.candidate, + ) + + @property + def project_name(self) -> NormalizedName: + # No need to canonicalise - the candidate did this + return self.candidate.project_name + + @property + def name(self) -> str: + # No need to canonicalise - the candidate did this + return self.candidate.name + + def format_for_error(self) -> str: + return self.candidate.format_for_error() + + def get_candidate_lookup(self) -> CandidateLookup: + return self.candidate, None + + def is_satisfied_by(self, candidate: Candidate) -> bool: + return candidate == self.candidate + + +class SpecifierRequirement(Requirement): + def __init__(self, ireq: InstallRequirement) -> None: + assert ireq.link is None, "This is a link, not a specifier" + self._ireq = ireq + self._extras = frozenset(ireq.extras) + + def __str__(self) -> str: + return str(self._ireq.req) + + def __repr__(self) -> str: + return "{class_name}({requirement!r})".format( + class_name=self.__class__.__name__, + requirement=str(self._ireq.req), + ) + + @property + def project_name(self) -> NormalizedName: + assert self._ireq.req, "Specifier-backed ireq is always PEP 508" + return canonicalize_name(self._ireq.req.name) + + @property + def name(self) -> str: + return format_name(self.project_name, self._extras) + + def format_for_error(self) -> str: + + # Convert comma-separated specifiers into "A, B, ..., F and G" + # This makes the specifier a bit more "human readable", without + # risking a change in meaning. (Hopefully! Not all edge cases have + # been checked) + parts = [s.strip() for s in str(self).split(",")] + if len(parts) == 0: + return "" + elif len(parts) == 1: + return parts[0] + + return ", ".join(parts[:-1]) + " and " + parts[-1] + + def get_candidate_lookup(self) -> CandidateLookup: + return None, self._ireq + + def is_satisfied_by(self, candidate: Candidate) -> bool: + assert candidate.name == self.name, ( + f"Internal issue: Candidate is not for this requirement " + f"{candidate.name} vs {self.name}" + ) + # We can safely always allow prereleases here since PackageFinder + # already implements the prerelease logic, and would have filtered out + # prerelease candidates if the user does not expect them. + assert self._ireq.req, "Specifier-backed ireq is always PEP 508" + spec = self._ireq.req.specifier + return spec.contains(candidate.version, prereleases=True) + + +class RequiresPythonRequirement(Requirement): + """A requirement representing Requires-Python metadata.""" + + def __init__(self, specifier: SpecifierSet, match: Candidate) -> None: + self.specifier = specifier + self._candidate = match + + def __str__(self) -> str: + return f"Python {self.specifier}" + + def __repr__(self) -> str: + return "{class_name}({specifier!r})".format( + class_name=self.__class__.__name__, + specifier=str(self.specifier), + ) + + @property + def project_name(self) -> NormalizedName: + return self._candidate.project_name + + @property + def name(self) -> str: + return self._candidate.name + + def format_for_error(self) -> str: + return str(self) + + def get_candidate_lookup(self) -> CandidateLookup: + if self.specifier.contains(self._candidate.version, prereleases=True): + return self._candidate, None + return None, None + + def is_satisfied_by(self, candidate: Candidate) -> bool: + assert candidate.name == self._candidate.name, "Not Python candidate" + # We can safely always allow prereleases here since PackageFinder + # already implements the prerelease logic, and would have filtered out + # prerelease candidates if the user does not expect them. + return self.specifier.contains(candidate.version, prereleases=True) + + +class UnsatisfiableRequirement(Requirement): + """A requirement that cannot be satisfied.""" + + def __init__(self, name: NormalizedName) -> None: + self._name = name + + def __str__(self) -> str: + return f"{self._name} (unavailable)" + + def __repr__(self) -> str: + return "{class_name}({name!r})".format( + class_name=self.__class__.__name__, + name=str(self._name), + ) + + @property + def project_name(self) -> NormalizedName: + return self._name + + @property + def name(self) -> str: + return self._name + + def format_for_error(self) -> str: + return str(self) + + def get_candidate_lookup(self) -> CandidateLookup: + return None, None + + def is_satisfied_by(self, candidate: Candidate) -> bool: + return False diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/resolver.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/resolver.py new file mode 100644 index 000000000..f89afaf43 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/resolution/resolvelib/resolver.py @@ -0,0 +1,272 @@ +import functools +import logging +import os +from typing import TYPE_CHECKING, Dict, List, Optional, Set, Tuple, cast + +from pip._vendor.packaging.utils import canonicalize_name +from pip._vendor.resolvelib import BaseReporter, ResolutionImpossible +from pip._vendor.resolvelib import Resolver as RLResolver +from pip._vendor.resolvelib.structs import DirectedGraph + +from pip._internal.cache import WheelCache +from pip._internal.index.package_finder import PackageFinder +from pip._internal.operations.prepare import RequirementPreparer +from pip._internal.req.req_install import InstallRequirement +from pip._internal.req.req_set import RequirementSet +from pip._internal.resolution.base import BaseResolver, InstallRequirementProvider +from pip._internal.resolution.resolvelib.provider import PipProvider +from pip._internal.resolution.resolvelib.reporter import ( + PipDebuggingReporter, + PipReporter, +) +from pip._internal.utils.deprecation import deprecated +from pip._internal.utils.filetypes import is_archive_file + +from .base import Candidate, Requirement +from .factory import Factory + +if TYPE_CHECKING: + from pip._vendor.resolvelib.resolvers import Result as RLResult + + Result = RLResult[Requirement, Candidate, str] + + +logger = logging.getLogger(__name__) + + +class Resolver(BaseResolver): + _allowed_strategies = {"eager", "only-if-needed", "to-satisfy-only"} + + def __init__( + self, + preparer: RequirementPreparer, + finder: PackageFinder, + wheel_cache: Optional[WheelCache], + make_install_req: InstallRequirementProvider, + use_user_site: bool, + ignore_dependencies: bool, + ignore_installed: bool, + ignore_requires_python: bool, + force_reinstall: bool, + upgrade_strategy: str, + py_version_info: Optional[Tuple[int, ...]] = None, + ): + super().__init__() + assert upgrade_strategy in self._allowed_strategies + + self.factory = Factory( + finder=finder, + preparer=preparer, + make_install_req=make_install_req, + wheel_cache=wheel_cache, + use_user_site=use_user_site, + force_reinstall=force_reinstall, + ignore_installed=ignore_installed, + ignore_requires_python=ignore_requires_python, + py_version_info=py_version_info, + ) + self.ignore_dependencies = ignore_dependencies + self.upgrade_strategy = upgrade_strategy + self._result: Optional[Result] = None + + def resolve( + self, root_reqs: List[InstallRequirement], check_supported_wheels: bool + ) -> RequirementSet: + collected = self.factory.collect_root_requirements(root_reqs) + provider = PipProvider( + factory=self.factory, + constraints=collected.constraints, + ignore_dependencies=self.ignore_dependencies, + upgrade_strategy=self.upgrade_strategy, + user_requested=collected.user_requested, + ) + if "PIP_RESOLVER_DEBUG" in os.environ: + reporter: BaseReporter = PipDebuggingReporter() + else: + reporter = PipReporter() + resolver: RLResolver[Requirement, Candidate, str] = RLResolver( + provider, + reporter, + ) + + try: + try_to_avoid_resolution_too_deep = 2000000 + result = self._result = resolver.resolve( + collected.requirements, max_rounds=try_to_avoid_resolution_too_deep + ) + + except ResolutionImpossible as e: + error = self.factory.get_installation_error( + cast("ResolutionImpossible[Requirement, Candidate]", e), + collected.constraints, + ) + raise error from e + + req_set = RequirementSet(check_supported_wheels=check_supported_wheels) + for candidate in result.mapping.values(): + ireq = candidate.get_install_requirement() + if ireq is None: + continue + + # Check if there is already an installation under the same name, + # and set a flag for later stages to uninstall it, if needed. + installed_dist = self.factory.get_dist_to_uninstall(candidate) + if installed_dist is None: + # There is no existing installation -- nothing to uninstall. + ireq.should_reinstall = False + elif self.factory.force_reinstall: + # The --force-reinstall flag is set -- reinstall. + ireq.should_reinstall = True + elif installed_dist.version != candidate.version: + # The installation is different in version -- reinstall. + ireq.should_reinstall = True + elif candidate.is_editable or installed_dist.editable: + # The incoming distribution is editable, or different in + # editable-ness to installation -- reinstall. + ireq.should_reinstall = True + elif candidate.source_link and candidate.source_link.is_file: + # The incoming distribution is under file:// + if candidate.source_link.is_wheel: + # is a local wheel -- do nothing. + logger.info( + "%s is already installed with the same version as the " + "provided wheel. Use --force-reinstall to force an " + "installation of the wheel.", + ireq.name, + ) + continue + + looks_like_sdist = ( + is_archive_file(candidate.source_link.file_path) + and candidate.source_link.ext != ".zip" + ) + if looks_like_sdist: + # is a local sdist -- show a deprecation warning! + reason = ( + "Source distribution is being reinstalled despite an " + "installed package having the same name and version as " + "the installed package." + ) + replacement = "use --force-reinstall" + deprecated( + reason=reason, + replacement=replacement, + gone_in="21.3", + issue=8711, + ) + + # is a local sdist or path -- reinstall + ireq.should_reinstall = True + else: + continue + + link = candidate.source_link + if link and link.is_yanked: + # The reason can contain non-ASCII characters, Unicode + # is required for Python 2. + msg = ( + "The candidate selected for download or install is a " + "yanked version: {name!r} candidate (version {version} " + "at {link})\nReason for being yanked: {reason}" + ).format( + name=candidate.name, + version=candidate.version, + link=link, + reason=link.yanked_reason or "", + ) + logger.warning(msg) + + req_set.add_named_requirement(ireq) + + reqs = req_set.all_requirements + self.factory.preparer.prepare_linked_requirements_more(reqs) + return req_set + + def get_installation_order( + self, req_set: RequirementSet + ) -> List[InstallRequirement]: + """Get order for installation of requirements in RequirementSet. + + The returned list contains a requirement before another that depends on + it. This helps ensure that the environment is kept consistent as they + get installed one-by-one. + + The current implementation creates a topological ordering of the + dependency graph, while breaking any cycles in the graph at arbitrary + points. We make no guarantees about where the cycle would be broken, + other than they would be broken. + """ + assert self._result is not None, "must call resolve() first" + + graph = self._result.graph + weights = get_topological_weights( + graph, + expected_node_count=len(self._result.mapping) + 1, + ) + + sorted_items = sorted( + req_set.requirements.items(), + key=functools.partial(_req_set_item_sorter, weights=weights), + reverse=True, + ) + return [ireq for _, ireq in sorted_items] + + +def get_topological_weights( + graph: "DirectedGraph[Optional[str]]", expected_node_count: int +) -> Dict[Optional[str], int]: + """Assign weights to each node based on how "deep" they are. + + This implementation may change at any point in the future without prior + notice. + + We take the length for the longest path to any node from root, ignoring any + paths that contain a single node twice (i.e. cycles). This is done through + a depth-first search through the graph, while keeping track of the path to + the node. + + Cycles in the graph result would result in node being revisited while also + being it's own path. In this case, take no action. This helps ensure we + don't get stuck in a cycle. + + When assigning weight, the longer path (i.e. larger length) is preferred. + """ + path: Set[Optional[str]] = set() + weights: Dict[Optional[str], int] = {} + + def visit(node: Optional[str]) -> None: + if node in path: + # We hit a cycle, so we'll break it here. + return + + # Time to visit the children! + path.add(node) + for child in graph.iter_children(node): + visit(child) + path.remove(node) + + last_known_parent_count = weights.get(node, 0) + weights[node] = max(last_known_parent_count, len(path)) + + # `None` is guaranteed to be the root node by resolvelib. + visit(None) + + # Sanity checks + assert weights[None] == 0 + assert len(weights) == expected_node_count + + return weights + + +def _req_set_item_sorter( + item: Tuple[str, InstallRequirement], + weights: Dict[Optional[str], int], +) -> Tuple[int, str]: + """Key function used to sort install requirements for installation. + + Based on the "weight" mapping calculated in ``get_installation_order()``. + The canonical package name is returned as the second member as a tie- + breaker to ensure the result is predictable, which is useful in tests. + """ + name = canonicalize_name(item[0]) + return weights[name], name diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/self_outdated_check.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/self_outdated_check.py new file mode 100644 index 000000000..6b24965b8 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/self_outdated_check.py @@ -0,0 +1,187 @@ +import datetime +import hashlib +import json +import logging +import optparse +import os.path +import sys +from typing import Any, Dict + +from pip._vendor.packaging.version import parse as parse_version + +from pip._internal.index.collector import LinkCollector +from pip._internal.index.package_finder import PackageFinder +from pip._internal.metadata import get_default_environment +from pip._internal.models.selection_prefs import SelectionPreferences +from pip._internal.network.session import PipSession +from pip._internal.utils.filesystem import adjacent_tmp_file, check_path_owner, replace +from pip._internal.utils.misc import ensure_dir + +SELFCHECK_DATE_FMT = "%Y-%m-%dT%H:%M:%SZ" + + +logger = logging.getLogger(__name__) + + +def _get_statefile_name(key): + # type: (str) -> str + key_bytes = key.encode() + name = hashlib.sha224(key_bytes).hexdigest() + return name + + +class SelfCheckState: + def __init__(self, cache_dir): + # type: (str) -> None + self.state = {} # type: Dict[str, Any] + self.statefile_path = None + + # Try to load the existing state + if cache_dir: + self.statefile_path = os.path.join( + cache_dir, "selfcheck", _get_statefile_name(self.key) + ) + try: + with open(self.statefile_path, encoding="utf-8") as statefile: + self.state = json.load(statefile) + except (OSError, ValueError, KeyError): + # Explicitly suppressing exceptions, since we don't want to + # error out if the cache file is invalid. + pass + + @property + def key(self): + # type: () -> str + return sys.prefix + + def save(self, pypi_version, current_time): + # type: (str, datetime.datetime) -> None + # If we do not have a path to cache in, don't bother saving. + if not self.statefile_path: + return + + # Check to make sure that we own the directory + if not check_path_owner(os.path.dirname(self.statefile_path)): + return + + # Now that we've ensured the directory is owned by this user, we'll go + # ahead and make sure that all our directories are created. + ensure_dir(os.path.dirname(self.statefile_path)) + + state = { + # Include the key so it's easy to tell which pip wrote the + # file. + "key": self.key, + "last_check": current_time.strftime(SELFCHECK_DATE_FMT), + "pypi_version": pypi_version, + } + + text = json.dumps(state, sort_keys=True, separators=(",", ":")) + + with adjacent_tmp_file(self.statefile_path) as f: + f.write(text.encode()) + + try: + # Since we have a prefix-specific state file, we can just + # overwrite whatever is there, no need to check. + replace(f.name, self.statefile_path) + except OSError: + # Best effort. + pass + + +def was_installed_by_pip(pkg): + # type: (str) -> bool + """Checks whether pkg was installed by pip + + This is used not to display the upgrade message when pip is in fact + installed by system package manager, such as dnf on Fedora. + """ + dist = get_default_environment().get_distribution(pkg) + return dist is not None and "pip" == dist.installer + + +def pip_self_version_check(session, options): + # type: (PipSession, optparse.Values) -> None + """Check for an update for pip. + + Limit the frequency of checks to once per week. State is stored either in + the active virtualenv or in the user's USER_CACHE_DIR keyed off the prefix + of the pip script path. + """ + installed_dist = get_default_environment().get_distribution("pip") + if not installed_dist: + return + + pip_version = installed_dist.version + pypi_version = None + + try: + state = SelfCheckState(cache_dir=options.cache_dir) + + current_time = datetime.datetime.utcnow() + # Determine if we need to refresh the state + if "last_check" in state.state and "pypi_version" in state.state: + last_check = datetime.datetime.strptime( + state.state["last_check"], + SELFCHECK_DATE_FMT + ) + if (current_time - last_check).total_seconds() < 7 * 24 * 60 * 60: + pypi_version = state.state["pypi_version"] + + # Refresh the version if we need to or just see if we need to warn + if pypi_version is None: + # Lets use PackageFinder to see what the latest pip version is + link_collector = LinkCollector.create( + session, + options=options, + suppress_no_index=True, + ) + + # Pass allow_yanked=False so we don't suggest upgrading to a + # yanked version. + selection_prefs = SelectionPreferences( + allow_yanked=False, + allow_all_prereleases=False, # Explicitly set to False + ) + + finder = PackageFinder.create( + link_collector=link_collector, + selection_prefs=selection_prefs, + ) + best_candidate = finder.find_best_candidate("pip").best_candidate + if best_candidate is None: + return + pypi_version = str(best_candidate.version) + + # save that we've performed a check + state.save(pypi_version, current_time) + + remote_version = parse_version(pypi_version) + + local_version_is_older = ( + pip_version < remote_version and + pip_version.base_version != remote_version.base_version and + was_installed_by_pip('pip') + ) + + # Determine if our pypi_version is older + if not local_version_is_older: + return + + # We cannot tell how the current pip is available in the current + # command context, so be pragmatic here and suggest the command + # that's always available. This does not accommodate spaces in + # `sys.executable`. + pip_cmd = f"{sys.executable} -m pip" + logger.warning( + "You are using pip version %s; however, version %s is " + "available.\nYou should consider upgrading via the " + "'%s install --upgrade pip' command.", + pip_version, pypi_version, pip_cmd + ) + except Exception: + logger.debug( + "There was an error checking the latest version of pip", + exc_info=True, + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/_log.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/_log.py new file mode 100644 index 000000000..92c4c6a19 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/_log.py @@ -0,0 +1,38 @@ +"""Customize logging + +Defines custom logger class for the `logger.verbose(...)` method. + +init_logging() must be called before any other modules that call logging.getLogger. +""" + +import logging +from typing import Any, cast + +# custom log level for `--verbose` output +# between DEBUG and INFO +VERBOSE = 15 + + +class VerboseLogger(logging.Logger): + """Custom Logger, defining a verbose log-level + + VERBOSE is between INFO and DEBUG. + """ + + def verbose(self, msg: str, *args: Any, **kwargs: Any) -> None: + return self.log(VERBOSE, msg, *args, **kwargs) + + +def getLogger(name: str) -> VerboseLogger: + """logging.getLogger, but ensures our VerboseLogger class is returned""" + return cast(VerboseLogger, logging.getLogger(name)) + + +def init_logging() -> None: + """Register our VerboseLogger and VERBOSE log level. + + Should be called before any calls to getLogger(), + i.e. in pip._internal.__init__ + """ + logging.setLoggerClass(VerboseLogger) + logging.addLevelName(VERBOSE, "VERBOSE") diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/appdirs.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/appdirs.py new file mode 100644 index 000000000..a8403b7de --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/appdirs.py @@ -0,0 +1,35 @@ +""" +This code wraps the vendored appdirs module to so the return values are +compatible for the current pip code base. + +The intention is to rewrite current usages gradually, keeping the tests pass, +and eventually drop this after all usages are changed. +""" + +import os +from typing import List + +from pip._vendor import appdirs as _appdirs + + +def user_cache_dir(appname: str) -> str: + return _appdirs.user_cache_dir(appname, appauthor=False) + + +def user_config_dir(appname: str, roaming: bool = True) -> str: + path = _appdirs.user_config_dir(appname, appauthor=False, roaming=roaming) + if _appdirs.system == "darwin" and not os.path.isdir(path): + path = os.path.expanduser("~/.config/") + if appname: + path = os.path.join(path, appname) + return path + + +# for the discussion regarding site_config_dir locations +# see +def site_config_dirs(appname: str) -> List[str]: + dirval = _appdirs.site_config_dir(appname, appauthor=False, multipath=True) + if _appdirs.system not in ["win32", "darwin"]: + # always look in /etc directly as well + return dirval.split(os.pathsep) + ["/etc"] + return [dirval] diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/compat.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/compat.py new file mode 100644 index 000000000..3f4d300ce --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/compat.py @@ -0,0 +1,63 @@ +"""Stuff that differs in different Python versions and platform +distributions.""" + +import logging +import os +import sys + +__all__ = ["get_path_uid", "stdlib_pkgs", "WINDOWS"] + + +logger = logging.getLogger(__name__) + + +def has_tls() -> bool: + try: + import _ssl # noqa: F401 # ignore unused + + return True + except ImportError: + pass + + from pip._vendor.urllib3.util import IS_PYOPENSSL + + return IS_PYOPENSSL + + +def get_path_uid(path: str) -> int: + """ + Return path's uid. + + Does not follow symlinks: + https://github.com/pypa/pip/pull/935#discussion_r5307003 + + Placed this function in compat due to differences on AIX and + Jython, that should eventually go away. + + :raises OSError: When path is a symlink or can't be read. + """ + if hasattr(os, "O_NOFOLLOW"): + fd = os.open(path, os.O_RDONLY | os.O_NOFOLLOW) + file_uid = os.fstat(fd).st_uid + os.close(fd) + else: # AIX and Jython + # WARNING: time of check vulnerability, but best we can do w/o NOFOLLOW + if not os.path.islink(path): + # older versions of Jython don't have `os.fstat` + file_uid = os.stat(path).st_uid + else: + # raise OSError for parity with os.O_NOFOLLOW above + raise OSError(f"{path} is a symlink; Will not return uid for symlinks") + return file_uid + + +# packages in the stdlib that may have installation metadata, but should not be +# considered 'installed'. this theoretically could be determined based on +# dist.location (py27:`sysconfig.get_paths()['stdlib']`, +# py26:sysconfig.get_config_vars('LIBDEST')), but fear platform variation may +# make this ineffective, so hard-coding +stdlib_pkgs = {"python", "wsgiref", "argparse"} + + +# windows detection, covers cpython and ironpython +WINDOWS = sys.platform.startswith("win") or (sys.platform == "cli" and os.name == "nt") diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/compatibility_tags.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/compatibility_tags.py new file mode 100644 index 000000000..f1c0f0633 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/compatibility_tags.py @@ -0,0 +1,168 @@ +"""Generate and work with PEP 425 Compatibility Tags. +""" + +import re +from typing import TYPE_CHECKING, List, Optional, Tuple + +from pip._vendor.packaging.tags import ( + Tag, + compatible_tags, + cpython_tags, + generic_tags, + interpreter_name, + interpreter_version, + mac_platforms, +) + +if TYPE_CHECKING: + from pip._vendor.packaging.tags import PythonVersion + + +_osx_arch_pat = re.compile(r"(.+)_(\d+)_(\d+)_(.+)") + + +def version_info_to_nodot(version_info: Tuple[int, ...]) -> str: + # Only use up to the first two numbers. + return "".join(map(str, version_info[:2])) + + +def _mac_platforms(arch: str) -> List[str]: + match = _osx_arch_pat.match(arch) + if match: + name, major, minor, actual_arch = match.groups() + mac_version = (int(major), int(minor)) + arches = [ + # Since we have always only checked that the platform starts + # with "macosx", for backwards-compatibility we extract the + # actual prefix provided by the user in case they provided + # something like "macosxcustom_". It may be good to remove + # this as undocumented or deprecate it in the future. + "{}_{}".format(name, arch[len("macosx_") :]) + for arch in mac_platforms(mac_version, actual_arch) + ] + else: + # arch pattern didn't match (?!) + arches = [arch] + return arches + + +def _custom_manylinux_platforms(arch: str) -> List[str]: + arches = [arch] + arch_prefix, arch_sep, arch_suffix = arch.partition("_") + if arch_prefix == "manylinux2014": + # manylinux1/manylinux2010 wheels run on most manylinux2014 systems + # with the exception of wheels depending on ncurses. PEP 599 states + # manylinux1/manylinux2010 wheels should be considered + # manylinux2014 wheels: + # https://www.python.org/dev/peps/pep-0599/#backwards-compatibility-with-manylinux2010-wheels + if arch_suffix in {"i686", "x86_64"}: + arches.append("manylinux2010" + arch_sep + arch_suffix) + arches.append("manylinux1" + arch_sep + arch_suffix) + elif arch_prefix == "manylinux2010": + # manylinux1 wheels run on most manylinux2010 systems with the + # exception of wheels depending on ncurses. PEP 571 states + # manylinux1 wheels should be considered manylinux2010 wheels: + # https://www.python.org/dev/peps/pep-0571/#backwards-compatibility-with-manylinux1-wheels + arches.append("manylinux1" + arch_sep + arch_suffix) + return arches + + +def _get_custom_platforms(arch: str) -> List[str]: + arch_prefix, arch_sep, arch_suffix = arch.partition("_") + if arch.startswith("macosx"): + arches = _mac_platforms(arch) + elif arch_prefix in ["manylinux2014", "manylinux2010"]: + arches = _custom_manylinux_platforms(arch) + else: + arches = [arch] + return arches + + +def _expand_allowed_platforms(platforms: Optional[List[str]]) -> Optional[List[str]]: + if not platforms: + return None + + seen = set() + result = [] + + for p in platforms: + if p in seen: + continue + additions = [c for c in _get_custom_platforms(p) if c not in seen] + seen.update(additions) + result.extend(additions) + + return result + + +def _get_python_version(version: str) -> "PythonVersion": + if len(version) > 1: + return int(version[0]), int(version[1:]) + else: + return (int(version[0]),) + + +def _get_custom_interpreter( + implementation: Optional[str] = None, version: Optional[str] = None +) -> str: + if implementation is None: + implementation = interpreter_name() + if version is None: + version = interpreter_version() + return f"{implementation}{version}" + + +def get_supported( + version: Optional[str] = None, + platforms: Optional[List[str]] = None, + impl: Optional[str] = None, + abis: Optional[List[str]] = None, +) -> List[Tag]: + """Return a list of supported tags for each version specified in + `versions`. + + :param version: a string version, of the form "33" or "32", + or None. The version will be assumed to support our ABI. + :param platform: specify a list of platforms you want valid + tags for, or None. If None, use the local system platform. + :param impl: specify the exact implementation you want valid + tags for, or None. If None, use the local interpreter impl. + :param abis: specify a list of abis you want valid + tags for, or None. If None, use the local interpreter abi. + """ + supported: List[Tag] = [] + + python_version: Optional["PythonVersion"] = None + if version is not None: + python_version = _get_python_version(version) + + interpreter = _get_custom_interpreter(impl, version) + + platforms = _expand_allowed_platforms(platforms) + + is_cpython = (impl or interpreter_name()) == "cp" + if is_cpython: + supported.extend( + cpython_tags( + python_version=python_version, + abis=abis, + platforms=platforms, + ) + ) + else: + supported.extend( + generic_tags( + interpreter=interpreter, + abis=abis, + platforms=platforms, + ) + ) + supported.extend( + compatible_tags( + python_version=python_version, + interpreter=interpreter, + platforms=platforms, + ) + ) + + return supported diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/datetime.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/datetime.py new file mode 100644 index 000000000..8668b3b0e --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/datetime.py @@ -0,0 +1,11 @@ +"""For when pip wants to check the date or time. +""" + +import datetime + + +def today_is_later_than(year: int, month: int, day: int) -> bool: + today = datetime.date.today() + given = datetime.date(year, month, day) + + return today > given diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/deprecation.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/deprecation.py new file mode 100644 index 000000000..57dbdbdca --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/deprecation.py @@ -0,0 +1,104 @@ +""" +A module that implements tooling to enable easy warnings about deprecations. +""" + +import logging +import warnings +from typing import Any, Optional, TextIO, Type, Union + +from pip._vendor.packaging.version import parse + +from pip import __version__ as current_version + +DEPRECATION_MSG_PREFIX = "DEPRECATION: " + + +class PipDeprecationWarning(Warning): + pass + + +_original_showwarning: Any = None + + +# Warnings <-> Logging Integration +def _showwarning( + message: Union[Warning, str], + category: Type[Warning], + filename: str, + lineno: int, + file: Optional[TextIO] = None, + line: Optional[str] = None, +) -> None: + if file is not None: + if _original_showwarning is not None: + _original_showwarning(message, category, filename, lineno, file, line) + elif issubclass(category, PipDeprecationWarning): + # We use a specially named logger which will handle all of the + # deprecation messages for pip. + logger = logging.getLogger("pip._internal.deprecations") + logger.warning(message) + else: + _original_showwarning(message, category, filename, lineno, file, line) + + +def install_warning_logger() -> None: + # Enable our Deprecation Warnings + warnings.simplefilter("default", PipDeprecationWarning, append=True) + + global _original_showwarning + + if _original_showwarning is None: + _original_showwarning = warnings.showwarning + warnings.showwarning = _showwarning + + +def deprecated( + reason: str, + replacement: Optional[str], + gone_in: Optional[str], + issue: Optional[int] = None, +) -> None: + """Helper to deprecate existing functionality. + + reason: + Textual reason shown to the user about why this functionality has + been deprecated. + replacement: + Textual suggestion shown to the user about what alternative + functionality they can use. + gone_in: + The version of pip does this functionality should get removed in. + Raises errors if pip's current version is greater than or equal to + this. + issue: + Issue number on the tracker that would serve as a useful place for + users to find related discussion and provide feedback. + + Always pass replacement, gone_in and issue as keyword arguments for clarity + at the call site. + """ + + # Construct a nice message. + # This is eagerly formatted as we want it to get logged as if someone + # typed this entire message out. + sentences = [ + (reason, DEPRECATION_MSG_PREFIX + "{}"), + (gone_in, "pip {} will remove support for this functionality."), + (replacement, "A possible replacement is {}."), + ( + issue, + ( + "You can find discussion regarding this at " + "https://github.com/pypa/pip/issues/{}." + ), + ), + ] + message = " ".join( + template.format(val) for val, template in sentences if val is not None + ) + + # Raise as an error if it has to be removed. + if gone_in is not None and parse(current_version) >= parse(gone_in): + raise PipDeprecationWarning(message) + + warnings.warn(message, category=PipDeprecationWarning, stacklevel=2) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/direct_url_helpers.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/direct_url_helpers.py new file mode 100644 index 000000000..088e977b5 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/direct_url_helpers.py @@ -0,0 +1,79 @@ +from typing import Optional + +from pip._internal.models.direct_url import ArchiveInfo, DirectUrl, DirInfo, VcsInfo +from pip._internal.models.link import Link +from pip._internal.vcs import vcs + + +def direct_url_as_pep440_direct_reference(direct_url: DirectUrl, name: str) -> str: + """Convert a DirectUrl to a pip requirement string.""" + direct_url.validate() # if invalid, this is a pip bug + requirement = name + " @ " + fragments = [] + if isinstance(direct_url.info, VcsInfo): + requirement += "{}+{}@{}".format( + direct_url.info.vcs, direct_url.url, direct_url.info.commit_id + ) + elif isinstance(direct_url.info, ArchiveInfo): + requirement += direct_url.url + if direct_url.info.hash: + fragments.append(direct_url.info.hash) + else: + assert isinstance(direct_url.info, DirInfo) + requirement += direct_url.url + if direct_url.subdirectory: + fragments.append("subdirectory=" + direct_url.subdirectory) + if fragments: + requirement += "#" + "&".join(fragments) + return requirement + + +def direct_url_from_link( + link: Link, source_dir: Optional[str] = None, link_is_in_wheel_cache: bool = False +) -> DirectUrl: + if link.is_vcs: + vcs_backend = vcs.get_backend_for_scheme(link.scheme) + assert vcs_backend + url, requested_revision, _ = vcs_backend.get_url_rev_and_auth( + link.url_without_fragment + ) + # For VCS links, we need to find out and add commit_id. + if link_is_in_wheel_cache: + # If the requested VCS link corresponds to a cached + # wheel, it means the requested revision was an + # immutable commit hash, otherwise it would not have + # been cached. In that case we don't have a source_dir + # with the VCS checkout. + assert requested_revision + commit_id = requested_revision + else: + # If the wheel was not in cache, it means we have + # had to checkout from VCS to build and we have a source_dir + # which we can inspect to find out the commit id. + assert source_dir + commit_id = vcs_backend.get_revision(source_dir) + return DirectUrl( + url=url, + info=VcsInfo( + vcs=vcs_backend.name, + commit_id=commit_id, + requested_revision=requested_revision, + ), + subdirectory=link.subdirectory_fragment, + ) + elif link.is_existing_dir(): + return DirectUrl( + url=link.url_without_fragment, + info=DirInfo(), + subdirectory=link.subdirectory_fragment, + ) + else: + hash = None + hash_name = link.hash_name + if hash_name: + hash = f"{hash_name}={link.hash}" + return DirectUrl( + url=link.url_without_fragment, + info=ArchiveInfo(hash=hash), + subdirectory=link.subdirectory_fragment, + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/distutils_args.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/distutils_args.py new file mode 100644 index 000000000..e4aa5b827 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/distutils_args.py @@ -0,0 +1,42 @@ +from distutils.errors import DistutilsArgError +from distutils.fancy_getopt import FancyGetopt +from typing import Dict, List + +_options = [ + ("exec-prefix=", None, ""), + ("home=", None, ""), + ("install-base=", None, ""), + ("install-data=", None, ""), + ("install-headers=", None, ""), + ("install-lib=", None, ""), + ("install-platlib=", None, ""), + ("install-purelib=", None, ""), + ("install-scripts=", None, ""), + ("prefix=", None, ""), + ("root=", None, ""), + ("user", None, ""), +] + + +# typeshed doesn't permit Tuple[str, None, str], see python/typeshed#3469. +_distutils_getopt = FancyGetopt(_options) # type: ignore + + +def parse_distutils_args(args: List[str]) -> Dict[str, str]: + """Parse provided arguments, returning an object that has the + matched arguments. + + Any unknown arguments are ignored. + """ + result = {} + for arg in args: + try: + _, match = _distutils_getopt.getopt(args=[arg]) + except DistutilsArgError: + # We don't care about any other options, which here may be + # considered unrecognized since our option list is not + # exhaustive. + pass + else: + result.update(match.__dict__) + return result diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/encoding.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/encoding.py new file mode 100644 index 000000000..1c73f6c9a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/encoding.py @@ -0,0 +1,36 @@ +import codecs +import locale +import re +import sys +from typing import List, Tuple + +BOMS: List[Tuple[bytes, str]] = [ + (codecs.BOM_UTF8, "utf-8"), + (codecs.BOM_UTF16, "utf-16"), + (codecs.BOM_UTF16_BE, "utf-16-be"), + (codecs.BOM_UTF16_LE, "utf-16-le"), + (codecs.BOM_UTF32, "utf-32"), + (codecs.BOM_UTF32_BE, "utf-32-be"), + (codecs.BOM_UTF32_LE, "utf-32-le"), +] + +ENCODING_RE = re.compile(br"coding[:=]\s*([-\w.]+)") + + +def auto_decode(data: bytes) -> str: + """Check a bytes string for a BOM to correctly detect the encoding + + Fallback to locale.getpreferredencoding(False) like open() on Python3""" + for bom, encoding in BOMS: + if data.startswith(bom): + return data[len(bom) :].decode(encoding) + # Lets check the first two lines as in PEP263 + for line in data.split(b"\n")[:2]: + if line[0:1] == b"#" and ENCODING_RE.search(line): + result = ENCODING_RE.search(line) + assert result is not None + encoding = result.groups()[0].decode("ascii") + return data.decode(encoding) + return data.decode( + locale.getpreferredencoding(False) or sys.getdefaultencoding(), + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/entrypoints.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/entrypoints.py new file mode 100644 index 000000000..1504a1291 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/entrypoints.py @@ -0,0 +1,27 @@ +import sys +from typing import List, Optional + +from pip._internal.cli.main import main + + +def _wrapper(args: Optional[List[str]] = None) -> int: + """Central wrapper for all old entrypoints. + + Historically pip has had several entrypoints defined. Because of issues + arising from PATH, sys.path, multiple Pythons, their interactions, and most + of them having a pip installed, users suffer every time an entrypoint gets + moved. + + To alleviate this pain, and provide a mechanism for warning users and + directing them to an appropriate place for help, we now define all of + our old entrypoints as wrappers for the current one. + """ + sys.stderr.write( + "WARNING: pip is being invoked by an old script wrapper. This will " + "fail in a future version of pip.\n" + "Please see https://github.com/pypa/pip/issues/5599 for advice on " + "fixing the underlying issue.\n" + "To avoid this problem you can invoke Python with '-m pip' instead of " + "running pip directly.\n" + ) + return main(args) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/filesystem.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/filesystem.py new file mode 100644 index 000000000..b7e6191ab --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/filesystem.py @@ -0,0 +1,182 @@ +import fnmatch +import os +import os.path +import random +import shutil +import stat +import sys +from contextlib import contextmanager +from tempfile import NamedTemporaryFile +from typing import Any, BinaryIO, Iterator, List, Union, cast + +from pip._vendor.tenacity import retry, stop_after_delay, wait_fixed + +from pip._internal.utils.compat import get_path_uid +from pip._internal.utils.misc import format_size + + +def check_path_owner(path: str) -> bool: + # If we don't have a way to check the effective uid of this process, then + # we'll just assume that we own the directory. + if sys.platform == "win32" or not hasattr(os, "geteuid"): + return True + + assert os.path.isabs(path) + + previous = None + while path != previous: + if os.path.lexists(path): + # Check if path is writable by current user. + if os.geteuid() == 0: + # Special handling for root user in order to handle properly + # cases where users use sudo without -H flag. + try: + path_uid = get_path_uid(path) + except OSError: + return False + return path_uid == 0 + else: + return os.access(path, os.W_OK) + else: + previous, path = path, os.path.dirname(path) + return False # assume we don't own the path + + +def copy2_fixed(src: str, dest: str) -> None: + """Wrap shutil.copy2() but map errors copying socket files to + SpecialFileError as expected. + + See also https://bugs.python.org/issue37700. + """ + try: + shutil.copy2(src, dest) + except OSError: + for f in [src, dest]: + try: + is_socket_file = is_socket(f) + except OSError: + # An error has already occurred. Another error here is not + # a problem and we can ignore it. + pass + else: + if is_socket_file: + raise shutil.SpecialFileError(f"`{f}` is a socket") + + raise + + +def is_socket(path: str) -> bool: + return stat.S_ISSOCK(os.lstat(path).st_mode) + + +@contextmanager +def adjacent_tmp_file(path: str, **kwargs: Any) -> Iterator[BinaryIO]: + """Return a file-like object pointing to a tmp file next to path. + + The file is created securely and is ensured to be written to disk + after the context reaches its end. + + kwargs will be passed to tempfile.NamedTemporaryFile to control + the way the temporary file will be opened. + """ + with NamedTemporaryFile( + delete=False, + dir=os.path.dirname(path), + prefix=os.path.basename(path), + suffix=".tmp", + **kwargs, + ) as f: + result = cast(BinaryIO, f) + try: + yield result + finally: + result.flush() + os.fsync(result.fileno()) + + +# Tenacity raises RetryError by default, explicitly raise the original exception +_replace_retry = retry(reraise=True, stop=stop_after_delay(1), wait=wait_fixed(0.25)) + +replace = _replace_retry(os.replace) + + +# test_writable_dir and _test_writable_dir_win are copied from Flit, +# with the author's agreement to also place them under pip's license. +def test_writable_dir(path: str) -> bool: + """Check if a directory is writable. + + Uses os.access() on POSIX, tries creating files on Windows. + """ + # If the directory doesn't exist, find the closest parent that does. + while not os.path.isdir(path): + parent = os.path.dirname(path) + if parent == path: + break # Should never get here, but infinite loops are bad + path = parent + + if os.name == "posix": + return os.access(path, os.W_OK) + + return _test_writable_dir_win(path) + + +def _test_writable_dir_win(path: str) -> bool: + # os.access doesn't work on Windows: http://bugs.python.org/issue2528 + # and we can't use tempfile: http://bugs.python.org/issue22107 + basename = "accesstest_deleteme_fishfingers_custard_" + alphabet = "abcdefghijklmnopqrstuvwxyz0123456789" + for _ in range(10): + name = basename + "".join(random.choice(alphabet) for _ in range(6)) + file = os.path.join(path, name) + try: + fd = os.open(file, os.O_RDWR | os.O_CREAT | os.O_EXCL) + except FileExistsError: + pass + except PermissionError: + # This could be because there's a directory with the same name. + # But it's highly unlikely there's a directory called that, + # so we'll assume it's because the parent dir is not writable. + # This could as well be because the parent dir is not readable, + # due to non-privileged user access. + return False + else: + os.close(fd) + os.unlink(file) + return True + + # This should never be reached + raise OSError("Unexpected condition testing for writable directory") + + +def find_files(path: str, pattern: str) -> List[str]: + """Returns a list of absolute paths of files beneath path, recursively, + with filenames which match the UNIX-style shell glob pattern.""" + result: List[str] = [] + for root, _, files in os.walk(path): + matches = fnmatch.filter(files, pattern) + result.extend(os.path.join(root, f) for f in matches) + return result + + +def file_size(path: str) -> Union[int, float]: + # If it's a symlink, return 0. + if os.path.islink(path): + return 0 + return os.path.getsize(path) + + +def format_file_size(path: str) -> str: + return format_size(file_size(path)) + + +def directory_size(path: str) -> Union[int, float]: + size = 0.0 + for root, _dirs, files in os.walk(path): + for filename in files: + file_path = os.path.join(root, filename) + size += file_size(file_path) + return size + + +def format_directory_size(path: str) -> str: + return format_size(directory_size(path)) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/filetypes.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/filetypes.py new file mode 100644 index 000000000..da935846f --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/filetypes.py @@ -0,0 +1,28 @@ +"""Filetype information. +""" + +from typing import Tuple + +from pip._internal.utils.misc import splitext + +WHEEL_EXTENSION = ".whl" +BZ2_EXTENSIONS = (".tar.bz2", ".tbz") # type: Tuple[str, ...] +XZ_EXTENSIONS = ( + ".tar.xz", + ".txz", + ".tlz", + ".tar.lz", + ".tar.lzma", +) # type: Tuple[str, ...] +ZIP_EXTENSIONS = (".zip", WHEEL_EXTENSION) # type: Tuple[str, ...] +TAR_EXTENSIONS = (".tar.gz", ".tgz", ".tar") # type: Tuple[str, ...] +ARCHIVE_EXTENSIONS = ZIP_EXTENSIONS + BZ2_EXTENSIONS + TAR_EXTENSIONS + XZ_EXTENSIONS + + +def is_archive_file(name): + # type: (str) -> bool + """Return True if `name` is a considered as an archive file.""" + ext = splitext(name)[1].lower() + if ext in ARCHIVE_EXTENSIONS: + return True + return False diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/glibc.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/glibc.py new file mode 100644 index 000000000..1c9ff3544 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/glibc.py @@ -0,0 +1,92 @@ +# The following comment should be removed at some point in the future. +# mypy: strict-optional=False + +import os +import sys +from typing import Optional, Tuple + + +def glibc_version_string(): + # type: () -> Optional[str] + "Returns glibc version string, or None if not using glibc." + return glibc_version_string_confstr() or glibc_version_string_ctypes() + + +def glibc_version_string_confstr(): + # type: () -> Optional[str] + "Primary implementation of glibc_version_string using os.confstr." + # os.confstr is quite a bit faster than ctypes.DLL. It's also less likely + # to be broken or missing. This strategy is used in the standard library + # platform module: + # https://github.com/python/cpython/blob/fcf1d003bf4f0100c9d0921ff3d70e1127ca1b71/Lib/platform.py#L175-L183 + if sys.platform == "win32": + return None + try: + # os.confstr("CS_GNU_LIBC_VERSION") returns a string like "glibc 2.17": + _, version = os.confstr("CS_GNU_LIBC_VERSION").split() + except (AttributeError, OSError, ValueError): + # os.confstr() or CS_GNU_LIBC_VERSION not available (or a bad value)... + return None + return version + + +def glibc_version_string_ctypes(): + # type: () -> Optional[str] + "Fallback implementation of glibc_version_string using ctypes." + + try: + import ctypes + except ImportError: + return None + + # ctypes.CDLL(None) internally calls dlopen(NULL), and as the dlopen + # manpage says, "If filename is NULL, then the returned handle is for the + # main program". This way we can let the linker do the work to figure out + # which libc our process is actually using. + process_namespace = ctypes.CDLL(None) + try: + gnu_get_libc_version = process_namespace.gnu_get_libc_version + except AttributeError: + # Symbol doesn't exist -> therefore, we are not linked to + # glibc. + return None + + # Call gnu_get_libc_version, which returns a string like "2.5" + gnu_get_libc_version.restype = ctypes.c_char_p + version_str = gnu_get_libc_version() + # py2 / py3 compatibility: + if not isinstance(version_str, str): + version_str = version_str.decode("ascii") + + return version_str + + +# platform.libc_ver regularly returns completely nonsensical glibc +# versions. E.g. on my computer, platform says: +# +# ~$ python2.7 -c 'import platform; print(platform.libc_ver())' +# ('glibc', '2.7') +# ~$ python3.5 -c 'import platform; print(platform.libc_ver())' +# ('glibc', '2.9') +# +# But the truth is: +# +# ~$ ldd --version +# ldd (Debian GLIBC 2.22-11) 2.22 +# +# This is unfortunate, because it means that the linehaul data on libc +# versions that was generated by pip 8.1.2 and earlier is useless and +# misleading. Solution: instead of using platform, use our code that actually +# works. +def libc_ver(): + # type: () -> Tuple[str, str] + """Try to determine the glibc version + + Returns a tuple of strings (lib, version) which default to empty strings + in case the lookup fails. + """ + glibc_version = glibc_version_string() + if glibc_version is None: + return ("", "") + else: + return ("glibc", glibc_version) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/hashes.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/hashes.py new file mode 100644 index 000000000..3d20b8d02 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/hashes.py @@ -0,0 +1,165 @@ +import hashlib +from typing import TYPE_CHECKING, BinaryIO, Dict, Iterator, List + +from pip._internal.exceptions import HashMismatch, HashMissing, InstallationError +from pip._internal.utils.misc import read_chunks + +if TYPE_CHECKING: + from hashlib import _Hash + + # NoReturn introduced in 3.6.2; imported only for type checking to maintain + # pip compatibility with older patch versions of Python 3.6 + from typing import NoReturn + + +# The recommended hash algo of the moment. Change this whenever the state of +# the art changes; it won't hurt backward compatibility. +FAVORITE_HASH = "sha256" + + +# Names of hashlib algorithms allowed by the --hash option and ``pip hash`` +# Currently, those are the ones at least as collision-resistant as sha256. +STRONG_HASHES = ["sha256", "sha384", "sha512"] + + +class Hashes: + """A wrapper that builds multiple hashes at once and checks them against + known-good values + + """ + + def __init__(self, hashes=None): + # type: (Dict[str, List[str]]) -> None + """ + :param hashes: A dict of algorithm names pointing to lists of allowed + hex digests + """ + allowed = {} + if hashes is not None: + for alg, keys in hashes.items(): + # Make sure values are always sorted (to ease equality checks) + allowed[alg] = sorted(keys) + self._allowed = allowed + + def __and__(self, other): + # type: (Hashes) -> Hashes + if not isinstance(other, Hashes): + return NotImplemented + + # If either of the Hashes object is entirely empty (i.e. no hash + # specified at all), all hashes from the other object are allowed. + if not other: + return self + if not self: + return other + + # Otherwise only hashes that present in both objects are allowed. + new = {} + for alg, values in other._allowed.items(): + if alg not in self._allowed: + continue + new[alg] = [v for v in values if v in self._allowed[alg]] + return Hashes(new) + + @property + def digest_count(self): + # type: () -> int + return sum(len(digests) for digests in self._allowed.values()) + + def is_hash_allowed( + self, + hash_name, # type: str + hex_digest, # type: str + ): + # type: (...) -> bool + """Return whether the given hex digest is allowed.""" + return hex_digest in self._allowed.get(hash_name, []) + + def check_against_chunks(self, chunks): + # type: (Iterator[bytes]) -> None + """Check good hashes against ones built from iterable of chunks of + data. + + Raise HashMismatch if none match. + + """ + gots = {} + for hash_name in self._allowed.keys(): + try: + gots[hash_name] = hashlib.new(hash_name) + except (ValueError, TypeError): + raise InstallationError(f"Unknown hash name: {hash_name}") + + for chunk in chunks: + for hash in gots.values(): + hash.update(chunk) + + for hash_name, got in gots.items(): + if got.hexdigest() in self._allowed[hash_name]: + return + self._raise(gots) + + def _raise(self, gots): + # type: (Dict[str, _Hash]) -> NoReturn + raise HashMismatch(self._allowed, gots) + + def check_against_file(self, file): + # type: (BinaryIO) -> None + """Check good hashes against a file-like object + + Raise HashMismatch if none match. + + """ + return self.check_against_chunks(read_chunks(file)) + + def check_against_path(self, path): + # type: (str) -> None + with open(path, "rb") as file: + return self.check_against_file(file) + + def __nonzero__(self): + # type: () -> bool + """Return whether I know any known-good hashes.""" + return bool(self._allowed) + + def __bool__(self): + # type: () -> bool + return self.__nonzero__() + + def __eq__(self, other): + # type: (object) -> bool + if not isinstance(other, Hashes): + return NotImplemented + return self._allowed == other._allowed + + def __hash__(self): + # type: () -> int + return hash( + ",".join( + sorted( + ":".join((alg, digest)) + for alg, digest_list in self._allowed.items() + for digest in digest_list + ) + ) + ) + + +class MissingHashes(Hashes): + """A workalike for Hashes used when we're missing a hash for a requirement + + It computes the actual hash of the requirement and raises a HashMissing + exception showing it to the user. + + """ + + def __init__(self): + # type: () -> None + """Don't offer the ``hashes`` kwarg.""" + # Pass our favorite hash in to generate a "gotten hash". With the + # empty list, it will never match, so an error will always raise. + super().__init__(hashes={FAVORITE_HASH: []}) + + def _raise(self, gots): + # type: (Dict[str, _Hash]) -> NoReturn + raise HashMissing(gots[FAVORITE_HASH].hexdigest()) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/inject_securetransport.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/inject_securetransport.py new file mode 100644 index 000000000..b6863d934 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/inject_securetransport.py @@ -0,0 +1,36 @@ +"""A helper module that injects SecureTransport, on import. + +The import should be done as early as possible, to ensure all requests and +sessions (or whatever) are created after injecting SecureTransport. + +Note that we only do the injection on macOS, when the linked OpenSSL is too +old to handle TLSv1.2. +""" + +import sys + + +def inject_securetransport(): + # type: () -> None + # Only relevant on macOS + if sys.platform != "darwin": + return + + try: + import ssl + except ImportError: + return + + # Checks for OpenSSL 1.0.1 + if ssl.OPENSSL_VERSION_NUMBER >= 0x1000100F: + return + + try: + from pip._vendor.urllib3.contrib import securetransport + except (ImportError, OSError): + return + + securetransport.inject_into_urllib3() + + +inject_securetransport() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/logging.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/logging.py new file mode 100644 index 000000000..39a18fd6c --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/logging.py @@ -0,0 +1,391 @@ +import contextlib +import errno +import logging +import logging.handlers +import os +import sys +from logging import Filter +from typing import IO, Any, Callable, Iterator, Optional, TextIO, Type, cast + +from pip._internal.utils._log import VERBOSE, getLogger +from pip._internal.utils.compat import WINDOWS +from pip._internal.utils.deprecation import DEPRECATION_MSG_PREFIX +from pip._internal.utils.misc import ensure_dir + +try: + import threading +except ImportError: + import dummy_threading as threading # type: ignore + + +try: + from pip._vendor import colorama +# Lots of different errors can come from this, including SystemError and +# ImportError. +except Exception: + colorama = None + + +_log_state = threading.local() +subprocess_logger = getLogger("pip.subprocessor") + + +class BrokenStdoutLoggingError(Exception): + """ + Raised if BrokenPipeError occurs for the stdout stream while logging. + """ + + pass + + +# BrokenPipeError manifests differently in Windows and non-Windows. +if WINDOWS: + # In Windows, a broken pipe can show up as EINVAL rather than EPIPE: + # https://bugs.python.org/issue19612 + # https://bugs.python.org/issue30418 + def _is_broken_pipe_error(exc_class, exc): + # type: (Type[BaseException], BaseException) -> bool + """See the docstring for non-Windows below.""" + return (exc_class is BrokenPipeError) or ( + isinstance(exc, OSError) and exc.errno in (errno.EINVAL, errno.EPIPE) + ) + + +else: + # Then we are in the non-Windows case. + def _is_broken_pipe_error(exc_class, exc): + # type: (Type[BaseException], BaseException) -> bool + """ + Return whether an exception is a broken pipe error. + + Args: + exc_class: an exception class. + exc: an exception instance. + """ + return exc_class is BrokenPipeError + + +@contextlib.contextmanager +def indent_log(num=2): + # type: (int) -> Iterator[None] + """ + A context manager which will cause the log output to be indented for any + log messages emitted inside it. + """ + # For thread-safety + _log_state.indentation = get_indentation() + _log_state.indentation += num + try: + yield + finally: + _log_state.indentation -= num + + +def get_indentation(): + # type: () -> int + return getattr(_log_state, "indentation", 0) + + +class IndentingFormatter(logging.Formatter): + default_time_format = "%Y-%m-%dT%H:%M:%S" + + def __init__( + self, + *args, # type: Any + add_timestamp=False, # type: bool + **kwargs, # type: Any + ): + # type: (...) -> None + """ + A logging.Formatter that obeys the indent_log() context manager. + + :param add_timestamp: A bool indicating output lines should be prefixed + with their record's timestamp. + """ + self.add_timestamp = add_timestamp + super().__init__(*args, **kwargs) + + def get_message_start(self, formatted, levelno): + # type: (str, int) -> str + """ + Return the start of the formatted log message (not counting the + prefix to add to each line). + """ + if levelno < logging.WARNING: + return "" + if formatted.startswith(DEPRECATION_MSG_PREFIX): + # Then the message already has a prefix. We don't want it to + # look like "WARNING: DEPRECATION: ...." + return "" + if levelno < logging.ERROR: + return "WARNING: " + + return "ERROR: " + + def format(self, record): + # type: (logging.LogRecord) -> str + """ + Calls the standard formatter, but will indent all of the log message + lines by our current indentation level. + """ + formatted = super().format(record) + message_start = self.get_message_start(formatted, record.levelno) + formatted = message_start + formatted + + prefix = "" + if self.add_timestamp: + prefix = f"{self.formatTime(record)} " + prefix += " " * get_indentation() + formatted = "".join([prefix + line for line in formatted.splitlines(True)]) + return formatted + + +def _color_wrap(*colors): + # type: (*str) -> Callable[[str], str] + def wrapped(inp): + # type: (str) -> str + return "".join(list(colors) + [inp, colorama.Style.RESET_ALL]) + + return wrapped + + +class ColorizedStreamHandler(logging.StreamHandler): + + # Don't build up a list of colors if we don't have colorama + if colorama: + COLORS = [ + # This needs to be in order from highest logging level to lowest. + (logging.ERROR, _color_wrap(colorama.Fore.RED)), + (logging.WARNING, _color_wrap(colorama.Fore.YELLOW)), + ] + else: + COLORS = [] + + def __init__(self, stream=None, no_color=None): + # type: (Optional[TextIO], bool) -> None + super().__init__(stream) + self._no_color = no_color + + if WINDOWS and colorama: + self.stream = colorama.AnsiToWin32(self.stream) + + def _using_stdout(self): + # type: () -> bool + """ + Return whether the handler is using sys.stdout. + """ + if WINDOWS and colorama: + # Then self.stream is an AnsiToWin32 object. + stream = cast(colorama.AnsiToWin32, self.stream) + return stream.wrapped is sys.stdout + + return self.stream is sys.stdout + + def should_color(self): + # type: () -> bool + # Don't colorize things if we do not have colorama or if told not to + if not colorama or self._no_color: + return False + + real_stream = ( + self.stream + if not isinstance(self.stream, colorama.AnsiToWin32) + else self.stream.wrapped + ) + + # If the stream is a tty we should color it + if hasattr(real_stream, "isatty") and real_stream.isatty(): + return True + + # If we have an ANSI term we should color it + if os.environ.get("TERM") == "ANSI": + return True + + # If anything else we should not color it + return False + + def format(self, record): + # type: (logging.LogRecord) -> str + msg = super().format(record) + + if self.should_color(): + for level, color in self.COLORS: + if record.levelno >= level: + msg = color(msg) + break + + return msg + + # The logging module says handleError() can be customized. + def handleError(self, record): + # type: (logging.LogRecord) -> None + exc_class, exc = sys.exc_info()[:2] + # If a broken pipe occurred while calling write() or flush() on the + # stdout stream in logging's Handler.emit(), then raise our special + # exception so we can handle it in main() instead of logging the + # broken pipe error and continuing. + if ( + exc_class + and exc + and self._using_stdout() + and _is_broken_pipe_error(exc_class, exc) + ): + raise BrokenStdoutLoggingError() + + return super().handleError(record) + + +class BetterRotatingFileHandler(logging.handlers.RotatingFileHandler): + def _open(self): + # type: () -> IO[Any] + ensure_dir(os.path.dirname(self.baseFilename)) + return super()._open() + + +class MaxLevelFilter(Filter): + def __init__(self, level): + # type: (int) -> None + self.level = level + + def filter(self, record): + # type: (logging.LogRecord) -> bool + return record.levelno < self.level + + +class ExcludeLoggerFilter(Filter): + + """ + A logging Filter that excludes records from a logger (or its children). + """ + + def filter(self, record): + # type: (logging.LogRecord) -> bool + # The base Filter class allows only records from a logger (or its + # children). + return not super().filter(record) + + +def setup_logging(verbosity, no_color, user_log_file): + # type: (int, bool, Optional[str]) -> int + """Configures and sets up all of the logging + + Returns the requested logging level, as its integer value. + """ + + # Determine the level to be logging at. + if verbosity >= 2: + level_number = logging.DEBUG + elif verbosity == 1: + level_number = VERBOSE + elif verbosity == -1: + level_number = logging.WARNING + elif verbosity == -2: + level_number = logging.ERROR + elif verbosity <= -3: + level_number = logging.CRITICAL + else: + level_number = logging.INFO + + level = logging.getLevelName(level_number) + + # The "root" logger should match the "console" level *unless* we also need + # to log to a user log file. + include_user_log = user_log_file is not None + if include_user_log: + additional_log_file = user_log_file + root_level = "DEBUG" + else: + additional_log_file = "/dev/null" + root_level = level + + # Disable any logging besides WARNING unless we have DEBUG level logging + # enabled for vendored libraries. + vendored_log_level = "WARNING" if level in ["INFO", "ERROR"] else "DEBUG" + + # Shorthands for clarity + log_streams = { + "stdout": "ext://sys.stdout", + "stderr": "ext://sys.stderr", + } + handler_classes = { + "stream": "pip._internal.utils.logging.ColorizedStreamHandler", + "file": "pip._internal.utils.logging.BetterRotatingFileHandler", + } + handlers = ["console", "console_errors", "console_subprocess"] + ( + ["user_log"] if include_user_log else [] + ) + + logging.config.dictConfig( + { + "version": 1, + "disable_existing_loggers": False, + "filters": { + "exclude_warnings": { + "()": "pip._internal.utils.logging.MaxLevelFilter", + "level": logging.WARNING, + }, + "restrict_to_subprocess": { + "()": "logging.Filter", + "name": subprocess_logger.name, + }, + "exclude_subprocess": { + "()": "pip._internal.utils.logging.ExcludeLoggerFilter", + "name": subprocess_logger.name, + }, + }, + "formatters": { + "indent": { + "()": IndentingFormatter, + "format": "%(message)s", + }, + "indent_with_timestamp": { + "()": IndentingFormatter, + "format": "%(message)s", + "add_timestamp": True, + }, + }, + "handlers": { + "console": { + "level": level, + "class": handler_classes["stream"], + "no_color": no_color, + "stream": log_streams["stdout"], + "filters": ["exclude_subprocess", "exclude_warnings"], + "formatter": "indent", + }, + "console_errors": { + "level": "WARNING", + "class": handler_classes["stream"], + "no_color": no_color, + "stream": log_streams["stderr"], + "filters": ["exclude_subprocess"], + "formatter": "indent", + }, + # A handler responsible for logging to the console messages + # from the "subprocessor" logger. + "console_subprocess": { + "level": level, + "class": handler_classes["stream"], + "no_color": no_color, + "stream": log_streams["stderr"], + "filters": ["restrict_to_subprocess"], + "formatter": "indent", + }, + "user_log": { + "level": "DEBUG", + "class": handler_classes["file"], + "filename": additional_log_file, + "encoding": "utf-8", + "delay": True, + "formatter": "indent_with_timestamp", + }, + }, + "root": { + "level": root_level, + "handlers": handlers, + }, + "loggers": {"pip._vendor": {"level": vendored_log_level}}, + } + ) + + return level_number diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/misc.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/misc.py new file mode 100644 index 000000000..99ebea30c --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/misc.py @@ -0,0 +1,828 @@ +# The following comment should be removed at some point in the future. +# mypy: strict-optional=False + +import contextlib +import errno +import getpass +import hashlib +import io +import logging +import os +import posixpath +import shutil +import stat +import sys +import urllib.parse +from io import StringIO +from itertools import filterfalse, tee, zip_longest +from types import TracebackType +from typing import ( + Any, + AnyStr, + BinaryIO, + Callable, + Container, + ContextManager, + Iterable, + Iterator, + List, + Optional, + TextIO, + Tuple, + Type, + TypeVar, + cast, +) + +from pip._vendor.pkg_resources import Distribution +from pip._vendor.tenacity import retry, stop_after_delay, wait_fixed + +from pip import __version__ +from pip._internal.exceptions import CommandError +from pip._internal.locations import get_major_minor_version, site_packages, user_site +from pip._internal.utils.compat import WINDOWS, stdlib_pkgs +from pip._internal.utils.virtualenv import ( + running_under_virtualenv, + virtualenv_no_global, +) + +__all__ = [ + "rmtree", + "display_path", + "backup_dir", + "ask", + "splitext", + "format_size", + "is_installable_dir", + "normalize_path", + "renames", + "get_prog", + "captured_stdout", + "ensure_dir", + "remove_auth_from_url", +] + + +logger = logging.getLogger(__name__) + +T = TypeVar("T") +ExcInfo = Tuple[Type[BaseException], BaseException, TracebackType] +VersionInfo = Tuple[int, int, int] +NetlocTuple = Tuple[str, Tuple[Optional[str], Optional[str]]] + + +def get_pip_version(): + # type: () -> str + pip_pkg_dir = os.path.join(os.path.dirname(__file__), "..", "..") + pip_pkg_dir = os.path.abspath(pip_pkg_dir) + + return "pip {} from {} (python {})".format( + __version__, + pip_pkg_dir, + get_major_minor_version(), + ) + + +def normalize_version_info(py_version_info): + # type: (Tuple[int, ...]) -> Tuple[int, int, int] + """ + Convert a tuple of ints representing a Python version to one of length + three. + + :param py_version_info: a tuple of ints representing a Python version, + or None to specify no version. The tuple can have any length. + + :return: a tuple of length three if `py_version_info` is non-None. + Otherwise, return `py_version_info` unchanged (i.e. None). + """ + if len(py_version_info) < 3: + py_version_info += (3 - len(py_version_info)) * (0,) + elif len(py_version_info) > 3: + py_version_info = py_version_info[:3] + + return cast("VersionInfo", py_version_info) + + +def ensure_dir(path): + # type: (AnyStr) -> None + """os.path.makedirs without EEXIST.""" + try: + os.makedirs(path) + except OSError as e: + # Windows can raise spurious ENOTEMPTY errors. See #6426. + if e.errno != errno.EEXIST and e.errno != errno.ENOTEMPTY: + raise + + +def get_prog(): + # type: () -> str + try: + prog = os.path.basename(sys.argv[0]) + if prog in ("__main__.py", "-c"): + return f"{sys.executable} -m pip" + else: + return prog + except (AttributeError, TypeError, IndexError): + pass + return "pip" + + +# Retry every half second for up to 3 seconds +# Tenacity raises RetryError by default, explicitly raise the original exception +@retry(reraise=True, stop=stop_after_delay(3), wait=wait_fixed(0.5)) +def rmtree(dir, ignore_errors=False): + # type: (AnyStr, bool) -> None + shutil.rmtree(dir, ignore_errors=ignore_errors, onerror=rmtree_errorhandler) + + +def rmtree_errorhandler(func, path, exc_info): + # type: (Callable[..., Any], str, ExcInfo) -> None + """On Windows, the files in .svn are read-only, so when rmtree() tries to + remove them, an exception is thrown. We catch that here, remove the + read-only attribute, and hopefully continue without problems.""" + try: + has_attr_readonly = not (os.stat(path).st_mode & stat.S_IWRITE) + except OSError: + # it's equivalent to os.path.exists + return + + if has_attr_readonly: + # convert to read/write + os.chmod(path, stat.S_IWRITE) + # use the original function to repeat the operation + func(path) + return + else: + raise + + +def display_path(path): + # type: (str) -> str + """Gives the display value for a given path, making it relative to cwd + if possible.""" + path = os.path.normcase(os.path.abspath(path)) + if path.startswith(os.getcwd() + os.path.sep): + path = "." + path[len(os.getcwd()) :] + return path + + +def backup_dir(dir, ext=".bak"): + # type: (str, str) -> str + """Figure out the name of a directory to back up the given dir to + (adding .bak, .bak2, etc)""" + n = 1 + extension = ext + while os.path.exists(dir + extension): + n += 1 + extension = ext + str(n) + return dir + extension + + +def ask_path_exists(message, options): + # type: (str, Iterable[str]) -> str + for action in os.environ.get("PIP_EXISTS_ACTION", "").split(): + if action in options: + return action + return ask(message, options) + + +def _check_no_input(message): + # type: (str) -> None + """Raise an error if no input is allowed.""" + if os.environ.get("PIP_NO_INPUT"): + raise Exception( + f"No input was expected ($PIP_NO_INPUT set); question: {message}" + ) + + +def ask(message, options): + # type: (str, Iterable[str]) -> str + """Ask the message interactively, with the given possible responses""" + while 1: + _check_no_input(message) + response = input(message) + response = response.strip().lower() + if response not in options: + print( + "Your response ({!r}) was not one of the expected responses: " + "{}".format(response, ", ".join(options)) + ) + else: + return response + + +def ask_input(message): + # type: (str) -> str + """Ask for input interactively.""" + _check_no_input(message) + return input(message) + + +def ask_password(message): + # type: (str) -> str + """Ask for a password interactively.""" + _check_no_input(message) + return getpass.getpass(message) + + +def strtobool(val): + # type: (str) -> int + """Convert a string representation of truth to true (1) or false (0). + + True values are 'y', 'yes', 't', 'true', 'on', and '1'; false values + are 'n', 'no', 'f', 'false', 'off', and '0'. Raises ValueError if + 'val' is anything else. + """ + val = val.lower() + if val in ("y", "yes", "t", "true", "on", "1"): + return 1 + elif val in ("n", "no", "f", "false", "off", "0"): + return 0 + else: + raise ValueError(f"invalid truth value {val!r}") + + +def format_size(bytes): + # type: (float) -> str + if bytes > 1000 * 1000: + return "{:.1f} MB".format(bytes / 1000.0 / 1000) + elif bytes > 10 * 1000: + return "{} kB".format(int(bytes / 1000)) + elif bytes > 1000: + return "{:.1f} kB".format(bytes / 1000.0) + else: + return "{} bytes".format(int(bytes)) + + +def tabulate(rows): + # type: (Iterable[Iterable[Any]]) -> Tuple[List[str], List[int]] + """Return a list of formatted rows and a list of column sizes. + + For example:: + + >>> tabulate([['foobar', 2000], [0xdeadbeef]]) + (['foobar 2000', '3735928559'], [10, 4]) + """ + rows = [tuple(map(str, row)) for row in rows] + sizes = [max(map(len, col)) for col in zip_longest(*rows, fillvalue="")] + table = [" ".join(map(str.ljust, row, sizes)).rstrip() for row in rows] + return table, sizes + + +def is_installable_dir(path: str) -> bool: + """Is path is a directory containing pyproject.toml or setup.py? + + If pyproject.toml exists, this is a PEP 517 project. Otherwise we look for + a legacy setuptools layout by identifying setup.py. We don't check for the + setup.cfg because using it without setup.py is only available for PEP 517 + projects, which are already covered by the pyproject.toml check. + """ + if not os.path.isdir(path): + return False + if os.path.isfile(os.path.join(path, "pyproject.toml")): + return True + if os.path.isfile(os.path.join(path, "setup.py")): + return True + return False + + +def read_chunks(file, size=io.DEFAULT_BUFFER_SIZE): + # type: (BinaryIO, int) -> Iterator[bytes] + """Yield pieces of data from a file-like object until EOF.""" + while True: + chunk = file.read(size) + if not chunk: + break + yield chunk + + +def normalize_path(path, resolve_symlinks=True): + # type: (str, bool) -> str + """ + Convert a path to its canonical, case-normalized, absolute version. + + """ + path = os.path.expanduser(path) + if resolve_symlinks: + path = os.path.realpath(path) + else: + path = os.path.abspath(path) + return os.path.normcase(path) + + +def splitext(path): + # type: (str) -> Tuple[str, str] + """Like os.path.splitext, but take off .tar too""" + base, ext = posixpath.splitext(path) + if base.lower().endswith(".tar"): + ext = base[-4:] + ext + base = base[:-4] + return base, ext + + +def renames(old, new): + # type: (str, str) -> None + """Like os.renames(), but handles renaming across devices.""" + # Implementation borrowed from os.renames(). + head, tail = os.path.split(new) + if head and tail and not os.path.exists(head): + os.makedirs(head) + + shutil.move(old, new) + + head, tail = os.path.split(old) + if head and tail: + try: + os.removedirs(head) + except OSError: + pass + + +def is_local(path): + # type: (str) -> bool + """ + Return True if path is within sys.prefix, if we're running in a virtualenv. + + If we're not in a virtualenv, all paths are considered "local." + + Caution: this function assumes the head of path has been normalized + with normalize_path. + """ + if not running_under_virtualenv(): + return True + return path.startswith(normalize_path(sys.prefix)) + + +def dist_is_local(dist): + # type: (Distribution) -> bool + """ + Return True if given Distribution object is installed locally + (i.e. within current virtualenv). + + Always True if we're not in a virtualenv. + + """ + return is_local(dist_location(dist)) + + +def dist_in_usersite(dist): + # type: (Distribution) -> bool + """ + Return True if given Distribution is installed in user site. + """ + return dist_location(dist).startswith(normalize_path(user_site)) + + +def dist_in_site_packages(dist): + # type: (Distribution) -> bool + """ + Return True if given Distribution is installed in + sysconfig.get_python_lib(). + """ + return dist_location(dist).startswith(normalize_path(site_packages)) + + +def dist_is_editable(dist): + # type: (Distribution) -> bool + """ + Return True if given Distribution is an editable install. + """ + for path_item in sys.path: + egg_link = os.path.join(path_item, dist.project_name + ".egg-link") + if os.path.isfile(egg_link): + return True + return False + + +def get_installed_distributions( + local_only=True, # type: bool + skip=stdlib_pkgs, # type: Container[str] + include_editables=True, # type: bool + editables_only=False, # type: bool + user_only=False, # type: bool + paths=None, # type: Optional[List[str]] +): + # type: (...) -> List[Distribution] + """Return a list of installed Distribution objects. + + Left for compatibility until direct pkg_resources uses are refactored out. + """ + from pip._internal.metadata import get_default_environment, get_environment + from pip._internal.metadata.pkg_resources import Distribution as _Dist + + if paths is None: + env = get_default_environment() + else: + env = get_environment(paths) + dists = env.iter_installed_distributions( + local_only=local_only, + skip=skip, + include_editables=include_editables, + editables_only=editables_only, + user_only=user_only, + ) + return [cast(_Dist, dist)._dist for dist in dists] + + +def get_distribution(req_name): + # type: (str) -> Optional[Distribution] + """Given a requirement name, return the installed Distribution object. + + This searches from *all* distributions available in the environment, to + match the behavior of ``pkg_resources.get_distribution()``. + + Left for compatibility until direct pkg_resources uses are refactored out. + """ + from pip._internal.metadata import get_default_environment + from pip._internal.metadata.pkg_resources import Distribution as _Dist + + dist = get_default_environment().get_distribution(req_name) + if dist is None: + return None + return cast(_Dist, dist)._dist + + +def egg_link_path(dist): + # type: (Distribution) -> Optional[str] + """ + Return the path for the .egg-link file if it exists, otherwise, None. + + There's 3 scenarios: + 1) not in a virtualenv + try to find in site.USER_SITE, then site_packages + 2) in a no-global virtualenv + try to find in site_packages + 3) in a yes-global virtualenv + try to find in site_packages, then site.USER_SITE + (don't look in global location) + + For #1 and #3, there could be odd cases, where there's an egg-link in 2 + locations. + + This method will just return the first one found. + """ + sites = [] + if running_under_virtualenv(): + sites.append(site_packages) + if not virtualenv_no_global() and user_site: + sites.append(user_site) + else: + if user_site: + sites.append(user_site) + sites.append(site_packages) + + for site in sites: + egglink = os.path.join(site, dist.project_name) + ".egg-link" + if os.path.isfile(egglink): + return egglink + return None + + +def dist_location(dist): + # type: (Distribution) -> str + """ + Get the site-packages location of this distribution. Generally + this is dist.location, except in the case of develop-installed + packages, where dist.location is the source code location, and we + want to know where the egg-link file is. + + The returned location is normalized (in particular, with symlinks removed). + """ + egg_link = egg_link_path(dist) + if egg_link: + return normalize_path(egg_link) + return normalize_path(dist.location) + + +def write_output(msg, *args): + # type: (Any, Any) -> None + logger.info(msg, *args) + + +class StreamWrapper(StringIO): + orig_stream = None # type: TextIO + + @classmethod + def from_stream(cls, orig_stream): + # type: (TextIO) -> StreamWrapper + cls.orig_stream = orig_stream + return cls() + + # compileall.compile_dir() needs stdout.encoding to print to stdout + # https://github.com/python/mypy/issues/4125 + @property + def encoding(self): # type: ignore + return self.orig_stream.encoding + + +@contextlib.contextmanager +def captured_output(stream_name): + # type: (str) -> Iterator[StreamWrapper] + """Return a context manager used by captured_stdout/stdin/stderr + that temporarily replaces the sys stream *stream_name* with a StringIO. + + Taken from Lib/support/__init__.py in the CPython repo. + """ + orig_stdout = getattr(sys, stream_name) + setattr(sys, stream_name, StreamWrapper.from_stream(orig_stdout)) + try: + yield getattr(sys, stream_name) + finally: + setattr(sys, stream_name, orig_stdout) + + +def captured_stdout(): + # type: () -> ContextManager[StreamWrapper] + """Capture the output of sys.stdout: + + with captured_stdout() as stdout: + print('hello') + self.assertEqual(stdout.getvalue(), 'hello\n') + + Taken from Lib/support/__init__.py in the CPython repo. + """ + return captured_output("stdout") + + +def captured_stderr(): + # type: () -> ContextManager[StreamWrapper] + """ + See captured_stdout(). + """ + return captured_output("stderr") + + +# Simulates an enum +def enum(*sequential, **named): + # type: (*Any, **Any) -> Type[Any] + enums = dict(zip(sequential, range(len(sequential))), **named) + reverse = {value: key for key, value in enums.items()} + enums["reverse_mapping"] = reverse + return type("Enum", (), enums) + + +def build_netloc(host, port): + # type: (str, Optional[int]) -> str + """ + Build a netloc from a host-port pair + """ + if port is None: + return host + if ":" in host: + # Only wrap host with square brackets when it is IPv6 + host = f"[{host}]" + return f"{host}:{port}" + + +def build_url_from_netloc(netloc, scheme="https"): + # type: (str, str) -> str + """ + Build a full URL from a netloc. + """ + if netloc.count(":") >= 2 and "@" not in netloc and "[" not in netloc: + # It must be a bare IPv6 address, so wrap it with brackets. + netloc = f"[{netloc}]" + return f"{scheme}://{netloc}" + + +def parse_netloc(netloc): + # type: (str) -> Tuple[str, Optional[int]] + """ + Return the host-port pair from a netloc. + """ + url = build_url_from_netloc(netloc) + parsed = urllib.parse.urlparse(url) + return parsed.hostname, parsed.port + + +def split_auth_from_netloc(netloc): + # type: (str) -> NetlocTuple + """ + Parse out and remove the auth information from a netloc. + + Returns: (netloc, (username, password)). + """ + if "@" not in netloc: + return netloc, (None, None) + + # Split from the right because that's how urllib.parse.urlsplit() + # behaves if more than one @ is present (which can be checked using + # the password attribute of urlsplit()'s return value). + auth, netloc = netloc.rsplit("@", 1) + pw = None # type: Optional[str] + if ":" in auth: + # Split from the left because that's how urllib.parse.urlsplit() + # behaves if more than one : is present (which again can be checked + # using the password attribute of the return value) + user, pw = auth.split(":", 1) + else: + user, pw = auth, None + + user = urllib.parse.unquote(user) + if pw is not None: + pw = urllib.parse.unquote(pw) + + return netloc, (user, pw) + + +def redact_netloc(netloc): + # type: (str) -> str + """ + Replace the sensitive data in a netloc with "****", if it exists. + + For example: + - "user:pass@example.com" returns "user:****@example.com" + - "accesstoken@example.com" returns "****@example.com" + """ + netloc, (user, password) = split_auth_from_netloc(netloc) + if user is None: + return netloc + if password is None: + user = "****" + password = "" + else: + user = urllib.parse.quote(user) + password = ":****" + return "{user}{password}@{netloc}".format( + user=user, password=password, netloc=netloc + ) + + +def _transform_url(url, transform_netloc): + # type: (str, Callable[[str], Tuple[Any, ...]]) -> Tuple[str, NetlocTuple] + """Transform and replace netloc in a url. + + transform_netloc is a function taking the netloc and returning a + tuple. The first element of this tuple is the new netloc. The + entire tuple is returned. + + Returns a tuple containing the transformed url as item 0 and the + original tuple returned by transform_netloc as item 1. + """ + purl = urllib.parse.urlsplit(url) + netloc_tuple = transform_netloc(purl.netloc) + # stripped url + url_pieces = (purl.scheme, netloc_tuple[0], purl.path, purl.query, purl.fragment) + surl = urllib.parse.urlunsplit(url_pieces) + return surl, cast("NetlocTuple", netloc_tuple) + + +def _get_netloc(netloc): + # type: (str) -> NetlocTuple + return split_auth_from_netloc(netloc) + + +def _redact_netloc(netloc): + # type: (str) -> Tuple[str,] + return (redact_netloc(netloc),) + + +def split_auth_netloc_from_url(url): + # type: (str) -> Tuple[str, str, Tuple[str, str]] + """ + Parse a url into separate netloc, auth, and url with no auth. + + Returns: (url_without_auth, netloc, (username, password)) + """ + url_without_auth, (netloc, auth) = _transform_url(url, _get_netloc) + return url_without_auth, netloc, auth + + +def remove_auth_from_url(url): + # type: (str) -> str + """Return a copy of url with 'username:password@' removed.""" + # username/pass params are passed to subversion through flags + # and are not recognized in the url. + return _transform_url(url, _get_netloc)[0] + + +def redact_auth_from_url(url): + # type: (str) -> str + """Replace the password in a given url with ****.""" + return _transform_url(url, _redact_netloc)[0] + + +class HiddenText: + def __init__( + self, + secret, # type: str + redacted, # type: str + ): + # type: (...) -> None + self.secret = secret + self.redacted = redacted + + def __repr__(self): + # type: (...) -> str + return "".format(str(self)) + + def __str__(self): + # type: (...) -> str + return self.redacted + + # This is useful for testing. + def __eq__(self, other): + # type: (Any) -> bool + if type(self) != type(other): + return False + + # The string being used for redaction doesn't also have to match, + # just the raw, original string. + return self.secret == other.secret + + +def hide_value(value): + # type: (str) -> HiddenText + return HiddenText(value, redacted="****") + + +def hide_url(url): + # type: (str) -> HiddenText + redacted = redact_auth_from_url(url) + return HiddenText(url, redacted=redacted) + + +def protect_pip_from_modification_on_windows(modifying_pip): + # type: (bool) -> None + """Protection of pip.exe from modification on Windows + + On Windows, any operation modifying pip should be run as: + python -m pip ... + """ + pip_names = [ + "pip.exe", + "pip{}.exe".format(sys.version_info[0]), + "pip{}.{}.exe".format(*sys.version_info[:2]), + ] + + # See https://github.com/pypa/pip/issues/1299 for more discussion + should_show_use_python_msg = ( + modifying_pip and WINDOWS and os.path.basename(sys.argv[0]) in pip_names + ) + + if should_show_use_python_msg: + new_command = [sys.executable, "-m", "pip"] + sys.argv[1:] + raise CommandError( + "To modify pip, please run the following command:\n{}".format( + " ".join(new_command) + ) + ) + + +def is_console_interactive(): + # type: () -> bool + """Is this console interactive?""" + return sys.stdin is not None and sys.stdin.isatty() + + +def hash_file(path, blocksize=1 << 20): + # type: (str, int) -> Tuple[Any, int] + """Return (hash, length) for path using hashlib.sha256()""" + + h = hashlib.sha256() + length = 0 + with open(path, "rb") as f: + for block in read_chunks(f, size=blocksize): + length += len(block) + h.update(block) + return h, length + + +def is_wheel_installed(): + # type: () -> bool + """ + Return whether the wheel package is installed. + """ + try: + import wheel # noqa: F401 + except ImportError: + return False + + return True + + +def pairwise(iterable): + # type: (Iterable[Any]) -> Iterator[Tuple[Any, Any]] + """ + Return paired elements. + + For example: + s -> (s0, s1), (s2, s3), (s4, s5), ... + """ + iterable = iter(iterable) + return zip_longest(iterable, iterable) + + +def partition( + pred, # type: Callable[[T], bool] + iterable, # type: Iterable[T] +): + # type: (...) -> Tuple[Iterable[T], Iterable[T]] + """ + Use a predicate to partition entries into false entries and true entries, + like + + partition(is_odd, range(10)) --> 0 2 4 6 8 and 1 3 5 7 9 + """ + t1, t2 = tee(iterable) + return filterfalse(pred, t1), filter(pred, t2) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/models.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/models.py new file mode 100644 index 000000000..0e02bc7a5 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/models.py @@ -0,0 +1,47 @@ +"""Utilities for defining models +""" + +import operator +from typing import Any, Callable, Type + + +class KeyBasedCompareMixin: + """Provides comparison capabilities that is based on a key""" + + __slots__ = ["_compare_key", "_defining_class"] + + def __init__(self, key, defining_class): + # type: (Any, Type[KeyBasedCompareMixin]) -> None + self._compare_key = key + self._defining_class = defining_class + + def __hash__(self): + # type: () -> int + return hash(self._compare_key) + + def __lt__(self, other): + # type: (Any) -> bool + return self._compare(other, operator.__lt__) + + def __le__(self, other): + # type: (Any) -> bool + return self._compare(other, operator.__le__) + + def __gt__(self, other): + # type: (Any) -> bool + return self._compare(other, operator.__gt__) + + def __ge__(self, other): + # type: (Any) -> bool + return self._compare(other, operator.__ge__) + + def __eq__(self, other): + # type: (Any) -> bool + return self._compare(other, operator.__eq__) + + def _compare(self, other, method): + # type: (Any, Callable[[Any, Any], bool]) -> bool + if not isinstance(other, self._defining_class): + return NotImplemented + + return method(self._compare_key, other._compare_key) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/packaging.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/packaging.py new file mode 100644 index 000000000..3f9dbd3b7 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/packaging.py @@ -0,0 +1,89 @@ +import logging +from email.message import Message +from email.parser import FeedParser +from typing import Optional, Tuple + +from pip._vendor import pkg_resources +from pip._vendor.packaging import specifiers, version +from pip._vendor.pkg_resources import Distribution + +from pip._internal.exceptions import NoneMetadataError +from pip._internal.utils.misc import display_path + +logger = logging.getLogger(__name__) + + +def check_requires_python(requires_python, version_info): + # type: (Optional[str], Tuple[int, ...]) -> bool + """ + Check if the given Python version matches a "Requires-Python" specifier. + + :param version_info: A 3-tuple of ints representing a Python + major-minor-micro version to check (e.g. `sys.version_info[:3]`). + + :return: `True` if the given Python version satisfies the requirement. + Otherwise, return `False`. + + :raises InvalidSpecifier: If `requires_python` has an invalid format. + """ + if requires_python is None: + # The package provides no information + return True + requires_python_specifier = specifiers.SpecifierSet(requires_python) + + python_version = version.parse(".".join(map(str, version_info))) + return python_version in requires_python_specifier + + +def get_metadata(dist): + # type: (Distribution) -> Message + """ + :raises NoneMetadataError: if the distribution reports `has_metadata()` + True but `get_metadata()` returns None. + """ + metadata_name = "METADATA" + if isinstance(dist, pkg_resources.DistInfoDistribution) and dist.has_metadata( + metadata_name + ): + metadata = dist.get_metadata(metadata_name) + elif dist.has_metadata("PKG-INFO"): + metadata_name = "PKG-INFO" + metadata = dist.get_metadata(metadata_name) + else: + logger.warning("No metadata found in %s", display_path(dist.location)) + metadata = "" + + if metadata is None: + raise NoneMetadataError(dist, metadata_name) + + feed_parser = FeedParser() + # The following line errors out if with a "NoneType" TypeError if + # passed metadata=None. + feed_parser.feed(metadata) + return feed_parser.close() + + +def get_requires_python(dist): + # type: (pkg_resources.Distribution) -> Optional[str] + """ + Return the "Requires-Python" metadata for a distribution, or None + if not present. + """ + pkg_info_dict = get_metadata(dist) + requires_python = pkg_info_dict.get("Requires-Python") + + if requires_python is not None: + # Convert to a str to satisfy the type checker, since requires_python + # can be a Header object. + requires_python = str(requires_python) + + return requires_python + + +def get_installer(dist): + # type: (Distribution) -> str + if dist.has_metadata("INSTALLER"): + for line in dist.get_metadata_lines("INSTALLER"): + if line.strip(): + return line.strip() + return "" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/parallel.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/parallel.py new file mode 100644 index 000000000..de91dc8ab --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/parallel.py @@ -0,0 +1,101 @@ +"""Convenient parallelization of higher order functions. + +This module provides two helper functions, with appropriate fallbacks on +Python 2 and on systems lacking support for synchronization mechanisms: + +- map_multiprocess +- map_multithread + +These helpers work like Python 3's map, with two differences: + +- They don't guarantee the order of processing of + the elements of the iterable. +- The underlying process/thread pools chop the iterable into + a number of chunks, so that for very long iterables using + a large value for chunksize can make the job complete much faster + than using the default value of 1. +""" + +__all__ = ["map_multiprocess", "map_multithread"] + +from contextlib import contextmanager +from multiprocessing import Pool as ProcessPool +from multiprocessing import pool +from multiprocessing.dummy import Pool as ThreadPool +from typing import Callable, Iterable, Iterator, TypeVar, Union + +from pip._vendor.requests.adapters import DEFAULT_POOLSIZE + +Pool = Union[pool.Pool, pool.ThreadPool] +S = TypeVar("S") +T = TypeVar("T") + +# On platforms without sem_open, multiprocessing[.dummy] Pool +# cannot be created. +try: + import multiprocessing.synchronize # noqa +except ImportError: + LACK_SEM_OPEN = True +else: + LACK_SEM_OPEN = False + +# Incredibly large timeout to work around bpo-8296 on Python 2. +TIMEOUT = 2000000 + + +@contextmanager +def closing(pool): + # type: (Pool) -> Iterator[Pool] + """Return a context manager making sure the pool closes properly.""" + try: + yield pool + finally: + # For Pool.imap*, close and join are needed + # for the returned iterator to begin yielding. + pool.close() + pool.join() + pool.terminate() + + +def _map_fallback(func, iterable, chunksize=1): + # type: (Callable[[S], T], Iterable[S], int) -> Iterator[T] + """Make an iterator applying func to each element in iterable. + + This function is the sequential fallback either on Python 2 + where Pool.imap* doesn't react to KeyboardInterrupt + or when sem_open is unavailable. + """ + return map(func, iterable) + + +def _map_multiprocess(func, iterable, chunksize=1): + # type: (Callable[[S], T], Iterable[S], int) -> Iterator[T] + """Chop iterable into chunks and submit them to a process pool. + + For very long iterables using a large value for chunksize can make + the job complete much faster than using the default value of 1. + + Return an unordered iterator of the results. + """ + with closing(ProcessPool()) as pool: + return pool.imap_unordered(func, iterable, chunksize) + + +def _map_multithread(func, iterable, chunksize=1): + # type: (Callable[[S], T], Iterable[S], int) -> Iterator[T] + """Chop iterable into chunks and submit them to a thread pool. + + For very long iterables using a large value for chunksize can make + the job complete much faster than using the default value of 1. + + Return an unordered iterator of the results. + """ + with closing(ThreadPool(DEFAULT_POOLSIZE)) as pool: + return pool.imap_unordered(func, iterable, chunksize) + + +if LACK_SEM_OPEN: + map_multiprocess = map_multithread = _map_fallback +else: + map_multiprocess = _map_multiprocess + map_multithread = _map_multithread diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/pkg_resources.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/pkg_resources.py new file mode 100644 index 000000000..ee1eca300 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/pkg_resources.py @@ -0,0 +1,40 @@ +from typing import Dict, Iterable, List + +from pip._vendor.pkg_resources import yield_lines + + +class DictMetadata: + """IMetadataProvider that reads metadata files from a dictionary.""" + + def __init__(self, metadata): + # type: (Dict[str, bytes]) -> None + self._metadata = metadata + + def has_metadata(self, name): + # type: (str) -> bool + return name in self._metadata + + def get_metadata(self, name): + # type: (str) -> str + try: + return self._metadata[name].decode() + except UnicodeDecodeError as e: + # Mirrors handling done in pkg_resources.NullProvider. + e.reason += f" in {name} file" + raise + + def get_metadata_lines(self, name): + # type: (str) -> Iterable[str] + return yield_lines(self.get_metadata(name)) + + def metadata_isdir(self, name): + # type: (str) -> bool + return False + + def metadata_listdir(self, name): + # type: (str) -> List[str] + return [] + + def run_script(self, script_name, namespace): + # type: (str, str) -> None + pass diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/setuptools_build.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/setuptools_build.py new file mode 100644 index 000000000..4b8e4b359 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/setuptools_build.py @@ -0,0 +1,173 @@ +import sys +from typing import List, Optional, Sequence + +# Shim to wrap setup.py invocation with setuptools +# +# We set sys.argv[0] to the path to the underlying setup.py file so +# setuptools / distutils don't take the path to the setup.py to be "-c" when +# invoking via the shim. This avoids e.g. the following manifest_maker +# warning: "warning: manifest_maker: standard file '-c' not found". +_SETUPTOOLS_SHIM = ( + "import io, os, sys, setuptools, tokenize; sys.argv[0] = {0!r}; __file__={0!r};" + "f = getattr(tokenize, 'open', open)(__file__) " + "if os.path.exists(__file__) " + "else io.StringIO('from setuptools import setup; setup()');" + "code = f.read().replace('\\r\\n', '\\n');" + "f.close();" + "exec(compile(code, __file__, 'exec'))" +) + + +def make_setuptools_shim_args( + setup_py_path, # type: str + global_options=None, # type: Sequence[str] + no_user_config=False, # type: bool + unbuffered_output=False, # type: bool +): + # type: (...) -> List[str] + """ + Get setuptools command arguments with shim wrapped setup file invocation. + + :param setup_py_path: The path to setup.py to be wrapped. + :param global_options: Additional global options. + :param no_user_config: If True, disables personal user configuration. + :param unbuffered_output: If True, adds the unbuffered switch to the + argument list. + """ + args = [sys.executable] + if unbuffered_output: + args += ["-u"] + args += ["-c", _SETUPTOOLS_SHIM.format(setup_py_path)] + if global_options: + args += global_options + if no_user_config: + args += ["--no-user-cfg"] + return args + + +def make_setuptools_bdist_wheel_args( + setup_py_path, # type: str + global_options, # type: Sequence[str] + build_options, # type: Sequence[str] + destination_dir, # type: str +): + # type: (...) -> List[str] + # NOTE: Eventually, we'd want to also -S to the flags here, when we're + # isolating. Currently, it breaks Python in virtualenvs, because it + # relies on site.py to find parts of the standard library outside the + # virtualenv. + args = make_setuptools_shim_args( + setup_py_path, global_options=global_options, unbuffered_output=True + ) + args += ["bdist_wheel", "-d", destination_dir] + args += build_options + return args + + +def make_setuptools_clean_args( + setup_py_path, # type: str + global_options, # type: Sequence[str] +): + # type: (...) -> List[str] + args = make_setuptools_shim_args( + setup_py_path, global_options=global_options, unbuffered_output=True + ) + args += ["clean", "--all"] + return args + + +def make_setuptools_develop_args( + setup_py_path, # type: str + global_options, # type: Sequence[str] + install_options, # type: Sequence[str] + no_user_config, # type: bool + prefix, # type: Optional[str] + home, # type: Optional[str] + use_user_site, # type: bool +): + # type: (...) -> List[str] + assert not (use_user_site and prefix) + + args = make_setuptools_shim_args( + setup_py_path, + global_options=global_options, + no_user_config=no_user_config, + ) + + args += ["develop", "--no-deps"] + + args += install_options + + if prefix: + args += ["--prefix", prefix] + if home is not None: + args += ["--install-dir", home] + + if use_user_site: + args += ["--user", "--prefix="] + + return args + + +def make_setuptools_egg_info_args( + setup_py_path, # type: str + egg_info_dir, # type: Optional[str] + no_user_config, # type: bool +): + # type: (...) -> List[str] + args = make_setuptools_shim_args(setup_py_path, no_user_config=no_user_config) + + args += ["egg_info"] + + if egg_info_dir: + args += ["--egg-base", egg_info_dir] + + return args + + +def make_setuptools_install_args( + setup_py_path, # type: str + global_options, # type: Sequence[str] + install_options, # type: Sequence[str] + record_filename, # type: str + root, # type: Optional[str] + prefix, # type: Optional[str] + header_dir, # type: Optional[str] + home, # type: Optional[str] + use_user_site, # type: bool + no_user_config, # type: bool + pycompile, # type: bool +): + # type: (...) -> List[str] + assert not (use_user_site and prefix) + assert not (use_user_site and root) + + args = make_setuptools_shim_args( + setup_py_path, + global_options=global_options, + no_user_config=no_user_config, + unbuffered_output=True, + ) + args += ["install", "--record", record_filename] + args += ["--single-version-externally-managed"] + + if root is not None: + args += ["--root", root] + if prefix is not None: + args += ["--prefix", prefix] + if home is not None: + args += ["--home", home] + if use_user_site: + args += ["--user", "--prefix="] + + if pycompile: + args += ["--compile"] + else: + args += ["--no-compile"] + + if header_dir: + args += ["--install-headers", header_dir] + + args += install_options + + return args diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/subprocess.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/subprocess.py new file mode 100644 index 000000000..da052ee69 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/subprocess.py @@ -0,0 +1,281 @@ +import logging +import os +import shlex +import subprocess +from typing import Any, Callable, Iterable, List, Mapping, Optional, Union + +from pip._internal.cli.spinners import SpinnerInterface, open_spinner +from pip._internal.exceptions import InstallationSubprocessError +from pip._internal.utils.logging import VERBOSE, subprocess_logger +from pip._internal.utils.misc import HiddenText + +CommandArgs = List[Union[str, HiddenText]] + + +LOG_DIVIDER = "----------------------------------------" + + +def make_command(*args): + # type: (Union[str, HiddenText, CommandArgs]) -> CommandArgs + """ + Create a CommandArgs object. + """ + command_args = [] # type: CommandArgs + for arg in args: + # Check for list instead of CommandArgs since CommandArgs is + # only known during type-checking. + if isinstance(arg, list): + command_args.extend(arg) + else: + # Otherwise, arg is str or HiddenText. + command_args.append(arg) + + return command_args + + +def format_command_args(args): + # type: (Union[List[str], CommandArgs]) -> str + """ + Format command arguments for display. + """ + # For HiddenText arguments, display the redacted form by calling str(). + # Also, we don't apply str() to arguments that aren't HiddenText since + # this can trigger a UnicodeDecodeError in Python 2 if the argument + # has type unicode and includes a non-ascii character. (The type + # checker doesn't ensure the annotations are correct in all cases.) + return " ".join( + shlex.quote(str(arg)) if isinstance(arg, HiddenText) else shlex.quote(arg) + for arg in args + ) + + +def reveal_command_args(args): + # type: (Union[List[str], CommandArgs]) -> List[str] + """ + Return the arguments in their raw, unredacted form. + """ + return [arg.secret if isinstance(arg, HiddenText) else arg for arg in args] + + +def make_subprocess_output_error( + cmd_args, # type: Union[List[str], CommandArgs] + cwd, # type: Optional[str] + lines, # type: List[str] + exit_status, # type: int +): + # type: (...) -> str + """ + Create and return the error message to use to log a subprocess error + with command output. + + :param lines: A list of lines, each ending with a newline. + """ + command = format_command_args(cmd_args) + + # We know the joined output value ends in a newline. + output = "".join(lines) + msg = ( + # Use a unicode string to avoid "UnicodeEncodeError: 'ascii' + # codec can't encode character ..." in Python 2 when a format + # argument (e.g. `output`) has a non-ascii character. + "Command errored out with exit status {exit_status}:\n" + " command: {command_display}\n" + " cwd: {cwd_display}\n" + "Complete output ({line_count} lines):\n{output}{divider}" + ).format( + exit_status=exit_status, + command_display=command, + cwd_display=cwd, + line_count=len(lines), + output=output, + divider=LOG_DIVIDER, + ) + return msg + + +def call_subprocess( + cmd, # type: Union[List[str], CommandArgs] + show_stdout=False, # type: bool + cwd=None, # type: Optional[str] + on_returncode="raise", # type: str + extra_ok_returncodes=None, # type: Optional[Iterable[int]] + command_desc=None, # type: Optional[str] + extra_environ=None, # type: Optional[Mapping[str, Any]] + unset_environ=None, # type: Optional[Iterable[str]] + spinner=None, # type: Optional[SpinnerInterface] + log_failed_cmd=True, # type: Optional[bool] + stdout_only=False, # type: Optional[bool] +): + # type: (...) -> str + """ + Args: + show_stdout: if true, use INFO to log the subprocess's stderr and + stdout streams. Otherwise, use DEBUG. Defaults to False. + extra_ok_returncodes: an iterable of integer return codes that are + acceptable, in addition to 0. Defaults to None, which means []. + unset_environ: an iterable of environment variable names to unset + prior to calling subprocess.Popen(). + log_failed_cmd: if false, failed commands are not logged, only raised. + stdout_only: if true, return only stdout, else return both. When true, + logging of both stdout and stderr occurs when the subprocess has + terminated, else logging occurs as subprocess output is produced. + """ + if extra_ok_returncodes is None: + extra_ok_returncodes = [] + if unset_environ is None: + unset_environ = [] + # Most places in pip use show_stdout=False. What this means is-- + # + # - We connect the child's output (combined stderr and stdout) to a + # single pipe, which we read. + # - We log this output to stderr at DEBUG level as it is received. + # - If DEBUG logging isn't enabled (e.g. if --verbose logging wasn't + # requested), then we show a spinner so the user can still see the + # subprocess is in progress. + # - If the subprocess exits with an error, we log the output to stderr + # at ERROR level if it hasn't already been displayed to the console + # (e.g. if --verbose logging wasn't enabled). This way we don't log + # the output to the console twice. + # + # If show_stdout=True, then the above is still done, but with DEBUG + # replaced by INFO. + if show_stdout: + # Then log the subprocess output at INFO level. + log_subprocess = subprocess_logger.info + used_level = logging.INFO + else: + # Then log the subprocess output using VERBOSE. This also ensures + # it will be logged to the log file (aka user_log), if enabled. + log_subprocess = subprocess_logger.verbose + used_level = VERBOSE + + # Whether the subprocess will be visible in the console. + showing_subprocess = subprocess_logger.getEffectiveLevel() <= used_level + + # Only use the spinner if we're not showing the subprocess output + # and we have a spinner. + use_spinner = not showing_subprocess and spinner is not None + + if command_desc is None: + command_desc = format_command_args(cmd) + + log_subprocess("Running command %s", command_desc) + env = os.environ.copy() + if extra_environ: + env.update(extra_environ) + for name in unset_environ: + env.pop(name, None) + try: + proc = subprocess.Popen( + # Convert HiddenText objects to the underlying str. + reveal_command_args(cmd), + stdin=subprocess.PIPE, + stdout=subprocess.PIPE, + stderr=subprocess.STDOUT if not stdout_only else subprocess.PIPE, + cwd=cwd, + env=env, + errors="backslashreplace", + ) + except Exception as exc: + if log_failed_cmd: + subprocess_logger.critical( + "Error %s while executing command %s", + exc, + command_desc, + ) + raise + all_output = [] + if not stdout_only: + assert proc.stdout + assert proc.stdin + proc.stdin.close() + # In this mode, stdout and stderr are in the same pipe. + while True: + line = proc.stdout.readline() # type: str + if not line: + break + line = line.rstrip() + all_output.append(line + "\n") + + # Show the line immediately. + log_subprocess(line) + # Update the spinner. + if use_spinner: + assert spinner + spinner.spin() + try: + proc.wait() + finally: + if proc.stdout: + proc.stdout.close() + output = "".join(all_output) + else: + # In this mode, stdout and stderr are in different pipes. + # We must use communicate() which is the only safe way to read both. + out, err = proc.communicate() + # log line by line to preserve pip log indenting + for out_line in out.splitlines(): + log_subprocess(out_line) + all_output.append(out) + for err_line in err.splitlines(): + log_subprocess(err_line) + all_output.append(err) + output = out + + proc_had_error = proc.returncode and proc.returncode not in extra_ok_returncodes + if use_spinner: + assert spinner + if proc_had_error: + spinner.finish("error") + else: + spinner.finish("done") + if proc_had_error: + if on_returncode == "raise": + if not showing_subprocess and log_failed_cmd: + # Then the subprocess streams haven't been logged to the + # console yet. + msg = make_subprocess_output_error( + cmd_args=cmd, + cwd=cwd, + lines=all_output, + exit_status=proc.returncode, + ) + subprocess_logger.error(msg) + raise InstallationSubprocessError(proc.returncode, command_desc) + elif on_returncode == "warn": + subprocess_logger.warning( + 'Command "%s" had error code %s in %s', + command_desc, + proc.returncode, + cwd, + ) + elif on_returncode == "ignore": + pass + else: + raise ValueError(f"Invalid value: on_returncode={on_returncode!r}") + return output + + +def runner_with_spinner_message(message): + # type: (str) -> Callable[..., None] + """Provide a subprocess_runner that shows a spinner message. + + Intended for use with for pep517's Pep517HookCaller. Thus, the runner has + an API that matches what's expected by Pep517HookCaller.subprocess_runner. + """ + + def runner( + cmd, # type: List[str] + cwd=None, # type: Optional[str] + extra_environ=None, # type: Optional[Mapping[str, Any]] + ): + # type: (...) -> None + with open_spinner(message) as spinner: + call_subprocess( + cmd, + cwd=cwd, + extra_environ=extra_environ, + spinner=spinner, + ) + + return runner diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/temp_dir.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/temp_dir.py new file mode 100644 index 000000000..477cbe6b1 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/temp_dir.py @@ -0,0 +1,260 @@ +import errno +import itertools +import logging +import os.path +import tempfile +from contextlib import ExitStack, contextmanager +from typing import Any, Dict, Iterator, Optional, TypeVar, Union + +from pip._internal.utils.misc import enum, rmtree + +logger = logging.getLogger(__name__) + +_T = TypeVar("_T", bound="TempDirectory") + + +# Kinds of temporary directories. Only needed for ones that are +# globally-managed. +tempdir_kinds = enum( + BUILD_ENV="build-env", + EPHEM_WHEEL_CACHE="ephem-wheel-cache", + REQ_BUILD="req-build", +) + + +_tempdir_manager = None # type: Optional[ExitStack] + + +@contextmanager +def global_tempdir_manager(): + # type: () -> Iterator[None] + global _tempdir_manager + with ExitStack() as stack: + old_tempdir_manager, _tempdir_manager = _tempdir_manager, stack + try: + yield + finally: + _tempdir_manager = old_tempdir_manager + + +class TempDirectoryTypeRegistry: + """Manages temp directory behavior""" + + def __init__(self): + # type: () -> None + self._should_delete = {} # type: Dict[str, bool] + + def set_delete(self, kind, value): + # type: (str, bool) -> None + """Indicate whether a TempDirectory of the given kind should be + auto-deleted. + """ + self._should_delete[kind] = value + + def get_delete(self, kind): + # type: (str) -> bool + """Get configured auto-delete flag for a given TempDirectory type, + default True. + """ + return self._should_delete.get(kind, True) + + +_tempdir_registry = None # type: Optional[TempDirectoryTypeRegistry] + + +@contextmanager +def tempdir_registry(): + # type: () -> Iterator[TempDirectoryTypeRegistry] + """Provides a scoped global tempdir registry that can be used to dictate + whether directories should be deleted. + """ + global _tempdir_registry + old_tempdir_registry = _tempdir_registry + _tempdir_registry = TempDirectoryTypeRegistry() + try: + yield _tempdir_registry + finally: + _tempdir_registry = old_tempdir_registry + + +class _Default: + pass + + +_default = _Default() + + +class TempDirectory: + """Helper class that owns and cleans up a temporary directory. + + This class can be used as a context manager or as an OO representation of a + temporary directory. + + Attributes: + path + Location to the created temporary directory + delete + Whether the directory should be deleted when exiting + (when used as a contextmanager) + + Methods: + cleanup() + Deletes the temporary directory + + When used as a context manager, if the delete attribute is True, on + exiting the context the temporary directory is deleted. + """ + + def __init__( + self, + path=None, # type: Optional[str] + delete=_default, # type: Union[bool, None, _Default] + kind="temp", # type: str + globally_managed=False, # type: bool + ): + super().__init__() + + if delete is _default: + if path is not None: + # If we were given an explicit directory, resolve delete option + # now. + delete = False + else: + # Otherwise, we wait until cleanup and see what + # tempdir_registry says. + delete = None + + # The only time we specify path is in for editables where it + # is the value of the --src option. + if path is None: + path = self._create(kind) + + self._path = path + self._deleted = False + self.delete = delete + self.kind = kind + + if globally_managed: + assert _tempdir_manager is not None + _tempdir_manager.enter_context(self) + + @property + def path(self): + # type: () -> str + assert not self._deleted, f"Attempted to access deleted path: {self._path}" + return self._path + + def __repr__(self): + # type: () -> str + return f"<{self.__class__.__name__} {self.path!r}>" + + def __enter__(self): + # type: (_T) -> _T + return self + + def __exit__(self, exc, value, tb): + # type: (Any, Any, Any) -> None + if self.delete is not None: + delete = self.delete + elif _tempdir_registry: + delete = _tempdir_registry.get_delete(self.kind) + else: + delete = True + + if delete: + self.cleanup() + + def _create(self, kind): + # type: (str) -> str + """Create a temporary directory and store its path in self.path""" + # We realpath here because some systems have their default tmpdir + # symlinked to another directory. This tends to confuse build + # scripts, so we canonicalize the path by traversing potential + # symlinks here. + path = os.path.realpath(tempfile.mkdtemp(prefix=f"pip-{kind}-")) + logger.debug("Created temporary directory: %s", path) + return path + + def cleanup(self): + # type: () -> None + """Remove the temporary directory created and reset state""" + self._deleted = True + if not os.path.exists(self._path): + return + rmtree(self._path) + + +class AdjacentTempDirectory(TempDirectory): + """Helper class that creates a temporary directory adjacent to a real one. + + Attributes: + original + The original directory to create a temp directory for. + path + After calling create() or entering, contains the full + path to the temporary directory. + delete + Whether the directory should be deleted when exiting + (when used as a contextmanager) + + """ + + # The characters that may be used to name the temp directory + # We always prepend a ~ and then rotate through these until + # a usable name is found. + # pkg_resources raises a different error for .dist-info folder + # with leading '-' and invalid metadata + LEADING_CHARS = "-~.=%0123456789" + + def __init__(self, original, delete=None): + # type: (str, Optional[bool]) -> None + self.original = original.rstrip("/\\") + super().__init__(delete=delete) + + @classmethod + def _generate_names(cls, name): + # type: (str) -> Iterator[str] + """Generates a series of temporary names. + + The algorithm replaces the leading characters in the name + with ones that are valid filesystem characters, but are not + valid package names (for both Python and pip definitions of + package). + """ + for i in range(1, len(name)): + for candidate in itertools.combinations_with_replacement( + cls.LEADING_CHARS, i - 1 + ): + new_name = "~" + "".join(candidate) + name[i:] + if new_name != name: + yield new_name + + # If we make it this far, we will have to make a longer name + for i in range(len(cls.LEADING_CHARS)): + for candidate in itertools.combinations_with_replacement( + cls.LEADING_CHARS, i + ): + new_name = "~" + "".join(candidate) + name + if new_name != name: + yield new_name + + def _create(self, kind): + # type: (str) -> str + root, name = os.path.split(self.original) + for candidate in self._generate_names(name): + path = os.path.join(root, candidate) + try: + os.mkdir(path) + except OSError as ex: + # Continue if the name exists already + if ex.errno != errno.EEXIST: + raise + else: + path = os.path.realpath(path) + break + else: + # Final fallback on the default behavior. + path = os.path.realpath(tempfile.mkdtemp(prefix=f"pip-{kind}-")) + + logger.debug("Created temporary directory: %s", path) + return path diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/unpacking.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/unpacking.py new file mode 100644 index 000000000..bffb3cd65 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/unpacking.py @@ -0,0 +1,267 @@ +"""Utilities related archives. +""" + +import logging +import os +import shutil +import stat +import tarfile +import zipfile +from typing import Iterable, List, Optional +from zipfile import ZipInfo + +from pip._internal.exceptions import InstallationError +from pip._internal.utils.filetypes import ( + BZ2_EXTENSIONS, + TAR_EXTENSIONS, + XZ_EXTENSIONS, + ZIP_EXTENSIONS, +) +from pip._internal.utils.misc import ensure_dir + +logger = logging.getLogger(__name__) + + +SUPPORTED_EXTENSIONS = ZIP_EXTENSIONS + TAR_EXTENSIONS + +try: + import bz2 # noqa + + SUPPORTED_EXTENSIONS += BZ2_EXTENSIONS +except ImportError: + logger.debug("bz2 module is not available") + +try: + # Only for Python 3.3+ + import lzma # noqa + + SUPPORTED_EXTENSIONS += XZ_EXTENSIONS +except ImportError: + logger.debug("lzma module is not available") + + +def current_umask(): + # type: () -> int + """Get the current umask which involves having to set it temporarily.""" + mask = os.umask(0) + os.umask(mask) + return mask + + +def split_leading_dir(path): + # type: (str) -> List[str] + path = path.lstrip("/").lstrip("\\") + if "/" in path and ( + ("\\" in path and path.find("/") < path.find("\\")) or "\\" not in path + ): + return path.split("/", 1) + elif "\\" in path: + return path.split("\\", 1) + else: + return [path, ""] + + +def has_leading_dir(paths): + # type: (Iterable[str]) -> bool + """Returns true if all the paths have the same leading path name + (i.e., everything is in one subdirectory in an archive)""" + common_prefix = None + for path in paths: + prefix, rest = split_leading_dir(path) + if not prefix: + return False + elif common_prefix is None: + common_prefix = prefix + elif prefix != common_prefix: + return False + return True + + +def is_within_directory(directory, target): + # type: (str, str) -> bool + """ + Return true if the absolute path of target is within the directory + """ + abs_directory = os.path.abspath(directory) + abs_target = os.path.abspath(target) + + prefix = os.path.commonprefix([abs_directory, abs_target]) + return prefix == abs_directory + + +def set_extracted_file_to_default_mode_plus_executable(path): + # type: (str) -> None + """ + Make file present at path have execute for user/group/world + (chmod +x) is no-op on windows per python docs + """ + os.chmod(path, (0o777 & ~current_umask() | 0o111)) + + +def zip_item_is_executable(info): + # type: (ZipInfo) -> bool + mode = info.external_attr >> 16 + # if mode and regular file and any execute permissions for + # user/group/world? + return bool(mode and stat.S_ISREG(mode) and mode & 0o111) + + +def unzip_file(filename, location, flatten=True): + # type: (str, str, bool) -> None + """ + Unzip the file (with path `filename`) to the destination `location`. All + files are written based on system defaults and umask (i.e. permissions are + not preserved), except that regular file members with any execute + permissions (user, group, or world) have "chmod +x" applied after being + written. Note that for windows, any execute changes using os.chmod are + no-ops per the python docs. + """ + ensure_dir(location) + zipfp = open(filename, "rb") + try: + zip = zipfile.ZipFile(zipfp, allowZip64=True) + leading = has_leading_dir(zip.namelist()) and flatten + for info in zip.infolist(): + name = info.filename + fn = name + if leading: + fn = split_leading_dir(name)[1] + fn = os.path.join(location, fn) + dir = os.path.dirname(fn) + if not is_within_directory(location, fn): + message = ( + "The zip file ({}) has a file ({}) trying to install " + "outside target directory ({})" + ) + raise InstallationError(message.format(filename, fn, location)) + if fn.endswith("/") or fn.endswith("\\"): + # A directory + ensure_dir(fn) + else: + ensure_dir(dir) + # Don't use read() to avoid allocating an arbitrarily large + # chunk of memory for the file's content + fp = zip.open(name) + try: + with open(fn, "wb") as destfp: + shutil.copyfileobj(fp, destfp) + finally: + fp.close() + if zip_item_is_executable(info): + set_extracted_file_to_default_mode_plus_executable(fn) + finally: + zipfp.close() + + +def untar_file(filename, location): + # type: (str, str) -> None + """ + Untar the file (with path `filename`) to the destination `location`. + All files are written based on system defaults and umask (i.e. permissions + are not preserved), except that regular file members with any execute + permissions (user, group, or world) have "chmod +x" applied after being + written. Note that for windows, any execute changes using os.chmod are + no-ops per the python docs. + """ + ensure_dir(location) + if filename.lower().endswith(".gz") or filename.lower().endswith(".tgz"): + mode = "r:gz" + elif filename.lower().endswith(BZ2_EXTENSIONS): + mode = "r:bz2" + elif filename.lower().endswith(XZ_EXTENSIONS): + mode = "r:xz" + elif filename.lower().endswith(".tar"): + mode = "r" + else: + logger.warning( + "Cannot determine compression type for file %s", + filename, + ) + mode = "r:*" + tar = tarfile.open(filename, mode, encoding="utf-8") + try: + leading = has_leading_dir([member.name for member in tar.getmembers()]) + for member in tar.getmembers(): + fn = member.name + if leading: + fn = split_leading_dir(fn)[1] + path = os.path.join(location, fn) + if not is_within_directory(location, path): + message = ( + "The tar file ({}) has a file ({}) trying to install " + "outside target directory ({})" + ) + raise InstallationError(message.format(filename, path, location)) + if member.isdir(): + ensure_dir(path) + elif member.issym(): + try: + # https://github.com/python/typeshed/issues/2673 + tar._extract_member(member, path) # type: ignore + except Exception as exc: + # Some corrupt tar files seem to produce this + # (specifically bad symlinks) + logger.warning( + "In the tar file %s the member %s is invalid: %s", + filename, + member.name, + exc, + ) + continue + else: + try: + fp = tar.extractfile(member) + except (KeyError, AttributeError) as exc: + # Some corrupt tar files seem to produce this + # (specifically bad symlinks) + logger.warning( + "In the tar file %s the member %s is invalid: %s", + filename, + member.name, + exc, + ) + continue + ensure_dir(os.path.dirname(path)) + assert fp is not None + with open(path, "wb") as destfp: + shutil.copyfileobj(fp, destfp) + fp.close() + # Update the timestamp (useful for cython compiled files) + tar.utime(member, path) + # member have any execute permissions for user/group/world? + if member.mode & 0o111: + set_extracted_file_to_default_mode_plus_executable(path) + finally: + tar.close() + + +def unpack_file( + filename, # type: str + location, # type: str + content_type=None, # type: Optional[str] +): + # type: (...) -> None + filename = os.path.realpath(filename) + if ( + content_type == "application/zip" + or filename.lower().endswith(ZIP_EXTENSIONS) + or zipfile.is_zipfile(filename) + ): + unzip_file(filename, location, flatten=not filename.endswith(".whl")) + elif ( + content_type == "application/x-gzip" + or tarfile.is_tarfile(filename) + or filename.lower().endswith(TAR_EXTENSIONS + BZ2_EXTENSIONS + XZ_EXTENSIONS) + ): + untar_file(filename, location) + else: + # FIXME: handle? + # FIXME: magic signatures? + logger.critical( + "Cannot unpack file %s (downloaded from %s, content-type: %s); " + "cannot detect archive format", + filename, + location, + content_type, + ) + raise InstallationError(f"Cannot determine archive format of {location}") diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/urls.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/urls.py new file mode 100644 index 000000000..7b51052c9 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/urls.py @@ -0,0 +1,65 @@ +import os +import string +import urllib.parse +import urllib.request +from typing import Optional + +from .compat import WINDOWS + + +def get_url_scheme(url): + # type: (str) -> Optional[str] + if ":" not in url: + return None + return url.split(":", 1)[0].lower() + + +def path_to_url(path): + # type: (str) -> str + """ + Convert a path to a file: URL. The path will be made absolute and have + quoted path parts. + """ + path = os.path.normpath(os.path.abspath(path)) + url = urllib.parse.urljoin("file:", urllib.request.pathname2url(path)) + return url + + +def url_to_path(url): + # type: (str) -> str + """ + Convert a file: URL to a path. + """ + assert url.startswith( + "file:" + ), f"You can only turn file: urls into filenames (not {url!r})" + + _, netloc, path, _, _ = urllib.parse.urlsplit(url) + + if not netloc or netloc == "localhost": + # According to RFC 8089, same as empty authority. + netloc = "" + elif WINDOWS: + # If we have a UNC path, prepend UNC share notation. + netloc = "\\\\" + netloc + else: + raise ValueError( + f"non-local file URIs are not supported on this platform: {url!r}" + ) + + path = urllib.request.url2pathname(netloc + path) + + # On Windows, urlsplit parses the path as something like "/C:/Users/foo". + # This creates issues for path-related functions like io.open(), so we try + # to detect and strip the leading slash. + if ( + WINDOWS + and not netloc # Not UNC. + and len(path) >= 3 + and path[0] == "/" # Leading slash to strip. + and path[1] in string.ascii_letters # Drive letter. + and path[2:4] in (":", ":/") # Colon + end of string, or colon + absolute path. + ): + path = path[1:] + + return path diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/virtualenv.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/virtualenv.py new file mode 100644 index 000000000..51cacb55c --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/virtualenv.py @@ -0,0 +1,111 @@ +import logging +import os +import re +import site +import sys +from typing import List, Optional + +logger = logging.getLogger(__name__) +_INCLUDE_SYSTEM_SITE_PACKAGES_REGEX = re.compile( + r"include-system-site-packages\s*=\s*(?Ptrue|false)" +) + + +def _running_under_venv(): + # type: () -> bool + """Checks if sys.base_prefix and sys.prefix match. + + This handles PEP 405 compliant virtual environments. + """ + return sys.prefix != getattr(sys, "base_prefix", sys.prefix) + + +def _running_under_regular_virtualenv(): + # type: () -> bool + """Checks if sys.real_prefix is set. + + This handles virtual environments created with pypa's virtualenv. + """ + # pypa/virtualenv case + return hasattr(sys, "real_prefix") + + +def running_under_virtualenv(): + # type: () -> bool + """Return True if we're running inside a virtualenv, False otherwise.""" + return _running_under_venv() or _running_under_regular_virtualenv() + + +def _get_pyvenv_cfg_lines(): + # type: () -> Optional[List[str]] + """Reads {sys.prefix}/pyvenv.cfg and returns its contents as list of lines + + Returns None, if it could not read/access the file. + """ + pyvenv_cfg_file = os.path.join(sys.prefix, "pyvenv.cfg") + try: + # Although PEP 405 does not specify, the built-in venv module always + # writes with UTF-8. (pypa/pip#8717) + with open(pyvenv_cfg_file, encoding="utf-8") as f: + return f.read().splitlines() # avoids trailing newlines + except OSError: + return None + + +def _no_global_under_venv(): + # type: () -> bool + """Check `{sys.prefix}/pyvenv.cfg` for system site-packages inclusion + + PEP 405 specifies that when system site-packages are not supposed to be + visible from a virtual environment, `pyvenv.cfg` must contain the following + line: + + include-system-site-packages = false + + Additionally, log a warning if accessing the file fails. + """ + cfg_lines = _get_pyvenv_cfg_lines() + if cfg_lines is None: + # We're not in a "sane" venv, so assume there is no system + # site-packages access (since that's PEP 405's default state). + logger.warning( + "Could not access 'pyvenv.cfg' despite a virtual environment " + "being active. Assuming global site-packages is not accessible " + "in this environment." + ) + return True + + for line in cfg_lines: + match = _INCLUDE_SYSTEM_SITE_PACKAGES_REGEX.match(line) + if match is not None and match.group("value") == "false": + return True + return False + + +def _no_global_under_regular_virtualenv(): + # type: () -> bool + """Check if "no-global-site-packages.txt" exists beside site.py + + This mirrors logic in pypa/virtualenv for determining whether system + site-packages are visible in the virtual environment. + """ + site_mod_dir = os.path.dirname(os.path.abspath(site.__file__)) + no_global_site_packages_file = os.path.join( + site_mod_dir, + "no-global-site-packages.txt", + ) + return os.path.exists(no_global_site_packages_file) + + +def virtualenv_no_global(): + # type: () -> bool + """Returns a boolean, whether running in venv with no system site-packages.""" + # PEP 405 compliance needs to be checked first since virtualenv >=20 would + # return True for both checks, but is only able to use the PEP 405 config. + if _running_under_venv(): + return _no_global_under_venv() + + if _running_under_regular_virtualenv(): + return _no_global_under_regular_virtualenv() + + return False diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/wheel.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/wheel.py new file mode 100644 index 000000000..42f080845 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/utils/wheel.py @@ -0,0 +1,189 @@ +"""Support functions for working with wheel files. +""" + +import logging +from email.message import Message +from email.parser import Parser +from typing import Dict, Tuple +from zipfile import BadZipFile, ZipFile + +from pip._vendor.packaging.utils import canonicalize_name +from pip._vendor.pkg_resources import DistInfoDistribution, Distribution + +from pip._internal.exceptions import UnsupportedWheel +from pip._internal.utils.pkg_resources import DictMetadata + +VERSION_COMPATIBLE = (1, 0) + + +logger = logging.getLogger(__name__) + + +class WheelMetadata(DictMetadata): + """Metadata provider that maps metadata decoding exceptions to our + internal exception type. + """ + + def __init__(self, metadata, wheel_name): + # type: (Dict[str, bytes], str) -> None + super().__init__(metadata) + self._wheel_name = wheel_name + + def get_metadata(self, name): + # type: (str) -> str + try: + return super().get_metadata(name) + except UnicodeDecodeError as e: + # Augment the default error with the origin of the file. + raise UnsupportedWheel( + f"Error decoding metadata for {self._wheel_name}: {e}" + ) + + +def pkg_resources_distribution_for_wheel(wheel_zip, name, location): + # type: (ZipFile, str, str) -> Distribution + """Get a pkg_resources distribution given a wheel. + + :raises UnsupportedWheel: on any errors + """ + info_dir, _ = parse_wheel(wheel_zip, name) + + metadata_files = [p for p in wheel_zip.namelist() if p.startswith(f"{info_dir}/")] + + metadata_text = {} # type: Dict[str, bytes] + for path in metadata_files: + _, metadata_name = path.split("/", 1) + + try: + metadata_text[metadata_name] = read_wheel_metadata_file(wheel_zip, path) + except UnsupportedWheel as e: + raise UnsupportedWheel("{} has an invalid wheel, {}".format(name, str(e))) + + metadata = WheelMetadata(metadata_text, location) + + return DistInfoDistribution(location=location, metadata=metadata, project_name=name) + + +def parse_wheel(wheel_zip, name): + # type: (ZipFile, str) -> Tuple[str, Message] + """Extract information from the provided wheel, ensuring it meets basic + standards. + + Returns the name of the .dist-info directory and the parsed WHEEL metadata. + """ + try: + info_dir = wheel_dist_info_dir(wheel_zip, name) + metadata = wheel_metadata(wheel_zip, info_dir) + version = wheel_version(metadata) + except UnsupportedWheel as e: + raise UnsupportedWheel("{} has an invalid wheel, {}".format(name, str(e))) + + check_compatibility(version, name) + + return info_dir, metadata + + +def wheel_dist_info_dir(source, name): + # type: (ZipFile, str) -> str + """Returns the name of the contained .dist-info directory. + + Raises AssertionError or UnsupportedWheel if not found, >1 found, or + it doesn't match the provided name. + """ + # Zip file path separators must be / + subdirs = {p.split("/", 1)[0] for p in source.namelist()} + + info_dirs = [s for s in subdirs if s.endswith(".dist-info")] + + if not info_dirs: + raise UnsupportedWheel(".dist-info directory not found") + + if len(info_dirs) > 1: + raise UnsupportedWheel( + "multiple .dist-info directories found: {}".format(", ".join(info_dirs)) + ) + + info_dir = info_dirs[0] + + info_dir_name = canonicalize_name(info_dir) + canonical_name = canonicalize_name(name) + if not info_dir_name.startswith(canonical_name): + raise UnsupportedWheel( + ".dist-info directory {!r} does not start with {!r}".format( + info_dir, canonical_name + ) + ) + + return info_dir + + +def read_wheel_metadata_file(source, path): + # type: (ZipFile, str) -> bytes + try: + return source.read(path) + # BadZipFile for general corruption, KeyError for missing entry, + # and RuntimeError for password-protected files + except (BadZipFile, KeyError, RuntimeError) as e: + raise UnsupportedWheel(f"could not read {path!r} file: {e!r}") + + +def wheel_metadata(source, dist_info_dir): + # type: (ZipFile, str) -> Message + """Return the WHEEL metadata of an extracted wheel, if possible. + Otherwise, raise UnsupportedWheel. + """ + path = f"{dist_info_dir}/WHEEL" + # Zip file path separators must be / + wheel_contents = read_wheel_metadata_file(source, path) + + try: + wheel_text = wheel_contents.decode() + except UnicodeDecodeError as e: + raise UnsupportedWheel(f"error decoding {path!r}: {e!r}") + + # FeedParser (used by Parser) does not raise any exceptions. The returned + # message may have .defects populated, but for backwards-compatibility we + # currently ignore them. + return Parser().parsestr(wheel_text) + + +def wheel_version(wheel_data): + # type: (Message) -> Tuple[int, ...] + """Given WHEEL metadata, return the parsed Wheel-Version. + Otherwise, raise UnsupportedWheel. + """ + version_text = wheel_data["Wheel-Version"] + if version_text is None: + raise UnsupportedWheel("WHEEL is missing Wheel-Version") + + version = version_text.strip() + + try: + return tuple(map(int, version.split("."))) + except ValueError: + raise UnsupportedWheel(f"invalid Wheel-Version: {version!r}") + + +def check_compatibility(version, name): + # type: (Tuple[int, ...], str) -> None + """Raises errors or warns if called with an incompatible Wheel-Version. + + pip should refuse to install a Wheel-Version that's a major series + ahead of what it's compatible with (e.g 2.0 > 1.1); and warn when + installing a version only minor version ahead (e.g 1.2 > 1.1). + + version: a 2-tuple representing a Wheel-Version (Major, Minor) + name: name of wheel or package to raise exception about + + :raises UnsupportedWheel: when an incompatible Wheel-Version is given + """ + if version[0] > VERSION_COMPATIBLE[0]: + raise UnsupportedWheel( + "{}'s Wheel-Version ({}) is not compatible with this version " + "of pip".format(name, ".".join(map(str, version))) + ) + elif version > VERSION_COMPATIBLE: + logger.warning( + "Installing from a newer Wheel-Version (%s)", + ".".join(map(str, version)), + ) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/__init__.py new file mode 100644 index 000000000..b6beddbe6 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/__init__.py @@ -0,0 +1,15 @@ +# Expose a limited set of classes and functions so callers outside of +# the vcs package don't need to import deeper than `pip._internal.vcs`. +# (The test directory may still need to import from a vcs sub-package.) +# Import all vcs modules to register each VCS in the VcsSupport object. +import pip._internal.vcs.bazaar +import pip._internal.vcs.git +import pip._internal.vcs.mercurial +import pip._internal.vcs.subversion # noqa: F401 +from pip._internal.vcs.versioncontrol import ( # noqa: F401 + RemoteNotFoundError, + RemoteNotValidError, + is_url, + make_vcs_requirement_url, + vcs, +) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/bazaar.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/bazaar.py new file mode 100644 index 000000000..42b68773b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/bazaar.py @@ -0,0 +1,96 @@ +import logging +from typing import List, Optional, Tuple + +from pip._internal.utils.misc import HiddenText, display_path +from pip._internal.utils.subprocess import make_command +from pip._internal.utils.urls import path_to_url +from pip._internal.vcs.versioncontrol import ( + AuthInfo, + RemoteNotFoundError, + RevOptions, + VersionControl, + vcs, +) + +logger = logging.getLogger(__name__) + + +class Bazaar(VersionControl): + name = 'bzr' + dirname = '.bzr' + repo_name = 'branch' + schemes = ( + 'bzr+http', 'bzr+https', 'bzr+ssh', 'bzr+sftp', 'bzr+ftp', + 'bzr+lp', 'bzr+file' + ) + + @staticmethod + def get_base_rev_args(rev): + # type: (str) -> List[str] + return ['-r', rev] + + def fetch_new(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + rev_display = rev_options.to_display() + logger.info( + 'Checking out %s%s to %s', + url, + rev_display, + display_path(dest), + ) + cmd_args = ( + make_command('branch', '-q', rev_options.to_args(), url, dest) + ) + self.run_command(cmd_args) + + def switch(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + self.run_command(make_command('switch', url), cwd=dest) + + def update(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + cmd_args = make_command('pull', '-q', rev_options.to_args()) + self.run_command(cmd_args, cwd=dest) + + @classmethod + def get_url_rev_and_auth(cls, url): + # type: (str) -> Tuple[str, Optional[str], AuthInfo] + # hotfix the URL scheme after removing bzr+ from bzr+ssh:// readd it + url, rev, user_pass = super().get_url_rev_and_auth(url) + if url.startswith('ssh://'): + url = 'bzr+' + url + return url, rev, user_pass + + @classmethod + def get_remote_url(cls, location): + # type: (str) -> str + urls = cls.run_command( + ['info'], show_stdout=False, stdout_only=True, cwd=location + ) + for line in urls.splitlines(): + line = line.strip() + for x in ('checkout of branch: ', + 'parent branch: '): + if line.startswith(x): + repo = line.split(x)[1] + if cls._is_local_repository(repo): + return path_to_url(repo) + return repo + raise RemoteNotFoundError + + @classmethod + def get_revision(cls, location): + # type: (str) -> str + revision = cls.run_command( + ['revno'], show_stdout=False, stdout_only=True, cwd=location, + ) + return revision.splitlines()[-1] + + @classmethod + def is_commit_id_equal(cls, dest, name): + # type: (str, Optional[str]) -> bool + """Always assume the versions don't match""" + return False + + +vcs.register(Bazaar) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/git.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/git.py new file mode 100644 index 000000000..8919aa538 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/git.py @@ -0,0 +1,506 @@ +import logging +import os.path +import pathlib +import re +import urllib.parse +import urllib.request +from typing import List, Optional, Tuple + +from pip._internal.exceptions import BadCommand, InstallationError +from pip._internal.utils.misc import HiddenText, display_path, hide_url +from pip._internal.utils.subprocess import make_command +from pip._internal.vcs.versioncontrol import ( + AuthInfo, + RemoteNotFoundError, + RemoteNotValidError, + RevOptions, + VersionControl, + find_path_to_project_root_from_repo_root, + vcs, +) + +urlsplit = urllib.parse.urlsplit +urlunsplit = urllib.parse.urlunsplit + + +logger = logging.getLogger(__name__) + + +GIT_VERSION_REGEX = re.compile( + r"^git version " # Prefix. + r"(\d+)" # Major. + r"\.(\d+)" # Dot, minor. + r"(?:\.(\d+))?" # Optional dot, patch. + r".*$" # Suffix, including any pre- and post-release segments we don't care about. +) + +HASH_REGEX = re.compile('^[a-fA-F0-9]{40}$') + +# SCP (Secure copy protocol) shorthand. e.g. 'git@example.com:foo/bar.git' +SCP_REGEX = re.compile(r"""^ + # Optional user, e.g. 'git@' + (\w+@)? + # Server, e.g. 'github.com'. + ([^/:]+): + # The server-side path. e.g. 'user/project.git'. Must start with an + # alphanumeric character so as not to be confusable with a Windows paths + # like 'C:/foo/bar' or 'C:\foo\bar'. + (\w[^:]*) +$""", re.VERBOSE) + + +def looks_like_hash(sha): + # type: (str) -> bool + return bool(HASH_REGEX.match(sha)) + + +class Git(VersionControl): + name = 'git' + dirname = '.git' + repo_name = 'clone' + schemes = ( + 'git+http', 'git+https', 'git+ssh', 'git+git', 'git+file', + ) + # Prevent the user's environment variables from interfering with pip: + # https://github.com/pypa/pip/issues/1130 + unset_environ = ('GIT_DIR', 'GIT_WORK_TREE') + default_arg_rev = 'HEAD' + + @staticmethod + def get_base_rev_args(rev): + # type: (str) -> List[str] + return [rev] + + def is_immutable_rev_checkout(self, url, dest): + # type: (str, str) -> bool + _, rev_options = self.get_url_rev_options(hide_url(url)) + if not rev_options.rev: + return False + if not self.is_commit_id_equal(dest, rev_options.rev): + # the current commit is different from rev, + # which means rev was something else than a commit hash + return False + # return False in the rare case rev is both a commit hash + # and a tag or a branch; we don't want to cache in that case + # because that branch/tag could point to something else in the future + is_tag_or_branch = bool( + self.get_revision_sha(dest, rev_options.rev)[0] + ) + return not is_tag_or_branch + + def get_git_version(self) -> Tuple[int, ...]: + version = self.run_command( + ['version'], show_stdout=False, stdout_only=True + ) + match = GIT_VERSION_REGEX.match(version) + if not match: + return () + return tuple(int(c) for c in match.groups()) + + @classmethod + def get_current_branch(cls, location): + # type: (str) -> Optional[str] + """ + Return the current branch, or None if HEAD isn't at a branch + (e.g. detached HEAD). + """ + # git-symbolic-ref exits with empty stdout if "HEAD" is a detached + # HEAD rather than a symbolic ref. In addition, the -q causes the + # command to exit with status code 1 instead of 128 in this case + # and to suppress the message to stderr. + args = ['symbolic-ref', '-q', 'HEAD'] + output = cls.run_command( + args, + extra_ok_returncodes=(1, ), + show_stdout=False, + stdout_only=True, + cwd=location, + ) + ref = output.strip() + + if ref.startswith('refs/heads/'): + return ref[len('refs/heads/'):] + + return None + + @classmethod + def get_revision_sha(cls, dest, rev): + # type: (str, str) -> Tuple[Optional[str], bool] + """ + Return (sha_or_none, is_branch), where sha_or_none is a commit hash + if the revision names a remote branch or tag, otherwise None. + + Args: + dest: the repository directory. + rev: the revision name. + """ + # Pass rev to pre-filter the list. + output = cls.run_command( + ['show-ref', rev], + cwd=dest, + show_stdout=False, + stdout_only=True, + on_returncode='ignore', + ) + refs = {} + # NOTE: We do not use splitlines here since that would split on other + # unicode separators, which can be maliciously used to install a + # different revision. + for line in output.strip().split("\n"): + line = line.rstrip("\r") + if not line: + continue + try: + ref_sha, ref_name = line.split(" ", maxsplit=2) + except ValueError: + # Include the offending line to simplify troubleshooting if + # this error ever occurs. + raise ValueError(f'unexpected show-ref line: {line!r}') + + refs[ref_name] = ref_sha + + branch_ref = f'refs/remotes/origin/{rev}' + tag_ref = f'refs/tags/{rev}' + + sha = refs.get(branch_ref) + if sha is not None: + return (sha, True) + + sha = refs.get(tag_ref) + + return (sha, False) + + @classmethod + def _should_fetch(cls, dest, rev): + # type: (str, str) -> bool + """ + Return true if rev is a ref or is a commit that we don't have locally. + + Branches and tags are not considered in this method because they are + assumed to be always available locally (which is a normal outcome of + ``git clone`` and ``git fetch --tags``). + """ + if rev.startswith("refs/"): + # Always fetch remote refs. + return True + + if not looks_like_hash(rev): + # Git fetch would fail with abbreviated commits. + return False + + if cls.has_commit(dest, rev): + # Don't fetch if we have the commit locally. + return False + + return True + + @classmethod + def resolve_revision(cls, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> RevOptions + """ + Resolve a revision to a new RevOptions object with the SHA1 of the + branch, tag, or ref if found. + + Args: + rev_options: a RevOptions object. + """ + rev = rev_options.arg_rev + # The arg_rev property's implementation for Git ensures that the + # rev return value is always non-None. + assert rev is not None + + sha, is_branch = cls.get_revision_sha(dest, rev) + + if sha is not None: + rev_options = rev_options.make_new(sha) + rev_options.branch_name = rev if is_branch else None + + return rev_options + + # Do not show a warning for the common case of something that has + # the form of a Git commit hash. + if not looks_like_hash(rev): + logger.warning( + "Did not find branch or tag '%s', assuming revision or ref.", + rev, + ) + + if not cls._should_fetch(dest, rev): + return rev_options + + # fetch the requested revision + cls.run_command( + make_command('fetch', '-q', url, rev_options.to_args()), + cwd=dest, + ) + # Change the revision to the SHA of the ref we fetched + sha = cls.get_revision(dest, rev='FETCH_HEAD') + rev_options = rev_options.make_new(sha) + + return rev_options + + @classmethod + def is_commit_id_equal(cls, dest, name): + # type: (str, Optional[str]) -> bool + """ + Return whether the current commit hash equals the given name. + + Args: + dest: the repository directory. + name: a string name. + """ + if not name: + # Then avoid an unnecessary subprocess call. + return False + + return cls.get_revision(dest) == name + + def fetch_new(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + rev_display = rev_options.to_display() + logger.info('Cloning %s%s to %s', url, rev_display, display_path(dest)) + self.run_command(make_command('clone', '-q', url, dest)) + + if rev_options.rev: + # Then a specific revision was requested. + rev_options = self.resolve_revision(dest, url, rev_options) + branch_name = getattr(rev_options, 'branch_name', None) + if branch_name is None: + # Only do a checkout if the current commit id doesn't match + # the requested revision. + if not self.is_commit_id_equal(dest, rev_options.rev): + cmd_args = make_command( + 'checkout', '-q', rev_options.to_args(), + ) + self.run_command(cmd_args, cwd=dest) + elif self.get_current_branch(dest) != branch_name: + # Then a specific branch was requested, and that branch + # is not yet checked out. + track_branch = f'origin/{branch_name}' + cmd_args = [ + 'checkout', '-b', branch_name, '--track', track_branch, + ] + self.run_command(cmd_args, cwd=dest) + else: + sha = self.get_revision(dest) + rev_options = rev_options.make_new(sha) + + logger.info("Resolved %s to commit %s", url, rev_options.rev) + + #: repo may contain submodules + self.update_submodules(dest) + + def switch(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + self.run_command( + make_command('config', 'remote.origin.url', url), + cwd=dest, + ) + cmd_args = make_command('checkout', '-q', rev_options.to_args()) + self.run_command(cmd_args, cwd=dest) + + self.update_submodules(dest) + + def update(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + # First fetch changes from the default remote + if self.get_git_version() >= (1, 9): + # fetch tags in addition to everything else + self.run_command(['fetch', '-q', '--tags'], cwd=dest) + else: + self.run_command(['fetch', '-q'], cwd=dest) + # Then reset to wanted revision (maybe even origin/master) + rev_options = self.resolve_revision(dest, url, rev_options) + cmd_args = make_command('reset', '--hard', '-q', rev_options.to_args()) + self.run_command(cmd_args, cwd=dest) + #: update submodules + self.update_submodules(dest) + + @classmethod + def get_remote_url(cls, location): + # type: (str) -> str + """ + Return URL of the first remote encountered. + + Raises RemoteNotFoundError if the repository does not have a remote + url configured. + """ + # We need to pass 1 for extra_ok_returncodes since the command + # exits with return code 1 if there are no matching lines. + stdout = cls.run_command( + ['config', '--get-regexp', r'remote\..*\.url'], + extra_ok_returncodes=(1, ), + show_stdout=False, + stdout_only=True, + cwd=location, + ) + remotes = stdout.splitlines() + try: + found_remote = remotes[0] + except IndexError: + raise RemoteNotFoundError + + for remote in remotes: + if remote.startswith('remote.origin.url '): + found_remote = remote + break + url = found_remote.split(' ')[1] + return cls._git_remote_to_pip_url(url.strip()) + + @staticmethod + def _git_remote_to_pip_url(url): + # type: (str) -> str + """ + Convert a remote url from what git uses to what pip accepts. + + There are 3 legal forms **url** may take: + + 1. A fully qualified url: ssh://git@example.com/foo/bar.git + 2. A local project.git folder: /path/to/bare/repository.git + 3. SCP shorthand for form 1: git@example.com:foo/bar.git + + Form 1 is output as-is. Form 2 must be converted to URI and form 3 must + be converted to form 1. + + See the corresponding test test_git_remote_url_to_pip() for examples of + sample inputs/outputs. + """ + if re.match(r"\w+://", url): + # This is already valid. Pass it though as-is. + return url + if os.path.exists(url): + # A local bare remote (git clone --mirror). + # Needs a file:// prefix. + return pathlib.PurePath(url).as_uri() + scp_match = SCP_REGEX.match(url) + if scp_match: + # Add an ssh:// prefix and replace the ':' with a '/'. + return scp_match.expand(r"ssh://\1\2/\3") + # Otherwise, bail out. + raise RemoteNotValidError(url) + + @classmethod + def has_commit(cls, location, rev): + # type: (str, str) -> bool + """ + Check if rev is a commit that is available in the local repository. + """ + try: + cls.run_command( + ['rev-parse', '-q', '--verify', "sha^" + rev], + cwd=location, + log_failed_cmd=False, + ) + except InstallationError: + return False + else: + return True + + @classmethod + def get_revision(cls, location, rev=None): + # type: (str, Optional[str]) -> str + if rev is None: + rev = 'HEAD' + current_rev = cls.run_command( + ['rev-parse', rev], + show_stdout=False, + stdout_only=True, + cwd=location, + ) + return current_rev.strip() + + @classmethod + def get_subdirectory(cls, location): + # type: (str) -> Optional[str] + """ + Return the path to Python project root, relative to the repo root. + Return None if the project root is in the repo root. + """ + # find the repo root + git_dir = cls.run_command( + ['rev-parse', '--git-dir'], + show_stdout=False, + stdout_only=True, + cwd=location, + ).strip() + if not os.path.isabs(git_dir): + git_dir = os.path.join(location, git_dir) + repo_root = os.path.abspath(os.path.join(git_dir, '..')) + return find_path_to_project_root_from_repo_root(location, repo_root) + + @classmethod + def get_url_rev_and_auth(cls, url): + # type: (str) -> Tuple[str, Optional[str], AuthInfo] + """ + Prefixes stub URLs like 'user@hostname:user/repo.git' with 'ssh://'. + That's required because although they use SSH they sometimes don't + work with a ssh:// scheme (e.g. GitHub). But we need a scheme for + parsing. Hence we remove it again afterwards and return it as a stub. + """ + # Works around an apparent Git bug + # (see https://article.gmane.org/gmane.comp.version-control.git/146500) + scheme, netloc, path, query, fragment = urlsplit(url) + if scheme.endswith('file'): + initial_slashes = path[:-len(path.lstrip('/'))] + newpath = ( + initial_slashes + + urllib.request.url2pathname(path) + .replace('\\', '/').lstrip('/') + ) + after_plus = scheme.find('+') + 1 + url = scheme[:after_plus] + urlunsplit( + (scheme[after_plus:], netloc, newpath, query, fragment), + ) + + if '://' not in url: + assert 'file:' not in url + url = url.replace('git+', 'git+ssh://') + url, rev, user_pass = super().get_url_rev_and_auth(url) + url = url.replace('ssh://', '') + else: + url, rev, user_pass = super().get_url_rev_and_auth(url) + + return url, rev, user_pass + + @classmethod + def update_submodules(cls, location): + # type: (str) -> None + if not os.path.exists(os.path.join(location, '.gitmodules')): + return + cls.run_command( + ['submodule', 'update', '--init', '--recursive', '-q'], + cwd=location, + ) + + @classmethod + def get_repository_root(cls, location): + # type: (str) -> Optional[str] + loc = super().get_repository_root(location) + if loc: + return loc + try: + r = cls.run_command( + ['rev-parse', '--show-toplevel'], + cwd=location, + show_stdout=False, + stdout_only=True, + on_returncode='raise', + log_failed_cmd=False, + ) + except BadCommand: + logger.debug("could not determine if %s is under git control " + "because git is not available", location) + return None + except InstallationError: + return None + return os.path.normpath(r.rstrip('\r\n')) + + @staticmethod + def should_add_vcs_url_prefix(repo_url): + # type: (str) -> bool + """In either https or ssh form, requirements must be prefixed with git+. + """ + return True + + +vcs.register(Git) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/mercurial.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/mercurial.py new file mode 100644 index 000000000..8f8b09bd2 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/mercurial.py @@ -0,0 +1,158 @@ +import configparser +import logging +import os +from typing import List, Optional + +from pip._internal.exceptions import BadCommand, InstallationError +from pip._internal.utils.misc import HiddenText, display_path +from pip._internal.utils.subprocess import make_command +from pip._internal.utils.urls import path_to_url +from pip._internal.vcs.versioncontrol import ( + RevOptions, + VersionControl, + find_path_to_project_root_from_repo_root, + vcs, +) + +logger = logging.getLogger(__name__) + + +class Mercurial(VersionControl): + name = 'hg' + dirname = '.hg' + repo_name = 'clone' + schemes = ( + 'hg+file', 'hg+http', 'hg+https', 'hg+ssh', 'hg+static-http', + ) + + @staticmethod + def get_base_rev_args(rev): + # type: (str) -> List[str] + return [rev] + + def fetch_new(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + rev_display = rev_options.to_display() + logger.info( + 'Cloning hg %s%s to %s', + url, + rev_display, + display_path(dest), + ) + self.run_command(make_command('clone', '--noupdate', '-q', url, dest)) + self.run_command( + make_command('update', '-q', rev_options.to_args()), + cwd=dest, + ) + + def switch(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + repo_config = os.path.join(dest, self.dirname, 'hgrc') + config = configparser.RawConfigParser() + try: + config.read(repo_config) + config.set('paths', 'default', url.secret) + with open(repo_config, 'w') as config_file: + config.write(config_file) + except (OSError, configparser.NoSectionError) as exc: + logger.warning( + 'Could not switch Mercurial repository to %s: %s', url, exc, + ) + else: + cmd_args = make_command('update', '-q', rev_options.to_args()) + self.run_command(cmd_args, cwd=dest) + + def update(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + self.run_command(['pull', '-q'], cwd=dest) + cmd_args = make_command('update', '-q', rev_options.to_args()) + self.run_command(cmd_args, cwd=dest) + + @classmethod + def get_remote_url(cls, location): + # type: (str) -> str + url = cls.run_command( + ['showconfig', 'paths.default'], + show_stdout=False, + stdout_only=True, + cwd=location, + ).strip() + if cls._is_local_repository(url): + url = path_to_url(url) + return url.strip() + + @classmethod + def get_revision(cls, location): + # type: (str) -> str + """ + Return the repository-local changeset revision number, as an integer. + """ + current_revision = cls.run_command( + ['parents', '--template={rev}'], + show_stdout=False, + stdout_only=True, + cwd=location, + ).strip() + return current_revision + + @classmethod + def get_requirement_revision(cls, location): + # type: (str) -> str + """ + Return the changeset identification hash, as a 40-character + hexadecimal string + """ + current_rev_hash = cls.run_command( + ['parents', '--template={node}'], + show_stdout=False, + stdout_only=True, + cwd=location, + ).strip() + return current_rev_hash + + @classmethod + def is_commit_id_equal(cls, dest, name): + # type: (str, Optional[str]) -> bool + """Always assume the versions don't match""" + return False + + @classmethod + def get_subdirectory(cls, location): + # type: (str) -> Optional[str] + """ + Return the path to Python project root, relative to the repo root. + Return None if the project root is in the repo root. + """ + # find the repo root + repo_root = cls.run_command( + ['root'], show_stdout=False, stdout_only=True, cwd=location + ).strip() + if not os.path.isabs(repo_root): + repo_root = os.path.abspath(os.path.join(location, repo_root)) + return find_path_to_project_root_from_repo_root(location, repo_root) + + @classmethod + def get_repository_root(cls, location): + # type: (str) -> Optional[str] + loc = super().get_repository_root(location) + if loc: + return loc + try: + r = cls.run_command( + ['root'], + cwd=location, + show_stdout=False, + stdout_only=True, + on_returncode='raise', + log_failed_cmd=False, + ) + except BadCommand: + logger.debug("could not determine if %s is under hg control " + "because hg is not available", location) + return None + except InstallationError: + return None + return os.path.normpath(r.rstrip('\r\n')) + + +vcs.register(Mercurial) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/subversion.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/subversion.py new file mode 100644 index 000000000..965e0b425 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/subversion.py @@ -0,0 +1,329 @@ +import logging +import os +import re +from typing import List, Optional, Tuple + +from pip._internal.utils.misc import ( + HiddenText, + display_path, + is_console_interactive, + is_installable_dir, + split_auth_from_netloc, +) +from pip._internal.utils.subprocess import CommandArgs, make_command +from pip._internal.vcs.versioncontrol import ( + AuthInfo, + RemoteNotFoundError, + RevOptions, + VersionControl, + vcs, +) + +logger = logging.getLogger(__name__) + +_svn_xml_url_re = re.compile('url="([^"]+)"') +_svn_rev_re = re.compile(r'committed-rev="(\d+)"') +_svn_info_xml_rev_re = re.compile(r'\s*revision="(\d+)"') +_svn_info_xml_url_re = re.compile(r'(.*)') + + +class Subversion(VersionControl): + name = 'svn' + dirname = '.svn' + repo_name = 'checkout' + schemes = ( + 'svn+ssh', 'svn+http', 'svn+https', 'svn+svn', 'svn+file' + ) + + @classmethod + def should_add_vcs_url_prefix(cls, remote_url): + # type: (str) -> bool + return True + + @staticmethod + def get_base_rev_args(rev): + # type: (str) -> List[str] + return ['-r', rev] + + @classmethod + def get_revision(cls, location): + # type: (str) -> str + """ + Return the maximum revision for all files under a given location + """ + # Note: taken from setuptools.command.egg_info + revision = 0 + + for base, dirs, _ in os.walk(location): + if cls.dirname not in dirs: + dirs[:] = [] + continue # no sense walking uncontrolled subdirs + dirs.remove(cls.dirname) + entries_fn = os.path.join(base, cls.dirname, 'entries') + if not os.path.exists(entries_fn): + # FIXME: should we warn? + continue + + dirurl, localrev = cls._get_svn_url_rev(base) + + if base == location: + assert dirurl is not None + base = dirurl + '/' # save the root url + elif not dirurl or not dirurl.startswith(base): + dirs[:] = [] + continue # not part of the same svn tree, skip it + revision = max(revision, localrev) + return str(revision) + + @classmethod + def get_netloc_and_auth(cls, netloc, scheme): + # type: (str, str) -> Tuple[str, Tuple[Optional[str], Optional[str]]] + """ + This override allows the auth information to be passed to svn via the + --username and --password options instead of via the URL. + """ + if scheme == 'ssh': + # The --username and --password options can't be used for + # svn+ssh URLs, so keep the auth information in the URL. + return super().get_netloc_and_auth(netloc, scheme) + + return split_auth_from_netloc(netloc) + + @classmethod + def get_url_rev_and_auth(cls, url): + # type: (str) -> Tuple[str, Optional[str], AuthInfo] + # hotfix the URL scheme after removing svn+ from svn+ssh:// readd it + url, rev, user_pass = super().get_url_rev_and_auth(url) + if url.startswith('ssh://'): + url = 'svn+' + url + return url, rev, user_pass + + @staticmethod + def make_rev_args(username, password): + # type: (Optional[str], Optional[HiddenText]) -> CommandArgs + extra_args = [] # type: CommandArgs + if username: + extra_args += ['--username', username] + if password: + extra_args += ['--password', password] + + return extra_args + + @classmethod + def get_remote_url(cls, location): + # type: (str) -> str + # In cases where the source is in a subdirectory, we have to look up in + # the location until we find a valid project root. + orig_location = location + while not is_installable_dir(location): + last_location = location + location = os.path.dirname(location) + if location == last_location: + # We've traversed up to the root of the filesystem without + # finding a Python project. + logger.warning( + "Could not find Python project for directory %s (tried all " + "parent directories)", + orig_location, + ) + raise RemoteNotFoundError + + url, _rev = cls._get_svn_url_rev(location) + if url is None: + raise RemoteNotFoundError + + return url + + @classmethod + def _get_svn_url_rev(cls, location): + # type: (str) -> Tuple[Optional[str], int] + from pip._internal.exceptions import InstallationError + + entries_path = os.path.join(location, cls.dirname, 'entries') + if os.path.exists(entries_path): + with open(entries_path) as f: + data = f.read() + else: # subversion >= 1.7 does not have the 'entries' file + data = '' + + url = None + if (data.startswith('8') or + data.startswith('9') or + data.startswith('10')): + entries = list(map(str.splitlines, data.split('\n\x0c\n'))) + del entries[0][0] # get rid of the '8' + url = entries[0][3] + revs = [int(d[9]) for d in entries if len(d) > 9 and d[9]] + [0] + elif data.startswith('= 1.7 + # Note that using get_remote_call_options is not necessary here + # because `svn info` is being run against a local directory. + # We don't need to worry about making sure interactive mode + # is being used to prompt for passwords, because passwords + # are only potentially needed for remote server requests. + xml = cls.run_command( + ['info', '--xml', location], + show_stdout=False, + stdout_only=True, + ) + match = _svn_info_xml_url_re.search(xml) + assert match is not None + url = match.group(1) + revs = [ + int(m.group(1)) for m in _svn_info_xml_rev_re.finditer(xml) + ] + except InstallationError: + url, revs = None, [] + + if revs: + rev = max(revs) + else: + rev = 0 + + return url, rev + + @classmethod + def is_commit_id_equal(cls, dest, name): + # type: (str, Optional[str]) -> bool + """Always assume the versions don't match""" + return False + + def __init__(self, use_interactive=None): + # type: (bool) -> None + if use_interactive is None: + use_interactive = is_console_interactive() + self.use_interactive = use_interactive + + # This member is used to cache the fetched version of the current + # ``svn`` client. + # Special value definitions: + # None: Not evaluated yet. + # Empty tuple: Could not parse version. + self._vcs_version = None # type: Optional[Tuple[int, ...]] + + super().__init__() + + def call_vcs_version(self): + # type: () -> Tuple[int, ...] + """Query the version of the currently installed Subversion client. + + :return: A tuple containing the parts of the version information or + ``()`` if the version returned from ``svn`` could not be parsed. + :raises: BadCommand: If ``svn`` is not installed. + """ + # Example versions: + # svn, version 1.10.3 (r1842928) + # compiled Feb 25 2019, 14:20:39 on x86_64-apple-darwin17.0.0 + # svn, version 1.7.14 (r1542130) + # compiled Mar 28 2018, 08:49:13 on x86_64-pc-linux-gnu + # svn, version 1.12.0-SlikSvn (SlikSvn/1.12.0) + # compiled May 28 2019, 13:44:56 on x86_64-microsoft-windows6.2 + version_prefix = 'svn, version ' + version = self.run_command( + ['--version'], show_stdout=False, stdout_only=True + ) + if not version.startswith(version_prefix): + return () + + version = version[len(version_prefix):].split()[0] + version_list = version.partition('-')[0].split('.') + try: + parsed_version = tuple(map(int, version_list)) + except ValueError: + return () + + return parsed_version + + def get_vcs_version(self): + # type: () -> Tuple[int, ...] + """Return the version of the currently installed Subversion client. + + If the version of the Subversion client has already been queried, + a cached value will be used. + + :return: A tuple containing the parts of the version information or + ``()`` if the version returned from ``svn`` could not be parsed. + :raises: BadCommand: If ``svn`` is not installed. + """ + if self._vcs_version is not None: + # Use cached version, if available. + # If parsing the version failed previously (empty tuple), + # do not attempt to parse it again. + return self._vcs_version + + vcs_version = self.call_vcs_version() + self._vcs_version = vcs_version + return vcs_version + + def get_remote_call_options(self): + # type: () -> CommandArgs + """Return options to be used on calls to Subversion that contact the server. + + These options are applicable for the following ``svn`` subcommands used + in this class. + + - checkout + - switch + - update + + :return: A list of command line arguments to pass to ``svn``. + """ + if not self.use_interactive: + # --non-interactive switch is available since Subversion 0.14.4. + # Subversion < 1.8 runs in interactive mode by default. + return ['--non-interactive'] + + svn_version = self.get_vcs_version() + # By default, Subversion >= 1.8 runs in non-interactive mode if + # stdin is not a TTY. Since that is how pip invokes SVN, in + # call_subprocess(), pip must pass --force-interactive to ensure + # the user can be prompted for a password, if required. + # SVN added the --force-interactive option in SVN 1.8. Since + # e.g. RHEL/CentOS 7, which is supported until 2024, ships with + # SVN 1.7, pip should continue to support SVN 1.7. Therefore, pip + # can't safely add the option if the SVN version is < 1.8 (or unknown). + if svn_version >= (1, 8): + return ['--force-interactive'] + + return [] + + def fetch_new(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + rev_display = rev_options.to_display() + logger.info( + 'Checking out %s%s to %s', + url, + rev_display, + display_path(dest), + ) + cmd_args = make_command( + 'checkout', '-q', self.get_remote_call_options(), + rev_options.to_args(), url, dest, + ) + self.run_command(cmd_args) + + def switch(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + cmd_args = make_command( + 'switch', self.get_remote_call_options(), rev_options.to_args(), + url, dest, + ) + self.run_command(cmd_args) + + def update(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + cmd_args = make_command( + 'update', self.get_remote_call_options(), rev_options.to_args(), + dest, + ) + self.run_command(cmd_args) + + +vcs.register(Subversion) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/versioncontrol.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/versioncontrol.py new file mode 100644 index 000000000..cddd78c5e --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/vcs/versioncontrol.py @@ -0,0 +1,722 @@ +"""Handles all VCS (version control) support""" + +import logging +import os +import shutil +import sys +import urllib.parse +from typing import ( + Any, + Dict, + Iterable, + Iterator, + List, + Mapping, + Optional, + Tuple, + Type, + Union, +) + +from pip._internal.cli.spinners import SpinnerInterface +from pip._internal.exceptions import BadCommand, InstallationError +from pip._internal.utils.misc import ( + HiddenText, + ask_path_exists, + backup_dir, + display_path, + hide_url, + hide_value, + is_installable_dir, + rmtree, +) +from pip._internal.utils.subprocess import CommandArgs, call_subprocess, make_command +from pip._internal.utils.urls import get_url_scheme + +__all__ = ['vcs'] + + +logger = logging.getLogger(__name__) + +AuthInfo = Tuple[Optional[str], Optional[str]] + + +def is_url(name): + # type: (str) -> bool + """ + Return true if the name looks like a URL. + """ + scheme = get_url_scheme(name) + if scheme is None: + return False + return scheme in ['http', 'https', 'file', 'ftp'] + vcs.all_schemes + + +def make_vcs_requirement_url(repo_url, rev, project_name, subdir=None): + # type: (str, str, str, Optional[str]) -> str + """ + Return the URL for a VCS requirement. + + Args: + repo_url: the remote VCS url, with any needed VCS prefix (e.g. "git+"). + project_name: the (unescaped) project name. + """ + egg_project_name = project_name.replace("-", "_") + req = f'{repo_url}@{rev}#egg={egg_project_name}' + if subdir: + req += f'&subdirectory={subdir}' + + return req + + +def find_path_to_project_root_from_repo_root(location, repo_root): + # type: (str, str) -> Optional[str] + """ + Find the the Python project's root by searching up the filesystem from + `location`. Return the path to project root relative to `repo_root`. + Return None if the project root is `repo_root`, or cannot be found. + """ + # find project root. + orig_location = location + while not is_installable_dir(location): + last_location = location + location = os.path.dirname(location) + if location == last_location: + # We've traversed up to the root of the filesystem without + # finding a Python project. + logger.warning( + "Could not find a Python project for directory %s (tried all " + "parent directories)", + orig_location, + ) + return None + + if os.path.samefile(repo_root, location): + return None + + return os.path.relpath(location, repo_root) + + +class RemoteNotFoundError(Exception): + pass + + +class RemoteNotValidError(Exception): + def __init__(self, url: str): + super().__init__(url) + self.url = url + + +class RevOptions: + + """ + Encapsulates a VCS-specific revision to install, along with any VCS + install options. + + Instances of this class should be treated as if immutable. + """ + + def __init__( + self, + vc_class, # type: Type[VersionControl] + rev=None, # type: Optional[str] + extra_args=None, # type: Optional[CommandArgs] + ): + # type: (...) -> None + """ + Args: + vc_class: a VersionControl subclass. + rev: the name of the revision to install. + extra_args: a list of extra options. + """ + if extra_args is None: + extra_args = [] + + self.extra_args = extra_args + self.rev = rev + self.vc_class = vc_class + self.branch_name = None # type: Optional[str] + + def __repr__(self): + # type: () -> str + return f'' + + @property + def arg_rev(self): + # type: () -> Optional[str] + if self.rev is None: + return self.vc_class.default_arg_rev + + return self.rev + + def to_args(self): + # type: () -> CommandArgs + """ + Return the VCS-specific command arguments. + """ + args = [] # type: CommandArgs + rev = self.arg_rev + if rev is not None: + args += self.vc_class.get_base_rev_args(rev) + args += self.extra_args + + return args + + def to_display(self): + # type: () -> str + if not self.rev: + return '' + + return f' (to revision {self.rev})' + + def make_new(self, rev): + # type: (str) -> RevOptions + """ + Make a copy of the current instance, but with a new rev. + + Args: + rev: the name of the revision for the new object. + """ + return self.vc_class.make_rev_options(rev, extra_args=self.extra_args) + + +class VcsSupport: + _registry = {} # type: Dict[str, VersionControl] + schemes = ['ssh', 'git', 'hg', 'bzr', 'sftp', 'svn'] + + def __init__(self): + # type: () -> None + # Register more schemes with urlparse for various version control + # systems + urllib.parse.uses_netloc.extend(self.schemes) + super().__init__() + + def __iter__(self): + # type: () -> Iterator[str] + return self._registry.__iter__() + + @property + def backends(self): + # type: () -> List[VersionControl] + return list(self._registry.values()) + + @property + def dirnames(self): + # type: () -> List[str] + return [backend.dirname for backend in self.backends] + + @property + def all_schemes(self): + # type: () -> List[str] + schemes = [] # type: List[str] + for backend in self.backends: + schemes.extend(backend.schemes) + return schemes + + def register(self, cls): + # type: (Type[VersionControl]) -> None + if not hasattr(cls, 'name'): + logger.warning('Cannot register VCS %s', cls.__name__) + return + if cls.name not in self._registry: + self._registry[cls.name] = cls() + logger.debug('Registered VCS backend: %s', cls.name) + + def unregister(self, name): + # type: (str) -> None + if name in self._registry: + del self._registry[name] + + def get_backend_for_dir(self, location): + # type: (str) -> Optional[VersionControl] + """ + Return a VersionControl object if a repository of that type is found + at the given directory. + """ + vcs_backends = {} + for vcs_backend in self._registry.values(): + repo_path = vcs_backend.get_repository_root(location) + if not repo_path: + continue + logger.debug('Determine that %s uses VCS: %s', + location, vcs_backend.name) + vcs_backends[repo_path] = vcs_backend + + if not vcs_backends: + return None + + # Choose the VCS in the inner-most directory. Since all repository + # roots found here would be either `location` or one of its + # parents, the longest path should have the most path components, + # i.e. the backend representing the inner-most repository. + inner_most_repo_path = max(vcs_backends, key=len) + return vcs_backends[inner_most_repo_path] + + def get_backend_for_scheme(self, scheme): + # type: (str) -> Optional[VersionControl] + """ + Return a VersionControl object or None. + """ + for vcs_backend in self._registry.values(): + if scheme in vcs_backend.schemes: + return vcs_backend + return None + + def get_backend(self, name): + # type: (str) -> Optional[VersionControl] + """ + Return a VersionControl object or None. + """ + name = name.lower() + return self._registry.get(name) + + +vcs = VcsSupport() + + +class VersionControl: + name = '' + dirname = '' + repo_name = '' + # List of supported schemes for this Version Control + schemes = () # type: Tuple[str, ...] + # Iterable of environment variable names to pass to call_subprocess(). + unset_environ = () # type: Tuple[str, ...] + default_arg_rev = None # type: Optional[str] + + @classmethod + def should_add_vcs_url_prefix(cls, remote_url): + # type: (str) -> bool + """ + Return whether the vcs prefix (e.g. "git+") should be added to a + repository's remote url when used in a requirement. + """ + return not remote_url.lower().startswith(f'{cls.name}:') + + @classmethod + def get_subdirectory(cls, location): + # type: (str) -> Optional[str] + """ + Return the path to Python project root, relative to the repo root. + Return None if the project root is in the repo root. + """ + return None + + @classmethod + def get_requirement_revision(cls, repo_dir): + # type: (str) -> str + """ + Return the revision string that should be used in a requirement. + """ + return cls.get_revision(repo_dir) + + @classmethod + def get_src_requirement(cls, repo_dir, project_name): + # type: (str, str) -> str + """ + Return the requirement string to use to redownload the files + currently at the given repository directory. + + Args: + project_name: the (unescaped) project name. + + The return value has a form similar to the following: + + {repository_url}@{revision}#egg={project_name} + """ + repo_url = cls.get_remote_url(repo_dir) + + if cls.should_add_vcs_url_prefix(repo_url): + repo_url = f'{cls.name}+{repo_url}' + + revision = cls.get_requirement_revision(repo_dir) + subdir = cls.get_subdirectory(repo_dir) + req = make_vcs_requirement_url(repo_url, revision, project_name, + subdir=subdir) + + return req + + @staticmethod + def get_base_rev_args(rev): + # type: (str) -> List[str] + """ + Return the base revision arguments for a vcs command. + + Args: + rev: the name of a revision to install. Cannot be None. + """ + raise NotImplementedError + + def is_immutable_rev_checkout(self, url, dest): + # type: (str, str) -> bool + """ + Return true if the commit hash checked out at dest matches + the revision in url. + + Always return False, if the VCS does not support immutable commit + hashes. + + This method does not check if there are local uncommitted changes + in dest after checkout, as pip currently has no use case for that. + """ + return False + + @classmethod + def make_rev_options(cls, rev=None, extra_args=None): + # type: (Optional[str], Optional[CommandArgs]) -> RevOptions + """ + Return a RevOptions object. + + Args: + rev: the name of a revision to install. + extra_args: a list of extra options. + """ + return RevOptions(cls, rev, extra_args=extra_args) + + @classmethod + def _is_local_repository(cls, repo): + # type: (str) -> bool + """ + posix absolute paths start with os.path.sep, + win32 ones start with drive (like c:\\folder) + """ + drive, tail = os.path.splitdrive(repo) + return repo.startswith(os.path.sep) or bool(drive) + + @classmethod + def get_netloc_and_auth(cls, netloc, scheme): + # type: (str, str) -> Tuple[str, Tuple[Optional[str], Optional[str]]] + """ + Parse the repository URL's netloc, and return the new netloc to use + along with auth information. + + Args: + netloc: the original repository URL netloc. + scheme: the repository URL's scheme without the vcs prefix. + + This is mainly for the Subversion class to override, so that auth + information can be provided via the --username and --password options + instead of through the URL. For other subclasses like Git without + such an option, auth information must stay in the URL. + + Returns: (netloc, (username, password)). + """ + return netloc, (None, None) + + @classmethod + def get_url_rev_and_auth(cls, url): + # type: (str) -> Tuple[str, Optional[str], AuthInfo] + """ + Parse the repository URL to use, and return the URL, revision, + and auth info to use. + + Returns: (url, rev, (username, password)). + """ + scheme, netloc, path, query, frag = urllib.parse.urlsplit(url) + if '+' not in scheme: + raise ValueError( + "Sorry, {!r} is a malformed VCS url. " + "The format is +://, " + "e.g. svn+http://myrepo/svn/MyApp#egg=MyApp".format(url) + ) + # Remove the vcs prefix. + scheme = scheme.split('+', 1)[1] + netloc, user_pass = cls.get_netloc_and_auth(netloc, scheme) + rev = None + if '@' in path: + path, rev = path.rsplit('@', 1) + if not rev: + raise InstallationError( + "The URL {!r} has an empty revision (after @) " + "which is not supported. Include a revision after @ " + "or remove @ from the URL.".format(url) + ) + url = urllib.parse.urlunsplit((scheme, netloc, path, query, '')) + return url, rev, user_pass + + @staticmethod + def make_rev_args(username, password): + # type: (Optional[str], Optional[HiddenText]) -> CommandArgs + """ + Return the RevOptions "extra arguments" to use in obtain(). + """ + return [] + + def get_url_rev_options(self, url): + # type: (HiddenText) -> Tuple[HiddenText, RevOptions] + """ + Return the URL and RevOptions object to use in obtain(), + as a tuple (url, rev_options). + """ + secret_url, rev, user_pass = self.get_url_rev_and_auth(url.secret) + username, secret_password = user_pass + password = None # type: Optional[HiddenText] + if secret_password is not None: + password = hide_value(secret_password) + extra_args = self.make_rev_args(username, password) + rev_options = self.make_rev_options(rev, extra_args=extra_args) + + return hide_url(secret_url), rev_options + + @staticmethod + def normalize_url(url): + # type: (str) -> str + """ + Normalize a URL for comparison by unquoting it and removing any + trailing slash. + """ + return urllib.parse.unquote(url).rstrip('/') + + @classmethod + def compare_urls(cls, url1, url2): + # type: (str, str) -> bool + """ + Compare two repo URLs for identity, ignoring incidental differences. + """ + return (cls.normalize_url(url1) == cls.normalize_url(url2)) + + def fetch_new(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + """ + Fetch a revision from a repository, in the case that this is the + first fetch from the repository. + + Args: + dest: the directory to fetch the repository to. + rev_options: a RevOptions object. + """ + raise NotImplementedError + + def switch(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + """ + Switch the repo at ``dest`` to point to ``URL``. + + Args: + rev_options: a RevOptions object. + """ + raise NotImplementedError + + def update(self, dest, url, rev_options): + # type: (str, HiddenText, RevOptions) -> None + """ + Update an already-existing repo to the given ``rev_options``. + + Args: + rev_options: a RevOptions object. + """ + raise NotImplementedError + + @classmethod + def is_commit_id_equal(cls, dest, name): + # type: (str, Optional[str]) -> bool + """ + Return whether the id of the current commit equals the given name. + + Args: + dest: the repository directory. + name: a string name. + """ + raise NotImplementedError + + def obtain(self, dest, url): + # type: (str, HiddenText) -> None + """ + Install or update in editable mode the package represented by this + VersionControl object. + + :param dest: the repository directory in which to install or update. + :param url: the repository URL starting with a vcs prefix. + """ + url, rev_options = self.get_url_rev_options(url) + + if not os.path.exists(dest): + self.fetch_new(dest, url, rev_options) + return + + rev_display = rev_options.to_display() + if self.is_repository_directory(dest): + existing_url = self.get_remote_url(dest) + if self.compare_urls(existing_url, url.secret): + logger.debug( + '%s in %s exists, and has correct URL (%s)', + self.repo_name.title(), + display_path(dest), + url, + ) + if not self.is_commit_id_equal(dest, rev_options.rev): + logger.info( + 'Updating %s %s%s', + display_path(dest), + self.repo_name, + rev_display, + ) + self.update(dest, url, rev_options) + else: + logger.info('Skipping because already up-to-date.') + return + + logger.warning( + '%s %s in %s exists with URL %s', + self.name, + self.repo_name, + display_path(dest), + existing_url, + ) + prompt = ('(s)witch, (i)gnore, (w)ipe, (b)ackup ', + ('s', 'i', 'w', 'b')) + else: + logger.warning( + 'Directory %s already exists, and is not a %s %s.', + dest, + self.name, + self.repo_name, + ) + # https://github.com/python/mypy/issues/1174 + prompt = ('(i)gnore, (w)ipe, (b)ackup ', # type: ignore + ('i', 'w', 'b')) + + logger.warning( + 'The plan is to install the %s repository %s', + self.name, + url, + ) + response = ask_path_exists('What to do? {}'.format( + prompt[0]), prompt[1]) + + if response == 'a': + sys.exit(-1) + + if response == 'w': + logger.warning('Deleting %s', display_path(dest)) + rmtree(dest) + self.fetch_new(dest, url, rev_options) + return + + if response == 'b': + dest_dir = backup_dir(dest) + logger.warning( + 'Backing up %s to %s', display_path(dest), dest_dir, + ) + shutil.move(dest, dest_dir) + self.fetch_new(dest, url, rev_options) + return + + # Do nothing if the response is "i". + if response == 's': + logger.info( + 'Switching %s %s to %s%s', + self.repo_name, + display_path(dest), + url, + rev_display, + ) + self.switch(dest, url, rev_options) + + def unpack(self, location, url): + # type: (str, HiddenText) -> None + """ + Clean up current location and download the url repository + (and vcs infos) into location + + :param url: the repository URL starting with a vcs prefix. + """ + if os.path.exists(location): + rmtree(location) + self.obtain(location, url=url) + + @classmethod + def get_remote_url(cls, location): + # type: (str) -> str + """ + Return the url used at location + + Raises RemoteNotFoundError if the repository does not have a remote + url configured. + """ + raise NotImplementedError + + @classmethod + def get_revision(cls, location): + # type: (str) -> str + """ + Return the current commit id of the files at the given location. + """ + raise NotImplementedError + + @classmethod + def run_command( + cls, + cmd, # type: Union[List[str], CommandArgs] + show_stdout=True, # type: bool + cwd=None, # type: Optional[str] + on_returncode='raise', # type: str + extra_ok_returncodes=None, # type: Optional[Iterable[int]] + command_desc=None, # type: Optional[str] + extra_environ=None, # type: Optional[Mapping[str, Any]] + spinner=None, # type: Optional[SpinnerInterface] + log_failed_cmd=True, # type: bool + stdout_only=False, # type: bool + ): + # type: (...) -> str + """ + Run a VCS subcommand + This is simply a wrapper around call_subprocess that adds the VCS + command name, and checks that the VCS is available + """ + cmd = make_command(cls.name, *cmd) + try: + return call_subprocess(cmd, show_stdout, cwd, + on_returncode=on_returncode, + extra_ok_returncodes=extra_ok_returncodes, + command_desc=command_desc, + extra_environ=extra_environ, + unset_environ=cls.unset_environ, + spinner=spinner, + log_failed_cmd=log_failed_cmd, + stdout_only=stdout_only) + except FileNotFoundError: + # errno.ENOENT = no such file or directory + # In other words, the VCS executable isn't available + raise BadCommand( + f'Cannot find command {cls.name!r} - do you have ' + f'{cls.name!r} installed and in your PATH?') + except PermissionError: + # errno.EACCES = Permission denied + # This error occurs, for instance, when the command is installed + # only for another user. So, the current user don't have + # permission to call the other user command. + raise BadCommand( + f"No permission to execute {cls.name!r} - install it " + f"locally, globally (ask admin), or check your PATH. " + f"See possible solutions at " + f"https://pip.pypa.io/en/latest/reference/pip_freeze/" + f"#fixing-permission-denied." + ) + + @classmethod + def is_repository_directory(cls, path): + # type: (str) -> bool + """ + Return whether a directory path is a repository directory. + """ + logger.debug('Checking in %s for %s (%s)...', + path, cls.dirname, cls.name) + return os.path.exists(os.path.join(path, cls.dirname)) + + @classmethod + def get_repository_root(cls, location): + # type: (str) -> Optional[str] + """ + Return the "root" (top-level) directory controlled by the vcs, + or `None` if the directory is not in any. + + It is meant to be overridden to implement smarter detection + mechanisms for specific vcs. + + This can do more than is_repository_directory() alone. For + example, the Git override checks that Git is actually available. + """ + if cls.is_repository_directory(location): + return location + return None diff --git a/queries/venv/lib/python3.9/site-packages/pip/_internal/wheel_builder.py b/queries/venv/lib/python3.9/site-packages/pip/_internal/wheel_builder.py new file mode 100644 index 000000000..92f172bca --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_internal/wheel_builder.py @@ -0,0 +1,360 @@ +"""Orchestrator for building wheels from InstallRequirements. +""" + +import logging +import os.path +import re +import shutil +from typing import Any, Callable, Iterable, List, Optional, Tuple + +from pip._vendor.packaging.utils import canonicalize_name, canonicalize_version +from pip._vendor.packaging.version import InvalidVersion, Version + +from pip._internal.cache import WheelCache +from pip._internal.exceptions import InvalidWheelFilename, UnsupportedWheel +from pip._internal.metadata import get_wheel_distribution +from pip._internal.models.link import Link +from pip._internal.models.wheel import Wheel +from pip._internal.operations.build.wheel import build_wheel_pep517 +from pip._internal.operations.build.wheel_legacy import build_wheel_legacy +from pip._internal.req.req_install import InstallRequirement +from pip._internal.utils.logging import indent_log +from pip._internal.utils.misc import ensure_dir, hash_file, is_wheel_installed +from pip._internal.utils.setuptools_build import make_setuptools_clean_args +from pip._internal.utils.subprocess import call_subprocess +from pip._internal.utils.temp_dir import TempDirectory +from pip._internal.utils.urls import path_to_url +from pip._internal.vcs import vcs + +logger = logging.getLogger(__name__) + +_egg_info_re = re.compile(r'([a-z0-9_.]+)-([a-z0-9_.!+-]+)', re.IGNORECASE) + +BinaryAllowedPredicate = Callable[[InstallRequirement], bool] +BuildResult = Tuple[List[InstallRequirement], List[InstallRequirement]] + + +def _contains_egg_info(s): + # type: (str) -> bool + """Determine whether the string looks like an egg_info. + + :param s: The string to parse. E.g. foo-2.1 + """ + return bool(_egg_info_re.search(s)) + + +def _should_build( + req, # type: InstallRequirement + need_wheel, # type: bool + check_binary_allowed, # type: BinaryAllowedPredicate +): + # type: (...) -> bool + """Return whether an InstallRequirement should be built into a wheel.""" + if req.constraint: + # never build requirements that are merely constraints + return False + if req.is_wheel: + if need_wheel: + logger.info( + 'Skipping %s, due to already being wheel.', req.name, + ) + return False + + if need_wheel: + # i.e. pip wheel, not pip install + return True + + # From this point, this concerns the pip install command only + # (need_wheel=False). + + if req.editable or not req.source_dir: + return False + + if req.use_pep517: + return True + + if not check_binary_allowed(req): + logger.info( + "Skipping wheel build for %s, due to binaries " + "being disabled for it.", req.name, + ) + return False + + if not is_wheel_installed(): + # we don't build legacy requirements if wheel is not installed + logger.info( + "Using legacy 'setup.py install' for %s, " + "since package 'wheel' is not installed.", req.name, + ) + return False + + return True + + +def should_build_for_wheel_command( + req, # type: InstallRequirement +): + # type: (...) -> bool + return _should_build( + req, need_wheel=True, check_binary_allowed=_always_true + ) + + +def should_build_for_install_command( + req, # type: InstallRequirement + check_binary_allowed, # type: BinaryAllowedPredicate +): + # type: (...) -> bool + return _should_build( + req, need_wheel=False, check_binary_allowed=check_binary_allowed + ) + + +def _should_cache( + req, # type: InstallRequirement +): + # type: (...) -> Optional[bool] + """ + Return whether a built InstallRequirement can be stored in the persistent + wheel cache, assuming the wheel cache is available, and _should_build() + has determined a wheel needs to be built. + """ + if req.editable or not req.source_dir: + # never cache editable requirements + return False + + if req.link and req.link.is_vcs: + # VCS checkout. Do not cache + # unless it points to an immutable commit hash. + assert not req.editable + assert req.source_dir + vcs_backend = vcs.get_backend_for_scheme(req.link.scheme) + assert vcs_backend + if vcs_backend.is_immutable_rev_checkout(req.link.url, req.source_dir): + return True + return False + + assert req.link + base, ext = req.link.splitext() + if _contains_egg_info(base): + return True + + # Otherwise, do not cache. + return False + + +def _get_cache_dir( + req, # type: InstallRequirement + wheel_cache, # type: WheelCache +): + # type: (...) -> str + """Return the persistent or temporary cache directory where the built + wheel need to be stored. + """ + cache_available = bool(wheel_cache.cache_dir) + assert req.link + if cache_available and _should_cache(req): + cache_dir = wheel_cache.get_path_for_link(req.link) + else: + cache_dir = wheel_cache.get_ephem_path_for_link(req.link) + return cache_dir + + +def _always_true(_): + # type: (Any) -> bool + return True + + +def _verify_one(req, wheel_path): + # type: (InstallRequirement, str) -> None + canonical_name = canonicalize_name(req.name or "") + w = Wheel(os.path.basename(wheel_path)) + if canonicalize_name(w.name) != canonical_name: + raise InvalidWheelFilename( + "Wheel has unexpected file name: expected {!r}, " + "got {!r}".format(canonical_name, w.name), + ) + dist = get_wheel_distribution(wheel_path, canonical_name) + dist_verstr = str(dist.version) + if canonicalize_version(dist_verstr) != canonicalize_version(w.version): + raise InvalidWheelFilename( + "Wheel has unexpected file name: expected {!r}, " + "got {!r}".format(dist_verstr, w.version), + ) + metadata_version_value = dist.metadata_version + if metadata_version_value is None: + raise UnsupportedWheel("Missing Metadata-Version") + try: + metadata_version = Version(metadata_version_value) + except InvalidVersion: + msg = f"Invalid Metadata-Version: {metadata_version_value}" + raise UnsupportedWheel(msg) + if (metadata_version >= Version("1.2") + and not isinstance(dist.version, Version)): + raise UnsupportedWheel( + "Metadata 1.2 mandates PEP 440 version, " + "but {!r} is not".format(dist_verstr) + ) + + +def _build_one( + req, # type: InstallRequirement + output_dir, # type: str + verify, # type: bool + build_options, # type: List[str] + global_options, # type: List[str] +): + # type: (...) -> Optional[str] + """Build one wheel. + + :return: The filename of the built wheel, or None if the build failed. + """ + try: + ensure_dir(output_dir) + except OSError as e: + logger.warning( + "Building wheel for %s failed: %s", + req.name, e, + ) + return None + + # Install build deps into temporary directory (PEP 518) + with req.build_env: + wheel_path = _build_one_inside_env( + req, output_dir, build_options, global_options + ) + if wheel_path and verify: + try: + _verify_one(req, wheel_path) + except (InvalidWheelFilename, UnsupportedWheel) as e: + logger.warning("Built wheel for %s is invalid: %s", req.name, e) + return None + return wheel_path + + +def _build_one_inside_env( + req, # type: InstallRequirement + output_dir, # type: str + build_options, # type: List[str] + global_options, # type: List[str] +): + # type: (...) -> Optional[str] + with TempDirectory(kind="wheel") as temp_dir: + assert req.name + if req.use_pep517: + assert req.metadata_directory + assert req.pep517_backend + if global_options: + logger.warning( + 'Ignoring --global-option when building %s using PEP 517', req.name + ) + if build_options: + logger.warning( + 'Ignoring --build-option when building %s using PEP 517', req.name + ) + wheel_path = build_wheel_pep517( + name=req.name, + backend=req.pep517_backend, + metadata_directory=req.metadata_directory, + tempd=temp_dir.path, + ) + else: + wheel_path = build_wheel_legacy( + name=req.name, + setup_py_path=req.setup_py_path, + source_dir=req.unpacked_source_directory, + global_options=global_options, + build_options=build_options, + tempd=temp_dir.path, + ) + + if wheel_path is not None: + wheel_name = os.path.basename(wheel_path) + dest_path = os.path.join(output_dir, wheel_name) + try: + wheel_hash, length = hash_file(wheel_path) + shutil.move(wheel_path, dest_path) + logger.info('Created wheel for %s: ' + 'filename=%s size=%d sha256=%s', + req.name, wheel_name, length, + wheel_hash.hexdigest()) + logger.info('Stored in directory: %s', output_dir) + return dest_path + except Exception as e: + logger.warning( + "Building wheel for %s failed: %s", + req.name, e, + ) + # Ignore return, we can't do anything else useful. + if not req.use_pep517: + _clean_one_legacy(req, global_options) + return None + + +def _clean_one_legacy(req, global_options): + # type: (InstallRequirement, List[str]) -> bool + clean_args = make_setuptools_clean_args( + req.setup_py_path, + global_options=global_options, + ) + + logger.info('Running setup.py clean for %s', req.name) + try: + call_subprocess(clean_args, cwd=req.source_dir) + return True + except Exception: + logger.error('Failed cleaning build dir for %s', req.name) + return False + + +def build( + requirements, # type: Iterable[InstallRequirement] + wheel_cache, # type: WheelCache + verify, # type: bool + build_options, # type: List[str] + global_options, # type: List[str] +): + # type: (...) -> BuildResult + """Build wheels. + + :return: The list of InstallRequirement that succeeded to build and + the list of InstallRequirement that failed to build. + """ + if not requirements: + return [], [] + + # Build the wheels. + logger.info( + 'Building wheels for collected packages: %s', + ', '.join(req.name for req in requirements), # type: ignore + ) + + with indent_log(): + build_successes, build_failures = [], [] + for req in requirements: + cache_dir = _get_cache_dir(req, wheel_cache) + wheel_file = _build_one( + req, cache_dir, verify, build_options, global_options + ) + if wheel_file: + # Update the link for this. + req.link = Link(path_to_url(wheel_file)) + req.local_file_path = req.link.file_path + assert req.link.is_wheel + build_successes.append(req) + else: + build_failures.append(req) + + # notify success/failure + if build_successes: + logger.info( + 'Successfully built %s', + ' '.join([req.name for req in build_successes]), # type: ignore + ) + if build_failures: + logger.info( + 'Failed to build %s', + ' '.join([req.name for req in build_failures]), # type: ignore + ) + # Return a list of requirements that failed to build + return build_successes, build_failures diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/__init__.py new file mode 100644 index 000000000..57e32dab1 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/__init__.py @@ -0,0 +1,111 @@ +""" +pip._vendor is for vendoring dependencies of pip to prevent needing pip to +depend on something external. + +Files inside of pip._vendor should be considered immutable and should only be +updated to versions from upstream. +""" +from __future__ import absolute_import + +import glob +import os.path +import sys + +# Downstream redistributors which have debundled our dependencies should also +# patch this value to be true. This will trigger the additional patching +# to cause things like "six" to be available as pip. +DEBUNDLED = False + +# By default, look in this directory for a bunch of .whl files which we will +# add to the beginning of sys.path before attempting to import anything. This +# is done to support downstream re-distributors like Debian and Fedora who +# wish to create their own Wheels for our dependencies to aid in debundling. +WHEEL_DIR = os.path.abspath(os.path.dirname(__file__)) + + +# Define a small helper function to alias our vendored modules to the real ones +# if the vendored ones do not exist. This idea of this was taken from +# https://github.com/kennethreitz/requests/pull/2567. +def vendored(modulename): + vendored_name = "{0}.{1}".format(__name__, modulename) + + try: + __import__(modulename, globals(), locals(), level=0) + except ImportError: + # We can just silently allow import failures to pass here. If we + # got to this point it means that ``import pip._vendor.whatever`` + # failed and so did ``import whatever``. Since we're importing this + # upfront in an attempt to alias imports, not erroring here will + # just mean we get a regular import error whenever pip *actually* + # tries to import one of these modules to use it, which actually + # gives us a better error message than we would have otherwise + # gotten. + pass + else: + sys.modules[vendored_name] = sys.modules[modulename] + base, head = vendored_name.rsplit(".", 1) + setattr(sys.modules[base], head, sys.modules[modulename]) + + +# If we're operating in a debundled setup, then we want to go ahead and trigger +# the aliasing of our vendored libraries as well as looking for wheels to add +# to our sys.path. This will cause all of this code to be a no-op typically +# however downstream redistributors can enable it in a consistent way across +# all platforms. +if DEBUNDLED: + # Actually look inside of WHEEL_DIR to find .whl files and add them to the + # front of our sys.path. + sys.path[:] = glob.glob(os.path.join(WHEEL_DIR, "*.whl")) + sys.path + + # Actually alias all of our vendored dependencies. + vendored("appdirs") + vendored("cachecontrol") + vendored("certifi") + vendored("colorama") + vendored("distlib") + vendored("distro") + vendored("html5lib") + vendored("six") + vendored("six.moves") + vendored("six.moves.urllib") + vendored("six.moves.urllib.parse") + vendored("packaging") + vendored("packaging.version") + vendored("packaging.specifiers") + vendored("pep517") + vendored("pkg_resources") + vendored("progress") + vendored("requests") + vendored("requests.exceptions") + vendored("requests.packages") + vendored("requests.packages.urllib3") + vendored("requests.packages.urllib3._collections") + vendored("requests.packages.urllib3.connection") + vendored("requests.packages.urllib3.connectionpool") + vendored("requests.packages.urllib3.contrib") + vendored("requests.packages.urllib3.contrib.ntlmpool") + vendored("requests.packages.urllib3.contrib.pyopenssl") + vendored("requests.packages.urllib3.exceptions") + vendored("requests.packages.urllib3.fields") + vendored("requests.packages.urllib3.filepost") + vendored("requests.packages.urllib3.packages") + vendored("requests.packages.urllib3.packages.ordered_dict") + vendored("requests.packages.urllib3.packages.six") + vendored("requests.packages.urllib3.packages.ssl_match_hostname") + vendored("requests.packages.urllib3.packages.ssl_match_hostname." + "_implementation") + vendored("requests.packages.urllib3.poolmanager") + vendored("requests.packages.urllib3.request") + vendored("requests.packages.urllib3.response") + vendored("requests.packages.urllib3.util") + vendored("requests.packages.urllib3.util.connection") + vendored("requests.packages.urllib3.util.request") + vendored("requests.packages.urllib3.util.response") + vendored("requests.packages.urllib3.util.retry") + vendored("requests.packages.urllib3.util.ssl_") + vendored("requests.packages.urllib3.util.timeout") + vendored("requests.packages.urllib3.util.url") + vendored("resolvelib") + vendored("tenacity") + vendored("tomli") + vendored("urllib3") diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/appdirs.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/appdirs.py new file mode 100644 index 000000000..33a3b7741 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/appdirs.py @@ -0,0 +1,633 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- +# Copyright (c) 2005-2010 ActiveState Software Inc. +# Copyright (c) 2013 Eddy Petrișor + +"""Utilities for determining application-specific dirs. + +See for details and usage. +""" +# Dev Notes: +# - MSDN on where to store app data files: +# http://support.microsoft.com/default.aspx?scid=kb;en-us;310294#XSLTH3194121123120121120120 +# - Mac OS X: http://developer.apple.com/documentation/MacOSX/Conceptual/BPFileSystem/index.html +# - XDG spec for Un*x: http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html + +__version__ = "1.4.4" +__version_info__ = tuple(int(segment) for segment in __version__.split(".")) + + +import sys +import os + +PY3 = sys.version_info[0] == 3 + +if PY3: + unicode = str + +if sys.platform.startswith('java'): + import platform + os_name = platform.java_ver()[3][0] + if os_name.startswith('Windows'): # "Windows XP", "Windows 7", etc. + system = 'win32' + elif os_name.startswith('Mac'): # "Mac OS X", etc. + system = 'darwin' + else: # "Linux", "SunOS", "FreeBSD", etc. + # Setting this to "linux2" is not ideal, but only Windows or Mac + # are actually checked for and the rest of the module expects + # *sys.platform* style strings. + system = 'linux2' +elif sys.platform == 'cli' and os.name == 'nt': + # Detect Windows in IronPython to match pip._internal.utils.compat.WINDOWS + # Discussion: + system = 'win32' +else: + system = sys.platform + + + +def user_data_dir(appname=None, appauthor=None, version=None, roaming=False): + r"""Return full path to the user-specific data dir for this application. + + "appname" is the name of application. + If None, just the system directory is returned. + "appauthor" (only used on Windows) is the name of the + appauthor or distributing body for this application. Typically + it is the owning company name. This falls back to appname. You may + pass False to disable it. + "version" is an optional version path element to append to the + path. You might want to use this if you want multiple versions + of your app to be able to run independently. If used, this + would typically be ".". + Only applied when appname is present. + "roaming" (boolean, default False) can be set True to use the Windows + roaming appdata directory. That means that for users on a Windows + network setup for roaming profiles, this user data will be + sync'd on login. See + + for a discussion of issues. + + Typical user data directories are: + Mac OS X: ~/Library/Application Support/ # or ~/.config/, if the other does not exist + Unix: ~/.local/share/ # or in $XDG_DATA_HOME, if defined + Win XP (not roaming): C:\Documents and Settings\\Application Data\\ + Win XP (roaming): C:\Documents and Settings\\Local Settings\Application Data\\ + Win 7 (not roaming): C:\Users\\AppData\Local\\ + Win 7 (roaming): C:\Users\\AppData\Roaming\\ + + For Unix, we follow the XDG spec and support $XDG_DATA_HOME. + That means, by default "~/.local/share/". + """ + if system == "win32": + if appauthor is None: + appauthor = appname + const = roaming and "CSIDL_APPDATA" or "CSIDL_LOCAL_APPDATA" + path = os.path.normpath(_get_win_folder(const)) + if appname: + if appauthor is not False: + path = os.path.join(path, appauthor, appname) + else: + path = os.path.join(path, appname) + elif system == 'darwin': + path = os.path.expanduser('~/Library/Application Support/') + if appname: + path = os.path.join(path, appname) + else: + path = os.getenv('XDG_DATA_HOME', os.path.expanduser("~/.local/share")) + if appname: + path = os.path.join(path, appname) + if appname and version: + path = os.path.join(path, version) + return path + + +def site_data_dir(appname=None, appauthor=None, version=None, multipath=False): + r"""Return full path to the user-shared data dir for this application. + + "appname" is the name of application. + If None, just the system directory is returned. + "appauthor" (only used on Windows) is the name of the + appauthor or distributing body for this application. Typically + it is the owning company name. This falls back to appname. You may + pass False to disable it. + "version" is an optional version path element to append to the + path. You might want to use this if you want multiple versions + of your app to be able to run independently. If used, this + would typically be ".". + Only applied when appname is present. + "multipath" is an optional parameter only applicable to *nix + which indicates that the entire list of data dirs should be + returned. By default, the first item from XDG_DATA_DIRS is + returned, or '/usr/local/share/', + if XDG_DATA_DIRS is not set + + Typical site data directories are: + Mac OS X: /Library/Application Support/ + Unix: /usr/local/share/ or /usr/share/ + Win XP: C:\Documents and Settings\All Users\Application Data\\ + Vista: (Fail! "C:\ProgramData" is a hidden *system* directory on Vista.) + Win 7: C:\ProgramData\\ # Hidden, but writeable on Win 7. + + For Unix, this is using the $XDG_DATA_DIRS[0] default. + + WARNING: Do not use this on Windows. See the Vista-Fail note above for why. + """ + if system == "win32": + if appauthor is None: + appauthor = appname + path = os.path.normpath(_get_win_folder("CSIDL_COMMON_APPDATA")) + if appname: + if appauthor is not False: + path = os.path.join(path, appauthor, appname) + else: + path = os.path.join(path, appname) + elif system == 'darwin': + path = os.path.expanduser('/Library/Application Support') + if appname: + path = os.path.join(path, appname) + else: + # XDG default for $XDG_DATA_DIRS + # only first, if multipath is False + path = os.getenv('XDG_DATA_DIRS', + os.pathsep.join(['/usr/local/share', '/usr/share'])) + pathlist = [os.path.expanduser(x.rstrip(os.sep)) for x in path.split(os.pathsep)] + if appname: + if version: + appname = os.path.join(appname, version) + pathlist = [os.path.join(x, appname) for x in pathlist] + + if multipath: + path = os.pathsep.join(pathlist) + else: + path = pathlist[0] + return path + + if appname and version: + path = os.path.join(path, version) + return path + + +def user_config_dir(appname=None, appauthor=None, version=None, roaming=False): + r"""Return full path to the user-specific config dir for this application. + + "appname" is the name of application. + If None, just the system directory is returned. + "appauthor" (only used on Windows) is the name of the + appauthor or distributing body for this application. Typically + it is the owning company name. This falls back to appname. You may + pass False to disable it. + "version" is an optional version path element to append to the + path. You might want to use this if you want multiple versions + of your app to be able to run independently. If used, this + would typically be ".". + Only applied when appname is present. + "roaming" (boolean, default False) can be set True to use the Windows + roaming appdata directory. That means that for users on a Windows + network setup for roaming profiles, this user data will be + sync'd on login. See + + for a discussion of issues. + + Typical user config directories are: + Mac OS X: same as user_data_dir + Unix: ~/.config/ # or in $XDG_CONFIG_HOME, if defined + Win *: same as user_data_dir + + For Unix, we follow the XDG spec and support $XDG_CONFIG_HOME. + That means, by default "~/.config/". + """ + if system in ["win32", "darwin"]: + path = user_data_dir(appname, appauthor, None, roaming) + else: + path = os.getenv('XDG_CONFIG_HOME', os.path.expanduser("~/.config")) + if appname: + path = os.path.join(path, appname) + if appname and version: + path = os.path.join(path, version) + return path + + +# for the discussion regarding site_config_dir locations +# see +def site_config_dir(appname=None, appauthor=None, version=None, multipath=False): + r"""Return full path to the user-shared data dir for this application. + + "appname" is the name of application. + If None, just the system directory is returned. + "appauthor" (only used on Windows) is the name of the + appauthor or distributing body for this application. Typically + it is the owning company name. This falls back to appname. You may + pass False to disable it. + "version" is an optional version path element to append to the + path. You might want to use this if you want multiple versions + of your app to be able to run independently. If used, this + would typically be ".". + Only applied when appname is present. + "multipath" is an optional parameter only applicable to *nix + which indicates that the entire list of config dirs should be + returned. By default, the first item from XDG_CONFIG_DIRS is + returned, or '/etc/xdg/', if XDG_CONFIG_DIRS is not set + + Typical site config directories are: + Mac OS X: same as site_data_dir + Unix: /etc/xdg/ or $XDG_CONFIG_DIRS[i]/ for each value in + $XDG_CONFIG_DIRS + Win *: same as site_data_dir + Vista: (Fail! "C:\ProgramData" is a hidden *system* directory on Vista.) + + For Unix, this is using the $XDG_CONFIG_DIRS[0] default, if multipath=False + + WARNING: Do not use this on Windows. See the Vista-Fail note above for why. + """ + if system in ["win32", "darwin"]: + path = site_data_dir(appname, appauthor) + if appname and version: + path = os.path.join(path, version) + else: + # XDG default for $XDG_CONFIG_DIRS (missing or empty) + # see + # only first, if multipath is False + path = os.getenv('XDG_CONFIG_DIRS') or '/etc/xdg' + pathlist = [os.path.expanduser(x.rstrip(os.sep)) for x in path.split(os.pathsep) if x] + if appname: + if version: + appname = os.path.join(appname, version) + pathlist = [os.path.join(x, appname) for x in pathlist] + + if multipath: + path = os.pathsep.join(pathlist) + else: + path = pathlist[0] + return path + + +def user_cache_dir(appname=None, appauthor=None, version=None, opinion=True): + r"""Return full path to the user-specific cache dir for this application. + + "appname" is the name of application. + If None, just the system directory is returned. + "appauthor" (only used on Windows) is the name of the + appauthor or distributing body for this application. Typically + it is the owning company name. This falls back to appname. You may + pass False to disable it. + "version" is an optional version path element to append to the + path. You might want to use this if you want multiple versions + of your app to be able to run independently. If used, this + would typically be ".". + Only applied when appname is present. + "opinion" (boolean) can be False to disable the appending of + "Cache" to the base app data dir for Windows. See + discussion below. + + Typical user cache directories are: + Mac OS X: ~/Library/Caches/ + Unix: ~/.cache/ (XDG default) + Win XP: C:\Documents and Settings\\Local Settings\Application Data\\\Cache + Vista: C:\Users\\AppData\Local\\\Cache + + On Windows the only suggestion in the MSDN docs is that local settings go in + the `CSIDL_LOCAL_APPDATA` directory. This is identical to the non-roaming + app data dir (the default returned by `user_data_dir` above). Apps typically + put cache data somewhere *under* the given dir here. Some examples: + ...\Mozilla\Firefox\Profiles\\Cache + ...\Acme\SuperApp\Cache\1.0 + OPINION: This function appends "Cache" to the `CSIDL_LOCAL_APPDATA` value. + This can be disabled with the `opinion=False` option. + """ + if system == "win32": + if appauthor is None: + appauthor = appname + path = os.path.normpath(_get_win_folder("CSIDL_LOCAL_APPDATA")) + # When using Python 2, return paths as bytes on Windows like we do on + # other operating systems. See helper function docs for more details. + if not PY3 and isinstance(path, unicode): + path = _win_path_to_bytes(path) + if appname: + if appauthor is not False: + path = os.path.join(path, appauthor, appname) + else: + path = os.path.join(path, appname) + if opinion: + path = os.path.join(path, "Cache") + elif system == 'darwin': + path = os.path.expanduser('~/Library/Caches') + if appname: + path = os.path.join(path, appname) + else: + path = os.getenv('XDG_CACHE_HOME', os.path.expanduser('~/.cache')) + if appname: + path = os.path.join(path, appname) + if appname and version: + path = os.path.join(path, version) + return path + + +def user_state_dir(appname=None, appauthor=None, version=None, roaming=False): + r"""Return full path to the user-specific state dir for this application. + + "appname" is the name of application. + If None, just the system directory is returned. + "appauthor" (only used on Windows) is the name of the + appauthor or distributing body for this application. Typically + it is the owning company name. This falls back to appname. You may + pass False to disable it. + "version" is an optional version path element to append to the + path. You might want to use this if you want multiple versions + of your app to be able to run independently. If used, this + would typically be ".". + Only applied when appname is present. + "roaming" (boolean, default False) can be set True to use the Windows + roaming appdata directory. That means that for users on a Windows + network setup for roaming profiles, this user data will be + sync'd on login. See + + for a discussion of issues. + + Typical user state directories are: + Mac OS X: same as user_data_dir + Unix: ~/.local/state/ # or in $XDG_STATE_HOME, if defined + Win *: same as user_data_dir + + For Unix, we follow this Debian proposal + to extend the XDG spec and support $XDG_STATE_HOME. + + That means, by default "~/.local/state/". + """ + if system in ["win32", "darwin"]: + path = user_data_dir(appname, appauthor, None, roaming) + else: + path = os.getenv('XDG_STATE_HOME', os.path.expanduser("~/.local/state")) + if appname: + path = os.path.join(path, appname) + if appname and version: + path = os.path.join(path, version) + return path + + +def user_log_dir(appname=None, appauthor=None, version=None, opinion=True): + r"""Return full path to the user-specific log dir for this application. + + "appname" is the name of application. + If None, just the system directory is returned. + "appauthor" (only used on Windows) is the name of the + appauthor or distributing body for this application. Typically + it is the owning company name. This falls back to appname. You may + pass False to disable it. + "version" is an optional version path element to append to the + path. You might want to use this if you want multiple versions + of your app to be able to run independently. If used, this + would typically be ".". + Only applied when appname is present. + "opinion" (boolean) can be False to disable the appending of + "Logs" to the base app data dir for Windows, and "log" to the + base cache dir for Unix. See discussion below. + + Typical user log directories are: + Mac OS X: ~/Library/Logs/ + Unix: ~/.cache//log # or under $XDG_CACHE_HOME if defined + Win XP: C:\Documents and Settings\\Local Settings\Application Data\\\Logs + Vista: C:\Users\\AppData\Local\\\Logs + + On Windows the only suggestion in the MSDN docs is that local settings + go in the `CSIDL_LOCAL_APPDATA` directory. (Note: I'm interested in + examples of what some windows apps use for a logs dir.) + + OPINION: This function appends "Logs" to the `CSIDL_LOCAL_APPDATA` + value for Windows and appends "log" to the user cache dir for Unix. + This can be disabled with the `opinion=False` option. + """ + if system == "darwin": + path = os.path.join( + os.path.expanduser('~/Library/Logs'), + appname) + elif system == "win32": + path = user_data_dir(appname, appauthor, version) + version = False + if opinion: + path = os.path.join(path, "Logs") + else: + path = user_cache_dir(appname, appauthor, version) + version = False + if opinion: + path = os.path.join(path, "log") + if appname and version: + path = os.path.join(path, version) + return path + + +class AppDirs(object): + """Convenience wrapper for getting application dirs.""" + def __init__(self, appname=None, appauthor=None, version=None, + roaming=False, multipath=False): + self.appname = appname + self.appauthor = appauthor + self.version = version + self.roaming = roaming + self.multipath = multipath + + @property + def user_data_dir(self): + return user_data_dir(self.appname, self.appauthor, + version=self.version, roaming=self.roaming) + + @property + def site_data_dir(self): + return site_data_dir(self.appname, self.appauthor, + version=self.version, multipath=self.multipath) + + @property + def user_config_dir(self): + return user_config_dir(self.appname, self.appauthor, + version=self.version, roaming=self.roaming) + + @property + def site_config_dir(self): + return site_config_dir(self.appname, self.appauthor, + version=self.version, multipath=self.multipath) + + @property + def user_cache_dir(self): + return user_cache_dir(self.appname, self.appauthor, + version=self.version) + + @property + def user_state_dir(self): + return user_state_dir(self.appname, self.appauthor, + version=self.version) + + @property + def user_log_dir(self): + return user_log_dir(self.appname, self.appauthor, + version=self.version) + + +#---- internal support stuff + +def _get_win_folder_from_registry(csidl_name): + """This is a fallback technique at best. I'm not sure if using the + registry for this guarantees us the correct answer for all CSIDL_* + names. + """ + if PY3: + import winreg as _winreg + else: + import _winreg + + shell_folder_name = { + "CSIDL_APPDATA": "AppData", + "CSIDL_COMMON_APPDATA": "Common AppData", + "CSIDL_LOCAL_APPDATA": "Local AppData", + }[csidl_name] + + key = _winreg.OpenKey( + _winreg.HKEY_CURRENT_USER, + r"Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" + ) + dir, type = _winreg.QueryValueEx(key, shell_folder_name) + return dir + + +def _get_win_folder_with_pywin32(csidl_name): + from win32com.shell import shellcon, shell + dir = shell.SHGetFolderPath(0, getattr(shellcon, csidl_name), 0, 0) + # Try to make this a unicode path because SHGetFolderPath does + # not return unicode strings when there is unicode data in the + # path. + try: + dir = unicode(dir) + + # Downgrade to short path name if have highbit chars. See + # . + has_high_char = False + for c in dir: + if ord(c) > 255: + has_high_char = True + break + if has_high_char: + try: + import win32api + dir = win32api.GetShortPathName(dir) + except ImportError: + pass + except UnicodeError: + pass + return dir + + +def _get_win_folder_with_ctypes(csidl_name): + import ctypes + + csidl_const = { + "CSIDL_APPDATA": 26, + "CSIDL_COMMON_APPDATA": 35, + "CSIDL_LOCAL_APPDATA": 28, + }[csidl_name] + + buf = ctypes.create_unicode_buffer(1024) + ctypes.windll.shell32.SHGetFolderPathW(None, csidl_const, None, 0, buf) + + # Downgrade to short path name if have highbit chars. See + # . + has_high_char = False + for c in buf: + if ord(c) > 255: + has_high_char = True + break + if has_high_char: + buf2 = ctypes.create_unicode_buffer(1024) + if ctypes.windll.kernel32.GetShortPathNameW(buf.value, buf2, 1024): + buf = buf2 + + return buf.value + +def _get_win_folder_with_jna(csidl_name): + import array + from com.sun import jna + from com.sun.jna.platform import win32 + + buf_size = win32.WinDef.MAX_PATH * 2 + buf = array.zeros('c', buf_size) + shell = win32.Shell32.INSTANCE + shell.SHGetFolderPath(None, getattr(win32.ShlObj, csidl_name), None, win32.ShlObj.SHGFP_TYPE_CURRENT, buf) + dir = jna.Native.toString(buf.tostring()).rstrip("\0") + + # Downgrade to short path name if have highbit chars. See + # . + has_high_char = False + for c in dir: + if ord(c) > 255: + has_high_char = True + break + if has_high_char: + buf = array.zeros('c', buf_size) + kernel = win32.Kernel32.INSTANCE + if kernel.GetShortPathName(dir, buf, buf_size): + dir = jna.Native.toString(buf.tostring()).rstrip("\0") + + return dir + +if system == "win32": + try: + from ctypes import windll + _get_win_folder = _get_win_folder_with_ctypes + except ImportError: + try: + import com.sun.jna + _get_win_folder = _get_win_folder_with_jna + except ImportError: + _get_win_folder = _get_win_folder_from_registry + + +def _win_path_to_bytes(path): + """Encode Windows paths to bytes. Only used on Python 2. + + Motivation is to be consistent with other operating systems where paths + are also returned as bytes. This avoids problems mixing bytes and Unicode + elsewhere in the codebase. For more details and discussion see + . + + If encoding using ASCII and MBCS fails, return the original Unicode path. + """ + for encoding in ('ASCII', 'MBCS'): + try: + return path.encode(encoding) + except (UnicodeEncodeError, LookupError): + pass + return path + + +#---- self test code + +if __name__ == "__main__": + appname = "MyApp" + appauthor = "MyCompany" + + props = ("user_data_dir", + "user_config_dir", + "user_cache_dir", + "user_state_dir", + "user_log_dir", + "site_data_dir", + "site_config_dir") + + print("-- app dirs %s --" % __version__) + + print("-- app dirs (with optional 'version')") + dirs = AppDirs(appname, appauthor, version="1.0") + for prop in props: + print("%s: %s" % (prop, getattr(dirs, prop))) + + print("\n-- app dirs (without optional 'version')") + dirs = AppDirs(appname, appauthor) + for prop in props: + print("%s: %s" % (prop, getattr(dirs, prop))) + + print("\n-- app dirs (without optional 'appauthor')") + dirs = AppDirs(appname) + for prop in props: + print("%s: %s" % (prop, getattr(dirs, prop))) + + print("\n-- app dirs (with disabled 'appauthor')") + dirs = AppDirs(appname, appauthor=False) + for prop in props: + print("%s: %s" % (prop, getattr(dirs, prop))) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/__init__.py new file mode 100644 index 000000000..a1bbbbe3b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/__init__.py @@ -0,0 +1,11 @@ +"""CacheControl import Interface. + +Make it easy to import from cachecontrol without long namespaces. +""" +__author__ = "Eric Larson" +__email__ = "eric@ionrock.org" +__version__ = "0.12.6" + +from .wrapper import CacheControl +from .adapter import CacheControlAdapter +from .controller import CacheController diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/_cmd.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/_cmd.py new file mode 100644 index 000000000..f1e0ad94a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/_cmd.py @@ -0,0 +1,57 @@ +import logging + +from pip._vendor import requests + +from pip._vendor.cachecontrol.adapter import CacheControlAdapter +from pip._vendor.cachecontrol.cache import DictCache +from pip._vendor.cachecontrol.controller import logger + +from argparse import ArgumentParser + + +def setup_logging(): + logger.setLevel(logging.DEBUG) + handler = logging.StreamHandler() + logger.addHandler(handler) + + +def get_session(): + adapter = CacheControlAdapter( + DictCache(), cache_etags=True, serializer=None, heuristic=None + ) + sess = requests.Session() + sess.mount("http://", adapter) + sess.mount("https://", adapter) + + sess.cache_controller = adapter.controller + return sess + + +def get_args(): + parser = ArgumentParser() + parser.add_argument("url", help="The URL to try and cache") + return parser.parse_args() + + +def main(args=None): + args = get_args() + sess = get_session() + + # Make a request to get a response + resp = sess.get(args.url) + + # Turn on logging + setup_logging() + + # try setting the cache + sess.cache_controller.cache_response(resp.request, resp.raw) + + # Now try to get it + if sess.cache_controller.cached_request(resp.request): + print("Cached!") + else: + print("Not cached :(") + + +if __name__ == "__main__": + main() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/adapter.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/adapter.py new file mode 100644 index 000000000..815650e81 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/adapter.py @@ -0,0 +1,133 @@ +import types +import functools +import zlib + +from pip._vendor.requests.adapters import HTTPAdapter + +from .controller import CacheController +from .cache import DictCache +from .filewrapper import CallbackFileWrapper + + +class CacheControlAdapter(HTTPAdapter): + invalidating_methods = {"PUT", "DELETE"} + + def __init__( + self, + cache=None, + cache_etags=True, + controller_class=None, + serializer=None, + heuristic=None, + cacheable_methods=None, + *args, + **kw + ): + super(CacheControlAdapter, self).__init__(*args, **kw) + self.cache = DictCache() if cache is None else cache + self.heuristic = heuristic + self.cacheable_methods = cacheable_methods or ("GET",) + + controller_factory = controller_class or CacheController + self.controller = controller_factory( + self.cache, cache_etags=cache_etags, serializer=serializer + ) + + def send(self, request, cacheable_methods=None, **kw): + """ + Send a request. Use the request information to see if it + exists in the cache and cache the response if we need to and can. + """ + cacheable = cacheable_methods or self.cacheable_methods + if request.method in cacheable: + try: + cached_response = self.controller.cached_request(request) + except zlib.error: + cached_response = None + if cached_response: + return self.build_response(request, cached_response, from_cache=True) + + # check for etags and add headers if appropriate + request.headers.update(self.controller.conditional_headers(request)) + + resp = super(CacheControlAdapter, self).send(request, **kw) + + return resp + + def build_response( + self, request, response, from_cache=False, cacheable_methods=None + ): + """ + Build a response by making a request or using the cache. + + This will end up calling send and returning a potentially + cached response + """ + cacheable = cacheable_methods or self.cacheable_methods + if not from_cache and request.method in cacheable: + # Check for any heuristics that might update headers + # before trying to cache. + if self.heuristic: + response = self.heuristic.apply(response) + + # apply any expiration heuristics + if response.status == 304: + # We must have sent an ETag request. This could mean + # that we've been expired already or that we simply + # have an etag. In either case, we want to try and + # update the cache if that is the case. + cached_response = self.controller.update_cached_response( + request, response + ) + + if cached_response is not response: + from_cache = True + + # We are done with the server response, read a + # possible response body (compliant servers will + # not return one, but we cannot be 100% sure) and + # release the connection back to the pool. + response.read(decode_content=False) + response.release_conn() + + response = cached_response + + # We always cache the 301 responses + elif response.status == 301: + self.controller.cache_response(request, response) + else: + # Wrap the response file with a wrapper that will cache the + # response when the stream has been consumed. + response._fp = CallbackFileWrapper( + response._fp, + functools.partial( + self.controller.cache_response, request, response + ), + ) + if response.chunked: + super_update_chunk_length = response._update_chunk_length + + def _update_chunk_length(self): + super_update_chunk_length() + if self.chunk_left == 0: + self._fp._close() + + response._update_chunk_length = types.MethodType( + _update_chunk_length, response + ) + + resp = super(CacheControlAdapter, self).build_response(request, response) + + # See if we should invalidate the cache. + if request.method in self.invalidating_methods and resp.ok: + cache_url = self.controller.cache_url(request.url) + self.cache.delete(cache_url) + + # Give the request a from_cache attr to let people use it + resp.from_cache = from_cache + + return resp + + def close(self): + self.cache.close() + super(CacheControlAdapter, self).close() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/cache.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/cache.py new file mode 100644 index 000000000..94e07732d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/cache.py @@ -0,0 +1,39 @@ +""" +The cache object API for implementing caches. The default is a thread +safe in-memory dictionary. +""" +from threading import Lock + + +class BaseCache(object): + + def get(self, key): + raise NotImplementedError() + + def set(self, key, value): + raise NotImplementedError() + + def delete(self, key): + raise NotImplementedError() + + def close(self): + pass + + +class DictCache(BaseCache): + + def __init__(self, init_dict=None): + self.lock = Lock() + self.data = init_dict or {} + + def get(self, key): + return self.data.get(key, None) + + def set(self, key, value): + with self.lock: + self.data.update({key: value}) + + def delete(self, key): + with self.lock: + if key in self.data: + self.data.pop(key) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/__init__.py new file mode 100644 index 000000000..0e1658fa5 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/__init__.py @@ -0,0 +1,2 @@ +from .file_cache import FileCache # noqa +from .redis_cache import RedisCache # noqa diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/file_cache.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/file_cache.py new file mode 100644 index 000000000..607b94524 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/file_cache.py @@ -0,0 +1,146 @@ +import hashlib +import os +from textwrap import dedent + +from ..cache import BaseCache +from ..controller import CacheController + +try: + FileNotFoundError +except NameError: + # py2.X + FileNotFoundError = (IOError, OSError) + + +def _secure_open_write(filename, fmode): + # We only want to write to this file, so open it in write only mode + flags = os.O_WRONLY + + # os.O_CREAT | os.O_EXCL will fail if the file already exists, so we only + # will open *new* files. + # We specify this because we want to ensure that the mode we pass is the + # mode of the file. + flags |= os.O_CREAT | os.O_EXCL + + # Do not follow symlinks to prevent someone from making a symlink that + # we follow and insecurely open a cache file. + if hasattr(os, "O_NOFOLLOW"): + flags |= os.O_NOFOLLOW + + # On Windows we'll mark this file as binary + if hasattr(os, "O_BINARY"): + flags |= os.O_BINARY + + # Before we open our file, we want to delete any existing file that is + # there + try: + os.remove(filename) + except (IOError, OSError): + # The file must not exist already, so we can just skip ahead to opening + pass + + # Open our file, the use of os.O_CREAT | os.O_EXCL will ensure that if a + # race condition happens between the os.remove and this line, that an + # error will be raised. Because we utilize a lockfile this should only + # happen if someone is attempting to attack us. + fd = os.open(filename, flags, fmode) + try: + return os.fdopen(fd, "wb") + + except: + # An error occurred wrapping our FD in a file object + os.close(fd) + raise + + +class FileCache(BaseCache): + + def __init__( + self, + directory, + forever=False, + filemode=0o0600, + dirmode=0o0700, + use_dir_lock=None, + lock_class=None, + ): + + if use_dir_lock is not None and lock_class is not None: + raise ValueError("Cannot use use_dir_lock and lock_class together") + + try: + from lockfile import LockFile + from lockfile.mkdirlockfile import MkdirLockFile + except ImportError: + notice = dedent( + """ + NOTE: In order to use the FileCache you must have + lockfile installed. You can install it via pip: + pip install lockfile + """ + ) + raise ImportError(notice) + + else: + if use_dir_lock: + lock_class = MkdirLockFile + + elif lock_class is None: + lock_class = LockFile + + self.directory = directory + self.forever = forever + self.filemode = filemode + self.dirmode = dirmode + self.lock_class = lock_class + + @staticmethod + def encode(x): + return hashlib.sha224(x.encode()).hexdigest() + + def _fn(self, name): + # NOTE: This method should not change as some may depend on it. + # See: https://github.com/ionrock/cachecontrol/issues/63 + hashed = self.encode(name) + parts = list(hashed[:5]) + [hashed] + return os.path.join(self.directory, *parts) + + def get(self, key): + name = self._fn(key) + try: + with open(name, "rb") as fh: + return fh.read() + + except FileNotFoundError: + return None + + def set(self, key, value): + name = self._fn(key) + + # Make sure the directory exists + try: + os.makedirs(os.path.dirname(name), self.dirmode) + except (IOError, OSError): + pass + + with self.lock_class(name) as lock: + # Write our actual file + with _secure_open_write(lock.path, self.filemode) as fh: + fh.write(value) + + def delete(self, key): + name = self._fn(key) + if not self.forever: + try: + os.remove(name) + except FileNotFoundError: + pass + + +def url_to_file_path(url, filecache): + """Return the file cache path based on the URL. + + This does not ensure the file exists! + """ + key = CacheController.cache_url(url) + return filecache._fn(key) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/redis_cache.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/redis_cache.py new file mode 100644 index 000000000..ed705ce7d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/caches/redis_cache.py @@ -0,0 +1,33 @@ +from __future__ import division + +from datetime import datetime +from pip._vendor.cachecontrol.cache import BaseCache + + +class RedisCache(BaseCache): + + def __init__(self, conn): + self.conn = conn + + def get(self, key): + return self.conn.get(key) + + def set(self, key, value, expires=None): + if not expires: + self.conn.set(key, value) + else: + expires = expires - datetime.utcnow() + self.conn.setex(key, int(expires.total_seconds()), value) + + def delete(self, key): + self.conn.delete(key) + + def clear(self): + """Helper for clearing all the keys in a database. Use with + caution!""" + for key in self.conn.keys(): + self.conn.delete(key) + + def close(self): + """Redis uses connection pooling, no need to close the connection.""" + pass diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/compat.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/compat.py new file mode 100644 index 000000000..33b5aed0a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/compat.py @@ -0,0 +1,29 @@ +try: + from urllib.parse import urljoin +except ImportError: + from urlparse import urljoin + + +try: + import cPickle as pickle +except ImportError: + import pickle + + +# Handle the case where the requests module has been patched to not have +# urllib3 bundled as part of its source. +try: + from pip._vendor.requests.packages.urllib3.response import HTTPResponse +except ImportError: + from pip._vendor.urllib3.response import HTTPResponse + +try: + from pip._vendor.requests.packages.urllib3.util import is_fp_closed +except ImportError: + from pip._vendor.urllib3.util import is_fp_closed + +# Replicate some six behaviour +try: + text_type = unicode +except NameError: + text_type = str diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/controller.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/controller.py new file mode 100644 index 000000000..dafe55ca7 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/controller.py @@ -0,0 +1,376 @@ +""" +The httplib2 algorithms ported for use with requests. +""" +import logging +import re +import calendar +import time +from email.utils import parsedate_tz + +from pip._vendor.requests.structures import CaseInsensitiveDict + +from .cache import DictCache +from .serialize import Serializer + + +logger = logging.getLogger(__name__) + +URI = re.compile(r"^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?") + + +def parse_uri(uri): + """Parses a URI using the regex given in Appendix B of RFC 3986. + + (scheme, authority, path, query, fragment) = parse_uri(uri) + """ + groups = URI.match(uri).groups() + return (groups[1], groups[3], groups[4], groups[6], groups[8]) + + +class CacheController(object): + """An interface to see if request should cached or not. + """ + + def __init__( + self, cache=None, cache_etags=True, serializer=None, status_codes=None + ): + self.cache = DictCache() if cache is None else cache + self.cache_etags = cache_etags + self.serializer = serializer or Serializer() + self.cacheable_status_codes = status_codes or (200, 203, 300, 301) + + @classmethod + def _urlnorm(cls, uri): + """Normalize the URL to create a safe key for the cache""" + (scheme, authority, path, query, fragment) = parse_uri(uri) + if not scheme or not authority: + raise Exception("Only absolute URIs are allowed. uri = %s" % uri) + + scheme = scheme.lower() + authority = authority.lower() + + if not path: + path = "/" + + # Could do syntax based normalization of the URI before + # computing the digest. See Section 6.2.2 of Std 66. + request_uri = query and "?".join([path, query]) or path + defrag_uri = scheme + "://" + authority + request_uri + + return defrag_uri + + @classmethod + def cache_url(cls, uri): + return cls._urlnorm(uri) + + def parse_cache_control(self, headers): + known_directives = { + # https://tools.ietf.org/html/rfc7234#section-5.2 + "max-age": (int, True), + "max-stale": (int, False), + "min-fresh": (int, True), + "no-cache": (None, False), + "no-store": (None, False), + "no-transform": (None, False), + "only-if-cached": (None, False), + "must-revalidate": (None, False), + "public": (None, False), + "private": (None, False), + "proxy-revalidate": (None, False), + "s-maxage": (int, True), + } + + cc_headers = headers.get("cache-control", headers.get("Cache-Control", "")) + + retval = {} + + for cc_directive in cc_headers.split(","): + if not cc_directive.strip(): + continue + + parts = cc_directive.split("=", 1) + directive = parts[0].strip() + + try: + typ, required = known_directives[directive] + except KeyError: + logger.debug("Ignoring unknown cache-control directive: %s", directive) + continue + + if not typ or not required: + retval[directive] = None + if typ: + try: + retval[directive] = typ(parts[1].strip()) + except IndexError: + if required: + logger.debug( + "Missing value for cache-control " "directive: %s", + directive, + ) + except ValueError: + logger.debug( + "Invalid value for cache-control directive " "%s, must be %s", + directive, + typ.__name__, + ) + + return retval + + def cached_request(self, request): + """ + Return a cached response if it exists in the cache, otherwise + return False. + """ + cache_url = self.cache_url(request.url) + logger.debug('Looking up "%s" in the cache', cache_url) + cc = self.parse_cache_control(request.headers) + + # Bail out if the request insists on fresh data + if "no-cache" in cc: + logger.debug('Request header has "no-cache", cache bypassed') + return False + + if "max-age" in cc and cc["max-age"] == 0: + logger.debug('Request header has "max_age" as 0, cache bypassed') + return False + + # Request allows serving from the cache, let's see if we find something + cache_data = self.cache.get(cache_url) + if cache_data is None: + logger.debug("No cache entry available") + return False + + # Check whether it can be deserialized + resp = self.serializer.loads(request, cache_data) + if not resp: + logger.warning("Cache entry deserialization failed, entry ignored") + return False + + # If we have a cached 301, return it immediately. We don't + # need to test our response for other headers b/c it is + # intrinsically "cacheable" as it is Permanent. + # See: + # https://tools.ietf.org/html/rfc7231#section-6.4.2 + # + # Client can try to refresh the value by repeating the request + # with cache busting headers as usual (ie no-cache). + if resp.status == 301: + msg = ( + 'Returning cached "301 Moved Permanently" response ' + "(ignoring date and etag information)" + ) + logger.debug(msg) + return resp + + headers = CaseInsensitiveDict(resp.headers) + if not headers or "date" not in headers: + if "etag" not in headers: + # Without date or etag, the cached response can never be used + # and should be deleted. + logger.debug("Purging cached response: no date or etag") + self.cache.delete(cache_url) + logger.debug("Ignoring cached response: no date") + return False + + now = time.time() + date = calendar.timegm(parsedate_tz(headers["date"])) + current_age = max(0, now - date) + logger.debug("Current age based on date: %i", current_age) + + # TODO: There is an assumption that the result will be a + # urllib3 response object. This may not be best since we + # could probably avoid instantiating or constructing the + # response until we know we need it. + resp_cc = self.parse_cache_control(headers) + + # determine freshness + freshness_lifetime = 0 + + # Check the max-age pragma in the cache control header + if "max-age" in resp_cc: + freshness_lifetime = resp_cc["max-age"] + logger.debug("Freshness lifetime from max-age: %i", freshness_lifetime) + + # If there isn't a max-age, check for an expires header + elif "expires" in headers: + expires = parsedate_tz(headers["expires"]) + if expires is not None: + expire_time = calendar.timegm(expires) - date + freshness_lifetime = max(0, expire_time) + logger.debug("Freshness lifetime from expires: %i", freshness_lifetime) + + # Determine if we are setting freshness limit in the + # request. Note, this overrides what was in the response. + if "max-age" in cc: + freshness_lifetime = cc["max-age"] + logger.debug( + "Freshness lifetime from request max-age: %i", freshness_lifetime + ) + + if "min-fresh" in cc: + min_fresh = cc["min-fresh"] + # adjust our current age by our min fresh + current_age += min_fresh + logger.debug("Adjusted current age from min-fresh: %i", current_age) + + # Return entry if it is fresh enough + if freshness_lifetime > current_age: + logger.debug('The response is "fresh", returning cached response') + logger.debug("%i > %i", freshness_lifetime, current_age) + return resp + + # we're not fresh. If we don't have an Etag, clear it out + if "etag" not in headers: + logger.debug('The cached response is "stale" with no etag, purging') + self.cache.delete(cache_url) + + # return the original handler + return False + + def conditional_headers(self, request): + cache_url = self.cache_url(request.url) + resp = self.serializer.loads(request, self.cache.get(cache_url)) + new_headers = {} + + if resp: + headers = CaseInsensitiveDict(resp.headers) + + if "etag" in headers: + new_headers["If-None-Match"] = headers["ETag"] + + if "last-modified" in headers: + new_headers["If-Modified-Since"] = headers["Last-Modified"] + + return new_headers + + def cache_response(self, request, response, body=None, status_codes=None): + """ + Algorithm for caching requests. + + This assumes a requests Response object. + """ + # From httplib2: Don't cache 206's since we aren't going to + # handle byte range requests + cacheable_status_codes = status_codes or self.cacheable_status_codes + if response.status not in cacheable_status_codes: + logger.debug( + "Status code %s not in %s", response.status, cacheable_status_codes + ) + return + + response_headers = CaseInsensitiveDict(response.headers) + + # If we've been given a body, our response has a Content-Length, that + # Content-Length is valid then we can check to see if the body we've + # been given matches the expected size, and if it doesn't we'll just + # skip trying to cache it. + if ( + body is not None + and "content-length" in response_headers + and response_headers["content-length"].isdigit() + and int(response_headers["content-length"]) != len(body) + ): + return + + cc_req = self.parse_cache_control(request.headers) + cc = self.parse_cache_control(response_headers) + + cache_url = self.cache_url(request.url) + logger.debug('Updating cache with response from "%s"', cache_url) + + # Delete it from the cache if we happen to have it stored there + no_store = False + if "no-store" in cc: + no_store = True + logger.debug('Response header has "no-store"') + if "no-store" in cc_req: + no_store = True + logger.debug('Request header has "no-store"') + if no_store and self.cache.get(cache_url): + logger.debug('Purging existing cache entry to honor "no-store"') + self.cache.delete(cache_url) + if no_store: + return + + # https://tools.ietf.org/html/rfc7234#section-4.1: + # A Vary header field-value of "*" always fails to match. + # Storing such a response leads to a deserialization warning + # during cache lookup and is not allowed to ever be served, + # so storing it can be avoided. + if "*" in response_headers.get("vary", ""): + logger.debug('Response header has "Vary: *"') + return + + # If we've been given an etag, then keep the response + if self.cache_etags and "etag" in response_headers: + logger.debug("Caching due to etag") + self.cache.set( + cache_url, self.serializer.dumps(request, response, body=body) + ) + + # Add to the cache any 301s. We do this before looking that + # the Date headers. + elif response.status == 301: + logger.debug("Caching permanant redirect") + self.cache.set(cache_url, self.serializer.dumps(request, response)) + + # Add to the cache if the response headers demand it. If there + # is no date header then we can't do anything about expiring + # the cache. + elif "date" in response_headers: + # cache when there is a max-age > 0 + if "max-age" in cc and cc["max-age"] > 0: + logger.debug("Caching b/c date exists and max-age > 0") + self.cache.set( + cache_url, self.serializer.dumps(request, response, body=body) + ) + + # If the request can expire, it means we should cache it + # in the meantime. + elif "expires" in response_headers: + if response_headers["expires"]: + logger.debug("Caching b/c of expires header") + self.cache.set( + cache_url, self.serializer.dumps(request, response, body=body) + ) + + def update_cached_response(self, request, response): + """On a 304 we will get a new set of headers that we want to + update our cached value with, assuming we have one. + + This should only ever be called when we've sent an ETag and + gotten a 304 as the response. + """ + cache_url = self.cache_url(request.url) + + cached_response = self.serializer.loads(request, self.cache.get(cache_url)) + + if not cached_response: + # we didn't have a cached response + return response + + # Lets update our headers with the headers from the new request: + # http://tools.ietf.org/html/draft-ietf-httpbis-p4-conditional-26#section-4.1 + # + # The server isn't supposed to send headers that would make + # the cached body invalid. But... just in case, we'll be sure + # to strip out ones we know that might be problmatic due to + # typical assumptions. + excluded_headers = ["content-length"] + + cached_response.headers.update( + dict( + (k, v) + for k, v in response.headers.items() + if k.lower() not in excluded_headers + ) + ) + + # we want a 200 b/c we have content via the cache + cached_response.status = 200 + + # update our cache + self.cache.set(cache_url, self.serializer.dumps(request, cached_response)) + + return cached_response diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/filewrapper.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/filewrapper.py new file mode 100644 index 000000000..30ed4c5a6 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/filewrapper.py @@ -0,0 +1,80 @@ +from io import BytesIO + + +class CallbackFileWrapper(object): + """ + Small wrapper around a fp object which will tee everything read into a + buffer, and when that file is closed it will execute a callback with the + contents of that buffer. + + All attributes are proxied to the underlying file object. + + This class uses members with a double underscore (__) leading prefix so as + not to accidentally shadow an attribute. + """ + + def __init__(self, fp, callback): + self.__buf = BytesIO() + self.__fp = fp + self.__callback = callback + + def __getattr__(self, name): + # The vaguaries of garbage collection means that self.__fp is + # not always set. By using __getattribute__ and the private + # name[0] allows looking up the attribute value and raising an + # AttributeError when it doesn't exist. This stop thigns from + # infinitely recursing calls to getattr in the case where + # self.__fp hasn't been set. + # + # [0] https://docs.python.org/2/reference/expressions.html#atom-identifiers + fp = self.__getattribute__("_CallbackFileWrapper__fp") + return getattr(fp, name) + + def __is_fp_closed(self): + try: + return self.__fp.fp is None + + except AttributeError: + pass + + try: + return self.__fp.closed + + except AttributeError: + pass + + # We just don't cache it then. + # TODO: Add some logging here... + return False + + def _close(self): + if self.__callback: + self.__callback(self.__buf.getvalue()) + + # We assign this to None here, because otherwise we can get into + # really tricky problems where the CPython interpreter dead locks + # because the callback is holding a reference to something which + # has a __del__ method. Setting this to None breaks the cycle + # and allows the garbage collector to do it's thing normally. + self.__callback = None + + def read(self, amt=None): + data = self.__fp.read(amt) + self.__buf.write(data) + if self.__is_fp_closed(): + self._close() + + return data + + def _safe_read(self, amt): + data = self.__fp._safe_read(amt) + if amt == 2 and data == b"\r\n": + # urllib executes this read to toss the CRLF at the end + # of the chunk. + return data + + self.__buf.write(data) + if self.__is_fp_closed(): + self._close() + + return data diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/heuristics.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/heuristics.py new file mode 100644 index 000000000..6c0e9790d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/heuristics.py @@ -0,0 +1,135 @@ +import calendar +import time + +from email.utils import formatdate, parsedate, parsedate_tz + +from datetime import datetime, timedelta + +TIME_FMT = "%a, %d %b %Y %H:%M:%S GMT" + + +def expire_after(delta, date=None): + date = date or datetime.utcnow() + return date + delta + + +def datetime_to_header(dt): + return formatdate(calendar.timegm(dt.timetuple())) + + +class BaseHeuristic(object): + + def warning(self, response): + """ + Return a valid 1xx warning header value describing the cache + adjustments. + + The response is provided too allow warnings like 113 + http://tools.ietf.org/html/rfc7234#section-5.5.4 where we need + to explicitly say response is over 24 hours old. + """ + return '110 - "Response is Stale"' + + def update_headers(self, response): + """Update the response headers with any new headers. + + NOTE: This SHOULD always include some Warning header to + signify that the response was cached by the client, not + by way of the provided headers. + """ + return {} + + def apply(self, response): + updated_headers = self.update_headers(response) + + if updated_headers: + response.headers.update(updated_headers) + warning_header_value = self.warning(response) + if warning_header_value is not None: + response.headers.update({"Warning": warning_header_value}) + + return response + + +class OneDayCache(BaseHeuristic): + """ + Cache the response by providing an expires 1 day in the + future. + """ + + def update_headers(self, response): + headers = {} + + if "expires" not in response.headers: + date = parsedate(response.headers["date"]) + expires = expire_after(timedelta(days=1), date=datetime(*date[:6])) + headers["expires"] = datetime_to_header(expires) + headers["cache-control"] = "public" + return headers + + +class ExpiresAfter(BaseHeuristic): + """ + Cache **all** requests for a defined time period. + """ + + def __init__(self, **kw): + self.delta = timedelta(**kw) + + def update_headers(self, response): + expires = expire_after(self.delta) + return {"expires": datetime_to_header(expires), "cache-control": "public"} + + def warning(self, response): + tmpl = "110 - Automatically cached for %s. Response might be stale" + return tmpl % self.delta + + +class LastModified(BaseHeuristic): + """ + If there is no Expires header already, fall back on Last-Modified + using the heuristic from + http://tools.ietf.org/html/rfc7234#section-4.2.2 + to calculate a reasonable value. + + Firefox also does something like this per + https://developer.mozilla.org/en-US/docs/Web/HTTP/Caching_FAQ + http://lxr.mozilla.org/mozilla-release/source/netwerk/protocol/http/nsHttpResponseHead.cpp#397 + Unlike mozilla we limit this to 24-hr. + """ + cacheable_by_default_statuses = { + 200, 203, 204, 206, 300, 301, 404, 405, 410, 414, 501 + } + + def update_headers(self, resp): + headers = resp.headers + + if "expires" in headers: + return {} + + if "cache-control" in headers and headers["cache-control"] != "public": + return {} + + if resp.status not in self.cacheable_by_default_statuses: + return {} + + if "date" not in headers or "last-modified" not in headers: + return {} + + date = calendar.timegm(parsedate_tz(headers["date"])) + last_modified = parsedate(headers["last-modified"]) + if date is None or last_modified is None: + return {} + + now = time.time() + current_age = max(0, now - date) + delta = date - calendar.timegm(last_modified) + freshness_lifetime = max(0, min(delta / 10, 24 * 3600)) + if freshness_lifetime <= current_age: + return {} + + expires = date + freshness_lifetime + return {"expires": time.strftime(TIME_FMT, time.gmtime(expires))} + + def warning(self, resp): + return None diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/serialize.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/serialize.py new file mode 100644 index 000000000..3b6ec2de1 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/serialize.py @@ -0,0 +1,188 @@ +import base64 +import io +import json +import zlib + +from pip._vendor import msgpack +from pip._vendor.requests.structures import CaseInsensitiveDict + +from .compat import HTTPResponse, pickle, text_type + + +def _b64_decode_bytes(b): + return base64.b64decode(b.encode("ascii")) + + +def _b64_decode_str(s): + return _b64_decode_bytes(s).decode("utf8") + + +class Serializer(object): + + def dumps(self, request, response, body=None): + response_headers = CaseInsensitiveDict(response.headers) + + if body is None: + body = response.read(decode_content=False) + + # NOTE: 99% sure this is dead code. I'm only leaving it + # here b/c I don't have a test yet to prove + # it. Basically, before using + # `cachecontrol.filewrapper.CallbackFileWrapper`, + # this made an effort to reset the file handle. The + # `CallbackFileWrapper` short circuits this code by + # setting the body as the content is consumed, the + # result being a `body` argument is *always* passed + # into cache_response, and in turn, + # `Serializer.dump`. + response._fp = io.BytesIO(body) + + # NOTE: This is all a bit weird, but it's really important that on + # Python 2.x these objects are unicode and not str, even when + # they contain only ascii. The problem here is that msgpack + # understands the difference between unicode and bytes and we + # have it set to differentiate between them, however Python 2 + # doesn't know the difference. Forcing these to unicode will be + # enough to have msgpack know the difference. + data = { + u"response": { + u"body": body, + u"headers": dict( + (text_type(k), text_type(v)) for k, v in response.headers.items() + ), + u"status": response.status, + u"version": response.version, + u"reason": text_type(response.reason), + u"strict": response.strict, + u"decode_content": response.decode_content, + } + } + + # Construct our vary headers + data[u"vary"] = {} + if u"vary" in response_headers: + varied_headers = response_headers[u"vary"].split(",") + for header in varied_headers: + header = text_type(header).strip() + header_value = request.headers.get(header, None) + if header_value is not None: + header_value = text_type(header_value) + data[u"vary"][header] = header_value + + return b",".join([b"cc=4", msgpack.dumps(data, use_bin_type=True)]) + + def loads(self, request, data): + # Short circuit if we've been given an empty set of data + if not data: + return + + # Determine what version of the serializer the data was serialized + # with + try: + ver, data = data.split(b",", 1) + except ValueError: + ver = b"cc=0" + + # Make sure that our "ver" is actually a version and isn't a false + # positive from a , being in the data stream. + if ver[:3] != b"cc=": + data = ver + data + ver = b"cc=0" + + # Get the version number out of the cc=N + ver = ver.split(b"=", 1)[-1].decode("ascii") + + # Dispatch to the actual load method for the given version + try: + return getattr(self, "_loads_v{}".format(ver))(request, data) + + except AttributeError: + # This is a version we don't have a loads function for, so we'll + # just treat it as a miss and return None + return + + def prepare_response(self, request, cached): + """Verify our vary headers match and construct a real urllib3 + HTTPResponse object. + """ + # Special case the '*' Vary value as it means we cannot actually + # determine if the cached response is suitable for this request. + # This case is also handled in the controller code when creating + # a cache entry, but is left here for backwards compatibility. + if "*" in cached.get("vary", {}): + return + + # Ensure that the Vary headers for the cached response match our + # request + for header, value in cached.get("vary", {}).items(): + if request.headers.get(header, None) != value: + return + + body_raw = cached["response"].pop("body") + + headers = CaseInsensitiveDict(data=cached["response"]["headers"]) + if headers.get("transfer-encoding", "") == "chunked": + headers.pop("transfer-encoding") + + cached["response"]["headers"] = headers + + try: + body = io.BytesIO(body_raw) + except TypeError: + # This can happen if cachecontrol serialized to v1 format (pickle) + # using Python 2. A Python 2 str(byte string) will be unpickled as + # a Python 3 str (unicode string), which will cause the above to + # fail with: + # + # TypeError: 'str' does not support the buffer interface + body = io.BytesIO(body_raw.encode("utf8")) + + return HTTPResponse(body=body, preload_content=False, **cached["response"]) + + def _loads_v0(self, request, data): + # The original legacy cache data. This doesn't contain enough + # information to construct everything we need, so we'll treat this as + # a miss. + return + + def _loads_v1(self, request, data): + try: + cached = pickle.loads(data) + except ValueError: + return + + return self.prepare_response(request, cached) + + def _loads_v2(self, request, data): + try: + cached = json.loads(zlib.decompress(data).decode("utf8")) + except (ValueError, zlib.error): + return + + # We need to decode the items that we've base64 encoded + cached["response"]["body"] = _b64_decode_bytes(cached["response"]["body"]) + cached["response"]["headers"] = dict( + (_b64_decode_str(k), _b64_decode_str(v)) + for k, v in cached["response"]["headers"].items() + ) + cached["response"]["reason"] = _b64_decode_str(cached["response"]["reason"]) + cached["vary"] = dict( + (_b64_decode_str(k), _b64_decode_str(v) if v is not None else v) + for k, v in cached["vary"].items() + ) + + return self.prepare_response(request, cached) + + def _loads_v3(self, request, data): + # Due to Python 2 encoding issues, it's impossible to know for sure + # exactly how to load v3 entries, thus we'll treat these as a miss so + # that they get rewritten out as v4 entries. + return + + def _loads_v4(self, request, data): + try: + cached = msgpack.loads(data, raw=False) + except ValueError: + return + + return self.prepare_response(request, cached) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/wrapper.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/wrapper.py new file mode 100644 index 000000000..d8e6fc6a9 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/cachecontrol/wrapper.py @@ -0,0 +1,29 @@ +from .adapter import CacheControlAdapter +from .cache import DictCache + + +def CacheControl( + sess, + cache=None, + cache_etags=True, + serializer=None, + heuristic=None, + controller_class=None, + adapter_class=None, + cacheable_methods=None, +): + + cache = DictCache() if cache is None else cache + adapter_class = adapter_class or CacheControlAdapter + adapter = adapter_class( + cache, + cache_etags=cache_etags, + serializer=serializer, + heuristic=heuristic, + controller_class=controller_class, + cacheable_methods=cacheable_methods, + ) + sess.mount("http://", adapter) + sess.mount("https://", adapter) + + return sess diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/__init__.py new file mode 100644 index 000000000..eebdf8886 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/__init__.py @@ -0,0 +1,3 @@ +from .core import contents, where + +__version__ = "2021.05.30" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/__main__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/__main__.py new file mode 100644 index 000000000..00376349e --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/__main__.py @@ -0,0 +1,12 @@ +import argparse + +from pip._vendor.certifi import contents, where + +parser = argparse.ArgumentParser() +parser.add_argument("-c", "--contents", action="store_true") +args = parser.parse_args() + +if args.contents: + print(contents()) +else: + print(where()) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/cacert.pem b/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/cacert.pem new file mode 100644 index 000000000..96e2fc65a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/cacert.pem @@ -0,0 +1,4257 @@ + +# Issuer: CN=GlobalSign Root CA O=GlobalSign nv-sa OU=Root CA +# Subject: CN=GlobalSign Root CA O=GlobalSign nv-sa OU=Root CA +# Label: "GlobalSign Root CA" +# Serial: 4835703278459707669005204 +# MD5 Fingerprint: 3e:45:52:15:09:51:92:e1:b7:5d:37:9f:b1:87:29:8a +# SHA1 Fingerprint: b1:bc:96:8b:d4:f4:9d:62:2a:a8:9a:81:f2:15:01:52:a4:1d:82:9c +# SHA256 Fingerprint: eb:d4:10:40:e4:bb:3e:c7:42:c9:e3:81:d3:1e:f2:a4:1a:48:b6:68:5c:96:e7:ce:f3:c1:df:6c:d4:33:1c:99 +-----BEGIN CERTIFICATE----- +MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG +A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv +b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw +MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i +YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT +aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ +jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp +xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp +1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG +snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ +U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8 +9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B +AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz +yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE +38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP +AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad +DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME +HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== +-----END CERTIFICATE----- + +# Issuer: CN=GlobalSign O=GlobalSign OU=GlobalSign Root CA - R2 +# Subject: CN=GlobalSign O=GlobalSign OU=GlobalSign Root CA - R2 +# Label: "GlobalSign Root CA - R2" +# Serial: 4835703278459682885658125 +# MD5 Fingerprint: 94:14:77:7e:3e:5e:fd:8f:30:bd:41:b0:cf:e7:d0:30 +# SHA1 Fingerprint: 75:e0:ab:b6:13:85:12:27:1c:04:f8:5f:dd:de:38:e4:b7:24:2e:fe +# SHA256 Fingerprint: ca:42:dd:41:74:5f:d0:b8:1e:b9:02:36:2c:f9:d8:bf:71:9d:a1:bd:1b:1e:fc:94:6f:5b:4c:99:f4:2c:1b:9e +-----BEGIN CERTIFICATE----- +MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G +A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp +Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1 +MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG +A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL +v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8 +eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq +tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd +C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa +zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB +mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH +V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n +bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG +3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs +J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO +291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS +ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd +AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7 +TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== +-----END CERTIFICATE----- + +# Issuer: CN=Entrust.net Certification Authority (2048) O=Entrust.net OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)/(c) 1999 Entrust.net Limited +# Subject: CN=Entrust.net Certification Authority (2048) O=Entrust.net OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)/(c) 1999 Entrust.net Limited +# Label: "Entrust.net Premium 2048 Secure Server CA" +# Serial: 946069240 +# MD5 Fingerprint: ee:29:31:bc:32:7e:9a:e6:e8:b5:f7:51:b4:34:71:90 +# SHA1 Fingerprint: 50:30:06:09:1d:97:d4:f5:ae:39:f7:cb:e7:92:7d:7d:65:2d:34:31 +# SHA256 Fingerprint: 6d:c4:71:72:e0:1c:bc:b0:bf:62:58:0d:89:5f:e2:b8:ac:9a:d4:f8:73:80:1e:0c:10:b9:c8:37:d2:1e:b1:77 +-----BEGIN CERTIFICATE----- +MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML +RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp +bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5 +IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp +ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0yOTA3 +MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3 +LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp +YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG +A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq +K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe +sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX +MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT +XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/ +HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH +4QIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV +HQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJKoZIhvcNAQEFBQADggEBADub +j1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPyT/4xmf3IDExo +U8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf +zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5b +u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+ +bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er +fF6adulZkMV8gzURZVE= +-----END CERTIFICATE----- + +# Issuer: CN=Baltimore CyberTrust Root O=Baltimore OU=CyberTrust +# Subject: CN=Baltimore CyberTrust Root O=Baltimore OU=CyberTrust +# Label: "Baltimore CyberTrust Root" +# Serial: 33554617 +# MD5 Fingerprint: ac:b6:94:a5:9c:17:e0:d7:91:52:9b:b1:97:06:a6:e4 +# SHA1 Fingerprint: d4:de:20:d0:5e:66:fc:53:fe:1a:50:88:2c:78:db:28:52:ca:e4:74 +# SHA256 Fingerprint: 16:af:57:a9:f6:76:b0:ab:12:60:95:aa:5e:ba:de:f2:2a:b3:11:19:d6:44:ac:95:cd:4b:93:db:f3:f2:6a:eb +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ +RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD +VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX +DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y +ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy +VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr +mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr +IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK +mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu +XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy +dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye +jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1 +BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3 +DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92 +9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx +jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0 +Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz +ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS +R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp +-----END CERTIFICATE----- + +# Issuer: CN=Entrust Root Certification Authority O=Entrust, Inc. OU=www.entrust.net/CPS is incorporated by reference/(c) 2006 Entrust, Inc. +# Subject: CN=Entrust Root Certification Authority O=Entrust, Inc. OU=www.entrust.net/CPS is incorporated by reference/(c) 2006 Entrust, Inc. +# Label: "Entrust Root Certification Authority" +# Serial: 1164660820 +# MD5 Fingerprint: d6:a5:c3:ed:5d:dd:3e:00:c1:3d:87:92:1f:1d:3f:e4 +# SHA1 Fingerprint: b3:1e:b1:b7:40:e3:6c:84:02:da:dc:37:d4:4d:f5:d4:67:49:52:f9 +# SHA256 Fingerprint: 73:c1:76:43:4f:1b:c6:d5:ad:f4:5b:0e:76:e7:27:28:7c:8d:e5:76:16:c1:e6:e6:14:1a:2b:2c:bc:7d:8e:4c +-----BEGIN CERTIFICATE----- +MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC +VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 +Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW +KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl +cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0MloXDTI2MTEyNzIw +NTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw +NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSBy +ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNV +BAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBALaVtkNC+sZtKm9I35RMOVcF7sN5EUFo +Nu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYszA9u3g3s+IIRe7bJWKKf4 +4LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOwwCj0Yzfv9 +KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGI +rb68j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi +94DkZfs0Nw4pgHBNrziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOB +sDCBrTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAi +gA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1MzQyWjAfBgNVHSMEGDAWgBRo +kORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DHhmak8fdLQ/uE +vW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA +A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9t +O1KzKtvn1ISMY/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6Zua +AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP +9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTSW3iDVuycNsMm4hH2Z0kdkquM++v/ +eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m +0vdXcDazv/wor3ElhVsT/h5/WrQ8 +-----END CERTIFICATE----- + +# Issuer: CN=AAA Certificate Services O=Comodo CA Limited +# Subject: CN=AAA Certificate Services O=Comodo CA Limited +# Label: "Comodo AAA Services root" +# Serial: 1 +# MD5 Fingerprint: 49:79:04:b0:eb:87:19:ac:47:b0:bc:11:51:9b:74:d0 +# SHA1 Fingerprint: d1:eb:23:a4:6d:17:d6:8f:d9:25:64:c2:f1:f1:60:17:64:d8:e3:49 +# SHA256 Fingerprint: d7:a7:a0:fb:5d:7e:27:31:d7:71:e9:48:4e:bc:de:f7:1d:5f:0c:3e:0a:29:48:78:2b:c8:3e:e0:ea:69:9e:f4 +-----BEGIN CERTIFICATE----- +MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb +MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow +GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj +YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL +MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE +BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM +GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua +BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe +3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4 +YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR +rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm +ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU +oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF +MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v +QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t +b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF +AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q +GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz +Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2 +G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi +l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3 +smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== +-----END CERTIFICATE----- + +# Issuer: CN=QuoVadis Root CA 2 O=QuoVadis Limited +# Subject: CN=QuoVadis Root CA 2 O=QuoVadis Limited +# Label: "QuoVadis Root CA 2" +# Serial: 1289 +# MD5 Fingerprint: 5e:39:7b:dd:f8:ba:ec:82:e9:ac:62:ba:0c:54:00:2b +# SHA1 Fingerprint: ca:3a:fb:cf:12:40:36:4b:44:b2:16:20:88:80:48:39:19:93:7c:f7 +# SHA256 Fingerprint: 85:a0:dd:7d:d7:20:ad:b7:ff:05:f8:3d:54:2b:20:9d:c7:ff:45:28:f7:d6:77:b1:83:89:fe:a5:e5:c4:9e:86 +-----BEGIN CERTIFICATE----- +MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x +GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv +b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV +BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W +YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa +GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg +Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J +WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB +rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp ++ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1 +ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i +Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz +PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og +/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH +oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI +yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud +EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2 +A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL +MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT +ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f +BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn +g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl +fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K +WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha +B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc +hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR +TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD +mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z +ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y +4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza +8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u +-----END CERTIFICATE----- + +# Issuer: CN=QuoVadis Root CA 3 O=QuoVadis Limited +# Subject: CN=QuoVadis Root CA 3 O=QuoVadis Limited +# Label: "QuoVadis Root CA 3" +# Serial: 1478 +# MD5 Fingerprint: 31:85:3c:62:94:97:63:b9:aa:fd:89:4e:af:6f:e0:cf +# SHA1 Fingerprint: 1f:49:14:f7:d8:74:95:1d:dd:ae:02:c0:be:fd:3a:2d:82:75:51:85 +# SHA256 Fingerprint: 18:f1:fc:7f:20:5d:f8:ad:dd:eb:7f:e0:07:dd:57:e3:af:37:5a:9c:4d:8d:73:54:6b:f4:f1:fe:d1:e1:8d:35 +-----BEGIN CERTIFICATE----- +MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x +GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv +b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV +BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W +YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM +V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB +4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr +H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd +8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv +vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT +mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe +btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc +T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt +WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ +c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A +4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD +VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG +CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0 +aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 +aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu +dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw +czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G +A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC +TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg +Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0 +7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem +d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd ++LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B +4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN +t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x +DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57 +k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s +zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j +Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT +mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK +4SVhM7JZG+Ju1zdXtg2pEto= +-----END CERTIFICATE----- + +# Issuer: O=SECOM Trust.net OU=Security Communication RootCA1 +# Subject: O=SECOM Trust.net OU=Security Communication RootCA1 +# Label: "Security Communication Root CA" +# Serial: 0 +# MD5 Fingerprint: f1:bc:63:6a:54:e0:b5:27:f5:cd:e7:1a:e3:4d:6e:4a +# SHA1 Fingerprint: 36:b1:2b:49:f9:81:9e:d7:4c:9e:bc:38:0f:c6:56:8f:5d:ac:b2:f7 +# SHA256 Fingerprint: e7:5e:72:ed:9f:56:0e:ec:6e:b4:80:00:73:a4:3f:c3:ad:19:19:5a:39:22:82:01:78:95:97:4a:99:02:6b:6c +-----BEGIN CERTIFICATE----- +MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY +MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t +dW5pY2F0aW9uIFJvb3RDQTEwHhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5 +WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYD +VQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw8yl8 +9f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJ +DKaVv0uMDPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9 +Ms+k2Y7CI9eNqPPYJayX5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/N +QV3Is00qVUarH9oe4kA92819uZKAnDfdDJZkndwi92SL32HeFZRSFaB9UslLqCHJ +xrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2JChzAgMBAAGjPzA9MB0G +A1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYwDwYDVR0T +AQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vG +kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr +Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5 +Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU +JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot +RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw== +-----END CERTIFICATE----- + +# Issuer: CN=XRamp Global Certification Authority O=XRamp Security Services Inc OU=www.xrampsecurity.com +# Subject: CN=XRamp Global Certification Authority O=XRamp Security Services Inc OU=www.xrampsecurity.com +# Label: "XRamp Global CA Root" +# Serial: 107108908803651509692980124233745014957 +# MD5 Fingerprint: a1:0b:44:b3:ca:10:d8:00:6e:9d:0f:d8:0f:92:0a:d1 +# SHA1 Fingerprint: b8:01:86:d1:eb:9c:86:a5:41:04:cf:30:54:f3:4c:52:b7:e5:58:c6 +# SHA256 Fingerprint: ce:cd:dc:90:50:99:d8:da:df:c5:b1:d2:09:b7:37:cb:e2:c1:8c:fb:2c:10:c0:ff:0b:cf:0d:32:86:fc:1a:a2 +-----BEGIN CERTIFICATE----- +MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB +gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk +MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY +UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx +NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3 +dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy +dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6 +38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP +KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q +DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4 +qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa +JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi +PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P +BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs +jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0 +eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD +ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR +vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt +qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa +IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy +i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ +O+7ETPTsJ3xCwnR8gooJybQDJbw= +-----END CERTIFICATE----- + +# Issuer: O=The Go Daddy Group, Inc. OU=Go Daddy Class 2 Certification Authority +# Subject: O=The Go Daddy Group, Inc. OU=Go Daddy Class 2 Certification Authority +# Label: "Go Daddy Class 2 CA" +# Serial: 0 +# MD5 Fingerprint: 91:de:06:25:ab:da:fd:32:17:0c:bb:25:17:2a:84:67 +# SHA1 Fingerprint: 27:96:ba:e6:3f:18:01:e2:77:26:1b:a0:d7:77:70:02:8f:20:ee:e4 +# SHA256 Fingerprint: c3:84:6b:f2:4b:9e:93:ca:64:27:4c:0e:c6:7c:1e:cc:5e:02:4f:fc:ac:d2:d7:40:19:35:0e:81:fe:54:6a:e4 +-----BEGIN CERTIFICATE----- +MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh +MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE +YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3 +MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo +ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg +MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN +ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA +PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w +wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi +EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY +avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+ +YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE +sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h +/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5 +IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj +YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD +ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy +OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P +TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ +HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER +dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf +ReYNnyicsbkqWletNw+vHX/bvZ8= +-----END CERTIFICATE----- + +# Issuer: O=Starfield Technologies, Inc. OU=Starfield Class 2 Certification Authority +# Subject: O=Starfield Technologies, Inc. OU=Starfield Class 2 Certification Authority +# Label: "Starfield Class 2 CA" +# Serial: 0 +# MD5 Fingerprint: 32:4a:4b:bb:c8:63:69:9b:be:74:9a:c6:dd:1d:46:24 +# SHA1 Fingerprint: ad:7e:1c:28:b0:64:ef:8f:60:03:40:20:14:c3:d0:e3:37:0e:b5:8a +# SHA256 Fingerprint: 14:65:fa:20:53:97:b8:76:fa:a6:f0:a9:95:8e:55:90:e4:0f:cc:7f:aa:4f:b7:c2:c8:67:75:21:fb:5f:b6:58 +-----BEGIN CERTIFICATE----- +MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl +MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp +U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw +NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE +ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp +ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3 +DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf +8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN ++lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0 +X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa +K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA +1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G +A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR +zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0 +YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD +bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w +DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3 +L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D +eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl +xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp +VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY +WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q= +-----END CERTIFICATE----- + +# Issuer: CN=DigiCert Assured ID Root CA O=DigiCert Inc OU=www.digicert.com +# Subject: CN=DigiCert Assured ID Root CA O=DigiCert Inc OU=www.digicert.com +# Label: "DigiCert Assured ID Root CA" +# Serial: 17154717934120587862167794914071425081 +# MD5 Fingerprint: 87:ce:0b:7b:2a:0e:49:00:e1:58:71:9b:37:a8:93:72 +# SHA1 Fingerprint: 05:63:b8:63:0d:62:d7:5a:bb:c8:ab:1e:4b:df:b5:a8:99:b2:4d:43 +# SHA256 Fingerprint: 3e:90:99:b5:01:5e:8f:48:6c:00:bc:ea:9d:11:1e:e7:21:fa:ba:35:5a:89:bc:f1:df:69:56:1e:3d:c6:32:5c +-----BEGIN CERTIFICATE----- +MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv +b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl +cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7c +JpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYP +mDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+ +wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4 +VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/ +AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMB +AAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW +BBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun +pyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRC +dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf +fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm +NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx +H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe ++o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g== +-----END CERTIFICATE----- + +# Issuer: CN=DigiCert Global Root CA O=DigiCert Inc OU=www.digicert.com +# Subject: CN=DigiCert Global Root CA O=DigiCert Inc OU=www.digicert.com +# Label: "DigiCert Global Root CA" +# Serial: 10944719598952040374951832963794454346 +# MD5 Fingerprint: 79:e4:a9:84:0d:7d:3a:96:d7:c0:4f:e2:43:4c:89:2e +# SHA1 Fingerprint: a8:98:5d:3a:65:e5:e5:c4:b2:d7:d6:6d:40:c6:dd:2f:b1:9c:54:36 +# SHA256 Fingerprint: 43:48:a0:e9:44:4c:78:cb:26:5e:05:8d:5e:89:44:b4:d8:4f:96:62:bd:26:db:25:7f:89:34:a4:43:c7:01:61 +-----BEGIN CERTIFICATE----- +MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD +QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB +CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97 +nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt +43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P +T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4 +gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO +BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR +TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw +DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr +hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg +06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF +PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls +YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk +CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= +-----END CERTIFICATE----- + +# Issuer: CN=DigiCert High Assurance EV Root CA O=DigiCert Inc OU=www.digicert.com +# Subject: CN=DigiCert High Assurance EV Root CA O=DigiCert Inc OU=www.digicert.com +# Label: "DigiCert High Assurance EV Root CA" +# Serial: 3553400076410547919724730734378100087 +# MD5 Fingerprint: d4:74:de:57:5c:39:b2:d3:9c:85:83:c5:c0:65:49:8a +# SHA1 Fingerprint: 5f:b7:ee:06:33:e2:59:db:ad:0c:4c:9a:e6:d3:8f:1a:61:c7:dc:25 +# SHA256 Fingerprint: 74:31:e5:f4:c3:c1:ce:46:90:77:4f:0b:61:e0:54:40:88:3b:a9:a0:1e:d0:0b:a6:ab:d7:80:6e:d3:b1:18:cf +-----BEGIN CERTIFICATE----- +MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j +ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL +MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3 +LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug +RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm ++9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW +PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM +xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB +Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3 +hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg +EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA +FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec +nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z +eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF +hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2 +Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe +vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep ++OkuE6N36B9K +-----END CERTIFICATE----- + +# Issuer: CN=DST Root CA X3 O=Digital Signature Trust Co. +# Subject: CN=DST Root CA X3 O=Digital Signature Trust Co. +# Label: "DST Root CA X3" +# Serial: 91299735575339953335919266965803778155 +# MD5 Fingerprint: 41:03:52:dc:0f:f7:50:1b:16:f0:02:8e:ba:6f:45:c5 +# SHA1 Fingerprint: da:c9:02:4f:54:d8:f6:df:94:93:5f:b1:73:26:38:ca:6a:d7:7c:13 +# SHA256 Fingerprint: 06:87:26:03:31:a7:24:03:d9:09:f1:05:e6:9b:cf:0d:32:e1:bd:24:93:ff:c6:d9:20:6d:11:bc:d6:77:07:39 +-----BEGIN CERTIFICATE----- +MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ +MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT +DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow +PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD +Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O +rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq +OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b +xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw +7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD +aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV +HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG +SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 +ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr +AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz +R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 +JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo +Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ +-----END CERTIFICATE----- + +# Issuer: CN=SwissSign Gold CA - G2 O=SwissSign AG +# Subject: CN=SwissSign Gold CA - G2 O=SwissSign AG +# Label: "SwissSign Gold CA - G2" +# Serial: 13492815561806991280 +# MD5 Fingerprint: 24:77:d9:a8:91:d1:3b:fa:88:2d:c2:ff:f8:cd:33:93 +# SHA1 Fingerprint: d8:c5:38:8a:b7:30:1b:1b:6e:d4:7a:e6:45:25:3a:6f:9f:1a:27:61 +# SHA256 Fingerprint: 62:dd:0b:e9:b9:f5:0a:16:3e:a0:f8:e7:5c:05:3b:1e:ca:57:ea:55:c8:68:8f:64:7c:68:81:f2:c8:35:7b:95 +-----BEGIN CERTIFICATE----- +MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV +BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln +biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF +MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT +d2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8 +76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+ +bbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c +6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE +emA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd +MmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt +MDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y +MszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y +FGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi +aG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM +gI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB +qTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7 +lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn +8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov +L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6 +45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO +UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5 +O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC +bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv +GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a +77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC +hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3 +92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp +Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w +ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt +Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ +-----END CERTIFICATE----- + +# Issuer: CN=SwissSign Silver CA - G2 O=SwissSign AG +# Subject: CN=SwissSign Silver CA - G2 O=SwissSign AG +# Label: "SwissSign Silver CA - G2" +# Serial: 5700383053117599563 +# MD5 Fingerprint: e0:06:a1:c9:7d:cf:c9:fc:0d:c0:56:75:96:d8:62:13 +# SHA1 Fingerprint: 9b:aa:e5:9f:56:ee:21:cb:43:5a:be:25:93:df:a7:f0:40:d1:1d:cb +# SHA256 Fingerprint: be:6c:4d:a2:bb:b9:ba:59:b6:f3:93:97:68:37:42:46:c3:c0:05:99:3f:a9:8f:02:0d:1d:ed:be:d4:8a:81:d5 +-----BEGIN CERTIFICATE----- +MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE +BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu +IFNpbHZlciBDQSAtIEcyMB4XDTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0Nlow +RzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMY +U3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A +MIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644N0Mv +Fz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7br +YT7QbNHm+/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieF +nbAVlDLaYQ1HTWBCrpJH6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH +6ATK72oxh9TAtvmUcXtnZLi2kUpCe2UuMGoM9ZDulebyzYLs2aFK7PayS+VFheZt +eJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5hqAaEuSh6XzjZG6k4sIN/ +c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5FZGkECwJ +MoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRH +HTBsROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTf +jNFusB3hB48IHpmccelM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb6 +5i/4z3GcRm25xBWNOHkDRUjvxF3XCO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOB +rDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU +F6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRBtjpbO8tFnb0c +wpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0 +cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIB +AHPGgeAn0i0P4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShp +WJHckRE1qTodvBqlYJ7YH39FkWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9 +xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L3XWgwF15kIwb4FDm3jH+mHtwX6WQ +2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx/uNncqCxv1yL5PqZ +IseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFaDGi8 +aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2X +em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR +dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/ +OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+ +hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy +tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u +-----END CERTIFICATE----- + +# Issuer: CN=SecureTrust CA O=SecureTrust Corporation +# Subject: CN=SecureTrust CA O=SecureTrust Corporation +# Label: "SecureTrust CA" +# Serial: 17199774589125277788362757014266862032 +# MD5 Fingerprint: dc:32:c3:a7:6d:25:57:c7:68:09:9d:ea:2d:a9:a2:d1 +# SHA1 Fingerprint: 87:82:c6:c3:04:35:3b:cf:d2:96:92:d2:59:3e:7d:44:d9:34:ff:11 +# SHA256 Fingerprint: f1:c1:b5:0a:e5:a2:0d:d8:03:0e:c9:f6:bc:24:82:3d:d3:67:b5:25:57:59:b4:e7:1b:61:fc:e9:f7:37:5d:73 +-----BEGIN CERTIFICATE----- +MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI +MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x +FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIz +MTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENv +cnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQXOZEz +Zum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO +0gMdA+9tDWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIao +wW8xQmxSPmjL8xk037uHGFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj +7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b01k/unK8RCSc43Oz969XL0Imnal0ugBS +8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmHursCAwEAAaOBnTCBmjAT +BgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB +/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCeg +JYYjaHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGC +NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3 +6Z3q059c4EVlew3KW+JwULKUBRSuSceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/ +3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm +D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS +CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR +3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE= +-----END CERTIFICATE----- + +# Issuer: CN=Secure Global CA O=SecureTrust Corporation +# Subject: CN=Secure Global CA O=SecureTrust Corporation +# Label: "Secure Global CA" +# Serial: 9751836167731051554232119481456978597 +# MD5 Fingerprint: cf:f4:27:0d:d4:ed:dc:65:16:49:6d:3d:da:bf:6e:de +# SHA1 Fingerprint: 3a:44:73:5a:e5:81:90:1f:24:86:61:46:1e:3b:9c:c4:5f:f5:3a:1b +# SHA256 Fingerprint: 42:00:f5:04:3a:c8:59:0e:bb:52:7d:20:9e:d1:50:30:29:fb:cb:d4:1c:a1:b5:06:ec:27:f1:5a:de:7d:ac:69 +-----BEGIN CERTIFICATE----- +MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK +MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x +GTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkx +MjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3Qg +Q29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJ +iQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa +/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJ +jnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnI +HmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7 +sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0w +gZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCsw +KaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsG +AQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0L +URYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXO +H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm +I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY +iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc +f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW +-----END CERTIFICATE----- + +# Issuer: CN=COMODO Certification Authority O=COMODO CA Limited +# Subject: CN=COMODO Certification Authority O=COMODO CA Limited +# Label: "COMODO Certification Authority" +# Serial: 104350513648249232941998508985834464573 +# MD5 Fingerprint: 5c:48:dc:f7:42:72:ec:56:94:6d:1c:cc:71:35:80:75 +# SHA1 Fingerprint: 66:31:bf:9e:f7:4f:9e:b6:c9:d5:a6:0c:ba:6a:be:d1:f7:bd:ef:7b +# SHA256 Fingerprint: 0c:2c:d6:3d:f7:80:6f:a3:99:ed:e8:09:11:6b:57:5b:f8:79:89:f0:65:18:f9:80:8c:86:05:03:17:8b:af:66 +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB +gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G +A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV +BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw +MDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl +YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P +RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0 +aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3 +UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI +2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8 +Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp ++2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+ +DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O +nKVIrLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW +/zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6g +PKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9u +QXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAPpiem/Yb6dc5t3iuHXIY +SdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CPOGEIqB6BCsAv +IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/ +RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4 +zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd +BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB +ZQ== +-----END CERTIFICATE----- + +# Issuer: CN=Network Solutions Certificate Authority O=Network Solutions L.L.C. +# Subject: CN=Network Solutions Certificate Authority O=Network Solutions L.L.C. +# Label: "Network Solutions Certificate Authority" +# Serial: 116697915152937497490437556386812487904 +# MD5 Fingerprint: d3:f3:a6:16:c0:fa:6b:1d:59:b1:2d:96:4d:0e:11:2e +# SHA1 Fingerprint: 74:f8:a3:c3:ef:e7:b3:90:06:4b:83:90:3c:21:64:60:20:e5:df:ce +# SHA256 Fingerprint: 15:f0:ba:00:a3:ac:7a:f3:ac:88:4c:07:2b:10:11:a0:77:bd:77:c0:97:f4:01:64:b2:f8:59:8a:bd:83:86:0c +-----BEGIN CERTIFICATE----- +MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi +MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu +MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3Jp +dHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJV +UzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydO +ZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwz +c7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPP +OCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rl +mGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnF +BgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4 +qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcw +gZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIB +BjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwu +bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3Jp +dHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc8 +6fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/ +h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH +/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv +wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN +pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey +-----END CERTIFICATE----- + +# Issuer: CN=COMODO ECC Certification Authority O=COMODO CA Limited +# Subject: CN=COMODO ECC Certification Authority O=COMODO CA Limited +# Label: "COMODO ECC Certification Authority" +# Serial: 41578283867086692638256921589707938090 +# MD5 Fingerprint: 7c:62:ff:74:9d:31:53:5e:68:4a:d5:78:aa:1e:bf:23 +# SHA1 Fingerprint: 9f:74:4e:9f:2b:4d:ba:ec:0f:31:2c:50:b6:56:3b:8e:2d:93:c3:11 +# SHA256 Fingerprint: 17:93:92:7a:06:14:54:97:89:ad:ce:2f:8f:34:f7:f0:b6:6d:0f:3a:e3:a3:b8:4d:21:ec:15:db:ba:4f:ad:c7 +-----BEGIN CERTIFICATE----- +MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL +MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE +BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT +IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwMzA2MDAw +MDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy +ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N +T0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSR +FtSrYpn1PlILBs5BAH+X4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0J +cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW +BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ +BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm +fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv +GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY= +-----END CERTIFICATE----- + +# Issuer: CN=Certigna O=Dhimyotis +# Subject: CN=Certigna O=Dhimyotis +# Label: "Certigna" +# Serial: 18364802974209362175 +# MD5 Fingerprint: ab:57:a6:5b:7d:42:82:19:b5:d8:58:26:28:5e:fd:ff +# SHA1 Fingerprint: b1:2e:13:63:45:86:a4:6f:1a:b2:60:68:37:58:2d:c4:ac:fd:94:97 +# SHA256 Fingerprint: e3:b6:a2:db:2e:d7:ce:48:84:2f:7a:c5:32:41:c7:b7:1d:54:14:4b:fb:40:c1:1f:3f:1d:0b:42:f5:ee:a1:2d +-----BEGIN CERTIFICATE----- +MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV +BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X +DTA3MDYyOTE1MTMwNVoXDTI3MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQ +BgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2VydGlnbmEwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7qXOEm7RFHYeGifBZ4 +QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyHGxny +gQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbw +zBfsV1/pogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q +130yGLMLLGq/jj8UEYkgDncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2 +JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKfIrjxwo1p3Po6WAbfAgMBAAGjgbwwgbkw +DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQtCRZvgHyUtVF9lo53BEw +ZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJBgNVBAYT +AkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzj +AQ/JSP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG +9w0BAQUFAAOCAQEAhQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8h +bV6lUmPOEvjvKtpv6zf+EwLHyzs+ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFnc +fca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1kluPBS1xp81HlDQwY9qcEQCYsuu +HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w +t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw +WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== +-----END CERTIFICATE----- + +# Issuer: CN=Cybertrust Global Root O=Cybertrust, Inc +# Subject: CN=Cybertrust Global Root O=Cybertrust, Inc +# Label: "Cybertrust Global Root" +# Serial: 4835703278459682877484360 +# MD5 Fingerprint: 72:e4:4a:87:e3:69:40:80:77:ea:bc:e3:f4:ff:f0:e1 +# SHA1 Fingerprint: 5f:43:e5:b1:bf:f8:78:8c:ac:1c:c7:ca:4a:9a:c6:22:2b:cc:34:c6 +# SHA256 Fingerprint: 96:0a:df:00:63:e9:63:56:75:0c:29:65:dd:0a:08:67:da:0b:9c:bd:6e:77:71:4a:ea:fb:23:49:ab:39:3d:a3 +-----BEGIN CERTIFICATE----- +MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG +A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh +bCBSb290MB4XDTA2MTIxNTA4MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UE +ChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBS +b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Mi8vRRQZhP/8NN5 +7CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW0ozS +J8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2y +HLtgwEZLAfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iP +t3sMpTjr3kfb1V05/Iin89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNz +FtApD0mpSPCzqrdsxacwOUBdrsTiXSZT8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAY +XSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/ +MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2MDSgMqAw +hi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3Js +MB8GA1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUA +A4IBAQBW7wojoFROlZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMj +Wqd8BfP9IjsO0QbE2zZMcwSO5bAi5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUx +XOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2hO0j9n0Hq0V+09+zv+mKts2o +omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc +A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW +WL1WMRJOEcgh4LMRkWXbtKaIOM5V +-----END CERTIFICATE----- + +# Issuer: O=Chunghwa Telecom Co., Ltd. OU=ePKI Root Certification Authority +# Subject: O=Chunghwa Telecom Co., Ltd. OU=ePKI Root Certification Authority +# Label: "ePKI Root Certification Authority" +# Serial: 28956088682735189655030529057352760477 +# MD5 Fingerprint: 1b:2e:00:ca:26:06:90:3d:ad:fe:6f:15:68:d3:6b:b3 +# SHA1 Fingerprint: 67:65:0d:f1:7e:8e:7e:5b:82:40:a4:f4:56:4b:cf:e2:3d:69:c6:f0 +# SHA256 Fingerprint: c0:a6:f4:dc:63:a2:4b:fd:cf:54:ef:2a:6a:08:2a:0a:72:de:35:80:3e:2f:f5:ff:52:7a:e5:d8:72:06:df:d5 +-----BEGIN CERTIFICATE----- +MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe +MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0 +ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe +Fw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMxMjdaMF4xCzAJBgNVBAYTAlRXMSMw +IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEqMCgGA1UECwwhZVBL +SSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAH +SyZbCUNsIZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAh +ijHyl3SJCRImHJ7K2RKilTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3X +DZoTM1PRYfl61dd4s5oz9wCGzh1NlDivqOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1 +TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX12ruOzjjK9SXDrkb5wdJ +fzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0OWQqraffA +sgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uU +WH1+ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLS +nT0IFaUQAS2zMnaolQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pH +dmX2Os+PYhcZewoozRrSgx4hxyy/vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJip +NiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXiZo1jDiVN1Rmy5nk3pyKdVDEC +AwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/QkqiMAwGA1UdEwQF +MAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH +ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGB +uvl2ICO1J2B01GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6Yl +PwZpVnPDimZI+ymBV3QGypzqKOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkP +JXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdVxrsStZf0X4OFunHB2WyBEXYKCrC/ +gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEPNXubrjlpC2JgQCA2 +j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+rGNm6 +5ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUB +o2M3IUxExJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS +/jQ6fbjpKdx2qcgw+BRxgMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2z +Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE +W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D +hNQ+IIX3Sj0rnP0qCglN6oH4EZw= +-----END CERTIFICATE----- + +# Issuer: O=certSIGN OU=certSIGN ROOT CA +# Subject: O=certSIGN OU=certSIGN ROOT CA +# Label: "certSIGN ROOT CA" +# Serial: 35210227249154 +# MD5 Fingerprint: 18:98:c0:d6:e9:3a:fc:f9:b0:f5:0c:f7:4b:01:44:17 +# SHA1 Fingerprint: fa:b7:ee:36:97:26:62:fb:2d:b0:2a:f6:bf:03:fd:e8:7c:4b:2f:9b +# SHA256 Fingerprint: ea:a9:62:c4:fa:4a:6b:af:eb:e4:15:19:6d:35:1c:cd:88:8d:4f:53:f3:fa:8a:e6:d7:c4:66:a9:4e:60:42:bb +-----BEGIN CERTIFICATE----- +MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT +AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD +QTAeFw0wNjA3MDQxNzIwMDRaFw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJP +MREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7IJUqOtdu0KBuqV5Do +0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHHrfAQ +UySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5d +RdY4zTW2ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQ +OA7+j0xbm0bqQfWwCHTD0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwv +JoIQ4uNllAoEwF73XVv4EOLQunpL+943AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08C +AwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwHQYDVR0O +BBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IBAQA+0hyJ +LjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecY +MnQ8SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ +44gx+FkagQnIl6Z0x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6I +Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw +i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN +9u6wWk5JRFRYX0KD +-----END CERTIFICATE----- + +# Issuer: CN=NetLock Arany (Class Gold) F\u0151tan\xfas\xedtv\xe1ny O=NetLock Kft. OU=Tan\xfas\xedtv\xe1nykiad\xf3k (Certification Services) +# Subject: CN=NetLock Arany (Class Gold) F\u0151tan\xfas\xedtv\xe1ny O=NetLock Kft. OU=Tan\xfas\xedtv\xe1nykiad\xf3k (Certification Services) +# Label: "NetLock Arany (Class Gold) F\u0151tan\xfas\xedtv\xe1ny" +# Serial: 80544274841616 +# MD5 Fingerprint: c5:a1:b7:ff:73:dd:d6:d7:34:32:18:df:fc:3c:ad:88 +# SHA1 Fingerprint: 06:08:3f:59:3f:15:a1:04:a0:69:a4:6b:a9:03:d0:06:b7:97:09:91 +# SHA256 Fingerprint: 6c:61:da:c3:a2:de:f0:31:50:6b:e0:36:d2:a6:fe:40:19:94:fb:d1:3d:f9:c8:d4:66:59:92:74:c4:46:ec:98 +-----BEGIN CERTIFICATE----- +MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG +EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3 +MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl +cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR +dGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgxMjA2MTUwODIxWjCB +pzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM +b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm +aWNhdGlvbiBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNz +IEdvbGQpIEbFkXRhbsO6c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAxCRec75LbRTDofTjl5Bu0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrT +lF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw/HpYzY6b7cNGbIRwXdrz +AZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAkH3B5r9s5 +VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRG +ILdwfzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2 +BJtr+UBdADTHLpl1neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAG +AQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2M +U9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwWqZw8UQCgwBEIBaeZ5m8BiFRh +bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C ++C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC +bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F +uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2 +XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E= +-----END CERTIFICATE----- + +# Issuer: CN=Hongkong Post Root CA 1 O=Hongkong Post +# Subject: CN=Hongkong Post Root CA 1 O=Hongkong Post +# Label: "Hongkong Post Root CA 1" +# Serial: 1000 +# MD5 Fingerprint: a8:0d:6f:39:78:b9:43:6d:77:42:6d:98:5a:cc:23:ca +# SHA1 Fingerprint: d6:da:a8:20:8d:09:d2:15:4d:24:b5:2f:cb:34:6e:b2:58:b2:8a:58 +# SHA256 Fingerprint: f9:e6:7d:33:6c:51:00:2a:c0:54:c6:32:02:2d:66:dd:a2:e7:e3:ff:f1:0a:d0:61:ed:31:d8:bb:b4:10:cf:b2 +-----BEGIN CERTIFICATE----- +MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx +FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg +Um9vdCBDQSAxMB4XDTAzMDUxNTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkG +A1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdr +b25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC +AQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1ApzQ +jVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEn +PzlTCeqrauh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjh +ZY4bXSNmO7ilMlHIhqqhqZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9 +nnV0ttgCXjqQesBCNnLsak3c78QA3xMYV18meMjWCnl3v/evt3a5pQuEF10Q6m/h +q5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNVHRMBAf8ECDAGAQH/AgED +MA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7ih9legYsC +mEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI3 +7piol7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clB +oiMBdDhViw+5LmeiIAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJs +EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO +fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi +AmvZWg== +-----END CERTIFICATE----- + +# Issuer: CN=SecureSign RootCA11 O=Japan Certification Services, Inc. +# Subject: CN=SecureSign RootCA11 O=Japan Certification Services, Inc. +# Label: "SecureSign RootCA11" +# Serial: 1 +# MD5 Fingerprint: b7:52:74:e2:92:b4:80:93:f2:75:e4:cc:d7:f2:ea:26 +# SHA1 Fingerprint: 3b:c4:9f:48:f8:f3:73:a0:9c:1e:bd:f8:5b:b1:c3:65:c7:d8:11:b3 +# SHA256 Fingerprint: bf:0f:ee:fb:9e:3a:58:1a:d5:f9:e9:db:75:89:98:57:43:d2:61:08:5c:4d:31:4f:6f:5d:72:59:aa:42:16:12 +-----BEGIN CERTIFICATE----- +MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr +MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG +A1UEAxMTU2VjdXJlU2lnbiBSb290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0 +MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSswKQYDVQQKEyJKYXBhbiBDZXJ0aWZp +Y2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1cmVTaWduIFJvb3RD +QTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvLTJsz +i1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8 +h9uuywGOwvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOV +MdrAG/LuYpmGYz+/3ZMqg6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9 +UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rPO7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni +8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitAbpSACW22s293bzUIUPsC +h8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZXt94wDgYD +VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB +AKChOBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xm +KbabfSVSSUOrTC4rbnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQ +X5Ucv+2rIrVls4W6ng+4reV6G4pQOh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWr +QbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01y8hSyn+B/tlr0/cR7SXf+Of5 +pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN +QSdJQO7e5iNEOdyhIta6A/I= +-----END CERTIFICATE----- + +# Issuer: CN=Microsec e-Szigno Root CA 2009 O=Microsec Ltd. +# Subject: CN=Microsec e-Szigno Root CA 2009 O=Microsec Ltd. +# Label: "Microsec e-Szigno Root CA 2009" +# Serial: 14014712776195784473 +# MD5 Fingerprint: f8:49:f4:03:bc:44:2d:83:be:48:69:7d:29:64:fc:b1 +# SHA1 Fingerprint: 89:df:74:fe:5c:f4:0f:4a:80:f9:e3:37:7d:54:da:91:e1:01:31:8e +# SHA256 Fingerprint: 3c:5f:81:fe:a5:fa:b8:2c:64:bf:a2:ea:ec:af:cd:e8:e0:77:fc:86:20:a7:ca:e5:37:16:3d:f3:6e:db:f3:78 +-----BEGIN CERTIFICATE----- +MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD +VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0 +ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0G +CSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0wOTA2MTYxMTMwMThaFw0y +OTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3Qx +FjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3pp +Z25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o +dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvP +kd6mJviZpWNwrZuuyjNAfW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tc +cbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG0IMZfcChEhyVbUr02MelTTMuhTlAdX4U +fIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKApxn1ntxVUwOXewdI/5n7 +N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm1HxdrtbC +xkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1 ++rUCAwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G +A1UdDgQWBBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPM +Pcu1SCOhGnqmKrs0aDAbBgNVHREEFDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqG +SIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0olZMEyL/azXm4Q5DwpL7v8u8h +mLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfXI/OMn74dseGk +ddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775 +tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c +2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t +HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW +-----END CERTIFICATE----- + +# Issuer: CN=GlobalSign O=GlobalSign OU=GlobalSign Root CA - R3 +# Subject: CN=GlobalSign O=GlobalSign OU=GlobalSign Root CA - R3 +# Label: "GlobalSign Root CA - R3" +# Serial: 4835703278459759426209954 +# MD5 Fingerprint: c5:df:b8:49:ca:05:13:55:ee:2d:ba:1a:c3:3e:b0:28 +# SHA1 Fingerprint: d6:9b:56:11:48:f0:1c:77:c5:45:78:c1:09:26:df:5b:85:69:76:ad +# SHA256 Fingerprint: cb:b5:22:d7:b7:f1:27:ad:6a:01:13:86:5b:df:1c:d4:10:2e:7d:07:59:af:63:5a:7c:f4:72:0d:c9:63:c5:3b +-----BEGIN CERTIFICATE----- +MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G +A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp +Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4 +MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG +A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8 +RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT +gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm +KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd +QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ +XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw +DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o +LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU +RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp +jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK +6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX +mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs +Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH +WD9f +-----END CERTIFICATE----- + +# Issuer: CN=Autoridad de Certificacion Firmaprofesional CIF A62634068 +# Subject: CN=Autoridad de Certificacion Firmaprofesional CIF A62634068 +# Label: "Autoridad de Certificacion Firmaprofesional CIF A62634068" +# Serial: 6047274297262753887 +# MD5 Fingerprint: 73:3a:74:7a:ec:bb:a3:96:a6:c2:e4:e2:c8:9b:c0:c3 +# SHA1 Fingerprint: ae:c5:fb:3f:c8:e1:bf:c4:e5:4f:03:07:5a:9a:e8:00:b7:f7:b6:fa +# SHA256 Fingerprint: 04:04:80:28:bf:1f:28:64:d4:8f:9a:d4:d8:32:94:36:6a:82:88:56:55:3f:3b:14:30:3f:90:14:7f:5d:40:ef +-----BEGIN CERTIFICATE----- +MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE +BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h +cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEy +MzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIwQAYDVQQDDDlBdXRvcmlkYWQgZGUg +Q2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBBNjI2MzQwNjgwggIi +MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDDUtd9 +thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQM +cas9UX4PB99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefG +L9ItWY16Ck6WaVICqjaY7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15i +NA9wBj4gGFrO93IbJWyTdBSTo3OxDqqHECNZXyAFGUftaI6SEspd/NYrspI8IM/h +X68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyIplD9amML9ZMWGxmPsu2b +m8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctXMbScyJCy +Z/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirja +EbsXLZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/T +KI8xWVvTyQKmtFLKbpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF +6NkBiDkal4ZkQdU7hwxu+g/GvUgUvzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVh +OSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYD +VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNHDhpkLzCBpgYD +VR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp +cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBv +ACAAZABlACAAbABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBl +AGwAbwBuAGEAIAAwADgAMAAxADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF +661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx51tkljYyGOylMnfX40S2wBEqgLk9 +am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qkR71kMrv2JYSiJ0L1 +ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaPT481 +PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS +3a/DTg4fJl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5k +SeTy36LssUzAKh3ntLFlosS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF +3dvd6qJ2gHN99ZwExEWN57kci57q13XRcrHedUTnQn3iV2t93Jm8PYMo6oCTjcVM +ZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoRsaS8I8nkvof/uZS2+F0g +StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz +Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB +jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V +-----END CERTIFICATE----- + +# Issuer: CN=Izenpe.com O=IZENPE S.A. +# Subject: CN=Izenpe.com O=IZENPE S.A. +# Label: "Izenpe.com" +# Serial: 917563065490389241595536686991402621 +# MD5 Fingerprint: a6:b0:cd:85:80:da:5c:50:34:a3:39:90:2f:55:67:73 +# SHA1 Fingerprint: 2f:78:3d:25:52:18:a7:4a:65:39:71:b5:2c:a2:9c:45:15:6f:e9:19 +# SHA256 Fingerprint: 25:30:cc:8e:98:32:15:02:ba:d9:6f:9b:1f:ba:1b:09:9e:2d:29:9e:0f:45:48:bb:91:4f:36:3b:c0:d4:53:1f +-----BEGIN CERTIFICATE----- +MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4 +MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6 +ZW5wZS5jb20wHhcNMDcxMjEzMTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYD +VQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5j +b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ03rKDx6sp4boFmVq +scIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAKClaO +xdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6H +LmYRY2xU+zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFX +uaOKmMPsOzTFlUFpfnXCPCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQD +yCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxTOTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+ +JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbKF7jJeodWLBoBHmy+E60Q +rLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK0GqfvEyN +BjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8L +hij+0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIB +QFqNeb+Lz0vPqhbBleStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+ +HMh3/1uaD7euBUbl8agW7EekFwIDAQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2lu +Zm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBDSUYg +QTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBB +BgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx +MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AQYwHQYDVR0OBBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUA +A4ICAQB4pgwWSp9MiDrAyw6lFn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWb +laQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbgakEyrkgPH7UIBzg/YsfqikuFgba56 +awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8qhT/AQKM6WfxZSzwo +JNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Csg1lw +LDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCT +VyvehQP5aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGk +LhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJb +UjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/ +QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+ +naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls +QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw== +-----END CERTIFICATE----- + +# Issuer: CN=Go Daddy Root Certificate Authority - G2 O=GoDaddy.com, Inc. +# Subject: CN=Go Daddy Root Certificate Authority - G2 O=GoDaddy.com, Inc. +# Label: "Go Daddy Root Certificate Authority - G2" +# Serial: 0 +# MD5 Fingerprint: 80:3a:bc:22:c1:e6:fb:8d:9b:3b:27:4a:32:1b:9a:01 +# SHA1 Fingerprint: 47:be:ab:c9:22:ea:e8:0e:78:78:34:62:a7:9f:45:c2:54:fd:e6:8b +# SHA256 Fingerprint: 45:14:0b:32:47:eb:9c:c8:c5:b4:f0:d7:b5:30:91:f7:32:92:08:9e:6e:5a:63:e2:74:9d:d3:ac:a9:19:8e:da +-----BEGIN CERTIFICATE----- +MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx +EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT +EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp +ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIz +NTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH +EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UE +AxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKD +E6bFIEMBO4Tx5oVJnyfq9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH +/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD+qK+ihVqf94Lw7YZFAXK6sOoBJQ7Rnwy +DfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutdfMh8+7ArU6SSYmlRJQVh +GkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMlNAJWJwGR +tDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEA +AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE +FDqahQcQZyi27/a9BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmX +WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu +9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r5N9ss4UXnT3ZJE95kTXWXwTr +gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo +2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO +LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI +4uJEvlz36hz1 +-----END CERTIFICATE----- + +# Issuer: CN=Starfield Root Certificate Authority - G2 O=Starfield Technologies, Inc. +# Subject: CN=Starfield Root Certificate Authority - G2 O=Starfield Technologies, Inc. +# Label: "Starfield Root Certificate Authority - G2" +# Serial: 0 +# MD5 Fingerprint: d6:39:81:c6:52:7e:96:69:fc:fc:ca:66:ed:05:f2:96 +# SHA1 Fingerprint: b5:1c:06:7c:ee:2b:0c:3d:f8:55:ab:2d:92:f4:fe:39:d4:e7:0f:0e +# SHA256 Fingerprint: 2c:e1:cb:0b:f9:d2:f9:e1:02:99:3f:be:21:51:52:c3:b2:dd:0c:ab:de:1c:68:e5:31:9b:83:91:54:db:b7:f5 +-----BEGIN CERTIFICATE----- +MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx +EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT +HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs +ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAw +MFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 +b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj +aG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZp +Y2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMg +nLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1 +HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNkN3mSwOxGXn/hbVNMYq/N +Hwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7NfZTD4p7dN +dloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0 +HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO +BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0G +CSqGSIb3DQEBCwUAA4IBAQARWfolTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjU +sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3 +4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg +8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K +pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1 +mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 +-----END CERTIFICATE----- + +# Issuer: CN=Starfield Services Root Certificate Authority - G2 O=Starfield Technologies, Inc. +# Subject: CN=Starfield Services Root Certificate Authority - G2 O=Starfield Technologies, Inc. +# Label: "Starfield Services Root Certificate Authority - G2" +# Serial: 0 +# MD5 Fingerprint: 17:35:74:af:7b:61:1c:eb:f4:f9:3c:e2:ee:40:f9:a2 +# SHA1 Fingerprint: 92:5a:8f:8d:2c:6d:04:e0:66:5f:59:6a:ff:22:d8:63:e8:25:6f:3f +# SHA256 Fingerprint: 56:8d:69:05:a2:c8:87:08:a4:b3:02:51:90:ed:cf:ed:b1:97:4a:60:6a:13:c6:e5:29:0f:cb:2a:e6:3e:da:b5 +-----BEGIN CERTIFICATE----- +MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT +HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs +ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 +MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD +VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy +ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy +dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p +OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2 +8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K +Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe +hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk +6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw +DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q +AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI +bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB +ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z +qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd +iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn +0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN +sSi6 +-----END CERTIFICATE----- + +# Issuer: CN=AffirmTrust Commercial O=AffirmTrust +# Subject: CN=AffirmTrust Commercial O=AffirmTrust +# Label: "AffirmTrust Commercial" +# Serial: 8608355977964138876 +# MD5 Fingerprint: 82:92:ba:5b:ef:cd:8a:6f:a6:3d:55:f9:84:f6:d6:b7 +# SHA1 Fingerprint: f9:b5:b6:32:45:5f:9c:be:ec:57:5f:80:dc:e9:6e:2c:c7:b2:78:b7 +# SHA256 Fingerprint: 03:76:ab:1d:54:c5:f9:80:3c:e4:b2:e2:01:a0:ee:7e:ef:7b:57:b6:36:e8:a9:3c:9b:8d:48:60:c9:6f:5f:a7 +-----BEGIN CERTIFICATE----- +MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE +BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz +dCBDb21tZXJjaWFsMB4XDTEwMDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDEL +MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp +cm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC +AQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6EqdbDuKP +Hx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yr +ba0F8PrVC8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPAL +MeIrJmqbTFeurCA+ukV6BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1 +yHp52UKqK39c/s4mT6NmgTWvRLpUHhwwMmWd5jyTXlBOeuM61G7MGvv50jeuJCqr +VwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNVHQ4EFgQUnZPGU4teyq8/ +nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYG +XUPGhi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNj +vbz4YYCanrHOQnDiqX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivt +Z8SOyUOyXGsViQK8YvxO8rUzqrJv0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9g +N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC +nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8= +-----END CERTIFICATE----- + +# Issuer: CN=AffirmTrust Networking O=AffirmTrust +# Subject: CN=AffirmTrust Networking O=AffirmTrust +# Label: "AffirmTrust Networking" +# Serial: 8957382827206547757 +# MD5 Fingerprint: 42:65:ca:be:01:9a:9a:4c:a9:8c:41:49:cd:c0:d5:7f +# SHA1 Fingerprint: 29:36:21:02:8b:20:ed:02:f5:66:c5:32:d1:d6:ed:90:9f:45:00:2f +# SHA256 Fingerprint: 0a:81:ec:5a:92:97:77:f1:45:90:4a:f3:8d:5d:50:9f:66:b5:e2:c5:8f:cd:b5:31:05:8b:0e:17:f3:f0:b4:1b +-----BEGIN CERTIFICATE----- +MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE +BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz +dCBOZXR3b3JraW5nMB4XDTEwMDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDEL +MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp +cm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC +AQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SEHi3y +YJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbua +kCNrmreIdIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRL +QESxG9fhwoXA3hA/Pe24/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp +6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gbh+0t+nvujArjqWaJGctB+d1ENmHP4ndG +yH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNVHQ4EFgQUBx/S55zawm6i +QLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ +KoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfO +tDIuUFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzu +QY0x2+c06lkh1QF612S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZ +Lgo/bNjR9eUJtGxUAArgFU2HdW23WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4u +olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48 +x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s= +-----END CERTIFICATE----- + +# Issuer: CN=AffirmTrust Premium O=AffirmTrust +# Subject: CN=AffirmTrust Premium O=AffirmTrust +# Label: "AffirmTrust Premium" +# Serial: 7893706540734352110 +# MD5 Fingerprint: c4:5d:0e:48:b6:ac:28:30:4e:0a:bc:f9:38:16:87:57 +# SHA1 Fingerprint: d8:a6:33:2c:e0:03:6f:b1:85:f6:63:4f:7d:6a:06:65:26:32:28:27 +# SHA256 Fingerprint: 70:a7:3f:7f:37:6b:60:07:42:48:90:45:34:b1:14:82:d5:bf:0e:69:8e:cc:49:8d:f5:25:77:eb:f2:e9:3b:9a +-----BEGIN CERTIFICATE----- +MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE +BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz +dCBQcmVtaXVtMB4XDTEwMDEyOTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkG +A1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1U +cnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxBLf +qV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtnBKAQ +JG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ ++jjeRFcV5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrS +s8PhaJyJ+HoAVt70VZVs+7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5 +HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmdGPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d7 +70O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5Rp9EixAqnOEhss/n/fauG +V+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NIS+LI+H+S +qHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S +5u046uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4Ia +C1nEWTJ3s7xgaVY5/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TX +OwF0lkLgAOIua+rF7nKsu7/+6qqo+Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYE +FJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ +BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByvMiPIs0laUZx2 +KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg +Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B +8OWycvpEgjNC6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQ +MKSOyARiqcTtNd56l+0OOF6SL5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc +0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK+4w1IX2COPKpVJEZNZOUbWo6xbLQ +u4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmVBtWVyuEklut89pMF +u+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFgIxpH +YoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8 +GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO +RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e +KeC2uAloGRwYQw== +-----END CERTIFICATE----- + +# Issuer: CN=AffirmTrust Premium ECC O=AffirmTrust +# Subject: CN=AffirmTrust Premium ECC O=AffirmTrust +# Label: "AffirmTrust Premium ECC" +# Serial: 8401224907861490260 +# MD5 Fingerprint: 64:b0:09:55:cf:b1:d5:99:e2:be:13:ab:a6:5d:ea:4d +# SHA1 Fingerprint: b8:23:6b:00:2f:1d:16:86:53:01:55:6c:11:a4:37:ca:eb:ff:c3:bb +# SHA256 Fingerprint: bd:71:fd:f6:da:97:e4:cf:62:d1:64:7a:dd:25:81:b0:7d:79:ad:f8:39:7e:b4:ec:ba:9c:5e:84:88:82:14:23 +-----BEGIN CERTIFICATE----- +MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC +VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ +cmVtaXVtIEVDQzAeFw0xMDAxMjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJ +BgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEgMB4GA1UEAwwXQWZmaXJt +VHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNMF4bFZ0D +0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQN8O9 +ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0G +A1UdDgQWBBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4G +A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs +aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I +flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ== +-----END CERTIFICATE----- + +# Issuer: CN=Certum Trusted Network CA O=Unizeto Technologies S.A. OU=Certum Certification Authority +# Subject: CN=Certum Trusted Network CA O=Unizeto Technologies S.A. OU=Certum Certification Authority +# Label: "Certum Trusted Network CA" +# Serial: 279744 +# MD5 Fingerprint: d5:e9:81:40:c5:18:69:fc:46:2c:89:75:62:0f:aa:78 +# SHA1 Fingerprint: 07:e0:32:e0:20:b7:2c:3f:19:2f:06:28:a2:59:3a:19:a7:0f:06:9e +# SHA256 Fingerprint: 5c:58:46:8d:55:f5:8e:49:7e:74:39:82:d2:b5:00:10:b6:d1:65:37:4a:cf:83:a7:d4:a3:2d:b7:68:c4:40:8e +-----BEGIN CERTIFICATE----- +MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM +MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D +ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU +cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3 +WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg +Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw +IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH +UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM +TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU +BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM +kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x +AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV +HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y +sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL +I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8 +J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY +VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI +03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= +-----END CERTIFICATE----- + +# Issuer: CN=TWCA Root Certification Authority O=TAIWAN-CA OU=Root CA +# Subject: CN=TWCA Root Certification Authority O=TAIWAN-CA OU=Root CA +# Label: "TWCA Root Certification Authority" +# Serial: 1 +# MD5 Fingerprint: aa:08:8f:f6:f9:7b:b7:f2:b1:a7:1e:9b:ea:ea:bd:79 +# SHA1 Fingerprint: cf:9e:87:6d:d3:eb:fc:42:26:97:a3:b5:a3:7a:a0:76:a9:06:23:48 +# SHA256 Fingerprint: bf:d8:8f:e1:10:1c:41:ae:3e:80:1b:f8:be:56:35:0e:e9:ba:d1:a6:b9:bd:51:5e:dc:5c:6d:5b:87:11:ac:44 +-----BEGIN CERTIFICATE----- +MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES +MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU +V0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMz +WhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FO +LUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlm +aWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFE +AcK0HMMxQhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HH +K3XLfJ+utdGdIzdjp9xCoi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeX +RfwZVzsrb+RH9JlF/h3x+JejiB03HFyP4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/z +rX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1ry+UPizgN7gr8/g+YnzAx +3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkq +hkiG9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeC +MErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdls +XebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62D +lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn +aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ +YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw== +-----END CERTIFICATE----- + +# Issuer: O=SECOM Trust Systems CO.,LTD. OU=Security Communication RootCA2 +# Subject: O=SECOM Trust Systems CO.,LTD. OU=Security Communication RootCA2 +# Label: "Security Communication RootCA2" +# Serial: 0 +# MD5 Fingerprint: 6c:39:7d:a4:0e:55:59:b2:3f:d6:41:b1:12:50:de:43 +# SHA1 Fingerprint: 5f:3b:8c:f2:f8:10:b3:7d:78:b4:ce:ec:19:19:c3:73:34:b9:c7:74 +# SHA256 Fingerprint: 51:3b:2c:ec:b8:10:d4:cd:e5:dd:85:39:1a:df:c6:c2:dd:60:d8:7b:b7:36:d2:b5:21:48:4a:a4:7a:0e:be:f6 +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl +MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe +U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoX +DTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRy +dXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3VyaXR5IENvbW11bmlj +YXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANAV +OVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGr +zbl+dp+++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVM +VAX3NuRFg3sUZdbcDE3R3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQ +hNBqyjoGADdH5H5XTz+L62e4iKrFvlNVspHEfbmwhRkGeC7bYRr6hfVKkaHnFtWO +ojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1KEOtOghY6rCcMU/Gt1SSw +awNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8QIH4D5cs +OPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 +DQEBCwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpF +coJxDjrSzG+ntKEju/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXc +okgfGT+Ok+vx+hfuzU7jBBJV1uXk3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8 +t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy +1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/ +SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03 +-----END CERTIFICATE----- + +# Issuer: CN=EC-ACC O=Agencia Catalana de Certificacio (NIF Q-0801176-I) OU=Serveis Publics de Certificacio/Vegeu https://www.catcert.net/verarrel (c)03/Jerarquia Entitats de Certificacio Catalanes +# Subject: CN=EC-ACC O=Agencia Catalana de Certificacio (NIF Q-0801176-I) OU=Serveis Publics de Certificacio/Vegeu https://www.catcert.net/verarrel (c)03/Jerarquia Entitats de Certificacio Catalanes +# Label: "EC-ACC" +# Serial: -23701579247955709139626555126524820479 +# MD5 Fingerprint: eb:f5:9d:29:0d:61:f9:42:1f:7c:c2:ba:6d:e3:15:09 +# SHA1 Fingerprint: 28:90:3a:63:5b:52:80:fa:e6:77:4c:0b:6d:a7:d6:ba:a6:4a:f2:e8 +# SHA256 Fingerprint: 88:49:7f:01:60:2f:31:54:24:6a:e2:8c:4d:5a:ef:10:f1:d8:7e:bb:76:62:6f:4a:e0:b7:f9:5b:a7:96:87:99 +-----BEGIN CERTIFICATE----- +MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB +8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy +dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1 +YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3 +dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh +IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD +LUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQG +EwJFUzE7MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8g +KE5JRiBRLTA4MDExNzYtSSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBD +ZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQu +bmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJhcnF1aWEgRW50aXRhdHMg +ZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUNDMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R +85iKw5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm +4CgPukLjbo73FCeTae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaV +HMf5NLWUhdWZXqBIoH7nF2W4onW4HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNd +QlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0aE9jD2z3Il3rucO2n5nzbcc8t +lGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw0JDnJwIDAQAB +o4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4 +opvpXY0wfwYDVR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBo +dHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidW +ZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAwDQYJKoZIhvcN +AQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJlF7W2u++AVtd0x7Y +/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNaAl6k +SBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhy +Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS +Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl +nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI= +-----END CERTIFICATE----- + +# Issuer: CN=Hellenic Academic and Research Institutions RootCA 2011 O=Hellenic Academic and Research Institutions Cert. Authority +# Subject: CN=Hellenic Academic and Research Institutions RootCA 2011 O=Hellenic Academic and Research Institutions Cert. Authority +# Label: "Hellenic Academic and Research Institutions RootCA 2011" +# Serial: 0 +# MD5 Fingerprint: 73:9f:4c:4b:73:5b:79:e9:fa:ba:1c:ef:6e:cb:d5:c9 +# SHA1 Fingerprint: fe:45:65:9b:79:03:5b:98:a1:61:b5:51:2e:ac:da:58:09:48:22:4d +# SHA256 Fingerprint: bc:10:4f:15:a4:8b:e7:09:dc:a5:42:a7:e1:d4:b9:df:6f:05:45:27:e8:02:ea:a9:2d:59:54:44:25:8a:fe:71 +-----BEGIN CERTIFICATE----- +MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix +RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 +dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p +YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw +NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK +EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl +cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz +dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ +fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns +bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD +75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP +FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV +HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp +5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu +b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA +A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p +6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 +TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7 +dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys +Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI +l7WdmplNsDz4SgCbZN2fOUvRJ9e4 +-----END CERTIFICATE----- + +# Issuer: CN=Actalis Authentication Root CA O=Actalis S.p.A./03358520967 +# Subject: CN=Actalis Authentication Root CA O=Actalis S.p.A./03358520967 +# Label: "Actalis Authentication Root CA" +# Serial: 6271844772424770508 +# MD5 Fingerprint: 69:c1:0d:4f:07:a3:1b:c3:fe:56:3d:04:bc:11:f6:a6 +# SHA1 Fingerprint: f3:73:b3:87:06:5a:28:84:8a:f2:f3:4a:ce:19:2b:dd:c7:8e:9c:ac +# SHA256 Fingerprint: 55:92:60:84:ec:96:3a:64:b9:6e:2a:be:01:ce:0b:a8:6a:64:fb:fe:bc:c7:aa:b5:af:c1:55:b3:7f:d7:60:66 +-----BEGIN CERTIFICATE----- +MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE +BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w +MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290 +IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDkyMjExMjIwMlowazELMAkGA1UEBhMC +SVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1 +ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENB +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNv +UTufClrJwkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX +4ay8IMKx4INRimlNAJZaby/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9 +KK3giq0itFZljoZUj5NDKd45RnijMCO6zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/ +gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1fYVEiVRvjRuPjPdA1Yprb +rxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2oxgkg4YQ +51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2F +be8lEfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxe +KF+w6D9Fz8+vm2/7hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4F +v6MGn8i1zeQf1xcGDXqVdFUNaBr8EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbn +fpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5jF66CyCU3nuDuP/jVo23Eek7 +jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLYiDrIn3hm7Ynz +ezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt +ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAL +e3KHwGCmSUyIWOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70 +jsNjLiNmsGe+b7bAEzlgqqI0JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDz +WochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKxK3JCaKygvU5a2hi/a5iB0P2avl4V +SM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+Xlff1ANATIGk0k9j +pwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC4yyX +X04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+Ok +fcvHlXHo2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7R +K4X9p2jIugErsWx0Hbhzlefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btU +ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU +LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT +LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg== +-----END CERTIFICATE----- + +# Issuer: CN=Buypass Class 2 Root CA O=Buypass AS-983163327 +# Subject: CN=Buypass Class 2 Root CA O=Buypass AS-983163327 +# Label: "Buypass Class 2 Root CA" +# Serial: 2 +# MD5 Fingerprint: 46:a7:d2:fe:45:fb:64:5a:a8:59:90:9b:78:44:9b:29 +# SHA1 Fingerprint: 49:0a:75:74:de:87:0a:47:fe:58:ee:f6:c7:6b:eb:c6:0b:12:40:99 +# SHA256 Fingerprint: 9a:11:40:25:19:7c:5b:b9:5d:94:e6:3d:55:cd:43:79:08:47:b6:46:b2:3c:df:11:ad:a4:a0:0e:ff:15:fb:48 +-----BEGIN CERTIFICATE----- +MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd +MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg +Q2xhc3MgMiBSb290IENBMB4XDTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1ow +TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw +HgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB +BQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1g1Lr +6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPV +L4O2fuPn9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC91 +1K2GScuVr1QGbNgGE41b/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHx +MlAQTn/0hpPshNOOvEu/XAFOBz3cFIqUCqTqc/sLUegTBxj6DvEr0VQVfTzh97QZ +QmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeffawrbD02TTqigzXsu8lkB +arcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgIzRFo1clr +Us3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLi +FRhnBkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRS +P/TizPJhk9H9Z2vXUq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN +9SG9dKpN6nIDSdvHXx1iY8f93ZHsM+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxP +AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMmAd+BikoL1Rpzz +uvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAU18h +9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s +A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3t +OluwlN5E40EIosHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo ++fsicdl9sz1Gv7SEr5AcD48Saq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7 +KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYdDnkM/crqJIByw5c/8nerQyIKx+u2 +DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWDLfJ6v9r9jv6ly0Us +H8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0oyLQ +I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7 +5t98biGCwWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h +3PFaTWwyI0PurKju7koSCTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPz +Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqA= +-----END CERTIFICATE----- + +# Issuer: CN=Buypass Class 3 Root CA O=Buypass AS-983163327 +# Subject: CN=Buypass Class 3 Root CA O=Buypass AS-983163327 +# Label: "Buypass Class 3 Root CA" +# Serial: 2 +# MD5 Fingerprint: 3d:3b:18:9e:2c:64:5a:e8:d5:88:ce:0e:f9:37:c2:ec +# SHA1 Fingerprint: da:fa:f7:fa:66:84:ec:06:8f:14:50:bd:c7:c2:81:a5:bc:a9:64:57 +# SHA256 Fingerprint: ed:f7:eb:bc:a2:7a:2a:38:4d:38:7b:7d:40:10:c6:66:e2:ed:b4:84:3e:4c:29:b4:ae:1d:5b:93:32:e6:b2:4d +-----BEGIN CERTIFICATE----- +MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd +MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg +Q2xhc3MgMyBSb290IENBMB4XDTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFow +TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw +HgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB +BQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRHsJ8Y +ZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3E +N3coTRiR5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9 +tznDDgFHmV0ST9tD+leh7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX +0DJq1l1sDPGzbjniazEuOQAnFN44wOwZZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c +/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH2xc519woe2v1n/MuwU8X +KhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV/afmiSTY +zIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvS +O1UQRwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D +34xFMFbG02SrZvPAXpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgP +K9Dx2hzLabjKSWJtyNBjYt1gD1iqj6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3 +AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEe4zf/lb+74suwv +Tg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAACAj +QTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV +cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXS +IGrs/CIBKM+GuIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2 +HJLw5QY33KbmkJs4j1xrG0aGQ0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsa +O5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8ZORK15FTAaggiG6cX0S5y2CBNOxv +033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2KSb12tjE8nVhz36u +dmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz6MkE +kbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg41 +3OEMXbugUZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvD +u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq +4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZc= +-----END CERTIFICATE----- + +# Issuer: CN=T-TeleSec GlobalRoot Class 3 O=T-Systems Enterprise Services GmbH OU=T-Systems Trust Center +# Subject: CN=T-TeleSec GlobalRoot Class 3 O=T-Systems Enterprise Services GmbH OU=T-Systems Trust Center +# Label: "T-TeleSec GlobalRoot Class 3" +# Serial: 1 +# MD5 Fingerprint: ca:fb:40:a8:4e:39:92:8a:1d:fe:8e:2f:c4:27:ea:ef +# SHA1 Fingerprint: 55:a6:72:3e:cb:f2:ec:cd:c3:23:74:70:19:9d:2a:be:11:e3:81:d1 +# SHA256 Fingerprint: fd:73:da:d3:1c:64:4f:f1:b4:3b:ef:0c:cd:da:96:71:0b:9c:d9:87:5e:ca:7e:31:70:7a:f3:e9:6d:52:2b:bd +-----BEGIN CERTIFICATE----- +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx +KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd +BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl +YyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgxMDAxMTAyOTU2WhcNMzMxMDAxMjM1 +OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy +aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 +ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN +8ELg63iIVl6bmlQdTQyK9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/ +RLyTPWGrTs0NvvAgJ1gORH8EGoel15YUNpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4 +hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZFiP0Zf3WHHx+xGwpzJFu5 +ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W0eDrXltM +EnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGj +QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1 +A/d2O2GCahKqGFPrAyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOy +WL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ +1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzTucpH9sry9uetuUg/vBa3wW30 +6gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7hP0HHRwA11fXT +91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml +e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p +TpPDpFQUWw== +-----END CERTIFICATE----- + +# Issuer: CN=D-TRUST Root Class 3 CA 2 2009 O=D-Trust GmbH +# Subject: CN=D-TRUST Root Class 3 CA 2 2009 O=D-Trust GmbH +# Label: "D-TRUST Root Class 3 CA 2 2009" +# Serial: 623603 +# MD5 Fingerprint: cd:e0:25:69:8d:47:ac:9c:89:35:90:f7:fd:51:3d:2f +# SHA1 Fingerprint: 58:e8:ab:b0:36:15:33:fb:80:f7:9b:1b:6d:29:d3:ff:8d:5f:00:f0 +# SHA256 Fingerprint: 49:e7:a4:42:ac:f0:ea:62:87:05:00:54:b5:25:64:b6:50:e4:f4:9e:42:e3:48:d6:aa:38:e0:39:e9:57:b1:c1 +-----BEGIN CERTIFICATE----- +MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF +MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD +bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NTha +ME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMM +HkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOADER03 +UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42 +tSHKXzlABF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9R +ySPocq60vFYJfxLLHLGvKZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsM +lFqVlNpQmvH/pStmMaTJOKDfHR+4CS7zp+hnUquVH+BGPtikw8paxTGA6Eian5Rp +/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUCAwEAAaOCARowggEWMA8G +A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ4PGEMA4G +A1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVj +dG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUy +MENBJTIwMiUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRl +cmV2b2NhdGlvbmxpc3QwQ6BBoD+GPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3Js +L2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAwOS5jcmwwDQYJKoZIhvcNAQEL +BQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm2H6NMLVwMeni +acfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 +o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4K +zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8 +PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y +Johw1+qRzT65ysCQblrGXnRl11z+o+I= +-----END CERTIFICATE----- + +# Issuer: CN=D-TRUST Root Class 3 CA 2 EV 2009 O=D-Trust GmbH +# Subject: CN=D-TRUST Root Class 3 CA 2 EV 2009 O=D-Trust GmbH +# Label: "D-TRUST Root Class 3 CA 2 EV 2009" +# Serial: 623604 +# MD5 Fingerprint: aa:c6:43:2c:5e:2d:cd:c4:34:c0:50:4f:11:02:4f:b6 +# SHA1 Fingerprint: 96:c9:1b:0b:95:b4:10:98:42:fa:d0:d8:22:79:fe:60:fa:b9:16:83 +# SHA256 Fingerprint: ee:c5:49:6b:98:8c:e9:86:25:b9:34:09:2e:ec:29:08:be:d0:b0:f3:16:c2:d4:73:0c:84:ea:f1:f3:d3:48:81 +-----BEGIN CERTIFICATE----- +MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF +MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD +bGFzcyAzIENBIDIgRVYgMjAwOTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUw +NDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNV +BAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAwOTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfSegpn +ljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM0 +3TP1YtHhzRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6Z +qQTMFexgaDbtCHu39b+T7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lR +p75mpoo6Kr3HGrHhFPC+Oh25z1uxav60sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8 +HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure3511H3a6UCAwEAAaOCASQw +ggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyvcop9Ntea +HNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFw +Oi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xh +c3MlMjAzJTIwQ0ElMjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1E +RT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MEagRKBChkBodHRwOi8vd3d3LmQt +dHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xhc3NfM19jYV8yX2V2XzIwMDku +Y3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+PPoeUSbrh/Yp +3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05 +nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNF +CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na +xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX +KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1 +-----END CERTIFICATE----- + +# Issuer: CN=CA Disig Root R2 O=Disig a.s. +# Subject: CN=CA Disig Root R2 O=Disig a.s. +# Label: "CA Disig Root R2" +# Serial: 10572350602393338211 +# MD5 Fingerprint: 26:01:fb:d8:27:a7:17:9a:45:54:38:1a:43:01:3b:03 +# SHA1 Fingerprint: b5:61:eb:ea:a4:de:e4:25:4b:69:1a:98:a5:57:47:c2:34:c7:d9:71 +# SHA256 Fingerprint: e2:3d:4a:03:6d:7b:70:e9:f5:95:b1:42:20:79:d2:b9:1e:df:bb:1f:b6:51:a0:63:3e:aa:8a:9d:c5:f8:07:03 +-----BEGIN CERTIFICATE----- +MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV +BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu +MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQy +MDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx +EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIw +ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbCw3Oe +NcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNH +PWSb6WiaxswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3I +x2ymrdMxp7zo5eFm1tL7A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbe +QTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfR +yyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqVg8NTEQxzHQuyRpDRQjrO +QG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa5Beny912 +H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJ +QfYEkoopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUD +i/ZnWejBBhG93c+AAk9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORs +nLMOPReisjQS1n6yqEm70XooQL6iFh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1 +rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud +DwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5uQu0wDQYJKoZI +hvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM +tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqf +GopTpti72TVVsRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkb +lvdhuDvEK7Z4bLQjb/D907JedR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka ++elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W81k/BfDxujRNt+3vrMNDcTa/F1bal +TFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjxmHHEt38OFdAlab0i +nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3 +gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr +G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os +zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x +L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL +-----END CERTIFICATE----- + +# Issuer: CN=ACCVRAIZ1 O=ACCV OU=PKIACCV +# Subject: CN=ACCVRAIZ1 O=ACCV OU=PKIACCV +# Label: "ACCVRAIZ1" +# Serial: 6828503384748696800 +# MD5 Fingerprint: d0:a0:5a:ee:05:b6:09:94:21:a1:7d:f1:b2:29:82:02 +# SHA1 Fingerprint: 93:05:7a:88:15:c6:4f:ce:88:2f:fa:91:16:52:28:78:bc:53:64:17 +# SHA256 Fingerprint: 9a:6e:c0:12:e1:a7:da:9d:be:34:19:4d:47:8a:d7:c0:db:18:22:fb:07:1d:f1:29:81:49:6e:d1:04:38:41:13 +-----BEGIN CERTIFICATE----- +MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE +AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw +CQYDVQQGEwJFUzAeFw0xMTA1MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQ +BgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwHUEtJQUNDVjENMAsGA1UECgwEQUND +VjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCb +qau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gMjmoY +HtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWo +G2ioPej0RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpA +lHPrzg5XPAOBOp0KoVdDaaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhr +IA8wKFSVf+DuzgpmndFALW4ir50awQUZ0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/ +0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDGWuzndN9wrqODJerWx5eH +k6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs78yM2x/47 +4KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMO +m3WR5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpa +cXpkatcnYGMN285J9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPl +uUsXQA+xtrn13k/c4LOsOxFwYIRKQ26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYI +KwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRwOi8vd3d3LmFjY3YuZXMvZmls +ZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEuY3J0MB8GCCsG +AQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2 +VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeT +VfZW6oHlNsyMHj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIG +CCsGAQUFBwICMIIBFB6CARAAQQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUA +cgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBhAO0AegAgAGQAZQAgAGwAYQAgAEEA +QwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUAYwBuAG8AbABvAGcA +7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBjAHQA +cgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAA +QwBQAFMAIABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUA +czAwBggrBgEFBQcCARYkaHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2Mu +aHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRt +aW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2MV9kZXIuY3JsMA4GA1Ud +DwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZIhvcNAQEF +BQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdp +D70ER9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gU +JyCpZET/LtZ1qmxNYEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+m +AM/EKXMRNt6GGT6d7hmKG9Ww7Y49nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepD +vV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJTS+xJlsndQAJxGJ3KQhfnlms +tn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3sCPdK6jT2iWH +7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h +I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szA +h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF +d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H +pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7 +-----END CERTIFICATE----- + +# Issuer: CN=TWCA Global Root CA O=TAIWAN-CA OU=Root CA +# Subject: CN=TWCA Global Root CA O=TAIWAN-CA OU=Root CA +# Label: "TWCA Global Root CA" +# Serial: 3262 +# MD5 Fingerprint: f9:03:7e:cf:e6:9e:3c:73:7a:2a:90:07:69:ff:2b:96 +# SHA1 Fingerprint: 9c:bb:48:53:f6:a4:f6:d3:52:a4:e8:32:52:55:60:13:f5:ad:af:65 +# SHA256 Fingerprint: 59:76:90:07:f7:68:5d:0f:cd:50:87:2f:9f:95:d5:75:5a:5b:2b:45:7d:81:f3:69:2b:61:0a:98:67:2f:0e:1b +-----BEGIN CERTIFICATE----- +MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx +EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT +VFdDQSBHbG9iYWwgUm9vdCBDQTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5 +NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQKEwlUQUlXQU4tQ0ExEDAOBgNVBAsT +B1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3QgQ0EwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2CnJfF +10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz +0ALfUPZVr2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfCh +MBwqoJimFb3u/Rk28OKRQ4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbH +zIh1HrtsBv+baz4X7GGqcXzGHaL3SekVtTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc +46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1WKKD+u4ZqyPpcC1jcxkt2 +yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99sy2sbZCi +laLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYP +oA/pyJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQA +BDzfuBSO6N+pjWxnkjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcE +qYSjMq+u7msXi7Kx/mzhkIyIqJdIzshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm +4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB +/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6gcFGn90xHNcgL +1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn +LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WF +H6vPNOw/KP4M8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNo +RI2T9GRwoD2dKAXDOXC4Ynsg/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+ +nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh +15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryPA9gK8kxkRr05YuWW +6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3mi4TW +nsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5j +wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz +aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy +KwbQBM0= +-----END CERTIFICATE----- + +# Issuer: CN=TeliaSonera Root CA v1 O=TeliaSonera +# Subject: CN=TeliaSonera Root CA v1 O=TeliaSonera +# Label: "TeliaSonera Root CA v1" +# Serial: 199041966741090107964904287217786801558 +# MD5 Fingerprint: 37:41:49:1b:18:56:9a:26:f5:ad:c2:66:fb:40:a5:4c +# SHA1 Fingerprint: 43:13:bb:96:f1:d5:86:9b:c1:4e:6a:92:f6:cf:f6:34:69:87:82:37 +# SHA256 Fingerprint: dd:69:36:fe:21:f8:f0:77:c1:23:a1:a5:21:c1:22:24:f7:22:55:b7:3e:03:a7:26:06:93:e8:a2:4b:0f:a3:89 +-----BEGIN CERTIFICATE----- +MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw +NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv +b3QgQ0EgdjEwHhcNMDcxMDE4MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYD +VQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9vdCBDQSB2 +MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+6yfwIaPzaSZVfp3F +VRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA3GV1 +7CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+X +Z75Ljo1kB1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+ +/jXh7VB7qTCNGdMJjmhnXb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs +81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxHoLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkm +dtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3F0fUTPHSiXk+TT2YqGHe +Oh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJoWjiUIMu +sDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4 +pgd7gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fs +slESl1MpWtTwEhDcTwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQ +arMCpgKIv7NHfirZ1fpoeDVNAgMBAAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYD +VR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qWDNXr+nuqF+gTEjANBgkqhkiG +9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNmzqjMDfz1mgbl +dxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx +0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1Tj +TQpgcmLNkQfWpb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBed +Y2gea+zDTYa4EzAvXUYNR0PVG6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7 +Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpcc41teyWRyu5FrgZLAMzTsVlQ2jqI +OylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOTJsjrDNYmiLbAJM+7 +vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2qReW +t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn +HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx +SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY= +-----END CERTIFICATE----- + +# Issuer: CN=E-Tugra Certification Authority O=E-Tu\u011fra EBG Bili\u015fim Teknolojileri ve Hizmetleri A.\u015e. OU=E-Tugra Sertifikasyon Merkezi +# Subject: CN=E-Tugra Certification Authority O=E-Tu\u011fra EBG Bili\u015fim Teknolojileri ve Hizmetleri A.\u015e. OU=E-Tugra Sertifikasyon Merkezi +# Label: "E-Tugra Certification Authority" +# Serial: 7667447206703254355 +# MD5 Fingerprint: b8:a1:03:63:b0:bd:21:71:70:8a:6f:13:3a:bb:79:49 +# SHA1 Fingerprint: 51:c6:e7:08:49:06:6e:f3:92:d4:5c:a0:0d:6d:a3:62:8f:c3:52:39 +# SHA256 Fingerprint: b0:bf:d5:2b:b0:d7:d9:bd:92:bf:5d:4d:c1:3d:a2:55:c0:2c:54:2f:37:83:65:ea:89:39:11:f5:5e:55:f2:3c +-----BEGIN CERTIFICATE----- +MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV +BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC +aWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNV +BAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQDDB9FLVR1 +Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMwNTEyMDk0OFoXDTIz +MDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+ +BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhp +em1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN +ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4vU/kwVRHoViVF56C/UY +B4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vdhQd2h8y/L5VMzH2nPbxH +D5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5KCKpbknSF +Q9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEo +q1+gElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3D +k14opz8n8Y4e0ypQBaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcH +fC425lAcP9tDJMW/hkd5s3kc91r0E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsut +dEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gzrt48Ue7LE3wBf4QOXVGUnhMM +ti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAqjqFGOjGY5RH8 +zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn +rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUX +U8u3Zg5mTPj5dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6 +Jyr+zE7S6E5UMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5 +XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAF +Nzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAKkEh47U6YA5n+KGCR +HTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jOXKqY +GwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c +77NCR807VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3 ++GbHeJAAFS6LrVE1Uweoa2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WK +vJUawSg5TB9D0pH0clmKuVb8P7Sd2nCcdlqMQ1DujjByTd//SffGqWfZbawCEeI6 +FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl +yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P +AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD +y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d +NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA== +-----END CERTIFICATE----- + +# Issuer: CN=T-TeleSec GlobalRoot Class 2 O=T-Systems Enterprise Services GmbH OU=T-Systems Trust Center +# Subject: CN=T-TeleSec GlobalRoot Class 2 O=T-Systems Enterprise Services GmbH OU=T-Systems Trust Center +# Label: "T-TeleSec GlobalRoot Class 2" +# Serial: 1 +# MD5 Fingerprint: 2b:9b:9e:e4:7b:6c:1f:00:72:1a:cc:c1:77:79:df:6a +# SHA1 Fingerprint: 59:0d:2d:7d:88:4f:40:2e:61:7e:a5:62:32:17:65:cf:17:d8:94:e9 +# SHA256 Fingerprint: 91:e2:f5:78:8d:58:10:eb:a7:ba:58:73:7d:e1:54:8a:8e:ca:cd:01:45:98:bc:0b:14:3e:04:1b:17:05:25:52 +-----BEGIN CERTIFICATE----- +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx +KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd +BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl +YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 +OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy +aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 +ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd +AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC +FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi +1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq +jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ +wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj +QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ +WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy +NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC +uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw +IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 +g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN +9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP +BSeOE6Fuwg== +-----END CERTIFICATE----- + +# Issuer: CN=Atos TrustedRoot 2011 O=Atos +# Subject: CN=Atos TrustedRoot 2011 O=Atos +# Label: "Atos TrustedRoot 2011" +# Serial: 6643877497813316402 +# MD5 Fingerprint: ae:b9:c4:32:4b:ac:7f:5d:66:cc:77:94:bb:2a:77:56 +# SHA1 Fingerprint: 2b:b1:f5:3e:55:0c:1d:c5:f1:d4:e6:b7:6a:46:4b:55:06:02:ac:21 +# SHA256 Fingerprint: f3:56:be:a2:44:b7:a9:1e:b3:5d:53:ca:9a:d7:86:4a:ce:01:8e:2d:35:d5:f8:f9:6d:df:68:a6:f4:1a:a4:74 +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE +AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG +EwJERTAeFw0xMTA3MDcxNDU4MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMM +FUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UEBhMC +REUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVhTuXbyo7LjvPpvMp +Nb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr54rM +VD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+ +SZFhyBH+DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ +4J7sVaE3IqKHBAUsR320HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0L +cp2AMBYHlT8oDv3FdU9T1nSatCQujgKRz3bFmx5VdJx4IbHwLfELn8LVlhgf8FQi +eowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7Rl+lwrrw7GWzbITAPBgNV +HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZbNshMBgG +A1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3 +DQEBCwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8j +vZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kP +DpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pc +maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D +lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv +KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed +-----END CERTIFICATE----- + +# Issuer: CN=QuoVadis Root CA 1 G3 O=QuoVadis Limited +# Subject: CN=QuoVadis Root CA 1 G3 O=QuoVadis Limited +# Label: "QuoVadis Root CA 1 G3" +# Serial: 687049649626669250736271037606554624078720034195 +# MD5 Fingerprint: a4:bc:5b:3f:fe:37:9a:fa:64:f0:e2:fa:05:3d:0b:ab +# SHA1 Fingerprint: 1b:8e:ea:57:96:29:1a:c9:39:ea:b8:0a:81:1a:73:73:c0:93:79:67 +# SHA256 Fingerprint: 8a:86:6f:d1:b2:76:b5:7e:57:8e:92:1c:65:82:8a:2b:ed:58:e9:f2:f2:88:05:41:34:b7:f1:f4:bf:c9:cc:74 +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL +BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc +BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00 +MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM +aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEgRzMwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakEPBtV +wedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWe +rNrwU8lmPNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF341 +68Xfuw6cwI2H44g4hWf6Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh +4Pw5qlPafX7PGglTvF0FBM+hSo+LdoINofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXp +UhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/lg6AnhF4EwfWQvTA9xO+o +abw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV7qJZjqlc +3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/G +KubX9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSt +hfbZxbGL0eUQMk1fiyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KO +Tk0k+17kBL5yG6YnLUlamXrXXAkgt3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOt +zCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB +BjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZIhvcNAQELBQAD +ggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC +MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2 +cDMT/uFPpiN3GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUN +qXsCHKnQO18LwIE6PWThv6ctTr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5 +YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP+V04ikkwj+3x6xn0dxoxGE1nVGwv +b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2 +8hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fawx/k +NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj +ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp +q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt +nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD +-----END CERTIFICATE----- + +# Issuer: CN=QuoVadis Root CA 2 G3 O=QuoVadis Limited +# Subject: CN=QuoVadis Root CA 2 G3 O=QuoVadis Limited +# Label: "QuoVadis Root CA 2 G3" +# Serial: 390156079458959257446133169266079962026824725800 +# MD5 Fingerprint: af:0c:86:6e:bf:40:2d:7f:0b:3e:12:50:ba:12:3d:06 +# SHA1 Fingerprint: 09:3c:61:f3:8b:8b:dc:7d:55:df:75:38:02:05:00:e1:25:f5:c8:36 +# SHA256 Fingerprint: 8f:e4:fb:0a:f9:3a:4d:0d:67:db:0b:eb:b2:3e:37:c7:1b:f3:25:dc:bc:dd:24:0e:a0:4d:af:58:b4:7e:18:40 +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL +BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc +BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00 +MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM +aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIgRzMwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFhZiFf +qq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMW +n4rjyduYNM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ym +c5GQYaYDFCDy54ejiK2toIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+ +O7q414AB+6XrW7PFXmAqMaCvN+ggOp+oMiwMzAkd056OXbxMmO7FGmh77FOm6RQ1 +o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+lV0POKa2Mq1W/xPtbAd0j +IaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZoL1NesNKq +IcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz +8eQQsSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43eh +vNURG3YBZwjgQQvD6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l +7ZizlWNof/k19N+IxWA1ksB8aRxhlRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALG +cC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB +BjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZIhvcNAQELBQAD +ggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 +AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RC +roijQ1h5fq7KpVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0Ga +W/ZZGYjeVYg3UQt4XAoeo0L9x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4n +lv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgzdWqTHBLmYF5vHX/JHyPLhGGfHoJE ++V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6XU/IyAgkwo1jwDQHV +csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd +dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg +KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM +HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4 +WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M +-----END CERTIFICATE----- + +# Issuer: CN=QuoVadis Root CA 3 G3 O=QuoVadis Limited +# Subject: CN=QuoVadis Root CA 3 G3 O=QuoVadis Limited +# Label: "QuoVadis Root CA 3 G3" +# Serial: 268090761170461462463995952157327242137089239581 +# MD5 Fingerprint: df:7d:b9:ad:54:6f:68:a1:df:89:57:03:97:43:b0:d7 +# SHA1 Fingerprint: 48:12:bd:92:3c:a8:c4:39:06:e7:30:6d:27:96:e6:a4:cf:22:2e:7d +# SHA256 Fingerprint: 88:ef:81:de:20:2e:b0:18:45:2e:43:f8:64:72:5c:ea:5f:bd:1f:c2:d9:d2:05:73:07:09:c5:d8:b8:69:0f:46 +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL +BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc +BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00 +MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM +aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMgRzMwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286IxSR +/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNu +FoM7pmRLMon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXR +U7Ox7sWTaYI+FrUoRqHe6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+c +ra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERROR +FHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3UVDmrJqMz6nWB2i3ND0/k +A9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f75li59wzw +eyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634Ryl +sSqiMd5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBp +VzgeAVuNVejH38DMdyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0Q +A4XN8f+MFrXBsj6IbGB/kE+V9/YtrQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ +ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB +BjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZIhvcNAQELBQAD +ggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px +KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnI +FUBhynLWcKzSt/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5Wvv +oxXqA/4Ti2Tk08HS6IT7SdEQTXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFg +u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP +0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGibIh6BJpsQBJFxwAYf +3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmDhPbl +8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+ +DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN +PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ +ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0 +-----END CERTIFICATE----- + +# Issuer: CN=DigiCert Assured ID Root G2 O=DigiCert Inc OU=www.digicert.com +# Subject: CN=DigiCert Assured ID Root G2 O=DigiCert Inc OU=www.digicert.com +# Label: "DigiCert Assured ID Root G2" +# Serial: 15385348160840213938643033620894905419 +# MD5 Fingerprint: 92:38:b9:f8:63:24:82:65:2c:57:33:e6:fe:81:8f:9d +# SHA1 Fingerprint: a1:4b:48:d9:43:ee:0a:0e:40:90:4f:3c:e0:a4:c0:91:93:51:5d:3f +# SHA256 Fingerprint: 7d:05:eb:b6:82:33:9f:8c:94:51:ee:09:4e:eb:fe:fa:79:53:a1:14:ed:b2:f4:49:49:45:2f:ab:7d:2f:c1:85 +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv +b3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl +cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSA +n61UQbVH35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4Htecc +biJVMWWXvdMX0h5i89vqbFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9Hp +EgjAALAcKxHad3A2m67OeYfcgnDmCXRwVWmvo2ifv922ebPynXApVfSr/5Vh88lA +bx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OPYLfykqGxvYmJHzDNw6Yu +YjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+RnlTGNAgMB +AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQW +BBTOw0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPI +QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I +0jJmwYrA8y8678Dj1JGG0VDjA9tzd29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4Gni +lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9 +B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv +ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo +IhNzbM8m9Yop5w== +-----END CERTIFICATE----- + +# Issuer: CN=DigiCert Assured ID Root G3 O=DigiCert Inc OU=www.digicert.com +# Subject: CN=DigiCert Assured ID Root G3 O=DigiCert Inc OU=www.digicert.com +# Label: "DigiCert Assured ID Root G3" +# Serial: 15459312981008553731928384953135426796 +# MD5 Fingerprint: 7c:7f:65:31:0c:81:df:8d:ba:3e:99:e2:5c:ad:6e:fb +# SHA1 Fingerprint: f5:17:a2:4f:9a:48:c6:c9:f8:a2:00:26:9f:dc:0f:48:2c:ab:30:89 +# SHA256 Fingerprint: 7e:37:cb:8b:4c:47:09:0c:ab:36:55:1b:a6:f4:5d:b8:40:68:0f:ba:16:6a:95:2d:b1:00:71:7f:43:05:3f:c2 +-----BEGIN CERTIFICATE----- +MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw +CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu +ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg +RzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQGEwJV +UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu +Y29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQBgcq +hkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJf +Zn4f5dwbRXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17Q +RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD +AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY +JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv +6pZjamVFkpUBtA== +-----END CERTIFICATE----- + +# Issuer: CN=DigiCert Global Root G2 O=DigiCert Inc OU=www.digicert.com +# Subject: CN=DigiCert Global Root G2 O=DigiCert Inc OU=www.digicert.com +# Label: "DigiCert Global Root G2" +# Serial: 4293743540046975378534879503202253541 +# MD5 Fingerprint: e4:a6:8a:c8:54:ac:52:42:46:0a:fd:72:48:1b:2a:44 +# SHA1 Fingerprint: df:3c:24:f9:bf:d6:66:76:1b:26:80:73:fe:06:d1:cc:8d:4f:82:a4 +# SHA256 Fingerprint: cb:3c:cb:b7:60:31:e5:e0:13:8f:8d:d3:9a:23:f9:de:47:ff:c3:5e:43:c1:14:4c:ea:27:d4:6a:5a:b1:cb:5f +-----BEGIN CERTIFICATE----- +MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH +MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI +2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx +1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ +q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz +tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ +vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV +5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY +1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4 +NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG +Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91 +8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe +pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl +MrY= +-----END CERTIFICATE----- + +# Issuer: CN=DigiCert Global Root G3 O=DigiCert Inc OU=www.digicert.com +# Subject: CN=DigiCert Global Root G3 O=DigiCert Inc OU=www.digicert.com +# Label: "DigiCert Global Root G3" +# Serial: 7089244469030293291760083333884364146 +# MD5 Fingerprint: f5:5d:a4:50:a5:fb:28:7e:1e:0f:0d:cc:96:57:56:ca +# SHA1 Fingerprint: 7e:04:de:89:6a:3e:66:6d:00:e6:87:d3:3f:fa:d9:3b:e8:3d:34:9e +# SHA256 Fingerprint: 31:ad:66:48:f8:10:41:38:c7:38:f3:9e:a4:32:01:33:39:3e:3a:18:cc:02:29:6e:f9:7c:2a:c9:ef:67:31:d0 +-----BEGIN CERTIFICATE----- +MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw +CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu +ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe +Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw +EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x +IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF +K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG +fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO +Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd +BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx +AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/ +oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8 +sycX +-----END CERTIFICATE----- + +# Issuer: CN=DigiCert Trusted Root G4 O=DigiCert Inc OU=www.digicert.com +# Subject: CN=DigiCert Trusted Root G4 O=DigiCert Inc OU=www.digicert.com +# Label: "DigiCert Trusted Root G4" +# Serial: 7451500558977370777930084869016614236 +# MD5 Fingerprint: 78:f2:fc:aa:60:1f:2f:b4:eb:c9:37:ba:53:2e:75:49 +# SHA1 Fingerprint: dd:fb:16:cd:49:31:c9:73:a2:03:7d:3f:c8:3a:4d:7d:77:5d:05:e4 +# SHA256 Fingerprint: 55:2f:7b:dc:f1:a7:af:9e:6c:e6:72:01:7f:4f:12:ab:f7:72:40:c7:8e:76:1a:c2:03:d1:d9:d2:0a:c8:99:88 +-----BEGIN CERTIFICATE----- +MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg +RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV +UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu +Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y +ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If +xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV +ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO +DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ +jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/ +CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi +EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM +fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY +uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK +chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t +9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB +hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD +ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2 +SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd ++SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc +fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa +sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N +cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N +0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie +4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI +r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1 +/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm +gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+ +-----END CERTIFICATE----- + +# Issuer: CN=COMODO RSA Certification Authority O=COMODO CA Limited +# Subject: CN=COMODO RSA Certification Authority O=COMODO CA Limited +# Label: "COMODO RSA Certification Authority" +# Serial: 101909084537582093308941363524873193117 +# MD5 Fingerprint: 1b:31:b0:71:40:36:cc:14:36:91:ad:c4:3e:fd:ec:18 +# SHA1 Fingerprint: af:e5:d2:44:a8:d1:19:42:30:ff:47:9f:e2:f8:97:bb:cd:7a:8c:b4 +# SHA256 Fingerprint: 52:f0:e1:c4:e5:8e:c6:29:29:1b:60:31:7f:07:46:71:b8:5d:7e:a8:0d:5b:07:27:34:63:53:4b:32:b4:02:34 +-----BEGIN CERTIFICATE----- +MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB +hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G +A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV +BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5 +MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT +EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR +Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR +6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X +pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC +9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV +/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf +Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z ++pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w +qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah +SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC +u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf +Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq +crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E +FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB +/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl +wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM +4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV +2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna +FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ +CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK +boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke +jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL +S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb +QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl +0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB +NVOFBkpdn627G190 +-----END CERTIFICATE----- + +# Issuer: CN=USERTrust RSA Certification Authority O=The USERTRUST Network +# Subject: CN=USERTrust RSA Certification Authority O=The USERTRUST Network +# Label: "USERTrust RSA Certification Authority" +# Serial: 2645093764781058787591871645665788717 +# MD5 Fingerprint: 1b:fe:69:d1:91:b7:19:33:a3:72:a8:0f:e1:55:e5:b5 +# SHA1 Fingerprint: 2b:8f:1b:57:33:0d:bb:a2:d0:7a:6c:51:f7:0e:e9:0d:da:b9:ad:8e +# SHA256 Fingerprint: e7:93:c9:b0:2f:d8:aa:13:e2:1c:31:22:8a:cc:b0:81:19:64:3b:74:9c:89:89:64:b1:74:6d:46:c3:d4:cb:d2 +-----BEGIN CERTIFICATE----- +MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB +iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl +cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV +BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw +MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV +BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU +aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy +dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B +3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY +tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ +Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2 +VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT +79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6 +c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT +Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l +c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee +UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE +Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd +BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G +A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF +Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO +VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3 +ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs +8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR +iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze +Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ +XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/ +qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB +VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB +L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG +jjxDah2nGN59PRbxYvnKkKj9 +-----END CERTIFICATE----- + +# Issuer: CN=USERTrust ECC Certification Authority O=The USERTRUST Network +# Subject: CN=USERTrust ECC Certification Authority O=The USERTRUST Network +# Label: "USERTrust ECC Certification Authority" +# Serial: 123013823720199481456569720443997572134 +# MD5 Fingerprint: fa:68:bc:d9:b5:7f:ad:fd:c9:1d:06:83:28:cc:24:c1 +# SHA1 Fingerprint: d1:cb:ca:5d:b2:d5:2a:7f:69:3b:67:4d:e5:f0:5a:1d:0c:95:7d:f0 +# SHA256 Fingerprint: 4f:f4:60:d5:4b:9c:86:da:bf:bc:fc:57:12:e0:40:0d:2b:ed:3f:bc:4d:4f:bd:aa:86:e0:6a:dc:d2:a9:ad:7a +-----BEGIN CERTIFICATE----- +MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL +MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl +eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT +JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAx +MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT +Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg +VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlm +aWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqflo +I+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinng +o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G +A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD +VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB +zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW +RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= +-----END CERTIFICATE----- + +# Issuer: CN=GlobalSign O=GlobalSign OU=GlobalSign ECC Root CA - R4 +# Subject: CN=GlobalSign O=GlobalSign OU=GlobalSign ECC Root CA - R4 +# Label: "GlobalSign ECC Root CA - R4" +# Serial: 14367148294922964480859022125800977897474 +# MD5 Fingerprint: 20:f0:27:68:d1:7e:a0:9d:0e:e6:2a:ca:df:5c:89:8e +# SHA1 Fingerprint: 69:69:56:2e:40:80:f4:24:a1:e7:19:9f:14:ba:f3:ee:58:ab:6a:bb +# SHA256 Fingerprint: be:c9:49:11:c2:95:56:76:db:6c:0a:55:09:86:d7:6e:3b:a0:05:66:7c:44:2c:97:62:b4:fb:b7:73:de:22:8c +-----BEGIN CERTIFICATE----- +MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk +MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH +bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX +DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD +QSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprlOQcJ +FspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAw +DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61F +uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX +kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs +ewv4n4Q= +-----END CERTIFICATE----- + +# Issuer: CN=GlobalSign O=GlobalSign OU=GlobalSign ECC Root CA - R5 +# Subject: CN=GlobalSign O=GlobalSign OU=GlobalSign ECC Root CA - R5 +# Label: "GlobalSign ECC Root CA - R5" +# Serial: 32785792099990507226680698011560947931244 +# MD5 Fingerprint: 9f:ad:3b:1c:02:1e:8a:ba:17:74:38:81:0c:a2:bc:08 +# SHA1 Fingerprint: 1f:24:c6:30:cd:a4:18:ef:20:69:ff:ad:4f:dd:5f:46:3a:1b:69:aa +# SHA256 Fingerprint: 17:9f:bc:14:8a:3d:d0:0f:d2:4e:a1:34:58:cc:43:bf:a7:f5:9c:81:82:d7:83:a5:13:f6:eb:ec:10:0c:89:24 +-----BEGIN CERTIFICATE----- +MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk +MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH +bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX +DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD +QSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6SFkc +8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8ke +hOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD +VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYI +KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg +515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO +xwy8p2Fp8fc74SrL+SvzZpA3 +-----END CERTIFICATE----- + +# Issuer: CN=Staat der Nederlanden EV Root CA O=Staat der Nederlanden +# Subject: CN=Staat der Nederlanden EV Root CA O=Staat der Nederlanden +# Label: "Staat der Nederlanden EV Root CA" +# Serial: 10000013 +# MD5 Fingerprint: fc:06:af:7b:e8:1a:f1:9a:b4:e8:d2:70:1f:c0:f5:ba +# SHA1 Fingerprint: 76:e2:7e:c1:4f:db:82:c1:c0:a6:75:b5:05:be:3d:29:b4:ed:db:bb +# SHA256 Fingerprint: 4d:24:91:41:4c:fe:95:67:46:ec:4c:ef:a6:cf:6f:72:e2:8a:13:29:43:2f:9d:8a:90:7a:c4:cb:5d:ad:c1:5a +-----BEGIN CERTIFICATE----- +MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO +TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh +dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0y +MjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg +TmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBS +b290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkkSzrS +M4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nC +UiY4iKTWO0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3d +Z//BYY1jTw+bbRcwJu+r0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46p +rfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13l +pJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gVXJrm0w912fxBmJc+qiXb +j5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr08C+eKxC +KFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS +/ZbV0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0X +cgOPvZuM5l5Tnrmd74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH +1vI4gnPah1vlPNOePqc7nvQDs/nxfRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrP +px9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB +/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwaivsnuL8wbqg7 +MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI +eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u +2dfOWBfoqSmuc0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHS +v4ilf0X8rLiltTMMgsT7B/Zq5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTC +wPTxGfARKbalGAKb12NMcIxHowNDXLldRqANb/9Zjr7dn3LDWyvfjFvO5QxGbJKy +CqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tNf1zuacpzEPuKqf2e +vTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi5Dp6 +Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIa +Gl6I6lD4WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeL +eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8 +FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc +7uzXLg== +-----END CERTIFICATE----- + +# Issuer: CN=IdenTrust Commercial Root CA 1 O=IdenTrust +# Subject: CN=IdenTrust Commercial Root CA 1 O=IdenTrust +# Label: "IdenTrust Commercial Root CA 1" +# Serial: 13298821034946342390520003877796839426 +# MD5 Fingerprint: b3:3e:77:73:75:ee:a0:d3:e3:7e:49:63:49:59:bb:c7 +# SHA1 Fingerprint: df:71:7e:aa:4a:d9:4e:c9:55:84:99:60:2d:48:de:5f:bc:f0:3a:25 +# SHA256 Fingerprint: 5d:56:49:9b:e4:d2:e0:8b:cf:ca:d0:8a:3e:38:72:3d:50:50:3b:de:70:69:48:e4:2f:55:60:30:19:e5:28:ae +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK +MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu +VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQw +MTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScw +JQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ldhNlT +3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU ++ehcCuz/mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gp +S0l4PJNgiCL8mdo2yMKi1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1 +bVoE/c40yiTcdCMbXTMTEl3EASX2MN0CXZ/g1Ue9tOsbobtJSdifWwLziuQkkORi +T0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl3ZBWzvurpWCdxJ35UrCL +vYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzyNeVJSQjK +Vsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZK +dHzVWYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHT +c+XvvqDtMwt0viAgxGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hv +l7yTmvmcEpB4eoCHFddydJxVdHixuuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5N +iGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB +/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZIhvcNAQELBQAD +ggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH +6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwt +LRvM7Kqas6pgghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93 +nAbowacYXVKV7cndJZ5t+qntozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3 ++wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmVYjzlVYA211QC//G5Xc7UI2/YRYRK +W2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUXfeu+h1sXIFRRk0pT +AwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/rokTLq +l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG +4iZZRHUe2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZ +mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A +7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H +-----END CERTIFICATE----- + +# Issuer: CN=IdenTrust Public Sector Root CA 1 O=IdenTrust +# Subject: CN=IdenTrust Public Sector Root CA 1 O=IdenTrust +# Label: "IdenTrust Public Sector Root CA 1" +# Serial: 13298821034946342390521976156843933698 +# MD5 Fingerprint: 37:06:a5:b0:fc:89:9d:ba:f4:6b:8c:1a:64:cd:d5:ba +# SHA1 Fingerprint: ba:29:41:60:77:98:3f:f4:f3:ef:f2:31:05:3b:2e:ea:6d:4d:45:fd +# SHA256 Fingerprint: 30:d0:89:5a:9a:44:8a:26:20:91:63:55:22:d1:f5:20:10:b5:86:7a:ca:e1:2c:78:ef:95:8f:d4:f4:38:9f:2f +-----BEGIN CERTIFICATE----- +MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN +MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu +VHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcN +MzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0 +MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwggIi +MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTyP4o7 +ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGy +RBb06tD6Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlS +bdsHyo+1W/CD80/HLaXIrcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF +/YTLNiCBWS2ab21ISGHKTN9T0a9SvESfqy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R +3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoSmJxZZoY+rfGwyj4GD3vw +EUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFnol57plzy +9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9V +GxyhLrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ +2fjXctscvG29ZV/viDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsV +WaFHVCkugyhfHMKiq3IXAAaOReyL4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gD +W/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ +BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMwDQYJKoZIhvcN +AQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj +t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHV +DRDtfULAj+7AmgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9 +TaDKQGXSc3z1i9kKlT/YPyNtGtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8G +lwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFtm6/n6J91eEyrRjuazr8FGF1NFTwW +mhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMxNRF4eKLg6TCMf4Df +WN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4Mhn5 ++bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJ +tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA +GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv +8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c +-----END CERTIFICATE----- + +# Issuer: CN=Entrust Root Certification Authority - G2 O=Entrust, Inc. OU=See www.entrust.net/legal-terms/(c) 2009 Entrust, Inc. - for authorized use only +# Subject: CN=Entrust Root Certification Authority - G2 O=Entrust, Inc. OU=See www.entrust.net/legal-terms/(c) 2009 Entrust, Inc. - for authorized use only +# Label: "Entrust Root Certification Authority - G2" +# Serial: 1246989352 +# MD5 Fingerprint: 4b:e2:c9:91:96:65:0c:f4:0e:5a:93:92:a0:0a:fe:b2 +# SHA1 Fingerprint: 8c:f4:27:fd:79:0c:3a:d1:66:06:8d:e8:1e:57:ef:bb:93:22:72:d4 +# SHA256 Fingerprint: 43:df:57:74:b0:3e:7f:ef:5f:e4:0d:93:1a:7b:ed:f1:bb:2e:6b:42:73:8c:4e:6d:38:41:10:3d:3a:a7:f3:39 +-----BEGIN CERTIFICATE----- +MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC +VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50 +cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs +IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz +dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy +NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu +dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt +dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0 +aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj +YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T +RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN +cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW +wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1 +U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0 +jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP +BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN +BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/ +jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ +Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v +1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R +nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH +VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g== +-----END CERTIFICATE----- + +# Issuer: CN=Entrust Root Certification Authority - EC1 O=Entrust, Inc. OU=See www.entrust.net/legal-terms/(c) 2012 Entrust, Inc. - for authorized use only +# Subject: CN=Entrust Root Certification Authority - EC1 O=Entrust, Inc. OU=See www.entrust.net/legal-terms/(c) 2012 Entrust, Inc. - for authorized use only +# Label: "Entrust Root Certification Authority - EC1" +# Serial: 51543124481930649114116133369 +# MD5 Fingerprint: b6:7e:1d:f0:58:c5:49:6c:24:3b:3d:ed:98:18:ed:bc +# SHA1 Fingerprint: 20:d8:06:40:df:9b:25:f5:12:25:3a:11:ea:f7:59:8a:eb:14:b5:47 +# SHA256 Fingerprint: 02:ed:0e:b2:8c:14:da:45:16:5c:56:67:91:70:0d:64:51:d7:fb:56:f0:b2:ab:1d:3b:8e:b0:70:e5:6e:df:f5 +-----BEGIN CERTIFICATE----- +MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG +A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3 +d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVu +dHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UEAxMq +RW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4XDTEy +MTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYwFAYD +VQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0 +L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0g +Zm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBD +ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEVDMTB2MBAGByqGSM49AgEGBSuBBAAi +A2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHyAsWfoPZb1YsGGYZPUxBt +ByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef9eNi1KlH +Bz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O +BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC +R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX +hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G +-----END CERTIFICATE----- + +# Issuer: CN=CFCA EV ROOT O=China Financial Certification Authority +# Subject: CN=CFCA EV ROOT O=China Financial Certification Authority +# Label: "CFCA EV ROOT" +# Serial: 407555286 +# MD5 Fingerprint: 74:e1:b6:ed:26:7a:7a:44:30:33:94:ab:7b:27:81:30 +# SHA1 Fingerprint: e2:b8:29:4b:55:84:ab:6b:58:c2:90:46:6c:ac:3f:b8:39:8f:84:83 +# SHA256 Fingerprint: 5c:c3:d7:8e:4e:1d:5e:45:54:7a:04:e6:87:3e:64:f9:0c:f9:53:6d:1c:cc:2e:f8:00:f3:55:c4:c5:fd:70:fd +-----BEGIN CERTIFICATE----- +MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD +TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y +aXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkx +MjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5j +aWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJP +T1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnVBU03 +sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpL +TIpTUnrD7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5 +/ZOkVIBMUtRSqy5J35DNuF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp +7hZZLDRJGqgG16iI0gNyejLi6mhNbiyWZXvKWfry4t3uMCz7zEasxGPrb382KzRz +EpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7xzbh72fROdOXW3NiGUgt +hxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9fpy25IGvP +a931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqot +aK8KgWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNg +TnYGmE69g60dWIolhdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfV +PKPtl8MeNPo4+QgO48BdK4PRVmrJtqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hv +cWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAfBgNVHSMEGDAWgBTj/i39KNAL +tbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAd +BgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB +ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObT +ej/tUxPQ4i9qecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdL +jOztUmCypAbqTuv0axn96/Ua4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBS +ESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sGE5uPhnEFtC+NiWYzKXZUmhH4J/qy +P5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfXBDrDMlI1Dlb4pd19 +xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjnaH9d +Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN +5mydLIhyPDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe +/v5WOaHIz16eGWRGENoXkbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+Z +AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ +5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su +-----END CERTIFICATE----- + +# Issuer: CN=OISTE WISeKey Global Root GB CA O=WISeKey OU=OISTE Foundation Endorsed +# Subject: CN=OISTE WISeKey Global Root GB CA O=WISeKey OU=OISTE Foundation Endorsed +# Label: "OISTE WISeKey Global Root GB CA" +# Serial: 157768595616588414422159278966750757568 +# MD5 Fingerprint: a4:eb:b9:61:28:2e:b7:2f:98:b0:35:26:90:99:51:1d +# SHA1 Fingerprint: 0f:f9:40:76:18:d3:d7:6a:4b:98:f0:a8:35:9e:0c:fd:27:ac:cc:ed +# SHA256 Fingerprint: 6b:9c:08:e8:6e:b0:f7:67:cf:ad:65:cd:98:b6:21:49:e5:49:4a:67:f5:84:5e:7b:d1:ed:01:9f:27:b8:6b:d6 +-----BEGIN CERTIFICATE----- +MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt +MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg +Rm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9i +YWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAwMzJaFw0zOTEyMDExNTEwMzFaMG0x +CzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBG +b3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2Jh +bCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3 +HEokKtaXscriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGx +WuR51jIjK+FTzJlFXHtPrby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX +1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNk +u7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4oQnc/nSMbsrY9gBQHTC5P +99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvgGUpuuy9r +M2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUB +BAMCAQAwDQYJKoZIhvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrgh +cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5 +gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO +ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf +aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic +Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM= +-----END CERTIFICATE----- + +# Issuer: CN=SZAFIR ROOT CA2 O=Krajowa Izba Rozliczeniowa S.A. +# Subject: CN=SZAFIR ROOT CA2 O=Krajowa Izba Rozliczeniowa S.A. +# Label: "SZAFIR ROOT CA2" +# Serial: 357043034767186914217277344587386743377558296292 +# MD5 Fingerprint: 11:64:c1:89:b0:24:b1:8c:b1:07:7e:89:9e:51:9e:99 +# SHA1 Fingerprint: e2:52:fa:95:3f:ed:db:24:60:bd:6e:28:f3:9c:cc:cf:5e:b3:3f:de +# SHA256 Fingerprint: a1:33:9d:33:28:1a:0b:56:e5:57:d3:d3:2b:1c:e7:f9:36:7e:b0:94:bd:5f:a7:2a:7e:50:04:c8:de:d7:ca:fe +-----BEGIN CERTIFICATE----- +MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL +BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6 +ZW5pb3dhIFMuQS4xGDAWBgNVBAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkw +NzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJBgNVBAYTAlBMMSgwJgYDVQQKDB9L +cmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYDVQQDDA9TWkFGSVIg +Uk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5QqEvN +QLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT +3PSQ1hNKDJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw +3gAeqDRHu5rr/gsUvTaE2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr6 +3fE9biCloBK0TXC5ztdyO4mTp4CEHCdJckm1/zuVnsHMyAHs6A6KCpbns6aH5db5 +BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwiieDhZNRnvDF5YTy7ykHN +XGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD +AgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsF +AAOCAQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw +8PRBEew/R40/cof5O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOG +nXkZ7/e7DDWQw4rtTw/1zBLZpD67oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCP +oky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGy +d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg +LvWpCz/UXeHPhJ/iGcJfitYgHuNztw== +-----END CERTIFICATE----- + +# Issuer: CN=Certum Trusted Network CA 2 O=Unizeto Technologies S.A. OU=Certum Certification Authority +# Subject: CN=Certum Trusted Network CA 2 O=Unizeto Technologies S.A. OU=Certum Certification Authority +# Label: "Certum Trusted Network CA 2" +# Serial: 44979900017204383099463764357512596969 +# MD5 Fingerprint: 6d:46:9e:d9:25:6d:08:23:5b:5e:74:7d:1e:27:db:f2 +# SHA1 Fingerprint: d3:dd:48:3e:2b:bf:4c:05:e8:af:10:f5:fa:76:26:cf:d3:dc:30:92 +# SHA256 Fingerprint: b6:76:f2:ed:da:e8:77:5c:d3:6c:b0:f6:3c:d1:d4:60:39:61:f4:9e:62:65:ba:01:3a:2f:03:07:b6:d0:b8:04 +-----BEGIN CERTIFICATE----- +MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB +gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu +QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIG +A1UEAxMbQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQSAyMCIYDzIwMTExMDA2MDgz +OTU2WhgPMjA0NjEwMDYwODM5NTZaMIGAMQswCQYDVQQGEwJQTDEiMCAGA1UEChMZ +VW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRp +ZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3 +b3JrIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9+Xj45tWA +DGSdhhuWZGc/IjoedQF97/tcZ4zJzFxrqZHmuULlIEub2pt7uZld2ZuAS9eEQCsn +0+i6MLs+CRqnSZXvK0AkwpfHp+6bJe+oCgCXhVqqndwpyeI1B+twTUrWwbNWuKFB +OJvR+zF/j+Bf4bE/D44WSWDXBo0Y+aomEKsq09DRZ40bRr5HMNUuctHFY9rnY3lE +fktjJImGLjQ/KUxSiyqnwOKRKIm5wFv5HdnnJ63/mgKXwcZQkpsCLL2puTRZCr+E +Sv/f/rOf69me4Jgj7KZrdxYq28ytOxykh9xGc14ZYmhFV+SQgkK7QtbwYeDBoz1m +o130GO6IyY0XRSmZMnUCMe4pJshrAua1YkV/NxVaI2iJ1D7eTiew8EAMvE0Xy02i +sx7QBlrd9pPPV3WZ9fqGGmd4s7+W/jTcvedSVuWz5XV710GRBdxdaeOVDUO5/IOW +OZV7bIBaTxNyxtd9KXpEulKkKtVBRgkg/iKgtlswjbyJDNXXcPiHUv3a76xRLgez +Tv7QCdpw75j6VuZt27VXS9zlLCUVyJ4ueE742pyehizKV/Ma5ciSixqClnrDvFAS +adgOWkaLOusm+iPJtrCBvkIApPjW/jAux9JG9uWOdf3yzLnQh1vMBhBgu4M1t15n +3kfsmUjxpKEV/q2MYo45VU85FrmxY53/twIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBS2oVQ5AsOgP46KvPrU+Bym0ToO/TAOBgNVHQ8BAf8EBAMC +AQYwDQYJKoZIhvcNAQENBQADggIBAHGlDs7k6b8/ONWJWsQCYftMxRQXLYtPU2sQ +F/xlhMcQSZDe28cmk4gmb3DWAl45oPePq5a1pRNcgRRtDoGCERuKTsZPpd1iHkTf +CVn0W3cLN+mLIMb4Ck4uWBzrM9DPhmDJ2vuAL55MYIR4PSFk1vtBHxgP58l1cb29 +XN40hz5BsA72udY/CROWFC/emh1auVbONTqwX3BNXuMp8SMoclm2q8KMZiYcdywm +djWLKKdpoPk79SPdhRB0yZADVpHnr7pH1BKXESLjokmUbOe3lEu6LaTaM4tMpkT/ +WjzGHWTYtTHkpjx6qFcL2+1hGsvxznN3Y6SHb0xRONbkX8eftoEq5IVIeVheO/jb +AoJnwTnbw3RLPTYe+SmTiGhbqEQZIfCn6IENLOiTNrQ3ssqwGyZ6miUfmpqAnksq +P/ujmv5zMnHCnsZy4YpoJ/HkD7TETKVhk/iXEAcqMCWpuchxuO9ozC1+9eB+D4Ko +b7a6bINDd82Kkhehnlt4Fj1F4jNy3eFmypnTycUm/Q1oBEauttmbjL4ZvrHG8hnj +XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P +5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7zAYspsbi +DrW5viSP +-----END CERTIFICATE----- + +# Issuer: CN=Hellenic Academic and Research Institutions RootCA 2015 O=Hellenic Academic and Research Institutions Cert. Authority +# Subject: CN=Hellenic Academic and Research Institutions RootCA 2015 O=Hellenic Academic and Research Institutions Cert. Authority +# Label: "Hellenic Academic and Research Institutions RootCA 2015" +# Serial: 0 +# MD5 Fingerprint: ca:ff:e2:db:03:d9:cb:4b:e9:0f:ad:84:fd:7b:18:ce +# SHA1 Fingerprint: 01:0c:06:95:a6:98:19:14:ff:bf:5f:c6:b0:b6:95:ea:29:e9:12:a6 +# SHA256 Fingerprint: a0:40:92:9a:02:ce:53:b4:ac:f4:f2:ff:c6:98:1c:e4:49:6f:75:5e:6d:45:fe:0b:2a:69:2b:cd:52:52:3f:36 +-----BEGIN CERTIFICATE----- +MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix +DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k +IFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNVBAMT +N0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgUm9v +dENBIDIwMTUwHhcNMTUwNzA3MTAxMTIxWhcNNDAwNjMwMTAxMTIxWjCBpjELMAkG +A1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNh +ZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkx +QDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 +dGlvbnMgUm9vdENBIDIwMTUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC +AQDC+Kk/G4n8PDwEXT2QNrCROnk8ZlrvbTkBSRq0t89/TSNTt5AA4xMqKKYx8ZEA +4yjsriFBzh/a/X0SWwGDD7mwX5nh8hKDgE0GPt+sr+ehiGsxr/CL0BgzuNtFajT0 +AoAkKAoCFZVedioNmToUW/bLy1O8E00BiDeUJRtCvCLYjqOWXjrZMts+6PAQZe10 +4S+nfK8nNLspfZu2zwnI5dMK/IhlZXQK3HMcXM1AsRzUtoSMTFDPaI6oWa7CJ06C +ojXdFPQf/7J31Ycvqm59JCfnxssm5uX+Zwdj2EUN3TpZZTlYepKZcj2chF6IIbjV +9Cz82XBST3i4vTwri5WY9bPRaM8gFH5MXF/ni+X1NYEZN9cRCLdmvtNKzoNXADrD +gfgXy5I2XdGj2HUb4Ysn6npIQf1FGQatJ5lOwXBH3bWfgVMS5bGMSF0xQxfjjMZ6 +Y5ZLKTBOhE5iGV48zpeQpX8B653g+IuJ3SWYPZK2fu/Z8VFRfS0myGlZYeCsargq +NhEEelC9MoS+L9xy1dcdFkfkR2YgP/SWxa+OAXqlD3pk9Q0Yh9muiNX6hME6wGko +LfINaFGq46V3xqSQDqE3izEjR8EJCOtu93ib14L8hCCZSRm2Ekax+0VVFqmjZayc +Bw/qa9wfLgZy7IaIEuQt218FL+TwA9MmM+eAws1CoRc0CwIDAQABo0IwQDAPBgNV +HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUcRVnyMjJvXVd +ctA4GGqd83EkVAswDQYJKoZIhvcNAQELBQADggIBAHW7bVRLqhBYRjTyYtcWNl0I +XtVsyIe9tC5G8jH4fOpCtZMWVdyhDBKg2mF+D1hYc2Ryx+hFjtyp8iY/xnmMsVMI +M4GwVhO+5lFc2JsKT0ucVlMC6U/2DWDqTUJV6HwbISHTGzrMd/K4kPFox/la/vot +9L/J9UUbzjgQKjeKeaO04wlshYaT/4mWJ3iBj2fjRnRUjtkNaeJK9E10A/+yd+2V +Z5fkscWrv2oj6NSU4kQoYsRL4vDY4ilrGnB+JGGTe08DMiUNRSQrlrRGar9KC/ea +j8GsGsVn82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnh +X9izjFk0WaSrT2y7HxjbdavYy5LNlDhhDgcGH0tGEPEVvo2FXDtKK4F5D7Rpn0lQ +l033DlZdwJVqwjbDG2jJ9SrcR5q+ss7FJej6A7na+RZukYT1HCjI/CbM1xyQVqdf +bzoEvM14iQuODy+jqk+iGxI9FghAD/FGTNeqewjBCvVtJ94Cj8rDtSvK6evIIVM4 +pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGaJI7ZjnHK +e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0 +vm9qp/UsQu0yrbYhnr68 +-----END CERTIFICATE----- + +# Issuer: CN=Hellenic Academic and Research Institutions ECC RootCA 2015 O=Hellenic Academic and Research Institutions Cert. Authority +# Subject: CN=Hellenic Academic and Research Institutions ECC RootCA 2015 O=Hellenic Academic and Research Institutions Cert. Authority +# Label: "Hellenic Academic and Research Institutions ECC RootCA 2015" +# Serial: 0 +# MD5 Fingerprint: 81:e5:b4:17:eb:c2:f5:e1:4b:0d:41:7b:49:92:fe:ef +# SHA1 Fingerprint: 9f:f1:71:8d:92:d5:9a:f3:7d:74:97:b4:bc:6f:84:68:0b:ba:b6:66 +# SHA256 Fingerprint: 44:b5:45:aa:8a:25:e6:5a:73:ca:15:dc:27:fc:36:d2:4c:1c:b9:95:3a:06:65:39:b1:15:82:dc:48:7b:48:33 +-----BEGIN CERTIFICATE----- +MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN +BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hl +bGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgRUNDIFJv +b3RDQSAyMDE1MB4XDTE1MDcwNzEwMzcxMloXDTQwMDYzMDEwMzcxMlowgaoxCzAJ +BgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFj +YWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5 +MUQwQgYDVQQDEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0 +dXRpb25zIEVDQyBSb290Q0EgMjAxNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJKg +QehLgoRc4vgxEZmGZE4JJS+dQS8KrjVPdJWyUWRrjWvmP3CV8AVER6ZyOFB2lQJa +jq4onvktTpnvLEhvTCUp6NFxW98dwXU3tNf6e3pCnGoKVlp8aQuqgAkkbH7BRqNC +MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFLQi +C4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaep +lSTAGiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7Sof +TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR +-----END CERTIFICATE----- + +# Issuer: CN=ISRG Root X1 O=Internet Security Research Group +# Subject: CN=ISRG Root X1 O=Internet Security Research Group +# Label: "ISRG Root X1" +# Serial: 172886928669790476064670243504169061120 +# MD5 Fingerprint: 0c:d2:f9:e0:da:17:73:e9:ed:86:4d:a5:e3:70:e7:4e +# SHA1 Fingerprint: ca:bd:2a:79:a1:07:6a:31:f2:1d:25:36:35:cb:03:9d:43:29:a5:e8 +# SHA256 Fingerprint: 96:bc:ec:06:26:49:76:f3:74:60:77:9a:cf:28:c5:a7:cf:e8:a3:c0:aa:e1:1a:8f:fc:ee:05:c0:bd:df:08:c6 +-----BEGIN CERTIFICATE----- +MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 +WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu +ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY +MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc +h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ +0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U +A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW +T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH +B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC +B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv +KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn +OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn +jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw +qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI +rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq +hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL +ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ +3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK +NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 +ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur +TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC +jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc +oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq +4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA +mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d +emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= +-----END CERTIFICATE----- + +# Issuer: O=FNMT-RCM OU=AC RAIZ FNMT-RCM +# Subject: O=FNMT-RCM OU=AC RAIZ FNMT-RCM +# Label: "AC RAIZ FNMT-RCM" +# Serial: 485876308206448804701554682760554759 +# MD5 Fingerprint: e2:09:04:b4:d3:bd:d1:a0:14:fd:1a:d2:47:c4:57:1d +# SHA1 Fingerprint: ec:50:35:07:b2:15:c4:95:62:19:e2:a8:9a:5b:42:99:2c:4c:2c:20 +# SHA256 Fingerprint: eb:c5:57:0c:29:01:8c:4d:67:b1:aa:12:7b:af:12:f7:03:b4:61:1e:bc:17:b7:da:b5:57:38:94:17:9b:93:fa +-----BEGIN CERTIFICATE----- +MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx +CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ +WiBGTk1ULVJDTTAeFw0wODEwMjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJ +BgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBG +Tk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALpxgHpMhm5/ +yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcfqQgf +BBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAz +WHFctPVrbtQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxF +tBDXaEAUwED653cXeuYLj2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z +374jNUUeAlz+taibmSXaXvMiwzn15Cou08YfxGyqxRxqAQVKL9LFwag0Jl1mpdIC +IfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mwWsXmo8RZZUc1g16p6DUL +mbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnTtOmlcYF7 +wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peS +MKGJ47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2 +ZSysV4999AeU14ECll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMet +UqIJ5G+GR4of6ygnXYMgrwTJbFaai0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUw +AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPd9xf3E6Jobd2Sn9R2gzL+H +YJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwOi8vd3d3 +LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQsFAAOCAgEAB5BK3/MjTvDD +nFFlm5wioooMhfNzKWtN/gHiqQxjAb8EZ6WdmF/9ARP67Jpi6Yb+tmLSbkyU+8B1 +RXxlDPiyN8+sD8+Nb/kZ94/sHvJwnvDKuO+3/3Y3dlv2bojzr2IyIpMNOmqOFGYM +LVN0V2Ue1bLdI4E7pWYjJ2cJj+F3qkPNZVEI7VFY/uY5+ctHhKQV8Xa7pO6kO8Rf +77IzlhEYt8llvhjho6Tc+hj507wTmzl6NLrTQfv6MooqtyuGC2mDOL7Nii4LcK2N +JpLuHvUBKwrZ1pebbuCoGRw6IYsMHkCtA+fdZn71uSANA+iW+YJF1DngoABd15jm +fZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7Ixjp +6o7RTUaN8Tvkasq6+yO3m/qZASlaWFot4/nUbQ4mrcFuNLwy+AwF+mWj2zs3gyLp +1txyM/1d8iC9djwj2ij3+RvrWWTV3F9yfiD8zYm1kGdNYno/Tq0dwzn+evQoFt9B +9kiABdcPUXmsEKvU7ANm5mqwujGSQkBqvjrTcuFqN1W8rB2Vt2lh8kORdOag0wok +RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv +uu8wd+RU4riEmViAqhOLUTpPSPaLtrM= +-----END CERTIFICATE----- + +# Issuer: CN=Amazon Root CA 1 O=Amazon +# Subject: CN=Amazon Root CA 1 O=Amazon +# Label: "Amazon Root CA 1" +# Serial: 143266978916655856878034712317230054538369994 +# MD5 Fingerprint: 43:c6:bf:ae:ec:fe:ad:2f:18:c6:88:68:30:fc:c8:e6 +# SHA1 Fingerprint: 8d:a7:f9:65:ec:5e:fc:37:91:0f:1c:6e:59:fd:c1:cc:6a:6e:de:16 +# SHA256 Fingerprint: 8e:cd:e6:88:4f:3d:87:b1:12:5b:a3:1a:c3:fc:b1:3d:70:16:de:7f:57:cc:90:4f:e1:cb:97:c6:ae:98:19:6e +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF +ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 +b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL +MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv +b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj +ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM +9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw +IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6 +VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L +93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm +jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA +A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI +U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs +N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv +o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU +5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy +rqXRfboQnoZsG4q5WTP468SQvvG5 +-----END CERTIFICATE----- + +# Issuer: CN=Amazon Root CA 2 O=Amazon +# Subject: CN=Amazon Root CA 2 O=Amazon +# Label: "Amazon Root CA 2" +# Serial: 143266982885963551818349160658925006970653239 +# MD5 Fingerprint: c8:e5:8d:ce:a8:42:e2:7a:c0:2a:5c:7c:9e:26:bf:66 +# SHA1 Fingerprint: 5a:8c:ef:45:d7:a6:98:59:76:7a:8c:8b:44:96:b5:78:cf:47:4b:1a +# SHA256 Fingerprint: 1b:a5:b2:aa:8c:65:40:1a:82:96:01:18:f8:0b:ec:4f:62:30:4d:83:ce:c4:71:3a:19:c3:9c:01:1e:a4:6d:b4 +-----BEGIN CERTIFICATE----- +MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF +ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 +b24gUm9vdCBDQSAyMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTEL +MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv +b3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK2Wny2cSkxK +gXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4kHbZ +W0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg +1dKmSYXpN+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K +8nu+NQWpEjTj82R0Yiw9AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r +2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvdfLC6HM783k81ds8P+HgfajZRRidhW+me +z/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAExkv8LV/SasrlX6avvDXbR +8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSSbtqDT6Zj +mUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz +7Mt0Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6 ++XUyo05f7O0oYtlNc/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI +0u1ufm8/0i2BWSlmy5A5lREedCf+3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB +Af8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSwDPBMMPQFWAJI/TPlUq9LhONm +UjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oAA7CXDpO8Wqj2 +LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY ++gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kS +k5Nrp+gvU5LEYFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl +7uxMMne0nxrpS10gxdr9HIcWxkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygm +btmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQgj9sAq+uEjonljYE1x2igGOpm/Hl +urR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbWaQbLU8uz/mtBzUF+ +fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoVYh63 +n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE +76KlXIx3KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H +9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT +4PsJYGw= +-----END CERTIFICATE----- + +# Issuer: CN=Amazon Root CA 3 O=Amazon +# Subject: CN=Amazon Root CA 3 O=Amazon +# Label: "Amazon Root CA 3" +# Serial: 143266986699090766294700635381230934788665930 +# MD5 Fingerprint: a0:d4:ef:0b:f7:b5:d8:49:95:2a:ec:f5:c4:fc:81:87 +# SHA1 Fingerprint: 0d:44:dd:8c:3c:8c:1a:1a:58:75:64:81:e9:0f:2e:2a:ff:b3:d2:6e +# SHA256 Fingerprint: 18:ce:6c:fe:7b:f1:4e:60:b2:e3:47:b8:df:e8:68:cb:31:d0:2e:bb:3a:da:27:15:69:f5:03:43:b4:6d:b3:a4 +-----BEGIN CERTIFICATE----- +MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5 +MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g +Um9vdCBDQSAzMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG +A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg +Q0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZBf8ANm+gBG1bG8lKl +ui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjrZt6j +QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSr +ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr +BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM +YyRIHN8wfdVoOw== +-----END CERTIFICATE----- + +# Issuer: CN=Amazon Root CA 4 O=Amazon +# Subject: CN=Amazon Root CA 4 O=Amazon +# Label: "Amazon Root CA 4" +# Serial: 143266989758080763974105200630763877849284878 +# MD5 Fingerprint: 89:bc:27:d5:eb:17:8d:06:6a:69:d5:fd:89:47:b4:cd +# SHA1 Fingerprint: f6:10:84:07:d6:f8:bb:67:98:0c:c2:e2:44:c2:eb:ae:1c:ef:63:be +# SHA256 Fingerprint: e3:5d:28:41:9e:d0:20:25:cf:a6:90:38:cd:62:39:62:45:8d:a5:c6:95:fb:de:a3:c2:2b:0b:fb:25:89:70:92 +-----BEGIN CERTIFICATE----- +MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5 +MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g +Um9vdCBDQSA0MB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG +A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg +Q0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN/sGKe0uoe0ZLY7Bi +9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri83Bk +M6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB +/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WB +MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw +CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW +1KyLa2tJElMzrdfkviT8tQp21KW8EA== +-----END CERTIFICATE----- + +# Issuer: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK OU=Kamu Sertifikasyon Merkezi - Kamu SM +# Subject: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK OU=Kamu Sertifikasyon Merkezi - Kamu SM +# Label: "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1" +# Serial: 1 +# MD5 Fingerprint: dc:00:81:dc:69:2f:3e:2f:b0:3b:f6:3d:5a:91:8e:49 +# SHA1 Fingerprint: 31:43:64:9b:ec:ce:27:ec:ed:3a:3f:0b:8f:0d:e4:e8:91:dd:ee:ca +# SHA256 Fingerprint: 46:ed:c3:68:90:46:d5:3a:45:3f:b3:10:4a:b8:0d:ca:ec:65:8b:26:60:ea:16:29:dd:7e:86:79:90:64:87:16 +-----BEGIN CERTIFICATE----- +MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx +GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp +bXNlbCB2ZSBUZWtub2xvamlrIEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0w +KwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24gTWVya2V6aSAtIEthbXUgU00xNjA0 +BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRpZmlrYXNpIC0gU3Vy +dW0gMTAeFw0xMzExMjUwODI1NTVaFw00MzEwMjUwODI1NTVaMIHSMQswCQYDVQQG +EwJUUjEYMBYGA1UEBxMPR2ViemUgLSBLb2NhZWxpMUIwQAYDVQQKEzlUdXJraXll +IEJpbGltc2VsIHZlIFRla25vbG9qaWsgQXJhc3Rpcm1hIEt1cnVtdSAtIFRVQklU +QUsxLTArBgNVBAsTJEthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppIC0gS2FtdSBT +TTE2MDQGA1UEAxMtVFVCSVRBSyBLYW11IFNNIFNTTCBLb2sgU2VydGlmaWthc2kg +LSBTdXJ1bSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3UwM6q7 +a9OZLBI3hNmNe5eA027n/5tQlT6QlVZC1xl8JoSNkvoBHToP4mQ4t4y86Ij5iySr +LqP1N+RAjhgleYN1Hzv/bKjFxlb4tO2KRKOrbEz8HdDc72i9z+SqzvBV96I01INr +N3wcwv61A+xXzry0tcXtAA9TNypN9E8Mg/uGz8v+jE69h/mniyFXnHrfA2eJLJ2X +YacQuFWQfw4tJzh03+f92k4S400VIgLI4OD8D62K18lUUMw7D8oWgITQUVbDjlZ/ +iSIzL+aFCr2lqBs23tPcLG07xxO9WSMs5uWk99gL7eqQQESolbuT1dCANLZGeA4f +AJNG4e7p+exPFwIDAQABo0IwQDAdBgNVHQ4EFgQUZT/HiobGPN08VFw1+DrtUgxH +V8gwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL +BQADggEBACo/4fEyjq7hmFxLXs9rHmoJ0iKpEsdeV31zVmSAhHqT5Am5EM2fKifh +AHe+SMg1qIGf5LgsyX8OsNJLN13qudULXjS99HMpw+0mFZx+CFOKWI3QSyjfwbPf +IPP54+M638yclNhOT8NrF7f3cuitZjO1JVOr4PhMqZ398g26rrnZqsZr+ZO7rqu4 +lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c +8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0jq5Rm+K37DwhuJi1/FwcJsoz7UMCf +lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM= +-----END CERTIFICATE----- + +# Issuer: CN=GDCA TrustAUTH R5 ROOT O=GUANG DONG CERTIFICATE AUTHORITY CO.,LTD. +# Subject: CN=GDCA TrustAUTH R5 ROOT O=GUANG DONG CERTIFICATE AUTHORITY CO.,LTD. +# Label: "GDCA TrustAUTH R5 ROOT" +# Serial: 9009899650740120186 +# MD5 Fingerprint: 63:cc:d9:3d:34:35:5c:6f:53:a3:e2:08:70:48:1f:b4 +# SHA1 Fingerprint: 0f:36:38:5b:81:1a:25:c3:9b:31:4e:83:ca:e9:34:66:70:cc:74:b4 +# SHA256 Fingerprint: bf:ff:8f:d0:44:33:48:7d:6a:8a:a6:0c:1a:29:76:7a:9f:c2:bb:b0:5e:42:0f:71:3a:13:b9:92:89:1d:38:93 +-----BEGIN CERTIFICATE----- +MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE +BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ +IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0 +MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV +BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w +HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj +Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj +TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u +KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj +qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm +MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12 +ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP +zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk +L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC +jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA +HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC +AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB +/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg +p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm +DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5 +COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry +L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf +JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg +IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io +2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV +09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ +XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq +T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe +MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g== +-----END CERTIFICATE----- + +# Issuer: CN=TrustCor RootCert CA-1 O=TrustCor Systems S. de R.L. OU=TrustCor Certificate Authority +# Subject: CN=TrustCor RootCert CA-1 O=TrustCor Systems S. de R.L. OU=TrustCor Certificate Authority +# Label: "TrustCor RootCert CA-1" +# Serial: 15752444095811006489 +# MD5 Fingerprint: 6e:85:f1:dc:1a:00:d3:22:d5:b2:b2:ac:6b:37:05:45 +# SHA1 Fingerprint: ff:bd:cd:e7:82:c8:43:5e:3c:6f:26:86:5c:ca:a8:3a:45:5b:c3:0a +# SHA256 Fingerprint: d4:0e:9c:86:cd:8f:e4:68:c1:77:69:59:f4:9e:a7:74:fa:54:86:84:b6:c4:06:f3:90:92:61:f4:dc:e2:57:5c +-----BEGIN CERTIFICATE----- +MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD +VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk +MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U +cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y +IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB +pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h +IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG +A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU +cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid +RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V +seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme +9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV +EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW +hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/ +DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw +DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD +ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I +/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf +ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ +yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts +L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN +zl/HHk484IkzlQsPpTLWPFp5LBk= +-----END CERTIFICATE----- + +# Issuer: CN=TrustCor RootCert CA-2 O=TrustCor Systems S. de R.L. OU=TrustCor Certificate Authority +# Subject: CN=TrustCor RootCert CA-2 O=TrustCor Systems S. de R.L. OU=TrustCor Certificate Authority +# Label: "TrustCor RootCert CA-2" +# Serial: 2711694510199101698 +# MD5 Fingerprint: a2:e1:f8:18:0b:ba:45:d5:c7:41:2a:bb:37:52:45:64 +# SHA1 Fingerprint: b8:be:6d:cb:56:f1:55:b9:63:d4:12:ca:4e:06:34:c7:94:b2:1c:c0 +# SHA256 Fingerprint: 07:53:e9:40:37:8c:1b:d5:e3:83:6e:39:5d:ae:a5:cb:83:9e:50:46:f1:bd:0e:ae:19:51:cf:10:fe:c7:c9:65 +-----BEGIN CERTIFICATE----- +MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV +BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw +IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy +dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig +Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk +MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg +Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD +VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy +dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+ +QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq +1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp +2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK +DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape +az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF +3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88 +oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM +g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3 +mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh +8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd +BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U +nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw +DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX +dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+ +MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL +/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX +CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa +ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW +2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7 +N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3 +Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB +As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp +5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu +1uwJ +-----END CERTIFICATE----- + +# Issuer: CN=TrustCor ECA-1 O=TrustCor Systems S. de R.L. OU=TrustCor Certificate Authority +# Subject: CN=TrustCor ECA-1 O=TrustCor Systems S. de R.L. OU=TrustCor Certificate Authority +# Label: "TrustCor ECA-1" +# Serial: 9548242946988625984 +# MD5 Fingerprint: 27:92:23:1d:0a:f5:40:7c:e9:e6:6b:9d:d8:f5:e7:6c +# SHA1 Fingerprint: 58:d1:df:95:95:67:6b:63:c0:f0:5b:1c:17:4d:8b:84:0b:c8:78:bd +# SHA256 Fingerprint: 5a:88:5d:b1:9c:01:d9:12:c5:75:93:88:93:8c:af:bb:df:03:1a:b2:d4:8e:91:ee:15:58:9b:42:97:1d:03:9c +-----BEGIN CERTIFICATE----- +MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD +VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk +MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U +cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y +IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV +BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw +IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy +dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig +RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb +3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA +BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5 +3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou +owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/ +wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF +ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf +BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/ +MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv +civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2 +AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F +hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50 +soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI +WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi +tJ/X5g== +-----END CERTIFICATE----- + +# Issuer: CN=SSL.com Root Certification Authority RSA O=SSL Corporation +# Subject: CN=SSL.com Root Certification Authority RSA O=SSL Corporation +# Label: "SSL.com Root Certification Authority RSA" +# Serial: 8875640296558310041 +# MD5 Fingerprint: 86:69:12:c0:70:f1:ec:ac:ac:c2:d5:bc:a5:5b:a1:29 +# SHA1 Fingerprint: b7:ab:33:08:d1:ea:44:77:ba:14:80:12:5a:6f:bd:a9:36:49:0c:bb +# SHA256 Fingerprint: 85:66:6a:56:2e:e0:be:5c:e9:25:c1:d8:89:0a:6f:76:a8:7e:c1:6d:4d:7d:5f:29:ea:74:19:cf:20:12:3b:69 +-----BEGIN CERTIFICATE----- +MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE +BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK +DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp +Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz +OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv +dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv +bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN +AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R +xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX +qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC +C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3 +6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh +/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF +YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E +JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc +US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8 +ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm ++Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi +M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV +HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G +A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV +cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc +Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs +PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/ +q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0 +cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr +a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I +H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y +K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu +nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf +oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY +Ic2wBlX7Jz9TkHCpBB5XJ7k= +-----END CERTIFICATE----- + +# Issuer: CN=SSL.com Root Certification Authority ECC O=SSL Corporation +# Subject: CN=SSL.com Root Certification Authority ECC O=SSL Corporation +# Label: "SSL.com Root Certification Authority ECC" +# Serial: 8495723813297216424 +# MD5 Fingerprint: 2e:da:e4:39:7f:9c:8f:37:d1:70:9f:26:17:51:3a:8e +# SHA1 Fingerprint: c3:19:7c:39:24:e6:54:af:1b:c4:ab:20:95:7a:e2:c3:0e:13:02:6a +# SHA256 Fingerprint: 34:17:bb:06:cc:60:07:da:1b:96:1c:92:0b:8a:b4:ce:3f:ad:82:0e:4a:a3:0b:9a:cb:c4:a7:4e:bd:ce:bc:65 +-----BEGIN CERTIFICATE----- +MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC +VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T +U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0 +aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz +WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0 +b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS +b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB +BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI +7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg +CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud +EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD +VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T +kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+ +gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl +-----END CERTIFICATE----- + +# Issuer: CN=SSL.com EV Root Certification Authority RSA R2 O=SSL Corporation +# Subject: CN=SSL.com EV Root Certification Authority RSA R2 O=SSL Corporation +# Label: "SSL.com EV Root Certification Authority RSA R2" +# Serial: 6248227494352943350 +# MD5 Fingerprint: e1:1e:31:58:1a:ae:54:53:02:f6:17:6a:11:7b:4d:95 +# SHA1 Fingerprint: 74:3a:f0:52:9b:d0:32:a0:f4:4a:83:cd:d4:ba:a9:7b:7c:2e:c4:9a +# SHA256 Fingerprint: 2e:7b:f1:6c:c2:24:85:a7:bb:e2:aa:86:96:75:07:61:b0:ae:39:be:3b:2f:e9:d0:cc:6d:4e:f7:34:91:42:5c +-----BEGIN CERTIFICATE----- +MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV +BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE +CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy +dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy +MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G +A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD +DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq +M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf +OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa +4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9 +HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR +aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA +b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ +Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV +PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO +pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu +UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY +MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV +HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4 +9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW +s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5 +Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg +cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM +79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz +/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt +ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm +Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK +QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ +w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi +S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07 +mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w== +-----END CERTIFICATE----- + +# Issuer: CN=SSL.com EV Root Certification Authority ECC O=SSL Corporation +# Subject: CN=SSL.com EV Root Certification Authority ECC O=SSL Corporation +# Label: "SSL.com EV Root Certification Authority ECC" +# Serial: 3182246526754555285 +# MD5 Fingerprint: 59:53:22:65:83:42:01:54:c0:ce:42:b9:5a:7c:f2:90 +# SHA1 Fingerprint: 4c:dd:51:a3:d1:f5:20:32:14:b0:c6:c5:32:23:03:91:c7:46:42:6d +# SHA256 Fingerprint: 22:a2:c1:f7:bd:ed:70:4c:c1:e7:01:b5:f4:08:c3:10:88:0f:e9:56:b5:de:2a:4a:44:f9:9c:87:3a:25:a7:c8 +-----BEGIN CERTIFICATE----- +MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC +VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T +U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp +Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx +NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv +dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv +bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49 +AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA +VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku +WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP +MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX +5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ +ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg +h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg== +-----END CERTIFICATE----- + +# Issuer: CN=GlobalSign O=GlobalSign OU=GlobalSign Root CA - R6 +# Subject: CN=GlobalSign O=GlobalSign OU=GlobalSign Root CA - R6 +# Label: "GlobalSign Root CA - R6" +# Serial: 1417766617973444989252670301619537 +# MD5 Fingerprint: 4f:dd:07:e4:d4:22:64:39:1e:0c:37:42:ea:d1:c6:ae +# SHA1 Fingerprint: 80:94:64:0e:b5:a7:a1:ca:11:9c:1f:dd:d5:9f:81:02:63:a7:fb:d1 +# SHA256 Fingerprint: 2c:ab:ea:fe:37:d0:6c:a2:2a:ba:73:91:c0:03:3d:25:98:29:52:c4:53:64:73:49:76:3a:3a:b5:ad:6c:cf:69 +-----BEGIN CERTIFICATE----- +MIIFgzCCA2ugAwIBAgIORea7A4Mzw4VlSOb/RVEwDQYJKoZIhvcNAQEMBQAwTDEg +MB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjYxEzARBgNVBAoTCkdsb2Jh +bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTQxMjEwMDAwMDAwWhcNMzQx +MjEwMDAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjET +MBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCAiIwDQYJ +KoZIhvcNAQEBBQADggIPADCCAgoCggIBAJUH6HPKZvnsFMp7PPcNCPG0RQssgrRI +xutbPK6DuEGSMxSkb3/pKszGsIhrxbaJ0cay/xTOURQh7ErdG1rG1ofuTToVBu1k +ZguSgMpE3nOUTvOniX9PeGMIyBJQbUJmL025eShNUhqKGoC3GYEOfsSKvGRMIRxD +aNc9PIrFsmbVkJq3MQbFvuJtMgamHvm566qjuL++gmNQ0PAYid/kD3n16qIfKtJw +LnvnvJO7bVPiSHyMEAc4/2ayd2F+4OqMPKq0pPbzlUoSB239jLKJz9CgYXfIWHSw +1CM69106yqLbnQneXUQtkPGBzVeS+n68UARjNN9rkxi+azayOeSsJDa38O+2HBNX +k7besvjihbdzorg1qkXy4J02oW9UivFyVm4uiMVRQkQVlO6jxTiWm05OWgtH8wY2 +SXcwvHE35absIQh1/OZhFj931dmRl4QKbNQCTXTAFO39OfuD8l4UoQSwC+n+7o/h +bguyCLNhZglqsQY6ZZZZwPA1/cnaKI0aEYdwgQqomnUdnjqGBQCe24DWJfncBZ4n +WUx2OVvq+aWh2IMP0f/fMBH5hc8zSPXKbWQULHpYT9NLCEnFlWQaYw55PfWzjMpY +rZxCRXluDocZXFSxZba/jJvcE+kNb7gu3GduyYsRtYQUigAZcIN5kZeR1Bonvzce +MgfYFGM8KEyvAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSubAWjkxPioufi1xzWx/B/yGdToDAfBgNVHSMEGDAWgBSu +bAWjkxPioufi1xzWx/B/yGdToDANBgkqhkiG9w0BAQwFAAOCAgEAgyXt6NH9lVLN +nsAEoJFp5lzQhN7craJP6Ed41mWYqVuoPId8AorRbrcWc+ZfwFSY1XS+wc3iEZGt +Ixg93eFyRJa0lV7Ae46ZeBZDE1ZXs6KzO7V33EByrKPrmzU+sQghoefEQzd5Mr61 +55wsTLxDKZmOMNOsIeDjHfrYBzN2VAAiKrlNIC5waNrlU/yDXNOd8v9EDERm8tLj +vUYAGm0CuiVdjaExUd1URhxN25mW7xocBFymFe944Hn+Xds+qkxV/ZoVqW/hpvvf +cDDpw+5CRu3CkwWJ+n1jez/QcYF8AOiYrg54NMMl+68KnyBr3TsTjxKM4kEaSHpz +oHdpx7Zcf4LIHv5YGygrqGytXm3ABdJ7t+uA/iU3/gKbaKxCXcPu9czc8FB10jZp +nOZ7BN9uBmm23goJSFmH63sUYHpkqmlD75HHTOwY3WzvUy2MmeFe8nI+z1TIvWfs +pA9MRf/TuTAjB0yPEL+GltmZWrSZVxykzLsViVO6LAUP5MSeGbEYNNVMnbrt9x+v +JJUEeKgDu+6B5dpffItKoZB0JaezPkvILFa9x8jvOOJckvB595yEunQtYQEgfn7R +8k8HWV+LLUNS60YMlOH1Zkd5d9VUWx+tJDfLRVpOoERIyNiwmcUVhAn21klJwGW4 +5hpxbqCo8YLoRT5s1gLXCmeDBVrJpBA= +-----END CERTIFICATE----- + +# Issuer: CN=OISTE WISeKey Global Root GC CA O=WISeKey OU=OISTE Foundation Endorsed +# Subject: CN=OISTE WISeKey Global Root GC CA O=WISeKey OU=OISTE Foundation Endorsed +# Label: "OISTE WISeKey Global Root GC CA" +# Serial: 44084345621038548146064804565436152554 +# MD5 Fingerprint: a9:d6:b9:2d:2f:93:64:f8:a5:69:ca:91:e9:68:07:23 +# SHA1 Fingerprint: e0:11:84:5e:34:de:be:88:81:b9:9c:f6:16:26:d1:96:1f:c3:b9:31 +# SHA256 Fingerprint: 85:60:f9:1c:36:24:da:ba:95:70:b5:fe:a0:db:e3:6f:f1:1a:83:23:be:94:86:85:4f:b3:f3:4a:55:71:19:8d +-----BEGIN CERTIFICATE----- +MIICaTCCAe+gAwIBAgIQISpWDK7aDKtARb8roi066jAKBggqhkjOPQQDAzBtMQsw +CQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUgRm91 +bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwg +Um9vdCBHQyBDQTAeFw0xNzA1MDkwOTQ4MzRaFw00MjA1MDkwOTU4MzNaMG0xCzAJ +BgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBGb3Vu +ZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2JhbCBS +b290IEdDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAETOlQwMYPchi82PG6s4ni +eUqjFqdrVCTbUf/q9Akkwwsin8tqJ4KBDdLArzHkdIJuyiXZjHWd8dvQmqJLIX4W +p2OQ0jnUsYd4XxiWD1AbNTcPasbc2RNNpI6QN+a9WzGRo1QwUjAOBgNVHQ8BAf8E +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUSIcUrOPDnpBgOtfKie7T +rYy0UGYwEAYJKwYBBAGCNxUBBAMCAQAwCgYIKoZIzj0EAwMDaAAwZQIwJsdpW9zV +57LnyAyMjMPdeYwbY9XJUpROTYJKcx6ygISpJcBMWm1JKWB4E+J+SOtkAjEA2zQg +Mgj/mkkCtojeFK9dbJlxjRo/i9fgojaGHAeCOnZT/cKi7e97sIBPWA9LUzm9 +-----END CERTIFICATE----- + +# Issuer: CN=GTS Root R1 O=Google Trust Services LLC +# Subject: CN=GTS Root R1 O=Google Trust Services LLC +# Label: "GTS Root R1" +# Serial: 146587175971765017618439757810265552097 +# MD5 Fingerprint: 82:1a:ef:d4:d2:4a:f2:9f:e2:3d:97:06:14:70:72:85 +# SHA1 Fingerprint: e1:c9:50:e6:ef:22:f8:4c:56:45:72:8b:92:20:60:d7:d5:a7:a3:e8 +# SHA256 Fingerprint: 2a:57:54:71:e3:13:40:bc:21:58:1c:bd:2c:f1:3e:15:84:63:20:3e:ce:94:bc:f9:d3:cc:19:6b:f0:9a:54:72 +-----BEGIN CERTIFICATE----- +MIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH +MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM +QzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy +MDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl +cnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM +f/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX +mX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7 +zUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P +fyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc +vfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4 +Zor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp +zBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO +Rc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW +k70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+ +DVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF +lQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV +HQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW +Cu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1 +d5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z +XPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR +gyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3 +d8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv +J4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg +DdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM ++SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy +F62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9 +SQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws +E3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl +-----END CERTIFICATE----- + +# Issuer: CN=GTS Root R2 O=Google Trust Services LLC +# Subject: CN=GTS Root R2 O=Google Trust Services LLC +# Label: "GTS Root R2" +# Serial: 146587176055767053814479386953112547951 +# MD5 Fingerprint: 44:ed:9a:0e:a4:09:3b:00:f2:ae:4c:a3:c6:61:b0:8b +# SHA1 Fingerprint: d2:73:96:2a:2a:5e:39:9f:73:3f:e1:c7:1e:64:3f:03:38:34:fc:4d +# SHA256 Fingerprint: c4:5d:7b:b0:8e:6d:67:e6:2e:42:35:11:0b:56:4e:5f:78:fd:92:ef:05:8c:84:0a:ea:4e:64:55:d7:58:5c:60 +-----BEGIN CERTIFICATE----- +MIIFWjCCA0KgAwIBAgIQbkepxlqz5yDFMJo/aFLybzANBgkqhkiG9w0BAQwFADBH +MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM +QzEUMBIGA1UEAxMLR1RTIFJvb3QgUjIwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy +MDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl +cnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjIwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQDO3v2m++zsFDQ8BwZabFn3GTXd98GdVarTzTukk3Lv +CvptnfbwhYBboUhSnznFt+4orO/LdmgUud+tAWyZH8QiHZ/+cnfgLFuv5AS/T3Kg +GjSY6Dlo7JUle3ah5mm5hRm9iYz+re026nO8/4Piy33B0s5Ks40FnotJk9/BW9Bu +XvAuMC6C/Pq8tBcKSOWIm8Wba96wyrQD8Nr0kLhlZPdcTK3ofmZemde4wj7I0BOd +re7kRXuJVfeKH2JShBKzwkCX44ofR5GmdFrS+LFjKBC4swm4VndAoiaYecb+3yXu +PuWgf9RhD1FLPD+M2uFwdNjCaKH5wQzpoeJ/u1U8dgbuak7MkogwTZq9TwtImoS1 +mKPV+3PBV2HdKFZ1E66HjucMUQkQdYhMvI35ezzUIkgfKtzra7tEscszcTJGr61K +8YzodDqs5xoic4DSMPclQsciOzsSrZYuxsN2B6ogtzVJV+mSSeh2FnIxZyuWfoqj +x5RWIr9qS34BIbIjMt/kmkRtWVtd9QCgHJvGeJeNkP+byKq0rxFROV7Z+2et1VsR +nTKaG73VululycslaVNVJ1zgyjbLiGH7HrfQy+4W+9OmTN6SpdTi3/UGVN4unUu0 +kzCqgc7dGtxRcw1PcOnlthYhGXmy5okLdWTK1au8CcEYof/UVKGFPP0UJAOyh9Ok +twIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV +HQ4EFgQUu//KjiOfT5nK2+JopqUVJxce2Q4wDQYJKoZIhvcNAQEMBQADggIBALZp +8KZ3/p7uC4Gt4cCpx/k1HUCCq+YEtN/L9x0Pg/B+E02NjO7jMyLDOfxA325BS0JT +vhaI8dI4XsRomRyYUpOM52jtG2pzegVATX9lO9ZY8c6DR2Dj/5epnGB3GFW1fgiT +z9D2PGcDFWEJ+YF59exTpJ/JjwGLc8R3dtyDovUMSRqodt6Sm2T4syzFJ9MHwAiA +pJiS4wGWAqoC7o87xdFtCjMwc3i5T1QWvwsHoaRc5svJXISPD+AVdyx+Jn7axEvb +pxZ3B7DNdehyQtaVhJ2Gg/LkkM0JR9SLA3DaWsYDQvTtN6LwG1BUSw7YhN4ZKJmB +R64JGz9I0cNv4rBgF/XuIwKl2gBbbZCr7qLpGzvpx0QnRY5rn/WkhLx3+WuXrD5R +RaIRpsyF7gpo8j5QOHokYh4XIDdtak23CZvJ/KRY9bb7nE4Yu5UC56GtmwfuNmsk +0jmGwZODUNKBRqhfYlcsu2xkiAhu7xNUX90txGdj08+JN7+dIPT7eoOboB6BAFDC +5AwiWVIQ7UNWhwD4FFKnHYuTjKJNRn8nxnGbJN7k2oaLDX5rIMHAnuFl2GqjpuiF +izoHCBy69Y9Vmhh1fuXsgWbRIXOhNUQLgD1bnF5vKheW0YMjiGZt5obicDIvUiLn +yOd/xCxgXS/Dr55FBcOEArf9LAhST4Ldo/DUhgkC +-----END CERTIFICATE----- + +# Issuer: CN=GTS Root R3 O=Google Trust Services LLC +# Subject: CN=GTS Root R3 O=Google Trust Services LLC +# Label: "GTS Root R3" +# Serial: 146587176140553309517047991083707763997 +# MD5 Fingerprint: 1a:79:5b:6b:04:52:9c:5d:c7:74:33:1b:25:9a:f9:25 +# SHA1 Fingerprint: 30:d4:24:6f:07:ff:db:91:89:8a:0b:e9:49:66:11:eb:8c:5e:46:e5 +# SHA256 Fingerprint: 15:d5:b8:77:46:19:ea:7d:54:ce:1c:a6:d0:b0:c4:03:e0:37:a9:17:f1:31:e8:a0:4e:1e:6b:7a:71:ba:bc:e5 +-----BEGIN CERTIFICATE----- +MIICDDCCAZGgAwIBAgIQbkepx2ypcyRAiQ8DVd2NHTAKBggqhkjOPQQDAzBHMQsw +CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU +MBIGA1UEAxMLR1RTIFJvb3QgUjMwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw +MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp +Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjMwdjAQBgcqhkjOPQIBBgUrgQQA +IgNiAAQfTzOHMymKoYTey8chWEGJ6ladK0uFxh1MJ7x/JlFyb+Kf1qPKzEUURout +736GjOyxfi//qXGdGIRFBEFVbivqJn+7kAHjSxm65FSWRQmx1WyRRK2EE46ajA2A +DDL24CejQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud +DgQWBBTB8Sa6oC2uhYHP0/EqEr24Cmf9vDAKBggqhkjOPQQDAwNpADBmAjEAgFuk +fCPAlaUs3L6JbyO5o91lAFJekazInXJ0glMLfalAvWhgxeG4VDvBNhcl2MG9AjEA +njWSdIUlUfUk7GRSJFClH9voy8l27OyCbvWFGFPouOOaKaqW04MjyaR7YbPMAuhd +-----END CERTIFICATE----- + +# Issuer: CN=GTS Root R4 O=Google Trust Services LLC +# Subject: CN=GTS Root R4 O=Google Trust Services LLC +# Label: "GTS Root R4" +# Serial: 146587176229350439916519468929765261721 +# MD5 Fingerprint: 5d:b6:6a:c4:60:17:24:6a:1a:99:a8:4b:ee:5e:b4:26 +# SHA1 Fingerprint: 2a:1d:60:27:d9:4a:b1:0a:1c:4d:91:5c:cd:33:a0:cb:3e:2d:54:cb +# SHA256 Fingerprint: 71:cc:a5:39:1f:9e:79:4b:04:80:25:30:b3:63:e1:21:da:8a:30:43:bb:26:66:2f:ea:4d:ca:7f:c9:51:a4:bd +-----BEGIN CERTIFICATE----- +MIICCjCCAZGgAwIBAgIQbkepyIuUtui7OyrYorLBmTAKBggqhkjOPQQDAzBHMQsw +CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU +MBIGA1UEAxMLR1RTIFJvb3QgUjQwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw +MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp +Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjQwdjAQBgcqhkjOPQIBBgUrgQQA +IgNiAATzdHOnaItgrkO4NcWBMHtLSZ37wWHO5t5GvWvVYRg1rkDdc/eJkTBa6zzu +hXyiQHY7qca4R9gq55KRanPpsXI5nymfopjTX15YhmUPoYRlBtHci8nHc8iMai/l +xKvRHYqjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud +DgQWBBSATNbrdP9JNqPV2Py1PsVq8JQdjDAKBggqhkjOPQQDAwNnADBkAjBqUFJ0 +CMRw3J5QdCHojXohw0+WbhXRIjVhLfoIN+4Zba3bssx9BzT1YBkstTTZbyACMANx +sbqjYAuG7ZoIapVon+Kz4ZNkfF6Tpt95LY2F45TPI11xzPKwTdb+mciUqXWi4w== +-----END CERTIFICATE----- + +# Issuer: CN=UCA Global G2 Root O=UniTrust +# Subject: CN=UCA Global G2 Root O=UniTrust +# Label: "UCA Global G2 Root" +# Serial: 124779693093741543919145257850076631279 +# MD5 Fingerprint: 80:fe:f0:c4:4a:f0:5c:62:32:9f:1c:ba:78:a9:50:f8 +# SHA1 Fingerprint: 28:f9:78:16:19:7a:ff:18:25:18:aa:44:fe:c1:a0:ce:5c:b6:4c:8a +# SHA256 Fingerprint: 9b:ea:11:c9:76:fe:01:47:64:c1:be:56:a6:f9:14:b5:a5:60:31:7a:bd:99:88:39:33:82:e5:16:1a:a0:49:3c +-----BEGIN CERTIFICATE----- +MIIFRjCCAy6gAwIBAgIQXd+x2lqj7V2+WmUgZQOQ7zANBgkqhkiG9w0BAQsFADA9 +MQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxGzAZBgNVBAMMElVDQSBH +bG9iYWwgRzIgUm9vdDAeFw0xNjAzMTEwMDAwMDBaFw00MDEyMzEwMDAwMDBaMD0x +CzAJBgNVBAYTAkNOMREwDwYDVQQKDAhVbmlUcnVzdDEbMBkGA1UEAwwSVUNBIEds +b2JhbCBHMiBSb290MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxeYr +b3zvJgUno4Ek2m/LAfmZmqkywiKHYUGRO8vDaBsGxUypK8FnFyIdK+35KYmToni9 +kmugow2ifsqTs6bRjDXVdfkX9s9FxeV67HeToI8jrg4aA3++1NDtLnurRiNb/yzm +VHqUwCoV8MmNsHo7JOHXaOIxPAYzRrZUEaalLyJUKlgNAQLx+hVRZ2zA+te2G3/R +VogvGjqNO7uCEeBHANBSh6v7hn4PJGtAnTRnvI3HLYZveT6OqTwXS3+wmeOwcWDc +C/Vkw85DvG1xudLeJ1uK6NjGruFZfc8oLTW4lVYa8bJYS7cSN8h8s+1LgOGN+jIj +tm+3SJUIsUROhYw6AlQgL9+/V087OpAh18EmNVQg7Mc/R+zvWr9LesGtOxdQXGLY +D0tK3Cv6brxzks3sx1DoQZbXqX5t2Okdj4q1uViSukqSKwxW/YDrCPBeKW4bHAyv +j5OJrdu9o54hyokZ7N+1wxrrFv54NkzWbtA+FxyQF2smuvt6L78RHBgOLXMDj6Dl +NaBa4kx1HXHhOThTeEDMg5PXCp6dW4+K5OXgSORIskfNTip1KnvyIvbJvgmRlld6 +iIis7nCs+dwp4wwcOxJORNanTrAmyPPZGpeRaOrvjUYG0lZFWJo8DA+DuAUlwznP +O6Q0ibd5Ei9Hxeepl2n8pndntd978XplFeRhVmUCAwEAAaNCMEAwDgYDVR0PAQH/ +BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFIHEjMz15DD/pQwIX4wV +ZyF0Ad/fMA0GCSqGSIb3DQEBCwUAA4ICAQATZSL1jiutROTL/7lo5sOASD0Ee/oj +L3rtNtqyzm325p7lX1iPyzcyochltq44PTUbPrw7tgTQvPlJ9Zv3hcU2tsu8+Mg5 +1eRfB70VVJd0ysrtT7q6ZHafgbiERUlMjW+i67HM0cOU2kTC5uLqGOiiHycFutfl +1qnN3e92mI0ADs0b+gO3joBYDic/UvuUospeZcnWhNq5NXHzJsBPd+aBJ9J3O5oU +b3n09tDh05S60FdRvScFDcH9yBIw7m+NESsIndTUv4BFFJqIRNow6rSn4+7vW4LV +PtateJLbXDzz2K36uGt/xDYotgIVilQsnLAXc47QN6MUPJiVAAwpBVueSUmxX8fj +y88nZY41F7dXyDDZQVu5FLbowg+UMaeUmMxq67XhJ/UQqAHojhJi6IjMtX9Gl8Cb +EGY4GjZGXyJoPd/JxhMnq1MGrKI8hgZlb7F+sSlEmqO6SWkoaY/X5V+tBIZkbxqg +DMUIYs6Ao9Dz7GjevjPHF1t/gMRMTLGmhIrDO7gJzRSBuhjjVFc2/tsvfEehOjPI ++Vg7RE+xygKJBJYoaMVLuCaJu9YzL1DV/pqJuhgyklTGW+Cd+V7lDSKb9triyCGy +YiGqhkCyLmTTX8jjfhFnRR8F/uOi77Oos/N9j/gMHyIfLXC0uAE0djAA5SN4p1bX +UB+K+wb1whnw0A== +-----END CERTIFICATE----- + +# Issuer: CN=UCA Extended Validation Root O=UniTrust +# Subject: CN=UCA Extended Validation Root O=UniTrust +# Label: "UCA Extended Validation Root" +# Serial: 106100277556486529736699587978573607008 +# MD5 Fingerprint: a1:f3:5f:43:c6:34:9b:da:bf:8c:7e:05:53:ad:96:e2 +# SHA1 Fingerprint: a3:a1:b0:6f:24:61:23:4a:e3:36:a5:c2:37:fc:a6:ff:dd:f0:d7:3a +# SHA256 Fingerprint: d4:3a:f9:b3:54:73:75:5c:96:84:fc:06:d7:d8:cb:70:ee:5c:28:e7:73:fb:29:4e:b4:1e:e7:17:22:92:4d:24 +-----BEGIN CERTIFICATE----- +MIIFWjCCA0KgAwIBAgIQT9Irj/VkyDOeTzRYZiNwYDANBgkqhkiG9w0BAQsFADBH +MQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxJTAjBgNVBAMMHFVDQSBF +eHRlbmRlZCBWYWxpZGF0aW9uIFJvb3QwHhcNMTUwMzEzMDAwMDAwWhcNMzgxMjMx +MDAwMDAwWjBHMQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxJTAjBgNV +BAMMHFVDQSBFeHRlbmRlZCBWYWxpZGF0aW9uIFJvb3QwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQCpCQcoEwKwmeBkqh5DFnpzsZGgdT6o+uM4AHrsiWog +D4vFsJszA1qGxliG1cGFu0/GnEBNyr7uaZa4rYEwmnySBesFK5pI0Lh2PpbIILvS +sPGP2KxFRv+qZ2C0d35qHzwaUnoEPQc8hQ2E0B92CvdqFN9y4zR8V05WAT558aop +O2z6+I9tTcg1367r3CTueUWnhbYFiN6IXSV8l2RnCdm/WhUFhvMJHuxYMjMR83dk +sHYf5BA1FxvyDrFspCqjc/wJHx4yGVMR59mzLC52LqGj3n5qiAno8geK+LLNEOfi +c0CTuwjRP+H8C5SzJe98ptfRr5//lpr1kXuYC3fUfugH0mK1lTnj8/FtDw5lhIpj +VMWAtuCeS31HJqcBCF3RiJ7XwzJE+oJKCmhUfzhTA8ykADNkUVkLo4KRel7sFsLz +KuZi2irbWWIQJUoqgQtHB0MGcIfS+pMRKXpITeuUx3BNr2fVUbGAIAEBtHoIppB/ +TuDvB0GHr2qlXov7z1CymlSvw4m6WC31MJixNnI5fkkE/SmnTHnkBVfblLkWU41G +sx2VYVdWf6/wFlthWG82UBEL2KwrlRYaDh8IzTY0ZRBiZtWAXxQgXy0MoHgKaNYs +1+lvK9JKBZP8nm9rZ/+I8U6laUpSNwXqxhaN0sSZ0YIrO7o1dfdRUVjzyAfd5LQD +fwIDAQABo0IwQDAdBgNVHQ4EFgQU2XQ65DA9DfcS3H5aBZ8eNJr34RQwDwYDVR0T +AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBADaN +l8xCFWQpN5smLNb7rhVpLGsaGvdftvkHTFnq88nIua7Mui563MD1sC3AO6+fcAUR +ap8lTwEpcOPlDOHqWnzcSbvBHiqB9RZLcpHIojG5qtr8nR/zXUACE/xOHAbKsxSQ +VBcZEhrxH9cMaVr2cXj0lH2RC47skFSOvG+hTKv8dGT9cZr4QQehzZHkPJrgmzI5 +c6sq1WnIeJEmMX3ixzDx/BR4dxIOE/TdFpS/S2d7cFOFyrC78zhNLJA5wA3CXWvp +4uXViI3WLL+rG761KIcSF3Ru/H38j9CHJrAb+7lsq+KePRXBOy5nAliRn+/4Qh8s +t2j1da3Ptfb/EX3C8CSlrdP6oDyp+l3cpaDvRKS+1ujl5BOWF3sGPjLtx7dCvHaj +2GU4Kzg1USEODm8uNBNA4StnDG1KQTAYI1oyVZnJF+A83vbsea0rWBmirSwiGpWO +vpaQXUJXxPkUAzUrHC1RVwinOt4/5Mi0A3PCwSaAuwtCH60NryZy2sy+s6ODWA2C +xR9GUeOcGMyNm43sSet1UNWMKFnKdDTajAshqx7qG+XH/RU+wBeq+yNuJkbL+vmx +cmtpzyKEC2IPrNkZAJSidjzULZrtBJ4tBmIQN1IchXIbJ+XMxjHsN+xjWZsLHXbM +fjKaiJUINlK73nZfdklJrX+9ZSCyycErdhh2n1ax +-----END CERTIFICATE----- + +# Issuer: CN=Certigna Root CA O=Dhimyotis OU=0002 48146308100036 +# Subject: CN=Certigna Root CA O=Dhimyotis OU=0002 48146308100036 +# Label: "Certigna Root CA" +# Serial: 269714418870597844693661054334862075617 +# MD5 Fingerprint: 0e:5c:30:62:27:eb:5b:bc:d7:ae:62:ba:e9:d5:df:77 +# SHA1 Fingerprint: 2d:0d:52:14:ff:9e:ad:99:24:01:74:20:47:6e:6c:85:27:27:f5:43 +# SHA256 Fingerprint: d4:8d:3d:23:ee:db:50:a4:59:e5:51:97:60:1c:27:77:4b:9d:7b:18:c9:4d:5a:05:95:11:a1:02:50:b9:31:68 +-----BEGIN CERTIFICATE----- +MIIGWzCCBEOgAwIBAgIRAMrpG4nxVQMNo+ZBbcTjpuEwDQYJKoZIhvcNAQELBQAw +WjELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczEcMBoGA1UECwwTMDAw +MiA0ODE0NjMwODEwMDAzNjEZMBcGA1UEAwwQQ2VydGlnbmEgUm9vdCBDQTAeFw0x +MzEwMDEwODMyMjdaFw0zMzEwMDEwODMyMjdaMFoxCzAJBgNVBAYTAkZSMRIwEAYD +VQQKDAlEaGlteW90aXMxHDAaBgNVBAsMEzAwMDIgNDgxNDYzMDgxMDAwMzYxGTAX +BgNVBAMMEENlcnRpZ25hIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw +ggIKAoICAQDNGDllGlmx6mQWDoyUJJV8g9PFOSbcDO8WV43X2KyjQn+Cyu3NW9sO +ty3tRQgXstmzy9YXUnIo245Onoq2C/mehJpNdt4iKVzSs9IGPjA5qXSjklYcoW9M +CiBtnyN6tMbaLOQdLNyzKNAT8kxOAkmhVECe5uUFoC2EyP+YbNDrihqECB63aCPu +I9Vwzm1RaRDuoXrC0SIxwoKF0vJVdlB8JXrJhFwLrN1CTivngqIkicuQstDuI7pm +TLtipPlTWmR7fJj6o0ieD5Wupxj0auwuA0Wv8HT4Ks16XdG+RCYyKfHx9WzMfgIh +C59vpD++nVPiz32pLHxYGpfhPTc3GGYo0kDFUYqMwy3OU4gkWGQwFsWq4NYKpkDf +ePb1BHxpE4S80dGnBs8B92jAqFe7OmGtBIyT46388NtEbVncSVmurJqZNjBBe3Yz +IoejwpKGbvlw7q6Hh5UbxHq9MfPU0uWZ/75I7HX1eBYdpnDBfzwboZL7z8g81sWT +Co/1VTp2lc5ZmIoJlXcymoO6LAQ6l73UL77XbJuiyn1tJslV1c/DeVIICZkHJC1k +JWumIWmbat10TWuXekG9qxf5kBdIjzb5LdXF2+6qhUVB+s06RbFo5jZMm5BX7CO5 +hwjCxAnxl4YqKE3idMDaxIzb3+KhF1nOJFl0Mdp//TBt2dzhauH8XwIDAQABo4IB +GjCCARYwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE +FBiHVuBud+4kNTxOc5of1uHieX4rMB8GA1UdIwQYMBaAFBiHVuBud+4kNTxOc5of +1uHieX4rMEQGA1UdIAQ9MDswOQYEVR0gADAxMC8GCCsGAQUFBwIBFiNodHRwczov +L3d3d3cuY2VydGlnbmEuZnIvYXV0b3JpdGVzLzBtBgNVHR8EZjBkMC+gLaArhilo +dHRwOi8vY3JsLmNlcnRpZ25hLmZyL2NlcnRpZ25hcm9vdGNhLmNybDAxoC+gLYYr +aHR0cDovL2NybC5kaGlteW90aXMuY29tL2NlcnRpZ25hcm9vdGNhLmNybDANBgkq +hkiG9w0BAQsFAAOCAgEAlLieT/DjlQgi581oQfccVdV8AOItOoldaDgvUSILSo3L +6btdPrtcPbEo/uRTVRPPoZAbAh1fZkYJMyjhDSSXcNMQH+pkV5a7XdrnxIxPTGRG +HVyH41neQtGbqH6mid2PHMkwgu07nM3A6RngatgCdTer9zQoKJHyBApPNeNgJgH6 +0BGM+RFq7q89w1DTj18zeTyGqHNFkIwgtnJzFyO+B2XleJINugHA64wcZr+shncB +lA2c5uk5jR+mUYyZDDl34bSb+hxnV29qao6pK0xXeXpXIs/NX2NGjVxZOob4Mkdi +o2cNGJHc+6Zr9UhhcyNZjgKnvETq9Emd8VRY+WCv2hikLyhF3HqgiIZd8zvn/yk1 +gPxkQ5Tm4xxvvq0OKmOZK8l+hfZx6AYDlf7ej0gcWtSS6Cvu5zHbugRqh5jnxV/v +faci9wHYTfmJ0A6aBVmknpjZbyvKcL5kwlWj9Omvw5Ip3IgWJJk8jSaYtlu3zM63 +Nwf9JtmYhST/WSMDmu2dnajkXjjO11INb9I/bbEFa0nOipFGc/T2L/Coc3cOZayh +jWZSaX5LaAzHHjcng6WMxwLkFM1JAbBzs/3GkDpv0mztO+7skb6iQ12LAEpmJURw +3kAP+HwV96LOPNdeE4yBFxgX0b3xdxA61GU5wSesVywlVP+i2k+KYTlerj1KjL0= +-----END CERTIFICATE----- + +# Issuer: CN=emSign Root CA - G1 O=eMudhra Technologies Limited OU=emSign PKI +# Subject: CN=emSign Root CA - G1 O=eMudhra Technologies Limited OU=emSign PKI +# Label: "emSign Root CA - G1" +# Serial: 235931866688319308814040 +# MD5 Fingerprint: 9c:42:84:57:dd:cb:0b:a7:2e:95:ad:b6:f3:da:bc:ac +# SHA1 Fingerprint: 8a:c7:ad:8f:73:ac:4e:c1:b5:75:4d:a5:40:f4:fc:cf:7c:b5:8e:8c +# SHA256 Fingerprint: 40:f6:af:03:46:a9:9a:a1:cd:1d:55:5a:4e:9c:ce:62:c7:f9:63:46:03:ee:40:66:15:83:3d:c8:c8:d0:03:67 +-----BEGIN CERTIFICATE----- +MIIDlDCCAnygAwIBAgIKMfXkYgxsWO3W2DANBgkqhkiG9w0BAQsFADBnMQswCQYD +VQQGEwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBU +ZWNobm9sb2dpZXMgTGltaXRlZDEcMBoGA1UEAxMTZW1TaWduIFJvb3QgQ0EgLSBH +MTAeFw0xODAyMTgxODMwMDBaFw00MzAyMTgxODMwMDBaMGcxCzAJBgNVBAYTAklO +MRMwEQYDVQQLEwplbVNpZ24gUEtJMSUwIwYDVQQKExxlTXVkaHJhIFRlY2hub2xv +Z2llcyBMaW1pdGVkMRwwGgYDVQQDExNlbVNpZ24gUm9vdCBDQSAtIEcxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0u76WaK7p1b1TST0Bsew+eeuGQz +f2N4aLTNLnF115sgxk0pvLZoYIr3IZpWNVrzdr3YzZr/k1ZLpVkGoZM0Kd0WNHVO +8oG0x5ZOrRkVUkr+PHB1cM2vK6sVmjM8qrOLqs1D/fXqcP/tzxE7lM5OMhbTI0Aq +d7OvPAEsbO2ZLIvZTmmYsvePQbAyeGHWDV/D+qJAkh1cF+ZwPjXnorfCYuKrpDhM +tTk1b+oDafo6VGiFbdbyL0NVHpENDtjVaqSW0RM8LHhQ6DqS0hdW5TUaQBw+jSzt +Od9C4INBdN+jzcKGYEho42kLVACL5HZpIQ15TjQIXhTCzLG3rdd8cIrHhQIDAQAB +o0IwQDAdBgNVHQ4EFgQU++8Nhp6w492pufEhF38+/PB3KxowDgYDVR0PAQH/BAQD +AgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFn/8oz1h31x +PaOfG1vR2vjTnGs2vZupYeveFix0PZ7mddrXuqe8QhfnPZHr5X3dPpzxz5KsbEjM +wiI/aTvFthUvozXGaCocV685743QNcMYDHsAVhzNixl03r4PEuDQqqE/AjSxcM6d +GNYIAwlG7mDgfrbESQRRfXBgvKqy/3lyeqYdPV8q+Mri/Tm3R7nrft8EI6/6nAYH +6ftjk4BAtcZsCjEozgyfz7MjNYBBjWzEN3uBL4ChQEKF6dk4jeihU80Bv2noWgby +RQuQ+q7hv53yrlc8pa6yVvSLZUDp/TGBLPQ5Cdjua6e0ph0VpZj3AYHYhX3zUVxx +iN66zB+Afko= +-----END CERTIFICATE----- + +# Issuer: CN=emSign ECC Root CA - G3 O=eMudhra Technologies Limited OU=emSign PKI +# Subject: CN=emSign ECC Root CA - G3 O=eMudhra Technologies Limited OU=emSign PKI +# Label: "emSign ECC Root CA - G3" +# Serial: 287880440101571086945156 +# MD5 Fingerprint: ce:0b:72:d1:9f:88:8e:d0:50:03:e8:e3:b8:8b:67:40 +# SHA1 Fingerprint: 30:43:fa:4f:f2:57:dc:a0:c3:80:ee:2e:58:ea:78:b2:3f:e6:bb:c1 +# SHA256 Fingerprint: 86:a1:ec:ba:08:9c:4a:8d:3b:be:27:34:c6:12:ba:34:1d:81:3e:04:3c:f9:e8:a8:62:cd:5c:57:a3:6b:be:6b +-----BEGIN CERTIFICATE----- +MIICTjCCAdOgAwIBAgIKPPYHqWhwDtqLhDAKBggqhkjOPQQDAzBrMQswCQYDVQQG +EwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNo +bm9sb2dpZXMgTGltaXRlZDEgMB4GA1UEAxMXZW1TaWduIEVDQyBSb290IENBIC0g +RzMwHhcNMTgwMjE4MTgzMDAwWhcNNDMwMjE4MTgzMDAwWjBrMQswCQYDVQQGEwJJ +TjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNobm9s +b2dpZXMgTGltaXRlZDEgMB4GA1UEAxMXZW1TaWduIEVDQyBSb290IENBIC0gRzMw +djAQBgcqhkjOPQIBBgUrgQQAIgNiAAQjpQy4LRL1KPOxst3iAhKAnjlfSU2fySU0 +WXTsuwYc58Byr+iuL+FBVIcUqEqy6HyC5ltqtdyzdc6LBtCGI79G1Y4PPwT01xyS +fvalY8L1X44uT6EYGQIrMgqCZH0Wk9GjQjBAMB0GA1UdDgQWBBR8XQKEE9TMipuB +zhccLikenEhjQjAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggq +hkjOPQQDAwNpADBmAjEAvvNhzwIQHWSVB7gYboiFBS+DCBeQyh+KTOgNG3qxrdWB +CUfvO6wIBHxcmbHtRwfSAjEAnbpV/KlK6O3t5nYBQnvI+GDZjVGLVTv7jHvrZQnD ++JbNR6iC8hZVdyR+EhCVBCyj +-----END CERTIFICATE----- + +# Issuer: CN=emSign Root CA - C1 O=eMudhra Inc OU=emSign PKI +# Subject: CN=emSign Root CA - C1 O=eMudhra Inc OU=emSign PKI +# Label: "emSign Root CA - C1" +# Serial: 825510296613316004955058 +# MD5 Fingerprint: d8:e3:5d:01:21:fa:78:5a:b0:df:ba:d2:ee:2a:5f:68 +# SHA1 Fingerprint: e7:2e:f1:df:fc:b2:09:28:cf:5d:d4:d5:67:37:b1:51:cb:86:4f:01 +# SHA256 Fingerprint: 12:56:09:aa:30:1d:a0:a2:49:b9:7a:82:39:cb:6a:34:21:6f:44:dc:ac:9f:39:54:b1:42:92:f2:e8:c8:60:8f +-----BEGIN CERTIFICATE----- +MIIDczCCAlugAwIBAgILAK7PALrEzzL4Q7IwDQYJKoZIhvcNAQELBQAwVjELMAkG +A1UEBhMCVVMxEzARBgNVBAsTCmVtU2lnbiBQS0kxFDASBgNVBAoTC2VNdWRocmEg +SW5jMRwwGgYDVQQDExNlbVNpZ24gUm9vdCBDQSAtIEMxMB4XDTE4MDIxODE4MzAw +MFoXDTQzMDIxODE4MzAwMFowVjELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2ln +biBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMRwwGgYDVQQDExNlbVNpZ24gUm9v +dCBDQSAtIEMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+upufGZ +BczYKCFK83M0UYRWEPWgTywS4/oTmifQz/l5GnRfHXk5/Fv4cI7gklL35CX5VIPZ +HdPIWoU/Xse2B+4+wM6ar6xWQio5JXDWv7V7Nq2s9nPczdcdioOl+yuQFTdrHCZH +3DspVpNqs8FqOp099cGXOFgFixwR4+S0uF2FHYP+eF8LRWgYSKVGczQ7/g/IdrvH +GPMF0Ybzhe3nudkyrVWIzqa2kbBPrH4VI5b2P/AgNBbeCsbEBEV5f6f9vtKppa+c +xSMq9zwhbL2vj07FOrLzNBL834AaSaTUqZX3noleoomslMuoaJuvimUnzYnu3Yy1 +aylwQ6BpC+S5DwIDAQABo0IwQDAdBgNVHQ4EFgQU/qHgcB4qAzlSWkK+XJGFehiq +TbUwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL +BQADggEBAMJKVvoVIXsoounlHfv4LcQ5lkFMOycsxGwYFYDGrK9HWS8mC+M2sO87 +/kOXSTKZEhVb3xEp/6tT+LvBeA+snFOvV71ojD1pM/CjoCNjO2RnIkSt1XHLVip4 +kqNPEjE2NuLe/gDEo2APJ62gsIq1NnpSob0n9CAnYuhNlCQT5AoE6TyrLshDCUrG +YQTlSTR+08TI9Q/Aqum6VF7zYytPT1DU/rl7mYw9wC68AivTxEDkigcxHpvOJpkT ++xHqmiIMERnHXhuBUDDIlhJu58tBf5E7oke3VIAb3ADMmpDqw8NQBmIMMMAVSKeo +WXzhriKi4gp6D/piq1JM4fHfyr6DDUI= +-----END CERTIFICATE----- + +# Issuer: CN=emSign ECC Root CA - C3 O=eMudhra Inc OU=emSign PKI +# Subject: CN=emSign ECC Root CA - C3 O=eMudhra Inc OU=emSign PKI +# Label: "emSign ECC Root CA - C3" +# Serial: 582948710642506000014504 +# MD5 Fingerprint: 3e:53:b3:a3:81:ee:d7:10:f8:d3:b0:1d:17:92:f5:d5 +# SHA1 Fingerprint: b6:af:43:c2:9b:81:53:7d:f6:ef:6b:c3:1f:1f:60:15:0c:ee:48:66 +# SHA256 Fingerprint: bc:4d:80:9b:15:18:9d:78:db:3e:1d:8c:f4:f9:72:6a:79:5d:a1:64:3c:a5:f1:35:8e:1d:db:0e:dc:0d:7e:b3 +-----BEGIN CERTIFICATE----- +MIICKzCCAbGgAwIBAgIKe3G2gla4EnycqDAKBggqhkjOPQQDAzBaMQswCQYDVQQG +EwJVUzETMBEGA1UECxMKZW1TaWduIFBLSTEUMBIGA1UEChMLZU11ZGhyYSBJbmMx +IDAeBgNVBAMTF2VtU2lnbiBFQ0MgUm9vdCBDQSAtIEMzMB4XDTE4MDIxODE4MzAw +MFoXDTQzMDIxODE4MzAwMFowWjELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2ln +biBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMSAwHgYDVQQDExdlbVNpZ24gRUND +IFJvb3QgQ0EgLSBDMzB2MBAGByqGSM49AgEGBSuBBAAiA2IABP2lYa57JhAd6bci +MK4G9IGzsUJxlTm801Ljr6/58pc1kjZGDoeVjbk5Wum739D+yAdBPLtVb4Ojavti +sIGJAnB9SMVK4+kiVCJNk7tCDK93nCOmfddhEc5lx/h//vXyqaNCMEAwHQYDVR0O +BBYEFPtaSNCAIEDyqOkAB2kZd6fmw/TPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMB +Af8EBTADAQH/MAoGCCqGSM49BAMDA2gAMGUCMQC02C8Cif22TGK6Q04ThHK1rt0c +3ta13FaPWEBaLd4gTCKDypOofu4SQMfWh0/434UCMBwUZOR8loMRnLDRWmFLpg9J +0wD8ofzkpf9/rdcw0Md3f76BB1UwUCAU9Vc4CqgxUQ== +-----END CERTIFICATE----- + +# Issuer: CN=Hongkong Post Root CA 3 O=Hongkong Post +# Subject: CN=Hongkong Post Root CA 3 O=Hongkong Post +# Label: "Hongkong Post Root CA 3" +# Serial: 46170865288971385588281144162979347873371282084 +# MD5 Fingerprint: 11:fc:9f:bd:73:30:02:8a:fd:3f:f3:58:b9:cb:20:f0 +# SHA1 Fingerprint: 58:a2:d0:ec:20:52:81:5b:c1:f3:f8:64:02:24:4e:c2:8e:02:4b:02 +# SHA256 Fingerprint: 5a:2f:c0:3f:0c:83:b0:90:bb:fa:40:60:4b:09:88:44:6c:76:36:18:3d:f9:84:6e:17:10:1a:44:7f:b8:ef:d6 +-----BEGIN CERTIFICATE----- +MIIFzzCCA7egAwIBAgIUCBZfikyl7ADJk0DfxMauI7gcWqQwDQYJKoZIhvcNAQEL +BQAwbzELMAkGA1UEBhMCSEsxEjAQBgNVBAgTCUhvbmcgS29uZzESMBAGA1UEBxMJ +SG9uZyBLb25nMRYwFAYDVQQKEw1Ib25na29uZyBQb3N0MSAwHgYDVQQDExdIb25n +a29uZyBQb3N0IFJvb3QgQ0EgMzAeFw0xNzA2MDMwMjI5NDZaFw00MjA2MDMwMjI5 +NDZaMG8xCzAJBgNVBAYTAkhLMRIwEAYDVQQIEwlIb25nIEtvbmcxEjAQBgNVBAcT +CUhvbmcgS29uZzEWMBQGA1UEChMNSG9uZ2tvbmcgUG9zdDEgMB4GA1UEAxMXSG9u +Z2tvbmcgUG9zdCBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQCziNfqzg8gTr7m1gNt7ln8wlffKWihgw4+aMdoWJwcYEuJQwy51BWy7sFO +dem1p+/l6TWZ5Mwc50tfjTMwIDNT2aa71T4Tjukfh0mtUC1Qyhi+AViiE3CWu4mI +VoBc+L0sPOFMV4i707mV78vH9toxdCim5lSJ9UExyuUmGs2C4HDaOym71QP1mbpV +9WTRYA6ziUm4ii8F0oRFKHyPaFASePwLtVPLwpgchKOesL4jpNrcyCse2m5FHomY +2vkALgbpDDtw1VAliJnLzXNg99X/NWfFobxeq81KuEXryGgeDQ0URhLj0mRiikKY +vLTGCAj4/ahMZJx2Ab0vqWwzD9g/KLg8aQFChn5pwckGyuV6RmXpwtZQQS4/t+Tt +bNe/JgERohYpSms0BpDsE9K2+2p20jzt8NYt3eEV7KObLyzJPivkaTv/ciWxNoZb +x39ri1UbSsUgYT2uy1DhCDq+sI9jQVMwCFk8mB13umOResoQUGC/8Ne8lYePl8X+ +l2oBlKN8W4UdKjk60FSh0Tlxnf0h+bV78OLgAo9uliQlLKAeLKjEiafv7ZkGL7YK +TE/bosw3Gq9HhS2KX8Q0NEwA/RiTZxPRN+ZItIsGxVd7GYYKecsAyVKvQv83j+Gj +Hno9UKtjBucVtT+2RTeUN7F+8kjDf8V1/peNRY8apxpyKBpADwIDAQABo2MwYTAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBQXnc0e +i9Y5K3DTXNSguB+wAPzFYTAdBgNVHQ4EFgQUF53NHovWOStw01zUoLgfsAD8xWEw +DQYJKoZIhvcNAQELBQADggIBAFbVe27mIgHSQpsY1Q7XZiNc4/6gx5LS6ZStS6LG +7BJ8dNVI0lkUmcDrudHr9EgwW62nV3OZqdPlt9EuWSRY3GguLmLYauRwCy0gUCCk +MpXRAJi70/33MvJJrsZ64Ee+bs7Lo3I6LWldy8joRTnU+kLBEUx3XZL7av9YROXr +gZ6voJmtvqkBZss4HTzfQx/0TW60uhdG/H39h4F5ag0zD/ov+BS5gLNdTaqX4fnk +GMX41TiMJjz98iji7lpJiCzfeT2OnpA8vUFKOt1b9pq0zj8lMH8yfaIDlNDceqFS +3m6TjRgm/VWsvY+b0s+v54Ysyx8Jb6NvqYTUc79NoXQbTiNg8swOqn+knEwlqLJm +Ozj/2ZQw9nKEvmhVEA/GcywWaZMH/rFF7buiVWqw2rVKAiUnhde3t4ZEFolsgCs+ +l6mc1X5VTMbeRRAc6uk7nwNT7u56AQIWeNTowr5GdogTPyK7SBIdUgC0An4hGh6c +JfTzPV4e0hz5sy229zdcxsshTrD3mUcYhcErulWuBurQB7Lcq9CClnXO0lD+mefP +L5/ndtFhKvshuzHQqp9HpLIiyhY6UFfEW0NnxWViA0kB60PZ2Pierc+xYw5F9KBa +LJstxabArahH9CdMOA0uG0k7UvToiIMrVCjU8jVStDKDYmlkDJGcn5fqdBb9HxEG +mpv0 +-----END CERTIFICATE----- + +# Issuer: CN=Entrust Root Certification Authority - G4 O=Entrust, Inc. OU=See www.entrust.net/legal-terms/(c) 2015 Entrust, Inc. - for authorized use only +# Subject: CN=Entrust Root Certification Authority - G4 O=Entrust, Inc. OU=See www.entrust.net/legal-terms/(c) 2015 Entrust, Inc. - for authorized use only +# Label: "Entrust Root Certification Authority - G4" +# Serial: 289383649854506086828220374796556676440 +# MD5 Fingerprint: 89:53:f1:83:23:b7:7c:8e:05:f1:8c:71:38:4e:1f:88 +# SHA1 Fingerprint: 14:88:4e:86:26:37:b0:26:af:59:62:5c:40:77:ec:35:29:ba:96:01 +# SHA256 Fingerprint: db:35:17:d1:f6:73:2a:2d:5a:b9:7c:53:3e:c7:07:79:ee:32:70:a6:2f:b4:ac:42:38:37:24:60:e6:f0:1e:88 +-----BEGIN CERTIFICATE----- +MIIGSzCCBDOgAwIBAgIRANm1Q3+vqTkPAAAAAFVlrVgwDQYJKoZIhvcNAQELBQAw +gb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL +Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg +MjAxNSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAw +BgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0 +MB4XDTE1MDUyNzExMTExNloXDTM3MTIyNzExNDExNlowgb4xCzAJBgNVBAYTAlVT +MRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1 +c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxNSBFbnRydXN0LCBJ +bmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAwBgNVBAMTKUVudHJ1c3Qg +Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0MIICIjANBgkqhkiG9w0B +AQEFAAOCAg8AMIICCgKCAgEAsewsQu7i0TD/pZJH4i3DumSXbcr3DbVZwbPLqGgZ +2K+EbTBwXX7zLtJTmeH+H17ZSK9dE43b/2MzTdMAArzE+NEGCJR5WIoV3imz/f3E +T+iq4qA7ec2/a0My3dl0ELn39GjUu9CH1apLiipvKgS1sqbHoHrmSKvS0VnM1n4j +5pds8ELl3FFLFUHtSUrJ3hCX1nbB76W1NhSXNdh4IjVS70O92yfbYVaCNNzLiGAM +C1rlLAHGVK/XqsEQe9IFWrhAnoanw5CGAlZSCXqc0ieCU0plUmr1POeo8pyvi73T +DtTUXm6Hnmo9RR3RXRv06QqsYJn7ibT/mCzPfB3pAqoEmh643IhuJbNsZvc8kPNX +wbMv9W3y+8qh+CmdRouzavbmZwe+LGcKKh9asj5XxNMhIWNlUpEbsZmOeX7m640A +2Vqq6nPopIICR5b+W45UYaPrL0swsIsjdXJ8ITzI9vF01Bx7owVV7rtNOzK+mndm +nqxpkCIHH2E6lr7lmk/MBTwoWdPBDFSoWWG9yHJM6Nyfh3+9nEg2XpWjDrk4JFX8 +dWbrAuMINClKxuMrLzOg2qOGpRKX/YAr2hRC45K9PvJdXmd0LhyIRyk0X+IyqJwl +N4y6mACXi0mWHv0liqzc2thddG5msP9E36EYxr5ILzeUePiVSj9/E15dWf10hkNj +c0kCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD +VR0OBBYEFJ84xFYjwznooHFs6FRM5Og6sb9nMA0GCSqGSIb3DQEBCwUAA4ICAQAS +5UKme4sPDORGpbZgQIeMJX6tuGguW8ZAdjwD+MlZ9POrYs4QjbRaZIxowLByQzTS +Gwv2LFPSypBLhmb8qoMi9IsabyZIrHZ3CL/FmFz0Jomee8O5ZDIBf9PD3Vht7LGr +hFV0d4QEJ1JrhkzO3bll/9bGXp+aEJlLdWr+aumXIOTkdnrG0CSqkM0gkLpHZPt/ +B7NTeLUKYvJzQ85BK4FqLoUWlFPUa19yIqtRLULVAJyZv967lDtX/Zr1hstWO1uI +AeV8KEsD+UmDfLJ/fOPtjqF/YFOOVZ1QNBIPt5d7bIdKROf1beyAN/BYGW5KaHbw +H5Lk6rWS02FREAutp9lfx1/cH6NcjKF+m7ee01ZvZl4HliDtC3T7Zk6LERXpgUl+ +b7DUUH8i119lAg2m9IUe2K4GS0qn0jFmwvjO5QimpAKWRGhXxNUzzxkvFMSUHHuk +2fCfDrGA4tGeEWSpiBE6doLlYsKA2KSD7ZPvfC+QsDJMlhVoSFLUmQjAJOgc47Ol +IQ6SwJAfzyBfyjs4x7dtOvPmRLgOMWuIjnDrnBdSqEGULoe256YSxXXfW8AKbnuk +5F6G+TaU33fD6Q3AOfF5u0aOq0NZJ7cguyPpVkAh7DE9ZapD8j3fcEThuk0mEDuY +n/PIjhs4ViFqUZPTkcpG2om3PVODLAgfi49T3f+sHw== +-----END CERTIFICATE----- + +# Issuer: CN=Microsoft ECC Root Certificate Authority 2017 O=Microsoft Corporation +# Subject: CN=Microsoft ECC Root Certificate Authority 2017 O=Microsoft Corporation +# Label: "Microsoft ECC Root Certificate Authority 2017" +# Serial: 136839042543790627607696632466672567020 +# MD5 Fingerprint: dd:a1:03:e6:4a:93:10:d1:bf:f0:19:42:cb:fe:ed:67 +# SHA1 Fingerprint: 99:9a:64:c3:7f:f4:7d:9f:ab:95:f1:47:69:89:14:60:ee:c4:c3:c5 +# SHA256 Fingerprint: 35:8d:f3:9d:76:4a:f9:e1:b7:66:e9:c9:72:df:35:2e:e1:5c:fa:c2:27:af:6a:d1:d7:0e:8e:4a:6e:dc:ba:02 +-----BEGIN CERTIFICATE----- +MIICWTCCAd+gAwIBAgIQZvI9r4fei7FK6gxXMQHC7DAKBggqhkjOPQQDAzBlMQsw +CQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYwNAYD +VQQDEy1NaWNyb3NvZnQgRUNDIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIw +MTcwHhcNMTkxMjE4MjMwNjQ1WhcNNDIwNzE4MjMxNjA0WjBlMQswCQYDVQQGEwJV +UzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYwNAYDVQQDEy1NaWNy +b3NvZnQgRUNDIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTcwdjAQBgcq +hkjOPQIBBgUrgQQAIgNiAATUvD0CQnVBEyPNgASGAlEvaqiBYgtlzPbKnR5vSmZR +ogPZnZH6thaxjG7efM3beaYvzrvOcS/lpaso7GMEZpn4+vKTEAXhgShC48Zo9OYb +hGBKia/teQ87zvH2RPUBeMCjVDBSMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBTIy5lycFIM+Oa+sgRXKSrPQhDtNTAQBgkrBgEEAYI3 +FQEEAwIBADAKBggqhkjOPQQDAwNoADBlAjBY8k3qDPlfXu5gKcs68tvWMoQZP3zV +L8KxzJOuULsJMsbG7X7JNpQS5GiFBqIb0C8CMQCZ6Ra0DvpWSNSkMBaReNtUjGUB +iudQZsIxtzm6uBoiB078a1QWIP8rtedMDE2mT3M= +-----END CERTIFICATE----- + +# Issuer: CN=Microsoft RSA Root Certificate Authority 2017 O=Microsoft Corporation +# Subject: CN=Microsoft RSA Root Certificate Authority 2017 O=Microsoft Corporation +# Label: "Microsoft RSA Root Certificate Authority 2017" +# Serial: 40975477897264996090493496164228220339 +# MD5 Fingerprint: 10:ff:00:ff:cf:c9:f8:c7:7a:c0:ee:35:8e:c9:0f:47 +# SHA1 Fingerprint: 73:a5:e6:4a:3b:ff:83:16:ff:0e:dc:cc:61:8a:90:6e:4e:ae:4d:74 +# SHA256 Fingerprint: c7:41:f7:0f:4b:2a:8d:88:bf:2e:71:c1:41:22:ef:53:ef:10:eb:a0:cf:a5:e6:4c:fa:20:f4:18:85:30:73:e0 +-----BEGIN CERTIFICATE----- +MIIFqDCCA5CgAwIBAgIQHtOXCV/YtLNHcB6qvn9FszANBgkqhkiG9w0BAQwFADBl +MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYw +NAYDVQQDEy1NaWNyb3NvZnQgUlNBIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 +IDIwMTcwHhcNMTkxMjE4MjI1MTIyWhcNNDIwNzE4MjMwMDIzWjBlMQswCQYDVQQG +EwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYwNAYDVQQDEy1N +aWNyb3NvZnQgUlNBIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTcwggIi +MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKW76UM4wplZEWCpW9R2LBifOZ +Nt9GkMml7Xhqb0eRaPgnZ1AzHaGm++DlQ6OEAlcBXZxIQIJTELy/xztokLaCLeX0 +ZdDMbRnMlfl7rEqUrQ7eS0MdhweSE5CAg2Q1OQT85elss7YfUJQ4ZVBcF0a5toW1 +HLUX6NZFndiyJrDKxHBKrmCk3bPZ7Pw71VdyvD/IybLeS2v4I2wDwAW9lcfNcztm +gGTjGqwu+UcF8ga2m3P1eDNbx6H7JyqhtJqRjJHTOoI+dkC0zVJhUXAoP8XFWvLJ +jEm7FFtNyP9nTUwSlq31/niol4fX/V4ggNyhSyL71Imtus5Hl0dVe49FyGcohJUc +aDDv70ngNXtk55iwlNpNhTs+VcQor1fznhPbRiefHqJeRIOkpcrVE7NLP8TjwuaG +YaRSMLl6IE9vDzhTyzMMEyuP1pq9KsgtsRx9S1HKR9FIJ3Jdh+vVReZIZZ2vUpC6 +W6IYZVcSn2i51BVrlMRpIpj0M+Dt+VGOQVDJNE92kKz8OMHY4Xu54+OU4UZpyw4K +UGsTuqwPN1q3ErWQgR5WrlcihtnJ0tHXUeOrO8ZV/R4O03QK0dqq6mm4lyiPSMQH ++FJDOvTKVTUssKZqwJz58oHhEmrARdlns87/I6KJClTUFLkqqNfs+avNJVgyeY+Q +W5g5xAgGwax/Dj0ApQIDAQABo1QwUjAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/ +BAUwAwEB/zAdBgNVHQ4EFgQUCctZf4aycI8awznjwNnpv7tNsiMwEAYJKwYBBAGC +NxUBBAMCAQAwDQYJKoZIhvcNAQEMBQADggIBAKyvPl3CEZaJjqPnktaXFbgToqZC +LgLNFgVZJ8og6Lq46BrsTaiXVq5lQ7GPAJtSzVXNUzltYkyLDVt8LkS/gxCP81OC +gMNPOsduET/m4xaRhPtthH80dK2Jp86519efhGSSvpWhrQlTM93uCupKUY5vVau6 +tZRGrox/2KJQJWVggEbbMwSubLWYdFQl3JPk+ONVFT24bcMKpBLBaYVu32TxU5nh +SnUgnZUP5NbcA/FZGOhHibJXWpS2qdgXKxdJ5XbLwVaZOjex/2kskZGT4d9Mozd2 +TaGf+G0eHdP67Pv0RR0Tbc/3WeUiJ3IrhvNXuzDtJE3cfVa7o7P4NHmJweDyAmH3 +pvwPuxwXC65B2Xy9J6P9LjrRk5Sxcx0ki69bIImtt2dmefU6xqaWM/5TkshGsRGR +xpl/j8nWZjEgQRCHLQzWwa80mMpkg/sTV9HB8Dx6jKXB/ZUhoHHBk2dxEuqPiApp +GWSZI1b7rCoucL5mxAyE7+WL85MB+GqQk2dLsmijtWKP6T+MejteD+eMuMZ87zf9 +dOLITzNy4ZQ5bb0Sr74MTnB8G2+NszKTc0QWbej09+CVgI+WXTik9KveCjCHk9hN +AHFiRSdLOkKEW39lt2c0Ui2cFmuqqNh7o0JMcccMyj6D5KbvtwEwXlGjefVwaaZB +RA+GsCyRxj3qrg+E +-----END CERTIFICATE----- + +# Issuer: CN=e-Szigno Root CA 2017 O=Microsec Ltd. +# Subject: CN=e-Szigno Root CA 2017 O=Microsec Ltd. +# Label: "e-Szigno Root CA 2017" +# Serial: 411379200276854331539784714 +# MD5 Fingerprint: de:1f:f6:9e:84:ae:a7:b4:21:ce:1e:58:7d:d1:84:98 +# SHA1 Fingerprint: 89:d4:83:03:4f:9e:9a:48:80:5f:72:37:d4:a9:a6:ef:cb:7c:1f:d1 +# SHA256 Fingerprint: be:b0:0b:30:83:9b:9b:c3:2c:32:e4:44:79:05:95:06:41:f2:64:21:b1:5e:d0:89:19:8b:51:8a:e2:ea:1b:99 +-----BEGIN CERTIFICATE----- +MIICQDCCAeWgAwIBAgIMAVRI7yH9l1kN9QQKMAoGCCqGSM49BAMCMHExCzAJBgNV +BAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMgTHRk +LjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxHjAcBgNVBAMMFWUtU3ppZ25vIFJv +b3QgQ0EgMjAxNzAeFw0xNzA4MjIxMjA3MDZaFw00MjA4MjIxMjA3MDZaMHExCzAJ +BgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMg +THRkLjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxHjAcBgNVBAMMFWUtU3ppZ25v +IFJvb3QgQ0EgMjAxNzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJbcPYrYsHtv +xie+RJCxs1YVe45DJH0ahFnuY2iyxl6H0BVIHqiQrb1TotreOpCmYF9oMrWGQd+H +Wyx7xf58etqjYzBhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G +A1UdDgQWBBSHERUI0arBeAyxr87GyZDvvzAEwDAfBgNVHSMEGDAWgBSHERUI0arB +eAyxr87GyZDvvzAEwDAKBggqhkjOPQQDAgNJADBGAiEAtVfd14pVCzbhhkT61Nlo +jbjcI4qKDdQvfepz7L9NbKgCIQDLpbQS+ue16M9+k/zzNY9vTlp8tLxOsvxyqltZ ++efcMQ== +-----END CERTIFICATE----- + +# Issuer: O=CERTSIGN SA OU=certSIGN ROOT CA G2 +# Subject: O=CERTSIGN SA OU=certSIGN ROOT CA G2 +# Label: "certSIGN Root CA G2" +# Serial: 313609486401300475190 +# MD5 Fingerprint: 8c:f1:75:8a:c6:19:cf:94:b7:f7:65:20:87:c3:97:c7 +# SHA1 Fingerprint: 26:f9:93:b4:ed:3d:28:27:b0:b9:4b:a7:e9:15:1d:a3:8d:92:e5:32 +# SHA256 Fingerprint: 65:7c:fe:2f:a7:3f:aa:38:46:25:71:f3:32:a2:36:3a:46:fc:e7:02:09:51:71:07:02:cd:fb:b6:ee:da:33:05 +-----BEGIN CERTIFICATE----- +MIIFRzCCAy+gAwIBAgIJEQA0tk7GNi02MA0GCSqGSIb3DQEBCwUAMEExCzAJBgNV +BAYTAlJPMRQwEgYDVQQKEwtDRVJUU0lHTiBTQTEcMBoGA1UECxMTY2VydFNJR04g +Uk9PVCBDQSBHMjAeFw0xNzAyMDYwOTI3MzVaFw00MjAyMDYwOTI3MzVaMEExCzAJ +BgNVBAYTAlJPMRQwEgYDVQQKEwtDRVJUU0lHTiBTQTEcMBoGA1UECxMTY2VydFNJ +R04gUk9PVCBDQSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMDF +dRmRfUR0dIf+DjuW3NgBFszuY5HnC2/OOwppGnzC46+CjobXXo9X69MhWf05N0Iw +vlDqtg+piNguLWkh59E3GE59kdUWX2tbAMI5Qw02hVK5U2UPHULlj88F0+7cDBrZ +uIt4ImfkabBoxTzkbFpG583H+u/E7Eu9aqSs/cwoUe+StCmrqzWaTOTECMYmzPhp +n+Sc8CnTXPnGFiWeI8MgwT0PPzhAsP6CRDiqWhqKa2NYOLQV07YRaXseVO6MGiKs +cpc/I1mbySKEwQdPzH/iV8oScLumZfNpdWO9lfsbl83kqK/20U6o2YpxJM02PbyW +xPFsqa7lzw1uKA2wDrXKUXt4FMMgL3/7FFXhEZn91QqhngLjYl/rNUssuHLoPj1P +rCy7Lobio3aP5ZMqz6WryFyNSwb/EkaseMsUBzXgqd+L6a8VTxaJW732jcZZroiF +DsGJ6x9nxUWO/203Nit4ZoORUSs9/1F3dmKh7Gc+PoGD4FapUB8fepmrY7+EF3fx +DTvf95xhszWYijqy7DwaNz9+j5LP2RIUZNoQAhVB/0/E6xyjyfqZ90bp4RjZsbgy +LcsUDFDYg2WD7rlcz8sFWkz6GZdr1l0T08JcVLwyc6B49fFtHsufpaafItzRUZ6C +eWRgKRM+o/1Pcmqr4tTluCRVLERLiohEnMqE0yo7AgMBAAGjQjBAMA8GA1UdEwEB +/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSCIS1mxteg4BXrzkwJ +d8RgnlRuAzANBgkqhkiG9w0BAQsFAAOCAgEAYN4auOfyYILVAzOBywaK8SJJ6ejq +kX/GM15oGQOGO0MBzwdw5AgeZYWR5hEit/UCI46uuR59H35s5r0l1ZUa8gWmr4UC +b6741jH/JclKyMeKqdmfS0mbEVeZkkMR3rYzpMzXjWR91M08KCy0mpbqTfXERMQl +qiCA2ClV9+BB/AYm/7k29UMUA2Z44RGx2iBfRgB4ACGlHgAoYXhvqAEBj500mv/0 +OJD7uNGzcgbJceaBxXntC6Z58hMLnPddDnskk7RI24Zf3lCGeOdA5jGokHZwYa+c +NywRtYK3qq4kNFtyDGkNzVmf9nGvnAvRCjj5BiKDUyUM/FHE5r7iOZULJK2v0ZXk +ltd0ZGtxTgI8qoXzIKNDOXZbbFD+mpwUHmUUihW9o4JFWklWatKcsWMy5WHgUyIO +pwpJ6st+H6jiYoD2EEVSmAYY3qXNL3+q1Ok+CHLsIwMCPKaq2LxndD0UF/tUSxfj +03k9bWtJySgOLnRQvwzZRjoQhsmnP+mg7H/rpXdYaXHmgwo38oZJar55CJD2AhZk +PuXaTH4MNMn5X7azKFGnpyuqSfqNZSlO42sTp5SjLVFteAxEy9/eCG/Oo2Sr05WE +1LlSVHJ7liXMvGnjSG4N0MedJ5qq+BOS3R7fY581qRY27Iy4g/Q9iY/NtBde17MX +QRBdJ3NghVdJIgc= +-----END CERTIFICATE----- + +# Issuer: CN=Trustwave Global Certification Authority O=Trustwave Holdings, Inc. +# Subject: CN=Trustwave Global Certification Authority O=Trustwave Holdings, Inc. +# Label: "Trustwave Global Certification Authority" +# Serial: 1846098327275375458322922162 +# MD5 Fingerprint: f8:1c:18:2d:2f:ba:5f:6d:a1:6c:bc:c7:ab:91:c7:0e +# SHA1 Fingerprint: 2f:8f:36:4f:e1:58:97:44:21:59:87:a5:2a:9a:d0:69:95:26:7f:b5 +# SHA256 Fingerprint: 97:55:20:15:f5:dd:fc:3c:87:88:c0:06:94:45:55:40:88:94:45:00:84:f1:00:86:70:86:bc:1a:2b:b5:8d:c8 +-----BEGIN CERTIFICATE----- +MIIF2jCCA8KgAwIBAgIMBfcOhtpJ80Y1LrqyMA0GCSqGSIb3DQEBCwUAMIGIMQsw +CQYDVQQGEwJVUzERMA8GA1UECAwISWxsaW5vaXMxEDAOBgNVBAcMB0NoaWNhZ28x +ITAfBgNVBAoMGFRydXN0d2F2ZSBIb2xkaW5ncywgSW5jLjExMC8GA1UEAwwoVHJ1 +c3R3YXZlIEdsb2JhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNzA4MjMx +OTM0MTJaFw00MjA4MjMxOTM0MTJaMIGIMQswCQYDVQQGEwJVUzERMA8GA1UECAwI +SWxsaW5vaXMxEDAOBgNVBAcMB0NoaWNhZ28xITAfBgNVBAoMGFRydXN0d2F2ZSBI +b2xkaW5ncywgSW5jLjExMC8GA1UEAwwoVHJ1c3R3YXZlIEdsb2JhbCBDZXJ0aWZp +Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB +ALldUShLPDeS0YLOvR29zd24q88KPuFd5dyqCblXAj7mY2Hf8g+CY66j96xz0Xzn +swuvCAAJWX/NKSqIk4cXGIDtiLK0thAfLdZfVaITXdHG6wZWiYj+rDKd/VzDBcdu +7oaJuogDnXIhhpCujwOl3J+IKMujkkkP7NAP4m1ET4BqstTnoApTAbqOl5F2brz8 +1Ws25kCI1nsvXwXoLG0R8+eyvpJETNKXpP7ScoFDB5zpET71ixpZfR9oWN0EACyW +80OzfpgZdNmcc9kYvkHHNHnZ9GLCQ7mzJ7Aiy/k9UscwR7PJPrhq4ufogXBeQotP +JqX+OsIgbrv4Fo7NDKm0G2x2EOFYeUY+VM6AqFcJNykbmROPDMjWLBz7BegIlT1l +RtzuzWniTY+HKE40Cz7PFNm73bZQmq131BnW2hqIyE4bJ3XYsgjxroMwuREOzYfw +hI0Vcnyh78zyiGG69Gm7DIwLdVcEuE4qFC49DxweMqZiNu5m4iK4BUBjECLzMx10 +coos9TkpoNPnG4CELcU9402x/RpvumUHO1jsQkUm+9jaJXLE9gCxInm943xZYkqc +BW89zubWR2OZxiRvchLIrH+QtAuRcOi35hYQcRfO3gZPSEF9NUqjifLJS3tBEW1n +twiYTOURGa5CgNz7kAXU+FDKvuStx8KU1xad5hePrzb7AgMBAAGjQjBAMA8GA1Ud +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFJngGWcNYtt2s9o9uFvo/ULSMQ6HMA4GA1Ud +DwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAmHNw4rDT7TnsTGDZqRKGFx6W +0OhUKDtkLSGm+J1WE2pIPU/HPinbbViDVD2HfSMF1OQc3Og4ZYbFdada2zUFvXfe +uyk3QAUHw5RSn8pk3fEbK9xGChACMf1KaA0HZJDmHvUqoai7PF35owgLEQzxPy0Q +lG/+4jSHg9bP5Rs1bdID4bANqKCqRieCNqcVtgimQlRXtpla4gt5kNdXElE1GYhB +aCXUNxeEFfsBctyV3lImIJgm4nb1J2/6ADtKYdkNy1GTKv0WBpanI5ojSP5RvbbE +sLFUzt5sQa0WZ37b/TjNuThOssFgy50X31ieemKyJo90lZvkWx3SD92YHJtZuSPT +MaCm/zjdzyBP6VhWOmfD0faZmZ26NraAL4hHT4a/RDqA5Dccprrql5gR0IRiR2Qe +qu5AvzSxnI9O4fKSTx+O856X3vOmeWqJcU9LJxdI/uz0UA9PSX3MReO9ekDFQdxh +VicGaeVyQYHTtgGJoC86cnn+OjC/QezHYj6RS8fZMXZC+fc8Y+wmjHMMfRod6qh8 +h6jCJ3zhM0EPz8/8AKAigJ5Kp28AsEFFtyLKaEjFQqKu3R3y4G5OBVixwJAWKqQ9 +EEC+j2Jjg6mcgn0tAumDMHzLJ8n9HmYAsC7TIS+OMxZsmO0QqAfWzJPP29FpHOTK +yeC2nOnOcXHebD8WpHk= +-----END CERTIFICATE----- + +# Issuer: CN=Trustwave Global ECC P256 Certification Authority O=Trustwave Holdings, Inc. +# Subject: CN=Trustwave Global ECC P256 Certification Authority O=Trustwave Holdings, Inc. +# Label: "Trustwave Global ECC P256 Certification Authority" +# Serial: 4151900041497450638097112925 +# MD5 Fingerprint: 5b:44:e3:8d:5d:36:86:26:e8:0d:05:d2:59:a7:83:54 +# SHA1 Fingerprint: b4:90:82:dd:45:0c:be:8b:5b:b1:66:d3:e2:a4:08:26:cd:ed:42:cf +# SHA256 Fingerprint: 94:5b:bc:82:5e:a5:54:f4:89:d1:fd:51:a7:3d:df:2e:a6:24:ac:70:19:a0:52:05:22:5c:22:a7:8c:cf:a8:b4 +-----BEGIN CERTIFICATE----- +MIICYDCCAgegAwIBAgIMDWpfCD8oXD5Rld9dMAoGCCqGSM49BAMCMIGRMQswCQYD +VQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAf +BgNVBAoTGFRydXN0d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3 +YXZlIEdsb2JhbCBFQ0MgUDI1NiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0x +NzA4MjMxOTM1MTBaFw00MjA4MjMxOTM1MTBaMIGRMQswCQYDVQQGEwJVUzERMA8G +A1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAfBgNVBAoTGFRydXN0 +d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3YXZlIEdsb2JhbCBF +Q0MgUDI1NiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTBZMBMGByqGSM49AgEGCCqG +SM49AwEHA0IABH77bOYj43MyCMpg5lOcunSNGLB4kFKA3TjASh3RqMyTpJcGOMoN +FWLGjgEqZZ2q3zSRLoHB5DOSMcT9CTqmP62jQzBBMA8GA1UdEwEB/wQFMAMBAf8w +DwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQUo0EGrJBt0UrrdaVKEJmzsaGLSvcw +CgYIKoZIzj0EAwIDRwAwRAIgB+ZU2g6gWrKuEZ+Hxbb/ad4lvvigtwjzRM4q3wgh +DDcCIC0mA6AFvWvR9lz4ZcyGbbOcNEhjhAnFjXca4syc4XR7 +-----END CERTIFICATE----- + +# Issuer: CN=Trustwave Global ECC P384 Certification Authority O=Trustwave Holdings, Inc. +# Subject: CN=Trustwave Global ECC P384 Certification Authority O=Trustwave Holdings, Inc. +# Label: "Trustwave Global ECC P384 Certification Authority" +# Serial: 2704997926503831671788816187 +# MD5 Fingerprint: ea:cf:60:c4:3b:b9:15:29:40:a1:97:ed:78:27:93:d6 +# SHA1 Fingerprint: e7:f3:a3:c8:cf:6f:c3:04:2e:6d:0e:67:32:c5:9e:68:95:0d:5e:d2 +# SHA256 Fingerprint: 55:90:38:59:c8:c0:c3:eb:b8:75:9e:ce:4e:25:57:22:5f:f5:75:8b:bd:38:eb:d4:82:76:60:1e:1b:d5:80:97 +-----BEGIN CERTIFICATE----- +MIICnTCCAiSgAwIBAgIMCL2Fl2yZJ6SAaEc7MAoGCCqGSM49BAMDMIGRMQswCQYD +VQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAf +BgNVBAoTGFRydXN0d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3 +YXZlIEdsb2JhbCBFQ0MgUDM4NCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0x +NzA4MjMxOTM2NDNaFw00MjA4MjMxOTM2NDNaMIGRMQswCQYDVQQGEwJVUzERMA8G +A1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAfBgNVBAoTGFRydXN0 +d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3YXZlIEdsb2JhbCBF +Q0MgUDM4NCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTB2MBAGByqGSM49AgEGBSuB +BAAiA2IABGvaDXU1CDFHBa5FmVXxERMuSvgQMSOjfoPTfygIOiYaOs+Xgh+AtycJ +j9GOMMQKmw6sWASr9zZ9lCOkmwqKi6vr/TklZvFe/oyujUF5nQlgziip04pt89ZF +1PKYhDhloKNDMEEwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0G +A1UdDgQWBBRVqYSJ0sEyvRjLbKYHTsjnnb6CkDAKBggqhkjOPQQDAwNnADBkAjA3 +AZKXRRJ+oPM+rRk6ct30UJMDEr5E0k9BpIycnR+j9sKS50gU/k6bpZFXrsY3crsC +MGclCrEMXu6pY5Jv5ZAL/mYiykf9ijH3g/56vxC+GCsej/YpHpRZ744hN8tRmKVu +Sw== +-----END CERTIFICATE----- + +# Issuer: CN=NAVER Global Root Certification Authority O=NAVER BUSINESS PLATFORM Corp. +# Subject: CN=NAVER Global Root Certification Authority O=NAVER BUSINESS PLATFORM Corp. +# Label: "NAVER Global Root Certification Authority" +# Serial: 9013692873798656336226253319739695165984492813 +# MD5 Fingerprint: c8:7e:41:f6:25:3b:f5:09:b3:17:e8:46:3d:bf:d0:9b +# SHA1 Fingerprint: 8f:6b:f2:a9:27:4a:da:14:a0:c4:f4:8e:61:27:f9:c0:1e:78:5d:d1 +# SHA256 Fingerprint: 88:f4:38:dc:f8:ff:d1:fa:8f:42:91:15:ff:e5:f8:2a:e1:e0:6e:0c:70:c3:75:fa:ad:71:7b:34:a4:9e:72:65 +-----BEGIN CERTIFICATE----- +MIIFojCCA4qgAwIBAgIUAZQwHqIL3fXFMyqxQ0Rx+NZQTQ0wDQYJKoZIhvcNAQEM +BQAwaTELMAkGA1UEBhMCS1IxJjAkBgNVBAoMHU5BVkVSIEJVU0lORVNTIFBMQVRG +T1JNIENvcnAuMTIwMAYDVQQDDClOQVZFUiBHbG9iYWwgUm9vdCBDZXJ0aWZpY2F0 +aW9uIEF1dGhvcml0eTAeFw0xNzA4MTgwODU4NDJaFw0zNzA4MTgyMzU5NTlaMGkx +CzAJBgNVBAYTAktSMSYwJAYDVQQKDB1OQVZFUiBCVVNJTkVTUyBQTEFURk9STSBD +b3JwLjEyMDAGA1UEAwwpTkFWRVIgR2xvYmFsIFJvb3QgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC21PGTXLVA +iQqrDZBbUGOukJR0F0Vy1ntlWilLp1agS7gvQnXp2XskWjFlqxcX0TM62RHcQDaH +38dq6SZeWYp34+hInDEW+j6RscrJo+KfziFTowI2MMtSAuXaMl3Dxeb57hHHi8lE +HoSTGEq0n+USZGnQJoViAbbJAh2+g1G7XNr4rRVqmfeSVPc0W+m/6imBEtRTkZaz +kVrd/pBzKPswRrXKCAfHcXLJZtM0l/aM9BhK4dA9WkW2aacp+yPOiNgSnABIqKYP +szuSjXEOdMWLyEz59JuOuDxp7W87UC9Y7cSw0BwbagzivESq2M0UXZR4Yb8Obtoq +vC8MC3GmsxY/nOb5zJ9TNeIDoKAYv7vxvvTWjIcNQvcGufFt7QSUqP620wbGQGHf +nZ3zVHbOUzoBppJB7ASjjw2i1QnK1sua8e9DXcCrpUHPXFNwcMmIpi3Ua2FzUCaG +YQ5fG8Ir4ozVu53BA0K6lNpfqbDKzE0K70dpAy8i+/Eozr9dUGWokG2zdLAIx6yo +0es+nPxdGoMuK8u180SdOqcXYZaicdNwlhVNt0xz7hlcxVs+Qf6sdWA7G2POAN3a +CJBitOUt7kinaxeZVL6HSuOpXgRM6xBtVNbv8ejyYhbLgGvtPe31HzClrkvJE+2K +AQHJuFFYwGY6sWZLxNUxAmLpdIQM201GLQIDAQABo0IwQDAdBgNVHQ4EFgQU0p+I +36HNLL3s9TsBAZMzJ7LrYEswDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMB +Af8wDQYJKoZIhvcNAQEMBQADggIBADLKgLOdPVQG3dLSLvCkASELZ0jKbY7gyKoN +qo0hV4/GPnrK21HUUrPUloSlWGB/5QuOH/XcChWB5Tu2tyIvCZwTFrFsDDUIbatj +cu3cvuzHV+YwIHHW1xDBE1UBjCpD5EHxzzp6U5LOogMFDTjfArsQLtk70pt6wKGm ++LUx5vR1yblTmXVHIloUFcd4G7ad6Qz4G3bxhYTeodoS76TiEJd6eN4MUZeoIUCL +hr0N8F5OSza7OyAfikJW4Qsav3vQIkMsRIz75Sq0bBwcupTgE34h5prCy8VCZLQe +lHsIJchxzIdFV4XTnyliIoNRlwAYl3dqmJLJfGBs32x9SuRwTMKeuB330DTHD8z7 +p/8Dvq1wkNoL3chtl1+afwkyQf3NosxabUzyqkn+Zvjp2DXrDige7kgvOtB5CTh8 +piKCk5XQA76+AqAF3SAi428diDRgxuYKuQl1C/AH6GmWNcf7I4GOODm4RStDeKLR +LBT/DShycpWbXgnbiUSYqqFJu3FS8r/2/yehNq+4tneI3TqkbZs0kNwUXTC/t+sX +5Ie3cdCh13cV1ELX8vMxmV2b3RZtP+oGI/hGoiLtk/bdmuYqh7GYVPEi92tF4+KO +dh2ajcQGjTa3FPOdVGm3jjzVpG2Tgbet9r1ke8LJaDmgkpzNNIaRkPpkUZ3+/uul +9XXeifdy +-----END CERTIFICATE----- + +# Issuer: CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS O=FNMT-RCM OU=Ceres +# Subject: CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS O=FNMT-RCM OU=Ceres +# Label: "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" +# Serial: 131542671362353147877283741781055151509 +# MD5 Fingerprint: 19:36:9c:52:03:2f:d2:d1:bb:23:cc:dd:1e:12:55:bb +# SHA1 Fingerprint: 62:ff:d9:9e:c0:65:0d:03:ce:75:93:d2:ed:3f:2d:32:c9:e3:e5:4a +# SHA256 Fingerprint: 55:41:53:b1:3d:2c:f9:dd:b7:53:bf:be:1a:4e:0a:e0:8d:0a:a4:18:70:58:fe:60:a2:b8:62:b2:e4:b8:7b:cb +-----BEGIN CERTIFICATE----- +MIICbjCCAfOgAwIBAgIQYvYybOXE42hcG2LdnC6dlTAKBggqhkjOPQQDAzB4MQsw +CQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xDjAMBgNVBAsMBUNlcmVzMRgw +FgYDVQRhDA9WQVRFUy1RMjgyNjAwNEoxLDAqBgNVBAMMI0FDIFJBSVogRk5NVC1S +Q00gU0VSVklET1JFUyBTRUdVUk9TMB4XDTE4MTIyMDA5MzczM1oXDTQzMTIyMDA5 +MzczM1oweDELMAkGA1UEBhMCRVMxETAPBgNVBAoMCEZOTVQtUkNNMQ4wDAYDVQQL +DAVDZXJlczEYMBYGA1UEYQwPVkFURVMtUTI4MjYwMDRKMSwwKgYDVQQDDCNBQyBS +QUlaIEZOTVQtUkNNIFNFUlZJRE9SRVMgU0VHVVJPUzB2MBAGByqGSM49AgEGBSuB +BAAiA2IABPa6V1PIyqvfNkpSIeSX0oNnnvBlUdBeh8dHsVnyV0ebAAKTRBdp20LH +sbI6GA60XYyzZl2hNPk2LEnb80b8s0RpRBNm/dfF/a82Tc4DTQdxz69qBdKiQ1oK +Um8BA06Oi6NCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD +VR0OBBYEFAG5L++/EYZg8k/QQW6rcx/n0m5JMAoGCCqGSM49BAMDA2kAMGYCMQCu +SuMrQMN0EfKVrRYj3k4MGuZdpSRea0R7/DjiT8ucRRcRTBQnJlU5dUoDzBOQn5IC +MQD6SmxgiHPz7riYYqnOK8LZiqZwMR2vsJRM60/G49HzYqc8/5MuB1xJAWdpEgJy +v+c= +-----END CERTIFICATE----- + +# Issuer: CN=GlobalSign Root R46 O=GlobalSign nv-sa +# Subject: CN=GlobalSign Root R46 O=GlobalSign nv-sa +# Label: "GlobalSign Root R46" +# Serial: 1552617688466950547958867513931858518042577 +# MD5 Fingerprint: c4:14:30:e4:fa:66:43:94:2a:6a:1b:24:5f:19:d0:ef +# SHA1 Fingerprint: 53:a2:b0:4b:ca:6b:d6:45:e6:39:8a:8e:c4:0d:d2:bf:77:c3:a2:90 +# SHA256 Fingerprint: 4f:a3:12:6d:8d:3a:11:d1:c4:85:5a:4f:80:7c:ba:d6:cf:91:9d:3a:5a:88:b0:3b:ea:2c:63:72:d9:3c:40:c9 +-----BEGIN CERTIFICATE----- +MIIFWjCCA0KgAwIBAgISEdK7udcjGJ5AXwqdLdDfJWfRMA0GCSqGSIb3DQEBDAUA +MEYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRwwGgYD +VQQDExNHbG9iYWxTaWduIFJvb3QgUjQ2MB4XDTE5MDMyMDAwMDAwMFoXDTQ2MDMy +MDAwMDAwMFowRjELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYt +c2ExHDAaBgNVBAMTE0dsb2JhbFNpZ24gUm9vdCBSNDYwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQCsrHQy6LNl5brtQyYdpokNRbopiLKkHWPd08EsCVeJ +OaFV6Wc0dwxu5FUdUiXSE2te4R2pt32JMl8Nnp8semNgQB+msLZ4j5lUlghYruQG +vGIFAha/r6gjA7aUD7xubMLL1aa7DOn2wQL7Id5m3RerdELv8HQvJfTqa1VbkNud +316HCkD7rRlr+/fKYIje2sGP1q7Vf9Q8g+7XFkyDRTNrJ9CG0Bwta/OrffGFqfUo +0q3v84RLHIf8E6M6cqJaESvWJ3En7YEtbWaBkoe0G1h6zD8K+kZPTXhc+CtI4wSE +y132tGqzZfxCnlEmIyDLPRT5ge1lFgBPGmSXZgjPjHvjK8Cd+RTyG/FWaha/LIWF +zXg4mutCagI0GIMXTpRW+LaCtfOW3T3zvn8gdz57GSNrLNRyc0NXfeD412lPFzYE ++cCQYDdF3uYM2HSNrpyibXRdQr4G9dlkbgIQrImwTDsHTUB+JMWKmIJ5jqSngiCN +I/onccnfxkF0oE32kRbcRoxfKWMxWXEM2G/CtjJ9++ZdU6Z+Ffy7dXxd7Pj2Fxzs +x2sZy/N78CsHpdlseVR2bJ0cpm4O6XkMqCNqo98bMDGfsVR7/mrLZqrcZdCinkqa +ByFrgY/bxFn63iLABJzjqls2k+g9vXqhnQt2sQvHnf3PmKgGwvgqo6GDoLclcqUC +4wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV +HQ4EFgQUA1yrc4GHqMywptWU4jaWSf8FmSwwDQYJKoZIhvcNAQEMBQADggIBAHx4 +7PYCLLtbfpIrXTncvtgdokIzTfnvpCo7RGkerNlFo048p9gkUbJUHJNOxO97k4Vg +JuoJSOD1u8fpaNK7ajFxzHmuEajwmf3lH7wvqMxX63bEIaZHU1VNaL8FpO7XJqti +2kM3S+LGteWygxk6x9PbTZ4IevPuzz5i+6zoYMzRx6Fcg0XERczzF2sUyQQCPtIk +pnnpHs6i58FZFZ8d4kuaPp92CC1r2LpXFNqD6v6MVenQTqnMdzGxRBF6XLE+0xRF +FRhiJBPSy03OXIPBNvIQtQ6IbbjhVp+J3pZmOUdkLG5NrmJ7v2B0GbhWrJKsFjLt +rWhV/pi60zTe9Mlhww6G9kuEYO4Ne7UyWHmRVSyBQ7N0H3qqJZ4d16GLuc1CLgSk +ZoNNiTW2bKg2SnkheCLQQrzRQDGQob4Ez8pn7fXwgNNgyYMqIgXQBztSvwyeqiv5 +u+YfjyW6hY0XHgL+XVAEV8/+LbzvXMAaq7afJMbfc2hIkCwU9D9SGuTSyxTDYWnP +4vkYxboznxSjBF25cfe1lNj2M8FawTSLfJvdkzrnE6JwYZ+vj+vYxXX4M2bUdGc6 +N3ec592kD3ZDZopD8p/7DEJ4Y9HiD2971KE9dJeFt0g5QdYg/NA6s/rob8SKunE3 +vouXsXgxT7PntgMTzlSdriVZzH81Xwj3QEUxeCp6 +-----END CERTIFICATE----- + +# Issuer: CN=GlobalSign Root E46 O=GlobalSign nv-sa +# Subject: CN=GlobalSign Root E46 O=GlobalSign nv-sa +# Label: "GlobalSign Root E46" +# Serial: 1552617690338932563915843282459653771421763 +# MD5 Fingerprint: b5:b8:66:ed:de:08:83:e3:c9:e2:01:34:06:ac:51:6f +# SHA1 Fingerprint: 39:b4:6c:d5:fe:80:06:eb:e2:2f:4a:bb:08:33:a0:af:db:b9:dd:84 +# SHA256 Fingerprint: cb:b9:c4:4d:84:b8:04:3e:10:50:ea:31:a6:9f:51:49:55:d7:bf:d2:e2:c6:b4:93:01:01:9a:d6:1d:9f:50:58 +-----BEGIN CERTIFICATE----- +MIICCzCCAZGgAwIBAgISEdK7ujNu1LzmJGjFDYQdmOhDMAoGCCqGSM49BAMDMEYx +CzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRwwGgYDVQQD +ExNHbG9iYWxTaWduIFJvb3QgRTQ2MB4XDTE5MDMyMDAwMDAwMFoXDTQ2MDMyMDAw +MDAwMFowRjELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2Ex +HDAaBgNVBAMTE0dsb2JhbFNpZ24gUm9vdCBFNDYwdjAQBgcqhkjOPQIBBgUrgQQA +IgNiAAScDrHPt+ieUnd1NPqlRqetMhkytAepJ8qUuwzSChDH2omwlwxwEwkBjtjq +R+q+soArzfwoDdusvKSGN+1wCAB16pMLey5SnCNoIwZD7JIvU4Tb+0cUB+hflGdd +yXqBPCCjQjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud +DgQWBBQxCpCPtsad0kRLgLWi5h+xEk8blTAKBggqhkjOPQQDAwNoADBlAjEA31SQ +7Zvvi5QCkxeCmb6zniz2C5GMn0oUsfZkvLtoURMMA/cVi4RguYv/Uo7njLwcAjA8 ++RHUjE7AwWHCFUyqqx0LMV87HOIAl0Qx5v5zli/altP+CAezNIm8BZ/3Hobui3A= +-----END CERTIFICATE----- + +# Issuer: CN=GLOBALTRUST 2020 O=e-commerce monitoring GmbH +# Subject: CN=GLOBALTRUST 2020 O=e-commerce monitoring GmbH +# Label: "GLOBALTRUST 2020" +# Serial: 109160994242082918454945253 +# MD5 Fingerprint: 8a:c7:6f:cb:6d:e3:cc:a2:f1:7c:83:fa:0e:78:d7:e8 +# SHA1 Fingerprint: d0:67:c1:13:51:01:0c:aa:d0:c7:6a:65:37:31:16:26:4f:53:71:a2 +# SHA256 Fingerprint: 9a:29:6a:51:82:d1:d4:51:a2:e3:7f:43:9b:74:da:af:a2:67:52:33:29:f9:0f:9a:0d:20:07:c3:34:e2:3c:9a +-----BEGIN CERTIFICATE----- +MIIFgjCCA2qgAwIBAgILWku9WvtPilv6ZeUwDQYJKoZIhvcNAQELBQAwTTELMAkG +A1UEBhMCQVQxIzAhBgNVBAoTGmUtY29tbWVyY2UgbW9uaXRvcmluZyBHbWJIMRkw +FwYDVQQDExBHTE9CQUxUUlVTVCAyMDIwMB4XDTIwMDIxMDAwMDAwMFoXDTQwMDYx +MDAwMDAwMFowTTELMAkGA1UEBhMCQVQxIzAhBgNVBAoTGmUtY29tbWVyY2UgbW9u +aXRvcmluZyBHbWJIMRkwFwYDVQQDExBHTE9CQUxUUlVTVCAyMDIwMIICIjANBgkq +hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAri5WrRsc7/aVj6B3GyvTY4+ETUWiD59b +RatZe1E0+eyLinjF3WuvvcTfk0Uev5E4C64OFudBc/jbu9G4UeDLgztzOG53ig9Z +YybNpyrOVPu44sB8R85gfD+yc/LAGbaKkoc1DZAoouQVBGM+uq/ufF7MpotQsjj3 +QWPKzv9pj2gOlTblzLmMCcpL3TGQlsjMH/1WljTbjhzqLL6FLmPdqqmV0/0plRPw +yJiT2S0WR5ARg6I6IqIoV6Lr/sCMKKCmfecqQjuCgGOlYx8ZzHyyZqjC0203b+J+ +BlHZRYQfEs4kUmSFC0iAToexIiIwquuuvuAC4EDosEKAA1GqtH6qRNdDYfOiaxaJ +SaSjpCuKAsR49GiKweR6NrFvG5Ybd0mN1MkGco/PU+PcF4UgStyYJ9ORJitHHmkH +r96i5OTUawuzXnzUJIBHKWk7buis/UDr2O1xcSvy6Fgd60GXIsUf1DnQJ4+H4xj0 +4KlGDfV0OoIu0G4skaMxXDtG6nsEEFZegB31pWXogvziB4xiRfUg3kZwhqG8k9Me +dKZssCz3AwyIDMvUclOGvGBG85hqwvG/Q/lwIHfKN0F5VVJjjVsSn8VoxIidrPIw +q7ejMZdnrY8XD2zHc+0klGvIg5rQmjdJBKuxFshsSUktq6HQjJLyQUp5ISXbY9e2 +nKd+Qmn7OmMCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AQYwHQYDVR0OBBYEFNwuH9FhN3nkq9XVsxJxaD1qaJwiMB8GA1UdIwQYMBaAFNwu +H9FhN3nkq9XVsxJxaD1qaJwiMA0GCSqGSIb3DQEBCwUAA4ICAQCR8EICaEDuw2jA +VC/f7GLDw56KoDEoqoOOpFaWEhCGVrqXctJUMHytGdUdaG/7FELYjQ7ztdGl4wJC +XtzoRlgHNQIw4Lx0SsFDKv/bGtCwr2zD/cuz9X9tAy5ZVp0tLTWMstZDFyySCstd +6IwPS3BD0IL/qMy/pJTAvoe9iuOTe8aPmxadJ2W8esVCgmxcB9CpwYhgROmYhRZf ++I/KARDOJcP5YBugxZfD0yyIMaK9MOzQ0MAS8cE54+X1+NZK3TTN+2/BT+MAi1bi +kvcoskJ3ciNnxz8RFbLEAwW+uxF7Cr+obuf/WEPPm2eggAe2HcqtbepBEX4tdJP7 +wry+UUTF72glJ4DjyKDUEuzZpTcdN3y0kcra1LGWge9oXHYQSa9+pTeAsRxSvTOB +TI/53WXZFM2KJVj04sWDpQmQ1GwUY7VA3+vA/MRYfg0UFodUJ25W5HCEuGwyEn6C +MUO+1918oa2u1qsgEu8KwxCMSZY13At1XrFP1U80DhEgB3VDRemjEdqso5nCtnkn +4rnvyOL2NSl6dPrFf4IFYqYK6miyeUcGbvJXqBUzxvd4Sj1Ce2t+/vdG6tHrju+I +aFvowdlxfv1k7/9nR4hYJS8+hge9+6jlgqispdNpQ80xiEmEU5LAsTkbOYMBMMTy +qfrQA71yN2BWHzZ8vTmR9W0Nv3vXkg== +-----END CERTIFICATE----- + +# Issuer: CN=ANF Secure Server Root CA O=ANF Autoridad de Certificacion OU=ANF CA Raiz +# Subject: CN=ANF Secure Server Root CA O=ANF Autoridad de Certificacion OU=ANF CA Raiz +# Label: "ANF Secure Server Root CA" +# Serial: 996390341000653745 +# MD5 Fingerprint: 26:a6:44:5a:d9:af:4e:2f:b2:1d:b6:65:b0:4e:e8:96 +# SHA1 Fingerprint: 5b:6e:68:d0:cc:15:b6:a0:5f:1e:c1:5f:ae:02:fc:6b:2f:5d:6f:74 +# SHA256 Fingerprint: fb:8f:ec:75:91:69:b9:10:6b:1e:51:16:44:c6:18:c5:13:04:37:3f:6c:06:43:08:8d:8b:ef:fd:1b:99:75:99 +-----BEGIN CERTIFICATE----- +MIIF7zCCA9egAwIBAgIIDdPjvGz5a7EwDQYJKoZIhvcNAQELBQAwgYQxEjAQBgNV +BAUTCUc2MzI4NzUxMDELMAkGA1UEBhMCRVMxJzAlBgNVBAoTHkFORiBBdXRvcmlk +YWQgZGUgQ2VydGlmaWNhY2lvbjEUMBIGA1UECxMLQU5GIENBIFJhaXoxIjAgBgNV +BAMTGUFORiBTZWN1cmUgU2VydmVyIFJvb3QgQ0EwHhcNMTkwOTA0MTAwMDM4WhcN +MzkwODMwMTAwMDM4WjCBhDESMBAGA1UEBRMJRzYzMjg3NTEwMQswCQYDVQQGEwJF +UzEnMCUGA1UEChMeQU5GIEF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uMRQwEgYD +VQQLEwtBTkYgQ0EgUmFpejEiMCAGA1UEAxMZQU5GIFNlY3VyZSBTZXJ2ZXIgUm9v +dCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANvrayvmZFSVgpCj +cqQZAZ2cC4Ffc0m6p6zzBE57lgvsEeBbphzOG9INgxwruJ4dfkUyYA8H6XdYfp9q +yGFOtibBTI3/TO80sh9l2Ll49a2pcbnvT1gdpd50IJeh7WhM3pIXS7yr/2WanvtH +2Vdy8wmhrnZEE26cLUQ5vPnHO6RYPUG9tMJJo8gN0pcvB2VSAKduyK9o7PQUlrZX +H1bDOZ8rbeTzPvY1ZNoMHKGESy9LS+IsJJ1tk0DrtSOOMspvRdOoiXsezx76W0OL +zc2oD2rKDF65nkeP8Nm2CgtYZRczuSPkdxl9y0oukntPLxB3sY0vaJxizOBQ+OyR +p1RMVwnVdmPF6GUe7m1qzwmd+nxPrWAI/VaZDxUse6mAq4xhj0oHdkLePfTdsiQz +W7i1o0TJrH93PB0j7IKppuLIBkwC/qxcmZkLLxCKpvR/1Yd0DVlJRfbwcVw5Kda/ +SiOL9V8BY9KHcyi1Swr1+KuCLH5zJTIdC2MKF4EA/7Z2Xue0sUDKIbvVgFHlSFJn +LNJhiQcND85Cd8BEc5xEUKDbEAotlRyBr+Qc5RQe8TZBAQIvfXOn3kLMTOmJDVb3 +n5HUA8ZsyY/b2BzgQJhdZpmYgG4t/wHFzstGH6wCxkPmrqKEPMVOHj1tyRRM4y5B +u8o5vzY8KhmqQYdOpc5LMnndkEl/AgMBAAGjYzBhMB8GA1UdIwQYMBaAFJxf0Gxj +o1+TypOYCK2Mh6UsXME3MB0GA1UdDgQWBBScX9BsY6Nfk8qTmAitjIelLFzBNzAO +BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC +AgEATh65isagmD9uw2nAalxJUqzLK114OMHVVISfk/CHGT0sZonrDUL8zPB1hT+L +9IBdeeUXZ701guLyPI59WzbLWoAAKfLOKyzxj6ptBZNscsdW699QIyjlRRA96Gej +rw5VD5AJYu9LWaL2U/HANeQvwSS9eS9OICI7/RogsKQOLHDtdD+4E5UGUcjohybK +pFtqFiGS3XNgnhAY3jyB6ugYw3yJ8otQPr0R4hUDqDZ9MwFsSBXXiJCZBMXM5gf0 +vPSQ7RPi6ovDj6MzD8EpTBNO2hVWcXNyglD2mjN8orGoGjR0ZVzO0eurU+AagNjq +OknkJjCb5RyKqKkVMoaZkgoQI1YS4PbOTOK7vtuNknMBZi9iPrJyJ0U27U1W45eZ +/zo1PqVUSlJZS2Db7v54EX9K3BR5YLZrZAPbFYPhor72I5dQ8AkzNqdxliXzuUJ9 +2zg/LFis6ELhDtjTO0wugumDLmsx2d1Hhk9tl5EuT+IocTUW0fJz/iUrB0ckYyfI ++PbZa/wSMVYIwFNCr5zQM378BvAxRAMU8Vjq8moNqRGyg77FGr8H6lnco4g175x2 +MjxNBiLOFeXdntiP2t7SxDnlF4HPOEfrf4htWRvfn0IUrn7PqLBmZdo3r5+qPeoo +tt7VMVgWglvquxl1AnMaykgaIZOQCo6ThKd9OyMYkomgjaw= +-----END CERTIFICATE----- + +# Issuer: CN=Certum EC-384 CA O=Asseco Data Systems S.A. OU=Certum Certification Authority +# Subject: CN=Certum EC-384 CA O=Asseco Data Systems S.A. OU=Certum Certification Authority +# Label: "Certum EC-384 CA" +# Serial: 160250656287871593594747141429395092468 +# MD5 Fingerprint: b6:65:b3:96:60:97:12:a1:ec:4e:e1:3d:a3:c6:c9:f1 +# SHA1 Fingerprint: f3:3e:78:3c:ac:df:f4:a2:cc:ac:67:55:69:56:d7:e5:16:3c:e1:ed +# SHA256 Fingerprint: 6b:32:80:85:62:53:18:aa:50:d1:73:c9:8d:8b:da:09:d5:7e:27:41:3d:11:4c:f7:87:a0:f5:d0:6c:03:0c:f6 +-----BEGIN CERTIFICATE----- +MIICZTCCAeugAwIBAgIQeI8nXIESUiClBNAt3bpz9DAKBggqhkjOPQQDAzB0MQsw +CQYDVQQGEwJQTDEhMB8GA1UEChMYQXNzZWNvIERhdGEgU3lzdGVtcyBTLkEuMScw +JQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGTAXBgNVBAMT +EENlcnR1bSBFQy0zODQgQ0EwHhcNMTgwMzI2MDcyNDU0WhcNNDMwMzI2MDcyNDU0 +WjB0MQswCQYDVQQGEwJQTDEhMB8GA1UEChMYQXNzZWNvIERhdGEgU3lzdGVtcyBT +LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGTAX +BgNVBAMTEENlcnR1bSBFQy0zODQgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATE +KI6rGFtqvm5kN2PkzeyrOvfMobgOgknXhimfoZTy42B4mIF4Bk3y7JoOV2CDn7Tm +Fy8as10CW4kjPMIRBSqniBMY81CE1700LCeJVf/OTOffph8oxPBUw7l8t1Ot68Kj +QjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI0GZnQkdjrzife81r1HfS+8 +EF9LMA4GA1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNoADBlAjADVS2m5hjEfO/J +UG7BJw+ch69u1RsIGL2SKcHvlJF40jocVYli5RsJHrpka/F2tNQCMQC0QoSZ/6vn +nvuRlydd3LBbMHHOXjgaatkl5+r3YZJW+OraNsKHZZYuciUvf9/DE8k= +-----END CERTIFICATE----- + +# Issuer: CN=Certum Trusted Root CA O=Asseco Data Systems S.A. OU=Certum Certification Authority +# Subject: CN=Certum Trusted Root CA O=Asseco Data Systems S.A. OU=Certum Certification Authority +# Label: "Certum Trusted Root CA" +# Serial: 40870380103424195783807378461123655149 +# MD5 Fingerprint: 51:e1:c2:e7:fe:4c:84:af:59:0e:2f:f4:54:6f:ea:29 +# SHA1 Fingerprint: c8:83:44:c0:18:ae:9f:cc:f1:87:b7:8f:22:d1:c5:d7:45:84:ba:e5 +# SHA256 Fingerprint: fe:76:96:57:38:55:77:3e:37:a9:5e:7a:d4:d9:cc:96:c3:01:57:c1:5d:31:76:5b:a9:b1:57:04:e1:ae:78:fd +-----BEGIN CERTIFICATE----- +MIIFwDCCA6igAwIBAgIQHr9ZULjJgDdMBvfrVU+17TANBgkqhkiG9w0BAQ0FADB6 +MQswCQYDVQQGEwJQTDEhMB8GA1UEChMYQXNzZWNvIERhdGEgU3lzdGVtcyBTLkEu +MScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxHzAdBgNV +BAMTFkNlcnR1bSBUcnVzdGVkIFJvb3QgQ0EwHhcNMTgwMzE2MTIxMDEzWhcNNDMw +MzE2MTIxMDEzWjB6MQswCQYDVQQGEwJQTDEhMB8GA1UEChMYQXNzZWNvIERhdGEg +U3lzdGVtcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRo +b3JpdHkxHzAdBgNVBAMTFkNlcnR1bSBUcnVzdGVkIFJvb3QgQ0EwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQDRLY67tzbqbTeRn06TpwXkKQMlzhyC93yZ +n0EGze2jusDbCSzBfN8pfktlL5On1AFrAygYo9idBcEq2EXxkd7fO9CAAozPOA/q +p1x4EaTByIVcJdPTsuclzxFUl6s1wB52HO8AU5853BSlLCIls3Jy/I2z5T4IHhQq +NwuIPMqw9MjCoa68wb4pZ1Xi/K1ZXP69VyywkI3C7Te2fJmItdUDmj0VDT06qKhF +8JVOJVkdzZhpu9PMMsmN74H+rX2Ju7pgE8pllWeg8xn2A1bUatMn4qGtg/BKEiJ3 +HAVz4hlxQsDsdUaakFjgao4rpUYwBI4Zshfjvqm6f1bxJAPXsiEodg42MEx51UGa +mqi4NboMOvJEGyCI98Ul1z3G4z5D3Yf+xOr1Uz5MZf87Sst4WmsXXw3Hw09Omiqi +7VdNIuJGmj8PkTQkfVXjjJU30xrwCSss0smNtA0Aq2cpKNgB9RkEth2+dv5yXMSF +ytKAQd8FqKPVhJBPC/PgP5sZ0jeJP/J7UhyM9uH3PAeXjA6iWYEMspA90+NZRu0P +qafegGtaqge2Gcu8V/OXIXoMsSt0Puvap2ctTMSYnjYJdmZm/Bo/6khUHL4wvYBQ +v3y1zgD2DGHZ5yQD4OMBgQ692IU0iL2yNqh7XAjlRICMb/gv1SHKHRzQ+8S1h9E6 +Tsd2tTVItQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSM+xx1 +vALTn04uSNn5YFSqxLNP+jAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQENBQAD +ggIBAEii1QALLtA/vBzVtVRJHlpr9OTy4EA34MwUe7nJ+jW1dReTagVphZzNTxl4 +WxmB82M+w85bj/UvXgF2Ez8sALnNllI5SW0ETsXpD4YN4fqzX4IS8TrOZgYkNCvo +zMrnadyHncI013nR03e4qllY/p0m+jiGPp2Kh2RX5Rc64vmNueMzeMGQ2Ljdt4NR +5MTMI9UGfOZR0800McD2RrsLrfw9EAUqO0qRJe6M1ISHgCq8CYyqOhNf6DR5UMEQ +GfnTKB7U0VEwKbOukGfWHwpjscWpxkIxYxeU72nLL/qMFH3EQxiJ2fAyQOaA4kZf +5ePBAFmo+eggvIksDkc0C+pXwlM2/KfUrzHN/gLldfq5Jwn58/U7yn2fqSLLiMmq +0Uc9NneoWWRrJ8/vJ8HjJLWG965+Mk2weWjROeiQWMODvA8s1pfrzgzhIMfatz7D +P78v3DSk+yshzWePS/Tj6tQ/50+6uaWTRRxmHyH6ZF5v4HaUMst19W7l9o/HuKTM +qJZ9ZPskWkoDbGs4xugDQ5r3V7mzKWmTOPQD8rv7gmsHINFSH5pkAnuYZttcTVoP +0ISVoDwUQwbKytu4QTbaakRnh6+v40URFWkIsr4WOZckbxJF0WddCajJFdr60qZf +E2Efv4WstK2tBZQIgx51F9NxO5NQI1mg7TyRVJ12AMXDuDjb +-----END CERTIFICATE----- diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/core.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/core.py new file mode 100644 index 000000000..b8140cf1a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/certifi/core.py @@ -0,0 +1,76 @@ +# -*- coding: utf-8 -*- + +""" +certifi.py +~~~~~~~~~~ + +This module returns the installation location of cacert.pem or its contents. +""" +import os + + +class _PipPatchedCertificate(Exception): + pass + + +try: + # Return a certificate file on disk for a standalone pip zipapp running in + # an isolated build environment to use. Passing --cert to the standalone + # pip does not work since requests calls where() unconditionally on import. + _PIP_STANDALONE_CERT = os.environ.get("_PIP_STANDALONE_CERT") + if _PIP_STANDALONE_CERT: + def where(): + return _PIP_STANDALONE_CERT + raise _PipPatchedCertificate() + + from importlib.resources import path as get_path, read_text + + _CACERT_CTX = None + _CACERT_PATH = None + + def where(): + # This is slightly terrible, but we want to delay extracting the file + # in cases where we're inside of a zipimport situation until someone + # actually calls where(), but we don't want to re-extract the file + # on every call of where(), so we'll do it once then store it in a + # global variable. + global _CACERT_CTX + global _CACERT_PATH + if _CACERT_PATH is None: + # This is slightly janky, the importlib.resources API wants you to + # manage the cleanup of this file, so it doesn't actually return a + # path, it returns a context manager that will give you the path + # when you enter it and will do any cleanup when you leave it. In + # the common case of not needing a temporary file, it will just + # return the file system location and the __exit__() is a no-op. + # + # We also have to hold onto the actual context manager, because + # it will do the cleanup whenever it gets garbage collected, so + # we will also store that at the global level as well. + _CACERT_CTX = get_path("pip._vendor.certifi", "cacert.pem") + _CACERT_PATH = str(_CACERT_CTX.__enter__()) + + return _CACERT_PATH + +except _PipPatchedCertificate: + pass + +except ImportError: + # This fallback will work for Python versions prior to 3.7 that lack the + # importlib.resources module but relies on the existing `where` function + # so won't address issues with environments like PyOxidizer that don't set + # __file__ on modules. + def read_text(_module, _path, encoding="ascii"): + with open(where(), "r", encoding=encoding) as data: + return data.read() + + # If we don't have importlib.resources, then we will just do the old logic + # of assuming we're on the filesystem and munge the path directly. + def where(): + f = os.path.dirname(__file__) + + return os.path.join(f, "cacert.pem") + + +def contents(): + return read_text("certifi", "cacert.pem", encoding="ascii") diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/__init__.py new file mode 100644 index 000000000..80ad2546d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/__init__.py @@ -0,0 +1,83 @@ +######################## BEGIN LICENSE BLOCK ######################## +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + + +from .universaldetector import UniversalDetector +from .enums import InputState +from .version import __version__, VERSION + + +__all__ = ['UniversalDetector', 'detect', 'detect_all', '__version__', 'VERSION'] + + +def detect(byte_str): + """ + Detect the encoding of the given byte string. + + :param byte_str: The byte sequence to examine. + :type byte_str: ``bytes`` or ``bytearray`` + """ + if not isinstance(byte_str, bytearray): + if not isinstance(byte_str, bytes): + raise TypeError('Expected object of type bytes or bytearray, got: ' + '{}'.format(type(byte_str))) + else: + byte_str = bytearray(byte_str) + detector = UniversalDetector() + detector.feed(byte_str) + return detector.close() + + +def detect_all(byte_str): + """ + Detect all the possible encodings of the given byte string. + + :param byte_str: The byte sequence to examine. + :type byte_str: ``bytes`` or ``bytearray`` + """ + if not isinstance(byte_str, bytearray): + if not isinstance(byte_str, bytes): + raise TypeError('Expected object of type bytes or bytearray, got: ' + '{}'.format(type(byte_str))) + else: + byte_str = bytearray(byte_str) + + detector = UniversalDetector() + detector.feed(byte_str) + detector.close() + + if detector._input_state == InputState.HIGH_BYTE: + results = [] + for prober in detector._charset_probers: + if prober.get_confidence() > detector.MINIMUM_THRESHOLD: + charset_name = prober.charset_name + lower_charset_name = prober.charset_name.lower() + # Use Windows encoding name instead of ISO-8859 if we saw any + # extra Windows-specific bytes + if lower_charset_name.startswith('iso-8859'): + if detector._has_win_bytes: + charset_name = detector.ISO_WIN_MAP.get(lower_charset_name, + charset_name) + results.append({ + 'encoding': charset_name, + 'confidence': prober.get_confidence(), + 'language': prober.language, + }) + if len(results) > 0: + return sorted(results, key=lambda result: -result['confidence']) + + return [detector.result] diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/big5freq.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/big5freq.py new file mode 100644 index 000000000..38f32517a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/big5freq.py @@ -0,0 +1,386 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Communicator client code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +# Big5 frequency table +# by Taiwan's Mandarin Promotion Council +# +# +# 128 --> 0.42261 +# 256 --> 0.57851 +# 512 --> 0.74851 +# 1024 --> 0.89384 +# 2048 --> 0.97583 +# +# Ideal Distribution Ratio = 0.74851/(1-0.74851) =2.98 +# Random Distribution Ration = 512/(5401-512)=0.105 +# +# Typical Distribution Ratio about 25% of Ideal one, still much higher than RDR + +BIG5_TYPICAL_DISTRIBUTION_RATIO = 0.75 + +#Char to FreqOrder table +BIG5_TABLE_SIZE = 5376 + +BIG5_CHAR_TO_FREQ_ORDER = ( + 1,1801,1506, 255,1431, 198, 9, 82, 6,5008, 177, 202,3681,1256,2821, 110, # 16 +3814, 33,3274, 261, 76, 44,2114, 16,2946,2187,1176, 659,3971, 26,3451,2653, # 32 +1198,3972,3350,4202, 410,2215, 302, 590, 361,1964, 8, 204, 58,4510,5009,1932, # 48 + 63,5010,5011, 317,1614, 75, 222, 159,4203,2417,1480,5012,3555,3091, 224,2822, # 64 +3682, 3, 10,3973,1471, 29,2787,1135,2866,1940, 873, 130,3275,1123, 312,5013, # 80 +4511,2052, 507, 252, 682,5014, 142,1915, 124, 206,2947, 34,3556,3204, 64, 604, # 96 +5015,2501,1977,1978, 155,1991, 645, 641,1606,5016,3452, 337, 72, 406,5017, 80, # 112 + 630, 238,3205,1509, 263, 939,1092,2654, 756,1440,1094,3453, 449, 69,2987, 591, # 128 + 179,2096, 471, 115,2035,1844, 60, 50,2988, 134, 806,1869, 734,2036,3454, 180, # 144 + 995,1607, 156, 537,2907, 688,5018, 319,1305, 779,2145, 514,2379, 298,4512, 359, # 160 +2502, 90,2716,1338, 663, 11, 906,1099,2553, 20,2441, 182, 532,1716,5019, 732, # 176 +1376,4204,1311,1420,3206, 25,2317,1056, 113, 399, 382,1950, 242,3455,2474, 529, # 192 +3276, 475,1447,3683,5020, 117, 21, 656, 810,1297,2300,2334,3557,5021, 126,4205, # 208 + 706, 456, 150, 613,4513, 71,1118,2037,4206, 145,3092, 85, 835, 486,2115,1246, # 224 +1426, 428, 727,1285,1015, 800, 106, 623, 303,1281,5022,2128,2359, 347,3815, 221, # 240 +3558,3135,5023,1956,1153,4207, 83, 296,1199,3093, 192, 624, 93,5024, 822,1898, # 256 +2823,3136, 795,2065, 991,1554,1542,1592, 27, 43,2867, 859, 139,1456, 860,4514, # 272 + 437, 712,3974, 164,2397,3137, 695, 211,3037,2097, 195,3975,1608,3559,3560,3684, # 288 +3976, 234, 811,2989,2098,3977,2233,1441,3561,1615,2380, 668,2077,1638, 305, 228, # 304 +1664,4515, 467, 415,5025, 262,2099,1593, 239, 108, 300, 200,1033, 512,1247,2078, # 320 +5026,5027,2176,3207,3685,2682, 593, 845,1062,3277, 88,1723,2038,3978,1951, 212, # 336 + 266, 152, 149, 468,1899,4208,4516, 77, 187,5028,3038, 37, 5,2990,5029,3979, # 352 +5030,5031, 39,2524,4517,2908,3208,2079, 55, 148, 74,4518, 545, 483,1474,1029, # 368 +1665, 217,1870,1531,3138,1104,2655,4209, 24, 172,3562, 900,3980,3563,3564,4519, # 384 + 32,1408,2824,1312, 329, 487,2360,2251,2717, 784,2683, 4,3039,3351,1427,1789, # 400 + 188, 109, 499,5032,3686,1717,1790, 888,1217,3040,4520,5033,3565,5034,3352,1520, # 416 +3687,3981, 196,1034, 775,5035,5036, 929,1816, 249, 439, 38,5037,1063,5038, 794, # 432 +3982,1435,2301, 46, 178,3278,2066,5039,2381,5040, 214,1709,4521, 804, 35, 707, # 448 + 324,3688,1601,2554, 140, 459,4210,5041,5042,1365, 839, 272, 978,2262,2580,3456, # 464 +2129,1363,3689,1423, 697, 100,3094, 48, 70,1231, 495,3139,2196,5043,1294,5044, # 480 +2080, 462, 586,1042,3279, 853, 256, 988, 185,2382,3457,1698, 434,1084,5045,3458, # 496 + 314,2625,2788,4522,2335,2336, 569,2285, 637,1817,2525, 757,1162,1879,1616,3459, # 512 + 287,1577,2116, 768,4523,1671,2868,3566,2526,1321,3816, 909,2418,5046,4211, 933, # 528 +3817,4212,2053,2361,1222,4524, 765,2419,1322, 786,4525,5047,1920,1462,1677,2909, # 544 +1699,5048,4526,1424,2442,3140,3690,2600,3353,1775,1941,3460,3983,4213, 309,1369, # 560 +1130,2825, 364,2234,1653,1299,3984,3567,3985,3986,2656, 525,1085,3041, 902,2001, # 576 +1475, 964,4527, 421,1845,1415,1057,2286, 940,1364,3141, 376,4528,4529,1381, 7, # 592 +2527, 983,2383, 336,1710,2684,1846, 321,3461, 559,1131,3042,2752,1809,1132,1313, # 608 + 265,1481,1858,5049, 352,1203,2826,3280, 167,1089, 420,2827, 776, 792,1724,3568, # 624 +4214,2443,3281,5050,4215,5051, 446, 229, 333,2753, 901,3818,1200,1557,4530,2657, # 640 +1921, 395,2754,2685,3819,4216,1836, 125, 916,3209,2626,4531,5052,5053,3820,5054, # 656 +5055,5056,4532,3142,3691,1133,2555,1757,3462,1510,2318,1409,3569,5057,2146, 438, # 672 +2601,2910,2384,3354,1068, 958,3043, 461, 311,2869,2686,4217,1916,3210,4218,1979, # 688 + 383, 750,2755,2627,4219, 274, 539, 385,1278,1442,5058,1154,1965, 384, 561, 210, # 704 + 98,1295,2556,3570,5059,1711,2420,1482,3463,3987,2911,1257, 129,5060,3821, 642, # 720 + 523,2789,2790,2658,5061, 141,2235,1333, 68, 176, 441, 876, 907,4220, 603,2602, # 736 + 710, 171,3464, 404, 549, 18,3143,2398,1410,3692,1666,5062,3571,4533,2912,4534, # 752 +5063,2991, 368,5064, 146, 366, 99, 871,3693,1543, 748, 807,1586,1185, 22,2263, # 768 + 379,3822,3211,5065,3212, 505,1942,2628,1992,1382,2319,5066, 380,2362, 218, 702, # 784 +1818,1248,3465,3044,3572,3355,3282,5067,2992,3694, 930,3283,3823,5068, 59,5069, # 800 + 585, 601,4221, 497,3466,1112,1314,4535,1802,5070,1223,1472,2177,5071, 749,1837, # 816 + 690,1900,3824,1773,3988,1476, 429,1043,1791,2236,2117, 917,4222, 447,1086,1629, # 832 +5072, 556,5073,5074,2021,1654, 844,1090, 105, 550, 966,1758,2828,1008,1783, 686, # 848 +1095,5075,2287, 793,1602,5076,3573,2603,4536,4223,2948,2302,4537,3825, 980,2503, # 864 + 544, 353, 527,4538, 908,2687,2913,5077, 381,2629,1943,1348,5078,1341,1252, 560, # 880 +3095,5079,3467,2870,5080,2054, 973, 886,2081, 143,4539,5081,5082, 157,3989, 496, # 896 +4224, 57, 840, 540,2039,4540,4541,3468,2118,1445, 970,2264,1748,1966,2082,4225, # 912 +3144,1234,1776,3284,2829,3695, 773,1206,2130,1066,2040,1326,3990,1738,1725,4226, # 928 + 279,3145, 51,1544,2604, 423,1578,2131,2067, 173,4542,1880,5083,5084,1583, 264, # 944 + 610,3696,4543,2444, 280, 154,5085,5086,5087,1739, 338,1282,3096, 693,2871,1411, # 960 +1074,3826,2445,5088,4544,5089,5090,1240, 952,2399,5091,2914,1538,2688, 685,1483, # 976 +4227,2475,1436, 953,4228,2055,4545, 671,2400, 79,4229,2446,3285, 608, 567,2689, # 992 +3469,4230,4231,1691, 393,1261,1792,2401,5092,4546,5093,5094,5095,5096,1383,1672, # 1008 +3827,3213,1464, 522,1119, 661,1150, 216, 675,4547,3991,1432,3574, 609,4548,2690, # 1024 +2402,5097,5098,5099,4232,3045, 0,5100,2476, 315, 231,2447, 301,3356,4549,2385, # 1040 +5101, 233,4233,3697,1819,4550,4551,5102, 96,1777,1315,2083,5103, 257,5104,1810, # 1056 +3698,2718,1139,1820,4234,2022,1124,2164,2791,1778,2659,5105,3097, 363,1655,3214, # 1072 +5106,2993,5107,5108,5109,3992,1567,3993, 718, 103,3215, 849,1443, 341,3357,2949, # 1088 +1484,5110,1712, 127, 67, 339,4235,2403, 679,1412, 821,5111,5112, 834, 738, 351, # 1104 +2994,2147, 846, 235,1497,1881, 418,1993,3828,2719, 186,1100,2148,2756,3575,1545, # 1120 +1355,2950,2872,1377, 583,3994,4236,2581,2995,5113,1298,3699,1078,2557,3700,2363, # 1136 + 78,3829,3830, 267,1289,2100,2002,1594,4237, 348, 369,1274,2197,2178,1838,4552, # 1152 +1821,2830,3701,2757,2288,2003,4553,2951,2758, 144,3358, 882,4554,3995,2759,3470, # 1168 +4555,2915,5114,4238,1726, 320,5115,3996,3046, 788,2996,5116,2831,1774,1327,2873, # 1184 +3997,2832,5117,1306,4556,2004,1700,3831,3576,2364,2660, 787,2023, 506, 824,3702, # 1200 + 534, 323,4557,1044,3359,2024,1901, 946,3471,5118,1779,1500,1678,5119,1882,4558, # 1216 + 165, 243,4559,3703,2528, 123, 683,4239, 764,4560, 36,3998,1793, 589,2916, 816, # 1232 + 626,1667,3047,2237,1639,1555,1622,3832,3999,5120,4000,2874,1370,1228,1933, 891, # 1248 +2084,2917, 304,4240,5121, 292,2997,2720,3577, 691,2101,4241,1115,4561, 118, 662, # 1264 +5122, 611,1156, 854,2386,1316,2875, 2, 386, 515,2918,5123,5124,3286, 868,2238, # 1280 +1486, 855,2661, 785,2216,3048,5125,1040,3216,3578,5126,3146, 448,5127,1525,5128, # 1296 +2165,4562,5129,3833,5130,4242,2833,3579,3147, 503, 818,4001,3148,1568, 814, 676, # 1312 +1444, 306,1749,5131,3834,1416,1030, 197,1428, 805,2834,1501,4563,5132,5133,5134, # 1328 +1994,5135,4564,5136,5137,2198, 13,2792,3704,2998,3149,1229,1917,5138,3835,2132, # 1344 +5139,4243,4565,2404,3580,5140,2217,1511,1727,1120,5141,5142, 646,3836,2448, 307, # 1360 +5143,5144,1595,3217,5145,5146,5147,3705,1113,1356,4002,1465,2529,2530,5148, 519, # 1376 +5149, 128,2133, 92,2289,1980,5150,4003,1512, 342,3150,2199,5151,2793,2218,1981, # 1392 +3360,4244, 290,1656,1317, 789, 827,2365,5152,3837,4566, 562, 581,4004,5153, 401, # 1408 +4567,2252, 94,4568,5154,1399,2794,5155,1463,2025,4569,3218,1944,5156, 828,1105, # 1424 +4245,1262,1394,5157,4246, 605,4570,5158,1784,2876,5159,2835, 819,2102, 578,2200, # 1440 +2952,5160,1502, 436,3287,4247,3288,2836,4005,2919,3472,3473,5161,2721,2320,5162, # 1456 +5163,2337,2068, 23,4571, 193, 826,3838,2103, 699,1630,4248,3098, 390,1794,1064, # 1472 +3581,5164,1579,3099,3100,1400,5165,4249,1839,1640,2877,5166,4572,4573, 137,4250, # 1488 + 598,3101,1967, 780, 104, 974,2953,5167, 278, 899, 253, 402, 572, 504, 493,1339, # 1504 +5168,4006,1275,4574,2582,2558,5169,3706,3049,3102,2253, 565,1334,2722, 863, 41, # 1520 +5170,5171,4575,5172,1657,2338, 19, 463,2760,4251, 606,5173,2999,3289,1087,2085, # 1536 +1323,2662,3000,5174,1631,1623,1750,4252,2691,5175,2878, 791,2723,2663,2339, 232, # 1552 +2421,5176,3001,1498,5177,2664,2630, 755,1366,3707,3290,3151,2026,1609, 119,1918, # 1568 +3474, 862,1026,4253,5178,4007,3839,4576,4008,4577,2265,1952,2477,5179,1125, 817, # 1584 +4254,4255,4009,1513,1766,2041,1487,4256,3050,3291,2837,3840,3152,5180,5181,1507, # 1600 +5182,2692, 733, 40,1632,1106,2879, 345,4257, 841,2531, 230,4578,3002,1847,3292, # 1616 +3475,5183,1263, 986,3476,5184, 735, 879, 254,1137, 857, 622,1300,1180,1388,1562, # 1632 +4010,4011,2954, 967,2761,2665,1349, 592,2134,1692,3361,3003,1995,4258,1679,4012, # 1648 +1902,2188,5185, 739,3708,2724,1296,1290,5186,4259,2201,2202,1922,1563,2605,2559, # 1664 +1871,2762,3004,5187, 435,5188, 343,1108, 596, 17,1751,4579,2239,3477,3709,5189, # 1680 +4580, 294,3582,2955,1693, 477, 979, 281,2042,3583, 643,2043,3710,2631,2795,2266, # 1696 +1031,2340,2135,2303,3584,4581, 367,1249,2560,5190,3585,5191,4582,1283,3362,2005, # 1712 + 240,1762,3363,4583,4584, 836,1069,3153, 474,5192,2149,2532, 268,3586,5193,3219, # 1728 +1521,1284,5194,1658,1546,4260,5195,3587,3588,5196,4261,3364,2693,1685,4262, 961, # 1744 +1673,2632, 190,2006,2203,3841,4585,4586,5197, 570,2504,3711,1490,5198,4587,2633, # 1760 +3293,1957,4588, 584,1514, 396,1045,1945,5199,4589,1968,2449,5200,5201,4590,4013, # 1776 + 619,5202,3154,3294, 215,2007,2796,2561,3220,4591,3221,4592, 763,4263,3842,4593, # 1792 +5203,5204,1958,1767,2956,3365,3712,1174, 452,1477,4594,3366,3155,5205,2838,1253, # 1808 +2387,2189,1091,2290,4264, 492,5206, 638,1169,1825,2136,1752,4014, 648, 926,1021, # 1824 +1324,4595, 520,4596, 997, 847,1007, 892,4597,3843,2267,1872,3713,2405,1785,4598, # 1840 +1953,2957,3103,3222,1728,4265,2044,3714,4599,2008,1701,3156,1551, 30,2268,4266, # 1856 +5207,2027,4600,3589,5208, 501,5209,4267, 594,3478,2166,1822,3590,3479,3591,3223, # 1872 + 829,2839,4268,5210,1680,3157,1225,4269,5211,3295,4601,4270,3158,2341,5212,4602, # 1888 +4271,5213,4015,4016,5214,1848,2388,2606,3367,5215,4603, 374,4017, 652,4272,4273, # 1904 + 375,1140, 798,5216,5217,5218,2366,4604,2269, 546,1659, 138,3051,2450,4605,5219, # 1920 +2254, 612,1849, 910, 796,3844,1740,1371, 825,3845,3846,5220,2920,2562,5221, 692, # 1936 + 444,3052,2634, 801,4606,4274,5222,1491, 244,1053,3053,4275,4276, 340,5223,4018, # 1952 +1041,3005, 293,1168, 87,1357,5224,1539, 959,5225,2240, 721, 694,4277,3847, 219, # 1968 +1478, 644,1417,3368,2666,1413,1401,1335,1389,4019,5226,5227,3006,2367,3159,1826, # 1984 + 730,1515, 184,2840, 66,4607,5228,1660,2958, 246,3369, 378,1457, 226,3480, 975, # 2000 +4020,2959,1264,3592, 674, 696,5229, 163,5230,1141,2422,2167, 713,3593,3370,4608, # 2016 +4021,5231,5232,1186, 15,5233,1079,1070,5234,1522,3224,3594, 276,1050,2725, 758, # 2032 +1126, 653,2960,3296,5235,2342, 889,3595,4022,3104,3007, 903,1250,4609,4023,3481, # 2048 +3596,1342,1681,1718, 766,3297, 286, 89,2961,3715,5236,1713,5237,2607,3371,3008, # 2064 +5238,2962,2219,3225,2880,5239,4610,2505,2533, 181, 387,1075,4024, 731,2190,3372, # 2080 +5240,3298, 310, 313,3482,2304, 770,4278, 54,3054, 189,4611,3105,3848,4025,5241, # 2096 +1230,1617,1850, 355,3597,4279,4612,3373, 111,4280,3716,1350,3160,3483,3055,4281, # 2112 +2150,3299,3598,5242,2797,4026,4027,3009, 722,2009,5243,1071, 247,1207,2343,2478, # 2128 +1378,4613,2010, 864,1437,1214,4614, 373,3849,1142,2220, 667,4615, 442,2763,2563, # 2144 +3850,4028,1969,4282,3300,1840, 837, 170,1107, 934,1336,1883,5244,5245,2119,4283, # 2160 +2841, 743,1569,5246,4616,4284, 582,2389,1418,3484,5247,1803,5248, 357,1395,1729, # 2176 +3717,3301,2423,1564,2241,5249,3106,3851,1633,4617,1114,2086,4285,1532,5250, 482, # 2192 +2451,4618,5251,5252,1492, 833,1466,5253,2726,3599,1641,2842,5254,1526,1272,3718, # 2208 +4286,1686,1795, 416,2564,1903,1954,1804,5255,3852,2798,3853,1159,2321,5256,2881, # 2224 +4619,1610,1584,3056,2424,2764, 443,3302,1163,3161,5257,5258,4029,5259,4287,2506, # 2240 +3057,4620,4030,3162,2104,1647,3600,2011,1873,4288,5260,4289, 431,3485,5261, 250, # 2256 + 97, 81,4290,5262,1648,1851,1558, 160, 848,5263, 866, 740,1694,5264,2204,2843, # 2272 +3226,4291,4621,3719,1687, 950,2479, 426, 469,3227,3720,3721,4031,5265,5266,1188, # 2288 + 424,1996, 861,3601,4292,3854,2205,2694, 168,1235,3602,4293,5267,2087,1674,4622, # 2304 +3374,3303, 220,2565,1009,5268,3855, 670,3010, 332,1208, 717,5269,5270,3603,2452, # 2320 +4032,3375,5271, 513,5272,1209,2882,3376,3163,4623,1080,5273,5274,5275,5276,2534, # 2336 +3722,3604, 815,1587,4033,4034,5277,3605,3486,3856,1254,4624,1328,3058,1390,4035, # 2352 +1741,4036,3857,4037,5278, 236,3858,2453,3304,5279,5280,3723,3859,1273,3860,4625, # 2368 +5281, 308,5282,4626, 245,4627,1852,2480,1307,2583, 430, 715,2137,2454,5283, 270, # 2384 + 199,2883,4038,5284,3606,2727,1753, 761,1754, 725,1661,1841,4628,3487,3724,5285, # 2400 +5286, 587, 14,3305, 227,2608, 326, 480,2270, 943,2765,3607, 291, 650,1884,5287, # 2416 +1702,1226, 102,1547, 62,3488, 904,4629,3489,1164,4294,5288,5289,1224,1548,2766, # 2432 + 391, 498,1493,5290,1386,1419,5291,2056,1177,4630, 813, 880,1081,2368, 566,1145, # 2448 +4631,2291,1001,1035,2566,2609,2242, 394,1286,5292,5293,2069,5294, 86,1494,1730, # 2464 +4039, 491,1588, 745, 897,2963, 843,3377,4040,2767,2884,3306,1768, 998,2221,2070, # 2480 + 397,1827,1195,1970,3725,3011,3378, 284,5295,3861,2507,2138,2120,1904,5296,4041, # 2496 +2151,4042,4295,1036,3490,1905, 114,2567,4296, 209,1527,5297,5298,2964,2844,2635, # 2512 +2390,2728,3164, 812,2568,5299,3307,5300,1559, 737,1885,3726,1210, 885, 28,2695, # 2528 +3608,3862,5301,4297,1004,1780,4632,5302, 346,1982,2222,2696,4633,3863,1742, 797, # 2544 +1642,4043,1934,1072,1384,2152, 896,4044,3308,3727,3228,2885,3609,5303,2569,1959, # 2560 +4634,2455,1786,5304,5305,5306,4045,4298,1005,1308,3728,4299,2729,4635,4636,1528, # 2576 +2610, 161,1178,4300,1983, 987,4637,1101,4301, 631,4046,1157,3229,2425,1343,1241, # 2592 +1016,2243,2570, 372, 877,2344,2508,1160, 555,1935, 911,4047,5307, 466,1170, 169, # 2608 +1051,2921,2697,3729,2481,3012,1182,2012,2571,1251,2636,5308, 992,2345,3491,1540, # 2624 +2730,1201,2071,2406,1997,2482,5309,4638, 528,1923,2191,1503,1874,1570,2369,3379, # 2640 +3309,5310, 557,1073,5311,1828,3492,2088,2271,3165,3059,3107, 767,3108,2799,4639, # 2656 +1006,4302,4640,2346,1267,2179,3730,3230, 778,4048,3231,2731,1597,2667,5312,4641, # 2672 +5313,3493,5314,5315,5316,3310,2698,1433,3311, 131, 95,1504,4049, 723,4303,3166, # 2688 +1842,3610,2768,2192,4050,2028,2105,3731,5317,3013,4051,1218,5318,3380,3232,4052, # 2704 +4304,2584, 248,1634,3864, 912,5319,2845,3732,3060,3865, 654, 53,5320,3014,5321, # 2720 +1688,4642, 777,3494,1032,4053,1425,5322, 191, 820,2121,2846, 971,4643, 931,3233, # 2736 + 135, 664, 783,3866,1998, 772,2922,1936,4054,3867,4644,2923,3234, 282,2732, 640, # 2752 +1372,3495,1127, 922, 325,3381,5323,5324, 711,2045,5325,5326,4055,2223,2800,1937, # 2768 +4056,3382,2224,2255,3868,2305,5327,4645,3869,1258,3312,4057,3235,2139,2965,4058, # 2784 +4059,5328,2225, 258,3236,4646, 101,1227,5329,3313,1755,5330,1391,3314,5331,2924, # 2800 +2057, 893,5332,5333,5334,1402,4305,2347,5335,5336,3237,3611,5337,5338, 878,1325, # 2816 +1781,2801,4647, 259,1385,2585, 744,1183,2272,4648,5339,4060,2509,5340, 684,1024, # 2832 +4306,5341, 472,3612,3496,1165,3315,4061,4062, 322,2153, 881, 455,1695,1152,1340, # 2848 + 660, 554,2154,4649,1058,4650,4307, 830,1065,3383,4063,4651,1924,5342,1703,1919, # 2864 +5343, 932,2273, 122,5344,4652, 947, 677,5345,3870,2637, 297,1906,1925,2274,4653, # 2880 +2322,3316,5346,5347,4308,5348,4309, 84,4310, 112, 989,5349, 547,1059,4064, 701, # 2896 +3613,1019,5350,4311,5351,3497, 942, 639, 457,2306,2456, 993,2966, 407, 851, 494, # 2912 +4654,3384, 927,5352,1237,5353,2426,3385, 573,4312, 680, 921,2925,1279,1875, 285, # 2928 + 790,1448,1984, 719,2168,5354,5355,4655,4065,4066,1649,5356,1541, 563,5357,1077, # 2944 +5358,3386,3061,3498, 511,3015,4067,4068,3733,4069,1268,2572,3387,3238,4656,4657, # 2960 +5359, 535,1048,1276,1189,2926,2029,3167,1438,1373,2847,2967,1134,2013,5360,4313, # 2976 +1238,2586,3109,1259,5361, 700,5362,2968,3168,3734,4314,5363,4315,1146,1876,1907, # 2992 +4658,2611,4070, 781,2427, 132,1589, 203, 147, 273,2802,2407, 898,1787,2155,4071, # 3008 +4072,5364,3871,2803,5365,5366,4659,4660,5367,3239,5368,1635,3872, 965,5369,1805, # 3024 +2699,1516,3614,1121,1082,1329,3317,4073,1449,3873, 65,1128,2848,2927,2769,1590, # 3040 +3874,5370,5371, 12,2668, 45, 976,2587,3169,4661, 517,2535,1013,1037,3240,5372, # 3056 +3875,2849,5373,3876,5374,3499,5375,2612, 614,1999,2323,3877,3110,2733,2638,5376, # 3072 +2588,4316, 599,1269,5377,1811,3735,5378,2700,3111, 759,1060, 489,1806,3388,3318, # 3088 +1358,5379,5380,2391,1387,1215,2639,2256, 490,5381,5382,4317,1759,2392,2348,5383, # 3104 +4662,3878,1908,4074,2640,1807,3241,4663,3500,3319,2770,2349, 874,5384,5385,3501, # 3120 +3736,1859, 91,2928,3737,3062,3879,4664,5386,3170,4075,2669,5387,3502,1202,1403, # 3136 +3880,2969,2536,1517,2510,4665,3503,2511,5388,4666,5389,2701,1886,1495,1731,4076, # 3152 +2370,4667,5390,2030,5391,5392,4077,2702,1216, 237,2589,4318,2324,4078,3881,4668, # 3168 +4669,2703,3615,3504, 445,4670,5393,5394,5395,5396,2771, 61,4079,3738,1823,4080, # 3184 +5397, 687,2046, 935, 925, 405,2670, 703,1096,1860,2734,4671,4081,1877,1367,2704, # 3200 +3389, 918,2106,1782,2483, 334,3320,1611,1093,4672, 564,3171,3505,3739,3390, 945, # 3216 +2641,2058,4673,5398,1926, 872,4319,5399,3506,2705,3112, 349,4320,3740,4082,4674, # 3232 +3882,4321,3741,2156,4083,4675,4676,4322,4677,2408,2047, 782,4084, 400, 251,4323, # 3248 +1624,5400,5401, 277,3742, 299,1265, 476,1191,3883,2122,4324,4325,1109, 205,5402, # 3264 +2590,1000,2157,3616,1861,5403,5404,5405,4678,5406,4679,2573, 107,2484,2158,4085, # 3280 +3507,3172,5407,1533, 541,1301, 158, 753,4326,2886,3617,5408,1696, 370,1088,4327, # 3296 +4680,3618, 579, 327, 440, 162,2244, 269,1938,1374,3508, 968,3063, 56,1396,3113, # 3312 +2107,3321,3391,5409,1927,2159,4681,3016,5410,3619,5411,5412,3743,4682,2485,5413, # 3328 +2804,5414,1650,4683,5415,2613,5416,5417,4086,2671,3392,1149,3393,4087,3884,4088, # 3344 +5418,1076, 49,5419, 951,3242,3322,3323, 450,2850, 920,5420,1812,2805,2371,4328, # 3360 +1909,1138,2372,3885,3509,5421,3243,4684,1910,1147,1518,2428,4685,3886,5422,4686, # 3376 +2393,2614, 260,1796,3244,5423,5424,3887,3324, 708,5425,3620,1704,5426,3621,1351, # 3392 +1618,3394,3017,1887, 944,4329,3395,4330,3064,3396,4331,5427,3744, 422, 413,1714, # 3408 +3325, 500,2059,2350,4332,2486,5428,1344,1911, 954,5429,1668,5430,5431,4089,2409, # 3424 +4333,3622,3888,4334,5432,2307,1318,2512,3114, 133,3115,2887,4687, 629, 31,2851, # 3440 +2706,3889,4688, 850, 949,4689,4090,2970,1732,2089,4335,1496,1853,5433,4091, 620, # 3456 +3245, 981,1242,3745,3397,1619,3746,1643,3326,2140,2457,1971,1719,3510,2169,5434, # 3472 +3246,5435,5436,3398,1829,5437,1277,4690,1565,2048,5438,1636,3623,3116,5439, 869, # 3488 +2852, 655,3890,3891,3117,4092,3018,3892,1310,3624,4691,5440,5441,5442,1733, 558, # 3504 +4692,3747, 335,1549,3065,1756,4336,3748,1946,3511,1830,1291,1192, 470,2735,2108, # 3520 +2806, 913,1054,4093,5443,1027,5444,3066,4094,4693, 982,2672,3399,3173,3512,3247, # 3536 +3248,1947,2807,5445, 571,4694,5446,1831,5447,3625,2591,1523,2429,5448,2090, 984, # 3552 +4695,3749,1960,5449,3750, 852, 923,2808,3513,3751, 969,1519, 999,2049,2325,1705, # 3568 +5450,3118, 615,1662, 151, 597,4095,2410,2326,1049, 275,4696,3752,4337, 568,3753, # 3584 +3626,2487,4338,3754,5451,2430,2275, 409,3249,5452,1566,2888,3514,1002, 769,2853, # 3600 + 194,2091,3174,3755,2226,3327,4339, 628,1505,5453,5454,1763,2180,3019,4096, 521, # 3616 +1161,2592,1788,2206,2411,4697,4097,1625,4340,4341, 412, 42,3119, 464,5455,2642, # 3632 +4698,3400,1760,1571,2889,3515,2537,1219,2207,3893,2643,2141,2373,4699,4700,3328, # 3648 +1651,3401,3627,5456,5457,3628,2488,3516,5458,3756,5459,5460,2276,2092, 460,5461, # 3664 +4701,5462,3020, 962, 588,3629, 289,3250,2644,1116, 52,5463,3067,1797,5464,5465, # 3680 +5466,1467,5467,1598,1143,3757,4342,1985,1734,1067,4702,1280,3402, 465,4703,1572, # 3696 + 510,5468,1928,2245,1813,1644,3630,5469,4704,3758,5470,5471,2673,1573,1534,5472, # 3712 +5473, 536,1808,1761,3517,3894,3175,2645,5474,5475,5476,4705,3518,2929,1912,2809, # 3728 +5477,3329,1122, 377,3251,5478, 360,5479,5480,4343,1529, 551,5481,2060,3759,1769, # 3744 +2431,5482,2930,4344,3330,3120,2327,2109,2031,4706,1404, 136,1468,1479, 672,1171, # 3760 +3252,2308, 271,3176,5483,2772,5484,2050, 678,2736, 865,1948,4707,5485,2014,4098, # 3776 +2971,5486,2737,2227,1397,3068,3760,4708,4709,1735,2931,3403,3631,5487,3895, 509, # 3792 +2854,2458,2890,3896,5488,5489,3177,3178,4710,4345,2538,4711,2309,1166,1010, 552, # 3808 + 681,1888,5490,5491,2972,2973,4099,1287,1596,1862,3179, 358, 453, 736, 175, 478, # 3824 +1117, 905,1167,1097,5492,1854,1530,5493,1706,5494,2181,3519,2292,3761,3520,3632, # 3840 +4346,2093,4347,5495,3404,1193,2489,4348,1458,2193,2208,1863,1889,1421,3331,2932, # 3856 +3069,2182,3521, 595,2123,5496,4100,5497,5498,4349,1707,2646, 223,3762,1359, 751, # 3872 +3121, 183,3522,5499,2810,3021, 419,2374, 633, 704,3897,2394, 241,5500,5501,5502, # 3888 + 838,3022,3763,2277,2773,2459,3898,1939,2051,4101,1309,3122,2246,1181,5503,1136, # 3904 +2209,3899,2375,1446,4350,2310,4712,5504,5505,4351,1055,2615, 484,3764,5506,4102, # 3920 + 625,4352,2278,3405,1499,4353,4103,5507,4104,4354,3253,2279,2280,3523,5508,5509, # 3936 +2774, 808,2616,3765,3406,4105,4355,3123,2539, 526,3407,3900,4356, 955,5510,1620, # 3952 +4357,2647,2432,5511,1429,3766,1669,1832, 994, 928,5512,3633,1260,5513,5514,5515, # 3968 +1949,2293, 741,2933,1626,4358,2738,2460, 867,1184, 362,3408,1392,5516,5517,4106, # 3984 +4359,1770,1736,3254,2934,4713,4714,1929,2707,1459,1158,5518,3070,3409,2891,1292, # 4000 +1930,2513,2855,3767,1986,1187,2072,2015,2617,4360,5519,2574,2514,2170,3768,2490, # 4016 +3332,5520,3769,4715,5521,5522, 666,1003,3023,1022,3634,4361,5523,4716,1814,2257, # 4032 + 574,3901,1603, 295,1535, 705,3902,4362, 283, 858, 417,5524,5525,3255,4717,4718, # 4048 +3071,1220,1890,1046,2281,2461,4107,1393,1599, 689,2575, 388,4363,5526,2491, 802, # 4064 +5527,2811,3903,2061,1405,2258,5528,4719,3904,2110,1052,1345,3256,1585,5529, 809, # 4080 +5530,5531,5532, 575,2739,3524, 956,1552,1469,1144,2328,5533,2329,1560,2462,3635, # 4096 +3257,4108, 616,2210,4364,3180,2183,2294,5534,1833,5535,3525,4720,5536,1319,3770, # 4112 +3771,1211,3636,1023,3258,1293,2812,5537,5538,5539,3905, 607,2311,3906, 762,2892, # 4128 +1439,4365,1360,4721,1485,3072,5540,4722,1038,4366,1450,2062,2648,4367,1379,4723, # 4144 +2593,5541,5542,4368,1352,1414,2330,2935,1172,5543,5544,3907,3908,4724,1798,1451, # 4160 +5545,5546,5547,5548,2936,4109,4110,2492,2351, 411,4111,4112,3637,3333,3124,4725, # 4176 +1561,2674,1452,4113,1375,5549,5550, 47,2974, 316,5551,1406,1591,2937,3181,5552, # 4192 +1025,2142,3125,3182, 354,2740, 884,2228,4369,2412, 508,3772, 726,3638, 996,2433, # 4208 +3639, 729,5553, 392,2194,1453,4114,4726,3773,5554,5555,2463,3640,2618,1675,2813, # 4224 + 919,2352,2975,2353,1270,4727,4115, 73,5556,5557, 647,5558,3259,2856,2259,1550, # 4240 +1346,3024,5559,1332, 883,3526,5560,5561,5562,5563,3334,2775,5564,1212, 831,1347, # 4256 +4370,4728,2331,3909,1864,3073, 720,3910,4729,4730,3911,5565,4371,5566,5567,4731, # 4272 +5568,5569,1799,4732,3774,2619,4733,3641,1645,2376,4734,5570,2938, 669,2211,2675, # 4288 +2434,5571,2893,5572,5573,1028,3260,5574,4372,2413,5575,2260,1353,5576,5577,4735, # 4304 +3183, 518,5578,4116,5579,4373,1961,5580,2143,4374,5581,5582,3025,2354,2355,3912, # 4320 + 516,1834,1454,4117,2708,4375,4736,2229,2620,1972,1129,3642,5583,2776,5584,2976, # 4336 +1422, 577,1470,3026,1524,3410,5585,5586, 432,4376,3074,3527,5587,2594,1455,2515, # 4352 +2230,1973,1175,5588,1020,2741,4118,3528,4737,5589,2742,5590,1743,1361,3075,3529, # 4368 +2649,4119,4377,4738,2295, 895, 924,4378,2171, 331,2247,3076, 166,1627,3077,1098, # 4384 +5591,1232,2894,2231,3411,4739, 657, 403,1196,2377, 542,3775,3412,1600,4379,3530, # 4400 +5592,4740,2777,3261, 576, 530,1362,4741,4742,2540,2676,3776,4120,5593, 842,3913, # 4416 +5594,2814,2032,1014,4121, 213,2709,3413, 665, 621,4380,5595,3777,2939,2435,5596, # 4432 +2436,3335,3643,3414,4743,4381,2541,4382,4744,3644,1682,4383,3531,1380,5597, 724, # 4448 +2282, 600,1670,5598,1337,1233,4745,3126,2248,5599,1621,4746,5600, 651,4384,5601, # 4464 +1612,4385,2621,5602,2857,5603,2743,2312,3078,5604, 716,2464,3079, 174,1255,2710, # 4480 +4122,3645, 548,1320,1398, 728,4123,1574,5605,1891,1197,3080,4124,5606,3081,3082, # 4496 +3778,3646,3779, 747,5607, 635,4386,4747,5608,5609,5610,4387,5611,5612,4748,5613, # 4512 +3415,4749,2437, 451,5614,3780,2542,2073,4388,2744,4389,4125,5615,1764,4750,5616, # 4528 +4390, 350,4751,2283,2395,2493,5617,4391,4126,2249,1434,4127, 488,4752, 458,4392, # 4544 +4128,3781, 771,1330,2396,3914,2576,3184,2160,2414,1553,2677,3185,4393,5618,2494, # 4560 +2895,2622,1720,2711,4394,3416,4753,5619,2543,4395,5620,3262,4396,2778,5621,2016, # 4576 +2745,5622,1155,1017,3782,3915,5623,3336,2313, 201,1865,4397,1430,5624,4129,5625, # 4592 +5626,5627,5628,5629,4398,1604,5630, 414,1866, 371,2595,4754,4755,3532,2017,3127, # 4608 +4756,1708, 960,4399, 887, 389,2172,1536,1663,1721,5631,2232,4130,2356,2940,1580, # 4624 +5632,5633,1744,4757,2544,4758,4759,5634,4760,5635,2074,5636,4761,3647,3417,2896, # 4640 +4400,5637,4401,2650,3418,2815, 673,2712,2465, 709,3533,4131,3648,4402,5638,1148, # 4656 + 502, 634,5639,5640,1204,4762,3649,1575,4763,2623,3783,5641,3784,3128, 948,3263, # 4672 + 121,1745,3916,1110,5642,4403,3083,2516,3027,4132,3785,1151,1771,3917,1488,4133, # 4688 +1987,5643,2438,3534,5644,5645,2094,5646,4404,3918,1213,1407,2816, 531,2746,2545, # 4704 +3264,1011,1537,4764,2779,4405,3129,1061,5647,3786,3787,1867,2897,5648,2018, 120, # 4720 +4406,4407,2063,3650,3265,2314,3919,2678,3419,1955,4765,4134,5649,3535,1047,2713, # 4736 +1266,5650,1368,4766,2858, 649,3420,3920,2546,2747,1102,2859,2679,5651,5652,2000, # 4752 +5653,1111,3651,2977,5654,2495,3921,3652,2817,1855,3421,3788,5655,5656,3422,2415, # 4768 +2898,3337,3266,3653,5657,2577,5658,3654,2818,4135,1460, 856,5659,3655,5660,2899, # 4784 +2978,5661,2900,3922,5662,4408, 632,2517, 875,3923,1697,3924,2296,5663,5664,4767, # 4800 +3028,1239, 580,4768,4409,5665, 914, 936,2075,1190,4136,1039,2124,5666,5667,5668, # 4816 +5669,3423,1473,5670,1354,4410,3925,4769,2173,3084,4137, 915,3338,4411,4412,3339, # 4832 +1605,1835,5671,2748, 398,3656,4413,3926,4138, 328,1913,2860,4139,3927,1331,4414, # 4848 +3029, 937,4415,5672,3657,4140,4141,3424,2161,4770,3425, 524, 742, 538,3085,1012, # 4864 +5673,5674,3928,2466,5675, 658,1103, 225,3929,5676,5677,4771,5678,4772,5679,3267, # 4880 +1243,5680,4142, 963,2250,4773,5681,2714,3658,3186,5682,5683,2596,2332,5684,4774, # 4896 +5685,5686,5687,3536, 957,3426,2547,2033,1931,2941,2467, 870,2019,3659,1746,2780, # 4912 +2781,2439,2468,5688,3930,5689,3789,3130,3790,3537,3427,3791,5690,1179,3086,5691, # 4928 +3187,2378,4416,3792,2548,3188,3131,2749,4143,5692,3428,1556,2549,2297, 977,2901, # 4944 +2034,4144,1205,3429,5693,1765,3430,3189,2125,1271, 714,1689,4775,3538,5694,2333, # 4960 +3931, 533,4417,3660,2184, 617,5695,2469,3340,3539,2315,5696,5697,3190,5698,5699, # 4976 +3932,1988, 618, 427,2651,3540,3431,5700,5701,1244,1690,5702,2819,4418,4776,5703, # 4992 +3541,4777,5704,2284,1576, 473,3661,4419,3432, 972,5705,3662,5706,3087,5707,5708, # 5008 +4778,4779,5709,3793,4145,4146,5710, 153,4780, 356,5711,1892,2902,4420,2144, 408, # 5024 + 803,2357,5712,3933,5713,4421,1646,2578,2518,4781,4782,3934,5714,3935,4422,5715, # 5040 +2416,3433, 752,5716,5717,1962,3341,2979,5718, 746,3030,2470,4783,4423,3794, 698, # 5056 +4784,1893,4424,3663,2550,4785,3664,3936,5719,3191,3434,5720,1824,1302,4147,2715, # 5072 +3937,1974,4425,5721,4426,3192, 823,1303,1288,1236,2861,3542,4148,3435, 774,3938, # 5088 +5722,1581,4786,1304,2862,3939,4787,5723,2440,2162,1083,3268,4427,4149,4428, 344, # 5104 +1173, 288,2316, 454,1683,5724,5725,1461,4788,4150,2597,5726,5727,4789, 985, 894, # 5120 +5728,3436,3193,5729,1914,2942,3795,1989,5730,2111,1975,5731,4151,5732,2579,1194, # 5136 + 425,5733,4790,3194,1245,3796,4429,5734,5735,2863,5736, 636,4791,1856,3940, 760, # 5152 +1800,5737,4430,2212,1508,4792,4152,1894,1684,2298,5738,5739,4793,4431,4432,2213, # 5168 + 479,5740,5741, 832,5742,4153,2496,5743,2980,2497,3797, 990,3132, 627,1815,2652, # 5184 +4433,1582,4434,2126,2112,3543,4794,5744, 799,4435,3195,5745,4795,2113,1737,3031, # 5200 +1018, 543, 754,4436,3342,1676,4796,4797,4154,4798,1489,5746,3544,5747,2624,2903, # 5216 +4155,5748,5749,2981,5750,5751,5752,5753,3196,4799,4800,2185,1722,5754,3269,3270, # 5232 +1843,3665,1715, 481, 365,1976,1857,5755,5756,1963,2498,4801,5757,2127,3666,3271, # 5248 + 433,1895,2064,2076,5758, 602,2750,5759,5760,5761,5762,5763,3032,1628,3437,5764, # 5264 +3197,4802,4156,2904,4803,2519,5765,2551,2782,5766,5767,5768,3343,4804,2905,5769, # 5280 +4805,5770,2864,4806,4807,1221,2982,4157,2520,5771,5772,5773,1868,1990,5774,5775, # 5296 +5776,1896,5777,5778,4808,1897,4158, 318,5779,2095,4159,4437,5780,5781, 485,5782, # 5312 + 938,3941, 553,2680, 116,5783,3942,3667,5784,3545,2681,2783,3438,3344,2820,5785, # 5328 +3668,2943,4160,1747,2944,2983,5786,5787, 207,5788,4809,5789,4810,2521,5790,3033, # 5344 + 890,3669,3943,5791,1878,3798,3439,5792,2186,2358,3440,1652,5793,5794,5795, 941, # 5360 +2299, 208,3546,4161,2020, 330,4438,3944,2906,2499,3799,4439,4811,5796,5797,5798, # 5376 +) + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/big5prober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/big5prober.py new file mode 100644 index 000000000..98f997012 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/big5prober.py @@ -0,0 +1,47 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Communicator client code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .mbcharsetprober import MultiByteCharSetProber +from .codingstatemachine import CodingStateMachine +from .chardistribution import Big5DistributionAnalysis +from .mbcssm import BIG5_SM_MODEL + + +class Big5Prober(MultiByteCharSetProber): + def __init__(self): + super(Big5Prober, self).__init__() + self.coding_sm = CodingStateMachine(BIG5_SM_MODEL) + self.distribution_analyzer = Big5DistributionAnalysis() + self.reset() + + @property + def charset_name(self): + return "Big5" + + @property + def language(self): + return "Chinese" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/chardistribution.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/chardistribution.py new file mode 100644 index 000000000..c0395f4a4 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/chardistribution.py @@ -0,0 +1,233 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Communicator client code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .euctwfreq import (EUCTW_CHAR_TO_FREQ_ORDER, EUCTW_TABLE_SIZE, + EUCTW_TYPICAL_DISTRIBUTION_RATIO) +from .euckrfreq import (EUCKR_CHAR_TO_FREQ_ORDER, EUCKR_TABLE_SIZE, + EUCKR_TYPICAL_DISTRIBUTION_RATIO) +from .gb2312freq import (GB2312_CHAR_TO_FREQ_ORDER, GB2312_TABLE_SIZE, + GB2312_TYPICAL_DISTRIBUTION_RATIO) +from .big5freq import (BIG5_CHAR_TO_FREQ_ORDER, BIG5_TABLE_SIZE, + BIG5_TYPICAL_DISTRIBUTION_RATIO) +from .jisfreq import (JIS_CHAR_TO_FREQ_ORDER, JIS_TABLE_SIZE, + JIS_TYPICAL_DISTRIBUTION_RATIO) + + +class CharDistributionAnalysis(object): + ENOUGH_DATA_THRESHOLD = 1024 + SURE_YES = 0.99 + SURE_NO = 0.01 + MINIMUM_DATA_THRESHOLD = 3 + + def __init__(self): + # Mapping table to get frequency order from char order (get from + # GetOrder()) + self._char_to_freq_order = None + self._table_size = None # Size of above table + # This is a constant value which varies from language to language, + # used in calculating confidence. See + # http://www.mozilla.org/projects/intl/UniversalCharsetDetection.html + # for further detail. + self.typical_distribution_ratio = None + self._done = None + self._total_chars = None + self._freq_chars = None + self.reset() + + def reset(self): + """reset analyser, clear any state""" + # If this flag is set to True, detection is done and conclusion has + # been made + self._done = False + self._total_chars = 0 # Total characters encountered + # The number of characters whose frequency order is less than 512 + self._freq_chars = 0 + + def feed(self, char, char_len): + """feed a character with known length""" + if char_len == 2: + # we only care about 2-bytes character in our distribution analysis + order = self.get_order(char) + else: + order = -1 + if order >= 0: + self._total_chars += 1 + # order is valid + if order < self._table_size: + if 512 > self._char_to_freq_order[order]: + self._freq_chars += 1 + + def get_confidence(self): + """return confidence based on existing data""" + # if we didn't receive any character in our consideration range, + # return negative answer + if self._total_chars <= 0 or self._freq_chars <= self.MINIMUM_DATA_THRESHOLD: + return self.SURE_NO + + if self._total_chars != self._freq_chars: + r = (self._freq_chars / ((self._total_chars - self._freq_chars) + * self.typical_distribution_ratio)) + if r < self.SURE_YES: + return r + + # normalize confidence (we don't want to be 100% sure) + return self.SURE_YES + + def got_enough_data(self): + # It is not necessary to receive all data to draw conclusion. + # For charset detection, certain amount of data is enough + return self._total_chars > self.ENOUGH_DATA_THRESHOLD + + def get_order(self, byte_str): + # We do not handle characters based on the original encoding string, + # but convert this encoding string to a number, here called order. + # This allows multiple encodings of a language to share one frequency + # table. + return -1 + + +class EUCTWDistributionAnalysis(CharDistributionAnalysis): + def __init__(self): + super(EUCTWDistributionAnalysis, self).__init__() + self._char_to_freq_order = EUCTW_CHAR_TO_FREQ_ORDER + self._table_size = EUCTW_TABLE_SIZE + self.typical_distribution_ratio = EUCTW_TYPICAL_DISTRIBUTION_RATIO + + def get_order(self, byte_str): + # for euc-TW encoding, we are interested + # first byte range: 0xc4 -- 0xfe + # second byte range: 0xa1 -- 0xfe + # no validation needed here. State machine has done that + first_char = byte_str[0] + if first_char >= 0xC4: + return 94 * (first_char - 0xC4) + byte_str[1] - 0xA1 + else: + return -1 + + +class EUCKRDistributionAnalysis(CharDistributionAnalysis): + def __init__(self): + super(EUCKRDistributionAnalysis, self).__init__() + self._char_to_freq_order = EUCKR_CHAR_TO_FREQ_ORDER + self._table_size = EUCKR_TABLE_SIZE + self.typical_distribution_ratio = EUCKR_TYPICAL_DISTRIBUTION_RATIO + + def get_order(self, byte_str): + # for euc-KR encoding, we are interested + # first byte range: 0xb0 -- 0xfe + # second byte range: 0xa1 -- 0xfe + # no validation needed here. State machine has done that + first_char = byte_str[0] + if first_char >= 0xB0: + return 94 * (first_char - 0xB0) + byte_str[1] - 0xA1 + else: + return -1 + + +class GB2312DistributionAnalysis(CharDistributionAnalysis): + def __init__(self): + super(GB2312DistributionAnalysis, self).__init__() + self._char_to_freq_order = GB2312_CHAR_TO_FREQ_ORDER + self._table_size = GB2312_TABLE_SIZE + self.typical_distribution_ratio = GB2312_TYPICAL_DISTRIBUTION_RATIO + + def get_order(self, byte_str): + # for GB2312 encoding, we are interested + # first byte range: 0xb0 -- 0xfe + # second byte range: 0xa1 -- 0xfe + # no validation needed here. State machine has done that + first_char, second_char = byte_str[0], byte_str[1] + if (first_char >= 0xB0) and (second_char >= 0xA1): + return 94 * (first_char - 0xB0) + second_char - 0xA1 + else: + return -1 + + +class Big5DistributionAnalysis(CharDistributionAnalysis): + def __init__(self): + super(Big5DistributionAnalysis, self).__init__() + self._char_to_freq_order = BIG5_CHAR_TO_FREQ_ORDER + self._table_size = BIG5_TABLE_SIZE + self.typical_distribution_ratio = BIG5_TYPICAL_DISTRIBUTION_RATIO + + def get_order(self, byte_str): + # for big5 encoding, we are interested + # first byte range: 0xa4 -- 0xfe + # second byte range: 0x40 -- 0x7e , 0xa1 -- 0xfe + # no validation needed here. State machine has done that + first_char, second_char = byte_str[0], byte_str[1] + if first_char >= 0xA4: + if second_char >= 0xA1: + return 157 * (first_char - 0xA4) + second_char - 0xA1 + 63 + else: + return 157 * (first_char - 0xA4) + second_char - 0x40 + else: + return -1 + + +class SJISDistributionAnalysis(CharDistributionAnalysis): + def __init__(self): + super(SJISDistributionAnalysis, self).__init__() + self._char_to_freq_order = JIS_CHAR_TO_FREQ_ORDER + self._table_size = JIS_TABLE_SIZE + self.typical_distribution_ratio = JIS_TYPICAL_DISTRIBUTION_RATIO + + def get_order(self, byte_str): + # for sjis encoding, we are interested + # first byte range: 0x81 -- 0x9f , 0xe0 -- 0xfe + # second byte range: 0x40 -- 0x7e, 0x81 -- oxfe + # no validation needed here. State machine has done that + first_char, second_char = byte_str[0], byte_str[1] + if (first_char >= 0x81) and (first_char <= 0x9F): + order = 188 * (first_char - 0x81) + elif (first_char >= 0xE0) and (first_char <= 0xEF): + order = 188 * (first_char - 0xE0 + 31) + else: + return -1 + order = order + second_char - 0x40 + if second_char > 0x7F: + order = -1 + return order + + +class EUCJPDistributionAnalysis(CharDistributionAnalysis): + def __init__(self): + super(EUCJPDistributionAnalysis, self).__init__() + self._char_to_freq_order = JIS_CHAR_TO_FREQ_ORDER + self._table_size = JIS_TABLE_SIZE + self.typical_distribution_ratio = JIS_TYPICAL_DISTRIBUTION_RATIO + + def get_order(self, byte_str): + # for euc-JP encoding, we are interested + # first byte range: 0xa0 -- 0xfe + # second byte range: 0xa1 -- 0xfe + # no validation needed here. State machine has done that + char = byte_str[0] + if char >= 0xA0: + return 94 * (char - 0xA1) + byte_str[1] - 0xa1 + else: + return -1 diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/charsetgroupprober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/charsetgroupprober.py new file mode 100644 index 000000000..5812cef0b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/charsetgroupprober.py @@ -0,0 +1,107 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Communicator client code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .enums import ProbingState +from .charsetprober import CharSetProber + + +class CharSetGroupProber(CharSetProber): + def __init__(self, lang_filter=None): + super(CharSetGroupProber, self).__init__(lang_filter=lang_filter) + self._active_num = 0 + self.probers = [] + self._best_guess_prober = None + + def reset(self): + super(CharSetGroupProber, self).reset() + self._active_num = 0 + for prober in self.probers: + if prober: + prober.reset() + prober.active = True + self._active_num += 1 + self._best_guess_prober = None + + @property + def charset_name(self): + if not self._best_guess_prober: + self.get_confidence() + if not self._best_guess_prober: + return None + return self._best_guess_prober.charset_name + + @property + def language(self): + if not self._best_guess_prober: + self.get_confidence() + if not self._best_guess_prober: + return None + return self._best_guess_prober.language + + def feed(self, byte_str): + for prober in self.probers: + if not prober: + continue + if not prober.active: + continue + state = prober.feed(byte_str) + if not state: + continue + if state == ProbingState.FOUND_IT: + self._best_guess_prober = prober + self._state = ProbingState.FOUND_IT + return self.state + elif state == ProbingState.NOT_ME: + prober.active = False + self._active_num -= 1 + if self._active_num <= 0: + self._state = ProbingState.NOT_ME + return self.state + return self.state + + def get_confidence(self): + state = self.state + if state == ProbingState.FOUND_IT: + return 0.99 + elif state == ProbingState.NOT_ME: + return 0.01 + best_conf = 0.0 + self._best_guess_prober = None + for prober in self.probers: + if not prober: + continue + if not prober.active: + self.logger.debug('%s not active', prober.charset_name) + continue + conf = prober.get_confidence() + self.logger.debug('%s %s confidence = %s', prober.charset_name, prober.language, conf) + if best_conf < conf: + best_conf = conf + self._best_guess_prober = prober + if not self._best_guess_prober: + return 0.0 + return best_conf diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/charsetprober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/charsetprober.py new file mode 100644 index 000000000..eac4e5986 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/charsetprober.py @@ -0,0 +1,145 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Universal charset detector code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 2001 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# Shy Shalom - original C code +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +import logging +import re + +from .enums import ProbingState + + +class CharSetProber(object): + + SHORTCUT_THRESHOLD = 0.95 + + def __init__(self, lang_filter=None): + self._state = None + self.lang_filter = lang_filter + self.logger = logging.getLogger(__name__) + + def reset(self): + self._state = ProbingState.DETECTING + + @property + def charset_name(self): + return None + + def feed(self, buf): + pass + + @property + def state(self): + return self._state + + def get_confidence(self): + return 0.0 + + @staticmethod + def filter_high_byte_only(buf): + buf = re.sub(b'([\x00-\x7F])+', b' ', buf) + return buf + + @staticmethod + def filter_international_words(buf): + """ + We define three types of bytes: + alphabet: english alphabets [a-zA-Z] + international: international characters [\x80-\xFF] + marker: everything else [^a-zA-Z\x80-\xFF] + + The input buffer can be thought to contain a series of words delimited + by markers. This function works to filter all words that contain at + least one international character. All contiguous sequences of markers + are replaced by a single space ascii character. + + This filter applies to all scripts which do not use English characters. + """ + filtered = bytearray() + + # This regex expression filters out only words that have at-least one + # international character. The word may include one marker character at + # the end. + words = re.findall(b'[a-zA-Z]*[\x80-\xFF]+[a-zA-Z]*[^a-zA-Z\x80-\xFF]?', + buf) + + for word in words: + filtered.extend(word[:-1]) + + # If the last character in the word is a marker, replace it with a + # space as markers shouldn't affect our analysis (they are used + # similarly across all languages and may thus have similar + # frequencies). + last_char = word[-1:] + if not last_char.isalpha() and last_char < b'\x80': + last_char = b' ' + filtered.extend(last_char) + + return filtered + + @staticmethod + def filter_with_english_letters(buf): + """ + Returns a copy of ``buf`` that retains only the sequences of English + alphabet and high byte characters that are not between <> characters. + Also retains English alphabet and high byte characters immediately + before occurrences of >. + + This filter can be applied to all scripts which contain both English + characters and extended ASCII characters, but is currently only used by + ``Latin1Prober``. + """ + filtered = bytearray() + in_tag = False + prev = 0 + + for curr in range(len(buf)): + # Slice here to get bytes instead of an int with Python 3 + buf_char = buf[curr:curr + 1] + # Check if we're coming out of or entering an HTML tag + if buf_char == b'>': + in_tag = False + elif buf_char == b'<': + in_tag = True + + # If current character is not extended-ASCII and not alphabetic... + if buf_char < b'\x80' and not buf_char.isalpha(): + # ...and we're not in a tag + if curr > prev and not in_tag: + # Keep everything after last non-extended-ASCII, + # non-alphabetic character + filtered.extend(buf[prev:curr]) + # Output a space to delimit stretch we kept + filtered.extend(b' ') + prev = curr + 1 + + # If we're not in a tag... + if not in_tag: + # Keep everything after last non-extended-ASCII, non-alphabetic + # character + filtered.extend(buf[prev:]) + + return filtered diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cli/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cli/__init__.py new file mode 100644 index 000000000..8b1378917 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cli/__init__.py @@ -0,0 +1 @@ + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cli/chardetect.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cli/chardetect.py new file mode 100644 index 000000000..6d6f93aab --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cli/chardetect.py @@ -0,0 +1,84 @@ +""" +Script which takes one or more file paths and reports on their detected +encodings + +Example:: + + % chardetect somefile someotherfile + somefile: windows-1252 with confidence 0.5 + someotherfile: ascii with confidence 1.0 + +If no paths are provided, it takes its input from stdin. + +""" + +from __future__ import absolute_import, print_function, unicode_literals + +import argparse +import sys + +from pip._vendor.chardet import __version__ +from pip._vendor.chardet.compat import PY2 +from pip._vendor.chardet.universaldetector import UniversalDetector + + +def description_of(lines, name='stdin'): + """ + Return a string describing the probable encoding of a file or + list of strings. + + :param lines: The lines to get the encoding of. + :type lines: Iterable of bytes + :param name: Name of file or collection of lines + :type name: str + """ + u = UniversalDetector() + for line in lines: + line = bytearray(line) + u.feed(line) + # shortcut out of the loop to save reading further - particularly useful if we read a BOM. + if u.done: + break + u.close() + result = u.result + if PY2: + name = name.decode(sys.getfilesystemencoding(), 'ignore') + if result['encoding']: + return '{}: {} with confidence {}'.format(name, result['encoding'], + result['confidence']) + else: + return '{}: no result'.format(name) + + +def main(argv=None): + """ + Handles command line arguments and gets things started. + + :param argv: List of arguments, as if specified on the command-line. + If None, ``sys.argv[1:]`` is used instead. + :type argv: list of str + """ + # Get command line arguments + parser = argparse.ArgumentParser( + description="Takes one or more file paths and reports their detected \ + encodings") + parser.add_argument('input', + help='File whose encoding we would like to determine. \ + (default: stdin)', + type=argparse.FileType('rb'), nargs='*', + default=[sys.stdin if PY2 else sys.stdin.buffer]) + parser.add_argument('--version', action='version', + version='%(prog)s {}'.format(__version__)) + args = parser.parse_args(argv) + + for f in args.input: + if f.isatty(): + print("You are running chardetect interactively. Press " + + "CTRL-D twice at the start of a blank line to signal the " + + "end of your input. If you want help, run chardetect " + + "--help\n", file=sys.stderr) + print(description_of(f, f.name)) + + +if __name__ == '__main__': + main() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/codingstatemachine.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/codingstatemachine.py new file mode 100644 index 000000000..68fba44f1 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/codingstatemachine.py @@ -0,0 +1,88 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is mozilla.org code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +import logging + +from .enums import MachineState + + +class CodingStateMachine(object): + """ + A state machine to verify a byte sequence for a particular encoding. For + each byte the detector receives, it will feed that byte to every active + state machine available, one byte at a time. The state machine changes its + state based on its previous state and the byte it receives. There are 3 + states in a state machine that are of interest to an auto-detector: + + START state: This is the state to start with, or a legal byte sequence + (i.e. a valid code point) for character has been identified. + + ME state: This indicates that the state machine identified a byte sequence + that is specific to the charset it is designed for and that + there is no other possible encoding which can contain this byte + sequence. This will to lead to an immediate positive answer for + the detector. + + ERROR state: This indicates the state machine identified an illegal byte + sequence for that encoding. This will lead to an immediate + negative answer for this encoding. Detector will exclude this + encoding from consideration from here on. + """ + def __init__(self, sm): + self._model = sm + self._curr_byte_pos = 0 + self._curr_char_len = 0 + self._curr_state = None + self.logger = logging.getLogger(__name__) + self.reset() + + def reset(self): + self._curr_state = MachineState.START + + def next_state(self, c): + # for each byte we get its class + # if it is first byte, we also get byte length + byte_class = self._model['class_table'][c] + if self._curr_state == MachineState.START: + self._curr_byte_pos = 0 + self._curr_char_len = self._model['char_len_table'][byte_class] + # from byte's class and state_table, we get its next state + curr_state = (self._curr_state * self._model['class_factor'] + + byte_class) + self._curr_state = self._model['state_table'][curr_state] + self._curr_byte_pos += 1 + return self._curr_state + + def get_current_charlen(self): + return self._curr_char_len + + def get_coding_state_machine(self): + return self._model['name'] + + @property + def language(self): + return self._model['language'] diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/compat.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/compat.py new file mode 100644 index 000000000..8941572b3 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/compat.py @@ -0,0 +1,36 @@ +######################## BEGIN LICENSE BLOCK ######################## +# Contributor(s): +# Dan Blanchard +# Ian Cordasco +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +import sys + + +if sys.version_info < (3, 0): + PY2 = True + PY3 = False + string_types = (str, unicode) + text_type = unicode + iteritems = dict.iteritems +else: + PY2 = False + PY3 = True + string_types = (bytes, str) + text_type = str + iteritems = dict.items diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cp949prober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cp949prober.py new file mode 100644 index 000000000..efd793abc --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/cp949prober.py @@ -0,0 +1,49 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is mozilla.org code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .chardistribution import EUCKRDistributionAnalysis +from .codingstatemachine import CodingStateMachine +from .mbcharsetprober import MultiByteCharSetProber +from .mbcssm import CP949_SM_MODEL + + +class CP949Prober(MultiByteCharSetProber): + def __init__(self): + super(CP949Prober, self).__init__() + self.coding_sm = CodingStateMachine(CP949_SM_MODEL) + # NOTE: CP949 is a superset of EUC-KR, so the distribution should be + # not different. + self.distribution_analyzer = EUCKRDistributionAnalysis() + self.reset() + + @property + def charset_name(self): + return "CP949" + + @property + def language(self): + return "Korean" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/enums.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/enums.py new file mode 100644 index 000000000..045120722 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/enums.py @@ -0,0 +1,76 @@ +""" +All of the Enums that are used throughout the chardet package. + +:author: Dan Blanchard (dan.blanchard@gmail.com) +""" + + +class InputState(object): + """ + This enum represents the different states a universal detector can be in. + """ + PURE_ASCII = 0 + ESC_ASCII = 1 + HIGH_BYTE = 2 + + +class LanguageFilter(object): + """ + This enum represents the different language filters we can apply to a + ``UniversalDetector``. + """ + CHINESE_SIMPLIFIED = 0x01 + CHINESE_TRADITIONAL = 0x02 + JAPANESE = 0x04 + KOREAN = 0x08 + NON_CJK = 0x10 + ALL = 0x1F + CHINESE = CHINESE_SIMPLIFIED | CHINESE_TRADITIONAL + CJK = CHINESE | JAPANESE | KOREAN + + +class ProbingState(object): + """ + This enum represents the different states a prober can be in. + """ + DETECTING = 0 + FOUND_IT = 1 + NOT_ME = 2 + + +class MachineState(object): + """ + This enum represents the different states a state machine can be in. + """ + START = 0 + ERROR = 1 + ITS_ME = 2 + + +class SequenceLikelihood(object): + """ + This enum represents the likelihood of a character following the previous one. + """ + NEGATIVE = 0 + UNLIKELY = 1 + LIKELY = 2 + POSITIVE = 3 + + @classmethod + def get_num_categories(cls): + """:returns: The number of likelihood categories in the enum.""" + return 4 + + +class CharacterCategory(object): + """ + This enum represents the different categories language models for + ``SingleByteCharsetProber`` put characters into. + + Anything less than CONTROL is considered a letter. + """ + UNDEFINED = 255 + LINE_BREAK = 254 + SYMBOL = 253 + DIGIT = 252 + CONTROL = 251 diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/escprober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/escprober.py new file mode 100644 index 000000000..c70493f2b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/escprober.py @@ -0,0 +1,101 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is mozilla.org code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .charsetprober import CharSetProber +from .codingstatemachine import CodingStateMachine +from .enums import LanguageFilter, ProbingState, MachineState +from .escsm import (HZ_SM_MODEL, ISO2022CN_SM_MODEL, ISO2022JP_SM_MODEL, + ISO2022KR_SM_MODEL) + + +class EscCharSetProber(CharSetProber): + """ + This CharSetProber uses a "code scheme" approach for detecting encodings, + whereby easily recognizable escape or shift sequences are relied on to + identify these encodings. + """ + + def __init__(self, lang_filter=None): + super(EscCharSetProber, self).__init__(lang_filter=lang_filter) + self.coding_sm = [] + if self.lang_filter & LanguageFilter.CHINESE_SIMPLIFIED: + self.coding_sm.append(CodingStateMachine(HZ_SM_MODEL)) + self.coding_sm.append(CodingStateMachine(ISO2022CN_SM_MODEL)) + if self.lang_filter & LanguageFilter.JAPANESE: + self.coding_sm.append(CodingStateMachine(ISO2022JP_SM_MODEL)) + if self.lang_filter & LanguageFilter.KOREAN: + self.coding_sm.append(CodingStateMachine(ISO2022KR_SM_MODEL)) + self.active_sm_count = None + self._detected_charset = None + self._detected_language = None + self._state = None + self.reset() + + def reset(self): + super(EscCharSetProber, self).reset() + for coding_sm in self.coding_sm: + if not coding_sm: + continue + coding_sm.active = True + coding_sm.reset() + self.active_sm_count = len(self.coding_sm) + self._detected_charset = None + self._detected_language = None + + @property + def charset_name(self): + return self._detected_charset + + @property + def language(self): + return self._detected_language + + def get_confidence(self): + if self._detected_charset: + return 0.99 + else: + return 0.00 + + def feed(self, byte_str): + for c in byte_str: + for coding_sm in self.coding_sm: + if not coding_sm or not coding_sm.active: + continue + coding_state = coding_sm.next_state(c) + if coding_state == MachineState.ERROR: + coding_sm.active = False + self.active_sm_count -= 1 + if self.active_sm_count <= 0: + self._state = ProbingState.NOT_ME + return self.state + elif coding_state == MachineState.ITS_ME: + self._state = ProbingState.FOUND_IT + self._detected_charset = coding_sm.get_coding_state_machine() + self._detected_language = coding_sm.language + return self.state + + return self.state diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/escsm.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/escsm.py new file mode 100644 index 000000000..0069523a0 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/escsm.py @@ -0,0 +1,246 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is mozilla.org code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .enums import MachineState + +HZ_CLS = ( +1,0,0,0,0,0,0,0, # 00 - 07 +0,0,0,0,0,0,0,0, # 08 - 0f +0,0,0,0,0,0,0,0, # 10 - 17 +0,0,0,1,0,0,0,0, # 18 - 1f +0,0,0,0,0,0,0,0, # 20 - 27 +0,0,0,0,0,0,0,0, # 28 - 2f +0,0,0,0,0,0,0,0, # 30 - 37 +0,0,0,0,0,0,0,0, # 38 - 3f +0,0,0,0,0,0,0,0, # 40 - 47 +0,0,0,0,0,0,0,0, # 48 - 4f +0,0,0,0,0,0,0,0, # 50 - 57 +0,0,0,0,0,0,0,0, # 58 - 5f +0,0,0,0,0,0,0,0, # 60 - 67 +0,0,0,0,0,0,0,0, # 68 - 6f +0,0,0,0,0,0,0,0, # 70 - 77 +0,0,0,4,0,5,2,0, # 78 - 7f +1,1,1,1,1,1,1,1, # 80 - 87 +1,1,1,1,1,1,1,1, # 88 - 8f +1,1,1,1,1,1,1,1, # 90 - 97 +1,1,1,1,1,1,1,1, # 98 - 9f +1,1,1,1,1,1,1,1, # a0 - a7 +1,1,1,1,1,1,1,1, # a8 - af +1,1,1,1,1,1,1,1, # b0 - b7 +1,1,1,1,1,1,1,1, # b8 - bf +1,1,1,1,1,1,1,1, # c0 - c7 +1,1,1,1,1,1,1,1, # c8 - cf +1,1,1,1,1,1,1,1, # d0 - d7 +1,1,1,1,1,1,1,1, # d8 - df +1,1,1,1,1,1,1,1, # e0 - e7 +1,1,1,1,1,1,1,1, # e8 - ef +1,1,1,1,1,1,1,1, # f0 - f7 +1,1,1,1,1,1,1,1, # f8 - ff +) + +HZ_ST = ( +MachineState.START,MachineState.ERROR, 3,MachineState.START,MachineState.START,MachineState.START,MachineState.ERROR,MachineState.ERROR,# 00-07 +MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,# 08-0f +MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ERROR,MachineState.ERROR,MachineState.START,MachineState.START, 4,MachineState.ERROR,# 10-17 + 5,MachineState.ERROR, 6,MachineState.ERROR, 5, 5, 4,MachineState.ERROR,# 18-1f + 4,MachineState.ERROR, 4, 4, 4,MachineState.ERROR, 4,MachineState.ERROR,# 20-27 + 4,MachineState.ITS_ME,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,# 28-2f +) + +HZ_CHAR_LEN_TABLE = (0, 0, 0, 0, 0, 0) + +HZ_SM_MODEL = {'class_table': HZ_CLS, + 'class_factor': 6, + 'state_table': HZ_ST, + 'char_len_table': HZ_CHAR_LEN_TABLE, + 'name': "HZ-GB-2312", + 'language': 'Chinese'} + +ISO2022CN_CLS = ( +2,0,0,0,0,0,0,0, # 00 - 07 +0,0,0,0,0,0,0,0, # 08 - 0f +0,0,0,0,0,0,0,0, # 10 - 17 +0,0,0,1,0,0,0,0, # 18 - 1f +0,0,0,0,0,0,0,0, # 20 - 27 +0,3,0,0,0,0,0,0, # 28 - 2f +0,0,0,0,0,0,0,0, # 30 - 37 +0,0,0,0,0,0,0,0, # 38 - 3f +0,0,0,4,0,0,0,0, # 40 - 47 +0,0,0,0,0,0,0,0, # 48 - 4f +0,0,0,0,0,0,0,0, # 50 - 57 +0,0,0,0,0,0,0,0, # 58 - 5f +0,0,0,0,0,0,0,0, # 60 - 67 +0,0,0,0,0,0,0,0, # 68 - 6f +0,0,0,0,0,0,0,0, # 70 - 77 +0,0,0,0,0,0,0,0, # 78 - 7f +2,2,2,2,2,2,2,2, # 80 - 87 +2,2,2,2,2,2,2,2, # 88 - 8f +2,2,2,2,2,2,2,2, # 90 - 97 +2,2,2,2,2,2,2,2, # 98 - 9f +2,2,2,2,2,2,2,2, # a0 - a7 +2,2,2,2,2,2,2,2, # a8 - af +2,2,2,2,2,2,2,2, # b0 - b7 +2,2,2,2,2,2,2,2, # b8 - bf +2,2,2,2,2,2,2,2, # c0 - c7 +2,2,2,2,2,2,2,2, # c8 - cf +2,2,2,2,2,2,2,2, # d0 - d7 +2,2,2,2,2,2,2,2, # d8 - df +2,2,2,2,2,2,2,2, # e0 - e7 +2,2,2,2,2,2,2,2, # e8 - ef +2,2,2,2,2,2,2,2, # f0 - f7 +2,2,2,2,2,2,2,2, # f8 - ff +) + +ISO2022CN_ST = ( +MachineState.START, 3,MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,# 00-07 +MachineState.START,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,# 08-0f +MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,# 10-17 +MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR, 4,MachineState.ERROR,# 18-1f +MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,# 20-27 + 5, 6,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,# 28-2f +MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,# 30-37 +MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ERROR,MachineState.START,# 38-3f +) + +ISO2022CN_CHAR_LEN_TABLE = (0, 0, 0, 0, 0, 0, 0, 0, 0) + +ISO2022CN_SM_MODEL = {'class_table': ISO2022CN_CLS, + 'class_factor': 9, + 'state_table': ISO2022CN_ST, + 'char_len_table': ISO2022CN_CHAR_LEN_TABLE, + 'name': "ISO-2022-CN", + 'language': 'Chinese'} + +ISO2022JP_CLS = ( +2,0,0,0,0,0,0,0, # 00 - 07 +0,0,0,0,0,0,2,2, # 08 - 0f +0,0,0,0,0,0,0,0, # 10 - 17 +0,0,0,1,0,0,0,0, # 18 - 1f +0,0,0,0,7,0,0,0, # 20 - 27 +3,0,0,0,0,0,0,0, # 28 - 2f +0,0,0,0,0,0,0,0, # 30 - 37 +0,0,0,0,0,0,0,0, # 38 - 3f +6,0,4,0,8,0,0,0, # 40 - 47 +0,9,5,0,0,0,0,0, # 48 - 4f +0,0,0,0,0,0,0,0, # 50 - 57 +0,0,0,0,0,0,0,0, # 58 - 5f +0,0,0,0,0,0,0,0, # 60 - 67 +0,0,0,0,0,0,0,0, # 68 - 6f +0,0,0,0,0,0,0,0, # 70 - 77 +0,0,0,0,0,0,0,0, # 78 - 7f +2,2,2,2,2,2,2,2, # 80 - 87 +2,2,2,2,2,2,2,2, # 88 - 8f +2,2,2,2,2,2,2,2, # 90 - 97 +2,2,2,2,2,2,2,2, # 98 - 9f +2,2,2,2,2,2,2,2, # a0 - a7 +2,2,2,2,2,2,2,2, # a8 - af +2,2,2,2,2,2,2,2, # b0 - b7 +2,2,2,2,2,2,2,2, # b8 - bf +2,2,2,2,2,2,2,2, # c0 - c7 +2,2,2,2,2,2,2,2, # c8 - cf +2,2,2,2,2,2,2,2, # d0 - d7 +2,2,2,2,2,2,2,2, # d8 - df +2,2,2,2,2,2,2,2, # e0 - e7 +2,2,2,2,2,2,2,2, # e8 - ef +2,2,2,2,2,2,2,2, # f0 - f7 +2,2,2,2,2,2,2,2, # f8 - ff +) + +ISO2022JP_ST = ( +MachineState.START, 3,MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,# 00-07 +MachineState.START,MachineState.START,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,# 08-0f +MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,# 10-17 +MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ERROR,MachineState.ERROR,# 18-1f +MachineState.ERROR, 5,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR, 4,MachineState.ERROR,MachineState.ERROR,# 20-27 +MachineState.ERROR,MachineState.ERROR,MachineState.ERROR, 6,MachineState.ITS_ME,MachineState.ERROR,MachineState.ITS_ME,MachineState.ERROR,# 28-2f +MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ITS_ME,# 30-37 +MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,# 38-3f +MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ERROR,MachineState.START,MachineState.START,# 40-47 +) + +ISO2022JP_CHAR_LEN_TABLE = (0, 0, 0, 0, 0, 0, 0, 0, 0, 0) + +ISO2022JP_SM_MODEL = {'class_table': ISO2022JP_CLS, + 'class_factor': 10, + 'state_table': ISO2022JP_ST, + 'char_len_table': ISO2022JP_CHAR_LEN_TABLE, + 'name': "ISO-2022-JP", + 'language': 'Japanese'} + +ISO2022KR_CLS = ( +2,0,0,0,0,0,0,0, # 00 - 07 +0,0,0,0,0,0,0,0, # 08 - 0f +0,0,0,0,0,0,0,0, # 10 - 17 +0,0,0,1,0,0,0,0, # 18 - 1f +0,0,0,0,3,0,0,0, # 20 - 27 +0,4,0,0,0,0,0,0, # 28 - 2f +0,0,0,0,0,0,0,0, # 30 - 37 +0,0,0,0,0,0,0,0, # 38 - 3f +0,0,0,5,0,0,0,0, # 40 - 47 +0,0,0,0,0,0,0,0, # 48 - 4f +0,0,0,0,0,0,0,0, # 50 - 57 +0,0,0,0,0,0,0,0, # 58 - 5f +0,0,0,0,0,0,0,0, # 60 - 67 +0,0,0,0,0,0,0,0, # 68 - 6f +0,0,0,0,0,0,0,0, # 70 - 77 +0,0,0,0,0,0,0,0, # 78 - 7f +2,2,2,2,2,2,2,2, # 80 - 87 +2,2,2,2,2,2,2,2, # 88 - 8f +2,2,2,2,2,2,2,2, # 90 - 97 +2,2,2,2,2,2,2,2, # 98 - 9f +2,2,2,2,2,2,2,2, # a0 - a7 +2,2,2,2,2,2,2,2, # a8 - af +2,2,2,2,2,2,2,2, # b0 - b7 +2,2,2,2,2,2,2,2, # b8 - bf +2,2,2,2,2,2,2,2, # c0 - c7 +2,2,2,2,2,2,2,2, # c8 - cf +2,2,2,2,2,2,2,2, # d0 - d7 +2,2,2,2,2,2,2,2, # d8 - df +2,2,2,2,2,2,2,2, # e0 - e7 +2,2,2,2,2,2,2,2, # e8 - ef +2,2,2,2,2,2,2,2, # f0 - f7 +2,2,2,2,2,2,2,2, # f8 - ff +) + +ISO2022KR_ST = ( +MachineState.START, 3,MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START,MachineState.ERROR,MachineState.ERROR,# 00-07 +MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,# 08-0f +MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR, 4,MachineState.ERROR,MachineState.ERROR,# 10-17 +MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR, 5,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,# 18-1f +MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.START,MachineState.START,MachineState.START,MachineState.START,# 20-27 +) + +ISO2022KR_CHAR_LEN_TABLE = (0, 0, 0, 0, 0, 0) + +ISO2022KR_SM_MODEL = {'class_table': ISO2022KR_CLS, + 'class_factor': 6, + 'state_table': ISO2022KR_ST, + 'char_len_table': ISO2022KR_CHAR_LEN_TABLE, + 'name': "ISO-2022-KR", + 'language': 'Korean'} + + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/eucjpprober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/eucjpprober.py new file mode 100644 index 000000000..20ce8f7d1 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/eucjpprober.py @@ -0,0 +1,92 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is mozilla.org code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .enums import ProbingState, MachineState +from .mbcharsetprober import MultiByteCharSetProber +from .codingstatemachine import CodingStateMachine +from .chardistribution import EUCJPDistributionAnalysis +from .jpcntx import EUCJPContextAnalysis +from .mbcssm import EUCJP_SM_MODEL + + +class EUCJPProber(MultiByteCharSetProber): + def __init__(self): + super(EUCJPProber, self).__init__() + self.coding_sm = CodingStateMachine(EUCJP_SM_MODEL) + self.distribution_analyzer = EUCJPDistributionAnalysis() + self.context_analyzer = EUCJPContextAnalysis() + self.reset() + + def reset(self): + super(EUCJPProber, self).reset() + self.context_analyzer.reset() + + @property + def charset_name(self): + return "EUC-JP" + + @property + def language(self): + return "Japanese" + + def feed(self, byte_str): + for i in range(len(byte_str)): + # PY3K: byte_str is a byte array, so byte_str[i] is an int, not a byte + coding_state = self.coding_sm.next_state(byte_str[i]) + if coding_state == MachineState.ERROR: + self.logger.debug('%s %s prober hit error at byte %s', + self.charset_name, self.language, i) + self._state = ProbingState.NOT_ME + break + elif coding_state == MachineState.ITS_ME: + self._state = ProbingState.FOUND_IT + break + elif coding_state == MachineState.START: + char_len = self.coding_sm.get_current_charlen() + if i == 0: + self._last_char[1] = byte_str[0] + self.context_analyzer.feed(self._last_char, char_len) + self.distribution_analyzer.feed(self._last_char, char_len) + else: + self.context_analyzer.feed(byte_str[i - 1:i + 1], + char_len) + self.distribution_analyzer.feed(byte_str[i - 1:i + 1], + char_len) + + self._last_char[0] = byte_str[-1] + + if self.state == ProbingState.DETECTING: + if (self.context_analyzer.got_enough_data() and + (self.get_confidence() > self.SHORTCUT_THRESHOLD)): + self._state = ProbingState.FOUND_IT + + return self.state + + def get_confidence(self): + context_conf = self.context_analyzer.get_confidence() + distrib_conf = self.distribution_analyzer.get_confidence() + return max(context_conf, distrib_conf) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euckrfreq.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euckrfreq.py new file mode 100644 index 000000000..b68078cb9 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euckrfreq.py @@ -0,0 +1,195 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Communicator client code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +# Sampling from about 20M text materials include literature and computer technology + +# 128 --> 0.79 +# 256 --> 0.92 +# 512 --> 0.986 +# 1024 --> 0.99944 +# 2048 --> 0.99999 +# +# Idea Distribution Ratio = 0.98653 / (1-0.98653) = 73.24 +# Random Distribution Ration = 512 / (2350-512) = 0.279. +# +# Typical Distribution Ratio + +EUCKR_TYPICAL_DISTRIBUTION_RATIO = 6.0 + +EUCKR_TABLE_SIZE = 2352 + +# Char to FreqOrder table , +EUCKR_CHAR_TO_FREQ_ORDER = ( + 13, 130, 120,1396, 481,1719,1720, 328, 609, 212,1721, 707, 400, 299,1722, 87, +1397,1723, 104, 536,1117,1203,1724,1267, 685,1268, 508,1725,1726,1727,1728,1398, +1399,1729,1730,1731, 141, 621, 326,1057, 368,1732, 267, 488, 20,1733,1269,1734, + 945,1400,1735, 47, 904,1270,1736,1737, 773, 248,1738, 409, 313, 786, 429,1739, + 116, 987, 813,1401, 683, 75,1204, 145,1740,1741,1742,1743, 16, 847, 667, 622, + 708,1744,1745,1746, 966, 787, 304, 129,1747, 60, 820, 123, 676,1748,1749,1750, +1751, 617,1752, 626,1753,1754,1755,1756, 653,1757,1758,1759,1760,1761,1762, 856, + 344,1763,1764,1765,1766, 89, 401, 418, 806, 905, 848,1767,1768,1769, 946,1205, + 709,1770,1118,1771, 241,1772,1773,1774,1271,1775, 569,1776, 999,1777,1778,1779, +1780, 337, 751,1058, 28, 628, 254,1781, 177, 906, 270, 349, 891,1079,1782, 19, +1783, 379,1784, 315,1785, 629, 754,1402, 559,1786, 636, 203,1206,1787, 710, 567, +1788, 935, 814,1789,1790,1207, 766, 528,1791,1792,1208,1793,1794,1795,1796,1797, +1403,1798,1799, 533,1059,1404,1405,1156,1406, 936, 884,1080,1800, 351,1801,1802, +1803,1804,1805, 801,1806,1807,1808,1119,1809,1157, 714, 474,1407,1810, 298, 899, + 885,1811,1120, 802,1158,1812, 892,1813,1814,1408, 659,1815,1816,1121,1817,1818, +1819,1820,1821,1822, 319,1823, 594, 545,1824, 815, 937,1209,1825,1826, 573,1409, +1022,1827,1210,1828,1829,1830,1831,1832,1833, 556, 722, 807,1122,1060,1834, 697, +1835, 900, 557, 715,1836,1410, 540,1411, 752,1159, 294, 597,1211, 976, 803, 770, +1412,1837,1838, 39, 794,1413, 358,1839, 371, 925,1840, 453, 661, 788, 531, 723, + 544,1023,1081, 869, 91,1841, 392, 430, 790, 602,1414, 677,1082, 457,1415,1416, +1842,1843, 475, 327,1024,1417, 795, 121,1844, 733, 403,1418,1845,1846,1847, 300, + 119, 711,1212, 627,1848,1272, 207,1849,1850, 796,1213, 382,1851, 519,1852,1083, + 893,1853,1854,1855, 367, 809, 487, 671,1856, 663,1857,1858, 956, 471, 306, 857, +1859,1860,1160,1084,1861,1862,1863,1864,1865,1061,1866,1867,1868,1869,1870,1871, + 282, 96, 574,1872, 502,1085,1873,1214,1874, 907,1875,1876, 827, 977,1419,1420, +1421, 268,1877,1422,1878,1879,1880, 308,1881, 2, 537,1882,1883,1215,1884,1885, + 127, 791,1886,1273,1423,1887, 34, 336, 404, 643,1888, 571, 654, 894, 840,1889, + 0, 886,1274, 122, 575, 260, 908, 938,1890,1275, 410, 316,1891,1892, 100,1893, +1894,1123, 48,1161,1124,1025,1895, 633, 901,1276,1896,1897, 115, 816,1898, 317, +1899, 694,1900, 909, 734,1424, 572, 866,1425, 691, 85, 524,1010, 543, 394, 841, +1901,1902,1903,1026,1904,1905,1906,1907,1908,1909, 30, 451, 651, 988, 310,1910, +1911,1426, 810,1216, 93,1912,1913,1277,1217,1914, 858, 759, 45, 58, 181, 610, + 269,1915,1916, 131,1062, 551, 443,1000, 821,1427, 957, 895,1086,1917,1918, 375, +1919, 359,1920, 687,1921, 822,1922, 293,1923,1924, 40, 662, 118, 692, 29, 939, + 887, 640, 482, 174,1925, 69,1162, 728,1428, 910,1926,1278,1218,1279, 386, 870, + 217, 854,1163, 823,1927,1928,1929,1930, 834,1931, 78,1932, 859,1933,1063,1934, +1935,1936,1937, 438,1164, 208, 595,1938,1939,1940,1941,1219,1125,1942, 280, 888, +1429,1430,1220,1431,1943,1944,1945,1946,1947,1280, 150, 510,1432,1948,1949,1950, +1951,1952,1953,1954,1011,1087,1955,1433,1043,1956, 881,1957, 614, 958,1064,1065, +1221,1958, 638,1001, 860, 967, 896,1434, 989, 492, 553,1281,1165,1959,1282,1002, +1283,1222,1960,1961,1962,1963, 36, 383, 228, 753, 247, 454,1964, 876, 678,1965, +1966,1284, 126, 464, 490, 835, 136, 672, 529, 940,1088,1435, 473,1967,1968, 467, + 50, 390, 227, 587, 279, 378, 598, 792, 968, 240, 151, 160, 849, 882,1126,1285, + 639,1044, 133, 140, 288, 360, 811, 563,1027, 561, 142, 523,1969,1970,1971, 7, + 103, 296, 439, 407, 506, 634, 990,1972,1973,1974,1975, 645,1976,1977,1978,1979, +1980,1981, 236,1982,1436,1983,1984,1089, 192, 828, 618, 518,1166, 333,1127,1985, + 818,1223,1986,1987,1988,1989,1990,1991,1992,1993, 342,1128,1286, 746, 842,1994, +1995, 560, 223,1287, 98, 8, 189, 650, 978,1288,1996,1437,1997, 17, 345, 250, + 423, 277, 234, 512, 226, 97, 289, 42, 167,1998, 201,1999,2000, 843, 836, 824, + 532, 338, 783,1090, 182, 576, 436,1438,1439, 527, 500,2001, 947, 889,2002,2003, +2004,2005, 262, 600, 314, 447,2006, 547,2007, 693, 738,1129,2008, 71,1440, 745, + 619, 688,2009, 829,2010,2011, 147,2012, 33, 948,2013,2014, 74, 224,2015, 61, + 191, 918, 399, 637,2016,1028,1130, 257, 902,2017,2018,2019,2020,2021,2022,2023, +2024,2025,2026, 837,2027,2028,2029,2030, 179, 874, 591, 52, 724, 246,2031,2032, +2033,2034,1167, 969,2035,1289, 630, 605, 911,1091,1168,2036,2037,2038,1441, 912, +2039, 623,2040,2041, 253,1169,1290,2042,1442, 146, 620, 611, 577, 433,2043,1224, + 719,1170, 959, 440, 437, 534, 84, 388, 480,1131, 159, 220, 198, 679,2044,1012, + 819,1066,1443, 113,1225, 194, 318,1003,1029,2045,2046,2047,2048,1067,2049,2050, +2051,2052,2053, 59, 913, 112,2054, 632,2055, 455, 144, 739,1291,2056, 273, 681, + 499,2057, 448,2058,2059, 760,2060,2061, 970, 384, 169, 245,1132,2062,2063, 414, +1444,2064,2065, 41, 235,2066, 157, 252, 877, 568, 919, 789, 580,2067, 725,2068, +2069,1292,2070,2071,1445,2072,1446,2073,2074, 55, 588, 66,1447, 271,1092,2075, +1226,2076, 960,1013, 372,2077,2078,2079,2080,2081,1293,2082,2083,2084,2085, 850, +2086,2087,2088,2089,2090, 186,2091,1068, 180,2092,2093,2094, 109,1227, 522, 606, +2095, 867,1448,1093, 991,1171, 926, 353,1133,2096, 581,2097,2098,2099,1294,1449, +1450,2100, 596,1172,1014,1228,2101,1451,1295,1173,1229,2102,2103,1296,1134,1452, + 949,1135,2104,2105,1094,1453,1454,1455,2106,1095,2107,2108,2109,2110,2111,2112, +2113,2114,2115,2116,2117, 804,2118,2119,1230,1231, 805,1456, 405,1136,2120,2121, +2122,2123,2124, 720, 701,1297, 992,1457, 927,1004,2125,2126,2127,2128,2129,2130, + 22, 417,2131, 303,2132, 385,2133, 971, 520, 513,2134,1174, 73,1096, 231, 274, + 962,1458, 673,2135,1459,2136, 152,1137,2137,2138,2139,2140,1005,1138,1460,1139, +2141,2142,2143,2144, 11, 374, 844,2145, 154,1232, 46,1461,2146, 838, 830, 721, +1233, 106,2147, 90, 428, 462, 578, 566,1175, 352,2148,2149, 538,1234, 124,1298, +2150,1462, 761, 565,2151, 686,2152, 649,2153, 72, 173,2154, 460, 415,2155,1463, +2156,1235, 305,2157,2158,2159,2160,2161,2162, 579,2163,2164,2165,2166,2167, 747, +2168,2169,2170,2171,1464, 669,2172,2173,2174,2175,2176,1465,2177, 23, 530, 285, +2178, 335, 729,2179, 397,2180,2181,2182,1030,2183,2184, 698,2185,2186, 325,2187, +2188, 369,2189, 799,1097,1015, 348,2190,1069, 680,2191, 851,1466,2192,2193, 10, +2194, 613, 424,2195, 979, 108, 449, 589, 27, 172, 81,1031, 80, 774, 281, 350, +1032, 525, 301, 582,1176,2196, 674,1045,2197,2198,1467, 730, 762,2199,2200,2201, +2202,1468,2203, 993,2204,2205, 266,1070, 963,1140,2206,2207,2208, 664,1098, 972, +2209,2210,2211,1177,1469,1470, 871,2212,2213,2214,2215,2216,1471,2217,2218,2219, +2220,2221,2222,2223,2224,2225,2226,2227,1472,1236,2228,2229,2230,2231,2232,2233, +2234,2235,1299,2236,2237, 200,2238, 477, 373,2239,2240, 731, 825, 777,2241,2242, +2243, 521, 486, 548,2244,2245,2246,1473,1300, 53, 549, 137, 875, 76, 158,2247, +1301,1474, 469, 396,1016, 278, 712,2248, 321, 442, 503, 767, 744, 941,1237,1178, +1475,2249, 82, 178,1141,1179, 973,2250,1302,2251, 297,2252,2253, 570,2254,2255, +2256, 18, 450, 206,2257, 290, 292,1142,2258, 511, 162, 99, 346, 164, 735,2259, +1476,1477, 4, 554, 343, 798,1099,2260,1100,2261, 43, 171,1303, 139, 215,2262, +2263, 717, 775,2264,1033, 322, 216,2265, 831,2266, 149,2267,1304,2268,2269, 702, +1238, 135, 845, 347, 309,2270, 484,2271, 878, 655, 238,1006,1478,2272, 67,2273, + 295,2274,2275, 461,2276, 478, 942, 412,2277,1034,2278,2279,2280, 265,2281, 541, +2282,2283,2284,2285,2286, 70, 852,1071,2287,2288,2289,2290, 21, 56, 509, 117, + 432,2291,2292, 331, 980, 552,1101, 148, 284, 105, 393,1180,1239, 755,2293, 187, +2294,1046,1479,2295, 340,2296, 63,1047, 230,2297,2298,1305, 763,1306, 101, 800, + 808, 494,2299,2300,2301, 903,2302, 37,1072, 14, 5,2303, 79, 675,2304, 312, +2305,2306,2307,2308,2309,1480, 6,1307,2310,2311,2312, 1, 470, 35, 24, 229, +2313, 695, 210, 86, 778, 15, 784, 592, 779, 32, 77, 855, 964,2314, 259,2315, + 501, 380,2316,2317, 83, 981, 153, 689,1308,1481,1482,1483,2318,2319, 716,1484, +2320,2321,2322,2323,2324,2325,1485,2326,2327, 128, 57, 68, 261,1048, 211, 170, +1240, 31,2328, 51, 435, 742,2329,2330,2331, 635,2332, 264, 456,2333,2334,2335, + 425,2336,1486, 143, 507, 263, 943,2337, 363, 920,1487, 256,1488,1102, 243, 601, +1489,2338,2339,2340,2341,2342,2343,2344, 861,2345,2346,2347,2348,2349,2350, 395, +2351,1490,1491, 62, 535, 166, 225,2352,2353, 668, 419,1241, 138, 604, 928,2354, +1181,2355,1492,1493,2356,2357,2358,1143,2359, 696,2360, 387, 307,1309, 682, 476, +2361,2362, 332, 12, 222, 156,2363, 232,2364, 641, 276, 656, 517,1494,1495,1035, + 416, 736,1496,2365,1017, 586,2366,2367,2368,1497,2369, 242,2370,2371,2372,1498, +2373, 965, 713,2374,2375,2376,2377, 740, 982,1499, 944,1500,1007,2378,2379,1310, +1501,2380,2381,2382, 785, 329,2383,2384,1502,2385,2386,2387, 932,2388,1503,2389, +2390,2391,2392,1242,2393,2394,2395,2396,2397, 994, 950,2398,2399,2400,2401,1504, +1311,2402,2403,2404,2405,1049, 749,2406,2407, 853, 718,1144,1312,2408,1182,1505, +2409,2410, 255, 516, 479, 564, 550, 214,1506,1507,1313, 413, 239, 444, 339,1145, +1036,1508,1509,1314,1037,1510,1315,2411,1511,2412,2413,2414, 176, 703, 497, 624, + 593, 921, 302,2415, 341, 165,1103,1512,2416,1513,2417,2418,2419, 376,2420, 700, +2421,2422,2423, 258, 768,1316,2424,1183,2425, 995, 608,2426,2427,2428,2429, 221, +2430,2431,2432,2433,2434,2435,2436,2437, 195, 323, 726, 188, 897, 983,1317, 377, + 644,1050, 879,2438, 452,2439,2440,2441,2442,2443,2444, 914,2445,2446,2447,2448, + 915, 489,2449,1514,1184,2450,2451, 515, 64, 427, 495,2452, 583,2453, 483, 485, +1038, 562, 213,1515, 748, 666,2454,2455,2456,2457, 334,2458, 780, 996,1008, 705, +1243,2459,2460,2461,2462,2463, 114,2464, 493,1146, 366, 163,1516, 961,1104,2465, + 291,2466,1318,1105,2467,1517, 365,2468, 355, 951,1244,2469,1319,2470, 631,2471, +2472, 218,1320, 364, 320, 756,1518,1519,1321,1520,1322,2473,2474,2475,2476, 997, +2477,2478,2479,2480, 665,1185,2481, 916,1521,2482,2483,2484, 584, 684,2485,2486, + 797,2487,1051,1186,2488,2489,2490,1522,2491,2492, 370,2493,1039,1187, 65,2494, + 434, 205, 463,1188,2495, 125, 812, 391, 402, 826, 699, 286, 398, 155, 781, 771, + 585,2496, 590, 505,1073,2497, 599, 244, 219, 917,1018, 952, 646,1523,2498,1323, +2499,2500, 49, 984, 354, 741,2501, 625,2502,1324,2503,1019, 190, 357, 757, 491, + 95, 782, 868,2504,2505,2506,2507,2508,2509, 134,1524,1074, 422,1525, 898,2510, + 161,2511,2512,2513,2514, 769,2515,1526,2516,2517, 411,1325,2518, 472,1527,2519, +2520,2521,2522,2523,2524, 985,2525,2526,2527,2528,2529,2530, 764,2531,1245,2532, +2533, 25, 204, 311,2534, 496,2535,1052,2536,2537,2538,2539,2540,2541,2542, 199, + 704, 504, 468, 758, 657,1528, 196, 44, 839,1246, 272, 750,2543, 765, 862,2544, +2545,1326,2546, 132, 615, 933,2547, 732,2548,2549,2550,1189,1529,2551, 283,1247, +1053, 607, 929,2552,2553,2554, 930, 183, 872, 616,1040,1147,2555,1148,1020, 441, + 249,1075,2556,2557,2558, 466, 743,2559,2560,2561, 92, 514, 426, 420, 526,2562, +2563,2564,2565,2566,2567,2568, 185,2569,2570,2571,2572, 776,1530, 658,2573, 362, +2574, 361, 922,1076, 793,2575,2576,2577,2578,2579,2580,1531, 251,2581,2582,2583, +2584,1532, 54, 612, 237,1327,2585,2586, 275, 408, 647, 111,2587,1533,1106, 465, + 3, 458, 9, 38,2588, 107, 110, 890, 209, 26, 737, 498,2589,1534,2590, 431, + 202, 88,1535, 356, 287,1107, 660,1149,2591, 381,1536, 986,1150, 445,1248,1151, + 974,2592,2593, 846,2594, 446, 953, 184,1249,1250, 727,2595, 923, 193, 883,2596, +2597,2598, 102, 324, 539, 817,2599, 421,1041,2600, 832,2601, 94, 175, 197, 406, +2602, 459,2603,2604,2605,2606,2607, 330, 555,2608,2609,2610, 706,1108, 389,2611, +2612,2613,2614, 233,2615, 833, 558, 931, 954,1251,2616,2617,1537, 546,2618,2619, +1009,2620,2621,2622,1538, 690,1328,2623, 955,2624,1539,2625,2626, 772,2627,2628, +2629,2630,2631, 924, 648, 863, 603,2632,2633, 934,1540, 864, 865,2634, 642,1042, + 670,1190,2635,2636,2637,2638, 168,2639, 652, 873, 542,1054,1541,2640,2641,2642, # 512, 256 +) + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euckrprober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euckrprober.py new file mode 100644 index 000000000..345a060d0 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euckrprober.py @@ -0,0 +1,47 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is mozilla.org code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .mbcharsetprober import MultiByteCharSetProber +from .codingstatemachine import CodingStateMachine +from .chardistribution import EUCKRDistributionAnalysis +from .mbcssm import EUCKR_SM_MODEL + + +class EUCKRProber(MultiByteCharSetProber): + def __init__(self): + super(EUCKRProber, self).__init__() + self.coding_sm = CodingStateMachine(EUCKR_SM_MODEL) + self.distribution_analyzer = EUCKRDistributionAnalysis() + self.reset() + + @property + def charset_name(self): + return "EUC-KR" + + @property + def language(self): + return "Korean" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euctwfreq.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euctwfreq.py new file mode 100644 index 000000000..ed7a995a3 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euctwfreq.py @@ -0,0 +1,387 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Communicator client code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +# EUCTW frequency table +# Converted from big5 work +# by Taiwan's Mandarin Promotion Council +# + +# 128 --> 0.42261 +# 256 --> 0.57851 +# 512 --> 0.74851 +# 1024 --> 0.89384 +# 2048 --> 0.97583 +# +# Idea Distribution Ratio = 0.74851/(1-0.74851) =2.98 +# Random Distribution Ration = 512/(5401-512)=0.105 +# +# Typical Distribution Ratio about 25% of Ideal one, still much higher than RDR + +EUCTW_TYPICAL_DISTRIBUTION_RATIO = 0.75 + +# Char to FreqOrder table , +EUCTW_TABLE_SIZE = 5376 + +EUCTW_CHAR_TO_FREQ_ORDER = ( + 1,1800,1506, 255,1431, 198, 9, 82, 6,7310, 177, 202,3615,1256,2808, 110, # 2742 +3735, 33,3241, 261, 76, 44,2113, 16,2931,2184,1176, 659,3868, 26,3404,2643, # 2758 +1198,3869,3313,4060, 410,2211, 302, 590, 361,1963, 8, 204, 58,4296,7311,1931, # 2774 + 63,7312,7313, 317,1614, 75, 222, 159,4061,2412,1480,7314,3500,3068, 224,2809, # 2790 +3616, 3, 10,3870,1471, 29,2774,1135,2852,1939, 873, 130,3242,1123, 312,7315, # 2806 +4297,2051, 507, 252, 682,7316, 142,1914, 124, 206,2932, 34,3501,3173, 64, 604, # 2822 +7317,2494,1976,1977, 155,1990, 645, 641,1606,7318,3405, 337, 72, 406,7319, 80, # 2838 + 630, 238,3174,1509, 263, 939,1092,2644, 756,1440,1094,3406, 449, 69,2969, 591, # 2854 + 179,2095, 471, 115,2034,1843, 60, 50,2970, 134, 806,1868, 734,2035,3407, 180, # 2870 + 995,1607, 156, 537,2893, 688,7320, 319,1305, 779,2144, 514,2374, 298,4298, 359, # 2886 +2495, 90,2707,1338, 663, 11, 906,1099,2545, 20,2436, 182, 532,1716,7321, 732, # 2902 +1376,4062,1311,1420,3175, 25,2312,1056, 113, 399, 382,1949, 242,3408,2467, 529, # 2918 +3243, 475,1447,3617,7322, 117, 21, 656, 810,1297,2295,2329,3502,7323, 126,4063, # 2934 + 706, 456, 150, 613,4299, 71,1118,2036,4064, 145,3069, 85, 835, 486,2114,1246, # 2950 +1426, 428, 727,1285,1015, 800, 106, 623, 303,1281,7324,2127,2354, 347,3736, 221, # 2966 +3503,3110,7325,1955,1153,4065, 83, 296,1199,3070, 192, 624, 93,7326, 822,1897, # 2982 +2810,3111, 795,2064, 991,1554,1542,1592, 27, 43,2853, 859, 139,1456, 860,4300, # 2998 + 437, 712,3871, 164,2392,3112, 695, 211,3017,2096, 195,3872,1608,3504,3505,3618, # 3014 +3873, 234, 811,2971,2097,3874,2229,1441,3506,1615,2375, 668,2076,1638, 305, 228, # 3030 +1664,4301, 467, 415,7327, 262,2098,1593, 239, 108, 300, 200,1033, 512,1247,2077, # 3046 +7328,7329,2173,3176,3619,2673, 593, 845,1062,3244, 88,1723,2037,3875,1950, 212, # 3062 + 266, 152, 149, 468,1898,4066,4302, 77, 187,7330,3018, 37, 5,2972,7331,3876, # 3078 +7332,7333, 39,2517,4303,2894,3177,2078, 55, 148, 74,4304, 545, 483,1474,1029, # 3094 +1665, 217,1869,1531,3113,1104,2645,4067, 24, 172,3507, 900,3877,3508,3509,4305, # 3110 + 32,1408,2811,1312, 329, 487,2355,2247,2708, 784,2674, 4,3019,3314,1427,1788, # 3126 + 188, 109, 499,7334,3620,1717,1789, 888,1217,3020,4306,7335,3510,7336,3315,1520, # 3142 +3621,3878, 196,1034, 775,7337,7338, 929,1815, 249, 439, 38,7339,1063,7340, 794, # 3158 +3879,1435,2296, 46, 178,3245,2065,7341,2376,7342, 214,1709,4307, 804, 35, 707, # 3174 + 324,3622,1601,2546, 140, 459,4068,7343,7344,1365, 839, 272, 978,2257,2572,3409, # 3190 +2128,1363,3623,1423, 697, 100,3071, 48, 70,1231, 495,3114,2193,7345,1294,7346, # 3206 +2079, 462, 586,1042,3246, 853, 256, 988, 185,2377,3410,1698, 434,1084,7347,3411, # 3222 + 314,2615,2775,4308,2330,2331, 569,2280, 637,1816,2518, 757,1162,1878,1616,3412, # 3238 + 287,1577,2115, 768,4309,1671,2854,3511,2519,1321,3737, 909,2413,7348,4069, 933, # 3254 +3738,7349,2052,2356,1222,4310, 765,2414,1322, 786,4311,7350,1919,1462,1677,2895, # 3270 +1699,7351,4312,1424,2437,3115,3624,2590,3316,1774,1940,3413,3880,4070, 309,1369, # 3286 +1130,2812, 364,2230,1653,1299,3881,3512,3882,3883,2646, 525,1085,3021, 902,2000, # 3302 +1475, 964,4313, 421,1844,1415,1057,2281, 940,1364,3116, 376,4314,4315,1381, 7, # 3318 +2520, 983,2378, 336,1710,2675,1845, 321,3414, 559,1131,3022,2742,1808,1132,1313, # 3334 + 265,1481,1857,7352, 352,1203,2813,3247, 167,1089, 420,2814, 776, 792,1724,3513, # 3350 +4071,2438,3248,7353,4072,7354, 446, 229, 333,2743, 901,3739,1200,1557,4316,2647, # 3366 +1920, 395,2744,2676,3740,4073,1835, 125, 916,3178,2616,4317,7355,7356,3741,7357, # 3382 +7358,7359,4318,3117,3625,1133,2547,1757,3415,1510,2313,1409,3514,7360,2145, 438, # 3398 +2591,2896,2379,3317,1068, 958,3023, 461, 311,2855,2677,4074,1915,3179,4075,1978, # 3414 + 383, 750,2745,2617,4076, 274, 539, 385,1278,1442,7361,1154,1964, 384, 561, 210, # 3430 + 98,1295,2548,3515,7362,1711,2415,1482,3416,3884,2897,1257, 129,7363,3742, 642, # 3446 + 523,2776,2777,2648,7364, 141,2231,1333, 68, 176, 441, 876, 907,4077, 603,2592, # 3462 + 710, 171,3417, 404, 549, 18,3118,2393,1410,3626,1666,7365,3516,4319,2898,4320, # 3478 +7366,2973, 368,7367, 146, 366, 99, 871,3627,1543, 748, 807,1586,1185, 22,2258, # 3494 + 379,3743,3180,7368,3181, 505,1941,2618,1991,1382,2314,7369, 380,2357, 218, 702, # 3510 +1817,1248,3418,3024,3517,3318,3249,7370,2974,3628, 930,3250,3744,7371, 59,7372, # 3526 + 585, 601,4078, 497,3419,1112,1314,4321,1801,7373,1223,1472,2174,7374, 749,1836, # 3542 + 690,1899,3745,1772,3885,1476, 429,1043,1790,2232,2116, 917,4079, 447,1086,1629, # 3558 +7375, 556,7376,7377,2020,1654, 844,1090, 105, 550, 966,1758,2815,1008,1782, 686, # 3574 +1095,7378,2282, 793,1602,7379,3518,2593,4322,4080,2933,2297,4323,3746, 980,2496, # 3590 + 544, 353, 527,4324, 908,2678,2899,7380, 381,2619,1942,1348,7381,1341,1252, 560, # 3606 +3072,7382,3420,2856,7383,2053, 973, 886,2080, 143,4325,7384,7385, 157,3886, 496, # 3622 +4081, 57, 840, 540,2038,4326,4327,3421,2117,1445, 970,2259,1748,1965,2081,4082, # 3638 +3119,1234,1775,3251,2816,3629, 773,1206,2129,1066,2039,1326,3887,1738,1725,4083, # 3654 + 279,3120, 51,1544,2594, 423,1578,2130,2066, 173,4328,1879,7386,7387,1583, 264, # 3670 + 610,3630,4329,2439, 280, 154,7388,7389,7390,1739, 338,1282,3073, 693,2857,1411, # 3686 +1074,3747,2440,7391,4330,7392,7393,1240, 952,2394,7394,2900,1538,2679, 685,1483, # 3702 +4084,2468,1436, 953,4085,2054,4331, 671,2395, 79,4086,2441,3252, 608, 567,2680, # 3718 +3422,4087,4088,1691, 393,1261,1791,2396,7395,4332,7396,7397,7398,7399,1383,1672, # 3734 +3748,3182,1464, 522,1119, 661,1150, 216, 675,4333,3888,1432,3519, 609,4334,2681, # 3750 +2397,7400,7401,7402,4089,3025, 0,7403,2469, 315, 231,2442, 301,3319,4335,2380, # 3766 +7404, 233,4090,3631,1818,4336,4337,7405, 96,1776,1315,2082,7406, 257,7407,1809, # 3782 +3632,2709,1139,1819,4091,2021,1124,2163,2778,1777,2649,7408,3074, 363,1655,3183, # 3798 +7409,2975,7410,7411,7412,3889,1567,3890, 718, 103,3184, 849,1443, 341,3320,2934, # 3814 +1484,7413,1712, 127, 67, 339,4092,2398, 679,1412, 821,7414,7415, 834, 738, 351, # 3830 +2976,2146, 846, 235,1497,1880, 418,1992,3749,2710, 186,1100,2147,2746,3520,1545, # 3846 +1355,2935,2858,1377, 583,3891,4093,2573,2977,7416,1298,3633,1078,2549,3634,2358, # 3862 + 78,3750,3751, 267,1289,2099,2001,1594,4094, 348, 369,1274,2194,2175,1837,4338, # 3878 +1820,2817,3635,2747,2283,2002,4339,2936,2748, 144,3321, 882,4340,3892,2749,3423, # 3894 +4341,2901,7417,4095,1726, 320,7418,3893,3026, 788,2978,7419,2818,1773,1327,2859, # 3910 +3894,2819,7420,1306,4342,2003,1700,3752,3521,2359,2650, 787,2022, 506, 824,3636, # 3926 + 534, 323,4343,1044,3322,2023,1900, 946,3424,7421,1778,1500,1678,7422,1881,4344, # 3942 + 165, 243,4345,3637,2521, 123, 683,4096, 764,4346, 36,3895,1792, 589,2902, 816, # 3958 + 626,1667,3027,2233,1639,1555,1622,3753,3896,7423,3897,2860,1370,1228,1932, 891, # 3974 +2083,2903, 304,4097,7424, 292,2979,2711,3522, 691,2100,4098,1115,4347, 118, 662, # 3990 +7425, 611,1156, 854,2381,1316,2861, 2, 386, 515,2904,7426,7427,3253, 868,2234, # 4006 +1486, 855,2651, 785,2212,3028,7428,1040,3185,3523,7429,3121, 448,7430,1525,7431, # 4022 +2164,4348,7432,3754,7433,4099,2820,3524,3122, 503, 818,3898,3123,1568, 814, 676, # 4038 +1444, 306,1749,7434,3755,1416,1030, 197,1428, 805,2821,1501,4349,7435,7436,7437, # 4054 +1993,7438,4350,7439,7440,2195, 13,2779,3638,2980,3124,1229,1916,7441,3756,2131, # 4070 +7442,4100,4351,2399,3525,7443,2213,1511,1727,1120,7444,7445, 646,3757,2443, 307, # 4086 +7446,7447,1595,3186,7448,7449,7450,3639,1113,1356,3899,1465,2522,2523,7451, 519, # 4102 +7452, 128,2132, 92,2284,1979,7453,3900,1512, 342,3125,2196,7454,2780,2214,1980, # 4118 +3323,7455, 290,1656,1317, 789, 827,2360,7456,3758,4352, 562, 581,3901,7457, 401, # 4134 +4353,2248, 94,4354,1399,2781,7458,1463,2024,4355,3187,1943,7459, 828,1105,4101, # 4150 +1262,1394,7460,4102, 605,4356,7461,1783,2862,7462,2822, 819,2101, 578,2197,2937, # 4166 +7463,1502, 436,3254,4103,3255,2823,3902,2905,3425,3426,7464,2712,2315,7465,7466, # 4182 +2332,2067, 23,4357, 193, 826,3759,2102, 699,1630,4104,3075, 390,1793,1064,3526, # 4198 +7467,1579,3076,3077,1400,7468,4105,1838,1640,2863,7469,4358,4359, 137,4106, 598, # 4214 +3078,1966, 780, 104, 974,2938,7470, 278, 899, 253, 402, 572, 504, 493,1339,7471, # 4230 +3903,1275,4360,2574,2550,7472,3640,3029,3079,2249, 565,1334,2713, 863, 41,7473, # 4246 +7474,4361,7475,1657,2333, 19, 463,2750,4107, 606,7476,2981,3256,1087,2084,1323, # 4262 +2652,2982,7477,1631,1623,1750,4108,2682,7478,2864, 791,2714,2653,2334, 232,2416, # 4278 +7479,2983,1498,7480,2654,2620, 755,1366,3641,3257,3126,2025,1609, 119,1917,3427, # 4294 + 862,1026,4109,7481,3904,3760,4362,3905,4363,2260,1951,2470,7482,1125, 817,4110, # 4310 +4111,3906,1513,1766,2040,1487,4112,3030,3258,2824,3761,3127,7483,7484,1507,7485, # 4326 +2683, 733, 40,1632,1106,2865, 345,4113, 841,2524, 230,4364,2984,1846,3259,3428, # 4342 +7486,1263, 986,3429,7487, 735, 879, 254,1137, 857, 622,1300,1180,1388,1562,3907, # 4358 +3908,2939, 967,2751,2655,1349, 592,2133,1692,3324,2985,1994,4114,1679,3909,1901, # 4374 +2185,7488, 739,3642,2715,1296,1290,7489,4115,2198,2199,1921,1563,2595,2551,1870, # 4390 +2752,2986,7490, 435,7491, 343,1108, 596, 17,1751,4365,2235,3430,3643,7492,4366, # 4406 + 294,3527,2940,1693, 477, 979, 281,2041,3528, 643,2042,3644,2621,2782,2261,1031, # 4422 +2335,2134,2298,3529,4367, 367,1249,2552,7493,3530,7494,4368,1283,3325,2004, 240, # 4438 +1762,3326,4369,4370, 836,1069,3128, 474,7495,2148,2525, 268,3531,7496,3188,1521, # 4454 +1284,7497,1658,1546,4116,7498,3532,3533,7499,4117,3327,2684,1685,4118, 961,1673, # 4470 +2622, 190,2005,2200,3762,4371,4372,7500, 570,2497,3645,1490,7501,4373,2623,3260, # 4486 +1956,4374, 584,1514, 396,1045,1944,7502,4375,1967,2444,7503,7504,4376,3910, 619, # 4502 +7505,3129,3261, 215,2006,2783,2553,3189,4377,3190,4378, 763,4119,3763,4379,7506, # 4518 +7507,1957,1767,2941,3328,3646,1174, 452,1477,4380,3329,3130,7508,2825,1253,2382, # 4534 +2186,1091,2285,4120, 492,7509, 638,1169,1824,2135,1752,3911, 648, 926,1021,1324, # 4550 +4381, 520,4382, 997, 847,1007, 892,4383,3764,2262,1871,3647,7510,2400,1784,4384, # 4566 +1952,2942,3080,3191,1728,4121,2043,3648,4385,2007,1701,3131,1551, 30,2263,4122, # 4582 +7511,2026,4386,3534,7512, 501,7513,4123, 594,3431,2165,1821,3535,3432,3536,3192, # 4598 + 829,2826,4124,7514,1680,3132,1225,4125,7515,3262,4387,4126,3133,2336,7516,4388, # 4614 +4127,7517,3912,3913,7518,1847,2383,2596,3330,7519,4389, 374,3914, 652,4128,4129, # 4630 + 375,1140, 798,7520,7521,7522,2361,4390,2264, 546,1659, 138,3031,2445,4391,7523, # 4646 +2250, 612,1848, 910, 796,3765,1740,1371, 825,3766,3767,7524,2906,2554,7525, 692, # 4662 + 444,3032,2624, 801,4392,4130,7526,1491, 244,1053,3033,4131,4132, 340,7527,3915, # 4678 +1041,2987, 293,1168, 87,1357,7528,1539, 959,7529,2236, 721, 694,4133,3768, 219, # 4694 +1478, 644,1417,3331,2656,1413,1401,1335,1389,3916,7530,7531,2988,2362,3134,1825, # 4710 + 730,1515, 184,2827, 66,4393,7532,1660,2943, 246,3332, 378,1457, 226,3433, 975, # 4726 +3917,2944,1264,3537, 674, 696,7533, 163,7534,1141,2417,2166, 713,3538,3333,4394, # 4742 +3918,7535,7536,1186, 15,7537,1079,1070,7538,1522,3193,3539, 276,1050,2716, 758, # 4758 +1126, 653,2945,3263,7539,2337, 889,3540,3919,3081,2989, 903,1250,4395,3920,3434, # 4774 +3541,1342,1681,1718, 766,3264, 286, 89,2946,3649,7540,1713,7541,2597,3334,2990, # 4790 +7542,2947,2215,3194,2866,7543,4396,2498,2526, 181, 387,1075,3921, 731,2187,3335, # 4806 +7544,3265, 310, 313,3435,2299, 770,4134, 54,3034, 189,4397,3082,3769,3922,7545, # 4822 +1230,1617,1849, 355,3542,4135,4398,3336, 111,4136,3650,1350,3135,3436,3035,4137, # 4838 +2149,3266,3543,7546,2784,3923,3924,2991, 722,2008,7547,1071, 247,1207,2338,2471, # 4854 +1378,4399,2009, 864,1437,1214,4400, 373,3770,1142,2216, 667,4401, 442,2753,2555, # 4870 +3771,3925,1968,4138,3267,1839, 837, 170,1107, 934,1336,1882,7548,7549,2118,4139, # 4886 +2828, 743,1569,7550,4402,4140, 582,2384,1418,3437,7551,1802,7552, 357,1395,1729, # 4902 +3651,3268,2418,1564,2237,7553,3083,3772,1633,4403,1114,2085,4141,1532,7554, 482, # 4918 +2446,4404,7555,7556,1492, 833,1466,7557,2717,3544,1641,2829,7558,1526,1272,3652, # 4934 +4142,1686,1794, 416,2556,1902,1953,1803,7559,3773,2785,3774,1159,2316,7560,2867, # 4950 +4405,1610,1584,3036,2419,2754, 443,3269,1163,3136,7561,7562,3926,7563,4143,2499, # 4966 +3037,4406,3927,3137,2103,1647,3545,2010,1872,4144,7564,4145, 431,3438,7565, 250, # 4982 + 97, 81,4146,7566,1648,1850,1558, 160, 848,7567, 866, 740,1694,7568,2201,2830, # 4998 +3195,4147,4407,3653,1687, 950,2472, 426, 469,3196,3654,3655,3928,7569,7570,1188, # 5014 + 424,1995, 861,3546,4148,3775,2202,2685, 168,1235,3547,4149,7571,2086,1674,4408, # 5030 +3337,3270, 220,2557,1009,7572,3776, 670,2992, 332,1208, 717,7573,7574,3548,2447, # 5046 +3929,3338,7575, 513,7576,1209,2868,3339,3138,4409,1080,7577,7578,7579,7580,2527, # 5062 +3656,3549, 815,1587,3930,3931,7581,3550,3439,3777,1254,4410,1328,3038,1390,3932, # 5078 +1741,3933,3778,3934,7582, 236,3779,2448,3271,7583,7584,3657,3780,1273,3781,4411, # 5094 +7585, 308,7586,4412, 245,4413,1851,2473,1307,2575, 430, 715,2136,2449,7587, 270, # 5110 + 199,2869,3935,7588,3551,2718,1753, 761,1754, 725,1661,1840,4414,3440,3658,7589, # 5126 +7590, 587, 14,3272, 227,2598, 326, 480,2265, 943,2755,3552, 291, 650,1883,7591, # 5142 +1702,1226, 102,1547, 62,3441, 904,4415,3442,1164,4150,7592,7593,1224,1548,2756, # 5158 + 391, 498,1493,7594,1386,1419,7595,2055,1177,4416, 813, 880,1081,2363, 566,1145, # 5174 +4417,2286,1001,1035,2558,2599,2238, 394,1286,7596,7597,2068,7598, 86,1494,1730, # 5190 +3936, 491,1588, 745, 897,2948, 843,3340,3937,2757,2870,3273,1768, 998,2217,2069, # 5206 + 397,1826,1195,1969,3659,2993,3341, 284,7599,3782,2500,2137,2119,1903,7600,3938, # 5222 +2150,3939,4151,1036,3443,1904, 114,2559,4152, 209,1527,7601,7602,2949,2831,2625, # 5238 +2385,2719,3139, 812,2560,7603,3274,7604,1559, 737,1884,3660,1210, 885, 28,2686, # 5254 +3553,3783,7605,4153,1004,1779,4418,7606, 346,1981,2218,2687,4419,3784,1742, 797, # 5270 +1642,3940,1933,1072,1384,2151, 896,3941,3275,3661,3197,2871,3554,7607,2561,1958, # 5286 +4420,2450,1785,7608,7609,7610,3942,4154,1005,1308,3662,4155,2720,4421,4422,1528, # 5302 +2600, 161,1178,4156,1982, 987,4423,1101,4157, 631,3943,1157,3198,2420,1343,1241, # 5318 +1016,2239,2562, 372, 877,2339,2501,1160, 555,1934, 911,3944,7611, 466,1170, 169, # 5334 +1051,2907,2688,3663,2474,2994,1182,2011,2563,1251,2626,7612, 992,2340,3444,1540, # 5350 +2721,1201,2070,2401,1996,2475,7613,4424, 528,1922,2188,1503,1873,1570,2364,3342, # 5366 +3276,7614, 557,1073,7615,1827,3445,2087,2266,3140,3039,3084, 767,3085,2786,4425, # 5382 +1006,4158,4426,2341,1267,2176,3664,3199, 778,3945,3200,2722,1597,2657,7616,4427, # 5398 +7617,3446,7618,7619,7620,3277,2689,1433,3278, 131, 95,1504,3946, 723,4159,3141, # 5414 +1841,3555,2758,2189,3947,2027,2104,3665,7621,2995,3948,1218,7622,3343,3201,3949, # 5430 +4160,2576, 248,1634,3785, 912,7623,2832,3666,3040,3786, 654, 53,7624,2996,7625, # 5446 +1688,4428, 777,3447,1032,3950,1425,7626, 191, 820,2120,2833, 971,4429, 931,3202, # 5462 + 135, 664, 783,3787,1997, 772,2908,1935,3951,3788,4430,2909,3203, 282,2723, 640, # 5478 +1372,3448,1127, 922, 325,3344,7627,7628, 711,2044,7629,7630,3952,2219,2787,1936, # 5494 +3953,3345,2220,2251,3789,2300,7631,4431,3790,1258,3279,3954,3204,2138,2950,3955, # 5510 +3956,7632,2221, 258,3205,4432, 101,1227,7633,3280,1755,7634,1391,3281,7635,2910, # 5526 +2056, 893,7636,7637,7638,1402,4161,2342,7639,7640,3206,3556,7641,7642, 878,1325, # 5542 +1780,2788,4433, 259,1385,2577, 744,1183,2267,4434,7643,3957,2502,7644, 684,1024, # 5558 +4162,7645, 472,3557,3449,1165,3282,3958,3959, 322,2152, 881, 455,1695,1152,1340, # 5574 + 660, 554,2153,4435,1058,4436,4163, 830,1065,3346,3960,4437,1923,7646,1703,1918, # 5590 +7647, 932,2268, 122,7648,4438, 947, 677,7649,3791,2627, 297,1905,1924,2269,4439, # 5606 +2317,3283,7650,7651,4164,7652,4165, 84,4166, 112, 989,7653, 547,1059,3961, 701, # 5622 +3558,1019,7654,4167,7655,3450, 942, 639, 457,2301,2451, 993,2951, 407, 851, 494, # 5638 +4440,3347, 927,7656,1237,7657,2421,3348, 573,4168, 680, 921,2911,1279,1874, 285, # 5654 + 790,1448,1983, 719,2167,7658,7659,4441,3962,3963,1649,7660,1541, 563,7661,1077, # 5670 +7662,3349,3041,3451, 511,2997,3964,3965,3667,3966,1268,2564,3350,3207,4442,4443, # 5686 +7663, 535,1048,1276,1189,2912,2028,3142,1438,1373,2834,2952,1134,2012,7664,4169, # 5702 +1238,2578,3086,1259,7665, 700,7666,2953,3143,3668,4170,7667,4171,1146,1875,1906, # 5718 +4444,2601,3967, 781,2422, 132,1589, 203, 147, 273,2789,2402, 898,1786,2154,3968, # 5734 +3969,7668,3792,2790,7669,7670,4445,4446,7671,3208,7672,1635,3793, 965,7673,1804, # 5750 +2690,1516,3559,1121,1082,1329,3284,3970,1449,3794, 65,1128,2835,2913,2759,1590, # 5766 +3795,7674,7675, 12,2658, 45, 976,2579,3144,4447, 517,2528,1013,1037,3209,7676, # 5782 +3796,2836,7677,3797,7678,3452,7679,2602, 614,1998,2318,3798,3087,2724,2628,7680, # 5798 +2580,4172, 599,1269,7681,1810,3669,7682,2691,3088, 759,1060, 489,1805,3351,3285, # 5814 +1358,7683,7684,2386,1387,1215,2629,2252, 490,7685,7686,4173,1759,2387,2343,7687, # 5830 +4448,3799,1907,3971,2630,1806,3210,4449,3453,3286,2760,2344, 874,7688,7689,3454, # 5846 +3670,1858, 91,2914,3671,3042,3800,4450,7690,3145,3972,2659,7691,3455,1202,1403, # 5862 +3801,2954,2529,1517,2503,4451,3456,2504,7692,4452,7693,2692,1885,1495,1731,3973, # 5878 +2365,4453,7694,2029,7695,7696,3974,2693,1216, 237,2581,4174,2319,3975,3802,4454, # 5894 +4455,2694,3560,3457, 445,4456,7697,7698,7699,7700,2761, 61,3976,3672,1822,3977, # 5910 +7701, 687,2045, 935, 925, 405,2660, 703,1096,1859,2725,4457,3978,1876,1367,2695, # 5926 +3352, 918,2105,1781,2476, 334,3287,1611,1093,4458, 564,3146,3458,3673,3353, 945, # 5942 +2631,2057,4459,7702,1925, 872,4175,7703,3459,2696,3089, 349,4176,3674,3979,4460, # 5958 +3803,4177,3675,2155,3980,4461,4462,4178,4463,2403,2046, 782,3981, 400, 251,4179, # 5974 +1624,7704,7705, 277,3676, 299,1265, 476,1191,3804,2121,4180,4181,1109, 205,7706, # 5990 +2582,1000,2156,3561,1860,7707,7708,7709,4464,7710,4465,2565, 107,2477,2157,3982, # 6006 +3460,3147,7711,1533, 541,1301, 158, 753,4182,2872,3562,7712,1696, 370,1088,4183, # 6022 +4466,3563, 579, 327, 440, 162,2240, 269,1937,1374,3461, 968,3043, 56,1396,3090, # 6038 +2106,3288,3354,7713,1926,2158,4467,2998,7714,3564,7715,7716,3677,4468,2478,7717, # 6054 +2791,7718,1650,4469,7719,2603,7720,7721,3983,2661,3355,1149,3356,3984,3805,3985, # 6070 +7722,1076, 49,7723, 951,3211,3289,3290, 450,2837, 920,7724,1811,2792,2366,4184, # 6086 +1908,1138,2367,3806,3462,7725,3212,4470,1909,1147,1518,2423,4471,3807,7726,4472, # 6102 +2388,2604, 260,1795,3213,7727,7728,3808,3291, 708,7729,3565,1704,7730,3566,1351, # 6118 +1618,3357,2999,1886, 944,4185,3358,4186,3044,3359,4187,7731,3678, 422, 413,1714, # 6134 +3292, 500,2058,2345,4188,2479,7732,1344,1910, 954,7733,1668,7734,7735,3986,2404, # 6150 +4189,3567,3809,4190,7736,2302,1318,2505,3091, 133,3092,2873,4473, 629, 31,2838, # 6166 +2697,3810,4474, 850, 949,4475,3987,2955,1732,2088,4191,1496,1852,7737,3988, 620, # 6182 +3214, 981,1242,3679,3360,1619,3680,1643,3293,2139,2452,1970,1719,3463,2168,7738, # 6198 +3215,7739,7740,3361,1828,7741,1277,4476,1565,2047,7742,1636,3568,3093,7743, 869, # 6214 +2839, 655,3811,3812,3094,3989,3000,3813,1310,3569,4477,7744,7745,7746,1733, 558, # 6230 +4478,3681, 335,1549,3045,1756,4192,3682,1945,3464,1829,1291,1192, 470,2726,2107, # 6246 +2793, 913,1054,3990,7747,1027,7748,3046,3991,4479, 982,2662,3362,3148,3465,3216, # 6262 +3217,1946,2794,7749, 571,4480,7750,1830,7751,3570,2583,1523,2424,7752,2089, 984, # 6278 +4481,3683,1959,7753,3684, 852, 923,2795,3466,3685, 969,1519, 999,2048,2320,1705, # 6294 +7754,3095, 615,1662, 151, 597,3992,2405,2321,1049, 275,4482,3686,4193, 568,3687, # 6310 +3571,2480,4194,3688,7755,2425,2270, 409,3218,7756,1566,2874,3467,1002, 769,2840, # 6326 + 194,2090,3149,3689,2222,3294,4195, 628,1505,7757,7758,1763,2177,3001,3993, 521, # 6342 +1161,2584,1787,2203,2406,4483,3994,1625,4196,4197, 412, 42,3096, 464,7759,2632, # 6358 +4484,3363,1760,1571,2875,3468,2530,1219,2204,3814,2633,2140,2368,4485,4486,3295, # 6374 +1651,3364,3572,7760,7761,3573,2481,3469,7762,3690,7763,7764,2271,2091, 460,7765, # 6390 +4487,7766,3002, 962, 588,3574, 289,3219,2634,1116, 52,7767,3047,1796,7768,7769, # 6406 +7770,1467,7771,1598,1143,3691,4198,1984,1734,1067,4488,1280,3365, 465,4489,1572, # 6422 + 510,7772,1927,2241,1812,1644,3575,7773,4490,3692,7774,7775,2663,1573,1534,7776, # 6438 +7777,4199, 536,1807,1761,3470,3815,3150,2635,7778,7779,7780,4491,3471,2915,1911, # 6454 +2796,7781,3296,1122, 377,3220,7782, 360,7783,7784,4200,1529, 551,7785,2059,3693, # 6470 +1769,2426,7786,2916,4201,3297,3097,2322,2108,2030,4492,1404, 136,1468,1479, 672, # 6486 +1171,3221,2303, 271,3151,7787,2762,7788,2049, 678,2727, 865,1947,4493,7789,2013, # 6502 +3995,2956,7790,2728,2223,1397,3048,3694,4494,4495,1735,2917,3366,3576,7791,3816, # 6518 + 509,2841,2453,2876,3817,7792,7793,3152,3153,4496,4202,2531,4497,2304,1166,1010, # 6534 + 552, 681,1887,7794,7795,2957,2958,3996,1287,1596,1861,3154, 358, 453, 736, 175, # 6550 + 478,1117, 905,1167,1097,7796,1853,1530,7797,1706,7798,2178,3472,2287,3695,3473, # 6566 +3577,4203,2092,4204,7799,3367,1193,2482,4205,1458,2190,2205,1862,1888,1421,3298, # 6582 +2918,3049,2179,3474, 595,2122,7800,3997,7801,7802,4206,1707,2636, 223,3696,1359, # 6598 + 751,3098, 183,3475,7803,2797,3003, 419,2369, 633, 704,3818,2389, 241,7804,7805, # 6614 +7806, 838,3004,3697,2272,2763,2454,3819,1938,2050,3998,1309,3099,2242,1181,7807, # 6630 +1136,2206,3820,2370,1446,4207,2305,4498,7808,7809,4208,1055,2605, 484,3698,7810, # 6646 +3999, 625,4209,2273,3368,1499,4210,4000,7811,4001,4211,3222,2274,2275,3476,7812, # 6662 +7813,2764, 808,2606,3699,3369,4002,4212,3100,2532, 526,3370,3821,4213, 955,7814, # 6678 +1620,4214,2637,2427,7815,1429,3700,1669,1831, 994, 928,7816,3578,1260,7817,7818, # 6694 +7819,1948,2288, 741,2919,1626,4215,2729,2455, 867,1184, 362,3371,1392,7820,7821, # 6710 +4003,4216,1770,1736,3223,2920,4499,4500,1928,2698,1459,1158,7822,3050,3372,2877, # 6726 +1292,1929,2506,2842,3701,1985,1187,2071,2014,2607,4217,7823,2566,2507,2169,3702, # 6742 +2483,3299,7824,3703,4501,7825,7826, 666,1003,3005,1022,3579,4218,7827,4502,1813, # 6758 +2253, 574,3822,1603, 295,1535, 705,3823,4219, 283, 858, 417,7828,7829,3224,4503, # 6774 +4504,3051,1220,1889,1046,2276,2456,4004,1393,1599, 689,2567, 388,4220,7830,2484, # 6790 + 802,7831,2798,3824,2060,1405,2254,7832,4505,3825,2109,1052,1345,3225,1585,7833, # 6806 + 809,7834,7835,7836, 575,2730,3477, 956,1552,1469,1144,2323,7837,2324,1560,2457, # 6822 +3580,3226,4005, 616,2207,3155,2180,2289,7838,1832,7839,3478,4506,7840,1319,3704, # 6838 +3705,1211,3581,1023,3227,1293,2799,7841,7842,7843,3826, 607,2306,3827, 762,2878, # 6854 +1439,4221,1360,7844,1485,3052,7845,4507,1038,4222,1450,2061,2638,4223,1379,4508, # 6870 +2585,7846,7847,4224,1352,1414,2325,2921,1172,7848,7849,3828,3829,7850,1797,1451, # 6886 +7851,7852,7853,7854,2922,4006,4007,2485,2346, 411,4008,4009,3582,3300,3101,4509, # 6902 +1561,2664,1452,4010,1375,7855,7856, 47,2959, 316,7857,1406,1591,2923,3156,7858, # 6918 +1025,2141,3102,3157, 354,2731, 884,2224,4225,2407, 508,3706, 726,3583, 996,2428, # 6934 +3584, 729,7859, 392,2191,1453,4011,4510,3707,7860,7861,2458,3585,2608,1675,2800, # 6950 + 919,2347,2960,2348,1270,4511,4012, 73,7862,7863, 647,7864,3228,2843,2255,1550, # 6966 +1346,3006,7865,1332, 883,3479,7866,7867,7868,7869,3301,2765,7870,1212, 831,1347, # 6982 +4226,4512,2326,3830,1863,3053, 720,3831,4513,4514,3832,7871,4227,7872,7873,4515, # 6998 +7874,7875,1798,4516,3708,2609,4517,3586,1645,2371,7876,7877,2924, 669,2208,2665, # 7014 +2429,7878,2879,7879,7880,1028,3229,7881,4228,2408,7882,2256,1353,7883,7884,4518, # 7030 +3158, 518,7885,4013,7886,4229,1960,7887,2142,4230,7888,7889,3007,2349,2350,3833, # 7046 + 516,1833,1454,4014,2699,4231,4519,2225,2610,1971,1129,3587,7890,2766,7891,2961, # 7062 +1422, 577,1470,3008,1524,3373,7892,7893, 432,4232,3054,3480,7894,2586,1455,2508, # 7078 +2226,1972,1175,7895,1020,2732,4015,3481,4520,7896,2733,7897,1743,1361,3055,3482, # 7094 +2639,4016,4233,4521,2290, 895, 924,4234,2170, 331,2243,3056, 166,1627,3057,1098, # 7110 +7898,1232,2880,2227,3374,4522, 657, 403,1196,2372, 542,3709,3375,1600,4235,3483, # 7126 +7899,4523,2767,3230, 576, 530,1362,7900,4524,2533,2666,3710,4017,7901, 842,3834, # 7142 +7902,2801,2031,1014,4018, 213,2700,3376, 665, 621,4236,7903,3711,2925,2430,7904, # 7158 +2431,3302,3588,3377,7905,4237,2534,4238,4525,3589,1682,4239,3484,1380,7906, 724, # 7174 +2277, 600,1670,7907,1337,1233,4526,3103,2244,7908,1621,4527,7909, 651,4240,7910, # 7190 +1612,4241,2611,7911,2844,7912,2734,2307,3058,7913, 716,2459,3059, 174,1255,2701, # 7206 +4019,3590, 548,1320,1398, 728,4020,1574,7914,1890,1197,3060,4021,7915,3061,3062, # 7222 +3712,3591,3713, 747,7916, 635,4242,4528,7917,7918,7919,4243,7920,7921,4529,7922, # 7238 +3378,4530,2432, 451,7923,3714,2535,2072,4244,2735,4245,4022,7924,1764,4531,7925, # 7254 +4246, 350,7926,2278,2390,2486,7927,4247,4023,2245,1434,4024, 488,4532, 458,4248, # 7270 +4025,3715, 771,1330,2391,3835,2568,3159,2159,2409,1553,2667,3160,4249,7928,2487, # 7286 +2881,2612,1720,2702,4250,3379,4533,7929,2536,4251,7930,3231,4252,2768,7931,2015, # 7302 +2736,7932,1155,1017,3716,3836,7933,3303,2308, 201,1864,4253,1430,7934,4026,7935, # 7318 +7936,7937,7938,7939,4254,1604,7940, 414,1865, 371,2587,4534,4535,3485,2016,3104, # 7334 +4536,1708, 960,4255, 887, 389,2171,1536,1663,1721,7941,2228,4027,2351,2926,1580, # 7350 +7942,7943,7944,1744,7945,2537,4537,4538,7946,4539,7947,2073,7948,7949,3592,3380, # 7366 +2882,4256,7950,4257,2640,3381,2802, 673,2703,2460, 709,3486,4028,3593,4258,7951, # 7382 +1148, 502, 634,7952,7953,1204,4540,3594,1575,4541,2613,3717,7954,3718,3105, 948, # 7398 +3232, 121,1745,3837,1110,7955,4259,3063,2509,3009,4029,3719,1151,1771,3838,1488, # 7414 +4030,1986,7956,2433,3487,7957,7958,2093,7959,4260,3839,1213,1407,2803, 531,2737, # 7430 +2538,3233,1011,1537,7960,2769,4261,3106,1061,7961,3720,3721,1866,2883,7962,2017, # 7446 + 120,4262,4263,2062,3595,3234,2309,3840,2668,3382,1954,4542,7963,7964,3488,1047, # 7462 +2704,1266,7965,1368,4543,2845, 649,3383,3841,2539,2738,1102,2846,2669,7966,7967, # 7478 +1999,7968,1111,3596,2962,7969,2488,3842,3597,2804,1854,3384,3722,7970,7971,3385, # 7494 +2410,2884,3304,3235,3598,7972,2569,7973,3599,2805,4031,1460, 856,7974,3600,7975, # 7510 +2885,2963,7976,2886,3843,7977,4264, 632,2510, 875,3844,1697,3845,2291,7978,7979, # 7526 +4544,3010,1239, 580,4545,4265,7980, 914, 936,2074,1190,4032,1039,2123,7981,7982, # 7542 +7983,3386,1473,7984,1354,4266,3846,7985,2172,3064,4033, 915,3305,4267,4268,3306, # 7558 +1605,1834,7986,2739, 398,3601,4269,3847,4034, 328,1912,2847,4035,3848,1331,4270, # 7574 +3011, 937,4271,7987,3602,4036,4037,3387,2160,4546,3388, 524, 742, 538,3065,1012, # 7590 +7988,7989,3849,2461,7990, 658,1103, 225,3850,7991,7992,4547,7993,4548,7994,3236, # 7606 +1243,7995,4038, 963,2246,4549,7996,2705,3603,3161,7997,7998,2588,2327,7999,4550, # 7622 +8000,8001,8002,3489,3307, 957,3389,2540,2032,1930,2927,2462, 870,2018,3604,1746, # 7638 +2770,2771,2434,2463,8003,3851,8004,3723,3107,3724,3490,3390,3725,8005,1179,3066, # 7654 +8006,3162,2373,4272,3726,2541,3163,3108,2740,4039,8007,3391,1556,2542,2292, 977, # 7670 +2887,2033,4040,1205,3392,8008,1765,3393,3164,2124,1271,1689, 714,4551,3491,8009, # 7686 +2328,3852, 533,4273,3605,2181, 617,8010,2464,3308,3492,2310,8011,8012,3165,8013, # 7702 +8014,3853,1987, 618, 427,2641,3493,3394,8015,8016,1244,1690,8017,2806,4274,4552, # 7718 +8018,3494,8019,8020,2279,1576, 473,3606,4275,3395, 972,8021,3607,8022,3067,8023, # 7734 +8024,4553,4554,8025,3727,4041,4042,8026, 153,4555, 356,8027,1891,2888,4276,2143, # 7750 + 408, 803,2352,8028,3854,8029,4277,1646,2570,2511,4556,4557,3855,8030,3856,4278, # 7766 +8031,2411,3396, 752,8032,8033,1961,2964,8034, 746,3012,2465,8035,4279,3728, 698, # 7782 +4558,1892,4280,3608,2543,4559,3609,3857,8036,3166,3397,8037,1823,1302,4043,2706, # 7798 +3858,1973,4281,8038,4282,3167, 823,1303,1288,1236,2848,3495,4044,3398, 774,3859, # 7814 +8039,1581,4560,1304,2849,3860,4561,8040,2435,2161,1083,3237,4283,4045,4284, 344, # 7830 +1173, 288,2311, 454,1683,8041,8042,1461,4562,4046,2589,8043,8044,4563, 985, 894, # 7846 +8045,3399,3168,8046,1913,2928,3729,1988,8047,2110,1974,8048,4047,8049,2571,1194, # 7862 + 425,8050,4564,3169,1245,3730,4285,8051,8052,2850,8053, 636,4565,1855,3861, 760, # 7878 +1799,8054,4286,2209,1508,4566,4048,1893,1684,2293,8055,8056,8057,4287,4288,2210, # 7894 + 479,8058,8059, 832,8060,4049,2489,8061,2965,2490,3731, 990,3109, 627,1814,2642, # 7910 +4289,1582,4290,2125,2111,3496,4567,8062, 799,4291,3170,8063,4568,2112,1737,3013, # 7926 +1018, 543, 754,4292,3309,1676,4569,4570,4050,8064,1489,8065,3497,8066,2614,2889, # 7942 +4051,8067,8068,2966,8069,8070,8071,8072,3171,4571,4572,2182,1722,8073,3238,3239, # 7958 +1842,3610,1715, 481, 365,1975,1856,8074,8075,1962,2491,4573,8076,2126,3611,3240, # 7974 + 433,1894,2063,2075,8077, 602,2741,8078,8079,8080,8081,8082,3014,1628,3400,8083, # 7990 +3172,4574,4052,2890,4575,2512,8084,2544,2772,8085,8086,8087,3310,4576,2891,8088, # 8006 +4577,8089,2851,4578,4579,1221,2967,4053,2513,8090,8091,8092,1867,1989,8093,8094, # 8022 +8095,1895,8096,8097,4580,1896,4054, 318,8098,2094,4055,4293,8099,8100, 485,8101, # 8038 + 938,3862, 553,2670, 116,8102,3863,3612,8103,3498,2671,2773,3401,3311,2807,8104, # 8054 +3613,2929,4056,1747,2930,2968,8105,8106, 207,8107,8108,2672,4581,2514,8109,3015, # 8070 + 890,3614,3864,8110,1877,3732,3402,8111,2183,2353,3403,1652,8112,8113,8114, 941, # 8086 +2294, 208,3499,4057,2019, 330,4294,3865,2892,2492,3733,4295,8115,8116,8117,8118, # 8102 +) + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euctwprober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euctwprober.py new file mode 100644 index 000000000..35669cc4d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/euctwprober.py @@ -0,0 +1,46 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is mozilla.org code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .mbcharsetprober import MultiByteCharSetProber +from .codingstatemachine import CodingStateMachine +from .chardistribution import EUCTWDistributionAnalysis +from .mbcssm import EUCTW_SM_MODEL + +class EUCTWProber(MultiByteCharSetProber): + def __init__(self): + super(EUCTWProber, self).__init__() + self.coding_sm = CodingStateMachine(EUCTW_SM_MODEL) + self.distribution_analyzer = EUCTWDistributionAnalysis() + self.reset() + + @property + def charset_name(self): + return "EUC-TW" + + @property + def language(self): + return "Taiwan" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/gb2312freq.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/gb2312freq.py new file mode 100644 index 000000000..697837bd9 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/gb2312freq.py @@ -0,0 +1,283 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Communicator client code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +# GB2312 most frequently used character table +# +# Char to FreqOrder table , from hz6763 + +# 512 --> 0.79 -- 0.79 +# 1024 --> 0.92 -- 0.13 +# 2048 --> 0.98 -- 0.06 +# 6768 --> 1.00 -- 0.02 +# +# Ideal Distribution Ratio = 0.79135/(1-0.79135) = 3.79 +# Random Distribution Ration = 512 / (3755 - 512) = 0.157 +# +# Typical Distribution Ratio about 25% of Ideal one, still much higher that RDR + +GB2312_TYPICAL_DISTRIBUTION_RATIO = 0.9 + +GB2312_TABLE_SIZE = 3760 + +GB2312_CHAR_TO_FREQ_ORDER = ( +1671, 749,1443,2364,3924,3807,2330,3921,1704,3463,2691,1511,1515, 572,3191,2205, +2361, 224,2558, 479,1711, 963,3162, 440,4060,1905,2966,2947,3580,2647,3961,3842, +2204, 869,4207, 970,2678,5626,2944,2956,1479,4048, 514,3595, 588,1346,2820,3409, + 249,4088,1746,1873,2047,1774, 581,1813, 358,1174,3590,1014,1561,4844,2245, 670, +1636,3112, 889,1286, 953, 556,2327,3060,1290,3141, 613, 185,3477,1367, 850,3820, +1715,2428,2642,2303,2732,3041,2562,2648,3566,3946,1349, 388,3098,2091,1360,3585, + 152,1687,1539, 738,1559, 59,1232,2925,2267,1388,1249,1741,1679,2960, 151,1566, +1125,1352,4271, 924,4296, 385,3166,4459, 310,1245,2850, 70,3285,2729,3534,3575, +2398,3298,3466,1960,2265, 217,3647, 864,1909,2084,4401,2773,1010,3269,5152, 853, +3051,3121,1244,4251,1895, 364,1499,1540,2313,1180,3655,2268, 562, 715,2417,3061, + 544, 336,3768,2380,1752,4075, 950, 280,2425,4382, 183,2759,3272, 333,4297,2155, +1688,2356,1444,1039,4540, 736,1177,3349,2443,2368,2144,2225, 565, 196,1482,3406, + 927,1335,4147, 692, 878,1311,1653,3911,3622,1378,4200,1840,2969,3149,2126,1816, +2534,1546,2393,2760, 737,2494, 13, 447, 245,2747, 38,2765,2129,2589,1079, 606, + 360, 471,3755,2890, 404, 848, 699,1785,1236, 370,2221,1023,3746,2074,2026,2023, +2388,1581,2119, 812,1141,3091,2536,1519, 804,2053, 406,1596,1090, 784, 548,4414, +1806,2264,2936,1100, 343,4114,5096, 622,3358, 743,3668,1510,1626,5020,3567,2513, +3195,4115,5627,2489,2991, 24,2065,2697,1087,2719, 48,1634, 315, 68, 985,2052, + 198,2239,1347,1107,1439, 597,2366,2172, 871,3307, 919,2487,2790,1867, 236,2570, +1413,3794, 906,3365,3381,1701,1982,1818,1524,2924,1205, 616,2586,2072,2004, 575, + 253,3099, 32,1365,1182, 197,1714,2454,1201, 554,3388,3224,2748, 756,2587, 250, +2567,1507,1517,3529,1922,2761,2337,3416,1961,1677,2452,2238,3153, 615, 911,1506, +1474,2495,1265,1906,2749,3756,3280,2161, 898,2714,1759,3450,2243,2444, 563, 26, +3286,2266,3769,3344,2707,3677, 611,1402, 531,1028,2871,4548,1375, 261,2948, 835, +1190,4134, 353, 840,2684,1900,3082,1435,2109,1207,1674, 329,1872,2781,4055,2686, +2104, 608,3318,2423,2957,2768,1108,3739,3512,3271,3985,2203,1771,3520,1418,2054, +1681,1153, 225,1627,2929, 162,2050,2511,3687,1954, 124,1859,2431,1684,3032,2894, + 585,4805,3969,2869,2704,2088,2032,2095,3656,2635,4362,2209, 256, 518,2042,2105, +3777,3657, 643,2298,1148,1779, 190, 989,3544, 414, 11,2135,2063,2979,1471, 403, +3678, 126, 770,1563, 671,2499,3216,2877, 600,1179, 307,2805,4937,1268,1297,2694, + 252,4032,1448,1494,1331,1394, 127,2256, 222,1647,1035,1481,3056,1915,1048, 873, +3651, 210, 33,1608,2516, 200,1520, 415, 102, 0,3389,1287, 817, 91,3299,2940, + 836,1814, 549,2197,1396,1669,2987,3582,2297,2848,4528,1070, 687, 20,1819, 121, +1552,1364,1461,1968,2617,3540,2824,2083, 177, 948,4938,2291, 110,4549,2066, 648, +3359,1755,2110,2114,4642,4845,1693,3937,3308,1257,1869,2123, 208,1804,3159,2992, +2531,2549,3361,2418,1350,2347,2800,2568,1291,2036,2680, 72, 842,1990, 212,1233, +1154,1586, 75,2027,3410,4900,1823,1337,2710,2676, 728,2810,1522,3026,4995, 157, + 755,1050,4022, 710, 785,1936,2194,2085,1406,2777,2400, 150,1250,4049,1206, 807, +1910, 534, 529,3309,1721,1660, 274, 39,2827, 661,2670,1578, 925,3248,3815,1094, +4278,4901,4252, 41,1150,3747,2572,2227,4501,3658,4902,3813,3357,3617,2884,2258, + 887, 538,4187,3199,1294,2439,3042,2329,2343,2497,1255, 107, 543,1527, 521,3478, +3568, 194,5062, 15, 961,3870,1241,1192,2664, 66,5215,3260,2111,1295,1127,2152, +3805,4135, 901,1164,1976, 398,1278, 530,1460, 748, 904,1054,1966,1426, 53,2909, + 509, 523,2279,1534, 536,1019, 239,1685, 460,2353, 673,1065,2401,3600,4298,2272, +1272,2363, 284,1753,3679,4064,1695, 81, 815,2677,2757,2731,1386, 859, 500,4221, +2190,2566, 757,1006,2519,2068,1166,1455, 337,2654,3203,1863,1682,1914,3025,1252, +1409,1366, 847, 714,2834,2038,3209, 964,2970,1901, 885,2553,1078,1756,3049, 301, +1572,3326, 688,2130,1996,2429,1805,1648,2930,3421,2750,3652,3088, 262,1158,1254, + 389,1641,1812, 526,1719, 923,2073,1073,1902, 468, 489,4625,1140, 857,2375,3070, +3319,2863, 380, 116,1328,2693,1161,2244, 273,1212,1884,2769,3011,1775,1142, 461, +3066,1200,2147,2212, 790, 702,2695,4222,1601,1058, 434,2338,5153,3640, 67,2360, +4099,2502, 618,3472,1329, 416,1132, 830,2782,1807,2653,3211,3510,1662, 192,2124, + 296,3979,1739,1611,3684, 23, 118, 324, 446,1239,1225, 293,2520,3814,3795,2535, +3116, 17,1074, 467,2692,2201, 387,2922, 45,1326,3055,1645,3659,2817, 958, 243, +1903,2320,1339,2825,1784,3289, 356, 576, 865,2315,2381,3377,3916,1088,3122,1713, +1655, 935, 628,4689,1034,1327, 441, 800, 720, 894,1979,2183,1528,5289,2702,1071, +4046,3572,2399,1571,3281, 79, 761,1103, 327, 134, 758,1899,1371,1615, 879, 442, + 215,2605,2579, 173,2048,2485,1057,2975,3317,1097,2253,3801,4263,1403,1650,2946, + 814,4968,3487,1548,2644,1567,1285, 2, 295,2636, 97, 946,3576, 832, 141,4257, +3273, 760,3821,3521,3156,2607, 949,1024,1733,1516,1803,1920,2125,2283,2665,3180, +1501,2064,3560,2171,1592, 803,3518,1416, 732,3897,4258,1363,1362,2458, 119,1427, + 602,1525,2608,1605,1639,3175, 694,3064, 10, 465, 76,2000,4846,4208, 444,3781, +1619,3353,2206,1273,3796, 740,2483, 320,1723,2377,3660,2619,1359,1137,1762,1724, +2345,2842,1850,1862, 912, 821,1866, 612,2625,1735,2573,3369,1093, 844, 89, 937, + 930,1424,3564,2413,2972,1004,3046,3019,2011, 711,3171,1452,4178, 428, 801,1943, + 432, 445,2811, 206,4136,1472, 730, 349, 73, 397,2802,2547, 998,1637,1167, 789, + 396,3217, 154,1218, 716,1120,1780,2819,4826,1931,3334,3762,2139,1215,2627, 552, +3664,3628,3232,1405,2383,3111,1356,2652,3577,3320,3101,1703, 640,1045,1370,1246, +4996, 371,1575,2436,1621,2210, 984,4033,1734,2638, 16,4529, 663,2755,3255,1451, +3917,2257,1253,1955,2234,1263,2951, 214,1229, 617, 485, 359,1831,1969, 473,2310, + 750,2058, 165, 80,2864,2419, 361,4344,2416,2479,1134, 796,3726,1266,2943, 860, +2715, 938, 390,2734,1313,1384, 248, 202, 877,1064,2854, 522,3907, 279,1602, 297, +2357, 395,3740, 137,2075, 944,4089,2584,1267,3802, 62,1533,2285, 178, 176, 780, +2440, 201,3707, 590, 478,1560,4354,2117,1075, 30, 74,4643,4004,1635,1441,2745, + 776,2596, 238,1077,1692,1912,2844, 605, 499,1742,3947, 241,3053, 980,1749, 936, +2640,4511,2582, 515,1543,2162,5322,2892,2993, 890,2148,1924, 665,1827,3581,1032, + 968,3163, 339,1044,1896, 270, 583,1791,1720,4367,1194,3488,3669, 43,2523,1657, + 163,2167, 290,1209,1622,3378, 550, 634,2508,2510, 695,2634,2384,2512,1476,1414, + 220,1469,2341,2138,2852,3183,2900,4939,2865,3502,1211,3680, 854,3227,1299,2976, +3172, 186,2998,1459, 443,1067,3251,1495, 321,1932,3054, 909, 753,1410,1828, 436, +2441,1119,1587,3164,2186,1258, 227, 231,1425,1890,3200,3942, 247, 959, 725,5254, +2741, 577,2158,2079, 929, 120, 174, 838,2813, 591,1115, 417,2024, 40,3240,1536, +1037, 291,4151,2354, 632,1298,2406,2500,3535,1825,1846,3451, 205,1171, 345,4238, + 18,1163, 811, 685,2208,1217, 425,1312,1508,1175,4308,2552,1033, 587,1381,3059, +2984,3482, 340,1316,4023,3972, 792,3176, 519, 777,4690, 918, 933,4130,2981,3741, + 90,3360,2911,2200,5184,4550, 609,3079,2030, 272,3379,2736, 363,3881,1130,1447, + 286, 779, 357,1169,3350,3137,1630,1220,2687,2391, 747,1277,3688,2618,2682,2601, +1156,3196,5290,4034,3102,1689,3596,3128, 874, 219,2783, 798, 508,1843,2461, 269, +1658,1776,1392,1913,2983,3287,2866,2159,2372, 829,4076, 46,4253,2873,1889,1894, + 915,1834,1631,2181,2318, 298, 664,2818,3555,2735, 954,3228,3117, 527,3511,2173, + 681,2712,3033,2247,2346,3467,1652, 155,2164,3382, 113,1994, 450, 899, 494, 994, +1237,2958,1875,2336,1926,3727, 545,1577,1550, 633,3473, 204,1305,3072,2410,1956, +2471, 707,2134, 841,2195,2196,2663,3843,1026,4940, 990,3252,4997, 368,1092, 437, +3212,3258,1933,1829, 675,2977,2893, 412, 943,3723,4644,3294,3283,2230,2373,5154, +2389,2241,2661,2323,1404,2524, 593, 787, 677,3008,1275,2059, 438,2709,2609,2240, +2269,2246,1446, 36,1568,1373,3892,1574,2301,1456,3962, 693,2276,5216,2035,1143, +2720,1919,1797,1811,2763,4137,2597,1830,1699,1488,1198,2090, 424,1694, 312,3634, +3390,4179,3335,2252,1214, 561,1059,3243,2295,2561, 975,5155,2321,2751,3772, 472, +1537,3282,3398,1047,2077,2348,2878,1323,3340,3076, 690,2906, 51, 369, 170,3541, +1060,2187,2688,3670,2541,1083,1683, 928,3918, 459, 109,4427, 599,3744,4286, 143, +2101,2730,2490, 82,1588,3036,2121, 281,1860, 477,4035,1238,2812,3020,2716,3312, +1530,2188,2055,1317, 843, 636,1808,1173,3495, 649, 181,1002, 147,3641,1159,2414, +3750,2289,2795, 813,3123,2610,1136,4368, 5,3391,4541,2174, 420, 429,1728, 754, +1228,2115,2219, 347,2223,2733, 735,1518,3003,2355,3134,1764,3948,3329,1888,2424, +1001,1234,1972,3321,3363,1672,1021,1450,1584, 226, 765, 655,2526,3404,3244,2302, +3665, 731, 594,2184, 319,1576, 621, 658,2656,4299,2099,3864,1279,2071,2598,2739, + 795,3086,3699,3908,1707,2352,2402,1382,3136,2475,1465,4847,3496,3865,1085,3004, +2591,1084, 213,2287,1963,3565,2250, 822, 793,4574,3187,1772,1789,3050, 595,1484, +1959,2770,1080,2650, 456, 422,2996, 940,3322,4328,4345,3092,2742, 965,2784, 739, +4124, 952,1358,2498,2949,2565, 332,2698,2378, 660,2260,2473,4194,3856,2919, 535, +1260,2651,1208,1428,1300,1949,1303,2942, 433,2455,2450,1251,1946, 614,1269, 641, +1306,1810,2737,3078,2912, 564,2365,1419,1415,1497,4460,2367,2185,1379,3005,1307, +3218,2175,1897,3063, 682,1157,4040,4005,1712,1160,1941,1399, 394, 402,2952,1573, +1151,2986,2404, 862, 299,2033,1489,3006, 346, 171,2886,3401,1726,2932, 168,2533, + 47,2507,1030,3735,1145,3370,1395,1318,1579,3609,4560,2857,4116,1457,2529,1965, + 504,1036,2690,2988,2405, 745,5871, 849,2397,2056,3081, 863,2359,3857,2096, 99, +1397,1769,2300,4428,1643,3455,1978,1757,3718,1440, 35,4879,3742,1296,4228,2280, + 160,5063,1599,2013, 166, 520,3479,1646,3345,3012, 490,1937,1545,1264,2182,2505, +1096,1188,1369,1436,2421,1667,2792,2460,1270,2122, 727,3167,2143, 806,1706,1012, +1800,3037, 960,2218,1882, 805, 139,2456,1139,1521, 851,1052,3093,3089, 342,2039, + 744,5097,1468,1502,1585,2087, 223, 939, 326,2140,2577, 892,2481,1623,4077, 982, +3708, 135,2131, 87,2503,3114,2326,1106, 876,1616, 547,2997,2831,2093,3441,4530, +4314, 9,3256,4229,4148, 659,1462,1986,1710,2046,2913,2231,4090,4880,5255,3392, +3274,1368,3689,4645,1477, 705,3384,3635,1068,1529,2941,1458,3782,1509, 100,1656, +2548, 718,2339, 408,1590,2780,3548,1838,4117,3719,1345,3530, 717,3442,2778,3220, +2898,1892,4590,3614,3371,2043,1998,1224,3483, 891, 635, 584,2559,3355, 733,1766, +1729,1172,3789,1891,2307, 781,2982,2271,1957,1580,5773,2633,2005,4195,3097,1535, +3213,1189,1934,5693,3262, 586,3118,1324,1598, 517,1564,2217,1868,1893,4445,3728, +2703,3139,1526,1787,1992,3882,2875,1549,1199,1056,2224,1904,2711,5098,4287, 338, +1993,3129,3489,2689,1809,2815,1997, 957,1855,3898,2550,3275,3057,1105,1319, 627, +1505,1911,1883,3526, 698,3629,3456,1833,1431, 746, 77,1261,2017,2296,1977,1885, + 125,1334,1600, 525,1798,1109,2222,1470,1945, 559,2236,1186,3443,2476,1929,1411, +2411,3135,1777,3372,2621,1841,1613,3229, 668,1430,1839,2643,2916, 195,1989,2671, +2358,1387, 629,3205,2293,5256,4439, 123,1310, 888,1879,4300,3021,3605,1003,1162, +3192,2910,2010, 140,2395,2859, 55,1082,2012,2901, 662, 419,2081,1438, 680,2774, +4654,3912,1620,1731,1625,5035,4065,2328, 512,1344, 802,5443,2163,2311,2537, 524, +3399, 98,1155,2103,1918,2606,3925,2816,1393,2465,1504,3773,2177,3963,1478,4346, + 180,1113,4655,3461,2028,1698, 833,2696,1235,1322,1594,4408,3623,3013,3225,2040, +3022, 541,2881, 607,3632,2029,1665,1219, 639,1385,1686,1099,2803,3231,1938,3188, +2858, 427, 676,2772,1168,2025, 454,3253,2486,3556, 230,1950, 580, 791,1991,1280, +1086,1974,2034, 630, 257,3338,2788,4903,1017, 86,4790, 966,2789,1995,1696,1131, + 259,3095,4188,1308, 179,1463,5257, 289,4107,1248, 42,3413,1725,2288, 896,1947, + 774,4474,4254, 604,3430,4264, 392,2514,2588, 452, 237,1408,3018, 988,4531,1970, +3034,3310, 540,2370,1562,1288,2990, 502,4765,1147, 4,1853,2708, 207, 294,2814, +4078,2902,2509, 684, 34,3105,3532,2551, 644, 709,2801,2344, 573,1727,3573,3557, +2021,1081,3100,4315,2100,3681, 199,2263,1837,2385, 146,3484,1195,2776,3949, 997, +1939,3973,1008,1091,1202,1962,1847,1149,4209,5444,1076, 493, 117,5400,2521, 972, +1490,2934,1796,4542,2374,1512,2933,2657, 413,2888,1135,2762,2314,2156,1355,2369, + 766,2007,2527,2170,3124,2491,2593,2632,4757,2437, 234,3125,3591,1898,1750,1376, +1942,3468,3138, 570,2127,2145,3276,4131, 962, 132,1445,4196, 19, 941,3624,3480, +3366,1973,1374,4461,3431,2629, 283,2415,2275, 808,2887,3620,2112,2563,1353,3610, + 955,1089,3103,1053, 96, 88,4097, 823,3808,1583, 399, 292,4091,3313, 421,1128, + 642,4006, 903,2539,1877,2082, 596, 29,4066,1790, 722,2157, 130, 995,1569, 769, +1485, 464, 513,2213, 288,1923,1101,2453,4316, 133, 486,2445, 50, 625, 487,2207, + 57, 423, 481,2962, 159,3729,1558, 491, 303, 482, 501, 240,2837, 112,3648,2392, +1783, 362, 8,3433,3422, 610,2793,3277,1390,1284,1654, 21,3823, 734, 367, 623, + 193, 287, 374,1009,1483, 816, 476, 313,2255,2340,1262,2150,2899,1146,2581, 782, +2116,1659,2018,1880, 255,3586,3314,1110,2867,2137,2564, 986,2767,5185,2006, 650, + 158, 926, 762, 881,3157,2717,2362,3587, 306,3690,3245,1542,3077,2427,1691,2478, +2118,2985,3490,2438, 539,2305, 983, 129,1754, 355,4201,2386, 827,2923, 104,1773, +2838,2771, 411,2905,3919, 376, 767, 122,1114, 828,2422,1817,3506, 266,3460,1007, +1609,4998, 945,2612,4429,2274, 726,1247,1964,2914,2199,2070,4002,4108, 657,3323, +1422, 579, 455,2764,4737,1222,2895,1670, 824,1223,1487,2525, 558, 861,3080, 598, +2659,2515,1967, 752,2583,2376,2214,4180, 977, 704,2464,4999,2622,4109,1210,2961, + 819,1541, 142,2284, 44, 418, 457,1126,3730,4347,4626,1644,1876,3671,1864, 302, +1063,5694, 624, 723,1984,3745,1314,1676,2488,1610,1449,3558,3569,2166,2098, 409, +1011,2325,3704,2306, 818,1732,1383,1824,1844,3757, 999,2705,3497,1216,1423,2683, +2426,2954,2501,2726,2229,1475,2554,5064,1971,1794,1666,2014,1343, 783, 724, 191, +2434,1354,2220,5065,1763,2752,2472,4152, 131, 175,2885,3434, 92,1466,4920,2616, +3871,3872,3866, 128,1551,1632, 669,1854,3682,4691,4125,1230, 188,2973,3290,1302, +1213, 560,3266, 917, 763,3909,3249,1760, 868,1958, 764,1782,2097, 145,2277,3774, +4462, 64,1491,3062, 971,2132,3606,2442, 221,1226,1617, 218, 323,1185,3207,3147, + 571, 619,1473,1005,1744,2281, 449,1887,2396,3685, 275, 375,3816,1743,3844,3731, + 845,1983,2350,4210,1377, 773, 967,3499,3052,3743,2725,4007,1697,1022,3943,1464, +3264,2855,2722,1952,1029,2839,2467, 84,4383,2215, 820,1391,2015,2448,3672, 377, +1948,2168, 797,2545,3536,2578,2645, 94,2874,1678, 405,1259,3071, 771, 546,1315, + 470,1243,3083, 895,2468, 981, 969,2037, 846,4181, 653,1276,2928, 14,2594, 557, +3007,2474, 156, 902,1338,1740,2574, 537,2518, 973,2282,2216,2433,1928, 138,2903, +1293,2631,1612, 646,3457, 839,2935, 111, 496,2191,2847, 589,3186, 149,3994,2060, +4031,2641,4067,3145,1870, 37,3597,2136,1025,2051,3009,3383,3549,1121,1016,3261, +1301, 251,2446,2599,2153, 872,3246, 637, 334,3705, 831, 884, 921,3065,3140,4092, +2198,1944, 246,2964, 108,2045,1152,1921,2308,1031, 203,3173,4170,1907,3890, 810, +1401,2003,1690, 506, 647,1242,2828,1761,1649,3208,2249,1589,3709,2931,5156,1708, + 498, 666,2613, 834,3817,1231, 184,2851,1124, 883,3197,2261,3710,1765,1553,2658, +1178,2639,2351, 93,1193, 942,2538,2141,4402, 235,1821, 870,1591,2192,1709,1871, +3341,1618,4126,2595,2334, 603, 651, 69, 701, 268,2662,3411,2555,1380,1606, 503, + 448, 254,2371,2646, 574,1187,2309,1770, 322,2235,1292,1801, 305, 566,1133, 229, +2067,2057, 706, 167, 483,2002,2672,3295,1820,3561,3067, 316, 378,2746,3452,1112, + 136,1981, 507,1651,2917,1117, 285,4591, 182,2580,3522,1304, 335,3303,1835,2504, +1795,1792,2248, 674,1018,2106,2449,1857,2292,2845, 976,3047,1781,2600,2727,1389, +1281, 52,3152, 153, 265,3950, 672,3485,3951,4463, 430,1183, 365, 278,2169, 27, +1407,1336,2304, 209,1340,1730,2202,1852,2403,2883, 979,1737,1062, 631,2829,2542, +3876,2592, 825,2086,2226,3048,3625, 352,1417,3724, 542, 991, 431,1351,3938,1861, +2294, 826,1361,2927,3142,3503,1738, 463,2462,2723, 582,1916,1595,2808, 400,3845, +3891,2868,3621,2254, 58,2492,1123, 910,2160,2614,1372,1603,1196,1072,3385,1700, +3267,1980, 696, 480,2430, 920, 799,1570,2920,1951,2041,4047,2540,1321,4223,2469, +3562,2228,1271,2602, 401,2833,3351,2575,5157, 907,2312,1256, 410, 263,3507,1582, + 996, 678,1849,2316,1480, 908,3545,2237, 703,2322, 667,1826,2849,1531,2604,2999, +2407,3146,2151,2630,1786,3711, 469,3542, 497,3899,2409, 858, 837,4446,3393,1274, + 786, 620,1845,2001,3311, 484, 308,3367,1204,1815,3691,2332,1532,2557,1842,2020, +2724,1927,2333,4440, 567, 22,1673,2728,4475,1987,1858,1144,1597, 101,1832,3601, + 12, 974,3783,4391, 951,1412, 1,3720, 453,4608,4041, 528,1041,1027,3230,2628, +1129, 875,1051,3291,1203,2262,1069,2860,2799,2149,2615,3278, 144,1758,3040, 31, + 475,1680, 366,2685,3184, 311,1642,4008,2466,5036,1593,1493,2809, 216,1420,1668, + 233, 304,2128,3284, 232,1429,1768,1040,2008,3407,2740,2967,2543, 242,2133, 778, +1565,2022,2620, 505,2189,2756,1098,2273, 372,1614, 708, 553,2846,2094,2278, 169, +3626,2835,4161, 228,2674,3165, 809,1454,1309, 466,1705,1095, 900,3423, 880,2667, +3751,5258,2317,3109,2571,4317,2766,1503,1342, 866,4447,1118, 63,2076, 314,1881, +1348,1061, 172, 978,3515,1747, 532, 511,3970, 6, 601, 905,2699,3300,1751, 276, +1467,3725,2668, 65,4239,2544,2779,2556,1604, 578,2451,1802, 992,2331,2624,1320, +3446, 713,1513,1013, 103,2786,2447,1661, 886,1702, 916, 654,3574,2031,1556, 751, +2178,2821,2179,1498,1538,2176, 271, 914,2251,2080,1325, 638,1953,2937,3877,2432, +2754, 95,3265,1716, 260,1227,4083, 775, 106,1357,3254, 426,1607, 555,2480, 772, +1985, 244,2546, 474, 495,1046,2611,1851,2061, 71,2089,1675,2590, 742,3758,2843, +3222,1433, 267,2180,2576,2826,2233,2092,3913,2435, 956,1745,3075, 856,2113,1116, + 451, 3,1988,2896,1398, 993,2463,1878,2049,1341,2718,2721,2870,2108, 712,2904, +4363,2753,2324, 277,2872,2349,2649, 384, 987, 435, 691,3000, 922, 164,3939, 652, +1500,1184,4153,2482,3373,2165,4848,2335,3775,3508,3154,2806,2830,1554,2102,1664, +2530,1434,2408, 893,1547,2623,3447,2832,2242,2532,3169,2856,3223,2078, 49,3770, +3469, 462, 318, 656,2259,3250,3069, 679,1629,2758, 344,1138,1104,3120,1836,1283, +3115,2154,1437,4448, 934, 759,1999, 794,2862,1038, 533,2560,1722,2342, 855,2626, +1197,1663,4476,3127, 85,4240,2528, 25,1111,1181,3673, 407,3470,4561,2679,2713, + 768,1925,2841,3986,1544,1165, 932, 373,1240,2146,1930,2673, 721,4766, 354,4333, + 391,2963, 187, 61,3364,1442,1102, 330,1940,1767, 341,3809,4118, 393,2496,2062, +2211, 105, 331, 300, 439, 913,1332, 626, 379,3304,1557, 328, 689,3952, 309,1555, + 931, 317,2517,3027, 325, 569, 686,2107,3084, 60,1042,1333,2794, 264,3177,4014, +1628, 258,3712, 7,4464,1176,1043,1778, 683, 114,1975, 78,1492, 383,1886, 510, + 386, 645,5291,2891,2069,3305,4138,3867,2939,2603,2493,1935,1066,1848,3588,1015, +1282,1289,4609, 697,1453,3044,2666,3611,1856,2412, 54, 719,1330, 568,3778,2459, +1748, 788, 492, 551,1191,1000, 488,3394,3763, 282,1799, 348,2016,1523,3155,2390, +1049, 382,2019,1788,1170, 729,2968,3523, 897,3926,2785,2938,3292, 350,2319,3238, +1718,1717,2655,3453,3143,4465, 161,2889,2980,2009,1421, 56,1908,1640,2387,2232, +1917,1874,2477,4921, 148, 83,3438, 592,4245,2882,1822,1055, 741, 115,1496,1624, + 381,1638,4592,1020, 516,3214, 458, 947,4575,1432, 211,1514,2926,1865,2142, 189, + 852,1221,1400,1486, 882,2299,4036, 351, 28,1122, 700,6479,6480,6481,6482,6483, #last 512 +) + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/gb2312prober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/gb2312prober.py new file mode 100644 index 000000000..8446d2dd9 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/gb2312prober.py @@ -0,0 +1,46 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is mozilla.org code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .mbcharsetprober import MultiByteCharSetProber +from .codingstatemachine import CodingStateMachine +from .chardistribution import GB2312DistributionAnalysis +from .mbcssm import GB2312_SM_MODEL + +class GB2312Prober(MultiByteCharSetProber): + def __init__(self): + super(GB2312Prober, self).__init__() + self.coding_sm = CodingStateMachine(GB2312_SM_MODEL) + self.distribution_analyzer = GB2312DistributionAnalysis() + self.reset() + + @property + def charset_name(self): + return "GB2312" + + @property + def language(self): + return "Chinese" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/hebrewprober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/hebrewprober.py new file mode 100644 index 000000000..b0e1bf492 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/hebrewprober.py @@ -0,0 +1,292 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Universal charset detector code. +# +# The Initial Developer of the Original Code is +# Shy Shalom +# Portions created by the Initial Developer are Copyright (C) 2005 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .charsetprober import CharSetProber +from .enums import ProbingState + +# This prober doesn't actually recognize a language or a charset. +# It is a helper prober for the use of the Hebrew model probers + +### General ideas of the Hebrew charset recognition ### +# +# Four main charsets exist in Hebrew: +# "ISO-8859-8" - Visual Hebrew +# "windows-1255" - Logical Hebrew +# "ISO-8859-8-I" - Logical Hebrew +# "x-mac-hebrew" - ?? Logical Hebrew ?? +# +# Both "ISO" charsets use a completely identical set of code points, whereas +# "windows-1255" and "x-mac-hebrew" are two different proper supersets of +# these code points. windows-1255 defines additional characters in the range +# 0x80-0x9F as some misc punctuation marks as well as some Hebrew-specific +# diacritics and additional 'Yiddish' ligature letters in the range 0xc0-0xd6. +# x-mac-hebrew defines similar additional code points but with a different +# mapping. +# +# As far as an average Hebrew text with no diacritics is concerned, all four +# charsets are identical with respect to code points. Meaning that for the +# main Hebrew alphabet, all four map the same values to all 27 Hebrew letters +# (including final letters). +# +# The dominant difference between these charsets is their directionality. +# "Visual" directionality means that the text is ordered as if the renderer is +# not aware of a BIDI rendering algorithm. The renderer sees the text and +# draws it from left to right. The text itself when ordered naturally is read +# backwards. A buffer of Visual Hebrew generally looks like so: +# "[last word of first line spelled backwards] [whole line ordered backwards +# and spelled backwards] [first word of first line spelled backwards] +# [end of line] [last word of second line] ... etc' " +# adding punctuation marks, numbers and English text to visual text is +# naturally also "visual" and from left to right. +# +# "Logical" directionality means the text is ordered "naturally" according to +# the order it is read. It is the responsibility of the renderer to display +# the text from right to left. A BIDI algorithm is used to place general +# punctuation marks, numbers and English text in the text. +# +# Texts in x-mac-hebrew are almost impossible to find on the Internet. From +# what little evidence I could find, it seems that its general directionality +# is Logical. +# +# To sum up all of the above, the Hebrew probing mechanism knows about two +# charsets: +# Visual Hebrew - "ISO-8859-8" - backwards text - Words and sentences are +# backwards while line order is natural. For charset recognition purposes +# the line order is unimportant (In fact, for this implementation, even +# word order is unimportant). +# Logical Hebrew - "windows-1255" - normal, naturally ordered text. +# +# "ISO-8859-8-I" is a subset of windows-1255 and doesn't need to be +# specifically identified. +# "x-mac-hebrew" is also identified as windows-1255. A text in x-mac-hebrew +# that contain special punctuation marks or diacritics is displayed with +# some unconverted characters showing as question marks. This problem might +# be corrected using another model prober for x-mac-hebrew. Due to the fact +# that x-mac-hebrew texts are so rare, writing another model prober isn't +# worth the effort and performance hit. +# +#### The Prober #### +# +# The prober is divided between two SBCharSetProbers and a HebrewProber, +# all of which are managed, created, fed data, inquired and deleted by the +# SBCSGroupProber. The two SBCharSetProbers identify that the text is in +# fact some kind of Hebrew, Logical or Visual. The final decision about which +# one is it is made by the HebrewProber by combining final-letter scores +# with the scores of the two SBCharSetProbers to produce a final answer. +# +# The SBCSGroupProber is responsible for stripping the original text of HTML +# tags, English characters, numbers, low-ASCII punctuation characters, spaces +# and new lines. It reduces any sequence of such characters to a single space. +# The buffer fed to each prober in the SBCS group prober is pure text in +# high-ASCII. +# The two SBCharSetProbers (model probers) share the same language model: +# Win1255Model. +# The first SBCharSetProber uses the model normally as any other +# SBCharSetProber does, to recognize windows-1255, upon which this model was +# built. The second SBCharSetProber is told to make the pair-of-letter +# lookup in the language model backwards. This in practice exactly simulates +# a visual Hebrew model using the windows-1255 logical Hebrew model. +# +# The HebrewProber is not using any language model. All it does is look for +# final-letter evidence suggesting the text is either logical Hebrew or visual +# Hebrew. Disjointed from the model probers, the results of the HebrewProber +# alone are meaningless. HebrewProber always returns 0.00 as confidence +# since it never identifies a charset by itself. Instead, the pointer to the +# HebrewProber is passed to the model probers as a helper "Name Prober". +# When the Group prober receives a positive identification from any prober, +# it asks for the name of the charset identified. If the prober queried is a +# Hebrew model prober, the model prober forwards the call to the +# HebrewProber to make the final decision. In the HebrewProber, the +# decision is made according to the final-letters scores maintained and Both +# model probers scores. The answer is returned in the form of the name of the +# charset identified, either "windows-1255" or "ISO-8859-8". + +class HebrewProber(CharSetProber): + # windows-1255 / ISO-8859-8 code points of interest + FINAL_KAF = 0xea + NORMAL_KAF = 0xeb + FINAL_MEM = 0xed + NORMAL_MEM = 0xee + FINAL_NUN = 0xef + NORMAL_NUN = 0xf0 + FINAL_PE = 0xf3 + NORMAL_PE = 0xf4 + FINAL_TSADI = 0xf5 + NORMAL_TSADI = 0xf6 + + # Minimum Visual vs Logical final letter score difference. + # If the difference is below this, don't rely solely on the final letter score + # distance. + MIN_FINAL_CHAR_DISTANCE = 5 + + # Minimum Visual vs Logical model score difference. + # If the difference is below this, don't rely at all on the model score + # distance. + MIN_MODEL_DISTANCE = 0.01 + + VISUAL_HEBREW_NAME = "ISO-8859-8" + LOGICAL_HEBREW_NAME = "windows-1255" + + def __init__(self): + super(HebrewProber, self).__init__() + self._final_char_logical_score = None + self._final_char_visual_score = None + self._prev = None + self._before_prev = None + self._logical_prober = None + self._visual_prober = None + self.reset() + + def reset(self): + self._final_char_logical_score = 0 + self._final_char_visual_score = 0 + # The two last characters seen in the previous buffer, + # mPrev and mBeforePrev are initialized to space in order to simulate + # a word delimiter at the beginning of the data + self._prev = ' ' + self._before_prev = ' ' + # These probers are owned by the group prober. + + def set_model_probers(self, logicalProber, visualProber): + self._logical_prober = logicalProber + self._visual_prober = visualProber + + def is_final(self, c): + return c in [self.FINAL_KAF, self.FINAL_MEM, self.FINAL_NUN, + self.FINAL_PE, self.FINAL_TSADI] + + def is_non_final(self, c): + # The normal Tsadi is not a good Non-Final letter due to words like + # 'lechotet' (to chat) containing an apostrophe after the tsadi. This + # apostrophe is converted to a space in FilterWithoutEnglishLetters + # causing the Non-Final tsadi to appear at an end of a word even + # though this is not the case in the original text. + # The letters Pe and Kaf rarely display a related behavior of not being + # a good Non-Final letter. Words like 'Pop', 'Winamp' and 'Mubarak' + # for example legally end with a Non-Final Pe or Kaf. However, the + # benefit of these letters as Non-Final letters outweighs the damage + # since these words are quite rare. + return c in [self.NORMAL_KAF, self.NORMAL_MEM, + self.NORMAL_NUN, self.NORMAL_PE] + + def feed(self, byte_str): + # Final letter analysis for logical-visual decision. + # Look for evidence that the received buffer is either logical Hebrew + # or visual Hebrew. + # The following cases are checked: + # 1) A word longer than 1 letter, ending with a final letter. This is + # an indication that the text is laid out "naturally" since the + # final letter really appears at the end. +1 for logical score. + # 2) A word longer than 1 letter, ending with a Non-Final letter. In + # normal Hebrew, words ending with Kaf, Mem, Nun, Pe or Tsadi, + # should not end with the Non-Final form of that letter. Exceptions + # to this rule are mentioned above in isNonFinal(). This is an + # indication that the text is laid out backwards. +1 for visual + # score + # 3) A word longer than 1 letter, starting with a final letter. Final + # letters should not appear at the beginning of a word. This is an + # indication that the text is laid out backwards. +1 for visual + # score. + # + # The visual score and logical score are accumulated throughout the + # text and are finally checked against each other in GetCharSetName(). + # No checking for final letters in the middle of words is done since + # that case is not an indication for either Logical or Visual text. + # + # We automatically filter out all 7-bit characters (replace them with + # spaces) so the word boundary detection works properly. [MAP] + + if self.state == ProbingState.NOT_ME: + # Both model probers say it's not them. No reason to continue. + return ProbingState.NOT_ME + + byte_str = self.filter_high_byte_only(byte_str) + + for cur in byte_str: + if cur == ' ': + # We stand on a space - a word just ended + if self._before_prev != ' ': + # next-to-last char was not a space so self._prev is not a + # 1 letter word + if self.is_final(self._prev): + # case (1) [-2:not space][-1:final letter][cur:space] + self._final_char_logical_score += 1 + elif self.is_non_final(self._prev): + # case (2) [-2:not space][-1:Non-Final letter][ + # cur:space] + self._final_char_visual_score += 1 + else: + # Not standing on a space + if ((self._before_prev == ' ') and + (self.is_final(self._prev)) and (cur != ' ')): + # case (3) [-2:space][-1:final letter][cur:not space] + self._final_char_visual_score += 1 + self._before_prev = self._prev + self._prev = cur + + # Forever detecting, till the end or until both model probers return + # ProbingState.NOT_ME (handled above) + return ProbingState.DETECTING + + @property + def charset_name(self): + # Make the decision: is it Logical or Visual? + # If the final letter score distance is dominant enough, rely on it. + finalsub = self._final_char_logical_score - self._final_char_visual_score + if finalsub >= self.MIN_FINAL_CHAR_DISTANCE: + return self.LOGICAL_HEBREW_NAME + if finalsub <= -self.MIN_FINAL_CHAR_DISTANCE: + return self.VISUAL_HEBREW_NAME + + # It's not dominant enough, try to rely on the model scores instead. + modelsub = (self._logical_prober.get_confidence() + - self._visual_prober.get_confidence()) + if modelsub > self.MIN_MODEL_DISTANCE: + return self.LOGICAL_HEBREW_NAME + if modelsub < -self.MIN_MODEL_DISTANCE: + return self.VISUAL_HEBREW_NAME + + # Still no good, back to final letter distance, maybe it'll save the + # day. + if finalsub < 0.0: + return self.VISUAL_HEBREW_NAME + + # (finalsub > 0 - Logical) or (don't know what to do) default to + # Logical. + return self.LOGICAL_HEBREW_NAME + + @property + def language(self): + return 'Hebrew' + + @property + def state(self): + # Remain active as long as any of the model probers are active. + if (self._logical_prober.state == ProbingState.NOT_ME) and \ + (self._visual_prober.state == ProbingState.NOT_ME): + return ProbingState.NOT_ME + return ProbingState.DETECTING diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/jisfreq.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/jisfreq.py new file mode 100644 index 000000000..83fc082b5 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/jisfreq.py @@ -0,0 +1,325 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Communicator client code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +# Sampling from about 20M text materials include literature and computer technology +# +# Japanese frequency table, applied to both S-JIS and EUC-JP +# They are sorted in order. + +# 128 --> 0.77094 +# 256 --> 0.85710 +# 512 --> 0.92635 +# 1024 --> 0.97130 +# 2048 --> 0.99431 +# +# Ideal Distribution Ratio = 0.92635 / (1-0.92635) = 12.58 +# Random Distribution Ration = 512 / (2965+62+83+86-512) = 0.191 +# +# Typical Distribution Ratio, 25% of IDR + +JIS_TYPICAL_DISTRIBUTION_RATIO = 3.0 + +# Char to FreqOrder table , +JIS_TABLE_SIZE = 4368 + +JIS_CHAR_TO_FREQ_ORDER = ( + 40, 1, 6, 182, 152, 180, 295,2127, 285, 381,3295,4304,3068,4606,3165,3510, # 16 +3511,1822,2785,4607,1193,2226,5070,4608, 171,2996,1247, 18, 179,5071, 856,1661, # 32 +1262,5072, 619, 127,3431,3512,3230,1899,1700, 232, 228,1294,1298, 284, 283,2041, # 48 +2042,1061,1062, 48, 49, 44, 45, 433, 434,1040,1041, 996, 787,2997,1255,4305, # 64 +2108,4609,1684,1648,5073,5074,5075,5076,5077,5078,3687,5079,4610,5080,3927,3928, # 80 +5081,3296,3432, 290,2285,1471,2187,5082,2580,2825,1303,2140,1739,1445,2691,3375, # 96 +1691,3297,4306,4307,4611, 452,3376,1182,2713,3688,3069,4308,5083,5084,5085,5086, # 112 +5087,5088,5089,5090,5091,5092,5093,5094,5095,5096,5097,5098,5099,5100,5101,5102, # 128 +5103,5104,5105,5106,5107,5108,5109,5110,5111,5112,4097,5113,5114,5115,5116,5117, # 144 +5118,5119,5120,5121,5122,5123,5124,5125,5126,5127,5128,5129,5130,5131,5132,5133, # 160 +5134,5135,5136,5137,5138,5139,5140,5141,5142,5143,5144,5145,5146,5147,5148,5149, # 176 +5150,5151,5152,4612,5153,5154,5155,5156,5157,5158,5159,5160,5161,5162,5163,5164, # 192 +5165,5166,5167,5168,5169,5170,5171,5172,5173,5174,5175,1472, 598, 618, 820,1205, # 208 +1309,1412,1858,1307,1692,5176,5177,5178,5179,5180,5181,5182,1142,1452,1234,1172, # 224 +1875,2043,2149,1793,1382,2973, 925,2404,1067,1241, 960,1377,2935,1491, 919,1217, # 240 +1865,2030,1406,1499,2749,4098,5183,5184,5185,5186,5187,5188,2561,4099,3117,1804, # 256 +2049,3689,4309,3513,1663,5189,3166,3118,3298,1587,1561,3433,5190,3119,1625,2998, # 272 +3299,4613,1766,3690,2786,4614,5191,5192,5193,5194,2161, 26,3377, 2,3929, 20, # 288 +3691, 47,4100, 50, 17, 16, 35, 268, 27, 243, 42, 155, 24, 154, 29, 184, # 304 + 4, 91, 14, 92, 53, 396, 33, 289, 9, 37, 64, 620, 21, 39, 321, 5, # 320 + 12, 11, 52, 13, 3, 208, 138, 0, 7, 60, 526, 141, 151,1069, 181, 275, # 336 +1591, 83, 132,1475, 126, 331, 829, 15, 69, 160, 59, 22, 157, 55,1079, 312, # 352 + 109, 38, 23, 25, 10, 19, 79,5195, 61, 382,1124, 8, 30,5196,5197,5198, # 368 +5199,5200,5201,5202,5203,5204,5205,5206, 89, 62, 74, 34,2416, 112, 139, 196, # 384 + 271, 149, 84, 607, 131, 765, 46, 88, 153, 683, 76, 874, 101, 258, 57, 80, # 400 + 32, 364, 121,1508, 169,1547, 68, 235, 145,2999, 41, 360,3027, 70, 63, 31, # 416 + 43, 259, 262,1383, 99, 533, 194, 66, 93, 846, 217, 192, 56, 106, 58, 565, # 432 + 280, 272, 311, 256, 146, 82, 308, 71, 100, 128, 214, 655, 110, 261, 104,1140, # 448 + 54, 51, 36, 87, 67,3070, 185,2618,2936,2020, 28,1066,2390,2059,5207,5208, # 464 +5209,5210,5211,5212,5213,5214,5215,5216,4615,5217,5218,5219,5220,5221,5222,5223, # 480 +5224,5225,5226,5227,5228,5229,5230,5231,5232,5233,5234,5235,5236,3514,5237,5238, # 496 +5239,5240,5241,5242,5243,5244,2297,2031,4616,4310,3692,5245,3071,5246,3598,5247, # 512 +4617,3231,3515,5248,4101,4311,4618,3808,4312,4102,5249,4103,4104,3599,5250,5251, # 528 +5252,5253,5254,5255,5256,5257,5258,5259,5260,5261,5262,5263,5264,5265,5266,5267, # 544 +5268,5269,5270,5271,5272,5273,5274,5275,5276,5277,5278,5279,5280,5281,5282,5283, # 560 +5284,5285,5286,5287,5288,5289,5290,5291,5292,5293,5294,5295,5296,5297,5298,5299, # 576 +5300,5301,5302,5303,5304,5305,5306,5307,5308,5309,5310,5311,5312,5313,5314,5315, # 592 +5316,5317,5318,5319,5320,5321,5322,5323,5324,5325,5326,5327,5328,5329,5330,5331, # 608 +5332,5333,5334,5335,5336,5337,5338,5339,5340,5341,5342,5343,5344,5345,5346,5347, # 624 +5348,5349,5350,5351,5352,5353,5354,5355,5356,5357,5358,5359,5360,5361,5362,5363, # 640 +5364,5365,5366,5367,5368,5369,5370,5371,5372,5373,5374,5375,5376,5377,5378,5379, # 656 +5380,5381, 363, 642,2787,2878,2788,2789,2316,3232,2317,3434,2011, 165,1942,3930, # 672 +3931,3932,3933,5382,4619,5383,4620,5384,5385,5386,5387,5388,5389,5390,5391,5392, # 688 +5393,5394,5395,5396,5397,5398,5399,5400,5401,5402,5403,5404,5405,5406,5407,5408, # 704 +5409,5410,5411,5412,5413,5414,5415,5416,5417,5418,5419,5420,5421,5422,5423,5424, # 720 +5425,5426,5427,5428,5429,5430,5431,5432,5433,5434,5435,5436,5437,5438,5439,5440, # 736 +5441,5442,5443,5444,5445,5446,5447,5448,5449,5450,5451,5452,5453,5454,5455,5456, # 752 +5457,5458,5459,5460,5461,5462,5463,5464,5465,5466,5467,5468,5469,5470,5471,5472, # 768 +5473,5474,5475,5476,5477,5478,5479,5480,5481,5482,5483,5484,5485,5486,5487,5488, # 784 +5489,5490,5491,5492,5493,5494,5495,5496,5497,5498,5499,5500,5501,5502,5503,5504, # 800 +5505,5506,5507,5508,5509,5510,5511,5512,5513,5514,5515,5516,5517,5518,5519,5520, # 816 +5521,5522,5523,5524,5525,5526,5527,5528,5529,5530,5531,5532,5533,5534,5535,5536, # 832 +5537,5538,5539,5540,5541,5542,5543,5544,5545,5546,5547,5548,5549,5550,5551,5552, # 848 +5553,5554,5555,5556,5557,5558,5559,5560,5561,5562,5563,5564,5565,5566,5567,5568, # 864 +5569,5570,5571,5572,5573,5574,5575,5576,5577,5578,5579,5580,5581,5582,5583,5584, # 880 +5585,5586,5587,5588,5589,5590,5591,5592,5593,5594,5595,5596,5597,5598,5599,5600, # 896 +5601,5602,5603,5604,5605,5606,5607,5608,5609,5610,5611,5612,5613,5614,5615,5616, # 912 +5617,5618,5619,5620,5621,5622,5623,5624,5625,5626,5627,5628,5629,5630,5631,5632, # 928 +5633,5634,5635,5636,5637,5638,5639,5640,5641,5642,5643,5644,5645,5646,5647,5648, # 944 +5649,5650,5651,5652,5653,5654,5655,5656,5657,5658,5659,5660,5661,5662,5663,5664, # 960 +5665,5666,5667,5668,5669,5670,5671,5672,5673,5674,5675,5676,5677,5678,5679,5680, # 976 +5681,5682,5683,5684,5685,5686,5687,5688,5689,5690,5691,5692,5693,5694,5695,5696, # 992 +5697,5698,5699,5700,5701,5702,5703,5704,5705,5706,5707,5708,5709,5710,5711,5712, # 1008 +5713,5714,5715,5716,5717,5718,5719,5720,5721,5722,5723,5724,5725,5726,5727,5728, # 1024 +5729,5730,5731,5732,5733,5734,5735,5736,5737,5738,5739,5740,5741,5742,5743,5744, # 1040 +5745,5746,5747,5748,5749,5750,5751,5752,5753,5754,5755,5756,5757,5758,5759,5760, # 1056 +5761,5762,5763,5764,5765,5766,5767,5768,5769,5770,5771,5772,5773,5774,5775,5776, # 1072 +5777,5778,5779,5780,5781,5782,5783,5784,5785,5786,5787,5788,5789,5790,5791,5792, # 1088 +5793,5794,5795,5796,5797,5798,5799,5800,5801,5802,5803,5804,5805,5806,5807,5808, # 1104 +5809,5810,5811,5812,5813,5814,5815,5816,5817,5818,5819,5820,5821,5822,5823,5824, # 1120 +5825,5826,5827,5828,5829,5830,5831,5832,5833,5834,5835,5836,5837,5838,5839,5840, # 1136 +5841,5842,5843,5844,5845,5846,5847,5848,5849,5850,5851,5852,5853,5854,5855,5856, # 1152 +5857,5858,5859,5860,5861,5862,5863,5864,5865,5866,5867,5868,5869,5870,5871,5872, # 1168 +5873,5874,5875,5876,5877,5878,5879,5880,5881,5882,5883,5884,5885,5886,5887,5888, # 1184 +5889,5890,5891,5892,5893,5894,5895,5896,5897,5898,5899,5900,5901,5902,5903,5904, # 1200 +5905,5906,5907,5908,5909,5910,5911,5912,5913,5914,5915,5916,5917,5918,5919,5920, # 1216 +5921,5922,5923,5924,5925,5926,5927,5928,5929,5930,5931,5932,5933,5934,5935,5936, # 1232 +5937,5938,5939,5940,5941,5942,5943,5944,5945,5946,5947,5948,5949,5950,5951,5952, # 1248 +5953,5954,5955,5956,5957,5958,5959,5960,5961,5962,5963,5964,5965,5966,5967,5968, # 1264 +5969,5970,5971,5972,5973,5974,5975,5976,5977,5978,5979,5980,5981,5982,5983,5984, # 1280 +5985,5986,5987,5988,5989,5990,5991,5992,5993,5994,5995,5996,5997,5998,5999,6000, # 1296 +6001,6002,6003,6004,6005,6006,6007,6008,6009,6010,6011,6012,6013,6014,6015,6016, # 1312 +6017,6018,6019,6020,6021,6022,6023,6024,6025,6026,6027,6028,6029,6030,6031,6032, # 1328 +6033,6034,6035,6036,6037,6038,6039,6040,6041,6042,6043,6044,6045,6046,6047,6048, # 1344 +6049,6050,6051,6052,6053,6054,6055,6056,6057,6058,6059,6060,6061,6062,6063,6064, # 1360 +6065,6066,6067,6068,6069,6070,6071,6072,6073,6074,6075,6076,6077,6078,6079,6080, # 1376 +6081,6082,6083,6084,6085,6086,6087,6088,6089,6090,6091,6092,6093,6094,6095,6096, # 1392 +6097,6098,6099,6100,6101,6102,6103,6104,6105,6106,6107,6108,6109,6110,6111,6112, # 1408 +6113,6114,2044,2060,4621, 997,1235, 473,1186,4622, 920,3378,6115,6116, 379,1108, # 1424 +4313,2657,2735,3934,6117,3809, 636,3233, 573,1026,3693,3435,2974,3300,2298,4105, # 1440 + 854,2937,2463, 393,2581,2417, 539, 752,1280,2750,2480, 140,1161, 440, 708,1569, # 1456 + 665,2497,1746,1291,1523,3000, 164,1603, 847,1331, 537,1997, 486, 508,1693,2418, # 1472 +1970,2227, 878,1220, 299,1030, 969, 652,2751, 624,1137,3301,2619, 65,3302,2045, # 1488 +1761,1859,3120,1930,3694,3516, 663,1767, 852, 835,3695, 269, 767,2826,2339,1305, # 1504 + 896,1150, 770,1616,6118, 506,1502,2075,1012,2519, 775,2520,2975,2340,2938,4314, # 1520 +3028,2086,1224,1943,2286,6119,3072,4315,2240,1273,1987,3935,1557, 175, 597, 985, # 1536 +3517,2419,2521,1416,3029, 585, 938,1931,1007,1052,1932,1685,6120,3379,4316,4623, # 1552 + 804, 599,3121,1333,2128,2539,1159,1554,2032,3810, 687,2033,2904, 952, 675,1467, # 1568 +3436,6121,2241,1096,1786,2440,1543,1924, 980,1813,2228, 781,2692,1879, 728,1918, # 1584 +3696,4624, 548,1950,4625,1809,1088,1356,3303,2522,1944, 502, 972, 373, 513,2827, # 1600 + 586,2377,2391,1003,1976,1631,6122,2464,1084, 648,1776,4626,2141, 324, 962,2012, # 1616 +2177,2076,1384, 742,2178,1448,1173,1810, 222, 102, 301, 445, 125,2420, 662,2498, # 1632 + 277, 200,1476,1165,1068, 224,2562,1378,1446, 450,1880, 659, 791, 582,4627,2939, # 1648 +3936,1516,1274, 555,2099,3697,1020,1389,1526,3380,1762,1723,1787,2229, 412,2114, # 1664 +1900,2392,3518, 512,2597, 427,1925,2341,3122,1653,1686,2465,2499, 697, 330, 273, # 1680 + 380,2162, 951, 832, 780, 991,1301,3073, 965,2270,3519, 668,2523,2636,1286, 535, # 1696 +1407, 518, 671, 957,2658,2378, 267, 611,2197,3030,6123, 248,2299, 967,1799,2356, # 1712 + 850,1418,3437,1876,1256,1480,2828,1718,6124,6125,1755,1664,2405,6126,4628,2879, # 1728 +2829, 499,2179, 676,4629, 557,2329,2214,2090, 325,3234, 464, 811,3001, 992,2342, # 1744 +2481,1232,1469, 303,2242, 466,1070,2163, 603,1777,2091,4630,2752,4631,2714, 322, # 1760 +2659,1964,1768, 481,2188,1463,2330,2857,3600,2092,3031,2421,4632,2318,2070,1849, # 1776 +2598,4633,1302,2254,1668,1701,2422,3811,2905,3032,3123,2046,4106,1763,1694,4634, # 1792 +1604, 943,1724,1454, 917, 868,2215,1169,2940, 552,1145,1800,1228,1823,1955, 316, # 1808 +1080,2510, 361,1807,2830,4107,2660,3381,1346,1423,1134,4108,6127, 541,1263,1229, # 1824 +1148,2540, 545, 465,1833,2880,3438,1901,3074,2482, 816,3937, 713,1788,2500, 122, # 1840 +1575, 195,1451,2501,1111,6128, 859, 374,1225,2243,2483,4317, 390,1033,3439,3075, # 1856 +2524,1687, 266, 793,1440,2599, 946, 779, 802, 507, 897,1081, 528,2189,1292, 711, # 1872 +1866,1725,1167,1640, 753, 398,2661,1053, 246, 348,4318, 137,1024,3440,1600,2077, # 1888 +2129, 825,4319, 698, 238, 521, 187,2300,1157,2423,1641,1605,1464,1610,1097,2541, # 1904 +1260,1436, 759,2255,1814,2150, 705,3235, 409,2563,3304, 561,3033,2005,2564, 726, # 1920 +1956,2343,3698,4109, 949,3812,3813,3520,1669, 653,1379,2525, 881,2198, 632,2256, # 1936 +1027, 778,1074, 733,1957, 514,1481,2466, 554,2180, 702,3938,1606,1017,1398,6129, # 1952 +1380,3521, 921, 993,1313, 594, 449,1489,1617,1166, 768,1426,1360, 495,1794,3601, # 1968 +1177,3602,1170,4320,2344, 476, 425,3167,4635,3168,1424, 401,2662,1171,3382,1998, # 1984 +1089,4110, 477,3169, 474,6130,1909, 596,2831,1842, 494, 693,1051,1028,1207,3076, # 2000 + 606,2115, 727,2790,1473,1115, 743,3522, 630, 805,1532,4321,2021, 366,1057, 838, # 2016 + 684,1114,2142,4322,2050,1492,1892,1808,2271,3814,2424,1971,1447,1373,3305,1090, # 2032 +1536,3939,3523,3306,1455,2199, 336, 369,2331,1035, 584,2393, 902, 718,2600,6131, # 2048 +2753, 463,2151,1149,1611,2467, 715,1308,3124,1268, 343,1413,3236,1517,1347,2663, # 2064 +2093,3940,2022,1131,1553,2100,2941,1427,3441,2942,1323,2484,6132,1980, 872,2368, # 2080 +2441,2943, 320,2369,2116,1082, 679,1933,3941,2791,3815, 625,1143,2023, 422,2200, # 2096 +3816,6133, 730,1695, 356,2257,1626,2301,2858,2637,1627,1778, 937, 883,2906,2693, # 2112 +3002,1769,1086, 400,1063,1325,3307,2792,4111,3077, 456,2345,1046, 747,6134,1524, # 2128 + 884,1094,3383,1474,2164,1059, 974,1688,2181,2258,1047, 345,1665,1187, 358, 875, # 2144 +3170, 305, 660,3524,2190,1334,1135,3171,1540,1649,2542,1527, 927, 968,2793, 885, # 2160 +1972,1850, 482, 500,2638,1218,1109,1085,2543,1654,2034, 876, 78,2287,1482,1277, # 2176 + 861,1675,1083,1779, 724,2754, 454, 397,1132,1612,2332, 893, 672,1237, 257,2259, # 2192 +2370, 135,3384, 337,2244, 547, 352, 340, 709,2485,1400, 788,1138,2511, 540, 772, # 2208 +1682,2260,2272,2544,2013,1843,1902,4636,1999,1562,2288,4637,2201,1403,1533, 407, # 2224 + 576,3308,1254,2071, 978,3385, 170, 136,1201,3125,2664,3172,2394, 213, 912, 873, # 2240 +3603,1713,2202, 699,3604,3699, 813,3442, 493, 531,1054, 468,2907,1483, 304, 281, # 2256 +4112,1726,1252,2094, 339,2319,2130,2639, 756,1563,2944, 748, 571,2976,1588,2425, # 2272 +2715,1851,1460,2426,1528,1392,1973,3237, 288,3309, 685,3386, 296, 892,2716,2216, # 2288 +1570,2245, 722,1747,2217, 905,3238,1103,6135,1893,1441,1965, 251,1805,2371,3700, # 2304 +2601,1919,1078, 75,2182,1509,1592,1270,2640,4638,2152,6136,3310,3817, 524, 706, # 2320 +1075, 292,3818,1756,2602, 317, 98,3173,3605,3525,1844,2218,3819,2502, 814, 567, # 2336 + 385,2908,1534,6137, 534,1642,3239, 797,6138,1670,1529, 953,4323, 188,1071, 538, # 2352 + 178, 729,3240,2109,1226,1374,2000,2357,2977, 731,2468,1116,2014,2051,6139,1261, # 2368 +1593, 803,2859,2736,3443, 556, 682, 823,1541,6140,1369,2289,1706,2794, 845, 462, # 2384 +2603,2665,1361, 387, 162,2358,1740, 739,1770,1720,1304,1401,3241,1049, 627,1571, # 2400 +2427,3526,1877,3942,1852,1500, 431,1910,1503, 677, 297,2795, 286,1433,1038,1198, # 2416 +2290,1133,1596,4113,4639,2469,1510,1484,3943,6141,2442, 108, 712,4640,2372, 866, # 2432 +3701,2755,3242,1348, 834,1945,1408,3527,2395,3243,1811, 824, 994,1179,2110,1548, # 2448 +1453, 790,3003, 690,4324,4325,2832,2909,3820,1860,3821, 225,1748, 310, 346,1780, # 2464 +2470, 821,1993,2717,2796, 828, 877,3528,2860,2471,1702,2165,2910,2486,1789, 453, # 2480 + 359,2291,1676, 73,1164,1461,1127,3311, 421, 604, 314,1037, 589, 116,2487, 737, # 2496 + 837,1180, 111, 244, 735,6142,2261,1861,1362, 986, 523, 418, 581,2666,3822, 103, # 2512 + 855, 503,1414,1867,2488,1091, 657,1597, 979, 605,1316,4641,1021,2443,2078,2001, # 2528 +1209, 96, 587,2166,1032, 260,1072,2153, 173, 94, 226,3244, 819,2006,4642,4114, # 2544 +2203, 231,1744, 782, 97,2667, 786,3387, 887, 391, 442,2219,4326,1425,6143,2694, # 2560 + 633,1544,1202, 483,2015, 592,2052,1958,2472,1655, 419, 129,4327,3444,3312,1714, # 2576 +1257,3078,4328,1518,1098, 865,1310,1019,1885,1512,1734, 469,2444, 148, 773, 436, # 2592 +1815,1868,1128,1055,4329,1245,2756,3445,2154,1934,1039,4643, 579,1238, 932,2320, # 2608 + 353, 205, 801, 115,2428, 944,2321,1881, 399,2565,1211, 678, 766,3944, 335,2101, # 2624 +1459,1781,1402,3945,2737,2131,1010, 844, 981,1326,1013, 550,1816,1545,2620,1335, # 2640 +1008, 371,2881, 936,1419,1613,3529,1456,1395,2273,1834,2604,1317,2738,2503, 416, # 2656 +1643,4330, 806,1126, 229, 591,3946,1314,1981,1576,1837,1666, 347,1790, 977,3313, # 2672 + 764,2861,1853, 688,2429,1920,1462, 77, 595, 415,2002,3034, 798,1192,4115,6144, # 2688 +2978,4331,3035,2695,2582,2072,2566, 430,2430,1727, 842,1396,3947,3702, 613, 377, # 2704 + 278, 236,1417,3388,3314,3174, 757,1869, 107,3530,6145,1194, 623,2262, 207,1253, # 2720 +2167,3446,3948, 492,1117,1935, 536,1838,2757,1246,4332, 696,2095,2406,1393,1572, # 2736 +3175,1782, 583, 190, 253,1390,2230, 830,3126,3389, 934,3245,1703,1749,2979,1870, # 2752 +2545,1656,2204, 869,2346,4116,3176,1817, 496,1764,4644, 942,1504, 404,1903,1122, # 2768 +1580,3606,2945,1022, 515, 372,1735, 955,2431,3036,6146,2797,1110,2302,2798, 617, # 2784 +6147, 441, 762,1771,3447,3607,3608,1904, 840,3037, 86, 939,1385, 572,1370,2445, # 2800 +1336, 114,3703, 898, 294, 203,3315, 703,1583,2274, 429, 961,4333,1854,1951,3390, # 2816 +2373,3704,4334,1318,1381, 966,1911,2322,1006,1155, 309, 989, 458,2718,1795,1372, # 2832 +1203, 252,1689,1363,3177, 517,1936, 168,1490, 562, 193,3823,1042,4117,1835, 551, # 2848 + 470,4645, 395, 489,3448,1871,1465,2583,2641, 417,1493, 279,1295, 511,1236,1119, # 2864 + 72,1231,1982,1812,3004, 871,1564, 984,3449,1667,2696,2096,4646,2347,2833,1673, # 2880 +3609, 695,3246,2668, 807,1183,4647, 890, 388,2333,1801,1457,2911,1765,1477,1031, # 2896 +3316,3317,1278,3391,2799,2292,2526, 163,3450,4335,2669,1404,1802,6148,2323,2407, # 2912 +1584,1728,1494,1824,1269, 298, 909,3318,1034,1632, 375, 776,1683,2061, 291, 210, # 2928 +1123, 809,1249,1002,2642,3038, 206,1011,2132, 144, 975, 882,1565, 342, 667, 754, # 2944 +1442,2143,1299,2303,2062, 447, 626,2205,1221,2739,2912,1144,1214,2206,2584, 760, # 2960 +1715, 614, 950,1281,2670,2621, 810, 577,1287,2546,4648, 242,2168, 250,2643, 691, # 2976 + 123,2644, 647, 313,1029, 689,1357,2946,1650, 216, 771,1339,1306, 808,2063, 549, # 2992 + 913,1371,2913,2914,6149,1466,1092,1174,1196,1311,2605,2396,1783,1796,3079, 406, # 3008 +2671,2117,3949,4649, 487,1825,2220,6150,2915, 448,2348,1073,6151,2397,1707, 130, # 3024 + 900,1598, 329, 176,1959,2527,1620,6152,2275,4336,3319,1983,2191,3705,3610,2155, # 3040 +3706,1912,1513,1614,6153,1988, 646, 392,2304,1589,3320,3039,1826,1239,1352,1340, # 3056 +2916, 505,2567,1709,1437,2408,2547, 906,6154,2672, 384,1458,1594,1100,1329, 710, # 3072 + 423,3531,2064,2231,2622,1989,2673,1087,1882, 333, 841,3005,1296,2882,2379, 580, # 3088 +1937,1827,1293,2585, 601, 574, 249,1772,4118,2079,1120, 645, 901,1176,1690, 795, # 3104 +2207, 478,1434, 516,1190,1530, 761,2080, 930,1264, 355, 435,1552, 644,1791, 987, # 3120 + 220,1364,1163,1121,1538, 306,2169,1327,1222, 546,2645, 218, 241, 610,1704,3321, # 3136 +1984,1839,1966,2528, 451,6155,2586,3707,2568, 907,3178, 254,2947, 186,1845,4650, # 3152 + 745, 432,1757, 428,1633, 888,2246,2221,2489,3611,2118,1258,1265, 956,3127,1784, # 3168 +4337,2490, 319, 510, 119, 457,3612, 274,2035,2007,4651,1409,3128, 970,2758, 590, # 3184 +2800, 661,2247,4652,2008,3950,1420,1549,3080,3322,3951,1651,1375,2111, 485,2491, # 3200 +1429,1156,6156,2548,2183,1495, 831,1840,2529,2446, 501,1657, 307,1894,3247,1341, # 3216 + 666, 899,2156,1539,2549,1559, 886, 349,2208,3081,2305,1736,3824,2170,2759,1014, # 3232 +1913,1386, 542,1397,2948, 490, 368, 716, 362, 159, 282,2569,1129,1658,1288,1750, # 3248 +2674, 276, 649,2016, 751,1496, 658,1818,1284,1862,2209,2087,2512,3451, 622,2834, # 3264 + 376, 117,1060,2053,1208,1721,1101,1443, 247,1250,3179,1792,3952,2760,2398,3953, # 3280 +6157,2144,3708, 446,2432,1151,2570,3452,2447,2761,2835,1210,2448,3082, 424,2222, # 3296 +1251,2449,2119,2836, 504,1581,4338, 602, 817, 857,3825,2349,2306, 357,3826,1470, # 3312 +1883,2883, 255, 958, 929,2917,3248, 302,4653,1050,1271,1751,2307,1952,1430,2697, # 3328 +2719,2359, 354,3180, 777, 158,2036,4339,1659,4340,4654,2308,2949,2248,1146,2232, # 3344 +3532,2720,1696,2623,3827,6158,3129,1550,2698,1485,1297,1428, 637, 931,2721,2145, # 3360 + 914,2550,2587, 81,2450, 612, 827,2646,1242,4655,1118,2884, 472,1855,3181,3533, # 3376 +3534, 569,1353,2699,1244,1758,2588,4119,2009,2762,2171,3709,1312,1531,6159,1152, # 3392 +1938, 134,1830, 471,3710,2276,1112,1535,3323,3453,3535, 982,1337,2950, 488, 826, # 3408 + 674,1058,1628,4120,2017, 522,2399, 211, 568,1367,3454, 350, 293,1872,1139,3249, # 3424 +1399,1946,3006,1300,2360,3324, 588, 736,6160,2606, 744, 669,3536,3828,6161,1358, # 3440 + 199, 723, 848, 933, 851,1939,1505,1514,1338,1618,1831,4656,1634,3613, 443,2740, # 3456 +3829, 717,1947, 491,1914,6162,2551,1542,4121,1025,6163,1099,1223, 198,3040,2722, # 3472 + 370, 410,1905,2589, 998,1248,3182,2380, 519,1449,4122,1710, 947, 928,1153,4341, # 3488 +2277, 344,2624,1511, 615, 105, 161,1212,1076,1960,3130,2054,1926,1175,1906,2473, # 3504 + 414,1873,2801,6164,2309, 315,1319,3325, 318,2018,2146,2157, 963, 631, 223,4342, # 3520 +4343,2675, 479,3711,1197,2625,3712,2676,2361,6165,4344,4123,6166,2451,3183,1886, # 3536 +2184,1674,1330,1711,1635,1506, 799, 219,3250,3083,3954,1677,3713,3326,2081,3614, # 3552 +1652,2073,4657,1147,3041,1752, 643,1961, 147,1974,3955,6167,1716,2037, 918,3007, # 3568 +1994, 120,1537, 118, 609,3184,4345, 740,3455,1219, 332,1615,3830,6168,1621,2980, # 3584 +1582, 783, 212, 553,2350,3714,1349,2433,2082,4124, 889,6169,2310,1275,1410, 973, # 3600 + 166,1320,3456,1797,1215,3185,2885,1846,2590,2763,4658, 629, 822,3008, 763, 940, # 3616 +1990,2862, 439,2409,1566,1240,1622, 926,1282,1907,2764, 654,2210,1607, 327,1130, # 3632 +3956,1678,1623,6170,2434,2192, 686, 608,3831,3715, 903,3957,3042,6171,2741,1522, # 3648 +1915,1105,1555,2552,1359, 323,3251,4346,3457, 738,1354,2553,2311,2334,1828,2003, # 3664 +3832,1753,2351,1227,6172,1887,4125,1478,6173,2410,1874,1712,1847, 520,1204,2607, # 3680 + 264,4659, 836,2677,2102, 600,4660,3833,2278,3084,6174,4347,3615,1342, 640, 532, # 3696 + 543,2608,1888,2400,2591,1009,4348,1497, 341,1737,3616,2723,1394, 529,3252,1321, # 3712 + 983,4661,1515,2120, 971,2592, 924, 287,1662,3186,4349,2700,4350,1519, 908,1948, # 3728 +2452, 156, 796,1629,1486,2223,2055, 694,4126,1259,1036,3392,1213,2249,2742,1889, # 3744 +1230,3958,1015, 910, 408, 559,3617,4662, 746, 725, 935,4663,3959,3009,1289, 563, # 3760 + 867,4664,3960,1567,2981,2038,2626, 988,2263,2381,4351, 143,2374, 704,1895,6175, # 3776 +1188,3716,2088, 673,3085,2362,4352, 484,1608,1921,2765,2918, 215, 904,3618,3537, # 3792 + 894, 509, 976,3043,2701,3961,4353,2837,2982, 498,6176,6177,1102,3538,1332,3393, # 3808 +1487,1636,1637, 233, 245,3962, 383, 650, 995,3044, 460,1520,1206,2352, 749,3327, # 3824 + 530, 700, 389,1438,1560,1773,3963,2264, 719,2951,2724,3834, 870,1832,1644,1000, # 3840 + 839,2474,3717, 197,1630,3394, 365,2886,3964,1285,2133, 734, 922, 818,1106, 732, # 3856 + 480,2083,1774,3458, 923,2279,1350, 221,3086, 85,2233,2234,3835,1585,3010,2147, # 3872 +1387,1705,2382,1619,2475, 133, 239,2802,1991,1016,2084,2383, 411,2838,1113, 651, # 3888 +1985,1160,3328, 990,1863,3087,1048,1276,2647, 265,2627,1599,3253,2056, 150, 638, # 3904 +2019, 656, 853, 326,1479, 680,1439,4354,1001,1759, 413,3459,3395,2492,1431, 459, # 3920 +4355,1125,3329,2265,1953,1450,2065,2863, 849, 351,2678,3131,3254,3255,1104,1577, # 3936 + 227,1351,1645,2453,2193,1421,2887, 812,2121, 634, 95,2435, 201,2312,4665,1646, # 3952 +1671,2743,1601,2554,2702,2648,2280,1315,1366,2089,3132,1573,3718,3965,1729,1189, # 3968 + 328,2679,1077,1940,1136, 558,1283, 964,1195, 621,2074,1199,1743,3460,3619,1896, # 3984 +1916,1890,3836,2952,1154,2112,1064, 862, 378,3011,2066,2113,2803,1568,2839,6178, # 4000 +3088,2919,1941,1660,2004,1992,2194, 142, 707,1590,1708,1624,1922,1023,1836,1233, # 4016 +1004,2313, 789, 741,3620,6179,1609,2411,1200,4127,3719,3720,4666,2057,3721, 593, # 4032 +2840, 367,2920,1878,6180,3461,1521, 628,1168, 692,2211,2649, 300, 720,2067,2571, # 4048 +2953,3396, 959,2504,3966,3539,3462,1977, 701,6181, 954,1043, 800, 681, 183,3722, # 4064 +1803,1730,3540,4128,2103, 815,2314, 174, 467, 230,2454,1093,2134, 755,3541,3397, # 4080 +1141,1162,6182,1738,2039, 270,3256,2513,1005,1647,2185,3837, 858,1679,1897,1719, # 4096 +2954,2324,1806, 402, 670, 167,4129,1498,2158,2104, 750,6183, 915, 189,1680,1551, # 4112 + 455,4356,1501,2455, 405,1095,2955, 338,1586,1266,1819, 570, 641,1324, 237,1556, # 4128 +2650,1388,3723,6184,1368,2384,1343,1978,3089,2436, 879,3724, 792,1191, 758,3012, # 4144 +1411,2135,1322,4357, 240,4667,1848,3725,1574,6185, 420,3045,1546,1391, 714,4358, # 4160 +1967, 941,1864, 863, 664, 426, 560,1731,2680,1785,2864,1949,2363, 403,3330,1415, # 4176 +1279,2136,1697,2335, 204, 721,2097,3838, 90,6186,2085,2505, 191,3967, 124,2148, # 4192 +1376,1798,1178,1107,1898,1405, 860,4359,1243,1272,2375,2983,1558,2456,1638, 113, # 4208 +3621, 578,1923,2609, 880, 386,4130, 784,2186,2266,1422,2956,2172,1722, 497, 263, # 4224 +2514,1267,2412,2610, 177,2703,3542, 774,1927,1344, 616,1432,1595,1018, 172,4360, # 4240 +2325, 911,4361, 438,1468,3622, 794,3968,2024,2173,1681,1829,2957, 945, 895,3090, # 4256 + 575,2212,2476, 475,2401,2681, 785,2744,1745,2293,2555,1975,3133,2865, 394,4668, # 4272 +3839, 635,4131, 639, 202,1507,2195,2766,1345,1435,2572,3726,1908,1184,1181,2457, # 4288 +3727,3134,4362, 843,2611, 437, 916,4669, 234, 769,1884,3046,3047,3623, 833,6187, # 4304 +1639,2250,2402,1355,1185,2010,2047, 999, 525,1732,1290,1488,2612, 948,1578,3728, # 4320 +2413,2477,1216,2725,2159, 334,3840,1328,3624,2921,1525,4132, 564,1056, 891,4363, # 4336 +1444,1698,2385,2251,3729,1365,2281,2235,1717,6188, 864,3841,2515, 444, 527,2767, # 4352 +2922,3625, 544, 461,6189, 566, 209,2437,3398,2098,1065,2068,3331,3626,3257,2137, # 4368 #last 512 +) + + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/jpcntx.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/jpcntx.py new file mode 100644 index 000000000..20044e4bc --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/jpcntx.py @@ -0,0 +1,233 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Communicator client code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + + +# This is hiragana 2-char sequence table, the number in each cell represents its frequency category +jp2CharContext = ( +(0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1), +(2,4,0,4,0,3,0,4,0,3,4,4,4,2,4,3,3,4,3,2,3,3,4,2,3,3,3,2,4,1,4,3,3,1,5,4,3,4,3,4,3,5,3,0,3,5,4,2,0,3,1,0,3,3,0,3,3,0,1,1,0,4,3,0,3,3,0,4,0,2,0,3,5,5,5,5,4,0,4,1,0,3,4), +(0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2), +(0,4,0,5,0,5,0,4,0,4,5,4,4,3,5,3,5,1,5,3,4,3,4,4,3,4,3,3,4,3,5,4,4,3,5,5,3,5,5,5,3,5,5,3,4,5,5,3,1,3,2,0,3,4,0,4,2,0,4,2,1,5,3,2,3,5,0,4,0,2,0,5,4,4,5,4,5,0,4,0,0,4,4), +(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0), +(0,3,0,4,0,3,0,3,0,4,5,4,3,3,3,3,4,3,5,4,4,3,5,4,4,3,4,3,4,4,4,4,5,3,4,4,3,4,5,5,4,5,5,1,4,5,4,3,0,3,3,1,3,3,0,4,4,0,3,3,1,5,3,3,3,5,0,4,0,3,0,4,4,3,4,3,3,0,4,1,1,3,4), +(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0), +(0,4,0,3,0,3,0,4,0,3,4,4,3,2,2,1,2,1,3,1,3,3,3,3,3,4,3,1,3,3,5,3,3,0,4,3,0,5,4,3,3,5,4,4,3,4,4,5,0,1,2,0,1,2,0,2,2,0,1,0,0,5,2,2,1,4,0,3,0,1,0,4,4,3,5,4,3,0,2,1,0,4,3), +(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0), +(0,3,0,5,0,4,0,2,1,4,4,2,4,1,4,2,4,2,4,3,3,3,4,3,3,3,3,1,4,2,3,3,3,1,4,4,1,1,1,4,3,3,2,0,2,4,3,2,0,3,3,0,3,1,1,0,0,0,3,3,0,4,2,2,3,4,0,4,0,3,0,4,4,5,3,4,4,0,3,0,0,1,4), +(1,4,0,4,0,4,0,4,0,3,5,4,4,3,4,3,5,4,3,3,4,3,5,4,4,4,4,3,4,2,4,3,3,1,5,4,3,2,4,5,4,5,5,4,4,5,4,4,0,3,2,2,3,3,0,4,3,1,3,2,1,4,3,3,4,5,0,3,0,2,0,4,5,5,4,5,4,0,4,0,0,5,4), +(0,5,0,5,0,4,0,3,0,4,4,3,4,3,3,3,4,0,4,4,4,3,4,3,4,3,3,1,4,2,4,3,4,0,5,4,1,4,5,4,4,5,3,2,4,3,4,3,2,4,1,3,3,3,2,3,2,0,4,3,3,4,3,3,3,4,0,4,0,3,0,4,5,4,4,4,3,0,4,1,0,1,3), +(0,3,1,4,0,3,0,2,0,3,4,4,3,1,4,2,3,3,4,3,4,3,4,3,4,4,3,2,3,1,5,4,4,1,4,4,3,5,4,4,3,5,5,4,3,4,4,3,1,2,3,1,2,2,0,3,2,0,3,1,0,5,3,3,3,4,3,3,3,3,4,4,4,4,5,4,2,0,3,3,2,4,3), +(0,2,0,3,0,1,0,1,0,0,3,2,0,0,2,0,1,0,2,1,3,3,3,1,2,3,1,0,1,0,4,2,1,1,3,3,0,4,3,3,1,4,3,3,0,3,3,2,0,0,0,0,1,0,0,2,0,0,0,0,0,4,1,0,2,3,2,2,2,1,3,3,3,4,4,3,2,0,3,1,0,3,3), +(0,4,0,4,0,3,0,3,0,4,4,4,3,3,3,3,3,3,4,3,4,2,4,3,4,3,3,2,4,3,4,5,4,1,4,5,3,5,4,5,3,5,4,0,3,5,5,3,1,3,3,2,2,3,0,3,4,1,3,3,2,4,3,3,3,4,0,4,0,3,0,4,5,4,4,5,3,0,4,1,0,3,4), +(0,2,0,3,0,3,0,0,0,2,2,2,1,0,1,0,0,0,3,0,3,0,3,0,1,3,1,0,3,1,3,3,3,1,3,3,3,0,1,3,1,3,4,0,0,3,1,1,0,3,2,0,0,0,0,1,3,0,1,0,0,3,3,2,0,3,0,0,0,0,0,3,4,3,4,3,3,0,3,0,0,2,3), +(2,3,0,3,0,2,0,1,0,3,3,4,3,1,3,1,1,1,3,1,4,3,4,3,3,3,0,0,3,1,5,4,3,1,4,3,2,5,5,4,4,4,4,3,3,4,4,4,0,2,1,1,3,2,0,1,2,0,0,1,0,4,1,3,3,3,0,3,0,1,0,4,4,4,5,5,3,0,2,0,0,4,4), +(0,2,0,1,0,3,1,3,0,2,3,3,3,0,3,1,0,0,3,0,3,2,3,1,3,2,1,1,0,0,4,2,1,0,2,3,1,4,3,2,0,4,4,3,1,3,1,3,0,1,0,0,1,0,0,0,1,0,0,0,0,4,1,1,1,2,0,3,0,0,0,3,4,2,4,3,2,0,1,0,0,3,3), +(0,1,0,4,0,5,0,4,0,2,4,4,2,3,3,2,3,3,5,3,3,3,4,3,4,2,3,0,4,3,3,3,4,1,4,3,2,1,5,5,3,4,5,1,3,5,4,2,0,3,3,0,1,3,0,4,2,0,1,3,1,4,3,3,3,3,0,3,0,1,0,3,4,4,4,5,5,0,3,0,1,4,5), +(0,2,0,3,0,3,0,0,0,2,3,1,3,0,4,0,1,1,3,0,3,4,3,2,3,1,0,3,3,2,3,1,3,0,2,3,0,2,1,4,1,2,2,0,0,3,3,0,0,2,0,0,0,1,0,0,0,0,2,2,0,3,2,1,3,3,0,2,0,2,0,0,3,3,1,2,4,0,3,0,2,2,3), +(2,4,0,5,0,4,0,4,0,2,4,4,4,3,4,3,3,3,1,2,4,3,4,3,4,4,5,0,3,3,3,3,2,0,4,3,1,4,3,4,1,4,4,3,3,4,4,3,1,2,3,0,4,2,0,4,1,0,3,3,0,4,3,3,3,4,0,4,0,2,0,3,5,3,4,5,2,0,3,0,0,4,5), +(0,3,0,4,0,1,0,1,0,1,3,2,2,1,3,0,3,0,2,0,2,0,3,0,2,0,0,0,1,0,1,1,0,0,3,1,0,0,0,4,0,3,1,0,2,1,3,0,0,0,0,0,0,3,0,0,0,0,0,0,0,4,2,2,3,1,0,3,0,0,0,1,4,4,4,3,0,0,4,0,0,1,4), +(1,4,1,5,0,3,0,3,0,4,5,4,4,3,5,3,3,4,4,3,4,1,3,3,3,3,2,1,4,1,5,4,3,1,4,4,3,5,4,4,3,5,4,3,3,4,4,4,0,3,3,1,2,3,0,3,1,0,3,3,0,5,4,4,4,4,4,4,3,3,5,4,4,3,3,5,4,0,3,2,0,4,4), +(0,2,0,3,0,1,0,0,0,1,3,3,3,2,4,1,3,0,3,1,3,0,2,2,1,1,0,0,2,0,4,3,1,0,4,3,0,4,4,4,1,4,3,1,1,3,3,1,0,2,0,0,1,3,0,0,0,0,2,0,0,4,3,2,4,3,5,4,3,3,3,4,3,3,4,3,3,0,2,1,0,3,3), +(0,2,0,4,0,3,0,2,0,2,5,5,3,4,4,4,4,1,4,3,3,0,4,3,4,3,1,3,3,2,4,3,0,3,4,3,0,3,4,4,2,4,4,0,4,5,3,3,2,2,1,1,1,2,0,1,5,0,3,3,2,4,3,3,3,4,0,3,0,2,0,4,4,3,5,5,0,0,3,0,2,3,3), +(0,3,0,4,0,3,0,1,0,3,4,3,3,1,3,3,3,0,3,1,3,0,4,3,3,1,1,0,3,0,3,3,0,0,4,4,0,1,5,4,3,3,5,0,3,3,4,3,0,2,0,1,1,1,0,1,3,0,1,2,1,3,3,2,3,3,0,3,0,1,0,1,3,3,4,4,1,0,1,2,2,1,3), +(0,1,0,4,0,4,0,3,0,1,3,3,3,2,3,1,1,0,3,0,3,3,4,3,2,4,2,0,1,0,4,3,2,0,4,3,0,5,3,3,2,4,4,4,3,3,3,4,0,1,3,0,0,1,0,0,1,0,0,0,0,4,2,3,3,3,0,3,0,0,0,4,4,4,5,3,2,0,3,3,0,3,5), +(0,2,0,3,0,0,0,3,0,1,3,0,2,0,0,0,1,0,3,1,1,3,3,0,0,3,0,0,3,0,2,3,1,0,3,1,0,3,3,2,0,4,2,2,0,2,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,2,1,2,0,1,0,1,0,0,0,1,3,1,2,0,0,0,1,0,0,1,4), +(0,3,0,3,0,5,0,1,0,2,4,3,1,3,3,2,1,1,5,2,1,0,5,1,2,0,0,0,3,3,2,2,3,2,4,3,0,0,3,3,1,3,3,0,2,5,3,4,0,3,3,0,1,2,0,2,2,0,3,2,0,2,2,3,3,3,0,2,0,1,0,3,4,4,2,5,4,0,3,0,0,3,5), +(0,3,0,3,0,3,0,1,0,3,3,3,3,0,3,0,2,0,2,1,1,0,2,0,1,0,0,0,2,1,0,0,1,0,3,2,0,0,3,3,1,2,3,1,0,3,3,0,0,1,0,0,0,0,0,2,0,0,0,0,0,2,3,1,2,3,0,3,0,1,0,3,2,1,0,4,3,0,1,1,0,3,3), +(0,4,0,5,0,3,0,3,0,4,5,5,4,3,5,3,4,3,5,3,3,2,5,3,4,4,4,3,4,3,4,5,5,3,4,4,3,4,4,5,4,4,4,3,4,5,5,4,2,3,4,2,3,4,0,3,3,1,4,3,2,4,3,3,5,5,0,3,0,3,0,5,5,5,5,4,4,0,4,0,1,4,4), +(0,4,0,4,0,3,0,3,0,3,5,4,4,2,3,2,5,1,3,2,5,1,4,2,3,2,3,3,4,3,3,3,3,2,5,4,1,3,3,5,3,4,4,0,4,4,3,1,1,3,1,0,2,3,0,2,3,0,3,0,0,4,3,1,3,4,0,3,0,2,0,4,4,4,3,4,5,0,4,0,0,3,4), +(0,3,0,3,0,3,1,2,0,3,4,4,3,3,3,0,2,2,4,3,3,1,3,3,3,1,1,0,3,1,4,3,2,3,4,4,2,4,4,4,3,4,4,3,2,4,4,3,1,3,3,1,3,3,0,4,1,0,2,2,1,4,3,2,3,3,5,4,3,3,5,4,4,3,3,0,4,0,3,2,2,4,4), +(0,2,0,1,0,0,0,0,0,1,2,1,3,0,0,0,0,0,2,0,1,2,1,0,0,1,0,0,0,0,3,0,0,1,0,1,1,3,1,0,0,0,1,1,0,1,1,0,0,0,0,0,2,0,0,0,0,0,0,0,0,1,1,2,2,0,3,4,0,0,0,1,1,0,0,1,0,0,0,0,0,1,1), +(0,1,0,0,0,1,0,0,0,0,4,0,4,1,4,0,3,0,4,0,3,0,4,0,3,0,3,0,4,1,5,1,4,0,0,3,0,5,0,5,2,0,1,0,0,0,2,1,4,0,1,3,0,0,3,0,0,3,1,1,4,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0), +(1,4,0,5,0,3,0,2,0,3,5,4,4,3,4,3,5,3,4,3,3,0,4,3,3,3,3,3,3,2,4,4,3,1,3,4,4,5,4,4,3,4,4,1,3,5,4,3,3,3,1,2,2,3,3,1,3,1,3,3,3,5,3,3,4,5,0,3,0,3,0,3,4,3,4,4,3,0,3,0,2,4,3), +(0,1,0,4,0,0,0,0,0,1,4,0,4,1,4,2,4,0,3,0,1,0,1,0,0,0,0,0,2,0,3,1,1,1,0,3,0,0,0,1,2,1,0,0,1,1,1,1,0,1,0,0,0,1,0,0,3,0,0,0,0,3,2,0,2,2,0,1,0,0,0,2,3,2,3,3,0,0,0,0,2,1,0), +(0,5,1,5,0,3,0,3,0,5,4,4,5,1,5,3,3,0,4,3,4,3,5,3,4,3,3,2,4,3,4,3,3,0,3,3,1,4,4,3,4,4,4,3,4,5,5,3,2,3,1,1,3,3,1,3,1,1,3,3,2,4,5,3,3,5,0,4,0,3,0,4,4,3,5,3,3,0,3,4,0,4,3), +(0,5,0,5,0,3,0,2,0,4,4,3,5,2,4,3,3,3,4,4,4,3,5,3,5,3,3,1,4,0,4,3,3,0,3,3,0,4,4,4,4,5,4,3,3,5,5,3,2,3,1,2,3,2,0,1,0,0,3,2,2,4,4,3,1,5,0,4,0,3,0,4,3,1,3,2,1,0,3,3,0,3,3), +(0,4,0,5,0,5,0,4,0,4,5,5,5,3,4,3,3,2,5,4,4,3,5,3,5,3,4,0,4,3,4,4,3,2,4,4,3,4,5,4,4,5,5,0,3,5,5,4,1,3,3,2,3,3,1,3,1,0,4,3,1,4,4,3,4,5,0,4,0,2,0,4,3,4,4,3,3,0,4,0,0,5,5), +(0,4,0,4,0,5,0,1,1,3,3,4,4,3,4,1,3,0,5,1,3,0,3,1,3,1,1,0,3,0,3,3,4,0,4,3,0,4,4,4,3,4,4,0,3,5,4,1,0,3,0,0,2,3,0,3,1,0,3,1,0,3,2,1,3,5,0,3,0,1,0,3,2,3,3,4,4,0,2,2,0,4,4), +(2,4,0,5,0,4,0,3,0,4,5,5,4,3,5,3,5,3,5,3,5,2,5,3,4,3,3,4,3,4,5,3,2,1,5,4,3,2,3,4,5,3,4,1,2,5,4,3,0,3,3,0,3,2,0,2,3,0,4,1,0,3,4,3,3,5,0,3,0,1,0,4,5,5,5,4,3,0,4,2,0,3,5), +(0,5,0,4,0,4,0,2,0,5,4,3,4,3,4,3,3,3,4,3,4,2,5,3,5,3,4,1,4,3,4,4,4,0,3,5,0,4,4,4,4,5,3,1,3,4,5,3,3,3,3,3,3,3,0,2,2,0,3,3,2,4,3,3,3,5,3,4,1,3,3,5,3,2,0,0,0,0,4,3,1,3,3), +(0,1,0,3,0,3,0,1,0,1,3,3,3,2,3,3,3,0,3,0,0,0,3,1,3,0,0,0,2,2,2,3,0,0,3,2,0,1,2,4,1,3,3,0,0,3,3,3,0,1,0,0,2,1,0,0,3,0,3,1,0,3,0,0,1,3,0,2,0,1,0,3,3,1,3,3,0,0,1,1,0,3,3), +(0,2,0,3,0,2,1,4,0,2,2,3,1,1,3,1,1,0,2,0,3,1,2,3,1,3,0,0,1,0,4,3,2,3,3,3,1,4,2,3,3,3,3,1,0,3,1,4,0,1,1,0,1,2,0,1,1,0,1,1,0,3,1,3,2,2,0,1,0,0,0,2,3,3,3,1,0,0,0,0,0,2,3), +(0,5,0,4,0,5,0,2,0,4,5,5,3,3,4,3,3,1,5,4,4,2,4,4,4,3,4,2,4,3,5,5,4,3,3,4,3,3,5,5,4,5,5,1,3,4,5,3,1,4,3,1,3,3,0,3,3,1,4,3,1,4,5,3,3,5,0,4,0,3,0,5,3,3,1,4,3,0,4,0,1,5,3), +(0,5,0,5,0,4,0,2,0,4,4,3,4,3,3,3,3,3,5,4,4,4,4,4,4,5,3,3,5,2,4,4,4,3,4,4,3,3,4,4,5,5,3,3,4,3,4,3,3,4,3,3,3,3,1,2,2,1,4,3,3,5,4,4,3,4,0,4,0,3,0,4,4,4,4,4,1,0,4,2,0,2,4), +(0,4,0,4,0,3,0,1,0,3,5,2,3,0,3,0,2,1,4,2,3,3,4,1,4,3,3,2,4,1,3,3,3,0,3,3,0,0,3,3,3,5,3,3,3,3,3,2,0,2,0,0,2,0,0,2,0,0,1,0,0,3,1,2,2,3,0,3,0,2,0,4,4,3,3,4,1,0,3,0,0,2,4), +(0,0,0,4,0,0,0,0,0,0,1,0,1,0,2,0,0,0,0,0,1,0,2,0,1,0,0,0,0,0,3,1,3,0,3,2,0,0,0,1,0,3,2,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,4,0,2,0,0,0,0,0,0,2), +(0,2,1,3,0,2,0,2,0,3,3,3,3,1,3,1,3,3,3,3,3,3,4,2,2,1,2,1,4,0,4,3,1,3,3,3,2,4,3,5,4,3,3,3,3,3,3,3,0,1,3,0,2,0,0,1,0,0,1,0,0,4,2,0,2,3,0,3,3,0,3,3,4,2,3,1,4,0,1,2,0,2,3), +(0,3,0,3,0,1,0,3,0,2,3,3,3,0,3,1,2,0,3,3,2,3,3,2,3,2,3,1,3,0,4,3,2,0,3,3,1,4,3,3,2,3,4,3,1,3,3,1,1,0,1,1,0,1,0,1,0,1,0,0,0,4,1,1,0,3,0,3,1,0,2,3,3,3,3,3,1,0,0,2,0,3,3), +(0,0,0,0,0,0,0,0,0,0,3,0,2,0,3,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,3,0,3,0,3,1,0,1,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,2,0,2,3,0,0,0,0,0,0,0,0,3), +(0,2,0,3,1,3,0,3,0,2,3,3,3,1,3,1,3,1,3,1,3,3,3,1,3,0,2,3,1,1,4,3,3,2,3,3,1,2,2,4,1,3,3,0,1,4,2,3,0,1,3,0,3,0,0,1,3,0,2,0,0,3,3,2,1,3,0,3,0,2,0,3,4,4,4,3,1,0,3,0,0,3,3), +(0,2,0,1,0,2,0,0,0,1,3,2,2,1,3,0,1,1,3,0,3,2,3,1,2,0,2,0,1,1,3,3,3,0,3,3,1,1,2,3,2,3,3,1,2,3,2,0,0,1,0,0,0,0,0,0,3,0,1,0,0,2,1,2,1,3,0,3,0,0,0,3,4,4,4,3,2,0,2,0,0,2,4), +(0,0,0,1,0,1,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,2,2,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,1,3,1,0,0,0,0,0,0,0,3), +(0,3,0,3,0,2,0,3,0,3,3,3,2,3,2,2,2,0,3,1,3,3,3,2,3,3,0,0,3,0,3,2,2,0,2,3,1,4,3,4,3,3,2,3,1,5,4,4,0,3,1,2,1,3,0,3,1,1,2,0,2,3,1,3,1,3,0,3,0,1,0,3,3,4,4,2,1,0,2,1,0,2,4), +(0,1,0,3,0,1,0,2,0,1,4,2,5,1,4,0,2,0,2,1,3,1,4,0,2,1,0,0,2,1,4,1,1,0,3,3,0,5,1,3,2,3,3,1,0,3,2,3,0,1,0,0,0,0,0,0,1,0,0,0,0,4,0,1,0,3,0,2,0,1,0,3,3,3,4,3,3,0,0,0,0,2,3), +(0,0,0,1,0,0,0,0,0,0,2,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,1,0,0,1,0,0,0,0,0,3), +(0,1,0,3,0,4,0,3,0,2,4,3,1,0,3,2,2,1,3,1,2,2,3,1,1,1,2,1,3,0,1,2,0,1,3,2,1,3,0,5,5,1,0,0,1,3,2,1,0,3,0,0,1,0,0,0,0,0,3,4,0,1,1,1,3,2,0,2,0,1,0,2,3,3,1,2,3,0,1,0,1,0,4), +(0,0,0,1,0,3,0,3,0,2,2,1,0,0,4,0,3,0,3,1,3,0,3,0,3,0,1,0,3,0,3,1,3,0,3,3,0,0,1,2,1,1,1,0,1,2,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,2,2,1,2,0,0,2,0,0,0,0,2,3,3,3,3,0,0,0,0,1,4), +(0,0,0,3,0,3,0,0,0,0,3,1,1,0,3,0,1,0,2,0,1,0,0,0,0,0,0,0,1,0,3,0,2,0,2,3,0,0,2,2,3,1,2,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,2,0,0,0,0,2,3), +(2,4,0,5,0,5,0,4,0,3,4,3,3,3,4,3,3,3,4,3,4,4,5,4,5,5,5,2,3,0,5,5,4,1,5,4,3,1,5,4,3,4,4,3,3,4,3,3,0,3,2,0,2,3,0,3,0,0,3,3,0,5,3,2,3,3,0,3,0,3,0,3,4,5,4,5,3,0,4,3,0,3,4), +(0,3,0,3,0,3,0,3,0,3,3,4,3,2,3,2,3,0,4,3,3,3,3,3,3,3,3,0,3,2,4,3,3,1,3,4,3,4,4,4,3,4,4,3,2,4,4,1,0,2,0,0,1,1,0,2,0,0,3,1,0,5,3,2,1,3,0,3,0,1,2,4,3,2,4,3,3,0,3,2,0,4,4), +(0,3,0,3,0,1,0,0,0,1,4,3,3,2,3,1,3,1,4,2,3,2,4,2,3,4,3,0,2,2,3,3,3,0,3,3,3,0,3,4,1,3,3,0,3,4,3,3,0,1,1,0,1,0,0,0,4,0,3,0,0,3,1,2,1,3,0,4,0,1,0,4,3,3,4,3,3,0,2,0,0,3,3), +(0,3,0,4,0,1,0,3,0,3,4,3,3,0,3,3,3,1,3,1,3,3,4,3,3,3,0,0,3,1,5,3,3,1,3,3,2,5,4,3,3,4,5,3,2,5,3,4,0,1,0,0,0,0,0,2,0,0,1,1,0,4,2,2,1,3,0,3,0,2,0,4,4,3,5,3,2,0,1,1,0,3,4), +(0,5,0,4,0,5,0,2,0,4,4,3,3,2,3,3,3,1,4,3,4,1,5,3,4,3,4,0,4,2,4,3,4,1,5,4,0,4,4,4,4,5,4,1,3,5,4,2,1,4,1,1,3,2,0,3,1,0,3,2,1,4,3,3,3,4,0,4,0,3,0,4,4,4,3,3,3,0,4,2,0,3,4), +(1,4,0,4,0,3,0,1,0,3,3,3,1,1,3,3,2,2,3,3,1,0,3,2,2,1,2,0,3,1,2,1,2,0,3,2,0,2,2,3,3,4,3,0,3,3,1,2,0,1,1,3,1,2,0,0,3,0,1,1,0,3,2,2,3,3,0,3,0,0,0,2,3,3,4,3,3,0,1,0,0,1,4), +(0,4,0,4,0,4,0,0,0,3,4,4,3,1,4,2,3,2,3,3,3,1,4,3,4,0,3,0,4,2,3,3,2,2,5,4,2,1,3,4,3,4,3,1,3,3,4,2,0,2,1,0,3,3,0,0,2,0,3,1,0,4,4,3,4,3,0,4,0,1,0,2,4,4,4,4,4,0,3,2,0,3,3), +(0,0,0,1,0,4,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,3,2,0,0,1,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,2), +(0,2,0,3,0,4,0,4,0,1,3,3,3,0,4,0,2,1,2,1,1,1,2,0,3,1,1,0,1,0,3,1,0,0,3,3,2,0,1,1,0,0,0,0,0,1,0,2,0,2,2,0,3,1,0,0,1,0,1,1,0,1,2,0,3,0,0,0,0,1,0,0,3,3,4,3,1,0,1,0,3,0,2), +(0,0,0,3,0,5,0,0,0,0,1,0,2,0,3,1,0,1,3,0,0,0,2,0,0,0,1,0,0,0,1,1,0,0,4,0,0,0,2,3,0,1,4,1,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,1,0,0,0,0,0,0,0,2,0,0,3,0,0,0,0,0,3), +(0,2,0,5,0,5,0,1,0,2,4,3,3,2,5,1,3,2,3,3,3,0,4,1,2,0,3,0,4,0,2,2,1,1,5,3,0,0,1,4,2,3,2,0,3,3,3,2,0,2,4,1,1,2,0,1,1,0,3,1,0,1,3,1,2,3,0,2,0,0,0,1,3,5,4,4,4,0,3,0,0,1,3), +(0,4,0,5,0,4,0,4,0,4,5,4,3,3,4,3,3,3,4,3,4,4,5,3,4,5,4,2,4,2,3,4,3,1,4,4,1,3,5,4,4,5,5,4,4,5,5,5,2,3,3,1,4,3,1,3,3,0,3,3,1,4,3,4,4,4,0,3,0,4,0,3,3,4,4,5,0,0,4,3,0,4,5), +(0,4,0,4,0,3,0,3,0,3,4,4,4,3,3,2,4,3,4,3,4,3,5,3,4,3,2,1,4,2,4,4,3,1,3,4,2,4,5,5,3,4,5,4,1,5,4,3,0,3,2,2,3,2,1,3,1,0,3,3,3,5,3,3,3,5,4,4,2,3,3,4,3,3,3,2,1,0,3,2,1,4,3), +(0,4,0,5,0,4,0,3,0,3,5,5,3,2,4,3,4,0,5,4,4,1,4,4,4,3,3,3,4,3,5,5,2,3,3,4,1,2,5,5,3,5,5,2,3,5,5,4,0,3,2,0,3,3,1,1,5,1,4,1,0,4,3,2,3,5,0,4,0,3,0,5,4,3,4,3,0,0,4,1,0,4,4), +(1,3,0,4,0,2,0,2,0,2,5,5,3,3,3,3,3,0,4,2,3,4,4,4,3,4,0,0,3,4,5,4,3,3,3,3,2,5,5,4,5,5,5,4,3,5,5,5,1,3,1,0,1,0,0,3,2,0,4,2,0,5,2,3,2,4,1,3,0,3,0,4,5,4,5,4,3,0,4,2,0,5,4), +(0,3,0,4,0,5,0,3,0,3,4,4,3,2,3,2,3,3,3,3,3,2,4,3,3,2,2,0,3,3,3,3,3,1,3,3,3,0,4,4,3,4,4,1,1,4,4,2,0,3,1,0,1,1,0,4,1,0,2,3,1,3,3,1,3,4,0,3,0,1,0,3,1,3,0,0,1,0,2,0,0,4,4), +(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0), +(0,3,0,3,0,2,0,3,0,1,5,4,3,3,3,1,4,2,1,2,3,4,4,2,4,4,5,0,3,1,4,3,4,0,4,3,3,3,2,3,2,5,3,4,3,2,2,3,0,0,3,0,2,1,0,1,2,0,0,0,0,2,1,1,3,1,0,2,0,4,0,3,4,4,4,5,2,0,2,0,0,1,3), +(0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,1,1,0,0,1,1,0,0,0,4,2,1,1,0,1,0,3,2,0,0,3,1,1,1,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,1,0,0,0,2,0,0,0,1,4,0,4,2,1,0,0,0,0,0,1), +(0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,1,0,0,0,0,0,0,1,0,1,0,0,0,0,3,1,0,0,0,2,0,2,1,0,0,1,2,1,0,1,1,0,0,3,0,0,0,0,0,0,0,0,0,0,0,1,3,1,0,0,0,0,0,1,0,0,2,1,0,0,0,0,0,0,0,0,2), +(0,4,0,4,0,4,0,3,0,4,4,3,4,2,4,3,2,0,4,4,4,3,5,3,5,3,3,2,4,2,4,3,4,3,1,4,0,2,3,4,4,4,3,3,3,4,4,4,3,4,1,3,4,3,2,1,2,1,3,3,3,4,4,3,3,5,0,4,0,3,0,4,3,3,3,2,1,0,3,0,0,3,3), +(0,4,0,3,0,3,0,3,0,3,5,5,3,3,3,3,4,3,4,3,3,3,4,4,4,3,3,3,3,4,3,5,3,3,1,3,2,4,5,5,5,5,4,3,4,5,5,3,2,2,3,3,3,3,2,3,3,1,2,3,2,4,3,3,3,4,0,4,0,2,0,4,3,2,2,1,2,0,3,0,0,4,1), +) + +class JapaneseContextAnalysis(object): + NUM_OF_CATEGORY = 6 + DONT_KNOW = -1 + ENOUGH_REL_THRESHOLD = 100 + MAX_REL_THRESHOLD = 1000 + MINIMUM_DATA_THRESHOLD = 4 + + def __init__(self): + self._total_rel = None + self._rel_sample = None + self._need_to_skip_char_num = None + self._last_char_order = None + self._done = None + self.reset() + + def reset(self): + self._total_rel = 0 # total sequence received + # category counters, each integer counts sequence in its category + self._rel_sample = [0] * self.NUM_OF_CATEGORY + # if last byte in current buffer is not the last byte of a character, + # we need to know how many bytes to skip in next buffer + self._need_to_skip_char_num = 0 + self._last_char_order = -1 # The order of previous char + # If this flag is set to True, detection is done and conclusion has + # been made + self._done = False + + def feed(self, byte_str, num_bytes): + if self._done: + return + + # The buffer we got is byte oriented, and a character may span in more than one + # buffers. In case the last one or two byte in last buffer is not + # complete, we record how many byte needed to complete that character + # and skip these bytes here. We can choose to record those bytes as + # well and analyse the character once it is complete, but since a + # character will not make much difference, by simply skipping + # this character will simply our logic and improve performance. + i = self._need_to_skip_char_num + while i < num_bytes: + order, char_len = self.get_order(byte_str[i:i + 2]) + i += char_len + if i > num_bytes: + self._need_to_skip_char_num = i - num_bytes + self._last_char_order = -1 + else: + if (order != -1) and (self._last_char_order != -1): + self._total_rel += 1 + if self._total_rel > self.MAX_REL_THRESHOLD: + self._done = True + break + self._rel_sample[jp2CharContext[self._last_char_order][order]] += 1 + self._last_char_order = order + + def got_enough_data(self): + return self._total_rel > self.ENOUGH_REL_THRESHOLD + + def get_confidence(self): + # This is just one way to calculate confidence. It works well for me. + if self._total_rel > self.MINIMUM_DATA_THRESHOLD: + return (self._total_rel - self._rel_sample[0]) / self._total_rel + else: + return self.DONT_KNOW + + def get_order(self, byte_str): + return -1, 1 + +class SJISContextAnalysis(JapaneseContextAnalysis): + def __init__(self): + super(SJISContextAnalysis, self).__init__() + self._charset_name = "SHIFT_JIS" + + @property + def charset_name(self): + return self._charset_name + + def get_order(self, byte_str): + if not byte_str: + return -1, 1 + # find out current char's byte length + first_char = byte_str[0] + if (0x81 <= first_char <= 0x9F) or (0xE0 <= first_char <= 0xFC): + char_len = 2 + if (first_char == 0x87) or (0xFA <= first_char <= 0xFC): + self._charset_name = "CP932" + else: + char_len = 1 + + # return its order if it is hiragana + if len(byte_str) > 1: + second_char = byte_str[1] + if (first_char == 202) and (0x9F <= second_char <= 0xF1): + return second_char - 0x9F, char_len + + return -1, char_len + +class EUCJPContextAnalysis(JapaneseContextAnalysis): + def get_order(self, byte_str): + if not byte_str: + return -1, 1 + # find out current char's byte length + first_char = byte_str[0] + if (first_char == 0x8E) or (0xA1 <= first_char <= 0xFE): + char_len = 2 + elif first_char == 0x8F: + char_len = 3 + else: + char_len = 1 + + # return its order if it is hiragana + if len(byte_str) > 1: + second_char = byte_str[1] + if (first_char == 0xA4) and (0xA1 <= second_char <= 0xF3): + return second_char - 0xA1, char_len + + return -1, char_len + + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langbulgarianmodel.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langbulgarianmodel.py new file mode 100644 index 000000000..e963a5097 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langbulgarianmodel.py @@ -0,0 +1,4650 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel + + +# 3: Positive +# 2: Likely +# 1: Unlikely +# 0: Negative + +BULGARIAN_LANG_MODEL = { + 63: { # 'e' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 0, # 'а' + 18: 1, # 'б' + 9: 1, # 'в' + 20: 1, # 'г' + 11: 1, # 'д' + 3: 1, # 'е' + 23: 1, # 'ж' + 15: 1, # 'з' + 2: 0, # 'и' + 26: 1, # 'й' + 12: 1, # 'к' + 10: 1, # 'л' + 14: 1, # 'м' + 6: 1, # 'н' + 4: 1, # 'о' + 13: 1, # 'п' + 7: 1, # 'р' + 8: 1, # 'с' + 5: 1, # 'т' + 19: 0, # 'у' + 29: 1, # 'ф' + 25: 1, # 'х' + 22: 0, # 'ц' + 21: 1, # 'ч' + 27: 1, # 'ш' + 24: 1, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 45: { # '\xad' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 1, # 'Б' + 35: 1, # 'В' + 43: 0, # 'Г' + 37: 1, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 1, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 0, # 'Л' + 38: 1, # 'М' + 36: 0, # 'Н' + 41: 1, # 'О' + 30: 1, # 'П' + 39: 1, # 'Р' + 28: 1, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 1, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 0, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 0, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 0, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 0, # 'л' + 14: 0, # 'м' + 6: 0, # 'н' + 4: 0, # 'о' + 13: 0, # 'п' + 7: 0, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 0, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 31: { # 'А' + 63: 0, # 'e' + 45: 1, # '\xad' + 31: 1, # 'А' + 32: 1, # 'Б' + 35: 2, # 'В' + 43: 1, # 'Г' + 37: 2, # 'Д' + 44: 2, # 'Е' + 55: 1, # 'Ж' + 47: 2, # 'З' + 40: 1, # 'И' + 59: 1, # 'Й' + 33: 1, # 'К' + 46: 2, # 'Л' + 38: 1, # 'М' + 36: 2, # 'Н' + 41: 1, # 'О' + 30: 2, # 'П' + 39: 2, # 'Р' + 28: 2, # 'С' + 34: 2, # 'Т' + 51: 1, # 'У' + 48: 2, # 'Ф' + 49: 1, # 'Х' + 53: 1, # 'Ц' + 50: 1, # 'Ч' + 54: 1, # 'Ш' + 57: 2, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 1, # 'Я' + 1: 1, # 'а' + 18: 2, # 'б' + 9: 2, # 'в' + 20: 2, # 'г' + 11: 2, # 'д' + 3: 1, # 'е' + 23: 1, # 'ж' + 15: 2, # 'з' + 2: 0, # 'и' + 26: 2, # 'й' + 12: 2, # 'к' + 10: 3, # 'л' + 14: 2, # 'м' + 6: 3, # 'н' + 4: 0, # 'о' + 13: 2, # 'п' + 7: 2, # 'р' + 8: 2, # 'с' + 5: 2, # 'т' + 19: 1, # 'у' + 29: 2, # 'ф' + 25: 1, # 'х' + 22: 1, # 'ц' + 21: 1, # 'ч' + 27: 1, # 'ш' + 24: 0, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 32: { # 'Б' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 2, # 'А' + 32: 2, # 'Б' + 35: 1, # 'В' + 43: 1, # 'Г' + 37: 2, # 'Д' + 44: 1, # 'Е' + 55: 1, # 'Ж' + 47: 2, # 'З' + 40: 1, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 2, # 'Н' + 41: 2, # 'О' + 30: 1, # 'П' + 39: 1, # 'Р' + 28: 2, # 'С' + 34: 2, # 'Т' + 51: 1, # 'У' + 48: 2, # 'Ф' + 49: 1, # 'Х' + 53: 1, # 'Ц' + 50: 1, # 'Ч' + 54: 0, # 'Ш' + 57: 1, # 'Щ' + 61: 2, # 'Ъ' + 60: 1, # 'Ю' + 56: 1, # 'Я' + 1: 3, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 1, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 2, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 2, # 'л' + 14: 0, # 'м' + 6: 0, # 'н' + 4: 3, # 'о' + 13: 0, # 'п' + 7: 2, # 'р' + 8: 1, # 'с' + 5: 0, # 'т' + 19: 2, # 'у' + 29: 0, # 'ф' + 25: 1, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 3, # 'ъ' + 52: 1, # 'ь' + 42: 1, # 'ю' + 16: 2, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 35: { # 'В' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 2, # 'А' + 32: 1, # 'Б' + 35: 1, # 'В' + 43: 0, # 'Г' + 37: 1, # 'Д' + 44: 2, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 2, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 1, # 'Н' + 41: 1, # 'О' + 30: 1, # 'П' + 39: 2, # 'Р' + 28: 2, # 'С' + 34: 1, # 'Т' + 51: 1, # 'У' + 48: 2, # 'Ф' + 49: 0, # 'Х' + 53: 1, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 1, # 'Ъ' + 60: 1, # 'Ю' + 56: 2, # 'Я' + 1: 3, # 'а' + 18: 1, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 1, # 'д' + 3: 3, # 'е' + 23: 1, # 'ж' + 15: 2, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 1, # 'к' + 10: 2, # 'л' + 14: 1, # 'м' + 6: 2, # 'н' + 4: 2, # 'о' + 13: 1, # 'п' + 7: 2, # 'р' + 8: 2, # 'с' + 5: 2, # 'т' + 19: 1, # 'у' + 29: 0, # 'ф' + 25: 1, # 'х' + 22: 0, # 'ц' + 21: 2, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 2, # 'ъ' + 52: 1, # 'ь' + 42: 1, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 43: { # 'Г' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 2, # 'А' + 32: 1, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 1, # 'Д' + 44: 2, # 'Е' + 55: 0, # 'Ж' + 47: 1, # 'З' + 40: 1, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 0, # 'М' + 36: 1, # 'Н' + 41: 1, # 'О' + 30: 0, # 'П' + 39: 1, # 'Р' + 28: 1, # 'С' + 34: 0, # 'Т' + 51: 1, # 'У' + 48: 1, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 1, # 'Щ' + 61: 1, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 2, # 'а' + 18: 1, # 'б' + 9: 1, # 'в' + 20: 0, # 'г' + 11: 1, # 'д' + 3: 3, # 'е' + 23: 1, # 'ж' + 15: 0, # 'з' + 2: 2, # 'и' + 26: 0, # 'й' + 12: 1, # 'к' + 10: 2, # 'л' + 14: 1, # 'м' + 6: 1, # 'н' + 4: 2, # 'о' + 13: 0, # 'п' + 7: 2, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 2, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 1, # 'щ' + 17: 2, # 'ъ' + 52: 1, # 'ь' + 42: 1, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 37: { # 'Д' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 2, # 'А' + 32: 1, # 'Б' + 35: 2, # 'В' + 43: 1, # 'Г' + 37: 2, # 'Д' + 44: 2, # 'Е' + 55: 2, # 'Ж' + 47: 1, # 'З' + 40: 2, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 1, # 'Н' + 41: 2, # 'О' + 30: 2, # 'П' + 39: 1, # 'Р' + 28: 2, # 'С' + 34: 1, # 'Т' + 51: 1, # 'У' + 48: 1, # 'Ф' + 49: 0, # 'Х' + 53: 1, # 'Ц' + 50: 1, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 1, # 'Ъ' + 60: 1, # 'Ю' + 56: 1, # 'Я' + 1: 3, # 'а' + 18: 0, # 'б' + 9: 2, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 3, # 'е' + 23: 3, # 'ж' + 15: 1, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 1, # 'л' + 14: 1, # 'м' + 6: 2, # 'н' + 4: 3, # 'о' + 13: 0, # 'п' + 7: 2, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 2, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 2, # 'ъ' + 52: 1, # 'ь' + 42: 2, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 44: { # 'Е' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 1, # 'А' + 32: 1, # 'Б' + 35: 2, # 'В' + 43: 1, # 'Г' + 37: 1, # 'Д' + 44: 1, # 'Е' + 55: 1, # 'Ж' + 47: 1, # 'З' + 40: 1, # 'И' + 59: 1, # 'Й' + 33: 2, # 'К' + 46: 2, # 'Л' + 38: 1, # 'М' + 36: 2, # 'Н' + 41: 2, # 'О' + 30: 1, # 'П' + 39: 2, # 'Р' + 28: 2, # 'С' + 34: 2, # 'Т' + 51: 1, # 'У' + 48: 2, # 'Ф' + 49: 1, # 'Х' + 53: 2, # 'Ц' + 50: 1, # 'Ч' + 54: 1, # 'Ш' + 57: 1, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 1, # 'Я' + 1: 0, # 'а' + 18: 1, # 'б' + 9: 2, # 'в' + 20: 1, # 'г' + 11: 2, # 'д' + 3: 0, # 'е' + 23: 1, # 'ж' + 15: 1, # 'з' + 2: 0, # 'и' + 26: 1, # 'й' + 12: 2, # 'к' + 10: 2, # 'л' + 14: 2, # 'м' + 6: 2, # 'н' + 4: 0, # 'о' + 13: 1, # 'п' + 7: 2, # 'р' + 8: 2, # 'с' + 5: 1, # 'т' + 19: 1, # 'у' + 29: 1, # 'ф' + 25: 1, # 'х' + 22: 0, # 'ц' + 21: 1, # 'ч' + 27: 1, # 'ш' + 24: 1, # 'щ' + 17: 1, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 55: { # 'Ж' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 1, # 'А' + 32: 0, # 'Б' + 35: 1, # 'В' + 43: 0, # 'Г' + 37: 1, # 'Д' + 44: 1, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 1, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 1, # 'Н' + 41: 1, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 1, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 2, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 1, # 'д' + 3: 2, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 2, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 0, # 'л' + 14: 0, # 'м' + 6: 0, # 'н' + 4: 2, # 'о' + 13: 1, # 'п' + 7: 1, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 1, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 1, # 'ъ' + 52: 1, # 'ь' + 42: 1, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 47: { # 'З' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 2, # 'А' + 32: 1, # 'Б' + 35: 1, # 'В' + 43: 1, # 'Г' + 37: 1, # 'Д' + 44: 1, # 'Е' + 55: 0, # 'Ж' + 47: 1, # 'З' + 40: 1, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 2, # 'Н' + 41: 1, # 'О' + 30: 1, # 'П' + 39: 1, # 'Р' + 28: 1, # 'С' + 34: 1, # 'Т' + 51: 1, # 'У' + 48: 0, # 'Ф' + 49: 1, # 'Х' + 53: 1, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 1, # 'Ъ' + 60: 0, # 'Ю' + 56: 1, # 'Я' + 1: 3, # 'а' + 18: 1, # 'б' + 9: 2, # 'в' + 20: 1, # 'г' + 11: 2, # 'д' + 3: 2, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 1, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 2, # 'л' + 14: 1, # 'м' + 6: 1, # 'н' + 4: 1, # 'о' + 13: 0, # 'п' + 7: 1, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 1, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 1, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 40: { # 'И' + 63: 0, # 'e' + 45: 1, # '\xad' + 31: 1, # 'А' + 32: 1, # 'Б' + 35: 1, # 'В' + 43: 1, # 'Г' + 37: 1, # 'Д' + 44: 2, # 'Е' + 55: 1, # 'Ж' + 47: 2, # 'З' + 40: 1, # 'И' + 59: 1, # 'Й' + 33: 2, # 'К' + 46: 2, # 'Л' + 38: 2, # 'М' + 36: 2, # 'Н' + 41: 1, # 'О' + 30: 1, # 'П' + 39: 2, # 'Р' + 28: 2, # 'С' + 34: 2, # 'Т' + 51: 0, # 'У' + 48: 1, # 'Ф' + 49: 1, # 'Х' + 53: 1, # 'Ц' + 50: 1, # 'Ч' + 54: 1, # 'Ш' + 57: 1, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 2, # 'Я' + 1: 1, # 'а' + 18: 1, # 'б' + 9: 3, # 'в' + 20: 2, # 'г' + 11: 1, # 'д' + 3: 1, # 'е' + 23: 0, # 'ж' + 15: 3, # 'з' + 2: 0, # 'и' + 26: 1, # 'й' + 12: 1, # 'к' + 10: 2, # 'л' + 14: 2, # 'м' + 6: 2, # 'н' + 4: 0, # 'о' + 13: 1, # 'п' + 7: 2, # 'р' + 8: 2, # 'с' + 5: 2, # 'т' + 19: 0, # 'у' + 29: 1, # 'ф' + 25: 1, # 'х' + 22: 1, # 'ц' + 21: 1, # 'ч' + 27: 1, # 'ш' + 24: 1, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 59: { # 'Й' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 1, # 'Д' + 44: 1, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 1, # 'Н' + 41: 1, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 1, # 'С' + 34: 1, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 1, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 1, # 'Я' + 1: 0, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 1, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 0, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 0, # 'л' + 14: 0, # 'м' + 6: 0, # 'н' + 4: 2, # 'о' + 13: 0, # 'п' + 7: 0, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 0, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 1, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 33: { # 'К' + 63: 0, # 'e' + 45: 1, # '\xad' + 31: 2, # 'А' + 32: 1, # 'Б' + 35: 1, # 'В' + 43: 1, # 'Г' + 37: 1, # 'Д' + 44: 1, # 'Е' + 55: 0, # 'Ж' + 47: 1, # 'З' + 40: 2, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 0, # 'М' + 36: 2, # 'Н' + 41: 2, # 'О' + 30: 2, # 'П' + 39: 1, # 'Р' + 28: 2, # 'С' + 34: 1, # 'Т' + 51: 1, # 'У' + 48: 1, # 'Ф' + 49: 1, # 'Х' + 53: 1, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 1, # 'Ъ' + 60: 1, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 0, # 'б' + 9: 1, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 2, # 'е' + 23: 1, # 'ж' + 15: 0, # 'з' + 2: 2, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 2, # 'л' + 14: 1, # 'м' + 6: 2, # 'н' + 4: 3, # 'о' + 13: 0, # 'п' + 7: 3, # 'р' + 8: 1, # 'с' + 5: 0, # 'т' + 19: 2, # 'у' + 29: 0, # 'ф' + 25: 1, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 1, # 'ш' + 24: 0, # 'щ' + 17: 2, # 'ъ' + 52: 1, # 'ь' + 42: 2, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 46: { # 'Л' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 2, # 'А' + 32: 1, # 'Б' + 35: 1, # 'В' + 43: 2, # 'Г' + 37: 1, # 'Д' + 44: 2, # 'Е' + 55: 0, # 'Ж' + 47: 1, # 'З' + 40: 2, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 0, # 'М' + 36: 1, # 'Н' + 41: 2, # 'О' + 30: 1, # 'П' + 39: 0, # 'Р' + 28: 1, # 'С' + 34: 1, # 'Т' + 51: 1, # 'У' + 48: 0, # 'Ф' + 49: 1, # 'Х' + 53: 1, # 'Ц' + 50: 1, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 1, # 'Ъ' + 60: 1, # 'Ю' + 56: 1, # 'Я' + 1: 2, # 'а' + 18: 0, # 'б' + 9: 1, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 2, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 0, # 'л' + 14: 0, # 'м' + 6: 0, # 'н' + 4: 2, # 'о' + 13: 0, # 'п' + 7: 0, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 2, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 1, # 'ъ' + 52: 1, # 'ь' + 42: 2, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 38: { # 'М' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 2, # 'А' + 32: 1, # 'Б' + 35: 2, # 'В' + 43: 0, # 'Г' + 37: 1, # 'Д' + 44: 1, # 'Е' + 55: 0, # 'Ж' + 47: 1, # 'З' + 40: 2, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 1, # 'Н' + 41: 2, # 'О' + 30: 1, # 'П' + 39: 1, # 'Р' + 28: 2, # 'С' + 34: 1, # 'Т' + 51: 1, # 'У' + 48: 1, # 'Ф' + 49: 0, # 'Х' + 53: 1, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 1, # 'Ъ' + 60: 0, # 'Ю' + 56: 1, # 'Я' + 1: 3, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 2, # 'л' + 14: 0, # 'м' + 6: 2, # 'н' + 4: 3, # 'о' + 13: 0, # 'п' + 7: 1, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 2, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 2, # 'ъ' + 52: 1, # 'ь' + 42: 2, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 36: { # 'Н' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 2, # 'А' + 32: 2, # 'Б' + 35: 1, # 'В' + 43: 1, # 'Г' + 37: 2, # 'Д' + 44: 2, # 'Е' + 55: 1, # 'Ж' + 47: 1, # 'З' + 40: 2, # 'И' + 59: 1, # 'Й' + 33: 2, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 1, # 'Н' + 41: 2, # 'О' + 30: 1, # 'П' + 39: 1, # 'Р' + 28: 2, # 'С' + 34: 2, # 'Т' + 51: 1, # 'У' + 48: 1, # 'Ф' + 49: 1, # 'Х' + 53: 1, # 'Ц' + 50: 1, # 'Ч' + 54: 1, # 'Ш' + 57: 0, # 'Щ' + 61: 1, # 'Ъ' + 60: 1, # 'Ю' + 56: 1, # 'Я' + 1: 3, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 1, # 'г' + 11: 0, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 0, # 'л' + 14: 0, # 'м' + 6: 0, # 'н' + 4: 3, # 'о' + 13: 0, # 'п' + 7: 0, # 'р' + 8: 0, # 'с' + 5: 1, # 'т' + 19: 1, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 1, # 'ш' + 24: 0, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 2, # 'ю' + 16: 2, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 41: { # 'О' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 1, # 'А' + 32: 1, # 'Б' + 35: 2, # 'В' + 43: 1, # 'Г' + 37: 2, # 'Д' + 44: 1, # 'Е' + 55: 1, # 'Ж' + 47: 1, # 'З' + 40: 1, # 'И' + 59: 1, # 'Й' + 33: 2, # 'К' + 46: 2, # 'Л' + 38: 2, # 'М' + 36: 2, # 'Н' + 41: 2, # 'О' + 30: 1, # 'П' + 39: 2, # 'Р' + 28: 2, # 'С' + 34: 2, # 'Т' + 51: 1, # 'У' + 48: 1, # 'Ф' + 49: 1, # 'Х' + 53: 0, # 'Ц' + 50: 1, # 'Ч' + 54: 1, # 'Ш' + 57: 1, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 1, # 'Я' + 1: 1, # 'а' + 18: 2, # 'б' + 9: 2, # 'в' + 20: 2, # 'г' + 11: 1, # 'д' + 3: 1, # 'е' + 23: 1, # 'ж' + 15: 1, # 'з' + 2: 0, # 'и' + 26: 1, # 'й' + 12: 2, # 'к' + 10: 2, # 'л' + 14: 1, # 'м' + 6: 1, # 'н' + 4: 0, # 'о' + 13: 2, # 'п' + 7: 2, # 'р' + 8: 2, # 'с' + 5: 3, # 'т' + 19: 1, # 'у' + 29: 1, # 'ф' + 25: 1, # 'х' + 22: 1, # 'ц' + 21: 2, # 'ч' + 27: 0, # 'ш' + 24: 2, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 30: { # 'П' + 63: 0, # 'e' + 45: 1, # '\xad' + 31: 2, # 'А' + 32: 1, # 'Б' + 35: 1, # 'В' + 43: 1, # 'Г' + 37: 1, # 'Д' + 44: 1, # 'Е' + 55: 0, # 'Ж' + 47: 1, # 'З' + 40: 2, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 1, # 'Н' + 41: 2, # 'О' + 30: 2, # 'П' + 39: 2, # 'Р' + 28: 2, # 'С' + 34: 1, # 'Т' + 51: 2, # 'У' + 48: 1, # 'Ф' + 49: 0, # 'Х' + 53: 1, # 'Ц' + 50: 1, # 'Ч' + 54: 1, # 'Ш' + 57: 0, # 'Щ' + 61: 1, # 'Ъ' + 60: 1, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 2, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 2, # 'и' + 26: 0, # 'й' + 12: 1, # 'к' + 10: 3, # 'л' + 14: 0, # 'м' + 6: 1, # 'н' + 4: 3, # 'о' + 13: 0, # 'п' + 7: 3, # 'р' + 8: 1, # 'с' + 5: 1, # 'т' + 19: 2, # 'у' + 29: 1, # 'ф' + 25: 1, # 'х' + 22: 0, # 'ц' + 21: 1, # 'ч' + 27: 1, # 'ш' + 24: 0, # 'щ' + 17: 2, # 'ъ' + 52: 1, # 'ь' + 42: 1, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 39: { # 'Р' + 63: 0, # 'e' + 45: 1, # '\xad' + 31: 2, # 'А' + 32: 1, # 'Б' + 35: 1, # 'В' + 43: 2, # 'Г' + 37: 2, # 'Д' + 44: 2, # 'Е' + 55: 0, # 'Ж' + 47: 1, # 'З' + 40: 2, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 0, # 'Л' + 38: 1, # 'М' + 36: 1, # 'Н' + 41: 2, # 'О' + 30: 2, # 'П' + 39: 1, # 'Р' + 28: 1, # 'С' + 34: 1, # 'Т' + 51: 1, # 'У' + 48: 1, # 'Ф' + 49: 1, # 'Х' + 53: 1, # 'Ц' + 50: 1, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 1, # 'Ъ' + 60: 1, # 'Ю' + 56: 1, # 'Я' + 1: 3, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 2, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 2, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 0, # 'л' + 14: 0, # 'м' + 6: 1, # 'н' + 4: 3, # 'о' + 13: 0, # 'п' + 7: 0, # 'р' + 8: 1, # 'с' + 5: 0, # 'т' + 19: 3, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 1, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 28: { # 'С' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 3, # 'А' + 32: 2, # 'Б' + 35: 2, # 'В' + 43: 1, # 'Г' + 37: 2, # 'Д' + 44: 2, # 'Е' + 55: 1, # 'Ж' + 47: 1, # 'З' + 40: 2, # 'И' + 59: 0, # 'Й' + 33: 2, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 1, # 'Н' + 41: 2, # 'О' + 30: 2, # 'П' + 39: 1, # 'Р' + 28: 2, # 'С' + 34: 2, # 'Т' + 51: 1, # 'У' + 48: 1, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 1, # 'Ъ' + 60: 1, # 'Ю' + 56: 1, # 'Я' + 1: 3, # 'а' + 18: 1, # 'б' + 9: 2, # 'в' + 20: 1, # 'г' + 11: 1, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 2, # 'к' + 10: 3, # 'л' + 14: 2, # 'м' + 6: 1, # 'н' + 4: 3, # 'о' + 13: 3, # 'п' + 7: 2, # 'р' + 8: 0, # 'с' + 5: 3, # 'т' + 19: 2, # 'у' + 29: 2, # 'ф' + 25: 1, # 'х' + 22: 1, # 'ц' + 21: 1, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 3, # 'ъ' + 52: 1, # 'ь' + 42: 1, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 34: { # 'Т' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 2, # 'А' + 32: 2, # 'Б' + 35: 1, # 'В' + 43: 0, # 'Г' + 37: 1, # 'Д' + 44: 2, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 2, # 'И' + 59: 0, # 'Й' + 33: 2, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 1, # 'Н' + 41: 2, # 'О' + 30: 1, # 'П' + 39: 2, # 'Р' + 28: 2, # 'С' + 34: 1, # 'Т' + 51: 1, # 'У' + 48: 1, # 'Ф' + 49: 0, # 'Х' + 53: 1, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 1, # 'Ъ' + 60: 0, # 'Ю' + 56: 1, # 'Я' + 1: 3, # 'а' + 18: 1, # 'б' + 9: 1, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 2, # 'и' + 26: 0, # 'й' + 12: 1, # 'к' + 10: 1, # 'л' + 14: 0, # 'м' + 6: 0, # 'н' + 4: 3, # 'о' + 13: 0, # 'п' + 7: 3, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 2, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 2, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 2, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 51: { # 'У' + 63: 0, # 'e' + 45: 1, # '\xad' + 31: 1, # 'А' + 32: 1, # 'Б' + 35: 1, # 'В' + 43: 1, # 'Г' + 37: 1, # 'Д' + 44: 2, # 'Е' + 55: 1, # 'Ж' + 47: 1, # 'З' + 40: 1, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 1, # 'Н' + 41: 0, # 'О' + 30: 1, # 'П' + 39: 1, # 'Р' + 28: 1, # 'С' + 34: 2, # 'Т' + 51: 0, # 'У' + 48: 1, # 'Ф' + 49: 1, # 'Х' + 53: 1, # 'Ц' + 50: 1, # 'Ч' + 54: 1, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 1, # 'а' + 18: 1, # 'б' + 9: 2, # 'в' + 20: 1, # 'г' + 11: 1, # 'д' + 3: 2, # 'е' + 23: 1, # 'ж' + 15: 1, # 'з' + 2: 2, # 'и' + 26: 1, # 'й' + 12: 2, # 'к' + 10: 1, # 'л' + 14: 1, # 'м' + 6: 2, # 'н' + 4: 2, # 'о' + 13: 1, # 'п' + 7: 1, # 'р' + 8: 2, # 'с' + 5: 1, # 'т' + 19: 1, # 'у' + 29: 0, # 'ф' + 25: 1, # 'х' + 22: 0, # 'ц' + 21: 2, # 'ч' + 27: 1, # 'ш' + 24: 0, # 'щ' + 17: 1, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 48: { # 'Ф' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 2, # 'А' + 32: 1, # 'Б' + 35: 1, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 1, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 2, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 0, # 'М' + 36: 1, # 'Н' + 41: 1, # 'О' + 30: 2, # 'П' + 39: 1, # 'Р' + 28: 2, # 'С' + 34: 1, # 'Т' + 51: 1, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 2, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 2, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 2, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 2, # 'л' + 14: 0, # 'м' + 6: 0, # 'н' + 4: 2, # 'о' + 13: 0, # 'п' + 7: 2, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 1, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 1, # 'ъ' + 52: 1, # 'ь' + 42: 1, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 49: { # 'Х' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 1, # 'А' + 32: 0, # 'Б' + 35: 1, # 'В' + 43: 1, # 'Г' + 37: 1, # 'Д' + 44: 1, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 1, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 1, # 'Н' + 41: 1, # 'О' + 30: 1, # 'П' + 39: 1, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 1, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 2, # 'а' + 18: 0, # 'б' + 9: 1, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 2, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 2, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 1, # 'л' + 14: 1, # 'м' + 6: 0, # 'н' + 4: 2, # 'о' + 13: 0, # 'п' + 7: 2, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 2, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 2, # 'ъ' + 52: 1, # 'ь' + 42: 1, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 53: { # 'Ц' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 1, # 'А' + 32: 0, # 'Б' + 35: 1, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 1, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 2, # 'И' + 59: 0, # 'Й' + 33: 2, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 1, # 'Р' + 28: 2, # 'С' + 34: 0, # 'Т' + 51: 1, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 2, # 'а' + 18: 0, # 'б' + 9: 2, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 2, # 'е' + 23: 0, # 'ж' + 15: 1, # 'з' + 2: 2, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 0, # 'л' + 14: 0, # 'м' + 6: 0, # 'н' + 4: 1, # 'о' + 13: 0, # 'п' + 7: 1, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 1, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 1, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 50: { # 'Ч' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 2, # 'А' + 32: 1, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 1, # 'Е' + 55: 0, # 'Ж' + 47: 1, # 'З' + 40: 1, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 0, # 'М' + 36: 1, # 'Н' + 41: 1, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 1, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 2, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 3, # 'е' + 23: 1, # 'ж' + 15: 0, # 'з' + 2: 2, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 1, # 'л' + 14: 0, # 'м' + 6: 0, # 'н' + 4: 2, # 'о' + 13: 0, # 'п' + 7: 1, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 2, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 1, # 'ъ' + 52: 1, # 'ь' + 42: 0, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 54: { # 'Ш' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 1, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 1, # 'Е' + 55: 0, # 'Ж' + 47: 1, # 'З' + 40: 1, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 1, # 'Н' + 41: 1, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 1, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 2, # 'а' + 18: 0, # 'б' + 9: 2, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 2, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 2, # 'и' + 26: 0, # 'й' + 12: 1, # 'к' + 10: 1, # 'л' + 14: 1, # 'м' + 6: 1, # 'н' + 4: 2, # 'о' + 13: 1, # 'п' + 7: 1, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 2, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 1, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 1, # 'ъ' + 52: 1, # 'ь' + 42: 0, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 57: { # 'Щ' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 1, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 1, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 1, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 1, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 2, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 2, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 1, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 0, # 'л' + 14: 0, # 'м' + 6: 0, # 'н' + 4: 1, # 'о' + 13: 0, # 'п' + 7: 1, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 1, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 1, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 61: { # 'Ъ' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 1, # 'Б' + 35: 1, # 'В' + 43: 0, # 'Г' + 37: 1, # 'Д' + 44: 0, # 'Е' + 55: 1, # 'Ж' + 47: 1, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 2, # 'Л' + 38: 1, # 'М' + 36: 1, # 'Н' + 41: 0, # 'О' + 30: 1, # 'П' + 39: 2, # 'Р' + 28: 1, # 'С' + 34: 1, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 1, # 'Х' + 53: 1, # 'Ц' + 50: 1, # 'Ч' + 54: 1, # 'Ш' + 57: 1, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 0, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 0, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 0, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 1, # 'л' + 14: 0, # 'м' + 6: 1, # 'н' + 4: 0, # 'о' + 13: 0, # 'п' + 7: 1, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 0, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 60: { # 'Ю' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 1, # 'А' + 32: 1, # 'Б' + 35: 0, # 'В' + 43: 1, # 'Г' + 37: 1, # 'Д' + 44: 0, # 'Е' + 55: 1, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 0, # 'М' + 36: 1, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 1, # 'Р' + 28: 1, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 0, # 'а' + 18: 1, # 'б' + 9: 1, # 'в' + 20: 2, # 'г' + 11: 1, # 'д' + 3: 0, # 'е' + 23: 2, # 'ж' + 15: 1, # 'з' + 2: 1, # 'и' + 26: 0, # 'й' + 12: 1, # 'к' + 10: 1, # 'л' + 14: 1, # 'м' + 6: 1, # 'н' + 4: 0, # 'о' + 13: 1, # 'п' + 7: 1, # 'р' + 8: 1, # 'с' + 5: 1, # 'т' + 19: 0, # 'у' + 29: 0, # 'ф' + 25: 1, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 56: { # 'Я' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 1, # 'Б' + 35: 1, # 'В' + 43: 1, # 'Г' + 37: 1, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 1, # 'Л' + 38: 1, # 'М' + 36: 1, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 1, # 'С' + 34: 2, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 0, # 'а' + 18: 1, # 'б' + 9: 1, # 'в' + 20: 1, # 'г' + 11: 1, # 'д' + 3: 0, # 'е' + 23: 0, # 'ж' + 15: 1, # 'з' + 2: 1, # 'и' + 26: 1, # 'й' + 12: 1, # 'к' + 10: 1, # 'л' + 14: 2, # 'м' + 6: 2, # 'н' + 4: 0, # 'о' + 13: 2, # 'п' + 7: 1, # 'р' + 8: 1, # 'с' + 5: 1, # 'т' + 19: 0, # 'у' + 29: 0, # 'ф' + 25: 1, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 1, # 'ш' + 24: 0, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 1: { # 'а' + 63: 1, # 'e' + 45: 1, # '\xad' + 31: 1, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 1, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 1, # 'а' + 18: 3, # 'б' + 9: 3, # 'в' + 20: 3, # 'г' + 11: 3, # 'д' + 3: 3, # 'е' + 23: 3, # 'ж' + 15: 3, # 'з' + 2: 3, # 'и' + 26: 3, # 'й' + 12: 3, # 'к' + 10: 3, # 'л' + 14: 3, # 'м' + 6: 3, # 'н' + 4: 2, # 'о' + 13: 3, # 'п' + 7: 3, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 3, # 'у' + 29: 3, # 'ф' + 25: 3, # 'х' + 22: 3, # 'ц' + 21: 3, # 'ч' + 27: 3, # 'ш' + 24: 3, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 3, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 18: { # 'б' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 0, # 'б' + 9: 3, # 'в' + 20: 1, # 'г' + 11: 2, # 'д' + 3: 3, # 'е' + 23: 1, # 'ж' + 15: 1, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 1, # 'к' + 10: 3, # 'л' + 14: 2, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 1, # 'п' + 7: 3, # 'р' + 8: 3, # 'с' + 5: 0, # 'т' + 19: 3, # 'у' + 29: 0, # 'ф' + 25: 2, # 'х' + 22: 1, # 'ц' + 21: 1, # 'ч' + 27: 1, # 'ш' + 24: 3, # 'щ' + 17: 3, # 'ъ' + 52: 1, # 'ь' + 42: 2, # 'ю' + 16: 3, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 9: { # 'в' + 63: 1, # 'e' + 45: 1, # '\xad' + 31: 0, # 'А' + 32: 1, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 1, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 1, # 'б' + 9: 0, # 'в' + 20: 2, # 'г' + 11: 3, # 'д' + 3: 3, # 'е' + 23: 1, # 'ж' + 15: 3, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 3, # 'к' + 10: 3, # 'л' + 14: 2, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 2, # 'п' + 7: 3, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 2, # 'у' + 29: 0, # 'ф' + 25: 2, # 'х' + 22: 2, # 'ц' + 21: 3, # 'ч' + 27: 2, # 'ш' + 24: 1, # 'щ' + 17: 3, # 'ъ' + 52: 1, # 'ь' + 42: 2, # 'ю' + 16: 3, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 20: { # 'г' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 1, # 'б' + 9: 2, # 'в' + 20: 1, # 'г' + 11: 2, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 1, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 1, # 'к' + 10: 3, # 'л' + 14: 1, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 1, # 'п' + 7: 3, # 'р' + 8: 2, # 'с' + 5: 2, # 'т' + 19: 3, # 'у' + 29: 1, # 'ф' + 25: 1, # 'х' + 22: 0, # 'ц' + 21: 1, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 3, # 'ъ' + 52: 1, # 'ь' + 42: 1, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 11: { # 'д' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 2, # 'б' + 9: 3, # 'в' + 20: 2, # 'г' + 11: 2, # 'д' + 3: 3, # 'е' + 23: 3, # 'ж' + 15: 2, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 3, # 'к' + 10: 3, # 'л' + 14: 3, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 3, # 'п' + 7: 3, # 'р' + 8: 3, # 'с' + 5: 1, # 'т' + 19: 3, # 'у' + 29: 1, # 'ф' + 25: 2, # 'х' + 22: 2, # 'ц' + 21: 2, # 'ч' + 27: 1, # 'ш' + 24: 1, # 'щ' + 17: 3, # 'ъ' + 52: 1, # 'ь' + 42: 1, # 'ю' + 16: 3, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 3: { # 'е' + 63: 0, # 'e' + 45: 1, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 2, # 'а' + 18: 3, # 'б' + 9: 3, # 'в' + 20: 3, # 'г' + 11: 3, # 'д' + 3: 2, # 'е' + 23: 3, # 'ж' + 15: 3, # 'з' + 2: 2, # 'и' + 26: 3, # 'й' + 12: 3, # 'к' + 10: 3, # 'л' + 14: 3, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 3, # 'п' + 7: 3, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 2, # 'у' + 29: 3, # 'ф' + 25: 3, # 'х' + 22: 3, # 'ц' + 21: 3, # 'ч' + 27: 3, # 'ш' + 24: 3, # 'щ' + 17: 1, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 3, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 23: { # 'ж' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 3, # 'б' + 9: 2, # 'в' + 20: 1, # 'г' + 11: 3, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 2, # 'к' + 10: 1, # 'л' + 14: 1, # 'м' + 6: 3, # 'н' + 4: 2, # 'о' + 13: 1, # 'п' + 7: 1, # 'р' + 8: 1, # 'с' + 5: 1, # 'т' + 19: 2, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 1, # 'ц' + 21: 1, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 2, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 15: { # 'з' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 3, # 'б' + 9: 3, # 'в' + 20: 3, # 'г' + 11: 3, # 'д' + 3: 3, # 'е' + 23: 1, # 'ж' + 15: 1, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 3, # 'к' + 10: 3, # 'л' + 14: 3, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 3, # 'п' + 7: 3, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 3, # 'у' + 29: 1, # 'ф' + 25: 2, # 'х' + 22: 2, # 'ц' + 21: 2, # 'ч' + 27: 2, # 'ш' + 24: 1, # 'щ' + 17: 2, # 'ъ' + 52: 1, # 'ь' + 42: 1, # 'ю' + 16: 2, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 2: { # 'и' + 63: 1, # 'e' + 45: 1, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 1, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 1, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 1, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 1, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 3, # 'б' + 9: 3, # 'в' + 20: 3, # 'г' + 11: 3, # 'д' + 3: 3, # 'е' + 23: 3, # 'ж' + 15: 3, # 'з' + 2: 3, # 'и' + 26: 3, # 'й' + 12: 3, # 'к' + 10: 3, # 'л' + 14: 3, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 3, # 'п' + 7: 3, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 2, # 'у' + 29: 3, # 'ф' + 25: 3, # 'х' + 22: 3, # 'ц' + 21: 3, # 'ч' + 27: 3, # 'ш' + 24: 3, # 'щ' + 17: 2, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 3, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 26: { # 'й' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 1, # 'а' + 18: 2, # 'б' + 9: 2, # 'в' + 20: 1, # 'г' + 11: 2, # 'д' + 3: 2, # 'е' + 23: 0, # 'ж' + 15: 2, # 'з' + 2: 1, # 'и' + 26: 0, # 'й' + 12: 3, # 'к' + 10: 2, # 'л' + 14: 2, # 'м' + 6: 3, # 'н' + 4: 2, # 'о' + 13: 1, # 'п' + 7: 2, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 1, # 'у' + 29: 2, # 'ф' + 25: 1, # 'х' + 22: 2, # 'ц' + 21: 2, # 'ч' + 27: 1, # 'ш' + 24: 1, # 'щ' + 17: 1, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 12: { # 'к' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 1, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 1, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 1, # 'б' + 9: 3, # 'в' + 20: 2, # 'г' + 11: 1, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 2, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 1, # 'к' + 10: 3, # 'л' + 14: 2, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 1, # 'п' + 7: 3, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 3, # 'у' + 29: 1, # 'ф' + 25: 1, # 'х' + 22: 3, # 'ц' + 21: 2, # 'ч' + 27: 1, # 'ш' + 24: 0, # 'щ' + 17: 3, # 'ъ' + 52: 1, # 'ь' + 42: 2, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 10: { # 'л' + 63: 1, # 'e' + 45: 1, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 1, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 3, # 'б' + 9: 3, # 'в' + 20: 3, # 'г' + 11: 2, # 'д' + 3: 3, # 'е' + 23: 3, # 'ж' + 15: 2, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 3, # 'к' + 10: 1, # 'л' + 14: 2, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 2, # 'п' + 7: 2, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 3, # 'у' + 29: 2, # 'ф' + 25: 2, # 'х' + 22: 2, # 'ц' + 21: 2, # 'ч' + 27: 2, # 'ш' + 24: 1, # 'щ' + 17: 3, # 'ъ' + 52: 2, # 'ь' + 42: 3, # 'ю' + 16: 3, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 14: { # 'м' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 1, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 3, # 'б' + 9: 3, # 'в' + 20: 1, # 'г' + 11: 1, # 'д' + 3: 3, # 'е' + 23: 1, # 'ж' + 15: 1, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 2, # 'к' + 10: 3, # 'л' + 14: 1, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 3, # 'п' + 7: 2, # 'р' + 8: 2, # 'с' + 5: 1, # 'т' + 19: 3, # 'у' + 29: 2, # 'ф' + 25: 1, # 'х' + 22: 2, # 'ц' + 21: 2, # 'ч' + 27: 2, # 'ш' + 24: 1, # 'щ' + 17: 3, # 'ъ' + 52: 1, # 'ь' + 42: 2, # 'ю' + 16: 3, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 6: { # 'н' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 1, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 2, # 'б' + 9: 2, # 'в' + 20: 3, # 'г' + 11: 3, # 'д' + 3: 3, # 'е' + 23: 2, # 'ж' + 15: 2, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 3, # 'к' + 10: 2, # 'л' + 14: 1, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 1, # 'п' + 7: 2, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 3, # 'у' + 29: 3, # 'ф' + 25: 2, # 'х' + 22: 3, # 'ц' + 21: 3, # 'ч' + 27: 2, # 'ш' + 24: 1, # 'щ' + 17: 3, # 'ъ' + 52: 2, # 'ь' + 42: 2, # 'ю' + 16: 3, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 4: { # 'о' + 63: 0, # 'e' + 45: 1, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 2, # 'а' + 18: 3, # 'б' + 9: 3, # 'в' + 20: 3, # 'г' + 11: 3, # 'д' + 3: 3, # 'е' + 23: 3, # 'ж' + 15: 3, # 'з' + 2: 3, # 'и' + 26: 3, # 'й' + 12: 3, # 'к' + 10: 3, # 'л' + 14: 3, # 'м' + 6: 3, # 'н' + 4: 2, # 'о' + 13: 3, # 'п' + 7: 3, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 2, # 'у' + 29: 3, # 'ф' + 25: 3, # 'х' + 22: 3, # 'ц' + 21: 3, # 'ч' + 27: 3, # 'ш' + 24: 3, # 'щ' + 17: 1, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 3, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 13: { # 'п' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 1, # 'б' + 9: 2, # 'в' + 20: 1, # 'г' + 11: 1, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 1, # 'з' + 2: 3, # 'и' + 26: 1, # 'й' + 12: 2, # 'к' + 10: 3, # 'л' + 14: 1, # 'м' + 6: 2, # 'н' + 4: 3, # 'о' + 13: 1, # 'п' + 7: 3, # 'р' + 8: 2, # 'с' + 5: 2, # 'т' + 19: 3, # 'у' + 29: 1, # 'ф' + 25: 1, # 'х' + 22: 2, # 'ц' + 21: 2, # 'ч' + 27: 1, # 'ш' + 24: 1, # 'щ' + 17: 3, # 'ъ' + 52: 1, # 'ь' + 42: 2, # 'ю' + 16: 2, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 7: { # 'р' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 3, # 'б' + 9: 3, # 'в' + 20: 3, # 'г' + 11: 3, # 'д' + 3: 3, # 'е' + 23: 3, # 'ж' + 15: 2, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 3, # 'к' + 10: 3, # 'л' + 14: 3, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 2, # 'п' + 7: 1, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 3, # 'у' + 29: 2, # 'ф' + 25: 3, # 'х' + 22: 3, # 'ц' + 21: 2, # 'ч' + 27: 3, # 'ш' + 24: 1, # 'щ' + 17: 3, # 'ъ' + 52: 1, # 'ь' + 42: 2, # 'ю' + 16: 3, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 8: { # 'с' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 2, # 'б' + 9: 3, # 'в' + 20: 2, # 'г' + 11: 2, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 1, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 3, # 'к' + 10: 3, # 'л' + 14: 3, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 3, # 'п' + 7: 3, # 'р' + 8: 1, # 'с' + 5: 3, # 'т' + 19: 3, # 'у' + 29: 2, # 'ф' + 25: 2, # 'х' + 22: 2, # 'ц' + 21: 2, # 'ч' + 27: 2, # 'ш' + 24: 0, # 'щ' + 17: 3, # 'ъ' + 52: 2, # 'ь' + 42: 2, # 'ю' + 16: 3, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 5: { # 'т' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 3, # 'б' + 9: 3, # 'в' + 20: 2, # 'г' + 11: 2, # 'д' + 3: 3, # 'е' + 23: 1, # 'ж' + 15: 1, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 3, # 'к' + 10: 3, # 'л' + 14: 2, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 2, # 'п' + 7: 3, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 3, # 'у' + 29: 1, # 'ф' + 25: 2, # 'х' + 22: 2, # 'ц' + 21: 2, # 'ч' + 27: 1, # 'ш' + 24: 1, # 'щ' + 17: 3, # 'ъ' + 52: 2, # 'ь' + 42: 2, # 'ю' + 16: 3, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 19: { # 'у' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 3, # 'б' + 9: 3, # 'в' + 20: 3, # 'г' + 11: 3, # 'д' + 3: 2, # 'е' + 23: 3, # 'ж' + 15: 3, # 'з' + 2: 2, # 'и' + 26: 2, # 'й' + 12: 3, # 'к' + 10: 3, # 'л' + 14: 3, # 'м' + 6: 3, # 'н' + 4: 2, # 'о' + 13: 3, # 'п' + 7: 3, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 1, # 'у' + 29: 2, # 'ф' + 25: 2, # 'х' + 22: 2, # 'ц' + 21: 3, # 'ч' + 27: 3, # 'ш' + 24: 2, # 'щ' + 17: 1, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 29: { # 'ф' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 1, # 'б' + 9: 1, # 'в' + 20: 1, # 'г' + 11: 0, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 2, # 'к' + 10: 2, # 'л' + 14: 1, # 'м' + 6: 1, # 'н' + 4: 3, # 'о' + 13: 0, # 'п' + 7: 2, # 'р' + 8: 2, # 'с' + 5: 2, # 'т' + 19: 2, # 'у' + 29: 0, # 'ф' + 25: 1, # 'х' + 22: 0, # 'ц' + 21: 1, # 'ч' + 27: 1, # 'ш' + 24: 0, # 'щ' + 17: 2, # 'ъ' + 52: 2, # 'ь' + 42: 1, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 25: { # 'х' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 1, # 'б' + 9: 3, # 'в' + 20: 0, # 'г' + 11: 1, # 'д' + 3: 2, # 'е' + 23: 0, # 'ж' + 15: 1, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 1, # 'к' + 10: 2, # 'л' + 14: 2, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 1, # 'п' + 7: 3, # 'р' + 8: 1, # 'с' + 5: 2, # 'т' + 19: 3, # 'у' + 29: 0, # 'ф' + 25: 1, # 'х' + 22: 0, # 'ц' + 21: 1, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 2, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 22: { # 'ц' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 1, # 'б' + 9: 2, # 'в' + 20: 1, # 'г' + 11: 1, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 1, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 2, # 'к' + 10: 1, # 'л' + 14: 1, # 'м' + 6: 1, # 'н' + 4: 2, # 'о' + 13: 1, # 'п' + 7: 1, # 'р' + 8: 1, # 'с' + 5: 1, # 'т' + 19: 2, # 'у' + 29: 1, # 'ф' + 25: 1, # 'х' + 22: 1, # 'ц' + 21: 1, # 'ч' + 27: 1, # 'ш' + 24: 1, # 'щ' + 17: 2, # 'ъ' + 52: 1, # 'ь' + 42: 0, # 'ю' + 16: 2, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 21: { # 'ч' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 1, # 'б' + 9: 3, # 'в' + 20: 1, # 'г' + 11: 0, # 'д' + 3: 3, # 'е' + 23: 1, # 'ж' + 15: 0, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 3, # 'к' + 10: 2, # 'л' + 14: 2, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 0, # 'п' + 7: 2, # 'р' + 8: 0, # 'с' + 5: 2, # 'т' + 19: 3, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 1, # 'ш' + 24: 0, # 'щ' + 17: 2, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 27: { # 'ш' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 0, # 'б' + 9: 2, # 'в' + 20: 0, # 'г' + 11: 1, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 3, # 'к' + 10: 2, # 'л' + 14: 1, # 'м' + 6: 3, # 'н' + 4: 2, # 'о' + 13: 2, # 'п' + 7: 1, # 'р' + 8: 0, # 'с' + 5: 1, # 'т' + 19: 2, # 'у' + 29: 1, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 1, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 2, # 'ъ' + 52: 1, # 'ь' + 42: 1, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 24: { # 'щ' + 63: 1, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 3, # 'а' + 18: 0, # 'б' + 9: 1, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 3, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 3, # 'и' + 26: 0, # 'й' + 12: 1, # 'к' + 10: 0, # 'л' + 14: 0, # 'м' + 6: 2, # 'н' + 4: 3, # 'о' + 13: 0, # 'п' + 7: 1, # 'р' + 8: 0, # 'с' + 5: 2, # 'т' + 19: 3, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 1, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 1, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 2, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 17: { # 'ъ' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 1, # 'а' + 18: 3, # 'б' + 9: 3, # 'в' + 20: 3, # 'г' + 11: 3, # 'д' + 3: 2, # 'е' + 23: 3, # 'ж' + 15: 3, # 'з' + 2: 1, # 'и' + 26: 2, # 'й' + 12: 3, # 'к' + 10: 3, # 'л' + 14: 3, # 'м' + 6: 3, # 'н' + 4: 3, # 'о' + 13: 3, # 'п' + 7: 3, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 1, # 'у' + 29: 1, # 'ф' + 25: 2, # 'х' + 22: 2, # 'ц' + 21: 3, # 'ч' + 27: 2, # 'ш' + 24: 3, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 2, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 52: { # 'ь' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 0, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 1, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 0, # 'и' + 26: 0, # 'й' + 12: 1, # 'к' + 10: 0, # 'л' + 14: 0, # 'м' + 6: 1, # 'н' + 4: 3, # 'о' + 13: 0, # 'п' + 7: 0, # 'р' + 8: 0, # 'с' + 5: 1, # 'т' + 19: 0, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 1, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 1, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 42: { # 'ю' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 1, # 'а' + 18: 2, # 'б' + 9: 1, # 'в' + 20: 2, # 'г' + 11: 2, # 'д' + 3: 1, # 'е' + 23: 2, # 'ж' + 15: 2, # 'з' + 2: 1, # 'и' + 26: 1, # 'й' + 12: 2, # 'к' + 10: 2, # 'л' + 14: 2, # 'м' + 6: 2, # 'н' + 4: 1, # 'о' + 13: 1, # 'п' + 7: 2, # 'р' + 8: 2, # 'с' + 5: 2, # 'т' + 19: 1, # 'у' + 29: 1, # 'ф' + 25: 1, # 'х' + 22: 2, # 'ц' + 21: 3, # 'ч' + 27: 1, # 'ш' + 24: 1, # 'щ' + 17: 1, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 16: { # 'я' + 63: 0, # 'e' + 45: 1, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 0, # 'а' + 18: 3, # 'б' + 9: 3, # 'в' + 20: 2, # 'г' + 11: 3, # 'д' + 3: 2, # 'е' + 23: 1, # 'ж' + 15: 2, # 'з' + 2: 1, # 'и' + 26: 2, # 'й' + 12: 3, # 'к' + 10: 3, # 'л' + 14: 3, # 'м' + 6: 3, # 'н' + 4: 1, # 'о' + 13: 2, # 'п' + 7: 2, # 'р' + 8: 3, # 'с' + 5: 3, # 'т' + 19: 1, # 'у' + 29: 1, # 'ф' + 25: 3, # 'х' + 22: 2, # 'ц' + 21: 1, # 'ч' + 27: 1, # 'ш' + 24: 2, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 1, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 58: { # 'є' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 0, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 0, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 0, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 0, # 'л' + 14: 0, # 'м' + 6: 0, # 'н' + 4: 0, # 'о' + 13: 0, # 'п' + 7: 0, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 0, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, + 62: { # '№' + 63: 0, # 'e' + 45: 0, # '\xad' + 31: 0, # 'А' + 32: 0, # 'Б' + 35: 0, # 'В' + 43: 0, # 'Г' + 37: 0, # 'Д' + 44: 0, # 'Е' + 55: 0, # 'Ж' + 47: 0, # 'З' + 40: 0, # 'И' + 59: 0, # 'Й' + 33: 0, # 'К' + 46: 0, # 'Л' + 38: 0, # 'М' + 36: 0, # 'Н' + 41: 0, # 'О' + 30: 0, # 'П' + 39: 0, # 'Р' + 28: 0, # 'С' + 34: 0, # 'Т' + 51: 0, # 'У' + 48: 0, # 'Ф' + 49: 0, # 'Х' + 53: 0, # 'Ц' + 50: 0, # 'Ч' + 54: 0, # 'Ш' + 57: 0, # 'Щ' + 61: 0, # 'Ъ' + 60: 0, # 'Ю' + 56: 0, # 'Я' + 1: 0, # 'а' + 18: 0, # 'б' + 9: 0, # 'в' + 20: 0, # 'г' + 11: 0, # 'д' + 3: 0, # 'е' + 23: 0, # 'ж' + 15: 0, # 'з' + 2: 0, # 'и' + 26: 0, # 'й' + 12: 0, # 'к' + 10: 0, # 'л' + 14: 0, # 'м' + 6: 0, # 'н' + 4: 0, # 'о' + 13: 0, # 'п' + 7: 0, # 'р' + 8: 0, # 'с' + 5: 0, # 'т' + 19: 0, # 'у' + 29: 0, # 'ф' + 25: 0, # 'х' + 22: 0, # 'ц' + 21: 0, # 'ч' + 27: 0, # 'ш' + 24: 0, # 'щ' + 17: 0, # 'ъ' + 52: 0, # 'ь' + 42: 0, # 'ю' + 16: 0, # 'я' + 58: 0, # 'є' + 62: 0, # '№' + }, +} + +# 255: Undefined characters that did not exist in training text +# 254: Carriage/Return +# 253: symbol (punctuation) that does not belong to word +# 252: 0 - 9 +# 251: Control characters + +# Character Mapping Table(s): +ISO_8859_5_BULGARIAN_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 77, # 'A' + 66: 90, # 'B' + 67: 99, # 'C' + 68: 100, # 'D' + 69: 72, # 'E' + 70: 109, # 'F' + 71: 107, # 'G' + 72: 101, # 'H' + 73: 79, # 'I' + 74: 185, # 'J' + 75: 81, # 'K' + 76: 102, # 'L' + 77: 76, # 'M' + 78: 94, # 'N' + 79: 82, # 'O' + 80: 110, # 'P' + 81: 186, # 'Q' + 82: 108, # 'R' + 83: 91, # 'S' + 84: 74, # 'T' + 85: 119, # 'U' + 86: 84, # 'V' + 87: 96, # 'W' + 88: 111, # 'X' + 89: 187, # 'Y' + 90: 115, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 65, # 'a' + 98: 69, # 'b' + 99: 70, # 'c' + 100: 66, # 'd' + 101: 63, # 'e' + 102: 68, # 'f' + 103: 112, # 'g' + 104: 103, # 'h' + 105: 92, # 'i' + 106: 194, # 'j' + 107: 104, # 'k' + 108: 95, # 'l' + 109: 86, # 'm' + 110: 87, # 'n' + 111: 71, # 'o' + 112: 116, # 'p' + 113: 195, # 'q' + 114: 85, # 'r' + 115: 93, # 's' + 116: 97, # 't' + 117: 113, # 'u' + 118: 196, # 'v' + 119: 197, # 'w' + 120: 198, # 'x' + 121: 199, # 'y' + 122: 200, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 194, # '\x80' + 129: 195, # '\x81' + 130: 196, # '\x82' + 131: 197, # '\x83' + 132: 198, # '\x84' + 133: 199, # '\x85' + 134: 200, # '\x86' + 135: 201, # '\x87' + 136: 202, # '\x88' + 137: 203, # '\x89' + 138: 204, # '\x8a' + 139: 205, # '\x8b' + 140: 206, # '\x8c' + 141: 207, # '\x8d' + 142: 208, # '\x8e' + 143: 209, # '\x8f' + 144: 210, # '\x90' + 145: 211, # '\x91' + 146: 212, # '\x92' + 147: 213, # '\x93' + 148: 214, # '\x94' + 149: 215, # '\x95' + 150: 216, # '\x96' + 151: 217, # '\x97' + 152: 218, # '\x98' + 153: 219, # '\x99' + 154: 220, # '\x9a' + 155: 221, # '\x9b' + 156: 222, # '\x9c' + 157: 223, # '\x9d' + 158: 224, # '\x9e' + 159: 225, # '\x9f' + 160: 81, # '\xa0' + 161: 226, # 'Ё' + 162: 227, # 'Ђ' + 163: 228, # 'Ѓ' + 164: 229, # 'Є' + 165: 230, # 'Ѕ' + 166: 105, # 'І' + 167: 231, # 'Ї' + 168: 232, # 'Ј' + 169: 233, # 'Љ' + 170: 234, # 'Њ' + 171: 235, # 'Ћ' + 172: 236, # 'Ќ' + 173: 45, # '\xad' + 174: 237, # 'Ў' + 175: 238, # 'Џ' + 176: 31, # 'А' + 177: 32, # 'Б' + 178: 35, # 'В' + 179: 43, # 'Г' + 180: 37, # 'Д' + 181: 44, # 'Е' + 182: 55, # 'Ж' + 183: 47, # 'З' + 184: 40, # 'И' + 185: 59, # 'Й' + 186: 33, # 'К' + 187: 46, # 'Л' + 188: 38, # 'М' + 189: 36, # 'Н' + 190: 41, # 'О' + 191: 30, # 'П' + 192: 39, # 'Р' + 193: 28, # 'С' + 194: 34, # 'Т' + 195: 51, # 'У' + 196: 48, # 'Ф' + 197: 49, # 'Х' + 198: 53, # 'Ц' + 199: 50, # 'Ч' + 200: 54, # 'Ш' + 201: 57, # 'Щ' + 202: 61, # 'Ъ' + 203: 239, # 'Ы' + 204: 67, # 'Ь' + 205: 240, # 'Э' + 206: 60, # 'Ю' + 207: 56, # 'Я' + 208: 1, # 'а' + 209: 18, # 'б' + 210: 9, # 'в' + 211: 20, # 'г' + 212: 11, # 'д' + 213: 3, # 'е' + 214: 23, # 'ж' + 215: 15, # 'з' + 216: 2, # 'и' + 217: 26, # 'й' + 218: 12, # 'к' + 219: 10, # 'л' + 220: 14, # 'м' + 221: 6, # 'н' + 222: 4, # 'о' + 223: 13, # 'п' + 224: 7, # 'р' + 225: 8, # 'с' + 226: 5, # 'т' + 227: 19, # 'у' + 228: 29, # 'ф' + 229: 25, # 'х' + 230: 22, # 'ц' + 231: 21, # 'ч' + 232: 27, # 'ш' + 233: 24, # 'щ' + 234: 17, # 'ъ' + 235: 75, # 'ы' + 236: 52, # 'ь' + 237: 241, # 'э' + 238: 42, # 'ю' + 239: 16, # 'я' + 240: 62, # '№' + 241: 242, # 'ё' + 242: 243, # 'ђ' + 243: 244, # 'ѓ' + 244: 58, # 'є' + 245: 245, # 'ѕ' + 246: 98, # 'і' + 247: 246, # 'ї' + 248: 247, # 'ј' + 249: 248, # 'љ' + 250: 249, # 'њ' + 251: 250, # 'ћ' + 252: 251, # 'ќ' + 253: 91, # '§' + 254: 252, # 'ў' + 255: 253, # 'џ' +} + +ISO_8859_5_BULGARIAN_MODEL = SingleByteCharSetModel(charset_name='ISO-8859-5', + language='Bulgarian', + char_to_order_map=ISO_8859_5_BULGARIAN_CHAR_TO_ORDER, + language_model=BULGARIAN_LANG_MODEL, + typical_positive_ratio=0.969392, + keep_ascii_letters=False, + alphabet='АБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЬЮЯабвгдежзийклмнопрстуфхцчшщъьюя') + +WINDOWS_1251_BULGARIAN_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 77, # 'A' + 66: 90, # 'B' + 67: 99, # 'C' + 68: 100, # 'D' + 69: 72, # 'E' + 70: 109, # 'F' + 71: 107, # 'G' + 72: 101, # 'H' + 73: 79, # 'I' + 74: 185, # 'J' + 75: 81, # 'K' + 76: 102, # 'L' + 77: 76, # 'M' + 78: 94, # 'N' + 79: 82, # 'O' + 80: 110, # 'P' + 81: 186, # 'Q' + 82: 108, # 'R' + 83: 91, # 'S' + 84: 74, # 'T' + 85: 119, # 'U' + 86: 84, # 'V' + 87: 96, # 'W' + 88: 111, # 'X' + 89: 187, # 'Y' + 90: 115, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 65, # 'a' + 98: 69, # 'b' + 99: 70, # 'c' + 100: 66, # 'd' + 101: 63, # 'e' + 102: 68, # 'f' + 103: 112, # 'g' + 104: 103, # 'h' + 105: 92, # 'i' + 106: 194, # 'j' + 107: 104, # 'k' + 108: 95, # 'l' + 109: 86, # 'm' + 110: 87, # 'n' + 111: 71, # 'o' + 112: 116, # 'p' + 113: 195, # 'q' + 114: 85, # 'r' + 115: 93, # 's' + 116: 97, # 't' + 117: 113, # 'u' + 118: 196, # 'v' + 119: 197, # 'w' + 120: 198, # 'x' + 121: 199, # 'y' + 122: 200, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 206, # 'Ђ' + 129: 207, # 'Ѓ' + 130: 208, # '‚' + 131: 209, # 'ѓ' + 132: 210, # '„' + 133: 211, # '…' + 134: 212, # '†' + 135: 213, # '‡' + 136: 120, # '€' + 137: 214, # '‰' + 138: 215, # 'Љ' + 139: 216, # '‹' + 140: 217, # 'Њ' + 141: 218, # 'Ќ' + 142: 219, # 'Ћ' + 143: 220, # 'Џ' + 144: 221, # 'ђ' + 145: 78, # '‘' + 146: 64, # '’' + 147: 83, # '“' + 148: 121, # '”' + 149: 98, # '•' + 150: 117, # '–' + 151: 105, # '—' + 152: 222, # None + 153: 223, # '™' + 154: 224, # 'љ' + 155: 225, # '›' + 156: 226, # 'њ' + 157: 227, # 'ќ' + 158: 228, # 'ћ' + 159: 229, # 'џ' + 160: 88, # '\xa0' + 161: 230, # 'Ў' + 162: 231, # 'ў' + 163: 232, # 'Ј' + 164: 233, # '¤' + 165: 122, # 'Ґ' + 166: 89, # '¦' + 167: 106, # '§' + 168: 234, # 'Ё' + 169: 235, # '©' + 170: 236, # 'Є' + 171: 237, # '«' + 172: 238, # '¬' + 173: 45, # '\xad' + 174: 239, # '®' + 175: 240, # 'Ї' + 176: 73, # '°' + 177: 80, # '±' + 178: 118, # 'І' + 179: 114, # 'і' + 180: 241, # 'ґ' + 181: 242, # 'µ' + 182: 243, # '¶' + 183: 244, # '·' + 184: 245, # 'ё' + 185: 62, # '№' + 186: 58, # 'є' + 187: 246, # '»' + 188: 247, # 'ј' + 189: 248, # 'Ѕ' + 190: 249, # 'ѕ' + 191: 250, # 'ї' + 192: 31, # 'А' + 193: 32, # 'Б' + 194: 35, # 'В' + 195: 43, # 'Г' + 196: 37, # 'Д' + 197: 44, # 'Е' + 198: 55, # 'Ж' + 199: 47, # 'З' + 200: 40, # 'И' + 201: 59, # 'Й' + 202: 33, # 'К' + 203: 46, # 'Л' + 204: 38, # 'М' + 205: 36, # 'Н' + 206: 41, # 'О' + 207: 30, # 'П' + 208: 39, # 'Р' + 209: 28, # 'С' + 210: 34, # 'Т' + 211: 51, # 'У' + 212: 48, # 'Ф' + 213: 49, # 'Х' + 214: 53, # 'Ц' + 215: 50, # 'Ч' + 216: 54, # 'Ш' + 217: 57, # 'Щ' + 218: 61, # 'Ъ' + 219: 251, # 'Ы' + 220: 67, # 'Ь' + 221: 252, # 'Э' + 222: 60, # 'Ю' + 223: 56, # 'Я' + 224: 1, # 'а' + 225: 18, # 'б' + 226: 9, # 'в' + 227: 20, # 'г' + 228: 11, # 'д' + 229: 3, # 'е' + 230: 23, # 'ж' + 231: 15, # 'з' + 232: 2, # 'и' + 233: 26, # 'й' + 234: 12, # 'к' + 235: 10, # 'л' + 236: 14, # 'м' + 237: 6, # 'н' + 238: 4, # 'о' + 239: 13, # 'п' + 240: 7, # 'р' + 241: 8, # 'с' + 242: 5, # 'т' + 243: 19, # 'у' + 244: 29, # 'ф' + 245: 25, # 'х' + 246: 22, # 'ц' + 247: 21, # 'ч' + 248: 27, # 'ш' + 249: 24, # 'щ' + 250: 17, # 'ъ' + 251: 75, # 'ы' + 252: 52, # 'ь' + 253: 253, # 'э' + 254: 42, # 'ю' + 255: 16, # 'я' +} + +WINDOWS_1251_BULGARIAN_MODEL = SingleByteCharSetModel(charset_name='windows-1251', + language='Bulgarian', + char_to_order_map=WINDOWS_1251_BULGARIAN_CHAR_TO_ORDER, + language_model=BULGARIAN_LANG_MODEL, + typical_positive_ratio=0.969392, + keep_ascii_letters=False, + alphabet='АБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЬЮЯабвгдежзийклмнопрстуфхцчшщъьюя') + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langgreekmodel.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langgreekmodel.py new file mode 100644 index 000000000..d99528ede --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langgreekmodel.py @@ -0,0 +1,4398 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel + + +# 3: Positive +# 2: Likely +# 1: Unlikely +# 0: Negative + +GREEK_LANG_MODEL = { + 60: { # 'e' + 60: 2, # 'e' + 55: 1, # 'o' + 58: 2, # 't' + 36: 1, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 1, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 55: { # 'o' + 60: 0, # 'e' + 55: 2, # 'o' + 58: 2, # 't' + 36: 1, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 1, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 1, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 58: { # 't' + 60: 2, # 'e' + 55: 1, # 'o' + 58: 1, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 2, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 1, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 36: { # '·' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 61: { # 'Ά' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 1, # 'γ' + 21: 2, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 2, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 1, # 'π' + 8: 2, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 46: { # 'Έ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 2, # 'β' + 20: 2, # 'γ' + 21: 0, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 2, # 'κ' + 16: 2, # 'λ' + 10: 0, # 'μ' + 6: 3, # 'ν' + 30: 2, # 'ξ' + 4: 0, # 'ο' + 9: 2, # 'π' + 8: 2, # 'ρ' + 14: 0, # 'ς' + 7: 1, # 'σ' + 2: 2, # 'τ' + 12: 0, # 'υ' + 28: 2, # 'φ' + 23: 3, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 54: { # 'Ό' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 2, # 'λ' + 10: 2, # 'μ' + 6: 2, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 2, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 2, # 'σ' + 2: 3, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 2, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 31: { # 'Α' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 2, # 'Β' + 43: 2, # 'Γ' + 41: 1, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 2, # 'Θ' + 47: 2, # 'Ι' + 44: 2, # 'Κ' + 53: 2, # 'Λ' + 38: 2, # 'Μ' + 49: 2, # 'Ν' + 59: 1, # 'Ξ' + 39: 0, # 'Ο' + 35: 2, # 'Π' + 48: 2, # 'Ρ' + 37: 2, # 'Σ' + 33: 2, # 'Τ' + 45: 2, # 'Υ' + 56: 2, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 2, # 'γ' + 21: 0, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 1, # 'θ' + 5: 0, # 'ι' + 11: 2, # 'κ' + 16: 3, # 'λ' + 10: 2, # 'μ' + 6: 3, # 'ν' + 30: 2, # 'ξ' + 4: 0, # 'ο' + 9: 3, # 'π' + 8: 3, # 'ρ' + 14: 2, # 'ς' + 7: 2, # 'σ' + 2: 0, # 'τ' + 12: 3, # 'υ' + 28: 2, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 2, # 'ύ' + 27: 0, # 'ώ' + }, + 51: { # 'Β' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 2, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 1, # 'Ε' + 40: 1, # 'Η' + 52: 0, # 'Θ' + 47: 1, # 'Ι' + 44: 0, # 'Κ' + 53: 1, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 2, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 2, # 'ά' + 18: 2, # 'έ' + 22: 2, # 'ή' + 15: 0, # 'ί' + 1: 2, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 2, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 2, # 'ι' + 11: 0, # 'κ' + 16: 2, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 2, # 'ο' + 9: 0, # 'π' + 8: 2, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 43: { # 'Γ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 1, # 'Α' + 51: 0, # 'Β' + 43: 2, # 'Γ' + 41: 0, # 'Δ' + 34: 2, # 'Ε' + 40: 1, # 'Η' + 52: 0, # 'Θ' + 47: 2, # 'Ι' + 44: 1, # 'Κ' + 53: 1, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 1, # 'Ο' + 35: 0, # 'Π' + 48: 2, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 2, # 'Υ' + 56: 0, # 'Φ' + 50: 1, # 'Χ' + 57: 2, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 2, # 'ί' + 1: 2, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 2, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 3, # 'ι' + 11: 0, # 'κ' + 16: 2, # 'λ' + 10: 0, # 'μ' + 6: 2, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 0, # 'π' + 8: 2, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 41: { # 'Δ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 2, # 'Ε' + 40: 2, # 'Η' + 52: 0, # 'Θ' + 47: 2, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 2, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 2, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 2, # 'ή' + 15: 2, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 2, # 'η' + 25: 0, # 'θ' + 5: 3, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 2, # 'ο' + 9: 0, # 'π' + 8: 2, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 2, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 2, # 'ω' + 19: 1, # 'ό' + 26: 2, # 'ύ' + 27: 2, # 'ώ' + }, + 34: { # 'Ε' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 2, # 'Α' + 51: 0, # 'Β' + 43: 2, # 'Γ' + 41: 2, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 2, # 'Ι' + 44: 2, # 'Κ' + 53: 2, # 'Λ' + 38: 2, # 'Μ' + 49: 2, # 'Ν' + 59: 1, # 'Ξ' + 39: 0, # 'Ο' + 35: 2, # 'Π' + 48: 2, # 'Ρ' + 37: 2, # 'Σ' + 33: 2, # 'Τ' + 45: 2, # 'Υ' + 56: 0, # 'Φ' + 50: 2, # 'Χ' + 57: 2, # 'Ω' + 17: 3, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 3, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 3, # 'γ' + 21: 2, # 'δ' + 3: 1, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 1, # 'θ' + 5: 2, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 2, # 'μ' + 6: 3, # 'ν' + 30: 2, # 'ξ' + 4: 0, # 'ο' + 9: 3, # 'π' + 8: 2, # 'ρ' + 14: 0, # 'ς' + 7: 2, # 'σ' + 2: 2, # 'τ' + 12: 2, # 'υ' + 28: 2, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 1, # 'ύ' + 27: 0, # 'ώ' + }, + 40: { # 'Η' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 1, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 2, # 'Θ' + 47: 0, # 'Ι' + 44: 2, # 'Κ' + 53: 0, # 'Λ' + 38: 2, # 'Μ' + 49: 2, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 2, # 'Π' + 48: 2, # 'Ρ' + 37: 2, # 'Σ' + 33: 2, # 'Τ' + 45: 1, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 2, # 'λ' + 10: 0, # 'μ' + 6: 1, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 1, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 52: { # 'Θ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 2, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 2, # 'Ε' + 40: 2, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 2, # 'Ο' + 35: 0, # 'Π' + 48: 1, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 1, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 2, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 2, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 2, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 2, # 'ύ' + 27: 0, # 'ώ' + }, + 47: { # 'Ι' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 2, # 'Α' + 51: 1, # 'Β' + 43: 1, # 'Γ' + 41: 2, # 'Δ' + 34: 2, # 'Ε' + 40: 2, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 2, # 'Κ' + 53: 2, # 'Λ' + 38: 2, # 'Μ' + 49: 2, # 'Ν' + 59: 0, # 'Ξ' + 39: 2, # 'Ο' + 35: 0, # 'Π' + 48: 2, # 'Ρ' + 37: 2, # 'Σ' + 33: 2, # 'Τ' + 45: 0, # 'Υ' + 56: 2, # 'Φ' + 50: 0, # 'Χ' + 57: 2, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 2, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 2, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 1, # 'ν' + 30: 0, # 'ξ' + 4: 2, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 2, # 'σ' + 2: 1, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 1, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 44: { # 'Κ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 2, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 1, # 'Δ' + 34: 2, # 'Ε' + 40: 2, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 1, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 2, # 'Ο' + 35: 0, # 'Π' + 48: 2, # 'Ρ' + 37: 0, # 'Σ' + 33: 1, # 'Τ' + 45: 2, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 1, # 'Ω' + 17: 3, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 2, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 2, # 'ι' + 11: 0, # 'κ' + 16: 2, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 2, # 'ο' + 9: 0, # 'π' + 8: 2, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 2, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 2, # 'ό' + 26: 2, # 'ύ' + 27: 2, # 'ώ' + }, + 53: { # 'Λ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 2, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 2, # 'Ε' + 40: 2, # 'Η' + 52: 0, # 'Θ' + 47: 2, # 'Ι' + 44: 0, # 'Κ' + 53: 2, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 2, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 2, # 'Σ' + 33: 0, # 'Τ' + 45: 2, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 2, # 'Ω' + 17: 2, # 'ά' + 18: 2, # 'έ' + 22: 0, # 'ή' + 15: 2, # 'ί' + 1: 2, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 2, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 1, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 2, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 2, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 2, # 'ό' + 26: 2, # 'ύ' + 27: 0, # 'ώ' + }, + 38: { # 'Μ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 2, # 'Α' + 51: 2, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 2, # 'Ε' + 40: 2, # 'Η' + 52: 0, # 'Θ' + 47: 2, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 2, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 2, # 'Ο' + 35: 2, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 2, # 'ά' + 18: 2, # 'έ' + 22: 2, # 'ή' + 15: 2, # 'ί' + 1: 2, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 2, # 'η' + 25: 0, # 'θ' + 5: 3, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 2, # 'ο' + 9: 3, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 2, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 2, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 49: { # 'Ν' + 60: 2, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 2, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 2, # 'Ε' + 40: 2, # 'Η' + 52: 0, # 'Θ' + 47: 2, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 2, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 2, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 2, # 'Ω' + 17: 0, # 'ά' + 18: 2, # 'έ' + 22: 0, # 'ή' + 15: 2, # 'ί' + 1: 2, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 1, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 2, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 1, # 'ω' + 19: 2, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 59: { # 'Ξ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 1, # 'Ε' + 40: 1, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 1, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 2, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 2, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 2, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 39: { # 'Ο' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 1, # 'Β' + 43: 2, # 'Γ' + 41: 2, # 'Δ' + 34: 2, # 'Ε' + 40: 1, # 'Η' + 52: 2, # 'Θ' + 47: 2, # 'Ι' + 44: 2, # 'Κ' + 53: 2, # 'Λ' + 38: 2, # 'Μ' + 49: 2, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 2, # 'Π' + 48: 2, # 'Ρ' + 37: 2, # 'Σ' + 33: 2, # 'Τ' + 45: 2, # 'Υ' + 56: 2, # 'Φ' + 50: 2, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 2, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 3, # 'ι' + 11: 2, # 'κ' + 16: 2, # 'λ' + 10: 2, # 'μ' + 6: 2, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 2, # 'π' + 8: 2, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 2, # 'τ' + 12: 2, # 'υ' + 28: 1, # 'φ' + 23: 1, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 2, # 'ύ' + 27: 0, # 'ώ' + }, + 35: { # 'Π' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 2, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 2, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 2, # 'Ι' + 44: 0, # 'Κ' + 53: 2, # 'Λ' + 38: 1, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 2, # 'Ο' + 35: 0, # 'Π' + 48: 2, # 'Ρ' + 37: 0, # 'Σ' + 33: 1, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 1, # 'Χ' + 57: 2, # 'Ω' + 17: 2, # 'ά' + 18: 1, # 'έ' + 22: 1, # 'ή' + 15: 2, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 2, # 'η' + 25: 0, # 'θ' + 5: 2, # 'ι' + 11: 0, # 'κ' + 16: 2, # 'λ' + 10: 0, # 'μ' + 6: 2, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 0, # 'π' + 8: 3, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 2, # 'υ' + 28: 0, # 'φ' + 23: 2, # 'χ' + 42: 0, # 'ψ' + 24: 2, # 'ω' + 19: 2, # 'ό' + 26: 0, # 'ύ' + 27: 3, # 'ώ' + }, + 48: { # 'Ρ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 2, # 'Α' + 51: 0, # 'Β' + 43: 1, # 'Γ' + 41: 1, # 'Δ' + 34: 2, # 'Ε' + 40: 2, # 'Η' + 52: 0, # 'Θ' + 47: 2, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 2, # 'Ν' + 59: 0, # 'Ξ' + 39: 2, # 'Ο' + 35: 0, # 'Π' + 48: 2, # 'Ρ' + 37: 0, # 'Σ' + 33: 1, # 'Τ' + 45: 1, # 'Υ' + 56: 0, # 'Φ' + 50: 1, # 'Χ' + 57: 1, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 2, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 1, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 3, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 2, # 'ω' + 19: 0, # 'ό' + 26: 2, # 'ύ' + 27: 0, # 'ώ' + }, + 37: { # 'Σ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 2, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 1, # 'Δ' + 34: 2, # 'Ε' + 40: 2, # 'Η' + 52: 0, # 'Θ' + 47: 2, # 'Ι' + 44: 2, # 'Κ' + 53: 0, # 'Λ' + 38: 2, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 2, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 2, # 'Σ' + 33: 2, # 'Τ' + 45: 2, # 'Υ' + 56: 0, # 'Φ' + 50: 2, # 'Χ' + 57: 2, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 2, # 'ή' + 15: 2, # 'ί' + 1: 2, # 'α' + 29: 2, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 0, # 'θ' + 5: 2, # 'ι' + 11: 2, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 2, # 'ο' + 9: 2, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 3, # 'τ' + 12: 3, # 'υ' + 28: 0, # 'φ' + 23: 2, # 'χ' + 42: 0, # 'ψ' + 24: 2, # 'ω' + 19: 0, # 'ό' + 26: 2, # 'ύ' + 27: 2, # 'ώ' + }, + 33: { # 'Τ' + 60: 0, # 'e' + 55: 1, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 2, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 2, # 'Ε' + 40: 2, # 'Η' + 52: 0, # 'Θ' + 47: 2, # 'Ι' + 44: 2, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 2, # 'Ο' + 35: 0, # 'Π' + 48: 2, # 'Ρ' + 37: 0, # 'Σ' + 33: 1, # 'Τ' + 45: 1, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 2, # 'Ω' + 17: 2, # 'ά' + 18: 2, # 'έ' + 22: 0, # 'ή' + 15: 2, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 2, # 'ε' + 32: 0, # 'ζ' + 13: 2, # 'η' + 25: 0, # 'θ' + 5: 2, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 2, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 0, # 'π' + 8: 2, # 'ρ' + 14: 0, # 'ς' + 7: 2, # 'σ' + 2: 0, # 'τ' + 12: 2, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 2, # 'ό' + 26: 2, # 'ύ' + 27: 3, # 'ώ' + }, + 45: { # 'Υ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 2, # 'Γ' + 41: 0, # 'Δ' + 34: 1, # 'Ε' + 40: 2, # 'Η' + 52: 2, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 1, # 'Λ' + 38: 2, # 'Μ' + 49: 2, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 2, # 'Π' + 48: 1, # 'Ρ' + 37: 2, # 'Σ' + 33: 2, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 1, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 2, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 3, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 56: { # 'Φ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 1, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 1, # 'Η' + 52: 0, # 'Θ' + 47: 2, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 2, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 2, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 2, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 2, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 2, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 2, # 'τ' + 12: 2, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 1, # 'ύ' + 27: 1, # 'ώ' + }, + 50: { # 'Χ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 1, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 2, # 'Ε' + 40: 2, # 'Η' + 52: 0, # 'Θ' + 47: 2, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 1, # 'Ν' + 59: 0, # 'Ξ' + 39: 1, # 'Ο' + 35: 0, # 'Π' + 48: 2, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 1, # 'Χ' + 57: 1, # 'Ω' + 17: 2, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 2, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 2, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 2, # 'ο' + 9: 0, # 'π' + 8: 3, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 2, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 2, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 57: { # 'Ω' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 1, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 1, # 'Λ' + 38: 0, # 'Μ' + 49: 2, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 2, # 'Ρ' + 37: 2, # 'Σ' + 33: 2, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 0, # 'π' + 8: 2, # 'ρ' + 14: 2, # 'ς' + 7: 2, # 'σ' + 2: 0, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 1, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 17: { # 'ά' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 2, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 3, # 'β' + 20: 3, # 'γ' + 21: 3, # 'δ' + 3: 3, # 'ε' + 32: 3, # 'ζ' + 13: 0, # 'η' + 25: 3, # 'θ' + 5: 2, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 3, # 'ξ' + 4: 0, # 'ο' + 9: 3, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 0, # 'υ' + 28: 3, # 'φ' + 23: 3, # 'χ' + 42: 3, # 'ψ' + 24: 2, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 18: { # 'έ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 3, # 'α' + 29: 2, # 'β' + 20: 3, # 'γ' + 21: 2, # 'δ' + 3: 3, # 'ε' + 32: 2, # 'ζ' + 13: 0, # 'η' + 25: 3, # 'θ' + 5: 0, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 3, # 'ξ' + 4: 3, # 'ο' + 9: 3, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 0, # 'υ' + 28: 3, # 'φ' + 23: 3, # 'χ' + 42: 3, # 'ψ' + 24: 2, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 22: { # 'ή' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 1, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 3, # 'γ' + 21: 3, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 3, # 'θ' + 5: 0, # 'ι' + 11: 3, # 'κ' + 16: 2, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 2, # 'ξ' + 4: 0, # 'ο' + 9: 3, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 0, # 'υ' + 28: 2, # 'φ' + 23: 3, # 'χ' + 42: 2, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 15: { # 'ί' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 3, # 'α' + 29: 2, # 'β' + 20: 3, # 'γ' + 21: 3, # 'δ' + 3: 3, # 'ε' + 32: 3, # 'ζ' + 13: 3, # 'η' + 25: 3, # 'θ' + 5: 0, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 3, # 'ξ' + 4: 3, # 'ο' + 9: 3, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 0, # 'υ' + 28: 1, # 'φ' + 23: 3, # 'χ' + 42: 2, # 'ψ' + 24: 3, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 1: { # 'α' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 2, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 2, # 'έ' + 22: 0, # 'ή' + 15: 3, # 'ί' + 1: 0, # 'α' + 29: 3, # 'β' + 20: 3, # 'γ' + 21: 3, # 'δ' + 3: 2, # 'ε' + 32: 3, # 'ζ' + 13: 1, # 'η' + 25: 3, # 'θ' + 5: 3, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 3, # 'ξ' + 4: 2, # 'ο' + 9: 3, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 3, # 'υ' + 28: 3, # 'φ' + 23: 3, # 'χ' + 42: 2, # 'ψ' + 24: 0, # 'ω' + 19: 2, # 'ό' + 26: 2, # 'ύ' + 27: 0, # 'ώ' + }, + 29: { # 'β' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 3, # 'ά' + 18: 2, # 'έ' + 22: 3, # 'ή' + 15: 2, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 2, # 'γ' + 21: 2, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 2, # 'η' + 25: 0, # 'θ' + 5: 3, # 'ι' + 11: 0, # 'κ' + 16: 3, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 0, # 'π' + 8: 3, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 2, # 'ω' + 19: 2, # 'ό' + 26: 2, # 'ύ' + 27: 2, # 'ώ' + }, + 20: { # 'γ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 3, # 'ά' + 18: 3, # 'έ' + 22: 3, # 'ή' + 15: 3, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 3, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 0, # 'θ' + 5: 3, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 3, # 'ξ' + 4: 3, # 'ο' + 9: 0, # 'π' + 8: 3, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 2, # 'υ' + 28: 0, # 'φ' + 23: 3, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 2, # 'ύ' + 27: 3, # 'ώ' + }, + 21: { # 'δ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 2, # 'ά' + 18: 3, # 'έ' + 22: 3, # 'ή' + 15: 3, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 0, # 'θ' + 5: 3, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 0, # 'π' + 8: 3, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 3, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 3, # 'ύ' + 27: 3, # 'ώ' + }, + 3: { # 'ε' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 2, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 3, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 3, # 'ί' + 1: 2, # 'α' + 29: 3, # 'β' + 20: 3, # 'γ' + 21: 3, # 'δ' + 3: 2, # 'ε' + 32: 2, # 'ζ' + 13: 0, # 'η' + 25: 3, # 'θ' + 5: 3, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 3, # 'ξ' + 4: 2, # 'ο' + 9: 3, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 3, # 'υ' + 28: 3, # 'φ' + 23: 3, # 'χ' + 42: 2, # 'ψ' + 24: 3, # 'ω' + 19: 2, # 'ό' + 26: 3, # 'ύ' + 27: 2, # 'ώ' + }, + 32: { # 'ζ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 2, # 'ά' + 18: 2, # 'έ' + 22: 2, # 'ή' + 15: 2, # 'ί' + 1: 2, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 0, # 'θ' + 5: 2, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 1, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 2, # 'ό' + 26: 0, # 'ύ' + 27: 2, # 'ώ' + }, + 13: { # 'η' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 2, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 3, # 'γ' + 21: 2, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 3, # 'θ' + 5: 0, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 2, # 'ξ' + 4: 0, # 'ο' + 9: 2, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 0, # 'υ' + 28: 2, # 'φ' + 23: 3, # 'χ' + 42: 2, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 25: { # 'θ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 2, # 'ά' + 18: 3, # 'έ' + 22: 3, # 'ή' + 15: 2, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 0, # 'θ' + 5: 3, # 'ι' + 11: 0, # 'κ' + 16: 1, # 'λ' + 10: 3, # 'μ' + 6: 2, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 0, # 'π' + 8: 3, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 3, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 3, # 'ύ' + 27: 3, # 'ώ' + }, + 5: { # 'ι' + 60: 0, # 'e' + 55: 1, # 'o' + 58: 0, # 't' + 36: 2, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 1, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 3, # 'ά' + 18: 3, # 'έ' + 22: 3, # 'ή' + 15: 0, # 'ί' + 1: 3, # 'α' + 29: 3, # 'β' + 20: 3, # 'γ' + 21: 3, # 'δ' + 3: 3, # 'ε' + 32: 2, # 'ζ' + 13: 3, # 'η' + 25: 3, # 'θ' + 5: 0, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 3, # 'ξ' + 4: 3, # 'ο' + 9: 3, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 0, # 'υ' + 28: 2, # 'φ' + 23: 3, # 'χ' + 42: 2, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 0, # 'ύ' + 27: 3, # 'ώ' + }, + 11: { # 'κ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 3, # 'ά' + 18: 3, # 'έ' + 22: 3, # 'ή' + 15: 3, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 3, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 2, # 'θ' + 5: 3, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 3, # 'μ' + 6: 2, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 2, # 'π' + 8: 3, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 3, # 'τ' + 12: 3, # 'υ' + 28: 2, # 'φ' + 23: 2, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 3, # 'ύ' + 27: 3, # 'ώ' + }, + 16: { # 'λ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 3, # 'ά' + 18: 3, # 'έ' + 22: 3, # 'ή' + 15: 3, # 'ί' + 1: 3, # 'α' + 29: 1, # 'β' + 20: 2, # 'γ' + 21: 1, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 2, # 'θ' + 5: 3, # 'ι' + 11: 2, # 'κ' + 16: 3, # 'λ' + 10: 2, # 'μ' + 6: 2, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 3, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 3, # 'τ' + 12: 3, # 'υ' + 28: 2, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 3, # 'ύ' + 27: 3, # 'ώ' + }, + 10: { # 'μ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 1, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 3, # 'ά' + 18: 3, # 'έ' + 22: 3, # 'ή' + 15: 3, # 'ί' + 1: 3, # 'α' + 29: 3, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 0, # 'θ' + 5: 3, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 3, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 2, # 'υ' + 28: 3, # 'φ' + 23: 0, # 'χ' + 42: 2, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 2, # 'ύ' + 27: 2, # 'ώ' + }, + 6: { # 'ν' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 2, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 3, # 'ά' + 18: 3, # 'έ' + 22: 3, # 'ή' + 15: 3, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 3, # 'δ' + 3: 3, # 'ε' + 32: 2, # 'ζ' + 13: 3, # 'η' + 25: 3, # 'θ' + 5: 3, # 'ι' + 11: 0, # 'κ' + 16: 1, # 'λ' + 10: 0, # 'μ' + 6: 2, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 3, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 3, # 'ύ' + 27: 3, # 'ώ' + }, + 30: { # 'ξ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 2, # 'ά' + 18: 3, # 'έ' + 22: 3, # 'ή' + 15: 2, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 0, # 'θ' + 5: 2, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 3, # 'τ' + 12: 2, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 2, # 'ό' + 26: 3, # 'ύ' + 27: 1, # 'ώ' + }, + 4: { # 'ο' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 2, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 2, # 'έ' + 22: 3, # 'ή' + 15: 3, # 'ί' + 1: 2, # 'α' + 29: 3, # 'β' + 20: 3, # 'γ' + 21: 3, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 3, # 'θ' + 5: 3, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 2, # 'ξ' + 4: 2, # 'ο' + 9: 3, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 3, # 'υ' + 28: 3, # 'φ' + 23: 3, # 'χ' + 42: 2, # 'ψ' + 24: 2, # 'ω' + 19: 1, # 'ό' + 26: 3, # 'ύ' + 27: 2, # 'ώ' + }, + 9: { # 'π' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 3, # 'ά' + 18: 3, # 'έ' + 22: 3, # 'ή' + 15: 3, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 0, # 'θ' + 5: 3, # 'ι' + 11: 0, # 'κ' + 16: 3, # 'λ' + 10: 0, # 'μ' + 6: 2, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 0, # 'π' + 8: 3, # 'ρ' + 14: 2, # 'ς' + 7: 0, # 'σ' + 2: 3, # 'τ' + 12: 3, # 'υ' + 28: 0, # 'φ' + 23: 2, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 2, # 'ύ' + 27: 3, # 'ώ' + }, + 8: { # 'ρ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 3, # 'ά' + 18: 3, # 'έ' + 22: 3, # 'ή' + 15: 3, # 'ί' + 1: 3, # 'α' + 29: 2, # 'β' + 20: 3, # 'γ' + 21: 2, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 3, # 'θ' + 5: 3, # 'ι' + 11: 3, # 'κ' + 16: 1, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 2, # 'ξ' + 4: 3, # 'ο' + 9: 2, # 'π' + 8: 2, # 'ρ' + 14: 0, # 'ς' + 7: 2, # 'σ' + 2: 3, # 'τ' + 12: 3, # 'υ' + 28: 3, # 'φ' + 23: 3, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 3, # 'ύ' + 27: 3, # 'ώ' + }, + 14: { # 'ς' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 2, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 0, # 'θ' + 5: 0, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 0, # 'τ' + 12: 0, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 7: { # 'σ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 2, # 'ά' + 18: 2, # 'έ' + 22: 3, # 'ή' + 15: 3, # 'ί' + 1: 3, # 'α' + 29: 3, # 'β' + 20: 0, # 'γ' + 21: 2, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 3, # 'θ' + 5: 3, # 'ι' + 11: 3, # 'κ' + 16: 2, # 'λ' + 10: 3, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 3, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 3, # 'υ' + 28: 3, # 'φ' + 23: 3, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 3, # 'ύ' + 27: 2, # 'ώ' + }, + 2: { # 'τ' + 60: 0, # 'e' + 55: 2, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 3, # 'ά' + 18: 3, # 'έ' + 22: 3, # 'ή' + 15: 3, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 2, # 'ζ' + 13: 3, # 'η' + 25: 0, # 'θ' + 5: 3, # 'ι' + 11: 2, # 'κ' + 16: 2, # 'λ' + 10: 3, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 0, # 'π' + 8: 3, # 'ρ' + 14: 0, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 3, # 'υ' + 28: 2, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 3, # 'ύ' + 27: 3, # 'ώ' + }, + 12: { # 'υ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 2, # 'ά' + 18: 2, # 'έ' + 22: 3, # 'ή' + 15: 2, # 'ί' + 1: 3, # 'α' + 29: 2, # 'β' + 20: 3, # 'γ' + 21: 2, # 'δ' + 3: 2, # 'ε' + 32: 2, # 'ζ' + 13: 2, # 'η' + 25: 3, # 'θ' + 5: 2, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 3, # 'ξ' + 4: 3, # 'ο' + 9: 3, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 0, # 'υ' + 28: 2, # 'φ' + 23: 3, # 'χ' + 42: 2, # 'ψ' + 24: 2, # 'ω' + 19: 2, # 'ό' + 26: 0, # 'ύ' + 27: 2, # 'ώ' + }, + 28: { # 'φ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 3, # 'ά' + 18: 3, # 'έ' + 22: 3, # 'ή' + 15: 3, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 2, # 'η' + 25: 2, # 'θ' + 5: 3, # 'ι' + 11: 0, # 'κ' + 16: 2, # 'λ' + 10: 0, # 'μ' + 6: 1, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 0, # 'π' + 8: 3, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 3, # 'τ' + 12: 3, # 'υ' + 28: 1, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 2, # 'ύ' + 27: 2, # 'ώ' + }, + 23: { # 'χ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 3, # 'ά' + 18: 2, # 'έ' + 22: 3, # 'ή' + 15: 3, # 'ί' + 1: 3, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 2, # 'η' + 25: 2, # 'θ' + 5: 3, # 'ι' + 11: 0, # 'κ' + 16: 2, # 'λ' + 10: 2, # 'μ' + 6: 3, # 'ν' + 30: 0, # 'ξ' + 4: 3, # 'ο' + 9: 0, # 'π' + 8: 3, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 3, # 'τ' + 12: 3, # 'υ' + 28: 0, # 'φ' + 23: 2, # 'χ' + 42: 0, # 'ψ' + 24: 3, # 'ω' + 19: 3, # 'ό' + 26: 3, # 'ύ' + 27: 3, # 'ώ' + }, + 42: { # 'ψ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 2, # 'ά' + 18: 2, # 'έ' + 22: 1, # 'ή' + 15: 2, # 'ί' + 1: 2, # 'α' + 29: 0, # 'β' + 20: 0, # 'γ' + 21: 0, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 3, # 'η' + 25: 0, # 'θ' + 5: 2, # 'ι' + 11: 0, # 'κ' + 16: 0, # 'λ' + 10: 0, # 'μ' + 6: 0, # 'ν' + 30: 0, # 'ξ' + 4: 2, # 'ο' + 9: 0, # 'π' + 8: 0, # 'ρ' + 14: 0, # 'ς' + 7: 0, # 'σ' + 2: 2, # 'τ' + 12: 1, # 'υ' + 28: 0, # 'φ' + 23: 0, # 'χ' + 42: 0, # 'ψ' + 24: 2, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 24: { # 'ω' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 1, # 'ά' + 18: 0, # 'έ' + 22: 2, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 2, # 'β' + 20: 3, # 'γ' + 21: 2, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 0, # 'η' + 25: 3, # 'θ' + 5: 2, # 'ι' + 11: 0, # 'κ' + 16: 2, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 0, # 'ξ' + 4: 0, # 'ο' + 9: 3, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 0, # 'υ' + 28: 2, # 'φ' + 23: 2, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 19: { # 'ό' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 3, # 'β' + 20: 3, # 'γ' + 21: 3, # 'δ' + 3: 1, # 'ε' + 32: 2, # 'ζ' + 13: 2, # 'η' + 25: 2, # 'θ' + 5: 2, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 1, # 'ξ' + 4: 2, # 'ο' + 9: 3, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 0, # 'υ' + 28: 2, # 'φ' + 23: 3, # 'χ' + 42: 2, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 26: { # 'ύ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 2, # 'α' + 29: 2, # 'β' + 20: 2, # 'γ' + 21: 1, # 'δ' + 3: 3, # 'ε' + 32: 0, # 'ζ' + 13: 2, # 'η' + 25: 3, # 'θ' + 5: 0, # 'ι' + 11: 3, # 'κ' + 16: 3, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 2, # 'ξ' + 4: 3, # 'ο' + 9: 3, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 0, # 'υ' + 28: 2, # 'φ' + 23: 2, # 'χ' + 42: 2, # 'ψ' + 24: 2, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, + 27: { # 'ώ' + 60: 0, # 'e' + 55: 0, # 'o' + 58: 0, # 't' + 36: 0, # '·' + 61: 0, # 'Ά' + 46: 0, # 'Έ' + 54: 0, # 'Ό' + 31: 0, # 'Α' + 51: 0, # 'Β' + 43: 0, # 'Γ' + 41: 0, # 'Δ' + 34: 0, # 'Ε' + 40: 0, # 'Η' + 52: 0, # 'Θ' + 47: 0, # 'Ι' + 44: 0, # 'Κ' + 53: 0, # 'Λ' + 38: 0, # 'Μ' + 49: 0, # 'Ν' + 59: 0, # 'Ξ' + 39: 0, # 'Ο' + 35: 0, # 'Π' + 48: 0, # 'Ρ' + 37: 0, # 'Σ' + 33: 0, # 'Τ' + 45: 0, # 'Υ' + 56: 0, # 'Φ' + 50: 0, # 'Χ' + 57: 0, # 'Ω' + 17: 0, # 'ά' + 18: 0, # 'έ' + 22: 0, # 'ή' + 15: 0, # 'ί' + 1: 0, # 'α' + 29: 1, # 'β' + 20: 0, # 'γ' + 21: 3, # 'δ' + 3: 0, # 'ε' + 32: 0, # 'ζ' + 13: 1, # 'η' + 25: 2, # 'θ' + 5: 2, # 'ι' + 11: 0, # 'κ' + 16: 2, # 'λ' + 10: 3, # 'μ' + 6: 3, # 'ν' + 30: 1, # 'ξ' + 4: 0, # 'ο' + 9: 2, # 'π' + 8: 3, # 'ρ' + 14: 3, # 'ς' + 7: 3, # 'σ' + 2: 3, # 'τ' + 12: 0, # 'υ' + 28: 1, # 'φ' + 23: 1, # 'χ' + 42: 0, # 'ψ' + 24: 0, # 'ω' + 19: 0, # 'ό' + 26: 0, # 'ύ' + 27: 0, # 'ώ' + }, +} + +# 255: Undefined characters that did not exist in training text +# 254: Carriage/Return +# 253: symbol (punctuation) that does not belong to word +# 252: 0 - 9 +# 251: Control characters + +# Character Mapping Table(s): +WINDOWS_1253_GREEK_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 82, # 'A' + 66: 100, # 'B' + 67: 104, # 'C' + 68: 94, # 'D' + 69: 98, # 'E' + 70: 101, # 'F' + 71: 116, # 'G' + 72: 102, # 'H' + 73: 111, # 'I' + 74: 187, # 'J' + 75: 117, # 'K' + 76: 92, # 'L' + 77: 88, # 'M' + 78: 113, # 'N' + 79: 85, # 'O' + 80: 79, # 'P' + 81: 118, # 'Q' + 82: 105, # 'R' + 83: 83, # 'S' + 84: 67, # 'T' + 85: 114, # 'U' + 86: 119, # 'V' + 87: 95, # 'W' + 88: 99, # 'X' + 89: 109, # 'Y' + 90: 188, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 72, # 'a' + 98: 70, # 'b' + 99: 80, # 'c' + 100: 81, # 'd' + 101: 60, # 'e' + 102: 96, # 'f' + 103: 93, # 'g' + 104: 89, # 'h' + 105: 68, # 'i' + 106: 120, # 'j' + 107: 97, # 'k' + 108: 77, # 'l' + 109: 86, # 'm' + 110: 69, # 'n' + 111: 55, # 'o' + 112: 78, # 'p' + 113: 115, # 'q' + 114: 65, # 'r' + 115: 66, # 's' + 116: 58, # 't' + 117: 76, # 'u' + 118: 106, # 'v' + 119: 103, # 'w' + 120: 87, # 'x' + 121: 107, # 'y' + 122: 112, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 255, # '€' + 129: 255, # None + 130: 255, # '‚' + 131: 255, # 'ƒ' + 132: 255, # '„' + 133: 255, # '…' + 134: 255, # '†' + 135: 255, # '‡' + 136: 255, # None + 137: 255, # '‰' + 138: 255, # None + 139: 255, # '‹' + 140: 255, # None + 141: 255, # None + 142: 255, # None + 143: 255, # None + 144: 255, # None + 145: 255, # '‘' + 146: 255, # '’' + 147: 255, # '“' + 148: 255, # '”' + 149: 255, # '•' + 150: 255, # '–' + 151: 255, # '—' + 152: 255, # None + 153: 255, # '™' + 154: 255, # None + 155: 255, # '›' + 156: 255, # None + 157: 255, # None + 158: 255, # None + 159: 255, # None + 160: 253, # '\xa0' + 161: 233, # '΅' + 162: 61, # 'Ά' + 163: 253, # '£' + 164: 253, # '¤' + 165: 253, # '¥' + 166: 253, # '¦' + 167: 253, # '§' + 168: 253, # '¨' + 169: 253, # '©' + 170: 253, # None + 171: 253, # '«' + 172: 253, # '¬' + 173: 74, # '\xad' + 174: 253, # '®' + 175: 253, # '―' + 176: 253, # '°' + 177: 253, # '±' + 178: 253, # '²' + 179: 253, # '³' + 180: 247, # '΄' + 181: 253, # 'µ' + 182: 253, # '¶' + 183: 36, # '·' + 184: 46, # 'Έ' + 185: 71, # 'Ή' + 186: 73, # 'Ί' + 187: 253, # '»' + 188: 54, # 'Ό' + 189: 253, # '½' + 190: 108, # 'Ύ' + 191: 123, # 'Ώ' + 192: 110, # 'ΐ' + 193: 31, # 'Α' + 194: 51, # 'Β' + 195: 43, # 'Γ' + 196: 41, # 'Δ' + 197: 34, # 'Ε' + 198: 91, # 'Ζ' + 199: 40, # 'Η' + 200: 52, # 'Θ' + 201: 47, # 'Ι' + 202: 44, # 'Κ' + 203: 53, # 'Λ' + 204: 38, # 'Μ' + 205: 49, # 'Ν' + 206: 59, # 'Ξ' + 207: 39, # 'Ο' + 208: 35, # 'Π' + 209: 48, # 'Ρ' + 210: 250, # None + 211: 37, # 'Σ' + 212: 33, # 'Τ' + 213: 45, # 'Υ' + 214: 56, # 'Φ' + 215: 50, # 'Χ' + 216: 84, # 'Ψ' + 217: 57, # 'Ω' + 218: 120, # 'Ϊ' + 219: 121, # 'Ϋ' + 220: 17, # 'ά' + 221: 18, # 'έ' + 222: 22, # 'ή' + 223: 15, # 'ί' + 224: 124, # 'ΰ' + 225: 1, # 'α' + 226: 29, # 'β' + 227: 20, # 'γ' + 228: 21, # 'δ' + 229: 3, # 'ε' + 230: 32, # 'ζ' + 231: 13, # 'η' + 232: 25, # 'θ' + 233: 5, # 'ι' + 234: 11, # 'κ' + 235: 16, # 'λ' + 236: 10, # 'μ' + 237: 6, # 'ν' + 238: 30, # 'ξ' + 239: 4, # 'ο' + 240: 9, # 'π' + 241: 8, # 'ρ' + 242: 14, # 'ς' + 243: 7, # 'σ' + 244: 2, # 'τ' + 245: 12, # 'υ' + 246: 28, # 'φ' + 247: 23, # 'χ' + 248: 42, # 'ψ' + 249: 24, # 'ω' + 250: 64, # 'ϊ' + 251: 75, # 'ϋ' + 252: 19, # 'ό' + 253: 26, # 'ύ' + 254: 27, # 'ώ' + 255: 253, # None +} + +WINDOWS_1253_GREEK_MODEL = SingleByteCharSetModel(charset_name='windows-1253', + language='Greek', + char_to_order_map=WINDOWS_1253_GREEK_CHAR_TO_ORDER, + language_model=GREEK_LANG_MODEL, + typical_positive_ratio=0.982851, + keep_ascii_letters=False, + alphabet='ΆΈΉΊΌΎΏΑΒΓΔΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΩάέήίαβγδεζηθικλμνξοπρςστυφχψωόύώ') + +ISO_8859_7_GREEK_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 82, # 'A' + 66: 100, # 'B' + 67: 104, # 'C' + 68: 94, # 'D' + 69: 98, # 'E' + 70: 101, # 'F' + 71: 116, # 'G' + 72: 102, # 'H' + 73: 111, # 'I' + 74: 187, # 'J' + 75: 117, # 'K' + 76: 92, # 'L' + 77: 88, # 'M' + 78: 113, # 'N' + 79: 85, # 'O' + 80: 79, # 'P' + 81: 118, # 'Q' + 82: 105, # 'R' + 83: 83, # 'S' + 84: 67, # 'T' + 85: 114, # 'U' + 86: 119, # 'V' + 87: 95, # 'W' + 88: 99, # 'X' + 89: 109, # 'Y' + 90: 188, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 72, # 'a' + 98: 70, # 'b' + 99: 80, # 'c' + 100: 81, # 'd' + 101: 60, # 'e' + 102: 96, # 'f' + 103: 93, # 'g' + 104: 89, # 'h' + 105: 68, # 'i' + 106: 120, # 'j' + 107: 97, # 'k' + 108: 77, # 'l' + 109: 86, # 'm' + 110: 69, # 'n' + 111: 55, # 'o' + 112: 78, # 'p' + 113: 115, # 'q' + 114: 65, # 'r' + 115: 66, # 's' + 116: 58, # 't' + 117: 76, # 'u' + 118: 106, # 'v' + 119: 103, # 'w' + 120: 87, # 'x' + 121: 107, # 'y' + 122: 112, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 255, # '\x80' + 129: 255, # '\x81' + 130: 255, # '\x82' + 131: 255, # '\x83' + 132: 255, # '\x84' + 133: 255, # '\x85' + 134: 255, # '\x86' + 135: 255, # '\x87' + 136: 255, # '\x88' + 137: 255, # '\x89' + 138: 255, # '\x8a' + 139: 255, # '\x8b' + 140: 255, # '\x8c' + 141: 255, # '\x8d' + 142: 255, # '\x8e' + 143: 255, # '\x8f' + 144: 255, # '\x90' + 145: 255, # '\x91' + 146: 255, # '\x92' + 147: 255, # '\x93' + 148: 255, # '\x94' + 149: 255, # '\x95' + 150: 255, # '\x96' + 151: 255, # '\x97' + 152: 255, # '\x98' + 153: 255, # '\x99' + 154: 255, # '\x9a' + 155: 255, # '\x9b' + 156: 255, # '\x9c' + 157: 255, # '\x9d' + 158: 255, # '\x9e' + 159: 255, # '\x9f' + 160: 253, # '\xa0' + 161: 233, # '‘' + 162: 90, # '’' + 163: 253, # '£' + 164: 253, # '€' + 165: 253, # '₯' + 166: 253, # '¦' + 167: 253, # '§' + 168: 253, # '¨' + 169: 253, # '©' + 170: 253, # 'ͺ' + 171: 253, # '«' + 172: 253, # '¬' + 173: 74, # '\xad' + 174: 253, # None + 175: 253, # '―' + 176: 253, # '°' + 177: 253, # '±' + 178: 253, # '²' + 179: 253, # '³' + 180: 247, # '΄' + 181: 248, # '΅' + 182: 61, # 'Ά' + 183: 36, # '·' + 184: 46, # 'Έ' + 185: 71, # 'Ή' + 186: 73, # 'Ί' + 187: 253, # '»' + 188: 54, # 'Ό' + 189: 253, # '½' + 190: 108, # 'Ύ' + 191: 123, # 'Ώ' + 192: 110, # 'ΐ' + 193: 31, # 'Α' + 194: 51, # 'Β' + 195: 43, # 'Γ' + 196: 41, # 'Δ' + 197: 34, # 'Ε' + 198: 91, # 'Ζ' + 199: 40, # 'Η' + 200: 52, # 'Θ' + 201: 47, # 'Ι' + 202: 44, # 'Κ' + 203: 53, # 'Λ' + 204: 38, # 'Μ' + 205: 49, # 'Ν' + 206: 59, # 'Ξ' + 207: 39, # 'Ο' + 208: 35, # 'Π' + 209: 48, # 'Ρ' + 210: 250, # None + 211: 37, # 'Σ' + 212: 33, # 'Τ' + 213: 45, # 'Υ' + 214: 56, # 'Φ' + 215: 50, # 'Χ' + 216: 84, # 'Ψ' + 217: 57, # 'Ω' + 218: 120, # 'Ϊ' + 219: 121, # 'Ϋ' + 220: 17, # 'ά' + 221: 18, # 'έ' + 222: 22, # 'ή' + 223: 15, # 'ί' + 224: 124, # 'ΰ' + 225: 1, # 'α' + 226: 29, # 'β' + 227: 20, # 'γ' + 228: 21, # 'δ' + 229: 3, # 'ε' + 230: 32, # 'ζ' + 231: 13, # 'η' + 232: 25, # 'θ' + 233: 5, # 'ι' + 234: 11, # 'κ' + 235: 16, # 'λ' + 236: 10, # 'μ' + 237: 6, # 'ν' + 238: 30, # 'ξ' + 239: 4, # 'ο' + 240: 9, # 'π' + 241: 8, # 'ρ' + 242: 14, # 'ς' + 243: 7, # 'σ' + 244: 2, # 'τ' + 245: 12, # 'υ' + 246: 28, # 'φ' + 247: 23, # 'χ' + 248: 42, # 'ψ' + 249: 24, # 'ω' + 250: 64, # 'ϊ' + 251: 75, # 'ϋ' + 252: 19, # 'ό' + 253: 26, # 'ύ' + 254: 27, # 'ώ' + 255: 253, # None +} + +ISO_8859_7_GREEK_MODEL = SingleByteCharSetModel(charset_name='ISO-8859-7', + language='Greek', + char_to_order_map=ISO_8859_7_GREEK_CHAR_TO_ORDER, + language_model=GREEK_LANG_MODEL, + typical_positive_ratio=0.982851, + keep_ascii_letters=False, + alphabet='ΆΈΉΊΌΎΏΑΒΓΔΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΩάέήίαβγδεζηθικλμνξοπρςστυφχψωόύώ') + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langhebrewmodel.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langhebrewmodel.py new file mode 100644 index 000000000..484c652a4 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langhebrewmodel.py @@ -0,0 +1,4383 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel + + +# 3: Positive +# 2: Likely +# 1: Unlikely +# 0: Negative + +HEBREW_LANG_MODEL = { + 50: { # 'a' + 50: 0, # 'a' + 60: 1, # 'c' + 61: 1, # 'd' + 42: 1, # 'e' + 53: 1, # 'i' + 56: 2, # 'l' + 54: 2, # 'n' + 49: 0, # 'o' + 51: 2, # 'r' + 43: 1, # 's' + 44: 2, # 't' + 63: 1, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 1, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 1, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 1, # 'ק' + 7: 0, # 'ר' + 10: 1, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 1, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 60: { # 'c' + 50: 1, # 'a' + 60: 1, # 'c' + 61: 0, # 'd' + 42: 1, # 'e' + 53: 1, # 'i' + 56: 1, # 'l' + 54: 0, # 'n' + 49: 1, # 'o' + 51: 1, # 'r' + 43: 1, # 's' + 44: 2, # 't' + 63: 1, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 1, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 1, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 1, # 'מ' + 23: 0, # 'ן' + 12: 1, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 61: { # 'd' + 50: 1, # 'a' + 60: 0, # 'c' + 61: 1, # 'd' + 42: 1, # 'e' + 53: 1, # 'i' + 56: 1, # 'l' + 54: 1, # 'n' + 49: 2, # 'o' + 51: 1, # 'r' + 43: 1, # 's' + 44: 0, # 't' + 63: 1, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 1, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 1, # '–' + 52: 1, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 42: { # 'e' + 50: 1, # 'a' + 60: 1, # 'c' + 61: 2, # 'd' + 42: 1, # 'e' + 53: 1, # 'i' + 56: 2, # 'l' + 54: 2, # 'n' + 49: 1, # 'o' + 51: 2, # 'r' + 43: 2, # 's' + 44: 2, # 't' + 63: 1, # 'u' + 34: 1, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 1, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 1, # '–' + 52: 2, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 53: { # 'i' + 50: 1, # 'a' + 60: 2, # 'c' + 61: 1, # 'd' + 42: 1, # 'e' + 53: 0, # 'i' + 56: 1, # 'l' + 54: 2, # 'n' + 49: 2, # 'o' + 51: 1, # 'r' + 43: 2, # 's' + 44: 2, # 't' + 63: 1, # 'u' + 34: 0, # '\xa0' + 55: 1, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 1, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 56: { # 'l' + 50: 1, # 'a' + 60: 1, # 'c' + 61: 1, # 'd' + 42: 2, # 'e' + 53: 2, # 'i' + 56: 2, # 'l' + 54: 1, # 'n' + 49: 1, # 'o' + 51: 0, # 'r' + 43: 1, # 's' + 44: 1, # 't' + 63: 1, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 1, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 54: { # 'n' + 50: 1, # 'a' + 60: 1, # 'c' + 61: 1, # 'd' + 42: 1, # 'e' + 53: 1, # 'i' + 56: 1, # 'l' + 54: 1, # 'n' + 49: 1, # 'o' + 51: 0, # 'r' + 43: 1, # 's' + 44: 2, # 't' + 63: 1, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 1, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 2, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 49: { # 'o' + 50: 1, # 'a' + 60: 1, # 'c' + 61: 1, # 'd' + 42: 1, # 'e' + 53: 1, # 'i' + 56: 1, # 'l' + 54: 2, # 'n' + 49: 1, # 'o' + 51: 2, # 'r' + 43: 1, # 's' + 44: 1, # 't' + 63: 1, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 1, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 51: { # 'r' + 50: 2, # 'a' + 60: 1, # 'c' + 61: 1, # 'd' + 42: 2, # 'e' + 53: 1, # 'i' + 56: 1, # 'l' + 54: 1, # 'n' + 49: 2, # 'o' + 51: 1, # 'r' + 43: 1, # 's' + 44: 1, # 't' + 63: 1, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 2, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 43: { # 's' + 50: 1, # 'a' + 60: 1, # 'c' + 61: 0, # 'd' + 42: 2, # 'e' + 53: 1, # 'i' + 56: 1, # 'l' + 54: 1, # 'n' + 49: 1, # 'o' + 51: 1, # 'r' + 43: 1, # 's' + 44: 2, # 't' + 63: 1, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 1, # '’' + 47: 0, # '“' + 46: 2, # '”' + 58: 0, # '†' + 40: 2, # '…' + }, + 44: { # 't' + 50: 1, # 'a' + 60: 1, # 'c' + 61: 0, # 'd' + 42: 2, # 'e' + 53: 2, # 'i' + 56: 1, # 'l' + 54: 0, # 'n' + 49: 1, # 'o' + 51: 1, # 'r' + 43: 1, # 's' + 44: 1, # 't' + 63: 1, # 'u' + 34: 1, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 2, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 63: { # 'u' + 50: 1, # 'a' + 60: 1, # 'c' + 61: 1, # 'd' + 42: 1, # 'e' + 53: 1, # 'i' + 56: 1, # 'l' + 54: 1, # 'n' + 49: 0, # 'o' + 51: 1, # 'r' + 43: 2, # 's' + 44: 1, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 1, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 34: { # '\xa0' + 50: 1, # 'a' + 60: 0, # 'c' + 61: 1, # 'd' + 42: 0, # 'e' + 53: 1, # 'i' + 56: 0, # 'l' + 54: 1, # 'n' + 49: 1, # 'o' + 51: 0, # 'r' + 43: 1, # 's' + 44: 1, # 't' + 63: 0, # 'u' + 34: 2, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 2, # 'א' + 8: 1, # 'ב' + 20: 1, # 'ג' + 16: 1, # 'ד' + 3: 1, # 'ה' + 2: 1, # 'ו' + 24: 1, # 'ז' + 14: 1, # 'ח' + 22: 1, # 'ט' + 1: 2, # 'י' + 25: 0, # 'ך' + 15: 1, # 'כ' + 4: 1, # 'ל' + 11: 0, # 'ם' + 6: 2, # 'מ' + 23: 0, # 'ן' + 12: 1, # 'נ' + 19: 1, # 'ס' + 13: 1, # 'ע' + 26: 0, # 'ף' + 18: 1, # 'פ' + 27: 0, # 'ץ' + 21: 1, # 'צ' + 17: 1, # 'ק' + 7: 1, # 'ר' + 10: 1, # 'ש' + 5: 1, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 55: { # '´' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 1, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 1, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 1, # 'ה' + 2: 1, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 2, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 1, # 'ל' + 11: 0, # 'ם' + 6: 1, # 'מ' + 23: 1, # 'ן' + 12: 1, # 'נ' + 19: 1, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 1, # 'ר' + 10: 1, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 48: { # '¼' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 1, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 1, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 1, # 'כ' + 4: 1, # 'ל' + 11: 0, # 'ם' + 6: 1, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 39: { # '½' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 1, # 'כ' + 4: 1, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 1, # 'צ' + 17: 1, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 57: { # '¾' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 30: { # 'ְ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 1, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 1, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 2, # 'א' + 8: 2, # 'ב' + 20: 2, # 'ג' + 16: 2, # 'ד' + 3: 2, # 'ה' + 2: 2, # 'ו' + 24: 2, # 'ז' + 14: 2, # 'ח' + 22: 2, # 'ט' + 1: 2, # 'י' + 25: 2, # 'ך' + 15: 2, # 'כ' + 4: 2, # 'ל' + 11: 1, # 'ם' + 6: 2, # 'מ' + 23: 0, # 'ן' + 12: 2, # 'נ' + 19: 2, # 'ס' + 13: 2, # 'ע' + 26: 0, # 'ף' + 18: 2, # 'פ' + 27: 0, # 'ץ' + 21: 2, # 'צ' + 17: 2, # 'ק' + 7: 2, # 'ר' + 10: 2, # 'ש' + 5: 2, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 59: { # 'ֱ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 1, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 1, # 'ב' + 20: 1, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 1, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 1, # 'י' + 25: 0, # 'ך' + 15: 1, # 'כ' + 4: 2, # 'ל' + 11: 0, # 'ם' + 6: 2, # 'מ' + 23: 0, # 'ן' + 12: 1, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 1, # 'ר' + 10: 1, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 41: { # 'ֲ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 2, # 'ב' + 20: 1, # 'ג' + 16: 2, # 'ד' + 3: 1, # 'ה' + 2: 1, # 'ו' + 24: 1, # 'ז' + 14: 1, # 'ח' + 22: 1, # 'ט' + 1: 1, # 'י' + 25: 1, # 'ך' + 15: 1, # 'כ' + 4: 2, # 'ל' + 11: 0, # 'ם' + 6: 2, # 'מ' + 23: 0, # 'ן' + 12: 2, # 'נ' + 19: 1, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 1, # 'פ' + 27: 0, # 'ץ' + 21: 2, # 'צ' + 17: 1, # 'ק' + 7: 2, # 'ר' + 10: 2, # 'ש' + 5: 1, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 33: { # 'ִ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 1, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 1, # 'ִ' + 37: 0, # 'ֵ' + 36: 1, # 'ֶ' + 31: 0, # 'ַ' + 29: 1, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 1, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 1, # 'א' + 8: 2, # 'ב' + 20: 2, # 'ג' + 16: 2, # 'ד' + 3: 1, # 'ה' + 2: 1, # 'ו' + 24: 2, # 'ז' + 14: 1, # 'ח' + 22: 1, # 'ט' + 1: 3, # 'י' + 25: 1, # 'ך' + 15: 2, # 'כ' + 4: 2, # 'ל' + 11: 2, # 'ם' + 6: 2, # 'מ' + 23: 2, # 'ן' + 12: 2, # 'נ' + 19: 2, # 'ס' + 13: 1, # 'ע' + 26: 0, # 'ף' + 18: 2, # 'פ' + 27: 1, # 'ץ' + 21: 2, # 'צ' + 17: 2, # 'ק' + 7: 2, # 'ר' + 10: 2, # 'ש' + 5: 2, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 37: { # 'ֵ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 1, # 'ֶ' + 31: 1, # 'ַ' + 29: 1, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 2, # 'א' + 8: 2, # 'ב' + 20: 1, # 'ג' + 16: 2, # 'ד' + 3: 2, # 'ה' + 2: 1, # 'ו' + 24: 1, # 'ז' + 14: 2, # 'ח' + 22: 1, # 'ט' + 1: 3, # 'י' + 25: 2, # 'ך' + 15: 1, # 'כ' + 4: 2, # 'ל' + 11: 2, # 'ם' + 6: 1, # 'מ' + 23: 2, # 'ן' + 12: 2, # 'נ' + 19: 1, # 'ס' + 13: 2, # 'ע' + 26: 1, # 'ף' + 18: 1, # 'פ' + 27: 1, # 'ץ' + 21: 1, # 'צ' + 17: 1, # 'ק' + 7: 2, # 'ר' + 10: 2, # 'ש' + 5: 2, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 36: { # 'ֶ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 1, # 'ֶ' + 31: 1, # 'ַ' + 29: 1, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 2, # 'א' + 8: 2, # 'ב' + 20: 1, # 'ג' + 16: 2, # 'ד' + 3: 2, # 'ה' + 2: 1, # 'ו' + 24: 1, # 'ז' + 14: 2, # 'ח' + 22: 1, # 'ט' + 1: 2, # 'י' + 25: 2, # 'ך' + 15: 1, # 'כ' + 4: 2, # 'ל' + 11: 2, # 'ם' + 6: 2, # 'מ' + 23: 2, # 'ן' + 12: 2, # 'נ' + 19: 2, # 'ס' + 13: 1, # 'ע' + 26: 1, # 'ף' + 18: 1, # 'פ' + 27: 2, # 'ץ' + 21: 1, # 'צ' + 17: 1, # 'ק' + 7: 2, # 'ר' + 10: 2, # 'ש' + 5: 2, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 31: { # 'ַ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 1, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 1, # 'ֶ' + 31: 0, # 'ַ' + 29: 2, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 2, # 'א' + 8: 2, # 'ב' + 20: 2, # 'ג' + 16: 2, # 'ד' + 3: 2, # 'ה' + 2: 1, # 'ו' + 24: 2, # 'ז' + 14: 2, # 'ח' + 22: 2, # 'ט' + 1: 3, # 'י' + 25: 1, # 'ך' + 15: 2, # 'כ' + 4: 2, # 'ל' + 11: 2, # 'ם' + 6: 2, # 'מ' + 23: 2, # 'ן' + 12: 2, # 'נ' + 19: 2, # 'ס' + 13: 2, # 'ע' + 26: 2, # 'ף' + 18: 2, # 'פ' + 27: 1, # 'ץ' + 21: 2, # 'צ' + 17: 2, # 'ק' + 7: 2, # 'ר' + 10: 2, # 'ש' + 5: 2, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 29: { # 'ָ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 1, # 'ַ' + 29: 2, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 1, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 2, # 'א' + 8: 2, # 'ב' + 20: 2, # 'ג' + 16: 2, # 'ד' + 3: 3, # 'ה' + 2: 2, # 'ו' + 24: 2, # 'ז' + 14: 2, # 'ח' + 22: 1, # 'ט' + 1: 2, # 'י' + 25: 2, # 'ך' + 15: 2, # 'כ' + 4: 2, # 'ל' + 11: 2, # 'ם' + 6: 2, # 'מ' + 23: 2, # 'ן' + 12: 2, # 'נ' + 19: 1, # 'ס' + 13: 2, # 'ע' + 26: 1, # 'ף' + 18: 2, # 'פ' + 27: 1, # 'ץ' + 21: 2, # 'צ' + 17: 2, # 'ק' + 7: 2, # 'ר' + 10: 2, # 'ש' + 5: 2, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 35: { # 'ֹ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 1, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 2, # 'א' + 8: 2, # 'ב' + 20: 1, # 'ג' + 16: 2, # 'ד' + 3: 2, # 'ה' + 2: 1, # 'ו' + 24: 1, # 'ז' + 14: 1, # 'ח' + 22: 1, # 'ט' + 1: 1, # 'י' + 25: 1, # 'ך' + 15: 2, # 'כ' + 4: 2, # 'ל' + 11: 2, # 'ם' + 6: 2, # 'מ' + 23: 2, # 'ן' + 12: 2, # 'נ' + 19: 2, # 'ס' + 13: 2, # 'ע' + 26: 1, # 'ף' + 18: 2, # 'פ' + 27: 1, # 'ץ' + 21: 2, # 'צ' + 17: 2, # 'ק' + 7: 2, # 'ר' + 10: 2, # 'ש' + 5: 2, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 62: { # 'ֻ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 1, # 'ב' + 20: 1, # 'ג' + 16: 1, # 'ד' + 3: 1, # 'ה' + 2: 1, # 'ו' + 24: 1, # 'ז' + 14: 1, # 'ח' + 22: 0, # 'ט' + 1: 1, # 'י' + 25: 0, # 'ך' + 15: 1, # 'כ' + 4: 2, # 'ל' + 11: 1, # 'ם' + 6: 1, # 'מ' + 23: 1, # 'ן' + 12: 1, # 'נ' + 19: 1, # 'ס' + 13: 1, # 'ע' + 26: 0, # 'ף' + 18: 1, # 'פ' + 27: 0, # 'ץ' + 21: 1, # 'צ' + 17: 1, # 'ק' + 7: 1, # 'ר' + 10: 1, # 'ש' + 5: 1, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 28: { # 'ּ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 3, # 'ְ' + 59: 0, # 'ֱ' + 41: 1, # 'ֲ' + 33: 3, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 3, # 'ַ' + 29: 3, # 'ָ' + 35: 2, # 'ֹ' + 62: 1, # 'ֻ' + 28: 0, # 'ּ' + 38: 2, # 'ׁ' + 45: 1, # 'ׂ' + 9: 2, # 'א' + 8: 2, # 'ב' + 20: 1, # 'ג' + 16: 2, # 'ד' + 3: 1, # 'ה' + 2: 2, # 'ו' + 24: 1, # 'ז' + 14: 1, # 'ח' + 22: 1, # 'ט' + 1: 2, # 'י' + 25: 2, # 'ך' + 15: 2, # 'כ' + 4: 2, # 'ל' + 11: 1, # 'ם' + 6: 2, # 'מ' + 23: 1, # 'ן' + 12: 2, # 'נ' + 19: 1, # 'ס' + 13: 2, # 'ע' + 26: 1, # 'ף' + 18: 1, # 'פ' + 27: 1, # 'ץ' + 21: 1, # 'צ' + 17: 1, # 'ק' + 7: 2, # 'ר' + 10: 2, # 'ש' + 5: 2, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 38: { # 'ׁ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 1, # 'ֹ' + 62: 1, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 2, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 1, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 1, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 45: { # 'ׂ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 1, # 'ֵ' + 36: 2, # 'ֶ' + 31: 1, # 'ַ' + 29: 2, # 'ָ' + 35: 1, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 1, # 'א' + 8: 0, # 'ב' + 20: 1, # 'ג' + 16: 0, # 'ד' + 3: 1, # 'ה' + 2: 2, # 'ו' + 24: 0, # 'ז' + 14: 1, # 'ח' + 22: 0, # 'ט' + 1: 1, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 1, # 'ם' + 6: 1, # 'מ' + 23: 0, # 'ן' + 12: 1, # 'נ' + 19: 0, # 'ס' + 13: 1, # 'ע' + 26: 0, # 'ף' + 18: 1, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 1, # 'ר' + 10: 0, # 'ש' + 5: 1, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 9: { # 'א' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 1, # '´' + 48: 1, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 2, # 'ֱ' + 41: 2, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 2, # 'ֹ' + 62: 1, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 2, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 3, # 'ז' + 14: 3, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 3, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 3, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 2, # 'ע' + 26: 3, # 'ף' + 18: 3, # 'פ' + 27: 1, # 'ץ' + 21: 3, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 8: { # 'ב' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 1, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 1, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 2, # 'ֹ' + 62: 1, # 'ֻ' + 28: 3, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 3, # 'ז' + 14: 3, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 2, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 2, # 'ם' + 6: 3, # 'מ' + 23: 3, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 3, # 'ע' + 26: 1, # 'ף' + 18: 3, # 'פ' + 27: 2, # 'ץ' + 21: 3, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 1, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 20: { # 'ג' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 2, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 1, # 'ִ' + 37: 1, # 'ֵ' + 36: 1, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 1, # 'ֹ' + 62: 0, # 'ֻ' + 28: 2, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 2, # 'א' + 8: 3, # 'ב' + 20: 2, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 3, # 'ז' + 14: 2, # 'ח' + 22: 2, # 'ט' + 1: 3, # 'י' + 25: 1, # 'ך' + 15: 1, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 3, # 'ן' + 12: 3, # 'נ' + 19: 2, # 'ס' + 13: 3, # 'ע' + 26: 2, # 'ף' + 18: 2, # 'פ' + 27: 1, # 'ץ' + 21: 1, # 'צ' + 17: 1, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 1, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 16: { # 'ד' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 2, # 'ֹ' + 62: 1, # 'ֻ' + 28: 2, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 1, # 'ז' + 14: 2, # 'ח' + 22: 2, # 'ט' + 1: 3, # 'י' + 25: 2, # 'ך' + 15: 2, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 2, # 'ן' + 12: 3, # 'נ' + 19: 2, # 'ס' + 13: 3, # 'ע' + 26: 2, # 'ף' + 18: 3, # 'פ' + 27: 0, # 'ץ' + 21: 2, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 3: { # 'ה' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 1, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 0, # '´' + 48: 1, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 1, # 'ְ' + 59: 1, # 'ֱ' + 41: 2, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 3, # 'ַ' + 29: 2, # 'ָ' + 35: 1, # 'ֹ' + 62: 1, # 'ֻ' + 28: 2, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 3, # 'ז' + 14: 3, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 1, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 3, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 3, # 'ע' + 26: 0, # 'ף' + 18: 3, # 'פ' + 27: 1, # 'ץ' + 21: 3, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 1, # '–' + 52: 1, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 2, # '…' + }, + 2: { # 'ו' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 1, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 1, # '´' + 48: 1, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 1, # 'ֵ' + 36: 1, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 3, # 'ֹ' + 62: 0, # 'ֻ' + 28: 3, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 3, # 'ז' + 14: 3, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 3, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 3, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 3, # 'ע' + 26: 3, # 'ף' + 18: 3, # 'פ' + 27: 3, # 'ץ' + 21: 3, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 1, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 2, # '…' + }, + 24: { # 'ז' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 1, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 1, # 'ֲ' + 33: 1, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 1, # 'ֹ' + 62: 1, # 'ֻ' + 28: 2, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 2, # 'ב' + 20: 2, # 'ג' + 16: 2, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 2, # 'ז' + 14: 2, # 'ח' + 22: 1, # 'ט' + 1: 3, # 'י' + 25: 1, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 2, # 'ם' + 6: 3, # 'מ' + 23: 2, # 'ן' + 12: 2, # 'נ' + 19: 1, # 'ס' + 13: 2, # 'ע' + 26: 1, # 'ף' + 18: 1, # 'פ' + 27: 0, # 'ץ' + 21: 2, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 1, # 'ש' + 5: 2, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 14: { # 'ח' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 1, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 1, # 'ֱ' + 41: 2, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 2, # 'ֹ' + 62: 1, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 2, # 'א' + 8: 3, # 'ב' + 20: 2, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 3, # 'ז' + 14: 2, # 'ח' + 22: 2, # 'ט' + 1: 3, # 'י' + 25: 1, # 'ך' + 15: 2, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 2, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 1, # 'ע' + 26: 2, # 'ף' + 18: 2, # 'פ' + 27: 2, # 'ץ' + 21: 3, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 1, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 22: { # 'ט' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 1, # 'ֵ' + 36: 1, # 'ֶ' + 31: 2, # 'ַ' + 29: 1, # 'ָ' + 35: 1, # 'ֹ' + 62: 1, # 'ֻ' + 28: 1, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 1, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 2, # 'ז' + 14: 3, # 'ח' + 22: 2, # 'ט' + 1: 3, # 'י' + 25: 1, # 'ך' + 15: 2, # 'כ' + 4: 3, # 'ל' + 11: 2, # 'ם' + 6: 2, # 'מ' + 23: 2, # 'ן' + 12: 3, # 'נ' + 19: 2, # 'ס' + 13: 3, # 'ע' + 26: 2, # 'ף' + 18: 3, # 'פ' + 27: 1, # 'ץ' + 21: 2, # 'צ' + 17: 2, # 'ק' + 7: 3, # 'ר' + 10: 2, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 1: { # 'י' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 1, # '´' + 48: 1, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 1, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 2, # 'ֹ' + 62: 1, # 'ֻ' + 28: 2, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 3, # 'ז' + 14: 3, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 3, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 3, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 3, # 'ע' + 26: 3, # 'ף' + 18: 3, # 'פ' + 27: 3, # 'ץ' + 21: 3, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 1, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 2, # '…' + }, + 25: { # 'ך' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 2, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 1, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 1, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 1, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 1, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 1, # 'ל' + 11: 0, # 'ם' + 6: 1, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 1, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 15: { # 'כ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 1, # 'ֹ' + 62: 1, # 'ֻ' + 28: 3, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 2, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 3, # 'ז' + 14: 3, # 'ח' + 22: 2, # 'ט' + 1: 3, # 'י' + 25: 3, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 3, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 2, # 'ע' + 26: 3, # 'ף' + 18: 3, # 'פ' + 27: 1, # 'ץ' + 21: 2, # 'צ' + 17: 2, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 4: { # 'ל' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 1, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 3, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 2, # 'ֹ' + 62: 1, # 'ֻ' + 28: 2, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 3, # 'ז' + 14: 3, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 3, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 2, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 3, # 'ע' + 26: 2, # 'ף' + 18: 3, # 'פ' + 27: 2, # 'ץ' + 21: 3, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 1, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 11: { # 'ם' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 1, # 'א' + 8: 1, # 'ב' + 20: 1, # 'ג' + 16: 0, # 'ד' + 3: 1, # 'ה' + 2: 1, # 'ו' + 24: 1, # 'ז' + 14: 1, # 'ח' + 22: 0, # 'ט' + 1: 1, # 'י' + 25: 0, # 'ך' + 15: 1, # 'כ' + 4: 1, # 'ל' + 11: 1, # 'ם' + 6: 1, # 'מ' + 23: 0, # 'ן' + 12: 1, # 'נ' + 19: 0, # 'ס' + 13: 1, # 'ע' + 26: 0, # 'ף' + 18: 1, # 'פ' + 27: 1, # 'ץ' + 21: 1, # 'צ' + 17: 1, # 'ק' + 7: 1, # 'ר' + 10: 1, # 'ש' + 5: 1, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 2, # '…' + }, + 6: { # 'מ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 1, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 2, # 'ֹ' + 62: 1, # 'ֻ' + 28: 2, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 3, # 'ז' + 14: 3, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 2, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 3, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 3, # 'ע' + 26: 0, # 'ף' + 18: 3, # 'פ' + 27: 2, # 'ץ' + 21: 3, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 23: { # 'ן' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 0, # '´' + 48: 1, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 1, # 'א' + 8: 1, # 'ב' + 20: 1, # 'ג' + 16: 1, # 'ד' + 3: 1, # 'ה' + 2: 1, # 'ו' + 24: 0, # 'ז' + 14: 1, # 'ח' + 22: 1, # 'ט' + 1: 1, # 'י' + 25: 0, # 'ך' + 15: 1, # 'כ' + 4: 1, # 'ל' + 11: 1, # 'ם' + 6: 1, # 'מ' + 23: 0, # 'ן' + 12: 1, # 'נ' + 19: 1, # 'ס' + 13: 1, # 'ע' + 26: 1, # 'ף' + 18: 1, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 1, # 'ק' + 7: 1, # 'ר' + 10: 1, # 'ש' + 5: 1, # 'ת' + 32: 1, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 2, # '…' + }, + 12: { # 'נ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 1, # 'ֹ' + 62: 1, # 'ֻ' + 28: 2, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 3, # 'ז' + 14: 3, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 2, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 3, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 3, # 'ע' + 26: 2, # 'ף' + 18: 3, # 'פ' + 27: 2, # 'ץ' + 21: 3, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 19: { # 'ס' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 1, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 1, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 1, # 'ָ' + 35: 1, # 'ֹ' + 62: 2, # 'ֻ' + 28: 2, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 2, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 1, # 'ז' + 14: 3, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 2, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 2, # 'ם' + 6: 3, # 'מ' + 23: 2, # 'ן' + 12: 3, # 'נ' + 19: 2, # 'ס' + 13: 3, # 'ע' + 26: 3, # 'ף' + 18: 3, # 'פ' + 27: 0, # 'ץ' + 21: 2, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 1, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 13: { # 'ע' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 1, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 1, # 'ְ' + 59: 1, # 'ֱ' + 41: 2, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 2, # 'ֹ' + 62: 1, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 2, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 3, # 'ז' + 14: 1, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 2, # 'ך' + 15: 2, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 2, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 2, # 'ע' + 26: 1, # 'ף' + 18: 2, # 'פ' + 27: 2, # 'ץ' + 21: 3, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 26: { # 'ף' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 1, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 1, # 'ו' + 24: 0, # 'ז' + 14: 1, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 1, # 'כ' + 4: 1, # 'ל' + 11: 0, # 'ם' + 6: 1, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 1, # 'ס' + 13: 0, # 'ע' + 26: 1, # 'ף' + 18: 1, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 1, # 'ק' + 7: 1, # 'ר' + 10: 1, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 18: { # 'פ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 1, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 1, # 'ֵ' + 36: 2, # 'ֶ' + 31: 1, # 'ַ' + 29: 2, # 'ָ' + 35: 1, # 'ֹ' + 62: 1, # 'ֻ' + 28: 2, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 2, # 'ב' + 20: 3, # 'ג' + 16: 2, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 2, # 'ז' + 14: 3, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 2, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 2, # 'ם' + 6: 2, # 'מ' + 23: 3, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 3, # 'ע' + 26: 2, # 'ף' + 18: 2, # 'פ' + 27: 2, # 'ץ' + 21: 3, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 27: { # 'ץ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 1, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 1, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 1, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 1, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 1, # 'ר' + 10: 0, # 'ש' + 5: 1, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 21: { # 'צ' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 1, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 1, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 1, # 'ֹ' + 62: 1, # 'ֻ' + 28: 2, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 2, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 1, # 'ז' + 14: 3, # 'ח' + 22: 2, # 'ט' + 1: 3, # 'י' + 25: 1, # 'ך' + 15: 1, # 'כ' + 4: 3, # 'ל' + 11: 2, # 'ם' + 6: 3, # 'מ' + 23: 2, # 'ן' + 12: 3, # 'נ' + 19: 1, # 'ס' + 13: 3, # 'ע' + 26: 2, # 'ף' + 18: 3, # 'פ' + 27: 2, # 'ץ' + 21: 2, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 0, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 17: { # 'ק' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 1, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 1, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 2, # 'ֹ' + 62: 1, # 'ֻ' + 28: 2, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 2, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 2, # 'ז' + 14: 3, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 1, # 'ך' + 15: 1, # 'כ' + 4: 3, # 'ל' + 11: 2, # 'ם' + 6: 3, # 'מ' + 23: 2, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 3, # 'ע' + 26: 2, # 'ף' + 18: 3, # 'פ' + 27: 2, # 'ץ' + 21: 3, # 'צ' + 17: 2, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 1, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 7: { # 'ר' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 2, # '´' + 48: 1, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 1, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 2, # 'ֹ' + 62: 1, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 3, # 'ז' + 14: 3, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 3, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 3, # 'ן' + 12: 3, # 'נ' + 19: 3, # 'ס' + 13: 3, # 'ע' + 26: 2, # 'ף' + 18: 3, # 'פ' + 27: 3, # 'ץ' + 21: 3, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 2, # '…' + }, + 10: { # 'ש' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 1, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 1, # 'ִ' + 37: 1, # 'ֵ' + 36: 1, # 'ֶ' + 31: 1, # 'ַ' + 29: 1, # 'ָ' + 35: 1, # 'ֹ' + 62: 1, # 'ֻ' + 28: 2, # 'ּ' + 38: 3, # 'ׁ' + 45: 2, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 3, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 2, # 'ז' + 14: 3, # 'ח' + 22: 3, # 'ט' + 1: 3, # 'י' + 25: 3, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 2, # 'ן' + 12: 3, # 'נ' + 19: 2, # 'ס' + 13: 3, # 'ע' + 26: 2, # 'ף' + 18: 3, # 'פ' + 27: 1, # 'ץ' + 21: 2, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 1, # '…' + }, + 5: { # 'ת' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 1, # '\xa0' + 55: 0, # '´' + 48: 1, # '¼' + 39: 1, # '½' + 57: 0, # '¾' + 30: 2, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 2, # 'ִ' + 37: 2, # 'ֵ' + 36: 2, # 'ֶ' + 31: 2, # 'ַ' + 29: 2, # 'ָ' + 35: 1, # 'ֹ' + 62: 1, # 'ֻ' + 28: 2, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 3, # 'א' + 8: 3, # 'ב' + 20: 3, # 'ג' + 16: 2, # 'ד' + 3: 3, # 'ה' + 2: 3, # 'ו' + 24: 2, # 'ז' + 14: 3, # 'ח' + 22: 2, # 'ט' + 1: 3, # 'י' + 25: 2, # 'ך' + 15: 3, # 'כ' + 4: 3, # 'ל' + 11: 3, # 'ם' + 6: 3, # 'מ' + 23: 3, # 'ן' + 12: 3, # 'נ' + 19: 2, # 'ס' + 13: 3, # 'ע' + 26: 2, # 'ף' + 18: 3, # 'פ' + 27: 1, # 'ץ' + 21: 2, # 'צ' + 17: 3, # 'ק' + 7: 3, # 'ר' + 10: 3, # 'ש' + 5: 3, # 'ת' + 32: 1, # '–' + 52: 1, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 2, # '…' + }, + 32: { # '–' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 1, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 1, # 'א' + 8: 1, # 'ב' + 20: 1, # 'ג' + 16: 1, # 'ד' + 3: 1, # 'ה' + 2: 1, # 'ו' + 24: 0, # 'ז' + 14: 1, # 'ח' + 22: 0, # 'ט' + 1: 1, # 'י' + 25: 0, # 'ך' + 15: 1, # 'כ' + 4: 1, # 'ל' + 11: 0, # 'ם' + 6: 1, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 1, # 'ס' + 13: 1, # 'ע' + 26: 0, # 'ף' + 18: 1, # 'פ' + 27: 0, # 'ץ' + 21: 1, # 'צ' + 17: 0, # 'ק' + 7: 1, # 'ר' + 10: 1, # 'ש' + 5: 1, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 52: { # '’' + 50: 1, # 'a' + 60: 0, # 'c' + 61: 1, # 'd' + 42: 1, # 'e' + 53: 1, # 'i' + 56: 1, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 1, # 'r' + 43: 2, # 's' + 44: 2, # 't' + 63: 1, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 1, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 1, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 1, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 47: { # '“' + 50: 1, # 'a' + 60: 1, # 'c' + 61: 1, # 'd' + 42: 1, # 'e' + 53: 1, # 'i' + 56: 1, # 'l' + 54: 1, # 'n' + 49: 1, # 'o' + 51: 1, # 'r' + 43: 1, # 's' + 44: 1, # 't' + 63: 1, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 2, # 'א' + 8: 1, # 'ב' + 20: 1, # 'ג' + 16: 1, # 'ד' + 3: 1, # 'ה' + 2: 1, # 'ו' + 24: 1, # 'ז' + 14: 1, # 'ח' + 22: 1, # 'ט' + 1: 1, # 'י' + 25: 0, # 'ך' + 15: 1, # 'כ' + 4: 1, # 'ל' + 11: 0, # 'ם' + 6: 1, # 'מ' + 23: 0, # 'ן' + 12: 1, # 'נ' + 19: 1, # 'ס' + 13: 1, # 'ע' + 26: 0, # 'ף' + 18: 1, # 'פ' + 27: 0, # 'ץ' + 21: 1, # 'צ' + 17: 1, # 'ק' + 7: 1, # 'ר' + 10: 1, # 'ש' + 5: 1, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 46: { # '”' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 1, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 1, # 'א' + 8: 1, # 'ב' + 20: 1, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 1, # 'י' + 25: 0, # 'ך' + 15: 1, # 'כ' + 4: 1, # 'ל' + 11: 0, # 'ם' + 6: 1, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 1, # 'צ' + 17: 0, # 'ק' + 7: 1, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 0, # '†' + 40: 0, # '…' + }, + 58: { # '†' + 50: 0, # 'a' + 60: 0, # 'c' + 61: 0, # 'd' + 42: 0, # 'e' + 53: 0, # 'i' + 56: 0, # 'l' + 54: 0, # 'n' + 49: 0, # 'o' + 51: 0, # 'r' + 43: 0, # 's' + 44: 0, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 0, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 0, # 'ה' + 2: 0, # 'ו' + 24: 0, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 0, # 'י' + 25: 0, # 'ך' + 15: 0, # 'כ' + 4: 0, # 'ל' + 11: 0, # 'ם' + 6: 0, # 'מ' + 23: 0, # 'ן' + 12: 0, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 0, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 0, # 'ר' + 10: 0, # 'ש' + 5: 0, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 0, # '”' + 58: 2, # '†' + 40: 0, # '…' + }, + 40: { # '…' + 50: 1, # 'a' + 60: 1, # 'c' + 61: 1, # 'd' + 42: 1, # 'e' + 53: 1, # 'i' + 56: 0, # 'l' + 54: 1, # 'n' + 49: 0, # 'o' + 51: 1, # 'r' + 43: 1, # 's' + 44: 1, # 't' + 63: 0, # 'u' + 34: 0, # '\xa0' + 55: 0, # '´' + 48: 0, # '¼' + 39: 0, # '½' + 57: 0, # '¾' + 30: 0, # 'ְ' + 59: 0, # 'ֱ' + 41: 0, # 'ֲ' + 33: 0, # 'ִ' + 37: 0, # 'ֵ' + 36: 0, # 'ֶ' + 31: 0, # 'ַ' + 29: 0, # 'ָ' + 35: 0, # 'ֹ' + 62: 0, # 'ֻ' + 28: 0, # 'ּ' + 38: 0, # 'ׁ' + 45: 0, # 'ׂ' + 9: 1, # 'א' + 8: 0, # 'ב' + 20: 0, # 'ג' + 16: 0, # 'ד' + 3: 1, # 'ה' + 2: 1, # 'ו' + 24: 1, # 'ז' + 14: 0, # 'ח' + 22: 0, # 'ט' + 1: 1, # 'י' + 25: 0, # 'ך' + 15: 1, # 'כ' + 4: 1, # 'ל' + 11: 0, # 'ם' + 6: 1, # 'מ' + 23: 0, # 'ן' + 12: 1, # 'נ' + 19: 0, # 'ס' + 13: 0, # 'ע' + 26: 0, # 'ף' + 18: 1, # 'פ' + 27: 0, # 'ץ' + 21: 0, # 'צ' + 17: 0, # 'ק' + 7: 1, # 'ר' + 10: 1, # 'ש' + 5: 1, # 'ת' + 32: 0, # '–' + 52: 0, # '’' + 47: 0, # '“' + 46: 1, # '”' + 58: 0, # '†' + 40: 2, # '…' + }, +} + +# 255: Undefined characters that did not exist in training text +# 254: Carriage/Return +# 253: symbol (punctuation) that does not belong to word +# 252: 0 - 9 +# 251: Control characters + +# Character Mapping Table(s): +WINDOWS_1255_HEBREW_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 69, # 'A' + 66: 91, # 'B' + 67: 79, # 'C' + 68: 80, # 'D' + 69: 92, # 'E' + 70: 89, # 'F' + 71: 97, # 'G' + 72: 90, # 'H' + 73: 68, # 'I' + 74: 111, # 'J' + 75: 112, # 'K' + 76: 82, # 'L' + 77: 73, # 'M' + 78: 95, # 'N' + 79: 85, # 'O' + 80: 78, # 'P' + 81: 121, # 'Q' + 82: 86, # 'R' + 83: 71, # 'S' + 84: 67, # 'T' + 85: 102, # 'U' + 86: 107, # 'V' + 87: 84, # 'W' + 88: 114, # 'X' + 89: 103, # 'Y' + 90: 115, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 50, # 'a' + 98: 74, # 'b' + 99: 60, # 'c' + 100: 61, # 'd' + 101: 42, # 'e' + 102: 76, # 'f' + 103: 70, # 'g' + 104: 64, # 'h' + 105: 53, # 'i' + 106: 105, # 'j' + 107: 93, # 'k' + 108: 56, # 'l' + 109: 65, # 'm' + 110: 54, # 'n' + 111: 49, # 'o' + 112: 66, # 'p' + 113: 110, # 'q' + 114: 51, # 'r' + 115: 43, # 's' + 116: 44, # 't' + 117: 63, # 'u' + 118: 81, # 'v' + 119: 77, # 'w' + 120: 98, # 'x' + 121: 75, # 'y' + 122: 108, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 124, # '€' + 129: 202, # None + 130: 203, # '‚' + 131: 204, # 'ƒ' + 132: 205, # '„' + 133: 40, # '…' + 134: 58, # '†' + 135: 206, # '‡' + 136: 207, # 'ˆ' + 137: 208, # '‰' + 138: 209, # None + 139: 210, # '‹' + 140: 211, # None + 141: 212, # None + 142: 213, # None + 143: 214, # None + 144: 215, # None + 145: 83, # '‘' + 146: 52, # '’' + 147: 47, # '“' + 148: 46, # '”' + 149: 72, # '•' + 150: 32, # '–' + 151: 94, # '—' + 152: 216, # '˜' + 153: 113, # '™' + 154: 217, # None + 155: 109, # '›' + 156: 218, # None + 157: 219, # None + 158: 220, # None + 159: 221, # None + 160: 34, # '\xa0' + 161: 116, # '¡' + 162: 222, # '¢' + 163: 118, # '£' + 164: 100, # '₪' + 165: 223, # '¥' + 166: 224, # '¦' + 167: 117, # '§' + 168: 119, # '¨' + 169: 104, # '©' + 170: 125, # '×' + 171: 225, # '«' + 172: 226, # '¬' + 173: 87, # '\xad' + 174: 99, # '®' + 175: 227, # '¯' + 176: 106, # '°' + 177: 122, # '±' + 178: 123, # '²' + 179: 228, # '³' + 180: 55, # '´' + 181: 229, # 'µ' + 182: 230, # '¶' + 183: 101, # '·' + 184: 231, # '¸' + 185: 232, # '¹' + 186: 120, # '÷' + 187: 233, # '»' + 188: 48, # '¼' + 189: 39, # '½' + 190: 57, # '¾' + 191: 234, # '¿' + 192: 30, # 'ְ' + 193: 59, # 'ֱ' + 194: 41, # 'ֲ' + 195: 88, # 'ֳ' + 196: 33, # 'ִ' + 197: 37, # 'ֵ' + 198: 36, # 'ֶ' + 199: 31, # 'ַ' + 200: 29, # 'ָ' + 201: 35, # 'ֹ' + 202: 235, # None + 203: 62, # 'ֻ' + 204: 28, # 'ּ' + 205: 236, # 'ֽ' + 206: 126, # '־' + 207: 237, # 'ֿ' + 208: 238, # '׀' + 209: 38, # 'ׁ' + 210: 45, # 'ׂ' + 211: 239, # '׃' + 212: 240, # 'װ' + 213: 241, # 'ױ' + 214: 242, # 'ײ' + 215: 243, # '׳' + 216: 127, # '״' + 217: 244, # None + 218: 245, # None + 219: 246, # None + 220: 247, # None + 221: 248, # None + 222: 249, # None + 223: 250, # None + 224: 9, # 'א' + 225: 8, # 'ב' + 226: 20, # 'ג' + 227: 16, # 'ד' + 228: 3, # 'ה' + 229: 2, # 'ו' + 230: 24, # 'ז' + 231: 14, # 'ח' + 232: 22, # 'ט' + 233: 1, # 'י' + 234: 25, # 'ך' + 235: 15, # 'כ' + 236: 4, # 'ל' + 237: 11, # 'ם' + 238: 6, # 'מ' + 239: 23, # 'ן' + 240: 12, # 'נ' + 241: 19, # 'ס' + 242: 13, # 'ע' + 243: 26, # 'ף' + 244: 18, # 'פ' + 245: 27, # 'ץ' + 246: 21, # 'צ' + 247: 17, # 'ק' + 248: 7, # 'ר' + 249: 10, # 'ש' + 250: 5, # 'ת' + 251: 251, # None + 252: 252, # None + 253: 128, # '\u200e' + 254: 96, # '\u200f' + 255: 253, # None +} + +WINDOWS_1255_HEBREW_MODEL = SingleByteCharSetModel(charset_name='windows-1255', + language='Hebrew', + char_to_order_map=WINDOWS_1255_HEBREW_CHAR_TO_ORDER, + language_model=HEBREW_LANG_MODEL, + typical_positive_ratio=0.984004, + keep_ascii_letters=False, + alphabet='אבגדהוזחטיךכלםמןנסעףפץצקרשתװױײ') + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langhungarianmodel.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langhungarianmodel.py new file mode 100644 index 000000000..bbc5cda64 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langhungarianmodel.py @@ -0,0 +1,4650 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel + + +# 3: Positive +# 2: Likely +# 1: Unlikely +# 0: Negative + +HUNGARIAN_LANG_MODEL = { + 28: { # 'A' + 28: 0, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 2, # 'D' + 32: 1, # 'E' + 50: 1, # 'F' + 49: 2, # 'G' + 38: 1, # 'H' + 39: 2, # 'I' + 53: 1, # 'J' + 36: 2, # 'K' + 41: 2, # 'L' + 34: 1, # 'M' + 35: 2, # 'N' + 47: 1, # 'O' + 46: 2, # 'P' + 43: 2, # 'R' + 33: 2, # 'S' + 37: 2, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 1, # 'Y' + 52: 2, # 'Z' + 2: 0, # 'a' + 18: 1, # 'b' + 26: 1, # 'c' + 17: 2, # 'd' + 1: 1, # 'e' + 27: 1, # 'f' + 12: 1, # 'g' + 20: 1, # 'h' + 9: 1, # 'i' + 22: 1, # 'j' + 7: 2, # 'k' + 6: 2, # 'l' + 13: 2, # 'm' + 4: 2, # 'n' + 8: 0, # 'o' + 23: 2, # 'p' + 10: 2, # 'r' + 5: 1, # 's' + 3: 1, # 't' + 21: 1, # 'u' + 19: 1, # 'v' + 62: 1, # 'x' + 16: 0, # 'y' + 11: 3, # 'z' + 51: 1, # 'Á' + 44: 0, # 'É' + 61: 1, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 40: { # 'B' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 2, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 1, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 0, # 'M' + 35: 1, # 'N' + 47: 2, # 'O' + 46: 0, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 2, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 3, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 2, # 'i' + 22: 1, # 'j' + 7: 0, # 'k' + 6: 1, # 'l' + 13: 0, # 'm' + 4: 0, # 'n' + 8: 2, # 'o' + 23: 1, # 'p' + 10: 2, # 'r' + 5: 0, # 's' + 3: 0, # 't' + 21: 3, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 0, # 'z' + 51: 1, # 'Á' + 44: 1, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 2, # 'á' + 15: 2, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 1, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 1, # 'ő' + 56: 1, # 'ű' + }, + 54: { # 'C' + 28: 1, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 1, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 1, # 'H' + 39: 2, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 0, # 'N' + 47: 1, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 2, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 0, # 'V' + 55: 1, # 'Y' + 52: 1, # 'Z' + 2: 2, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 1, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 1, # 'h' + 9: 1, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 1, # 'l' + 13: 0, # 'm' + 4: 0, # 'n' + 8: 2, # 'o' + 23: 0, # 'p' + 10: 1, # 'r' + 5: 3, # 's' + 3: 0, # 't' + 21: 1, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 1, # 'z' + 51: 1, # 'Á' + 44: 1, # 'É' + 61: 1, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 1, # 'á' + 15: 1, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 45: { # 'D' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 0, # 'C' + 45: 1, # 'D' + 32: 2, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 2, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 0, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 2, # 'O' + 46: 0, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 1, # 'Y' + 52: 1, # 'Z' + 2: 2, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 3, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 1, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 0, # 'l' + 13: 0, # 'm' + 4: 0, # 'n' + 8: 1, # 'o' + 23: 0, # 'p' + 10: 2, # 'r' + 5: 0, # 's' + 3: 0, # 't' + 21: 2, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 1, # 'z' + 51: 1, # 'Á' + 44: 1, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 1, # 'á' + 15: 1, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 1, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 1, # 'ő' + 56: 0, # 'ű' + }, + 32: { # 'E' + 28: 1, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 1, # 'E' + 50: 1, # 'F' + 49: 2, # 'G' + 38: 1, # 'H' + 39: 1, # 'I' + 53: 1, # 'J' + 36: 2, # 'K' + 41: 2, # 'L' + 34: 2, # 'M' + 35: 2, # 'N' + 47: 1, # 'O' + 46: 1, # 'P' + 43: 2, # 'R' + 33: 2, # 'S' + 37: 2, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 1, # 'Y' + 52: 1, # 'Z' + 2: 1, # 'a' + 18: 1, # 'b' + 26: 1, # 'c' + 17: 2, # 'd' + 1: 1, # 'e' + 27: 1, # 'f' + 12: 3, # 'g' + 20: 1, # 'h' + 9: 1, # 'i' + 22: 1, # 'j' + 7: 1, # 'k' + 6: 2, # 'l' + 13: 2, # 'm' + 4: 2, # 'n' + 8: 0, # 'o' + 23: 1, # 'p' + 10: 2, # 'r' + 5: 2, # 's' + 3: 1, # 't' + 21: 2, # 'u' + 19: 1, # 'v' + 62: 1, # 'x' + 16: 0, # 'y' + 11: 3, # 'z' + 51: 1, # 'Á' + 44: 1, # 'É' + 61: 0, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 0, # 'Ú' + 63: 1, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 1, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 50: { # 'F' + 28: 1, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 1, # 'E' + 50: 1, # 'F' + 49: 0, # 'G' + 38: 1, # 'H' + 39: 1, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 1, # 'O' + 46: 0, # 'P' + 43: 1, # 'R' + 33: 0, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 0, # 'V' + 55: 1, # 'Y' + 52: 0, # 'Z' + 2: 2, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 2, # 'e' + 27: 1, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 2, # 'i' + 22: 1, # 'j' + 7: 0, # 'k' + 6: 1, # 'l' + 13: 0, # 'm' + 4: 0, # 'n' + 8: 2, # 'o' + 23: 0, # 'p' + 10: 2, # 'r' + 5: 0, # 's' + 3: 0, # 't' + 21: 1, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 0, # 'z' + 51: 1, # 'Á' + 44: 1, # 'É' + 61: 0, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 0, # 'Ú' + 63: 1, # 'Ü' + 14: 1, # 'á' + 15: 1, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 2, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 1, # 'ő' + 56: 1, # 'ű' + }, + 49: { # 'G' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 2, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 1, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 1, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 2, # 'Y' + 52: 1, # 'Z' + 2: 2, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 2, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 1, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 1, # 'l' + 13: 0, # 'm' + 4: 0, # 'n' + 8: 2, # 'o' + 23: 0, # 'p' + 10: 2, # 'r' + 5: 0, # 's' + 3: 0, # 't' + 21: 1, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 2, # 'y' + 11: 0, # 'z' + 51: 1, # 'Á' + 44: 1, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 1, # 'á' + 15: 1, # 'é' + 30: 0, # 'í' + 25: 1, # 'ó' + 24: 1, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 1, # 'ő' + 56: 0, # 'ű' + }, + 38: { # 'H' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 0, # 'D' + 32: 1, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 1, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 1, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 1, # 'O' + 46: 0, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 0, # 'V' + 55: 1, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 2, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 2, # 'i' + 22: 1, # 'j' + 7: 0, # 'k' + 6: 1, # 'l' + 13: 1, # 'm' + 4: 0, # 'n' + 8: 3, # 'o' + 23: 0, # 'p' + 10: 1, # 'r' + 5: 0, # 's' + 3: 0, # 't' + 21: 2, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 0, # 'z' + 51: 2, # 'Á' + 44: 2, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 2, # 'á' + 15: 1, # 'é' + 30: 2, # 'í' + 25: 1, # 'ó' + 24: 1, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 1, # 'ő' + 56: 1, # 'ű' + }, + 39: { # 'I' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 1, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 2, # 'I' + 53: 1, # 'J' + 36: 2, # 'K' + 41: 2, # 'L' + 34: 1, # 'M' + 35: 2, # 'N' + 47: 1, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 2, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 0, # 'Y' + 52: 2, # 'Z' + 2: 0, # 'a' + 18: 1, # 'b' + 26: 1, # 'c' + 17: 2, # 'd' + 1: 0, # 'e' + 27: 1, # 'f' + 12: 2, # 'g' + 20: 1, # 'h' + 9: 0, # 'i' + 22: 1, # 'j' + 7: 1, # 'k' + 6: 2, # 'l' + 13: 2, # 'm' + 4: 1, # 'n' + 8: 0, # 'o' + 23: 1, # 'p' + 10: 2, # 'r' + 5: 2, # 's' + 3: 2, # 't' + 21: 0, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 1, # 'z' + 51: 1, # 'Á' + 44: 1, # 'É' + 61: 0, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 53: { # 'J' + 28: 2, # 'A' + 40: 0, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 2, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 1, # 'H' + 39: 1, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 1, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 1, # 'Z' + 2: 2, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 2, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 1, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 0, # 'l' + 13: 0, # 'm' + 4: 0, # 'n' + 8: 1, # 'o' + 23: 0, # 'p' + 10: 0, # 'r' + 5: 0, # 's' + 3: 0, # 't' + 21: 2, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 0, # 'z' + 51: 1, # 'Á' + 44: 1, # 'É' + 61: 0, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 2, # 'á' + 15: 1, # 'é' + 30: 0, # 'í' + 25: 2, # 'ó' + 24: 2, # 'ö' + 31: 1, # 'ú' + 29: 0, # 'ü' + 42: 1, # 'ő' + 56: 0, # 'ű' + }, + 36: { # 'K' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 2, # 'E' + 50: 1, # 'F' + 49: 0, # 'G' + 38: 1, # 'H' + 39: 2, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 2, # 'O' + 46: 0, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 1, # 'Y' + 52: 0, # 'Z' + 2: 2, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 2, # 'e' + 27: 1, # 'f' + 12: 0, # 'g' + 20: 1, # 'h' + 9: 3, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 1, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 8: 2, # 'o' + 23: 0, # 'p' + 10: 2, # 'r' + 5: 0, # 's' + 3: 0, # 't' + 21: 1, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 0, # 'z' + 51: 1, # 'Á' + 44: 1, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 2, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 2, # 'á' + 15: 2, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 2, # 'ö' + 31: 1, # 'ú' + 29: 2, # 'ü' + 42: 1, # 'ő' + 56: 0, # 'ű' + }, + 41: { # 'L' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 2, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 2, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 2, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 2, # 'O' + 46: 0, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 2, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 1, # 'Y' + 52: 1, # 'Z' + 2: 2, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 3, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 2, # 'i' + 22: 1, # 'j' + 7: 0, # 'k' + 6: 1, # 'l' + 13: 0, # 'm' + 4: 0, # 'n' + 8: 2, # 'o' + 23: 0, # 'p' + 10: 0, # 'r' + 5: 0, # 's' + 3: 0, # 't' + 21: 2, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 0, # 'z' + 51: 2, # 'Á' + 44: 1, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 2, # 'á' + 15: 1, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 1, # 'ö' + 31: 0, # 'ú' + 29: 1, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 34: { # 'M' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 2, # 'E' + 50: 1, # 'F' + 49: 0, # 'G' + 38: 1, # 'H' + 39: 2, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 1, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 1, # 'Y' + 52: 1, # 'Z' + 2: 3, # 'a' + 18: 0, # 'b' + 26: 1, # 'c' + 17: 0, # 'd' + 1: 3, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 3, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 0, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 8: 3, # 'o' + 23: 0, # 'p' + 10: 1, # 'r' + 5: 0, # 's' + 3: 0, # 't' + 21: 2, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 0, # 'z' + 51: 2, # 'Á' + 44: 1, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 2, # 'á' + 15: 2, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 1, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 0, # 'ő' + 56: 1, # 'ű' + }, + 35: { # 'N' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 2, # 'D' + 32: 2, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 1, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 1, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 2, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 2, # 'Y' + 52: 1, # 'Z' + 2: 3, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 3, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 2, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 0, # 'l' + 13: 0, # 'm' + 4: 1, # 'n' + 8: 2, # 'o' + 23: 0, # 'p' + 10: 0, # 'r' + 5: 0, # 's' + 3: 0, # 't' + 21: 1, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 2, # 'y' + 11: 0, # 'z' + 51: 1, # 'Á' + 44: 1, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 1, # 'á' + 15: 2, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 1, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 1, # 'ő' + 56: 0, # 'ű' + }, + 47: { # 'O' + 28: 1, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 1, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 1, # 'I' + 53: 1, # 'J' + 36: 2, # 'K' + 41: 2, # 'L' + 34: 2, # 'M' + 35: 2, # 'N' + 47: 1, # 'O' + 46: 1, # 'P' + 43: 2, # 'R' + 33: 2, # 'S' + 37: 2, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 1, # 'Y' + 52: 1, # 'Z' + 2: 0, # 'a' + 18: 1, # 'b' + 26: 1, # 'c' + 17: 1, # 'd' + 1: 1, # 'e' + 27: 1, # 'f' + 12: 1, # 'g' + 20: 1, # 'h' + 9: 1, # 'i' + 22: 1, # 'j' + 7: 2, # 'k' + 6: 2, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 8: 1, # 'o' + 23: 1, # 'p' + 10: 2, # 'r' + 5: 1, # 's' + 3: 2, # 't' + 21: 1, # 'u' + 19: 0, # 'v' + 62: 1, # 'x' + 16: 0, # 'y' + 11: 1, # 'z' + 51: 1, # 'Á' + 44: 1, # 'É' + 61: 0, # 'Í' + 58: 1, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 46: { # 'P' + 28: 1, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 1, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 1, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 0, # 'M' + 35: 1, # 'N' + 47: 1, # 'O' + 46: 1, # 'P' + 43: 2, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 0, # 'Y' + 52: 1, # 'Z' + 2: 2, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 2, # 'e' + 27: 1, # 'f' + 12: 0, # 'g' + 20: 1, # 'h' + 9: 2, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 1, # 'l' + 13: 0, # 'm' + 4: 1, # 'n' + 8: 2, # 'o' + 23: 0, # 'p' + 10: 2, # 'r' + 5: 1, # 's' + 3: 0, # 't' + 21: 1, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 0, # 'z' + 51: 2, # 'Á' + 44: 1, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 0, # 'Ú' + 63: 1, # 'Ü' + 14: 3, # 'á' + 15: 2, # 'é' + 30: 0, # 'í' + 25: 1, # 'ó' + 24: 1, # 'ö' + 31: 0, # 'ú' + 29: 1, # 'ü' + 42: 1, # 'ő' + 56: 0, # 'ű' + }, + 43: { # 'R' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 2, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 2, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 2, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 2, # 'S' + 37: 2, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 1, # 'Y' + 52: 1, # 'Z' + 2: 2, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 2, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 1, # 'h' + 9: 2, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 0, # 'l' + 13: 0, # 'm' + 4: 0, # 'n' + 8: 2, # 'o' + 23: 0, # 'p' + 10: 0, # 'r' + 5: 0, # 's' + 3: 0, # 't' + 21: 1, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 0, # 'z' + 51: 2, # 'Á' + 44: 1, # 'É' + 61: 1, # 'Í' + 58: 2, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 2, # 'á' + 15: 2, # 'é' + 30: 1, # 'í' + 25: 2, # 'ó' + 24: 1, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 33: { # 'S' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 2, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 2, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 2, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 2, # 'S' + 37: 2, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 1, # 'Y' + 52: 3, # 'Z' + 2: 2, # 'a' + 18: 0, # 'b' + 26: 1, # 'c' + 17: 0, # 'd' + 1: 2, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 1, # 'h' + 9: 2, # 'i' + 22: 0, # 'j' + 7: 1, # 'k' + 6: 1, # 'l' + 13: 1, # 'm' + 4: 0, # 'n' + 8: 2, # 'o' + 23: 1, # 'p' + 10: 0, # 'r' + 5: 0, # 's' + 3: 1, # 't' + 21: 1, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 3, # 'z' + 51: 2, # 'Á' + 44: 1, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 2, # 'á' + 15: 1, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 1, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 1, # 'ő' + 56: 1, # 'ű' + }, + 37: { # 'T' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 2, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 2, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 2, # 'O' + 46: 1, # 'P' + 43: 2, # 'R' + 33: 1, # 'S' + 37: 2, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 1, # 'Y' + 52: 1, # 'Z' + 2: 2, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 2, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 1, # 'h' + 9: 2, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 0, # 'l' + 13: 0, # 'm' + 4: 0, # 'n' + 8: 2, # 'o' + 23: 0, # 'p' + 10: 1, # 'r' + 5: 1, # 's' + 3: 0, # 't' + 21: 2, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 1, # 'z' + 51: 2, # 'Á' + 44: 2, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 2, # 'á' + 15: 1, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 2, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 1, # 'ő' + 56: 1, # 'ű' + }, + 57: { # 'U' + 28: 1, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 1, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 1, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 1, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 2, # 'S' + 37: 1, # 'T' + 57: 0, # 'U' + 48: 1, # 'V' + 55: 0, # 'Y' + 52: 1, # 'Z' + 2: 0, # 'a' + 18: 1, # 'b' + 26: 1, # 'c' + 17: 1, # 'd' + 1: 1, # 'e' + 27: 0, # 'f' + 12: 2, # 'g' + 20: 0, # 'h' + 9: 0, # 'i' + 22: 1, # 'j' + 7: 1, # 'k' + 6: 1, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 8: 0, # 'o' + 23: 1, # 'p' + 10: 1, # 'r' + 5: 1, # 's' + 3: 1, # 't' + 21: 0, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 1, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 1, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 48: { # 'V' + 28: 2, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 1, # 'D' + 32: 2, # 'E' + 50: 1, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 2, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 0, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 1, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 1, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 2, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 2, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 1, # 'l' + 13: 0, # 'm' + 4: 0, # 'n' + 8: 2, # 'o' + 23: 0, # 'p' + 10: 0, # 'r' + 5: 0, # 's' + 3: 0, # 't' + 21: 1, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 0, # 'z' + 51: 2, # 'Á' + 44: 2, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 0, # 'Ú' + 63: 1, # 'Ü' + 14: 2, # 'á' + 15: 2, # 'é' + 30: 1, # 'í' + 25: 0, # 'ó' + 24: 1, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 55: { # 'Y' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 2, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 1, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 1, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 0, # 'Y' + 52: 2, # 'Z' + 2: 1, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 1, # 'd' + 1: 1, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 0, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 0, # 'l' + 13: 0, # 'm' + 4: 0, # 'n' + 8: 1, # 'o' + 23: 1, # 'p' + 10: 0, # 'r' + 5: 0, # 's' + 3: 0, # 't' + 21: 0, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 0, # 'z' + 51: 1, # 'Á' + 44: 1, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 52: { # 'Z' + 28: 2, # 'A' + 40: 1, # 'B' + 54: 0, # 'C' + 45: 1, # 'D' + 32: 2, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 2, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 2, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 2, # 'S' + 37: 1, # 'T' + 57: 1, # 'U' + 48: 1, # 'V' + 55: 1, # 'Y' + 52: 1, # 'Z' + 2: 1, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 1, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 1, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 0, # 'l' + 13: 0, # 'm' + 4: 1, # 'n' + 8: 1, # 'o' + 23: 0, # 'p' + 10: 1, # 'r' + 5: 2, # 's' + 3: 0, # 't' + 21: 1, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 0, # 'z' + 51: 2, # 'Á' + 44: 1, # 'É' + 61: 1, # 'Í' + 58: 1, # 'Ó' + 59: 1, # 'Ö' + 60: 1, # 'Ú' + 63: 1, # 'Ü' + 14: 1, # 'á' + 15: 1, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 1, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 2: { # 'a' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 1, # 'a' + 18: 3, # 'b' + 26: 3, # 'c' + 17: 3, # 'd' + 1: 2, # 'e' + 27: 2, # 'f' + 12: 3, # 'g' + 20: 3, # 'h' + 9: 3, # 'i' + 22: 3, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 8: 2, # 'o' + 23: 3, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 3, # 'u' + 19: 3, # 'v' + 62: 1, # 'x' + 16: 2, # 'y' + 11: 3, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 1, # 'á' + 15: 1, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 1, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 18: { # 'b' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 3, # 'b' + 26: 1, # 'c' + 17: 1, # 'd' + 1: 3, # 'e' + 27: 1, # 'f' + 12: 1, # 'g' + 20: 1, # 'h' + 9: 3, # 'i' + 22: 2, # 'j' + 7: 2, # 'k' + 6: 2, # 'l' + 13: 1, # 'm' + 4: 2, # 'n' + 8: 3, # 'o' + 23: 1, # 'p' + 10: 3, # 'r' + 5: 2, # 's' + 3: 1, # 't' + 21: 3, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 1, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 2, # 'í' + 25: 3, # 'ó' + 24: 2, # 'ö' + 31: 2, # 'ú' + 29: 2, # 'ü' + 42: 2, # 'ő' + 56: 1, # 'ű' + }, + 26: { # 'c' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 1, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 1, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 2, # 'a' + 18: 1, # 'b' + 26: 2, # 'c' + 17: 1, # 'd' + 1: 3, # 'e' + 27: 1, # 'f' + 12: 1, # 'g' + 20: 3, # 'h' + 9: 3, # 'i' + 22: 1, # 'j' + 7: 2, # 'k' + 6: 1, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 8: 3, # 'o' + 23: 1, # 'p' + 10: 2, # 'r' + 5: 3, # 's' + 3: 2, # 't' + 21: 2, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 2, # 'á' + 15: 2, # 'é' + 30: 2, # 'í' + 25: 1, # 'ó' + 24: 1, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 17: { # 'd' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 2, # 'b' + 26: 1, # 'c' + 17: 2, # 'd' + 1: 3, # 'e' + 27: 1, # 'f' + 12: 1, # 'g' + 20: 2, # 'h' + 9: 3, # 'i' + 22: 3, # 'j' + 7: 2, # 'k' + 6: 1, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 8: 3, # 'o' + 23: 1, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 3, # 'u' + 19: 3, # 'v' + 62: 0, # 'x' + 16: 2, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 3, # 'í' + 25: 3, # 'ó' + 24: 3, # 'ö' + 31: 2, # 'ú' + 29: 2, # 'ü' + 42: 2, # 'ő' + 56: 1, # 'ű' + }, + 1: { # 'e' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 2, # 'a' + 18: 3, # 'b' + 26: 3, # 'c' + 17: 3, # 'd' + 1: 2, # 'e' + 27: 3, # 'f' + 12: 3, # 'g' + 20: 3, # 'h' + 9: 3, # 'i' + 22: 3, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 8: 2, # 'o' + 23: 3, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 2, # 'u' + 19: 3, # 'v' + 62: 2, # 'x' + 16: 2, # 'y' + 11: 3, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 1, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 1, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 27: { # 'f' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 1, # 'b' + 26: 1, # 'c' + 17: 1, # 'd' + 1: 3, # 'e' + 27: 2, # 'f' + 12: 1, # 'g' + 20: 1, # 'h' + 9: 3, # 'i' + 22: 2, # 'j' + 7: 1, # 'k' + 6: 1, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 8: 3, # 'o' + 23: 0, # 'p' + 10: 3, # 'r' + 5: 1, # 's' + 3: 1, # 't' + 21: 2, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 0, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 3, # 'ö' + 31: 1, # 'ú' + 29: 2, # 'ü' + 42: 1, # 'ő' + 56: 1, # 'ű' + }, + 12: { # 'g' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 3, # 'b' + 26: 2, # 'c' + 17: 2, # 'd' + 1: 3, # 'e' + 27: 2, # 'f' + 12: 3, # 'g' + 20: 3, # 'h' + 9: 3, # 'i' + 22: 3, # 'j' + 7: 2, # 'k' + 6: 3, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 8: 3, # 'o' + 23: 1, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 3, # 'u' + 19: 3, # 'v' + 62: 0, # 'x' + 16: 3, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 2, # 'í' + 25: 3, # 'ó' + 24: 2, # 'ö' + 31: 2, # 'ú' + 29: 2, # 'ü' + 42: 2, # 'ő' + 56: 1, # 'ű' + }, + 20: { # 'h' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 1, # 'b' + 26: 1, # 'c' + 17: 0, # 'd' + 1: 3, # 'e' + 27: 0, # 'f' + 12: 1, # 'g' + 20: 2, # 'h' + 9: 3, # 'i' + 22: 1, # 'j' + 7: 1, # 'k' + 6: 1, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 8: 3, # 'o' + 23: 0, # 'p' + 10: 1, # 'r' + 5: 2, # 's' + 3: 1, # 't' + 21: 3, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 2, # 'y' + 11: 0, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 3, # 'í' + 25: 2, # 'ó' + 24: 2, # 'ö' + 31: 2, # 'ú' + 29: 1, # 'ü' + 42: 1, # 'ő' + 56: 1, # 'ű' + }, + 9: { # 'i' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 3, # 'b' + 26: 3, # 'c' + 17: 3, # 'd' + 1: 3, # 'e' + 27: 3, # 'f' + 12: 3, # 'g' + 20: 3, # 'h' + 9: 2, # 'i' + 22: 2, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 8: 2, # 'o' + 23: 2, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 3, # 'u' + 19: 3, # 'v' + 62: 1, # 'x' + 16: 1, # 'y' + 11: 3, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 2, # 'é' + 30: 1, # 'í' + 25: 3, # 'ó' + 24: 1, # 'ö' + 31: 2, # 'ú' + 29: 1, # 'ü' + 42: 0, # 'ő' + 56: 1, # 'ű' + }, + 22: { # 'j' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 2, # 'b' + 26: 1, # 'c' + 17: 3, # 'd' + 1: 3, # 'e' + 27: 1, # 'f' + 12: 1, # 'g' + 20: 2, # 'h' + 9: 1, # 'i' + 22: 2, # 'j' + 7: 2, # 'k' + 6: 2, # 'l' + 13: 1, # 'm' + 4: 2, # 'n' + 8: 3, # 'o' + 23: 1, # 'p' + 10: 2, # 'r' + 5: 2, # 's' + 3: 3, # 't' + 21: 3, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 1, # 'í' + 25: 3, # 'ó' + 24: 3, # 'ö' + 31: 3, # 'ú' + 29: 2, # 'ü' + 42: 1, # 'ő' + 56: 1, # 'ű' + }, + 7: { # 'k' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 3, # 'b' + 26: 2, # 'c' + 17: 1, # 'd' + 1: 3, # 'e' + 27: 1, # 'f' + 12: 1, # 'g' + 20: 2, # 'h' + 9: 3, # 'i' + 22: 2, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 1, # 'm' + 4: 3, # 'n' + 8: 3, # 'o' + 23: 1, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 3, # 'u' + 19: 2, # 'v' + 62: 0, # 'x' + 16: 2, # 'y' + 11: 1, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 3, # 'í' + 25: 2, # 'ó' + 24: 3, # 'ö' + 31: 1, # 'ú' + 29: 3, # 'ü' + 42: 1, # 'ő' + 56: 1, # 'ű' + }, + 6: { # 'l' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 1, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 1, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 2, # 'b' + 26: 3, # 'c' + 17: 3, # 'd' + 1: 3, # 'e' + 27: 3, # 'f' + 12: 3, # 'g' + 20: 3, # 'h' + 9: 3, # 'i' + 22: 3, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 8: 3, # 'o' + 23: 2, # 'p' + 10: 2, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 3, # 'u' + 19: 3, # 'v' + 62: 0, # 'x' + 16: 3, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 3, # 'í' + 25: 3, # 'ó' + 24: 3, # 'ö' + 31: 2, # 'ú' + 29: 2, # 'ü' + 42: 3, # 'ő' + 56: 1, # 'ű' + }, + 13: { # 'm' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 3, # 'b' + 26: 2, # 'c' + 17: 1, # 'd' + 1: 3, # 'e' + 27: 1, # 'f' + 12: 1, # 'g' + 20: 2, # 'h' + 9: 3, # 'i' + 22: 2, # 'j' + 7: 1, # 'k' + 6: 3, # 'l' + 13: 3, # 'm' + 4: 2, # 'n' + 8: 3, # 'o' + 23: 3, # 'p' + 10: 2, # 'r' + 5: 2, # 's' + 3: 2, # 't' + 21: 3, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 2, # 'í' + 25: 2, # 'ó' + 24: 2, # 'ö' + 31: 2, # 'ú' + 29: 2, # 'ü' + 42: 1, # 'ő' + 56: 2, # 'ű' + }, + 4: { # 'n' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 3, # 'b' + 26: 3, # 'c' + 17: 3, # 'd' + 1: 3, # 'e' + 27: 2, # 'f' + 12: 3, # 'g' + 20: 3, # 'h' + 9: 3, # 'i' + 22: 2, # 'j' + 7: 3, # 'k' + 6: 2, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 8: 3, # 'o' + 23: 2, # 'p' + 10: 2, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 3, # 'u' + 19: 2, # 'v' + 62: 1, # 'x' + 16: 3, # 'y' + 11: 3, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 2, # 'í' + 25: 2, # 'ó' + 24: 3, # 'ö' + 31: 2, # 'ú' + 29: 3, # 'ü' + 42: 2, # 'ő' + 56: 1, # 'ű' + }, + 8: { # 'o' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 1, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 2, # 'a' + 18: 3, # 'b' + 26: 3, # 'c' + 17: 3, # 'd' + 1: 2, # 'e' + 27: 2, # 'f' + 12: 3, # 'g' + 20: 3, # 'h' + 9: 2, # 'i' + 22: 2, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 8: 1, # 'o' + 23: 3, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 2, # 'u' + 19: 3, # 'v' + 62: 1, # 'x' + 16: 1, # 'y' + 11: 3, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 1, # 'á' + 15: 2, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 1, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 23: { # 'p' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 1, # 'b' + 26: 2, # 'c' + 17: 1, # 'd' + 1: 3, # 'e' + 27: 1, # 'f' + 12: 1, # 'g' + 20: 2, # 'h' + 9: 3, # 'i' + 22: 2, # 'j' + 7: 2, # 'k' + 6: 3, # 'l' + 13: 1, # 'm' + 4: 2, # 'n' + 8: 3, # 'o' + 23: 3, # 'p' + 10: 3, # 'r' + 5: 2, # 's' + 3: 2, # 't' + 21: 3, # 'u' + 19: 2, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 2, # 'í' + 25: 2, # 'ó' + 24: 2, # 'ö' + 31: 1, # 'ú' + 29: 2, # 'ü' + 42: 1, # 'ő' + 56: 1, # 'ű' + }, + 10: { # 'r' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 3, # 'b' + 26: 3, # 'c' + 17: 3, # 'd' + 1: 3, # 'e' + 27: 2, # 'f' + 12: 3, # 'g' + 20: 2, # 'h' + 9: 3, # 'i' + 22: 3, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 8: 3, # 'o' + 23: 2, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 3, # 'u' + 19: 3, # 'v' + 62: 1, # 'x' + 16: 2, # 'y' + 11: 3, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 2, # 'í' + 25: 3, # 'ó' + 24: 3, # 'ö' + 31: 3, # 'ú' + 29: 3, # 'ü' + 42: 2, # 'ő' + 56: 2, # 'ű' + }, + 5: { # 's' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 3, # 'b' + 26: 2, # 'c' + 17: 2, # 'd' + 1: 3, # 'e' + 27: 2, # 'f' + 12: 2, # 'g' + 20: 2, # 'h' + 9: 3, # 'i' + 22: 1, # 'j' + 7: 3, # 'k' + 6: 2, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 8: 3, # 'o' + 23: 2, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 3, # 'u' + 19: 2, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 3, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 3, # 'í' + 25: 3, # 'ó' + 24: 3, # 'ö' + 31: 3, # 'ú' + 29: 3, # 'ü' + 42: 2, # 'ő' + 56: 1, # 'ű' + }, + 3: { # 't' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 3, # 'b' + 26: 2, # 'c' + 17: 1, # 'd' + 1: 3, # 'e' + 27: 2, # 'f' + 12: 1, # 'g' + 20: 3, # 'h' + 9: 3, # 'i' + 22: 3, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 8: 3, # 'o' + 23: 1, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 3, # 'u' + 19: 3, # 'v' + 62: 0, # 'x' + 16: 3, # 'y' + 11: 1, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 2, # 'í' + 25: 3, # 'ó' + 24: 3, # 'ö' + 31: 3, # 'ú' + 29: 3, # 'ü' + 42: 3, # 'ő' + 56: 2, # 'ű' + }, + 21: { # 'u' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 1, # 'a' + 18: 2, # 'b' + 26: 2, # 'c' + 17: 3, # 'd' + 1: 2, # 'e' + 27: 1, # 'f' + 12: 3, # 'g' + 20: 2, # 'h' + 9: 2, # 'i' + 22: 2, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 8: 1, # 'o' + 23: 2, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 1, # 'u' + 19: 3, # 'v' + 62: 1, # 'x' + 16: 1, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 2, # 'á' + 15: 1, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 0, # 'ö' + 31: 1, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 19: { # 'v' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 2, # 'b' + 26: 1, # 'c' + 17: 1, # 'd' + 1: 3, # 'e' + 27: 1, # 'f' + 12: 1, # 'g' + 20: 1, # 'h' + 9: 3, # 'i' + 22: 1, # 'j' + 7: 1, # 'k' + 6: 1, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 8: 3, # 'o' + 23: 1, # 'p' + 10: 1, # 'r' + 5: 2, # 's' + 3: 2, # 't' + 21: 2, # 'u' + 19: 2, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 1, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 2, # 'í' + 25: 2, # 'ó' + 24: 2, # 'ö' + 31: 1, # 'ú' + 29: 2, # 'ü' + 42: 1, # 'ő' + 56: 1, # 'ű' + }, + 62: { # 'x' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 1, # 'a' + 18: 1, # 'b' + 26: 1, # 'c' + 17: 0, # 'd' + 1: 1, # 'e' + 27: 1, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 1, # 'i' + 22: 0, # 'j' + 7: 1, # 'k' + 6: 1, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 8: 1, # 'o' + 23: 1, # 'p' + 10: 1, # 'r' + 5: 1, # 's' + 3: 1, # 't' + 21: 1, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 0, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 1, # 'á' + 15: 1, # 'é' + 30: 1, # 'í' + 25: 1, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 16: { # 'y' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 2, # 'b' + 26: 1, # 'c' + 17: 1, # 'd' + 1: 3, # 'e' + 27: 2, # 'f' + 12: 2, # 'g' + 20: 2, # 'h' + 9: 3, # 'i' + 22: 2, # 'j' + 7: 2, # 'k' + 6: 2, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 8: 3, # 'o' + 23: 2, # 'p' + 10: 2, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 3, # 'u' + 19: 3, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 2, # 'í' + 25: 2, # 'ó' + 24: 3, # 'ö' + 31: 2, # 'ú' + 29: 2, # 'ü' + 42: 1, # 'ő' + 56: 2, # 'ű' + }, + 11: { # 'z' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 3, # 'a' + 18: 2, # 'b' + 26: 1, # 'c' + 17: 3, # 'd' + 1: 3, # 'e' + 27: 1, # 'f' + 12: 2, # 'g' + 20: 2, # 'h' + 9: 3, # 'i' + 22: 1, # 'j' + 7: 3, # 'k' + 6: 2, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 8: 3, # 'o' + 23: 1, # 'p' + 10: 2, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 3, # 'u' + 19: 2, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 3, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 3, # 'á' + 15: 3, # 'é' + 30: 3, # 'í' + 25: 3, # 'ó' + 24: 3, # 'ö' + 31: 2, # 'ú' + 29: 3, # 'ü' + 42: 2, # 'ő' + 56: 1, # 'ű' + }, + 51: { # 'Á' + 28: 0, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 0, # 'E' + 50: 1, # 'F' + 49: 2, # 'G' + 38: 1, # 'H' + 39: 1, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 2, # 'L' + 34: 1, # 'M' + 35: 2, # 'N' + 47: 0, # 'O' + 46: 1, # 'P' + 43: 2, # 'R' + 33: 2, # 'S' + 37: 1, # 'T' + 57: 0, # 'U' + 48: 1, # 'V' + 55: 0, # 'Y' + 52: 1, # 'Z' + 2: 0, # 'a' + 18: 1, # 'b' + 26: 1, # 'c' + 17: 1, # 'd' + 1: 0, # 'e' + 27: 0, # 'f' + 12: 1, # 'g' + 20: 1, # 'h' + 9: 0, # 'i' + 22: 1, # 'j' + 7: 1, # 'k' + 6: 2, # 'l' + 13: 2, # 'm' + 4: 0, # 'n' + 8: 0, # 'o' + 23: 1, # 'p' + 10: 1, # 'r' + 5: 1, # 's' + 3: 1, # 't' + 21: 0, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 1, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 1, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 44: { # 'É' + 28: 0, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 1, # 'E' + 50: 0, # 'F' + 49: 2, # 'G' + 38: 1, # 'H' + 39: 1, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 2, # 'L' + 34: 1, # 'M' + 35: 2, # 'N' + 47: 0, # 'O' + 46: 1, # 'P' + 43: 2, # 'R' + 33: 2, # 'S' + 37: 2, # 'T' + 57: 0, # 'U' + 48: 1, # 'V' + 55: 0, # 'Y' + 52: 1, # 'Z' + 2: 0, # 'a' + 18: 1, # 'b' + 26: 1, # 'c' + 17: 1, # 'd' + 1: 0, # 'e' + 27: 0, # 'f' + 12: 1, # 'g' + 20: 1, # 'h' + 9: 0, # 'i' + 22: 1, # 'j' + 7: 1, # 'k' + 6: 2, # 'l' + 13: 1, # 'm' + 4: 2, # 'n' + 8: 0, # 'o' + 23: 1, # 'p' + 10: 2, # 'r' + 5: 3, # 's' + 3: 1, # 't' + 21: 0, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 0, # 'z' + 51: 0, # 'Á' + 44: 1, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 61: { # 'Í' + 28: 0, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 0, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 1, # 'J' + 36: 0, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 0, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 0, # 'U' + 48: 1, # 'V' + 55: 0, # 'Y' + 52: 1, # 'Z' + 2: 0, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 0, # 'e' + 27: 0, # 'f' + 12: 2, # 'g' + 20: 0, # 'h' + 9: 0, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 0, # 'l' + 13: 1, # 'm' + 4: 0, # 'n' + 8: 0, # 'o' + 23: 0, # 'p' + 10: 1, # 'r' + 5: 0, # 's' + 3: 1, # 't' + 21: 0, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 1, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 58: { # 'Ó' + 28: 1, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 0, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 1, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 2, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 0, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 0, # 'U' + 48: 1, # 'V' + 55: 0, # 'Y' + 52: 1, # 'Z' + 2: 0, # 'a' + 18: 1, # 'b' + 26: 1, # 'c' + 17: 1, # 'd' + 1: 0, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 2, # 'h' + 9: 0, # 'i' + 22: 0, # 'j' + 7: 1, # 'k' + 6: 1, # 'l' + 13: 0, # 'm' + 4: 1, # 'n' + 8: 0, # 'o' + 23: 1, # 'p' + 10: 1, # 'r' + 5: 1, # 's' + 3: 0, # 't' + 21: 0, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 1, # 'z' + 51: 0, # 'Á' + 44: 1, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 59: { # 'Ö' + 28: 0, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 0, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 0, # 'O' + 46: 1, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 0, # 'U' + 48: 1, # 'V' + 55: 0, # 'Y' + 52: 1, # 'Z' + 2: 0, # 'a' + 18: 0, # 'b' + 26: 1, # 'c' + 17: 1, # 'd' + 1: 0, # 'e' + 27: 0, # 'f' + 12: 0, # 'g' + 20: 0, # 'h' + 9: 0, # 'i' + 22: 0, # 'j' + 7: 1, # 'k' + 6: 1, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 8: 0, # 'o' + 23: 0, # 'p' + 10: 2, # 'r' + 5: 1, # 's' + 3: 1, # 't' + 21: 0, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 1, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 60: { # 'Ú' + 28: 0, # 'A' + 40: 1, # 'B' + 54: 1, # 'C' + 45: 1, # 'D' + 32: 0, # 'E' + 50: 1, # 'F' + 49: 1, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 0, # 'U' + 48: 1, # 'V' + 55: 0, # 'Y' + 52: 1, # 'Z' + 2: 0, # 'a' + 18: 0, # 'b' + 26: 0, # 'c' + 17: 0, # 'd' + 1: 0, # 'e' + 27: 0, # 'f' + 12: 2, # 'g' + 20: 0, # 'h' + 9: 0, # 'i' + 22: 2, # 'j' + 7: 0, # 'k' + 6: 0, # 'l' + 13: 0, # 'm' + 4: 1, # 'n' + 8: 0, # 'o' + 23: 0, # 'p' + 10: 1, # 'r' + 5: 1, # 's' + 3: 1, # 't' + 21: 0, # 'u' + 19: 0, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 0, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 63: { # 'Ü' + 28: 0, # 'A' + 40: 1, # 'B' + 54: 0, # 'C' + 45: 1, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 1, # 'G' + 38: 1, # 'H' + 39: 0, # 'I' + 53: 1, # 'J' + 36: 1, # 'K' + 41: 1, # 'L' + 34: 1, # 'M' + 35: 1, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 1, # 'R' + 33: 1, # 'S' + 37: 1, # 'T' + 57: 0, # 'U' + 48: 1, # 'V' + 55: 0, # 'Y' + 52: 1, # 'Z' + 2: 0, # 'a' + 18: 1, # 'b' + 26: 0, # 'c' + 17: 1, # 'd' + 1: 0, # 'e' + 27: 0, # 'f' + 12: 1, # 'g' + 20: 0, # 'h' + 9: 0, # 'i' + 22: 0, # 'j' + 7: 0, # 'k' + 6: 1, # 'l' + 13: 0, # 'm' + 4: 1, # 'n' + 8: 0, # 'o' + 23: 0, # 'p' + 10: 1, # 'r' + 5: 1, # 's' + 3: 1, # 't' + 21: 0, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 1, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 14: { # 'á' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 1, # 'a' + 18: 3, # 'b' + 26: 3, # 'c' + 17: 3, # 'd' + 1: 1, # 'e' + 27: 2, # 'f' + 12: 3, # 'g' + 20: 2, # 'h' + 9: 2, # 'i' + 22: 3, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 8: 1, # 'o' + 23: 2, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 2, # 'u' + 19: 3, # 'v' + 62: 0, # 'x' + 16: 1, # 'y' + 11: 3, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 1, # 'á' + 15: 2, # 'é' + 30: 1, # 'í' + 25: 0, # 'ó' + 24: 1, # 'ö' + 31: 0, # 'ú' + 29: 1, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 15: { # 'é' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 1, # 'a' + 18: 3, # 'b' + 26: 2, # 'c' + 17: 3, # 'd' + 1: 1, # 'e' + 27: 1, # 'f' + 12: 3, # 'g' + 20: 3, # 'h' + 9: 2, # 'i' + 22: 2, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 8: 1, # 'o' + 23: 3, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 0, # 'u' + 19: 3, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 3, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 1, # 'á' + 15: 1, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 1, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 30: { # 'í' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 0, # 'a' + 18: 1, # 'b' + 26: 2, # 'c' + 17: 1, # 'd' + 1: 0, # 'e' + 27: 1, # 'f' + 12: 3, # 'g' + 20: 0, # 'h' + 9: 0, # 'i' + 22: 1, # 'j' + 7: 1, # 'k' + 6: 2, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 8: 0, # 'o' + 23: 1, # 'p' + 10: 3, # 'r' + 5: 2, # 's' + 3: 3, # 't' + 21: 0, # 'u' + 19: 3, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 25: { # 'ó' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 2, # 'a' + 18: 3, # 'b' + 26: 2, # 'c' + 17: 3, # 'd' + 1: 1, # 'e' + 27: 2, # 'f' + 12: 2, # 'g' + 20: 2, # 'h' + 9: 2, # 'i' + 22: 2, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 8: 1, # 'o' + 23: 2, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 1, # 'u' + 19: 2, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 3, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 1, # 'á' + 15: 1, # 'é' + 30: 1, # 'í' + 25: 0, # 'ó' + 24: 1, # 'ö' + 31: 1, # 'ú' + 29: 1, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 24: { # 'ö' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 0, # 'a' + 18: 3, # 'b' + 26: 1, # 'c' + 17: 2, # 'd' + 1: 0, # 'e' + 27: 1, # 'f' + 12: 2, # 'g' + 20: 1, # 'h' + 9: 0, # 'i' + 22: 1, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 8: 0, # 'o' + 23: 2, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 3, # 't' + 21: 0, # 'u' + 19: 3, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 3, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 31: { # 'ú' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 1, # 'a' + 18: 1, # 'b' + 26: 2, # 'c' + 17: 1, # 'd' + 1: 1, # 'e' + 27: 2, # 'f' + 12: 3, # 'g' + 20: 1, # 'h' + 9: 1, # 'i' + 22: 3, # 'j' + 7: 1, # 'k' + 6: 3, # 'l' + 13: 1, # 'm' + 4: 2, # 'n' + 8: 0, # 'o' + 23: 1, # 'p' + 10: 3, # 'r' + 5: 3, # 's' + 3: 2, # 't' + 21: 1, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 1, # 'á' + 15: 1, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 29: { # 'ü' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 1, # 'a' + 18: 1, # 'b' + 26: 1, # 'c' + 17: 2, # 'd' + 1: 1, # 'e' + 27: 1, # 'f' + 12: 3, # 'g' + 20: 2, # 'h' + 9: 1, # 'i' + 22: 1, # 'j' + 7: 3, # 'k' + 6: 3, # 'l' + 13: 1, # 'm' + 4: 3, # 'n' + 8: 0, # 'o' + 23: 1, # 'p' + 10: 2, # 'r' + 5: 2, # 's' + 3: 2, # 't' + 21: 0, # 'u' + 19: 2, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 1, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 42: { # 'ő' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 1, # 'a' + 18: 2, # 'b' + 26: 1, # 'c' + 17: 2, # 'd' + 1: 1, # 'e' + 27: 1, # 'f' + 12: 1, # 'g' + 20: 1, # 'h' + 9: 1, # 'i' + 22: 1, # 'j' + 7: 2, # 'k' + 6: 3, # 'l' + 13: 1, # 'm' + 4: 2, # 'n' + 8: 1, # 'o' + 23: 1, # 'p' + 10: 2, # 'r' + 5: 2, # 's' + 3: 2, # 't' + 21: 1, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 1, # 'é' + 30: 1, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 1, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, + 56: { # 'ű' + 28: 0, # 'A' + 40: 0, # 'B' + 54: 0, # 'C' + 45: 0, # 'D' + 32: 0, # 'E' + 50: 0, # 'F' + 49: 0, # 'G' + 38: 0, # 'H' + 39: 0, # 'I' + 53: 0, # 'J' + 36: 0, # 'K' + 41: 0, # 'L' + 34: 0, # 'M' + 35: 0, # 'N' + 47: 0, # 'O' + 46: 0, # 'P' + 43: 0, # 'R' + 33: 0, # 'S' + 37: 0, # 'T' + 57: 0, # 'U' + 48: 0, # 'V' + 55: 0, # 'Y' + 52: 0, # 'Z' + 2: 1, # 'a' + 18: 1, # 'b' + 26: 0, # 'c' + 17: 1, # 'd' + 1: 1, # 'e' + 27: 1, # 'f' + 12: 1, # 'g' + 20: 1, # 'h' + 9: 1, # 'i' + 22: 1, # 'j' + 7: 1, # 'k' + 6: 1, # 'l' + 13: 0, # 'm' + 4: 2, # 'n' + 8: 0, # 'o' + 23: 0, # 'p' + 10: 1, # 'r' + 5: 1, # 's' + 3: 1, # 't' + 21: 0, # 'u' + 19: 1, # 'v' + 62: 0, # 'x' + 16: 0, # 'y' + 11: 2, # 'z' + 51: 0, # 'Á' + 44: 0, # 'É' + 61: 0, # 'Í' + 58: 0, # 'Ó' + 59: 0, # 'Ö' + 60: 0, # 'Ú' + 63: 0, # 'Ü' + 14: 0, # 'á' + 15: 0, # 'é' + 30: 0, # 'í' + 25: 0, # 'ó' + 24: 0, # 'ö' + 31: 0, # 'ú' + 29: 0, # 'ü' + 42: 0, # 'ő' + 56: 0, # 'ű' + }, +} + +# 255: Undefined characters that did not exist in training text +# 254: Carriage/Return +# 253: symbol (punctuation) that does not belong to word +# 252: 0 - 9 +# 251: Control characters + +# Character Mapping Table(s): +WINDOWS_1250_HUNGARIAN_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 28, # 'A' + 66: 40, # 'B' + 67: 54, # 'C' + 68: 45, # 'D' + 69: 32, # 'E' + 70: 50, # 'F' + 71: 49, # 'G' + 72: 38, # 'H' + 73: 39, # 'I' + 74: 53, # 'J' + 75: 36, # 'K' + 76: 41, # 'L' + 77: 34, # 'M' + 78: 35, # 'N' + 79: 47, # 'O' + 80: 46, # 'P' + 81: 72, # 'Q' + 82: 43, # 'R' + 83: 33, # 'S' + 84: 37, # 'T' + 85: 57, # 'U' + 86: 48, # 'V' + 87: 64, # 'W' + 88: 68, # 'X' + 89: 55, # 'Y' + 90: 52, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 2, # 'a' + 98: 18, # 'b' + 99: 26, # 'c' + 100: 17, # 'd' + 101: 1, # 'e' + 102: 27, # 'f' + 103: 12, # 'g' + 104: 20, # 'h' + 105: 9, # 'i' + 106: 22, # 'j' + 107: 7, # 'k' + 108: 6, # 'l' + 109: 13, # 'm' + 110: 4, # 'n' + 111: 8, # 'o' + 112: 23, # 'p' + 113: 67, # 'q' + 114: 10, # 'r' + 115: 5, # 's' + 116: 3, # 't' + 117: 21, # 'u' + 118: 19, # 'v' + 119: 65, # 'w' + 120: 62, # 'x' + 121: 16, # 'y' + 122: 11, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 161, # '€' + 129: 162, # None + 130: 163, # '‚' + 131: 164, # None + 132: 165, # '„' + 133: 166, # '…' + 134: 167, # '†' + 135: 168, # '‡' + 136: 169, # None + 137: 170, # '‰' + 138: 171, # 'Š' + 139: 172, # '‹' + 140: 173, # 'Ś' + 141: 174, # 'Ť' + 142: 175, # 'Ž' + 143: 176, # 'Ź' + 144: 177, # None + 145: 178, # '‘' + 146: 179, # '’' + 147: 180, # '“' + 148: 78, # '”' + 149: 181, # '•' + 150: 69, # '–' + 151: 182, # '—' + 152: 183, # None + 153: 184, # '™' + 154: 185, # 'š' + 155: 186, # '›' + 156: 187, # 'ś' + 157: 188, # 'ť' + 158: 189, # 'ž' + 159: 190, # 'ź' + 160: 191, # '\xa0' + 161: 192, # 'ˇ' + 162: 193, # '˘' + 163: 194, # 'Ł' + 164: 195, # '¤' + 165: 196, # 'Ą' + 166: 197, # '¦' + 167: 76, # '§' + 168: 198, # '¨' + 169: 199, # '©' + 170: 200, # 'Ş' + 171: 201, # '«' + 172: 202, # '¬' + 173: 203, # '\xad' + 174: 204, # '®' + 175: 205, # 'Ż' + 176: 81, # '°' + 177: 206, # '±' + 178: 207, # '˛' + 179: 208, # 'ł' + 180: 209, # '´' + 181: 210, # 'µ' + 182: 211, # '¶' + 183: 212, # '·' + 184: 213, # '¸' + 185: 214, # 'ą' + 186: 215, # 'ş' + 187: 216, # '»' + 188: 217, # 'Ľ' + 189: 218, # '˝' + 190: 219, # 'ľ' + 191: 220, # 'ż' + 192: 221, # 'Ŕ' + 193: 51, # 'Á' + 194: 83, # 'Â' + 195: 222, # 'Ă' + 196: 80, # 'Ä' + 197: 223, # 'Ĺ' + 198: 224, # 'Ć' + 199: 225, # 'Ç' + 200: 226, # 'Č' + 201: 44, # 'É' + 202: 227, # 'Ę' + 203: 228, # 'Ë' + 204: 229, # 'Ě' + 205: 61, # 'Í' + 206: 230, # 'Î' + 207: 231, # 'Ď' + 208: 232, # 'Đ' + 209: 233, # 'Ń' + 210: 234, # 'Ň' + 211: 58, # 'Ó' + 212: 235, # 'Ô' + 213: 66, # 'Ő' + 214: 59, # 'Ö' + 215: 236, # '×' + 216: 237, # 'Ř' + 217: 238, # 'Ů' + 218: 60, # 'Ú' + 219: 70, # 'Ű' + 220: 63, # 'Ü' + 221: 239, # 'Ý' + 222: 240, # 'Ţ' + 223: 241, # 'ß' + 224: 84, # 'ŕ' + 225: 14, # 'á' + 226: 75, # 'â' + 227: 242, # 'ă' + 228: 71, # 'ä' + 229: 82, # 'ĺ' + 230: 243, # 'ć' + 231: 73, # 'ç' + 232: 244, # 'č' + 233: 15, # 'é' + 234: 85, # 'ę' + 235: 79, # 'ë' + 236: 86, # 'ě' + 237: 30, # 'í' + 238: 77, # 'î' + 239: 87, # 'ď' + 240: 245, # 'đ' + 241: 246, # 'ń' + 242: 247, # 'ň' + 243: 25, # 'ó' + 244: 74, # 'ô' + 245: 42, # 'ő' + 246: 24, # 'ö' + 247: 248, # '÷' + 248: 249, # 'ř' + 249: 250, # 'ů' + 250: 31, # 'ú' + 251: 56, # 'ű' + 252: 29, # 'ü' + 253: 251, # 'ý' + 254: 252, # 'ţ' + 255: 253, # '˙' +} + +WINDOWS_1250_HUNGARIAN_MODEL = SingleByteCharSetModel(charset_name='windows-1250', + language='Hungarian', + char_to_order_map=WINDOWS_1250_HUNGARIAN_CHAR_TO_ORDER, + language_model=HUNGARIAN_LANG_MODEL, + typical_positive_ratio=0.947368, + keep_ascii_letters=True, + alphabet='ABCDEFGHIJKLMNOPRSTUVZabcdefghijklmnoprstuvzÁÉÍÓÖÚÜáéíóöúüŐőŰű') + +ISO_8859_2_HUNGARIAN_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 28, # 'A' + 66: 40, # 'B' + 67: 54, # 'C' + 68: 45, # 'D' + 69: 32, # 'E' + 70: 50, # 'F' + 71: 49, # 'G' + 72: 38, # 'H' + 73: 39, # 'I' + 74: 53, # 'J' + 75: 36, # 'K' + 76: 41, # 'L' + 77: 34, # 'M' + 78: 35, # 'N' + 79: 47, # 'O' + 80: 46, # 'P' + 81: 71, # 'Q' + 82: 43, # 'R' + 83: 33, # 'S' + 84: 37, # 'T' + 85: 57, # 'U' + 86: 48, # 'V' + 87: 64, # 'W' + 88: 68, # 'X' + 89: 55, # 'Y' + 90: 52, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 2, # 'a' + 98: 18, # 'b' + 99: 26, # 'c' + 100: 17, # 'd' + 101: 1, # 'e' + 102: 27, # 'f' + 103: 12, # 'g' + 104: 20, # 'h' + 105: 9, # 'i' + 106: 22, # 'j' + 107: 7, # 'k' + 108: 6, # 'l' + 109: 13, # 'm' + 110: 4, # 'n' + 111: 8, # 'o' + 112: 23, # 'p' + 113: 67, # 'q' + 114: 10, # 'r' + 115: 5, # 's' + 116: 3, # 't' + 117: 21, # 'u' + 118: 19, # 'v' + 119: 65, # 'w' + 120: 62, # 'x' + 121: 16, # 'y' + 122: 11, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 159, # '\x80' + 129: 160, # '\x81' + 130: 161, # '\x82' + 131: 162, # '\x83' + 132: 163, # '\x84' + 133: 164, # '\x85' + 134: 165, # '\x86' + 135: 166, # '\x87' + 136: 167, # '\x88' + 137: 168, # '\x89' + 138: 169, # '\x8a' + 139: 170, # '\x8b' + 140: 171, # '\x8c' + 141: 172, # '\x8d' + 142: 173, # '\x8e' + 143: 174, # '\x8f' + 144: 175, # '\x90' + 145: 176, # '\x91' + 146: 177, # '\x92' + 147: 178, # '\x93' + 148: 179, # '\x94' + 149: 180, # '\x95' + 150: 181, # '\x96' + 151: 182, # '\x97' + 152: 183, # '\x98' + 153: 184, # '\x99' + 154: 185, # '\x9a' + 155: 186, # '\x9b' + 156: 187, # '\x9c' + 157: 188, # '\x9d' + 158: 189, # '\x9e' + 159: 190, # '\x9f' + 160: 191, # '\xa0' + 161: 192, # 'Ą' + 162: 193, # '˘' + 163: 194, # 'Ł' + 164: 195, # '¤' + 165: 196, # 'Ľ' + 166: 197, # 'Ś' + 167: 75, # '§' + 168: 198, # '¨' + 169: 199, # 'Š' + 170: 200, # 'Ş' + 171: 201, # 'Ť' + 172: 202, # 'Ź' + 173: 203, # '\xad' + 174: 204, # 'Ž' + 175: 205, # 'Ż' + 176: 79, # '°' + 177: 206, # 'ą' + 178: 207, # '˛' + 179: 208, # 'ł' + 180: 209, # '´' + 181: 210, # 'ľ' + 182: 211, # 'ś' + 183: 212, # 'ˇ' + 184: 213, # '¸' + 185: 214, # 'š' + 186: 215, # 'ş' + 187: 216, # 'ť' + 188: 217, # 'ź' + 189: 218, # '˝' + 190: 219, # 'ž' + 191: 220, # 'ż' + 192: 221, # 'Ŕ' + 193: 51, # 'Á' + 194: 81, # 'Â' + 195: 222, # 'Ă' + 196: 78, # 'Ä' + 197: 223, # 'Ĺ' + 198: 224, # 'Ć' + 199: 225, # 'Ç' + 200: 226, # 'Č' + 201: 44, # 'É' + 202: 227, # 'Ę' + 203: 228, # 'Ë' + 204: 229, # 'Ě' + 205: 61, # 'Í' + 206: 230, # 'Î' + 207: 231, # 'Ď' + 208: 232, # 'Đ' + 209: 233, # 'Ń' + 210: 234, # 'Ň' + 211: 58, # 'Ó' + 212: 235, # 'Ô' + 213: 66, # 'Ő' + 214: 59, # 'Ö' + 215: 236, # '×' + 216: 237, # 'Ř' + 217: 238, # 'Ů' + 218: 60, # 'Ú' + 219: 69, # 'Ű' + 220: 63, # 'Ü' + 221: 239, # 'Ý' + 222: 240, # 'Ţ' + 223: 241, # 'ß' + 224: 82, # 'ŕ' + 225: 14, # 'á' + 226: 74, # 'â' + 227: 242, # 'ă' + 228: 70, # 'ä' + 229: 80, # 'ĺ' + 230: 243, # 'ć' + 231: 72, # 'ç' + 232: 244, # 'č' + 233: 15, # 'é' + 234: 83, # 'ę' + 235: 77, # 'ë' + 236: 84, # 'ě' + 237: 30, # 'í' + 238: 76, # 'î' + 239: 85, # 'ď' + 240: 245, # 'đ' + 241: 246, # 'ń' + 242: 247, # 'ň' + 243: 25, # 'ó' + 244: 73, # 'ô' + 245: 42, # 'ő' + 246: 24, # 'ö' + 247: 248, # '÷' + 248: 249, # 'ř' + 249: 250, # 'ů' + 250: 31, # 'ú' + 251: 56, # 'ű' + 252: 29, # 'ü' + 253: 251, # 'ý' + 254: 252, # 'ţ' + 255: 253, # '˙' +} + +ISO_8859_2_HUNGARIAN_MODEL = SingleByteCharSetModel(charset_name='ISO-8859-2', + language='Hungarian', + char_to_order_map=ISO_8859_2_HUNGARIAN_CHAR_TO_ORDER, + language_model=HUNGARIAN_LANG_MODEL, + typical_positive_ratio=0.947368, + keep_ascii_letters=True, + alphabet='ABCDEFGHIJKLMNOPRSTUVZabcdefghijklmnoprstuvzÁÉÍÓÖÚÜáéíóöúüŐőŰű') + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langrussianmodel.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langrussianmodel.py new file mode 100644 index 000000000..5594452b5 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langrussianmodel.py @@ -0,0 +1,5718 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel + + +# 3: Positive +# 2: Likely +# 1: Unlikely +# 0: Negative + +RUSSIAN_LANG_MODEL = { + 37: { # 'А' + 37: 0, # 'А' + 44: 1, # 'Б' + 33: 1, # 'В' + 46: 1, # 'Г' + 41: 1, # 'Д' + 48: 1, # 'Е' + 56: 1, # 'Ж' + 51: 1, # 'З' + 42: 1, # 'И' + 60: 1, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 2, # 'Н' + 34: 1, # 'О' + 35: 1, # 'П' + 45: 1, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 1, # 'У' + 53: 1, # 'Ф' + 55: 1, # 'Х' + 58: 1, # 'Ц' + 50: 1, # 'Ч' + 57: 1, # 'Ш' + 63: 1, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 1, # 'Ю' + 43: 1, # 'Я' + 3: 1, # 'а' + 21: 2, # 'б' + 10: 2, # 'в' + 19: 2, # 'г' + 13: 2, # 'д' + 2: 0, # 'е' + 24: 1, # 'ж' + 20: 1, # 'з' + 4: 0, # 'и' + 23: 1, # 'й' + 11: 2, # 'к' + 8: 3, # 'л' + 12: 2, # 'м' + 5: 2, # 'н' + 1: 0, # 'о' + 15: 2, # 'п' + 9: 2, # 'р' + 7: 2, # 'с' + 6: 2, # 'т' + 14: 2, # 'у' + 39: 2, # 'ф' + 26: 2, # 'х' + 28: 0, # 'ц' + 22: 1, # 'ч' + 25: 2, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 1, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 44: { # 'Б' + 37: 1, # 'А' + 44: 0, # 'Б' + 33: 1, # 'В' + 46: 1, # 'Г' + 41: 0, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 0, # 'П' + 45: 1, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 1, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 1, # 'Я' + 3: 2, # 'а' + 21: 0, # 'б' + 10: 0, # 'в' + 19: 0, # 'г' + 13: 1, # 'д' + 2: 3, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 2, # 'л' + 12: 0, # 'м' + 5: 0, # 'н' + 1: 3, # 'о' + 15: 0, # 'п' + 9: 2, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 2, # 'ы' + 17: 1, # 'ь' + 30: 2, # 'э' + 27: 1, # 'ю' + 16: 1, # 'я' + }, + 33: { # 'В' + 37: 2, # 'А' + 44: 0, # 'Б' + 33: 1, # 'В' + 46: 0, # 'Г' + 41: 1, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 1, # 'П' + 45: 1, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 1, # 'Ш' + 63: 0, # 'Щ' + 62: 1, # 'Ы' + 61: 1, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 1, # 'Я' + 3: 2, # 'а' + 21: 1, # 'б' + 10: 1, # 'в' + 19: 1, # 'г' + 13: 2, # 'д' + 2: 3, # 'е' + 24: 0, # 'ж' + 20: 2, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 1, # 'к' + 8: 2, # 'л' + 12: 2, # 'м' + 5: 2, # 'н' + 1: 3, # 'о' + 15: 2, # 'п' + 9: 2, # 'р' + 7: 3, # 'с' + 6: 2, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 1, # 'х' + 28: 1, # 'ц' + 22: 2, # 'ч' + 25: 1, # 'ш' + 29: 0, # 'щ' + 54: 1, # 'ъ' + 18: 3, # 'ы' + 17: 1, # 'ь' + 30: 2, # 'э' + 27: 0, # 'ю' + 16: 1, # 'я' + }, + 46: { # 'Г' + 37: 1, # 'А' + 44: 1, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 1, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 1, # 'П' + 45: 1, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 2, # 'а' + 21: 0, # 'б' + 10: 1, # 'в' + 19: 0, # 'г' + 13: 2, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 2, # 'л' + 12: 1, # 'м' + 5: 1, # 'н' + 1: 3, # 'о' + 15: 0, # 'п' + 9: 2, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 1, # 'ь' + 30: 1, # 'э' + 27: 1, # 'ю' + 16: 0, # 'я' + }, + 41: { # 'Д' + 37: 1, # 'А' + 44: 0, # 'Б' + 33: 1, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 2, # 'Е' + 56: 1, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 0, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 0, # 'П' + 45: 1, # 'Р' + 32: 1, # 'С' + 40: 0, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 1, # 'Ц' + 50: 1, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 1, # 'Ы' + 61: 1, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 1, # 'Я' + 3: 3, # 'а' + 21: 0, # 'б' + 10: 2, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 2, # 'е' + 24: 3, # 'ж' + 20: 1, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 2, # 'л' + 12: 1, # 'м' + 5: 1, # 'н' + 1: 3, # 'о' + 15: 0, # 'п' + 9: 2, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 1, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 1, # 'ы' + 17: 1, # 'ь' + 30: 2, # 'э' + 27: 1, # 'ю' + 16: 1, # 'я' + }, + 48: { # 'Е' + 37: 1, # 'А' + 44: 1, # 'Б' + 33: 1, # 'В' + 46: 1, # 'Г' + 41: 1, # 'Д' + 48: 1, # 'Е' + 56: 1, # 'Ж' + 51: 1, # 'З' + 42: 1, # 'И' + 60: 1, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 2, # 'Н' + 34: 1, # 'О' + 35: 1, # 'П' + 45: 2, # 'Р' + 32: 2, # 'С' + 40: 1, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 1, # 'Х' + 58: 1, # 'Ц' + 50: 1, # 'Ч' + 57: 1, # 'Ш' + 63: 1, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 1, # 'Я' + 3: 0, # 'а' + 21: 0, # 'б' + 10: 2, # 'в' + 19: 2, # 'г' + 13: 2, # 'д' + 2: 2, # 'е' + 24: 1, # 'ж' + 20: 1, # 'з' + 4: 0, # 'и' + 23: 2, # 'й' + 11: 1, # 'к' + 8: 2, # 'л' + 12: 2, # 'м' + 5: 1, # 'н' + 1: 0, # 'о' + 15: 1, # 'п' + 9: 1, # 'р' + 7: 3, # 'с' + 6: 0, # 'т' + 14: 0, # 'у' + 39: 1, # 'ф' + 26: 1, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 1, # 'ш' + 29: 2, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 1, # 'ю' + 16: 0, # 'я' + }, + 56: { # 'Ж' + 37: 1, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 1, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 1, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 2, # 'а' + 21: 1, # 'б' + 10: 0, # 'в' + 19: 1, # 'г' + 13: 1, # 'д' + 2: 2, # 'е' + 24: 1, # 'ж' + 20: 0, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 0, # 'л' + 12: 1, # 'м' + 5: 0, # 'н' + 1: 2, # 'о' + 15: 0, # 'п' + 9: 1, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 2, # 'ю' + 16: 0, # 'я' + }, + 51: { # 'З' + 37: 1, # 'А' + 44: 0, # 'Б' + 33: 1, # 'В' + 46: 1, # 'Г' + 41: 1, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 0, # 'П' + 45: 1, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 1, # 'Ы' + 61: 1, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 1, # 'б' + 10: 2, # 'в' + 19: 0, # 'г' + 13: 2, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 1, # 'л' + 12: 1, # 'м' + 5: 2, # 'н' + 1: 2, # 'о' + 15: 0, # 'п' + 9: 1, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 1, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 1, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 0, # 'ю' + 16: 1, # 'я' + }, + 42: { # 'И' + 37: 1, # 'А' + 44: 1, # 'Б' + 33: 1, # 'В' + 46: 1, # 'Г' + 41: 1, # 'Д' + 48: 2, # 'Е' + 56: 1, # 'Ж' + 51: 1, # 'З' + 42: 1, # 'И' + 60: 1, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 1, # 'П' + 45: 1, # 'Р' + 32: 2, # 'С' + 40: 1, # 'Т' + 52: 0, # 'У' + 53: 1, # 'Ф' + 55: 1, # 'Х' + 58: 1, # 'Ц' + 50: 1, # 'Ч' + 57: 0, # 'Ш' + 63: 1, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 1, # 'Ю' + 43: 1, # 'Я' + 3: 1, # 'а' + 21: 2, # 'б' + 10: 2, # 'в' + 19: 2, # 'г' + 13: 2, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 2, # 'з' + 4: 1, # 'и' + 23: 0, # 'й' + 11: 1, # 'к' + 8: 2, # 'л' + 12: 2, # 'м' + 5: 2, # 'н' + 1: 1, # 'о' + 15: 1, # 'п' + 9: 2, # 'р' + 7: 2, # 'с' + 6: 2, # 'т' + 14: 1, # 'у' + 39: 1, # 'ф' + 26: 2, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 1, # 'ш' + 29: 1, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 1, # 'ю' + 16: 0, # 'я' + }, + 60: { # 'Й' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 1, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 0, # 'М' + 31: 1, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 1, # 'Х' + 58: 1, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 0, # 'а' + 21: 0, # 'б' + 10: 0, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 1, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 0, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 0, # 'л' + 12: 0, # 'м' + 5: 0, # 'н' + 1: 2, # 'о' + 15: 0, # 'п' + 9: 0, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 0, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 36: { # 'К' + 37: 2, # 'А' + 44: 0, # 'Б' + 33: 1, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 1, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 1, # 'Л' + 38: 0, # 'М' + 31: 1, # 'Н' + 34: 2, # 'О' + 35: 1, # 'П' + 45: 1, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 1, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 0, # 'б' + 10: 1, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 2, # 'л' + 12: 0, # 'м' + 5: 1, # 'н' + 1: 3, # 'о' + 15: 0, # 'п' + 9: 2, # 'р' + 7: 2, # 'с' + 6: 2, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 1, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 1, # 'ы' + 17: 1, # 'ь' + 30: 2, # 'э' + 27: 1, # 'ю' + 16: 0, # 'я' + }, + 49: { # 'Л' + 37: 2, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 1, # 'Г' + 41: 0, # 'Д' + 48: 1, # 'Е' + 56: 1, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 0, # 'Н' + 34: 1, # 'О' + 35: 1, # 'П' + 45: 0, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 1, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 1, # 'Ы' + 61: 1, # 'Ь' + 47: 0, # 'Э' + 59: 1, # 'Ю' + 43: 1, # 'Я' + 3: 2, # 'а' + 21: 0, # 'б' + 10: 0, # 'в' + 19: 1, # 'г' + 13: 0, # 'д' + 2: 2, # 'е' + 24: 1, # 'ж' + 20: 0, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 1, # 'л' + 12: 0, # 'м' + 5: 1, # 'н' + 1: 2, # 'о' + 15: 0, # 'п' + 9: 0, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 1, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 1, # 'ы' + 17: 1, # 'ь' + 30: 2, # 'э' + 27: 2, # 'ю' + 16: 1, # 'я' + }, + 38: { # 'М' + 37: 1, # 'А' + 44: 1, # 'Б' + 33: 1, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 1, # 'П' + 45: 1, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 1, # 'У' + 53: 1, # 'Ф' + 55: 1, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 1, # 'Ы' + 61: 0, # 'Ь' + 47: 1, # 'Э' + 59: 0, # 'Ю' + 43: 1, # 'Я' + 3: 3, # 'а' + 21: 0, # 'б' + 10: 0, # 'в' + 19: 1, # 'г' + 13: 0, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 1, # 'л' + 12: 1, # 'м' + 5: 2, # 'н' + 1: 3, # 'о' + 15: 0, # 'п' + 9: 1, # 'р' + 7: 1, # 'с' + 6: 0, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 3, # 'ы' + 17: 1, # 'ь' + 30: 2, # 'э' + 27: 1, # 'ю' + 16: 1, # 'я' + }, + 31: { # 'Н' + 37: 2, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 1, # 'Г' + 41: 1, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 1, # 'З' + 42: 2, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 0, # 'П' + 45: 1, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 1, # 'У' + 53: 1, # 'Ф' + 55: 1, # 'Х' + 58: 1, # 'Ц' + 50: 1, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 1, # 'Ы' + 61: 1, # 'Ь' + 47: 1, # 'Э' + 59: 0, # 'Ю' + 43: 1, # 'Я' + 3: 3, # 'а' + 21: 0, # 'б' + 10: 0, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 3, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 0, # 'л' + 12: 0, # 'м' + 5: 0, # 'н' + 1: 3, # 'о' + 15: 0, # 'п' + 9: 1, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 3, # 'у' + 39: 0, # 'ф' + 26: 1, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 1, # 'ы' + 17: 2, # 'ь' + 30: 1, # 'э' + 27: 1, # 'ю' + 16: 1, # 'я' + }, + 34: { # 'О' + 37: 0, # 'А' + 44: 1, # 'Б' + 33: 1, # 'В' + 46: 1, # 'Г' + 41: 2, # 'Д' + 48: 1, # 'Е' + 56: 1, # 'Ж' + 51: 1, # 'З' + 42: 1, # 'И' + 60: 1, # 'Й' + 36: 1, # 'К' + 49: 2, # 'Л' + 38: 1, # 'М' + 31: 2, # 'Н' + 34: 1, # 'О' + 35: 1, # 'П' + 45: 2, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 1, # 'У' + 53: 1, # 'Ф' + 55: 1, # 'Х' + 58: 0, # 'Ц' + 50: 1, # 'Ч' + 57: 1, # 'Ш' + 63: 1, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 1, # 'Я' + 3: 1, # 'а' + 21: 2, # 'б' + 10: 1, # 'в' + 19: 2, # 'г' + 13: 2, # 'д' + 2: 0, # 'е' + 24: 1, # 'ж' + 20: 1, # 'з' + 4: 0, # 'и' + 23: 1, # 'й' + 11: 2, # 'к' + 8: 2, # 'л' + 12: 1, # 'м' + 5: 3, # 'н' + 1: 0, # 'о' + 15: 2, # 'п' + 9: 2, # 'р' + 7: 2, # 'с' + 6: 2, # 'т' + 14: 1, # 'у' + 39: 1, # 'ф' + 26: 2, # 'х' + 28: 1, # 'ц' + 22: 2, # 'ч' + 25: 2, # 'ш' + 29: 1, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 35: { # 'П' + 37: 1, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 1, # 'Л' + 38: 0, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 1, # 'П' + 45: 2, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 1, # 'Ы' + 61: 1, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 1, # 'Я' + 3: 2, # 'а' + 21: 0, # 'б' + 10: 0, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 2, # 'л' + 12: 0, # 'м' + 5: 1, # 'н' + 1: 3, # 'о' + 15: 0, # 'п' + 9: 3, # 'р' + 7: 1, # 'с' + 6: 1, # 'т' + 14: 2, # 'у' + 39: 1, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 1, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 1, # 'ы' + 17: 2, # 'ь' + 30: 1, # 'э' + 27: 0, # 'ю' + 16: 2, # 'я' + }, + 45: { # 'Р' + 37: 2, # 'А' + 44: 1, # 'Б' + 33: 1, # 'В' + 46: 1, # 'Г' + 41: 1, # 'Д' + 48: 2, # 'Е' + 56: 1, # 'Ж' + 51: 0, # 'З' + 42: 2, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 2, # 'О' + 35: 0, # 'П' + 45: 1, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 1, # 'Х' + 58: 1, # 'Ц' + 50: 1, # 'Ч' + 57: 1, # 'Ш' + 63: 0, # 'Щ' + 62: 1, # 'Ы' + 61: 1, # 'Ь' + 47: 1, # 'Э' + 59: 1, # 'Ю' + 43: 1, # 'Я' + 3: 3, # 'а' + 21: 0, # 'б' + 10: 1, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 2, # 'е' + 24: 1, # 'ж' + 20: 0, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 0, # 'л' + 12: 0, # 'м' + 5: 0, # 'н' + 1: 3, # 'о' + 15: 0, # 'п' + 9: 1, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 2, # 'ы' + 17: 0, # 'ь' + 30: 1, # 'э' + 27: 1, # 'ю' + 16: 2, # 'я' + }, + 32: { # 'С' + 37: 1, # 'А' + 44: 1, # 'Б' + 33: 1, # 'В' + 46: 1, # 'Г' + 41: 1, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 1, # 'П' + 45: 1, # 'Р' + 32: 1, # 'С' + 40: 2, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 1, # 'Х' + 58: 1, # 'Ц' + 50: 1, # 'Ч' + 57: 1, # 'Ш' + 63: 0, # 'Щ' + 62: 1, # 'Ы' + 61: 1, # 'Ь' + 47: 1, # 'Э' + 59: 1, # 'Ю' + 43: 1, # 'Я' + 3: 2, # 'а' + 21: 1, # 'б' + 10: 2, # 'в' + 19: 1, # 'г' + 13: 2, # 'д' + 2: 3, # 'е' + 24: 1, # 'ж' + 20: 1, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 2, # 'к' + 8: 2, # 'л' + 12: 2, # 'м' + 5: 2, # 'н' + 1: 2, # 'о' + 15: 2, # 'п' + 9: 2, # 'р' + 7: 1, # 'с' + 6: 3, # 'т' + 14: 2, # 'у' + 39: 1, # 'ф' + 26: 1, # 'х' + 28: 1, # 'ц' + 22: 1, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 1, # 'ъ' + 18: 1, # 'ы' + 17: 1, # 'ь' + 30: 2, # 'э' + 27: 1, # 'ю' + 16: 1, # 'я' + }, + 40: { # 'Т' + 37: 1, # 'А' + 44: 0, # 'Б' + 33: 1, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 2, # 'О' + 35: 0, # 'П' + 45: 1, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 1, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 1, # 'Ы' + 61: 1, # 'Ь' + 47: 1, # 'Э' + 59: 1, # 'Ю' + 43: 1, # 'Я' + 3: 3, # 'а' + 21: 1, # 'б' + 10: 2, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 3, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 1, # 'к' + 8: 1, # 'л' + 12: 0, # 'м' + 5: 0, # 'н' + 1: 3, # 'о' + 15: 0, # 'п' + 9: 2, # 'р' + 7: 1, # 'с' + 6: 0, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 1, # 'щ' + 54: 0, # 'ъ' + 18: 3, # 'ы' + 17: 1, # 'ь' + 30: 2, # 'э' + 27: 1, # 'ю' + 16: 1, # 'я' + }, + 52: { # 'У' + 37: 1, # 'А' + 44: 1, # 'Б' + 33: 1, # 'В' + 46: 1, # 'Г' + 41: 1, # 'Д' + 48: 1, # 'Е' + 56: 1, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 1, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 1, # 'П' + 45: 1, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 1, # 'Х' + 58: 0, # 'Ц' + 50: 1, # 'Ч' + 57: 1, # 'Ш' + 63: 1, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 1, # 'Ю' + 43: 0, # 'Я' + 3: 1, # 'а' + 21: 2, # 'б' + 10: 2, # 'в' + 19: 1, # 'г' + 13: 2, # 'д' + 2: 1, # 'е' + 24: 2, # 'ж' + 20: 2, # 'з' + 4: 2, # 'и' + 23: 1, # 'й' + 11: 1, # 'к' + 8: 2, # 'л' + 12: 2, # 'м' + 5: 1, # 'н' + 1: 2, # 'о' + 15: 1, # 'п' + 9: 2, # 'р' + 7: 2, # 'с' + 6: 2, # 'т' + 14: 0, # 'у' + 39: 1, # 'ф' + 26: 1, # 'х' + 28: 1, # 'ц' + 22: 2, # 'ч' + 25: 1, # 'ш' + 29: 1, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 2, # 'э' + 27: 1, # 'ю' + 16: 0, # 'я' + }, + 53: { # 'Ф' + 37: 1, # 'А' + 44: 1, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 1, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 1, # 'О' + 35: 0, # 'П' + 45: 1, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 2, # 'а' + 21: 0, # 'б' + 10: 0, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 2, # 'л' + 12: 0, # 'м' + 5: 0, # 'н' + 1: 2, # 'о' + 15: 0, # 'п' + 9: 2, # 'р' + 7: 0, # 'с' + 6: 1, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 1, # 'ь' + 30: 2, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 55: { # 'Х' + 37: 1, # 'А' + 44: 0, # 'Б' + 33: 1, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 2, # 'а' + 21: 0, # 'б' + 10: 2, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 2, # 'л' + 12: 1, # 'м' + 5: 0, # 'н' + 1: 2, # 'о' + 15: 0, # 'п' + 9: 2, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 1, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 1, # 'ь' + 30: 1, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 58: { # 'Ц' + 37: 1, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 1, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 1, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 1, # 'а' + 21: 0, # 'б' + 10: 1, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 0, # 'л' + 12: 0, # 'м' + 5: 0, # 'н' + 1: 0, # 'о' + 15: 0, # 'п' + 9: 0, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 1, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 1, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 1, # 'ю' + 16: 0, # 'я' + }, + 50: { # 'Ч' + 37: 1, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 1, # 'Н' + 34: 0, # 'О' + 35: 1, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 1, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 1, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 2, # 'а' + 21: 0, # 'б' + 10: 0, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 1, # 'л' + 12: 0, # 'м' + 5: 0, # 'н' + 1: 1, # 'о' + 15: 0, # 'п' + 9: 1, # 'р' + 7: 0, # 'с' + 6: 3, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 1, # 'ь' + 30: 0, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 57: { # 'Ш' + 37: 1, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 0, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 1, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 2, # 'а' + 21: 0, # 'б' + 10: 1, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 1, # 'и' + 23: 0, # 'й' + 11: 1, # 'к' + 8: 2, # 'л' + 12: 1, # 'м' + 5: 1, # 'н' + 1: 2, # 'о' + 15: 2, # 'п' + 9: 1, # 'р' + 7: 0, # 'с' + 6: 2, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 1, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 1, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 1, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 63: { # 'Щ' + 37: 1, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 1, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 1, # 'а' + 21: 0, # 'б' + 10: 0, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 1, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 1, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 0, # 'л' + 12: 0, # 'м' + 5: 0, # 'н' + 1: 1, # 'о' + 15: 0, # 'п' + 9: 0, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 1, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 62: { # 'Ы' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 1, # 'В' + 46: 1, # 'Г' + 41: 0, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 1, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 0, # 'О' + 35: 1, # 'П' + 45: 1, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 1, # 'Х' + 58: 1, # 'Ц' + 50: 0, # 'Ч' + 57: 1, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 0, # 'а' + 21: 0, # 'б' + 10: 0, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 0, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 0, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 0, # 'л' + 12: 0, # 'м' + 5: 0, # 'н' + 1: 0, # 'о' + 15: 0, # 'п' + 9: 0, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 0, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 61: { # 'Ь' + 37: 0, # 'А' + 44: 1, # 'Б' + 33: 1, # 'В' + 46: 0, # 'Г' + 41: 1, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 0, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 1, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 1, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 1, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 1, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 1, # 'Ю' + 43: 1, # 'Я' + 3: 0, # 'а' + 21: 0, # 'б' + 10: 0, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 0, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 0, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 0, # 'л' + 12: 0, # 'м' + 5: 0, # 'н' + 1: 0, # 'о' + 15: 0, # 'п' + 9: 0, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 0, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 47: { # 'Э' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 1, # 'В' + 46: 0, # 'Г' + 41: 1, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 1, # 'Й' + 36: 1, # 'К' + 49: 1, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 0, # 'О' + 35: 1, # 'П' + 45: 1, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 1, # 'а' + 21: 1, # 'б' + 10: 2, # 'в' + 19: 1, # 'г' + 13: 2, # 'д' + 2: 0, # 'е' + 24: 1, # 'ж' + 20: 0, # 'з' + 4: 0, # 'и' + 23: 2, # 'й' + 11: 2, # 'к' + 8: 2, # 'л' + 12: 2, # 'м' + 5: 2, # 'н' + 1: 0, # 'о' + 15: 1, # 'п' + 9: 2, # 'р' + 7: 1, # 'с' + 6: 3, # 'т' + 14: 1, # 'у' + 39: 1, # 'ф' + 26: 1, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 1, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 59: { # 'Ю' + 37: 1, # 'А' + 44: 1, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 1, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 1, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 1, # 'Р' + 32: 0, # 'С' + 40: 1, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 1, # 'Ч' + 57: 0, # 'Ш' + 63: 1, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 0, # 'а' + 21: 1, # 'б' + 10: 0, # 'в' + 19: 1, # 'г' + 13: 1, # 'д' + 2: 0, # 'е' + 24: 1, # 'ж' + 20: 0, # 'з' + 4: 0, # 'и' + 23: 0, # 'й' + 11: 1, # 'к' + 8: 2, # 'л' + 12: 1, # 'м' + 5: 2, # 'н' + 1: 0, # 'о' + 15: 1, # 'п' + 9: 1, # 'р' + 7: 1, # 'с' + 6: 0, # 'т' + 14: 0, # 'у' + 39: 0, # 'ф' + 26: 1, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 43: { # 'Я' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 1, # 'В' + 46: 1, # 'Г' + 41: 0, # 'Д' + 48: 1, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 1, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 1, # 'С' + 40: 1, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 1, # 'Х' + 58: 0, # 'Ц' + 50: 1, # 'Ч' + 57: 0, # 'Ш' + 63: 1, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 1, # 'Ю' + 43: 1, # 'Я' + 3: 0, # 'а' + 21: 1, # 'б' + 10: 1, # 'в' + 19: 1, # 'г' + 13: 1, # 'д' + 2: 0, # 'е' + 24: 0, # 'ж' + 20: 1, # 'з' + 4: 0, # 'и' + 23: 1, # 'й' + 11: 1, # 'к' + 8: 1, # 'л' + 12: 1, # 'м' + 5: 2, # 'н' + 1: 0, # 'о' + 15: 1, # 'п' + 9: 1, # 'р' + 7: 1, # 'с' + 6: 0, # 'т' + 14: 0, # 'у' + 39: 0, # 'ф' + 26: 1, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 1, # 'ш' + 29: 1, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 3: { # 'а' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 1, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 1, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 2, # 'а' + 21: 3, # 'б' + 10: 3, # 'в' + 19: 3, # 'г' + 13: 3, # 'д' + 2: 3, # 'е' + 24: 3, # 'ж' + 20: 3, # 'з' + 4: 3, # 'и' + 23: 3, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 3, # 'м' + 5: 3, # 'н' + 1: 2, # 'о' + 15: 3, # 'п' + 9: 3, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 3, # 'у' + 39: 2, # 'ф' + 26: 3, # 'х' + 28: 3, # 'ц' + 22: 3, # 'ч' + 25: 3, # 'ш' + 29: 3, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 2, # 'э' + 27: 3, # 'ю' + 16: 3, # 'я' + }, + 21: { # 'б' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 1, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 2, # 'б' + 10: 2, # 'в' + 19: 1, # 'г' + 13: 2, # 'д' + 2: 3, # 'е' + 24: 2, # 'ж' + 20: 1, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 2, # 'к' + 8: 3, # 'л' + 12: 2, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 1, # 'п' + 9: 3, # 'р' + 7: 3, # 'с' + 6: 2, # 'т' + 14: 3, # 'у' + 39: 0, # 'ф' + 26: 2, # 'х' + 28: 1, # 'ц' + 22: 1, # 'ч' + 25: 2, # 'ш' + 29: 3, # 'щ' + 54: 2, # 'ъ' + 18: 3, # 'ы' + 17: 2, # 'ь' + 30: 1, # 'э' + 27: 2, # 'ю' + 16: 3, # 'я' + }, + 10: { # 'в' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 2, # 'б' + 10: 2, # 'в' + 19: 2, # 'г' + 13: 3, # 'д' + 2: 3, # 'е' + 24: 1, # 'ж' + 20: 3, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 2, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 3, # 'п' + 9: 3, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 3, # 'у' + 39: 1, # 'ф' + 26: 2, # 'х' + 28: 2, # 'ц' + 22: 2, # 'ч' + 25: 3, # 'ш' + 29: 2, # 'щ' + 54: 2, # 'ъ' + 18: 3, # 'ы' + 17: 3, # 'ь' + 30: 1, # 'э' + 27: 1, # 'ю' + 16: 3, # 'я' + }, + 19: { # 'г' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 1, # 'б' + 10: 2, # 'в' + 19: 1, # 'г' + 13: 3, # 'д' + 2: 3, # 'е' + 24: 0, # 'ж' + 20: 1, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 2, # 'к' + 8: 3, # 'л' + 12: 2, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 0, # 'п' + 9: 3, # 'р' + 7: 2, # 'с' + 6: 2, # 'т' + 14: 3, # 'у' + 39: 1, # 'ф' + 26: 1, # 'х' + 28: 1, # 'ц' + 22: 2, # 'ч' + 25: 1, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 1, # 'ы' + 17: 1, # 'ь' + 30: 1, # 'э' + 27: 1, # 'ю' + 16: 0, # 'я' + }, + 13: { # 'д' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 2, # 'б' + 10: 3, # 'в' + 19: 2, # 'г' + 13: 2, # 'д' + 2: 3, # 'е' + 24: 2, # 'ж' + 20: 2, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 2, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 2, # 'п' + 9: 3, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 3, # 'у' + 39: 1, # 'ф' + 26: 2, # 'х' + 28: 3, # 'ц' + 22: 2, # 'ч' + 25: 2, # 'ш' + 29: 1, # 'щ' + 54: 2, # 'ъ' + 18: 3, # 'ы' + 17: 3, # 'ь' + 30: 1, # 'э' + 27: 2, # 'ю' + 16: 3, # 'я' + }, + 2: { # 'е' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 2, # 'а' + 21: 3, # 'б' + 10: 3, # 'в' + 19: 3, # 'г' + 13: 3, # 'д' + 2: 3, # 'е' + 24: 3, # 'ж' + 20: 3, # 'з' + 4: 2, # 'и' + 23: 3, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 3, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 3, # 'п' + 9: 3, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 2, # 'у' + 39: 2, # 'ф' + 26: 3, # 'х' + 28: 3, # 'ц' + 22: 3, # 'ч' + 25: 3, # 'ш' + 29: 3, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 1, # 'э' + 27: 2, # 'ю' + 16: 3, # 'я' + }, + 24: { # 'ж' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 2, # 'б' + 10: 1, # 'в' + 19: 2, # 'г' + 13: 3, # 'д' + 2: 3, # 'е' + 24: 2, # 'ж' + 20: 1, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 2, # 'к' + 8: 2, # 'л' + 12: 1, # 'м' + 5: 3, # 'н' + 1: 2, # 'о' + 15: 1, # 'п' + 9: 2, # 'р' + 7: 2, # 'с' + 6: 1, # 'т' + 14: 3, # 'у' + 39: 1, # 'ф' + 26: 0, # 'х' + 28: 1, # 'ц' + 22: 2, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 1, # 'ы' + 17: 2, # 'ь' + 30: 1, # 'э' + 27: 1, # 'ю' + 16: 1, # 'я' + }, + 20: { # 'з' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 3, # 'б' + 10: 3, # 'в' + 19: 3, # 'г' + 13: 3, # 'д' + 2: 3, # 'е' + 24: 2, # 'ж' + 20: 2, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 3, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 0, # 'п' + 9: 3, # 'р' + 7: 2, # 'с' + 6: 2, # 'т' + 14: 3, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 1, # 'ц' + 22: 2, # 'ч' + 25: 1, # 'ш' + 29: 0, # 'щ' + 54: 2, # 'ъ' + 18: 3, # 'ы' + 17: 2, # 'ь' + 30: 1, # 'э' + 27: 1, # 'ю' + 16: 3, # 'я' + }, + 4: { # 'и' + 37: 1, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 1, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 3, # 'б' + 10: 3, # 'в' + 19: 3, # 'г' + 13: 3, # 'д' + 2: 3, # 'е' + 24: 3, # 'ж' + 20: 3, # 'з' + 4: 3, # 'и' + 23: 3, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 3, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 3, # 'п' + 9: 3, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 2, # 'у' + 39: 2, # 'ф' + 26: 3, # 'х' + 28: 3, # 'ц' + 22: 3, # 'ч' + 25: 3, # 'ш' + 29: 3, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 2, # 'э' + 27: 3, # 'ю' + 16: 3, # 'я' + }, + 23: { # 'й' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 1, # 'а' + 21: 1, # 'б' + 10: 1, # 'в' + 19: 2, # 'г' + 13: 3, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 2, # 'з' + 4: 1, # 'и' + 23: 0, # 'й' + 11: 2, # 'к' + 8: 2, # 'л' + 12: 2, # 'м' + 5: 3, # 'н' + 1: 2, # 'о' + 15: 1, # 'п' + 9: 2, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 1, # 'у' + 39: 2, # 'ф' + 26: 1, # 'х' + 28: 2, # 'ц' + 22: 3, # 'ч' + 25: 2, # 'ш' + 29: 1, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 1, # 'э' + 27: 1, # 'ю' + 16: 2, # 'я' + }, + 11: { # 'к' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 1, # 'б' + 10: 3, # 'в' + 19: 1, # 'г' + 13: 1, # 'д' + 2: 3, # 'е' + 24: 2, # 'ж' + 20: 2, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 2, # 'к' + 8: 3, # 'л' + 12: 1, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 0, # 'п' + 9: 3, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 3, # 'у' + 39: 1, # 'ф' + 26: 2, # 'х' + 28: 2, # 'ц' + 22: 1, # 'ч' + 25: 2, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 1, # 'ы' + 17: 1, # 'ь' + 30: 1, # 'э' + 27: 1, # 'ю' + 16: 1, # 'я' + }, + 8: { # 'л' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 2, # 'б' + 10: 2, # 'в' + 19: 3, # 'г' + 13: 2, # 'д' + 2: 3, # 'е' + 24: 3, # 'ж' + 20: 2, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 2, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 2, # 'п' + 9: 1, # 'р' + 7: 3, # 'с' + 6: 2, # 'т' + 14: 3, # 'у' + 39: 2, # 'ф' + 26: 2, # 'х' + 28: 1, # 'ц' + 22: 3, # 'ч' + 25: 2, # 'ш' + 29: 1, # 'щ' + 54: 0, # 'ъ' + 18: 3, # 'ы' + 17: 3, # 'ь' + 30: 1, # 'э' + 27: 3, # 'ю' + 16: 3, # 'я' + }, + 12: { # 'м' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 2, # 'б' + 10: 2, # 'в' + 19: 2, # 'г' + 13: 1, # 'д' + 2: 3, # 'е' + 24: 1, # 'ж' + 20: 1, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 2, # 'к' + 8: 3, # 'л' + 12: 2, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 2, # 'п' + 9: 2, # 'р' + 7: 3, # 'с' + 6: 2, # 'т' + 14: 3, # 'у' + 39: 2, # 'ф' + 26: 2, # 'х' + 28: 2, # 'ц' + 22: 2, # 'ч' + 25: 1, # 'ш' + 29: 1, # 'щ' + 54: 0, # 'ъ' + 18: 3, # 'ы' + 17: 2, # 'ь' + 30: 2, # 'э' + 27: 1, # 'ю' + 16: 3, # 'я' + }, + 5: { # 'н' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 2, # 'б' + 10: 2, # 'в' + 19: 3, # 'г' + 13: 3, # 'д' + 2: 3, # 'е' + 24: 2, # 'ж' + 20: 2, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 3, # 'к' + 8: 2, # 'л' + 12: 1, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 1, # 'п' + 9: 2, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 3, # 'у' + 39: 2, # 'ф' + 26: 2, # 'х' + 28: 3, # 'ц' + 22: 3, # 'ч' + 25: 2, # 'ш' + 29: 2, # 'щ' + 54: 1, # 'ъ' + 18: 3, # 'ы' + 17: 3, # 'ь' + 30: 1, # 'э' + 27: 3, # 'ю' + 16: 3, # 'я' + }, + 1: { # 'о' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 2, # 'а' + 21: 3, # 'б' + 10: 3, # 'в' + 19: 3, # 'г' + 13: 3, # 'д' + 2: 3, # 'е' + 24: 3, # 'ж' + 20: 3, # 'з' + 4: 3, # 'и' + 23: 3, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 3, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 3, # 'п' + 9: 3, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 2, # 'у' + 39: 2, # 'ф' + 26: 3, # 'х' + 28: 2, # 'ц' + 22: 3, # 'ч' + 25: 3, # 'ш' + 29: 3, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 2, # 'э' + 27: 3, # 'ю' + 16: 3, # 'я' + }, + 15: { # 'п' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 1, # 'б' + 10: 0, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 3, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 2, # 'к' + 8: 3, # 'л' + 12: 1, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 2, # 'п' + 9: 3, # 'р' + 7: 2, # 'с' + 6: 2, # 'т' + 14: 3, # 'у' + 39: 1, # 'ф' + 26: 0, # 'х' + 28: 2, # 'ц' + 22: 2, # 'ч' + 25: 1, # 'ш' + 29: 1, # 'щ' + 54: 0, # 'ъ' + 18: 3, # 'ы' + 17: 2, # 'ь' + 30: 1, # 'э' + 27: 1, # 'ю' + 16: 3, # 'я' + }, + 9: { # 'р' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 2, # 'б' + 10: 3, # 'в' + 19: 3, # 'г' + 13: 3, # 'д' + 2: 3, # 'е' + 24: 3, # 'ж' + 20: 2, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 3, # 'к' + 8: 2, # 'л' + 12: 3, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 2, # 'п' + 9: 2, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 3, # 'у' + 39: 2, # 'ф' + 26: 3, # 'х' + 28: 2, # 'ц' + 22: 2, # 'ч' + 25: 3, # 'ш' + 29: 2, # 'щ' + 54: 0, # 'ъ' + 18: 3, # 'ы' + 17: 3, # 'ь' + 30: 2, # 'э' + 27: 2, # 'ю' + 16: 3, # 'я' + }, + 7: { # 'с' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 1, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 2, # 'б' + 10: 3, # 'в' + 19: 2, # 'г' + 13: 3, # 'д' + 2: 3, # 'е' + 24: 2, # 'ж' + 20: 2, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 3, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 3, # 'п' + 9: 3, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 3, # 'у' + 39: 2, # 'ф' + 26: 3, # 'х' + 28: 2, # 'ц' + 22: 3, # 'ч' + 25: 2, # 'ш' + 29: 1, # 'щ' + 54: 2, # 'ъ' + 18: 3, # 'ы' + 17: 3, # 'ь' + 30: 2, # 'э' + 27: 3, # 'ю' + 16: 3, # 'я' + }, + 6: { # 'т' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 2, # 'б' + 10: 3, # 'в' + 19: 2, # 'г' + 13: 2, # 'д' + 2: 3, # 'е' + 24: 1, # 'ж' + 20: 1, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 2, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 2, # 'п' + 9: 3, # 'р' + 7: 3, # 'с' + 6: 2, # 'т' + 14: 3, # 'у' + 39: 2, # 'ф' + 26: 2, # 'х' + 28: 2, # 'ц' + 22: 2, # 'ч' + 25: 2, # 'ш' + 29: 2, # 'щ' + 54: 2, # 'ъ' + 18: 3, # 'ы' + 17: 3, # 'ь' + 30: 2, # 'э' + 27: 2, # 'ю' + 16: 3, # 'я' + }, + 14: { # 'у' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 2, # 'а' + 21: 3, # 'б' + 10: 3, # 'в' + 19: 3, # 'г' + 13: 3, # 'д' + 2: 3, # 'е' + 24: 3, # 'ж' + 20: 3, # 'з' + 4: 2, # 'и' + 23: 2, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 3, # 'м' + 5: 3, # 'н' + 1: 2, # 'о' + 15: 3, # 'п' + 9: 3, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 1, # 'у' + 39: 2, # 'ф' + 26: 3, # 'х' + 28: 2, # 'ц' + 22: 3, # 'ч' + 25: 3, # 'ш' + 29: 3, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 2, # 'э' + 27: 3, # 'ю' + 16: 2, # 'я' + }, + 39: { # 'ф' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 1, # 'б' + 10: 0, # 'в' + 19: 1, # 'г' + 13: 0, # 'д' + 2: 3, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 1, # 'к' + 8: 2, # 'л' + 12: 1, # 'м' + 5: 1, # 'н' + 1: 3, # 'о' + 15: 1, # 'п' + 9: 2, # 'р' + 7: 2, # 'с' + 6: 2, # 'т' + 14: 2, # 'у' + 39: 2, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 1, # 'ч' + 25: 1, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 2, # 'ы' + 17: 1, # 'ь' + 30: 2, # 'э' + 27: 1, # 'ю' + 16: 1, # 'я' + }, + 26: { # 'х' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 0, # 'б' + 10: 3, # 'в' + 19: 1, # 'г' + 13: 1, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 1, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 1, # 'к' + 8: 2, # 'л' + 12: 2, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 1, # 'п' + 9: 3, # 'р' + 7: 2, # 'с' + 6: 2, # 'т' + 14: 2, # 'у' + 39: 1, # 'ф' + 26: 1, # 'х' + 28: 1, # 'ц' + 22: 1, # 'ч' + 25: 2, # 'ш' + 29: 0, # 'щ' + 54: 1, # 'ъ' + 18: 0, # 'ы' + 17: 1, # 'ь' + 30: 1, # 'э' + 27: 1, # 'ю' + 16: 0, # 'я' + }, + 28: { # 'ц' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 1, # 'б' + 10: 2, # 'в' + 19: 1, # 'г' + 13: 1, # 'д' + 2: 3, # 'е' + 24: 0, # 'ж' + 20: 1, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 2, # 'к' + 8: 1, # 'л' + 12: 1, # 'м' + 5: 1, # 'н' + 1: 3, # 'о' + 15: 0, # 'п' + 9: 1, # 'р' + 7: 0, # 'с' + 6: 1, # 'т' + 14: 3, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 1, # 'ц' + 22: 0, # 'ч' + 25: 1, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 3, # 'ы' + 17: 1, # 'ь' + 30: 0, # 'э' + 27: 1, # 'ю' + 16: 0, # 'я' + }, + 22: { # 'ч' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 1, # 'б' + 10: 1, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 3, # 'е' + 24: 1, # 'ж' + 20: 0, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 3, # 'к' + 8: 2, # 'л' + 12: 1, # 'м' + 5: 3, # 'н' + 1: 2, # 'о' + 15: 0, # 'п' + 9: 2, # 'р' + 7: 1, # 'с' + 6: 3, # 'т' + 14: 3, # 'у' + 39: 1, # 'ф' + 26: 1, # 'х' + 28: 0, # 'ц' + 22: 1, # 'ч' + 25: 2, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 3, # 'ь' + 30: 0, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 25: { # 'ш' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 1, # 'б' + 10: 2, # 'в' + 19: 1, # 'г' + 13: 0, # 'д' + 2: 3, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 2, # 'м' + 5: 3, # 'н' + 1: 3, # 'о' + 15: 2, # 'п' + 9: 2, # 'р' + 7: 1, # 'с' + 6: 2, # 'т' + 14: 3, # 'у' + 39: 2, # 'ф' + 26: 1, # 'х' + 28: 1, # 'ц' + 22: 1, # 'ч' + 25: 1, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 3, # 'ь' + 30: 1, # 'э' + 27: 1, # 'ю' + 16: 0, # 'я' + }, + 29: { # 'щ' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 3, # 'а' + 21: 0, # 'б' + 10: 1, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 3, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 3, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 0, # 'л' + 12: 1, # 'м' + 5: 2, # 'н' + 1: 1, # 'о' + 15: 0, # 'п' + 9: 2, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 2, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 2, # 'ь' + 30: 0, # 'э' + 27: 0, # 'ю' + 16: 0, # 'я' + }, + 54: { # 'ъ' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 0, # 'а' + 21: 0, # 'б' + 10: 0, # 'в' + 19: 0, # 'г' + 13: 0, # 'д' + 2: 2, # 'е' + 24: 0, # 'ж' + 20: 0, # 'з' + 4: 0, # 'и' + 23: 0, # 'й' + 11: 0, # 'к' + 8: 0, # 'л' + 12: 0, # 'м' + 5: 0, # 'н' + 1: 0, # 'о' + 15: 0, # 'п' + 9: 0, # 'р' + 7: 0, # 'с' + 6: 0, # 'т' + 14: 0, # 'у' + 39: 0, # 'ф' + 26: 0, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 0, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 1, # 'ю' + 16: 2, # 'я' + }, + 18: { # 'ы' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 0, # 'а' + 21: 3, # 'б' + 10: 3, # 'в' + 19: 2, # 'г' + 13: 2, # 'д' + 2: 3, # 'е' + 24: 2, # 'ж' + 20: 2, # 'з' + 4: 2, # 'и' + 23: 3, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 3, # 'м' + 5: 3, # 'н' + 1: 1, # 'о' + 15: 3, # 'п' + 9: 3, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 1, # 'у' + 39: 0, # 'ф' + 26: 3, # 'х' + 28: 2, # 'ц' + 22: 3, # 'ч' + 25: 3, # 'ш' + 29: 2, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 0, # 'ю' + 16: 2, # 'я' + }, + 17: { # 'ь' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 0, # 'а' + 21: 2, # 'б' + 10: 2, # 'в' + 19: 2, # 'г' + 13: 2, # 'д' + 2: 3, # 'е' + 24: 1, # 'ж' + 20: 3, # 'з' + 4: 2, # 'и' + 23: 0, # 'й' + 11: 3, # 'к' + 8: 0, # 'л' + 12: 3, # 'м' + 5: 3, # 'н' + 1: 2, # 'о' + 15: 2, # 'п' + 9: 1, # 'р' + 7: 3, # 'с' + 6: 2, # 'т' + 14: 0, # 'у' + 39: 2, # 'ф' + 26: 1, # 'х' + 28: 2, # 'ц' + 22: 2, # 'ч' + 25: 3, # 'ш' + 29: 2, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 1, # 'э' + 27: 3, # 'ю' + 16: 3, # 'я' + }, + 30: { # 'э' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 1, # 'М' + 31: 1, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 1, # 'Р' + 32: 1, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 1, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 0, # 'а' + 21: 1, # 'б' + 10: 1, # 'в' + 19: 1, # 'г' + 13: 2, # 'д' + 2: 1, # 'е' + 24: 0, # 'ж' + 20: 1, # 'з' + 4: 0, # 'и' + 23: 2, # 'й' + 11: 2, # 'к' + 8: 2, # 'л' + 12: 2, # 'м' + 5: 2, # 'н' + 1: 0, # 'о' + 15: 2, # 'п' + 9: 2, # 'р' + 7: 2, # 'с' + 6: 3, # 'т' + 14: 1, # 'у' + 39: 2, # 'ф' + 26: 1, # 'х' + 28: 0, # 'ц' + 22: 0, # 'ч' + 25: 1, # 'ш' + 29: 0, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 1, # 'э' + 27: 1, # 'ю' + 16: 1, # 'я' + }, + 27: { # 'ю' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 2, # 'а' + 21: 3, # 'б' + 10: 1, # 'в' + 19: 2, # 'г' + 13: 3, # 'д' + 2: 1, # 'е' + 24: 2, # 'ж' + 20: 2, # 'з' + 4: 1, # 'и' + 23: 1, # 'й' + 11: 2, # 'к' + 8: 2, # 'л' + 12: 2, # 'м' + 5: 2, # 'н' + 1: 1, # 'о' + 15: 2, # 'п' + 9: 2, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 0, # 'у' + 39: 1, # 'ф' + 26: 2, # 'х' + 28: 2, # 'ц' + 22: 2, # 'ч' + 25: 2, # 'ш' + 29: 3, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 1, # 'э' + 27: 2, # 'ю' + 16: 1, # 'я' + }, + 16: { # 'я' + 37: 0, # 'А' + 44: 0, # 'Б' + 33: 0, # 'В' + 46: 0, # 'Г' + 41: 0, # 'Д' + 48: 0, # 'Е' + 56: 0, # 'Ж' + 51: 0, # 'З' + 42: 0, # 'И' + 60: 0, # 'Й' + 36: 0, # 'К' + 49: 0, # 'Л' + 38: 0, # 'М' + 31: 0, # 'Н' + 34: 0, # 'О' + 35: 0, # 'П' + 45: 0, # 'Р' + 32: 0, # 'С' + 40: 0, # 'Т' + 52: 0, # 'У' + 53: 0, # 'Ф' + 55: 0, # 'Х' + 58: 0, # 'Ц' + 50: 0, # 'Ч' + 57: 0, # 'Ш' + 63: 0, # 'Щ' + 62: 0, # 'Ы' + 61: 0, # 'Ь' + 47: 0, # 'Э' + 59: 0, # 'Ю' + 43: 0, # 'Я' + 3: 0, # 'а' + 21: 2, # 'б' + 10: 3, # 'в' + 19: 2, # 'г' + 13: 3, # 'д' + 2: 3, # 'е' + 24: 3, # 'ж' + 20: 3, # 'з' + 4: 2, # 'и' + 23: 2, # 'й' + 11: 3, # 'к' + 8: 3, # 'л' + 12: 3, # 'м' + 5: 3, # 'н' + 1: 0, # 'о' + 15: 2, # 'п' + 9: 2, # 'р' + 7: 3, # 'с' + 6: 3, # 'т' + 14: 1, # 'у' + 39: 1, # 'ф' + 26: 3, # 'х' + 28: 2, # 'ц' + 22: 2, # 'ч' + 25: 2, # 'ш' + 29: 3, # 'щ' + 54: 0, # 'ъ' + 18: 0, # 'ы' + 17: 0, # 'ь' + 30: 0, # 'э' + 27: 2, # 'ю' + 16: 2, # 'я' + }, +} + +# 255: Undefined characters that did not exist in training text +# 254: Carriage/Return +# 253: symbol (punctuation) that does not belong to word +# 252: 0 - 9 +# 251: Control characters + +# Character Mapping Table(s): +IBM866_RUSSIAN_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 142, # 'A' + 66: 143, # 'B' + 67: 144, # 'C' + 68: 145, # 'D' + 69: 146, # 'E' + 70: 147, # 'F' + 71: 148, # 'G' + 72: 149, # 'H' + 73: 150, # 'I' + 74: 151, # 'J' + 75: 152, # 'K' + 76: 74, # 'L' + 77: 153, # 'M' + 78: 75, # 'N' + 79: 154, # 'O' + 80: 155, # 'P' + 81: 156, # 'Q' + 82: 157, # 'R' + 83: 158, # 'S' + 84: 159, # 'T' + 85: 160, # 'U' + 86: 161, # 'V' + 87: 162, # 'W' + 88: 163, # 'X' + 89: 164, # 'Y' + 90: 165, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 71, # 'a' + 98: 172, # 'b' + 99: 66, # 'c' + 100: 173, # 'd' + 101: 65, # 'e' + 102: 174, # 'f' + 103: 76, # 'g' + 104: 175, # 'h' + 105: 64, # 'i' + 106: 176, # 'j' + 107: 177, # 'k' + 108: 77, # 'l' + 109: 72, # 'm' + 110: 178, # 'n' + 111: 69, # 'o' + 112: 67, # 'p' + 113: 179, # 'q' + 114: 78, # 'r' + 115: 73, # 's' + 116: 180, # 't' + 117: 181, # 'u' + 118: 79, # 'v' + 119: 182, # 'w' + 120: 183, # 'x' + 121: 184, # 'y' + 122: 185, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 37, # 'А' + 129: 44, # 'Б' + 130: 33, # 'В' + 131: 46, # 'Г' + 132: 41, # 'Д' + 133: 48, # 'Е' + 134: 56, # 'Ж' + 135: 51, # 'З' + 136: 42, # 'И' + 137: 60, # 'Й' + 138: 36, # 'К' + 139: 49, # 'Л' + 140: 38, # 'М' + 141: 31, # 'Н' + 142: 34, # 'О' + 143: 35, # 'П' + 144: 45, # 'Р' + 145: 32, # 'С' + 146: 40, # 'Т' + 147: 52, # 'У' + 148: 53, # 'Ф' + 149: 55, # 'Х' + 150: 58, # 'Ц' + 151: 50, # 'Ч' + 152: 57, # 'Ш' + 153: 63, # 'Щ' + 154: 70, # 'Ъ' + 155: 62, # 'Ы' + 156: 61, # 'Ь' + 157: 47, # 'Э' + 158: 59, # 'Ю' + 159: 43, # 'Я' + 160: 3, # 'а' + 161: 21, # 'б' + 162: 10, # 'в' + 163: 19, # 'г' + 164: 13, # 'д' + 165: 2, # 'е' + 166: 24, # 'ж' + 167: 20, # 'з' + 168: 4, # 'и' + 169: 23, # 'й' + 170: 11, # 'к' + 171: 8, # 'л' + 172: 12, # 'м' + 173: 5, # 'н' + 174: 1, # 'о' + 175: 15, # 'п' + 176: 191, # '░' + 177: 192, # '▒' + 178: 193, # '▓' + 179: 194, # '│' + 180: 195, # '┤' + 181: 196, # '╡' + 182: 197, # '╢' + 183: 198, # '╖' + 184: 199, # '╕' + 185: 200, # '╣' + 186: 201, # '║' + 187: 202, # '╗' + 188: 203, # '╝' + 189: 204, # '╜' + 190: 205, # '╛' + 191: 206, # '┐' + 192: 207, # '└' + 193: 208, # '┴' + 194: 209, # '┬' + 195: 210, # '├' + 196: 211, # '─' + 197: 212, # '┼' + 198: 213, # '╞' + 199: 214, # '╟' + 200: 215, # '╚' + 201: 216, # '╔' + 202: 217, # '╩' + 203: 218, # '╦' + 204: 219, # '╠' + 205: 220, # '═' + 206: 221, # '╬' + 207: 222, # '╧' + 208: 223, # '╨' + 209: 224, # '╤' + 210: 225, # '╥' + 211: 226, # '╙' + 212: 227, # '╘' + 213: 228, # '╒' + 214: 229, # '╓' + 215: 230, # '╫' + 216: 231, # '╪' + 217: 232, # '┘' + 218: 233, # '┌' + 219: 234, # '█' + 220: 235, # '▄' + 221: 236, # '▌' + 222: 237, # '▐' + 223: 238, # '▀' + 224: 9, # 'р' + 225: 7, # 'с' + 226: 6, # 'т' + 227: 14, # 'у' + 228: 39, # 'ф' + 229: 26, # 'х' + 230: 28, # 'ц' + 231: 22, # 'ч' + 232: 25, # 'ш' + 233: 29, # 'щ' + 234: 54, # 'ъ' + 235: 18, # 'ы' + 236: 17, # 'ь' + 237: 30, # 'э' + 238: 27, # 'ю' + 239: 16, # 'я' + 240: 239, # 'Ё' + 241: 68, # 'ё' + 242: 240, # 'Є' + 243: 241, # 'є' + 244: 242, # 'Ї' + 245: 243, # 'ї' + 246: 244, # 'Ў' + 247: 245, # 'ў' + 248: 246, # '°' + 249: 247, # '∙' + 250: 248, # '·' + 251: 249, # '√' + 252: 250, # '№' + 253: 251, # '¤' + 254: 252, # '■' + 255: 255, # '\xa0' +} + +IBM866_RUSSIAN_MODEL = SingleByteCharSetModel(charset_name='IBM866', + language='Russian', + char_to_order_map=IBM866_RUSSIAN_CHAR_TO_ORDER, + language_model=RUSSIAN_LANG_MODEL, + typical_positive_ratio=0.976601, + keep_ascii_letters=False, + alphabet='ЁАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫЬЭЮЯабвгдежзийклмнопрстуфхцчшщъыьэюяё') + +WINDOWS_1251_RUSSIAN_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 142, # 'A' + 66: 143, # 'B' + 67: 144, # 'C' + 68: 145, # 'D' + 69: 146, # 'E' + 70: 147, # 'F' + 71: 148, # 'G' + 72: 149, # 'H' + 73: 150, # 'I' + 74: 151, # 'J' + 75: 152, # 'K' + 76: 74, # 'L' + 77: 153, # 'M' + 78: 75, # 'N' + 79: 154, # 'O' + 80: 155, # 'P' + 81: 156, # 'Q' + 82: 157, # 'R' + 83: 158, # 'S' + 84: 159, # 'T' + 85: 160, # 'U' + 86: 161, # 'V' + 87: 162, # 'W' + 88: 163, # 'X' + 89: 164, # 'Y' + 90: 165, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 71, # 'a' + 98: 172, # 'b' + 99: 66, # 'c' + 100: 173, # 'd' + 101: 65, # 'e' + 102: 174, # 'f' + 103: 76, # 'g' + 104: 175, # 'h' + 105: 64, # 'i' + 106: 176, # 'j' + 107: 177, # 'k' + 108: 77, # 'l' + 109: 72, # 'm' + 110: 178, # 'n' + 111: 69, # 'o' + 112: 67, # 'p' + 113: 179, # 'q' + 114: 78, # 'r' + 115: 73, # 's' + 116: 180, # 't' + 117: 181, # 'u' + 118: 79, # 'v' + 119: 182, # 'w' + 120: 183, # 'x' + 121: 184, # 'y' + 122: 185, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 191, # 'Ђ' + 129: 192, # 'Ѓ' + 130: 193, # '‚' + 131: 194, # 'ѓ' + 132: 195, # '„' + 133: 196, # '…' + 134: 197, # '†' + 135: 198, # '‡' + 136: 199, # '€' + 137: 200, # '‰' + 138: 201, # 'Љ' + 139: 202, # '‹' + 140: 203, # 'Њ' + 141: 204, # 'Ќ' + 142: 205, # 'Ћ' + 143: 206, # 'Џ' + 144: 207, # 'ђ' + 145: 208, # '‘' + 146: 209, # '’' + 147: 210, # '“' + 148: 211, # '”' + 149: 212, # '•' + 150: 213, # '–' + 151: 214, # '—' + 152: 215, # None + 153: 216, # '™' + 154: 217, # 'љ' + 155: 218, # '›' + 156: 219, # 'њ' + 157: 220, # 'ќ' + 158: 221, # 'ћ' + 159: 222, # 'џ' + 160: 223, # '\xa0' + 161: 224, # 'Ў' + 162: 225, # 'ў' + 163: 226, # 'Ј' + 164: 227, # '¤' + 165: 228, # 'Ґ' + 166: 229, # '¦' + 167: 230, # '§' + 168: 231, # 'Ё' + 169: 232, # '©' + 170: 233, # 'Є' + 171: 234, # '«' + 172: 235, # '¬' + 173: 236, # '\xad' + 174: 237, # '®' + 175: 238, # 'Ї' + 176: 239, # '°' + 177: 240, # '±' + 178: 241, # 'І' + 179: 242, # 'і' + 180: 243, # 'ґ' + 181: 244, # 'µ' + 182: 245, # '¶' + 183: 246, # '·' + 184: 68, # 'ё' + 185: 247, # '№' + 186: 248, # 'є' + 187: 249, # '»' + 188: 250, # 'ј' + 189: 251, # 'Ѕ' + 190: 252, # 'ѕ' + 191: 253, # 'ї' + 192: 37, # 'А' + 193: 44, # 'Б' + 194: 33, # 'В' + 195: 46, # 'Г' + 196: 41, # 'Д' + 197: 48, # 'Е' + 198: 56, # 'Ж' + 199: 51, # 'З' + 200: 42, # 'И' + 201: 60, # 'Й' + 202: 36, # 'К' + 203: 49, # 'Л' + 204: 38, # 'М' + 205: 31, # 'Н' + 206: 34, # 'О' + 207: 35, # 'П' + 208: 45, # 'Р' + 209: 32, # 'С' + 210: 40, # 'Т' + 211: 52, # 'У' + 212: 53, # 'Ф' + 213: 55, # 'Х' + 214: 58, # 'Ц' + 215: 50, # 'Ч' + 216: 57, # 'Ш' + 217: 63, # 'Щ' + 218: 70, # 'Ъ' + 219: 62, # 'Ы' + 220: 61, # 'Ь' + 221: 47, # 'Э' + 222: 59, # 'Ю' + 223: 43, # 'Я' + 224: 3, # 'а' + 225: 21, # 'б' + 226: 10, # 'в' + 227: 19, # 'г' + 228: 13, # 'д' + 229: 2, # 'е' + 230: 24, # 'ж' + 231: 20, # 'з' + 232: 4, # 'и' + 233: 23, # 'й' + 234: 11, # 'к' + 235: 8, # 'л' + 236: 12, # 'м' + 237: 5, # 'н' + 238: 1, # 'о' + 239: 15, # 'п' + 240: 9, # 'р' + 241: 7, # 'с' + 242: 6, # 'т' + 243: 14, # 'у' + 244: 39, # 'ф' + 245: 26, # 'х' + 246: 28, # 'ц' + 247: 22, # 'ч' + 248: 25, # 'ш' + 249: 29, # 'щ' + 250: 54, # 'ъ' + 251: 18, # 'ы' + 252: 17, # 'ь' + 253: 30, # 'э' + 254: 27, # 'ю' + 255: 16, # 'я' +} + +WINDOWS_1251_RUSSIAN_MODEL = SingleByteCharSetModel(charset_name='windows-1251', + language='Russian', + char_to_order_map=WINDOWS_1251_RUSSIAN_CHAR_TO_ORDER, + language_model=RUSSIAN_LANG_MODEL, + typical_positive_ratio=0.976601, + keep_ascii_letters=False, + alphabet='ЁАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫЬЭЮЯабвгдежзийклмнопрстуфхцчшщъыьэюяё') + +IBM855_RUSSIAN_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 142, # 'A' + 66: 143, # 'B' + 67: 144, # 'C' + 68: 145, # 'D' + 69: 146, # 'E' + 70: 147, # 'F' + 71: 148, # 'G' + 72: 149, # 'H' + 73: 150, # 'I' + 74: 151, # 'J' + 75: 152, # 'K' + 76: 74, # 'L' + 77: 153, # 'M' + 78: 75, # 'N' + 79: 154, # 'O' + 80: 155, # 'P' + 81: 156, # 'Q' + 82: 157, # 'R' + 83: 158, # 'S' + 84: 159, # 'T' + 85: 160, # 'U' + 86: 161, # 'V' + 87: 162, # 'W' + 88: 163, # 'X' + 89: 164, # 'Y' + 90: 165, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 71, # 'a' + 98: 172, # 'b' + 99: 66, # 'c' + 100: 173, # 'd' + 101: 65, # 'e' + 102: 174, # 'f' + 103: 76, # 'g' + 104: 175, # 'h' + 105: 64, # 'i' + 106: 176, # 'j' + 107: 177, # 'k' + 108: 77, # 'l' + 109: 72, # 'm' + 110: 178, # 'n' + 111: 69, # 'o' + 112: 67, # 'p' + 113: 179, # 'q' + 114: 78, # 'r' + 115: 73, # 's' + 116: 180, # 't' + 117: 181, # 'u' + 118: 79, # 'v' + 119: 182, # 'w' + 120: 183, # 'x' + 121: 184, # 'y' + 122: 185, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 191, # 'ђ' + 129: 192, # 'Ђ' + 130: 193, # 'ѓ' + 131: 194, # 'Ѓ' + 132: 68, # 'ё' + 133: 195, # 'Ё' + 134: 196, # 'є' + 135: 197, # 'Є' + 136: 198, # 'ѕ' + 137: 199, # 'Ѕ' + 138: 200, # 'і' + 139: 201, # 'І' + 140: 202, # 'ї' + 141: 203, # 'Ї' + 142: 204, # 'ј' + 143: 205, # 'Ј' + 144: 206, # 'љ' + 145: 207, # 'Љ' + 146: 208, # 'њ' + 147: 209, # 'Њ' + 148: 210, # 'ћ' + 149: 211, # 'Ћ' + 150: 212, # 'ќ' + 151: 213, # 'Ќ' + 152: 214, # 'ў' + 153: 215, # 'Ў' + 154: 216, # 'џ' + 155: 217, # 'Џ' + 156: 27, # 'ю' + 157: 59, # 'Ю' + 158: 54, # 'ъ' + 159: 70, # 'Ъ' + 160: 3, # 'а' + 161: 37, # 'А' + 162: 21, # 'б' + 163: 44, # 'Б' + 164: 28, # 'ц' + 165: 58, # 'Ц' + 166: 13, # 'д' + 167: 41, # 'Д' + 168: 2, # 'е' + 169: 48, # 'Е' + 170: 39, # 'ф' + 171: 53, # 'Ф' + 172: 19, # 'г' + 173: 46, # 'Г' + 174: 218, # '«' + 175: 219, # '»' + 176: 220, # '░' + 177: 221, # '▒' + 178: 222, # '▓' + 179: 223, # '│' + 180: 224, # '┤' + 181: 26, # 'х' + 182: 55, # 'Х' + 183: 4, # 'и' + 184: 42, # 'И' + 185: 225, # '╣' + 186: 226, # '║' + 187: 227, # '╗' + 188: 228, # '╝' + 189: 23, # 'й' + 190: 60, # 'Й' + 191: 229, # '┐' + 192: 230, # '└' + 193: 231, # '┴' + 194: 232, # '┬' + 195: 233, # '├' + 196: 234, # '─' + 197: 235, # '┼' + 198: 11, # 'к' + 199: 36, # 'К' + 200: 236, # '╚' + 201: 237, # '╔' + 202: 238, # '╩' + 203: 239, # '╦' + 204: 240, # '╠' + 205: 241, # '═' + 206: 242, # '╬' + 207: 243, # '¤' + 208: 8, # 'л' + 209: 49, # 'Л' + 210: 12, # 'м' + 211: 38, # 'М' + 212: 5, # 'н' + 213: 31, # 'Н' + 214: 1, # 'о' + 215: 34, # 'О' + 216: 15, # 'п' + 217: 244, # '┘' + 218: 245, # '┌' + 219: 246, # '█' + 220: 247, # '▄' + 221: 35, # 'П' + 222: 16, # 'я' + 223: 248, # '▀' + 224: 43, # 'Я' + 225: 9, # 'р' + 226: 45, # 'Р' + 227: 7, # 'с' + 228: 32, # 'С' + 229: 6, # 'т' + 230: 40, # 'Т' + 231: 14, # 'у' + 232: 52, # 'У' + 233: 24, # 'ж' + 234: 56, # 'Ж' + 235: 10, # 'в' + 236: 33, # 'В' + 237: 17, # 'ь' + 238: 61, # 'Ь' + 239: 249, # '№' + 240: 250, # '\xad' + 241: 18, # 'ы' + 242: 62, # 'Ы' + 243: 20, # 'з' + 244: 51, # 'З' + 245: 25, # 'ш' + 246: 57, # 'Ш' + 247: 30, # 'э' + 248: 47, # 'Э' + 249: 29, # 'щ' + 250: 63, # 'Щ' + 251: 22, # 'ч' + 252: 50, # 'Ч' + 253: 251, # '§' + 254: 252, # '■' + 255: 255, # '\xa0' +} + +IBM855_RUSSIAN_MODEL = SingleByteCharSetModel(charset_name='IBM855', + language='Russian', + char_to_order_map=IBM855_RUSSIAN_CHAR_TO_ORDER, + language_model=RUSSIAN_LANG_MODEL, + typical_positive_ratio=0.976601, + keep_ascii_letters=False, + alphabet='ЁАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫЬЭЮЯабвгдежзийклмнопрстуфхцчшщъыьэюяё') + +KOI8_R_RUSSIAN_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 142, # 'A' + 66: 143, # 'B' + 67: 144, # 'C' + 68: 145, # 'D' + 69: 146, # 'E' + 70: 147, # 'F' + 71: 148, # 'G' + 72: 149, # 'H' + 73: 150, # 'I' + 74: 151, # 'J' + 75: 152, # 'K' + 76: 74, # 'L' + 77: 153, # 'M' + 78: 75, # 'N' + 79: 154, # 'O' + 80: 155, # 'P' + 81: 156, # 'Q' + 82: 157, # 'R' + 83: 158, # 'S' + 84: 159, # 'T' + 85: 160, # 'U' + 86: 161, # 'V' + 87: 162, # 'W' + 88: 163, # 'X' + 89: 164, # 'Y' + 90: 165, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 71, # 'a' + 98: 172, # 'b' + 99: 66, # 'c' + 100: 173, # 'd' + 101: 65, # 'e' + 102: 174, # 'f' + 103: 76, # 'g' + 104: 175, # 'h' + 105: 64, # 'i' + 106: 176, # 'j' + 107: 177, # 'k' + 108: 77, # 'l' + 109: 72, # 'm' + 110: 178, # 'n' + 111: 69, # 'o' + 112: 67, # 'p' + 113: 179, # 'q' + 114: 78, # 'r' + 115: 73, # 's' + 116: 180, # 't' + 117: 181, # 'u' + 118: 79, # 'v' + 119: 182, # 'w' + 120: 183, # 'x' + 121: 184, # 'y' + 122: 185, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 191, # '─' + 129: 192, # '│' + 130: 193, # '┌' + 131: 194, # '┐' + 132: 195, # '└' + 133: 196, # '┘' + 134: 197, # '├' + 135: 198, # '┤' + 136: 199, # '┬' + 137: 200, # '┴' + 138: 201, # '┼' + 139: 202, # '▀' + 140: 203, # '▄' + 141: 204, # '█' + 142: 205, # '▌' + 143: 206, # '▐' + 144: 207, # '░' + 145: 208, # '▒' + 146: 209, # '▓' + 147: 210, # '⌠' + 148: 211, # '■' + 149: 212, # '∙' + 150: 213, # '√' + 151: 214, # '≈' + 152: 215, # '≤' + 153: 216, # '≥' + 154: 217, # '\xa0' + 155: 218, # '⌡' + 156: 219, # '°' + 157: 220, # '²' + 158: 221, # '·' + 159: 222, # '÷' + 160: 223, # '═' + 161: 224, # '║' + 162: 225, # '╒' + 163: 68, # 'ё' + 164: 226, # '╓' + 165: 227, # '╔' + 166: 228, # '╕' + 167: 229, # '╖' + 168: 230, # '╗' + 169: 231, # '╘' + 170: 232, # '╙' + 171: 233, # '╚' + 172: 234, # '╛' + 173: 235, # '╜' + 174: 236, # '╝' + 175: 237, # '╞' + 176: 238, # '╟' + 177: 239, # '╠' + 178: 240, # '╡' + 179: 241, # 'Ё' + 180: 242, # '╢' + 181: 243, # '╣' + 182: 244, # '╤' + 183: 245, # '╥' + 184: 246, # '╦' + 185: 247, # '╧' + 186: 248, # '╨' + 187: 249, # '╩' + 188: 250, # '╪' + 189: 251, # '╫' + 190: 252, # '╬' + 191: 253, # '©' + 192: 27, # 'ю' + 193: 3, # 'а' + 194: 21, # 'б' + 195: 28, # 'ц' + 196: 13, # 'д' + 197: 2, # 'е' + 198: 39, # 'ф' + 199: 19, # 'г' + 200: 26, # 'х' + 201: 4, # 'и' + 202: 23, # 'й' + 203: 11, # 'к' + 204: 8, # 'л' + 205: 12, # 'м' + 206: 5, # 'н' + 207: 1, # 'о' + 208: 15, # 'п' + 209: 16, # 'я' + 210: 9, # 'р' + 211: 7, # 'с' + 212: 6, # 'т' + 213: 14, # 'у' + 214: 24, # 'ж' + 215: 10, # 'в' + 216: 17, # 'ь' + 217: 18, # 'ы' + 218: 20, # 'з' + 219: 25, # 'ш' + 220: 30, # 'э' + 221: 29, # 'щ' + 222: 22, # 'ч' + 223: 54, # 'ъ' + 224: 59, # 'Ю' + 225: 37, # 'А' + 226: 44, # 'Б' + 227: 58, # 'Ц' + 228: 41, # 'Д' + 229: 48, # 'Е' + 230: 53, # 'Ф' + 231: 46, # 'Г' + 232: 55, # 'Х' + 233: 42, # 'И' + 234: 60, # 'Й' + 235: 36, # 'К' + 236: 49, # 'Л' + 237: 38, # 'М' + 238: 31, # 'Н' + 239: 34, # 'О' + 240: 35, # 'П' + 241: 43, # 'Я' + 242: 45, # 'Р' + 243: 32, # 'С' + 244: 40, # 'Т' + 245: 52, # 'У' + 246: 56, # 'Ж' + 247: 33, # 'В' + 248: 61, # 'Ь' + 249: 62, # 'Ы' + 250: 51, # 'З' + 251: 57, # 'Ш' + 252: 47, # 'Э' + 253: 63, # 'Щ' + 254: 50, # 'Ч' + 255: 70, # 'Ъ' +} + +KOI8_R_RUSSIAN_MODEL = SingleByteCharSetModel(charset_name='KOI8-R', + language='Russian', + char_to_order_map=KOI8_R_RUSSIAN_CHAR_TO_ORDER, + language_model=RUSSIAN_LANG_MODEL, + typical_positive_ratio=0.976601, + keep_ascii_letters=False, + alphabet='ЁАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫЬЭЮЯабвгдежзийклмнопрстуфхцчшщъыьэюяё') + +MACCYRILLIC_RUSSIAN_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 142, # 'A' + 66: 143, # 'B' + 67: 144, # 'C' + 68: 145, # 'D' + 69: 146, # 'E' + 70: 147, # 'F' + 71: 148, # 'G' + 72: 149, # 'H' + 73: 150, # 'I' + 74: 151, # 'J' + 75: 152, # 'K' + 76: 74, # 'L' + 77: 153, # 'M' + 78: 75, # 'N' + 79: 154, # 'O' + 80: 155, # 'P' + 81: 156, # 'Q' + 82: 157, # 'R' + 83: 158, # 'S' + 84: 159, # 'T' + 85: 160, # 'U' + 86: 161, # 'V' + 87: 162, # 'W' + 88: 163, # 'X' + 89: 164, # 'Y' + 90: 165, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 71, # 'a' + 98: 172, # 'b' + 99: 66, # 'c' + 100: 173, # 'd' + 101: 65, # 'e' + 102: 174, # 'f' + 103: 76, # 'g' + 104: 175, # 'h' + 105: 64, # 'i' + 106: 176, # 'j' + 107: 177, # 'k' + 108: 77, # 'l' + 109: 72, # 'm' + 110: 178, # 'n' + 111: 69, # 'o' + 112: 67, # 'p' + 113: 179, # 'q' + 114: 78, # 'r' + 115: 73, # 's' + 116: 180, # 't' + 117: 181, # 'u' + 118: 79, # 'v' + 119: 182, # 'w' + 120: 183, # 'x' + 121: 184, # 'y' + 122: 185, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 37, # 'А' + 129: 44, # 'Б' + 130: 33, # 'В' + 131: 46, # 'Г' + 132: 41, # 'Д' + 133: 48, # 'Е' + 134: 56, # 'Ж' + 135: 51, # 'З' + 136: 42, # 'И' + 137: 60, # 'Й' + 138: 36, # 'К' + 139: 49, # 'Л' + 140: 38, # 'М' + 141: 31, # 'Н' + 142: 34, # 'О' + 143: 35, # 'П' + 144: 45, # 'Р' + 145: 32, # 'С' + 146: 40, # 'Т' + 147: 52, # 'У' + 148: 53, # 'Ф' + 149: 55, # 'Х' + 150: 58, # 'Ц' + 151: 50, # 'Ч' + 152: 57, # 'Ш' + 153: 63, # 'Щ' + 154: 70, # 'Ъ' + 155: 62, # 'Ы' + 156: 61, # 'Ь' + 157: 47, # 'Э' + 158: 59, # 'Ю' + 159: 43, # 'Я' + 160: 191, # '†' + 161: 192, # '°' + 162: 193, # 'Ґ' + 163: 194, # '£' + 164: 195, # '§' + 165: 196, # '•' + 166: 197, # '¶' + 167: 198, # 'І' + 168: 199, # '®' + 169: 200, # '©' + 170: 201, # '™' + 171: 202, # 'Ђ' + 172: 203, # 'ђ' + 173: 204, # '≠' + 174: 205, # 'Ѓ' + 175: 206, # 'ѓ' + 176: 207, # '∞' + 177: 208, # '±' + 178: 209, # '≤' + 179: 210, # '≥' + 180: 211, # 'і' + 181: 212, # 'µ' + 182: 213, # 'ґ' + 183: 214, # 'Ј' + 184: 215, # 'Є' + 185: 216, # 'є' + 186: 217, # 'Ї' + 187: 218, # 'ї' + 188: 219, # 'Љ' + 189: 220, # 'љ' + 190: 221, # 'Њ' + 191: 222, # 'њ' + 192: 223, # 'ј' + 193: 224, # 'Ѕ' + 194: 225, # '¬' + 195: 226, # '√' + 196: 227, # 'ƒ' + 197: 228, # '≈' + 198: 229, # '∆' + 199: 230, # '«' + 200: 231, # '»' + 201: 232, # '…' + 202: 233, # '\xa0' + 203: 234, # 'Ћ' + 204: 235, # 'ћ' + 205: 236, # 'Ќ' + 206: 237, # 'ќ' + 207: 238, # 'ѕ' + 208: 239, # '–' + 209: 240, # '—' + 210: 241, # '“' + 211: 242, # '”' + 212: 243, # '‘' + 213: 244, # '’' + 214: 245, # '÷' + 215: 246, # '„' + 216: 247, # 'Ў' + 217: 248, # 'ў' + 218: 249, # 'Џ' + 219: 250, # 'џ' + 220: 251, # '№' + 221: 252, # 'Ё' + 222: 68, # 'ё' + 223: 16, # 'я' + 224: 3, # 'а' + 225: 21, # 'б' + 226: 10, # 'в' + 227: 19, # 'г' + 228: 13, # 'д' + 229: 2, # 'е' + 230: 24, # 'ж' + 231: 20, # 'з' + 232: 4, # 'и' + 233: 23, # 'й' + 234: 11, # 'к' + 235: 8, # 'л' + 236: 12, # 'м' + 237: 5, # 'н' + 238: 1, # 'о' + 239: 15, # 'п' + 240: 9, # 'р' + 241: 7, # 'с' + 242: 6, # 'т' + 243: 14, # 'у' + 244: 39, # 'ф' + 245: 26, # 'х' + 246: 28, # 'ц' + 247: 22, # 'ч' + 248: 25, # 'ш' + 249: 29, # 'щ' + 250: 54, # 'ъ' + 251: 18, # 'ы' + 252: 17, # 'ь' + 253: 30, # 'э' + 254: 27, # 'ю' + 255: 255, # '€' +} + +MACCYRILLIC_RUSSIAN_MODEL = SingleByteCharSetModel(charset_name='MacCyrillic', + language='Russian', + char_to_order_map=MACCYRILLIC_RUSSIAN_CHAR_TO_ORDER, + language_model=RUSSIAN_LANG_MODEL, + typical_positive_ratio=0.976601, + keep_ascii_letters=False, + alphabet='ЁАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫЬЭЮЯабвгдежзийклмнопрстуфхцчшщъыьэюяё') + +ISO_8859_5_RUSSIAN_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 142, # 'A' + 66: 143, # 'B' + 67: 144, # 'C' + 68: 145, # 'D' + 69: 146, # 'E' + 70: 147, # 'F' + 71: 148, # 'G' + 72: 149, # 'H' + 73: 150, # 'I' + 74: 151, # 'J' + 75: 152, # 'K' + 76: 74, # 'L' + 77: 153, # 'M' + 78: 75, # 'N' + 79: 154, # 'O' + 80: 155, # 'P' + 81: 156, # 'Q' + 82: 157, # 'R' + 83: 158, # 'S' + 84: 159, # 'T' + 85: 160, # 'U' + 86: 161, # 'V' + 87: 162, # 'W' + 88: 163, # 'X' + 89: 164, # 'Y' + 90: 165, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 71, # 'a' + 98: 172, # 'b' + 99: 66, # 'c' + 100: 173, # 'd' + 101: 65, # 'e' + 102: 174, # 'f' + 103: 76, # 'g' + 104: 175, # 'h' + 105: 64, # 'i' + 106: 176, # 'j' + 107: 177, # 'k' + 108: 77, # 'l' + 109: 72, # 'm' + 110: 178, # 'n' + 111: 69, # 'o' + 112: 67, # 'p' + 113: 179, # 'q' + 114: 78, # 'r' + 115: 73, # 's' + 116: 180, # 't' + 117: 181, # 'u' + 118: 79, # 'v' + 119: 182, # 'w' + 120: 183, # 'x' + 121: 184, # 'y' + 122: 185, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 191, # '\x80' + 129: 192, # '\x81' + 130: 193, # '\x82' + 131: 194, # '\x83' + 132: 195, # '\x84' + 133: 196, # '\x85' + 134: 197, # '\x86' + 135: 198, # '\x87' + 136: 199, # '\x88' + 137: 200, # '\x89' + 138: 201, # '\x8a' + 139: 202, # '\x8b' + 140: 203, # '\x8c' + 141: 204, # '\x8d' + 142: 205, # '\x8e' + 143: 206, # '\x8f' + 144: 207, # '\x90' + 145: 208, # '\x91' + 146: 209, # '\x92' + 147: 210, # '\x93' + 148: 211, # '\x94' + 149: 212, # '\x95' + 150: 213, # '\x96' + 151: 214, # '\x97' + 152: 215, # '\x98' + 153: 216, # '\x99' + 154: 217, # '\x9a' + 155: 218, # '\x9b' + 156: 219, # '\x9c' + 157: 220, # '\x9d' + 158: 221, # '\x9e' + 159: 222, # '\x9f' + 160: 223, # '\xa0' + 161: 224, # 'Ё' + 162: 225, # 'Ђ' + 163: 226, # 'Ѓ' + 164: 227, # 'Є' + 165: 228, # 'Ѕ' + 166: 229, # 'І' + 167: 230, # 'Ї' + 168: 231, # 'Ј' + 169: 232, # 'Љ' + 170: 233, # 'Њ' + 171: 234, # 'Ћ' + 172: 235, # 'Ќ' + 173: 236, # '\xad' + 174: 237, # 'Ў' + 175: 238, # 'Џ' + 176: 37, # 'А' + 177: 44, # 'Б' + 178: 33, # 'В' + 179: 46, # 'Г' + 180: 41, # 'Д' + 181: 48, # 'Е' + 182: 56, # 'Ж' + 183: 51, # 'З' + 184: 42, # 'И' + 185: 60, # 'Й' + 186: 36, # 'К' + 187: 49, # 'Л' + 188: 38, # 'М' + 189: 31, # 'Н' + 190: 34, # 'О' + 191: 35, # 'П' + 192: 45, # 'Р' + 193: 32, # 'С' + 194: 40, # 'Т' + 195: 52, # 'У' + 196: 53, # 'Ф' + 197: 55, # 'Х' + 198: 58, # 'Ц' + 199: 50, # 'Ч' + 200: 57, # 'Ш' + 201: 63, # 'Щ' + 202: 70, # 'Ъ' + 203: 62, # 'Ы' + 204: 61, # 'Ь' + 205: 47, # 'Э' + 206: 59, # 'Ю' + 207: 43, # 'Я' + 208: 3, # 'а' + 209: 21, # 'б' + 210: 10, # 'в' + 211: 19, # 'г' + 212: 13, # 'д' + 213: 2, # 'е' + 214: 24, # 'ж' + 215: 20, # 'з' + 216: 4, # 'и' + 217: 23, # 'й' + 218: 11, # 'к' + 219: 8, # 'л' + 220: 12, # 'м' + 221: 5, # 'н' + 222: 1, # 'о' + 223: 15, # 'п' + 224: 9, # 'р' + 225: 7, # 'с' + 226: 6, # 'т' + 227: 14, # 'у' + 228: 39, # 'ф' + 229: 26, # 'х' + 230: 28, # 'ц' + 231: 22, # 'ч' + 232: 25, # 'ш' + 233: 29, # 'щ' + 234: 54, # 'ъ' + 235: 18, # 'ы' + 236: 17, # 'ь' + 237: 30, # 'э' + 238: 27, # 'ю' + 239: 16, # 'я' + 240: 239, # '№' + 241: 68, # 'ё' + 242: 240, # 'ђ' + 243: 241, # 'ѓ' + 244: 242, # 'є' + 245: 243, # 'ѕ' + 246: 244, # 'і' + 247: 245, # 'ї' + 248: 246, # 'ј' + 249: 247, # 'љ' + 250: 248, # 'њ' + 251: 249, # 'ћ' + 252: 250, # 'ќ' + 253: 251, # '§' + 254: 252, # 'ў' + 255: 255, # 'џ' +} + +ISO_8859_5_RUSSIAN_MODEL = SingleByteCharSetModel(charset_name='ISO-8859-5', + language='Russian', + char_to_order_map=ISO_8859_5_RUSSIAN_CHAR_TO_ORDER, + language_model=RUSSIAN_LANG_MODEL, + typical_positive_ratio=0.976601, + keep_ascii_letters=False, + alphabet='ЁАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫЬЭЮЯабвгдежзийклмнопрстуфхцчшщъыьэюяё') + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langthaimodel.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langthaimodel.py new file mode 100644 index 000000000..9a37db573 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langthaimodel.py @@ -0,0 +1,4383 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel + + +# 3: Positive +# 2: Likely +# 1: Unlikely +# 0: Negative + +THAI_LANG_MODEL = { + 5: { # 'ก' + 5: 2, # 'ก' + 30: 2, # 'ข' + 24: 2, # 'ค' + 8: 2, # 'ง' + 26: 2, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 1, # 'ซ' + 47: 0, # 'ญ' + 58: 3, # 'ฎ' + 57: 2, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 2, # 'ณ' + 20: 2, # 'ด' + 19: 3, # 'ต' + 44: 0, # 'ถ' + 14: 2, # 'ท' + 48: 0, # 'ธ' + 3: 2, # 'น' + 17: 1, # 'บ' + 25: 2, # 'ป' + 39: 1, # 'ผ' + 62: 1, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 1, # 'ภ' + 9: 2, # 'ม' + 16: 1, # 'ย' + 2: 3, # 'ร' + 61: 2, # 'ฤ' + 15: 3, # 'ล' + 12: 3, # 'ว' + 42: 2, # 'ศ' + 46: 3, # 'ษ' + 18: 2, # 'ส' + 21: 2, # 'ห' + 4: 3, # 'อ' + 63: 1, # 'ฯ' + 22: 2, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 3, # 'ำ' + 23: 3, # 'ิ' + 13: 3, # 'ี' + 40: 0, # 'ึ' + 27: 2, # 'ื' + 32: 2, # 'ุ' + 35: 1, # 'ู' + 11: 2, # 'เ' + 28: 2, # 'แ' + 41: 1, # 'โ' + 29: 1, # 'ใ' + 33: 2, # 'ไ' + 50: 1, # 'ๆ' + 37: 3, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 2, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 30: { # 'ข' + 5: 1, # 'ก' + 30: 0, # 'ข' + 24: 1, # 'ค' + 8: 1, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 2, # 'ณ' + 20: 0, # 'ด' + 19: 2, # 'ต' + 44: 0, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 2, # 'น' + 17: 1, # 'บ' + 25: 1, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 2, # 'ย' + 2: 1, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 2, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 1, # 'ส' + 21: 1, # 'ห' + 4: 3, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 2, # 'ี' + 40: 3, # 'ึ' + 27: 1, # 'ื' + 32: 1, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 1, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 1, # '็' + 6: 2, # '่' + 7: 3, # '้' + 38: 1, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 24: { # 'ค' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 2, # 'ค' + 8: 2, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 2, # 'ณ' + 20: 2, # 'ด' + 19: 2, # 'ต' + 44: 0, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 0, # 'บ' + 25: 1, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 2, # 'ม' + 16: 2, # 'ย' + 2: 3, # 'ร' + 61: 0, # 'ฤ' + 15: 3, # 'ล' + 12: 3, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 1, # 'ส' + 21: 0, # 'ห' + 4: 2, # 'อ' + 63: 0, # 'ฯ' + 22: 2, # 'ะ' + 10: 3, # 'ั' + 1: 2, # 'า' + 36: 3, # 'ำ' + 23: 3, # 'ิ' + 13: 2, # 'ี' + 40: 0, # 'ึ' + 27: 3, # 'ื' + 32: 3, # 'ุ' + 35: 2, # 'ู' + 11: 1, # 'เ' + 28: 0, # 'แ' + 41: 3, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 1, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 3, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 8: { # 'ง' + 5: 3, # 'ก' + 30: 2, # 'ข' + 24: 3, # 'ค' + 8: 2, # 'ง' + 26: 2, # 'จ' + 52: 1, # 'ฉ' + 34: 2, # 'ช' + 51: 1, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 2, # 'ด' + 19: 2, # 'ต' + 44: 1, # 'ถ' + 14: 3, # 'ท' + 48: 1, # 'ธ' + 3: 3, # 'น' + 17: 2, # 'บ' + 25: 2, # 'ป' + 39: 2, # 'ผ' + 62: 1, # 'ฝ' + 31: 2, # 'พ' + 54: 0, # 'ฟ' + 45: 1, # 'ภ' + 9: 2, # 'ม' + 16: 1, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 2, # 'ว' + 42: 2, # 'ศ' + 46: 1, # 'ษ' + 18: 3, # 'ส' + 21: 3, # 'ห' + 4: 2, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 1, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 2, # 'ิ' + 13: 1, # 'ี' + 40: 0, # 'ึ' + 27: 1, # 'ื' + 32: 1, # 'ุ' + 35: 0, # 'ู' + 11: 3, # 'เ' + 28: 2, # 'แ' + 41: 1, # 'โ' + 29: 2, # 'ใ' + 33: 2, # 'ไ' + 50: 3, # 'ๆ' + 37: 0, # '็' + 6: 2, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 26: { # 'จ' + 5: 2, # 'ก' + 30: 1, # 'ข' + 24: 0, # 'ค' + 8: 2, # 'ง' + 26: 3, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 2, # 'ด' + 19: 1, # 'ต' + 44: 1, # 'ถ' + 14: 2, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 1, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 1, # 'ม' + 16: 1, # 'ย' + 2: 3, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 1, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 2, # 'ส' + 21: 1, # 'ห' + 4: 2, # 'อ' + 63: 0, # 'ฯ' + 22: 3, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 3, # 'ำ' + 23: 2, # 'ิ' + 13: 1, # 'ี' + 40: 3, # 'ึ' + 27: 1, # 'ื' + 32: 3, # 'ุ' + 35: 2, # 'ู' + 11: 1, # 'เ' + 28: 1, # 'แ' + 41: 0, # 'โ' + 29: 1, # 'ใ' + 33: 1, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 2, # '่' + 7: 2, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 52: { # 'ฉ' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 3, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 3, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 1, # 'ม' + 16: 1, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 1, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 1, # 'ะ' + 10: 1, # 'ั' + 1: 1, # 'า' + 36: 0, # 'ำ' + 23: 1, # 'ิ' + 13: 1, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 1, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 34: { # 'ช' + 5: 1, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 1, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 1, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 2, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 2, # 'ม' + 16: 1, # 'ย' + 2: 1, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 1, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 2, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 2, # 'ั' + 1: 3, # 'า' + 36: 1, # 'ำ' + 23: 3, # 'ิ' + 13: 2, # 'ี' + 40: 0, # 'ึ' + 27: 3, # 'ื' + 32: 3, # 'ุ' + 35: 1, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 1, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 51: { # 'ซ' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 1, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 1, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 1, # 'ส' + 21: 0, # 'ห' + 4: 2, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 1, # 'ั' + 1: 1, # 'า' + 36: 0, # 'ำ' + 23: 1, # 'ิ' + 13: 2, # 'ี' + 40: 3, # 'ึ' + 27: 2, # 'ื' + 32: 1, # 'ุ' + 35: 1, # 'ู' + 11: 1, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 1, # '็' + 6: 1, # '่' + 7: 2, # '้' + 38: 1, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 47: { # 'ญ' + 5: 1, # 'ก' + 30: 1, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 0, # 'ซ' + 47: 3, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 1, # 'บ' + 25: 1, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 1, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 1, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 1, # 'ส' + 21: 2, # 'ห' + 4: 1, # 'อ' + 63: 0, # 'ฯ' + 22: 1, # 'ะ' + 10: 2, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 1, # 'ิ' + 13: 1, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 1, # 'เ' + 28: 1, # 'แ' + 41: 0, # 'โ' + 29: 1, # 'ใ' + 33: 0, # 'ไ' + 50: 1, # 'ๆ' + 37: 0, # '็' + 6: 2, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 58: { # 'ฎ' + 5: 2, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 1, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 1, # 'ิ' + 13: 2, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 57: { # 'ฏ' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 3, # 'ิ' + 13: 1, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 49: { # 'ฐ' + 5: 1, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 2, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 2, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 1, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 1, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 1, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 53: { # 'ฑ' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 2, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 3, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 55: { # 'ฒ' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 1, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 43: { # 'ณ' + 5: 1, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 3, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 3, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 1, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 1, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 1, # 'ส' + 21: 1, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 3, # 'ะ' + 10: 0, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 1, # 'ิ' + 13: 2, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 1, # 'เ' + 28: 1, # 'แ' + 41: 0, # 'โ' + 29: 1, # 'ใ' + 33: 1, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 3, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 20: { # 'ด' + 5: 2, # 'ก' + 30: 2, # 'ข' + 24: 2, # 'ค' + 8: 3, # 'ง' + 26: 2, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 1, # 'ด' + 19: 2, # 'ต' + 44: 1, # 'ถ' + 14: 2, # 'ท' + 48: 0, # 'ธ' + 3: 1, # 'น' + 17: 1, # 'บ' + 25: 1, # 'ป' + 39: 1, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 1, # 'ภ' + 9: 2, # 'ม' + 16: 3, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 2, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 2, # 'ส' + 21: 2, # 'ห' + 4: 1, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 3, # 'ั' + 1: 2, # 'า' + 36: 2, # 'ำ' + 23: 3, # 'ิ' + 13: 3, # 'ี' + 40: 1, # 'ึ' + 27: 2, # 'ื' + 32: 3, # 'ุ' + 35: 2, # 'ู' + 11: 2, # 'เ' + 28: 2, # 'แ' + 41: 1, # 'โ' + 29: 2, # 'ใ' + 33: 2, # 'ไ' + 50: 2, # 'ๆ' + 37: 2, # '็' + 6: 1, # '่' + 7: 3, # '้' + 38: 1, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 19: { # 'ต' + 5: 2, # 'ก' + 30: 1, # 'ข' + 24: 1, # 'ค' + 8: 0, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 1, # 'ด' + 19: 1, # 'ต' + 44: 2, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 2, # 'น' + 17: 1, # 'บ' + 25: 1, # 'ป' + 39: 1, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 2, # 'ภ' + 9: 1, # 'ม' + 16: 1, # 'ย' + 2: 3, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 1, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 3, # 'ส' + 21: 0, # 'ห' + 4: 3, # 'อ' + 63: 1, # 'ฯ' + 22: 2, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 2, # 'ำ' + 23: 3, # 'ิ' + 13: 2, # 'ี' + 40: 1, # 'ึ' + 27: 1, # 'ื' + 32: 3, # 'ุ' + 35: 2, # 'ู' + 11: 1, # 'เ' + 28: 1, # 'แ' + 41: 1, # 'โ' + 29: 1, # 'ใ' + 33: 1, # 'ไ' + 50: 0, # 'ๆ' + 37: 2, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 2, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 44: { # 'ถ' + 5: 1, # 'ก' + 30: 0, # 'ข' + 24: 1, # 'ค' + 8: 0, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 1, # 'ต' + 44: 0, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 1, # 'น' + 17: 2, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 1, # 'ร' + 61: 0, # 'ฤ' + 15: 1, # 'ล' + 12: 1, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 1, # 'ส' + 21: 0, # 'ห' + 4: 1, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 2, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 2, # 'ิ' + 13: 1, # 'ี' + 40: 3, # 'ึ' + 27: 2, # 'ื' + 32: 2, # 'ุ' + 35: 3, # 'ู' + 11: 1, # 'เ' + 28: 1, # 'แ' + 41: 0, # 'โ' + 29: 1, # 'ใ' + 33: 1, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 2, # '่' + 7: 3, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 14: { # 'ท' + 5: 1, # 'ก' + 30: 1, # 'ข' + 24: 3, # 'ค' + 8: 1, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 2, # 'ด' + 19: 1, # 'ต' + 44: 0, # 'ถ' + 14: 1, # 'ท' + 48: 3, # 'ธ' + 3: 3, # 'น' + 17: 2, # 'บ' + 25: 2, # 'ป' + 39: 1, # 'ผ' + 62: 0, # 'ฝ' + 31: 2, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 1, # 'ม' + 16: 3, # 'ย' + 2: 3, # 'ร' + 61: 1, # 'ฤ' + 15: 1, # 'ล' + 12: 2, # 'ว' + 42: 3, # 'ศ' + 46: 1, # 'ษ' + 18: 1, # 'ส' + 21: 0, # 'ห' + 4: 2, # 'อ' + 63: 0, # 'ฯ' + 22: 2, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 3, # 'ำ' + 23: 2, # 'ิ' + 13: 3, # 'ี' + 40: 2, # 'ึ' + 27: 1, # 'ื' + 32: 3, # 'ุ' + 35: 1, # 'ู' + 11: 0, # 'เ' + 28: 1, # 'แ' + 41: 0, # 'โ' + 29: 1, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 1, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 2, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 48: { # 'ธ' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 1, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 1, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 2, # 'า' + 36: 0, # 'ำ' + 23: 3, # 'ิ' + 13: 3, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 2, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 3, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 3: { # 'น' + 5: 3, # 'ก' + 30: 2, # 'ข' + 24: 3, # 'ค' + 8: 1, # 'ง' + 26: 2, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 1, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 1, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 3, # 'ด' + 19: 3, # 'ต' + 44: 2, # 'ถ' + 14: 3, # 'ท' + 48: 3, # 'ธ' + 3: 2, # 'น' + 17: 2, # 'บ' + 25: 2, # 'ป' + 39: 2, # 'ผ' + 62: 0, # 'ฝ' + 31: 2, # 'พ' + 54: 1, # 'ฟ' + 45: 1, # 'ภ' + 9: 2, # 'ม' + 16: 2, # 'ย' + 2: 2, # 'ร' + 61: 1, # 'ฤ' + 15: 2, # 'ล' + 12: 3, # 'ว' + 42: 1, # 'ศ' + 46: 0, # 'ษ' + 18: 2, # 'ส' + 21: 2, # 'ห' + 4: 3, # 'อ' + 63: 1, # 'ฯ' + 22: 2, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 3, # 'ำ' + 23: 3, # 'ิ' + 13: 3, # 'ี' + 40: 3, # 'ึ' + 27: 3, # 'ื' + 32: 3, # 'ุ' + 35: 2, # 'ู' + 11: 3, # 'เ' + 28: 2, # 'แ' + 41: 3, # 'โ' + 29: 3, # 'ใ' + 33: 3, # 'ไ' + 50: 2, # 'ๆ' + 37: 1, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 2, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 17: { # 'บ' + 5: 3, # 'ก' + 30: 2, # 'ข' + 24: 2, # 'ค' + 8: 1, # 'ง' + 26: 1, # 'จ' + 52: 1, # 'ฉ' + 34: 1, # 'ช' + 51: 1, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 1, # 'ด' + 19: 2, # 'ต' + 44: 1, # 'ถ' + 14: 3, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 3, # 'บ' + 25: 2, # 'ป' + 39: 2, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 1, # 'ฟ' + 45: 1, # 'ภ' + 9: 1, # 'ม' + 16: 0, # 'ย' + 2: 3, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 3, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 2, # 'ส' + 21: 2, # 'ห' + 4: 2, # 'อ' + 63: 1, # 'ฯ' + 22: 0, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 2, # 'ำ' + 23: 2, # 'ิ' + 13: 2, # 'ี' + 40: 0, # 'ึ' + 27: 2, # 'ื' + 32: 3, # 'ุ' + 35: 2, # 'ู' + 11: 2, # 'เ' + 28: 2, # 'แ' + 41: 1, # 'โ' + 29: 2, # 'ใ' + 33: 2, # 'ไ' + 50: 0, # 'ๆ' + 37: 1, # '็' + 6: 2, # '่' + 7: 2, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 25: { # 'ป' + 5: 2, # 'ก' + 30: 0, # 'ข' + 24: 1, # 'ค' + 8: 0, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 1, # 'ซ' + 47: 0, # 'ญ' + 58: 1, # 'ฎ' + 57: 3, # 'ฏ' + 49: 1, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 1, # 'ด' + 19: 1, # 'ต' + 44: 1, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 2, # 'น' + 17: 0, # 'บ' + 25: 1, # 'ป' + 39: 1, # 'ผ' + 62: 1, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 1, # 'ม' + 16: 0, # 'ย' + 2: 3, # 'ร' + 61: 0, # 'ฤ' + 15: 3, # 'ล' + 12: 1, # 'ว' + 42: 0, # 'ศ' + 46: 1, # 'ษ' + 18: 2, # 'ส' + 21: 1, # 'ห' + 4: 2, # 'อ' + 63: 0, # 'ฯ' + 22: 1, # 'ะ' + 10: 3, # 'ั' + 1: 1, # 'า' + 36: 0, # 'ำ' + 23: 2, # 'ิ' + 13: 3, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 1, # 'ุ' + 35: 0, # 'ู' + 11: 1, # 'เ' + 28: 2, # 'แ' + 41: 0, # 'โ' + 29: 1, # 'ใ' + 33: 2, # 'ไ' + 50: 0, # 'ๆ' + 37: 3, # '็' + 6: 1, # '่' + 7: 2, # '้' + 38: 1, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 39: { # 'ผ' + 5: 1, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 1, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 2, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 1, # 'ม' + 16: 2, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 3, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 1, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 1, # 'ะ' + 10: 1, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 2, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 1, # 'ื' + 32: 0, # 'ุ' + 35: 3, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 3, # '่' + 7: 1, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 62: { # 'ฝ' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 1, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 1, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 1, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 1, # 'ี' + 40: 2, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 2, # '่' + 7: 1, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 31: { # 'พ' + 5: 1, # 'ก' + 30: 1, # 'ข' + 24: 1, # 'ค' + 8: 1, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 1, # 'ณ' + 20: 1, # 'ด' + 19: 1, # 'ต' + 44: 0, # 'ถ' + 14: 2, # 'ท' + 48: 1, # 'ธ' + 3: 3, # 'น' + 17: 2, # 'บ' + 25: 0, # 'ป' + 39: 1, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 1, # 'ม' + 16: 2, # 'ย' + 2: 3, # 'ร' + 61: 2, # 'ฤ' + 15: 2, # 'ล' + 12: 2, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 1, # 'ส' + 21: 1, # 'ห' + 4: 2, # 'อ' + 63: 1, # 'ฯ' + 22: 0, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 3, # 'ิ' + 13: 2, # 'ี' + 40: 1, # 'ึ' + 27: 3, # 'ื' + 32: 1, # 'ุ' + 35: 2, # 'ู' + 11: 1, # 'เ' + 28: 1, # 'แ' + 41: 0, # 'โ' + 29: 1, # 'ใ' + 33: 1, # 'ไ' + 50: 0, # 'ๆ' + 37: 1, # '็' + 6: 0, # '่' + 7: 1, # '้' + 38: 3, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 54: { # 'ฟ' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 1, # 'ต' + 44: 0, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 2, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 1, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 1, # 'ส' + 21: 0, # 'ห' + 4: 1, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 2, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 1, # 'ิ' + 13: 1, # 'ี' + 40: 0, # 'ึ' + 27: 1, # 'ื' + 32: 1, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 1, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 2, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 45: { # 'ภ' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 1, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 3, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 1, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 1, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 2, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 1, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 9: { # 'ม' + 5: 2, # 'ก' + 30: 2, # 'ข' + 24: 2, # 'ค' + 8: 2, # 'ง' + 26: 2, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 1, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 1, # 'ณ' + 20: 2, # 'ด' + 19: 2, # 'ต' + 44: 1, # 'ถ' + 14: 2, # 'ท' + 48: 1, # 'ธ' + 3: 3, # 'น' + 17: 2, # 'บ' + 25: 2, # 'ป' + 39: 1, # 'ผ' + 62: 0, # 'ฝ' + 31: 3, # 'พ' + 54: 0, # 'ฟ' + 45: 1, # 'ภ' + 9: 2, # 'ม' + 16: 1, # 'ย' + 2: 2, # 'ร' + 61: 2, # 'ฤ' + 15: 2, # 'ล' + 12: 2, # 'ว' + 42: 1, # 'ศ' + 46: 1, # 'ษ' + 18: 3, # 'ส' + 21: 3, # 'ห' + 4: 3, # 'อ' + 63: 0, # 'ฯ' + 22: 1, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 3, # 'ิ' + 13: 3, # 'ี' + 40: 0, # 'ึ' + 27: 3, # 'ื' + 32: 3, # 'ุ' + 35: 3, # 'ู' + 11: 2, # 'เ' + 28: 2, # 'แ' + 41: 2, # 'โ' + 29: 2, # 'ใ' + 33: 2, # 'ไ' + 50: 1, # 'ๆ' + 37: 1, # '็' + 6: 3, # '่' + 7: 2, # '้' + 38: 1, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 16: { # 'ย' + 5: 3, # 'ก' + 30: 1, # 'ข' + 24: 2, # 'ค' + 8: 3, # 'ง' + 26: 2, # 'จ' + 52: 0, # 'ฉ' + 34: 2, # 'ช' + 51: 0, # 'ซ' + 47: 2, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 2, # 'ด' + 19: 2, # 'ต' + 44: 1, # 'ถ' + 14: 2, # 'ท' + 48: 1, # 'ธ' + 3: 3, # 'น' + 17: 3, # 'บ' + 25: 1, # 'ป' + 39: 1, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 1, # 'ภ' + 9: 2, # 'ม' + 16: 0, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 1, # 'ล' + 12: 3, # 'ว' + 42: 1, # 'ศ' + 46: 0, # 'ษ' + 18: 2, # 'ส' + 21: 1, # 'ห' + 4: 2, # 'อ' + 63: 0, # 'ฯ' + 22: 2, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 2, # 'ิ' + 13: 3, # 'ี' + 40: 1, # 'ึ' + 27: 2, # 'ื' + 32: 2, # 'ุ' + 35: 3, # 'ู' + 11: 2, # 'เ' + 28: 1, # 'แ' + 41: 1, # 'โ' + 29: 2, # 'ใ' + 33: 2, # 'ไ' + 50: 2, # 'ๆ' + 37: 1, # '็' + 6: 3, # '่' + 7: 2, # '้' + 38: 3, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 2: { # 'ร' + 5: 3, # 'ก' + 30: 2, # 'ข' + 24: 2, # 'ค' + 8: 3, # 'ง' + 26: 2, # 'จ' + 52: 0, # 'ฉ' + 34: 2, # 'ช' + 51: 1, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 3, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 3, # 'ณ' + 20: 2, # 'ด' + 19: 2, # 'ต' + 44: 3, # 'ถ' + 14: 3, # 'ท' + 48: 1, # 'ธ' + 3: 2, # 'น' + 17: 2, # 'บ' + 25: 3, # 'ป' + 39: 2, # 'ผ' + 62: 1, # 'ฝ' + 31: 2, # 'พ' + 54: 1, # 'ฟ' + 45: 1, # 'ภ' + 9: 3, # 'ม' + 16: 2, # 'ย' + 2: 3, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 3, # 'ว' + 42: 2, # 'ศ' + 46: 2, # 'ษ' + 18: 2, # 'ส' + 21: 2, # 'ห' + 4: 3, # 'อ' + 63: 1, # 'ฯ' + 22: 3, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 3, # 'ิ' + 13: 3, # 'ี' + 40: 2, # 'ึ' + 27: 3, # 'ื' + 32: 3, # 'ุ' + 35: 3, # 'ู' + 11: 3, # 'เ' + 28: 3, # 'แ' + 41: 1, # 'โ' + 29: 2, # 'ใ' + 33: 1, # 'ไ' + 50: 0, # 'ๆ' + 37: 3, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 3, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 61: { # 'ฤ' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 2, # 'ต' + 44: 0, # 'ถ' + 14: 2, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 1, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 2, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 15: { # 'ล' + 5: 2, # 'ก' + 30: 3, # 'ข' + 24: 1, # 'ค' + 8: 3, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 2, # 'ด' + 19: 2, # 'ต' + 44: 1, # 'ถ' + 14: 2, # 'ท' + 48: 0, # 'ธ' + 3: 1, # 'น' + 17: 2, # 'บ' + 25: 2, # 'ป' + 39: 1, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 1, # 'ภ' + 9: 1, # 'ม' + 16: 3, # 'ย' + 2: 1, # 'ร' + 61: 0, # 'ฤ' + 15: 1, # 'ล' + 12: 1, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 2, # 'ส' + 21: 1, # 'ห' + 4: 3, # 'อ' + 63: 2, # 'ฯ' + 22: 3, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 2, # 'ำ' + 23: 3, # 'ิ' + 13: 3, # 'ี' + 40: 2, # 'ึ' + 27: 3, # 'ื' + 32: 2, # 'ุ' + 35: 3, # 'ู' + 11: 2, # 'เ' + 28: 1, # 'แ' + 41: 1, # 'โ' + 29: 2, # 'ใ' + 33: 1, # 'ไ' + 50: 0, # 'ๆ' + 37: 2, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 2, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 12: { # 'ว' + 5: 3, # 'ก' + 30: 2, # 'ข' + 24: 1, # 'ค' + 8: 3, # 'ง' + 26: 2, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 1, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 1, # 'ณ' + 20: 2, # 'ด' + 19: 1, # 'ต' + 44: 1, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 2, # 'บ' + 25: 1, # 'ป' + 39: 1, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 1, # 'ฟ' + 45: 0, # 'ภ' + 9: 3, # 'ม' + 16: 3, # 'ย' + 2: 3, # 'ร' + 61: 0, # 'ฤ' + 15: 3, # 'ล' + 12: 1, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 2, # 'ส' + 21: 2, # 'ห' + 4: 2, # 'อ' + 63: 0, # 'ฯ' + 22: 2, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 3, # 'ิ' + 13: 2, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 2, # 'ุ' + 35: 0, # 'ู' + 11: 3, # 'เ' + 28: 2, # 'แ' + 41: 1, # 'โ' + 29: 1, # 'ใ' + 33: 2, # 'ไ' + 50: 1, # 'ๆ' + 37: 0, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 1, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 42: { # 'ศ' + 5: 1, # 'ก' + 30: 0, # 'ข' + 24: 1, # 'ค' + 8: 0, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 1, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 1, # 'ต' + 44: 0, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 2, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 2, # 'ว' + 42: 1, # 'ศ' + 46: 2, # 'ษ' + 18: 1, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 2, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 2, # 'ิ' + 13: 0, # 'ี' + 40: 3, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 2, # 'ู' + 11: 0, # 'เ' + 28: 1, # 'แ' + 41: 0, # 'โ' + 29: 1, # 'ใ' + 33: 1, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 1, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 46: { # 'ษ' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 2, # 'ฎ' + 57: 1, # 'ฏ' + 49: 2, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 3, # 'ณ' + 20: 0, # 'ด' + 19: 1, # 'ต' + 44: 0, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 1, # 'ภ' + 9: 1, # 'ม' + 16: 2, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 1, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 2, # 'ะ' + 10: 2, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 1, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 1, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 2, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 18: { # 'ส' + 5: 2, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 2, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 3, # 'ด' + 19: 3, # 'ต' + 44: 3, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 2, # 'บ' + 25: 1, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 2, # 'ภ' + 9: 3, # 'ม' + 16: 1, # 'ย' + 2: 3, # 'ร' + 61: 0, # 'ฤ' + 15: 1, # 'ล' + 12: 2, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 2, # 'ห' + 4: 3, # 'อ' + 63: 0, # 'ฯ' + 22: 2, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 3, # 'ำ' + 23: 3, # 'ิ' + 13: 3, # 'ี' + 40: 2, # 'ึ' + 27: 3, # 'ื' + 32: 3, # 'ุ' + 35: 3, # 'ู' + 11: 2, # 'เ' + 28: 0, # 'แ' + 41: 1, # 'โ' + 29: 0, # 'ใ' + 33: 1, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 3, # '่' + 7: 1, # '้' + 38: 2, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 21: { # 'ห' + 5: 3, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 1, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 2, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 1, # 'ด' + 19: 3, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 0, # 'บ' + 25: 1, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 3, # 'ม' + 16: 2, # 'ย' + 2: 3, # 'ร' + 61: 0, # 'ฤ' + 15: 3, # 'ล' + 12: 2, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 3, # 'อ' + 63: 0, # 'ฯ' + 22: 1, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 0, # 'ำ' + 23: 1, # 'ิ' + 13: 1, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 1, # 'ุ' + 35: 1, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 3, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 2, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 4: { # 'อ' + 5: 3, # 'ก' + 30: 1, # 'ข' + 24: 2, # 'ค' + 8: 3, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 3, # 'ด' + 19: 2, # 'ต' + 44: 1, # 'ถ' + 14: 2, # 'ท' + 48: 1, # 'ธ' + 3: 3, # 'น' + 17: 3, # 'บ' + 25: 1, # 'ป' + 39: 1, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 1, # 'ฟ' + 45: 1, # 'ภ' + 9: 3, # 'ม' + 16: 3, # 'ย' + 2: 3, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 2, # 'ว' + 42: 1, # 'ศ' + 46: 0, # 'ษ' + 18: 2, # 'ส' + 21: 2, # 'ห' + 4: 3, # 'อ' + 63: 0, # 'ฯ' + 22: 2, # 'ะ' + 10: 3, # 'ั' + 1: 3, # 'า' + 36: 2, # 'ำ' + 23: 2, # 'ิ' + 13: 3, # 'ี' + 40: 0, # 'ึ' + 27: 3, # 'ื' + 32: 3, # 'ุ' + 35: 0, # 'ู' + 11: 3, # 'เ' + 28: 1, # 'แ' + 41: 1, # 'โ' + 29: 2, # 'ใ' + 33: 2, # 'ไ' + 50: 1, # 'ๆ' + 37: 1, # '็' + 6: 2, # '่' + 7: 2, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 63: { # 'ฯ' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 22: { # 'ะ' + 5: 3, # 'ก' + 30: 1, # 'ข' + 24: 2, # 'ค' + 8: 1, # 'ง' + 26: 2, # 'จ' + 52: 0, # 'ฉ' + 34: 3, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 3, # 'ด' + 19: 3, # 'ต' + 44: 1, # 'ถ' + 14: 3, # 'ท' + 48: 1, # 'ธ' + 3: 2, # 'น' + 17: 3, # 'บ' + 25: 2, # 'ป' + 39: 1, # 'ผ' + 62: 0, # 'ฝ' + 31: 2, # 'พ' + 54: 0, # 'ฟ' + 45: 1, # 'ภ' + 9: 3, # 'ม' + 16: 2, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 2, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 3, # 'ส' + 21: 3, # 'ห' + 4: 2, # 'อ' + 63: 1, # 'ฯ' + 22: 1, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 3, # 'เ' + 28: 2, # 'แ' + 41: 1, # 'โ' + 29: 2, # 'ใ' + 33: 2, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 10: { # 'ั' + 5: 3, # 'ก' + 30: 0, # 'ข' + 24: 1, # 'ค' + 8: 3, # 'ง' + 26: 3, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 0, # 'ซ' + 47: 3, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 2, # 'ฐ' + 53: 0, # 'ฑ' + 55: 3, # 'ฒ' + 43: 3, # 'ณ' + 20: 3, # 'ด' + 19: 3, # 'ต' + 44: 0, # 'ถ' + 14: 2, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 3, # 'บ' + 25: 1, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 2, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 3, # 'ม' + 16: 3, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 3, # 'ว' + 42: 2, # 'ศ' + 46: 0, # 'ษ' + 18: 3, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 1: { # 'า' + 5: 3, # 'ก' + 30: 2, # 'ข' + 24: 3, # 'ค' + 8: 3, # 'ง' + 26: 3, # 'จ' + 52: 0, # 'ฉ' + 34: 3, # 'ช' + 51: 1, # 'ซ' + 47: 2, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 3, # 'ณ' + 20: 3, # 'ด' + 19: 3, # 'ต' + 44: 1, # 'ถ' + 14: 3, # 'ท' + 48: 2, # 'ธ' + 3: 3, # 'น' + 17: 3, # 'บ' + 25: 2, # 'ป' + 39: 1, # 'ผ' + 62: 1, # 'ฝ' + 31: 3, # 'พ' + 54: 1, # 'ฟ' + 45: 1, # 'ภ' + 9: 3, # 'ม' + 16: 3, # 'ย' + 2: 3, # 'ร' + 61: 0, # 'ฤ' + 15: 3, # 'ล' + 12: 3, # 'ว' + 42: 2, # 'ศ' + 46: 3, # 'ษ' + 18: 3, # 'ส' + 21: 3, # 'ห' + 4: 2, # 'อ' + 63: 1, # 'ฯ' + 22: 3, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 3, # 'เ' + 28: 2, # 'แ' + 41: 1, # 'โ' + 29: 2, # 'ใ' + 33: 2, # 'ไ' + 50: 1, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 36: { # 'ำ' + 5: 2, # 'ก' + 30: 1, # 'ข' + 24: 3, # 'ค' + 8: 2, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 1, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 1, # 'ด' + 19: 1, # 'ต' + 44: 1, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 1, # 'บ' + 25: 1, # 'ป' + 39: 1, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 1, # 'ภ' + 9: 1, # 'ม' + 16: 0, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 1, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 1, # 'ส' + 21: 3, # 'ห' + 4: 1, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 3, # 'เ' + 28: 2, # 'แ' + 41: 1, # 'โ' + 29: 2, # 'ใ' + 33: 2, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 23: { # 'ิ' + 5: 3, # 'ก' + 30: 1, # 'ข' + 24: 2, # 'ค' + 8: 3, # 'ง' + 26: 3, # 'จ' + 52: 0, # 'ฉ' + 34: 3, # 'ช' + 51: 0, # 'ซ' + 47: 2, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 3, # 'ด' + 19: 3, # 'ต' + 44: 1, # 'ถ' + 14: 3, # 'ท' + 48: 3, # 'ธ' + 3: 3, # 'น' + 17: 3, # 'บ' + 25: 2, # 'ป' + 39: 2, # 'ผ' + 62: 0, # 'ฝ' + 31: 3, # 'พ' + 54: 1, # 'ฟ' + 45: 2, # 'ภ' + 9: 3, # 'ม' + 16: 2, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 3, # 'ว' + 42: 3, # 'ศ' + 46: 2, # 'ษ' + 18: 2, # 'ส' + 21: 3, # 'ห' + 4: 1, # 'อ' + 63: 1, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 3, # 'เ' + 28: 1, # 'แ' + 41: 1, # 'โ' + 29: 1, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 3, # '่' + 7: 2, # '้' + 38: 2, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 13: { # 'ี' + 5: 3, # 'ก' + 30: 2, # 'ข' + 24: 2, # 'ค' + 8: 0, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 2, # 'ด' + 19: 1, # 'ต' + 44: 0, # 'ถ' + 14: 2, # 'ท' + 48: 0, # 'ธ' + 3: 1, # 'น' + 17: 2, # 'บ' + 25: 2, # 'ป' + 39: 1, # 'ผ' + 62: 0, # 'ฝ' + 31: 2, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 2, # 'ม' + 16: 3, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 1, # 'ล' + 12: 2, # 'ว' + 42: 1, # 'ศ' + 46: 0, # 'ษ' + 18: 2, # 'ส' + 21: 1, # 'ห' + 4: 2, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 2, # 'เ' + 28: 2, # 'แ' + 41: 1, # 'โ' + 29: 1, # 'ใ' + 33: 1, # 'ไ' + 50: 1, # 'ๆ' + 37: 0, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 40: { # 'ึ' + 5: 3, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 3, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 1, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 1, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 27: { # 'ื' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 1, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 2, # 'น' + 17: 3, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 2, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 3, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 32: { # 'ุ' + 5: 3, # 'ก' + 30: 2, # 'ข' + 24: 3, # 'ค' + 8: 3, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 2, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 1, # 'ฒ' + 43: 3, # 'ณ' + 20: 3, # 'ด' + 19: 3, # 'ต' + 44: 1, # 'ถ' + 14: 2, # 'ท' + 48: 1, # 'ธ' + 3: 2, # 'น' + 17: 2, # 'บ' + 25: 2, # 'ป' + 39: 2, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 1, # 'ภ' + 9: 3, # 'ม' + 16: 1, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 1, # 'ว' + 42: 1, # 'ศ' + 46: 2, # 'ษ' + 18: 1, # 'ส' + 21: 1, # 'ห' + 4: 1, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 1, # 'เ' + 28: 0, # 'แ' + 41: 1, # 'โ' + 29: 0, # 'ใ' + 33: 1, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 3, # '่' + 7: 2, # '้' + 38: 1, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 35: { # 'ู' + 5: 3, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 2, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 2, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 1, # 'ณ' + 20: 2, # 'ด' + 19: 2, # 'ต' + 44: 0, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 2, # 'น' + 17: 0, # 'บ' + 25: 3, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 2, # 'ม' + 16: 0, # 'ย' + 2: 1, # 'ร' + 61: 0, # 'ฤ' + 15: 3, # 'ล' + 12: 1, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 1, # 'เ' + 28: 1, # 'แ' + 41: 1, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 3, # '่' + 7: 3, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 11: { # 'เ' + 5: 3, # 'ก' + 30: 3, # 'ข' + 24: 3, # 'ค' + 8: 2, # 'ง' + 26: 3, # 'จ' + 52: 3, # 'ฉ' + 34: 3, # 'ช' + 51: 2, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 1, # 'ณ' + 20: 3, # 'ด' + 19: 3, # 'ต' + 44: 1, # 'ถ' + 14: 3, # 'ท' + 48: 1, # 'ธ' + 3: 3, # 'น' + 17: 3, # 'บ' + 25: 3, # 'ป' + 39: 2, # 'ผ' + 62: 1, # 'ฝ' + 31: 3, # 'พ' + 54: 1, # 'ฟ' + 45: 3, # 'ภ' + 9: 3, # 'ม' + 16: 2, # 'ย' + 2: 3, # 'ร' + 61: 0, # 'ฤ' + 15: 3, # 'ล' + 12: 3, # 'ว' + 42: 2, # 'ศ' + 46: 0, # 'ษ' + 18: 3, # 'ส' + 21: 3, # 'ห' + 4: 3, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 28: { # 'แ' + 5: 3, # 'ก' + 30: 2, # 'ข' + 24: 2, # 'ค' + 8: 1, # 'ง' + 26: 2, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 2, # 'ด' + 19: 3, # 'ต' + 44: 2, # 'ถ' + 14: 3, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 3, # 'บ' + 25: 2, # 'ป' + 39: 3, # 'ผ' + 62: 0, # 'ฝ' + 31: 2, # 'พ' + 54: 2, # 'ฟ' + 45: 0, # 'ภ' + 9: 2, # 'ม' + 16: 2, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 3, # 'ล' + 12: 2, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 3, # 'ส' + 21: 3, # 'ห' + 4: 1, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 41: { # 'โ' + 5: 2, # 'ก' + 30: 1, # 'ข' + 24: 2, # 'ค' + 8: 0, # 'ง' + 26: 1, # 'จ' + 52: 1, # 'ฉ' + 34: 1, # 'ช' + 51: 1, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 3, # 'ด' + 19: 2, # 'ต' + 44: 0, # 'ถ' + 14: 2, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 1, # 'บ' + 25: 3, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 1, # 'ฟ' + 45: 1, # 'ภ' + 9: 1, # 'ม' + 16: 2, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 3, # 'ล' + 12: 0, # 'ว' + 42: 1, # 'ศ' + 46: 0, # 'ษ' + 18: 2, # 'ส' + 21: 0, # 'ห' + 4: 2, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 29: { # 'ใ' + 5: 2, # 'ก' + 30: 0, # 'ข' + 24: 1, # 'ค' + 8: 0, # 'ง' + 26: 3, # 'จ' + 52: 0, # 'ฉ' + 34: 3, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 3, # 'ด' + 19: 1, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 2, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 1, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 3, # 'ส' + 21: 3, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 33: { # 'ไ' + 5: 1, # 'ก' + 30: 2, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 1, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 3, # 'ด' + 19: 1, # 'ต' + 44: 0, # 'ถ' + 14: 3, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 1, # 'บ' + 25: 3, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 2, # 'ฟ' + 45: 0, # 'ภ' + 9: 3, # 'ม' + 16: 0, # 'ย' + 2: 3, # 'ร' + 61: 0, # 'ฤ' + 15: 1, # 'ล' + 12: 3, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 1, # 'ส' + 21: 2, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 50: { # 'ๆ' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 37: { # '็' + 5: 2, # 'ก' + 30: 1, # 'ข' + 24: 2, # 'ค' + 8: 2, # 'ง' + 26: 3, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 1, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 1, # 'ด' + 19: 2, # 'ต' + 44: 0, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 3, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 2, # 'ม' + 16: 1, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 2, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 1, # 'ส' + 21: 0, # 'ห' + 4: 1, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 1, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 1, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 6: { # '่' + 5: 2, # 'ก' + 30: 1, # 'ข' + 24: 2, # 'ค' + 8: 3, # 'ง' + 26: 2, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 1, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 1, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 1, # 'ด' + 19: 2, # 'ต' + 44: 1, # 'ถ' + 14: 2, # 'ท' + 48: 1, # 'ธ' + 3: 3, # 'น' + 17: 1, # 'บ' + 25: 2, # 'ป' + 39: 2, # 'ผ' + 62: 1, # 'ฝ' + 31: 1, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 3, # 'ม' + 16: 3, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 2, # 'ล' + 12: 3, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 2, # 'ส' + 21: 1, # 'ห' + 4: 3, # 'อ' + 63: 0, # 'ฯ' + 22: 1, # 'ะ' + 10: 0, # 'ั' + 1: 3, # 'า' + 36: 2, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 3, # 'เ' + 28: 2, # 'แ' + 41: 1, # 'โ' + 29: 2, # 'ใ' + 33: 2, # 'ไ' + 50: 1, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 7: { # '้' + 5: 2, # 'ก' + 30: 1, # 'ข' + 24: 2, # 'ค' + 8: 3, # 'ง' + 26: 2, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 1, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 1, # 'ด' + 19: 2, # 'ต' + 44: 1, # 'ถ' + 14: 2, # 'ท' + 48: 0, # 'ธ' + 3: 3, # 'น' + 17: 2, # 'บ' + 25: 2, # 'ป' + 39: 2, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 1, # 'ฟ' + 45: 0, # 'ภ' + 9: 3, # 'ม' + 16: 2, # 'ย' + 2: 2, # 'ร' + 61: 0, # 'ฤ' + 15: 1, # 'ล' + 12: 3, # 'ว' + 42: 1, # 'ศ' + 46: 0, # 'ษ' + 18: 2, # 'ส' + 21: 2, # 'ห' + 4: 3, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 3, # 'า' + 36: 2, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 2, # 'เ' + 28: 2, # 'แ' + 41: 1, # 'โ' + 29: 2, # 'ใ' + 33: 2, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 38: { # '์' + 5: 2, # 'ก' + 30: 1, # 'ข' + 24: 1, # 'ค' + 8: 0, # 'ง' + 26: 1, # 'จ' + 52: 0, # 'ฉ' + 34: 1, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 2, # 'ด' + 19: 1, # 'ต' + 44: 1, # 'ถ' + 14: 1, # 'ท' + 48: 0, # 'ธ' + 3: 1, # 'น' + 17: 1, # 'บ' + 25: 1, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 1, # 'พ' + 54: 1, # 'ฟ' + 45: 0, # 'ภ' + 9: 2, # 'ม' + 16: 0, # 'ย' + 2: 1, # 'ร' + 61: 1, # 'ฤ' + 15: 1, # 'ล' + 12: 1, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 1, # 'ส' + 21: 1, # 'ห' + 4: 2, # 'อ' + 63: 1, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 2, # 'เ' + 28: 2, # 'แ' + 41: 1, # 'โ' + 29: 1, # 'ใ' + 33: 1, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 0, # '๑' + 59: 0, # '๒' + 60: 0, # '๕' + }, + 56: { # '๑' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 2, # '๑' + 59: 1, # '๒' + 60: 1, # '๕' + }, + 59: { # '๒' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 1, # '๑' + 59: 1, # '๒' + 60: 3, # '๕' + }, + 60: { # '๕' + 5: 0, # 'ก' + 30: 0, # 'ข' + 24: 0, # 'ค' + 8: 0, # 'ง' + 26: 0, # 'จ' + 52: 0, # 'ฉ' + 34: 0, # 'ช' + 51: 0, # 'ซ' + 47: 0, # 'ญ' + 58: 0, # 'ฎ' + 57: 0, # 'ฏ' + 49: 0, # 'ฐ' + 53: 0, # 'ฑ' + 55: 0, # 'ฒ' + 43: 0, # 'ณ' + 20: 0, # 'ด' + 19: 0, # 'ต' + 44: 0, # 'ถ' + 14: 0, # 'ท' + 48: 0, # 'ธ' + 3: 0, # 'น' + 17: 0, # 'บ' + 25: 0, # 'ป' + 39: 0, # 'ผ' + 62: 0, # 'ฝ' + 31: 0, # 'พ' + 54: 0, # 'ฟ' + 45: 0, # 'ภ' + 9: 0, # 'ม' + 16: 0, # 'ย' + 2: 0, # 'ร' + 61: 0, # 'ฤ' + 15: 0, # 'ล' + 12: 0, # 'ว' + 42: 0, # 'ศ' + 46: 0, # 'ษ' + 18: 0, # 'ส' + 21: 0, # 'ห' + 4: 0, # 'อ' + 63: 0, # 'ฯ' + 22: 0, # 'ะ' + 10: 0, # 'ั' + 1: 0, # 'า' + 36: 0, # 'ำ' + 23: 0, # 'ิ' + 13: 0, # 'ี' + 40: 0, # 'ึ' + 27: 0, # 'ื' + 32: 0, # 'ุ' + 35: 0, # 'ู' + 11: 0, # 'เ' + 28: 0, # 'แ' + 41: 0, # 'โ' + 29: 0, # 'ใ' + 33: 0, # 'ไ' + 50: 0, # 'ๆ' + 37: 0, # '็' + 6: 0, # '่' + 7: 0, # '้' + 38: 0, # '์' + 56: 2, # '๑' + 59: 1, # '๒' + 60: 0, # '๕' + }, +} + +# 255: Undefined characters that did not exist in training text +# 254: Carriage/Return +# 253: symbol (punctuation) that does not belong to word +# 252: 0 - 9 +# 251: Control characters + +# Character Mapping Table(s): +TIS_620_THAI_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 254, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 254, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 253, # ' ' + 33: 253, # '!' + 34: 253, # '"' + 35: 253, # '#' + 36: 253, # '$' + 37: 253, # '%' + 38: 253, # '&' + 39: 253, # "'" + 40: 253, # '(' + 41: 253, # ')' + 42: 253, # '*' + 43: 253, # '+' + 44: 253, # ',' + 45: 253, # '-' + 46: 253, # '.' + 47: 253, # '/' + 48: 252, # '0' + 49: 252, # '1' + 50: 252, # '2' + 51: 252, # '3' + 52: 252, # '4' + 53: 252, # '5' + 54: 252, # '6' + 55: 252, # '7' + 56: 252, # '8' + 57: 252, # '9' + 58: 253, # ':' + 59: 253, # ';' + 60: 253, # '<' + 61: 253, # '=' + 62: 253, # '>' + 63: 253, # '?' + 64: 253, # '@' + 65: 182, # 'A' + 66: 106, # 'B' + 67: 107, # 'C' + 68: 100, # 'D' + 69: 183, # 'E' + 70: 184, # 'F' + 71: 185, # 'G' + 72: 101, # 'H' + 73: 94, # 'I' + 74: 186, # 'J' + 75: 187, # 'K' + 76: 108, # 'L' + 77: 109, # 'M' + 78: 110, # 'N' + 79: 111, # 'O' + 80: 188, # 'P' + 81: 189, # 'Q' + 82: 190, # 'R' + 83: 89, # 'S' + 84: 95, # 'T' + 85: 112, # 'U' + 86: 113, # 'V' + 87: 191, # 'W' + 88: 192, # 'X' + 89: 193, # 'Y' + 90: 194, # 'Z' + 91: 253, # '[' + 92: 253, # '\\' + 93: 253, # ']' + 94: 253, # '^' + 95: 253, # '_' + 96: 253, # '`' + 97: 64, # 'a' + 98: 72, # 'b' + 99: 73, # 'c' + 100: 114, # 'd' + 101: 74, # 'e' + 102: 115, # 'f' + 103: 116, # 'g' + 104: 102, # 'h' + 105: 81, # 'i' + 106: 201, # 'j' + 107: 117, # 'k' + 108: 90, # 'l' + 109: 103, # 'm' + 110: 78, # 'n' + 111: 82, # 'o' + 112: 96, # 'p' + 113: 202, # 'q' + 114: 91, # 'r' + 115: 79, # 's' + 116: 84, # 't' + 117: 104, # 'u' + 118: 105, # 'v' + 119: 97, # 'w' + 120: 98, # 'x' + 121: 92, # 'y' + 122: 203, # 'z' + 123: 253, # '{' + 124: 253, # '|' + 125: 253, # '}' + 126: 253, # '~' + 127: 253, # '\x7f' + 128: 209, # '\x80' + 129: 210, # '\x81' + 130: 211, # '\x82' + 131: 212, # '\x83' + 132: 213, # '\x84' + 133: 88, # '\x85' + 134: 214, # '\x86' + 135: 215, # '\x87' + 136: 216, # '\x88' + 137: 217, # '\x89' + 138: 218, # '\x8a' + 139: 219, # '\x8b' + 140: 220, # '\x8c' + 141: 118, # '\x8d' + 142: 221, # '\x8e' + 143: 222, # '\x8f' + 144: 223, # '\x90' + 145: 224, # '\x91' + 146: 99, # '\x92' + 147: 85, # '\x93' + 148: 83, # '\x94' + 149: 225, # '\x95' + 150: 226, # '\x96' + 151: 227, # '\x97' + 152: 228, # '\x98' + 153: 229, # '\x99' + 154: 230, # '\x9a' + 155: 231, # '\x9b' + 156: 232, # '\x9c' + 157: 233, # '\x9d' + 158: 234, # '\x9e' + 159: 235, # '\x9f' + 160: 236, # None + 161: 5, # 'ก' + 162: 30, # 'ข' + 163: 237, # 'ฃ' + 164: 24, # 'ค' + 165: 238, # 'ฅ' + 166: 75, # 'ฆ' + 167: 8, # 'ง' + 168: 26, # 'จ' + 169: 52, # 'ฉ' + 170: 34, # 'ช' + 171: 51, # 'ซ' + 172: 119, # 'ฌ' + 173: 47, # 'ญ' + 174: 58, # 'ฎ' + 175: 57, # 'ฏ' + 176: 49, # 'ฐ' + 177: 53, # 'ฑ' + 178: 55, # 'ฒ' + 179: 43, # 'ณ' + 180: 20, # 'ด' + 181: 19, # 'ต' + 182: 44, # 'ถ' + 183: 14, # 'ท' + 184: 48, # 'ธ' + 185: 3, # 'น' + 186: 17, # 'บ' + 187: 25, # 'ป' + 188: 39, # 'ผ' + 189: 62, # 'ฝ' + 190: 31, # 'พ' + 191: 54, # 'ฟ' + 192: 45, # 'ภ' + 193: 9, # 'ม' + 194: 16, # 'ย' + 195: 2, # 'ร' + 196: 61, # 'ฤ' + 197: 15, # 'ล' + 198: 239, # 'ฦ' + 199: 12, # 'ว' + 200: 42, # 'ศ' + 201: 46, # 'ษ' + 202: 18, # 'ส' + 203: 21, # 'ห' + 204: 76, # 'ฬ' + 205: 4, # 'อ' + 206: 66, # 'ฮ' + 207: 63, # 'ฯ' + 208: 22, # 'ะ' + 209: 10, # 'ั' + 210: 1, # 'า' + 211: 36, # 'ำ' + 212: 23, # 'ิ' + 213: 13, # 'ี' + 214: 40, # 'ึ' + 215: 27, # 'ื' + 216: 32, # 'ุ' + 217: 35, # 'ู' + 218: 86, # 'ฺ' + 219: 240, # None + 220: 241, # None + 221: 242, # None + 222: 243, # None + 223: 244, # '฿' + 224: 11, # 'เ' + 225: 28, # 'แ' + 226: 41, # 'โ' + 227: 29, # 'ใ' + 228: 33, # 'ไ' + 229: 245, # 'ๅ' + 230: 50, # 'ๆ' + 231: 37, # '็' + 232: 6, # '่' + 233: 7, # '้' + 234: 67, # '๊' + 235: 77, # '๋' + 236: 38, # '์' + 237: 93, # 'ํ' + 238: 246, # '๎' + 239: 247, # '๏' + 240: 68, # '๐' + 241: 56, # '๑' + 242: 59, # '๒' + 243: 65, # '๓' + 244: 69, # '๔' + 245: 60, # '๕' + 246: 70, # '๖' + 247: 80, # '๗' + 248: 71, # '๘' + 249: 87, # '๙' + 250: 248, # '๚' + 251: 249, # '๛' + 252: 250, # None + 253: 251, # None + 254: 252, # None + 255: 253, # None +} + +TIS_620_THAI_MODEL = SingleByteCharSetModel(charset_name='TIS-620', + language='Thai', + char_to_order_map=TIS_620_THAI_CHAR_TO_ORDER, + language_model=THAI_LANG_MODEL, + typical_positive_ratio=0.926386, + keep_ascii_letters=False, + alphabet='กขฃคฅฆงจฉชซฌญฎฏฐฑฒณดตถทธนบปผฝพฟภมยรฤลฦวศษสหฬอฮฯะัาำิีึืฺุู฿เแโใไๅๆ็่้๊๋์ํ๎๏๐๑๒๓๔๕๖๗๘๙๚๛') + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langturkishmodel.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langturkishmodel.py new file mode 100644 index 000000000..43f4230ae --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/langturkishmodel.py @@ -0,0 +1,4383 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel + + +# 3: Positive +# 2: Likely +# 1: Unlikely +# 0: Negative + +TURKISH_LANG_MODEL = { + 23: { # 'A' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 0, # 'c' + 12: 2, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 1, # 'g' + 25: 1, # 'h' + 3: 1, # 'i' + 24: 0, # 'j' + 10: 2, # 'k' + 5: 1, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 15: 0, # 'o' + 26: 0, # 'p' + 7: 1, # 'r' + 8: 1, # 's' + 9: 1, # 't' + 14: 1, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 3, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 0, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 37: { # 'B' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 2, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 2, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 1, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 1, # 'P' + 44: 0, # 'R' + 35: 1, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 1, # 'Y' + 56: 0, # 'Z' + 1: 2, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 0, # 'k' + 5: 0, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 15: 0, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 2, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 1, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 1, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 0, # 'ı' + 40: 1, # 'Ş' + 19: 1, # 'ş' + }, + 47: { # 'C' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 1, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 1, # 'L' + 20: 0, # 'M' + 46: 1, # 'N' + 42: 0, # 'O' + 48: 1, # 'P' + 44: 1, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 1, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 2, # 'j' + 10: 1, # 'k' + 5: 2, # 'l' + 13: 2, # 'm' + 4: 2, # 'n' + 15: 1, # 'o' + 26: 0, # 'p' + 7: 2, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 1, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 1, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 39: { # 'D' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 1, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 1, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 1, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 2, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 2, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 0, # 'k' + 5: 1, # 'l' + 13: 3, # 'm' + 4: 0, # 'n' + 15: 1, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 1, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 1, # 'z' + 63: 0, # '·' + 54: 1, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 1, # 'ğ' + 41: 0, # 'İ' + 6: 1, # 'ı' + 40: 1, # 'Ş' + 19: 0, # 'ş' + }, + 29: { # 'E' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 1, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 1, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 0, # 'c' + 12: 2, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 1, # 'g' + 25: 0, # 'h' + 3: 1, # 'i' + 24: 1, # 'j' + 10: 0, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 1, # 's' + 9: 1, # 't' + 14: 1, # 'u' + 32: 1, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 2, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 52: { # 'F' + 23: 0, # 'A' + 37: 1, # 'B' + 47: 1, # 'C' + 39: 1, # 'D' + 29: 1, # 'E' + 52: 2, # 'F' + 36: 0, # 'G' + 45: 2, # 'H' + 53: 1, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 1, # 'M' + 46: 1, # 'N' + 42: 1, # 'O' + 48: 2, # 'P' + 44: 1, # 'R' + 35: 1, # 'S' + 31: 1, # 'T' + 51: 1, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 2, # 'Y' + 56: 0, # 'Z' + 1: 0, # 'a' + 21: 1, # 'b' + 28: 1, # 'c' + 12: 1, # 'd' + 2: 0, # 'e' + 18: 1, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 2, # 'i' + 24: 1, # 'j' + 10: 0, # 'k' + 5: 0, # 'l' + 13: 1, # 'm' + 4: 2, # 'n' + 15: 1, # 'o' + 26: 0, # 'p' + 7: 2, # 'r' + 8: 1, # 's' + 9: 1, # 't' + 14: 1, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 1, # 'y' + 22: 1, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 1, # 'Ö' + 55: 2, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 2, # 'ö' + 17: 0, # 'ü' + 30: 1, # 'ğ' + 41: 1, # 'İ' + 6: 2, # 'ı' + 40: 0, # 'Ş' + 19: 2, # 'ş' + }, + 36: { # 'G' + 23: 1, # 'A' + 37: 0, # 'B' + 47: 1, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 1, # 'F' + 36: 2, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 2, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 2, # 'N' + 42: 1, # 'O' + 48: 1, # 'P' + 44: 1, # 'R' + 35: 1, # 'S' + 31: 0, # 'T' + 51: 1, # 'U' + 38: 2, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 1, # 'c' + 12: 0, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 1, # 'j' + 10: 1, # 'k' + 5: 0, # 'l' + 13: 3, # 'm' + 4: 2, # 'n' + 15: 0, # 'o' + 26: 1, # 'p' + 7: 0, # 'r' + 8: 1, # 's' + 9: 1, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 1, # 'x' + 11: 0, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 1, # 'Ç' + 50: 2, # 'Ö' + 55: 0, # 'Ü' + 59: 1, # 'â' + 33: 2, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 1, # 'ğ' + 41: 1, # 'İ' + 6: 2, # 'ı' + 40: 2, # 'Ş' + 19: 1, # 'ş' + }, + 45: { # 'H' + 23: 0, # 'A' + 37: 1, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 2, # 'F' + 36: 2, # 'G' + 45: 1, # 'H' + 53: 1, # 'I' + 60: 0, # 'J' + 16: 2, # 'K' + 49: 1, # 'L' + 20: 0, # 'M' + 46: 1, # 'N' + 42: 1, # 'O' + 48: 1, # 'P' + 44: 0, # 'R' + 35: 2, # 'S' + 31: 0, # 'T' + 51: 1, # 'U' + 38: 2, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 2, # 'i' + 24: 0, # 'j' + 10: 1, # 'k' + 5: 0, # 'l' + 13: 2, # 'm' + 4: 0, # 'n' + 15: 1, # 'o' + 26: 1, # 'p' + 7: 1, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 1, # 'Ç' + 50: 1, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 0, # 'ü' + 30: 2, # 'ğ' + 41: 1, # 'İ' + 6: 0, # 'ı' + 40: 2, # 'Ş' + 19: 1, # 'ş' + }, + 53: { # 'I' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 1, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 2, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 1, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 2, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 2, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 0, # 'k' + 5: 2, # 'l' + 13: 2, # 'm' + 4: 0, # 'n' + 15: 0, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 2, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 1, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 2, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 0, # 'ı' + 40: 1, # 'Ş' + 19: 1, # 'ş' + }, + 60: { # 'J' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 1, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 0, # 'a' + 21: 1, # 'b' + 28: 0, # 'c' + 12: 1, # 'd' + 2: 0, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 1, # 'i' + 24: 0, # 'j' + 10: 0, # 'k' + 5: 0, # 'l' + 13: 0, # 'm' + 4: 1, # 'n' + 15: 0, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 1, # 's' + 9: 0, # 't' + 14: 0, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 0, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 16: { # 'K' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 3, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 2, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 2, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 2, # 'a' + 21: 3, # 'b' + 28: 0, # 'c' + 12: 3, # 'd' + 2: 1, # 'e' + 18: 3, # 'f' + 27: 3, # 'g' + 25: 3, # 'h' + 3: 3, # 'i' + 24: 2, # 'j' + 10: 3, # 'k' + 5: 0, # 'l' + 13: 0, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 1, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 0, # 'u' + 32: 3, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 2, # 'y' + 22: 1, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 2, # 'ü' + 30: 0, # 'ğ' + 41: 1, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 49: { # 'L' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 2, # 'E' + 52: 0, # 'F' + 36: 1, # 'G' + 45: 1, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 1, # 'M' + 46: 0, # 'N' + 42: 2, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 1, # 'Y' + 56: 0, # 'Z' + 1: 0, # 'a' + 21: 3, # 'b' + 28: 0, # 'c' + 12: 2, # 'd' + 2: 0, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 2, # 'i' + 24: 0, # 'j' + 10: 1, # 'k' + 5: 0, # 'l' + 13: 0, # 'm' + 4: 2, # 'n' + 15: 1, # 'o' + 26: 1, # 'p' + 7: 1, # 'r' + 8: 1, # 's' + 9: 1, # 't' + 14: 0, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 2, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 2, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 1, # 'ü' + 30: 1, # 'ğ' + 41: 0, # 'İ' + 6: 2, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 20: { # 'M' + 23: 1, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 1, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 2, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 1, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 2, # 'b' + 28: 0, # 'c' + 12: 3, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 1, # 'g' + 25: 1, # 'h' + 3: 2, # 'i' + 24: 2, # 'j' + 10: 2, # 'k' + 5: 2, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 1, # 'p' + 7: 3, # 'r' + 8: 0, # 's' + 9: 2, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 2, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 3, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 46: { # 'N' + 23: 0, # 'A' + 37: 1, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 1, # 'F' + 36: 1, # 'G' + 45: 1, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 2, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 1, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 1, # 'R' + 35: 1, # 'S' + 31: 0, # 'T' + 51: 1, # 'U' + 38: 2, # 'V' + 62: 0, # 'W' + 43: 1, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 1, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 2, # 'j' + 10: 1, # 'k' + 5: 1, # 'l' + 13: 3, # 'm' + 4: 2, # 'n' + 15: 1, # 'o' + 26: 1, # 'p' + 7: 1, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 1, # 'x' + 11: 1, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 1, # 'Ç' + 50: 1, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 1, # 'İ' + 6: 2, # 'ı' + 40: 1, # 'Ş' + 19: 1, # 'ş' + }, + 42: { # 'O' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 1, # 'F' + 36: 0, # 'G' + 45: 1, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 2, # 'K' + 49: 1, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 2, # 'P' + 44: 1, # 'R' + 35: 1, # 'S' + 31: 0, # 'T' + 51: 1, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 2, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 0, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 0, # 'n' + 15: 1, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 2, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 2, # 'Ç' + 50: 1, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 2, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 0, # 'ü' + 30: 1, # 'ğ' + 41: 2, # 'İ' + 6: 1, # 'ı' + 40: 1, # 'Ş' + 19: 1, # 'ş' + }, + 48: { # 'P' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 2, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 2, # 'F' + 36: 1, # 'G' + 45: 1, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 2, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 1, # 'N' + 42: 1, # 'O' + 48: 1, # 'P' + 44: 0, # 'R' + 35: 1, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 2, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 1, # 'k' + 5: 0, # 'l' + 13: 2, # 'm' + 4: 0, # 'n' + 15: 2, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 2, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 2, # 'x' + 11: 0, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 1, # 'Ç' + 50: 2, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 2, # 'ö' + 17: 0, # 'ü' + 30: 1, # 'ğ' + 41: 1, # 'İ' + 6: 0, # 'ı' + 40: 2, # 'Ş' + 19: 1, # 'ş' + }, + 44: { # 'R' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 1, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 1, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 1, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 1, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 1, # 'b' + 28: 1, # 'c' + 12: 0, # 'd' + 2: 2, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 1, # 'k' + 5: 2, # 'l' + 13: 2, # 'm' + 4: 0, # 'n' + 15: 1, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 2, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 1, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 1, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 1, # 'ü' + 30: 1, # 'ğ' + 41: 0, # 'İ' + 6: 2, # 'ı' + 40: 1, # 'Ş' + 19: 1, # 'ş' + }, + 35: { # 'S' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 1, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 1, # 'F' + 36: 1, # 'G' + 45: 1, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 3, # 'K' + 49: 1, # 'L' + 20: 1, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 1, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 1, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 1, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 1, # 'k' + 5: 1, # 'l' + 13: 2, # 'm' + 4: 1, # 'n' + 15: 0, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 1, # 't' + 14: 2, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 1, # 'z' + 63: 0, # '·' + 54: 2, # 'Ç' + 50: 2, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 3, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 2, # 'Ş' + 19: 1, # 'ş' + }, + 31: { # 'T' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 1, # 'J' + 16: 2, # 'K' + 49: 0, # 'L' + 20: 1, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 2, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 2, # 'b' + 28: 0, # 'c' + 12: 1, # 'd' + 2: 3, # 'e' + 18: 2, # 'f' + 27: 2, # 'g' + 25: 0, # 'h' + 3: 1, # 'i' + 24: 1, # 'j' + 10: 2, # 'k' + 5: 2, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 2, # 'p' + 7: 2, # 'r' + 8: 0, # 's' + 9: 2, # 't' + 14: 2, # 'u' + 32: 1, # 'v' + 57: 1, # 'w' + 58: 1, # 'x' + 11: 2, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 1, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 51: { # 'U' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 1, # 'F' + 36: 1, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 1, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 1, # 'N' + 42: 0, # 'O' + 48: 1, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 1, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 1, # 'c' + 12: 0, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 2, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 1, # 'k' + 5: 1, # 'l' + 13: 3, # 'm' + 4: 2, # 'n' + 15: 0, # 'o' + 26: 1, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 2, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 1, # 'Ç' + 50: 1, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 1, # 'ğ' + 41: 1, # 'İ' + 6: 2, # 'ı' + 40: 0, # 'Ş' + 19: 1, # 'ş' + }, + 38: { # 'V' + 23: 1, # 'A' + 37: 1, # 'B' + 47: 1, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 2, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 3, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 1, # 'P' + 44: 1, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 1, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 0, # 'k' + 5: 2, # 'l' + 13: 2, # 'm' + 4: 0, # 'n' + 15: 2, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 1, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 1, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 1, # 'Ç' + 50: 1, # 'Ö' + 55: 0, # 'Ü' + 59: 1, # 'â' + 33: 2, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 0, # 'ü' + 30: 1, # 'ğ' + 41: 1, # 'İ' + 6: 3, # 'ı' + 40: 2, # 'Ş' + 19: 1, # 'ş' + }, + 62: { # 'W' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 0, # 'a' + 21: 0, # 'b' + 28: 0, # 'c' + 12: 0, # 'd' + 2: 0, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 0, # 'k' + 5: 0, # 'l' + 13: 0, # 'm' + 4: 0, # 'n' + 15: 0, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 0, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 0, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 43: { # 'Y' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 1, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 2, # 'F' + 36: 0, # 'G' + 45: 1, # 'H' + 53: 1, # 'I' + 60: 0, # 'J' + 16: 2, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 2, # 'N' + 42: 0, # 'O' + 48: 2, # 'P' + 44: 1, # 'R' + 35: 1, # 'S' + 31: 0, # 'T' + 51: 1, # 'U' + 38: 2, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 2, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 1, # 'j' + 10: 1, # 'k' + 5: 1, # 'l' + 13: 3, # 'm' + 4: 0, # 'n' + 15: 2, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 1, # 'x' + 11: 0, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 1, # 'Ç' + 50: 2, # 'Ö' + 55: 1, # 'Ü' + 59: 1, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 0, # 'ü' + 30: 1, # 'ğ' + 41: 1, # 'İ' + 6: 0, # 'ı' + 40: 2, # 'Ş' + 19: 1, # 'ş' + }, + 56: { # 'Z' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 2, # 'Z' + 1: 2, # 'a' + 21: 1, # 'b' + 28: 0, # 'c' + 12: 0, # 'd' + 2: 2, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 2, # 'i' + 24: 1, # 'j' + 10: 0, # 'k' + 5: 0, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 15: 0, # 'o' + 26: 0, # 'p' + 7: 1, # 'r' + 8: 1, # 's' + 9: 0, # 't' + 14: 2, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 1, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 1, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 1: { # 'a' + 23: 3, # 'A' + 37: 0, # 'B' + 47: 1, # 'C' + 39: 0, # 'D' + 29: 3, # 'E' + 52: 0, # 'F' + 36: 1, # 'G' + 45: 1, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 3, # 'M' + 46: 1, # 'N' + 42: 0, # 'O' + 48: 1, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 3, # 'T' + 51: 0, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 2, # 'Z' + 1: 2, # 'a' + 21: 3, # 'b' + 28: 0, # 'c' + 12: 3, # 'd' + 2: 2, # 'e' + 18: 3, # 'f' + 27: 3, # 'g' + 25: 3, # 'h' + 3: 3, # 'i' + 24: 3, # 'j' + 10: 3, # 'k' + 5: 0, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 15: 1, # 'o' + 26: 3, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 3, # 'u' + 32: 3, # 'v' + 57: 2, # 'w' + 58: 0, # 'x' + 11: 3, # 'y' + 22: 0, # 'z' + 63: 1, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 1, # 'î' + 34: 1, # 'ö' + 17: 3, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 1, # 'ş' + }, + 21: { # 'b' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 1, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 1, # 'J' + 16: 2, # 'K' + 49: 0, # 'L' + 20: 2, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 1, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 1, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 2, # 'b' + 28: 0, # 'c' + 12: 3, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 3, # 'g' + 25: 1, # 'h' + 3: 3, # 'i' + 24: 2, # 'j' + 10: 3, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 3, # 'p' + 7: 1, # 'r' + 8: 2, # 's' + 9: 2, # 't' + 14: 2, # 'u' + 32: 1, # 'v' + 57: 0, # 'w' + 58: 1, # 'x' + 11: 3, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 1, # 'ğ' + 41: 0, # 'İ' + 6: 2, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 28: { # 'c' + 23: 0, # 'A' + 37: 1, # 'B' + 47: 1, # 'C' + 39: 1, # 'D' + 29: 2, # 'E' + 52: 0, # 'F' + 36: 2, # 'G' + 45: 2, # 'H' + 53: 1, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 2, # 'M' + 46: 1, # 'N' + 42: 1, # 'O' + 48: 2, # 'P' + 44: 1, # 'R' + 35: 1, # 'S' + 31: 2, # 'T' + 51: 2, # 'U' + 38: 2, # 'V' + 62: 0, # 'W' + 43: 3, # 'Y' + 56: 0, # 'Z' + 1: 1, # 'a' + 21: 1, # 'b' + 28: 2, # 'c' + 12: 2, # 'd' + 2: 1, # 'e' + 18: 1, # 'f' + 27: 2, # 'g' + 25: 2, # 'h' + 3: 3, # 'i' + 24: 1, # 'j' + 10: 3, # 'k' + 5: 0, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 15: 2, # 'o' + 26: 2, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 1, # 'u' + 32: 0, # 'v' + 57: 1, # 'w' + 58: 0, # 'x' + 11: 2, # 'y' + 22: 1, # 'z' + 63: 1, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 1, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 1, # 'î' + 34: 2, # 'ö' + 17: 2, # 'ü' + 30: 2, # 'ğ' + 41: 1, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 2, # 'ş' + }, + 12: { # 'd' + 23: 1, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 2, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 3, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 1, # 'S' + 31: 1, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 2, # 'b' + 28: 1, # 'c' + 12: 3, # 'd' + 2: 3, # 'e' + 18: 1, # 'f' + 27: 3, # 'g' + 25: 3, # 'h' + 3: 2, # 'i' + 24: 3, # 'j' + 10: 2, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 1, # 'o' + 26: 2, # 'p' + 7: 3, # 'r' + 8: 2, # 's' + 9: 2, # 't' + 14: 3, # 'u' + 32: 1, # 'v' + 57: 0, # 'w' + 58: 1, # 'x' + 11: 3, # 'y' + 22: 1, # 'z' + 63: 1, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 1, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 2, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 2: { # 'e' + 23: 2, # 'A' + 37: 0, # 'B' + 47: 2, # 'C' + 39: 0, # 'D' + 29: 3, # 'E' + 52: 1, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 1, # 'K' + 49: 0, # 'L' + 20: 3, # 'M' + 46: 1, # 'N' + 42: 0, # 'O' + 48: 1, # 'P' + 44: 1, # 'R' + 35: 0, # 'S' + 31: 3, # 'T' + 51: 0, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 1, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 3, # 'b' + 28: 0, # 'c' + 12: 3, # 'd' + 2: 2, # 'e' + 18: 3, # 'f' + 27: 3, # 'g' + 25: 3, # 'h' + 3: 3, # 'i' + 24: 3, # 'j' + 10: 3, # 'k' + 5: 0, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 15: 1, # 'o' + 26: 3, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 3, # 'u' + 32: 3, # 'v' + 57: 2, # 'w' + 58: 0, # 'x' + 11: 3, # 'y' + 22: 1, # 'z' + 63: 1, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 3, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 18: { # 'f' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 2, # 'K' + 49: 0, # 'L' + 20: 2, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 2, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 1, # 'b' + 28: 0, # 'c' + 12: 3, # 'd' + 2: 3, # 'e' + 18: 2, # 'f' + 27: 1, # 'g' + 25: 1, # 'h' + 3: 1, # 'i' + 24: 1, # 'j' + 10: 1, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 2, # 'p' + 7: 1, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 1, # 'u' + 32: 2, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 1, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 1, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 1, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 27: { # 'g' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 1, # 'S' + 31: 1, # 'T' + 51: 0, # 'U' + 38: 2, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 1, # 'b' + 28: 0, # 'c' + 12: 1, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 2, # 'g' + 25: 1, # 'h' + 3: 2, # 'i' + 24: 3, # 'j' + 10: 2, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 2, # 'n' + 15: 0, # 'o' + 26: 1, # 'p' + 7: 2, # 'r' + 8: 2, # 's' + 9: 3, # 't' + 14: 3, # 'u' + 32: 1, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 1, # 'y' + 22: 0, # 'z' + 63: 1, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 2, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 25: { # 'h' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 2, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 0, # 'c' + 12: 2, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 1, # 'g' + 25: 2, # 'h' + 3: 2, # 'i' + 24: 3, # 'j' + 10: 3, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 1, # 'o' + 26: 1, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 2, # 't' + 14: 3, # 'u' + 32: 2, # 'v' + 57: 1, # 'w' + 58: 0, # 'x' + 11: 1, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 3: { # 'i' + 23: 2, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 1, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 3, # 'M' + 46: 0, # 'N' + 42: 1, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 1, # 'S' + 31: 2, # 'T' + 51: 0, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 2, # 'b' + 28: 0, # 'c' + 12: 3, # 'd' + 2: 3, # 'e' + 18: 2, # 'f' + 27: 3, # 'g' + 25: 1, # 'h' + 3: 3, # 'i' + 24: 2, # 'j' + 10: 3, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 1, # 'o' + 26: 3, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 3, # 'u' + 32: 2, # 'v' + 57: 1, # 'w' + 58: 1, # 'x' + 11: 3, # 'y' + 22: 1, # 'z' + 63: 1, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 1, # 'Ü' + 59: 0, # 'â' + 33: 2, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 3, # 'ü' + 30: 0, # 'ğ' + 41: 1, # 'İ' + 6: 2, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 24: { # 'j' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 1, # 'J' + 16: 2, # 'K' + 49: 0, # 'L' + 20: 2, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 1, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 1, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 1, # 'Z' + 1: 3, # 'a' + 21: 1, # 'b' + 28: 1, # 'c' + 12: 3, # 'd' + 2: 3, # 'e' + 18: 2, # 'f' + 27: 1, # 'g' + 25: 1, # 'h' + 3: 2, # 'i' + 24: 1, # 'j' + 10: 2, # 'k' + 5: 2, # 'l' + 13: 3, # 'm' + 4: 2, # 'n' + 15: 0, # 'o' + 26: 1, # 'p' + 7: 2, # 'r' + 8: 3, # 's' + 9: 2, # 't' + 14: 3, # 'u' + 32: 2, # 'v' + 57: 0, # 'w' + 58: 2, # 'x' + 11: 1, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 1, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 10: { # 'k' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 2, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 3, # 'T' + 51: 0, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 1, # 'Z' + 1: 3, # 'a' + 21: 2, # 'b' + 28: 0, # 'c' + 12: 2, # 'd' + 2: 3, # 'e' + 18: 1, # 'f' + 27: 2, # 'g' + 25: 2, # 'h' + 3: 3, # 'i' + 24: 2, # 'j' + 10: 2, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 3, # 'p' + 7: 2, # 'r' + 8: 2, # 's' + 9: 2, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 1, # 'x' + 11: 3, # 'y' + 22: 0, # 'z' + 63: 1, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 3, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 3, # 'ü' + 30: 1, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 1, # 'ş' + }, + 5: { # 'l' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 3, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 2, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 1, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 0, # 'a' + 21: 3, # 'b' + 28: 0, # 'c' + 12: 3, # 'd' + 2: 1, # 'e' + 18: 3, # 'f' + 27: 3, # 'g' + 25: 2, # 'h' + 3: 3, # 'i' + 24: 2, # 'j' + 10: 3, # 'k' + 5: 1, # 'l' + 13: 1, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 2, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 2, # 'u' + 32: 2, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 3, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 2, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 13: { # 'm' + 23: 1, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 3, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 3, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 3, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 1, # 'Y' + 56: 0, # 'Z' + 1: 2, # 'a' + 21: 3, # 'b' + 28: 0, # 'c' + 12: 3, # 'd' + 2: 2, # 'e' + 18: 3, # 'f' + 27: 3, # 'g' + 25: 3, # 'h' + 3: 3, # 'i' + 24: 3, # 'j' + 10: 3, # 'k' + 5: 0, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 15: 1, # 'o' + 26: 2, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 2, # 'u' + 32: 2, # 'v' + 57: 1, # 'w' + 58: 0, # 'x' + 11: 3, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 3, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 1, # 'ş' + }, + 4: { # 'n' + 23: 1, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 1, # 'H' + 53: 0, # 'I' + 60: 2, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 3, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 2, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 2, # 'b' + 28: 1, # 'c' + 12: 3, # 'd' + 2: 3, # 'e' + 18: 1, # 'f' + 27: 2, # 'g' + 25: 3, # 'h' + 3: 2, # 'i' + 24: 2, # 'j' + 10: 3, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 1, # 'o' + 26: 3, # 'p' + 7: 2, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 3, # 'u' + 32: 2, # 'v' + 57: 0, # 'w' + 58: 2, # 'x' + 11: 3, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 2, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 1, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 15: { # 'o' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 1, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 2, # 'F' + 36: 1, # 'G' + 45: 1, # 'H' + 53: 1, # 'I' + 60: 0, # 'J' + 16: 3, # 'K' + 49: 2, # 'L' + 20: 0, # 'M' + 46: 2, # 'N' + 42: 1, # 'O' + 48: 2, # 'P' + 44: 1, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 1, # 'i' + 24: 2, # 'j' + 10: 1, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 2, # 'n' + 15: 2, # 'o' + 26: 0, # 'p' + 7: 1, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 2, # 'x' + 11: 0, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 1, # 'Ç' + 50: 2, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 3, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 0, # 'ü' + 30: 2, # 'ğ' + 41: 2, # 'İ' + 6: 3, # 'ı' + 40: 2, # 'Ş' + 19: 2, # 'ş' + }, + 26: { # 'p' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 1, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 1, # 'b' + 28: 0, # 'c' + 12: 1, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 1, # 'g' + 25: 1, # 'h' + 3: 2, # 'i' + 24: 3, # 'j' + 10: 1, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 2, # 'n' + 15: 0, # 'o' + 26: 2, # 'p' + 7: 2, # 'r' + 8: 1, # 's' + 9: 1, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 1, # 'x' + 11: 1, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 3, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 1, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 7: { # 'r' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 1, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 2, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 2, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 2, # 'T' + 51: 1, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 1, # 'Z' + 1: 3, # 'a' + 21: 1, # 'b' + 28: 0, # 'c' + 12: 3, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 2, # 'g' + 25: 3, # 'h' + 3: 2, # 'i' + 24: 2, # 'j' + 10: 3, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 2, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 3, # 'u' + 32: 2, # 'v' + 57: 0, # 'w' + 58: 1, # 'x' + 11: 2, # 'y' + 22: 0, # 'z' + 63: 1, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 2, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 3, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 2, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 8: { # 's' + 23: 1, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 1, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 3, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 2, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 1, # 'Z' + 1: 3, # 'a' + 21: 2, # 'b' + 28: 1, # 'c' + 12: 3, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 2, # 'g' + 25: 2, # 'h' + 3: 2, # 'i' + 24: 3, # 'j' + 10: 3, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 3, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 3, # 'u' + 32: 2, # 'v' + 57: 0, # 'w' + 58: 1, # 'x' + 11: 2, # 'y' + 22: 1, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 2, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 2, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 1, # 'ş' + }, + 9: { # 't' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 1, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 2, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 2, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 1, # 'Z' + 1: 3, # 'a' + 21: 3, # 'b' + 28: 0, # 'c' + 12: 3, # 'd' + 2: 3, # 'e' + 18: 2, # 'f' + 27: 2, # 'g' + 25: 2, # 'h' + 3: 2, # 'i' + 24: 2, # 'j' + 10: 3, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 2, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 3, # 'u' + 32: 3, # 'v' + 57: 0, # 'w' + 58: 2, # 'x' + 11: 2, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 3, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 2, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 14: { # 'u' + 23: 3, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 3, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 1, # 'H' + 53: 0, # 'I' + 60: 1, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 3, # 'M' + 46: 2, # 'N' + 42: 0, # 'O' + 48: 1, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 3, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 1, # 'Y' + 56: 2, # 'Z' + 1: 2, # 'a' + 21: 3, # 'b' + 28: 0, # 'c' + 12: 3, # 'd' + 2: 2, # 'e' + 18: 2, # 'f' + 27: 3, # 'g' + 25: 3, # 'h' + 3: 3, # 'i' + 24: 2, # 'j' + 10: 3, # 'k' + 5: 0, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 3, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 3, # 'u' + 32: 2, # 'v' + 57: 2, # 'w' + 58: 0, # 'x' + 11: 3, # 'y' + 22: 0, # 'z' + 63: 1, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 3, # 'ü' + 30: 1, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 32: { # 'v' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 1, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 0, # 'c' + 12: 3, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 1, # 'j' + 10: 1, # 'k' + 5: 3, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 1, # 'p' + 7: 1, # 'r' + 8: 2, # 's' + 9: 3, # 't' + 14: 3, # 'u' + 32: 1, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 2, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 1, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 57: { # 'w' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 1, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 1, # 'a' + 21: 0, # 'b' + 28: 0, # 'c' + 12: 0, # 'd' + 2: 2, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 1, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 1, # 'k' + 5: 0, # 'l' + 13: 0, # 'm' + 4: 1, # 'n' + 15: 0, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 1, # 's' + 9: 0, # 't' + 14: 1, # 'u' + 32: 0, # 'v' + 57: 2, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 0, # 'z' + 63: 1, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 1, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 0, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 58: { # 'x' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 1, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 1, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 1, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 0, # 'a' + 21: 1, # 'b' + 28: 0, # 'c' + 12: 2, # 'd' + 2: 1, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 2, # 'i' + 24: 2, # 'j' + 10: 1, # 'k' + 5: 0, # 'l' + 13: 0, # 'm' + 4: 2, # 'n' + 15: 0, # 'o' + 26: 0, # 'p' + 7: 1, # 'r' + 8: 2, # 's' + 9: 1, # 't' + 14: 0, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 2, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 1, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 2, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 11: { # 'y' + 23: 1, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 1, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 1, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 1, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 1, # 'Y' + 56: 1, # 'Z' + 1: 3, # 'a' + 21: 1, # 'b' + 28: 0, # 'c' + 12: 2, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 2, # 'g' + 25: 2, # 'h' + 3: 2, # 'i' + 24: 1, # 'j' + 10: 2, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 1, # 'p' + 7: 2, # 'r' + 8: 1, # 's' + 9: 2, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 1, # 'x' + 11: 3, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 3, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 2, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 22: { # 'z' + 23: 2, # 'A' + 37: 2, # 'B' + 47: 1, # 'C' + 39: 2, # 'D' + 29: 3, # 'E' + 52: 1, # 'F' + 36: 2, # 'G' + 45: 2, # 'H' + 53: 1, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 3, # 'M' + 46: 2, # 'N' + 42: 2, # 'O' + 48: 2, # 'P' + 44: 1, # 'R' + 35: 1, # 'S' + 31: 3, # 'T' + 51: 2, # 'U' + 38: 2, # 'V' + 62: 0, # 'W' + 43: 2, # 'Y' + 56: 1, # 'Z' + 1: 1, # 'a' + 21: 2, # 'b' + 28: 1, # 'c' + 12: 2, # 'd' + 2: 2, # 'e' + 18: 3, # 'f' + 27: 2, # 'g' + 25: 2, # 'h' + 3: 3, # 'i' + 24: 2, # 'j' + 10: 3, # 'k' + 5: 0, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 15: 2, # 'o' + 26: 2, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 0, # 'u' + 32: 2, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 3, # 'y' + 22: 2, # 'z' + 63: 1, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 2, # 'Ü' + 59: 1, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 2, # 'ö' + 17: 2, # 'ü' + 30: 2, # 'ğ' + 41: 1, # 'İ' + 6: 3, # 'ı' + 40: 1, # 'Ş' + 19: 2, # 'ş' + }, + 63: { # '·' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 0, # 'a' + 21: 0, # 'b' + 28: 0, # 'c' + 12: 0, # 'd' + 2: 1, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 0, # 'k' + 5: 0, # 'l' + 13: 2, # 'm' + 4: 0, # 'n' + 15: 0, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 2, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 0, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 54: { # 'Ç' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 1, # 'C' + 39: 1, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 1, # 'G' + 45: 1, # 'H' + 53: 1, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 1, # 'O' + 48: 1, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 1, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 2, # 'Y' + 56: 0, # 'Z' + 1: 0, # 'a' + 21: 1, # 'b' + 28: 0, # 'c' + 12: 1, # 'd' + 2: 0, # 'e' + 18: 0, # 'f' + 27: 1, # 'g' + 25: 0, # 'h' + 3: 3, # 'i' + 24: 0, # 'j' + 10: 1, # 'k' + 5: 0, # 'l' + 13: 0, # 'm' + 4: 2, # 'n' + 15: 1, # 'o' + 26: 0, # 'p' + 7: 2, # 'r' + 8: 0, # 's' + 9: 1, # 't' + 14: 0, # 'u' + 32: 2, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 2, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 2, # 'ı' + 40: 0, # 'Ş' + 19: 1, # 'ş' + }, + 50: { # 'Ö' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 1, # 'C' + 39: 1, # 'D' + 29: 2, # 'E' + 52: 0, # 'F' + 36: 1, # 'G' + 45: 2, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 1, # 'M' + 46: 1, # 'N' + 42: 2, # 'O' + 48: 2, # 'P' + 44: 1, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 1, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 2, # 'Y' + 56: 0, # 'Z' + 1: 0, # 'a' + 21: 2, # 'b' + 28: 1, # 'c' + 12: 2, # 'd' + 2: 0, # 'e' + 18: 1, # 'f' + 27: 1, # 'g' + 25: 1, # 'h' + 3: 2, # 'i' + 24: 0, # 'j' + 10: 2, # 'k' + 5: 0, # 'l' + 13: 0, # 'm' + 4: 3, # 'n' + 15: 2, # 'o' + 26: 2, # 'p' + 7: 3, # 'r' + 8: 1, # 's' + 9: 2, # 't' + 14: 0, # 'u' + 32: 1, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 1, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 2, # 'ö' + 17: 2, # 'ü' + 30: 1, # 'ğ' + 41: 0, # 'İ' + 6: 2, # 'ı' + 40: 0, # 'Ş' + 19: 1, # 'ş' + }, + 55: { # 'Ü' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 2, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 1, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 1, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 2, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 2, # 'e' + 18: 0, # 'f' + 27: 1, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 0, # 'k' + 5: 1, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 15: 0, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 1, # 't' + 14: 2, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 1, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 1, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 0, # 'ü' + 30: 1, # 'ğ' + 41: 1, # 'İ' + 6: 0, # 'ı' + 40: 0, # 'Ş' + 19: 1, # 'ş' + }, + 59: { # 'â' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 1, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 1, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 2, # 'a' + 21: 0, # 'b' + 28: 0, # 'c' + 12: 0, # 'd' + 2: 2, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 0, # 'j' + 10: 0, # 'k' + 5: 0, # 'l' + 13: 2, # 'm' + 4: 0, # 'n' + 15: 1, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 2, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 1, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 1, # 'ı' + 40: 1, # 'Ş' + 19: 0, # 'ş' + }, + 33: { # 'ç' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 3, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 1, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 2, # 'T' + 51: 0, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 0, # 'Z' + 1: 0, # 'a' + 21: 3, # 'b' + 28: 0, # 'c' + 12: 2, # 'd' + 2: 0, # 'e' + 18: 2, # 'f' + 27: 1, # 'g' + 25: 3, # 'h' + 3: 3, # 'i' + 24: 0, # 'j' + 10: 3, # 'k' + 5: 0, # 'l' + 13: 0, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 1, # 'p' + 7: 3, # 'r' + 8: 2, # 's' + 9: 3, # 't' + 14: 0, # 'u' + 32: 2, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 2, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 1, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 61: { # 'î' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 0, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 0, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 1, # 'Z' + 1: 2, # 'a' + 21: 0, # 'b' + 28: 0, # 'c' + 12: 0, # 'd' + 2: 2, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 1, # 'j' + 10: 0, # 'k' + 5: 0, # 'l' + 13: 1, # 'm' + 4: 1, # 'n' + 15: 0, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 1, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 1, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 1, # 'î' + 34: 0, # 'ö' + 17: 0, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 1, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 34: { # 'ö' + 23: 0, # 'A' + 37: 1, # 'B' + 47: 1, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 2, # 'F' + 36: 1, # 'G' + 45: 1, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 3, # 'K' + 49: 1, # 'L' + 20: 0, # 'M' + 46: 1, # 'N' + 42: 1, # 'O' + 48: 2, # 'P' + 44: 1, # 'R' + 35: 1, # 'S' + 31: 1, # 'T' + 51: 1, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 1, # 'Z' + 1: 3, # 'a' + 21: 1, # 'b' + 28: 2, # 'c' + 12: 1, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 2, # 'g' + 25: 2, # 'h' + 3: 1, # 'i' + 24: 2, # 'j' + 10: 1, # 'k' + 5: 2, # 'l' + 13: 3, # 'm' + 4: 2, # 'n' + 15: 2, # 'o' + 26: 0, # 'p' + 7: 0, # 'r' + 8: 3, # 's' + 9: 1, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 1, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 1, # 'Ç' + 50: 2, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 2, # 'ç' + 61: 0, # 'î' + 34: 2, # 'ö' + 17: 0, # 'ü' + 30: 2, # 'ğ' + 41: 1, # 'İ' + 6: 1, # 'ı' + 40: 2, # 'Ş' + 19: 1, # 'ş' + }, + 17: { # 'ü' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 1, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 0, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 1, # 'J' + 16: 1, # 'K' + 49: 0, # 'L' + 20: 1, # 'M' + 46: 0, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 1, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 0, # 'Y' + 56: 1, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 0, # 'c' + 12: 1, # 'd' + 2: 3, # 'e' + 18: 1, # 'f' + 27: 2, # 'g' + 25: 0, # 'h' + 3: 1, # 'i' + 24: 1, # 'j' + 10: 2, # 'k' + 5: 3, # 'l' + 13: 2, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 2, # 'p' + 7: 2, # 'r' + 8: 3, # 's' + 9: 2, # 't' + 14: 3, # 'u' + 32: 1, # 'v' + 57: 1, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 2, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 2, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 30: { # 'ğ' + 23: 0, # 'A' + 37: 2, # 'B' + 47: 1, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 2, # 'F' + 36: 1, # 'G' + 45: 0, # 'H' + 53: 1, # 'I' + 60: 0, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 1, # 'M' + 46: 2, # 'N' + 42: 2, # 'O' + 48: 1, # 'P' + 44: 1, # 'R' + 35: 0, # 'S' + 31: 1, # 'T' + 51: 0, # 'U' + 38: 2, # 'V' + 62: 0, # 'W' + 43: 2, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 0, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 2, # 'e' + 18: 0, # 'f' + 27: 0, # 'g' + 25: 0, # 'h' + 3: 0, # 'i' + 24: 3, # 'j' + 10: 1, # 'k' + 5: 2, # 'l' + 13: 3, # 'm' + 4: 0, # 'n' + 15: 1, # 'o' + 26: 0, # 'p' + 7: 1, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 2, # 'Ç' + 50: 2, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 0, # 'î' + 34: 2, # 'ö' + 17: 0, # 'ü' + 30: 1, # 'ğ' + 41: 2, # 'İ' + 6: 2, # 'ı' + 40: 2, # 'Ş' + 19: 1, # 'ş' + }, + 41: { # 'İ' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 1, # 'C' + 39: 1, # 'D' + 29: 1, # 'E' + 52: 0, # 'F' + 36: 2, # 'G' + 45: 2, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 2, # 'M' + 46: 1, # 'N' + 42: 1, # 'O' + 48: 2, # 'P' + 44: 0, # 'R' + 35: 1, # 'S' + 31: 1, # 'T' + 51: 1, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 2, # 'Y' + 56: 0, # 'Z' + 1: 1, # 'a' + 21: 2, # 'b' + 28: 1, # 'c' + 12: 2, # 'd' + 2: 1, # 'e' + 18: 0, # 'f' + 27: 3, # 'g' + 25: 2, # 'h' + 3: 2, # 'i' + 24: 2, # 'j' + 10: 2, # 'k' + 5: 0, # 'l' + 13: 1, # 'm' + 4: 3, # 'n' + 15: 1, # 'o' + 26: 1, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 2, # 't' + 14: 0, # 'u' + 32: 0, # 'v' + 57: 1, # 'w' + 58: 0, # 'x' + 11: 2, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 1, # 'Ü' + 59: 1, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 1, # 'ö' + 17: 1, # 'ü' + 30: 2, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 1, # 'ş' + }, + 6: { # 'ı' + 23: 2, # 'A' + 37: 0, # 'B' + 47: 0, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 0, # 'F' + 36: 1, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 2, # 'J' + 16: 3, # 'K' + 49: 0, # 'L' + 20: 3, # 'M' + 46: 1, # 'N' + 42: 0, # 'O' + 48: 0, # 'P' + 44: 0, # 'R' + 35: 0, # 'S' + 31: 2, # 'T' + 51: 0, # 'U' + 38: 0, # 'V' + 62: 0, # 'W' + 43: 2, # 'Y' + 56: 1, # 'Z' + 1: 3, # 'a' + 21: 2, # 'b' + 28: 1, # 'c' + 12: 3, # 'd' + 2: 3, # 'e' + 18: 3, # 'f' + 27: 3, # 'g' + 25: 2, # 'h' + 3: 3, # 'i' + 24: 3, # 'j' + 10: 3, # 'k' + 5: 3, # 'l' + 13: 3, # 'm' + 4: 3, # 'n' + 15: 0, # 'o' + 26: 3, # 'p' + 7: 3, # 'r' + 8: 3, # 's' + 9: 3, # 't' + 14: 3, # 'u' + 32: 3, # 'v' + 57: 1, # 'w' + 58: 1, # 'x' + 11: 3, # 'y' + 22: 0, # 'z' + 63: 1, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 2, # 'ç' + 61: 0, # 'î' + 34: 0, # 'ö' + 17: 3, # 'ü' + 30: 0, # 'ğ' + 41: 0, # 'İ' + 6: 3, # 'ı' + 40: 0, # 'Ş' + 19: 0, # 'ş' + }, + 40: { # 'Ş' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 1, # 'C' + 39: 1, # 'D' + 29: 1, # 'E' + 52: 0, # 'F' + 36: 1, # 'G' + 45: 2, # 'H' + 53: 1, # 'I' + 60: 0, # 'J' + 16: 0, # 'K' + 49: 0, # 'L' + 20: 2, # 'M' + 46: 1, # 'N' + 42: 1, # 'O' + 48: 2, # 'P' + 44: 2, # 'R' + 35: 1, # 'S' + 31: 1, # 'T' + 51: 0, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 2, # 'Y' + 56: 1, # 'Z' + 1: 0, # 'a' + 21: 2, # 'b' + 28: 0, # 'c' + 12: 2, # 'd' + 2: 0, # 'e' + 18: 3, # 'f' + 27: 0, # 'g' + 25: 2, # 'h' + 3: 3, # 'i' + 24: 2, # 'j' + 10: 1, # 'k' + 5: 0, # 'l' + 13: 1, # 'm' + 4: 3, # 'n' + 15: 2, # 'o' + 26: 0, # 'p' + 7: 3, # 'r' + 8: 2, # 's' + 9: 2, # 't' + 14: 1, # 'u' + 32: 3, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 2, # 'y' + 22: 0, # 'z' + 63: 0, # '·' + 54: 0, # 'Ç' + 50: 0, # 'Ö' + 55: 1, # 'Ü' + 59: 0, # 'â' + 33: 0, # 'ç' + 61: 0, # 'î' + 34: 2, # 'ö' + 17: 1, # 'ü' + 30: 2, # 'ğ' + 41: 0, # 'İ' + 6: 2, # 'ı' + 40: 1, # 'Ş' + 19: 2, # 'ş' + }, + 19: { # 'ş' + 23: 0, # 'A' + 37: 0, # 'B' + 47: 1, # 'C' + 39: 0, # 'D' + 29: 0, # 'E' + 52: 2, # 'F' + 36: 1, # 'G' + 45: 0, # 'H' + 53: 0, # 'I' + 60: 0, # 'J' + 16: 3, # 'K' + 49: 2, # 'L' + 20: 0, # 'M' + 46: 1, # 'N' + 42: 1, # 'O' + 48: 1, # 'P' + 44: 1, # 'R' + 35: 1, # 'S' + 31: 0, # 'T' + 51: 1, # 'U' + 38: 1, # 'V' + 62: 0, # 'W' + 43: 1, # 'Y' + 56: 0, # 'Z' + 1: 3, # 'a' + 21: 1, # 'b' + 28: 2, # 'c' + 12: 0, # 'd' + 2: 3, # 'e' + 18: 0, # 'f' + 27: 2, # 'g' + 25: 1, # 'h' + 3: 1, # 'i' + 24: 0, # 'j' + 10: 2, # 'k' + 5: 2, # 'l' + 13: 3, # 'm' + 4: 0, # 'n' + 15: 0, # 'o' + 26: 1, # 'p' + 7: 3, # 'r' + 8: 0, # 's' + 9: 0, # 't' + 14: 3, # 'u' + 32: 0, # 'v' + 57: 0, # 'w' + 58: 0, # 'x' + 11: 0, # 'y' + 22: 2, # 'z' + 63: 0, # '·' + 54: 1, # 'Ç' + 50: 2, # 'Ö' + 55: 0, # 'Ü' + 59: 0, # 'â' + 33: 1, # 'ç' + 61: 1, # 'î' + 34: 2, # 'ö' + 17: 0, # 'ü' + 30: 1, # 'ğ' + 41: 1, # 'İ' + 6: 1, # 'ı' + 40: 1, # 'Ş' + 19: 1, # 'ş' + }, +} + +# 255: Undefined characters that did not exist in training text +# 254: Carriage/Return +# 253: symbol (punctuation) that does not belong to word +# 252: 0 - 9 +# 251: Control characters + +# Character Mapping Table(s): +ISO_8859_9_TURKISH_CHAR_TO_ORDER = { + 0: 255, # '\x00' + 1: 255, # '\x01' + 2: 255, # '\x02' + 3: 255, # '\x03' + 4: 255, # '\x04' + 5: 255, # '\x05' + 6: 255, # '\x06' + 7: 255, # '\x07' + 8: 255, # '\x08' + 9: 255, # '\t' + 10: 255, # '\n' + 11: 255, # '\x0b' + 12: 255, # '\x0c' + 13: 255, # '\r' + 14: 255, # '\x0e' + 15: 255, # '\x0f' + 16: 255, # '\x10' + 17: 255, # '\x11' + 18: 255, # '\x12' + 19: 255, # '\x13' + 20: 255, # '\x14' + 21: 255, # '\x15' + 22: 255, # '\x16' + 23: 255, # '\x17' + 24: 255, # '\x18' + 25: 255, # '\x19' + 26: 255, # '\x1a' + 27: 255, # '\x1b' + 28: 255, # '\x1c' + 29: 255, # '\x1d' + 30: 255, # '\x1e' + 31: 255, # '\x1f' + 32: 255, # ' ' + 33: 255, # '!' + 34: 255, # '"' + 35: 255, # '#' + 36: 255, # '$' + 37: 255, # '%' + 38: 255, # '&' + 39: 255, # "'" + 40: 255, # '(' + 41: 255, # ')' + 42: 255, # '*' + 43: 255, # '+' + 44: 255, # ',' + 45: 255, # '-' + 46: 255, # '.' + 47: 255, # '/' + 48: 255, # '0' + 49: 255, # '1' + 50: 255, # '2' + 51: 255, # '3' + 52: 255, # '4' + 53: 255, # '5' + 54: 255, # '6' + 55: 255, # '7' + 56: 255, # '8' + 57: 255, # '9' + 58: 255, # ':' + 59: 255, # ';' + 60: 255, # '<' + 61: 255, # '=' + 62: 255, # '>' + 63: 255, # '?' + 64: 255, # '@' + 65: 23, # 'A' + 66: 37, # 'B' + 67: 47, # 'C' + 68: 39, # 'D' + 69: 29, # 'E' + 70: 52, # 'F' + 71: 36, # 'G' + 72: 45, # 'H' + 73: 53, # 'I' + 74: 60, # 'J' + 75: 16, # 'K' + 76: 49, # 'L' + 77: 20, # 'M' + 78: 46, # 'N' + 79: 42, # 'O' + 80: 48, # 'P' + 81: 69, # 'Q' + 82: 44, # 'R' + 83: 35, # 'S' + 84: 31, # 'T' + 85: 51, # 'U' + 86: 38, # 'V' + 87: 62, # 'W' + 88: 65, # 'X' + 89: 43, # 'Y' + 90: 56, # 'Z' + 91: 255, # '[' + 92: 255, # '\\' + 93: 255, # ']' + 94: 255, # '^' + 95: 255, # '_' + 96: 255, # '`' + 97: 1, # 'a' + 98: 21, # 'b' + 99: 28, # 'c' + 100: 12, # 'd' + 101: 2, # 'e' + 102: 18, # 'f' + 103: 27, # 'g' + 104: 25, # 'h' + 105: 3, # 'i' + 106: 24, # 'j' + 107: 10, # 'k' + 108: 5, # 'l' + 109: 13, # 'm' + 110: 4, # 'n' + 111: 15, # 'o' + 112: 26, # 'p' + 113: 64, # 'q' + 114: 7, # 'r' + 115: 8, # 's' + 116: 9, # 't' + 117: 14, # 'u' + 118: 32, # 'v' + 119: 57, # 'w' + 120: 58, # 'x' + 121: 11, # 'y' + 122: 22, # 'z' + 123: 255, # '{' + 124: 255, # '|' + 125: 255, # '}' + 126: 255, # '~' + 127: 255, # '\x7f' + 128: 180, # '\x80' + 129: 179, # '\x81' + 130: 178, # '\x82' + 131: 177, # '\x83' + 132: 176, # '\x84' + 133: 175, # '\x85' + 134: 174, # '\x86' + 135: 173, # '\x87' + 136: 172, # '\x88' + 137: 171, # '\x89' + 138: 170, # '\x8a' + 139: 169, # '\x8b' + 140: 168, # '\x8c' + 141: 167, # '\x8d' + 142: 166, # '\x8e' + 143: 165, # '\x8f' + 144: 164, # '\x90' + 145: 163, # '\x91' + 146: 162, # '\x92' + 147: 161, # '\x93' + 148: 160, # '\x94' + 149: 159, # '\x95' + 150: 101, # '\x96' + 151: 158, # '\x97' + 152: 157, # '\x98' + 153: 156, # '\x99' + 154: 155, # '\x9a' + 155: 154, # '\x9b' + 156: 153, # '\x9c' + 157: 152, # '\x9d' + 158: 151, # '\x9e' + 159: 106, # '\x9f' + 160: 150, # '\xa0' + 161: 149, # '¡' + 162: 148, # '¢' + 163: 147, # '£' + 164: 146, # '¤' + 165: 145, # '¥' + 166: 144, # '¦' + 167: 100, # '§' + 168: 143, # '¨' + 169: 142, # '©' + 170: 141, # 'ª' + 171: 140, # '«' + 172: 139, # '¬' + 173: 138, # '\xad' + 174: 137, # '®' + 175: 136, # '¯' + 176: 94, # '°' + 177: 80, # '±' + 178: 93, # '²' + 179: 135, # '³' + 180: 105, # '´' + 181: 134, # 'µ' + 182: 133, # '¶' + 183: 63, # '·' + 184: 132, # '¸' + 185: 131, # '¹' + 186: 130, # 'º' + 187: 129, # '»' + 188: 128, # '¼' + 189: 127, # '½' + 190: 126, # '¾' + 191: 125, # '¿' + 192: 124, # 'À' + 193: 104, # 'Á' + 194: 73, # 'Â' + 195: 99, # 'Ã' + 196: 79, # 'Ä' + 197: 85, # 'Å' + 198: 123, # 'Æ' + 199: 54, # 'Ç' + 200: 122, # 'È' + 201: 98, # 'É' + 202: 92, # 'Ê' + 203: 121, # 'Ë' + 204: 120, # 'Ì' + 205: 91, # 'Í' + 206: 103, # 'Î' + 207: 119, # 'Ï' + 208: 68, # 'Ğ' + 209: 118, # 'Ñ' + 210: 117, # 'Ò' + 211: 97, # 'Ó' + 212: 116, # 'Ô' + 213: 115, # 'Õ' + 214: 50, # 'Ö' + 215: 90, # '×' + 216: 114, # 'Ø' + 217: 113, # 'Ù' + 218: 112, # 'Ú' + 219: 111, # 'Û' + 220: 55, # 'Ü' + 221: 41, # 'İ' + 222: 40, # 'Ş' + 223: 86, # 'ß' + 224: 89, # 'à' + 225: 70, # 'á' + 226: 59, # 'â' + 227: 78, # 'ã' + 228: 71, # 'ä' + 229: 82, # 'å' + 230: 88, # 'æ' + 231: 33, # 'ç' + 232: 77, # 'è' + 233: 66, # 'é' + 234: 84, # 'ê' + 235: 83, # 'ë' + 236: 110, # 'ì' + 237: 75, # 'í' + 238: 61, # 'î' + 239: 96, # 'ï' + 240: 30, # 'ğ' + 241: 67, # 'ñ' + 242: 109, # 'ò' + 243: 74, # 'ó' + 244: 87, # 'ô' + 245: 102, # 'õ' + 246: 34, # 'ö' + 247: 95, # '÷' + 248: 81, # 'ø' + 249: 108, # 'ù' + 250: 76, # 'ú' + 251: 72, # 'û' + 252: 17, # 'ü' + 253: 6, # 'ı' + 254: 19, # 'ş' + 255: 107, # 'ÿ' +} + +ISO_8859_9_TURKISH_MODEL = SingleByteCharSetModel(charset_name='ISO-8859-9', + language='Turkish', + char_to_order_map=ISO_8859_9_TURKISH_CHAR_TO_ORDER, + language_model=TURKISH_LANG_MODEL, + typical_positive_ratio=0.97029, + keep_ascii_letters=True, + alphabet='ABCDEFGHIJKLMNOPRSTUVYZabcdefghijklmnoprstuvyzÂÇÎÖÛÜâçîöûüĞğİıŞş') + diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/latin1prober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/latin1prober.py new file mode 100644 index 000000000..7d1e8c20f --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/latin1prober.py @@ -0,0 +1,145 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Universal charset detector code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 2001 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# Shy Shalom - original C code +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .charsetprober import CharSetProber +from .enums import ProbingState + +FREQ_CAT_NUM = 4 + +UDF = 0 # undefined +OTH = 1 # other +ASC = 2 # ascii capital letter +ASS = 3 # ascii small letter +ACV = 4 # accent capital vowel +ACO = 5 # accent capital other +ASV = 6 # accent small vowel +ASO = 7 # accent small other +CLASS_NUM = 8 # total classes + +Latin1_CharToClass = ( + OTH, OTH, OTH, OTH, OTH, OTH, OTH, OTH, # 00 - 07 + OTH, OTH, OTH, OTH, OTH, OTH, OTH, OTH, # 08 - 0F + OTH, OTH, OTH, OTH, OTH, OTH, OTH, OTH, # 10 - 17 + OTH, OTH, OTH, OTH, OTH, OTH, OTH, OTH, # 18 - 1F + OTH, OTH, OTH, OTH, OTH, OTH, OTH, OTH, # 20 - 27 + OTH, OTH, OTH, OTH, OTH, OTH, OTH, OTH, # 28 - 2F + OTH, OTH, OTH, OTH, OTH, OTH, OTH, OTH, # 30 - 37 + OTH, OTH, OTH, OTH, OTH, OTH, OTH, OTH, # 38 - 3F + OTH, ASC, ASC, ASC, ASC, ASC, ASC, ASC, # 40 - 47 + ASC, ASC, ASC, ASC, ASC, ASC, ASC, ASC, # 48 - 4F + ASC, ASC, ASC, ASC, ASC, ASC, ASC, ASC, # 50 - 57 + ASC, ASC, ASC, OTH, OTH, OTH, OTH, OTH, # 58 - 5F + OTH, ASS, ASS, ASS, ASS, ASS, ASS, ASS, # 60 - 67 + ASS, ASS, ASS, ASS, ASS, ASS, ASS, ASS, # 68 - 6F + ASS, ASS, ASS, ASS, ASS, ASS, ASS, ASS, # 70 - 77 + ASS, ASS, ASS, OTH, OTH, OTH, OTH, OTH, # 78 - 7F + OTH, UDF, OTH, ASO, OTH, OTH, OTH, OTH, # 80 - 87 + OTH, OTH, ACO, OTH, ACO, UDF, ACO, UDF, # 88 - 8F + UDF, OTH, OTH, OTH, OTH, OTH, OTH, OTH, # 90 - 97 + OTH, OTH, ASO, OTH, ASO, UDF, ASO, ACO, # 98 - 9F + OTH, OTH, OTH, OTH, OTH, OTH, OTH, OTH, # A0 - A7 + OTH, OTH, OTH, OTH, OTH, OTH, OTH, OTH, # A8 - AF + OTH, OTH, OTH, OTH, OTH, OTH, OTH, OTH, # B0 - B7 + OTH, OTH, OTH, OTH, OTH, OTH, OTH, OTH, # B8 - BF + ACV, ACV, ACV, ACV, ACV, ACV, ACO, ACO, # C0 - C7 + ACV, ACV, ACV, ACV, ACV, ACV, ACV, ACV, # C8 - CF + ACO, ACO, ACV, ACV, ACV, ACV, ACV, OTH, # D0 - D7 + ACV, ACV, ACV, ACV, ACV, ACO, ACO, ACO, # D8 - DF + ASV, ASV, ASV, ASV, ASV, ASV, ASO, ASO, # E0 - E7 + ASV, ASV, ASV, ASV, ASV, ASV, ASV, ASV, # E8 - EF + ASO, ASO, ASV, ASV, ASV, ASV, ASV, OTH, # F0 - F7 + ASV, ASV, ASV, ASV, ASV, ASO, ASO, ASO, # F8 - FF +) + +# 0 : illegal +# 1 : very unlikely +# 2 : normal +# 3 : very likely +Latin1ClassModel = ( +# UDF OTH ASC ASS ACV ACO ASV ASO + 0, 0, 0, 0, 0, 0, 0, 0, # UDF + 0, 3, 3, 3, 3, 3, 3, 3, # OTH + 0, 3, 3, 3, 3, 3, 3, 3, # ASC + 0, 3, 3, 3, 1, 1, 3, 3, # ASS + 0, 3, 3, 3, 1, 2, 1, 2, # ACV + 0, 3, 3, 3, 3, 3, 3, 3, # ACO + 0, 3, 1, 3, 1, 1, 1, 3, # ASV + 0, 3, 1, 3, 1, 1, 3, 3, # ASO +) + + +class Latin1Prober(CharSetProber): + def __init__(self): + super(Latin1Prober, self).__init__() + self._last_char_class = None + self._freq_counter = None + self.reset() + + def reset(self): + self._last_char_class = OTH + self._freq_counter = [0] * FREQ_CAT_NUM + CharSetProber.reset(self) + + @property + def charset_name(self): + return "ISO-8859-1" + + @property + def language(self): + return "" + + def feed(self, byte_str): + byte_str = self.filter_with_english_letters(byte_str) + for c in byte_str: + char_class = Latin1_CharToClass[c] + freq = Latin1ClassModel[(self._last_char_class * CLASS_NUM) + + char_class] + if freq == 0: + self._state = ProbingState.NOT_ME + break + self._freq_counter[freq] += 1 + self._last_char_class = char_class + + return self.state + + def get_confidence(self): + if self.state == ProbingState.NOT_ME: + return 0.01 + + total = sum(self._freq_counter) + if total < 0.01: + confidence = 0.0 + else: + confidence = ((self._freq_counter[3] - self._freq_counter[1] * 20.0) + / total) + if confidence < 0.0: + confidence = 0.0 + # lower the confidence of latin1 so that other more accurate + # detector can take priority. + confidence = confidence * 0.73 + return confidence diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcharsetprober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcharsetprober.py new file mode 100644 index 000000000..6256ecfd1 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcharsetprober.py @@ -0,0 +1,91 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Universal charset detector code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 2001 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# Shy Shalom - original C code +# Proofpoint, Inc. +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .charsetprober import CharSetProber +from .enums import ProbingState, MachineState + + +class MultiByteCharSetProber(CharSetProber): + """ + MultiByteCharSetProber + """ + + def __init__(self, lang_filter=None): + super(MultiByteCharSetProber, self).__init__(lang_filter=lang_filter) + self.distribution_analyzer = None + self.coding_sm = None + self._last_char = [0, 0] + + def reset(self): + super(MultiByteCharSetProber, self).reset() + if self.coding_sm: + self.coding_sm.reset() + if self.distribution_analyzer: + self.distribution_analyzer.reset() + self._last_char = [0, 0] + + @property + def charset_name(self): + raise NotImplementedError + + @property + def language(self): + raise NotImplementedError + + def feed(self, byte_str): + for i in range(len(byte_str)): + coding_state = self.coding_sm.next_state(byte_str[i]) + if coding_state == MachineState.ERROR: + self.logger.debug('%s %s prober hit error at byte %s', + self.charset_name, self.language, i) + self._state = ProbingState.NOT_ME + break + elif coding_state == MachineState.ITS_ME: + self._state = ProbingState.FOUND_IT + break + elif coding_state == MachineState.START: + char_len = self.coding_sm.get_current_charlen() + if i == 0: + self._last_char[1] = byte_str[0] + self.distribution_analyzer.feed(self._last_char, char_len) + else: + self.distribution_analyzer.feed(byte_str[i - 1:i + 1], + char_len) + + self._last_char[0] = byte_str[-1] + + if self.state == ProbingState.DETECTING: + if (self.distribution_analyzer.got_enough_data() and + (self.get_confidence() > self.SHORTCUT_THRESHOLD)): + self._state = ProbingState.FOUND_IT + + return self.state + + def get_confidence(self): + return self.distribution_analyzer.get_confidence() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcsgroupprober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcsgroupprober.py new file mode 100644 index 000000000..530abe75e --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcsgroupprober.py @@ -0,0 +1,54 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Universal charset detector code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 2001 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# Shy Shalom - original C code +# Proofpoint, Inc. +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .charsetgroupprober import CharSetGroupProber +from .utf8prober import UTF8Prober +from .sjisprober import SJISProber +from .eucjpprober import EUCJPProber +from .gb2312prober import GB2312Prober +from .euckrprober import EUCKRProber +from .cp949prober import CP949Prober +from .big5prober import Big5Prober +from .euctwprober import EUCTWProber + + +class MBCSGroupProber(CharSetGroupProber): + def __init__(self, lang_filter=None): + super(MBCSGroupProber, self).__init__(lang_filter=lang_filter) + self.probers = [ + UTF8Prober(), + SJISProber(), + EUCJPProber(), + GB2312Prober(), + EUCKRProber(), + CP949Prober(), + Big5Prober(), + EUCTWProber() + ] + self.reset() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcssm.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcssm.py new file mode 100644 index 000000000..8360d0f28 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/mbcssm.py @@ -0,0 +1,572 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is mozilla.org code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .enums import MachineState + +# BIG5 + +BIG5_CLS = ( + 1,1,1,1,1,1,1,1, # 00 - 07 #allow 0x00 as legal value + 1,1,1,1,1,1,0,0, # 08 - 0f + 1,1,1,1,1,1,1,1, # 10 - 17 + 1,1,1,0,1,1,1,1, # 18 - 1f + 1,1,1,1,1,1,1,1, # 20 - 27 + 1,1,1,1,1,1,1,1, # 28 - 2f + 1,1,1,1,1,1,1,1, # 30 - 37 + 1,1,1,1,1,1,1,1, # 38 - 3f + 2,2,2,2,2,2,2,2, # 40 - 47 + 2,2,2,2,2,2,2,2, # 48 - 4f + 2,2,2,2,2,2,2,2, # 50 - 57 + 2,2,2,2,2,2,2,2, # 58 - 5f + 2,2,2,2,2,2,2,2, # 60 - 67 + 2,2,2,2,2,2,2,2, # 68 - 6f + 2,2,2,2,2,2,2,2, # 70 - 77 + 2,2,2,2,2,2,2,1, # 78 - 7f + 4,4,4,4,4,4,4,4, # 80 - 87 + 4,4,4,4,4,4,4,4, # 88 - 8f + 4,4,4,4,4,4,4,4, # 90 - 97 + 4,4,4,4,4,4,4,4, # 98 - 9f + 4,3,3,3,3,3,3,3, # a0 - a7 + 3,3,3,3,3,3,3,3, # a8 - af + 3,3,3,3,3,3,3,3, # b0 - b7 + 3,3,3,3,3,3,3,3, # b8 - bf + 3,3,3,3,3,3,3,3, # c0 - c7 + 3,3,3,3,3,3,3,3, # c8 - cf + 3,3,3,3,3,3,3,3, # d0 - d7 + 3,3,3,3,3,3,3,3, # d8 - df + 3,3,3,3,3,3,3,3, # e0 - e7 + 3,3,3,3,3,3,3,3, # e8 - ef + 3,3,3,3,3,3,3,3, # f0 - f7 + 3,3,3,3,3,3,3,0 # f8 - ff +) + +BIG5_ST = ( + MachineState.ERROR,MachineState.START,MachineState.START, 3,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#00-07 + MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ERROR,#08-0f + MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START#10-17 +) + +BIG5_CHAR_LEN_TABLE = (0, 1, 1, 2, 0) + +BIG5_SM_MODEL = {'class_table': BIG5_CLS, + 'class_factor': 5, + 'state_table': BIG5_ST, + 'char_len_table': BIG5_CHAR_LEN_TABLE, + 'name': 'Big5'} + +# CP949 + +CP949_CLS = ( + 1,1,1,1,1,1,1,1, 1,1,1,1,1,1,0,0, # 00 - 0f + 1,1,1,1,1,1,1,1, 1,1,1,0,1,1,1,1, # 10 - 1f + 1,1,1,1,1,1,1,1, 1,1,1,1,1,1,1,1, # 20 - 2f + 1,1,1,1,1,1,1,1, 1,1,1,1,1,1,1,1, # 30 - 3f + 1,4,4,4,4,4,4,4, 4,4,4,4,4,4,4,4, # 40 - 4f + 4,4,5,5,5,5,5,5, 5,5,5,1,1,1,1,1, # 50 - 5f + 1,5,5,5,5,5,5,5, 5,5,5,5,5,5,5,5, # 60 - 6f + 5,5,5,5,5,5,5,5, 5,5,5,1,1,1,1,1, # 70 - 7f + 0,6,6,6,6,6,6,6, 6,6,6,6,6,6,6,6, # 80 - 8f + 6,6,6,6,6,6,6,6, 6,6,6,6,6,6,6,6, # 90 - 9f + 6,7,7,7,7,7,7,7, 7,7,7,7,7,8,8,8, # a0 - af + 7,7,7,7,7,7,7,7, 7,7,7,7,7,7,7,7, # b0 - bf + 7,7,7,7,7,7,9,2, 2,3,2,2,2,2,2,2, # c0 - cf + 2,2,2,2,2,2,2,2, 2,2,2,2,2,2,2,2, # d0 - df + 2,2,2,2,2,2,2,2, 2,2,2,2,2,2,2,2, # e0 - ef + 2,2,2,2,2,2,2,2, 2,2,2,2,2,2,2,0, # f0 - ff +) + +CP949_ST = ( +#cls= 0 1 2 3 4 5 6 7 8 9 # previous state = + MachineState.ERROR,MachineState.START, 3,MachineState.ERROR,MachineState.START,MachineState.START, 4, 5,MachineState.ERROR, 6, # MachineState.START + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR, # MachineState.ERROR + MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME, # MachineState.ITS_ME + MachineState.ERROR,MachineState.ERROR,MachineState.START,MachineState.START,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START, # 3 + MachineState.ERROR,MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START, # 4 + MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START, # 5 + MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.ERROR,MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START, # 6 +) + +CP949_CHAR_LEN_TABLE = (0, 1, 2, 0, 1, 1, 2, 2, 0, 2) + +CP949_SM_MODEL = {'class_table': CP949_CLS, + 'class_factor': 10, + 'state_table': CP949_ST, + 'char_len_table': CP949_CHAR_LEN_TABLE, + 'name': 'CP949'} + +# EUC-JP + +EUCJP_CLS = ( + 4,4,4,4,4,4,4,4, # 00 - 07 + 4,4,4,4,4,4,5,5, # 08 - 0f + 4,4,4,4,4,4,4,4, # 10 - 17 + 4,4,4,5,4,4,4,4, # 18 - 1f + 4,4,4,4,4,4,4,4, # 20 - 27 + 4,4,4,4,4,4,4,4, # 28 - 2f + 4,4,4,4,4,4,4,4, # 30 - 37 + 4,4,4,4,4,4,4,4, # 38 - 3f + 4,4,4,4,4,4,4,4, # 40 - 47 + 4,4,4,4,4,4,4,4, # 48 - 4f + 4,4,4,4,4,4,4,4, # 50 - 57 + 4,4,4,4,4,4,4,4, # 58 - 5f + 4,4,4,4,4,4,4,4, # 60 - 67 + 4,4,4,4,4,4,4,4, # 68 - 6f + 4,4,4,4,4,4,4,4, # 70 - 77 + 4,4,4,4,4,4,4,4, # 78 - 7f + 5,5,5,5,5,5,5,5, # 80 - 87 + 5,5,5,5,5,5,1,3, # 88 - 8f + 5,5,5,5,5,5,5,5, # 90 - 97 + 5,5,5,5,5,5,5,5, # 98 - 9f + 5,2,2,2,2,2,2,2, # a0 - a7 + 2,2,2,2,2,2,2,2, # a8 - af + 2,2,2,2,2,2,2,2, # b0 - b7 + 2,2,2,2,2,2,2,2, # b8 - bf + 2,2,2,2,2,2,2,2, # c0 - c7 + 2,2,2,2,2,2,2,2, # c8 - cf + 2,2,2,2,2,2,2,2, # d0 - d7 + 2,2,2,2,2,2,2,2, # d8 - df + 0,0,0,0,0,0,0,0, # e0 - e7 + 0,0,0,0,0,0,0,0, # e8 - ef + 0,0,0,0,0,0,0,0, # f0 - f7 + 0,0,0,0,0,0,0,5 # f8 - ff +) + +EUCJP_ST = ( + 3, 4, 3, 5,MachineState.START,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#00-07 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,#08-0f + MachineState.ITS_ME,MachineState.ITS_ME,MachineState.START,MachineState.ERROR,MachineState.START,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#10-17 + MachineState.ERROR,MachineState.ERROR,MachineState.START,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR, 3,MachineState.ERROR,#18-1f + 3,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START,MachineState.START#20-27 +) + +EUCJP_CHAR_LEN_TABLE = (2, 2, 2, 3, 1, 0) + +EUCJP_SM_MODEL = {'class_table': EUCJP_CLS, + 'class_factor': 6, + 'state_table': EUCJP_ST, + 'char_len_table': EUCJP_CHAR_LEN_TABLE, + 'name': 'EUC-JP'} + +# EUC-KR + +EUCKR_CLS = ( + 1,1,1,1,1,1,1,1, # 00 - 07 + 1,1,1,1,1,1,0,0, # 08 - 0f + 1,1,1,1,1,1,1,1, # 10 - 17 + 1,1,1,0,1,1,1,1, # 18 - 1f + 1,1,1,1,1,1,1,1, # 20 - 27 + 1,1,1,1,1,1,1,1, # 28 - 2f + 1,1,1,1,1,1,1,1, # 30 - 37 + 1,1,1,1,1,1,1,1, # 38 - 3f + 1,1,1,1,1,1,1,1, # 40 - 47 + 1,1,1,1,1,1,1,1, # 48 - 4f + 1,1,1,1,1,1,1,1, # 50 - 57 + 1,1,1,1,1,1,1,1, # 58 - 5f + 1,1,1,1,1,1,1,1, # 60 - 67 + 1,1,1,1,1,1,1,1, # 68 - 6f + 1,1,1,1,1,1,1,1, # 70 - 77 + 1,1,1,1,1,1,1,1, # 78 - 7f + 0,0,0,0,0,0,0,0, # 80 - 87 + 0,0,0,0,0,0,0,0, # 88 - 8f + 0,0,0,0,0,0,0,0, # 90 - 97 + 0,0,0,0,0,0,0,0, # 98 - 9f + 0,2,2,2,2,2,2,2, # a0 - a7 + 2,2,2,2,2,3,3,3, # a8 - af + 2,2,2,2,2,2,2,2, # b0 - b7 + 2,2,2,2,2,2,2,2, # b8 - bf + 2,2,2,2,2,2,2,2, # c0 - c7 + 2,3,2,2,2,2,2,2, # c8 - cf + 2,2,2,2,2,2,2,2, # d0 - d7 + 2,2,2,2,2,2,2,2, # d8 - df + 2,2,2,2,2,2,2,2, # e0 - e7 + 2,2,2,2,2,2,2,2, # e8 - ef + 2,2,2,2,2,2,2,2, # f0 - f7 + 2,2,2,2,2,2,2,0 # f8 - ff +) + +EUCKR_ST = ( + MachineState.ERROR,MachineState.START, 3,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#00-07 + MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ERROR,MachineState.ERROR,MachineState.START,MachineState.START #08-0f +) + +EUCKR_CHAR_LEN_TABLE = (0, 1, 2, 0) + +EUCKR_SM_MODEL = {'class_table': EUCKR_CLS, + 'class_factor': 4, + 'state_table': EUCKR_ST, + 'char_len_table': EUCKR_CHAR_LEN_TABLE, + 'name': 'EUC-KR'} + +# EUC-TW + +EUCTW_CLS = ( + 2,2,2,2,2,2,2,2, # 00 - 07 + 2,2,2,2,2,2,0,0, # 08 - 0f + 2,2,2,2,2,2,2,2, # 10 - 17 + 2,2,2,0,2,2,2,2, # 18 - 1f + 2,2,2,2,2,2,2,2, # 20 - 27 + 2,2,2,2,2,2,2,2, # 28 - 2f + 2,2,2,2,2,2,2,2, # 30 - 37 + 2,2,2,2,2,2,2,2, # 38 - 3f + 2,2,2,2,2,2,2,2, # 40 - 47 + 2,2,2,2,2,2,2,2, # 48 - 4f + 2,2,2,2,2,2,2,2, # 50 - 57 + 2,2,2,2,2,2,2,2, # 58 - 5f + 2,2,2,2,2,2,2,2, # 60 - 67 + 2,2,2,2,2,2,2,2, # 68 - 6f + 2,2,2,2,2,2,2,2, # 70 - 77 + 2,2,2,2,2,2,2,2, # 78 - 7f + 0,0,0,0,0,0,0,0, # 80 - 87 + 0,0,0,0,0,0,6,0, # 88 - 8f + 0,0,0,0,0,0,0,0, # 90 - 97 + 0,0,0,0,0,0,0,0, # 98 - 9f + 0,3,4,4,4,4,4,4, # a0 - a7 + 5,5,1,1,1,1,1,1, # a8 - af + 1,1,1,1,1,1,1,1, # b0 - b7 + 1,1,1,1,1,1,1,1, # b8 - bf + 1,1,3,1,3,3,3,3, # c0 - c7 + 3,3,3,3,3,3,3,3, # c8 - cf + 3,3,3,3,3,3,3,3, # d0 - d7 + 3,3,3,3,3,3,3,3, # d8 - df + 3,3,3,3,3,3,3,3, # e0 - e7 + 3,3,3,3,3,3,3,3, # e8 - ef + 3,3,3,3,3,3,3,3, # f0 - f7 + 3,3,3,3,3,3,3,0 # f8 - ff +) + +EUCTW_ST = ( + MachineState.ERROR,MachineState.ERROR,MachineState.START, 3, 3, 3, 4,MachineState.ERROR,#00-07 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ITS_ME,#08-0f + MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ERROR,MachineState.START,MachineState.ERROR,#10-17 + MachineState.START,MachineState.START,MachineState.START,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#18-1f + 5,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.START,MachineState.ERROR,MachineState.START,MachineState.START,#20-27 + MachineState.START,MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START #28-2f +) + +EUCTW_CHAR_LEN_TABLE = (0, 0, 1, 2, 2, 2, 3) + +EUCTW_SM_MODEL = {'class_table': EUCTW_CLS, + 'class_factor': 7, + 'state_table': EUCTW_ST, + 'char_len_table': EUCTW_CHAR_LEN_TABLE, + 'name': 'x-euc-tw'} + +# GB2312 + +GB2312_CLS = ( + 1,1,1,1,1,1,1,1, # 00 - 07 + 1,1,1,1,1,1,0,0, # 08 - 0f + 1,1,1,1,1,1,1,1, # 10 - 17 + 1,1,1,0,1,1,1,1, # 18 - 1f + 1,1,1,1,1,1,1,1, # 20 - 27 + 1,1,1,1,1,1,1,1, # 28 - 2f + 3,3,3,3,3,3,3,3, # 30 - 37 + 3,3,1,1,1,1,1,1, # 38 - 3f + 2,2,2,2,2,2,2,2, # 40 - 47 + 2,2,2,2,2,2,2,2, # 48 - 4f + 2,2,2,2,2,2,2,2, # 50 - 57 + 2,2,2,2,2,2,2,2, # 58 - 5f + 2,2,2,2,2,2,2,2, # 60 - 67 + 2,2,2,2,2,2,2,2, # 68 - 6f + 2,2,2,2,2,2,2,2, # 70 - 77 + 2,2,2,2,2,2,2,4, # 78 - 7f + 5,6,6,6,6,6,6,6, # 80 - 87 + 6,6,6,6,6,6,6,6, # 88 - 8f + 6,6,6,6,6,6,6,6, # 90 - 97 + 6,6,6,6,6,6,6,6, # 98 - 9f + 6,6,6,6,6,6,6,6, # a0 - a7 + 6,6,6,6,6,6,6,6, # a8 - af + 6,6,6,6,6,6,6,6, # b0 - b7 + 6,6,6,6,6,6,6,6, # b8 - bf + 6,6,6,6,6,6,6,6, # c0 - c7 + 6,6,6,6,6,6,6,6, # c8 - cf + 6,6,6,6,6,6,6,6, # d0 - d7 + 6,6,6,6,6,6,6,6, # d8 - df + 6,6,6,6,6,6,6,6, # e0 - e7 + 6,6,6,6,6,6,6,6, # e8 - ef + 6,6,6,6,6,6,6,6, # f0 - f7 + 6,6,6,6,6,6,6,0 # f8 - ff +) + +GB2312_ST = ( + MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START, 3,MachineState.ERROR,#00-07 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ITS_ME,#08-0f + MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ERROR,MachineState.ERROR,MachineState.START,#10-17 + 4,MachineState.ERROR,MachineState.START,MachineState.START,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#18-1f + MachineState.ERROR,MachineState.ERROR, 5,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ERROR,#20-27 + MachineState.ERROR,MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.START #28-2f +) + +# To be accurate, the length of class 6 can be either 2 or 4. +# But it is not necessary to discriminate between the two since +# it is used for frequency analysis only, and we are validating +# each code range there as well. So it is safe to set it to be +# 2 here. +GB2312_CHAR_LEN_TABLE = (0, 1, 1, 1, 1, 1, 2) + +GB2312_SM_MODEL = {'class_table': GB2312_CLS, + 'class_factor': 7, + 'state_table': GB2312_ST, + 'char_len_table': GB2312_CHAR_LEN_TABLE, + 'name': 'GB2312'} + +# Shift_JIS + +SJIS_CLS = ( + 1,1,1,1,1,1,1,1, # 00 - 07 + 1,1,1,1,1,1,0,0, # 08 - 0f + 1,1,1,1,1,1,1,1, # 10 - 17 + 1,1,1,0,1,1,1,1, # 18 - 1f + 1,1,1,1,1,1,1,1, # 20 - 27 + 1,1,1,1,1,1,1,1, # 28 - 2f + 1,1,1,1,1,1,1,1, # 30 - 37 + 1,1,1,1,1,1,1,1, # 38 - 3f + 2,2,2,2,2,2,2,2, # 40 - 47 + 2,2,2,2,2,2,2,2, # 48 - 4f + 2,2,2,2,2,2,2,2, # 50 - 57 + 2,2,2,2,2,2,2,2, # 58 - 5f + 2,2,2,2,2,2,2,2, # 60 - 67 + 2,2,2,2,2,2,2,2, # 68 - 6f + 2,2,2,2,2,2,2,2, # 70 - 77 + 2,2,2,2,2,2,2,1, # 78 - 7f + 3,3,3,3,3,2,2,3, # 80 - 87 + 3,3,3,3,3,3,3,3, # 88 - 8f + 3,3,3,3,3,3,3,3, # 90 - 97 + 3,3,3,3,3,3,3,3, # 98 - 9f + #0xa0 is illegal in sjis encoding, but some pages does + #contain such byte. We need to be more error forgiven. + 2,2,2,2,2,2,2,2, # a0 - a7 + 2,2,2,2,2,2,2,2, # a8 - af + 2,2,2,2,2,2,2,2, # b0 - b7 + 2,2,2,2,2,2,2,2, # b8 - bf + 2,2,2,2,2,2,2,2, # c0 - c7 + 2,2,2,2,2,2,2,2, # c8 - cf + 2,2,2,2,2,2,2,2, # d0 - d7 + 2,2,2,2,2,2,2,2, # d8 - df + 3,3,3,3,3,3,3,3, # e0 - e7 + 3,3,3,3,3,4,4,4, # e8 - ef + 3,3,3,3,3,3,3,3, # f0 - f7 + 3,3,3,3,3,0,0,0) # f8 - ff + + +SJIS_ST = ( + MachineState.ERROR,MachineState.START,MachineState.START, 3,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#00-07 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,#08-0f + MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ERROR,MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START,MachineState.START #10-17 +) + +SJIS_CHAR_LEN_TABLE = (0, 1, 1, 2, 0, 0) + +SJIS_SM_MODEL = {'class_table': SJIS_CLS, + 'class_factor': 6, + 'state_table': SJIS_ST, + 'char_len_table': SJIS_CHAR_LEN_TABLE, + 'name': 'Shift_JIS'} + +# UCS2-BE + +UCS2BE_CLS = ( + 0,0,0,0,0,0,0,0, # 00 - 07 + 0,0,1,0,0,2,0,0, # 08 - 0f + 0,0,0,0,0,0,0,0, # 10 - 17 + 0,0,0,3,0,0,0,0, # 18 - 1f + 0,0,0,0,0,0,0,0, # 20 - 27 + 0,3,3,3,3,3,0,0, # 28 - 2f + 0,0,0,0,0,0,0,0, # 30 - 37 + 0,0,0,0,0,0,0,0, # 38 - 3f + 0,0,0,0,0,0,0,0, # 40 - 47 + 0,0,0,0,0,0,0,0, # 48 - 4f + 0,0,0,0,0,0,0,0, # 50 - 57 + 0,0,0,0,0,0,0,0, # 58 - 5f + 0,0,0,0,0,0,0,0, # 60 - 67 + 0,0,0,0,0,0,0,0, # 68 - 6f + 0,0,0,0,0,0,0,0, # 70 - 77 + 0,0,0,0,0,0,0,0, # 78 - 7f + 0,0,0,0,0,0,0,0, # 80 - 87 + 0,0,0,0,0,0,0,0, # 88 - 8f + 0,0,0,0,0,0,0,0, # 90 - 97 + 0,0,0,0,0,0,0,0, # 98 - 9f + 0,0,0,0,0,0,0,0, # a0 - a7 + 0,0,0,0,0,0,0,0, # a8 - af + 0,0,0,0,0,0,0,0, # b0 - b7 + 0,0,0,0,0,0,0,0, # b8 - bf + 0,0,0,0,0,0,0,0, # c0 - c7 + 0,0,0,0,0,0,0,0, # c8 - cf + 0,0,0,0,0,0,0,0, # d0 - d7 + 0,0,0,0,0,0,0,0, # d8 - df + 0,0,0,0,0,0,0,0, # e0 - e7 + 0,0,0,0,0,0,0,0, # e8 - ef + 0,0,0,0,0,0,0,0, # f0 - f7 + 0,0,0,0,0,0,4,5 # f8 - ff +) + +UCS2BE_ST = ( + 5, 7, 7,MachineState.ERROR, 4, 3,MachineState.ERROR,MachineState.ERROR,#00-07 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,#08-0f + MachineState.ITS_ME,MachineState.ITS_ME, 6, 6, 6, 6,MachineState.ERROR,MachineState.ERROR,#10-17 + 6, 6, 6, 6, 6,MachineState.ITS_ME, 6, 6,#18-1f + 6, 6, 6, 6, 5, 7, 7,MachineState.ERROR,#20-27 + 5, 8, 6, 6,MachineState.ERROR, 6, 6, 6,#28-2f + 6, 6, 6, 6,MachineState.ERROR,MachineState.ERROR,MachineState.START,MachineState.START #30-37 +) + +UCS2BE_CHAR_LEN_TABLE = (2, 2, 2, 0, 2, 2) + +UCS2BE_SM_MODEL = {'class_table': UCS2BE_CLS, + 'class_factor': 6, + 'state_table': UCS2BE_ST, + 'char_len_table': UCS2BE_CHAR_LEN_TABLE, + 'name': 'UTF-16BE'} + +# UCS2-LE + +UCS2LE_CLS = ( + 0,0,0,0,0,0,0,0, # 00 - 07 + 0,0,1,0,0,2,0,0, # 08 - 0f + 0,0,0,0,0,0,0,0, # 10 - 17 + 0,0,0,3,0,0,0,0, # 18 - 1f + 0,0,0,0,0,0,0,0, # 20 - 27 + 0,3,3,3,3,3,0,0, # 28 - 2f + 0,0,0,0,0,0,0,0, # 30 - 37 + 0,0,0,0,0,0,0,0, # 38 - 3f + 0,0,0,0,0,0,0,0, # 40 - 47 + 0,0,0,0,0,0,0,0, # 48 - 4f + 0,0,0,0,0,0,0,0, # 50 - 57 + 0,0,0,0,0,0,0,0, # 58 - 5f + 0,0,0,0,0,0,0,0, # 60 - 67 + 0,0,0,0,0,0,0,0, # 68 - 6f + 0,0,0,0,0,0,0,0, # 70 - 77 + 0,0,0,0,0,0,0,0, # 78 - 7f + 0,0,0,0,0,0,0,0, # 80 - 87 + 0,0,0,0,0,0,0,0, # 88 - 8f + 0,0,0,0,0,0,0,0, # 90 - 97 + 0,0,0,0,0,0,0,0, # 98 - 9f + 0,0,0,0,0,0,0,0, # a0 - a7 + 0,0,0,0,0,0,0,0, # a8 - af + 0,0,0,0,0,0,0,0, # b0 - b7 + 0,0,0,0,0,0,0,0, # b8 - bf + 0,0,0,0,0,0,0,0, # c0 - c7 + 0,0,0,0,0,0,0,0, # c8 - cf + 0,0,0,0,0,0,0,0, # d0 - d7 + 0,0,0,0,0,0,0,0, # d8 - df + 0,0,0,0,0,0,0,0, # e0 - e7 + 0,0,0,0,0,0,0,0, # e8 - ef + 0,0,0,0,0,0,0,0, # f0 - f7 + 0,0,0,0,0,0,4,5 # f8 - ff +) + +UCS2LE_ST = ( + 6, 6, 7, 6, 4, 3,MachineState.ERROR,MachineState.ERROR,#00-07 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,#08-0f + MachineState.ITS_ME,MachineState.ITS_ME, 5, 5, 5,MachineState.ERROR,MachineState.ITS_ME,MachineState.ERROR,#10-17 + 5, 5, 5,MachineState.ERROR, 5,MachineState.ERROR, 6, 6,#18-1f + 7, 6, 8, 8, 5, 5, 5,MachineState.ERROR,#20-27 + 5, 5, 5,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR, 5, 5,#28-2f + 5, 5, 5,MachineState.ERROR, 5,MachineState.ERROR,MachineState.START,MachineState.START #30-37 +) + +UCS2LE_CHAR_LEN_TABLE = (2, 2, 2, 2, 2, 2) + +UCS2LE_SM_MODEL = {'class_table': UCS2LE_CLS, + 'class_factor': 6, + 'state_table': UCS2LE_ST, + 'char_len_table': UCS2LE_CHAR_LEN_TABLE, + 'name': 'UTF-16LE'} + +# UTF-8 + +UTF8_CLS = ( + 1,1,1,1,1,1,1,1, # 00 - 07 #allow 0x00 as a legal value + 1,1,1,1,1,1,0,0, # 08 - 0f + 1,1,1,1,1,1,1,1, # 10 - 17 + 1,1,1,0,1,1,1,1, # 18 - 1f + 1,1,1,1,1,1,1,1, # 20 - 27 + 1,1,1,1,1,1,1,1, # 28 - 2f + 1,1,1,1,1,1,1,1, # 30 - 37 + 1,1,1,1,1,1,1,1, # 38 - 3f + 1,1,1,1,1,1,1,1, # 40 - 47 + 1,1,1,1,1,1,1,1, # 48 - 4f + 1,1,1,1,1,1,1,1, # 50 - 57 + 1,1,1,1,1,1,1,1, # 58 - 5f + 1,1,1,1,1,1,1,1, # 60 - 67 + 1,1,1,1,1,1,1,1, # 68 - 6f + 1,1,1,1,1,1,1,1, # 70 - 77 + 1,1,1,1,1,1,1,1, # 78 - 7f + 2,2,2,2,3,3,3,3, # 80 - 87 + 4,4,4,4,4,4,4,4, # 88 - 8f + 4,4,4,4,4,4,4,4, # 90 - 97 + 4,4,4,4,4,4,4,4, # 98 - 9f + 5,5,5,5,5,5,5,5, # a0 - a7 + 5,5,5,5,5,5,5,5, # a8 - af + 5,5,5,5,5,5,5,5, # b0 - b7 + 5,5,5,5,5,5,5,5, # b8 - bf + 0,0,6,6,6,6,6,6, # c0 - c7 + 6,6,6,6,6,6,6,6, # c8 - cf + 6,6,6,6,6,6,6,6, # d0 - d7 + 6,6,6,6,6,6,6,6, # d8 - df + 7,8,8,8,8,8,8,8, # e0 - e7 + 8,8,8,8,8,9,8,8, # e8 - ef + 10,11,11,11,11,11,11,11, # f0 - f7 + 12,13,13,13,14,15,0,0 # f8 - ff +) + +UTF8_ST = ( + MachineState.ERROR,MachineState.START,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR, 12, 10,#00-07 + 9, 11, 8, 7, 6, 5, 4, 3,#08-0f + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#10-17 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#18-1f + MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,#20-27 + MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,MachineState.ITS_ME,#28-2f + MachineState.ERROR,MachineState.ERROR, 5, 5, 5, 5,MachineState.ERROR,MachineState.ERROR,#30-37 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#38-3f + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR, 5, 5, 5,MachineState.ERROR,MachineState.ERROR,#40-47 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#48-4f + MachineState.ERROR,MachineState.ERROR, 7, 7, 7, 7,MachineState.ERROR,MachineState.ERROR,#50-57 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#58-5f + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR, 7, 7,MachineState.ERROR,MachineState.ERROR,#60-67 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#68-6f + MachineState.ERROR,MachineState.ERROR, 9, 9, 9, 9,MachineState.ERROR,MachineState.ERROR,#70-77 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#78-7f + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR, 9,MachineState.ERROR,MachineState.ERROR,#80-87 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#88-8f + MachineState.ERROR,MachineState.ERROR, 12, 12, 12, 12,MachineState.ERROR,MachineState.ERROR,#90-97 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#98-9f + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR, 12,MachineState.ERROR,MachineState.ERROR,#a0-a7 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#a8-af + MachineState.ERROR,MachineState.ERROR, 12, 12, 12,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#b0-b7 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,#b8-bf + MachineState.ERROR,MachineState.ERROR,MachineState.START,MachineState.START,MachineState.START,MachineState.START,MachineState.ERROR,MachineState.ERROR,#c0-c7 + MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR,MachineState.ERROR #c8-cf +) + +UTF8_CHAR_LEN_TABLE = (0, 1, 0, 0, 0, 0, 2, 3, 3, 3, 4, 4, 5, 5, 6, 6) + +UTF8_SM_MODEL = {'class_table': UTF8_CLS, + 'class_factor': 16, + 'state_table': UTF8_ST, + 'char_len_table': UTF8_CHAR_LEN_TABLE, + 'name': 'UTF-8'} diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/metadata/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/metadata/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/metadata/languages.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/metadata/languages.py new file mode 100644 index 000000000..3237d5abf --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/metadata/languages.py @@ -0,0 +1,310 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- +""" +Metadata about languages used by our model training code for our +SingleByteCharSetProbers. Could be used for other things in the future. + +This code is based on the language metadata from the uchardet project. +""" +from __future__ import absolute_import, print_function + +from string import ascii_letters + + +# TODO: Add Ukranian (KOI8-U) + +class Language(object): + """Metadata about a language useful for training models + + :ivar name: The human name for the language, in English. + :type name: str + :ivar iso_code: 2-letter ISO 639-1 if possible, 3-letter ISO code otherwise, + or use another catalog as a last resort. + :type iso_code: str + :ivar use_ascii: Whether or not ASCII letters should be included in trained + models. + :type use_ascii: bool + :ivar charsets: The charsets we want to support and create data for. + :type charsets: list of str + :ivar alphabet: The characters in the language's alphabet. If `use_ascii` is + `True`, you only need to add those not in the ASCII set. + :type alphabet: str + :ivar wiki_start_pages: The Wikipedia pages to start from if we're crawling + Wikipedia for training data. + :type wiki_start_pages: list of str + """ + def __init__(self, name=None, iso_code=None, use_ascii=True, charsets=None, + alphabet=None, wiki_start_pages=None): + super(Language, self).__init__() + self.name = name + self.iso_code = iso_code + self.use_ascii = use_ascii + self.charsets = charsets + if self.use_ascii: + if alphabet: + alphabet += ascii_letters + else: + alphabet = ascii_letters + elif not alphabet: + raise ValueError('Must supply alphabet if use_ascii is False') + self.alphabet = ''.join(sorted(set(alphabet))) if alphabet else None + self.wiki_start_pages = wiki_start_pages + + def __repr__(self): + return '{}({})'.format(self.__class__.__name__, + ', '.join('{}={!r}'.format(k, v) + for k, v in self.__dict__.items() + if not k.startswith('_'))) + + +LANGUAGES = {'Arabic': Language(name='Arabic', + iso_code='ar', + use_ascii=False, + # We only support encodings that use isolated + # forms, because the current recommendation is + # that the rendering system handles presentation + # forms. This means we purposefully skip IBM864. + charsets=['ISO-8859-6', 'WINDOWS-1256', + 'CP720', 'CP864'], + alphabet=u'ءآأؤإئابةتثجحخدذرزسشصضطظعغػؼؽؾؿـفقكلمنهوىيًٌٍَُِّ', + wiki_start_pages=[u'الصفحة_الرئيسية']), + 'Belarusian': Language(name='Belarusian', + iso_code='be', + use_ascii=False, + charsets=['ISO-8859-5', 'WINDOWS-1251', + 'IBM866', 'MacCyrillic'], + alphabet=(u'АБВГДЕЁЖЗІЙКЛМНОПРСТУЎФХЦЧШЫЬЭЮЯ' + u'абвгдеёжзійклмнопрстуўфхцчшыьэюяʼ'), + wiki_start_pages=[u'Галоўная_старонка']), + 'Bulgarian': Language(name='Bulgarian', + iso_code='bg', + use_ascii=False, + charsets=['ISO-8859-5', 'WINDOWS-1251', + 'IBM855'], + alphabet=(u'АБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЬЮЯ' + u'абвгдежзийклмнопрстуфхцчшщъьюя'), + wiki_start_pages=[u'Начална_страница']), + 'Czech': Language(name='Czech', + iso_code='cz', + use_ascii=True, + charsets=['ISO-8859-2', 'WINDOWS-1250'], + alphabet=u'áčďéěíňóřšťúůýžÁČĎÉĚÍŇÓŘŠŤÚŮÝŽ', + wiki_start_pages=[u'Hlavní_strana']), + 'Danish': Language(name='Danish', + iso_code='da', + use_ascii=True, + charsets=['ISO-8859-1', 'ISO-8859-15', + 'WINDOWS-1252'], + alphabet=u'æøåÆØÅ', + wiki_start_pages=[u'Forside']), + 'German': Language(name='German', + iso_code='de', + use_ascii=True, + charsets=['ISO-8859-1', 'WINDOWS-1252'], + alphabet=u'äöüßÄÖÜ', + wiki_start_pages=[u'Wikipedia:Hauptseite']), + 'Greek': Language(name='Greek', + iso_code='el', + use_ascii=False, + charsets=['ISO-8859-7', 'WINDOWS-1253'], + alphabet=(u'αβγδεζηθικλμνξοπρσςτυφχψωάέήίόύώ' + u'ΑΒΓΔΕΖΗΘΙΚΛΜΝΞΟΠΡΣΣΤΥΦΧΨΩΆΈΉΊΌΎΏ'), + wiki_start_pages=[u'Πύλη:Κύρια']), + 'English': Language(name='English', + iso_code='en', + use_ascii=True, + charsets=['ISO-8859-1', 'WINDOWS-1252'], + wiki_start_pages=[u'Main_Page']), + 'Esperanto': Language(name='Esperanto', + iso_code='eo', + # Q, W, X, and Y not used at all + use_ascii=False, + charsets=['ISO-8859-3'], + alphabet=(u'abcĉdefgĝhĥijĵklmnoprsŝtuŭvz' + u'ABCĈDEFGĜHĤIJĴKLMNOPRSŜTUŬVZ'), + wiki_start_pages=[u'Vikipedio:Ĉefpaĝo']), + 'Spanish': Language(name='Spanish', + iso_code='es', + use_ascii=True, + charsets=['ISO-8859-1', 'ISO-8859-15', + 'WINDOWS-1252'], + alphabet=u'ñáéíóúüÑÁÉÍÓÚÜ', + wiki_start_pages=[u'Wikipedia:Portada']), + 'Estonian': Language(name='Estonian', + iso_code='et', + use_ascii=False, + charsets=['ISO-8859-4', 'ISO-8859-13', + 'WINDOWS-1257'], + # C, F, Š, Q, W, X, Y, Z, Ž are only for + # loanwords + alphabet=(u'ABDEGHIJKLMNOPRSTUVÕÄÖÜ' + u'abdeghijklmnoprstuvõäöü'), + wiki_start_pages=[u'Esileht']), + 'Finnish': Language(name='Finnish', + iso_code='fi', + use_ascii=True, + charsets=['ISO-8859-1', 'ISO-8859-15', + 'WINDOWS-1252'], + alphabet=u'ÅÄÖŠŽåäöšž', + wiki_start_pages=[u'Wikipedia:Etusivu']), + 'French': Language(name='French', + iso_code='fr', + use_ascii=True, + charsets=['ISO-8859-1', 'ISO-8859-15', + 'WINDOWS-1252'], + alphabet=u'œàâçèéîïùûêŒÀÂÇÈÉÎÏÙÛÊ', + wiki_start_pages=[u'Wikipédia:Accueil_principal', + u'Bœuf (animal)']), + 'Hebrew': Language(name='Hebrew', + iso_code='he', + use_ascii=False, + charsets=['ISO-8859-8', 'WINDOWS-1255'], + alphabet=u'אבגדהוזחטיךכלםמןנסעףפץצקרשתװױײ', + wiki_start_pages=[u'עמוד_ראשי']), + 'Croatian': Language(name='Croatian', + iso_code='hr', + # Q, W, X, Y are only used for foreign words. + use_ascii=False, + charsets=['ISO-8859-2', 'WINDOWS-1250'], + alphabet=(u'abcčćdđefghijklmnoprsštuvzž' + u'ABCČĆDĐEFGHIJKLMNOPRSŠTUVZŽ'), + wiki_start_pages=[u'Glavna_stranica']), + 'Hungarian': Language(name='Hungarian', + iso_code='hu', + # Q, W, X, Y are only used for foreign words. + use_ascii=False, + charsets=['ISO-8859-2', 'WINDOWS-1250'], + alphabet=(u'abcdefghijklmnoprstuvzáéíóöőúüű' + u'ABCDEFGHIJKLMNOPRSTUVZÁÉÍÓÖŐÚÜŰ'), + wiki_start_pages=[u'Kezdőlap']), + 'Italian': Language(name='Italian', + iso_code='it', + use_ascii=True, + charsets=['ISO-8859-1', 'ISO-8859-15', + 'WINDOWS-1252'], + alphabet=u'ÀÈÉÌÒÓÙàèéìòóù', + wiki_start_pages=[u'Pagina_principale']), + 'Lithuanian': Language(name='Lithuanian', + iso_code='lt', + use_ascii=False, + charsets=['ISO-8859-13', 'WINDOWS-1257', + 'ISO-8859-4'], + # Q, W, and X not used at all + alphabet=(u'AĄBCČDEĘĖFGHIĮYJKLMNOPRSŠTUŲŪVZŽ' + u'aąbcčdeęėfghiįyjklmnoprsštuųūvzž'), + wiki_start_pages=[u'Pagrindinis_puslapis']), + 'Latvian': Language(name='Latvian', + iso_code='lv', + use_ascii=False, + charsets=['ISO-8859-13', 'WINDOWS-1257', + 'ISO-8859-4'], + # Q, W, X, Y are only for loanwords + alphabet=(u'AĀBCČDEĒFGĢHIĪJKĶLĻMNŅOPRSŠTUŪVZŽ' + u'aābcčdeēfgģhiījkķlļmnņoprsštuūvzž'), + wiki_start_pages=[u'Sākumlapa']), + 'Macedonian': Language(name='Macedonian', + iso_code='mk', + use_ascii=False, + charsets=['ISO-8859-5', 'WINDOWS-1251', + 'MacCyrillic', 'IBM855'], + alphabet=(u'АБВГДЃЕЖЗЅИЈКЛЉМНЊОПРСТЌУФХЦЧЏШ' + u'абвгдѓежзѕијклљмнњопрстќуфхцчџш'), + wiki_start_pages=[u'Главна_страница']), + 'Dutch': Language(name='Dutch', + iso_code='nl', + use_ascii=True, + charsets=['ISO-8859-1', 'WINDOWS-1252'], + wiki_start_pages=[u'Hoofdpagina']), + 'Polish': Language(name='Polish', + iso_code='pl', + # Q and X are only used for foreign words. + use_ascii=False, + charsets=['ISO-8859-2', 'WINDOWS-1250'], + alphabet=(u'AĄBCĆDEĘFGHIJKLŁMNŃOÓPRSŚTUWYZŹŻ' + u'aąbcćdeęfghijklłmnńoóprsśtuwyzźż'), + wiki_start_pages=[u'Wikipedia:Strona_główna']), + 'Portuguese': Language(name='Portuguese', + iso_code='pt', + use_ascii=True, + charsets=['ISO-8859-1', 'ISO-8859-15', + 'WINDOWS-1252'], + alphabet=u'ÁÂÃÀÇÉÊÍÓÔÕÚáâãàçéêíóôõú', + wiki_start_pages=[u'Wikipédia:Página_principal']), + 'Romanian': Language(name='Romanian', + iso_code='ro', + use_ascii=True, + charsets=['ISO-8859-2', 'WINDOWS-1250'], + alphabet=u'ăâîșțĂÂÎȘȚ', + wiki_start_pages=[u'Pagina_principală']), + 'Russian': Language(name='Russian', + iso_code='ru', + use_ascii=False, + charsets=['ISO-8859-5', 'WINDOWS-1251', + 'KOI8-R', 'MacCyrillic', 'IBM866', + 'IBM855'], + alphabet=(u'абвгдеёжзийклмнопрстуфхцчшщъыьэюя' + u'АБВГДЕЁЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫЬЭЮЯ'), + wiki_start_pages=[u'Заглавная_страница']), + 'Slovak': Language(name='Slovak', + iso_code='sk', + use_ascii=True, + charsets=['ISO-8859-2', 'WINDOWS-1250'], + alphabet=u'áäčďéíĺľňóôŕšťúýžÁÄČĎÉÍĹĽŇÓÔŔŠŤÚÝŽ', + wiki_start_pages=[u'Hlavná_stránka']), + 'Slovene': Language(name='Slovene', + iso_code='sl', + # Q, W, X, Y are only used for foreign words. + use_ascii=False, + charsets=['ISO-8859-2', 'WINDOWS-1250'], + alphabet=(u'abcčdefghijklmnoprsštuvzž' + u'ABCČDEFGHIJKLMNOPRSŠTUVZŽ'), + wiki_start_pages=[u'Glavna_stran']), + # Serbian can be written in both Latin and Cyrillic, but there's no + # simple way to get the Latin alphabet pages from Wikipedia through + # the API, so for now we just support Cyrillic. + 'Serbian': Language(name='Serbian', + iso_code='sr', + alphabet=(u'АБВГДЂЕЖЗИЈКЛЉМНЊОПРСТЋУФХЦЧЏШ' + u'абвгдђежзијклљмнњопрстћуфхцчџш'), + charsets=['ISO-8859-5', 'WINDOWS-1251', + 'MacCyrillic', 'IBM855'], + wiki_start_pages=[u'Главна_страна']), + 'Thai': Language(name='Thai', + iso_code='th', + use_ascii=False, + charsets=['ISO-8859-11', 'TIS-620', 'CP874'], + alphabet=u'กขฃคฅฆงจฉชซฌญฎฏฐฑฒณดตถทธนบปผฝพฟภมยรฤลฦวศษสหฬอฮฯะัาำิีึืฺุู฿เแโใไๅๆ็่้๊๋์ํ๎๏๐๑๒๓๔๕๖๗๘๙๚๛', + wiki_start_pages=[u'หน้าหลัก']), + 'Turkish': Language(name='Turkish', + iso_code='tr', + # Q, W, and X are not used by Turkish + use_ascii=False, + charsets=['ISO-8859-3', 'ISO-8859-9', + 'WINDOWS-1254'], + alphabet=(u'abcçdefgğhıijklmnoöprsştuüvyzâîû' + u'ABCÇDEFGĞHIİJKLMNOÖPRSŞTUÜVYZÂÎÛ'), + wiki_start_pages=[u'Ana_Sayfa']), + 'Vietnamese': Language(name='Vietnamese', + iso_code='vi', + use_ascii=False, + # Windows-1258 is the only common 8-bit + # Vietnamese encoding supported by Python. + # From Wikipedia: + # For systems that lack support for Unicode, + # dozens of 8-bit Vietnamese code pages are + # available.[1] The most common are VISCII + # (TCVN 5712:1993), VPS, and Windows-1258.[3] + # Where ASCII is required, such as when + # ensuring readability in plain text e-mail, + # Vietnamese letters are often encoded + # according to Vietnamese Quoted-Readable + # (VIQR) or VSCII Mnemonic (VSCII-MNEM),[4] + # though usage of either variable-width + # scheme has declined dramatically following + # the adoption of Unicode on the World Wide + # Web. + charsets=['WINDOWS-1258'], + alphabet=(u'aăâbcdđeêghiklmnoôơpqrstuưvxy' + u'AĂÂBCDĐEÊGHIKLMNOÔƠPQRSTUƯVXY'), + wiki_start_pages=[u'Chữ_Quốc_ngữ']), + } diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sbcharsetprober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sbcharsetprober.py new file mode 100644 index 000000000..46ba835c6 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sbcharsetprober.py @@ -0,0 +1,145 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Universal charset detector code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 2001 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# Shy Shalom - original C code +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from collections import namedtuple + +from .charsetprober import CharSetProber +from .enums import CharacterCategory, ProbingState, SequenceLikelihood + + +SingleByteCharSetModel = namedtuple('SingleByteCharSetModel', + ['charset_name', + 'language', + 'char_to_order_map', + 'language_model', + 'typical_positive_ratio', + 'keep_ascii_letters', + 'alphabet']) + + +class SingleByteCharSetProber(CharSetProber): + SAMPLE_SIZE = 64 + SB_ENOUGH_REL_THRESHOLD = 1024 # 0.25 * SAMPLE_SIZE^2 + POSITIVE_SHORTCUT_THRESHOLD = 0.95 + NEGATIVE_SHORTCUT_THRESHOLD = 0.05 + + def __init__(self, model, reversed=False, name_prober=None): + super(SingleByteCharSetProber, self).__init__() + self._model = model + # TRUE if we need to reverse every pair in the model lookup + self._reversed = reversed + # Optional auxiliary prober for name decision + self._name_prober = name_prober + self._last_order = None + self._seq_counters = None + self._total_seqs = None + self._total_char = None + self._freq_char = None + self.reset() + + def reset(self): + super(SingleByteCharSetProber, self).reset() + # char order of last character + self._last_order = 255 + self._seq_counters = [0] * SequenceLikelihood.get_num_categories() + self._total_seqs = 0 + self._total_char = 0 + # characters that fall in our sampling range + self._freq_char = 0 + + @property + def charset_name(self): + if self._name_prober: + return self._name_prober.charset_name + else: + return self._model.charset_name + + @property + def language(self): + if self._name_prober: + return self._name_prober.language + else: + return self._model.language + + def feed(self, byte_str): + # TODO: Make filter_international_words keep things in self.alphabet + if not self._model.keep_ascii_letters: + byte_str = self.filter_international_words(byte_str) + if not byte_str: + return self.state + char_to_order_map = self._model.char_to_order_map + language_model = self._model.language_model + for char in byte_str: + order = char_to_order_map.get(char, CharacterCategory.UNDEFINED) + # XXX: This was SYMBOL_CAT_ORDER before, with a value of 250, but + # CharacterCategory.SYMBOL is actually 253, so we use CONTROL + # to make it closer to the original intent. The only difference + # is whether or not we count digits and control characters for + # _total_char purposes. + if order < CharacterCategory.CONTROL: + self._total_char += 1 + # TODO: Follow uchardet's lead and discount confidence for frequent + # control characters. + # See https://github.com/BYVoid/uchardet/commit/55b4f23971db61 + if order < self.SAMPLE_SIZE: + self._freq_char += 1 + if self._last_order < self.SAMPLE_SIZE: + self._total_seqs += 1 + if not self._reversed: + lm_cat = language_model[self._last_order][order] + else: + lm_cat = language_model[order][self._last_order] + self._seq_counters[lm_cat] += 1 + self._last_order = order + + charset_name = self._model.charset_name + if self.state == ProbingState.DETECTING: + if self._total_seqs > self.SB_ENOUGH_REL_THRESHOLD: + confidence = self.get_confidence() + if confidence > self.POSITIVE_SHORTCUT_THRESHOLD: + self.logger.debug('%s confidence = %s, we have a winner', + charset_name, confidence) + self._state = ProbingState.FOUND_IT + elif confidence < self.NEGATIVE_SHORTCUT_THRESHOLD: + self.logger.debug('%s confidence = %s, below negative ' + 'shortcut threshhold %s', charset_name, + confidence, + self.NEGATIVE_SHORTCUT_THRESHOLD) + self._state = ProbingState.NOT_ME + + return self.state + + def get_confidence(self): + r = 0.01 + if self._total_seqs > 0: + r = ((1.0 * self._seq_counters[SequenceLikelihood.POSITIVE]) / + self._total_seqs / self._model.typical_positive_ratio) + r = r * self._freq_char / self._total_char + if r >= 1.0: + r = 0.99 + return r diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sbcsgroupprober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sbcsgroupprober.py new file mode 100644 index 000000000..bdeef4e15 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sbcsgroupprober.py @@ -0,0 +1,83 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Universal charset detector code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 2001 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# Shy Shalom - original C code +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .charsetgroupprober import CharSetGroupProber +from .hebrewprober import HebrewProber +from .langbulgarianmodel import (ISO_8859_5_BULGARIAN_MODEL, + WINDOWS_1251_BULGARIAN_MODEL) +from .langgreekmodel import ISO_8859_7_GREEK_MODEL, WINDOWS_1253_GREEK_MODEL +from .langhebrewmodel import WINDOWS_1255_HEBREW_MODEL +# from .langhungarianmodel import (ISO_8859_2_HUNGARIAN_MODEL, +# WINDOWS_1250_HUNGARIAN_MODEL) +from .langrussianmodel import (IBM855_RUSSIAN_MODEL, IBM866_RUSSIAN_MODEL, + ISO_8859_5_RUSSIAN_MODEL, KOI8_R_RUSSIAN_MODEL, + MACCYRILLIC_RUSSIAN_MODEL, + WINDOWS_1251_RUSSIAN_MODEL) +from .langthaimodel import TIS_620_THAI_MODEL +from .langturkishmodel import ISO_8859_9_TURKISH_MODEL +from .sbcharsetprober import SingleByteCharSetProber + + +class SBCSGroupProber(CharSetGroupProber): + def __init__(self): + super(SBCSGroupProber, self).__init__() + hebrew_prober = HebrewProber() + logical_hebrew_prober = SingleByteCharSetProber(WINDOWS_1255_HEBREW_MODEL, + False, hebrew_prober) + # TODO: See if using ISO-8859-8 Hebrew model works better here, since + # it's actually the visual one + visual_hebrew_prober = SingleByteCharSetProber(WINDOWS_1255_HEBREW_MODEL, + True, hebrew_prober) + hebrew_prober.set_model_probers(logical_hebrew_prober, + visual_hebrew_prober) + # TODO: ORDER MATTERS HERE. I changed the order vs what was in master + # and several tests failed that did not before. Some thought + # should be put into the ordering, and we should consider making + # order not matter here, because that is very counter-intuitive. + self.probers = [ + SingleByteCharSetProber(WINDOWS_1251_RUSSIAN_MODEL), + SingleByteCharSetProber(KOI8_R_RUSSIAN_MODEL), + SingleByteCharSetProber(ISO_8859_5_RUSSIAN_MODEL), + SingleByteCharSetProber(MACCYRILLIC_RUSSIAN_MODEL), + SingleByteCharSetProber(IBM866_RUSSIAN_MODEL), + SingleByteCharSetProber(IBM855_RUSSIAN_MODEL), + SingleByteCharSetProber(ISO_8859_7_GREEK_MODEL), + SingleByteCharSetProber(WINDOWS_1253_GREEK_MODEL), + SingleByteCharSetProber(ISO_8859_5_BULGARIAN_MODEL), + SingleByteCharSetProber(WINDOWS_1251_BULGARIAN_MODEL), + # TODO: Restore Hungarian encodings (iso-8859-2 and windows-1250) + # after we retrain model. + # SingleByteCharSetProber(ISO_8859_2_HUNGARIAN_MODEL), + # SingleByteCharSetProber(WINDOWS_1250_HUNGARIAN_MODEL), + SingleByteCharSetProber(TIS_620_THAI_MODEL), + SingleByteCharSetProber(ISO_8859_9_TURKISH_MODEL), + hebrew_prober, + logical_hebrew_prober, + visual_hebrew_prober, + ] + self.reset() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sjisprober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sjisprober.py new file mode 100644 index 000000000..9e29623bd --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/sjisprober.py @@ -0,0 +1,92 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is mozilla.org code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .mbcharsetprober import MultiByteCharSetProber +from .codingstatemachine import CodingStateMachine +from .chardistribution import SJISDistributionAnalysis +from .jpcntx import SJISContextAnalysis +from .mbcssm import SJIS_SM_MODEL +from .enums import ProbingState, MachineState + + +class SJISProber(MultiByteCharSetProber): + def __init__(self): + super(SJISProber, self).__init__() + self.coding_sm = CodingStateMachine(SJIS_SM_MODEL) + self.distribution_analyzer = SJISDistributionAnalysis() + self.context_analyzer = SJISContextAnalysis() + self.reset() + + def reset(self): + super(SJISProber, self).reset() + self.context_analyzer.reset() + + @property + def charset_name(self): + return self.context_analyzer.charset_name + + @property + def language(self): + return "Japanese" + + def feed(self, byte_str): + for i in range(len(byte_str)): + coding_state = self.coding_sm.next_state(byte_str[i]) + if coding_state == MachineState.ERROR: + self.logger.debug('%s %s prober hit error at byte %s', + self.charset_name, self.language, i) + self._state = ProbingState.NOT_ME + break + elif coding_state == MachineState.ITS_ME: + self._state = ProbingState.FOUND_IT + break + elif coding_state == MachineState.START: + char_len = self.coding_sm.get_current_charlen() + if i == 0: + self._last_char[1] = byte_str[0] + self.context_analyzer.feed(self._last_char[2 - char_len:], + char_len) + self.distribution_analyzer.feed(self._last_char, char_len) + else: + self.context_analyzer.feed(byte_str[i + 1 - char_len:i + 3 + - char_len], char_len) + self.distribution_analyzer.feed(byte_str[i - 1:i + 1], + char_len) + + self._last_char[0] = byte_str[-1] + + if self.state == ProbingState.DETECTING: + if (self.context_analyzer.got_enough_data() and + (self.get_confidence() > self.SHORTCUT_THRESHOLD)): + self._state = ProbingState.FOUND_IT + + return self.state + + def get_confidence(self): + context_conf = self.context_analyzer.get_confidence() + distrib_conf = self.distribution_analyzer.get_confidence() + return max(context_conf, distrib_conf) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/universaldetector.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/universaldetector.py new file mode 100644 index 000000000..055a8ac1b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/universaldetector.py @@ -0,0 +1,286 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is Mozilla Universal charset detector code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 2001 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# Shy Shalom - original C code +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### +""" +Module containing the UniversalDetector detector class, which is the primary +class a user of ``chardet`` should use. + +:author: Mark Pilgrim (initial port to Python) +:author: Shy Shalom (original C code) +:author: Dan Blanchard (major refactoring for 3.0) +:author: Ian Cordasco +""" + + +import codecs +import logging +import re + +from .charsetgroupprober import CharSetGroupProber +from .enums import InputState, LanguageFilter, ProbingState +from .escprober import EscCharSetProber +from .latin1prober import Latin1Prober +from .mbcsgroupprober import MBCSGroupProber +from .sbcsgroupprober import SBCSGroupProber + + +class UniversalDetector(object): + """ + The ``UniversalDetector`` class underlies the ``chardet.detect`` function + and coordinates all of the different charset probers. + + To get a ``dict`` containing an encoding and its confidence, you can simply + run: + + .. code:: + + u = UniversalDetector() + u.feed(some_bytes) + u.close() + detected = u.result + + """ + + MINIMUM_THRESHOLD = 0.20 + HIGH_BYTE_DETECTOR = re.compile(b'[\x80-\xFF]') + ESC_DETECTOR = re.compile(b'(\033|~{)') + WIN_BYTE_DETECTOR = re.compile(b'[\x80-\x9F]') + ISO_WIN_MAP = {'iso-8859-1': 'Windows-1252', + 'iso-8859-2': 'Windows-1250', + 'iso-8859-5': 'Windows-1251', + 'iso-8859-6': 'Windows-1256', + 'iso-8859-7': 'Windows-1253', + 'iso-8859-8': 'Windows-1255', + 'iso-8859-9': 'Windows-1254', + 'iso-8859-13': 'Windows-1257'} + + def __init__(self, lang_filter=LanguageFilter.ALL): + self._esc_charset_prober = None + self._charset_probers = [] + self.result = None + self.done = None + self._got_data = None + self._input_state = None + self._last_char = None + self.lang_filter = lang_filter + self.logger = logging.getLogger(__name__) + self._has_win_bytes = None + self.reset() + + def reset(self): + """ + Reset the UniversalDetector and all of its probers back to their + initial states. This is called by ``__init__``, so you only need to + call this directly in between analyses of different documents. + """ + self.result = {'encoding': None, 'confidence': 0.0, 'language': None} + self.done = False + self._got_data = False + self._has_win_bytes = False + self._input_state = InputState.PURE_ASCII + self._last_char = b'' + if self._esc_charset_prober: + self._esc_charset_prober.reset() + for prober in self._charset_probers: + prober.reset() + + def feed(self, byte_str): + """ + Takes a chunk of a document and feeds it through all of the relevant + charset probers. + + After calling ``feed``, you can check the value of the ``done`` + attribute to see if you need to continue feeding the + ``UniversalDetector`` more data, or if it has made a prediction + (in the ``result`` attribute). + + .. note:: + You should always call ``close`` when you're done feeding in your + document if ``done`` is not already ``True``. + """ + if self.done: + return + + if not len(byte_str): + return + + if not isinstance(byte_str, bytearray): + byte_str = bytearray(byte_str) + + # First check for known BOMs, since these are guaranteed to be correct + if not self._got_data: + # If the data starts with BOM, we know it is UTF + if byte_str.startswith(codecs.BOM_UTF8): + # EF BB BF UTF-8 with BOM + self.result = {'encoding': "UTF-8-SIG", + 'confidence': 1.0, + 'language': ''} + elif byte_str.startswith((codecs.BOM_UTF32_LE, + codecs.BOM_UTF32_BE)): + # FF FE 00 00 UTF-32, little-endian BOM + # 00 00 FE FF UTF-32, big-endian BOM + self.result = {'encoding': "UTF-32", + 'confidence': 1.0, + 'language': ''} + elif byte_str.startswith(b'\xFE\xFF\x00\x00'): + # FE FF 00 00 UCS-4, unusual octet order BOM (3412) + self.result = {'encoding': "X-ISO-10646-UCS-4-3412", + 'confidence': 1.0, + 'language': ''} + elif byte_str.startswith(b'\x00\x00\xFF\xFE'): + # 00 00 FF FE UCS-4, unusual octet order BOM (2143) + self.result = {'encoding': "X-ISO-10646-UCS-4-2143", + 'confidence': 1.0, + 'language': ''} + elif byte_str.startswith((codecs.BOM_LE, codecs.BOM_BE)): + # FF FE UTF-16, little endian BOM + # FE FF UTF-16, big endian BOM + self.result = {'encoding': "UTF-16", + 'confidence': 1.0, + 'language': ''} + + self._got_data = True + if self.result['encoding'] is not None: + self.done = True + return + + # If none of those matched and we've only see ASCII so far, check + # for high bytes and escape sequences + if self._input_state == InputState.PURE_ASCII: + if self.HIGH_BYTE_DETECTOR.search(byte_str): + self._input_state = InputState.HIGH_BYTE + elif self._input_state == InputState.PURE_ASCII and \ + self.ESC_DETECTOR.search(self._last_char + byte_str): + self._input_state = InputState.ESC_ASCII + + self._last_char = byte_str[-1:] + + # If we've seen escape sequences, use the EscCharSetProber, which + # uses a simple state machine to check for known escape sequences in + # HZ and ISO-2022 encodings, since those are the only encodings that + # use such sequences. + if self._input_state == InputState.ESC_ASCII: + if not self._esc_charset_prober: + self._esc_charset_prober = EscCharSetProber(self.lang_filter) + if self._esc_charset_prober.feed(byte_str) == ProbingState.FOUND_IT: + self.result = {'encoding': + self._esc_charset_prober.charset_name, + 'confidence': + self._esc_charset_prober.get_confidence(), + 'language': + self._esc_charset_prober.language} + self.done = True + # If we've seen high bytes (i.e., those with values greater than 127), + # we need to do more complicated checks using all our multi-byte and + # single-byte probers that are left. The single-byte probers + # use character bigram distributions to determine the encoding, whereas + # the multi-byte probers use a combination of character unigram and + # bigram distributions. + elif self._input_state == InputState.HIGH_BYTE: + if not self._charset_probers: + self._charset_probers = [MBCSGroupProber(self.lang_filter)] + # If we're checking non-CJK encodings, use single-byte prober + if self.lang_filter & LanguageFilter.NON_CJK: + self._charset_probers.append(SBCSGroupProber()) + self._charset_probers.append(Latin1Prober()) + for prober in self._charset_probers: + if prober.feed(byte_str) == ProbingState.FOUND_IT: + self.result = {'encoding': prober.charset_name, + 'confidence': prober.get_confidence(), + 'language': prober.language} + self.done = True + break + if self.WIN_BYTE_DETECTOR.search(byte_str): + self._has_win_bytes = True + + def close(self): + """ + Stop analyzing the current document and come up with a final + prediction. + + :returns: The ``result`` attribute, a ``dict`` with the keys + `encoding`, `confidence`, and `language`. + """ + # Don't bother with checks if we're already done + if self.done: + return self.result + self.done = True + + if not self._got_data: + self.logger.debug('no data received!') + + # Default to ASCII if it is all we've seen so far + elif self._input_state == InputState.PURE_ASCII: + self.result = {'encoding': 'ascii', + 'confidence': 1.0, + 'language': ''} + + # If we have seen non-ASCII, return the best that met MINIMUM_THRESHOLD + elif self._input_state == InputState.HIGH_BYTE: + prober_confidence = None + max_prober_confidence = 0.0 + max_prober = None + for prober in self._charset_probers: + if not prober: + continue + prober_confidence = prober.get_confidence() + if prober_confidence > max_prober_confidence: + max_prober_confidence = prober_confidence + max_prober = prober + if max_prober and (max_prober_confidence > self.MINIMUM_THRESHOLD): + charset_name = max_prober.charset_name + lower_charset_name = max_prober.charset_name.lower() + confidence = max_prober.get_confidence() + # Use Windows encoding name instead of ISO-8859 if we saw any + # extra Windows-specific bytes + if lower_charset_name.startswith('iso-8859'): + if self._has_win_bytes: + charset_name = self.ISO_WIN_MAP.get(lower_charset_name, + charset_name) + self.result = {'encoding': charset_name, + 'confidence': confidence, + 'language': max_prober.language} + + # Log all prober confidences if none met MINIMUM_THRESHOLD + if self.logger.getEffectiveLevel() <= logging.DEBUG: + if self.result['encoding'] is None: + self.logger.debug('no probers hit minimum threshold') + for group_prober in self._charset_probers: + if not group_prober: + continue + if isinstance(group_prober, CharSetGroupProber): + for prober in group_prober.probers: + self.logger.debug('%s %s confidence = %s', + prober.charset_name, + prober.language, + prober.get_confidence()) + else: + self.logger.debug('%s %s confidence = %s', + group_prober.charset_name, + group_prober.language, + group_prober.get_confidence()) + return self.result diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/utf8prober.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/utf8prober.py new file mode 100644 index 000000000..6c3196cc2 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/utf8prober.py @@ -0,0 +1,82 @@ +######################## BEGIN LICENSE BLOCK ######################## +# The Original Code is mozilla.org code. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1998 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Mark Pilgrim - port to Python +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA +######################### END LICENSE BLOCK ######################### + +from .charsetprober import CharSetProber +from .enums import ProbingState, MachineState +from .codingstatemachine import CodingStateMachine +from .mbcssm import UTF8_SM_MODEL + + + +class UTF8Prober(CharSetProber): + ONE_CHAR_PROB = 0.5 + + def __init__(self): + super(UTF8Prober, self).__init__() + self.coding_sm = CodingStateMachine(UTF8_SM_MODEL) + self._num_mb_chars = None + self.reset() + + def reset(self): + super(UTF8Prober, self).reset() + self.coding_sm.reset() + self._num_mb_chars = 0 + + @property + def charset_name(self): + return "utf-8" + + @property + def language(self): + return "" + + def feed(self, byte_str): + for c in byte_str: + coding_state = self.coding_sm.next_state(c) + if coding_state == MachineState.ERROR: + self._state = ProbingState.NOT_ME + break + elif coding_state == MachineState.ITS_ME: + self._state = ProbingState.FOUND_IT + break + elif coding_state == MachineState.START: + if self.coding_sm.get_current_charlen() >= 2: + self._num_mb_chars += 1 + + if self.state == ProbingState.DETECTING: + if self.get_confidence() > self.SHORTCUT_THRESHOLD: + self._state = ProbingState.FOUND_IT + + return self.state + + def get_confidence(self): + unlike = 0.99 + if self._num_mb_chars < 6: + unlike *= self.ONE_CHAR_PROB ** self._num_mb_chars + return 1.0 - unlike + else: + return unlike diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/version.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/version.py new file mode 100644 index 000000000..70369b9d6 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/chardet/version.py @@ -0,0 +1,9 @@ +""" +This module exists only to simplify retrieving the version number of chardet +from within setup.py and from chardet subpackages. + +:author: Dan Blanchard (dan.blanchard@gmail.com) +""" + +__version__ = "4.0.0" +VERSION = __version__.split('.') diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/__init__.py new file mode 100644 index 000000000..b149ed79b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/__init__.py @@ -0,0 +1,6 @@ +# Copyright Jonathan Hartley 2013. BSD 3-Clause license, see LICENSE file. +from .initialise import init, deinit, reinit, colorama_text +from .ansi import Fore, Back, Style, Cursor +from .ansitowin32 import AnsiToWin32 + +__version__ = '0.4.4' diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/ansi.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/ansi.py new file mode 100644 index 000000000..11ec695ff --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/ansi.py @@ -0,0 +1,102 @@ +# Copyright Jonathan Hartley 2013. BSD 3-Clause license, see LICENSE file. +''' +This module generates ANSI character codes to printing colors to terminals. +See: http://en.wikipedia.org/wiki/ANSI_escape_code +''' + +CSI = '\033[' +OSC = '\033]' +BEL = '\a' + + +def code_to_chars(code): + return CSI + str(code) + 'm' + +def set_title(title): + return OSC + '2;' + title + BEL + +def clear_screen(mode=2): + return CSI + str(mode) + 'J' + +def clear_line(mode=2): + return CSI + str(mode) + 'K' + + +class AnsiCodes(object): + def __init__(self): + # the subclasses declare class attributes which are numbers. + # Upon instantiation we define instance attributes, which are the same + # as the class attributes but wrapped with the ANSI escape sequence + for name in dir(self): + if not name.startswith('_'): + value = getattr(self, name) + setattr(self, name, code_to_chars(value)) + + +class AnsiCursor(object): + def UP(self, n=1): + return CSI + str(n) + 'A' + def DOWN(self, n=1): + return CSI + str(n) + 'B' + def FORWARD(self, n=1): + return CSI + str(n) + 'C' + def BACK(self, n=1): + return CSI + str(n) + 'D' + def POS(self, x=1, y=1): + return CSI + str(y) + ';' + str(x) + 'H' + + +class AnsiFore(AnsiCodes): + BLACK = 30 + RED = 31 + GREEN = 32 + YELLOW = 33 + BLUE = 34 + MAGENTA = 35 + CYAN = 36 + WHITE = 37 + RESET = 39 + + # These are fairly well supported, but not part of the standard. + LIGHTBLACK_EX = 90 + LIGHTRED_EX = 91 + LIGHTGREEN_EX = 92 + LIGHTYELLOW_EX = 93 + LIGHTBLUE_EX = 94 + LIGHTMAGENTA_EX = 95 + LIGHTCYAN_EX = 96 + LIGHTWHITE_EX = 97 + + +class AnsiBack(AnsiCodes): + BLACK = 40 + RED = 41 + GREEN = 42 + YELLOW = 43 + BLUE = 44 + MAGENTA = 45 + CYAN = 46 + WHITE = 47 + RESET = 49 + + # These are fairly well supported, but not part of the standard. + LIGHTBLACK_EX = 100 + LIGHTRED_EX = 101 + LIGHTGREEN_EX = 102 + LIGHTYELLOW_EX = 103 + LIGHTBLUE_EX = 104 + LIGHTMAGENTA_EX = 105 + LIGHTCYAN_EX = 106 + LIGHTWHITE_EX = 107 + + +class AnsiStyle(AnsiCodes): + BRIGHT = 1 + DIM = 2 + NORMAL = 22 + RESET_ALL = 0 + +Fore = AnsiFore() +Back = AnsiBack() +Style = AnsiStyle() +Cursor = AnsiCursor() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/ansitowin32.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/ansitowin32.py new file mode 100644 index 000000000..6039a0543 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/ansitowin32.py @@ -0,0 +1,258 @@ +# Copyright Jonathan Hartley 2013. BSD 3-Clause license, see LICENSE file. +import re +import sys +import os + +from .ansi import AnsiFore, AnsiBack, AnsiStyle, Style, BEL +from .winterm import WinTerm, WinColor, WinStyle +from .win32 import windll, winapi_test + + +winterm = None +if windll is not None: + winterm = WinTerm() + + +class StreamWrapper(object): + ''' + Wraps a stream (such as stdout), acting as a transparent proxy for all + attribute access apart from method 'write()', which is delegated to our + Converter instance. + ''' + def __init__(self, wrapped, converter): + # double-underscore everything to prevent clashes with names of + # attributes on the wrapped stream object. + self.__wrapped = wrapped + self.__convertor = converter + + def __getattr__(self, name): + return getattr(self.__wrapped, name) + + def __enter__(self, *args, **kwargs): + # special method lookup bypasses __getattr__/__getattribute__, see + # https://stackoverflow.com/questions/12632894/why-doesnt-getattr-work-with-exit + # thus, contextlib magic methods are not proxied via __getattr__ + return self.__wrapped.__enter__(*args, **kwargs) + + def __exit__(self, *args, **kwargs): + return self.__wrapped.__exit__(*args, **kwargs) + + def write(self, text): + self.__convertor.write(text) + + def isatty(self): + stream = self.__wrapped + if 'PYCHARM_HOSTED' in os.environ: + if stream is not None and (stream is sys.__stdout__ or stream is sys.__stderr__): + return True + try: + stream_isatty = stream.isatty + except AttributeError: + return False + else: + return stream_isatty() + + @property + def closed(self): + stream = self.__wrapped + try: + return stream.closed + except AttributeError: + return True + + +class AnsiToWin32(object): + ''' + Implements a 'write()' method which, on Windows, will strip ANSI character + sequences from the text, and if outputting to a tty, will convert them into + win32 function calls. + ''' + ANSI_CSI_RE = re.compile('\001?\033\\[((?:\\d|;)*)([a-zA-Z])\002?') # Control Sequence Introducer + ANSI_OSC_RE = re.compile('\001?\033\\]([^\a]*)(\a)\002?') # Operating System Command + + def __init__(self, wrapped, convert=None, strip=None, autoreset=False): + # The wrapped stream (normally sys.stdout or sys.stderr) + self.wrapped = wrapped + + # should we reset colors to defaults after every .write() + self.autoreset = autoreset + + # create the proxy wrapping our output stream + self.stream = StreamWrapper(wrapped, self) + + on_windows = os.name == 'nt' + # We test if the WinAPI works, because even if we are on Windows + # we may be using a terminal that doesn't support the WinAPI + # (e.g. Cygwin Terminal). In this case it's up to the terminal + # to support the ANSI codes. + conversion_supported = on_windows and winapi_test() + + # should we strip ANSI sequences from our output? + if strip is None: + strip = conversion_supported or (not self.stream.closed and not self.stream.isatty()) + self.strip = strip + + # should we should convert ANSI sequences into win32 calls? + if convert is None: + convert = conversion_supported and not self.stream.closed and self.stream.isatty() + self.convert = convert + + # dict of ansi codes to win32 functions and parameters + self.win32_calls = self.get_win32_calls() + + # are we wrapping stderr? + self.on_stderr = self.wrapped is sys.stderr + + def should_wrap(self): + ''' + True if this class is actually needed. If false, then the output + stream will not be affected, nor will win32 calls be issued, so + wrapping stdout is not actually required. This will generally be + False on non-Windows platforms, unless optional functionality like + autoreset has been requested using kwargs to init() + ''' + return self.convert or self.strip or self.autoreset + + def get_win32_calls(self): + if self.convert and winterm: + return { + AnsiStyle.RESET_ALL: (winterm.reset_all, ), + AnsiStyle.BRIGHT: (winterm.style, WinStyle.BRIGHT), + AnsiStyle.DIM: (winterm.style, WinStyle.NORMAL), + AnsiStyle.NORMAL: (winterm.style, WinStyle.NORMAL), + AnsiFore.BLACK: (winterm.fore, WinColor.BLACK), + AnsiFore.RED: (winterm.fore, WinColor.RED), + AnsiFore.GREEN: (winterm.fore, WinColor.GREEN), + AnsiFore.YELLOW: (winterm.fore, WinColor.YELLOW), + AnsiFore.BLUE: (winterm.fore, WinColor.BLUE), + AnsiFore.MAGENTA: (winterm.fore, WinColor.MAGENTA), + AnsiFore.CYAN: (winterm.fore, WinColor.CYAN), + AnsiFore.WHITE: (winterm.fore, WinColor.GREY), + AnsiFore.RESET: (winterm.fore, ), + AnsiFore.LIGHTBLACK_EX: (winterm.fore, WinColor.BLACK, True), + AnsiFore.LIGHTRED_EX: (winterm.fore, WinColor.RED, True), + AnsiFore.LIGHTGREEN_EX: (winterm.fore, WinColor.GREEN, True), + AnsiFore.LIGHTYELLOW_EX: (winterm.fore, WinColor.YELLOW, True), + AnsiFore.LIGHTBLUE_EX: (winterm.fore, WinColor.BLUE, True), + AnsiFore.LIGHTMAGENTA_EX: (winterm.fore, WinColor.MAGENTA, True), + AnsiFore.LIGHTCYAN_EX: (winterm.fore, WinColor.CYAN, True), + AnsiFore.LIGHTWHITE_EX: (winterm.fore, WinColor.GREY, True), + AnsiBack.BLACK: (winterm.back, WinColor.BLACK), + AnsiBack.RED: (winterm.back, WinColor.RED), + AnsiBack.GREEN: (winterm.back, WinColor.GREEN), + AnsiBack.YELLOW: (winterm.back, WinColor.YELLOW), + AnsiBack.BLUE: (winterm.back, WinColor.BLUE), + AnsiBack.MAGENTA: (winterm.back, WinColor.MAGENTA), + AnsiBack.CYAN: (winterm.back, WinColor.CYAN), + AnsiBack.WHITE: (winterm.back, WinColor.GREY), + AnsiBack.RESET: (winterm.back, ), + AnsiBack.LIGHTBLACK_EX: (winterm.back, WinColor.BLACK, True), + AnsiBack.LIGHTRED_EX: (winterm.back, WinColor.RED, True), + AnsiBack.LIGHTGREEN_EX: (winterm.back, WinColor.GREEN, True), + AnsiBack.LIGHTYELLOW_EX: (winterm.back, WinColor.YELLOW, True), + AnsiBack.LIGHTBLUE_EX: (winterm.back, WinColor.BLUE, True), + AnsiBack.LIGHTMAGENTA_EX: (winterm.back, WinColor.MAGENTA, True), + AnsiBack.LIGHTCYAN_EX: (winterm.back, WinColor.CYAN, True), + AnsiBack.LIGHTWHITE_EX: (winterm.back, WinColor.GREY, True), + } + return dict() + + def write(self, text): + if self.strip or self.convert: + self.write_and_convert(text) + else: + self.wrapped.write(text) + self.wrapped.flush() + if self.autoreset: + self.reset_all() + + + def reset_all(self): + if self.convert: + self.call_win32('m', (0,)) + elif not self.strip and not self.stream.closed: + self.wrapped.write(Style.RESET_ALL) + + + def write_and_convert(self, text): + ''' + Write the given text to our wrapped stream, stripping any ANSI + sequences from the text, and optionally converting them into win32 + calls. + ''' + cursor = 0 + text = self.convert_osc(text) + for match in self.ANSI_CSI_RE.finditer(text): + start, end = match.span() + self.write_plain_text(text, cursor, start) + self.convert_ansi(*match.groups()) + cursor = end + self.write_plain_text(text, cursor, len(text)) + + + def write_plain_text(self, text, start, end): + if start < end: + self.wrapped.write(text[start:end]) + self.wrapped.flush() + + + def convert_ansi(self, paramstring, command): + if self.convert: + params = self.extract_params(command, paramstring) + self.call_win32(command, params) + + + def extract_params(self, command, paramstring): + if command in 'Hf': + params = tuple(int(p) if len(p) != 0 else 1 for p in paramstring.split(';')) + while len(params) < 2: + # defaults: + params = params + (1,) + else: + params = tuple(int(p) for p in paramstring.split(';') if len(p) != 0) + if len(params) == 0: + # defaults: + if command in 'JKm': + params = (0,) + elif command in 'ABCD': + params = (1,) + + return params + + + def call_win32(self, command, params): + if command == 'm': + for param in params: + if param in self.win32_calls: + func_args = self.win32_calls[param] + func = func_args[0] + args = func_args[1:] + kwargs = dict(on_stderr=self.on_stderr) + func(*args, **kwargs) + elif command in 'J': + winterm.erase_screen(params[0], on_stderr=self.on_stderr) + elif command in 'K': + winterm.erase_line(params[0], on_stderr=self.on_stderr) + elif command in 'Hf': # cursor position - absolute + winterm.set_cursor_position(params, on_stderr=self.on_stderr) + elif command in 'ABCD': # cursor position - relative + n = params[0] + # A - up, B - down, C - forward, D - back + x, y = {'A': (0, -n), 'B': (0, n), 'C': (n, 0), 'D': (-n, 0)}[command] + winterm.cursor_adjust(x, y, on_stderr=self.on_stderr) + + + def convert_osc(self, text): + for match in self.ANSI_OSC_RE.finditer(text): + start, end = match.span() + text = text[:start] + text[end:] + paramstring, command = match.groups() + if command == BEL: + if paramstring.count(";") == 1: + params = paramstring.split(";") + # 0 - change title and icon (we will only change title) + # 1 - change icon (we don't support this) + # 2 - change title + if params[0] in '02': + winterm.set_title(params[1]) + return text diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/initialise.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/initialise.py new file mode 100644 index 000000000..430d06687 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/initialise.py @@ -0,0 +1,80 @@ +# Copyright Jonathan Hartley 2013. BSD 3-Clause license, see LICENSE file. +import atexit +import contextlib +import sys + +from .ansitowin32 import AnsiToWin32 + + +orig_stdout = None +orig_stderr = None + +wrapped_stdout = None +wrapped_stderr = None + +atexit_done = False + + +def reset_all(): + if AnsiToWin32 is not None: # Issue #74: objects might become None at exit + AnsiToWin32(orig_stdout).reset_all() + + +def init(autoreset=False, convert=None, strip=None, wrap=True): + + if not wrap and any([autoreset, convert, strip]): + raise ValueError('wrap=False conflicts with any other arg=True') + + global wrapped_stdout, wrapped_stderr + global orig_stdout, orig_stderr + + orig_stdout = sys.stdout + orig_stderr = sys.stderr + + if sys.stdout is None: + wrapped_stdout = None + else: + sys.stdout = wrapped_stdout = \ + wrap_stream(orig_stdout, convert, strip, autoreset, wrap) + if sys.stderr is None: + wrapped_stderr = None + else: + sys.stderr = wrapped_stderr = \ + wrap_stream(orig_stderr, convert, strip, autoreset, wrap) + + global atexit_done + if not atexit_done: + atexit.register(reset_all) + atexit_done = True + + +def deinit(): + if orig_stdout is not None: + sys.stdout = orig_stdout + if orig_stderr is not None: + sys.stderr = orig_stderr + + +@contextlib.contextmanager +def colorama_text(*args, **kwargs): + init(*args, **kwargs) + try: + yield + finally: + deinit() + + +def reinit(): + if wrapped_stdout is not None: + sys.stdout = wrapped_stdout + if wrapped_stderr is not None: + sys.stderr = wrapped_stderr + + +def wrap_stream(stream, convert, strip, autoreset, wrap): + if wrap: + wrapper = AnsiToWin32(stream, + convert=convert, strip=strip, autoreset=autoreset) + if wrapper.should_wrap(): + stream = wrapper.stream + return stream diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/win32.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/win32.py new file mode 100644 index 000000000..c2d836033 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/win32.py @@ -0,0 +1,152 @@ +# Copyright Jonathan Hartley 2013. BSD 3-Clause license, see LICENSE file. + +# from winbase.h +STDOUT = -11 +STDERR = -12 + +try: + import ctypes + from ctypes import LibraryLoader + windll = LibraryLoader(ctypes.WinDLL) + from ctypes import wintypes +except (AttributeError, ImportError): + windll = None + SetConsoleTextAttribute = lambda *_: None + winapi_test = lambda *_: None +else: + from ctypes import byref, Structure, c_char, POINTER + + COORD = wintypes._COORD + + class CONSOLE_SCREEN_BUFFER_INFO(Structure): + """struct in wincon.h.""" + _fields_ = [ + ("dwSize", COORD), + ("dwCursorPosition", COORD), + ("wAttributes", wintypes.WORD), + ("srWindow", wintypes.SMALL_RECT), + ("dwMaximumWindowSize", COORD), + ] + def __str__(self): + return '(%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d)' % ( + self.dwSize.Y, self.dwSize.X + , self.dwCursorPosition.Y, self.dwCursorPosition.X + , self.wAttributes + , self.srWindow.Top, self.srWindow.Left, self.srWindow.Bottom, self.srWindow.Right + , self.dwMaximumWindowSize.Y, self.dwMaximumWindowSize.X + ) + + _GetStdHandle = windll.kernel32.GetStdHandle + _GetStdHandle.argtypes = [ + wintypes.DWORD, + ] + _GetStdHandle.restype = wintypes.HANDLE + + _GetConsoleScreenBufferInfo = windll.kernel32.GetConsoleScreenBufferInfo + _GetConsoleScreenBufferInfo.argtypes = [ + wintypes.HANDLE, + POINTER(CONSOLE_SCREEN_BUFFER_INFO), + ] + _GetConsoleScreenBufferInfo.restype = wintypes.BOOL + + _SetConsoleTextAttribute = windll.kernel32.SetConsoleTextAttribute + _SetConsoleTextAttribute.argtypes = [ + wintypes.HANDLE, + wintypes.WORD, + ] + _SetConsoleTextAttribute.restype = wintypes.BOOL + + _SetConsoleCursorPosition = windll.kernel32.SetConsoleCursorPosition + _SetConsoleCursorPosition.argtypes = [ + wintypes.HANDLE, + COORD, + ] + _SetConsoleCursorPosition.restype = wintypes.BOOL + + _FillConsoleOutputCharacterA = windll.kernel32.FillConsoleOutputCharacterA + _FillConsoleOutputCharacterA.argtypes = [ + wintypes.HANDLE, + c_char, + wintypes.DWORD, + COORD, + POINTER(wintypes.DWORD), + ] + _FillConsoleOutputCharacterA.restype = wintypes.BOOL + + _FillConsoleOutputAttribute = windll.kernel32.FillConsoleOutputAttribute + _FillConsoleOutputAttribute.argtypes = [ + wintypes.HANDLE, + wintypes.WORD, + wintypes.DWORD, + COORD, + POINTER(wintypes.DWORD), + ] + _FillConsoleOutputAttribute.restype = wintypes.BOOL + + _SetConsoleTitleW = windll.kernel32.SetConsoleTitleW + _SetConsoleTitleW.argtypes = [ + wintypes.LPCWSTR + ] + _SetConsoleTitleW.restype = wintypes.BOOL + + def _winapi_test(handle): + csbi = CONSOLE_SCREEN_BUFFER_INFO() + success = _GetConsoleScreenBufferInfo( + handle, byref(csbi)) + return bool(success) + + def winapi_test(): + return any(_winapi_test(h) for h in + (_GetStdHandle(STDOUT), _GetStdHandle(STDERR))) + + def GetConsoleScreenBufferInfo(stream_id=STDOUT): + handle = _GetStdHandle(stream_id) + csbi = CONSOLE_SCREEN_BUFFER_INFO() + success = _GetConsoleScreenBufferInfo( + handle, byref(csbi)) + return csbi + + def SetConsoleTextAttribute(stream_id, attrs): + handle = _GetStdHandle(stream_id) + return _SetConsoleTextAttribute(handle, attrs) + + def SetConsoleCursorPosition(stream_id, position, adjust=True): + position = COORD(*position) + # If the position is out of range, do nothing. + if position.Y <= 0 or position.X <= 0: + return + # Adjust for Windows' SetConsoleCursorPosition: + # 1. being 0-based, while ANSI is 1-based. + # 2. expecting (x,y), while ANSI uses (y,x). + adjusted_position = COORD(position.Y - 1, position.X - 1) + if adjust: + # Adjust for viewport's scroll position + sr = GetConsoleScreenBufferInfo(STDOUT).srWindow + adjusted_position.Y += sr.Top + adjusted_position.X += sr.Left + # Resume normal processing + handle = _GetStdHandle(stream_id) + return _SetConsoleCursorPosition(handle, adjusted_position) + + def FillConsoleOutputCharacter(stream_id, char, length, start): + handle = _GetStdHandle(stream_id) + char = c_char(char.encode()) + length = wintypes.DWORD(length) + num_written = wintypes.DWORD(0) + # Note that this is hard-coded for ANSI (vs wide) bytes. + success = _FillConsoleOutputCharacterA( + handle, char, length, start, byref(num_written)) + return num_written.value + + def FillConsoleOutputAttribute(stream_id, attr, length, start): + ''' FillConsoleOutputAttribute( hConsole, csbi.wAttributes, dwConSize, coordScreen, &cCharsWritten )''' + handle = _GetStdHandle(stream_id) + attribute = wintypes.WORD(attr) + length = wintypes.DWORD(length) + num_written = wintypes.DWORD(0) + # Note that this is hard-coded for ANSI (vs wide) bytes. + return _FillConsoleOutputAttribute( + handle, attribute, length, start, byref(num_written)) + + def SetConsoleTitle(title): + return _SetConsoleTitleW(title) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/winterm.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/winterm.py new file mode 100644 index 000000000..0fdb4ec4e --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/colorama/winterm.py @@ -0,0 +1,169 @@ +# Copyright Jonathan Hartley 2013. BSD 3-Clause license, see LICENSE file. +from . import win32 + + +# from wincon.h +class WinColor(object): + BLACK = 0 + BLUE = 1 + GREEN = 2 + CYAN = 3 + RED = 4 + MAGENTA = 5 + YELLOW = 6 + GREY = 7 + +# from wincon.h +class WinStyle(object): + NORMAL = 0x00 # dim text, dim background + BRIGHT = 0x08 # bright text, dim background + BRIGHT_BACKGROUND = 0x80 # dim text, bright background + +class WinTerm(object): + + def __init__(self): + self._default = win32.GetConsoleScreenBufferInfo(win32.STDOUT).wAttributes + self.set_attrs(self._default) + self._default_fore = self._fore + self._default_back = self._back + self._default_style = self._style + # In order to emulate LIGHT_EX in windows, we borrow the BRIGHT style. + # So that LIGHT_EX colors and BRIGHT style do not clobber each other, + # we track them separately, since LIGHT_EX is overwritten by Fore/Back + # and BRIGHT is overwritten by Style codes. + self._light = 0 + + def get_attrs(self): + return self._fore + self._back * 16 + (self._style | self._light) + + def set_attrs(self, value): + self._fore = value & 7 + self._back = (value >> 4) & 7 + self._style = value & (WinStyle.BRIGHT | WinStyle.BRIGHT_BACKGROUND) + + def reset_all(self, on_stderr=None): + self.set_attrs(self._default) + self.set_console(attrs=self._default) + self._light = 0 + + def fore(self, fore=None, light=False, on_stderr=False): + if fore is None: + fore = self._default_fore + self._fore = fore + # Emulate LIGHT_EX with BRIGHT Style + if light: + self._light |= WinStyle.BRIGHT + else: + self._light &= ~WinStyle.BRIGHT + self.set_console(on_stderr=on_stderr) + + def back(self, back=None, light=False, on_stderr=False): + if back is None: + back = self._default_back + self._back = back + # Emulate LIGHT_EX with BRIGHT_BACKGROUND Style + if light: + self._light |= WinStyle.BRIGHT_BACKGROUND + else: + self._light &= ~WinStyle.BRIGHT_BACKGROUND + self.set_console(on_stderr=on_stderr) + + def style(self, style=None, on_stderr=False): + if style is None: + style = self._default_style + self._style = style + self.set_console(on_stderr=on_stderr) + + def set_console(self, attrs=None, on_stderr=False): + if attrs is None: + attrs = self.get_attrs() + handle = win32.STDOUT + if on_stderr: + handle = win32.STDERR + win32.SetConsoleTextAttribute(handle, attrs) + + def get_position(self, handle): + position = win32.GetConsoleScreenBufferInfo(handle).dwCursorPosition + # Because Windows coordinates are 0-based, + # and win32.SetConsoleCursorPosition expects 1-based. + position.X += 1 + position.Y += 1 + return position + + def set_cursor_position(self, position=None, on_stderr=False): + if position is None: + # I'm not currently tracking the position, so there is no default. + # position = self.get_position() + return + handle = win32.STDOUT + if on_stderr: + handle = win32.STDERR + win32.SetConsoleCursorPosition(handle, position) + + def cursor_adjust(self, x, y, on_stderr=False): + handle = win32.STDOUT + if on_stderr: + handle = win32.STDERR + position = self.get_position(handle) + adjusted_position = (position.Y + y, position.X + x) + win32.SetConsoleCursorPosition(handle, adjusted_position, adjust=False) + + def erase_screen(self, mode=0, on_stderr=False): + # 0 should clear from the cursor to the end of the screen. + # 1 should clear from the cursor to the beginning of the screen. + # 2 should clear the entire screen, and move cursor to (1,1) + handle = win32.STDOUT + if on_stderr: + handle = win32.STDERR + csbi = win32.GetConsoleScreenBufferInfo(handle) + # get the number of character cells in the current buffer + cells_in_screen = csbi.dwSize.X * csbi.dwSize.Y + # get number of character cells before current cursor position + cells_before_cursor = csbi.dwSize.X * csbi.dwCursorPosition.Y + csbi.dwCursorPosition.X + if mode == 0: + from_coord = csbi.dwCursorPosition + cells_to_erase = cells_in_screen - cells_before_cursor + elif mode == 1: + from_coord = win32.COORD(0, 0) + cells_to_erase = cells_before_cursor + elif mode == 2: + from_coord = win32.COORD(0, 0) + cells_to_erase = cells_in_screen + else: + # invalid mode + return + # fill the entire screen with blanks + win32.FillConsoleOutputCharacter(handle, ' ', cells_to_erase, from_coord) + # now set the buffer's attributes accordingly + win32.FillConsoleOutputAttribute(handle, self.get_attrs(), cells_to_erase, from_coord) + if mode == 2: + # put the cursor where needed + win32.SetConsoleCursorPosition(handle, (1, 1)) + + def erase_line(self, mode=0, on_stderr=False): + # 0 should clear from the cursor to the end of the line. + # 1 should clear from the cursor to the beginning of the line. + # 2 should clear the entire line. + handle = win32.STDOUT + if on_stderr: + handle = win32.STDERR + csbi = win32.GetConsoleScreenBufferInfo(handle) + if mode == 0: + from_coord = csbi.dwCursorPosition + cells_to_erase = csbi.dwSize.X - csbi.dwCursorPosition.X + elif mode == 1: + from_coord = win32.COORD(0, csbi.dwCursorPosition.Y) + cells_to_erase = csbi.dwCursorPosition.X + elif mode == 2: + from_coord = win32.COORD(0, csbi.dwCursorPosition.Y) + cells_to_erase = csbi.dwSize.X + else: + # invalid mode + return + # fill the entire screen with blanks + win32.FillConsoleOutputCharacter(handle, ' ', cells_to_erase, from_coord) + # now set the buffer's attributes accordingly + win32.FillConsoleOutputAttribute(handle, self.get_attrs(), cells_to_erase, from_coord) + + def set_title(self, title): + win32.SetConsoleTitle(title) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/__init__.py new file mode 100644 index 000000000..492c2c705 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/__init__.py @@ -0,0 +1,23 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2012-2019 Vinay Sajip. +# Licensed to the Python Software Foundation under a contributor agreement. +# See LICENSE.txt and CONTRIBUTORS.txt. +# +import logging + +__version__ = '0.3.2' + +class DistlibException(Exception): + pass + +try: + from logging import NullHandler +except ImportError: # pragma: no cover + class NullHandler(logging.Handler): + def handle(self, record): pass + def emit(self, record): pass + def createLock(self): self.lock = None + +logger = logging.getLogger(__name__) +logger.addHandler(NullHandler()) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/__init__.py new file mode 100644 index 000000000..f7dbf4c9a --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/__init__.py @@ -0,0 +1,6 @@ +"""Modules copied from Python 3 standard libraries, for internal use only. + +Individual classes and functions are found in d2._backport.misc. Intended +usage is to always import things missing from 3.1 from that module: the +built-in/stdlib objects will be used if found. +""" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/misc.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/misc.py new file mode 100644 index 000000000..cfb318d34 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/misc.py @@ -0,0 +1,41 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2012 The Python Software Foundation. +# See LICENSE.txt and CONTRIBUTORS.txt. +# +"""Backports for individual classes and functions.""" + +import os +import sys + +__all__ = ['cache_from_source', 'callable', 'fsencode'] + + +try: + from imp import cache_from_source +except ImportError: + def cache_from_source(py_file, debug=__debug__): + ext = debug and 'c' or 'o' + return py_file + ext + + +try: + callable = callable +except NameError: + from collections import Callable + + def callable(obj): + return isinstance(obj, Callable) + + +try: + fsencode = os.fsencode +except AttributeError: + def fsencode(filename): + if isinstance(filename, bytes): + return filename + elif isinstance(filename, str): + return filename.encode(sys.getfilesystemencoding()) + else: + raise TypeError("expect bytes or str, not %s" % + type(filename).__name__) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/shutil.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/shutil.py new file mode 100644 index 000000000..10ed36253 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/shutil.py @@ -0,0 +1,764 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2012 The Python Software Foundation. +# See LICENSE.txt and CONTRIBUTORS.txt. +# +"""Utility functions for copying and archiving files and directory trees. + +XXX The functions here don't copy the resource fork or other metadata on Mac. + +""" + +import os +import sys +import stat +from os.path import abspath +import fnmatch +try: + from collections.abc import Callable +except ImportError: + from collections import Callable +import errno +from . import tarfile + +try: + import bz2 + _BZ2_SUPPORTED = True +except ImportError: + _BZ2_SUPPORTED = False + +try: + from pwd import getpwnam +except ImportError: + getpwnam = None + +try: + from grp import getgrnam +except ImportError: + getgrnam = None + +__all__ = ["copyfileobj", "copyfile", "copymode", "copystat", "copy", "copy2", + "copytree", "move", "rmtree", "Error", "SpecialFileError", + "ExecError", "make_archive", "get_archive_formats", + "register_archive_format", "unregister_archive_format", + "get_unpack_formats", "register_unpack_format", + "unregister_unpack_format", "unpack_archive", "ignore_patterns"] + +class Error(EnvironmentError): + pass + +class SpecialFileError(EnvironmentError): + """Raised when trying to do a kind of operation (e.g. copying) which is + not supported on a special file (e.g. a named pipe)""" + +class ExecError(EnvironmentError): + """Raised when a command could not be executed""" + +class ReadError(EnvironmentError): + """Raised when an archive cannot be read""" + +class RegistryError(Exception): + """Raised when a registry operation with the archiving + and unpacking registries fails""" + + +try: + WindowsError +except NameError: + WindowsError = None + +def copyfileobj(fsrc, fdst, length=16*1024): + """copy data from file-like object fsrc to file-like object fdst""" + while 1: + buf = fsrc.read(length) + if not buf: + break + fdst.write(buf) + +def _samefile(src, dst): + # Macintosh, Unix. + if hasattr(os.path, 'samefile'): + try: + return os.path.samefile(src, dst) + except OSError: + return False + + # All other platforms: check for same pathname. + return (os.path.normcase(os.path.abspath(src)) == + os.path.normcase(os.path.abspath(dst))) + +def copyfile(src, dst): + """Copy data from src to dst""" + if _samefile(src, dst): + raise Error("`%s` and `%s` are the same file" % (src, dst)) + + for fn in [src, dst]: + try: + st = os.stat(fn) + except OSError: + # File most likely does not exist + pass + else: + # XXX What about other special files? (sockets, devices...) + if stat.S_ISFIFO(st.st_mode): + raise SpecialFileError("`%s` is a named pipe" % fn) + + with open(src, 'rb') as fsrc: + with open(dst, 'wb') as fdst: + copyfileobj(fsrc, fdst) + +def copymode(src, dst): + """Copy mode bits from src to dst""" + if hasattr(os, 'chmod'): + st = os.stat(src) + mode = stat.S_IMODE(st.st_mode) + os.chmod(dst, mode) + +def copystat(src, dst): + """Copy all stat info (mode bits, atime, mtime, flags) from src to dst""" + st = os.stat(src) + mode = stat.S_IMODE(st.st_mode) + if hasattr(os, 'utime'): + os.utime(dst, (st.st_atime, st.st_mtime)) + if hasattr(os, 'chmod'): + os.chmod(dst, mode) + if hasattr(os, 'chflags') and hasattr(st, 'st_flags'): + try: + os.chflags(dst, st.st_flags) + except OSError as why: + if (not hasattr(errno, 'EOPNOTSUPP') or + why.errno != errno.EOPNOTSUPP): + raise + +def copy(src, dst): + """Copy data and mode bits ("cp src dst"). + + The destination may be a directory. + + """ + if os.path.isdir(dst): + dst = os.path.join(dst, os.path.basename(src)) + copyfile(src, dst) + copymode(src, dst) + +def copy2(src, dst): + """Copy data and all stat info ("cp -p src dst"). + + The destination may be a directory. + + """ + if os.path.isdir(dst): + dst = os.path.join(dst, os.path.basename(src)) + copyfile(src, dst) + copystat(src, dst) + +def ignore_patterns(*patterns): + """Function that can be used as copytree() ignore parameter. + + Patterns is a sequence of glob-style patterns + that are used to exclude files""" + def _ignore_patterns(path, names): + ignored_names = [] + for pattern in patterns: + ignored_names.extend(fnmatch.filter(names, pattern)) + return set(ignored_names) + return _ignore_patterns + +def copytree(src, dst, symlinks=False, ignore=None, copy_function=copy2, + ignore_dangling_symlinks=False): + """Recursively copy a directory tree. + + The destination directory must not already exist. + If exception(s) occur, an Error is raised with a list of reasons. + + If the optional symlinks flag is true, symbolic links in the + source tree result in symbolic links in the destination tree; if + it is false, the contents of the files pointed to by symbolic + links are copied. If the file pointed by the symlink doesn't + exist, an exception will be added in the list of errors raised in + an Error exception at the end of the copy process. + + You can set the optional ignore_dangling_symlinks flag to true if you + want to silence this exception. Notice that this has no effect on + platforms that don't support os.symlink. + + The optional ignore argument is a callable. If given, it + is called with the `src` parameter, which is the directory + being visited by copytree(), and `names` which is the list of + `src` contents, as returned by os.listdir(): + + callable(src, names) -> ignored_names + + Since copytree() is called recursively, the callable will be + called once for each directory that is copied. It returns a + list of names relative to the `src` directory that should + not be copied. + + The optional copy_function argument is a callable that will be used + to copy each file. It will be called with the source path and the + destination path as arguments. By default, copy2() is used, but any + function that supports the same signature (like copy()) can be used. + + """ + names = os.listdir(src) + if ignore is not None: + ignored_names = ignore(src, names) + else: + ignored_names = set() + + os.makedirs(dst) + errors = [] + for name in names: + if name in ignored_names: + continue + srcname = os.path.join(src, name) + dstname = os.path.join(dst, name) + try: + if os.path.islink(srcname): + linkto = os.readlink(srcname) + if symlinks: + os.symlink(linkto, dstname) + else: + # ignore dangling symlink if the flag is on + if not os.path.exists(linkto) and ignore_dangling_symlinks: + continue + # otherwise let the copy occurs. copy2 will raise an error + copy_function(srcname, dstname) + elif os.path.isdir(srcname): + copytree(srcname, dstname, symlinks, ignore, copy_function) + else: + # Will raise a SpecialFileError for unsupported file types + copy_function(srcname, dstname) + # catch the Error from the recursive copytree so that we can + # continue with other files + except Error as err: + errors.extend(err.args[0]) + except EnvironmentError as why: + errors.append((srcname, dstname, str(why))) + try: + copystat(src, dst) + except OSError as why: + if WindowsError is not None and isinstance(why, WindowsError): + # Copying file access times may fail on Windows + pass + else: + errors.extend((src, dst, str(why))) + if errors: + raise Error(errors) + +def rmtree(path, ignore_errors=False, onerror=None): + """Recursively delete a directory tree. + + If ignore_errors is set, errors are ignored; otherwise, if onerror + is set, it is called to handle the error with arguments (func, + path, exc_info) where func is os.listdir, os.remove, or os.rmdir; + path is the argument to that function that caused it to fail; and + exc_info is a tuple returned by sys.exc_info(). If ignore_errors + is false and onerror is None, an exception is raised. + + """ + if ignore_errors: + def onerror(*args): + pass + elif onerror is None: + def onerror(*args): + raise + try: + if os.path.islink(path): + # symlinks to directories are forbidden, see bug #1669 + raise OSError("Cannot call rmtree on a symbolic link") + except OSError: + onerror(os.path.islink, path, sys.exc_info()) + # can't continue even if onerror hook returns + return + names = [] + try: + names = os.listdir(path) + except os.error: + onerror(os.listdir, path, sys.exc_info()) + for name in names: + fullname = os.path.join(path, name) + try: + mode = os.lstat(fullname).st_mode + except os.error: + mode = 0 + if stat.S_ISDIR(mode): + rmtree(fullname, ignore_errors, onerror) + else: + try: + os.remove(fullname) + except os.error: + onerror(os.remove, fullname, sys.exc_info()) + try: + os.rmdir(path) + except os.error: + onerror(os.rmdir, path, sys.exc_info()) + + +def _basename(path): + # A basename() variant which first strips the trailing slash, if present. + # Thus we always get the last component of the path, even for directories. + return os.path.basename(path.rstrip(os.path.sep)) + +def move(src, dst): + """Recursively move a file or directory to another location. This is + similar to the Unix "mv" command. + + If the destination is a directory or a symlink to a directory, the source + is moved inside the directory. The destination path must not already + exist. + + If the destination already exists but is not a directory, it may be + overwritten depending on os.rename() semantics. + + If the destination is on our current filesystem, then rename() is used. + Otherwise, src is copied to the destination and then removed. + A lot more could be done here... A look at a mv.c shows a lot of + the issues this implementation glosses over. + + """ + real_dst = dst + if os.path.isdir(dst): + if _samefile(src, dst): + # We might be on a case insensitive filesystem, + # perform the rename anyway. + os.rename(src, dst) + return + + real_dst = os.path.join(dst, _basename(src)) + if os.path.exists(real_dst): + raise Error("Destination path '%s' already exists" % real_dst) + try: + os.rename(src, real_dst) + except OSError: + if os.path.isdir(src): + if _destinsrc(src, dst): + raise Error("Cannot move a directory '%s' into itself '%s'." % (src, dst)) + copytree(src, real_dst, symlinks=True) + rmtree(src) + else: + copy2(src, real_dst) + os.unlink(src) + +def _destinsrc(src, dst): + src = abspath(src) + dst = abspath(dst) + if not src.endswith(os.path.sep): + src += os.path.sep + if not dst.endswith(os.path.sep): + dst += os.path.sep + return dst.startswith(src) + +def _get_gid(name): + """Returns a gid, given a group name.""" + if getgrnam is None or name is None: + return None + try: + result = getgrnam(name) + except KeyError: + result = None + if result is not None: + return result[2] + return None + +def _get_uid(name): + """Returns an uid, given a user name.""" + if getpwnam is None or name is None: + return None + try: + result = getpwnam(name) + except KeyError: + result = None + if result is not None: + return result[2] + return None + +def _make_tarball(base_name, base_dir, compress="gzip", verbose=0, dry_run=0, + owner=None, group=None, logger=None): + """Create a (possibly compressed) tar file from all the files under + 'base_dir'. + + 'compress' must be "gzip" (the default), "bzip2", or None. + + 'owner' and 'group' can be used to define an owner and a group for the + archive that is being built. If not provided, the current owner and group + will be used. + + The output tar file will be named 'base_name' + ".tar", possibly plus + the appropriate compression extension (".gz", or ".bz2"). + + Returns the output filename. + """ + tar_compression = {'gzip': 'gz', None: ''} + compress_ext = {'gzip': '.gz'} + + if _BZ2_SUPPORTED: + tar_compression['bzip2'] = 'bz2' + compress_ext['bzip2'] = '.bz2' + + # flags for compression program, each element of list will be an argument + if compress is not None and compress not in compress_ext: + raise ValueError("bad value for 'compress', or compression format not " + "supported : {0}".format(compress)) + + archive_name = base_name + '.tar' + compress_ext.get(compress, '') + archive_dir = os.path.dirname(archive_name) + + if not os.path.exists(archive_dir): + if logger is not None: + logger.info("creating %s", archive_dir) + if not dry_run: + os.makedirs(archive_dir) + + # creating the tarball + if logger is not None: + logger.info('Creating tar archive') + + uid = _get_uid(owner) + gid = _get_gid(group) + + def _set_uid_gid(tarinfo): + if gid is not None: + tarinfo.gid = gid + tarinfo.gname = group + if uid is not None: + tarinfo.uid = uid + tarinfo.uname = owner + return tarinfo + + if not dry_run: + tar = tarfile.open(archive_name, 'w|%s' % tar_compression[compress]) + try: + tar.add(base_dir, filter=_set_uid_gid) + finally: + tar.close() + + return archive_name + +def _call_external_zip(base_dir, zip_filename, verbose=False, dry_run=False): + # XXX see if we want to keep an external call here + if verbose: + zipoptions = "-r" + else: + zipoptions = "-rq" + from distutils.errors import DistutilsExecError + from distutils.spawn import spawn + try: + spawn(["zip", zipoptions, zip_filename, base_dir], dry_run=dry_run) + except DistutilsExecError: + # XXX really should distinguish between "couldn't find + # external 'zip' command" and "zip failed". + raise ExecError("unable to create zip file '%s': " + "could neither import the 'zipfile' module nor " + "find a standalone zip utility") % zip_filename + +def _make_zipfile(base_name, base_dir, verbose=0, dry_run=0, logger=None): + """Create a zip file from all the files under 'base_dir'. + + The output zip file will be named 'base_name' + ".zip". Uses either the + "zipfile" Python module (if available) or the InfoZIP "zip" utility + (if installed and found on the default search path). If neither tool is + available, raises ExecError. Returns the name of the output zip + file. + """ + zip_filename = base_name + ".zip" + archive_dir = os.path.dirname(base_name) + + if not os.path.exists(archive_dir): + if logger is not None: + logger.info("creating %s", archive_dir) + if not dry_run: + os.makedirs(archive_dir) + + # If zipfile module is not available, try spawning an external 'zip' + # command. + try: + import zipfile + except ImportError: + zipfile = None + + if zipfile is None: + _call_external_zip(base_dir, zip_filename, verbose, dry_run) + else: + if logger is not None: + logger.info("creating '%s' and adding '%s' to it", + zip_filename, base_dir) + + if not dry_run: + zip = zipfile.ZipFile(zip_filename, "w", + compression=zipfile.ZIP_DEFLATED) + + for dirpath, dirnames, filenames in os.walk(base_dir): + for name in filenames: + path = os.path.normpath(os.path.join(dirpath, name)) + if os.path.isfile(path): + zip.write(path, path) + if logger is not None: + logger.info("adding '%s'", path) + zip.close() + + return zip_filename + +_ARCHIVE_FORMATS = { + 'gztar': (_make_tarball, [('compress', 'gzip')], "gzip'ed tar-file"), + 'bztar': (_make_tarball, [('compress', 'bzip2')], "bzip2'ed tar-file"), + 'tar': (_make_tarball, [('compress', None)], "uncompressed tar file"), + 'zip': (_make_zipfile, [], "ZIP file"), + } + +if _BZ2_SUPPORTED: + _ARCHIVE_FORMATS['bztar'] = (_make_tarball, [('compress', 'bzip2')], + "bzip2'ed tar-file") + +def get_archive_formats(): + """Returns a list of supported formats for archiving and unarchiving. + + Each element of the returned sequence is a tuple (name, description) + """ + formats = [(name, registry[2]) for name, registry in + _ARCHIVE_FORMATS.items()] + formats.sort() + return formats + +def register_archive_format(name, function, extra_args=None, description=''): + """Registers an archive format. + + name is the name of the format. function is the callable that will be + used to create archives. If provided, extra_args is a sequence of + (name, value) tuples that will be passed as arguments to the callable. + description can be provided to describe the format, and will be returned + by the get_archive_formats() function. + """ + if extra_args is None: + extra_args = [] + if not isinstance(function, Callable): + raise TypeError('The %s object is not callable' % function) + if not isinstance(extra_args, (tuple, list)): + raise TypeError('extra_args needs to be a sequence') + for element in extra_args: + if not isinstance(element, (tuple, list)) or len(element) !=2: + raise TypeError('extra_args elements are : (arg_name, value)') + + _ARCHIVE_FORMATS[name] = (function, extra_args, description) + +def unregister_archive_format(name): + del _ARCHIVE_FORMATS[name] + +def make_archive(base_name, format, root_dir=None, base_dir=None, verbose=0, + dry_run=0, owner=None, group=None, logger=None): + """Create an archive file (eg. zip or tar). + + 'base_name' is the name of the file to create, minus any format-specific + extension; 'format' is the archive format: one of "zip", "tar", "bztar" + or "gztar". + + 'root_dir' is a directory that will be the root directory of the + archive; ie. we typically chdir into 'root_dir' before creating the + archive. 'base_dir' is the directory where we start archiving from; + ie. 'base_dir' will be the common prefix of all files and + directories in the archive. 'root_dir' and 'base_dir' both default + to the current directory. Returns the name of the archive file. + + 'owner' and 'group' are used when creating a tar archive. By default, + uses the current owner and group. + """ + save_cwd = os.getcwd() + if root_dir is not None: + if logger is not None: + logger.debug("changing into '%s'", root_dir) + base_name = os.path.abspath(base_name) + if not dry_run: + os.chdir(root_dir) + + if base_dir is None: + base_dir = os.curdir + + kwargs = {'dry_run': dry_run, 'logger': logger} + + try: + format_info = _ARCHIVE_FORMATS[format] + except KeyError: + raise ValueError("unknown archive format '%s'" % format) + + func = format_info[0] + for arg, val in format_info[1]: + kwargs[arg] = val + + if format != 'zip': + kwargs['owner'] = owner + kwargs['group'] = group + + try: + filename = func(base_name, base_dir, **kwargs) + finally: + if root_dir is not None: + if logger is not None: + logger.debug("changing back to '%s'", save_cwd) + os.chdir(save_cwd) + + return filename + + +def get_unpack_formats(): + """Returns a list of supported formats for unpacking. + + Each element of the returned sequence is a tuple + (name, extensions, description) + """ + formats = [(name, info[0], info[3]) for name, info in + _UNPACK_FORMATS.items()] + formats.sort() + return formats + +def _check_unpack_options(extensions, function, extra_args): + """Checks what gets registered as an unpacker.""" + # first make sure no other unpacker is registered for this extension + existing_extensions = {} + for name, info in _UNPACK_FORMATS.items(): + for ext in info[0]: + existing_extensions[ext] = name + + for extension in extensions: + if extension in existing_extensions: + msg = '%s is already registered for "%s"' + raise RegistryError(msg % (extension, + existing_extensions[extension])) + + if not isinstance(function, Callable): + raise TypeError('The registered function must be a callable') + + +def register_unpack_format(name, extensions, function, extra_args=None, + description=''): + """Registers an unpack format. + + `name` is the name of the format. `extensions` is a list of extensions + corresponding to the format. + + `function` is the callable that will be + used to unpack archives. The callable will receive archives to unpack. + If it's unable to handle an archive, it needs to raise a ReadError + exception. + + If provided, `extra_args` is a sequence of + (name, value) tuples that will be passed as arguments to the callable. + description can be provided to describe the format, and will be returned + by the get_unpack_formats() function. + """ + if extra_args is None: + extra_args = [] + _check_unpack_options(extensions, function, extra_args) + _UNPACK_FORMATS[name] = extensions, function, extra_args, description + +def unregister_unpack_format(name): + """Removes the pack format from the registry.""" + del _UNPACK_FORMATS[name] + +def _ensure_directory(path): + """Ensure that the parent directory of `path` exists""" + dirname = os.path.dirname(path) + if not os.path.isdir(dirname): + os.makedirs(dirname) + +def _unpack_zipfile(filename, extract_dir): + """Unpack zip `filename` to `extract_dir` + """ + try: + import zipfile + except ImportError: + raise ReadError('zlib not supported, cannot unpack this archive.') + + if not zipfile.is_zipfile(filename): + raise ReadError("%s is not a zip file" % filename) + + zip = zipfile.ZipFile(filename) + try: + for info in zip.infolist(): + name = info.filename + + # don't extract absolute paths or ones with .. in them + if name.startswith('/') or '..' in name: + continue + + target = os.path.join(extract_dir, *name.split('/')) + if not target: + continue + + _ensure_directory(target) + if not name.endswith('/'): + # file + data = zip.read(info.filename) + f = open(target, 'wb') + try: + f.write(data) + finally: + f.close() + del data + finally: + zip.close() + +def _unpack_tarfile(filename, extract_dir): + """Unpack tar/tar.gz/tar.bz2 `filename` to `extract_dir` + """ + try: + tarobj = tarfile.open(filename) + except tarfile.TarError: + raise ReadError( + "%s is not a compressed or uncompressed tar file" % filename) + try: + tarobj.extractall(extract_dir) + finally: + tarobj.close() + +_UNPACK_FORMATS = { + 'gztar': (['.tar.gz', '.tgz'], _unpack_tarfile, [], "gzip'ed tar-file"), + 'tar': (['.tar'], _unpack_tarfile, [], "uncompressed tar file"), + 'zip': (['.zip'], _unpack_zipfile, [], "ZIP file") + } + +if _BZ2_SUPPORTED: + _UNPACK_FORMATS['bztar'] = (['.bz2'], _unpack_tarfile, [], + "bzip2'ed tar-file") + +def _find_unpack_format(filename): + for name, info in _UNPACK_FORMATS.items(): + for extension in info[0]: + if filename.endswith(extension): + return name + return None + +def unpack_archive(filename, extract_dir=None, format=None): + """Unpack an archive. + + `filename` is the name of the archive. + + `extract_dir` is the name of the target directory, where the archive + is unpacked. If not provided, the current working directory is used. + + `format` is the archive format: one of "zip", "tar", or "gztar". Or any + other registered format. If not provided, unpack_archive will use the + filename extension and see if an unpacker was registered for that + extension. + + In case none is found, a ValueError is raised. + """ + if extract_dir is None: + extract_dir = os.getcwd() + + if format is not None: + try: + format_info = _UNPACK_FORMATS[format] + except KeyError: + raise ValueError("Unknown unpack format '{0}'".format(format)) + + func = format_info[1] + func(filename, extract_dir, **dict(format_info[2])) + else: + # we need to look at the registered unpackers supported extensions + format = _find_unpack_format(filename) + if format is None: + raise ReadError("Unknown archive format '{0}'".format(filename)) + + func = _UNPACK_FORMATS[format][1] + kwargs = dict(_UNPACK_FORMATS[format][2]) + func(filename, extract_dir, **kwargs) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/sysconfig.cfg b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/sysconfig.cfg new file mode 100644 index 000000000..1746bd01c --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/sysconfig.cfg @@ -0,0 +1,84 @@ +[posix_prefix] +# Configuration directories. Some of these come straight out of the +# configure script. They are for implementing the other variables, not to +# be used directly in [resource_locations]. +confdir = /etc +datadir = /usr/share +libdir = /usr/lib +statedir = /var +# User resource directory +local = ~/.local/{distribution.name} + +stdlib = {base}/lib/python{py_version_short} +platstdlib = {platbase}/lib/python{py_version_short} +purelib = {base}/lib/python{py_version_short}/site-packages +platlib = {platbase}/lib/python{py_version_short}/site-packages +include = {base}/include/python{py_version_short}{abiflags} +platinclude = {platbase}/include/python{py_version_short}{abiflags} +data = {base} + +[posix_home] +stdlib = {base}/lib/python +platstdlib = {base}/lib/python +purelib = {base}/lib/python +platlib = {base}/lib/python +include = {base}/include/python +platinclude = {base}/include/python +scripts = {base}/bin +data = {base} + +[nt] +stdlib = {base}/Lib +platstdlib = {base}/Lib +purelib = {base}/Lib/site-packages +platlib = {base}/Lib/site-packages +include = {base}/Include +platinclude = {base}/Include +scripts = {base}/Scripts +data = {base} + +[os2] +stdlib = {base}/Lib +platstdlib = {base}/Lib +purelib = {base}/Lib/site-packages +platlib = {base}/Lib/site-packages +include = {base}/Include +platinclude = {base}/Include +scripts = {base}/Scripts +data = {base} + +[os2_home] +stdlib = {userbase}/lib/python{py_version_short} +platstdlib = {userbase}/lib/python{py_version_short} +purelib = {userbase}/lib/python{py_version_short}/site-packages +platlib = {userbase}/lib/python{py_version_short}/site-packages +include = {userbase}/include/python{py_version_short} +scripts = {userbase}/bin +data = {userbase} + +[nt_user] +stdlib = {userbase}/Python{py_version_nodot} +platstdlib = {userbase}/Python{py_version_nodot} +purelib = {userbase}/Python{py_version_nodot}/site-packages +platlib = {userbase}/Python{py_version_nodot}/site-packages +include = {userbase}/Python{py_version_nodot}/Include +scripts = {userbase}/Scripts +data = {userbase} + +[posix_user] +stdlib = {userbase}/lib/python{py_version_short} +platstdlib = {userbase}/lib/python{py_version_short} +purelib = {userbase}/lib/python{py_version_short}/site-packages +platlib = {userbase}/lib/python{py_version_short}/site-packages +include = {userbase}/include/python{py_version_short} +scripts = {userbase}/bin +data = {userbase} + +[osx_framework_user] +stdlib = {userbase}/lib/python +platstdlib = {userbase}/lib/python +purelib = {userbase}/lib/python/site-packages +platlib = {userbase}/lib/python/site-packages +include = {userbase}/include +scripts = {userbase}/bin +data = {userbase} diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/sysconfig.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/sysconfig.py new file mode 100644 index 000000000..b470a373c --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/sysconfig.py @@ -0,0 +1,786 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2012 The Python Software Foundation. +# See LICENSE.txt and CONTRIBUTORS.txt. +# +"""Access to Python's configuration information.""" + +import codecs +import os +import re +import sys +from os.path import pardir, realpath +try: + import configparser +except ImportError: + import ConfigParser as configparser + + +__all__ = [ + 'get_config_h_filename', + 'get_config_var', + 'get_config_vars', + 'get_makefile_filename', + 'get_path', + 'get_path_names', + 'get_paths', + 'get_platform', + 'get_python_version', + 'get_scheme_names', + 'parse_config_h', +] + + +def _safe_realpath(path): + try: + return realpath(path) + except OSError: + return path + + +if sys.executable: + _PROJECT_BASE = os.path.dirname(_safe_realpath(sys.executable)) +else: + # sys.executable can be empty if argv[0] has been changed and Python is + # unable to retrieve the real program name + _PROJECT_BASE = _safe_realpath(os.getcwd()) + +if os.name == "nt" and "pcbuild" in _PROJECT_BASE[-8:].lower(): + _PROJECT_BASE = _safe_realpath(os.path.join(_PROJECT_BASE, pardir)) +# PC/VS7.1 +if os.name == "nt" and "\\pc\\v" in _PROJECT_BASE[-10:].lower(): + _PROJECT_BASE = _safe_realpath(os.path.join(_PROJECT_BASE, pardir, pardir)) +# PC/AMD64 +if os.name == "nt" and "\\pcbuild\\amd64" in _PROJECT_BASE[-14:].lower(): + _PROJECT_BASE = _safe_realpath(os.path.join(_PROJECT_BASE, pardir, pardir)) + + +def is_python_build(): + for fn in ("Setup.dist", "Setup.local"): + if os.path.isfile(os.path.join(_PROJECT_BASE, "Modules", fn)): + return True + return False + +_PYTHON_BUILD = is_python_build() + +_cfg_read = False + +def _ensure_cfg_read(): + global _cfg_read + if not _cfg_read: + from ..resources import finder + backport_package = __name__.rsplit('.', 1)[0] + _finder = finder(backport_package) + _cfgfile = _finder.find('sysconfig.cfg') + assert _cfgfile, 'sysconfig.cfg exists' + with _cfgfile.as_stream() as s: + _SCHEMES.readfp(s) + if _PYTHON_BUILD: + for scheme in ('posix_prefix', 'posix_home'): + _SCHEMES.set(scheme, 'include', '{srcdir}/Include') + _SCHEMES.set(scheme, 'platinclude', '{projectbase}/.') + + _cfg_read = True + + +_SCHEMES = configparser.RawConfigParser() +_VAR_REPL = re.compile(r'\{([^{]*?)\}') + +def _expand_globals(config): + _ensure_cfg_read() + if config.has_section('globals'): + globals = config.items('globals') + else: + globals = tuple() + + sections = config.sections() + for section in sections: + if section == 'globals': + continue + for option, value in globals: + if config.has_option(section, option): + continue + config.set(section, option, value) + config.remove_section('globals') + + # now expanding local variables defined in the cfg file + # + for section in config.sections(): + variables = dict(config.items(section)) + + def _replacer(matchobj): + name = matchobj.group(1) + if name in variables: + return variables[name] + return matchobj.group(0) + + for option, value in config.items(section): + config.set(section, option, _VAR_REPL.sub(_replacer, value)) + +#_expand_globals(_SCHEMES) + +_PY_VERSION = '%s.%s.%s' % sys.version_info[:3] +_PY_VERSION_SHORT = '%s.%s' % sys.version_info[:2] +_PY_VERSION_SHORT_NO_DOT = '%s%s' % sys.version_info[:2] +_PREFIX = os.path.normpath(sys.prefix) +_EXEC_PREFIX = os.path.normpath(sys.exec_prefix) +_CONFIG_VARS = None +_USER_BASE = None + + +def _subst_vars(path, local_vars): + """In the string `path`, replace tokens like {some.thing} with the + corresponding value from the map `local_vars`. + + If there is no corresponding value, leave the token unchanged. + """ + def _replacer(matchobj): + name = matchobj.group(1) + if name in local_vars: + return local_vars[name] + elif name in os.environ: + return os.environ[name] + return matchobj.group(0) + return _VAR_REPL.sub(_replacer, path) + + +def _extend_dict(target_dict, other_dict): + target_keys = target_dict.keys() + for key, value in other_dict.items(): + if key in target_keys: + continue + target_dict[key] = value + + +def _expand_vars(scheme, vars): + res = {} + if vars is None: + vars = {} + _extend_dict(vars, get_config_vars()) + + for key, value in _SCHEMES.items(scheme): + if os.name in ('posix', 'nt'): + value = os.path.expanduser(value) + res[key] = os.path.normpath(_subst_vars(value, vars)) + return res + + +def format_value(value, vars): + def _replacer(matchobj): + name = matchobj.group(1) + if name in vars: + return vars[name] + return matchobj.group(0) + return _VAR_REPL.sub(_replacer, value) + + +def _get_default_scheme(): + if os.name == 'posix': + # the default scheme for posix is posix_prefix + return 'posix_prefix' + return os.name + + +def _getuserbase(): + env_base = os.environ.get("PYTHONUSERBASE", None) + + def joinuser(*args): + return os.path.expanduser(os.path.join(*args)) + + # what about 'os2emx', 'riscos' ? + if os.name == "nt": + base = os.environ.get("APPDATA") or "~" + if env_base: + return env_base + else: + return joinuser(base, "Python") + + if sys.platform == "darwin": + framework = get_config_var("PYTHONFRAMEWORK") + if framework: + if env_base: + return env_base + else: + return joinuser("~", "Library", framework, "%d.%d" % + sys.version_info[:2]) + + if env_base: + return env_base + else: + return joinuser("~", ".local") + + +def _parse_makefile(filename, vars=None): + """Parse a Makefile-style file. + + A dictionary containing name/value pairs is returned. If an + optional dictionary is passed in as the second argument, it is + used instead of a new dictionary. + """ + # Regexes needed for parsing Makefile (and similar syntaxes, + # like old-style Setup files). + _variable_rx = re.compile(r"([a-zA-Z][a-zA-Z0-9_]+)\s*=\s*(.*)") + _findvar1_rx = re.compile(r"\$\(([A-Za-z][A-Za-z0-9_]*)\)") + _findvar2_rx = re.compile(r"\${([A-Za-z][A-Za-z0-9_]*)}") + + if vars is None: + vars = {} + done = {} + notdone = {} + + with codecs.open(filename, encoding='utf-8', errors="surrogateescape") as f: + lines = f.readlines() + + for line in lines: + if line.startswith('#') or line.strip() == '': + continue + m = _variable_rx.match(line) + if m: + n, v = m.group(1, 2) + v = v.strip() + # `$$' is a literal `$' in make + tmpv = v.replace('$$', '') + + if "$" in tmpv: + notdone[n] = v + else: + try: + v = int(v) + except ValueError: + # insert literal `$' + done[n] = v.replace('$$', '$') + else: + done[n] = v + + # do variable interpolation here + variables = list(notdone.keys()) + + # Variables with a 'PY_' prefix in the makefile. These need to + # be made available without that prefix through sysconfig. + # Special care is needed to ensure that variable expansion works, even + # if the expansion uses the name without a prefix. + renamed_variables = ('CFLAGS', 'LDFLAGS', 'CPPFLAGS') + + while len(variables) > 0: + for name in tuple(variables): + value = notdone[name] + m = _findvar1_rx.search(value) or _findvar2_rx.search(value) + if m is not None: + n = m.group(1) + found = True + if n in done: + item = str(done[n]) + elif n in notdone: + # get it on a subsequent round + found = False + elif n in os.environ: + # do it like make: fall back to environment + item = os.environ[n] + + elif n in renamed_variables: + if (name.startswith('PY_') and + name[3:] in renamed_variables): + item = "" + + elif 'PY_' + n in notdone: + found = False + + else: + item = str(done['PY_' + n]) + + else: + done[n] = item = "" + + if found: + after = value[m.end():] + value = value[:m.start()] + item + after + if "$" in after: + notdone[name] = value + else: + try: + value = int(value) + except ValueError: + done[name] = value.strip() + else: + done[name] = value + variables.remove(name) + + if (name.startswith('PY_') and + name[3:] in renamed_variables): + + name = name[3:] + if name not in done: + done[name] = value + + else: + # bogus variable reference (e.g. "prefix=$/opt/python"); + # just drop it since we can't deal + done[name] = value + variables.remove(name) + + # strip spurious spaces + for k, v in done.items(): + if isinstance(v, str): + done[k] = v.strip() + + # save the results in the global dictionary + vars.update(done) + return vars + + +def get_makefile_filename(): + """Return the path of the Makefile.""" + if _PYTHON_BUILD: + return os.path.join(_PROJECT_BASE, "Makefile") + if hasattr(sys, 'abiflags'): + config_dir_name = 'config-%s%s' % (_PY_VERSION_SHORT, sys.abiflags) + else: + config_dir_name = 'config' + return os.path.join(get_path('stdlib'), config_dir_name, 'Makefile') + + +def _init_posix(vars): + """Initialize the module as appropriate for POSIX systems.""" + # load the installed Makefile: + makefile = get_makefile_filename() + try: + _parse_makefile(makefile, vars) + except IOError as e: + msg = "invalid Python installation: unable to open %s" % makefile + if hasattr(e, "strerror"): + msg = msg + " (%s)" % e.strerror + raise IOError(msg) + # load the installed pyconfig.h: + config_h = get_config_h_filename() + try: + with open(config_h) as f: + parse_config_h(f, vars) + except IOError as e: + msg = "invalid Python installation: unable to open %s" % config_h + if hasattr(e, "strerror"): + msg = msg + " (%s)" % e.strerror + raise IOError(msg) + # On AIX, there are wrong paths to the linker scripts in the Makefile + # -- these paths are relative to the Python source, but when installed + # the scripts are in another directory. + if _PYTHON_BUILD: + vars['LDSHARED'] = vars['BLDSHARED'] + + +def _init_non_posix(vars): + """Initialize the module as appropriate for NT""" + # set basic install directories + vars['LIBDEST'] = get_path('stdlib') + vars['BINLIBDEST'] = get_path('platstdlib') + vars['INCLUDEPY'] = get_path('include') + vars['SO'] = '.pyd' + vars['EXE'] = '.exe' + vars['VERSION'] = _PY_VERSION_SHORT_NO_DOT + vars['BINDIR'] = os.path.dirname(_safe_realpath(sys.executable)) + +# +# public APIs +# + + +def parse_config_h(fp, vars=None): + """Parse a config.h-style file. + + A dictionary containing name/value pairs is returned. If an + optional dictionary is passed in as the second argument, it is + used instead of a new dictionary. + """ + if vars is None: + vars = {} + define_rx = re.compile("#define ([A-Z][A-Za-z0-9_]+) (.*)\n") + undef_rx = re.compile("/[*] #undef ([A-Z][A-Za-z0-9_]+) [*]/\n") + + while True: + line = fp.readline() + if not line: + break + m = define_rx.match(line) + if m: + n, v = m.group(1, 2) + try: + v = int(v) + except ValueError: + pass + vars[n] = v + else: + m = undef_rx.match(line) + if m: + vars[m.group(1)] = 0 + return vars + + +def get_config_h_filename(): + """Return the path of pyconfig.h.""" + if _PYTHON_BUILD: + if os.name == "nt": + inc_dir = os.path.join(_PROJECT_BASE, "PC") + else: + inc_dir = _PROJECT_BASE + else: + inc_dir = get_path('platinclude') + return os.path.join(inc_dir, 'pyconfig.h') + + +def get_scheme_names(): + """Return a tuple containing the schemes names.""" + return tuple(sorted(_SCHEMES.sections())) + + +def get_path_names(): + """Return a tuple containing the paths names.""" + # xxx see if we want a static list + return _SCHEMES.options('posix_prefix') + + +def get_paths(scheme=_get_default_scheme(), vars=None, expand=True): + """Return a mapping containing an install scheme. + + ``scheme`` is the install scheme name. If not provided, it will + return the default scheme for the current platform. + """ + _ensure_cfg_read() + if expand: + return _expand_vars(scheme, vars) + else: + return dict(_SCHEMES.items(scheme)) + + +def get_path(name, scheme=_get_default_scheme(), vars=None, expand=True): + """Return a path corresponding to the scheme. + + ``scheme`` is the install scheme name. + """ + return get_paths(scheme, vars, expand)[name] + + +def get_config_vars(*args): + """With no arguments, return a dictionary of all configuration + variables relevant for the current platform. + + On Unix, this means every variable defined in Python's installed Makefile; + On Windows and Mac OS it's a much smaller set. + + With arguments, return a list of values that result from looking up + each argument in the configuration variable dictionary. + """ + global _CONFIG_VARS + if _CONFIG_VARS is None: + _CONFIG_VARS = {} + # Normalized versions of prefix and exec_prefix are handy to have; + # in fact, these are the standard versions used most places in the + # distutils2 module. + _CONFIG_VARS['prefix'] = _PREFIX + _CONFIG_VARS['exec_prefix'] = _EXEC_PREFIX + _CONFIG_VARS['py_version'] = _PY_VERSION + _CONFIG_VARS['py_version_short'] = _PY_VERSION_SHORT + _CONFIG_VARS['py_version_nodot'] = _PY_VERSION[0] + _PY_VERSION[2] + _CONFIG_VARS['base'] = _PREFIX + _CONFIG_VARS['platbase'] = _EXEC_PREFIX + _CONFIG_VARS['projectbase'] = _PROJECT_BASE + try: + _CONFIG_VARS['abiflags'] = sys.abiflags + except AttributeError: + # sys.abiflags may not be defined on all platforms. + _CONFIG_VARS['abiflags'] = '' + + if os.name in ('nt', 'os2'): + _init_non_posix(_CONFIG_VARS) + if os.name == 'posix': + _init_posix(_CONFIG_VARS) + # Setting 'userbase' is done below the call to the + # init function to enable using 'get_config_var' in + # the init-function. + if sys.version >= '2.6': + _CONFIG_VARS['userbase'] = _getuserbase() + + if 'srcdir' not in _CONFIG_VARS: + _CONFIG_VARS['srcdir'] = _PROJECT_BASE + else: + _CONFIG_VARS['srcdir'] = _safe_realpath(_CONFIG_VARS['srcdir']) + + # Convert srcdir into an absolute path if it appears necessary. + # Normally it is relative to the build directory. However, during + # testing, for example, we might be running a non-installed python + # from a different directory. + if _PYTHON_BUILD and os.name == "posix": + base = _PROJECT_BASE + try: + cwd = os.getcwd() + except OSError: + cwd = None + if (not os.path.isabs(_CONFIG_VARS['srcdir']) and + base != cwd): + # srcdir is relative and we are not in the same directory + # as the executable. Assume executable is in the build + # directory and make srcdir absolute. + srcdir = os.path.join(base, _CONFIG_VARS['srcdir']) + _CONFIG_VARS['srcdir'] = os.path.normpath(srcdir) + + if sys.platform == 'darwin': + kernel_version = os.uname()[2] # Kernel version (8.4.3) + major_version = int(kernel_version.split('.')[0]) + + if major_version < 8: + # On Mac OS X before 10.4, check if -arch and -isysroot + # are in CFLAGS or LDFLAGS and remove them if they are. + # This is needed when building extensions on a 10.3 system + # using a universal build of python. + for key in ('LDFLAGS', 'BASECFLAGS', + # a number of derived variables. These need to be + # patched up as well. + 'CFLAGS', 'PY_CFLAGS', 'BLDSHARED'): + flags = _CONFIG_VARS[key] + flags = re.sub(r'-arch\s+\w+\s', ' ', flags) + flags = re.sub('-isysroot [^ \t]*', ' ', flags) + _CONFIG_VARS[key] = flags + else: + # Allow the user to override the architecture flags using + # an environment variable. + # NOTE: This name was introduced by Apple in OSX 10.5 and + # is used by several scripting languages distributed with + # that OS release. + if 'ARCHFLAGS' in os.environ: + arch = os.environ['ARCHFLAGS'] + for key in ('LDFLAGS', 'BASECFLAGS', + # a number of derived variables. These need to be + # patched up as well. + 'CFLAGS', 'PY_CFLAGS', 'BLDSHARED'): + + flags = _CONFIG_VARS[key] + flags = re.sub(r'-arch\s+\w+\s', ' ', flags) + flags = flags + ' ' + arch + _CONFIG_VARS[key] = flags + + # If we're on OSX 10.5 or later and the user tries to + # compiles an extension using an SDK that is not present + # on the current machine it is better to not use an SDK + # than to fail. + # + # The major usecase for this is users using a Python.org + # binary installer on OSX 10.6: that installer uses + # the 10.4u SDK, but that SDK is not installed by default + # when you install Xcode. + # + CFLAGS = _CONFIG_VARS.get('CFLAGS', '') + m = re.search(r'-isysroot\s+(\S+)', CFLAGS) + if m is not None: + sdk = m.group(1) + if not os.path.exists(sdk): + for key in ('LDFLAGS', 'BASECFLAGS', + # a number of derived variables. These need to be + # patched up as well. + 'CFLAGS', 'PY_CFLAGS', 'BLDSHARED'): + + flags = _CONFIG_VARS[key] + flags = re.sub(r'-isysroot\s+\S+(\s|$)', ' ', flags) + _CONFIG_VARS[key] = flags + + if args: + vals = [] + for name in args: + vals.append(_CONFIG_VARS.get(name)) + return vals + else: + return _CONFIG_VARS + + +def get_config_var(name): + """Return the value of a single variable using the dictionary returned by + 'get_config_vars()'. + + Equivalent to get_config_vars().get(name) + """ + return get_config_vars().get(name) + + +def get_platform(): + """Return a string that identifies the current platform. + + This is used mainly to distinguish platform-specific build directories and + platform-specific built distributions. Typically includes the OS name + and version and the architecture (as supplied by 'os.uname()'), + although the exact information included depends on the OS; eg. for IRIX + the architecture isn't particularly important (IRIX only runs on SGI + hardware), but for Linux the kernel version isn't particularly + important. + + Examples of returned values: + linux-i586 + linux-alpha (?) + solaris-2.6-sun4u + irix-5.3 + irix64-6.2 + + Windows will return one of: + win-amd64 (64bit Windows on AMD64 (aka x86_64, Intel64, EM64T, etc) + win-ia64 (64bit Windows on Itanium) + win32 (all others - specifically, sys.platform is returned) + + For other non-POSIX platforms, currently just returns 'sys.platform'. + """ + if os.name == 'nt': + # sniff sys.version for architecture. + prefix = " bit (" + i = sys.version.find(prefix) + if i == -1: + return sys.platform + j = sys.version.find(")", i) + look = sys.version[i+len(prefix):j].lower() + if look == 'amd64': + return 'win-amd64' + if look == 'itanium': + return 'win-ia64' + return sys.platform + + if os.name != "posix" or not hasattr(os, 'uname'): + # XXX what about the architecture? NT is Intel or Alpha, + # Mac OS is M68k or PPC, etc. + return sys.platform + + # Try to distinguish various flavours of Unix + osname, host, release, version, machine = os.uname() + + # Convert the OS name to lowercase, remove '/' characters + # (to accommodate BSD/OS), and translate spaces (for "Power Macintosh") + osname = osname.lower().replace('/', '') + machine = machine.replace(' ', '_') + machine = machine.replace('/', '-') + + if osname[:5] == "linux": + # At least on Linux/Intel, 'machine' is the processor -- + # i386, etc. + # XXX what about Alpha, SPARC, etc? + return "%s-%s" % (osname, machine) + elif osname[:5] == "sunos": + if release[0] >= "5": # SunOS 5 == Solaris 2 + osname = "solaris" + release = "%d.%s" % (int(release[0]) - 3, release[2:]) + # fall through to standard osname-release-machine representation + elif osname[:4] == "irix": # could be "irix64"! + return "%s-%s" % (osname, release) + elif osname[:3] == "aix": + return "%s-%s.%s" % (osname, version, release) + elif osname[:6] == "cygwin": + osname = "cygwin" + rel_re = re.compile(r'[\d.]+') + m = rel_re.match(release) + if m: + release = m.group() + elif osname[:6] == "darwin": + # + # For our purposes, we'll assume that the system version from + # distutils' perspective is what MACOSX_DEPLOYMENT_TARGET is set + # to. This makes the compatibility story a bit more sane because the + # machine is going to compile and link as if it were + # MACOSX_DEPLOYMENT_TARGET. + cfgvars = get_config_vars() + macver = cfgvars.get('MACOSX_DEPLOYMENT_TARGET') + + if True: + # Always calculate the release of the running machine, + # needed to determine if we can build fat binaries or not. + + macrelease = macver + # Get the system version. Reading this plist is a documented + # way to get the system version (see the documentation for + # the Gestalt Manager) + try: + f = open('/System/Library/CoreServices/SystemVersion.plist') + except IOError: + # We're on a plain darwin box, fall back to the default + # behaviour. + pass + else: + try: + m = re.search(r'ProductUserVisibleVersion\s*' + r'(.*?)', f.read()) + finally: + f.close() + if m is not None: + macrelease = '.'.join(m.group(1).split('.')[:2]) + # else: fall back to the default behaviour + + if not macver: + macver = macrelease + + if macver: + release = macver + osname = "macosx" + + if ((macrelease + '.') >= '10.4.' and + '-arch' in get_config_vars().get('CFLAGS', '').strip()): + # The universal build will build fat binaries, but not on + # systems before 10.4 + # + # Try to detect 4-way universal builds, those have machine-type + # 'universal' instead of 'fat'. + + machine = 'fat' + cflags = get_config_vars().get('CFLAGS') + + archs = re.findall(r'-arch\s+(\S+)', cflags) + archs = tuple(sorted(set(archs))) + + if len(archs) == 1: + machine = archs[0] + elif archs == ('i386', 'ppc'): + machine = 'fat' + elif archs == ('i386', 'x86_64'): + machine = 'intel' + elif archs == ('i386', 'ppc', 'x86_64'): + machine = 'fat3' + elif archs == ('ppc64', 'x86_64'): + machine = 'fat64' + elif archs == ('i386', 'ppc', 'ppc64', 'x86_64'): + machine = 'universal' + else: + raise ValueError( + "Don't know machine value for archs=%r" % (archs,)) + + elif machine == 'i386': + # On OSX the machine type returned by uname is always the + # 32-bit variant, even if the executable architecture is + # the 64-bit variant + if sys.maxsize >= 2**32: + machine = 'x86_64' + + elif machine in ('PowerPC', 'Power_Macintosh'): + # Pick a sane name for the PPC architecture. + # See 'i386' case + if sys.maxsize >= 2**32: + machine = 'ppc64' + else: + machine = 'ppc' + + return "%s-%s-%s" % (osname, release, machine) + + +def get_python_version(): + return _PY_VERSION_SHORT + + +def _print_dict(title, data): + for index, (key, value) in enumerate(sorted(data.items())): + if index == 0: + print('%s: ' % (title)) + print('\t%s = "%s"' % (key, value)) + + +def _main(): + """Display all information sysconfig detains.""" + print('Platform: "%s"' % get_platform()) + print('Python version: "%s"' % get_python_version()) + print('Current installation scheme: "%s"' % _get_default_scheme()) + print() + _print_dict('Paths', get_paths()) + print() + _print_dict('Variables', get_config_vars()) + + +if __name__ == '__main__': + _main() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/tarfile.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/tarfile.py new file mode 100644 index 000000000..d66d85663 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/_backport/tarfile.py @@ -0,0 +1,2607 @@ +#------------------------------------------------------------------- +# tarfile.py +#------------------------------------------------------------------- +# Copyright (C) 2002 Lars Gustaebel +# All rights reserved. +# +# Permission is hereby granted, free of charge, to any person +# obtaining a copy of this software and associated documentation +# files (the "Software"), to deal in the Software without +# restriction, including without limitation the rights to use, +# copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the +# Software is furnished to do so, subject to the following +# conditions: +# +# The above copyright notice and this permission notice shall be +# included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES +# OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT +# HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, +# WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. +# +from __future__ import print_function + +"""Read from and write to tar format archives. +""" + +__version__ = "$Revision$" + +version = "0.9.0" +__author__ = "Lars Gust\u00e4bel (lars@gustaebel.de)" +__date__ = "$Date: 2011-02-25 17:42:01 +0200 (Fri, 25 Feb 2011) $" +__cvsid__ = "$Id: tarfile.py 88586 2011-02-25 15:42:01Z marc-andre.lemburg $" +__credits__ = "Gustavo Niemeyer, Niels Gust\u00e4bel, Richard Townsend." + +#--------- +# Imports +#--------- +import sys +import os +import stat +import errno +import time +import struct +import copy +import re + +try: + import grp, pwd +except ImportError: + grp = pwd = None + +# os.symlink on Windows prior to 6.0 raises NotImplementedError +symlink_exception = (AttributeError, NotImplementedError) +try: + # WindowsError (1314) will be raised if the caller does not hold the + # SeCreateSymbolicLinkPrivilege privilege + symlink_exception += (WindowsError,) +except NameError: + pass + +# from tarfile import * +__all__ = ["TarFile", "TarInfo", "is_tarfile", "TarError"] + +if sys.version_info[0] < 3: + import __builtin__ as builtins +else: + import builtins + +_open = builtins.open # Since 'open' is TarFile.open + +#--------------------------------------------------------- +# tar constants +#--------------------------------------------------------- +NUL = b"\0" # the null character +BLOCKSIZE = 512 # length of processing blocks +RECORDSIZE = BLOCKSIZE * 20 # length of records +GNU_MAGIC = b"ustar \0" # magic gnu tar string +POSIX_MAGIC = b"ustar\x0000" # magic posix tar string + +LENGTH_NAME = 100 # maximum length of a filename +LENGTH_LINK = 100 # maximum length of a linkname +LENGTH_PREFIX = 155 # maximum length of the prefix field + +REGTYPE = b"0" # regular file +AREGTYPE = b"\0" # regular file +LNKTYPE = b"1" # link (inside tarfile) +SYMTYPE = b"2" # symbolic link +CHRTYPE = b"3" # character special device +BLKTYPE = b"4" # block special device +DIRTYPE = b"5" # directory +FIFOTYPE = b"6" # fifo special device +CONTTYPE = b"7" # contiguous file + +GNUTYPE_LONGNAME = b"L" # GNU tar longname +GNUTYPE_LONGLINK = b"K" # GNU tar longlink +GNUTYPE_SPARSE = b"S" # GNU tar sparse file + +XHDTYPE = b"x" # POSIX.1-2001 extended header +XGLTYPE = b"g" # POSIX.1-2001 global header +SOLARIS_XHDTYPE = b"X" # Solaris extended header + +USTAR_FORMAT = 0 # POSIX.1-1988 (ustar) format +GNU_FORMAT = 1 # GNU tar format +PAX_FORMAT = 2 # POSIX.1-2001 (pax) format +DEFAULT_FORMAT = GNU_FORMAT + +#--------------------------------------------------------- +# tarfile constants +#--------------------------------------------------------- +# File types that tarfile supports: +SUPPORTED_TYPES = (REGTYPE, AREGTYPE, LNKTYPE, + SYMTYPE, DIRTYPE, FIFOTYPE, + CONTTYPE, CHRTYPE, BLKTYPE, + GNUTYPE_LONGNAME, GNUTYPE_LONGLINK, + GNUTYPE_SPARSE) + +# File types that will be treated as a regular file. +REGULAR_TYPES = (REGTYPE, AREGTYPE, + CONTTYPE, GNUTYPE_SPARSE) + +# File types that are part of the GNU tar format. +GNU_TYPES = (GNUTYPE_LONGNAME, GNUTYPE_LONGLINK, + GNUTYPE_SPARSE) + +# Fields from a pax header that override a TarInfo attribute. +PAX_FIELDS = ("path", "linkpath", "size", "mtime", + "uid", "gid", "uname", "gname") + +# Fields from a pax header that are affected by hdrcharset. +PAX_NAME_FIELDS = set(("path", "linkpath", "uname", "gname")) + +# Fields in a pax header that are numbers, all other fields +# are treated as strings. +PAX_NUMBER_FIELDS = { + "atime": float, + "ctime": float, + "mtime": float, + "uid": int, + "gid": int, + "size": int +} + +#--------------------------------------------------------- +# Bits used in the mode field, values in octal. +#--------------------------------------------------------- +S_IFLNK = 0o120000 # symbolic link +S_IFREG = 0o100000 # regular file +S_IFBLK = 0o060000 # block device +S_IFDIR = 0o040000 # directory +S_IFCHR = 0o020000 # character device +S_IFIFO = 0o010000 # fifo + +TSUID = 0o4000 # set UID on execution +TSGID = 0o2000 # set GID on execution +TSVTX = 0o1000 # reserved + +TUREAD = 0o400 # read by owner +TUWRITE = 0o200 # write by owner +TUEXEC = 0o100 # execute/search by owner +TGREAD = 0o040 # read by group +TGWRITE = 0o020 # write by group +TGEXEC = 0o010 # execute/search by group +TOREAD = 0o004 # read by other +TOWRITE = 0o002 # write by other +TOEXEC = 0o001 # execute/search by other + +#--------------------------------------------------------- +# initialization +#--------------------------------------------------------- +if os.name in ("nt", "ce"): + ENCODING = "utf-8" +else: + ENCODING = sys.getfilesystemencoding() + +#--------------------------------------------------------- +# Some useful functions +#--------------------------------------------------------- + +def stn(s, length, encoding, errors): + """Convert a string to a null-terminated bytes object. + """ + s = s.encode(encoding, errors) + return s[:length] + (length - len(s)) * NUL + +def nts(s, encoding, errors): + """Convert a null-terminated bytes object to a string. + """ + p = s.find(b"\0") + if p != -1: + s = s[:p] + return s.decode(encoding, errors) + +def nti(s): + """Convert a number field to a python number. + """ + # There are two possible encodings for a number field, see + # itn() below. + if s[0] != chr(0o200): + try: + n = int(nts(s, "ascii", "strict") or "0", 8) + except ValueError: + raise InvalidHeaderError("invalid header") + else: + n = 0 + for i in range(len(s) - 1): + n <<= 8 + n += ord(s[i + 1]) + return n + +def itn(n, digits=8, format=DEFAULT_FORMAT): + """Convert a python number to a number field. + """ + # POSIX 1003.1-1988 requires numbers to be encoded as a string of + # octal digits followed by a null-byte, this allows values up to + # (8**(digits-1))-1. GNU tar allows storing numbers greater than + # that if necessary. A leading 0o200 byte indicates this particular + # encoding, the following digits-1 bytes are a big-endian + # representation. This allows values up to (256**(digits-1))-1. + if 0 <= n < 8 ** (digits - 1): + s = ("%0*o" % (digits - 1, n)).encode("ascii") + NUL + else: + if format != GNU_FORMAT or n >= 256 ** (digits - 1): + raise ValueError("overflow in number field") + + if n < 0: + # XXX We mimic GNU tar's behaviour with negative numbers, + # this could raise OverflowError. + n = struct.unpack("L", struct.pack("l", n))[0] + + s = bytearray() + for i in range(digits - 1): + s.insert(0, n & 0o377) + n >>= 8 + s.insert(0, 0o200) + return s + +def calc_chksums(buf): + """Calculate the checksum for a member's header by summing up all + characters except for the chksum field which is treated as if + it was filled with spaces. According to the GNU tar sources, + some tars (Sun and NeXT) calculate chksum with signed char, + which will be different if there are chars in the buffer with + the high bit set. So we calculate two checksums, unsigned and + signed. + """ + unsigned_chksum = 256 + sum(struct.unpack("148B", buf[:148]) + struct.unpack("356B", buf[156:512])) + signed_chksum = 256 + sum(struct.unpack("148b", buf[:148]) + struct.unpack("356b", buf[156:512])) + return unsigned_chksum, signed_chksum + +def copyfileobj(src, dst, length=None): + """Copy length bytes from fileobj src to fileobj dst. + If length is None, copy the entire content. + """ + if length == 0: + return + if length is None: + while True: + buf = src.read(16*1024) + if not buf: + break + dst.write(buf) + return + + BUFSIZE = 16 * 1024 + blocks, remainder = divmod(length, BUFSIZE) + for b in range(blocks): + buf = src.read(BUFSIZE) + if len(buf) < BUFSIZE: + raise IOError("end of file reached") + dst.write(buf) + + if remainder != 0: + buf = src.read(remainder) + if len(buf) < remainder: + raise IOError("end of file reached") + dst.write(buf) + return + +filemode_table = ( + ((S_IFLNK, "l"), + (S_IFREG, "-"), + (S_IFBLK, "b"), + (S_IFDIR, "d"), + (S_IFCHR, "c"), + (S_IFIFO, "p")), + + ((TUREAD, "r"),), + ((TUWRITE, "w"),), + ((TUEXEC|TSUID, "s"), + (TSUID, "S"), + (TUEXEC, "x")), + + ((TGREAD, "r"),), + ((TGWRITE, "w"),), + ((TGEXEC|TSGID, "s"), + (TSGID, "S"), + (TGEXEC, "x")), + + ((TOREAD, "r"),), + ((TOWRITE, "w"),), + ((TOEXEC|TSVTX, "t"), + (TSVTX, "T"), + (TOEXEC, "x")) +) + +def filemode(mode): + """Convert a file's mode to a string of the form + -rwxrwxrwx. + Used by TarFile.list() + """ + perm = [] + for table in filemode_table: + for bit, char in table: + if mode & bit == bit: + perm.append(char) + break + else: + perm.append("-") + return "".join(perm) + +class TarError(Exception): + """Base exception.""" + pass +class ExtractError(TarError): + """General exception for extract errors.""" + pass +class ReadError(TarError): + """Exception for unreadable tar archives.""" + pass +class CompressionError(TarError): + """Exception for unavailable compression methods.""" + pass +class StreamError(TarError): + """Exception for unsupported operations on stream-like TarFiles.""" + pass +class HeaderError(TarError): + """Base exception for header errors.""" + pass +class EmptyHeaderError(HeaderError): + """Exception for empty headers.""" + pass +class TruncatedHeaderError(HeaderError): + """Exception for truncated headers.""" + pass +class EOFHeaderError(HeaderError): + """Exception for end of file headers.""" + pass +class InvalidHeaderError(HeaderError): + """Exception for invalid headers.""" + pass +class SubsequentHeaderError(HeaderError): + """Exception for missing and invalid extended headers.""" + pass + +#--------------------------- +# internal stream interface +#--------------------------- +class _LowLevelFile(object): + """Low-level file object. Supports reading and writing. + It is used instead of a regular file object for streaming + access. + """ + + def __init__(self, name, mode): + mode = { + "r": os.O_RDONLY, + "w": os.O_WRONLY | os.O_CREAT | os.O_TRUNC, + }[mode] + if hasattr(os, "O_BINARY"): + mode |= os.O_BINARY + self.fd = os.open(name, mode, 0o666) + + def close(self): + os.close(self.fd) + + def read(self, size): + return os.read(self.fd, size) + + def write(self, s): + os.write(self.fd, s) + +class _Stream(object): + """Class that serves as an adapter between TarFile and + a stream-like object. The stream-like object only + needs to have a read() or write() method and is accessed + blockwise. Use of gzip or bzip2 compression is possible. + A stream-like object could be for example: sys.stdin, + sys.stdout, a socket, a tape device etc. + + _Stream is intended to be used only internally. + """ + + def __init__(self, name, mode, comptype, fileobj, bufsize): + """Construct a _Stream object. + """ + self._extfileobj = True + if fileobj is None: + fileobj = _LowLevelFile(name, mode) + self._extfileobj = False + + if comptype == '*': + # Enable transparent compression detection for the + # stream interface + fileobj = _StreamProxy(fileobj) + comptype = fileobj.getcomptype() + + self.name = name or "" + self.mode = mode + self.comptype = comptype + self.fileobj = fileobj + self.bufsize = bufsize + self.buf = b"" + self.pos = 0 + self.closed = False + + try: + if comptype == "gz": + try: + import zlib + except ImportError: + raise CompressionError("zlib module is not available") + self.zlib = zlib + self.crc = zlib.crc32(b"") + if mode == "r": + self._init_read_gz() + else: + self._init_write_gz() + + if comptype == "bz2": + try: + import bz2 + except ImportError: + raise CompressionError("bz2 module is not available") + if mode == "r": + self.dbuf = b"" + self.cmp = bz2.BZ2Decompressor() + else: + self.cmp = bz2.BZ2Compressor() + except: + if not self._extfileobj: + self.fileobj.close() + self.closed = True + raise + + def __del__(self): + if hasattr(self, "closed") and not self.closed: + self.close() + + def _init_write_gz(self): + """Initialize for writing with gzip compression. + """ + self.cmp = self.zlib.compressobj(9, self.zlib.DEFLATED, + -self.zlib.MAX_WBITS, + self.zlib.DEF_MEM_LEVEL, + 0) + timestamp = struct.pack(" self.bufsize: + self.fileobj.write(self.buf[:self.bufsize]) + self.buf = self.buf[self.bufsize:] + + def close(self): + """Close the _Stream object. No operation should be + done on it afterwards. + """ + if self.closed: + return + + if self.mode == "w" and self.comptype != "tar": + self.buf += self.cmp.flush() + + if self.mode == "w" and self.buf: + self.fileobj.write(self.buf) + self.buf = b"" + if self.comptype == "gz": + # The native zlib crc is an unsigned 32-bit integer, but + # the Python wrapper implicitly casts that to a signed C + # long. So, on a 32-bit box self.crc may "look negative", + # while the same crc on a 64-bit box may "look positive". + # To avoid irksome warnings from the `struct` module, force + # it to look positive on all boxes. + self.fileobj.write(struct.pack("= 0: + blocks, remainder = divmod(pos - self.pos, self.bufsize) + for i in range(blocks): + self.read(self.bufsize) + self.read(remainder) + else: + raise StreamError("seeking backwards is not allowed") + return self.pos + + def read(self, size=None): + """Return the next size number of bytes from the stream. + If size is not defined, return all bytes of the stream + up to EOF. + """ + if size is None: + t = [] + while True: + buf = self._read(self.bufsize) + if not buf: + break + t.append(buf) + buf = "".join(t) + else: + buf = self._read(size) + self.pos += len(buf) + return buf + + def _read(self, size): + """Return size bytes from the stream. + """ + if self.comptype == "tar": + return self.__read(size) + + c = len(self.dbuf) + while c < size: + buf = self.__read(self.bufsize) + if not buf: + break + try: + buf = self.cmp.decompress(buf) + except IOError: + raise ReadError("invalid compressed data") + self.dbuf += buf + c += len(buf) + buf = self.dbuf[:size] + self.dbuf = self.dbuf[size:] + return buf + + def __read(self, size): + """Return size bytes from stream. If internal buffer is empty, + read another block from the stream. + """ + c = len(self.buf) + while c < size: + buf = self.fileobj.read(self.bufsize) + if not buf: + break + self.buf += buf + c += len(buf) + buf = self.buf[:size] + self.buf = self.buf[size:] + return buf +# class _Stream + +class _StreamProxy(object): + """Small proxy class that enables transparent compression + detection for the Stream interface (mode 'r|*'). + """ + + def __init__(self, fileobj): + self.fileobj = fileobj + self.buf = self.fileobj.read(BLOCKSIZE) + + def read(self, size): + self.read = self.fileobj.read + return self.buf + + def getcomptype(self): + if self.buf.startswith(b"\037\213\010"): + return "gz" + if self.buf.startswith(b"BZh91"): + return "bz2" + return "tar" + + def close(self): + self.fileobj.close() +# class StreamProxy + +class _BZ2Proxy(object): + """Small proxy class that enables external file object + support for "r:bz2" and "w:bz2" modes. This is actually + a workaround for a limitation in bz2 module's BZ2File + class which (unlike gzip.GzipFile) has no support for + a file object argument. + """ + + blocksize = 16 * 1024 + + def __init__(self, fileobj, mode): + self.fileobj = fileobj + self.mode = mode + self.name = getattr(self.fileobj, "name", None) + self.init() + + def init(self): + import bz2 + self.pos = 0 + if self.mode == "r": + self.bz2obj = bz2.BZ2Decompressor() + self.fileobj.seek(0) + self.buf = b"" + else: + self.bz2obj = bz2.BZ2Compressor() + + def read(self, size): + x = len(self.buf) + while x < size: + raw = self.fileobj.read(self.blocksize) + if not raw: + break + data = self.bz2obj.decompress(raw) + self.buf += data + x += len(data) + + buf = self.buf[:size] + self.buf = self.buf[size:] + self.pos += len(buf) + return buf + + def seek(self, pos): + if pos < self.pos: + self.init() + self.read(pos - self.pos) + + def tell(self): + return self.pos + + def write(self, data): + self.pos += len(data) + raw = self.bz2obj.compress(data) + self.fileobj.write(raw) + + def close(self): + if self.mode == "w": + raw = self.bz2obj.flush() + self.fileobj.write(raw) +# class _BZ2Proxy + +#------------------------ +# Extraction file object +#------------------------ +class _FileInFile(object): + """A thin wrapper around an existing file object that + provides a part of its data as an individual file + object. + """ + + def __init__(self, fileobj, offset, size, blockinfo=None): + self.fileobj = fileobj + self.offset = offset + self.size = size + self.position = 0 + + if blockinfo is None: + blockinfo = [(0, size)] + + # Construct a map with data and zero blocks. + self.map_index = 0 + self.map = [] + lastpos = 0 + realpos = self.offset + for offset, size in blockinfo: + if offset > lastpos: + self.map.append((False, lastpos, offset, None)) + self.map.append((True, offset, offset + size, realpos)) + realpos += size + lastpos = offset + size + if lastpos < self.size: + self.map.append((False, lastpos, self.size, None)) + + def seekable(self): + if not hasattr(self.fileobj, "seekable"): + # XXX gzip.GzipFile and bz2.BZ2File + return True + return self.fileobj.seekable() + + def tell(self): + """Return the current file position. + """ + return self.position + + def seek(self, position): + """Seek to a position in the file. + """ + self.position = position + + def read(self, size=None): + """Read data from the file. + """ + if size is None: + size = self.size - self.position + else: + size = min(size, self.size - self.position) + + buf = b"" + while size > 0: + while True: + data, start, stop, offset = self.map[self.map_index] + if start <= self.position < stop: + break + else: + self.map_index += 1 + if self.map_index == len(self.map): + self.map_index = 0 + length = min(size, stop - self.position) + if data: + self.fileobj.seek(offset + (self.position - start)) + buf += self.fileobj.read(length) + else: + buf += NUL * length + size -= length + self.position += length + return buf +#class _FileInFile + + +class ExFileObject(object): + """File-like object for reading an archive member. + Is returned by TarFile.extractfile(). + """ + blocksize = 1024 + + def __init__(self, tarfile, tarinfo): + self.fileobj = _FileInFile(tarfile.fileobj, + tarinfo.offset_data, + tarinfo.size, + tarinfo.sparse) + self.name = tarinfo.name + self.mode = "r" + self.closed = False + self.size = tarinfo.size + + self.position = 0 + self.buffer = b"" + + def readable(self): + return True + + def writable(self): + return False + + def seekable(self): + return self.fileobj.seekable() + + def read(self, size=None): + """Read at most size bytes from the file. If size is not + present or None, read all data until EOF is reached. + """ + if self.closed: + raise ValueError("I/O operation on closed file") + + buf = b"" + if self.buffer: + if size is None: + buf = self.buffer + self.buffer = b"" + else: + buf = self.buffer[:size] + self.buffer = self.buffer[size:] + + if size is None: + buf += self.fileobj.read() + else: + buf += self.fileobj.read(size - len(buf)) + + self.position += len(buf) + return buf + + # XXX TextIOWrapper uses the read1() method. + read1 = read + + def readline(self, size=-1): + """Read one entire line from the file. If size is present + and non-negative, return a string with at most that + size, which may be an incomplete line. + """ + if self.closed: + raise ValueError("I/O operation on closed file") + + pos = self.buffer.find(b"\n") + 1 + if pos == 0: + # no newline found. + while True: + buf = self.fileobj.read(self.blocksize) + self.buffer += buf + if not buf or b"\n" in buf: + pos = self.buffer.find(b"\n") + 1 + if pos == 0: + # no newline found. + pos = len(self.buffer) + break + + if size != -1: + pos = min(size, pos) + + buf = self.buffer[:pos] + self.buffer = self.buffer[pos:] + self.position += len(buf) + return buf + + def readlines(self): + """Return a list with all remaining lines. + """ + result = [] + while True: + line = self.readline() + if not line: break + result.append(line) + return result + + def tell(self): + """Return the current file position. + """ + if self.closed: + raise ValueError("I/O operation on closed file") + + return self.position + + def seek(self, pos, whence=os.SEEK_SET): + """Seek to a position in the file. + """ + if self.closed: + raise ValueError("I/O operation on closed file") + + if whence == os.SEEK_SET: + self.position = min(max(pos, 0), self.size) + elif whence == os.SEEK_CUR: + if pos < 0: + self.position = max(self.position + pos, 0) + else: + self.position = min(self.position + pos, self.size) + elif whence == os.SEEK_END: + self.position = max(min(self.size + pos, self.size), 0) + else: + raise ValueError("Invalid argument") + + self.buffer = b"" + self.fileobj.seek(self.position) + + def close(self): + """Close the file object. + """ + self.closed = True + + def __iter__(self): + """Get an iterator over the file's lines. + """ + while True: + line = self.readline() + if not line: + break + yield line +#class ExFileObject + +#------------------ +# Exported Classes +#------------------ +class TarInfo(object): + """Informational class which holds the details about an + archive member given by a tar header block. + TarInfo objects are returned by TarFile.getmember(), + TarFile.getmembers() and TarFile.gettarinfo() and are + usually created internally. + """ + + __slots__ = ("name", "mode", "uid", "gid", "size", "mtime", + "chksum", "type", "linkname", "uname", "gname", + "devmajor", "devminor", + "offset", "offset_data", "pax_headers", "sparse", + "tarfile", "_sparse_structs", "_link_target") + + def __init__(self, name=""): + """Construct a TarInfo object. name is the optional name + of the member. + """ + self.name = name # member name + self.mode = 0o644 # file permissions + self.uid = 0 # user id + self.gid = 0 # group id + self.size = 0 # file size + self.mtime = 0 # modification time + self.chksum = 0 # header checksum + self.type = REGTYPE # member type + self.linkname = "" # link name + self.uname = "" # user name + self.gname = "" # group name + self.devmajor = 0 # device major number + self.devminor = 0 # device minor number + + self.offset = 0 # the tar header starts here + self.offset_data = 0 # the file's data starts here + + self.sparse = None # sparse member information + self.pax_headers = {} # pax header information + + # In pax headers the "name" and "linkname" field are called + # "path" and "linkpath". + def _getpath(self): + return self.name + def _setpath(self, name): + self.name = name + path = property(_getpath, _setpath) + + def _getlinkpath(self): + return self.linkname + def _setlinkpath(self, linkname): + self.linkname = linkname + linkpath = property(_getlinkpath, _setlinkpath) + + def __repr__(self): + return "<%s %r at %#x>" % (self.__class__.__name__,self.name,id(self)) + + def get_info(self): + """Return the TarInfo's attributes as a dictionary. + """ + info = { + "name": self.name, + "mode": self.mode & 0o7777, + "uid": self.uid, + "gid": self.gid, + "size": self.size, + "mtime": self.mtime, + "chksum": self.chksum, + "type": self.type, + "linkname": self.linkname, + "uname": self.uname, + "gname": self.gname, + "devmajor": self.devmajor, + "devminor": self.devminor + } + + if info["type"] == DIRTYPE and not info["name"].endswith("/"): + info["name"] += "/" + + return info + + def tobuf(self, format=DEFAULT_FORMAT, encoding=ENCODING, errors="surrogateescape"): + """Return a tar header as a string of 512 byte blocks. + """ + info = self.get_info() + + if format == USTAR_FORMAT: + return self.create_ustar_header(info, encoding, errors) + elif format == GNU_FORMAT: + return self.create_gnu_header(info, encoding, errors) + elif format == PAX_FORMAT: + return self.create_pax_header(info, encoding) + else: + raise ValueError("invalid format") + + def create_ustar_header(self, info, encoding, errors): + """Return the object as a ustar header block. + """ + info["magic"] = POSIX_MAGIC + + if len(info["linkname"]) > LENGTH_LINK: + raise ValueError("linkname is too long") + + if len(info["name"]) > LENGTH_NAME: + info["prefix"], info["name"] = self._posix_split_name(info["name"]) + + return self._create_header(info, USTAR_FORMAT, encoding, errors) + + def create_gnu_header(self, info, encoding, errors): + """Return the object as a GNU header block sequence. + """ + info["magic"] = GNU_MAGIC + + buf = b"" + if len(info["linkname"]) > LENGTH_LINK: + buf += self._create_gnu_long_header(info["linkname"], GNUTYPE_LONGLINK, encoding, errors) + + if len(info["name"]) > LENGTH_NAME: + buf += self._create_gnu_long_header(info["name"], GNUTYPE_LONGNAME, encoding, errors) + + return buf + self._create_header(info, GNU_FORMAT, encoding, errors) + + def create_pax_header(self, info, encoding): + """Return the object as a ustar header block. If it cannot be + represented this way, prepend a pax extended header sequence + with supplement information. + """ + info["magic"] = POSIX_MAGIC + pax_headers = self.pax_headers.copy() + + # Test string fields for values that exceed the field length or cannot + # be represented in ASCII encoding. + for name, hname, length in ( + ("name", "path", LENGTH_NAME), ("linkname", "linkpath", LENGTH_LINK), + ("uname", "uname", 32), ("gname", "gname", 32)): + + if hname in pax_headers: + # The pax header has priority. + continue + + # Try to encode the string as ASCII. + try: + info[name].encode("ascii", "strict") + except UnicodeEncodeError: + pax_headers[hname] = info[name] + continue + + if len(info[name]) > length: + pax_headers[hname] = info[name] + + # Test number fields for values that exceed the field limit or values + # that like to be stored as float. + for name, digits in (("uid", 8), ("gid", 8), ("size", 12), ("mtime", 12)): + if name in pax_headers: + # The pax header has priority. Avoid overflow. + info[name] = 0 + continue + + val = info[name] + if not 0 <= val < 8 ** (digits - 1) or isinstance(val, float): + pax_headers[name] = str(val) + info[name] = 0 + + # Create a pax extended header if necessary. + if pax_headers: + buf = self._create_pax_generic_header(pax_headers, XHDTYPE, encoding) + else: + buf = b"" + + return buf + self._create_header(info, USTAR_FORMAT, "ascii", "replace") + + @classmethod + def create_pax_global_header(cls, pax_headers): + """Return the object as a pax global header block sequence. + """ + return cls._create_pax_generic_header(pax_headers, XGLTYPE, "utf8") + + def _posix_split_name(self, name): + """Split a name longer than 100 chars into a prefix + and a name part. + """ + prefix = name[:LENGTH_PREFIX + 1] + while prefix and prefix[-1] != "/": + prefix = prefix[:-1] + + name = name[len(prefix):] + prefix = prefix[:-1] + + if not prefix or len(name) > LENGTH_NAME: + raise ValueError("name is too long") + return prefix, name + + @staticmethod + def _create_header(info, format, encoding, errors): + """Return a header block. info is a dictionary with file + information, format must be one of the *_FORMAT constants. + """ + parts = [ + stn(info.get("name", ""), 100, encoding, errors), + itn(info.get("mode", 0) & 0o7777, 8, format), + itn(info.get("uid", 0), 8, format), + itn(info.get("gid", 0), 8, format), + itn(info.get("size", 0), 12, format), + itn(info.get("mtime", 0), 12, format), + b" ", # checksum field + info.get("type", REGTYPE), + stn(info.get("linkname", ""), 100, encoding, errors), + info.get("magic", POSIX_MAGIC), + stn(info.get("uname", ""), 32, encoding, errors), + stn(info.get("gname", ""), 32, encoding, errors), + itn(info.get("devmajor", 0), 8, format), + itn(info.get("devminor", 0), 8, format), + stn(info.get("prefix", ""), 155, encoding, errors) + ] + + buf = struct.pack("%ds" % BLOCKSIZE, b"".join(parts)) + chksum = calc_chksums(buf[-BLOCKSIZE:])[0] + buf = buf[:-364] + ("%06o\0" % chksum).encode("ascii") + buf[-357:] + return buf + + @staticmethod + def _create_payload(payload): + """Return the string payload filled with zero bytes + up to the next 512 byte border. + """ + blocks, remainder = divmod(len(payload), BLOCKSIZE) + if remainder > 0: + payload += (BLOCKSIZE - remainder) * NUL + return payload + + @classmethod + def _create_gnu_long_header(cls, name, type, encoding, errors): + """Return a GNUTYPE_LONGNAME or GNUTYPE_LONGLINK sequence + for name. + """ + name = name.encode(encoding, errors) + NUL + + info = {} + info["name"] = "././@LongLink" + info["type"] = type + info["size"] = len(name) + info["magic"] = GNU_MAGIC + + # create extended header + name blocks. + return cls._create_header(info, USTAR_FORMAT, encoding, errors) + \ + cls._create_payload(name) + + @classmethod + def _create_pax_generic_header(cls, pax_headers, type, encoding): + """Return a POSIX.1-2008 extended or global header sequence + that contains a list of keyword, value pairs. The values + must be strings. + """ + # Check if one of the fields contains surrogate characters and thereby + # forces hdrcharset=BINARY, see _proc_pax() for more information. + binary = False + for keyword, value in pax_headers.items(): + try: + value.encode("utf8", "strict") + except UnicodeEncodeError: + binary = True + break + + records = b"" + if binary: + # Put the hdrcharset field at the beginning of the header. + records += b"21 hdrcharset=BINARY\n" + + for keyword, value in pax_headers.items(): + keyword = keyword.encode("utf8") + if binary: + # Try to restore the original byte representation of `value'. + # Needless to say, that the encoding must match the string. + value = value.encode(encoding, "surrogateescape") + else: + value = value.encode("utf8") + + l = len(keyword) + len(value) + 3 # ' ' + '=' + '\n' + n = p = 0 + while True: + n = l + len(str(p)) + if n == p: + break + p = n + records += bytes(str(p), "ascii") + b" " + keyword + b"=" + value + b"\n" + + # We use a hardcoded "././@PaxHeader" name like star does + # instead of the one that POSIX recommends. + info = {} + info["name"] = "././@PaxHeader" + info["type"] = type + info["size"] = len(records) + info["magic"] = POSIX_MAGIC + + # Create pax header + record blocks. + return cls._create_header(info, USTAR_FORMAT, "ascii", "replace") + \ + cls._create_payload(records) + + @classmethod + def frombuf(cls, buf, encoding, errors): + """Construct a TarInfo object from a 512 byte bytes object. + """ + if len(buf) == 0: + raise EmptyHeaderError("empty header") + if len(buf) != BLOCKSIZE: + raise TruncatedHeaderError("truncated header") + if buf.count(NUL) == BLOCKSIZE: + raise EOFHeaderError("end of file header") + + chksum = nti(buf[148:156]) + if chksum not in calc_chksums(buf): + raise InvalidHeaderError("bad checksum") + + obj = cls() + obj.name = nts(buf[0:100], encoding, errors) + obj.mode = nti(buf[100:108]) + obj.uid = nti(buf[108:116]) + obj.gid = nti(buf[116:124]) + obj.size = nti(buf[124:136]) + obj.mtime = nti(buf[136:148]) + obj.chksum = chksum + obj.type = buf[156:157] + obj.linkname = nts(buf[157:257], encoding, errors) + obj.uname = nts(buf[265:297], encoding, errors) + obj.gname = nts(buf[297:329], encoding, errors) + obj.devmajor = nti(buf[329:337]) + obj.devminor = nti(buf[337:345]) + prefix = nts(buf[345:500], encoding, errors) + + # Old V7 tar format represents a directory as a regular + # file with a trailing slash. + if obj.type == AREGTYPE and obj.name.endswith("/"): + obj.type = DIRTYPE + + # The old GNU sparse format occupies some of the unused + # space in the buffer for up to 4 sparse structures. + # Save the them for later processing in _proc_sparse(). + if obj.type == GNUTYPE_SPARSE: + pos = 386 + structs = [] + for i in range(4): + try: + offset = nti(buf[pos:pos + 12]) + numbytes = nti(buf[pos + 12:pos + 24]) + except ValueError: + break + structs.append((offset, numbytes)) + pos += 24 + isextended = bool(buf[482]) + origsize = nti(buf[483:495]) + obj._sparse_structs = (structs, isextended, origsize) + + # Remove redundant slashes from directories. + if obj.isdir(): + obj.name = obj.name.rstrip("/") + + # Reconstruct a ustar longname. + if prefix and obj.type not in GNU_TYPES: + obj.name = prefix + "/" + obj.name + return obj + + @classmethod + def fromtarfile(cls, tarfile): + """Return the next TarInfo object from TarFile object + tarfile. + """ + buf = tarfile.fileobj.read(BLOCKSIZE) + obj = cls.frombuf(buf, tarfile.encoding, tarfile.errors) + obj.offset = tarfile.fileobj.tell() - BLOCKSIZE + return obj._proc_member(tarfile) + + #-------------------------------------------------------------------------- + # The following are methods that are called depending on the type of a + # member. The entry point is _proc_member() which can be overridden in a + # subclass to add custom _proc_*() methods. A _proc_*() method MUST + # implement the following + # operations: + # 1. Set self.offset_data to the position where the data blocks begin, + # if there is data that follows. + # 2. Set tarfile.offset to the position where the next member's header will + # begin. + # 3. Return self or another valid TarInfo object. + def _proc_member(self, tarfile): + """Choose the right processing method depending on + the type and call it. + """ + if self.type in (GNUTYPE_LONGNAME, GNUTYPE_LONGLINK): + return self._proc_gnulong(tarfile) + elif self.type == GNUTYPE_SPARSE: + return self._proc_sparse(tarfile) + elif self.type in (XHDTYPE, XGLTYPE, SOLARIS_XHDTYPE): + return self._proc_pax(tarfile) + else: + return self._proc_builtin(tarfile) + + def _proc_builtin(self, tarfile): + """Process a builtin type or an unknown type which + will be treated as a regular file. + """ + self.offset_data = tarfile.fileobj.tell() + offset = self.offset_data + if self.isreg() or self.type not in SUPPORTED_TYPES: + # Skip the following data blocks. + offset += self._block(self.size) + tarfile.offset = offset + + # Patch the TarInfo object with saved global + # header information. + self._apply_pax_info(tarfile.pax_headers, tarfile.encoding, tarfile.errors) + + return self + + def _proc_gnulong(self, tarfile): + """Process the blocks that hold a GNU longname + or longlink member. + """ + buf = tarfile.fileobj.read(self._block(self.size)) + + # Fetch the next header and process it. + try: + next = self.fromtarfile(tarfile) + except HeaderError: + raise SubsequentHeaderError("missing or bad subsequent header") + + # Patch the TarInfo object from the next header with + # the longname information. + next.offset = self.offset + if self.type == GNUTYPE_LONGNAME: + next.name = nts(buf, tarfile.encoding, tarfile.errors) + elif self.type == GNUTYPE_LONGLINK: + next.linkname = nts(buf, tarfile.encoding, tarfile.errors) + + return next + + def _proc_sparse(self, tarfile): + """Process a GNU sparse header plus extra headers. + """ + # We already collected some sparse structures in frombuf(). + structs, isextended, origsize = self._sparse_structs + del self._sparse_structs + + # Collect sparse structures from extended header blocks. + while isextended: + buf = tarfile.fileobj.read(BLOCKSIZE) + pos = 0 + for i in range(21): + try: + offset = nti(buf[pos:pos + 12]) + numbytes = nti(buf[pos + 12:pos + 24]) + except ValueError: + break + if offset and numbytes: + structs.append((offset, numbytes)) + pos += 24 + isextended = bool(buf[504]) + self.sparse = structs + + self.offset_data = tarfile.fileobj.tell() + tarfile.offset = self.offset_data + self._block(self.size) + self.size = origsize + return self + + def _proc_pax(self, tarfile): + """Process an extended or global header as described in + POSIX.1-2008. + """ + # Read the header information. + buf = tarfile.fileobj.read(self._block(self.size)) + + # A pax header stores supplemental information for either + # the following file (extended) or all following files + # (global). + if self.type == XGLTYPE: + pax_headers = tarfile.pax_headers + else: + pax_headers = tarfile.pax_headers.copy() + + # Check if the pax header contains a hdrcharset field. This tells us + # the encoding of the path, linkpath, uname and gname fields. Normally, + # these fields are UTF-8 encoded but since POSIX.1-2008 tar + # implementations are allowed to store them as raw binary strings if + # the translation to UTF-8 fails. + match = re.search(br"\d+ hdrcharset=([^\n]+)\n", buf) + if match is not None: + pax_headers["hdrcharset"] = match.group(1).decode("utf8") + + # For the time being, we don't care about anything other than "BINARY". + # The only other value that is currently allowed by the standard is + # "ISO-IR 10646 2000 UTF-8" in other words UTF-8. + hdrcharset = pax_headers.get("hdrcharset") + if hdrcharset == "BINARY": + encoding = tarfile.encoding + else: + encoding = "utf8" + + # Parse pax header information. A record looks like that: + # "%d %s=%s\n" % (length, keyword, value). length is the size + # of the complete record including the length field itself and + # the newline. keyword and value are both UTF-8 encoded strings. + regex = re.compile(br"(\d+) ([^=]+)=") + pos = 0 + while True: + match = regex.match(buf, pos) + if not match: + break + + length, keyword = match.groups() + length = int(length) + value = buf[match.end(2) + 1:match.start(1) + length - 1] + + # Normally, we could just use "utf8" as the encoding and "strict" + # as the error handler, but we better not take the risk. For + # example, GNU tar <= 1.23 is known to store filenames it cannot + # translate to UTF-8 as raw strings (unfortunately without a + # hdrcharset=BINARY header). + # We first try the strict standard encoding, and if that fails we + # fall back on the user's encoding and error handler. + keyword = self._decode_pax_field(keyword, "utf8", "utf8", + tarfile.errors) + if keyword in PAX_NAME_FIELDS: + value = self._decode_pax_field(value, encoding, tarfile.encoding, + tarfile.errors) + else: + value = self._decode_pax_field(value, "utf8", "utf8", + tarfile.errors) + + pax_headers[keyword] = value + pos += length + + # Fetch the next header. + try: + next = self.fromtarfile(tarfile) + except HeaderError: + raise SubsequentHeaderError("missing or bad subsequent header") + + # Process GNU sparse information. + if "GNU.sparse.map" in pax_headers: + # GNU extended sparse format version 0.1. + self._proc_gnusparse_01(next, pax_headers) + + elif "GNU.sparse.size" in pax_headers: + # GNU extended sparse format version 0.0. + self._proc_gnusparse_00(next, pax_headers, buf) + + elif pax_headers.get("GNU.sparse.major") == "1" and pax_headers.get("GNU.sparse.minor") == "0": + # GNU extended sparse format version 1.0. + self._proc_gnusparse_10(next, pax_headers, tarfile) + + if self.type in (XHDTYPE, SOLARIS_XHDTYPE): + # Patch the TarInfo object with the extended header info. + next._apply_pax_info(pax_headers, tarfile.encoding, tarfile.errors) + next.offset = self.offset + + if "size" in pax_headers: + # If the extended header replaces the size field, + # we need to recalculate the offset where the next + # header starts. + offset = next.offset_data + if next.isreg() or next.type not in SUPPORTED_TYPES: + offset += next._block(next.size) + tarfile.offset = offset + + return next + + def _proc_gnusparse_00(self, next, pax_headers, buf): + """Process a GNU tar extended sparse header, version 0.0. + """ + offsets = [] + for match in re.finditer(br"\d+ GNU.sparse.offset=(\d+)\n", buf): + offsets.append(int(match.group(1))) + numbytes = [] + for match in re.finditer(br"\d+ GNU.sparse.numbytes=(\d+)\n", buf): + numbytes.append(int(match.group(1))) + next.sparse = list(zip(offsets, numbytes)) + + def _proc_gnusparse_01(self, next, pax_headers): + """Process a GNU tar extended sparse header, version 0.1. + """ + sparse = [int(x) for x in pax_headers["GNU.sparse.map"].split(",")] + next.sparse = list(zip(sparse[::2], sparse[1::2])) + + def _proc_gnusparse_10(self, next, pax_headers, tarfile): + """Process a GNU tar extended sparse header, version 1.0. + """ + fields = None + sparse = [] + buf = tarfile.fileobj.read(BLOCKSIZE) + fields, buf = buf.split(b"\n", 1) + fields = int(fields) + while len(sparse) < fields * 2: + if b"\n" not in buf: + buf += tarfile.fileobj.read(BLOCKSIZE) + number, buf = buf.split(b"\n", 1) + sparse.append(int(number)) + next.offset_data = tarfile.fileobj.tell() + next.sparse = list(zip(sparse[::2], sparse[1::2])) + + def _apply_pax_info(self, pax_headers, encoding, errors): + """Replace fields with supplemental information from a previous + pax extended or global header. + """ + for keyword, value in pax_headers.items(): + if keyword == "GNU.sparse.name": + setattr(self, "path", value) + elif keyword == "GNU.sparse.size": + setattr(self, "size", int(value)) + elif keyword == "GNU.sparse.realsize": + setattr(self, "size", int(value)) + elif keyword in PAX_FIELDS: + if keyword in PAX_NUMBER_FIELDS: + try: + value = PAX_NUMBER_FIELDS[keyword](value) + except ValueError: + value = 0 + if keyword == "path": + value = value.rstrip("/") + setattr(self, keyword, value) + + self.pax_headers = pax_headers.copy() + + def _decode_pax_field(self, value, encoding, fallback_encoding, fallback_errors): + """Decode a single field from a pax record. + """ + try: + return value.decode(encoding, "strict") + except UnicodeDecodeError: + return value.decode(fallback_encoding, fallback_errors) + + def _block(self, count): + """Round up a byte count by BLOCKSIZE and return it, + e.g. _block(834) => 1024. + """ + blocks, remainder = divmod(count, BLOCKSIZE) + if remainder: + blocks += 1 + return blocks * BLOCKSIZE + + def isreg(self): + return self.type in REGULAR_TYPES + def isfile(self): + return self.isreg() + def isdir(self): + return self.type == DIRTYPE + def issym(self): + return self.type == SYMTYPE + def islnk(self): + return self.type == LNKTYPE + def ischr(self): + return self.type == CHRTYPE + def isblk(self): + return self.type == BLKTYPE + def isfifo(self): + return self.type == FIFOTYPE + def issparse(self): + return self.sparse is not None + def isdev(self): + return self.type in (CHRTYPE, BLKTYPE, FIFOTYPE) +# class TarInfo + +class TarFile(object): + """The TarFile Class provides an interface to tar archives. + """ + + debug = 0 # May be set from 0 (no msgs) to 3 (all msgs) + + dereference = False # If true, add content of linked file to the + # tar file, else the link. + + ignore_zeros = False # If true, skips empty or invalid blocks and + # continues processing. + + errorlevel = 1 # If 0, fatal errors only appear in debug + # messages (if debug >= 0). If > 0, errors + # are passed to the caller as exceptions. + + format = DEFAULT_FORMAT # The format to use when creating an archive. + + encoding = ENCODING # Encoding for 8-bit character strings. + + errors = None # Error handler for unicode conversion. + + tarinfo = TarInfo # The default TarInfo class to use. + + fileobject = ExFileObject # The default ExFileObject class to use. + + def __init__(self, name=None, mode="r", fileobj=None, format=None, + tarinfo=None, dereference=None, ignore_zeros=None, encoding=None, + errors="surrogateescape", pax_headers=None, debug=None, errorlevel=None): + """Open an (uncompressed) tar archive `name'. `mode' is either 'r' to + read from an existing archive, 'a' to append data to an existing + file or 'w' to create a new file overwriting an existing one. `mode' + defaults to 'r'. + If `fileobj' is given, it is used for reading or writing data. If it + can be determined, `mode' is overridden by `fileobj's mode. + `fileobj' is not closed, when TarFile is closed. + """ + if len(mode) > 1 or mode not in "raw": + raise ValueError("mode must be 'r', 'a' or 'w'") + self.mode = mode + self._mode = {"r": "rb", "a": "r+b", "w": "wb"}[mode] + + if not fileobj: + if self.mode == "a" and not os.path.exists(name): + # Create nonexistent files in append mode. + self.mode = "w" + self._mode = "wb" + fileobj = bltn_open(name, self._mode) + self._extfileobj = False + else: + if name is None and hasattr(fileobj, "name"): + name = fileobj.name + if hasattr(fileobj, "mode"): + self._mode = fileobj.mode + self._extfileobj = True + self.name = os.path.abspath(name) if name else None + self.fileobj = fileobj + + # Init attributes. + if format is not None: + self.format = format + if tarinfo is not None: + self.tarinfo = tarinfo + if dereference is not None: + self.dereference = dereference + if ignore_zeros is not None: + self.ignore_zeros = ignore_zeros + if encoding is not None: + self.encoding = encoding + self.errors = errors + + if pax_headers is not None and self.format == PAX_FORMAT: + self.pax_headers = pax_headers + else: + self.pax_headers = {} + + if debug is not None: + self.debug = debug + if errorlevel is not None: + self.errorlevel = errorlevel + + # Init datastructures. + self.closed = False + self.members = [] # list of members as TarInfo objects + self._loaded = False # flag if all members have been read + self.offset = self.fileobj.tell() + # current position in the archive file + self.inodes = {} # dictionary caching the inodes of + # archive members already added + + try: + if self.mode == "r": + self.firstmember = None + self.firstmember = self.next() + + if self.mode == "a": + # Move to the end of the archive, + # before the first empty block. + while True: + self.fileobj.seek(self.offset) + try: + tarinfo = self.tarinfo.fromtarfile(self) + self.members.append(tarinfo) + except EOFHeaderError: + self.fileobj.seek(self.offset) + break + except HeaderError as e: + raise ReadError(str(e)) + + if self.mode in "aw": + self._loaded = True + + if self.pax_headers: + buf = self.tarinfo.create_pax_global_header(self.pax_headers.copy()) + self.fileobj.write(buf) + self.offset += len(buf) + except: + if not self._extfileobj: + self.fileobj.close() + self.closed = True + raise + + #-------------------------------------------------------------------------- + # Below are the classmethods which act as alternate constructors to the + # TarFile class. The open() method is the only one that is needed for + # public use; it is the "super"-constructor and is able to select an + # adequate "sub"-constructor for a particular compression using the mapping + # from OPEN_METH. + # + # This concept allows one to subclass TarFile without losing the comfort of + # the super-constructor. A sub-constructor is registered and made available + # by adding it to the mapping in OPEN_METH. + + @classmethod + def open(cls, name=None, mode="r", fileobj=None, bufsize=RECORDSIZE, **kwargs): + """Open a tar archive for reading, writing or appending. Return + an appropriate TarFile class. + + mode: + 'r' or 'r:*' open for reading with transparent compression + 'r:' open for reading exclusively uncompressed + 'r:gz' open for reading with gzip compression + 'r:bz2' open for reading with bzip2 compression + 'a' or 'a:' open for appending, creating the file if necessary + 'w' or 'w:' open for writing without compression + 'w:gz' open for writing with gzip compression + 'w:bz2' open for writing with bzip2 compression + + 'r|*' open a stream of tar blocks with transparent compression + 'r|' open an uncompressed stream of tar blocks for reading + 'r|gz' open a gzip compressed stream of tar blocks + 'r|bz2' open a bzip2 compressed stream of tar blocks + 'w|' open an uncompressed stream for writing + 'w|gz' open a gzip compressed stream for writing + 'w|bz2' open a bzip2 compressed stream for writing + """ + + if not name and not fileobj: + raise ValueError("nothing to open") + + if mode in ("r", "r:*"): + # Find out which *open() is appropriate for opening the file. + for comptype in cls.OPEN_METH: + func = getattr(cls, cls.OPEN_METH[comptype]) + if fileobj is not None: + saved_pos = fileobj.tell() + try: + return func(name, "r", fileobj, **kwargs) + except (ReadError, CompressionError) as e: + if fileobj is not None: + fileobj.seek(saved_pos) + continue + raise ReadError("file could not be opened successfully") + + elif ":" in mode: + filemode, comptype = mode.split(":", 1) + filemode = filemode or "r" + comptype = comptype or "tar" + + # Select the *open() function according to + # given compression. + if comptype in cls.OPEN_METH: + func = getattr(cls, cls.OPEN_METH[comptype]) + else: + raise CompressionError("unknown compression type %r" % comptype) + return func(name, filemode, fileobj, **kwargs) + + elif "|" in mode: + filemode, comptype = mode.split("|", 1) + filemode = filemode or "r" + comptype = comptype or "tar" + + if filemode not in "rw": + raise ValueError("mode must be 'r' or 'w'") + + stream = _Stream(name, filemode, comptype, fileobj, bufsize) + try: + t = cls(name, filemode, stream, **kwargs) + except: + stream.close() + raise + t._extfileobj = False + return t + + elif mode in "aw": + return cls.taropen(name, mode, fileobj, **kwargs) + + raise ValueError("undiscernible mode") + + @classmethod + def taropen(cls, name, mode="r", fileobj=None, **kwargs): + """Open uncompressed tar archive name for reading or writing. + """ + if len(mode) > 1 or mode not in "raw": + raise ValueError("mode must be 'r', 'a' or 'w'") + return cls(name, mode, fileobj, **kwargs) + + @classmethod + def gzopen(cls, name, mode="r", fileobj=None, compresslevel=9, **kwargs): + """Open gzip compressed tar archive name for reading or writing. + Appending is not allowed. + """ + if len(mode) > 1 or mode not in "rw": + raise ValueError("mode must be 'r' or 'w'") + + try: + import gzip + gzip.GzipFile + except (ImportError, AttributeError): + raise CompressionError("gzip module is not available") + + extfileobj = fileobj is not None + try: + fileobj = gzip.GzipFile(name, mode + "b", compresslevel, fileobj) + t = cls.taropen(name, mode, fileobj, **kwargs) + except IOError: + if not extfileobj and fileobj is not None: + fileobj.close() + if fileobj is None: + raise + raise ReadError("not a gzip file") + except: + if not extfileobj and fileobj is not None: + fileobj.close() + raise + t._extfileobj = extfileobj + return t + + @classmethod + def bz2open(cls, name, mode="r", fileobj=None, compresslevel=9, **kwargs): + """Open bzip2 compressed tar archive name for reading or writing. + Appending is not allowed. + """ + if len(mode) > 1 or mode not in "rw": + raise ValueError("mode must be 'r' or 'w'.") + + try: + import bz2 + except ImportError: + raise CompressionError("bz2 module is not available") + + if fileobj is not None: + fileobj = _BZ2Proxy(fileobj, mode) + else: + fileobj = bz2.BZ2File(name, mode, compresslevel=compresslevel) + + try: + t = cls.taropen(name, mode, fileobj, **kwargs) + except (IOError, EOFError): + fileobj.close() + raise ReadError("not a bzip2 file") + t._extfileobj = False + return t + + # All *open() methods are registered here. + OPEN_METH = { + "tar": "taropen", # uncompressed tar + "gz": "gzopen", # gzip compressed tar + "bz2": "bz2open" # bzip2 compressed tar + } + + #-------------------------------------------------------------------------- + # The public methods which TarFile provides: + + def close(self): + """Close the TarFile. In write-mode, two finishing zero blocks are + appended to the archive. + """ + if self.closed: + return + + if self.mode in "aw": + self.fileobj.write(NUL * (BLOCKSIZE * 2)) + self.offset += (BLOCKSIZE * 2) + # fill up the end with zero-blocks + # (like option -b20 for tar does) + blocks, remainder = divmod(self.offset, RECORDSIZE) + if remainder > 0: + self.fileobj.write(NUL * (RECORDSIZE - remainder)) + + if not self._extfileobj: + self.fileobj.close() + self.closed = True + + def getmember(self, name): + """Return a TarInfo object for member `name'. If `name' can not be + found in the archive, KeyError is raised. If a member occurs more + than once in the archive, its last occurrence is assumed to be the + most up-to-date version. + """ + tarinfo = self._getmember(name) + if tarinfo is None: + raise KeyError("filename %r not found" % name) + return tarinfo + + def getmembers(self): + """Return the members of the archive as a list of TarInfo objects. The + list has the same order as the members in the archive. + """ + self._check() + if not self._loaded: # if we want to obtain a list of + self._load() # all members, we first have to + # scan the whole archive. + return self.members + + def getnames(self): + """Return the members of the archive as a list of their names. It has + the same order as the list returned by getmembers(). + """ + return [tarinfo.name for tarinfo in self.getmembers()] + + def gettarinfo(self, name=None, arcname=None, fileobj=None): + """Create a TarInfo object for either the file `name' or the file + object `fileobj' (using os.fstat on its file descriptor). You can + modify some of the TarInfo's attributes before you add it using + addfile(). If given, `arcname' specifies an alternative name for the + file in the archive. + """ + self._check("aw") + + # When fileobj is given, replace name by + # fileobj's real name. + if fileobj is not None: + name = fileobj.name + + # Building the name of the member in the archive. + # Backward slashes are converted to forward slashes, + # Absolute paths are turned to relative paths. + if arcname is None: + arcname = name + drv, arcname = os.path.splitdrive(arcname) + arcname = arcname.replace(os.sep, "/") + arcname = arcname.lstrip("/") + + # Now, fill the TarInfo object with + # information specific for the file. + tarinfo = self.tarinfo() + tarinfo.tarfile = self + + # Use os.stat or os.lstat, depending on platform + # and if symlinks shall be resolved. + if fileobj is None: + if hasattr(os, "lstat") and not self.dereference: + statres = os.lstat(name) + else: + statres = os.stat(name) + else: + statres = os.fstat(fileobj.fileno()) + linkname = "" + + stmd = statres.st_mode + if stat.S_ISREG(stmd): + inode = (statres.st_ino, statres.st_dev) + if not self.dereference and statres.st_nlink > 1 and \ + inode in self.inodes and arcname != self.inodes[inode]: + # Is it a hardlink to an already + # archived file? + type = LNKTYPE + linkname = self.inodes[inode] + else: + # The inode is added only if its valid. + # For win32 it is always 0. + type = REGTYPE + if inode[0]: + self.inodes[inode] = arcname + elif stat.S_ISDIR(stmd): + type = DIRTYPE + elif stat.S_ISFIFO(stmd): + type = FIFOTYPE + elif stat.S_ISLNK(stmd): + type = SYMTYPE + linkname = os.readlink(name) + elif stat.S_ISCHR(stmd): + type = CHRTYPE + elif stat.S_ISBLK(stmd): + type = BLKTYPE + else: + return None + + # Fill the TarInfo object with all + # information we can get. + tarinfo.name = arcname + tarinfo.mode = stmd + tarinfo.uid = statres.st_uid + tarinfo.gid = statres.st_gid + if type == REGTYPE: + tarinfo.size = statres.st_size + else: + tarinfo.size = 0 + tarinfo.mtime = statres.st_mtime + tarinfo.type = type + tarinfo.linkname = linkname + if pwd: + try: + tarinfo.uname = pwd.getpwuid(tarinfo.uid)[0] + except KeyError: + pass + if grp: + try: + tarinfo.gname = grp.getgrgid(tarinfo.gid)[0] + except KeyError: + pass + + if type in (CHRTYPE, BLKTYPE): + if hasattr(os, "major") and hasattr(os, "minor"): + tarinfo.devmajor = os.major(statres.st_rdev) + tarinfo.devminor = os.minor(statres.st_rdev) + return tarinfo + + def list(self, verbose=True): + """Print a table of contents to sys.stdout. If `verbose' is False, only + the names of the members are printed. If it is True, an `ls -l'-like + output is produced. + """ + self._check() + + for tarinfo in self: + if verbose: + print(filemode(tarinfo.mode), end=' ') + print("%s/%s" % (tarinfo.uname or tarinfo.uid, + tarinfo.gname or tarinfo.gid), end=' ') + if tarinfo.ischr() or tarinfo.isblk(): + print("%10s" % ("%d,%d" \ + % (tarinfo.devmajor, tarinfo.devminor)), end=' ') + else: + print("%10d" % tarinfo.size, end=' ') + print("%d-%02d-%02d %02d:%02d:%02d" \ + % time.localtime(tarinfo.mtime)[:6], end=' ') + + print(tarinfo.name + ("/" if tarinfo.isdir() else ""), end=' ') + + if verbose: + if tarinfo.issym(): + print("->", tarinfo.linkname, end=' ') + if tarinfo.islnk(): + print("link to", tarinfo.linkname, end=' ') + print() + + def add(self, name, arcname=None, recursive=True, exclude=None, filter=None): + """Add the file `name' to the archive. `name' may be any type of file + (directory, fifo, symbolic link, etc.). If given, `arcname' + specifies an alternative name for the file in the archive. + Directories are added recursively by default. This can be avoided by + setting `recursive' to False. `exclude' is a function that should + return True for each filename to be excluded. `filter' is a function + that expects a TarInfo object argument and returns the changed + TarInfo object, if it returns None the TarInfo object will be + excluded from the archive. + """ + self._check("aw") + + if arcname is None: + arcname = name + + # Exclude pathnames. + if exclude is not None: + import warnings + warnings.warn("use the filter argument instead", + DeprecationWarning, 2) + if exclude(name): + self._dbg(2, "tarfile: Excluded %r" % name) + return + + # Skip if somebody tries to archive the archive... + if self.name is not None and os.path.abspath(name) == self.name: + self._dbg(2, "tarfile: Skipped %r" % name) + return + + self._dbg(1, name) + + # Create a TarInfo object from the file. + tarinfo = self.gettarinfo(name, arcname) + + if tarinfo is None: + self._dbg(1, "tarfile: Unsupported type %r" % name) + return + + # Change or exclude the TarInfo object. + if filter is not None: + tarinfo = filter(tarinfo) + if tarinfo is None: + self._dbg(2, "tarfile: Excluded %r" % name) + return + + # Append the tar header and data to the archive. + if tarinfo.isreg(): + f = bltn_open(name, "rb") + self.addfile(tarinfo, f) + f.close() + + elif tarinfo.isdir(): + self.addfile(tarinfo) + if recursive: + for f in os.listdir(name): + self.add(os.path.join(name, f), os.path.join(arcname, f), + recursive, exclude, filter=filter) + + else: + self.addfile(tarinfo) + + def addfile(self, tarinfo, fileobj=None): + """Add the TarInfo object `tarinfo' to the archive. If `fileobj' is + given, tarinfo.size bytes are read from it and added to the archive. + You can create TarInfo objects using gettarinfo(). + On Windows platforms, `fileobj' should always be opened with mode + 'rb' to avoid irritation about the file size. + """ + self._check("aw") + + tarinfo = copy.copy(tarinfo) + + buf = tarinfo.tobuf(self.format, self.encoding, self.errors) + self.fileobj.write(buf) + self.offset += len(buf) + + # If there's data to follow, append it. + if fileobj is not None: + copyfileobj(fileobj, self.fileobj, tarinfo.size) + blocks, remainder = divmod(tarinfo.size, BLOCKSIZE) + if remainder > 0: + self.fileobj.write(NUL * (BLOCKSIZE - remainder)) + blocks += 1 + self.offset += blocks * BLOCKSIZE + + self.members.append(tarinfo) + + def extractall(self, path=".", members=None): + """Extract all members from the archive to the current working + directory and set owner, modification time and permissions on + directories afterwards. `path' specifies a different directory + to extract to. `members' is optional and must be a subset of the + list returned by getmembers(). + """ + directories = [] + + if members is None: + members = self + + for tarinfo in members: + if tarinfo.isdir(): + # Extract directories with a safe mode. + directories.append(tarinfo) + tarinfo = copy.copy(tarinfo) + tarinfo.mode = 0o700 + # Do not set_attrs directories, as we will do that further down + self.extract(tarinfo, path, set_attrs=not tarinfo.isdir()) + + # Reverse sort directories. + directories.sort(key=lambda a: a.name) + directories.reverse() + + # Set correct owner, mtime and filemode on directories. + for tarinfo in directories: + dirpath = os.path.join(path, tarinfo.name) + try: + self.chown(tarinfo, dirpath) + self.utime(tarinfo, dirpath) + self.chmod(tarinfo, dirpath) + except ExtractError as e: + if self.errorlevel > 1: + raise + else: + self._dbg(1, "tarfile: %s" % e) + + def extract(self, member, path="", set_attrs=True): + """Extract a member from the archive to the current working directory, + using its full name. Its file information is extracted as accurately + as possible. `member' may be a filename or a TarInfo object. You can + specify a different directory using `path'. File attributes (owner, + mtime, mode) are set unless `set_attrs' is False. + """ + self._check("r") + + if isinstance(member, str): + tarinfo = self.getmember(member) + else: + tarinfo = member + + # Prepare the link target for makelink(). + if tarinfo.islnk(): + tarinfo._link_target = os.path.join(path, tarinfo.linkname) + + try: + self._extract_member(tarinfo, os.path.join(path, tarinfo.name), + set_attrs=set_attrs) + except EnvironmentError as e: + if self.errorlevel > 0: + raise + else: + if e.filename is None: + self._dbg(1, "tarfile: %s" % e.strerror) + else: + self._dbg(1, "tarfile: %s %r" % (e.strerror, e.filename)) + except ExtractError as e: + if self.errorlevel > 1: + raise + else: + self._dbg(1, "tarfile: %s" % e) + + def extractfile(self, member): + """Extract a member from the archive as a file object. `member' may be + a filename or a TarInfo object. If `member' is a regular file, a + file-like object is returned. If `member' is a link, a file-like + object is constructed from the link's target. If `member' is none of + the above, None is returned. + The file-like object is read-only and provides the following + methods: read(), readline(), readlines(), seek() and tell() + """ + self._check("r") + + if isinstance(member, str): + tarinfo = self.getmember(member) + else: + tarinfo = member + + if tarinfo.isreg(): + return self.fileobject(self, tarinfo) + + elif tarinfo.type not in SUPPORTED_TYPES: + # If a member's type is unknown, it is treated as a + # regular file. + return self.fileobject(self, tarinfo) + + elif tarinfo.islnk() or tarinfo.issym(): + if isinstance(self.fileobj, _Stream): + # A small but ugly workaround for the case that someone tries + # to extract a (sym)link as a file-object from a non-seekable + # stream of tar blocks. + raise StreamError("cannot extract (sym)link as file object") + else: + # A (sym)link's file object is its target's file object. + return self.extractfile(self._find_link_target(tarinfo)) + else: + # If there's no data associated with the member (directory, chrdev, + # blkdev, etc.), return None instead of a file object. + return None + + def _extract_member(self, tarinfo, targetpath, set_attrs=True): + """Extract the TarInfo object tarinfo to a physical + file called targetpath. + """ + # Fetch the TarInfo object for the given name + # and build the destination pathname, replacing + # forward slashes to platform specific separators. + targetpath = targetpath.rstrip("/") + targetpath = targetpath.replace("/", os.sep) + + # Create all upper directories. + upperdirs = os.path.dirname(targetpath) + if upperdirs and not os.path.exists(upperdirs): + # Create directories that are not part of the archive with + # default permissions. + os.makedirs(upperdirs) + + if tarinfo.islnk() or tarinfo.issym(): + self._dbg(1, "%s -> %s" % (tarinfo.name, tarinfo.linkname)) + else: + self._dbg(1, tarinfo.name) + + if tarinfo.isreg(): + self.makefile(tarinfo, targetpath) + elif tarinfo.isdir(): + self.makedir(tarinfo, targetpath) + elif tarinfo.isfifo(): + self.makefifo(tarinfo, targetpath) + elif tarinfo.ischr() or tarinfo.isblk(): + self.makedev(tarinfo, targetpath) + elif tarinfo.islnk() or tarinfo.issym(): + self.makelink(tarinfo, targetpath) + elif tarinfo.type not in SUPPORTED_TYPES: + self.makeunknown(tarinfo, targetpath) + else: + self.makefile(tarinfo, targetpath) + + if set_attrs: + self.chown(tarinfo, targetpath) + if not tarinfo.issym(): + self.chmod(tarinfo, targetpath) + self.utime(tarinfo, targetpath) + + #-------------------------------------------------------------------------- + # Below are the different file methods. They are called via + # _extract_member() when extract() is called. They can be replaced in a + # subclass to implement other functionality. + + def makedir(self, tarinfo, targetpath): + """Make a directory called targetpath. + """ + try: + # Use a safe mode for the directory, the real mode is set + # later in _extract_member(). + os.mkdir(targetpath, 0o700) + except EnvironmentError as e: + if e.errno != errno.EEXIST: + raise + + def makefile(self, tarinfo, targetpath): + """Make a file called targetpath. + """ + source = self.fileobj + source.seek(tarinfo.offset_data) + target = bltn_open(targetpath, "wb") + if tarinfo.sparse is not None: + for offset, size in tarinfo.sparse: + target.seek(offset) + copyfileobj(source, target, size) + else: + copyfileobj(source, target, tarinfo.size) + target.seek(tarinfo.size) + target.truncate() + target.close() + + def makeunknown(self, tarinfo, targetpath): + """Make a file from a TarInfo object with an unknown type + at targetpath. + """ + self.makefile(tarinfo, targetpath) + self._dbg(1, "tarfile: Unknown file type %r, " \ + "extracted as regular file." % tarinfo.type) + + def makefifo(self, tarinfo, targetpath): + """Make a fifo called targetpath. + """ + if hasattr(os, "mkfifo"): + os.mkfifo(targetpath) + else: + raise ExtractError("fifo not supported by system") + + def makedev(self, tarinfo, targetpath): + """Make a character or block device called targetpath. + """ + if not hasattr(os, "mknod") or not hasattr(os, "makedev"): + raise ExtractError("special devices not supported by system") + + mode = tarinfo.mode + if tarinfo.isblk(): + mode |= stat.S_IFBLK + else: + mode |= stat.S_IFCHR + + os.mknod(targetpath, mode, + os.makedev(tarinfo.devmajor, tarinfo.devminor)) + + def makelink(self, tarinfo, targetpath): + """Make a (symbolic) link called targetpath. If it cannot be created + (platform limitation), we try to make a copy of the referenced file + instead of a link. + """ + try: + # For systems that support symbolic and hard links. + if tarinfo.issym(): + os.symlink(tarinfo.linkname, targetpath) + else: + # See extract(). + if os.path.exists(tarinfo._link_target): + os.link(tarinfo._link_target, targetpath) + else: + self._extract_member(self._find_link_target(tarinfo), + targetpath) + except symlink_exception: + if tarinfo.issym(): + linkpath = os.path.join(os.path.dirname(tarinfo.name), + tarinfo.linkname) + else: + linkpath = tarinfo.linkname + else: + try: + self._extract_member(self._find_link_target(tarinfo), + targetpath) + except KeyError: + raise ExtractError("unable to resolve link inside archive") + + def chown(self, tarinfo, targetpath): + """Set owner of targetpath according to tarinfo. + """ + if pwd and hasattr(os, "geteuid") and os.geteuid() == 0: + # We have to be root to do so. + try: + g = grp.getgrnam(tarinfo.gname)[2] + except KeyError: + g = tarinfo.gid + try: + u = pwd.getpwnam(tarinfo.uname)[2] + except KeyError: + u = tarinfo.uid + try: + if tarinfo.issym() and hasattr(os, "lchown"): + os.lchown(targetpath, u, g) + else: + if sys.platform != "os2emx": + os.chown(targetpath, u, g) + except EnvironmentError as e: + raise ExtractError("could not change owner") + + def chmod(self, tarinfo, targetpath): + """Set file permissions of targetpath according to tarinfo. + """ + if hasattr(os, 'chmod'): + try: + os.chmod(targetpath, tarinfo.mode) + except EnvironmentError as e: + raise ExtractError("could not change mode") + + def utime(self, tarinfo, targetpath): + """Set modification time of targetpath according to tarinfo. + """ + if not hasattr(os, 'utime'): + return + try: + os.utime(targetpath, (tarinfo.mtime, tarinfo.mtime)) + except EnvironmentError as e: + raise ExtractError("could not change modification time") + + #-------------------------------------------------------------------------- + def next(self): + """Return the next member of the archive as a TarInfo object, when + TarFile is opened for reading. Return None if there is no more + available. + """ + self._check("ra") + if self.firstmember is not None: + m = self.firstmember + self.firstmember = None + return m + + # Read the next block. + self.fileobj.seek(self.offset) + tarinfo = None + while True: + try: + tarinfo = self.tarinfo.fromtarfile(self) + except EOFHeaderError as e: + if self.ignore_zeros: + self._dbg(2, "0x%X: %s" % (self.offset, e)) + self.offset += BLOCKSIZE + continue + except InvalidHeaderError as e: + if self.ignore_zeros: + self._dbg(2, "0x%X: %s" % (self.offset, e)) + self.offset += BLOCKSIZE + continue + elif self.offset == 0: + raise ReadError(str(e)) + except EmptyHeaderError: + if self.offset == 0: + raise ReadError("empty file") + except TruncatedHeaderError as e: + if self.offset == 0: + raise ReadError(str(e)) + except SubsequentHeaderError as e: + raise ReadError(str(e)) + break + + if tarinfo is not None: + self.members.append(tarinfo) + else: + self._loaded = True + + return tarinfo + + #-------------------------------------------------------------------------- + # Little helper methods: + + def _getmember(self, name, tarinfo=None, normalize=False): + """Find an archive member by name from bottom to top. + If tarinfo is given, it is used as the starting point. + """ + # Ensure that all members have been loaded. + members = self.getmembers() + + # Limit the member search list up to tarinfo. + if tarinfo is not None: + members = members[:members.index(tarinfo)] + + if normalize: + name = os.path.normpath(name) + + for member in reversed(members): + if normalize: + member_name = os.path.normpath(member.name) + else: + member_name = member.name + + if name == member_name: + return member + + def _load(self): + """Read through the entire archive file and look for readable + members. + """ + while True: + tarinfo = self.next() + if tarinfo is None: + break + self._loaded = True + + def _check(self, mode=None): + """Check if TarFile is still open, and if the operation's mode + corresponds to TarFile's mode. + """ + if self.closed: + raise IOError("%s is closed" % self.__class__.__name__) + if mode is not None and self.mode not in mode: + raise IOError("bad operation for mode %r" % self.mode) + + def _find_link_target(self, tarinfo): + """Find the target member of a symlink or hardlink member in the + archive. + """ + if tarinfo.issym(): + # Always search the entire archive. + linkname = os.path.dirname(tarinfo.name) + "/" + tarinfo.linkname + limit = None + else: + # Search the archive before the link, because a hard link is + # just a reference to an already archived file. + linkname = tarinfo.linkname + limit = tarinfo + + member = self._getmember(linkname, tarinfo=limit, normalize=True) + if member is None: + raise KeyError("linkname %r not found" % linkname) + return member + + def __iter__(self): + """Provide an iterator object. + """ + if self._loaded: + return iter(self.members) + else: + return TarIter(self) + + def _dbg(self, level, msg): + """Write debugging output to sys.stderr. + """ + if level <= self.debug: + print(msg, file=sys.stderr) + + def __enter__(self): + self._check() + return self + + def __exit__(self, type, value, traceback): + if type is None: + self.close() + else: + # An exception occurred. We must not call close() because + # it would try to write end-of-archive blocks and padding. + if not self._extfileobj: + self.fileobj.close() + self.closed = True +# class TarFile + +class TarIter(object): + """Iterator Class. + + for tarinfo in TarFile(...): + suite... + """ + + def __init__(self, tarfile): + """Construct a TarIter object. + """ + self.tarfile = tarfile + self.index = 0 + def __iter__(self): + """Return iterator object. + """ + return self + + def __next__(self): + """Return the next item using TarFile's next() method. + When all members have been read, set TarFile as _loaded. + """ + # Fix for SF #1100429: Under rare circumstances it can + # happen that getmembers() is called during iteration, + # which will cause TarIter to stop prematurely. + if not self.tarfile._loaded: + tarinfo = self.tarfile.next() + if not tarinfo: + self.tarfile._loaded = True + raise StopIteration + else: + try: + tarinfo = self.tarfile.members[self.index] + except IndexError: + raise StopIteration + self.index += 1 + return tarinfo + + next = __next__ # for Python 2.x + +#-------------------- +# exported functions +#-------------------- +def is_tarfile(name): + """Return True if name points to a tar archive that we + are able to handle, else return False. + """ + try: + t = open(name) + t.close() + return True + except TarError: + return False + +bltn_open = open +open = TarFile.open diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/compat.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/compat.py new file mode 100644 index 000000000..c316fd973 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/compat.py @@ -0,0 +1,1120 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2013-2017 Vinay Sajip. +# Licensed to the Python Software Foundation under a contributor agreement. +# See LICENSE.txt and CONTRIBUTORS.txt. +# +from __future__ import absolute_import + +import os +import re +import sys + +try: + import ssl +except ImportError: # pragma: no cover + ssl = None + +if sys.version_info[0] < 3: # pragma: no cover + from StringIO import StringIO + string_types = basestring, + text_type = unicode + from types import FileType as file_type + import __builtin__ as builtins + import ConfigParser as configparser + from ._backport import shutil + from urlparse import urlparse, urlunparse, urljoin, urlsplit, urlunsplit + from urllib import (urlretrieve, quote as _quote, unquote, url2pathname, + pathname2url, ContentTooShortError, splittype) + + def quote(s): + if isinstance(s, unicode): + s = s.encode('utf-8') + return _quote(s) + + import urllib2 + from urllib2 import (Request, urlopen, URLError, HTTPError, + HTTPBasicAuthHandler, HTTPPasswordMgr, + HTTPHandler, HTTPRedirectHandler, + build_opener) + if ssl: + from urllib2 import HTTPSHandler + import httplib + import xmlrpclib + import Queue as queue + from HTMLParser import HTMLParser + import htmlentitydefs + raw_input = raw_input + from itertools import ifilter as filter + from itertools import ifilterfalse as filterfalse + + _userprog = None + def splituser(host): + """splituser('user[:passwd]@host[:port]') --> 'user[:passwd]', 'host[:port]'.""" + global _userprog + if _userprog is None: + import re + _userprog = re.compile('^(.*)@(.*)$') + + match = _userprog.match(host) + if match: return match.group(1, 2) + return None, host + +else: # pragma: no cover + from io import StringIO + string_types = str, + text_type = str + from io import TextIOWrapper as file_type + import builtins + import configparser + import shutil + from urllib.parse import (urlparse, urlunparse, urljoin, splituser, quote, + unquote, urlsplit, urlunsplit, splittype) + from urllib.request import (urlopen, urlretrieve, Request, url2pathname, + pathname2url, + HTTPBasicAuthHandler, HTTPPasswordMgr, + HTTPHandler, HTTPRedirectHandler, + build_opener) + if ssl: + from urllib.request import HTTPSHandler + from urllib.error import HTTPError, URLError, ContentTooShortError + import http.client as httplib + import urllib.request as urllib2 + import xmlrpc.client as xmlrpclib + import queue + from html.parser import HTMLParser + import html.entities as htmlentitydefs + raw_input = input + from itertools import filterfalse + filter = filter + +try: + from ssl import match_hostname, CertificateError +except ImportError: # pragma: no cover + class CertificateError(ValueError): + pass + + + def _dnsname_match(dn, hostname, max_wildcards=1): + """Matching according to RFC 6125, section 6.4.3 + + http://tools.ietf.org/html/rfc6125#section-6.4.3 + """ + pats = [] + if not dn: + return False + + parts = dn.split('.') + leftmost, remainder = parts[0], parts[1:] + + wildcards = leftmost.count('*') + if wildcards > max_wildcards: + # Issue #17980: avoid denials of service by refusing more + # than one wildcard per fragment. A survey of established + # policy among SSL implementations showed it to be a + # reasonable choice. + raise CertificateError( + "too many wildcards in certificate DNS name: " + repr(dn)) + + # speed up common case w/o wildcards + if not wildcards: + return dn.lower() == hostname.lower() + + # RFC 6125, section 6.4.3, subitem 1. + # The client SHOULD NOT attempt to match a presented identifier in which + # the wildcard character comprises a label other than the left-most label. + if leftmost == '*': + # When '*' is a fragment by itself, it matches a non-empty dotless + # fragment. + pats.append('[^.]+') + elif leftmost.startswith('xn--') or hostname.startswith('xn--'): + # RFC 6125, section 6.4.3, subitem 3. + # The client SHOULD NOT attempt to match a presented identifier + # where the wildcard character is embedded within an A-label or + # U-label of an internationalized domain name. + pats.append(re.escape(leftmost)) + else: + # Otherwise, '*' matches any dotless string, e.g. www* + pats.append(re.escape(leftmost).replace(r'\*', '[^.]*')) + + # add the remaining fragments, ignore any wildcards + for frag in remainder: + pats.append(re.escape(frag)) + + pat = re.compile(r'\A' + r'\.'.join(pats) + r'\Z', re.IGNORECASE) + return pat.match(hostname) + + + def match_hostname(cert, hostname): + """Verify that *cert* (in decoded format as returned by + SSLSocket.getpeercert()) matches the *hostname*. RFC 2818 and RFC 6125 + rules are followed, but IP addresses are not accepted for *hostname*. + + CertificateError is raised on failure. On success, the function + returns nothing. + """ + if not cert: + raise ValueError("empty or no certificate, match_hostname needs a " + "SSL socket or SSL context with either " + "CERT_OPTIONAL or CERT_REQUIRED") + dnsnames = [] + san = cert.get('subjectAltName', ()) + for key, value in san: + if key == 'DNS': + if _dnsname_match(value, hostname): + return + dnsnames.append(value) + if not dnsnames: + # The subject is only checked when there is no dNSName entry + # in subjectAltName + for sub in cert.get('subject', ()): + for key, value in sub: + # XXX according to RFC 2818, the most specific Common Name + # must be used. + if key == 'commonName': + if _dnsname_match(value, hostname): + return + dnsnames.append(value) + if len(dnsnames) > 1: + raise CertificateError("hostname %r " + "doesn't match either of %s" + % (hostname, ', '.join(map(repr, dnsnames)))) + elif len(dnsnames) == 1: + raise CertificateError("hostname %r " + "doesn't match %r" + % (hostname, dnsnames[0])) + else: + raise CertificateError("no appropriate commonName or " + "subjectAltName fields were found") + + +try: + from types import SimpleNamespace as Container +except ImportError: # pragma: no cover + class Container(object): + """ + A generic container for when multiple values need to be returned + """ + def __init__(self, **kwargs): + self.__dict__.update(kwargs) + + +try: + from shutil import which +except ImportError: # pragma: no cover + # Implementation from Python 3.3 + def which(cmd, mode=os.F_OK | os.X_OK, path=None): + """Given a command, mode, and a PATH string, return the path which + conforms to the given mode on the PATH, or None if there is no such + file. + + `mode` defaults to os.F_OK | os.X_OK. `path` defaults to the result + of os.environ.get("PATH"), or can be overridden with a custom search + path. + + """ + # Check that a given file can be accessed with the correct mode. + # Additionally check that `file` is not a directory, as on Windows + # directories pass the os.access check. + def _access_check(fn, mode): + return (os.path.exists(fn) and os.access(fn, mode) + and not os.path.isdir(fn)) + + # If we're given a path with a directory part, look it up directly rather + # than referring to PATH directories. This includes checking relative to the + # current directory, e.g. ./script + if os.path.dirname(cmd): + if _access_check(cmd, mode): + return cmd + return None + + if path is None: + path = os.environ.get("PATH", os.defpath) + if not path: + return None + path = path.split(os.pathsep) + + if sys.platform == "win32": + # The current directory takes precedence on Windows. + if not os.curdir in path: + path.insert(0, os.curdir) + + # PATHEXT is necessary to check on Windows. + pathext = os.environ.get("PATHEXT", "").split(os.pathsep) + # See if the given file matches any of the expected path extensions. + # This will allow us to short circuit when given "python.exe". + # If it does match, only test that one, otherwise we have to try + # others. + if any(cmd.lower().endswith(ext.lower()) for ext in pathext): + files = [cmd] + else: + files = [cmd + ext for ext in pathext] + else: + # On other platforms you don't have things like PATHEXT to tell you + # what file suffixes are executable, so just pass on cmd as-is. + files = [cmd] + + seen = set() + for dir in path: + normdir = os.path.normcase(dir) + if not normdir in seen: + seen.add(normdir) + for thefile in files: + name = os.path.join(dir, thefile) + if _access_check(name, mode): + return name + return None + + +# ZipFile is a context manager in 2.7, but not in 2.6 + +from zipfile import ZipFile as BaseZipFile + +if hasattr(BaseZipFile, '__enter__'): # pragma: no cover + ZipFile = BaseZipFile +else: # pragma: no cover + from zipfile import ZipExtFile as BaseZipExtFile + + class ZipExtFile(BaseZipExtFile): + def __init__(self, base): + self.__dict__.update(base.__dict__) + + def __enter__(self): + return self + + def __exit__(self, *exc_info): + self.close() + # return None, so if an exception occurred, it will propagate + + class ZipFile(BaseZipFile): + def __enter__(self): + return self + + def __exit__(self, *exc_info): + self.close() + # return None, so if an exception occurred, it will propagate + + def open(self, *args, **kwargs): + base = BaseZipFile.open(self, *args, **kwargs) + return ZipExtFile(base) + +try: + from platform import python_implementation +except ImportError: # pragma: no cover + def python_implementation(): + """Return a string identifying the Python implementation.""" + if 'PyPy' in sys.version: + return 'PyPy' + if os.name == 'java': + return 'Jython' + if sys.version.startswith('IronPython'): + return 'IronPython' + return 'CPython' + +try: + import sysconfig +except ImportError: # pragma: no cover + from ._backport import sysconfig + +try: + callable = callable +except NameError: # pragma: no cover + from collections.abc import Callable + + def callable(obj): + return isinstance(obj, Callable) + + +try: + fsencode = os.fsencode + fsdecode = os.fsdecode +except AttributeError: # pragma: no cover + # Issue #99: on some systems (e.g. containerised), + # sys.getfilesystemencoding() returns None, and we need a real value, + # so fall back to utf-8. From the CPython 2.7 docs relating to Unix and + # sys.getfilesystemencoding(): the return value is "the user’s preference + # according to the result of nl_langinfo(CODESET), or None if the + # nl_langinfo(CODESET) failed." + _fsencoding = sys.getfilesystemencoding() or 'utf-8' + if _fsencoding == 'mbcs': + _fserrors = 'strict' + else: + _fserrors = 'surrogateescape' + + def fsencode(filename): + if isinstance(filename, bytes): + return filename + elif isinstance(filename, text_type): + return filename.encode(_fsencoding, _fserrors) + else: + raise TypeError("expect bytes or str, not %s" % + type(filename).__name__) + + def fsdecode(filename): + if isinstance(filename, text_type): + return filename + elif isinstance(filename, bytes): + return filename.decode(_fsencoding, _fserrors) + else: + raise TypeError("expect bytes or str, not %s" % + type(filename).__name__) + +try: + from tokenize import detect_encoding +except ImportError: # pragma: no cover + from codecs import BOM_UTF8, lookup + import re + + cookie_re = re.compile(r"coding[:=]\s*([-\w.]+)") + + def _get_normal_name(orig_enc): + """Imitates get_normal_name in tokenizer.c.""" + # Only care about the first 12 characters. + enc = orig_enc[:12].lower().replace("_", "-") + if enc == "utf-8" or enc.startswith("utf-8-"): + return "utf-8" + if enc in ("latin-1", "iso-8859-1", "iso-latin-1") or \ + enc.startswith(("latin-1-", "iso-8859-1-", "iso-latin-1-")): + return "iso-8859-1" + return orig_enc + + def detect_encoding(readline): + """ + The detect_encoding() function is used to detect the encoding that should + be used to decode a Python source file. It requires one argument, readline, + in the same way as the tokenize() generator. + + It will call readline a maximum of twice, and return the encoding used + (as a string) and a list of any lines (left as bytes) it has read in. + + It detects the encoding from the presence of a utf-8 bom or an encoding + cookie as specified in pep-0263. If both a bom and a cookie are present, + but disagree, a SyntaxError will be raised. If the encoding cookie is an + invalid charset, raise a SyntaxError. Note that if a utf-8 bom is found, + 'utf-8-sig' is returned. + + If no encoding is specified, then the default of 'utf-8' will be returned. + """ + try: + filename = readline.__self__.name + except AttributeError: + filename = None + bom_found = False + encoding = None + default = 'utf-8' + def read_or_stop(): + try: + return readline() + except StopIteration: + return b'' + + def find_cookie(line): + try: + # Decode as UTF-8. Either the line is an encoding declaration, + # in which case it should be pure ASCII, or it must be UTF-8 + # per default encoding. + line_string = line.decode('utf-8') + except UnicodeDecodeError: + msg = "invalid or missing encoding declaration" + if filename is not None: + msg = '{} for {!r}'.format(msg, filename) + raise SyntaxError(msg) + + matches = cookie_re.findall(line_string) + if not matches: + return None + encoding = _get_normal_name(matches[0]) + try: + codec = lookup(encoding) + except LookupError: + # This behaviour mimics the Python interpreter + if filename is None: + msg = "unknown encoding: " + encoding + else: + msg = "unknown encoding for {!r}: {}".format(filename, + encoding) + raise SyntaxError(msg) + + if bom_found: + if codec.name != 'utf-8': + # This behaviour mimics the Python interpreter + if filename is None: + msg = 'encoding problem: utf-8' + else: + msg = 'encoding problem for {!r}: utf-8'.format(filename) + raise SyntaxError(msg) + encoding += '-sig' + return encoding + + first = read_or_stop() + if first.startswith(BOM_UTF8): + bom_found = True + first = first[3:] + default = 'utf-8-sig' + if not first: + return default, [] + + encoding = find_cookie(first) + if encoding: + return encoding, [first] + + second = read_or_stop() + if not second: + return default, [first] + + encoding = find_cookie(second) + if encoding: + return encoding, [first, second] + + return default, [first, second] + +# For converting & <-> & etc. +try: + from html import escape +except ImportError: + from cgi import escape +if sys.version_info[:2] < (3, 4): + unescape = HTMLParser().unescape +else: + from html import unescape + +try: + from collections import ChainMap +except ImportError: # pragma: no cover + from collections import MutableMapping + + try: + from reprlib import recursive_repr as _recursive_repr + except ImportError: + def _recursive_repr(fillvalue='...'): + ''' + Decorator to make a repr function return fillvalue for a recursive + call + ''' + + def decorating_function(user_function): + repr_running = set() + + def wrapper(self): + key = id(self), get_ident() + if key in repr_running: + return fillvalue + repr_running.add(key) + try: + result = user_function(self) + finally: + repr_running.discard(key) + return result + + # Can't use functools.wraps() here because of bootstrap issues + wrapper.__module__ = getattr(user_function, '__module__') + wrapper.__doc__ = getattr(user_function, '__doc__') + wrapper.__name__ = getattr(user_function, '__name__') + wrapper.__annotations__ = getattr(user_function, '__annotations__', {}) + return wrapper + + return decorating_function + + class ChainMap(MutableMapping): + ''' A ChainMap groups multiple dicts (or other mappings) together + to create a single, updateable view. + + The underlying mappings are stored in a list. That list is public and can + accessed or updated using the *maps* attribute. There is no other state. + + Lookups search the underlying mappings successively until a key is found. + In contrast, writes, updates, and deletions only operate on the first + mapping. + + ''' + + def __init__(self, *maps): + '''Initialize a ChainMap by setting *maps* to the given mappings. + If no mappings are provided, a single empty dictionary is used. + + ''' + self.maps = list(maps) or [{}] # always at least one map + + def __missing__(self, key): + raise KeyError(key) + + def __getitem__(self, key): + for mapping in self.maps: + try: + return mapping[key] # can't use 'key in mapping' with defaultdict + except KeyError: + pass + return self.__missing__(key) # support subclasses that define __missing__ + + def get(self, key, default=None): + return self[key] if key in self else default + + def __len__(self): + return len(set().union(*self.maps)) # reuses stored hash values if possible + + def __iter__(self): + return iter(set().union(*self.maps)) + + def __contains__(self, key): + return any(key in m for m in self.maps) + + def __bool__(self): + return any(self.maps) + + @_recursive_repr() + def __repr__(self): + return '{0.__class__.__name__}({1})'.format( + self, ', '.join(map(repr, self.maps))) + + @classmethod + def fromkeys(cls, iterable, *args): + 'Create a ChainMap with a single dict created from the iterable.' + return cls(dict.fromkeys(iterable, *args)) + + def copy(self): + 'New ChainMap or subclass with a new copy of maps[0] and refs to maps[1:]' + return self.__class__(self.maps[0].copy(), *self.maps[1:]) + + __copy__ = copy + + def new_child(self): # like Django's Context.push() + 'New ChainMap with a new dict followed by all previous maps.' + return self.__class__({}, *self.maps) + + @property + def parents(self): # like Django's Context.pop() + 'New ChainMap from maps[1:].' + return self.__class__(*self.maps[1:]) + + def __setitem__(self, key, value): + self.maps[0][key] = value + + def __delitem__(self, key): + try: + del self.maps[0][key] + except KeyError: + raise KeyError('Key not found in the first mapping: {!r}'.format(key)) + + def popitem(self): + 'Remove and return an item pair from maps[0]. Raise KeyError is maps[0] is empty.' + try: + return self.maps[0].popitem() + except KeyError: + raise KeyError('No keys found in the first mapping.') + + def pop(self, key, *args): + 'Remove *key* from maps[0] and return its value. Raise KeyError if *key* not in maps[0].' + try: + return self.maps[0].pop(key, *args) + except KeyError: + raise KeyError('Key not found in the first mapping: {!r}'.format(key)) + + def clear(self): + 'Clear maps[0], leaving maps[1:] intact.' + self.maps[0].clear() + +try: + from importlib.util import cache_from_source # Python >= 3.4 +except ImportError: # pragma: no cover + try: + from imp import cache_from_source + except ImportError: # pragma: no cover + def cache_from_source(path, debug_override=None): + assert path.endswith('.py') + if debug_override is None: + debug_override = __debug__ + if debug_override: + suffix = 'c' + else: + suffix = 'o' + return path + suffix + +try: + from collections import OrderedDict +except ImportError: # pragma: no cover +## {{{ http://code.activestate.com/recipes/576693/ (r9) +# Backport of OrderedDict() class that runs on Python 2.4, 2.5, 2.6, 2.7 and pypy. +# Passes Python2.7's test suite and incorporates all the latest updates. + try: + from thread import get_ident as _get_ident + except ImportError: + from dummy_thread import get_ident as _get_ident + + try: + from _abcoll import KeysView, ValuesView, ItemsView + except ImportError: + pass + + + class OrderedDict(dict): + 'Dictionary that remembers insertion order' + # An inherited dict maps keys to values. + # The inherited dict provides __getitem__, __len__, __contains__, and get. + # The remaining methods are order-aware. + # Big-O running times for all methods are the same as for regular dictionaries. + + # The internal self.__map dictionary maps keys to links in a doubly linked list. + # The circular doubly linked list starts and ends with a sentinel element. + # The sentinel element never gets deleted (this simplifies the algorithm). + # Each link is stored as a list of length three: [PREV, NEXT, KEY]. + + def __init__(self, *args, **kwds): + '''Initialize an ordered dictionary. Signature is the same as for + regular dictionaries, but keyword arguments are not recommended + because their insertion order is arbitrary. + + ''' + if len(args) > 1: + raise TypeError('expected at most 1 arguments, got %d' % len(args)) + try: + self.__root + except AttributeError: + self.__root = root = [] # sentinel node + root[:] = [root, root, None] + self.__map = {} + self.__update(*args, **kwds) + + def __setitem__(self, key, value, dict_setitem=dict.__setitem__): + 'od.__setitem__(i, y) <==> od[i]=y' + # Setting a new item creates a new link which goes at the end of the linked + # list, and the inherited dictionary is updated with the new key/value pair. + if key not in self: + root = self.__root + last = root[0] + last[1] = root[0] = self.__map[key] = [last, root, key] + dict_setitem(self, key, value) + + def __delitem__(self, key, dict_delitem=dict.__delitem__): + 'od.__delitem__(y) <==> del od[y]' + # Deleting an existing item uses self.__map to find the link which is + # then removed by updating the links in the predecessor and successor nodes. + dict_delitem(self, key) + link_prev, link_next, key = self.__map.pop(key) + link_prev[1] = link_next + link_next[0] = link_prev + + def __iter__(self): + 'od.__iter__() <==> iter(od)' + root = self.__root + curr = root[1] + while curr is not root: + yield curr[2] + curr = curr[1] + + def __reversed__(self): + 'od.__reversed__() <==> reversed(od)' + root = self.__root + curr = root[0] + while curr is not root: + yield curr[2] + curr = curr[0] + + def clear(self): + 'od.clear() -> None. Remove all items from od.' + try: + for node in self.__map.itervalues(): + del node[:] + root = self.__root + root[:] = [root, root, None] + self.__map.clear() + except AttributeError: + pass + dict.clear(self) + + def popitem(self, last=True): + '''od.popitem() -> (k, v), return and remove a (key, value) pair. + Pairs are returned in LIFO order if last is true or FIFO order if false. + + ''' + if not self: + raise KeyError('dictionary is empty') + root = self.__root + if last: + link = root[0] + link_prev = link[0] + link_prev[1] = root + root[0] = link_prev + else: + link = root[1] + link_next = link[1] + root[1] = link_next + link_next[0] = root + key = link[2] + del self.__map[key] + value = dict.pop(self, key) + return key, value + + # -- the following methods do not depend on the internal structure -- + + def keys(self): + 'od.keys() -> list of keys in od' + return list(self) + + def values(self): + 'od.values() -> list of values in od' + return [self[key] for key in self] + + def items(self): + 'od.items() -> list of (key, value) pairs in od' + return [(key, self[key]) for key in self] + + def iterkeys(self): + 'od.iterkeys() -> an iterator over the keys in od' + return iter(self) + + def itervalues(self): + 'od.itervalues -> an iterator over the values in od' + for k in self: + yield self[k] + + def iteritems(self): + 'od.iteritems -> an iterator over the (key, value) items in od' + for k in self: + yield (k, self[k]) + + def update(*args, **kwds): + '''od.update(E, **F) -> None. Update od from dict/iterable E and F. + + If E is a dict instance, does: for k in E: od[k] = E[k] + If E has a .keys() method, does: for k in E.keys(): od[k] = E[k] + Or if E is an iterable of items, does: for k, v in E: od[k] = v + In either case, this is followed by: for k, v in F.items(): od[k] = v + + ''' + if len(args) > 2: + raise TypeError('update() takes at most 2 positional ' + 'arguments (%d given)' % (len(args),)) + elif not args: + raise TypeError('update() takes at least 1 argument (0 given)') + self = args[0] + # Make progressively weaker assumptions about "other" + other = () + if len(args) == 2: + other = args[1] + if isinstance(other, dict): + for key in other: + self[key] = other[key] + elif hasattr(other, 'keys'): + for key in other.keys(): + self[key] = other[key] + else: + for key, value in other: + self[key] = value + for key, value in kwds.items(): + self[key] = value + + __update = update # let subclasses override update without breaking __init__ + + __marker = object() + + def pop(self, key, default=__marker): + '''od.pop(k[,d]) -> v, remove specified key and return the corresponding value. + If key is not found, d is returned if given, otherwise KeyError is raised. + + ''' + if key in self: + result = self[key] + del self[key] + return result + if default is self.__marker: + raise KeyError(key) + return default + + def setdefault(self, key, default=None): + 'od.setdefault(k[,d]) -> od.get(k,d), also set od[k]=d if k not in od' + if key in self: + return self[key] + self[key] = default + return default + + def __repr__(self, _repr_running=None): + 'od.__repr__() <==> repr(od)' + if not _repr_running: _repr_running = {} + call_key = id(self), _get_ident() + if call_key in _repr_running: + return '...' + _repr_running[call_key] = 1 + try: + if not self: + return '%s()' % (self.__class__.__name__,) + return '%s(%r)' % (self.__class__.__name__, self.items()) + finally: + del _repr_running[call_key] + + def __reduce__(self): + 'Return state information for pickling' + items = [[k, self[k]] for k in self] + inst_dict = vars(self).copy() + for k in vars(OrderedDict()): + inst_dict.pop(k, None) + if inst_dict: + return (self.__class__, (items,), inst_dict) + return self.__class__, (items,) + + def copy(self): + 'od.copy() -> a shallow copy of od' + return self.__class__(self) + + @classmethod + def fromkeys(cls, iterable, value=None): + '''OD.fromkeys(S[, v]) -> New ordered dictionary with keys from S + and values equal to v (which defaults to None). + + ''' + d = cls() + for key in iterable: + d[key] = value + return d + + def __eq__(self, other): + '''od.__eq__(y) <==> od==y. Comparison to another OD is order-sensitive + while comparison to a regular mapping is order-insensitive. + + ''' + if isinstance(other, OrderedDict): + return len(self)==len(other) and self.items() == other.items() + return dict.__eq__(self, other) + + def __ne__(self, other): + return not self == other + + # -- the following methods are only used in Python 2.7 -- + + def viewkeys(self): + "od.viewkeys() -> a set-like object providing a view on od's keys" + return KeysView(self) + + def viewvalues(self): + "od.viewvalues() -> an object providing a view on od's values" + return ValuesView(self) + + def viewitems(self): + "od.viewitems() -> a set-like object providing a view on od's items" + return ItemsView(self) + +try: + from logging.config import BaseConfigurator, valid_ident +except ImportError: # pragma: no cover + IDENTIFIER = re.compile('^[a-z_][a-z0-9_]*$', re.I) + + + def valid_ident(s): + m = IDENTIFIER.match(s) + if not m: + raise ValueError('Not a valid Python identifier: %r' % s) + return True + + + # The ConvertingXXX classes are wrappers around standard Python containers, + # and they serve to convert any suitable values in the container. The + # conversion converts base dicts, lists and tuples to their wrapped + # equivalents, whereas strings which match a conversion format are converted + # appropriately. + # + # Each wrapper should have a configurator attribute holding the actual + # configurator to use for conversion. + + class ConvertingDict(dict): + """A converting dictionary wrapper.""" + + def __getitem__(self, key): + value = dict.__getitem__(self, key) + result = self.configurator.convert(value) + #If the converted value is different, save for next time + if value is not result: + self[key] = result + if type(result) in (ConvertingDict, ConvertingList, + ConvertingTuple): + result.parent = self + result.key = key + return result + + def get(self, key, default=None): + value = dict.get(self, key, default) + result = self.configurator.convert(value) + #If the converted value is different, save for next time + if value is not result: + self[key] = result + if type(result) in (ConvertingDict, ConvertingList, + ConvertingTuple): + result.parent = self + result.key = key + return result + + def pop(self, key, default=None): + value = dict.pop(self, key, default) + result = self.configurator.convert(value) + if value is not result: + if type(result) in (ConvertingDict, ConvertingList, + ConvertingTuple): + result.parent = self + result.key = key + return result + + class ConvertingList(list): + """A converting list wrapper.""" + def __getitem__(self, key): + value = list.__getitem__(self, key) + result = self.configurator.convert(value) + #If the converted value is different, save for next time + if value is not result: + self[key] = result + if type(result) in (ConvertingDict, ConvertingList, + ConvertingTuple): + result.parent = self + result.key = key + return result + + def pop(self, idx=-1): + value = list.pop(self, idx) + result = self.configurator.convert(value) + if value is not result: + if type(result) in (ConvertingDict, ConvertingList, + ConvertingTuple): + result.parent = self + return result + + class ConvertingTuple(tuple): + """A converting tuple wrapper.""" + def __getitem__(self, key): + value = tuple.__getitem__(self, key) + result = self.configurator.convert(value) + if value is not result: + if type(result) in (ConvertingDict, ConvertingList, + ConvertingTuple): + result.parent = self + result.key = key + return result + + class BaseConfigurator(object): + """ + The configurator base class which defines some useful defaults. + """ + + CONVERT_PATTERN = re.compile(r'^(?P[a-z]+)://(?P.*)$') + + WORD_PATTERN = re.compile(r'^\s*(\w+)\s*') + DOT_PATTERN = re.compile(r'^\.\s*(\w+)\s*') + INDEX_PATTERN = re.compile(r'^\[\s*(\w+)\s*\]\s*') + DIGIT_PATTERN = re.compile(r'^\d+$') + + value_converters = { + 'ext' : 'ext_convert', + 'cfg' : 'cfg_convert', + } + + # We might want to use a different one, e.g. importlib + importer = staticmethod(__import__) + + def __init__(self, config): + self.config = ConvertingDict(config) + self.config.configurator = self + + def resolve(self, s): + """ + Resolve strings to objects using standard import and attribute + syntax. + """ + name = s.split('.') + used = name.pop(0) + try: + found = self.importer(used) + for frag in name: + used += '.' + frag + try: + found = getattr(found, frag) + except AttributeError: + self.importer(used) + found = getattr(found, frag) + return found + except ImportError: + e, tb = sys.exc_info()[1:] + v = ValueError('Cannot resolve %r: %s' % (s, e)) + v.__cause__, v.__traceback__ = e, tb + raise v + + def ext_convert(self, value): + """Default converter for the ext:// protocol.""" + return self.resolve(value) + + def cfg_convert(self, value): + """Default converter for the cfg:// protocol.""" + rest = value + m = self.WORD_PATTERN.match(rest) + if m is None: + raise ValueError("Unable to convert %r" % value) + else: + rest = rest[m.end():] + d = self.config[m.groups()[0]] + #print d, rest + while rest: + m = self.DOT_PATTERN.match(rest) + if m: + d = d[m.groups()[0]] + else: + m = self.INDEX_PATTERN.match(rest) + if m: + idx = m.groups()[0] + if not self.DIGIT_PATTERN.match(idx): + d = d[idx] + else: + try: + n = int(idx) # try as number first (most likely) + d = d[n] + except TypeError: + d = d[idx] + if m: + rest = rest[m.end():] + else: + raise ValueError('Unable to convert ' + '%r at %r' % (value, rest)) + #rest should be empty + return d + + def convert(self, value): + """ + Convert values to an appropriate type. dicts, lists and tuples are + replaced by their converting alternatives. Strings are checked to + see if they have a conversion format and are converted if they do. + """ + if not isinstance(value, ConvertingDict) and isinstance(value, dict): + value = ConvertingDict(value) + value.configurator = self + elif not isinstance(value, ConvertingList) and isinstance(value, list): + value = ConvertingList(value) + value.configurator = self + elif not isinstance(value, ConvertingTuple) and\ + isinstance(value, tuple): + value = ConvertingTuple(value) + value.configurator = self + elif isinstance(value, string_types): + m = self.CONVERT_PATTERN.match(value) + if m: + d = m.groupdict() + prefix = d['prefix'] + converter = self.value_converters.get(prefix, None) + if converter: + suffix = d['suffix'] + converter = getattr(self, converter) + value = converter(suffix) + return value + + def configure_custom(self, config): + """Configure an object with a user-supplied factory.""" + c = config.pop('()') + if not callable(c): + c = self.resolve(c) + props = config.pop('.', None) + # Check for valid identifiers + kwargs = dict([(k, config[k]) for k in config if valid_ident(k)]) + result = c(**kwargs) + if props: + for name, value in props.items(): + setattr(result, name, value) + return result + + def as_tuple(self, value): + """Utility function which converts lists to tuples.""" + if isinstance(value, list): + value = tuple(value) + return value diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/database.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/database.py new file mode 100644 index 000000000..0a90c300b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/database.py @@ -0,0 +1,1339 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2012-2017 The Python Software Foundation. +# See LICENSE.txt and CONTRIBUTORS.txt. +# +"""PEP 376 implementation.""" + +from __future__ import unicode_literals + +import base64 +import codecs +import contextlib +import hashlib +import logging +import os +import posixpath +import sys +import zipimport + +from . import DistlibException, resources +from .compat import StringIO +from .version import get_scheme, UnsupportedVersionError +from .metadata import (Metadata, METADATA_FILENAME, WHEEL_METADATA_FILENAME, + LEGACY_METADATA_FILENAME) +from .util import (parse_requirement, cached_property, parse_name_and_version, + read_exports, write_exports, CSVReader, CSVWriter) + + +__all__ = ['Distribution', 'BaseInstalledDistribution', + 'InstalledDistribution', 'EggInfoDistribution', + 'DistributionPath'] + + +logger = logging.getLogger(__name__) + +EXPORTS_FILENAME = 'pydist-exports.json' +COMMANDS_FILENAME = 'pydist-commands.json' + +DIST_FILES = ('INSTALLER', METADATA_FILENAME, 'RECORD', 'REQUESTED', + 'RESOURCES', EXPORTS_FILENAME, 'SHARED') + +DISTINFO_EXT = '.dist-info' + + +class _Cache(object): + """ + A simple cache mapping names and .dist-info paths to distributions + """ + def __init__(self): + """ + Initialise an instance. There is normally one for each DistributionPath. + """ + self.name = {} + self.path = {} + self.generated = False + + def clear(self): + """ + Clear the cache, setting it to its initial state. + """ + self.name.clear() + self.path.clear() + self.generated = False + + def add(self, dist): + """ + Add a distribution to the cache. + :param dist: The distribution to add. + """ + if dist.path not in self.path: + self.path[dist.path] = dist + self.name.setdefault(dist.key, []).append(dist) + + +class DistributionPath(object): + """ + Represents a set of distributions installed on a path (typically sys.path). + """ + def __init__(self, path=None, include_egg=False): + """ + Create an instance from a path, optionally including legacy (distutils/ + setuptools/distribute) distributions. + :param path: The path to use, as a list of directories. If not specified, + sys.path is used. + :param include_egg: If True, this instance will look for and return legacy + distributions as well as those based on PEP 376. + """ + if path is None: + path = sys.path + self.path = path + self._include_dist = True + self._include_egg = include_egg + + self._cache = _Cache() + self._cache_egg = _Cache() + self._cache_enabled = True + self._scheme = get_scheme('default') + + def _get_cache_enabled(self): + return self._cache_enabled + + def _set_cache_enabled(self, value): + self._cache_enabled = value + + cache_enabled = property(_get_cache_enabled, _set_cache_enabled) + + def clear_cache(self): + """ + Clears the internal cache. + """ + self._cache.clear() + self._cache_egg.clear() + + + def _yield_distributions(self): + """ + Yield .dist-info and/or .egg(-info) distributions. + """ + # We need to check if we've seen some resources already, because on + # some Linux systems (e.g. some Debian/Ubuntu variants) there are + # symlinks which alias other files in the environment. + seen = set() + for path in self.path: + finder = resources.finder_for_path(path) + if finder is None: + continue + r = finder.find('') + if not r or not r.is_container: + continue + rset = sorted(r.resources) + for entry in rset: + r = finder.find(entry) + if not r or r.path in seen: + continue + if self._include_dist and entry.endswith(DISTINFO_EXT): + possible_filenames = [METADATA_FILENAME, + WHEEL_METADATA_FILENAME, + LEGACY_METADATA_FILENAME] + for metadata_filename in possible_filenames: + metadata_path = posixpath.join(entry, metadata_filename) + pydist = finder.find(metadata_path) + if pydist: + break + else: + continue + + with contextlib.closing(pydist.as_stream()) as stream: + metadata = Metadata(fileobj=stream, scheme='legacy') + logger.debug('Found %s', r.path) + seen.add(r.path) + yield new_dist_class(r.path, metadata=metadata, + env=self) + elif self._include_egg and entry.endswith(('.egg-info', + '.egg')): + logger.debug('Found %s', r.path) + seen.add(r.path) + yield old_dist_class(r.path, self) + + def _generate_cache(self): + """ + Scan the path for distributions and populate the cache with + those that are found. + """ + gen_dist = not self._cache.generated + gen_egg = self._include_egg and not self._cache_egg.generated + if gen_dist or gen_egg: + for dist in self._yield_distributions(): + if isinstance(dist, InstalledDistribution): + self._cache.add(dist) + else: + self._cache_egg.add(dist) + + if gen_dist: + self._cache.generated = True + if gen_egg: + self._cache_egg.generated = True + + @classmethod + def distinfo_dirname(cls, name, version): + """ + The *name* and *version* parameters are converted into their + filename-escaped form, i.e. any ``'-'`` characters are replaced + with ``'_'`` other than the one in ``'dist-info'`` and the one + separating the name from the version number. + + :parameter name: is converted to a standard distribution name by replacing + any runs of non- alphanumeric characters with a single + ``'-'``. + :type name: string + :parameter version: is converted to a standard version string. Spaces + become dots, and all other non-alphanumeric characters + (except dots) become dashes, with runs of multiple + dashes condensed to a single dash. + :type version: string + :returns: directory name + :rtype: string""" + name = name.replace('-', '_') + return '-'.join([name, version]) + DISTINFO_EXT + + def get_distributions(self): + """ + Provides an iterator that looks for distributions and returns + :class:`InstalledDistribution` or + :class:`EggInfoDistribution` instances for each one of them. + + :rtype: iterator of :class:`InstalledDistribution` and + :class:`EggInfoDistribution` instances + """ + if not self._cache_enabled: + for dist in self._yield_distributions(): + yield dist + else: + self._generate_cache() + + for dist in self._cache.path.values(): + yield dist + + if self._include_egg: + for dist in self._cache_egg.path.values(): + yield dist + + def get_distribution(self, name): + """ + Looks for a named distribution on the path. + + This function only returns the first result found, as no more than one + value is expected. If nothing is found, ``None`` is returned. + + :rtype: :class:`InstalledDistribution`, :class:`EggInfoDistribution` + or ``None`` + """ + result = None + name = name.lower() + if not self._cache_enabled: + for dist in self._yield_distributions(): + if dist.key == name: + result = dist + break + else: + self._generate_cache() + + if name in self._cache.name: + result = self._cache.name[name][0] + elif self._include_egg and name in self._cache_egg.name: + result = self._cache_egg.name[name][0] + return result + + def provides_distribution(self, name, version=None): + """ + Iterates over all distributions to find which distributions provide *name*. + If a *version* is provided, it will be used to filter the results. + + This function only returns the first result found, since no more than + one values are expected. If the directory is not found, returns ``None``. + + :parameter version: a version specifier that indicates the version + required, conforming to the format in ``PEP-345`` + + :type name: string + :type version: string + """ + matcher = None + if version is not None: + try: + matcher = self._scheme.matcher('%s (%s)' % (name, version)) + except ValueError: + raise DistlibException('invalid name or version: %r, %r' % + (name, version)) + + for dist in self.get_distributions(): + # We hit a problem on Travis where enum34 was installed and doesn't + # have a provides attribute ... + if not hasattr(dist, 'provides'): + logger.debug('No "provides": %s', dist) + else: + provided = dist.provides + + for p in provided: + p_name, p_ver = parse_name_and_version(p) + if matcher is None: + if p_name == name: + yield dist + break + else: + if p_name == name and matcher.match(p_ver): + yield dist + break + + def get_file_path(self, name, relative_path): + """ + Return the path to a resource file. + """ + dist = self.get_distribution(name) + if dist is None: + raise LookupError('no distribution named %r found' % name) + return dist.get_resource_path(relative_path) + + def get_exported_entries(self, category, name=None): + """ + Return all of the exported entries in a particular category. + + :param category: The category to search for entries. + :param name: If specified, only entries with that name are returned. + """ + for dist in self.get_distributions(): + r = dist.exports + if category in r: + d = r[category] + if name is not None: + if name in d: + yield d[name] + else: + for v in d.values(): + yield v + + +class Distribution(object): + """ + A base class for distributions, whether installed or from indexes. + Either way, it must have some metadata, so that's all that's needed + for construction. + """ + + build_time_dependency = False + """ + Set to True if it's known to be only a build-time dependency (i.e. + not needed after installation). + """ + + requested = False + """A boolean that indicates whether the ``REQUESTED`` metadata file is + present (in other words, whether the package was installed by user + request or it was installed as a dependency).""" + + def __init__(self, metadata): + """ + Initialise an instance. + :param metadata: The instance of :class:`Metadata` describing this + distribution. + """ + self.metadata = metadata + self.name = metadata.name + self.key = self.name.lower() # for case-insensitive comparisons + self.version = metadata.version + self.locator = None + self.digest = None + self.extras = None # additional features requested + self.context = None # environment marker overrides + self.download_urls = set() + self.digests = {} + + @property + def source_url(self): + """ + The source archive download URL for this distribution. + """ + return self.metadata.source_url + + download_url = source_url # Backward compatibility + + @property + def name_and_version(self): + """ + A utility property which displays the name and version in parentheses. + """ + return '%s (%s)' % (self.name, self.version) + + @property + def provides(self): + """ + A set of distribution names and versions provided by this distribution. + :return: A set of "name (version)" strings. + """ + plist = self.metadata.provides + s = '%s (%s)' % (self.name, self.version) + if s not in plist: + plist.append(s) + return plist + + def _get_requirements(self, req_attr): + md = self.metadata + logger.debug('Getting requirements from metadata %r', md.todict()) + reqts = getattr(md, req_attr) + return set(md.get_requirements(reqts, extras=self.extras, + env=self.context)) + + @property + def run_requires(self): + return self._get_requirements('run_requires') + + @property + def meta_requires(self): + return self._get_requirements('meta_requires') + + @property + def build_requires(self): + return self._get_requirements('build_requires') + + @property + def test_requires(self): + return self._get_requirements('test_requires') + + @property + def dev_requires(self): + return self._get_requirements('dev_requires') + + def matches_requirement(self, req): + """ + Say if this instance matches (fulfills) a requirement. + :param req: The requirement to match. + :rtype req: str + :return: True if it matches, else False. + """ + # Requirement may contain extras - parse to lose those + # from what's passed to the matcher + r = parse_requirement(req) + scheme = get_scheme(self.metadata.scheme) + try: + matcher = scheme.matcher(r.requirement) + except UnsupportedVersionError: + # XXX compat-mode if cannot read the version + logger.warning('could not read version %r - using name only', + req) + name = req.split()[0] + matcher = scheme.matcher(name) + + name = matcher.key # case-insensitive + + result = False + for p in self.provides: + p_name, p_ver = parse_name_and_version(p) + if p_name != name: + continue + try: + result = matcher.match(p_ver) + break + except UnsupportedVersionError: + pass + return result + + def __repr__(self): + """ + Return a textual representation of this instance, + """ + if self.source_url: + suffix = ' [%s]' % self.source_url + else: + suffix = '' + return '' % (self.name, self.version, suffix) + + def __eq__(self, other): + """ + See if this distribution is the same as another. + :param other: The distribution to compare with. To be equal to one + another. distributions must have the same type, name, + version and source_url. + :return: True if it is the same, else False. + """ + if type(other) is not type(self): + result = False + else: + result = (self.name == other.name and + self.version == other.version and + self.source_url == other.source_url) + return result + + def __hash__(self): + """ + Compute hash in a way which matches the equality test. + """ + return hash(self.name) + hash(self.version) + hash(self.source_url) + + +class BaseInstalledDistribution(Distribution): + """ + This is the base class for installed distributions (whether PEP 376 or + legacy). + """ + + hasher = None + + def __init__(self, metadata, path, env=None): + """ + Initialise an instance. + :param metadata: An instance of :class:`Metadata` which describes the + distribution. This will normally have been initialised + from a metadata file in the ``path``. + :param path: The path of the ``.dist-info`` or ``.egg-info`` + directory for the distribution. + :param env: This is normally the :class:`DistributionPath` + instance where this distribution was found. + """ + super(BaseInstalledDistribution, self).__init__(metadata) + self.path = path + self.dist_path = env + + def get_hash(self, data, hasher=None): + """ + Get the hash of some data, using a particular hash algorithm, if + specified. + + :param data: The data to be hashed. + :type data: bytes + :param hasher: The name of a hash implementation, supported by hashlib, + or ``None``. Examples of valid values are ``'sha1'``, + ``'sha224'``, ``'sha384'``, '``sha256'``, ``'md5'`` and + ``'sha512'``. If no hasher is specified, the ``hasher`` + attribute of the :class:`InstalledDistribution` instance + is used. If the hasher is determined to be ``None``, MD5 + is used as the hashing algorithm. + :returns: The hash of the data. If a hasher was explicitly specified, + the returned hash will be prefixed with the specified hasher + followed by '='. + :rtype: str + """ + if hasher is None: + hasher = self.hasher + if hasher is None: + hasher = hashlib.md5 + prefix = '' + else: + hasher = getattr(hashlib, hasher) + prefix = '%s=' % self.hasher + digest = hasher(data).digest() + digest = base64.urlsafe_b64encode(digest).rstrip(b'=').decode('ascii') + return '%s%s' % (prefix, digest) + + +class InstalledDistribution(BaseInstalledDistribution): + """ + Created with the *path* of the ``.dist-info`` directory provided to the + constructor. It reads the metadata contained in ``pydist.json`` when it is + instantiated., or uses a passed in Metadata instance (useful for when + dry-run mode is being used). + """ + + hasher = 'sha256' + + def __init__(self, path, metadata=None, env=None): + self.modules = [] + self.finder = finder = resources.finder_for_path(path) + if finder is None: + raise ValueError('finder unavailable for %s' % path) + if env and env._cache_enabled and path in env._cache.path: + metadata = env._cache.path[path].metadata + elif metadata is None: + r = finder.find(METADATA_FILENAME) + # Temporary - for Wheel 0.23 support + if r is None: + r = finder.find(WHEEL_METADATA_FILENAME) + # Temporary - for legacy support + if r is None: + r = finder.find(LEGACY_METADATA_FILENAME) + if r is None: + raise ValueError('no %s found in %s' % (METADATA_FILENAME, + path)) + with contextlib.closing(r.as_stream()) as stream: + metadata = Metadata(fileobj=stream, scheme='legacy') + + super(InstalledDistribution, self).__init__(metadata, path, env) + + if env and env._cache_enabled: + env._cache.add(self) + + r = finder.find('REQUESTED') + self.requested = r is not None + p = os.path.join(path, 'top_level.txt') + if os.path.exists(p): + with open(p, 'rb') as f: + data = f.read().decode('utf-8') + self.modules = data.splitlines() + + def __repr__(self): + return '' % ( + self.name, self.version, self.path) + + def __str__(self): + return "%s %s" % (self.name, self.version) + + def _get_records(self): + """ + Get the list of installed files for the distribution + :return: A list of tuples of path, hash and size. Note that hash and + size might be ``None`` for some entries. The path is exactly + as stored in the file (which is as in PEP 376). + """ + results = [] + r = self.get_distinfo_resource('RECORD') + with contextlib.closing(r.as_stream()) as stream: + with CSVReader(stream=stream) as record_reader: + # Base location is parent dir of .dist-info dir + #base_location = os.path.dirname(self.path) + #base_location = os.path.abspath(base_location) + for row in record_reader: + missing = [None for i in range(len(row), 3)] + path, checksum, size = row + missing + #if not os.path.isabs(path): + # path = path.replace('/', os.sep) + # path = os.path.join(base_location, path) + results.append((path, checksum, size)) + return results + + @cached_property + def exports(self): + """ + Return the information exported by this distribution. + :return: A dictionary of exports, mapping an export category to a dict + of :class:`ExportEntry` instances describing the individual + export entries, and keyed by name. + """ + result = {} + r = self.get_distinfo_resource(EXPORTS_FILENAME) + if r: + result = self.read_exports() + return result + + def read_exports(self): + """ + Read exports data from a file in .ini format. + + :return: A dictionary of exports, mapping an export category to a list + of :class:`ExportEntry` instances describing the individual + export entries. + """ + result = {} + r = self.get_distinfo_resource(EXPORTS_FILENAME) + if r: + with contextlib.closing(r.as_stream()) as stream: + result = read_exports(stream) + return result + + def write_exports(self, exports): + """ + Write a dictionary of exports to a file in .ini format. + :param exports: A dictionary of exports, mapping an export category to + a list of :class:`ExportEntry` instances describing the + individual export entries. + """ + rf = self.get_distinfo_file(EXPORTS_FILENAME) + with open(rf, 'w') as f: + write_exports(exports, f) + + def get_resource_path(self, relative_path): + """ + NOTE: This API may change in the future. + + Return the absolute path to a resource file with the given relative + path. + + :param relative_path: The path, relative to .dist-info, of the resource + of interest. + :return: The absolute path where the resource is to be found. + """ + r = self.get_distinfo_resource('RESOURCES') + with contextlib.closing(r.as_stream()) as stream: + with CSVReader(stream=stream) as resources_reader: + for relative, destination in resources_reader: + if relative == relative_path: + return destination + raise KeyError('no resource file with relative path %r ' + 'is installed' % relative_path) + + def list_installed_files(self): + """ + Iterates over the ``RECORD`` entries and returns a tuple + ``(path, hash, size)`` for each line. + + :returns: iterator of (path, hash, size) + """ + for result in self._get_records(): + yield result + + def write_installed_files(self, paths, prefix, dry_run=False): + """ + Writes the ``RECORD`` file, using the ``paths`` iterable passed in. Any + existing ``RECORD`` file is silently overwritten. + + prefix is used to determine when to write absolute paths. + """ + prefix = os.path.join(prefix, '') + base = os.path.dirname(self.path) + base_under_prefix = base.startswith(prefix) + base = os.path.join(base, '') + record_path = self.get_distinfo_file('RECORD') + logger.info('creating %s', record_path) + if dry_run: + return None + with CSVWriter(record_path) as writer: + for path in paths: + if os.path.isdir(path) or path.endswith(('.pyc', '.pyo')): + # do not put size and hash, as in PEP-376 + hash_value = size = '' + else: + size = '%d' % os.path.getsize(path) + with open(path, 'rb') as fp: + hash_value = self.get_hash(fp.read()) + if path.startswith(base) or (base_under_prefix and + path.startswith(prefix)): + path = os.path.relpath(path, base) + writer.writerow((path, hash_value, size)) + + # add the RECORD file itself + if record_path.startswith(base): + record_path = os.path.relpath(record_path, base) + writer.writerow((record_path, '', '')) + return record_path + + def check_installed_files(self): + """ + Checks that the hashes and sizes of the files in ``RECORD`` are + matched by the files themselves. Returns a (possibly empty) list of + mismatches. Each entry in the mismatch list will be a tuple consisting + of the path, 'exists', 'size' or 'hash' according to what didn't match + (existence is checked first, then size, then hash), the expected + value and the actual value. + """ + mismatches = [] + base = os.path.dirname(self.path) + record_path = self.get_distinfo_file('RECORD') + for path, hash_value, size in self.list_installed_files(): + if not os.path.isabs(path): + path = os.path.join(base, path) + if path == record_path: + continue + if not os.path.exists(path): + mismatches.append((path, 'exists', True, False)) + elif os.path.isfile(path): + actual_size = str(os.path.getsize(path)) + if size and actual_size != size: + mismatches.append((path, 'size', size, actual_size)) + elif hash_value: + if '=' in hash_value: + hasher = hash_value.split('=', 1)[0] + else: + hasher = None + + with open(path, 'rb') as f: + actual_hash = self.get_hash(f.read(), hasher) + if actual_hash != hash_value: + mismatches.append((path, 'hash', hash_value, actual_hash)) + return mismatches + + @cached_property + def shared_locations(self): + """ + A dictionary of shared locations whose keys are in the set 'prefix', + 'purelib', 'platlib', 'scripts', 'headers', 'data' and 'namespace'. + The corresponding value is the absolute path of that category for + this distribution, and takes into account any paths selected by the + user at installation time (e.g. via command-line arguments). In the + case of the 'namespace' key, this would be a list of absolute paths + for the roots of namespace packages in this distribution. + + The first time this property is accessed, the relevant information is + read from the SHARED file in the .dist-info directory. + """ + result = {} + shared_path = os.path.join(self.path, 'SHARED') + if os.path.isfile(shared_path): + with codecs.open(shared_path, 'r', encoding='utf-8') as f: + lines = f.read().splitlines() + for line in lines: + key, value = line.split('=', 1) + if key == 'namespace': + result.setdefault(key, []).append(value) + else: + result[key] = value + return result + + def write_shared_locations(self, paths, dry_run=False): + """ + Write shared location information to the SHARED file in .dist-info. + :param paths: A dictionary as described in the documentation for + :meth:`shared_locations`. + :param dry_run: If True, the action is logged but no file is actually + written. + :return: The path of the file written to. + """ + shared_path = os.path.join(self.path, 'SHARED') + logger.info('creating %s', shared_path) + if dry_run: + return None + lines = [] + for key in ('prefix', 'lib', 'headers', 'scripts', 'data'): + path = paths[key] + if os.path.isdir(paths[key]): + lines.append('%s=%s' % (key, path)) + for ns in paths.get('namespace', ()): + lines.append('namespace=%s' % ns) + + with codecs.open(shared_path, 'w', encoding='utf-8') as f: + f.write('\n'.join(lines)) + return shared_path + + def get_distinfo_resource(self, path): + if path not in DIST_FILES: + raise DistlibException('invalid path for a dist-info file: ' + '%r at %r' % (path, self.path)) + finder = resources.finder_for_path(self.path) + if finder is None: + raise DistlibException('Unable to get a finder for %s' % self.path) + return finder.find(path) + + def get_distinfo_file(self, path): + """ + Returns a path located under the ``.dist-info`` directory. Returns a + string representing the path. + + :parameter path: a ``'/'``-separated path relative to the + ``.dist-info`` directory or an absolute path; + If *path* is an absolute path and doesn't start + with the ``.dist-info`` directory path, + a :class:`DistlibException` is raised + :type path: str + :rtype: str + """ + # Check if it is an absolute path # XXX use relpath, add tests + if path.find(os.sep) >= 0: + # it's an absolute path? + distinfo_dirname, path = path.split(os.sep)[-2:] + if distinfo_dirname != self.path.split(os.sep)[-1]: + raise DistlibException( + 'dist-info file %r does not belong to the %r %s ' + 'distribution' % (path, self.name, self.version)) + + # The file must be relative + if path not in DIST_FILES: + raise DistlibException('invalid path for a dist-info file: ' + '%r at %r' % (path, self.path)) + + return os.path.join(self.path, path) + + def list_distinfo_files(self): + """ + Iterates over the ``RECORD`` entries and returns paths for each line if + the path is pointing to a file located in the ``.dist-info`` directory + or one of its subdirectories. + + :returns: iterator of paths + """ + base = os.path.dirname(self.path) + for path, checksum, size in self._get_records(): + # XXX add separator or use real relpath algo + if not os.path.isabs(path): + path = os.path.join(base, path) + if path.startswith(self.path): + yield path + + def __eq__(self, other): + return (isinstance(other, InstalledDistribution) and + self.path == other.path) + + # See http://docs.python.org/reference/datamodel#object.__hash__ + __hash__ = object.__hash__ + + +class EggInfoDistribution(BaseInstalledDistribution): + """Created with the *path* of the ``.egg-info`` directory or file provided + to the constructor. It reads the metadata contained in the file itself, or + if the given path happens to be a directory, the metadata is read from the + file ``PKG-INFO`` under that directory.""" + + requested = True # as we have no way of knowing, assume it was + shared_locations = {} + + def __init__(self, path, env=None): + def set_name_and_version(s, n, v): + s.name = n + s.key = n.lower() # for case-insensitive comparisons + s.version = v + + self.path = path + self.dist_path = env + if env and env._cache_enabled and path in env._cache_egg.path: + metadata = env._cache_egg.path[path].metadata + set_name_and_version(self, metadata.name, metadata.version) + else: + metadata = self._get_metadata(path) + + # Need to be set before caching + set_name_and_version(self, metadata.name, metadata.version) + + if env and env._cache_enabled: + env._cache_egg.add(self) + super(EggInfoDistribution, self).__init__(metadata, path, env) + + def _get_metadata(self, path): + requires = None + + def parse_requires_data(data): + """Create a list of dependencies from a requires.txt file. + + *data*: the contents of a setuptools-produced requires.txt file. + """ + reqs = [] + lines = data.splitlines() + for line in lines: + line = line.strip() + if line.startswith('['): + logger.warning('Unexpected line: quitting requirement scan: %r', + line) + break + r = parse_requirement(line) + if not r: + logger.warning('Not recognised as a requirement: %r', line) + continue + if r.extras: + logger.warning('extra requirements in requires.txt are ' + 'not supported') + if not r.constraints: + reqs.append(r.name) + else: + cons = ', '.join('%s%s' % c for c in r.constraints) + reqs.append('%s (%s)' % (r.name, cons)) + return reqs + + def parse_requires_path(req_path): + """Create a list of dependencies from a requires.txt file. + + *req_path*: the path to a setuptools-produced requires.txt file. + """ + + reqs = [] + try: + with codecs.open(req_path, 'r', 'utf-8') as fp: + reqs = parse_requires_data(fp.read()) + except IOError: + pass + return reqs + + tl_path = tl_data = None + if path.endswith('.egg'): + if os.path.isdir(path): + p = os.path.join(path, 'EGG-INFO') + meta_path = os.path.join(p, 'PKG-INFO') + metadata = Metadata(path=meta_path, scheme='legacy') + req_path = os.path.join(p, 'requires.txt') + tl_path = os.path.join(p, 'top_level.txt') + requires = parse_requires_path(req_path) + else: + # FIXME handle the case where zipfile is not available + zipf = zipimport.zipimporter(path) + fileobj = StringIO( + zipf.get_data('EGG-INFO/PKG-INFO').decode('utf8')) + metadata = Metadata(fileobj=fileobj, scheme='legacy') + try: + data = zipf.get_data('EGG-INFO/requires.txt') + tl_data = zipf.get_data('EGG-INFO/top_level.txt').decode('utf-8') + requires = parse_requires_data(data.decode('utf-8')) + except IOError: + requires = None + elif path.endswith('.egg-info'): + if os.path.isdir(path): + req_path = os.path.join(path, 'requires.txt') + requires = parse_requires_path(req_path) + path = os.path.join(path, 'PKG-INFO') + tl_path = os.path.join(path, 'top_level.txt') + metadata = Metadata(path=path, scheme='legacy') + else: + raise DistlibException('path must end with .egg-info or .egg, ' + 'got %r' % path) + + if requires: + metadata.add_requirements(requires) + # look for top-level modules in top_level.txt, if present + if tl_data is None: + if tl_path is not None and os.path.exists(tl_path): + with open(tl_path, 'rb') as f: + tl_data = f.read().decode('utf-8') + if not tl_data: + tl_data = [] + else: + tl_data = tl_data.splitlines() + self.modules = tl_data + return metadata + + def __repr__(self): + return '' % ( + self.name, self.version, self.path) + + def __str__(self): + return "%s %s" % (self.name, self.version) + + def check_installed_files(self): + """ + Checks that the hashes and sizes of the files in ``RECORD`` are + matched by the files themselves. Returns a (possibly empty) list of + mismatches. Each entry in the mismatch list will be a tuple consisting + of the path, 'exists', 'size' or 'hash' according to what didn't match + (existence is checked first, then size, then hash), the expected + value and the actual value. + """ + mismatches = [] + record_path = os.path.join(self.path, 'installed-files.txt') + if os.path.exists(record_path): + for path, _, _ in self.list_installed_files(): + if path == record_path: + continue + if not os.path.exists(path): + mismatches.append((path, 'exists', True, False)) + return mismatches + + def list_installed_files(self): + """ + Iterates over the ``installed-files.txt`` entries and returns a tuple + ``(path, hash, size)`` for each line. + + :returns: a list of (path, hash, size) + """ + + def _md5(path): + f = open(path, 'rb') + try: + content = f.read() + finally: + f.close() + return hashlib.md5(content).hexdigest() + + def _size(path): + return os.stat(path).st_size + + record_path = os.path.join(self.path, 'installed-files.txt') + result = [] + if os.path.exists(record_path): + with codecs.open(record_path, 'r', encoding='utf-8') as f: + for line in f: + line = line.strip() + p = os.path.normpath(os.path.join(self.path, line)) + # "./" is present as a marker between installed files + # and installation metadata files + if not os.path.exists(p): + logger.warning('Non-existent file: %s', p) + if p.endswith(('.pyc', '.pyo')): + continue + #otherwise fall through and fail + if not os.path.isdir(p): + result.append((p, _md5(p), _size(p))) + result.append((record_path, None, None)) + return result + + def list_distinfo_files(self, absolute=False): + """ + Iterates over the ``installed-files.txt`` entries and returns paths for + each line if the path is pointing to a file located in the + ``.egg-info`` directory or one of its subdirectories. + + :parameter absolute: If *absolute* is ``True``, each returned path is + transformed into a local absolute path. Otherwise the + raw value from ``installed-files.txt`` is returned. + :type absolute: boolean + :returns: iterator of paths + """ + record_path = os.path.join(self.path, 'installed-files.txt') + if os.path.exists(record_path): + skip = True + with codecs.open(record_path, 'r', encoding='utf-8') as f: + for line in f: + line = line.strip() + if line == './': + skip = False + continue + if not skip: + p = os.path.normpath(os.path.join(self.path, line)) + if p.startswith(self.path): + if absolute: + yield p + else: + yield line + + def __eq__(self, other): + return (isinstance(other, EggInfoDistribution) and + self.path == other.path) + + # See http://docs.python.org/reference/datamodel#object.__hash__ + __hash__ = object.__hash__ + +new_dist_class = InstalledDistribution +old_dist_class = EggInfoDistribution + + +class DependencyGraph(object): + """ + Represents a dependency graph between distributions. + + The dependency relationships are stored in an ``adjacency_list`` that maps + distributions to a list of ``(other, label)`` tuples where ``other`` + is a distribution and the edge is labeled with ``label`` (i.e. the version + specifier, if such was provided). Also, for more efficient traversal, for + every distribution ``x``, a list of predecessors is kept in + ``reverse_list[x]``. An edge from distribution ``a`` to + distribution ``b`` means that ``a`` depends on ``b``. If any missing + dependencies are found, they are stored in ``missing``, which is a + dictionary that maps distributions to a list of requirements that were not + provided by any other distributions. + """ + + def __init__(self): + self.adjacency_list = {} + self.reverse_list = {} + self.missing = {} + + def add_distribution(self, distribution): + """Add the *distribution* to the graph. + + :type distribution: :class:`distutils2.database.InstalledDistribution` + or :class:`distutils2.database.EggInfoDistribution` + """ + self.adjacency_list[distribution] = [] + self.reverse_list[distribution] = [] + #self.missing[distribution] = [] + + def add_edge(self, x, y, label=None): + """Add an edge from distribution *x* to distribution *y* with the given + *label*. + + :type x: :class:`distutils2.database.InstalledDistribution` or + :class:`distutils2.database.EggInfoDistribution` + :type y: :class:`distutils2.database.InstalledDistribution` or + :class:`distutils2.database.EggInfoDistribution` + :type label: ``str`` or ``None`` + """ + self.adjacency_list[x].append((y, label)) + # multiple edges are allowed, so be careful + if x not in self.reverse_list[y]: + self.reverse_list[y].append(x) + + def add_missing(self, distribution, requirement): + """ + Add a missing *requirement* for the given *distribution*. + + :type distribution: :class:`distutils2.database.InstalledDistribution` + or :class:`distutils2.database.EggInfoDistribution` + :type requirement: ``str`` + """ + logger.debug('%s missing %r', distribution, requirement) + self.missing.setdefault(distribution, []).append(requirement) + + def _repr_dist(self, dist): + return '%s %s' % (dist.name, dist.version) + + def repr_node(self, dist, level=1): + """Prints only a subgraph""" + output = [self._repr_dist(dist)] + for other, label in self.adjacency_list[dist]: + dist = self._repr_dist(other) + if label is not None: + dist = '%s [%s]' % (dist, label) + output.append(' ' * level + str(dist)) + suboutput = self.repr_node(other, level + 1) + subs = suboutput.split('\n') + output.extend(subs[1:]) + return '\n'.join(output) + + def to_dot(self, f, skip_disconnected=True): + """Writes a DOT output for the graph to the provided file *f*. + + If *skip_disconnected* is set to ``True``, then all distributions + that are not dependent on any other distribution are skipped. + + :type f: has to support ``file``-like operations + :type skip_disconnected: ``bool`` + """ + disconnected = [] + + f.write("digraph dependencies {\n") + for dist, adjs in self.adjacency_list.items(): + if len(adjs) == 0 and not skip_disconnected: + disconnected.append(dist) + for other, label in adjs: + if not label is None: + f.write('"%s" -> "%s" [label="%s"]\n' % + (dist.name, other.name, label)) + else: + f.write('"%s" -> "%s"\n' % (dist.name, other.name)) + if not skip_disconnected and len(disconnected) > 0: + f.write('subgraph disconnected {\n') + f.write('label = "Disconnected"\n') + f.write('bgcolor = red\n') + + for dist in disconnected: + f.write('"%s"' % dist.name) + f.write('\n') + f.write('}\n') + f.write('}\n') + + def topological_sort(self): + """ + Perform a topological sort of the graph. + :return: A tuple, the first element of which is a topologically sorted + list of distributions, and the second element of which is a + list of distributions that cannot be sorted because they have + circular dependencies and so form a cycle. + """ + result = [] + # Make a shallow copy of the adjacency list + alist = {} + for k, v in self.adjacency_list.items(): + alist[k] = v[:] + while True: + # See what we can remove in this run + to_remove = [] + for k, v in list(alist.items())[:]: + if not v: + to_remove.append(k) + del alist[k] + if not to_remove: + # What's left in alist (if anything) is a cycle. + break + # Remove from the adjacency list of others + for k, v in alist.items(): + alist[k] = [(d, r) for d, r in v if d not in to_remove] + logger.debug('Moving to result: %s', + ['%s (%s)' % (d.name, d.version) for d in to_remove]) + result.extend(to_remove) + return result, list(alist.keys()) + + def __repr__(self): + """Representation of the graph""" + output = [] + for dist, adjs in self.adjacency_list.items(): + output.append(self.repr_node(dist)) + return '\n'.join(output) + + +def make_graph(dists, scheme='default'): + """Makes a dependency graph from the given distributions. + + :parameter dists: a list of distributions + :type dists: list of :class:`distutils2.database.InstalledDistribution` and + :class:`distutils2.database.EggInfoDistribution` instances + :rtype: a :class:`DependencyGraph` instance + """ + scheme = get_scheme(scheme) + graph = DependencyGraph() + provided = {} # maps names to lists of (version, dist) tuples + + # first, build the graph and find out what's provided + for dist in dists: + graph.add_distribution(dist) + + for p in dist.provides: + name, version = parse_name_and_version(p) + logger.debug('Add to provided: %s, %s, %s', name, version, dist) + provided.setdefault(name, []).append((version, dist)) + + # now make the edges + for dist in dists: + requires = (dist.run_requires | dist.meta_requires | + dist.build_requires | dist.dev_requires) + for req in requires: + try: + matcher = scheme.matcher(req) + except UnsupportedVersionError: + # XXX compat-mode if cannot read the version + logger.warning('could not read version %r - using name only', + req) + name = req.split()[0] + matcher = scheme.matcher(name) + + name = matcher.key # case-insensitive + + matched = False + if name in provided: + for version, provider in provided[name]: + try: + match = matcher.match(version) + except UnsupportedVersionError: + match = False + + if match: + graph.add_edge(dist, provider, req) + matched = True + break + if not matched: + graph.add_missing(dist, req) + return graph + + +def get_dependent_dists(dists, dist): + """Recursively generate a list of distributions from *dists* that are + dependent on *dist*. + + :param dists: a list of distributions + :param dist: a distribution, member of *dists* for which we are interested + """ + if dist not in dists: + raise DistlibException('given distribution %r is not a member ' + 'of the list' % dist.name) + graph = make_graph(dists) + + dep = [dist] # dependent distributions + todo = graph.reverse_list[dist] # list of nodes we should inspect + + while todo: + d = todo.pop() + dep.append(d) + for succ in graph.reverse_list[d]: + if succ not in dep: + todo.append(succ) + + dep.pop(0) # remove dist from dep, was there to prevent infinite loops + return dep + + +def get_required_dists(dists, dist): + """Recursively generate a list of distributions from *dists* that are + required by *dist*. + + :param dists: a list of distributions + :param dist: a distribution, member of *dists* for which we are interested + """ + if dist not in dists: + raise DistlibException('given distribution %r is not a member ' + 'of the list' % dist.name) + graph = make_graph(dists) + + req = [] # required distributions + todo = graph.adjacency_list[dist] # list of nodes we should inspect + + while todo: + d = todo.pop()[0] + req.append(d) + for pred in graph.adjacency_list[d]: + if pred not in req: + todo.append(pred) + + return req + + +def make_dist(name, version, **kwargs): + """ + A convenience method for making a dist given just a name and version. + """ + summary = kwargs.pop('summary', 'Placeholder for summary') + md = Metadata(**kwargs) + md.name = name + md.version = version + md.summary = summary or 'Placeholder for summary' + return Distribution(md) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/index.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/index.py new file mode 100644 index 000000000..b1fbbf8e8 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/index.py @@ -0,0 +1,509 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2013 Vinay Sajip. +# Licensed to the Python Software Foundation under a contributor agreement. +# See LICENSE.txt and CONTRIBUTORS.txt. +# +import hashlib +import logging +import os +import shutil +import subprocess +import tempfile +try: + from threading import Thread +except ImportError: + from dummy_threading import Thread + +from . import DistlibException +from .compat import (HTTPBasicAuthHandler, Request, HTTPPasswordMgr, + urlparse, build_opener, string_types) +from .util import zip_dir, ServerProxy + +logger = logging.getLogger(__name__) + +DEFAULT_INDEX = 'https://pypi.org/pypi' +DEFAULT_REALM = 'pypi' + +class PackageIndex(object): + """ + This class represents a package index compatible with PyPI, the Python + Package Index. + """ + + boundary = b'----------ThIs_Is_tHe_distlib_index_bouNdaRY_$' + + def __init__(self, url=None): + """ + Initialise an instance. + + :param url: The URL of the index. If not specified, the URL for PyPI is + used. + """ + self.url = url or DEFAULT_INDEX + self.read_configuration() + scheme, netloc, path, params, query, frag = urlparse(self.url) + if params or query or frag or scheme not in ('http', 'https'): + raise DistlibException('invalid repository: %s' % self.url) + self.password_handler = None + self.ssl_verifier = None + self.gpg = None + self.gpg_home = None + with open(os.devnull, 'w') as sink: + # Use gpg by default rather than gpg2, as gpg2 insists on + # prompting for passwords + for s in ('gpg', 'gpg2'): + try: + rc = subprocess.check_call([s, '--version'], stdout=sink, + stderr=sink) + if rc == 0: + self.gpg = s + break + except OSError: + pass + + def _get_pypirc_command(self): + """ + Get the distutils command for interacting with PyPI configurations. + :return: the command. + """ + from .util import _get_pypirc_command as cmd + return cmd() + + def read_configuration(self): + """ + Read the PyPI access configuration as supported by distutils. This populates + ``username``, ``password``, ``realm`` and ``url`` attributes from the + configuration. + """ + from .util import _load_pypirc + cfg = _load_pypirc(self) + self.username = cfg.get('username') + self.password = cfg.get('password') + self.realm = cfg.get('realm', 'pypi') + self.url = cfg.get('repository', self.url) + + def save_configuration(self): + """ + Save the PyPI access configuration. You must have set ``username`` and + ``password`` attributes before calling this method. + """ + self.check_credentials() + from .util import _store_pypirc + _store_pypirc(self) + + def check_credentials(self): + """ + Check that ``username`` and ``password`` have been set, and raise an + exception if not. + """ + if self.username is None or self.password is None: + raise DistlibException('username and password must be set') + pm = HTTPPasswordMgr() + _, netloc, _, _, _, _ = urlparse(self.url) + pm.add_password(self.realm, netloc, self.username, self.password) + self.password_handler = HTTPBasicAuthHandler(pm) + + def register(self, metadata): + """ + Register a distribution on PyPI, using the provided metadata. + + :param metadata: A :class:`Metadata` instance defining at least a name + and version number for the distribution to be + registered. + :return: The HTTP response received from PyPI upon submission of the + request. + """ + self.check_credentials() + metadata.validate() + d = metadata.todict() + d[':action'] = 'verify' + request = self.encode_request(d.items(), []) + response = self.send_request(request) + d[':action'] = 'submit' + request = self.encode_request(d.items(), []) + return self.send_request(request) + + def _reader(self, name, stream, outbuf): + """ + Thread runner for reading lines of from a subprocess into a buffer. + + :param name: The logical name of the stream (used for logging only). + :param stream: The stream to read from. This will typically a pipe + connected to the output stream of a subprocess. + :param outbuf: The list to append the read lines to. + """ + while True: + s = stream.readline() + if not s: + break + s = s.decode('utf-8').rstrip() + outbuf.append(s) + logger.debug('%s: %s' % (name, s)) + stream.close() + + def get_sign_command(self, filename, signer, sign_password, + keystore=None): + """ + Return a suitable command for signing a file. + + :param filename: The pathname to the file to be signed. + :param signer: The identifier of the signer of the file. + :param sign_password: The passphrase for the signer's + private key used for signing. + :param keystore: The path to a directory which contains the keys + used in verification. If not specified, the + instance's ``gpg_home`` attribute is used instead. + :return: The signing command as a list suitable to be + passed to :class:`subprocess.Popen`. + """ + cmd = [self.gpg, '--status-fd', '2', '--no-tty'] + if keystore is None: + keystore = self.gpg_home + if keystore: + cmd.extend(['--homedir', keystore]) + if sign_password is not None: + cmd.extend(['--batch', '--passphrase-fd', '0']) + td = tempfile.mkdtemp() + sf = os.path.join(td, os.path.basename(filename) + '.asc') + cmd.extend(['--detach-sign', '--armor', '--local-user', + signer, '--output', sf, filename]) + logger.debug('invoking: %s', ' '.join(cmd)) + return cmd, sf + + def run_command(self, cmd, input_data=None): + """ + Run a command in a child process , passing it any input data specified. + + :param cmd: The command to run. + :param input_data: If specified, this must be a byte string containing + data to be sent to the child process. + :return: A tuple consisting of the subprocess' exit code, a list of + lines read from the subprocess' ``stdout``, and a list of + lines read from the subprocess' ``stderr``. + """ + kwargs = { + 'stdout': subprocess.PIPE, + 'stderr': subprocess.PIPE, + } + if input_data is not None: + kwargs['stdin'] = subprocess.PIPE + stdout = [] + stderr = [] + p = subprocess.Popen(cmd, **kwargs) + # We don't use communicate() here because we may need to + # get clever with interacting with the command + t1 = Thread(target=self._reader, args=('stdout', p.stdout, stdout)) + t1.start() + t2 = Thread(target=self._reader, args=('stderr', p.stderr, stderr)) + t2.start() + if input_data is not None: + p.stdin.write(input_data) + p.stdin.close() + + p.wait() + t1.join() + t2.join() + return p.returncode, stdout, stderr + + def sign_file(self, filename, signer, sign_password, keystore=None): + """ + Sign a file. + + :param filename: The pathname to the file to be signed. + :param signer: The identifier of the signer of the file. + :param sign_password: The passphrase for the signer's + private key used for signing. + :param keystore: The path to a directory which contains the keys + used in signing. If not specified, the instance's + ``gpg_home`` attribute is used instead. + :return: The absolute pathname of the file where the signature is + stored. + """ + cmd, sig_file = self.get_sign_command(filename, signer, sign_password, + keystore) + rc, stdout, stderr = self.run_command(cmd, + sign_password.encode('utf-8')) + if rc != 0: + raise DistlibException('sign command failed with error ' + 'code %s' % rc) + return sig_file + + def upload_file(self, metadata, filename, signer=None, sign_password=None, + filetype='sdist', pyversion='source', keystore=None): + """ + Upload a release file to the index. + + :param metadata: A :class:`Metadata` instance defining at least a name + and version number for the file to be uploaded. + :param filename: The pathname of the file to be uploaded. + :param signer: The identifier of the signer of the file. + :param sign_password: The passphrase for the signer's + private key used for signing. + :param filetype: The type of the file being uploaded. This is the + distutils command which produced that file, e.g. + ``sdist`` or ``bdist_wheel``. + :param pyversion: The version of Python which the release relates + to. For code compatible with any Python, this would + be ``source``, otherwise it would be e.g. ``3.2``. + :param keystore: The path to a directory which contains the keys + used in signing. If not specified, the instance's + ``gpg_home`` attribute is used instead. + :return: The HTTP response received from PyPI upon submission of the + request. + """ + self.check_credentials() + if not os.path.exists(filename): + raise DistlibException('not found: %s' % filename) + metadata.validate() + d = metadata.todict() + sig_file = None + if signer: + if not self.gpg: + logger.warning('no signing program available - not signed') + else: + sig_file = self.sign_file(filename, signer, sign_password, + keystore) + with open(filename, 'rb') as f: + file_data = f.read() + md5_digest = hashlib.md5(file_data).hexdigest() + sha256_digest = hashlib.sha256(file_data).hexdigest() + d.update({ + ':action': 'file_upload', + 'protocol_version': '1', + 'filetype': filetype, + 'pyversion': pyversion, + 'md5_digest': md5_digest, + 'sha256_digest': sha256_digest, + }) + files = [('content', os.path.basename(filename), file_data)] + if sig_file: + with open(sig_file, 'rb') as f: + sig_data = f.read() + files.append(('gpg_signature', os.path.basename(sig_file), + sig_data)) + shutil.rmtree(os.path.dirname(sig_file)) + request = self.encode_request(d.items(), files) + return self.send_request(request) + + def upload_documentation(self, metadata, doc_dir): + """ + Upload documentation to the index. + + :param metadata: A :class:`Metadata` instance defining at least a name + and version number for the documentation to be + uploaded. + :param doc_dir: The pathname of the directory which contains the + documentation. This should be the directory that + contains the ``index.html`` for the documentation. + :return: The HTTP response received from PyPI upon submission of the + request. + """ + self.check_credentials() + if not os.path.isdir(doc_dir): + raise DistlibException('not a directory: %r' % doc_dir) + fn = os.path.join(doc_dir, 'index.html') + if not os.path.exists(fn): + raise DistlibException('not found: %r' % fn) + metadata.validate() + name, version = metadata.name, metadata.version + zip_data = zip_dir(doc_dir).getvalue() + fields = [(':action', 'doc_upload'), + ('name', name), ('version', version)] + files = [('content', name, zip_data)] + request = self.encode_request(fields, files) + return self.send_request(request) + + def get_verify_command(self, signature_filename, data_filename, + keystore=None): + """ + Return a suitable command for verifying a file. + + :param signature_filename: The pathname to the file containing the + signature. + :param data_filename: The pathname to the file containing the + signed data. + :param keystore: The path to a directory which contains the keys + used in verification. If not specified, the + instance's ``gpg_home`` attribute is used instead. + :return: The verifying command as a list suitable to be + passed to :class:`subprocess.Popen`. + """ + cmd = [self.gpg, '--status-fd', '2', '--no-tty'] + if keystore is None: + keystore = self.gpg_home + if keystore: + cmd.extend(['--homedir', keystore]) + cmd.extend(['--verify', signature_filename, data_filename]) + logger.debug('invoking: %s', ' '.join(cmd)) + return cmd + + def verify_signature(self, signature_filename, data_filename, + keystore=None): + """ + Verify a signature for a file. + + :param signature_filename: The pathname to the file containing the + signature. + :param data_filename: The pathname to the file containing the + signed data. + :param keystore: The path to a directory which contains the keys + used in verification. If not specified, the + instance's ``gpg_home`` attribute is used instead. + :return: True if the signature was verified, else False. + """ + if not self.gpg: + raise DistlibException('verification unavailable because gpg ' + 'unavailable') + cmd = self.get_verify_command(signature_filename, data_filename, + keystore) + rc, stdout, stderr = self.run_command(cmd) + if rc not in (0, 1): + raise DistlibException('verify command failed with error ' + 'code %s' % rc) + return rc == 0 + + def download_file(self, url, destfile, digest=None, reporthook=None): + """ + This is a convenience method for downloading a file from an URL. + Normally, this will be a file from the index, though currently + no check is made for this (i.e. a file can be downloaded from + anywhere). + + The method is just like the :func:`urlretrieve` function in the + standard library, except that it allows digest computation to be + done during download and checking that the downloaded data + matched any expected value. + + :param url: The URL of the file to be downloaded (assumed to be + available via an HTTP GET request). + :param destfile: The pathname where the downloaded file is to be + saved. + :param digest: If specified, this must be a (hasher, value) + tuple, where hasher is the algorithm used (e.g. + ``'md5'``) and ``value`` is the expected value. + :param reporthook: The same as for :func:`urlretrieve` in the + standard library. + """ + if digest is None: + digester = None + logger.debug('No digest specified') + else: + if isinstance(digest, (list, tuple)): + hasher, digest = digest + else: + hasher = 'md5' + digester = getattr(hashlib, hasher)() + logger.debug('Digest specified: %s' % digest) + # The following code is equivalent to urlretrieve. + # We need to do it this way so that we can compute the + # digest of the file as we go. + with open(destfile, 'wb') as dfp: + # addinfourl is not a context manager on 2.x + # so we have to use try/finally + sfp = self.send_request(Request(url)) + try: + headers = sfp.info() + blocksize = 8192 + size = -1 + read = 0 + blocknum = 0 + if "content-length" in headers: + size = int(headers["Content-Length"]) + if reporthook: + reporthook(blocknum, blocksize, size) + while True: + block = sfp.read(blocksize) + if not block: + break + read += len(block) + dfp.write(block) + if digester: + digester.update(block) + blocknum += 1 + if reporthook: + reporthook(blocknum, blocksize, size) + finally: + sfp.close() + + # check that we got the whole file, if we can + if size >= 0 and read < size: + raise DistlibException( + 'retrieval incomplete: got only %d out of %d bytes' + % (read, size)) + # if we have a digest, it must match. + if digester: + actual = digester.hexdigest() + if digest != actual: + raise DistlibException('%s digest mismatch for %s: expected ' + '%s, got %s' % (hasher, destfile, + digest, actual)) + logger.debug('Digest verified: %s', digest) + + def send_request(self, req): + """ + Send a standard library :class:`Request` to PyPI and return its + response. + + :param req: The request to send. + :return: The HTTP response from PyPI (a standard library HTTPResponse). + """ + handlers = [] + if self.password_handler: + handlers.append(self.password_handler) + if self.ssl_verifier: + handlers.append(self.ssl_verifier) + opener = build_opener(*handlers) + return opener.open(req) + + def encode_request(self, fields, files): + """ + Encode fields and files for posting to an HTTP server. + + :param fields: The fields to send as a list of (fieldname, value) + tuples. + :param files: The files to send as a list of (fieldname, filename, + file_bytes) tuple. + """ + # Adapted from packaging, which in turn was adapted from + # http://code.activestate.com/recipes/146306 + + parts = [] + boundary = self.boundary + for k, values in fields: + if not isinstance(values, (list, tuple)): + values = [values] + + for v in values: + parts.extend(( + b'--' + boundary, + ('Content-Disposition: form-data; name="%s"' % + k).encode('utf-8'), + b'', + v.encode('utf-8'))) + for key, filename, value in files: + parts.extend(( + b'--' + boundary, + ('Content-Disposition: form-data; name="%s"; filename="%s"' % + (key, filename)).encode('utf-8'), + b'', + value)) + + parts.extend((b'--' + boundary + b'--', b'')) + + body = b'\r\n'.join(parts) + ct = b'multipart/form-data; boundary=' + boundary + headers = { + 'Content-type': ct, + 'Content-length': str(len(body)) + } + return Request(self.url, body, headers) + + def search(self, terms, operator=None): + if isinstance(terms, string_types): + terms = {'name': terms} + rpc_proxy = ServerProxy(self.url, timeout=3.0) + try: + return rpc_proxy.search(terms, operator or 'and') + finally: + rpc_proxy('close')() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/locators.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/locators.py new file mode 100644 index 000000000..0c7d63914 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/locators.py @@ -0,0 +1,1300 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2012-2015 Vinay Sajip. +# Licensed to the Python Software Foundation under a contributor agreement. +# See LICENSE.txt and CONTRIBUTORS.txt. +# + +import gzip +from io import BytesIO +import json +import logging +import os +import posixpath +import re +try: + import threading +except ImportError: # pragma: no cover + import dummy_threading as threading +import zlib + +from . import DistlibException +from .compat import (urljoin, urlparse, urlunparse, url2pathname, pathname2url, + queue, quote, unescape, build_opener, + HTTPRedirectHandler as BaseRedirectHandler, text_type, + Request, HTTPError, URLError) +from .database import Distribution, DistributionPath, make_dist +from .metadata import Metadata, MetadataInvalidError +from .util import (cached_property, ensure_slash, split_filename, get_project_data, + parse_requirement, parse_name_and_version, ServerProxy, + normalize_name) +from .version import get_scheme, UnsupportedVersionError +from .wheel import Wheel, is_compatible + +logger = logging.getLogger(__name__) + +HASHER_HASH = re.compile(r'^(\w+)=([a-f0-9]+)') +CHARSET = re.compile(r';\s*charset\s*=\s*(.*)\s*$', re.I) +HTML_CONTENT_TYPE = re.compile('text/html|application/x(ht)?ml') +DEFAULT_INDEX = 'https://pypi.org/pypi' + +def get_all_distribution_names(url=None): + """ + Return all distribution names known by an index. + :param url: The URL of the index. + :return: A list of all known distribution names. + """ + if url is None: + url = DEFAULT_INDEX + client = ServerProxy(url, timeout=3.0) + try: + return client.list_packages() + finally: + client('close')() + +class RedirectHandler(BaseRedirectHandler): + """ + A class to work around a bug in some Python 3.2.x releases. + """ + # There's a bug in the base version for some 3.2.x + # (e.g. 3.2.2 on Ubuntu Oneiric). If a Location header + # returns e.g. /abc, it bails because it says the scheme '' + # is bogus, when actually it should use the request's + # URL for the scheme. See Python issue #13696. + def http_error_302(self, req, fp, code, msg, headers): + # Some servers (incorrectly) return multiple Location headers + # (so probably same goes for URI). Use first header. + newurl = None + for key in ('location', 'uri'): + if key in headers: + newurl = headers[key] + break + if newurl is None: # pragma: no cover + return + urlparts = urlparse(newurl) + if urlparts.scheme == '': + newurl = urljoin(req.get_full_url(), newurl) + if hasattr(headers, 'replace_header'): + headers.replace_header(key, newurl) + else: + headers[key] = newurl + return BaseRedirectHandler.http_error_302(self, req, fp, code, msg, + headers) + + http_error_301 = http_error_303 = http_error_307 = http_error_302 + +class Locator(object): + """ + A base class for locators - things that locate distributions. + """ + source_extensions = ('.tar.gz', '.tar.bz2', '.tar', '.zip', '.tgz', '.tbz') + binary_extensions = ('.egg', '.exe', '.whl') + excluded_extensions = ('.pdf',) + + # A list of tags indicating which wheels you want to match. The default + # value of None matches against the tags compatible with the running + # Python. If you want to match other values, set wheel_tags on a locator + # instance to a list of tuples (pyver, abi, arch) which you want to match. + wheel_tags = None + + downloadable_extensions = source_extensions + ('.whl',) + + def __init__(self, scheme='default'): + """ + Initialise an instance. + :param scheme: Because locators look for most recent versions, they + need to know the version scheme to use. This specifies + the current PEP-recommended scheme - use ``'legacy'`` + if you need to support existing distributions on PyPI. + """ + self._cache = {} + self.scheme = scheme + # Because of bugs in some of the handlers on some of the platforms, + # we use our own opener rather than just using urlopen. + self.opener = build_opener(RedirectHandler()) + # If get_project() is called from locate(), the matcher instance + # is set from the requirement passed to locate(). See issue #18 for + # why this can be useful to know. + self.matcher = None + self.errors = queue.Queue() + + def get_errors(self): + """ + Return any errors which have occurred. + """ + result = [] + while not self.errors.empty(): # pragma: no cover + try: + e = self.errors.get(False) + result.append(e) + except self.errors.Empty: + continue + self.errors.task_done() + return result + + def clear_errors(self): + """ + Clear any errors which may have been logged. + """ + # Just get the errors and throw them away + self.get_errors() + + def clear_cache(self): + self._cache.clear() + + def _get_scheme(self): + return self._scheme + + def _set_scheme(self, value): + self._scheme = value + + scheme = property(_get_scheme, _set_scheme) + + def _get_project(self, name): + """ + For a given project, get a dictionary mapping available versions to Distribution + instances. + + This should be implemented in subclasses. + + If called from a locate() request, self.matcher will be set to a + matcher for the requirement to satisfy, otherwise it will be None. + """ + raise NotImplementedError('Please implement in the subclass') + + def get_distribution_names(self): + """ + Return all the distribution names known to this locator. + """ + raise NotImplementedError('Please implement in the subclass') + + def get_project(self, name): + """ + For a given project, get a dictionary mapping available versions to Distribution + instances. + + This calls _get_project to do all the work, and just implements a caching layer on top. + """ + if self._cache is None: # pragma: no cover + result = self._get_project(name) + elif name in self._cache: + result = self._cache[name] + else: + self.clear_errors() + result = self._get_project(name) + self._cache[name] = result + return result + + def score_url(self, url): + """ + Give an url a score which can be used to choose preferred URLs + for a given project release. + """ + t = urlparse(url) + basename = posixpath.basename(t.path) + compatible = True + is_wheel = basename.endswith('.whl') + is_downloadable = basename.endswith(self.downloadable_extensions) + if is_wheel: + compatible = is_compatible(Wheel(basename), self.wheel_tags) + return (t.scheme == 'https', 'pypi.org' in t.netloc, + is_downloadable, is_wheel, compatible, basename) + + def prefer_url(self, url1, url2): + """ + Choose one of two URLs where both are candidates for distribution + archives for the same version of a distribution (for example, + .tar.gz vs. zip). + + The current implementation favours https:// URLs over http://, archives + from PyPI over those from other locations, wheel compatibility (if a + wheel) and then the archive name. + """ + result = url2 + if url1: + s1 = self.score_url(url1) + s2 = self.score_url(url2) + if s1 > s2: + result = url1 + if result != url2: + logger.debug('Not replacing %r with %r', url1, url2) + else: + logger.debug('Replacing %r with %r', url1, url2) + return result + + def split_filename(self, filename, project_name): + """ + Attempt to split a filename in project name, version and Python version. + """ + return split_filename(filename, project_name) + + def convert_url_to_download_info(self, url, project_name): + """ + See if a URL is a candidate for a download URL for a project (the URL + has typically been scraped from an HTML page). + + If it is, a dictionary is returned with keys "name", "version", + "filename" and "url"; otherwise, None is returned. + """ + def same_project(name1, name2): + return normalize_name(name1) == normalize_name(name2) + + result = None + scheme, netloc, path, params, query, frag = urlparse(url) + if frag.lower().startswith('egg='): # pragma: no cover + logger.debug('%s: version hint in fragment: %r', + project_name, frag) + m = HASHER_HASH.match(frag) + if m: + algo, digest = m.groups() + else: + algo, digest = None, None + origpath = path + if path and path[-1] == '/': # pragma: no cover + path = path[:-1] + if path.endswith('.whl'): + try: + wheel = Wheel(path) + if not is_compatible(wheel, self.wheel_tags): + logger.debug('Wheel not compatible: %s', path) + else: + if project_name is None: + include = True + else: + include = same_project(wheel.name, project_name) + if include: + result = { + 'name': wheel.name, + 'version': wheel.version, + 'filename': wheel.filename, + 'url': urlunparse((scheme, netloc, origpath, + params, query, '')), + 'python-version': ', '.join( + ['.'.join(list(v[2:])) for v in wheel.pyver]), + } + except Exception as e: # pragma: no cover + logger.warning('invalid path for wheel: %s', path) + elif not path.endswith(self.downloadable_extensions): # pragma: no cover + logger.debug('Not downloadable: %s', path) + else: # downloadable extension + path = filename = posixpath.basename(path) + for ext in self.downloadable_extensions: + if path.endswith(ext): + path = path[:-len(ext)] + t = self.split_filename(path, project_name) + if not t: # pragma: no cover + logger.debug('No match for project/version: %s', path) + else: + name, version, pyver = t + if not project_name or same_project(project_name, name): + result = { + 'name': name, + 'version': version, + 'filename': filename, + 'url': urlunparse((scheme, netloc, origpath, + params, query, '')), + #'packagetype': 'sdist', + } + if pyver: # pragma: no cover + result['python-version'] = pyver + break + if result and algo: + result['%s_digest' % algo] = digest + return result + + def _get_digest(self, info): + """ + Get a digest from a dictionary by looking at a "digests" dictionary + or keys of the form 'algo_digest'. + + Returns a 2-tuple (algo, digest) if found, else None. Currently + looks only for SHA256, then MD5. + """ + result = None + if 'digests' in info: + digests = info['digests'] + for algo in ('sha256', 'md5'): + if algo in digests: + result = (algo, digests[algo]) + break + if not result: + for algo in ('sha256', 'md5'): + key = '%s_digest' % algo + if key in info: + result = (algo, info[key]) + break + return result + + def _update_version_data(self, result, info): + """ + Update a result dictionary (the final result from _get_project) with a + dictionary for a specific version, which typically holds information + gleaned from a filename or URL for an archive for the distribution. + """ + name = info.pop('name') + version = info.pop('version') + if version in result: + dist = result[version] + md = dist.metadata + else: + dist = make_dist(name, version, scheme=self.scheme) + md = dist.metadata + dist.digest = digest = self._get_digest(info) + url = info['url'] + result['digests'][url] = digest + if md.source_url != info['url']: + md.source_url = self.prefer_url(md.source_url, url) + result['urls'].setdefault(version, set()).add(url) + dist.locator = self + result[version] = dist + + def locate(self, requirement, prereleases=False): + """ + Find the most recent distribution which matches the given + requirement. + + :param requirement: A requirement of the form 'foo (1.0)' or perhaps + 'foo (>= 1.0, < 2.0, != 1.3)' + :param prereleases: If ``True``, allow pre-release versions + to be located. Otherwise, pre-release versions + are not returned. + :return: A :class:`Distribution` instance, or ``None`` if no such + distribution could be located. + """ + result = None + r = parse_requirement(requirement) + if r is None: # pragma: no cover + raise DistlibException('Not a valid requirement: %r' % requirement) + scheme = get_scheme(self.scheme) + self.matcher = matcher = scheme.matcher(r.requirement) + logger.debug('matcher: %s (%s)', matcher, type(matcher).__name__) + versions = self.get_project(r.name) + if len(versions) > 2: # urls and digests keys are present + # sometimes, versions are invalid + slist = [] + vcls = matcher.version_class + for k in versions: + if k in ('urls', 'digests'): + continue + try: + if not matcher.match(k): + pass # logger.debug('%s did not match %r', matcher, k) + else: + if prereleases or not vcls(k).is_prerelease: + slist.append(k) + # else: + # logger.debug('skipping pre-release ' + # 'version %s of %s', k, matcher.name) + except Exception: # pragma: no cover + logger.warning('error matching %s with %r', matcher, k) + pass # slist.append(k) + if len(slist) > 1: + slist = sorted(slist, key=scheme.key) + if slist: + logger.debug('sorted list: %s', slist) + version = slist[-1] + result = versions[version] + if result: + if r.extras: + result.extras = r.extras + result.download_urls = versions.get('urls', {}).get(version, set()) + d = {} + sd = versions.get('digests', {}) + for url in result.download_urls: + if url in sd: # pragma: no cover + d[url] = sd[url] + result.digests = d + self.matcher = None + return result + + +class PyPIRPCLocator(Locator): + """ + This locator uses XML-RPC to locate distributions. It therefore + cannot be used with simple mirrors (that only mirror file content). + """ + def __init__(self, url, **kwargs): + """ + Initialise an instance. + + :param url: The URL to use for XML-RPC. + :param kwargs: Passed to the superclass constructor. + """ + super(PyPIRPCLocator, self).__init__(**kwargs) + self.base_url = url + self.client = ServerProxy(url, timeout=3.0) + + def get_distribution_names(self): + """ + Return all the distribution names known to this locator. + """ + return set(self.client.list_packages()) + + def _get_project(self, name): + result = {'urls': {}, 'digests': {}} + versions = self.client.package_releases(name, True) + for v in versions: + urls = self.client.release_urls(name, v) + data = self.client.release_data(name, v) + metadata = Metadata(scheme=self.scheme) + metadata.name = data['name'] + metadata.version = data['version'] + metadata.license = data.get('license') + metadata.keywords = data.get('keywords', []) + metadata.summary = data.get('summary') + dist = Distribution(metadata) + if urls: + info = urls[0] + metadata.source_url = info['url'] + dist.digest = self._get_digest(info) + dist.locator = self + result[v] = dist + for info in urls: + url = info['url'] + digest = self._get_digest(info) + result['urls'].setdefault(v, set()).add(url) + result['digests'][url] = digest + return result + +class PyPIJSONLocator(Locator): + """ + This locator uses PyPI's JSON interface. It's very limited in functionality + and probably not worth using. + """ + def __init__(self, url, **kwargs): + super(PyPIJSONLocator, self).__init__(**kwargs) + self.base_url = ensure_slash(url) + + def get_distribution_names(self): + """ + Return all the distribution names known to this locator. + """ + raise NotImplementedError('Not available from this locator') + + def _get_project(self, name): + result = {'urls': {}, 'digests': {}} + url = urljoin(self.base_url, '%s/json' % quote(name)) + try: + resp = self.opener.open(url) + data = resp.read().decode() # for now + d = json.loads(data) + md = Metadata(scheme=self.scheme) + data = d['info'] + md.name = data['name'] + md.version = data['version'] + md.license = data.get('license') + md.keywords = data.get('keywords', []) + md.summary = data.get('summary') + dist = Distribution(md) + dist.locator = self + urls = d['urls'] + result[md.version] = dist + for info in d['urls']: + url = info['url'] + dist.download_urls.add(url) + dist.digests[url] = self._get_digest(info) + result['urls'].setdefault(md.version, set()).add(url) + result['digests'][url] = self._get_digest(info) + # Now get other releases + for version, infos in d['releases'].items(): + if version == md.version: + continue # already done + omd = Metadata(scheme=self.scheme) + omd.name = md.name + omd.version = version + odist = Distribution(omd) + odist.locator = self + result[version] = odist + for info in infos: + url = info['url'] + odist.download_urls.add(url) + odist.digests[url] = self._get_digest(info) + result['urls'].setdefault(version, set()).add(url) + result['digests'][url] = self._get_digest(info) +# for info in urls: +# md.source_url = info['url'] +# dist.digest = self._get_digest(info) +# dist.locator = self +# for info in urls: +# url = info['url'] +# result['urls'].setdefault(md.version, set()).add(url) +# result['digests'][url] = self._get_digest(info) + except Exception as e: + self.errors.put(text_type(e)) + logger.exception('JSON fetch failed: %s', e) + return result + + +class Page(object): + """ + This class represents a scraped HTML page. + """ + # The following slightly hairy-looking regex just looks for the contents of + # an anchor link, which has an attribute "href" either immediately preceded + # or immediately followed by a "rel" attribute. The attribute values can be + # declared with double quotes, single quotes or no quotes - which leads to + # the length of the expression. + _href = re.compile(""" +(rel\\s*=\\s*(?:"(?P[^"]*)"|'(?P[^']*)'|(?P[^>\\s\n]*))\\s+)? +href\\s*=\\s*(?:"(?P[^"]*)"|'(?P[^']*)'|(?P[^>\\s\n]*)) +(\\s+rel\\s*=\\s*(?:"(?P[^"]*)"|'(?P[^']*)'|(?P[^>\\s\n]*)))? +""", re.I | re.S | re.X) + _base = re.compile(r"""]+)""", re.I | re.S) + + def __init__(self, data, url): + """ + Initialise an instance with the Unicode page contents and the URL they + came from. + """ + self.data = data + self.base_url = self.url = url + m = self._base.search(self.data) + if m: + self.base_url = m.group(1) + + _clean_re = re.compile(r'[^a-z0-9$&+,/:;=?@.#%_\\|-]', re.I) + + @cached_property + def links(self): + """ + Return the URLs of all the links on a page together with information + about their "rel" attribute, for determining which ones to treat as + downloads and which ones to queue for further scraping. + """ + def clean(url): + "Tidy up an URL." + scheme, netloc, path, params, query, frag = urlparse(url) + return urlunparse((scheme, netloc, quote(path), + params, query, frag)) + + result = set() + for match in self._href.finditer(self.data): + d = match.groupdict('') + rel = (d['rel1'] or d['rel2'] or d['rel3'] or + d['rel4'] or d['rel5'] or d['rel6']) + url = d['url1'] or d['url2'] or d['url3'] + url = urljoin(self.base_url, url) + url = unescape(url) + url = self._clean_re.sub(lambda m: '%%%2x' % ord(m.group(0)), url) + result.add((url, rel)) + # We sort the result, hoping to bring the most recent versions + # to the front + result = sorted(result, key=lambda t: t[0], reverse=True) + return result + + +class SimpleScrapingLocator(Locator): + """ + A locator which scrapes HTML pages to locate downloads for a distribution. + This runs multiple threads to do the I/O; performance is at least as good + as pip's PackageFinder, which works in an analogous fashion. + """ + + # These are used to deal with various Content-Encoding schemes. + decoders = { + 'deflate': zlib.decompress, + 'gzip': lambda b: gzip.GzipFile(fileobj=BytesIO(b)).read(), + 'none': lambda b: b, + } + + def __init__(self, url, timeout=None, num_workers=10, **kwargs): + """ + Initialise an instance. + :param url: The root URL to use for scraping. + :param timeout: The timeout, in seconds, to be applied to requests. + This defaults to ``None`` (no timeout specified). + :param num_workers: The number of worker threads you want to do I/O, + This defaults to 10. + :param kwargs: Passed to the superclass. + """ + super(SimpleScrapingLocator, self).__init__(**kwargs) + self.base_url = ensure_slash(url) + self.timeout = timeout + self._page_cache = {} + self._seen = set() + self._to_fetch = queue.Queue() + self._bad_hosts = set() + self.skip_externals = False + self.num_workers = num_workers + self._lock = threading.RLock() + # See issue #45: we need to be resilient when the locator is used + # in a thread, e.g. with concurrent.futures. We can't use self._lock + # as it is for coordinating our internal threads - the ones created + # in _prepare_threads. + self._gplock = threading.RLock() + self.platform_check = False # See issue #112 + + def _prepare_threads(self): + """ + Threads are created only when get_project is called, and terminate + before it returns. They are there primarily to parallelise I/O (i.e. + fetching web pages). + """ + self._threads = [] + for i in range(self.num_workers): + t = threading.Thread(target=self._fetch) + t.setDaemon(True) + t.start() + self._threads.append(t) + + def _wait_threads(self): + """ + Tell all the threads to terminate (by sending a sentinel value) and + wait for them to do so. + """ + # Note that you need two loops, since you can't say which + # thread will get each sentinel + for t in self._threads: + self._to_fetch.put(None) # sentinel + for t in self._threads: + t.join() + self._threads = [] + + def _get_project(self, name): + result = {'urls': {}, 'digests': {}} + with self._gplock: + self.result = result + self.project_name = name + url = urljoin(self.base_url, '%s/' % quote(name)) + self._seen.clear() + self._page_cache.clear() + self._prepare_threads() + try: + logger.debug('Queueing %s', url) + self._to_fetch.put(url) + self._to_fetch.join() + finally: + self._wait_threads() + del self.result + return result + + platform_dependent = re.compile(r'\b(linux_(i\d86|x86_64|arm\w+)|' + r'win(32|_amd64)|macosx_?\d+)\b', re.I) + + def _is_platform_dependent(self, url): + """ + Does an URL refer to a platform-specific download? + """ + return self.platform_dependent.search(url) + + def _process_download(self, url): + """ + See if an URL is a suitable download for a project. + + If it is, register information in the result dictionary (for + _get_project) about the specific version it's for. + + Note that the return value isn't actually used other than as a boolean + value. + """ + if self.platform_check and self._is_platform_dependent(url): + info = None + else: + info = self.convert_url_to_download_info(url, self.project_name) + logger.debug('process_download: %s -> %s', url, info) + if info: + with self._lock: # needed because self.result is shared + self._update_version_data(self.result, info) + return info + + def _should_queue(self, link, referrer, rel): + """ + Determine whether a link URL from a referring page and with a + particular "rel" attribute should be queued for scraping. + """ + scheme, netloc, path, _, _, _ = urlparse(link) + if path.endswith(self.source_extensions + self.binary_extensions + + self.excluded_extensions): + result = False + elif self.skip_externals and not link.startswith(self.base_url): + result = False + elif not referrer.startswith(self.base_url): + result = False + elif rel not in ('homepage', 'download'): + result = False + elif scheme not in ('http', 'https', 'ftp'): + result = False + elif self._is_platform_dependent(link): + result = False + else: + host = netloc.split(':', 1)[0] + if host.lower() == 'localhost': + result = False + else: + result = True + logger.debug('should_queue: %s (%s) from %s -> %s', link, rel, + referrer, result) + return result + + def _fetch(self): + """ + Get a URL to fetch from the work queue, get the HTML page, examine its + links for download candidates and candidates for further scraping. + + This is a handy method to run in a thread. + """ + while True: + url = self._to_fetch.get() + try: + if url: + page = self.get_page(url) + if page is None: # e.g. after an error + continue + for link, rel in page.links: + if link not in self._seen: + try: + self._seen.add(link) + if (not self._process_download(link) and + self._should_queue(link, url, rel)): + logger.debug('Queueing %s from %s', link, url) + self._to_fetch.put(link) + except MetadataInvalidError: # e.g. invalid versions + pass + except Exception as e: # pragma: no cover + self.errors.put(text_type(e)) + finally: + # always do this, to avoid hangs :-) + self._to_fetch.task_done() + if not url: + #logger.debug('Sentinel seen, quitting.') + break + + def get_page(self, url): + """ + Get the HTML for an URL, possibly from an in-memory cache. + + XXX TODO Note: this cache is never actually cleared. It's assumed that + the data won't get stale over the lifetime of a locator instance (not + necessarily true for the default_locator). + """ + # http://peak.telecommunity.com/DevCenter/EasyInstall#package-index-api + scheme, netloc, path, _, _, _ = urlparse(url) + if scheme == 'file' and os.path.isdir(url2pathname(path)): + url = urljoin(ensure_slash(url), 'index.html') + + if url in self._page_cache: + result = self._page_cache[url] + logger.debug('Returning %s from cache: %s', url, result) + else: + host = netloc.split(':', 1)[0] + result = None + if host in self._bad_hosts: + logger.debug('Skipping %s due to bad host %s', url, host) + else: + req = Request(url, headers={'Accept-encoding': 'identity'}) + try: + logger.debug('Fetching %s', url) + resp = self.opener.open(req, timeout=self.timeout) + logger.debug('Fetched %s', url) + headers = resp.info() + content_type = headers.get('Content-Type', '') + if HTML_CONTENT_TYPE.match(content_type): + final_url = resp.geturl() + data = resp.read() + encoding = headers.get('Content-Encoding') + if encoding: + decoder = self.decoders[encoding] # fail if not found + data = decoder(data) + encoding = 'utf-8' + m = CHARSET.search(content_type) + if m: + encoding = m.group(1) + try: + data = data.decode(encoding) + except UnicodeError: # pragma: no cover + data = data.decode('latin-1') # fallback + result = Page(data, final_url) + self._page_cache[final_url] = result + except HTTPError as e: + if e.code != 404: + logger.exception('Fetch failed: %s: %s', url, e) + except URLError as e: # pragma: no cover + logger.exception('Fetch failed: %s: %s', url, e) + with self._lock: + self._bad_hosts.add(host) + except Exception as e: # pragma: no cover + logger.exception('Fetch failed: %s: %s', url, e) + finally: + self._page_cache[url] = result # even if None (failure) + return result + + _distname_re = re.compile(']*>([^<]+)<') + + def get_distribution_names(self): + """ + Return all the distribution names known to this locator. + """ + result = set() + page = self.get_page(self.base_url) + if not page: + raise DistlibException('Unable to get %s' % self.base_url) + for match in self._distname_re.finditer(page.data): + result.add(match.group(1)) + return result + +class DirectoryLocator(Locator): + """ + This class locates distributions in a directory tree. + """ + + def __init__(self, path, **kwargs): + """ + Initialise an instance. + :param path: The root of the directory tree to search. + :param kwargs: Passed to the superclass constructor, + except for: + * recursive - if True (the default), subdirectories are + recursed into. If False, only the top-level directory + is searched, + """ + self.recursive = kwargs.pop('recursive', True) + super(DirectoryLocator, self).__init__(**kwargs) + path = os.path.abspath(path) + if not os.path.isdir(path): # pragma: no cover + raise DistlibException('Not a directory: %r' % path) + self.base_dir = path + + def should_include(self, filename, parent): + """ + Should a filename be considered as a candidate for a distribution + archive? As well as the filename, the directory which contains it + is provided, though not used by the current implementation. + """ + return filename.endswith(self.downloadable_extensions) + + def _get_project(self, name): + result = {'urls': {}, 'digests': {}} + for root, dirs, files in os.walk(self.base_dir): + for fn in files: + if self.should_include(fn, root): + fn = os.path.join(root, fn) + url = urlunparse(('file', '', + pathname2url(os.path.abspath(fn)), + '', '', '')) + info = self.convert_url_to_download_info(url, name) + if info: + self._update_version_data(result, info) + if not self.recursive: + break + return result + + def get_distribution_names(self): + """ + Return all the distribution names known to this locator. + """ + result = set() + for root, dirs, files in os.walk(self.base_dir): + for fn in files: + if self.should_include(fn, root): + fn = os.path.join(root, fn) + url = urlunparse(('file', '', + pathname2url(os.path.abspath(fn)), + '', '', '')) + info = self.convert_url_to_download_info(url, None) + if info: + result.add(info['name']) + if not self.recursive: + break + return result + +class JSONLocator(Locator): + """ + This locator uses special extended metadata (not available on PyPI) and is + the basis of performant dependency resolution in distlib. Other locators + require archive downloads before dependencies can be determined! As you + might imagine, that can be slow. + """ + def get_distribution_names(self): + """ + Return all the distribution names known to this locator. + """ + raise NotImplementedError('Not available from this locator') + + def _get_project(self, name): + result = {'urls': {}, 'digests': {}} + data = get_project_data(name) + if data: + for info in data.get('files', []): + if info['ptype'] != 'sdist' or info['pyversion'] != 'source': + continue + # We don't store summary in project metadata as it makes + # the data bigger for no benefit during dependency + # resolution + dist = make_dist(data['name'], info['version'], + summary=data.get('summary', + 'Placeholder for summary'), + scheme=self.scheme) + md = dist.metadata + md.source_url = info['url'] + # TODO SHA256 digest + if 'digest' in info and info['digest']: + dist.digest = ('md5', info['digest']) + md.dependencies = info.get('requirements', {}) + dist.exports = info.get('exports', {}) + result[dist.version] = dist + result['urls'].setdefault(dist.version, set()).add(info['url']) + return result + +class DistPathLocator(Locator): + """ + This locator finds installed distributions in a path. It can be useful for + adding to an :class:`AggregatingLocator`. + """ + def __init__(self, distpath, **kwargs): + """ + Initialise an instance. + + :param distpath: A :class:`DistributionPath` instance to search. + """ + super(DistPathLocator, self).__init__(**kwargs) + assert isinstance(distpath, DistributionPath) + self.distpath = distpath + + def _get_project(self, name): + dist = self.distpath.get_distribution(name) + if dist is None: + result = {'urls': {}, 'digests': {}} + else: + result = { + dist.version: dist, + 'urls': {dist.version: set([dist.source_url])}, + 'digests': {dist.version: set([None])} + } + return result + + +class AggregatingLocator(Locator): + """ + This class allows you to chain and/or merge a list of locators. + """ + def __init__(self, *locators, **kwargs): + """ + Initialise an instance. + + :param locators: The list of locators to search. + :param kwargs: Passed to the superclass constructor, + except for: + * merge - if False (the default), the first successful + search from any of the locators is returned. If True, + the results from all locators are merged (this can be + slow). + """ + self.merge = kwargs.pop('merge', False) + self.locators = locators + super(AggregatingLocator, self).__init__(**kwargs) + + def clear_cache(self): + super(AggregatingLocator, self).clear_cache() + for locator in self.locators: + locator.clear_cache() + + def _set_scheme(self, value): + self._scheme = value + for locator in self.locators: + locator.scheme = value + + scheme = property(Locator.scheme.fget, _set_scheme) + + def _get_project(self, name): + result = {} + for locator in self.locators: + d = locator.get_project(name) + if d: + if self.merge: + files = result.get('urls', {}) + digests = result.get('digests', {}) + # next line could overwrite result['urls'], result['digests'] + result.update(d) + df = result.get('urls') + if files and df: + for k, v in files.items(): + if k in df: + df[k] |= v + else: + df[k] = v + dd = result.get('digests') + if digests and dd: + dd.update(digests) + else: + # See issue #18. If any dists are found and we're looking + # for specific constraints, we only return something if + # a match is found. For example, if a DirectoryLocator + # returns just foo (1.0) while we're looking for + # foo (>= 2.0), we'll pretend there was nothing there so + # that subsequent locators can be queried. Otherwise we + # would just return foo (1.0) which would then lead to a + # failure to find foo (>= 2.0), because other locators + # weren't searched. Note that this only matters when + # merge=False. + if self.matcher is None: + found = True + else: + found = False + for k in d: + if self.matcher.match(k): + found = True + break + if found: + result = d + break + return result + + def get_distribution_names(self): + """ + Return all the distribution names known to this locator. + """ + result = set() + for locator in self.locators: + try: + result |= locator.get_distribution_names() + except NotImplementedError: + pass + return result + + +# We use a legacy scheme simply because most of the dists on PyPI use legacy +# versions which don't conform to PEP 426 / PEP 440. +default_locator = AggregatingLocator( + JSONLocator(), + SimpleScrapingLocator('https://pypi.org/simple/', + timeout=3.0), + scheme='legacy') + +locate = default_locator.locate + + +class DependencyFinder(object): + """ + Locate dependencies for distributions. + """ + + def __init__(self, locator=None): + """ + Initialise an instance, using the specified locator + to locate distributions. + """ + self.locator = locator or default_locator + self.scheme = get_scheme(self.locator.scheme) + + def add_distribution(self, dist): + """ + Add a distribution to the finder. This will update internal information + about who provides what. + :param dist: The distribution to add. + """ + logger.debug('adding distribution %s', dist) + name = dist.key + self.dists_by_name[name] = dist + self.dists[(name, dist.version)] = dist + for p in dist.provides: + name, version = parse_name_and_version(p) + logger.debug('Add to provided: %s, %s, %s', name, version, dist) + self.provided.setdefault(name, set()).add((version, dist)) + + def remove_distribution(self, dist): + """ + Remove a distribution from the finder. This will update internal + information about who provides what. + :param dist: The distribution to remove. + """ + logger.debug('removing distribution %s', dist) + name = dist.key + del self.dists_by_name[name] + del self.dists[(name, dist.version)] + for p in dist.provides: + name, version = parse_name_and_version(p) + logger.debug('Remove from provided: %s, %s, %s', name, version, dist) + s = self.provided[name] + s.remove((version, dist)) + if not s: + del self.provided[name] + + def get_matcher(self, reqt): + """ + Get a version matcher for a requirement. + :param reqt: The requirement + :type reqt: str + :return: A version matcher (an instance of + :class:`distlib.version.Matcher`). + """ + try: + matcher = self.scheme.matcher(reqt) + except UnsupportedVersionError: # pragma: no cover + # XXX compat-mode if cannot read the version + name = reqt.split()[0] + matcher = self.scheme.matcher(name) + return matcher + + def find_providers(self, reqt): + """ + Find the distributions which can fulfill a requirement. + + :param reqt: The requirement. + :type reqt: str + :return: A set of distribution which can fulfill the requirement. + """ + matcher = self.get_matcher(reqt) + name = matcher.key # case-insensitive + result = set() + provided = self.provided + if name in provided: + for version, provider in provided[name]: + try: + match = matcher.match(version) + except UnsupportedVersionError: + match = False + + if match: + result.add(provider) + break + return result + + def try_to_replace(self, provider, other, problems): + """ + Attempt to replace one provider with another. This is typically used + when resolving dependencies from multiple sources, e.g. A requires + (B >= 1.0) while C requires (B >= 1.1). + + For successful replacement, ``provider`` must meet all the requirements + which ``other`` fulfills. + + :param provider: The provider we are trying to replace with. + :param other: The provider we're trying to replace. + :param problems: If False is returned, this will contain what + problems prevented replacement. This is currently + a tuple of the literal string 'cantreplace', + ``provider``, ``other`` and the set of requirements + that ``provider`` couldn't fulfill. + :return: True if we can replace ``other`` with ``provider``, else + False. + """ + rlist = self.reqts[other] + unmatched = set() + for s in rlist: + matcher = self.get_matcher(s) + if not matcher.match(provider.version): + unmatched.add(s) + if unmatched: + # can't replace other with provider + problems.add(('cantreplace', provider, other, + frozenset(unmatched))) + result = False + else: + # can replace other with provider + self.remove_distribution(other) + del self.reqts[other] + for s in rlist: + self.reqts.setdefault(provider, set()).add(s) + self.add_distribution(provider) + result = True + return result + + def find(self, requirement, meta_extras=None, prereleases=False): + """ + Find a distribution and all distributions it depends on. + + :param requirement: The requirement specifying the distribution to + find, or a Distribution instance. + :param meta_extras: A list of meta extras such as :test:, :build: and + so on. + :param prereleases: If ``True``, allow pre-release versions to be + returned - otherwise, don't return prereleases + unless they're all that's available. + + Return a set of :class:`Distribution` instances and a set of + problems. + + The distributions returned should be such that they have the + :attr:`required` attribute set to ``True`` if they were + from the ``requirement`` passed to ``find()``, and they have the + :attr:`build_time_dependency` attribute set to ``True`` unless they + are post-installation dependencies of the ``requirement``. + + The problems should be a tuple consisting of the string + ``'unsatisfied'`` and the requirement which couldn't be satisfied + by any distribution known to the locator. + """ + + self.provided = {} + self.dists = {} + self.dists_by_name = {} + self.reqts = {} + + meta_extras = set(meta_extras or []) + if ':*:' in meta_extras: + meta_extras.remove(':*:') + # :meta: and :run: are implicitly included + meta_extras |= set([':test:', ':build:', ':dev:']) + + if isinstance(requirement, Distribution): + dist = odist = requirement + logger.debug('passed %s as requirement', odist) + else: + dist = odist = self.locator.locate(requirement, + prereleases=prereleases) + if dist is None: + raise DistlibException('Unable to locate %r' % requirement) + logger.debug('located %s', odist) + dist.requested = True + problems = set() + todo = set([dist]) + install_dists = set([odist]) + while todo: + dist = todo.pop() + name = dist.key # case-insensitive + if name not in self.dists_by_name: + self.add_distribution(dist) + else: + #import pdb; pdb.set_trace() + other = self.dists_by_name[name] + if other != dist: + self.try_to_replace(dist, other, problems) + + ireqts = dist.run_requires | dist.meta_requires + sreqts = dist.build_requires + ereqts = set() + if meta_extras and dist in install_dists: + for key in ('test', 'build', 'dev'): + e = ':%s:' % key + if e in meta_extras: + ereqts |= getattr(dist, '%s_requires' % key) + all_reqts = ireqts | sreqts | ereqts + for r in all_reqts: + providers = self.find_providers(r) + if not providers: + logger.debug('No providers found for %r', r) + provider = self.locator.locate(r, prereleases=prereleases) + # If no provider is found and we didn't consider + # prereleases, consider them now. + if provider is None and not prereleases: + provider = self.locator.locate(r, prereleases=True) + if provider is None: + logger.debug('Cannot satisfy %r', r) + problems.add(('unsatisfied', r)) + else: + n, v = provider.key, provider.version + if (n, v) not in self.dists: + todo.add(provider) + providers.add(provider) + if r in ireqts and dist in install_dists: + install_dists.add(provider) + logger.debug('Adding %s to install_dists', + provider.name_and_version) + for p in providers: + name = p.key + if name not in self.dists_by_name: + self.reqts.setdefault(p, set()).add(r) + else: + other = self.dists_by_name[name] + if other != p: + # see if other can be replaced by p + self.try_to_replace(p, other, problems) + + dists = set(self.dists.values()) + for dist in dists: + dist.build_time_dependency = dist not in install_dists + if dist.build_time_dependency: + logger.debug('%s is a build-time dependency only.', + dist.name_and_version) + logger.debug('find done for %s', odist) + return dists, problems diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/manifest.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/manifest.py new file mode 100644 index 000000000..ca0fe442d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/manifest.py @@ -0,0 +1,393 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2012-2013 Python Software Foundation. +# See LICENSE.txt and CONTRIBUTORS.txt. +# +""" +Class representing the list of files in a distribution. + +Equivalent to distutils.filelist, but fixes some problems. +""" +import fnmatch +import logging +import os +import re +import sys + +from . import DistlibException +from .compat import fsdecode +from .util import convert_path + + +__all__ = ['Manifest'] + +logger = logging.getLogger(__name__) + +# a \ followed by some spaces + EOL +_COLLAPSE_PATTERN = re.compile('\\\\w*\n', re.M) +_COMMENTED_LINE = re.compile('#.*?(?=\n)|\n(?=$)', re.M | re.S) + +# +# Due to the different results returned by fnmatch.translate, we need +# to do slightly different processing for Python 2.7 and 3.2 ... this needed +# to be brought in for Python 3.6 onwards. +# +_PYTHON_VERSION = sys.version_info[:2] + +class Manifest(object): + """A list of files built by on exploring the filesystem and filtered by + applying various patterns to what we find there. + """ + + def __init__(self, base=None): + """ + Initialise an instance. + + :param base: The base directory to explore under. + """ + self.base = os.path.abspath(os.path.normpath(base or os.getcwd())) + self.prefix = self.base + os.sep + self.allfiles = None + self.files = set() + + # + # Public API + # + + def findall(self): + """Find all files under the base and set ``allfiles`` to the absolute + pathnames of files found. + """ + from stat import S_ISREG, S_ISDIR, S_ISLNK + + self.allfiles = allfiles = [] + root = self.base + stack = [root] + pop = stack.pop + push = stack.append + + while stack: + root = pop() + names = os.listdir(root) + + for name in names: + fullname = os.path.join(root, name) + + # Avoid excess stat calls -- just one will do, thank you! + stat = os.stat(fullname) + mode = stat.st_mode + if S_ISREG(mode): + allfiles.append(fsdecode(fullname)) + elif S_ISDIR(mode) and not S_ISLNK(mode): + push(fullname) + + def add(self, item): + """ + Add a file to the manifest. + + :param item: The pathname to add. This can be relative to the base. + """ + if not item.startswith(self.prefix): + item = os.path.join(self.base, item) + self.files.add(os.path.normpath(item)) + + def add_many(self, items): + """ + Add a list of files to the manifest. + + :param items: The pathnames to add. These can be relative to the base. + """ + for item in items: + self.add(item) + + def sorted(self, wantdirs=False): + """ + Return sorted files in directory order + """ + + def add_dir(dirs, d): + dirs.add(d) + logger.debug('add_dir added %s', d) + if d != self.base: + parent, _ = os.path.split(d) + assert parent not in ('', '/') + add_dir(dirs, parent) + + result = set(self.files) # make a copy! + if wantdirs: + dirs = set() + for f in result: + add_dir(dirs, os.path.dirname(f)) + result |= dirs + return [os.path.join(*path_tuple) for path_tuple in + sorted(os.path.split(path) for path in result)] + + def clear(self): + """Clear all collected files.""" + self.files = set() + self.allfiles = [] + + def process_directive(self, directive): + """ + Process a directive which either adds some files from ``allfiles`` to + ``files``, or removes some files from ``files``. + + :param directive: The directive to process. This should be in a format + compatible with distutils ``MANIFEST.in`` files: + + http://docs.python.org/distutils/sourcedist.html#commands + """ + # Parse the line: split it up, make sure the right number of words + # is there, and return the relevant words. 'action' is always + # defined: it's the first word of the line. Which of the other + # three are defined depends on the action; it'll be either + # patterns, (dir and patterns), or (dirpattern). + action, patterns, thedir, dirpattern = self._parse_directive(directive) + + # OK, now we know that the action is valid and we have the + # right number of words on the line for that action -- so we + # can proceed with minimal error-checking. + if action == 'include': + for pattern in patterns: + if not self._include_pattern(pattern, anchor=True): + logger.warning('no files found matching %r', pattern) + + elif action == 'exclude': + for pattern in patterns: + found = self._exclude_pattern(pattern, anchor=True) + #if not found: + # logger.warning('no previously-included files ' + # 'found matching %r', pattern) + + elif action == 'global-include': + for pattern in patterns: + if not self._include_pattern(pattern, anchor=False): + logger.warning('no files found matching %r ' + 'anywhere in distribution', pattern) + + elif action == 'global-exclude': + for pattern in patterns: + found = self._exclude_pattern(pattern, anchor=False) + #if not found: + # logger.warning('no previously-included files ' + # 'matching %r found anywhere in ' + # 'distribution', pattern) + + elif action == 'recursive-include': + for pattern in patterns: + if not self._include_pattern(pattern, prefix=thedir): + logger.warning('no files found matching %r ' + 'under directory %r', pattern, thedir) + + elif action == 'recursive-exclude': + for pattern in patterns: + found = self._exclude_pattern(pattern, prefix=thedir) + #if not found: + # logger.warning('no previously-included files ' + # 'matching %r found under directory %r', + # pattern, thedir) + + elif action == 'graft': + if not self._include_pattern(None, prefix=dirpattern): + logger.warning('no directories found matching %r', + dirpattern) + + elif action == 'prune': + if not self._exclude_pattern(None, prefix=dirpattern): + logger.warning('no previously-included directories found ' + 'matching %r', dirpattern) + else: # pragma: no cover + # This should never happen, as it should be caught in + # _parse_template_line + raise DistlibException( + 'invalid action %r' % action) + + # + # Private API + # + + def _parse_directive(self, directive): + """ + Validate a directive. + :param directive: The directive to validate. + :return: A tuple of action, patterns, thedir, dir_patterns + """ + words = directive.split() + if len(words) == 1 and words[0] not in ('include', 'exclude', + 'global-include', + 'global-exclude', + 'recursive-include', + 'recursive-exclude', + 'graft', 'prune'): + # no action given, let's use the default 'include' + words.insert(0, 'include') + + action = words[0] + patterns = thedir = dir_pattern = None + + if action in ('include', 'exclude', + 'global-include', 'global-exclude'): + if len(words) < 2: + raise DistlibException( + '%r expects ...' % action) + + patterns = [convert_path(word) for word in words[1:]] + + elif action in ('recursive-include', 'recursive-exclude'): + if len(words) < 3: + raise DistlibException( + '%r expects ...' % action) + + thedir = convert_path(words[1]) + patterns = [convert_path(word) for word in words[2:]] + + elif action in ('graft', 'prune'): + if len(words) != 2: + raise DistlibException( + '%r expects a single ' % action) + + dir_pattern = convert_path(words[1]) + + else: + raise DistlibException('unknown action %r' % action) + + return action, patterns, thedir, dir_pattern + + def _include_pattern(self, pattern, anchor=True, prefix=None, + is_regex=False): + """Select strings (presumably filenames) from 'self.files' that + match 'pattern', a Unix-style wildcard (glob) pattern. + + Patterns are not quite the same as implemented by the 'fnmatch' + module: '*' and '?' match non-special characters, where "special" + is platform-dependent: slash on Unix; colon, slash, and backslash on + DOS/Windows; and colon on Mac OS. + + If 'anchor' is true (the default), then the pattern match is more + stringent: "*.py" will match "foo.py" but not "foo/bar.py". If + 'anchor' is false, both of these will match. + + If 'prefix' is supplied, then only filenames starting with 'prefix' + (itself a pattern) and ending with 'pattern', with anything in between + them, will match. 'anchor' is ignored in this case. + + If 'is_regex' is true, 'anchor' and 'prefix' are ignored, and + 'pattern' is assumed to be either a string containing a regex or a + regex object -- no translation is done, the regex is just compiled + and used as-is. + + Selected strings will be added to self.files. + + Return True if files are found. + """ + # XXX docstring lying about what the special chars are? + found = False + pattern_re = self._translate_pattern(pattern, anchor, prefix, is_regex) + + # delayed loading of allfiles list + if self.allfiles is None: + self.findall() + + for name in self.allfiles: + if pattern_re.search(name): + self.files.add(name) + found = True + return found + + def _exclude_pattern(self, pattern, anchor=True, prefix=None, + is_regex=False): + """Remove strings (presumably filenames) from 'files' that match + 'pattern'. + + Other parameters are the same as for 'include_pattern()', above. + The list 'self.files' is modified in place. Return True if files are + found. + + This API is public to allow e.g. exclusion of SCM subdirs, e.g. when + packaging source distributions + """ + found = False + pattern_re = self._translate_pattern(pattern, anchor, prefix, is_regex) + for f in list(self.files): + if pattern_re.search(f): + self.files.remove(f) + found = True + return found + + def _translate_pattern(self, pattern, anchor=True, prefix=None, + is_regex=False): + """Translate a shell-like wildcard pattern to a compiled regular + expression. + + Return the compiled regex. If 'is_regex' true, + then 'pattern' is directly compiled to a regex (if it's a string) + or just returned as-is (assumes it's a regex object). + """ + if is_regex: + if isinstance(pattern, str): + return re.compile(pattern) + else: + return pattern + + if _PYTHON_VERSION > (3, 2): + # ditch start and end characters + start, _, end = self._glob_to_re('_').partition('_') + + if pattern: + pattern_re = self._glob_to_re(pattern) + if _PYTHON_VERSION > (3, 2): + assert pattern_re.startswith(start) and pattern_re.endswith(end) + else: + pattern_re = '' + + base = re.escape(os.path.join(self.base, '')) + if prefix is not None: + # ditch end of pattern character + if _PYTHON_VERSION <= (3, 2): + empty_pattern = self._glob_to_re('') + prefix_re = self._glob_to_re(prefix)[:-len(empty_pattern)] + else: + prefix_re = self._glob_to_re(prefix) + assert prefix_re.startswith(start) and prefix_re.endswith(end) + prefix_re = prefix_re[len(start): len(prefix_re) - len(end)] + sep = os.sep + if os.sep == '\\': + sep = r'\\' + if _PYTHON_VERSION <= (3, 2): + pattern_re = '^' + base + sep.join((prefix_re, + '.*' + pattern_re)) + else: + pattern_re = pattern_re[len(start): len(pattern_re) - len(end)] + pattern_re = r'%s%s%s%s.*%s%s' % (start, base, prefix_re, sep, + pattern_re, end) + else: # no prefix -- respect anchor flag + if anchor: + if _PYTHON_VERSION <= (3, 2): + pattern_re = '^' + base + pattern_re + else: + pattern_re = r'%s%s%s' % (start, base, pattern_re[len(start):]) + + return re.compile(pattern_re) + + def _glob_to_re(self, pattern): + """Translate a shell-like glob pattern to a regular expression. + + Return a string containing the regex. Differs from + 'fnmatch.translate()' in that '*' does not match "special characters" + (which are platform-specific). + """ + pattern_re = fnmatch.translate(pattern) + + # '?' and '*' in the glob pattern become '.' and '.*' in the RE, which + # IMHO is wrong -- '?' and '*' aren't supposed to match slash in Unix, + # and by extension they shouldn't match such "special characters" under + # any OS. So change all non-escaped dots in the RE to match any + # character except the special characters (currently: just os.sep). + sep = os.sep + if os.sep == '\\': + # we're using a regex to manipulate a regex, so we need + # to escape the backslash twice + sep = r'\\\\' + escaped = r'\1[^%s]' % sep + pattern_re = re.sub(r'((? y, + '!=': lambda x, y: x != y, + '<': lambda x, y: x < y, + '<=': lambda x, y: x == y or x < y, + '>': lambda x, y: x > y, + '>=': lambda x, y: x == y or x > y, + 'and': lambda x, y: x and y, + 'or': lambda x, y: x or y, + 'in': lambda x, y: x in y, + 'not in': lambda x, y: x not in y, + } + + def evaluate(self, expr, context): + """ + Evaluate a marker expression returned by the :func:`parse_requirement` + function in the specified context. + """ + if isinstance(expr, string_types): + if expr[0] in '\'"': + result = expr[1:-1] + else: + if expr not in context: + raise SyntaxError('unknown variable: %s' % expr) + result = context[expr] + else: + assert isinstance(expr, dict) + op = expr['op'] + if op not in self.operations: + raise NotImplementedError('op not implemented: %s' % op) + elhs = expr['lhs'] + erhs = expr['rhs'] + if _is_literal(expr['lhs']) and _is_literal(expr['rhs']): + raise SyntaxError('invalid comparison: %s %s %s' % (elhs, op, erhs)) + + lhs = self.evaluate(elhs, context) + rhs = self.evaluate(erhs, context) + result = self.operations[op](lhs, rhs) + return result + +def default_context(): + def format_full_version(info): + version = '%s.%s.%s' % (info.major, info.minor, info.micro) + kind = info.releaselevel + if kind != 'final': + version += kind[0] + str(info.serial) + return version + + if hasattr(sys, 'implementation'): + implementation_version = format_full_version(sys.implementation.version) + implementation_name = sys.implementation.name + else: + implementation_version = '0' + implementation_name = '' + + result = { + 'implementation_name': implementation_name, + 'implementation_version': implementation_version, + 'os_name': os.name, + 'platform_machine': platform.machine(), + 'platform_python_implementation': platform.python_implementation(), + 'platform_release': platform.release(), + 'platform_system': platform.system(), + 'platform_version': platform.version(), + 'platform_in_venv': str(in_venv()), + 'python_full_version': platform.python_version(), + 'python_version': platform.python_version()[:3], + 'sys_platform': sys.platform, + } + return result + +DEFAULT_CONTEXT = default_context() +del default_context + +evaluator = Evaluator() + +def interpret(marker, execution_context=None): + """ + Interpret a marker and return a result depending on environment. + + :param marker: The marker to interpret. + :type marker: str + :param execution_context: The context used for name lookup. + :type execution_context: mapping + """ + try: + expr, rest = parse_marker(marker) + except Exception as e: + raise SyntaxError('Unable to interpret marker syntax: %s: %s' % (marker, e)) + if rest and rest[0] != '#': + raise SyntaxError('unexpected trailing data in marker: %s: %s' % (marker, rest)) + context = dict(DEFAULT_CONTEXT) + if execution_context: + context.update(execution_context) + return evaluator.evaluate(expr, context) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/metadata.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/metadata.py new file mode 100644 index 000000000..6a26b0ab2 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/metadata.py @@ -0,0 +1,1058 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2012 The Python Software Foundation. +# See LICENSE.txt and CONTRIBUTORS.txt. +# +"""Implementation of the Metadata for Python packages PEPs. + +Supports all metadata formats (1.0, 1.1, 1.2, 1.3/2.1 and withdrawn 2.0). +""" +from __future__ import unicode_literals + +import codecs +from email import message_from_file +import json +import logging +import re + + +from . import DistlibException, __version__ +from .compat import StringIO, string_types, text_type +from .markers import interpret +from .util import extract_by_key, get_extras +from .version import get_scheme, PEP440_VERSION_RE + +logger = logging.getLogger(__name__) + + +class MetadataMissingError(DistlibException): + """A required metadata is missing""" + + +class MetadataConflictError(DistlibException): + """Attempt to read or write metadata fields that are conflictual.""" + + +class MetadataUnrecognizedVersionError(DistlibException): + """Unknown metadata version number.""" + + +class MetadataInvalidError(DistlibException): + """A metadata value is invalid""" + +# public API of this module +__all__ = ['Metadata', 'PKG_INFO_ENCODING', 'PKG_INFO_PREFERRED_VERSION'] + +# Encoding used for the PKG-INFO files +PKG_INFO_ENCODING = 'utf-8' + +# preferred version. Hopefully will be changed +# to 1.2 once PEP 345 is supported everywhere +PKG_INFO_PREFERRED_VERSION = '1.1' + +_LINE_PREFIX_1_2 = re.compile('\n \\|') +_LINE_PREFIX_PRE_1_2 = re.compile('\n ') +_241_FIELDS = ('Metadata-Version', 'Name', 'Version', 'Platform', + 'Summary', 'Description', + 'Keywords', 'Home-page', 'Author', 'Author-email', + 'License') + +_314_FIELDS = ('Metadata-Version', 'Name', 'Version', 'Platform', + 'Supported-Platform', 'Summary', 'Description', + 'Keywords', 'Home-page', 'Author', 'Author-email', + 'License', 'Classifier', 'Download-URL', 'Obsoletes', + 'Provides', 'Requires') + +_314_MARKERS = ('Obsoletes', 'Provides', 'Requires', 'Classifier', + 'Download-URL') + +_345_FIELDS = ('Metadata-Version', 'Name', 'Version', 'Platform', + 'Supported-Platform', 'Summary', 'Description', + 'Keywords', 'Home-page', 'Author', 'Author-email', + 'Maintainer', 'Maintainer-email', 'License', + 'Classifier', 'Download-URL', 'Obsoletes-Dist', + 'Project-URL', 'Provides-Dist', 'Requires-Dist', + 'Requires-Python', 'Requires-External') + +_345_MARKERS = ('Provides-Dist', 'Requires-Dist', 'Requires-Python', + 'Obsoletes-Dist', 'Requires-External', 'Maintainer', + 'Maintainer-email', 'Project-URL') + +_426_FIELDS = ('Metadata-Version', 'Name', 'Version', 'Platform', + 'Supported-Platform', 'Summary', 'Description', + 'Keywords', 'Home-page', 'Author', 'Author-email', + 'Maintainer', 'Maintainer-email', 'License', + 'Classifier', 'Download-URL', 'Obsoletes-Dist', + 'Project-URL', 'Provides-Dist', 'Requires-Dist', + 'Requires-Python', 'Requires-External', 'Private-Version', + 'Obsoleted-By', 'Setup-Requires-Dist', 'Extension', + 'Provides-Extra') + +_426_MARKERS = ('Private-Version', 'Provides-Extra', 'Obsoleted-By', + 'Setup-Requires-Dist', 'Extension') + +# See issue #106: Sometimes 'Requires' and 'Provides' occur wrongly in +# the metadata. Include them in the tuple literal below to allow them +# (for now). +# Ditto for Obsoletes - see issue #140. +_566_FIELDS = _426_FIELDS + ('Description-Content-Type', + 'Requires', 'Provides', 'Obsoletes') + +_566_MARKERS = ('Description-Content-Type',) + +_ALL_FIELDS = set() +_ALL_FIELDS.update(_241_FIELDS) +_ALL_FIELDS.update(_314_FIELDS) +_ALL_FIELDS.update(_345_FIELDS) +_ALL_FIELDS.update(_426_FIELDS) +_ALL_FIELDS.update(_566_FIELDS) + +EXTRA_RE = re.compile(r'''extra\s*==\s*("([^"]+)"|'([^']+)')''') + + +def _version2fieldlist(version): + if version == '1.0': + return _241_FIELDS + elif version == '1.1': + return _314_FIELDS + elif version == '1.2': + return _345_FIELDS + elif version in ('1.3', '2.1'): + # avoid adding field names if already there + return _345_FIELDS + tuple(f for f in _566_FIELDS if f not in _345_FIELDS) + elif version == '2.0': + return _426_FIELDS + raise MetadataUnrecognizedVersionError(version) + + +def _best_version(fields): + """Detect the best version depending on the fields used.""" + def _has_marker(keys, markers): + for marker in markers: + if marker in keys: + return True + return False + + keys = [] + for key, value in fields.items(): + if value in ([], 'UNKNOWN', None): + continue + keys.append(key) + + possible_versions = ['1.0', '1.1', '1.2', '1.3', '2.0', '2.1'] + + # first let's try to see if a field is not part of one of the version + for key in keys: + if key not in _241_FIELDS and '1.0' in possible_versions: + possible_versions.remove('1.0') + logger.debug('Removed 1.0 due to %s', key) + if key not in _314_FIELDS and '1.1' in possible_versions: + possible_versions.remove('1.1') + logger.debug('Removed 1.1 due to %s', key) + if key not in _345_FIELDS and '1.2' in possible_versions: + possible_versions.remove('1.2') + logger.debug('Removed 1.2 due to %s', key) + if key not in _566_FIELDS and '1.3' in possible_versions: + possible_versions.remove('1.3') + logger.debug('Removed 1.3 due to %s', key) + if key not in _566_FIELDS and '2.1' in possible_versions: + if key != 'Description': # In 2.1, description allowed after headers + possible_versions.remove('2.1') + logger.debug('Removed 2.1 due to %s', key) + if key not in _426_FIELDS and '2.0' in possible_versions: + possible_versions.remove('2.0') + logger.debug('Removed 2.0 due to %s', key) + + # possible_version contains qualified versions + if len(possible_versions) == 1: + return possible_versions[0] # found ! + elif len(possible_versions) == 0: + logger.debug('Out of options - unknown metadata set: %s', fields) + raise MetadataConflictError('Unknown metadata set') + + # let's see if one unique marker is found + is_1_1 = '1.1' in possible_versions and _has_marker(keys, _314_MARKERS) + is_1_2 = '1.2' in possible_versions and _has_marker(keys, _345_MARKERS) + is_2_1 = '2.1' in possible_versions and _has_marker(keys, _566_MARKERS) + is_2_0 = '2.0' in possible_versions and _has_marker(keys, _426_MARKERS) + if int(is_1_1) + int(is_1_2) + int(is_2_1) + int(is_2_0) > 1: + raise MetadataConflictError('You used incompatible 1.1/1.2/2.0/2.1 fields') + + # we have the choice, 1.0, or 1.2, or 2.0 + # - 1.0 has a broken Summary field but works with all tools + # - 1.1 is to avoid + # - 1.2 fixes Summary but has little adoption + # - 2.0 adds more features and is very new + if not is_1_1 and not is_1_2 and not is_2_1 and not is_2_0: + # we couldn't find any specific marker + if PKG_INFO_PREFERRED_VERSION in possible_versions: + return PKG_INFO_PREFERRED_VERSION + if is_1_1: + return '1.1' + if is_1_2: + return '1.2' + if is_2_1: + return '2.1' + + return '2.0' + +# This follows the rules about transforming keys as described in +# https://www.python.org/dev/peps/pep-0566/#id17 +_ATTR2FIELD = { + name.lower().replace("-", "_"): name for name in _ALL_FIELDS +} +_FIELD2ATTR = {field: attr for attr, field in _ATTR2FIELD.items()} + +_PREDICATE_FIELDS = ('Requires-Dist', 'Obsoletes-Dist', 'Provides-Dist') +_VERSIONS_FIELDS = ('Requires-Python',) +_VERSION_FIELDS = ('Version',) +_LISTFIELDS = ('Platform', 'Classifier', 'Obsoletes', + 'Requires', 'Provides', 'Obsoletes-Dist', + 'Provides-Dist', 'Requires-Dist', 'Requires-External', + 'Project-URL', 'Supported-Platform', 'Setup-Requires-Dist', + 'Provides-Extra', 'Extension') +_LISTTUPLEFIELDS = ('Project-URL',) + +_ELEMENTSFIELD = ('Keywords',) + +_UNICODEFIELDS = ('Author', 'Maintainer', 'Summary', 'Description') + +_MISSING = object() + +_FILESAFE = re.compile('[^A-Za-z0-9.]+') + + +def _get_name_and_version(name, version, for_filename=False): + """Return the distribution name with version. + + If for_filename is true, return a filename-escaped form.""" + if for_filename: + # For both name and version any runs of non-alphanumeric or '.' + # characters are replaced with a single '-'. Additionally any + # spaces in the version string become '.' + name = _FILESAFE.sub('-', name) + version = _FILESAFE.sub('-', version.replace(' ', '.')) + return '%s-%s' % (name, version) + + +class LegacyMetadata(object): + """The legacy metadata of a release. + + Supports versions 1.0, 1.1, 1.2, 2.0 and 1.3/2.1 (auto-detected). You can + instantiate the class with one of these arguments (or none): + - *path*, the path to a metadata file + - *fileobj* give a file-like object with metadata as content + - *mapping* is a dict-like object + - *scheme* is a version scheme name + """ + # TODO document the mapping API and UNKNOWN default key + + def __init__(self, path=None, fileobj=None, mapping=None, + scheme='default'): + if [path, fileobj, mapping].count(None) < 2: + raise TypeError('path, fileobj and mapping are exclusive') + self._fields = {} + self.requires_files = [] + self._dependencies = None + self.scheme = scheme + if path is not None: + self.read(path) + elif fileobj is not None: + self.read_file(fileobj) + elif mapping is not None: + self.update(mapping) + self.set_metadata_version() + + def set_metadata_version(self): + self._fields['Metadata-Version'] = _best_version(self._fields) + + def _write_field(self, fileobj, name, value): + fileobj.write('%s: %s\n' % (name, value)) + + def __getitem__(self, name): + return self.get(name) + + def __setitem__(self, name, value): + return self.set(name, value) + + def __delitem__(self, name): + field_name = self._convert_name(name) + try: + del self._fields[field_name] + except KeyError: + raise KeyError(name) + + def __contains__(self, name): + return (name in self._fields or + self._convert_name(name) in self._fields) + + def _convert_name(self, name): + if name in _ALL_FIELDS: + return name + name = name.replace('-', '_').lower() + return _ATTR2FIELD.get(name, name) + + def _default_value(self, name): + if name in _LISTFIELDS or name in _ELEMENTSFIELD: + return [] + return 'UNKNOWN' + + def _remove_line_prefix(self, value): + if self.metadata_version in ('1.0', '1.1'): + return _LINE_PREFIX_PRE_1_2.sub('\n', value) + else: + return _LINE_PREFIX_1_2.sub('\n', value) + + def __getattr__(self, name): + if name in _ATTR2FIELD: + return self[name] + raise AttributeError(name) + + # + # Public API + # + +# dependencies = property(_get_dependencies, _set_dependencies) + + def get_fullname(self, filesafe=False): + """Return the distribution name with version. + + If filesafe is true, return a filename-escaped form.""" + return _get_name_and_version(self['Name'], self['Version'], filesafe) + + def is_field(self, name): + """return True if name is a valid metadata key""" + name = self._convert_name(name) + return name in _ALL_FIELDS + + def is_multi_field(self, name): + name = self._convert_name(name) + return name in _LISTFIELDS + + def read(self, filepath): + """Read the metadata values from a file path.""" + fp = codecs.open(filepath, 'r', encoding='utf-8') + try: + self.read_file(fp) + finally: + fp.close() + + def read_file(self, fileob): + """Read the metadata values from a file object.""" + msg = message_from_file(fileob) + self._fields['Metadata-Version'] = msg['metadata-version'] + + # When reading, get all the fields we can + for field in _ALL_FIELDS: + if field not in msg: + continue + if field in _LISTFIELDS: + # we can have multiple lines + values = msg.get_all(field) + if field in _LISTTUPLEFIELDS and values is not None: + values = [tuple(value.split(',')) for value in values] + self.set(field, values) + else: + # single line + value = msg[field] + if value is not None and value != 'UNKNOWN': + self.set(field, value) + + # PEP 566 specifies that the body be used for the description, if + # available + body = msg.get_payload() + self["Description"] = body if body else self["Description"] + # logger.debug('Attempting to set metadata for %s', self) + # self.set_metadata_version() + + def write(self, filepath, skip_unknown=False): + """Write the metadata fields to filepath.""" + fp = codecs.open(filepath, 'w', encoding='utf-8') + try: + self.write_file(fp, skip_unknown) + finally: + fp.close() + + def write_file(self, fileobject, skip_unknown=False): + """Write the PKG-INFO format data to a file object.""" + self.set_metadata_version() + + for field in _version2fieldlist(self['Metadata-Version']): + values = self.get(field) + if skip_unknown and values in ('UNKNOWN', [], ['UNKNOWN']): + continue + if field in _ELEMENTSFIELD: + self._write_field(fileobject, field, ','.join(values)) + continue + if field not in _LISTFIELDS: + if field == 'Description': + if self.metadata_version in ('1.0', '1.1'): + values = values.replace('\n', '\n ') + else: + values = values.replace('\n', '\n |') + values = [values] + + if field in _LISTTUPLEFIELDS: + values = [','.join(value) for value in values] + + for value in values: + self._write_field(fileobject, field, value) + + def update(self, other=None, **kwargs): + """Set metadata values from the given iterable `other` and kwargs. + + Behavior is like `dict.update`: If `other` has a ``keys`` method, + they are looped over and ``self[key]`` is assigned ``other[key]``. + Else, ``other`` is an iterable of ``(key, value)`` iterables. + + Keys that don't match a metadata field or that have an empty value are + dropped. + """ + def _set(key, value): + if key in _ATTR2FIELD and value: + self.set(self._convert_name(key), value) + + if not other: + # other is None or empty container + pass + elif hasattr(other, 'keys'): + for k in other.keys(): + _set(k, other[k]) + else: + for k, v in other: + _set(k, v) + + if kwargs: + for k, v in kwargs.items(): + _set(k, v) + + def set(self, name, value): + """Control then set a metadata field.""" + name = self._convert_name(name) + + if ((name in _ELEMENTSFIELD or name == 'Platform') and + not isinstance(value, (list, tuple))): + if isinstance(value, string_types): + value = [v.strip() for v in value.split(',')] + else: + value = [] + elif (name in _LISTFIELDS and + not isinstance(value, (list, tuple))): + if isinstance(value, string_types): + value = [value] + else: + value = [] + + if logger.isEnabledFor(logging.WARNING): + project_name = self['Name'] + + scheme = get_scheme(self.scheme) + if name in _PREDICATE_FIELDS and value is not None: + for v in value: + # check that the values are valid + if not scheme.is_valid_matcher(v.split(';')[0]): + logger.warning( + "'%s': '%s' is not valid (field '%s')", + project_name, v, name) + # FIXME this rejects UNKNOWN, is that right? + elif name in _VERSIONS_FIELDS and value is not None: + if not scheme.is_valid_constraint_list(value): + logger.warning("'%s': '%s' is not a valid version (field '%s')", + project_name, value, name) + elif name in _VERSION_FIELDS and value is not None: + if not scheme.is_valid_version(value): + logger.warning("'%s': '%s' is not a valid version (field '%s')", + project_name, value, name) + + if name in _UNICODEFIELDS: + if name == 'Description': + value = self._remove_line_prefix(value) + + self._fields[name] = value + + def get(self, name, default=_MISSING): + """Get a metadata field.""" + name = self._convert_name(name) + if name not in self._fields: + if default is _MISSING: + default = self._default_value(name) + return default + if name in _UNICODEFIELDS: + value = self._fields[name] + return value + elif name in _LISTFIELDS: + value = self._fields[name] + if value is None: + return [] + res = [] + for val in value: + if name not in _LISTTUPLEFIELDS: + res.append(val) + else: + # That's for Project-URL + res.append((val[0], val[1])) + return res + + elif name in _ELEMENTSFIELD: + value = self._fields[name] + if isinstance(value, string_types): + return value.split(',') + return self._fields[name] + + def check(self, strict=False): + """Check if the metadata is compliant. If strict is True then raise if + no Name or Version are provided""" + self.set_metadata_version() + + # XXX should check the versions (if the file was loaded) + missing, warnings = [], [] + + for attr in ('Name', 'Version'): # required by PEP 345 + if attr not in self: + missing.append(attr) + + if strict and missing != []: + msg = 'missing required metadata: %s' % ', '.join(missing) + raise MetadataMissingError(msg) + + for attr in ('Home-page', 'Author'): + if attr not in self: + missing.append(attr) + + # checking metadata 1.2 (XXX needs to check 1.1, 1.0) + if self['Metadata-Version'] != '1.2': + return missing, warnings + + scheme = get_scheme(self.scheme) + + def are_valid_constraints(value): + for v in value: + if not scheme.is_valid_matcher(v.split(';')[0]): + return False + return True + + for fields, controller in ((_PREDICATE_FIELDS, are_valid_constraints), + (_VERSIONS_FIELDS, + scheme.is_valid_constraint_list), + (_VERSION_FIELDS, + scheme.is_valid_version)): + for field in fields: + value = self.get(field, None) + if value is not None and not controller(value): + warnings.append("Wrong value for '%s': %s" % (field, value)) + + return missing, warnings + + def todict(self, skip_missing=False): + """Return fields as a dict. + + Field names will be converted to use the underscore-lowercase style + instead of hyphen-mixed case (i.e. home_page instead of Home-page). + This is as per https://www.python.org/dev/peps/pep-0566/#id17. + """ + self.set_metadata_version() + + fields = _version2fieldlist(self['Metadata-Version']) + + data = {} + + for field_name in fields: + if not skip_missing or field_name in self._fields: + key = _FIELD2ATTR[field_name] + if key != 'project_url': + data[key] = self[field_name] + else: + data[key] = [','.join(u) for u in self[field_name]] + + return data + + def add_requirements(self, requirements): + if self['Metadata-Version'] == '1.1': + # we can't have 1.1 metadata *and* Setuptools requires + for field in ('Obsoletes', 'Requires', 'Provides'): + if field in self: + del self[field] + self['Requires-Dist'] += requirements + + # Mapping API + # TODO could add iter* variants + + def keys(self): + return list(_version2fieldlist(self['Metadata-Version'])) + + def __iter__(self): + for key in self.keys(): + yield key + + def values(self): + return [self[key] for key in self.keys()] + + def items(self): + return [(key, self[key]) for key in self.keys()] + + def __repr__(self): + return '<%s %s %s>' % (self.__class__.__name__, self.name, + self.version) + + +METADATA_FILENAME = 'pydist.json' +WHEEL_METADATA_FILENAME = 'metadata.json' +LEGACY_METADATA_FILENAME = 'METADATA' + + +class Metadata(object): + """ + The metadata of a release. This implementation uses 2.0 (JSON) + metadata where possible. If not possible, it wraps a LegacyMetadata + instance which handles the key-value metadata format. + """ + + METADATA_VERSION_MATCHER = re.compile(r'^\d+(\.\d+)*$') + + NAME_MATCHER = re.compile('^[0-9A-Z]([0-9A-Z_.-]*[0-9A-Z])?$', re.I) + + VERSION_MATCHER = PEP440_VERSION_RE + + SUMMARY_MATCHER = re.compile('.{1,2047}') + + METADATA_VERSION = '2.0' + + GENERATOR = 'distlib (%s)' % __version__ + + MANDATORY_KEYS = { + 'name': (), + 'version': (), + 'summary': ('legacy',), + } + + INDEX_KEYS = ('name version license summary description author ' + 'author_email keywords platform home_page classifiers ' + 'download_url') + + DEPENDENCY_KEYS = ('extras run_requires test_requires build_requires ' + 'dev_requires provides meta_requires obsoleted_by ' + 'supports_environments') + + SYNTAX_VALIDATORS = { + 'metadata_version': (METADATA_VERSION_MATCHER, ()), + 'name': (NAME_MATCHER, ('legacy',)), + 'version': (VERSION_MATCHER, ('legacy',)), + 'summary': (SUMMARY_MATCHER, ('legacy',)), + } + + __slots__ = ('_legacy', '_data', 'scheme') + + def __init__(self, path=None, fileobj=None, mapping=None, + scheme='default'): + if [path, fileobj, mapping].count(None) < 2: + raise TypeError('path, fileobj and mapping are exclusive') + self._legacy = None + self._data = None + self.scheme = scheme + #import pdb; pdb.set_trace() + if mapping is not None: + try: + self._validate_mapping(mapping, scheme) + self._data = mapping + except MetadataUnrecognizedVersionError: + self._legacy = LegacyMetadata(mapping=mapping, scheme=scheme) + self.validate() + else: + data = None + if path: + with open(path, 'rb') as f: + data = f.read() + elif fileobj: + data = fileobj.read() + if data is None: + # Initialised with no args - to be added + self._data = { + 'metadata_version': self.METADATA_VERSION, + 'generator': self.GENERATOR, + } + else: + if not isinstance(data, text_type): + data = data.decode('utf-8') + try: + self._data = json.loads(data) + self._validate_mapping(self._data, scheme) + except ValueError: + # Note: MetadataUnrecognizedVersionError does not + # inherit from ValueError (it's a DistlibException, + # which should not inherit from ValueError). + # The ValueError comes from the json.load - if that + # succeeds and we get a validation error, we want + # that to propagate + self._legacy = LegacyMetadata(fileobj=StringIO(data), + scheme=scheme) + self.validate() + + common_keys = set(('name', 'version', 'license', 'keywords', 'summary')) + + none_list = (None, list) + none_dict = (None, dict) + + mapped_keys = { + 'run_requires': ('Requires-Dist', list), + 'build_requires': ('Setup-Requires-Dist', list), + 'dev_requires': none_list, + 'test_requires': none_list, + 'meta_requires': none_list, + 'extras': ('Provides-Extra', list), + 'modules': none_list, + 'namespaces': none_list, + 'exports': none_dict, + 'commands': none_dict, + 'classifiers': ('Classifier', list), + 'source_url': ('Download-URL', None), + 'metadata_version': ('Metadata-Version', None), + } + + del none_list, none_dict + + def __getattribute__(self, key): + common = object.__getattribute__(self, 'common_keys') + mapped = object.__getattribute__(self, 'mapped_keys') + if key in mapped: + lk, maker = mapped[key] + if self._legacy: + if lk is None: + result = None if maker is None else maker() + else: + result = self._legacy.get(lk) + else: + value = None if maker is None else maker() + if key not in ('commands', 'exports', 'modules', 'namespaces', + 'classifiers'): + result = self._data.get(key, value) + else: + # special cases for PEP 459 + sentinel = object() + result = sentinel + d = self._data.get('extensions') + if d: + if key == 'commands': + result = d.get('python.commands', value) + elif key == 'classifiers': + d = d.get('python.details') + if d: + result = d.get(key, value) + else: + d = d.get('python.exports') + if not d: + d = self._data.get('python.exports') + if d: + result = d.get(key, value) + if result is sentinel: + result = value + elif key not in common: + result = object.__getattribute__(self, key) + elif self._legacy: + result = self._legacy.get(key) + else: + result = self._data.get(key) + return result + + def _validate_value(self, key, value, scheme=None): + if key in self.SYNTAX_VALIDATORS: + pattern, exclusions = self.SYNTAX_VALIDATORS[key] + if (scheme or self.scheme) not in exclusions: + m = pattern.match(value) + if not m: + raise MetadataInvalidError("'%s' is an invalid value for " + "the '%s' property" % (value, + key)) + + def __setattr__(self, key, value): + self._validate_value(key, value) + common = object.__getattribute__(self, 'common_keys') + mapped = object.__getattribute__(self, 'mapped_keys') + if key in mapped: + lk, _ = mapped[key] + if self._legacy: + if lk is None: + raise NotImplementedError + self._legacy[lk] = value + elif key not in ('commands', 'exports', 'modules', 'namespaces', + 'classifiers'): + self._data[key] = value + else: + # special cases for PEP 459 + d = self._data.setdefault('extensions', {}) + if key == 'commands': + d['python.commands'] = value + elif key == 'classifiers': + d = d.setdefault('python.details', {}) + d[key] = value + else: + d = d.setdefault('python.exports', {}) + d[key] = value + elif key not in common: + object.__setattr__(self, key, value) + else: + if key == 'keywords': + if isinstance(value, string_types): + value = value.strip() + if value: + value = value.split() + else: + value = [] + if self._legacy: + self._legacy[key] = value + else: + self._data[key] = value + + @property + def name_and_version(self): + return _get_name_and_version(self.name, self.version, True) + + @property + def provides(self): + if self._legacy: + result = self._legacy['Provides-Dist'] + else: + result = self._data.setdefault('provides', []) + s = '%s (%s)' % (self.name, self.version) + if s not in result: + result.append(s) + return result + + @provides.setter + def provides(self, value): + if self._legacy: + self._legacy['Provides-Dist'] = value + else: + self._data['provides'] = value + + def get_requirements(self, reqts, extras=None, env=None): + """ + Base method to get dependencies, given a set of extras + to satisfy and an optional environment context. + :param reqts: A list of sometimes-wanted dependencies, + perhaps dependent on extras and environment. + :param extras: A list of optional components being requested. + :param env: An optional environment for marker evaluation. + """ + if self._legacy: + result = reqts + else: + result = [] + extras = get_extras(extras or [], self.extras) + for d in reqts: + if 'extra' not in d and 'environment' not in d: + # unconditional + include = True + else: + if 'extra' not in d: + # Not extra-dependent - only environment-dependent + include = True + else: + include = d.get('extra') in extras + if include: + # Not excluded because of extras, check environment + marker = d.get('environment') + if marker: + include = interpret(marker, env) + if include: + result.extend(d['requires']) + for key in ('build', 'dev', 'test'): + e = ':%s:' % key + if e in extras: + extras.remove(e) + # A recursive call, but it should terminate since 'test' + # has been removed from the extras + reqts = self._data.get('%s_requires' % key, []) + result.extend(self.get_requirements(reqts, extras=extras, + env=env)) + return result + + @property + def dictionary(self): + if self._legacy: + return self._from_legacy() + return self._data + + @property + def dependencies(self): + if self._legacy: + raise NotImplementedError + else: + return extract_by_key(self._data, self.DEPENDENCY_KEYS) + + @dependencies.setter + def dependencies(self, value): + if self._legacy: + raise NotImplementedError + else: + self._data.update(value) + + def _validate_mapping(self, mapping, scheme): + if mapping.get('metadata_version') != self.METADATA_VERSION: + raise MetadataUnrecognizedVersionError() + missing = [] + for key, exclusions in self.MANDATORY_KEYS.items(): + if key not in mapping: + if scheme not in exclusions: + missing.append(key) + if missing: + msg = 'Missing metadata items: %s' % ', '.join(missing) + raise MetadataMissingError(msg) + for k, v in mapping.items(): + self._validate_value(k, v, scheme) + + def validate(self): + if self._legacy: + missing, warnings = self._legacy.check(True) + if missing or warnings: + logger.warning('Metadata: missing: %s, warnings: %s', + missing, warnings) + else: + self._validate_mapping(self._data, self.scheme) + + def todict(self): + if self._legacy: + return self._legacy.todict(True) + else: + result = extract_by_key(self._data, self.INDEX_KEYS) + return result + + def _from_legacy(self): + assert self._legacy and not self._data + result = { + 'metadata_version': self.METADATA_VERSION, + 'generator': self.GENERATOR, + } + lmd = self._legacy.todict(True) # skip missing ones + for k in ('name', 'version', 'license', 'summary', 'description', + 'classifier'): + if k in lmd: + if k == 'classifier': + nk = 'classifiers' + else: + nk = k + result[nk] = lmd[k] + kw = lmd.get('Keywords', []) + if kw == ['']: + kw = [] + result['keywords'] = kw + keys = (('requires_dist', 'run_requires'), + ('setup_requires_dist', 'build_requires')) + for ok, nk in keys: + if ok in lmd and lmd[ok]: + result[nk] = [{'requires': lmd[ok]}] + result['provides'] = self.provides + author = {} + maintainer = {} + return result + + LEGACY_MAPPING = { + 'name': 'Name', + 'version': 'Version', + ('extensions', 'python.details', 'license'): 'License', + 'summary': 'Summary', + 'description': 'Description', + ('extensions', 'python.project', 'project_urls', 'Home'): 'Home-page', + ('extensions', 'python.project', 'contacts', 0, 'name'): 'Author', + ('extensions', 'python.project', 'contacts', 0, 'email'): 'Author-email', + 'source_url': 'Download-URL', + ('extensions', 'python.details', 'classifiers'): 'Classifier', + } + + def _to_legacy(self): + def process_entries(entries): + reqts = set() + for e in entries: + extra = e.get('extra') + env = e.get('environment') + rlist = e['requires'] + for r in rlist: + if not env and not extra: + reqts.add(r) + else: + marker = '' + if extra: + marker = 'extra == "%s"' % extra + if env: + if marker: + marker = '(%s) and %s' % (env, marker) + else: + marker = env + reqts.add(';'.join((r, marker))) + return reqts + + assert self._data and not self._legacy + result = LegacyMetadata() + nmd = self._data + # import pdb; pdb.set_trace() + for nk, ok in self.LEGACY_MAPPING.items(): + if not isinstance(nk, tuple): + if nk in nmd: + result[ok] = nmd[nk] + else: + d = nmd + found = True + for k in nk: + try: + d = d[k] + except (KeyError, IndexError): + found = False + break + if found: + result[ok] = d + r1 = process_entries(self.run_requires + self.meta_requires) + r2 = process_entries(self.build_requires + self.dev_requires) + if self.extras: + result['Provides-Extra'] = sorted(self.extras) + result['Requires-Dist'] = sorted(r1) + result['Setup-Requires-Dist'] = sorted(r2) + # TODO: any other fields wanted + return result + + def write(self, path=None, fileobj=None, legacy=False, skip_unknown=True): + if [path, fileobj].count(None) != 1: + raise ValueError('Exactly one of path and fileobj is needed') + self.validate() + if legacy: + if self._legacy: + legacy_md = self._legacy + else: + legacy_md = self._to_legacy() + if path: + legacy_md.write(path, skip_unknown=skip_unknown) + else: + legacy_md.write_file(fileobj, skip_unknown=skip_unknown) + else: + if self._legacy: + d = self._from_legacy() + else: + d = self._data + if fileobj: + json.dump(d, fileobj, ensure_ascii=True, indent=2, + sort_keys=True) + else: + with codecs.open(path, 'w', 'utf-8') as f: + json.dump(d, f, ensure_ascii=True, indent=2, + sort_keys=True) + + def add_requirements(self, requirements): + if self._legacy: + self._legacy.add_requirements(requirements) + else: + run_requires = self._data.setdefault('run_requires', []) + always = None + for entry in run_requires: + if 'environment' not in entry and 'extra' not in entry: + always = entry + break + if always is None: + always = { 'requires': requirements } + run_requires.insert(0, always) + else: + rset = set(always['requires']) | set(requirements) + always['requires'] = sorted(rset) + + def __repr__(self): + name = self.name or '(no name)' + version = self.version or 'no version' + return '<%s %s %s (%s)>' % (self.__class__.__name__, + self.metadata_version, name, version) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/resources.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/resources.py new file mode 100644 index 000000000..fef52aa10 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/resources.py @@ -0,0 +1,358 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2013-2017 Vinay Sajip. +# Licensed to the Python Software Foundation under a contributor agreement. +# See LICENSE.txt and CONTRIBUTORS.txt. +# +from __future__ import unicode_literals + +import bisect +import io +import logging +import os +import pkgutil +import sys +import types +import zipimport + +from . import DistlibException +from .util import cached_property, get_cache_base, Cache + +logger = logging.getLogger(__name__) + + +cache = None # created when needed + + +class ResourceCache(Cache): + def __init__(self, base=None): + if base is None: + # Use native string to avoid issues on 2.x: see Python #20140. + base = os.path.join(get_cache_base(), str('resource-cache')) + super(ResourceCache, self).__init__(base) + + def is_stale(self, resource, path): + """ + Is the cache stale for the given resource? + + :param resource: The :class:`Resource` being cached. + :param path: The path of the resource in the cache. + :return: True if the cache is stale. + """ + # Cache invalidation is a hard problem :-) + return True + + def get(self, resource): + """ + Get a resource into the cache, + + :param resource: A :class:`Resource` instance. + :return: The pathname of the resource in the cache. + """ + prefix, path = resource.finder.get_cache_info(resource) + if prefix is None: + result = path + else: + result = os.path.join(self.base, self.prefix_to_dir(prefix), path) + dirname = os.path.dirname(result) + if not os.path.isdir(dirname): + os.makedirs(dirname) + if not os.path.exists(result): + stale = True + else: + stale = self.is_stale(resource, path) + if stale: + # write the bytes of the resource to the cache location + with open(result, 'wb') as f: + f.write(resource.bytes) + return result + + +class ResourceBase(object): + def __init__(self, finder, name): + self.finder = finder + self.name = name + + +class Resource(ResourceBase): + """ + A class representing an in-package resource, such as a data file. This is + not normally instantiated by user code, but rather by a + :class:`ResourceFinder` which manages the resource. + """ + is_container = False # Backwards compatibility + + def as_stream(self): + """ + Get the resource as a stream. + + This is not a property to make it obvious that it returns a new stream + each time. + """ + return self.finder.get_stream(self) + + @cached_property + def file_path(self): + global cache + if cache is None: + cache = ResourceCache() + return cache.get(self) + + @cached_property + def bytes(self): + return self.finder.get_bytes(self) + + @cached_property + def size(self): + return self.finder.get_size(self) + + +class ResourceContainer(ResourceBase): + is_container = True # Backwards compatibility + + @cached_property + def resources(self): + return self.finder.get_resources(self) + + +class ResourceFinder(object): + """ + Resource finder for file system resources. + """ + + if sys.platform.startswith('java'): + skipped_extensions = ('.pyc', '.pyo', '.class') + else: + skipped_extensions = ('.pyc', '.pyo') + + def __init__(self, module): + self.module = module + self.loader = getattr(module, '__loader__', None) + self.base = os.path.dirname(getattr(module, '__file__', '')) + + def _adjust_path(self, path): + return os.path.realpath(path) + + def _make_path(self, resource_name): + # Issue #50: need to preserve type of path on Python 2.x + # like os.path._get_sep + if isinstance(resource_name, bytes): # should only happen on 2.x + sep = b'/' + else: + sep = '/' + parts = resource_name.split(sep) + parts.insert(0, self.base) + result = os.path.join(*parts) + return self._adjust_path(result) + + def _find(self, path): + return os.path.exists(path) + + def get_cache_info(self, resource): + return None, resource.path + + def find(self, resource_name): + path = self._make_path(resource_name) + if not self._find(path): + result = None + else: + if self._is_directory(path): + result = ResourceContainer(self, resource_name) + else: + result = Resource(self, resource_name) + result.path = path + return result + + def get_stream(self, resource): + return open(resource.path, 'rb') + + def get_bytes(self, resource): + with open(resource.path, 'rb') as f: + return f.read() + + def get_size(self, resource): + return os.path.getsize(resource.path) + + def get_resources(self, resource): + def allowed(f): + return (f != '__pycache__' and not + f.endswith(self.skipped_extensions)) + return set([f for f in os.listdir(resource.path) if allowed(f)]) + + def is_container(self, resource): + return self._is_directory(resource.path) + + _is_directory = staticmethod(os.path.isdir) + + def iterator(self, resource_name): + resource = self.find(resource_name) + if resource is not None: + todo = [resource] + while todo: + resource = todo.pop(0) + yield resource + if resource.is_container: + rname = resource.name + for name in resource.resources: + if not rname: + new_name = name + else: + new_name = '/'.join([rname, name]) + child = self.find(new_name) + if child.is_container: + todo.append(child) + else: + yield child + + +class ZipResourceFinder(ResourceFinder): + """ + Resource finder for resources in .zip files. + """ + def __init__(self, module): + super(ZipResourceFinder, self).__init__(module) + archive = self.loader.archive + self.prefix_len = 1 + len(archive) + # PyPy doesn't have a _files attr on zipimporter, and you can't set one + if hasattr(self.loader, '_files'): + self._files = self.loader._files + else: + self._files = zipimport._zip_directory_cache[archive] + self.index = sorted(self._files) + + def _adjust_path(self, path): + return path + + def _find(self, path): + path = path[self.prefix_len:] + if path in self._files: + result = True + else: + if path and path[-1] != os.sep: + path = path + os.sep + i = bisect.bisect(self.index, path) + try: + result = self.index[i].startswith(path) + except IndexError: + result = False + if not result: + logger.debug('_find failed: %r %r', path, self.loader.prefix) + else: + logger.debug('_find worked: %r %r', path, self.loader.prefix) + return result + + def get_cache_info(self, resource): + prefix = self.loader.archive + path = resource.path[1 + len(prefix):] + return prefix, path + + def get_bytes(self, resource): + return self.loader.get_data(resource.path) + + def get_stream(self, resource): + return io.BytesIO(self.get_bytes(resource)) + + def get_size(self, resource): + path = resource.path[self.prefix_len:] + return self._files[path][3] + + def get_resources(self, resource): + path = resource.path[self.prefix_len:] + if path and path[-1] != os.sep: + path += os.sep + plen = len(path) + result = set() + i = bisect.bisect(self.index, path) + while i < len(self.index): + if not self.index[i].startswith(path): + break + s = self.index[i][plen:] + result.add(s.split(os.sep, 1)[0]) # only immediate children + i += 1 + return result + + def _is_directory(self, path): + path = path[self.prefix_len:] + if path and path[-1] != os.sep: + path += os.sep + i = bisect.bisect(self.index, path) + try: + result = self.index[i].startswith(path) + except IndexError: + result = False + return result + + +_finder_registry = { + type(None): ResourceFinder, + zipimport.zipimporter: ZipResourceFinder +} + +try: + # In Python 3.6, _frozen_importlib -> _frozen_importlib_external + try: + import _frozen_importlib_external as _fi + except ImportError: + import _frozen_importlib as _fi + _finder_registry[_fi.SourceFileLoader] = ResourceFinder + _finder_registry[_fi.FileFinder] = ResourceFinder + # See issue #146 + _finder_registry[_fi.SourcelessFileLoader] = ResourceFinder + del _fi +except (ImportError, AttributeError): + pass + + +def register_finder(loader, finder_maker): + _finder_registry[type(loader)] = finder_maker + + +_finder_cache = {} + + +def finder(package): + """ + Return a resource finder for a package. + :param package: The name of the package. + :return: A :class:`ResourceFinder` instance for the package. + """ + if package in _finder_cache: + result = _finder_cache[package] + else: + if package not in sys.modules: + __import__(package) + module = sys.modules[package] + path = getattr(module, '__path__', None) + if path is None: + raise DistlibException('You cannot get a finder for a module, ' + 'only for a package') + loader = getattr(module, '__loader__', None) + finder_maker = _finder_registry.get(type(loader)) + if finder_maker is None: + raise DistlibException('Unable to locate finder for %r' % package) + result = finder_maker(module) + _finder_cache[package] = result + return result + + +_dummy_module = types.ModuleType(str('__dummy__')) + + +def finder_for_path(path): + """ + Return a resource finder for a path, which should represent a container. + + :param path: The path. + :return: A :class:`ResourceFinder` instance for the path. + """ + result = None + # calls any path hooks, gets importer into cache + pkgutil.get_importer(path) + loader = sys.path_importer_cache.get(path) + finder = _finder_registry.get(type(loader)) + if finder: + module = _dummy_module + module.__file__ = os.path.join(path, '') + module.__loader__ = loader + result = finder(module) + return result diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/scripts.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/scripts.py new file mode 100644 index 000000000..1ac01dde5 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/scripts.py @@ -0,0 +1,423 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2013-2015 Vinay Sajip. +# Licensed to the Python Software Foundation under a contributor agreement. +# See LICENSE.txt and CONTRIBUTORS.txt. +# +from io import BytesIO +import logging +import os +import re +import struct +import sys + +from .compat import sysconfig, detect_encoding, ZipFile +from .resources import finder +from .util import (FileOperator, get_export_entry, convert_path, + get_executable, in_venv) + +logger = logging.getLogger(__name__) + +_DEFAULT_MANIFEST = ''' + + + + + + + + + + + + +'''.strip() + +# check if Python is called on the first line with this expression +FIRST_LINE_RE = re.compile(b'^#!.*pythonw?[0-9.]*([ \t].*)?$') +SCRIPT_TEMPLATE = r'''# -*- coding: utf-8 -*- +import re +import sys +from %(module)s import %(import_name)s +if __name__ == '__main__': + sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0]) + sys.exit(%(func)s()) +''' + + +def enquote_executable(executable): + if ' ' in executable: + # make sure we quote only the executable in case of env + # for example /usr/bin/env "/dir with spaces/bin/jython" + # instead of "/usr/bin/env /dir with spaces/bin/jython" + # otherwise whole + if executable.startswith('/usr/bin/env '): + env, _executable = executable.split(' ', 1) + if ' ' in _executable and not _executable.startswith('"'): + executable = '%s "%s"' % (env, _executable) + else: + if not executable.startswith('"'): + executable = '"%s"' % executable + return executable + +# Keep the old name around (for now), as there is at least one project using it! +_enquote_executable = enquote_executable + +class ScriptMaker(object): + """ + A class to copy or create scripts from source scripts or callable + specifications. + """ + script_template = SCRIPT_TEMPLATE + + executable = None # for shebangs + + def __init__(self, source_dir, target_dir, add_launchers=True, + dry_run=False, fileop=None): + self.source_dir = source_dir + self.target_dir = target_dir + self.add_launchers = add_launchers + self.force = False + self.clobber = False + # It only makes sense to set mode bits on POSIX. + self.set_mode = (os.name == 'posix') or (os.name == 'java' and + os._name == 'posix') + self.variants = set(('', 'X.Y')) + self._fileop = fileop or FileOperator(dry_run) + + self._is_nt = os.name == 'nt' or ( + os.name == 'java' and os._name == 'nt') + self.version_info = sys.version_info + + def _get_alternate_executable(self, executable, options): + if options.get('gui', False) and self._is_nt: # pragma: no cover + dn, fn = os.path.split(executable) + fn = fn.replace('python', 'pythonw') + executable = os.path.join(dn, fn) + return executable + + if sys.platform.startswith('java'): # pragma: no cover + def _is_shell(self, executable): + """ + Determine if the specified executable is a script + (contains a #! line) + """ + try: + with open(executable) as fp: + return fp.read(2) == '#!' + except (OSError, IOError): + logger.warning('Failed to open %s', executable) + return False + + def _fix_jython_executable(self, executable): + if self._is_shell(executable): + # Workaround for Jython is not needed on Linux systems. + import java + + if java.lang.System.getProperty('os.name') == 'Linux': + return executable + elif executable.lower().endswith('jython.exe'): + # Use wrapper exe for Jython on Windows + return executable + return '/usr/bin/env %s' % executable + + def _build_shebang(self, executable, post_interp): + """ + Build a shebang line. In the simple case (on Windows, or a shebang line + which is not too long or contains spaces) use a simple formulation for + the shebang. Otherwise, use /bin/sh as the executable, with a contrived + shebang which allows the script to run either under Python or sh, using + suitable quoting. Thanks to Harald Nordgren for his input. + + See also: http://www.in-ulm.de/~mascheck/various/shebang/#length + https://hg.mozilla.org/mozilla-central/file/tip/mach + """ + if os.name != 'posix': + simple_shebang = True + else: + # Add 3 for '#!' prefix and newline suffix. + shebang_length = len(executable) + len(post_interp) + 3 + if sys.platform == 'darwin': + max_shebang_length = 512 + else: + max_shebang_length = 127 + simple_shebang = ((b' ' not in executable) and + (shebang_length <= max_shebang_length)) + + if simple_shebang: + result = b'#!' + executable + post_interp + b'\n' + else: + result = b'#!/bin/sh\n' + result += b"'''exec' " + executable + post_interp + b' "$0" "$@"\n' + result += b"' '''" + return result + + def _get_shebang(self, encoding, post_interp=b'', options=None): + enquote = True + if self.executable: + executable = self.executable + enquote = False # assume this will be taken care of + elif not sysconfig.is_python_build(): + executable = get_executable() + elif in_venv(): # pragma: no cover + executable = os.path.join(sysconfig.get_path('scripts'), + 'python%s' % sysconfig.get_config_var('EXE')) + else: # pragma: no cover + executable = os.path.join( + sysconfig.get_config_var('BINDIR'), + 'python%s%s' % (sysconfig.get_config_var('VERSION'), + sysconfig.get_config_var('EXE'))) + if options: + executable = self._get_alternate_executable(executable, options) + + if sys.platform.startswith('java'): # pragma: no cover + executable = self._fix_jython_executable(executable) + + # Normalise case for Windows - COMMENTED OUT + # executable = os.path.normcase(executable) + # N.B. The normalising operation above has been commented out: See + # issue #124. Although paths in Windows are generally case-insensitive, + # they aren't always. For example, a path containing a ẞ (which is a + # LATIN CAPITAL LETTER SHARP S - U+1E9E) is normcased to ß (which is a + # LATIN SMALL LETTER SHARP S' - U+00DF). The two are not considered by + # Windows as equivalent in path names. + + # If the user didn't specify an executable, it may be necessary to + # cater for executable paths with spaces (not uncommon on Windows) + if enquote: + executable = enquote_executable(executable) + # Issue #51: don't use fsencode, since we later try to + # check that the shebang is decodable using utf-8. + executable = executable.encode('utf-8') + # in case of IronPython, play safe and enable frames support + if (sys.platform == 'cli' and '-X:Frames' not in post_interp + and '-X:FullFrames' not in post_interp): # pragma: no cover + post_interp += b' -X:Frames' + shebang = self._build_shebang(executable, post_interp) + # Python parser starts to read a script using UTF-8 until + # it gets a #coding:xxx cookie. The shebang has to be the + # first line of a file, the #coding:xxx cookie cannot be + # written before. So the shebang has to be decodable from + # UTF-8. + try: + shebang.decode('utf-8') + except UnicodeDecodeError: # pragma: no cover + raise ValueError( + 'The shebang (%r) is not decodable from utf-8' % shebang) + # If the script is encoded to a custom encoding (use a + # #coding:xxx cookie), the shebang has to be decodable from + # the script encoding too. + if encoding != 'utf-8': + try: + shebang.decode(encoding) + except UnicodeDecodeError: # pragma: no cover + raise ValueError( + 'The shebang (%r) is not decodable ' + 'from the script encoding (%r)' % (shebang, encoding)) + return shebang + + def _get_script_text(self, entry): + return self.script_template % dict(module=entry.prefix, + import_name=entry.suffix.split('.')[0], + func=entry.suffix) + + manifest = _DEFAULT_MANIFEST + + def get_manifest(self, exename): + base = os.path.basename(exename) + return self.manifest % base + + def _write_script(self, names, shebang, script_bytes, filenames, ext): + use_launcher = self.add_launchers and self._is_nt + linesep = os.linesep.encode('utf-8') + if not shebang.endswith(linesep): + shebang += linesep + if not use_launcher: + script_bytes = shebang + script_bytes + else: # pragma: no cover + if ext == 'py': + launcher = self._get_launcher('t') + else: + launcher = self._get_launcher('w') + stream = BytesIO() + with ZipFile(stream, 'w') as zf: + zf.writestr('__main__.py', script_bytes) + zip_data = stream.getvalue() + script_bytes = launcher + shebang + zip_data + for name in names: + outname = os.path.join(self.target_dir, name) + if use_launcher: # pragma: no cover + n, e = os.path.splitext(outname) + if e.startswith('.py'): + outname = n + outname = '%s.exe' % outname + try: + self._fileop.write_binary_file(outname, script_bytes) + except Exception: + # Failed writing an executable - it might be in use. + logger.warning('Failed to write executable - trying to ' + 'use .deleteme logic') + dfname = '%s.deleteme' % outname + if os.path.exists(dfname): + os.remove(dfname) # Not allowed to fail here + os.rename(outname, dfname) # nor here + self._fileop.write_binary_file(outname, script_bytes) + logger.debug('Able to replace executable using ' + '.deleteme logic') + try: + os.remove(dfname) + except Exception: + pass # still in use - ignore error + else: + if self._is_nt and not outname.endswith('.' + ext): # pragma: no cover + outname = '%s.%s' % (outname, ext) + if os.path.exists(outname) and not self.clobber: + logger.warning('Skipping existing file %s', outname) + continue + self._fileop.write_binary_file(outname, script_bytes) + if self.set_mode: + self._fileop.set_executable_mode([outname]) + filenames.append(outname) + + variant_separator = '-' + + def get_script_filenames(self, name): + result = set() + if '' in self.variants: + result.add(name) + if 'X' in self.variants: + result.add('%s%s' % (name, self.version_info[0])) + if 'X.Y' in self.variants: + result.add('%s%s%s.%s' % (name, self.variant_separator, + self.version_info[0], self.version_info[1])) + return result + + def _make_script(self, entry, filenames, options=None): + post_interp = b'' + if options: + args = options.get('interpreter_args', []) + if args: + args = ' %s' % ' '.join(args) + post_interp = args.encode('utf-8') + shebang = self._get_shebang('utf-8', post_interp, options=options) + script = self._get_script_text(entry).encode('utf-8') + scriptnames = self.get_script_filenames(entry.name) + if options and options.get('gui', False): + ext = 'pyw' + else: + ext = 'py' + self._write_script(scriptnames, shebang, script, filenames, ext) + + def _copy_script(self, script, filenames): + adjust = False + script = os.path.join(self.source_dir, convert_path(script)) + outname = os.path.join(self.target_dir, os.path.basename(script)) + if not self.force and not self._fileop.newer(script, outname): + logger.debug('not copying %s (up-to-date)', script) + return + + # Always open the file, but ignore failures in dry-run mode -- + # that way, we'll get accurate feedback if we can read the + # script. + try: + f = open(script, 'rb') + except IOError: # pragma: no cover + if not self.dry_run: + raise + f = None + else: + first_line = f.readline() + if not first_line: # pragma: no cover + logger.warning('%s is an empty file (skipping)', script) + return + + match = FIRST_LINE_RE.match(first_line.replace(b'\r\n', b'\n')) + if match: + adjust = True + post_interp = match.group(1) or b'' + + if not adjust: + if f: + f.close() + self._fileop.copy_file(script, outname) + if self.set_mode: + self._fileop.set_executable_mode([outname]) + filenames.append(outname) + else: + logger.info('copying and adjusting %s -> %s', script, + self.target_dir) + if not self._fileop.dry_run: + encoding, lines = detect_encoding(f.readline) + f.seek(0) + shebang = self._get_shebang(encoding, post_interp) + if b'pythonw' in first_line: # pragma: no cover + ext = 'pyw' + else: + ext = 'py' + n = os.path.basename(outname) + self._write_script([n], shebang, f.read(), filenames, ext) + if f: + f.close() + + @property + def dry_run(self): + return self._fileop.dry_run + + @dry_run.setter + def dry_run(self, value): + self._fileop.dry_run = value + + if os.name == 'nt' or (os.name == 'java' and os._name == 'nt'): # pragma: no cover + # Executable launcher support. + # Launchers are from https://bitbucket.org/vinay.sajip/simple_launcher/ + + def _get_launcher(self, kind): + if struct.calcsize('P') == 8: # 64-bit + bits = '64' + else: + bits = '32' + name = '%s%s.exe' % (kind, bits) + # Issue 31: don't hardcode an absolute package name, but + # determine it relative to the current package + distlib_package = __name__.rsplit('.', 1)[0] + resource = finder(distlib_package).find(name) + if not resource: + msg = ('Unable to find resource %s in package %s' % (name, + distlib_package)) + raise ValueError(msg) + return resource.bytes + + # Public API follows + + def make(self, specification, options=None): + """ + Make a script. + + :param specification: The specification, which is either a valid export + entry specification (to make a script from a + callable) or a filename (to make a script by + copying from a source location). + :param options: A dictionary of options controlling script generation. + :return: A list of all absolute pathnames written to. + """ + filenames = [] + entry = get_export_entry(specification) + if entry is None: + self._copy_script(specification, filenames) + else: + self._make_script(entry, filenames, options=options) + return filenames + + def make_multiple(self, specifications, options=None): + """ + Take a list of specifications and make scripts from them, + :param specifications: A list of specifications. + :return: A list of all absolute pathnames written to, + """ + filenames = [] + for specification in specifications: + filenames.extend(self.make(specification, options)) + return filenames diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/t32.exe b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/t32.exe new file mode 100644 index 0000000000000000000000000000000000000000..8932a18e4596952373a38c60b81b7116d4ef9ee8 GIT binary patch literal 96768 zcmeFaeSB2awLg3&Gf5_4k~2Vp;XOi7B#6;~5{KX*Oo&QwFfv1g09K6SNEP86z)B$T zWNc0jqu8r$y;oW(+DogqrLDa95=;nYprS^6qs3}$sqXP`HI^6#i8;UT+UHCX)Z5$V z^LbwWdC<(+XYaM&)?Rz4eT?bf^RzDLUc-tGBo<-7CmygPs1jg|S|zh~9$ z)3UNM3#_8I{_g1d!yUhvl>A%zv#Tc^!TVbk8I$7tIcrjkKb@0)hiB`q%O|~t=i!c> zlYY$OT^9UI>v;`--gM_}Au98mJ@ESkVSz1G*mCjL%aUoGLW*sOEmIKQMa+|Cto;f+ z-T0$U5;iEDA_%F1jUxJ=LI>V~ysLU`z@xXG0}?D{;LrXCMG8eZHenV8R@#K8{1o`c zzZRR&n1N<|AqZo>ku><#FWSx@qb@;MVm56sSbun$bo)jLZ=>GE54DT>N`pS=Up`tj zZSAUCrCTwsQ;~o&g=zTvGyVqs^8z8$Ofccll}N}(#Z;#A{00E7W!lR_gos}J><*Bnawx}4@P}q)&JkExL|lv4&zgr&qAP4O za)mChpjGr1zsA0gsdc2ytO-T@&o!MpzouUVk~Ja0AKFMY3CWrc=6**__GC?3g)>-e zM9X^p;(^qbX>$bsB32I)McX1R(&*I?9 zO$`J?KSiBUUvIGyTIoR{YHhDt+r{ogHN{6fG4avX(35~z#Ks$j5l#sjaxeR0G&m`q z-FbrWxawo6y?utE94b&3pHh7ZPpsCi)+PX%AfQ7gaL55l58Eo)8##hdsdcdul&2iZ z_r#%|Tvx)%5 zMDAvHqXIlp#k**h)>Yi%IU_#S5_$>UP~}s8wwR)QrwV=D;Z#&x1>naA>SZBxT{$#W zt2k+|=nM;&R4_xv|Gmlw0y{H`_xxq*OptnGLuJ6z;n6JzI#K?a;{iYW@@vDW(T42r zMFg-?gE2@|tGo1@sSAXv`%;Qq!UAZom;KT#ke9V*xFBc=G&eT7g%|WJ3PJ(VdE*T| zyGCp0;(L>2}rEMTLwXi;TXmsujyQ4JxNxf$%g#b{6-ja)SLGq+eA9 zniv}hg-Yj`L>@qLz{quif{`MX>GuXh!Vsc_Za=8O&k8tByEQ(Bk8`@p@$|{pMSThX z%WgmtCFuEsibQ_~ij;E*Fc@IVfgq5ir(J$qw-@)6QG3(C{i{}J?PhZWT9=WVgN7&< z3E`BmEi446D8G?gPV=iP(j&W!TrUA6(qvm1@|omIlX%#UkZ%rkA%hT_I|fk2EnYMI zWTO7m`~CC&klIji9B-Hil>yA0U{IY`FviH8NtGOr&MR>H!)x%^=nrR98o5P?MzJns zQ-OPpoQgtqj9MrUJ@>QWy@pZ0wV;u>R1sm9=akHxF60c&b$H(L0E(R+^s_6f z2^Tr4R4`eaF$-Yf9^+j<5?8TqkVVWl(x|Z0&$bUWDP48}xYq=h-$I5gt=g%yJGFE1*U)~vgk7QO zR3^I>6j6L6(gHqL8S*1)5xWv?iQbA*%Kn>i=lF)RqSR6Ss8(f{bhagR+e1KN5Ko~SQl~+(o?-L}ay61hs z=vlD{J->%Yg{5eZ(M$1>==M%LYgE^@?dDR-{(^VycyUYQ1T7u=IZDPNt}3b!?=SAD z(q8o(Uzgi7wC<}c$yN7Nrj$O%b9n9NdW!Z1vh`554xa5}NEcOA!Dyr#?A+g;CKR3y zREC|Q_}4VArlXa#Mirm%oTfazJkRfuhmhPLQ>Ln_=pK63lx(L*KP~+iBuS18la|KG zpYUOv7@C|7B6$=<66SS>Q&yORwJDh)(|(4=%F`w@p5?;Ol4O>vcoq|W!FRw%BgcUU ze?Z+%PgV&Mr9~@ZQ0up%6hG_kq1Kmhz|ejwmMCl|fE~>=O($7B|d<^<46Z zMoxiwaWTQqYE99{j00a^04`9YY#BE}E)2VuM(5{;C-|8Qn-xMGM>hBr$J|EL0v^jL zH0oI4w~B~HPJ*COk{=~So9RW1Mg1u?np0^>sfiqszbriXWm{xsy594yANox6HEPYb}{ZC&TDx8lszW}M z31OWL<6@&rO#@eQpdab%3_%Hy33xGB-fOhQF5Ow<`J*%pBO&f{((rcGl(;3V;MHxw zRT1GT2lWsVoW+KP2054g8iiSis-RuKVMD(Gq+IJVar2=H8Hddz9tC6s*sy#WP1;C6 z9C8Ji?LxxbNp${Eq$r2Re6!~#Q7G^E9aM(dWZI2LmjWH&S~K#mp!IVlxB_NIUVx3H z-gTLav!5M-R92;?B|E!FxxH5iki3T437>ahPpfs&7NAGYEAjP8!`X3U0j@IH8wg;x zqB^&Cw1~D^?)SM{U>!3tPaR(g& zZ-#QpUEER`Eb+O;hNBp2kZ$CJJc^A)i><+E0ZH!1&~J%9Ljbj|h#`FlAvPyk(Z!08 z0Qpzhm?Ow@3O^M0IXp^Y&e|*`amxlw?|gAz7ua$at>}mzLeXhFx&@1(QQ?;6)j&wN zrpD7Hwdpg7pv8T5KfCm5K|ogXJ>Ad7;vMvCuBFH(?gLsWXDa19Ebhbq?S-v%wY|b} zDP5~bD7UWpdIgq1vy-KM46P85?*lziPwS~8oaQfJ#ps^Z(|1Q&J=Jg1DqN8x(q9X| zK##J&(W4IZs6*Um`&N%yd5_SpW7Mt=sg1YmU}3919Q4H}5mAbQ35m`mDXEeqq;s7c z?g<2yQlddY&SP6=VbCtt{v4t0 z=+UD)S^~73=PXAN>HFz;N>B5&*QRUjJ1HgX@Uu=YHEQQmWwZ~F$AujMbq1xe*m()5 z;ZaMLw-q0Io{H8}cM!blN>N(#m4lA@vvuHLn?4QqEeC`f5JBx=Ya&&1MCu^WYF{az zjBouUO>=;P49V$fmmH`oMZFx^udP431{pTJzM{Bgc^kWJt{~KvZXy&)sq8X5j2ToH zbAxRU;&r@>p02eM>ibrr?hT`~*9#A~o=sI+-HX_cd4f>C&?VHNYkH>Ao{zm+2nbFN z7r2~~$f+Hnw7C6D0x%@5`f?K^TQ zBP)$)%2W>8u6R{it1z2%g&8Y))LA59#5yf2faM0fA7;PUi3;hy0JF zZ3O#wEwlL5myN!@&Gxg(7e?_LG=LuoHe0>asa@ZT@+V%QOCww3ZUkKjrs#)PM6WfL zwneY)TS32=mH6$&Z;}n7y~7mdte^Rpzku{H*}q3S5({^W77dnNA>W+{dQM|it;K?B zu2dHy6rXCNRSN6FXdh9e$LCy|&gBsO9iUGWG;ai@#i5s=% z*Qi_)Dan)nUfdG@EAUlW88!kh3n&$P$Dh(5AI6SEtw?xYl`mkln#Y7GfMZ`mTGE90 zZxAl2aIPE5D`g)dHasC-4d&>1b@SYCXYsKmXTDGpDQmBa&dYF?(nfE?aJHQaKICbW z#>9l9;J*4$Ka0~g5>Xj3f$*WUIKj=d<6z2JtP#bUGgW_(cWV(fGia>IVcj4Iv=F!) zO1rfH+iRYcX-7#^={(q0g}@y zoWz1@@xL3{h`m--_48LN3$Zr70=|guV*Rs5F6zr87A5BlFus51d!IZD080 zXGpHfF!qq;6@&?_!cyx1z=l2IZ)rTCcVPwO+Z)-yOHYt_@WHVU*A9@K~M71ncn zLyFes@%3(43Zy3j?9VrVoc-)C*PDH6k?toZxXR{B6du3C*Q*x<7$a6du{S9g9%%x| z#qcE>ZRp+&24oIjH#Sm{i%`4f%Za~4Yfr7qkTA?H8XhOR0PP3D*p%Uf>j`Le{9%Gx z=*rh(g<#ufWOuy5jB)FyAjA1dhVuiQPPtB&$ZqMf5;;ejQX=Qcm-5m@luqYd>;-gy z3V&@_|3I!mu(*XSMt+E6dF*zY?keFj?>uUG5Bn`TvKf$JQ)wW4Cv~1}2W2yvNPjk* zcA(B%I34D2adQnd^=Yc{gj!9ad9BlPjs(g!)I4*bQ73R{0CI`Hf+`>+RCA%TO?qFg zbp}}*ra~2nvuD1`E8i1j^DrD7<)f8EA4IT@)~`~*AU+!3`cazQ^%yN%dg}8VA-wg> zDcB-kLZdU1Kyx&{%yf=#?M$;fq9)*e4(KhYlXBQE(F}{;ucH=KoHR=zvVmBj2FH9)Bjr29-7k@!i@O`C^(LYgfyxA-ro`uzA;2HOT94^Kuj?RD z`5;K1x)eLceU3T$SdwhRwy4jEUn6%-7Z-}{7t+xW{Z+Uowp#Olk>+z_Mb2Sy%p$At zTM?uRu(P0iu-0_1421-#eJ7k=61jy1T6NME!c=CR|_&_ zrc5{$<>x&%yrT=?j=tW))-%UPw@mc)(s`~WAiFBTp0JvF&Vgi72b#W%E(<_1w*!X( z92k|;0D+JbB`X{_hF{^pA$5TLZ843G3uk7YHgW4YqTnDFWhXMp&cgYQ_#}k1bnQl` zcD(RUYIS$dK|A{LE|F9YCne?M@vR@H^~}4%Q3qOk)6=oet##F1ohjSqUh8>x?U%?y zGhZI9wZ)I4{Dxy2KWEiwoH-WpA0iHvYZDuuyOYjr}C6NRnzgRSRM zQB!oxcA`pbK{Y$CwFtG|hqGa@iUb>Bb_NVe&e!H+WpdgN>lt-3GiAHsb9y1*oIW$( zCFEl%^HL7ZA3wU8V<6IUUnXe*kT4_O)?Am;AWK`TUugKw$ zs7MG~U~`(U+wSXKPVzjs&o-LU$8bDC!n_l686%s^RwKe9J`q8xX)-Z`bR0@l(O!*S zrhtp#660H&;v>kx=gIpreYD$vE>6-sZr-`?i07S;4qG()+BeVy};(Ufws3|XMiqNw_&BG4myL7Mcmlr zx=Uo2JPZQUZ_ph~@^rp6l-=wj_qFj0U zIFQ=d;v+RGHg0`r&mu&d3mfYm!aD;g!V*HzsBZ`1ko`Dy z-Jx`TjuzO|GMAhkU~fQfvq4h7-7QoF*o`wl4`r^ZhL-!BN@p)%^bxyk(y(1lDf?GM z>~eanERXh7rgRiwU9^n**>j6P*XX7TYliq(Yjlo*eFunsHxd0`(E9U;egh&b5*uaq zOut5>!I3hRKAV)P^rgsuCc?L!wq^kqWiG3Y2f1;!^sTu-m#lm)cqxxH7fS1}jS>Rd zjMdm&(b}PJ2!aHrmCRU$2?aiT#MY0}(rT1h8%yP(IL~qV*(=L|XMUk7D(wyphfeY_lK(I;Y0-Hb zQ}k}2rGwDYo(b_bov|xX5J@Dx<}%+$%X~Z5rA3s^Pqn_pDHtRcT~e>YYJtTeMJ)nC zWj6NN9 zD{%?wAqv60TTH%?YKc)TI2TNwM?vo4Cvi8US#7uw3I^E_6o4L7fNCs^n-i^nQsuI( z1j0K}M76bZMDT?-l`aH6)ZQ(`nS>Ju=_%%^s${=W{)`TX<+lOA7Et~Pd=H?%#HTv1 zLV3f$IOecRk!(>?2kvEt#PoSRWiCaU8DPp4H1Y{nfFTaBa?pXF-Hbs7Q{p`R4MQKM zm5qU{JjBm_c?wvn83XaC#wE}>1E=0D8m956f&?0V@W&61Iph8Vs?xASh1E{*Vr)0*HpmTXh0QcG0_HTsLv%lgN5|L1Y7l#T&JXh|Rg>e0T ziXnv``P1iz*a)UE4>9ul%6ILSqio#8QzHilK~wMkZl zn=RlGi*G0L>}AGOK82j&(d>~aXs3}Yp(Q(?pred`UxkTwk|x?aw^>k5b{9dhg%}`= zh%=nQZlQ>&~)7y!jIpWu?!Dm#uEIpiE)b^be6~`k_f=n~QhQP$_&o&w4t^{u$MVD0VY}DHj-tWw z$G}uM(bb=tY)1zYIGj%#Ba^kTz3&YvK;&|wv$JuzRw?% zj`PQ*Z{zXA!>LYyXg*k)GqvH zIE0p1YBxd{MDwOhjT}do9gP#vn8^DG8o7-$0A3UUq&|ioRbkc0Z9rt`r7ye))*+~r z5&*4!X`+(YAYH&71RYwF&2jbRkZE#K;chDDfr4$Wg$=d6U~4upwGdL1C~uo zc|K%9BefGVfbJ;DT{!zzH#*dr>PDx!ag18-=7%m}cc_RsB-|T@Mayu6de1bJ030@u zaLjWV({~5hwokz#tN6R-*xlpBTIBKv*e5)?On*d6U`f?)3(sUDh_Pu|{7~8PI~<)Y z3_Xe6Pco~*k7KuD@5}H$?!tHB83sN0hTMlQTslMf_~UWpXDq(ur3!`abJ4 z1Ow)H?NOvvx24WQzHoLGDVt4f#hGk%8>2f)bR}(nVj}KK5ZA`8PDb^bQ7*Hd07I|n zEOn9UWDg)%1qHd6@KlQ+9?`jd@?U6MiC0) zsHL_04DfT#H>3Bv>8L78Tj;RAQS6$@TpywF3thNUG~atW@$SR@qNB#-#2EbOVy0I1 zYD=+{F}329a;{HW5xq``I+kh+9?Xf(dk|OAT_hqWaI2Q1y~n63RBDT~Z1irKulaDq zO`EmX>uL=_D$ua-4Q_%;RiX(2-h`{!eY^?XX7AeQ02lxCBS3L|$!+Vt--#o)(x1|f zMamD+lf4DWN;yR5xuUih>+?-UF2yT{aE9SR40{yqfv{e(#3c>mSL#9SE$uM-u^Ejs zRpN`^Xw~Tt&u`V==pEfGccOz+kdySojFL*1*l;5PRLfsmv?WeJPc0s)t#K)ReUb-dOjo|@lN_FZ zte+O0zCOC_4{mJ;TCCjf5agpF8}(u?c3m}s@I1o&gl>Jy61n9ReK&DHK zd&d~}<{9@+X1Nw1E}a(#f|c5*q;pezthlGxFy36scQT)9UudmhoCXGpryfDNVSEhj z1RyCa+!PAT^5S&=z<&w?T1r}ms|%brErQ-!4%=gLi0Xq*^HQ63HUajt>9kYnK!IFQ zXA_(7H?+4U-_yl6up%4A-@SNWiThM@1+-58<%N~O=&VQ{n2U0a@FIx`a(*RyW+Dnx z(=qLbN6T`;DY&s$)0U{XNGNmYS=u$~W~Vw^U7n{dci;*!1t+lBv3i%1`XcRHN!Nn! zfiEVh4^>gQ(#QbI$Jo}_xD482*5r{krc&b+s*-uI`gx@^Wg~PIM&Vw-$rkZW;YI=5 z4o|C`s$}DQ#z^a5Vm3Ok{`IR|W3qBF6L)7?EnUY%qq}fgfyIM*=u`%C;c!GAmW zZ#Vxv&VTpw-?#D0W`hn`9}eHu$P;)k*-oX%Q<#n@OX_$C!I|4hl~T&oBD?WaR<8M) z&dItnaVK(GIwtPRE*T=ds^@i zw?2;e=$y_PC9!0KDDG<&57bQ-FiM>wVOc!TaIhS&;q=yo;}$jYB=SJ?{b4?G83mD% z*Lg7_N|d^W_Wu+QHNyKA;eC$q-bNBUo_ZVqB!gt+RtUz@^$N2~SK_8pnpD_Ef~Z}L z97eJdC3t82rT(xZzPmqci$8^MJ%_2o?1(>x*Np9yCEkQ!jdFI1JXMJ~%z@Ch^s3F& z7Fz_XSP#hd`P>-UdQUZROdM3n4Yl#KFNawrHeAI6cZv*zWMaMzLWy4=fQIGAZyh(Fl-AWV|T4 zhlni}c^kjP0NEzUE%A@Ak>z+;B|dx^ggmjK1;2dXG#XISW`)g>+#rf7{5cET#K?!K zNN>%LaT23~Ov*N~;8mIly+U+*FCP3jT;1MdK2t_JS zQ#%B0553^_@F6$4)0EZ#Aw3NtlYNMLTc9)QTV=6VTUnXGn_t4`^QMmY2^6d_p!rL* zA4uT>ej)auJz&>_q!$1{ia{|4l+%;V+e4_gm{Q~^gr#d6BZu*fMt0%XuklBFSO#$v_YdLm{meRxLPZB zKu9Szu}ah}zKr1`R7k@fFFZIv9Pux(+$m2}gN67f2oFM`pRKtSn2C1~NMeonFzuDa zhEDt{iQC1k2YCD);zMzW(MsY@>0Tvqw=`Kv+#^PQfix2xb+HIBM6^MWZnY)`kf|@$ zuIg_x`)nl%qGH2s7#a(UlB-6G5GB*mpwkShX)(^~h#KSFG&YX%ZJeyRaJjK z^Dr?6LFD&C)OjwIhgt)I&doLFZ)H3Uq-}PD#!P+eCDf`HC~TeBa3?qk&4R5YtkBx= zA~MDz1aUE7&l_;?PK>~6K!%H!fOwArNaLVN%ObqLj&~>l<2ODZKo~OQ5F-^-G-i5h zzLaMoq^A{vgZT3NUfm(?o8SAmJ{-8DNc-bhE{_cWjgB1Ka=|7D$m@olIj$TN&ir|x zch*eUhLQP7J1(ab8y5Czp(sux%;{j1!kO|J^Lp<*n$X&Y#N@OK`RW?obB;ESJl)_6 zainES8bL^xYJ5N+zsVo0WOG)6LR*W}?OUnu$Dsyxwq$dfJxcg$%wDKBM^0=8|+H`v)|YOHqUW+~|Tx6E5wcW@b{buQZRhl_t zlkd_vLyw%;e5=+>T<|$ovF2AvcqGtaT@8hia|X=>@4&NTV&?GLO%-PGonWJxNv0>NfGW6)xx)<9^3h z2C28NbHngJ*qPLGCZ$nqWUf$3Nnccu#st`k9N-sm$GAp^l$IKBlnQj=w|mb&ph+IP(a&r7k~?2f0;J0O*ytkxA#W*O!UFA zcs)S#tSQHdxP|hW71nuB{i!in1qZf1*u_N{b|Zdcy~D_T5?$s>eY9Nmq9?^IjSbu^ z(CdkyJK~Md{)Eo7e{z5v{wL z=Gvf_+|VMwi{V;NHm%5n`uwPyK%qbr7T72pa}}ScL_A`_xPtx3L1e0AuT@iF^DF?Y z6$1bvoB~tHm24LWDj>XV^-(oFtu`sUZb8~uchlBXDpnub)0!gXQdB-gp`gaCX@oF6 zz3~YipuWDW-(;c@t3QhQIT~Dih$%;3uISK<c|G2c6~;kUBr4acE=%=u-eq9@By{1pOgRK8Xtc3ImDcHQ_0DB}RsH9>0fT z)UgG$>+kE6$Hh`92sB_C?nXf~t9vD%rChGhQu@A@hYbdK79jcwrLR{WM#n&2$3UWf zi1I=yBSAZ1t-W6}{Z#%SVkK2bQm|mFFdne%>4Ekc3_r8AHueGr61P1&&=_uh z&{?tJ5o(<8q|#DU+J)fSPwEZ!H3<(AAnOe>bP^jv2#fn-I68ffV@_-cASUW#FrDC& zg66|jh~hIeI(G~%v26vQ*JIa$zSa93>N;1+VkSOFbEdBLGZgt2LQ(nirtAh>B!K_~ zac>!B%8~f55FS*_3llN$6(>>5T}O&=MG*a+mj(&fsD({sHcYZh#J#hzmB1CUud}Ic zDiWRZJY!LsZN4Y5{!?gP;S!~8wjg(4;GpjUTSBF_(}5D!#I7kU0$OWLA?tL`1SG^+G+M4fa1?#Qr0c7k99y{X?+hBznRwYA|O3F zcii)RD6P)v^j;^Q)#f_bP-H==YNZoKzc?~Ad6vnl?k85I|7Xbzq7yN4GYZBjM?bSa z_9~wUIiWQ)5ys={LaFF9*jDW7==$P)MyKN1iV((}-HXXfhCg#1VndLIA|I2UU5z6o zC?jAG)=-AX=Nr*BObPAW>8F*6+%A(nhm2LY4DZAsMreRE`F&%3sDG9W)yhJp<~;GU z^w$8aE)P{|r8F~)_j=0K;7aaOWa~+#*=Z9af58i8$m6-mDLB`$b2=?NbDcY9@~3O( zEIf-_a09O-Qfu8c+Jd=mXdd_`BigIOt_>-r#I$R(nik}ZX>82Dh!Wyv0?nveFswY{ zFpZ6qFQ&AQ4L)o8n?0P*=Kh8+JW358OEbLEcrQ7lfg(XKLSu*1%GIV%g4T?jUw_W* zZY9g3Tx=0bF4($5xxEwTyq)Yl#I-4rNL$g~&DEC8UHxp!* zd~b6b6;2sNzYX|QDiRg(15bW>NX;NcWd#Y;G~$H+pEV123*^p#H;fJ#o!WyhpKzsMp`3JxD0S+XZ+V?q?hRh)K7XaglAltWsJV{?!EN_a5^Dw^j6*l~kL?z7Y=>&;X#Eg0 z0y-BzC7_ZOy-;MG?-+=#r)VX{hdLHuYw7j8F(wl$4~}g?71IM+k>`vwIjGKLVVde# z14jqgX9z+Qwo1k#xNVBL2(BX%)?&-)AQa<5s*=Qa{u4KyEDuvf>oOPMvNe$0He&%E z!)z42X0^2n7eHd8Rrm$uKz8;wUqTFbEHK)bF%Rs*yt~u7`T<%9pnZAUj@48pG^a;k zAHSd<(&$jKD8<-8(q-60L;=3VB;6{Bn_5GQXxOZ9bB{*H~VJcU4#>$rM zb|NFr*Nct$>gF7E^P2Vt4`WE@wm*0SrvBVmS%~-txXO>IN4)>UPX~(|087OcD755I(^15eCkT?x*%nm9>v4wNYz&wc=wNvp(0H8CxC%EVXfu?y8WQM- zR#t#YK;Qe@QJ7XX)qMN4`8M5rd%}F1WxhRRzIn~JI`eIw`L@=4D>vU(nQzNVX_%;z zN{RrwoP;GB4Q+FX%tX+IenHSMIew5`M8HX$W46*Ly#ak)iX*$D~>6odQk5Gl5@is6XY6LZcWrsG=bElUE?%mKD{=(fm|J3AxjnIbuUA`esf; ztTH47?nVTA+D5UIU7JDk7zb#4s#=XT%<{~}np1P9*;rl&`xpd@p}b8ir9-?>%VLzk zOEcaxI(8;!^}HlKKLMs=(R0!H^bBy6Gn#05Dg>qTX_>r&q;q)=cWW!mMTlEBD5rAB zqCsr^h2QSd2kVGb1eUzKygT%+YL70ips0`IA)(de+&Q>y(iv094c-j0rjoh%jG zZ*UAJn+P1!_9eg`1|5TYvPZGchW6uM48%>Wrf@d@wPV!`uv1WCL<_B5GOg9n`w>Al zZY>)d`xN6%+`M>X*VUS=CtQ8qRnQEIyJmRTM}C5tGjeqT;4@g0}4shsK#)pwkis#SOB&p^R{6L3&p zd$JLabwgpsq|u-gB77$u`o}R}=T;8Txy=IT902I#0H(50J~{)vb3wi&#(Ry)isg>c zl^zibYbMD6>5>z%=V(Q5V{wp$NrFHsG{Kzgw^$soDYK{zvGCvIWRE9f>Bs_y7OMH) zhF3bn_<{AxiJ8TTO(4@1Xh4-|r2Jcuz)_wGCEp6C$Ms4}pBDnIS4oUm3uR=hPH{_HSzp?rpdxfT4G6IJt$EmF3iDgzZ-^AM4A+(23FXdt!_R$L=$3nY2 zBGe09vPme@q=nH4k)|*yJ%HQp+>KMlBy*cVFa26uFct*kBkn>DeyZCzop4==Qw!i> z;W@C#lW0-c8_r)IV5>1IRaH>jYK0#ks1%5Jk8Y!Tx}Dr|X@&&*CC|ZiS1K*3O8GgX zCgwGSOtsvOz<43E-FqQkiW|!>(`FDn9Lq)h=jz+309aGKRvD}*srXoI$Of|DG|bZ~ zHrOc$&ms=!soL8P5F|N5`(RUw_Cd*5s;>5~mmBb)7P6y&<_af^lvGN~k2dlg>7Leg zms@R8R@#NSmE-G_mBoVDKK$lqqH&iAnusRZUq_=nZ>~KCE@@V==@)vM#w#nvmF(uV zq%y_D-({pK6~u5gWzcD01uUxMAwXFtPzIEiYG+{9rNv-q4tp;9bknGwGQ*98ueV8P zEOT&u$!M7ixlBDtvEd~QrcvfpdZgz;`XIwB^q7%$I>70obA&&d<_rCW5aZ;wGqpH7&=TOD z|9V+%-zdu}X?GPUD*?JLyUPERTMcc{HtJHwS^OUCTRiKwNYEBcw61SX;k81J1_ zjGRrAO`o7~+;q&8t4!MF1 z!=wy?lyN5a)lPw`+ zVd9jGlM6X6!1zq|Dqj#}wfm5j?d{Km$)*ocXY1I0evgupW09N;7on|fDD@Hx^X94= zh?+gaQ4pO^O{7Gu%Fggm79>+vI4L;Kd5LoBe==&F%3DIljqDAQbFi{*!^?nC>qr>2 z=CafQuw5pYeiwILfD<84VgtO74j8Xmmab5tfU&C|hyQ~uS!ckK^*bz8_wv<~h?!fe ziriAQaoKF+e=t;)(Fp4@HqUI&KQUDOH9CZ2lYT?hnf;l$ku;l(_wO)NJ$DFunPx0G z*g=t!@_c6C7MBcFtJs$a!BExD4OKbdqb6Ycyx9iU=K(X-SFJpgSS#hp(_t}p-)Q)x zBOo_>7Lk^b>Wu_>*cdnw{I-$mS+f#Lo`U@buG+EaqnuGhb=U}yxh+MQ3xko{#VMap z2r?mctse#foy_2+3@>g-aDTk^i}RJyp_INT3QgWZcs3C2t)q_&X|0OiawoZ{v|`hf zvGWkii(UlA313_jLA5IUuD}9z*8{MXd;|AtF@Z>#GhNWuWf*6uOJuR3_pD z9CRi|Kznu$@!#qD7z-MRpQiS;WN3X!L>>oH%jg@+?37n{w) zq|=*)p0i^mzy>A+t_ZIVBM7!lt3^<3sH4*1J8L!^^ujUL!o0%7b@007Ik$Oi5O{O3 zsivF_nNP1!4(Fp*V*K|(UtBqBNTZdr)S*OU6r1S zMyYAW`aEMjG^bakBM!cp)66E39~7}cLs4kI*zf=XFwlHJUIe5PB=xE&z^0kuKB)js zDK5kdM9u(|s7cCZL-7t=RS}-jt5)c#97#=HN5KQL9+1&Ira(%w3 zv>U^fZ7g(%du?;nY(0mIm!0qv=+3~%VEqQR`p+&-jnNi!TlH|?64iG~U3?M*F`6xf zbfVDkdYsZ2TQ)3&uLjRsrWPeuXfg6NPHo_9M4Hhw zuc#oUr6bYk>k|*Ol!qNv(#Ue${2n~hK~qBcYoEH2U25IgOgNOH!-myx%2rp~Co~Sx#OPd` zWlPdNFFQ3;@@rz#g6v5I?Bl@KG&(iWYvv$Oh(rQFCuPc$IOs(L3O7I~Hzx@SFbJXq zc2QRf$H#UABK@S|o{csh za1tBCo+U`RBCiE^;{0rdGpfrQ35{RNh3z(12;O%^D>( z{1z{>pz+dZpF0OQjz2<)zV33*;dOb@IW}^JK^{hs)NaqzW#C``zTtDD&A4wTk1Eh% z9o%X;(>(MCmjZT}AYG%S_n@ieQVxt^GNtF+?O9rSQ-#sEAT3p&> z594`5(~yQE8`I{-AH)k}HC*fKqLOfI8IH==X5S$09pbHfz7s;2AhD+5;@&@s2UL26 zbC)dkH{7%-0*e;g({V2e(cYxWG1Xkm5Nn~Yc`Oc=YMA2r~^m0TRP$kUUK8XM7oDy8BS z+2UYXqbmgWZx97LW-PU0M8og{KXJu;Y8T)vp$#_LcHCNbs|!XH>Ci5ghQPb;KP3vf z-iDr(NWR2C7JmY+l(SjV&>D3JxhZT(!N|w=AeK&nTl=v4A4kqhm6A-HRnb|3JDkb= z-VhNrP;Q?aZdN#zq>u;i|A|VLaw=Jzq>{-sFq_Skeh-Va8r4pek|0Wrx4|&o4^rHI(>xT=WgYsW5#Egg`oXO0vbgGG!k=K%69am5dmeV=ovMdfVu#N zK>`=ovW`wX{gR(E?4M61cuK~jb%K1&+Y?Z4E_;R-!I}6% zDuP_DXkND^;z6#;!G@H~b#EmTA~!@jw2*WZL*@VF>)15d`ge@4< z+(y)YRfjUxW-Fzuv9!Z0Lc9mv32JARuN-SHKl3N$BfI1(e6ta1^)@ALlY8Lxs?%w2 zrH31jKPrEF)3_P5b|61Su&#MGQb?&I@+<;L z!>6loVMAUmWSn58g6^wcAg^B}Iaxl$$bFdB)!LWJeTeNLp$TqA|HvJP{RhE~1oI*X zVvwTXs&bG6u@voKkGG&sjNFS!2wwIlvEdGcnuc2z!BK7z9NmxBG(Pq@ejAR74G-b= zWG>Diwv**=$)5M|D{j3Hkt-94Pa&!a|p7f0>smVW@8J6j1xnAAwj^Ds*Iknq?%1n7*btHPuNkBWz{U0 zQC&n&nD>msQ{6-Ka3LStXyhq`{o>w(es)n2_*|r=DMEBt1?Pm(4g{i{-dG+kb(`$4 zogf+{1MaKhT!xBt!ZhiFv23}ggt*<~j1^9E8my3~S zAfwkE%#TGHQ801{Cf&ya$ajX%bJLLOXGj`^@rUs`kSu2oBx#(ovG0>p>1vA1sZ2mO z^}V^D637l;Z0LgwjT7A=J5198ii8sq{KhyJp$5f|0)`t$O@Mfcc5f-fMFaJY+OH!K zI_=2u9TiDMWXa*@O2JXnu|3S|0qbWE-HJlV@<|#G!xBVMRr>Iz`Mr%C5T*xKq?yrl z91!0`)tNR>R41}~OdF`_W+#apxeXNcLCS#*)SHPxU7^ngm?IybilAi#MX-K$*Hnyu zJQva22&xnV0E;|6d@zEt^LQ9R?L#}s2x=1l?bV((bg9(fypMU9bncs;Z}VK9YwHeizGR5?_Bzd03=7g2V$1Qy_A1WD>18VKoo zAg*-n^}3QGDQH9~O5?xnwj!^7&2=@1=k`%YLH_rV`ds3c*C+O+d)xnx7 z)r)Q7mnN)PlhRD{P{3_GO)icoLi7xb10tjhbF41aN74PJ^;W3k3M54uYNmnJ(+Cpk z%vHRQccIXd;Hcw0tuCA{B=oU^7nt4oH?ki=j#Qe7BN*JQ>O+I0R%?C~QQGzn{6;yk z;DVf>Sj+q*b&*-sG?UOAD7=~K(MOuAoA&DNq8r(aZxsGF7$5-%tt1pnGLCKU)i|PI zjgAF_`_-Zdr*;W^a34q_B$x@aON&wS;AwbX~rH(J+Gzo4JoskBhgHynaaX> zu>4DXqQV`-82TtP1130)jRmcjflih3w)y29#|bcxleZ((g2&Xdl=8qDD+D_K@i zfNlR70G{S?RT^L6o9vBT41m)Aa4kymf;nfKI^t`Artc7(VKqijNlgUh32r;}x$G4_ zTjv$VNwAs1-(mc{g};%Aziz#EunUMEFGjB*JmUat0WKT+&;0ZX_!z{I3^ql$pHATP z2$!aGl45RR=>`vE@A9)*$W?`{7#sxAnV;p8-rP#!i*Am({IC0OPIu7;_G)D4-@xh+ z78Gn?JMiqUJN_uB^t=u1Aq(tR{a|bXg8%ylwvvtG9VDH|Z*EV?$hv=fdgDOJL9?>& z+Mc!{$=sgSP_gEQYEjQzmlxj&)6#J?4VAi_4a#&s8qw3RatE;E)<$gfc2z zeweCU*NmEd&J<;~0rh0%nkm5aHHg0)@l~XdwWWjfEOEcntEMO2?AD(;-)99p)a1}5 zEcR^}DR>r*M#;<$pBtjz?PQ>*MxN!r3I5B?C%ILr<=2AyoiKePuqIFryB_;}(`NaF;=+&p}J=m#XQ!D z-x|-mV#8B_52sYw&#KL2ISAH{UvcY3L}O=_^jdLH+*`Lh1N%SIYlX(kx~nBa+}lvp zf%veql{uE1w$h$<(|wGRNEd&Yg>vA>;uVb)9lqhmVmGzK@?h~k51W|jKsers{fM}a z@3+daW=hiw+ogiSRw;)spnH*;v4_Cp`w%oO!yWNw`op&P&k;6Fg6n9V+(tRLy?8u= zV2y&^R-uL?AxCm>Xh3kHsMhosg3T61#&1Rp7$Ab&xggCjR4KOx~29fuE#MdZW6JK)3OD3UBIXN2O-_`w&$R?9=} zXRT<+4e?(h+C+#u{_p+a{P;r%^Us=GDUZbWk>I^z7=#5YBXAV|J^{mT1y8-gOywrh z#ul{eMxJVIvmpD54W&E=8?EU)fSpz$4`8b`fd{bH8c6}uUKL+GLjP_`daR&PruC2g z5wo}|-bI@x>NYk_mt##A8(zjQ-!zfiKXUa)E-PB4Tkz+^<|FbEL|}zBO+U3tGO1eQ zHrkf2fM|0s5>5G*+X9=W&^T{bA42h_H8{z)@elAi;Fm&-96_X6NPfH-;eoUPpB3D5 z0I}iJmocbYKue~DZ@x)V+R|Rr%wB9bi;V;BF@_9sxNyGD3PXHoDEeditVl=5WFMx_ zibpP_wGIq^z-I-w!G_O@_i0B$J}W*%`)Nz|7`2Prv2L8v|lUurqc>YjwoIFo;4SMNj=cd7%+-#7HZ+wHGGGb z0I<13BVLJf<$jM9_84d4s9uPZn-Yr(V-YGJoY0~op^jSlIKb>5Xmb-7@eOs&15KlE---Dsa&};Gu%M1fp%#-_V`&Jyh`Gf`hkJ@K8ZG zpncT|+IS@)2JNe^InP7Ie3j4FV0Ok~uOga%f%4k8jwqj(EGsLmd2RndQJS$_G&Ko zRx!8tas2`-O`F@B^jN`{ek)q~f5mGBb>g3Ut)QVW_gdOmQ0aGgtsunwOI|DRu_bJ` zxYvrx@Ag_Ti!;7&d#y-La6RKj?zJM#-imD)Hf3F?d%$VMZoFX-c427$FFCCsEFcfg zJ7}R!I<25s(}_sZX~o-!8E{%r`Ui|Pci=VPw1V;^omLR^`A#c-h^>G*yx(+ML0CTD zX~l=X|3>L>TEQ9HcR8)#Q^aJ%-*j5xhtdp~@3);+@aAz5j;%vo|GLu(vtPu|*j}za z_FYaZc!%J$f`A85mif(2eV{ZGH{x3>3b1P*LARggaaGu#Axh)30@4Uh^f_~+4_~Bf z9r1gC%@QtMLUiZ8FVe+`jqkQvc$v7ScnJY+mCn6}^zXKEAEw;U`iSH%E(?BWwmTDAx``Lamdjo>}&Mp2i2#GX> zAc&7*zaM~D+z-(Ph#(gOJRh#lWe*L&T#jIzj%w*Z2{!w`*@pg;xjoK3e6#H^E>rN0IA|@;IsYqk?I}0Vm*kGn7uya?uZa8LMZFat7?y$t(3g&SE8TH3>XruH|3gWCU(Dj@CDAp(F#0cpNSh(5$Oh0ax zB52~K0qIaOLW@2;Kw=QQ)348A(E-pR1aaH90=uLCM?OzCmH6|(=jpJw8~mkCpYzQ` zxpgVI2;T|T_!j_3S-4kABg0?6RyrLUYWjkfzY@0Eq$=Mg%?YRY+3%oVN4BHAh$w;s zQ$Ms9t|S;Ry(#$M3=AX$Aev;ejk(tvqBP%k4RVAU$ z!JET=7DehLYMB5-{a7k}KLL{hyS6GgyljKrChBDyITQuC-+TCVFx}Li+r{l@pr0vO-?tYiI)s$pQATzj?cFGCs*;QHC9$k_Gr%6N5MpMT<3we9#Tq6d>u{OBS zWWt3+!Y=*eekC%fY02||Zn|Cc@8HG|eKt9xr;bR_1}zqRJz`9ccOLYQ;D+~lfQD@_ zN}WS_@Wlr57&C*yI6_>yTOEI4L^lPIVa&jl%e>)fQO9S0}4Ad&DDqxaEKe!fB` z%eZ!i9>C#YK+I{x_aCD?g%<_KC@P)<$0*du^Nvw!EwJzPgRxWu|CM8u_t4PuZu#MB z^PS(QTIt@X@-`{M3INDdm=4NRRB&3G_%W6}*qzU!lsc_f45*E`f-uOu#VKa^Gz^E#<ND{*6_ zoOOzky+{rhRB4-+DXU7H5Qbd!XQ}*6{|ztTn^%=SBnT~XMyza=f=GRHDbmdMdV0UR z6ztJ_r}5R7m;PJwJwopbOQXs62k3ovDOLg#{y}=5R{EpldlS8nE8UY~r6Z%DXO})l z@A&x2Dl`O6bymS4(y=Oa^D5W_po5F(W%`feAfz{B57fe=@N34c; z`7D#s)DOkjN2N3y?K$O7IhSdLY8{z(sHLlj%NWwDW(k#gae(=ep^g~L5@Im6O7?Gn z1}vFJUK0Q-Ts($PSTLCRI9RZsCMPI|4c-KHjY{l=S|i{P?mO5ERmetiC<>m>UY>X= zX{NUbYHgLpEde!M`v<<96(gl4c=&h1MFl=e>T^2O;b7NwvnR;(%^+XzA0~*8wv-`C zpJk*&dBfS1)|dj*1Xt5Iac`Tyj19jIXh08!8|ie^2Q`QaS5undb2Zw^PywoII3ZoZ zzgP9Ex^wwbYTdaE`R6Ff(S9xTrE!vpZi)?YG@~hPR=(tzl_95<>8BU!f8z-qNTAgd z4a9disex|8R(xVEIq)x=Q#X5=be39s5ouzM=O4s_3n?h&O^_Y<6k-;+7DhMF3H0I3 zI2PGq*YV0zmR*Yu9g)AFzF-8U#k`G9G~tF>8Pa^%ik3p}#1G(!Y+AY5$*iU{bkFRZ zfi*wbQ$33fu|Vu)MmmxfyUOALEGfvI-ku^5#wde3o{dQKWcgCy%nl}J*!n*a;et|X zAXqY%T#{h6-}oX75*!$x1MaKIRIzbv4!$6PkGW%o*g>BLQD;aPX)LXDQadwGw&PPG z+TvbPC9ABA)^@W@a5NHD4!KHE>ox1HC(X38#=2{@MC&IhQHKb9(JTF|9r|-H$c8E5 zC02HOUob!g9Kp8VETDWReKthppAdmc5*bbLMcR@DU9h`0m#*VDJpI7@U{Fm-v9)v+ zSxZ-u+!fSHo#;Ry5GZU5yqWO&D+2+j;hADXyEGGDr6+Yh^av8|lmOJ463_wc1{6sR zWc1X_u6U3jWAF{mlPi z?_1!is?xp}H$_Dc-V$$lR8$g83^foh2LT0=L{ZVykOTxmKsd)slY$*6@rdb6Gt+g- ztjVUPvGUSgQ1eoj+SSa|%4!o%Qki0r>-+!L-Wv{xX7$ed{l4Ef8=kY)Uf1V&*0a`L z*JpiDHk`Sr8@!zT^0^^P|DZTe4TAukjqxwW>^)8-ubgwCY)k=se*Syz@mwuHasbVtZ7qJt)?0)oRc?Dhq&KYVBRv^lfU3VRP-SI);E{31_Oi z12;4@OjaP-Q@R>=8?-DKOgkB3h?qpI(z>Z@_U#0!a4 zcZS827C%@>3DTH@L#O^PAz|#ie^GdIG{Fv7L}gK^JqVQ~5XIDGv_Lfb)X@UTI0o;D z(Nro^VL=2@eFH2igK?t;<`C_}MhkERQFqv{(c0Bh`0c|cg@1;PS2Llzil~SJt!uCl zC18V_P>NwI-GhSzZKtCCoIBJvApl!#5vGP=a3G??ii8^2yjLWg;q4yS#_Ii~(h}~~ zYFW)jtG$)(?_1qwqrbhS{^GBF5`k9nO>AjEf4R422Nq~b%C6RuVcR1Dkf1h^sEMk% zl2zE(HM$3+j0<2jd&m}8wDOq!s9L8`yRa~d$E@{7)9n`@3$fy zV_I3Hq9YdKUL5gy*NBU|e)^Kx1#_qFvA?0>YR}GU4aq^q*r_CP+uo*~(%|$wo*I802Zs$FUEjU-&r) zV{?o1VO_Oj525=P<^)dmM0hR&3#;S>lvMg*^sCEb4%2ls&T;62if-7Ed$^mUqiYXl zmf-VFB#IbG?X>SuXZS~GoshilvgvG$ME*g@e>;mqGsT?u-0)8CbfKTpstOL(HU^F4PKC~(YgpDSVj_%3Xo(MA#H*gp@@4zQm zv44!B(_iK&`Qw7`iceb>e^%7`jpAiLiIVUGHLFYonHAxoSz4)K^=xEy>0qPN->#IRiGyBG~<8XEs%6it0D`KXE@8d8vG? z7r?N9;rN18t;a|UEy&w$bgDhzW!~-3i>aE1)d!_RL0f$v`olP{t99U*9I31Gy1b_@ zAmW?_w+QaRcI!59*S}-`LU2sL%*59Xo#JJ@f)pQ5z;UznS643wolEfB3SK_Mq@(C+v!| zphPb!gSjX%?_x#qW>Tzw_?0RT{jyCxW34xZc31tq+t~Td9vKFn?2!B791gF`^~gXM zv~5O&C)6rHW8x0a>M!AF+15I^(%cTNtM)(?<5E26H&)3+j`FHp5vK0KJ01FtaT{K2 zfaRVYt{wGpxud*(q#HZR3$t;NosyQC`c5)7-11KE?pW!^>E?*@1+8$)iPuL^ zywZA{vmywZ8K6~Aoru(TrW^aydA>LMLZ)xWNTJ`IvmT5TiOy5F@xr_?rxq9Hpl7Au zj)R+Xz;g!5M4KeEfr>Ra;AWqS&*EUZVQVFQ5|s~Cu#I%t0xPv%=kTGxX{9=pF7~7} z+_9ss*x9LW$qRjF1#b$hP?YnMJR>-@p)`#^3V=QEoW=${Gi<#LA3tC1=r|$ffKuGs zbMbvF*I{#fCs%A;=w8jSRNcqo?@A1s;z|shqICjM&RxD2UB`kP5X*mBA{b>uCdU0j z`X2dRXet7|b>1LU5V)>xm67(5&f5bANqdV3d*Gl&gK?{j%kTNJiGhB+R_6BS@oDIy z)O@<4pZC=;=)=u4u%y6Jy^Ti(j4OyBcAy0+J<1bWHYhP4Nq#?CbF1 zwlA?WY4Xc8P{m!{#;_m}zp@*A%c8u?ZuOfsIdR6!IWuQru0tNIpD^LcS<i7js&O z!icFu-w366qo9M9T<@j*_-9N79lN-3!f_A}Z|4c99Wll(ddEKWbqqPEZNQJa_LD88 zBY@;|EglB~XTEH1-M<#|i*(@5{65pQ!LYlZdF+XIR9EB7BPO7CuCfIN7LCHeGYu3^ z*XlUp=jU>0bx}gN#i`gnM>S1n zvVB-ja8o4O5`0Y|`7JRejRKt$D#Mr6EDyo)%OxFLIO#b0436csGmc`m0}Dr=fy&q) zG2x_NLA-ZD#Il;(4`!fBRa>3oy)P_j>q480+etl~Ej+8+QlS9PS%_IyEZK1 zii1)rAmuiJ$qikPVA)-?V-CbAg9^UHKusTd?e)L~n?5}-2)5i)39ZvBSUvME78~X@K|BjT#bGzsFLMd5+*uxZq2Bg$y{*o$nbM?Wh^I^Kox|t&+x^3?rgmUo z^y7SZMKLxwakOBpWqh_6O-oEo_>4}DtMx!FEL+cLsC2zc|HK0k!`V&lki4X#gZ zl$)h=Bmz~xq`1Owy+6O~Xze)53R!EYeQ@Wh&SA)cWh(|M2{o>=y~vce()Sa^=smhG zuo#miOwm_qjpCiI`nQ3<)7f0Msc;0LPnI zs-6J*Y`E~)6T%#-I`r|OuMZt=v(Itn-1n{;gu($F`1qgu((6z`y9k6^>|0=oK-fjC zZVZM;_o;!Ml1JW5v^e-3@xg6qqp$NG*I7<(=5sI{(u1nz=# z_Shr#??>H-ev#>r%9(I#wMTsN3B;?y7c(>*VxI}0bH@HOHt1o*7=S$4^FVIg+HnGT zyM|NgKvI$(K$Z9hYBfk#Jg7$HrRaQI_B#VvgHGs=Fm>_d$>vBd@PcAmCU`CLxO&g};s-+PpqV zN#S#>4)3I->K0HYtTZXqCWEnovNNZuKtZx*!^an6&NJHeu%I(JvpoGIzu5_Op>Js) z;~-Z3EFRMJr9ii|qXIaBP;Z%%kuI60*M&sw3v|z&y8@dN@5z%JWJL*zl7b%YQqZG8 z3apfZPD%>=8>FBIr2ry;9$R(M@=+^f4f@xMhq;%1yVou*` zZ?dUcH5fgbV-we0xZE)h9{}jt*SawkEWC73rk~bYnf{umGCOHMqMV@eK>Lp72(4PZ zTD8xW8K{a;E(+4#RquneH5(4JRjnD&%1M`;^iI(OORBAa%va*Ed0 zDl=AFsmzI5u`(02CCZ$tnU10DC>K)wp3QmuxWL9r2h=9 z-zsY@tzRlD2MF57%8Gds(66kVeAixARw@zEUV>Gj?8mpKm4`pA>y@<=t$$J009swj z%H5Y*v9elebtr2ft=Y;NL~Dw&4x)9cvWCzar>w(h9iyyaw1z6{C|ZM*6>~bEUs0t8!U1F=BX$a)GXGx`6un4h_bO(~Ug>*eHPEJGSSn@@!oJeK9*cEKhj{ zLX#GT@B1X&(feK1LV4}>ux#)SEc^!AYIa%84fj|Ko}SF*D2%wVPpqRBjKxBIe&fJO zG}F7QLor*3B^K|Mp4FeZz6-8d<-5|ag{@?t-D{HLdqioEg)Hp{gf)+j@7CAw>#;?D zd}^RKx?aBLcCb(G80GRD>EXB*NcA6?>fz|u`lP*QrH17!Pe)fcwjY`5^!#vvM1~Tt1vg=fn>e{frxbU+zwB=KbGO*qy;?QhU;#o z|2oot6>}NYD@~NZzhsW-(C>vJeOIOHkk{^r3yXXsYAts>g5+16FGgAgJ0*(US1MCOv0=xp) z3~)uSIawBc_eq!X8*1@bR_bvzN!mGxs*5rmH(E)%! zKo|hM)|*ps{Shg4x9ij!E|h6^j({Cz*mC>Oy7Jq@>x?o8Y$$`aKY#yt9rAtfdE_F` zeFRQVgcWI-WpZ9GlVFy~BfteA7U(JA1TW_|ihHLO_nvc0nz$KZ z8p`S$Pv>b>3M<`0u5}9s3P7PzX5V-@PqSn#cT7j?>lOoPCjy}vfVqH7Kt5mzpcwEc z0C?R4yzT)r0A>KpPB1&c^oNNd&Kf_M7`&|Uh3N~^8>V;Tve9|;G}7A)*abMuw9T>^ z?*$IHm4$i-wQl7A+7L!}YgBe-MKjDRYp+~VHB^3(S=CT|TRtA&7q(Q;KOcmtJ?&%( z2B6c{qgk>oLErK!rIY_)HHI@bw^=rAKj!bWpAmLvrfoAySlvRfAqX=B^;1S02H|Z( z2!Dq0Ck#Kv;1eXf+D^pjo9W?+-k8b#_SUn0UT94#{33Q2oVs%c4xLVGnTl9A%8>P<6*UhsZG%h_Rg-II2D97%sv1dx4=!Im5wN_6<0)| zdHOJ#(@q>p^8@@EQC!cT>S=QEY}dQm90_d&k;4Xm%%u zB^3Ogd>lJRq5lz|?z{hm?0I!do%1JOdu!)UZR|eIpS&I2U6baPCA?QQVJ_Sq zV_cKc$`TIlnUKalC0z!&+Soh~=(-U6 zQ~3mMtOXS~lC)BsId>h#`^<>Lg|RR2#5^pR@$=dlv9rLE$ZZPpNg#}Mb;nh>p$M*H zlxvmYY9CT5Jrm1^y5!56fC$KP2`%Y*5HxT1{=3Q;OxMXM02K@HCYU z@6phup7B*+Y>V{C4wwOboBc6KfIA)hGBYWsYgeF7ZA6_?l?l@)oY;21*rOGxgw~p; z5pbt=7eeX`dvknbhx zePaE4rg~2_-#5&F4K0R$W}==V;%t}-xApvisxbWw2bM%9gtui_`&fjK!)bNZQoB2L zZ4JVJH%M(#?OL92baFN)s3vE7K-(x%ZgDoI7MmtlB=`$q71g2ZiAzL`X1@jr!M~4$ zBKT9VbX`xZ=mT+}4_2X1DNkIe03YRs*#i7Sh2{z6$x^PL9xX|&A1SlTo!p?wva^<3 zWOm*3tw+<@W z(Gu-I1g!^CG;{*}LtnR<=BrL+CS$v-KXwQDhfni!bTC$B+sptbWh6gLf1MpnLhPj!ZiPnE^nix{vGI;O{Kk{90fJlzUyVU8}_;yVnhl zYVO!o)2Fx$sT5N%=qWNGOlbOLCuWpI$6uIHl?G>IsZAj|Iwe)vaMOw5?TJgScAocK z4tEQr!vag>MvRsL^T@MmzF_-l};w5nVc$^+F*7=3r9AXb7Zd)H4RE9 zeYHnXP-ri4$hbNLZXV;YYY8oudGTT(1s-aO9XE&j@ajdoZMycwqlkhs=!shz7ri-M zd!O&xy~xv4Da#Vo?t+60+l6eXBiI>*H|!&={!Ghj4F$H2<3qYFXwO(hqS%6llqk~kXrRj<+s zvG|2{XggFCdN>9^=*}JDmcX7`GSjjOZB#?@$Nzw>7(J2p+2}AR?X>XP30^vKA6C?y zyZonXtC1K=2WQMM)Npy7jc(~(jEj8nqE*}r&e(FW5)q4ISXKnYVnm|LOAc%4`WE*H zpscB?-cm9bp(DPv`-LggEG3C}mz{$s3lAxlsL1%rmJUK9RNi-IU#wV^mD=#Ss+9CV zMNa8_w2`aYxVDhW&^C0tE}5S0xTxIql5Kgdd!9!>~hwdIYL( zu)J28s2$LBF&pVBXP&`tdL>|Ar!8Wy<<7^EFv6Bb!yTJXlMoUGt2Pe&(HnX>q(Y>+ zJ9et-fuLO4Ee!QWa%7tAQ=V`JjbnK^6Pk?UZsds(Tc1GH_au)-1ZcZc)Fxtw+!-8_ zBvCE_*6CLekmIcp%%!q+l~Y>0D$7bKJKi74gNYPm_CU8WP9e>QzppGz!bxqdXnGE!#pv_czLQuI{r@J-_2tSOEtUgtcGW;N#e`DM~Y z8!oe5s(R~1tk+vr&~3nu>aoCuF{#H@ZXsLburRaYW5A?%>U^BiixgSs8>jD7-w@%* zalWd;*at)RWVot=(7`(g%Rc&95iK3ovXJVrM)l0X>&)t*W^2R7+=kJf62s!KZfb!f zQ0uAU_W&!jey}>NY6rcaOCb`hnhLJ=;J(|NwQB4I!&nt6EYz z+b|oBu5fz2(b1J1MzAO9gK6=wUdhpw9_`WEunT{Y29VrZ)r9j1OBXGnA?0a$X3ZUC zsf3q)lqHSHlBSKMDGlxhO&vAQ`lR?xUf-CO4%+8f=rTBeC#=;+E~$pIg*Vl3zMZ7a zK;OBZh89q=ITSq$3*0b74S`%@%+$sZEf9k{JWt{b0EU5GwKC*@>t)M)wVe8FnsnKM-La;BS>O3NWGl$&}g zl@7}?rL@fCG_^>Xyr-h3s;@8#HuO|B=uLsXK3#9hKKQm$YAyeVwNzqQQ}(O1R5~A5 zirA_`ffco1HlwDJ>2`v*!GbDZ*mVtJ7pbZIH|8*!Q&agq+#56_R_$i6=G9a_1us)g z<-_%MYt^4%|0Ok*c?ffPHI)er0sSd4G!6ABR8u*e?@*pHnC22_8>BhIQqmKq^Kr@s zHK@=iR~lM%MU~4wQ9a}46;P7?nSc;gFXOO*si<-rzU!8fY3#7n zCRy(0;fQ7wRc=HNUn#1jHY~(26;&o7o~|eEKdPwmCv>hc4!x|R%6$l?bVZfJuSikl zFp{DdeN_o(S}Mbk9|t(`KmMYYN|QlXuBGx5@YCypYeKCnxvr`eh%gFC*KG-1 z1WNobR#tg0-2cbaR4%{AO-&_RdK7oPno8z$GPz06A(#MdfgWU!?+ET191hggIBqLqV3(E=>Qosi8FeO=x`KudYwCK}%)f8PdhHu#2^cmP$rI zt#{K>iG!isVcd+CN=4K~S}M0<(V`L8oJvQhQl-KcNjrA~0z6JD<~o~dskG=7HuNks zRHlKQhMrPtQh5b2ph=}1_%zeSZlbsH%{Yz^vAp}&y*6>rZkyN*=(EQrasjsiDgfWX zPu;iV9lRIoDhK=Sb?xdWYS5G2ThQ87IrAPIk@F7RIhggnR8&`~ncc~gxx#|Q0BoTuzW>z1#)bYKavELB~gHyOZ+bMG|$A{5~!Sjc__ZEvjzTBAKLpy~%#7+!;55d$& zgsz>gcl8lt!!G@9+Abs9ll9@WiLh25Qb&}^N2w!9xRX)8zyYf1Cl2*?eu@hm61A&A zYyHTP*E3+ZV8d}6?L#(?Q0#-d@1~uo?y5~_$YGM6sgAO_>gb178As+^(@tnx;g4R9!dUt8Ie`yCCW}COq#R7bQJAtw9uaBljPvu|6B$6S>h^f?E|2U4FE}B(a7Fq$ zQ*p(hN5i5cHs4e%nW>*tD4eVx#v+L(xfWbj;T+XYI))oJta9w=xY~&eV*IJ*+|e;9 z`%JZOQuYtkUP;+!v8|gEI4#S1vWDEJa12(Q2v!Hh8`wZe3D9=H4;X4s)CWhnMrS#?X@4`qIP1e`{b8+s|Kfve zXQO=~3U9f*ebrrm8bx$H!g9|KFG5vUqJlQ#HdJFh9GU@c_H_)$9eaOUi?Zd-eR%JB z(M6;J_lQwRNDG-grO+5JUWaDW;0RG)cqg8VJEIpUFM5S=H87= z>X)Q1KA3{DU5uN9xS%2+)3+0-_;?-|g_}jV!Qg0i8|^wKg2q{aS_;qF+T$;4fJE^p=Hqn4^`EY82c`RsVyqBzUB9BW%)!0@k32)Y%( z3FX%PVpjN|{#1MMqFBs8X+cQCx$G#829@88YkCyjOw-;SFC@gd+g9zwB0eskMEWv&dPXaQ!P@bRiCbDYFfk8~`ZP&Ej%FY1Qf>{W<|mFg3yc&X)n ziVhqs(Qn&zwO_GA(X^wm%WfO41@o1=Z9c83+ynROB2x7ym0$Vbkg6^T2XO5MZrm`+ zYc~ZaS=)=&om};HpGv}qO%>upx1bQgX4L@f%&?rUn2f3eO|FPgg!RnNiYl?$`+DP` zNrt7!0}$!YA1i-C_+#TwB7f%cC%?R`7|F*v4q_ekde;tUf3;hxz3|C^uSa>De=JS{ zd}gutaP0{FxbkaHyKh<7@;L8!=utS~WpA;vYhOJ?M+qF$V%Kh6^1rr121tgwZ>457nd?aKgM+_{k6bIixzd%YH+Gt-#T~?Y*_HcqG13xy?2Pgt2)nODP0Q! zaUiJEi#SmvG9oG$jlh{03zBb>jJvh}cpqD8KkacOpr10)?q^y&jDoJ6n>sDT>L2mb zVyku=bM13;S%`KuYz$XQVOQV!V$3(E@rcosug2gW&Wo9)iMt#bXGIm&f427rHM!YyFp4Y&Bhzb z@4OWzN!f!XL6A~43-9VH&C@AvAEiI3k5VV24FtDwvCneoYl4#MIjj*gaWEwYmqV%x z9RsvD<%Y%nZV>mYuxBKILAkM>>Z(Tp*XpZWZwK$iE)UNc)orkXzt3`CMR~OFXxKNa zv`tk9CL=axN}pHwL0tV^EpV&`L)p>xtGNT9tJ1jzj}KhCgMFx$sW!wMI5uIXOB+O3L}v(R;r<~d0NDA`(*5X2w&{UMbens^`r>( zo&y?QI}^2$$kgD;P4J*!AHy$MTa#o+gQfHfqiEPPd}h_OP9;-4dZHVKGt_q6pz3xwtuHS6!*(6Ww-=Vw zn>(L^eOhP9F({jctLvnF zCa)7^6_(!v%e{TyKpMP^G?H7Im-z?RbpO$^ayLq`$QKRMov*<5GJB*+P;%9IDoPLi zi8L4(C7>L;Xkp-hz5_%X4693E7stMxnW7l0(8#4TM4I1O>{YqFb&+?(_XXarojAt2 z8_fu$2)B(NQw%3+Bkp7FOIj4Yi|T&B#Y0uK3~~rK@H*N$kZz(d7bt{&tZo<7_Tp@z zGt9@)Mtcf2U1x{$ZHY=>{c6NdMGJ37wuQHXXq1LJFz5}^&AU`BCDC9cv-u~6XIw3s zfu!|)X|eZ}#nklO0bMdc&vA`5u|9ciDy-%%nz9zawXfrh^8z#^P-i}}It7I$O!U6* z+_R$KKtO0H0WsHd)G(>Mlip))tq)SX-d+`n>pYV!TbFu6Yt)Lbz)^9icEwM^hI!yb zm~gOdwJx7HG;me>;?GtTzu~d6ef5CGu6Go_;aRN} zr+ODvw{7q#?p<6;O-zoKN^j4con%HoQ6Zqe23a@syHWm~wXm7>P3p%p_z9nZ0BvVu zGaApO8i9=~eG}JF9L+0zyJ~faV6153s@fMYfEHDwAu#Gv-{Z=&kHBE)Q(Rx#h4-`a zO5bw0G`Z53H@Bkin3U~_+kI!X*;#)#?I5iH71O-eH$&O$@Adt$66FmVaIfzzC?&Uh zeVxogzt`8(xYsxMO)M+1oYUUe`8-CmHhF`_D>XxpZ{m4J{F@dJV zhi(H!JCj|zRj1NYT1k=)IX^9`{JNz*y}CvD18_jkFs}vRM)WN6rd#oIGkcaT0h8cV zlnke$6gcH&*zl8^h@VAs@v}T19`oT=ln1w>#c(Ss$}itqj5N!)^EckH0XyyDaIf*# z-sq2ZanG-)W%(li@*@9u$7$ROZ4bnt5jXj@bzN1~rF@Zhd69PY+{8bA zLY(8=jGI&D?0gCBkO)2){KjP04l}@2E4!!wm0F`DVjbVltZIWI(H?k5%^Le=U!^?+ z>&&x0kKm(>YhSWGGO@wThJDIUOjTTk?K<@ObPW?qy=rG|=Ja~;u0xMk4JlEt(Gm^k zUGK7UB3cVm%AKP(A?XWHw59>k^?YH&p`U=qOo!mK2|J3u*wob7hHe*H`p~!3R;Z(e6gqJ zmm~MUwiCA9BTqn&C+=W86uNKZ345y-!Btt{dF~@uN-Y3it;Ch5^O_rU23aO8_eYj{zv zl^b1_8h^wiK@3suLzEliCc=$Rq+v#jbYPZ_^l!m$f%3ai3mU z#XTklgknCR5bk{9Vb4L%rac#-`9vaSfyja%aZH7M9`y);FX>3X0I}$1#!D5sZZ0~$ z0$d`F0(>G~=$tEjm^N`R^VZE=yfYuBsON3wYv##t%!lcuB0UH4PcvdL46$u^p9*Xl zqR`DP8TqFng>*O9sR-r%o&cP4-Qpy{zwtZsHuDpZ6y^h+iz;otGd<$YbcieCa}UAD z1q((ND&a`OGsv2N$4bjmJR%`sNLtzuSnwpG_#*+)>GRST+>)*e{KmXR_4Y~g?0Ixf zO3$~Oj**V}jzS<7@5oVU#5;0TK}O~mWT`StEtsduFa4GRM{0o{CN)=Ck&i(70_ieM zfwY(oAXg-$E)_@vW`P)=ev61t%@s+hc1J-PJn)P!$WpecnT~=&!!0>IEjQhGnd;DO z33<87H_2g`sdmN{h$j$UAe=xL0e^7=YSk1-PYh~YsJKpCi+VN@e=5J6!tn*^>0*3N zVN$w%dTI{h!9Kyw9+{JqH%|q|kB6t1w@-_fzO7of@oU@8;@`eQ$4;HE>JrekTlXG4 zukK~--KTG0zy1S)t{E6SXz;Z|LWW)!I&Aoe>%+oFMvNLgW~?o8TvT+-_zAIb@i$CN zxN%bA>d1>hx^E0!uZ_Qbdo0q?^pwRAEw0OzV+x~F- zvgJi0Dz6}BNtQjaAa7neOMd}mZysc$08)|;%FekXpvz!{!Ep`z zvF%_RVg=;kmn{eJO8^FOz{RSlNmFha3gZPTY$hlvge?`njKQ{x?F`#M*2^qVJ0EYk zsxD`#w#+>(`ez}}EcoZ(_ckLOYgKDi>-6*)E)D+kls{`S^Ryy2wlP-tl1vR8nPjvxY*+N=X$XkKGj=LSToz%1R3Xx)t3X>-?;KuY=mL_Fv zs~Y$;Sn-LxWSh!%$SQ)+^3TItfw%^58AvY|@1&VH(S;H~ev+b#IhCt$q~z%BKIx-m zxyOuFII(3VUe~J9r5u^%eO-Nd=OQjCPDeO$Yd&bTB8Pm$<=2O)>Z#|z)TyN_)75fE}GI2Qcs78lgYQ{ zC`fC<@9WT~FzXjfJ5|*RogUV%=F+e#nWNmAxHOdCb>jN^^h`Xito#-uujX^SxD4I% z8}S?RV@+Zm{Vn+oug@0LR$Qh+&o z4NH)(9d(u*GT$hPW+^u0X4bEvBD_Ao=E^${rONWsTRzt3Jk>g|l}tyQ$W|&{rNA=a zqth|8i5w9dro?tYZ(G<-QD&NJ>)q37kRRfAaXJgYWwvspJX7&MRkdAu8*u9{rvF>y zrEyN|(~-wIcTM^m>LIz$R>6+;l>kd zg5PU?x!v&#aVwuIPnSJv_RY-{3+u5p%RL0WA?CyHa|X&KPw|GW2ETRrc&DAMIKNK( z(&?Px*F$gJ^*EHS23}AeI3}8V!6tlR`oiQI@TQ+_$V-S!n4Ht{hl#@yVpE+>bf7!T zj&z3^0P~Tba5XK=M3^`kDNg)o6Ww9v!|Vam3iE2ZpSOu#Fauy(VQ#9miQX_P&O!$S z%tv6db6EoOHkg?(>tN1>DPh`RCaAi>?<4C>hN5{o+(@_HDnyB3{8>?BDA|-?y=OHM zHjZE##xJcEl>%Q7{$UR__{Nmyt5E#@vZdBzGp$<{Hy7h~3_`PP8s`v$czWNhH&Skm z@tk{VBNfd-h|QXn1DWL$l>k=jm}}e`frPCHmL8{89~IPMz>)=E%1OyFb*<{+g$0_$#BfA(X#puxwQz3=`99(?F;4?nX0(G8D1{`V&~ zKKYNQp8n@E|JwBIbI)(yvUS@FFTV8hE3dw`y`pl*&RwtX-m`b#8*lD^>+J&v554p5 zd+&en;o*;te0=niW5-W?`q}3vzxeVit?KLQQ~&Hoi-|L^AiFHHUm%V9VB z4Qt%&yok(nU+ZRH=Vt$-oBdC2c3w(m#@*s(_d@>cb0R(A2f&1$F=v*Xm7A8gILV%B z&%*p5+@}?$7fiY(JAIx#E;l2uV1e>T*5gb}Ewo3@vu70=Ui)h_K^T zFJAApy3hNuFV7jMRMo%a{5yTwf9!{Tu09_)KGmL@V@)q8$SbgBdtYH19{erh&KSxZRxF zoCof5)XXt7M^o&zbNtO2Onv6l9BByYqN{x*aUevRminrKMZ*GOYRL z{O`3$ZwY|U5R_{nav6d$V#-6{&XFabm?ilTaJ|IzQbAe^7NnwlP%`8Y*fQW+l;Z%} z3NzDhNrhuhR&F}VK8NUBoW|nJEPHxke(Jn*Yifo)y}&wPh@-Gz$Sqm9L(+2>4KO1% zk%tCZVNM8`RgjmvAU)S^hHso#dclIMToe_sLGeJa1}}8v+0(6%0XMO`6w;$ElJ^vh zR5{->M$AS=Q{9r+(_Nfp&!iX>+EWWuuD>Qbw|b$tZ1Axe-ho|;F1?<)^ScqB)6!Lu zyZc)mg=EIGspAKSH43Y89ME@wHPyhLlHwk-xiTEkdjMF8C62{Rl(Cx>e>1o@F2P1Q zTr6h=^BpYQLTga^BD54)8P@a#`SzvPTt1&$AW}vnlFId$RFt?WuoOz`g7gJ>Sa#}T z)SN!56=S`zHsgl%G78mid`kL6iW&>F@FD(`r0Aq6-&g#7TlV1C6}3~Rj(AzTRrZ=PpPHV$4Z-GY6 zw!V2Jv3HJB72-X^G~e&-Zc`D=_on`T>~VSj8T~Kszhc1U{r@@e^8POlzP$gSA(!{h z4QcGZ-;Ms)huXwP06r%D2i^SX{{09Wje7s4{JCdhV}JMb880KTv47L}Une#8Kink$ z&eLr5c?Y`Ln}+*vdPBI+-Ru=j(pxgCaehtdjk=|=e^Ywiny32$IA=U4S3z#G8F#NXY2?q-`v1GxJ))y6*uN=#74J0mZ<>Fn_Z$1~Z6XIBeW3dbJe^_B>EuDHdS-L4 zON|hlv2VzH9)w%$x8_@8^S^tI{xf@xx_Y=T)!*fTu||~M=bDHwShDEpos`ZFabl`H zGg&OeoBId^JzafNA~uRBbdv4q<^Tr6AC;D)pa36M!&RL3PEO6TkIySe!iPL3-H1CM zA#>9U5IZU_w=gd!J<48?6N3-2UEoAWWMN^}{9Gf2sd)`qikm%<5{5#?_y)tFSa_eyZ&*t5nhwWm+bOU_D5 zkIGCf5PvpktPd9{L>kjhvZuwOm&%cWC*L_Di{bD@h{5ET8(Dg|0-=d$qko@nM4cj{ za`Fnzw;N)n+!!+v-{79iK0?4~ZwXD)X(k(WsEu1deLlt31|%|2{Hsl4kwEjLqfEiGorJZ$Sh-Y6a*gt8&m zF753VR~Vgsi(~%$^n%2K^g;^C=bmx7AR{#=>$awdN9Lv_r+_2l8Cm;~BegAVNG$x2hwiV?ba-Fs?Ip|O`|5A6u7@AuiuH!wwi z+s!vspaD!zmu+2+P%4Gwo|_E5t}xeY;?zuzW#iJ&V`fa&k;t?(FcG7tem=<%1tnl2 zk7?*B>WmZLGZoe!mc5v#%L0ZUj(oBtSsVf*kLu;YhqMFYChx@ z@&ha@yruvXCWsykbEDNP7Ln>f@?shWUV6O3WO0OeH0L2YHt>RJv7V!bw)ZhB@YKBe zS}mT?Yky*Tff}dh&O_S+`G7?HiK$G@ns=)~ccmNmj3x!_TdL?^T8PbPQ?rmyq2df| z;%=jrphL14>oqYiHEm+nEd|(s2CCmtGBqV#FXa1G+D4-XiFn%W9fb?~QI|@+E(p9}k!)~kv`Kblz^?XleY&ZT*Pc6ve zFeX_f={{+bGMF9aF-W74Fk2Ax?Dg7>IwnM*E-gme2Gaif{C~!Q3Me7xLsMU2Fc{!( zm~MtA>3@k`sw&vxA&%{Y9&3Si0-=R#=r1_S_n0Br%- zZ=mMgv6Dc}yK`=y^Y5ICr^!iV`f;tm^kce=OB1>)Rk{>&x^aI<2LqU2Zvfqg1Na_k zyhj=DXy{d(DTaHJVX_Tn`ZEE{8y!ED&H|WL02*Mmrvx1&g)8Y`_+kKYUSXJbz$7hB z0R2k<#0P5?YUjn@jQ900iQi)Y=Jy1E;kE%t)7t?0e+Zy|0GLAl5XhJR?BjpQN6*)K z$>%?d*Z)@PmtO4DF}U<%+y54Z|M`3_DFVh9=8_^{{m!J{d{(+~r?_+3? z=iagOj@}0A{(fAytbbfLS3G=zTi%3id9gA#B7EhBBO9!`_eH-eF6d4+!`yO(;UkUk zTM_=iqbDEjCcb!7dvw;N(_g+`#h8o_$mAn8AF+y*BiTo;yEy#2hmV~&FT~L0I%b^r zi$bW_A8aBTU;~T-gaL*DLI6PkD;>!s zQ~+K9YzAxuJOa2E!0>AUD*?p-J0J%z7cdo&2$%@40R{oAfL8cedKi=i;N2hK3lMKbJ%Da5BtvgU$L4WW^{yc4aZJqLFc<{IC!CI-j z75|xprh7BIx=Hk~?yb^SxG{02x6*hj)T^lLRZ(=pt9Wd&5WU>M3w95H5{*lk^k+Et zcuc1`D1y5z79IdEKudrH&`VOz{Q*|MFUk3^VZ(5~9Vdp9lEiJd-KKCeWqj@0wc;QD z_=niMd9#x74?g%neDTE>^>Uui>6T4sLpN<}NlE`h{vYJljP0Um`|0f&x8{i=6j8=@ zC}-SWodQX?wdk84QntcU^tUgd=j*48W&6IEHf`GWjETdZf|+t_{K836Zb^~L%LZ(p zH7!LH$qn1LOk;X4Li=D1-sQi~o!cao6#qep<-K}I|CYU^@G=0jgLTb=8HV8r7M)Mz zkxlUl4bf$ue*OB1;NW2FFAWi+M~@bfkvOj%7pHhPdGcfdRc_EQHdD-*Ge;~>8!zV1 zpD(hrv&Di13q(Ny&HQbfHc#SKTK zn0#D{Lcp}oq?q-U6!T6bx^?TsU;p}7ao>ISi3cBiP(1R;BjWML zA6MnOY11aLWy==Tmc8=IE8^Xqo5UU8O0lIziq~I%UF_SpPrUWkTjJ26L*l*n-V;ZT z91)*<@`*V8#bNR8cT#-%>8DCAs;a8QnbTj3&(BLyQ&S_(oja#wg>3a4g89uv%xOYs zeAi+ga1(?FmAzdJHylG8gyc$wS$mjh6*`*vXHke6!Nd@gxvb9 zknbI8h%eeHN@Y8_{ekJQN;fO@oVbi55f-G8<0X4Qn(8# zJdPB0A%#zoLQQ)qz8fmVnaNU|T`0x5byA#vR*Ihv$@=)+5q~h^k45|`h(8bU7a{&i z#J{h-6n`Ho#pcOU>{uwpfprr1ic3*_s3E>D;*$fN5x+a)_eT8wh(8GN$F!GX#!x91 zPL^WzLZr1$itW!zapX`#{Kic~ivGAeMn#Q_92Xg_oF)zo>KE9jPyY$^0V2o6$HhfQ z$48AF8yTH4IB39tet{Dv^i44WM90A!|8cNHN2df|!vGT|SPlR9gs7PKu}D59Dst?& z$do}0(63*g-iCi%f-N#WGAcR>@rl{BgMx#{7&tOWd_uhWjPD-MCFNQKU#4s`t(yeck0;j zhS4g4U`1tb_yhlF#*d7Lf2WQ;Z!mD1IFKkHe#+R$gd5}IW8zb~F@dfDUAkQ5=jYdB zB5|ZY6|y8Cmy~Xe0;G@)^pA>3h>MR;h)L+xC;flONfq-Nr+Aue|5LcMi$5+ z<(i{0I@W%03uwF`-fk4^xW$M;fH_8f1B$JmjP zk=J=yd_u;iB%~z7#U$uhq6yKTxTs;{qK0^Tw7${sAg|)0(Oen+Dd9u>Tea};Xdep< ziDE+hSO`*sf8_PULqc15`F4ndXVf^z@~~l1Q4RhnDdQq1MYL<_GXgn8r7-ol=!X1L zq9}KhBHDVkw9!9mEW|b5j1K;hKM*imoA&J{r9>r+jexAxd&A#+V*T5PCq#meacf;|18#>lj2$Q6%PI6*3J&;jSt=R_|TzVuAPSu-BNt$?#74i z@1nijEQZS0#ALZwER^qxb@HfqR(^r+cf)r^48aF6F#z%Lv0Xa|@kb!O4e{dfR0Pq%K}P>F=-s%AmE1@s#-WXM3e zTf21&=+=8+FaLJ!u10^jYoDNg{RZ?K(%#>4O)m(20EBJt-)l(lkYLfH&%mG| zJzEcHj{xo3w!OMX?|wl;+O!V3+HkO1g9Z-q_4NxvoNGF?YuhcL%fKORe0^KD^6~Mz z#$xH_-J;vTo^5DX|5(=iFn8$Rzkgqtkd{q_BcAMjH6 zzwyQ!5_6;y_{kSuctPQfIVAbzmtV?*2MW!onx>ua1d|S$#K#2SEKNX}OA|~t)BG*?@7%d_HOjFMWTJ$$?AWnG z(LnjYe3N7uV4g|I3vpzfKpj@*yYId$39K6|51OnWtUHYJ=9_OS8d!#?|B~f^xq43F z)<1av3GQ|DM;+#-i7TzYUC*99EAbgp@*fr!)}L}rU>RWEOuqc`%MxWS(Pvh5m}S5+ z!MvIR;=Xt9Udg(0`0!z6Ck<=^C~vGMEFjDDAnvrY z{ErC6l()@bq`(%@(82wM_VsVApRzpWnr4XrJk@JP+pRcNjU+Bs3nioj<)G*>>7YqoQjW;~=I9{b z$#a$w<%aUlb{Atdh0rA6f5XQ*4dZY~ZVYf82^uh;Eb~DZ@y~i!%D`9jYH_9b!tg%tmBk3%026bX|i7MNy60yH-d(E$p3ion>38Z zVZ!jYbQ(fX7cfsQgSM;SY)7x;=}P?37O%q`|8SJU8rCzmEzQwEd3P@pQ?6)||Mcf~ zfpOW+xIfcRqK=Y=Po#_k4Kbi$)4$zAT+;q6eD1#lFD%EY9_ zosOS=`bi#o@ge#6?eX&dg=6Jk@@xvRo4%BC+UHVEJ|SfSY52&f&ybl>W_@Oxg!;@j zsXyug>+@j96YKN^tg|&kgTf!>y&7{DebBC#kQTOwG))?4Qtm0&P3bV@i?U8xI=+9i zd}8q^xxq17{;hC~qJad=slw$A1`UbFrJM+yVnIWFeI^Y?eZH1$657;$Xp?$_hF&k| zZ7Y&l(S!ztf1f^m>f3*OnWuhBScxR@}KT3GEb~x0}Ns z?Y)wJ)U`G253$afbeOcT4EQ~8FB6j%n#7;&eP)})`W%V6z&0ri zZ4$rFW}7r%JFaNa@o(BLbtV4j->)7%e0U%9QA$V$+eMm`8PdT%4^7fSH-2l)ei{Av zy=9+)&r8MOa_jPN`7CJoCurCR8eX|CPo6mq;kkmR3Un?&nS}BC3>wTn#(>xK$W8gr z_QI6^kt0X;XIYrQ`bxZs8*w*jVcXC4p5q#}oBUSs+s5a$JHq6Ppkd4Mk#f`R5%Ou! z(6m1P8Ew+K1(9;~t>fg%tSIT6A0>;@qNU4mlRWm}K}j0i`xvS|qfO$|9R6tUmHY#r zHN>5G(Iig9oArTwHp_%U|yZ{j^X#>ji~$I5$hZSwA% zNa+F%cY=mHK*KW7z^7>+<7U(iJQuY;#2>Pt`6 z*(OE0^)a4Dy~lG=`%nB$`HzT*=uaGoCw7I@)4+0Zr{i+8{QPsB{Iv3Z`TFW8x!oBi zUpDG9+a$9-KZZ7mG(2F?@JGnenp-1fS(Z)%5mkK*^tUGh9zuI{LCQCq$Ua}Yvdr=Q zU59-P@wvIVZxC13N7jMm%a|EzrDu|*Ai4AceoF<773Cf&azf$0C@_zQD?WmpPbLHU8Kufw>1 zIQGFjjXEshC!woXqE1M@-*CeXs^5eCFsl6|?!=X4L>f$>8~IJy<2Z+XJC+6O1M9S^ z&nO3epUwKrHp#s{@89+?`+*ObyuO?n9v*%V_VlQE5aw;vWr;nCykJsdPD@^M%{3Bz zYlRE(V1L6MNP`I`9WuBme1H-j?IzK=-<@g@G0dD6+T0ZrBi))CeRvrK4G2H7_;zdam#bNmc> z`Bn3utXq_S$kKZ37kiKO6f5HL_SMMG+8s+>4+qLMAF$t(QHYx1155O3B4wm)>|7=iM` zzV>$11J(i738u?77`R_RIwb)C0XCHTqnLNnfHc>9xUO?0kLo{|GRXdq$yefY{P=N& z56V`eZ^2!~sy?8+CFD)X0KZY>Gs6@3P8!&blBaC{pL^~(`OGuVsBhrE{`D^vk8=dz zlZLi!4!)7M1NR+py9-Ej-Q!BvZ@Lm+_J7#^qdua6XIv=0iKvWf`$N_&o=`j{|SEn_MTn(nsNM$|+5E z872)T5I53A8Dd?y>#n;b+APWMwEIKcOkfze`Ai*)E#2m^9ENzu7k7+pWe4lqr5|-T6yg`A+;pGNs$`X0b zI)pakUf}UtaIeSTUH;idxR*zBWkR|*$3A=ZY>9ojO1@2=yPFJ0S)#1do!kj)(e5cGXJ$?(&WpCl1`{qy!#^zXk>-gT@Se%1UB>X#b-;`?1fTF8HzCLJ_QI%txoY+qOx2rL`Au^iZT zvYxWc*cNdufoo8tg?vXIzongNz__tZ;cv=6`U?HYC&J~*g#CN=e@GYCc+)0O$e|OnvD(B|AS#RA<$~xZ}hGjvSC!a|p zWgT*K0eu7wWyS9*_gMUzZxiwRrKbY|a1X+N5|{_~K5(DL?|x)4J}%oAFRl|U<%O|} z7oWiSoEqJPO}+omnO;VE9)^k2FUSwi?=;Qy%=F#xE@tw0uQ1FLzsD>x@RYjgVVGWq z+0rmAhS|$7#~NmlVM^Wfpviq&R)7ug8~15(e-Hb&1j_Rz`-&*(6#&eF%d-IYhwofb zX*wT>A^7IUr>Cb+Mt?sVbN-QV4*{^x-5F3Xr%d~kS}7M{tta*aeT|KC z!CX_g4r@EJF*p3dcM7G;;Xqn@;FhB6F}7QXI$g{541LZY(B4+zTW|{P(h>B}AH_Ub zHu}KP2tO3i2mOuH^RdRkbu!L{+Ax31HE*sLzxTbA2QVv#^GJNYLHJ8OJ<*15K%TX1 zKiNidyhI!b<{F04=f8k<^?S6r@1os&i3xMflSb=ft@_^!^zs4}$h9SnKV@ zb{g{vshE43P8`^G;@FelN4D$y7O|~nUzYt8`q9p37S^h`=E=1-uJLgH0@tXxzQc8Y zuCejC6!CEH#W4WJpt%??Wb^yW?;6Ls%$NOW^2DHD^_}z-^`RY;%pf zZ?kqTV!6wM%Aeyw_7Mogfxz~iK%VgX_3tl^$S0iB)w%@d!};9uZ>)EH{eRlK_V6l- zWPc)AjR=AlRJfuiL_k;(y64?9~9t=m{;Ma1^!z=3$8$38M(lvl+Og_OV83ppClctNdx4u*JbiZ>-T+~z*-u} z<7GHq82uBTl16!jUNz}J-;i@0QGmArBLQ9roNE1ZgRhDi9y=e6791kXlW4$t9_R!x zTa@7b;aAXml=F&%qKpuf}0bc>u z=wn>f{g2M*jIMm02;|WvK2W(h{_xERhe)I6E_=ZiAl`?6j{62J-~o<%mS+37A@C|- zx4;a6J(pGEh0qD$Bfttv2%`#kfX-^#XkfQgF3LZ2i=OSxBl|xPx(K_2xB#&ocmmr4 zew;nJKe}^fijNZ@KMi>VhL7BIpcBBEfb{__*doQtuOnSDX_Y6L<8{B%gPVzANrp%WlGw@g$sKD8-hO$ zI>2+p)rhH)Hw7Kw1?&-iLjit^bpU}*TuB~rUbU=U=@5pGP5FvE%D3c#4^yX3_3a+) zF6KYjf5-y(0a--fpalgwaq=&FqbL6I3F*XT@<=)Xc|^HV$ASDK9!H)7IbHA=@fGQ! zA8$c7K~pe3HOB^H@!s^5=;)lPCM}9cY4GgdTtn@Brfj-kdr5r|5@^2SqnN)!ttV5Xj?_5uKxJ zW(|&hb%dOgf6Ce=Y>-l_lc^;0Nfxyr4}wZx6{<&AIlH{_%luv4=?S{WuVFJ#ZOdOXO!oY2CMf-$DEZI#9t6 z&~f?LfIiGyupNj?sd;dLMv>nI* z`hr~ubd~0b3xvxIAXzRX9|?PnVa?OkVyZBBMZBLzFJ0OOj0ZV-df-2bu>ihC^RnL$ z`~mPC{iDJsgO3&*X|6g?{QM2IRYrKl3F;f6z}1Q`f6zg+1>X+*MlKgJh+H~w4d@5x z402Z(1K0&z2U@@j*lpNM(D~L|Z%w6+Z@yaR^t-SBgx{vob9BAXH`>HFg9h3sAWHiR zM7wwI?$ZVuP;m})0Ovt&;3vUeU|k~R!WUD!h!uWH@$E0{53Qpgi1rRqP9AeUY!0vm z+OxpNn4uS-4+VS(a=h@DfvLc6r+b)Bo&MCmL7(4$AkW|{D(FB(f0&PGj|AT~V67_d z9WsaU0{Y^Oz9AcRlGcUHShj50 zC3c4}fK${){)!bV{O{?U*riLCcBOpw=9Mc~`r{eQVHjt!>7Uf>40sx?e@345J8Gkn z5V0}jbrr=RJ;<-ax<-#;t9cX$QrQr+fpa0#@Zkb~CeSI^vd1ZILd=95!X9#K zG+Nh5CGd|!zz@(DbPaY174nK}QPL@PB#Jg_maoXfBBz5q0%A7s595S62!0UC>k~Tp z{ubg7#2$!!;OipZsF*(~iZ&33ClMVOKiYf7$GKs{z=z6r7f08ZxPCkd-yMEC;s(S{ zqcgksee^gKjV`CSmY(yD78e)$YeaynVJsmp0ssAz>Cf)BSNnedXo`KR3vPBD_($`C zZ?}NSVf_HE4P@?>F*16r@?)Q$h@r-3`~9B{yqf2 zv0eQ2+zW>PD!Oyii|Bq`a6LV{;`?f_UyvKvZTMUm57^V1wBUct<-xT$;{0Iz!Mnik zIz;m%`p0~PI00?LF4Np!T=RO^Y0!;!zzh1_*C))`$S2`i#Mzj;35&VpTC_9fhKly} zsfKD**AN|ltOn=ceAIe4H--|K@$vLNUNV;0aV;i9I}-b!u;1Es^c%j5^LJaTMZZ;j z!d`2!w4)I|#rr$0{i6Cz`b6hkUwtOMg_&&d4IwA3urM>XU(Sg5;kh|^g>J&of;_u0 zJu5Ret?<6w?DT^C!u}nckn56Q6^>ZbDjN*Sul*gE9*e;)iCpPfw?pjJOH?({c(k6QtAjV%wKq ze6jr+XZ)adr|l)QI&ClBG+pkr4frWj+NZQnOzhgdOKNKMKi5A0|M3If$ET!cwOM=i zC@W$wv3J=Kc8-O4E8d>RDOt)0<$a}&+C*)o_D~;J^VJvBP3kuFka}FbP77;>_G@jh zHdK2~tI&36f7QO$YUyFUmEKu@SkKdo^fCHmeXhPxU#)M}-_dV3erY^nykmT5oHFW~ z%$#ICXKpr6nctdGv!T`2>S&F$7Fw&UGgb?cBZ|cgu~fV(j*6S@`SvDzpZ$fM5ozG8 za$a?|Iqlpe_c1riog@`6%^Tni^VWHry-&R_yt5wN5NS0QV1`(Ib~|gq6y~vXHk3WZ z=CCDfJNu5+<_);X`}0o9K7Fk5jq$w^Hd~mlm^;k&Vx4%%zSHUKbaQvQd)&kBDfb4M zCV@oYA)Po@!d_r&*jwyQmV{So>vwrE0nd$W@V?cOF5(*QI096mFv~I#O?jsP5LkOu6l*O zOaGgGL060pMvgJsm~2cp78`4g*Niyxzs>VztaXcZztzi1x3aBe)>i9t>syP9?qZ1; zWsf7SZLn{S=#lo3Wa8QuXSCa24wcwr3jk3O9ai$wimg4Vt<-jD6nS;ugnxP)l4&U z%>wfYbF}%S`CGHpoIw(~%zVS#YVI_5nfuHG<`MHt^EAn4tX11;V5yd{9M=EHd~Hq= ze-Ph_#`gD-hvXyjG18+c;+1PAKa-*Al%>G2p9b%ri-fnDLb~pPmJKuiU-es4&+uW$zLUxuZa)2zA zFU#JbVG(V$Lx(Ju%Zk|o_6pm;TJ!0A0l!sgt5{@N=PT=#eab(S4(b%u(K={JTB??= z&C+WbcbNmskhRQCwu^r!V1`XW8XsBP3Y<`^#$CpR1048x3&-t{ntnZGehNY7524XnGY zW|l@e)y;a)O11h~Syq8H+!||5v1VKIta6$QHd<$`n?*}eVXw6}+Vvv0Mw&)aBZDK+ zNFTB~P2F3hEoaKmmQW~>?mdS6nZ3jh@V|3ac~Ci}G*!E*?~t_D)jHBlb%VY_->#q3 zA0*2#%~&qVY~~a?Wn>wb!Y1wxg|OJI9&zq=eg_ZpyZJr*US3B0dXFFGVWkU6(A}z` zc2RTG7ik{cqyAm(q~($wT0-{o0=2K}9ra|rlxDm?=~2Cop&9*+Jfp%`WWHdoxAt27 z#3ZsAABd^;EPJuN!hX}fV8=ynkK7&kFw)$yooweBr_`P4)|0oYME&7TKkwu=sU{NH7 zi&3IPj1v<@shB376?14_S|rNFa#0~xi&w>K;tjEdyoK##Z+44HafEF0adBFlCF^rR zgzQ*5&aPwEw;S4x$ezX9&Fq$TYn#~`X|iLtvlHzkJDDtZPdnA_ZTGb^>?}LS9&8uU z%s0v|q1kkzeboMzMypYzWh9wous2!rj7V0bC{pPjagVyk-H?oxak7rAFB{56vWbkB z&7>tA*-j?PB$-Usp{Gohy=9ink%MKC94<%65;;yzg!El2*En#E1J^ikjRV&>@E_yA F{{j_Hb~FG0 literal 0 HcmV?d00001 diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/t64.exe b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/t64.exe new file mode 100644 index 0000000000000000000000000000000000000000..325b8057c08cf7113d4fd889991fa5638d443793 GIT binary patch literal 105984 zcmeFadwf*owfH^BWXJ#sdr(FK3XTvIjhE0=O&rh+%*Y;@2r6h)P&62^qEeUtotB*9DH^Zx#M z|9Sc7?EO6ZxvpnD>sf0(YpvAWu-4^vxm*SOZ`&?cD^K}Xt$zRUkHzN^r*9bH`tPCJ z&uGnyZ9ik~;yacHmM**J_GP!+6{x%A?z``a2X4JBuq<(R;EuZk;n~*&?z(5uZRZyk z4=c?!{p(8>-uvE-BPQkkkNbZ(>0Q!CxBPa}7WMqir0=We+DRYs{BYu$SlZ0ZU{1v4TJ-H9t_RLKHb0klz%{`&Jb#$WwV#~-baJ~c z;^|ZG)p_!e_k5SjBR~AhJzYN104>p+5B#bdbCt4nDd{wldq~}Ej=Z`aJ3r4gRlVf7 zelv%cwRx`7hD%27U%qPz11NWspUe7RJ@Z_x&QQO!^!f4IR>t}A;rsl^fMo8n_=Elh zT&{)ZFI#j={1%tXx>!CikV+m0}DYHtETx(sFWQ<}(`v&e7D2l5lFe zt*2t8<$5w)8nAvF097haqD(4GUP@o6r~Lbh@?4f(>~gJ_b+P?xKXSRYb!^-A6@Ah& zeO3(WlbnChXX8Tp+%)pUKK~$n&KT3*=V{qK_2m3gubzyT`mWQB{Q=YSU(=bJd000; zuGkwhyJM;8N42MRMa^!j`DE#~OK)zAk25`{Dz_sP%!_K_m!o!jw2Z>xs-u}*x*0F6 z)XfgvoX?z%O@W&`w)OW@q9<3C2Iht4hUSH?4PB?3`{}njW~O5)&shu-_$<9z9yOJb zinn9Q+bXSv?1_-Mt+|bFMHJC~&~EKIZri#^8Q_{^} zn(dILAB|MBnJ-!C(`61)ZB=RBQw6|3WWE$Nw};IwmZyXzG`H*KF6&*@`W~6;>5OEb z^fF35%=;a!*V)msW4ilD`a3M&laPx7bF1}J&FPm;AqYpB8Qp<_e!rRRH*9u9&6jj@ zhxMb;QhtXtx{}_QAG5o1I5TIS<{s_gc5DAJ=1A|l`CO<~=!f;<?!jGBax;eL5W#I~_?c-=>$4wl3nT4|+}_JK?D@ z-^tWVYpEY8`0ZvM&jUZ}_g`r7*;8^YJ~?dg(5KMom8tnNFoSzu5c> z8EHN-wnFwo=|YzDxuI;lTV=7y-;(jDPE|YBS{XHaWKQqv`l)UD#LeuL@|$lOm}~#O ztk%s}bn}qyPtm?^OmuZZP2@CtN~WL&(iJne>gG%A?r<_D*d8kltQSVc_TNXz7-g7dPhlR|(pk}Mop#8!&9Gqj+|pWBBk37-T^@zQ z(kxiN(Dr{n`&w%}13XU6rDUJXVIGoB`H#{flMhLAG0E?+ILxwpRrVZ66E7{f4tjsB z95A~1KD9oimcr-rKoQ7%=qd1q97S=%+PYcZdeE?}-Z(TNJ}G3rXsze$0h7m2_b*a6 zHOp)J4+!*Coy0c1d2f7p)D3#~rgutPDgTct7-|)MN;h{}bwhKM>X+mqbbIBc-z#ohc-wN4G;S|A#u%u&$Tl#+LkS@ggZc&KaAfo3GV}tImv%(bf%@ ze2{rU(7WQab)m&;W;icz@S+><1J=}1`0Dyl z^6S@b@w8Osx#n0Cff~ng%D-WVTDR=kT@K07Q-(CIo5zLR1@|l;-B48=*BYvZ#fRy3 zyB_RX_F=}&KA=AQLdyR=nvfO$1QJx;aQP^?j-44|%08u$wh)Fh0~m`rdZiPUL^mp|^MY(%X?56z?@a%I66Srb}-TbDtwEL@GWAnVa?IZtdYV7G<>c zt%;m^F8D*2Rmf{aTe^{VRc5y;6MvNigz+3FwZmEqlPvTc%$_6rx!Af$wZT%lGEYCA2!EFg| z2?w-oTlF<^Iz>%z@fqEGnRz7q);eg+JB!NfPpu*&?za|76M$^EbuDkO4b@4n zh>It-!76MCl~8bZVzqVsRH`Ir_;hn^n}9!gvTnAts<&BQJ?K9M2O2-cZ0I7Z+4D5# zNWyDPy+levU_JkNHk+wxhBtnyZqD$TEvi`YBT{Ur6`7*iW(YHUJ*tKL#3)0R$=@=g zB#%SKm;Z^jI&bh8`_Ht+tlv_E+LeLOTu`VQZYFA4&YlRFn`%VZct!>aMvb*@3-mAK zL9o3QE^>AH_v-WR_#48tf`iXmhhZCIAZj2|RW~YenO@ebtvl_~dgDlF*)V=@SW!@K zbOeMP8+|IPPi3_Qgi7o7_IPzY{7|qyxF^0P^L3aNp}zs^BcRABpc2};J=W_2Rbdyh zwT4M8kJQ@6!Ktn5C~FT_!jr~}ge5FDekpJ}rbHGw>a*JjioKY%s}9WvfdIke3O3R1 znE7&*=kiJ*yaE`+zm=Uolg=XYL4+(df9fJ%G&BEL*()=&bwww`_o-POQnP9gaB81a zZyZ*6hgIIjK-AcnAGN#UjJaFJ{7ih4wr-=guDh%Y#FZvttF3v$l&khn)N{xdHxBJv zvC0w0n!9x^atL(4>tdn0-HCwp-gKBihUl^$sOHU-PRvn54`})=o-USNCU%xGEYGr9P1@Dez2r zzBw+>)#1=5)ARO%JlB(=3!ulsR#EU}Ji!hv)}hyRZGg#hB|YsFv5rOBdHMH|<{C-U_c^dS+2L^R5t- zl>f+Sd9FxGcSp^xSjzt~Y!rl3Z}0OMZ=4=A3pVO^cGt$tQF&40unkvk96lcR)Uc0- zbmp@jcGPZ@)}wZJ;%~I4w!Pqu6^y!E4bv80l;?8AJ=XTi6|{H97!XUCz6Gu!OQ&V| zQpL3lLl3^Z>{5XA>gn>nXT{g#IBfm>zpH=e=w;99z3=Poham#b=mS|VD=1^l0=)RPZXqf66S$oI!H z%!+cj1ai|0K%?fi2X7ZifBHVX_ha4Y%U@PI z3j*rX8xOfS30F+fQz)*2?JI`qtp`M0N4(LEeFv<^7@c0WPk7^U81MMmorT-Bu>nrD zUIfM9xa4rsI$eMNyDUqmF9V_(z_STUSHlu*w{909!ej+aR?uVx zO;#{Ls&D_ys-zY=x!dCpKO9fxY)_^Yln&zIwS=K@r%IqQV0lb|<_EySf%&GfC38tHWEp1?}Wraqt z&M-aE-cMt}u6xhcjpKIQhhDQ{x2QGSWIauhq2j+DRIqQw!%;N&+875m7Q2>Euh}v6_ zQ4~aE4=E6kV`XYZY$7`PLwdh|+tTbtT9zdzup0iBit&M7P)`jaSP_ z3rR#oj+u*KXOuvo^q~k@uwpfwZ{|iF{g+iOFm%xWEBJQB{!JFny@%#=ynBhYi~(k` z-S#WqJ^eZZmohmyD3)4;68j7pf6vU4YOVR(6p$6GpX;pHIY!^{_$0k-aK8ub9ZgjJ*tc2a7-yD^hjQOynvV#x|Tvc(<@geCds;wl~(*P3J4(C(^^jI zsJp1GCsf%GKiS&C0JCGgM#j3sX2YH%Bl#1vF!$7$LMXC2!=2VvhL;m5>R6JsQu3gX zFcB#xBU&k;q8?a!l}rJ@CzSt{`e0W=1g1!<92}&U`#70=XCdyd>(0xkwc z;~<+`S{^prZU4*{fLk{R;?dUeL0i|Zt=l?LxIGcK6z>_S*jr=nLWl#85~HopV3o2H zdWctu-1h~vFq>}+n|EQ~S8* z9?>P%gn=pj5e*|`F?|C-v@W@t#Qk15cONJ)>b!_;=nBz+=UKPkBMU&22V~kH>Y<2-KO0uKekpeGzakM8`wHM8}qcLKk`vVm?*6HApI*6 zW%v7P%>6ayr|$c`(e~q>knzsxv&@16HFthc8|n#r=xtSQ7WvjM7r0!(Es2RrgxjgR zyK;l*RD)<=_Hplw5?26nFasntUu5>yUDSahw!8@aQQUH{Z^g)-871EMa48I%VD`n` z=KZDcY-d;Jxvrph)pJ2S-|j5yO@%LHD-EbNMXw3H5K2HM5Q#3-n3t4aV}ouymjtN=LnYX zXv3lq)+qL0zo&GoAUeo+`+@o{0z1A7Arjr4S zxR3vLMH|r+*_Yirv@^1Ym(`iV8L5KOWCUG8jUF>2?8Ta0(AALrf^bPa@%bQC)UMgH z5_vqbtEEJKWi^tKU71mOYThnnu*Mlo8uD|7e3Y^UEhQOW_T!@L#{$T*R<&SH{q*Gg z`s3Q89jO_|<(gy;7lMey%O`Uo$i?7Wxy!&TYzE&isG|fmRMbpIg(}I783&2h^s$<9 zTf#3}eTlD zyXdE&^IY7Bl1bFC*41*@^&L+vwVJ49R8G*Eze_{by`+*Q=>~cK2Jf`>)_h?cxNv4i ztM*vtFSI9O5>#Tz&BvwHvBK}Lnv#CZEp$eM0w>_Ie#9_9#T?HEW$K4FEUq$=D4N5N5S!L82dh|_#jCcqc0CN%Xm@x9)k@6>3?3u_{|$jB29bm8x}I&IvP&i zSdtkV>gmXfkK)%G9}&_vyftiDVdsoe5pt!{^++LMvr}<84_~iv3f1W5R76dzTqed8 z&@Vf?$Kg}ims~#$Y|fCmM+SVNdTr;3eo)QlRYrdvnvh|}k-WIaIFg_EyVdkD`xU*j z@bNpX4`tKtk+*__yuqu^|B}9eSI(}&nD)#xD6MXetK*R4>RM|uKnme*D)g#xmy#Jz zSV!(4E9seY1~U4(#X`C68*06KySyZ@lo)rG)Ma3^Wb0in*GB)rN5$L>2aV$u)}xXR zcHTQiH;307Q}3IW&>ZQ*`lw!-i4Q@-@@97GrkmS^mH9bV2pwFfU~-74S4LT9(_B`OGM-lxgn`S8n$JsBSX+V8DXObj z@+@bB`Dg%9+WHk&h(3sOL9V8)-NO~L^3^P0RtFHNK#$cepdBGR!%$%=#;#vU z@_CeX38k|8x0B%x@624@6Dl#{mskrgl11NY_F20HVb~g%!W07p+rb$R&14|RvnI>P zhgp-~mu*}(*=5v~xSSJ4sV|g%i8JQJvx~}uj;~SHU+6qLj>~w3PM^s*s^de9TS{D+ z1J*Y_%${Tya$-0q*+*n$*eJ3o9F%hI50vFbYt0RE(dPLHx5{YE_hu^fI!`wVh~u~A z;cjoN6tl#{TkD5|2=!HZNn%gMUZb^%H6C&A(5grJc+np2VCdD>Xe3BhWr8s+fMO#b zz0r9WpszcPB38$_InCYBvq>&FD_8V0lw49YUy4FBUDhN0MPHjtvilwo#H!;ndvMr# z^bRiT42szPtNbyR6U3q|I++vxZ96n`9}b)>_D5 zK#M|FY&)4T({t%WG>S>jWju7#AK+mYpTe&-?OlPXoH0-esjx^IUcpahwAp8@Dy>G* zP4@NVY_sm+cdfI)I)E={fuYlrtvi_w>B;GP*>FM^VO6+wZDCjd{re1``+S*~=~*S( zA^NKoJ|D(=p~#B0)(dSiQ@NL+&pEDmNar51lKM0dMuy@O)@`Wwo#P|rnM$Mb9*9vN z@ro8jY*@(VGiWO_K{uO9)c}$nuk@M9CXF`8rsrX)ZhAgct$1!0MIYtYN`FbuLUKDj z7m+!%z}432Dd!F1Diw;6^QGIxybsO3FSY#_b&F#3G0HhBFam(co$o2+1A&{j%F5=E zFs6NrLU6}Uxp!G$+h5Yft)g@Vp|SnDN$HK7WbE*M%0}=;Z!~#lNi?}UAohZT^&-_Z z=6&88bBY-%h?@6R)|BjTs75 zd;pVHQ`Y%-AResPT{Ze%6sEJiW{A19Eh{whc-&iLBX+m@f}@w0WZpppcek0bP9N;s z5OYaqQN|sH#{+JdTm&y(K2Nu~seG$IcfW4VKtpt3S(O8|Myaew& z8lP+gT`+;*;!2piKj(#*jvfZGHSW%ky(>5LW&fjKkTpvao3uNtVM7PoqzUBtY6yBzZj zt*L`tc;2Q@fj`$e#-VFg-xvQzsBEX!^ekCMdU$-M-5tNwNSDOVGSb81V~j%uiSI^) zPyROwM9f{rPG9=BQhmcmg=xXQ>Yh&26oO&K&g%3URccRW71{ZTdyV&w8}A-9cIImv zJ}k^ErJ=;FG!hzaXX=df-1uxGJt97pF3*v^M;nKRXw756k={;M8+-2}dKrNmG_cjm ze@9f(YBh&3jFU1~awl+}D#DgfMP7fqzle__BQs?bnV^akW{dn)715f9Ih~E5nD2z4 zgsUpFX2&uVy<-Fk-|S?kiiubQ3vC(8oq4>B+ROHQb_yFBa+pk%BqOJVlL>B`6O3gu z4*)_JLLfGg$H=vTrH!tX2}TVAm@H7n2h{S;yRY*BItr(Hb*txambjK8iI zvO7Txm5r$fTybnj3l8*Dml%n8z11bI2G%x~nt9CV^R4iuX8WvFYZRl)jA8Bd$y-4J>fJ_DNma z|MW&VrN`+~#60bYuu;N>k89+GS&6a*{>sPCM0tVHnsu7(oFEOb5OQw}n5!LiWA!tS(So1 zE(KxYdNR^r`+wUm2e8>^`~QVE=|H#r4ZN~CK2#S)#t|C^X{)v9c0QXanY>=H&6@Xj z7Ay6$Qh^Sd0nVZ2N-Hq`X1Nc6*Kx?_hS8kXp_HCy{fvFYy0>wHOP*i|j1YHe!|7}= z{dN{Xai|>5AjlPCunsd{jtWbA5dMhrVRLKlE@!)d>x`JNG%@Zt0yby2TH+<5QFhGV z;J^As>VS0<15r9kc;ZE+0nUYfabyLb7?#M{*!A4v#^j<6y<#|3?F|l#m)UJm_b#LF zyk!Sdp%09{kt>F@BLBEL8r#EEY(+E6l_3K2Ghv-iy}TQ?3WQ_)|ByS(Xq;P&@a@&pzIvD6$N3l?NZ zp(JOJqmu>1gZ>S&H)`C!hc&IKXshAcSuBZS!dF=W>} zm2-crw9+SA-*$2qO3n(!2-u!~ADQPuX9!d2O4P+tlfE{ZiP!Z-jj2ani86JcWDPkJ zv`iKp6`+^ssTl!fvyyZx&!gmw(&P+pW=zy9Ix1=nA4mEOuRQeREYNRwx?BYy>`$rH3=qvT)yaqP?+Nim!#{5|BMdq*q@vym%$9yH6 z$dU+wS<3&l*0fh`+gio(gY?X9ZxtoSxz?RzWW~rn`bAG4u3YeVe7J5#9y1>6VjYg5 zcS(;QCZsmfAlE=!QN>RVnFqrxdv(M-9Kxz3Iqy%X<3G@v-W&?t%muBA`g5HJI}}b` z-z7443=)GzqUC9dAdGLW50!P)b8F`3&@bKTA4 zPYLa*QTgqM3+Q)=`Hb*Rr+PU)&=XFiNqO$brqO1rbba}+1VkiU&I81 z?b`Rej8khW1;SYFXiZzdCZlhL)}*VKh}QJq>SdpcRim#~Yr31dT$aNz z_1&U1{ZM_c)0&`DE~R*nnnR+-7EX8}Kfo`jo7^UFP<`#`^JoK&+S|jImuOFm_dqR` zTt6<`_-tR;>`Tiw2y0JQ3Z!e(Nm6K=?kEN!*wMEvg$EQxNMGizQ12%3cuKe^mS zquOS$Zr$DzvOD<=2klj_h#pUkI*iTcQmy%32!5z%Q?=FEmKgBep^p1*cDP8r>_A5osky#Rv&R^)^lcI7O;&Ylp^NG&9;`jnzai( z4OXDH1#anw)mq-BeRni^UDi6elezFTW*Cu2Q8Qn^3pY4k0P-(>VH z*P2#ww5?BMKfNgBRyv914!)#9f6PQ!{M^K46@D>XR9 zw8n9(x4IetV)H(fCwM<(S>eBl$embe?NOe^Y=DWAFfbd&0&kLUG zsb*^YQ3jGjQj}#p*1a~0<5&z8|G3gEMheq zdI-$V-w-AHmn@_`bxg18p;nvipD3)N>=0&JZq~G5lFpm3g>BdeAV~>+!w!YaqmA#e zQm*)^5m4+D8f~Ca+y5py0onVI7JHY%d^Lx$*+SQ-LVp`vNYR1n%3#8)7DuFg$kH?5 zkw6d9BqZ#4aEay3i)*cD!5|CVWu)JBGV|jnw+3>Vsg-XqLOnB-DeEdbOf&Oi=91Et zk+R-!Suf2LB~DUz&t?}YW^v}2I-OCQiPr3mG#JkZx&9Gzr{#R466U4+79{+t(0W<7 zZ0+MAIZ-ixtxa%x*$>{Ln@2(>(o$rtLv3QEi?Y;*J0*LEwSBSLB(XXRE2l|HTOn88 ziyWKU6*L!hA7kdtJ*zjUk!Q|U4{q!kQ8iZ3u+%7@82d{A%Ngc2s!>OP*4(plf{ZnO znln~`PIjzUQz{Erv1FMOdQv_zR0m}uPyo1S>$&I9OoB9WGH@t6rP5`5l_S^ai^k^| zeT(BW)-R!UusvR)4r;U+TJsoHXv6;DX^l6m^1bR?VuT#tvcyH{o;=zyw)xT@@WNS> z-X|GClIlZ7m=in6vCR)-*R$pCnpsOI0?CJ=gq4%&EZXs%q41p)Y>rl?KzTb?YyiXle*=qMEIKn>J4G5)pn zvWHl;iR*=P;ANCT=U}_DQa8}3H-q)xwt`HQ-@MEWS%kvOR1*1_iIj=SDV z%a0y0-;`;{du`?7OtG9c*L5=vc|_kVp77OiZnQL zr;x9om6nU_*|wLczmTEMRbRtfIfu=lMfp}!-;@?03_B3Ih}*?(bRhz{o&(|(Gy;fkZD+-dy| z0gueB!pZ%m(_O@bA43aw{$5LR;y`mW{ z5Y7ul#jAhjj!gE098*(y%5?-5X)SqJ7ufB=j%A;%371~G1(qxzhMd=C&eoo|E-$P- z(H0JFTyaXMj1#Esid3vX+(7gG60m+!N*5TquPJP5OFU;@UW620sg_#AmU8p*0>pdX zILexrLYI_QTx8QQ6u$c#?94@_)h>#e*A|giiF#!zLRGmGm@HHjL%)uSZnCg{g?xXZ zc(X8%C)Nllo0M#&yQsv$xHLxpl+?>!jHMoxk?5%_$HmIFgnHb0@u3YveQUzQ-pY(1 znIHEx3=M?VguQRIGzzdXgYHI$;(PU75=SH?JHA9DWf>RR@f|F)O?@lbRmL z6mdB}X2l3v0eL^y1}b;}{oFE)S5s)2mNo-~3aKJG{_1*Z#| zpL)O^4*!tyw0V7_2wk`3QNFS{Mr-25qH|pM`zL{4R zG^T$8?U!qcg7~RM8gELj5eg7## z)l(1ppmgg+5QEGqOU$Zqt5LFQ&8?i!qJqH4P`2E_#1;kwrgQJ&XWWv{K>YSM3;ssK zuGy*ZIX;{qLX{=)DV5jf#n08A7^yuG$_wsVF$R+GwQ->}?vVTWkT*|qYuwwgECTlJ z`IQ&~!tHo#+^bq2e7L-d(xTOlQOkf z*^7Xi!TM&UR-Ni~_AG0WPc$fQD8d zhHpq0glZ5Xek=L9`9o))c7;eV3CsM?#lg zP@EG@l@$$cll|Y#5Rz&L2W)rGx4S5uuQea$(c^iNqb1L|V0}tx3_$p-L~h4t6eK;r z2HVXU-lXT}>ZK^@`LVpbgc)SPzuPwaNx(Slc>q({XS8+USw0+ooAi~}BfV_Qyh)4& zzBe8goPXeCimVBbIc<7NQ{K{_nZbT zJ79ZdO2t0johdyi3zHmYAC!-7#vB?A8kb=`mpBtRtou+3zKYzA{Bt#BE&uyDty;!Y z0q{N&|4K&@9se@ZW~C!Hrp*(bQDW430B&1D!TV0nWn_^l=d9?557@Z7HTuXA7Rjxs zX=C8TWXXxi^1;bes5aCp=*SJ%*M)9Z%{d^-KA+gp&>RZlm3_(|0mr2NthRvovtWSK zSW9CE?1qIrFfT&m_9NO7SBnGTJdTh4krj{z9Q{MfrE_D;rE`OG(t}6$Lx8PD#|4ub zofP3tR)z;%b%vMCbH;~*s58EBUW*J6J77hx*)=(PFG@^SUohrri{FRh@u%P=2EXyU zbkoRz^%kSjm6)%arUTgS_$fveF1Xf;EwZ^xX~9|!=fS%(pZ*f_29Q9ZCBV)nc@eA}M z8|)eDd=MQ6v^d^r&shIKB4k`5zRoGnB5*Sn+yyzggl!wxneZ`>MY1jI@%oZhy z@(67%zV!eHP)R>8Gs60t`u<285Xh9R7xvs*GfEhmlqq@KYzm)iUCUmh8K=MK7Q%@Qy%T)8X{tVB*)~T_Ky3Qgp*8%$p zHE!GQ{VjC5_!3%>i^0RBfEW8GLENmo4PA1iOoEm>nehs|?G$*o z1FWR&e?{^P;)EpKIA)i2C}s)%WrHfKZe+7kQ+A!d=`4_R=uPQ9YYKSVzbuLdoeiJ{ zm|VFaF{71&ZysyYMp@lix|4dsN!2>3$DPz-C-oC2wbV&{*Ga8(QV*(>*`NR_&EDl? zJSG__&r477P`vLv@}E}c+D>a6KxLIoStX^FleSKi^KvwG42#?x(>%mFjf!hIu`PID zXH8xksjBBzF># zx;dsg3s>16))Gxv$@oGj;h)v=%=ir_zo&){#5P=4%e$VEE-N%#Ml1^-pJEo53DuA_ zKKN_Z!gz!kPQM~Ky8J!lW!Jb>>ax&VVMY3Pu(L0G$^j*3ISM{#`+}W}k&` z2?JlS&$xe-D{+>#ZXUAH)A%Kh5kKpVfrba5O`Kgd2eO<#j>eg#+PWH_5`^(RUOq`l zi`Gd<4WQ2u!fE+3)1(BuM~JKTM1ePRt~m>v_(&k6=BeWJ5FQEnIE=`651R?jhl+8c zn?%0YsX%ryTYip;59PpCoa%a+IywyT5WW2~frbb&kH|>RRi7 zAz%F3FBJ_@y8HAFR%+We=Y8V{dC#unZ6dpKe@;BC5o&8}wJv&HvbI{+szYk4b$Ryr zin_Jms(MU|jq)}eW0#-z1tNvj8bi*Pv320a|N62I22+QD;w-3yqjW_obV6X>Ba?QS_6&6lCtsp2}`t)I_Sxa5_|Uo9EM*8nKuBMH1x#hpB?2LTRU z-9Y-22>3D31pG4m#VLG)Ym?RhcOd9zxeTDmaPO$<0IG_ zI9fe;eA!a#7JSt7s=`Em=3U9SnUmc1`&9isR#-kJ3+?A2M`c7H)F`+^9N3eLr#JqG4h^f)9`Yx*z`Me>zy>!CY^)Pgc1ph?Cz$pFENjcGgfDO{S*herD- zBi5RPoa(9b-a(HL`s*mSh+&>b{wN)8mmora-$fUA;%UvJD2T%0Ln)|YDb*)0Oapmr z(ro{TN6AGy_a6P6Lknlpf)k4HXEeap_YYXX2-*d#%2xrRIQ2ev5uFKC`ljAHQ!+M^ zK@)p{T4+53VtBF0U*Wx@Wt+LYB<3MkC)PHY;V)}<-(K3K`dX?hmx1lp7*#Y8!hb!R zQ|RPy;Q3FJZd!dX=FHf7x1K9@_y(3TXSCxCH!012J~KWz(tv2? z8i(I(6HQ;Zw0h0(P>Z*|svn#)zvNkU0T5sTRZ0nD3oQ^ zT$HWmPKf|0;IsV&KwLM!t588i{ZfuQF_;o$aSW#J#9(T9W!9C-;lbcB6-2F@001}= zAMGS(JMb81O#8!YUPH8@f%1u**F!7H7edk2Iuxq84*ju zQOF_0OQCaA5AfMp+NX5Z1Q>MO%0ck8&LYdSBEW1zE$P%Zx>%3#tUq?O@CCG-@QT*v zPT37f&mu1?=5evv&F#tJOC=TDwLHS+BH+~(y>@-)blWv7oLuJS?E=@ZEz_q+YG$}) z*$g(*B&lF*tR>(=uhWb~>Dp`-e~R9YJM(zytyJeB`T}Y3ohL%0|g9=P5&>**HbMrTIiiNA z%8|k-cG&*w)F^(Q9YwPoHRdOb;?q#@Q&9~3!%<{;!9jOo%8!<%5W{>9jrT>dN#p@# z+KC_dHtWtW4#w9%m}h<@Aju7;4}GvRn9oAN&k|3{U|0>Yz;c$PT9{xb%-8^rCju`a zY*VxItea8eu1($S=8O*n$9b^Ve&9B}?h|Oy%VPSg45?|W=zwzm@>#QRk&;7Wh}{WW zR%#p>wQ355{~(1a8C@ zW71z|uUWUV4cYS^=zS(2{@c|I0)O-F?F9SzW54r)V`kSn4{lBug@Vs zt>ya#^4%=jr81QSixdRd(yA6d?yMCEK@?x{L|-Ti2Hz^4=&Epf7}W-^Uv}O? zdr%?IeG}r-Q?WN{9yL~b^Acz3bz2;oxJAb-08#&IpRkgtqAooNYd`4+>M%Hy`(LBe zXB;VA)vZo%XTj9!F$f38=M#gfLx*oQN;g3vGkXW0>k?EkC z!lMCt0P29u%C^&UgH(2Rvq`#8uYLN@q*!f7XY0U79LNKD-OFN0LYvcW&hSi(wqE5J z;{Mc%6BN?ndo~bH2ooON4R3W`9t}s0RmZ@^0>XOTw|+9!tRo@}IRs6!?%qAf8lYAg zv{|r}qPE%UR85?hJ(>QCfk6aE3s&FrC)D#_8>ripDUK%RA9H1fSabPA?c!28xBX{Q zDPw%uqKL9U%~L_2$#JtkXP-b~FSO-#(b;~+i6>lCN*`%WBgiBWdVOF+0;{&~e*so1 zhU@<(7D1_py66V|);FHbT~%1UyVOlv=HC851Q1^*zyL>~y*d_rgV1@L4BE_gIE!7K zCq^kC9zlNqf(ilQ=Db7l&iEWlxP1c3#nx6D7&{$Iou_=Q*n954Z6mQ3YzOMNB;#RiGK}+KDQ#cyLsK zg>oW__-lzRra1O5vCbEONmK!0D6IggWJ%^hYcwzLXj5ruAfy0|aT|e6g5!ITYfSi> zE#cE`fHDwK;6)5*Xg5(|ZR0IWM1iw0gPgpjP?Z{IJwa}NK!M+>#3?d@i=>_tP@sD7 ziRVPdD2EoYl`8w4A0|5<57sXj1N2J#92_}0BJ;;1uA3MDeW4y#LCkzMPTbyVZ%y4C ztd?T#X9-smoA_+Bt^?xeQ=va}ukN1Z?FqTHcoEmCZbEwLkHp+vv5IGi$>|&y=lvcc z$QUN$aL73L@T`>twH)H5B$mN6Qk@9VI#}90=3(<=oXsBOOxh)T@M7jG5u6q)_f=r4 z^mY>0Dqy}8HoJsBdHQ=SIHU(y3_3!U-T=Xjdxw({9rEyC5_wkQzHD6f;U@s$3;zcB zM;QBY+!<9W&O6>3{uBe(?Z%Dow;W5j#y4FDYEnN%MQ?|; zxFt7nfbe^z5<$`nJbZN3Z;P|IguC4UAx9m8U~-xDigjG%rCB9<-GQF=hoE>*p~viW z4W$cpWFuaQ%+u3e9WSz*oGpgK4xceiQ9w5IR_i~Oai9~fh2FKM z6wPyBz-17o25YN4Ix%OI+FiI+G=K2mm@pQZJFFkpQK~O z<^{{6@|L{JDWcitFe5w>Ma|9DsjBPXF|BzsCAB9++r}DzfJ+8&!@2ixmVVHBqsK7% zyvwf9p4c5-pO^hd@Umygu3k1??|s>LqcA=sR@Sa3eFVQDHdWNvcUiPOJtR@(BnnBm z<0I?q>({Q8i!Y)#N{q!%#SVE`%Sf>a;&!#CLp#0NC58AeO02xoT(0HiQa*VVr{PsT z>Q(dH!~grJ&%@$>l!sUKCH7=~koCvWI!5YR2Q~O{s_?Q$QmPV9OA-gyjreKO#M@qFCSngjtJuhyDH%lUXdhksXq$RcU( z28h;?$E$-{h1RO2atolFArxlZVDGfVVXI*j=QKAe@-v%EN)J-r#deud4^)$$wOf}Z0@J(}?d?`V&4 z0Kq%$tro%_w%Z=#T|zZ|_fX(&RgYS)CPcppc(xP-EeN9bquy`!xk(J~z@RUOE| zk-nMFVe>ul$i0-;$FbMANLq(RJ{w-MWJ)DEM9M|-KM3u@$o{GA;g-7=V&XFjJRWX# z^zM2*FaEgk*72BmFtae5e&pFqD2Uzu^gR%aCWv6n3CMb?)r*NlHeyJT8Ust^O7DXu zf!n}rTw-JGL}XxEMNBJZ?wMsasVPBr%d2w60o|p$24$^K&1mbBWX$N1ZVPb({)^s48_X$t??(<*#Cr2s<}LY4C0T=@4ka z{1#xW*Ufts&!(1Dyi+K+OZ(0@c|}E<_Z?UP_nUOuC#x%yZqS-8u&CU7BwDu#1y7CnVbr}vPev>itbnMfsF3BZQWQl~$7)UQ%ljpp z;>F6a6a`Uw8#(ZAmTq@(Gq8MgG!@B{0AslBY|hU-$i+bV*A!u9YDh9O*t}Yqn&a?E zBiT6yTh!?>%=WKmN#M`ws~&hYehc$D``flXcv5 zEQIQITld`oRz=>9nRm?zmA&??g=uY#xkb3rirwlj8Av31^t#8IgdXe@Hk$kYW-4`A zjSO0b`wWN^?BH4!q4cgM+rAdWY&j*o8nv+yOAgJ1@qFvuYi{eVOEX{VvYqd`J)NG#85sLr2m6% z1vmfBGY73KZtih#6Nn=lZqCml=g*lTa~)y(Ph;Y8eey#JfS?X@0}eGApGVT5nq7U> zygfwq=1*~~i9n^CeITg1Ci3#2WL0iOTjrKul8Ffx`}*rA@Uc2Mb1_S$cW#uk00QW? zcH9nb2>|JR2)(PGPRSJI@(wRHNx9}-_E}7^U##$AmIAe+is{R-g2RS2+O||_OdN=(Yzf-H$GtolyF@@E{f@ND8W z%Q!$boxgrC5N_A;7k9X@jjEE2#+vO^%DBzYX@HY!p3mzAqv9Zc0BtUT_LT4RwN4`s zP%{?>Y$)%HYO1iIC+QfJ6G)a*=|#&sl^NqvFJWEfZ+}Qsv(0+&$nqj~wy}P#ah8Qr zbIaLWtG`W``a@|sxXxA7E+NSL9f1xWa@X421!WNJx$==-D%{s%G!+ewlQeX05r(Wh zYWw}8W2ENu|6FU_FVO1DZ_D{dKPGly=UTJK$TGisp3eD4KO$x)k+p;Tqc_06ilUMj zmesH=^Hw8gH2)SrDOptpoAUd1PzKH8WEj2p#8_P$1<$3RSSlO)ka-SyYVK^St#LPX z%K@K}$hs66N|8`cHPK?vmfGW`_81j&cB2HERX0BpZ1xB3iY=H<#MpDKA28PJu+QMt zaqB*D*dgNox*4{3ipi~+;6Z0(4SUY<>{h-(S>JAaO9@yb93igVp(kB{otsdB-D2_R z{vBWBf@t5=+7%~7wWl_*yT0q)cM_p+zu?NvrymS+AwxKh+zTB??yDGxIBtM+qV!CMM&Basd&^n;oI7?%YpNuvoVZ_L9gIGlxaCgJ=);M7 zoO-z?9#; z55^)RP*6-R@eDifPo5P zozk;8FxVYhK`^~k78C$E?$GAk(pc6J+Da4(eiSY5_lG`TEv>XdEX~dRPSB$rCupC_ z8{`D7(u4h-9Wd`TK^I>a6 zgTFTf&r|Ns9|-?1w0$o~0>rD?Sppvki!fhnzJY10^_wC%;9XuQD0d!i>OGtD;yy`~ zDaUmH63dJvH$Se51Tq%)HnFe@drq@U!)1$TwCp{KDPMjW8ekO9X}9cbB^?XP+nvIA(E`I8W1O&p%z{GmFr#o3t| zh1F5UHeBeOQk_E!FN?1gf(ji`>qP(Aci^S4+N+`D-E!(@m&=L zV}M&-&;fo#O}!}L4>hdJa~!3`xB3GuT?3c*+U1P_R0rJ+Vz4N7nbtV2yeJ8>(9Te;v2zHQTKJnaxbeSsY$7 z0hNW~nbdhN+x*0$YbcssgY>_^)G+sR5-0=uiv*U8$_HaRw+$H$B&$`<(X`??N7ts$b}9zqAx1GVK84@1 z_ym5>|gh3SmgB{bMB&1apxQ|vhsn_L*}%Qa;J)P6*k|@N>?RT1I-%&msQ(8y!7`V!Oh(( zmj|brZ=#OAQ#W6anIA>lk0DZBxRxxmt2)|M#G(%os7jPT6+z_r(|ku*`miU=ErF7i z*v5Pie|u!5Q>=skodbeZ=ydD|OXGnPV#%r2#}ts^bPp7~RvGX$Rur;ucWTLKAgJgjA$;> z6iU>-p-^uEC=8A?wdS9kJne}SB296jT|_*XcCK*HYu!d6eAbKdLhb1SxmjEsG7fpU zX_5xbZZ0CVrYo`{N)34;vh-!szs)|^W}lJl^DIYnX`YiERDbNLlk$btzmNk*#h%&* z*;Qf-+Cp9sTSUdE#Fjs+7h+Gfv-nDM5q4K%Pt8`br+%isBf3oBB@6C ztfXQ!U4Q}y@+YyHdXR4*r%uRpsQKa@C?#9=`k(WT0^Bp67o|NPKui zCumjX`x3DVswvbmEY=U>)@_tU+G_oAlHv-uut?twLJy7yg$1Ynl`*TXVK!h-HfGfw zsx=Ws{%H)Y5VuNe^6`?3UG+P*yCdfiA7RTt?5Y>j@5_PkB|)e{>cUWkrcpCd!9OHo z(bo|W7Qt<(I8?WNE)LZqSS0?Y(}Zkq_YIf2O9p~aMa*OA2k7zh5vWvb0nGg1m=^5f z&wp@aiWD^vg-TC9N?J)(mDJBgq3Z09LM1G>lCCy^2K`Z}ex-0?Y5W!?Vf|iea(t)& zRiX&(k3#hsjY||Ne4_R`GZ(4q)OHbDSw_y5e-w!7_ndw?`6?TT%8{+u^Glx+#Xux= zhcH|Bt&%uYXhxTm&KFrrz1p5|Ju+T$_Dd!Wb?6vVc@4 z2xJ5|_>zEBc&TS2Qaz`F{^iDeRvN*@%B>Vl^ovCIkA zH8>j8!*{V`|L>wv9YmpP`|;|hfv=24wOJLqU~nNtm%b2?0WnJas*qF*PY6kM$#}J0J|B{5q2lkYx8X?#LQ)A!xH5B|dTU3hLs+-A4g#u3Lt4YY9o%oV+P%1N~m5xm2gsM`S6RY$ywFv1QkaH(Y72>oKx737l zVX83Y(~?K&-aO7dimnVWPK;8er?Gp0cTrKQ^z>FW)US+Er6e%Xe*!@#N>y!Iu2=d6 zF`{4P1hEDw_WveI)pa!L&0Hl-XD;VAFHSad=D{?wlr6>HgVQn3MWah*_)hoAz znCt!@_Ra)8>grnjce0Qn3zGoRu*rZRQ3N7H4F+sR5}atFVH32diCG{uBr%y0P|!ev zC5(BcYFlfyrE0D9)s|;n0IP;Yh>8$gQEN%9+Fy)I+#o74|L?i?Hcc+H8b;JN1)p&EvOroS)6(iGf{P9LTQGdQxSN;I@9w)l2xQ z8G0PJFHDaLP)!egz9n)f-So&C{{rnTil>Kr7n?_zdl!3K=rv-y z*iVOwZ6fCMtUa5)#eFr`W5`R%%P=qaKl38a#oe`Fi%0_sJvg7_o}ZRS6rss12DK4x zvTolr^>bAL>r{65C1c#o5zlk=OYS5FlOHO@S25ave9I70(og7E2a(m2%~F3uo|XdL*sL|JSDT9r|fwL_w`FQX+0`G)50)YL;Sg1#rYk#0oF}WZxW# z;C30qP}$#9?eIFBeG7uTq?t6iGjntO4@E#FL z4I~sk!P)AqCdRqo?FY%QUH?7z^TIj_Ca{wJ z{DJFKnmHnwRBA65k$&zX>x2BUL$Rv=8(gR00&co}2G=P=bDhp6?QnMd$2zIr7nZyUpf{#zI*VPcMbnV?Xxk$!s z<8%Hfa~1b0_R~O-4r9sT4Xob)X_330I+c5$O{<&5#CtAsnezRRnO8rfaOZJld11@d zAd8i}fX4|d1})DRkbI5yC*(EeI#FA9Sc@QIDFsux(#*ZwR1teUzW$B^|Z zvBo#n2zoU8=j_z(&Oir9D?HC@_Y zqD_W+N3U+)M}4N%PoKV*c>U4VD=6cq)QncWZY^dwrhy3E>rmmWI&B4bX|`jn%bnsp0~0ks2QSbyNBrO zM(Y9N!q5;Mxu1yqj}hr`B9-{ER}!v%Y&=G)d>lFvF4=RuA==DfdIIepqOB+IGNbcD zjPcgzD|B?f0$1%yuS5En(?V~vit61$l;d-q&{NOYng_Ex@S10rC}*JfFZg2e8WAYl z;hge8UFK+i5{&i_vK}4nx~-Y5b--dh8qC2TFJ7#RTpQyJ?s7dkMO^k+MHfrKIcVtR z0oSaCgT7(x-X6@VJL2~B<8OceFC~)xJI{w54NvO1DF-2wtKqNYqArs&<+{xNejcOS z-tn=vm$kXvz~S|(X=5aNo?t&)p8>OaaC>lTUFJd`ag6q#)$pu;1mZcI+RZ>Rb2QN~ zY{!X`1mrSqYYueoYwt)xSe*3x?TlGS86?ZB9Xq6X_%7ysSm!ji@BC@~eKR1)*{&yB ztcHt(IzdXoBUJ0i@OE8z324)yBMv7BvR&*n4G@OBRI0%4bEVt>AwN9m^)GnSzQ=?1~Rn0x-z(wq5l?Lu!c zvIJgKJJrtO`GJqUnfq#3W<6^?u^sOU zn%&$X9JZ3MP16Sh`qtla^jabu?$Z@I-1~rU6VBXrWW99#U4&z-NmJgZCf|Kv!cRFJ z<%LeRFNYYXqf2n+jZE2j1(SDu7dJ^inEWs(w+eEnyn%j|9{6qI1>YGV$Lq0>y;?>d zi$vMU@WbZh{oYMe?Bwz?59GPBsizSi-pQz_~C>V`qbpCj*X|;+CBKx9R(&q|fjoE6AJk(m>=CE)6im0O5Pvx=A;mVWTj0hb` znu`%=A*R4nf}Tg}c%y->^R65#1)J=qMUKXm`?J=rT;Oe7*_qSuywBOVvdi;WVnv|m{nmMT(l}jfPUW~oi{h;5^d}zLsj^}iMyBTM_eJK!ejV6jbd|^=x!H5_ zGbsFJEcShuD-9mL49mynqcMZCLhAyskjUgKKVdNmMeZEaf`7yV>Hs~(1F{319YeAX z?sWQ`B&kU90}msX%IZK~r!$aW$WvdI$ap=zSE|wNWe+c zRTSX#=_(qKI$iYx3}DMYqJ0cilM{HSW02>MxG4lu{)krwrJTTDHrIhQ=I{2b>GYkj zF8VaqG6!2n=PbUzuF12?mED39CCl=i;M&qY6o$=*iS^G$krnKvRIV-W#@F`q#M%Cs z`tUcbBbG3Uz8LV~c(fLOhcqJPczcwU2sI6j-~F+y{iT+zH$VfbUG|DF5wo%bIXlqs zRj^A6i|9IyXT_K_+77Cn^DSNgkRgrT*y#(XkH(xfeIaa30Kc30nmvJ?CvWA{cZR-T znAOnfn@Sv^NGZg@k$pxe1qvp=I=?$oKO*&U9D4t3yL8a4J?^Nn-`FYV?ni>jf1XDk zTdet%!5Sz9$!Px>^wpcIfkeijd7+7B?l(pA6CI7{^CAvP-xf^16D!txzp)NKK2o!-E_wm_U!m`Soa!|!biW!Sz3fW$yfY?tI(9*@sn zy8;y)#SGbflqsXmvu@WI@7kPJ*P42g%xQql_$!*4r{Qy-KMQCh2OAG#o z&7^Cvr`)h@@`*nokhA~fZT_gZk2@mbI;r$+ zH1`?PWu@sml`R!uG^PmM9kKv&nK4S~?N*fXkH}t|v!LU|&GK%e-C|<7;k2M5N`@QL zlMw=>33_;7F*~rbxp8HSYt1jj0?AFv+I;d>VpLhK1`!_>w9Z$Zxz)8s7{mJRNR1$w z?_8VcsXrWb?F9Ztb0mwU>&g5D+`W<`fqLoXuq>>4Uc<)ui9TC7t=eCP>F^D0#_BOlO?0G&H2nDvp?!Cp zJg3ub4?nwP_;IcI5!v=Mbdp05)1#k7=&i?C6dr~cln(JsNWR4(rwF0Z!d?v~=fRED z^f;4u5+r1c^)d1ldBwwWxxOGQ8M?LbVx&ap)s>_;k5G}Z88o08xDvW#&uVe;FHjVO zxOgCbkGC-@78&pfUuZ^w?rkip8DHI2?t0mDh1O?TdYvR|xfSqmIcoS(GaWa@nnVsl zQ{&@=2yE8^L-j7%-NHH$Z@$-fk7^k@WIczr-be+@M5|bv;PRBdvYjpb&TQm50$XJb zEh{eTb&j3_@-{{~fzz1E@IA^~jJ)4gU2{#zgPB!j3}yuLBKxGr-+;^d3k8;2e>Jo; zve7P!6SLT6$*J|HaR1#C*eVAHg}i;5$MS-?gvQP6fwX9LfGLB6*yprN4eM076A$CV zpTbJW^_WAr=L5?!Bhc(F7sl%~ciI0gF0RL7$Foq9^-=v7NBjxaKnP;^SsmxW%$k^) z;C%vS7K%N1(JWc`i$@Q+QViFV*-oxyXLSs;Ui?8QxK#)WL51C;>x5-f#Td8ENXud^ z`}p3N9@<20@u%2+1>FVV3CeLBkAo>5La zI?4&(93>Z3h3hO)M%q!LL}#yc5C*a2a*P<-g#KRTvG18*k2)6F=Y?399_0T!2F5jRYV_B8cJ;dYGg=5?|oa=3>7&C@TzROPF zvaj3&ro_qn_+!)3}B!pYp+^fu7m_yMDOnt$N&eQ&Ls4TU9QJ=c4T>rFBY-& zBaIh3sq<5ar>yY|-nlP6AM55L`iAo|nsH27W16=<23ES>Exk(itj!)NIn7_hP@`zM z(r~L~>$J>ln1lxz?vt`-y73pty2omQ#j#J6ZM(kVMUMCSJM@l)keYc6d%F=1nlz(l z9Nwu3V_4nM3t7wB{F83I^7Cx{A?!KL9U`sq=LO#&k;NL24U=K4oG?To+A&JT1pQF0 zPfmCk9rBP|mh7SpmDPBgoLW77wVYaA-j*}9c(DIu*_QWnJqiILvolJ&^hKIZ`yfd# z(mEb=J?dhq&}Ow!GT}M?M3*qXEj!Q{PlMx3&v8SVC-dVK3Pv7%VP!zku_EiH7u#;^v5+1A?;iib(H;6ELc z?DdY)e}IYu?{C<3D4(lr{W_HXG&j89yYl`R|EIZ|f=Bf4hFso+(Z5wFYe(w=joq0S z`K^gp1uqAVQ(*nneh`|2r zK0u zxtls^2>e_;BX$M+sHXGUau4yyMps15#TPc^O-S^j0D_&v($l<69v7Mim%@&x@3wVX z*FDb2FuqM5*U1ug+i!Qp?1t;rG057e>s+5l#qLsXzDape4kdng4NmU)Y9=BX6qzjg zh-5E$5Sf!smPfX-1AaA14uJXN_Q+%C9Aoa%>kl8NC8!}0pCVhx=9Apztm*P`ZM9lX z38Zsne(d@ID!1r!Ig6Q1Q^VnjOY_^!i%h}2hhSb&aFjddot2oI*|L;} z=S`twyvfr@9F1s)hWuE^rG3|;BmA_oZOgZlG4G5Kgdm@~NH)PPM?3tVJF?TTe z4hSGBQ+?9{Io0HdjKjp?Kpg%QgE6%hCuPyggN_8dYcJNtft11Ib%cj+)^uU#s;NSA zf3$UR85wE1xZC1fECOg%%XfOGJa46zNIq$t0UBq3#@SSw7-AxX^+E{`R6p8NEouSx z$t+gDtxlxLEuX~JFh*8V*{~v-f!aBn;U))}m3UhlKJ#BfSCMS>`+bOnPT5pc06U#3D zOC&b3{TfE$p7E{cJW?K}t9fJ-5h_@Bf38AHJaww+?z<$oY|l_e=40VKdx zFPSu&dNxy;$Ce+RLF;oPQ9N{X1$l$dgz89Fkhi`)qDLj^3c@ZbTuGq{D(J4D`gW(# zR1?nO4_8o(sUQw|!byC~`pJ&%5=wNEuvAbAb&)6)1mOmoWIQ~ToaBF5S5K{}p6>eA z^~3DB)YK1kA=MJDCR0CKd(=;!ou1IQOXv&1^I{?W+*qlETubcQ#BRUXwURGgLsEUS zsK`8%GgCoMER(*eezs6Q`qcbww(j~ta9KSEa-G&Wh0^;kjR~WoN@M?os3tnRIWr8m-c%9&R245?9mciEx zo^J5l1y42jV!?+S{C>d`4ZczED1&bjyz6pZ_GZD~H+YNSZ3b@@{3U~L5WL0U`vw1_ z!P^AiXmCsLdkx+x`0WPo68vU^%dvu0XK;BU-SQbcQSikEPZ4~f!QFxv7(7+*Y=fr> zo?-9|!B00htXT9W8r&=RV1pM3?lkxU!4EIgWiJ%G)8LB*f7{^Ig6}u@GQoEnyiV|D zgRd3*VS}$1{CaCo~c=jZM0-LE%ns5`yf z6g#9PbW&ZdUF5%8t8|C1V zE&>q9Q#|YcfZ+ZCYm=-iB;aTg?06a_HqV9^MBVER7DIV~XJrjEY@Or0b%Xn#v(0}A z8VHDLzW2~p*(UqnUEjSOzMyGv|FTtY1zlyUzU*=>eU3#i3NvXU+x$=EZV7Fl^CDmH z)_2mN&s7*NDZ*g(^Nw?(V*RHZ9fa8VKeVTQ|43o?xQshHVy&a_V=jzuN9`TC zTF*)@!gn_1@n#akcTw#}GiMt2=V>i}po#wJptR2H*cAUnS&)g^!{=pQ53MhL779O1 zmmTL1WeLcwF-Q^q0`cfHZ1K9DVIyo(57$iZ@=2!srjoiVLCQMPR2K!I#^$q}^j$=q zT@b3Xzx1l8eLX7bX`Q!v%h_FF*P_L-Gf1`B)wQ)FUPu$7`nRvEwGxa%2;bO>U*TBBxLx@&ejb&eao2#n_loX22o?76Wt| zfrNQt6C8VRD#C@Dmzb#aF7?#8loogm^@C`zo^mj-ul_x_yib!K5Z_huCtv<7sDCfg zH>du+DBr~T_xkxx2tMmO(;Bs0*kvc++4|iw*j!ogn&12x=>-yA0kq4}2Uf2es}}(s zD==>}=EuccVKs2-WW-R6IH8=Hb&Dv7k2HXQSxf-RyL>2-mPs>-pFkt!Dt<2 ztc@0L5y+W06*=<*r;q7ylUlY(Z8{)y;jxf+e==kxZ{?!PTkk&)lhu4=xMDp``H|Lb zKjkn4E{YTN#oqhS?_B?t)0b5LRh%!r{;Md2$Y6Y?cATCUcv6-|d9u0n*54;MZ`3;d zgR%pUZUohL)Rk~JF@&!2P(#(rCwXfkxE@g7WW4*C0zAdS)ce?q%wuNb{okO3e&LGl74b^%0o>nbFw zd`OEE^~&JMmJ0QM?8K97EJPcC0&Xf_{g{LhKS6MP9T zF$cM)fkZaiB9b}a2_$%QYI}X@!Q|hin{1zoY_DNFj>JQ%?O{+bxykmx9$H>{!%raL ziysRSYi*ZAu71E~LXn*ILOW@eLm;ml0tGLo9dMQsQgd+mckOq4UGimtcxCGzB2uO${YECR#7oWHuRqt{BAt(QphtbPRQ9naYVi0 zkPb_)&cLiMIGhb-aSeDVi?Etdc$Uk#ntyoy_}9r)MA?kSs6n}$vdX#ZB;f(IcckWx z-#3FZk)gc)8<{KekGKgV3L#V04{vLYceo8BLD!l}209&OTv_A7Sw|39FX&h=xu}&~ zNRit8c+vAOCwA`oFCuP8sQ)6;e?lO7@fw=hs6ccfurc8>F%7aZ31`o8E!S`=sTCTA zY>cQQD7MH*0~E#cM% zlgp>*wo5bhSMm1C4_V;T@1L{IKq!bJkN4Jp)pqR@VlxsO>uz#ml-;Qa02T_8wVXQU2$F&V%_y(fyuO%@V5!bkf ziUc7NcPNh>g&Gx;w@*Cle69?c?F+La4ra9;LDD-y%X@SG2Dvk>6ZsC$ z!E6^=%M-Xq`<&KVerOOC@SOG10jWe+!?SEANhF6vE(k=m;XOu9um6Cxb$Fc~%Q?he z$f~eekK@t9@HzF;!IBeXI9#sVwg;0hrtT!Nm4t$m&F!Cqt_Il>bKZgz6hPkNO_;$8 zbC3#e$j3#ztZAU#twUJ6?u%H?f^p9yD_dA1%4;f~`V}V@D4*N2F8jp1wRvNTJhJgs zYqL?UR9}LVoURvkpzZG&>xRGTCYhc~^^M=28_9~97w!J-K|RC3p*BHj1y&S3wN%nW z;)clka9cu$79zZC>#uLw9)2hu5Io7yf729$;zG^?#}t}Nvic^|lov#LBU&iKVWDul zd7qZ`GD=B=9v4Xzgky>=8RHf@oAqdXi->}A-b4X}h&h2B!Q`t5CxPU6i?@`T%U~)e@?w#b6cosNZH_L?x zbf#tV?)Y`I9EWZ>5&o07T*twCS$$V*8Rg+(>}@+lv|G*}@?_lz=;8ew*JDDoAD;{- zJQMH!MfJNPMBr+at=c)Tn`xm0FSTJWBq<5&qR8py)1J(owWqYd_jNFcuzyqXX4ZGX zT@>am&)RHP9?kMC&#vs40%)MfORB*B_V+Pp+YS&Yd_AFs5W3;hl8<05 z)5JTv#mUtM-3CX%9&MVFAQ}a-y-km}>2W;5$!WUD&N$Dys4=<09n)g{acfU7Iy~6A z@qcYUlzMOq6r>;3?D39TC@S98NO;t-W{+p`%%;A18}z4A_wie`8Y)?#>zbB&_oCrU z{0Eb(CYUOp#0)@fpqqsz^kxzlxXJozVITSVg0WX`pECjQ$$g&xx7U2FD- z3MCvY?eTcUn#`m|x$1XBNCo>54mrU?g^7MOJvB2umo>6D#<=Q>BT~Zc$1h>hw^@Cev>21Q2WtwMB|_^mZHD)BS0Jdv{;MzDU~*l`XkJdSN=*FLG@WFBlI)=ytcn$FFWq21td6G} z?6$;Xbc6BGCz4%*x}b&V276_3n4}$`6wK%bi%5c`q8sdGV{1Lw?eQG3>QgtEluxUc z?!J4f^+_jMmEqu8y8&_xYgy%?MEb5DQKFS{afrvT%)QgQv9e2qjHTQ=HQLTZHS{)D z_}-~#I~$KxCRTbUvV~^A+Jj5A&Es@~U?)i9Nw$(m9A(h&aV%{sgVV~QPl7s>ageny z>|k918ooBfitecUsD0=>8ymd9xh%mOh**m#ScL1*tsPF8rho8LqCuuMs()k;6=!GfUgYF=z|Lf6KHc+&cao?Ht`0{^z$MWKWs3#l!vEv)`K98k$SS83*u&eSm=4=oy#p%`@EbL`r zTdBB-)`z1ND2ou-8*qF*Xri$7K3_hzr{3r9$cnZpImL&c%$>f}9(teC@tFI~dY_Z< z64v{?^IPhDzLUJ#**+DtuWYk6Z68CnrMQ8)@OfCz??U(EQF@eZ^*-B*)tb4bG}HBHL;qG>JzFibs_B(v7fMiMKJ^4z zSfaZcipiOX!ru%lOJKSUKeg@uY{NTk*gzIUWPXff<)5zzIwrS%ms2({lR^s7zP%#o zjeeoybJqR)8RPp>1U-_erl%t4UEin(y4*z9ry}TZNUaF^Vx&@fD1zR|&_v}^h@%ui zpZ|YN5p*H_3VQxC6+wSTs@r<%B|SLkRR_~G`f0heTh@3ss>se};qnhCg4WHaW1_^W zW9e1|eSTMmD1rur6+weX>0XCFH|No!}`pUJ8m&a8Ejl5;T6E$qcg?K#`L8p$Q z9sHLRLEk{M!Q?i##M74|=u5PFb5HkU6hXg0BZ1?RMbBbn`yW*V{e9t12XZ#(3(m4c zFX*9e>?9Udw4mcCg3cqTUVb)DMaTTNQUrZXoIQMe8%59?j1nJLmZg7K6ZBIf5TIK(T5EznlZ7%9 zjxW|z-xY)Ud8qWwilJ-HF^lMLQVcyE#lwqz6Zsob485M~JRih$G}fI{!JU!dHZjJx zFO>-o)zIz2o&<5XGgk-K8AZ@2haOyao#=*^4U`0MwaW~NZfLPbHMDJyYUqh#U&6x% z0?Sca~jn1yezw3~V z!{KGKQGW2!FrBu6LMOZUaM1hKA0>Ckv|PEHd|s28@Q0hoXSsfWc*0ZQ=vvaZ34`SG z4aw)%yfi19+8nZ*67-#0KmBZ--Elp#JFJiFPI)1iyi*tu5{0)uK9W0Z_l>o zqLx9s$HwG=`9iYf8R zpWbwFe{0-LA|Rm6Lz#-FB--ys*QV$v&|f(D%V74Dc=OcsR}E~2d8O{cK>WM-9g-MK ze*Z*v|Lm2+XCO?@S;DIIn)a;aICO~zl8>Wrt4fK9CXp*TV}DCL!uROwTs_OEPJB0K z$_GtXh{~>j5W?-Dxmt5`Jt?-(fcXBJ# z!NB=lrWZCL*{Br$n|R&~y_NOIYME5gl5o^TJeo_EIXBk)JtvG=BuqF(Gq?NThI1;% z&63yTFw9)-lOwx`QD{MG=S-4AvS)me_5Fjk8p>;vt*m+72e-TDGTm?QC_&vomR$6+ z4ooq({5Jm*0@I|{E9ekCzM^PvA!>p?;^T{#*yS|%7bv$@MBOQ{~A+sSp1 zQv-Nz{dPstfO#RZOL5m;d&>#kJ#3H0Twj_BEBr!+{v0lQ$V91cKIb*%WSDDytnEd* zhxH35P3x2Ork#3()!lEtc2c(7+z} zi#(Z)qy)FyTC6Dgo`@iDwy{_wPYSt%1)W=EPPSwSc*EzWB@d_Isrm}Z&cMrDak4Lp zMNry~6UXn@+69`tM_k^mTHhe!KsGFPxsk<`1B=}UL!Q`W0v2tH=KMB=wN7HsGhEb8 zPWd44B_ck7H)(1-GyIp?(h%s*%Bloy{}L=OFbefiMpf39=~##`&a^aXY8JhY^HcGZ z*=982mrY$9;SHR5`_*ztz%#YC?eb=xc?%|g6&KqBAJVZz-&MzDoUk~#)H`*6|MOsT zSchfdbwVGy1%n$`P@25`t*2{sRnQrleZ#!tKazdM8aPs-3XN?jBQCNI&3 z6ndGr@ysD4NIIeC-=e?x9?c}^%au5?t=~ULjE&Jzr4;k(-%5X8zTCQlXVG!3w%(i- zqJf^r!|lFX28;HeLu^q@rUxYHlbgIw>y+g>(jSnLq(YBRg%0br@u1(WHPTrQ;TDA`{vu3#Z^t?dZ1{bVJIOf@tn) zb=AwN6h^^qaE3jbs3~RrNXktquJ5QJC)W$h*yN<0%0&vU6yiQ^BTvrK)x0y(Nfj@ zNilmWx43J*&2?n3ki^`_>e!RB$9-BdFb>wiKxYyv$RW!Nb-ZZ$M6*ohghJO~z zD7g$Smgh5;pXQBxg$(Dqa$XK5{{n^{eg?2awtj}pkQq*;TR%O)5R+Htc3Yb;kR`M< z+|5MNtzu8A+HGBO5nB}T_Cw>X{SG{Z&IW9`mMjqf(RUHup1>Du5iASOlC@O1vFvGB z5jny?lBSd_c5b8=vKVmn4d#<~if9vsjMmaFecfed3}NID?dr^3ECK`jJe#>?3a_%6 z+tSG0pp3Q8F^@fqQ6m<3Z%R_QTavKm)k+Iqt~|o;nFlxs$#LcH!usSlnR3WVy!UpKlN*M0ykUKjk8MV@KhD|< zW_0~{(OD|*=j^d=)mgoZqf)IywndiNzsA%tZ~5gAipcSF%g3gWMprWy4}K=q#Qw1Y zuZQ+~haq2h04)Jt7FYhUR#`Y9>v~WvDKrqDven^0L$eWxTwXifW1Sg}{1EM()q()M z*39Gil%^5OuamJtKWUk3KWT|Tz;oxV%XVaN08`OD9?v(vVp zI+6*hBQ_9ySrzngKyleRg!)Ovn3T{VBa<(pU+f31jCC}XIVoJ9KDcc)8j`w*#y;`8 zFvYz|YoW-XpB&ryN;Gr+NJ~#ZgcpCG+ysKxGmAuuntST4SnkfyU@ltDS;U& zxYf6PRNoTOI3wjZatYf%$+~iaRDUx!JoftrShI|&5EE~;@3Ag@T#qQUaP%j427`xY zu)SlorghT<#(M*E631Vi$dz z9j;rDSH4hVcI1ffB#{F}2&gH!b{Xp*6tuvC&`Me&0k;(?_)BYl2zq?HMDthr2NU+#9 zdqp`+ytP@^WWp=PCP-_PR?solNHW+`Dsx3}ike|)YGS2N=3jF?md!e=UaO@EwK;oi zPSb1oXMA~9+C5B85t2fa*THJW3XT)9>M3TTmzVFg0@oI6BUQ(=fy&Tb9VsT|?n%L# z$x*E+AT}c$auOtqhH=V7aWIsin1??snDvT~s$D-;#_DIbkTQ3Y8UKUHKZ+$6jnN-| zS4zIaYxLtVJ-?|f(4Z181o8C?COnZA!h5>J>0`i z^-t6hExRhS60GmbkGD9Vys?r`?z)z$2n>GKit9m;V=BOuFQd<>0tsU-k!E`e#5<~f zr1Vm8Q|a;{hfvH%mxdMJlxJ3DL@U+ox@~KKf4%FuekGcrrmz96u3wpsMmKLUvbK8b z%s%|HS~L8hA4+!6Mn6=nwe`b3>al)hq0*N-u4X|P%2k+lR%1yYwx}eue0F3<*DWnx zS)=-j$#6jW^>8}6$YwkLE(@JdCZy8-_3KH2+s}{zQK|cExXFe)ZP;eRPi)w4vhhFM zh8Z@TYr`@duCU=PHvF9pci3>h4J{jX*)Va6iGQ>Wcb{#{TWt7%4cFUnh3#*x4R5pI zZ*924hOgMrvf*JHrlgzr&$8hKHoU@y%WQbF4ezkwHXFWR!?$eMWy5}Fns^7>&~3xh zYFiZ1|83ciQj;8@_GBPiz=znE8!`IP-m$;m18Wm{Y5HQ%}^JsY;EgRUUiOI z!oPEfM`AL+5@r6KuH59o{BvtNu~}~all?+l-#*+zzUSbl8k^oRc$8l);;Y3?eiwjOkdx3)%$0-+{XE1{qssAP ze)*~hbFo@%n`h$pDs24PzGpl|#M5nS%A=IYzk;5UU#@xUd`j6RU!nXMSczHElUPkY zj9I8*(iMM_j>J<$e139LVu!$z-%OqRZo9eUTzu8`@;9G+l<1Nl?J^hNr9FJ-L*vRG zVdvm}v{~{IN>|a!Bt4}}{9=~)q#P2D;}AE?sg}X}F`-7m)3KQ=BtVSp6oHqU3?__z-n~|L}^L%ga1sCS!UvzQ7tl4ws!scCY z>1E$tc=;7q78YGqTvA%LXmR=XuC7>8Syg>aO|8#=?b2n-ue*N5${TJ}GpcHGmX-So zYO0D$rFNIlmWrwS8d^cAnn+8k(0xmKP$ey=93Q2O7}Do!v_H2lM}m@dm$aWe`pz8w z_4E^RmG+cNA3Ogzt}?D%OxyElUwy?eoAEDAP2r!!Ie~aQ2ks`x7-h~zV0 zrOWjg0ewBN;)s1~emGZ}AWY?OXjPN^4Rs?`0rT#s!%;}Z9B(k#cl zg1^_<{-pQB>fUAI7k?$V7i)Lvv67~n)MQ+7<5J1r<>XOP6}M{sNsJ~$IWCpdha1XB zDNU?Pu$7V0t$kii{!QL}^lB-+)M70$R%ky}sth}cPwF&OG8vz`=`=ypX$fh|m?~qA zTct816l1DUr(!B2zDmqeX33M-NJ|iUN{No8RHe?Nv>-DFNcp6N^$eM<^CY9Gs`_a(R~K_o{L%PN9w@17)lGxB%c%iDeWUvo)F#A!sQ6%DMY`%N>CD} zyP-yi9+O#zg!-G*ev$4ard-n7`ije~+n}`LP@cN!J6W9_jxUs-Z&#m7NvrP^`>s<% zhslf@q5OaQ^rUA=pZ(9IcV;-fYTBr21J@E)4ROk^JLeP}wj9%?YawRd!_+Z8y8Na0M^fd>B;_7ZsXY^=KlHX(FTLRT(6ckD<*7Z@O z$2K!YTz%YhLizpAw4b9>k~N;tyeGB0>D}E=rB-Cr@Gv!;$To90rGK3Rj5`;i^l!aw9%!4hZ1W)7+?HVcBZZ`Y)wX$vZFbw{p|*Kryz!63 znf_(j=Ha%vGtRi5WSj4|%_D7dTdZ+++vaN9JjyoLIgLA~1o~HKn?noeEZcmY?e4bC zhix-Q7JA*x~fq@K*EH$#o*pPLy{daCqDv!cuclbxEh z5|fKqdrc_`Ow|8)XN|g+*cWM^vgVN4$iyJ=U9DTdQvRN+^VK_*9KxA(>nLK6WpCRv zwsVNj{8EWQMvMyjp!`xR{S_6U{p7zxaYz~2PxXsPjLON$iI(4)X~ZQS-5CW7Vw~#i zw6ysJuwUJ7-Nc-QiwpTFwXAv>KPNtTNyg~}IQb{WfBm3<`JjDzOiv2MrOc&V9h z`q!Y2{dctgRjT`+Lw&n{J!4p{y8lJM^Z7RaLgC&2Y6HjAzs!LD!!5wED*VrARsZ{c zLp3OHwWIrAgyY-&3xz+nMgOBVf3F8fN`v_qN>NPRc%rRG{_mIA_~`Bb+m*K4SEB01 z4d!5U?f%uRT3z3;=BDqjZCn?)x#{12u>Oa)+gzu550yYIR8 zSNHw;{@*CHbMX#2}se|`I%cmHO!zt{2p2Ooaa`SB;8e)jpnLtS5d z`PE@mas8JWG{8D#(4<&Wn471@LEZvX;fG>BueP-2;;X(_TI|cMEUT(nq8;WFMt->G71jDY#lG@uOAD&1 z{ncT6V`rjM`EW6d7L}e?wakQ^2mddJwdNFd6cgbtqC&<5wEy<2tGlUgRUHeu$eZeJ zT3t6dI+_*Tnl)=6d|FyvLET#ARH@@K3g*|bUSm;LP_UMu?$o-qb%atZ>lQCw>~zK~ ztFB&JU46`YPEKYn;*;~6G5DXUcQR%r+>?hY`x)Wl73o#6oL`8mtVhSPb`I@A2w&tY zs&JRq)Kt~D%PZX#MgGd-#icdpxX0FNPc^KeINMOo_*C-xK{t zXvdFxmEU)K54c05(x~t0E)gfNH_?$?*%lJaSNz{KWDNdpuC6!6I$*w%~%UM=U z2Qf8kYL0l9EGeQ6sXd_}WE(e;`W`1(?c&m_imS%luuJKp-O5L=P9?kQ3nVxn`-?);Uz3|h{Rr+w%CeYj-$(Z<;mirbpb8 z)#%j!kz{-HBVAsbp2%7Ct_Mh_%V+v!PrB=z_4Hp-s+&SjKW=}m5N6)onG?*3Z%_X^ z<#8vEa~IjAkXF<)G$|bGf7CcgTTxN9R3etpy_$m|*fHUbuF+np^pQ?c%_6^4c&$6N z^jb!m@-lbnl4{@bQ~!Q?SJBk$L8yp~($7o7jaeG3dr9e%D*H%pwB6H2>k(1s#nMD}7>hi5W-@nU4Ec;!YamRD(+5)u8k^HE6c0HK94KI+bb^Uehg1 z*pKj~cbO=*fbZ#HP8u4ehE6`AI=OIgnuL+~HpA5Ut1x!#Fpk&=6+5|K+K>qeXO7(A zQp0=$)QKetq!+JTQ(|lSwMDf?zW`H&uKWh02@~t5Tq8%G@}WLRnH~4{jaUoLHSSxStwa;-oAwQWi~T37U;t;ahB{y9fNQJF+5%k zFL9~ia|fv5)bsG!DV-;@*)(wVQ!eVt1x;PEyJ)9+Iw9e1juTa#&ntt?Q7OzN*r@;#zXDtTC)l>P^Gl4GMvw9~F8?Ica77){qu z8>*S5)H8g44CQ~MleF2J)^xX5Y2z8>@9(wS{qvM+xTHI-Bxw(mBf@=b#$`%f%J-_B zmdTH)XUUJWjaYZ$B9nH-2Upsxj^dt z#L0uIwY&Hk-d_#BoAR|KwYr)Us^bge(qd`rNs&2ls5%C>Y!SellY)Vo0(~13q$36Frd@{zHoe+UIU<4 z0`!VkgKvRelE&Ov(qQ~x>@f9D9WhQ1p|0)mzd0$XpGusX z{QmJ-rOHEeJ&F0}mbkY5tuf8f)lr3!1rcdNSE0p_v*Og)^lKu=I?5vZnj_r9$e;At z$-DmO80N?FL(R2WQY5%mXAvN7JmHFc7cBS6u`-APj0z9EZsTXat zBbl*}_LTh4fa-+8_yRpHV`e?nIj}9U)wJf=g5#{WI%U1(h>lRv>6~N?lztFPKLAcP zAszi4s{d8A8R>tkfqD$G`)&ahV?g|Dv(|Ksj8`LlNor(CBI}0%YGn8PX3E7F)MLJBll9(^vlG-Q zzQgL2lCRV$>0hc-9G|K1tjHKE`B={}o6i4vj29E7^_ySX6u}*8nJtShw$<3(9?|W` z`0W1sFZp&un}5l-8#?@7k#8UA=qbk8w7`mYte1C2zM_8@!HHBh5ie>!OsP|R2&7&-}gU(hnDynKj zrVDdsUzC$KW%9(53RbrPCG?*STjN??ggG$t=BpgX9A6Fpb1BU^+6Pq!<4sC8$D23b zQ;@5JzZ&5!EvlYbQ%e3`)VN33Ch8NFQwjTNMoqa7W@*J77#qS;SDBG{rA6149%El^ z%34F+&0StCsodPFy?E4~s1PTuoBnS_&8u9j=~I%ktQbLUQlTP9n)yrUb6n?$$lTiO z(yRQ77M0c%)RfjrlQ<=6wy)xn@*1DNsA66vT&fbKMv7ftRn^u0>X|UMB>{>iET9x| znNd`YbhflEU+FTR8Y^}tXwEX#5s_O70g5Whuj^f8Pi4uR>hj7NResX_5NZkkt)Qx0 zsHUD1+4LUfH#B9B?jK4$AT+xK29l=i%i53WDTs7v>J>-}RF#5zW-v3IDw~*Bmvcq7)hXNs)Oo@{6iz(X=p9+a5WaoJxdB`6M+#L*!SB z98%PrZq~60S36(*Me@;?gBsFZCW%W%0{XB!I@HDIR)zb$`i&VM3QBAAX+&i)?T2B%3Mw@`fC?UWas(I%4ljz-6quPF)EcHufL?a zsHQYb+fwn-gGQGW)szcUb-pSxE+rS2NtEogr5tv#WE@fIPo|~QU${4IT7*5qk^STR z>Z*;LSI9YJKI+syG30uDC~IFc!yeyHPZ#ko-@ktUqQJi>@SmqZsLxHl`@n>sj#ujW z%iS-Oy(G#H%un1;;0yIPIlmX2t)EKai{?w<>&M3yk27&|uFqCbpYMxZJYOuIxW(~> z+$3HJE6~L!@ybvkc1e7&+4Lv&qxi%g*1GoRvCT7VGef8jGuyVGV?!CaB>qeJByAR5 zI-Vs!Hy^{Eez1Whi_X84L;TnANuF2Pa5YfMQqL#u4SbTHAM%~b2MbJ_e+iWQ-peQH z!K%{sj{&7jd-%ltRX%Y~fha;B`GhY2++X5xelcpyhF|IsvzSn3y?({(Zgu7B-+O&>FW-#EFYf=doB^D1g9(Ysq2P=jzP$FmgKQgS z*>IW-Gi;b{!!#SF+R$yo6dO8i*wxR_`F$I<+3-&`+;78|Y}jhU-8O8o;SL)%+whMz z++@RtZMe~f_uKGx8{TZg1{;RrUtyblHmtB=p$!+<&}+jC8>ZRtbQ`*D=(J&1v?+Ig zCVWQ^I(ORkmJQo%xZj4YHf*tBvkf=eaDxrk+i;l;3vF0n!wegy*)Y|HZX2f9Fwuri z8!8)iMVb6}+R(CLn+^Bdu*HTOZMeaP>unf{zs@#S+py4vUK?iE&}~Df4G%|}e0*lZ zHXClT;RYM_q;U^&|F@$J7nuAUFXI1gccH^K(V}y9-}x^bY}a>+fz?9|TyK}RAm5l7 zHuM^|8;1J(Rdzp4J!tgs{CB~LBrIQOylJz?on^%)AOBT&qy2l^ zj(3F}?>`EqzeqlN_Z!)3%1_ow@>3T^%NF;)@5ip8Ms^OIvm)A{-sS6@;7}IuVm7=B zPj#pQ;136JR}(+C0ap%I>U8irUafVBZBib0oZH@C@K`KJl{xIKpjk zH}I@caK?F!GXvPlCus@1X|yR9x}p?%pLAG(Kj9NUw*$Yj?GFPdj4^&T0q;3QsTHJq zFYqJ2dnG@>q2rJh10N2Y14CgG_*~#ue68SzfkRG1h2>cM052F1&Bs6!;6r>;mWP40 zr<*+ZfTz(QQt@*-uz@cdT;R_qaZa9!&MDvrX~;Ta-w7OWhKWBBxQ%ZGes%!QWf@+F zpDf^4d{U=}fk&p0XY5rv=Vg3C!wTTLe4W@^z>8qm90o4{?m7#e3;AyWzRoAK`V;V! z4DyD($V`kqhj;`BMo%Yi;7;I`=TZjn#lSy&N2%X}KMZ__PvWtF^Rs9J)Yk&wwR}RW zW?&ni_z}qU1dR)v$tQU(1UB&P$NzfZ{d{fU8-f49_qN0X+{$Nx?*RVjJmfUMZwKz> zI}F|m+>sA&>=gU}hhAjT8V-DvPiV3Un0>LKt-$nI)Div#e#qwq?*!J(CN0V$@bkIw zt+4L`zH$jqK7*s5Oq4X~vZO6g>NhaBq+WgtjJ(X0D+;)rZxjC40w3fPI&1`%vK8Bp z{bJzze3CbTi3?3wfio_LF9m(Fflu=Zty+M0UBUhld;{<`KC%B3@Dm%4zmmSsC-w!v zdcL{f4ZtV(B&}v(RiVMFfx#m7t@z2fN~tUOB<#(=_7dbdz~2W>;#@-Vp8>p@PyEP9 z#<`1?dKf$l_#|H|cr$QDxxur6&)E2G;N0&)Tl@$-!l!8GTohN!`GkfmfGvCyzrcqp z@PeOaU^a}y#oz*;@&>*em{?`XCGa4h^tCQv)-~jZ_yu0UC+)KkxSdbZ z64{l%@JSip26}2ZlOb#!a1UQ6cq{O7AEMyk)xgXAq(__!fxo-fo)s{DGJq%EOuNKS3h-h+$#Vhl zmwXcTUf{V+hPGM2J8n09;ZER=pVDXXBXGeTCJ#Q~)Sn@5jr}y>HFp~N_<&#V32hGp zH{E6EDe(HA6F>e}0RO-zd3YH3IiJuCJ$)+i7X}yDw!y?BF!63a`jo%}_n5J<4fx8v z45irb2k!or8S@23-DlDjIL*cde#Dn2eG}&HR=x$`JAf6x=j<0;;JF)Vx8Pa88a}D( z4Zt9u~B1Mhv3HViKCmTlx4{5GK4Zsrkzu{(@?Ja7r0 z(76tn_B3V0e-= zBXG)o!h)v*<6fgI;PJrOd=md$U^}0T5AOpXf7|qhKLTgHW9n!w@a%VK(}c|c2KXfG z&A_RDGwp2}@Lj%6{8+$+mdU3;M>}O>&2u_1y#tzp3+#HI^#r)U_zz5*5%>_Fj2jOF zt3HP2_^AeV@X6WL9f1s5oC^MVUZ_`={KZ!hxhVlPl+#swF++{Q(2T;#jOUZBW>3NG+P z8y7yJ$OMbMK#_Zuya^PURIlh`>>~Vs=_|(CGawFw11&^#JKi2_O~C${{G|GYaQ`@#NTop|ND<)Z}nj>eAq7R zop&>?K)kn20aWL`teLS7nN#j_sQaDW=H}ng{~&6}J@sMS$99`rU&EZ(ZC>^s{)s!} zzwJZJlqqEPe&j%AsoR{2o0~6-56NNv9{)FS;zV`+`RA+o^XIGb@^a<(`&FHIudCyK zox1(@+tsgs{cE*(^JdlD+^k-G^;LD`$Pp#mSMjAiW9Sr9y!yfJI_|ygTDp{>9^>BN zM~Ca;4=-K1Vug74D7gFZ-r(*-IPb#j#DK2zAm*h@#cb_G>9;mx8&ppId=xxfrrnpW z=ybkM;NVW%ymYU#OTw3x5x@Ly6#u*TmX+-#eQnn9mzD9*K@dMTO8kd$mmhw#e+e(Y zibI$Wlm6bF+Dsx6{{cx~{|=EpZ#(QIf5cW+Ciy$O_lpCV4vGhz|J8@r?LNHwpu{2O zBeNIg;^A-w@nequ<1>R#y>s_oiclu>aqfR`)gU1NKZaE0{Cdsgq`cjG@o_WWiT^iu zoRMKXXmi)|d+#0n+uho)xD)Pu&$M6{!Q-|6y}S3^Gk15_;k|XuVun7!ujf70byz!# zf9TtOXID@=Yx+wRmT?yUTIu?J?%4&lHaUnIDL zPdAO@Kyep;J;O;neSJ4#AFNXjzDT|pJ{RA}ptSQuJ~!XrYv<|d>FB>jbmQ$ z(|HTE@%8K1s|Ox?w8Q zQy)E5c6F7ykt!;CDj2-+sg5gY30L3v;pbOA3UcGm-{D2jugX?F^Ul0^^PVcpOaFJ^ zl~-SI&BejsBUc7*XdL&{cjsNHZVcY@)Fbo$UwdZ)US*N&{YGT~7Z%YW;F1uwK-7SU zAX^d=mPDf9++lFL5s^Vq)(FBVn=-Bpk{L%)L`dR-p=lh<=erWo<=Y6ZYs=BJWx~k6``g?pj{ZBI6{>?XwoR{LOQq+j&8x^EO+OWi``>0N4n>3In%8zy38dlH+Rx% zb8Vh8m->vkb}yRi{EE2?UN)DpQQ@+;%=IlXm#6yY56qqaiMfHB&0YMtxhYeoxEpW0 z(dFmoyW4NS-Q97=9qz8X?s9YI&UN?Rd#|70MT-`>M<0FE+p;I0e9~=rdXc;4OLLEw zntS%yXWa`gyx?Ab`DM3m-8#2%<3{(^TW`5{-+kBZ_-K>c@Rhmu-+$lB#iyTs>UQqf z=05z^Txn^k`{tW(ysW_1LsGO?>7z3^5}KMbWy9B>b@GAwsUhrFD z;F}9Rt&jE?Bjs1laBlh{#Ulj2x>Uav7W^i`zbE()1^=nwcL;uW417v+#pTi^>*vd# zx58d5Am3U05L;i**`_wm-tFs5n_}CR@2qsOv)${;@lQEM@QH$NE%>g2&k?-( zDjg#D@%5bD)W+HDzRn&Tzp1H5unA_Rc-0o54zR5TD?P7D^ud{Oa;{<=Q z;8O*Ej^GCheyrec5d0nWOn=+K+#`L>tsZ6W)qHdBEH?Mqy1no<1rG;~75s66Z!Gxc zfvZt0o+tKO}Wnl(*K zY~Hi{f%I6y7FC$(tNtZC1lO>(0TWM=8M{$=SyW@c`3OCIRiGa-6E zJ13)icB;DXo{^r~Ej{-n9%$Aqv2pZ%R!&-ac6vr;hTy^Ml#`N^yGC*3k?fr8P{f2S6uLqK%4>Zped}=x!WMtWn2U_tV?AYu&cip*4@r(#?!+lI7D*%gES! zKR35q`q`ao*QkEFM##ve_pHplW~^~+|NjrxMl}%@elq;z|xMWSNrVT zjGWX?lC|>Nx*tlfy7kV;Nf#fpVs69#O#g(wZ{IeflT;=4w(no_o1G~^% z{cEDL(mU=8E&bTH8*N3QAa7Tr0~wO=EjLUyj#8|M1Scfe;D zr}nnnZgaC{&2qD6&vpd`1@4}E?(x3D!w)~~{lO=mc*5Z;yteXwH%tD;BKZo>JoAiu z<&{^wZ?NTq68FIeAGj@Bwz$te`^_K0g^%Uxev<3`yAmv8U5#rBcb@4f4cOVNVZ zCr|D7QCy?Ot>Wv}u6?5X;f9Gx&6>4nmQt^7ot8)Gx>4gM zEn4W=dUfMdl2el1@rkXHQcgHLrJf$BebiAW9^bfGQpypBC!HAmA|WBERZ7j8Ms8%CU&!(iDP^&uq z|1s{6`no!z$>FtXC2JqhxY==s9_$SPnGv_Z_cb4tgvE$<}zWCx3tvw%X-@g4LwIw@u?%bh$ z>6Ulid1vwS&p&^&&iN#F?%Y|D?`hJa;rr3<%Fo-c;U9C&!hCe|=FOX^g;#`^t5V|5 zKmYvH(^d5Faf&0}qJ6ZjSh2!B`Q#JRdTNTh5TLS>k`mMY+qf?pOndNmw{G3~sc3zF z{rdHHuUfTgQnzm1+NvMs>3G!!s`XUCg?T+ZTKNo*x%Wra6I2^0R?&9Po;}J8Xj@cu z{2PkjuSy3`qmTCO+cyV4;pOpv@x>QSF;WwLwsh%IkGEn-_VLFb+uF5jO)&-k95C_` z_L6oUxokIUw>`#W%8ReY0^$SoW5<_Hd9QuoX@Ym`l`M8=9?Z*&5y^Ox!JsV zv%UTH+x{AwLY2?sKTGCze);8>dn9+?tIw_9efOPx_0?BjzxLW|kAL{#hb0>8TVO=z zzoc*Ngu`@Te=YvS-pC-rvdp;yvdjY#hJXkfFn8~9ro>p4I7M#ZZIFT=m)w3%u6r5 z46KXlMrW~r~3o%VuR z%Clz4tISSWX?D(wX7fKX+qHZ52I&g=UzOtVU%q^Ke$%E++sTKYE_-R34^IO&hdF?+ z(8FASJD-{V_uhNYS3bjY_zk|u0n&994>in1Xb(nD&;#VzP^+qO-VEKG$C&4Z^W&_N3?kt6tD z86EH)o-;?t4f2oO)t=2Gbhhw6^X)Pky6N|mU4?5$(V%#;jTBwrKV*Yh(j%?UQqs|zv6wCXvmiQ_Yl9K zp^N@R_Zcsj(a>7Dpg6fDt?-XyN2^ji{<6jSit)G8JWNN=uq~C*fxO4gNsudA_|JXT z1z@o=v8CS@=_oY3YnCM%x{HQI+hd>D@8>Ud=g$2Q)9~AGzcsBh`&4KMHPBJnoCI28 z>G=Np?`_@Vv+driv+d4Nsdn3lG>_PMADjL8L$kh{&2pgO&8R+0W;zFb#wJOhu}RIP z2k7(3k|%WfC*|2Hp~2&?`JSfOMWXEbRA|8-(gqr6k$dF2A{{}#kac9K*V5 zMPs_y-FaO-4G?hQr)K9yY3Ng8)>}CB5)I}03=L6zJ_Va3o7zk^sj+B?Us`5c)yOgoN?PXe*U6rJN<;LF^+kSGd4+~hE7B2kC6*38Lj&cpNoUwYS9i39 zf9qrqj1vuGyV$PMZT5!L85(j$gK}*4ml%D%2i zVUsS&w42AAXYakS)}SHQ$ME_rn?$J$f7yF4|H5ZFxPuohIDt3%0H4F0VB=%`WBeg# zME;+?p{qS58kUNNM<$2{=>qx;4d^pA=?>XdXqW*FL%Z4amx_kJX4=F{x_cVH6CZ>1 zIrtduw7#kQO#ZPMtikvZ)OqvfS#fc(;g^OQ=7aV?dZM_jt-X7It-7|oJvl`*NEaR! z4G%{38JkovrmM{!-PLA}Oto8wr`au+r`ye<;X2W9jcAx48YmTgjQ^HysQk?SfWKtH z%fIA$Dzsd8-E|g;L_9r#2HO460Zqsjuv^zXY^$fXx0Rw{nP~9(EE=#$L7(T!CfzkU z)ove|X8#fm(?!EgqT%n7qbY+jJ)+p8^cWxGVd=ff&+I?=2l?;RsZ(=s08gC?DW`#X ziKXK}wEXzv5BC15JMGzN8Mflu4z?_+&)B4(&-chCLBp&l4gZuJO}{MNZX8lZ1BiMb zL;iMe)!DLFKbgH$LH4<9$ee5a&DS}G?BT&m`r2%mJ;W|eHGwP?}8a&vP{XEO}HE-x?7uDId~n>KBl*K37* zyxqYUs*DzR&)R^k!WY6HWj{bcpI^OijQ#MP_8UcG{rVj1W84wd=NZxkN@d7~?-Z-3 zBVYf&bnWp!`Q(#N*U_Hg`V-rq$&dE)P*_-KXP1>hx;~)Pp<&^B!TW|IFu)l}j z(7;;2I)PkK*~35s_7pi}ErdtU+?;9a?+5?g_ToKb_xc#p1$+$j8Jl$HxE#>`#r>CJ ze>W->ItBTWtmkXr-%jUXBGO^gJ=5R3GwFnJedd{GdcQ~KVZ8kWcW`BnpdnPggWt#= z`y6~b<^p{{r@cOF9$24)K4X(&_4$7un}Z)XEAaY2?HOmBajVYs_&5k-M|IhBM$vR8 z$rRJFmMvSFd~1&jc;GL^R%i${&_PRoRAegjjct8-_Qm$(-_x`{m-!g1&&3lm?6H3h zwzpqeV!LxKw^2e5MeEr(^4}D2@=PE{7a@AE={REym zH|i@o9cXCPs+H;Nnx6;O3}hbPC(r@D;E&8hCwl{0^Z^|~AHtl_B7^uQVeMh>&Hh>P z@~h&X=oa!XSt`(Zv5n}dGU9gi)mQs@fClWUV$0UQe}Dfya{vvYLPOa1vZutyM()9r z78!!JAYXisPleAdTk=oEo=(>}!&}%x91Q-*Jr!9Z-V9CPM$B1f@4WtIWMo)cTAJx} zik}DW0~2VV4RRIcBf`k?tX z$(xq})+qSQ^Hi>(0Xqs$vHuS}^pGuFxX`bG4?g&yha*NHK5dn4yHIQ7)xv$XzPnyX zllQ1<{-z=L;{Ra(rH|9OM&D?`g?Yy=NKU;kp*)GVtlxG0+ldpoQPqCav9m zpMXrU*2eM|T)75+<|g0GXt@4)lemgkTqWS#F>1He7xN3=)MFAfhHcaJ|~g#EA9p6SRXYY=pxgYXIafvsab zik%a9yJX1{yYtRFy*$J3P@x;yL3i+*xJG8^kF`KH^M1WL;b8d=?i3$?h+P-KKU8Q4 z^+0n1O*#|p*DGWU7-$1uWNU?NC$t3I<)7Ynkn&!J_1^z|{73rb_rF@dr$P(-rww$_ z20CcrDfR_jpfWdn$2?#=(NpFOTSP8_92B&`ca3o{c4jZe`+oBH2lTKd4>TwE z_xL~1MP81IY|%dV+;iUU!UOabc?W;=K=OExhX1WH6H7ru_!;7#vJ>U;A826h#DBs5 zAqT8Stex6Zrj7Ia&{J2I2o?Wem6+ey*Z%GzqQNx~;VHBI#(&uJYdQ2bje^1NSPQ8PV7 zRZ(!;tr}anCZkd@9;ogrEsPbXy=>*Z2YE7Lp=pZWlJh2Cyzy(ZR~41h?~y29==uGX z6J*1SH0B=cCpMD(5;#yp4kPOG|0KKmwQTMN+07^Dn4Bs3M)F+bSBQy|A9`)4*;>(F zg(>^l{nuzqd-=q@U0h4 z%<#EB@-xH{DU3}e_e%bloL{Uwa+ZZ04Y@vYOvq#MQyz487#}|<Vw`RccHHbpuXiv#l5uYx@4{Jz%-&e9-{74mfPjIVsk0L2yh#p1!($T=;A zd>c6u@`dE7mfSw_7juT&zB3zLqMWC2;5-jHLC%&E=*O=ZKYsl1Ns}fG#RsJZJcygX z3kvada!uqo$d!?2BELbNj2siW4RU1Um#!XIR&Tpzh=GHbN9A2Z?wkH%$HxXx@olKF zcz_G@zv}u_Bj5Fqa3H2hY@8em@<^VG{0g~7pW}*-KjD%d4CQqq$YU4rL8W~D@y(Qn z7@*%>_QMvi-^V|PZg7DIwCjt8_`D(cDss2v49PvuiRKH@3GyT43MVT^6?nj4u{N6A ztxCE4qg(oI?{L}wq39xZhkXHiJ9vWafgd}!zG*N1tB=nU5T8aK$>9^54mv@eiCiCf zvPn@K7_3i8Sswoajs4Cyd{b_N;_)w$LG%!xpB6l*@Pi5-@QHaiP}#8hL7y`vS2tBS zkT0!JerEp||K^)-9&q>FclRSVgg*`*@SJ@$durmQ-~lhNN8F>3zvUc2(22_Ak>{ea zR#_8|kF9vcaK&4O!G~LJxy9Q(>@Mpc_8(b*AIKtOg9`7w6np_||o<|lS;n2Trg`&j9gjke>%*Z0b!bb|af@;Gba zxeQ+2h0z=`FiVH_DaEJ z_V~5w{wzR{$HMVF?4f^;w9mH4IoT^~`>>&F*RE|9?;Q^v%43eW_~MJ7*YCIOvdb>> zabTU1^s$Su_kri|1OBtWLl)o%_*X3Sspr;9wqn=Xea7cPd9goB@BKcIwVu2Txh45o zrgPt(?y&y?4=VfskBV~xeym&A4)&$${&ZFRy91SY_Mq}VwvkIDFQMO=8u3?f7&U5? z=R5X*b&$S;3@{dUA?T{si64}g87x`OlaKV12Ib7tFYT$~;gxtl>UCD^}d1fouQL;JWYiU-{bs`W;l^865PU z0MmN~?5wlS^0e~;s7mqn7yF}g^h4>dL@{~Rd~6Q6 z1--Mt=a|t8@T0(o5aY#PCZ~emE*kFApj90k{QUSqp5ZGMJgAJvdZc$Gc-z2PRcJ@% zm@jw@-PmNsUheyqWBc(LN4Cb>|H|+PKCpgsVEVnIj}_w=5_3Wxf5X^*eCQ49FR}!^ z^hw3$p>yaqbRuJ%-{I_qeiz{F!$H!`*pztaugLdU{xb(uY%jKtdDc52kiYGUhux?? zh@Tv6;kPDr53-_PzhvL`i`NhF`ps^&^55&mPZlp!tEsvwRGtek@dBZy>bp=U=`+

^h^N4aZyJe%k(7BL*-gn=9``8`j0CuR45%cHI z_uuQ8!-|TEvJ}r=zF@%uKc8U@W1eNxUymJ(e45Tb6KDNieQcKe?L-gR8zZj^wFmi= z{5sAxrfP3BOZz~T$3h=Gi%jFg1%D>!6t*l^`zH2G#1PiYtvOBSI#q&y?8qN57P^LA zq9U)rQU+*y!XEgsGMCJM7yWOS+9lW~^axz>9gyv{Pu^qsBg%ZkfzkaN`$zV#>=oFn zwANnf4&g*eu~pAMC~1dl8FZ-^aeQgZ7=osPU=58@oke z55pen;eU@Z`iL!`$;1-VA&$VF4gN7ttU>relx5d-_x=|95B47HeeiYJZ$$38(ddJH zcrW3>{OR2@KF^H}gAbdZDX=AzyZHSizB_(9`v&$-69)D4WBjSaY@YVD`kl8;nl#Cu z5h1U}Tp}-l|Nde9w|3Pc@Aps8-X~fh_EGq!b-~*$a&nv>05-_n;)z{t+vW|PpX{Oj zKE#i|Gsq9Jhpor%Fqiu6y5}jjnz?*$b)h|UO;3NGd-k|9?ZqeVXL!9~vaIO0E8bVb zejzv5ZG0}~1A7{a3!hob11v4ihxvzh!S5>3I?4E~N9+^m8@sHve^M+wb{f3t2VUsD z*C*C&;z_`=&t~mbE@mHC`k7cGl3rKU9U84p?fzGxTg1q z)-Ai@eQSs49?#VDZ(BQ5_sXt#*VAn)X1Lk5l>kvHP6SDZX>#ITM7@`jxR;sQ>OG+Pe$CuXbGOdj zGq+|zTtQMnhk{-O{R=KF7*}vZ!OVhr1xpLo6l^NkTCk^}W?@_*Z|>hH7&o`>+{q8j zm_Kv=-1+n7FPgt}{>u4l=C7T3KtbFEnHc+rVzeuEi5hE<2hHiD6S}>D5l co{tw5U0O7=?|={2,3}|[~!]=)\s*') +MARKER_OP = re.compile(r'^((<=?)|(>=?)|={2,3}|[~!]=|in|not\s+in)\s*') +OR = re.compile(r'^or\b\s*') +AND = re.compile(r'^and\b\s*') +NON_SPACE = re.compile(r'(\S+)\s*') +STRING_CHUNK = re.compile(r'([\s\w\.{}()*+#:;,/?!~`@$%^&=|<>\[\]-]+)') + + +def parse_marker(marker_string): + """ + Parse a marker string and return a dictionary containing a marker expression. + + The dictionary will contain keys "op", "lhs" and "rhs" for non-terminals in + the expression grammar, or strings. A string contained in quotes is to be + interpreted as a literal string, and a string not contained in quotes is a + variable (such as os_name). + """ + def marker_var(remaining): + # either identifier, or literal string + m = IDENTIFIER.match(remaining) + if m: + result = m.groups()[0] + remaining = remaining[m.end():] + elif not remaining: + raise SyntaxError('unexpected end of input') + else: + q = remaining[0] + if q not in '\'"': + raise SyntaxError('invalid expression: %s' % remaining) + oq = '\'"'.replace(q, '') + remaining = remaining[1:] + parts = [q] + while remaining: + # either a string chunk, or oq, or q to terminate + if remaining[0] == q: + break + elif remaining[0] == oq: + parts.append(oq) + remaining = remaining[1:] + else: + m = STRING_CHUNK.match(remaining) + if not m: + raise SyntaxError('error in string literal: %s' % remaining) + parts.append(m.groups()[0]) + remaining = remaining[m.end():] + else: + s = ''.join(parts) + raise SyntaxError('unterminated string: %s' % s) + parts.append(q) + result = ''.join(parts) + remaining = remaining[1:].lstrip() # skip past closing quote + return result, remaining + + def marker_expr(remaining): + if remaining and remaining[0] == '(': + result, remaining = marker(remaining[1:].lstrip()) + if remaining[0] != ')': + raise SyntaxError('unterminated parenthesis: %s' % remaining) + remaining = remaining[1:].lstrip() + else: + lhs, remaining = marker_var(remaining) + while remaining: + m = MARKER_OP.match(remaining) + if not m: + break + op = m.groups()[0] + remaining = remaining[m.end():] + rhs, remaining = marker_var(remaining) + lhs = {'op': op, 'lhs': lhs, 'rhs': rhs} + result = lhs + return result, remaining + + def marker_and(remaining): + lhs, remaining = marker_expr(remaining) + while remaining: + m = AND.match(remaining) + if not m: + break + remaining = remaining[m.end():] + rhs, remaining = marker_expr(remaining) + lhs = {'op': 'and', 'lhs': lhs, 'rhs': rhs} + return lhs, remaining + + def marker(remaining): + lhs, remaining = marker_and(remaining) + while remaining: + m = OR.match(remaining) + if not m: + break + remaining = remaining[m.end():] + rhs, remaining = marker_and(remaining) + lhs = {'op': 'or', 'lhs': lhs, 'rhs': rhs} + return lhs, remaining + + return marker(marker_string) + + +def parse_requirement(req): + """ + Parse a requirement passed in as a string. Return a Container + whose attributes contain the various parts of the requirement. + """ + remaining = req.strip() + if not remaining or remaining.startswith('#'): + return None + m = IDENTIFIER.match(remaining) + if not m: + raise SyntaxError('name expected: %s' % remaining) + distname = m.groups()[0] + remaining = remaining[m.end():] + extras = mark_expr = versions = uri = None + if remaining and remaining[0] == '[': + i = remaining.find(']', 1) + if i < 0: + raise SyntaxError('unterminated extra: %s' % remaining) + s = remaining[1:i] + remaining = remaining[i + 1:].lstrip() + extras = [] + while s: + m = IDENTIFIER.match(s) + if not m: + raise SyntaxError('malformed extra: %s' % s) + extras.append(m.groups()[0]) + s = s[m.end():] + if not s: + break + if s[0] != ',': + raise SyntaxError('comma expected in extras: %s' % s) + s = s[1:].lstrip() + if not extras: + extras = None + if remaining: + if remaining[0] == '@': + # it's a URI + remaining = remaining[1:].lstrip() + m = NON_SPACE.match(remaining) + if not m: + raise SyntaxError('invalid URI: %s' % remaining) + uri = m.groups()[0] + t = urlparse(uri) + # there are issues with Python and URL parsing, so this test + # is a bit crude. See bpo-20271, bpo-23505. Python doesn't + # always parse invalid URLs correctly - it should raise + # exceptions for malformed URLs + if not (t.scheme and t.netloc): + raise SyntaxError('Invalid URL: %s' % uri) + remaining = remaining[m.end():].lstrip() + else: + + def get_versions(ver_remaining): + """ + Return a list of operator, version tuples if any are + specified, else None. + """ + m = COMPARE_OP.match(ver_remaining) + versions = None + if m: + versions = [] + while True: + op = m.groups()[0] + ver_remaining = ver_remaining[m.end():] + m = VERSION_IDENTIFIER.match(ver_remaining) + if not m: + raise SyntaxError('invalid version: %s' % ver_remaining) + v = m.groups()[0] + versions.append((op, v)) + ver_remaining = ver_remaining[m.end():] + if not ver_remaining or ver_remaining[0] != ',': + break + ver_remaining = ver_remaining[1:].lstrip() + m = COMPARE_OP.match(ver_remaining) + if not m: + raise SyntaxError('invalid constraint: %s' % ver_remaining) + if not versions: + versions = None + return versions, ver_remaining + + if remaining[0] != '(': + versions, remaining = get_versions(remaining) + else: + i = remaining.find(')', 1) + if i < 0: + raise SyntaxError('unterminated parenthesis: %s' % remaining) + s = remaining[1:i] + remaining = remaining[i + 1:].lstrip() + # As a special diversion from PEP 508, allow a version number + # a.b.c in parentheses as a synonym for ~= a.b.c (because this + # is allowed in earlier PEPs) + if COMPARE_OP.match(s): + versions, _ = get_versions(s) + else: + m = VERSION_IDENTIFIER.match(s) + if not m: + raise SyntaxError('invalid constraint: %s' % s) + v = m.groups()[0] + s = s[m.end():].lstrip() + if s: + raise SyntaxError('invalid constraint: %s' % s) + versions = [('~=', v)] + + if remaining: + if remaining[0] != ';': + raise SyntaxError('invalid requirement: %s' % remaining) + remaining = remaining[1:].lstrip() + + mark_expr, remaining = parse_marker(remaining) + + if remaining and remaining[0] != '#': + raise SyntaxError('unexpected trailing data: %s' % remaining) + + if not versions: + rs = distname + else: + rs = '%s %s' % (distname, ', '.join(['%s %s' % con for con in versions])) + return Container(name=distname, extras=extras, constraints=versions, + marker=mark_expr, url=uri, requirement=rs) + + +def get_resources_dests(resources_root, rules): + """Find destinations for resources files""" + + def get_rel_path(root, path): + # normalizes and returns a lstripped-/-separated path + root = root.replace(os.path.sep, '/') + path = path.replace(os.path.sep, '/') + assert path.startswith(root) + return path[len(root):].lstrip('/') + + destinations = {} + for base, suffix, dest in rules: + prefix = os.path.join(resources_root, base) + for abs_base in iglob(prefix): + abs_glob = os.path.join(abs_base, suffix) + for abs_path in iglob(abs_glob): + resource_file = get_rel_path(resources_root, abs_path) + if dest is None: # remove the entry if it was here + destinations.pop(resource_file, None) + else: + rel_path = get_rel_path(abs_base, abs_path) + rel_dest = dest.replace(os.path.sep, '/').rstrip('/') + destinations[resource_file] = rel_dest + '/' + rel_path + return destinations + + +def in_venv(): + if hasattr(sys, 'real_prefix'): + # virtualenv venvs + result = True + else: + # PEP 405 venvs + result = sys.prefix != getattr(sys, 'base_prefix', sys.prefix) + return result + + +def get_executable(): +# The __PYVENV_LAUNCHER__ dance is apparently no longer needed, as +# changes to the stub launcher mean that sys.executable always points +# to the stub on OS X +# if sys.platform == 'darwin' and ('__PYVENV_LAUNCHER__' +# in os.environ): +# result = os.environ['__PYVENV_LAUNCHER__'] +# else: +# result = sys.executable +# return result + # Avoid normcasing: see issue #143 + # result = os.path.normcase(sys.executable) + result = sys.executable + if not isinstance(result, text_type): + result = fsdecode(result) + return result + + +def proceed(prompt, allowed_chars, error_prompt=None, default=None): + p = prompt + while True: + s = raw_input(p) + p = prompt + if not s and default: + s = default + if s: + c = s[0].lower() + if c in allowed_chars: + break + if error_prompt: + p = '%c: %s\n%s' % (c, error_prompt, prompt) + return c + + +def extract_by_key(d, keys): + if isinstance(keys, string_types): + keys = keys.split() + result = {} + for key in keys: + if key in d: + result[key] = d[key] + return result + +def read_exports(stream): + if sys.version_info[0] >= 3: + # needs to be a text stream + stream = codecs.getreader('utf-8')(stream) + # Try to load as JSON, falling back on legacy format + data = stream.read() + stream = StringIO(data) + try: + jdata = json.load(stream) + result = jdata['extensions']['python.exports']['exports'] + for group, entries in result.items(): + for k, v in entries.items(): + s = '%s = %s' % (k, v) + entry = get_export_entry(s) + assert entry is not None + entries[k] = entry + return result + except Exception: + stream.seek(0, 0) + + def read_stream(cp, stream): + if hasattr(cp, 'read_file'): + cp.read_file(stream) + else: + cp.readfp(stream) + + cp = configparser.ConfigParser() + try: + read_stream(cp, stream) + except configparser.MissingSectionHeaderError: + stream.close() + data = textwrap.dedent(data) + stream = StringIO(data) + read_stream(cp, stream) + + result = {} + for key in cp.sections(): + result[key] = entries = {} + for name, value in cp.items(key): + s = '%s = %s' % (name, value) + entry = get_export_entry(s) + assert entry is not None + #entry.dist = self + entries[name] = entry + return result + + +def write_exports(exports, stream): + if sys.version_info[0] >= 3: + # needs to be a text stream + stream = codecs.getwriter('utf-8')(stream) + cp = configparser.ConfigParser() + for k, v in exports.items(): + # TODO check k, v for valid values + cp.add_section(k) + for entry in v.values(): + if entry.suffix is None: + s = entry.prefix + else: + s = '%s:%s' % (entry.prefix, entry.suffix) + if entry.flags: + s = '%s [%s]' % (s, ', '.join(entry.flags)) + cp.set(k, entry.name, s) + cp.write(stream) + + +@contextlib.contextmanager +def tempdir(): + td = tempfile.mkdtemp() + try: + yield td + finally: + shutil.rmtree(td) + +@contextlib.contextmanager +def chdir(d): + cwd = os.getcwd() + try: + os.chdir(d) + yield + finally: + os.chdir(cwd) + + +@contextlib.contextmanager +def socket_timeout(seconds=15): + cto = socket.getdefaulttimeout() + try: + socket.setdefaulttimeout(seconds) + yield + finally: + socket.setdefaulttimeout(cto) + + +class cached_property(object): + def __init__(self, func): + self.func = func + #for attr in ('__name__', '__module__', '__doc__'): + # setattr(self, attr, getattr(func, attr, None)) + + def __get__(self, obj, cls=None): + if obj is None: + return self + value = self.func(obj) + object.__setattr__(obj, self.func.__name__, value) + #obj.__dict__[self.func.__name__] = value = self.func(obj) + return value + +def convert_path(pathname): + """Return 'pathname' as a name that will work on the native filesystem. + + The path is split on '/' and put back together again using the current + directory separator. Needed because filenames in the setup script are + always supplied in Unix style, and have to be converted to the local + convention before we can actually use them in the filesystem. Raises + ValueError on non-Unix-ish systems if 'pathname' either starts or + ends with a slash. + """ + if os.sep == '/': + return pathname + if not pathname: + return pathname + if pathname[0] == '/': + raise ValueError("path '%s' cannot be absolute" % pathname) + if pathname[-1] == '/': + raise ValueError("path '%s' cannot end with '/'" % pathname) + + paths = pathname.split('/') + while os.curdir in paths: + paths.remove(os.curdir) + if not paths: + return os.curdir + return os.path.join(*paths) + + +class FileOperator(object): + def __init__(self, dry_run=False): + self.dry_run = dry_run + self.ensured = set() + self._init_record() + + def _init_record(self): + self.record = False + self.files_written = set() + self.dirs_created = set() + + def record_as_written(self, path): + if self.record: + self.files_written.add(path) + + def newer(self, source, target): + """Tell if the target is newer than the source. + + Returns true if 'source' exists and is more recently modified than + 'target', or if 'source' exists and 'target' doesn't. + + Returns false if both exist and 'target' is the same age or younger + than 'source'. Raise PackagingFileError if 'source' does not exist. + + Note that this test is not very accurate: files created in the same + second will have the same "age". + """ + if not os.path.exists(source): + raise DistlibException("file '%r' does not exist" % + os.path.abspath(source)) + if not os.path.exists(target): + return True + + return os.stat(source).st_mtime > os.stat(target).st_mtime + + def copy_file(self, infile, outfile, check=True): + """Copy a file respecting dry-run and force flags. + """ + self.ensure_dir(os.path.dirname(outfile)) + logger.info('Copying %s to %s', infile, outfile) + if not self.dry_run: + msg = None + if check: + if os.path.islink(outfile): + msg = '%s is a symlink' % outfile + elif os.path.exists(outfile) and not os.path.isfile(outfile): + msg = '%s is a non-regular file' % outfile + if msg: + raise ValueError(msg + ' which would be overwritten') + shutil.copyfile(infile, outfile) + self.record_as_written(outfile) + + def copy_stream(self, instream, outfile, encoding=None): + assert not os.path.isdir(outfile) + self.ensure_dir(os.path.dirname(outfile)) + logger.info('Copying stream %s to %s', instream, outfile) + if not self.dry_run: + if encoding is None: + outstream = open(outfile, 'wb') + else: + outstream = codecs.open(outfile, 'w', encoding=encoding) + try: + shutil.copyfileobj(instream, outstream) + finally: + outstream.close() + self.record_as_written(outfile) + + def write_binary_file(self, path, data): + self.ensure_dir(os.path.dirname(path)) + if not self.dry_run: + if os.path.exists(path): + os.remove(path) + with open(path, 'wb') as f: + f.write(data) + self.record_as_written(path) + + def write_text_file(self, path, data, encoding): + self.write_binary_file(path, data.encode(encoding)) + + def set_mode(self, bits, mask, files): + if os.name == 'posix' or (os.name == 'java' and os._name == 'posix'): + # Set the executable bits (owner, group, and world) on + # all the files specified. + for f in files: + if self.dry_run: + logger.info("changing mode of %s", f) + else: + mode = (os.stat(f).st_mode | bits) & mask + logger.info("changing mode of %s to %o", f, mode) + os.chmod(f, mode) + + set_executable_mode = lambda s, f: s.set_mode(0o555, 0o7777, f) + + def ensure_dir(self, path): + path = os.path.abspath(path) + if path not in self.ensured and not os.path.exists(path): + self.ensured.add(path) + d, f = os.path.split(path) + self.ensure_dir(d) + logger.info('Creating %s' % path) + if not self.dry_run: + os.mkdir(path) + if self.record: + self.dirs_created.add(path) + + def byte_compile(self, path, optimize=False, force=False, prefix=None, hashed_invalidation=False): + dpath = cache_from_source(path, not optimize) + logger.info('Byte-compiling %s to %s', path, dpath) + if not self.dry_run: + if force or self.newer(path, dpath): + if not prefix: + diagpath = None + else: + assert path.startswith(prefix) + diagpath = path[len(prefix):] + compile_kwargs = {} + if hashed_invalidation and hasattr(py_compile, 'PycInvalidationMode'): + compile_kwargs['invalidation_mode'] = py_compile.PycInvalidationMode.CHECKED_HASH + py_compile.compile(path, dpath, diagpath, True, **compile_kwargs) # raise error + self.record_as_written(dpath) + return dpath + + def ensure_removed(self, path): + if os.path.exists(path): + if os.path.isdir(path) and not os.path.islink(path): + logger.debug('Removing directory tree at %s', path) + if not self.dry_run: + shutil.rmtree(path) + if self.record: + if path in self.dirs_created: + self.dirs_created.remove(path) + else: + if os.path.islink(path): + s = 'link' + else: + s = 'file' + logger.debug('Removing %s %s', s, path) + if not self.dry_run: + os.remove(path) + if self.record: + if path in self.files_written: + self.files_written.remove(path) + + def is_writable(self, path): + result = False + while not result: + if os.path.exists(path): + result = os.access(path, os.W_OK) + break + parent = os.path.dirname(path) + if parent == path: + break + path = parent + return result + + def commit(self): + """ + Commit recorded changes, turn off recording, return + changes. + """ + assert self.record + result = self.files_written, self.dirs_created + self._init_record() + return result + + def rollback(self): + if not self.dry_run: + for f in list(self.files_written): + if os.path.exists(f): + os.remove(f) + # dirs should all be empty now, except perhaps for + # __pycache__ subdirs + # reverse so that subdirs appear before their parents + dirs = sorted(self.dirs_created, reverse=True) + for d in dirs: + flist = os.listdir(d) + if flist: + assert flist == ['__pycache__'] + sd = os.path.join(d, flist[0]) + os.rmdir(sd) + os.rmdir(d) # should fail if non-empty + self._init_record() + +def resolve(module_name, dotted_path): + if module_name in sys.modules: + mod = sys.modules[module_name] + else: + mod = __import__(module_name) + if dotted_path is None: + result = mod + else: + parts = dotted_path.split('.') + result = getattr(mod, parts.pop(0)) + for p in parts: + result = getattr(result, p) + return result + + +class ExportEntry(object): + def __init__(self, name, prefix, suffix, flags): + self.name = name + self.prefix = prefix + self.suffix = suffix + self.flags = flags + + @cached_property + def value(self): + return resolve(self.prefix, self.suffix) + + def __repr__(self): # pragma: no cover + return '' % (self.name, self.prefix, + self.suffix, self.flags) + + def __eq__(self, other): + if not isinstance(other, ExportEntry): + result = False + else: + result = (self.name == other.name and + self.prefix == other.prefix and + self.suffix == other.suffix and + self.flags == other.flags) + return result + + __hash__ = object.__hash__ + + +ENTRY_RE = re.compile(r'''(?P(\w|[-.+])+) + \s*=\s*(?P(\w+)([:\.]\w+)*) + \s*(\[\s*(?P[\w-]+(=\w+)?(,\s*\w+(=\w+)?)*)\s*\])? + ''', re.VERBOSE) + +def get_export_entry(specification): + m = ENTRY_RE.search(specification) + if not m: + result = None + if '[' in specification or ']' in specification: + raise DistlibException("Invalid specification " + "'%s'" % specification) + else: + d = m.groupdict() + name = d['name'] + path = d['callable'] + colons = path.count(':') + if colons == 0: + prefix, suffix = path, None + else: + if colons != 1: + raise DistlibException("Invalid specification " + "'%s'" % specification) + prefix, suffix = path.split(':') + flags = d['flags'] + if flags is None: + if '[' in specification or ']' in specification: + raise DistlibException("Invalid specification " + "'%s'" % specification) + flags = [] + else: + flags = [f.strip() for f in flags.split(',')] + result = ExportEntry(name, prefix, suffix, flags) + return result + + +def get_cache_base(suffix=None): + """ + Return the default base location for distlib caches. If the directory does + not exist, it is created. Use the suffix provided for the base directory, + and default to '.distlib' if it isn't provided. + + On Windows, if LOCALAPPDATA is defined in the environment, then it is + assumed to be a directory, and will be the parent directory of the result. + On POSIX, and on Windows if LOCALAPPDATA is not defined, the user's home + directory - using os.expanduser('~') - will be the parent directory of + the result. + + The result is just the directory '.distlib' in the parent directory as + determined above, or with the name specified with ``suffix``. + """ + if suffix is None: + suffix = '.distlib' + if os.name == 'nt' and 'LOCALAPPDATA' in os.environ: + result = os.path.expandvars('$localappdata') + else: + # Assume posix, or old Windows + result = os.path.expanduser('~') + # we use 'isdir' instead of 'exists', because we want to + # fail if there's a file with that name + if os.path.isdir(result): + usable = os.access(result, os.W_OK) + if not usable: + logger.warning('Directory exists but is not writable: %s', result) + else: + try: + os.makedirs(result) + usable = True + except OSError: + logger.warning('Unable to create %s', result, exc_info=True) + usable = False + if not usable: + result = tempfile.mkdtemp() + logger.warning('Default location unusable, using %s', result) + return os.path.join(result, suffix) + + +def path_to_cache_dir(path): + """ + Convert an absolute path to a directory name for use in a cache. + + The algorithm used is: + + #. On Windows, any ``':'`` in the drive is replaced with ``'---'``. + #. Any occurrence of ``os.sep`` is replaced with ``'--'``. + #. ``'.cache'`` is appended. + """ + d, p = os.path.splitdrive(os.path.abspath(path)) + if d: + d = d.replace(':', '---') + p = p.replace(os.sep, '--') + return d + p + '.cache' + + +def ensure_slash(s): + if not s.endswith('/'): + return s + '/' + return s + + +def parse_credentials(netloc): + username = password = None + if '@' in netloc: + prefix, netloc = netloc.rsplit('@', 1) + if ':' not in prefix: + username = prefix + else: + username, password = prefix.split(':', 1) + if username: + username = unquote(username) + if password: + password = unquote(password) + return username, password, netloc + + +def get_process_umask(): + result = os.umask(0o22) + os.umask(result) + return result + +def is_string_sequence(seq): + result = True + i = None + for i, s in enumerate(seq): + if not isinstance(s, string_types): + result = False + break + assert i is not None + return result + +PROJECT_NAME_AND_VERSION = re.compile('([a-z0-9_]+([.-][a-z_][a-z0-9_]*)*)-' + '([a-z0-9_.+-]+)', re.I) +PYTHON_VERSION = re.compile(r'-py(\d\.?\d?)') + + +def split_filename(filename, project_name=None): + """ + Extract name, version, python version from a filename (no extension) + + Return name, version, pyver or None + """ + result = None + pyver = None + filename = unquote(filename).replace(' ', '-') + m = PYTHON_VERSION.search(filename) + if m: + pyver = m.group(1) + filename = filename[:m.start()] + if project_name and len(filename) > len(project_name) + 1: + m = re.match(re.escape(project_name) + r'\b', filename) + if m: + n = m.end() + result = filename[:n], filename[n + 1:], pyver + if result is None: + m = PROJECT_NAME_AND_VERSION.match(filename) + if m: + result = m.group(1), m.group(3), pyver + return result + +# Allow spaces in name because of legacy dists like "Twisted Core" +NAME_VERSION_RE = re.compile(r'(?P[\w .-]+)\s*' + r'\(\s*(?P[^\s)]+)\)$') + +def parse_name_and_version(p): + """ + A utility method used to get name and version from a string. + + From e.g. a Provides-Dist value. + + :param p: A value in a form 'foo (1.0)' + :return: The name and version as a tuple. + """ + m = NAME_VERSION_RE.match(p) + if not m: + raise DistlibException('Ill-formed name/version string: \'%s\'' % p) + d = m.groupdict() + return d['name'].strip().lower(), d['ver'] + +def get_extras(requested, available): + result = set() + requested = set(requested or []) + available = set(available or []) + if '*' in requested: + requested.remove('*') + result |= available + for r in requested: + if r == '-': + result.add(r) + elif r.startswith('-'): + unwanted = r[1:] + if unwanted not in available: + logger.warning('undeclared extra: %s' % unwanted) + if unwanted in result: + result.remove(unwanted) + else: + if r not in available: + logger.warning('undeclared extra: %s' % r) + result.add(r) + return result +# +# Extended metadata functionality +# + +def _get_external_data(url): + result = {} + try: + # urlopen might fail if it runs into redirections, + # because of Python issue #13696. Fixed in locators + # using a custom redirect handler. + resp = urlopen(url) + headers = resp.info() + ct = headers.get('Content-Type') + if not ct.startswith('application/json'): + logger.debug('Unexpected response for JSON request: %s', ct) + else: + reader = codecs.getreader('utf-8')(resp) + #data = reader.read().decode('utf-8') + #result = json.loads(data) + result = json.load(reader) + except Exception as e: + logger.exception('Failed to get external data for %s: %s', url, e) + return result + +_external_data_base_url = 'https://www.red-dove.com/pypi/projects/' + +def get_project_data(name): + url = '%s/%s/project.json' % (name[0].upper(), name) + url = urljoin(_external_data_base_url, url) + result = _get_external_data(url) + return result + +def get_package_data(name, version): + url = '%s/%s/package-%s.json' % (name[0].upper(), name, version) + url = urljoin(_external_data_base_url, url) + return _get_external_data(url) + + +class Cache(object): + """ + A class implementing a cache for resources that need to live in the file system + e.g. shared libraries. This class was moved from resources to here because it + could be used by other modules, e.g. the wheel module. + """ + + def __init__(self, base): + """ + Initialise an instance. + + :param base: The base directory where the cache should be located. + """ + # we use 'isdir' instead of 'exists', because we want to + # fail if there's a file with that name + if not os.path.isdir(base): # pragma: no cover + os.makedirs(base) + if (os.stat(base).st_mode & 0o77) != 0: + logger.warning('Directory \'%s\' is not private', base) + self.base = os.path.abspath(os.path.normpath(base)) + + def prefix_to_dir(self, prefix): + """ + Converts a resource prefix to a directory name in the cache. + """ + return path_to_cache_dir(prefix) + + def clear(self): + """ + Clear the cache. + """ + not_removed = [] + for fn in os.listdir(self.base): + fn = os.path.join(self.base, fn) + try: + if os.path.islink(fn) or os.path.isfile(fn): + os.remove(fn) + elif os.path.isdir(fn): + shutil.rmtree(fn) + except Exception: + not_removed.append(fn) + return not_removed + + +class EventMixin(object): + """ + A very simple publish/subscribe system. + """ + def __init__(self): + self._subscribers = {} + + def add(self, event, subscriber, append=True): + """ + Add a subscriber for an event. + + :param event: The name of an event. + :param subscriber: The subscriber to be added (and called when the + event is published). + :param append: Whether to append or prepend the subscriber to an + existing subscriber list for the event. + """ + subs = self._subscribers + if event not in subs: + subs[event] = deque([subscriber]) + else: + sq = subs[event] + if append: + sq.append(subscriber) + else: + sq.appendleft(subscriber) + + def remove(self, event, subscriber): + """ + Remove a subscriber for an event. + + :param event: The name of an event. + :param subscriber: The subscriber to be removed. + """ + subs = self._subscribers + if event not in subs: + raise ValueError('No subscribers: %r' % event) + subs[event].remove(subscriber) + + def get_subscribers(self, event): + """ + Return an iterator for the subscribers for an event. + :param event: The event to return subscribers for. + """ + return iter(self._subscribers.get(event, ())) + + def publish(self, event, *args, **kwargs): + """ + Publish a event and return a list of values returned by its + subscribers. + + :param event: The event to publish. + :param args: The positional arguments to pass to the event's + subscribers. + :param kwargs: The keyword arguments to pass to the event's + subscribers. + """ + result = [] + for subscriber in self.get_subscribers(event): + try: + value = subscriber(event, *args, **kwargs) + except Exception: + logger.exception('Exception during event publication') + value = None + result.append(value) + logger.debug('publish %s: args = %s, kwargs = %s, result = %s', + event, args, kwargs, result) + return result + +# +# Simple sequencing +# +class Sequencer(object): + def __init__(self): + self._preds = {} + self._succs = {} + self._nodes = set() # nodes with no preds/succs + + def add_node(self, node): + self._nodes.add(node) + + def remove_node(self, node, edges=False): + if node in self._nodes: + self._nodes.remove(node) + if edges: + for p in set(self._preds.get(node, ())): + self.remove(p, node) + for s in set(self._succs.get(node, ())): + self.remove(node, s) + # Remove empties + for k, v in list(self._preds.items()): + if not v: + del self._preds[k] + for k, v in list(self._succs.items()): + if not v: + del self._succs[k] + + def add(self, pred, succ): + assert pred != succ + self._preds.setdefault(succ, set()).add(pred) + self._succs.setdefault(pred, set()).add(succ) + + def remove(self, pred, succ): + assert pred != succ + try: + preds = self._preds[succ] + succs = self._succs[pred] + except KeyError: # pragma: no cover + raise ValueError('%r not a successor of anything' % succ) + try: + preds.remove(pred) + succs.remove(succ) + except KeyError: # pragma: no cover + raise ValueError('%r not a successor of %r' % (succ, pred)) + + def is_step(self, step): + return (step in self._preds or step in self._succs or + step in self._nodes) + + def get_steps(self, final): + if not self.is_step(final): + raise ValueError('Unknown: %r' % final) + result = [] + todo = [] + seen = set() + todo.append(final) + while todo: + step = todo.pop(0) + if step in seen: + # if a step was already seen, + # move it to the end (so it will appear earlier + # when reversed on return) ... but not for the + # final step, as that would be confusing for + # users + if step != final: + result.remove(step) + result.append(step) + else: + seen.add(step) + result.append(step) + preds = self._preds.get(step, ()) + todo.extend(preds) + return reversed(result) + + @property + def strong_connections(self): + #http://en.wikipedia.org/wiki/Tarjan%27s_strongly_connected_components_algorithm + index_counter = [0] + stack = [] + lowlinks = {} + index = {} + result = [] + + graph = self._succs + + def strongconnect(node): + # set the depth index for this node to the smallest unused index + index[node] = index_counter[0] + lowlinks[node] = index_counter[0] + index_counter[0] += 1 + stack.append(node) + + # Consider successors + try: + successors = graph[node] + except Exception: + successors = [] + for successor in successors: + if successor not in lowlinks: + # Successor has not yet been visited + strongconnect(successor) + lowlinks[node] = min(lowlinks[node],lowlinks[successor]) + elif successor in stack: + # the successor is in the stack and hence in the current + # strongly connected component (SCC) + lowlinks[node] = min(lowlinks[node],index[successor]) + + # If `node` is a root node, pop the stack and generate an SCC + if lowlinks[node] == index[node]: + connected_component = [] + + while True: + successor = stack.pop() + connected_component.append(successor) + if successor == node: break + component = tuple(connected_component) + # storing the result + result.append(component) + + for node in graph: + if node not in lowlinks: + strongconnect(node) + + return result + + @property + def dot(self): + result = ['digraph G {'] + for succ in self._preds: + preds = self._preds[succ] + for pred in preds: + result.append(' %s -> %s;' % (pred, succ)) + for node in self._nodes: + result.append(' %s;' % node) + result.append('}') + return '\n'.join(result) + +# +# Unarchiving functionality for zip, tar, tgz, tbz, whl +# + +ARCHIVE_EXTENSIONS = ('.tar.gz', '.tar.bz2', '.tar', '.zip', + '.tgz', '.tbz', '.whl') + +def unarchive(archive_filename, dest_dir, format=None, check=True): + + def check_path(path): + if not isinstance(path, text_type): + path = path.decode('utf-8') + p = os.path.abspath(os.path.join(dest_dir, path)) + if not p.startswith(dest_dir) or p[plen] != os.sep: + raise ValueError('path outside destination: %r' % p) + + dest_dir = os.path.abspath(dest_dir) + plen = len(dest_dir) + archive = None + if format is None: + if archive_filename.endswith(('.zip', '.whl')): + format = 'zip' + elif archive_filename.endswith(('.tar.gz', '.tgz')): + format = 'tgz' + mode = 'r:gz' + elif archive_filename.endswith(('.tar.bz2', '.tbz')): + format = 'tbz' + mode = 'r:bz2' + elif archive_filename.endswith('.tar'): + format = 'tar' + mode = 'r' + else: # pragma: no cover + raise ValueError('Unknown format for %r' % archive_filename) + try: + if format == 'zip': + archive = ZipFile(archive_filename, 'r') + if check: + names = archive.namelist() + for name in names: + check_path(name) + else: + archive = tarfile.open(archive_filename, mode) + if check: + names = archive.getnames() + for name in names: + check_path(name) + if format != 'zip' and sys.version_info[0] < 3: + # See Python issue 17153. If the dest path contains Unicode, + # tarfile extraction fails on Python 2.x if a member path name + # contains non-ASCII characters - it leads to an implicit + # bytes -> unicode conversion using ASCII to decode. + for tarinfo in archive.getmembers(): + if not isinstance(tarinfo.name, text_type): + tarinfo.name = tarinfo.name.decode('utf-8') + archive.extractall(dest_dir) + + finally: + if archive: + archive.close() + + +def zip_dir(directory): + """zip a directory tree into a BytesIO object""" + result = io.BytesIO() + dlen = len(directory) + with ZipFile(result, "w") as zf: + for root, dirs, files in os.walk(directory): + for name in files: + full = os.path.join(root, name) + rel = root[dlen:] + dest = os.path.join(rel, name) + zf.write(full, dest) + return result + +# +# Simple progress bar +# + +UNITS = ('', 'K', 'M', 'G','T','P') + + +class Progress(object): + unknown = 'UNKNOWN' + + def __init__(self, minval=0, maxval=100): + assert maxval is None or maxval >= minval + self.min = self.cur = minval + self.max = maxval + self.started = None + self.elapsed = 0 + self.done = False + + def update(self, curval): + assert self.min <= curval + assert self.max is None or curval <= self.max + self.cur = curval + now = time.time() + if self.started is None: + self.started = now + else: + self.elapsed = now - self.started + + def increment(self, incr): + assert incr >= 0 + self.update(self.cur + incr) + + def start(self): + self.update(self.min) + return self + + def stop(self): + if self.max is not None: + self.update(self.max) + self.done = True + + @property + def maximum(self): + return self.unknown if self.max is None else self.max + + @property + def percentage(self): + if self.done: + result = '100 %' + elif self.max is None: + result = ' ?? %' + else: + v = 100.0 * (self.cur - self.min) / (self.max - self.min) + result = '%3d %%' % v + return result + + def format_duration(self, duration): + if (duration <= 0) and self.max is None or self.cur == self.min: + result = '??:??:??' + #elif duration < 1: + # result = '--:--:--' + else: + result = time.strftime('%H:%M:%S', time.gmtime(duration)) + return result + + @property + def ETA(self): + if self.done: + prefix = 'Done' + t = self.elapsed + #import pdb; pdb.set_trace() + else: + prefix = 'ETA ' + if self.max is None: + t = -1 + elif self.elapsed == 0 or (self.cur == self.min): + t = 0 + else: + #import pdb; pdb.set_trace() + t = float(self.max - self.min) + t /= self.cur - self.min + t = (t - 1) * self.elapsed + return '%s: %s' % (prefix, self.format_duration(t)) + + @property + def speed(self): + if self.elapsed == 0: + result = 0.0 + else: + result = (self.cur - self.min) / self.elapsed + for unit in UNITS: + if result < 1000: + break + result /= 1000.0 + return '%d %sB/s' % (result, unit) + +# +# Glob functionality +# + +RICH_GLOB = re.compile(r'\{([^}]*)\}') +_CHECK_RECURSIVE_GLOB = re.compile(r'[^/\\,{]\*\*|\*\*[^/\\,}]') +_CHECK_MISMATCH_SET = re.compile(r'^[^{]*\}|\{[^}]*$') + + +def iglob(path_glob): + """Extended globbing function that supports ** and {opt1,opt2,opt3}.""" + if _CHECK_RECURSIVE_GLOB.search(path_glob): + msg = """invalid glob %r: recursive glob "**" must be used alone""" + raise ValueError(msg % path_glob) + if _CHECK_MISMATCH_SET.search(path_glob): + msg = """invalid glob %r: mismatching set marker '{' or '}'""" + raise ValueError(msg % path_glob) + return _iglob(path_glob) + + +def _iglob(path_glob): + rich_path_glob = RICH_GLOB.split(path_glob, 1) + if len(rich_path_glob) > 1: + assert len(rich_path_glob) == 3, rich_path_glob + prefix, set, suffix = rich_path_glob + for item in set.split(','): + for path in _iglob(''.join((prefix, item, suffix))): + yield path + else: + if '**' not in path_glob: + for item in std_iglob(path_glob): + yield item + else: + prefix, radical = path_glob.split('**', 1) + if prefix == '': + prefix = '.' + if radical == '': + radical = '*' + else: + # we support both + radical = radical.lstrip('/') + radical = radical.lstrip('\\') + for path, dir, files in os.walk(prefix): + path = os.path.normpath(path) + for fn in _iglob(os.path.join(path, radical)): + yield fn + +if ssl: + from .compat import (HTTPSHandler as BaseHTTPSHandler, match_hostname, + CertificateError) + + +# +# HTTPSConnection which verifies certificates/matches domains +# + + class HTTPSConnection(httplib.HTTPSConnection): + ca_certs = None # set this to the path to the certs file (.pem) + check_domain = True # only used if ca_certs is not None + + # noinspection PyPropertyAccess + def connect(self): + sock = socket.create_connection((self.host, self.port), self.timeout) + if getattr(self, '_tunnel_host', False): + self.sock = sock + self._tunnel() + + if not hasattr(ssl, 'SSLContext'): + # For 2.x + if self.ca_certs: + cert_reqs = ssl.CERT_REQUIRED + else: + cert_reqs = ssl.CERT_NONE + self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file, + cert_reqs=cert_reqs, + ssl_version=ssl.PROTOCOL_SSLv23, + ca_certs=self.ca_certs) + else: # pragma: no cover + context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) + if hasattr(ssl, 'OP_NO_SSLv2'): + context.options |= ssl.OP_NO_SSLv2 + if self.cert_file: + context.load_cert_chain(self.cert_file, self.key_file) + kwargs = {} + if self.ca_certs: + context.verify_mode = ssl.CERT_REQUIRED + context.load_verify_locations(cafile=self.ca_certs) + if getattr(ssl, 'HAS_SNI', False): + kwargs['server_hostname'] = self.host + self.sock = context.wrap_socket(sock, **kwargs) + if self.ca_certs and self.check_domain: + try: + match_hostname(self.sock.getpeercert(), self.host) + logger.debug('Host verified: %s', self.host) + except CertificateError: # pragma: no cover + self.sock.shutdown(socket.SHUT_RDWR) + self.sock.close() + raise + + class HTTPSHandler(BaseHTTPSHandler): + def __init__(self, ca_certs, check_domain=True): + BaseHTTPSHandler.__init__(self) + self.ca_certs = ca_certs + self.check_domain = check_domain + + def _conn_maker(self, *args, **kwargs): + """ + This is called to create a connection instance. Normally you'd + pass a connection class to do_open, but it doesn't actually check for + a class, and just expects a callable. As long as we behave just as a + constructor would have, we should be OK. If it ever changes so that + we *must* pass a class, we'll create an UnsafeHTTPSConnection class + which just sets check_domain to False in the class definition, and + choose which one to pass to do_open. + """ + result = HTTPSConnection(*args, **kwargs) + if self.ca_certs: + result.ca_certs = self.ca_certs + result.check_domain = self.check_domain + return result + + def https_open(self, req): + try: + return self.do_open(self._conn_maker, req) + except URLError as e: + if 'certificate verify failed' in str(e.reason): + raise CertificateError('Unable to verify server certificate ' + 'for %s' % req.host) + else: + raise + + # + # To prevent against mixing HTTP traffic with HTTPS (examples: A Man-In-The- + # Middle proxy using HTTP listens on port 443, or an index mistakenly serves + # HTML containing a http://xyz link when it should be https://xyz), + # you can use the following handler class, which does not allow HTTP traffic. + # + # It works by inheriting from HTTPHandler - so build_opener won't add a + # handler for HTTP itself. + # + class HTTPSOnlyHandler(HTTPSHandler, HTTPHandler): + def http_open(self, req): + raise URLError('Unexpected HTTP request on what should be a secure ' + 'connection: %s' % req) + +# +# XML-RPC with timeouts +# + +_ver_info = sys.version_info[:2] + +if _ver_info == (2, 6): + class HTTP(httplib.HTTP): + def __init__(self, host='', port=None, **kwargs): + if port == 0: # 0 means use port 0, not the default port + port = None + self._setup(self._connection_class(host, port, **kwargs)) + + + if ssl: + class HTTPS(httplib.HTTPS): + def __init__(self, host='', port=None, **kwargs): + if port == 0: # 0 means use port 0, not the default port + port = None + self._setup(self._connection_class(host, port, **kwargs)) + + +class Transport(xmlrpclib.Transport): + def __init__(self, timeout, use_datetime=0): + self.timeout = timeout + xmlrpclib.Transport.__init__(self, use_datetime) + + def make_connection(self, host): + h, eh, x509 = self.get_host_info(host) + if _ver_info == (2, 6): + result = HTTP(h, timeout=self.timeout) + else: + if not self._connection or host != self._connection[0]: + self._extra_headers = eh + self._connection = host, httplib.HTTPConnection(h) + result = self._connection[1] + return result + +if ssl: + class SafeTransport(xmlrpclib.SafeTransport): + def __init__(self, timeout, use_datetime=0): + self.timeout = timeout + xmlrpclib.SafeTransport.__init__(self, use_datetime) + + def make_connection(self, host): + h, eh, kwargs = self.get_host_info(host) + if not kwargs: + kwargs = {} + kwargs['timeout'] = self.timeout + if _ver_info == (2, 6): + result = HTTPS(host, None, **kwargs) + else: + if not self._connection or host != self._connection[0]: + self._extra_headers = eh + self._connection = host, httplib.HTTPSConnection(h, None, + **kwargs) + result = self._connection[1] + return result + + +class ServerProxy(xmlrpclib.ServerProxy): + def __init__(self, uri, **kwargs): + self.timeout = timeout = kwargs.pop('timeout', None) + # The above classes only come into play if a timeout + # is specified + if timeout is not None: + # scheme = splittype(uri) # deprecated as of Python 3.8 + scheme = urlparse(uri)[0] + use_datetime = kwargs.get('use_datetime', 0) + if scheme == 'https': + tcls = SafeTransport + else: + tcls = Transport + kwargs['transport'] = t = tcls(timeout, use_datetime=use_datetime) + self.transport = t + xmlrpclib.ServerProxy.__init__(self, uri, **kwargs) + +# +# CSV functionality. This is provided because on 2.x, the csv module can't +# handle Unicode. However, we need to deal with Unicode in e.g. RECORD files. +# + +def _csv_open(fn, mode, **kwargs): + if sys.version_info[0] < 3: + mode += 'b' + else: + kwargs['newline'] = '' + # Python 3 determines encoding from locale. Force 'utf-8' + # file encoding to match other forced utf-8 encoding + kwargs['encoding'] = 'utf-8' + return open(fn, mode, **kwargs) + + +class CSVBase(object): + defaults = { + 'delimiter': str(','), # The strs are used because we need native + 'quotechar': str('"'), # str in the csv API (2.x won't take + 'lineterminator': str('\n') # Unicode) + } + + def __enter__(self): + return self + + def __exit__(self, *exc_info): + self.stream.close() + + +class CSVReader(CSVBase): + def __init__(self, **kwargs): + if 'stream' in kwargs: + stream = kwargs['stream'] + if sys.version_info[0] >= 3: + # needs to be a text stream + stream = codecs.getreader('utf-8')(stream) + self.stream = stream + else: + self.stream = _csv_open(kwargs['path'], 'r') + self.reader = csv.reader(self.stream, **self.defaults) + + def __iter__(self): + return self + + def next(self): + result = next(self.reader) + if sys.version_info[0] < 3: + for i, item in enumerate(result): + if not isinstance(item, text_type): + result[i] = item.decode('utf-8') + return result + + __next__ = next + +class CSVWriter(CSVBase): + def __init__(self, fn, **kwargs): + self.stream = _csv_open(fn, 'w') + self.writer = csv.writer(self.stream, **self.defaults) + + def writerow(self, row): + if sys.version_info[0] < 3: + r = [] + for item in row: + if isinstance(item, text_type): + item = item.encode('utf-8') + r.append(item) + row = r + self.writer.writerow(row) + +# +# Configurator functionality +# + +class Configurator(BaseConfigurator): + + value_converters = dict(BaseConfigurator.value_converters) + value_converters['inc'] = 'inc_convert' + + def __init__(self, config, base=None): + super(Configurator, self).__init__(config) + self.base = base or os.getcwd() + + def configure_custom(self, config): + def convert(o): + if isinstance(o, (list, tuple)): + result = type(o)([convert(i) for i in o]) + elif isinstance(o, dict): + if '()' in o: + result = self.configure_custom(o) + else: + result = {} + for k in o: + result[k] = convert(o[k]) + else: + result = self.convert(o) + return result + + c = config.pop('()') + if not callable(c): + c = self.resolve(c) + props = config.pop('.', None) + # Check for valid identifiers + args = config.pop('[]', ()) + if args: + args = tuple([convert(o) for o in args]) + items = [(k, convert(config[k])) for k in config if valid_ident(k)] + kwargs = dict(items) + result = c(*args, **kwargs) + if props: + for n, v in props.items(): + setattr(result, n, convert(v)) + return result + + def __getitem__(self, key): + result = self.config[key] + if isinstance(result, dict) and '()' in result: + self.config[key] = result = self.configure_custom(result) + return result + + def inc_convert(self, value): + """Default converter for the inc:// protocol.""" + if not os.path.isabs(value): + value = os.path.join(self.base, value) + with codecs.open(value, 'r', encoding='utf-8') as f: + result = json.load(f) + return result + + +class SubprocessMixin(object): + """ + Mixin for running subprocesses and capturing their output + """ + def __init__(self, verbose=False, progress=None): + self.verbose = verbose + self.progress = progress + + def reader(self, stream, context): + """ + Read lines from a subprocess' output stream and either pass to a progress + callable (if specified) or write progress information to sys.stderr. + """ + progress = self.progress + verbose = self.verbose + while True: + s = stream.readline() + if not s: + break + if progress is not None: + progress(s, context) + else: + if not verbose: + sys.stderr.write('.') + else: + sys.stderr.write(s.decode('utf-8')) + sys.stderr.flush() + stream.close() + + def run_command(self, cmd, **kwargs): + p = subprocess.Popen(cmd, stdout=subprocess.PIPE, + stderr=subprocess.PIPE, **kwargs) + t1 = threading.Thread(target=self.reader, args=(p.stdout, 'stdout')) + t1.start() + t2 = threading.Thread(target=self.reader, args=(p.stderr, 'stderr')) + t2.start() + p.wait() + t1.join() + t2.join() + if self.progress is not None: + self.progress('done.', 'main') + elif self.verbose: + sys.stderr.write('done.\n') + return p + + +def normalize_name(name): + """Normalize a python package name a la PEP 503""" + # https://www.python.org/dev/peps/pep-0503/#normalized-names + return re.sub('[-_.]+', '-', name).lower() + +# def _get_pypirc_command(): + # """ + # Get the distutils command for interacting with PyPI configurations. + # :return: the command. + # """ + # from distutils.core import Distribution + # from distutils.config import PyPIRCCommand + # d = Distribution() + # return PyPIRCCommand(d) + +class PyPIRCFile(object): + + DEFAULT_REPOSITORY = 'https://upload.pypi.org/legacy/' + DEFAULT_REALM = 'pypi' + + def __init__(self, fn=None, url=None): + if fn is None: + fn = os.path.join(os.path.expanduser('~'), '.pypirc') + self.filename = fn + self.url = url + + def read(self): + result = {} + + if os.path.exists(self.filename): + repository = self.url or self.DEFAULT_REPOSITORY + + config = configparser.RawConfigParser() + config.read(self.filename) + sections = config.sections() + if 'distutils' in sections: + # let's get the list of servers + index_servers = config.get('distutils', 'index-servers') + _servers = [server.strip() for server in + index_servers.split('\n') + if server.strip() != ''] + if _servers == []: + # nothing set, let's try to get the default pypi + if 'pypi' in sections: + _servers = ['pypi'] + else: + for server in _servers: + result = {'server': server} + result['username'] = config.get(server, 'username') + + # optional params + for key, default in (('repository', self.DEFAULT_REPOSITORY), + ('realm', self.DEFAULT_REALM), + ('password', None)): + if config.has_option(server, key): + result[key] = config.get(server, key) + else: + result[key] = default + + # work around people having "repository" for the "pypi" + # section of their config set to the HTTP (rather than + # HTTPS) URL + if (server == 'pypi' and + repository in (self.DEFAULT_REPOSITORY, 'pypi')): + result['repository'] = self.DEFAULT_REPOSITORY + elif (result['server'] != repository and + result['repository'] != repository): + result = {} + elif 'server-login' in sections: + # old format + server = 'server-login' + if config.has_option(server, 'repository'): + repository = config.get(server, 'repository') + else: + repository = self.DEFAULT_REPOSITORY + result = { + 'username': config.get(server, 'username'), + 'password': config.get(server, 'password'), + 'repository': repository, + 'server': server, + 'realm': self.DEFAULT_REALM + } + return result + + def update(self, username, password): + # import pdb; pdb.set_trace() + config = configparser.RawConfigParser() + fn = self.filename + config.read(fn) + if not config.has_section('pypi'): + config.add_section('pypi') + config.set('pypi', 'username', username) + config.set('pypi', 'password', password) + with open(fn, 'w') as f: + config.write(f) + +def _load_pypirc(index): + """ + Read the PyPI access configuration as supported by distutils. + """ + return PyPIRCFile(url=index.url).read() + +def _store_pypirc(index): + PyPIRCFile().update(index.username, index.password) + +# +# get_platform()/get_host_platform() copied from Python 3.10.a0 source, with some minor +# tweaks +# + +def get_host_platform(): + """Return a string that identifies the current platform. This is used mainly to + distinguish platform-specific build directories and platform-specific built + distributions. Typically includes the OS name and version and the + architecture (as supplied by 'os.uname()'), although the exact information + included depends on the OS; eg. on Linux, the kernel version isn't + particularly important. + + Examples of returned values: + linux-i586 + linux-alpha (?) + solaris-2.6-sun4u + + Windows will return one of: + win-amd64 (64bit Windows on AMD64 (aka x86_64, Intel64, EM64T, etc) + win32 (all others - specifically, sys.platform is returned) + + For other non-POSIX platforms, currently just returns 'sys.platform'. + + """ + if os.name == 'nt': + if 'amd64' in sys.version.lower(): + return 'win-amd64' + if '(arm)' in sys.version.lower(): + return 'win-arm32' + if '(arm64)' in sys.version.lower(): + return 'win-arm64' + return sys.platform + + # Set for cross builds explicitly + if "_PYTHON_HOST_PLATFORM" in os.environ: + return os.environ["_PYTHON_HOST_PLATFORM"] + + if os.name != 'posix' or not hasattr(os, 'uname'): + # XXX what about the architecture? NT is Intel or Alpha, + # Mac OS is M68k or PPC, etc. + return sys.platform + + # Try to distinguish various flavours of Unix + + (osname, host, release, version, machine) = os.uname() + + # Convert the OS name to lowercase, remove '/' characters, and translate + # spaces (for "Power Macintosh") + osname = osname.lower().replace('/', '') + machine = machine.replace(' ', '_').replace('/', '-') + + if osname[:5] == 'linux': + # At least on Linux/Intel, 'machine' is the processor -- + # i386, etc. + # XXX what about Alpha, SPARC, etc? + return "%s-%s" % (osname, machine) + + elif osname[:5] == 'sunos': + if release[0] >= '5': # SunOS 5 == Solaris 2 + osname = 'solaris' + release = '%d.%s' % (int(release[0]) - 3, release[2:]) + # We can't use 'platform.architecture()[0]' because a + # bootstrap problem. We use a dict to get an error + # if some suspicious happens. + bitness = {2147483647:'32bit', 9223372036854775807:'64bit'} + machine += '.%s' % bitness[sys.maxsize] + # fall through to standard osname-release-machine representation + elif osname[:3] == 'aix': + from _aix_support import aix_platform + return aix_platform() + elif osname[:6] == 'cygwin': + osname = 'cygwin' + rel_re = re.compile (r'[\d.]+', re.ASCII) + m = rel_re.match(release) + if m: + release = m.group() + elif osname[:6] == 'darwin': + import _osx_support, distutils.sysconfig + osname, release, machine = _osx_support.get_platform_osx( + distutils.sysconfig.get_config_vars(), + osname, release, machine) + + return '%s-%s-%s' % (osname, release, machine) + + +_TARGET_TO_PLAT = { + 'x86' : 'win32', + 'x64' : 'win-amd64', + 'arm' : 'win-arm32', +} + + +def get_platform(): + if os.name != 'nt': + return get_host_platform() + cross_compilation_target = os.environ.get('VSCMD_ARG_TGT_ARCH') + if cross_compilation_target not in _TARGET_TO_PLAT: + return get_host_platform() + return _TARGET_TO_PLAT[cross_compilation_target] diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/version.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/version.py new file mode 100644 index 000000000..86c069a7c --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/version.py @@ -0,0 +1,739 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2012-2017 The Python Software Foundation. +# See LICENSE.txt and CONTRIBUTORS.txt. +# +""" +Implementation of a flexible versioning scheme providing support for PEP-440, +setuptools-compatible and semantic versioning. +""" + +import logging +import re + +from .compat import string_types +from .util import parse_requirement + +__all__ = ['NormalizedVersion', 'NormalizedMatcher', + 'LegacyVersion', 'LegacyMatcher', + 'SemanticVersion', 'SemanticMatcher', + 'UnsupportedVersionError', 'get_scheme'] + +logger = logging.getLogger(__name__) + + +class UnsupportedVersionError(ValueError): + """This is an unsupported version.""" + pass + + +class Version(object): + def __init__(self, s): + self._string = s = s.strip() + self._parts = parts = self.parse(s) + assert isinstance(parts, tuple) + assert len(parts) > 0 + + def parse(self, s): + raise NotImplementedError('please implement in a subclass') + + def _check_compatible(self, other): + if type(self) != type(other): + raise TypeError('cannot compare %r and %r' % (self, other)) + + def __eq__(self, other): + self._check_compatible(other) + return self._parts == other._parts + + def __ne__(self, other): + return not self.__eq__(other) + + def __lt__(self, other): + self._check_compatible(other) + return self._parts < other._parts + + def __gt__(self, other): + return not (self.__lt__(other) or self.__eq__(other)) + + def __le__(self, other): + return self.__lt__(other) or self.__eq__(other) + + def __ge__(self, other): + return self.__gt__(other) or self.__eq__(other) + + # See http://docs.python.org/reference/datamodel#object.__hash__ + def __hash__(self): + return hash(self._parts) + + def __repr__(self): + return "%s('%s')" % (self.__class__.__name__, self._string) + + def __str__(self): + return self._string + + @property + def is_prerelease(self): + raise NotImplementedError('Please implement in subclasses.') + + +class Matcher(object): + version_class = None + + # value is either a callable or the name of a method + _operators = { + '<': lambda v, c, p: v < c, + '>': lambda v, c, p: v > c, + '<=': lambda v, c, p: v == c or v < c, + '>=': lambda v, c, p: v == c or v > c, + '==': lambda v, c, p: v == c, + '===': lambda v, c, p: v == c, + # by default, compatible => >=. + '~=': lambda v, c, p: v == c or v > c, + '!=': lambda v, c, p: v != c, + } + + # this is a method only to support alternative implementations + # via overriding + def parse_requirement(self, s): + return parse_requirement(s) + + def __init__(self, s): + if self.version_class is None: + raise ValueError('Please specify a version class') + self._string = s = s.strip() + r = self.parse_requirement(s) + if not r: + raise ValueError('Not valid: %r' % s) + self.name = r.name + self.key = self.name.lower() # for case-insensitive comparisons + clist = [] + if r.constraints: + # import pdb; pdb.set_trace() + for op, s in r.constraints: + if s.endswith('.*'): + if op not in ('==', '!='): + raise ValueError('\'.*\' not allowed for ' + '%r constraints' % op) + # Could be a partial version (e.g. for '2.*') which + # won't parse as a version, so keep it as a string + vn, prefix = s[:-2], True + # Just to check that vn is a valid version + self.version_class(vn) + else: + # Should parse as a version, so we can create an + # instance for the comparison + vn, prefix = self.version_class(s), False + clist.append((op, vn, prefix)) + self._parts = tuple(clist) + + def match(self, version): + """ + Check if the provided version matches the constraints. + + :param version: The version to match against this instance. + :type version: String or :class:`Version` instance. + """ + if isinstance(version, string_types): + version = self.version_class(version) + for operator, constraint, prefix in self._parts: + f = self._operators.get(operator) + if isinstance(f, string_types): + f = getattr(self, f) + if not f: + msg = ('%r not implemented ' + 'for %s' % (operator, self.__class__.__name__)) + raise NotImplementedError(msg) + if not f(version, constraint, prefix): + return False + return True + + @property + def exact_version(self): + result = None + if len(self._parts) == 1 and self._parts[0][0] in ('==', '==='): + result = self._parts[0][1] + return result + + def _check_compatible(self, other): + if type(self) != type(other) or self.name != other.name: + raise TypeError('cannot compare %s and %s' % (self, other)) + + def __eq__(self, other): + self._check_compatible(other) + return self.key == other.key and self._parts == other._parts + + def __ne__(self, other): + return not self.__eq__(other) + + # See http://docs.python.org/reference/datamodel#object.__hash__ + def __hash__(self): + return hash(self.key) + hash(self._parts) + + def __repr__(self): + return "%s(%r)" % (self.__class__.__name__, self._string) + + def __str__(self): + return self._string + + +PEP440_VERSION_RE = re.compile(r'^v?(\d+!)?(\d+(\.\d+)*)((a|b|c|rc)(\d+))?' + r'(\.(post)(\d+))?(\.(dev)(\d+))?' + r'(\+([a-zA-Z\d]+(\.[a-zA-Z\d]+)?))?$') + + +def _pep_440_key(s): + s = s.strip() + m = PEP440_VERSION_RE.match(s) + if not m: + raise UnsupportedVersionError('Not a valid version: %s' % s) + groups = m.groups() + nums = tuple(int(v) for v in groups[1].split('.')) + while len(nums) > 1 and nums[-1] == 0: + nums = nums[:-1] + + if not groups[0]: + epoch = 0 + else: + epoch = int(groups[0]) + pre = groups[4:6] + post = groups[7:9] + dev = groups[10:12] + local = groups[13] + if pre == (None, None): + pre = () + else: + pre = pre[0], int(pre[1]) + if post == (None, None): + post = () + else: + post = post[0], int(post[1]) + if dev == (None, None): + dev = () + else: + dev = dev[0], int(dev[1]) + if local is None: + local = () + else: + parts = [] + for part in local.split('.'): + # to ensure that numeric compares as > lexicographic, avoid + # comparing them directly, but encode a tuple which ensures + # correct sorting + if part.isdigit(): + part = (1, int(part)) + else: + part = (0, part) + parts.append(part) + local = tuple(parts) + if not pre: + # either before pre-release, or final release and after + if not post and dev: + # before pre-release + pre = ('a', -1) # to sort before a0 + else: + pre = ('z',) # to sort after all pre-releases + # now look at the state of post and dev. + if not post: + post = ('_',) # sort before 'a' + if not dev: + dev = ('final',) + + #print('%s -> %s' % (s, m.groups())) + return epoch, nums, pre, post, dev, local + + +_normalized_key = _pep_440_key + + +class NormalizedVersion(Version): + """A rational version. + + Good: + 1.2 # equivalent to "1.2.0" + 1.2.0 + 1.2a1 + 1.2.3a2 + 1.2.3b1 + 1.2.3c1 + 1.2.3.4 + TODO: fill this out + + Bad: + 1 # minimum two numbers + 1.2a # release level must have a release serial + 1.2.3b + """ + def parse(self, s): + result = _normalized_key(s) + # _normalized_key loses trailing zeroes in the release + # clause, since that's needed to ensure that X.Y == X.Y.0 == X.Y.0.0 + # However, PEP 440 prefix matching needs it: for example, + # (~= 1.4.5.0) matches differently to (~= 1.4.5.0.0). + m = PEP440_VERSION_RE.match(s) # must succeed + groups = m.groups() + self._release_clause = tuple(int(v) for v in groups[1].split('.')) + return result + + PREREL_TAGS = set(['a', 'b', 'c', 'rc', 'dev']) + + @property + def is_prerelease(self): + return any(t[0] in self.PREREL_TAGS for t in self._parts if t) + + +def _match_prefix(x, y): + x = str(x) + y = str(y) + if x == y: + return True + if not x.startswith(y): + return False + n = len(y) + return x[n] == '.' + + +class NormalizedMatcher(Matcher): + version_class = NormalizedVersion + + # value is either a callable or the name of a method + _operators = { + '~=': '_match_compatible', + '<': '_match_lt', + '>': '_match_gt', + '<=': '_match_le', + '>=': '_match_ge', + '==': '_match_eq', + '===': '_match_arbitrary', + '!=': '_match_ne', + } + + def _adjust_local(self, version, constraint, prefix): + if prefix: + strip_local = '+' not in constraint and version._parts[-1] + else: + # both constraint and version are + # NormalizedVersion instances. + # If constraint does not have a local component, + # ensure the version doesn't, either. + strip_local = not constraint._parts[-1] and version._parts[-1] + if strip_local: + s = version._string.split('+', 1)[0] + version = self.version_class(s) + return version, constraint + + def _match_lt(self, version, constraint, prefix): + version, constraint = self._adjust_local(version, constraint, prefix) + if version >= constraint: + return False + release_clause = constraint._release_clause + pfx = '.'.join([str(i) for i in release_clause]) + return not _match_prefix(version, pfx) + + def _match_gt(self, version, constraint, prefix): + version, constraint = self._adjust_local(version, constraint, prefix) + if version <= constraint: + return False + release_clause = constraint._release_clause + pfx = '.'.join([str(i) for i in release_clause]) + return not _match_prefix(version, pfx) + + def _match_le(self, version, constraint, prefix): + version, constraint = self._adjust_local(version, constraint, prefix) + return version <= constraint + + def _match_ge(self, version, constraint, prefix): + version, constraint = self._adjust_local(version, constraint, prefix) + return version >= constraint + + def _match_eq(self, version, constraint, prefix): + version, constraint = self._adjust_local(version, constraint, prefix) + if not prefix: + result = (version == constraint) + else: + result = _match_prefix(version, constraint) + return result + + def _match_arbitrary(self, version, constraint, prefix): + return str(version) == str(constraint) + + def _match_ne(self, version, constraint, prefix): + version, constraint = self._adjust_local(version, constraint, prefix) + if not prefix: + result = (version != constraint) + else: + result = not _match_prefix(version, constraint) + return result + + def _match_compatible(self, version, constraint, prefix): + version, constraint = self._adjust_local(version, constraint, prefix) + if version == constraint: + return True + if version < constraint: + return False +# if not prefix: +# return True + release_clause = constraint._release_clause + if len(release_clause) > 1: + release_clause = release_clause[:-1] + pfx = '.'.join([str(i) for i in release_clause]) + return _match_prefix(version, pfx) + +_REPLACEMENTS = ( + (re.compile('[.+-]$'), ''), # remove trailing puncts + (re.compile(r'^[.](\d)'), r'0.\1'), # .N -> 0.N at start + (re.compile('^[.-]'), ''), # remove leading puncts + (re.compile(r'^\((.*)\)$'), r'\1'), # remove parentheses + (re.compile(r'^v(ersion)?\s*(\d+)'), r'\2'), # remove leading v(ersion) + (re.compile(r'^r(ev)?\s*(\d+)'), r'\2'), # remove leading v(ersion) + (re.compile('[.]{2,}'), '.'), # multiple runs of '.' + (re.compile(r'\b(alfa|apha)\b'), 'alpha'), # misspelt alpha + (re.compile(r'\b(pre-alpha|prealpha)\b'), + 'pre.alpha'), # standardise + (re.compile(r'\(beta\)$'), 'beta'), # remove parentheses +) + +_SUFFIX_REPLACEMENTS = ( + (re.compile('^[:~._+-]+'), ''), # remove leading puncts + (re.compile('[,*")([\\]]'), ''), # remove unwanted chars + (re.compile('[~:+_ -]'), '.'), # replace illegal chars + (re.compile('[.]{2,}'), '.'), # multiple runs of '.' + (re.compile(r'\.$'), ''), # trailing '.' +) + +_NUMERIC_PREFIX = re.compile(r'(\d+(\.\d+)*)') + + +def _suggest_semantic_version(s): + """ + Try to suggest a semantic form for a version for which + _suggest_normalized_version couldn't come up with anything. + """ + result = s.strip().lower() + for pat, repl in _REPLACEMENTS: + result = pat.sub(repl, result) + if not result: + result = '0.0.0' + + # Now look for numeric prefix, and separate it out from + # the rest. + #import pdb; pdb.set_trace() + m = _NUMERIC_PREFIX.match(result) + if not m: + prefix = '0.0.0' + suffix = result + else: + prefix = m.groups()[0].split('.') + prefix = [int(i) for i in prefix] + while len(prefix) < 3: + prefix.append(0) + if len(prefix) == 3: + suffix = result[m.end():] + else: + suffix = '.'.join([str(i) for i in prefix[3:]]) + result[m.end():] + prefix = prefix[:3] + prefix = '.'.join([str(i) for i in prefix]) + suffix = suffix.strip() + if suffix: + #import pdb; pdb.set_trace() + # massage the suffix. + for pat, repl in _SUFFIX_REPLACEMENTS: + suffix = pat.sub(repl, suffix) + + if not suffix: + result = prefix + else: + sep = '-' if 'dev' in suffix else '+' + result = prefix + sep + suffix + if not is_semver(result): + result = None + return result + + +def _suggest_normalized_version(s): + """Suggest a normalized version close to the given version string. + + If you have a version string that isn't rational (i.e. NormalizedVersion + doesn't like it) then you might be able to get an equivalent (or close) + rational version from this function. + + This does a number of simple normalizations to the given string, based + on observation of versions currently in use on PyPI. Given a dump of + those version during PyCon 2009, 4287 of them: + - 2312 (53.93%) match NormalizedVersion without change + with the automatic suggestion + - 3474 (81.04%) match when using this suggestion method + + @param s {str} An irrational version string. + @returns A rational version string, or None, if couldn't determine one. + """ + try: + _normalized_key(s) + return s # already rational + except UnsupportedVersionError: + pass + + rs = s.lower() + + # part of this could use maketrans + for orig, repl in (('-alpha', 'a'), ('-beta', 'b'), ('alpha', 'a'), + ('beta', 'b'), ('rc', 'c'), ('-final', ''), + ('-pre', 'c'), + ('-release', ''), ('.release', ''), ('-stable', ''), + ('+', '.'), ('_', '.'), (' ', ''), ('.final', ''), + ('final', '')): + rs = rs.replace(orig, repl) + + # if something ends with dev or pre, we add a 0 + rs = re.sub(r"pre$", r"pre0", rs) + rs = re.sub(r"dev$", r"dev0", rs) + + # if we have something like "b-2" or "a.2" at the end of the + # version, that is probably beta, alpha, etc + # let's remove the dash or dot + rs = re.sub(r"([abc]|rc)[\-\.](\d+)$", r"\1\2", rs) + + # 1.0-dev-r371 -> 1.0.dev371 + # 0.1-dev-r79 -> 0.1.dev79 + rs = re.sub(r"[\-\.](dev)[\-\.]?r?(\d+)$", r".\1\2", rs) + + # Clean: 2.0.a.3, 2.0.b1, 0.9.0~c1 + rs = re.sub(r"[.~]?([abc])\.?", r"\1", rs) + + # Clean: v0.3, v1.0 + if rs.startswith('v'): + rs = rs[1:] + + # Clean leading '0's on numbers. + #TODO: unintended side-effect on, e.g., "2003.05.09" + # PyPI stats: 77 (~2%) better + rs = re.sub(r"\b0+(\d+)(?!\d)", r"\1", rs) + + # Clean a/b/c with no version. E.g. "1.0a" -> "1.0a0". Setuptools infers + # zero. + # PyPI stats: 245 (7.56%) better + rs = re.sub(r"(\d+[abc])$", r"\g<1>0", rs) + + # the 'dev-rNNN' tag is a dev tag + rs = re.sub(r"\.?(dev-r|dev\.r)\.?(\d+)$", r".dev\2", rs) + + # clean the - when used as a pre delimiter + rs = re.sub(r"-(a|b|c)(\d+)$", r"\1\2", rs) + + # a terminal "dev" or "devel" can be changed into ".dev0" + rs = re.sub(r"[\.\-](dev|devel)$", r".dev0", rs) + + # a terminal "dev" can be changed into ".dev0" + rs = re.sub(r"(?![\.\-])dev$", r".dev0", rs) + + # a terminal "final" or "stable" can be removed + rs = re.sub(r"(final|stable)$", "", rs) + + # The 'r' and the '-' tags are post release tags + # 0.4a1.r10 -> 0.4a1.post10 + # 0.9.33-17222 -> 0.9.33.post17222 + # 0.9.33-r17222 -> 0.9.33.post17222 + rs = re.sub(r"\.?(r|-|-r)\.?(\d+)$", r".post\2", rs) + + # Clean 'r' instead of 'dev' usage: + # 0.9.33+r17222 -> 0.9.33.dev17222 + # 1.0dev123 -> 1.0.dev123 + # 1.0.git123 -> 1.0.dev123 + # 1.0.bzr123 -> 1.0.dev123 + # 0.1a0dev.123 -> 0.1a0.dev123 + # PyPI stats: ~150 (~4%) better + rs = re.sub(r"\.?(dev|git|bzr)\.?(\d+)$", r".dev\2", rs) + + # Clean '.pre' (normalized from '-pre' above) instead of 'c' usage: + # 0.2.pre1 -> 0.2c1 + # 0.2-c1 -> 0.2c1 + # 1.0preview123 -> 1.0c123 + # PyPI stats: ~21 (0.62%) better + rs = re.sub(r"\.?(pre|preview|-c)(\d+)$", r"c\g<2>", rs) + + # Tcl/Tk uses "px" for their post release markers + rs = re.sub(r"p(\d+)$", r".post\1", rs) + + try: + _normalized_key(rs) + except UnsupportedVersionError: + rs = None + return rs + +# +# Legacy version processing (distribute-compatible) +# + +_VERSION_PART = re.compile(r'([a-z]+|\d+|[\.-])', re.I) +_VERSION_REPLACE = { + 'pre': 'c', + 'preview': 'c', + '-': 'final-', + 'rc': 'c', + 'dev': '@', + '': None, + '.': None, +} + + +def _legacy_key(s): + def get_parts(s): + result = [] + for p in _VERSION_PART.split(s.lower()): + p = _VERSION_REPLACE.get(p, p) + if p: + if '0' <= p[:1] <= '9': + p = p.zfill(8) + else: + p = '*' + p + result.append(p) + result.append('*final') + return result + + result = [] + for p in get_parts(s): + if p.startswith('*'): + if p < '*final': + while result and result[-1] == '*final-': + result.pop() + while result and result[-1] == '00000000': + result.pop() + result.append(p) + return tuple(result) + + +class LegacyVersion(Version): + def parse(self, s): + return _legacy_key(s) + + @property + def is_prerelease(self): + result = False + for x in self._parts: + if (isinstance(x, string_types) and x.startswith('*') and + x < '*final'): + result = True + break + return result + + +class LegacyMatcher(Matcher): + version_class = LegacyVersion + + _operators = dict(Matcher._operators) + _operators['~='] = '_match_compatible' + + numeric_re = re.compile(r'^(\d+(\.\d+)*)') + + def _match_compatible(self, version, constraint, prefix): + if version < constraint: + return False + m = self.numeric_re.match(str(constraint)) + if not m: + logger.warning('Cannot compute compatible match for version %s ' + ' and constraint %s', version, constraint) + return True + s = m.groups()[0] + if '.' in s: + s = s.rsplit('.', 1)[0] + return _match_prefix(version, s) + +# +# Semantic versioning +# + +_SEMVER_RE = re.compile(r'^(\d+)\.(\d+)\.(\d+)' + r'(-[a-z0-9]+(\.[a-z0-9-]+)*)?' + r'(\+[a-z0-9]+(\.[a-z0-9-]+)*)?$', re.I) + + +def is_semver(s): + return _SEMVER_RE.match(s) + + +def _semantic_key(s): + def make_tuple(s, absent): + if s is None: + result = (absent,) + else: + parts = s[1:].split('.') + # We can't compare ints and strings on Python 3, so fudge it + # by zero-filling numeric values so simulate a numeric comparison + result = tuple([p.zfill(8) if p.isdigit() else p for p in parts]) + return result + + m = is_semver(s) + if not m: + raise UnsupportedVersionError(s) + groups = m.groups() + major, minor, patch = [int(i) for i in groups[:3]] + # choose the '|' and '*' so that versions sort correctly + pre, build = make_tuple(groups[3], '|'), make_tuple(groups[5], '*') + return (major, minor, patch), pre, build + + +class SemanticVersion(Version): + def parse(self, s): + return _semantic_key(s) + + @property + def is_prerelease(self): + return self._parts[1][0] != '|' + + +class SemanticMatcher(Matcher): + version_class = SemanticVersion + + +class VersionScheme(object): + def __init__(self, key, matcher, suggester=None): + self.key = key + self.matcher = matcher + self.suggester = suggester + + def is_valid_version(self, s): + try: + self.matcher.version_class(s) + result = True + except UnsupportedVersionError: + result = False + return result + + def is_valid_matcher(self, s): + try: + self.matcher(s) + result = True + except UnsupportedVersionError: + result = False + return result + + def is_valid_constraint_list(self, s): + """ + Used for processing some metadata fields + """ + # See issue #140. Be tolerant of a single trailing comma. + if s.endswith(','): + s = s[:-1] + return self.is_valid_matcher('dummy_name (%s)' % s) + + def suggest(self, s): + if self.suggester is None: + result = None + else: + result = self.suggester(s) + return result + +_SCHEMES = { + 'normalized': VersionScheme(_normalized_key, NormalizedMatcher, + _suggest_normalized_version), + 'legacy': VersionScheme(_legacy_key, LegacyMatcher, lambda self, s: s), + 'semantic': VersionScheme(_semantic_key, SemanticMatcher, + _suggest_semantic_version), +} + +_SCHEMES['default'] = _SCHEMES['normalized'] + + +def get_scheme(name): + if name not in _SCHEMES: + raise ValueError('unknown scheme name: %r' % name) + return _SCHEMES[name] diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/w32.exe b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/w32.exe new file mode 100644 index 0000000000000000000000000000000000000000..e6439e9e45897365d5ac6a85a46864c158a225fd GIT binary patch literal 90112 zcmeFae|%KMxj%k3yGb@-lU*Qz@H;}VXi%d8Bwd0F$%d!|7bCl@7|>ft*VQV9a{w!W z#FNz=j;pp;@2&UNd!cBnt-YnU@=FCa1hYX=15!*2YP6}&dQuHS!y+-~^M2;+CPBUZ z+&{kG*Y}?iYfOqqi48e+B? zv1Qlc?Z96LeY=csiXfy4CW;t*3p?=*;{Dr;CLu*|HF7}8N16G1@I{e=?VKRYqkzjK zJm;anH~wui2}K#G#xX&d_>H9DpKHJPMjv$u!ktFdhJy`;uNK#A6!G=vSMZ>EQCq3g zhyBY3imU5Z-zDA!keNsTPT^|&MesN5p9@7_ZGZ{goWdxWaDF}v2tmL_uC7~G_XC7^ zThV6WR(uTLZ`eN<;j3G7@BIJ-H=*$fd>*`q{c{Pz!eO8PfAIeS3M^B5yn%V2xdc6T zafeG#d$)_z7YLza^9LSP$Zm8?NQ@6a*; z=>TMLWMxh3w-Ij~j`)sYh>e7AAYS_q5I6Q%tb(xJA}kP!Usv4ya=lfMW`*4jk1pB5 zq5ku_9?&7x0>t4S7MmalMy!Xe(RE!uoEJ3dxdOGfs=xRxR)evBglY`L$nifTzIZ9( z{zV)yVm<5+1K)wzl0>XlS$)NNxT4=5S~%oEVZB4v_M(bqqyVFXuVmfj{`DJKmh|dV8O@> znyT5BTtTQ-dszu5TfQ?Yj#YaLTg~oxF!dRKxctS5Ua3is=&m@0ULi*uRhGEk8(&@lk7jpTp_YJ|S{I&|Jd# zPOpch0e`JJV(&ym$cGDR(FdtYO|NzvHGxR=U`lZ$D1fv2*-ZvQj%y8Ysc}>{Iw8Ul z?f;q>pdeg6Mc1-xRmVQUSnC`qrdK*!*L|*;6?ZQoX@yu<-M#)*D>=)_JvMLfY7C*` zK1GVNPr%rIKX_u2H?Vfn0)vIUNXFQ*f?<&&R%j3S0{OrmcAxWr8$7I?SL~e1`|w82 zS2@lB>Bg`-?m1WlNa6%7e;7)%X9%T~Lx4UnOF^T+lFl~igk~=8tDySUVzm2LsclAe zy=t$Xn}>?XmkYs^peZPL36)3By^V%bZ>UeQ>AB?u5Kog#7073>FAdRA+t+d#AZ8Fj zbMpaJ9B~=x-SNhr(`dXg_zo*g1)cc9K&bX&qi7 z-a`HH5wrzvBb=;-%ehbla;`eC7Ew#tBGe`PP@a8HI;1)kFq&}x6;$A(D9H-dftPvJ z^Ed@;ax?`w2t1p>cPGH5Piy5H1ogZ)&b}v&5}r*aph79NC27*9iG-$P0oLM3t&)aR zAG-#8R(-xR(1VgD=s{t5L`BSUyPelUxejdNwVJ(|!3QM~uU39&@>DS|i2!o4nIl-h(c4ftYSZOZ^^YNlISB|_ zNz-^k-%3V~Krsfi^r`B$DMgrOR<20Qfko-bVMvoJI#$oMp!aL#xl=_;FkedzPL(4T z|56W|3-&YmFd8}$*Y#OoGp!)JHbomrby)db#VNZ8(h$lAXcqHAdB`o|1(eeFRMD#J zIt>^tD;lDA5Ro!VQJ@v*Zm^F+znh78UYUM4Hr%HuE$BOWx{NPj%%fjM`NXLnd>5EfaK`D^2 zoI}HwRh|TjaHty$4NS{{DZHOP)M(g~Qmb0!NJ?$!i1hcuL&xH3ugYs3u0)E1ryNI0 z%dxl;>L8Zj-1F^JwO!@h$}#5ge5VYI=5}+Kat2ev;!*DgaPmf1V7Gi1rX5BpX+apo4t?f|bnY(Bg6S6%;DP zZAH#3_BFtx0yI5AI|Ajfw!|srGsYtcU2q`m?)3zyGHldkyw|ktn7}^y1gn{G1re~Dv$@qtW=8FH3+F~T0x)z`G6C; zI2*lcu)t9; zf}VRXh93~+242G_*n^fO_)ewCrXvAL^=wC}P!z3+=_zPsXQook5wP=ss(ab4>8MDr zm#xR!%NU60Wh;2NfWd1X6Kc##N3Ir1FP}y zt8r)BI=h+dwfeT~yAhmEwc|h1gFLCE0?cnSopsOC${D2Ry`XMU&7~ zR`yqPykB0^Pr6r0s>6;cs;LuQw!?Q5*&rnR&^BT7lv-!<@2 zR1!r=&1osM#N8=o6P}t5#ofuVsx=+jZ=&w*CeWakG7%O`w8A}>*P+*Gj-HJ~{upcKrInT2PXVUnvvP0-)e?Uhy z*zdpsM|mo(WyPzIjN)bs<4HdgIh#v)UN#wAN(wmX*BAWuZi@5)N4eg8)5_;z+fx#O<&*9R+P58AGR}@oXw;oDhny zkHhc)#kRzLLjd)*kS>0RMN&?}-@XCUN4|Ye zFQ)xo(ijmvf}+!SbOcJ5UgZ$WYoUbRQ0wd!TeZ0)FYSBG9`?#?K|ogHJKe*6jcD z2p6ei*<3U)(b7|pxV)v>57a6f1kT5WXV9YTZ?vcbE$XoEF@38=Exbjj*Kw*>huF&N zb*QjK8%^v?GMYF==KSeMa#A&E;1|0#-0$_trNo1Rl*d}Hz;Kz&vSvVbah?tHWdLM> zMQz1uG2-$JvFt`Ls2UIH(&a(h%97Lq;1IK_*|>agEV%1MOa!;0X_z%`<}Xq|wVY}e zr(wsgM_g2}fh5I|6*a9#hyBC4#a0atzE!=gz*>B2>m3EQ^M_#S0pD%SlnJ|OtLTYd#bjaRRjR9DE%I7=_CE&WT$%*wOrta8Gh%0oJ zmz@OT`Tb6}wJx3OP1+x!z^j7l%7KD-h1ynIGFhB}X;i*I+SMcC9{ z&BjuxI#>E3&dyY`5V+Z|wuRU9U`=CK_#T3ynH+jO;Ccs1iZrOOFwD`ACSBz|WTWBg z_YaQOL>3wW89Lt;mBdPD_uv&yigKT7T1@LD~e6SPr2La+cbgzeKEh z(b-uC^P{uA-~Q;Ui16uiXkiYclnn)5vDsppZ>o1rzlS_=*8vYJ6_m%g}YxX@Uoww=lv9WtBmdur-EH{cf8qz=H0Ag4s)Nw!Y_0= zN>|-EvDZkJ)!THDgd25_l|@kox{ZA}nrICTP>4N2P)lt2YP7HwB$gbpCL_k7^#pB! zwY|`n1nLi1<+@8Ghj>kilp|hQBIQX}aqM>)(Z0X1&K0KCRi@HO~!<8GyxL9-Cx*pzH>rkn!BHDt_dZ>R*fNv8N_)J9n=O} zRAR=xo2;kpdTb47==CwJ1Rc_g&Wo3;8^B#O=}q6>CP|Z#us53pRPMp0P&}*SE-KvNyfVOSgb(*2|Wi zi#<=DHE~sn7q*xWwOmX^N#TjlQkhsKs%Bnl5lVfKuM#l4Pa7PJK`G^{iy)1y=5{Tk zVQ!{m*4t`CQ(T%zWMYGC?OhKEK*md@6{!6WbTvN=?_< z-;~tkfCml%f1;>0Mp3cXh?MmXVt407aU!PWJofKHVDl4TPXR3I?pcVJA~8kkYQ*r= zZ&;s!wF?4Uw6w702GmcNCWhTzh7j=R%dC90o#Q+!dY!GC7V1^q8#7gRS96~3?$SmA z(o@Y!pgjAz?3+sI={!A|IB_sB6@pKL+FVl8U8|ID9?Rv{qTXd4S-@ zVTq{5EPB98`wp%Hl5OQfuM*pDGasF^m*V)mz7!V7e$+F<&f z#PrXg0+%rT+`$^LQrhwg0%6E)~ z2Z581g%>DKVl0#%#S&idsrTCr*4^Rc5) zP|<>)Lre^_nt{T}L6ys@P=?WnGXPfGI3f7Nn@UFe57m=}Sl3x$>`pN(pQ8B|>2osR zN+$rovMB#luJ>xM@uAMgviy#Ye#~K?18G90{RF`gQLVhM!X}Gzy=-JT^?aPYbQ9jp zQY^rra2lNkp~PkSJGwSXt(XY?aD<2b(-)vp?L;tJtxce{8t2|#>ZVh`D_3>H0M3`M zNx>}+l{}Upz{6Q6+9hUj6tF6Ois)7^dmf87gNNBX>Z4)2OUjUT0%*PLOM*&r?L;u7 zNlIncPB82!KgN35SdxCF0Rt9R!Q}zR8B}gQ$_TrE22){khYPw~$?SG;yfng#-Dhm5 zHX(9v)$OD#p)8jmrV<;?***{9#=R6n?n2UM`$k|kuPtfLLyUA<-Yeprz5dVN^gkZqU<-LfFSJ82GW-2?d@xyq6WC{e1EikYfST+$ zjJmN6OEBbeXvqC{RRYS&4igkByg3n(!TvxIK@;0b4F<S--O68AS@8P#6RC6YQr*Iinfz_pQG_?t*d6oeJJf~s zbToA%@df_dPKi5a;wze(k7tHOh(uEhcxqy2O9^!%%XTXa;Y#Q9eUUwwjpC7A2abyFJ$)}rhU zLcH}5=$L*n`fQh=}_!Q(f9kEutM|{ZD*uGYmJ@i{1@8VX|sJoZIV$a~w*P3Dv zJ&6F;O7dR@pxVf9ri_T9{jmnb%Jp$U5(n|-Yxl|QHt}|uWsB}g&;gaom06lSG!7Wg zw+a!A5ch~bYm3M%AUPY?^y>#nY@DM4wQG6o^o(Ww$(SjLJR=+5B)-w?d%3lu6FWvn zw3HE@gL~EX&}mZR>U*(cu?@I_`Kye6DVZ^Zt_I5DQ+ziO!pUUCfPk@y6sImH zmn!z~8=wZ49%0MQl00z*84XDXu6&WmE-eUGd@aWv8%BjIFgCv?JrOi)qSX!0rO(>w zW!FPi`u+S{we0M3L7A|5yzFrvU7`JiHg3AL9|Y$z1|`d{W^rj{`917?O9I=V2_>@{ zWA!2>tpsb=5*_g&3a>;>Jxw6WtOi@-% zly7k)CnyH#0%e75#!zfk>$^dgkweNa#LA9J&^94uj9F`#B^D-dADP_JtJxT8iTpfG zGD2`MHm4DQ0~1?&B?c~^dyMHM94g`l9h)(wD4{NVD&f=ge7cjK&z_*?t`2(cKZcP{PCvx&5NF6|kDo6R+PV%a-nDdjs}#Sstv zV^P!%jBm^_=ovUOTHd0GO&q;IzHn9DnQ-Ob_stQ|`gD|;A0KfDlM!&@oB zY?at^2sAid!fNcq5igY&IFx$}9AW$wcEK-(v&*$`$9&zRtbx~I9P%@v9l`GrcIDMO zC||2u)w^2BqM&~jnWX<(vowi6VU5b;Mq+iHwRkpd&imA~Hn$E@&P8VUAqSScFt;tS znBOV3&1Jv+5cOVS!X9!Fh^xXk3Sr9% zb@3xP;qphY)89+Wn>cora@6-26@@}gp~yzpmPM)?CV5(Dzui!;3u1waId6Csu1r+H z%d7BxHlA1EoYA^gGC1R(b_CRIEcwB@A9YDr$fet$ObB9rfZpscSSQJc$^L9tmqDMp zRnMh(`7rEHHpH-}P#;X*CChE%DDJV~Q{PqF*}oXkumO`u{6?*w`oJJevQ|y>jb>I_ z(ZDN_ll<@Wl4_g1=@tYMXy0TDkQ5t-n4{#zc3Xi1U7e#YF34MUt7qxbz_!vs9!R<; zmKRu8E7Pfw04-9NTLC?@c$~V{CJzjVPT-g&e>EUloL{cLIy`HA_>Mm~)Dft${E$VE zjs{HBiZUxpxkV86Ax%*$T9l^9wAHTf$y~6N^zEHf62F?d+HD z>u|*g?rt31V zuUh?#e42`n7xxwG`mq&!75bTaMs0!2Tm?mtryfDNu73jO4-hFR+#0BuPab%WKSoXn zu)Hi&?=7(2x)gqaIcyi`Ocgm~#ilMCIQtHIAQ0qvf45j@?KUZF`MZFSGMCQ@dXXH> z({qiIegh$KRm=Lpk`nx{% zY8Ohq9J0F2+BlG(3f1;Bhg?N=1~G#mC9_9=cPRZ6A~E^1VEE{>UMIBRLlnUmxE`8V zzk&&P765O8FY}w`q*b50xO#_m`SPW)e>j>jUm?pc=*F=>Y|llvfMR`1%XYbLIZXeEs|aU>2_=z4au9N>W=5| zwc`bPyhM+kcnoRwYSsyc{w(oWAO_Cd(`PeF*r^IoBQ|rDb)~aqT`DDWXCQqx z;V|YEa%*{#>gvZnG}n9Jg2FehM{K!S%vD>1DgMG1aVq}cOfMoVm9g{C1xQ8d#7vh1 zqeSdB45|ZE#qIRamgyVrP~T-WM56FotD2@QRk1B>7q5eYD_&L!HSXWw)|F7>N)god z9iTdGr-wG?05xz?0Fx{U-Y>B%|N)MXZOW>dq zcQ-BN%P@NU#S!S=@?pj9f}uvMaF-$#G24H>|GK zmv#BIaUiA&uO6)b;SwXT6VMg>tvv10YQZNbS*JAB-JvX6jmvob4v?d07yVECqC_(v=5mVvGAw(ow|Iu>mlFmu*2oyc}!L!TSCT z7)k*dJBf_{irsnC8LpvCakN9NfTJmm1C0Y#%rw5WU+)-S^Ng<+J}DD5Y+qLLQ+Akn8QQ@TT5SHwS2s9!)rbCV=YpMxA<0gw*vDaFXUe zqnDnhjEJKlu5P{;d8hf>v7C(H@EB6XkI8Ah}gBOIk)!ABShZ{scTZ~$A7tk@`G6!Pk^Vm6wSn-+` zJ;f8AwKp-rl0zm0qgu+z_a2=;uz2EZiMPgbaT1T}-8=<$!Ba2814GXta1Xo~VEh2aq^ z>oe*;;fP3?tFk7{`X;iZpb`t_nOhp?a%=tw@+BvXtFZDHA8(|+4jiFD%ZI6Q*uELINKIrQ#h4PT zPTT9fe}=fsbjk5Cb=ZFbNiDCRLsVi?Z|ouQH_Uv(x1qdjAF7B02dDhXehXO0dC}f< zF94zL%)1dhDaWA%r5h226ai@qu_Is!jD*iYgT?_Og}rGGfC4j5gNQj;(H!iA^zgA4 zu)UtJ^z9{jSpak(GY59}>e?Nn#t@Sfb>KwOMNDnLJSEV73I}SuY;7{1XiHik^0C9^ zWp~d6c~Pr*>#y{(JMa;_$WQE@1iCn&OR9TlYk?i4$UHik3Hrl6gF*THT{b{2vP;l>A5b{m_&()Wsoi| zD2{BkEoy!&)e2m-B@-8kR#)jcw6l&?heK2V4oy&+r@7`L`>%4)Fd2c--buJ%!&ym2 zoDJ`g5eKAiA=3^>FXrOoW%?lEB*-p}2@u8Ebl^0WHWLuSh7eBtl3A8^MNR{4@ev60 zr(1T=f=F#KMn5N)g)I28tQ zajeX6%%@U>Q)=s8I?>y@cNBlpvEkOeBPk4t<5PS2LYxlfPV`|14cl|Y5qQX|Ey`w# zve~L^wzYiZ7|{~m?D)-ZezT910CX6D3*SCSEBLKBre=rh7U_KWkx9gQu*4zGint}x z`J^yv?3suGH*9F&a1n#b;L+Dx;G>Twb1zJq9*OY9k>)0T?$qUs)}7lL`W&EbA(FrO zO%bsu{OlKqu0NzH;gH4ae2Z|Wl?%C|5o-s^gvW`Yncg-$xRXIB)V%o9f?LJ zl;=U&1PbpjDD*arxZ+dQh(|2c2;X3`51FdjLC&}32>?uyLjVC-zzK6T`!^0$Ky-V| zO~v%Jn8fUc#c7iqTOUg$wA#qNmJ~6UqVg#Uh?*ZuBZ6t^%|GV>YU@GmR)dVuP&d&0 zCn{WgEQ3J@WJ5{q_hL{+0_$Vv4spiw4SFdkr7k|sw}DF`xPxG?a}+?syTo$xN# z=E(zJOQVK^bOS^?B@gsVqsR{CvJ53^hbb>SisJH}Yrj_823^y8@`o`i`L03-^|96H z4@mMpg?uoiY_*lWf{w&a*LG9}4THnQ-Uc+*-t-fyoV#0&6qWWOSodk8&b}rYE&{Sq zr;~K{rU1hBJyEQ!dibEXH+c~gb~6w3ZWMuT6EF9d%p4_TCT zwvuJc{s@hkhWgKe@?C_&(idB^o3M!n1`zDKD=<=y#9l;r7@B>fppR8`1I;~0im*Kr z{{55GN!a->+*)D6AiKi8d%k^l1pW{1uB{E5kZ3J;P69U5B4>R4XYfM722ulzDIMrI zIBUV2gyp;i80unb6m^T1kt3kM?uPmpOjF8iQ0l@;6A;~At6p2H6u~zU?i@EsXVkM? z$BeyLC(U+OJAx6Q9^aw*fKi9D|cU-4Q+zasqeKK$r}V0J*A5XUo5&-c{;PGujbQ zR|U}L>;Vj3I#^a_u{ZgsEAlbund2Hv804;PZ>m7#zGl=7qei`W_IY_4KlsaDMn*r> z#V&MWh&o7>PV2PBO^lL}YDJ*b7$-P@{}zCim4RxtltzaBUSGvpY)5{EY<;OTI!*S_ z`}n{JDTMcdF$BvjJ95xIm{51*@waWqM7+sn(k;hR>m9Y~;xY%^X53apyELd~NGT=)i=9MVt6bU%VEYRYV#1lvLS#*sBl;}?k0S!bSVBh1Sw<0$XE`{F7=Va__~UQvWJZX zfcnT$gbz00Q5f~G0gO!bk&eVyFTV8M5qz<~A_%W6^%0_f=|<|U2_-+HI#G2W1-IzC zDT%!XK%73_JlMBejJ_SIrla;FPzjhj{*{1AR`tURdy!=*x`CqQDDUd1mpwqAm-I26 zv2tPo0J4AI z1olfP;H(>?8TZZb3Akb{G`G!|fG4uID0=O^iCOp!oaLlhcpq|*Eo(*$-+Wa%n`|p` z+r3`q2dPNh4Eo~nF?aybmodsMbsG%9-Q?w-9CD4fH$4iHRg>dnxT=R;L@}z=qb|vT zNBEmkE*cuHJXkAV7`MSviydhAV`w*Xzxtqwd)7~;mF{Mm;vwVUWbYSes*h8D+IL$_ zT7Gz0|E=(|UuMPr5&JtvFSc_GK+!_3_H%3EbjakKj6-3@N*zlrx#xfKO}_juNpZoB zVAGNe*H5CXA>ZV2@J-HTI?@uR>0cON+CBW#1!&`pZ@@(_Lq5m}hh><-;j`?)G&tNL zc{Uu9zr*49H)x3Ajm#a6?cCwG`HuPe|KM+Y|4@BK8TI)G{>HyXgTP3G{>Il0X6C-` zY%0FL!{6BbAK<6`G|L(O#*5emY*v%Mv7dc`5d4ij+~1f3K4k#5mCx5<+#T{Zem#+A zI(wD!Gl+a0Rbb}i#8yUX0i*NAW|eB z2O(|jZ#?XB_DWf3E<5N439z7paJYwpIE+NflF#1MK-h71bUrRX!okobd4=&Caq850 zaq}b}h-G6xT+SCa*cQ>MwNIPANmYr6YO z>ie;KXwXTc(+kt-0OYC_$(Li41vdte34#3M0jD5wM1RooF(-#Q7;IfB4rFRO> zukZ%&qaAWPxtklbg9-gMG}Eu8qEbqlzCKT15C7NI>4@{NA7aX;D$%(udy@)OsK34G zVFch@`>?ds%f3&L)T$yZL5%Q#Sb)2IF2e`><-Fl}+%u4k#5ZW=CpxA3S0#wF)nzGo zc;3TOIyv#>LqFKe{n;TA;Vyrvo4W(um8~za*ms*2DA`&L+5F@#+{56=K+n`#$muuf z_9ypDRG0B{2El>lin~Wy)(wW3!0!A2jFK-fH{J<$1S{5KSp?2=p50`1&Tg8%K&YF- z<^V#;V-p7f*}?buNQ^B3wAzNI`RJsJ(KOlD;~2iY>%%{&NG1yL||A1Y*=DyJ#u{9@#?E9KcUz`V+B*)vtU`R%?1mP)l% z{PETsQyVU1;s7k2V!s!Mk{jv=gys>dJzNH}AX$xsw({)MOwps-w=T|}PQY#sd_%KU zwY!WQ1WGd~K&NL)(>dtn1d3yez?+i<1sE(Y1a^65PzYDCrD&E%P1k3o>AB}1(TGPk z0z|E1@M~=T5rR$}lzwzI#ig67&V|d0atQO7O zkbhCF>7~O$tx64?R?ay)?eZ}c3xB_ga<*MmM z+g;Si6fJeD36;k&Np~;EU_vA9p$@cyDAXfhR`b_N0Hv6x^u>G^Vr9V2eMY!SaPHab&GBf{y7&Qqc3U zU5F*ct7QP51(WG=7`Y@9M(2nHsliNsW|5eviE_IgxJZL@NebPNb_s6}0U~e?%yM8IBR<1G zg8C;JXgo2{IE-mA+tQat43wRsWz?zy$^sZV1tKl>(*c0-dm@6VD{)?CEc+Pqup#`| zX9y}qu^?dN_>b(N+bOW7M~K~l05&mbVuN4lwlAStT?8!msu+N{{yoj*5ZC`Qh>IlD zZjdT;YNORTiOcHoY-bo&9E48+cb*tQpy-r{sS zCPZAAP0JE!W^gnlOtn4LO!v|RNBguGltu9UNgThfWiX z*mc=#HepJf>-q2CnB{{GiEu2lkxv*-)ZUG)0r-N!$~&goB!?fE~+ADKm4;j!j)Ickz)CaF(tZ|Sm{Tj=G$>kav1b4x5mOgsAT0icOF_dM~f>+d=E97sVmWIHBO z{jhLdDyI^M=7*bkj&w+XYZG;n?=%YycTQ=L?<^LK`r(0{y@N#ODqlA18o(SM(7r)!M^2MX1I)R%F2vL z)UB9nw#t0W2bj~ASX^2LO$HVOt>3DXI1}~JG6^h7*J$cx@e9k?{hsjjwUAr z3OGaS<4Y1!m%Z%mTWK7_IObrBuzx(L{b^M=DTv7#!vi%Hj=A8ef|}B8PUXNxmIQRA z&BLxoEY{LuBb`35m6|ugvDc1)gd;h7H_19)i$<{oiIv z)5_%U;h2X_*gPAn8(h_>SJ^x;@&5~YQg&NYYzQIQ%jhuy>uH=d<1P486pkasKS&&vX2Fnm>2) zX9u2a=^i}B9H%@#$2TN!Axp<+!tU|wV=$!ek06DNn4#AYpzRG3OMlCR?$qZT5Z|%y z8LRAKNK$suHFnCb!~98?bt+GH;aTfEX>WQC@bDotUr_dMLtF{ZVSj8RqQeWjYUTLy z4R-sUL-ySbJ7X>^rR>C-D#vwCB*VVDsi*_-L2C=MtW-i>N`?JC@_=_D8dTM=uC{ zzK%wS9H!=?O+Uj+2^sA*=wML5pbSwU)`e9&%Eh4|u~KGcaaLiQSO5>l9DLYAyOEl) zi@;-h5R}6dw8VZh7&gWJ6X8Z4PqRksNy@=LV<7}<<*%-k3RUP5mSpEpMWBi*wS!13 z=bxp>*lmcxC430p6Unsic>_)o9XJd@NhJjQJT*&*U6sT;{Sv&CNO-e3UQU4+IqRz- z3J=Ff-?2|2=BeTF8zIT#0nsJL?-g;#d;<!t#6I-CYC-Ay8%sDI?qF%-XC$O>D zi}A;Lu~6sDUTuHkT1>6>rh|C$<6(4EjE;vb5FKEE+wliiS9|CqEN10H`BBbIgvsD) zl{1+^09SZ_KZ@Z86P5kF2;ztco>-_Uj{|*_cLD7X#6H01`4F|X2vxR+jv&%Nk{{cT z@KBnRo`_fXQ-_h%PCZCO0x$J(4EY92sVn-GXQ@zo(*?*1Oj0AZZ-Z@K2~ni{Jk>-{ zchLv779Jmo_H0dS!eS^LAwzs%gANyvK6O)KYByC>=)3_X`ziCLj@W4+mKg~BA?gpR zG(AoAX6g2(a}d8ordI%gyS-33Ty>nR->wd1Pcr^<2#X7wL+yBnLoeg$QTYq&5qt>x z&X<5R%+uj^K@|0{j!KlnPf^>IT{{t_rPnGv&44f(X^5WK9Moahn83{TeYMhp)lRWN zR$^!SK|u)`ias zDaY5?A3MO~e`tUF)2~7B_}$`ta{NBAK#t#U5B&mZ200p(T_g_0e@cu6P*U>_3I_Bd zdux%gO5F%^N`i!}c zKTyl!YIT3?kNA*AK`Q-F@)=x7NVJ=s?QqcGT&lJ=Uf6-S&DV#2UxP$1yLS|*$|bp9 z36WR_T^+;ej!OzM4P=y2H5-0?aw{-C32?QnUkN>hK%&$2T|dKz{lFo87csWM9v+>~ z9$}sX7RuSKR5-DmghTDKG+5-r6C3}6<_K^t;KM<{{d5Ko!GCaZ0@m-ZmG=`3eux{N zP7Q~s9E51N;VNllq6g5tMaFpb#m0e;6<(nzpFbfdaQm*z*4djLg5)5c|2b(IG%dW1 zj0V*A0F~%ngZhw+p!p_128*y@4IM>oRE|)NEXDWR)Z#ErLopwK5`2kV_7Hs!jcswF zf!Afw2S?Bkmi24c?j{e1+lFz(c$tgj^IWEtaL(AAmf(=q5m71avJf>Qyz3%Z-k4%^ zE)heKEomws#H(hWPUiOoN`rAT@9F+{1II7xk>WOJH1{1QH!vzKW5!y!Uc z*jACK9tMXYLlrK#M4bG_Zbn_fUQD)&H)uC9V*iU1LD*EBXpneiqCwvxnGf)n zl1$$J0*b}4Mtv6rSjJ0$c%H}kRjy{LTp@-w0#_T(jda^py4n$Y02C_W+9g!?{iHXf z+e0Qqeuuhi2;D)akNRJc(+5ufh3;_)p}Sqe9{i08;#5BVg818szh5D3*uFWociJ01 zG8dm}xR4^bUZg!5u>^Y(ICWJB&-2YQeK_{}7M%OAE%EkzB061-V#hWCZpX39U0-8M zLrdqICU5Gikdbx-a9OF^n!KbZv1@`IkJ(^Gzjlq6Z6fBvu;EuqO~KZX;6kxE*#AI5 z9(GkF;NVs~AwsG)Y$Cy&K-ZU8*?HSwx1x)b;lYA44CXh12InR&IsGi75PpJ~PCw5T zSE|?$!s%r%n(s?eH>v7_9@(eabh_wYh+G?EZ2Q1 zWVuhX_g<$RZWH?vZM{=q3gJzfT^w{z6T}5hV8znV7u@1Bo@F6ZV&${*Fw{9@*%JE% zs6kx1_H{hd5S@T{d=R1)5Wa&1?EG+jE{hJq1QCoqfn;n9ll$4nFJkbJ=a>T~v72x% zv+yKtlDqC3_m8&Y{!w^K!veA3(i>IVQf{VOQIF8=qwV7B_C2`GrUjP)USI8{Bkutd zrV$Uj8cGD;AeSaGCn`X@}>M$PJ<& z5k)wR?7>dN9D>1sx)K-v!E2c=up&#?#$0~+5-tqgoj5AMturNX2<)Td2z3w`eocdq ztU8;ne}dONF%zw#p9KN2_AM1ni@f}2Vf$riz8xE;bO#S`z|>cY10@)T$UV^Bvm?#EP|g}fHZ8-=aB6^{Ju zsnNv3Htmx^3m3LrwHweV5*nWE+^{)dk}~=lhy_j9k-{xr6Z>4{*h|D|`UpUSCY;II zLwRs>7CArvhQcs{Ek}=o5{Ydo=&sO!yeu85-?n`D+hF>_RiC2G$8yn7ZXx3bLLe?3 z0qa?a%kLq6&=B^11hmW-*de@!3}IBsOAKMV6JY;72*&0k_`flPRZ%mBTkPRB{6`D} za@o=B?8ZTi-(~oUAk{E@Jx^#1c}P0#}+v|_#A%arPg*H^CGxFNmH%yHlFc@*gx_JZ+KXf7hK~=4;yi-|nC)R}W z1uLvOhz%C_)y;Rvt4plVPi>7C2>+(P;WCfSt4klp(GDpiTCtjDJ8g3*(v0s$`o6Ce z;?ek~{?%5N{&Vs>MBhtF!^!W5>3e=DWL5&FKm^ry-1t@J&)bXQ6u9T^2JyYyxH z#wB>GQ4#ouuZC~`alf*8H8cS{qyoSV24Az8Vp@9Z>p4mV+T5Z{zbij^}mO8m4hWfQLO&8cLADSL1qH!@BG|h z(v>om{R$_}Aj#-fEkly!ktCz3VxA$#)?@TSj-{D+_RqKw`;i455Qj`EB@vAB-!w2( zYsFsXMurBGU&~2;;isi;05o9fivAnCkhJ5caCv}Hy9lNv^I38iZr6DgSk5mVTx;3pi1v-yy>ty@xR!;@{Ntr>;(Rw-=cVR%S zvTaS%-L_`@kkc|;K;vjSg_F>9E$NF57xTr`hKm`}e*%-GZ6W-rVCqIQ?M*RMgL+Q1 z%*&9{Dzvjpw7>9#4kXazj0)l!D5{`CHx-{MqicRD7BtMiL%cw>y_}pjrtrIdao7U; z_fsVcZh6k4TL{n$Gy-in7Q-Aq>PB98${h>Qpd->5Y6}=ZT*m8YMHOzImmw~~9p$C) z;qU->8hdG>(a5Z=X=t9&I2|fQvZY!UQxYKN3OyZ3%WM@fFJ>%cPj5>Rh+>q%5z9s- zTC#EldfhDN3%Y68^|HmMyuOl2so{p^t<9N~x_#=C(nSu#b=>g5P3cXWfRl-UeV>|UDra2#^~x4|pYm>D}^ zF8{!|7qYgbI59I8C1%DVsTaTaP zzjJd4&V8=f-CNx2JTIjmxCNLsN9e3%Q`@peLOI1Q>4;v1U(IsbP+Qo0JS{x8?6>!NF*DQFT^|>7l*f7J-k~G&0C^hk@`zU!1;5SOd45j7-uFG-2j_5u?g15Ow z54%r$ST7g?bCNyuK^pFC5gMRJxgFA|^KOUWN{1{cai10~4OMyrPPEBg=EBx}$Q*eE zj|Q=fJUsg#XbO_Qgu$7fVx4_6IuaidyFf0TsRQ2 z48OjZ6Liq!7uVzOO8ia2pF?IY>G_gn=eYdr(I&$K7~Cjmxd^0Cz=i;|1UPDNA&TP_ zAcmJD|B*Q#Kcwbt*-|XdfRrl0m>XM4hrqiu8O)D$8sA2m<(Z|MSvHuuvCEA zUYu1bfFj6xNW6mm5Unv*tDuVxJ3b`mtbK18r4|Ui;$(U>Kt9d2A3nti*#sFG-uTJzK}0w80l7R#0w5F z-S}{@b+A9kZ{h+2tcNaRZ=n{D<;rBX6CvZrl-ToBH6eDVA@J4G85qqpOnakz-GSen z47-m)w)H@~(Fno1tP9xILP+mLg(B11;dfPtE;EVK8`r=rq;KKbkqddho$-2g&bL*2 zV^ez|=~Z<->f~o5c+Id3jKRKw8g(W2@}=_sD-Qbkqcbl93(v+^8GX`k*(DJ}Dvlga8M@V+yh;7=jB7YzYF?az`+dKWj^uE8N^saXh@II>$?+)hLX)Ncqf(E{27wRXoIh$Y&0#19~H7 zXP;X~`7==dK^mg_1Q*z>-T`Bl`}DM^l$ue66NMRW2bgeL)Y&4ImlAV{S74=p*HnC^ z7+-kNmjxyYq~W5c$!+cdla>cvVK3bU$+;jCaVeSwPa!dQ?M*L%e~We0!v!0bJ@hO- zF(GlmFs%g`1($Jm0tFky2jBt|dXU2~{OIc=_aTUWT91pdE$a(${K+0#fhhX{_du~; zX>Xd0k4k%J5ngm7IZmJiQ(~j=g@reMxugD6fp<~5qpUC!SEYRU%Yxykd{-cxo0zeLzOD{77_t!f8=g3 zJ}PN{)Q3Q#^y$gc?M-B4Giu;4BBvcf4MMb*h^2G=r+YfAr$Xrf9@2Q!=kZ<|1L^;r z5FxmxKeh@DE2TzC6MVrGz%;)PO$S2fV^(Uv0I9Q54~V1=y? z{CG^{qx6Q4w`9K2Q2({iY?UtK(tHBtqVY6{+Q4gRu;yPPNj7syvT<(4pgT=OEB@GGk_E2RE*BZr=4K*^h z3>$v@;5z&3@30_&CAN|#^rJfymRPzEIxq2qb#RSajd(-KTM>eR&5zj)tCD)U>K~KI z2PO3raRrn+XZjX&G`W(y#5Z6}9sJ=7XfectI0|$}oca^Ln$eY<$8*6TI6((AW|}j@ zC;`{tp!|~hZgECQeHU(RF#3at+m)8+H}sgLfw%akYtUk2;^)8THT;J<*k#1Dhw~Cn zG~}g6DltB3MP#L4jKa@Sm};>G$f|Xwzy%J6I}fF3pCHn{C$q5SlKUlK*Mqre84004 zv+9Dtwz9=g&T262;ahCl zZGTV}7ue|9x=nw8I2&u+TUY)EE4z_MPJvYjXnV*dF>%EqNQJiGrl!>@O(8<#gBGd- zJb#wj)LU&OOYsBCdof0Z*6O9NIxvrGBN721u_-rOl`@NRk8Rmf&vJi_e+BF>dI#=s zg!~7Et-&$Of}p=IH6K}1#F0T$0NwAxO$M`QFXgZep}T$xjx_#(-afL0W8C4KqS~S! zGq*Vh)?1x%`@`E%3%UXso|6-ko|B_}UinkI{E6K;uyU1@8oOmKwx*+`#z;Bvkc6Kk z>@am#oPAy|c-r&03l_jvC{d1C>TnpwY;K23&+0JxwIF;alApx88=p^#cx=PpVf;-y zhJ|-J&Kfr_GHtC$0ovw8xD?ndM>+DNgUGRCGYHF}OgI^gUn!$1{BjWLNdrc1Gf@TM z;EB}c!BpT_go@0<-%R`!;BO-Sa`0!vp9Ozv`QzP6`4ioEGrSqzJ$U!v-HUfG-skW> zhj$$BINtqu_lGTH^%2ay=6I4CIyE|gKM{Y;gd5A_RYzK%q!tek8?8^oppKVN1msA< z;&(Xv!<$O_6MaxH)CXB#pMAa`<@P**QuOnG0;PYBAaEu77plGD=r;j!~hq&4{@1->m|b;Xp1ln?WvtwfilcHP+4)D-N7Pc4_<~hdwBkSv~J-z z$svHK*bwZdIXzxhZ?hdNsg_|oOLm}t@8Pl7t~sM?5VCLS348G4=mukj6&hZ(_N;mv zuWc}ukR7`!qR+cbzqw2`hRK*`2(I0^2$m$HnZXvxlvK=BYfI2{a-V$3;0O%svE^8E zESwRAO@8vq=MRFP>QH=%B)^kA>Yj{@{3xzI_E<(-8xk)31FfV#OuAbUnwXHZgtK z1G8Y=)M8NEio{RGX5-vz_1J6=T!)F68=b+e;SLOsFj%sPs<3s$B{EL4Ux$d`-cjOJ z&TnC8yN+1V1s7M*1*3s)m7@$-^w2IqZFR?4)8oof?Ta*Tq4{Ac*P`{g4$R`$c@1Oe zV`eAeODsScuVL_-7tWRQJ&aGCAMmj!?0MbkImU4sRDB(Ch>dT#cT+UGY=d3zW9;Pn z7~dftb07T^Dp5?+V=1+DivHfsyLj(rf_m=;ZPt`soZ-{oyJ@98%b@CgkrahY)u;OM zYi7A;)j>2TCRUz!qGBg5O?Cu2f8>fGk!fKd(-n_(RCRRz5b~q{3x17^NBA&r*=UU2 z>v~5OSH}3F4bRV)@%|rd1Vu!6G|n$O2@m-soWG$m1J+1V>r_igWj5?|VtC=sylYE- z_FRNBkY0|~>-aXtlwC?IZ?1o68rH##C159)#MC(k-tA;gs)fCdNk`{|K+Jfgq(&ZI z6oh`5^Nsk3KwLJ2)6i#1_Dd(;j2s!cbD@W|JT4G3Ap@rbJDQ<<@D6eB^0;7UIF}`P zAh;Wr936q^)o}&c`*oBC+!x>oh7{s{iE0eyxb86y*5<2$XE8M3tARsZuLicks&@TX z1E*D>#=!Wk_SHblG;*fm^uQ^n?HjSR7z6J>q{$8(QsdF7<4D^X&cn6I$+`zfrl0&k zEt=}r)2YdgGW6lDbH-UX+}VgQyi5O%^*ZA1-2m#o(;=$ukOo}3jYK6a!9;CQqa`M0_7Ke9o za#bT-AE8bRpGyT}gXNW+as>sc+8VM1;k3J8K%abKh3y2pk%={7Z)@dcu5yNKX73rR z`K^~hava?-?a7#oc*!(XV6mtED~xjR&Uc+!T;ptX{M zfLbYNPbq*1@X$=rqNv5P8pD*i{oM2ZYOcT6dogml^8)svsF7qp!qAkwboeafttJ>{`za@sLiox)k+W6 zG^Kabjw`)~c0}o++CioF)AlL7y|!KH5!#DNkJ2_lFWGICbFA9K$|_b{qx6y5-<3W} zt5AB9R;Kjv+Crt@pgEL2S(~Nwn>Cx#Gqfp6pP@}qdXAQ;^n5K&>2__f(&uU6N?)M$ zgiaK;6r&_*LA2dcN@HtfTuNgTWn50<`P=AWC5@+)@h%!QWxR*RPnGe08sAmMwKVQk z#tk&Ss*I1(_>400$c*-gGH$1FwKDFeaiucuqp?gGQCRU#GmHx5gZ#=-4xGQ!(v|TD zjVa3b360k)<8d0T%6NjtaAnkJ?5>R8(io(S@6p&=8LMe*qKufV1pO$ma?3dyPbp&! zjhZqFRF~SP%E&wJw0D(}d$P2>Fe;S&`1O)8JtN*PQlGzKZ-NE%zi zs8AlouSUutiN;@14CR*bG*&C)4K#kGjFV|Rs*E?&cmPHWHO&Qnz1Z0&IvYj$s9Roe z#&jdROjHk3M`5gJhs}Mujc=rn)v#Hr+k{5?%rI=`D4RL`BExf(4K||9bD>!tZfA!)}XtP6$0Q^upYFT-FE79@mLAsH68(g<-}O>xAA*J*&Pz z=c;;{?^3@;*3$j#T4FU;Ysyf@QOP}AGBid4o8ETRX?c<*`5oGq7nN)POYsPe-SH;zO!!u|ktNelKP zHp1aAy{~n=@*FLwJ`(R&$i#qnj3&_l4U+K-Tu7H>495|_Z&2I4KWnKot zrNgUvR`M#$xPBhwtln|nXUFG_y!8oO-**!*nSAOS9?BeYc zihr45k1hTM$I6O-!LhRUVXqU!b2ycI=q)nGaaD|AiP5s2hm}vlNoPqw<%2G>rSeXg zmw83?cU)V1t4BXaAWrBTVZkCJY##hXg()9>bsrCtx3UO1rX-{?kv?$1ERMQyzAOsI z%ditcMB#KvN8(eM7*b6 zaS(1%Lur&mR-}4is7ywqJr@)xj{*U~i3sVTaDSk*gPH$>#mN5 zeF?WSDzl1pUg&k4J;%rv#8Gu~Ng2zxw^M1({2J}Cmf$@^DM1|)qikE$A+b+j;aVSuveQ;J{fa z3`RMXn^{WKfis5Dr5Oj#7*&M|k?elpY%6)n17}}@CF;N#L#YF2s@NyHA2=)C%5u;1 zW*9CT>A{2Bd9z4$-i&c_;DNe;bR<`@BEh+7{#HDO->UBFteG7Z1PVy$Bo2ys*6cL| z(lcSNYT&y9CqroTOhmPbj0=bVWy*v1*ga+MA;Qq5W$#1VtD1l0q^N8OKgehV@Gon_ z`1j&QCyPB$XULfyIR5UxZG<{xHUfvtT7i$WG!B@l(#r3K4wsqa8O3QOaCRLoQ`|F! zLrDS-mob2OxQrf5so>Eu9xi(eb`_3OIC}$wRF#wa$udf>ezGhAR6dV5q!XjYB=F6CVuVHAX<%`?-UOVwcj8sXysJDdpts|Rn~ZQV5~9ru48`k z#}Flfhwvh^s`}QVORo#1UiDQqjxWaXG9N4a{-pcWlPcM|0r7(8T&UBF8`&6+tbm2R ziJo0OtJ?8?3*#%K3I}GeAg8;bo+m%ZJG~VTQ8a`YJv&lHbN}Z?+xc0@Vx`Z7o*}9fNdDe^uZH)sS9#(b}ovL54%xkIY17PLEUoWs>XOE6^2IN6kK8XBD44XcYl#ts)2TB49V5DeR*j zvI=8B#G4DfL-2mz*@K<-Id^v!m=TQJSJ2eCW8z)75XC!qS5KDyGEr5jX1vFa4B07RZPLm>%BiXsP{zRdW3tgLAL*!>R;Ua)~v#n~YmRd7TJnfA`|G zNp+nF3R9CL?OTMISaslHTdsb?d?9wzrtw;&)-z^spTh}+;GVH5pOjC*0udgyJ&(gn zt7vNx+MHS(b~z7Mu0tunp&Lv)@cNm8c3PIhCM>Nga>1F>z2 z^ZQSsMFo?Cv?3&mYhrB*4Rw{0FVVpEdndf;3_qV-(O$m<$4h^$c-g3kV9)&re=c7W zj5wE848<>wA=+`forj|<)?UsY;ui61v<^B+TBF+NAIDsH<8iDEl2*PH^X=24|cx@g_?h9629@)1l*l#6iZZKTrFMJgG|AlWVdxff2O?5 ziqB3b0OphJqY#3U5x8w6lWJ;57wE{AwfJ6L-3Kors@N0U3#h|ME@vkY$Wts@N+_5K|P+LPvQzI{3d37Pi0SJUG3B zcfu)TJj*wezVZsDY|7%P3@?rgEFmF{Qhc>jLR7Ui-25tSz)O=0^fnh_Mub@(jaN}0hm z5JVJXDVAC#X#;Vg;%&ddhx5&_Ga*V4D#}K}6K+~8?6RyCZbV$eOe_8cmmunR>=Dha z!|_JN@Wtn4E9`xF-&w5(3Be_P6=mJv8+oWAX*e5Wn4I$Gp?HD$hvkv9+ZCcJ1YF?e zza$6juk7qX9XD$-L*0-b3Ad7mSs;MBjyXk^xZgzNWBgxe<@K4@J39U)z`vcxX69;k z^GTWIflfu1*B+0}j6(m-ED!M7vv?~l&Xcki|0rcyC^z*fOQ)SXWg|%0^~$GS)>Rp2 zJ~(Ju!B2xQH?nXyogypJ`FADkFI?fFq~7Ztl7@$ENz_Hjc?=a=!S=8-DJe51G{;D> zq8hi$kFBT}iD*N1sKH;7b4OB&aR(!p2%SebA9c4;id3$Gj6F#erQrkVUhXw^`oc!uF~VpSirwqa#% zMPEjVVR1w|wa^%>eT`M7y`nu>p`C=W#G+1A`8gFLA*!n2swtj2zDXN9gB=*0Pgu%k z{x^7cos@h|53AjyqCN9vRwF$P+--Opob;2EGa0Skpz9BctCxJV;ctU^*uq#I&0F1@m&E(|?u`y) zcdM!;KD;ZUTf+%fD5=63?OT$L6Z{^=K1id_o^ zATy@mkmSPZMWMKBdEOOHTx&e|H16PSVcfgi0xTSS8qcFN-vBHW8v8~>F05W~FcW!H zWhoi%eSThZCpPW+W|n)DH1e!!&I{`ipgR)6D+T7xoKzbnU-k2FBQ-ifKI5^~2Mwk9 zyc6~js4U^l%=Rk>P6@CFL|n^%pCvzgEb5GAZh z@M~;Jb`zP82b8$&q-;BUbK6WnqzY1CiMYuFdwz=<9*OyvW}-qeZVjls5oYZ@tZM0Z z;<_WlerY6}xsQb#lar7VqR#fHo0@;wAb6^JS&c}z_gd}SK<}HUnvr$2!i=p4+;?$5 zDi!}N*e#P-?JVC1q;Q8qbZ1eFhTZ)_17oKJW5h8sBr$Pfoy9DSnNqkNxY>3`H!Nyl z^Ix!E*t=(c!0j}+rxSX$bJy7n*za@hq3(64Y6Q%aVZ&=f;pb50p^p!JbLdF3{f^UT zPdTgM3kw@?2{`*NuR{ebBH?eYZ-IX#{LX1IIs^_^j}OM92r&7=8$=Ro?e3P?(s`5(CK7-6CFX`BAauhRhaDDff~X2gTg@{V(?<{GwR;h{v}bN(jIEQdv;C8oA!WsyKnqOuqg3s z1i7fXQo9#RQATUD4n~|}a(@m0Y~WZhP%DEQFx0YL-qpq{w+gbImTveN?((Bm7DKY$ zzwq$DnOI-kb^Er{8;{)Mna0Q1I;9~PcQx}WQFW)oi_?0Us``?XlyYVb>xos0f^~k5t?XirIeg0+&y+n`tGC1d}T2E?M@zVAn@s zzpw@`H*cv1#WSUA0vjSuI>Bdh&O{sHSV!|~|%q>@G0pc(-T zHAapj$KZsryZS;__+W%w<;AO3aiCehoOj_T*!*5`6E3<|bTdx-)%YMGC3~z@C3q(p zm%SkVr@30btAqjmh5J`Ma2_E<$8*Q|MquV~AFpaW6op5XrDOhx${r}>>W*6ZI>O~XZj=@ov84%F8AeYMV(i+3uTb{4kTW5vb#zH*P%rzwxr<7Qd}s`_-t*FHEpq)Wm9 zENEga)5xzq6r5CTABG&{s<(SrfqfWe;-n&EBG~)`O4Y<&nf@oYk44eJm6ixlgx!r_ z6z$L&+Xon1aWnmkJOI%F{IT#Sls{JfB=P5F{^VDb7bE(Sj)Pd^AK=`HYcTEpRbJQ^ z09TKS_<)hvSonp%y}fg1*vC7*@wEGvx2=fxPQdZv<6ibgOWQ_|bo?^uhF#7hXFo34 z6%c|4;m0`-V*@_iJfagEzwD@D7{ug#z2n@Cl@rKHT#*rlI%7SrLB`TOx^dMMvHpu( z-MCiTM+?pJ%j$j|aCGawU7@|~a@MB6SatNGmsU4I$Hl|`PO_GR8E{v(tr29SPqKCr zt7N>p!wPi3#b!ot8vQps_;dot;PI+$ z#Lzv$4b+Qp842#t-L@L`c;nR>ho?)_b0dM;lgf@S)IqB7&b1?uUb!7k-KGo7s;+Xr z6S5Ci1bg04)eINw?)SfUdqu49sNLwqMI_ zw{6vhGI037xhKTu944A~obx<;gz?mVS5@nCczECy$Ab=F`|hZLjj?lNhqo1PojA^> zShKy8w9`Am6TCo;L*ZEF_swpiy^eF26P>(U;mVNnN!q`#2&CS;b$Sn=NPmadYjFcD z&l#xr(NAGx#M_@v zGmZ8dn1xqlQng;nU>~iex$t0lq^=J6aw(P_f_9 z3QqSZCp}gBw(?M?x?BgyKNrGdQZ~xF{{|8VhWVHN1ihl)E7)AP zI*nbMiQL|*4(y@phlf@$0PqMqLki|*drrb`$r>#kr;aCj?Ml*SAW?%SH^PB#afVx} zc3qw!4gO_cAq{kt!uD5qk3a_xT`jL&XFs}nKhEgx8;k3uXQ*Bpt`JT{zKY|PHI!H;;ew>F$fN#Q0Ccc>S3}HZHTQv#``+XbWj(#6b zADvz{p>^qak89A|;Wh7g-^Z;d*aDT0ay2a;i(;8Z6gGFBDySzsa2sUNgl&d`rQs=WUvLtRc?-(2KofI!}c$0 ziZ%~zF^UwftUP~w&YLOP41Q~mf?V_ARd%J7ygY->jcE%MDdSG!(_4ZsVr@$hEGUKNcOVgqn|?FV$g?I6roTm3d-cOD_`nlFgg zuQ9NX_X-Ee z$++C+%E@3NYWaE4uo8jFsEsy%u1SxU3!_s2r~SKTu(!`tu0&~POApR3XjQs`rpgc=QS!ijQl&`Gw znjqbh2p>l??b|s-22)0&sU<|B^Qejn;2CKYGD}Hj5@H6LT{4C0c!*tjc<-x9KF6@em@+-C!BhHF#{7rDI z$KjKBJdgE_H#%i)+|w&+Trnr0q9`E2aT1S<*@H21!h;aaomZ8&slWrlMc(mP+QwEn zFMAW7)f+w{-f{MZoAB1+%P0yWO?WpacW{E=L^kh(wI)b z6OsXVz^-NFuXCEC`p0a7XL%qhu3PmFFZ6d+)n7EHm3FnAEWN2bRNGdFi1t*WVhChi z8!-`|YPP|@Y$Z^_>__XDFnz+C@aOc$jD;GHN}I4f;P=-86Mo6usO$Av^TPwWZe2g|WO z&xBb|yy8^D^`1muEcRSEQgvPJUvM7DJOsk_B}IE5tx)Z2a&5KS3dl({BZ^njUgWG* zOHwE<=7E9QS~{lq;12CK>3vJ&V>udj!nE z)h_Bux%-sa^`u-*6{;x|Jv=EFNMr4ja$Nbr)uVh;&eM2OF62$TDTn(@jW^|5eWMtN zy1Qz$@gy5N2xzJ<|4q3olexq=Ry+QAZ6%7kgpuwPOt}SCUBhL&8dUFoPCR7=t0^_w z>Pj=+fp}c58ShC|Y^!SQ+|`-9-f6pSy93 zh5Nd@G(EAbvArvHGk3yHWE?FX^mRd_L0``G^!(SLy)f;9Y0seJxXTc4${Y&YKj^r< z38$@Of#=zeoI575N3PZpy^^xMW*{%DGkSbuMU%xl3D#5kc9}A0$Li#HY|+;*J2W<% z14B+)ajL7?KK%MQn&8{}?B|$sN~pWfli(yfZ$yLjUv)VgcnqV1 zEr5N14*=DG^MHUeLIeW_0a5@3fKtGHfK7n60AB#k02-YY;wnHlKm;HOFct7U8s5(U z2LW3Eufpyi;5gu0z&SwEb3(KS^aaEMZUEQ;e*-)Mcn$CY;5?wk&qA~V^aTt9j0Q{w zWCQGg<$(JE&jQ{6d;mBBs0RE3XoN$!fq-s+et_YC@qkP~G2lMHCcqxRaX>Yo5%9JE zx&itFh5^O_G5~hKO27ty;AtJGyFk+-z*<0kH8IR8J{^Gr=*d>`&Z{_seyi2xrT7hO zjpDI(m=eMEmTO2om2?xRJ#h!JB%tg^WtzvEyR2OnXg zFJg{`X_WFiJg0DYfz2kMC)?~P={XK%9^qz=&dJG}M$ZMpA##OXWC2r~umB41M|>?R zuI7TfJCP@ddyGiNpSvI3H5r(V79$#Pf&3s;BCckmj|)Sps6j`65eh28&?jyR9$4Vt zjz1f4%7<aKiw@z zH&3NXeDd+f81)cYaLGl^SwIb`)Ulog+d}nCpEH4*j=LS{l6p!~A!5u?e)2>n>=+;A z%A_n^rEK!4r{WWNnFT*K;A|1yL~q#UAhzr9m5KOr@l9?JC)!X7$j@}Zg`CP&I8u5T zN|zV?w>D&~!YL6k5U*Y;cbVg6e)o0dcP?Te2W;?1ZcPWR7Nn4mu+tRPnMN8p&~<9b z3&yLv%z{r7dsAl3bo#i`X;`ipOWpit+$O(cfbV#GGhfJi-9_gxc}4ts{YT`YJ{_Sh zI!v5QzBNQaMm>J_McrbSFXnc-Diu0CEL{!7VNo(ixixXA&A+~4fGa)|kIT!yxk#(w z6fev}_w@SziS$^KSVsR$df~40@*$IY-p@f?1&GrD{^fvc7nU5eEY@;Nm&3lIpDVu0 z=T{mq&xM4|L%Md9S#rqyq9mHRSeu$zzWRuPuJjtp?>yux^GmNqS)TJ$?Z8^nhB}e8 zlugCJJfPC)=u=OQhz(<6J)qYutfwe5m#**oxXBOkyD*+v;4*7DQa(fRKV8*bdL1zH zcjNyv@=`aY48`wsg9|48wdIi9XRTmIead=t2K=+-nF?x5-s&|oIb-IL9#5!S{#?F1 zFjid#DHm+B*?Q|SoAK6`^UIGn9aKyQzs(p6UD%rW9*SND(_#CZiG0aZykV`uwlp8# zG_w|G>%^8$=L}m9y>{2bP`YY)LAhcdYUNQYSJOlUbdFh%e}ujl^n0LlGQ$eJCGC&k zl?>WLZ$*3PfzS_rXccXt7ej9cJplUE(AR!|yOp3PLC4l`5db|1`pEaKz!dSlXB8cw zSHEk89HS2neLnO}&~Jf$7j$+bmqW)0P~<>QRAqzhBg;&tqB#Y2q+72QVnhi3EGRLQ zY)Y`+yBY=4RB)QyW-91wD=GzA5dL9LB>2Xdrz>AZtD$>tD4D9cjA;-g)`*$Mv%3i1$ zZ!+BLelu<2#PryYXF6ErQE~H|@ey~%LtGi2r|SmInl*?c7{~@x4@)AHg@*Z1A~CUd zMn-QKppuaN(STUnG~2AHHkIL{^X9nBW2V{jXq{}!x0{yHj_HmX<72!-HznrfD%WI(p{Ls!Rv?^!e*u32egxcw zho_gfPou`ZO`10IYu>^?pyd^lpo4~g1u5N$LwLz8+9Xkbg?$Wi}b=^aH^z79; zv`^o#e&PKGL<}4h88vvwP;2zCnAo`CBSyw2Tt6yt^q8cv>3{Fy28tJWNV>;C?Ts_*~usIB!CAZpFJ z$-{$kP`r3aNom<_w=XSU=3HK};*OQ8{&weGfB(nb_uPBm>igF`@Zj2Y53S$u@FR~t z_V^P|Zv5v{Pj7nW+2@|$yyb-#UwZkKSGT^lZTpU$yLP|6XYaoKZ@l@|+wUAWc<9~3 z@4f%Qhetj-`tc{9es=8m=U;qz;;VmstyO+g_3d}xpRE4j$5W?&I&=2i&%gXy^Be9z z{;Lha#Vh*DY6$+f>HptO|1b0Z_Zs4hyQ_xyf17?ETxyStRg}60W^cp%4>xlK%p7M? zt#C8rN(YzyN;mT=H}l`z%y+t(`M{7F=VmuE&Qhtd9O4sx08Bs|^Wv#lxfywLlkMsD zEcBsZKcUc8FlK7DZJIqkH#4tbmU2kd!;DHVv`0^~XU(xC<>fo_RXqB)9*s!EOndrt z+pxTOshB5ERx{)E=fu0ASIdz@4#w$J-Eti{Il58cBt|1N+NjaI8i_`p0p4+OaXwVx zp%~lHvn3+whQ_{PKxk-c5{@cbEQ(y;n`hh%CB(e^c~HLaAsP!`UueGgY6 zUR;a>ylyMLZAo!!A0MPpR#t`#3k@w!DqafT-MU63r4}PR5=ly0ih!1G#Y>A3N+6jT zGiLbuHlCNCKQ}+WPW)UE7!Bb1K`{I}z{s$^y)tspiLT|#_^esBJcm8H0Xr~xxEi16 zBiGvTqdp^O!907q8WV6lrH|%@r`ywWEO7+|c?FiNT+66*NA9#4=-(G$q(wD6JuAnS zVX@~~^73uD7TY}AG>1KXY7RU26LM*wTP9?{lAdcx&xfZB_-BtFncU0GPk}8x!;)E$ zHw(U1aM7s)$D7fhb|muo2I$zQ$3&qL@}>eGm-tv_J8T8>vvQ|fG8IA>xEI>&b~k5H zXwLvS8IJs%tZ7OB&47p-ZeU=;j&QRT6g2Ecye2^Q%y~Lv~DrX?mV7uvxCK1cFVN944Wk{(~@tlJ@rC-^8i%6k%xsy zr8n}3G53Z&XOgJm=H;W{={ct73gVhID;@cRoFRw6mae^!k6mdhoMD@q4$GXZT-zW^ z=NvUgydaLbGqUWq!u<4UHcNV@-Bw`f+S^fB(0giDZf{%eoUUfTdh$>!D@+L?tYkAsdo|t{u99l~^jA%SaizUiLSDd)*wYlfnful3p;~!OShR zbhFJtO_7ypvCYc2&%f@{=}d)48I?#n*D=$P%P}&P@Q78Gn8LwI61sv&-E*Jni3&vAWzocQe=b zcUN4kzqM}W`uN6>UTh-o@}=GqDn zIwmi-FfYdzV=u^wL(__x_Nzp6VPV$vTqB0@d9?_Ln>-K`23^L8AytTDOq1lrpjT-o zDq4HOHZd>5kz*T<4*BTxSs+t9>@}7>ZMTtIZPe4f5*<1AtYP!*w()tXSsAvN8JL;> zyFsJNUo=)379@i2LJac8gi!dTl>$Mos8f+R4X0`S|iII3)<(yu&vF}dBlf=vtGiZ*E!BoQl z=Hr;SM4Fp|=fE;6LzO_xZ-|~=qhb=%^C5+h5Ky_@YaG&NK@=j7c~ zI0|PlnPHC1O!VZrUXJpgpI%^d6^#bQZCWWXS0Ms{gMz;0bE^kn%Hax5bk1?OjmF3|(L8P@kNzyg)Im#|5^v z7IY{4SN)d*m&*al(^UXdb~x8Tvp0ZyuY3T_0hmWu^Zl41SM&Y8hR*$5od4&3F1m4z z!gOQ23`^Y~z<4Rvv}*~t!T{QL0MI@hz;Bice#aQ!sOVLgafW@ep|b{M{1X98oBK-` zZWh1-K$WZZh@l&#@FyMgUko75iw%7Vbkb4+pnEBR@vH)HDd7R*dmVJ*w*kQP9tF_f z3jose4uI|-0_YwHrjS1b@`cJn*Ic^s>H0R^FJ^x+_dn|2jK|c?@c)}ShSN&fS6ap8 zz<(CkfQu?UUCTw)e-^L*sn{>RXsu&#@kP`BDGdMf>0DFn*zT1;2~W z>sD4n-+Y<=qYeLC;QzowCmw1izIsS|Xwt>wU$jnz7>fpZ?9rQ!T148>?4x}z^ndus zXUBgQqR%27GtRTdz}LoOc=r^r0k9TuKj0p~U4Z3)QosU0J|F`y8IS}R1sDm41y})5 zfCxZ8Kq#OGpc^0r4TI=BOfAQn@_Of}_Q(lHLX(eC!f)DJZ z6te^Q7nQ~5&bIDRu3wjg0R(gHfhD#aXgE!Br7FzMqkj;xqRYhh3Mco90o z9fZz!H0Wp+n32WIoIvOti{bgeVrWX~>3OIfBX|_B*svC+J>$Q*0ekwJ=O!Sgf7&m- zi2Xemv489$_Ag$$xKjJpOkFUTtcw~N$yu(A>=$2kLxLE*J zfQOL_FgB=q_39-?j2IzOQ&UA&R+ex$9HN*$i;MAJEbh7I9`Wd-kBXOGdP!{GzFmCy z;fLb<`SYx!lrQBOAJzQw6L-8->?i#9&YgQeeIAe}Yl{79=FVNPfF4fDw`vZ^x6Z8aS~ziJ$Ej@wF9^%LVd$l3f>TPQr2WD_qhwIeZNIuxySgPd%*V`!)In9eySq+ zf9pVI<^iOyzE%90nK`hBpCZOz19vL;QT`d8D(5V|YmokdJ?a~YF#cmqU#YW5AJ=mn z;G!_?h+oZtpO4||3_U3Pm((nKtLCjUjDz3j$4!ohhngJ3k8ht>_qV?8{$RSmcu*ZfBe2a5xNKUeeUf88#-=$OZlZc!hIVZCC?$a zngam-@2nsH*14Jk#oOr){>a}ZY&%z@oarC@t-Sx7RL+Y3j6&0$>0jL=azuAl@hjXI zIpbSusO{=g)C6rWI__0Gv{;BBH}Hbl1E56XB0Ama&pjODX$Xp7FN=i-zzfhA;139r zl=A?91@L=v-mhOjoIS$H_T*%7%PqGk+)No?xpJj=;)y53^Upu8Wc-5YZB=QIgqcO(|CF``hN1_) z!d*VUW-i?S)r1KXwq=g$_ayYRnF+JUNVz#pE-LT3ZPJ7^Q6$%I+dP5sy|jYy7fJcu z*|VF3lHyx&2Srej3}_rAg_i-K9jt2@Oh5Eb@Ynf79$6KiP!U~1b?)3*goK1(e`%-~ zJb18(j>a7f@$rgxW5})Y>)+|v_fb(*wKNc=r zDAqZKiYIRwES_5wDN3ftiRCk6#9evOVs(L4ys~(Z_-ApvxNq@P@xnd%V$U7di-YTD zif*q-(PO6+efCH(bhi}YZ%7gKjueyMmLldoDXu>%#n@v~6aprEA;qMxrI>bHimBg9 zv3T)fQC?myR;^kk?!NnOaqqqNiu>=sU#wlbRy_Rh!zzC_ZQ3L@Z{DoxvR7YyRUF>6 zNi6w6ip|why#D&@V*mdA;_bKJ7KaWU67RkDo;Z5+sQC2LPsPcvj)=oQO7Z#UpDVej ztgIBLPktl5{8@_X>S}TJ>{%r%WUFUyw5v&&(}d9YuEadxCI}A-dy8twsk}lAmVLw| zIabVDJBYejsw6FO>3|=Y3s7;uEMEL2|Xe(t)u?*qwNBE}@ zemlayi|{Ah!goPKr4its}aJ`v#&S9KP`&u=N@vOYqt87t(|vxVHT3UNLo%@{dxvVn<4v6;(FXmU4q_$F(r&^X zAqOD&)wnA|w!BfuKKVk9y-mp3_Y1k|Ss|a(dP=p_c@Y4`}4#F=*_8NSS7_L z&qz^qs5ZPW!jl76BK*||-vQyfAbbymAJS5a8~R8wd#n`8XCtmvQfzxhilc{W!`H1E z(sbo+851)sdRTOYGnHa0EfI(ir}!eY25B*w%g3`O*DG0{VZMW^+kht8clb}-!I6Rpt+(J`?x z2v5v<^#}wlaO|Gt5$7wcZFkcM+=aQcg3G}W$RY0t{xVLU~ z&GiOuqq-9Xgijk9oj5unAub`U9V2KP*rv@@etv%KM-fN5^RR3pQb}u9$3q&~K=+uq z#Q21S#JI$uIv(KOwY!RcSYm8KTw-kE@N3&$X(WLZ(yr^)a}?-j{4pvClWS>Ffk1&@ z;Gc@WPh=ukoEVposEANFn*0a;X|a8*L?IzDF|FP3;jLP=0ue6vwEm6Kti9uq#Avu* zJAAmJvc1ba#^1+3qD5$2LTn<$< z;$!*^i|Os{(R8%oKwibiqPjBN(+2hqXwt~Tqvc3oNE8zjhC+~P-J=JDhlVxr^1UJ+ zjxoa^%l-Pr#MHW{r45T76WOA%Pk*Eklg8NNV{6k-i=o_&iEQrK*h=@9p%B*uGdTE1 z{y@O2&04k?lNOUWG!nAra)!I9Mh3JTm>3N{#=AL_|FOyk><5I!M53s;JFEDSzX`Dr z#Q3=ILG_&7;zvfuM-QqS8s(#|N~{w(>Q}kF=$wD?(BtS_YzGwU@K^eCMTnz5$cFlI z#bRi^{@kVeDQ16e+_-V7KeEU+!qxY9blwoLG%HTrQxGGbUlJ!a-M2^#*oQs^>ba30 zN|A!T1N#i~p#S3^{}8KJuNG_8tP$(htrHtIY*2lL=bn2`^#@;m`DMYr!u#7F6|2$T z*o3~q?%lh^JMX-s`UWSyI3~XM;tO%�gPVRVBXt_FM7e4<}XM;HRH{62JZSn^<*L zif7PQIP|MqJ=?nj8oB{!=uj?KPD4XC9}V3dXy_ghE#>o~k9Z!as}f`w{+_tDX68KLzaj zZ$IV#WIu)Xv{1Ec*A9h9h_-5$vt3~4-o1Nwr@f_JyTEoGx(5ZcXmKt2!)-fu>)g3( z=iV&?{I6?{?{*zJb?pkjEdzpjhx85+?K^hw*87^Ky<5UVi{{O*ZQr4Dx8BW~cDvTF zuvofv@9pdB*9~E=yP`$&c7biW_ipCv+q8*~kKc9v{_VUQwd;OOGvB7P=p7JrWn+)V z9pSfk?`xX)F#f9oJzL?cS*NB=nuK5+(4q6yUhUzEAlKj<>4&s$-L+Fl@7^I@fj`pk z9ug8964D_=(bpb|D}fz4s83PkkNaL4!z2323Ot}Uq-byYp?`!EL26D=pnEQE26zYy ze*cp4L}>Kb)iw_F+Li7DohkoMsEbj5skDi2Gr*NWK|vj$6M_L-l@4x^4YqULIeD~dV zUqL^1`t<3O7?+;-EV}NBGCQX2X0%mo8m8 zK_{;`y?i+;aMGknL;FL)^VOI~yaVHCxoz7v`SsUdOSGpF^DdmAlE;o6lNf(Xx`PIZ zG5DvNrd5L0&)2k(kqU@%g}k1M;Jf zK2mrhe-!S_o8!li%a1?)SbdWw6VT^TX2{&>AAb1Z9OUj-#Hs!A%P;cBAAdac{`>F0 z^yQad9z$9`GYsgw6Xh)&IILjUKZ-y4Qxa*pfcTq0zM8;1F@gA#SJX{2zX>KC)QOJ? zz*(ArJeMYzcBcMk@ZYs-*K*`zN617eY1z4Rr=o%Kf%zuMJit7Yk{9C0GJ!Iz^uvb_ zO9IOV^Mg9e2g?q_y!qyviU#H(%D-ejV6L81xGsh7UtwQEca&i+@?UQGZF}a-8Hr{{ z$$vydL>J02fq8&=Gx^FZuSn#%M4wreVdeqz1oLVNi2J^M`y|WCkt0WxnKZBtpuDl1 zFpr4amhYvs9mNYF@8I>x{ZjVEn@S;g*rV5WDaXAbU0m`%D4NF9+M90W}_0shy2tkW;pG?-x0(NLb4w7App>#x7cLocn74=+fN_st$E|B+`^ zh~0=+O(uMa2XK!|nMfKwGRiY#Cdw?&tdmflStoTtIbeD233+0fK96;_253DND!RdR{&{H%hK|43-ZR4pB6afGK#7V4^`o z(lIGV0jH6m!Bw6~gHfJ)u}(sr+8K3H2hb4oqF%Qmn#J{KQ22N3*wI!0qm5@fe?fk* z{IWeT^MmDq-)1=>{;2ol_PaCWlk=nGBXbAKhd{#`&_I=r`g1a9xB+$i_%HCZ)3Ms} zOd8Dc%sQ#hUhsXFl-H34@ZW+r3&x!Tu1-oJogC3-f^OfqR~q zv`{DhtS2`wj+Rf|8Y!Ou4G)8cb#@*9!jn?ojK?b`Yk1fLG_X9gPD((XWR_>rV3udn zV3udrN!?yi_@AwhKg${07xc4SKpIS_Pls7n-07g1G*G=zG*CXfV32(3mPq;dJkT&_ zu>7g|8~GuMGigWz4OnB7scz+&brQ>SG|B?&qzKeWY@f|Ksp~epo1x=hzg}uf{L#N( z9v&Xv5q*?W(!qL>I%S4*u+KxCw9t-it=TW58{1p<8K_<^9w@gg8YrIu4gUlUkAa3) z@6D5^PeOPuLsf##S;&(Jw$Gr!>|=C&O%Gh3|Ew=e`5!cBP#5Nf2`sO~o465olNQ$f ztnWFlVZF(=iftR!YfB>JOQ2!%qCs-gf=Ia$G}JH8e@C6PYF4ydK698{niV5UrpL&l zj9BS(+$cZ$@Sr3O?tKhZo>3=JHH1IvdnNzCX9aO5Uet*b@n(4-pUpgB9q-;hW`Bq@ zQvP=>9U`}ah8ID@^9w-($^y$XX<&I~opdkiRnoAMG-MBxx6c3#nXz(FMx3I7c(RYd z_Sx)Xgrj|fxPte~NdxtZ(LtIhTMVlmdQR>v9U!-ZhF3s?D$k&Sb&^@0 z*P>3kzhJ1mJKrkr1Pv=d!!poN202=6i&coSPKtKxV?2j)4|PHPPy9{!kBp4$LL7)E zc7?cTV7|E1aVc7U`>jTPzT-am`tlgLtt3LeVw7jrNoIN8fI5jZtTt%)8{}xk%xGDj zrPDw}RUZTW?NNX=sISgT`DQ)Y=Vx2yIojV<*vF8No16Ovab3_tb~GpK|pvSe`44@?0<6CHp_bpLsuWN?#lKr~E!a`}c z+vW1*%T>9?l#i-+*cWPu7V@5L1M4dGh1ehEcz}xK`M@I%S@R3V8|&w&_SwCUaj#LH zSE4LXHH55bhq(%W^!3N%TjAfcXV3oF+LMc`jjPa)R{8MILl4O@W5!7AEs_-#6%uPo z@~*q?QuuIuPkxgIwgqe_C|3lIVMqh(Q_3ORLh@+0GgiL)DDgid-`FsxwvU0bz&-}c zGwY=L<|PvS-yMHp?ynq6p^GU$ko8p<_lIL2%tn-92{(y5=p@R7rE2 zybF7J)I12&Hp;TZ9!0+6DKV!dueGUI05`u3Ws z^3^gc+Go9w!S?ydg)#DlJEzN!-`pb4{Pfdd+r-gG6Y=?5(Pa6V!i#*?&TABpV*X=y-#1wVhr z{Q9HwKa2}ycP-{9kKKCft>=j+_KhlFnKo(Y-o3lT-ZhmEY%?hH?E9E>5MSa?nJ1kb z8&GF?U>RX~F!O{uWsrRnv+d#7o8xE5%O9HmWZ9zpLzdQIzu0>$r&tk}3l=O;`9K<2 zuVQXl-f+VW%AR>Z8cZM!=D3$*O7^iS_r#MrWr(zy@I~=?7dUvHzp=VTCG-z-6<*`=*}=E4b)A!GV{bNCoCVt-P9>Z z95Ya^*bijhne!XKpUZ82fXh*;{si62u>{Z&JS=5--nwmS;4j6nHeUwa$M0m}f(1mk5L4BXEnp3=a;Kr8b7AelT-UiArTP!146^@Y@|E};J9bRrgS?gKTX0vgDi6qS33*d8z&46}rhfvzNdxOq z@|5-ev(G*&pL*&k)doKO^wTOF=Loz z9#`<2<&8RVVZO6ofSjtn1lCDZ-HNiV+BeoUlyAx$@n<<;xn!PDPM8Or&!W4jXlA_3 zBjyL&bI|)R@MgWqb;8S43V%~hsk_TCX)uAfkuJ&*%fjuq-!4&SNw(AOiny7;Fsx@- z7g14uI3^+xchdFXgAa0!aV?JV{88LVqr%_p|AXJ9q`|BgO}f0QN4I_=p85O;HZ1Y@K%e*t%eKhrSBzi4|_P%ha9kq(wY@`?2a>pHea z?s-DqZrQR$-gn=9N}kDY6G%5@hh>NTCVo?97$4gL)R~XssMnw6J8`FKOMKkhMdEJ) zX)xhZdBQlbCtAfr8DkjIMtmt-+fa9s787^$PapY{@~&fD`>W=EP`=do7wvZ`X(9iq zn{-e&>7Y)YvVLJ%ATV!e$9!Pj$#Tj(V_n3x1g=4m7V;fw{F!>D7UQ}mg}*8P=qq#~ zp9q)A6ZY@f{~=vmmm^TNsPEacN7cLJ0n01po%pjHKprRgf0P5ZM{GOEV~#n=d*%cC0%kt&n{__xTGnG2Q>b+f(ERVlopdPqcbAR& za&CT`<e-} zz?9>@8dYF&p(egFG(FC#t=L&xbCqzCmEbu&IQemA^} z89lzY8~X9Tq8Ax>N?rFbbT311Z0P=m9%Sf44ZX~kwkA{6HfPL;O z0WLXZ+@GG4at_vdMt-2Lv2iY#YYKg_wlf)X!yo*pP`VTjq_sV6-yeXn-E5TUbF9zM z=lluvZ6(@*Z&5EDMgROE%#&rK4;%~seE=QN-#9rPYaCoB<6Ni}^S4~{=347}r=&c9 zSvj0XqWT{GFQ%?R9ljoEo@4#VI+Eih;y^IhFpNI`dDN??Q0E>-z4^pJn$@Y=;I@==F)$Gf%pF%g9sU~5q ziff)+YvURZ_b+gbit9UE_vacL)y0U1eGtb07=z|wypYZIm+czIxlEV+X!69MU-g~z z81-MSm)(fDTdwzUt?c<~ch?5ZT*Pvh2bDg@gX|*^hy#K3JApi5`}N&dN9Cg>DQaDU z^Wjuezr%XhH~PA1GH~F!FZV!jZl7zuraW@Jm+OpC(BH2slR<1#Fn&!(KR1PVn7Az-UcSMmrPxYous9?B!vsJPb2b;5}#BT)N{ zJPBeuj(L|{oWILv+e|QVV4s6LVc+_xMKNlvkLxp>N2Frf1g^bu{g`Wh?()dJEL@}E zS|8V#D32jqRnRkL`s@dp>x*nx*-tb3Zze7b!FgrQ1+K?@Cf9s%mQF548FR;h@|aRj z9pp*+@Grwd~GSWijEyh4gQ9!#5ZPMwPDZCoSadLh@Tw%ncnyK9Eu{32z+ zF|2t42kz%#nc$i&l}SJQ6?o$=x2UKnn|)A%i3jIR$O|gYuXC-5YaCoF<2n=9H@Hs5 zH72fYaE*-XOADsy@Q)=~k~k=N#Ja1w_RaX*(`Ow(VBdz|jt6mJ{_nVbsN{Orv%rCK znw%Tw8Vlu->s(x4;aa0w<1*4;m@%A5sWM^8<6!Us%9a1@n_(Ry9p^4nSQl`-&;B{- zCNAUw^>^22sdYoHS8?r@Yld8Ve$ZGiWSQXl2-gaWu|{R`fQh-+(OkQQa>+l-7S8tO zqW;fjS!BJ#aRJA6tsa+4oocR zn7)ob8EJoVmNu?BD2V+_${@=j`~1|22Z8(`5D)T+`EV(9c<0k<&6I0(rNDvfrS;SW z^&iuBI-ThcJn%pY*M`_1Cm!TE$JHEDbKaDAkQc0v=tjl$TkZoe%S1!+NPmW`HKYZx zkB#|?T+Fx3A|LL!;|^8tvEF6-$NHbLKz>jbnKp5uVww2d_Ht2dv$Zw+BEJ|kjs`WQ{y}0#CnnCfOwDx%pdaRly+3U zvu>t*sU%wM1u*6Dq4~q*vwzQ*RVUCnsg<=lY#1_R2%a3U&L$xt& zwI%ekB=&tPy3O$y@gR^N#G`)R5I?qCtUEX^MfCjv?B88V1#t|D{>L|5OXRu)&Y4Qi zzY>Spvu7*5vp!%u$hb`zU|Osf%(9Ahq6X_S(;>@+=p&s+qTKWJdt<5~@(R3PiAR_A zaE*s^^f>S@nHOANL%XcfVSj*pXZi&8$=F9Tb+lE#fSKuJ`OUdp${^>`xvs(TK|Ia5E9L>~1%@Lom05v;LZZI#>{d-{HVwWbB>q&Wv;2P-wqn?N1~UTHt|#GoAOM) z5{L(Z>9IY+9SN##;9gbIPMKqVk=LY~bu#8&9{Gc5tMr);>Kax5H-v}T2gaELiSv$X zu9*Eo&N)#Y|3ca-ebQ^Tzmz4?%Qy+F^H}Cswn-;tjQe-E_X6hvRQ>QL>1NtgL8QMv z-`)AoJRq>{W!=Yo#+?w9zwa;~R*pD0fAVJ)&zc1MNnrWjzAWWsUU`f%3|*ROuL=a18u{-X&9Z#?MdCx3F$v zIU=s?J5aU{zPdrK%G3LX(~R*O$B!Jpa;(6yN+`xk_X01jwQ@{O+$sM|_whyXs*iID zW3bi0nQ?F|&aoHgA~^2jxHAIdPR>!YPer_0Z&7g!!!guzf1fQGhr6mm70Wpt&LeQl zM*cCM*aop5MD@yTajL(?@dw8q9Q&}Z%kjp>`^zQc;5d9F@L>Mo?isbt%{q*HIKF$G z+)_MPjVIZ6XTP1}29BK;+D51}l8;IG7{;|Y=PiqhiqswvuB$OGDK94fm1q1M+_6dZ z`xj#DV<-~4nfyb$pz1BI$#MSx!N4)YRc z*A-7$S2Hg^+xd`ucF72}pL@-`>*X6SKg#4co8fVGMfKHKe^G8&Z?n(E{9t|Rjtk9f z%gwOV>EFzM^3Lpc9YZ_G^w}P9oWQtQFQe@*au3gXns_rF@&fLvJh9E@d=kTQoXxfy zYcX}gGM+_^H%12lgqHyV`o+NXL;nPS`t`s>rp1DHfKgfU#x)Ot8+6qd?_2YP8|{46 zZEId|)4zDvnm2AV;+I9;wB}>@#25TDGJIOpEo+TMRC-|{-kZ;vZ<#kMC%15LM@K>K zpu%Z0Y_rk}d(O(5R*+Yimuc^br{e~t7tZQ6r%y)<9zD#;v=!P@@W=yRGa1~mPp{C9 zLz*|WSfcC&c(9)DbzEj_VR|@(EX4blcm`y?ipK&KRba#0lz7=9BdH*34qkznZYy*- zx;w|Ir!#@bD7=rCW69y~;Ew5q@ws#IX4(omS{zx?)287uoWUJ4({l=K9fw5qcEw#c zuq%Ey9~Yz^)w>R^QN3M6BY0GAlb=J9qLZRyW8+7UxZwuF@Zax$A3xap2tYaT32hd7 zMQBiHm(Y+hF;lcd>?zC+xtA-=cPV}`rOm^ zT;C>Plfv!~+Zgsz*q31^!(>=^zl44%{qp)P==ZmNPxsr?@6&!F+$X$icvSer@HydS z;dh2V9sW}I2jO3bpAYx$-=crJ{@3;I)!*8GbpPc3kM@7Le`WvV0XGdO8n9--_5p1p zx<-tSD2iAbaYw|4h;0#vBbpBEHE_tll7U+W)(rF?)NxSQpz(v|4SHZukI00`8IkiM ze~SEn?VbB`R>c{|!=*GvD#8S%6bem)QjDMIiCkL1Kq&-` z7-<|Mf<&MgFon!Cw4nr&!H9uUWNe@*MD9qS6oL&95om~k=@aPqKXfMVyff#w-Ti)^ z=lSkAXV2NQ$!s>;&Bx}nNwt&hOuN7?w(r ze{g?wb?!fIoiFv$(ES+NS_%7Bb*xlG151M{(J|D7TF@UX=%j9NxOZEz{gg3(;DoH)1($w>6jjB?|)g|>K?eub;W9FDbv&q~xLoBw&WxH8! zfh%+$x-G8C9d~D3o4e1)`hgz#RKLPE`Hsb>$-p5RGHNt>7Nw#W&@_~TW}_vj0&Pb- z(RXkRPQs({7(5BX)Nte zAEF5~q>s_j^k;M~T}CTt3%x-Hvxis$8^tEEJl4hrLe8c0X}p4O=XLxa{1`vY&+}&f zHNVNbh-mRW(O3LX3=<;+6G}LdBu0y8MXGpF%omHr8=_FG5buliVx!nBYQ!$_si+q% z;)b{{z<~@BgNk5Vurt^nv;^0KwxGAnlE09@l|^!!{7CMSk?`ekarnD%OIQ{DL>cvr zTB$Yz(}O^@QC(JXdW25WbAjy_x~Ji0q0RszX5JRKj$H}MRzfV@RMAUnuzAa@3cJpg$#gbs&S zCr8n2x}1JUt7tbij;&^w*%l!3oR}?M6(5OR@=LiiY*ZK2br{bEbI7DYMEm(Vf5LZc z_yGT?aVQ-z?C=+O0C@(YR8K>e&a&9stbv_iEiB+8c@EF#8~9#+gGa;i-9(WtN`T*f zaY1}P7#U2GKMkjZOTuO5fW613_*}obLl20_g~Mz3GQA3MY@@enSJs2YuwCpNyTbbL zOukR754HwzGF{G)TV##gE04&t^0riAB>a8&r|{FTC5%%~sv-Ijop0VTtIa9XY~t<~_}PBGU+nY!GJnIj`;Lp8M(DR6xLqMCM&;=5=;WQ6ZAIPxSFag38_&h% zcpKh@+i*A1i=>e8BojEVA*JMRxmg9;H}Gw|0W$0+zgIjZri;Yzg>X%{J3JdU zhuzdrsH;}BP@mD4be36c3d{}@V~tIU7DNhcDwzq$z5^RT&rt$1N{@ACJ)pU_(ER~u@RE57MD_?hMZ18L|C4Ry zkBTwi$_?r~D2UMm^eCOGr-Iim(`)q~b*(XF+VnSLVQhW8gmF~*<36h7?i%z} za*;0JAM=YmMqCOeswpZ{WvOiSvYM^tsw=8p_0?3*)T{I`^Cnb43OG!b+v#8nx~LT( zBLVfmhw*pGK=M5K4e3u)!27P!32Z)lmsPUEY!Hv|K4Ku$=!jsvjL7+NojfL+W%n>X zd?oxKtPUH(E^4?6)imgDk=m*1RZoq<*{14ZT>=$&&>S&m%)Ryzn`x)pZ)}{K;HJ8v zez;fuF+aht^y_^ER3Hqd_U`w4r-6eVLS6C0_&WXu#^%Tbl1QJRf1#hzAy8i>ESu*A z>%bju1p_1tbvR4SQ@>VA)N*xLK|A$#+sVPRU_Q--coaZ9&fz9}4S00dJ#{RQj@JpA zX#-A?0?a4tmvoMvqZjIYU8q+8eQ2lg?t`@DFh1C-@6PwhlTic}pfa=%ayc5ukRP=Z3jzp~_SFsz4R0BDF#ltF@{`m8vpTt}0Zes#Z0sR_#&y zR2^_{P)F5CaKLk_Nj0k$bq#W=T}A2cIvO%JNM{)x=z>Y27OdZlWfvV#N?W_ zrp%O^3R7vSO^vCwd#rTECAuV+>{7n1xQNSvnQo5Dbqigd%XbB?1kM&ZsC52133L+Z OB+yBqlfeHwf&T)jA)JE% literal 0 HcmV?d00001 diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/w64.exe b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distlib/w64.exe new file mode 100644 index 0000000000000000000000000000000000000000..46139dbf9400b7bc0b64e6756ce17b4eb5fd7436 GIT binary patch literal 99840 zcmeFadwf*Yx%fTFWXJ#sJ17GIjf@Z!jhAS=Bo5RJ%*Y;@2v$*4R5Y5>N-GUBf)zD! zCoRKvTCCc7THD&|v8VRfp0->qBm@X|0^WkC;C+t+8Wocu!hXNc+A|?wdp_s)|I0^b zulwa$&w6g_St~U+FLk+HE>|A^+qTQKg0K9mR=@xIk45&7(W{2I{yuQ~nJaRl+t0jy z&Nt`#=hff)jru#j?XSJ#JKwoC=D+i9e|`Kr{%?NAADVWZ|J(Q8b@v5@g@Z~nO?QmY zpLpWFv)Z%&=U1+2f0Fo*(#iIJsPCigAE@t&_FwS*#gKorKgRco`_69Ps?rx{%D<5L zu2$c#f3tRuw3(g3^sviy*Y^jw;%6V7l}+n%jd2am9prMoM9P0VsZE#jEmGm?9QjB% z*X8oa5C5`Xl?c$1?p$)J8?%)%bt&mIlKn{COo{|u3(v@LO_0FS9M|ur^KHm+y~I%Z z{&nTJ?qUGdpSfJ8_a*)x0$ncGCTFPsvhW45yBEgDS^pwGG9a0|EPlU#ewS$o1V8u=eYEW^?IVIw49Wvxn-3=JCdAS ztS6(T<)P#xyTaBJp;Etf>6uhX7IuFLHStyMm-?MF@rN3kXl{w0r#J77U9Bg5M=7A2 zTWw!~lu3A+GX(~##2@T)xzb~!NzX@8EO~utd2nTsE5}u_xjj@me#Kyyt1hvq)NgmJ zlm)kams5UQ+qVC8E{vFg`1;L-l>c=u@oS~?!gJMJ=F){Tm)+5m<}xxnmue}K@ccDX zz?sYHH#2kj`u}Y%_fVd>=!sdSUOf>jExJ)R4){&ak&Eco{6aTBsn{DeH%F6`zSP!q zM9j_BFW7QXa})55m6)CvRkzy*y(Trrj^fF8`d?u~e+L5xO zy8B4#2Vli&$WWfS)oMS*>6cC+6i1pFUDxq`Z_4x=GTS2NtGc{bY&iUh0({V+7Xyn#-l8VTQXDI4WA);RAYE zFLQnG3}>!Ub0d8+Gb=!!PDf8V9Z4@2&`VHT9(L6QJU=5j?x``~OV>$j$)76t?PeY? z0YB^Uue6vNk!^AE2}9rWrEOo6oKoYMlfi4nDYrfphwJig0}~63*H)>b!*$UZ4R!^xIqxL9714zlDzQ( z!KT^PkKt%~^8B9);;?4t2UiN^V92`pO2uX=GhR>3WheWZ_PSinEm~6(;9M)aI{hGs z_lLt$|N7E7LTF}M?=Vl@l&DG6?6kU1rPki~*Ht`S>NFoUzuNpb)qH$Zh3tjW*(~WT zG;LiCm>5`mW7?xSRqa?W6iPR91P$rg30=^XB*|X5kHbj;ncd%v-VB_AQ~S71BJV#2j6#Z!X)6?OVBr_L9C)6g4+lw^O)cx2)ql z7{(lH@-&xgWw&kHfNb6zIxV*7eC`21b$U}uR^+3MIjOM9E=Q^Efu>%iKt+E zwA8;+1TWjSi#k!tFwOfIT-0o@*lf-1wQVyb7=C@}OjaY|x%sLb3O`L@!Oq#X?{FqK z)7Sz$=4WHFPo~>GL*hx_B4@fOX)Y@1r;?uCtFq@nnpkP^jnMlWgu&?Mht&EGwG=)l zS$)WSa1D4vilVq7ZTVDh9cWlqXB-|A8y7TRv3@NZuq8f{x))2`FbE$hXW)8rL9w=ch;%trI=h6< z6cW;-+o6}2QimE=jubaG=4Of)NO6xdHcL0(tP5406&tB7A1vty;Rv)aNH^MY$ru~| zAd~Tu%7}UELW!}GDeS<1B+CPGWqxXWa1bHTN%mTuapjo!Idw*0j5D4>3Nd^c(sv{~ z+mg|qE5l=!6_g0BfIX<$KZY#BF7wwJ51%n6Hu88wmqYD43t`40EJ3 zp4OO=wtSOS>?9V*xV7c(Iwts@p174xpx?SV7nC+P3XKus;)i(8x*a(H(l8S#V;;z` zu=qIdPd-~I+obWpGx;)1&puz4jw~G@n7i|3i1ZkyP*+tM^CYJoOXq9Lcj`tLC0p0izuqNlB2h;@tp6Dp!74QX6Aj|sU8bj}~qP*oVy8mb1x2I+RI9@td>QQFNupg!_K(x=gc ztoYBVT)p^mMJ~&ZM9ns4vNCnlbiX3eFhB0b$hZ2o)WB|3j(!k9$P?v}; znyx1yt94Z@M+_8a5nr-yfGB_p19fnvuIlo*1#XR1GwAxkoXvhZ3;fE!4M05&Qz zPBa1Mx2|Qc3&o2-s}ygy9zYs{CV%x`U7a>sBq1sU3hy{2#}yx{x3(75^|ab{JomFU zy>)X@YR^b0dWQdJNcjvA!F1^@Z0>iog>c2ept(UuH+r&#MHylJY#dzAHJrAsvk6wT zq#6mUGP_lo*y}_fjORMB9oApYl!12&FPtv>xzM^nwZT%l(rYPsL41rgxvyD(CvbtVOd8dWk0ASxn6}95;ohA{Z=%PfY>f7kRYXk z&XKIG)|;7cJ#7fxlDVY9(x4vLGXH#~Fe+V9t@|F`RMXFuv9)>iz`pu}U(x$iaS_H* zEB8n%BY?%Jx;Ypy$8zmm*_x^TH8b+Q)0Hvt;_2){b59IgK;hYht#4hZ$c$GeKU@-? zynq2GeLvnUpTb%`)B;u}Y^OxJWOtNRQwd;(ZFYMPc&e~UWl5X2}X?9oo{(xpQbaG^v_t5(SpLsLKh!vxl(F< zr#nf7lJq;0mWG?(jcE>a=8Z)tY<@R>R=a1{nGR5#j2p=aLfP7&XMAnnAGQlxvIO&F zM=u0dtFsy-yIK}&cd8B%e4B(>ww%;VVxpa(8|0*>s;q5FKqtvum#UH!XRolgUcC^M z+iJ}NYpB1{2H?_&b*fWOu=jFBH=<@M@R@fZ7=h;0%c#J*5!O%rvSgjM@B5@6u3SkR zYT;0a?4Cr1uZEi-|6A^IRbFV{X;mb|eAe~S1eiD2x|$Foc6Gulrj--hU|Ver7E^F{ z{9$X4Y}~};BHdit;*uacZSe{fn#u$BiX}USN$Xu+770!}k1FicnR&6tc$wl3&h1~csLzT(hIJr0n0j((aGwtD={$uQu z|K=e7&BFk+&>y@Wa$Ak$9|1>|wJB(>uMw=?A_Il`j=|1&a{{1^nTv+F|i4^|Bsq`RQM)GmZr72l0FJg1kDT%`c*h(W{brRZ@#z zBpTh`9;>cHcL>x4I%6Btmmt`Stm3y`y#m=|xuzo8@=mLrxDu^1wFXHokJQ?Rkf|+i zD{Bo^qQ4>cuuA2|uLW*L1vjUQSe#)wNH=p7md=9d0D|!qFr3{{b5E7$=JSE@0$>pP zUS|GGIy?W8%>1c~F5b-iqh+s6)|MBXijJgaby&@+)sKXGN}chAO8Y{kt@B5Wb-59H zQ;achmN9RMt=E>X)0S^8+XUiDlc=E93;^l0f1*uLXtr^9|AIx1>7seFu7wYS?v3Yx zD6Ev@!5WnI;mn5DdId+3`oF>Vvs6;uw5c@eIeZv0TBr&AeL zTH&=b#NH@Krzht^Kohs}f4ovpJXnp5Q3vnu9LRJkHt2~ko4vb6@bc4)Brx3Cj#V)$ z3EV_DbuXmaT04Om1vb_XKt-xZzZNmWE>j-{jIR$O6e63g5{e#Dw3r{ibpaKkwflj< zmDcy9Nx&t-#dipsuGHz27NtrMwUFPN7l5=a{yL!t{}7vlQu#hs7$k;37SVK`+p{V359|i}L)_ zbYp*)HJ;JwW&1^EfWz3abK3K_ZG%OgYJDg~8;TBqwRYDVZ^%|?FG{;3s5Z@ZyvX|V zY1xHKT}XQZi3|t;NCpa6G!z%I#zSjp=@jq+`<$S_eF$=9XS%?;n|3ll(Ua4<8mpwQ zxW{@7!;FZ!H7wC~YnmumCM#&Nf+j0yvVzIGi^Nul^{h`ssYbUF%b7zeI;@?vB9zwe z$jsIUOsioLHkW_3Y2hUf4@o`8j5xQD^9m5Ck^_nHk;LS#h*4{~tXuL080#x#KeKQA z*eCmJ+enmR*fu{AbIcsw+)`s6t`ULxQ$2Bg={&*LQ8l28uco;>ezrAdRNsdG9GTle zabaryKBk6oP&Z#FZD6fsg@&-s#wI(`b0`|vbl*9;ami*X?g&5B=kKoA1*J`bBaqJhoY4?bjMQ4>W5{hT>lbFZSga~61m=Ef*{b&g(U z={aPJd5)jiQFoVKwkh>%RgL_x*%}F0^>f02#m_VXAKr&CWnI|(G}!Y=dZ2D@2$`Qp zdb&bopQZ;%Fz{hmoAN2m3r627de5#f>^jq3#C!$5``eHpoMZGgdhOUfSZ>R#)O}1y zDii=GNrpxB2Nx@Vz#by@Mszm?5mCJ6$Wl_~U}~QtmjJx558%Qxtlyxnv~%Li zZoHHt#0Eys!Op!@M*A{8KT7)S`BBq0=c^9lpDN4#tjPeQFtue7SuhX#$TGawW2mQCz zk>^$N5WHF_*=u!yO>t3-!YhOj5}S`y;+Z)-hs@2|@;p6#)=DxEe-Lbh)s~0MR@>LU zUQ9Af*rP2cLtEaeE#Ep;IF+bXif@K1_STpkC~LqaKEgVm*=Bge7gbg=lm9{PfF+40YkEk+I^i=wzWl3rq<1h|w{(E=*eo&@)Gg@uE*@<3y-6U3PN4 zoPSj>uIkak$oS5**!MGYQ2b@*aStMwLW9BnO)5-3wN8>75A+3QanDWY`)jrnBqLr zWd^X6JYJ4{>*KO}in`aiV-tjpFq+n0kMY*%h?&=--?MpUcgX8)i1|duOAl(O92C#B zH|TbY9&p!x0--w1+>q)3x=p(meq#Ndp*f>W-3%&puS1`Co=h2GJip>#>NiBn9w@3Y z57d~4+z)sot;ak;o8Q-a5>lXNNC-h5fX`l}iJ?3x;-2F80O-OJUfa*&B1450vUj z&tr(`SJS)dIS>7_y{so0x|AJo+=MCiOYmP%UyPVo2{QB@2^J*J=)Zf|FIj_!&-&xA zEGVqY2(n=5QC2UUZK>?Sd`1QbCG=n+qfvH9)zoeR+=!X1l? zeGrcMy~pD7tQV+dRF2V_AEhDdzlkM^Qwsc1DBp>33N_Wf&PEelol%?>B?RL9LG_K(7{7T-aky#k{eyzWJ70zpw-l#G1-sjFV#E0L#)bs7 zRqqU{&u^bxD%(~n4gH!_YFC{5Ot2Q5!UVb@8HQPlu?204DPTvI%_+t^88iD5+vM@h z88ka(z=u!Rq4|9Sx1NCI$>`5ViyLGd$%%Q4Bf0T6ES=NIrP!B6F5PK;B%8KVLYqi; zPEEhsH^!B$|AaB|TN9zQx>@pB5$c5biPmI*6vC}5^s15_B*x;_l*B9VAdW{w$#SX7z^2O9yGo9S4qq#c_GV0G6;?{(f%f}Gl2T_(xPM|?bEIi2 zKn|R9fY{X1JH@z_3@yyfvUZ?%Tw&_tL(aL(ak)dusNw>$65-Zm?FYk_R_tZ^&E1Z5 z_f+cz?YKgu6Hec!C(aN_)2$~)n{7}Y$Ey2^h#Ic~MllRAu4!^?Q^pvh80%ND;-bk| zpMC@aCI*OVILx|(<}ym)4FpXP2B`&uzf_Gc|WOMW`rYzYVosqJ^yDH=A(Q^b#rCgr@C+jOFD- zjFw!iyO3IYOFTsb@uIpgb)S;DV;FFH9Wqe+alOQE>;#vUk$IR^PpJ%_x8V$f+tXKd z2aAo^71m-V%Z4y}tuq8+*c#mkc>rOmgEJnQNkfpQj+c=SvgRI?ZCpFvWz-gDI86CT zd!!%lqH@2@G0ggq&NJg!pg2_eEXGkC8(`c~>`Hf87YxX7vP9w9woG|O|_QpzapNxOF zaxjQdSEU!n_f_mQRy5JnkoyK!J=IGrgDrRbZ8l1r@#K$>kiXeGt48>gAG zuW}VLNO&4K4YcmMNrflUnl*c7rmR=WuA!_|Gb57(*>G8ZB1y@));TFLNXPP7#GgpH zKeDjhq0+fI+Hw@a;L1T14{6~oxO9ldu+y6Gz5rX84@{9ckidXP z&PWosSr_uVRK$y?OIOgC-njl5KI)7ET0Y+Tl?)s)G$p)DXeTJaaxIp!$-;5W$M*eb zB@xq8Gz2n4*E88pBAm|_{b;6D_(yU{=7bjw!4(VYoJm$vp9Vtc4P=!|sM=vMNlyn# zri4+3aS@2ZeP)W=!E83@>Sw{AF}m4Qss@noJk0>~WF~5~Kw3TLNRsJ!L_P`6XM-iy zRJv69OLz{^cDrW_i39UoE$yE5gdo6D;W3W3rCStlPcjpphaDZTBs`Z;&sma507TAz zzehR{*vlf@zPpJS6NgX;3EC+)igLE^uH~FCN>}P^<}#_%xL(E%A5y-Jw|FCodx|58 z`F`

This is a doc

') + + + """ + tb = treebuilders.getTreeBuilder(treebuilder) + p = HTMLParser(tb, namespaceHTMLElements=namespaceHTMLElements) + return p.parse(doc, **kwargs) + + +def parseFragment(doc, container="div", treebuilder="etree", namespaceHTMLElements=True, **kwargs): + """Parse an HTML fragment as a string or file-like object into a tree + + :arg doc: the fragment to parse as a string or file-like object + + :arg container: the container context to parse the fragment in + + :arg treebuilder: the treebuilder to use when parsing + + :arg namespaceHTMLElements: whether or not to namespace HTML elements + + :returns: parsed tree + + Example: + + >>> from html5lib.html5libparser import parseFragment + >>> parseFragment('this is a fragment') + + + """ + tb = treebuilders.getTreeBuilder(treebuilder) + p = HTMLParser(tb, namespaceHTMLElements=namespaceHTMLElements) + return p.parseFragment(doc, container=container, **kwargs) + + +def method_decorator_metaclass(function): + class Decorated(type): + def __new__(meta, classname, bases, classDict): + for attributeName, attribute in classDict.items(): + if isinstance(attribute, types.FunctionType): + attribute = function(attribute) + + classDict[attributeName] = attribute + return type.__new__(meta, classname, bases, classDict) + return Decorated + + +class HTMLParser(object): + """HTML parser + + Generates a tree structure from a stream of (possibly malformed) HTML. + + """ + + def __init__(self, tree=None, strict=False, namespaceHTMLElements=True, debug=False): + """ + :arg tree: a treebuilder class controlling the type of tree that will be + returned. Built in treebuilders can be accessed through + html5lib.treebuilders.getTreeBuilder(treeType) + + :arg strict: raise an exception when a parse error is encountered + + :arg namespaceHTMLElements: whether or not to namespace HTML elements + + :arg debug: whether or not to enable debug mode which logs things + + Example: + + >>> from html5lib.html5parser import HTMLParser + >>> parser = HTMLParser() # generates parser with etree builder + >>> parser = HTMLParser('lxml', strict=True) # generates parser with lxml builder which is strict + + """ + + # Raise an exception on the first error encountered + self.strict = strict + + if tree is None: + tree = treebuilders.getTreeBuilder("etree") + self.tree = tree(namespaceHTMLElements) + self.errors = [] + + self.phases = {name: cls(self, self.tree) for name, cls in + getPhases(debug).items()} + + def _parse(self, stream, innerHTML=False, container="div", scripting=False, **kwargs): + + self.innerHTMLMode = innerHTML + self.container = container + self.scripting = scripting + self.tokenizer = _tokenizer.HTMLTokenizer(stream, parser=self, **kwargs) + self.reset() + + try: + self.mainLoop() + except _ReparseException: + self.reset() + self.mainLoop() + + def reset(self): + self.tree.reset() + self.firstStartTag = False + self.errors = [] + self.log = [] # only used with debug mode + # "quirks" / "limited quirks" / "no quirks" + self.compatMode = "no quirks" + + if self.innerHTMLMode: + self.innerHTML = self.container.lower() + + if self.innerHTML in cdataElements: + self.tokenizer.state = self.tokenizer.rcdataState + elif self.innerHTML in rcdataElements: + self.tokenizer.state = self.tokenizer.rawtextState + elif self.innerHTML == 'plaintext': + self.tokenizer.state = self.tokenizer.plaintextState + else: + # state already is data state + # self.tokenizer.state = self.tokenizer.dataState + pass + self.phase = self.phases["beforeHtml"] + self.phase.insertHtmlElement() + self.resetInsertionMode() + else: + self.innerHTML = False # pylint:disable=redefined-variable-type + self.phase = self.phases["initial"] + + self.lastPhase = None + + self.beforeRCDataPhase = None + + self.framesetOK = True + + @property + def documentEncoding(self): + """Name of the character encoding that was used to decode the input stream, or + :obj:`None` if that is not determined yet + + """ + if not hasattr(self, 'tokenizer'): + return None + return self.tokenizer.stream.charEncoding[0].name + + def isHTMLIntegrationPoint(self, element): + if (element.name == "annotation-xml" and + element.namespace == namespaces["mathml"]): + return ("encoding" in element.attributes and + element.attributes["encoding"].translate( + asciiUpper2Lower) in + ("text/html", "application/xhtml+xml")) + else: + return (element.namespace, element.name) in htmlIntegrationPointElements + + def isMathMLTextIntegrationPoint(self, element): + return (element.namespace, element.name) in mathmlTextIntegrationPointElements + + def mainLoop(self): + CharactersToken = tokenTypes["Characters"] + SpaceCharactersToken = tokenTypes["SpaceCharacters"] + StartTagToken = tokenTypes["StartTag"] + EndTagToken = tokenTypes["EndTag"] + CommentToken = tokenTypes["Comment"] + DoctypeToken = tokenTypes["Doctype"] + ParseErrorToken = tokenTypes["ParseError"] + + for token in self.tokenizer: + prev_token = None + new_token = token + while new_token is not None: + prev_token = new_token + currentNode = self.tree.openElements[-1] if self.tree.openElements else None + currentNodeNamespace = currentNode.namespace if currentNode else None + currentNodeName = currentNode.name if currentNode else None + + type = new_token["type"] + + if type == ParseErrorToken: + self.parseError(new_token["data"], new_token.get("datavars", {})) + new_token = None + else: + if (len(self.tree.openElements) == 0 or + currentNodeNamespace == self.tree.defaultNamespace or + (self.isMathMLTextIntegrationPoint(currentNode) and + ((type == StartTagToken and + token["name"] not in frozenset(["mglyph", "malignmark"])) or + type in (CharactersToken, SpaceCharactersToken))) or + (currentNodeNamespace == namespaces["mathml"] and + currentNodeName == "annotation-xml" and + type == StartTagToken and + token["name"] == "svg") or + (self.isHTMLIntegrationPoint(currentNode) and + type in (StartTagToken, CharactersToken, SpaceCharactersToken))): + phase = self.phase + else: + phase = self.phases["inForeignContent"] + + if type == CharactersToken: + new_token = phase.processCharacters(new_token) + elif type == SpaceCharactersToken: + new_token = phase.processSpaceCharacters(new_token) + elif type == StartTagToken: + new_token = phase.processStartTag(new_token) + elif type == EndTagToken: + new_token = phase.processEndTag(new_token) + elif type == CommentToken: + new_token = phase.processComment(new_token) + elif type == DoctypeToken: + new_token = phase.processDoctype(new_token) + + if (type == StartTagToken and prev_token["selfClosing"] and + not prev_token["selfClosingAcknowledged"]): + self.parseError("non-void-element-with-trailing-solidus", + {"name": prev_token["name"]}) + + # When the loop finishes it's EOF + reprocess = True + phases = [] + while reprocess: + phases.append(self.phase) + reprocess = self.phase.processEOF() + if reprocess: + assert self.phase not in phases + + def parse(self, stream, *args, **kwargs): + """Parse a HTML document into a well-formed tree + + :arg stream: a file-like object or string containing the HTML to be parsed + + The optional encoding parameter must be a string that indicates + the encoding. If specified, that encoding will be used, + regardless of any BOM or later declaration (such as in a meta + element). + + :arg scripting: treat noscript elements as if JavaScript was turned on + + :returns: parsed tree + + Example: + + >>> from html5lib.html5parser import HTMLParser + >>> parser = HTMLParser() + >>> parser.parse('

This is a doc

') + + + """ + self._parse(stream, False, None, *args, **kwargs) + return self.tree.getDocument() + + def parseFragment(self, stream, *args, **kwargs): + """Parse a HTML fragment into a well-formed tree fragment + + :arg container: name of the element we're setting the innerHTML + property if set to None, default to 'div' + + :arg stream: a file-like object or string containing the HTML to be parsed + + The optional encoding parameter must be a string that indicates + the encoding. If specified, that encoding will be used, + regardless of any BOM or later declaration (such as in a meta + element) + + :arg scripting: treat noscript elements as if JavaScript was turned on + + :returns: parsed tree + + Example: + + >>> from html5lib.html5libparser import HTMLParser + >>> parser = HTMLParser() + >>> parser.parseFragment('this is a fragment') + + + """ + self._parse(stream, True, *args, **kwargs) + return self.tree.getFragment() + + def parseError(self, errorcode="XXX-undefined-error", datavars=None): + # XXX The idea is to make errorcode mandatory. + if datavars is None: + datavars = {} + self.errors.append((self.tokenizer.stream.position(), errorcode, datavars)) + if self.strict: + raise ParseError(E[errorcode] % datavars) + + def adjustMathMLAttributes(self, token): + adjust_attributes(token, adjustMathMLAttributes) + + def adjustSVGAttributes(self, token): + adjust_attributes(token, adjustSVGAttributes) + + def adjustForeignAttributes(self, token): + adjust_attributes(token, adjustForeignAttributesMap) + + def reparseTokenNormal(self, token): + # pylint:disable=unused-argument + self.parser.phase() + + def resetInsertionMode(self): + # The name of this method is mostly historical. (It's also used in the + # specification.) + last = False + newModes = { + "select": "inSelect", + "td": "inCell", + "th": "inCell", + "tr": "inRow", + "tbody": "inTableBody", + "thead": "inTableBody", + "tfoot": "inTableBody", + "caption": "inCaption", + "colgroup": "inColumnGroup", + "table": "inTable", + "head": "inBody", + "body": "inBody", + "frameset": "inFrameset", + "html": "beforeHead" + } + for node in self.tree.openElements[::-1]: + nodeName = node.name + new_phase = None + if node == self.tree.openElements[0]: + assert self.innerHTML + last = True + nodeName = self.innerHTML + # Check for conditions that should only happen in the innerHTML + # case + if nodeName in ("select", "colgroup", "head", "html"): + assert self.innerHTML + + if not last and node.namespace != self.tree.defaultNamespace: + continue + + if nodeName in newModes: + new_phase = self.phases[newModes[nodeName]] + break + elif last: + new_phase = self.phases["inBody"] + break + + self.phase = new_phase + + def parseRCDataRawtext(self, token, contentType): + # Generic RCDATA/RAWTEXT Parsing algorithm + assert contentType in ("RAWTEXT", "RCDATA") + + self.tree.insertElement(token) + + if contentType == "RAWTEXT": + self.tokenizer.state = self.tokenizer.rawtextState + else: + self.tokenizer.state = self.tokenizer.rcdataState + + self.originalPhase = self.phase + + self.phase = self.phases["text"] + + +@_utils.memoize +def getPhases(debug): + def log(function): + """Logger that records which phase processes each token""" + type_names = {value: key for key, value in tokenTypes.items()} + + def wrapped(self, *args, **kwargs): + if function.__name__.startswith("process") and len(args) > 0: + token = args[0] + info = {"type": type_names[token['type']]} + if token['type'] in tagTokenTypes: + info["name"] = token['name'] + + self.parser.log.append((self.parser.tokenizer.state.__name__, + self.parser.phase.__class__.__name__, + self.__class__.__name__, + function.__name__, + info)) + return function(self, *args, **kwargs) + else: + return function(self, *args, **kwargs) + return wrapped + + def getMetaclass(use_metaclass, metaclass_func): + if use_metaclass: + return method_decorator_metaclass(metaclass_func) + else: + return type + + # pylint:disable=unused-argument + class Phase(with_metaclass(getMetaclass(debug, log))): + """Base class for helper object that implements each phase of processing + """ + __slots__ = ("parser", "tree", "__startTagCache", "__endTagCache") + + def __init__(self, parser, tree): + self.parser = parser + self.tree = tree + self.__startTagCache = {} + self.__endTagCache = {} + + def processEOF(self): + raise NotImplementedError + + def processComment(self, token): + # For most phases the following is correct. Where it's not it will be + # overridden. + self.tree.insertComment(token, self.tree.openElements[-1]) + + def processDoctype(self, token): + self.parser.parseError("unexpected-doctype") + + def processCharacters(self, token): + self.tree.insertText(token["data"]) + + def processSpaceCharacters(self, token): + self.tree.insertText(token["data"]) + + def processStartTag(self, token): + # Note the caching is done here rather than BoundMethodDispatcher as doing it there + # requires a circular reference to the Phase, and this ends up with a significant + # (CPython 2.7, 3.8) GC cost when parsing many short inputs + name = token["name"] + # In Py2, using `in` is quicker in general than try/except KeyError + # In Py3, `in` is quicker when there are few cache hits (typically short inputs) + if name in self.__startTagCache: + func = self.__startTagCache[name] + else: + func = self.__startTagCache[name] = self.startTagHandler[name] + # bound the cache size in case we get loads of unknown tags + while len(self.__startTagCache) > len(self.startTagHandler) * 1.1: + # this makes the eviction policy random on Py < 3.7 and FIFO >= 3.7 + self.__startTagCache.pop(next(iter(self.__startTagCache))) + return func(token) + + def startTagHtml(self, token): + if not self.parser.firstStartTag and token["name"] == "html": + self.parser.parseError("non-html-root") + # XXX Need a check here to see if the first start tag token emitted is + # this token... If it's not, invoke self.parser.parseError(). + for attr, value in token["data"].items(): + if attr not in self.tree.openElements[0].attributes: + self.tree.openElements[0].attributes[attr] = value + self.parser.firstStartTag = False + + def processEndTag(self, token): + # Note the caching is done here rather than BoundMethodDispatcher as doing it there + # requires a circular reference to the Phase, and this ends up with a significant + # (CPython 2.7, 3.8) GC cost when parsing many short inputs + name = token["name"] + # In Py2, using `in` is quicker in general than try/except KeyError + # In Py3, `in` is quicker when there are few cache hits (typically short inputs) + if name in self.__endTagCache: + func = self.__endTagCache[name] + else: + func = self.__endTagCache[name] = self.endTagHandler[name] + # bound the cache size in case we get loads of unknown tags + while len(self.__endTagCache) > len(self.endTagHandler) * 1.1: + # this makes the eviction policy random on Py < 3.7 and FIFO >= 3.7 + self.__endTagCache.pop(next(iter(self.__endTagCache))) + return func(token) + + class InitialPhase(Phase): + __slots__ = tuple() + + def processSpaceCharacters(self, token): + pass + + def processComment(self, token): + self.tree.insertComment(token, self.tree.document) + + def processDoctype(self, token): + name = token["name"] + publicId = token["publicId"] + systemId = token["systemId"] + correct = token["correct"] + + if (name != "html" or publicId is not None or + systemId is not None and systemId != "about:legacy-compat"): + self.parser.parseError("unknown-doctype") + + if publicId is None: + publicId = "" + + self.tree.insertDoctype(token) + + if publicId != "": + publicId = publicId.translate(asciiUpper2Lower) + + if (not correct or token["name"] != "html" or + publicId.startswith( + ("+//silmaril//dtd html pro v0r11 19970101//", + "-//advasoft ltd//dtd html 3.0 aswedit + extensions//", + "-//as//dtd html 3.0 aswedit + extensions//", + "-//ietf//dtd html 2.0 level 1//", + "-//ietf//dtd html 2.0 level 2//", + "-//ietf//dtd html 2.0 strict level 1//", + "-//ietf//dtd html 2.0 strict level 2//", + "-//ietf//dtd html 2.0 strict//", + "-//ietf//dtd html 2.0//", + "-//ietf//dtd html 2.1e//", + "-//ietf//dtd html 3.0//", + "-//ietf//dtd html 3.2 final//", + "-//ietf//dtd html 3.2//", + "-//ietf//dtd html 3//", + "-//ietf//dtd html level 0//", + "-//ietf//dtd html level 1//", + "-//ietf//dtd html level 2//", + "-//ietf//dtd html level 3//", + "-//ietf//dtd html strict level 0//", + "-//ietf//dtd html strict level 1//", + "-//ietf//dtd html strict level 2//", + "-//ietf//dtd html strict level 3//", + "-//ietf//dtd html strict//", + "-//ietf//dtd html//", + "-//metrius//dtd metrius presentational//", + "-//microsoft//dtd internet explorer 2.0 html strict//", + "-//microsoft//dtd internet explorer 2.0 html//", + "-//microsoft//dtd internet explorer 2.0 tables//", + "-//microsoft//dtd internet explorer 3.0 html strict//", + "-//microsoft//dtd internet explorer 3.0 html//", + "-//microsoft//dtd internet explorer 3.0 tables//", + "-//netscape comm. corp.//dtd html//", + "-//netscape comm. corp.//dtd strict html//", + "-//o'reilly and associates//dtd html 2.0//", + "-//o'reilly and associates//dtd html extended 1.0//", + "-//o'reilly and associates//dtd html extended relaxed 1.0//", + "-//softquad software//dtd hotmetal pro 6.0::19990601::extensions to html 4.0//", + "-//softquad//dtd hotmetal pro 4.0::19971010::extensions to html 4.0//", + "-//spyglass//dtd html 2.0 extended//", + "-//sq//dtd html 2.0 hotmetal + extensions//", + "-//sun microsystems corp.//dtd hotjava html//", + "-//sun microsystems corp.//dtd hotjava strict html//", + "-//w3c//dtd html 3 1995-03-24//", + "-//w3c//dtd html 3.2 draft//", + "-//w3c//dtd html 3.2 final//", + "-//w3c//dtd html 3.2//", + "-//w3c//dtd html 3.2s draft//", + "-//w3c//dtd html 4.0 frameset//", + "-//w3c//dtd html 4.0 transitional//", + "-//w3c//dtd html experimental 19960712//", + "-//w3c//dtd html experimental 970421//", + "-//w3c//dtd w3 html//", + "-//w3o//dtd w3 html 3.0//", + "-//webtechs//dtd mozilla html 2.0//", + "-//webtechs//dtd mozilla html//")) or + publicId in ("-//w3o//dtd w3 html strict 3.0//en//", + "-/w3c/dtd html 4.0 transitional/en", + "html") or + publicId.startswith( + ("-//w3c//dtd html 4.01 frameset//", + "-//w3c//dtd html 4.01 transitional//")) and + systemId is None or + systemId and systemId.lower() == "http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd"): + self.parser.compatMode = "quirks" + elif (publicId.startswith( + ("-//w3c//dtd xhtml 1.0 frameset//", + "-//w3c//dtd xhtml 1.0 transitional//")) or + publicId.startswith( + ("-//w3c//dtd html 4.01 frameset//", + "-//w3c//dtd html 4.01 transitional//")) and + systemId is not None): + self.parser.compatMode = "limited quirks" + + self.parser.phase = self.parser.phases["beforeHtml"] + + def anythingElse(self): + self.parser.compatMode = "quirks" + self.parser.phase = self.parser.phases["beforeHtml"] + + def processCharacters(self, token): + self.parser.parseError("expected-doctype-but-got-chars") + self.anythingElse() + return token + + def processStartTag(self, token): + self.parser.parseError("expected-doctype-but-got-start-tag", + {"name": token["name"]}) + self.anythingElse() + return token + + def processEndTag(self, token): + self.parser.parseError("expected-doctype-but-got-end-tag", + {"name": token["name"]}) + self.anythingElse() + return token + + def processEOF(self): + self.parser.parseError("expected-doctype-but-got-eof") + self.anythingElse() + return True + + class BeforeHtmlPhase(Phase): + __slots__ = tuple() + + # helper methods + def insertHtmlElement(self): + self.tree.insertRoot(impliedTagToken("html", "StartTag")) + self.parser.phase = self.parser.phases["beforeHead"] + + # other + def processEOF(self): + self.insertHtmlElement() + return True + + def processComment(self, token): + self.tree.insertComment(token, self.tree.document) + + def processSpaceCharacters(self, token): + pass + + def processCharacters(self, token): + self.insertHtmlElement() + return token + + def processStartTag(self, token): + if token["name"] == "html": + self.parser.firstStartTag = True + self.insertHtmlElement() + return token + + def processEndTag(self, token): + if token["name"] not in ("head", "body", "html", "br"): + self.parser.parseError("unexpected-end-tag-before-html", + {"name": token["name"]}) + else: + self.insertHtmlElement() + return token + + class BeforeHeadPhase(Phase): + __slots__ = tuple() + + def processEOF(self): + self.startTagHead(impliedTagToken("head", "StartTag")) + return True + + def processSpaceCharacters(self, token): + pass + + def processCharacters(self, token): + self.startTagHead(impliedTagToken("head", "StartTag")) + return token + + def startTagHtml(self, token): + return self.parser.phases["inBody"].processStartTag(token) + + def startTagHead(self, token): + self.tree.insertElement(token) + self.tree.headPointer = self.tree.openElements[-1] + self.parser.phase = self.parser.phases["inHead"] + + def startTagOther(self, token): + self.startTagHead(impliedTagToken("head", "StartTag")) + return token + + def endTagImplyHead(self, token): + self.startTagHead(impliedTagToken("head", "StartTag")) + return token + + def endTagOther(self, token): + self.parser.parseError("end-tag-after-implied-root", + {"name": token["name"]}) + + startTagHandler = _utils.MethodDispatcher([ + ("html", startTagHtml), + ("head", startTagHead) + ]) + startTagHandler.default = startTagOther + + endTagHandler = _utils.MethodDispatcher([ + (("head", "body", "html", "br"), endTagImplyHead) + ]) + endTagHandler.default = endTagOther + + class InHeadPhase(Phase): + __slots__ = tuple() + + # the real thing + def processEOF(self): + self.anythingElse() + return True + + def processCharacters(self, token): + self.anythingElse() + return token + + def startTagHtml(self, token): + return self.parser.phases["inBody"].processStartTag(token) + + def startTagHead(self, token): + self.parser.parseError("two-heads-are-not-better-than-one") + + def startTagBaseLinkCommand(self, token): + self.tree.insertElement(token) + self.tree.openElements.pop() + token["selfClosingAcknowledged"] = True + + def startTagMeta(self, token): + self.tree.insertElement(token) + self.tree.openElements.pop() + token["selfClosingAcknowledged"] = True + + attributes = token["data"] + if self.parser.tokenizer.stream.charEncoding[1] == "tentative": + if "charset" in attributes: + self.parser.tokenizer.stream.changeEncoding(attributes["charset"]) + elif ("content" in attributes and + "http-equiv" in attributes and + attributes["http-equiv"].lower() == "content-type"): + # Encoding it as UTF-8 here is a hack, as really we should pass + # the abstract Unicode string, and just use the + # ContentAttrParser on that, but using UTF-8 allows all chars + # to be encoded and as a ASCII-superset works. + data = _inputstream.EncodingBytes(attributes["content"].encode("utf-8")) + parser = _inputstream.ContentAttrParser(data) + codec = parser.parse() + self.parser.tokenizer.stream.changeEncoding(codec) + + def startTagTitle(self, token): + self.parser.parseRCDataRawtext(token, "RCDATA") + + def startTagNoFramesStyle(self, token): + # Need to decide whether to implement the scripting-disabled case + self.parser.parseRCDataRawtext(token, "RAWTEXT") + + def startTagNoscript(self, token): + if self.parser.scripting: + self.parser.parseRCDataRawtext(token, "RAWTEXT") + else: + self.tree.insertElement(token) + self.parser.phase = self.parser.phases["inHeadNoscript"] + + def startTagScript(self, token): + self.tree.insertElement(token) + self.parser.tokenizer.state = self.parser.tokenizer.scriptDataState + self.parser.originalPhase = self.parser.phase + self.parser.phase = self.parser.phases["text"] + + def startTagOther(self, token): + self.anythingElse() + return token + + def endTagHead(self, token): + node = self.parser.tree.openElements.pop() + assert node.name == "head", "Expected head got %s" % node.name + self.parser.phase = self.parser.phases["afterHead"] + + def endTagHtmlBodyBr(self, token): + self.anythingElse() + return token + + def endTagOther(self, token): + self.parser.parseError("unexpected-end-tag", {"name": token["name"]}) + + def anythingElse(self): + self.endTagHead(impliedTagToken("head")) + + startTagHandler = _utils.MethodDispatcher([ + ("html", startTagHtml), + ("title", startTagTitle), + (("noframes", "style"), startTagNoFramesStyle), + ("noscript", startTagNoscript), + ("script", startTagScript), + (("base", "basefont", "bgsound", "command", "link"), + startTagBaseLinkCommand), + ("meta", startTagMeta), + ("head", startTagHead) + ]) + startTagHandler.default = startTagOther + + endTagHandler = _utils.MethodDispatcher([ + ("head", endTagHead), + (("br", "html", "body"), endTagHtmlBodyBr) + ]) + endTagHandler.default = endTagOther + + class InHeadNoscriptPhase(Phase): + __slots__ = tuple() + + def processEOF(self): + self.parser.parseError("eof-in-head-noscript") + self.anythingElse() + return True + + def processComment(self, token): + return self.parser.phases["inHead"].processComment(token) + + def processCharacters(self, token): + self.parser.parseError("char-in-head-noscript") + self.anythingElse() + return token + + def processSpaceCharacters(self, token): + return self.parser.phases["inHead"].processSpaceCharacters(token) + + def startTagHtml(self, token): + return self.parser.phases["inBody"].processStartTag(token) + + def startTagBaseLinkCommand(self, token): + return self.parser.phases["inHead"].processStartTag(token) + + def startTagHeadNoscript(self, token): + self.parser.parseError("unexpected-start-tag", {"name": token["name"]}) + + def startTagOther(self, token): + self.parser.parseError("unexpected-inhead-noscript-tag", {"name": token["name"]}) + self.anythingElse() + return token + + def endTagNoscript(self, token): + node = self.parser.tree.openElements.pop() + assert node.name == "noscript", "Expected noscript got %s" % node.name + self.parser.phase = self.parser.phases["inHead"] + + def endTagBr(self, token): + self.parser.parseError("unexpected-inhead-noscript-tag", {"name": token["name"]}) + self.anythingElse() + return token + + def endTagOther(self, token): + self.parser.parseError("unexpected-end-tag", {"name": token["name"]}) + + def anythingElse(self): + # Caller must raise parse error first! + self.endTagNoscript(impliedTagToken("noscript")) + + startTagHandler = _utils.MethodDispatcher([ + ("html", startTagHtml), + (("basefont", "bgsound", "link", "meta", "noframes", "style"), startTagBaseLinkCommand), + (("head", "noscript"), startTagHeadNoscript), + ]) + startTagHandler.default = startTagOther + + endTagHandler = _utils.MethodDispatcher([ + ("noscript", endTagNoscript), + ("br", endTagBr), + ]) + endTagHandler.default = endTagOther + + class AfterHeadPhase(Phase): + __slots__ = tuple() + + def processEOF(self): + self.anythingElse() + return True + + def processCharacters(self, token): + self.anythingElse() + return token + + def startTagHtml(self, token): + return self.parser.phases["inBody"].processStartTag(token) + + def startTagBody(self, token): + self.parser.framesetOK = False + self.tree.insertElement(token) + self.parser.phase = self.parser.phases["inBody"] + + def startTagFrameset(self, token): + self.tree.insertElement(token) + self.parser.phase = self.parser.phases["inFrameset"] + + def startTagFromHead(self, token): + self.parser.parseError("unexpected-start-tag-out-of-my-head", + {"name": token["name"]}) + self.tree.openElements.append(self.tree.headPointer) + self.parser.phases["inHead"].processStartTag(token) + for node in self.tree.openElements[::-1]: + if node.name == "head": + self.tree.openElements.remove(node) + break + + def startTagHead(self, token): + self.parser.parseError("unexpected-start-tag", {"name": token["name"]}) + + def startTagOther(self, token): + self.anythingElse() + return token + + def endTagHtmlBodyBr(self, token): + self.anythingElse() + return token + + def endTagOther(self, token): + self.parser.parseError("unexpected-end-tag", {"name": token["name"]}) + + def anythingElse(self): + self.tree.insertElement(impliedTagToken("body", "StartTag")) + self.parser.phase = self.parser.phases["inBody"] + self.parser.framesetOK = True + + startTagHandler = _utils.MethodDispatcher([ + ("html", startTagHtml), + ("body", startTagBody), + ("frameset", startTagFrameset), + (("base", "basefont", "bgsound", "link", "meta", "noframes", "script", + "style", "title"), + startTagFromHead), + ("head", startTagHead) + ]) + startTagHandler.default = startTagOther + endTagHandler = _utils.MethodDispatcher([(("body", "html", "br"), + endTagHtmlBodyBr)]) + endTagHandler.default = endTagOther + + class InBodyPhase(Phase): + # http://www.whatwg.org/specs/web-apps/current-work/#parsing-main-inbody + # the really-really-really-very crazy mode + __slots__ = ("processSpaceCharacters",) + + def __init__(self, *args, **kwargs): + super(InBodyPhase, self).__init__(*args, **kwargs) + # Set this to the default handler + self.processSpaceCharacters = self.processSpaceCharactersNonPre + + def isMatchingFormattingElement(self, node1, node2): + return (node1.name == node2.name and + node1.namespace == node2.namespace and + node1.attributes == node2.attributes) + + # helper + def addFormattingElement(self, token): + self.tree.insertElement(token) + element = self.tree.openElements[-1] + + matchingElements = [] + for node in self.tree.activeFormattingElements[::-1]: + if node is Marker: + break + elif self.isMatchingFormattingElement(node, element): + matchingElements.append(node) + + assert len(matchingElements) <= 3 + if len(matchingElements) == 3: + self.tree.activeFormattingElements.remove(matchingElements[-1]) + self.tree.activeFormattingElements.append(element) + + # the real deal + def processEOF(self): + allowed_elements = frozenset(("dd", "dt", "li", "p", "tbody", "td", + "tfoot", "th", "thead", "tr", "body", + "html")) + for node in self.tree.openElements[::-1]: + if node.name not in allowed_elements: + self.parser.parseError("expected-closing-tag-but-got-eof") + break + # Stop parsing + + def processSpaceCharactersDropNewline(self, token): + # Sometimes (start of 
, , and

~9OGt}*ZT)|eNW!Muohe`QTsPmTFj6n_Xa^=zHie2_*WwcphviK&}#kLf&Z-b0&{Y2G|;6z0?=IMW{a8YQoY+XA`E0z1`EtbF zZg+@WoFMO^SmT4P+WFt!A0Mw96aVKj8jhX8jQ>c;I$dp$*brq4*Ujy=@5dyYQ}cq# z2S~NG)A|Yc8DagZ&Fk`_wHRXnFA|&lxL=J5kycWZ-}YS(oUETx9QD~~E0URz;!0Jq zkr2pa|JIm6f5kxrxtg-}XZ^82#qO#R_g#wF$7=?eTT6YunZxJ40vlDcwJ0!ResTIe z)J}Jc8Er2@#2aAFZ7)c>L&$-^4fl({<@0CgHm8>FekE9tou+gw}b{J^7Mn&VnMjG01t@|9MS_5|9rXq#TUX_c4sgl8N@Ed547RL|j3 zFq@*K$?0B*eWJuGnPpDq>zT~_6{Dz_zE62awI7m-!*WnyA@r@-J-2eMZ+f1maQc0< zYkg}e6He-w>NZ7_z9%_Z;*j&W!naNozNk42CWb9xFu%uQo*G!#fOZj1?Fd3Xtw-$5 z@qa=EkhpF^ixoOD#pP<4c%JB(F^@HJCL=KmFOyLUad``}mEoc55p z_Dqk2I~QCmX1Eo9`Y-kGT)k|U-t(c}`UQs&TlCh{mC5MPBI_mXpn>M3+d^$seX&O0sb!Lxq(ggLZKf~BmOfWxQ!K#! z=|Q=9=_6P|FgByfgp&_BXX&q@?O{v{o3DhGKhYI^4n%=iH^yOSKN`Jv#LA7{`q)^b zcR>vM2b?&=yjOXY$}<@jx;DoRt`r8%W5K~)Y42Jr+%97W9zt!oL9@eg-_e@dNJUp_ zIs{^Ilwlmc?&14m-wKxP)S7mYWTXbirr4WfUo%q0v9pcTpx8*`a9;e;u;^E!WrocT zV`ow7_fmb;$N4FtNY&l#)mpPq9b;#8YKbbl!h$2JNWfWPWiijXCMK-A-TJs>Mvmq2KI$`hM1v7Q%EvBH)k=fK2C7@V}^0U3X755(yd ztj4-Aq01G+$2hO6ySmtj&*-Txb~UiJ(d3k)MsLxAqU5w9s{zo7*;bf^Zu<6M!_v)R zpCT0vzvH%Wt1LqrAuj`#>wrKy0-6L zsxh2ODPo>}M8t1V-%1(@Fe@?AA(t2NGgbl!=u=P62!u_TrsS;Du|0{|6$ryk^hDuz zp{-fJTXfqQ&<;KMTxk*dH3C}~z+oWIeZ)t(-tMO*rKX#EjKelG`J2<}`mWM>P^4&S z4Ex%OCj<}|mx}TwN9M^e)|ncXSsYPeeRyv^`Mk{J_d?Z0;)Bh}$+qohM!EoWoTs+CnSsN*~k zCZ;FC4Yu#|{}!Rl?6rOG5Rwjb+t)#m)hWW{RbU*kk)pR+P1DFWlQMa|Vw-j8UKT6) zbg4iGixRTQd}U3Vb-SDk!M7apxoQLwTrjEUSWgR+^ZoG8NOh7X7y|!-e&0f8$ML(* z{zMz-(AeV&cMrgO(A*OdRp?XOcZ4QF=GN?))^-8cnNbmQqn!0{ha|JabH%dmxJRCnngv{w0;72LE@G?AwT@Xg)Kyy(qn*hafot7k@i-<=kbwg zZ>G%B%w-U?5@fu!5>YIdqx1XBwXqw2YmF;K`w=ainz7W+gAmf`cpSE(}hMGGolh;!^0wX|QxXi@+OuIbxJYG#^cm1gr<%5WEnY(pIF~JK`@J*oIc6W=GE-^7Rvo35!uFi1@$)leT4P|;86gaD!RzS5a)%{Tw>w=J zNz6LxN)NDRkwxvod30|3cK;U$Zv3l7kqZ}Uo{m|+7I}5z(;o>W_QI(4;S_0o4w;}w zZ&Dv>y#b8@Li?PiSk>Es)m&N^`eNMzX5w$tAxj8%$+LH*UDhKvNUl2jp$xLcE_Q+K znYTq)5+q4=@#S?zpY;3GK9bp9wQ_P8ae;m)`n+vka*j|c-*$x*;e`evi zd{U1xEs`#9lFsIn#{G8Oa3`)we6IBpqG!g@!z)J-^}Fi(2nNkuH?Qsam>Hqo@%Z$4 zQFD#(B;`%38-I|ni<0qEL#D_EuJ-TCuRtN~39+?jOJcyJwCb(iow)AJr-_ol$E z2hY`Ox2WCp{b#5ERo~=w+3SQGn1wG;DE*@KPckBjyi!J%&&cjWcvo;R{LMjO zHyn%GzMqnA6fPw}*w^@!21-dep(&XoH02SR^c-xVqeSB~OxU=i$kiScR~T1&<0gJ3 zw6QV9XY$6z9{E72o~BVMV1IF~Eab-u06I3iAt_yUCh;sfTnS~uzM--ct6PZ3nHio( zo)z8FhM|&7Q$Fghz*48ihd7HI-{NZT^^M#1{r&eWP2sWw{34|M@(;A+5HcO9VwK#C zw!S+hn;5Gw3r&h5p@OHX>{fs|oMZbgR?7B0BxweBS`u!Yh=2DgHj=&K-*}rUtE5Av z#NM8VGXQ7{>n5eo;4U1S#iCneMx|AY!8ogp^dtyY1kTE3r=mRVzG z6Xjc5LCUOAg?-_SL0N{9R~K6sskS%KyzLt&l@p#b#tKjHX!5}x?BQy3nvE{u zG;=voaT0$Ofx_|gdf~@uA%#7ir?vES+Df+1z{sIL$r5ut{U#?i@%h)j;7VK)F0XX4 z4BbkW)H?NM{lC_G+`=w1NP%~-?W_5X%-W4`hVgD^Jbfa;0VlHm@IhHACn$AQ-k6)q z1A47K0oRC%mc}Y|W>T=qIWxJoSbL)7v$k!~+Ta8<2yrfTw{lWdJq&-BnFFp)MqR}i zJYr{<*A_$ryXyy;L9csVly%dBTuCxo$A<%3>))0hxTTQo-J$JxIir4D{1@@>+iZOc zq-GVz)Rb|pr9)B{3sE9TGpkEmtuoBnCdE8#Jwx9W-Og6jnm&T~C9iQ? z$F7$xi%Uv8lW>p(kg||-TACnZ78#AU$O>AMY)fttHy%NeeqoqfBpuI7f0hon%f+c( z@6ZKaNm}zT3L?}lk%H>}SY6`MW@KCJEVi#6T{(ygc<@3H|aB#7=uBsw7)Ly4-&271j zUmOCy_3w$+UtPWU@1+&OP0OYUD3rB9j1T5cx%Dh2RqlZTaov1Wp@J9z%C|a306`YV z2yhQZfccdfx01fIFa=TTH2?sP#6~#Ltqwd&jEVXiU`Tw}N|_8SPS0q@W>KaNyei$&^}+YCIH+%ZRu8Bd;YM~0{7;$P_M89d;fxB`rCVqtuWn- zUBdQ#;}>c~@$-#|ACv6jq7mHD)2(!ytzxqJpLTZv8R`F$$N(pD0!_;BmlO0=J$Vxr zp41w-#{$3OEd>OdtwRNKp!^RO1(Q<;K!VyriCYVziCgpPKKm0C_qBH@U3PRy-sr_{ zIkZ84{Y+0Lxt!oq4#P|Gsut(SHAxQDKXb-#lIMrxzW|kR?i6q_{n>>Ge2@vT96~03 zw3m-Ej?Dws_%oQ1JTYrw=$Zg1R*PsU2F3||0U6jeZ*dO$&u$I0)qlPuRC>ckynp=S z5Pd`X9BtW+IU#LXODM2z!SG;NN6>76oaV_j^PK>_PH zztKB#ftO~Ill*xlf*(}ICzjCBbfoY(` ze2;>Y1kF$DvIpZ(lJw|r0gJ5o>9I<-Ngtj&DX1rYpz4~Q>s5^PM8{A_>GbeVabQ6r z^CqYItrws_8PO!;;g^x^s^ut5?4rA^5RDt-!f+7u%VY6z?VigB17ZZTzx<4&HRYCm zof=N&E=f9U961_4rQK7|SMniBre89Sd>Q9;67Z$~+`m>Ta* zq$B2r;0rSBs!FZtECNCIwut)xceKlm!=Cz7qiw+$wI+0R_^jMv)|xnPo4Jz@P)5UNtl*PIq9U}2iUgEZbP}N+)~`u<`^mu*P>A?@*pAUQ&*fKpMn*6Xz6LsilM|3R~3X3 zb>6f)ahq39K2!vyTRDK1A# z#BY5&@1Hd6nwAWmi+yBMu(CLIQRPiJvGcTLL$zhWoIuBdk&uLoOM*+>LHA2RZ;qta zxVPca2<%&PD{(-M;672~emzolAif&7HGV8plaX?0_;DWRY9ANI1|xKiTJ212wKKKV z&eT@R)S_jt0B$yS(bVLka}TYOY2mi5)g?G{Zq1F9y%g^f)Tl=Cy&@!z!!QE!)hyCUP`z{4IdvK4<3Ppt0SyPDf@zxv+{rHr@QC>^fM~8e$=He_(Q+ zBg(DxgND}9%W2;1_y=p zN?{C2)7}u9!9XrQJ4uniHuTn#O$;HShR|iZyT32{Cs%7`gSomrQ(31R$7y2?c*!+# zYo+qMnVgsK7+|G*Wn`l<)^A z(VpfJ49|1>WlCO|QsFa%ohe-ndDRmoKT?@)#_ahJBVQQ;S^O;EFy(bA_&OJ;&|1%+ zto8B-S$kmGQvvWkmiyaiMAc$g;vnPXD+0;}WK4WeBxFP+)`-32r?e$kmbyYYu#dixI0~AdxBX?!}Oery5<={lv z61yKu#RI~a0q_qts=w&;t4Nls0DMoae z6P0GH|8l~zIPl}%H~C-*8fB~$Fv!UN8YRgzrGWLI6iz-cbB%)ro_|X5swrKuQ@GJA zGV>srt;d=n<&1{`H@=e7z=pn@fXZq2i|n}uoX<#^Sr6INY2>4~X6>S{2_glh{)DJG z6zw^7p`KuaZBgeBIL*YkLb1jAGgu!qu3)&#;n034OrQgDa)lTo;3RU%#!$AJjLqqs z1Cr61m1RDK7;(!zE6WVA2CDq0T7W>h%&|>g!?s+iCrwG?Wc=f|0LKlYeVd(5f%9=T z=#xjzQ{DK+m1H*XCQd>R)d2TIt z5=Y8?+I9Yh2Z1O1t)?p@op7NvJx^O+Q>27e^A-e)Z0Zo8HG%bG-KINd8joNV|o03wNqKJIm~PNNpEKTzulwo zdzdpeVW0IrXZ@MukNE_}LHxeHOBDF(IhP|=0_lgNfw#D_jQXujX$4>%C*82%E=Awv zi3%=HoGBL~AS7~mBF(Y8x-pRtLl$LNE=3ICQpBXiv(B>r4|gK6JhcD)A%r-T+>>rZ z9AGuYm$~1Kh&?26Is&y|&d|NhDuDY>3jw(iQDg0YON4NBBjT^<49<;+IsI=$%u}E+x#h{)<}bMugZ2t*414iqj8Sj}w4A&7q;=*CA*OiYB@cQtR=?0yMTUG};Cz z$8SS?-Dx*oVd;cI+=e&@$K3H7^Hr%5>ta&-E<=n{5jpX;{%5~hzznyVn>}`iWz7U* z%H=5bU)_cHm26Yztlin4VVOT(S(~}P&>QS_fRKs*n*`@?Zi}K71V_>jK>iYft!q7 zRsz&oA+(Mn%4T*V-7k;SVr=U)zc4?+;prjvUx%>j%c&r@Dd#A+T40-b15709S3~9| zv8UeiLmEBKxq*PPgJ8cvj}^jp3XV@Xc+rUcN$#wztN#c);)(zIozEKwa2y#{D$XO` z8lH+od@qicb<}8+Uc5VMo<0t3*i{pFasKeSVB_1auA1b};kR~hqgztrUAP>U%B_7b z6D^{fK3#qej&k$-2|as21T%ciIyM+IoLa2cc6GNt5+7lGZJ(_9K)Nud7W+l0z679k zw^qjrtuZQZ40-9dE9~x89AXm>c)MGRv?lRKljSkqI)>3TF}2v7TudGpSd2}%yh!>- zb(npjRUwB1XfQY_#)eqqoY-t)@xjPU58kD0h-~JqRtaG)n0bYqH6>}D!+P_&BCgkA zt;wMib8@M@DKXjGeDI->A#(%O2h~!lH+`eA+0O`4SK6Q{w@Akt$ByBSYwnQuvy#38 zz0B>c(c-8n9-6wlU|l+&eN+l}=ni`Qu@M!!%^j%RxmNsUL6=@zYx-ERn5ii6rR9rr z(!>9$Fo~5Zr>MEX`q7=zb>OJhyn&M1GKvXGfP8ba5*<83;f1sA{ni_sqtWZFzfN1W zJF+q-^N&l!yGX9CKSS@?W4x6g8xSpP)e}Wnrnw^;G4@{>X-y4?S2>Y#s%vf3;K!*#pi^S15?@OqUGmc#@91hMD0QW-XE8G8 zlVV%Uo}C?rQoDuwS0w~TTK zI;fRz9k>I$6DSjk= zyHxlT%~P1h1c|(-BF7L!h;$O+t0yo0Z#mhl?bKV3c&v4#hRjZ=*XWvi_RfsDPk%F= zkEZ$BYY4ncCVNXCnea&5qpiBPxUlhIbqOne8ohaAK1RjeZx?!?x)rX4S`#u(&7S7f zmMPO*LQ4;mvlU~1khaf^dTlG$ zwc5k`K}tJu>$^hzM_S+8i%w}LDy?e?IGa7S0a35QhHWkW9if0{9q!he@f2Zn#;DoL z@xjb&H9dy4IN#2kXPR{NLEe@3r3^yH&-I*;w164E-yA}&s&Ei4X zWa{YlI;!+am8xI^-WC^RGpTch)G49P$m4aK3WupGb*{)R3vW`sj!6?&nv2xC5ZHqd z9R%|i17p2*#_M<(FJ45LLV*tL2j3-#3jNn75d++B(`m1)u1vZ?Yr2$7MuV%%qaro# zjui$QzBVYH-w-YL=A}Iica?jOL~40o_RSjeqlkN>o(Nm&0>x=;*`Ped%5Dg|CXCXW zIK_1ZuUH=|REFt@y&<)Y6l6C`w>R#;kS*PbVAyZ@y0*r;LZ48$&PzAx(B7pKp3Ydbt``h_F>7SRfASzn(TPbLV~n~u{|32wxvB% zz&1#;OOC^_+JRSYdZ55UO+RG56E1td;lbHhJ9YtC9%j;-#J>UCZ@0T4&beh<>aR>* zN&9Kd_#*G&5sa?>6bjhuv}Nu|l`ptv2f6t8uC{FOByCMoj>Le$sn&gX6tug}rM9uv zPQ_`}ZsCPAuU^YFkIwY1{l})q0(7+)yf(hbT{LuwI|~y@4P8`aeBq9NCG`qvsjM@7 zD)8xfEd!z2-PRvPt_{B%HNQPQSoY>F3)6g!xltt2irwm^MR{qDqoscsLJ#(f2yOdX zh(Mxq7_f za<)RqyN@FzN{BfuQP=@Sc9rs_cp`zP|j5bX2gosIPw9Qu<#1F^?XvI+CF9NMrrXK3DqNZppk`gIIvCw=l~7{(SzR zu(uEO+QWt|yzw@gsMw2>?WKLqrq(c)ioL=ce?cfP@eg<~YQ|%Pqvi)uvqv6Yh$bgK zPIAzA7g^xlnY_W!!-kCdy~bNPv2XIuXk)LiM(rmpVEizv=S5NCtPVboR-C>OG2`Xi z@upE#yF-3_QipQj$H_N2BdCqzz0dlksv+{Z^*7Z9`-S|;vxSxe6v?OI1;>l!5zGh< zkWC!xL`Uiak8{@QNMVyyC8gr+#9N0-X}1|XJ)bkGNjlW7oA$vR#8hiF!Ao3tfXYPP#~9Q$maD zCu0i!wNxGxqQMNdtUyOy7mlTXM0CmUjf*FDHB@k`id0AJmi6 zodGx8d11o|gDxM`Z@~Fq9qeY)_iCC}jCOC}#YKzL1GxJ^oQqA(dmma9F(#DSu{rWN z7P}+Z9d_l!ZkCTXJ|toml=A)_pk{bsz4l{tsHId@p2WJjftN@e9qS-E)_Ew`d8J4O zN)*7VQ?xjY_t7&CDO%X{O`%EQ0=pe<9x>K?14kA$h0XU7DRgsUK#gxgz?KI;Cj^eg z1~o(j-i8!R9(RyXDTa-Jx3Q;lMK_I{w%KU?TsUb6&!;;cWMJ6#w+?T?a1P-6RUeDP>?QE#r5_)v8zCD z+GYmr^?KtGrL8`ylV%n+Anf30NMF1}mwZ}Xt972@xQ9bm=P8c<@1LN7_31^mdz||w zTdiwuk;UN@p~(8}&Mb|To%wZMEXKrOa!H(-=F<(AmMI5R>ld+mForVWfl$pqQ7?@d z03&Rh=)Wmibe^Tr%{+BWvEeSS_o(x5%E`I~=fXlVvzi4)6``0R^X&}9EVj<0dBg9r z^7@9C`VlMBym{gLz{CgWZ2mpExi4yd9BDlYnY?r^NoY(u8WW`MBZy?NB9dXq*h?tf zLI6MN4x#xg`iFlI8GC^<^l!NJ%Nr&+&nQmy#$g1M69s7_*_ z%DA!Jep~jP*zQTi)!2UIX`=5HVb>1YE_#}dLlgE$Hgcdf?lHJRmy1&!)$s*v-u+Ot zKOKUxD6co(kAWzfuW8G9n~c+U9`@dDZ?zDsZR1L;kUtP=Va8HB#$ zJ|l20=SEkuG)}%{1Jma2hquX9UAM4#`k07K|6SSP*BSo|w_Vc3+AkTaEdNym2)hSrCVd{d{Js`}bn5jPn0n z{tsEr&vCG|VjJWD--kqah1lB9v;LEWjQRKymA5xkdF!)cCJ#T8Ie%w`Q?n2Ud1R+S z7|vGQ^2P_v-C^^KFuw7L8Gk`huI44GgId#>l;fGZ7GsBK}r;( z-hmJnZTW_}U|AcBzrY7&yYERSO6Z7>$2ce2)WtqO#-CQ%!V-YHtsUsd2bt*Mo&M(<3m=>h8U z2qO1Ed+*Sio>uv_S`$v7$mDZNLu=vBt`Ki}&()f5MN1EMudmjcE<`BfQJHtWn$gXw z%U|%BmAxhqP5H=;nCNXAx#=j^uvmjC-Q+|XowZ!GD3u4#AFi!+g_8Ha^dCIWQyMB; zx2rdV)$Xy7wze{Cei&kvLUNm=Bhs6?9fS_{td~Dx6nBRQzXONW zBjy<#vLIT8di(kgH@%}ZUB_(boAuYVP|4k@wa=Pu?S~^N9;zI!H5C!imhmjOp#J4=<*ct1j$L zulxo9*LM-zu!*UEb{slVZC^v;XjVf4<|n*Jm;qadm^ zH2@L>uIg~|W}1A5cUcqp>D)vP?>xt>NQSX#;9%3Fn2)t9p+YEQBQ8 z@8#K40f3k0xjmy=b%)KCX8ZnpwUMw681ME3j%m}5$sL$^a%Cs^i=7Nw9IZEx-2zRC z;>xqLdGo`(CD5WCax@`8n|Y8Fx6S0Fa-+BEAv{+$iiu%s`bBvfa=M;umNo=QSP{F8 z6$v%J5B@{KX=GrivJ5{Wq31T2VcJ8B%Tk|X$%_x=6~9#c%Agus>Zhz>pf|Yow*X3; z)+?(S%x^pNlhp#;$4u*7jOakZT0XR*Zwpujf43)sr zcT}(CRqb$#?Hd}SzU&jGS#H)WM#Le6TVG8JFG1pKB6!Y)&!G8b;|HvgD|T8KJR44< zZ>|z)t7E=2Fk>lXgFh`M+eXb`RHo2hRiQuiFQn*Fb!8y#RSN@fgya;LDr6G6~|5RBkrTJ zpSmAjC0gUc^!e(8aZ}i68fhUjP}TjbB3=Rx{(hVcgA)`AHSb<{y9_pVlQUQWPiC;I z=|G_-MT4s)Ln_dwgFDwj5RhxFL%&7r1A8bX3>z?U06|)O!TrFsV*S z5TaEVG%7EPbLeI)%)LZa$y4d6Wt5Q2icIFkeVK=})PIn<;x0x)Z?Nkn5*32%L?4i- zP+})4)M_BqhO$o2QYfa#x7nd zdx`}cyHcbN0>cz~2U?v)x{*e`>1(Cw^i}-kq^kw~`H*L0TW-1{l$fztMmbl0X39@A zY`*QxOk$yQk)RSdqz-gNOjHevn5d+}=3apsJ}3i_+VbNQLzOd>gjw@U#u0-Ta?GTN zx8jL6?rGVqPnVV>_Hb=l#Na-o3J!VJ=dFDb>mvkl*#3&d%5~lU?vwkox*x}0Vyf6v z>Yk7rzp^K&PC#RqnN?-?b3Ol|^R4Jd((!dg@{r#qYxq@wsy(i8-rCf1zh>+|%4usl zUmf1=pxo3Vc_TrHryLn25SZos2+>}hMP~hP)PrewPNCeSxESHGzJX)}XYh!o>6dpt zt0A^rk=|-;=P5M$&4t~{`P6Zzo8$H&n6Td!o5P9!el#;9b{oCkizWtD_gpCXX2E{-j#~wo zofALBx{SdF1MRV~_D0aSG!0WY7#~g%ysRw|_Q=HOD6eLW$EPQaFCLA*O|wtYEJpTu z{5rSJrmdqit!klTjy^nH00-gbA}rvM%bxOLsVbZrM76&4>(kqq@^pDZvn%_4W{bKs zYcWT$kd3nTuI?9b_7?^ z(U`AKcy(X?!qiDm){Es97c6<6p2b9$iEUKR1Gkj5rl*8>SlVn~l~aUdz~8ix_48Y~ z)5O%lli8Q{jk3BDl~8NC-WI$=tjg$HsmUZ@9aq`%MhJIG`n}CRTQo`NlXFXUI(NMA z$58jCc7>`6+qWaZ%XLTKv2{%!JZ2J9@Br4C*ZBM35iR4dB`(k73I3C(%^xE;@uhyu zT-jIoGt=IXown03t*1iJM*RP@<(y&5D}%e^hjfnEx%*>p67LLw2R38wNhvIrrz5Ii zN+ox#VWoHo42Z_@t0j3n7Mi;k>^ zBLxdFZT?9rC-S8hkHR8%y(}z$!=IH?+qGhm%i=-2peBr@vhB-6rXkFE44BLV}RmJh1Y~Z7^c9Qg3OJ*4!BxCN9;zOh2;)|%n zTZ35Hc~%Y7uzlAFs>uA+$^O5#3n}XoCO1rB6Q)pHESfh#4@bX(iiRxXGHhOmt!`Se zf^d9L;BdU8yLvWPudG6fD{_S_Zn>l`4EGG$IRxiWw!?eos4dUAX%!)?Y+M2*e?0k7 zbDy|9v>xVRX-sxW-}5g^rGhQu?=Wd&Xrz}D@K^y$auv`NW+6V9$61WB8zI6g`=Qtl zdEY`VWfWW8t0<4va0lOv3qm79$7*TqS;Wh5CNU^TR7Vo5%P z)v!`o4KJtfUouh*OnHa8LzP$!2b0v!8X~+8vA)ySK0JqvQ9uBnz|*XFW&kyP1+3TL z2FyXmKOLmuO_6>!LLLr^Pmb40o5bMlp#T!cfCRF(U} z&^z7CX{=Na1C|*Ji}T{+%xeEcKhLMcd=t-<&ya~@)Si)`1|7j6fgLg*c<}@evY>VR$L{wGr-azt^766T_ zPmvr}9LUCbK|YUsUbB!^27_HiHMi0NM9O4h` zHFWb&&q~XQzsbkAKhLW*cN1DAN(!E-&&bDEhjUvrw^wicqJ{XP4;riRqi8W#|Akmw zYd7R;@PF#}{4`cAB{Q4cD9My2nZq~!`l?g9iInvB8mk`fm)0z4b&XZYerb1>&g6yy=8-~Gop%#U;q$hKix5b;slns zxjx5zzYL{O9sg@OS8h!7(W?yN`&jiE#PiF+J>~a&nlOpKlR2S}MSM6+MmWozqk8zD zKZ9r&=~yv{^JzhdU<<9?L0HC*aJAKXj@k|V*aMhEmF?D}Qq^G(^N+KK`mu^wP0g|g zH_&j!m(ys0bU=G8Sle}D+?UIw9ph}?FumZNf5#r+3?i7^RqBTgX0P2^7yQHF4Bw*( z>$^^K-5xdf6D3js-F;bQwELIo>Q;;$EDu+wI!23dz}FMXpwhdg{pq$gOVbj-7_c z`{(M0WB%9xeh0>XEsYG^IEAAOF$7g~117BrKmcoh%+nAU80S&tw)7_|UGzHf#^#09 z38gZ;pgll&om6Z_qOjZS)`q~W7;TJ+U)HoGUczxLR@2FN>WrZoSjJ%agJ8U24GMPc zN~MS5JV^foHs;S_4l-mUy|kc5Y#M*(z&pVon=)ZwY%&13TwAlrni~=5*vx`I8nHwW zS500jX5f$>OcnrXlQabbLZhSWq86aV%%2F#MTgc2pcC7gEmF*T*jD5U@Q za$z-o8FwhL(CJod`XlpYkrBiEG2ST4{LS6&zR&>?s48&=l5e@bi@&SNj6=Lv$e(^A z$@%M49c@{!TV;uZtGO-zA+b{UD&>ze5nO&q&2y+vo2W{<{>RbY(X4=Ol>U zRvATL6s?ATq>SyZA?VRW$=B#D((@vr2{J6Tln#Y9#$B|{C3mU*jU4Yc zCqCB7ybp2<8%qe(dWZGI;~<&yYR-7}N2xq*b{@kqC)QCkl>CL|<`dW#G}A$C%7I|u zKzx%xEW?w47`S(wPXM`pk1u}sg8V^%lynZRt3N!o-Fgf`Br}9_t2`gKxLo&*kv01L z?J|I0IRhwpmGmH{N^Q!Q!N8YsD*vy8__r_+lL-$VsWGU1vE4c^EN~PtD1M<32}bcv zXB7DCk5;4jWo8uDs!@E#C=LY!hvdT2|2hg_agzL%J*$-mXM6cW+;ZWPzbxb&w93mY z^S?Tn*VihLFqj|TCLqZUWuD^Iq|cFJ_9=`X1McDf&N*<;T|5-xH?9ke_3wqy4*LD7n?JP@T!@ggGWX;8PGRpybbif?!^%h&P%_1EJyPxBRWILb-1>>fCar#1P~GZd zDH~TW;zhaE^xEe=5p}EET#v=Hgs0UNwxw;NkIp`31v9T_rn=$$a9F4cTpL=wF(>w^ zlyJK8sp-c&A?cA{`Cc%xK4g*9;2Lp&OZ<$7o@+Q}>_R13xxbSmW$g7^7oiIrW7@-# zR7k&VWF!7z_EiHqGyBqftt|smj_-@`L=dGS$`4&n;wPnr-JMonb}r&y8(e>&Cr9RQ zjAyL;jF6uJ^5dxaJjGj^p4`ffr!9M0cqsh{xBGoBw}f-{p(WV&s&C&eaH_fmdq?ah z$w9Ekisu~1k}xrzaP))mXdRqN93gT%WtesH{s4_% zM7Li_DO>x|@=Txb3fKflN%N)e(p<^NK*6d&{r?6i>}rK*JTDx`PZTO{USlb zD*X#^kozX~v#^3O^DFB~WBOsoh8m(wuVtIyUaFd_ z_A`&y*DIaFT|7`W`*jL3y-`YafOQ@TT$d!iJ=r8=_D7u5luI+dUhKymHEAfSTYc2Z zWl7p}MC|m)XAOe3sOJ;h2JTb4URU!xXCYaywLchoo&xU)0in zm&o$AYfL1!4i>e9N_S&gvZMBX+M5fZ+iAYl4Rxy<9UFcw7QX$urj6JQMwQ~Ig8|~Civ{Fz)QZe(O=7O)lM7}2?RiZ%N3F=rrlufkfjW}6 zZgt~Fzkf=3qmgWTO0uoxCval7ar!Agv)zG|!4Kf zdWl#{g}Ss^UNeRml4{o8^>P~*(nHx@4M1<4se)dcEy7&uc=HEkaHLpRax`n<#Yv84Ru{xa zoT4C0CsKh#$f(ZQvpQ#=bJ;-pSXe93=j{RISigas(Uqt`P-t8}C;VW|+Sqi1- zxv@;>Rw3yU{(^pfKHeHc3IappeT48mtq=UwIE1?a>qxwL{>Td^Ron}Ao!GsW0+xYR zu{y-%DSd@9P3HA!oXg^wTv(zq%eG!)>)0o|hLZ`L$WVswVeWhf1*l7|J}z-LMb6zl zxwpsJMcx1U99H@y=_Vbu71T76(JTVg0$jWl+2|rSNiN@R{Vpc*@Uxg+FqTlc89lNj z9Sj*f{`QG|hQ z<>rhKE@pNuARagkl#wnVcTIC}r$W*Ngk5NRAq5I3r=x&sni<}updnn4x4nSEO##99 zXpiC>mQPw_n^1z8eX|r$JY^9h1q9*xnP^-b;fwXYtc$186i-Ka>+)&!`&XLsp)90W z+Kb7Q&+bm;lV!&z^lcORLh!6eNIySP3L(Q1yC$(aCU%EOmo6bGzBv?RmPwf@pa?8u zzpi{9r+hTu9G24ntMqP}IOzuYCF>lwutJ1`Zr+uT=Xw>q87z>sJ7|uUwX3&Nn&+%hOXH~h0bLNAK+oc!C%3WePSWE!YHtzpPLUF?5Fzy*4&a%o{8a_}Zek02aX{0uBE|53bz^X^y*yE%@>Ka6WhVbvU@V>{%T z?2j8KvEb)?dA2~96P}@Xu>M1mbI8-z9~W(Vpv`lJP5k(xcj4@h`#WrX3BbvZ=ebhH z#USm)Y`F>ZkW(qQ-XwK=Z;p}Fy5w8eUSrEOmJ?KZXXmtc__BW9F`OU!nGEM3U;_(w zUo7(8WWYmC;Kwkpy*=ddy_V;{$qRkQ!DO!SZ0EApZyDRnSrh%Zuv{79IY9mMqSuKB zI5Y=5{k5VBfJcUtyK+1oLrk zxZ4+$=F1H|aYr@8G&eH`$s5OV0-@$@b`+Tf`uF(b;@ND_M+5cImE$t=Xn)Y2^Mc=^ z&qV5A#tDSJwFOsPaan!V*cdkg1z7d2q=C2`+)7%>R$_x2@f_9#f1pw(G>Nds6ye0( zzd!sSEKNxB!5Uo5UV7wyB`?ymuM;DFIQuF0M)f9yJi^RAJiK5@Ufj1cWJ&F)%_3Q8 zKCc=khgbM@a})F;{E zgq?TUgpfJvkHEA)B#{5rl7HO|^bX|z=@?ox0-j&@ly*){`w<;~+!qi)KjJ;jmtIba zNH|Pq4)eg@W*$we=_Ps59aBrRa7`q8Iy;ckgy%#;{bjA|rV7oyVV3V^5>kIfhsDiU z$f>dH2=}Dttt4tZ_a*4dsGL43XMJHzfC1M2#zXu4rE*~hACZ1Chg*W&WU_V$wp#sc zVj66;256w2(^zYykiaAy=_BPdc%mD6dr7U=@R8%Xp+(%Dlfz8%vQkme{S0?fVW%(QQomyvrxSCTq@?`%Pc4O~uwx zkgq)S#I@zV7o>#@g4EPN8j7?LIX}Tm;ZR%NM0l1Yu36Sz_y{p-TDgdJ!4V?6T}(Jz z73uYOdlgBPVt=5$dOZK__Uhs2R6X?e5*{~Z`}R`&G?b7A>yh6Jk52{$-DVI=B0Dd# zn4=E6Nh^I`9CDU&S?p-3eemLUVNL7nToKk+QBoZI$%ZP=TPaNbzInOlwwHT~dA`Tm z2{tKkDNo9AD?rLUMao^X^Q5ph>(Z6?eYnh~OE~?MF5yLX3FmY=R#q-NPPudB%ZRX^Tq&u(EXI1oXyUE=jmByH!f3`=KQ)>}>o%?FWz`vr6sy{3 z+}28?$+1d}W|38BG`ZGdqgigvGnynT(`d>qm(f&NNm}EpCU@3_M!!+?PNSDxTm6h) z=wd|}{hgved86dOCuFl)jb56E^^VcYYT7zx^bMjvX!MPuZ!r49qJP-vkBNS}(Km^H zo6%dM-)!`)qOUdjHqloZy>MWy5~G*vjaIJFYoT@XjXqxN-A3;e{WPPO6}FXV^jZqt zNTW{@`*@>=NvEtRqnBgNmNI$~VrPA-`yF4o=q;nK68)cyzFPE$jeeu(_Zt0X(eE_+ zt)jo*=$DKBPNUy0`YlGkL-ZSsey8YH8GVE3%Z6M`V`UMWAtv(Z#DWH(cfb9i$q^-^tqz<82xh5FE{#f(JwaoD$(Z{eYNP* zjDDl&lZ<||=r1(-t)h1t{hgxkXY|`eA7S)6M1NBEJHDNwZxy|sk;2DemRQu$)_b~> zqu=1z4>ACs)gdm6z~&`mv(wmc$|?GQvH7L3S%i(>*laO2x!8PWY}Sj7j!jruwTcqz zh%X}^kG00*RVJtto12ZzY-2M9n{s0_#n>S2D!Rznj4(Dy*eo_SvBo9^o4Llu4;zc_ z%Z-iO*nDVgmSc0Jv3cFtlw*@+Yz`QkDr{yNo5!?`?trkIVl3}AmeLbpImTGl8%ybu zupDG8tHjc#yM0a^>PO2QT@HnL2d8ZevK&9?n3>=H{f@;0YmMxLM%N~lx{+7BSs!x_ zSC$bU$}*z&##rkWJe&2wGfe-VWqr`~>$KiZIFjXiR(M{6HU-Vx)UW3yd%Ra7(F&9c z-6wX-GTi&#=8oldW_`b&MeE-7JBrqQ(dJnB9D_Kgy{RgDyia939$21dg|O^zC4)%H znzScl!_%JqEe`h}CalN&Ps8o%q@Gf}DCi^aU$|kuBzJaylzxFQp zrRFa9WEXe5%n1bUd-ax8t^XOh3EoF;f^!y`S>DSJ%&q=zHMhBBg9OJN4E2BKYS_^9m3c4KR1W)6mJ;fW@f! z);iYU*2CYE4GOsfekZeH?tuRS3!9afsNLj7%~pK}d~>He;IGpoxVYtWJT*QA@m_Ca za>sWATzFFVoaJDa48tg?9zV(ZJYx`u<{6QdkAQ~ghw+#J3x~EM2cEO9Z&;KaQhPuI zVR4$%w+An`;f3q?No&35OXzbY^Z<80T$(Q1MvXq`_ncJclkb%n@dcWxqOvQ61W4$9ayHkJtRBV?sWZL3E7eN zFXZL?-NxVJB0@2mrY&08C&TgN-kFX^Z;5DNt$W&~^#(4j&vHCk+p`H**KUg&>s)2# zSphDX&7!)ve2wX{dd??hvQ2qQgn^T7_;=g>&oCAGm( zTS{v6ZS^FK`nJ088f)6Ptu7~s^=T0=b29+CD+WGkF!z`TF!6&03C<-a@d%Y zYBA=0wyR&p&UNA$eYrf0@E`Wd@C|h(a}j74)Zl(OavJwX;3EbCIBI)>mWmmOz|C#w zo(5g>+eFw6Q%6Y8Xl|Tc!K!OPgRF(z*}kW(r1Ny)lZgS~lb3T;i^H{Pb{i(Qm^P;4 z`Pzo&B+`gomDsteIigc^*}jsS?RDouU!2pRylR%~;Wces2M-}oP1~|HFV?gb z8yRf+8n~<|YTC+-fNr@0p0BTfhf4?5=CvO-Y^!o?cp5}IN8`IC$KR;gf-+D9GY8;? z_jB$epSL(6gb+Y+1Os}uMEV=kl49k&=5Bm_lJFe-2zRqc9SB?k|Il0lr^XeSi{OaJ zyJ>Og9G(TqNtBD<8`DP4X}KbB@B71>Qqp_1Ae_xNLkhuqsEXXa7sZvX%5^>_#Bu!AQ^Zx>?HRpBQ=>G1j^q1yFH>D}JxmzM6sQ9Dl z!JE!rjZSK}hs%4P1a?91He zPHLD6ZhfD-H)#EFO5;I-i15O7!UI>i-&-Z_O;aQu+r2t@tiHwlp$N{CRy`L{-9jw7 zRiTf_vsmoda5dT17&6j>>`&I57oB~(5&u!B+Ho_B6&`|pp zxE(anx}TtO08K@J)WeIt6}x^IviART6cmUif|?V{+2N=-|;j!izzL`+f!>2YM5_MtHSse zGHy6tHB1uh8PtK96Kdr4^W*J=2F(uXjM=nrw5Am4sASk8M-)4QR2r$uHRBc|>I^Os zGSJDOwqc5#NFZn=Lr^%q4pia_t{y3~H`^>AVM*4@%tAIh?#>k=Z`0=`IF%!&zL&vm>y#1SvSO4a9#6s>b@WLe5J*YHy88PH=2Ex9i5~MX(V9@u!pWJKT|4wWE zmiD0Uf2TFi37{F|G94#1N?-aGi6c;rOW!RH3fSEC220?!cf1Mc^tedH2+st56FkHD z9m^4s>XV7w6#7bIh-m)MXhNIcF`A&}*F{4)gf|~CR>94UXoOHz^0Qce0ynOYa7EnLN73Cf;qTqWBwDSytSnt*cez_~oy15gjJF;pCpAuZH$eLa-SUX(EhfL6bAF}scAtwy00(q9H!!|fD(u|AL@ z>$_<6o;wHHyUE_ttm*bGYIecu?;m;iU5*MR4ub1*oPB%QGxCLvECat@Q8)+ECSY=N zeBk|I(x2r2k^Vxn-`{1%Bdmp?)*Zw+EXlf2r$P1%tq`;nUGr}IWcj$9@E5LAy|;~F zYxha+HU4#|Tqu{j2RYf?E_7}3IFjU*;@p(r<0*$vahoPs->Kn#CG&JGhxn(i<7o~g zg-0Xj;yEoT{2{6t_2vntz%pfimad3M))7gjFSH5o;UY=*A*`(}NTO$d2T?$adCj^( zDpq~iLVQlWs-L8U(`OFHmZ$x3x9ghZs9jAcxc%JjJnpD1$Ka2v!U+m+?CTAx-r{s- z{A6Bqy$L&mw~3x9dyqO|F_%{d1JZ$ap%yS8oO)=YI z=3ju5BrLaumBRsRTrXXfCuh*>COn-H!m6AXAHVlo>1kwGF+my3t%oCJD#>}o2gQxE z;DhZGcs`zk!l(6vfQQ?}0|(2J^lzeKI80i%14Ip!FUsR(EcI?TK0U=_#Z?8Y@d*e)r$QB^?3=+Nyq2kCZ zSBo6Cgki@?vn*-_g>NRj?Kq$LDQ_c_u4r95x*#@r^T$oJaqlCg;8_&pxaC2#Ot;c_ zE9howPLQrS!QOKnkA-m0x~QftQiR4JxMIs*xjrL%G+FZAHK3FCOGFe)iggk7y(k&) z-etUgCkHBr+2WLa2a%9efS11QUWig6)>)AqU<7OIt30pyeJUmws_NrD`w1!APiEeB zZA^1yQ7zwg?N1BOfd-1knbrKcu2~mdi1AqS2N<+%3mPc=7@>s_y5dulPhl-v`S0o) z_Z&EM9UQ`pyMA7@Nc>52*FWN<#Z5ZEV;**LM!PnJj?D1yofhfswecJyV~ZsM{~LQC zZi}5Ve_zghz2F|ku9drfgM_CmN=s;vK9XI>=<%e3lHM(XfXFMYR7zUP-Oc1k{L^m8 zg4C1ojIfk84jPd=q1BzwG|-*A&v8o>=_g%}N0V}sILCS!(VPDcJ*3GyHpr%l&XjP= zwa2q%Yof>{kZW_nQovr`@H)pufyvZN)=8p@>Uc~T7K)6$zd!GI$!1DW2aC++9(^z9R)SMYmTC*ZTeXVA@dz*i9n))*)g)3}St53-gdOSEL>J*K!#^Ui<4 zUB4w-iZ&gVRekh@KQ;ssKZq-mlJ`YLq$TY0$K7>-?y!1=c$kZriwf5dxXCLhUO~52kP-MjsduRp}Y0SkmBj(s$Q*- zMLiKO*6-Q%-7jx5u(yS_#;Ka8W1m2c7oJ_c41+TL{lx;ow{7IcL73O=m0`2<^!J<0 zA<7MY%dMl7Nlqu(olpJnG})ayusYKmLS%QwGxl|wLm1h`GKc8PL|)78e4A4MW~O4D zKugBV4B|V4)UrF@GPc&P4v(|M>T6_o`op$W3n~AoA5ySh)i2AXa)hM86O9m@i2bP} zo7kK@U-2%bDiY3XB~xT!s>wP@jk*2s;1DU*1SDd7}>s_a>(Fu_SJ z0+~#3IQ$^&Xl}AO9{bp_VFT?`Zh&6%OUk)^Y;6_Om-@QZr|i;eO_ZLm=`Vd#YN z2*$5L8HCJ9AuTBHvr%%9?2z?S8|6qb)OSU>2BXgsS;5zTxF{p!!ap5Pmzh$X;9(#i zDP5D3weJhAoiZV?deeO(irAZf2!A8aMYM$U|R{=n?Q|4cHWSM7H^wvVHF`Bw;M>r~wp5tR9P;3=w` z(86Pav$1YCrC$%JVr3g%RF~+k2}dM~zIpm8$+O;tBPFwvL}{84bA@h;IX2JbJvptw z&q-aqUH52m<3EJk62?DN>_JnQ~K2W ze%=vs&ZLLqQ8E&emQ>iLndq%G<{{Ia)H~JkTgRggmZVKq6DH}I>2}Frc2kIfDCZD>4yz$D?Bd!2$eZ-_~f|}CLmMwKJNT=64;>5(=l(y}0r z)2A&Y5suo6=wOK=@bFpld6=#HZi`d|VEb zGcZ1Ps6Wm{O32EFo`h-nC3`?z`fsjg5Y>A@fj4BW;438=OgoX~`Z{y;6jD5sA^xgS zs+t=4=uF z4y02Uir(!zA(By$lOoblNcd;Wt*3?iy~#Dx|D4BVDDNmL$~jzc?8R>10R3)wOVlp7 z1OAqcqC-qV2(2({&Em^BM|Vo@pfe;_ zUiSWuu2i6K*F=TLdjRKHH5?$YhZi~9a9WD(#FD@<(#OYH6~>p9*&eWkqo7q2lB4&2 zkEEaP&gT$Y^b_d2Zt%#!eLO9OlygEXG=`P$7#ovn$7I#ZzP^x5I{q`XZ`YOj$WlHh zSpOmmQ7#$IC8qY#b@F?f3t6*jQk3#euD_zE^$-nVvoZ6geAc9Zbn*j-O?B z?DQOiCWfQ#quz1iYU(HVj^#vLKnA}IXIi}8d+C!ttpApX1?n&9V2REKmxxKk=0j{Y zb7j0fET3oyJ+j81;;8rGnw5Vd(>J(PI+EIt$%Vv{$U>zxAY1>Kqvini$5VNgcf)Vc z)qES`Ofy-Qvpk!%#V}5^1&DJgsU-ou((0E7=|iL~A^udGNJ}X#5fz6>-pe3R2wnv> zZCjha97;C`abD1#X6(bsT{nrhGJefA&t(ZDbmuR8;~ux}_KkC&Xn{3DF@|Q)5$?8T zWQ8>O_U~>A<64@&s@fuQ6JUTKlCM7OI>I*(rP-w=zvtL+8~O0>Z*HL*GH(`SHd>qI z^1RFkWFAxL&X@OXCle~8F7$9s*eG;P=AVbT5u;xN;0b_%`%+{glejOXXJk!o6wRVx zk;c&S%I?30L1s8y@T>GiD*FZ%cg7m_F=Gj0RKA8~B0XaoVrTy>OnuhxXvA2@%L9#3OMv7o&BhI&OrBosqiL-c0U3xVHL{(q#>%eu zq)B8u8Hw=nB*q>l(za|T=_(SiO2$fa-ZoJ{lr4g*s)xuNU(U@kuEkkDA##q2SG1?W z%rnmwCe70vJHD#j!FsQZp2Bo&@DpeU_Bd^i$DL)okUw4tlvgj1Qtf+7o(bee0jIDV zt(eV{q+_za)B|uXXN9?2dsrqspWX^-U-vjE$-y!taj;of>@RZ^*FMnv?7395{t3tQ z4bFP^DTjNvzJx+MNaJ>#oE)ahWtpR80CY$+Gja&x;aSFX=A)6!Ngw*Y$nt&cdxI$g z9bGY*4DdhUZ#REINo4tkAtuF$gn4{A79ytL9yYjn)`nUK4@*2HHyNqnMN^jtyM0rt z%4DI&^ITi@yOXC>VDgqtg2VYYDwfD~X}OwJZUhsqslC0Q`5W5h#5Mdu=+kEIk?@qe zyQlSWwpgXZwQKMUawmL5iCPn=bt3YI?Ib!@?gTV=E#z9%ji;-sa@S4yycBnMUG{c< z*dH;|%Vh|TH0!bl!B`g-MXIcDgb*Nb`6lb49is7+TZLrY&_EaWwvpB3j}jM=j`|q} z*)l+Mt|yei!9$H710BjuLcC5b^~uUJp02h%{mgi}OpLz2 z$pw;I+`b;!2_Lw9r!tOwB@ZB#XXkSiigz=f6w+slT)4wh0I&Xz#lit1A0V^LnNue( zchug6542HeSv8Vop^k{n^U|A7d3Oa?38&n<{UImbq~B#FyOI7uWlde79JT8uK>i6P zrk^S6ms!%^`8`EhQ%gQmo+0$;pMfd}L4R`gr%r}{|32;LwdiyLLQDKes5$JY5$-Y* zSPv1pcCrPotj{Fh=|#0tDV-O9z%!H?k4(HAaAzqHZpsI!m#JxA}+0vcykYB$Z)-~5k)$q=dsU8z`v7F6p`T}>z zDk^Ztju55trVtUhoSR+cL2FXNJn)Owe8Ders;GmU-fh2Jg_HO!^4pCB4)K2Tq z*RjW*0<;-S{A!&zGzyRN`-joCXNR%eA6_wcrvEma@puPf86=;LMsOJ z25;HauvhVCM1Flp|4Vuk+%;b|-S`LDs(l?BYY%kVucE+Y7Bu!eMbF!;dvTE&f3(^ZgQXadq#3YC3lDk z7KprMI?r!%E8~DC!g^r8sYGzHsgSQqJ=8h!oFnfQ#kv#Tq_%}ihM%@3+#;@QQMS*q zblRaUwN9_^I*%vF4AZk^L zT9P@^_jW@mf84`ta=4xnCP)23T5}^@GVbAFDKFnZ`3cr_#eu9@OVIjoIpdh(q$?EZ zwvWp)he-bnet7P@B$$!>rrY;&x+8l()~W9qc0rVTt4Yb4K`pOaqrhB~6z1(^eYsqs zizcuenTzs%%L^7qN=a%@Ql({JHp&z}0aMF@o35o2f*en!@0d&)S+iKo`Bdo19^0`v znc}(!`Q0bpbjzkU!s$m@-*1n|x(}_c9XH}r*f|{f(p#+{mlw2NuwvVhpP&r6u^~Xu zW3%KHk0CG9RdPmBj(=s?$G>2BKR0tzT2KHf&#cZ0il}BD`y4m)Rnj`lDk-QXv77yRZ6DkckFTJJ zwJk9LcM^e3Qgu3~;KH?R8_ouucx_O_DAk};m?T09G=d4dtZk&p_P1_aCWQcn+5bYT zpVDfH^o2dT68Z!|aaop__CcQqkA)e8;W*@K5k}nL5q5*uup6W)1P?=6UGpX|iYcU~ zr{5OMdt;mxK@@=tdRvP0EUN&KBq_ptupXKvHTqh%o_O%wu|c*-5Im8z3-*n?t#f0h zjF5fg(pR+ZI;5TbbtC=3gJ3cpu5}+;c^KW-^=Wire^!Hr+~msmEtr@y`@QE|UP9C_ z8O}5?1Rc^F;4c)?(RJo8EWpgpgYZK3he!`5Q6P^)drJ@SLz=@d*A$L{oqicC#Pl&T zuTBz{cOneA^rXP174v4CxQFJC+uBct4Nu>i)nmxPEk$U&5jL& zwEby$Z}~2Hf0VT9^U-8rCVG>ydvy2Hk+LmfuK7SG#;L5a+KBW5{RF*s@I|jG6#B5> zjj}Qr9O01yX{-4-$dohGUlm?&EtnK4rbAU5De^(!_hxd+hh5 z_wb&yu4clXeOtdLJ@0JqN&n>6eWuH}IbH*!T4aPp^pF@@Buk{XJ=!Aa#CE znpYa-J!vE-ba_yEmqm8uLFs3mb@Sqzr%63H{Xyy5*O0w4JShFrQZm~0LFtiAl3dv+ z{XmywY7C9f*)mv*h7x`!bwADb43;d*txI(D@~HHa_-0E+uf$ShG0=If(!Lg#(S$Km zgt>dNEa$yUq$qG^LvC21t=3;>61kZUjdSxltrn`;Xw9FmiG&!({VnmPCUi_-tl>+U z8<^pkh}l<>DYN1E)O>(J8Ua5v4!wGTUvmG2GOsxBI5Bf@mAMM{%wkDJUDziOgy3!? zFN2EsmbQQs8zmJK0c3G+I<%KDPy0vBXGHUlx>En<@=MjzU&;cq>15EPCFfY1DDur9 zb#e`{-KFLa)x=I$VW#IdQ_s5ifk+ZM*UGX(Cw2~vOQJQgJ6;L1i;W6pCD`b?1%k#$ zd=XaO_HL0$QjKJ^Px8;;1Q{-vFOBUMvfd??60l}bSwp8~ z)}5bCo>}q6xmQySeEpuaPF&UDFObUiJQ%8OqlR`tB_&m}8u>Ak7=p@cR!>ImlRKYT ztY&_|NqPTf(_oPzBRmizMJCene_#-GDObZ=O6nemF4Rb&{*X>i-Kej5C|~7uOP&Pv zWv5u1?dYWDg6Kc}RS%QSTB+~Z@J<{4&W4RPe8q;A4Nuyzj~tEQ8)w5z8!onCg$*~_ z@E#jJZo?OB_-7mb&4y}(!5d@4F*dx!h6hI*_a|)lI~#5ZK-=GT8}78>UK<{^;oCO+ z)P_Aq8oUE-c##d~+iciQl<4J{kSj52tgHcYai+lE)#u)v0;He6%F zEjGNL9oBjiBINXMbHk@X|EE|5yhNU)KZ^J*^P$!z761#k^v|*JE1MX*oA6z1W+>{!b zZJ>3Hfq$wquzR?Nn~eRz_b+De=&u$Fl;JWPb+}KEI?VK4zSOdc^r~V{PDNRM zVP&OKD^#V*S7oX~74kPu6{r&aluAqs(&;>G!+d<I~r2=hN zq*J~^`&~|sD$(WfDrO@vtYzn|pforK+hN%=ElKUGqh7MffUaVd62v@9bw*8f1 z9|<)A_{CoV?)loi(2mndY+j9D+?~W*rel@#l=CMTO^9M#N-19_l#yJTRIk9cQk%u+ z^`yYB~umi}6!Pnw@Hl8jo!W*v`jP z1in(tLJdii*hozfdgh@{r&OsBD4zyi36# z6ez@>P-_`^brM54Ve@sai|jZ`fF`#>3&Cq#R^T&``i`0@v30~Zp*_Ac*Dt}=wcI6+ z0Nqnb_k7G!K2iq8#ZX#kCg~jaFR34a`~>Kh*q)C-ngaAYQw|E+>29bIpvOe|i$Hsm z($CYa#N3^nyZ(<+?obbl+zBi0jW9PawVj znflW;rUFg>ylzwp;O}UsQYzAGc<6VfzgG8nbYR&*|$~Lp~*B|pS zJ->pNpuck43^z@GPTSnqHaC23{Idt4zZ~1lj*j_k^FZ6Uxy|_J7^VK4wpk8h%6IsL zac8que;aKxo6!1eIBwjXwmHW(53|j=pBi_L@#!zcHnS_DKc{VGacVx>e9|_y{oRBY zwyAu_Y;(45`!XMpKA}jL(UsUqIhkHBRVDD}WQ3HKDlO8?D6`NlrG`i?F{y~O=ahnf zoc`mT7s^_&FVj9{&LN|b!65jq*EL`zzn4m|(_%>{oSC-{1AC;(>4NPN@R`r8-0BkW zuHaW@hJmku`XqlB;xpU+lU~o*+(gRdPv-5}^tfU_-nLQ1C9`?oIJ{0v%CEjx{oYt_dO3kGVkr~(*<>Unw0a#X$LpQzqupPPQgLiaEZdUoo4PK3(Shl1|CHq$`jf1KF8|B6&J> zCLP8s)G+Y|;t@PDiphv7{b@&jW?@s@$!_Dd$l8yqM^R6!Q@hx-Z0M=~M zFEjQ)9P@DRYL;|J`XpXi_egvJ{9+b-k`KWn>6Y;Dk=&Q8SaFH0+{{HY_BMnm)+RKd_}&eOq}NxmU{vYF7GmLC5g@S zmT2Ue-cnuguJVdvDevsOiv0F+E?ipS&8ui9Y-V1mHWIHQE(LzUt-vYxP^E;wNr6l7 zs9A+e6=Br8Jdd}c00+KV6~(p=x-9orRJNO-S7AYEVJD0EUSrBGE7iW{d2N{I5j+xJ z!YKSH{3zTty#hZ$!6BhxJ;Eb;M)rz|?(K+)?bEkk+&TT@2MioEc*wa!ox_HY7&+>^ z(PPfPAmPHXaCO2EhU-wt5PXFubf1T?13sT?guQP`As^c#h9?UoS3xs$6e_QSy z89%*Tm;X=KfS`5le@5!@KmHArpuqJ(9e=?=-|R0C{`B1cvo`;z1xQT&_zT1+rVf3K zE$8_k=h*n@?*E(Rw!>G9>d+fqP*6u*U>?10eNF9#?|gS--6r2H_20X7^KIY%!ImHX z=*L@s^3&V5-SM-Z-+9;Fzqse#U*5O1W4Jw0-`?mnXmCHHrV~fN=H>{~HYm|J(Wh-;V#kO#gp0AfMe` z56J)9`43~iQg+?~-w@1l)-CY;sGGSSb6`y>e!kbud}}xJ=5A)rZ+8j*{ch$TbTdC3 z+||E4Guk2PD1P0Na=1RjZeV@kaxC1|;r*@Ho!9xJc0hnx38>Cf}4q)?eb$nUu3A zJVITZn7A;99dxHtXE!2uc`lz)RpnKD5%}PhtB43d1b<@GUythQ?^Lg=CW4UfRDWlE zb-%DMV%V@@0|lL!Se;Y75#M7*C*>@xCOnbkNdYCk?V#nbqg4JWpPUGrgjstioAb>deaXmgX;KJyF5xPrg}s#U+IWPEVP$th}() zSy)w=@Ac#@Ezt`K+!vIJLEMX|AI`i|XI?oT3kV~t3<`go#?#@iqA;((SyWNBf)EDH zh+(o;c0mC*Wxoi>QGFeXHB8x3($!wQoHuw2D{d+-UFIy(2|LZbve4t{Z#?B&NsQwu zKZ#{LZo=gYeCbu?G+0xjro_OzVnrThN2v+rAlK+|l=EoORW2`FnuldcacSWt&QT@p z>)6xqtXy8~DXc8d%P(~16?qCPoTJBkD=Wq?EiN5jSbF2=K;Vvgpkwc-PZAp*iz~`X zR}_|d0{%PVDXdsgTuKp=8j6fcH}(c^nWxZ6-RM*;&z9(E(79{fU&3l%`16-4z4>Yr zXnvI`)4i+D`39=hvnuXOy~^10>V=GwrZ5-F3=3`!6WeRiU#V zr?*lFvta(Lv1X^Yvwt1)=noL6=9L1kbdD*!kshYF$XU3e+;h|U|2V#-R5iQv$s?h(@51)VEEU$dqHsl- z&Dt1lx31ys?aZl8w}XE;FKynfzy0aF4F?iuKAJIgXVjYX-vyD?)Jqo2cvrdjN-E(^ zi`kEtfv<9LW$}vglENh=cE7o}pt#brc;!Wt$CVeD4%Cq8tiOUgwr_;$TM(uCPVS}p z&UGA)Zs=A14#gzOco3sJ322E}#g*K{%m^$1oyCI%-4IYO0Vau4O0*sDBtaHJYs z;824n_f~@|;#<#Y>UX$LLyX2L@%0^s{FdQLMZRTl1`UW*13b}c0BIO7zn2;?8FNKk z!+^2TQ-5Ed1Ns$#jnnDi;Gq}d*GX{bpC^A$<5(by@pk6_$7da2= z7peM9cBp<6V_JJRMIDZ8h$s)w?U55JaqT4z53ryoaYd*BbK?$6ekE ztj<@s&R4+CR}3lPO0Y)>xYzg6jRTss6d#@(62|e zhtch(Q$3y-*VOlLY(t~)-9Y^_#Mot2P8r$#L5`t8xUP$V^sK*9 zsXwAB?DPy68lhq)!%L{>XrI!iWd!-UwjeaOu2yQxH66HO?S3c_*SsZ46{G6yxPtnG zsy>uopYQj|2^thhpAth}>07ABgTAkGNiImg)P+94{t=XUPt|`ukaFoiu`eye)QOSlR6~Qdsjj`9 zDYwHc05v^5^sfbW|2miS+jWIvRqwB-&#R%2vD5Yd=GmA(w#`BP=)Y(K{pLs0k433| z-;XH|l6E~ml6Fnord^wU9Q*~;$@%SlYeQ^o4;4$l7&}o$mX3Uc*CCk}^_#y4WudK( zgMOQ^{U#INT;doKrG|KV(Jw@*A=nSWe#pcDP5lqYHR$-sj|1E~e%PQ1#x1iKpzz}GE$A4JV1^7WMFH2(>aIx zHS{Tu&5g;?^?q)!UGL3U6ezC;w$V4BqU?O?yy_gA`ZVBN`o-_}YU+77ydkVSG&dwC zI8oXG-3o0oI(?|85A`aRdKjbnruP1RWNSoIkHeu2fiY108Ct|bix}m2u~)esJMB8& zpE}-mQtyiH;S$@!ISAKVIUb}8dk3rD6C)FYB7=pFiBfOn>kNb9p&N9KhpzF^6&jYC zI#@s*y!woFurc`S>vTo~;|;34PG8hZjhcKz$f%&AkTcb3CmYpY*GB3ak+zF!$2TlO z^_lOW59qD>ROpcJ~74Slp5IV0=7;!myp5+VG8cdzJwQ$!A2Ujf*npII)m{q*ALJk9LSE;b+ zJcahLb9jsUG-hu_1xxk7Vf2Wwg?YuES!EUTU=frQ+L%`0v$U{+(5Ypmm1QM`sh*0G zbe8tan$A(K%F5zpr8b87WgQ7n1wmkfiEMK=iSs>)Q?i!|=PMAY8W@aic3FY9q;M7t z#LM$mkWF=8$QXy>urpG&Fh1@}Bp zfg669@FpX~EPQOuAm#e7m?b5yf`STt9{(f= zSqoh`8Jcl?ZU==-T)00cCrN~iWyPhin$)Yo?!vrsDRZS>(t4M$P*l00Km{c_|E6-m zd`q`FV?n%->jpY-VR+*x?Iz-AiXM|<0)(#P+$_ddPt~rR_EZ5 zjLNjarQT)B3M+CTvs9h)Lg#u)t}G_Xypjc_@T3Y@^NC$nS=sg8@>#I0C4%%)k1%}V z#U(YboHHp>3q6HZ9yLnrOwjZy^@+l3VMS_1u?NO*$vl`jvaO+#L$V6NmgP~I^QR>%H znpeWw()oW``!TJb%@K`1NBpZ&(YsO^i!YTBSEOf)K8ms;mBj_Rjk1%Y#)o93X6Kbt zPpL!X?CFrXq)VErQmZ8WrcN4isV@YpI7)3(9&r~_pqi>>x?f7~U<@0)l?&Bd67ozA zYJjA#YY#!obcO|*{`|7`{y_c8^cy*a6?%`MG@trHIZ{b~Dp=+h=U;E9bibxWmmUye zSBtNCH&t@@N;YU*l{zoz*!G)OQpm}vTkU>E92TlSnKGajDRrmDXm^s(^1)7Kl8=uq zLXS@U(Y2JUw{p3ln&~YnqRGO# z*XC5)O!uk7%(d<3*--i{!G9G>;x0i6o)su3icU@oJ7!X%(=YiD|J5i-^Ew-@2TERQ zP~u*T5NqqOA#NT5m$>mD~_5aU?|5xMho}TXJ?(zTsYDP#%``9Zq$hphh+xYK-|601nob@yDI?ww3 zYt!{Vh5hV@4^0Zre)#QwDuw_0c+Oe{>{;SjtAO)gpSJ&n82*n}iPnqF{68o-REB+Z z4-<&o^*5~_W|Q)lZyL>A_ZqnF=S}*`S<0Gf4Y%We_b*=ih12%m9jrTLY*K9a$T#%w zvi(1b|3i1bbN4{??%meiY-o1-+VQWsONW@lglEoc-+Ildmb`Y|YZJTqX1?&!u|GF` zuGEAzCM2Sh{HdLMl?NMol-O{&4GV0TYs1AhTx7!>8@g?nV#7omI&Ij`h7mRlwIRp0 zQ)J9M8DwCa4L`MEs|`P}p=HB&Y}jPOKiTk@4G-I}!G;gp@O~Qx@ZV#bx7l!u4L91b z+J@ye%(dYn8_u_(+lGlYblR{d6VlFef_U3L#)c6#R5ol=h7PSZv}}0HhK)AdX~R2h zxY34HHq5o*A{*w|&~3vM8z$K>(S~De=(J(H4LP5$%PGQ!%7(3eGmam#VWSOq+Ax5B zyKUZT!;Lm9w_&ag-8M|L;Yb?}wqb+~n@*W{8*SK`#+|D5f4g?%bVG-;A^zWX7dm_$ zEt+PYCHJX0S3Rk+svj@oz++Iat2D0NTL+Pw}|MVWLix1o$b z@~O+hWNG`~|1m3j4)qQXCm#g`)DC%2nT5QopHdgHXPX8b8>dtQ_KCpT zQAy~xi5;pOKLY>OA6@|ZR^Z72O10rfU=~;4Sd?x?**PfZNyI-aDtO{d0dd14E&3&e+O7O9L_9$?gzez z5}ZeYu_NHU4u{ebtQB>e)Ho@Z!P4ZMDgQh&lv3Ggvg zXg~4=d>a*m{vF_;1b7GN2Lqo*C8FO8d<(Tr`~WjAH0j9#_8M#AiURJT;xrAwKXCAP zrE&!i@S;S{Jj4g7B;bY#@HnvF2>c~VaBc@)&6KBLaFALIdnu`DTWTAz%?kLXEpFWR6KeMxb9-^`J=A|{s<*B*$RA{gJ=cV%NdThE`fK0 z9(h~}*;<;m0{@N@|DOUEPP1tath4oPz?WxGri48P9Pc8{=#zjoGr@(v7WfEC@azPR zPQ@Pji~-I;j^jR*hc_Ip(H(vfSWQ1i~T*oS5Z>;-U0UH zjHCF80`5j_!Ovcx`!a)5UW8VM_%Ap_Nwb(>p{akib(QgL6gc3YQffvBM6a9t2eJH`%2%JCP z&_`g}mG~j7z*DHL@&fHb&gY;OLqmaKoKbuN`v~BB*C4Y3J@VUB%wmH->aLZD5N2wk zmn7g1QCn#vhk@r7z?%W56ZqRg+9~=5;IE7DkN$q(sbwZ@T-H$|%9Qe8FYl4gC?{U@ zDZnC>;9m~>2qkT>6}YF8yyIst@M@2-Ukpt4LI>=p0V`2b?jGPXC=Y#CBXH@B^d|$! zFYw8A)KBu*0Gzts;F$*8h?1}ZJvGn=Kh?nPwMs2VFL2rhleR^`A>U#54|^wY!FLVa z76IQtNu6&3Zrfq`Tw8&EL`i;;zo$O6^#b?$3?6~gZ!vgMfaUe3 zEeo7+tLgVrfER6+afNaLUU-}7lLfwsiX!h8u;}}=LG;UkEw=sx;0-@8_8#C#l+a4x zFSpRH(98R5IopUEy};pjP%qJs1YU`fdQuDAi;}!F0sGy>nI`-Q%tncQIWYci#zpJ} zI`1J2dV%+%geKd8EAKV>D&S6(gcZ1cJNda4c$tB$xl(Au%8Azf|B-r6!=&JV&ZM~e8mNUL$FK_`$ z(l1cXaf-b_pRJd(oWHU40{7Z__3!VWra-6;5u!qXV`!4Sf#tw>;6@-of5u<9Ubozd zeK58=ff9~pRW0roFbs&N>K*`wtLktdhoP$h`ZIWf^vy^28SI1bm3szz30x(P_7}h- z#*JsO-+C7N?Psyyc^3P|v)CUyi@kLQd*O4nVIT2*#wdvQj>&*(-NJko`+zzAN3@fO z4s*lL7{?%Lz?rEWb~&Aqh!D_7D*V?5;l=wx-&$(1Wttr8C(`465vv%Ee*K*we%=5$MEby1 z#7h#A{?FgUbX+{>^shg;>EOwO#|4L&Pt9GNfrpbN;Kv;H#DRY2Z##I1EEEZSB98rb zU0)#pUz?b}+AuLT>);`L+=6%T|LUg`l8gs!ZhQXFJ;U!msQrpN;XZIp^S2Q^O8Y-_ z@P%K@KiGEiP<4Ztp^yKo1y8k|)Xw4``ZjNC^J`~Ke?egxXYsG)mLD_D8oy4PAQyZa z?XN)_)ybg^YnwutCyfAAVTZ@mF4XMZNp(yY2P7 zT#g6qpby>gSh&>mZ}V94qeV}twNHKYRMGWiYAr=n^pxMf_NkU7)P(ET{_V3RkD^)o zvv+wr;LD=b2i{$B{9o9&|>Arrn%5bJUerUa79S>MC{Zwb!aO1+&z$Wy{oc*IlPptXQEc zDv(h}|FL@YYIT=)hWgFT)73+3l2y&Jbal)1scK7^OWj_PqJF>b67}2a4E57>OVwjr z%hkSHFH?tqalIPzq+eaQ$FC;r^Q#$q{c6gyel_g{zgqmfU!@*}ZT6a9&3V(WDp3pG z_N#0D>R0(qezo)izgo9$ovN#=Q@7oAoBHvOf2@A;lb@(<+qS7Y@4Qppd+)uve0S{F zp&ohU5#5(P@x&AArKfkO^&k7yBdvb*%rnoZ0|ySM=bwLG9XWDD9X)zfz4qE`>Ww$v zP#?W}Ouh7pU%mC#Te@B}H#e(KKYCyN<#WGkZEaO2PMpwnMaUXFo;6wyXK<)A5u2IM z?V$3|*n789PyKz=bpHf(jem~1$$x{|>c34r;(tIL^&biJr>Y;}hvzW9ma}%+%$j@$ z=Vb`Ltd+46Cf+8(ZzKHg2;V^X7YYAPr|{q13Mkzo(V?JmHTK z{?CN}3*nmy{}JJjcM3oLJk}R3>iRXz(LBtJzsH{3ui&FRO(T3UR{4)jQ2saODE~V* zDF6GnDSzt&%76Swd-})sBm8i}CldZr!e->^;jZ+lSrA81tmBX4#J z?ge{(FSKhwu*({z<~`Cp>Z9_9w!>OZe9I@E0QG;W983gWzH=^Vd0euH0~xXrIVf55N4JmPN;KZx*S2|t7Ia|xeM_!|kok?=o> z^~3-3tB2?K)t(#t>dy)li15P*e;(m4B>bhZezjkT(|kvQxEvnYezc5ckLRMn6I;CYU)haOjnw=%DQ08sFA~mpEtYRgKK7HMn+m% zX6lR?uCyg%$BZ65YUJ$MBbL}6(lT)7KLbr#+LDCx#l!5`PTM^*J2gFX2I$jMT{C97 zmRu+vMvWRi%y!SnPH|8rD|B`Wd5DX)S4|9$n zkr{$NGc#jG=8_?O2gKu!hcUK?^Og{PhD#8nW-b}jx94C0=eo}H1InVp_Jw2KGaM_-`v&&*ECOwUfso^|fPI6Der zSaSZDv03C_@Tcl10#sWvEuJKZ3HoXL6OywbadvuUw$6l3V}Smoe@WVe6iGs6cJ`8i zvu5?}+m}qVyDzz@$C8xs=|pik?&r>$rE@vB-96P2=1A(Dn4X!I4V7mN)wvup%dQ?X zE^)aghB(3!XDrEHlAV#BZBj`WV!n*j$um>OhXzGnZaWCAGScX-Z1*Ko$H(;S5fl{b zCWVs3?93Tdqz-r2#ZwX|^$dyVlYwLEOzQIF$*HLw?n{=;bX}3$J3Q;ZqA+XQ_vZ%OS*=peRTb@yCA23^*5|- zb5zf0Vsg=dsy6DsGM`%uj_%5Trny|Tn$c}O_x1CXzY+r@w;Q3QR5j9bK(ilV7vK3!e2!A6vAf` z{u;vHK=|(x{tm)FNcaPUf3tm@`S&~p^8I_B@_%xkGEkXs;J|@2BJM;Fkl%svqsEUP ze}U+n0|&+r9CpFbnBKk5Wj;J$_?S_nMvodF8{;@X8uP$mBSw$LZ*0ua@d@J-)ZpP4 zj2S;9a(pZvdPhf}J9yZrG2?qhjyc!1a5~3aFg_w8Y7AliUwdaBU3HP=@z81m+BS?c zw!zku5Nx&_1Vto3AOWJ{(vlv#5s_|*7-bECu#P}jqNrd1mlko!rUW&44^RO`3E;*+ zw?uHkjl@0TuqaC-(%kueDzD-rgb;!~Xa2CxxvBSi@As>^d)>OX-b|8+ ze@3H5r#C+Bv|qJp(&XGze|c`(^Ur8>I&ZXZ8g+KV1`T6$Z~OM=H$IK=e-rtOf7jI+ zElzLTI9B_B=D+*xDd*`^J#xOTHGk}R|Iw;NZ2R`Ht%SekZyOtXL2PXESV!M^YSC)V zo4d=1%qGfDH`I-al^rxtUsL0Ke-HQTxriv26O2%J9x+JJAR=0SPpbVwPb*@NP{dvZ zr|C5_|6jCYQD58K;CqJP?5L=y=IVh91T7mkZmb=UevZm)cOle0;n#AL+ZViZG6LS59sx!aroq!hBZCmMvSThgYPR>(U}`yz$0_OVxDq zZ!@JR%Y6N8=s2?(;oceii(P_Me8S^Fk*1?MPN(ec260|)h53um42Zzg_kk_}$M z7@a$JZV7(E%i+Ia!v<51)P$d{T)EQWtsIhl`Q?{ZT3Tw#DY*N1Mlk~Kf39b8mM&d7 zWyOjWQxx`HHgo38zUk@dN!i)i$%?DNt&Je|oO90UsNBYYi!Z(y-bE%QCADT;y*?rQ z_w3nYie=`vXwjmRc$mF?`*u@Kw~Ei3Hf^%^-+$lXDfu|ukxhAdxqbNIhwd7hJSgUI zucdQ)zy0>x1Jb)6G-k!Yg9q)q@4nmf&O7hC@Y!ddm1(Z;c}8^JFMI1G9I|=#MDbTV zWtyuBz~2LW^?*z~fIqyV_piAIJRS7l<3Tu^2g%$#`1gEYAN*f=<&`;-V~lhn3tHB# zTjyv%Ka_7WWS~5g(-&~WCS=2|-?C+k0oVrepvOM29iG{^aigOF8Or_*IVe|83b(51 z`Uky#h|gui7mJ3v+HbS{`}docA*cUwad9otV*nW_Z)U4jtuo2n6f-*;Mh3`4c{K;% zzJC3B!&bI#-RfRL13mzK!%mP9xGmplmimEN!kcE7{I^;A*UVzqnq9cY>_0b{J^h8* zzWw{R$X2lbx-^IX>eZ{~UvR+%ofN}o%U_!0;b_3;AOrXcJ;(ywd5!$HZQJI6*YF&E zgD<)OE#M9R(b0VUKhLCh^{=Kkn{`tPzO!lu9oLJ7SIydrhL$gz#k^>i{gG+|hYmej z7vy!1!(YDMJb=FkFALw-$4;;V^yT_(W>;+0S^0Owe`t^lF5PH$v1mwpPxX#N%6GqI z)?u|%tKD_QUwKk=c}~ZU9b=>mSF}qeYTqXU#T>OTH?xkj3{$5E#2ib!1=~bQm3)%7XK3*D3=Q6%@ky;$IsE@o9e?bM z^+j=36+nZB>U4Np38#bC&_G*}*~OMk?rMSm>Sj+(6b<9M+rHh~?LC<@G~6T_RAaO2 z!|WNKggy6^E#Q;l_mB4D}6l0*3Rr~FHIK>vV~_wLoj5|_@umXJ?ybDJ#0aGf<2IyXmdyOwArHJ zPSG$!G)xfM{TtH^Ph+8leG)&wK=`5WM-VL3fVJ0$=mZ2 z@=4I}NQj2}q(|Aqd)nPYD`@~x7h@>izDDqv{MBKzjn#CY%Vx-2>+gJ>W4J0UEo}q1 zVvpFs)TvV)4dMD#otEk{;ToTSEgY}C_iCUj#=xHM4cT+G=W30Az#rN7>C*=}*i%nE zl8s!IU{P^)zG}J~%Z88BLeA09Hq~qDMXrR@=>zdwb2A_1+X03duwQAMMZo26v z)7cCouFJ^Cu(4yu+MGFaoLwvBP))SJd)5Yg6|oTUDEk2#_PlA)I6HJu`;CI} zZha1qF&+-t^E}xCttMpsd&*TbQLO(*T|4~SwQF~&j`pPKUk84pINHe}KR@64_U&sr zTV(g%d#|acWDh*>fWwFVJ^Y3S)&kZE^a@}P0}c37^pLd>9=$p{$u<{)|9;!>#P}a$ z4A}xP2KJ0kS~&6dpnu%`mvVo1s}wpN{gJNE*S^1#&cPJPhE1QD{^yFxCXDN=ufE#F zJvtBL{3p1BD>8xx54;Dz(LMG##CFI6d%&ihJxdO(&)%N#N#XYVw-q_Wfsc4z*VcFG z(&Yi2>2Y}w<__7i>5QW3Op+<5Wo_EDF~!yn7w{n72nT5J;OU@eJOG{YW8+)@{@Bg- z(jAFfpDSYw*5_xY^tKiE-)0|fTyFdK?b{-G*E#>7vy_&Vm9Z;Hh(?4zOuYL)*4(O=s7f99T2Zd14<=2l#?NIuD)f4d}54Yy^Ao zGNDHYiB0_4!`_?yv-IVJ@}Jli`Y&C|(|NJCu~SvVZSv&FP7ct3UsZ0|`uFee-bV(| z-~k%^zLz~EF*bS+p7iJtw0ZsFePSwNZuye?lzX~V=M3kvho}$!=skcgk#B}3a3kle zvv*4L*7vK;b=%nNwI6LxyI?1YVr<$cn!~?1-!8X{15N5 zM?imwwM%3N*Z?-cxcFem2YChC;>e5{N;B}Dr$MY3@%F4kZ=35 z*2u}ieVyK$C8Vi))U|%o419@y@c**MY_734dT>GR_yy^yizQSialTcy?$$Sa4f>7F zfj@SDT_O|o1R0Re;&b14&A7-2d9a>~-Y11Oev>+3U7N$->nVM>4nuN@B>x&+U$A^D62!lOR8SK%M7|M-Y-dDJ8m z=px5HaNt1Gxm>5;p6B5`_n}MZI`6XvfV;1cXpf|C=G7Z_hd*=p{jb)ZZ1j>f2s*Gq z_=Nw!*RdXj%LLvoU%uQHE?nsJ8Gd_!ZgdCRA#UOtonbuI0{P5B{ggs|`3~;1X5bUP zE`q-YXz);*Oc+CFqTM*?7|%c(_@Y}S@}1D)aaVl0sGj;>iS>_vUH(V*<@Uc?zq6nP z{?mIp=sg|u@D%@oEda=d_mBg=6FWs__#$cv)S#dRzH5&9_?aIuKJt~r-|N3(g_iIM zs7)rs_ryQYMO_X+x9DGg{dMPe;Q{uFzJot@Abos7)1R!)gj3KAe){~U{6tm$2O3yA ziC^%4=mF~yYbQKr&k6651F?XY1K0R`d@X)VdkR$$)7b{pQK z>s)gWvOwqIGc=;>(xbzQ5h^4r)>Y0}oXFY)e#dKP=?2aq{40SuIQzgkjgxLRO^Zv( zgb9Zt8rtE62@}fo{hZyEyv{Tbvz@iK8!ekYfIm~rxljJ~Ypn(U zBfs>4;`4mv$%ZKgPSX7s31Sp)?7B@g4(ep&LKBt0rRGh&`0YJro0OH)_mOBjb^o#2 z`SRffn)3ku6CcTb2^;`l!wALvhvirI$med6-+YmQshLu5q|QZsg`7C`p?CJ0m5TN{ z)Ow@v)5a<|m`sFgjpJN(lc zUsJ>i*9SL0`$1v^02~1PI{;5uzjl1_ffdf|=jsyV!)Z6~P`zt=W!>~T;XvJ&GZ5tV zsrh<+q~1%NF<$*UN9tr0Yl`--DT;IZfrrNh`4a7#I<)<%s7eWXT3t&=+84YCon^&y!=v5qV6lBVz94P$KvJPyPh@PybpFtxX< z^--T8k4R%~fZ8kdV`_fk`p8)pYBbdPs4=0Bu`jzv_xt&YgM59Fb(J{H$8R1No*=JG zF0erPOlrRRE}c!6jfLZYKK84ok2=5aY=W~i=wr1yT@>@Ho|2-xLcef4m>WH(r%`XC zMnb)iI@R)r(vMp++21lTl-$wn2@I`qJdVmGIXYLk%39KC15OYu}6)K0iJHAhrR*@chyCK2qnRzCx|h)wn|QPr2oCrgApn^|8D7pjIV+Vl&ktQuMvc ze)t0R`^4wa4KDD2esjT4S2v_yMeUZFA+_h6P`wbFpguyaaGGjVo(D`8?xU&Qs#WPf zwx#d(rpf;g!xr&7>)!I@1 zkNIcMo}KdexW!~dfT@B>|BZg8Pt6FWbB+je~Vu56;3KFTK0M_Nr2d;MoW zPM(9DE<9#`C0lg+Eo>8ujXpjy^#-P|as8KX zCEku=e$^sANk|~7o8W5G`b`D9=bn4q{tle*i`W5pzyst1Z}wDtU~lFPw-;vibY}s) zKITul+?G9532ZMJGDgW68fI0k$(k;(W6H@zT*#A2N~Pz z0CV9Nysc`TIHbDFZPMio#Yl%WDQBLJx2KANSK|G=Aw!0|PK}2gy}s~o$b$Ns)@3&j z@c?{het?*a7|r)us}72vw`;5%)hl*rZngr)Yfk^LLB=AsgWu$G(Lr+Q)HSdV@btMW zWPo4bIdFj&_-%Y9c$Sou%+`kesN?+Vzp*Iw&z z0|$V6umSEvZ-|rd7o1B}E<8`;vR9}}bN(0qqjU7b7_Uq@dDeV<4z&gSW`V0QV;A5@ zgAYE(OT0`?g}7ZbJgQ0SIyd;a`Mo~FR{%T!=3_n5ZzMS1z*$vjN9T|iyoPRkvT`qr zPH=8FKl8}fIR9T09zF)vcMeS7cXYX8;zDvx=;KMu?dFGGzy6|2(94(rJ`bD2wxJUp z{{MA<(}a%7@*pG030PxA9$*ru78u z>v;a{n0OtE(syzCQ6S033|^%rd|U!t%l!VnRe9ocB3PX z)pS;iv1@G7$KE+PInSv^vtK@Hr_P1kw`kF#Bm9nP0J}8CsHdNP+P$xPPAw=XxKjD- z)y2idPM&@ZL(cN)?}krCJx%AI$+P~TG0LTXd$B|I#^`H6dywlC*Kw{fL3^u5v=3BU z;m6=!beb5>$1~oh@MSk?-^8AY9KvRWHJ9jIr<#wCBd8xR7q*690?=2UrKM=EJ280^K_dy$J^-^ac)PWw)B)WlTajo+fNhhY!(?1Q6?F~Zw7 za`vUyzJa~dl+-KS9M_eZE!MtP-}AQ2%uIJigt{8CL|;7r-Oc(_ zx^{_+`=@B{6KW9qJp9wT;QSUfInEF8tk=1vQ+wF<@-2>^?4j-$>gM0;^#|R<*W-7P zrM|oFc#5w^mfP0l+p-x~xbxhPO}yGRyjaNe&->@~-4z$B;lI!u{5CNc^1z>lj9K#H8qnBS)lV zbdMP~Car76;326aQ!?6(96ET+sEkp!j%_!1)X1(W86z(oe^E^I$dt69x29(J|J~R< z=AsKb#Pm4x^yujLv17(%xc~B4$I&`gKBp%$QU{OIKa8B@#)(#oACo$IoMuVAC3(!y z@%lf3x20xOeHi}nWfS!%|3vee)bXh!qDSzzdrV5km1*Ng4Nn~t6FqKd&%uNBPgA?c z+?p~XBQ>T+eEX`gk9@dl{IENYnmxY#5xB;;uOeEH$G7+V?2+6vxo1++mDgU;zkle( z&(}X4KlBqn5hS(C_1{x==O4&#S`b-qSHZl3#YHQN))#Fpswg^8)TlVJxOH({ai8M; z#Y2iG7T;C8pm=fd%Hs9KTZ=1-4;1smj-?tSI=4e^ZsFp>C50;s*A%WVEG^txSYB9B z7+ussPbcd6WQ{OLW29@8X&PsqM#|M#OElUVjaRA>%Qfb1Mh!FyGz~-sq64i19RhKI z#6X`wa-e@;P+&+PJuopaEwCVv8(17z5?C2n6IdT84QvgR2Py))0|x>T!A8NR!N_2A zuywFQFfN!F>=R55_74sU4hg0QCkCel?+VTfE(qoZ7YCOFR|eMv*9S|3TZ84nil7Kd z)bIYP>z_L@cR}vT+^xBhc^&fN@)Gm<= 10: + VER_SUFFIX = '%s_%s' % sys.version_info[:2] # PEP 641 (draft) + else: + VER_SUFFIX = '%s%s' % sys.version_info[:2] +PYVER = 'py' + VER_SUFFIX +IMPVER = IMP_PREFIX + VER_SUFFIX + +ARCH = get_platform().replace('-', '_').replace('.', '_') + +ABI = sysconfig.get_config_var('SOABI') +if ABI and ABI.startswith('cpython-'): + ABI = ABI.replace('cpython-', 'cp').split('-')[0] +else: + def _derive_abi(): + parts = ['cp', VER_SUFFIX] + if sysconfig.get_config_var('Py_DEBUG'): + parts.append('d') + if sysconfig.get_config_var('WITH_PYMALLOC'): + parts.append('m') + if sysconfig.get_config_var('Py_UNICODE_SIZE') == 4: + parts.append('u') + return ''.join(parts) + ABI = _derive_abi() + del _derive_abi + +FILENAME_RE = re.compile(r''' +(?P[^-]+) +-(?P\d+[^-]*) +(-(?P\d+[^-]*))? +-(?P\w+\d+(\.\w+\d+)*) +-(?P\w+) +-(?P\w+(\.\w+)*) +\.whl$ +''', re.IGNORECASE | re.VERBOSE) + +NAME_VERSION_RE = re.compile(r''' +(?P[^-]+) +-(?P\d+[^-]*) +(-(?P\d+[^-]*))?$ +''', re.IGNORECASE | re.VERBOSE) + +SHEBANG_RE = re.compile(br'\s*#![^\r\n]*') +SHEBANG_DETAIL_RE = re.compile(br'^(\s*#!("[^"]+"|\S+))\s+(.*)$') +SHEBANG_PYTHON = b'#!python' +SHEBANG_PYTHONW = b'#!pythonw' + +if os.sep == '/': + to_posix = lambda o: o +else: + to_posix = lambda o: o.replace(os.sep, '/') + + +class Mounter(object): + def __init__(self): + self.impure_wheels = {} + self.libs = {} + + def add(self, pathname, extensions): + self.impure_wheels[pathname] = extensions + self.libs.update(extensions) + + def remove(self, pathname): + extensions = self.impure_wheels.pop(pathname) + for k, v in extensions: + if k in self.libs: + del self.libs[k] + + def find_module(self, fullname, path=None): + if fullname in self.libs: + result = self + else: + result = None + return result + + def load_module(self, fullname): + if fullname in sys.modules: + result = sys.modules[fullname] + else: + if fullname not in self.libs: + raise ImportError('unable to find extension for %s' % fullname) + result = imp.load_dynamic(fullname, self.libs[fullname]) + result.__loader__ = self + parts = fullname.rsplit('.', 1) + if len(parts) > 1: + result.__package__ = parts[0] + return result + +_hook = Mounter() + + +class Wheel(object): + """ + Class to build and install from Wheel files (PEP 427). + """ + + wheel_version = (1, 1) + hash_kind = 'sha256' + + def __init__(self, filename=None, sign=False, verify=False): + """ + Initialise an instance using a (valid) filename. + """ + self.sign = sign + self.should_verify = verify + self.buildver = '' + self.pyver = [PYVER] + self.abi = ['none'] + self.arch = ['any'] + self.dirname = os.getcwd() + if filename is None: + self.name = 'dummy' + self.version = '0.1' + self._filename = self.filename + else: + m = NAME_VERSION_RE.match(filename) + if m: + info = m.groupdict('') + self.name = info['nm'] + # Reinstate the local version separator + self.version = info['vn'].replace('_', '-') + self.buildver = info['bn'] + self._filename = self.filename + else: + dirname, filename = os.path.split(filename) + m = FILENAME_RE.match(filename) + if not m: + raise DistlibException('Invalid name or ' + 'filename: %r' % filename) + if dirname: + self.dirname = os.path.abspath(dirname) + self._filename = filename + info = m.groupdict('') + self.name = info['nm'] + self.version = info['vn'] + self.buildver = info['bn'] + self.pyver = info['py'].split('.') + self.abi = info['bi'].split('.') + self.arch = info['ar'].split('.') + + @property + def filename(self): + """ + Build and return a filename from the various components. + """ + if self.buildver: + buildver = '-' + self.buildver + else: + buildver = '' + pyver = '.'.join(self.pyver) + abi = '.'.join(self.abi) + arch = '.'.join(self.arch) + # replace - with _ as a local version separator + version = self.version.replace('-', '_') + return '%s-%s%s-%s-%s-%s.whl' % (self.name, version, buildver, + pyver, abi, arch) + + @property + def exists(self): + path = os.path.join(self.dirname, self.filename) + return os.path.isfile(path) + + @property + def tags(self): + for pyver in self.pyver: + for abi in self.abi: + for arch in self.arch: + yield pyver, abi, arch + + @cached_property + def metadata(self): + pathname = os.path.join(self.dirname, self.filename) + name_ver = '%s-%s' % (self.name, self.version) + info_dir = '%s.dist-info' % name_ver + wrapper = codecs.getreader('utf-8') + with ZipFile(pathname, 'r') as zf: + wheel_metadata = self.get_wheel_metadata(zf) + wv = wheel_metadata['Wheel-Version'].split('.', 1) + file_version = tuple([int(i) for i in wv]) + # if file_version < (1, 1): + # fns = [WHEEL_METADATA_FILENAME, METADATA_FILENAME, + # LEGACY_METADATA_FILENAME] + # else: + # fns = [WHEEL_METADATA_FILENAME, METADATA_FILENAME] + fns = [WHEEL_METADATA_FILENAME, LEGACY_METADATA_FILENAME] + result = None + for fn in fns: + try: + metadata_filename = posixpath.join(info_dir, fn) + with zf.open(metadata_filename) as bf: + wf = wrapper(bf) + result = Metadata(fileobj=wf) + if result: + break + except KeyError: + pass + if not result: + raise ValueError('Invalid wheel, because metadata is ' + 'missing: looked in %s' % ', '.join(fns)) + return result + + def get_wheel_metadata(self, zf): + name_ver = '%s-%s' % (self.name, self.version) + info_dir = '%s.dist-info' % name_ver + metadata_filename = posixpath.join(info_dir, 'WHEEL') + with zf.open(metadata_filename) as bf: + wf = codecs.getreader('utf-8')(bf) + message = message_from_file(wf) + return dict(message) + + @cached_property + def info(self): + pathname = os.path.join(self.dirname, self.filename) + with ZipFile(pathname, 'r') as zf: + result = self.get_wheel_metadata(zf) + return result + + def process_shebang(self, data): + m = SHEBANG_RE.match(data) + if m: + end = m.end() + shebang, data_after_shebang = data[:end], data[end:] + # Preserve any arguments after the interpreter + if b'pythonw' in shebang.lower(): + shebang_python = SHEBANG_PYTHONW + else: + shebang_python = SHEBANG_PYTHON + m = SHEBANG_DETAIL_RE.match(shebang) + if m: + args = b' ' + m.groups()[-1] + else: + args = b'' + shebang = shebang_python + args + data = shebang + data_after_shebang + else: + cr = data.find(b'\r') + lf = data.find(b'\n') + if cr < 0 or cr > lf: + term = b'\n' + else: + if data[cr:cr + 2] == b'\r\n': + term = b'\r\n' + else: + term = b'\r' + data = SHEBANG_PYTHON + term + data + return data + + def get_hash(self, data, hash_kind=None): + if hash_kind is None: + hash_kind = self.hash_kind + try: + hasher = getattr(hashlib, hash_kind) + except AttributeError: + raise DistlibException('Unsupported hash algorithm: %r' % hash_kind) + result = hasher(data).digest() + result = base64.urlsafe_b64encode(result).rstrip(b'=').decode('ascii') + return hash_kind, result + + def write_record(self, records, record_path, base): + records = list(records) # make a copy, as mutated + p = to_posix(os.path.relpath(record_path, base)) + records.append((p, '', '')) + with CSVWriter(record_path) as writer: + for row in records: + writer.writerow(row) + + def write_records(self, info, libdir, archive_paths): + records = [] + distinfo, info_dir = info + hasher = getattr(hashlib, self.hash_kind) + for ap, p in archive_paths: + with open(p, 'rb') as f: + data = f.read() + digest = '%s=%s' % self.get_hash(data) + size = os.path.getsize(p) + records.append((ap, digest, size)) + + p = os.path.join(distinfo, 'RECORD') + self.write_record(records, p, libdir) + ap = to_posix(os.path.join(info_dir, 'RECORD')) + archive_paths.append((ap, p)) + + def build_zip(self, pathname, archive_paths): + with ZipFile(pathname, 'w', zipfile.ZIP_DEFLATED) as zf: + for ap, p in archive_paths: + logger.debug('Wrote %s to %s in wheel', p, ap) + zf.write(p, ap) + + def build(self, paths, tags=None, wheel_version=None): + """ + Build a wheel from files in specified paths, and use any specified tags + when determining the name of the wheel. + """ + if tags is None: + tags = {} + + libkey = list(filter(lambda o: o in paths, ('purelib', 'platlib')))[0] + if libkey == 'platlib': + is_pure = 'false' + default_pyver = [IMPVER] + default_abi = [ABI] + default_arch = [ARCH] + else: + is_pure = 'true' + default_pyver = [PYVER] + default_abi = ['none'] + default_arch = ['any'] + + self.pyver = tags.get('pyver', default_pyver) + self.abi = tags.get('abi', default_abi) + self.arch = tags.get('arch', default_arch) + + libdir = paths[libkey] + + name_ver = '%s-%s' % (self.name, self.version) + data_dir = '%s.data' % name_ver + info_dir = '%s.dist-info' % name_ver + + archive_paths = [] + + # First, stuff which is not in site-packages + for key in ('data', 'headers', 'scripts'): + if key not in paths: + continue + path = paths[key] + if os.path.isdir(path): + for root, dirs, files in os.walk(path): + for fn in files: + p = fsdecode(os.path.join(root, fn)) + rp = os.path.relpath(p, path) + ap = to_posix(os.path.join(data_dir, key, rp)) + archive_paths.append((ap, p)) + if key == 'scripts' and not p.endswith('.exe'): + with open(p, 'rb') as f: + data = f.read() + data = self.process_shebang(data) + with open(p, 'wb') as f: + f.write(data) + + # Now, stuff which is in site-packages, other than the + # distinfo stuff. + path = libdir + distinfo = None + for root, dirs, files in os.walk(path): + if root == path: + # At the top level only, save distinfo for later + # and skip it for now + for i, dn in enumerate(dirs): + dn = fsdecode(dn) + if dn.endswith('.dist-info'): + distinfo = os.path.join(root, dn) + del dirs[i] + break + assert distinfo, '.dist-info directory expected, not found' + + for fn in files: + # comment out next suite to leave .pyc files in + if fsdecode(fn).endswith(('.pyc', '.pyo')): + continue + p = os.path.join(root, fn) + rp = to_posix(os.path.relpath(p, path)) + archive_paths.append((rp, p)) + + # Now distinfo. Assumed to be flat, i.e. os.listdir is enough. + files = os.listdir(distinfo) + for fn in files: + if fn not in ('RECORD', 'INSTALLER', 'SHARED', 'WHEEL'): + p = fsdecode(os.path.join(distinfo, fn)) + ap = to_posix(os.path.join(info_dir, fn)) + archive_paths.append((ap, p)) + + wheel_metadata = [ + 'Wheel-Version: %d.%d' % (wheel_version or self.wheel_version), + 'Generator: distlib %s' % __version__, + 'Root-Is-Purelib: %s' % is_pure, + ] + for pyver, abi, arch in self.tags: + wheel_metadata.append('Tag: %s-%s-%s' % (pyver, abi, arch)) + p = os.path.join(distinfo, 'WHEEL') + with open(p, 'w') as f: + f.write('\n'.join(wheel_metadata)) + ap = to_posix(os.path.join(info_dir, 'WHEEL')) + archive_paths.append((ap, p)) + + # sort the entries by archive path. Not needed by any spec, but it + # keeps the archive listing and RECORD tidier than they would otherwise + # be. Use the number of path segments to keep directory entries together, + # and keep the dist-info stuff at the end. + def sorter(t): + ap = t[0] + n = ap.count('/') + if '.dist-info' in ap: + n += 10000 + return (n, ap) + archive_paths = sorted(archive_paths, key=sorter) + + # Now, at last, RECORD. + # Paths in here are archive paths - nothing else makes sense. + self.write_records((distinfo, info_dir), libdir, archive_paths) + # Now, ready to build the zip file + pathname = os.path.join(self.dirname, self.filename) + self.build_zip(pathname, archive_paths) + return pathname + + def skip_entry(self, arcname): + """ + Determine whether an archive entry should be skipped when verifying + or installing. + """ + # The signature file won't be in RECORD, + # and we don't currently don't do anything with it + # We also skip directories, as they won't be in RECORD + # either. See: + # + # https://github.com/pypa/wheel/issues/294 + # https://github.com/pypa/wheel/issues/287 + # https://github.com/pypa/wheel/pull/289 + # + return arcname.endswith(('/', '/RECORD.jws')) + + def install(self, paths, maker, **kwargs): + """ + Install a wheel to the specified paths. If kwarg ``warner`` is + specified, it should be a callable, which will be called with two + tuples indicating the wheel version of this software and the wheel + version in the file, if there is a discrepancy in the versions. + This can be used to issue any warnings to raise any exceptions. + If kwarg ``lib_only`` is True, only the purelib/platlib files are + installed, and the headers, scripts, data and dist-info metadata are + not written. If kwarg ``bytecode_hashed_invalidation`` is True, written + bytecode will try to use file-hash based invalidation (PEP-552) on + supported interpreter versions (CPython 2.7+). + + The return value is a :class:`InstalledDistribution` instance unless + ``options.lib_only`` is True, in which case the return value is ``None``. + """ + + dry_run = maker.dry_run + warner = kwargs.get('warner') + lib_only = kwargs.get('lib_only', False) + bc_hashed_invalidation = kwargs.get('bytecode_hashed_invalidation', False) + + pathname = os.path.join(self.dirname, self.filename) + name_ver = '%s-%s' % (self.name, self.version) + data_dir = '%s.data' % name_ver + info_dir = '%s.dist-info' % name_ver + + metadata_name = posixpath.join(info_dir, LEGACY_METADATA_FILENAME) + wheel_metadata_name = posixpath.join(info_dir, 'WHEEL') + record_name = posixpath.join(info_dir, 'RECORD') + + wrapper = codecs.getreader('utf-8') + + with ZipFile(pathname, 'r') as zf: + with zf.open(wheel_metadata_name) as bwf: + wf = wrapper(bwf) + message = message_from_file(wf) + wv = message['Wheel-Version'].split('.', 1) + file_version = tuple([int(i) for i in wv]) + if (file_version != self.wheel_version) and warner: + warner(self.wheel_version, file_version) + + if message['Root-Is-Purelib'] == 'true': + libdir = paths['purelib'] + else: + libdir = paths['platlib'] + + records = {} + with zf.open(record_name) as bf: + with CSVReader(stream=bf) as reader: + for row in reader: + p = row[0] + records[p] = row + + data_pfx = posixpath.join(data_dir, '') + info_pfx = posixpath.join(info_dir, '') + script_pfx = posixpath.join(data_dir, 'scripts', '') + + # make a new instance rather than a copy of maker's, + # as we mutate it + fileop = FileOperator(dry_run=dry_run) + fileop.record = True # so we can rollback if needed + + bc = not sys.dont_write_bytecode # Double negatives. Lovely! + + outfiles = [] # for RECORD writing + + # for script copying/shebang processing + workdir = tempfile.mkdtemp() + # set target dir later + # we default add_launchers to False, as the + # Python Launcher should be used instead + maker.source_dir = workdir + maker.target_dir = None + try: + for zinfo in zf.infolist(): + arcname = zinfo.filename + if isinstance(arcname, text_type): + u_arcname = arcname + else: + u_arcname = arcname.decode('utf-8') + if self.skip_entry(u_arcname): + continue + row = records[u_arcname] + if row[2] and str(zinfo.file_size) != row[2]: + raise DistlibException('size mismatch for ' + '%s' % u_arcname) + if row[1]: + kind, value = row[1].split('=', 1) + with zf.open(arcname) as bf: + data = bf.read() + _, digest = self.get_hash(data, kind) + if digest != value: + raise DistlibException('digest mismatch for ' + '%s' % arcname) + + if lib_only and u_arcname.startswith((info_pfx, data_pfx)): + logger.debug('lib_only: skipping %s', u_arcname) + continue + is_script = (u_arcname.startswith(script_pfx) + and not u_arcname.endswith('.exe')) + + if u_arcname.startswith(data_pfx): + _, where, rp = u_arcname.split('/', 2) + outfile = os.path.join(paths[where], convert_path(rp)) + else: + # meant for site-packages. + if u_arcname in (wheel_metadata_name, record_name): + continue + outfile = os.path.join(libdir, convert_path(u_arcname)) + if not is_script: + with zf.open(arcname) as bf: + fileop.copy_stream(bf, outfile) + # Issue #147: permission bits aren't preserved. Using + # zf.extract(zinfo, libdir) should have worked, but didn't, + # see https://www.thetopsites.net/article/53834422.shtml + # So ... manually preserve permission bits as given in zinfo + if os.name == 'posix': + # just set the normal permission bits + os.chmod(outfile, (zinfo.external_attr >> 16) & 0x1FF) + outfiles.append(outfile) + # Double check the digest of the written file + if not dry_run and row[1]: + with open(outfile, 'rb') as bf: + data = bf.read() + _, newdigest = self.get_hash(data, kind) + if newdigest != digest: + raise DistlibException('digest mismatch ' + 'on write for ' + '%s' % outfile) + if bc and outfile.endswith('.py'): + try: + pyc = fileop.byte_compile(outfile, + hashed_invalidation=bc_hashed_invalidation) + outfiles.append(pyc) + except Exception: + # Don't give up if byte-compilation fails, + # but log it and perhaps warn the user + logger.warning('Byte-compilation failed', + exc_info=True) + else: + fn = os.path.basename(convert_path(arcname)) + workname = os.path.join(workdir, fn) + with zf.open(arcname) as bf: + fileop.copy_stream(bf, workname) + + dn, fn = os.path.split(outfile) + maker.target_dir = dn + filenames = maker.make(fn) + fileop.set_executable_mode(filenames) + outfiles.extend(filenames) + + if lib_only: + logger.debug('lib_only: returning None') + dist = None + else: + # Generate scripts + + # Try to get pydist.json so we can see if there are + # any commands to generate. If this fails (e.g. because + # of a legacy wheel), log a warning but don't give up. + commands = None + file_version = self.info['Wheel-Version'] + if file_version == '1.0': + # Use legacy info + ep = posixpath.join(info_dir, 'entry_points.txt') + try: + with zf.open(ep) as bwf: + epdata = read_exports(bwf) + commands = {} + for key in ('console', 'gui'): + k = '%s_scripts' % key + if k in epdata: + commands['wrap_%s' % key] = d = {} + for v in epdata[k].values(): + s = '%s:%s' % (v.prefix, v.suffix) + if v.flags: + s += ' [%s]' % ','.join(v.flags) + d[v.name] = s + except Exception: + logger.warning('Unable to read legacy script ' + 'metadata, so cannot generate ' + 'scripts') + else: + try: + with zf.open(metadata_name) as bwf: + wf = wrapper(bwf) + commands = json.load(wf).get('extensions') + if commands: + commands = commands.get('python.commands') + except Exception: + logger.warning('Unable to read JSON metadata, so ' + 'cannot generate scripts') + if commands: + console_scripts = commands.get('wrap_console', {}) + gui_scripts = commands.get('wrap_gui', {}) + if console_scripts or gui_scripts: + script_dir = paths.get('scripts', '') + if not os.path.isdir(script_dir): + raise ValueError('Valid script path not ' + 'specified') + maker.target_dir = script_dir + for k, v in console_scripts.items(): + script = '%s = %s' % (k, v) + filenames = maker.make(script) + fileop.set_executable_mode(filenames) + + if gui_scripts: + options = {'gui': True } + for k, v in gui_scripts.items(): + script = '%s = %s' % (k, v) + filenames = maker.make(script, options) + fileop.set_executable_mode(filenames) + + p = os.path.join(libdir, info_dir) + dist = InstalledDistribution(p) + + # Write SHARED + paths = dict(paths) # don't change passed in dict + del paths['purelib'] + del paths['platlib'] + paths['lib'] = libdir + p = dist.write_shared_locations(paths, dry_run) + if p: + outfiles.append(p) + + # Write RECORD + dist.write_installed_files(outfiles, paths['prefix'], + dry_run) + return dist + except Exception: # pragma: no cover + logger.exception('installation failed.') + fileop.rollback() + raise + finally: + shutil.rmtree(workdir) + + def _get_dylib_cache(self): + global cache + if cache is None: + # Use native string to avoid issues on 2.x: see Python #20140. + base = os.path.join(get_cache_base(), str('dylib-cache'), + '%s.%s' % sys.version_info[:2]) + cache = Cache(base) + return cache + + def _get_extensions(self): + pathname = os.path.join(self.dirname, self.filename) + name_ver = '%s-%s' % (self.name, self.version) + info_dir = '%s.dist-info' % name_ver + arcname = posixpath.join(info_dir, 'EXTENSIONS') + wrapper = codecs.getreader('utf-8') + result = [] + with ZipFile(pathname, 'r') as zf: + try: + with zf.open(arcname) as bf: + wf = wrapper(bf) + extensions = json.load(wf) + cache = self._get_dylib_cache() + prefix = cache.prefix_to_dir(pathname) + cache_base = os.path.join(cache.base, prefix) + if not os.path.isdir(cache_base): + os.makedirs(cache_base) + for name, relpath in extensions.items(): + dest = os.path.join(cache_base, convert_path(relpath)) + if not os.path.exists(dest): + extract = True + else: + file_time = os.stat(dest).st_mtime + file_time = datetime.datetime.fromtimestamp(file_time) + info = zf.getinfo(relpath) + wheel_time = datetime.datetime(*info.date_time) + extract = wheel_time > file_time + if extract: + zf.extract(relpath, cache_base) + result.append((name, dest)) + except KeyError: + pass + return result + + def is_compatible(self): + """ + Determine if a wheel is compatible with the running system. + """ + return is_compatible(self) + + def is_mountable(self): + """ + Determine if a wheel is asserted as mountable by its metadata. + """ + return True # for now - metadata details TBD + + def mount(self, append=False): + pathname = os.path.abspath(os.path.join(self.dirname, self.filename)) + if not self.is_compatible(): + msg = 'Wheel %s not compatible with this Python.' % pathname + raise DistlibException(msg) + if not self.is_mountable(): + msg = 'Wheel %s is marked as not mountable.' % pathname + raise DistlibException(msg) + if pathname in sys.path: + logger.debug('%s already in path', pathname) + else: + if append: + sys.path.append(pathname) + else: + sys.path.insert(0, pathname) + extensions = self._get_extensions() + if extensions: + if _hook not in sys.meta_path: + sys.meta_path.append(_hook) + _hook.add(pathname, extensions) + + def unmount(self): + pathname = os.path.abspath(os.path.join(self.dirname, self.filename)) + if pathname not in sys.path: + logger.debug('%s not in path', pathname) + else: + sys.path.remove(pathname) + if pathname in _hook.impure_wheels: + _hook.remove(pathname) + if not _hook.impure_wheels: + if _hook in sys.meta_path: + sys.meta_path.remove(_hook) + + def verify(self): + pathname = os.path.join(self.dirname, self.filename) + name_ver = '%s-%s' % (self.name, self.version) + data_dir = '%s.data' % name_ver + info_dir = '%s.dist-info' % name_ver + + metadata_name = posixpath.join(info_dir, LEGACY_METADATA_FILENAME) + wheel_metadata_name = posixpath.join(info_dir, 'WHEEL') + record_name = posixpath.join(info_dir, 'RECORD') + + wrapper = codecs.getreader('utf-8') + + with ZipFile(pathname, 'r') as zf: + with zf.open(wheel_metadata_name) as bwf: + wf = wrapper(bwf) + message = message_from_file(wf) + wv = message['Wheel-Version'].split('.', 1) + file_version = tuple([int(i) for i in wv]) + # TODO version verification + + records = {} + with zf.open(record_name) as bf: + with CSVReader(stream=bf) as reader: + for row in reader: + p = row[0] + records[p] = row + + for zinfo in zf.infolist(): + arcname = zinfo.filename + if isinstance(arcname, text_type): + u_arcname = arcname + else: + u_arcname = arcname.decode('utf-8') + # See issue #115: some wheels have .. in their entries, but + # in the filename ... e.g. __main__..py ! So the check is + # updated to look for .. in the directory portions + p = u_arcname.split('/') + if '..' in p: + raise DistlibException('invalid entry in ' + 'wheel: %r' % u_arcname) + + if self.skip_entry(u_arcname): + continue + row = records[u_arcname] + if row[2] and str(zinfo.file_size) != row[2]: + raise DistlibException('size mismatch for ' + '%s' % u_arcname) + if row[1]: + kind, value = row[1].split('=', 1) + with zf.open(arcname) as bf: + data = bf.read() + _, digest = self.get_hash(data, kind) + if digest != value: + raise DistlibException('digest mismatch for ' + '%s' % arcname) + + def update(self, modifier, dest_dir=None, **kwargs): + """ + Update the contents of a wheel in a generic way. The modifier should + be a callable which expects a dictionary argument: its keys are + archive-entry paths, and its values are absolute filesystem paths + where the contents the corresponding archive entries can be found. The + modifier is free to change the contents of the files pointed to, add + new entries and remove entries, before returning. This method will + extract the entire contents of the wheel to a temporary location, call + the modifier, and then use the passed (and possibly updated) + dictionary to write a new wheel. If ``dest_dir`` is specified, the new + wheel is written there -- otherwise, the original wheel is overwritten. + + The modifier should return True if it updated the wheel, else False. + This method returns the same value the modifier returns. + """ + + def get_version(path_map, info_dir): + version = path = None + key = '%s/%s' % (info_dir, LEGACY_METADATA_FILENAME) + if key not in path_map: + key = '%s/PKG-INFO' % info_dir + if key in path_map: + path = path_map[key] + version = Metadata(path=path).version + return version, path + + def update_version(version, path): + updated = None + try: + v = NormalizedVersion(version) + i = version.find('-') + if i < 0: + updated = '%s+1' % version + else: + parts = [int(s) for s in version[i + 1:].split('.')] + parts[-1] += 1 + updated = '%s+%s' % (version[:i], + '.'.join(str(i) for i in parts)) + except UnsupportedVersionError: + logger.debug('Cannot update non-compliant (PEP-440) ' + 'version %r', version) + if updated: + md = Metadata(path=path) + md.version = updated + legacy = path.endswith(LEGACY_METADATA_FILENAME) + md.write(path=path, legacy=legacy) + logger.debug('Version updated from %r to %r', version, + updated) + + pathname = os.path.join(self.dirname, self.filename) + name_ver = '%s-%s' % (self.name, self.version) + info_dir = '%s.dist-info' % name_ver + record_name = posixpath.join(info_dir, 'RECORD') + with tempdir() as workdir: + with ZipFile(pathname, 'r') as zf: + path_map = {} + for zinfo in zf.infolist(): + arcname = zinfo.filename + if isinstance(arcname, text_type): + u_arcname = arcname + else: + u_arcname = arcname.decode('utf-8') + if u_arcname == record_name: + continue + if '..' in u_arcname: + raise DistlibException('invalid entry in ' + 'wheel: %r' % u_arcname) + zf.extract(zinfo, workdir) + path = os.path.join(workdir, convert_path(u_arcname)) + path_map[u_arcname] = path + + # Remember the version. + original_version, _ = get_version(path_map, info_dir) + # Files extracted. Call the modifier. + modified = modifier(path_map, **kwargs) + if modified: + # Something changed - need to build a new wheel. + current_version, path = get_version(path_map, info_dir) + if current_version and (current_version == original_version): + # Add or update local version to signify changes. + update_version(current_version, path) + # Decide where the new wheel goes. + if dest_dir is None: + fd, newpath = tempfile.mkstemp(suffix='.whl', + prefix='wheel-update-', + dir=workdir) + os.close(fd) + else: + if not os.path.isdir(dest_dir): + raise DistlibException('Not a directory: %r' % dest_dir) + newpath = os.path.join(dest_dir, self.filename) + archive_paths = list(path_map.items()) + distinfo = os.path.join(workdir, info_dir) + info = distinfo, info_dir + self.write_records(info, workdir, archive_paths) + self.build_zip(newpath, archive_paths) + if dest_dir is None: + shutil.copyfile(newpath, pathname) + return modified + +def _get_glibc_version(): + import platform + ver = platform.libc_ver() + result = [] + if ver[0] == 'glibc': + for s in ver[1].split('.'): + result.append(int(s) if s.isdigit() else 0) + result = tuple(result) + return result + +def compatible_tags(): + """ + Return (pyver, abi, arch) tuples compatible with this Python. + """ + versions = [VER_SUFFIX] + major = VER_SUFFIX[0] + for minor in range(sys.version_info[1] - 1, - 1, -1): + versions.append(''.join([major, str(minor)])) + + abis = [] + for suffix, _, _ in imp.get_suffixes(): + if suffix.startswith('.abi'): + abis.append(suffix.split('.', 2)[1]) + abis.sort() + if ABI != 'none': + abis.insert(0, ABI) + abis.append('none') + result = [] + + arches = [ARCH] + if sys.platform == 'darwin': + m = re.match(r'(\w+)_(\d+)_(\d+)_(\w+)$', ARCH) + if m: + name, major, minor, arch = m.groups() + minor = int(minor) + matches = [arch] + if arch in ('i386', 'ppc'): + matches.append('fat') + if arch in ('i386', 'ppc', 'x86_64'): + matches.append('fat3') + if arch in ('ppc64', 'x86_64'): + matches.append('fat64') + if arch in ('i386', 'x86_64'): + matches.append('intel') + if arch in ('i386', 'x86_64', 'intel', 'ppc', 'ppc64'): + matches.append('universal') + while minor >= 0: + for match in matches: + s = '%s_%s_%s_%s' % (name, major, minor, match) + if s != ARCH: # already there + arches.append(s) + minor -= 1 + + # Most specific - our Python version, ABI and arch + for abi in abis: + for arch in arches: + result.append((''.join((IMP_PREFIX, versions[0])), abi, arch)) + # manylinux + if abi != 'none' and sys.platform.startswith('linux'): + arch = arch.replace('linux_', '') + parts = _get_glibc_version() + if len(parts) == 2: + if parts >= (2, 5): + result.append((''.join((IMP_PREFIX, versions[0])), abi, + 'manylinux1_%s' % arch)) + if parts >= (2, 12): + result.append((''.join((IMP_PREFIX, versions[0])), abi, + 'manylinux2010_%s' % arch)) + if parts >= (2, 17): + result.append((''.join((IMP_PREFIX, versions[0])), abi, + 'manylinux2014_%s' % arch)) + result.append((''.join((IMP_PREFIX, versions[0])), abi, + 'manylinux_%s_%s_%s' % (parts[0], parts[1], + arch))) + + # where no ABI / arch dependency, but IMP_PREFIX dependency + for i, version in enumerate(versions): + result.append((''.join((IMP_PREFIX, version)), 'none', 'any')) + if i == 0: + result.append((''.join((IMP_PREFIX, version[0])), 'none', 'any')) + + # no IMP_PREFIX, ABI or arch dependency + for i, version in enumerate(versions): + result.append((''.join(('py', version)), 'none', 'any')) + if i == 0: + result.append((''.join(('py', version[0])), 'none', 'any')) + + return set(result) + + +COMPATIBLE_TAGS = compatible_tags() + +del compatible_tags + + +def is_compatible(wheel, tags=None): + if not isinstance(wheel, Wheel): + wheel = Wheel(wheel) # assume it's a filename + result = False + if tags is None: + tags = COMPATIBLE_TAGS + for ver, abi, arch in tags: + if ver in wheel.pyver and abi in wheel.abi and arch in wheel.arch: + result = True + break + return result diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/distro.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distro.py new file mode 100644 index 000000000..0611b62a3 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/distro.py @@ -0,0 +1,1230 @@ +# Copyright 2015,2016,2017 Nir Cohen +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +""" +The ``distro`` package (``distro`` stands for Linux Distribution) provides +information about the Linux distribution it runs on, such as a reliable +machine-readable distro ID, or version information. + +It is the recommended replacement for Python's original +:py:func:`platform.linux_distribution` function, but it provides much more +functionality. An alternative implementation became necessary because Python +3.5 deprecated this function, and Python 3.8 will remove it altogether. +Its predecessor function :py:func:`platform.dist` was already +deprecated since Python 2.6 and will also be removed in Python 3.8. +Still, there are many cases in which access to OS distribution information +is needed. See `Python issue 1322 `_ for +more information. +""" + +import os +import re +import sys +import json +import shlex +import logging +import argparse +import subprocess + + +_UNIXCONFDIR = os.environ.get('UNIXCONFDIR', '/etc') +_OS_RELEASE_BASENAME = 'os-release' + +#: Translation table for normalizing the "ID" attribute defined in os-release +#: files, for use by the :func:`distro.id` method. +#: +#: * Key: Value as defined in the os-release file, translated to lower case, +#: with blanks translated to underscores. +#: +#: * Value: Normalized value. +NORMALIZED_OS_ID = { + 'ol': 'oracle', # Oracle Linux +} + +#: Translation table for normalizing the "Distributor ID" attribute returned by +#: the lsb_release command, for use by the :func:`distro.id` method. +#: +#: * Key: Value as returned by the lsb_release command, translated to lower +#: case, with blanks translated to underscores. +#: +#: * Value: Normalized value. +NORMALIZED_LSB_ID = { + 'enterpriseenterpriseas': 'oracle', # Oracle Enterprise Linux 4 + 'enterpriseenterpriseserver': 'oracle', # Oracle Linux 5 + 'redhatenterpriseworkstation': 'rhel', # RHEL 6, 7 Workstation + 'redhatenterpriseserver': 'rhel', # RHEL 6, 7 Server + 'redhatenterprisecomputenode': 'rhel', # RHEL 6 ComputeNode +} + +#: Translation table for normalizing the distro ID derived from the file name +#: of distro release files, for use by the :func:`distro.id` method. +#: +#: * Key: Value as derived from the file name of a distro release file, +#: translated to lower case, with blanks translated to underscores. +#: +#: * Value: Normalized value. +NORMALIZED_DISTRO_ID = { + 'redhat': 'rhel', # RHEL 6.x, 7.x +} + +# Pattern for content of distro release file (reversed) +_DISTRO_RELEASE_CONTENT_REVERSED_PATTERN = re.compile( + r'(?:[^)]*\)(.*)\()? *(?:STL )?([\d.+\-a-z]*\d) *(?:esaeler *)?(.+)') + +# Pattern for base file name of distro release file +_DISTRO_RELEASE_BASENAME_PATTERN = re.compile( + r'(\w+)[-_](release|version)$') + +# Base file names to be ignored when searching for distro release file +_DISTRO_RELEASE_IGNORE_BASENAMES = ( + 'debian_version', + 'lsb-release', + 'oem-release', + _OS_RELEASE_BASENAME, + 'system-release', + 'plesk-release', +) + + +def linux_distribution(full_distribution_name=True): + """ + Return information about the current OS distribution as a tuple + ``(id_name, version, codename)`` with items as follows: + + * ``id_name``: If *full_distribution_name* is false, the result of + :func:`distro.id`. Otherwise, the result of :func:`distro.name`. + + * ``version``: The result of :func:`distro.version`. + + * ``codename``: The result of :func:`distro.codename`. + + The interface of this function is compatible with the original + :py:func:`platform.linux_distribution` function, supporting a subset of + its parameters. + + The data it returns may not exactly be the same, because it uses more data + sources than the original function, and that may lead to different data if + the OS distribution is not consistent across multiple data sources it + provides (there are indeed such distributions ...). + + Another reason for differences is the fact that the :func:`distro.id` + method normalizes the distro ID string to a reliable machine-readable value + for a number of popular OS distributions. + """ + return _distro.linux_distribution(full_distribution_name) + + +def id(): + """ + Return the distro ID of the current distribution, as a + machine-readable string. + + For a number of OS distributions, the returned distro ID value is + *reliable*, in the sense that it is documented and that it does not change + across releases of the distribution. + + This package maintains the following reliable distro ID values: + + ============== ========================================= + Distro ID Distribution + ============== ========================================= + "ubuntu" Ubuntu + "debian" Debian + "rhel" RedHat Enterprise Linux + "centos" CentOS + "fedora" Fedora + "sles" SUSE Linux Enterprise Server + "opensuse" openSUSE + "amazon" Amazon Linux + "arch" Arch Linux + "cloudlinux" CloudLinux OS + "exherbo" Exherbo Linux + "gentoo" GenToo Linux + "ibm_powerkvm" IBM PowerKVM + "kvmibm" KVM for IBM z Systems + "linuxmint" Linux Mint + "mageia" Mageia + "mandriva" Mandriva Linux + "parallels" Parallels + "pidora" Pidora + "raspbian" Raspbian + "oracle" Oracle Linux (and Oracle Enterprise Linux) + "scientific" Scientific Linux + "slackware" Slackware + "xenserver" XenServer + "openbsd" OpenBSD + "netbsd" NetBSD + "freebsd" FreeBSD + "midnightbsd" MidnightBSD + ============== ========================================= + + If you have a need to get distros for reliable IDs added into this set, + or if you find that the :func:`distro.id` function returns a different + distro ID for one of the listed distros, please create an issue in the + `distro issue tracker`_. + + **Lookup hierarchy and transformations:** + + First, the ID is obtained from the following sources, in the specified + order. The first available and non-empty value is used: + + * the value of the "ID" attribute of the os-release file, + + * the value of the "Distributor ID" attribute returned by the lsb_release + command, + + * the first part of the file name of the distro release file, + + The so determined ID value then passes the following transformations, + before it is returned by this method: + + * it is translated to lower case, + + * blanks (which should not be there anyway) are translated to underscores, + + * a normalization of the ID is performed, based upon + `normalization tables`_. The purpose of this normalization is to ensure + that the ID is as reliable as possible, even across incompatible changes + in the OS distributions. A common reason for an incompatible change is + the addition of an os-release file, or the addition of the lsb_release + command, with ID values that differ from what was previously determined + from the distro release file name. + """ + return _distro.id() + + +def name(pretty=False): + """ + Return the name of the current OS distribution, as a human-readable + string. + + If *pretty* is false, the name is returned without version or codename. + (e.g. "CentOS Linux") + + If *pretty* is true, the version and codename are appended. + (e.g. "CentOS Linux 7.1.1503 (Core)") + + **Lookup hierarchy:** + + The name is obtained from the following sources, in the specified order. + The first available and non-empty value is used: + + * If *pretty* is false: + + - the value of the "NAME" attribute of the os-release file, + + - the value of the "Distributor ID" attribute returned by the lsb_release + command, + + - the value of the "" field of the distro release file. + + * If *pretty* is true: + + - the value of the "PRETTY_NAME" attribute of the os-release file, + + - the value of the "Description" attribute returned by the lsb_release + command, + + - the value of the "" field of the distro release file, appended + with the value of the pretty version ("" and "" + fields) of the distro release file, if available. + """ + return _distro.name(pretty) + + +def version(pretty=False, best=False): + """ + Return the version of the current OS distribution, as a human-readable + string. + + If *pretty* is false, the version is returned without codename (e.g. + "7.0"). + + If *pretty* is true, the codename in parenthesis is appended, if the + codename is non-empty (e.g. "7.0 (Maipo)"). + + Some distributions provide version numbers with different precisions in + the different sources of distribution information. Examining the different + sources in a fixed priority order does not always yield the most precise + version (e.g. for Debian 8.2, or CentOS 7.1). + + The *best* parameter can be used to control the approach for the returned + version: + + If *best* is false, the first non-empty version number in priority order of + the examined sources is returned. + + If *best* is true, the most precise version number out of all examined + sources is returned. + + **Lookup hierarchy:** + + In all cases, the version number is obtained from the following sources. + If *best* is false, this order represents the priority order: + + * the value of the "VERSION_ID" attribute of the os-release file, + * the value of the "Release" attribute returned by the lsb_release + command, + * the version number parsed from the "" field of the first line + of the distro release file, + * the version number parsed from the "PRETTY_NAME" attribute of the + os-release file, if it follows the format of the distro release files. + * the version number parsed from the "Description" attribute returned by + the lsb_release command, if it follows the format of the distro release + files. + """ + return _distro.version(pretty, best) + + +def version_parts(best=False): + """ + Return the version of the current OS distribution as a tuple + ``(major, minor, build_number)`` with items as follows: + + * ``major``: The result of :func:`distro.major_version`. + + * ``minor``: The result of :func:`distro.minor_version`. + + * ``build_number``: The result of :func:`distro.build_number`. + + For a description of the *best* parameter, see the :func:`distro.version` + method. + """ + return _distro.version_parts(best) + + +def major_version(best=False): + """ + Return the major version of the current OS distribution, as a string, + if provided. + Otherwise, the empty string is returned. The major version is the first + part of the dot-separated version string. + + For a description of the *best* parameter, see the :func:`distro.version` + method. + """ + return _distro.major_version(best) + + +def minor_version(best=False): + """ + Return the minor version of the current OS distribution, as a string, + if provided. + Otherwise, the empty string is returned. The minor version is the second + part of the dot-separated version string. + + For a description of the *best* parameter, see the :func:`distro.version` + method. + """ + return _distro.minor_version(best) + + +def build_number(best=False): + """ + Return the build number of the current OS distribution, as a string, + if provided. + Otherwise, the empty string is returned. The build number is the third part + of the dot-separated version string. + + For a description of the *best* parameter, see the :func:`distro.version` + method. + """ + return _distro.build_number(best) + + +def like(): + """ + Return a space-separated list of distro IDs of distributions that are + closely related to the current OS distribution in regards to packaging + and programming interfaces, for example distributions the current + distribution is a derivative from. + + **Lookup hierarchy:** + + This information item is only provided by the os-release file. + For details, see the description of the "ID_LIKE" attribute in the + `os-release man page + `_. + """ + return _distro.like() + + +def codename(): + """ + Return the codename for the release of the current OS distribution, + as a string. + + If the distribution does not have a codename, an empty string is returned. + + Note that the returned codename is not always really a codename. For + example, openSUSE returns "x86_64". This function does not handle such + cases in any special way and just returns the string it finds, if any. + + **Lookup hierarchy:** + + * the codename within the "VERSION" attribute of the os-release file, if + provided, + + * the value of the "Codename" attribute returned by the lsb_release + command, + + * the value of the "" field of the distro release file. + """ + return _distro.codename() + + +def info(pretty=False, best=False): + """ + Return certain machine-readable information items about the current OS + distribution in a dictionary, as shown in the following example: + + .. sourcecode:: python + + { + 'id': 'rhel', + 'version': '7.0', + 'version_parts': { + 'major': '7', + 'minor': '0', + 'build_number': '' + }, + 'like': 'fedora', + 'codename': 'Maipo' + } + + The dictionary structure and keys are always the same, regardless of which + information items are available in the underlying data sources. The values + for the various keys are as follows: + + * ``id``: The result of :func:`distro.id`. + + * ``version``: The result of :func:`distro.version`. + + * ``version_parts -> major``: The result of :func:`distro.major_version`. + + * ``version_parts -> minor``: The result of :func:`distro.minor_version`. + + * ``version_parts -> build_number``: The result of + :func:`distro.build_number`. + + * ``like``: The result of :func:`distro.like`. + + * ``codename``: The result of :func:`distro.codename`. + + For a description of the *pretty* and *best* parameters, see the + :func:`distro.version` method. + """ + return _distro.info(pretty, best) + + +def os_release_info(): + """ + Return a dictionary containing key-value pairs for the information items + from the os-release file data source of the current OS distribution. + + See `os-release file`_ for details about these information items. + """ + return _distro.os_release_info() + + +def lsb_release_info(): + """ + Return a dictionary containing key-value pairs for the information items + from the lsb_release command data source of the current OS distribution. + + See `lsb_release command output`_ for details about these information + items. + """ + return _distro.lsb_release_info() + + +def distro_release_info(): + """ + Return a dictionary containing key-value pairs for the information items + from the distro release file data source of the current OS distribution. + + See `distro release file`_ for details about these information items. + """ + return _distro.distro_release_info() + + +def uname_info(): + """ + Return a dictionary containing key-value pairs for the information items + from the distro release file data source of the current OS distribution. + """ + return _distro.uname_info() + + +def os_release_attr(attribute): + """ + Return a single named information item from the os-release file data source + of the current OS distribution. + + Parameters: + + * ``attribute`` (string): Key of the information item. + + Returns: + + * (string): Value of the information item, if the item exists. + The empty string, if the item does not exist. + + See `os-release file`_ for details about these information items. + """ + return _distro.os_release_attr(attribute) + + +def lsb_release_attr(attribute): + """ + Return a single named information item from the lsb_release command output + data source of the current OS distribution. + + Parameters: + + * ``attribute`` (string): Key of the information item. + + Returns: + + * (string): Value of the information item, if the item exists. + The empty string, if the item does not exist. + + See `lsb_release command output`_ for details about these information + items. + """ + return _distro.lsb_release_attr(attribute) + + +def distro_release_attr(attribute): + """ + Return a single named information item from the distro release file + data source of the current OS distribution. + + Parameters: + + * ``attribute`` (string): Key of the information item. + + Returns: + + * (string): Value of the information item, if the item exists. + The empty string, if the item does not exist. + + See `distro release file`_ for details about these information items. + """ + return _distro.distro_release_attr(attribute) + + +def uname_attr(attribute): + """ + Return a single named information item from the distro release file + data source of the current OS distribution. + + Parameters: + + * ``attribute`` (string): Key of the information item. + + Returns: + + * (string): Value of the information item, if the item exists. + The empty string, if the item does not exist. + """ + return _distro.uname_attr(attribute) + + +class cached_property(object): + """A version of @property which caches the value. On access, it calls the + underlying function and sets the value in `__dict__` so future accesses + will not re-call the property. + """ + def __init__(self, f): + self._fname = f.__name__ + self._f = f + + def __get__(self, obj, owner): + assert obj is not None, 'call {} on an instance'.format(self._fname) + ret = obj.__dict__[self._fname] = self._f(obj) + return ret + + +class LinuxDistribution(object): + """ + Provides information about a OS distribution. + + This package creates a private module-global instance of this class with + default initialization arguments, that is used by the + `consolidated accessor functions`_ and `single source accessor functions`_. + By using default initialization arguments, that module-global instance + returns data about the current OS distribution (i.e. the distro this + package runs on). + + Normally, it is not necessary to create additional instances of this class. + However, in situations where control is needed over the exact data sources + that are used, instances of this class can be created with a specific + distro release file, or a specific os-release file, or without invoking the + lsb_release command. + """ + + def __init__(self, + include_lsb=True, + os_release_file='', + distro_release_file='', + include_uname=True): + """ + The initialization method of this class gathers information from the + available data sources, and stores that in private instance attributes. + Subsequent access to the information items uses these private instance + attributes, so that the data sources are read only once. + + Parameters: + + * ``include_lsb`` (bool): Controls whether the + `lsb_release command output`_ is included as a data source. + + If the lsb_release command is not available in the program execution + path, the data source for the lsb_release command will be empty. + + * ``os_release_file`` (string): The path name of the + `os-release file`_ that is to be used as a data source. + + An empty string (the default) will cause the default path name to + be used (see `os-release file`_ for details). + + If the specified or defaulted os-release file does not exist, the + data source for the os-release file will be empty. + + * ``distro_release_file`` (string): The path name of the + `distro release file`_ that is to be used as a data source. + + An empty string (the default) will cause a default search algorithm + to be used (see `distro release file`_ for details). + + If the specified distro release file does not exist, or if no default + distro release file can be found, the data source for the distro + release file will be empty. + + * ``include_uname`` (bool): Controls whether uname command output is + included as a data source. If the uname command is not available in + the program execution path the data source for the uname command will + be empty. + + Public instance attributes: + + * ``os_release_file`` (string): The path name of the + `os-release file`_ that is actually used as a data source. The + empty string if no distro release file is used as a data source. + + * ``distro_release_file`` (string): The path name of the + `distro release file`_ that is actually used as a data source. The + empty string if no distro release file is used as a data source. + + * ``include_lsb`` (bool): The result of the ``include_lsb`` parameter. + This controls whether the lsb information will be loaded. + + * ``include_uname`` (bool): The result of the ``include_uname`` + parameter. This controls whether the uname information will + be loaded. + + Raises: + + * :py:exc:`IOError`: Some I/O issue with an os-release file or distro + release file. + + * :py:exc:`subprocess.CalledProcessError`: The lsb_release command had + some issue (other than not being available in the program execution + path). + + * :py:exc:`UnicodeError`: A data source has unexpected characters or + uses an unexpected encoding. + """ + self.os_release_file = os_release_file or \ + os.path.join(_UNIXCONFDIR, _OS_RELEASE_BASENAME) + self.distro_release_file = distro_release_file or '' # updated later + self.include_lsb = include_lsb + self.include_uname = include_uname + + def __repr__(self): + """Return repr of all info + """ + return \ + "LinuxDistribution(" \ + "os_release_file={self.os_release_file!r}, " \ + "distro_release_file={self.distro_release_file!r}, " \ + "include_lsb={self.include_lsb!r}, " \ + "include_uname={self.include_uname!r}, " \ + "_os_release_info={self._os_release_info!r}, " \ + "_lsb_release_info={self._lsb_release_info!r}, " \ + "_distro_release_info={self._distro_release_info!r}, " \ + "_uname_info={self._uname_info!r})".format( + self=self) + + def linux_distribution(self, full_distribution_name=True): + """ + Return information about the OS distribution that is compatible + with Python's :func:`platform.linux_distribution`, supporting a subset + of its parameters. + + For details, see :func:`distro.linux_distribution`. + """ + return ( + self.name() if full_distribution_name else self.id(), + self.version(), + self.codename() + ) + + def id(self): + """Return the distro ID of the OS distribution, as a string. + + For details, see :func:`distro.id`. + """ + def normalize(distro_id, table): + distro_id = distro_id.lower().replace(' ', '_') + return table.get(distro_id, distro_id) + + distro_id = self.os_release_attr('id') + if distro_id: + return normalize(distro_id, NORMALIZED_OS_ID) + + distro_id = self.lsb_release_attr('distributor_id') + if distro_id: + return normalize(distro_id, NORMALIZED_LSB_ID) + + distro_id = self.distro_release_attr('id') + if distro_id: + return normalize(distro_id, NORMALIZED_DISTRO_ID) + + distro_id = self.uname_attr('id') + if distro_id: + return normalize(distro_id, NORMALIZED_DISTRO_ID) + + return '' + + def name(self, pretty=False): + """ + Return the name of the OS distribution, as a string. + + For details, see :func:`distro.name`. + """ + name = self.os_release_attr('name') \ + or self.lsb_release_attr('distributor_id') \ + or self.distro_release_attr('name') \ + or self.uname_attr('name') + if pretty: + name = self.os_release_attr('pretty_name') \ + or self.lsb_release_attr('description') + if not name: + name = self.distro_release_attr('name') \ + or self.uname_attr('name') + version = self.version(pretty=True) + if version: + name = name + ' ' + version + return name or '' + + def version(self, pretty=False, best=False): + """ + Return the version of the OS distribution, as a string. + + For details, see :func:`distro.version`. + """ + versions = [ + self.os_release_attr('version_id'), + self.lsb_release_attr('release'), + self.distro_release_attr('version_id'), + self._parse_distro_release_content( + self.os_release_attr('pretty_name')).get('version_id', ''), + self._parse_distro_release_content( + self.lsb_release_attr('description')).get('version_id', ''), + self.uname_attr('release') + ] + version = '' + if best: + # This algorithm uses the last version in priority order that has + # the best precision. If the versions are not in conflict, that + # does not matter; otherwise, using the last one instead of the + # first one might be considered a surprise. + for v in versions: + if v.count(".") > version.count(".") or version == '': + version = v + else: + for v in versions: + if v != '': + version = v + break + if pretty and version and self.codename(): + version = '{0} ({1})'.format(version, self.codename()) + return version + + def version_parts(self, best=False): + """ + Return the version of the OS distribution, as a tuple of version + numbers. + + For details, see :func:`distro.version_parts`. + """ + version_str = self.version(best=best) + if version_str: + version_regex = re.compile(r'(\d+)\.?(\d+)?\.?(\d+)?') + matches = version_regex.match(version_str) + if matches: + major, minor, build_number = matches.groups() + return major, minor or '', build_number or '' + return '', '', '' + + def major_version(self, best=False): + """ + Return the major version number of the current distribution. + + For details, see :func:`distro.major_version`. + """ + return self.version_parts(best)[0] + + def minor_version(self, best=False): + """ + Return the minor version number of the current distribution. + + For details, see :func:`distro.minor_version`. + """ + return self.version_parts(best)[1] + + def build_number(self, best=False): + """ + Return the build number of the current distribution. + + For details, see :func:`distro.build_number`. + """ + return self.version_parts(best)[2] + + def like(self): + """ + Return the IDs of distributions that are like the OS distribution. + + For details, see :func:`distro.like`. + """ + return self.os_release_attr('id_like') or '' + + def codename(self): + """ + Return the codename of the OS distribution. + + For details, see :func:`distro.codename`. + """ + try: + # Handle os_release specially since distros might purposefully set + # this to empty string to have no codename + return self._os_release_info['codename'] + except KeyError: + return self.lsb_release_attr('codename') \ + or self.distro_release_attr('codename') \ + or '' + + def info(self, pretty=False, best=False): + """ + Return certain machine-readable information about the OS + distribution. + + For details, see :func:`distro.info`. + """ + return dict( + id=self.id(), + version=self.version(pretty, best), + version_parts=dict( + major=self.major_version(best), + minor=self.minor_version(best), + build_number=self.build_number(best) + ), + like=self.like(), + codename=self.codename(), + ) + + def os_release_info(self): + """ + Return a dictionary containing key-value pairs for the information + items from the os-release file data source of the OS distribution. + + For details, see :func:`distro.os_release_info`. + """ + return self._os_release_info + + def lsb_release_info(self): + """ + Return a dictionary containing key-value pairs for the information + items from the lsb_release command data source of the OS + distribution. + + For details, see :func:`distro.lsb_release_info`. + """ + return self._lsb_release_info + + def distro_release_info(self): + """ + Return a dictionary containing key-value pairs for the information + items from the distro release file data source of the OS + distribution. + + For details, see :func:`distro.distro_release_info`. + """ + return self._distro_release_info + + def uname_info(self): + """ + Return a dictionary containing key-value pairs for the information + items from the uname command data source of the OS distribution. + + For details, see :func:`distro.uname_info`. + """ + return self._uname_info + + def os_release_attr(self, attribute): + """ + Return a single named information item from the os-release file data + source of the OS distribution. + + For details, see :func:`distro.os_release_attr`. + """ + return self._os_release_info.get(attribute, '') + + def lsb_release_attr(self, attribute): + """ + Return a single named information item from the lsb_release command + output data source of the OS distribution. + + For details, see :func:`distro.lsb_release_attr`. + """ + return self._lsb_release_info.get(attribute, '') + + def distro_release_attr(self, attribute): + """ + Return a single named information item from the distro release file + data source of the OS distribution. + + For details, see :func:`distro.distro_release_attr`. + """ + return self._distro_release_info.get(attribute, '') + + def uname_attr(self, attribute): + """ + Return a single named information item from the uname command + output data source of the OS distribution. + + For details, see :func:`distro.uname_release_attr`. + """ + return self._uname_info.get(attribute, '') + + @cached_property + def _os_release_info(self): + """ + Get the information items from the specified os-release file. + + Returns: + A dictionary containing all information items. + """ + if os.path.isfile(self.os_release_file): + with open(self.os_release_file) as release_file: + return self._parse_os_release_content(release_file) + return {} + + @staticmethod + def _parse_os_release_content(lines): + """ + Parse the lines of an os-release file. + + Parameters: + + * lines: Iterable through the lines in the os-release file. + Each line must be a unicode string or a UTF-8 encoded byte + string. + + Returns: + A dictionary containing all information items. + """ + props = {} + lexer = shlex.shlex(lines, posix=True) + lexer.whitespace_split = True + + # The shlex module defines its `wordchars` variable using literals, + # making it dependent on the encoding of the Python source file. + # In Python 2.6 and 2.7, the shlex source file is encoded in + # 'iso-8859-1', and the `wordchars` variable is defined as a byte + # string. This causes a UnicodeDecodeError to be raised when the + # parsed content is a unicode object. The following fix resolves that + # (... but it should be fixed in shlex...): + if sys.version_info[0] == 2 and isinstance(lexer.wordchars, bytes): + lexer.wordchars = lexer.wordchars.decode('iso-8859-1') + + tokens = list(lexer) + for token in tokens: + # At this point, all shell-like parsing has been done (i.e. + # comments processed, quotes and backslash escape sequences + # processed, multi-line values assembled, trailing newlines + # stripped, etc.), so the tokens are now either: + # * variable assignments: var=value + # * commands or their arguments (not allowed in os-release) + if '=' in token: + k, v = token.split('=', 1) + props[k.lower()] = v + else: + # Ignore any tokens that are not variable assignments + pass + + if 'version_codename' in props: + # os-release added a version_codename field. Use that in + # preference to anything else Note that some distros purposefully + # do not have code names. They should be setting + # version_codename="" + props['codename'] = props['version_codename'] + elif 'ubuntu_codename' in props: + # Same as above but a non-standard field name used on older Ubuntus + props['codename'] = props['ubuntu_codename'] + elif 'version' in props: + # If there is no version_codename, parse it from the version + codename = re.search(r'(\(\D+\))|,(\s+)?\D+', props['version']) + if codename: + codename = codename.group() + codename = codename.strip('()') + codename = codename.strip(',') + codename = codename.strip() + # codename appears within paranthese. + props['codename'] = codename + + return props + + @cached_property + def _lsb_release_info(self): + """ + Get the information items from the lsb_release command output. + + Returns: + A dictionary containing all information items. + """ + if not self.include_lsb: + return {} + with open(os.devnull, 'w') as devnull: + try: + cmd = ('lsb_release', '-a') + stdout = subprocess.check_output(cmd, stderr=devnull) + except OSError: # Command not found + return {} + content = self._to_str(stdout).splitlines() + return self._parse_lsb_release_content(content) + + @staticmethod + def _parse_lsb_release_content(lines): + """ + Parse the output of the lsb_release command. + + Parameters: + + * lines: Iterable through the lines of the lsb_release output. + Each line must be a unicode string or a UTF-8 encoded byte + string. + + Returns: + A dictionary containing all information items. + """ + props = {} + for line in lines: + kv = line.strip('\n').split(':', 1) + if len(kv) != 2: + # Ignore lines without colon. + continue + k, v = kv + props.update({k.replace(' ', '_').lower(): v.strip()}) + return props + + @cached_property + def _uname_info(self): + with open(os.devnull, 'w') as devnull: + try: + cmd = ('uname', '-rs') + stdout = subprocess.check_output(cmd, stderr=devnull) + except OSError: + return {} + content = self._to_str(stdout).splitlines() + return self._parse_uname_content(content) + + @staticmethod + def _parse_uname_content(lines): + props = {} + match = re.search(r'^([^\s]+)\s+([\d\.]+)', lines[0].strip()) + if match: + name, version = match.groups() + + # This is to prevent the Linux kernel version from + # appearing as the 'best' version on otherwise + # identifiable distributions. + if name == 'Linux': + return {} + props['id'] = name.lower() + props['name'] = name + props['release'] = version + return props + + @staticmethod + def _to_str(text): + encoding = sys.getfilesystemencoding() + encoding = 'utf-8' if encoding == 'ascii' else encoding + + if sys.version_info[0] >= 3: + if isinstance(text, bytes): + return text.decode(encoding) + else: + if isinstance(text, unicode): # noqa + return text.encode(encoding) + + return text + + @cached_property + def _distro_release_info(self): + """ + Get the information items from the specified distro release file. + + Returns: + A dictionary containing all information items. + """ + if self.distro_release_file: + # If it was specified, we use it and parse what we can, even if + # its file name or content does not match the expected pattern. + distro_info = self._parse_distro_release_file( + self.distro_release_file) + basename = os.path.basename(self.distro_release_file) + # The file name pattern for user-specified distro release files + # is somewhat more tolerant (compared to when searching for the + # file), because we want to use what was specified as best as + # possible. + match = _DISTRO_RELEASE_BASENAME_PATTERN.match(basename) + if 'name' in distro_info \ + and 'cloudlinux' in distro_info['name'].lower(): + distro_info['id'] = 'cloudlinux' + elif match: + distro_info['id'] = match.group(1) + return distro_info + else: + try: + basenames = os.listdir(_UNIXCONFDIR) + # We sort for repeatability in cases where there are multiple + # distro specific files; e.g. CentOS, Oracle, Enterprise all + # containing `redhat-release` on top of their own. + basenames.sort() + except OSError: + # This may occur when /etc is not readable but we can't be + # sure about the *-release files. Check common entries of + # /etc for information. If they turn out to not be there the + # error is handled in `_parse_distro_release_file()`. + basenames = ['SuSE-release', + 'arch-release', + 'base-release', + 'centos-release', + 'fedora-release', + 'gentoo-release', + 'mageia-release', + 'mandrake-release', + 'mandriva-release', + 'mandrivalinux-release', + 'manjaro-release', + 'oracle-release', + 'redhat-release', + 'sl-release', + 'slackware-version'] + for basename in basenames: + if basename in _DISTRO_RELEASE_IGNORE_BASENAMES: + continue + match = _DISTRO_RELEASE_BASENAME_PATTERN.match(basename) + if match: + filepath = os.path.join(_UNIXCONFDIR, basename) + distro_info = self._parse_distro_release_file(filepath) + if 'name' in distro_info: + # The name is always present if the pattern matches + self.distro_release_file = filepath + distro_info['id'] = match.group(1) + if 'cloudlinux' in distro_info['name'].lower(): + distro_info['id'] = 'cloudlinux' + return distro_info + return {} + + def _parse_distro_release_file(self, filepath): + """ + Parse a distro release file. + + Parameters: + + * filepath: Path name of the distro release file. + + Returns: + A dictionary containing all information items. + """ + try: + with open(filepath) as fp: + # Only parse the first line. For instance, on SLES there + # are multiple lines. We don't want them... + return self._parse_distro_release_content(fp.readline()) + except (OSError, IOError): + # Ignore not being able to read a specific, seemingly version + # related file. + # See https://github.com/nir0s/distro/issues/162 + return {} + + @staticmethod + def _parse_distro_release_content(line): + """ + Parse a line from a distro release file. + + Parameters: + * line: Line from the distro release file. Must be a unicode string + or a UTF-8 encoded byte string. + + Returns: + A dictionary containing all information items. + """ + matches = _DISTRO_RELEASE_CONTENT_REVERSED_PATTERN.match( + line.strip()[::-1]) + distro_info = {} + if matches: + # regexp ensures non-None + distro_info['name'] = matches.group(3)[::-1] + if matches.group(2): + distro_info['version_id'] = matches.group(2)[::-1] + if matches.group(1): + distro_info['codename'] = matches.group(1)[::-1] + elif line: + distro_info['name'] = line.strip() + return distro_info + + +_distro = LinuxDistribution() + + +def main(): + logger = logging.getLogger(__name__) + logger.setLevel(logging.DEBUG) + logger.addHandler(logging.StreamHandler(sys.stdout)) + + parser = argparse.ArgumentParser(description="OS distro info tool") + parser.add_argument( + '--json', + '-j', + help="Output in machine readable format", + action="store_true") + args = parser.parse_args() + + if args.json: + logger.info(json.dumps(info(), indent=4, sort_keys=True)) + else: + logger.info('Name: %s', name(pretty=True)) + distribution_version = version(pretty=True) + logger.info('Version: %s', distribution_version) + distribution_codename = codename() + logger.info('Codename: %s', distribution_codename) + + +if __name__ == '__main__': + main() diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/__init__.py new file mode 100644 index 000000000..d1d82f157 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/__init__.py @@ -0,0 +1,35 @@ +""" +HTML parsing library based on the `WHATWG HTML specification +`_. The parser is designed to be compatible with +existing HTML found in the wild and implements well-defined error recovery that +is largely compatible with modern desktop web browsers. + +Example usage:: + + from pip._vendor import html5lib + with open("my_document.html", "rb") as f: + tree = html5lib.parse(f) + +For convenience, this module re-exports the following names: + +* :func:`~.html5parser.parse` +* :func:`~.html5parser.parseFragment` +* :class:`~.html5parser.HTMLParser` +* :func:`~.treebuilders.getTreeBuilder` +* :func:`~.treewalkers.getTreeWalker` +* :func:`~.serializer.serialize` +""" + +from __future__ import absolute_import, division, unicode_literals + +from .html5parser import HTMLParser, parse, parseFragment +from .treebuilders import getTreeBuilder +from .treewalkers import getTreeWalker +from .serializer import serialize + +__all__ = ["HTMLParser", "parse", "parseFragment", "getTreeBuilder", + "getTreeWalker", "serialize"] + +# this has to be at the top level, see how setup.py parses this +#: Distribution version number. +__version__ = "1.1" diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_ihatexml.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_ihatexml.py new file mode 100644 index 000000000..3ff803c19 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_ihatexml.py @@ -0,0 +1,289 @@ +from __future__ import absolute_import, division, unicode_literals + +import re +import warnings + +from .constants import DataLossWarning + +baseChar = """ +[#x0041-#x005A] | [#x0061-#x007A] | [#x00C0-#x00D6] | [#x00D8-#x00F6] | +[#x00F8-#x00FF] | [#x0100-#x0131] | [#x0134-#x013E] | [#x0141-#x0148] | +[#x014A-#x017E] | [#x0180-#x01C3] | [#x01CD-#x01F0] | [#x01F4-#x01F5] | +[#x01FA-#x0217] | [#x0250-#x02A8] | [#x02BB-#x02C1] | #x0386 | +[#x0388-#x038A] | #x038C | [#x038E-#x03A1] | [#x03A3-#x03CE] | +[#x03D0-#x03D6] | #x03DA | #x03DC | #x03DE | #x03E0 | [#x03E2-#x03F3] | +[#x0401-#x040C] | [#x040E-#x044F] | [#x0451-#x045C] | [#x045E-#x0481] | +[#x0490-#x04C4] | [#x04C7-#x04C8] | [#x04CB-#x04CC] | [#x04D0-#x04EB] | +[#x04EE-#x04F5] | [#x04F8-#x04F9] | [#x0531-#x0556] | #x0559 | +[#x0561-#x0586] | [#x05D0-#x05EA] | [#x05F0-#x05F2] | [#x0621-#x063A] | +[#x0641-#x064A] | [#x0671-#x06B7] | [#x06BA-#x06BE] | [#x06C0-#x06CE] | +[#x06D0-#x06D3] | #x06D5 | [#x06E5-#x06E6] | [#x0905-#x0939] | #x093D | +[#x0958-#x0961] | [#x0985-#x098C] | [#x098F-#x0990] | [#x0993-#x09A8] | +[#x09AA-#x09B0] | #x09B2 | [#x09B6-#x09B9] | [#x09DC-#x09DD] | +[#x09DF-#x09E1] | [#x09F0-#x09F1] | [#x0A05-#x0A0A] | [#x0A0F-#x0A10] | +[#x0A13-#x0A28] | [#x0A2A-#x0A30] | [#x0A32-#x0A33] | [#x0A35-#x0A36] | +[#x0A38-#x0A39] | [#x0A59-#x0A5C] | #x0A5E | [#x0A72-#x0A74] | +[#x0A85-#x0A8B] | #x0A8D | [#x0A8F-#x0A91] | [#x0A93-#x0AA8] | +[#x0AAA-#x0AB0] | [#x0AB2-#x0AB3] | [#x0AB5-#x0AB9] | #x0ABD | #x0AE0 | +[#x0B05-#x0B0C] | [#x0B0F-#x0B10] | [#x0B13-#x0B28] | [#x0B2A-#x0B30] | +[#x0B32-#x0B33] | [#x0B36-#x0B39] | #x0B3D | [#x0B5C-#x0B5D] | +[#x0B5F-#x0B61] | [#x0B85-#x0B8A] | [#x0B8E-#x0B90] | [#x0B92-#x0B95] | +[#x0B99-#x0B9A] | #x0B9C | [#x0B9E-#x0B9F] | [#x0BA3-#x0BA4] | +[#x0BA8-#x0BAA] | [#x0BAE-#x0BB5] | [#x0BB7-#x0BB9] | [#x0C05-#x0C0C] | +[#x0C0E-#x0C10] | [#x0C12-#x0C28] | [#x0C2A-#x0C33] | [#x0C35-#x0C39] | +[#x0C60-#x0C61] | [#x0C85-#x0C8C] | [#x0C8E-#x0C90] | [#x0C92-#x0CA8] | +[#x0CAA-#x0CB3] | [#x0CB5-#x0CB9] | #x0CDE | [#x0CE0-#x0CE1] | +[#x0D05-#x0D0C] | [#x0D0E-#x0D10] | [#x0D12-#x0D28] | [#x0D2A-#x0D39] | +[#x0D60-#x0D61] | [#x0E01-#x0E2E] | #x0E30 | [#x0E32-#x0E33] | +[#x0E40-#x0E45] | [#x0E81-#x0E82] | #x0E84 | [#x0E87-#x0E88] | #x0E8A | +#x0E8D | [#x0E94-#x0E97] | [#x0E99-#x0E9F] | [#x0EA1-#x0EA3] | #x0EA5 | +#x0EA7 | [#x0EAA-#x0EAB] | [#x0EAD-#x0EAE] | #x0EB0 | [#x0EB2-#x0EB3] | +#x0EBD | [#x0EC0-#x0EC4] | [#x0F40-#x0F47] | [#x0F49-#x0F69] | +[#x10A0-#x10C5] | [#x10D0-#x10F6] | #x1100 | [#x1102-#x1103] | +[#x1105-#x1107] | #x1109 | [#x110B-#x110C] | [#x110E-#x1112] | #x113C | +#x113E | #x1140 | #x114C | #x114E | #x1150 | [#x1154-#x1155] | #x1159 | +[#x115F-#x1161] | #x1163 | #x1165 | #x1167 | #x1169 | [#x116D-#x116E] | +[#x1172-#x1173] | #x1175 | #x119E | #x11A8 | #x11AB | [#x11AE-#x11AF] | +[#x11B7-#x11B8] | #x11BA | [#x11BC-#x11C2] | #x11EB | #x11F0 | #x11F9 | +[#x1E00-#x1E9B] | [#x1EA0-#x1EF9] | [#x1F00-#x1F15] | [#x1F18-#x1F1D] | +[#x1F20-#x1F45] | [#x1F48-#x1F4D] | [#x1F50-#x1F57] | #x1F59 | #x1F5B | +#x1F5D | [#x1F5F-#x1F7D] | [#x1F80-#x1FB4] | [#x1FB6-#x1FBC] | #x1FBE | +[#x1FC2-#x1FC4] | [#x1FC6-#x1FCC] | [#x1FD0-#x1FD3] | [#x1FD6-#x1FDB] | +[#x1FE0-#x1FEC] | [#x1FF2-#x1FF4] | [#x1FF6-#x1FFC] | #x2126 | +[#x212A-#x212B] | #x212E | [#x2180-#x2182] | [#x3041-#x3094] | +[#x30A1-#x30FA] | [#x3105-#x312C] | [#xAC00-#xD7A3]""" + +ideographic = """[#x4E00-#x9FA5] | #x3007 | [#x3021-#x3029]""" + +combiningCharacter = """ +[#x0300-#x0345] | [#x0360-#x0361] | [#x0483-#x0486] | [#x0591-#x05A1] | +[#x05A3-#x05B9] | [#x05BB-#x05BD] | #x05BF | [#x05C1-#x05C2] | #x05C4 | +[#x064B-#x0652] | #x0670 | [#x06D6-#x06DC] | [#x06DD-#x06DF] | +[#x06E0-#x06E4] | [#x06E7-#x06E8] | [#x06EA-#x06ED] | [#x0901-#x0903] | +#x093C | [#x093E-#x094C] | #x094D | [#x0951-#x0954] | [#x0962-#x0963] | +[#x0981-#x0983] | #x09BC | #x09BE | #x09BF | [#x09C0-#x09C4] | +[#x09C7-#x09C8] | [#x09CB-#x09CD] | #x09D7 | [#x09E2-#x09E3] | #x0A02 | +#x0A3C | #x0A3E | #x0A3F | [#x0A40-#x0A42] | [#x0A47-#x0A48] | +[#x0A4B-#x0A4D] | [#x0A70-#x0A71] | [#x0A81-#x0A83] | #x0ABC | +[#x0ABE-#x0AC5] | [#x0AC7-#x0AC9] | [#x0ACB-#x0ACD] | [#x0B01-#x0B03] | +#x0B3C | [#x0B3E-#x0B43] | [#x0B47-#x0B48] | [#x0B4B-#x0B4D] | +[#x0B56-#x0B57] | [#x0B82-#x0B83] | [#x0BBE-#x0BC2] | [#x0BC6-#x0BC8] | +[#x0BCA-#x0BCD] | #x0BD7 | [#x0C01-#x0C03] | [#x0C3E-#x0C44] | +[#x0C46-#x0C48] | [#x0C4A-#x0C4D] | [#x0C55-#x0C56] | [#x0C82-#x0C83] | +[#x0CBE-#x0CC4] | [#x0CC6-#x0CC8] | [#x0CCA-#x0CCD] | [#x0CD5-#x0CD6] | +[#x0D02-#x0D03] | [#x0D3E-#x0D43] | [#x0D46-#x0D48] | [#x0D4A-#x0D4D] | +#x0D57 | #x0E31 | [#x0E34-#x0E3A] | [#x0E47-#x0E4E] | #x0EB1 | +[#x0EB4-#x0EB9] | [#x0EBB-#x0EBC] | [#x0EC8-#x0ECD] | [#x0F18-#x0F19] | +#x0F35 | #x0F37 | #x0F39 | #x0F3E | #x0F3F | [#x0F71-#x0F84] | +[#x0F86-#x0F8B] | [#x0F90-#x0F95] | #x0F97 | [#x0F99-#x0FAD] | +[#x0FB1-#x0FB7] | #x0FB9 | [#x20D0-#x20DC] | #x20E1 | [#x302A-#x302F] | +#x3099 | #x309A""" + +digit = """ +[#x0030-#x0039] | [#x0660-#x0669] | [#x06F0-#x06F9] | [#x0966-#x096F] | +[#x09E6-#x09EF] | [#x0A66-#x0A6F] | [#x0AE6-#x0AEF] | [#x0B66-#x0B6F] | +[#x0BE7-#x0BEF] | [#x0C66-#x0C6F] | [#x0CE6-#x0CEF] | [#x0D66-#x0D6F] | +[#x0E50-#x0E59] | [#x0ED0-#x0ED9] | [#x0F20-#x0F29]""" + +extender = """ +#x00B7 | #x02D0 | #x02D1 | #x0387 | #x0640 | #x0E46 | #x0EC6 | #x3005 | +#[#x3031-#x3035] | [#x309D-#x309E] | [#x30FC-#x30FE]""" + +letter = " | ".join([baseChar, ideographic]) + +# Without the +name = " | ".join([letter, digit, ".", "-", "_", combiningCharacter, + extender]) +nameFirst = " | ".join([letter, "_"]) + +reChar = re.compile(r"#x([\d|A-F]{4,4})") +reCharRange = re.compile(r"\[#x([\d|A-F]{4,4})-#x([\d|A-F]{4,4})\]") + + +def charStringToList(chars): + charRanges = [item.strip() for item in chars.split(" | ")] + rv = [] + for item in charRanges: + foundMatch = False + for regexp in (reChar, reCharRange): + match = regexp.match(item) + if match is not None: + rv.append([hexToInt(item) for item in match.groups()]) + if len(rv[-1]) == 1: + rv[-1] = rv[-1] * 2 + foundMatch = True + break + if not foundMatch: + assert len(item) == 1 + + rv.append([ord(item)] * 2) + rv = normaliseCharList(rv) + return rv + + +def normaliseCharList(charList): + charList = sorted(charList) + for item in charList: + assert item[1] >= item[0] + rv = [] + i = 0 + while i < len(charList): + j = 1 + rv.append(charList[i]) + while i + j < len(charList) and charList[i + j][0] <= rv[-1][1] + 1: + rv[-1][1] = charList[i + j][1] + j += 1 + i += j + return rv + + +# We don't really support characters above the BMP :( +max_unicode = int("FFFF", 16) + + +def missingRanges(charList): + rv = [] + if charList[0] != 0: + rv.append([0, charList[0][0] - 1]) + for i, item in enumerate(charList[:-1]): + rv.append([item[1] + 1, charList[i + 1][0] - 1]) + if charList[-1][1] != max_unicode: + rv.append([charList[-1][1] + 1, max_unicode]) + return rv + + +def listToRegexpStr(charList): + rv = [] + for item in charList: + if item[0] == item[1]: + rv.append(escapeRegexp(chr(item[0]))) + else: + rv.append(escapeRegexp(chr(item[0])) + "-" + + escapeRegexp(chr(item[1]))) + return "[%s]" % "".join(rv) + + +def hexToInt(hex_str): + return int(hex_str, 16) + + +def escapeRegexp(string): + specialCharacters = (".", "^", "$", "*", "+", "?", "{", "}", + "[", "]", "|", "(", ")", "-") + for char in specialCharacters: + string = string.replace(char, "\\" + char) + + return string + +# output from the above +nonXmlNameBMPRegexp = re.compile('[\x00-,/:-@\\[-\\^`\\{-\xb6\xb8-\xbf\xd7\xf7\u0132-\u0133\u013f-\u0140\u0149\u017f\u01c4-\u01cc\u01f1-\u01f3\u01f6-\u01f9\u0218-\u024f\u02a9-\u02ba\u02c2-\u02cf\u02d2-\u02ff\u0346-\u035f\u0362-\u0385\u038b\u038d\u03a2\u03cf\u03d7-\u03d9\u03db\u03dd\u03df\u03e1\u03f4-\u0400\u040d\u0450\u045d\u0482\u0487-\u048f\u04c5-\u04c6\u04c9-\u04ca\u04cd-\u04cf\u04ec-\u04ed\u04f6-\u04f7\u04fa-\u0530\u0557-\u0558\u055a-\u0560\u0587-\u0590\u05a2\u05ba\u05be\u05c0\u05c3\u05c5-\u05cf\u05eb-\u05ef\u05f3-\u0620\u063b-\u063f\u0653-\u065f\u066a-\u066f\u06b8-\u06b9\u06bf\u06cf\u06d4\u06e9\u06ee-\u06ef\u06fa-\u0900\u0904\u093a-\u093b\u094e-\u0950\u0955-\u0957\u0964-\u0965\u0970-\u0980\u0984\u098d-\u098e\u0991-\u0992\u09a9\u09b1\u09b3-\u09b5\u09ba-\u09bb\u09bd\u09c5-\u09c6\u09c9-\u09ca\u09ce-\u09d6\u09d8-\u09db\u09de\u09e4-\u09e5\u09f2-\u0a01\u0a03-\u0a04\u0a0b-\u0a0e\u0a11-\u0a12\u0a29\u0a31\u0a34\u0a37\u0a3a-\u0a3b\u0a3d\u0a43-\u0a46\u0a49-\u0a4a\u0a4e-\u0a58\u0a5d\u0a5f-\u0a65\u0a75-\u0a80\u0a84\u0a8c\u0a8e\u0a92\u0aa9\u0ab1\u0ab4\u0aba-\u0abb\u0ac6\u0aca\u0ace-\u0adf\u0ae1-\u0ae5\u0af0-\u0b00\u0b04\u0b0d-\u0b0e\u0b11-\u0b12\u0b29\u0b31\u0b34-\u0b35\u0b3a-\u0b3b\u0b44-\u0b46\u0b49-\u0b4a\u0b4e-\u0b55\u0b58-\u0b5b\u0b5e\u0b62-\u0b65\u0b70-\u0b81\u0b84\u0b8b-\u0b8d\u0b91\u0b96-\u0b98\u0b9b\u0b9d\u0ba0-\u0ba2\u0ba5-\u0ba7\u0bab-\u0bad\u0bb6\u0bba-\u0bbd\u0bc3-\u0bc5\u0bc9\u0bce-\u0bd6\u0bd8-\u0be6\u0bf0-\u0c00\u0c04\u0c0d\u0c11\u0c29\u0c34\u0c3a-\u0c3d\u0c45\u0c49\u0c4e-\u0c54\u0c57-\u0c5f\u0c62-\u0c65\u0c70-\u0c81\u0c84\u0c8d\u0c91\u0ca9\u0cb4\u0cba-\u0cbd\u0cc5\u0cc9\u0cce-\u0cd4\u0cd7-\u0cdd\u0cdf\u0ce2-\u0ce5\u0cf0-\u0d01\u0d04\u0d0d\u0d11\u0d29\u0d3a-\u0d3d\u0d44-\u0d45\u0d49\u0d4e-\u0d56\u0d58-\u0d5f\u0d62-\u0d65\u0d70-\u0e00\u0e2f\u0e3b-\u0e3f\u0e4f\u0e5a-\u0e80\u0e83\u0e85-\u0e86\u0e89\u0e8b-\u0e8c\u0e8e-\u0e93\u0e98\u0ea0\u0ea4\u0ea6\u0ea8-\u0ea9\u0eac\u0eaf\u0eba\u0ebe-\u0ebf\u0ec5\u0ec7\u0ece-\u0ecf\u0eda-\u0f17\u0f1a-\u0f1f\u0f2a-\u0f34\u0f36\u0f38\u0f3a-\u0f3d\u0f48\u0f6a-\u0f70\u0f85\u0f8c-\u0f8f\u0f96\u0f98\u0fae-\u0fb0\u0fb8\u0fba-\u109f\u10c6-\u10cf\u10f7-\u10ff\u1101\u1104\u1108\u110a\u110d\u1113-\u113b\u113d\u113f\u1141-\u114b\u114d\u114f\u1151-\u1153\u1156-\u1158\u115a-\u115e\u1162\u1164\u1166\u1168\u116a-\u116c\u116f-\u1171\u1174\u1176-\u119d\u119f-\u11a7\u11a9-\u11aa\u11ac-\u11ad\u11b0-\u11b6\u11b9\u11bb\u11c3-\u11ea\u11ec-\u11ef\u11f1-\u11f8\u11fa-\u1dff\u1e9c-\u1e9f\u1efa-\u1eff\u1f16-\u1f17\u1f1e-\u1f1f\u1f46-\u1f47\u1f4e-\u1f4f\u1f58\u1f5a\u1f5c\u1f5e\u1f7e-\u1f7f\u1fb5\u1fbd\u1fbf-\u1fc1\u1fc5\u1fcd-\u1fcf\u1fd4-\u1fd5\u1fdc-\u1fdf\u1fed-\u1ff1\u1ff5\u1ffd-\u20cf\u20dd-\u20e0\u20e2-\u2125\u2127-\u2129\u212c-\u212d\u212f-\u217f\u2183-\u3004\u3006\u3008-\u3020\u3030\u3036-\u3040\u3095-\u3098\u309b-\u309c\u309f-\u30a0\u30fb\u30ff-\u3104\u312d-\u4dff\u9fa6-\uabff\ud7a4-\uffff]') # noqa + +nonXmlNameFirstBMPRegexp = re.compile('[\x00-@\\[-\\^`\\{-\xbf\xd7\xf7\u0132-\u0133\u013f-\u0140\u0149\u017f\u01c4-\u01cc\u01f1-\u01f3\u01f6-\u01f9\u0218-\u024f\u02a9-\u02ba\u02c2-\u0385\u0387\u038b\u038d\u03a2\u03cf\u03d7-\u03d9\u03db\u03dd\u03df\u03e1\u03f4-\u0400\u040d\u0450\u045d\u0482-\u048f\u04c5-\u04c6\u04c9-\u04ca\u04cd-\u04cf\u04ec-\u04ed\u04f6-\u04f7\u04fa-\u0530\u0557-\u0558\u055a-\u0560\u0587-\u05cf\u05eb-\u05ef\u05f3-\u0620\u063b-\u0640\u064b-\u0670\u06b8-\u06b9\u06bf\u06cf\u06d4\u06d6-\u06e4\u06e7-\u0904\u093a-\u093c\u093e-\u0957\u0962-\u0984\u098d-\u098e\u0991-\u0992\u09a9\u09b1\u09b3-\u09b5\u09ba-\u09db\u09de\u09e2-\u09ef\u09f2-\u0a04\u0a0b-\u0a0e\u0a11-\u0a12\u0a29\u0a31\u0a34\u0a37\u0a3a-\u0a58\u0a5d\u0a5f-\u0a71\u0a75-\u0a84\u0a8c\u0a8e\u0a92\u0aa9\u0ab1\u0ab4\u0aba-\u0abc\u0abe-\u0adf\u0ae1-\u0b04\u0b0d-\u0b0e\u0b11-\u0b12\u0b29\u0b31\u0b34-\u0b35\u0b3a-\u0b3c\u0b3e-\u0b5b\u0b5e\u0b62-\u0b84\u0b8b-\u0b8d\u0b91\u0b96-\u0b98\u0b9b\u0b9d\u0ba0-\u0ba2\u0ba5-\u0ba7\u0bab-\u0bad\u0bb6\u0bba-\u0c04\u0c0d\u0c11\u0c29\u0c34\u0c3a-\u0c5f\u0c62-\u0c84\u0c8d\u0c91\u0ca9\u0cb4\u0cba-\u0cdd\u0cdf\u0ce2-\u0d04\u0d0d\u0d11\u0d29\u0d3a-\u0d5f\u0d62-\u0e00\u0e2f\u0e31\u0e34-\u0e3f\u0e46-\u0e80\u0e83\u0e85-\u0e86\u0e89\u0e8b-\u0e8c\u0e8e-\u0e93\u0e98\u0ea0\u0ea4\u0ea6\u0ea8-\u0ea9\u0eac\u0eaf\u0eb1\u0eb4-\u0ebc\u0ebe-\u0ebf\u0ec5-\u0f3f\u0f48\u0f6a-\u109f\u10c6-\u10cf\u10f7-\u10ff\u1101\u1104\u1108\u110a\u110d\u1113-\u113b\u113d\u113f\u1141-\u114b\u114d\u114f\u1151-\u1153\u1156-\u1158\u115a-\u115e\u1162\u1164\u1166\u1168\u116a-\u116c\u116f-\u1171\u1174\u1176-\u119d\u119f-\u11a7\u11a9-\u11aa\u11ac-\u11ad\u11b0-\u11b6\u11b9\u11bb\u11c3-\u11ea\u11ec-\u11ef\u11f1-\u11f8\u11fa-\u1dff\u1e9c-\u1e9f\u1efa-\u1eff\u1f16-\u1f17\u1f1e-\u1f1f\u1f46-\u1f47\u1f4e-\u1f4f\u1f58\u1f5a\u1f5c\u1f5e\u1f7e-\u1f7f\u1fb5\u1fbd\u1fbf-\u1fc1\u1fc5\u1fcd-\u1fcf\u1fd4-\u1fd5\u1fdc-\u1fdf\u1fed-\u1ff1\u1ff5\u1ffd-\u2125\u2127-\u2129\u212c-\u212d\u212f-\u217f\u2183-\u3006\u3008-\u3020\u302a-\u3040\u3095-\u30a0\u30fb-\u3104\u312d-\u4dff\u9fa6-\uabff\ud7a4-\uffff]') # noqa + +# Simpler things +nonPubidCharRegexp = re.compile("[^\x20\x0D\x0Aa-zA-Z0-9\\-'()+,./:=?;!*#@$_%]") + + +class InfosetFilter(object): + replacementRegexp = re.compile(r"U[\dA-F]{5,5}") + + def __init__(self, + dropXmlnsLocalName=False, + dropXmlnsAttrNs=False, + preventDoubleDashComments=False, + preventDashAtCommentEnd=False, + replaceFormFeedCharacters=True, + preventSingleQuotePubid=False): + + self.dropXmlnsLocalName = dropXmlnsLocalName + self.dropXmlnsAttrNs = dropXmlnsAttrNs + + self.preventDoubleDashComments = preventDoubleDashComments + self.preventDashAtCommentEnd = preventDashAtCommentEnd + + self.replaceFormFeedCharacters = replaceFormFeedCharacters + + self.preventSingleQuotePubid = preventSingleQuotePubid + + self.replaceCache = {} + + def coerceAttribute(self, name, namespace=None): + if self.dropXmlnsLocalName and name.startswith("xmlns:"): + warnings.warn("Attributes cannot begin with xmlns", DataLossWarning) + return None + elif (self.dropXmlnsAttrNs and + namespace == "http://www.w3.org/2000/xmlns/"): + warnings.warn("Attributes cannot be in the xml namespace", DataLossWarning) + return None + else: + return self.toXmlName(name) + + def coerceElement(self, name): + return self.toXmlName(name) + + def coerceComment(self, data): + if self.preventDoubleDashComments: + while "--" in data: + warnings.warn("Comments cannot contain adjacent dashes", DataLossWarning) + data = data.replace("--", "- -") + if data.endswith("-"): + warnings.warn("Comments cannot end in a dash", DataLossWarning) + data += " " + return data + + def coerceCharacters(self, data): + if self.replaceFormFeedCharacters: + for _ in range(data.count("\x0C")): + warnings.warn("Text cannot contain U+000C", DataLossWarning) + data = data.replace("\x0C", " ") + # Other non-xml characters + return data + + def coercePubid(self, data): + dataOutput = data + for char in nonPubidCharRegexp.findall(data): + warnings.warn("Coercing non-XML pubid", DataLossWarning) + replacement = self.getReplacementCharacter(char) + dataOutput = dataOutput.replace(char, replacement) + if self.preventSingleQuotePubid and dataOutput.find("'") >= 0: + warnings.warn("Pubid cannot contain single quote", DataLossWarning) + dataOutput = dataOutput.replace("'", self.getReplacementCharacter("'")) + return dataOutput + + def toXmlName(self, name): + nameFirst = name[0] + nameRest = name[1:] + m = nonXmlNameFirstBMPRegexp.match(nameFirst) + if m: + warnings.warn("Coercing non-XML name: %s" % name, DataLossWarning) + nameFirstOutput = self.getReplacementCharacter(nameFirst) + else: + nameFirstOutput = nameFirst + + nameRestOutput = nameRest + replaceChars = set(nonXmlNameBMPRegexp.findall(nameRest)) + for char in replaceChars: + warnings.warn("Coercing non-XML name: %s" % name, DataLossWarning) + replacement = self.getReplacementCharacter(char) + nameRestOutput = nameRestOutput.replace(char, replacement) + return nameFirstOutput + nameRestOutput + + def getReplacementCharacter(self, char): + if char in self.replaceCache: + replacement = self.replaceCache[char] + else: + replacement = self.escapeChar(char) + return replacement + + def fromXmlName(self, name): + for item in set(self.replacementRegexp.findall(name)): + name = name.replace(item, self.unescapeChar(item)) + return name + + def escapeChar(self, char): + replacement = "U%05X" % ord(char) + self.replaceCache[char] = replacement + return replacement + + def unescapeChar(self, charcode): + return chr(int(charcode[1:], 16)) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_inputstream.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_inputstream.py new file mode 100644 index 000000000..e0bb37602 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_inputstream.py @@ -0,0 +1,918 @@ +from __future__ import absolute_import, division, unicode_literals + +from pip._vendor.six import text_type +from pip._vendor.six.moves import http_client, urllib + +import codecs +import re +from io import BytesIO, StringIO + +from pip._vendor import webencodings + +from .constants import EOF, spaceCharacters, asciiLetters, asciiUppercase +from .constants import _ReparseException +from . import _utils + +# Non-unicode versions of constants for use in the pre-parser +spaceCharactersBytes = frozenset([item.encode("ascii") for item in spaceCharacters]) +asciiLettersBytes = frozenset([item.encode("ascii") for item in asciiLetters]) +asciiUppercaseBytes = frozenset([item.encode("ascii") for item in asciiUppercase]) +spacesAngleBrackets = spaceCharactersBytes | frozenset([b">", b"<"]) + + +invalid_unicode_no_surrogate = "[\u0001-\u0008\u000B\u000E-\u001F\u007F-\u009F\uFDD0-\uFDEF\uFFFE\uFFFF\U0001FFFE\U0001FFFF\U0002FFFE\U0002FFFF\U0003FFFE\U0003FFFF\U0004FFFE\U0004FFFF\U0005FFFE\U0005FFFF\U0006FFFE\U0006FFFF\U0007FFFE\U0007FFFF\U0008FFFE\U0008FFFF\U0009FFFE\U0009FFFF\U000AFFFE\U000AFFFF\U000BFFFE\U000BFFFF\U000CFFFE\U000CFFFF\U000DFFFE\U000DFFFF\U000EFFFE\U000EFFFF\U000FFFFE\U000FFFFF\U0010FFFE\U0010FFFF]" # noqa + +if _utils.supports_lone_surrogates: + # Use one extra step of indirection and create surrogates with + # eval. Not using this indirection would introduce an illegal + # unicode literal on platforms not supporting such lone + # surrogates. + assert invalid_unicode_no_surrogate[-1] == "]" and invalid_unicode_no_surrogate.count("]") == 1 + invalid_unicode_re = re.compile(invalid_unicode_no_surrogate[:-1] + + eval('"\\uD800-\\uDFFF"') + # pylint:disable=eval-used + "]") +else: + invalid_unicode_re = re.compile(invalid_unicode_no_surrogate) + +non_bmp_invalid_codepoints = {0x1FFFE, 0x1FFFF, 0x2FFFE, 0x2FFFF, 0x3FFFE, + 0x3FFFF, 0x4FFFE, 0x4FFFF, 0x5FFFE, 0x5FFFF, + 0x6FFFE, 0x6FFFF, 0x7FFFE, 0x7FFFF, 0x8FFFE, + 0x8FFFF, 0x9FFFE, 0x9FFFF, 0xAFFFE, 0xAFFFF, + 0xBFFFE, 0xBFFFF, 0xCFFFE, 0xCFFFF, 0xDFFFE, + 0xDFFFF, 0xEFFFE, 0xEFFFF, 0xFFFFE, 0xFFFFF, + 0x10FFFE, 0x10FFFF} + +ascii_punctuation_re = re.compile("[\u0009-\u000D\u0020-\u002F\u003A-\u0040\u005C\u005B-\u0060\u007B-\u007E]") + +# Cache for charsUntil() +charsUntilRegEx = {} + + +class BufferedStream(object): + """Buffering for streams that do not have buffering of their own + + The buffer is implemented as a list of chunks on the assumption that + joining many strings will be slow since it is O(n**2) + """ + + def __init__(self, stream): + self.stream = stream + self.buffer = [] + self.position = [-1, 0] # chunk number, offset + + def tell(self): + pos = 0 + for chunk in self.buffer[:self.position[0]]: + pos += len(chunk) + pos += self.position[1] + return pos + + def seek(self, pos): + assert pos <= self._bufferedBytes() + offset = pos + i = 0 + while len(self.buffer[i]) < offset: + offset -= len(self.buffer[i]) + i += 1 + self.position = [i, offset] + + def read(self, bytes): + if not self.buffer: + return self._readStream(bytes) + elif (self.position[0] == len(self.buffer) and + self.position[1] == len(self.buffer[-1])): + return self._readStream(bytes) + else: + return self._readFromBuffer(bytes) + + def _bufferedBytes(self): + return sum([len(item) for item in self.buffer]) + + def _readStream(self, bytes): + data = self.stream.read(bytes) + self.buffer.append(data) + self.position[0] += 1 + self.position[1] = len(data) + return data + + def _readFromBuffer(self, bytes): + remainingBytes = bytes + rv = [] + bufferIndex = self.position[0] + bufferOffset = self.position[1] + while bufferIndex < len(self.buffer) and remainingBytes != 0: + assert remainingBytes > 0 + bufferedData = self.buffer[bufferIndex] + + if remainingBytes <= len(bufferedData) - bufferOffset: + bytesToRead = remainingBytes + self.position = [bufferIndex, bufferOffset + bytesToRead] + else: + bytesToRead = len(bufferedData) - bufferOffset + self.position = [bufferIndex, len(bufferedData)] + bufferIndex += 1 + rv.append(bufferedData[bufferOffset:bufferOffset + bytesToRead]) + remainingBytes -= bytesToRead + + bufferOffset = 0 + + if remainingBytes: + rv.append(self._readStream(remainingBytes)) + + return b"".join(rv) + + +def HTMLInputStream(source, **kwargs): + # Work around Python bug #20007: read(0) closes the connection. + # http://bugs.python.org/issue20007 + if (isinstance(source, http_client.HTTPResponse) or + # Also check for addinfourl wrapping HTTPResponse + (isinstance(source, urllib.response.addbase) and + isinstance(source.fp, http_client.HTTPResponse))): + isUnicode = False + elif hasattr(source, "read"): + isUnicode = isinstance(source.read(0), text_type) + else: + isUnicode = isinstance(source, text_type) + + if isUnicode: + encodings = [x for x in kwargs if x.endswith("_encoding")] + if encodings: + raise TypeError("Cannot set an encoding with a unicode input, set %r" % encodings) + + return HTMLUnicodeInputStream(source, **kwargs) + else: + return HTMLBinaryInputStream(source, **kwargs) + + +class HTMLUnicodeInputStream(object): + """Provides a unicode stream of characters to the HTMLTokenizer. + + This class takes care of character encoding and removing or replacing + incorrect byte-sequences and also provides column and line tracking. + + """ + + _defaultChunkSize = 10240 + + def __init__(self, source): + """Initialises the HTMLInputStream. + + HTMLInputStream(source, [encoding]) -> Normalized stream from source + for use by html5lib. + + source can be either a file-object, local filename or a string. + + The optional encoding parameter must be a string that indicates + the encoding. If specified, that encoding will be used, + regardless of any BOM or later declaration (such as in a meta + element) + + """ + + if not _utils.supports_lone_surrogates: + # Such platforms will have already checked for such + # surrogate errors, so no need to do this checking. + self.reportCharacterErrors = None + elif len("\U0010FFFF") == 1: + self.reportCharacterErrors = self.characterErrorsUCS4 + else: + self.reportCharacterErrors = self.characterErrorsUCS2 + + # List of where new lines occur + self.newLines = [0] + + self.charEncoding = (lookupEncoding("utf-8"), "certain") + self.dataStream = self.openStream(source) + + self.reset() + + def reset(self): + self.chunk = "" + self.chunkSize = 0 + self.chunkOffset = 0 + self.errors = [] + + # number of (complete) lines in previous chunks + self.prevNumLines = 0 + # number of columns in the last line of the previous chunk + self.prevNumCols = 0 + + # Deal with CR LF and surrogates split over chunk boundaries + self._bufferedCharacter = None + + def openStream(self, source): + """Produces a file object from source. + + source can be either a file object, local filename or a string. + + """ + # Already a file object + if hasattr(source, 'read'): + stream = source + else: + stream = StringIO(source) + + return stream + + def _position(self, offset): + chunk = self.chunk + nLines = chunk.count('\n', 0, offset) + positionLine = self.prevNumLines + nLines + lastLinePos = chunk.rfind('\n', 0, offset) + if lastLinePos == -1: + positionColumn = self.prevNumCols + offset + else: + positionColumn = offset - (lastLinePos + 1) + return (positionLine, positionColumn) + + def position(self): + """Returns (line, col) of the current position in the stream.""" + line, col = self._position(self.chunkOffset) + return (line + 1, col) + + def char(self): + """ Read one character from the stream or queue if available. Return + EOF when EOF is reached. + """ + # Read a new chunk from the input stream if necessary + if self.chunkOffset >= self.chunkSize: + if not self.readChunk(): + return EOF + + chunkOffset = self.chunkOffset + char = self.chunk[chunkOffset] + self.chunkOffset = chunkOffset + 1 + + return char + + def readChunk(self, chunkSize=None): + if chunkSize is None: + chunkSize = self._defaultChunkSize + + self.prevNumLines, self.prevNumCols = self._position(self.chunkSize) + + self.chunk = "" + self.chunkSize = 0 + self.chunkOffset = 0 + + data = self.dataStream.read(chunkSize) + + # Deal with CR LF and surrogates broken across chunks + if self._bufferedCharacter: + data = self._bufferedCharacter + data + self._bufferedCharacter = None + elif not data: + # We have no more data, bye-bye stream + return False + + if len(data) > 1: + lastv = ord(data[-1]) + if lastv == 0x0D or 0xD800 <= lastv <= 0xDBFF: + self._bufferedCharacter = data[-1] + data = data[:-1] + + if self.reportCharacterErrors: + self.reportCharacterErrors(data) + + # Replace invalid characters + data = data.replace("\r\n", "\n") + data = data.replace("\r", "\n") + + self.chunk = data + self.chunkSize = len(data) + + return True + + def characterErrorsUCS4(self, data): + for _ in range(len(invalid_unicode_re.findall(data))): + self.errors.append("invalid-codepoint") + + def characterErrorsUCS2(self, data): + # Someone picked the wrong compile option + # You lose + skip = False + for match in invalid_unicode_re.finditer(data): + if skip: + continue + codepoint = ord(match.group()) + pos = match.start() + # Pretty sure there should be endianness issues here + if _utils.isSurrogatePair(data[pos:pos + 2]): + # We have a surrogate pair! + char_val = _utils.surrogatePairToCodepoint(data[pos:pos + 2]) + if char_val in non_bmp_invalid_codepoints: + self.errors.append("invalid-codepoint") + skip = True + elif (codepoint >= 0xD800 and codepoint <= 0xDFFF and + pos == len(data) - 1): + self.errors.append("invalid-codepoint") + else: + skip = False + self.errors.append("invalid-codepoint") + + def charsUntil(self, characters, opposite=False): + """ Returns a string of characters from the stream up to but not + including any character in 'characters' or EOF. 'characters' must be + a container that supports the 'in' method and iteration over its + characters. + """ + + # Use a cache of regexps to find the required characters + try: + chars = charsUntilRegEx[(characters, opposite)] + except KeyError: + if __debug__: + for c in characters: + assert(ord(c) < 128) + regex = "".join(["\\x%02x" % ord(c) for c in characters]) + if not opposite: + regex = "^%s" % regex + chars = charsUntilRegEx[(characters, opposite)] = re.compile("[%s]+" % regex) + + rv = [] + + while True: + # Find the longest matching prefix + m = chars.match(self.chunk, self.chunkOffset) + if m is None: + # If nothing matched, and it wasn't because we ran out of chunk, + # then stop + if self.chunkOffset != self.chunkSize: + break + else: + end = m.end() + # If not the whole chunk matched, return everything + # up to the part that didn't match + if end != self.chunkSize: + rv.append(self.chunk[self.chunkOffset:end]) + self.chunkOffset = end + break + # If the whole remainder of the chunk matched, + # use it all and read the next chunk + rv.append(self.chunk[self.chunkOffset:]) + if not self.readChunk(): + # Reached EOF + break + + r = "".join(rv) + return r + + def unget(self, char): + # Only one character is allowed to be ungotten at once - it must + # be consumed again before any further call to unget + if char is not EOF: + if self.chunkOffset == 0: + # unget is called quite rarely, so it's a good idea to do + # more work here if it saves a bit of work in the frequently + # called char and charsUntil. + # So, just prepend the ungotten character onto the current + # chunk: + self.chunk = char + self.chunk + self.chunkSize += 1 + else: + self.chunkOffset -= 1 + assert self.chunk[self.chunkOffset] == char + + +class HTMLBinaryInputStream(HTMLUnicodeInputStream): + """Provides a unicode stream of characters to the HTMLTokenizer. + + This class takes care of character encoding and removing or replacing + incorrect byte-sequences and also provides column and line tracking. + + """ + + def __init__(self, source, override_encoding=None, transport_encoding=None, + same_origin_parent_encoding=None, likely_encoding=None, + default_encoding="windows-1252", useChardet=True): + """Initialises the HTMLInputStream. + + HTMLInputStream(source, [encoding]) -> Normalized stream from source + for use by html5lib. + + source can be either a file-object, local filename or a string. + + The optional encoding parameter must be a string that indicates + the encoding. If specified, that encoding will be used, + regardless of any BOM or later declaration (such as in a meta + element) + + """ + # Raw Stream - for unicode objects this will encode to utf-8 and set + # self.charEncoding as appropriate + self.rawStream = self.openStream(source) + + HTMLUnicodeInputStream.__init__(self, self.rawStream) + + # Encoding Information + # Number of bytes to use when looking for a meta element with + # encoding information + self.numBytesMeta = 1024 + # Number of bytes to use when using detecting encoding using chardet + self.numBytesChardet = 100 + # Things from args + self.override_encoding = override_encoding + self.transport_encoding = transport_encoding + self.same_origin_parent_encoding = same_origin_parent_encoding + self.likely_encoding = likely_encoding + self.default_encoding = default_encoding + + # Determine encoding + self.charEncoding = self.determineEncoding(useChardet) + assert self.charEncoding[0] is not None + + # Call superclass + self.reset() + + def reset(self): + self.dataStream = self.charEncoding[0].codec_info.streamreader(self.rawStream, 'replace') + HTMLUnicodeInputStream.reset(self) + + def openStream(self, source): + """Produces a file object from source. + + source can be either a file object, local filename or a string. + + """ + # Already a file object + if hasattr(source, 'read'): + stream = source + else: + stream = BytesIO(source) + + try: + stream.seek(stream.tell()) + except Exception: + stream = BufferedStream(stream) + + return stream + + def determineEncoding(self, chardet=True): + # BOMs take precedence over everything + # This will also read past the BOM if present + charEncoding = self.detectBOM(), "certain" + if charEncoding[0] is not None: + return charEncoding + + # If we've been overridden, we've been overridden + charEncoding = lookupEncoding(self.override_encoding), "certain" + if charEncoding[0] is not None: + return charEncoding + + # Now check the transport layer + charEncoding = lookupEncoding(self.transport_encoding), "certain" + if charEncoding[0] is not None: + return charEncoding + + # Look for meta elements with encoding information + charEncoding = self.detectEncodingMeta(), "tentative" + if charEncoding[0] is not None: + return charEncoding + + # Parent document encoding + charEncoding = lookupEncoding(self.same_origin_parent_encoding), "tentative" + if charEncoding[0] is not None and not charEncoding[0].name.startswith("utf-16"): + return charEncoding + + # "likely" encoding + charEncoding = lookupEncoding(self.likely_encoding), "tentative" + if charEncoding[0] is not None: + return charEncoding + + # Guess with chardet, if available + if chardet: + try: + from pip._vendor.chardet.universaldetector import UniversalDetector + except ImportError: + pass + else: + buffers = [] + detector = UniversalDetector() + while not detector.done: + buffer = self.rawStream.read(self.numBytesChardet) + assert isinstance(buffer, bytes) + if not buffer: + break + buffers.append(buffer) + detector.feed(buffer) + detector.close() + encoding = lookupEncoding(detector.result['encoding']) + self.rawStream.seek(0) + if encoding is not None: + return encoding, "tentative" + + # Try the default encoding + charEncoding = lookupEncoding(self.default_encoding), "tentative" + if charEncoding[0] is not None: + return charEncoding + + # Fallback to html5lib's default if even that hasn't worked + return lookupEncoding("windows-1252"), "tentative" + + def changeEncoding(self, newEncoding): + assert self.charEncoding[1] != "certain" + newEncoding = lookupEncoding(newEncoding) + if newEncoding is None: + return + if newEncoding.name in ("utf-16be", "utf-16le"): + newEncoding = lookupEncoding("utf-8") + assert newEncoding is not None + elif newEncoding == self.charEncoding[0]: + self.charEncoding = (self.charEncoding[0], "certain") + else: + self.rawStream.seek(0) + self.charEncoding = (newEncoding, "certain") + self.reset() + raise _ReparseException("Encoding changed from %s to %s" % (self.charEncoding[0], newEncoding)) + + def detectBOM(self): + """Attempts to detect at BOM at the start of the stream. If + an encoding can be determined from the BOM return the name of the + encoding otherwise return None""" + bomDict = { + codecs.BOM_UTF8: 'utf-8', + codecs.BOM_UTF16_LE: 'utf-16le', codecs.BOM_UTF16_BE: 'utf-16be', + codecs.BOM_UTF32_LE: 'utf-32le', codecs.BOM_UTF32_BE: 'utf-32be' + } + + # Go to beginning of file and read in 4 bytes + string = self.rawStream.read(4) + assert isinstance(string, bytes) + + # Try detecting the BOM using bytes from the string + encoding = bomDict.get(string[:3]) # UTF-8 + seek = 3 + if not encoding: + # Need to detect UTF-32 before UTF-16 + encoding = bomDict.get(string) # UTF-32 + seek = 4 + if not encoding: + encoding = bomDict.get(string[:2]) # UTF-16 + seek = 2 + + # Set the read position past the BOM if one was found, otherwise + # set it to the start of the stream + if encoding: + self.rawStream.seek(seek) + return lookupEncoding(encoding) + else: + self.rawStream.seek(0) + return None + + def detectEncodingMeta(self): + """Report the encoding declared by the meta element + """ + buffer = self.rawStream.read(self.numBytesMeta) + assert isinstance(buffer, bytes) + parser = EncodingParser(buffer) + self.rawStream.seek(0) + encoding = parser.getEncoding() + + if encoding is not None and encoding.name in ("utf-16be", "utf-16le"): + encoding = lookupEncoding("utf-8") + + return encoding + + +class EncodingBytes(bytes): + """String-like object with an associated position and various extra methods + If the position is ever greater than the string length then an exception is + raised""" + def __new__(self, value): + assert isinstance(value, bytes) + return bytes.__new__(self, value.lower()) + + def __init__(self, value): + # pylint:disable=unused-argument + self._position = -1 + + def __iter__(self): + return self + + def __next__(self): + p = self._position = self._position + 1 + if p >= len(self): + raise StopIteration + elif p < 0: + raise TypeError + return self[p:p + 1] + + def next(self): + # Py2 compat + return self.__next__() + + def previous(self): + p = self._position + if p >= len(self): + raise StopIteration + elif p < 0: + raise TypeError + self._position = p = p - 1 + return self[p:p + 1] + + def setPosition(self, position): + if self._position >= len(self): + raise StopIteration + self._position = position + + def getPosition(self): + if self._position >= len(self): + raise StopIteration + if self._position >= 0: + return self._position + else: + return None + + position = property(getPosition, setPosition) + + def getCurrentByte(self): + return self[self.position:self.position + 1] + + currentByte = property(getCurrentByte) + + def skip(self, chars=spaceCharactersBytes): + """Skip past a list of characters""" + p = self.position # use property for the error-checking + while p < len(self): + c = self[p:p + 1] + if c not in chars: + self._position = p + return c + p += 1 + self._position = p + return None + + def skipUntil(self, chars): + p = self.position + while p < len(self): + c = self[p:p + 1] + if c in chars: + self._position = p + return c + p += 1 + self._position = p + return None + + def matchBytes(self, bytes): + """Look for a sequence of bytes at the start of a string. If the bytes + are found return True and advance the position to the byte after the + match. Otherwise return False and leave the position alone""" + rv = self.startswith(bytes, self.position) + if rv: + self.position += len(bytes) + return rv + + def jumpTo(self, bytes): + """Look for the next sequence of bytes matching a given sequence. If + a match is found advance the position to the last byte of the match""" + try: + self._position = self.index(bytes, self.position) + len(bytes) - 1 + except ValueError: + raise StopIteration + return True + + +class EncodingParser(object): + """Mini parser for detecting character encoding from meta elements""" + + def __init__(self, data): + """string - the data to work on for encoding detection""" + self.data = EncodingBytes(data) + self.encoding = None + + def getEncoding(self): + if b"") + + def handleMeta(self): + if self.data.currentByte not in spaceCharactersBytes: + # if we have ") + + def getAttribute(self): + """Return a name,value pair for the next attribute in the stream, + if one is found, or None""" + data = self.data + # Step 1 (skip chars) + c = data.skip(spaceCharactersBytes | frozenset([b"/"])) + assert c is None or len(c) == 1 + # Step 2 + if c in (b">", None): + return None + # Step 3 + attrName = [] + attrValue = [] + # Step 4 attribute name + while True: + if c == b"=" and attrName: + break + elif c in spaceCharactersBytes: + # Step 6! + c = data.skip() + break + elif c in (b"/", b">"): + return b"".join(attrName), b"" + elif c in asciiUppercaseBytes: + attrName.append(c.lower()) + elif c is None: + return None + else: + attrName.append(c) + # Step 5 + c = next(data) + # Step 7 + if c != b"=": + data.previous() + return b"".join(attrName), b"" + # Step 8 + next(data) + # Step 9 + c = data.skip() + # Step 10 + if c in (b"'", b'"'): + # 10.1 + quoteChar = c + while True: + # 10.2 + c = next(data) + # 10.3 + if c == quoteChar: + next(data) + return b"".join(attrName), b"".join(attrValue) + # 10.4 + elif c in asciiUppercaseBytes: + attrValue.append(c.lower()) + # 10.5 + else: + attrValue.append(c) + elif c == b">": + return b"".join(attrName), b"" + elif c in asciiUppercaseBytes: + attrValue.append(c.lower()) + elif c is None: + return None + else: + attrValue.append(c) + # Step 11 + while True: + c = next(data) + if c in spacesAngleBrackets: + return b"".join(attrName), b"".join(attrValue) + elif c in asciiUppercaseBytes: + attrValue.append(c.lower()) + elif c is None: + return None + else: + attrValue.append(c) + + +class ContentAttrParser(object): + def __init__(self, data): + assert isinstance(data, bytes) + self.data = data + + def parse(self): + try: + # Check if the attr name is charset + # otherwise return + self.data.jumpTo(b"charset") + self.data.position += 1 + self.data.skip() + if not self.data.currentByte == b"=": + # If there is no = sign keep looking for attrs + return None + self.data.position += 1 + self.data.skip() + # Look for an encoding between matching quote marks + if self.data.currentByte in (b'"', b"'"): + quoteMark = self.data.currentByte + self.data.position += 1 + oldPosition = self.data.position + if self.data.jumpTo(quoteMark): + return self.data[oldPosition:self.data.position] + else: + return None + else: + # Unquoted value + oldPosition = self.data.position + try: + self.data.skipUntil(spaceCharactersBytes) + return self.data[oldPosition:self.data.position] + except StopIteration: + # Return the whole remaining value + return self.data[oldPosition:] + except StopIteration: + return None + + +def lookupEncoding(encoding): + """Return the python codec name corresponding to an encoding or None if the + string doesn't correspond to a valid encoding.""" + if isinstance(encoding, bytes): + try: + encoding = encoding.decode("ascii") + except UnicodeDecodeError: + return None + + if encoding is not None: + try: + return webencodings.lookup(encoding) + except AttributeError: + return None + else: + return None diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_tokenizer.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_tokenizer.py new file mode 100644 index 000000000..5f00253e2 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_tokenizer.py @@ -0,0 +1,1735 @@ +from __future__ import absolute_import, division, unicode_literals + +from pip._vendor.six import unichr as chr + +from collections import deque, OrderedDict +from sys import version_info + +from .constants import spaceCharacters +from .constants import entities +from .constants import asciiLetters, asciiUpper2Lower +from .constants import digits, hexDigits, EOF +from .constants import tokenTypes, tagTokenTypes +from .constants import replacementCharacters + +from ._inputstream import HTMLInputStream + +from ._trie import Trie + +entitiesTrie = Trie(entities) + +if version_info >= (3, 7): + attributeMap = dict +else: + attributeMap = OrderedDict + + +class HTMLTokenizer(object): + """ This class takes care of tokenizing HTML. + + * self.currentToken + Holds the token that is currently being processed. + + * self.state + Holds a reference to the method to be invoked... XXX + + * self.stream + Points to HTMLInputStream object. + """ + + def __init__(self, stream, parser=None, **kwargs): + + self.stream = HTMLInputStream(stream, **kwargs) + self.parser = parser + + # Setup the initial tokenizer state + self.escapeFlag = False + self.lastFourChars = [] + self.state = self.dataState + self.escape = False + + # The current token being created + self.currentToken = None + super(HTMLTokenizer, self).__init__() + + def __iter__(self): + """ This is where the magic happens. + + We do our usually processing through the states and when we have a token + to return we yield the token which pauses processing until the next token + is requested. + """ + self.tokenQueue = deque([]) + # Start processing. When EOF is reached self.state will return False + # instead of True and the loop will terminate. + while self.state(): + while self.stream.errors: + yield {"type": tokenTypes["ParseError"], "data": self.stream.errors.pop(0)} + while self.tokenQueue: + yield self.tokenQueue.popleft() + + def consumeNumberEntity(self, isHex): + """This function returns either U+FFFD or the character based on the + decimal or hexadecimal representation. It also discards ";" if present. + If not present self.tokenQueue.append({"type": tokenTypes["ParseError"]}) is invoked. + """ + + allowed = digits + radix = 10 + if isHex: + allowed = hexDigits + radix = 16 + + charStack = [] + + # Consume all the characters that are in range while making sure we + # don't hit an EOF. + c = self.stream.char() + while c in allowed and c is not EOF: + charStack.append(c) + c = self.stream.char() + + # Convert the set of characters consumed to an int. + charAsInt = int("".join(charStack), radix) + + # Certain characters get replaced with others + if charAsInt in replacementCharacters: + char = replacementCharacters[charAsInt] + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "illegal-codepoint-for-numeric-entity", + "datavars": {"charAsInt": charAsInt}}) + elif ((0xD800 <= charAsInt <= 0xDFFF) or + (charAsInt > 0x10FFFF)): + char = "\uFFFD" + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "illegal-codepoint-for-numeric-entity", + "datavars": {"charAsInt": charAsInt}}) + else: + # Should speed up this check somehow (e.g. move the set to a constant) + if ((0x0001 <= charAsInt <= 0x0008) or + (0x000E <= charAsInt <= 0x001F) or + (0x007F <= charAsInt <= 0x009F) or + (0xFDD0 <= charAsInt <= 0xFDEF) or + charAsInt in frozenset([0x000B, 0xFFFE, 0xFFFF, 0x1FFFE, + 0x1FFFF, 0x2FFFE, 0x2FFFF, 0x3FFFE, + 0x3FFFF, 0x4FFFE, 0x4FFFF, 0x5FFFE, + 0x5FFFF, 0x6FFFE, 0x6FFFF, 0x7FFFE, + 0x7FFFF, 0x8FFFE, 0x8FFFF, 0x9FFFE, + 0x9FFFF, 0xAFFFE, 0xAFFFF, 0xBFFFE, + 0xBFFFF, 0xCFFFE, 0xCFFFF, 0xDFFFE, + 0xDFFFF, 0xEFFFE, 0xEFFFF, 0xFFFFE, + 0xFFFFF, 0x10FFFE, 0x10FFFF])): + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": + "illegal-codepoint-for-numeric-entity", + "datavars": {"charAsInt": charAsInt}}) + try: + # Try/except needed as UCS-2 Python builds' unichar only works + # within the BMP. + char = chr(charAsInt) + except ValueError: + v = charAsInt - 0x10000 + char = chr(0xD800 | (v >> 10)) + chr(0xDC00 | (v & 0x3FF)) + + # Discard the ; if present. Otherwise, put it back on the queue and + # invoke parseError on parser. + if c != ";": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "numeric-entity-without-semicolon"}) + self.stream.unget(c) + + return char + + def consumeEntity(self, allowedChar=None, fromAttribute=False): + # Initialise to the default output for when no entity is matched + output = "&" + + charStack = [self.stream.char()] + if (charStack[0] in spaceCharacters or charStack[0] in (EOF, "<", "&") or + (allowedChar is not None and allowedChar == charStack[0])): + self.stream.unget(charStack[0]) + + elif charStack[0] == "#": + # Read the next character to see if it's hex or decimal + hex = False + charStack.append(self.stream.char()) + if charStack[-1] in ("x", "X"): + hex = True + charStack.append(self.stream.char()) + + # charStack[-1] should be the first digit + if (hex and charStack[-1] in hexDigits) \ + or (not hex and charStack[-1] in digits): + # At least one digit found, so consume the whole number + self.stream.unget(charStack[-1]) + output = self.consumeNumberEntity(hex) + else: + # No digits found + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "expected-numeric-entity"}) + self.stream.unget(charStack.pop()) + output = "&" + "".join(charStack) + + else: + # At this point in the process might have named entity. Entities + # are stored in the global variable "entities". + # + # Consume characters and compare to these to a substring of the + # entity names in the list until the substring no longer matches. + while (charStack[-1] is not EOF): + if not entitiesTrie.has_keys_with_prefix("".join(charStack)): + break + charStack.append(self.stream.char()) + + # At this point we have a string that starts with some characters + # that may match an entity + # Try to find the longest entity the string will match to take care + # of ¬i for instance. + try: + entityName = entitiesTrie.longest_prefix("".join(charStack[:-1])) + entityLength = len(entityName) + except KeyError: + entityName = None + + if entityName is not None: + if entityName[-1] != ";": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "named-entity-without-semicolon"}) + if (entityName[-1] != ";" and fromAttribute and + (charStack[entityLength] in asciiLetters or + charStack[entityLength] in digits or + charStack[entityLength] == "=")): + self.stream.unget(charStack.pop()) + output = "&" + "".join(charStack) + else: + output = entities[entityName] + self.stream.unget(charStack.pop()) + output += "".join(charStack[entityLength:]) + else: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-named-entity"}) + self.stream.unget(charStack.pop()) + output = "&" + "".join(charStack) + + if fromAttribute: + self.currentToken["data"][-1][1] += output + else: + if output in spaceCharacters: + tokenType = "SpaceCharacters" + else: + tokenType = "Characters" + self.tokenQueue.append({"type": tokenTypes[tokenType], "data": output}) + + def processEntityInAttribute(self, allowedChar): + """This method replaces the need for "entityInAttributeValueState". + """ + self.consumeEntity(allowedChar=allowedChar, fromAttribute=True) + + def emitCurrentToken(self): + """This method is a generic handler for emitting the tags. It also sets + the state to "data" because that's what's needed after a token has been + emitted. + """ + token = self.currentToken + # Add token to the queue to be yielded + if (token["type"] in tagTokenTypes): + token["name"] = token["name"].translate(asciiUpper2Lower) + if token["type"] == tokenTypes["StartTag"]: + raw = token["data"] + data = attributeMap(raw) + if len(raw) > len(data): + # we had some duplicated attribute, fix so first wins + data.update(raw[::-1]) + token["data"] = data + + if token["type"] == tokenTypes["EndTag"]: + if token["data"]: + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "attributes-in-end-tag"}) + if token["selfClosing"]: + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "self-closing-flag-on-end-tag"}) + self.tokenQueue.append(token) + self.state = self.dataState + + # Below are the various tokenizer states worked out. + def dataState(self): + data = self.stream.char() + if data == "&": + self.state = self.entityDataState + elif data == "<": + self.state = self.tagOpenState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": "\u0000"}) + elif data is EOF: + # Tokenization ends. + return False + elif data in spaceCharacters: + # Directly after emitting a token you switch back to the "data + # state". At that point spaceCharacters are important so they are + # emitted separately. + self.tokenQueue.append({"type": tokenTypes["SpaceCharacters"], "data": + data + self.stream.charsUntil(spaceCharacters, True)}) + # No need to update lastFourChars here, since the first space will + # have already been appended to lastFourChars and will have broken + # any sequences + else: + chars = self.stream.charsUntil(("&", "<", "\u0000")) + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": + data + chars}) + return True + + def entityDataState(self): + self.consumeEntity() + self.state = self.dataState + return True + + def rcdataState(self): + data = self.stream.char() + if data == "&": + self.state = self.characterReferenceInRcdata + elif data == "<": + self.state = self.rcdataLessThanSignState + elif data == EOF: + # Tokenization ends. + return False + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": "\uFFFD"}) + elif data in spaceCharacters: + # Directly after emitting a token you switch back to the "data + # state". At that point spaceCharacters are important so they are + # emitted separately. + self.tokenQueue.append({"type": tokenTypes["SpaceCharacters"], "data": + data + self.stream.charsUntil(spaceCharacters, True)}) + # No need to update lastFourChars here, since the first space will + # have already been appended to lastFourChars and will have broken + # any sequences + else: + chars = self.stream.charsUntil(("&", "<", "\u0000")) + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": + data + chars}) + return True + + def characterReferenceInRcdata(self): + self.consumeEntity() + self.state = self.rcdataState + return True + + def rawtextState(self): + data = self.stream.char() + if data == "<": + self.state = self.rawtextLessThanSignState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": "\uFFFD"}) + elif data == EOF: + # Tokenization ends. + return False + else: + chars = self.stream.charsUntil(("<", "\u0000")) + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": + data + chars}) + return True + + def scriptDataState(self): + data = self.stream.char() + if data == "<": + self.state = self.scriptDataLessThanSignState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": "\uFFFD"}) + elif data == EOF: + # Tokenization ends. + return False + else: + chars = self.stream.charsUntil(("<", "\u0000")) + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": + data + chars}) + return True + + def plaintextState(self): + data = self.stream.char() + if data == EOF: + # Tokenization ends. + return False + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": "\uFFFD"}) + else: + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": + data + self.stream.charsUntil("\u0000")}) + return True + + def tagOpenState(self): + data = self.stream.char() + if data == "!": + self.state = self.markupDeclarationOpenState + elif data == "/": + self.state = self.closeTagOpenState + elif data in asciiLetters: + self.currentToken = {"type": tokenTypes["StartTag"], + "name": data, "data": [], + "selfClosing": False, + "selfClosingAcknowledged": False} + self.state = self.tagNameState + elif data == ">": + # XXX In theory it could be something besides a tag name. But + # do we really care? + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-tag-name-but-got-right-bracket"}) + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "<>"}) + self.state = self.dataState + elif data == "?": + # XXX In theory it could be something besides a tag name. But + # do we really care? + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-tag-name-but-got-question-mark"}) + self.stream.unget(data) + self.state = self.bogusCommentState + else: + # XXX + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-tag-name"}) + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "<"}) + self.stream.unget(data) + self.state = self.dataState + return True + + def closeTagOpenState(self): + data = self.stream.char() + if data in asciiLetters: + self.currentToken = {"type": tokenTypes["EndTag"], "name": data, + "data": [], "selfClosing": False} + self.state = self.tagNameState + elif data == ">": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-closing-tag-but-got-right-bracket"}) + self.state = self.dataState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-closing-tag-but-got-eof"}) + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "": + self.emitCurrentToken() + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-tag-name"}) + self.state = self.dataState + elif data == "/": + self.state = self.selfClosingStartTagState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["name"] += "\uFFFD" + else: + self.currentToken["name"] += data + # (Don't use charsUntil here, because tag names are + # very short and it's faster to not do anything fancy) + return True + + def rcdataLessThanSignState(self): + data = self.stream.char() + if data == "/": + self.temporaryBuffer = "" + self.state = self.rcdataEndTagOpenState + else: + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "<"}) + self.stream.unget(data) + self.state = self.rcdataState + return True + + def rcdataEndTagOpenState(self): + data = self.stream.char() + if data in asciiLetters: + self.temporaryBuffer += data + self.state = self.rcdataEndTagNameState + else: + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "" and appropriate: + self.currentToken = {"type": tokenTypes["EndTag"], + "name": self.temporaryBuffer, + "data": [], "selfClosing": False} + self.emitCurrentToken() + self.state = self.dataState + elif data in asciiLetters: + self.temporaryBuffer += data + else: + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": "" and appropriate: + self.currentToken = {"type": tokenTypes["EndTag"], + "name": self.temporaryBuffer, + "data": [], "selfClosing": False} + self.emitCurrentToken() + self.state = self.dataState + elif data in asciiLetters: + self.temporaryBuffer += data + else: + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": "" and appropriate: + self.currentToken = {"type": tokenTypes["EndTag"], + "name": self.temporaryBuffer, + "data": [], "selfClosing": False} + self.emitCurrentToken() + self.state = self.dataState + elif data in asciiLetters: + self.temporaryBuffer += data + else: + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": "": + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": ">"}) + self.state = self.scriptDataState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": "\uFFFD"}) + self.state = self.scriptDataEscapedState + elif data == EOF: + self.state = self.dataState + else: + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": data}) + self.state = self.scriptDataEscapedState + return True + + def scriptDataEscapedLessThanSignState(self): + data = self.stream.char() + if data == "/": + self.temporaryBuffer = "" + self.state = self.scriptDataEscapedEndTagOpenState + elif data in asciiLetters: + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "<" + data}) + self.temporaryBuffer = data + self.state = self.scriptDataDoubleEscapeStartState + else: + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "<"}) + self.stream.unget(data) + self.state = self.scriptDataEscapedState + return True + + def scriptDataEscapedEndTagOpenState(self): + data = self.stream.char() + if data in asciiLetters: + self.temporaryBuffer = data + self.state = self.scriptDataEscapedEndTagNameState + else: + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "" and appropriate: + self.currentToken = {"type": tokenTypes["EndTag"], + "name": self.temporaryBuffer, + "data": [], "selfClosing": False} + self.emitCurrentToken() + self.state = self.dataState + elif data in asciiLetters: + self.temporaryBuffer += data + else: + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": ""))): + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": data}) + if self.temporaryBuffer.lower() == "script": + self.state = self.scriptDataDoubleEscapedState + else: + self.state = self.scriptDataEscapedState + elif data in asciiLetters: + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": data}) + self.temporaryBuffer += data + else: + self.stream.unget(data) + self.state = self.scriptDataEscapedState + return True + + def scriptDataDoubleEscapedState(self): + data = self.stream.char() + if data == "-": + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "-"}) + self.state = self.scriptDataDoubleEscapedDashState + elif data == "<": + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "<"}) + self.state = self.scriptDataDoubleEscapedLessThanSignState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": "\uFFFD"}) + elif data == EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-script-in-script"}) + self.state = self.dataState + else: + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": data}) + return True + + def scriptDataDoubleEscapedDashState(self): + data = self.stream.char() + if data == "-": + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "-"}) + self.state = self.scriptDataDoubleEscapedDashDashState + elif data == "<": + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "<"}) + self.state = self.scriptDataDoubleEscapedLessThanSignState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": "\uFFFD"}) + self.state = self.scriptDataDoubleEscapedState + elif data == EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-script-in-script"}) + self.state = self.dataState + else: + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": data}) + self.state = self.scriptDataDoubleEscapedState + return True + + def scriptDataDoubleEscapedDashDashState(self): + data = self.stream.char() + if data == "-": + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "-"}) + elif data == "<": + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "<"}) + self.state = self.scriptDataDoubleEscapedLessThanSignState + elif data == ">": + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": ">"}) + self.state = self.scriptDataState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": "\uFFFD"}) + self.state = self.scriptDataDoubleEscapedState + elif data == EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-script-in-script"}) + self.state = self.dataState + else: + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": data}) + self.state = self.scriptDataDoubleEscapedState + return True + + def scriptDataDoubleEscapedLessThanSignState(self): + data = self.stream.char() + if data == "/": + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": "/"}) + self.temporaryBuffer = "" + self.state = self.scriptDataDoubleEscapeEndState + else: + self.stream.unget(data) + self.state = self.scriptDataDoubleEscapedState + return True + + def scriptDataDoubleEscapeEndState(self): + data = self.stream.char() + if data in (spaceCharacters | frozenset(("/", ">"))): + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": data}) + if self.temporaryBuffer.lower() == "script": + self.state = self.scriptDataEscapedState + else: + self.state = self.scriptDataDoubleEscapedState + elif data in asciiLetters: + self.tokenQueue.append({"type": tokenTypes["Characters"], "data": data}) + self.temporaryBuffer += data + else: + self.stream.unget(data) + self.state = self.scriptDataDoubleEscapedState + return True + + def beforeAttributeNameState(self): + data = self.stream.char() + if data in spaceCharacters: + self.stream.charsUntil(spaceCharacters, True) + elif data in asciiLetters: + self.currentToken["data"].append([data, ""]) + self.state = self.attributeNameState + elif data == ">": + self.emitCurrentToken() + elif data == "/": + self.state = self.selfClosingStartTagState + elif data in ("'", '"', "=", "<"): + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "invalid-character-in-attribute-name"}) + self.currentToken["data"].append([data, ""]) + self.state = self.attributeNameState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["data"].append(["\uFFFD", ""]) + self.state = self.attributeNameState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-attribute-name-but-got-eof"}) + self.state = self.dataState + else: + self.currentToken["data"].append([data, ""]) + self.state = self.attributeNameState + return True + + def attributeNameState(self): + data = self.stream.char() + leavingThisState = True + emitToken = False + if data == "=": + self.state = self.beforeAttributeValueState + elif data in asciiLetters: + self.currentToken["data"][-1][0] += data +\ + self.stream.charsUntil(asciiLetters, True) + leavingThisState = False + elif data == ">": + # XXX If we emit here the attributes are converted to a dict + # without being checked and when the code below runs we error + # because data is a dict not a list + emitToken = True + elif data in spaceCharacters: + self.state = self.afterAttributeNameState + elif data == "/": + self.state = self.selfClosingStartTagState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["data"][-1][0] += "\uFFFD" + leavingThisState = False + elif data in ("'", '"', "<"): + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": + "invalid-character-in-attribute-name"}) + self.currentToken["data"][-1][0] += data + leavingThisState = False + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "eof-in-attribute-name"}) + self.state = self.dataState + else: + self.currentToken["data"][-1][0] += data + leavingThisState = False + + if leavingThisState: + # Attributes are not dropped at this stage. That happens when the + # start tag token is emitted so values can still be safely appended + # to attributes, but we do want to report the parse error in time. + self.currentToken["data"][-1][0] = ( + self.currentToken["data"][-1][0].translate(asciiUpper2Lower)) + for name, _ in self.currentToken["data"][:-1]: + if self.currentToken["data"][-1][0] == name: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "duplicate-attribute"}) + break + # XXX Fix for above XXX + if emitToken: + self.emitCurrentToken() + return True + + def afterAttributeNameState(self): + data = self.stream.char() + if data in spaceCharacters: + self.stream.charsUntil(spaceCharacters, True) + elif data == "=": + self.state = self.beforeAttributeValueState + elif data == ">": + self.emitCurrentToken() + elif data in asciiLetters: + self.currentToken["data"].append([data, ""]) + self.state = self.attributeNameState + elif data == "/": + self.state = self.selfClosingStartTagState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["data"].append(["\uFFFD", ""]) + self.state = self.attributeNameState + elif data in ("'", '"', "<"): + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "invalid-character-after-attribute-name"}) + self.currentToken["data"].append([data, ""]) + self.state = self.attributeNameState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-end-of-tag-but-got-eof"}) + self.state = self.dataState + else: + self.currentToken["data"].append([data, ""]) + self.state = self.attributeNameState + return True + + def beforeAttributeValueState(self): + data = self.stream.char() + if data in spaceCharacters: + self.stream.charsUntil(spaceCharacters, True) + elif data == "\"": + self.state = self.attributeValueDoubleQuotedState + elif data == "&": + self.state = self.attributeValueUnQuotedState + self.stream.unget(data) + elif data == "'": + self.state = self.attributeValueSingleQuotedState + elif data == ">": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-attribute-value-but-got-right-bracket"}) + self.emitCurrentToken() + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["data"][-1][1] += "\uFFFD" + self.state = self.attributeValueUnQuotedState + elif data in ("=", "<", "`"): + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "equals-in-unquoted-attribute-value"}) + self.currentToken["data"][-1][1] += data + self.state = self.attributeValueUnQuotedState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-attribute-value-but-got-eof"}) + self.state = self.dataState + else: + self.currentToken["data"][-1][1] += data + self.state = self.attributeValueUnQuotedState + return True + + def attributeValueDoubleQuotedState(self): + data = self.stream.char() + if data == "\"": + self.state = self.afterAttributeValueState + elif data == "&": + self.processEntityInAttribute('"') + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["data"][-1][1] += "\uFFFD" + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-attribute-value-double-quote"}) + self.state = self.dataState + else: + self.currentToken["data"][-1][1] += data +\ + self.stream.charsUntil(("\"", "&", "\u0000")) + return True + + def attributeValueSingleQuotedState(self): + data = self.stream.char() + if data == "'": + self.state = self.afterAttributeValueState + elif data == "&": + self.processEntityInAttribute("'") + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["data"][-1][1] += "\uFFFD" + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-attribute-value-single-quote"}) + self.state = self.dataState + else: + self.currentToken["data"][-1][1] += data +\ + self.stream.charsUntil(("'", "&", "\u0000")) + return True + + def attributeValueUnQuotedState(self): + data = self.stream.char() + if data in spaceCharacters: + self.state = self.beforeAttributeNameState + elif data == "&": + self.processEntityInAttribute(">") + elif data == ">": + self.emitCurrentToken() + elif data in ('"', "'", "=", "<", "`"): + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-character-in-unquoted-attribute-value"}) + self.currentToken["data"][-1][1] += data + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["data"][-1][1] += "\uFFFD" + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-attribute-value-no-quotes"}) + self.state = self.dataState + else: + self.currentToken["data"][-1][1] += data + self.stream.charsUntil( + frozenset(("&", ">", '"', "'", "=", "<", "`", "\u0000")) | spaceCharacters) + return True + + def afterAttributeValueState(self): + data = self.stream.char() + if data in spaceCharacters: + self.state = self.beforeAttributeNameState + elif data == ">": + self.emitCurrentToken() + elif data == "/": + self.state = self.selfClosingStartTagState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-EOF-after-attribute-value"}) + self.stream.unget(data) + self.state = self.dataState + else: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-character-after-attribute-value"}) + self.stream.unget(data) + self.state = self.beforeAttributeNameState + return True + + def selfClosingStartTagState(self): + data = self.stream.char() + if data == ">": + self.currentToken["selfClosing"] = True + self.emitCurrentToken() + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": + "unexpected-EOF-after-solidus-in-tag"}) + self.stream.unget(data) + self.state = self.dataState + else: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-character-after-solidus-in-tag"}) + self.stream.unget(data) + self.state = self.beforeAttributeNameState + return True + + def bogusCommentState(self): + # Make a new comment token and give it as value all the characters + # until the first > or EOF (charsUntil checks for EOF automatically) + # and emit it. + data = self.stream.charsUntil(">") + data = data.replace("\u0000", "\uFFFD") + self.tokenQueue.append( + {"type": tokenTypes["Comment"], "data": data}) + + # Eat the character directly after the bogus comment which is either a + # ">" or an EOF. + self.stream.char() + self.state = self.dataState + return True + + def markupDeclarationOpenState(self): + charStack = [self.stream.char()] + if charStack[-1] == "-": + charStack.append(self.stream.char()) + if charStack[-1] == "-": + self.currentToken = {"type": tokenTypes["Comment"], "data": ""} + self.state = self.commentStartState + return True + elif charStack[-1] in ('d', 'D'): + matched = True + for expected in (('o', 'O'), ('c', 'C'), ('t', 'T'), + ('y', 'Y'), ('p', 'P'), ('e', 'E')): + charStack.append(self.stream.char()) + if charStack[-1] not in expected: + matched = False + break + if matched: + self.currentToken = {"type": tokenTypes["Doctype"], + "name": "", + "publicId": None, "systemId": None, + "correct": True} + self.state = self.doctypeState + return True + elif (charStack[-1] == "[" and + self.parser is not None and + self.parser.tree.openElements and + self.parser.tree.openElements[-1].namespace != self.parser.tree.defaultNamespace): + matched = True + for expected in ["C", "D", "A", "T", "A", "["]: + charStack.append(self.stream.char()) + if charStack[-1] != expected: + matched = False + break + if matched: + self.state = self.cdataSectionState + return True + + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-dashes-or-doctype"}) + + while charStack: + self.stream.unget(charStack.pop()) + self.state = self.bogusCommentState + return True + + def commentStartState(self): + data = self.stream.char() + if data == "-": + self.state = self.commentStartDashState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["data"] += "\uFFFD" + elif data == ">": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "incorrect-comment"}) + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-comment"}) + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.currentToken["data"] += data + self.state = self.commentState + return True + + def commentStartDashState(self): + data = self.stream.char() + if data == "-": + self.state = self.commentEndState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["data"] += "-\uFFFD" + elif data == ">": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "incorrect-comment"}) + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-comment"}) + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.currentToken["data"] += "-" + data + self.state = self.commentState + return True + + def commentState(self): + data = self.stream.char() + if data == "-": + self.state = self.commentEndDashState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["data"] += "\uFFFD" + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "eof-in-comment"}) + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.currentToken["data"] += data + \ + self.stream.charsUntil(("-", "\u0000")) + return True + + def commentEndDashState(self): + data = self.stream.char() + if data == "-": + self.state = self.commentEndState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["data"] += "-\uFFFD" + self.state = self.commentState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-comment-end-dash"}) + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.currentToken["data"] += "-" + data + self.state = self.commentState + return True + + def commentEndState(self): + data = self.stream.char() + if data == ">": + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["data"] += "--\uFFFD" + self.state = self.commentState + elif data == "!": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-bang-after-double-dash-in-comment"}) + self.state = self.commentEndBangState + elif data == "-": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-dash-after-double-dash-in-comment"}) + self.currentToken["data"] += data + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-comment-double-dash"}) + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + # XXX + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-char-in-comment"}) + self.currentToken["data"] += "--" + data + self.state = self.commentState + return True + + def commentEndBangState(self): + data = self.stream.char() + if data == ">": + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data == "-": + self.currentToken["data"] += "--!" + self.state = self.commentEndDashState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["data"] += "--!\uFFFD" + self.state = self.commentState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-comment-end-bang-state"}) + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.currentToken["data"] += "--!" + data + self.state = self.commentState + return True + + def doctypeState(self): + data = self.stream.char() + if data in spaceCharacters: + self.state = self.beforeDoctypeNameState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-doctype-name-but-got-eof"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "need-space-after-doctype"}) + self.stream.unget(data) + self.state = self.beforeDoctypeNameState + return True + + def beforeDoctypeNameState(self): + data = self.stream.char() + if data in spaceCharacters: + pass + elif data == ">": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-doctype-name-but-got-right-bracket"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["name"] = "\uFFFD" + self.state = self.doctypeNameState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-doctype-name-but-got-eof"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.currentToken["name"] = data + self.state = self.doctypeNameState + return True + + def doctypeNameState(self): + data = self.stream.char() + if data in spaceCharacters: + self.currentToken["name"] = self.currentToken["name"].translate(asciiUpper2Lower) + self.state = self.afterDoctypeNameState + elif data == ">": + self.currentToken["name"] = self.currentToken["name"].translate(asciiUpper2Lower) + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["name"] += "\uFFFD" + self.state = self.doctypeNameState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-doctype-name"}) + self.currentToken["correct"] = False + self.currentToken["name"] = self.currentToken["name"].translate(asciiUpper2Lower) + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.currentToken["name"] += data + return True + + def afterDoctypeNameState(self): + data = self.stream.char() + if data in spaceCharacters: + pass + elif data == ">": + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data is EOF: + self.currentToken["correct"] = False + self.stream.unget(data) + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-doctype"}) + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + if data in ("p", "P"): + matched = True + for expected in (("u", "U"), ("b", "B"), ("l", "L"), + ("i", "I"), ("c", "C")): + data = self.stream.char() + if data not in expected: + matched = False + break + if matched: + self.state = self.afterDoctypePublicKeywordState + return True + elif data in ("s", "S"): + matched = True + for expected in (("y", "Y"), ("s", "S"), ("t", "T"), + ("e", "E"), ("m", "M")): + data = self.stream.char() + if data not in expected: + matched = False + break + if matched: + self.state = self.afterDoctypeSystemKeywordState + return True + + # All the characters read before the current 'data' will be + # [a-zA-Z], so they're garbage in the bogus doctype and can be + # discarded; only the latest character might be '>' or EOF + # and needs to be ungetted + self.stream.unget(data) + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "expected-space-or-right-bracket-in-doctype", "datavars": + {"data": data}}) + self.currentToken["correct"] = False + self.state = self.bogusDoctypeState + + return True + + def afterDoctypePublicKeywordState(self): + data = self.stream.char() + if data in spaceCharacters: + self.state = self.beforeDoctypePublicIdentifierState + elif data in ("'", '"'): + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-char-in-doctype"}) + self.stream.unget(data) + self.state = self.beforeDoctypePublicIdentifierState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.stream.unget(data) + self.state = self.beforeDoctypePublicIdentifierState + return True + + def beforeDoctypePublicIdentifierState(self): + data = self.stream.char() + if data in spaceCharacters: + pass + elif data == "\"": + self.currentToken["publicId"] = "" + self.state = self.doctypePublicIdentifierDoubleQuotedState + elif data == "'": + self.currentToken["publicId"] = "" + self.state = self.doctypePublicIdentifierSingleQuotedState + elif data == ">": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-end-of-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-char-in-doctype"}) + self.currentToken["correct"] = False + self.state = self.bogusDoctypeState + return True + + def doctypePublicIdentifierDoubleQuotedState(self): + data = self.stream.char() + if data == "\"": + self.state = self.afterDoctypePublicIdentifierState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["publicId"] += "\uFFFD" + elif data == ">": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-end-of-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.currentToken["publicId"] += data + return True + + def doctypePublicIdentifierSingleQuotedState(self): + data = self.stream.char() + if data == "'": + self.state = self.afterDoctypePublicIdentifierState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["publicId"] += "\uFFFD" + elif data == ">": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-end-of-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.currentToken["publicId"] += data + return True + + def afterDoctypePublicIdentifierState(self): + data = self.stream.char() + if data in spaceCharacters: + self.state = self.betweenDoctypePublicAndSystemIdentifiersState + elif data == ">": + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data == '"': + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-char-in-doctype"}) + self.currentToken["systemId"] = "" + self.state = self.doctypeSystemIdentifierDoubleQuotedState + elif data == "'": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-char-in-doctype"}) + self.currentToken["systemId"] = "" + self.state = self.doctypeSystemIdentifierSingleQuotedState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-char-in-doctype"}) + self.currentToken["correct"] = False + self.state = self.bogusDoctypeState + return True + + def betweenDoctypePublicAndSystemIdentifiersState(self): + data = self.stream.char() + if data in spaceCharacters: + pass + elif data == ">": + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data == '"': + self.currentToken["systemId"] = "" + self.state = self.doctypeSystemIdentifierDoubleQuotedState + elif data == "'": + self.currentToken["systemId"] = "" + self.state = self.doctypeSystemIdentifierSingleQuotedState + elif data == EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-char-in-doctype"}) + self.currentToken["correct"] = False + self.state = self.bogusDoctypeState + return True + + def afterDoctypeSystemKeywordState(self): + data = self.stream.char() + if data in spaceCharacters: + self.state = self.beforeDoctypeSystemIdentifierState + elif data in ("'", '"'): + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-char-in-doctype"}) + self.stream.unget(data) + self.state = self.beforeDoctypeSystemIdentifierState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.stream.unget(data) + self.state = self.beforeDoctypeSystemIdentifierState + return True + + def beforeDoctypeSystemIdentifierState(self): + data = self.stream.char() + if data in spaceCharacters: + pass + elif data == "\"": + self.currentToken["systemId"] = "" + self.state = self.doctypeSystemIdentifierDoubleQuotedState + elif data == "'": + self.currentToken["systemId"] = "" + self.state = self.doctypeSystemIdentifierSingleQuotedState + elif data == ">": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-char-in-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-char-in-doctype"}) + self.currentToken["correct"] = False + self.state = self.bogusDoctypeState + return True + + def doctypeSystemIdentifierDoubleQuotedState(self): + data = self.stream.char() + if data == "\"": + self.state = self.afterDoctypeSystemIdentifierState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["systemId"] += "\uFFFD" + elif data == ">": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-end-of-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.currentToken["systemId"] += data + return True + + def doctypeSystemIdentifierSingleQuotedState(self): + data = self.stream.char() + if data == "'": + self.state = self.afterDoctypeSystemIdentifierState + elif data == "\u0000": + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + self.currentToken["systemId"] += "\uFFFD" + elif data == ">": + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-end-of-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.currentToken["systemId"] += data + return True + + def afterDoctypeSystemIdentifierState(self): + data = self.stream.char() + if data in spaceCharacters: + pass + elif data == ">": + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data is EOF: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "eof-in-doctype"}) + self.currentToken["correct"] = False + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + self.tokenQueue.append({"type": tokenTypes["ParseError"], "data": + "unexpected-char-in-doctype"}) + self.state = self.bogusDoctypeState + return True + + def bogusDoctypeState(self): + data = self.stream.char() + if data == ">": + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + elif data is EOF: + # XXX EMIT + self.stream.unget(data) + self.tokenQueue.append(self.currentToken) + self.state = self.dataState + else: + pass + return True + + def cdataSectionState(self): + data = [] + while True: + data.append(self.stream.charsUntil("]")) + data.append(self.stream.charsUntil(">")) + char = self.stream.char() + if char == EOF: + break + else: + assert char == ">" + if data[-1][-2:] == "]]": + data[-1] = data[-1][:-2] + break + else: + data.append(char) + + data = "".join(data) # pylint:disable=redefined-variable-type + # Deal with null here rather than in the parser + nullCount = data.count("\u0000") + if nullCount > 0: + for _ in range(nullCount): + self.tokenQueue.append({"type": tokenTypes["ParseError"], + "data": "invalid-codepoint"}) + data = data.replace("\u0000", "\uFFFD") + if data: + self.tokenQueue.append({"type": tokenTypes["Characters"], + "data": data}) + self.state = self.dataState + return True diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/__init__.py new file mode 100644 index 000000000..07bad5d31 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/__init__.py @@ -0,0 +1,5 @@ +from __future__ import absolute_import, division, unicode_literals + +from .py import Trie + +__all__ = ["Trie"] diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/_base.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/_base.py new file mode 100644 index 000000000..6b71975f0 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/_base.py @@ -0,0 +1,40 @@ +from __future__ import absolute_import, division, unicode_literals + +try: + from collections.abc import Mapping +except ImportError: # Python 2.7 + from collections import Mapping + + +class Trie(Mapping): + """Abstract base class for tries""" + + def keys(self, prefix=None): + # pylint:disable=arguments-differ + keys = super(Trie, self).keys() + + if prefix is None: + return set(keys) + + return {x for x in keys if x.startswith(prefix)} + + def has_keys_with_prefix(self, prefix): + for key in self.keys(): + if key.startswith(prefix): + return True + + return False + + def longest_prefix(self, prefix): + if prefix in self: + return prefix + + for i in range(1, len(prefix) + 1): + if prefix[:-i] in self: + return prefix[:-i] + + raise KeyError(prefix) + + def longest_prefix_item(self, prefix): + lprefix = self.longest_prefix(prefix) + return (lprefix, self[lprefix]) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/py.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/py.py new file mode 100644 index 000000000..c178b219d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_trie/py.py @@ -0,0 +1,67 @@ +from __future__ import absolute_import, division, unicode_literals +from pip._vendor.six import text_type + +from bisect import bisect_left + +from ._base import Trie as ABCTrie + + +class Trie(ABCTrie): + def __init__(self, data): + if not all(isinstance(x, text_type) for x in data.keys()): + raise TypeError("All keys must be strings") + + self._data = data + self._keys = sorted(data.keys()) + self._cachestr = "" + self._cachepoints = (0, len(data)) + + def __contains__(self, key): + return key in self._data + + def __len__(self): + return len(self._data) + + def __iter__(self): + return iter(self._data) + + def __getitem__(self, key): + return self._data[key] + + def keys(self, prefix=None): + if prefix is None or prefix == "" or not self._keys: + return set(self._keys) + + if prefix.startswith(self._cachestr): + lo, hi = self._cachepoints + start = i = bisect_left(self._keys, prefix, lo, hi) + else: + start = i = bisect_left(self._keys, prefix) + + keys = set() + if start == len(self._keys): + return keys + + while self._keys[i].startswith(prefix): + keys.add(self._keys[i]) + i += 1 + + self._cachestr = prefix + self._cachepoints = (start, i) + + return keys + + def has_keys_with_prefix(self, prefix): + if prefix in self._data: + return True + + if prefix.startswith(self._cachestr): + lo, hi = self._cachepoints + i = bisect_left(self._keys, prefix, lo, hi) + else: + i = bisect_left(self._keys, prefix) + + if i == len(self._keys): + return False + + return self._keys[i].startswith(prefix) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_utils.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_utils.py new file mode 100644 index 000000000..d7c4926af --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/_utils.py @@ -0,0 +1,159 @@ +from __future__ import absolute_import, division, unicode_literals + +from types import ModuleType + +try: + from collections.abc import Mapping +except ImportError: + from collections import Mapping + +from pip._vendor.six import text_type, PY3 + +if PY3: + import xml.etree.ElementTree as default_etree +else: + try: + import xml.etree.cElementTree as default_etree + except ImportError: + import xml.etree.ElementTree as default_etree + + +__all__ = ["default_etree", "MethodDispatcher", "isSurrogatePair", + "surrogatePairToCodepoint", "moduleFactoryFactory", + "supports_lone_surrogates"] + + +# Platforms not supporting lone surrogates (\uD800-\uDFFF) should be +# caught by the below test. In general this would be any platform +# using UTF-16 as its encoding of unicode strings, such as +# Jython. This is because UTF-16 itself is based on the use of such +# surrogates, and there is no mechanism to further escape such +# escapes. +try: + _x = eval('"\\uD800"') # pylint:disable=eval-used + if not isinstance(_x, text_type): + # We need this with u"" because of http://bugs.jython.org/issue2039 + _x = eval('u"\\uD800"') # pylint:disable=eval-used + assert isinstance(_x, text_type) +except Exception: + supports_lone_surrogates = False +else: + supports_lone_surrogates = True + + +class MethodDispatcher(dict): + """Dict with 2 special properties: + + On initiation, keys that are lists, sets or tuples are converted to + multiple keys so accessing any one of the items in the original + list-like object returns the matching value + + md = MethodDispatcher({("foo", "bar"):"baz"}) + md["foo"] == "baz" + + A default value which can be set through the default attribute. + """ + + def __init__(self, items=()): + _dictEntries = [] + for name, value in items: + if isinstance(name, (list, tuple, frozenset, set)): + for item in name: + _dictEntries.append((item, value)) + else: + _dictEntries.append((name, value)) + dict.__init__(self, _dictEntries) + assert len(self) == len(_dictEntries) + self.default = None + + def __getitem__(self, key): + return dict.get(self, key, self.default) + + def __get__(self, instance, owner=None): + return BoundMethodDispatcher(instance, self) + + +class BoundMethodDispatcher(Mapping): + """Wraps a MethodDispatcher, binding its return values to `instance`""" + def __init__(self, instance, dispatcher): + self.instance = instance + self.dispatcher = dispatcher + + def __getitem__(self, key): + # see https://docs.python.org/3/reference/datamodel.html#object.__get__ + # on a function, __get__ is used to bind a function to an instance as a bound method + return self.dispatcher[key].__get__(self.instance) + + def get(self, key, default): + if key in self.dispatcher: + return self[key] + else: + return default + + def __iter__(self): + return iter(self.dispatcher) + + def __len__(self): + return len(self.dispatcher) + + def __contains__(self, key): + return key in self.dispatcher + + +# Some utility functions to deal with weirdness around UCS2 vs UCS4 +# python builds + +def isSurrogatePair(data): + return (len(data) == 2 and + ord(data[0]) >= 0xD800 and ord(data[0]) <= 0xDBFF and + ord(data[1]) >= 0xDC00 and ord(data[1]) <= 0xDFFF) + + +def surrogatePairToCodepoint(data): + char_val = (0x10000 + (ord(data[0]) - 0xD800) * 0x400 + + (ord(data[1]) - 0xDC00)) + return char_val + +# Module Factory Factory (no, this isn't Java, I know) +# Here to stop this being duplicated all over the place. + + +def moduleFactoryFactory(factory): + moduleCache = {} + + def moduleFactory(baseModule, *args, **kwargs): + if isinstance(ModuleType.__name__, type("")): + name = "_%s_factory" % baseModule.__name__ + else: + name = b"_%s_factory" % baseModule.__name__ + + kwargs_tuple = tuple(kwargs.items()) + + try: + return moduleCache[name][args][kwargs_tuple] + except KeyError: + mod = ModuleType(name) + objs = factory(baseModule, *args, **kwargs) + mod.__dict__.update(objs) + if "name" not in moduleCache: + moduleCache[name] = {} + if "args" not in moduleCache[name]: + moduleCache[name][args] = {} + if "kwargs" not in moduleCache[name][args]: + moduleCache[name][args][kwargs_tuple] = {} + moduleCache[name][args][kwargs_tuple] = mod + return mod + + return moduleFactory + + +def memoize(func): + cache = {} + + def wrapped(*args, **kwargs): + key = (tuple(args), tuple(kwargs.items())) + if key not in cache: + cache[key] = func(*args, **kwargs) + return cache[key] + + return wrapped diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/constants.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/constants.py new file mode 100644 index 000000000..fe3e237cd --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/constants.py @@ -0,0 +1,2946 @@ +from __future__ import absolute_import, division, unicode_literals + +import string + +EOF = None + +E = { + "null-character": + "Null character in input stream, replaced with U+FFFD.", + "invalid-codepoint": + "Invalid codepoint in stream.", + "incorrectly-placed-solidus": + "Solidus (/) incorrectly placed in tag.", + "incorrect-cr-newline-entity": + "Incorrect CR newline entity, replaced with LF.", + "illegal-windows-1252-entity": + "Entity used with illegal number (windows-1252 reference).", + "cant-convert-numeric-entity": + "Numeric entity couldn't be converted to character " + "(codepoint U+%(charAsInt)08x).", + "illegal-codepoint-for-numeric-entity": + "Numeric entity represents an illegal codepoint: " + "U+%(charAsInt)08x.", + "numeric-entity-without-semicolon": + "Numeric entity didn't end with ';'.", + "expected-numeric-entity-but-got-eof": + "Numeric entity expected. Got end of file instead.", + "expected-numeric-entity": + "Numeric entity expected but none found.", + "named-entity-without-semicolon": + "Named entity didn't end with ';'.", + "expected-named-entity": + "Named entity expected. Got none.", + "attributes-in-end-tag": + "End tag contains unexpected attributes.", + 'self-closing-flag-on-end-tag': + "End tag contains unexpected self-closing flag.", + "expected-tag-name-but-got-right-bracket": + "Expected tag name. Got '>' instead.", + "expected-tag-name-but-got-question-mark": + "Expected tag name. Got '?' instead. (HTML doesn't " + "support processing instructions.)", + "expected-tag-name": + "Expected tag name. Got something else instead", + "expected-closing-tag-but-got-right-bracket": + "Expected closing tag. Got '>' instead. Ignoring ''.", + "expected-closing-tag-but-got-eof": + "Expected closing tag. Unexpected end of file.", + "expected-closing-tag-but-got-char": + "Expected closing tag. Unexpected character '%(data)s' found.", + "eof-in-tag-name": + "Unexpected end of file in the tag name.", + "expected-attribute-name-but-got-eof": + "Unexpected end of file. Expected attribute name instead.", + "eof-in-attribute-name": + "Unexpected end of file in attribute name.", + "invalid-character-in-attribute-name": + "Invalid character in attribute name", + "duplicate-attribute": + "Dropped duplicate attribute on tag.", + "expected-end-of-tag-name-but-got-eof": + "Unexpected end of file. Expected = or end of tag.", + "expected-attribute-value-but-got-eof": + "Unexpected end of file. Expected attribute value.", + "expected-attribute-value-but-got-right-bracket": + "Expected attribute value. Got '>' instead.", + 'equals-in-unquoted-attribute-value': + "Unexpected = in unquoted attribute", + 'unexpected-character-in-unquoted-attribute-value': + "Unexpected character in unquoted attribute", + "invalid-character-after-attribute-name": + "Unexpected character after attribute name.", + "unexpected-character-after-attribute-value": + "Unexpected character after attribute value.", + "eof-in-attribute-value-double-quote": + "Unexpected end of file in attribute value (\").", + "eof-in-attribute-value-single-quote": + "Unexpected end of file in attribute value (').", + "eof-in-attribute-value-no-quotes": + "Unexpected end of file in attribute value.", + "unexpected-EOF-after-solidus-in-tag": + "Unexpected end of file in tag. Expected >", + "unexpected-character-after-solidus-in-tag": + "Unexpected character after / in tag. Expected >", + "expected-dashes-or-doctype": + "Expected '--' or 'DOCTYPE'. Not found.", + "unexpected-bang-after-double-dash-in-comment": + "Unexpected ! after -- in comment", + "unexpected-space-after-double-dash-in-comment": + "Unexpected space after -- in comment", + "incorrect-comment": + "Incorrect comment.", + "eof-in-comment": + "Unexpected end of file in comment.", + "eof-in-comment-end-dash": + "Unexpected end of file in comment (-)", + "unexpected-dash-after-double-dash-in-comment": + "Unexpected '-' after '--' found in comment.", + "eof-in-comment-double-dash": + "Unexpected end of file in comment (--).", + "eof-in-comment-end-space-state": + "Unexpected end of file in comment.", + "eof-in-comment-end-bang-state": + "Unexpected end of file in comment.", + "unexpected-char-in-comment": + "Unexpected character in comment found.", + "need-space-after-doctype": + "No space after literal string 'DOCTYPE'.", + "expected-doctype-name-but-got-right-bracket": + "Unexpected > character. Expected DOCTYPE name.", + "expected-doctype-name-but-got-eof": + "Unexpected end of file. Expected DOCTYPE name.", + "eof-in-doctype-name": + "Unexpected end of file in DOCTYPE name.", + "eof-in-doctype": + "Unexpected end of file in DOCTYPE.", + "expected-space-or-right-bracket-in-doctype": + "Expected space or '>'. Got '%(data)s'", + "unexpected-end-of-doctype": + "Unexpected end of DOCTYPE.", + "unexpected-char-in-doctype": + "Unexpected character in DOCTYPE.", + "eof-in-innerhtml": + "XXX innerHTML EOF", + "unexpected-doctype": + "Unexpected DOCTYPE. Ignored.", + "non-html-root": + "html needs to be the first start tag.", + "expected-doctype-but-got-eof": + "Unexpected End of file. Expected DOCTYPE.", + "unknown-doctype": + "Erroneous DOCTYPE.", + "expected-doctype-but-got-chars": + "Unexpected non-space characters. Expected DOCTYPE.", + "expected-doctype-but-got-start-tag": + "Unexpected start tag (%(name)s). Expected DOCTYPE.", + "expected-doctype-but-got-end-tag": + "Unexpected end tag (%(name)s). Expected DOCTYPE.", + "end-tag-after-implied-root": + "Unexpected end tag (%(name)s) after the (implied) root element.", + "expected-named-closing-tag-but-got-eof": + "Unexpected end of file. Expected end tag (%(name)s).", + "two-heads-are-not-better-than-one": + "Unexpected start tag head in existing head. Ignored.", + "unexpected-end-tag": + "Unexpected end tag (%(name)s). Ignored.", + "unexpected-start-tag-out-of-my-head": + "Unexpected start tag (%(name)s) that can be in head. Moved.", + "unexpected-start-tag": + "Unexpected start tag (%(name)s).", + "missing-end-tag": + "Missing end tag (%(name)s).", + "missing-end-tags": + "Missing end tags (%(name)s).", + "unexpected-start-tag-implies-end-tag": + "Unexpected start tag (%(startName)s) " + "implies end tag (%(endName)s).", + "unexpected-start-tag-treated-as": + "Unexpected start tag (%(originalName)s). Treated as %(newName)s.", + "deprecated-tag": + "Unexpected start tag %(name)s. Don't use it!", + "unexpected-start-tag-ignored": + "Unexpected start tag %(name)s. Ignored.", + "expected-one-end-tag-but-got-another": + "Unexpected end tag (%(gotName)s). " + "Missing end tag (%(expectedName)s).", + "end-tag-too-early": + "End tag (%(name)s) seen too early. Expected other end tag.", + "end-tag-too-early-named": + "Unexpected end tag (%(gotName)s). Expected end tag (%(expectedName)s).", + "end-tag-too-early-ignored": + "End tag (%(name)s) seen too early. Ignored.", + "adoption-agency-1.1": + "End tag (%(name)s) violates step 1, " + "paragraph 1 of the adoption agency algorithm.", + "adoption-agency-1.2": + "End tag (%(name)s) violates step 1, " + "paragraph 2 of the adoption agency algorithm.", + "adoption-agency-1.3": + "End tag (%(name)s) violates step 1, " + "paragraph 3 of the adoption agency algorithm.", + "adoption-agency-4.4": + "End tag (%(name)s) violates step 4, " + "paragraph 4 of the adoption agency algorithm.", + "unexpected-end-tag-treated-as": + "Unexpected end tag (%(originalName)s). Treated as %(newName)s.", + "no-end-tag": + "This element (%(name)s) has no end tag.", + "unexpected-implied-end-tag-in-table": + "Unexpected implied end tag (%(name)s) in the table phase.", + "unexpected-implied-end-tag-in-table-body": + "Unexpected implied end tag (%(name)s) in the table body phase.", + "unexpected-char-implies-table-voodoo": + "Unexpected non-space characters in " + "table context caused voodoo mode.", + "unexpected-hidden-input-in-table": + "Unexpected input with type hidden in table context.", + "unexpected-form-in-table": + "Unexpected form in table context.", + "unexpected-start-tag-implies-table-voodoo": + "Unexpected start tag (%(name)s) in " + "table context caused voodoo mode.", + "unexpected-end-tag-implies-table-voodoo": + "Unexpected end tag (%(name)s) in " + "table context caused voodoo mode.", + "unexpected-cell-in-table-body": + "Unexpected table cell start tag (%(name)s) " + "in the table body phase.", + "unexpected-cell-end-tag": + "Got table cell end tag (%(name)s) " + "while required end tags are missing.", + "unexpected-end-tag-in-table-body": + "Unexpected end tag (%(name)s) in the table body phase. Ignored.", + "unexpected-implied-end-tag-in-table-row": + "Unexpected implied end tag (%(name)s) in the table row phase.", + "unexpected-end-tag-in-table-row": + "Unexpected end tag (%(name)s) in the table row phase. Ignored.", + "unexpected-select-in-select": + "Unexpected select start tag in the select phase " + "treated as select end tag.", + "unexpected-input-in-select": + "Unexpected input start tag in the select phase.", + "unexpected-start-tag-in-select": + "Unexpected start tag token (%(name)s in the select phase. " + "Ignored.", + "unexpected-end-tag-in-select": + "Unexpected end tag (%(name)s) in the select phase. Ignored.", + "unexpected-table-element-start-tag-in-select-in-table": + "Unexpected table element start tag (%(name)s) in the select in table phase.", + "unexpected-table-element-end-tag-in-select-in-table": + "Unexpected table element end tag (%(name)s) in the select in table phase.", + "unexpected-char-after-body": + "Unexpected non-space characters in the after body phase.", + "unexpected-start-tag-after-body": + "Unexpected start tag token (%(name)s)" + " in the after body phase.", + "unexpected-end-tag-after-body": + "Unexpected end tag token (%(name)s)" + " in the after body phase.", + "unexpected-char-in-frameset": + "Unexpected characters in the frameset phase. Characters ignored.", + "unexpected-start-tag-in-frameset": + "Unexpected start tag token (%(name)s)" + " in the frameset phase. Ignored.", + "unexpected-frameset-in-frameset-innerhtml": + "Unexpected end tag token (frameset) " + "in the frameset phase (innerHTML).", + "unexpected-end-tag-in-frameset": + "Unexpected end tag token (%(name)s)" + " in the frameset phase. Ignored.", + "unexpected-char-after-frameset": + "Unexpected non-space characters in the " + "after frameset phase. Ignored.", + "unexpected-start-tag-after-frameset": + "Unexpected start tag (%(name)s)" + " in the after frameset phase. Ignored.", + "unexpected-end-tag-after-frameset": + "Unexpected end tag (%(name)s)" + " in the after frameset phase. Ignored.", + "unexpected-end-tag-after-body-innerhtml": + "Unexpected end tag after body(innerHtml)", + "expected-eof-but-got-char": + "Unexpected non-space characters. Expected end of file.", + "expected-eof-but-got-start-tag": + "Unexpected start tag (%(name)s)" + ". Expected end of file.", + "expected-eof-but-got-end-tag": + "Unexpected end tag (%(name)s)" + ". Expected end of file.", + "eof-in-table": + "Unexpected end of file. Expected table content.", + "eof-in-select": + "Unexpected end of file. Expected select content.", + "eof-in-frameset": + "Unexpected end of file. Expected frameset content.", + "eof-in-script-in-script": + "Unexpected end of file. Expected script content.", + "eof-in-foreign-lands": + "Unexpected end of file. Expected foreign content", + "non-void-element-with-trailing-solidus": + "Trailing solidus not allowed on element %(name)s", + "unexpected-html-element-in-foreign-content": + "Element %(name)s not allowed in a non-html context", + "unexpected-end-tag-before-html": + "Unexpected end tag (%(name)s) before html.", + "unexpected-inhead-noscript-tag": + "Element %(name)s not allowed in a inhead-noscript context", + "eof-in-head-noscript": + "Unexpected end of file. Expected inhead-noscript content", + "char-in-head-noscript": + "Unexpected non-space character. Expected inhead-noscript content", + "XXX-undefined-error": + "Undefined error (this sucks and should be fixed)", +} + +namespaces = { + "html": "http://www.w3.org/1999/xhtml", + "mathml": "http://www.w3.org/1998/Math/MathML", + "svg": "http://www.w3.org/2000/svg", + "xlink": "http://www.w3.org/1999/xlink", + "xml": "http://www.w3.org/XML/1998/namespace", + "xmlns": "http://www.w3.org/2000/xmlns/" +} + +scopingElements = frozenset([ + (namespaces["html"], "applet"), + (namespaces["html"], "caption"), + (namespaces["html"], "html"), + (namespaces["html"], "marquee"), + (namespaces["html"], "object"), + (namespaces["html"], "table"), + (namespaces["html"], "td"), + (namespaces["html"], "th"), + (namespaces["mathml"], "mi"), + (namespaces["mathml"], "mo"), + (namespaces["mathml"], "mn"), + (namespaces["mathml"], "ms"), + (namespaces["mathml"], "mtext"), + (namespaces["mathml"], "annotation-xml"), + (namespaces["svg"], "foreignObject"), + (namespaces["svg"], "desc"), + (namespaces["svg"], "title"), +]) + +formattingElements = frozenset([ + (namespaces["html"], "a"), + (namespaces["html"], "b"), + (namespaces["html"], "big"), + (namespaces["html"], "code"), + (namespaces["html"], "em"), + (namespaces["html"], "font"), + (namespaces["html"], "i"), + (namespaces["html"], "nobr"), + (namespaces["html"], "s"), + (namespaces["html"], "small"), + (namespaces["html"], "strike"), + (namespaces["html"], "strong"), + (namespaces["html"], "tt"), + (namespaces["html"], "u") +]) + +specialElements = frozenset([ + (namespaces["html"], "address"), + (namespaces["html"], "applet"), + (namespaces["html"], "area"), + (namespaces["html"], "article"), + (namespaces["html"], "aside"), + (namespaces["html"], "base"), + (namespaces["html"], "basefont"), + (namespaces["html"], "bgsound"), + (namespaces["html"], "blockquote"), + (namespaces["html"], "body"), + (namespaces["html"], "br"), + (namespaces["html"], "button"), + (namespaces["html"], "caption"), + (namespaces["html"], "center"), + (namespaces["html"], "col"), + (namespaces["html"], "colgroup"), + (namespaces["html"], "command"), + (namespaces["html"], "dd"), + (namespaces["html"], "details"), + (namespaces["html"], "dir"), + (namespaces["html"], "div"), + (namespaces["html"], "dl"), + (namespaces["html"], "dt"), + (namespaces["html"], "embed"), + (namespaces["html"], "fieldset"), + (namespaces["html"], "figure"), + (namespaces["html"], "footer"), + (namespaces["html"], "form"), + (namespaces["html"], "frame"), + (namespaces["html"], "frameset"), + (namespaces["html"], "h1"), + (namespaces["html"], "h2"), + (namespaces["html"], "h3"), + (namespaces["html"], "h4"), + (namespaces["html"], "h5"), + (namespaces["html"], "h6"), + (namespaces["html"], "head"), + (namespaces["html"], "header"), + (namespaces["html"], "hr"), + (namespaces["html"], "html"), + (namespaces["html"], "iframe"), + # Note that image is commented out in the spec as "this isn't an + # element that can end up on the stack, so it doesn't matter," + (namespaces["html"], "image"), + (namespaces["html"], "img"), + (namespaces["html"], "input"), + (namespaces["html"], "isindex"), + (namespaces["html"], "li"), + (namespaces["html"], "link"), + (namespaces["html"], "listing"), + (namespaces["html"], "marquee"), + (namespaces["html"], "menu"), + (namespaces["html"], "meta"), + (namespaces["html"], "nav"), + (namespaces["html"], "noembed"), + (namespaces["html"], "noframes"), + (namespaces["html"], "noscript"), + (namespaces["html"], "object"), + (namespaces["html"], "ol"), + (namespaces["html"], "p"), + (namespaces["html"], "param"), + (namespaces["html"], "plaintext"), + (namespaces["html"], "pre"), + (namespaces["html"], "script"), + (namespaces["html"], "section"), + (namespaces["html"], "select"), + (namespaces["html"], "style"), + (namespaces["html"], "table"), + (namespaces["html"], "tbody"), + (namespaces["html"], "td"), + (namespaces["html"], "textarea"), + (namespaces["html"], "tfoot"), + (namespaces["html"], "th"), + (namespaces["html"], "thead"), + (namespaces["html"], "title"), + (namespaces["html"], "tr"), + (namespaces["html"], "ul"), + (namespaces["html"], "wbr"), + (namespaces["html"], "xmp"), + (namespaces["svg"], "foreignObject") +]) + +htmlIntegrationPointElements = frozenset([ + (namespaces["mathml"], "annotation-xml"), + (namespaces["svg"], "foreignObject"), + (namespaces["svg"], "desc"), + (namespaces["svg"], "title") +]) + +mathmlTextIntegrationPointElements = frozenset([ + (namespaces["mathml"], "mi"), + (namespaces["mathml"], "mo"), + (namespaces["mathml"], "mn"), + (namespaces["mathml"], "ms"), + (namespaces["mathml"], "mtext") +]) + +adjustSVGAttributes = { + "attributename": "attributeName", + "attributetype": "attributeType", + "basefrequency": "baseFrequency", + "baseprofile": "baseProfile", + "calcmode": "calcMode", + "clippathunits": "clipPathUnits", + "contentscripttype": "contentScriptType", + "contentstyletype": "contentStyleType", + "diffuseconstant": "diffuseConstant", + "edgemode": "edgeMode", + "externalresourcesrequired": "externalResourcesRequired", + "filterres": "filterRes", + "filterunits": "filterUnits", + "glyphref": "glyphRef", + "gradienttransform": "gradientTransform", + "gradientunits": "gradientUnits", + "kernelmatrix": "kernelMatrix", + "kernelunitlength": "kernelUnitLength", + "keypoints": "keyPoints", + "keysplines": "keySplines", + "keytimes": "keyTimes", + "lengthadjust": "lengthAdjust", + "limitingconeangle": "limitingConeAngle", + "markerheight": "markerHeight", + "markerunits": "markerUnits", + "markerwidth": "markerWidth", + "maskcontentunits": "maskContentUnits", + "maskunits": "maskUnits", + "numoctaves": "numOctaves", + "pathlength": "pathLength", + "patterncontentunits": "patternContentUnits", + "patterntransform": "patternTransform", + "patternunits": "patternUnits", + "pointsatx": "pointsAtX", + "pointsaty": "pointsAtY", + "pointsatz": "pointsAtZ", + "preservealpha": "preserveAlpha", + "preserveaspectratio": "preserveAspectRatio", + "primitiveunits": "primitiveUnits", + "refx": "refX", + "refy": "refY", + "repeatcount": "repeatCount", + "repeatdur": "repeatDur", + "requiredextensions": "requiredExtensions", + "requiredfeatures": "requiredFeatures", + "specularconstant": "specularConstant", + "specularexponent": "specularExponent", + "spreadmethod": "spreadMethod", + "startoffset": "startOffset", + "stddeviation": "stdDeviation", + "stitchtiles": "stitchTiles", + "surfacescale": "surfaceScale", + "systemlanguage": "systemLanguage", + "tablevalues": "tableValues", + "targetx": "targetX", + "targety": "targetY", + "textlength": "textLength", + "viewbox": "viewBox", + "viewtarget": "viewTarget", + "xchannelselector": "xChannelSelector", + "ychannelselector": "yChannelSelector", + "zoomandpan": "zoomAndPan" +} + +adjustMathMLAttributes = {"definitionurl": "definitionURL"} + +adjustForeignAttributes = { + "xlink:actuate": ("xlink", "actuate", namespaces["xlink"]), + "xlink:arcrole": ("xlink", "arcrole", namespaces["xlink"]), + "xlink:href": ("xlink", "href", namespaces["xlink"]), + "xlink:role": ("xlink", "role", namespaces["xlink"]), + "xlink:show": ("xlink", "show", namespaces["xlink"]), + "xlink:title": ("xlink", "title", namespaces["xlink"]), + "xlink:type": ("xlink", "type", namespaces["xlink"]), + "xml:base": ("xml", "base", namespaces["xml"]), + "xml:lang": ("xml", "lang", namespaces["xml"]), + "xml:space": ("xml", "space", namespaces["xml"]), + "xmlns": (None, "xmlns", namespaces["xmlns"]), + "xmlns:xlink": ("xmlns", "xlink", namespaces["xmlns"]) +} + +unadjustForeignAttributes = {(ns, local): qname for qname, (prefix, local, ns) in + adjustForeignAttributes.items()} + +spaceCharacters = frozenset([ + "\t", + "\n", + "\u000C", + " ", + "\r" +]) + +tableInsertModeElements = frozenset([ + "table", + "tbody", + "tfoot", + "thead", + "tr" +]) + +asciiLowercase = frozenset(string.ascii_lowercase) +asciiUppercase = frozenset(string.ascii_uppercase) +asciiLetters = frozenset(string.ascii_letters) +digits = frozenset(string.digits) +hexDigits = frozenset(string.hexdigits) + +asciiUpper2Lower = {ord(c): ord(c.lower()) for c in string.ascii_uppercase} + +# Heading elements need to be ordered +headingElements = ( + "h1", + "h2", + "h3", + "h4", + "h5", + "h6" +) + +voidElements = frozenset([ + "base", + "command", + "event-source", + "link", + "meta", + "hr", + "br", + "img", + "embed", + "param", + "area", + "col", + "input", + "source", + "track" +]) + +cdataElements = frozenset(['title', 'textarea']) + +rcdataElements = frozenset([ + 'style', + 'script', + 'xmp', + 'iframe', + 'noembed', + 'noframes', + 'noscript' +]) + +booleanAttributes = { + "": frozenset(["irrelevant", "itemscope"]), + "style": frozenset(["scoped"]), + "img": frozenset(["ismap"]), + "audio": frozenset(["autoplay", "controls"]), + "video": frozenset(["autoplay", "controls"]), + "script": frozenset(["defer", "async"]), + "details": frozenset(["open"]), + "datagrid": frozenset(["multiple", "disabled"]), + "command": frozenset(["hidden", "disabled", "checked", "default"]), + "hr": frozenset(["noshade"]), + "menu": frozenset(["autosubmit"]), + "fieldset": frozenset(["disabled", "readonly"]), + "option": frozenset(["disabled", "readonly", "selected"]), + "optgroup": frozenset(["disabled", "readonly"]), + "button": frozenset(["disabled", "autofocus"]), + "input": frozenset(["disabled", "readonly", "required", "autofocus", "checked", "ismap"]), + "select": frozenset(["disabled", "readonly", "autofocus", "multiple"]), + "output": frozenset(["disabled", "readonly"]), + "iframe": frozenset(["seamless"]), +} + +# entitiesWindows1252 has to be _ordered_ and needs to have an index. It +# therefore can't be a frozenset. +entitiesWindows1252 = ( + 8364, # 0x80 0x20AC EURO SIGN + 65533, # 0x81 UNDEFINED + 8218, # 0x82 0x201A SINGLE LOW-9 QUOTATION MARK + 402, # 0x83 0x0192 LATIN SMALL LETTER F WITH HOOK + 8222, # 0x84 0x201E DOUBLE LOW-9 QUOTATION MARK + 8230, # 0x85 0x2026 HORIZONTAL ELLIPSIS + 8224, # 0x86 0x2020 DAGGER + 8225, # 0x87 0x2021 DOUBLE DAGGER + 710, # 0x88 0x02C6 MODIFIER LETTER CIRCUMFLEX ACCENT + 8240, # 0x89 0x2030 PER MILLE SIGN + 352, # 0x8A 0x0160 LATIN CAPITAL LETTER S WITH CARON + 8249, # 0x8B 0x2039 SINGLE LEFT-POINTING ANGLE QUOTATION MARK + 338, # 0x8C 0x0152 LATIN CAPITAL LIGATURE OE + 65533, # 0x8D UNDEFINED + 381, # 0x8E 0x017D LATIN CAPITAL LETTER Z WITH CARON + 65533, # 0x8F UNDEFINED + 65533, # 0x90 UNDEFINED + 8216, # 0x91 0x2018 LEFT SINGLE QUOTATION MARK + 8217, # 0x92 0x2019 RIGHT SINGLE QUOTATION MARK + 8220, # 0x93 0x201C LEFT DOUBLE QUOTATION MARK + 8221, # 0x94 0x201D RIGHT DOUBLE QUOTATION MARK + 8226, # 0x95 0x2022 BULLET + 8211, # 0x96 0x2013 EN DASH + 8212, # 0x97 0x2014 EM DASH + 732, # 0x98 0x02DC SMALL TILDE + 8482, # 0x99 0x2122 TRADE MARK SIGN + 353, # 0x9A 0x0161 LATIN SMALL LETTER S WITH CARON + 8250, # 0x9B 0x203A SINGLE RIGHT-POINTING ANGLE QUOTATION MARK + 339, # 0x9C 0x0153 LATIN SMALL LIGATURE OE + 65533, # 0x9D UNDEFINED + 382, # 0x9E 0x017E LATIN SMALL LETTER Z WITH CARON + 376 # 0x9F 0x0178 LATIN CAPITAL LETTER Y WITH DIAERESIS +) + +xmlEntities = frozenset(['lt;', 'gt;', 'amp;', 'apos;', 'quot;']) + +entities = { + "AElig": "\xc6", + "AElig;": "\xc6", + "AMP": "&", + "AMP;": "&", + "Aacute": "\xc1", + "Aacute;": "\xc1", + "Abreve;": "\u0102", + "Acirc": "\xc2", + "Acirc;": "\xc2", + "Acy;": "\u0410", + "Afr;": "\U0001d504", + "Agrave": "\xc0", + "Agrave;": "\xc0", + "Alpha;": "\u0391", + "Amacr;": "\u0100", + "And;": "\u2a53", + "Aogon;": "\u0104", + "Aopf;": "\U0001d538", + "ApplyFunction;": "\u2061", + "Aring": "\xc5", + "Aring;": "\xc5", + "Ascr;": "\U0001d49c", + "Assign;": "\u2254", + "Atilde": "\xc3", + "Atilde;": "\xc3", + "Auml": "\xc4", + "Auml;": "\xc4", + "Backslash;": "\u2216", + "Barv;": "\u2ae7", + "Barwed;": "\u2306", + "Bcy;": "\u0411", + "Because;": "\u2235", + "Bernoullis;": "\u212c", + "Beta;": "\u0392", + "Bfr;": "\U0001d505", + "Bopf;": "\U0001d539", + "Breve;": "\u02d8", + "Bscr;": "\u212c", + "Bumpeq;": "\u224e", + "CHcy;": "\u0427", + "COPY": "\xa9", + "COPY;": "\xa9", + "Cacute;": "\u0106", + "Cap;": "\u22d2", + "CapitalDifferentialD;": "\u2145", + "Cayleys;": "\u212d", + "Ccaron;": "\u010c", + "Ccedil": "\xc7", + "Ccedil;": "\xc7", + "Ccirc;": "\u0108", + "Cconint;": "\u2230", + "Cdot;": "\u010a", + "Cedilla;": "\xb8", + "CenterDot;": "\xb7", + "Cfr;": "\u212d", + "Chi;": "\u03a7", + "CircleDot;": "\u2299", + "CircleMinus;": "\u2296", + "CirclePlus;": "\u2295", + "CircleTimes;": "\u2297", + "ClockwiseContourIntegral;": "\u2232", + "CloseCurlyDoubleQuote;": "\u201d", + "CloseCurlyQuote;": "\u2019", + "Colon;": "\u2237", + "Colone;": "\u2a74", + "Congruent;": "\u2261", + "Conint;": "\u222f", + "ContourIntegral;": "\u222e", + "Copf;": "\u2102", + "Coproduct;": "\u2210", + "CounterClockwiseContourIntegral;": "\u2233", + "Cross;": "\u2a2f", + "Cscr;": "\U0001d49e", + "Cup;": "\u22d3", + "CupCap;": "\u224d", + "DD;": "\u2145", + "DDotrahd;": "\u2911", + "DJcy;": "\u0402", + "DScy;": "\u0405", + "DZcy;": "\u040f", + "Dagger;": "\u2021", + "Darr;": "\u21a1", + "Dashv;": "\u2ae4", + "Dcaron;": "\u010e", + "Dcy;": "\u0414", + "Del;": "\u2207", + "Delta;": "\u0394", + "Dfr;": "\U0001d507", + "DiacriticalAcute;": "\xb4", + "DiacriticalDot;": "\u02d9", + "DiacriticalDoubleAcute;": "\u02dd", + "DiacriticalGrave;": "`", + "DiacriticalTilde;": "\u02dc", + "Diamond;": "\u22c4", + "DifferentialD;": "\u2146", + "Dopf;": "\U0001d53b", + "Dot;": "\xa8", + "DotDot;": "\u20dc", + "DotEqual;": "\u2250", + "DoubleContourIntegral;": "\u222f", + "DoubleDot;": "\xa8", + "DoubleDownArrow;": "\u21d3", + "DoubleLeftArrow;": "\u21d0", + "DoubleLeftRightArrow;": "\u21d4", + "DoubleLeftTee;": "\u2ae4", + "DoubleLongLeftArrow;": "\u27f8", + "DoubleLongLeftRightArrow;": "\u27fa", + "DoubleLongRightArrow;": "\u27f9", + "DoubleRightArrow;": "\u21d2", + "DoubleRightTee;": "\u22a8", + "DoubleUpArrow;": "\u21d1", + "DoubleUpDownArrow;": "\u21d5", + "DoubleVerticalBar;": "\u2225", + "DownArrow;": "\u2193", + "DownArrowBar;": "\u2913", + "DownArrowUpArrow;": "\u21f5", + "DownBreve;": "\u0311", + "DownLeftRightVector;": "\u2950", + "DownLeftTeeVector;": "\u295e", + "DownLeftVector;": "\u21bd", + "DownLeftVectorBar;": "\u2956", + "DownRightTeeVector;": "\u295f", + "DownRightVector;": "\u21c1", + "DownRightVectorBar;": "\u2957", + "DownTee;": "\u22a4", + "DownTeeArrow;": "\u21a7", + "Downarrow;": "\u21d3", + "Dscr;": "\U0001d49f", + "Dstrok;": "\u0110", + "ENG;": "\u014a", + "ETH": "\xd0", + "ETH;": "\xd0", + "Eacute": "\xc9", + "Eacute;": "\xc9", + "Ecaron;": "\u011a", + "Ecirc": "\xca", + "Ecirc;": "\xca", + "Ecy;": "\u042d", + "Edot;": "\u0116", + "Efr;": "\U0001d508", + "Egrave": "\xc8", + "Egrave;": "\xc8", + "Element;": "\u2208", + "Emacr;": "\u0112", + "EmptySmallSquare;": "\u25fb", + "EmptyVerySmallSquare;": "\u25ab", + "Eogon;": "\u0118", + "Eopf;": "\U0001d53c", + "Epsilon;": "\u0395", + "Equal;": "\u2a75", + "EqualTilde;": "\u2242", + "Equilibrium;": "\u21cc", + "Escr;": "\u2130", + "Esim;": "\u2a73", + "Eta;": "\u0397", + "Euml": "\xcb", + "Euml;": "\xcb", + "Exists;": "\u2203", + "ExponentialE;": "\u2147", + "Fcy;": "\u0424", + "Ffr;": "\U0001d509", + "FilledSmallSquare;": "\u25fc", + "FilledVerySmallSquare;": "\u25aa", + "Fopf;": "\U0001d53d", + "ForAll;": "\u2200", + "Fouriertrf;": "\u2131", + "Fscr;": "\u2131", + "GJcy;": "\u0403", + "GT": ">", + "GT;": ">", + "Gamma;": "\u0393", + "Gammad;": "\u03dc", + "Gbreve;": "\u011e", + "Gcedil;": "\u0122", + "Gcirc;": "\u011c", + "Gcy;": "\u0413", + "Gdot;": "\u0120", + "Gfr;": "\U0001d50a", + "Gg;": "\u22d9", + "Gopf;": "\U0001d53e", + "GreaterEqual;": "\u2265", + "GreaterEqualLess;": "\u22db", + "GreaterFullEqual;": "\u2267", + "GreaterGreater;": "\u2aa2", + "GreaterLess;": "\u2277", + "GreaterSlantEqual;": "\u2a7e", + "GreaterTilde;": "\u2273", + "Gscr;": "\U0001d4a2", + "Gt;": "\u226b", + "HARDcy;": "\u042a", + "Hacek;": "\u02c7", + "Hat;": "^", + "Hcirc;": "\u0124", + "Hfr;": "\u210c", + "HilbertSpace;": "\u210b", + "Hopf;": "\u210d", + "HorizontalLine;": "\u2500", + "Hscr;": "\u210b", + "Hstrok;": "\u0126", + "HumpDownHump;": "\u224e", + "HumpEqual;": "\u224f", + "IEcy;": "\u0415", + "IJlig;": "\u0132", + "IOcy;": "\u0401", + "Iacute": "\xcd", + "Iacute;": "\xcd", + "Icirc": "\xce", + "Icirc;": "\xce", + "Icy;": "\u0418", + "Idot;": "\u0130", + "Ifr;": "\u2111", + "Igrave": "\xcc", + "Igrave;": "\xcc", + "Im;": "\u2111", + "Imacr;": "\u012a", + "ImaginaryI;": "\u2148", + "Implies;": "\u21d2", + "Int;": "\u222c", + "Integral;": "\u222b", + "Intersection;": "\u22c2", + "InvisibleComma;": "\u2063", + "InvisibleTimes;": "\u2062", + "Iogon;": "\u012e", + "Iopf;": "\U0001d540", + "Iota;": "\u0399", + "Iscr;": "\u2110", + "Itilde;": "\u0128", + "Iukcy;": "\u0406", + "Iuml": "\xcf", + "Iuml;": "\xcf", + "Jcirc;": "\u0134", + "Jcy;": "\u0419", + "Jfr;": "\U0001d50d", + "Jopf;": "\U0001d541", + "Jscr;": "\U0001d4a5", + "Jsercy;": "\u0408", + "Jukcy;": "\u0404", + "KHcy;": "\u0425", + "KJcy;": "\u040c", + "Kappa;": "\u039a", + "Kcedil;": "\u0136", + "Kcy;": "\u041a", + "Kfr;": "\U0001d50e", + "Kopf;": "\U0001d542", + "Kscr;": "\U0001d4a6", + "LJcy;": "\u0409", + "LT": "<", + "LT;": "<", + "Lacute;": "\u0139", + "Lambda;": "\u039b", + "Lang;": "\u27ea", + "Laplacetrf;": "\u2112", + "Larr;": "\u219e", + "Lcaron;": "\u013d", + "Lcedil;": "\u013b", + "Lcy;": "\u041b", + "LeftAngleBracket;": "\u27e8", + "LeftArrow;": "\u2190", + "LeftArrowBar;": "\u21e4", + "LeftArrowRightArrow;": "\u21c6", + "LeftCeiling;": "\u2308", + "LeftDoubleBracket;": "\u27e6", + "LeftDownTeeVector;": "\u2961", + "LeftDownVector;": "\u21c3", + "LeftDownVectorBar;": "\u2959", + "LeftFloor;": "\u230a", + "LeftRightArrow;": "\u2194", + "LeftRightVector;": "\u294e", + "LeftTee;": "\u22a3", + "LeftTeeArrow;": "\u21a4", + "LeftTeeVector;": "\u295a", + "LeftTriangle;": "\u22b2", + "LeftTriangleBar;": "\u29cf", + "LeftTriangleEqual;": "\u22b4", + "LeftUpDownVector;": "\u2951", + "LeftUpTeeVector;": "\u2960", + "LeftUpVector;": "\u21bf", + "LeftUpVectorBar;": "\u2958", + "LeftVector;": "\u21bc", + "LeftVectorBar;": "\u2952", + "Leftarrow;": "\u21d0", + "Leftrightarrow;": "\u21d4", + "LessEqualGreater;": "\u22da", + "LessFullEqual;": "\u2266", + "LessGreater;": "\u2276", + "LessLess;": "\u2aa1", + "LessSlantEqual;": "\u2a7d", + "LessTilde;": "\u2272", + "Lfr;": "\U0001d50f", + "Ll;": "\u22d8", + "Lleftarrow;": "\u21da", + "Lmidot;": "\u013f", + "LongLeftArrow;": "\u27f5", + "LongLeftRightArrow;": "\u27f7", + "LongRightArrow;": "\u27f6", + "Longleftarrow;": "\u27f8", + "Longleftrightarrow;": "\u27fa", + "Longrightarrow;": "\u27f9", + "Lopf;": "\U0001d543", + "LowerLeftArrow;": "\u2199", + "LowerRightArrow;": "\u2198", + "Lscr;": "\u2112", + "Lsh;": "\u21b0", + "Lstrok;": "\u0141", + "Lt;": "\u226a", + "Map;": "\u2905", + "Mcy;": "\u041c", + "MediumSpace;": "\u205f", + "Mellintrf;": "\u2133", + "Mfr;": "\U0001d510", + "MinusPlus;": "\u2213", + "Mopf;": "\U0001d544", + "Mscr;": "\u2133", + "Mu;": "\u039c", + "NJcy;": "\u040a", + "Nacute;": "\u0143", + "Ncaron;": "\u0147", + "Ncedil;": "\u0145", + "Ncy;": "\u041d", + "NegativeMediumSpace;": "\u200b", + "NegativeThickSpace;": "\u200b", + "NegativeThinSpace;": "\u200b", + "NegativeVeryThinSpace;": "\u200b", + "NestedGreaterGreater;": "\u226b", + "NestedLessLess;": "\u226a", + "NewLine;": "\n", + "Nfr;": "\U0001d511", + "NoBreak;": "\u2060", + "NonBreakingSpace;": "\xa0", + "Nopf;": "\u2115", + "Not;": "\u2aec", + "NotCongruent;": "\u2262", + "NotCupCap;": "\u226d", + "NotDoubleVerticalBar;": "\u2226", + "NotElement;": "\u2209", + "NotEqual;": "\u2260", + "NotEqualTilde;": "\u2242\u0338", + "NotExists;": "\u2204", + "NotGreater;": "\u226f", + "NotGreaterEqual;": "\u2271", + "NotGreaterFullEqual;": "\u2267\u0338", + "NotGreaterGreater;": "\u226b\u0338", + "NotGreaterLess;": "\u2279", + "NotGreaterSlantEqual;": "\u2a7e\u0338", + "NotGreaterTilde;": "\u2275", + "NotHumpDownHump;": "\u224e\u0338", + "NotHumpEqual;": "\u224f\u0338", + "NotLeftTriangle;": "\u22ea", + "NotLeftTriangleBar;": "\u29cf\u0338", + "NotLeftTriangleEqual;": "\u22ec", + "NotLess;": "\u226e", + "NotLessEqual;": "\u2270", + "NotLessGreater;": "\u2278", + "NotLessLess;": "\u226a\u0338", + "NotLessSlantEqual;": "\u2a7d\u0338", + "NotLessTilde;": "\u2274", + "NotNestedGreaterGreater;": "\u2aa2\u0338", + "NotNestedLessLess;": "\u2aa1\u0338", + "NotPrecedes;": "\u2280", + "NotPrecedesEqual;": "\u2aaf\u0338", + "NotPrecedesSlantEqual;": "\u22e0", + "NotReverseElement;": "\u220c", + "NotRightTriangle;": "\u22eb", + "NotRightTriangleBar;": "\u29d0\u0338", + "NotRightTriangleEqual;": "\u22ed", + "NotSquareSubset;": "\u228f\u0338", + "NotSquareSubsetEqual;": "\u22e2", + "NotSquareSuperset;": "\u2290\u0338", + "NotSquareSupersetEqual;": "\u22e3", + "NotSubset;": "\u2282\u20d2", + "NotSubsetEqual;": "\u2288", + "NotSucceeds;": "\u2281", + "NotSucceedsEqual;": "\u2ab0\u0338", + "NotSucceedsSlantEqual;": "\u22e1", + "NotSucceedsTilde;": "\u227f\u0338", + "NotSuperset;": "\u2283\u20d2", + "NotSupersetEqual;": "\u2289", + "NotTilde;": "\u2241", + "NotTildeEqual;": "\u2244", + "NotTildeFullEqual;": "\u2247", + "NotTildeTilde;": "\u2249", + "NotVerticalBar;": "\u2224", + "Nscr;": "\U0001d4a9", + "Ntilde": "\xd1", + "Ntilde;": "\xd1", + "Nu;": "\u039d", + "OElig;": "\u0152", + "Oacute": "\xd3", + "Oacute;": "\xd3", + "Ocirc": "\xd4", + "Ocirc;": "\xd4", + "Ocy;": "\u041e", + "Odblac;": "\u0150", + "Ofr;": "\U0001d512", + "Ograve": "\xd2", + "Ograve;": "\xd2", + "Omacr;": "\u014c", + "Omega;": "\u03a9", + "Omicron;": "\u039f", + "Oopf;": "\U0001d546", + "OpenCurlyDoubleQuote;": "\u201c", + "OpenCurlyQuote;": "\u2018", + "Or;": "\u2a54", + "Oscr;": "\U0001d4aa", + "Oslash": "\xd8", + "Oslash;": "\xd8", + "Otilde": "\xd5", + "Otilde;": "\xd5", + "Otimes;": "\u2a37", + "Ouml": "\xd6", + "Ouml;": "\xd6", + "OverBar;": "\u203e", + "OverBrace;": "\u23de", + "OverBracket;": "\u23b4", + "OverParenthesis;": "\u23dc", + "PartialD;": "\u2202", + "Pcy;": "\u041f", + "Pfr;": "\U0001d513", + "Phi;": "\u03a6", + "Pi;": "\u03a0", + "PlusMinus;": "\xb1", + "Poincareplane;": "\u210c", + "Popf;": "\u2119", + "Pr;": "\u2abb", + "Precedes;": "\u227a", + "PrecedesEqual;": "\u2aaf", + "PrecedesSlantEqual;": "\u227c", + "PrecedesTilde;": "\u227e", + "Prime;": "\u2033", + "Product;": "\u220f", + "Proportion;": "\u2237", + "Proportional;": "\u221d", + "Pscr;": "\U0001d4ab", + "Psi;": "\u03a8", + "QUOT": "\"", + "QUOT;": "\"", + "Qfr;": "\U0001d514", + "Qopf;": "\u211a", + "Qscr;": "\U0001d4ac", + "RBarr;": "\u2910", + "REG": "\xae", + "REG;": "\xae", + "Racute;": "\u0154", + "Rang;": "\u27eb", + "Rarr;": "\u21a0", + "Rarrtl;": "\u2916", + "Rcaron;": "\u0158", + "Rcedil;": "\u0156", + "Rcy;": "\u0420", + "Re;": "\u211c", + "ReverseElement;": "\u220b", + "ReverseEquilibrium;": "\u21cb", + "ReverseUpEquilibrium;": "\u296f", + "Rfr;": "\u211c", + "Rho;": "\u03a1", + "RightAngleBracket;": "\u27e9", + "RightArrow;": "\u2192", + "RightArrowBar;": "\u21e5", + "RightArrowLeftArrow;": "\u21c4", + "RightCeiling;": "\u2309", + "RightDoubleBracket;": "\u27e7", + "RightDownTeeVector;": "\u295d", + "RightDownVector;": "\u21c2", + "RightDownVectorBar;": "\u2955", + "RightFloor;": "\u230b", + "RightTee;": "\u22a2", + "RightTeeArrow;": "\u21a6", + "RightTeeVector;": "\u295b", + "RightTriangle;": "\u22b3", + "RightTriangleBar;": "\u29d0", + "RightTriangleEqual;": "\u22b5", + "RightUpDownVector;": "\u294f", + "RightUpTeeVector;": "\u295c", + "RightUpVector;": "\u21be", + "RightUpVectorBar;": "\u2954", + "RightVector;": "\u21c0", + "RightVectorBar;": "\u2953", + "Rightarrow;": "\u21d2", + "Ropf;": "\u211d", + "RoundImplies;": "\u2970", + "Rrightarrow;": "\u21db", + "Rscr;": "\u211b", + "Rsh;": "\u21b1", + "RuleDelayed;": "\u29f4", + "SHCHcy;": "\u0429", + "SHcy;": "\u0428", + "SOFTcy;": "\u042c", + "Sacute;": "\u015a", + "Sc;": "\u2abc", + "Scaron;": "\u0160", + "Scedil;": "\u015e", + "Scirc;": "\u015c", + "Scy;": "\u0421", + "Sfr;": "\U0001d516", + "ShortDownArrow;": "\u2193", + "ShortLeftArrow;": "\u2190", + "ShortRightArrow;": "\u2192", + "ShortUpArrow;": "\u2191", + "Sigma;": "\u03a3", + "SmallCircle;": "\u2218", + "Sopf;": "\U0001d54a", + "Sqrt;": "\u221a", + "Square;": "\u25a1", + "SquareIntersection;": "\u2293", + "SquareSubset;": "\u228f", + "SquareSubsetEqual;": "\u2291", + "SquareSuperset;": "\u2290", + "SquareSupersetEqual;": "\u2292", + "SquareUnion;": "\u2294", + "Sscr;": "\U0001d4ae", + "Star;": "\u22c6", + "Sub;": "\u22d0", + "Subset;": "\u22d0", + "SubsetEqual;": "\u2286", + "Succeeds;": "\u227b", + "SucceedsEqual;": "\u2ab0", + "SucceedsSlantEqual;": "\u227d", + "SucceedsTilde;": "\u227f", + "SuchThat;": "\u220b", + "Sum;": "\u2211", + "Sup;": "\u22d1", + "Superset;": "\u2283", + "SupersetEqual;": "\u2287", + "Supset;": "\u22d1", + "THORN": "\xde", + "THORN;": "\xde", + "TRADE;": "\u2122", + "TSHcy;": "\u040b", + "TScy;": "\u0426", + "Tab;": "\t", + "Tau;": "\u03a4", + "Tcaron;": "\u0164", + "Tcedil;": "\u0162", + "Tcy;": "\u0422", + "Tfr;": "\U0001d517", + "Therefore;": "\u2234", + "Theta;": "\u0398", + "ThickSpace;": "\u205f\u200a", + "ThinSpace;": "\u2009", + "Tilde;": "\u223c", + "TildeEqual;": "\u2243", + "TildeFullEqual;": "\u2245", + "TildeTilde;": "\u2248", + "Topf;": "\U0001d54b", + "TripleDot;": "\u20db", + "Tscr;": "\U0001d4af", + "Tstrok;": "\u0166", + "Uacute": "\xda", + "Uacute;": "\xda", + "Uarr;": "\u219f", + "Uarrocir;": "\u2949", + "Ubrcy;": "\u040e", + "Ubreve;": "\u016c", + "Ucirc": "\xdb", + "Ucirc;": "\xdb", + "Ucy;": "\u0423", + "Udblac;": "\u0170", + "Ufr;": "\U0001d518", + "Ugrave": "\xd9", + "Ugrave;": "\xd9", + "Umacr;": "\u016a", + "UnderBar;": "_", + "UnderBrace;": "\u23df", + "UnderBracket;": "\u23b5", + "UnderParenthesis;": "\u23dd", + "Union;": "\u22c3", + "UnionPlus;": "\u228e", + "Uogon;": "\u0172", + "Uopf;": "\U0001d54c", + "UpArrow;": "\u2191", + "UpArrowBar;": "\u2912", + "UpArrowDownArrow;": "\u21c5", + "UpDownArrow;": "\u2195", + "UpEquilibrium;": "\u296e", + "UpTee;": "\u22a5", + "UpTeeArrow;": "\u21a5", + "Uparrow;": "\u21d1", + "Updownarrow;": "\u21d5", + "UpperLeftArrow;": "\u2196", + "UpperRightArrow;": "\u2197", + "Upsi;": "\u03d2", + "Upsilon;": "\u03a5", + "Uring;": "\u016e", + "Uscr;": "\U0001d4b0", + "Utilde;": "\u0168", + "Uuml": "\xdc", + "Uuml;": "\xdc", + "VDash;": "\u22ab", + "Vbar;": "\u2aeb", + "Vcy;": "\u0412", + "Vdash;": "\u22a9", + "Vdashl;": "\u2ae6", + "Vee;": "\u22c1", + "Verbar;": "\u2016", + "Vert;": "\u2016", + "VerticalBar;": "\u2223", + "VerticalLine;": "|", + "VerticalSeparator;": "\u2758", + "VerticalTilde;": "\u2240", + "VeryThinSpace;": "\u200a", + "Vfr;": "\U0001d519", + "Vopf;": "\U0001d54d", + "Vscr;": "\U0001d4b1", + "Vvdash;": "\u22aa", + "Wcirc;": "\u0174", + "Wedge;": "\u22c0", + "Wfr;": "\U0001d51a", + "Wopf;": "\U0001d54e", + "Wscr;": "\U0001d4b2", + "Xfr;": "\U0001d51b", + "Xi;": "\u039e", + "Xopf;": "\U0001d54f", + "Xscr;": "\U0001d4b3", + "YAcy;": "\u042f", + "YIcy;": "\u0407", + "YUcy;": "\u042e", + "Yacute": "\xdd", + "Yacute;": "\xdd", + "Ycirc;": "\u0176", + "Ycy;": "\u042b", + "Yfr;": "\U0001d51c", + "Yopf;": "\U0001d550", + "Yscr;": "\U0001d4b4", + "Yuml;": "\u0178", + "ZHcy;": "\u0416", + "Zacute;": "\u0179", + "Zcaron;": "\u017d", + "Zcy;": "\u0417", + "Zdot;": "\u017b", + "ZeroWidthSpace;": "\u200b", + "Zeta;": "\u0396", + "Zfr;": "\u2128", + "Zopf;": "\u2124", + "Zscr;": "\U0001d4b5", + "aacute": "\xe1", + "aacute;": "\xe1", + "abreve;": "\u0103", + "ac;": "\u223e", + "acE;": "\u223e\u0333", + "acd;": "\u223f", + "acirc": "\xe2", + "acirc;": "\xe2", + "acute": "\xb4", + "acute;": "\xb4", + "acy;": "\u0430", + "aelig": "\xe6", + "aelig;": "\xe6", + "af;": "\u2061", + "afr;": "\U0001d51e", + "agrave": "\xe0", + "agrave;": "\xe0", + "alefsym;": "\u2135", + "aleph;": "\u2135", + "alpha;": "\u03b1", + "amacr;": "\u0101", + "amalg;": "\u2a3f", + "amp": "&", + "amp;": "&", + "and;": "\u2227", + "andand;": "\u2a55", + "andd;": "\u2a5c", + "andslope;": "\u2a58", + "andv;": "\u2a5a", + "ang;": "\u2220", + "ange;": "\u29a4", + "angle;": "\u2220", + "angmsd;": "\u2221", + "angmsdaa;": "\u29a8", + "angmsdab;": "\u29a9", + "angmsdac;": "\u29aa", + "angmsdad;": "\u29ab", + "angmsdae;": "\u29ac", + "angmsdaf;": "\u29ad", + "angmsdag;": "\u29ae", + "angmsdah;": "\u29af", + "angrt;": "\u221f", + "angrtvb;": "\u22be", + "angrtvbd;": "\u299d", + "angsph;": "\u2222", + "angst;": "\xc5", + "angzarr;": "\u237c", + "aogon;": "\u0105", + "aopf;": "\U0001d552", + "ap;": "\u2248", + "apE;": "\u2a70", + "apacir;": "\u2a6f", + "ape;": "\u224a", + "apid;": "\u224b", + "apos;": "'", + "approx;": "\u2248", + "approxeq;": "\u224a", + "aring": "\xe5", + "aring;": "\xe5", + "ascr;": "\U0001d4b6", + "ast;": "*", + "asymp;": "\u2248", + "asympeq;": "\u224d", + "atilde": "\xe3", + "atilde;": "\xe3", + "auml": "\xe4", + "auml;": "\xe4", + "awconint;": "\u2233", + "awint;": "\u2a11", + "bNot;": "\u2aed", + "backcong;": "\u224c", + "backepsilon;": "\u03f6", + "backprime;": "\u2035", + "backsim;": "\u223d", + "backsimeq;": "\u22cd", + "barvee;": "\u22bd", + "barwed;": "\u2305", + "barwedge;": "\u2305", + "bbrk;": "\u23b5", + "bbrktbrk;": "\u23b6", + "bcong;": "\u224c", + "bcy;": "\u0431", + "bdquo;": "\u201e", + "becaus;": "\u2235", + "because;": "\u2235", + "bemptyv;": "\u29b0", + "bepsi;": "\u03f6", + "bernou;": "\u212c", + "beta;": "\u03b2", + "beth;": "\u2136", + "between;": "\u226c", + "bfr;": "\U0001d51f", + "bigcap;": "\u22c2", + "bigcirc;": "\u25ef", + "bigcup;": "\u22c3", + "bigodot;": "\u2a00", + "bigoplus;": "\u2a01", + "bigotimes;": "\u2a02", + "bigsqcup;": "\u2a06", + "bigstar;": "\u2605", + "bigtriangledown;": "\u25bd", + "bigtriangleup;": "\u25b3", + "biguplus;": "\u2a04", + "bigvee;": "\u22c1", + "bigwedge;": "\u22c0", + "bkarow;": "\u290d", + "blacklozenge;": "\u29eb", + "blacksquare;": "\u25aa", + "blacktriangle;": "\u25b4", + "blacktriangledown;": "\u25be", + "blacktriangleleft;": "\u25c2", + "blacktriangleright;": "\u25b8", + "blank;": "\u2423", + "blk12;": "\u2592", + "blk14;": "\u2591", + "blk34;": "\u2593", + "block;": "\u2588", + "bne;": "=\u20e5", + "bnequiv;": "\u2261\u20e5", + "bnot;": "\u2310", + "bopf;": "\U0001d553", + "bot;": "\u22a5", + "bottom;": "\u22a5", + "bowtie;": "\u22c8", + "boxDL;": "\u2557", + "boxDR;": "\u2554", + "boxDl;": "\u2556", + "boxDr;": "\u2553", + "boxH;": "\u2550", + "boxHD;": "\u2566", + "boxHU;": "\u2569", + "boxHd;": "\u2564", + "boxHu;": "\u2567", + "boxUL;": "\u255d", + "boxUR;": "\u255a", + "boxUl;": "\u255c", + "boxUr;": "\u2559", + "boxV;": "\u2551", + "boxVH;": "\u256c", + "boxVL;": "\u2563", + "boxVR;": "\u2560", + "boxVh;": "\u256b", + "boxVl;": "\u2562", + "boxVr;": "\u255f", + "boxbox;": "\u29c9", + "boxdL;": "\u2555", + "boxdR;": "\u2552", + "boxdl;": "\u2510", + "boxdr;": "\u250c", + "boxh;": "\u2500", + "boxhD;": "\u2565", + "boxhU;": "\u2568", + "boxhd;": "\u252c", + "boxhu;": "\u2534", + "boxminus;": "\u229f", + "boxplus;": "\u229e", + "boxtimes;": "\u22a0", + "boxuL;": "\u255b", + "boxuR;": "\u2558", + "boxul;": "\u2518", + "boxur;": "\u2514", + "boxv;": "\u2502", + "boxvH;": "\u256a", + "boxvL;": "\u2561", + "boxvR;": "\u255e", + "boxvh;": "\u253c", + "boxvl;": "\u2524", + "boxvr;": "\u251c", + "bprime;": "\u2035", + "breve;": "\u02d8", + "brvbar": "\xa6", + "brvbar;": "\xa6", + "bscr;": "\U0001d4b7", + "bsemi;": "\u204f", + "bsim;": "\u223d", + "bsime;": "\u22cd", + "bsol;": "\\", + "bsolb;": "\u29c5", + "bsolhsub;": "\u27c8", + "bull;": "\u2022", + "bullet;": "\u2022", + "bump;": "\u224e", + "bumpE;": "\u2aae", + "bumpe;": "\u224f", + "bumpeq;": "\u224f", + "cacute;": "\u0107", + "cap;": "\u2229", + "capand;": "\u2a44", + "capbrcup;": "\u2a49", + "capcap;": "\u2a4b", + "capcup;": "\u2a47", + "capdot;": "\u2a40", + "caps;": "\u2229\ufe00", + "caret;": "\u2041", + "caron;": "\u02c7", + "ccaps;": "\u2a4d", + "ccaron;": "\u010d", + "ccedil": "\xe7", + "ccedil;": "\xe7", + "ccirc;": "\u0109", + "ccups;": "\u2a4c", + "ccupssm;": "\u2a50", + "cdot;": "\u010b", + "cedil": "\xb8", + "cedil;": "\xb8", + "cemptyv;": "\u29b2", + "cent": "\xa2", + "cent;": "\xa2", + "centerdot;": "\xb7", + "cfr;": "\U0001d520", + "chcy;": "\u0447", + "check;": "\u2713", + "checkmark;": "\u2713", + "chi;": "\u03c7", + "cir;": "\u25cb", + "cirE;": "\u29c3", + "circ;": "\u02c6", + "circeq;": "\u2257", + "circlearrowleft;": "\u21ba", + "circlearrowright;": "\u21bb", + "circledR;": "\xae", + "circledS;": "\u24c8", + "circledast;": "\u229b", + "circledcirc;": "\u229a", + "circleddash;": "\u229d", + "cire;": "\u2257", + "cirfnint;": "\u2a10", + "cirmid;": "\u2aef", + "cirscir;": "\u29c2", + "clubs;": "\u2663", + "clubsuit;": "\u2663", + "colon;": ":", + "colone;": "\u2254", + "coloneq;": "\u2254", + "comma;": ",", + "commat;": "@", + "comp;": "\u2201", + "compfn;": "\u2218", + "complement;": "\u2201", + "complexes;": "\u2102", + "cong;": "\u2245", + "congdot;": "\u2a6d", + "conint;": "\u222e", + "copf;": "\U0001d554", + "coprod;": "\u2210", + "copy": "\xa9", + "copy;": "\xa9", + "copysr;": "\u2117", + "crarr;": "\u21b5", + "cross;": "\u2717", + "cscr;": "\U0001d4b8", + "csub;": "\u2acf", + "csube;": "\u2ad1", + "csup;": "\u2ad0", + "csupe;": "\u2ad2", + "ctdot;": "\u22ef", + "cudarrl;": "\u2938", + "cudarrr;": "\u2935", + "cuepr;": "\u22de", + "cuesc;": "\u22df", + "cularr;": "\u21b6", + "cularrp;": "\u293d", + "cup;": "\u222a", + "cupbrcap;": "\u2a48", + "cupcap;": "\u2a46", + "cupcup;": "\u2a4a", + "cupdot;": "\u228d", + "cupor;": "\u2a45", + "cups;": "\u222a\ufe00", + "curarr;": "\u21b7", + "curarrm;": "\u293c", + "curlyeqprec;": "\u22de", + "curlyeqsucc;": "\u22df", + "curlyvee;": "\u22ce", + "curlywedge;": "\u22cf", + "curren": "\xa4", + "curren;": "\xa4", + "curvearrowleft;": "\u21b6", + "curvearrowright;": "\u21b7", + "cuvee;": "\u22ce", + "cuwed;": "\u22cf", + "cwconint;": "\u2232", + "cwint;": "\u2231", + "cylcty;": "\u232d", + "dArr;": "\u21d3", + "dHar;": "\u2965", + "dagger;": "\u2020", + "daleth;": "\u2138", + "darr;": "\u2193", + "dash;": "\u2010", + "dashv;": "\u22a3", + "dbkarow;": "\u290f", + "dblac;": "\u02dd", + "dcaron;": "\u010f", + "dcy;": "\u0434", + "dd;": "\u2146", + "ddagger;": "\u2021", + "ddarr;": "\u21ca", + "ddotseq;": "\u2a77", + "deg": "\xb0", + "deg;": "\xb0", + "delta;": "\u03b4", + "demptyv;": "\u29b1", + "dfisht;": "\u297f", + "dfr;": "\U0001d521", + "dharl;": "\u21c3", + "dharr;": "\u21c2", + "diam;": "\u22c4", + "diamond;": "\u22c4", + "diamondsuit;": "\u2666", + "diams;": "\u2666", + "die;": "\xa8", + "digamma;": "\u03dd", + "disin;": "\u22f2", + "div;": "\xf7", + "divide": "\xf7", + "divide;": "\xf7", + "divideontimes;": "\u22c7", + "divonx;": "\u22c7", + "djcy;": "\u0452", + "dlcorn;": "\u231e", + "dlcrop;": "\u230d", + "dollar;": "$", + "dopf;": "\U0001d555", + "dot;": "\u02d9", + "doteq;": "\u2250", + "doteqdot;": "\u2251", + "dotminus;": "\u2238", + "dotplus;": "\u2214", + "dotsquare;": "\u22a1", + "doublebarwedge;": "\u2306", + "downarrow;": "\u2193", + "downdownarrows;": "\u21ca", + "downharpoonleft;": "\u21c3", + "downharpoonright;": "\u21c2", + "drbkarow;": "\u2910", + "drcorn;": "\u231f", + "drcrop;": "\u230c", + "dscr;": "\U0001d4b9", + "dscy;": "\u0455", + "dsol;": "\u29f6", + "dstrok;": "\u0111", + "dtdot;": "\u22f1", + "dtri;": "\u25bf", + "dtrif;": "\u25be", + "duarr;": "\u21f5", + "duhar;": "\u296f", + "dwangle;": "\u29a6", + "dzcy;": "\u045f", + "dzigrarr;": "\u27ff", + "eDDot;": "\u2a77", + "eDot;": "\u2251", + "eacute": "\xe9", + "eacute;": "\xe9", + "easter;": "\u2a6e", + "ecaron;": "\u011b", + "ecir;": "\u2256", + "ecirc": "\xea", + "ecirc;": "\xea", + "ecolon;": "\u2255", + "ecy;": "\u044d", + "edot;": "\u0117", + "ee;": "\u2147", + "efDot;": "\u2252", + "efr;": "\U0001d522", + "eg;": "\u2a9a", + "egrave": "\xe8", + "egrave;": "\xe8", + "egs;": "\u2a96", + "egsdot;": "\u2a98", + "el;": "\u2a99", + "elinters;": "\u23e7", + "ell;": "\u2113", + "els;": "\u2a95", + "elsdot;": "\u2a97", + "emacr;": "\u0113", + "empty;": "\u2205", + "emptyset;": "\u2205", + "emptyv;": "\u2205", + "emsp13;": "\u2004", + "emsp14;": "\u2005", + "emsp;": "\u2003", + "eng;": "\u014b", + "ensp;": "\u2002", + "eogon;": "\u0119", + "eopf;": "\U0001d556", + "epar;": "\u22d5", + "eparsl;": "\u29e3", + "eplus;": "\u2a71", + "epsi;": "\u03b5", + "epsilon;": "\u03b5", + "epsiv;": "\u03f5", + "eqcirc;": "\u2256", + "eqcolon;": "\u2255", + "eqsim;": "\u2242", + "eqslantgtr;": "\u2a96", + "eqslantless;": "\u2a95", + "equals;": "=", + "equest;": "\u225f", + "equiv;": "\u2261", + "equivDD;": "\u2a78", + "eqvparsl;": "\u29e5", + "erDot;": "\u2253", + "erarr;": "\u2971", + "escr;": "\u212f", + "esdot;": "\u2250", + "esim;": "\u2242", + "eta;": "\u03b7", + "eth": "\xf0", + "eth;": "\xf0", + "euml": "\xeb", + "euml;": "\xeb", + "euro;": "\u20ac", + "excl;": "!", + "exist;": "\u2203", + "expectation;": "\u2130", + "exponentiale;": "\u2147", + "fallingdotseq;": "\u2252", + "fcy;": "\u0444", + "female;": "\u2640", + "ffilig;": "\ufb03", + "fflig;": "\ufb00", + "ffllig;": "\ufb04", + "ffr;": "\U0001d523", + "filig;": "\ufb01", + "fjlig;": "fj", + "flat;": "\u266d", + "fllig;": "\ufb02", + "fltns;": "\u25b1", + "fnof;": "\u0192", + "fopf;": "\U0001d557", + "forall;": "\u2200", + "fork;": "\u22d4", + "forkv;": "\u2ad9", + "fpartint;": "\u2a0d", + "frac12": "\xbd", + "frac12;": "\xbd", + "frac13;": "\u2153", + "frac14": "\xbc", + "frac14;": "\xbc", + "frac15;": "\u2155", + "frac16;": "\u2159", + "frac18;": "\u215b", + "frac23;": "\u2154", + "frac25;": "\u2156", + "frac34": "\xbe", + "frac34;": "\xbe", + "frac35;": "\u2157", + "frac38;": "\u215c", + "frac45;": "\u2158", + "frac56;": "\u215a", + "frac58;": "\u215d", + "frac78;": "\u215e", + "frasl;": "\u2044", + "frown;": "\u2322", + "fscr;": "\U0001d4bb", + "gE;": "\u2267", + "gEl;": "\u2a8c", + "gacute;": "\u01f5", + "gamma;": "\u03b3", + "gammad;": "\u03dd", + "gap;": "\u2a86", + "gbreve;": "\u011f", + "gcirc;": "\u011d", + "gcy;": "\u0433", + "gdot;": "\u0121", + "ge;": "\u2265", + "gel;": "\u22db", + "geq;": "\u2265", + "geqq;": "\u2267", + "geqslant;": "\u2a7e", + "ges;": "\u2a7e", + "gescc;": "\u2aa9", + "gesdot;": "\u2a80", + "gesdoto;": "\u2a82", + "gesdotol;": "\u2a84", + "gesl;": "\u22db\ufe00", + "gesles;": "\u2a94", + "gfr;": "\U0001d524", + "gg;": "\u226b", + "ggg;": "\u22d9", + "gimel;": "\u2137", + "gjcy;": "\u0453", + "gl;": "\u2277", + "glE;": "\u2a92", + "gla;": "\u2aa5", + "glj;": "\u2aa4", + "gnE;": "\u2269", + "gnap;": "\u2a8a", + "gnapprox;": "\u2a8a", + "gne;": "\u2a88", + "gneq;": "\u2a88", + "gneqq;": "\u2269", + "gnsim;": "\u22e7", + "gopf;": "\U0001d558", + "grave;": "`", + "gscr;": "\u210a", + "gsim;": "\u2273", + "gsime;": "\u2a8e", + "gsiml;": "\u2a90", + "gt": ">", + "gt;": ">", + "gtcc;": "\u2aa7", + "gtcir;": "\u2a7a", + "gtdot;": "\u22d7", + "gtlPar;": "\u2995", + "gtquest;": "\u2a7c", + "gtrapprox;": "\u2a86", + "gtrarr;": "\u2978", + "gtrdot;": "\u22d7", + "gtreqless;": "\u22db", + "gtreqqless;": "\u2a8c", + "gtrless;": "\u2277", + "gtrsim;": "\u2273", + "gvertneqq;": "\u2269\ufe00", + "gvnE;": "\u2269\ufe00", + "hArr;": "\u21d4", + "hairsp;": "\u200a", + "half;": "\xbd", + "hamilt;": "\u210b", + "hardcy;": "\u044a", + "harr;": "\u2194", + "harrcir;": "\u2948", + "harrw;": "\u21ad", + "hbar;": "\u210f", + "hcirc;": "\u0125", + "hearts;": "\u2665", + "heartsuit;": "\u2665", + "hellip;": "\u2026", + "hercon;": "\u22b9", + "hfr;": "\U0001d525", + "hksearow;": "\u2925", + "hkswarow;": "\u2926", + "hoarr;": "\u21ff", + "homtht;": "\u223b", + "hookleftarrow;": "\u21a9", + "hookrightarrow;": "\u21aa", + "hopf;": "\U0001d559", + "horbar;": "\u2015", + "hscr;": "\U0001d4bd", + "hslash;": "\u210f", + "hstrok;": "\u0127", + "hybull;": "\u2043", + "hyphen;": "\u2010", + "iacute": "\xed", + "iacute;": "\xed", + "ic;": "\u2063", + "icirc": "\xee", + "icirc;": "\xee", + "icy;": "\u0438", + "iecy;": "\u0435", + "iexcl": "\xa1", + "iexcl;": "\xa1", + "iff;": "\u21d4", + "ifr;": "\U0001d526", + "igrave": "\xec", + "igrave;": "\xec", + "ii;": "\u2148", + "iiiint;": "\u2a0c", + "iiint;": "\u222d", + "iinfin;": "\u29dc", + "iiota;": "\u2129", + "ijlig;": "\u0133", + "imacr;": "\u012b", + "image;": "\u2111", + "imagline;": "\u2110", + "imagpart;": "\u2111", + "imath;": "\u0131", + "imof;": "\u22b7", + "imped;": "\u01b5", + "in;": "\u2208", + "incare;": "\u2105", + "infin;": "\u221e", + "infintie;": "\u29dd", + "inodot;": "\u0131", + "int;": "\u222b", + "intcal;": "\u22ba", + "integers;": "\u2124", + "intercal;": "\u22ba", + "intlarhk;": "\u2a17", + "intprod;": "\u2a3c", + "iocy;": "\u0451", + "iogon;": "\u012f", + "iopf;": "\U0001d55a", + "iota;": "\u03b9", + "iprod;": "\u2a3c", + "iquest": "\xbf", + "iquest;": "\xbf", + "iscr;": "\U0001d4be", + "isin;": "\u2208", + "isinE;": "\u22f9", + "isindot;": "\u22f5", + "isins;": "\u22f4", + "isinsv;": "\u22f3", + "isinv;": "\u2208", + "it;": "\u2062", + "itilde;": "\u0129", + "iukcy;": "\u0456", + "iuml": "\xef", + "iuml;": "\xef", + "jcirc;": "\u0135", + "jcy;": "\u0439", + "jfr;": "\U0001d527", + "jmath;": "\u0237", + "jopf;": "\U0001d55b", + "jscr;": "\U0001d4bf", + "jsercy;": "\u0458", + "jukcy;": "\u0454", + "kappa;": "\u03ba", + "kappav;": "\u03f0", + "kcedil;": "\u0137", + "kcy;": "\u043a", + "kfr;": "\U0001d528", + "kgreen;": "\u0138", + "khcy;": "\u0445", + "kjcy;": "\u045c", + "kopf;": "\U0001d55c", + "kscr;": "\U0001d4c0", + "lAarr;": "\u21da", + "lArr;": "\u21d0", + "lAtail;": "\u291b", + "lBarr;": "\u290e", + "lE;": "\u2266", + "lEg;": "\u2a8b", + "lHar;": "\u2962", + "lacute;": "\u013a", + "laemptyv;": "\u29b4", + "lagran;": "\u2112", + "lambda;": "\u03bb", + "lang;": "\u27e8", + "langd;": "\u2991", + "langle;": "\u27e8", + "lap;": "\u2a85", + "laquo": "\xab", + "laquo;": "\xab", + "larr;": "\u2190", + "larrb;": "\u21e4", + "larrbfs;": "\u291f", + "larrfs;": "\u291d", + "larrhk;": "\u21a9", + "larrlp;": "\u21ab", + "larrpl;": "\u2939", + "larrsim;": "\u2973", + "larrtl;": "\u21a2", + "lat;": "\u2aab", + "latail;": "\u2919", + "late;": "\u2aad", + "lates;": "\u2aad\ufe00", + "lbarr;": "\u290c", + "lbbrk;": "\u2772", + "lbrace;": "{", + "lbrack;": "[", + "lbrke;": "\u298b", + "lbrksld;": "\u298f", + "lbrkslu;": "\u298d", + "lcaron;": "\u013e", + "lcedil;": "\u013c", + "lceil;": "\u2308", + "lcub;": "{", + "lcy;": "\u043b", + "ldca;": "\u2936", + "ldquo;": "\u201c", + "ldquor;": "\u201e", + "ldrdhar;": "\u2967", + "ldrushar;": "\u294b", + "ldsh;": "\u21b2", + "le;": "\u2264", + "leftarrow;": "\u2190", + "leftarrowtail;": "\u21a2", + "leftharpoondown;": "\u21bd", + "leftharpoonup;": "\u21bc", + "leftleftarrows;": "\u21c7", + "leftrightarrow;": "\u2194", + "leftrightarrows;": "\u21c6", + "leftrightharpoons;": "\u21cb", + "leftrightsquigarrow;": "\u21ad", + "leftthreetimes;": "\u22cb", + "leg;": "\u22da", + "leq;": "\u2264", + "leqq;": "\u2266", + "leqslant;": "\u2a7d", + "les;": "\u2a7d", + "lescc;": "\u2aa8", + "lesdot;": "\u2a7f", + "lesdoto;": "\u2a81", + "lesdotor;": "\u2a83", + "lesg;": "\u22da\ufe00", + "lesges;": "\u2a93", + "lessapprox;": "\u2a85", + "lessdot;": "\u22d6", + "lesseqgtr;": "\u22da", + "lesseqqgtr;": "\u2a8b", + "lessgtr;": "\u2276", + "lesssim;": "\u2272", + "lfisht;": "\u297c", + "lfloor;": "\u230a", + "lfr;": "\U0001d529", + "lg;": "\u2276", + "lgE;": "\u2a91", + "lhard;": "\u21bd", + "lharu;": "\u21bc", + "lharul;": "\u296a", + "lhblk;": "\u2584", + "ljcy;": "\u0459", + "ll;": "\u226a", + "llarr;": "\u21c7", + "llcorner;": "\u231e", + "llhard;": "\u296b", + "lltri;": "\u25fa", + "lmidot;": "\u0140", + "lmoust;": "\u23b0", + "lmoustache;": "\u23b0", + "lnE;": "\u2268", + "lnap;": "\u2a89", + "lnapprox;": "\u2a89", + "lne;": "\u2a87", + "lneq;": "\u2a87", + "lneqq;": "\u2268", + "lnsim;": "\u22e6", + "loang;": "\u27ec", + "loarr;": "\u21fd", + "lobrk;": "\u27e6", + "longleftarrow;": "\u27f5", + "longleftrightarrow;": "\u27f7", + "longmapsto;": "\u27fc", + "longrightarrow;": "\u27f6", + "looparrowleft;": "\u21ab", + "looparrowright;": "\u21ac", + "lopar;": "\u2985", + "lopf;": "\U0001d55d", + "loplus;": "\u2a2d", + "lotimes;": "\u2a34", + "lowast;": "\u2217", + "lowbar;": "_", + "loz;": "\u25ca", + "lozenge;": "\u25ca", + "lozf;": "\u29eb", + "lpar;": "(", + "lparlt;": "\u2993", + "lrarr;": "\u21c6", + "lrcorner;": "\u231f", + "lrhar;": "\u21cb", + "lrhard;": "\u296d", + "lrm;": "\u200e", + "lrtri;": "\u22bf", + "lsaquo;": "\u2039", + "lscr;": "\U0001d4c1", + "lsh;": "\u21b0", + "lsim;": "\u2272", + "lsime;": "\u2a8d", + "lsimg;": "\u2a8f", + "lsqb;": "[", + "lsquo;": "\u2018", + "lsquor;": "\u201a", + "lstrok;": "\u0142", + "lt": "<", + "lt;": "<", + "ltcc;": "\u2aa6", + "ltcir;": "\u2a79", + "ltdot;": "\u22d6", + "lthree;": "\u22cb", + "ltimes;": "\u22c9", + "ltlarr;": "\u2976", + "ltquest;": "\u2a7b", + "ltrPar;": "\u2996", + "ltri;": "\u25c3", + "ltrie;": "\u22b4", + "ltrif;": "\u25c2", + "lurdshar;": "\u294a", + "luruhar;": "\u2966", + "lvertneqq;": "\u2268\ufe00", + "lvnE;": "\u2268\ufe00", + "mDDot;": "\u223a", + "macr": "\xaf", + "macr;": "\xaf", + "male;": "\u2642", + "malt;": "\u2720", + "maltese;": "\u2720", + "map;": "\u21a6", + "mapsto;": "\u21a6", + "mapstodown;": "\u21a7", + "mapstoleft;": "\u21a4", + "mapstoup;": "\u21a5", + "marker;": "\u25ae", + "mcomma;": "\u2a29", + "mcy;": "\u043c", + "mdash;": "\u2014", + "measuredangle;": "\u2221", + "mfr;": "\U0001d52a", + "mho;": "\u2127", + "micro": "\xb5", + "micro;": "\xb5", + "mid;": "\u2223", + "midast;": "*", + "midcir;": "\u2af0", + "middot": "\xb7", + "middot;": "\xb7", + "minus;": "\u2212", + "minusb;": "\u229f", + "minusd;": "\u2238", + "minusdu;": "\u2a2a", + "mlcp;": "\u2adb", + "mldr;": "\u2026", + "mnplus;": "\u2213", + "models;": "\u22a7", + "mopf;": "\U0001d55e", + "mp;": "\u2213", + "mscr;": "\U0001d4c2", + "mstpos;": "\u223e", + "mu;": "\u03bc", + "multimap;": "\u22b8", + "mumap;": "\u22b8", + "nGg;": "\u22d9\u0338", + "nGt;": "\u226b\u20d2", + "nGtv;": "\u226b\u0338", + "nLeftarrow;": "\u21cd", + "nLeftrightarrow;": "\u21ce", + "nLl;": "\u22d8\u0338", + "nLt;": "\u226a\u20d2", + "nLtv;": "\u226a\u0338", + "nRightarrow;": "\u21cf", + "nVDash;": "\u22af", + "nVdash;": "\u22ae", + "nabla;": "\u2207", + "nacute;": "\u0144", + "nang;": "\u2220\u20d2", + "nap;": "\u2249", + "napE;": "\u2a70\u0338", + "napid;": "\u224b\u0338", + "napos;": "\u0149", + "napprox;": "\u2249", + "natur;": "\u266e", + "natural;": "\u266e", + "naturals;": "\u2115", + "nbsp": "\xa0", + "nbsp;": "\xa0", + "nbump;": "\u224e\u0338", + "nbumpe;": "\u224f\u0338", + "ncap;": "\u2a43", + "ncaron;": "\u0148", + "ncedil;": "\u0146", + "ncong;": "\u2247", + "ncongdot;": "\u2a6d\u0338", + "ncup;": "\u2a42", + "ncy;": "\u043d", + "ndash;": "\u2013", + "ne;": "\u2260", + "neArr;": "\u21d7", + "nearhk;": "\u2924", + "nearr;": "\u2197", + "nearrow;": "\u2197", + "nedot;": "\u2250\u0338", + "nequiv;": "\u2262", + "nesear;": "\u2928", + "nesim;": "\u2242\u0338", + "nexist;": "\u2204", + "nexists;": "\u2204", + "nfr;": "\U0001d52b", + "ngE;": "\u2267\u0338", + "nge;": "\u2271", + "ngeq;": "\u2271", + "ngeqq;": "\u2267\u0338", + "ngeqslant;": "\u2a7e\u0338", + "nges;": "\u2a7e\u0338", + "ngsim;": "\u2275", + "ngt;": "\u226f", + "ngtr;": "\u226f", + "nhArr;": "\u21ce", + "nharr;": "\u21ae", + "nhpar;": "\u2af2", + "ni;": "\u220b", + "nis;": "\u22fc", + "nisd;": "\u22fa", + "niv;": "\u220b", + "njcy;": "\u045a", + "nlArr;": "\u21cd", + "nlE;": "\u2266\u0338", + "nlarr;": "\u219a", + "nldr;": "\u2025", + "nle;": "\u2270", + "nleftarrow;": "\u219a", + "nleftrightarrow;": "\u21ae", + "nleq;": "\u2270", + "nleqq;": "\u2266\u0338", + "nleqslant;": "\u2a7d\u0338", + "nles;": "\u2a7d\u0338", + "nless;": "\u226e", + "nlsim;": "\u2274", + "nlt;": "\u226e", + "nltri;": "\u22ea", + "nltrie;": "\u22ec", + "nmid;": "\u2224", + "nopf;": "\U0001d55f", + "not": "\xac", + "not;": "\xac", + "notin;": "\u2209", + "notinE;": "\u22f9\u0338", + "notindot;": "\u22f5\u0338", + "notinva;": "\u2209", + "notinvb;": "\u22f7", + "notinvc;": "\u22f6", + "notni;": "\u220c", + "notniva;": "\u220c", + "notnivb;": "\u22fe", + "notnivc;": "\u22fd", + "npar;": "\u2226", + "nparallel;": "\u2226", + "nparsl;": "\u2afd\u20e5", + "npart;": "\u2202\u0338", + "npolint;": "\u2a14", + "npr;": "\u2280", + "nprcue;": "\u22e0", + "npre;": "\u2aaf\u0338", + "nprec;": "\u2280", + "npreceq;": "\u2aaf\u0338", + "nrArr;": "\u21cf", + "nrarr;": "\u219b", + "nrarrc;": "\u2933\u0338", + "nrarrw;": "\u219d\u0338", + "nrightarrow;": "\u219b", + "nrtri;": "\u22eb", + "nrtrie;": "\u22ed", + "nsc;": "\u2281", + "nsccue;": "\u22e1", + "nsce;": "\u2ab0\u0338", + "nscr;": "\U0001d4c3", + "nshortmid;": "\u2224", + "nshortparallel;": "\u2226", + "nsim;": "\u2241", + "nsime;": "\u2244", + "nsimeq;": "\u2244", + "nsmid;": "\u2224", + "nspar;": "\u2226", + "nsqsube;": "\u22e2", + "nsqsupe;": "\u22e3", + "nsub;": "\u2284", + "nsubE;": "\u2ac5\u0338", + "nsube;": "\u2288", + "nsubset;": "\u2282\u20d2", + "nsubseteq;": "\u2288", + "nsubseteqq;": "\u2ac5\u0338", + "nsucc;": "\u2281", + "nsucceq;": "\u2ab0\u0338", + "nsup;": "\u2285", + "nsupE;": "\u2ac6\u0338", + "nsupe;": "\u2289", + "nsupset;": "\u2283\u20d2", + "nsupseteq;": "\u2289", + "nsupseteqq;": "\u2ac6\u0338", + "ntgl;": "\u2279", + "ntilde": "\xf1", + "ntilde;": "\xf1", + "ntlg;": "\u2278", + "ntriangleleft;": "\u22ea", + "ntrianglelefteq;": "\u22ec", + "ntriangleright;": "\u22eb", + "ntrianglerighteq;": "\u22ed", + "nu;": "\u03bd", + "num;": "#", + "numero;": "\u2116", + "numsp;": "\u2007", + "nvDash;": "\u22ad", + "nvHarr;": "\u2904", + "nvap;": "\u224d\u20d2", + "nvdash;": "\u22ac", + "nvge;": "\u2265\u20d2", + "nvgt;": ">\u20d2", + "nvinfin;": "\u29de", + "nvlArr;": "\u2902", + "nvle;": "\u2264\u20d2", + "nvlt;": "<\u20d2", + "nvltrie;": "\u22b4\u20d2", + "nvrArr;": "\u2903", + "nvrtrie;": "\u22b5\u20d2", + "nvsim;": "\u223c\u20d2", + "nwArr;": "\u21d6", + "nwarhk;": "\u2923", + "nwarr;": "\u2196", + "nwarrow;": "\u2196", + "nwnear;": "\u2927", + "oS;": "\u24c8", + "oacute": "\xf3", + "oacute;": "\xf3", + "oast;": "\u229b", + "ocir;": "\u229a", + "ocirc": "\xf4", + "ocirc;": "\xf4", + "ocy;": "\u043e", + "odash;": "\u229d", + "odblac;": "\u0151", + "odiv;": "\u2a38", + "odot;": "\u2299", + "odsold;": "\u29bc", + "oelig;": "\u0153", + "ofcir;": "\u29bf", + "ofr;": "\U0001d52c", + "ogon;": "\u02db", + "ograve": "\xf2", + "ograve;": "\xf2", + "ogt;": "\u29c1", + "ohbar;": "\u29b5", + "ohm;": "\u03a9", + "oint;": "\u222e", + "olarr;": "\u21ba", + "olcir;": "\u29be", + "olcross;": "\u29bb", + "oline;": "\u203e", + "olt;": "\u29c0", + "omacr;": "\u014d", + "omega;": "\u03c9", + "omicron;": "\u03bf", + "omid;": "\u29b6", + "ominus;": "\u2296", + "oopf;": "\U0001d560", + "opar;": "\u29b7", + "operp;": "\u29b9", + "oplus;": "\u2295", + "or;": "\u2228", + "orarr;": "\u21bb", + "ord;": "\u2a5d", + "order;": "\u2134", + "orderof;": "\u2134", + "ordf": "\xaa", + "ordf;": "\xaa", + "ordm": "\xba", + "ordm;": "\xba", + "origof;": "\u22b6", + "oror;": "\u2a56", + "orslope;": "\u2a57", + "orv;": "\u2a5b", + "oscr;": "\u2134", + "oslash": "\xf8", + "oslash;": "\xf8", + "osol;": "\u2298", + "otilde": "\xf5", + "otilde;": "\xf5", + "otimes;": "\u2297", + "otimesas;": "\u2a36", + "ouml": "\xf6", + "ouml;": "\xf6", + "ovbar;": "\u233d", + "par;": "\u2225", + "para": "\xb6", + "para;": "\xb6", + "parallel;": "\u2225", + "parsim;": "\u2af3", + "parsl;": "\u2afd", + "part;": "\u2202", + "pcy;": "\u043f", + "percnt;": "%", + "period;": ".", + "permil;": "\u2030", + "perp;": "\u22a5", + "pertenk;": "\u2031", + "pfr;": "\U0001d52d", + "phi;": "\u03c6", + "phiv;": "\u03d5", + "phmmat;": "\u2133", + "phone;": "\u260e", + "pi;": "\u03c0", + "pitchfork;": "\u22d4", + "piv;": "\u03d6", + "planck;": "\u210f", + "planckh;": "\u210e", + "plankv;": "\u210f", + "plus;": "+", + "plusacir;": "\u2a23", + "plusb;": "\u229e", + "pluscir;": "\u2a22", + "plusdo;": "\u2214", + "plusdu;": "\u2a25", + "pluse;": "\u2a72", + "plusmn": "\xb1", + "plusmn;": "\xb1", + "plussim;": "\u2a26", + "plustwo;": "\u2a27", + "pm;": "\xb1", + "pointint;": "\u2a15", + "popf;": "\U0001d561", + "pound": "\xa3", + "pound;": "\xa3", + "pr;": "\u227a", + "prE;": "\u2ab3", + "prap;": "\u2ab7", + "prcue;": "\u227c", + "pre;": "\u2aaf", + "prec;": "\u227a", + "precapprox;": "\u2ab7", + "preccurlyeq;": "\u227c", + "preceq;": "\u2aaf", + "precnapprox;": "\u2ab9", + "precneqq;": "\u2ab5", + "precnsim;": "\u22e8", + "precsim;": "\u227e", + "prime;": "\u2032", + "primes;": "\u2119", + "prnE;": "\u2ab5", + "prnap;": "\u2ab9", + "prnsim;": "\u22e8", + "prod;": "\u220f", + "profalar;": "\u232e", + "profline;": "\u2312", + "profsurf;": "\u2313", + "prop;": "\u221d", + "propto;": "\u221d", + "prsim;": "\u227e", + "prurel;": "\u22b0", + "pscr;": "\U0001d4c5", + "psi;": "\u03c8", + "puncsp;": "\u2008", + "qfr;": "\U0001d52e", + "qint;": "\u2a0c", + "qopf;": "\U0001d562", + "qprime;": "\u2057", + "qscr;": "\U0001d4c6", + "quaternions;": "\u210d", + "quatint;": "\u2a16", + "quest;": "?", + "questeq;": "\u225f", + "quot": "\"", + "quot;": "\"", + "rAarr;": "\u21db", + "rArr;": "\u21d2", + "rAtail;": "\u291c", + "rBarr;": "\u290f", + "rHar;": "\u2964", + "race;": "\u223d\u0331", + "racute;": "\u0155", + "radic;": "\u221a", + "raemptyv;": "\u29b3", + "rang;": "\u27e9", + "rangd;": "\u2992", + "range;": "\u29a5", + "rangle;": "\u27e9", + "raquo": "\xbb", + "raquo;": "\xbb", + "rarr;": "\u2192", + "rarrap;": "\u2975", + "rarrb;": "\u21e5", + "rarrbfs;": "\u2920", + "rarrc;": "\u2933", + "rarrfs;": "\u291e", + "rarrhk;": "\u21aa", + "rarrlp;": "\u21ac", + "rarrpl;": "\u2945", + "rarrsim;": "\u2974", + "rarrtl;": "\u21a3", + "rarrw;": "\u219d", + "ratail;": "\u291a", + "ratio;": "\u2236", + "rationals;": "\u211a", + "rbarr;": "\u290d", + "rbbrk;": "\u2773", + "rbrace;": "}", + "rbrack;": "]", + "rbrke;": "\u298c", + "rbrksld;": "\u298e", + "rbrkslu;": "\u2990", + "rcaron;": "\u0159", + "rcedil;": "\u0157", + "rceil;": "\u2309", + "rcub;": "}", + "rcy;": "\u0440", + "rdca;": "\u2937", + "rdldhar;": "\u2969", + "rdquo;": "\u201d", + "rdquor;": "\u201d", + "rdsh;": "\u21b3", + "real;": "\u211c", + "realine;": "\u211b", + "realpart;": "\u211c", + "reals;": "\u211d", + "rect;": "\u25ad", + "reg": "\xae", + "reg;": "\xae", + "rfisht;": "\u297d", + "rfloor;": "\u230b", + "rfr;": "\U0001d52f", + "rhard;": "\u21c1", + "rharu;": "\u21c0", + "rharul;": "\u296c", + "rho;": "\u03c1", + "rhov;": "\u03f1", + "rightarrow;": "\u2192", + "rightarrowtail;": "\u21a3", + "rightharpoondown;": "\u21c1", + "rightharpoonup;": "\u21c0", + "rightleftarrows;": "\u21c4", + "rightleftharpoons;": "\u21cc", + "rightrightarrows;": "\u21c9", + "rightsquigarrow;": "\u219d", + "rightthreetimes;": "\u22cc", + "ring;": "\u02da", + "risingdotseq;": "\u2253", + "rlarr;": "\u21c4", + "rlhar;": "\u21cc", + "rlm;": "\u200f", + "rmoust;": "\u23b1", + "rmoustache;": "\u23b1", + "rnmid;": "\u2aee", + "roang;": "\u27ed", + "roarr;": "\u21fe", + "robrk;": "\u27e7", + "ropar;": "\u2986", + "ropf;": "\U0001d563", + "roplus;": "\u2a2e", + "rotimes;": "\u2a35", + "rpar;": ")", + "rpargt;": "\u2994", + "rppolint;": "\u2a12", + "rrarr;": "\u21c9", + "rsaquo;": "\u203a", + "rscr;": "\U0001d4c7", + "rsh;": "\u21b1", + "rsqb;": "]", + "rsquo;": "\u2019", + "rsquor;": "\u2019", + "rthree;": "\u22cc", + "rtimes;": "\u22ca", + "rtri;": "\u25b9", + "rtrie;": "\u22b5", + "rtrif;": "\u25b8", + "rtriltri;": "\u29ce", + "ruluhar;": "\u2968", + "rx;": "\u211e", + "sacute;": "\u015b", + "sbquo;": "\u201a", + "sc;": "\u227b", + "scE;": "\u2ab4", + "scap;": "\u2ab8", + "scaron;": "\u0161", + "sccue;": "\u227d", + "sce;": "\u2ab0", + "scedil;": "\u015f", + "scirc;": "\u015d", + "scnE;": "\u2ab6", + "scnap;": "\u2aba", + "scnsim;": "\u22e9", + "scpolint;": "\u2a13", + "scsim;": "\u227f", + "scy;": "\u0441", + "sdot;": "\u22c5", + "sdotb;": "\u22a1", + "sdote;": "\u2a66", + "seArr;": "\u21d8", + "searhk;": "\u2925", + "searr;": "\u2198", + "searrow;": "\u2198", + "sect": "\xa7", + "sect;": "\xa7", + "semi;": ";", + "seswar;": "\u2929", + "setminus;": "\u2216", + "setmn;": "\u2216", + "sext;": "\u2736", + "sfr;": "\U0001d530", + "sfrown;": "\u2322", + "sharp;": "\u266f", + "shchcy;": "\u0449", + "shcy;": "\u0448", + "shortmid;": "\u2223", + "shortparallel;": "\u2225", + "shy": "\xad", + "shy;": "\xad", + "sigma;": "\u03c3", + "sigmaf;": "\u03c2", + "sigmav;": "\u03c2", + "sim;": "\u223c", + "simdot;": "\u2a6a", + "sime;": "\u2243", + "simeq;": "\u2243", + "simg;": "\u2a9e", + "simgE;": "\u2aa0", + "siml;": "\u2a9d", + "simlE;": "\u2a9f", + "simne;": "\u2246", + "simplus;": "\u2a24", + "simrarr;": "\u2972", + "slarr;": "\u2190", + "smallsetminus;": "\u2216", + "smashp;": "\u2a33", + "smeparsl;": "\u29e4", + "smid;": "\u2223", + "smile;": "\u2323", + "smt;": "\u2aaa", + "smte;": "\u2aac", + "smtes;": "\u2aac\ufe00", + "softcy;": "\u044c", + "sol;": "/", + "solb;": "\u29c4", + "solbar;": "\u233f", + "sopf;": "\U0001d564", + "spades;": "\u2660", + "spadesuit;": "\u2660", + "spar;": "\u2225", + "sqcap;": "\u2293", + "sqcaps;": "\u2293\ufe00", + "sqcup;": "\u2294", + "sqcups;": "\u2294\ufe00", + "sqsub;": "\u228f", + "sqsube;": "\u2291", + "sqsubset;": "\u228f", + "sqsubseteq;": "\u2291", + "sqsup;": "\u2290", + "sqsupe;": "\u2292", + "sqsupset;": "\u2290", + "sqsupseteq;": "\u2292", + "squ;": "\u25a1", + "square;": "\u25a1", + "squarf;": "\u25aa", + "squf;": "\u25aa", + "srarr;": "\u2192", + "sscr;": "\U0001d4c8", + "ssetmn;": "\u2216", + "ssmile;": "\u2323", + "sstarf;": "\u22c6", + "star;": "\u2606", + "starf;": "\u2605", + "straightepsilon;": "\u03f5", + "straightphi;": "\u03d5", + "strns;": "\xaf", + "sub;": "\u2282", + "subE;": "\u2ac5", + "subdot;": "\u2abd", + "sube;": "\u2286", + "subedot;": "\u2ac3", + "submult;": "\u2ac1", + "subnE;": "\u2acb", + "subne;": "\u228a", + "subplus;": "\u2abf", + "subrarr;": "\u2979", + "subset;": "\u2282", + "subseteq;": "\u2286", + "subseteqq;": "\u2ac5", + "subsetneq;": "\u228a", + "subsetneqq;": "\u2acb", + "subsim;": "\u2ac7", + "subsub;": "\u2ad5", + "subsup;": "\u2ad3", + "succ;": "\u227b", + "succapprox;": "\u2ab8", + "succcurlyeq;": "\u227d", + "succeq;": "\u2ab0", + "succnapprox;": "\u2aba", + "succneqq;": "\u2ab6", + "succnsim;": "\u22e9", + "succsim;": "\u227f", + "sum;": "\u2211", + "sung;": "\u266a", + "sup1": "\xb9", + "sup1;": "\xb9", + "sup2": "\xb2", + "sup2;": "\xb2", + "sup3": "\xb3", + "sup3;": "\xb3", + "sup;": "\u2283", + "supE;": "\u2ac6", + "supdot;": "\u2abe", + "supdsub;": "\u2ad8", + "supe;": "\u2287", + "supedot;": "\u2ac4", + "suphsol;": "\u27c9", + "suphsub;": "\u2ad7", + "suplarr;": "\u297b", + "supmult;": "\u2ac2", + "supnE;": "\u2acc", + "supne;": "\u228b", + "supplus;": "\u2ac0", + "supset;": "\u2283", + "supseteq;": "\u2287", + "supseteqq;": "\u2ac6", + "supsetneq;": "\u228b", + "supsetneqq;": "\u2acc", + "supsim;": "\u2ac8", + "supsub;": "\u2ad4", + "supsup;": "\u2ad6", + "swArr;": "\u21d9", + "swarhk;": "\u2926", + "swarr;": "\u2199", + "swarrow;": "\u2199", + "swnwar;": "\u292a", + "szlig": "\xdf", + "szlig;": "\xdf", + "target;": "\u2316", + "tau;": "\u03c4", + "tbrk;": "\u23b4", + "tcaron;": "\u0165", + "tcedil;": "\u0163", + "tcy;": "\u0442", + "tdot;": "\u20db", + "telrec;": "\u2315", + "tfr;": "\U0001d531", + "there4;": "\u2234", + "therefore;": "\u2234", + "theta;": "\u03b8", + "thetasym;": "\u03d1", + "thetav;": "\u03d1", + "thickapprox;": "\u2248", + "thicksim;": "\u223c", + "thinsp;": "\u2009", + "thkap;": "\u2248", + "thksim;": "\u223c", + "thorn": "\xfe", + "thorn;": "\xfe", + "tilde;": "\u02dc", + "times": "\xd7", + "times;": "\xd7", + "timesb;": "\u22a0", + "timesbar;": "\u2a31", + "timesd;": "\u2a30", + "tint;": "\u222d", + "toea;": "\u2928", + "top;": "\u22a4", + "topbot;": "\u2336", + "topcir;": "\u2af1", + "topf;": "\U0001d565", + "topfork;": "\u2ada", + "tosa;": "\u2929", + "tprime;": "\u2034", + "trade;": "\u2122", + "triangle;": "\u25b5", + "triangledown;": "\u25bf", + "triangleleft;": "\u25c3", + "trianglelefteq;": "\u22b4", + "triangleq;": "\u225c", + "triangleright;": "\u25b9", + "trianglerighteq;": "\u22b5", + "tridot;": "\u25ec", + "trie;": "\u225c", + "triminus;": "\u2a3a", + "triplus;": "\u2a39", + "trisb;": "\u29cd", + "tritime;": "\u2a3b", + "trpezium;": "\u23e2", + "tscr;": "\U0001d4c9", + "tscy;": "\u0446", + "tshcy;": "\u045b", + "tstrok;": "\u0167", + "twixt;": "\u226c", + "twoheadleftarrow;": "\u219e", + "twoheadrightarrow;": "\u21a0", + "uArr;": "\u21d1", + "uHar;": "\u2963", + "uacute": "\xfa", + "uacute;": "\xfa", + "uarr;": "\u2191", + "ubrcy;": "\u045e", + "ubreve;": "\u016d", + "ucirc": "\xfb", + "ucirc;": "\xfb", + "ucy;": "\u0443", + "udarr;": "\u21c5", + "udblac;": "\u0171", + "udhar;": "\u296e", + "ufisht;": "\u297e", + "ufr;": "\U0001d532", + "ugrave": "\xf9", + "ugrave;": "\xf9", + "uharl;": "\u21bf", + "uharr;": "\u21be", + "uhblk;": "\u2580", + "ulcorn;": "\u231c", + "ulcorner;": "\u231c", + "ulcrop;": "\u230f", + "ultri;": "\u25f8", + "umacr;": "\u016b", + "uml": "\xa8", + "uml;": "\xa8", + "uogon;": "\u0173", + "uopf;": "\U0001d566", + "uparrow;": "\u2191", + "updownarrow;": "\u2195", + "upharpoonleft;": "\u21bf", + "upharpoonright;": "\u21be", + "uplus;": "\u228e", + "upsi;": "\u03c5", + "upsih;": "\u03d2", + "upsilon;": "\u03c5", + "upuparrows;": "\u21c8", + "urcorn;": "\u231d", + "urcorner;": "\u231d", + "urcrop;": "\u230e", + "uring;": "\u016f", + "urtri;": "\u25f9", + "uscr;": "\U0001d4ca", + "utdot;": "\u22f0", + "utilde;": "\u0169", + "utri;": "\u25b5", + "utrif;": "\u25b4", + "uuarr;": "\u21c8", + "uuml": "\xfc", + "uuml;": "\xfc", + "uwangle;": "\u29a7", + "vArr;": "\u21d5", + "vBar;": "\u2ae8", + "vBarv;": "\u2ae9", + "vDash;": "\u22a8", + "vangrt;": "\u299c", + "varepsilon;": "\u03f5", + "varkappa;": "\u03f0", + "varnothing;": "\u2205", + "varphi;": "\u03d5", + "varpi;": "\u03d6", + "varpropto;": "\u221d", + "varr;": "\u2195", + "varrho;": "\u03f1", + "varsigma;": "\u03c2", + "varsubsetneq;": "\u228a\ufe00", + "varsubsetneqq;": "\u2acb\ufe00", + "varsupsetneq;": "\u228b\ufe00", + "varsupsetneqq;": "\u2acc\ufe00", + "vartheta;": "\u03d1", + "vartriangleleft;": "\u22b2", + "vartriangleright;": "\u22b3", + "vcy;": "\u0432", + "vdash;": "\u22a2", + "vee;": "\u2228", + "veebar;": "\u22bb", + "veeeq;": "\u225a", + "vellip;": "\u22ee", + "verbar;": "|", + "vert;": "|", + "vfr;": "\U0001d533", + "vltri;": "\u22b2", + "vnsub;": "\u2282\u20d2", + "vnsup;": "\u2283\u20d2", + "vopf;": "\U0001d567", + "vprop;": "\u221d", + "vrtri;": "\u22b3", + "vscr;": "\U0001d4cb", + "vsubnE;": "\u2acb\ufe00", + "vsubne;": "\u228a\ufe00", + "vsupnE;": "\u2acc\ufe00", + "vsupne;": "\u228b\ufe00", + "vzigzag;": "\u299a", + "wcirc;": "\u0175", + "wedbar;": "\u2a5f", + "wedge;": "\u2227", + "wedgeq;": "\u2259", + "weierp;": "\u2118", + "wfr;": "\U0001d534", + "wopf;": "\U0001d568", + "wp;": "\u2118", + "wr;": "\u2240", + "wreath;": "\u2240", + "wscr;": "\U0001d4cc", + "xcap;": "\u22c2", + "xcirc;": "\u25ef", + "xcup;": "\u22c3", + "xdtri;": "\u25bd", + "xfr;": "\U0001d535", + "xhArr;": "\u27fa", + "xharr;": "\u27f7", + "xi;": "\u03be", + "xlArr;": "\u27f8", + "xlarr;": "\u27f5", + "xmap;": "\u27fc", + "xnis;": "\u22fb", + "xodot;": "\u2a00", + "xopf;": "\U0001d569", + "xoplus;": "\u2a01", + "xotime;": "\u2a02", + "xrArr;": "\u27f9", + "xrarr;": "\u27f6", + "xscr;": "\U0001d4cd", + "xsqcup;": "\u2a06", + "xuplus;": "\u2a04", + "xutri;": "\u25b3", + "xvee;": "\u22c1", + "xwedge;": "\u22c0", + "yacute": "\xfd", + "yacute;": "\xfd", + "yacy;": "\u044f", + "ycirc;": "\u0177", + "ycy;": "\u044b", + "yen": "\xa5", + "yen;": "\xa5", + "yfr;": "\U0001d536", + "yicy;": "\u0457", + "yopf;": "\U0001d56a", + "yscr;": "\U0001d4ce", + "yucy;": "\u044e", + "yuml": "\xff", + "yuml;": "\xff", + "zacute;": "\u017a", + "zcaron;": "\u017e", + "zcy;": "\u0437", + "zdot;": "\u017c", + "zeetrf;": "\u2128", + "zeta;": "\u03b6", + "zfr;": "\U0001d537", + "zhcy;": "\u0436", + "zigrarr;": "\u21dd", + "zopf;": "\U0001d56b", + "zscr;": "\U0001d4cf", + "zwj;": "\u200d", + "zwnj;": "\u200c", +} + +replacementCharacters = { + 0x0: "\uFFFD", + 0x0d: "\u000D", + 0x80: "\u20AC", + 0x81: "\u0081", + 0x82: "\u201A", + 0x83: "\u0192", + 0x84: "\u201E", + 0x85: "\u2026", + 0x86: "\u2020", + 0x87: "\u2021", + 0x88: "\u02C6", + 0x89: "\u2030", + 0x8A: "\u0160", + 0x8B: "\u2039", + 0x8C: "\u0152", + 0x8D: "\u008D", + 0x8E: "\u017D", + 0x8F: "\u008F", + 0x90: "\u0090", + 0x91: "\u2018", + 0x92: "\u2019", + 0x93: "\u201C", + 0x94: "\u201D", + 0x95: "\u2022", + 0x96: "\u2013", + 0x97: "\u2014", + 0x98: "\u02DC", + 0x99: "\u2122", + 0x9A: "\u0161", + 0x9B: "\u203A", + 0x9C: "\u0153", + 0x9D: "\u009D", + 0x9E: "\u017E", + 0x9F: "\u0178", +} + +tokenTypes = { + "Doctype": 0, + "Characters": 1, + "SpaceCharacters": 2, + "StartTag": 3, + "EndTag": 4, + "EmptyTag": 5, + "Comment": 6, + "ParseError": 7 +} + +tagTokenTypes = frozenset([tokenTypes["StartTag"], tokenTypes["EndTag"], + tokenTypes["EmptyTag"]]) + + +prefixes = {v: k for k, v in namespaces.items()} +prefixes["http://www.w3.org/1998/Math/MathML"] = "math" + + +class DataLossWarning(UserWarning): + """Raised when the current tree is unable to represent the input data""" + pass + + +class _ReparseException(Exception): + pass diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/__init__.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/alphabeticalattributes.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/alphabeticalattributes.py new file mode 100644 index 000000000..5ba926e3b --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/alphabeticalattributes.py @@ -0,0 +1,29 @@ +from __future__ import absolute_import, division, unicode_literals + +from . import base + +from collections import OrderedDict + + +def _attr_key(attr): + """Return an appropriate key for an attribute for sorting + + Attributes have a namespace that can be either ``None`` or a string. We + can't compare the two because they're different types, so we convert + ``None`` to an empty string first. + + """ + return (attr[0][0] or ''), attr[0][1] + + +class Filter(base.Filter): + """Alphabetizes attributes for elements""" + def __iter__(self): + for token in base.Filter.__iter__(self): + if token["type"] in ("StartTag", "EmptyTag"): + attrs = OrderedDict() + for name, value in sorted(token["data"].items(), + key=_attr_key): + attrs[name] = value + token["data"] = attrs + yield token diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/base.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/base.py new file mode 100644 index 000000000..c7dbaed0f --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/base.py @@ -0,0 +1,12 @@ +from __future__ import absolute_import, division, unicode_literals + + +class Filter(object): + def __init__(self, source): + self.source = source + + def __iter__(self): + return iter(self.source) + + def __getattr__(self, name): + return getattr(self.source, name) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/inject_meta_charset.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/inject_meta_charset.py new file mode 100644 index 000000000..aefb5c842 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/inject_meta_charset.py @@ -0,0 +1,73 @@ +from __future__ import absolute_import, division, unicode_literals + +from . import base + + +class Filter(base.Filter): + """Injects ```` tag into head of document""" + def __init__(self, source, encoding): + """Creates a Filter + + :arg source: the source token stream + + :arg encoding: the encoding to set + + """ + base.Filter.__init__(self, source) + self.encoding = encoding + + def __iter__(self): + state = "pre_head" + meta_found = (self.encoding is None) + pending = [] + + for token in base.Filter.__iter__(self): + type = token["type"] + if type == "StartTag": + if token["name"].lower() == "head": + state = "in_head" + + elif type == "EmptyTag": + if token["name"].lower() == "meta": + # replace charset with actual encoding + has_http_equiv_content_type = False + for (namespace, name), value in token["data"].items(): + if namespace is not None: + continue + elif name.lower() == 'charset': + token["data"][(namespace, name)] = self.encoding + meta_found = True + break + elif name == 'http-equiv' and value.lower() == 'content-type': + has_http_equiv_content_type = True + else: + if has_http_equiv_content_type and (None, "content") in token["data"]: + token["data"][(None, "content")] = 'text/html; charset=%s' % self.encoding + meta_found = True + + elif token["name"].lower() == "head" and not meta_found: + # insert meta into empty head + yield {"type": "StartTag", "name": "head", + "data": token["data"]} + yield {"type": "EmptyTag", "name": "meta", + "data": {(None, "charset"): self.encoding}} + yield {"type": "EndTag", "name": "head"} + meta_found = True + continue + + elif type == "EndTag": + if token["name"].lower() == "head" and pending: + # insert meta into head (if necessary) and flush pending queue + yield pending.pop(0) + if not meta_found: + yield {"type": "EmptyTag", "name": "meta", + "data": {(None, "charset"): self.encoding}} + while pending: + yield pending.pop(0) + meta_found = True + state = "post_head" + + if state == "in_head": + pending.append(token) + else: + yield token diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/lint.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/lint.py new file mode 100644 index 000000000..fcc07eec5 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/lint.py @@ -0,0 +1,93 @@ +from __future__ import absolute_import, division, unicode_literals + +from pip._vendor.six import text_type + +from . import base +from ..constants import namespaces, voidElements + +from ..constants import spaceCharacters +spaceCharacters = "".join(spaceCharacters) + + +class Filter(base.Filter): + """Lints the token stream for errors + + If it finds any errors, it'll raise an ``AssertionError``. + + """ + def __init__(self, source, require_matching_tags=True): + """Creates a Filter + + :arg source: the source token stream + + :arg require_matching_tags: whether or not to require matching tags + + """ + super(Filter, self).__init__(source) + self.require_matching_tags = require_matching_tags + + def __iter__(self): + open_elements = [] + for token in base.Filter.__iter__(self): + type = token["type"] + if type in ("StartTag", "EmptyTag"): + namespace = token["namespace"] + name = token["name"] + assert namespace is None or isinstance(namespace, text_type) + assert namespace != "" + assert isinstance(name, text_type) + assert name != "" + assert isinstance(token["data"], dict) + if (not namespace or namespace == namespaces["html"]) and name in voidElements: + assert type == "EmptyTag" + else: + assert type == "StartTag" + if type == "StartTag" and self.require_matching_tags: + open_elements.append((namespace, name)) + for (namespace, name), value in token["data"].items(): + assert namespace is None or isinstance(namespace, text_type) + assert namespace != "" + assert isinstance(name, text_type) + assert name != "" + assert isinstance(value, text_type) + + elif type == "EndTag": + namespace = token["namespace"] + name = token["name"] + assert namespace is None or isinstance(namespace, text_type) + assert namespace != "" + assert isinstance(name, text_type) + assert name != "" + if (not namespace or namespace == namespaces["html"]) and name in voidElements: + assert False, "Void element reported as EndTag token: %(tag)s" % {"tag": name} + elif self.require_matching_tags: + start = open_elements.pop() + assert start == (namespace, name) + + elif type == "Comment": + data = token["data"] + assert isinstance(data, text_type) + + elif type in ("Characters", "SpaceCharacters"): + data = token["data"] + assert isinstance(data, text_type) + assert data != "" + if type == "SpaceCharacters": + assert data.strip(spaceCharacters) == "" + + elif type == "Doctype": + name = token["name"] + assert name is None or isinstance(name, text_type) + assert token["publicId"] is None or isinstance(name, text_type) + assert token["systemId"] is None or isinstance(name, text_type) + + elif type == "Entity": + assert isinstance(token["name"], text_type) + + elif type == "SerializerError": + assert isinstance(token["data"], text_type) + + else: + assert False, "Unknown token type: %(type)s" % {"type": type} + + yield token diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/optionaltags.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/optionaltags.py new file mode 100644 index 000000000..4a865012c --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/optionaltags.py @@ -0,0 +1,207 @@ +from __future__ import absolute_import, division, unicode_literals + +from . import base + + +class Filter(base.Filter): + """Removes optional tags from the token stream""" + def slider(self): + previous1 = previous2 = None + for token in self.source: + if previous1 is not None: + yield previous2, previous1, token + previous2 = previous1 + previous1 = token + if previous1 is not None: + yield previous2, previous1, None + + def __iter__(self): + for previous, token, next in self.slider(): + type = token["type"] + if type == "StartTag": + if (token["data"] or + not self.is_optional_start(token["name"], previous, next)): + yield token + elif type == "EndTag": + if not self.is_optional_end(token["name"], next): + yield token + else: + yield token + + def is_optional_start(self, tagname, previous, next): + type = next and next["type"] or None + if tagname in 'html': + # An html element's start tag may be omitted if the first thing + # inside the html element is not a space character or a comment. + return type not in ("Comment", "SpaceCharacters") + elif tagname == 'head': + # A head element's start tag may be omitted if the first thing + # inside the head element is an element. + # XXX: we also omit the start tag if the head element is empty + if type in ("StartTag", "EmptyTag"): + return True + elif type == "EndTag": + return next["name"] == "head" + elif tagname == 'body': + # A body element's start tag may be omitted if the first thing + # inside the body element is not a space character or a comment, + # except if the first thing inside the body element is a script + # or style element and the node immediately preceding the body + # element is a head element whose end tag has been omitted. + if type in ("Comment", "SpaceCharacters"): + return False + elif type == "StartTag": + # XXX: we do not look at the preceding event, so we never omit + # the body element's start tag if it's followed by a script or + # a style element. + return next["name"] not in ('script', 'style') + else: + return True + elif tagname == 'colgroup': + # A colgroup element's start tag may be omitted if the first thing + # inside the colgroup element is a col element, and if the element + # is not immediately preceded by another colgroup element whose + # end tag has been omitted. + if type in ("StartTag", "EmptyTag"): + # XXX: we do not look at the preceding event, so instead we never + # omit the colgroup element's end tag when it is immediately + # followed by another colgroup element. See is_optional_end. + return next["name"] == "col" + else: + return False + elif tagname == 'tbody': + # A tbody element's start tag may be omitted if the first thing + # inside the tbody element is a tr element, and if the element is + # not immediately preceded by a tbody, thead, or tfoot element + # whose end tag has been omitted. + if type == "StartTag": + # omit the thead and tfoot elements' end tag when they are + # immediately followed by a tbody element. See is_optional_end. + if previous and previous['type'] == 'EndTag' and \ + previous['name'] in ('tbody', 'thead', 'tfoot'): + return False + return next["name"] == 'tr' + else: + return False + return False + + def is_optional_end(self, tagname, next): + type = next and next["type"] or None + if tagname in ('html', 'head', 'body'): + # An html element's end tag may be omitted if the html element + # is not immediately followed by a space character or a comment. + return type not in ("Comment", "SpaceCharacters") + elif tagname in ('li', 'optgroup', 'tr'): + # A li element's end tag may be omitted if the li element is + # immediately followed by another li element or if there is + # no more content in the parent element. + # An optgroup element's end tag may be omitted if the optgroup + # element is immediately followed by another optgroup element, + # or if there is no more content in the parent element. + # A tr element's end tag may be omitted if the tr element is + # immediately followed by another tr element, or if there is + # no more content in the parent element. + if type == "StartTag": + return next["name"] == tagname + else: + return type == "EndTag" or type is None + elif tagname in ('dt', 'dd'): + # A dt element's end tag may be omitted if the dt element is + # immediately followed by another dt element or a dd element. + # A dd element's end tag may be omitted if the dd element is + # immediately followed by another dd element or a dt element, + # or if there is no more content in the parent element. + if type == "StartTag": + return next["name"] in ('dt', 'dd') + elif tagname == 'dd': + return type == "EndTag" or type is None + else: + return False + elif tagname == 'p': + # A p element's end tag may be omitted if the p element is + # immediately followed by an address, article, aside, + # blockquote, datagrid, dialog, dir, div, dl, fieldset, + # footer, form, h1, h2, h3, h4, h5, h6, header, hr, menu, + # nav, ol, p, pre, section, table, or ul, element, or if + # there is no more content in the parent element. + if type in ("StartTag", "EmptyTag"): + return next["name"] in ('address', 'article', 'aside', + 'blockquote', 'datagrid', 'dialog', + 'dir', 'div', 'dl', 'fieldset', 'footer', + 'form', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', + 'header', 'hr', 'menu', 'nav', 'ol', + 'p', 'pre', 'section', 'table', 'ul') + else: + return type == "EndTag" or type is None + elif tagname == 'option': + # An option element's end tag may be omitted if the option + # element is immediately followed by another option element, + # or if it is immediately followed by an optgroup + # element, or if there is no more content in the parent + # element. + if type == "StartTag": + return next["name"] in ('option', 'optgroup') + else: + return type == "EndTag" or type is None + elif tagname in ('rt', 'rp'): + # An rt element's end tag may be omitted if the rt element is + # immediately followed by an rt or rp element, or if there is + # no more content in the parent element. + # An rp element's end tag may be omitted if the rp element is + # immediately followed by an rt or rp element, or if there is + # no more content in the parent element. + if type == "StartTag": + return next["name"] in ('rt', 'rp') + else: + return type == "EndTag" or type is None + elif tagname == 'colgroup': + # A colgroup element's end tag may be omitted if the colgroup + # element is not immediately followed by a space character or + # a comment. + if type in ("Comment", "SpaceCharacters"): + return False + elif type == "StartTag": + # XXX: we also look for an immediately following colgroup + # element. See is_optional_start. + return next["name"] != 'colgroup' + else: + return True + elif tagname in ('thead', 'tbody'): + # A thead element's end tag may be omitted if the thead element + # is immediately followed by a tbody or tfoot element. + # A tbody element's end tag may be omitted if the tbody element + # is immediately followed by a tbody or tfoot element, or if + # there is no more content in the parent element. + # A tfoot element's end tag may be omitted if the tfoot element + # is immediately followed by a tbody element, or if there is no + # more content in the parent element. + # XXX: we never omit the end tag when the following element is + # a tbody. See is_optional_start. + if type == "StartTag": + return next["name"] in ['tbody', 'tfoot'] + elif tagname == 'tbody': + return type == "EndTag" or type is None + else: + return False + elif tagname == 'tfoot': + # A tfoot element's end tag may be omitted if the tfoot element + # is immediately followed by a tbody element, or if there is no + # more content in the parent element. + # XXX: we never omit the end tag when the following element is + # a tbody. See is_optional_start. + if type == "StartTag": + return next["name"] == 'tbody' + else: + return type == "EndTag" or type is None + elif tagname in ('td', 'th'): + # A td element's end tag may be omitted if the td element is + # immediately followed by a td or th element, or if there is + # no more content in the parent element. + # A th element's end tag may be omitted if the th element is + # immediately followed by a td or th element, or if there is + # no more content in the parent element. + if type == "StartTag": + return next["name"] in ('td', 'th') + else: + return type == "EndTag" or type is None + return False diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/sanitizer.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/sanitizer.py new file mode 100644 index 000000000..aa7431d13 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/sanitizer.py @@ -0,0 +1,916 @@ +"""Deprecated from html5lib 1.1. + +See `here `_ for +information about its deprecation; `Bleach `_ +is recommended as a replacement. Please let us know in the aforementioned issue +if Bleach is unsuitable for your needs. + +""" +from __future__ import absolute_import, division, unicode_literals + +import re +import warnings +from xml.sax.saxutils import escape, unescape + +from pip._vendor.six.moves import urllib_parse as urlparse + +from . import base +from ..constants import namespaces, prefixes + +__all__ = ["Filter"] + + +_deprecation_msg = ( + "html5lib's sanitizer is deprecated; see " + + "https://github.com/html5lib/html5lib-python/issues/443 and please let " + + "us know if Bleach is unsuitable for your needs" +) + +warnings.warn(_deprecation_msg, DeprecationWarning) + +allowed_elements = frozenset(( + (namespaces['html'], 'a'), + (namespaces['html'], 'abbr'), + (namespaces['html'], 'acronym'), + (namespaces['html'], 'address'), + (namespaces['html'], 'area'), + (namespaces['html'], 'article'), + (namespaces['html'], 'aside'), + (namespaces['html'], 'audio'), + (namespaces['html'], 'b'), + (namespaces['html'], 'big'), + (namespaces['html'], 'blockquote'), + (namespaces['html'], 'br'), + (namespaces['html'], 'button'), + (namespaces['html'], 'canvas'), + (namespaces['html'], 'caption'), + (namespaces['html'], 'center'), + (namespaces['html'], 'cite'), + (namespaces['html'], 'code'), + (namespaces['html'], 'col'), + (namespaces['html'], 'colgroup'), + (namespaces['html'], 'command'), + (namespaces['html'], 'datagrid'), + (namespaces['html'], 'datalist'), + (namespaces['html'], 'dd'), + (namespaces['html'], 'del'), + (namespaces['html'], 'details'), + (namespaces['html'], 'dfn'), + (namespaces['html'], 'dialog'), + (namespaces['html'], 'dir'), + (namespaces['html'], 'div'), + (namespaces['html'], 'dl'), + (namespaces['html'], 'dt'), + (namespaces['html'], 'em'), + (namespaces['html'], 'event-source'), + (namespaces['html'], 'fieldset'), + (namespaces['html'], 'figcaption'), + (namespaces['html'], 'figure'), + (namespaces['html'], 'footer'), + (namespaces['html'], 'font'), + (namespaces['html'], 'form'), + (namespaces['html'], 'header'), + (namespaces['html'], 'h1'), + (namespaces['html'], 'h2'), + (namespaces['html'], 'h3'), + (namespaces['html'], 'h4'), + (namespaces['html'], 'h5'), + (namespaces['html'], 'h6'), + (namespaces['html'], 'hr'), + (namespaces['html'], 'i'), + (namespaces['html'], 'img'), + (namespaces['html'], 'input'), + (namespaces['html'], 'ins'), + (namespaces['html'], 'keygen'), + (namespaces['html'], 'kbd'), + (namespaces['html'], 'label'), + (namespaces['html'], 'legend'), + (namespaces['html'], 'li'), + (namespaces['html'], 'm'), + (namespaces['html'], 'map'), + (namespaces['html'], 'menu'), + (namespaces['html'], 'meter'), + (namespaces['html'], 'multicol'), + (namespaces['html'], 'nav'), + (namespaces['html'], 'nextid'), + (namespaces['html'], 'ol'), + (namespaces['html'], 'output'), + (namespaces['html'], 'optgroup'), + (namespaces['html'], 'option'), + (namespaces['html'], 'p'), + (namespaces['html'], 'pre'), + (namespaces['html'], 'progress'), + (namespaces['html'], 'q'), + (namespaces['html'], 's'), + (namespaces['html'], 'samp'), + (namespaces['html'], 'section'), + (namespaces['html'], 'select'), + (namespaces['html'], 'small'), + (namespaces['html'], 'sound'), + (namespaces['html'], 'source'), + (namespaces['html'], 'spacer'), + (namespaces['html'], 'span'), + (namespaces['html'], 'strike'), + (namespaces['html'], 'strong'), + (namespaces['html'], 'sub'), + (namespaces['html'], 'sup'), + (namespaces['html'], 'table'), + (namespaces['html'], 'tbody'), + (namespaces['html'], 'td'), + (namespaces['html'], 'textarea'), + (namespaces['html'], 'time'), + (namespaces['html'], 'tfoot'), + (namespaces['html'], 'th'), + (namespaces['html'], 'thead'), + (namespaces['html'], 'tr'), + (namespaces['html'], 'tt'), + (namespaces['html'], 'u'), + (namespaces['html'], 'ul'), + (namespaces['html'], 'var'), + (namespaces['html'], 'video'), + (namespaces['mathml'], 'maction'), + (namespaces['mathml'], 'math'), + (namespaces['mathml'], 'merror'), + (namespaces['mathml'], 'mfrac'), + (namespaces['mathml'], 'mi'), + (namespaces['mathml'], 'mmultiscripts'), + (namespaces['mathml'], 'mn'), + (namespaces['mathml'], 'mo'), + (namespaces['mathml'], 'mover'), + (namespaces['mathml'], 'mpadded'), + (namespaces['mathml'], 'mphantom'), + (namespaces['mathml'], 'mprescripts'), + (namespaces['mathml'], 'mroot'), + (namespaces['mathml'], 'mrow'), + (namespaces['mathml'], 'mspace'), + (namespaces['mathml'], 'msqrt'), + (namespaces['mathml'], 'mstyle'), + (namespaces['mathml'], 'msub'), + (namespaces['mathml'], 'msubsup'), + (namespaces['mathml'], 'msup'), + (namespaces['mathml'], 'mtable'), + (namespaces['mathml'], 'mtd'), + (namespaces['mathml'], 'mtext'), + (namespaces['mathml'], 'mtr'), + (namespaces['mathml'], 'munder'), + (namespaces['mathml'], 'munderover'), + (namespaces['mathml'], 'none'), + (namespaces['svg'], 'a'), + (namespaces['svg'], 'animate'), + (namespaces['svg'], 'animateColor'), + (namespaces['svg'], 'animateMotion'), + (namespaces['svg'], 'animateTransform'), + (namespaces['svg'], 'clipPath'), + (namespaces['svg'], 'circle'), + (namespaces['svg'], 'defs'), + (namespaces['svg'], 'desc'), + (namespaces['svg'], 'ellipse'), + (namespaces['svg'], 'font-face'), + (namespaces['svg'], 'font-face-name'), + (namespaces['svg'], 'font-face-src'), + (namespaces['svg'], 'g'), + (namespaces['svg'], 'glyph'), + (namespaces['svg'], 'hkern'), + (namespaces['svg'], 'linearGradient'), + (namespaces['svg'], 'line'), + (namespaces['svg'], 'marker'), + (namespaces['svg'], 'metadata'), + (namespaces['svg'], 'missing-glyph'), + (namespaces['svg'], 'mpath'), + (namespaces['svg'], 'path'), + (namespaces['svg'], 'polygon'), + (namespaces['svg'], 'polyline'), + (namespaces['svg'], 'radialGradient'), + (namespaces['svg'], 'rect'), + (namespaces['svg'], 'set'), + (namespaces['svg'], 'stop'), + (namespaces['svg'], 'svg'), + (namespaces['svg'], 'switch'), + (namespaces['svg'], 'text'), + (namespaces['svg'], 'title'), + (namespaces['svg'], 'tspan'), + (namespaces['svg'], 'use'), +)) + +allowed_attributes = frozenset(( + # HTML attributes + (None, 'abbr'), + (None, 'accept'), + (None, 'accept-charset'), + (None, 'accesskey'), + (None, 'action'), + (None, 'align'), + (None, 'alt'), + (None, 'autocomplete'), + (None, 'autofocus'), + (None, 'axis'), + (None, 'background'), + (None, 'balance'), + (None, 'bgcolor'), + (None, 'bgproperties'), + (None, 'border'), + (None, 'bordercolor'), + (None, 'bordercolordark'), + (None, 'bordercolorlight'), + (None, 'bottompadding'), + (None, 'cellpadding'), + (None, 'cellspacing'), + (None, 'ch'), + (None, 'challenge'), + (None, 'char'), + (None, 'charoff'), + (None, 'choff'), + (None, 'charset'), + (None, 'checked'), + (None, 'cite'), + (None, 'class'), + (None, 'clear'), + (None, 'color'), + (None, 'cols'), + (None, 'colspan'), + (None, 'compact'), + (None, 'contenteditable'), + (None, 'controls'), + (None, 'coords'), + (None, 'data'), + (None, 'datafld'), + (None, 'datapagesize'), + (None, 'datasrc'), + (None, 'datetime'), + (None, 'default'), + (None, 'delay'), + (None, 'dir'), + (None, 'disabled'), + (None, 'draggable'), + (None, 'dynsrc'), + (None, 'enctype'), + (None, 'end'), + (None, 'face'), + (None, 'for'), + (None, 'form'), + (None, 'frame'), + (None, 'galleryimg'), + (None, 'gutter'), + (None, 'headers'), + (None, 'height'), + (None, 'hidefocus'), + (None, 'hidden'), + (None, 'high'), + (None, 'href'), + (None, 'hreflang'), + (None, 'hspace'), + (None, 'icon'), + (None, 'id'), + (None, 'inputmode'), + (None, 'ismap'), + (None, 'keytype'), + (None, 'label'), + (None, 'leftspacing'), + (None, 'lang'), + (None, 'list'), + (None, 'longdesc'), + (None, 'loop'), + (None, 'loopcount'), + (None, 'loopend'), + (None, 'loopstart'), + (None, 'low'), + (None, 'lowsrc'), + (None, 'max'), + (None, 'maxlength'), + (None, 'media'), + (None, 'method'), + (None, 'min'), + (None, 'multiple'), + (None, 'name'), + (None, 'nohref'), + (None, 'noshade'), + (None, 'nowrap'), + (None, 'open'), + (None, 'optimum'), + (None, 'pattern'), + (None, 'ping'), + (None, 'point-size'), + (None, 'poster'), + (None, 'pqg'), + (None, 'preload'), + (None, 'prompt'), + (None, 'radiogroup'), + (None, 'readonly'), + (None, 'rel'), + (None, 'repeat-max'), + (None, 'repeat-min'), + (None, 'replace'), + (None, 'required'), + (None, 'rev'), + (None, 'rightspacing'), + (None, 'rows'), + (None, 'rowspan'), + (None, 'rules'), + (None, 'scope'), + (None, 'selected'), + (None, 'shape'), + (None, 'size'), + (None, 'span'), + (None, 'src'), + (None, 'start'), + (None, 'step'), + (None, 'style'), + (None, 'summary'), + (None, 'suppress'), + (None, 'tabindex'), + (None, 'target'), + (None, 'template'), + (None, 'title'), + (None, 'toppadding'), + (None, 'type'), + (None, 'unselectable'), + (None, 'usemap'), + (None, 'urn'), + (None, 'valign'), + (None, 'value'), + (None, 'variable'), + (None, 'volume'), + (None, 'vspace'), + (None, 'vrml'), + (None, 'width'), + (None, 'wrap'), + (namespaces['xml'], 'lang'), + # MathML attributes + (None, 'actiontype'), + (None, 'align'), + (None, 'columnalign'), + (None, 'columnalign'), + (None, 'columnalign'), + (None, 'columnlines'), + (None, 'columnspacing'), + (None, 'columnspan'), + (None, 'depth'), + (None, 'display'), + (None, 'displaystyle'), + (None, 'equalcolumns'), + (None, 'equalrows'), + (None, 'fence'), + (None, 'fontstyle'), + (None, 'fontweight'), + (None, 'frame'), + (None, 'height'), + (None, 'linethickness'), + (None, 'lspace'), + (None, 'mathbackground'), + (None, 'mathcolor'), + (None, 'mathvariant'), + (None, 'mathvariant'), + (None, 'maxsize'), + (None, 'minsize'), + (None, 'other'), + (None, 'rowalign'), + (None, 'rowalign'), + (None, 'rowalign'), + (None, 'rowlines'), + (None, 'rowspacing'), + (None, 'rowspan'), + (None, 'rspace'), + (None, 'scriptlevel'), + (None, 'selection'), + (None, 'separator'), + (None, 'stretchy'), + (None, 'width'), + (None, 'width'), + (namespaces['xlink'], 'href'), + (namespaces['xlink'], 'show'), + (namespaces['xlink'], 'type'), + # SVG attributes + (None, 'accent-height'), + (None, 'accumulate'), + (None, 'additive'), + (None, 'alphabetic'), + (None, 'arabic-form'), + (None, 'ascent'), + (None, 'attributeName'), + (None, 'attributeType'), + (None, 'baseProfile'), + (None, 'bbox'), + (None, 'begin'), + (None, 'by'), + (None, 'calcMode'), + (None, 'cap-height'), + (None, 'class'), + (None, 'clip-path'), + (None, 'color'), + (None, 'color-rendering'), + (None, 'content'), + (None, 'cx'), + (None, 'cy'), + (None, 'd'), + (None, 'dx'), + (None, 'dy'), + (None, 'descent'), + (None, 'display'), + (None, 'dur'), + (None, 'end'), + (None, 'fill'), + (None, 'fill-opacity'), + (None, 'fill-rule'), + (None, 'font-family'), + (None, 'font-size'), + (None, 'font-stretch'), + (None, 'font-style'), + (None, 'font-variant'), + (None, 'font-weight'), + (None, 'from'), + (None, 'fx'), + (None, 'fy'), + (None, 'g1'), + (None, 'g2'), + (None, 'glyph-name'), + (None, 'gradientUnits'), + (None, 'hanging'), + (None, 'height'), + (None, 'horiz-adv-x'), + (None, 'horiz-origin-x'), + (None, 'id'), + (None, 'ideographic'), + (None, 'k'), + (None, 'keyPoints'), + (None, 'keySplines'), + (None, 'keyTimes'), + (None, 'lang'), + (None, 'marker-end'), + (None, 'marker-mid'), + (None, 'marker-start'), + (None, 'markerHeight'), + (None, 'markerUnits'), + (None, 'markerWidth'), + (None, 'mathematical'), + (None, 'max'), + (None, 'min'), + (None, 'name'), + (None, 'offset'), + (None, 'opacity'), + (None, 'orient'), + (None, 'origin'), + (None, 'overline-position'), + (None, 'overline-thickness'), + (None, 'panose-1'), + (None, 'path'), + (None, 'pathLength'), + (None, 'points'), + (None, 'preserveAspectRatio'), + (None, 'r'), + (None, 'refX'), + (None, 'refY'), + (None, 'repeatCount'), + (None, 'repeatDur'), + (None, 'requiredExtensions'), + (None, 'requiredFeatures'), + (None, 'restart'), + (None, 'rotate'), + (None, 'rx'), + (None, 'ry'), + (None, 'slope'), + (None, 'stemh'), + (None, 'stemv'), + (None, 'stop-color'), + (None, 'stop-opacity'), + (None, 'strikethrough-position'), + (None, 'strikethrough-thickness'), + (None, 'stroke'), + (None, 'stroke-dasharray'), + (None, 'stroke-dashoffset'), + (None, 'stroke-linecap'), + (None, 'stroke-linejoin'), + (None, 'stroke-miterlimit'), + (None, 'stroke-opacity'), + (None, 'stroke-width'), + (None, 'systemLanguage'), + (None, 'target'), + (None, 'text-anchor'), + (None, 'to'), + (None, 'transform'), + (None, 'type'), + (None, 'u1'), + (None, 'u2'), + (None, 'underline-position'), + (None, 'underline-thickness'), + (None, 'unicode'), + (None, 'unicode-range'), + (None, 'units-per-em'), + (None, 'values'), + (None, 'version'), + (None, 'viewBox'), + (None, 'visibility'), + (None, 'width'), + (None, 'widths'), + (None, 'x'), + (None, 'x-height'), + (None, 'x1'), + (None, 'x2'), + (namespaces['xlink'], 'actuate'), + (namespaces['xlink'], 'arcrole'), + (namespaces['xlink'], 'href'), + (namespaces['xlink'], 'role'), + (namespaces['xlink'], 'show'), + (namespaces['xlink'], 'title'), + (namespaces['xlink'], 'type'), + (namespaces['xml'], 'base'), + (namespaces['xml'], 'lang'), + (namespaces['xml'], 'space'), + (None, 'y'), + (None, 'y1'), + (None, 'y2'), + (None, 'zoomAndPan'), +)) + +attr_val_is_uri = frozenset(( + (None, 'href'), + (None, 'src'), + (None, 'cite'), + (None, 'action'), + (None, 'longdesc'), + (None, 'poster'), + (None, 'background'), + (None, 'datasrc'), + (None, 'dynsrc'), + (None, 'lowsrc'), + (None, 'ping'), + (namespaces['xlink'], 'href'), + (namespaces['xml'], 'base'), +)) + +svg_attr_val_allows_ref = frozenset(( + (None, 'clip-path'), + (None, 'color-profile'), + (None, 'cursor'), + (None, 'fill'), + (None, 'filter'), + (None, 'marker'), + (None, 'marker-start'), + (None, 'marker-mid'), + (None, 'marker-end'), + (None, 'mask'), + (None, 'stroke'), +)) + +svg_allow_local_href = frozenset(( + (None, 'altGlyph'), + (None, 'animate'), + (None, 'animateColor'), + (None, 'animateMotion'), + (None, 'animateTransform'), + (None, 'cursor'), + (None, 'feImage'), + (None, 'filter'), + (None, 'linearGradient'), + (None, 'pattern'), + (None, 'radialGradient'), + (None, 'textpath'), + (None, 'tref'), + (None, 'set'), + (None, 'use') +)) + +allowed_css_properties = frozenset(( + 'azimuth', + 'background-color', + 'border-bottom-color', + 'border-collapse', + 'border-color', + 'border-left-color', + 'border-right-color', + 'border-top-color', + 'clear', + 'color', + 'cursor', + 'direction', + 'display', + 'elevation', + 'float', + 'font', + 'font-family', + 'font-size', + 'font-style', + 'font-variant', + 'font-weight', + 'height', + 'letter-spacing', + 'line-height', + 'overflow', + 'pause', + 'pause-after', + 'pause-before', + 'pitch', + 'pitch-range', + 'richness', + 'speak', + 'speak-header', + 'speak-numeral', + 'speak-punctuation', + 'speech-rate', + 'stress', + 'text-align', + 'text-decoration', + 'text-indent', + 'unicode-bidi', + 'vertical-align', + 'voice-family', + 'volume', + 'white-space', + 'width', +)) + +allowed_css_keywords = frozenset(( + 'auto', + 'aqua', + 'black', + 'block', + 'blue', + 'bold', + 'both', + 'bottom', + 'brown', + 'center', + 'collapse', + 'dashed', + 'dotted', + 'fuchsia', + 'gray', + 'green', + '!important', + 'italic', + 'left', + 'lime', + 'maroon', + 'medium', + 'none', + 'navy', + 'normal', + 'nowrap', + 'olive', + 'pointer', + 'purple', + 'red', + 'right', + 'solid', + 'silver', + 'teal', + 'top', + 'transparent', + 'underline', + 'white', + 'yellow', +)) + +allowed_svg_properties = frozenset(( + 'fill', + 'fill-opacity', + 'fill-rule', + 'stroke', + 'stroke-width', + 'stroke-linecap', + 'stroke-linejoin', + 'stroke-opacity', +)) + +allowed_protocols = frozenset(( + 'ed2k', + 'ftp', + 'http', + 'https', + 'irc', + 'mailto', + 'news', + 'gopher', + 'nntp', + 'telnet', + 'webcal', + 'xmpp', + 'callto', + 'feed', + 'urn', + 'aim', + 'rsync', + 'tag', + 'ssh', + 'sftp', + 'rtsp', + 'afs', + 'data', +)) + +allowed_content_types = frozenset(( + 'image/png', + 'image/jpeg', + 'image/gif', + 'image/webp', + 'image/bmp', + 'text/plain', +)) + + +data_content_type = re.compile(r''' + ^ + # Match a content type / + (?P[-a-zA-Z0-9.]+/[-a-zA-Z0-9.]+) + # Match any character set and encoding + (?:(?:;charset=(?:[-a-zA-Z0-9]+)(?:;(?:base64))?) + |(?:;(?:base64))?(?:;charset=(?:[-a-zA-Z0-9]+))?) + # Assume the rest is data + ,.* + $ + ''', + re.VERBOSE) + + +class Filter(base.Filter): + """Sanitizes token stream of XHTML+MathML+SVG and of inline style attributes""" + def __init__(self, + source, + allowed_elements=allowed_elements, + allowed_attributes=allowed_attributes, + allowed_css_properties=allowed_css_properties, + allowed_css_keywords=allowed_css_keywords, + allowed_svg_properties=allowed_svg_properties, + allowed_protocols=allowed_protocols, + allowed_content_types=allowed_content_types, + attr_val_is_uri=attr_val_is_uri, + svg_attr_val_allows_ref=svg_attr_val_allows_ref, + svg_allow_local_href=svg_allow_local_href): + """Creates a Filter + + :arg allowed_elements: set of elements to allow--everything else will + be escaped + + :arg allowed_attributes: set of attributes to allow in + elements--everything else will be stripped + + :arg allowed_css_properties: set of CSS properties to allow--everything + else will be stripped + + :arg allowed_css_keywords: set of CSS keywords to allow--everything + else will be stripped + + :arg allowed_svg_properties: set of SVG properties to allow--everything + else will be removed + + :arg allowed_protocols: set of allowed protocols for URIs + + :arg allowed_content_types: set of allowed content types for ``data`` URIs. + + :arg attr_val_is_uri: set of attributes that have URI values--values + that have a scheme not listed in ``allowed_protocols`` are removed + + :arg svg_attr_val_allows_ref: set of SVG attributes that can have + references + + :arg svg_allow_local_href: set of SVG elements that can have local + hrefs--these are removed + + """ + super(Filter, self).__init__(source) + + warnings.warn(_deprecation_msg, DeprecationWarning) + + self.allowed_elements = allowed_elements + self.allowed_attributes = allowed_attributes + self.allowed_css_properties = allowed_css_properties + self.allowed_css_keywords = allowed_css_keywords + self.allowed_svg_properties = allowed_svg_properties + self.allowed_protocols = allowed_protocols + self.allowed_content_types = allowed_content_types + self.attr_val_is_uri = attr_val_is_uri + self.svg_attr_val_allows_ref = svg_attr_val_allows_ref + self.svg_allow_local_href = svg_allow_local_href + + def __iter__(self): + for token in base.Filter.__iter__(self): + token = self.sanitize_token(token) + if token: + yield token + + # Sanitize the +html+, escaping all elements not in ALLOWED_ELEMENTS, and + # stripping out all attributes not in ALLOWED_ATTRIBUTES. Style attributes + # are parsed, and a restricted set, specified by ALLOWED_CSS_PROPERTIES and + # ALLOWED_CSS_KEYWORDS, are allowed through. attributes in ATTR_VAL_IS_URI + # are scanned, and only URI schemes specified in ALLOWED_PROTOCOLS are + # allowed. + # + # sanitize_html('') + # => <script> do_nasty_stuff() </script> + # sanitize_html('Click here for $100') + # => Click here for $100 + def sanitize_token(self, token): + + # accommodate filters which use token_type differently + token_type = token["type"] + if token_type in ("StartTag", "EndTag", "EmptyTag"): + name = token["name"] + namespace = token["namespace"] + if ((namespace, name) in self.allowed_elements or + (namespace is None and + (namespaces["html"], name) in self.allowed_elements)): + return self.allowed_token(token) + else: + return self.disallowed_token(token) + elif token_type == "Comment": + pass + else: + return token + + def allowed_token(self, token): + if "data" in token: + attrs = token["data"] + attr_names = set(attrs.keys()) + + # Remove forbidden attributes + for to_remove in (attr_names - self.allowed_attributes): + del token["data"][to_remove] + attr_names.remove(to_remove) + + # Remove attributes with disallowed URL values + for attr in (attr_names & self.attr_val_is_uri): + assert attr in attrs + # I don't have a clue where this regexp comes from or why it matches those + # characters, nor why we call unescape. I just know it's always been here. + # Should you be worried by this comment in a sanitizer? Yes. On the other hand, all + # this will do is remove *more* than it otherwise would. + val_unescaped = re.sub("[`\x00-\x20\x7f-\xa0\\s]+", '', + unescape(attrs[attr])).lower() + # remove replacement characters from unescaped characters + val_unescaped = val_unescaped.replace("\ufffd", "") + try: + uri = urlparse.urlparse(val_unescaped) + except ValueError: + uri = None + del attrs[attr] + if uri and uri.scheme: + if uri.scheme not in self.allowed_protocols: + del attrs[attr] + if uri.scheme == 'data': + m = data_content_type.match(uri.path) + if not m: + del attrs[attr] + elif m.group('content_type') not in self.allowed_content_types: + del attrs[attr] + + for attr in self.svg_attr_val_allows_ref: + if attr in attrs: + attrs[attr] = re.sub(r'url\s*\(\s*[^#\s][^)]+?\)', + ' ', + unescape(attrs[attr])) + if (token["name"] in self.svg_allow_local_href and + (namespaces['xlink'], 'href') in attrs and re.search(r'^\s*[^#\s].*', + attrs[(namespaces['xlink'], 'href')])): + del attrs[(namespaces['xlink'], 'href')] + if (None, 'style') in attrs: + attrs[(None, 'style')] = self.sanitize_css(attrs[(None, 'style')]) + token["data"] = attrs + return token + + def disallowed_token(self, token): + token_type = token["type"] + if token_type == "EndTag": + token["data"] = "" % token["name"] + elif token["data"]: + assert token_type in ("StartTag", "EmptyTag") + attrs = [] + for (ns, name), v in token["data"].items(): + attrs.append(' %s="%s"' % (name if ns is None else "%s:%s" % (prefixes[ns], name), escape(v))) + token["data"] = "<%s%s>" % (token["name"], ''.join(attrs)) + else: + token["data"] = "<%s>" % token["name"] + if token.get("selfClosing"): + token["data"] = token["data"][:-1] + "/>" + + token["type"] = "Characters" + + del token["name"] + return token + + def sanitize_css(self, style): + # disallow urls + style = re.compile(r'url\s*\(\s*[^\s)]+?\s*\)\s*').sub(' ', style) + + # gauntlet + if not re.match(r"""^([:,;#%.\sa-zA-Z0-9!]|\w-\w|'[\s\w]+'|"[\s\w]+"|\([\d,\s]+\))*$""", style): + return '' + if not re.match(r"^\s*([-\w]+\s*:[^:;]*(;\s*|$))*$", style): + return '' + + clean = [] + for prop, value in re.findall(r"([-\w]+)\s*:\s*([^:;]*)", style): + if not value: + continue + if prop.lower() in self.allowed_css_properties: + clean.append(prop + ': ' + value + ';') + elif prop.split('-')[0].lower() in ['background', 'border', 'margin', + 'padding']: + for keyword in value.split(): + if keyword not in self.allowed_css_keywords and \ + not re.match(r"^(#[0-9a-fA-F]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|\d{0,2}\.?\d{0,2}(cm|em|ex|in|mm|pc|pt|px|%|,|\))?)$", keyword): # noqa + break + else: + clean.append(prop + ': ' + value + ';') + elif prop.lower() in self.allowed_svg_properties: + clean.append(prop + ': ' + value + ';') + + return ' '.join(clean) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/whitespace.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/whitespace.py new file mode 100644 index 000000000..0d12584b4 --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/filters/whitespace.py @@ -0,0 +1,38 @@ +from __future__ import absolute_import, division, unicode_literals + +import re + +from . import base +from ..constants import rcdataElements, spaceCharacters +spaceCharacters = "".join(spaceCharacters) + +SPACES_REGEX = re.compile("[%s]+" % spaceCharacters) + + +class Filter(base.Filter): + """Collapses whitespace except in pre, textarea, and script elements""" + spacePreserveElements = frozenset(["pre", "textarea"] + list(rcdataElements)) + + def __iter__(self): + preserve = 0 + for token in base.Filter.__iter__(self): + type = token["type"] + if type == "StartTag" \ + and (preserve or token["name"] in self.spacePreserveElements): + preserve += 1 + + elif type == "EndTag" and preserve: + preserve -= 1 + + elif not preserve and type == "SpaceCharacters" and token["data"]: + # Test on token["data"] above to not introduce spaces where there were not + token["data"] = " " + + elif not preserve and type == "Characters": + token["data"] = collapse_spaces(token["data"]) + + yield token + + +def collapse_spaces(text): + return SPACES_REGEX.sub(' ', text) diff --git a/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/html5parser.py b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/html5parser.py new file mode 100644 index 000000000..d06784f3d --- /dev/null +++ b/queries/venv/lib/python3.9/site-packages/pip/_vendor/html5lib/html5parser.py @@ -0,0 +1,2795 @@ +from __future__ import absolute_import, division, unicode_literals +from pip._vendor.six import with_metaclass, viewkeys + +import types + +from . import _inputstream +from . import _tokenizer + +from . import treebuilders +from .treebuilders.base import Marker + +from . import _utils +from .constants import ( + spaceCharacters, asciiUpper2Lower, + specialElements, headingElements, cdataElements, rcdataElements, + tokenTypes, tagTokenTypes, + namespaces, + htmlIntegrationPointElements, mathmlTextIntegrationPointElements, + adjustForeignAttributes as adjustForeignAttributesMap, + adjustMathMLAttributes, adjustSVGAttributes, + E, + _ReparseException +) + + +def parse(doc, treebuilder="etree", namespaceHTMLElements=True, **kwargs): + """Parse an HTML document as a string or file-like object into a tree + + :arg doc: the document to parse as a string or file-like object + + :arg treebuilder: the treebuilder to use when parsing + + :arg namespaceHTMLElements: whether or not to namespace HTML elements + + :returns: parsed tree + + Example: + + >>> from html5lib.html5parser import parse + >>> parse('